summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorcvs2hg <devnull@localhost>2001-12-04 18:20:58 +0000
committercvs2hg <devnull@localhost>2001-12-04 18:20:58 +0000
commit148a5f12b457b65caa1e4c6e62659081a02b35be (patch)
tree694e3a13d30279ba49636faa33a9b6ea74ff9eba /security
parentf02c27a275f39d4ec403a6a2435f8fb62c98827a (diff)
downloadnss-hg-148a5f12b457b65caa1e4c6e62659081a02b35be.tar.gz
fixup commit for tag 'DBM16_RTM_20011206'DBM16_RTM_20011206
Diffstat (limited to 'security')
-rw-r--r--security/nss/Makefile174
-rw-r--r--security/nss/cmd/.cvsignore1
-rw-r--r--security/nss/cmd/Makefile182
-rw-r--r--security/nss/cmd/SSLsample/Makefile44
-rw-r--r--security/nss/cmd/SSLsample/Makefile.NSS58
-rw-r--r--security/nss/cmd/SSLsample/NSPRerrs.h133
-rw-r--r--security/nss/cmd/SSLsample/README43
-rw-r--r--security/nss/cmd/SSLsample/SECerrs.h441
-rw-r--r--security/nss/cmd/SSLsample/SSLerrs.h366
-rw-r--r--security/nss/cmd/SSLsample/client.c451
-rw-r--r--security/nss/cmd/SSLsample/client.mn50
-rwxr-xr-xsecurity/nss/cmd/SSLsample/gencerts79
-rw-r--r--security/nss/cmd/SSLsample/make.client78
-rw-r--r--security/nss/cmd/SSLsample/make.server77
-rwxr-xr-xsecurity/nss/cmd/SSLsample/nmakefile95.nss60
-rwxr-xr-xsecurity/nss/cmd/SSLsample/nmakefilent.nss59
-rw-r--r--security/nss/cmd/SSLsample/server.c820
-rw-r--r--security/nss/cmd/SSLsample/server.mn48
-rw-r--r--security/nss/cmd/SSLsample/sslerror.h110
-rw-r--r--security/nss/cmd/SSLsample/sslsample.c590
-rw-r--r--security/nss/cmd/SSLsample/sslsample.h178
-rw-r--r--security/nss/cmd/addbuiltin/Makefile76
-rw-r--r--security/nss/cmd/addbuiltin/addbuiltin.c338
-rw-r--r--security/nss/cmd/addbuiltin/manifest.mn49
-rw-r--r--security/nss/cmd/atob/Makefile76
-rw-r--r--security/nss/cmd/atob/atob.c177
-rw-r--r--security/nss/cmd/atob/makefile.win155
-rw-r--r--security/nss/cmd/atob/manifest.mn50
-rw-r--r--security/nss/cmd/bltest/Makefile82
-rw-r--r--security/nss/cmd/bltest/blapitest.c2375
-rw-r--r--security/nss/cmd/bltest/manifest.mn54
-rw-r--r--security/nss/cmd/bltest/tests/README26
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/aes_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/aes_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/aes_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/aes_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/aes_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/des3_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/des3_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/des3_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/des3_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/des3_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/des_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/des_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/des_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/des_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/des_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/dsa/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/dsa/key06
-rw-r--r--security/nss/cmd/bltest/tests/dsa/keyseed01
-rw-r--r--security/nss/cmd/bltest/tests/dsa/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/dsa/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/dsa/pqg04
-rw-r--r--security/nss/cmd/bltest/tests/dsa/sigseed01
-rw-r--r--security/nss/cmd/bltest/tests/md2/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/md2/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/md2/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/md5/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/md5/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/md5/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc2_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc2_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc2_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc4/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc4/ciphertext11
-rw-r--r--security/nss/cmd/bltest/tests/rc4/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc4/key11
-rw-r--r--security/nss/cmd/bltest/tests/rc4/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc4/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc4/plaintext11
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/iv01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/params02
-rw-r--r--security/nss/cmd/bltest/tests/rc5_cbc/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/key01
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/params02
-rw-r--r--security/nss/cmd/bltest/tests/rc5_ecb/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/rsa/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/rsa/key04
-rw-r--r--security/nss/cmd/bltest/tests/rsa/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/rsa/plaintext01
-rw-r--r--security/nss/cmd/bltest/tests/sha1/ciphertext01
-rw-r--r--security/nss/cmd/bltest/tests/sha1/numtests1
-rw-r--r--security/nss/cmd/bltest/tests/sha1/plaintext01
-rw-r--r--security/nss/cmd/btoa/Makefile75
-rw-r--r--security/nss/cmd/btoa/btoa.c196
-rw-r--r--security/nss/cmd/btoa/makefile.win130
-rw-r--r--security/nss/cmd/btoa/manifest.mn49
-rw-r--r--security/nss/cmd/certcgi/HOWTO.txt168
-rw-r--r--security/nss/cmd/certcgi/Makefile76
-rw-r--r--security/nss/cmd/certcgi/ca.html48
-rw-r--r--security/nss/cmd/certcgi/ca_form.html385
-rw-r--r--security/nss/cmd/certcgi/certcgi.c2431
-rw-r--r--security/nss/cmd/certcgi/index.html956
-rw-r--r--security/nss/cmd/certcgi/main.html105
-rw-r--r--security/nss/cmd/certcgi/manifest.mn50
-rw-r--r--security/nss/cmd/certcgi/nscp_ext_form.html113
-rw-r--r--security/nss/cmd/certcgi/stnd_ext_form.html247
-rw-r--r--security/nss/cmd/certutil/Makefile76
-rw-r--r--security/nss/cmd/certutil/certutil.c2762
-rw-r--r--security/nss/cmd/certutil/keystuff.c377
-rw-r--r--security/nss/cmd/certutil/makefile.win155
-rw-r--r--security/nss/cmd/certutil/manifest.mn52
-rw-r--r--security/nss/cmd/checkcert/Makefile76
-rw-r--r--security/nss/cmd/checkcert/checkcert.c640
-rw-r--r--security/nss/cmd/checkcert/makefile.win130
-rw-r--r--security/nss/cmd/checkcert/manifest.mn47
-rw-r--r--security/nss/cmd/cmdlib/Makefile75
-rw-r--r--security/nss/cmd/cmdlib/cmdline.c474
-rw-r--r--security/nss/cmd/cmdlib/cmdutil.h115
-rw-r--r--security/nss/cmd/cmdlib/config.mk43
-rw-r--r--security/nss/cmd/cmdlib/manifest.mn49
-rw-r--r--security/nss/cmd/crlutil/Makefile76
-rw-r--r--security/nss/cmd/crlutil/crlutil.c359
-rw-r--r--security/nss/cmd/crlutil/makefile.win130
-rw-r--r--security/nss/cmd/crlutil/manifest.mn53
-rw-r--r--security/nss/cmd/crmf-cgi/Makefile81
-rw-r--r--security/nss/cmd/crmf-cgi/config.mk44
-rw-r--r--security/nss/cmd/crmf-cgi/crmfcgi.c1123
-rw-r--r--security/nss/cmd/crmf-cgi/crmfcgi.html165
-rw-r--r--security/nss/cmd/crmf-cgi/manifest.mn61
-rw-r--r--security/nss/cmd/crmftest/Makefile99
-rw-r--r--security/nss/cmd/crmftest/config.mk43
-rw-r--r--security/nss/cmd/crmftest/manifest.mn53
-rw-r--r--security/nss/cmd/crmftest/testcrmf.c1527
-rw-r--r--security/nss/cmd/dbck/Makefile75
-rw-r--r--security/nss/cmd/dbck/dbck.c1869
-rw-r--r--security/nss/cmd/dbck/manifest.mn49
-rw-r--r--security/nss/cmd/derdump/Makefile76
-rw-r--r--security/nss/cmd/derdump/derdump.c135
-rw-r--r--security/nss/cmd/derdump/makefile.win130
-rw-r--r--security/nss/cmd/derdump/manifest.mn49
-rw-r--r--security/nss/cmd/digest/Makefile76
-rw-r--r--security/nss/cmd/digest/digest.c250
-rw-r--r--security/nss/cmd/digest/makefile.win130
-rw-r--r--security/nss/cmd/digest/manifest.mn50
-rw-r--r--security/nss/cmd/ilock/Makefile75
-rw-r--r--security/nss/cmd/ilock/ilock.c199
-rw-r--r--security/nss/cmd/ilock/manifest.mn44
-rw-r--r--security/nss/cmd/include/secnew.h163
-rw-r--r--security/nss/cmd/keyutil/Makefile73
-rw-r--r--security/nss/cmd/keyutil/keyutil.c340
-rw-r--r--security/nss/cmd/keyutil/manifest.mn50
-rw-r--r--security/nss/cmd/lib/Makefile75
-rw-r--r--security/nss/cmd/lib/NSPRerrs.h133
-rw-r--r--security/nss/cmd/lib/SECerrs.h442
-rw-r--r--security/nss/cmd/lib/SSLerrs.h366
-rw-r--r--security/nss/cmd/lib/berparse.c404
-rw-r--r--security/nss/cmd/lib/config.mk43
-rw-r--r--security/nss/cmd/lib/derprint.c619
-rw-r--r--security/nss/cmd/lib/dongle.c249
-rw-r--r--security/nss/cmd/lib/fe_util.c40
-rw-r--r--security/nss/cmd/lib/ffs.c48
-rw-r--r--security/nss/cmd/lib/filestub.c1118
-rw-r--r--security/nss/cmd/lib/makefile.win66
-rw-r--r--security/nss/cmd/lib/manifest.mn68
-rw-r--r--security/nss/cmd/lib/secarb.c372
-rw-r--r--security/nss/cmd/lib/seccnames.c202
-rw-r--r--security/nss/cmd/lib/secerror.c107
-rw-r--r--security/nss/cmd/lib/secpwd.c187
-rw-r--r--security/nss/cmd/lib/secutil.c2519
-rw-r--r--security/nss/cmd/lib/secutil.h327
-rw-r--r--security/nss/cmd/lib/sslstubs.c74
-rw-r--r--security/nss/cmd/lib/strerror.c127
-rw-r--r--security/nss/cmd/lib/stubs.c50
-rw-r--r--security/nss/cmd/makefile.inc84
-rw-r--r--security/nss/cmd/makefile.win48
-rw-r--r--security/nss/cmd/makepqg/Makefile77
-rw-r--r--security/nss/cmd/makepqg/makefile.win156
-rw-r--r--security/nss/cmd/makepqg/makepqg.c277
-rw-r--r--security/nss/cmd/makepqg/manifest.mn47
-rw-r--r--security/nss/cmd/makepqg/testit.ksh41
-rw-r--r--security/nss/cmd/manifest.mn87
-rw-r--r--security/nss/cmd/modutil/Makefile80
-rw-r--r--security/nss/cmd/modutil/README7
-rw-r--r--security/nss/cmd/modutil/README.TXT7
-rw-r--r--security/nss/cmd/modutil/config.mk77
-rw-r--r--security/nss/cmd/modutil/error.h180
-rw-r--r--security/nss/cmd/modutil/install-ds.c1541
-rw-r--r--security/nss/cmd/modutil/install-ds.h290
-rw-r--r--security/nss/cmd/modutil/install.c979
-rw-r--r--security/nss/cmd/modutil/install.h130
-rw-r--r--security/nss/cmd/modutil/installparse.c429
-rw-r--r--security/nss/cmd/modutil/installparse.h3
-rw-r--r--security/nss/cmd/modutil/installparse.l166
-rw-r--r--security/nss/cmd/modutil/installparse.y133
-rw-r--r--security/nss/cmd/modutil/instsec.c178
-rw-r--r--security/nss/cmd/modutil/lex.Pk11Install_yy.c1691
-rw-r--r--security/nss/cmd/modutil/manifest.mn60
-rw-r--r--security/nss/cmd/modutil/modutil.c958
-rw-r--r--security/nss/cmd/modutil/modutil.h64
-rw-r--r--security/nss/cmd/modutil/pk11.c850
-rw-r--r--security/nss/cmd/modutil/pk11jar.html309
-rw-r--r--security/nss/cmd/modutil/rules.mk54
-rw-r--r--security/nss/cmd/modutil/specification.html351
-rw-r--r--security/nss/cmd/ocspclnt/Makefile73
-rw-r--r--security/nss/cmd/ocspclnt/manifest.mn54
-rw-r--r--security/nss/cmd/ocspclnt/ocspclnt.c1219
-rw-r--r--security/nss/cmd/oidcalc/Makefile76
-rw-r--r--security/nss/cmd/oidcalc/manifest.mn47
-rw-r--r--security/nss/cmd/oidcalc/oidcalc.c117
-rw-r--r--security/nss/cmd/p7content/Makefile75
-rw-r--r--security/nss/cmd/p7content/manifest.mn46
-rw-r--r--security/nss/cmd/p7content/p7content.c267
-rw-r--r--security/nss/cmd/p7env/Makefile75
-rw-r--r--security/nss/cmd/p7env/manifest.mn46
-rw-r--r--security/nss/cmd/p7env/p7env.c273
-rw-r--r--security/nss/cmd/p7sign/Makefile75
-rw-r--r--security/nss/cmd/p7sign/manifest.mn46
-rw-r--r--security/nss/cmd/p7sign/p7sign.c267
-rw-r--r--security/nss/cmd/p7verify/Makefile75
-rw-r--r--security/nss/cmd/p7verify/manifest.mn46
-rw-r--r--security/nss/cmd/p7verify/p7verify.c301
-rw-r--r--security/nss/cmd/pk12util/Makefile76
-rw-r--r--security/nss/cmd/pk12util/manifest.mn51
-rw-r--r--security/nss/cmd/pk12util/pk12util.c837
-rw-r--r--security/nss/cmd/pk12util/pk12util.h69
-rw-r--r--security/nss/cmd/pkiutil/Makefile76
-rw-r--r--security/nss/cmd/pkiutil/manifest.mn47
-rw-r--r--security/nss/cmd/pkiutil/pkiutil.c371
-rw-r--r--security/nss/cmd/pkiutil/platlibs.mk53
-rw-r--r--security/nss/cmd/platlibs.mk187
-rw-r--r--security/nss/cmd/platrules.mk47
-rw-r--r--security/nss/cmd/pp/Makefile75
-rw-r--r--security/nss/cmd/pp/manifest.mn47
-rw-r--r--security/nss/cmd/pp/pp.c176
-rw-r--r--security/nss/cmd/rsaperf/Makefile82
-rw-r--r--security/nss/cmd/rsaperf/defkey.c201
-rw-r--r--security/nss/cmd/rsaperf/manifest.mn52
-rw-r--r--security/nss/cmd/rsaperf/rsaperf.c398
-rw-r--r--security/nss/cmd/samples/cert15
-rw-r--r--security/nss/cmd/samples/cert0bin505 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/cert1bin515 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/cert2bin528 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/pkcs7.berbin1771 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/pkcs7bday.berbin1881 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/pkcs7cnet.berbin3330 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/pkcs7news.berbin255328 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/x509v3.derbin463 -> 0 bytes
-rw-r--r--security/nss/cmd/samples/x509v3.txt10
-rw-r--r--security/nss/cmd/sdrtest/Makefile73
-rw-r--r--security/nss/cmd/sdrtest/manifest.mn54
-rw-r--r--security/nss/cmd/sdrtest/sdrtest.c302
-rw-r--r--security/nss/cmd/selfserv/Makefile74
-rw-r--r--security/nss/cmd/selfserv/makefile.win136
-rw-r--r--security/nss/cmd/selfserv/manifest.mn48
-rw-r--r--security/nss/cmd/selfserv/selfserv.c1658
-rw-r--r--security/nss/cmd/signtool/Makefile87
-rw-r--r--security/nss/cmd/signtool/README119
-rw-r--r--security/nss/cmd/signtool/README.TXT119
-rw-r--r--security/nss/cmd/signtool/certgen.c728
-rw-r--r--security/nss/cmd/signtool/javascript.c1787
-rw-r--r--security/nss/cmd/signtool/list.c283
-rw-r--r--security/nss/cmd/signtool/manifest.mn55
-rw-r--r--security/nss/cmd/signtool/sign.c855
-rw-r--r--security/nss/cmd/signtool/signtool.c1034
-rw-r--r--security/nss/cmd/signtool/signtool.h139
-rw-r--r--security/nss/cmd/signtool/util.c974
-rw-r--r--security/nss/cmd/signtool/verify.c382
-rw-r--r--security/nss/cmd/signtool/zip.c678
-rw-r--r--security/nss/cmd/signtool/zip.h100
-rw-r--r--security/nss/cmd/signver/Makefile71
-rwxr-xr-xsecurity/nss/cmd/signver/examples/1/form.pl50
-rw-r--r--security/nss/cmd/signver/examples/1/signedForm.html84
-rw-r--r--security/nss/cmd/signver/examples/1/signedForm.nt.html84
-rwxr-xr-xsecurity/nss/cmd/signver/examples/1/signedForm.pl88
-rw-r--r--security/nss/cmd/signver/manifest.mn54
-rw-r--r--security/nss/cmd/signver/pk7print.c918
-rw-r--r--security/nss/cmd/signver/signver.c450
-rw-r--r--security/nss/cmd/smimetools/Makefile73
-rw-r--r--security/nss/cmd/smimetools/cmsutil.c1357
-rw-r--r--security/nss/cmd/smimetools/manifest.mn45
-rw-r--r--security/nss/cmd/smimetools/rules.mk37
-rwxr-xr-xsecurity/nss/cmd/smimetools/smime576
-rw-r--r--security/nss/cmd/sslstrength/Makefile72
-rw-r--r--security/nss/cmd/sslstrength/manifest.mn50
-rw-r--r--security/nss/cmd/sslstrength/sslstr.cgi296
-rw-r--r--security/nss/cmd/sslstrength/sslstrength.c640
-rwxr-xr-xsecurity/nss/cmd/sslstrength/sslwrap181
-rw-r--r--security/nss/cmd/ssltap/Makefile79
-rw-r--r--security/nss/cmd/ssltap/config.mk52
-rw-r--r--security/nss/cmd/ssltap/manifest.mn53
-rw-r--r--security/nss/cmd/ssltap/ssltap-manual.html199
-rw-r--r--security/nss/cmd/ssltap/ssltap.c1339
-rw-r--r--security/nss/cmd/strsclnt/Makefile75
-rw-r--r--security/nss/cmd/strsclnt/manifest.mn47
-rw-r--r--security/nss/cmd/strsclnt/strsclnt.c1133
-rw-r--r--security/nss/cmd/swfort/Makefile108
-rw-r--r--security/nss/cmd/swfort/instinit/Makefile75
-rw-r--r--security/nss/cmd/swfort/instinit/instinit.c423
-rw-r--r--security/nss/cmd/swfort/instinit/manifest.mn46
-rw-r--r--security/nss/cmd/swfort/manifest.mn38
-rw-r--r--security/nss/cmd/swfort/newuser/Makefile83
-rw-r--r--security/nss/cmd/swfort/newuser/manifest.mn45
-rw-r--r--security/nss/cmd/swfort/newuser/mktst.c254
-rw-r--r--security/nss/cmd/swfort/newuser/newuser.c1132
-rw-r--r--security/nss/cmd/tstclnt/Makefile82
-rw-r--r--security/nss/cmd/tstclnt/makefile.win130
-rw-r--r--security/nss/cmd/tstclnt/manifest.mn50
-rw-r--r--security/nss/cmd/tstclnt/tstclnt.c730
-rw-r--r--security/nss/cmd/ttformat/Makefile74
-rw-r--r--security/nss/cmd/ttformat/manifest.mn48
-rwxr-xr-xsecurity/nss/cmd/ttformat/nClient49
-rwxr-xr-xsecurity/nss/cmd/ttformat/nServ49
-rwxr-xr-xsecurity/nss/cmd/ttformat/redux.pl77
-rw-r--r--security/nss/cmd/ttformat/reduxhwm.pl33
-rw-r--r--security/nss/cmd/ttformat/ttformat.c135
-rw-r--r--security/nss/cmd/zlib/Makefile75
-rw-r--r--security/nss/cmd/zlib/README99
-rw-r--r--security/nss/cmd/zlib/adler32.c48
-rw-r--r--security/nss/cmd/zlib/compress.c57
-rw-r--r--security/nss/cmd/zlib/config.mk67
-rw-r--r--security/nss/cmd/zlib/crc32.c162
-rw-r--r--security/nss/cmd/zlib/deflate.c1209
-rw-r--r--security/nss/cmd/zlib/deflate.h275
-rw-r--r--security/nss/cmd/zlib/example.c503
-rw-r--r--security/nss/cmd/zlib/gzio.c537
-rw-r--r--security/nss/cmd/zlib/infblock.c406
-rw-r--r--security/nss/cmd/zlib/infblock.h37
-rw-r--r--security/nss/cmd/zlib/infcodes.c247
-rw-r--r--security/nss/cmd/zlib/infcodes.h27
-rw-r--r--security/nss/cmd/zlib/inffast.c168
-rw-r--r--security/nss/cmd/zlib/inffast.h17
-rw-r--r--security/nss/cmd/zlib/inflate.c346
-rw-r--r--security/nss/cmd/zlib/inftrees.c479
-rw-r--r--security/nss/cmd/zlib/inftrees.h59
-rw-r--r--security/nss/cmd/zlib/infutil.c87
-rw-r--r--security/nss/cmd/zlib/infutil.h99
-rw-r--r--security/nss/cmd/zlib/makefile.win91
-rw-r--r--security/nss/cmd/zlib/manifest.mn60
-rw-r--r--security/nss/cmd/zlib/minigzip.c246
-rw-r--r--security/nss/cmd/zlib/netscape_mods.doc43
-rw-r--r--security/nss/cmd/zlib/stubs.c17
-rw-r--r--security/nss/cmd/zlib/trees.c1143
-rw-r--r--security/nss/cmd/zlib/uncompr.c58
-rw-r--r--security/nss/cmd/zlib/zconf.h190
-rw-r--r--security/nss/cmd/zlib/zip16.def24
-rw-r--r--security/nss/cmd/zlib/zip_nodl.c50
-rw-r--r--security/nss/cmd/zlib/zlib.h892
-rw-r--r--security/nss/cmd/zlib/zutil.c215
-rw-r--r--security/nss/cmd/zlib/zutil.h210
-rw-r--r--security/nss/lib/Makefile89
-rw-r--r--security/nss/lib/asn1/Makefile40
-rw-r--r--security/nss/lib/asn1/asn1.c1727
-rw-r--r--security/nss/lib/asn1/asn1.h879
-rw-r--r--security/nss/lib/asn1/asn1m.h80
-rw-r--r--security/nss/lib/asn1/asn1t.h166
-rw-r--r--security/nss/lib/asn1/config.mk48
-rw-r--r--security/nss/lib/asn1/manifest.mn55
-rw-r--r--security/nss/lib/asn1/nssasn1t.h67
-rw-r--r--security/nss/lib/base/Makefile40
-rw-r--r--security/nss/lib/base/arena.c1139
-rw-r--r--security/nss/lib/base/base.h1415
-rw-r--r--security/nss/lib/base/baset.h158
-rw-r--r--security/nss/lib/base/config.mk48
-rw-r--r--security/nss/lib/base/error.c298
-rw-r--r--security/nss/lib/base/errorval.c85
-rw-r--r--security/nss/lib/base/hash.c401
-rw-r--r--security/nss/lib/base/hashops.c117
-rw-r--r--security/nss/lib/base/item.c241
-rw-r--r--security/nss/lib/base/libc.c197
-rw-r--r--security/nss/lib/base/list.c374
-rw-r--r--security/nss/lib/base/manifest.mn65
-rw-r--r--security/nss/lib/base/nssbase.h167
-rw-r--r--security/nss/lib/base/nssbaset.h153
-rw-r--r--security/nss/lib/base/tracker.c544
-rw-r--r--security/nss/lib/base/utf8.c759
-rw-r--r--security/nss/lib/base/whatnspr.c170
-rw-r--r--security/nss/lib/certdb/.cvsignore1
-rw-r--r--security/nss/lib/certdb/Makefile76
-rw-r--r--security/nss/lib/certdb/alg1485.c969
-rw-r--r--security/nss/lib/certdb/cert.h1364
-rw-r--r--security/nss/lib/certdb/certdb.c2367
-rw-r--r--security/nss/lib/certdb/certdb.h159
-rw-r--r--security/nss/lib/certdb/certt.h832
-rw-r--r--security/nss/lib/certdb/certv3.c406
-rw-r--r--security/nss/lib/certdb/certxutl.c482
-rw-r--r--security/nss/lib/certdb/certxutl.h79
-rw-r--r--security/nss/lib/certdb/config.mk43
-rw-r--r--security/nss/lib/certdb/crl.c616
-rw-r--r--security/nss/lib/certdb/genname.c1611
-rw-r--r--security/nss/lib/certdb/genname.h125
-rw-r--r--security/nss/lib/certdb/manifest.mn67
-rw-r--r--security/nss/lib/certdb/polcyxtn.c541
-rw-r--r--security/nss/lib/certdb/secname.c641
-rw-r--r--security/nss/lib/certdb/stanpcertdb.c635
-rw-r--r--security/nss/lib/certdb/xauthkid.c147
-rw-r--r--security/nss/lib/certdb/xbsconst.c168
-rw-r--r--security/nss/lib/certdb/xconst.c253
-rw-r--r--security/nss/lib/certdb/xconst.h85
-rw-r--r--security/nss/lib/certhigh/Makefile76
-rw-r--r--security/nss/lib/certhigh/certhigh.c1156
-rw-r--r--security/nss/lib/certhigh/certhtml.c605
-rw-r--r--security/nss/lib/certhigh/certreq.c230
-rw-r--r--security/nss/lib/certhigh/certvfy.c1635
-rw-r--r--security/nss/lib/certhigh/config.mk43
-rw-r--r--security/nss/lib/certhigh/crlv2.c126
-rw-r--r--security/nss/lib/certhigh/manifest.mn59
-rw-r--r--security/nss/lib/certhigh/ocsp.c4075
-rw-r--r--security/nss/lib/certhigh/ocsp.h455
-rw-r--r--security/nss/lib/certhigh/ocspt.h59
-rw-r--r--security/nss/lib/certhigh/ocspti.h404
-rw-r--r--security/nss/lib/certhigh/xcrldist.c222
-rw-r--r--security/nss/lib/ckfw/.cvsignore4
-rw-r--r--security/nss/lib/ckfw/Makefile49
-rw-r--r--security/nss/lib/ckfw/builtins/.cvsignore1
-rw-r--r--security/nss/lib/ckfw/builtins/Makefile97
-rw-r--r--security/nss/lib/ckfw/builtins/anchor.c50
-rw-r--r--security/nss/lib/ckfw/builtins/builtins.h103
-rw-r--r--security/nss/lib/ckfw/builtins/certdata.c11517
-rw-r--r--security/nss/lib/ckfw/builtins/certdata.perl292
-rw-r--r--security/nss/lib/ckfw/builtins/certdata.txt11707
-rw-r--r--security/nss/lib/ckfw/builtins/config.mk51
-rw-r--r--security/nss/lib/ckfw/builtins/constants.c82
-rw-r--r--security/nss/lib/ckfw/builtins/find.c237
-rw-r--r--security/nss/lib/ckfw/builtins/instance.c130
-rw-r--r--security/nss/lib/ckfw/builtins/manifest.mn55
-rw-r--r--security/nss/lib/ckfw/builtins/object.c254
-rw-r--r--security/nss/lib/ckfw/builtins/session.c108
-rw-r--r--security/nss/lib/ckfw/builtins/slot.c124
-rw-r--r--security/nss/lib/ckfw/builtins/token.c184
-rw-r--r--security/nss/lib/ckfw/ck.api571
-rw-r--r--security/nss/lib/ckfw/ck.h121
-rw-r--r--security/nss/lib/ckfw/ckapi.perl510
-rw-r--r--security/nss/lib/ckfw/ckfw.h1858
-rw-r--r--security/nss/lib/ckfw/ckfwm.h161
-rw-r--r--security/nss/lib/ckfw/ckfwtm.h56
-rw-r--r--security/nss/lib/ckfw/ckmd.h65
-rw-r--r--security/nss/lib/ckfw/ckt.h37
-rw-r--r--security/nss/lib/ckfw/config.mk54
-rw-r--r--security/nss/lib/ckfw/dbm/Makefile38
-rw-r--r--security/nss/lib/ckfw/dbm/anchor.c50
-rw-r--r--security/nss/lib/ckfw/dbm/ckdbm.h281
-rw-r--r--security/nss/lib/ckfw/dbm/config.mk37
-rw-r--r--security/nss/lib/ckfw/dbm/db.c1065
-rw-r--r--security/nss/lib/ckfw/dbm/find.c166
-rw-r--r--security/nss/lib/ckfw/dbm/instance.c196
-rw-r--r--security/nss/lib/ckfw/dbm/manifest.mn54
-rw-r--r--security/nss/lib/ckfw/dbm/object.c204
-rw-r--r--security/nss/lib/ckfw/dbm/session.c298
-rw-r--r--security/nss/lib/ckfw/dbm/slot.c214
-rw-r--r--security/nss/lib/ckfw/dbm/token.c315
-rw-r--r--security/nss/lib/ckfw/find.c408
-rw-r--r--security/nss/lib/ckfw/hash.c334
-rw-r--r--security/nss/lib/ckfw/instance.c1310
-rw-r--r--security/nss/lib/ckfw/manifest.mn79
-rw-r--r--security/nss/lib/ckfw/mechanism.c165
-rw-r--r--security/nss/lib/ckfw/mutex.c345
-rw-r--r--security/nss/lib/ckfw/nsprstub.c442
-rw-r--r--security/nss/lib/ckfw/nssck.api1889
-rw-r--r--security/nss/lib/ckfw/nssckepv.h34
-rw-r--r--security/nss/lib/ckfw/nssckft.h35
-rw-r--r--security/nss/lib/ckfw/nssckfw.h499
-rw-r--r--security/nss/lib/ckfw/nssckfwc.h1046
-rw-r--r--security/nss/lib/ckfw/nssckfwt.h111
-rw-r--r--security/nss/lib/ckfw/nssckg.h34
-rw-r--r--security/nss/lib/ckfw/nssckmdt.h2014
-rw-r--r--security/nss/lib/ckfw/nssckt.h42
-rw-r--r--security/nss/lib/ckfw/object.c1039
-rw-r--r--security/nss/lib/ckfw/session.c1962
-rw-r--r--security/nss/lib/ckfw/sessobj.c1091
-rw-r--r--security/nss/lib/ckfw/slot.c753
-rw-r--r--security/nss/lib/ckfw/token.c1855
-rw-r--r--security/nss/lib/ckfw/wrap.c3418
-rw-r--r--security/nss/lib/crmf/Makefile77
-rw-r--r--security/nss/lib/crmf/asn1cmn.c246
-rw-r--r--security/nss/lib/crmf/challcli.c285
-rw-r--r--security/nss/lib/crmf/cmmf.h1119
-rw-r--r--security/nss/lib/crmf/cmmfasn1.c158
-rw-r--r--security/nss/lib/crmf/cmmfchal.c319
-rw-r--r--security/nss/lib/crmf/cmmfi.h127
-rw-r--r--security/nss/lib/crmf/cmmfit.h145
-rw-r--r--security/nss/lib/crmf/cmmfrec.c337
-rw-r--r--security/nss/lib/crmf/cmmfresp.c312
-rw-r--r--security/nss/lib/crmf/cmmft.h102
-rw-r--r--security/nss/lib/crmf/config.mk44
-rw-r--r--security/nss/lib/crmf/crmf.h1779
-rw-r--r--security/nss/lib/crmf/crmfcont.c1166
-rw-r--r--security/nss/lib/crmf/crmfdec.c380
-rw-r--r--security/nss/lib/crmf/crmfenc.c84
-rw-r--r--security/nss/lib/crmf/crmffut.h390
-rw-r--r--security/nss/lib/crmf/crmfget.c478
-rw-r--r--security/nss/lib/crmf/crmfi.h186
-rw-r--r--security/nss/lib/crmf/crmfit.h216
-rw-r--r--security/nss/lib/crmf/crmfpop.c604
-rw-r--r--security/nss/lib/crmf/crmfreq.c697
-rw-r--r--security/nss/lib/crmf/crmft.h217
-rw-r--r--security/nss/lib/crmf/crmftmpl.c299
-rw-r--r--security/nss/lib/crmf/encutil.c63
-rw-r--r--security/nss/lib/crmf/manifest.mn73
-rw-r--r--security/nss/lib/crmf/respcli.c167
-rw-r--r--security/nss/lib/crmf/respcmn.c415
-rw-r--r--security/nss/lib/crmf/servget.c1008
-rw-r--r--security/nss/lib/cryptohi/Makefile77
-rw-r--r--security/nss/lib/cryptohi/config.mk43
-rw-r--r--security/nss/lib/cryptohi/cryptohi.h249
-rw-r--r--security/nss/lib/cryptohi/cryptoht.h45
-rw-r--r--security/nss/lib/cryptohi/dsautil.c228
-rw-r--r--security/nss/lib/cryptohi/hasht.h93
-rw-r--r--security/nss/lib/cryptohi/key.h43
-rw-r--r--security/nss/lib/cryptohi/keyhi.h256
-rw-r--r--security/nss/lib/cryptohi/keyt.h43
-rw-r--r--security/nss/lib/cryptohi/keythi.h214
-rw-r--r--security/nss/lib/cryptohi/manifest.mn64
-rw-r--r--security/nss/lib/cryptohi/sechash.c281
-rw-r--r--security/nss/lib/cryptohi/sechash.h79
-rw-r--r--security/nss/lib/cryptohi/seckey.c1818
-rw-r--r--security/nss/lib/cryptohi/secsign.c500
-rw-r--r--security/nss/lib/cryptohi/secvfy.c494
-rw-r--r--security/nss/lib/dev/Makefile40
-rw-r--r--security/nss/lib/dev/ckhelper.c251
-rw-r--r--security/nss/lib/dev/ckhelper.h161
-rw-r--r--security/nss/lib/dev/config.mk48
-rw-r--r--security/nss/lib/dev/dev.h435
-rw-r--r--security/nss/lib/dev/devm.h66
-rw-r--r--security/nss/lib/dev/devmod.c396
-rw-r--r--security/nss/lib/dev/devobject.c950
-rw-r--r--security/nss/lib/dev/devslot.c537
-rw-r--r--security/nss/lib/dev/devt.h190
-rw-r--r--security/nss/lib/dev/devtoken.c384
-rw-r--r--security/nss/lib/dev/devutil.c52
-rw-r--r--security/nss/lib/dev/manifest.mn65
-rw-r--r--security/nss/lib/dev/nssdevt.h69
-rw-r--r--security/nss/lib/fortcrypt/Makefile168
-rw-r--r--security/nss/lib/fortcrypt/config.mk43
-rw-r--r--security/nss/lib/fortcrypt/cryptint.h703
-rw-r--r--security/nss/lib/fortcrypt/fmutex.c113
-rw-r--r--security/nss/lib/fortcrypt/fmutex.h57
-rw-r--r--security/nss/lib/fortcrypt/forsock.c816
-rw-r--r--security/nss/lib/fortcrypt/fortinst.htm161
-rw-r--r--security/nss/lib/fortcrypt/fortpk11.c4553
-rw-r--r--security/nss/lib/fortcrypt/fortsock.h105
-rw-r--r--security/nss/lib/fortcrypt/fpkcs11.h170
-rw-r--r--security/nss/lib/fortcrypt/fpkcs11f.h953
-rw-r--r--security/nss/lib/fortcrypt/fpkcs11i.h269
-rw-r--r--security/nss/lib/fortcrypt/fpkcs11t.h1098
-rw-r--r--security/nss/lib/fortcrypt/fpkmem.h48
-rw-r--r--security/nss/lib/fortcrypt/fpkstrs.h122
-rw-r--r--security/nss/lib/fortcrypt/genci.h145
-rw-r--r--security/nss/lib/fortcrypt/globinst.htm139
-rw-r--r--security/nss/lib/fortcrypt/handinst.htm180
-rw-r--r--security/nss/lib/fortcrypt/homeinst.htm211
-rw-r--r--security/nss/lib/fortcrypt/inst.js268
-rw-r--r--security/nss/lib/fortcrypt/inst_PPC.js134
-rw-r--r--security/nss/lib/fortcrypt/install.js134
-rw-r--r--security/nss/lib/fortcrypt/maci.c901
-rw-r--r--security/nss/lib/fortcrypt/maci.h776
-rw-r--r--security/nss/lib/fortcrypt/macinst.htm148
-rw-r--r--security/nss/lib/fortcrypt/manifest.mn50
-rw-r--r--security/nss/lib/fortcrypt/replace.c101
-rw-r--r--security/nss/lib/fortcrypt/secmodjar.html441
-rw-r--r--security/nss/lib/fortcrypt/swfort/.cvsignore1
-rw-r--r--security/nss/lib/fortcrypt/swfort/Makefile83
-rw-r--r--security/nss/lib/fortcrypt/swfort/config.mk43
-rw-r--r--security/nss/lib/fortcrypt/swfort/manifest.mn52
-rw-r--r--security/nss/lib/fortcrypt/swfort/nsmap.h86
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore15
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/Makefile179
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/config.mk43
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/inst.js189
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn63
-rwxr-xr-xsecurity/nss/lib/fortcrypt/swfort/pkcs11/pk11inst49
-rw-r--r--security/nss/lib/fortcrypt/swfort/pkcs11/stub.c350
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfalg.c506
-rw-r--r--security/nss/lib/fortcrypt/swfort/swflib.c1028
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfort.h70
-rw-r--r--security/nss/lib/fortcrypt/swfort/swforti.h177
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfortt.h56
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfortti.h176
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfparse.c531
-rw-r--r--security/nss/lib/fortcrypt/swfort/swfutl.c750
-rw-r--r--security/nss/lib/freebl/Makefile320
-rw-r--r--security/nss/lib/freebl/alg2268.c493
-rw-r--r--security/nss/lib/freebl/arcfive.c114
-rw-r--r--security/nss/lib/freebl/arcfour.c562
-rw-r--r--security/nss/lib/freebl/blapi.h814
-rw-r--r--security/nss/lib/freebl/blapi_bsf.c2114
-rw-r--r--security/nss/lib/freebl/blapit.h230
-rw-r--r--security/nss/lib/freebl/config.mk101
-rw-r--r--security/nss/lib/freebl/des.c683
-rw-r--r--security/nss/lib/freebl/des.h69
-rw-r--r--security/nss/lib/freebl/desblapi.c275
-rw-r--r--security/nss/lib/freebl/dh.c385
-rw-r--r--security/nss/lib/freebl/dh_bsf.c82
-rw-r--r--security/nss/lib/freebl/dsa.c415
-rwxr-xr-xsecurity/nss/lib/freebl/fblstdlib.c120
-rw-r--r--security/nss/lib/freebl/ldvector.c127
-rw-r--r--security/nss/lib/freebl/loader.c959
-rw-r--r--security/nss/lib/freebl/loader.h273
-rw-r--r--security/nss/lib/freebl/mac_rand.c315
-rw-r--r--security/nss/lib/freebl/manifest.mn128
-rw-r--r--security/nss/lib/freebl/mapfile.Solaris39
-rw-r--r--security/nss/lib/freebl/md2.c288
-rw-r--r--security/nss/lib/freebl/md5.c531
-rw-r--r--security/nss/lib/freebl/mknewpc2.c236
-rw-r--r--security/nss/lib/freebl/mksp.c153
-rw-r--r--security/nss/lib/freebl/mpi/Makefile424
-rw-r--r--security/nss/lib/freebl/mpi/Makefile.os2277
-rw-r--r--security/nss/lib/freebl/mpi/Makefile.win277
-rw-r--r--security/nss/lib/freebl/mpi/README795
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/all-tests112
-rw-r--r--security/nss/lib/freebl/mpi/doc/LICENSE11
-rw-r--r--security/nss/lib/freebl/mpi/doc/LICENSE-MPL32
-rw-r--r--security/nss/lib/freebl/mpi/doc/basecvt.pod63
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/doc/build63
-rw-r--r--security/nss/lib/freebl/mpi/doc/div.txt96
-rw-r--r--security/nss/lib/freebl/mpi/doc/expt.txt127
-rw-r--r--security/nss/lib/freebl/mpi/doc/gcd.pod27
-rw-r--r--security/nss/lib/freebl/mpi/doc/invmod.pod33
-rw-r--r--security/nss/lib/freebl/mpi/doc/isprime.pod62
-rw-r--r--security/nss/lib/freebl/mpi/doc/lap.pod35
-rw-r--r--security/nss/lib/freebl/mpi/doc/mpi-test.pod49
-rw-r--r--security/nss/lib/freebl/mpi/doc/mul.txt109
-rw-r--r--security/nss/lib/freebl/mpi/doc/pi.txt85
-rw-r--r--security/nss/lib/freebl/mpi/doc/prime.txt6542
-rw-r--r--security/nss/lib/freebl/mpi/doc/prng.pod41
-rw-r--r--security/nss/lib/freebl/mpi/doc/redux.txt118
-rw-r--r--security/nss/lib/freebl/mpi/doc/sqrt.txt82
-rw-r--r--security/nss/lib/freebl/mpi/doc/square.txt104
-rw-r--r--security/nss/lib/freebl/mpi/doc/timing.txt245
-rw-r--r--security/nss/lib/freebl/mpi/hpma512.s640
-rw-r--r--security/nss/lib/freebl/mpi/hppa20.s929
-rw-r--r--security/nss/lib/freebl/mpi/hppatch.adb49
-rw-r--r--security/nss/lib/freebl/mpi/logtab.h59
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/make-logtab60
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/make-test-arrays129
-rw-r--r--security/nss/lib/freebl/mpi/mdxptest.c339
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.c326
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.h100
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.il137
-rw-r--r--security/nss/lib/freebl/mpi/montmulf.s1976
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv8.il137
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv8.s1856
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv9.il122
-rw-r--r--security/nss/lib/freebl/mpi/montmulfv9.s2386
-rw-r--r--security/nss/lib/freebl/mpi/mpi-config.h109
-rw-r--r--security/nss/lib/freebl/mpi/mpi-priv.h258
-rw-r--r--security/nss/lib/freebl/mpi/mpi-test.c1973
-rw-r--r--security/nss/lib/freebl/mpi/mpi.c4795
-rw-r--r--security/nss/lib/freebl/mpi/mpi.h332
-rw-r--r--security/nss/lib/freebl/mpi/mpi_hp.c112
-rw-r--r--security/nss/lib/freebl/mpi/mpi_i86pc.s342
-rw-r--r--security/nss/lib/freebl/mpi/mpi_mips.s502
-rw-r--r--security/nss/lib/freebl/mpi/mpi_sparc.c358
-rw-r--r--security/nss/lib/freebl/mpi/mpi_x86.asm351
-rw-r--r--security/nss/lib/freebl/mpi/mpi_x86.s342
-rw-r--r--security/nss/lib/freebl/mpi/mplogic.c459
-rw-r--r--security/nss/lib/freebl/mpi/mplogic.h82
-rw-r--r--security/nss/lib/freebl/mpi/mpmontg.c561
-rw-r--r--security/nss/lib/freebl/mpi/mpprime.c619
-rw-r--r--security/nss/lib/freebl/mpi/mpprime.h67
-rw-r--r--security/nss/lib/freebl/mpi/mpv_sparc.c249
-rw-r--r--security/nss/lib/freebl/mpi/mpv_sparcv8.s1651
-rw-r--r--security/nss/lib/freebl/mpi/mpv_sparcv9.s1683
-rw-r--r--security/nss/lib/freebl/mpi/mpvalpha.c214
-rw-r--r--security/nss/lib/freebl/mpi/mulsqr.c111
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/multest107
-rw-r--r--security/nss/lib/freebl/mpi/primes.c871
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/stats70
-rw-r--r--security/nss/lib/freebl/mpi/test-arrays.txt86
-rw-r--r--security/nss/lib/freebl/mpi/test-info.c191
-rw-r--r--security/nss/lib/freebl/mpi/tests/LICENSE6
-rw-r--r--security/nss/lib/freebl/mpi/tests/LICENSE-MPL32
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-1.c72
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-2.c83
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-3.c128
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-3a.c141
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-4.c123
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-4a.c135
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-4b.c132
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-5.c100
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-5a.c162
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-6.c108
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-7.c104
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-8.c95
-rw-r--r--security/nss/lib/freebl/mpi/tests/mptest-9.c113
-rw-r--r--security/nss/lib/freebl/mpi/tests/pi1k.txt1
-rw-r--r--security/nss/lib/freebl/mpi/tests/pi2k.txt1
-rw-r--r--security/nss/lib/freebl/mpi/tests/pi5k.txt1
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/timetest131
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/types.pl158
-rw-r--r--security/nss/lib/freebl/mpi/utils/LICENSE4
-rw-r--r--security/nss/lib/freebl/mpi/utils/LICENSE-MPL32
-rw-r--r--security/nss/lib/freebl/mpi/utils/PRIMES41
-rw-r--r--security/nss/lib/freebl/mpi/utils/README239
-rw-r--r--security/nss/lib/freebl/mpi/utils/basecvt.c97
-rw-r--r--security/nss/lib/freebl/mpi/utils/bbs_rand.c93
-rw-r--r--security/nss/lib/freebl/mpi/utils/bbs_rand.h55
-rw-r--r--security/nss/lib/freebl/mpi/utils/bbsrand.c64
-rw-r--r--security/nss/lib/freebl/mpi/utils/dec2hex.c68
-rw-r--r--security/nss/lib/freebl/mpi/utils/exptmod.c80
-rw-r--r--security/nss/lib/freebl/mpi/utils/fact.c112
-rw-r--r--security/nss/lib/freebl/mpi/utils/gcd.c116
-rw-r--r--security/nss/lib/freebl/mpi/utils/hex2dec.c68
-rw-r--r--security/nss/lib/freebl/mpi/utils/identest.c79
-rw-r--r--security/nss/lib/freebl/mpi/utils/invmod.c89
-rw-r--r--security/nss/lib/freebl/mpi/utils/isprime.c118
-rw-r--r--security/nss/lib/freebl/mpi/utils/lap.c118
-rw-r--r--security/nss/lib/freebl/mpi/utils/makeprime.c144
-rw-r--r--security/nss/lib/freebl/mpi/utils/metime.c132
-rw-r--r--security/nss/lib/freebl/mpi/utils/pi.c194
-rw-r--r--security/nss/lib/freebl/mpi/utils/primegen.c198
-rw-r--r--security/nss/lib/freebl/mpi/utils/prng.c87
-rwxr-xr-xsecurity/nss/lib/freebl/mpi/utils/ptab.pl58
-rw-r--r--security/nss/lib/freebl/mpi/utils/sieve.c265
-rw-r--r--security/nss/lib/freebl/mpi/vis_32.il1320
-rw-r--r--security/nss/lib/freebl/mpi/vis_64.il1026
-rw-r--r--security/nss/lib/freebl/mpi/vis_proto.h263
-rw-r--r--security/nss/lib/freebl/os2_rand.c329
-rw-r--r--security/nss/lib/freebl/pqg.c667
-rw-r--r--security/nss/lib/freebl/prng_fips1861.c513
-rw-r--r--security/nss/lib/freebl/rijndael.c1136
-rw-r--r--security/nss/lib/freebl/rijndael.h86
-rw-r--r--security/nss/lib/freebl/rijndael32.tab1215
-rw-r--r--security/nss/lib/freebl/rijndael_tables.c244
-rw-r--r--security/nss/lib/freebl/rsa.c1006
-rw-r--r--security/nss/lib/freebl/secmpi.h57
-rw-r--r--security/nss/lib/freebl/secrng.h82
-rw-r--r--security/nss/lib/freebl/sha.c160
-rw-r--r--security/nss/lib/freebl/sha.h48
-rw-r--r--security/nss/lib/freebl/sha_fast.c421
-rw-r--r--security/nss/lib/freebl/sha_fast.h59
-rw-r--r--security/nss/lib/freebl/sparcfix.c95
-rw-r--r--security/nss/lib/freebl/sysrand.c46
-rw-r--r--security/nss/lib/freebl/unix_rand.c907
-rw-r--r--security/nss/lib/freebl/win_rand.c415
-rw-r--r--security/nss/lib/jar/Makefile39
-rw-r--r--security/nss/lib/jar/config.mk43
-rw-r--r--security/nss/lib/jar/jar-ds.c70
-rw-r--r--security/nss/lib/jar/jar-ds.h106
-rw-r--r--security/nss/lib/jar/jar.c831
-rw-r--r--security/nss/lib/jar/jar.h478
-rw-r--r--security/nss/lib/jar/jarevil.c572
-rw-r--r--security/nss/lib/jar/jarevil.h76
-rw-r--r--security/nss/lib/jar/jarfile.c1151
-rw-r--r--security/nss/lib/jar/jarfile.h114
-rw-r--r--security/nss/lib/jar/jarint.c81
-rw-r--r--security/nss/lib/jar/jarint.h116
-rw-r--r--security/nss/lib/jar/jarjart.c354
-rw-r--r--security/nss/lib/jar/jarjart.h72
-rw-r--r--security/nss/lib/jar/jarnav.c107
-rw-r--r--security/nss/lib/jar/jarsign.c371
-rw-r--r--security/nss/lib/jar/jarver.c2032
-rw-r--r--security/nss/lib/jar/jzconf.h190
-rw-r--r--security/nss/lib/jar/jzlib.h896
-rw-r--r--security/nss/lib/jar/manifest.mn53
-rw-r--r--security/nss/lib/macbuild/NSS/NSS/NSS.mcpbin939 -> 0 bytes
-rw-r--r--security/nss/lib/macbuild/SecurityLib.mcpbin56096 -> 0 bytes
-rw-r--r--security/nss/lib/manifest.mn65
-rw-r--r--security/nss/lib/nss/Makefile78
-rw-r--r--security/nss/lib/nss/config.mk118
-rw-r--r--security/nss/lib/nss/manifest.mn55
-rw-r--r--security/nss/lib/nss/nss.def630
-rw-r--r--security/nss/lib/nss/nss.h144
-rw-r--r--security/nss/lib/nss/nss.rc98
-rw-r--r--security/nss/lib/nss/nssinit.c448
-rw-r--r--security/nss/lib/nss/nssrenam.h49
-rw-r--r--security/nss/lib/nss/nssver.c53
-rw-r--r--security/nss/lib/pk11wrap/Makefile90
-rw-r--r--security/nss/lib/pk11wrap/config.mk43
-rw-r--r--security/nss/lib/pk11wrap/dev3hack.c190
-rw-r--r--security/nss/lib/pk11wrap/dev3hack.h58
-rw-r--r--security/nss/lib/pk11wrap/manifest.mn69
-rw-r--r--security/nss/lib/pk11wrap/pk11cert.c3440
-rw-r--r--security/nss/lib/pk11wrap/pk11err.c147
-rw-r--r--security/nss/lib/pk11wrap/pk11func.h515
-rw-r--r--security/nss/lib/pk11wrap/pk11init.h63
-rw-r--r--security/nss/lib/pk11wrap/pk11kea.c231
-rw-r--r--security/nss/lib/pk11wrap/pk11list.c169
-rw-r--r--security/nss/lib/pk11wrap/pk11load.c304
-rw-r--r--security/nss/lib/pk11wrap/pk11pars.c349
-rw-r--r--security/nss/lib/pk11wrap/pk11pbe.c680
-rw-r--r--security/nss/lib/pk11wrap/pk11pk12.c476
-rw-r--r--security/nss/lib/pk11wrap/pk11pqg.c202
-rw-r--r--security/nss/lib/pk11wrap/pk11pqg.h149
-rw-r--r--security/nss/lib/pk11wrap/pk11sdr.c288
-rw-r--r--security/nss/lib/pk11wrap/pk11sdr.h59
-rw-r--r--security/nss/lib/pk11wrap/pk11skey.c4775
-rw-r--r--security/nss/lib/pk11wrap/pk11slot.c4331
-rw-r--r--security/nss/lib/pk11wrap/pk11util.c640
-rw-r--r--security/nss/lib/pk11wrap/secmod.h136
-rw-r--r--security/nss/lib/pk11wrap/secmodi.h105
-rw-r--r--security/nss/lib/pk11wrap/secmodt.h247
-rw-r--r--security/nss/lib/pk11wrap/secmodti.h187
-rw-r--r--security/nss/lib/pk11wrap/secpkcs5.h53
-rw-r--r--security/nss/lib/pkcs12/Makefile77
-rw-r--r--security/nss/lib/pkcs12/config.mk44
-rw-r--r--security/nss/lib/pkcs12/manifest.mn58
-rw-r--r--security/nss/lib/pkcs12/p12.h181
-rw-r--r--security/nss/lib/pkcs12/p12creat.c251
-rw-r--r--security/nss/lib/pkcs12/p12d.c3328
-rw-r--r--security/nss/lib/pkcs12/p12dec.c693
-rw-r--r--security/nss/lib/pkcs12/p12e.c2273
-rw-r--r--security/nss/lib/pkcs12/p12exp.c1407
-rw-r--r--security/nss/lib/pkcs12/p12local.c1363
-rw-r--r--security/nss/lib/pkcs12/p12local.h88
-rw-r--r--security/nss/lib/pkcs12/p12plcy.c198
-rw-r--r--security/nss/lib/pkcs12/p12plcy.h57
-rw-r--r--security/nss/lib/pkcs12/p12t.h182
-rw-r--r--security/nss/lib/pkcs12/p12tmpl.c320
-rw-r--r--security/nss/lib/pkcs12/pkcs12.h67
-rw-r--r--security/nss/lib/pkcs12/pkcs12t.h386
-rw-r--r--security/nss/lib/pkcs7/Makefile76
-rw-r--r--security/nss/lib/pkcs7/certread.c537
-rw-r--r--security/nss/lib/pkcs7/config.mk42
-rw-r--r--security/nss/lib/pkcs7/manifest.mn60
-rw-r--r--security/nss/lib/pkcs7/p7common.c747
-rw-r--r--security/nss/lib/pkcs7/p7create.c1320
-rw-r--r--security/nss/lib/pkcs7/p7decode.c2085
-rw-r--r--security/nss/lib/pkcs7/p7encode.c1333
-rw-r--r--security/nss/lib/pkcs7/p7local.c1442
-rw-r--r--security/nss/lib/pkcs7/p7local.h176
-rw-r--r--security/nss/lib/pkcs7/pkcs7t.h296
-rw-r--r--security/nss/lib/pkcs7/secmime.c901
-rw-r--r--security/nss/lib/pkcs7/secmime.h192
-rw-r--r--security/nss/lib/pkcs7/secpkcs7.h616
-rw-r--r--security/nss/lib/pki/Makefile44
-rw-r--r--security/nss/lib/pki/asymmkey.c465
-rw-r--r--security/nss/lib/pki/certdecode.c174
-rw-r--r--security/nss/lib/pki/certificate.c605
-rw-r--r--security/nss/lib/pki/config.mk154
-rw-r--r--security/nss/lib/pki/config34.mk48
-rw-r--r--security/nss/lib/pki/cryptocontext.c952
-rw-r--r--security/nss/lib/pki/doc/standiag.pngbin20475 -> 0 bytes
-rw-r--r--security/nss/lib/pki/doc/standoc.html471
-rw-r--r--security/nss/lib/pki/manifest.mn68
-rw-r--r--security/nss/lib/pki/nsspki.def249
-rw-r--r--security/nss/lib/pki/nsspki.h3187
-rw-r--r--security/nss/lib/pki/nsspki.rc98
-rw-r--r--security/nss/lib/pki/nsspkit.h271
-rw-r--r--security/nss/lib/pki/pki.h59
-rw-r--r--security/nss/lib/pki/pki3hack.c744
-rw-r--r--security/nss/lib/pki/pki3hack.h160
-rw-r--r--security/nss/lib/pki/pkim.h276
-rw-r--r--security/nss/lib/pki/pkit.h159
-rw-r--r--security/nss/lib/pki/pkitm.h96
-rw-r--r--security/nss/lib/pki/symmkey.c318
-rw-r--r--security/nss/lib/pki/tdcache.c996
-rw-r--r--security/nss/lib/pki/trustdomain.c1012
-rw-r--r--security/nss/lib/pki1/.cvsignore3
-rw-r--r--security/nss/lib/pki1/Makefile47
-rw-r--r--security/nss/lib/pki1/atav.c1821
-rw-r--r--security/nss/lib/pki1/config.mk47
-rw-r--r--security/nss/lib/pki1/genname.c94
-rw-r--r--security/nss/lib/pki1/gnseq.c71
-rw-r--r--security/nss/lib/pki1/manifest.mn66
-rw-r--r--security/nss/lib/pki1/name.c77
-rw-r--r--security/nss/lib/pki1/nsspki1.h2869
-rw-r--r--security/nss/lib/pki1/nsspki1t.h202
-rw-r--r--security/nss/lib/pki1/oid.c1615
-rwxr-xr-xsecurity/nss/lib/pki1/oidgen.perl313
-rw-r--r--security/nss/lib/pki1/oids.txt2115
-rw-r--r--security/nss/lib/pki1/pki1.h3032
-rw-r--r--security/nss/lib/pki1/pki1t.h104
-rw-r--r--security/nss/lib/pki1/rdn.c73
-rw-r--r--security/nss/lib/pki1/rdnseq.c71
-rw-r--r--security/nss/lib/pkix/doc/name_rules.html178
-rw-r--r--security/nss/lib/pkix/include/nsspkix.h24377
-rw-r--r--security/nss/lib/pkix/include/nsspkixt.h2281
-rw-r--r--security/nss/lib/pkix/include/pkix.h26086
-rw-r--r--security/nss/lib/pkix/include/pkixm.h969
-rw-r--r--security/nss/lib/pkix/include/pkixt.h57
-rw-r--r--security/nss/lib/pkix/include/pkixtm.h1581
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c85
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c71
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c83
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c71
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c80
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c71
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c138
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c137
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c76
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c144
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c117
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c88
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c69
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c78
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c75
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c86
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c76
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c77
-rw-r--r--security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c182
-rw-r--r--security/nss/lib/pkix/src/Attribute/AddValue.c79
-rw-r--r--security/nss/lib/pkix/src/Attribute/Create.c141
-rw-r--r--security/nss/lib/pkix/src/Attribute/CreateFromArray.c97
-rw-r--r--security/nss/lib/pkix/src/Attribute/Decode.c84
-rw-r--r--security/nss/lib/pkix/src/Attribute/Destroy.c74
-rw-r--r--security/nss/lib/pkix/src/Attribute/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/Attribute/Encode.c85
-rw-r--r--security/nss/lib/pkix/src/Attribute/Equal.c88
-rw-r--r--security/nss/lib/pkix/src/Attribute/FindValue.c84
-rw-r--r--security/nss/lib/pkix/src/Attribute/GetType.c72
-rw-r--r--security/nss/lib/pkix/src/Attribute/GetValue.c86
-rw-r--r--security/nss/lib/pkix/src/Attribute/GetValueCount.c75
-rw-r--r--security/nss/lib/pkix/src/Attribute/GetValues.c88
-rw-r--r--security/nss/lib/pkix/src/Attribute/MClear.c71
-rw-r--r--security/nss/lib/pkix/src/Attribute/MCount.c87
-rw-r--r--security/nss/lib/pkix/src/Attribute/MVCreate.c165
-rw-r--r--security/nss/lib/pkix/src/Attribute/PAddValue.c140
-rw-r--r--security/nss/lib/pkix/src/Attribute/PCreate.c139
-rw-r--r--security/nss/lib/pkix/src/Attribute/PCreateFromArray.c191
-rw-r--r--security/nss/lib/pkix/src/Attribute/PDecode.c153
-rw-r--r--security/nss/lib/pkix/src/Attribute/PDestroy.c82
-rw-r--r--security/nss/lib/pkix/src/Attribute/PDuplicate.c189
-rw-r--r--security/nss/lib/pkix/src/Attribute/PEncode.c126
-rw-r--r--security/nss/lib/pkix/src/Attribute/PEqual.c164
-rw-r--r--security/nss/lib/pkix/src/Attribute/PFindValue.c107
-rw-r--r--security/nss/lib/pkix/src/Attribute/PGetType.c79
-rw-r--r--security/nss/lib/pkix/src/Attribute/PGetValue.c98
-rw-r--r--security/nss/lib/pkix/src/Attribute/PGetValueCount.c88
-rw-r--r--security/nss/lib/pkix/src/Attribute/PGetValues.c145
-rw-r--r--security/nss/lib/pkix/src/Attribute/PRemoveValue.c121
-rw-r--r--security/nss/lib/pkix/src/Attribute/PSetType.c90
-rw-r--r--security/nss/lib/pkix/src/Attribute/PSetValue.c102
-rw-r--r--security/nss/lib/pkix/src/Attribute/PSetValues.c135
-rw-r--r--security/nss/lib/pkix/src/Attribute/RemoveValue.c76
-rw-r--r--security/nss/lib/pkix/src/Attribute/SetType.c80
-rw-r--r--security/nss/lib/pkix/src/Attribute/SetValue.c80
-rw-r--r--security/nss/lib/pkix/src/Attribute/SetValues.c85
-rw-r--r--security/nss/lib/pkix/src/Attribute/template.c58
-rw-r--r--security/nss/lib/pkix/src/Attribute/verifyPointer.c170
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c85
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c81
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c70
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c85
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c71
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c79
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c80
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c73
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c154
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c137
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c144
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c78
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c165
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c101
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c95
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c78
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c81
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c83
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c86
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c85
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c76
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c77
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/template.c56
-rw-r--r--security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c184
-rw-r--r--security/nss/lib/pkix/src/Name/Create.c93
-rw-r--r--security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c79
-rw-r--r--security/nss/lib/pkix/src/Name/CreateFromUTF8.c81
-rw-r--r--security/nss/lib/pkix/src/Name/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/Name/Destroy.c71
-rw-r--r--security/nss/lib/pkix/src/Name/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/Name/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/Name/Equal.c85
-rw-r--r--security/nss/lib/pkix/src/Name/GetChoice.c70
-rw-r--r--security/nss/lib/pkix/src/Name/GetRDNSequence.c80
-rw-r--r--security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c90
-rw-r--r--security/nss/lib/pkix/src/Name/GetUTF8Encoding.c79
-rw-r--r--security/nss/lib/pkix/src/Name/MClear.c73
-rw-r--r--security/nss/lib/pkix/src/Name/Mregister.c72
-rw-r--r--security/nss/lib/pkix/src/Name/PCreate.c173
-rw-r--r--security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c145
-rw-r--r--security/nss/lib/pkix/src/Name/PCreateFromUTF8.c145
-rw-r--r--security/nss/lib/pkix/src/Name/PDecode.c138
-rw-r--r--security/nss/lib/pkix/src/Name/PDestroy.c76
-rw-r--r--security/nss/lib/pkix/src/Name/PDuplicate.c172
-rw-r--r--security/nss/lib/pkix/src/Name/PEncode.c118
-rw-r--r--security/nss/lib/pkix/src/Name/PEqual.c104
-rw-r--r--security/nss/lib/pkix/src/Name/PGetChoice.c68
-rw-r--r--security/nss/lib/pkix/src/Name/PGetRDNSequence.c87
-rw-r--r--security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c93
-rw-r--r--security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c81
-rw-r--r--security/nss/lib/pkix/src/Name/template.c56
-rw-r--r--security/nss/lib/pkix/src/Name/verifyPointer.c210
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c77
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Create.c125
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c86
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c81
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Destroy.c70
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/Equal.c85
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c78
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c81
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c71
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c85
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/MClear.c73
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/MCount.c82
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/MVCreate.c141
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c105
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PCreate.c123
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c151
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c139
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PDecode.c138
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PDestroy.c76
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PDuplicate.c177
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PEncode.c118
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PEqual.c107
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c90
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c96
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c85
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c135
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c81
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c117
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c104
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c103
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c153
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c72
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c79
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c115
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/template.c55
-rw-r--r--security/nss/lib/pkix/src/RDNSequence/verifyPointer.c205
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c77
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c125
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c86
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c81
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c70
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c80
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c81
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c85
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c78
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c81
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c72
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c83
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c79
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c73
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c82
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c158
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c107
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c123
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c151
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c139
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c142
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c76
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c177
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c123
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c101
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c96
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c89
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c85
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c133
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c81
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c121
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c102
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c166
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c73
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c79
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c113
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/template.c55
-rw-r--r--security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c205
-rw-r--r--security/nss/lib/pkix/src/Time/Compare.c75
-rw-r--r--security/nss/lib/pkix/src/Time/CreateFromPRTime.c65
-rw-r--r--security/nss/lib/pkix/src/Time/CreateFromUTF8.c70
-rw-r--r--security/nss/lib/pkix/src/Time/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/Time/Destroy.c62
-rw-r--r--security/nss/lib/pkix/src/Time/Duplicate.c69
-rw-r--r--security/nss/lib/pkix/src/Time/Encode.c71
-rw-r--r--security/nss/lib/pkix/src/Time/Equal.c74
-rw-r--r--security/nss/lib/pkix/src/Time/GetPRTime.c64
-rw-r--r--security/nss/lib/pkix/src/Time/GetUTF8Encoding.c69
-rw-r--r--security/nss/lib/pkix/src/Time/PCreateFromPRTime.c117
-rw-r--r--security/nss/lib/pkix/src/Time/PCreateFromUTF8.c121
-rw-r--r--security/nss/lib/pkix/src/Time/PDecode.c137
-rw-r--r--security/nss/lib/pkix/src/Time/PDestroy.c68
-rw-r--r--security/nss/lib/pkix/src/Time/PEncode.c66
-rw-r--r--security/nss/lib/pkix/src/Time/template.c54
-rw-r--r--security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c105
-rw-r--r--security/nss/lib/pkix/src/X520Name/Decode.c79
-rw-r--r--security/nss/lib/pkix/src/X520Name/Destroy.c70
-rw-r--r--security/nss/lib/pkix/src/X520Name/Duplicate.c79
-rw-r--r--security/nss/lib/pkix/src/X520Name/Encode.c80
-rw-r--r--security/nss/lib/pkix/src/X520Name/Equal.c83
-rw-r--r--security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c78
-rw-r--r--security/nss/lib/pkix/src/X520Name/MDoUTF8.c97
-rw-r--r--security/nss/lib/pkix/src/X520Name/PCreate.c169
-rw-r--r--security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c164
-rw-r--r--security/nss/lib/pkix/src/X520Name/PDecode.c135
-rw-r--r--security/nss/lib/pkix/src/X520Name/PDestroy.c87
-rw-r--r--security/nss/lib/pkix/src/X520Name/PDuplicate.c158
-rw-r--r--security/nss/lib/pkix/src/X520Name/PEncode.c93
-rw-r--r--security/nss/lib/pkix/src/X520Name/PEqual.c100
-rw-r--r--security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c82
-rw-r--r--security/nss/lib/pkix/src/X520Name/template.c56
-rw-r--r--security/nss/lib/pkix/src/X520Name/verifyPointer.c169
-rw-r--r--security/nss/lib/smime/Makefile76
-rw-r--r--security/nss/lib/smime/cms.h1082
-rw-r--r--security/nss/lib/smime/cmsarray.c212
-rw-r--r--security/nss/lib/smime/cmsasn1.c575
-rw-r--r--security/nss/lib/smime/cmsattr.c453
-rw-r--r--security/nss/lib/smime/cmscinfo.c327
-rw-r--r--security/nss/lib/smime/cmscipher.c792
-rw-r--r--security/nss/lib/smime/cmsdecode.c691
-rw-r--r--security/nss/lib/smime/cmsdigdata.c223
-rw-r--r--security/nss/lib/smime/cmsdigest.c259
-rw-r--r--security/nss/lib/smime/cmsencdata.c279
-rw-r--r--security/nss/lib/smime/cmsencode.c743
-rw-r--r--security/nss/lib/smime/cmsenvdata.c423
-rw-r--r--security/nss/lib/smime/cmslocal.h330
-rw-r--r--security/nss/lib/smime/cmsmessage.c315
-rw-r--r--security/nss/lib/smime/cmspubkey.c531
-rw-r--r--security/nss/lib/smime/cmsrecinfo.c423
-rw-r--r--security/nss/lib/smime/cmsreclist.c187
-rw-r--r--security/nss/lib/smime/cmsreclist.h59
-rw-r--r--security/nss/lib/smime/cmssigdata.c900
-rw-r--r--security/nss/lib/smime/cmssiginfo.c872
-rw-r--r--security/nss/lib/smime/cmst.h489
-rw-r--r--security/nss/lib/smime/cmsutil.c393
-rw-r--r--security/nss/lib/smime/config.mk93
-rw-r--r--security/nss/lib/smime/manifest.mn77
-rw-r--r--security/nss/lib/smime/smime.def198
-rw-r--r--security/nss/lib/smime/smime.h148
-rw-r--r--security/nss/lib/smime/smime.rc98
-rw-r--r--security/nss/lib/smime/smimemessage.c215
-rw-r--r--security/nss/lib/smime/smimesym.c8
-rw-r--r--security/nss/lib/smime/smimeutil.c741
-rw-r--r--security/nss/lib/smime/smimever.c53
-rw-r--r--security/nss/lib/softoken/Makefile93
-rw-r--r--security/nss/lib/softoken/alghmac.c155
-rw-r--r--security/nss/lib/softoken/alghmac.h88
-rw-r--r--security/nss/lib/softoken/cdbhdl.h54
-rw-r--r--security/nss/lib/softoken/config.mk118
-rw-r--r--security/nss/lib/softoken/dbinit.c226
-rw-r--r--security/nss/lib/softoken/fipstest.c1093
-rw-r--r--security/nss/lib/softoken/fipstokn.c908
-rw-r--r--security/nss/lib/softoken/keydb.c2563
-rw-r--r--security/nss/lib/softoken/keydbi.h80
-rw-r--r--security/nss/lib/softoken/lowcert.c470
-rw-r--r--security/nss/lib/softoken/lowkey.c323
-rw-r--r--security/nss/lib/softoken/lowkeyi.h259
-rw-r--r--security/nss/lib/softoken/lowkeyti.h142
-rw-r--r--security/nss/lib/softoken/lowpbe.c1188
-rw-r--r--security/nss/lib/softoken/lowpbe.h132
-rw-r--r--security/nss/lib/softoken/manifest.mn86
-rw-r--r--security/nss/lib/softoken/padbuf.c77
-rw-r--r--security/nss/lib/softoken/pcert.h147
-rw-r--r--security/nss/lib/softoken/pcertdb.c4472
-rw-r--r--security/nss/lib/softoken/pcertt.h432
-rw-r--r--security/nss/lib/softoken/pk11db.c776
-rw-r--r--security/nss/lib/softoken/pk11pars.h841
-rw-r--r--security/nss/lib/softoken/pkcs11.c4040
-rw-r--r--security/nss/lib/softoken/pkcs11.h319
-rw-r--r--security/nss/lib/softoken/pkcs11c.c5177
-rw-r--r--security/nss/lib/softoken/pkcs11f.h934
-rw-r--r--security/nss/lib/softoken/pkcs11i.h597
-rw-r--r--security/nss/lib/softoken/pkcs11n.h218
-rw-r--r--security/nss/lib/softoken/pkcs11p.h49
-rw-r--r--security/nss/lib/softoken/pkcs11t.h1365
-rw-r--r--security/nss/lib/softoken/pkcs11u.c2653
-rw-r--r--security/nss/lib/softoken/pkcs11u.h47
-rw-r--r--security/nss/lib/softoken/rawhash.c111
-rw-r--r--security/nss/lib/softoken/rsawrapr.c865
-rw-r--r--security/nss/lib/softoken/softoken.h157
-rw-r--r--security/nss/lib/softoken/softokn.def57
-rw-r--r--security/nss/lib/softoken/softokn.rc102
-rw-r--r--security/nss/lib/softoken/softoknt.h61
-rw-r--r--security/nss/lib/ssl/Makefile87
-rw-r--r--security/nss/lib/ssl/authcert.c115
-rw-r--r--security/nss/lib/ssl/cmpcert.c117
-rw-r--r--security/nss/lib/ssl/config.mk71
-rw-r--r--security/nss/lib/ssl/emulate.c626
-rw-r--r--security/nss/lib/ssl/manifest.mn83
-rw-r--r--security/nss/lib/ssl/notes.txt161
-rw-r--r--security/nss/lib/ssl/nsskea.c75
-rw-r--r--security/nss/lib/ssl/os2_err.c310
-rw-r--r--security/nss/lib/ssl/os2_err.h83
-rw-r--r--security/nss/lib/ssl/preenc.h161
-rw-r--r--security/nss/lib/ssl/prelib.c251
-rw-r--r--security/nss/lib/ssl/ssl.def120
-rw-r--r--security/nss/lib/ssl/ssl.h439
-rw-r--r--security/nss/lib/ssl/ssl.rc98
-rw-r--r--security/nss/lib/ssl/ssl3con.c7967
-rw-r--r--security/nss/lib/ssl/ssl3gthr.c238
-rw-r--r--security/nss/lib/ssl/ssl3prot.h305
-rw-r--r--security/nss/lib/ssl/sslauth.c288
-rw-r--r--security/nss/lib/ssl/sslcon.c3880
-rw-r--r--security/nss/lib/ssl/ssldef.c247
-rw-r--r--security/nss/lib/ssl/sslenum.c100
-rw-r--r--security/nss/lib/ssl/sslerr.c71
-rw-r--r--security/nss/lib/ssl/sslerr.h188
-rw-r--r--security/nss/lib/ssl/sslgathr.c479
-rw-r--r--security/nss/lib/ssl/sslimpl.h1287
-rw-r--r--security/nss/lib/ssl/sslinfo.c199
-rw-r--r--security/nss/lib/ssl/sslmutex.c654
-rw-r--r--security/nss/lib/ssl/sslmutex.h149
-rw-r--r--security/nss/lib/ssl/sslnonce.c365
-rw-r--r--security/nss/lib/ssl/sslproto.h172
-rw-r--r--security/nss/lib/ssl/sslreveal.c97
-rw-r--r--security/nss/lib/ssl/sslsecur.c1362
-rw-r--r--security/nss/lib/ssl/sslsnce.c1610
-rw-r--r--security/nss/lib/ssl/sslsock.c1890
-rw-r--r--security/nss/lib/ssl/sslt.h163
-rw-r--r--security/nss/lib/ssl/ssltrace.c269
-rw-r--r--security/nss/lib/ssl/sslver.c53
-rw-r--r--security/nss/lib/ssl/unix_err.c547
-rw-r--r--security/nss/lib/ssl/unix_err.h87
-rw-r--r--security/nss/lib/ssl/win32err.c373
-rw-r--r--security/nss/lib/ssl/win32err.h81
-rw-r--r--security/nss/lib/util/Makefile86
-rw-r--r--security/nss/lib/util/base64.h71
-rw-r--r--security/nss/lib/util/ciferfam.h87
-rw-r--r--security/nss/lib/util/config.mk43
-rw-r--r--security/nss/lib/util/derdec.c552
-rw-r--r--security/nss/lib/util/derenc.c504
-rw-r--r--security/nss/lib/util/dersubr.c258
-rw-r--r--security/nss/lib/util/dertime.c334
-rw-r--r--security/nss/lib/util/manifest.mn91
-rw-r--r--security/nss/lib/util/nssb64.h124
-rw-r--r--security/nss/lib/util/nssb64d.c861
-rw-r--r--security/nss/lib/util/nssb64e.c762
-rw-r--r--security/nss/lib/util/nssb64t.h45
-rw-r--r--security/nss/lib/util/nssilckt.h220
-rw-r--r--security/nss/lib/util/nssilock.c519
-rw-r--r--security/nss/lib/util/nssilock.h316
-rw-r--r--security/nss/lib/util/nsslocks.c105
-rw-r--r--security/nss/lib/util/nsslocks.h67
-rw-r--r--security/nss/lib/util/nssrwlk.c509
-rw-r--r--security/nss/lib/util/nssrwlk.h160
-rw-r--r--security/nss/lib/util/nssrwlkt.h47
-rw-r--r--security/nss/lib/util/portreg.c317
-rw-r--r--security/nss/lib/util/portreg.h92
-rw-r--r--security/nss/lib/util/pqgutil.c267
-rw-r--r--security/nss/lib/util/pqgutil.h127
-rw-r--r--security/nss/lib/util/ret_cr16.s54
-rw-r--r--security/nss/lib/util/secalgid.c173
-rw-r--r--security/nss/lib/util/secasn1.h284
-rw-r--r--security/nss/lib/util/secasn1d.c2981
-rw-r--r--security/nss/lib/util/secasn1e.c1496
-rw-r--r--security/nss/lib/util/secasn1t.h287
-rw-r--r--security/nss/lib/util/secasn1u.c106
-rw-r--r--security/nss/lib/util/seccomon.h109
-rw-r--r--security/nss/lib/util/secder.h193
-rw-r--r--security/nss/lib/util/secdert.h170
-rw-r--r--security/nss/lib/util/secdig.c232
-rw-r--r--security/nss/lib/util/secdig.h135
-rw-r--r--security/nss/lib/util/secdigt.h57
-rw-r--r--security/nss/lib/util/secerr.h187
-rw-r--r--security/nss/lib/util/secinit.c50
-rw-r--r--security/nss/lib/util/secitem.c284
-rw-r--r--security/nss/lib/util/secitem.h112
-rw-r--r--security/nss/lib/util/secoid.c1321
-rw-r--r--security/nss/lib/util/secoid.h120
-rw-r--r--security/nss/lib/util/secoidt.h320
-rw-r--r--security/nss/lib/util/secplcy.c114
-rw-r--r--security/nss/lib/util/secplcy.h133
-rw-r--r--security/nss/lib/util/secport.c574
-rw-r--r--security/nss/lib/util/secport.h274
-rw-r--r--security/nss/lib/util/sectime.c177
-rw-r--r--security/nss/lib/util/utf8.c2061
-rw-r--r--security/nss/lib/util/watcomfx.h59
-rw-r--r--security/nss/macbuild/LoadableRoots.mcpbin49971 -> 0 bytes
-rw-r--r--security/nss/macbuild/LoadableRoots.mcp.exp1
-rwxr-xr-xsecurity/nss/macbuild/NSS.Prefix3
-rwxr-xr-xsecurity/nss/macbuild/NSS.mcpbin112653 -> 0 bytes
-rwxr-xr-xsecurity/nss/macbuild/NSSCommon.h5
-rwxr-xr-xsecurity/nss/macbuild/NSSDebug.Prefix3
-rw-r--r--security/nss/macbuild/NSSckfw.mcpbin41514 -> 0 bytes
-rw-r--r--security/nss/macbuild/macstubs.c45
-rw-r--r--security/nss/makefile.win99
-rw-r--r--security/nss/manifest.mn44
-rw-r--r--security/nss/relnotes.txt284
-rwxr-xr-xsecurity/nss/tests/all.sh113
-rwxr-xr-xsecurity/nss/tests/cert/cert.sh490
-rwxr-xr-xsecurity/nss/tests/cipher/cipher.sh110
-rw-r--r--security/nss/tests/cipher/cipher.txt33
-rw-r--r--security/nss/tests/cipher/dsa.txt8
-rw-r--r--security/nss/tests/cipher/hash.txt8
-rwxr-xr-xsecurity/nss/tests/cipher/performance.sh144
-rw-r--r--security/nss/tests/cipher/rsa.txt8
-rw-r--r--security/nss/tests/cipher/symmkey.txt19
-rw-r--r--security/nss/tests/common/Makefile43
-rwxr-xr-xsecurity/nss/tests/common/cleanup.sh48
-rw-r--r--security/nss/tests/common/init.sh410
-rw-r--r--security/nss/tests/common/results_header.html6
-rwxr-xr-xsecurity/nss/tests/core_watch45
-rwxr-xr-xsecurity/nss/tests/dbtests/dbtests.sh146
-rwxr-xr-xsecurity/nss/tests/dll_version.sh50
-rw-r--r--security/nss/tests/doc/clean.gifbin5503 -> 0 bytes
-rwxr-xr-xsecurity/nss/tests/doc/nssqa.txt108
-rw-r--r--security/nss/tests/doc/platform_specific_problems110
-rwxr-xr-xsecurity/nss/tests/doc/qa_wrapper.html269
-rwxr-xr-xsecurity/nss/tests/fips/fips.sh179
-rw-r--r--security/nss/tests/header1601
-rwxr-xr-xsecurity/nss/tests/jss_dll_version.sh22
-rwxr-xr-xsecurity/nss/tests/jssdir28
-rwxr-xr-xsecurity/nss/tests/jssqa216
-rwxr-xr-xsecurity/nss/tests/mksymlinks106
-rwxr-xr-xsecurity/nss/tests/nssdir28
-rwxr-xr-xsecurity/nss/tests/nsspath12
-rwxr-xr-xsecurity/nss/tests/nssqa279
-rwxr-xr-xsecurity/nss/tests/path_uniq107
-rwxr-xr-xsecurity/nss/tests/perf/perf.sh87
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/Makefile76
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/config.mk42
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/manifest.mn46
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/Makefile75
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/config.mk54
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/manifest.mn40
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile76
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk57
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn46
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c1360
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h111
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp50
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h190
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg960
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep157
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk34
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile77
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/README11
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.dbbin90112 -> 0 bytes
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk61
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.dbbin16384 -> 0 bytes
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn60
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg49194
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c293
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h96
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c105
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h127
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c1183
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h238
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp136
-rw-r--r--security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep417
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/.cvsignore6
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/Makefile.in175
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/README.txt56
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/acconfig.h36
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/config.h.in28
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/trivial/configure1906
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/configure.in180
-rwxr-xr-xsecurity/nss/tests/pkcs11/netscape/trivial/install-sh251
-rw-r--r--security/nss/tests/pkcs11/netscape/trivial/trivial.c1313
-rw-r--r--security/nss/tests/platformlist13
-rw-r--r--security/nss/tests/platformlist.tbx14
-rwxr-xr-xsecurity/nss/tests/qa_stage320
-rwxr-xr-xsecurity/nss/tests/qa_stat933
-rwxr-xr-xsecurity/nss/tests/qaclean144
-rwxr-xr-xsecurity/nss/tests/sdr/sdr.sh121
-rw-r--r--security/nss/tests/set_environment223
-rw-r--r--security/nss/tests/smime/alice.txt6
-rw-r--r--security/nss/tests/smime/bob.txt6
-rwxr-xr-xsecurity/nss/tests/smime/smime.sh165
-rwxr-xr-xsecurity/nss/tests/ssl/ssl.sh320
-rwxr-xr-xsecurity/nss/tests/ssl/ssl_dist_stress.sh343
-rw-r--r--security/nss/tests/ssl/sslauth.txt21
-rw-r--r--security/nss/tests/ssl/sslcov.txt44
-rw-r--r--security/nss/tests/ssl/sslreq.txt3
-rw-r--r--security/nss/tests/ssl/sslstress.txt14
-rw-r--r--security/nss/tests/tools/sign.html5
-rw-r--r--security/nss/tests/tools/signjs.html8
-rw-r--r--security/nss/tests/tools/tools.sh184
-rwxr-xr-xsecurity/nss/trademarks.txt130
1382 files changed, 0 insertions, 561468 deletions
diff --git a/security/nss/Makefile b/security/nss/Makefile
deleted file mode 100644
index 6e18827cd..000000000
--- a/security/nss/Makefile
+++ /dev/null
@@ -1,174 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-nss_build_all: build_coreconf build_nspr build_dbm all
-
-build_coreconf:
- cd $(CORE_DEPTH)/coreconf ; $(MAKE)
-
-#
-# NSPR has two build systems: autoconf and classic.
-# The build_nspr rule needs to work with both.
-#
-
-ifdef NSPR_AUTOCONF
-
-NSPR_CONFIG_STATUS = $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)/config.status
-NSPR_CONFIGURE = $(CORE_DEPTH)/../nsprpub/configure
-
-#
-# Translate coreconf build options to NSPR configure options.
-#
-
-ifdef BUILD_OPT
-NSPR_CONFIGURE_OPTS += --disable-debug --enable-optimize
-endif
-ifdef USE_64
-NSPR_CONFIGURE_OPTS += --enable-64bit
-endif
-ifeq ($(OS_TARGET),WIN95)
-NSPR_CONFIGURE_OPTS += --enable-win32-target=WIN95
-endif
-ifdef USE_DEBUG_RTL
-NSPR_CONFIGURE_OPTS += --enable-debug-rtl
-endif
-
-#
-# Some pwd commands on Windows (for example, the pwd
-# command in Cygwin) return a pathname that begins
-# with a (forward) slash. When such a pathname is
-# passed to Windows build tools (for example, cl), it
-# is mistaken as a command-line option. If that is the case,
-# we use a relative pathname as NSPR's prefix on Windows.
-#
-
-USEABSPATH="YES"
-ifeq ($(OS_ARCH),WINNT)
-ifeq (,$(findstring :,$(shell pwd)))
-USEABSPATH="NO"
-endif
-endif
-ifeq ($(USEABSPATH),"YES")
-NSPR_PREFIX = $(shell pwd)/../../dist/$(OBJDIR_NAME)
-else
-NSPR_PREFIX = $$(topsrcdir)/../dist/$(OBJDIR_NAME)
-endif
-
-$(NSPR_CONFIG_STATUS): $(NSPR_CONFIGURE)
- $(NSINSTALL) -D $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; \
- sh ../configure \
- $(NSPR_CONFIGURE_OPTS) \
- --with-dist-prefix='$(NSPR_PREFIX)' \
- --with-dist-includedir='$(NSPR_PREFIX)/include'
-
-build_nspr: $(NSPR_CONFIG_STATUS)
- cd $(CORE_DEPTH)/../nsprpub/$(OBJDIR_NAME) ; $(MAKE)
-
-else # NSPR classic build system
-
-build_nspr:
- cd $(CORE_DEPTH)/../nsprpub ; $(MAKE) OBJDIR_NAME=${OBJDIR_NAME}
-
-endif # NSPR_AUTOCONF
-
-build_dbm:
- cd $(CORE_DEPTH)/dbm ; $(MAKE) export libs
-
-
-
-moz_import::
-ifeq ($(OS_ARCH),WINNT)
- $(NSINSTALL) -D $(DIST)/include/nspr
- cp $(DIST)/../include/nspr/*.h $(DIST)/include/nspr
- cp $(DIST)/../include/* $(DIST)/include
-ifdef BUILD_OPT
- cp $(DIST)/../WIN32_O.OBJ/lib/* $(DIST)/lib
-else
- cp $(DIST)/../WIN32_D.OBJ/lib/* $(DIST)/lib
-endif
- mv $(DIST)/lib/dbm32.lib $(DIST)/lib/dbm.lib
-else
-ifeq ($(OS_ARCH),OS2)
- cp -rf $(DIST)/../include $(DIST)
- cp -rf $(DIST)/../lib $(DIST)
- cp -f $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
-else
- $(NSINSTALL) -L ../../dist include $(DIST)
- $(NSINSTALL) -L ../../dist lib $(DIST)
- cp $(DIST)/lib/libmozdbm_s.$(LIB_SUFFIX) $(DIST)/lib/libdbm.$(LIB_SUFFIX)
-endif
-endif
-
-nss_RelEng_bld: build_coreconf import all
diff --git a/security/nss/cmd/.cvsignore b/security/nss/cmd/.cvsignore
deleted file mode 100644
index 6329db22e..000000000
--- a/security/nss/cmd/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-.gdbinit
diff --git a/security/nss/cmd/Makefile b/security/nss/cmd/Makefile
deleted file mode 100644
index dd012940e..000000000
--- a/security/nss/cmd/Makefile
+++ /dev/null
@@ -1,182 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../..
-DEPTH = ../..
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-
-# These sources were once in this directory, but now are gone.
-MISSING_SOURCES = \
- addcert.c \
- berparse.c \
- cert.c \
- key.c \
- key_rand.c \
- keygen.c \
- sec_fe.c \
- sec_read.c \
- secarb.c \
- secutil.c \
- $(NULL)
-
-# we don't build these any more, but the sources are still here
-OBSOLETE = \
- berdec.c \
- berdump.c \
- cypher.c \
- dumpcert.c \
- listcerts.c \
- mkdongle.c \
- p12exprt.c \
- p12imprt.c \
- rc4.c \
- sign.c \
- unwrap.c \
- vector.c \
- verify.c \
- wrap.c \
- $(NULL)
-
-# the base files for the executables
-# hey -- keep these alphabetical, please
-EXEC_SRCS = \
- $(NULL)
-
-# files that generate two separate objects and executables
-# BI_SRCS = \
-# keyutil.c \
-# p7env.c \
-# tstclnt.c \
-# $(NULL)
-
-# -I$(CORE_DEPTH)/security/lib/cert \
-# -I$(CORE_DEPTH)/security/lib/key \
-# -I$(CORE_DEPTH)/security/lib/util \
-
-INCLUDES += \
- -I$(DIST)/../public/security \
- -I./include \
- $(NULL)
-
-TBD_DIRS = rsh rshd rdist ssld
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
- $(DIST)/lib/libdbm.$(LIB_SUFFIX) \
- $(DIST)/lib/libxp.$(LIB_SUFFIX) \
- $(DIST)/lib/libnspr.$(LIB_SUFFIX) \
- $(NULL)
-
-# $(DIST)/lib/libpurenspr.$(LIB_SUFFIX) \
-
-#There is a circular dependancy in security/lib, and here is a gross fix
-SEC_LIBS = \
- $(DIST)/lib/libsecnav.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libhash.$(LIB_SUFFIX) \
- $(NULL)
-
-MYLIB = lib/$(OBJDIR)/libsectool.$(LIB_SUFFIX)
-
-US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-
-REQUIRES = libxp nspr security
-
-CSRCS = $(EXEC_SRCS) $(BI_SRCS)
-
-OBJS = $(CSRCS:.c=.o) $(BI_SRCS:.c=-us.o) $(BI_SRCS:.c=-ex.o)
-
-PROGS = $(addprefix $(OBJDIR)/, $(EXEC_SRCS:.c=$(BIN_SUFFIX)))
-US_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-us$(BIN_SUFFIX)))
-EX_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-ex$(BIN_SUFFIX)))
-
-
-NON_DIRS = $(PROGS) $(US_PROGS) $(EX_PROGS)
-TARGETS = $(NON_DIRS)
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-
-ifneq ($(OS_ARCH),OS2)
-$(OBJDIR)/%-us.o: %.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(US_FLAGS) -c $*.c
-
-$(OBJDIR)/%-ex.o: %.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c
-
-$(OBJDIR)/%.o: %.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(EXPORT_FLAGS) -c $*.c
-
-$(US_PROGS):$(OBJDIR)/%-us: $(OBJDIR)/%-us.o $(US_LIBS)
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(OBJDIR)/$*-us.o $(LDFLAGS) $(US_LIBS) $(OS_LIBS)
-
-$(EX_PROGS):$(OBJDIR)/%-ex: $(OBJDIR)/%-ex.o $(EX_LIBS)
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $(OBJDIR)/$*-ex.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS)
-
-$(PROGS):$(OBJDIR)/%: $(OBJDIR)/%.o $(EX_LIBS)
- @$(MAKE_OBJDIR)
- $(CCF) -o $@ $@.o $(LDFLAGS) $(EX_LIBS) $(OS_LIBS)
-
-#install:: $(TARGETS)
-# $(INSTALL) $(TARGETS) $(DIST)/bin
-endif
-
-symbols::
- @echo "TARGETS = $(TARGETS)"
diff --git a/security/nss/cmd/SSLsample/Makefile b/security/nss/cmd/SSLsample/Makefile
deleted file mode 100644
index cf741f387..000000000
--- a/security/nss/cmd/SSLsample/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# do these once for each target program
-all default export libs program install release_export::
- $(MAKE) -f make.client $@
- $(MAKE) -f make.server $@
-
-# only do these things once for the whole directory
-depend dependclean clean clobber realclean clobber_all release_classes release_clean release_cpdistdir release_export release_jars release_md release_policy show::
- $(MAKE) -f make.client $@
-
-
diff --git a/security/nss/cmd/SSLsample/Makefile.NSS b/security/nss/cmd/SSLsample/Makefile.NSS
deleted file mode 100644
index 0a3545f4f..000000000
--- a/security/nss/cmd/SSLsample/Makefile.NSS
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-ARCH := $(shell uname)
-
-ifeq ($(ARCH), SunOS)
- DEFINES = -KPIC -DSVR4 -DSOLARIS -DSYSV -D__svr4 -D__svr4__ \
- -D_REENTRANT -DSOLARIS2_5 -D_SVID_GETTOD -DXP_UNIX -UDEBUG -DNDEBUG \
- -DXP_UNIX
- INCPATH = -I. -I../include/dbm -I../include/nspr -I../include/security
- LIBPATH = -L../lib
- LIBS = -lnss -lssl -lpkcs7 -lpkcs12 -lsecmod -lcert -lkey \
- -lcrypto -lsecutil -lhash -ldbm -lplc4 -lplds4 -lnspr4 -lsocket -lnsl
- CFLAGS = -g
- CC = cc
-endif # SunOS
-
-# The rules to build the sample apps appear below.
-
-server:
- $(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS)
-
-client:
- $(CC) $(CFLAGS) $@.c -o $@ $(DEFINES) $(INCPATH) $(LIBPATH) $(LIBS)
-
-clean:
- rm -fr server client server.o client.o
-
diff --git a/security/nss/cmd/SSLsample/NSPRerrs.h b/security/nss/cmd/SSLsample/NSPRerrs.h
deleted file mode 100644
index bacdef6b2..000000000
--- a/security/nss/cmd/SSLsample/NSPRerrs.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* General NSPR 2.0 errors */
-/* Caller must #include "prerror.h" */
-
-ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." )
-ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." )
-ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." )
-ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." )
-ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." )
-ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." )
-ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." )
-ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." )
-ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." )
-ER2( PR_IO_ERROR, "I/O function error." )
-ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." )
-ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." )
-ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." )
-ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." )
-ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." )
-ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." )
-ER2( PR_IS_CONNECTED_ERROR, "Already connected." )
-ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." )
-ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." )
-ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." )
-ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." )
-ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." )
-ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." )
-ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." )
-ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." )
-ER2( PR_FIND_SYMBOL_ERROR,
-"Symbol not found in any of the loaded dynamic libraries." )
-ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." )
-ER2( PR_DIRECTORY_LOOKUP_ERROR,
-"A directory lookup on a network address has failed." )
-ER2( PR_TPD_RANGE_ERROR,
-"Attempt to access a TPD key that is out of range." )
-ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." )
-ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." )
-ER2( PR_NOT_SOCKET_ERROR,
-"Network operation attempted on non-network file descriptor." )
-ER2( PR_NOT_TCP_SOCKET_ERROR,
-"TCP-specific function attempted on a non-TCP file descriptor." )
-ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." )
-ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." )
-ER2( PR_OPERATION_NOT_SUPPORTED_ERROR,
-"The requested operation is not supported by the platform." )
-ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR,
-"The host operating system does not support the protocol requested." )
-ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." )
-ER2( PR_BUFFER_OVERFLOW_ERROR,
-"The value requested is too large to be stored in the data buffer provided." )
-ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." )
-ER2( PR_RANGE_ERROR, "Unused." )
-ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." )
-ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." )
-ER2( PR_FILE_TOO_BIG_ERROR,
-"Write would result in file larger than the system allows." )
-ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." )
-ER2( PR_PIPE_ERROR, "Unused." )
-ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." )
-ER2( PR_IS_DIRECTORY_ERROR,
-"Cannot perform a normal file operation on a directory." )
-ER2( PR_LOOP_ERROR, "Symbolic link loop." )
-ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." )
-ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." )
-ER2( PR_NOT_DIRECTORY_ERROR,
-"Cannot perform directory operation on a normal file." )
-ER2( PR_READ_ONLY_FILESYSTEM_ERROR,
-"Cannot write to a read-only file system." )
-ER2( PR_DIRECTORY_NOT_EMPTY_ERROR,
-"Cannot delete a directory that is not empty." )
-ER2( PR_FILESYSTEM_MOUNTED_ERROR,
-"Cannot delete or rename a file object while the file system is busy." )
-ER2( PR_NOT_SAME_DEVICE_ERROR,
-"Cannot rename a file to a file system on another device." )
-ER2( PR_DIRECTORY_CORRUPTED_ERROR,
-"The directory object in the file system is corrupted." )
-ER2( PR_FILE_EXISTS_ERROR,
-"Cannot create or rename a filename that already exists." )
-ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR,
-"Directory is full. No additional filenames may be added." )
-ER2( PR_INVALID_DEVICE_STATE_ERROR,
-"The required device was in an invalid state." )
-ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." )
-ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." )
-ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." )
-ER2( PR_FILE_SEEK_ERROR, "Seek error." )
-ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." )
-ER2( PR_IN_PROGRESS_ERROR,
-"Operation is still in progress (probably a non-blocking connect)." )
-ER2( PR_ALREADY_INITIATED_ERROR,
-"Operation has already been initiated (probably a non-blocking connect)." )
-
-#ifdef PR_GROUP_EMPTY_ERROR
-ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." )
-#endif
-
-#ifdef PR_INVALID_STATE_ERROR
-ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." )
-#endif
-
-ER2( PR_MAX_ERROR, "Placeholder for the end of the list" )
diff --git a/security/nss/cmd/SSLsample/README b/security/nss/cmd/SSLsample/README
deleted file mode 100644
index 2c4c09110..000000000
--- a/security/nss/cmd/SSLsample/README
+++ /dev/null
@@ -1,43 +0,0 @@
-These sample programs can be built in either of two ways:
-1) is the NSS source tree, using the coreconf build system, and
-2) stand alone (as part of the NSS distribution).
-
-The following makefiles are used only when building in the NSS source tree
-using coreconf. These are NOT part of the distribution.
-
-Makefile
-client.mn
-server.mn
-config.mk
-make.client
-make.server
-
-The following makefiles are used only when building in the NSS distribution.
-These files are part of the distribution.
-
-Makefile.NSS
-nmakefile95.nss
-nmakefilent.nss
-
-
-The following source files are common to both build environments and are
-part of the distribution.
-
-NSPRerrs.h
-SECerrs.h
-SSLerrs.h
-client.c
-getopt.c
-server.c
-sslerror.h
-
-In the NSS 2.0 distribution, the sample code and makefiles are in a
-directory named "samples". The directories relevant to building
-in the distributed tree are:
-
-./samples
-./include/dbm
-./include/nspr
-./include/security
-./lib
-
diff --git a/security/nss/cmd/SSLsample/SECerrs.h b/security/nss/cmd/SSLsample/SECerrs.h
deleted file mode 100644
index 2059df6a2..000000000
--- a/security/nss/cmd/SSLsample/SECerrs.h
+++ /dev/null
@@ -1,441 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* General security error codes */
-/* Caller must #include "secerr.h" */
-
-ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0,
-"An I/O error occurred during security authorization.")
-
-ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1,
-"security library failure.")
-
-ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2,
-"security library: received bad data.")
-
-ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3,
-"security library: output length error.")
-
-ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4,
-"security library has experienced an input length error.")
-
-ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5,
-"security library: invalid arguments.")
-
-ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6,
-"security library: invalid algorithm.")
-
-ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7,
-"security library: invalid AVA.")
-
-ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8,
-"Improperly formatted time string.")
-
-ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9,
-"security library: improperly formatted DER-encoded message.")
-
-ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10,
-"Peer's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11,
-"Peer's Certificate has expired.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12,
-"Peer's Certificate has been revoked.")
-
-ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13,
-"Peer's Certificate issuer is not recognized.")
-
-ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14,
-"Peer's public key is invalid.")
-
-ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15,
-"The security password entered is incorrect.")
-
-ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16,
-"New password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17,
-"security library: no nodelock.")
-
-ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18,
-"security library: bad database.")
-
-ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19,
-"security library: memory allocation failure.")
-
-ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20,
-"Peer's certificate issuer has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21,
-"Peer's certificate has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22),
-"Certificate already exists in your database.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23),
-"Downloaded certificate's name duplicates one already in your database.")
-
-ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24),
-"Error adding certificate to database.")
-
-ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25),
-"Error refiling the key for this certificate.")
-
-ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26),
-"The private key for this certificate cannot be found in key database")
-
-ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27),
-"This certificate is valid.")
-
-ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28),
-"This certificate is not valid.")
-
-ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29),
-"Cert Library: No Response")
-
-ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30),
-"The certificate issuer's certificate has expired. Check your system date and time.")
-
-ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31),
-"The CRL for the certificate's issuer has expired. Update it or check your system data and time.")
-
-ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32),
-"The CRL for the certificate's issuer has an invalid signature.")
-
-ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33),
-"New CRL has an invalid format.")
-
-ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34),
-"Certificate extension value is invalid.")
-
-ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35),
-"Certificate extension not found.")
-
-ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36),
-"Issuer certificate is invalid.")
-
-ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37),
-"Certificate path length constraint is invalid.")
-
-ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38),
-"Certificate usages field is invalid.")
-
-ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39),
-"**Internal ONLY module**")
-
-ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40),
-"The key does not support the requested operation.")
-
-ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41),
-"Certificate contains unknown critical extension.")
-
-ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42),
-"New CRL is not later than the current one.")
-
-ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43),
-"Not encrypted or signed: you do not yet have an email certificate.")
-
-ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44),
-"Not encrypted: you do not have certificates for each of the recipients.")
-
-ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45),
-"Cannot decrypt: you are not a recipient, or matching certificate and \
-private key not found.")
-
-ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46),
-"Cannot decrypt: key encryption algorithm does not match your certificate.")
-
-ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47),
-"Signature verification failed: no signer found, too many signers found, \
-or improper or corrupted data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48),
-"Unsupported or unknown key algorithm.")
-
-ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49),
-"Cannot decrypt: encrypted using a disallowed algorithm or key size.")
-
-
-/* Fortezza Alerts */
-ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50),
-"Fortezza card has not been properly initialized. \
-Please remove it and return it to your issuer.")
-
-ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51),
-"No Fortezza cards Found")
-
-ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52),
-"No Fortezza card selected")
-
-ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53),
-"Please select a personality to get more info on")
-
-ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54),
-"Personality not found")
-
-ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55),
-"No more information on that Personality")
-
-ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56),
-"Invalid Pin")
-
-ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57),
-"Couldn't initialize Fortezza personalities.")
-/* end fortezza alerts. */
-
-ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58),
-"No KRL for this site's certificate has been found.")
-
-ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59),
-"The KRL for this site's certificate has expired.")
-
-ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60),
-"The KRL for this site's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61),
-"The key for this site's certificate has been revoked.")
-
-ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62),
-"New KRL has an invalid format.")
-
-ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63),
-"security library: need random data.")
-
-ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64),
-"security library: no security module can perform the requested operation.")
-
-ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65),
-"The security card or token does not exist, needs to be initialized, or has been removed.")
-
-ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66),
-"security library: read-only database.")
-
-ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67),
-"No slot or token was selected.")
-
-ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68),
-"A certificate with the same nickname already exists.")
-
-ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69),
-"A key with the same nickname already exists.")
-
-ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70),
-"error while creating safe object")
-
-ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71),
-"error while creating baggage object")
-
-ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72),
-"Couldn't remove the principal")
-
-ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73),
-"Couldn't delete the privilege")
-
-ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74),
-"This principal doesn't have a certificate")
-
-ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75),
-"Required algorithm is not allowed.")
-
-ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76),
-"Error attempting to export certificates.")
-
-ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77),
-"Error attempting to import certificates.")
-
-ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78),
-"Unable to import. Decoding error. File not valid.")
-
-ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79),
-"Unable to import. Invalid MAC. Incorrect password or corrupt file.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80),
-"Unable to import. MAC algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81),
-"Unable to import. Only password integrity and privacy modes supported.")
-
-ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82),
-"Unable to import. File structure is corrupt.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83),
-"Unable to import. Encryption algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84),
-"Unable to import. File version not supported.")
-
-ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85),
-"Unable to import. Incorrect privacy password.")
-
-ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86),
-"Unable to import. Same nickname already exists in database.")
-
-ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87),
-"The user pressed cancel.")
-
-ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88),
-"Not imported, already in database.")
-
-ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89),
-"Message not sent.")
-
-ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90),
-"Certificate key usage inadequate for attempted operation.")
-
-ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91),
-"Certificate type not approved for application.")
-
-ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92),
-"Address in signing certificate does not match address in message headers.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93),
-"Unable to import. Error attempting to import private key.")
-
-ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94),
-"Unable to import. Error attempting to import certificate chain.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95),
-"Unable to export. Unable to locate certificate or key by nickname.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96),
-"Unable to export. Private Key could not be located and exported.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97),
-"Unable to export. Unable to write the export file.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98),
-"Unable to import. Unable to read the import file.")
-
-ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99),
-"Unable to export. Key database corrupt or deleted.")
-
-ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100),
-"Unable to generate public/private key pair.")
-
-ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101),
-"Password entered is invalid. Please pick a different one.")
-
-ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102),
-"Old password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103),
-"Certificate nickname already in use.")
-
-ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104),
-"Peer FORTEZZA chain has a non-FORTEZZA Certificate.")
-
-/* ER3(SEC_ERROR_UNKNOWN, (SEC_ERROR_BASE + 105), */
-
-ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106),
-"Invalid module name.")
-
-ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107),
-"Invalid module path/filename")
-
-ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108),
-"Unable to add module")
-
-ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109),
-"Unable to delete module")
-
-ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110),
-"New KRL is not later than the current one.")
-
-ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111),
-"New CKL has different issuer than current CKL. Delete current CKL.")
-
-ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112),
-"The Certifying Authority for this certificate is not permitted to issue a \
-certificate with this name.")
-
-ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113),
-"The key revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114),
-"The certificate revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115),
-"The requested certificate could not be found.")
-
-ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116),
-"The signer's certificate could not be found.")
-
-ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117),
-"The location for the certificate status server has invalid format.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118),
-"The OCSP response cannot be fully decoded; it is of an unknown type.")
-
-ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119),
-"The OCSP server returned unexpected/invalid HTTP data.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120),
-"The OCSP server found the request to be corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121),
-"The OCSP server experienced an internal error.")
-
-ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122),
-"The OCSP server suggests trying again later.")
-
-ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123),
-"The OCSP server requires a signature on this request.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124),
-"The OCSP server has refused this request as unauthorized.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125),
-"The OCSP server returned an unrecognizable status.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126),
-"The OCSP server has no status for the certificate.")
-
-ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127),
-"You must enable OCSP before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128),
-"You must set the OCSP default responder before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129),
-"The response from the OCSP server was corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130),
-"The signer of the OCSP response is not authorized to give status for \
-this certificate.")
-
-ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131),
-"The OCSP response is not yet valid (contains a date in the future).")
-
-ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132),
-"The OCSP response contains out-of-date information.")
diff --git a/security/nss/cmd/SSLsample/SSLerrs.h b/security/nss/cmd/SSLsample/SSLerrs.h
deleted file mode 100644
index 06803b849..000000000
--- a/security/nss/cmd/SSLsample/SSLerrs.h
+++ /dev/null
@@ -1,366 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* SSL-specific security error codes */
-/* caller must include "sslerr.h" */
-
-ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
-"Unable to communicate securely. Peer does not support high-grade encryption.")
-
-ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
-"Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
-
-ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
-"Cannot communicate securely with peer: no common encryption algorithm(s).")
-
-ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
-"Unable to find the certificate or key necessary for authentication.")
-
-ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
-"Unable to communicate securely with peer: peers's certificate was rejected.")
-
-/* unused (SSL_ERROR_BASE + 5),*/
-
-ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
-"The server has encountered bad data from the client.")
-
-ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
-"The client has encountered bad data from the server.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
-"Unsupported certificate type.")
-
-ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
-"Peer using unsupported version of security protocol.")
-
-/* unused (SSL_ERROR_BASE + 10),*/
-
-ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
-"Client authentication failed: private key in key database does not match public key in certificate database.")
-
-ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
-"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
-
-/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13),
- defined in sslerr.h
-*/
-
-ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
-"Peer only supports SSL version 2, which is locally disabled.")
-
-
-ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
-"SSL received a record with an incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
-"SSL peer reports incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
-"SSL peer cannot verify your certificate.")
-
-ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
-"SSL peer rejected your certificate as revoked.")
-
-ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
-"SSL peer rejected your certificate as expired.")
-
-ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
-"Cannot connect: SSL is disabled.")
-
-ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
-"Cannot connect: SSL peer is in another FORTEZZA domain.")
-
-
-ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22),
-"An unknown SSL cipher suite has been requested.")
-
-ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23),
-"No cipher suites are present and enabled in this program.")
-
-ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24),
-"SSL received a record with bad block padding.")
-
-ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25),
-"SSL received a record that exceeded the maximum permissible length.")
-
-ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26),
-"SSL attempted to send a record that exceeded the maximum permissible length.")
-
-/*
- * Received a malformed (too long or short or invalid content) SSL handshake.
- */
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27),
-"SSL received a malformed Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28),
-"SSL received a malformed Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29),
-"SSL received a malformed Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30),
-"SSL received a malformed Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31),
-"SSL received a malformed Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32),
-"SSL received a malformed Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33),
-"SSL received a malformed Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34),
-"SSL received a malformed Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35),
-"SSL received a malformed Client Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36),
-"SSL received a malformed Finished handshake message.")
-
-/*
- * Received a malformed (too long or short) SSL record.
- */
-ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37),
-"SSL received a malformed Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38),
-"SSL received a malformed Alert record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39),
-"SSL received a malformed Handshake record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
-"SSL received a malformed Application Data record.")
-
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41),
-"SSL received an unexpected Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42),
-"SSL received an unexpected Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43),
-"SSL received an unexpected Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44),
-"SSL received an unexpected Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
-"SSL received an unexpected Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46),
-"SSL received an unexpected Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47),
-"SSL received an unexpected Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48),
-"SSL received an unexpected Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
-"SSL received an unexpected Cllient Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50),
-"SSL received an unexpected Finished handshake message.")
-
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51),
-"SSL received an unexpected Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52),
-"SSL received an unexpected Alert record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53),
-"SSL received an unexpected Handshake record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
-"SSL received an unexpected Application Data record.")
-
-/*
- * Received record/message with unknown discriminant.
- */
-ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55),
-"SSL received a record with an unknown content type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56),
-"SSL received a handshake message with an unknown message type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57),
-"SSL received an alert record with an unknown alert description.")
-
-/*
- * Received an alert reporting what we did wrong. (more alerts above)
- */
-ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58),
-"SSL peer has closed this connection.")
-
-ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59),
-"SSL peer was not expecting a handshake message it received.")
-
-ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60),
-"SSL peer was unable to succesfully decompress an SSL record it received.")
-
-ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61),
-"SSL peer was unable to negotiate an acceptable set of security parameters.")
-
-ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62),
-"SSL peer rejected a handshake message for unacceptable content.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63),
-"SSL peer does not support certificates of the type it received.")
-
-ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64),
-"SSL peer had some unspecified issue with the certificate it received.")
-
-
-ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65),
-"SSL experienced a failure of its random number generator.")
-
-ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66),
-"Unable to digitally sign data required to verify your certificate.")
-
-ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67),
-"SSL was unable to extract the public key from the peer's certificate.")
-
-ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68),
-"Unspecified failure while processing SSL Server Key Exchange handshake.")
-
-ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69),
-"Unspecified failure while processing SSL Client Key Exchange handshake.")
-
-ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70),
-"Bulk data encryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71),
-"Bulk data decryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72),
-"Attempt to write encrypted data to underlying socket failed.")
-
-ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73),
-"MD5 digest function failed.")
-
-ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74),
-"SHA-1 digest function failed.")
-
-ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75),
-"MAC computation failed.")
-
-ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76),
-"Failure to create Symmetric Key context.")
-
-ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77),
-"Failure to unwrap the Symmetric key in Client Key Exchange message.")
-
-ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78),
-"SSL Server attempted to use domestic-grade public key with export cipher suite.")
-
-ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79),
-"PKCS11 code failed to translate an IV into a param.")
-
-ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80),
-"Failed to initialize the selected cipher suite.")
-
-ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81),
-"Client failed to generate session keys for SSL session.")
-
-ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82),
-"Server has no key for the attempted key exchange algorithm.")
-
-ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83),
-"PKCS#11 token was inserted or removed while operation was in progress.")
-
-ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84),
-"No PKCS#11 token could be found to do a required operation.")
-
-ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85),
-"Cannot communicate securely with peer: no common compression algorithm(s).")
-
-ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86),
-"Cannot initiate another SSL handshake until current handshake is complete.")
-
-ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87),
-"Received incorrect handshakes hash values from peer.")
-
-ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88),
-"The certificate provided cannot be used with the selected key exchange algorithm.")
-
-ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89),
-"No certificate authority is trusted for SSL client authentication.")
-
-ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90),
-"Client's SSL session ID not found in server's session cache.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91),
-"Peer was unable to decrypt an SSL record it received.")
-
-ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92),
-"Peer received an SSL record that was longer than is permitted.")
-
-ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93),
-"Peer does not recognize and trust the CA that issued your certificate.")
-
-ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94),
-"Peer received a valid certificate, but access was denied.")
-
-ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95),
-"Peer could not decode an SSL handshake message.")
-
-ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96),
-"Peer reports failure of signature verification or key exchange.")
-
-ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97),
-"Peer reports negotiation not in compliance with export regulations.")
-
-ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98),
-"Peer reports incompatible or unsupported protocol version.")
-
-ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
-"Server requires ciphers more secure than those supported by client.")
-
-ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100),
-"Peer reports it experienced an internal error.")
-
-ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101),
-"Peer user canceled handshake.")
-
-ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102),
-"Peer does not permit renegotiation of SSL security parameters.")
-
diff --git a/security/nss/cmd/SSLsample/client.c b/security/nss/cmd/SSLsample/client.c
deleted file mode 100644
index 0953faeae..000000000
--- a/security/nss/cmd/SSLsample/client.c
+++ /dev/null
@@ -1,451 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/****************************************************************************
- * SSL client program that sets up a connection to SSL server, transmits *
- * some data and then reads the reply *
- ****************************************************************************/
-
-#include <stdio.h>
-#include <string.h>
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "prerror.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-
-
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-
-#include "sslsample.h"
-
-#define RD_BUF_SIZE (60 * 1024)
-
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-GlobalThreadMgr threadMGR;
-char *certNickname = NULL;
-char *hostName = NULL;
-char *password = NULL;
-unsigned short port = 0;
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n"
- " [-w dbpasswd] [-C cipher(s)] hostname\n",
- progName);
- exit(1);
-}
-
-PRFileDesc *
-setupSSLSocket(PRNetAddr *addr)
-{
- PRFileDesc *tcpSocket;
- PRFileDesc *sslSocket;
- PRSocketOptionData socketOption;
- PRStatus prStatus;
- SECStatus secStatus;
-
-#if 0
-retry:
-#endif
-
- tcpSocket = PR_NewTCPSocket();
- if (tcpSocket == NULL) {
- errWarn("PR_NewTCPSocket");
- }
-
- /* Make the socket blocking. */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
-
- prStatus = PR_SetSocketOption(tcpSocket, &socketOption);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_SetSocketOption");
- goto loser;
- }
-
-#if 0
- /* Verify that a connection can be made to the socket. */
- prStatus = PR_Connect(tcpSocket, addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus != PR_SUCCESS) {
- PRErrorCode err = PR_GetError();
- if (err == PR_CONNECT_REFUSED_ERROR) {
- PR_Close(tcpSocket);
- PR_Sleep(PR_MillisecondsToInterval(10));
- fprintf(stderr, "Connection to port refused, retrying.\n");
- goto retry;
- }
- errWarn("PR_Connect");
- goto loser;
- }
-#endif
-
- /* Import the socket into the SSL layer. */
- sslSocket = SSL_ImportFD(NULL, tcpSocket);
- if (!sslSocket) {
- errWarn("SSL_ImportFD");
- goto loser;
- }
-
- /* Set configuration options. */
- secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_SECURITY");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_CLIENT");
- goto loser;
- }
-
- /* Set SSL callback routines. */
- secStatus = SSL_GetClientAuthDataHook(sslSocket,
- (SSLGetClientAuthData)myGetClientAuthData,
- (void *)certNickname);
- if (secStatus != SECSuccess) {
- errWarn("SSL_GetClientAuthDataHook");
- goto loser;
- }
-
- secStatus = SSL_AuthCertificateHook(sslSocket,
- (SSLAuthCertificate)myAuthCertificate,
- (void *)CERT_GetDefaultCertDB());
- if (secStatus != SECSuccess) {
- errWarn("SSL_AuthCertificateHook");
- goto loser;
- }
-
- secStatus = SSL_BadCertHook(sslSocket,
- (SSLBadCertHandler)myBadCertHandler, NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_BadCertHook");
- goto loser;
- }
-
- secStatus = SSL_HandshakeCallback(sslSocket,
- (SSLHandshakeCallback)myHandshakeCallback,
- NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- return sslSocket;
-
-loser:
-
- PR_Close(tcpSocket);
- return NULL;
-}
-
-
-const char requestString[] = {"GET /testfile HTTP/1.0\r\n\r\n" };
-
-SECStatus
-handle_connection(PRFileDesc *sslSocket, int connection)
-{
- int countRead = 0;
- PRInt32 numBytes;
- char *readBuffer;
-
- readBuffer = PORT_Alloc(RD_BUF_SIZE);
- if (!readBuffer) {
- exitErr("PORT_Alloc");
- }
-
- /* compose the http request here. */
-
- numBytes = PR_Write(sslSocket, requestString, strlen(requestString));
- if (numBytes <= 0) {
- errWarn("PR_Write");
- PR_Free(readBuffer);
- readBuffer = NULL;
- return SECFailure;
- }
-
- /* read until EOF */
- while (PR_TRUE) {
- numBytes = PR_Read(sslSocket, readBuffer, RD_BUF_SIZE);
- if (numBytes == 0) {
- break; /* EOF */
- }
- if (numBytes < 0) {
- errWarn("PR_Read");
- break;
- }
- countRead += numBytes;
- fprintf(stderr, "***** Connection %d read %d bytes (%d total).\n",
- connection, numBytes, countRead );
- readBuffer[numBytes] = '\0';
- fprintf(stderr, "************\n%s\n************\n", readBuffer);
- }
-
- printSecurityInfo(sslSocket);
-
- PR_Free(readBuffer);
- readBuffer = NULL;
-
- /* Caller closes the socket. */
-
- fprintf(stderr,
- "***** Connection %d read %d bytes total.\n",
- connection, countRead);
-
- return SECSuccess; /* success */
-}
-
-/* one copy of this function is launched in a separate thread for each
-** connection to be made.
-*/
-SECStatus
-do_connects(void *a, int connection)
-{
- PRNetAddr *addr = (PRNetAddr *)a;
- PRFileDesc *sslSocket;
- PRHostEnt hostEntry;
- char buffer[PR_NETDB_BUF_SIZE];
- PRStatus prStatus;
- PRIntn hostenum;
- SECStatus secStatus;
-
- /* Set up SSL secure socket. */
- sslSocket = setupSSLSocket(addr);
- if (sslSocket == NULL) {
- errWarn("setupSSLSocket");
- return SECFailure;
- }
-
- secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
- if (secStatus != SECSuccess) {
- errWarn("SSL_SetPKCS11PinArg");
- return secStatus;
- }
-
- secStatus = SSL_SetURL(sslSocket, hostName);
- if (secStatus != SECSuccess) {
- errWarn("SSL_SetURL");
- return secStatus;
- }
-
- /* Prepare and setup network connection. */
- prStatus = PR_GetHostByName(hostName, buffer, sizeof(buffer), &hostEntry);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_GetHostByName");
- return SECFailure;
- }
-
- hostenum = PR_EnumerateHostEnt(0, &hostEntry, port, addr);
- if (hostenum == -1) {
- errWarn("PR_EnumerateHostEnt");
- return SECFailure;
- }
-
- prStatus = PR_Connect(sslSocket, addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Connect");
- return SECFailure;
- }
-
- /* Established SSL connection, ready to send data. */
-#if 0
- secStatus = SSL_ForceHandshake(sslSocket);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ForceHandshake");
- return secStatus;
- }
-#endif
-
- secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_FALSE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- prStatus = PR_Close(sslSocket);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Close");
- }
- return secStatus;
- }
-
- secStatus = handle_connection(sslSocket, connection);
- if (secStatus != SECSuccess) {
- errWarn("handle_connection");
- return secStatus;
- }
-
- PR_Close(sslSocket);
- return SECSuccess;
-}
-
-void
-client_main(unsigned short port,
- int connections,
- const char * hostName)
-{
- int i;
- SECStatus secStatus;
- PRStatus prStatus;
- PRInt32 rv;
- PRNetAddr addr;
- PRHostEnt hostEntry;
- char buffer[256];
-
- /* Setup network connection. */
- prStatus = PR_GetHostByName(hostName, buffer, 256, &hostEntry);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_GetHostByName");
- }
-
- rv = PR_EnumerateHostEnt(0, &hostEntry, port, &addr);
- if (rv < 0) {
- exitErr("PR_EnumerateHostEnt");
- }
-
- secStatus = launch_thread(&threadMGR, do_connects, &addr, 1);
- if (secStatus != SECSuccess) {
- exitErr("launch_thread");
- }
-
- if (connections > 1) {
- /* wait for the first connection to terminate, then launch the rest. */
- reap_threads(&threadMGR);
- /* Start up the connections */
- for (i = 2; i <= connections; ++i) {
- secStatus = launch_thread(&threadMGR, do_connects, &addr, i);
- if (secStatus != SECSuccess) {
- errWarn("launch_thread");
- }
- }
- }
-
- reap_threads(&threadMGR);
- destroy_thread_data(&threadMGR);
-}
-
-int
-main(int argc, char **argv)
-{
- char * certDir = ".";
- char * progName = NULL;
- int connections = 1;
- char * cipherString = NULL;
- SECStatus secStatus;
- PLOptState * optstate;
- PLOptStatus status;
-
- /* Call the NSPR initialization routines */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- progName = PL_strdup(argv[0]);
-
- hostName = NULL;
- optstate = PL_CreateOptState(argc, argv, "C:c:d:n:p:w:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
- case 'C' : cipherString = PL_strdup(optstate->value); break;
- case 'c' : connections = PORT_Atoi(optstate->value); break;
- case 'd' : certDir = PL_strdup(optstate->value); break;
- case 'n' : certNickname = PL_strdup(optstate->value); break;
- case 'p' : port = PORT_Atoi(optstate->value); break;
- case 'w' : password = PL_strdup(optstate->value); break;
- case '\0': hostName = PL_strdup(optstate->value); break;
- default : Usage(progName);
- }
- }
-
- if (port == 0 || hostName == NULL)
- Usage(progName);
-
- if (certDir == NULL) {
- certDir = PR_smprintf("%s/.netscape", getenv("HOME"));
- }
-
- /* Set our password function callback. */
- PK11_SetPasswordFunc(myPasswd);
-
- /* Initialize the NSS libraries. */
- secStatus = NSS_Init(certDir);
- if (secStatus != SECSuccess) {
- exitErr("NSS_Init");
- }
-
- /* All cipher suites except RSA_NULL_MD5 are enabled by Domestic Policy. */
- NSS_SetDomesticPolicy();
- SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage(progName);
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SSL_CipherPrefSetDefault(cipher, PR_TRUE);
- }
- }
- }
-
- client_main(port, connections, hostName);
-
- NSS_Shutdown();
- PR_Cleanup();
- return 0;
-}
-
diff --git a/security/nss/cmd/SSLsample/client.mn b/security/nss/cmd/SSLsample/client.mn
deleted file mode 100644
index 74930c5e5..000000000
--- a/security/nss/cmd/SSLsample/client.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-EXPORTS =
-
-CSRCS = client.c \
- sslsample.c \
- $(NULL)
-
-PROGRAM = client
-
-REQUIRES = dbm
-
-IMPORTS = security/lib/nss
-
-DEFINES = -DNSPR20
-
diff --git a/security/nss/cmd/SSLsample/gencerts b/security/nss/cmd/SSLsample/gencerts
deleted file mode 100755
index 80be66a43..000000000
--- a/security/nss/cmd/SSLsample/gencerts
+++ /dev/null
@@ -1,79 +0,0 @@
-#!/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-# Script to generate sample db files neccessary for SSL.
-
-# Directory for db's, use in all subsequent -d flags.
-rm -rf SampleCertDBs
-mkdir SampleCertDBs
-
-# Password to use.
-echo sample > passfile
-
-# Generate the db files, using the above password.
-certutil -N -d SampleCertDBs -f passfile
-
-# Generate the CA cert. This cert is self-signed and only useful for
-# test purposes. Set the trust bits to allow it to sign SSL client/server
-# certs.
-certutil -S -n SampleRootCA -x -t "CTu,CTu,CTu" \
- -s "CN=My Sample Root CA, O=My Organization" \
- -m 25000 -o ./SampleCertDBs/SampleRootCA.crt \
- -d SampleCertDBs -f passfile
-
-# Generate the server cert. This cert is signed by the CA cert generated
-# above. The CN must be hostname.domain.[com|org|net|...].
-certutil -S -n SampleSSLServerCert -c SampleRootCA -t "u,u,u" \
- -s "CN=$HOSTNAME.$MYDOMAIN, O=$HOSTNAME Corp." \
- -m 25001 -o ./SampleCertDBs/SampleSSLServer.crt \
- -d SampleCertDBs -f passfile
-
-# Generate the client cert. This cert is signed by the CA cert generated
-# above.
-certutil -S -n SampleSSLClientCert -c SampleRootCA -t "u,u,u" \
- -s "CN=My Client Cert, O=Client Organization" \
- -m 25002 -o ./SampleCertDBs/SampleSSLClient.crt \
- -d SampleCertDBs -f passfile
-
-# Verify the certificates.
-certutil -V -u V -n SampleSSLServerCert -d SampleCertDBs
-certutil -V -u C -n SampleSSLClientCert -d SampleCertDBs
-
-# Remove unneccessary files.
-rm -f passfile
-rm -f tempcert*
-
-# You are now ready to run your client/server! Example command lines:
-# server -n SampleSSLServerCert -p 8080 -d SampleCertDBs -w sample -c e -R
-# client -n SampleSSLClientCert -p 8080 -d SampleCertDBs -w sample -c 2 trane.mcom.com
diff --git a/security/nss/cmd/SSLsample/make.client b/security/nss/cmd/SSLsample/make.client
deleted file mode 100644
index 3dd7705e3..000000000
--- a/security/nss/cmd/SSLsample/make.client
+++ /dev/null
@@ -1,78 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include client.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-#CC = cc
-
-
diff --git a/security/nss/cmd/SSLsample/make.server b/security/nss/cmd/SSLsample/make.server
deleted file mode 100644
index 7969df798..000000000
--- a/security/nss/cmd/SSLsample/make.server
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include server.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/cmd/SSLsample/nmakefile95.nss b/security/nss/cmd/SSLsample/nmakefile95.nss
deleted file mode 100755
index 5684478cd..000000000
--- a/security/nss/cmd/SSLsample/nmakefile95.nss
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# NSS 2.6.2 Sample Win95 Makefile
-#
-#
-# This nmake file will build server.c and client.c on Windows 95.
-#
-
-DEFINES=-D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS
-
-INCPATH=/I. /I..\include\dbm /I..\include\nspr /I..\include\security
-
-LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib
-
-CFLAGS=-O2 -MD -W3 -nologo
-
-CC=cl
-
-LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console
-
-server:
- $(CC) $(CFLAGS) $(INCPATH) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS)
-
-client:
- $(CC) $(CFLAGS) $(INCPATH) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(LDOPTIONS)
-
-clean:
- del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj
-
diff --git a/security/nss/cmd/SSLsample/nmakefilent.nss b/security/nss/cmd/SSLsample/nmakefilent.nss
deleted file mode 100755
index 9d2d1ccc4..000000000
--- a/security/nss/cmd/SSLsample/nmakefilent.nss
+++ /dev/null
@@ -1,59 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# NSS 2.6.2 Sample NT Makefile
-#
-#
-# This nmake file will build server.c and client.c on Windows NT 4 SP3.
-#
-
-DEFINES=-D_X86_ -GT -DWINNT -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG -DWIN32 -D_WINDOWS
-INCPATH=-I. -I..\include\dbm -I..\include\nspr -I..\include\security
-
-LIBS=nss.lib ssl.lib pkcs7.lib pkcs12.lib secmod.lib cert.lib key.lib crypto.lib secutil.lib hash.lib dbm.lib libplc3.lib libplds3.lib libnspr3.lib wsock32.lib
-
-CFLAGS=-O2 -MD -W3 -nologo
-
-CC=cl
-
-LDOPTIONS=/link /LIBPATH:..\lib /nodefaultlib:libcd.lib /subsystem:console
-
-server:
- $(CC) $(CFLAGS) /Feserver server.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS)
-
-client:
- $(CC) $(CFLAGS) /Feclient client.c getopt.c $(LIBS) $(DEFINES) $(INCPATH) $(LDOPTIONS)
-
-clean:
- del /S server.exe client.exe server.lib server.exp client.lib client.exp server.obj client.obj getopt.obj
-
diff --git a/security/nss/cmd/SSLsample/server.c b/security/nss/cmd/SSLsample/server.c
deleted file mode 100644
index 83d80fb45..000000000
--- a/security/nss/cmd/SSLsample/server.c
+++ /dev/null
@@ -1,820 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/****************************************************************************
- * SSL server program listens on a port, accepts client connection, reads *
- * request and responds to it *
- ****************************************************************************/
-
-/* Generic header files */
-
-#include <stdio.h>
-#include <string.h>
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secrng.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-#include "sslsample.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#define REQUEST_CERT_ONCE 1
-#define REQUIRE_CERT_ONCE 2
-#define REQUEST_CERT_ALL 3
-#define REQUIRE_CERT_ALL 4
-
-/* Global variables */
-GlobalThreadMgr threadMGR;
-char *password = NULL;
-CERTCertificate *cert = NULL;
-SECKEYPrivateKey *privKey = NULL;
-int stopping;
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
-
-"Usage: %s -n rsa_nickname -p port [-3RFrf] [-w password]\n"
-" [-c ciphers] [-d dbdir] \n"
-"-3 means disable SSL v3\n"
-"-r means request certificate on first handshake.\n"
-"-f means require certificate on first handshake.\n"
-"-R means request certificate on all handshakes.\n"
-"-F means require certificate on all handshakes.\n"
-"-c ciphers Letter(s) chosen from the following list\n"
-"A SSL2 RC4 128 WITH MD5\n"
-"B SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C SSL2 RC2 128 CBC WITH MD5\n"
-"D SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E SSL2 DES 64 CBC WITH MD5\n"
-"F SSL2 DES 192 EDE3 CBC WITH MD5\n"
-"\n"
-"a SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
-"b SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"
-"c SSL3 RSA WITH RC4 128 MD5\n"
-"d SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e SSL3 RSA WITH DES CBC SHA\n"
-"f SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"h SSL3 FORTEZZA DMS WITH NULL SHA\n"
-"i SSL3 RSA WITH NULL MD5\n"
-"j SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n",
- progName);
- exit(1);
-}
-
-/* Function: readDataFromSocket()
- *
- * Purpose: Parse an HTTP request by reading data from a GET or POST.
- *
- */
-SECStatus
-readDataFromSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char **fileName)
-{
- char *post;
- int numBytes = 0;
- int newln = 0; /* # of consecutive newlns */
-
- /* Read data while it comes in from the socket. */
- while (PR_TRUE) {
- buffer->index = 0;
- newln = 0;
-
- /* Read the buffer. */
- numBytes = PR_Read(sslSocket, &buffer->data[buffer->index],
- buffer->remaining);
- if (numBytes <= 0) {
- errWarn("PR_Read");
- return SECFailure;
- }
- buffer->dataEnd = buffer->dataStart + numBytes;
-
- /* Parse the input, starting at the beginning of the buffer.
- * Stop when we detect two consecutive \n's (or \r\n's)
- * as this signifies the end of the GET or POST portion.
- * The posted data follows.
- */
- while (buffer->index < buffer->dataEnd && newln < 2) {
- int octet = buffer->data[buffer->index++];
- if (octet == '\n') {
- newln++;
- } else if (octet != '\r') {
- newln = 0;
- }
- }
-
- /* Came to the end of the buffer, or second newline.
- * If we didn't get an empty line ("\r\n\r\n"), then keep on reading.
- */
- if (newln < 2)
- continue;
-
- /* we're at the end of the HTTP request.
- * If the request is a POST, then there will be one more
- * line of data.
- * This parsing is a hack, but ok for SSL test purposes.
- */
- post = PORT_Strstr(buffer->data, "POST ");
- if (!post || *post != 'P')
- break;
-
- /* It's a post, so look for the next and final CR/LF. */
- /* We should parse content length here, but ... */
- while (buffer->index < buffer->dataEnd && newln < 3) {
- int octet = buffer->data[buffer->index++];
- if (octet == '\n') {
- newln++;
- }
- }
-
- if (newln == 3)
- break;
- }
-
- /* Have either (a) a complete get, (b) a complete post, (c) EOF */
-
- /* Execute a "GET " operation. */
- if (buffer->index > 0 && PORT_Strncmp(buffer->data, "GET ", 4) == 0) {
- int fnLength;
-
- /* File name is the part after "GET ". */
- fnLength = strcspn(buffer->data + 5, " \r\n");
- *fileName = (char *)PORT_Alloc(fnLength + 1);
- PORT_Strncpy(*fileName, buffer->data + 5, fnLength);
- (*fileName)[fnLength] = '\0';
- }
-
- return SECSuccess;
-}
-
-/* Function: authenticateSocket()
- *
- * Purpose: Configure a socket for SSL.
- *
- *
- */
-PRFileDesc *
-setupSSLSocket(PRFileDesc *tcpSocket, int requestCert)
-{
- PRFileDesc *sslSocket;
- SSLKEAType certKEA;
- int certErr = 0;
- SECStatus secStatus;
-
- /* Set the appropriate flags. */
-
- sslSocket = SSL_ImportFD(NULL, tcpSocket);
- if (sslSocket == NULL) {
- errWarn("SSL_ImportFD");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_SECURITY, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet SSL_SECURITY");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_HANDSHAKE_AS_SERVER, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_HANDSHAKE_AS_SERVER");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE,
- (requestCert >= REQUEST_CERT_ONCE));
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
- goto loser;
- }
-
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE,
- (requestCert == REQUIRE_CERT_ONCE));
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
- goto loser;
- }
-
- /* Set the appropriate callback routines. */
-
- secStatus = SSL_AuthCertificateHook(sslSocket, myAuthCertificate,
- CERT_GetDefaultCertDB());
- if (secStatus != SECSuccess) {
- errWarn("SSL_AuthCertificateHook");
- goto loser;
- }
-
- secStatus = SSL_BadCertHook(sslSocket,
- (SSLBadCertHandler)myBadCertHandler, &certErr);
- if (secStatus != SECSuccess) {
- errWarn("SSL_BadCertHook");
- goto loser;
- }
-
- secStatus = SSL_HandshakeCallback(sslSocket,
- (SSLHandshakeCallback)myHandshakeCallback,
- NULL);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- secStatus = SSL_SetPKCS11PinArg(sslSocket, password);
- if (secStatus != SECSuccess) {
- errWarn("SSL_HandshakeCallback");
- goto loser;
- }
-
- certKEA = NSS_FindCertKEAType(cert);
-
- secStatus = SSL_ConfigSecureServer(sslSocket, cert, privKey, certKEA);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ConfigSecureServer");
- goto loser;
- }
-
- return sslSocket;
-
-loser:
-
- PR_Close(tcpSocket);
- return NULL;
-}
-
-/* Function: authenticateSocket()
- *
- * Purpose: Perform client authentication on the socket.
- *
- */
-SECStatus
-authenticateSocket(PRFileDesc *sslSocket, PRBool requireCert)
-{
- CERTCertificate *cert;
- SECStatus secStatus;
-
- /* Returns NULL if client authentication is not enabled or if the
- * client had no certificate. */
- cert = SSL_PeerCertificate(sslSocket);
- if (cert) {
- /* Client had a certificate, so authentication is through. */
- CERT_DestroyCertificate(cert);
- return SECSuccess;
- }
-
- /* Request client to authenticate itself. */
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUEST_CERTIFICATE, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUEST_CERTIFICATE");
- return SECFailure;
- }
-
- /* If desired, require client to authenticate itself. Note
- * SSL_REQUEST_CERTIFICATE must also be on, as above. */
- secStatus = SSL_OptionSet(sslSocket, SSL_REQUIRE_CERTIFICATE, requireCert);
- if (secStatus != SECSuccess) {
- errWarn("SSL_OptionSet:SSL_REQUIRE_CERTIFICATE");
- return SECFailure;
- }
-
- /* Having changed socket configuration parameters, redo handshake. */
- secStatus = SSL_ReHandshake(sslSocket, PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ReHandshake");
- return SECFailure;
- }
-
- /* Force the handshake to complete before moving on. */
- secStatus = SSL_ForceHandshake(sslSocket);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ForceHandshake");
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/* Function: writeDataToSocket
- *
- * Purpose: Write the client's request back to the socket. If the client
- * requested a file, dump it to the socket.
- *
- */
-SECStatus
-writeDataToSocket(PRFileDesc *sslSocket, DataBuffer *buffer, char *fileName)
-{
- int headerLength;
- int numBytes;
- char messageBuffer[120];
- PRFileDesc *local_file_fd = NULL;
- char header[] = "<html><body><h1>Sample SSL server</h1><br><br>";
- char filehd[] = "<h2>The file you requested:</h2><br>";
- char reqhd[] = "<h2>This is your request:</h2><br>";
- char link[] = "Try getting a <a HREF=\"../testfile\">file</a><br>";
- char footer[] = "<br><h2>End of request.</h2><br></body></html>";
-
- headerLength = PORT_Strlen(defaultHeader);
-
- /* Write a header to the socket. */
- numBytes = PR_Write(sslSocket, header, PORT_Strlen(header));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- if (fileName) {
- PRFileInfo info;
- PRStatus prStatus;
-
- /* Try to open the local file named.
- * If successful, then write it to the client.
- */
- prStatus = PR_GetFileInfo(fileName, &info);
- if (prStatus != PR_SUCCESS ||
- info.type != PR_FILE_FILE ||
- info.size < 0) {
- PORT_Free(fileName);
- /* Maybe a GET not sent from client.c? */
- goto writerequest;
- }
-
- local_file_fd = PR_Open(fileName, PR_RDONLY, 0);
- if (local_file_fd == NULL) {
- PORT_Free(fileName);
- goto writerequest;
- }
-
- /* Write a header to the socket. */
- numBytes = PR_Write(sslSocket, filehd, PORT_Strlen(filehd));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Transmit the local file prepended by the default header
- * across the socket.
- */
- numBytes = PR_TransmitFile(sslSocket, local_file_fd,
- defaultHeader, headerLength,
- PR_TRANSMITFILE_KEEP_OPEN,
- PR_INTERVAL_NO_TIMEOUT);
-
- /* Error in transmission. */
- if (numBytes < 0) {
- errWarn("PR_TransmitFile");
- /*
- i = PORT_Strlen(errString);
- PORT_Memcpy(buf, errString, i);
- */
- /* Transmitted bytes successfully. */
- } else {
- numBytes -= headerLength;
- fprintf(stderr, "PR_TransmitFile wrote %d bytes from %s\n",
- numBytes, fileName);
- }
-
- PORT_Free(fileName);
- PR_Close(local_file_fd);
- }
-
-writerequest:
-
- /* Write a header to the socket. */
- numBytes = PR_Write(sslSocket, reqhd, PORT_Strlen(reqhd));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Write the buffer data to the socket. */
- if (buffer->index <= 0) {
- /* Reached the EOF. Report incomplete transaction to socket. */
- PORT_Sprintf(messageBuffer,
- "GET or POST incomplete after %d bytes.\r\n",
- buffer->dataEnd);
- numBytes = PR_Write(sslSocket, messageBuffer,
- PORT_Strlen(messageBuffer));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
- } else {
- /* Display the buffer data. */
- fwrite(buffer->data, 1, buffer->index, stdout);
- /* Write the buffer data to the socket. */
- numBytes = PR_Write(sslSocket, buffer->data, buffer->index);
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
- /* Display security information for the socket. */
- printSecurityInfo(sslSocket);
- /* Write any discarded data out to the socket. */
- if (buffer->index < buffer->dataEnd) {
- PORT_Sprintf(buffer->data, "Discarded %d characters.\r\n",
- buffer->dataEnd - buffer->index);
- numBytes = PR_Write(sslSocket, buffer->data,
- PORT_Strlen(buffer->data));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
- }
- }
-
- /* Write a footer to the socket. */
- numBytes = PR_Write(sslSocket, footer, PORT_Strlen(footer));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Write a link to the socket. */
- numBytes = PR_Write(sslSocket, link, PORT_Strlen(link));
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Complete the HTTP transaction. */
- numBytes = PR_Write(sslSocket, "EOF\r\n\r\n\r\n", 9);
- if (numBytes < 0) {
- errWarn("PR_Write");
- goto loser;
- }
-
- /* Do a nice shutdown if asked. */
- if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
- stopping = 1;
- }
- return SECSuccess;
-
-loser:
-
- /* Do a nice shutdown if asked. */
- if (!strncmp(buffer->data, stopCmd, strlen(stopCmd))) {
- stopping = 1;
- }
- return SECFailure;
-}
-
-/* Function: int handle_connection()
- *
- * Purpose: Thread to handle a connection to a socket.
- *
- */
-SECStatus
-handle_connection(void *tcp_sock, int requestCert)
-{
- PRFileDesc * tcpSocket = (PRFileDesc *)tcp_sock;
- PRFileDesc * sslSocket = NULL;
- SECStatus secStatus = SECFailure;
- PRStatus prStatus;
- PRSocketOptionData socketOption;
- DataBuffer buffer;
- char * fileName = NULL;
-
- /* Initialize the data buffer. */
- memset(buffer.data, 0, BUFFER_SIZE);
- buffer.remaining = BUFFER_SIZE;
- buffer.index = 0;
- buffer.dataStart = 0;
- buffer.dataEnd = 0;
-
- /* Make sure the socket is blocking. */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
- PR_SetSocketOption(tcpSocket, &socketOption);
-
- sslSocket = setupSSLSocket(tcpSocket, requestCert);
- if (sslSocket == NULL) {
- errWarn("setupSSLSocket");
- goto cleanup;
- }
-
- secStatus = SSL_ResetHandshake(sslSocket, /* asServer */ PR_TRUE);
- if (secStatus != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- goto cleanup;
- }
-
- /* Read data from the socket, parse it for HTTP content.
- * If the user is requesting/requiring authentication, authenticate
- * the socket. Then write the result back to the socket. */
- fprintf(stdout, "\nReading data from socket...\n\n");
- secStatus = readDataFromSocket(sslSocket, &buffer, &fileName);
- if (secStatus != SECSuccess) {
- goto cleanup;
- }
- if (requestCert >= REQUEST_CERT_ALL) {
- fprintf(stdout, "\nAuthentication requested.\n\n");
- secStatus = authenticateSocket(sslSocket,
- (requestCert == REQUIRE_CERT_ALL));
- if (secStatus != SECSuccess) {
- goto cleanup;
- }
- }
-
- fprintf(stdout, "\nWriting data to socket...\n\n");
- secStatus = writeDataToSocket(sslSocket, &buffer, fileName);
-
-cleanup:
-
- /* Close down the socket. */
- prStatus = PR_Close(tcpSocket);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_Close");
- }
-
- return secStatus;
-}
-
-/* Function: int accept_connection()
- *
- * Purpose: Thread to accept a connection to the socket.
- *
- */
-SECStatus
-accept_connection(void *listener, int requestCert)
-{
- PRFileDesc *listenSocket = (PRFileDesc*)listener;
- PRNetAddr addr;
- PRStatus prStatus;
-
- /* XXX need an SSL socket here? */
- while (!stopping) {
- PRFileDesc *tcpSocket;
- SECStatus result;
-
- fprintf(stderr, "\n\n\nAbout to call accept.\n");
-
- /* Accept a connection to the socket. */
- tcpSocket = PR_Accept(listenSocket, &addr, PR_INTERVAL_NO_TIMEOUT);
- if (tcpSocket == NULL) {
- errWarn("PR_Accept");
- break;
- }
-
- /* Accepted the connection, now handle it. */
- result = launch_thread(&threadMGR, handle_connection,
- tcpSocket, requestCert);
-
- if (result != SECSuccess) {
- prStatus = PR_Close(tcpSocket);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Close");
- }
- break;
- }
- }
-
- fprintf(stderr, "Closing listen socket.\n");
-
- prStatus = PR_Close(listenSocket);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Close");
- }
- return SECSuccess;
-}
-
-/* Function: void server_main()
- *
- * Purpose: This is the server's main function. It configures a socket
- * and listens to it.
- *
- */
-void
-server_main(
- unsigned short port,
- int requestCert,
- SECKEYPrivateKey * privKey,
- CERTCertificate * cert,
- PRBool disableSSL3)
-{
- SECStatus secStatus;
- PRStatus prStatus;
- PRFileDesc * listenSocket;
- PRNetAddr addr;
- PRSocketOptionData socketOption;
-
- /* Create a new socket. */
- listenSocket = PR_NewTCPSocket();
- if (listenSocket == NULL) {
- exitErr("PR_NewTCPSocket");
- }
-
- /* Set socket to be blocking -
- * on some platforms the default is nonblocking.
- */
- socketOption.option = PR_SockOpt_Nonblocking;
- socketOption.value.non_blocking = PR_FALSE;
-
- prStatus = PR_SetSocketOption(listenSocket, &socketOption);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_SetSocketOption");
- }
-
- /* This cipher is not on by default. The Acceptance test
- * would like it to be. Turn this cipher on.
- */
- secStatus = SSL_CipherPrefSetDefault(SSL_RSA_WITH_NULL_MD5, PR_TRUE);
- if (secStatus != SECSuccess) {
- exitErr("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5");
- }
-
- /* Configure the network connection. */
- addr.inet.family = PR_AF_INET;
- addr.inet.ip = PR_INADDR_ANY;
- addr.inet.port = PR_htons(port);
-
- /* Bind the address to the listener socket. */
- prStatus = PR_Bind(listenSocket, &addr);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Bind");
- }
-
- /* Listen for connection on the socket. The second argument is
- * the maximum size of the queue for pending connections.
- */
- prStatus = PR_Listen(listenSocket, 5);
- if (prStatus != PR_SUCCESS) {
- exitErr("PR_Listen");
- }
-
- /* Launch thread to handle connections to the socket. */
- secStatus = launch_thread(&threadMGR, accept_connection,
- listenSocket, requestCert);
- if (secStatus != SECSuccess) {
- PR_Close(listenSocket);
- } else {
- reap_threads(&threadMGR);
- destroy_thread_data(&threadMGR);
- }
-}
-
-/* Function: int main()
- *
- * Purpose: Parses command arguments and configures SSL server.
- *
- */
-int
-main(int argc, char **argv)
-{
- char * progName = NULL;
- char * nickName = NULL;
- char * cipherString = NULL;
- char * dir = ".";
- int requestCert = 0;
- unsigned short port = 0;
- SECStatus secStatus;
- PRBool disableSSL3 = PR_FALSE;
- PLOptState * optstate;
- PLOptStatus status;
-
- /* Zero out the thread manager. */
- PORT_Memset(&threadMGR, 0, sizeof(threadMGR));
-
- progName = PL_strdup(argv[0]);
-
- optstate = PL_CreateOptState(argc, argv, "3FRc:d:fp:n:rw:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
- case '3': disableSSL3 = PR_TRUE; break;
- case 'F': requestCert = REQUIRE_CERT_ALL; break;
- case 'R': requestCert = REQUEST_CERT_ALL; break;
- case 'c': cipherString = PL_strdup(optstate->value); break;
- case 'd': dir = PL_strdup(optstate->value); break;
- case 'f': requestCert = REQUIRE_CERT_ONCE; break;
- case 'n': nickName = PL_strdup(optstate->value); break;
- case 'p': port = PORT_Atoi(optstate->value); break;
- case 'r': requestCert = REQUEST_CERT_ONCE; break;
- case 'w': password = PL_strdup(optstate->value); break;
- default:
- case '?': Usage(progName);
- }
- }
-
- if (nickName == NULL || port == 0)
- Usage(progName);
-
- /* Call the NSPR initialization routines. */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- /* Set the cert database password callback. */
- PK11_SetPasswordFunc(myPasswd);
-
- /* Initialize NSS. */
- secStatus = NSS_Init(dir);
- if (secStatus != SECSuccess) {
- exitErr("NSS_Init");
- }
-
- /* Set the policy for this server (REQUIRED - no default). */
- secStatus = NSS_SetDomesticPolicy();
- if (secStatus != SECSuccess) {
- exitErr("NSS_SetDomesticPolicy");
- }
-
- /* XXX keep this? */
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage(progName);
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SECStatus status;
- status = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
- if (status != SECSuccess)
- errWarn("SSL_CipherPrefSetDefault()");
- }
- }
- }
-
- /* Get own certificate and private key. */
- cert = PK11_FindCertFromNickname(nickName, password);
- if (cert == NULL) {
- exitErr("PK11_FindCertFromNickname");
- }
-
- privKey = PK11_FindKeyByAnyCert(cert, password);
- if (privKey == NULL) {
- exitErr("PK11_FindKeyByAnyCert");
- }
-
- /* Configure the server's cache for a multi-process application
- * using default timeout values (24 hrs) and directory location (/tmp).
- */
- SSL_ConfigMPServerSIDCache(256, 0, 0, NULL);
-
- /* Launch server. */
- server_main(port, requestCert, privKey, cert, disableSSL3);
-
- /* Shutdown NSS and exit NSPR gracefully. */
- NSS_Shutdown();
- PR_Cleanup();
- return 0;
-}
diff --git a/security/nss/cmd/SSLsample/server.mn b/security/nss/cmd/SSLsample/server.mn
deleted file mode 100644
index 74226f08f..000000000
--- a/security/nss/cmd/SSLsample/server.mn
+++ /dev/null
@@ -1,48 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-EXPORTS =
-
-CSRCS = server.c \
- sslsample.c \
- $(NULL)
-
-PROGRAM = server
-
-REQUIRES = dbm
-
-DEFINES = -DNSPR20
-
diff --git a/security/nss/cmd/SSLsample/sslerror.h b/security/nss/cmd/SSLsample/sslerror.h
deleted file mode 100644
index 8ad908569..000000000
--- a/security/nss/cmd/SSLsample/sslerror.h
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "nspr.h"
-
-struct tuple_str {
- PRErrorCode errNum;
- const char * errString;
-};
-
-typedef struct tuple_str tuple_str;
-
-#define ER2(a,b) {a, b},
-#define ER3(a,b,c) {a, c},
-
-#include "secerr.h"
-#include "sslerr.h"
-
-const tuple_str errStrings[] = {
-
-/* keep this list in asceding order of error numbers */
-#include "SSLerrs.h"
-#include "SECerrs.h"
-#include "NSPRerrs.h"
-
-};
-
-const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str);
-
-/* Returns a UTF-8 encoded constant error string for "errNum".
- * Returns NULL of errNum is unknown.
- */
-const char *
-SSL_Strerror(PRErrorCode errNum) {
- PRInt32 low = 0;
- PRInt32 high = numStrings - 1;
- PRInt32 i;
- PRErrorCode num;
- static int initDone;
-
- /* make sure table is in ascending order.
- * binary search depends on it.
- */
- if (!initDone) {
- PRErrorCode lastNum = (PRInt32)0x80000000;
- for (i = low; i <= high; ++i) {
- num = errStrings[i].errNum;
- if (num <= lastNum) {
- fprintf(stderr,
-"sequence error in error strings at item %d\n"
-"error %d (%s)\n"
-"should come after \n"
-"error %d (%s)\n",
- i, lastNum, errStrings[i-1].errString,
- num, errStrings[i].errString);
- }
- lastNum = num;
- }
- initDone = 1;
- }
-
- /* Do binary search of table. */
- while (low + 1 < high) {
- i = (low + high) / 2;
- num = errStrings[i].errNum;
- if (errNum == num)
- return errStrings[i].errString;
- if (errNum < num)
- high = i;
- else
- low = i;
- }
- if (errNum == errStrings[low].errNum)
- return errStrings[low].errString;
- if (errNum == errStrings[high].errNum)
- return errStrings[high].errString;
- return NULL;
-}
diff --git a/security/nss/cmd/SSLsample/sslsample.c b/security/nss/cmd/SSLsample/sslsample.c
deleted file mode 100644
index 47b7d0d4f..000000000
--- a/security/nss/cmd/SSLsample/sslsample.c
+++ /dev/null
@@ -1,590 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "sslsample.h"
-#include "sslerror.h"
-
-/* Declare SSL cipher suites. */
-
-int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
- 0
-};
-
-int ssl3CipherSuites[] = {
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- 0
-};
-
-/**************************************************************************
-**
-** SSL callback routines.
-**
-**************************************************************************/
-
-/* Function: char * myPasswd()
- *
- * Purpose: This function is our custom password handler that is called by
- * SSL when retreiving private certs and keys from the database. Returns a
- * pointer to a string that with a password for the database. Password pointer
- * should point to dynamically allocated memory that will be freed later.
- */
-char *
-myPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
- char * passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PORT_Strdup((char *)arg);
- }
-
- return passwd;
-}
-
-/* Function: SECStatus myAuthCertificate()
- *
- * Purpose: This function is our custom certificate authentication handler.
- *
- * Note: This implementation is essentially the same as the default
- * SSL_AuthCertificate().
- */
-SECStatus
-myAuthCertificate(void *arg, PRFileDesc *socket,
- PRBool checksig, PRBool isServer)
-{
-
- SECCertUsage certUsage;
- CERTCertificate * cert;
- void * pinArg;
- char * hostName;
- SECStatus secStatus;
-
- if (!arg || !socket) {
- errWarn("myAuthCertificate");
- return SECFailure;
- }
-
- /* Define how the cert is being used based upon the isServer flag. */
-
- certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
-
- cert = SSL_PeerCertificate(socket);
-
- pinArg = SSL_RevealPinArg(socket);
-
- secStatus = CERT_VerifyCertNow((CERTCertDBHandle *)arg,
- cert,
- checksig,
- certUsage,
- pinArg);
-
- /* If this is a server, we're finished. */
- if (isServer || secStatus != SECSuccess) {
- CERT_DestroyCertificate(cert);
- return secStatus;
- }
-
- /* Certificate is OK. Since this is the client side of an SSL
- * connection, we need to verify that the name field in the cert
- * matches the desired hostname. This is our defense against
- * man-in-the-middle attacks.
- */
-
- /* SSL_RevealURL returns a hostName, not an URL. */
- hostName = SSL_RevealURL(socket);
-
- if (hostName && hostName[0]) {
- secStatus = CERT_VerifyCertName(cert, hostName);
- } else {
- PR_SetError(SSL_ERROR_BAD_CERT_DOMAIN, 0);
- secStatus = SECFailure;
- }
-
- if (hostName)
- PR_Free(hostName);
-
- CERT_DestroyCertificate(cert);
- return secStatus;
-}
-
-/* Function: SECStatus myBadCertHandler()
- *
- * Purpose: This callback is called when the incoming certificate is not
- * valid. We define a certain set of parameters that still cause the
- * certificate to be "valid" for this session, and return SECSuccess to cause
- * the server to continue processing the request when any of these conditions
- * are met. Otherwise, SECFailure is return and the server rejects the
- * request.
- */
-SECStatus
-myBadCertHandler(void *arg, PRFileDesc *socket)
-{
-
- SECStatus secStatus = SECFailure;
- PRErrorCode err;
-
- /* log invalid cert here */
-
- if (!arg) {
- return secStatus;
- }
-
- *(PRErrorCode *)arg = err = PORT_GetError();
-
- /* If any of the cases in the switch are met, then we will proceed */
- /* with the processing of the request anyway. Otherwise, the default */
- /* case will be reached and we will reject the request. */
-
- switch (err) {
- case SEC_ERROR_INVALID_AVA:
- case SEC_ERROR_INVALID_TIME:
- case SEC_ERROR_BAD_SIGNATURE:
- case SEC_ERROR_EXPIRED_CERTIFICATE:
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_CERT:
- case SEC_ERROR_CERT_VALID:
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- case SEC_ERROR_CRL_EXPIRED:
- case SEC_ERROR_CRL_BAD_SIGNATURE:
- case SEC_ERROR_EXTENSION_VALUE_INVALID:
- case SEC_ERROR_CA_CERT_INVALID:
- case SEC_ERROR_CERT_USAGES_INVALID:
- case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
- secStatus = SECSuccess;
- break;
- default:
- secStatus = SECFailure;
- break;
- }
-
- printf("Bad certificate: %d, %s\n", err, SSL_Strerror(err));
-
- return secStatus;
-}
-
-/* Function: SECStatus ownGetClientAuthData()
- *
- * Purpose: This callback is used by SSL to pull client certificate
- * information upon server request.
- */
-SECStatus
-myGetClientAuthData(void *arg,
- PRFileDesc *socket,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
-
- CERTCertificate * cert;
- SECKEYPrivateKey * privKey;
- char * chosenNickName = (char *)arg;
- void * proto_win = NULL;
- SECStatus secStatus = SECFailure;
-
- proto_win = SSL_RevealPinArg(socket);
-
- if (chosenNickName) {
- cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
- if (cert) {
- privKey = PK11_FindKeyByAnyCert(cert, proto_win);
- if (privKey) {
- secStatus = SECSuccess;
- } else {
- CERT_DestroyCertificate(cert);
- }
- }
- } else { /* no nickname given, automatically find the right cert */
- CERTCertNicknames *names;
- int i;
-
- names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
- SEC_CERT_NICKNAMES_USER, proto_win);
-
- if (names != NULL) {
- for(i = 0; i < names->numnicknames; i++ ) {
-
- cert = PK11_FindCertFromNickname(names->nicknames[i],
- proto_win);
- if (!cert) {
- continue;
- }
-
- /* Only check unexpired certs */
- if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE)
- != secCertTimeValid ) {
- CERT_DestroyCertificate(cert);
- continue;
- }
-
- secStatus = NSS_CmpCertChainWCANames(cert, caNames);
- if (secStatus == SECSuccess) {
- privKey = PK11_FindKeyByAnyCert(cert, proto_win);
- if (privKey) {
- break;
- }
- secStatus = SECFailure;
- break;
- }
- CERT_FreeNicknames(names);
- } /* for loop */
- }
- }
-
- if (secStatus == SECSuccess) {
- *pRetCert = cert;
- *pRetKey = privKey;
- }
-
- return secStatus;
-}
-
-/* Function: SECStatus myHandshakeCallback()
- *
- * Purpose: Called by SSL to inform application that the handshake is
- * complete. This function is mostly used on the server side of an SSL
- * connection, although it is provided for a client as well.
- * Useful when a non-blocking SSL_ReHandshake or SSL_ResetHandshake
- * is used to initiate a handshake.
- *
- * A typical scenario would be:
- *
- * 1. Server accepts an SSL connection from the client without client auth.
- * 2. Client sends a request.
- * 3. Server determines that to service request it needs to authenticate the
- * client and initiates another handshake requesting client auth.
- * 4. While handshake is in progress, server can do other work or spin waiting
- * for the handshake to complete.
- * 5. Server is notified that handshake has been successfully completed by
- * the custom handshake callback function and it can service the client's
- * request.
- *
- * Note: This function is not implemented in this sample, as we are using
- * blocking sockets.
- */
-SECStatus
-myHandshakeCallback(PRFileDesc *socket, void *arg)
-{
- printf("Handshake has completed, ready to send data securely.\n");
- return SECSuccess;
-}
-
-
-/**************************************************************************
-**
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
- suite, i);
- errWarn("SSL_CipherPrefSetDefault");
- exit(2);
- }
- }
-}
-
-/**************************************************************************
-**
-** Error and information routines.
-**
-**************************************************************************/
-
-void
-errWarn(char *function)
-{
- PRErrorCode errorNumber = PR_GetError();
- const char * errorString = SSL_Strerror(errorNumber);
-
- printf("Error in function %s: %d\n - %s\n",
- function, errorNumber, errorString);
-}
-
-void
-exitErr(char *function)
-{
- errWarn(function);
- /* Exit gracefully. */
- NSS_Shutdown();
- PR_Cleanup();
- exit(1);
-}
-
-void
-printSecurityInfo(PRFileDesc *fd)
-{
- char * cp; /* bulk cipher name */
- char * ip; /* cert issuer DN */
- char * sp; /* cert subject DN */
- int op; /* High, Low, Off */
- int kp0; /* total key bits */
- int kp1; /* secret key bits */
- int result;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
-
- result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp);
- if (result != SECSuccess)
- return;
- printf("bulk cipher %s, %d secret key bits, %d key bits, status: %d\n"
- "subject DN: %s\n"
- "issuer DN: %s\n", cp, kp1, kp0, op, sp, ip);
- PR_Free(cp);
- PR_Free(ip);
- PR_Free(sp);
-
- printf("%ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
- ssl3stats->hch_sid_cache_not_ok);
-
-}
-
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-
-void
-thread_wrapper(void * arg)
-{
- GlobalThreadMgr *threadMGR = (GlobalThreadMgr *)arg;
- perThread *slot = &threadMGR->threads[threadMGR->index];
-
- /* wait for parent to finish launching us before proceeding. */
- PR_Lock(threadMGR->threadLock);
- PR_Unlock(threadMGR->threadLock);
-
- slot->rv = (* slot->startFunc)(slot->a, slot->b);
-
- PR_Lock(threadMGR->threadLock);
- slot->running = rs_zombie;
-
- /* notify the thread exit handler. */
- PR_NotifyCondVar(threadMGR->threadEndQ);
-
- PR_Unlock(threadMGR->threadLock);
-}
-
-SECStatus
-launch_thread(GlobalThreadMgr *threadMGR,
- startFn *startFunc,
- void *a,
- int b)
-{
- perThread *slot;
- int i;
-
- if (!threadMGR->threadStartQ) {
- threadMGR->threadLock = PR_NewLock();
- threadMGR->threadStartQ = PR_NewCondVar(threadMGR->threadLock);
- threadMGR->threadEndQ = PR_NewCondVar(threadMGR->threadLock);
- }
- PR_Lock(threadMGR->threadLock);
- while (threadMGR->numRunning >= MAX_THREADS) {
- PR_WaitCondVar(threadMGR->threadStartQ, PR_INTERVAL_NO_TIMEOUT);
- }
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running == rs_idle)
- break;
- }
- if (i >= threadMGR->numUsed) {
- if (i >= MAX_THREADS) {
- /* something's really wrong here. */
- PORT_Assert(i < MAX_THREADS);
- PR_Unlock(threadMGR->threadLock);
- return SECFailure;
- }
- ++(threadMGR->numUsed);
- PORT_Assert(threadMGR->numUsed == i + 1);
- slot = &threadMGR->threads[i];
- }
-
- slot->a = a;
- slot->b = b;
- slot->startFunc = startFunc;
-
- threadMGR->index = i;
-
- slot->prThread = PR_CreateThread(PR_USER_THREAD,
- thread_wrapper, threadMGR,
- PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
- PR_JOINABLE_THREAD, 0);
-
- if (slot->prThread == NULL) {
- PR_Unlock(threadMGR->threadLock);
- printf("Failed to launch thread!\n");
- return SECFailure;
- }
-
- slot->inUse = 1;
- slot->running = 1;
- ++(threadMGR->numRunning);
- PR_Unlock(threadMGR->threadLock);
- printf("Launched thread in slot %d \n", threadMGR->index);
-
- return SECSuccess;
-}
-
-SECStatus
-reap_threads(GlobalThreadMgr *threadMGR)
-{
- perThread * slot;
- int i;
-
- if (!threadMGR->threadLock)
- return 0;
- PR_Lock(threadMGR->threadLock);
- while (threadMGR->numRunning > 0) {
- PR_WaitCondVar(threadMGR->threadEndQ, PR_INTERVAL_NO_TIMEOUT);
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running == rs_zombie) {
- /* Handle cleanup of thread here. */
- printf("Thread in slot %d returned %d\n", i, slot->rv);
-
- /* Now make sure the thread has ended OK. */
- PR_JoinThread(slot->prThread);
- slot->running = rs_idle;
- --threadMGR->numRunning;
-
- /* notify the thread launcher. */
- PR_NotifyCondVar(threadMGR->threadStartQ);
- }
- }
- }
-
- /* Safety Sam sez: make sure count is right. */
- for (i = 0; i < threadMGR->numUsed; ++i) {
- slot = &threadMGR->threads[i];
- if (slot->running != rs_idle) {
- fprintf(stderr, "Thread in slot %d is in state %d!\n",
- i, slot->running);
- }
- }
- PR_Unlock(threadMGR->threadLock);
- return 0;
-}
-
-void
-destroy_thread_data(GlobalThreadMgr *threadMGR)
-{
- PORT_Memset(threadMGR->threads, 0, sizeof(threadMGR->threads));
-
- if (threadMGR->threadEndQ) {
- PR_DestroyCondVar(threadMGR->threadEndQ);
- threadMGR->threadEndQ = NULL;
- }
- if (threadMGR->threadStartQ) {
- PR_DestroyCondVar(threadMGR->threadStartQ);
- threadMGR->threadStartQ = NULL;
- }
- if (threadMGR->threadLock) {
- PR_DestroyLock(threadMGR->threadLock);
- threadMGR->threadLock = NULL;
- }
-}
-
-/**************************************************************************
-** End thread management routines.
-**************************************************************************/
-
-void
-lockedVars_Init( lockedVars * lv)
-{
- lv->count = 0;
- lv->waiters = 0;
- lv->lock = PR_NewLock();
- lv->condVar = PR_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
- PR_DestroyCondVar(lv->condVar);
- lv->condVar = NULL;
-
- PR_DestroyLock(lv->lock);
- lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
- PR_Lock(lv->lock);
- while (lv->count > 0) {
- PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
- }
- PR_Unlock(lv->lock);
-}
-
-int /* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
- int rv;
-
- PR_Lock(lv->lock);
- rv = lv->count += addend;
- if (rv <= 0) {
- PR_NotifyCondVar(lv->condVar);
- }
- PR_Unlock(lv->lock);
- return rv;
-}
diff --git a/security/nss/cmd/SSLsample/sslsample.h b/security/nss/cmd/SSLsample/sslsample.h
deleted file mode 100644
index ca6b6a489..000000000
--- a/security/nss/cmd/SSLsample/sslsample.h
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef SSLSAMPLE_H
-#define SSLSAMPLE_H
-
-/* Generic header files */
-
-#include <stdio.h>
-#include <string.h>
-
-/* NSPR header files */
-
-#include "nspr.h"
-#include "prerror.h"
-#include "prnetdb.h"
-
-/* NSS header files */
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "certt.h"
-#include "nss.h"
-#include "secrng.h"
-#include "secder.h"
-#include "key.h"
-#include "sslproto.h"
-
-/* Custom header files */
-
-/*
-#include "sslerror.h"
-*/
-
-#define BUFFER_SIZE 10240
-
-/* Declare SSL cipher suites. */
-
-extern int cipherSuites[];
-extern int ssl2CipherSuites[];
-extern int ssl3CipherSuites[];
-
-/* Data buffer read from a socket. */
-typedef struct DataBufferStr {
- char data[BUFFER_SIZE];
- int index;
- int remaining;
- int dataStart;
- int dataEnd;
-} DataBuffer;
-
-/* SSL callback routines. */
-
-char * myPasswd(PK11SlotInfo *info, PRBool retry, void *arg);
-
-SECStatus myAuthCertificate(void *arg, PRFileDesc *socket,
- PRBool checksig, PRBool isServer);
-
-SECStatus myBadCertHandler(void *arg, PRFileDesc *socket);
-
-SECStatus myHandshakeCallback(PRFileDesc *socket, void *arg);
-
-SECStatus myGetClientAuthData(void *arg, PRFileDesc *socket,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
-/* Disable all v2/v3 SSL ciphers. */
-
-void disableAllSSLCiphers(void);
-
-
-/* Error and information utilities. */
-
-void errWarn(char *function);
-
-void exitErr(char *function);
-
-void printSecurityInfo(PRFileDesc *fd);
-
-/* Some simple thread management routines. */
-
-#define MAX_THREADS 32
-
-typedef SECStatus startFn(void *a, int b);
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
- PRFileDesc *a;
- int b;
- int rv;
- startFn *startFunc;
- PRThread *prThread;
- PRBool inUse;
- runState running;
-} perThread;
-
-typedef struct GlobalThreadMgrStr {
- PRLock *threadLock;
- PRCondVar *threadStartQ;
- PRCondVar *threadEndQ;
- perThread threads[MAX_THREADS];
- int index;
- int numUsed;
- int numRunning;
-} GlobalThreadMgr;
-
-void thread_wrapper(void * arg);
-
-SECStatus launch_thread(GlobalThreadMgr *threadMGR,
- startFn *startFunc, void *a, int b);
-
-SECStatus reap_threads(GlobalThreadMgr *threadMGR);
-
-void destroy_thread_data(GlobalThreadMgr *threadMGR);
-
-/* Management of locked variables. */
-
-struct lockedVarsStr {
- PRLock * lock;
- int count;
- int waiters;
- PRCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void lockedVars_Init(lockedVars *lv);
-
-void lockedVars_Destroy(lockedVars *lv);
-
-void lockedVars_WaitForDone(lockedVars *lv);
-
-int lockedVars_AddToCount(lockedVars *lv, int addend);
-
-/* Buffer stuff. */
-
-static const char stopCmd[] = { "GET /stop " };
-static const char defaultHeader[] = {
- "HTTP/1.0 200 OK\r\n"
- "Server: SSL sample server\r\n"
- "Content-type: text/plain\r\n"
- "\r\n"
-};
-
-#endif
diff --git a/security/nss/cmd/addbuiltin/Makefile b/security/nss/cmd/addbuiltin/Makefile
deleted file mode 100644
index 8650a607d..000000000
--- a/security/nss/cmd/addbuiltin/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/addbuiltin/addbuiltin.c b/security/nss/cmd/addbuiltin/addbuiltin.c
deleted file mode 100644
index 2b66e3b64..000000000
--- a/security/nss/cmd/addbuiltin/addbuiltin.c
+++ /dev/null
@@ -1,338 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Tool for converting builtin CA certs.
- *
- * $Id$
- */
-
-#include "nss.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secutil.h"
-#include "pk11func.h"
-
-void dumpbytes(unsigned char *buf, int len)
-{
- int i;
- for (i=0; i < len; i++) {
- if ((i !=0) && ((i & 0xf) == 0)) {
- printf("\n");
- }
- printf("\\%03o",buf[i]);
- }
- printf("\n");
-}
-
-char *getTrustString(unsigned int trust)
-{
- if (trust & CERTDB_TRUSTED) {
- if (trust & CERTDB_TRUSTED_CA) {
- return "CKT_NETSCAPE_TRUSTED_DELEGATOR|CKT_NETSCAPE_TRUSTED";
- } else {
- return "CKT_NETSCAPE_TRUSTED";
- }
- } else {
- if (trust & CERTDB_TRUSTED_CA) {
- return "CKT_NETSCAPE_TRUSTED_DELEGATOR";
- } else {
- return "CKT_NETSCAPE_VALID";
- }
- }
- return "CKT_NETSCAPE_VALID"; /* not reached */
-}
-
-static SECStatus
-ConvertCertificate(SECItem *sdder, char *nickname, CERTCertTrust *trust)
-{
- SECStatus rv = SECSuccess;
- CERTCertificate *cert;
- unsigned char sha1_hash[SHA1_LENGTH];
- unsigned char md5_hash[MD5_LENGTH];
-
- cert = CERT_DecodeDERCertificate(sdder, PR_FALSE, nickname);
- if (!cert) {
- return SECFailure;
- }
-
- printf("\n#\n# Certificate \"%s\"\n#\n",nickname);
- printf("CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n");
- printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
- printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
- printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
- printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
- printf("CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n");
- printf("CKA_SUBJECT MULTILINE_OCTAL\n");
- dumpbytes(cert->derSubject.data,cert->derSubject.len);
- printf("END\n");
- printf("CKA_ID UTF8 \"0\"\n");
- printf("CKA_ISSUER MULTILINE_OCTAL\n");
- dumpbytes(cert->derIssuer.data,cert->derIssuer.len);
- printf("END\n");
- printf("CKA_SERIAL_NUMBER MULTILINE_OCTAL\n");
- dumpbytes(cert->serialNumber.data,cert->serialNumber.len);
- printf("END\n");
- printf("CKA_VALUE MULTILINE_OCTAL\n");
- dumpbytes(sdder->data,sdder->len);
- printf("END\n");
-
- PK11_HashBuf(SEC_OID_SHA1, sha1_hash, sdder->data, sdder->len);
- PK11_HashBuf(SEC_OID_MD5, md5_hash, sdder->data, sdder->len);
- printf("\n# Trust for Certificate \"%s\"\n",nickname);
- printf("CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST\n");
- printf("CKA_TOKEN CK_BBOOL CK_TRUE\n");
- printf("CKA_PRIVATE CK_BBOOL CK_FALSE\n");
- printf("CKA_MODIFIABLE CK_BBOOL CK_FALSE\n");
- printf("CKA_LABEL UTF8 \"%s\"\n",nickname);
- printf("CKA_CERT_SHA1_HASH MULTILINE_OCTAL\n");
- dumpbytes(sha1_hash,SHA1_LENGTH);
- printf("END\n");
- printf("CKA_CERT_MD5_HASH MULTILINE_OCTAL\n");
- dumpbytes(md5_hash,MD5_LENGTH);
- printf("END\n");
-
- printf("CKA_TRUST_SERVER_AUTH CK_TRUST %s\n",
- getTrustString(trust->sslFlags));
- printf("CKA_TRUST_EMAIL_PROTECTION CK_TRUST %s\n",
- getTrustString(trust->emailFlags));
- printf("CKA_TRUST_CODE_SIGNING CK_TRUST %s\n",
- getTrustString(trust->objectSigningFlags));
-#ifdef notdef
- printf("CKA_TRUST_CLIENT_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED\n");*/
- printf("CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_NON_REPUDIATION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_KEY_AGREEMENT CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
- printf("CKA_TRUST_KEY_CERT_SIGN CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR\n");
-#endif
-
-
- PORT_Free(sdder->data);
- return(rv);
-
-}
-
-printheader() {
- printf("# \n"
- "# The contents of this file are subject to the Mozilla Public\n"
- "# License Version 1.1 (the \"License\"); you may not use this file\n"
- "# except in compliance with the License. You may obtain a copy of\n"
- "# the License at http://www.mozilla.org/MPL/\n"
- "# \n"
- "# Software distributed under the License is distributed on an \"AS\n"
- "# IS\" basis, WITHOUT WARRANTY OF ANY KIND, either express or\n"
- "# implied. See the License for the specific language governing\n"
- "# rights and limitations under the License.\n"
- "# \n"
- "# The Original Code is the Netscape security libraries.\n"
- "# \n"
- "# The Initial Developer of the Original Code is Netscape\n"
- "# Communications Corporation. Portions created by Netscape are \n"
- "# Copyright (C) 1994-2000 Netscape Communications Corporation. All\n"
- "# Rights Reserved.\n"
- "# \n"
- "# Contributor(s):\n"
- "# \n"
- "# Alternatively, the contents of this file may be used under the\n"
- "# terms of the GNU General Public License Version 2 or later (the\n"
- "# \"GPL\"), in which case the provisions of the GPL are applicable \n"
- "# instead of those above. If you wish to allow use of your \n"
- "# version of this file only under the terms of the GPL and not to\n"
- "# allow others to use your version of this file under the MPL,\n"
- "# indicate your decision by deleting the provisions above and\n"
- "# replace them with the notice and other provisions required by\n"
- "# the GPL. If you do not delete the provisions above, a recipient\n"
- "# may use your version of this file under either the MPL or the\n"
- "# GPL.\n"
- "#\n"
- "CVS_ID \"@(#) $RCSfile$ $Revision$ $Date$ $Name$\"\n"
- "\n"
- "#\n"
- "# certdata.txt\n"
- "#\n"
- "# This file contains the object definitions for the certs and other\n"
- "# information \"built into\" NSS.\n"
- "#\n"
- "# Object definitions:\n"
- "#\n"
- "# Certificates\n"
- "#\n"
- "# -- Attribute -- -- type -- -- value --\n"
- "# CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE\n"
- "# CKA_TOKEN CK_BBOOL CK_TRUE\n"
- "# CKA_PRIVATE CK_BBOOL CK_FALSE\n"
- "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
- "# CKA_LABEL UTF8 (varies)\n"
- "# CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509\n"
- "# CKA_SUBJECT DER+base64 (varies)\n"
- "# CKA_ID byte array (varies)\n"
- "# CKA_ISSUER DER+base64 (varies)\n"
- "# CKA_SERIAL_NUMBER DER+base64 (varies)\n"
- "# CKA_VALUE DER+base64 (varies)\n"
- "# CKA_NETSCAPE_EMAIL ASCII7 (unused here)\n"
- "#\n"
- "# Trust\n"
- "#\n"
- "# -- Attribute -- -- type -- -- value --\n"
- "# CKA_CLASS CK_OBJECT_CLASS CKO_TRUST\n"
- "# CKA_TOKEN CK_BBOOL CK_TRUE\n"
- "# CKA_PRIVATE CK_BBOOL CK_FALSE\n"
- "# CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
- "# CKA_LABEL UTF8 (varies)\n"
- "# CKA_ISSUER DER+base64 (varies)\n"
- "# CKA_SERIAL_NUMBER DER+base64 (varies)\n"
- "# CKA_CERT_HASH binary+base64 (varies)\n"
- "# CKA_EXPIRES CK_DATE (not used here)\n"
- "# CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST (varies)\n"
- "# CKA_TRUST_NON_REPUDIATION CK_TRUST (varies)\n"
- "# CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST (varies)\n"
- "# CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST (varies)\n"
- "# CKA_TRUST_KEY_AGREEMENT CK_TRUST (varies)\n"
- "# CKA_TRUST_KEY_CERT_SIGN CK_TRUST (varies)\n"
- "# CKA_TRUST_CRL_SIGN CK_TRUST (varies)\n"
- "# CKA_TRUST_SERVER_AUTH CK_TRUST (varies)\n"
- "# CKA_TRUST_CLIENT_AUTH CK_TRUST (varies)\n"
- "# CKA_TRUST_CODE_SIGNING CK_TRUST (varies)\n"
- "# CKA_TRUST_EMAIL_PROTECTION CK_TRUST (varies)\n"
- "# CKA_TRUST_IPSEC_END_SYSTEM CK_TRUST (varies)\n"
- "# CKA_TRUST_IPSEC_TUNNEL CK_TRUST (varies)\n"
- "# CKA_TRUST_IPSEC_USER CK_TRUST (varies)\n"
- "# CKA_TRUST_TIME_STAMPING CK_TRUST (varies)\n"
- "# (other trust attributes can be defined)\n"
- "#\n"
- "\n"
- "#\n"
- "# The object to tell NSS that this is a root list and we don't\n"
- "# have to go looking for others.\n"
- "#\n"
- "BEGINDATA\n"
- "CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST\n"
- "CKA_TOKEN CK_BBOOL CK_TRUE\n"
- "CKA_PRIVATE CK_BBOOL CK_FALSE\n"
- "CKA_MODIFIABLE CK_BBOOL CK_FALSE\n"
- "CKA_LABEL UTF8 \"Mozilla Builtin Roots\"\n");
-}
-
-static void Usage(char *progName)
-{
- fprintf(stderr, "%s -n nickname -t trust\n", progName);
- fprintf(stderr,
- "read a der-encoded cert from stdin in, and output\n"
- "it to stdout in a format suitable for the builtin root module.\n"
- "example: %s -n MyCA -t \"C,C,C\" < myca.der >> certdata.txt\n"
- "(pipe through atob if the cert is b64-encoded)\n");
- fprintf(stderr, "%15s nickname to assign to builtin cert.\n",
- "-n nickname");
- fprintf(stderr, "%15s default trust flags (cCTpPuw).\n",
- "-t trust");
- exit(-1);
-}
-
-enum {
- opt_Input = 0,
- opt_Nickname,
- opt_Trust
-};
-
-static secuCommandFlag addbuiltin_options[] =
-{
- { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE },
- { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE }
-};
-
-main(int argc, char **argv)
-{
- SECStatus rv;
- char *nickname;
- char *trusts;
- char *progName;
- PRFileDesc *infile;
- CERTCertTrust trust = { 0 };
- SECItem derCert = { 0 };
-
- secuCommand addbuiltin = { 0 };
- addbuiltin.numOptions = sizeof(addbuiltin_options)/sizeof(secuCommandFlag);
- addbuiltin.options = addbuiltin_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &addbuiltin);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- if (!addbuiltin.options[opt_Nickname].activated &&
- !addbuiltin.options[opt_Trust].activated) {
- fprintf(stderr, "%s: you must specify both a nickname and trust.\n");
- Usage(progName);
- }
-
- if (addbuiltin.options[opt_Input].activated) {
- infile = PR_Open(addbuiltin.options[opt_Input].arg, PR_RDONLY, 00660);
- if (!infile) {
- fprintf(stderr, "%s: failed to open input file.\n");
- exit(1);
- }
- } else {
- infile = PR_STDIN;
- }
-
- nickname = strdup(addbuiltin.options[opt_Nickname].arg);
- trusts = strdup(addbuiltin.options[opt_Trust].arg);
-
- NSS_NoDB_Init(NULL);
-
- rv = CERT_DecodeTrustString(&trust, trusts);
- if (rv) {
- fprintf(stderr, "%s: incorrectly formatted trust string.\n", progName);
- Usage(progName);
- }
-
- SECU_FileToItem(&derCert, infile);
-
- /*printheader();*/
-
- rv = ConvertCertificate(&derCert, nickname, &trust);
- if (rv) {
- fprintf(stderr, "%s: failed to convert certificate.\n", progName);
- exit(1);
- }
-
- NSS_Shutdown();
-
- return(SECSuccess);
-}
diff --git a/security/nss/cmd/addbuiltin/manifest.mn b/security/nss/cmd/addbuiltin/manifest.mn
deleted file mode 100644
index c664c2d6c..000000000
--- a/security/nss/cmd/addbuiltin/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
- addbuiltin.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = addbuiltin
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/atob/Makefile b/security/nss/cmd/atob/Makefile
deleted file mode 100644
index ff6f06e7e..000000000
--- a/security/nss/cmd/atob/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/atob/atob.c b/security/nss/cmd/atob/atob.c
deleted file mode 100644
index 8d632b6bf..000000000
--- a/security/nss/cmd/atob/atob.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plgetopt.h"
-#include "secutil.h"
-#include "nssb64.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-static PRInt32
-output_binary (void *arg, const unsigned char *obuf, PRInt32 size)
-{
- FILE *outFile = arg;
- int nb;
-
- nb = fwrite(obuf, 1, size, outFile);
- if (nb != size) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
-
- return nb;
-}
-
-static SECStatus
-decode_file(FILE *outFile, FILE *inFile)
-{
- NSSBase64Decoder *cx;
- int nb;
- SECStatus status = SECFailure;
- char ibuf[4096];
-
- cx = NSSBase64Decoder_Create(output_binary, outFile);
- if (!cx) {
- return -1;
- }
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
- /* eof */
- break;
- }
- }
-
- status = NSSBase64Decoder_Update(cx, ibuf, nb);
- if (status != SECSuccess) goto loser;
- }
-
- return NSSBase64Decoder_Destroy(cx, PR_FALSE);
-
- loser:
- (void) NSSBase64Decoder_Destroy(cx, PR_TRUE);
- return status;
-}
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- char *progName;
- SECStatus rv;
- FILE *inFile, *outFile;
- PLOptState *optstate;
- PLOptStatus status;
-
- inFile = 0;
- outFile = 0;
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- optstate = PL_CreateOptState(argc, argv, "i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "r");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "wb");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
- }
- }
- if (!inFile) inFile = stdin;
- if (!outFile) {
-#if defined(WIN32)
- int smrv = _setmode(_fileno(stdout), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdout to binary mode. Use -o option instead.\n",
- progName);
- return smrv;
- }
-#endif
- outFile = stdout;
- }
- rv = decode_file(outFile, inFile);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: lossage: error=%d errno=%d\n",
- progName, PORT_GetError(), errno);
- return -1;
- }
- return 0;
-}
diff --git a/security/nss/cmd/atob/makefile.win b/security/nss/cmd/atob/makefile.win
deleted file mode 100644
index ecccc7bf3..000000000
--- a/security/nss/cmd/atob/makefile.win
+++ /dev/null
@@ -1,155 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = atob
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-# awt3240.lib # brpref32.lib # cert32.lib
-# crypto32.lib # dllcom.lib # editor32.lib
-# edpref32.lib # edtplug.lib # font.lib
-# hash32.lib # htmldg32.lib # img32.lib
-# javart32.lib # jbn3240.lib # jdb3240.lib
-# jmc.lib # jpeg3240.lib # jpw3240.lib
-# jrt3240.lib # js3240.lib # jsd3240.lib
-# key32.lib # libapplet32.lib # libnjs32.lib
-# libnsc32.lib # libreg32.lib # mm3240.lib
-# mnpref32.lib # netcst32.lib # nsdlg32.lib
-# nsldap32.lib # nsldaps32.lib # nsn32.lib
-# pkcs1232.lib # pkcs732.lib # pr3240.lib
-# prefui32.lib # prefuuid.lib # secmod32.lib
-# secnav32.lib # secutl32.lib # softup32.lib
-# sp3240.lib # ssl32.lib # uni3200.lib
-# unicvt32.lib # win32md.lib # winfont.lib
-# xppref32.lib # zlib32.lib
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj
-# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp
-# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch
-# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll
-# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj
-# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/atob/manifest.mn b/security/nss/cmd/atob/manifest.mn
deleted file mode 100644
index ed3717be6..000000000
--- a/security/nss/cmd/atob/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = atob.c
-
-PROGRAM = atob
-
diff --git a/security/nss/cmd/bltest/Makefile b/security/nss/cmd/bltest/Makefile
deleted file mode 100644
index c99a3c017..000000000
--- a/security/nss/cmd/bltest/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-#MKPROG = purify -cache-dir=/u/mcgreer/pcache -best-effort \
-# -always-use-cache-dir $(CC)
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#EXTRA_SHARED_LIBS += \
-# -L/usr/lib \
-# -lposix4 \
-# $(NULL)
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c
deleted file mode 100644
index 7a84b4ef1..000000000
--- a/security/nss/cmd/bltest/blapitest.c
+++ /dev/null
@@ -1,2375 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "blapi.h"
-#include "prmem.h"
-#include "prprf.h"
-#include "prtime.h"
-#include "prsystem.h"
-#include "plstr.h"
-#include "nssb64.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "softoken.h"
-#include "nss.h"
-
-/* Temporary - add debugging ouput on windows for RSA to track QA failure */
-#ifdef _WIN32
-#define TRACK_BLTEST_BUG
- char __bltDBG[] = "BLTEST DEBUG";
-#endif
-
-char *progName;
-char *testdir = NULL;
-
-#define BLTEST_DEFAULT_CHUNKSIZE 4096
-
-#define WORDSIZE sizeof(unsigned long)
-
-#define CHECKERROR(rv, ln) \
- if (rv) { \
- PRErrorCode prerror = PR_GetError(); \
- PR_fprintf(PR_STDERR, "%s: ERR %d (%s) at line %d.\n", progName, \
- prerror, SECU_Strerror(prerror), ln); \
- exit(-1); \
- }
-
-/* Macros for performance timing. */
-#define TIMESTART() \
- time1 = PR_IntervalNow();
-
-#define TIMEFINISH(time, reps) \
- time2 = (PRIntervalTime)(PR_IntervalNow() - time1); \
- time1 = PR_IntervalToMilliseconds(time2); \
- time = ((double)(time1))/reps;
-
-static void Usage()
-{
-#define PRINTUSAGE(subject, option, predicate) \
- fprintf(stderr, "%10s %s\t%s\n", subject, option, predicate);
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "[-DEHSV]", "List available cipher modes"); /* XXX */
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-E -m mode ", "Encrypt a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
- PRINTUSAGE("", "", "[-b bufsize] [-g keysize] [-e exp] [-r rounds]");
- PRINTUSAGE("", "", "[-w wordsize] [-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for output buffer");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-v", "file which contains initialization vector");
- PRINTUSAGE("", "-b", "size of input buffer");
- PRINTUSAGE("", "-g", "key size (in bytes)");
- PRINTUSAGE("", "-p", "do performance test");
- PRINTUSAGE("(rsa)", "-e", "rsa public exponent");
- PRINTUSAGE("(rc5)", "-r", "number of rounds");
- PRINTUSAGE("(rc5)", "-w", "wordsize (32 or 64)");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-D -m mode", "Decrypt a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
- PRINTUSAGE("", "", "[-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for output buffer");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-v", "file which contains initialization vector");
- PRINTUSAGE("", "-p", "do performance test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-H -m mode", "Hash a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o hash]");
- PRINTUSAGE("", "", "[-b bufsize]");
- PRINTUSAGE("", "", "[-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for hash");
- PRINTUSAGE("", "-b", "size of input buffer");
- PRINTUSAGE("", "-p", "do performance test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-S -m mode", "Sign a buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-o signature] [-k key]");
- PRINTUSAGE("", "", "[-b bufsize]");
- PRINTUSAGE("", "", "[-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-o", "file for signature");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-p", "do performance test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-V -m mode", "Verify a signed buffer");
- PRINTUSAGE("", "", "[-i plaintext] [-s signature] [-k key]");
- PRINTUSAGE("", "", "[-p repetitions]");
- PRINTUSAGE("", "-m", "cipher mode to use");
- PRINTUSAGE("", "-i", "file which contains input buffer");
- PRINTUSAGE("", "-s", "file which contains signature of input buffer");
- PRINTUSAGE("", "-k", "file which contains key");
- PRINTUSAGE("", "-p", "do performance test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-N -m mode -b bufsize",
- "Create a nonce plaintext and key");
- PRINTUSAGE("", "", "[-g keysize] [-u cxreps]");
- PRINTUSAGE("", "-g", "key size (in bytes)");
- PRINTUSAGE("", "-u", "number of repetitions of context creation");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-F", "Run the FIPS self-test");
- fprintf(stderr, "\n");
- PRINTUSAGE(progName, "-T [-m mode1,mode2...]", "Run the BLAPI self-test");
- fprintf(stderr, "\n");
- exit(1);
-}
-
-/* Helper functions for ascii<-->binary conversion/reading/writing */
-
-/* XXX argh */
-struct item_with_arena {
- SECItem *item;
- PRArenaPool *arena;
-};
-
-static PRInt32
-get_binary(void *arg, const unsigned char *ibuf, PRInt32 size)
-{
- struct item_with_arena *it = arg;
- SECItem *binary = it->item;
- SECItem *tmp;
- int index;
- if (binary->data == NULL) {
- tmp = SECITEM_AllocItem(it->arena, NULL, size);
- binary->data = tmp->data;
- binary->len = tmp->len;
- index = 0;
- } else {
- SECITEM_ReallocItem(NULL, binary, binary->len, binary->len + size);
- index = binary->len;
- }
- PORT_Memcpy(&binary->data[index], ibuf, size);
- return binary->len;
-}
-
-static SECStatus
-atob(SECItem *ascii, SECItem *binary, PRArenaPool *arena)
-{
- SECStatus status;
- NSSBase64Decoder *cx;
- struct item_with_arena it;
- int len;
- binary->data = NULL;
- binary->len = 0;
- it.item = binary;
- it.arena = arena;
- len = (strcmp(&ascii->data[ascii->len-2],"\r\n")) ?
- ascii->len : ascii->len-2;
- cx = NSSBase64Decoder_Create(get_binary, &it);
- status = NSSBase64Decoder_Update(cx, (const char *)ascii->data, len);
- status = NSSBase64Decoder_Destroy(cx, PR_FALSE);
- return status;
-}
-
-static PRInt32
-output_ascii(void *arg, const char *obuf, PRInt32 size)
-{
- PRFileDesc *outfile = arg;
- PRInt32 nb = PR_Write(outfile, obuf, size);
- if (nb != size) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
- return nb;
-}
-
-static SECStatus
-btoa_file(SECItem *binary, PRFileDesc *outfile)
-{
- SECStatus status;
- NSSBase64Encoder *cx;
- SECItem ascii;
- ascii.data = NULL;
- ascii.len = 0;
- if (binary->len == 0)
- return SECSuccess;
- cx = NSSBase64Encoder_Create(output_ascii, outfile);
- status = NSSBase64Encoder_Update(cx, binary->data, binary->len);
- status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
- status = PR_Write(outfile, "\r\n", 2);
- return status;
-}
-
-SECStatus
-hex_from_2char(unsigned char *c2, unsigned char *byteval)
-{
- int i;
- unsigned char offset;
- *byteval = 0;
- for (i=0; i<2; i++) {
- if (c2[i] >= '0' && c2[i] <= '9') {
- offset = c2[i] - '0';
- *byteval |= offset << 4*(1-i);
- } else if (c2[i] >= 'a' && c2[i] <= 'f') {
- offset = c2[i] - 'a';
- *byteval |= (offset + 10) << 4*(1-i);
- } else if (c2[i] >= 'A' && c2[i] <= 'F') {
- offset = c2[i] - 'A';
- *byteval |= (offset + 10) << 4*(1-i);
- } else {
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-char2_from_hex(unsigned char byteval, unsigned char *c2)
-{
- int i;
- unsigned char offset;
- for (i=0; i<2; i++) {
- offset = (byteval >> 4*(1-i)) & 0x0f;
- if (offset < 10) {
- c2[i] = '0' + offset;
- } else {
- c2[i] = 'A' + offset - 10;
- }
- }
- return SECSuccess;
-}
-
-void
-serialize_key(SECItem *it, int ni, PRFileDesc *file)
-{
- unsigned char len[4];
- int i;
- SECStatus status;
- NSSBase64Encoder *cx;
- SECItem ascii;
- ascii.data = NULL;
- ascii.len = 0;
- cx = NSSBase64Encoder_Create(output_ascii, file);
- for (i=0; i<ni; i++, it++) {
- len[0] = (it->len >> 24) & 0xff;
- len[1] = (it->len >> 16) & 0xff;
- len[2] = (it->len >> 8) & 0xff;
- len[3] = (it->len & 0xff);
- status = NSSBase64Encoder_Update(cx, len, 4);
- status = NSSBase64Encoder_Update(cx, it->data, it->len);
- }
- status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
- status = PR_Write(file, "\r\n", 2);
-}
-
-void
-key_from_filedata(PRArenaPool *arena, SECItem *it, int ni, SECItem *filedata)
-{
- int fpos = 0;
- int i;
- unsigned char *buf = filedata->data;
- for (i=0; i<ni; i++, it++) {
- it->len = (buf[fpos++] & 0xff) << 24;
- it->len |= (buf[fpos++] & 0xff) << 16;
- it->len |= (buf[fpos++] & 0xff) << 8;
- it->len |= (buf[fpos++] & 0xff);
- if (it->len > 0) {
- it->data = PORT_ArenaAlloc(arena, it->len);
- PORT_Memcpy(it->data, &buf[fpos], it->len);
- } else {
- it->data = NULL;
- }
- fpos += it->len;
- }
-}
-
-static RSAPrivateKey *
-rsakey_from_filedata(SECItem *filedata)
-{
- RSAPrivateKey *key;
- PRArenaPool *arena;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey));
- key->arena = arena;
- key_from_filedata(arena, &key->version, 9, filedata);
- return key;
-}
-
-static PQGParams *
-pqg_from_filedata(SECItem *filedata)
-{
- PQGParams *pqg;
- PRArenaPool *arena;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- pqg = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
- pqg->arena = arena;
- key_from_filedata(arena, &pqg->prime, 3, filedata);
- return pqg;
-}
-
-static DSAPrivateKey *
-dsakey_from_filedata(SECItem *filedata)
-{
- DSAPrivateKey *key;
- PRArenaPool *arena;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
- key->params.arena = arena;
- key_from_filedata(arena, &key->params.prime, 5, filedata);
- return key;
-}
-
-static void
-dump_pqg(PQGParams *pqg)
-{
- SECU_PrintInteger(stdout, &pqg->prime, "PRIME:", 0);
- SECU_PrintInteger(stdout, &pqg->subPrime, "SUBPRIME:", 0);
- SECU_PrintInteger(stdout, &pqg->base, "BASE:", 0);
-}
-
-static void
-dump_dsakey(DSAPrivateKey *key)
-{
- dump_pqg(&key->params);
- SECU_PrintInteger(stdout, &key->publicValue, "PUBLIC VALUE:", 0);
- SECU_PrintInteger(stdout, &key->privateValue, "PRIVATE VALUE:", 0);
-}
-
-static void
-dump_rsakey(RSAPrivateKey *key)
-{
- SECU_PrintInteger(stdout, &key->version, "VERSION:", 0);
- SECU_PrintInteger(stdout, &key->modulus, "MODULUS:", 0);
- SECU_PrintInteger(stdout, &key->publicExponent, "PUBLIC EXP:", 0);
- SECU_PrintInteger(stdout, &key->privateExponent, "PRIVATE EXP:", 0);
- SECU_PrintInteger(stdout, &key->prime1, "CRT PRIME 1:", 0);
- SECU_PrintInteger(stdout, &key->prime2, "CRT PRIME 2:", 0);
- SECU_PrintInteger(stdout, &key->exponent1, "CRT EXP 1:", 0);
- SECU_PrintInteger(stdout, &key->exponent2, "CRT EXP 2:", 0);
- SECU_PrintInteger(stdout, &key->coefficient, "CRT COEFFICIENT:", 0);
-}
-
-typedef enum {
- bltestBase64Encoded, /* Base64 encoded ASCII */
- bltestBinary, /* straight binary */
- bltestHexSpaceDelim, /* 0x12 0x34 0xab 0xCD ... */
- bltestHexStream /* 1234abCD ... */
-} bltestIOMode;
-
-typedef struct
-{
- SECItem buf;
- SECItem pBuf;
- bltestIOMode mode;
- PRFileDesc* file;
-} bltestIO;
-
-typedef SECStatus (* bltestSymmCipherFn)(void *cx,
- unsigned char *output,
- unsigned int *outputLen,
- unsigned int maxOutputLen,
- const unsigned char *input,
- unsigned int inputLen);
-
-typedef SECStatus (* bltestPubKeyCipherFn)(void *key,
- unsigned char *output,
- const unsigned char *input);
-
-typedef SECStatus (* bltestHashCipherFn)(unsigned char *dest,
- const unsigned char *src,
- uint32 src_length);
-
-typedef enum {
- bltestINVALID = -1,
- bltestDES_ECB, /* Symmetric Key Ciphers */
- bltestDES_CBC, /* . */
- bltestDES_EDE_ECB, /* . */
- bltestDES_EDE_CBC, /* . */
- bltestRC2_ECB, /* . */
- bltestRC2_CBC, /* . */
- bltestRC4, /* . */
- bltestRC5_ECB, /* . */
- bltestRC5_CBC, /* . */
- bltestAES_ECB, /* . */
- bltestAES_CBC, /* . */
- bltestRSA, /* Public Key Ciphers */
- bltestDSA, /* . (Public Key Sig.) */
- bltestMD2, /* Hash algorithms */
- bltestMD5, /* . */
- bltestSHA1, /* . */
- NUMMODES
-} bltestCipherMode;
-
-static char *mode_strings[] =
-{
- "des_ecb",
- "des_cbc",
- "des3_ecb",
- "des3_cbc",
- "rc2_ecb",
- "rc2_cbc",
- "rc4",
- "rc5_ecb",
- "rc5_cbc",
- "aes_ecb",
- "aes_cbc",
- "rsa",
- /*"pqg",*/
- "dsa",
- "md2",
- "md5",
- "sha1",
-};
-
-typedef struct
-{
- bltestIO key;
- bltestIO iv;
-} bltestSymmKeyParams;
-
-typedef struct
-{
- bltestIO key;
- bltestIO iv;
- int rounds;
- int wordsize;
-} bltestRC5Params;
-
-typedef struct
-{
- bltestIO key;
- int keysizeInBits;
- RSAPrivateKey *rsakey;
-} bltestRSAParams;
-
-typedef struct
-{
- bltestIO key;
- bltestIO pqgdata;
- unsigned int j;
- bltestIO keyseed;
- bltestIO sigseed;
- bltestIO sig; /* if doing verify, have additional input */
- PQGParams *pqg;
- DSAPrivateKey *dsakey;
-} bltestDSAParams;
-
-typedef struct
-{
- bltestIO key; /* unused */
- PRBool restart;
-} bltestHashParams;
-
-typedef union
-{
- bltestIO key;
- bltestSymmKeyParams sk;
- bltestRC5Params rc5;
- bltestRSAParams rsa;
- bltestDSAParams dsa;
- bltestHashParams hash;
-} bltestParams;
-
-typedef struct
-{
- PRArenaPool *arena;
- /* cipher context */
- void *cx;
- /* I/O streams */
- bltestIO input;
- bltestIO output;
- /* Cipher-specific parameters */
- bltestParams params;
- /* Cipher mode */
- bltestCipherMode mode;
- /* Cipher function (encrypt/decrypt/sign/verify/hash) */
- union {
- bltestSymmCipherFn symmkeyCipher;
- bltestPubKeyCipherFn pubkeyCipher;
- bltestHashCipherFn hashCipher;
- } cipher;
- /* performance testing */
- int repetitions;
- int cxreps;
- double cxtime;
- double optime;
-} bltestCipherInfo;
-
-PRBool
-is_symmkeyCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestDES_ECB && mode <= bltestAES_CBC)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-is_pubkeyCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestRSA && mode <= bltestDSA)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-is_hashCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestMD2 && mode <= bltestSHA1)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-is_sigCipher(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode >= bltestDSA && mode <= bltestDSA)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-PRBool
-cipher_requires_IV(bltestCipherMode mode)
-{
- /* change as needed! */
- if (mode == bltestDES_CBC || mode == bltestDES_EDE_CBC ||
- mode == bltestRC2_CBC || mode == bltestRC5_CBC ||
- mode == bltestAES_CBC)
- return PR_TRUE;
- return PR_FALSE;
-}
-
-SECStatus finishIO(bltestIO *output, PRFileDesc *file);
-
-SECStatus
-setupIO(PRArenaPool *arena, bltestIO *input, PRFileDesc *file,
- char *str, int numBytes)
-{
- SECStatus rv;
- SECItem fileData;
- SECItem *in;
- unsigned char *tok;
- unsigned int i, j;
-
- if (file && (numBytes == 0 || file == PR_STDIN)) {
- /* grabbing data from a file */
- rv = SECU_FileToItem(&fileData, file);
- if (rv != SECSuccess) {
- PR_Close(file);
- return SECFailure;
- }
- in = &fileData;
- } else if (str) {
- /* grabbing data from command line */
- fileData.data = str;
- fileData.len = PL_strlen(str);
- in = &fileData;
- } else if (file) {
- /* create nonce */
- SECITEM_AllocItem(arena, &input->buf, numBytes);
- RNG_GenerateGlobalRandomBytes(input->buf.data, numBytes);
- return finishIO(input, file);
- } else {
- return SECFailure;
- }
-
- switch (input->mode) {
- case bltestBase64Encoded:
- rv = atob(in, &input->buf, arena);
- break;
- case bltestBinary:
- if (in->data[in->len-1] == '\n') --in->len;
- if (in->data[in->len-1] == '\r') --in->len;
- SECITEM_CopyItem(arena, &input->buf, in);
- break;
- case bltestHexSpaceDelim:
- SECITEM_AllocItem(arena, &input->buf, in->len/5);
- for (i=0, j=0; i<in->len; i+=5, j++) {
- tok = &in->data[i];
- if (tok[0] != '0' || tok[1] != 'x' || tok[4] != ' ')
- /* bad hex token */
- break;
-
- rv = hex_from_2char(&tok[2], input->buf.data + j);
- if (rv)
- break;
- }
- break;
- case bltestHexStream:
- SECITEM_AllocItem(arena, &input->buf, in->len/2);
- for (i=0, j=0; i<in->len; i+=2, j++) {
- tok = &in->data[i];
- rv = hex_from_2char(tok, input->buf.data + j);
- if (rv)
- break;
- }
- break;
- }
-
- if (file)
- SECITEM_FreeItem(&fileData, PR_FALSE);
- return rv;
-}
-
-SECStatus
-finishIO(bltestIO *output, PRFileDesc *file)
-{
- SECStatus rv;
- PRInt32 nb;
- unsigned char byteval;
- SECItem *it;
- char hexstr[5];
- unsigned int i;
- if (output->pBuf.len > 0) {
- it = &output->pBuf;
- } else {
- it = &output->buf;
- }
- switch (output->mode) {
- case bltestBase64Encoded:
- rv = btoa_file(it, file);
- break;
- case bltestBinary:
- nb = PR_Write(file, it->data, it->len);
- rv = (nb == (PRInt32)it->len) ? SECSuccess : SECFailure;
- break;
- case bltestHexSpaceDelim:
- hexstr[0] = '0';
- hexstr[1] = 'x';
- hexstr[4] = ' ';
- for (i=0; i<it->len; i++) {
- byteval = it->data[i];
- rv = char2_from_hex(byteval, hexstr + 2);
- nb = PR_Write(file, hexstr, 5);
- if (rv)
- break;
- }
- PR_Write(file, "\n", 1);
- break;
- case bltestHexStream:
- for (i=0; i<it->len; i++) {
- byteval = it->data[i];
- rv = char2_from_hex(byteval, hexstr);
- if (rv)
- break;
- nb = PR_Write(file, hexstr, 2);
- }
- PR_Write(file, "\n", 1);
- break;
- }
- return rv;
-}
-
-void
-bltestCopyIO(PRArenaPool *arena, bltestIO *dest, bltestIO *src)
-{
- SECITEM_CopyItem(arena, &dest->buf, &src->buf);
- if (src->pBuf.len > 0) {
- dest->pBuf.len = src->pBuf.len;
- dest->pBuf.data = dest->buf.data + (src->pBuf.data - src->buf.data);
- }
- dest->mode = src->mode;
- dest->file = src->file;
-}
-
-void
-misalignBuffer(PRArenaPool *arena, bltestIO *io, int off)
-{
- ptrdiff_t offset = (ptrdiff_t)io->buf.data % WORDSIZE;
- int length = io->buf.len;
- if (offset != off) {
- SECITEM_ReallocItem(arena, &io->buf, length, length + 2*WORDSIZE);
- io->buf.len = length + 2*WORDSIZE; /* why doesn't realloc do this? */
- /* offset may have changed? */
- offset = (ptrdiff_t)io->buf.data % WORDSIZE;
- if (offset != off) {
- memmove(io->buf.data + off, io->buf.data, length);
- io->pBuf.data = io->buf.data + off;
- io->pBuf.len = length;
- } else {
- io->pBuf.data = io->buf.data;
- io->pBuf.len = length;
- }
- } else {
- io->pBuf.data = io->buf.data;
- io->pBuf.len = length;
- }
-}
-
-SECStatus
-des_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return DES_Encrypt((DESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-des_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return DES_Decrypt((DESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc2_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC2_Encrypt((RC2Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc2_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC2_Decrypt((RC2Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc4_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC4_Encrypt((RC4Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rc4_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return RC4_Decrypt((RC4Context *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-aes_Encrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return AES_Encrypt((AESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-aes_Decrypt(void *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- return AES_Decrypt((AESContext *)cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-rsa_PublicKeyOp(void *key, unsigned char *output, const unsigned char *input)
-{
- return RSA_PublicKeyOp((RSAPublicKey *)key, output, input);
-}
-
-SECStatus
-rsa_PrivateKeyOp(void *key, unsigned char *output, const unsigned char *input)
-{
- return RSA_PrivateKeyOp((RSAPrivateKey *)key, output, input);
-}
-
-SECStatus
-bltest_des_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- bltestSymmKeyParams *desp = &cipherInfo->params.sk;
- int minorMode;
- int i;
- switch (cipherInfo->mode) {
- case bltestDES_ECB: minorMode = NSS_DES; break;
- case bltestDES_CBC: minorMode = NSS_DES_CBC; break;
- case bltestDES_EDE_ECB: minorMode = NSS_DES_EDE3; break;
- case bltestDES_EDE_CBC: minorMode = NSS_DES_EDE3_CBC; break;
- default:
- return SECFailure;
- }
- cipherInfo->cx = (void*)DES_CreateContext(desp->key.buf.data,
- desp->iv.buf.data,
- minorMode, encrypt);
- if (cipherInfo->cxreps > 0) {
- DESContext **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(DESContext *));
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummycx[i] = (void*)DES_CreateContext(desp->key.buf.data,
- desp->iv.buf.data,
- minorMode, encrypt);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; i<cipherInfo->cxreps; i++) {
- DES_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = des_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = des_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rc2_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- bltestSymmKeyParams *rc2p = &cipherInfo->params.sk;
- int minorMode;
- int i;
- switch (cipherInfo->mode) {
- case bltestRC2_ECB: minorMode = NSS_RC2; break;
- case bltestRC2_CBC: minorMode = NSS_RC2_CBC; break;
- default:
- return SECFailure;
- }
- cipherInfo->cx = (void*)RC2_CreateContext(rc2p->key.buf.data,
- rc2p->key.buf.len,
- rc2p->iv.buf.data,
- minorMode,
- rc2p->key.buf.len);
- if (cipherInfo->cxreps > 0) {
- RC2Context **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC2Context *));
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummycx[i] = (void*)RC2_CreateContext(rc2p->key.buf.data,
- rc2p->key.buf.len,
- rc2p->iv.buf.data,
- minorMode,
- rc2p->key.buf.len);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; i<cipherInfo->cxreps; i++) {
- RC2_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = rc2_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = rc2_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rc4_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- int i;
- bltestSymmKeyParams *rc4p = &cipherInfo->params.sk;
- cipherInfo->cx = (void*)RC4_CreateContext(rc4p->key.buf.data,
- rc4p->key.buf.len);
- if (cipherInfo->cxreps > 0) {
- RC4Context **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(RC4Context *));
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummycx[i] = (void*)RC4_CreateContext(rc4p->key.buf.data,
- rc4p->key.buf.len);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; i<cipherInfo->cxreps; i++) {
- RC4_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = rc4_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = rc4_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rc5_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
-#if NSS_SOFTOKEN_DOES_RC5
- PRIntervalTime time1, time2;
- bltestRC5Params *rc5p = &cipherInfo->params.rc5;
- int minorMode;
- switch (cipherInfo->mode) {
- case bltestRC5_ECB: minorMode = NSS_RC5; break;
- case bltestRC5_CBC: minorMode = NSS_RC5_CBC; break;
- default:
- return SECFailure;
- }
- TIMESTART();
- cipherInfo->cx = (void*)RC5_CreateContext(&rc5p->key.buf,
- rc5p->rounds, rc5p->wordsize,
- rc5p->iv.buf.data, minorMode);
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = RC5_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = RC5_Decrypt;
- return SECSuccess;
-#else
- return SECFailure;
-#endif
-}
-
-SECStatus
-bltest_aes_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRIntervalTime time1, time2;
- bltestSymmKeyParams *aesp = &cipherInfo->params.sk;
- int minorMode;
- int i;
- /* XXX */ int keylen, blocklen;
- keylen = aesp->key.buf.len;
- blocklen = cipherInfo->input.pBuf.len;
- switch (cipherInfo->mode) {
- case bltestAES_ECB: minorMode = NSS_AES; break;
- case bltestAES_CBC: minorMode = NSS_AES_CBC; break;
- default:
- return SECFailure;
- }
- cipherInfo->cx = (void*)AES_CreateContext(aesp->key.buf.data,
- aesp->iv.buf.data,
- minorMode, encrypt,
- keylen, blocklen);
- if (cipherInfo->cxreps > 0) {
- AESContext **dummycx;
- dummycx = PORT_Alloc(cipherInfo->cxreps * sizeof(AESContext *));
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummycx[i] = (void*)AES_CreateContext(aesp->key.buf.data,
- aesp->iv.buf.data,
- minorMode, encrypt,
- keylen, blocklen);
- }
- TIMEFINISH(cipherInfo->cxtime, 1.0);
- for (i=0; i<cipherInfo->cxreps; i++) {
- AES_DestroyContext(dummycx[i], PR_TRUE);
- }
- PORT_Free(dummycx);
- }
- if (encrypt)
- cipherInfo->cipher.symmkeyCipher = aes_Encrypt;
- else
- cipherInfo->cipher.symmkeyCipher = aes_Decrypt;
- return SECSuccess;
-}
-
-SECStatus
-bltest_rsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- int i;
- RSAPrivateKey **dummyKey;
- PRIntervalTime time1, time2;
- bltestRSAParams *rsap = &cipherInfo->params.rsa;
- /* RSA key gen was done during parameter setup */
- cipherInfo->cx = cipherInfo->params.rsa.rsakey;
- /* For performance testing */
- if (cipherInfo->cxreps > 0) {
- /* Create space for n private key objects */
- dummyKey = (RSAPrivateKey **)PORT_Alloc(cipherInfo->cxreps *
- sizeof(RSAPrivateKey *));
- /* Time n keygens, storing in the array */
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++)
- dummyKey[i] = RSA_NewKey(rsap->keysizeInBits,
- &rsap->rsakey->publicExponent);
- TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps);
- /* Free the n key objects */
- for (i=0; i<cipherInfo->cxreps; i++)
- PORT_FreeArena(dummyKey[i]->arena, PR_TRUE);
- PORT_Free(dummyKey);
- }
- if (encrypt) {
- /* Have to convert private key to public key. Memory
- * is freed with private key's arena */
- RSAPublicKey *pubkey;
- RSAPrivateKey *key = (RSAPrivateKey *)cipherInfo->cx;
- pubkey = (RSAPublicKey *)PORT_ArenaAlloc(key->arena,
- sizeof(RSAPublicKey));
- pubkey->modulus.len = key->modulus.len;
- pubkey->modulus.data = key->modulus.data;
- pubkey->publicExponent.len = key->publicExponent.len;
- pubkey->publicExponent.data = key->publicExponent.data;
- cipherInfo->cx = (void *)pubkey;
- cipherInfo->cipher.pubkeyCipher = rsa_PublicKeyOp;
- } else {
- cipherInfo->cipher.pubkeyCipher = rsa_PrivateKeyOp;
- }
- return SECSuccess;
-}
-
-SECStatus
-bltest_pqg_init(bltestDSAParams *dsap)
-{
- SECStatus rv, res;
- PQGVerify *vfy = NULL;
- rv = PQG_ParamGen(dsap->j, &dsap->pqg, &vfy);
- CHECKERROR(rv, __LINE__);
- rv = PQG_VerifyParams(dsap->pqg, vfy, &res);
- CHECKERROR(res, __LINE__);
- CHECKERROR(rv, __LINE__);
- return rv;
-}
-
-SECStatus
-bltest_dsa_init(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- int i;
- DSAPrivateKey **dummyKey;
- PQGParams *dummypqg;
- PRIntervalTime time1, time2;
- bltestDSAParams *dsap = &cipherInfo->params.dsa;
- PQGVerify *ignore = NULL;
- /* DSA key gen was done during parameter setup */
- cipherInfo->cx = cipherInfo->params.dsa.dsakey;
- /* For performance testing */
- if (cipherInfo->cxreps > 0) {
- /* Create space for n private key objects */
- dummyKey = (DSAPrivateKey **)PORT_ZAlloc(cipherInfo->cxreps *
- sizeof(DSAPrivateKey *));
- /* Time n keygens, storing in the array */
- TIMESTART();
- for (i=0; i<cipherInfo->cxreps; i++) {
- dummypqg = NULL;
- PQG_ParamGen(dsap->j, &dummypqg, &ignore);
- DSA_NewKey(dummypqg, &dummyKey[i]);
- }
- TIMEFINISH(cipherInfo->cxtime, cipherInfo->cxreps);
- /* Free the n key objects */
- for (i=0; i<cipherInfo->cxreps; i++)
- PORT_FreeArena(dummyKey[i]->params.arena, PR_TRUE);
- PORT_Free(dummyKey);
- }
- if (!dsap->pqg && dsap->pqgdata.buf.len > 0) {
- dsap->pqg = pqg_from_filedata(&dsap->pqgdata.buf);
- }
- if (!cipherInfo->cx && dsap->key.buf.len > 0) {
- cipherInfo->cx = dsakey_from_filedata(&dsap->key.buf);
- }
- if (encrypt) {
- cipherInfo->cipher.pubkeyCipher = DSA_SignDigest;
- } else {
- /* Have to convert private key to public key. Memory
- * is freed with private key's arena */
- DSAPublicKey *pubkey;
- DSAPrivateKey *key = (DSAPrivateKey *)cipherInfo->cx;
- pubkey = (DSAPublicKey *)PORT_ArenaZAlloc(key->params.arena,
- sizeof(DSAPublicKey));
- pubkey->params.prime.len = key->params.prime.len;
- pubkey->params.prime.data = key->params.prime.data;
- pubkey->params.subPrime.len = key->params.subPrime.len;
- pubkey->params.subPrime.data = key->params.subPrime.data;
- pubkey->params.base.len = key->params.base.len;
- pubkey->params.base.data = key->params.base.data;
- pubkey->publicValue.len = key->publicValue.len;
- pubkey->publicValue.data = key->publicValue.data;
- cipherInfo->cipher.pubkeyCipher = DSA_VerifyDigest;
- }
- return SECSuccess;
-}
-
-/* XXX unfortunately, this is not defined in blapi.h */
-SECStatus
-md2_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- unsigned int len;
- MD2Context *cx = MD2_NewContext();
- if (cx == NULL) return SECFailure;
- MD2_Begin(cx);
- MD2_Update(cx, src, src_length);
- MD2_End(cx, dest, &len, MD2_LENGTH);
- MD2_DestroyContext(cx, PR_TRUE);
- return SECSuccess;
-}
-
-SECStatus
-md2_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- MD2Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- SECStatus rv;
- cx = MD2_NewContext();
- /* divide message by 4, restarting 3 times */
- quarter = src_length / 4;
- for (i=0; i<4; i++) {
- MD2_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = MD2_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- MD2_Flatten(cx, cxbytes);
- cx_cpy = MD2_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName);
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- MD2_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: MD2_Resurrect failed!\n", progName);
- goto finish;
- }
- MD2_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- MD2_End(cx, dest, &len, MD2_LENGTH);
-finish:
- MD2_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-md5_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv;
- MD5Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = MD5_NewContext();
- /* divide message by 4, restarting 3 times */
- quarter = src_length / 4;
- for (i=0; i<4; i++) {
- MD5_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = MD5_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- MD5_Flatten(cx, cxbytes);
- cx_cpy = MD5_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName);
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- MD5_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: MD5_Resurrect failed!\n", progName);
- goto finish;
- }
- MD5_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- MD5_End(cx, dest, &len, MD5_LENGTH);
-finish:
- MD5_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-sha1_restart(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SECStatus rv;
- SHA1Context *cx, *cx_cpy;
- unsigned char *cxbytes;
- unsigned int len;
- unsigned int i, quarter;
- cx = SHA1_NewContext();
- /* divide message by 4, restarting 3 times */
- quarter = src_length / 4;
- for (i=0; i<4; i++) {
- SHA1_Update(cx, src + i*quarter, PR_MIN(quarter, src_length));
- len = SHA1_FlattenSize(cx);
- cxbytes = PORT_Alloc(len);
- SHA1_Flatten(cx, cxbytes);
- cx_cpy = SHA1_Resurrect(cxbytes, NULL);
- if (!cx_cpy) {
- PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName);
- goto finish;
- }
- rv = PORT_Memcmp(cx, cx_cpy, len);
- if (rv) {
- SHA1_DestroyContext(cx_cpy, PR_TRUE);
- PR_fprintf(PR_STDERR, "%s: SHA1_Resurrect failed!\n", progName);
- goto finish;
- }
- SHA1_DestroyContext(cx_cpy, PR_TRUE);
- PORT_Free(cxbytes);
- src_length -= quarter;
- }
- SHA1_End(cx, dest, &len, MD5_LENGTH);
-finish:
- SHA1_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-pubkeyInitKey(bltestCipherInfo *cipherInfo, PRFileDesc *file,
- int keysize, int exponent)
-{
- int i;
- SECStatus rv;
- bltestRSAParams *rsap;
- bltestDSAParams *dsap;
- switch (cipherInfo->mode) {
- case bltestRSA:
- rsap = &cipherInfo->params.rsa;
- if (keysize > 0) {
- SECItem expitem = { 0, 0, 0 };
- SECITEM_AllocItem(cipherInfo->arena, &expitem, sizeof(int));
- for (i = 1; i <= sizeof(int); i++)
- expitem.data[i-1] = exponent >> (8*(sizeof(int) - i));
- rsap->rsakey = RSA_NewKey(keysize * 8, &expitem);
- serialize_key(&rsap->rsakey->version, 9, file);
- rsap->keysizeInBits = keysize * 8;
- } else {
- setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0);
- rsap->rsakey = rsakey_from_filedata(&cipherInfo->params.key.buf);
- rsap->keysizeInBits = rsap->rsakey->modulus.len * 8;
- }
- break;
- case bltestDSA:
- dsap = &cipherInfo->params.dsa;
- if (keysize > 0) {
- dsap->j = PQG_PBITS_TO_INDEX(8*keysize);
- if (!dsap->pqg)
- bltest_pqg_init(dsap);
- rv = DSA_NewKey(dsap->pqg, &dsap->dsakey);
- CHECKERROR(rv, __LINE__);
- serialize_key(&dsap->dsakey->params.prime, 5, file);
- } else {
- setupIO(cipherInfo->arena, &cipherInfo->params.key, file, NULL, 0);
- dsap->dsakey = dsakey_from_filedata(&cipherInfo->params.key.buf);
- dsap->j = PQG_PBITS_TO_INDEX(8*dsap->dsakey->params.prime.len);
- }
- break;
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-cipherInit(bltestCipherInfo *cipherInfo, PRBool encrypt)
-{
- PRBool restart;
- switch (cipherInfo->mode) {
- case bltestDES_ECB:
- case bltestDES_CBC:
- case bltestDES_EDE_ECB:
- case bltestDES_EDE_CBC:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_des_init(cipherInfo, encrypt);
- break;
- case bltestRC2_ECB:
- case bltestRC2_CBC:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_rc2_init(cipherInfo, encrypt);
- break;
- case bltestRC4:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_rc4_init(cipherInfo, encrypt);
- break;
- case bltestRC5_ECB:
- case bltestRC5_CBC:
-#if NSS_SOFTOKEN_DOES_RC5
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
-#endif
- return bltest_rc5_init(cipherInfo, encrypt);
- break;
- case bltestAES_ECB:
- case bltestAES_CBC:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_aes_init(cipherInfo, encrypt);
- break;
- case bltestRSA:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- cipherInfo->input.pBuf.len);
- return bltest_rsa_init(cipherInfo, encrypt);
- break;
- case bltestDSA:
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- DSA_SIGNATURE_LEN);
- return bltest_dsa_init(cipherInfo, encrypt);
- break;
- case bltestMD2:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- MD2_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? md2_restart : md2_HashBuf;
- return SECSuccess;
- break;
- case bltestMD5:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- MD5_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? md5_restart : MD5_HashBuf;
- return SECSuccess;
- break;
- case bltestSHA1:
- restart = cipherInfo->params.hash.restart;
- SECITEM_AllocItem(cipherInfo->arena, &cipherInfo->output.buf,
- SHA1_LENGTH);
- cipherInfo->cipher.hashCipher = (restart) ? sha1_restart : SHA1_HashBuf;
- return SECSuccess;
- break;
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-dsaOp(bltestCipherInfo *cipherInfo)
-{
- PRIntervalTime time1, time2;
- SECStatus rv;
- int i;
- int maxLen = cipherInfo->output.pBuf.len;
- SECItem dummyOut = { 0, 0, 0 };
- SECITEM_AllocItem(NULL, &dummyOut, maxLen);
- if (cipherInfo->cipher.pubkeyCipher ==
- (bltestPubKeyCipherFn)DSA_SignDigest) {
- if (cipherInfo->params.dsa.sigseed.buf.len > 0) {
- rv = DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf,
- cipherInfo->params.dsa.sigseed.buf.data);
- CHECKERROR(rv, __LINE__);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- rv |= DSA_SignDigestWithSeed((DSAPrivateKey *)cipherInfo->cx,
- &dummyOut,
- &cipherInfo->input.pBuf,
- cipherInfo->params.dsa.sigseed.buf.data);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- CHECKERROR(rv, __LINE__);
- } else {
- rv = DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx,
- &cipherInfo->output.pBuf,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- DSA_SignDigest((DSAPrivateKey *)cipherInfo->cx, &dummyOut,
- &cipherInfo->input.pBuf);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- bltestCopyIO(cipherInfo->arena, &cipherInfo->params.dsa.sig,
- &cipherInfo->output);
- } else {
- rv = DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx,
- &cipherInfo->params.dsa.sig.buf,
- &cipherInfo->input.pBuf);
- CHECKERROR(rv, __LINE__);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- DSA_VerifyDigest((DSAPublicKey *)cipherInfo->cx,
- &cipherInfo->params.dsa.sig.buf,
- &cipherInfo->input.pBuf);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- SECITEM_FreeItem(&dummyOut, PR_FALSE);
- return rv;
-}
-
-SECStatus
-cipherDoOp(bltestCipherInfo *cipherInfo)
-{
- PRIntervalTime time1, time2;
- SECStatus rv;
- int i, len;
- int maxLen = cipherInfo->output.pBuf.len;
- unsigned char *dummyOut;
- if (cipherInfo->mode == bltestDSA)
- return dsaOp(cipherInfo);
- dummyOut = PORT_Alloc(maxLen);
- if (is_symmkeyCipher(cipherInfo->mode)) {
- rv = (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx,
- cipherInfo->output.pBuf.data,
- &len, maxLen,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- (*cipherInfo->cipher.symmkeyCipher)(cipherInfo->cx, dummyOut,
- &len, maxLen,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
-
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- } else if (is_pubkeyCipher(cipherInfo->mode)) {
- rv = (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx,
- cipherInfo->output.pBuf.data,
- cipherInfo->input.pBuf.data);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- (*cipherInfo->cipher.pubkeyCipher)(cipherInfo->cx, dummyOut,
- cipherInfo->input.pBuf.data);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- } else if (is_hashCipher(cipherInfo->mode)) {
- rv = (*cipherInfo->cipher.hashCipher)(cipherInfo->output.pBuf.data,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
- TIMESTART();
- for (i=0; i<cipherInfo->repetitions; i++) {
- (*cipherInfo->cipher.hashCipher)(dummyOut,
- cipherInfo->input.pBuf.data,
- cipherInfo->input.pBuf.len);
- }
- TIMEFINISH(cipherInfo->optime, 1.0);
- }
- PORT_Free(dummyOut);
- return rv;
-}
-
-SECStatus
-cipherFinish(bltestCipherInfo *cipherInfo)
-{
- switch (cipherInfo->mode) {
- case bltestDES_ECB:
- case bltestDES_CBC:
- case bltestDES_EDE_ECB:
- case bltestDES_EDE_CBC:
- DES_DestroyContext((DESContext *)cipherInfo->cx, PR_TRUE);
- break;
- case bltestAES_ECB:
- case bltestAES_CBC:
- AES_DestroyContext((AESContext *)cipherInfo->cx, PR_TRUE);
- break;
- case bltestRC2_ECB:
- case bltestRC2_CBC:
- RC2_DestroyContext((RC2Context *)cipherInfo->cx, PR_TRUE);
- break;
- case bltestRC4:
- RC4_DestroyContext((RC4Context *)cipherInfo->cx, PR_TRUE);
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case bltestRC5_ECB:
- case bltestRC5_CBC:
- RC5_DestroyContext((RC5Context *)cipherInfo->cx, PR_TRUE);
- break;
-#endif
- case bltestRSA: /* keys are alloc'ed within cipherInfo's arena, */
- case bltestDSA: /* will be freed with it. */
- case bltestMD2: /* hash contexts are ephemeral */
- case bltestMD5:
- case bltestSHA1:
- return SECSuccess;
- break;
- default:
- return SECFailure;
- }
- return SECSuccess;
-}
-
-void
-print_exponent(SECItem *exp)
-{
- int i;
- int e = 0;
- if (exp->len <= 4) {
- for (i=exp->len; i >=0; --i) e |= exp->data[exp->len-i] << 8*(i-1);
- fprintf(stdout, "%12d", e);
- } else {
- e = 8*exp->len;
- fprintf(stdout, "~2**%-8d", e);
- }
-}
-
-void
-dump_performance_info(bltestCipherInfo *info, PRBool encrypt, PRBool cxonly)
-{
- PRBool td = PR_TRUE;
- fprintf(stdout, "#%9s", "mode");
- fprintf(stdout, "%12s", "in");
-print_td:
- switch (info->mode) {
- case bltestDES_ECB:
- case bltestDES_CBC:
- case bltestDES_EDE_ECB:
- case bltestDES_EDE_CBC:
- case bltestAES_ECB:
- case bltestAES_CBC:
- case bltestRC2_ECB:
- case bltestRC2_CBC:
- case bltestRC4:
- if (td)
- fprintf(stdout, "%8s", "symmkey");
- else
- fprintf(stdout, "%8d", 8*info->params.sk.key.buf.len);
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case bltestRC5_ECB:
- case bltestRC5_CBC:
- if (info->params.sk.key.buf.len > 0)
- printf("symmetric key(bytes)=%d,", info->params.sk.key.buf.len);
- if (info->rounds > 0)
- printf("rounds=%d,", info->params.rc5.rounds);
- if (info->wordsize > 0)
- printf("wordsize(bytes)=%d,", info->params.rc5.wordsize);
- break;
-#endif
- case bltestRSA:
- if (td) {
- fprintf(stdout, "%8s", "rsa_mod");
- fprintf(stdout, "%12s", "rsa_pe");
- } else {
- fprintf(stdout, "%8d", info->params.rsa.keysizeInBits);
- print_exponent(&info->params.rsa.rsakey->publicExponent);
- }
- break;
- case bltestDSA:
- if (td)
- fprintf(stdout, "%8s", "pqg_mod");
- else
- fprintf(stdout, "%8d", PQG_INDEX_TO_PBITS(info->params.dsa.j));
- break;
- case bltestMD2:
- case bltestMD5:
- case bltestSHA1:
- default:
- break;
- }
- if (!td) {
- fprintf(stdout, "%8d", info->repetitions);
- fprintf(stdout, "%8d", info->cxreps);
- fprintf(stdout, "%12.3f", info->cxtime);
- fprintf(stdout, "%12.3f", info->optime);
- fprintf(stdout, "\n");
- return;
- }
-
- fprintf(stdout, "%8s", "opreps");
- fprintf(stdout, "%8s", "cxreps");
- fprintf(stdout, "%12s", "context");
- fprintf(stdout, "%12s", "op");
- fprintf(stdout, "\n");
- fprintf(stdout, "%8s", mode_strings[info->mode]);
- fprintf(stdout, "_%c", (cxonly) ? 'c' : (encrypt) ? 'e' : 'd');
- fprintf(stdout, "%12d", info->input.buf.len * info->repetitions);
-
- td = !td;
- goto print_td;
-}
-
-void
-printmodes()
-{
- bltestCipherMode mode;
- int nummodes = sizeof(mode_strings) / sizeof(char *);
- fprintf(stderr, "%s: Available modes (specify with -m):\n", progName);
- for (mode=0; mode<nummodes; mode++)
- fprintf(stderr, "%s\n", mode_strings[mode]);
-}
-
-bltestCipherMode
-get_mode(const char *modestring)
-{
- bltestCipherMode mode;
- int nummodes = sizeof(mode_strings) / sizeof(char *);
- for (mode=0; mode<nummodes; mode++)
- if (PL_strcmp(modestring, mode_strings[mode]) == 0)
- return mode;
- fprintf(stderr, "%s: invalid mode: %s\n", progName, modestring);
- return bltestINVALID;
-}
-
-void
-load_file_data(PRArenaPool *arena, bltestIO *data,
- char *fn, bltestIOMode ioMode)
-{
- PRFileDesc *file;
- data->mode = ioMode;
- data->file = NULL; /* don't use -- not saving anything */
- data->pBuf.data = NULL;
- data->pBuf.len = 0;
- file = PR_Open(fn, PR_RDONLY, 00660);
- if (file)
- setupIO(arena, data, file, NULL, 0);
-}
-
-void
-get_params(PRArenaPool *arena, bltestParams *params,
- bltestCipherMode mode, int j)
-{
- char filename[256];
- char *modestr = mode_strings[mode];
-#if NSS_SOFTOKEN_DOES_RC5
- FILE *file;
- char *mark, *param, *val;
- int index = 0;
-#endif
- switch (mode) {
- case bltestDES_CBC:
- case bltestDES_EDE_CBC:
- case bltestRC2_CBC:
- case bltestAES_CBC:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j);
- load_file_data(arena, &params->sk.iv, filename, bltestBinary);
- case bltestDES_ECB:
- case bltestDES_EDE_ECB:
- case bltestRC2_ECB:
- case bltestRC4:
- case bltestAES_ECB:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, &params->sk.key, filename, bltestBinary);
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case bltestRC5_ECB:
- case bltestRC5_CBC:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "iv", j);
- load_file_data(arena, &params->sk.iv, filename, bltestBinary);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, &params->sk.key, filename, bltestBinary);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
- "params", j);
- file = fopen(filename, "r");
- if (!file) return;
- param = malloc(100);
- len = fread(param, 1, 100, file);
- while (index < len) {
- mark = PL_strchr(param, '=');
- *mark = '\0';
- val = mark + 1;
- mark = PL_strchr(val, '\n');
- *mark = '\0';
- if (PL_strcmp(param, "rounds") == 0) {
- params->rc5.rounds = atoi(val);
- } else if (PL_strcmp(param, "wordsize") == 0) {
- params->rc5.wordsize = atoi(val);
- }
- index += PL_strlen(param) + PL_strlen(val) + 2;
- param = mark + 1;
- }
- break;
-#endif
- case bltestRSA:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, &params->rsa.key, filename, bltestBase64Encoded);
- params->rsa.rsakey = rsakey_from_filedata(&params->key.buf);
- break;
- case bltestDSA:
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "key", j);
- load_file_data(arena, &params->dsa.key, filename, bltestBase64Encoded);
- params->dsa.dsakey = dsakey_from_filedata(&params->key.buf);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "pqg", j);
- load_file_data(arena, &params->dsa.pqgdata, filename,
- bltestBase64Encoded);
- params->dsa.pqg = pqg_from_filedata(&params->dsa.pqgdata.buf);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "keyseed", j);
- load_file_data(arena, &params->dsa.keyseed, filename,
- bltestBase64Encoded);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "sigseed", j);
- load_file_data(arena, &params->dsa.sigseed, filename,
- bltestBase64Encoded);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr, "ciphertext",j);
- load_file_data(arena, &params->dsa.sig, filename, bltestBase64Encoded);
- break;
- case bltestMD2:
- case bltestMD5:
- case bltestSHA1:
- /*params->hash.restart = PR_TRUE;*/
- params->hash.restart = PR_FALSE;
- break;
- default:
- break;
- }
-}
-
-SECStatus
-verify_self_test(bltestIO *result, bltestIO *cmp, bltestCipherMode mode,
- PRBool forward, SECStatus sigstatus)
-{
- int res;
- char *modestr = mode_strings[mode];
- res = SECITEM_CompareItem(&result->pBuf, &cmp->buf);
- if (is_sigCipher(mode)) {
- if (forward) {
- if (res == 0) {
- printf("Signature self-test for %s passed.\n", modestr);
- } else {
- printf("Signature self-test for %s failed!\n", modestr);
- }
- } else {
- if (sigstatus == SECSuccess) {
- printf("Verification self-test for %s passed.\n", modestr);
- } else {
- printf("Verification self-test for %s failed!\n", modestr);
- }
- }
- return sigstatus;
- } else if (is_hashCipher(mode)) {
- if (res == 0) {
- printf("Hash self-test for %s passed.\n", modestr);
- } else {
- printf("Hash self-test for %s failed!\n", modestr);
- }
- } else {
- if (forward) {
- if (res == 0) {
- printf("Encryption self-test for %s passed.\n", modestr);
- } else {
- printf("Encryption self-test for %s failed!\n", modestr);
- }
- } else {
- if (res == 0) {
- printf("Decryption self-test for %s passed.\n", modestr);
- } else {
- printf("Decryption self-test for %s failed!\n", modestr);
- }
- }
- }
- return (res != 0);
-}
-
-static SECStatus
-blapi_selftest(bltestCipherMode *modes, int numModes, int inoff, int outoff,
- PRBool encrypt, PRBool decrypt)
-{
- bltestCipherInfo cipherInfo;
- bltestIO pt, ct;
- bltestCipherMode mode;
- bltestParams *params;
- int i, j, nummodes;
- char *modestr;
- char filename[256];
- PRFileDesc *file;
- PRArenaPool *arena;
- SECItem item;
- PRBool finished;
- SECStatus rv, srv;
-
- PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo));
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- cipherInfo.arena = arena;
-
- finished = PR_FALSE;
- nummodes = (numModes == 0) ? NUMMODES : numModes;
- for (i=0; i < nummodes && !finished; i++) {
- if (i == bltestRC5_ECB || i == bltestRC5_CBC) continue;
- if (numModes > 0)
- mode = modes[i];
- else
- mode = i;
- modestr = mode_strings[mode];
- cipherInfo.mode = mode;
- params = &cipherInfo.params;
- if (mode == bltestINVALID) {
- fprintf(stderr, "%s: Skipping invalid mode %s.\n",progName,modestr);
- continue;
- }
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Self-Testing RSA\n", __bltDBG);
- }
-#endif
- /* get the number of tests in the directory */
- sprintf(filename, "%s/tests/%s/%s", testdir, modestr, "numtests");
- file = PR_Open(filename, PR_RDONLY, 00660);
- if (!file) {
- fprintf(stderr, "%s: File %s does not exist.\n", progName,filename);
- return SECFailure;
- }
- rv = SECU_FileToItem(&item, file);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Loaded data from %s\n", __bltDBG, filename);
- }
-#endif
- PR_Close(file);
- /* loop over the tests in the directory */
- for (j=0; j<(int)(item.data[0] - '0'); j++) { /* XXX bug when > 10 */
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Executing self-test #%d\n", __bltDBG, j);
- }
-#endif
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
- "plaintext", j);
- if (mode == bltestDSA)
- load_file_data(arena, &pt, filename, bltestBase64Encoded);
- else
- load_file_data(arena, &pt, filename, bltestBinary);
- sprintf(filename, "%s/tests/%s/%s%d", testdir, modestr,
- "ciphertext", j);
- load_file_data(arena, &ct, filename, bltestBase64Encoded);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Loaded data for self-test #%d\n", __bltDBG, j);
- }
-#endif
- get_params(arena, params, mode, j);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Got parameters for #%d\n", __bltDBG, j);
- }
-#endif
- /* Forward Operation (Encrypt/Sign/Hash)
- ** Align the input buffer (plaintext) according to request
- ** then perform operation and compare to ciphertext
- */
- /* XXX for now */
- rv = SECSuccess;
- if (encrypt) {
- bltestCopyIO(arena, &cipherInfo.input, &pt);
- misalignBuffer(arena, &cipherInfo.input, inoff);
- memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf);
- rv |= cipherInit(&cipherInfo, PR_TRUE);
- misalignBuffer(arena, &cipherInfo.output, outoff);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Inited cipher context and buffers for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= cipherDoOp(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Performed encrypt for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= cipherFinish(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Finished encrypt for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= verify_self_test(&cipherInfo.output,
- &ct, mode, PR_TRUE, 0);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Verified self-test for #%d\n", __bltDBG, j);
- }
-#endif
- /* If testing hash, only one op to test */
- if (is_hashCipher(mode))
- continue;
- /*if (rv) return rv;*/
- }
- if (!decrypt)
- continue;
- /* XXX for now */
- rv = SECSuccess;
- /* Reverse Operation (Decrypt/Verify)
- ** Align the input buffer (ciphertext) according to request
- ** then perform operation and compare to plaintext
- */
- if (mode != bltestDSA)
- bltestCopyIO(arena, &cipherInfo.input, &ct);
- else
- bltestCopyIO(arena, &cipherInfo.input, &pt);
- misalignBuffer(arena, &cipherInfo.input, inoff);
- memset(&cipherInfo.output.buf, 0, sizeof cipherInfo.output.buf);
- rv |= cipherInit(&cipherInfo, PR_FALSE);
- misalignBuffer(arena, &cipherInfo.output, outoff);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Inited cipher context and buffers for #%d\n", __bltDBG, j);
- }
-#endif
- srv = SECSuccess;
- srv |= cipherDoOp(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Performed decrypt for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= cipherFinish(&cipherInfo);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Finished decrypt for #%d\n", __bltDBG, j);
- }
-#endif
- rv |= verify_self_test(&cipherInfo.output,
- &pt, mode, PR_FALSE, srv);
-#ifdef TRACK_BLTEST_BUG
- if (mode == bltestRSA) {
- fprintf(stderr, "[%s] Verified self-test for #%d\n", __bltDBG, j);
- }
-#endif
- /*if (rv) return rv;*/
- }
- }
- return rv;
-}
-
-SECStatus
-dump_file(bltestCipherMode mode, char *filename)
-{
- bltestIO keydata;
- PRArenaPool *arena = NULL;
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- if (mode == bltestRSA) {
- RSAPrivateKey *key;
- load_file_data(arena, &keydata, filename, bltestBase64Encoded);
- key = rsakey_from_filedata(&keydata.buf);
- dump_rsakey(key);
- } else if (mode == bltestDSA) {
-#if 0
- PQGParams *pqg;
- get_file_data(filename, &item, PR_TRUE);
- pqg = pqg_from_filedata(&item);
- dump_pqg(pqg);
-#endif
- DSAPrivateKey *key;
- load_file_data(arena, &keydata, filename, bltestBase64Encoded);
- key = dsakey_from_filedata(&keydata.buf);
- dump_dsakey(key);
- }
- PORT_FreeArena(arena, PR_FALSE);
- return SECFailure;
-}
-
-/* bltest commands */
-enum {
- cmd_Decrypt = 0,
- cmd_Encrypt,
- cmd_FIPS,
- cmd_Hash,
- cmd_Nonce,
- cmd_Dump,
- cmd_Sign,
- cmd_SelfTest,
- cmd_Verify
-};
-
-/* bltest options */
-enum {
- opt_B64 = 0,
- opt_BufSize,
- opt_Restart,
- opt_SelfTestDir,
- opt_Exponent,
- opt_SigFile,
- opt_KeySize,
- opt_Hex,
- opt_Input,
- opt_PQGFile,
- opt_Key,
- opt_HexWSpc,
- opt_Mode,
- opt_Output,
- opt_Repetitions,
- opt_ZeroBuf,
- opt_Rounds,
- opt_Seed,
- opt_SigSeedFile,
- opt_CXReps,
- opt_IV,
- opt_WordSize,
- opt_UseSeed,
- opt_UseSigSeed,
- opt_SeedFile,
- opt_InputOffset,
- opt_OutputOffset,
- opt_MonteCarlo,
- opt_CmdLine
-};
-
-static secuCommandFlag bltest_commands[] =
-{
- { /* cmd_Decrypt */ 'D', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Encrypt */ 'E', PR_FALSE, 0, PR_FALSE },
- { /* cmd_FIPS */ 'F', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Hash */ 'H', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Nonce */ 'N', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Dump */ 'P', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Sign */ 'S', PR_FALSE, 0, PR_FALSE },
- { /* cmd_SelfTest */ 'T', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Verify */ 'V', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag bltest_options[] =
-{
- { /* opt_B64 */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_BufSize */ 'b', PR_TRUE, 0, PR_FALSE },
- { /* opt_Restart */ 'c', PR_FALSE, 0, PR_FALSE },
- { /* opt_SelfTestDir */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_Exponent */ 'e', PR_TRUE, 0, PR_FALSE },
- { /* opt_SigFile */ 'f', PR_TRUE, 0, PR_FALSE },
- { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE },
- { /* opt_Hex */ 'h', PR_FALSE, 0, PR_FALSE },
- { /* opt_Input */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_PQGFile */ 'j', PR_TRUE, 0, PR_FALSE },
- { /* opt_Key */ 'k', PR_TRUE, 0, PR_FALSE },
- { /* opt_HexWSpc */ 'l', PR_FALSE, 0, PR_FALSE },
- { /* opt_Mode */ 'm', PR_TRUE, 0, PR_FALSE },
- { /* opt_Output */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_Repetitions */ 'p', PR_TRUE, 0, PR_FALSE },
- { /* opt_ZeroBuf */ 'q', PR_FALSE, 0, PR_FALSE },
- { /* opt_Rounds */ 'r', PR_TRUE, 0, PR_FALSE },
- { /* opt_Seed */ 's', PR_TRUE, 0, PR_FALSE },
- { /* opt_SigSeedFile */ 't', PR_TRUE, 0, PR_FALSE },
- { /* opt_CXReps */ 'u', PR_TRUE, 0, PR_FALSE },
- { /* opt_IV */ 'v', PR_TRUE, 0, PR_FALSE },
- { /* opt_WordSize */ 'w', PR_TRUE, 0, PR_FALSE },
- { /* opt_UseSeed */ 'x', PR_FALSE, 0, PR_FALSE },
- { /* opt_UseSigSeed */ 'y', PR_FALSE, 0, PR_FALSE },
- { /* opt_SeedFile */ 'z', PR_FALSE, 0, PR_FALSE },
- { /* opt_InputOffset */ '1', PR_TRUE, 0, PR_FALSE },
- { /* opt_OutputOffset */ '2', PR_TRUE, 0, PR_FALSE },
- { /* opt_MonteCarlo */ '3', PR_FALSE, 0, PR_FALSE },
- { /* opt_CmdLine */ '-', PR_FALSE, 0, PR_FALSE }
-};
-
-int main(int argc, char **argv)
-{
- char *infileName, *outfileName, *keyfileName, *ivfileName;
- SECStatus rv;
-
- bltestCipherInfo cipherInfo;
- bltestParams *params;
- PRFileDesc *file, *infile, *outfile;
- char *instr = NULL;
- PRArenaPool *arena;
- bltestIOMode ioMode;
- int keysize, bufsize, exponent;
- int i, commandsEntered;
- int inoff, outoff;
-
- secuCommand bltest;
- bltest.numCommands = sizeof(bltest_commands) / sizeof(secuCommandFlag);
- bltest.numOptions = sizeof(bltest_options) / sizeof(secuCommandFlag);
- bltest.commands = bltest_commands;
- bltest.options = bltest_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = RNG_RNGInit();
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
- RNG_SystemInfoForRNG();
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &bltest);
-
- PORT_Memset(&cipherInfo, 0, sizeof(cipherInfo));
- arena = PORT_NewArena(BLTEST_DEFAULT_CHUNKSIZE);
- cipherInfo.arena = arena;
- params = &cipherInfo.params;
- /* set some defaults */
- infileName = outfileName = keyfileName = ivfileName = NULL;
-
- /* Check the number of commands entered on the command line. */
- commandsEntered = 0;
- for (i=0; i<bltest.numCommands; i++)
- if (bltest.commands[i].activated)
- commandsEntered++;
-
- if (commandsEntered > 1 &&
- !(commandsEntered == 2 && bltest.commands[cmd_SelfTest].activated)) {
- fprintf(stderr, "%s: one command at a time!\n", progName);
- Usage();
- }
- if (commandsEntered == 0) {
- fprintf(stderr, "%s: you must enter a command!\n", progName);
- Usage();
- }
-
- if (bltest.commands[cmd_Sign].activated)
- bltest.commands[cmd_Encrypt].activated = PR_TRUE;
- if (bltest.commands[cmd_Verify].activated)
- bltest.commands[cmd_Decrypt].activated = PR_TRUE;
- if (bltest.commands[cmd_Hash].activated)
- bltest.commands[cmd_Encrypt].activated = PR_TRUE;
-
- inoff = outoff = 0;
- if (bltest.options[opt_InputOffset].activated)
- inoff = PORT_Atoi(bltest.options[opt_InputOffset].arg);
- if (bltest.options[opt_OutputOffset].activated)
- outoff = PORT_Atoi(bltest.options[opt_OutputOffset].arg);
-
- testdir = (bltest.options[opt_SelfTestDir].activated) ?
- strdup(bltest.options[opt_SelfTestDir].arg) : ".";
-
- /*
- * Handle three simple cases first
- */
-
- /* Do BLAPI self-test */
- if (bltest.commands[cmd_SelfTest].activated) {
- PRBool encrypt = PR_TRUE, decrypt = PR_TRUE;
- /* user may specified a set of ciphers to test. parse them. */
- bltestCipherMode modesToTest[NUMMODES];
- int numModesToTest = 0;
- char *tok, *str;
- str = bltest.options[opt_Mode].arg;
- while (str) {
- tok = strchr(str, ',');
- if (tok) *tok = '\0';
- modesToTest[numModesToTest++] = get_mode(str);
- if (tok) {
- *tok = ',';
- str = tok + 1;
- } else {
- break;
- }
- }
- if (bltest.commands[cmd_Decrypt].activated &&
- !bltest.commands[cmd_Encrypt].activated)
- encrypt = PR_FALSE;
- if (bltest.commands[cmd_Encrypt].activated &&
- !bltest.commands[cmd_Decrypt].activated)
- decrypt = PR_FALSE;
- return blapi_selftest(modesToTest, numModesToTest, inoff, outoff,
- encrypt, decrypt);
- }
-
- /* Do FIPS self-test */
- if (bltest.commands[cmd_FIPS].activated) {
- CK_RV ckrv = pk11_fipsPowerUpSelfTest();
- fprintf(stdout, "CK_RV: %ld.\n", ckrv);
- return 0;
- }
-
- /*
- * Check command line arguments for Encrypt/Decrypt/Hash/Sign/Verify
- */
-
- if ((bltest.commands[cmd_Decrypt].activated ||
- bltest.commands[cmd_Verify].activated) &&
- bltest.options[opt_BufSize].activated) {
- fprintf(stderr, "%s: cannot use a nonce as input to decrypt/verify.\n",
- progName);
- Usage();
- }
-
- if (bltest.options[opt_Mode].activated) {
- cipherInfo.mode = get_mode(bltest.options[opt_Mode].arg);
- if (cipherInfo.mode == bltestINVALID) {
- fprintf(stderr, "%s: Invalid mode \"%s\"\n", progName,
- bltest.options[opt_Mode].arg);
- Usage();
- }
- } else {
- fprintf(stderr, "%s: You must specify a cipher mode with -m.\n",
- progName);
- Usage();
- }
-
- if (bltest.options[opt_Repetitions].activated) {
- cipherInfo.repetitions = PORT_Atoi(bltest.options[opt_Repetitions].arg);
- } else {
- cipherInfo.repetitions = 0;
- }
-
-
- if (bltest.options[opt_CXReps].activated) {
- cipherInfo.cxreps = PORT_Atoi(bltest.options[opt_CXReps].arg);
- } else {
- cipherInfo.cxreps = 0;
- }
-
- /* Dump a file (rsakey, dsakey, etc.) */
- if (bltest.commands[cmd_Dump].activated) {
- return dump_file(cipherInfo.mode, bltest.options[opt_Input].arg);
- }
-
- /* default input mode is binary */
- ioMode = (bltest.options[opt_B64].activated) ? bltestBase64Encoded :
- (bltest.options[opt_Hex].activated) ? bltestHexStream :
- (bltest.options[opt_HexWSpc].activated) ? bltestHexSpaceDelim :
- bltestBinary;
-
- if (bltest.options[opt_KeySize].activated)
- keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
- else
- keysize = 0;
-
- if (bltest.options[opt_Exponent].activated)
- exponent = PORT_Atoi(bltest.options[opt_Exponent].arg);
- else
- exponent = 65537;
-
- /* Set up an encryption key. */
- keysize = 0;
- file = NULL;
- if (is_symmkeyCipher(cipherInfo.mode)) {
- char *keystr = NULL; /* if key is on command line */
- if (bltest.options[opt_Key].activated) {
- if (bltest.options[opt_CmdLine].activated) {
- keystr = bltest.options[opt_Key].arg;
- } else {
- file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660);
- }
- } else {
- if (bltest.options[opt_KeySize].activated)
- keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
- else
- keysize = 8; /* use 64-bit default (DES) */
- /* save the random key for reference */
- file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- params->key.mode = ioMode;
- setupIO(cipherInfo.arena, &params->key, file, keystr, keysize);
- if (file)
- PR_Close(file);
- } else if (is_pubkeyCipher(cipherInfo.mode)) {
- if (bltest.options[opt_Key].activated) {
- file = PR_Open(bltest.options[opt_Key].arg, PR_RDONLY, 00660);
- } else {
- if (bltest.options[opt_KeySize].activated)
- keysize = PORT_Atoi(bltest.options[opt_KeySize].arg);
- else
- keysize = 64; /* use 512-bit default */
- file = PR_Open("tmp.key", PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- params->key.mode = bltestBase64Encoded;
- pubkeyInitKey(&cipherInfo, file, keysize, exponent);
- PR_Close(file);
- }
-
- /* set up an initialization vector. */
- if (cipher_requires_IV(cipherInfo.mode)) {
- char *ivstr = NULL;
- bltestSymmKeyParams *skp;
- file = NULL;
- if (cipherInfo.mode == bltestRC5_CBC)
- skp = (bltestSymmKeyParams *)&params->rc5;
- else
- skp = &params->sk;
- if (bltest.options[opt_IV].activated) {
- if (bltest.options[opt_CmdLine].activated) {
- ivstr = bltest.options[opt_IV].arg;
- } else {
- file = PR_Open(bltest.options[opt_IV].arg, PR_RDONLY, 00660);
- }
- } else {
- /* save the random iv for reference */
- file = PR_Open("tmp.iv", PR_WRONLY|PR_CREATE_FILE, 00660);
- }
- memset(&skp->iv, 0, sizeof skp->iv);
- skp->iv.mode = ioMode;
- setupIO(cipherInfo.arena, &skp->iv, file, ivstr, keysize);
- if (file)
- PR_Close(file);
- }
-
- if (bltest.commands[cmd_Verify].activated) {
- if (!bltest.options[opt_SigFile].activated) {
- fprintf(stderr, "%s: You must specify a signature file with -f.\n",
- progName);
- exit(-1);
- }
- file = PR_Open(bltest.options[opt_SigFile].arg, PR_RDONLY, 00660);
- memset(&cipherInfo.params.dsa.sig, 0, sizeof(bltestIO));
- cipherInfo.params.dsa.sig.mode = ioMode;
- setupIO(cipherInfo.arena, &cipherInfo.params.dsa.sig, file, NULL, 0);
- }
-
- if (bltest.options[opt_PQGFile].activated) {
- file = PR_Open(bltest.options[opt_PQGFile].arg, PR_RDONLY, 00660);
- params->dsa.pqgdata.mode = bltestBase64Encoded;
- setupIO(cipherInfo.arena, &params->dsa.pqgdata, file, NULL, 0);
- }
-
- /* Set up the input buffer */
- if (bltest.options[opt_Input].activated) {
- if (bltest.options[opt_CmdLine].activated) {
- instr = bltest.options[opt_Input].arg;
- infile = NULL;
- } else {
- infile = PR_Open(bltest.options[opt_Input].arg, PR_RDONLY, 00660);
- }
- } else if (bltest.options[opt_BufSize].activated) {
- /* save the random plaintext for reference */
- infile = PR_Open("tmp.in", PR_WRONLY|PR_CREATE_FILE, 00660);
- } else {
- infile = PR_STDIN;
- }
- cipherInfo.input.mode = ioMode;
-
- /* Set up the output stream */
- if (bltest.options[opt_Output].activated) {
- outfile = PR_Open(bltest.options[opt_Output].arg,
- PR_WRONLY|PR_CREATE_FILE, 00660);
- } else {
- outfile = PR_STDOUT;
- }
- cipherInfo.output.mode = ioMode;
-
- if (is_hashCipher(cipherInfo.mode))
- cipherInfo.params.hash.restart = bltest.options[opt_Restart].activated;
-
- bufsize = 0;
- if (bltest.options[opt_BufSize].activated)
- bufsize = PORT_Atoi(bltest.options[opt_BufSize].arg);
-
- /*infile = NULL;*/
- setupIO(cipherInfo.arena, &cipherInfo.input, infile, instr, bufsize);
- misalignBuffer(cipherInfo.arena, &cipherInfo.input, inoff);
-
- cipherInit(&cipherInfo, bltest.commands[cmd_Encrypt].activated);
- misalignBuffer(cipherInfo.arena, &cipherInfo.output, outoff);
-
- if (!bltest.commands[cmd_Nonce].activated) {
- if (bltest.options[opt_MonteCarlo].activated) {
- int mciter;
- for (mciter=0; mciter<10000; mciter++) {
- cipherDoOp(&cipherInfo);
- memcpy(cipherInfo.input.buf.data,
- cipherInfo.output.buf.data,
- cipherInfo.input.buf.len);
- }
- } else {
- cipherDoOp(&cipherInfo);
- }
- cipherFinish(&cipherInfo);
- finishIO(&cipherInfo.output, outfile);
- }
-
- if (cipherInfo.repetitions > 0 || cipherInfo.cxreps > 0)
- dump_performance_info(&cipherInfo,
- bltest.commands[cmd_Encrypt].activated,
- (cipherInfo.repetitions == 0));
-
- if (infile && infile != PR_STDIN)
- PR_Close(infile);
- if (outfile && outfile != PR_STDOUT)
- PR_Close(outfile);
- PORT_FreeArena(cipherInfo.arena, PR_TRUE);
-
- /*NSS_Shutdown();*/
-
- return SECSuccess;
-}
diff --git a/security/nss/cmd/bltest/manifest.mn b/security/nss/cmd/bltest/manifest.mn
deleted file mode 100644
index 4726d2a39..000000000
--- a/security/nss/cmd/bltest/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-REQUIRES = seccmd dbm
-
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken
-
-PROGRAM = bltest
-
- USE_STATIC_LIBS = 1
-
-EXPORTS = \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- $(NULL)
-
-CSRCS = \
- blapitest.c \
- $(NULL)
-
diff --git a/security/nss/cmd/bltest/tests/README b/security/nss/cmd/bltest/tests/README
deleted file mode 100644
index 998639aee..000000000
--- a/security/nss/cmd/bltest/tests/README
+++ /dev/null
@@ -1,26 +0,0 @@
-This directory contains a set of tests for each cipher supported by BLAPI. Each subdirectory contains known plaintext and ciphertext pairs (and keys and/or iv's if needed). The tests can be run as a full set with:
-bltest -T
-or as subsets, for example:
-bltest -T des_ecb rc2 rsa
-
-In each subdirectory, the plaintext, key, and iv are ascii, and treated as such. The ciphertext is base64-encoded to avoid the hassle of binary files.
-
-To add a test, incremement the value in the numtests file. Create a plaintext, key, and iv file, such that the name of the file is incrememted one from the last set of tests. For example, if you are adding the second test, put your data in files named plaintext1, key1, and iv1 (ignoring key and iv if they are not needed, of course). Make sure your key and iv are the correct number of bytes for your cipher (a trailing \n is okay, but any other trailing bytes will be used!). Once you have your input data, create output data by running bltest on a trusted implementation. For example, for a new DES ECB test, run
-bltest -E -m des_ecb -i plaintext1 -k key1 -o ciphertext1 -a
-in the tests/des_ecb directory. Then run
-bltest -T des_ecb
-from the cmd/bltest directory in the tree of the implementation you want to test.
-
-Note that the -a option above is important, it tells bltest to expect the input to be straight ASCII, and not base64 encoded binary!
-
-Special cases:
-
-RC5:
-RC5 can take additional parameters, the number of rounds to perform and the wordsize to use. The number of rounds is between is between 0 and 255, and the wordsize is either is either 16, 32, or 64 bits (at this time only 32-bit is supported). These parameters are specified in a paramsN file, where N is an index as above. The format of the file is "rounds=R\nwordsize=W\n".
-
-public key modes (RSA and DSA):
-Asymmetric key ciphers use keys with special properties, so creating a key file with "Mozilla!" in it will not get you very far! To create a public key, run bltest with the plaintext you want to encrypt, using a trusted implementation. bltest will generate a key and store it in "tmp.key", rename that file to keyN. For example:
-bltest -E -m rsa -i plaintext0 -o ciphertext0 -e 65537 -g 32 -a
-mv tmp.key key0
-
-[note: specifying a keysize (-g) when using RSA is important!] \ No newline at end of file
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
deleted file mode 100644
index 040a397d7..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-oJLgOzZ1GiWt3DGo2sPKaA==
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/iv0 b/security/nss/cmd/bltest/tests/aes_cbc/iv0
deleted file mode 100644
index 4e65bc034..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-qwertyuiopasdfgh
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/key0 b/security/nss/cmd/bltest/tests/aes_cbc/key0
deleted file mode 100644
index 13911cc29..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-fedcba9876543210
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/numtests b/security/nss/cmd/bltest/tests/aes_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0 b/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
deleted file mode 100644
index 8d6a8d555..000000000
--- a/security/nss/cmd/bltest/tests/aes_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-0123456789abcdef
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
deleted file mode 100644
index d6818c1d0..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-PVuaCIiaKQhblgFCbVMTTg==
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/key0 b/security/nss/cmd/bltest/tests/aes_ecb/key0
deleted file mode 100644
index 13911cc29..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-fedcba9876543210
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/numtests b/security/nss/cmd/bltest/tests/aes_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0 b/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
deleted file mode 100644
index 8d6a8d555..000000000
--- a/security/nss/cmd/bltest/tests/aes_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-0123456789abcdef
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
deleted file mode 100644
index 61dae3192..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-KV3MDNGKWOc=
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/iv0 b/security/nss/cmd/bltest/tests/des3_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/key0 b/security/nss/cmd/bltest/tests/des3_cbc/key0
deleted file mode 100644
index 588efd111..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/numtests b/security/nss/cmd/bltest/tests/des3_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des3_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
deleted file mode 100644
index 76dc820d3..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-RgckVNh4QcM=
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/key0 b/security/nss/cmd/bltest/tests/des3_ecb/key0
deleted file mode 100644
index 588efd111..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-abcdefghijklmnopqrstuvwx
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/numtests b/security/nss/cmd/bltest/tests/des3_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des3_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
deleted file mode 100644
index 67d2ad1aa..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-Perdg9FMYQ4=
diff --git a/security/nss/cmd/bltest/tests/des_cbc/iv0 b/security/nss/cmd/bltest/tests/des_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/des_cbc/key0 b/security/nss/cmd/bltest/tests/des_cbc/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/des_cbc/numtests b/security/nss/cmd/bltest/tests/des_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des_cbc/plaintext0 b/security/nss/cmd/bltest/tests/des_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
deleted file mode 100644
index 8be22fa5c..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-3bNoWzzNiFc=
diff --git a/security/nss/cmd/bltest/tests/des_ecb/key0 b/security/nss/cmd/bltest/tests/des_ecb/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/des_ecb/numtests b/security/nss/cmd/bltest/tests/des_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/des_ecb/plaintext0 b/security/nss/cmd/bltest/tests/des_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/des_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/dsa/ciphertext0 b/security/nss/cmd/bltest/tests/dsa/ciphertext0
deleted file mode 100644
index 8e7150562..000000000
--- a/security/nss/cmd/bltest/tests/dsa/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-fB0bnKWvjT6X5NIkZ5l/Y/DXZ6QNI6j0iPhR/ZERkfj67xRnTWY1cg==
diff --git a/security/nss/cmd/bltest/tests/dsa/key0 b/security/nss/cmd/bltest/tests/dsa/key0
deleted file mode 100644
index e582eeb04..000000000
--- a/security/nss/cmd/bltest/tests/dsa/key0
+++ /dev/null
@@ -1,6 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s
-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA
-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
-xC6fb0ZLCIzFcq9T5teIAgAAAEAZExhx11sWEqgZ8p140bDXNG96p3u2KoWb/WxW
-ddqdIS06Nu8Wcu9mC4x8JVzA7HSFj7oz9EwGaZYwp2sDDuMzAAAAFCBwsyI9ujcv
-3hwP/HsuO0mLJgYU
diff --git a/security/nss/cmd/bltest/tests/dsa/keyseed0 b/security/nss/cmd/bltest/tests/dsa/keyseed0
deleted file mode 100644
index 6eea359db..000000000
--- a/security/nss/cmd/bltest/tests/dsa/keyseed0
+++ /dev/null
@@ -1 +0,0 @@
-AAAAAAAAAAAAAAAAAAAAAAAAAAA=
diff --git a/security/nss/cmd/bltest/tests/dsa/numtests b/security/nss/cmd/bltest/tests/dsa/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/dsa/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/dsa/plaintext0 b/security/nss/cmd/bltest/tests/dsa/plaintext0
deleted file mode 100644
index 48fbdb6fd..000000000
--- a/security/nss/cmd/bltest/tests/dsa/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
diff --git a/security/nss/cmd/bltest/tests/dsa/pqg0 b/security/nss/cmd/bltest/tests/dsa/pqg0
deleted file mode 100644
index f16326ccc..000000000
--- a/security/nss/cmd/bltest/tests/dsa/pqg0
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAAQI3ypJRJInaqPSV1m7BoacvqwNg6+40M98u4Mk8NeILl0HYvxbchDq/C6a2s
-Mqt6rElpPfv4NyTC7Ac27jHIApEAAAAUx3MhjHN+yO6ZO08t7TD0jtrOkV8AAABA
-Ym0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5Uhklyc
-xC6fb0ZLCIzFcq9T5teIAg==
diff --git a/security/nss/cmd/bltest/tests/dsa/sigseed0 b/security/nss/cmd/bltest/tests/dsa/sigseed0
deleted file mode 100644
index 05d7fd2d6..000000000
--- a/security/nss/cmd/bltest/tests/dsa/sigseed0
+++ /dev/null
@@ -1 +0,0 @@
-aHpm2QZI+ZOGfhIfTd+d2wEgVYQ=
diff --git a/security/nss/cmd/bltest/tests/md2/ciphertext0 b/security/nss/cmd/bltest/tests/md2/ciphertext0
deleted file mode 100644
index 22e1fc496..000000000
--- a/security/nss/cmd/bltest/tests/md2/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-CS/UNcrWhB5Knt7Gf8Tz3Q==
diff --git a/security/nss/cmd/bltest/tests/md2/numtests b/security/nss/cmd/bltest/tests/md2/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/md2/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/md2/plaintext0 b/security/nss/cmd/bltest/tests/md2/plaintext0
deleted file mode 100644
index dce2994ba..000000000
--- a/security/nss/cmd/bltest/tests/md2/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-16-bytes to MD2.
diff --git a/security/nss/cmd/bltest/tests/md5/ciphertext0 b/security/nss/cmd/bltest/tests/md5/ciphertext0
deleted file mode 100644
index ea11ee523..000000000
--- a/security/nss/cmd/bltest/tests/md5/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-XN8lnQuWAiMqmSGfvd8Hdw==
diff --git a/security/nss/cmd/bltest/tests/md5/numtests b/security/nss/cmd/bltest/tests/md5/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/md5/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/md5/plaintext0 b/security/nss/cmd/bltest/tests/md5/plaintext0
deleted file mode 100644
index 5ae3875e2..000000000
--- a/security/nss/cmd/bltest/tests/md5/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-63-byte input to MD5 can be a bit tricky, but no problems here.
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
deleted file mode 100644
index d964ef864..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-3ki6eVsWpY8=
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/iv0 b/security/nss/cmd/bltest/tests/rc2_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/key0 b/security/nss/cmd/bltest/tests/rc2_cbc/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/numtests b/security/nss/cmd/bltest/tests/rc2_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc2_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
deleted file mode 100644
index 337d30765..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-WT+tc4fANhQ=
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/key0 b/security/nss/cmd/bltest/tests/rc2_ecb/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/numtests b/security/nss/cmd/bltest/tests/rc2_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc2_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext0 b/security/nss/cmd/bltest/tests/rc4/ciphertext0
deleted file mode 100644
index 004f13472..000000000
--- a/security/nss/cmd/bltest/tests/rc4/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-34sTZJtr20k=
diff --git a/security/nss/cmd/bltest/tests/rc4/ciphertext1 b/security/nss/cmd/bltest/tests/rc4/ciphertext1
deleted file mode 100644
index 6050da4c6..000000000
--- a/security/nss/cmd/bltest/tests/rc4/ciphertext1
+++ /dev/null
@@ -1 +0,0 @@
-34sTZJtr20nGP6VxS3BIBxxIYm6QGIa1rehFHn51z9M=
diff --git a/security/nss/cmd/bltest/tests/rc4/key0 b/security/nss/cmd/bltest/tests/rc4/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc4/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc4/key1 b/security/nss/cmd/bltest/tests/rc4/key1
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc4/key1
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc4/numtests b/security/nss/cmd/bltest/tests/rc4/numtests
deleted file mode 100644
index 0cfbf0888..000000000
--- a/security/nss/cmd/bltest/tests/rc4/numtests
+++ /dev/null
@@ -1 +0,0 @@
-2
diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext0 b/security/nss/cmd/bltest/tests/rc4/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc4/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc4/plaintext1 b/security/nss/cmd/bltest/tests/rc4/plaintext1
deleted file mode 100644
index d41abc7b8..000000000
--- a/security/nss/cmd/bltest/tests/rc4/plaintext1
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!Mozilla!Mozilla!Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
deleted file mode 100644
index 544713b33..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-qsv4Fn2J6d0=
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/iv0 b/security/nss/cmd/bltest/tests/rc5_cbc/iv0
deleted file mode 100644
index 97b5955f7..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/iv0
+++ /dev/null
@@ -1 +0,0 @@
-12345678
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/key0 b/security/nss/cmd/bltest/tests/rc5_cbc/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/numtests b/security/nss/cmd/bltest/tests/rc5_cbc/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/params0 b/security/nss/cmd/bltest/tests/rc5_cbc/params0
deleted file mode 100644
index d68e0362d..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/params0
+++ /dev/null
@@ -1,2 +0,0 @@
-rounds=10
-wordsize=4
diff --git a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0 b/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc5_cbc/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0 b/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
deleted file mode 100644
index 133777dd0..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-4ZKK/1v5Ohc=
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/key0 b/security/nss/cmd/bltest/tests/rc5_ecb/key0
deleted file mode 100644
index 65513c116..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/key0
+++ /dev/null
@@ -1 +0,0 @@
-zyxwvuts
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/numtests b/security/nss/cmd/bltest/tests/rc5_ecb/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/params0 b/security/nss/cmd/bltest/tests/rc5_ecb/params0
deleted file mode 100644
index d68e0362d..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/params0
+++ /dev/null
@@ -1,2 +0,0 @@
-rounds=10
-wordsize=4
diff --git a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0 b/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
deleted file mode 100644
index 5513e438c..000000000
--- a/security/nss/cmd/bltest/tests/rc5_ecb/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-Mozilla!
diff --git a/security/nss/cmd/bltest/tests/rsa/ciphertext0 b/security/nss/cmd/bltest/tests/rsa/ciphertext0
deleted file mode 100644
index 943ea599a..000000000
--- a/security/nss/cmd/bltest/tests/rsa/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-qPVrXv0y3SC5rY44bIi6GE4Aec8uDpHH7/cCg0FU5as=
diff --git a/security/nss/cmd/bltest/tests/rsa/key0 b/security/nss/cmd/bltest/tests/rsa/key0
deleted file mode 100644
index 1352fe986..000000000
--- a/security/nss/cmd/bltest/tests/rsa/key0
+++ /dev/null
@@ -1,4 +0,0 @@
-AAAAAAAAACC5lyu2K2ro8YGnvOCKaL1sFX1HEIblIVbuMXsa8oeFSwAAAAERAAAA
-IBXVjKwFG6LvPG4WOIjBBzmxGNpkQwDs3W5qZcXVzqahAAAAEOEOH/WnhZCJyM39
-oNfhf18AAAAQ0xvmxqXXs3L62xxogUl9lQAAABAaeiHgqkvy4wiQtG1Gkv/tAAAA
-EMaw2TNu6SFdKFXAYluQdjEAAAAQi0u+IlgKCt/hatGAsTrfzQ==
diff --git a/security/nss/cmd/bltest/tests/rsa/numtests b/security/nss/cmd/bltest/tests/rsa/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/rsa/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/rsa/plaintext0 b/security/nss/cmd/bltest/tests/rsa/plaintext0
deleted file mode 100644
index d915bc88c..000000000
--- a/security/nss/cmd/bltest/tests/rsa/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-512bitsforRSAPublicKeyEncryption
diff --git a/security/nss/cmd/bltest/tests/sha1/ciphertext0 b/security/nss/cmd/bltest/tests/sha1/ciphertext0
deleted file mode 100644
index 1fe4bd2bd..000000000
--- a/security/nss/cmd/bltest/tests/sha1/ciphertext0
+++ /dev/null
@@ -1 +0,0 @@
-cDSMAygXMPIJZC5bntZ4ZhecQ9g=
diff --git a/security/nss/cmd/bltest/tests/sha1/numtests b/security/nss/cmd/bltest/tests/sha1/numtests
deleted file mode 100644
index d00491fd7..000000000
--- a/security/nss/cmd/bltest/tests/sha1/numtests
+++ /dev/null
@@ -1 +0,0 @@
-1
diff --git a/security/nss/cmd/bltest/tests/sha1/plaintext0 b/security/nss/cmd/bltest/tests/sha1/plaintext0
deleted file mode 100644
index 863e79c65..000000000
--- a/security/nss/cmd/bltest/tests/sha1/plaintext0
+++ /dev/null
@@ -1 +0,0 @@
-A cage went in search of a bird.
diff --git a/security/nss/cmd/btoa/Makefile b/security/nss/cmd/btoa/Makefile
deleted file mode 100644
index 763faa253..000000000
--- a/security/nss/cmd/btoa/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/btoa/btoa.c b/security/nss/cmd/btoa/btoa.c
deleted file mode 100644
index d58805c65..000000000
--- a/security/nss/cmd/btoa/btoa.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plgetopt.h"
-#include "secutil.h"
-#include "nssb64.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-static PRInt32
-output_ascii (void *arg, const char *obuf, PRInt32 size)
-{
- FILE *outFile = arg;
- int nb;
-
- nb = fwrite(obuf, 1, size, outFile);
- if (nb != size) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
-
- return nb;
-}
-
-static SECStatus
-encode_file(FILE *outFile, FILE *inFile)
-{
- NSSBase64Encoder *cx;
- int nb;
- SECStatus status = SECFailure;
- unsigned char ibuf[4096];
-
- cx = NSSBase64Encoder_Create(output_ascii, outFile);
- if (!cx) {
- return -1;
- }
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
- /* eof */
- break;
- }
- }
-
- status = NSSBase64Encoder_Update(cx, ibuf, nb);
- if (status != SECSuccess) goto loser;
- }
-
- status = NSSBase64Encoder_Destroy(cx, PR_FALSE);
- if (status != SECSuccess)
- return status;
-
- /*
- * Add a trailing CRLF. Note this must be done *after* the call
- * to Destroy above (because only then are we sure all data has
- * been written out).
- */
- fwrite("\r\n", 1, 2, outFile);
- return SECSuccess;
-
- loser:
- (void) NSSBase64Encoder_Destroy(cx, PR_TRUE);
- return status;
-}
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- char *progName;
- SECStatus rv;
- FILE *inFile, *outFile;
- PLOptState *optstate;
- PLOptStatus status;
-
- inFile = 0;
- outFile = 0;
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- optstate = PL_CreateOptState(argc, argv, "i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- default:
- Usage(progName);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "rb");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
- }
- }
- if (status == PL_OPT_BAD)
- Usage(progName);
- if (!inFile) {
-#if defined(WIN32)
- /* If we're going to read binary data from stdin, we must put stdin
- ** into O_BINARY mode or else incoming \r\n's will become \n's.
- */
-
- int smrv = _setmode(_fileno(stdin), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdin to binary mode. Use -i option instead.\n",
- progName);
- return smrv;
- }
-#endif
- inFile = stdin;
- }
- if (!outFile)
- outFile = stdout;
- rv = encode_file(outFile, inFile);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: lossage: error=%d errno=%d\n",
- progName, PORT_GetError(), errno);
- return -1;
- }
- return 0;
-}
diff --git a/security/nss/cmd/btoa/makefile.win b/security/nss/cmd/btoa/makefile.win
deleted file mode 100644
index 28d3ee873..000000000
--- a/security/nss/cmd/btoa/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = btoa
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/btoa/manifest.mn b/security/nss/cmd/btoa/manifest.mn
deleted file mode 100644
index 8bbf6ee00..000000000
--- a/security/nss/cmd/btoa/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# MODULE is implicitly REQUIRED, doesn't need to be listed below.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = btoa.c
-
-PROGRAM = btoa
-
diff --git a/security/nss/cmd/certcgi/HOWTO.txt b/security/nss/cmd/certcgi/HOWTO.txt
deleted file mode 100644
index f02ad32fd..000000000
--- a/security/nss/cmd/certcgi/HOWTO.txt
+++ /dev/null
@@ -1,168 +0,0 @@
- How to setup your very own Cert-O-Matic Root CA server
-
-***** BEGIN LICENSE BLOCK *****
-Version: MPL 1.1/GPL 2.0/LGPL 2.1
-
-The contents of this file are subject to the Mozilla Public License Version
-1.1 (the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS IS" basis,
-WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-for the specific language governing rights and limitations under the
-License.
-
-The Original Code is Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape Communications
-Corporation. Portions created by the Initial Developer are
-Copyright (C) 2001 the Initial Developer. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the terms of
-either the GNU General Public License Version 2 or later (the "GPL"), or
-the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-in which case the provisions of the GPL or the LGPL are applicable instead
-of those above. If you wish to allow use of your version of this file only
-under the terms of either the GPL or the LGPL, and not to allow others to
-use your version of this file under the terms of the MPL, indicate your
-decision by deleting the provisions above and replace them with the notice
-and other provisions required by the GPL or the LGPL. If you do not delete
-the provisions above, a recipient may use your version of this file under
-the terms of any one of the MPL, the GPL or the LGPL.
-
-***** END LICENSE BLOCK *****
-
- How to setup your very own Cert-O-Matic Root CA server
-
-The program certcgi is part of a small test CA that is used inside
-Netscape by the NSS development team. That CA is affectionately known
-as "Cert-O-Matic" or "Cert-O-Matic II". It presently runs on a server
-named interzone.mcom.com inside Netscape's firewall.
-
-If you wish to setup your own Cert-O-Matic, here are directions.
-
-Disclaimer: This program does not follow good practices for root CAs.
-It should be used only for playing/testing and never for production use.
-Remember, you've been warned!
-
-Cert-O-Matic consists of some html files, shell scripts, one executable
-program that uses NSS and NSPR, the usual set of NSS .db files, and a file
-in which to remember the serial number of the last cert issued. The
-html files and the source to the executable program are in this directory.
-Sample shell scripts are shown below.
-
-The shell scripts and executable program run as CGI "scripts". The
-entire thing runs on an ordinary http web server. It would also run on
-an https web server. The shell scripts and html files must be
-customized for the server on which they run.
-
-The package assumes you have a "document root" directory $DOCROOT, and a
-"cgi-bin" directory $CGIBIN. In this example, the document root is
-assumed to be located in /var/www/htdocs, and the cgi-bin directory in
-/var/www/cgi-bin.
-
-The server is assumed to run all cgi scripts as the user "nobody".
-The names of the cgi scripts run directly by the server all end in .cgi
-because some servers like it that way.
-
-Instructions:
-
-- Create directory $DOCROOT/certomatic
-- Copy the following files from nss/cmd/certcgi to $DOCROOT/certomatic
- ca.html index.html main.html nscp_ext_form.html stnd_ext_form.html
-- Edit the html files, substituting the name of your own server for the
- server named in those files.
-- In some web page (e.g. your server's home page), provide an html link to
- $DOCROOT/certomatic/index.html. This is where users start to get their
- own certs from certomatic.
-- give these files and directories appropriate permissions.
-
-- Create directories $CGIBIN/certomatic and $CGIBIN/certomatic/bin
- make sure that $CGIBIN/certomatic is writable by "nobody"
-
-- Create a new set of NSS db files there with the following command:
-
- certutil -N -d $CGIBIN/certomatic
-
-- when certutil prompts you for the password, enter the word foo
- because that is compiled into the certcgi program.
-
-- Create the new Root CA cert with this command
-
- certutil -S -x -d $CGIBIN/certomatic -n "Cert-O-Matic II" \
- -s "CN=Cert-O-Matic II, O=Cert-O-Matic II" -t TCu,cu,cu -k rsa \
- -g 1024 -m 10001 -v 60
-
- (adjust the -g, -m and -v parameters to taste. -s and -x must be as
-shown.)
-
-- dump out the new root CA cert in base64 encoding:
-
- certutil -d $CGIBIN/certomatic -L -n "Cert-O-Matic II" -a > \
- $CGIBIN/certomatic/root.cacert
-
-- In $CGIBIN/certomatic/bin add two shell scripts - one to download the
- root CA cert on demand, and one to run the certcgi program.
-
-download.cgi, the script to install the root CA cert into a browser on
-demand, is this:
-
-#!/bin/sh
-echo "Content-type: application/x-x509-ca-cert"
-echo
-cat $CGIBIN/certomatic/root.cacert
-
-You'll have to put the real path into that cat command because CGIBIN
-won't be defined when this script is run by the server.
-
-certcgi.cgi, the script to run the certcgi program is similar to this:
-
-#!/bin/sh
-cd $CGIBIN/certomatic/bin
-LD_LIBRARY_PATH=$PLATFORM/lib
-export LD_LIBRARY_PATH
-$PLATFORM/bin/certcgi $* 2>&1
-
-Where $PLATFORM/lib is where the NSPR nad NSS DSOs are located, and
-$PLATFORM/bin is where certcgi is located. PLATFORM is not defined when
-the server runs this script, so you'll have to substitute the right value
-in your script. certcgi requires that the working directory be one level
-below the NSS DBs, that is, the DBs are accessed in the directory "..".
-
-You'll want to provide an html link somewhere to the script that downloads
-the root.cacert file. You'll probably want to put that next to the link
-that loads the index.html page. On interzone, this is done with the
-following html:
-
-<a href="/certomatic/index.html">Cert-O-Matic II Root CA server</a>
-<p>
-<a href="/cgi-bin/certomatic/bin/download.cgi">Download and trust Root CA
-certificate</a>
-
-The index.html file in this directory invokes the certcgi.cgi script with
-the form post method, so if you change the name of the certcgi.cgi script,
-you'll also have to change the index.html file in $DOCROOT/certomatic
-
-The 4 files used by the certcgi program (the 3 NSS DBs, and the serial
-number file) are not required to live in $CGIBIN/certomatic, but they are
-required to live in $CWD/.. when certcgi starts.
-
-Known bugs:
-
-1. Because multiple of these CAs exist simultaneously, it would be best if
-they didn't all have to be called "Cert-O-Matic II", but that string is
-presently hard coded into certcgi.c.
-
-2. the html files in this directory contain numerous extraneous <FORM> tags
-which appear to use the post method and have action URLS that are never
-actually used. burp.cgi and echoform.cgi are never actually used. This
-should be cleaned up.
-
-3. The html files use <layer> tags which are supported only in Netscape
-Navigator and Netscape Communication 4.x browsers. The html files do
-not work as intended with Netscape 6.x, Mozilla or Microsoft IE browsers.
-The html files should be fixed to work with all those named browsers.
-
diff --git a/security/nss/cmd/certcgi/Makefile b/security/nss/cmd/certcgi/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/certcgi/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/certcgi/ca.html b/security/nss/cmd/certcgi/ca.html
deleted file mode 100644
index b9ffd8238..000000000
--- a/security/nss/cmd/certcgi/ca.html
+++ /dev/null
@@ -1,48 +0,0 @@
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
-<form method="post" name="ca_form" action="mailto:jerdonek@netscape.com">
-<input type="radio" name="caChoiceradio" value="SignWithDefaultkey"
- onClick="{parent.choice_change(this.form)}">
- Use the Cert-O-matic certificate to issue the cert</p>
-<input type="radio" name="caChoiceradio" value="SignWithRandomChain"
- onClick="{parent.choice_change(this.form)}"> Use a
- <input type="text" size="2" maxsize="2" name="autoCAs"> CA long
- automatically generated chain ending with the Cert-O-Matic Cert
- (18 maximum)</p>
-<input type="radio" name="caChoiceradio" value="SignWithSpecifiedChain"
- onClick="{parent.choice_change(this.form)}"> Use a
- <input type="text" size="1" maxlength="1" name="manCAs"
- onChange="{parent.ca_num_change(this.value,this.form)}"> CA long
- user input chain ending in the Cert-O-Matic Cert.</p>
-</form>
diff --git a/security/nss/cmd/certcgi/ca_form.html b/security/nss/cmd/certcgi/ca_form.html
deleted file mode 100644
index 43042cb64..000000000
--- a/security/nss/cmd/certcgi/ca_form.html
+++ /dev/null
@@ -1,385 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <table border=0 cellspacing=10 cellpadding=0>
- <tr>
- <td>
- Common Name:</td><td> <input type="text" name="name" onChange="{window.top.reset_subject('CN=', value, form)}"></p>
- </td>
- <td></td><td></td><td>
- Mail: </td><td><input type="text" name="email" onChange="var temp;{if (email_type[0].checked) {temp = 'MAIL='} else {temp = 'E='}} ;{window.top.reset_subject(temp, value, form)}"></p>
- RFC 1274<input type="radio" name="email_type" value="1" onClick="window.top.switch_mail(form)">
- e-mail<input type="radio" name="email_type" value="2" checked onClick="window.top.switch_mail(form)"></td>
- <tr>
- <td>
- Organization: </td><td> <input type="text" name="org" onChange="{window.top.reset_subject('O=', value, form)}"></p></td>
- <td></td><td></td><td>
- Organizational Unit: </td><td><input type="text" name="org_unit" onChange="{window.top.reset_subject('OU=', value, form)}"></p></td>
- <tr>
- <td>
- RFC 1274 UID: </td><td><input type="text" name="uid" onChange="{window.top.reset_subject('UID=', value, form)}"></p></td>
- <td></td><td></td><td>
- Locality: </td><td><input type="text" name="loc" onChange="{window.top.reset_subject('L=', value, form)}"></p></td>
- <tr>
- <td>
- State or Province: </td><td><input type="text" name="state" onChange="{window.top.reset_subject('ST=', value, form)}"></p></td>
- <td></td><td></td><td>
- Country: </td><td><input type="text" size="2" maxsize="2" name="country" onChange="{window.top.reset_subject('C=', value, form)}"></p></td>
- </table>
- <table border=0 cellspacing=10 cellpadding=0>
- <tr>
- <td>
- Serial Number:</p>
- <DD>
- <input type="radio" name="serial" value="auto" checked> Auto Generate</P>
- <DD>
- <input type="radio" name="serial" value="input">
- Use this value: <input type="text" name="serial_value" size="8" maxlength="8"></p>
- </td>
- <td></td><td></td><td></td><td></td>
- <td>
- X.509 version:</p>
- <DD>
- <input type="radio" name="ver" value="1" checked> Version 1</p>
- <DD>
- <input type="radio" name="ver" value="3"> Version 3</P></td>
- <td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td><td></td>
- <td>
- Key Type:</p>
- <DD>
- <input type="radio" name="keyType" value="rsa" checked> RSA</p>
- <DD>
- <input type="radio" name="keyType" value="dsa"> DSA</P></td>
- </table>
- DN: <input type="text" name="subject" size="70" onChange="{window.top.reset_subjectFields(form)}"></P>
- <Select name="keysize">
- <option>1024 (High Grade)
- <option>768 (Medium Grade)
- <option>512 (Low Grade)
- </select>
- </p>
- <hr>
- </p>
- <table border=1 cellspacing=5 cellpadding=5>
- <tr>
- <td>
- <b>Netscape Certificate Type: </b></p>
- Activate extension: <input type="checkbox" name="netscape-cert-type"></P>
- Critical: <input type="checkbox" name="netscape-cert-type-crit">
- <td>
- <input type="checkbox" name="netscape-cert-type-ssl-client"> SSL Client</P>
- <input type="checkbox" name="netscape-cert-type-ssl-server"> SSL Server</P>
- <input type="checkbox" name="netscape-cert-type-smime"> S/MIME</P>
- <input type="checkbox" name="netscape-cert-type-object-signing"> Object Signing</P>
- <input type="checkbox" name="netscape-cert-type-reserved"> Reserved for future use (bit 4)</P>
- <input type="checkbox" name="netscape-cert-type-ssl-ca"> SSL CA</P>
- <input type="checkbox" name="netscape-cert-type-smime-ca"> S/MIME CA</P>
- <input type="checkbox" name="netscape-cert-type-object-signing-ca"> Object Signing CA</P>
- </tr>
- <tr>
- <td>
- <b>Netscape Base URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-base-url"></P>
- Critical: <input type="checkbox" name="netscape-base-url-crit">
- <td>
- <input type="text" name="netscape-base-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Revocation URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-revocation-url"></P>
- Critical: <input type="checkbox" name="netscape-revocation-url-crit">
- <td>
- <input type="text" name="netscape-revocation-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape CA Revocation URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ca-revocation-url"></P>
- Critical: <input type="checkbox" name="netscape-ca-revocation-url-crit">
- <td>
- <input type="text" name="netscape-ca-revocation-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Certificate Renewal URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-cert-renewal-url"></P>
- Critical: <input type="checkbox" name="netscape-cert-renewal-url-crit">
- <td>
- <input type="text" name="netscape-cert-renewal-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape CA Policy URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ca-policy-url"></P>
- Critical: <input type="checkbox" name="netscape-ca-policy-url-crit">
- <td>
- <input type="text" name="netscape-ca-policy-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape SSL Server Name:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ssl-server-name"></P>
- Critical: <input type="checkbox" name="netscape-ssl-server-name-crit">
- <td>
- <input type="text" name="netscape-ssl-server-name-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Comment:</b></p>
- Activate extension: <input type="checkbox" name="netscape-comment"></P>
- Critical: <input type="checkbox" name="netscape-comment-crit">
- <td>
- <textarea name="netscape-comment-text" rows="5" cols="50"></textarea>
- </tr>
- </table>
- </p>
- <hr>
- </p>
- <table border=1 cellspacing=5 cellpadding=5>
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <tr>
- <td>
- <b>Key Usage: </b></p>
- Activate extension: <input type="checkbox" name="keyUsage"></P>
- Critical: <input type="checkbox" name="keyUsage-crit">
- <td>
- <input type="checkbox" name="keyUsage-digitalSignature"> Digital Signature</P>
- <input type="checkbox" name="keyUsage-nonRepudiation"> Non Repudiation</P>
- <input type="checkbox" name="keyUsage-keyEncipherment"> Key Encipherment</P>
- <input type="checkbox" name="keyUsage-dataEncipherment"> Data Encipherment</P>
- <input type="checkbox" name="keyUsage-keyAgreement"> Key Agreement</P>
- <input type="checkbox" name="keyUsage-keyCertSign"> Key Certificate Signing</P>
- <input type="checkbox" name="keyUsage-cRLSign"> CRL Signing</P>
- </tr>
- <tr>
- <td>
- <b>Extended Key Usage: </b></p>
- Activate extension: <input type="checkbox" name="extKeyUsage"></P>
- Critical: <input type="checkbox" name="extKeyUsage-crit">
- <td>
- <input type="checkbox" name="extKeyUsage-serverAuth"> Server Auth</P>
- <input type="checkbox" name="extKeyUsage-clientAuth"> Client Auth</P>
- <input type="checkbox" name="extKeyUsage-codeSign"> Code Signing</P>
- <input type="checkbox" name="extKeyUsage-emailProtect"> Email Protection</P>
- <input type="checkbox" name="extKeyUsage-timeStamp"> Timestamp</P>
- <input type="checkbox" name="extKeyUsage-ocspResponder"> OCSP Responder</P>
- <input type="checkbox" name="extKeyUsage-NS-govtApproved"> Step-up</P>
- </tr>
- <tr>
- <td>
- <b>Basic Constraints:</b></p>
- Activate extension: <input type="checkbox" name="basicConstraints"></P>
- Critical: <input type="checkbox" name="basicConstraints-crit">
- <td>
- CA:</p>
- <dd><input type=radio name="basicConstraints-cA-radio" value="CA"> True</p>
- <dd><input type=radio name="basicConstraints-cA-radio" value="NotCA"> False</p>
- <input type="checkbox" name="basicConstraints-pathLengthConstraint">
- Include Path length: <input type="text" name="basicConstraints-pathLengthConstraint-text" size="2"></p>
- </tr>
- <tr>
- <td>
- <b>Authority Key Identifier:</b></p>
- Activate extension: <input type="checkbox" name="authorityKeyIdentifier">
- <td>
- <input type="radio" name="authorityKeyIdentifier-radio" value="keyIdentifier"> Key Identider</p>
- <input type="radio" name="authorityKeyIdentifier-radio" value="authorityCertIssuer"> Issuer Name and Serial number</p>
- </tr>
- <tr>
- <td>
- <b>Subject Key Identifier:</b></p>
- Activate extension: <input type="checkbox" name="subjectKeyIdentifier">
- <td>
- Key Identifier:
- <input type="text" name="subjectKeyIdentifier-text"></p>
- This is an:<p>
- <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="ascii"> ascii text value<p>
- <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="hex"> hex value<p>
- </tr>
- <tr>
- <td>
- <b>Private Key Usage Period:</b></p>
- Activate extension: <input type="checkbox" name="privKeyUsagePeriod"></p>
- Critical: <input type="checkbox" name="privKeyUsagePeriod-crit">
- <td>
- Use:</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notBefore"> Not Before</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notAfter"> Not After</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="both" > Both</p>
- <b>Not to be used to sign before:</b></p>
- <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="auto"> Set to time of certificate issue</p>
- <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="manual"> Use This value</p>
- <dd><dd>(YYYY/MM/DD HH:MM:SS):
- <input type="text" name="privKeyUsagePeriod-notBefore-year" size="4" maxlength="4">/
- <input type="text" name="privKeyUsagePeriod-notBefore-month" size="2" maxlength="2">/
- <input type="text" name="privKeyUsagePeriod-notBefore-day" size="2" maxlength="2">
- <input type="text" name="privKeyUsagePeriod-notBefore-hour" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notBefore-minute" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notBefore-second" size="2" maxlength="2"></p>
- <b>Not to be used to sign after:</b></p>
- <dd>(YYYY/MM/DD HH:MM:SS):
- <input type="text" name="privKeyUsagePeriod-notAfter-year" size="4" maxlength="4">/
- <input type="text" name="privKeyUsagePeriod-notAfter-month" size="2" maxlength="2">/
- <input type="text" name="privKeyUsagePeriod-notAfter-day" size="2" maxlength="2">
- <input type="text" name="privKeyUsagePeriod-notAfter-hour" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notAfter-minute" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notAfter-second" size="2" maxlength="2"></p>
- </tr>
- <tr>
- <td>
- <b>Subject Alternative Name:</b></p>
- Activate extension: <input type="checkbox" name="SubAltName"></P>
- Critical: <input type="checkbox" name="SubAltName-crit">
- <td>
- <table>
- <tr>
- <td>
- General Names:</p>
- <select name="SubAltNameSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="SubAltName-add" value="Add" onClick="{parent.addSubAltName(this.form)}">
- <input type="button" name="SubAltName-delete" value="Delete" onClick="parent.deleteSubAltName(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="SubAltNameRadio" value="otherName" onClick="parent.setSubAltNameType(form)"> Other Name,
- OID: <input type="text" name="SubAltNameOtherNameOID" size="6"> </td><td>
- <input type="radio" name="SubAltNameRadio" value="rfc822Name" onClick="parent.setSubAltNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="dnsName" onClick="parent.setSubAltNameType(form)"> DNS Name </td><td>
- <input type="radio" name="SubAltNameRadio" value="x400" onClick="parent.setSubAltNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="directoryName" onClick="parent.setSubAltNameType(form)"> Directory Name</td><td>
- <input type="radio" name="SubAltNameRadio" value="ediPartyName" onClick="parent.setSubAltNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="URL" onClick="parent.setSubAltNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="SubAltNameRadio" value="ipAddress" onClick="parent.setSubAltNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="regID"onClick="parent.setSubAltNameType(form)"> Registered ID</td><td>
- <input type="radio" name="SubAltNameRadio" value="nscpNickname" onClick="parent.setSubAltNameType(form)"> Netscape Certificate Nickname</td><td></tr>
- </table>
- Name: <input type="text" name="SubAltNameText">
- Binary Encoded: <input type="checkbox" name="SubAltNameDataType" value="binary" onClick="parent.setSubAltNameType(form)"></p>
- </tr>
- </table>
- </tr>
-
-
- <tr>
- <td>
- <b>Issuer Alternative Name:</b></p>
- Activate extension: <input type="checkbox" name="IssuerAltName"></P>
- Critical: <input type="checkbox" name="IssuerAltName-crit">
- <td>
- <input type="radio" name="IssuerAltNameSourceRadio" value="auto"> Use the Subject Alternative Name from the Issuers Certificate</p>
- <input type="radio" name="IssuerAltNameSourceRadio" value="man"> Use this Name:
- <table>
- <tr>
- <td>
- General Names:</p>
- <select name="IssuerAltNameSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="IssuerAltName-add" value="Add" onClick="{parent.addIssuerAltName(this.form)}">
- <input type="button" name="IssuerAltName-delete" value="Delete" onClick="parent.deleteIssuerAltName(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="otherName" onClick="parent.setIssuerAltNameType(form)"> Other Name,
- OID: <input type="text" name="IssuerAltNameOtherNameOID" size="6"> </td><td>
- <input type="radio" name="IssuerAltNameRadio" value="rfc822Name" onClick="parent.setIssuerAltNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="dnsName" onClick="parent.setIssuerAltNameType(form)"> DNS Name </td><td>
- <input type="radio" name="IssuerAltNameRadio" value="x400" onClick="parent.setIssuerAltNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="directoryName" onClick="parent.setIssuerAltNameType(form)"> Directory Name</td><td>
- <input type="radio" name="IssuerAltNameRadio" value="ediPartyName" onClick="parent.setIssuerAltNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="URL" onClick="parent.setIssuerAltNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="IssuerAltNameRadio" value="ipAddress" onClick="parent.setIssuerAltNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="regID" onClick="parent.setIssuerAltNameType(form)"> Registered ID</td><td></tr>
- </table>
- Name: <input type="text" name="IssuerAltNameText">
- Binary Encoded: <input type="checkbox" name="IssuerAltNameDataType" value="binary" onClick="parent.setIssuerAltNameType(form)"></p>
- </tr>
- </table>
- </tr>
-
- <tr>
- <td>
- <b>Name Constraints:</b></p>
- Activate extension: <input type="checkbox" name="NameConstraints"></P>
- <td>
- <table>
- <tr>
- <td>
- Name Constraints:</p>
-
-
- <select name="NameConstraintSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="NameConstraint-add" value="Add" onClick="{parent.addNameConstraint(this.form)}">
- <input type="button" name="NameConstraint-delete" value="Delete" onClick="parent.deleteNameConstraint(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="NameConstraintRadio" value="otherName" onClick="parent.setNameConstraintNameType(form)"> Other Name,
- OID: <input type="text" name="NameConstraintOtherNameOID" size="6"> </td><td>
- <input type="radio" name="NameConstraintRadio" value="rfc822Name" onClick="parent.setNameConstraintNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="dnsName" onClick="parent.setNameConstraintNameType(form)"> DNS Name </td><td>
- <input type="radio" name="NameConstraintRadio" value="x400" onClick="parent.setNameConstraintNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="directoryName" onClick="parent.setNameConstraintNameType(form)"> Directory Name</td><td>
- <input type="radio" name="NameConstraintRadio" value="ediPartyName" onClick="parent.setNameConstraintNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="URL" onClick="parent.setNameConstraintNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="NameConstraintRadio" value="ipAddress" onClick="parent.setNameConstraintNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="regID" onClick="parent.setNameConstraintNameType(form)"> Registered ID</td><td></tr>
- </table>
- Name: <input type="text" name="NameConstraintText">
- Binary Encoded: <input type="checkbox" name="NameConstraintNameDataType" value="binary" onClick="parent.setNameConstraintNameType(form)"></p>
- Constraint type:<p>
- <dd><input type="radio" name="NameConstraintTypeRadio" value="permited"> permited<p>
- <dd><input type="radio" name="NameConstraintTypeRadio" value="excluded"> excluded<p>
- Minimum: <input type="text" name="NameConstraintMin" size="8" maxlength="8"></p>
- Maximum: <input type="text" name="NameConstraintMax" size="8" maxlength="8"></p>
-
-
-
- </tr>
- </table>
- </tr>
- </table>
- </form>
-
-
-
-
-
-
-
-
-
-
diff --git a/security/nss/cmd/certcgi/certcgi.c b/security/nss/cmd/certcgi/certcgi.c
deleted file mode 100644
index 3f4af1638..000000000
--- a/security/nss/cmd/certcgi/certcgi.c
+++ /dev/null
@@ -1,2431 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Cert-O-Matic CGI */
-
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "pk11func.h"
-#include "cert.h"
-#include "cryptohi.h"
-#include "secoid.h"
-#include "secder.h"
-#include "genname.h"
-#include "xconst.h"
-#include "secutil.h"
-#include "pqgutil.h"
-#include "certxutl.h"
-#include "secrng.h" /* for RNG_ */
-#include "nss.h"
-
-
-/* #define TEST 1 */
-/* #define FILEOUT 1 */
-/* #define OFFLINE 1 */
-#define START_FIELDS 100
-#define PREFIX_LEN 6
-#define SERIAL_FILE "../serial"
-#define DB_DIRECTORY ".."
-
-static char *progName;
-
-typedef struct PairStr Pair;
-
-struct PairStr {
- char *name;
- char *data;
-};
-
-
-char prefix[PREFIX_LEN];
-
-
-const SEC_ASN1Template CERTIA5TypeTemplate[] = {
- { SEC_ASN1_IA5_STRING }
-};
-
-
-
-SECKEYPrivateKey *privkeys[9] = {NULL, NULL, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL};
-
-
-#ifdef notdef
-const SEC_ASN1Template CERT_GeneralNameTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-#endif
-
-
-static void
-error_out(char *error_string)
-{
- printf("Content-type: text/plain\n\n");
- printf(error_string);
- fflush(stderr);
- fflush(stdout);
- exit(1);
-}
-
-static void
-error_allocate(void)
-{
- error_out("ERROR: Unable to allocate memory");
-}
-
-
-static char *
-make_copy_string(char *read_pos,
- int length,
- char sentinal_value)
- /* copys string from to a new string it creates and
- returns a pointer to the new string */
-{
- int remaining = length;
- char *write_pos;
- char *new;
-
- new = write_pos = (char *) PORT_Alloc (length);
- if (new == NULL) {
- error_allocate();
- }
- while (*read_pos != sentinal_value) {
- if (remaining == 1) {
- remaining += length;
- length = length * 2;
- new = PORT_Realloc(new,length);
- if (new == NULL) {
- error_allocate();
- }
- write_pos = new + length - remaining;
- }
- *write_pos = *read_pos;
- ++write_pos;
- ++read_pos;
- remaining = remaining - 1;
- }
- *write_pos = '\0';
- return new;
-}
-
-
-static char *
-PasswordStub(PK11SlotInfo *slot,
- void *cx)
-{
- return NULL;
-}
-
-
-static SECStatus
-clean_input(Pair *data)
- /* converts the non-alphanumeric characters in a form post
- from hex codes back to characters */
-{
- int length;
- int hi_digit;
- int low_digit;
- char character;
- char *begin_pos;
- char *read_pos;
- char *write_pos;
- PRBool name = PR_TRUE;
-
- begin_pos = data->name;
- while (begin_pos != NULL) {
- length = strlen(begin_pos);
- read_pos = write_pos = begin_pos;
- while ((read_pos - begin_pos) < length) {
- if (*read_pos == '+') {
- *read_pos = ' ';
- }
- if (*read_pos == '%') {
- hi_digit = *(read_pos + 1);
- low_digit = *(read_pos +2);
- read_pos += 3;
- if (isdigit(hi_digit)){
- hi_digit = hi_digit - '0';
- } else {
- hi_digit = toupper(hi_digit);
- if (isxdigit(hi_digit)) {
- hi_digit = (hi_digit - 'A') + 10;
- } else {
- error_out("ERROR: Form data incorrectly formated");
- }
- }
- if (isdigit(low_digit)){
- low_digit = low_digit - '0';
- } else {
- low_digit = toupper(low_digit);
- if ((low_digit >='A') && (low_digit <= 'F')) {
- low_digit = (low_digit - 'A') + 10;
- } else {
- error_out("ERROR: Form data incorrectly formated");
- }
- }
- character = (hi_digit << 4) | low_digit;
- if (character != 10) {
- *write_pos = character;
- ++write_pos;
- }
- } else {
- *write_pos = *read_pos;
- ++write_pos;
- ++read_pos;
- }
- }
- *write_pos = '\0';
- if (name == PR_TRUE) {
- begin_pos = data->data;
- name = PR_FALSE;
- } else {
- data++;
- begin_pos = data->name;
- name = PR_TRUE;
- }
- }
- return SECSuccess;
-}
-
-static char *
-make_name(char *new_data)
- /* gets the next field name in the input string and returns
- a pointer to a string containing a copy of it */
-{
- int length = 20;
- char *name;
-
- name = make_copy_string(new_data, length, '=');
- return name;
-}
-
-static char *
-make_data(char *new_data)
- /* gets the data for the next field in the input string
- and returns a pointer to a string containing it */
-{
- int length = 100;
- char *data;
- char *read_pos;
-
- read_pos = new_data;
- while (*(read_pos - 1) != '=') {
- ++read_pos;
- }
- data = make_copy_string(read_pos, length, '&');
- return data;
-}
-
-
-static Pair
-make_pair(char *new_data)
- /* makes a pair name/data pair from the input string */
-{
- Pair temp;
-
- temp.name = make_name(new_data);
- temp.data = make_data(new_data);
- return temp;
-}
-
-
-
-static Pair *
-make_datastruct(char *data, int len)
- /* parses the input from the form post into a data
- structure of field name/data pairs */
-{
- Pair *datastruct;
- Pair *current;
- char *curr_pos;
- int fields = START_FIELDS;
- int remaining = START_FIELDS;
-
- curr_pos = data;
- datastruct = current = (Pair *) PORT_Alloc(fields * sizeof(Pair));
- if (datastruct == NULL) {
- error_allocate();
- }
- while (curr_pos - data < len) {
- if (remaining == 1) {
- remaining += fields;
- fields = fields * 2;
- datastruct = (Pair *) PORT_Realloc
- (datastruct, fields * sizeof(Pair));
- if (datastruct == NULL) {
- error_allocate();
- }
- current = datastruct + (fields - remaining);
- }
- *current = make_pair(curr_pos);
- while (*curr_pos != '&') {
- ++curr_pos;
- }
- ++curr_pos;
- ++current;
- remaining = remaining - 1;
- }
- current->name = NULL;
- return datastruct;
-}
-
-static char *
-return_name(Pair *data_struct,
- int n)
- /* returns a pointer to the name of the nth
- (starting from 0) item in the data structure */
-{
- char *name;
-
- if ((data_struct + n)->name != NULL) {
- name = (data_struct + n)->name;
- return name;
- } else {
- return NULL;
- }
-}
-
-static char *
-return_data(Pair *data_struct,int n)
- /* returns a pointer to the data of the nth (starting from 0)
- itme in the data structure */
-{
- char *data;
-
- data = (data_struct + n)->data;
- return data;
-}
-
-
-static char *
-add_prefix(char *field_name)
-{
- extern char prefix[PREFIX_LEN];
- int i = 0;
- char *rv;
- char *write;
-
- rv = write = PORT_Alloc(PORT_Strlen(prefix) + PORT_Strlen(field_name) + 1);
- for(i = 0; i < PORT_Strlen(prefix); i++) {
- *write = prefix[i];
- write++;
- }
- *write = '\0';
- rv = PORT_Strcat(rv,field_name);
- return rv;
-}
-
-
-static char *
-find_field(Pair *data,
- char *field_name,
- PRBool add_pre)
- /* returns a pointer to the data of the first pair
- thats name matches the string it is passed */
-{
- int i = 0;
- char *retrieved;
- int found = 0;
-
- if (add_pre) {
- field_name = add_prefix(field_name);
- }
- while(return_name(data, i) != NULL) {
- if (PORT_Strcmp(return_name(data, i), field_name) == 0) {
- retrieved = return_data(data, i);
- found = 1;
- break;
- }
- i++;
- }
- if (!found) {
- retrieved = NULL;
- }
- return retrieved;
-}
-
-static PRBool
-find_field_bool(Pair *data,
- char *fieldname,
- PRBool add_pre)
-{
- char *rv;
-
- rv = find_field(data, fieldname, add_pre);
-
- if ((rv != NULL) && (PORT_Strcmp(rv, "true")) == 0) {
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-static char *
-update_data_by_name(Pair *data,
- char *field_name,
- char *new_data)
- /* replaces the data in the data structure associated with
- a name with new data, returns null if not found */
-{
- int i = 0;
- int found = 0;
- int length = 100;
- char *new;
-
- while (return_name(data, i) != NULL) {
- if (PORT_Strcmp(return_name(data, i), field_name) == 0) {
- new = make_copy_string( new_data, length, '\0');
- PORT_Free(return_data(data, i));
- found = 1;
- (*(data + i)).data = new;
- break;
- }
- i++;
- }
- if (!found) {
- new = NULL;
- }
- return new;
-}
-
-static char *
-update_data_by_index(Pair *data,
- int n,
- char *new_data)
- /* replaces the data of a particular index in the data structure */
-{
- int length = 100;
- char *new;
-
- new = make_copy_string(new_data, length, '\0');
- PORT_Free(return_data(data, n));
- (*(data + n)).data = new;
- return new;
-}
-
-
-static Pair *
-add_field(Pair *data,
- char* field_name,
- char* field_data)
- /* adds a new name/data pair to the data structure */
-{
- int i = 0;
- int j;
- int name_length = 100;
- int data_length = 100;
-
- while(return_name(data, i) != NULL) {
- i++;
- }
- j = START_FIELDS;
- while ( j < (i + 1) ) {
- j = j * 2;
- }
- if (j == (i + 1)) {
- data = (Pair *) PORT_Realloc(data, (j * 2) * sizeof(Pair));
- if (data == NULL) {
- error_allocate();
- }
- }
- (*(data + i)).name = make_copy_string(field_name, name_length, '\0');
- (*(data + i)).data = make_copy_string(field_data, data_length, '\0');
- (data + i + 1)->name = NULL;
- return data;
-}
-
-
-static CERTCertificateRequest *
-makeCertReq(Pair *form_data,
- int which_priv_key)
- /* makes and encodes a certrequest */
-{
-
- PK11SlotInfo *slot;
- CERTCertificateRequest *certReq = NULL;
- CERTSubjectPublicKeyInfo *spki;
- SECKEYPrivateKey *privkey = NULL;
- SECKEYPublicKey *pubkey = NULL;
- CERTName *name;
- char *key;
- extern SECKEYPrivateKey *privkeys[9];
- int keySizeInBits;
- char *challenge = "foo";
- SECStatus rv = SECSuccess;
- PQGParams *pqgParams = NULL;
- PQGVerify *pqgVfy = NULL;
-
- name = CERT_AsciiToName(find_field(form_data, "subject", PR_TRUE));
- if (name == NULL) {
- error_out("ERROR: Unable to create Subject Name");
- }
- key = find_field(form_data, "key", PR_TRUE);
- if (key == NULL) {
- switch (*find_field(form_data, "keysize", PR_TRUE)) {
- case '0':
- keySizeInBits = 2048;
- break;
- case '1':
- keySizeInBits = 1024;
- break;
- case '2':
- keySizeInBits = 512;
- break;
- default:
- error_out("ERROR: Unsupported Key length selected");
- }
- if (find_field_bool(form_data, "keyType-dsa", PR_TRUE)) {
- rv = PQG_ParamGen(keySizeInBits, &pqgParams, &pqgVfy);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to generate PQG parameters");
- }
- slot = PK11_GetBestSlot(CKM_DSA_KEY_PAIR_GEN, NULL);
- privkey = PK11_GenerateKeyPair(slot, CKM_DSA_KEY_PAIR_GEN,
- pqgParams,&pubkey, PR_FALSE,
- PR_TRUE, NULL);
- } else {
- privkey = SECKEY_CreateRSAPrivateKey(keySizeInBits, &pubkey, NULL);
- }
- privkeys[which_priv_key] = privkey;
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubkey);
- } else {
- spki = SECKEY_ConvertAndDecodePublicKeyAndChallenge(key, challenge,
- NULL);
- if (spki == NULL) {
- error_out("ERROR: Unable to decode Public Key and Challenge String");
- }
- }
- certReq = CERT_CreateCertificateRequest(name, spki, NULL);
- if (certReq == NULL) {
- error_out("ERROR: Unable to create Certificate Request");
- }
- if (pubkey != NULL) {
- SECKEY_DestroyPublicKey(pubkey);
- }
- if (spki != NULL) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- if (pqgParams != NULL) {
- PQG_DestroyParams(pqgParams);
- }
- if (pqgVfy != NULL) {
- PQG_DestroyVerify(pqgVfy);
- }
- return certReq;
-}
-
-
-
-static CERTCertificate *
-MakeV1Cert(CERTCertDBHandle *handle,
- CERTCertificateRequest *req,
- char *issuerNameStr,
- PRBool selfsign,
- int serialNumber,
- int warpmonths,
- Pair *data)
-{
- CERTCertificate *issuerCert = NULL;
- CERTValidity *validity;
- CERTCertificate *cert = NULL;
- PRExplodedTime printableTime;
- PRTime now,
- after;
- SECStatus rv;
-
-
-
- if ( !selfsign ) {
- issuerCert = CERT_FindCertByNameString(handle, issuerNameStr);
- if (!issuerCert) {
- error_out("ERROR: Could not find issuer's certificate");
- return NULL;
- }
- }
- if (find_field_bool(data, "manValidity", PR_TRUE)) {
- rv = DER_AsciiToTime(&now, find_field(data, "notBefore", PR_TRUE));
- } else {
- now = PR_Now();
- }
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
- if ( warpmonths ) {
- printableTime.tm_month += warpmonths;
- now = PR_ImplodeTime (&printableTime);
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
- }
- if (find_field_bool(data, "manValidity", PR_TRUE)) {
- rv = DER_AsciiToTime(&after, find_field(data, "notAfter", PR_TRUE));
- PR_ExplodeTime (after, PR_GMTParameters, &printableTime);
- } else {
- printableTime.tm_month += 3;
- after = PR_ImplodeTime (&printableTime);
- }
- /* note that the time is now in micro-second unit */
- validity = CERT_CreateValidity (now, after);
-
- if ( selfsign ) {
- cert = CERT_CreateCertificate
- (serialNumber,&(req->subject), validity, req);
- } else {
- cert = CERT_CreateCertificate
- (serialNumber,&(issuerCert->subject), validity, req);
- }
-
- CERT_DestroyValidity(validity);
- if ( issuerCert ) {
- CERT_DestroyCertificate (issuerCert);
- }
- return(cert);
-}
-
-static int
-get_serial_number(Pair *data)
-{
- int serial = 0;
- int error;
- char *filename = SERIAL_FILE;
- char *SN;
- FILE *serialFile;
-
-
- if (find_field_bool(data, "serial-auto", PR_TRUE)) {
- serialFile = fopen(filename, "r");
- if (serialFile != NULL) {
- fread(&serial, sizeof(int), 1, serialFile);
- if (ferror(serialFile) != 0) {
- error_out("Error: Unable to read serial number file");
- }
- if (serial == 4294967295) {
- serial = 21;
- }
- fclose(serialFile);
- ++serial;
- serialFile = fopen(filename,"w");
- if (serialFile == NULL) {
- error_out("ERROR: Unable to open serial number file for writing");
- }
- fwrite(&serial, sizeof(int), 1, serialFile);
- if (ferror(serialFile) != 0) {
- error_out("Error: Unable to write to serial number file");
- }
- } else {
- fclose(serialFile);
- serialFile = fopen(filename,"w");
- if (serialFile == NULL) {
- error_out("ERROR: Unable to open serial number file");
- }
- serial = 21;
- fwrite(&serial, sizeof(int), 1, serialFile);
- if (ferror(serialFile) != 0) {
- error_out("Error: Unable to write to serial number file");
- }
- error = ferror(serialFile);
- if (error != 0) {
- error_out("ERROR: Unable to write to serial file");
- }
- }
- fclose(serialFile);
- } else {
- SN = find_field(data, "serial_value", PR_TRUE);
- while (*SN != '\0') {
- serial = serial * 16;
- if ((*SN >= 'A') && (*SN <='F')) {
- serial += *SN - 'A' + 10;
- } else {
- if ((*SN >= 'a') && (*SN <='f')) {
- serial += *SN - 'a' + 10;
- } else {
- serial += *SN - '0';
- }
- }
- ++SN;
- }
- }
- return serial;
-}
-
-
-
-typedef SECStatus (* EXTEN_VALUE_ENCODER)
- (PRArenaPool *extHandle, void *value, SECItem *encodedValue);
-
-static SECStatus
-EncodeAndAddExtensionValue(
- PRArenaPool *arena,
- void *extHandle,
- void *value,
- PRBool criticality,
- int extenType,
- EXTEN_VALUE_ENCODER EncodeValueFn)
-{
- SECItem encodedValue;
- SECStatus rv;
-
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- rv = (*EncodeValueFn)(arena, value, &encodedValue);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to encode extension value");
- }
- rv = CERT_AddExtension
- (extHandle, extenType, &encodedValue, criticality, PR_TRUE);
- return (rv);
-}
-
-
-
-static SECStatus
-AddKeyUsage (void *extHandle,
- Pair *data)
-{
- SECItem bitStringValue;
- unsigned char keyUsage = 0x0;
-
- if (find_field_bool(data,"keyUsage-digitalSignature", PR_TRUE)){
- keyUsage |= (0x80 >> 0);
- }
- if (find_field_bool(data,"keyUsage-nonRepudiation", PR_TRUE)){
- keyUsage |= (0x80 >> 1);
- }
- if (find_field_bool(data,"keyUsage-keyEncipherment", PR_TRUE)){
- keyUsage |= (0x80 >> 2);
- }
- if (find_field_bool(data,"keyUsage-dataEncipherment", PR_TRUE)){
- keyUsage |= (0x80 >> 3);
- }
- if (find_field_bool(data,"keyUsage-keyAgreement", PR_TRUE)){
- keyUsage |= (0x80 >> 4);
- }
- if (find_field_bool(data,"keyUsage-keyCertSign", PR_TRUE)) {
- keyUsage |= (0x80 >> 5);
- }
- if (find_field_bool(data,"keyUsage-cRLSign", PR_TRUE)) {
- keyUsage |= (0x80 >> 6);
- }
-
- bitStringValue.data = &keyUsage;
- bitStringValue.len = 1;
-
- return (CERT_EncodeAndAddBitStrExtension
- (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue,
- (find_field_bool(data, "keyUsage-crit", PR_TRUE))));
-
-}
-
-static CERTOidSequence *
-CreateOidSequence(void)
-{
- CERTOidSequence *rv = (CERTOidSequence *)NULL;
- PRArenaPool *arena = (PRArenaPool *)NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if( (PRArenaPool *)NULL == arena ) {
- goto loser;
- }
-
- rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence));
- if( (CERTOidSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *));
- if( (SECItem **)NULL == rv->oids ) {
- goto loser;
- }
-
- rv->arena = arena;
- return rv;
-
- loser:
- if( (PRArenaPool *)NULL != arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return (CERTOidSequence *)NULL;
-}
-
-static SECStatus
-AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag)
-{
- SECItem **oids;
- PRUint32 count = 0;
- SECOidData *od;
-
- od = SECOID_FindOIDByTag(oidTag);
- if( (SECOidData *)NULL == od ) {
- return SECFailure;
- }
-
- for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) {
- count++;
- }
-
- /* ArenaZRealloc */
-
- {
- PRUint32 i;
-
- oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2));
- if( (SECItem **)NULL == oids ) {
- return SECFailure;
- }
-
- for( i = 0; i < count; i++ ) {
- oids[i] = os->oids[i];
- }
-
- /* ArenaZFree(os->oids); */
- }
-
- os->oids = oids;
- os->oids[count] = &od->oid;
-
- return SECSuccess;
-}
-
-static SECItem *
-EncodeOidSequence(CERTOidSequence *os)
-{
- SECItem *rv;
- extern const SEC_ASN1Template CERT_OidSeqTemplate[];
-
- rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem));
- if( (SECItem *)NULL == rv ) {
- goto loser;
- }
-
- if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) {
- goto loser;
- }
-
- return rv;
-
- loser:
- return (SECItem *)NULL;
-}
-
-static SECStatus
-AddExtKeyUsage(void *extHandle, Pair *data)
-{
- SECStatus rv;
- CERTOidSequence *os;
- SECItem *value;
- PRBool crit;
-
- os = CreateOidSequence();
- if( (CERTOidSequence *)NULL == os ) {
- return SECFailure;
- }
-
- if( find_field_bool(data, "extKeyUsage-serverAuth", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-clientAuth", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-codeSign", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-emailProtect", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-timeStamp", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-ocspResponder", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER);
- if( SECSuccess != rv ) goto loser;
- }
-
- if( find_field_bool(data, "extKeyUsage-NS-govtApproved", PR_TRUE) ) {
- rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED);
- if( SECSuccess != rv ) goto loser;
- }
-
- value = EncodeOidSequence(os);
-
- crit = find_field_bool(data, "extKeyUsage-crit", PR_TRUE);
-
- rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, value,
- crit, PR_TRUE);
- /*FALLTHROUGH*/
- loser:
- CERT_DestroyOidSequence(os);
- return rv;
-}
-
-static SECStatus
-AddSubKeyID(void *extHandle,
- Pair *data,
- CERTCertificate *subjectCert)
-{
- SECItem encodedValue;
- SECStatus rv;
- char *read;
- char *write;
- char *first;
- char character;
- int high_digit = 0,
- low_digit = 0;
- int len;
- PRBool odd = PR_FALSE;
-
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- first = read = write = find_field(data,"subjectKeyIdentifier-text",
- PR_TRUE);
- len = PORT_Strlen(first);
- odd = ((len % 2) != 0 ) ? PR_TRUE : PR_FALSE;
- if (find_field_bool(data, "subjectKeyIdentifier-radio-hex", PR_TRUE)) {
- if (odd) {
- error_out("ERROR: Improperly formated subject key identifier, hex values must be expressed as an octet string");
- }
- while (*read != '\0') {
- if (!isxdigit(*read)) {
- error_out("ERROR: Improperly formated subject key identifier");
- }
- *read = toupper(*read);
- if ((*read >= 'A') && (*read <= 'F')) {
- high_digit = *read - 'A' + 10;
- } else {
- high_digit = *read - '0';
- }
- ++read;
- if (!isxdigit(*read)) {
- error_out("ERROR: Improperly formated subject key identifier");
- }
- *read = toupper(*read);
- if ((*read >= 'A') && (*read <= 'F')) {
- low_digit = *(read) - 'A' + 10;
- } else {
- low_digit = *(read) - '0';
- }
- character = (high_digit << 4) | low_digit;
- *write = character;
- ++write;
- ++read;
- }
- *write = '\0';
- len = write - first;
- }
- subjectCert->subjectKeyID.data = (unsigned char *) find_field
- (data,"subjectKeyIdentifier-text", PR_TRUE);
- subjectCert->subjectKeyID.len = len;
- rv = CERT_EncodeSubjectKeyID
- (NULL, find_field(data,"subjectKeyIdentifier-text", PR_TRUE),
- len, &encodedValue);
- if (rv) {
- return (rv);
- }
- return (CERT_AddExtension(extHandle, SEC_OID_X509_SUBJECT_KEY_ID,
- &encodedValue, PR_FALSE, PR_TRUE));
-}
-
-
-static SECStatus
-AddAuthKeyID (void *extHandle,
- Pair *data,
- char *issuerNameStr,
- CERTCertDBHandle *handle)
-{
- CERTAuthKeyID *authKeyID = NULL;
- PRArenaPool *arena = NULL;
- SECStatus rv = SECSuccess;
- CERTCertificate *issuerCert = NULL;
- CERTGeneralName *genNames;
- CERTName *directoryName = NULL;
-
-
- issuerCert = CERT_FindCertByNameString(handle, issuerNameStr);
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- error_allocate();
- }
-
- authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID));
- if (authKeyID == NULL) {
- error_allocate();
- }
- if (find_field_bool(data, "authorityKeyIdentifier-radio-keyIdentifier",
- PR_TRUE)) {
- authKeyID->keyID.data = PORT_ArenaAlloc (arena, PORT_Strlen
- ((char *)issuerCert->subjectKeyID.data));
- if (authKeyID->keyID.data == NULL) {
- error_allocate();
- }
- PORT_Memcpy (authKeyID->keyID.data, issuerCert->subjectKeyID.data,
- authKeyID->keyID.len =
- PORT_Strlen((char *)issuerCert->subjectKeyID.data));
- } else {
-
- PORT_Assert (arena);
- genNames = (CERTGeneralName *) PORT_ArenaZAlloc (arena, (sizeof(CERTGeneralName)));
- if (genNames == NULL){
- error_allocate();
- }
- genNames->l.next = genNames->l.prev = &(genNames->l);
- genNames->type = certDirectoryName;
-
- directoryName = CERT_AsciiToName(issuerCert->subjectName);
- if (!directoryName) {
- error_out("ERROR: Unable to create Directory Name");
- }
- rv = CERT_CopyName (arena, &genNames->name.directoryName,
- directoryName);
- CERT_DestroyName (directoryName);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to copy Directory Name");
- }
- authKeyID->authCertIssuer = genNames;
- if (authKeyID->authCertIssuer == NULL && SECFailure ==
- PORT_GetError ()) {
- error_out("ERROR: Unable to get Issuer General Name for Authority Key ID Extension");
- }
- authKeyID->authCertSerialNumber = issuerCert->serialNumber;
- }
- rv = EncodeAndAddExtensionValue(arena, extHandle, authKeyID, PR_FALSE,
- SEC_OID_X509_AUTH_KEY_ID,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodeAuthKeyID);
- if (arena) {
- PORT_FreeArena (arena, PR_FALSE);
- }
- return (rv);
-}
-
-
-static SECStatus
-AddPrivKeyUsagePeriod(void *extHandle,
- Pair *data,
- CERTCertificate *cert)
-{
- char *notBeforeStr;
- char *notAfterStr;
- PRArenaPool *arena = NULL;
- SECStatus rv = SECSuccess;
- PKUPEncodedContext *pkup;
-
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- error_allocate();
- }
- pkup = PORT_ArenaZAlloc (arena, sizeof (PKUPEncodedContext));
- if (pkup == NULL) {
- error_allocate();
- }
- notBeforeStr = (char *) PORT_Alloc(16 );
- notAfterStr = (char *) PORT_Alloc(16 );
- *notBeforeStr = '\0';
- *notAfterStr = '\0';
- pkup->arena = arena;
- pkup->notBefore.len = 0;
- pkup->notBefore.data = NULL;
- pkup->notAfter.len = 0;
- pkup->notAfter.data = NULL;
- if (find_field_bool(data, "privKeyUsagePeriod-radio-notBefore", PR_TRUE) ||
- find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) {
- pkup->notBefore.len = 15;
- pkup->notBefore.data = (unsigned char *)notBeforeStr;
- if (find_field_bool(data, "privKeyUsagePeriod-notBefore-radio-manual",
- PR_TRUE)) {
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-year",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-month",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-day",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-hour",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-minute",
- PR_TRUE));
- PORT_Strcat(notBeforeStr,find_field(data,
- "privKeyUsagePeriod-notBefore-second",
- PR_TRUE));
- if ((*(notBeforeStr + 14) != '\0') ||
- (!isdigit(*(notBeforeStr + 13))) ||
- (*(notBeforeStr + 12) >= '5' && *(notBeforeStr + 12) <= '0') ||
- (!isdigit(*(notBeforeStr + 11))) ||
- (*(notBeforeStr + 10) >= '5' && *(notBeforeStr + 10) <= '0') ||
- (!isdigit(*(notBeforeStr + 9))) ||
- (*(notBeforeStr + 8) >= '2' && *(notBeforeStr + 8) <= '0') ||
- (!isdigit(*(notBeforeStr + 7))) ||
- (*(notBeforeStr + 6) >= '3' && *(notBeforeStr + 6) <= '0') ||
- (!isdigit(*(notBeforeStr + 5))) ||
- (*(notBeforeStr + 4) >= '1' && *(notBeforeStr + 4) <= '0') ||
- (!isdigit(*(notBeforeStr + 3))) ||
- (!isdigit(*(notBeforeStr + 2))) ||
- (!isdigit(*(notBeforeStr + 1))) ||
- (!isdigit(*(notBeforeStr + 0))) ||
- (*(notBeforeStr + 8) == '2' && *(notBeforeStr + 9) >= '4') ||
- (*(notBeforeStr + 6) == '3' && *(notBeforeStr + 7) >= '1') ||
- (*(notBeforeStr + 4) == '1' && *(notBeforeStr + 5) >= '2')) {
- error_out("ERROR: Improperly formated private key usage period");
- }
- *(notBeforeStr + 14) = 'Z';
- *(notBeforeStr + 15) = '\0';
- } else {
- if ((*(cert->validity.notBefore.data) > '5') ||
- ((*(cert->validity.notBefore.data) == '5') &&
- (*(cert->validity.notBefore.data + 1) != '0'))) {
- PORT_Strcat(notBeforeStr, "19");
- } else {
- PORT_Strcat(notBeforeStr, "20");
- }
- PORT_Strcat(notBeforeStr, (char *)cert->validity.notBefore.data);
- }
- }
- if (find_field_bool(data, "privKeyUsagePeriod-radio-notAfter", PR_TRUE) ||
- find_field_bool(data, "privKeyUsagePeriod-radio-both", PR_TRUE)) {
- pkup->notAfter.len = 15;
- pkup->notAfter.data = (unsigned char *)notAfterStr;
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-year",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-month",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-day",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-hour",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-minute",
- PR_TRUE));
- PORT_Strcat(notAfterStr,find_field(data,"privKeyUsagePeriod-notAfter-second",
- PR_TRUE));
- if ((*(notAfterStr + 14) != '\0') ||
- (!isdigit(*(notAfterStr + 13))) ||
- (*(notAfterStr + 12) >= '5' && *(notAfterStr + 12) <= '0') ||
- (!isdigit(*(notAfterStr + 11))) ||
- (*(notAfterStr + 10) >= '5' && *(notAfterStr + 10) <= '0') ||
- (!isdigit(*(notAfterStr + 9))) ||
- (*(notAfterStr + 8) >= '2' && *(notAfterStr + 8) <= '0') ||
- (!isdigit(*(notAfterStr + 7))) ||
- (*(notAfterStr + 6) >= '3' && *(notAfterStr + 6) <= '0') ||
- (!isdigit(*(notAfterStr + 5))) ||
- (*(notAfterStr + 4) >= '1' && *(notAfterStr + 4) <= '0') ||
- (!isdigit(*(notAfterStr + 3))) ||
- (!isdigit(*(notAfterStr + 2))) ||
- (!isdigit(*(notAfterStr + 1))) ||
- (!isdigit(*(notAfterStr + 0))) ||
- (*(notAfterStr + 8) == '2' && *(notAfterStr + 9) >= '4') ||
- (*(notAfterStr + 6) == '3' && *(notAfterStr + 7) >= '1') ||
- (*(notAfterStr + 4) == '1' && *(notAfterStr + 5) >= '2')) {
- error_out("ERROR: Improperly formated private key usage period");
- }
- *(notAfterStr + 14) = 'Z';
- *(notAfterStr + 15) = '\0';
- }
-
- PORT_Assert (arena);
-
- rv = EncodeAndAddExtensionValue(arena, extHandle, pkup,
- find_field_bool(data,
- "privKeyUsagePeriod-crit",
- PR_TRUE),
- SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodePublicKeyUsagePeriod);
- if (arena) {
- PORT_FreeArena (arena, PR_FALSE);
- }
- if (notBeforeStr != NULL) {
- PORT_Free(notBeforeStr);
- }
- if (notAfterStr != NULL) {
- PORT_Free(notAfterStr);
- }
- return (rv);
-}
-
-static SECStatus
-AddBasicConstraint(void *extHandle,
- Pair *data)
-{
- CERTBasicConstraints basicConstraint;
- SECItem encodedValue;
- SECStatus rv;
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
- basicConstraint.isCA = (find_field_bool(data,"basicConstraints-cA-radio-CA",
- PR_TRUE));
- if (find_field_bool(data,"basicConstraints-pathLengthConstraint", PR_TRUE)){
- basicConstraint.pathLenConstraint = atoi
- (find_field(data,"basicConstraints-pathLengthConstraint-text",
- PR_TRUE));
- }
-
- rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint,
- &encodedValue);
- if (rv)
- return (rv);
- rv = CERT_AddExtension(extHandle, SEC_OID_X509_BASIC_CONSTRAINTS,
- &encodedValue,
- (find_field_bool(data,"basicConstraints-crit",
- PR_TRUE)), PR_TRUE);
-
- PORT_Free (encodedValue.data);
- return (rv);
-}
-
-
-
-static SECStatus
-AddNscpCertType (void *extHandle,
- Pair *data)
-{
- SECItem bitStringValue;
- unsigned char CertType = 0x0;
-
- if (find_field_bool(data,"netscape-cert-type-ssl-client", PR_TRUE)){
- CertType |= (0x80 >> 0);
- }
- if (find_field_bool(data,"netscape-cert-type-ssl-server", PR_TRUE)){
- CertType |= (0x80 >> 1);
- }
- if (find_field_bool(data,"netscape-cert-type-smime", PR_TRUE)){
- CertType |= (0x80 >> 2);
- }
- if (find_field_bool(data,"netscape-cert-type-object-signing", PR_TRUE)){
- CertType |= (0x80 >> 3);
- }
- if (find_field_bool(data,"netscape-cert-type-reserved", PR_TRUE)){
- CertType |= (0x80 >> 4);
- }
- if (find_field_bool(data,"netscape-cert-type-ssl-ca", PR_TRUE)) {
- CertType |= (0x80 >> 5);
- }
- if (find_field_bool(data,"netscape-cert-type-smime-ca", PR_TRUE)) {
- CertType |= (0x80 >> 6);
- }
- if (find_field_bool(data,"netscape-cert-type-object-signing-ca", PR_TRUE)) {
- CertType |= (0x80 >> 7);
- }
-
- bitStringValue.data = &CertType;
- bitStringValue.len = 1;
-
- return (CERT_EncodeAndAddBitStrExtension
- (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue,
- (find_field_bool(data, "netscape-cert-type-crit", PR_TRUE))));
-}
-
-
-static SECStatus
-add_IA5StringExtension(void *extHandle,
- char *string,
- PRBool crit,
- int idtag)
-{
- SECItem encodedValue;
- SECStatus rv;
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
-
- rv = CERT_EncodeIA5TypeExtension(NULL, string, &encodedValue);
- if (rv) {
- return (rv);
- }
- return (CERT_AddExtension(extHandle, idtag, &encodedValue, crit, PR_TRUE));
-}
-
-static SECItem *
-string_to_oid(char *string)
-{
- int i;
- int length = 20;
- int remaining;
- int first_value;
- int second_value;
- int value;
- int oidLength;
- unsigned char *oidString;
- unsigned char *write;
- unsigned char *read;
- unsigned char *temp;
- SECItem *oid;
-
-
- remaining = length;
- i = 0;
- while (*string == ' ') {
- string++;
- }
- while (isdigit(*(string + i))) {
- i++;
- }
- if (*(string + i) == '.') {
- *(string + i) = '\0';
- } else {
- error_out("ERROR: Improperly formated OID");
- }
- first_value = atoi(string);
- if (first_value < 0 || first_value > 2) {
- error_out("ERROR: Improperly formated OID");
- }
- string += i + 1;
- i = 0;
- while (isdigit(*(string + i))) {
- i++;
- }
- if (*(string + i) == '.') {
- *(string + i) = '\0';
- } else {
- error_out("ERROR: Improperly formated OID");
- }
- second_value = atoi(string);
- if (second_value < 0 || second_value > 39) {
- error_out("ERROR: Improperly formated OID");
- }
- oidString = PORT_ZAlloc(2);
- *oidString = (first_value * 40) + second_value;
- *(oidString + 1) = '\0';
- oidLength = 1;
- string += i + 1;
- i = 0;
- temp = write = PORT_ZAlloc(length);
- while (*string != '\0') {
- value = 0;
- while(isdigit(*(string + i))) {
- i++;
- }
- if (*(string + i) == '\0') {
- value = atoi(string);
- string += i;
- } else {
- if (*(string + i) == '.') {
- *(string + i) = '\0';
- value = atoi(string);
- string += i + 1;
- } else {
- *(string + i) = '\0';
- i++;
- value = atoi(string);
- while (*(string + i) == ' ')
- i++;
- if (*(string + i) != '\0') {
- error_out("ERROR: Improperly formated OID");
- }
- }
- }
- i = 0;
- while (value != 0) {
- if (remaining < 1) {
- remaining += length;
- length = length * 2;
- temp = PORT_Realloc(temp, length);
- write = temp + length - remaining;
- }
- *write = (value & 0x7f) | (0x80);
- write++;
- remaining--;
- value = value >> 7;
- }
- *temp = *temp & (0x7f);
- oidLength += write - temp;
- oidString = PORT_Realloc(oidString, (oidLength + 1));
- read = write - 1;
- write = oidLength + oidString - 1;
- for (i = 0; i < (length - remaining); i++) {
- *write = *read;
- write--;
- read++;
- }
- write = temp;
- remaining = length;
- }
- *(oidString + oidLength) = '\0';
- oid = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
- oid->data = oidString;
- oid->len = oidLength;
- PORT_Free(temp);
- return oid;
-}
-
-static SECItem *
-string_to_ipaddress(char *string)
-{
- int i = 0;
- int value;
- int j = 0;
- SECItem *ipaddress;
-
-
- while (*string == ' ') {
- string++;
- }
- ipaddress = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
- ipaddress->data = PORT_ZAlloc(9);
- while (*string != '\0' && j < 8) {
- while (isdigit(*(string + i))) {
- i++;
- }
- if (*(string + i) == '.') {
- *(string + i) = '\0';
- value = atoi(string);
- string = string + i + 1;
- i = 0;
- } else {
- if (*(string + i) == '\0') {
- value = atoi(string);
- string = string + i;
- i = 0;
- } else {
- *(string + i) = '\0';
- while (*(string + i) == ' ') {
- i++;
- }
- if (*(string + i) == '\0') {
- value = atoi(string);
- string = string + i;
- i = 0;
- } else {
- error_out("ERROR: Improperly formated IP Address");
- }
- }
- }
- if (value >= 0 || value < 256) {
- *(ipaddress->data + j) = value;
- } else {
- error_out("ERROR: Improperly formated IP Address");
- }
- j++;
- }
- *(ipaddress->data + j) = '\0';
- if (j != 4 && j != 8) {
- error_out("ERROR: Improperly formated IP Address");
- }
- ipaddress->len = j;
- return ipaddress;
-}
-
-static SECItem *
-string_to_binary(char *string)
-{
- SECItem *rv;
- int high_digit;
- int low_digit;
-
- rv = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
- if (rv == NULL) {
- error_allocate();
- }
- rv->data = (unsigned char *) PORT_ZAlloc((PORT_Strlen(string))/3 + 2);
- while (!isxdigit(*string)) {
- string++;
- }
- rv->len = 0;
- while (*string != '\0') {
- if (isxdigit(*string)) {
- if (*string >= '0' && *string <= '9') {
- high_digit = *string - '0';
- } else {
- *string = toupper(*string);
- high_digit = *string - 'A';
- }
- string++;
- if (*string >= '0' && *string <= '9') {
- low_digit = *string - '0';
- } else {
- *string = toupper(*string);
- low_digit = *string = 'A';
- }
- (rv->len)++;
- } else {
- if (*string == ':') {
- string++;
- } else {
- if (*string == ' ') {
- while (*string == ' ') {
- string++;
- }
- }
- if (*string != '\0') {
- error_out("ERROR: Improperly formated binary encoding");
- }
- }
- }
- }
-
- return rv;
-}
-
-static SECStatus
-MakeGeneralName(char *name,
- CERTGeneralName *genName,
- PRArenaPool *arena)
-{
- SECItem *oid;
- SECOidData *oidData;
- SECItem *ipaddress;
- SECItem *temp = NULL;
- int i;
- int nameType;
- PRBool binary = PR_FALSE;
- SECStatus rv = SECSuccess;
- PRBool nickname;
-
- PORT_Assert(genName);
- PORT_Assert(arena);
- nameType = *(name + PORT_Strlen(name) - 1) - '0';
- if (nameType == 0 && *(name +PORT_Strlen(name) - 2) == '1') {
- nickname = PR_TRUE;
- nameType = certOtherName;
- }
- if (nameType < 1 || nameType > 9) {
- error_out("ERROR: Unknown General Name Type");
- }
- *(name + PORT_Strlen(name) - 4) = '\0';
- genName->type = nameType;
-
- switch (genName->type) {
- case certURI:
- case certRFC822Name:
- case certDNSName: {
- genName->name.other.data = (unsigned char *)name;
- genName->name.other.len = PORT_Strlen(name);
- break;
- }
-
- case certIPAddress: {
- ipaddress = string_to_ipaddress(name);
- genName->name.other.data = ipaddress->data;
- genName->name.other.len = ipaddress->len;
- break;
- }
-
- case certRegisterID: {
- oid = string_to_oid(name);
- genName->name.other.data = oid->data;
- genName->name.other.len = oid->len;
- break;
- }
-
- case certEDIPartyName:
- case certX400Address: {
-
- genName->name.other.data = PORT_ArenaAlloc (arena,
- PORT_Strlen (name) + 2);
- if (genName->name.other.data == NULL) {
- error_allocate();
- }
-
- PORT_Memcpy (genName->name.other.data + 2, name, PORT_Strlen (name));
- /* This may not be accurate for all cases.
- For now, use this tag type */
- genName->name.other.data[0] = (char)(((genName->type - 1) &
- 0x1f)| 0x80);
- genName->name.other.data[1] = (char)PORT_Strlen (name);
- genName->name.other.len = PORT_Strlen (name) + 2;
- break;
- }
-
- case certOtherName: {
- i = 0;
- if (!nickname) {
- while (!isdigit(*(name + PORT_Strlen(name) - i))) {
- i++;
- }
- if (*(name + PORT_Strlen(name) - i) == '1') {
- binary = PR_TRUE;
- } else {
- binary = PR_FALSE;
- }
- while (*(name + PORT_Strlen(name) - i) != '-') {
- i++;
- }
- *(name + PORT_Strlen(name) - i - 1) = '\0';
- i = 0;
- while (*(name + i) != '-') {
- i++;
- }
- *(name + i - 1) = '\0';
- oid = string_to_oid(name + i + 2);
- } else {
- oidData = SECOID_FindOIDByTag(SEC_OID_NETSCAPE_NICKNAME);
- oid = &oidData->oid;
- while (*(name + PORT_Strlen(name) - i) != '-') {
- i++;
- }
- *(name + PORT_Strlen(name) - i) = '\0';
- }
- genName->name.OthName.oid.data = oid->data;
- genName->name.OthName.oid.len = oid->len;
- if (binary) {
- temp = string_to_binary(name);
- genName->name.OthName.name.data = temp->data;
- genName->name.OthName.name.len = temp->len;
- } else {
- temp = (SECItem *) PORT_ZAlloc(sizeof(SECItem));
- if (temp == NULL) {
- error_allocate();
- }
- temp->data = (unsigned char *)name;
- temp->len = PORT_Strlen(name);
- SEC_ASN1EncodeItem (arena, &(genName->name.OthName.name), temp,
- CERTIA5TypeTemplate);
- }
- PORT_Free(temp);
- break;
- }
-
- case certDirectoryName: {
- CERTName *directoryName = NULL;
-
- directoryName = CERT_AsciiToName (name);
- if (!directoryName) {
- error_out("ERROR: Improperly formated alternative name");
- break;
- }
- rv = CERT_CopyName (arena, &genName->name.directoryName,
- directoryName);
- CERT_DestroyName (directoryName);
-
- break;
- }
- }
- genName->l.next = &(genName->l);
- genName->l.prev = &(genName->l);
- return rv;
-}
-
-
-static CERTGeneralName *
-MakeAltName(Pair *data,
- char *which,
- PRArenaPool *arena)
-{
- CERTGeneralName *SubAltName;
- CERTGeneralName *current;
- CERTGeneralName *newname;
- char *name = NULL;
- SECStatus rv = SECSuccess;
- int len;
-
-
- len = PORT_Strlen(which);
- name = find_field(data, which, PR_TRUE);
- SubAltName = current = (CERTGeneralName *) PORT_ZAlloc
- (sizeof(CERTGeneralName));
- if (current == NULL) {
- error_allocate();
- }
- while (name != NULL) {
-
- rv = MakeGeneralName(name, current, arena);
-
- if (rv != SECSuccess) {
- break;
- }
- if (*(which + len -1) < '9') {
- *(which + len - 1) = *(which + len - 1) + 1;
- } else {
- if (isdigit(*(which + len - 2) )) {
- *(which + len - 2) = *(which + len - 2) + 1;
- *(which + len - 1) = '0';
- } else {
- *(which + len - 1) = '1';
- *(which + len) = '0';
- *(which + len + 1) = '\0';
- len++;
- }
- }
- len = PORT_Strlen(which);
- name = find_field(data, which, PR_TRUE);
- if (name != NULL) {
- newname = (CERTGeneralName *) PORT_ZAlloc(sizeof(CERTGeneralName));
- if (newname == NULL) {
- error_allocate();
- }
- current->l.next = &(newname->l);
- newname->l.prev = &(current->l);
- current = newname;
- newname = NULL;
- } else {
- current->l.next = &(SubAltName->l);
- SubAltName->l.prev = &(current->l);
- }
- }
- if (rv == SECFailure) {
- return NULL;
- }
- return SubAltName;
-}
-
-static CERTNameConstraints *
-MakeNameConstraints(Pair *data,
- PRArenaPool *arena)
-{
- CERTNameConstraints *NameConstraints;
- CERTNameConstraint *current = NULL;
- CERTNameConstraint *last_permited = NULL;
- CERTNameConstraint *last_excluded = NULL;
- char *constraint = NULL;
- char *which;
- SECStatus rv = SECSuccess;
- int len;
- int i;
- long max;
- long min;
- PRBool permited;
-
-
- NameConstraints = (CERTNameConstraints *) PORT_ZAlloc
- (sizeof(CERTNameConstraints));
- which = make_copy_string("NameConstraintSelect0", 25,'\0');
- len = PORT_Strlen(which);
- constraint = find_field(data, which, PR_TRUE);
- NameConstraints->permited = NameConstraints->excluded = NULL;
- while (constraint != NULL) {
- current = (CERTNameConstraint *) PORT_ZAlloc
- (sizeof(CERTNameConstraint));
- if (current == NULL) {
- error_allocate();
- }
- i = 0;
- while (*(constraint + PORT_Strlen(constraint) - i) != '-') {
- i++;
- }
- *(constraint + PORT_Strlen(constraint) - i - 1) = '\0';
- max = (long) atoi(constraint + PORT_Strlen(constraint) + 3);
- if (max > 0) {
- (void) SEC_ASN1EncodeInteger(arena, &current->max, max);
- }
- i = 0;
- while (*(constraint + PORT_Strlen(constraint) - i) != '-') {
- i++;
- }
- *(constraint + PORT_Strlen(constraint) - i - 1) = '\0';
- min = (long) atoi(constraint + PORT_Strlen(constraint) + 3);
- (void) SEC_ASN1EncodeInteger(arena, &current->min, min);
- while (*(constraint + PORT_Strlen(constraint) - i) != '-') {
- i++;
- }
- *(constraint + PORT_Strlen(constraint) - i - 1) = '\0';
- if (*(constraint + PORT_Strlen(constraint) + 3) == 'p') {
- permited = PR_TRUE;
- } else {
- permited = PR_FALSE;
- }
- rv = MakeGeneralName(constraint, &(current->name), arena);
-
- if (rv != SECSuccess) {
- break;
- }
- if (*(which + len - 1) < '9') {
- *(which + len - 1) = *(which + len - 1) + 1;
- } else {
- if (isdigit(*(which + len - 2) )) {
- *(which + len - 2) = *(which + len - 2) + 1;
- *(which + len - 1) = '0';
- } else {
- *(which + len - 1) = '1';
- *(which + len) = '0';
- *(which + len + 1) = '\0';
- len++;
- }
- }
- len = PORT_Strlen(which);
- if (permited) {
- if (NameConstraints->permited == NULL) {
- NameConstraints->permited = last_permited = current;
- }
- last_permited->l.next = &(current->l);
- current->l.prev = &(last_permited->l);
- last_permited = current;
- } else {
- if (NameConstraints->excluded == NULL) {
- NameConstraints->excluded = last_excluded = current;
- }
- last_excluded->l.next = &(current->l);
- current->l.prev = &(last_excluded->l);
- last_excluded = current;
- }
- constraint = find_field(data, which, PR_TRUE);
- if (constraint != NULL) {
- current = (CERTNameConstraint *) PORT_ZAlloc(sizeof(CERTNameConstraint));
- if (current == NULL) {
- error_allocate();
- }
- }
- }
- if (NameConstraints->permited != NULL) {
- last_permited->l.next = &(NameConstraints->permited->l);
- NameConstraints->permited->l.prev = &(last_permited->l);
- }
- if (NameConstraints->excluded != NULL) {
- last_excluded->l.next = &(NameConstraints->excluded->l);
- NameConstraints->excluded->l.prev = &(last_excluded->l);
- }
- if (which != NULL) {
- PORT_Free(which);
- }
- if (rv == SECFailure) {
- return NULL;
- }
- return NameConstraints;
-}
-
-
-
-static SECStatus
-AddAltName(void *extHandle,
- Pair *data,
- char *issuerNameStr,
- CERTCertDBHandle *handle,
- int type)
-{
- PRBool autoIssuer = PR_FALSE;
- PRArenaPool *arena = NULL;
- CERTGeneralName *genName = NULL;
- CERTName *directoryName = NULL;
- char *which = NULL;
- char *name = NULL;
- SECStatus rv = SECSuccess;
- SECItem *issuersAltName = NULL;
- CERTCertificate *issuerCert = NULL;
- void *mark;
-
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- error_allocate();
- }
- if (type == 0) {
- which = make_copy_string("SubAltNameSelect0", 20,'\0');
- genName = MakeAltName(data, which, arena);
- } else {
- if (autoIssuer) {
- autoIssuer = find_field_bool(data,"IssuerAltNameSourceRadio-auto",
- PR_TRUE);
- issuerCert = CERT_FindCertByNameString(handle, issuerNameStr);
- rv = cert_FindExtension((*issuerCert).extensions,
- SEC_OID_X509_SUBJECT_ALT_NAME,
- issuersAltName);
- if (issuersAltName == NULL) {
- name = PORT_Alloc(PORT_Strlen((*issuerCert).subjectName) + 4);
- PORT_Strcpy(name, (*issuerCert).subjectName);
- PORT_Strcat(name, " - 5");
- }
- } else {
- which = make_copy_string("IssuerAltNameSelect0", 20,'\0');
- genName = MakeAltName(data, which, arena);
- }
- }
- if (type == 0) {
- EncodeAndAddExtensionValue(arena, extHandle, genName,
- find_field_bool(data, "SubAltName-crit",
- PR_TRUE),
- SEC_OID_X509_SUBJECT_ALT_NAME,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodeAltNameExtension);
-
- } else {
- if (autoIssuer && (name == NULL)) {
- rv = CERT_AddExtension
- (extHandle, SEC_OID_X509_ISSUER_ALT_NAME, issuersAltName,
- find_field_bool(data, "IssuerAltName-crit", PR_TRUE), PR_TRUE);
- } else {
- EncodeAndAddExtensionValue(arena, extHandle, genName,
- find_field_bool(data,
- "IssuerAltName-crit",
- PR_TRUE),
- SEC_OID_X509_ISSUER_ALT_NAME,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodeAltNameExtension);
- }
- }
- if (which != NULL) {
- PORT_Free(which);
- }
- if (issuerCert != NULL) {
- CERT_DestroyCertificate(issuerCert);
- }
-#if 0
- if (arena != NULL) {
- PORT_ArenaRelease (arena, mark);
- }
-#endif
- return rv;
-}
-
-
-static SECStatus
-AddNameConstraints(void *extHandle,
- Pair *data)
-{
- PRBool autoIssuer = PR_FALSE;
- PRArenaPool *arena = NULL;
- CERTNameConstraints *constraints = NULL;
- char *constraint = NULL;
- SECStatus rv = SECSuccess;
-
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- error_allocate();
- }
- constraints = MakeNameConstraints(data, arena);
- if (constraints != NULL) {
- EncodeAndAddExtensionValue(arena, extHandle, constraints, PR_TRUE,
- SEC_OID_X509_NAME_CONSTRAINTS,
- (EXTEN_VALUE_ENCODER)
- CERT_EncodeNameConstraintsExtension);
- }
- if (arena != NULL) {
- PORT_ArenaRelease (arena, NULL);
- }
- return rv;
-}
-
-
-static SECStatus
-add_extensions(CERTCertificate *subjectCert,
- Pair *data,
- char *issuerNameStr,
- CERTCertDBHandle *handle)
-{
- void *extHandle;
- SECStatus rv = SECSuccess;
-
-
- extHandle = CERT_StartCertExtensions (subjectCert);
- if (extHandle == NULL) {
- error_out("ERROR: Unable to get certificates extension handle");
- }
- if (find_field_bool(data, "keyUsage", PR_TRUE)) {
- rv = AddKeyUsage(extHandle, data);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Key Usage extension");
- }
- }
-
- if( find_field_bool(data, "extKeyUsage", PR_TRUE) ) {
- rv = AddExtKeyUsage(extHandle, data);
- if( SECSuccess != rv ) {
- error_out("ERROR: Unable to add Extended Key Usage extension");
- }
- }
-
- if (find_field_bool(data, "basicConstraints", PR_TRUE)) {
- rv = AddBasicConstraint(extHandle, data);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Basic Constraint extension");
- }
- }
- if (find_field_bool(data, "subjectKeyIdentifier", PR_TRUE)) {
- rv = AddSubKeyID(extHandle, data, subjectCert);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Subject Key Identifier Extension");
- }
- }
- if (find_field_bool(data, "authorityKeyIdentifier", PR_TRUE)) {
- rv = AddAuthKeyID (extHandle, data, issuerNameStr, handle);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Authority Key Identifier extension");
- }
- }
- if (find_field_bool(data, "privKeyUsagePeriod", PR_TRUE)) {
- rv = AddPrivKeyUsagePeriod (extHandle, data, subjectCert);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Private Key Usage Period extension");
- }
- }
- if (find_field_bool(data, "SubAltName", PR_TRUE)) {
- rv = AddAltName (extHandle, data, NULL, NULL, 0);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Subject Alternative Name extension");
- }
- }
- if (find_field_bool(data, "IssuerAltName", PR_TRUE)) {
- rv = AddAltName (extHandle, data, issuerNameStr, handle, 1);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Issuer Alternative Name Extension");
- }
- }
- if (find_field_bool(data, "NameConstraints", PR_TRUE)) {
- rv = AddNameConstraints(extHandle, data);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Name Constraints Extension");
- }
- }
- if (find_field_bool(data, "netscape-cert-type", PR_TRUE)) {
- rv = AddNscpCertType(extHandle, data);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Certificate Type Extension");
- }
- }
- if (find_field_bool(data, "netscape-base-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data, "netscape-base-url-text",
- PR_TRUE),
- find_field_bool(data,
- "netscape-base-url-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_BASE_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Base URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-revocation-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-revocation-url-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-revocation-url-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_REVOCATION_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Revocation URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-ca-revocation-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-ca-revocation-url-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-ca-revocation-url-crit"
- , PR_TRUE),
- SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape CA Revocation URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-cert-renewal-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-cert-renewal-url-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-cert-renewal-url-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Certificate Renewal URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-ca-policy-url", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-ca-policy-url-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-ca-policy-url-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_CA_POLICY_URL);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape CA Policy URL Extension");
- }
- }
- if (find_field_bool(data, "netscape-ssl-server-name", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data,
- "netscape-ssl-server-name-text",
- PR_TRUE),
- find_field_bool
- (data, "netscape-ssl-server-name-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape SSL Server Name Extension");
- }
- }
- if (find_field_bool(data, "netscape-comment", PR_TRUE)) {
- rv = add_IA5StringExtension(extHandle,
- find_field(data, "netscape-comment-text",
- PR_TRUE),
- find_field_bool(data,
- "netscape-comment-crit",
- PR_TRUE),
- SEC_OID_NS_CERT_EXT_COMMENT);
- if (rv != SECSuccess) {
- error_out("ERROR: Unable to add Netscape Comment Extension");
- }
- }
- CERT_FinishExtensions(extHandle);
- return (rv);
-}
-
-
-
-char *
-return_dbpasswd(PK11SlotInfo *slot, PRBool retry, void *data)
-{
- char *rv;
-
- /* don't clobber our poor smart card */
- if (retry == PR_TRUE) {
- return NULL;
- }
- rv = PORT_Alloc(4);
- PORT_Strcpy(rv, "foo");
- return rv;
-}
-
-
-SECKEYPrivateKey *
-FindPrivateKeyFromNameStr(char *name,
- CERTCertDBHandle *certHandle)
-{
- SECKEYPrivateKey *key;
- CERTCertificate *cert;
- CERTCertificate *p11Cert;
- SECStatus status = SECSuccess;
-
-
- /* We don't presently have a PK11 function to find a cert by
- ** subject name.
- ** We do have a function to find a cert in the internal slot's
- ** cert db by subject name, but it doesn't setup the slot info.
- ** So, this HACK works, but should be replaced as soon as we
- ** have a function to search for certs accross slots by subject name.
- */
- cert = CERT_FindCertByNameString(certHandle, name);
- if (cert == NULL || cert->nickname == NULL) {
- error_out("ERROR: Unable to retrieve issuers certificate");
- }
- p11Cert = PK11_FindCertFromNickname(cert->nickname, NULL);
- if (p11Cert == NULL) {
- error_out("ERROR: Unable to retrieve issuers certificate");
- }
- key = PK11_FindKeyByAnyCert(p11Cert, NULL);
- return key;
-}
-
-static SECItem *
-SignCert(CERTCertificate *cert,
- char *issuerNameStr,
- Pair *data,
- CERTCertDBHandle *handle,
- int which_key)
-{
- SECItem der;
- SECItem *result = NULL;
- SECKEYPrivateKey *caPrivateKey = NULL;
- SECStatus rv;
- PRArenaPool *arena;
- SECOidTag algID;
-
- if (which_key == 0) {
- caPrivateKey = FindPrivateKeyFromNameStr(issuerNameStr, handle);
- } else {
- caPrivateKey = privkeys[which_key - 1];
- }
- if (caPrivateKey == NULL) {
- error_out("ERROR: unable to retrieve issuers key");
- }
-
- arena = cert->arena;
-
- switch(caPrivateKey->keyType) {
- case rsaKey:
- algID = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- break;
- case dsaKey:
- algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- error_out("ERROR: Unknown key type for issuer.");
- goto done;
- break;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0);
- if (rv != SECSuccess) {
- error_out("ERROR: Could not set signature algorithm id.");
- }
-
- if (find_field_bool(data,"ver-1", PR_TRUE)) {
- *(cert->version.data) = 0;
- cert->version.len = 1;
- } else {
- *(cert->version.data) = 2;
- cert->version.len = 1;
- }
- der.data = NULL;
- der.len = 0;
- (void) SEC_ASN1EncodeItem (arena, &der, cert, CERT_CertificateTemplate);
- if (der.data == NULL) {
- error_out("ERROR: Could not encode certificate.\n");
- }
- rv = SEC_DerSignData (arena, &(cert->derCert), der.data, der.len, caPrivateKey,
- algID);
- if (rv != SECSuccess) {
- error_out("ERROR: Could not sign encoded certificate data.\n");
- }
-done:
- SECKEY_DestroyPrivateKey(caPrivateKey);
- return &(cert->derCert);
-}
-
-
-int
-main(int argc, char **argv)
-{
- int length = 500;
- int remaining = 500;
- int n;
- int fields = 3;
- int i;
- int serial;
- int chainLen;
- int which_key;
- char *pos;
-#ifdef OFFLINE
- char *form_output = "key=MIIBPTCBpzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7SLqjWBL9Wl11Vlg%0AaMqZCvcQOL%2FnvSqYPPRP0XZy9SoAeyWzQnBOiCm2t8H5mK7r2jnKdAQOmfhjaJil%0A3hNVu3SekHOXF6Ze7bkWa6%2FSGVcY%2FojkydxFSgY43nd1iydzPQDp8WWLL%2BpVpt%2B%2B%0ATRhFtVXbF0fQI03j9h3BoTgP2lkCAwEAARYDZm9vMA0GCSqGSIb3DQEBBAUAA4GB%0AAJ8UfRKJ0GtG%2B%2BufCC6tAfTzKrq3CTBHnom55EyXcsAsv6WbDqI%2F0rLAPkn2Xo1r%0AnNhtMxIuj441blMt%2Fa3AGLOy5zmC7Qawt8IytvQikQ1XTpTBCXevytrmLjCmlURr%0ANJryTM48WaMQHiMiJpbXCqVJC1d%2FpEWBtqvALzZaOOIy&subject=CN%3D%22test%22%26serial-auto%3Dtrue%26serial_value%3D%26ver-1%3Dtrue%26ver-3%3Dfalse%26caChoiceradio-SignWithDefaultkey%3Dtrue%26caChoiceradio-SignWithRandomChain%3Dfalse%26autoCAs%3D%26caChoiceradio-SignWithSpecifiedChain%3Dfalse%26manCAs%3D%26%24";
-#else
- char *form_output;
-#endif
- char *issuerNameStr;
- char *certName;
- char *DBdir = DB_DIRECTORY;
- char *prefixs[10] = {"CA#1-", "CA#2-", "CA#3-",
- "CA#4-", "CA#5-", "CA#6-",
- "CA#7-", "CA#8-", "CA#9-", ""};
- Pair *form_data;
- CERTCertificate *cert;
- CERTCertDBHandle *handle;
- CERTCertificateRequest *certReq = NULL;
- int warpmonths = 0;
- SECItem *certDER;
-#ifdef FILEOUT
- FILE *outfile;
-#endif
- SECStatus status = SECSuccess;
- extern char prefix[PREFIX_LEN];
- SEC_PKCS7ContentInfo *certChain;
- SECItem *encodedCertChain;
- PRBool UChain = PR_FALSE;
-
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
-
-#ifdef TEST
- sleep(20);
-#endif
- SECU_ConfigDirectory(DBdir);
-
- PK11_SetPasswordFunc(return_dbpasswd);
- status = NSS_InitReadWrite(DBdir);
- if (status != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
- handle = CERT_GetDefaultCertDB();
-
- prefix[0]= '\0';
-#if !defined(OFFLINE)
- form_output = (char*) PORT_Alloc(length);
- if (form_output == NULL) {
- error_allocate();
- }
- pos = form_output;
- while (feof(stdin) == 0 ) {
- if (remaining <= 1) {
- remaining += length;
- length = length * 2;
- form_output = PORT_Realloc(form_output, (length));
- if (form_output == NULL) {
- error_allocate();
- }
- pos = form_output + length - remaining;
- }
- n = fread(pos, 1, (size_t) (remaining - 1), stdin);
- pos += n;
- remaining -= n;
- }
- *pos = '&';
- pos++;
- length = pos - form_output;
-#else
- length = PORT_Strlen(form_output);
-#endif
-#ifdef FILEOUT
- printf("Content-type: text/plain\n\n");
- fwrite(form_output, 1, (size_t)length, stdout);
- printf("\n");
-#endif
-#ifdef FILEOUT
- fwrite(form_output, 1, (size_t)length, stdout);
- printf("\n");
- fflush(stdout);
-#endif
- form_data = make_datastruct(form_output, length);
- status = clean_input(form_data);
-#if !defined(OFFLINE)
- PORT_Free(form_output);
-#endif
-#ifdef FILEOUT
- i = 0;
- while(return_name(form_data, i) != NULL) {
- printf("%s",return_name(form_data,i));
- printf("=\n");
- printf("%s",return_data(form_data,i));
- printf("\n");
- i++;
- }
- printf("I got that done, woo hoo\n");
- fflush(stdout);
-#endif
- issuerNameStr = PORT_Alloc(200);
- if (find_field_bool(form_data, "caChoiceradio-SignWithSpecifiedChain",
- PR_FALSE)) {
- UChain = PR_TRUE;
- chainLen = atoi(find_field(form_data, "manCAs", PR_FALSE));
- PORT_Strcpy(prefix, prefixs[0]);
- issuerNameStr = PORT_Strcpy(issuerNameStr,
- "CN=Cert-O-Matic II, O=Cert-O-Matic II");
- if (chainLen == 0) {
- UChain = PR_FALSE;
- }
- } else {
- if (find_field_bool(form_data, "caChoiceradio-SignWithRandomChain",
- PR_FALSE)) {
- PORT_Strcpy(prefix,prefixs[9]);
- chainLen = atoi(find_field(form_data, "autoCAs", PR_FALSE));
- if (chainLen < 1 || chainLen > 18) {
- issuerNameStr = PORT_Strcpy(issuerNameStr,
- "CN=CA18, O=Cert-O-Matic II");
- }
- issuerNameStr = PORT_Strcpy(issuerNameStr, "CN=CA");
- issuerNameStr = PORT_Strcat(issuerNameStr,
- find_field(form_data,"autoCAs", PR_FALSE));
- issuerNameStr = PORT_Strcat(issuerNameStr,", O=Cert-O-Matic II");
- } else {
- issuerNameStr = PORT_Strcpy(issuerNameStr,
- "CN=Cert-O-Matic II, O=Cert-O-Matic II");
- }
- chainLen = 0;
- }
-
- i = -1;
- which_key = 0;
- do {
- extern SECStatus cert_GetKeyID(CERTCertificate *cert);
- i++;
- if (i != 0 && UChain) {
- PORT_Strcpy(prefix, prefixs[i]);
- }
- /* find_field(form_data,"subject", PR_TRUE); */
- certReq = makeCertReq(form_data, which_key);
-#ifdef OFFLINE
- serial = 900;
-#else
- serial = get_serial_number(form_data);
-#endif
- cert = MakeV1Cert(handle, certReq, issuerNameStr, PR_FALSE,
- serial, warpmonths, form_data);
- if (certReq != NULL) {
- CERT_DestroyCertificateRequest(certReq);
- }
- if (find_field_bool(form_data,"ver-3", PR_TRUE)) {
- status = add_extensions(cert, form_data, issuerNameStr, handle);
- if (status != SECSuccess) {
- error_out("ERROR: Unable to add extensions");
- }
- }
- status = cert_GetKeyID(cert);
- if (status == SECFailure) {
- error_out("ERROR: Unable to get Key ID.");
- }
- certDER = SignCert(cert, issuerNameStr, form_data, handle, which_key);
- CERT_NewTempCertificate(handle, certDER, NULL, PR_FALSE, PR_TRUE);
- issuerNameStr = find_field(form_data, "subject", PR_TRUE);
- /* SECITEM_FreeItem(certDER, PR_TRUE); */
- CERT_DestroyCertificate(cert);
- if (i == (chainLen - 1)) {
- i = 8;
- }
- ++which_key;
- } while (i < 9 && UChain);
-
-
-
-#ifdef FILEOUT
- outfile = fopen("../certout", "wb");
-#endif
- certName = find_field(form_data, "subject", PR_FALSE);
- cert = CERT_FindCertByNameString(handle, certName);
- certChain = SEC_PKCS7CreateCertsOnly (cert, PR_TRUE, handle);
- if (certChain == NULL) {
- error_out("ERROR: No certificates in cert chain");
- }
- encodedCertChain = SEC_PKCS7EncodeItem (NULL, NULL, certChain, NULL, NULL,
- NULL);
- if (encodedCertChain) {
-#if !defined(FILEOUT)
- printf("Content-type: application/x-x509-user-cert\r\n");
- printf("Content-length: %d\r\n\r\n", encodedCertChain->len);
- fwrite (encodedCertChain->data, 1, encodedCertChain->len, stdout);
-#else
- fwrite (encodedCertChain->data, 1, encodedCertChain->len, outfile);
-#endif
-
- } else {
- error_out("Error: Unable to DER encode certificate");
- }
-#ifdef FILEOUT
- printf("\nI got here!\n");
- fflush(outfile);
- fclose(outfile);
-#endif
- fflush(stdout);
- return 0;
-}
-
diff --git a/security/nss/cmd/certcgi/index.html b/security/nss/cmd/certcgi/index.html
deleted file mode 100644
index 0bd79f3ce..000000000
--- a/security/nss/cmd/certcgi/index.html
+++ /dev/null
@@ -1,956 +0,0 @@
-<HTML> <!-- -*- Mode: Java; tab-width: 8 -*- -->
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<HEAD>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<SCRIPT LANGUAGE="JavaScript1.2">
-
-script_url = 'http://interzone.mcom.com/cgi-bin/certomatic/bin/certcgi.cgi'
-
-ext_page_ver1 =
- make_page_intro('Version 1 extensions', "#FFFFFF") +
- '<layer ID="ext1">' +
- 'Version 1 X.509 certs do not support extensions' +
- '</layer>' +
- '</body></html>';
-
-cur_page = 1;
-
-num_ca = 0;
-
-index_list =
- '0, your_certificate_index_label,' +
- '0, netscape_extensions_index_label,' +
- '0, standard_extensions_index_label,' +
- '0, certifying_authorities_index_label';
-
-var main_page =
- make_page_intro('Your Key', "#FFFFFF") +
- '<layer ID="main" SRC="main.html">' +
- '</layer>' +
- '</body></html>' ;
-
-add_index_list = '';
-
-max_pages = 13;
-
-ver = 3
-
-ext_page_array = new Array(max_pages);
-
-index_label = 'Options';
-
-your_certificate_index_label = 'Your Certificate';
-
-netscape_extensions_index_label = 'Netscape X.509 Extensions';
-
-standard_extensions_index_label = 'Standard X.509 Extensions';
-
-certifying_authorities_index_label = 'Certifying Authorities';
-
-add_sub_alt_name_index_label = 'Add Subject Alternative Name';
-
-function setSubAltNameType(form)
-{
- with(form)
- {
- if (SubAltNameRadio[0].checked)
- {
- return true;
- }
- if (SubAltNameRadio[3].checked || SubAltNameRadio[5].checked)
- {
- SubAltNameDataType.checked = true;
- return true;
- }
- if (SubAltNameRadio[1].checked || SubAltNameRadio[2].checked ||
- SubAltNameRadio[4].checked || SubAltNameRadio[6].checked ||
- SubAltNameRadio[7].checked || SubAltNameRadio[8].checked)
- {
- SubAltNameDataType.checked = false;
- return true;
- }
- }
- return true;
-}
-
-function setIssuerAltNameType(form)
-{
- with(form)
- {
- if (IssuerAltNameRadio[0].checked)
- {
- return true;
- }
- if (IssuerAltNameRadio[3].checked || IssuerAltNameRadio[5].checked)
- {
- IssuerAltNameDataType.checked = true;
- return true;
- }
- if (IssuerAltNameRadio[1].checked || IssuerAltNameRadio[2].checked ||
- IssuerAltNameRadio[4].checked || IssuerAltNameRadio[6].checked ||
- IssuerAltNameRadio[7].checked || IssuerAltNameRadio[8].checked)
- {
- IssuerAltNameDataType.checked = false;
- return true;
- }
- }
- return true;
-}
-
-
-function setNameConstraintNameType(form)
-{
- with(form)
- {
- if (NameConstraintRadio[0].checked)
- {
- return true;
- }
- if (NameConstraintRadio[3].checked || NameConstraintRadio[5].checked)
- {
- NameConstraintNameDataType.checked = true;
- return true;
- }
- if (NameConstraintRadio[1].checked || NameConstraintRadio[2].checked ||
- NameConstraintRadio[4].checked || NameConstraintRadio[6].checked ||
- NameConstraintRadio[7].checked || NameConstraintRadio[8].checked)
- {
- NameConstraintNameDataType.checked = false;
- return true;
- }
- }
- return true;
-}
-
-
-function addSubAltName(form)
-{
-
- with(form)
- {
- var len = SubAltNameSelect.length;
- var value;
- var i = 0;
- while(!(i == (SubAltNameRadio.length - 1)) & !(SubAltNameRadio[i].checked == true))
- {
- i++;
- }
- if (i != 0)
- {
- value = SubAltNameText.value + " - " + (i + 1);
- }
- else
- {
- value = SubAltNameText.value + " - " + SubAltNameOtherNameOID.value + " - ";
- if (SubAltNameDataType.checked)
- {
- value += "1 - ";
- }
- else
- {
- value += "0 - ";
- }
- value += (i + 1);
- if (SubAltNameOtherNameOID.value == "")
- {
- alert("Other names must include an OID");
- return false;
- }
- }
-
- if ((SubAltNameText.value == "") | (SubAltNameRadio[i].checked != true))
- {
- alert("Alternative Names must include values for name and name type.");
- }
- else
- {
- SubAltNameSelect.options[len] = new Option(value, value);
- }
- }
- return true;
-}
-
-function deleteSubAltName(form)
-{
- with(form)
- {
- while (SubAltNameSelect.selectedIndex >= 0)
- {
- SubAltNameSelect[SubAltNameSelect.selectedIndex] = null;
- }
- }
-}
-
-function addIssuerAltName(form)
-{
- with(form)
- {
- var len = IssuerAltNameSelect.length;
- var value;
- var i = 0;
-
- while(!(i == (IssuerAltNameRadio.length -1)) & !(IssuerAltNameRadio[i].checked == true))
- {
- i++;
- }
- if (i != 0)
- {
- value = IssuerAltNameText.value + " - " + (i + 1);
- }
- else
- {
- value = IssuerAltNameText.value + " - " + IssuerAltNameOtherNameOID.value + " - ";
- if (IssuerAltNameDataType.checked)
- {
- value += "1 - ";
- }
- else
- {
- value += "0 - ";
- }
- value += (i + 1);
- if (IssuerAltNameOtherNameOID.value == "")
- {
- alert("Other names must include an OID");
- return false;
- }
- }
- if ((IssuerAltNameText.value == "") | (IssuerAltNameRadio[i].checked != true))
- {
- alert("Alternative Names must include values for name and name type.")
- }
- else
- {
- IssuerAltNameSelect.options[len] = new Option(value, value);
- }
- }
- return true;
-}
-
-function deleteIssuerAltName(form)
-{
- with(form)
- {
- while (IssuerAltNameSelect.selectedIndex >= 0)
- {
- IssuerAltNameSelect[IssuerAltNameSelect.selectedIndex] = null;
- }
- }
-}
-
-
-
-function addNameConstraint(form)
-{
- with(form)
- {
- var len = NameConstraintSelect.length;
- var value;
- var i = 0;
- var min = NameConstraintMin.value;
- var max = NameConstraintMax.value;
-
- while(!(i == (NameConstraintRadio.length - 1) ) & !(NameConstraintRadio[i].checked == true))
- {
- i++;
- }
- value = NameConstraintText.value + " - ";
- if (i == 0)
- {
- value += NameConstraintOtherNameOID.value + " - ";
- if (NameConstraintNameDataType.checked)
- {
- value += "1 - ";
- }
- else
- {
- value += "0 - ";
- }
- if (NameConstraintOtherNameOID.value == "")
- {
- alert("Other names must include an OID");
- return false;
- }
- }
- value += (i + 1) + " - ";
- if (NameConstraintTypeRadio[0].checked == true)
- {
- value += "p - ";
- }
- else
- {
- value += "e - ";
- }
- value += min + " - " + max;
- if ((min == "") | (NameConstraintText.value == "") | (NameConstraintRadio[i].checked != true))
- {
- alert("Name Constraints must include values for minimum, name, and name type.")
- }
- else
- {
- NameConstraintSelect.options[len] = new Option(value, value);
- }
- }
- return true;
-}
-
-function deleteNameConstraint(form)
-{
- with(form)
- {
- while (NameConstraintSelect.selectedIndex >= 0)
- {
- NameConstraintSelect[NameConstraintSelect.selectedIndex] = null;
- }
- }
-}
-
-
-function submit_it()
-{
- save_cur_page(cur_page);
-
- var array_string;
- var subject = ext_page_array[0][22][0];
- var serial = ext_page_array[0][10][0];
- var ver1 = (ver == 1);
- var ver3 = (ver == 3);
- var serial_number = ext_page_array[0][12][0];
- var notBefore = ext_page_array[0][20][0];
- var notAfter = ext_page_array[0][21][0];
- var manValidity = ext_page_array[0][19][0];
-
- if (subject == "")
- {
- alert("The DN field must contain some data");
- return false;
- }
- if (!serial & serial_number == "")
- {
- alert("No serial number specified");
- return false;
- }
- if (ext_page_array[0][15][0])
- {
- var keygen = "<keygen name=\"key\" challenge=\"foo\">";
- }
- else
- {
- switch (ext_page_array[0][17][0]) {
- case 2:
- var keygen = "<keygen keytype=\"dsa\" pqg=\"MIGdAkEAjfKklEkidqo9JXWbsGhpy+rA2Dr7jQz3y7gyTw14guXQdi/FtyEOr8Lprawyq3qsSWk9+/g3JMLsBzbuMcgCkQIVAMdzIYxzfsjumTtPLe0w9I7azpFfAkEAYm0CeDnqChNBMWOlW0y1ACmdVSKVbO/LO/8Q85nOLC5xy53l+iS6v1jlt5UhklycxC6fb0ZLCIzFcq9T5teIAg==\" name=\"key\" challenge=\"foo\">";
- break;
- case 1:
- var keygen = "<keygen keytype=\"dsa\" pqg=\"MIHaAmDCboVgX0+6pEeMlbwsasWDVBcJNHPKMzkq9kbCRK2U3k+tE15n+Dc2g3ZjDYr1um51e2iLC34/BwAAAAAAAAAAAAAAAAAAAAAAAAABbBhnlFN5Djmt0Mk8cdEBY5H8iPMCFMhUnFtbpjn3EyfH2DjVg3ALh7FtAmA2zWzhpeCwvOTjYnQorlXiv0WcnSiWmaC79CRYkFt5i+UEfRxwP1eNGJBVB1T+CPW6JGd4WhgsqtSf53pn5DEtv++O7lNfXyOhWhb3KaWHYIx8fuAXtioIWkWmpfEIVZA=\" name=\"key\" challenge=\"foo\">";
- break;
- case 0:
- var keygen = "<keygen keytype=\"dsa\" pqg=\"MIIBHAKBgId8SiiWrcdua5zbsBhPkKfFcnHBG7T/bQla7c6OixGjjmSSuq2fJLvMKa579CaxHxLZzZZXIHmAk9poRgWl2GUUkCJ68XSum8OQzDPXPsofcEdeANjw3mIAAAAAAAAAAAAAAAAAAAAAAAAIE+MkW5hguLIQqWvEVi9dMpbNu6OZAhTIA+y3TgyiwA0D8pt686ofaL1IOQKBgAiZQC6UCXztr2iXxJrAC+51gN5oX/R9Thilln9RGegsWnHrdxUOpcm5vAWp1LU8TOXtujE8kqkm3UxIRhUWQORe9IxLANAXmZJqkw9FEVHkxj6Cy9detwT2MyBzSwS6avsf7aLisgHmI/IHSeapJsQ3NQa3rikb6zRiqIV+TVa6\" name=\"key\" challenge=\"foo\">";
- break;
- }
- }
- array_string = build_array_string();
- hiddens = "<input type=\"hidden\" name=\"subject\" value=\'" + subject + "\'> \n" +
- "<input type=\"hidden\" name=\"serial-auto\" value=\"" + serial + "\"> \n" +
- "<input type=\"hidden\" name=\"serial_value\" value=\"" + serial_number + "\"> \n" +
- "<input type=\"hidden\" name=\"ver-1\" value=\"" + ver1 + "\"> \n" +
- "<input type=\"hidden\" name=\"ver-3\" value=\"" + ver3 + "\"> \n" +
- "<input type=\"hidden\" name=\"notBefore\" value=\"" + notBefore + "\"> \n" +
- "<input type=\"hidden\" name=\"notAfter\" value=\"" + notAfter + "\"> \n" +
- "<input type=\"hidden\" name=\"manValidity\" value=\"" + manValidity + "\"> \n" +
- array_string;
-
- var good_submit_page =
- '<html>' +
- '<BODY TEXT="#000000" LINK="#000000" VLINK="#000000" ALINK="#FF0000" BGCOLOR="#FFFFFF">' +
- '<form method="post" action="' + script_url + '">' +
- 'Select size for your key:' + keygen + '</p>' +
- '<input type="submit"></p>' +
- hiddens +
- '</form>\n' +
- '</body>\n' +
- '</html>\n';
-
- window.frames.extensions.document.write(good_submit_page);
- window.frames.extensions.document.close();
- cur_page = max_pages + 1;
- make_index(window);
- return false;
-}
-
-
-
-function build_array_string()
-{
- var j;
- var array_string = '';
- var pages;
-
- if ((ext_page_array[3][4][0] > 0) && ext_page_array[3][3][0])
- {
- pages = 4 + parseInt(ext_page_array[3][4][0]);
- }
- else
- {
- pages = 4;
- }
- for (j = 1; j < pages; j++)
- {
- if ((j > 1 || (ver == 3)) &&
- (ext_page_array[j].length > 1))
- {
- if (j < 4)
- {
- for (i = 0; i < ext_page_array[j].length; i++)
- {
- if (ext_page_array[j][i][3].indexOf("radio") == -1)
- {
- if (ext_page_array[j][i][3].indexOf("multiple") == -1)
- {
- array_string += '<input type=\"hidden\" name=\"' + ext_page_array[j][i][1] + '\" value=\'' + ext_page_array[j][i][0] + '\'> \n';
- }
- else
- {
- for (k = 0; k < ext_page_array[j][i][0].length; k++)
- {
- array_string += '<input type=\"hidden\" name=\"' + ext_page_array[j][i][1] + k + '\" value=\'' + ext_page_array[j][i][0][k] + '\'> \n';
- }
- }
- }
- else
- {
- array_string += '<input type=\"hidden\" name=\"' + ext_page_array[j][i][1] + '-' + ext_page_array[j][i][2] + '\" value=\'' + ext_page_array[j][i][0] + '\'> \n';
- }
- }
- }
- else
- {
- for (i = 0; i < ext_page_array[j].length; i++)
- {
- if (ext_page_array[j][i][3].indexOf("radio") == -1)
- {
- if (ext_page_array[j][i][3].indexOf("multiple") == -1)
- {
- array_string += '<input type=\"hidden\" name=\"' + 'CA#' + (j - 3) + '-' + ext_page_array[j][i][1] + '\" value=\'' + ext_page_array[j][i][0] +'\'> \n';
- }
- else
- {
- for (k = 0; k < ext_page_array[j][i][0].length; k++)
- {
- array_string += '<input type=\"hidden\" name=\"' + 'CA#' + (j - 3) + '-' + ext_page_array[j][i][1] + k + '\" value=\'' + ext_page_array[j][i][0][k] + '\'> \n';
- }
- }
- }
- else
- {
- array_string += '<input type=\"hidden\" name=\"' + 'CA#' + (j - 3) + '-' + ext_page_array[j][i][1] + '-' + ext_page_array[j][i][2] + '\" value=\'' + ext_page_array[j][i][0] + '\'> \n';
- }
- }
- }
- }
- }
- return array_string;
-}
-
-
-
-function init_ext_page_array()
-{
- for (i = 0; i < max_pages; i++)
- {
- ext_page_array[i] = '';
- }
-}
-
-function ca_num_change(n,ca_form)
-{
- with(ca_form)
- {
- n = parseInt(n,10);
- if (caChoiceradio[2].checked)
- {
- if (n)
- {
- update_index(n);
- }
- else
- {
- update_index(0);
- }
- }
- }
-}
-
-function choice_change(ca_form)
-{
- with(ca_form)
- {
- if (caChoiceradio[2].checked)
- {
- ca_num_change(manCAs.value,ca_form);
- }
- else
- {
- update_index(0);
- }
- }
-}
-
-function update_index(n)
-{
- var add_string = '';
- for (var i = 0; i < n; i++)
- {
- var j = i + 1;
- add_string = add_string + ',1, \'CA #' + j + '\'';
- }
- top.add_index_list = add_string;
- num_ca = n;
- make_index(window);
-}
-
-function set_ver1()
-// redraws the extensions page for version 1 certificates
-{
- ver = 1
- if (cur_page == 2 || cur_page == 3)
- {
- sa_switch_pane(window, cur_page, cur_page);
- }
-}
-
-
-function set_ver3()
-// redraws the extensions page for version 3 certificates
-{
- ver = 3
- if (cur_page == 2)
- {
- sa_switch_pane(window, 0, 2);
- }
- else if (cur_page == 3)
- {
- sa_switch_pane(window, 0, 3);
- }
-}
-
-function reset_subject(marker, value, form)
-// Updates the subject field from a subordinate field
-{
- with(form)
- {
- var field_sep = '", ';
- var begin_index = subject.value.indexOf(marker);
- if (begin_index != 0 && subject.value[begin_index - 1] != ' ')
- {
- begin_index = subject.value.indexOf(marker, begin_index +1);
- }
- var end_index = subject.value.indexOf(field_sep, begin_index);
- if (begin_index > -1) // is it a delete/change?
- {
- if (end_index == -1) // is it the last one (includes only one)?
- {
- if (value.length > 0) // do I have to change it?
- {
- if (begin_index == 0) // is is the only one?
- {
- subject.value = marker + '"' + value + '"';
- }
- else // it is the last of many
- {
- subject.value = subject.value.substring(0,begin_index) + marker + '"' + value + '"';
- }
- }
- else // must be a delete
- {
- if (begin_index == 0) // is it the only one?
- {
- begin_index += 2;
- }
- subject.value = subject.value.substring(0,(begin_index - 2));
- }
- }
- else // it is the first of many or a middle one
- {
- if (value.length >0) // do I have to change it?
- {
- subject.value = subject.value.substring(0,(begin_index + marker.length + 1)) + value + subject.value.substring(end_index,subject.length);
- }
- else // it is a delete
- {
- subject.value = subject.value.substring(0,begin_index) + subject.value.substring((end_index + 3),subject.length);
- }
- }
- }
- else // It is either an insert or a do nothing
- {
- if (value.length > 0) // is it an insert?
- {
- if (subject.value.length == 0) // is subject currently empty?
- {
- subject.value = marker + '"' + value + '"';
- }
- else
- {
- subject.value = subject.value + ', ' + marker + '"' + value + '"';
- }
- }
- }
- }
-}
-
-
-
-function reset_subjectFields(form)
-// updates all the subordinate fields from the subject field of a form
-// ************ move the strings to global variables, to make maintentance easier ****************
-{
-
- update_subject_Field(form, 'CN=\"', form.name);
- update_subject_Field(form, 'MAIL=\"', form.email);
- update_subject_Field(form, 'O=\"', form.org);
- update_subject_Field(form, 'C=\"', form.country);
- update_subject_Field(form, ' L=\"', form.loc);
- update_subject_Field(form, 'ST=\"', form.state);
- update_subject_Field(form, 'E=\"', form.email);
- update_subject_Field(form, 'OU=\"', form.org_unit);
- update_subject_Field(form, 'UID=\"', form.uid);
-}
-
-function update_subject_Field(form, marker, update_field)
-//updates a single subordinate field from the subject field of a form
-// *************** need to deal with the two types of e-mail addresses **************
-{
- with(form)
- {
- var field_sep = '", ';
- var begin_index = subject.value.indexOf(marker) + marker.length;
- var end_index = subject.value.indexOf(field_sep, begin_index);
- if (end_index == -1)
- {
- end_index = subject.value.indexOf('"',begin_index);
- }
- if (begin_index != (-1 + marker.length) )
- {
- update_field.value = subject.value.substring(begin_index, end_index);
- }
- else
- {
- update_field.value = '';
- }
- }
-}
-
-
-function switch_mail(form)
- // *************** I need to figure out if I want to delete the other type of e-mail address ************
-{
- if (form.email_type[0].checked)
- {
- var del = 'E=';
- var ins = 'MAIL=';
- }
- else
- {
- var del = 'MAIL=';
- var ins = 'E=';
- }
- reset_subject(del, '', form);
- reset_subject(ins, form.email.value, form);
-}
-
-function make_page_intro(title, bgcolor)
-{
- var style = '<STYLE TYPE="text/css">BODY{' +
- 'font-family: Geneva,MS Sans Serif,Arial,Lucida,Helvetica,sans-serif;' +
- 'font-size: 10pt;' +
- '}' +
- 'TD{' +
- 'font-family: Geneva,MS Sans Serif,Arial,Lucida,Helvetica,sans-serif;' +
- 'font-size: 10pt;}' +
- '</STYLE>';
-
- if (bgcolor == null) { bgcolor = "#C0C0C0"; }
- return '<HTML><HEAD>' +
- '<TITLE>' + title + '</TITLE>' +
- '</HEAD>' +
- '<BODY TEXT="#000000" LINK="#000000" VLINK="#000000" ALINK="#FF0000" ' +
- 'BGCOLOR="' + bgcolor + '">';
-}
-
-
-function make_index(window)
-{
- with (window.frames.index)
- {
- eval ('index_string = make_index_page(cur_page, ' + index_list + add_index_list + ' )');
- fool1 = make_page_intro(index_label, "#FFFFFF") +
- index_string + '</BODY></HTML>';
- document.write(fool1);
- document.close();
- }
-}
-
-
-function save_cur_page(page_number)
-{
- var len;
- var j = page_number - 1;
- if (frames.extensions.document.layers.length != 0)
- {
- with (frames.extensions.document.layers[0].document)
- {
- if ((page_number != 2 && page_number != 3 && page_number <= max_pages) ||
- ver == 3)
- {
- ext_page_array[j] = new Array(forms[0].elements.length);
- for (i = 0; i < forms[0].elements.length; i++)
- {
- ext_page_array[j][i] = new Array(4);
- switch (forms[0].elements[i].type)
- {
- case 'radio': case 'checkbox':
- ext_page_array[j][i][0] = forms[0].elements[i].checked;
- break;
- case 'select-one':
- ext_page_array[j][i][0] = forms[0].elements[i].selectedIndex;
- break;
- case 'select-multiple':
- len = forms[0].elements[i].options.length;
- ext_page_array[j][i][0] = new Array(len);
- for(k = 0; k < len; k++)
- {
- ext_page_array[j][i][0][k] = forms[0].elements[i].options[k].value;
- }
- break;
- default:
- ext_page_array[j][i][0] = forms[0].elements[i].value;
- }
- ext_page_array[j][i][1] = forms[0].elements[i].name;
- ext_page_array[j][i][2] = forms[0].elements[i].value;
- ext_page_array[j][i][3] = forms[0].elements[i].type;
- }
- }
- }
- }
-}
-
-function reload_form(page_number)
-{
- var j = page_number - 1;
- with (frames.extensions.document.layers[0].document)
- {
- if (((page_number < 2 || page_number > 3) || ver == 3)
- && page_number != 0 && (ext_page_array[j].length > 1))
- {
- for (i = 0; i < ext_page_array[j].length; i++)
- {
- switch (forms[0].elements[i].type)
- {
- case 'radio': case 'checkbox':
- forms[0].elements[i].checked = ext_page_array[j][i][0];
- break;
- case 'select-one':
- forms[0].elements[i].selectedIndex = ext_page_array[j][i][0];
- break;
- case 'select-multiple':
- for (k = 0; k < ext_page_array[j][i][0].length; k++)
- {
- forms[0].elements[i].options[k] = new Option(ext_page_array[j][i][0][k],
- ext_page_array[j][i][0][k]);
- }
- break;
- default:
- forms[0].elements[i].value = ext_page_array[j][i][0];
- }
- }
- }
- }
-}
-
-function sa_switch_pane(top_window, old_pane, new_pane)
-{
- var ext_page_stnd =
- make_page_intro(standard_extensions_index_label, "#FFFFFF") +
- '<layer ID="ext" SRC="stnd_ext_form.html">' +
- '</layer>' +
- '</body></html>';
-
- var ext_page_nscp =
- make_page_intro(netscape_extensions_index_label, "#FFFFFF") +
- '<layer ID="ext" SRC="nscp_ext_form.html">' +
- '</layer>' +
- '</body></html>';
-
- var ext_page_ca =
- make_page_intro(certifying_authorities_index_label, "#FFFFFF") +
- '<layer ID="ext" SRC="ca.html">' +
- '</layer>' +
- '</body</html>';
-
- var ext_page_ca_exp =
- make_page_intro('Certifying Authority Details', "#FFFFFF") +
- '<layer ID="ext" SRC="ca_form.html">' +
- '</layer>' +
- '</body></html>';
-
-
- if (old_pane > 0 && cur_page <= max_pages)
- {
- save_cur_page(old_pane);
- }
- cur_page = new_pane;
- make_index(top_window);
- if (new_pane == 2 || new_pane == 3)
- {
- if (ver == 1)
- {
- frames.extensions.document.write(ext_page_ver1);
- frames.extensions.document.close();
- }
- else
- {
- if (new_pane == 2)
- {
- frames.extensions.document.write(ext_page_nscp);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- else
- {
- frames.extensions.document.write(ext_page_stnd);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- }
- }
- else
- {
- if (new_pane == 4)
- {
- frames.extensions.document.write(ext_page_ca);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- else
- {
- if (new_pane == 1)
- {
- frames.extensions.document.write(main_page);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- else
- {
- frames.extensions.document.write(ext_page_ca_exp);
- frames.extensions.document.close();
- reload_form(new_pane);
- }
- }
- }
-}
-
-function make_index_page(selected)
-{
- var n_strings = ( make_index_page.arguments.length - 1 ) / 2;
- var table_background;
- var command;
- var indent;
- var label;
- var ret_string = "";
-
- ret_string += '<TABLE CELLSPACING=4>';
- for ( var i = 1; i <= n_strings; i++ ) {
- if ( i == selected ) {
- table_background = 'BGCOLOR=#BBCCBB';
- } else {
- table_background = '';
- }
-
- indent = make_index_page.arguments[(i*2) - 1];
- label = make_index_page.arguments[(i*2)];
-
- if ( indent == 0 ) {
- ret_string += ('<TR><TD COLSPAN=2 ' + table_background + '>');
- } else {
- ret_string += ('<TR><TD>&nbsp;&nbsp;</TD><TD ' + table_background + '>');
- }
-
- command = "'parent.sa_switch_pane(parent," + selected + "," + i + ")'";
- ret_string += ('<A HREF="javascript:void setTimeout(' + command + ',0)">');
- if ( indent == 0 ) { ret_string += "<B>"; }
- ret_string += label;
- if ( indent == 0 ) { ret_string += "</B>"; }
- ret_string += '</A></TD></TR>';
- }
- if (selected == (max_pages + 1))
- {
- table_background = 'BGCOLOR=#BBCCBB';
- } else {
- table_background = '';
- }
- ret_string +=
- '<TR><TD COLSPAN=2 ' + table_background +
- '><b><A HREF="javascript:void setTimeout(\'top.submit_it()\', 0)">Finish</A></b>' +
- '</TD></TR>' +
- '<input type="submit"></form>' +
- '</TABLE>';
- return(ret_string);
-}
-
-
-function make_page(window)
-// Draws the initial page setup
-{
- selected = cur_page
- init_ext_page_array()
-
- with (window.frames.extensions) {
- document.write(main_page);
- document.close();
- }
-
- make_index(window);
-
-}
-</script>
-
-</HEAD>
-<title>Cert-O-Matic</title>
- <FRAMESET cols="150,*" BORDER=3 ONLOAD="make_page(window)">
- <FRAME SRC="about:blank" NAME="index"
- MARGINWIDTH=15 MARGINHEIGHT=10 BORDER=3>
- <FRAME SRC="about:blank" NAME="extensions"
- MARGINWIDTH=15 MARGINHEIGHT=10 BORDER=3>
- </FRAMESET>
-</HTML>
diff --git a/security/nss/cmd/certcgi/main.html b/security/nss/cmd/certcgi/main.html
deleted file mode 100644
index 50e138aee..000000000
--- a/security/nss/cmd/certcgi/main.html
+++ /dev/null
@@ -1,105 +0,0 @@
-<HTML>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<HEAD>
- <TITLE>Main Layer for CertOMatic</TITLE>
-</HEAD>
-
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <table border=0 cellspacing=10 cellpadding=0>
- <tr>
- <td>
- Common Name:</td><td> <input type="text" name="name" onChange="{window.top.reset_subject('CN=', value, form)}"></p>
- </td>
- <td></td><td></td>
- <td>
- Organization: </td><td> <input type="text" name="org" onChange="{window.top.reset_subject('O=', value, form)}"></p></td>
- <tr>
- <td>
- <input type="radio" name="email_type" value="1" onClick="window.top.switch_mail(form)">MAIL=
-
- <input type="radio" name="email_type" value="2" checked onClick="window.top.switch_mail(form)">E=
- </td>
- <td>
- <input type="text" name="email" onChange="var temp;{if (email_type[0].checked) {temp = 'MAIL='} else {temp = 'E='}} ;{window.top.reset_subject(temp, value, form)}">
- </td>
- <td></td><td></td><td>
- Organizational Unit: </td><td><input type="text" name="org_unit" onChange="{window.top.reset_subject('OU=', value, form)}"></p></td>
- <tr>
- <td>
- UID= </td><td><input type="text" name="uid" onChange="{window.top.reset_subject('UID=', value, form)}"></p></td>
- <td></td><td></td><td>
- Locality: </td><td><input type="text" name="loc" onChange="{window.top.reset_subject('L=', value, form)}"></p></td>
- <tr>
- <td>
- State or Province: </td><td><input type="text" name="state" onChange="{window.top.reset_subject('ST=', value, form)}"></p></td>
- <td></td><td></td><td>
- Country: </td><td><input type="text" size="2" name="country" onChange="{window.top.reset_subject('C=', value, form)}" maxlength="2"></p></td>
- <tr>
- <td COLSPAN=2>
- Serial Number:
- <DD><input type="radio" name="serial" value="auto" checked> Auto Generate
- <DD><input type="radio" name="serial" value="input">
- Use this hex value:&nbsp; <input type="text" name="serial_value" size="8" maxlength="8"></p>
- </td>
- <td></td> <td></td>
- <td COLSPAN=2>
- X.509 version:
- <DD><input type="radio" name="ver" value="1" onClick="if (this.checked) {window.top.set_ver1();}"> Version 1
- <DD><input type="radio" name="ver" value="3" checked onClick="if (this.checked) {window.top.set_ver3();}"> Version 3</P></td>
- <tr>
- <td COLSPAN=2>
- Key Type:
- <DD><input type="radio" name="keyType" value="rsa" checked> RSA
- <DD><input type="radio" name="keyType" value="dsa"> DSA</p>
- Intermediate CA Key Sizes:
- <DD><select name="keysize">
- <option>2048 (Very High Grade)
- <option>1024 (High Grade)
- <option>512 (Low Grade)
- </select>
- </td>
- <td></td> <td></td>
- <td COLSPAN=2>
- Validity:
- <DD><input type="radio" name="validity" value="auto" checked>
- Generate Automatically
- <DD><input type="radio" name="validity" value="man"> Use these values:
- <DD>Not Before:&nbsp; <input type="text" size="15" maxlength="17" name="notBefore">
- <DD>Not After:&nbsp;&nbsp;&nbsp; <input type="text" size="15" maxlength="17" name="notAfter">
- <DD>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
- <FONT SIZE=-1><TT>YYMMDDhhmm[ss]{Z|+hhmm|-hhmm} </TT></FONT>
- </table>
- DN: <input type="text" name="subject" size="70" onChange="{window.top.reset_subjectFields(form)}"></P>
- </form>
-</HTML>
diff --git a/security/nss/cmd/certcgi/manifest.mn b/security/nss/cmd/certcgi/manifest.mn
deleted file mode 100644
index e065a8e1a..000000000
--- a/security/nss/cmd/certcgi/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIREd.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = certcgi.c
-
-PROGRAM = certcgi
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/certcgi/nscp_ext_form.html b/security/nss/cmd/certcgi/nscp_ext_form.html
deleted file mode 100644
index de939eecb..000000000
--- a/security/nss/cmd/certcgi/nscp_ext_form.html
+++ /dev/null
@@ -1,113 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
- <body>
- <table border=1 cellspacing=5 cellpadding=5>
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <tr>
- <td>
- <b>Netscape Certificate Type: </b></p>
- Activate extension: <input type="checkbox" name="netscape-cert-type"></P>
- Critical: <input type="checkbox" name="netscape-cert-type-crit">
- <td>
- <input type="checkbox" name="netscape-cert-type-ssl-client"> SSL Client</P>
- <input type="checkbox" name="netscape-cert-type-ssl-server"> SSL Server</P>
- <input type="checkbox" name="netscape-cert-type-smime"> S/MIME</P>
- <input type="checkbox" name="netscape-cert-type-object-signing"> Object Signing</P>
- <input type="checkbox" name="netscape-cert-type-reserved"> Reserved for future use (bit 4)</P>
- <input type="checkbox" name="netscape-cert-type-ssl-ca"> SSL CA</P>
- <input type="checkbox" name="netscape-cert-type-smime-ca"> S/MIME CA</P>
- <input type="checkbox" name="netscape-cert-type-object-signing-ca"> Object Signing CA</P>
- </tr>
- <tr>
- <td>
- <b>Netscape Base URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-base-url"></P>
- Critical: <input type="checkbox" name="netscape-base-url-crit">
- <td>
- <input type="text" name="netscape-base-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Revocation URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-revocation-url"></P>
- Critical: <input type="checkbox" name="netscape-revocation-url-crit">
- <td>
- <input type="text" name="netscape-revocation-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape CA Revocation URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ca-revocation-url"></P>
- Critical: <input type="checkbox" name="netscape-ca-revocation-url-crit">
- <td>
- <input type="text" name="netscape-ca-revocation-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Certificate Renewal URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-cert-renewal-url"></P>
- Critical: <input type="checkbox" name="netscape-cert-renewal-url-crit">
- <td>
- <input type="text" name="netscape-cert-renewal-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape CA Policy URL:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ca-policy-url"></P>
- Critical: <input type="checkbox" name="netscape-ca-policy-url-crit">
- <td>
- <input type="text" name="netscape-ca-policy-url-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape SSL Server Name:</b></p>
- Activate extension: <input type="checkbox" name="netscape-ssl-server-name"></P>
- Critical: <input type="checkbox" name="netscape-ssl-server-name-crit">
- <td>
- <input type="text" name="netscape-ssl-server-name-text" size="50">
- </tr>
- <tr>
- <td>
- <b>Netscape Comment:</b></p>
- Activate extension: <input type="checkbox" name="netscape-comment"></P>
- Critical: <input type="checkbox" name="netscape-comment-crit">
- <td>
- <textarea name="netscape-comment-text" rows="5" cols="50"></textarea>
- </tr>
-
- </table>
- </body>
-</html>
diff --git a/security/nss/cmd/certcgi/stnd_ext_form.html b/security/nss/cmd/certcgi/stnd_ext_form.html
deleted file mode 100644
index ece9b2ff7..000000000
--- a/security/nss/cmd/certcgi/stnd_ext_form.html
+++ /dev/null
@@ -1,247 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
- <body>
- <table border=1 cellspacing=5 cellpadding=5>
- <form method="post" name="primary_form" action="http://interzone.mcom.com/burp.cgi">
- <tr>
- <td>
- <b>Key Usage: </b></p>
- Activate extension: <input type="checkbox" name="keyUsage"></P>
- Critical: <input type="checkbox" name="keyUsage-crit">
- <td>
- <input type="checkbox" name="keyUsage-digitalSignature"> Digital Signature</P>
- <input type="checkbox" name="keyUsage-nonRepudiation"> Non Repudiation</P>
- <input type="checkbox" name="keyUsage-keyEncipherment"> Key Encipherment</P>
- <input type="checkbox" name="keyUsage-dataEncipherment"> Data Encipherment</P>
- <input type="checkbox" name="keyUsage-keyAgreement"> Key Agreement</P>
- <input type="checkbox" name="keyUsage-keyCertSign"> Key Certificate Signing</P>
- <input type="checkbox" name="keyUsage-cRLSign"> CRL Signing</P>
- </tr>
- <tr>
- <td>
- <b>Extended Key Usage: </b></p>
- Activate extension: <input type="checkbox" name="extKeyUsage"></P>
- Critical: <input type="checkbox" name="extKeyUsage-crit">
- <td>
- <input type="checkbox" name="extKeyUsage-serverAuth"> Server Auth</P>
- <input type="checkbox" name="extKeyUsage-clientAuth"> Client Auth</P>
- <input type="checkbox" name="extKeyUsage-codeSign"> Code Signing</P>
- <input type="checkbox" name="extKeyUsage-emailProtect"> Email Protection</P>
- <input type="checkbox" name="extKeyUsage-timeStamp"> Timestamp</P>
- <input type="checkbox" name="extKeyUsage-ocspResponder"> OCSP Responder</P>
- <input type="checkbox" name="extKeyUsage-NS-govtApproved"> Step-up</P>
- </tr>
- <tr>
- <td>
- <b>Basic Constraints:</b></p>
- Activate extension: <input type="checkbox" name="basicConstraints"></P>
- Critical: <input type="checkbox" name="basicConstraints-crit">
- <td>
- CA:</p>
- <dd><input type=radio name="basicConstraints-cA-radio" value="CA"> True</p>
- <dd><input type=radio name="basicConstraints-cA-radio" value="NotCA"> False</p>
- <input type="checkbox" name="basicConstraints-pathLengthConstraint">
- Include Path length: <input type="text" name="basicConstraints-pathLengthConstraint-text" size="2"></p>
- </tr>
- <tr>
- <td>
- <b>Authority Key Identifier:</b></p>
- Activate extension: <input type="checkbox" name="authorityKeyIdentifier">
- <td>
- <input type="radio" name="authorityKeyIdentifier-radio" value="keyIdentifier"> Key Identider</p>
- <input type="radio" name="authorityKeyIdentifier-radio" value="authorityCertIssuer"> Issuer Name and Serial number</p>
- </tr>
- <tr>
- <td>
- <b>Subject Key Identifier:</b></p>
- Activate extension: <input type="checkbox" name="subjectKeyIdentifier">
- <td>
- Key Identifier:
- <input type="text" name="subjectKeyIdentifier-text"></p>
- This is an:<p>
- <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="ascii"> ascii text value<p>
- <dd><dd><input type="radio" name="subjectKeyIdentifier-radio" value="hex"> hex value<p>
- </tr>
- <tr>
- <td>
- <b>Private Key Usage Period:</b></p>
- Activate extension: <input type="checkbox" name="privKeyUsagePeriod"></p>
- Critical: <input type="checkbox" name="privKeyUsagePeriod-crit">
- <td>
- Use:</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notBefore"> Not Before</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="notAfter"> Not After</p>
- <dd><input type="radio" name="privKeyUsagePeriod-radio" value="both" > Both</p>
- <b>Not to be used to sign before:</b></p>
- <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="auto"> Set to time of certificate issue</p>
- <dd><input type="radio" name="privKeyUsagePeriod-notBefore-radio" value="manual"> Use This value</p>
- <dd><dd>(YYYY/MM/DD HH:MM:SS):
- <input type="text" name="privKeyUsagePeriod-notBefore-year" size="4" maxlength="4">/
- <input type="text" name="privKeyUsagePeriod-notBefore-month" size="2" maxlength="2">/
- <input type="text" name="privKeyUsagePeriod-notBefore-day" size="2" maxlength="2">
- <input type="text" name="privKeyUsagePeriod-notBefore-hour" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notBefore-minute" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notBefore-second" size="2" maxlength="2"></p>
- <b>Not to be used to sign after:</b></p>
- <dd>(YYYY/MM/DD HH:MM:SS):
- <input type="text" name="privKeyUsagePeriod-notAfter-year" size="4" maxlength="4">/
- <input type="text" name="privKeyUsagePeriod-notAfter-month" size="2" maxlength="2">/
- <input type="text" name="privKeyUsagePeriod-notAfter-day" size="2" maxlength="2">
- <input type="text" name="privKeyUsagePeriod-notAfter-hour" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notAfter-minute" size="2" maxlength="2">:
- <input type="text" name="privKeyUsagePeriod-notAfter-second" size="2" maxlength="2"></p>
- </tr>
- <tr>
- <td>
- <b>Subject Alternative Name:</b></p>
- Activate extension: <input type="checkbox" name="SubAltName"></P>
- Critical: <input type="checkbox" name="SubAltName-crit">
- <td>
- <table>
- <tr>
- <td>
- General Names:</p>
- <select name="SubAltNameSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="SubAltName-add" value="Add" onClick="{parent.addSubAltName(this.form)}">
- <input type="button" name="SubAltName-delete" value="Delete" onClick="parent.deleteSubAltName(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="SubAltNameRadio" value="otherName" onClick="parent.setSubAltNameType(form)"> Other Name,
- OID: <input type="text" name="SubAltNameOtherNameOID" size="6"> </td><td>
- <input type="radio" name="SubAltNameRadio" value="rfc822Name" onClick="parent.setSubAltNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="dnsName" onClick="parent.setSubAltNameType(form)"> DNS Name </td><td>
- <input type="radio" name="SubAltNameRadio" value="x400" onClick="parent.setSubAltNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="directoryName" onClick="parent.setSubAltNameType(form)"> Directory Name</td><td>
- <input type="radio" name="SubAltNameRadio" value="ediPartyName" onClick="parent.setSubAltNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="URL" onClick="parent.setSubAltNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="SubAltNameRadio" value="ipAddress" onClick="parent.setSubAltNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="SubAltNameRadio" value="regID"onClick="parent.setSubAltNameType(form)"> Registered ID</td><td>
- <input type="radio" name="SubAltNameRadio" value="nscpNickname" onClick="parent.setSubAltNameType(form)"> Netscape Certificate Nickname</td><td></tr>
- </table>
- Name: <input type="text" name="SubAltNameText">
- Binary Encoded: <input type="checkbox" name="SubAltNameDataType" value="binary" onClick="parent.setSubAltNameType(form)"></p>
- </tr>
- </table>
- </tr>
-
-
- <tr>
- <td>
- <b>Issuer Alternative Name:</b></p>
- Activate extension: <input type="checkbox" name="IssuerAltName"></P>
- Critical: <input type="checkbox" name="IssuerAltName-crit">
- <td>
- <input type="radio" name="IssuerAltNameSourceRadio" value="auto"> Use the Subject Alternative Name from the Issuers Certificate</p>
- <input type="radio" name="IssuerAltNameSourceRadio" value="man"> Use this Name:
- <table>
- <tr>
- <td>
- General Names:</p>
- <select name="IssuerAltNameSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="IssuerAltName-add" value="Add" onClick="{parent.addIssuerAltName(this.form)}">
- <input type="button" name="IssuerAltName-delete" value="Delete" onClick="parent.deleteIssuerAltName(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="otherName" onClick="parent.setIssuerAltNameType(form)"> Other Name,
- OID: <input type="text" name="IssuerAltNameOtherNameOID" size="6"> </td><td>
- <input type="radio" name="IssuerAltNameRadio" value="rfc822Name" onClick="parent.setIssuerAltNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="dnsName" onClick="parent.setIssuerAltNameType(form)"> DNS Name </td><td>
- <input type="radio" name="IssuerAltNameRadio" value="x400" onClick="parent.setIssuerAltNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="directoryName" onClick="parent.setIssuerAltNameType(form)"> Directory Name</td><td>
- <input type="radio" name="IssuerAltNameRadio" value="ediPartyName" onClick="parent.setIssuerAltNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="URL" onClick="parent.setIssuerAltNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="IssuerAltNameRadio" value="ipAddress" onClick="parent.setIssuerAltNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="IssuerAltNameRadio" value="regID" onClick="parent.setIssuerAltNameType(form)"> Registered ID</td><td></tr>
- </table>
- Name: <input type="text" name="IssuerAltNameText">
- Binary Encoded: <input type="checkbox" name="IssuerAltNameDataType" value="binary" onClick="parent.setIssuerAltNameType(form)"></p>
- </tr>
- </table>
- </tr>
-
- <tr>
- <td>
- <b>Name Constraints:</b></p>
- Activate extension: <input type="checkbox" name="NameConstraints"></P>
- <td>
- <table>
- <tr>
- <td>
- Name Constraints:</p>
- <select name="NameConstraintSelect" multiple size="10">
- </select></p></p>
- <input type="button" name="NameConstraint-add" value="Add" onClick="{parent.addNameConstraint(this.form)}">
- <input type="button" name="NameConstraint-delete" value="Delete" onClick="parent.deleteNameConstraint(this.form)">
- </td><td>
- <table><tr><td>
- Name Type: </td></tr><tr><td>
- <input type="radio" name="NameConstraintRadio" value="otherName" onClick="parent.setNameConstraintNameType(form)"> Other Name,
- OID: <input type="text" name="NameConstraintOtherNameOID" size="6"> </td><td>
- <input type="radio" name="NameConstraintRadio" value="rfc822Name" onClick="parent.setNameConstraintNameType(form)"> RFC 822 Name</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="dnsName" onClick="parent.setNameConstraintNameType(form)"> DNS Name </td><td>
- <input type="radio" name="NameConstraintRadio" value="x400" onClick="parent.setNameConstraintNameType(form)"> X400 Address</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="directoryName" onClick="parent.setNameConstraintNameType(form)"> Directory Name</td><td>
- <input type="radio" name="NameConstraintRadio" value="ediPartyName" onClick="parent.setNameConstraintNameType(form)"> EDI Party Name</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="URL" onClick="parent.setNameConstraintNameType(form)"> Uniform Resource Locator</td><td>
- <input type="radio" name="NameConstraintRadio" value="ipAddress" onClick="parent.setNameConstraintNameType(form)"> IP Address</td></tr><td>
- <input type="radio" name="NameConstraintRadio" value="regID" onClick="parent.setNameConstraintNameType(form)"> Registered ID</td><td></tr>
- </table>
- Name: <input type="text" name="NameConstraintText">
- Binary Encoded: <input type="checkbox" name="NameConstraintNameDataType" value="binary" onClick="parent.setNameConstraintNameType(form)"></p>
- Constraint type:<p>
- <dd><input type="radio" name="NameConstraintTypeRadio" value="permited"> permited<p>
- <dd><input type="radio" name="NameConstraintTypeRadio" value="excluded"> excluded<p>
- Minimum: <input type="text" name="NameConstraintMin" size="8" maxlength="8"></p>
- Maximum: <input type="text" name="NameConstraintMax" size="8" maxlength="8"></p>
- </tr>
- </table>
- </tr>
-
- </table>
- </body>
-</html>
-
-
-
-
-
-
-
-
diff --git a/security/nss/cmd/certutil/Makefile b/security/nss/cmd/certutil/Makefile
deleted file mode 100644
index 8650a607d..000000000
--- a/security/nss/cmd/certutil/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c
deleted file mode 100644
index f304f7762..000000000
--- a/security/nss/cmd/certutil/certutil.c
+++ /dev/null
@@ -1,2762 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** certutil.c
-**
-** utility for managing certificates and the cert database
-**
-*/
-#include <stdio.h>
-#include <string.h>
-
-#if defined(WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "pk11func.h"
-#include "secasn1.h"
-#include "cert.h"
-#include "cryptohi.h"
-#include "secoid.h"
-#include "certdb.h"
-#include "nss.h"
-
-#define MIN_KEY_BITS 512
-#define MAX_KEY_BITS 2048
-#define DEFAULT_KEY_BITS 1024
-
-#define GEN_BREAK(e) rv=e; break;
-
-
-extern SECKEYPrivateKey *CERTUTIL_GeneratePrivateKey(KeyType keytype,
- PK11SlotInfo *slot,
- int rsasize,
- int publicExponent,
- char *noise,
- SECKEYPublicKey **pubkeyp,
- char *pqgFile,
- secuPWData *pwdata);
-
-static char *progName;
-
-static CERTGeneralName *
-GetGeneralName (PRArenaPool *arena)
-{
- CERTGeneralName *namesList = NULL;
- CERTGeneralName *current;
- CERTGeneralName *tail = NULL;
- SECStatus rv = SECSuccess;
- int intValue;
- char buffer[512];
- void *mark;
-
- PORT_Assert (arena);
- mark = PORT_ArenaMark (arena);
- do {
- puts ("\nSelect one of the following general name type: \n");
- puts ("\t1 - instance of other name\n\t2 - rfc822Name\n\t3 - dnsName\n");
- puts ("\t4 - x400Address\n\t5 - directoryName\n\t6 - ediPartyName\n");
- puts ("\t7 - uniformResourceidentifier\n\t8 - ipAddress\n\t9 - registerID\n");
- puts ("\tOther - omit\n\t\tChoice:");
- scanf ("%d", &intValue);
- if (intValue >= certOtherName || intValue <= certRegisterID) {
- if (namesList == NULL) {
- namesList = current = tail = (CERTGeneralName *) PORT_ArenaAlloc
- (arena, sizeof (CERTGeneralName));
- } else {
- current = (CERTGeneralName *) PORT_ArenaAlloc(arena,
- sizeof (CERTGeneralName));
- }
- if (current == NULL) {
- GEN_BREAK (SECFailure);
- }
- } else {
- break;
- }
- current->type = intValue;
- puts ("\nEnter data:");
- fflush (stdout);
- gets (buffer);
- switch (current->type) {
- case certURI:
- case certDNSName:
- case certRFC822Name:
- current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer));
- if (current->name.other.data == NULL) {
- GEN_BREAK (SECFailure);
- }
- PORT_Memcpy
- (current->name.other.data, buffer, current->name.other.len = strlen(buffer));
- break;
-
- case certEDIPartyName:
- case certIPAddress:
- case certOtherName:
- case certRegisterID:
- case certX400Address: {
-
- current->name.other.data = PORT_ArenaAlloc (arena, strlen (buffer) + 2);
- if (current->name.other.data == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- PORT_Memcpy (current->name.other.data + 2, buffer, strlen (buffer));
- /* This may not be accurate for all cases. For now, use this tag type */
- current->name.other.data[0] = (char)(((current->type - 1) & 0x1f)| 0x80);
- current->name.other.data[1] = (char)strlen (buffer);
- current->name.other.len = strlen (buffer) + 2;
- break;
- }
-
- case certDirectoryName: {
- CERTName *directoryName = NULL;
-
- directoryName = CERT_AsciiToName (buffer);
- if (!directoryName) {
- fprintf(stderr, "certutil: improperly formatted name: \"%s\"\n", buffer);
- break;
- }
-
- rv = CERT_CopyName (arena, &current->name.directoryName, directoryName);
- CERT_DestroyName (directoryName);
-
- break;
- }
- }
- if (rv != SECSuccess)
- break;
- current->l.next = &(namesList->l);
- current->l.prev = &(tail->l);
- tail->l.next = &(current->l);
- tail = current;
-
- }while (1);
-
- if (rv != SECSuccess) {
- PORT_SetError (rv);
- PORT_ArenaRelease (arena, mark);
- namesList = NULL;
- }
- return (namesList);
-}
-
-static SECStatus
-GetString(PRArenaPool *arena, char *prompt, SECItem *value)
-{
- char buffer[251];
-
- value->data = NULL;
- value->len = 0;
-
- puts (prompt);
- gets (buffer);
- if (strlen (buffer) > 0) {
- value->data = PORT_ArenaAlloc (arena, strlen (buffer));
- if (value->data == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return (SECFailure);
- }
- PORT_Memcpy (value->data, buffer, value->len = strlen(buffer));
- }
- return (SECSuccess);
-}
-
-static CERTCertificateRequest *
-GetCertRequest(PRFileDesc *inFile, PRBool ascii)
-{
- CERTCertificateRequest *certReq = NULL;
- CERTSignedData signedData;
- PRArenaPool *arena = NULL;
- SECItem reqDER;
- SECStatus rv;
-
- reqDER.data = NULL;
- do {
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- rv = SECU_ReadDERFromFile(&reqDER, inFile, ascii);
- if (rv)
- break;
- certReq = (CERTCertificateRequest*) PORT_ArenaZAlloc
- (arena, sizeof(CERTCertificateRequest));
- if (!certReq)
- break;
- certReq->arena = arena;
-
- /* Since cert request is a signed data, must decode to get the inner
- data
- */
- PORT_Memset(&signedData, 0, sizeof(signedData));
- rv = SEC_ASN1DecodeItem(arena, &signedData, CERT_SignedDataTemplate,
- &reqDER);
- if (rv)
- break;
-
- rv = SEC_ASN1DecodeItem(arena, certReq, CERT_CertificateRequestTemplate,
- &signedData.data);
- } while (0);
-
- if (rv) {
- PRErrorCode perr = PR_GetError();
- fprintf(stderr, "%s: unable to decode DER cert request (%s)\n", progName,
- SECU_Strerror(perr));
- }
- return (certReq);
-}
-
-static PRBool
-GetYesNo(char *prompt)
-{
- char buf[3];
-
- PR_Sync(PR_STDIN);
- PR_Write(PR_STDOUT, prompt, strlen(prompt)+1);
- PR_Read(PR_STDIN, buf, sizeof(buf));
- return (buf[0] == 'y' || buf[0] == 'Y') ? PR_TRUE : PR_FALSE;
-#if 0
- char charValue;
-
- puts (prompt);
- scanf ("%c", &charValue);
- if (charValue != 'y' && charValue != 'Y')
- return (0);
- return (1);
-#endif
-}
-
-static SECStatus
-AddCert(PK11SlotInfo *slot, CERTCertDBHandle *handle, char *name, char *trusts,
- PRFileDesc *inFile, PRBool ascii, PRBool emailcert, void *pwdata)
-{
- CERTCertTrust *trust = NULL;
- CERTCertificate *cert = NULL, *tempCert = NULL;
- SECItem certDER;
- SECStatus rv;
-
- certDER.data = NULL;
- do {
- /* Read in the entire file specified with the -i argument */
- rv = SECU_ReadDERFromFile(&certDER, inFile, ascii);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "unable to read input file");
- break;
- }
-
- /* Read in an ASCII cert and return a CERTCertificate */
- cert = CERT_DecodeCertFromPackage((char *)certDER.data, certDER.len);
- if (!cert) {
- SECU_PrintError(progName, "could not obtain certificate from file");
- GEN_BREAK(SECFailure);
- }
-
- /* Create a cert trust to pass to SEC_AddPermCertificate */
- trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust));
- if (!trust) {
- SECU_PrintError(progName, "unable to allocate cert trust");
- GEN_BREAK(SECFailure);
- }
-
- rv = CERT_DecodeTrustString(trust, trusts);
- if (rv) {
- SECU_PrintError(progName, "unable to decode trust string");
- GEN_BREAK(SECFailure);
- }
-
-#ifdef notdef
- /* CERT_ImportCert only collects certificates and returns the
- * first certficate. It does not insert these certificates into
- * the dbase. For now, just call CERT_NewTempCertificate.
- * This will result in decoding the der twice. This have to
- * be handle properly.
- */
-
- tempCert = CERT_NewTempCertificate(handle, &cert->derCert, NULL,
- PR_FALSE, PR_TRUE);
-
- if (!PK11_IsInternal(slot)) {
- tempCert->trust = trust;
-
- rv = PK11_ImportCertForKeyToSlot(slot, tempCert, name,
- PR_FALSE, NULL);
- }
-
- if (tempCert == NULL) {
- SECU_PrintError(progName,"unable to add cert to the temp database");
- GEN_BREAK(SECFailure);
- }
-
- rv = CERT_AddTempCertToPerm(tempCert, name, trust);
- if (rv) {
- SECU_PrintError(progName, "could not add certificate to database");
- GEN_BREAK(SECFailure);
- }
-
- if ( emailcert )
- CERT_SaveSMimeProfile(tempCert, NULL, NULL);
-#else
- cert->trust = trust;
- rv = PK11_Authenticate(slot, PR_TRUE, pwdata);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "could authenticate to token or database");
- GEN_BREAK(SECFailure);
- }
-
- rv = PK11_ImportCert(slot, cert, CK_INVALID_HANDLE, name, PR_FALSE);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "could not add certificate to token or database");
- GEN_BREAK(SECFailure);
- }
-
- rv = CERT_ChangeCertTrust(handle, cert, trust);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "could not change trust on certificate");
- GEN_BREAK(SECFailure);
- }
-
- if ( emailcert ) {
- CERT_SaveSMimeProfile(cert, NULL, pwdata);
- }
-
-#endif
- } while (0);
-
-#ifdef notdef
- CERT_DestroyCertificate (tempCert);
-#endif
- CERT_DestroyCertificate (cert);
- PORT_Free(trust);
- PORT_Free(certDER.data);
-
- return rv;
-}
-
-static SECStatus
-CertReq(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk, KeyType keyType,
- CERTName *subject, char *phone, int ascii, PRFileDesc *outFile)
-{
- CERTSubjectPublicKeyInfo *spki;
- CERTCertificateRequest *cr;
- SECItem *encoding;
- SECItem result;
- SECStatus rv;
- PRArenaPool *arena;
- PRInt32 numBytes;
-
- /* Create info about public key */
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
- if (!spki) {
- SECU_PrintError(progName, "unable to create subject public key");
- return SECFailure;
- }
-
- /* Generate certificate request */
- cr = CERT_CreateCertificateRequest(subject, spki, 0);
- if (!cr) {
- SECU_PrintError(progName, "unable to make certificate request");
- return SECFailure;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- SECU_PrintError(progName, "out of memory");
- return SECFailure;
- }
-
- /* Der encode the request */
- encoding = SEC_ASN1EncodeItem(arena, NULL, cr,
- CERT_CertificateRequestTemplate);
- if (encoding == NULL) {
- SECU_PrintError(progName, "der encoding of request failed");
- return SECFailure;
- }
-
- /* Sign the request */
- switch (keyType) {
- case rsaKey:
- rv = SEC_DerSignData(arena, &result, encoding->data, encoding->len,
- privk, SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION);
- break;
- case dsaKey:
- rv = SEC_DerSignData(arena, &result, encoding->data, encoding->len,
- privk, SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST);
- break;
- default:
- SECU_PrintError(progName, "Must use rsa or dsa key type");
- return SECFailure;
- }
-
- if (rv) {
- SECU_PrintError(progName, "signing of data failed");
- return SECFailure;
- }
-
- /* Encode request in specified format */
- if (ascii) {
- char *obuf;
- char *name, *email, *org, *state, *country;
- SECItem *it;
- int total;
-
- it = &result;
-
- obuf = BTOA_ConvertItemToAscii(it);
- total = PL_strlen(obuf);
-
- name = CERT_GetCommonName(subject);
- if (!name) {
- fprintf(stderr, "You must specify a common name\n");
- return SECFailure;
- }
-
- if (!phone)
- phone = strdup("(not specified)");
-
- email = CERT_GetCertEmailAddress(subject);
- if (!email)
- email = strdup("(not specified)");
-
- org = CERT_GetOrgName(subject);
- if (!org)
- org = strdup("(not specified)");
-
- state = CERT_GetStateName(subject);
- if (!state)
- state = strdup("(not specified)");
-
- country = CERT_GetCountryName(subject);
- if (!country)
- country = strdup("(not specified)");
-
- PR_fprintf(outFile,
- "\nCertificate request generated by Netscape certutil\n");
- PR_fprintf(outFile, "Phone: %s\n\n", phone);
- PR_fprintf(outFile, "Common Name: %s\n", name);
- PR_fprintf(outFile, "Email: %s\n", email);
- PR_fprintf(outFile, "Organization: %s\n", org);
- PR_fprintf(outFile, "State: %s\n", state);
- PR_fprintf(outFile, "Country: %s\n\n", country);
-
- PR_fprintf(outFile, "%s\n", NS_CERTREQ_HEADER);
- numBytes = PR_Write(outFile, obuf, total);
- if (numBytes != total) {
- SECU_PrintSystemError(progName, "write error");
- return SECFailure;
- }
- PR_fprintf(outFile, "%s\n", NS_CERTREQ_TRAILER);
- } else {
- numBytes = PR_Write(outFile, result.data, result.len);
- if (numBytes != (int)result.len) {
- SECU_PrintSystemError(progName, "write error");
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-ChangeTrustAttributes(CERTCertDBHandle *handle, char *name, char *trusts)
-{
- SECStatus rv;
- CERTCertificate *cert;
- CERTCertTrust *trust;
-
- cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
- if (!cert) {
- SECU_PrintError(progName, "could not find certificate named \"%s\"",
- name);
- return SECFailure;
- }
-
- trust = (CERTCertTrust *)PORT_ZAlloc(sizeof(CERTCertTrust));
- if (!trust) {
- SECU_PrintError(progName, "unable to allocate cert trust");
- return SECFailure;
- }
-
- /* This function only decodes these characters: pPwcTCu, */
- rv = CERT_DecodeTrustString(trust, trusts);
- if (rv) {
- SECU_PrintError(progName, "unable to decode trust string");
- return SECFailure;
- }
-
- rv = CERT_ChangeCertTrust(handle, cert, trust);
- if (rv) {
- SECU_PrintError(progName, "unable to modify trust attributes");
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-static SECStatus
-printCertCB(CERTCertificate *cert, void *arg)
-{
- SECStatus rv;
- SECItem data;
- CERTCertTrust *trust = (CERTCertTrust *)arg;
-
- data.data = cert->derCert.data;
- data.len = cert->derCert.len;
-
- rv = SECU_PrintSignedData(stdout, &data, "Certificate", 0,
- SECU_PrintCertificate);
- if (rv) {
- SECU_PrintError(progName, "problem printing certificate");
- return(SECFailure);
- }
- if (trust) {
- SECU_PrintTrustFlags(stdout, trust,
- "Certificate Trust Flags", 1);
- } else if (cert->trust) {
- SECU_PrintTrustFlags(stdout, cert->trust,
- "Certificate Trust Flags", 1);
- }
-
- printf("\n");
-
- return(SECSuccess);
-}
-
-static SECStatus
-listCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot,
- PRBool raw, PRBool ascii, PRFileDesc *outfile, void *pwarg)
-{
- CERTCertificate *cert;
- SECItem data;
- PRInt32 numBytes;
- SECStatus rv;
-
-#ifdef nodef
- /* For now, split handling of slot to internal vs. other. slot should
- * probably be allowed to be NULL so that all slots can be listed.
- * In that case, need to add a call to PK11_TraverseSlotCerts().
- */
- if (PK11_IsInternal(slot)) {
- if (name == NULL) {
- /* Print all certs in internal slot db. */
- rv = SECU_PrintCertificateNames(handle, PR_STDOUT,
- PR_FALSE, PR_TRUE);
- if (rv) {
- SECU_PrintError(progName,
- "problem printing certificate nicknames");
- return SECFailure;
- }
- } else if (raw || ascii) {
- /* Dump binary or ascii DER for the cert to stdout. */
- cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
- if (!cert) {
- SECU_PrintError(progName,
- "could not find certificate named \"%s\"", name);
- return SECFailure;
- }
- data.data = cert->derCert.data;
- data.len = cert->derCert.len;
- if (ascii) {
- PR_fprintf(outfile, "%s\n%s\n%s\n", NS_CERT_HEADER,
- BTOA_DataToAscii(data.data, data.len), NS_CERT_TRAILER);
- } else if (raw) {
- numBytes = PR_Write(outfile, data.data, data.len);
- if (numBytes != data.len) {
- SECU_PrintSystemError(progName, "error writing raw cert");
- return SECFailure;
- }
- }
- } else {
- /* Pretty-print cert. */
- rv = CERT_TraversePermCertsForNickname(handle, name, printCertCB,
- NULL);
- }
- } else {
-#endif
- /* List certs on a non-internal slot. */
- if ( PK11_IsFIPS() ||
- (!PK11_IsFriendly(slot) && PK11_NeedLogin(slot)) )
- PK11_Authenticate(slot, PR_TRUE, pwarg);
- if (name) {
- CERTCertificate *the_cert;
- the_cert = PK11_FindCertFromNickname(name, NULL);
- if (!the_cert) {
- SECU_PrintError(progName, "Could not find: %s\n", name);
- return SECFailure;
- }
- data.data = the_cert->derCert.data;
- data.len = the_cert->derCert.len;
- if (ascii) {
- PR_fprintf(outfile, "%s\n%s\n%s\n", NS_CERT_HEADER,
- BTOA_DataToAscii(data.data, data.len), NS_CERT_TRAILER);
- rv = SECSuccess;
- } else if (raw) {
- numBytes = PR_Write(outfile, data.data, data.len);
- if (numBytes != data.len) {
- SECU_PrintSystemError(progName, "error writing raw cert");
- rv = SECFailure;
- }
- rv = SECSuccess;
- } else {
- rv = printCertCB(the_cert, the_cert->trust);
- }
- } else {
- rv = PK11_TraverseCertsInSlot(slot, SECU_PrintCertNickname, stdout);
- }
- if (rv) {
- SECU_PrintError(progName, "problem printing certificate nicknames");
- return SECFailure;
- }
-#ifdef notdef
- }
-#endif
-
- return SECSuccess; /* not rv ?? */
-}
-
-static SECStatus
-ListCerts(CERTCertDBHandle *handle, char *name, PK11SlotInfo *slot,
- PRBool raw, PRBool ascii, PRFileDesc *outfile, secuPWData *pwdata)
-{
- SECStatus rv;
-
- if (slot == NULL) {
- PK11SlotList *list;
- PK11SlotListElement *le;
-
- list= PK11_GetAllTokens(CKM_INVALID_MECHANISM,
- PR_FALSE,PR_FALSE,pwdata);
- if (list) for (le = list->head; le; le = le->next) {
- rv = listCerts(handle,name,le->slot,raw,ascii,outfile,pwdata);
- }
- } else {
- rv = listCerts(handle,name,slot,raw,ascii,outfile,pwdata);
- }
- return rv;
-}
-
-
-static SECStatus
-DeleteCert(CERTCertDBHandle *handle, char *name)
-{
- SECStatus rv;
- CERTCertificate *cert;
-
- cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
- if (!cert) {
- SECU_PrintError(progName, "could not find certificate named \"%s\"",
- name);
- return SECFailure;
- }
-
- rv = SEC_DeletePermCertificate(cert);
- if (rv) {
- SECU_PrintError(progName, "unable to delete certificate");
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-static SECStatus
-ValidateCert(CERTCertDBHandle *handle, char *name, char *date,
- char *certUsage, PRBool checkSig, PRBool logit, secuPWData *pwdata)
-{
- SECStatus rv;
- CERTCertificate *cert;
- int64 timeBoundary;
- SECCertUsage usage;
- CERTVerifyLog reallog;
- CERTVerifyLog *log = NULL;
-
- switch (*certUsage) {
- case 'C':
- usage = certUsageSSLClient;
- break;
- case 'V':
- usage = certUsageSSLServer;
- break;
- case 'S':
- usage = certUsageEmailSigner;
- break;
- case 'R':
- usage = certUsageEmailRecipient;
- break;
- default:
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return (SECFailure);
- }
- do {
- cert = CERT_FindCertByNicknameOrEmailAddr(handle, name);
- if (!cert) {
- SECU_PrintError(progName, "could not find certificate named \"%s\"",
- name);
- GEN_BREAK (SECFailure)
- }
-
- if (date != NULL) {
- rv = DER_AsciiToTime(&timeBoundary, date);
- if (rv) {
- SECU_PrintError(progName, "invalid input date");
- GEN_BREAK (SECFailure)
- }
- } else {
- timeBoundary = PR_Now();
- }
-
- if ( logit ) {
- log = &reallog;
-
- log->count = 0;
- log->head = NULL;
- log->tail = NULL;
- log->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( log->arena == NULL ) {
- SECU_PrintError(progName, "out of memory");
- GEN_BREAK (SECFailure)
- }
- }
-
- rv = CERT_VerifyCert(handle, cert, checkSig, usage,
- timeBoundary, pwdata, log);
- if ( log ) {
- if ( log->head == NULL ) {
- fprintf(stdout, "%s: certificate is valid\n", progName);
- GEN_BREAK (SECSuccess)
- } else {
- char *name;
- CERTVerifyLogNode *node;
-
- node = log->head;
- while ( node ) {
- if ( node->cert->nickname != NULL ) {
- name = node->cert->nickname;
- } else {
- name = node->cert->subjectName;
- }
- fprintf(stderr, "%s : %s\n", name,
- SECU_Strerror(node->error));
- CERT_DestroyCertificate(node->cert);
- node = node->next;
- }
- }
- } else {
- if (rv != SECSuccess) {
- PRErrorCode perr = PORT_GetError();
- fprintf(stdout, "%s: certificate is invalid: %s\n",
- progName, SECU_Strerror(perr));
- GEN_BREAK (SECFailure)
- }
- fprintf(stdout, "%s: certificate is valid\n", progName);
- GEN_BREAK (SECSuccess)
- }
- } while (0);
-
- return (rv);
-}
-
-#ifdef notdef
-static SECStatus
-DumpPublicKey(int dbindex, char *nickname, FILE *out)
-{
- SECKEYLowPrivateKey *privKey;
- SECKEYLowPublicKey *publicKey;
-
- if (dbindex) {
- /*privKey = secu_GetPrivKeyFromIndex(dbindex);*/
- } else {
- privKey = GetPrivKeyFromNickname(nickname);
- }
- publicKey = SECKEY_LowConvertToPublicKey(privKey);
-
- /* Output public key (in the clear) */
- switch(publicKey->keyType) {
- case rsaKey:
- fprintf(out, "RSA Public-Key:\n");
- SECU_PrintInteger(out, &publicKey->u.rsa.modulus, "modulus", 1);
- SECU_PrintInteger(out, &publicKey->u.rsa.publicExponent,
- "publicExponent", 1);
- break;
- case dsaKey:
- fprintf(out, "DSA Public-Key:\n");
- SECU_PrintInteger(out, &publicKey->u.dsa.params.prime, "prime", 1);
- SECU_PrintInteger(out, &publicKey->u.dsa.params.subPrime,
- "subPrime", 1);
- SECU_PrintInteger(out, &publicKey->u.dsa.params.base, "base", 1);
- SECU_PrintInteger(out, &publicKey->u.dsa.publicValue, "publicValue", 1);
- break;
- default:
- fprintf(out, "unknown key type\n");
- break;
- }
- return SECSuccess;
-}
-
-static SECStatus
-DumpPrivateKey(int dbindex, char *nickname, FILE *out)
-{
- SECKEYLowPrivateKey *key;
- if (dbindex) {
- /*key = secu_GetPrivKeyFromIndex(dbindex);*/
- } else {
- key = GetPrivKeyFromNickname(nickname);
- }
-
- switch(key->keyType) {
- case rsaKey:
- fprintf(out, "RSA Private-Key:\n");
- SECU_PrintInteger(out, &key->u.rsa.modulus, "modulus", 1);
- SECU_PrintInteger(out, &key->u.rsa.publicExponent, "publicExponent", 1);
- SECU_PrintInteger(out, &key->u.rsa.privateExponent,
- "privateExponent", 1);
- SECU_PrintInteger(out, &key->u.rsa.prime1, "prime1", 1);
- SECU_PrintInteger(out, &key->u.rsa.prime2, "prime2", 1);
- SECU_PrintInteger(out, &key->u.rsa.exponent1, "exponent2", 1);
- SECU_PrintInteger(out, &key->u.rsa.exponent2, "exponent2", 1);
- SECU_PrintInteger(out, &key->u.rsa.coefficient, "coefficient", 1);
- break;
- case dsaKey:
- fprintf(out, "DSA Private-Key:\n");
- SECU_PrintInteger(out, &key->u.dsa.params.prime, "prime", 1);
- SECU_PrintInteger(out, &key->u.dsa.params.subPrime, "subPrime", 1);
- SECU_PrintInteger(out, &key->u.dsa.params.base, "base", 1);
- SECU_PrintInteger(out, &key->u.dsa.publicValue, "publicValue", 1);
- SECU_PrintInteger(out, &key->u.dsa.privateValue, "privateValue", 1);
- break;
- default:
- fprintf(out, "unknown key type\n");
- break;
- }
- return SECSuccess;
-}
-#endif
-
-static SECStatus
-printKeyCB(SECKEYPublicKey *key, SECItem *data, void *arg)
-{
- if (key->keyType == rsaKey) {
- fprintf(stdout, "RSA Public-Key:\n");
- SECU_PrintInteger(stdout, &key->u.rsa.modulus, "modulus", 1);
- } else {
- fprintf(stdout, "DSA Public-Key:\n");
- SECU_PrintInteger(stdout, &key->u.dsa.publicValue, "publicValue", 1);
- }
- return SECSuccess;
-}
-
-/* callback for listing certs through pkcs11 */
-SECStatus
-secu_PrintKeyFromCert(CERTCertificate *cert, void *data)
-{
- FILE *out;
- SECKEYPrivateKey *key;
-
- out = (FILE *)data;
- key = PK11_FindPrivateKeyFromCert(PK11_GetInternalKeySlot(), cert, NULL);
- if (!key) {
- fprintf(out, "XXX could not extract key for %s.\n", cert->nickname);
- return SECFailure;
- }
- /* XXX should have a type field also */
- fprintf(out, "<%d> %s\n", 0, cert->nickname);
-
- return SECSuccess;
-}
-
-static SECStatus
-listKeys(PK11SlotInfo *slot, KeyType keyType, void *pwarg)
-{
- SECStatus rv = SECSuccess;
-
-#ifdef notdef
- if (PK11_IsInternal(slot)) {
- /* Print all certs in internal slot db. */
- rv = SECU_PrintKeyNames(SECKEY_GetDefaultKeyDB(), stdout);
- if (rv) {
- SECU_PrintError(progName, "problem listing keys");
- return SECFailure;
- }
- } else {
-#endif
- /* XXX need a function as below */
- /* could iterate over certs on slot and print keys */
- /* this would miss stranded keys */
- /*rv = PK11_TraverseSlotKeys(slotname, keyType, printKeyCB, NULL, NULL);*/
- if (PK11_NeedLogin(slot))
- PK11_Authenticate(slot, PR_TRUE, pwarg);
- rv = PK11_TraverseCertsInSlot(slot, secu_PrintKeyFromCert, stdout);
- if (rv) {
- SECU_PrintError(progName, "problem listing keys");
- return SECFailure;
- }
- return SECSuccess;
-#ifdef notdef
- }
- return rv;
-#endif
-}
-
-static SECStatus
-ListKeys(PK11SlotInfo *slot, char *keyname, int index,
- KeyType keyType, PRBool dopriv, secuPWData *pwdata)
-{
- SECStatus rv = SECSuccess;
-
-#ifdef notdef
- if (keyname) {
- if (dopriv) {
- return DumpPrivateKey(index, keyname, stdout);
- } else {
- return DumpPublicKey(index, keyname, stdout);
- }
- }
-#endif
- /* For now, split handling of slot to internal vs. other. slot should
- * probably be allowed to be NULL so that all slots can be listed.
- * In that case, need to add a call to PK11_TraverseSlotCerts().
- */
- if (slot == NULL) {
- PK11SlotList *list;
- PK11SlotListElement *le;
-
- list= PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,pwdata);
- if (list) for (le = list->head; le; le = le->next) {
- rv = listKeys(le->slot,keyType,pwdata);
- }
- } else {
- rv = listKeys(slot,keyType,pwdata);
- }
- return rv;
-}
-
-static SECStatus
-DeleteKey(char *nickname, secuPWData *pwdata)
-{
- SECStatus rv;
- CERTCertificate *cert;
- PK11SlotInfo *slot;
-
- slot = PK11_GetInternalKeySlot();
- if (PK11_NeedLogin(slot))
- PK11_Authenticate(slot, PR_TRUE, pwdata);
- cert = PK11_FindCertFromNickname(nickname, pwdata);
- if (!cert) return SECFailure;
- rv = PK11_DeleteTokenCertAndKey(cert, pwdata);
- if (rv != SECSuccess) {
- SECU_PrintError("problem deleting private key \"%s\"\n", nickname);
- }
- return rv;
-}
-
-
-/*
- * L i s t M o d u l e s
- *
- * Print a list of the PKCS11 modules that are
- * available. This is useful for smartcard people to
- * make sure they have the drivers loaded.
- *
- */
-static SECStatus
-ListModules(void)
-{
- PK11SlotList *list;
- PK11SlotListElement *le;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,NULL);
- if (list == NULL) return SECFailure;
-
- /* look at each slot*/
- for (le = list->head ; le; le = le->next) {
- printf ("\n");
- printf (" slot: %s\n", PK11_GetSlotName(le->slot));
- printf (" token: %s\n", PK11_GetTokenName(le->slot));
- }
- PK11_FreeSlotList(list);
-
- return SECSuccess;
-}
-
-static void
-Usage(char *progName)
-{
-#define FPS fprintf(stderr,
- FPS "Type %s -H for more detailed descriptions\n", progName);
- FPS "Usage: %s -N [-d certdir] [-P dbprefix] [-f pwfile]\n", progName);
- FPS "Usage: %s -T [-d certdir] [-P dbprefix] [-h token-name] [-f pwfile]\n", progName);
- FPS "\t%s -A -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n",
- progName);
- FPS "\t%s -C [-c issuer-name | -x] -i cert-request-file -o cert-file\n"
- "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n"
- "\t\t [-f pwfile] [-d certdir] [-P dbprefix] [-1] [-2] [-3] [-4] [-5] [-6]\n",
- progName);
- FPS "\t%s -D -n cert-name [-d certdir] [-P dbprefix]\n", progName);
- FPS "\t%s -E -n cert-name -t trustargs [-d certdir] [-P dbprefix] [-a] [-i input]\n",
- progName);
- FPS "\t%s -G -n key-name [-h token-name] [-k rsa] [-g key-size] [-y exp]\n"
- "\t\t [-f pwfile] [-z noisefile] [-d certdir] [-P dbprefix]\n", progName);
- FPS "\t%s -G [-h token-name] -k dsa [-q pqgfile -g key-size] [-f pwfile]\n"
- "\t\t [-z noisefile] [-d certdir] [-P dbprefix]\n", progName);
- FPS "\t%s -K [-n key-name] [-h token-name] [-k dsa|rsa|all]\n",
- progName);
- FPS "\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n");
- FPS "\t%s -L [-n cert-name] [-d certdir] [-P dbprefix] [-r] [-a]\n", progName);
- FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n",
- progName);
- FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n"
- "\t\t [-k key-type] [-h token-name] [-f pwfile] [-g key-size]\n",
- progName);
- FPS "\t%s -V -n cert-name -u usage [-b time] [-e] [-d certdir] [-P dbprefix]\n",
- progName);
- FPS "\t%s -S -n cert-name -s subj [-c issuer-name | -x] -t trustargs\n"
- "\t\t [-k key-type] [-h token-name] [-g key-size]\n"
- "\t\t [-m serial-number] [-w warp-months] [-v months-valid]\n"
- "\t\t [-f pwfile] [-d certdir] [-P dbprefix]\n"
- "\t\t [-p phone] [-1] [-2] [-3] [-4] [-5] [-6]\n",
- progName);
- FPS "\t%s -U [-d certdir] [-P dbprefix]\n", progName);
- exit(1);
-}
-
-static void LongUsage(char *progName)
-{
-
- FPS "%-15s Add a certificate to the database (create if needed)\n",
- "-A");
- FPS "%-15s Add an Email certificate to the database (create if needed)\n",
- "-E");
- FPS "%-20s Specify the nickname of the certificate to add\n",
- " -n cert-name");
- FPS "%-20s Set the certificate trust attributes:\n",
- " -t trustargs");
- FPS "%-25s p \t valid peer\n", "");
- FPS "%-25s P \t trusted peer (implies p)\n", "");
- FPS "%-25s c \t valid CA\n", "");
- FPS "%-25s T \t trusted CA to issue client certs (implies c)\n", "");
- FPS "%-25s C \t trusted CA to issue server certs (implies c)\n", "");
- FPS "%-25s u \t user cert\n", "");
- FPS "%-25s w \t send warning\n", "");
-#ifdef DEBUG_NSSTEAM_ONLY
- FPS "%-25s g \t make step-up cert\n", "");
-#endif /* DEBUG_NSSTEAM_ONLY */
- FPS "%-20s Specify the password file\n",
- " -f pwfile");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s The input certificate is encoded in ASCII (RFC1113)\n",
- " -a");
- FPS "%-20s Specify the certificate file (default is stdin)\n",
- " -i input");
- FPS "\n");
-
- FPS "%-15s Create a new binary certificate from a BINARY cert request\n",
- "-C");
- FPS "%-20s The nickname of the issuer cert\n",
- " -c issuer-name");
- FPS "%-20s The BINARY certificate request file\n",
- " -i cert-request ");
- FPS "%-20s Output binary cert to this file (default is stdout)\n",
- " -o output-cert");
- FPS "%-20s Self sign\n",
- " -x");
- FPS "%-20s Cert serial number\n",
- " -m serial-number");
- FPS "%-20s Time Warp\n",
- " -w warp-months");
- FPS "%-20s Months valid (default is 3)\n",
- " -v months-valid");
- FPS "%-20s Specify the password file\n",
- " -f pwfile");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s Create key usage extension\n",
- " -1 ");
- FPS "%-20s Create basic constraint extension\n",
- " -2 ");
- FPS "%-20s Create authority key ID extension\n",
- " -3 ");
- FPS "%-20s Create crl distribution point extension\n",
- " -4 ");
- FPS "%-20s Create netscape cert type extension\n",
- " -5 ");
- FPS "%-20s Create extended key usage extension\n",
- " -6 ");
- FPS "\n");
-
- FPS "%-15s Generate a new key pair\n",
- "-G");
- FPS "%-20s Name of token in which to generate key (default is internal)\n",
- " -h token-name");
- FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n",
- " -k key-type");
- FPS "%-20s Key size in bits, (min %d, max %d, default %d)\n",
- " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS);
- FPS "%-20s Set the public exponent value (3, 17, 65537) (rsa only)\n",
- " -y exp");
- FPS "%-20s Specify the password file\n",
- " -f password-file");
- FPS "%-20s Specify the noise file to be used\n",
- " -z noisefile");
- FPS "%-20s read PQG value from pqgfile (dsa only)\n",
- " -q pqgfile");
- FPS "%-20s Key database directory (default is ~/.netscape)\n",
- " -d keydir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
-
- FPS "%-15s Delete a certificate from the database\n",
- "-D");
- FPS "%-20s The nickname of the cert to delete\n",
- " -n cert-name");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
-
- FPS "%-15s List all modules\n", /*, or print out a single named module\n",*/
- "-U");
- FPS "%-20s Module database directory (default is '~/.netscape')\n",
- " -d moddir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
-
- FPS "%-15s List all keys\n", /*, or print out a single named key\n",*/
- "-K");
- FPS "%-20s Name of token in which to look for keys (default is internal,"
- " use \"all\" to list keys on all tokens)\n",
- " -h token-name ");
- FPS "%-20s Type of key pair to list (\"all\", \"dsa\", \"rsa\" (default))\n",
- " -k key-type");
- FPS "%-20s Specify the password file\n",
- " -f password-file");
- FPS "%-20s Key database directory (default is ~/.netscape)\n",
- " -d keydir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
-
- FPS "%-15s List all certs, or print out a single named cert\n",
- "-L");
- FPS "%-20s Pretty print named cert (list all if unspecified)\n",
- " -n cert-name");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s For single cert, print binary DER encoding\n",
- " -r");
- FPS "%-20s For single cert, print ASCII encoding (RFC1113)\n",
- " -a");
- FPS "\n");
-
- FPS "%-15s Modify trust attributes of certificate\n",
- "-M");
- FPS "%-20s The nickname of the cert to modify\n",
- " -n cert-name");
- FPS "%-20s Set the certificate trust attributes (see -A above)\n",
- " -t trustargs");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
-
- FPS "%-15s Create a new certificate database\n",
- "-N");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
- FPS "%-15s Reset the Key database or token\n",
- "-T");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s Token to reset (default is internal)\n"
- " -h token-name");
- FPS "\n");
-
- FPS "%-15s Generate a certificate request (stdout)\n",
- "-R");
- FPS "%-20s Specify the subject name (using RFC1485)\n",
- " -s subject");
- FPS "%-20s Output the cert request to this file\n",
- " -o output-req");
- FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n",
- " -k key-type");
- FPS "%-20s Name of token in which to generate key (default is internal)\n",
- " -h token-name");
- FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n",
- " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS);
- FPS "%-20s Specify the password file\n",
- " -f pwfile");
- FPS "%-20s Key database directory (default is ~/.netscape)\n",
- " -d keydir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n",
- " -p phone");
- FPS "%-20s Output the cert request in ASCII (RFC1113); default is binary\n",
- " -a");
- FPS "\n");
-
- FPS "%-15s Validate a certificate\n",
- "-V");
- FPS "%-20s The nickname of the cert to Validate\n",
- " -n cert-name");
- FPS "%-20s validity time (\"YYMMDDHHMMSS[+HHMM|-HHMM|Z]\")\n",
- " -b time");
- FPS "%-20s Check certificate signature \n",
- " -e ");
- FPS "%-20s Specify certificate usage:\n", " -u certusage");
- FPS "%-25s C \t SSL Client\n", "");
- FPS "%-25s V \t SSL Server\n", "");
- FPS "%-25s S \t Email signer\n", "");
- FPS "%-25s R \t Email Recipient\n", "");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "\n");
-
- FPS "%-15s Make a certificate and add to database\n",
- "-S");
- FPS "%-20s Specify the nickname of the cert\n",
- " -n key-name");
- FPS "%-20s Specify the subject name (using RFC1485)\n",
- " -s subject");
- FPS "%-20s The nickname of the issuer cert\n",
- " -c issuer-name");
- FPS "%-20s Set the certificate trust attributes (see -A above)\n",
- " -t trustargs");
- FPS "%-20s Type of key pair to generate (\"dsa\", \"rsa\" (default))\n",
- " -k key-type");
- FPS "%-20s Name of token in which to generate key (default is internal)\n",
- " -h token-name");
- FPS "%-20s Key size in bits, RSA keys only (min %d, max %d, default %d)\n",
- " -g key-size", MIN_KEY_BITS, MAX_KEY_BITS, DEFAULT_KEY_BITS);
- FPS "%-20s Self sign\n",
- " -x");
- FPS "%-20s Cert serial number\n",
- " -m serial-number");
- FPS "%-20s Time Warp\n",
- " -w warp-months");
- FPS "%-20s Months valid (default is 3)\n",
- " -v months-valid");
- FPS "%-20s Specify the password file\n",
- " -f pwfile");
- FPS "%-20s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-20s Cert & Key database prefix\n",
- " -P dbprefix");
- FPS "%-20s Specify the contact phone number (\"123-456-7890\")\n",
- " -p phone");
- FPS "%-20s Create key usage extension\n",
- " -1 ");
- FPS "%-20s Create basic constraint extension\n",
- " -2 ");
- FPS "%-20s Create authority key ID extension\n",
- " -3 ");
- FPS "%-20s Create crl distribution point extension\n",
- " -4 ");
- FPS "%-20s Create netscape cert type extension\n",
- " -5 ");
- FPS "%-20s Create extended key usage extension\n",
- " -6 ");
- FPS "\n");
-
- exit(1);
-#undef FPS
-}
-
-
-static CERTCertificate *
-MakeV1Cert( CERTCertDBHandle * handle,
- CERTCertificateRequest *req,
- char * issuerNickName,
- PRBool selfsign,
- int serialNumber,
- int warpmonths,
- int validitylength)
-{
- CERTCertificate *issuerCert = NULL;
- CERTValidity *validity;
- CERTCertificate *cert = NULL;
-#ifndef NSPR20
- PRTime printableTime;
- int64 now, after;
-#else
- PRExplodedTime printableTime;
- PRTime now, after;
-#endif
-
-
-
- if ( !selfsign ) {
- issuerCert = CERT_FindCertByNicknameOrEmailAddr(handle, issuerNickName);
- if (!issuerCert) {
- SECU_PrintError(progName, "could not find certificate named \"%s\"",
- issuerNickName);
- return NULL;
- }
- }
-
- now = PR_Now();
-#ifndef NSPR20
- PR_ExplodeGMTTime (&printableTime, now);
-#else
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
-#endif
- if ( warpmonths ) {
-#ifndef NSPR20
- printableTime.tm_mon += warpmonths;
- now = PR_ImplodeTime (&printableTime, 0, 0);
- PR_ExplodeGMTTime (&printableTime, now);
-#else
- printableTime.tm_month += warpmonths;
- now = PR_ImplodeTime (&printableTime);
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
-#endif
- }
-#ifndef NSPR20
- printableTime.tm_mon += validitylength;
- printableTime.tm_mon += 3;
- after = PR_ImplodeTime (&printableTime, 0, 0);
-
-#else
- printableTime.tm_month += validitylength;
- printableTime.tm_month += 3;
- after = PR_ImplodeTime (&printableTime);
-#endif
-
- /* note that the time is now in micro-second unit */
- validity = CERT_CreateValidity (now, after);
-
- if ( selfsign ) {
- cert = CERT_CreateCertificate
- (serialNumber,&(req->subject), validity, req);
- } else {
- cert = CERT_CreateCertificate
- (serialNumber,&(issuerCert->subject), validity, req);
- }
-
- CERT_DestroyValidity(validity);
- if ( issuerCert ) {
- CERT_DestroyCertificate (issuerCert);
- }
-
- return(cert);
-}
-
-static SECStatus
-AddKeyUsage (void *extHandle)
-{
- SECItem bitStringValue;
- unsigned char keyUsage = 0x0;
- char buffer[5];
- int value;
-
- while (1) {
- fprintf(stdout, "%-25s 0 - Digital Signature\n", "");
- fprintf(stdout, "%-25s 1 - Non-repudiation\n", "");
- fprintf(stdout, "%-25s 2 - Key encipherment\n", "");
- fprintf(stdout, "%-25s 3 - Data encipherment\n", "");
- fprintf(stdout, "%-25s 4 - Key agreement\n", "");
- fprintf(stdout, "%-25s 5 - Cert signning key\n", "");
- fprintf(stdout, "%-25s 6 - CRL signning key\n", "");
- fprintf(stdout, "%-25s Other to finish\n", "");
- if (gets (buffer)) {
- value = atoi (buffer);
- if (value < 0 || value > 6)
- break;
- keyUsage |= (0x80 >> value);
- }
- else { /* gets() returns NULL on EOF or error */
- break;
- }
- }
-
- bitStringValue.data = &keyUsage;
- bitStringValue.len = 1;
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- return (CERT_EncodeAndAddBitStrExtension
- (extHandle, SEC_OID_X509_KEY_USAGE, &bitStringValue,
- (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE));
-
-}
-
-
-static CERTOidSequence *
-CreateOidSequence(void)
-{
- CERTOidSequence *rv = (CERTOidSequence *)NULL;
- PRArenaPool *arena = (PRArenaPool *)NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if( (PRArenaPool *)NULL == arena ) {
- goto loser;
- }
-
- rv = (CERTOidSequence *)PORT_ArenaZAlloc(arena, sizeof(CERTOidSequence));
- if( (CERTOidSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->oids = (SECItem **)PORT_ArenaZAlloc(arena, sizeof(SECItem *));
- if( (SECItem **)NULL == rv->oids ) {
- goto loser;
- }
-
- rv->arena = arena;
- return rv;
-
- loser:
- if( (PRArenaPool *)NULL != arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return (CERTOidSequence *)NULL;
-}
-
-static SECStatus
-AddOidToSequence(CERTOidSequence *os, SECOidTag oidTag)
-{
- SECItem **oids;
- PRUint32 count = 0;
- SECOidData *od;
-
- od = SECOID_FindOIDByTag(oidTag);
- if( (SECOidData *)NULL == od ) {
- return SECFailure;
- }
-
- for( oids = os->oids; (SECItem *)NULL != *oids; oids++ ) {
- count++;
- }
-
- /* ArenaZRealloc */
-
- {
- PRUint32 i;
-
- oids = (SECItem **)PORT_ArenaZAlloc(os->arena, sizeof(SECItem *) * (count+2));
- if( (SECItem **)NULL == oids ) {
- return SECFailure;
- }
-
- for( i = 0; i < count; i++ ) {
- oids[i] = os->oids[i];
- }
-
- /* ArenaZFree(os->oids); */
- }
-
- os->oids = oids;
- os->oids[count] = &od->oid;
-
- return SECSuccess;
-}
-
-static SECItem *
-EncodeOidSequence(CERTOidSequence *os)
-{
- SECItem *rv;
- extern const SEC_ASN1Template CERT_OidSeqTemplate[];
-
- rv = (SECItem *)PORT_ArenaZAlloc(os->arena, sizeof(SECItem));
- if( (SECItem *)NULL == rv ) {
- goto loser;
- }
-
- if( !SEC_ASN1EncodeItem(os->arena, rv, os, CERT_OidSeqTemplate) ) {
- goto loser;
- }
-
- return rv;
-
- loser:
- return (SECItem *)NULL;
-}
-
-static SECStatus
-AddExtKeyUsage (void *extHandle)
-{
- char buffer[5];
- int value;
- CERTOidSequence *os;
- SECStatus rv;
- SECItem *item;
-
- os = CreateOidSequence();
- if( (CERTOidSequence *)NULL == os ) {
- return SECFailure;
- }
-
- while (1) {
- fprintf(stdout, "%-25s 0 - Server Auth\n", "");
- fprintf(stdout, "%-25s 1 - Client Auth\n", "");
- fprintf(stdout, "%-25s 2 - Code Signing\n", "");
- fprintf(stdout, "%-25s 3 - Email Protection\n", "");
- fprintf(stdout, "%-25s 4 - Timestamp\n", "");
- fprintf(stdout, "%-25s 5 - OSCP Responder\n", "");
-#ifdef DEBUG_NSSTEAM_ONLY
- fprintf(stdout, "%-25s 6 - Step-up\n", "");
-#endif /* DEBUG_NSSTEAM_ONLY */
- fprintf(stdout, "%-25s Other to finish\n", "");
-
- gets(buffer);
- value = atoi(buffer);
-
- switch( value ) {
- case 0:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_SERVER_AUTH);
- break;
- case 1:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH);
- break;
- case 2:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_CODE_SIGN);
- break;
- case 3:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT);
- break;
- case 4:
- rv = AddOidToSequence(os, SEC_OID_EXT_KEY_USAGE_TIME_STAMP);
- break;
- case 5:
- rv = AddOidToSequence(os, SEC_OID_OCSP_RESPONDER);
- break;
-#ifdef DEBUG_NSSTEAM_ONLY
- case 6:
- rv = AddOidToSequence(os, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED);
- break;
-#endif /* DEBUG_NSSTEAM_ONLY */
- default:
- goto endloop;
- }
-
- if( SECSuccess != rv ) goto loser;
- }
-
- endloop:;
- item = EncodeOidSequence(os);
-
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- rv = CERT_AddExtension(extHandle, SEC_OID_X509_EXT_KEY_USAGE, item,
- ((buffer[0] == 'y' || buffer[0] == 'Y')
- ? PR_TRUE : PR_FALSE), PR_TRUE);
- /*FALLTHROUGH*/
- loser:
- CERT_DestroyOidSequence(os);
- return rv;
-}
-
-static SECStatus
-AddNscpCertType (void *extHandle)
-{
- SECItem bitStringValue;
- unsigned char keyUsage = 0x0;
- char buffer[5];
- int value;
-
- while (1) {
- fprintf(stdout, "%-25s 0 - SSL Client\n", "");
- fprintf(stdout, "%-25s 1 - SSL Server\n", "");
- fprintf(stdout, "%-25s 2 - S/MIME\n", "");
- fprintf(stdout, "%-25s 3 - Object Signing\n", "");
- fprintf(stdout, "%-25s 4 - Reserved for futuer use\n", "");
- fprintf(stdout, "%-25s 5 - SSL CA\n", "");
- fprintf(stdout, "%-25s 6 - S/MIME CA\n", "");
- fprintf(stdout, "%-25s 7 - Object Signing CA\n", "");
- fprintf(stdout, "%-25s Other to finish\n", "");
- gets (buffer);
- value = atoi (buffer);
- if (value < 0 || value > 7)
- break;
- keyUsage |= (0x80 >> value);
- }
-
- bitStringValue.data = &keyUsage;
- bitStringValue.len = 1;
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- return (CERT_EncodeAndAddBitStrExtension
- (extHandle, SEC_OID_NS_CERT_EXT_CERT_TYPE, &bitStringValue,
- (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE));
-
-}
-
-typedef SECStatus (* EXTEN_VALUE_ENCODER)
- (PRArenaPool *extHandle, void *value, SECItem *encodedValue);
-
-static SECStatus
-EncodeAndAddExtensionValue(
- PRArenaPool * arena,
- void * extHandle,
- void * value,
- PRBool criticality,
- int extenType,
- EXTEN_VALUE_ENCODER EncodeValueFn)
-{
- SECItem encodedValue;
- SECStatus rv;
-
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- do {
- rv = (*EncodeValueFn)(arena, value, &encodedValue);
- if (rv != SECSuccess)
- break;
-
- rv = CERT_AddExtension
- (extHandle, extenType, &encodedValue, criticality,PR_TRUE);
- } while (0);
-
- return (rv);
-}
-
-static SECStatus
-AddBasicConstraint(void *extHandle)
-{
- CERTBasicConstraints basicConstraint;
- SECItem encodedValue;
- SECStatus rv;
- char buffer[10];
-
- encodedValue.data = NULL;
- encodedValue.len = 0;
- do {
- basicConstraint.pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
- puts ("Is this a CA certificate [y/n]?");
- gets (buffer);
- basicConstraint.isCA = (buffer[0] == 'Y' || buffer[0] == 'y') ?
- PR_TRUE : PR_FALSE;
-
- puts ("Enter the path length constraint, enter to skip [<0 for unlimited path]:");
- gets (buffer);
- if (PORT_Strlen (buffer) > 0)
- basicConstraint.pathLenConstraint = atoi (buffer);
-
- rv = CERT_EncodeBasicConstraintValue (NULL, &basicConstraint, &encodedValue);
- if (rv)
- return (rv);
-
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
- rv = CERT_AddExtension
- (extHandle, SEC_OID_X509_BASIC_CONSTRAINTS,
- &encodedValue, (buffer[0] == 'y' || buffer[0] == 'Y') ?
- PR_TRUE : PR_FALSE ,PR_TRUE);
- } while (0);
- PORT_Free (encodedValue.data);
- return (rv);
-}
-
-static SECItem *
-SignCert(CERTCertDBHandle *handle,
-CERTCertificate *cert, PRBool selfsign,
-SECKEYPrivateKey *selfsignprivkey, char *issuerNickName, void *pwarg)
-{
- SECItem der;
- SECItem *result = NULL;
- SECKEYPrivateKey *caPrivateKey = NULL;
- SECStatus rv;
- PRArenaPool *arena;
- SECOidTag algID;
- void *dummy;
-
- if( selfsign ) {
- caPrivateKey = selfsignprivkey;
- } else {
- /*CERTCertificate *issuer = CERT_FindCertByNickname(handle, issuerNickName);*/
- CERTCertificate *issuer = PK11_FindCertFromNickname(issuerNickName, pwarg);
- if( (CERTCertificate *)NULL == issuer ) {
- SECU_PrintError(progName, "unable to find issuer with nickname %s",
- issuerNickName);
- return (SECItem *)NULL;
- }
-
- caPrivateKey = PK11_FindKeyByAnyCert(issuer, pwarg);
- if (caPrivateKey == NULL) {
- SECU_PrintError(progName, "unable to retrieve key %s", issuerNickName);
- return NULL;
- }
- }
-
- arena = cert->arena;
-
- switch(caPrivateKey->keyType) {
- case rsaKey:
- algID = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- break;
- case dsaKey:
- algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- fprintf(stderr, "Unknown key type for issuer.");
- goto done;
- break;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &cert->signature, algID, 0);
- if (rv != SECSuccess) {
- fprintf(stderr, "Could not set signature algorithm id.");
- goto done;
- }
-
- /* we only deal with cert v3 here */
- *(cert->version.data) = 2;
- cert->version.len = 1;
-
- der.len = 0;
- der.data = NULL;
- dummy = SEC_ASN1EncodeItem (arena, &der, cert, CERT_CertificateTemplate);
- if (!dummy) {
- fprintf (stderr, "Could not encode certificate.\n");
- goto done;
- }
-
- result = (SECItem *) PORT_ArenaZAlloc (arena, sizeof (SECItem));
- if (result == NULL) {
- fprintf (stderr, "Could not allocate item for certificate data.\n");
- goto done;
- }
-
- rv = SEC_DerSignData (arena, result, der.data, der.len, caPrivateKey,
- algID);
- if (rv != SECSuccess) {
- fprintf (stderr, "Could not sign encoded certificate data.\n");
- PORT_Free(result);
- result = NULL;
- goto done;
- }
- cert->derCert = *result;
-done:
- SECKEY_DestroyPrivateKey(caPrivateKey);
- return result;
-}
-
-static SECStatus
-AddAuthKeyID (void *extHandle)
-{
- CERTAuthKeyID *authKeyID = NULL;
- PRArenaPool *arena = NULL;
- SECStatus rv = SECSuccess;
- char buffer[512];
-
- do {
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- SECU_PrintError(progName, "out of memory");
- GEN_BREAK (SECFailure);
- }
-
- if (GetYesNo ("Enter value for the authKeyID extension [y/n]?\n") == 0)
- break;
-
- authKeyID = PORT_ArenaZAlloc (arena, sizeof (CERTAuthKeyID));
- if (authKeyID == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- rv = GetString (arena, "Enter value for the key identifier fields, enter to omit:",
- &authKeyID->keyID);
- if (rv != SECSuccess)
- break;
- authKeyID->authCertIssuer = GetGeneralName (arena);
- if (authKeyID->authCertIssuer == NULL && SECFailure == PORT_GetError ())
- break;
-
-
- rv = GetString (arena, "Enter value for the authCertSerial field, enter to omit:",
- &authKeyID->authCertSerialNumber);
-
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- rv = EncodeAndAddExtensionValue
- (arena, extHandle, authKeyID,
- (buffer[0] == 'y' || buffer[0] == 'Y') ? PR_TRUE : PR_FALSE,
- SEC_OID_X509_AUTH_KEY_ID,
- (EXTEN_VALUE_ENCODER) CERT_EncodeAuthKeyID);
- if (rv)
- break;
-
- } while (0);
- if (arena)
- PORT_FreeArena (arena, PR_FALSE);
- return (rv);
-}
-
-static SECStatus
-AddCrlDistPoint(void *extHandle)
-{
- PRArenaPool *arena = NULL;
- CERTCrlDistributionPoints *crlDistPoints = NULL;
- CRLDistributionPoint *current;
- SECStatus rv = SECSuccess;
- int count = 0, intValue;
- char buffer[5];
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena )
- return (SECFailure);
-
- do {
- current = NULL;
- current = PORT_ArenaZAlloc (arena, sizeof (*current));
- if (current == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- /* Get the distributionPointName fields - this field is optional */
- puts ("Enter the type of the distribution point name:\n");
- puts ("\t1 - Full Name\n\t2 - Relative Name\n\tOther - omit\n\t\tChoice: ");
- scanf ("%d", &intValue);
- switch (intValue) {
- case generalName:
- current->distPointType = intValue;
- current->distPoint.fullName = GetGeneralName (arena);
- rv = PORT_GetError();
- break;
-
- case relativeDistinguishedName: {
- CERTName *name;
- char buffer[512];
-
- current->distPointType = intValue;
- puts ("Enter the relative name: ");
- fflush (stdout);
- gets (buffer);
- /* For simplicity, use CERT_AsciiToName to converse from a string
- to NAME, but we only interest in the first RDN */
- name = CERT_AsciiToName (buffer);
- if (!name) {
- GEN_BREAK (SECFailure);
- }
- rv = CERT_CopyRDN (arena, &current->distPoint.relativeName, name->rdns[0]);
- CERT_DestroyName (name);
- break;
- }
- }
- if (rv != SECSuccess)
- break;
-
- /* Get the reason flags */
- puts ("\nSelect one of the following for the reason flags\n");
- puts ("\t0 - unused\n\t1 - keyCompromise\n\t2 - caCompromise\n\t3 - affiliationChanged\n");
- puts ("\t4 - superseded\n\t5 - cessationOfOperation\n\t6 - certificateHold\n");
- puts ("\tother - omit\t\tChoice: ");
-
- scanf ("%d", &intValue);
- if (intValue >= 0 && intValue <8) {
- current->reasons.data = PORT_ArenaAlloc (arena, sizeof(char));
- if (current->reasons.data == NULL) {
- GEN_BREAK (SECFailure);
- }
- *current->reasons.data = (char)(0x80 >> intValue);
- current->reasons.len = 1;
- }
- puts ("Enter value for the CRL Issuer name:\n");
- current->crlIssuer = GetGeneralName (arena);
- if (current->crlIssuer == NULL && (rv = PORT_GetError()) == SECFailure)
- break;
-
- if (crlDistPoints == NULL) {
- crlDistPoints = PORT_ArenaZAlloc (arena, sizeof (*crlDistPoints));
- if (crlDistPoints == NULL) {
- GEN_BREAK (SECFailure);
- }
- }
-
- crlDistPoints->distPoints = PORT_ArenaGrow (arena,
- crlDistPoints->distPoints,
- sizeof (*crlDistPoints->distPoints) * count,
- sizeof (*crlDistPoints->distPoints) *(count + 1));
- if (crlDistPoints->distPoints == NULL) {
- GEN_BREAK (SECFailure);
- }
-
- crlDistPoints->distPoints[count] = current;
- ++count;
- if (GetYesNo ("Enter more value for the CRL distribution point extension [y/n]\n") == 0) {
- /* Add null to the end of the crlDistPoints to mark end of data */
- crlDistPoints->distPoints = PORT_ArenaGrow(arena,
- crlDistPoints->distPoints,
- sizeof (*crlDistPoints->distPoints) * count,
- sizeof (*crlDistPoints->distPoints) *(count + 1));
- crlDistPoints->distPoints[count] = NULL;
- break;
- }
-
-
- } while (1);
-
- if (rv == SECSuccess) {
- buffer[0] = 'n';
- puts ("Is this a critical extension [y/n]? ");
- gets (buffer);
-
- rv = EncodeAndAddExtensionValue(arena, extHandle, crlDistPoints,
- (buffer[0] == 'Y' || buffer[0] == 'y') ? PR_TRUE : PR_FALSE,
- SEC_OID_X509_CRL_DIST_POINTS,
- (EXTEN_VALUE_ENCODER) CERT_EncodeCRLDistributionPoints);
- }
- if (arena)
- PORT_FreeArena (arena, PR_FALSE);
- return (rv);
-}
-
-static SECStatus
-CreateCert(
- CERTCertDBHandle *handle,
- char * issuerNickName,
- PRFileDesc *inFile,
- PRFileDesc *outFile,
- SECKEYPrivateKey *selfsignprivkey,
- void *pwarg,
- int serialNumber,
- int warpmonths,
- int validitylength,
- PRBool ascii,
- PRBool selfsign,
- PRBool keyUsage,
- PRBool extKeyUsage,
- PRBool basicConstraint,
- PRBool authKeyID,
- PRBool crlDistPoints,
- PRBool nscpCertType)
-{
- void * extHandle;
- SECItem * certDER;
- PRArenaPool *arena = NULL;
- CERTCertificate *subjectCert = NULL;
- /*CERTCertificate *issuerCert = NULL;*/
- CERTCertificateRequest *certReq = NULL;
- SECStatus rv = SECSuccess;
- SECItem reqDER;
-
- reqDER.data = NULL;
- do {
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- GEN_BREAK (SECFailure);
- }
-
- /* Create a certrequest object from the input cert request der */
- certReq = GetCertRequest(inFile, ascii);
- if (certReq == NULL) {
- GEN_BREAK (SECFailure)
- }
-
- subjectCert = MakeV1Cert (handle, certReq, issuerNickName, selfsign,
- serialNumber, warpmonths, validitylength);
- if (subjectCert == NULL) {
- GEN_BREAK (SECFailure)
- }
-
- extHandle = CERT_StartCertExtensions (subjectCert);
- if (extHandle == NULL) {
- GEN_BREAK (SECFailure)
- }
-
- /* Add key usage extension */
- if (keyUsage) {
- rv = AddKeyUsage(extHandle);
- if (rv)
- break;
- }
-
- /* Add extended key usage extension */
- if (extKeyUsage) {
- rv = AddExtKeyUsage(extHandle);
- if (rv)
- break;
- }
-
- /* Add basic constraint extension */
- if (basicConstraint) {
- rv = AddBasicConstraint(extHandle);
- if (rv)
- break;
- }
-
- if (authKeyID) {
- rv = AddAuthKeyID (extHandle);
- if (rv)
- break;
- }
-
-
- if (crlDistPoints) {
- rv = AddCrlDistPoint (extHandle);
- if (rv)
- break;
- }
-
- if (nscpCertType) {
- rv = AddNscpCertType(extHandle);
- if (rv)
- break;
- }
-
-
- CERT_FinishExtensions(extHandle);
-
- certDER = SignCert (handle, subjectCert, selfsign, selfsignprivkey, issuerNickName,pwarg);
-
- if (certDER) {
- if (ascii) {
- PR_fprintf(outFile, "%s\n%s\n%s\n", NS_CERT_HEADER,
- BTOA_DataToAscii(certDER->data, certDER->len), NS_CERT_TRAILER);
- } else {
- PR_Write(outFile, certDER->data, certDER->len);
- }
- }
-
- } while (0);
- CERT_DestroyCertificateRequest (certReq);
- CERT_DestroyCertificate (subjectCert);
- PORT_FreeArena (arena, PR_FALSE);
- if (rv != SECSuccess) {
- PRErrorCode perr = PR_GetError();
- fprintf(stderr, "%s: unable to create cert (%s)\n", progName,
- SECU_Strerror(perr));
- }
- return (rv);
-}
-
-/* Certutil commands */
-enum {
- cmd_AddCert = 0,
- cmd_CreateNewCert,
- cmd_DeleteCert,
- cmd_AddEmailCert,
- cmd_DeleteKey,
- cmd_GenKeyPair,
- cmd_PrintHelp,
- cmd_ListKeys,
- cmd_ListCerts,
- cmd_ModifyCertTrust,
- cmd_NewDBs,
- cmd_CertReq,
- cmd_CreateAndAddCert,
- cmd_TokenReset,
- cmd_ListModules,
- cmd_CheckCertValidity,
- cmd_ChangePassword,
- cmd_Version
-};
-
-/* Certutil options */
-enum {
- opt_SSOPass = 0,
- opt_AddKeyUsageExt,
- opt_AddBasicConstraintExt,
- opt_AddAuthorityKeyIDExt,
- opt_AddCRLDistPtsExt,
- opt_AddNSCertTypeExt,
- opt_AddExtKeyUsageExt,
- opt_ASCIIForIO,
- opt_ValidityTime,
- opt_IssuerName,
- opt_CertDir,
- opt_VerifySig,
- opt_PasswordFile,
- opt_KeySize,
- opt_TokenName,
- opt_InputFile,
- opt_KeyIndex,
- opt_KeyType,
- opt_DetailedInfo,
- opt_SerialNumber,
- opt_Nickname,
- opt_OutputFile,
- opt_PhoneNumber,
- opt_DBPrefix,
- opt_PQGFile,
- opt_BinaryDER,
- opt_Subject,
- opt_Trust,
- opt_Usage,
- opt_Validity,
- opt_OffsetMonths,
- opt_SelfSign,
- opt_Exponent,
- opt_NoiseFile
-};
-
-static secuCommandFlag certutil_commands[] =
-{
- { /* cmd_AddCert */ 'A', PR_FALSE, 0, PR_FALSE },
- { /* cmd_CreateNewCert */ 'C', PR_FALSE, 0, PR_FALSE },
- { /* cmd_DeleteCert */ 'D', PR_FALSE, 0, PR_FALSE },
- { /* cmd_AddEmailCert */ 'E', PR_FALSE, 0, PR_FALSE },
- { /* cmd_DeleteKey */ 'F', PR_FALSE, 0, PR_FALSE },
- { /* cmd_GenKeyPair */ 'G', PR_FALSE, 0, PR_FALSE },
- { /* cmd_PrintHelp */ 'H', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ListKeys */ 'K', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ListCerts */ 'L', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ModifyCertTrust */ 'M', PR_FALSE, 0, PR_FALSE },
- { /* cmd_NewDBs */ 'N', PR_FALSE, 0, PR_FALSE },
- { /* cmd_CertReq */ 'R', PR_FALSE, 0, PR_FALSE },
- { /* cmd_CreateAndAddCert */ 'S', PR_FALSE, 0, PR_FALSE },
- { /* cmd_TokenReset */ 'T', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ListModules */ 'U', PR_FALSE, 0, PR_FALSE },
- { /* cmd_CheckCertValidity */ 'V', PR_FALSE, 0, PR_FALSE },
- { /* cmd_ChangePassword */ 'W', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Version */ 'Y', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag certutil_options[] =
-{
- { /* opt_SSOPass */ '0', PR_TRUE, 0, PR_FALSE },
- { /* opt_AddKeyUsageExt */ '1', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddBasicConstraintExt*/ '2', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddAuthorityKeyIDExt*/ '3', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddCRLDistPtsExt */ '4', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddNSCertTypeExt */ '5', PR_FALSE, 0, PR_FALSE },
- { /* opt_AddExtKeyUsageExt */ '6', PR_FALSE, 0, PR_FALSE },
- { /* opt_ASCIIForIO */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_ValidityTime */ 'b', PR_TRUE, 0, PR_FALSE },
- { /* opt_IssuerName */ 'c', PR_TRUE, 0, PR_FALSE },
- { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_VerifySig */ 'e', PR_FALSE, 0, PR_FALSE },
- { /* opt_PasswordFile */ 'f', PR_TRUE, 0, PR_FALSE },
- { /* opt_KeySize */ 'g', PR_TRUE, 0, PR_FALSE },
- { /* opt_TokenName */ 'h', PR_TRUE, 0, PR_FALSE },
- { /* opt_InputFile */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_KeyIndex */ 'j', PR_TRUE, 0, PR_FALSE },
- { /* opt_KeyType */ 'k', PR_TRUE, 0, PR_FALSE },
- { /* opt_DetailedInfo */ 'l', PR_FALSE, 0, PR_FALSE },
- { /* opt_SerialNumber */ 'm', PR_TRUE, 0, PR_FALSE },
- { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE },
- { /* opt_OutputFile */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_PhoneNumber */ 'p', PR_TRUE, 0, PR_FALSE },
- { /* opt_DBPrefix */ 'P', PR_TRUE, 0, PR_FALSE },
- { /* opt_PQGFile */ 'q', PR_TRUE, 0, PR_FALSE },
- { /* opt_BinaryDER */ 'r', PR_FALSE, 0, PR_FALSE },
- { /* opt_Subject */ 's', PR_TRUE, 0, PR_FALSE },
- { /* opt_Trust */ 't', PR_TRUE, 0, PR_FALSE },
- { /* opt_Usage */ 'u', PR_TRUE, 0, PR_FALSE },
- { /* opt_Validity */ 'v', PR_TRUE, 0, PR_FALSE },
- { /* opt_OffsetMonths */ 'w', PR_TRUE, 0, PR_FALSE },
- { /* opt_SelfSign */ 'x', PR_FALSE, 0, PR_FALSE },
- { /* opt_Exponent */ 'y', PR_TRUE, 0, PR_FALSE },
- { /* opt_NoiseFile */ 'z', PR_TRUE, 0, PR_FALSE }
-};
-
-int
-main(int argc, char **argv)
-{
- CERTCertDBHandle *certHandle;
- PK11SlotInfo *slot = NULL;
- CERTName * subject = 0;
- PRFileDesc *inFile = 0;
- PRFileDesc *outFile = 0;
- char * certfile = "tempcert";
- char * certreqfile = "tempcertreq";
- char * slotname = "internal";
- char * certPrefix = "";
- KeyType keytype = rsaKey;
- /*char * keyslot = NULL;*/
- /*char * keynickname = NULL;*/
- char * name = NULL;
- int keysize = DEFAULT_KEY_BITS;
- int publicExponent = 0x010001;
- int serialNumber = 0;
- int warpmonths = 0;
- int validitylength = 0;
- int commandsEntered = 0;
- char commandToRun = '\0';
- secuPWData pwdata = { PW_NONE, 0 };
-
- SECKEYPrivateKey *privkey;
- SECKEYPublicKey *pubkey = NULL;
-
- int i;
- SECStatus rv;
-
- secuCommand certutil;
- certutil.numCommands = sizeof(certutil_commands) / sizeof(secuCommandFlag);
- certutil.numOptions = sizeof(certutil_options) / sizeof(secuCommandFlag);
- certutil.commands = certutil_commands;
- certutil.options = certutil_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &certutil);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- if (certutil.commands[cmd_PrintHelp].activated)
- LongUsage(progName);
-
- if (certutil.options[opt_PasswordFile].arg) {
- pwdata.source = PW_FROMFILE;
- pwdata.data = certutil.options[opt_PasswordFile].arg;
- }
-
- if (certutil.options[opt_CertDir].activated)
- SECU_ConfigDirectory(certutil.options[opt_CertDir].arg);
-
- if (certutil.options[opt_KeySize].activated) {
- keysize = PORT_Atoi(certutil.options[opt_KeySize].arg);
- if ((keysize < MIN_KEY_BITS) || (keysize > MAX_KEY_BITS)) {
- PR_fprintf(PR_STDERR,
- "%s -g: Keysize must be between %d and %d.\n",
- MIN_KEY_BITS, MAX_KEY_BITS);
- return 255;
- }
- }
-
- /* -h specify token name */
- if (certutil.options[opt_TokenName].activated) {
- if (PL_strcmp(certutil.options[opt_TokenName].arg, "all") == 0)
- slotname = NULL;
- else
- slotname = PL_strdup(certutil.options[opt_TokenName].arg);
- }
-
- /* -k key type */
- if (certutil.options[opt_KeyType].activated) {
- if (PL_strcmp(certutil.options[opt_KeyType].arg, "rsa") == 0) {
- keytype = rsaKey;
- } else if (PL_strcmp(certutil.options[opt_KeyType].arg, "dsa") == 0) {
- keytype = dsaKey;
- } else if (PL_strcmp(certutil.options[opt_KeyType].arg, "all") == 0) {
- keytype = nullKey;
- } else {
- PR_fprintf(PR_STDERR, "%s -k: %s is not a recognized type.\n",
- progName, certutil.options[opt_KeyType].arg);
- return 255;
- }
- }
-
- /* -m serial number */
- if (certutil.options[opt_SerialNumber].activated) {
- serialNumber = PORT_Atoi(certutil.options[opt_SerialNumber].arg);
- if (serialNumber < 0) {
- PR_fprintf(PR_STDERR, "%s -m: %s is not a valid serial number.\n",
- progName, certutil.options[opt_SerialNumber].arg);
- return 255;
- }
- }
-
- /* -P certdb name prefix */
- if (certutil.options[opt_DBPrefix].activated)
- certPrefix = strdup(certutil.options[opt_DBPrefix].arg);
-
- /* -q PQG file */
- if (certutil.options[opt_PQGFile].activated) {
- if (keytype != dsaKey) {
- PR_fprintf(PR_STDERR, "%s -q: PQG file is for DSA key (-k dsa).\n)",
- progName);
- return 255;
- }
- }
-
- /* -s subject name */
- if (certutil.options[opt_Subject].activated) {
- subject = CERT_AsciiToName(certutil.options[opt_Subject].arg);
- if (!subject) {
- PR_fprintf(PR_STDERR, "%s -s: improperly formatted name: \"%s\"\n",
- progName, certutil.options[opt_Subject].arg);
- return 255;
- }
- }
-
- /* -v validity period */
- if (certutil.options[opt_Validity].activated) {
- validitylength = PORT_Atoi(certutil.options[opt_Validity].arg);
- if (validitylength < 0) {
- PR_fprintf(PR_STDERR, "%s -v: incorrect validity period: \"%s\"\n",
- progName, certutil.options[opt_Validity].arg);
- return 255;
- }
- }
-
- /* -w warp months */
- if (certutil.options[opt_OffsetMonths].activated)
- warpmonths = PORT_Atoi(certutil.options[opt_OffsetMonths].arg);
-
- /* -y public exponent (for RSA) */
- if (certutil.options[opt_Exponent].activated) {
- publicExponent = PORT_Atoi(certutil.options[opt_Exponent].arg);
- if ((publicExponent != 3) &&
- (publicExponent != 17) &&
- (publicExponent != 65537)) {
- PR_fprintf(PR_STDERR, "%s -y: incorrect public exponent %d.",
- progName, publicExponent);
- PR_fprintf(PR_STDERR, "Must be 3, 17, or 65537.\n");
- return 255;
- }
- }
-
- /* Check number of commands entered. */
- commandsEntered = 0;
- for (i=0; i< certutil.numCommands; i++) {
- if (certutil.commands[i].activated) {
- commandToRun = certutil.commands[i].flag;
- commandsEntered++;
- }
- if (commandsEntered > 1)
- break;
- }
- if (commandsEntered > 1) {
- PR_fprintf(PR_STDERR, "%s: only one command at a time!\n", progName);
- PR_fprintf(PR_STDERR, "You entered: ");
- for (i=0; i< certutil.numCommands; i++) {
- if (certutil.commands[i].activated)
- PR_fprintf(PR_STDERR, " -%c", certutil.commands[i].flag);
- }
- PR_fprintf(PR_STDERR, "\n");
- return 255;
- }
- if (commandsEntered == 0) {
- PR_fprintf(PR_STDERR, "%s: you must enter a command!\n", progName);
- Usage(progName);
- }
-
- /* -A, -D, -F, -M, -S, -V, and all require -n */
- if ((certutil.commands[cmd_AddCert].activated ||
- certutil.commands[cmd_DeleteCert].activated ||
- certutil.commands[cmd_DeleteKey].activated ||
- certutil.commands[cmd_ModifyCertTrust].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_CheckCertValidity].activated) &&
- !certutil.options[opt_Nickname].activated) {
- PR_fprintf(PR_STDERR,
- "%s -%c: nickname is required for this command (-n).\n",
- progName, commandToRun);
- return 255;
- }
-
- /* -A, -E, -M, -S require trust */
- if ((certutil.commands[cmd_AddCert].activated ||
- certutil.commands[cmd_AddEmailCert].activated ||
- certutil.commands[cmd_ModifyCertTrust].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated) &&
- !certutil.options[opt_Trust].activated) {
- PR_fprintf(PR_STDERR,
- "%s -%c: trust is required for this command (-t).\n",
- progName, commandToRun);
- return 255;
- }
-
- /* if -L is given raw or ascii mode, it must be for only one cert. */
- if (certutil.commands[cmd_ListCerts].activated &&
- (certutil.options[opt_ASCIIForIO].activated ||
- certutil.options[opt_BinaryDER].activated) &&
- !certutil.options[opt_Nickname].activated) {
- PR_fprintf(PR_STDERR,
- "%s: nickname is required to dump cert in raw or ascii mode.\n",
- progName);
- return 255;
- }
-
- /* -L can only be in (raw || ascii). */
- if (certutil.commands[cmd_ListCerts].activated &&
- certutil.options[opt_ASCIIForIO].activated &&
- certutil.options[opt_BinaryDER].activated) {
- PR_fprintf(PR_STDERR,
- "%s: cannot specify both -r and -a when dumping cert.\n",
- progName);
- return 255;
- }
-
- /* For now, deny -C -x combination */
- if (certutil.commands[cmd_CreateNewCert].activated &&
- certutil.options[opt_SelfSign].activated) {
- PR_fprintf(PR_STDERR,
- "%s: self-signing a cert request is not supported.\n",
- progName);
- return 255;
- }
-
- /* If making a cert request, need a subject. */
- if ((certutil.commands[cmd_CertReq].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated) &&
- !certutil.options[opt_Subject].activated) {
- PR_fprintf(PR_STDERR,
- "%s -%c: subject is required to create a cert request.\n",
- progName, commandToRun);
- return 255;
- }
-
- /* If making a cert, need a serial number. */
- if ((certutil.commands[cmd_CreateNewCert].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated) &&
- !certutil.options[opt_SerialNumber].activated) {
- /* Make a default serial number from the current time. */
- PRTime now = PR_Now();
- serialNumber = LL_L2UI(serialNumber, now);
- }
-
- /* Validation needs the usage to validate for. */
- if (certutil.commands[cmd_CheckCertValidity].activated &&
- !certutil.options[opt_Usage].activated) {
- PR_fprintf(PR_STDERR,
- "%s -V: specify a usage to validate the cert for (-u).\n",
- progName);
- return 255;
- }
-
- /* To make a cert, need either a issuer or to self-sign it. */
- if (certutil.commands[cmd_CreateAndAddCert].activated &&
- !(certutil.options[opt_IssuerName].activated ||
- certutil.options[opt_SelfSign].activated)) {
- PR_fprintf(PR_STDERR,
- "%s -S: must specify issuer (-c) or self-sign (-x).\n",
- progName);
- return 255;
- }
-
- /* Using slotname == NULL for listing keys and certs on all slots,
- * but only that. */
- if (!(certutil.commands[cmd_ListKeys].activated ||
- certutil.commands[cmd_ListCerts].activated) && slotname == NULL) {
- PR_fprintf(PR_STDERR,
- "%s -%c: cannot use \"-h all\" for this command.\n",
- progName, commandToRun);
- return 255;
- }
-
- /* Using keytype == nullKey for list all key types, but only that. */
- if (!certutil.commands[cmd_ListKeys].activated && keytype == nullKey) {
- PR_fprintf(PR_STDERR,
- "%s -%c: cannot use \"-k all\" for this command.\n",
- progName, commandToRun);
- return 255;
- }
-
- /* -S open outFile, temporary file for cert request. */
- if (certutil.commands[cmd_CreateAndAddCert].activated) {
- outFile = PR_Open(certreqfile, PR_RDWR | PR_CREATE_FILE, 00660);
- if (!outFile) {
- PR_fprintf(PR_STDERR,
- "%s -o: unable to open \"%s\" for writing (%ld, %ld)\n",
- progName, certreqfile,
- PR_GetError(), PR_GetOSError());
- return 255;
- }
- }
-
- /* Open the input file. */
- if (certutil.options[opt_InputFile].activated) {
- inFile = PR_Open(certutil.options[opt_InputFile].arg, PR_RDONLY, 0);
- if (!inFile) {
- PR_fprintf(PR_STDERR,
- "%s: unable to open \"%s\" for reading (%ld, %ld).\n",
- progName, certutil.options[opt_InputFile].arg,
- PR_GetError(), PR_GetOSError());
- return 255;
- }
- }
-
- /* Open the output file. */
- if (certutil.options[opt_OutputFile].activated && !outFile) {
- outFile = PR_Open(certutil.options[opt_OutputFile].arg,
- PR_CREATE_FILE | PR_RDWR, 00660);
- if (!outFile) {
- PR_fprintf(PR_STDERR,
- "%s: unable to open \"%s\" for writing (%ld, %ld).\n",
- progName, certutil.options[opt_OutputFile].arg,
- PR_GetError(), PR_GetOSError());
- return 255;
- }
- }
-
- name = SECU_GetOptionArg(&certutil, opt_Nickname);
-
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- /* Initialize NSPR and NSS. */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Initialize(SECU_ConfigDirectory(NULL), certPrefix, certPrefix,
- "secmod.db", 0);
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return 255;
- }
- certHandle = CERT_GetDefaultCertDB();
-
- if (certutil.commands[cmd_Version].activated) {
- int version = CERT_GetDBContentVersion(certHandle);
- printf("Certificate database content version: %d\n", version);
- }
-
- if (PL_strcmp(slotname, "internal") == 0)
- slot = PK11_GetInternalKeySlot();
- else if (slotname != NULL)
- slot = PK11_FindSlotByName(slotname);
-
- /* If creating new database, initialize the password. */
- if (certutil.commands[cmd_NewDBs].activated) {
- SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg);
- }
-
- /* The following 8 options are mutually exclusive with all others. */
-
- /* List certs (-L) */
- if (certutil.commands[cmd_ListCerts].activated) {
- rv = ListCerts(certHandle, name, slot,
- certutil.options[opt_BinaryDER].activated,
- certutil.options[opt_ASCIIForIO].activated,
- (outFile) ? outFile : PR_STDOUT, &pwdata);
- return rv ? 255 : 0;
- }
- /* XXX needs work */
- /* List keys (-K) */
- if (certutil.commands[cmd_ListKeys].activated) {
- rv = ListKeys(slot, name, 0 /*keyindex*/, keytype, PR_FALSE /*dopriv*/,
- &pwdata);
- return rv ? 255 : 0;
- }
- /* List modules (-U) */
- if (certutil.commands[cmd_ListModules].activated) {
- rv = ListModules();
- return rv ? 255 : 0;
- }
- /* Delete cert (-D) */
- if (certutil.commands[cmd_DeleteCert].activated) {
- rv = DeleteCert(certHandle, name);
- return rv ? 255 : 0;
- }
- /* Delete key (-F) */
- if (certutil.commands[cmd_DeleteKey].activated) {
- rv = DeleteKey(name, &pwdata);
- return rv ? 255 : 0;
- }
- /* Modify trust attribute for cert (-M) */
- if (certutil.commands[cmd_ModifyCertTrust].activated) {
- rv = ChangeTrustAttributes(certHandle, name,
- certutil.options[opt_Trust].arg);
- return rv ? 255 : 0;
- }
- /* Change key db password (-W) (future - change pw to slot?) */
- if (certutil.commands[cmd_ChangePassword].activated) {
- rv = SECU_ChangePW(slot, 0, certutil.options[opt_PasswordFile].arg);
- return rv ? 255 : 0;
- }
- /* Reset the a token */
- if (certutil.commands[cmd_TokenReset].activated) {
- char *sso_pass = "";
-
- if (certutil.options[opt_SSOPass].activated) {
- sso_pass = certutil.options[opt_SSOPass].arg;
- }
- rv = PK11_ResetToken(slot,sso_pass);
-
- return !rv - 1;
- }
- /* Check cert validity against current time (-V) */
- if (certutil.commands[cmd_CheckCertValidity].activated) {
- /* XXX temporary hack for fips - must log in to get priv key */
- if (certutil.options[opt_VerifySig].activated) {
- if (PK11_NeedLogin(slot))
- PK11_Authenticate(slot, PR_TRUE, &pwdata);
- }
- rv = ValidateCert(certHandle, name,
- certutil.options[opt_ValidityTime].arg,
- certutil.options[opt_Usage].arg,
- certutil.options[opt_VerifySig].activated,
- certutil.options[opt_DetailedInfo].activated,
- &pwdata);
- return rv ? 255 : 0;
- }
-
- /*
- * Key generation
- */
-
- /* These commands require keygen. */
- if (certutil.commands[cmd_CertReq].activated ||
- certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_GenKeyPair].activated) {
- /* XXX Give it a nickname. */
- privkey =
- CERTUTIL_GeneratePrivateKey(keytype, slot, keysize,
- publicExponent,
- certutil.options[opt_NoiseFile].arg,
- &pubkey,
- certutil.options[opt_PQGFile].arg,
- &pwdata);
- if (privkey == NULL) {
- SECU_PrintError(progName, "unable to generate key(s)\n");
- return 255;
- }
- privkey->wincx = &pwdata;
- PORT_Assert(pubkey != NULL);
-
- /* If all that was needed was keygen, exit. */
- if (certutil.commands[cmd_GenKeyPair].activated) {
- return SECSuccess;
- }
- }
-
- /*
- * Certificate request
- */
-
- /* Make a cert request (-R or -S). */
- if (certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_CertReq].activated) {
- rv = CertReq(privkey, pubkey, keytype, subject,
- certutil.options[opt_PhoneNumber].arg,
- certutil.options[opt_ASCIIForIO].activated,
- outFile ? outFile : PR_STDOUT);
- if (rv)
- return 255;
- privkey->wincx = &pwdata;
- }
-
- /*
- * Certificate creation
- */
-
- /* If making and adding a cert, load the cert request file
- * and output the cert to another file.
- */
- if (certutil.commands[cmd_CreateAndAddCert].activated) {
- PR_Close(outFile);
- inFile = PR_Open(certreqfile, PR_RDONLY, 0);
- if (!inFile) {
- PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n",
- certreqfile, PR_GetError(), PR_GetOSError());
- return 255;
- }
- outFile = PR_Open(certfile, PR_RDWR | PR_CREATE_FILE, 00660);
- if (!outFile) {
- PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n",
- certfile, PR_GetError(), PR_GetOSError());
- return 255;
- }
- }
-
- /* Create a certificate (-C or -S). */
- if (certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_CreateNewCert].activated) {
- rv = CreateCert(certHandle,
- certutil.options[opt_IssuerName].arg,
- inFile, outFile, privkey, &pwdata,
- serialNumber, warpmonths, validitylength,
- certutil.options[opt_ASCIIForIO].activated,
- certutil.options[opt_SelfSign].activated,
- certutil.options[opt_AddKeyUsageExt].activated,
- certutil.options[opt_AddExtKeyUsageExt].activated,
- certutil.options[opt_AddBasicConstraintExt].activated,
- certutil.options[opt_AddAuthorityKeyIDExt].activated,
- certutil.options[opt_AddCRLDistPtsExt].activated,
- certutil.options[opt_AddNSCertTypeExt].activated);
- if (rv)
- return 255;
- }
-
- /*
- * Adding a cert to the database (or slot)
- */
-
- if (certutil.commands[cmd_CreateAndAddCert].activated) {
- PR_Close(inFile);
- PR_Close(outFile);
- inFile = PR_Open(certfile, PR_RDONLY, 0);
- if (!inFile) {
- PR_fprintf(PR_STDERR, "Failed to open file \"%s\" (%ld, %ld).\n",
- certfile, PR_GetError(), PR_GetOSError());
- return 255;
- }
- }
-
- if (certutil.commands[cmd_CreateAndAddCert].activated ||
- certutil.commands[cmd_AddCert].activated ||
- certutil.commands[cmd_AddEmailCert].activated) {
- rv = AddCert(slot, certHandle, name,
- certutil.options[opt_Trust].arg,
- inFile,
- certutil.options[opt_ASCIIForIO].activated,
- certutil.commands[cmd_AddEmailCert].activated,&pwdata);
- if (rv)
- return 255;
- }
-
- if (certutil.commands[cmd_CreateAndAddCert].activated) {
- PR_Close(inFile);
- PR_Delete(certfile);
- PR_Delete(certreqfile);
- }
-
-#ifdef notdef
- if ( certHandle ) {
- CERT_ClosePermCertDB(certHandle);
- }
-#else
- NSS_Shutdown();
-#endif
-
- return rv;
-}
diff --git a/security/nss/cmd/certutil/keystuff.c b/security/nss/cmd/certutil/keystuff.c
deleted file mode 100644
index 2926f8f1b..000000000
--- a/security/nss/cmd/certutil/keystuff.c
+++ /dev/null
@@ -1,377 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#include <sys/time.h>
-#include <termios.h>
-#endif
-
-#if defined(XP_WIN) || defined (XP_PC)
-#include <time.h>
-#include <conio.h>
-#endif
-
-#if defined(__sun) && !defined(SVR4)
-extern int fclose(FILE*);
-extern int fprintf(FILE *, char *, ...);
-extern int isatty(int);
-extern char *sys_errlist[];
-#define strerror(errno) sys_errlist[errno]
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "pk11func.h"
-#include "secrng.h"
-#include "pqgutil.h"
-
-#define NUM_KEYSTROKES 120
-#define RAND_BUF_SIZE 60
-
-#define ERROR_BREAK rv = SECFailure;break;
-
-/* returns 0 for success, -1 for failure (EOF encountered) */
-static int
-UpdateRNG(void)
-{
- char * randbuf;
- int fd, i, count;
- int c;
- int rv = 0;
-#ifdef XP_UNIX
- cc_t orig_cc_min;
- cc_t orig_cc_time;
- tcflag_t orig_lflag;
- struct termios tio;
-#endif
-
-#define FPS fprintf(stderr,
- FPS "\n");
- FPS "A random seed must be generated that will be used in the\n");
- FPS "creation of your key. One of the easiest ways to create a\n");
- FPS "random seed is to use the timing of keystrokes on a keyboard.\n");
- FPS "\n");
- FPS "To begin, type keys on the keyboard until this progress meter\n");
- FPS "is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!\n");
- FPS "\n");
- FPS "\n");
- FPS "Continue typing until the progress meter is full:\n\n");
- FPS "| |\r");
-
- /* turn off echo on stdin & return on 1 char instead of NL */
- fd = fileno(stdin);
-
-#if defined(XP_UNIX) && !defined(VMS)
- tcgetattr(fd, &tio);
- orig_lflag = tio.c_lflag;
- orig_cc_min = tio.c_cc[VMIN];
- orig_cc_time = tio.c_cc[VTIME];
- tio.c_lflag &= ~ECHO;
- tio.c_lflag &= ~ICANON;
- tio.c_cc[VMIN] = 1;
- tio.c_cc[VTIME] = 0;
- tcsetattr(fd, TCSAFLUSH, &tio);
-#endif
-
- /* Get random noise from keyboard strokes */
- randbuf = (char *) PORT_Alloc(RAND_BUF_SIZE);
- count = 0;
- while (count < NUM_KEYSTROKES+1) {
-#ifdef VMS
- c = GENERIC_GETCHAR_NOECHO();
-#elif XP_UNIX
- c = getc(stdin);
-#else
- c = getch();
-#endif
- if (c == EOF) {
- rv = -1;
- break;
- }
- RNG_GetNoise(&randbuf[1], sizeof(randbuf)-1);
- RNG_RandomUpdate(randbuf, sizeof(randbuf));
- if (c != randbuf[0]) {
- randbuf[0] = c;
- FPS "\r|");
- for (i=0; i<count/(NUM_KEYSTROKES/RAND_BUF_SIZE); i++) {
- FPS "*");
- }
- if (count%(NUM_KEYSTROKES/RAND_BUF_SIZE) == 1)
- FPS "/");
- count++;
- }
- }
- free(randbuf);
-
- FPS "\n\n");
- FPS "Finished. Press enter to continue: ");
-#if defined(VMS)
- while((c = GENERIC_GETCHAR_NO_ECHO()) != '\r' && c != EOF)
- ;
-#else
- while ((c = getc(stdin)) != '\n' && c != EOF)
- ;
-#endif
- if (c == EOF)
- rv = -1;
- FPS "\n");
-
-#undef FPS
-
-#if defined(XP_UNIX) && !defined(VMS)
- /* set back termio the way it was */
- tio.c_lflag = orig_lflag;
- tio.c_cc[VMIN] = orig_cc_min;
- tio.c_cc[VTIME] = orig_cc_time;
- tcsetattr(fd, TCSAFLUSH, &tio);
-#endif
- return rv;
-}
-
-
-static unsigned char P[] = { 0x00, 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76,
- 0xaa, 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69,
- 0xcb, 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c,
- 0xf7, 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82,
- 0xe5, 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e,
- 0xaf, 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a,
- 0xac, 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24,
- 0xc2, 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02,
- 0x91 };
-static unsigned char Q[] = { 0x00, 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8,
- 0xee, 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4,
- 0x8e, 0xda, 0xce, 0x91, 0x5f };
-static unsigned char G[] = { 0x00, 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a,
- 0x13, 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5,
- 0x00, 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef,
- 0xcb, 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c,
- 0x2e, 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba,
- 0xbf, 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c,
- 0x9c, 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08,
- 0x8c, 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88,
- 0x02 };
-
-static PQGParams default_pqg_params = {
- NULL,
- { 0, P, sizeof(P) },
- { 0, Q, sizeof(Q) },
- { 0, G, sizeof(G) }
-};
-
-static PQGParams *
-decode_pqg_params(char *str)
-{
- char *buf;
- unsigned int len;
- PRArenaPool *arena;
- PQGParams *params;
- SECStatus status;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- return NULL;
-
- params = PORT_ArenaZAlloc(arena, sizeof(PQGParams));
- if (params == NULL)
- goto loser;
- params->arena = arena;
-
- buf = (char *)ATOB_AsciiToData(str, &len);
- if ((buf == NULL) || (len == 0))
- goto loser;
-
- status = SEC_ASN1Decode(arena, params, SECKEY_PQGParamsTemplate, buf, len);
- if (status != SECSuccess)
- goto loser;
-
- return params;
-
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-static int
-pqg_prime_bits(char *str)
-{
- PQGParams *params = NULL;
- int primeBits = 0, i;
-
- params = decode_pqg_params(str);
- if (params == NULL)
- goto done; /* lose */
-
- for (i = 0; params->prime.data[i] == 0; i++)
- /* empty */;
- primeBits = (params->prime.len - i) * 8;
-
-done:
- if (params != NULL)
- PQG_DestroyParams(params);
- return primeBits;
-}
-
-static char *
-SECU_GetpqgString(char *filename)
-{
- char phrase[400];
- FILE *fh;
- char *rv;
-
- fh = fopen(filename,"r");
- rv = fgets (phrase, sizeof(phrase), fh);
-
- fclose(fh);
- if (phrase[strlen(phrase)-1] == '\n')
- phrase[strlen(phrase)-1] = '\0';
- if (rv) {
- return (char*) PORT_Strdup(phrase);
- }
- fprintf(stderr,"pqg file contain no data\n");
- return NULL;
-}
-
-PQGParams*
-getpqgfromfile(int keyBits, char *pqgFile)
-{
- char *end, *str, *pqgString;
- int primeBits;
-
- pqgString = SECU_GetpqgString(pqgFile);
- if (pqgString)
- str = PORT_Strdup(pqgString);
- else
- return NULL;
-
- do {
- end = PORT_Strchr(str, ',');
- if (end)
- *end = '\0';
- primeBits = pqg_prime_bits(str);
- if (keyBits == primeBits)
- goto found_match;
- str = end + 1;
- } while (end);
-
- PORT_Free(pqgString);
- PORT_Free(str);
- return NULL;
-
-found_match:
- PORT_Free(pqgString);
- PORT_Free(str);
- return decode_pqg_params(str);
-}
-
-SECKEYPrivateKey *
-CERTUTIL_GeneratePrivateKey(KeyType keytype, PK11SlotInfo *slot, int size,
- int publicExponent, char *noise,
- SECKEYPublicKey **pubkeyp, char *pqgFile,
- secuPWData *pwdata)
-{
- CK_MECHANISM_TYPE mechanism;
- SECOidTag algtag;
- PK11RSAGenParams rsaparams;
- PQGParams *dsaparams = NULL;
- void *params;
- PRArenaPool *dsaparena;
-
- /*
- * Do some random-number initialization.
- */
- RNG_SystemInfoForRNG();
-
- if (noise) {
- RNG_FileForRNG(noise);
- } else {
- int rv = UpdateRNG();
- if (rv) {
- PORT_SetError(PR_END_OF_FILE_ERROR);
- return NULL;
- }
- }
-
- switch (keytype) {
- case rsaKey:
- rsaparams.keySizeInBits = size;
- rsaparams.pe = publicExponent;
- mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
- algtag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- params = &rsaparams;
- break;
- case dsaKey:
- mechanism = CKM_DSA_KEY_PAIR_GEN;
- algtag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- if (pqgFile) {
- dsaparams = getpqgfromfile(size, pqgFile);
- } else {
- dsaparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (dsaparena == NULL) return NULL;
- dsaparams = PORT_ArenaZAlloc(dsaparena, sizeof(PQGParams));
- if (dsaparams == NULL) return NULL;
- dsaparams->arena = dsaparena;
- SECITEM_AllocItem(dsaparena, &dsaparams->prime, sizeof P);
- SECITEM_AllocItem(dsaparena, &dsaparams->subPrime, sizeof Q);
- SECITEM_AllocItem(dsaparena, &dsaparams->base, sizeof G);
- PORT_Memcpy(dsaparams->prime.data, P, dsaparams->prime.len);
- PORT_Memcpy(dsaparams->subPrime.data, Q, dsaparams->subPrime.len);
- PORT_Memcpy(dsaparams->base.data, G, dsaparams->base.len);
- }
- params = dsaparams;
- break;
- default:
- return NULL;
- }
-
- if (slot == NULL)
- return NULL;
-
- if (PK11_Authenticate(slot, PR_TRUE, pwdata) != SECSuccess)
- return NULL;
-
- fprintf(stderr, "\n\n");
- fprintf(stderr, "Generating key. This may take a few moments...\n\n");
-
- return PK11_GenerateKeyPair(slot, mechanism, params, pubkeyp,
- PR_TRUE /*isPerm*/, PR_TRUE /*isSensitive*/,
- pwdata /*wincx*/);
-}
diff --git a/security/nss/cmd/certutil/makefile.win b/security/nss/cmd/certutil/makefile.win
deleted file mode 100644
index 26cdc0651..000000000
--- a/security/nss/cmd/certutil/makefile.win
+++ /dev/null
@@ -1,155 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-PROGRAM = certutil
-PROGRAM = $(OBJDIR)\$(PROGRAM).exe
-
-include <$(DEPTH)\config\config.mak>
-
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-# awt3240.lib # brpref32.lib # cert32.lib
-# crypto32.lib # dllcom.lib # editor32.lib
-# edpref32.lib # edtplug.lib # font.lib
-# hash32.lib # htmldg32.lib # img32.lib
-# javart32.lib # jbn3240.lib # jdb3240.lib
-# jmc.lib # jpeg3240.lib # jpw3240.lib
-# jrt3240.lib # js3240.lib # jsd3240.lib
-# key32.lib # libapplet32.lib # libnjs32.lib
-# libnsc32.lib # libreg32.lib # mm3240.lib
-# mnpref32.lib # netcst32.lib # nsdlg32.lib
-# nsldap32.lib # nsldaps32.lib # nsn32.lib
-# pkcs1232.lib # pkcs732.lib # pr3240.lib
-# prefui32.lib # prefuuid.lib # secmod32.lib
-# secnav32.lib # secutl32.lib # softup32.lib
-# sp3240.lib # ssl32.lib # uni3200.lib
-# unicvt32.lib # win32md.lib # winfont.lib
-# xppref32.lib # zlib32.lib
-
-include <$(DEPTH)\config\rules.mak>
-
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj
-# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp
-# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch
-# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll
-# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj
-# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/certutil/manifest.mn b/security/nss/cmd/certutil/manifest.mn
deleted file mode 100644
index d387540b9..000000000
--- a/security/nss/cmd/certutil/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
- certutil.c \
- keystuff.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = certutil
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/checkcert/Makefile b/security/nss/cmd/checkcert/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/checkcert/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/checkcert/checkcert.c b/security/nss/cmd/checkcert/checkcert.c
deleted file mode 100644
index 0cd5e61aa..000000000
--- a/security/nss/cmd/checkcert/checkcert.c
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "plgetopt.h"
-#include "cert.h"
-#include "secoid.h"
-#include "cryptohi.h"
-
-/* maximum supported modulus length in bits (indicate problem if over this) */
-#define MAX_MODULUS (1024)
-
-
-static void Usage(char *progName)
-{
- fprintf(stderr, "Usage: %s [aAvf] [certtocheck] [issuingcert]\n",
- progName);
- fprintf(stderr, "%-20s Cert to check is base64 encoded\n",
- "-a");
- fprintf(stderr, "%-20s Issuer's cert is base64 encoded\n",
- "-A");
- fprintf(stderr, "%-20s Verbose (indicate decoding progress etc.)\n",
- "-v");
- fprintf(stderr, "%-20s Force sanity checks even if pretty print fails.\n",
- "-f");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- fprintf(stderr, "%-20s Specify the input type (no default)\n",
- "-t type");
- exit(-1);
-}
-
-
-/*
- * Check integer field named fieldName, printing out results and
- * returning the length of the integer in bits
- */
-
-static
-int checkInteger(SECItem *intItem, char *fieldName, int verbose)
-{
- int len, bitlen;
- if (verbose) {
- printf("Checking %s\n", fieldName);
- }
-
- len = intItem->len;
-
- if (len && (intItem->data[0] & 0x80)) {
- printf("PROBLEM: %s is NEGATIVE 2's-complement integer.\n",
- fieldName);
- }
-
-
- /* calculate bit length and check for unnecessary leading zeros */
- bitlen = len << 3;
- if (len > 1 && intItem->data[0] == 0) {
- /* leading zero byte(s) */
- if (!(intItem->data[1] & 0x80)) {
- printf("PROBLEM: %s has unneeded leading zeros. Violates DER.\n",
- fieldName);
- }
- /* strip leading zeros in length calculation */
- {
- int i=0;
- while (bitlen > 8 && intItem->data[i] == 0) {
- bitlen -= 8;
- i++;
- }
- }
- }
- return bitlen;
-}
-
-
-
-
-static
-void checkName(CERTName *n, char *fieldName, int verbose)
-{
- char *v=0;
- if (verbose) {
- printf("Checking %s\n", fieldName);
- }
-
- v = CERT_GetCountryName(n);
- if (!v) {
- printf("PROBLEM: %s lacks Country Name (C)\n",
- fieldName);
- }
- PORT_Free(v);
-
- v = CERT_GetOrgName(n);
- if (!v) {
- printf("PROBLEM: %s lacks Organization Name (O)\n",
- fieldName);
- }
- PORT_Free(v);
-
- v = CERT_GetOrgUnitName(n);
- if (!v) {
- printf("WARNING: %s lacks Organization Unit Name (OU)\n",
- fieldName);
- }
- PORT_Free(v);
-
- v = CERT_GetCommonName(n);
- if (!v) {
- printf("PROBLEM: %s lacks Common Name (CN)\n",
- fieldName);
- }
- PORT_Free(v);
-}
-
-
-
-
-/*
- * Private version of verification that checks for agreement between
- * signature algorithm oid (at the SignedData level) and oid in DigestInfo.
- *
- */
-
-
-/* Returns the tag for the hash algorithm in the given signature algorithm */
- static
- int hashAlg(int sigAlgTag) {
- int rv;
- switch(sigAlgTag) {
- case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
- rv = SEC_OID_MD2;
- break;
- case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
- rv = SEC_OID_MD5;
- break;
- case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
- rv = SEC_OID_SHA1;
- break;
- default:
- rv = -1;
- }
- return rv;
- }
-
-
-
-struct VFYContextStr {
- int alg;
- unsigned char digest[32];
- void *hasher;
- void (*begin)(void *);
- void (*update)(void *, unsigned char*, unsigned);
- SECStatus (*end)(void *, unsigned char*, unsigned int*, unsigned);
- void (*destroy)(void *, PRBool);
-};
-
-
-static
-SECStatus
-OurVerifyData(unsigned char *buf, int len, SECKEYPublicKey *key,
- SECItem *sig, SECAlgorithmID *sigAlgorithm)
-{
- SECStatus rv;
- VFYContext *cx;
- SECOidData *sigAlgOid, *oiddata;
- int sigAlgTag;
- int hashAlgTag;
- int showDigestOid=0;
-
- cx = VFY_CreateContext(key, sig, SECOID_GetAlgorithmTag(sigAlgorithm),
- NULL);
- if (cx == NULL)
- return SECFailure;
-
- sigAlgOid = SECOID_FindOID(&sigAlgorithm->algorithm);
- if (sigAlgOid == 0)
- return SECFailure;
- sigAlgTag = sigAlgOid->offset;
-
- hashAlgTag = hashAlg(sigAlgTag);
- if (hashAlgTag == -1) {
- printf("PROBLEM: Unsupported Digest Algorithm in DigestInfo");
- showDigestOid = 1;
- } else if (hashAlgTag != cx->alg) {
- printf("PROBLEM: Digest OID in DigestInfo is incompatible "
- "with Signature Algorithm\n");
- showDigestOid = 1;
- }
-
- if (showDigestOid) {
- oiddata = SECOID_FindOIDByTag(cx->alg);
- if ( oiddata ) {
- printf("PROBLEM: (cont) Digest OID is %s\n", oiddata->desc);
- } else {
- SECU_PrintAsHex(stdout,
- &oiddata->oid, "PROBLEM: UNKNOWN OID", 0);
- }
- }
-
- rv = VFY_Begin(cx);
- if (rv == SECSuccess) {
- rv = VFY_Update(cx, buf, len);
- if (rv == SECSuccess)
- rv = VFY_End(cx);
- }
-
- VFY_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-
-
-static
-SECStatus
-OurVerifySignedData(CERTSignedData *sd, CERTCertificate *cert)
-{
- SECItem sig;
- SECKEYPublicKey *pubKey = 0;
- SECStatus rv;
-
- /* check the certificate's validity */
- rv = CERT_CertTimesValid(cert);
- if ( rv ) {
- return(SECFailure);
- }
-
- /* get cert's public key */
- pubKey = CERT_ExtractPublicKey(cert);
- if ( !pubKey ) {
- return(SECFailure);
- }
-
- /* check the signature */
- sig = sd->signature;
- DER_ConvertBitString(&sig);
- rv = OurVerifyData(sd->data.data, sd->data.len, pubKey, &sig,
- &sd->signatureAlgorithm);
-
- SECKEY_DestroyPublicKey(pubKey);
-
- if ( rv ) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-
-
-
-static
-CERTCertificate *createEmptyCertificate(void)
-{
- PRArenaPool *arena = 0;
- CERTCertificate *c = 0;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- return 0;
- }
-
-
- c = (CERTCertificate *) PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
-
- if (c) {
- c->referenceCount = 1;
- c->arena = arena;
- } else {
- PORT_FreeArena(arena,PR_TRUE);
- }
-
- return c;
-}
-
-
-
-
-int main(int argc, char **argv)
-{
- int rv, verbose=0, force=0;
- int ascii=0, issuerAscii=0;
- char *progName=0;
- PRFileDesc *inFile=0, *issuerCertFile=0;
- SECItem derCert, derIssuerCert;
- PRArenaPool *arena=0;
- CERTSignedData *signedData=0;
- CERTCertificate *cert=0, *issuerCert=0;
- SECKEYPublicKey *rsapubkey=0;
- SECAlgorithmID md5WithRSAEncryption, md2WithRSAEncryption;
- SECAlgorithmID sha1WithRSAEncryption, rsaEncryption;
- SECItem spk;
- int selfSigned=0;
- int invalid=0;
- char *inFileName = NULL, *issuerCertFileName = NULL;
- PLOptState *optstate;
- PLOptStatus status;
-
- PORT_Memset(&md5WithRSAEncryption, 0, sizeof(md5WithRSAEncryption));
- PORT_Memset(&md2WithRSAEncryption, 0, sizeof(md2WithRSAEncryption));
- PORT_Memset(&sha1WithRSAEncryption, 0, sizeof(sha1WithRSAEncryption));
- PORT_Memset(&rsaEncryption, 0, sizeof(rsaEncryption));
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- optstate = PL_CreateOptState(argc, argv, "aAvf");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'v':
- verbose = 1;
- break;
-
- case 'f':
- force = 1;
- break;
-
- case 'a':
- ascii = 1;
- break;
-
- case 'A':
- issuerAscii = 1;
- break;
-
- case '\0':
- if (!inFileName)
- inFileName = PL_strdup(optstate->value);
- else if (!issuerCertFileName)
- issuerCertFileName = PL_strdup(optstate->value);
- else
- Usage(progName);
- break;
- }
- }
-
- if (!inFileName || !issuerCertFileName || status == PL_OPT_BAD) {
- /* insufficient or excess args */
- Usage(progName);
- }
-
- inFile = PR_Open(inFileName, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, inFileName);
- exit(1);
- }
-
- issuerCertFile = PR_Open(issuerCertFileName, PR_RDONLY, 0);
- if (!issuerCertFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, issuerCertFileName);
- exit(1);
- }
-
- if (SECU_ReadDERFromFile(&derCert, inFile, ascii) != SECSuccess) {
- printf("Couldn't read input certificate as DER binary or base64\n");
- exit(1);
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == 0) {
- fprintf(stderr,"%s: can't allocate scratch arena!", progName);
- exit(1);
- }
-
- if (issuerCertFile) {
- CERTSignedData *issuerCertSD=0;
- if (SECU_ReadDERFromFile(&derIssuerCert, issuerCertFile, issuerAscii)
- != SECSuccess) {
- printf("Couldn't read issuer certificate as DER binary or base64.\n");
- exit(1);
- }
- issuerCertSD = (CERTSignedData *) PORT_ArenaZAlloc(arena,
- sizeof(CERTSignedData));
- if (!issuerCertSD) {
- fprintf(stderr,"%s: can't allocate issuer signed data!", progName);
- exit(1);
- }
- rv = SEC_ASN1DecodeItem(arena, issuerCertSD,
- SEC_ASN1_GET(CERT_SignedDataTemplate),
- &derIssuerCert);
- if (rv) {
- fprintf(stderr, "%s: Issuer cert isn't X509 SIGNED Data?\n",
- progName);
- exit(1);
- }
- issuerCert = createEmptyCertificate();
- if (!issuerCert) {
- printf("%s: can't allocate space for issuer cert.", progName);
- exit(1);
- }
- rv = SEC_ASN1DecodeItem(arena, issuerCert,
- SEC_ASN1_GET(CERT_CertificateTemplate),
- &issuerCertSD->data);
- if (rv) {
- printf("%s: Does not appear to be an X509 Certificate.\n",
- progName);
- exit(1);
- }
- }
-
- signedData = (CERTSignedData *) PORT_ArenaZAlloc(arena,sizeof(CERTSignedData));
- if (!signedData) {
- fprintf(stderr,"%s: can't allocate signedData!", progName);
- exit(1);
- }
-
- rv = SEC_ASN1DecodeItem(arena, signedData,
- SEC_ASN1_GET(CERT_SignedDataTemplate),
- &derCert);
- if (rv) {
- fprintf(stderr, "%s: Does not appear to be X509 SIGNED Data.\n",
- progName);
- exit(1);
- }
-
- if (verbose) {
- printf("Decoded ok as X509 SIGNED data.\n");
- }
-
- cert = createEmptyCertificate();
- if (!cert) {
- fprintf(stderr, "%s: can't allocate cert", progName);
- exit(1);
- }
-
- rv = SEC_ASN1DecodeItem(arena, cert,
- SEC_ASN1_GET(CERT_CertificateTemplate),
- &signedData->data);
- if (rv) {
- fprintf(stderr, "%s: Does not appear to be an X509 Certificate.\n",
- progName);
- exit(1);
- }
-
-
- if (verbose) {
- printf("Decoded ok as an X509 certificate.\n");
- }
-
-
- rv = SECU_PrintSignedData(stdout, &derCert, "Certificate", 0,
- SECU_PrintCertificate);
-
- if (rv) {
- fprintf(stderr, "%s: Unable to pretty print cert. Error: %d\n",
- progName, PORT_GetError());
- if (!force) {
- exit(1);
- }
- }
-
-
- /* Do various checks on the cert */
-
- printf("\n");
-
- /* Check algorithms */
- SECOID_SetAlgorithmID(arena, &md5WithRSAEncryption,
- SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION, NULL);
-
- SECOID_SetAlgorithmID(arena, &md2WithRSAEncryption,
- SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION, NULL);
-
- SECOID_SetAlgorithmID(arena, &sha1WithRSAEncryption,
- SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, NULL);
-
- SECOID_SetAlgorithmID(arena, &rsaEncryption,
- SEC_OID_PKCS1_RSA_ENCRYPTION, NULL);
-
- {
- int isMD5RSA = (SECOID_CompareAlgorithmID(&cert->signature,
- &md5WithRSAEncryption) == 0);
- int isMD2RSA = (SECOID_CompareAlgorithmID(&cert->signature,
- &md2WithRSAEncryption) == 0);
- int isSHA1RSA = (SECOID_CompareAlgorithmID(&cert->signature,
- &sha1WithRSAEncryption) == 0);
-
- if (verbose) {
- printf("\nDoing algorithm checks.\n");
- }
-
- if (!(isMD5RSA || isMD2RSA || isSHA1RSA)) {
- printf("PROBLEM: Signature not PKCS1 MD5, MD2, or SHA1 + RSA.\n");
- } else if (!isMD5RSA) {
- printf("WARNING: Signature not PKCS1 MD5 with RSA Encryption\n");
- }
-
- if (SECOID_CompareAlgorithmID(&cert->signature,
- &signedData->signatureAlgorithm)) {
- printf("PROBLEM: Algorithm in sig and certInfo don't match.\n");
- }
- }
-
- if (SECOID_CompareAlgorithmID(&cert->subjectPublicKeyInfo.algorithm,
- &rsaEncryption)) {
- printf("PROBLEM: Public key algorithm is not PKCS1 RSA Encryption.\n");
- }
-
- /* Check further public key properties */
- spk = cert->subjectPublicKeyInfo.subjectPublicKey;
- DER_ConvertBitString(&spk);
-
- if (verbose) {
- printf("\nsubjectPublicKey DER\n");
- rv = DER_PrettyPrint(stdout, &spk, PR_FALSE);
- printf("\n");
- }
-
- rsapubkey = (SECKEYPublicKey *)
- PORT_ArenaZAlloc(arena,sizeof(SECKEYPublicKey));
- if (!rsapubkey) {
- fprintf(stderr, "%s: rsapubkey allocation failed.\n", progName);
- exit(1);
- }
-
- rv = SEC_ASN1DecodeItem(arena, rsapubkey,
- SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), &spk);
- if (rv) {
- printf("PROBLEM: subjectPublicKey is not a DER PKCS1 RSAPublicKey.\n");
- } else {
- int mlen;
- int pubexp;
- if (verbose) {
- printf("Decoded RSA Public Key ok. Doing key checks.\n");
- }
- PORT_Assert(rsapubkey->keyType == rsaKey); /* XXX RSA */
- mlen = checkInteger(&rsapubkey->u.rsa.modulus, "Modulus", verbose);
- printf("INFO: Public Key modulus length in bits: %d\n", mlen);
- if (mlen > MAX_MODULUS) {
- printf("PROBLEM: Modulus length exceeds %d bits.\n",
- MAX_MODULUS);
- }
- if (mlen < 512) {
- printf("WARNING: Short modulus.\n");
- }
- if (mlen != (1 << (ffs(mlen)-1))) {
- printf("WARNING: Unusual modulus length (not a power of two).\n");
- }
- checkInteger(&rsapubkey->u.rsa.publicExponent, "Public Exponent",
- verbose);
- pubexp = DER_GetInteger(&rsapubkey->u.rsa.publicExponent);
- if (pubexp != 17 && pubexp != 3 && pubexp != 65537) {
- printf("WARNING: Public exponent not any of: 3, 17, 65537\n");
- }
- }
-
-
- /* Name checks */
- checkName(&cert->issuer, "Issuer Name", verbose);
- checkName(&cert->subject, "Subject Name", verbose);
-
- if (issuerCert) {
- SECComparison c =
- CERT_CompareName(&cert->issuer, &issuerCert->subject);
- if (c) {
- printf("PROBLEM: Issuer Name and Subject in Issuing Cert differ\n");
- }
- }
-
- /* Check if self-signed */
- selfSigned = (CERT_CompareName(&cert->issuer, &cert->subject) == 0);
- if (selfSigned) {
- printf("INFO: Certificate is self signed.\n");
- } else {
- printf("INFO: Certificate is NOT self-signed.\n");
- }
-
-
- /* Validity time check */
- if (CERT_CertTimesValid(cert) == SECSuccess) {
- printf("INFO: Inside validity period of certificate.\n");
- } else {
- printf("PROBLEM: Not in validity period of certificate.\n");
- invalid = 1;
- }
-
- /* Signature check if self-signed */
- if (selfSigned && !invalid) {
- if (rsapubkey->u.rsa.modulus.len) {
- SECStatus ver;
- if (verbose) {
- printf("Checking self signature.\n");
- }
- ver = OurVerifySignedData(signedData, cert);
- if (ver != SECSuccess) {
- printf("PROBLEM: Verification of self-signature failed!\n");
- } else {
- printf("INFO: Self-signature verifies ok.\n");
- }
- } else {
- printf("INFO: Not checking signature due to key problems.\n");
- }
- } else if (!selfSigned && !invalid && issuerCert) {
- SECStatus ver;
- ver = OurVerifySignedData(signedData, issuerCert);
- if (ver != SECSuccess) {
- printf("PROBLEM: Verification of issuer's signature failed!\n");
- } else {
- printf("INFO: Issuer's signature verifies ok.\n");
- }
- } else {
- printf("INFO: Not checking signature.\n");
- }
-
- return 0;
-}
-
-
-
diff --git a/security/nss/cmd/checkcert/makefile.win b/security/nss/cmd/checkcert/makefile.win
deleted file mode 100644
index ff1fe62a7..000000000
--- a/security/nss/cmd/checkcert/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = checkcert
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/checkcert/manifest.mn b/security/nss/cmd/checkcert/manifest.mn
deleted file mode 100644
index 9d5a99f73..000000000
--- a/security/nss/cmd/checkcert/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = checkcert.c
-
-PROGRAM = checkcert
diff --git a/security/nss/cmd/cmdlib/Makefile b/security/nss/cmd/cmdlib/Makefile
deleted file mode 100644
index 0769c80a3..000000000
--- a/security/nss/cmd/cmdlib/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
diff --git a/security/nss/cmd/cmdlib/cmdline.c b/security/nss/cmd/cmdlib/cmdline.c
deleted file mode 100644
index 84ad35be3..000000000
--- a/security/nss/cmd/cmdlib/cmdline.c
+++ /dev/null
@@ -1,474 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <string.h>
-#include <ctype.h>
-
-#include "cmdutil.h"
-
-static int s_indent_size = 4;
-
-void
-CMD_SetIndentSize(int size)
-{
- s_indent_size = size;
-}
-
-#if 0
-static void
-indent(PRFileDesc *out, int level)
-{
- int i, j;
- for (i=0; i<level; i++)
- for (j=0; j<s_indent_size; j++)
- PR_fprintf(out, " ");
-}
-#endif
-
-struct cmdPrintStateStr {
- PRFileDesc *file;
- int width;
- int indent;
- int linepos;
-};
-
-static void
-init_print_ps(cmdPrintState *ps, PRFileDesc *outfile, int width, int indent)
-{
- ps->file = (outfile) ? outfile : PR_STDOUT;
- ps->width = (width > 0) ? width : 80;
- ps->indent = (indent > 0) ? indent : 0;
- ps->linepos = 0;
-}
-
-static void
-print_ps_indent(cmdPrintState *ps)
-{
- int j;
- if (ps->linepos != 0) {
- PR_fprintf(ps->file, "\n");
- ps->linepos = 0;
- }
- for (j=0; j<=ps->indent; j++) PR_fprintf(ps->file, " ");
- ps->linepos = ps->indent;
-}
-
-static void
-print_ps_to_indent(cmdPrintState *ps)
-{
- if (ps->linepos > ps->indent)
- PR_fprintf(ps->file, "\n");
- while (ps->linepos <= ps->indent) {
- PR_fprintf(ps->file, " ");
- ps->linepos++;
- }
-}
-
-static void
-nprintbuf(cmdPrintState *ps, char *buf, int start, int len)
-{
- int j;
- for (j=start; j<start + len; j++) {
- if (buf[j] == '\n') {
- PR_fprintf(ps->file, "\n");
- ps->linepos = 0;
- print_ps_indent(ps);
- } else {
- PR_fprintf(ps->file, "%c", buf[j]);
- ps->linepos++;
- }
- }
-}
-
-static void
-nprintf(cmdPrintState *ps, char *msg, ...)
-{
- char buf[256];
- int i, len, grouplen;
- PRBool openquote, openbracket, openparen, openangle, itsaword;
- va_list args;
- va_start(args, msg);
- vsprintf(buf, msg, args);
- len = strlen(buf);
- /* print_ps_indent(ps); */
- if (len < ps->width - ps->linepos) {
- nprintbuf(ps, buf, 0, len + 1);
- return;
- }
- /* group in this order: " [ ( < word > ) ] " */
- i=0;
- openquote=openbracket=openparen=openangle=itsaword=PR_FALSE;
- while (i<len) {
- grouplen = 0;
- if (buf[i] == '\"') { openquote = PR_TRUE; grouplen = 1; }
- else if (buf[i] == '[') { openbracket = PR_TRUE; grouplen = 1; }
- else if (buf[i] == '(') { openparen = PR_TRUE; grouplen = 1; }
- else if (buf[i] == '<') { openangle = PR_TRUE; grouplen = 1; }
- else itsaword = PR_TRUE;
- while (grouplen < len && buf[i+grouplen] != '\0' &&
- ((openquote && buf[i+grouplen] != '\"') ||
- (openbracket && buf[i+grouplen] != ']') ||
- (openparen && buf[i+grouplen] != ')') ||
- (openangle && buf[i+grouplen] != '>') ||
- (itsaword && !isspace(buf[i+grouplen]))))
- grouplen++;
- grouplen++; /* grab the terminator (whitespace for word) */
- if (!itsaword && isspace(buf[i+grouplen])) grouplen++;
- if (grouplen < ps->width - ps->linepos) {
- nprintbuf(ps, buf, i, grouplen);
- } else if (grouplen < ps->width - ps->indent) {
- print_ps_indent(ps);
- nprintbuf(ps, buf, i, grouplen);
- } else {
- /* it's just too darn long. what to do? */
- }
- i += grouplen;
- openquote=openbracket=openparen=openangle=itsaword=PR_FALSE;
- }
- va_end(args);
-}
-
-void
-CMD_PrintUsageString(cmdPrintState *ps, char *str)
-{
- nprintf(ps, "%s", str);
-}
-
-/* void because it exits with Usage() if failure */
-static void
-command_line_okay(cmdCommand *cmd, char *progName)
-{
- int i, c = -1;
- /* user asked for help. hope somebody gives it to them. */
- if (cmd->opt[0].on) return;
- /* check that the command got all of its needed options */
- for (i=0; i<cmd->ncmd; i++) {
- if (cmd->cmd[i].on) {
- if (c > 0) {
- fprintf(stderr,
- "%s: only one command can be given at a time.\n",
- progName);
- CMD_Usage(progName, cmd);
- } else {
- c = i;
- }
- }
- }
- if (cmd->cmd[c].argUse == CMDArgReq && cmd->cmd[c].arg == NULL) {
- /* where's the arg when you need it... */
- fprintf(stderr, "%s: command --%s requires an argument.\n",
- progName, cmd->cmd[c].s);
- fprintf(stderr, "type \"%s --%s --help\" for help.\n",
- progName, cmd->cmd[c].s);
- CMD_Usage(progName, cmd);
- }
- for (i=0; i<cmd->nopt; i++) {
- if (cmd->cmd[c].req & CMDBIT(i)) {
- /* command requires this option */
- if (!cmd->opt[i].on) {
- /* but it ain't there */
- fprintf(stderr, "%s: command --%s requires option --%s.\n",
- progName, cmd->cmd[c].s, cmd->opt[i].s);
- } else {
- /* okay, its there, but does it have an arg? */
- if (cmd->opt[i].argUse == CMDArgReq && !cmd->opt[i].arg) {
- fprintf(stderr, "%s: option --%s requires an argument.\n",
- progName, cmd->opt[i].s);
- }
- }
- } else if (cmd->cmd[c].opt & CMDBIT(i)) {
- /* this option is optional */
- if (cmd->opt[i].on) {
- /* okay, its there, but does it have an arg? */
- if (cmd->opt[i].argUse == CMDArgReq && !cmd->opt[i].arg) {
- fprintf(stderr, "%s: option --%s requires an argument.\n",
- progName, cmd->opt[i].s);
- }
- }
- } else {
- /* command knows nothing about it */
- if (cmd->opt[i].on) {
- /* so why the h--- is it on? */
- fprintf(stderr, "%s: option --%s not used with command --%s.\n",
- progName, cmd->opt[i].s, cmd->cmd[c].s);
- }
- }
- }
-}
-
-static char *
-get_arg(char *curopt, char **nextopt, int argc, int *index)
-{
- char *str;
- if (curopt) {
- str = curopt;
- } else {
- if (*index + 1 >= argc) return NULL;
- /* not really an argument but another flag */
- if (nextopt[*index+1][0] == '-') return NULL;
- str = nextopt[++(*index)];
- }
- /* parse the option */
- return strdup(str);
-}
-
-int
-CMD_ParseCommandLine(int argc, char **argv, char *progName, cmdCommand *cmd)
-{
- int i, j, k;
- int cmdToRun = -1;
- char *flag;
- i=1;
- if (argc <= 1) return -2; /* gross hack for cmdless things like atob */
- do {
- flag = argv[i];
- if (strlen(flag) < 2) /* huh? */
- return -1;
- if (flag[0] != '-')
- return -1;
- /* ignore everything after lone "--" (app-specific weirdness there) */
- if (strcmp(flag, "--") == 0)
- return cmdToRun;
- /* single hyphen means short alias (single-char) */
- if (flag[1] != '-') {
- j=1;
- /* collect a set of opts, ex. -abc */
- while (flag[j] != '\0') {
- PRBool found = PR_FALSE;
- /* walk the command set looking for match */
- for (k=0; k<cmd->ncmd; k++) {
- if (flag[j] == cmd->cmd[k].c) {
- /* done - only take one command at a time */
- if (j > 1) return -1;
- cmd->cmd[k].on = found = PR_TRUE;
- cmdToRun = k;
- if (cmd->cmd[k].argUse != CMDNoArg)
- cmd->cmd[k].arg = get_arg(NULL, argv, argc, &i);
- goto next_flag;
- }
- }
- /* wasn't found in commands, try options */
- for (k=0; k<cmd->nopt; k++) {
- if (flag[j] == cmd->opt[k].c) {
- /* collect this option and keep going */
- cmd->opt[k].on = found = PR_TRUE;
- if (flag[j+1] == '\0') {
- if (cmd->opt[k].argUse != CMDNoArg)
- cmd->opt[k].arg = get_arg(NULL, argv, argc, &i);
- goto next_flag;
- }
- }
- }
- j++;
- if (!found) return -1;
- }
- } else { /* long alias, ex. --list */
- char *fl = NULL, *arg = NULL;
- PRBool hyphened = PR_FALSE;
- fl = &flag[2];
- arg = strchr(fl, '=');
- if (arg) {
- *arg++ = '\0';
- } else {
- arg = strchr(fl, '-');
- if (arg) {
- hyphened = PR_TRUE; /* watch this, see below */
- *arg++ = '\0';
- }
- }
- for (k=0; k<cmd->ncmd; k++) {
- if (strcmp(fl, cmd->cmd[k].s) == 0) {
- cmd->cmd[k].on = PR_TRUE;
- cmdToRun = k;
- if (cmd->cmd[k].argUse != CMDNoArg || hyphened) {
- cmd->cmd[k].arg = get_arg(arg, argv, argc, &i);
- }
- if (arg) arg[-1] = '=';
- goto next_flag;
- }
- }
- for (k=0; k<cmd->nopt; k++) {
- if (strcmp(fl, cmd->opt[k].s) == 0) {
- cmd->opt[k].on = PR_TRUE;
- if (cmd->opt[k].argUse != CMDNoArg || hyphened) {
- cmd->opt[k].arg = get_arg(arg, argv, argc, &i);
- }
- if (arg) arg[-1] = '=';
- goto next_flag;
- }
- }
- return -1;
- }
-next_flag:
- i++;
- } while (i < argc);
- command_line_okay(cmd, progName);
- return cmdToRun;
-}
-
-void
-CMD_LongUsage(char *progName, cmdCommand *cmd, cmdUsageCallback usage)
-{
- int i, j;
- PRBool oneCommand = PR_FALSE;
- cmdPrintState ps;
- init_print_ps(&ps, PR_STDERR, 80, 0);
- nprintf(&ps, "\n%s: ", progName);
- /* prints app-specific header */
- ps.indent = strlen(progName) + 4;
- usage(&ps, 0, PR_FALSE, PR_TRUE, PR_FALSE);
- for (i=0; i<cmd->ncmd; i++) if (cmd->cmd[i].on) oneCommand = PR_TRUE;
- for (i=0; i<cmd->ncmd; i++) {
- if ((oneCommand && cmd->cmd[i].on) || !oneCommand) {
- ps.indent = 0;
- print_ps_indent(&ps);
- if (cmd->cmd[i].c != 0) {
- nprintf(&ps, "-%c, ", cmd->cmd[i].c);
- nprintf(&ps, "--%-16s ", cmd->cmd[i].s);
- } else {
- nprintf(&ps, "--%-20s ", cmd->cmd[i].s);
- }
- ps.indent += 20;
- usage(&ps, i, PR_TRUE, PR_FALSE, PR_FALSE);
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].req & CMDBIT(j)) {
- ps.indent = 0;
- print_ps_indent(&ps);
- nprintf(&ps, "%3s* ", "");
- if (cmd->opt[j].c != 0) {
- nprintf(&ps, "-%c, ", cmd->opt[j].c);
- nprintf(&ps, "--%-16s ", cmd->opt[j].s);
- } else {
- nprintf(&ps, "--%-20s ", cmd->opt[j].s);
- }
- ps.indent += 29;
- usage(&ps, j, PR_FALSE, PR_FALSE, PR_FALSE);
- }
- }
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].opt & CMDBIT(j)) {
- ps.indent = 0;
- print_ps_indent(&ps);
- nprintf(&ps, "%5s", "");
- if (cmd->opt[j].c != 0) {
- nprintf(&ps, "-%c, ", cmd->opt[j].c);
- nprintf(&ps, "--%-16s ", cmd->opt[j].s);
- } else {
- nprintf(&ps, "--%-20s ", cmd->opt[j].s);
- }
- ps.indent += 29;
- usage(&ps, j, PR_FALSE, PR_FALSE, PR_FALSE);
- }
- }
- }
- nprintf(&ps, "\n");
- }
- ps.indent = 0;
- nprintf(&ps, "\n* - required flag for command\n\n");
- /* prints app-specific footer */
- usage(&ps, 0, PR_FALSE, PR_FALSE, PR_TRUE);
- /*nprintf(&ps, "\n\n");*/
- exit(1);
-}
-
-void
-CMD_Usage(char *progName, cmdCommand *cmd)
-{
- int i, j, inc;
- PRBool first;
- cmdPrintState ps;
- init_print_ps(&ps, PR_STDERR, 80, 0);
- nprintf(&ps, "%s", progName);
- ps.indent = strlen(progName) + 1;
- print_ps_to_indent(&ps);
- for (i=0; i<cmd->ncmd; i++) {
- if (cmd->cmd[i].c != 0) {
- nprintf(&ps, "-%c", cmd->cmd[i].c);
- inc = 4;
- } else {
- nprintf(&ps, "--%s", cmd->cmd[i].s);
- inc = 4 + strlen(cmd->cmd[i].s);
- }
- first = PR_TRUE;
- ps.indent += inc;
- print_ps_to_indent(&ps);
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].req & CMDBIT(j)) {
- if (cmd->opt[j].c != 0 && cmd->opt[j].argUse == CMDNoArg) {
- if (first) {
- nprintf(&ps, "-");
- first = !first;
- }
- nprintf(&ps, "%c", cmd->opt[j].c);
- }
- }
- }
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].req & CMDBIT(j)) {
- if (cmd->opt[j].c != 0)
- nprintf(&ps, "-%c ", cmd->opt[j].c);
- else
- nprintf(&ps, "--%s ", cmd->opt[j].s);
- if (cmd->opt[j].argUse != CMDNoArg)
- nprintf(&ps, "%s ", cmd->opt[j].s);
- }
- }
- first = PR_TRUE;
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].opt & CMDBIT(j)) {
- if (cmd->opt[j].c != 0 && cmd->opt[j].argUse == CMDNoArg) {
- if (first) {
- nprintf(&ps, "[-");
- first = !first;
- }
- nprintf(&ps, "%c", cmd->opt[j].c);
- }
- }
- }
- if (!first) nprintf(&ps, "] ");
- for (j=0; j<cmd->nopt; j++) {
- if (cmd->cmd[i].opt & CMDBIT(j) &&
- cmd->opt[j].argUse != CMDNoArg) {
- if (cmd->opt[j].c != 0)
- nprintf(&ps, "[-%c %s] ", cmd->opt[j].c, cmd->opt[j].s);
- else
- nprintf(&ps, "[--%s %s] ", cmd->opt[j].s, cmd->opt[j].s);
- }
- }
- ps.indent -= inc;
- print_ps_indent(&ps);
- }
- ps.indent = 0;
- nprintf(&ps, "\n");
- exit(1);
-}
diff --git a/security/nss/cmd/cmdlib/cmdutil.h b/security/nss/cmd/cmdlib/cmdutil.h
deleted file mode 100644
index 69d3f2657..000000000
--- a/security/nss/cmd/cmdlib/cmdutil.h
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMDUTIL_H_
-#define _CMDUTIL_H_
-
-#include <stdio.h>
-#include "nspr.h"
-#include "nssbase.h"
-
-typedef int
-(* CMD_PPFunc)(PRFileDesc *out, NSSItem *item, char *msg, int level);
-
-
-/*
- * Command Line Parsing routines
- *
- * The attempt here is to provide common functionality for command line
- * parsing across an array of tools. The tools should obey the historical
- * rules of:
- *
- * (1) one command per line,
- * (2) the command should be uppercase,
- * (3) options should be lowercase,
- * (4) a short usage statement is presented in case of error,
- * (5) a long usage statement is given by -? or --help
- */
-
-/* To aid in formatting usage output. XXX Uh, why exposed? */
-typedef struct cmdPrintStateStr cmdPrintState;
-
-typedef enum {
- CMDArgReq = 0,
- CMDArgOpt,
- CMDNoArg
-} CMDArg;
-
-struct cmdCommandLineArgStr {
- char c; /* one-character alias for flag */
- char *s; /* string alias for flag */
- CMDArg argUse; /* flag takes an argument */
- char *arg; /* argument given for flag */
- PRBool on; /* flag was issued at command-line */
- int req; /* required arguments for commands */
- int opt; /* optional arguments for commands */
-};
-
-struct cmdCommandLineOptStr {
- char c; /* one-character alias for flag */
- char *s; /* string alias for flag */
- CMDArg argUse; /* flag takes an argument */
- char *arg; /* argument given for flag */
- PRBool on; /* flag was issued at command-line */
-};
-
-typedef struct cmdCommandLineArgStr cmdCommandLineArg;
-typedef struct cmdCommandLineOptStr cmdCommandLineOpt;
-
-struct cmdCommandStr {
- int ncmd;
- int nopt;
- cmdCommandLineArg *cmd;
- cmdCommandLineOpt *opt;
-};
-
-typedef struct cmdCommandStr cmdCommand;
-
-int
-CMD_ParseCommandLine(int argc, char **argv, char *progName, cmdCommand *cmd);
-
-typedef void
-(* cmdUsageCallback)(cmdPrintState *, int, PRBool, PRBool, PRBool);
-
-#define CMDBIT(n) (1<<n)
-
-void
-CMD_Usage(char *progName, cmdCommand *cmd);
-
-void
-CMD_LongUsage(char *progName, cmdCommand *cmd, cmdUsageCallback use);
-
-void
-CMD_PrintUsageString(cmdPrintState *ps, char *str);
-
-#endif /* _CMDUTIL_H_ */
diff --git a/security/nss/cmd/cmdlib/config.mk b/security/nss/cmd/cmdlib/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/cmd/cmdlib/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/cmd/cmdlib/manifest.mn b/security/nss/cmd/cmdlib/manifest.mn
deleted file mode 100644
index c9811a142..000000000
--- a/security/nss/cmd/cmdlib/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-LIBRARY_NAME = cmdutil
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = seccmd
-
-DEFINES = -DNSPR20
-
-EXPORTS = cmdutil.h \
- $(NULL)
-
-CSRCS = cmdline.c \
- $(NULL)
-
-REQUIRES = security nspr dbm
-
diff --git a/security/nss/cmd/crlutil/Makefile b/security/nss/cmd/crlutil/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/crlutil/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/crlutil/crlutil.c b/security/nss/cmd/crlutil/crlutil.c
deleted file mode 100644
index e0e2dbdad..000000000
--- a/security/nss/cmd/crlutil/crlutil.c
+++ /dev/null
@@ -1,359 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** certutil.c
-**
-** utility for managing certificates and the cert database
-**
-*/
-/* test only */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "secutil.h"
-#include "cert.h"
-#include "certdb.h"
-#include "nss.h"
-
-#define SEC_CERT_DB_EXISTS 0
-#define SEC_CREATE_CERT_DB 1
-
-static char *progName;
-
-static CERTSignedCrl *FindCRL
- (CERTCertDBHandle *certHandle, char *name, int type)
-{
- CERTSignedCrl *crl = NULL;
- CERTCertificate *cert = NULL;
-
-
- cert = CERT_FindCertByNickname(certHandle, name);
- if (!cert) {
- SECU_PrintError(progName, "could not find certificate named %s", name);
- return ((CERTSignedCrl *)NULL);
- }
-
- crl = SEC_FindCrlByName(certHandle, &cert->derSubject, type);
- if (crl ==NULL)
- SECU_PrintError
- (progName, "could not find %s's CRL", name);
- CERT_DestroyCertificate (cert);
- return (crl);
-}
-
-static void DisplayCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType)
-{
- CERTCertificate *cert = NULL;
- CERTSignedCrl *crl = NULL;
-
- crl = FindCRL (certHandle, nickName, crlType);
-
- if (crl) {
- SECU_PrintCRLInfo (stdout, &crl->crl, "CRL Info:\n", 0);
- SEC_DestroyCrl (crl);
- }
-}
-
-static void ListCRLNames (CERTCertDBHandle *certHandle, int crlType)
-{
- CERTCrlHeadNode *crlList = NULL;
- CERTCrlNode *crlNode = NULL;
- CERTName *name = NULL;
- PRArenaPool *arena = NULL;
- SECStatus rv;
- void *mark;
-
- do {
- arena = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL) {
- fprintf(stderr, "%s: fail to allocate memory\n", progName);
- break;
- }
-
- name = PORT_ArenaZAlloc (arena, sizeof(*name));
- if (name == NULL) {
- fprintf(stderr, "%s: fail to allocate memory\n", progName);
- break;
- }
- name->arena = arena;
-
- rv = SEC_LookupCrls (certHandle, &crlList, crlType);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: fail to look up CRLs (%s)\n", progName,
- SECU_Strerror(PORT_GetError()));
- break;
- }
-
- /* just in case */
- if (!crlList)
- break;
-
- crlNode = crlList->first;
-
- fprintf (stdout, "\n");
- fprintf (stdout, "\n%-40s %-5s\n\n", "CRL names", "CRL Type");
- while (crlNode) {
- name = &crlNode->crl->crl.name;
- if (!name){
- fprintf(stderr, "%s: fail to get the CRL issuer name\n", progName,
- SECU_Strerror(PORT_GetError()));
- break;
- }
-
- fprintf (stdout, "\n%-40s %-5s\n", CERT_NameToAscii(name), "CRL");
- crlNode = crlNode->next;
- }
-
- } while (0);
- if (crlList)
- PORT_FreeArena (crlList->arena, PR_FALSE);
- PORT_FreeArena (arena, PR_FALSE);
-}
-
-static void ListCRL (CERTCertDBHandle *certHandle, char *nickName, int crlType)
-{
- if (nickName == NULL)
- ListCRLNames (certHandle, crlType);
- else
- DisplayCRL (certHandle, nickName, crlType);
-}
-
-
-
-static SECStatus DeleteCRL (CERTCertDBHandle *certHandle, char *name, int type)
-{
- CERTSignedCrl *crl = NULL;
- SECStatus rv = SECFailure;
-
- crl = FindCRL (certHandle, name, type);
- if (!crl) {
- SECU_PrintError
- (progName, "could not find the issuer %s's CRL", name);
- return SECFailure;
- }
- rv = SEC_DeletePermCRL (crl);
- if (rv != SECSuccess) {
- SECU_PrintError
- (progName, "fail to delete the issuer %s's CRL from the perm dbase (reason: %s)",
- name, SECU_Strerror(PORT_GetError()));
- return SECFailure;
- }
- return (rv);
-}
-
-SECStatus ImportCRL (CERTCertDBHandle *certHandle, char *url, int type,
- PRFileDesc *inFile)
-{
- CERTCertificate *cert = NULL;
- CERTSignedCrl *crl = NULL;
- SECItem crlDER;
- int rv;
-
- crlDER.data = NULL;
-
-
- /* Read in the entire file specified with the -f argument */
- rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "unable to read input file");
- return (SECFailure);
- }
-
- crl = CERT_ImportCRL (certHandle, &crlDER, url, type, NULL);
- if (!crl) {
- const char *errString;
-
- errString = SECU_Strerror(PORT_GetError());
- if (PORT_Strlen (errString) == 0)
- SECU_PrintError
- (progName, "CRL is not import (error: input CRL is not up to date.)");
- else
- SECU_PrintError
- (progName, "unable to import CRL");
- }
- PORT_Free (crlDER.data);
- SEC_DestroyCrl (crl);
- return (rv);
-}
-
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -L [-n nickname[ [-d keydir] [-t crlType]\n"
- " %s -D -n nickname [-d keydir]\n"
- " %s -I -i crl -t crlType [-u url] [-d keydir]\n",
- progName, progName, progName);
-
- fprintf (stderr, "%-15s List CRL\n", "-L");
- fprintf(stderr, "%-20s Specify the nickname of the CA certificate\n",
- "-n nickname");
- fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
- "-d keydir");
-
- fprintf (stderr, "%-15s Delete a CRL from the cert dbase\n", "-D");
- fprintf(stderr, "%-20s Specify the nickname for the CA certificate\n",
- "-n nickname");
- fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType");
-
- fprintf (stderr, "%-15s Import a CRL to the cert dbase\n", "-I");
- fprintf(stderr, "%-20s Specify the file which contains the CRL to import\n",
- "-i crl");
- fprintf(stderr, "%-20s Specify the url.\n", "-u url");
- fprintf(stderr, "%-20s Specify the crl type.\n", "-t crlType");
-
- fprintf(stderr, "%-20s CRL Types (default is SEC_CRL_TYPE):\n", " ");
- fprintf(stderr, "%-20s \t 0 - SEC_KRL_TYPE\n", " ");
- fprintf(stderr, "%-20s \t 1 - SEC_CRL_TYPE\n", " ");
-
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- SECItem privKeyDER;
- CERTCertDBHandle *certHandle;
- FILE *certFile;
- PRFileDesc *inFile;
- int listCRL;
- int importCRL;
- int opt;
- int deleteCRL;
- int rv;
- char *nickName;
- char *url;
- int crlType;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus secstatus;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = 0;
- deleteCRL = importCRL = listCRL = 0;
- certFile = NULL;
- inFile = NULL;
- nickName = url = NULL;
- privKeyDER.data = NULL;
- certHandle = NULL;
- crlType = SEC_CRL_TYPE;
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "IALd:i:Dn:Ct:u:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'C':
- listCRL = 1;
- break;
-
- case 'D':
- deleteCRL = 1;
- break;
-
- case 'I':
- importCRL = 1;
- break;
-
- case 'L':
- listCRL = 1;
- break;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'n':
- nickName = strdup(optstate->value);
- break;
-
- case 'u':
- url = strdup(optstate->value);
- break;
-
- case 't': {
- char *type;
-
- type = strdup(optstate->value);
- crlType = atoi (type);
- if (crlType != SEC_CRL_TYPE && crlType != SEC_KRL_TYPE) {
- fprintf(stderr, "%s: invalid crl type\n", progName);
- return -1;
- }
- break;
- }
- }
- }
-
- if (deleteCRL && !nickName) Usage (progName);
- if (!(listCRL || deleteCRL || importCRL)) Usage (progName);
- if (importCRL && !inFile) Usage (progName);
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- secstatus = NSS_InitReadWrite(SECU_ConfigDirectory(NULL));
- if (secstatus != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- certHandle = CERT_GetDefaultCertDB();
- if (certHandle == NULL) {
- SECU_PrintError(progName, "unable to open the cert db");
- return (-1);
- }
-
- /* Read in the private key info */
- if (deleteCRL)
- DeleteCRL (certHandle, nickName, crlType);
- else if (listCRL)
- ListCRL (certHandle, nickName, crlType);
- else if (importCRL)
- rv = ImportCRL (certHandle, url, crlType, inFile);
-
- return (rv);
-}
diff --git a/security/nss/cmd/crlutil/makefile.win b/security/nss/cmd/crlutil/makefile.win
deleted file mode 100644
index 1f1b627ff..000000000
--- a/security/nss/cmd/crlutil/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = crlutil
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/crlutil/manifest.mn b/security/nss/cmd/crlutil/manifest.mn
deleted file mode 100644
index 72fafb24a..000000000
--- a/security/nss/cmd/crlutil/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = crlutil.c
-
-# this has to be different for NT and UNIX.
-# PROGRAM = ./$(OBJDIR)/crlutil.exe
-PROGRAM = crlutil
-
-#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/crmf-cgi/Makefile b/security/nss/cmd/crmf-cgi/Makefile
deleted file mode 100644
index cc2f035d6..000000000
--- a/security/nss/cmd/crmf-cgi/Makefile
+++ /dev/null
@@ -1,81 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-ifeq ($(OS_ARCH), WINNT)
-EXTRA_LIBS += $(DIST)/lib/crmf.lib
-else
-EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX)
-endif
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/crmf-cgi/config.mk b/security/nss/cmd/crmf-cgi/config.mk
deleted file mode 100644
index bcbaa2804..000000000
--- a/security/nss/cmd/crmf-cgi/config.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(PROGRAM)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-LIBRARY =
-
diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.c b/security/nss/cmd/crmf-cgi/crmfcgi.c
deleted file mode 100644
index c5fd2d451..000000000
--- a/security/nss/cmd/crmf-cgi/crmfcgi.c
+++ /dev/null
@@ -1,1123 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "seccomon.h"
-#include "nss.h"
-#include "key.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "secmod.h"
-#include "cmmf.h"
-#include "crmf.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "cryptohi.h"
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-#define DEFAULT_ALLOC_SIZE 200
-#define DEFAULT_CGI_VARS 20
-
-typedef struct CGIVariableStr {
- char *name;
- char *value;
-} CGIVariable;
-
-typedef struct CGIVarTableStr {
- CGIVariable **variables;
- int numVars;
- int numAlloc;
-} CGIVarTable;
-
-typedef struct CertResponseInfoStr {
- CERTCertificate *cert;
- long certReqID;
-} CertResponseInfo;
-
-typedef struct ChallengeCreationInfoStr {
- long random;
- SECKEYPublicKey *pubKey;
-} ChallengeCreationInfo;
-
-char *missingVar = NULL;
-
-/*
- * Error values.
- */
-typedef enum {
- NO_ERROR = 0,
- NSS_INIT_FAILED,
- AUTH_FAILED,
- REQ_CGI_VAR_NOT_PRESENT,
- CRMF_REQ_NOT_PRESENT,
- BAD_ASCII_FOR_REQ,
- CGI_VAR_MISSING,
- COULD_NOT_FIND_CA,
- COULD_NOT_DECODE_REQS,
- OUT_OF_MEMORY,
- ERROR_RETRIEVING_REQUEST_MSG,
- ERROR_RETRIEVING_CERT_REQUEST,
- ERROR_RETRIEVING_SUBJECT_FROM_REQ,
- ERROR_RETRIEVING_PUBLIC_KEY_FROM_REQ,
- ERROR_CREATING_NEW_CERTIFICATE,
- COULD_NOT_START_EXTENSIONS,
- ERROR_RETRIEVING_EXT_FROM_REQ,
- ERROR_ADDING_EXT_TO_CERT,
- ERROR_ENDING_EXTENSIONS,
- COULD_NOT_FIND_ISSUER_PRIVATE_KEY,
- UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER,
- ERROR_SETTING_SIGN_ALG,
- ERROR_ENCODING_NEW_CERT,
- ERROR_SIGNING_NEW_CERT,
- ERROR_CREATING_CERT_REP_CONTENT,
- ERROR_CREATING_SINGLE_CERT_RESPONSE,
- ERROR_SETTING_CERT_RESPONSES,
- ERROR_CREATING_CA_LIST,
- ERROR_ADDING_ISSUER_TO_CA_LIST,
- ERROR_ENCODING_CERT_REP_CONTENT,
- NO_POP_FOR_REQUEST,
- UNSUPPORTED_POP,
- ERROR_RETRIEVING_POP_SIGN_KEY,
- ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY,
- ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY,
- DO_CHALLENGE_RESPONSE,
- ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT,
- ERROR_ENCODING_CERT_REQ_FOR_POP,
- ERROR_VERIFYING_SIGNATURE_POP,
- ERROR_RETRIEVING_PUB_KEY_FOR_CHALL,
- ERROR_CREATING_EMPTY_CHAL_CONTENT,
- ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER,
- ERROR_SETTING_CHALLENGE,
- ERROR_ENCODING_CHALL,
- ERROR_CONVERTING_CHALL_TO_BASE64,
- ERROR_CONVERTING_RESP_FROM_CHALL_TO_BIN,
- ERROR_CREATING_KEY_RESP_FROM_DER,
- ERROR_RETRIEVING_CLIENT_RESPONSE_TO_CHALLENGE,
- ERROR_RETURNED_CHALL_NOT_VALUE_EXPECTED,
- ERROR_GETTING_KEY_ENCIPHERMENT,
- ERROR_NO_POP_FOR_PRIVKEY,
- ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE
-} ErrorCode;
-
-const char *
-CGITableFindValue(CGIVarTable *varTable, const char *key);
-
-void
-spitOutHeaders(void)
-{
- printf("Content-type: text/html\n\n");
-}
-
-void
-dumpRequest(CGIVarTable *varTable)
-{
- int i;
- CGIVariable *var;
-
- printf ("<table border=1 cellpadding=1 cellspacing=1 width=\"100%%\">\n");
- printf ("<tr><td><b><center>Variable Name<center></b></td>"
- "<td><b><center>Value</center></b></td></tr>\n");
- for (i=0; i<varTable->numVars; i++) {
- var = varTable->variables[i];
- printf ("<tr><td><pre>%s</pre></td><td><pre>%s</pre></td></tr>\n",
- var->name, var->value);
- }
- printf("</table>\n");
-}
-
-void
-echo_request(CGIVarTable *varTable)
-{
- spitOutHeaders();
- printf("<html><head><title>CGI Echo Page</title></head>\n"
- "<body><h1>Got the following request</h1>\n");
- dumpRequest(varTable);
- printf("</body></html>");
-}
-
-void
-processVariable(CGIVariable *var)
-{
- char *plusSign, *percentSign;
-
- /*First look for all of the '+' and convert them to spaces */
- plusSign = var->value;
- while ((plusSign=strchr(plusSign, '+')) != NULL) {
- *plusSign = ' ';
- }
- percentSign = var->value;
- while ((percentSign=strchr(percentSign, '%')) != NULL) {
- char string[3];
- int value;
-
- string[0] = percentSign[1];
- string[1] = percentSign[2];
- string[2] = '\0';
-
- sscanf(string,"%x", &value);
- *percentSign = (char)value;
- memmove(&percentSign[1], &percentSign[3], 1+strlen(&percentSign[3]));
- }
-}
-
-char *
-parseNextVariable(CGIVarTable *varTable, char *form_output)
-{
- char *ampersand, *equal;
- CGIVariable *var;
-
- if (varTable->numVars == varTable->numAlloc) {
- CGIVariable **newArr = realloc(varTable->variables,
- (varTable->numAlloc + DEFAULT_CGI_VARS)*sizeof(CGIVariable*));
- if (newArr == NULL) {
- return NULL;
- }
- varTable->variables = newArr;
- varTable->numAlloc += DEFAULT_CGI_VARS;
- }
- equal = strchr(form_output, '=');
- if (equal == NULL) {
- return NULL;
- }
- ampersand = strchr(equal, '&');
- if (ampersand == NULL) {
- return NULL;
- }
- equal[0] = '\0';
- if (ampersand != NULL) {
- ampersand[0] = '\0';
- }
- var = malloc(sizeof(CGIVariable));
- var->name = form_output;
- var->value = &equal[1];
- varTable->variables[varTable->numVars] = var;
- varTable->numVars++;
- processVariable(var);
- return (ampersand != NULL) ? &ampersand[1] : NULL;
-}
-
-void
-ParseInputVariables(CGIVarTable *varTable, char *form_output)
-{
- varTable->variables = malloc(sizeof(CGIVariable*)*DEFAULT_CGI_VARS);
- varTable->numVars = 0;
- varTable->numAlloc = DEFAULT_CGI_VARS;
- while (form_output && form_output[0] != '\0') {
- form_output = parseNextVariable(varTable, form_output);
- }
-}
-
-const char *
-CGITableFindValue(CGIVarTable *varTable, const char *key)
-{
- const char *retVal = NULL;
- int i;
-
- for (i=0; i<varTable->numVars; i++) {
- if (strcmp(varTable->variables[i]->name, key) == 0) {
- retVal = varTable->variables[i]->value;
- break;
- }
- }
- return retVal;
-}
-
-char*
-passwordCallback(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- const char *passwd;
- if (retry) {
- return NULL;
- }
- passwd = CGITableFindValue((CGIVarTable*)arg, "dbPassword");
- if (passwd == NULL) {
- return NULL;
- }
- return PORT_Strdup(passwd);
-}
-
-ErrorCode
-initNSS(CGIVarTable *varTable)
-{
- const char *nssDir;
- PK11SlotInfo *keySlot;
- SECStatus rv;
-
- nssDir = CGITableFindValue(varTable,"NSSDirectory");
- if (nssDir == NULL) {
- missingVar = "NSSDirectory";
- return REQ_CGI_VAR_NOT_PRESENT;
- }
- rv = NSS_Init(nssDir);
- if (rv != SECSuccess) {
- return NSS_INIT_FAILED;
- }
- PK11_SetPasswordFunc(passwordCallback);
- keySlot = PK11_GetInternalKeySlot();
- rv = PK11_Authenticate(keySlot, PR_FALSE, varTable);
- if (rv != SECSuccess) {
- return AUTH_FAILED;
- }
- return NO_ERROR;
-}
-
-void
-dumpErrorMessage(ErrorCode errNum)
-{
- spitOutHeaders();
- printf("<html><head><title>Error</title></head><body><h1>Error processing "
- "data</h1> Received the error %d<p>", errNum);
- if (errNum == REQ_CGI_VAR_NOT_PRESENT) {
- printf ("The missing variable is %s.", missingVar);
- }
- printf ("<i>More useful information here in the future.</i></body></html>");
-}
-
-ErrorCode
-initOldCertReq(CERTCertificateRequest *oldCertReq,
- CERTName *subject, CERTSubjectPublicKeyInfo *spki)
-{
- PRArenaPool *poolp;
-
- poolp = oldCertReq->arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- SEC_ASN1EncodeInteger(poolp, &oldCertReq->version,
- SEC_CERTIFICATE_VERSION_3);
- CERT_CopyName(poolp, &oldCertReq->subject, subject);
- SECKEY_CopySubjectPublicKeyInfo(poolp, &oldCertReq->subjectPublicKeyInfo,
- spki);
- oldCertReq->attributes = NULL;
- return NO_ERROR;
-}
-
-ErrorCode
-addExtensions(CERTCertificate *newCert, CRMFCertRequest *certReq)
-{
- int numExtensions, i;
- void *extHandle;
- ErrorCode rv = NO_ERROR;
- CRMFCertExtension *ext;
- SECStatus srv;
-
- numExtensions = CRMF_CertRequestGetNumberOfExtensions(certReq);
- if (numExtensions == 0) {
- /* No extensions to add */
- return NO_ERROR;
- }
- extHandle = CERT_StartCertExtensions(newCert);
- if (extHandle == NULL) {
- rv = COULD_NOT_START_EXTENSIONS;
- goto loser;
- }
- for (i=0; i<numExtensions; i++) {
- ext = CRMF_CertRequestGetExtensionAtIndex(certReq, i);
- if (ext == NULL) {
- rv = ERROR_RETRIEVING_EXT_FROM_REQ;
- }
- srv = CERT_AddExtension(extHandle, CRMF_CertExtensionGetOidTag(ext),
- CRMF_CertExtensionGetValue(ext),
- CRMF_CertExtensionGetIsCritical(ext), PR_FALSE);
- if (srv != SECSuccess) {
- rv = ERROR_ADDING_EXT_TO_CERT;
- }
- }
- srv = CERT_FinishExtensions(extHandle);
- if (srv != SECSuccess) {
- rv = ERROR_ENDING_EXTENSIONS;
- goto loser;
- }
- return NO_ERROR;
- loser:
- return rv;
-}
-
-void
-writeOutItem(const char *filePath, SECItem *der)
-{
- PRFileDesc *outfile;
-
- outfile = PR_Open (filePath,
- PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- PR_Write(outfile, der->data, der->len);
- PR_Close(outfile);
-
-}
-
-ErrorCode
-createNewCert(CERTCertificate**issuedCert,CERTCertificateRequest *oldCertReq,
- CRMFCertReqMsg *currReq, CRMFCertRequest *certReq,
- CERTCertificate *issuerCert, CGIVarTable *varTable)
-{
- CERTCertificate *newCert = NULL;
- CERTValidity *validity;
- PRExplodedTime printableTime;
- PRTime now, after;
- ErrorCode rv=NO_ERROR;
- SECKEYPrivateKey *issuerPrivKey;
- SECItem derCert = { 0 };
- SECOidTag signTag;
- SECStatus srv;
- long version;
-
- now = PR_Now();
- PR_ExplodeTime(now, PR_GMTParameters, &printableTime);
- printableTime.tm_month += 9;
- after = PR_ImplodeTime(&printableTime);
- validity = CERT_CreateValidity(now, after);
- newCert = *issuedCert =
- CERT_CreateCertificate(rand(), &(issuerCert->subject), validity,
- oldCertReq);
- if (newCert == NULL) {
- rv = ERROR_CREATING_NEW_CERTIFICATE;
- goto loser;
- }
- rv = addExtensions(newCert, certReq);
- if (rv != NO_ERROR) {
- goto loser;
- }
- issuerPrivKey = PK11_FindKeyByAnyCert(issuerCert, varTable);
- if (issuerPrivKey == NULL) {
- rv = COULD_NOT_FIND_ISSUER_PRIVATE_KEY;
- }
- switch(issuerPrivKey->keyType) {
- case rsaKey:
- signTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- break;
- case dsaKey:
- signTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- rv = UNSUPPORTED_SIGN_OPERATION_FOR_ISSUER;
- goto loser;
- }
- srv = SECOID_SetAlgorithmID(newCert->arena, &newCert->signature,
- signTag, 0);
- if (srv != SECSuccess) {
- rv = ERROR_SETTING_SIGN_ALG;
- goto loser;
- }
- srv = CRMF_CertRequestGetCertTemplateVersion(certReq, &version);
- if (srv != SECSuccess) {
- /* No version included in the request */
- *(newCert->version.data) = SEC_CERTIFICATE_VERSION_3;
- } else {
- SECITEM_FreeItem(&newCert->version, PR_FALSE);
- SEC_ASN1EncodeInteger(newCert->arena, &newCert->version, version);
- }
- SEC_ASN1EncodeItem(newCert->arena, &derCert, newCert,
- CERT_CertificateTemplate);
- if (derCert.data == NULL) {
- rv = ERROR_ENCODING_NEW_CERT;
- goto loser;
- }
- srv = SEC_DerSignData(newCert->arena, &(newCert->derCert), derCert.data,
- derCert.len, issuerPrivKey, signTag);
- if (srv != SECSuccess) {
- rv = ERROR_SIGNING_NEW_CERT;
- goto loser;
- }
-#ifdef WRITE_OUT_RESPONSE
- writeOutItem("newcert.der", &newCert->derCert);
-#endif
- return NO_ERROR;
- loser:
- *issuedCert = NULL;
- if (newCert) {
- CERT_DestroyCertificate(newCert);
- }
- return rv;
-
-}
-
-void
-formatCMMFResponse(char *nickname, char *base64Response)
-{
- char *currLine, *nextLine;
-
- printf("var retVal = crypto.importUserCertificates(\"%s\",\n", nickname);
- currLine = base64Response;
- while (1) {
- nextLine = strchr(currLine, '\n');
- if (nextLine == NULL) {
- /* print out the last line here. */
- printf ("\"%s\",\n", currLine);
- break;
- }
- nextLine[0] = '\0';
- printf("\"%s\\n\"+\n", currLine);
- currLine = nextLine+1;
- }
- printf("true);\n"
- "if(retVal == '') {\n"
- "\tdocument.write(\"<h1>New Certificate Succesfully Imported.</h1>\");\n"
- "} else {\n"
- "\tdocument.write(\"<h2>Unable to import New Certificate</h2>\");\n"
- "\tdocument.write(\"crypto.importUserCertificates returned <b>\");\n"
- "\tdocument.write(retVal);\n"
- "\tdocument.write(\"</b>\");\n"
- "}\n");
-}
-
-void
-spitOutCMMFResponse(char *nickname, char *base64Response)
-{
- spitOutHeaders();
- printf("<html>\n<head>\n<title>CMMF Resonse Page</title>\n</head>\n\n"
- "<body><h1>CMMF Response Page</h1>\n"
- "<script language=\"JavaScript\">\n"
- "<!--\n");
- formatCMMFResponse(nickname, base64Response);
- printf("// -->\n"
- "</script>\n</body>\n</html>");
-}
-
-char*
-getNickname(CERTCertificate *cert)
-{
- char *nickname;
-
- if (cert->nickname != NULL) {
- return cert->nickname;
- }
- nickname = CERT_GetCommonName(&cert->subject);
- if (nickname != NULL) {
- return nickname;
- }
- return CERT_NameToAscii(&cert->subject);
-}
-
-ErrorCode
-createCMMFResponse(CertResponseInfo *issuedCerts, int numCerts,
- CERTCertificate *issuerCert, char **base64der)
-{
- CMMFCertRepContent *certRepContent=NULL;
- ErrorCode rv = NO_ERROR;
- CMMFCertResponse **responses, *currResponse;
- CERTCertList *caList;
- int i;
- SECStatus srv;
- PRArenaPool *poolp;
- SECItem *der;
-
- certRepContent = CMMF_CreateCertRepContent();
- if (certRepContent == NULL) {
- rv = ERROR_CREATING_CERT_REP_CONTENT;
- goto loser;
- }
- responses = PORT_NewArray(CMMFCertResponse*, numCerts);
- if (responses == NULL) {
- rv = OUT_OF_MEMORY;
- goto loser;
- }
- for (i=0; i<numCerts;i++) {
- responses[i] = currResponse =
- CMMF_CreateCertResponse(issuedCerts[i].certReqID);
- if (currResponse == NULL) {
- rv = ERROR_CREATING_SINGLE_CERT_RESPONSE;
- goto loser;
- }
- CMMF_CertResponseSetPKIStatusInfoStatus(currResponse, cmmfGranted);
- CMMF_CertResponseSetCertificate(currResponse, issuedCerts[i].cert);
- }
- srv = CMMF_CertRepContentSetCertResponses(certRepContent, responses,
- numCerts);
- if (srv != SECSuccess) {
- rv = ERROR_SETTING_CERT_RESPONSES;
- goto loser;
- }
- caList = CERT_NewCertList();
- if (caList == NULL) {
- rv = ERROR_CREATING_CA_LIST;
- goto loser;
- }
- srv = CERT_AddCertToListTail(caList, issuerCert);
- if (srv != SECSuccess) {
- rv = ERROR_ADDING_ISSUER_TO_CA_LIST;
- goto loser;
- }
- srv = CMMF_CertRepContentSetCAPubs(certRepContent, caList);
- CERT_DestroyCertList(caList);
- poolp = PORT_NewArena(1024);
- der = SEC_ASN1EncodeItem(poolp, NULL, certRepContent,
- CMMFCertRepContentTemplate);
- if (der == NULL) {
- rv = ERROR_ENCODING_CERT_REP_CONTENT;
- goto loser;
- }
-#ifdef WRITE_OUT_RESPONSE
- writeOutItem("CertRepContent.der", der);
-#endif
- *base64der = BTOA_DataToAscii(der->data, der->len);
- return NO_ERROR;
- loser:
- return rv;
-}
-
-ErrorCode
-issueCerts(CertResponseInfo *issuedCerts, int numCerts,
- CERTCertificate *issuerCert)
-{
- ErrorCode rv;
- char *base64Response;
-
- rv = createCMMFResponse(issuedCerts, numCerts, issuerCert, &base64Response);
- if (rv != NO_ERROR) {
- goto loser;
- }
- spitOutCMMFResponse(getNickname(issuedCerts[0].cert),base64Response);
- return NO_ERROR;
- loser:
- return rv;
-}
-
-ErrorCode
-verifySignature(CGIVarTable *varTable, CRMFCertReqMsg *currReq,
- CRMFCertRequest *certReq, CERTCertificate *newCert)
-{
- SECStatus srv;
- ErrorCode rv = NO_ERROR;
- CRMFPOPOSigningKey *signKey = NULL;
- SECAlgorithmID *algID = NULL;
- SECItem *signature = NULL;
- SECKEYPublicKey *pubKey = NULL;
- SECItem *reqDER = NULL;
-
- srv = CRMF_CertReqMsgGetPOPOSigningKey(currReq, &signKey);
- if (srv != SECSuccess || signKey == NULL) {
- rv = ERROR_RETRIEVING_POP_SIGN_KEY;
- goto loser;
- }
- algID = CRMF_POPOSigningKeyGetAlgID(signKey);
- if (algID == NULL) {
- rv = ERROR_RETRIEVING_ALG_ID_FROM_SIGN_KEY;
- goto loser;
- }
- signature = CRMF_POPOSigningKeyGetSignature(signKey);
- if (signature == NULL) {
- rv = ERROR_RETRIEVING_SIGNATURE_FROM_POP_SIGN_KEY;
- goto loser;
- }
- /* Make the length the number of bytes instead of bits */
- signature->len = (signature->len+7)/8;
- pubKey = CERT_ExtractPublicKey(newCert);
- if (pubKey == NULL) {
- rv = ERROR_RETRIEVING_PUB_KEY_FROM_NEW_CERT;
- goto loser;
- }
- reqDER = SEC_ASN1EncodeItem(NULL, NULL, certReq, CRMFCertRequestTemplate);
- if (reqDER == NULL) {
- rv = ERROR_ENCODING_CERT_REQ_FOR_POP;
- goto loser;
- }
- srv = VFY_VerifyData(reqDER->data, reqDER->len, pubKey, signature,
- SECOID_FindOIDTag(&algID->algorithm), varTable);
- if (srv != SECSuccess) {
- rv = ERROR_VERIFYING_SIGNATURE_POP;
- goto loser;
- }
- /* Fall thru in successfull case. */
- loser:
- if (pubKey != NULL) {
- SECKEY_DestroyPublicKey(pubKey);
- }
- if (reqDER != NULL) {
- SECITEM_FreeItem(reqDER, PR_TRUE);
- }
- if (signature != NULL) {
- SECITEM_FreeItem(signature, PR_TRUE);
- }
- if (algID != NULL) {
- SECOID_DestroyAlgorithmID(algID, PR_TRUE);
- }
- if (signKey != NULL) {
- CRMF_DestroyPOPOSigningKey(signKey);
- }
- return rv;
-}
-
-ErrorCode
-doChallengeResponse(CGIVarTable *varTable, CRMFCertReqMsg *currReq,
- CRMFCertRequest *certReq, CERTCertificate *newCert,
- ChallengeCreationInfo *challs, int *numChall)
-{
- CRMFPOPOPrivKey *privKey = NULL;
- CRMFPOPOPrivKeyChoice privKeyChoice;
- SECStatus srv;
- ErrorCode rv = NO_ERROR;
-
- srv = CRMF_CertReqMsgGetPOPKeyEncipherment(currReq, &privKey);
- if (srv != SECSuccess || privKey == NULL) {
- rv = ERROR_GETTING_KEY_ENCIPHERMENT;
- goto loser;
- }
- privKeyChoice = CRMF_POPOPrivKeyGetChoice(privKey);
- CRMF_DestroyPOPOPrivKey(privKey);
- switch (privKeyChoice) {
- case crmfSubsequentMessage:
- challs = &challs[*numChall];
- challs->random = rand();
- challs->pubKey = CERT_ExtractPublicKey(newCert);
- if (challs->pubKey == NULL) {
- rv = ERROR_RETRIEVING_PUB_KEY_FOR_CHALL;
- goto loser;
- }
- (*numChall)++;
- rv = DO_CHALLENGE_RESPONSE;
- break;
- case crmfThisMessage:
- /* There'd better be a PKIArchiveControl in this message */
- if (!CRMF_CertRequestIsControlPresent(certReq,
- crmfPKIArchiveOptionsControl)) {
- rv = ERROR_NO_POP_FOR_PRIVKEY;
- goto loser;
- }
- break;
- default:
- rv = ERROR_UNSUPPORTED_POPOPRIVKEY_TYPE;
- goto loser;
- }
-loser:
- return rv;
-}
-
-ErrorCode
-doProofOfPossession(CGIVarTable *varTable, CRMFCertReqMsg *currReq,
- CRMFCertRequest *certReq, CERTCertificate *newCert,
- ChallengeCreationInfo *challs, int *numChall)
-{
- CRMFPOPChoice popChoice;
- ErrorCode rv = NO_ERROR;
-
- popChoice = CRMF_CertReqMsgGetPOPType(currReq);
- if (popChoice == crmfNoPOPChoice) {
- rv = NO_POP_FOR_REQUEST;
- goto loser;
- }
- switch (popChoice) {
- case crmfSignature:
- rv = verifySignature(varTable, currReq, certReq, newCert);
- break;
- case crmfKeyEncipherment:
- rv = doChallengeResponse(varTable, currReq, certReq, newCert,
- challs, numChall);
- break;
- case crmfRAVerified:
- case crmfKeyAgreement:
- default:
- rv = UNSUPPORTED_POP;
- goto loser;
- }
- loser:
- return rv;
-}
-
-void
-convertB64ToJS(char *base64)
-{
- int i;
-
- for (i=0; base64[i] != '\0'; i++) {
- if (base64[i] == '\n') {
- printf ("\\n");
- }else {
- printf ("%c", base64[i]);
- }
- }
-}
-
-void
-formatChallenge(char *chall64, char *certRepContentDER,
- ChallengeCreationInfo *challInfo, int numChalls)
-{
- printf ("function respondToChallenge() {\n"
- " var chalForm = document.chalForm;\n\n"
- " chalForm.CertRepContent.value = '");
- convertB64ToJS(certRepContentDER);
- printf ("';\n"
- " chalForm.ChallResponse.value = crypto.popChallengeResponse('");
- convertB64ToJS(chall64);
- printf("');\n"
- " chalForm.submit();\n"
- "}\n");
-
-}
-
-void
-spitOutChallenge(char *chall64, char *certRepContentDER,
- ChallengeCreationInfo *challInfo, int numChalls,
- char *nickname)
-{
- int i;
-
- spitOutHeaders();
- printf("<html>\n"
- "<head>\n"
- "<title>Challenge Page</title>\n"
- "<script language=\"JavaScript\">\n"
- "<!--\n");
- /* The JavaScript function actually gets defined within
- * this function call
- */
- formatChallenge(chall64, certRepContentDER, challInfo, numChalls);
- printf("// -->\n"
- "</script>\n"
- "</head>\n"
- "<body onLoad='respondToChallenge()'>\n"
- "<h1>Cartman is now responding to the Challenge "
- "presented by the CGI</h1>\n"
- "<form action='crmfcgi' method='post' name='chalForm'>\n"
- "<input type='hidden' name=CertRepContent value=''>\n"
- "<input type='hidden' name=ChallResponse value=''>\n");
- for (i=0;i<numChalls; i++) {
- printf("<input type='hidden' name='chal%d' value='%d'>\n",
- i+1, challInfo[i].random);
- }
- printf("<input type='hidden' name='nickname' value='%s'>\n", nickname);
- printf("</form>\n</body>\n</html>");
-}
-
-ErrorCode
-issueChallenge(CertResponseInfo *issuedCerts, int numCerts,
- ChallengeCreationInfo *challInfo, int numChalls,
- CERTCertificate *issuer, CGIVarTable *varTable)
-{
- ErrorCode rv = NO_ERROR;
- CMMFPOPODecKeyChallContent *chalContent = NULL;
- int i;
- SECStatus srv;
- PRArenaPool *poolp;
- CERTGeneralName *genName;
- SECItem *challDER = NULL;
- char *chall64, *certRepContentDER;
-
- rv = createCMMFResponse(issuedCerts, numCerts, issuer,
- &certRepContentDER);
- if (rv != NO_ERROR) {
- goto loser;
- }
- chalContent = CMMF_CreatePOPODecKeyChallContent();
- if (chalContent == NULL) {
- rv = ERROR_CREATING_EMPTY_CHAL_CONTENT;
- goto loser;
- }
- poolp = PORT_NewArena(1024);
- if (poolp == NULL) {
- rv = OUT_OF_MEMORY;
- goto loser;
- }
- genName = CERT_GetCertificateNames(issuer, poolp);
- if (genName == NULL) {
- rv = ERROR_EXTRACTING_GEN_NAME_FROM_ISSUER;
- goto loser;
- }
- for (i=0;i<numChalls;i++) {
- srv = CMMF_POPODecKeyChallContentSetNextChallenge(chalContent,
- challInfo[i].random,
- genName,
- challInfo[i].pubKey,
- varTable);
- SECKEY_DestroyPublicKey(challInfo[i].pubKey);
- if (srv != SECSuccess) {
- rv = ERROR_SETTING_CHALLENGE;
- goto loser;
- }
- }
- challDER = SEC_ASN1EncodeItem(NULL, NULL, chalContent,
- CMMFPOPODecKeyChallContentTemplate);
- if (challDER == NULL) {
- rv = ERROR_ENCODING_CHALL;
- goto loser;
- }
- chall64 = BTOA_DataToAscii(challDER->data, challDER->len);
- SECITEM_FreeItem(challDER, PR_TRUE);
- if (chall64 == NULL) {
- rv = ERROR_CONVERTING_CHALL_TO_BASE64;
- goto loser;
- }
- spitOutChallenge(chall64, certRepContentDER, challInfo, numChalls,
- getNickname(issuedCerts[0].cert));
- loser:
- return rv;
-}
-
-
-ErrorCode
-processRequest(CGIVarTable *varTable)
-{
- CERTCertDBHandle *certdb;
- SECKEYKeyDBHandle *keydb;
- CRMFCertReqMessages *certReqs = NULL;
- const char *crmfReq;
- const char *caNickname;
- CERTCertificate *caCert = NULL;
- CertResponseInfo *issuedCerts = NULL;
- CERTSubjectPublicKeyInfo spki = { 0 };
- ErrorCode rv=NO_ERROR;
- PRBool doChallengeResponse = PR_FALSE;
- SECItem der = { 0 };
- SECStatus srv;
- CERTCertificateRequest oldCertReq = { 0 };
- CRMFCertReqMsg **reqMsgs = NULL,*currReq = NULL;
- CRMFCertRequest **reqs = NULL, *certReq = NULL;
- CERTName subject = { 0 };
- int numReqs,i;
- ChallengeCreationInfo *challInfo=NULL;
- int numChalls = 0;
-
- certdb = CERT_GetDefaultCertDB();
- keydb = SECKEY_GetDefaultKeyDB();
- crmfReq = CGITableFindValue(varTable, "CRMFRequest");
- if (crmfReq == NULL) {
- rv = CGI_VAR_MISSING;
- missingVar = "CRMFRequest";
- goto loser;
- }
- caNickname = CGITableFindValue(varTable, "CANickname");
- if (caNickname == NULL) {
- rv = CGI_VAR_MISSING;
- missingVar = "CANickname";
- goto loser;
- }
- caCert = CERT_FindCertByNickname(certdb, caNickname);
- if (caCert == NULL) {
- rv = COULD_NOT_FIND_CA;
- goto loser;
- }
- srv = ATOB_ConvertAsciiToItem(&der, crmfReq);
- if (srv != SECSuccess) {
- rv = BAD_ASCII_FOR_REQ;
- goto loser;
- }
- certReqs = CRMF_CreateCertReqMessagesFromDER(der.data, der.len);
- SECITEM_FreeItem(&der, PR_FALSE);
- if (certReqs == NULL) {
- rv = COULD_NOT_DECODE_REQS;
- goto loser;
- }
- numReqs = CRMF_CertReqMessagesGetNumMessages(certReqs);
- issuedCerts = PORT_ZNewArray(CertResponseInfo, numReqs);
- challInfo = PORT_ZNewArray(ChallengeCreationInfo, numReqs);
- if (issuedCerts == NULL || challInfo == NULL) {
- rv = OUT_OF_MEMORY;
- goto loser;
- }
- reqMsgs = PORT_ZNewArray(CRMFCertReqMsg*, numReqs);
- reqs = PORT_ZNewArray(CRMFCertRequest*, numReqs);
- if (reqMsgs == NULL || reqs == NULL) {
- rv = OUT_OF_MEMORY;
- goto loser;
- }
- for (i=0; i<numReqs; i++) {
- currReq = reqMsgs[i] =
- CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqs, i);
- if (currReq == NULL) {
- rv = ERROR_RETRIEVING_REQUEST_MSG;
- goto loser;
- }
- certReq = reqs[i] = CRMF_CertReqMsgGetCertRequest(currReq);
- if (certReq == NULL) {
- rv = ERROR_RETRIEVING_CERT_REQUEST;
- goto loser;
- }
- srv = CRMF_CertRequestGetCertTemplateSubject(certReq, &subject);
- if (srv != SECSuccess) {
- rv = ERROR_RETRIEVING_SUBJECT_FROM_REQ;
- goto loser;
- }
- srv = CRMF_CertRequestGetCertTemplatePublicKey(certReq, &spki);
- if (srv != SECSuccess) {
- rv = ERROR_RETRIEVING_PUBLIC_KEY_FROM_REQ;
- goto loser;
- }
- rv = initOldCertReq(&oldCertReq, &subject, &spki);
- if (rv != NO_ERROR) {
- goto loser;
- }
- rv = createNewCert(&issuedCerts[i].cert, &oldCertReq, currReq, certReq,
- caCert, varTable);
- if (rv != NO_ERROR) {
- goto loser;
- }
- rv = doProofOfPossession(varTable, currReq, certReq, issuedCerts[i].cert,
- challInfo, &numChalls);
- if (rv != NO_ERROR) {
- if (rv == DO_CHALLENGE_RESPONSE) {
- doChallengeResponse = PR_TRUE;
- } else {
- goto loser;
- }
- }
- CRMF_CertReqMsgGetID(currReq, &issuedCerts[i].certReqID);
- CRMF_DestroyCertReqMsg(currReq);
- CRMF_DestroyCertRequest(certReq);
- }
- if (doChallengeResponse) {
- rv = issueChallenge(issuedCerts, numReqs, challInfo, numChalls, caCert,
- varTable);
- } else {
- rv = issueCerts(issuedCerts, numReqs, caCert);
- }
- loser:
- if (certReqs != NULL) {
- CRMF_DestroyCertReqMessages(certReqs);
- }
- return rv;
-}
-
-ErrorCode
-processChallengeResponse(CGIVarTable *varTable, const char *certRepContent)
-{
- SECItem binDER = { 0 };
- SECStatus srv;
- ErrorCode rv = NO_ERROR;
- const char *clientResponse;
- const char *formChalValue;
- const char *nickname;
- CMMFPOPODecKeyRespContent *respContent = NULL;
- int numResponses,i;
- long curResponse, expectedResponse;
- char cgiChalVar[10];
-#ifdef WRITE_OUT_RESPONSE
- SECItem certRepBinDER = { 0 };
-
- ATOB_ConvertAsciiToItem(&certRepBinDER, certRepContent);
- writeOutItem("challCertRepContent.der", &certRepBinDER);
- PORT_Free(certRepBinDER.data);
-#endif
- clientResponse = CGITableFindValue(varTable, "ChallResponse");
- if (clientResponse == NULL) {
- rv = REQ_CGI_VAR_NOT_PRESENT;
- missingVar = "ChallResponse";
- goto loser;
- }
- srv = ATOB_ConvertAsciiToItem(&binDER, clientResponse);
- if (srv != SECSuccess) {
- rv = ERROR_CONVERTING_RESP_FROM_CHALL_TO_BIN;
- goto loser;
- }
- respContent = CMMF_CreatePOPODecKeyRespContentFromDER(binDER.data,
- binDER.len);
- SECITEM_FreeItem(&binDER, PR_FALSE);
- binDER.data = NULL;
- if (respContent == NULL) {
- rv = ERROR_CREATING_KEY_RESP_FROM_DER;
- goto loser;
- }
- numResponses = CMMF_POPODecKeyRespContentGetNumResponses(respContent);
- for (i=0;i<numResponses;i++){
- srv = CMMF_POPODecKeyRespContentGetResponse(respContent,i,&curResponse);
- if (srv != SECSuccess) {
- rv = ERROR_RETRIEVING_CLIENT_RESPONSE_TO_CHALLENGE;
- goto loser;
- }
- sprintf(cgiChalVar, "chal%d", i+1);
- formChalValue = CGITableFindValue(varTable, cgiChalVar);
- if (formChalValue == NULL) {
- rv = REQ_CGI_VAR_NOT_PRESENT;
- missingVar = strdup(cgiChalVar);
- goto loser;
- }
- sscanf(formChalValue, "%ld", &expectedResponse);
- if (expectedResponse != curResponse) {
- rv = ERROR_RETURNED_CHALL_NOT_VALUE_EXPECTED;
- goto loser;
- }
- }
- nickname = CGITableFindValue(varTable, "nickname");
- if (nickname == NULL) {
- rv = REQ_CGI_VAR_NOT_PRESENT;
- missingVar = "nickname";
- goto loser;
- }
- spitOutCMMFResponse(nickname, certRepContent);
- loser:
- if (respContent != NULL) {
- CMMF_DestroyPOPODecKeyRespContent(respContent);
- }
- return rv;
-}
-
-int
-main()
-{
- char *form_output = NULL;
- int form_output_len, form_output_used;
- CGIVarTable varTable = { 0 };
- ErrorCode errNum = 0;
- char *certRepContent;
-
-#ifdef ATTACH_CGI
- /* Put an ifinite loop in here so I can attach to
- * the process after the process is spun off
- */
- { int stupid = 1;
- while (stupid);
- }
-#endif
-
- form_output_used = 0;
- srand(time(NULL));
- while (feof(stdin) == 0) {
- if (form_output == NULL) {
- form_output = PORT_NewArray(char, DEFAULT_ALLOC_SIZE+1);
- form_output_len = DEFAULT_ALLOC_SIZE;
- } else if ((form_output_used + DEFAULT_ALLOC_SIZE) >= form_output_len) {
- form_output_len += DEFAULT_ALLOC_SIZE;
- form_output = PORT_Realloc(form_output, form_output_len+1);
- }
- form_output_used += fread(&form_output[form_output_used], sizeof(char),
- DEFAULT_ALLOC_SIZE, stdin);
- }
- ParseInputVariables(&varTable, form_output);
- certRepContent = CGITableFindValue(&varTable, "CertRepContent");
- if (certRepContent == NULL) {
- errNum = initNSS(&varTable);
- if (errNum != 0) {
- goto loser;
- }
- errNum = processRequest(&varTable);
- } else {
- errNum = processChallengeResponse(&varTable, certRepContent);
- }
- if (errNum != NO_ERROR) {
- goto loser;
- }
- goto done;
-loser:
- dumpErrorMessage(errNum);
-done:
- free (form_output);
- return 0;
-}
-
diff --git a/security/nss/cmd/crmf-cgi/crmfcgi.html b/security/nss/cmd/crmf-cgi/crmfcgi.html
deleted file mode 100644
index e91923ece..000000000
--- a/security/nss/cmd/crmf-cgi/crmfcgi.html
+++ /dev/null
@@ -1,165 +0,0 @@
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
-<html>
-<head>
-<title>CRMF Test Page for PSM</title>
-<script language=javascript>
-var request;
-//This variable must be set to the first value
-//in the select field "testType" in the form.
-var keyGenType="SigningOnlyRSA";
-
-var requestedDN = "CN=Javi CA Shack ID, O=NSS";
-
-function setTestType() {
- var testType = document.crmfForm.testType;
-
- keyGenType = testType.options[testType.selectedIndex].value;
-}
-
-function setRequest() {
- with (document.crmfForm) {
- CRMFRequest.value = request.request;
- submit();
- }
-}
-
-function generateSignAndEncryptRSARequest() {
- request = crypto.generateCRMFRequest(requestedDN,
- null, null, null, "setRequest()",
- crypto.algorithms.rsa.keyEx.keySizes[0],
- null, "rsa-dual-use");
-}
-
-function generateSigningOnlyRSARequest() {
- request = crypto.generateCRMFRequest(requestedDN,null,null,null,"setRequest()",
- crypto.algorithms.rsa.signing.keySizes[0],
- null, "rsa-sign");
-}
-
-function generateEncryptionOnlyRSARequest() {
- request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()",
- crypto.algorithms.rsa.keyEx.keySizes[0],
- null, "rsa-ex");
-}
-
-function generateDualRSAKeys() {
- request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()",
- crypto.algorithms.rsa.keyEx.keySizes[0],
- null, "rsa-ex",
- crypto.algorithms.rsa.signing.keySizes[0],
- null, "rsa-sign");
-}
-
-function generateDSAKey() {
- request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()",
- crypto.algorithms.dsa.keySizes[0],
- null, "dsa-sign-nonrepudiation");
-}
-
-function processForm(form) {
- with (form) {
- if (typeof(crypto.version) == "undefined") {
- alert('You must be running PSM in order to use this page.');
- return false;
- }
- if (NSSDirectory.value == "") {
- alert('You must provide a path for NSS to use.');
- return false;
- }
- if (dbPassword.value == "") {
- alert('You must provide a password for the certificate database.');
- return false;
- }
- if (CANickname.value == "") {
- alert('You must provide a CA Nickname to use.');
- return false;
- }
- //Now do the correct key generation.
- if (keyGenType == "SignAndEncryptRSA") {
- generateSignAndEncryptRSARequest();
- } else if (keyGenType == "SigningOnlyRSA") {
- generateSigningOnlyRSARequest();
- } else if (keyGenType == "EncryptionOnlyRSA") {
- generateEncryptionOnlyRSARequest();
- } else if (keyGenType == "DualRSAKeys") {
- generateDualRSAKeys();
- } else if (keyGenType == "DSAKeyGen") {
- generateDSAKey();
- }
- }
- return true;
-}
-</script>
-</head>
-<body>
-<h1><center>CRMF Test page for PSM</center></h1>
-This page is designed to be used in combination with the executable
-produced by ns/security/cmd/crmf-cgi in a CGI environment. In order
-to successfully use this page, modify its action to post to a a server
-where you have installed the crmfcgi executable and you'll be able to
-test the functionality.
-<hr>
-<form name="crmfForm" method=post action="http://www.cgi-site.com/cgi-bin/crmfcgi">
-<h2>Certificate Database information</h2>
-First, enter all the information for the CGI to use for initializing
-NSS. The CGI will use the directory entered below as the directory
-where to look for the certificate and key databases.
-<pre>
-Path for NSS Config: <input size=40 type="text" name="NSSDirectory">
-</pre>
-Enter the password for the certificate database found in the direcotry
-above.
-<pre>
-Database Password: <input type="password" name="dbPassword" size=40>
-</pre>
-Now enter the nickname of the certificate to use for signing the
-certificate issued during this test.
-<pre>
-CA Nickname: <input size=40 type="text" name="CANickname">
-</pre>
-<h2>Now, figure out which type of key generation you want to test:</h2>
-<select name="testType" onChange="setTestType()">`
-<option value="SigningOnlyRSA">Signing Only-RSA
-<option value="EncryptionOnlyRSA">Encryption Only-RSA
-<option value="SignAndEncryptRSA">Sign and Encrypt Single Key -RSA
-<option value="DualRSAKeys">Dual Keys-RSA
-<option value="DSAKeyGen">DSA Key Gen
-</select>
-<input type="hidden" name=CRMFRequest value="">
-<hr>
-<input type="button" value="OK" onclick="processForm(document.crmfForm)">
-</form>
-</body>
-</html>
diff --git a/security/nss/cmd/crmf-cgi/manifest.mn b/security/nss/cmd/crmf-cgi/manifest.mn
deleted file mode 100644
index ceaf5a635..000000000
--- a/security/nss/cmd/crmf-cgi/manifest.mn
+++ /dev/null
@@ -1,61 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-MODULE = sectools
-
-EXPORTS = \
- $(NULL)
-
-CSRCS = \
- crmfcgi.c \
- $(NULL)
-
-
-REQUIRES = security dbm seccmd
-
-ifdef ATTACH_CGI
-DEFINES += -DATTACH_CGI
-endif
-
-ifdef WRITE_OUT_RESPONSE
-DEFINES += -DWRITE_OUT_RESPONSE
-endif
-
-PROGRAM = crmfcgi
-
-USE_STATIC_LIBS = 1
-
-INCLUDES =
-
-DEFINES = -DNSPR20
diff --git a/security/nss/cmd/crmftest/Makefile b/security/nss/cmd/crmftest/Makefile
deleted file mode 100644
index 9eae3715a..000000000
--- a/security/nss/cmd/crmftest/Makefile
+++ /dev/null
@@ -1,99 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include config.mk
-
-ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.2)
-OS_LIBS += -lsvld
-endif
-
-ifeq ($(OS_ARCH)$(OS_RELEASE), SunOS5.6)
-OS_LIBS += -ldl -lxnet -lposix4 -lsocket -lnsl
-endif
-
-ifeq ($(OS_ARCH), WINNT)
-EXTRA_LIBS += $(DIST)/lib/crmf.lib
-else
-EXTRA_LIBS += $(DIST)/lib/libcrmf.$(LIB_SUFFIX)
-endif
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-LDDIST = $(DIST)/lib
-
-ifeq ($(OS_ARCH), WINNT)
-EXTRA_LIBS += $(LDDIST)/sectool.lib
-endif
-
-lame:
- echo $(CPU_ARCH)
-
-include ../platrules.mk
diff --git a/security/nss/cmd/crmftest/config.mk b/security/nss/cmd/crmftest/config.mk
deleted file mode 100644
index 7343609f8..000000000
--- a/security/nss/cmd/crmftest/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(PROGRAM)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-LIBRARY =
-
diff --git a/security/nss/cmd/crmftest/manifest.mn b/security/nss/cmd/crmftest/manifest.mn
deleted file mode 100644
index b27e4a3d8..000000000
--- a/security/nss/cmd/crmftest/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-DEPTH = .
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-EXPORTS = \
- $(NULL)
-
-CSRCS = \
- testcrmf.c \
- $(NULL)
-
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm
-
-PROGRAM = crmftest
-
diff --git a/security/nss/cmd/crmftest/testcrmf.c b/security/nss/cmd/crmftest/testcrmf.c
deleted file mode 100644
index db9add0bc..000000000
--- a/security/nss/cmd/crmftest/testcrmf.c
+++ /dev/null
@@ -1,1527 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "secrng.h"
-#include "secpkcs5.h"
-#include "pk11func.h"
-#include "pkcs11.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "key.h"
-#include "prio.h"
-#include "pqggen.h"
-#include "cmmf.h"
-#include "seccomon.h"
-#include "secmod.h"
-#include "prlock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "rsa.h"
-#include "secpkcs5.h"
-#include "secasn1.h"
-#include "sechash.h"
-#include "cert.h"
-#include "secerr.h"
-#include <stdio.h>
-#include "prprf.h"
-#if !defined(XP_UNIX) && !defined(LINUX)
-extern int getopt(int, char **, char*);
-extern char *optarg;
-#endif
-#define MAX_KEY_LEN 512
-
-int64 notBefore;
-char *personalCert = NULL;
-char *recoveryEncrypter = NULL;
-char *caCertName = NULL;
-
-CERTCertDBHandle *db;
-SECKEYKeyDBHandle *keydb;
-
-void
-debug_test(SECItem *src, char *filePath)
-{
- PRFileDesc *fileDesc;
-
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not cretae file %s.\n", filePath);
- return;
- }
- PR_Write(fileDesc, src->data, src->len);
-
-}
-
-SECStatus
-get_serial_number(long *dest)
-{
- RNGContext *rng;
- SECStatus rv;
-
- if (dest == NULL) {
- return SECFailure;
- }
- rng = RNG_CreateContext();
- if (rng == NULL) {
- *dest = 0;
- return SECFailure;
- }
- rv = RNG_GenerateRandomBytes(rng, (void*)dest, sizeof(long));
- RNG_DestroyContext(rng, PR_TRUE);
- return SECSuccess;
-}
-
-char *
-promptForPassword (PK11SlotInfo *slot, PRBool retry, void *cx)
-{
- char passWord[80];
- char *retPass = NULL;
-
- if (retry) {
- printf ("Incorrect password. Please re-enter the password.\n");
- }
- printf ("WARNING: Password will be echoed to the screen.\n");
- printf ("Please enter the password for slot \"%s\":",
- PK11_GetTokenName(slot));
- scanf ("%s", passWord);
- retPass = PORT_Strdup(passWord);
- return retPass;
-}
-
-PK11RSAGenParams *
-GetRSAParams(void)
-{
- PK11RSAGenParams *rsaParams;
-
- rsaParams = PORT_ZNew(PK11RSAGenParams);
-
- if (rsaParams == NULL)
- return NULL;
-
- rsaParams->keySizeInBits = MAX_KEY_LEN;
- rsaParams->pe = 0x1001;
-
- return rsaParams;
-
-}
-
-SECStatus
-SetSlotPassword(PK11SlotInfo *slot)
-{
- char userPin[80];
-
- printf ("Initialization of PIN's for your Database.\n");
- printf ("------------------------------------------\n");
- printf ("Please enter the PIN's for your Database.\n");
- printf ("Warning: ALL PIN'S WILL BE ECHOED TO SCREEN!!!\n");
- printf ("Now enter the PIN for the user: ");
- scanf ("%s", userPin);
- return PK11_InitPin (slot, NULL, userPin);
-}
-
-PQGParams*
-GetDSAParams(void)
-{
- PQGParams *params = NULL;
- PQGVerify *vfy = NULL;
-
- SECStatus rv;
-
- rv = PQG_ParamGen(0, &params, &vfy);
- if (rv != SECSuccess) {
- return NULL;
- }
- PQG_DestroyVerify(vfy);
- return params;
-}
-
-CERTSubjectPublicKeyInfo *
-GetSubjectPubKeyInfo(SECKEYPrivateKey **destPrivKey,
- SECKEYPublicKey **destPubKey) {
- CERTSubjectPublicKeyInfo *spki = NULL;
- SECKEYPrivateKey *privKey = NULL;
- SECKEYPublicKey *pubKey = NULL;
- PK11SlotInfo *keySlot = NULL;
- PK11RSAGenParams *rsaParams = NULL;
- PQGParams *dsaParams = NULL;
-
- keySlot = PK11_GetInternalKeySlot();
- PK11_Authenticate(keySlot, PR_FALSE, NULL);
- PK11_Authenticate(PK11_GetInternalSlot(), PR_FALSE, NULL);
- rsaParams = GetRSAParams();
- privKey = PK11_GenerateKeyPair(keySlot, CKM_RSA_PKCS_KEY_PAIR_GEN,
- (void*)rsaParams, &pubKey, PR_FALSE,
- PR_FALSE, NULL);
-/* dsaParams = GetDSAParams();
- if (dsaParams == NULL) {
- return NULL;
- }
- privKey = PK11_GenerateKeyPair(keySlot, CKM_DSA_KEY_PAIR_GEN,
- (void*)dsaParams, &pubKey, PR_FALSE,
- PR_FALSE, NULL);*/
- if (privKey == NULL || pubKey == NULL) {
- if (pubKey) {
- SECKEY_DestroyPublicKey(pubKey);
- }
- if (privKey) {
- SECKEY_DestroyPrivateKey(privKey);
- }
- return NULL;
- }
-
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubKey);
- *destPrivKey = privKey;
- *destPubKey = pubKey;
- return spki;
-}
-
-
-SECStatus
-InitPKCS11(void)
-{
- PK11SlotInfo *cryptoSlot, *keySlot;
-
- PK11_SetPasswordFunc(promptForPassword);
-
- cryptoSlot = PK11_GetInternalSlot();
- keySlot = PK11_GetInternalKeySlot();
-
- if (PK11_NeedUserInit(cryptoSlot) && PK11_NeedLogin(cryptoSlot)) {
- if (SetSlotPassword (cryptoSlot) != SECSuccess) {
- printf ("Initializing the PIN's failed.\n");
- return SECFailure;
- }
- }
-
- if (PK11_NeedUserInit(keySlot) && PK11_NeedLogin(keySlot)) {
- if (SetSlotPassword (keySlot) != SECSuccess) {
- printf ("Initializing the PIN's failed.\n");
- return SECFailure;
- }
- }
-
- PK11_FreeSlot(cryptoSlot);
- PK11_FreeSlot(keySlot);
- return SECSuccess;
-}
-
-
-void
-WriteItOut (void *arg, const char *buf, unsigned long len)
-{
- PRFileDesc *fileDesc = (PRFileDesc*)arg;
-
- PR_Write(fileDesc, (void*)buf, len);
-}
-
-SECItem
-GetRandomBitString(void)
-{
-#define NUM_BITS 800
-#define BITS_IN_BYTE 8
- SECItem bitString;
- int numBytes = NUM_BITS/BITS_IN_BYTE;
- unsigned char *bits = PORT_ZNewArray(unsigned char, numBytes);
- RNGContext *rng;
-
- rng = RNG_CreateContext();
- RNG_GenerateRandomBytes(rng, (void*)bits, numBytes);
- RNG_DestroyContext(rng, PR_TRUE);
- bitString.data = bits;
- bitString.len = NUM_BITS;
- bitString.type = siBuffer;
- return bitString;
-}
-
-CRMFCertExtCreationInfo*
-GetExtensions(void)
-{
- CRMFCertExtCreationInfo *extInfo;
- CRMFCertExtension *currExt;
- CRMFCertExtension *extension;
- SECItem data;
- PRBool prFalse = PR_FALSE;
- unsigned char keyUsage[4];
-
- data.len = 4;
- data.data = keyUsage;
- keyUsage[0] = 0x03;
- keyUsage[1] = 0x02;
- keyUsage[2] = 0x07;
- keyUsage[3] = KU_DIGITAL_SIGNATURE;
- extension = CRMF_CreateCertExtension(SEC_OID_X509_KEY_USAGE,prFalse,
- &data);
- extInfo = PORT_ZNew(CRMFCertExtCreationInfo);
- extInfo->numExtensions = 1;
- extInfo->extensions = PORT_ZNewArray(CRMFCertExtension*, 1);
- extInfo->extensions[0] = extension;
- return extInfo;
-}
-
-void
-FreeExtInfo(CRMFCertExtCreationInfo *extInfo)
-{
- int i;
-
- for (i=0; i<extInfo->numExtensions; i++) {
- CRMF_DestroyCertExtension(extInfo->extensions[i]);
- }
- PORT_Free(extInfo->extensions);
- PORT_Free(extInfo);
-}
-
-int
-CreateCertRequest (CRMFCertRequest **inCertReq, SECKEYPrivateKey **privKey,
- SECKEYPublicKey **pubKey)
-{
- long serialNumber;
- long version = 3;
- char *issuerStr = PORT_Strdup ("CN=Javi's CA Shack, O=Information Systems");
- char *subjectStr = PORT_Strdup ("CN=Javi's CA Shack ID, O=Engineering, "
- "C=US");
- CRMFCertRequest *certReq;
- SECAlgorithmID * algID;
- CERTName *issuer, *subject;
- CRMFValidityCreationInfo validity;
- CERTSubjectPublicKeyInfo *spki;
- SECStatus rv;
- SECOidTag tag, tag2;
- SECItem issuerUID, subjectUID;
- CRMFCertExtCreationInfo *extInfo;
- CRMFEncryptedKey *encKey;
- CERTCertificate *caCert;
- CRMFPKIArchiveOptions *pkiArchOpt;
-
- *inCertReq = NULL;
- certReq = CRMF_CreateCertRequest(0x0ff02345);
- if (certReq == NULL) {
- printf ("Could not initialize a certificate request.\n");
- return 1;
- }
- rv = CRMF_CertRequestSetTemplateField (certReq, crmfVersion, (void*)(&version));
- if (rv != SECSuccess) {
- printf("Could not add the version number to the "
- "Certificate Request.\n");
- CRMF_DestroyCertRequest(certReq);
- return 2;
- }
-
- if (get_serial_number(&serialNumber) != SECSuccess) {
- printf ("Could not generate a serial number for cert request.\n");
- CRMF_DestroyCertRequest(certReq);
- return 3;
- }
-
- rv = CRMF_CertRequestSetTemplateField (certReq, crmfSerialNumber,
- (void*)(&serialNumber));
- if (rv != SECSuccess) {
- printf ("Could not add serial number to certificate template\n.");
- CRMF_DestroyCertRequest(certReq);
- return 4;
- }
-
- issuer = CERT_AsciiToName(issuerStr);
- if (issuer == NULL) {
- printf ("Could not create CERTName structure from %s.\n", issuerStr);
- CRMF_DestroyCertRequest(certReq);
- return 5;
- }
- rv = CRMF_CertRequestSetTemplateField (certReq, crmfIssuer, (void*) issuer);
- PORT_Free(issuerStr);
- CERT_DestroyName(issuer);
- if (rv != SECSuccess) {
- printf ("Could not add issuer to cert template\n");
- CRMF_DestroyCertRequest(certReq);
- return 6;
- }
-
- subject = CERT_AsciiToName(subjectStr);
- if (subject == NULL) {
- printf ("Could not create CERTName structure from %s.\n", subjectStr);
- CRMF_DestroyCertRequest(certReq);
- return 7;
- }
- PORT_Free(subjectStr);
- rv = CRMF_CertRequestSetTemplateField (certReq, crmfSubject, (void*)subject);
- if (rv != SECSuccess) {
- printf ("Could not add subject to cert template\n");
- CRMF_DestroyCertRequest(certReq);
- return 8;
- }
- CERT_DestroyName(subject);
-
- algID =
- SEC_PKCS5CreateAlgorithmID (SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC,
- NULL, 1);
- if (algID == NULL) {
- printf ("Couldn't create algorithm ID\n");
- CRMF_DestroyCertRequest(certReq);
- return 9;
- }
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfSigningAlg, (void*)algID);
- SECOID_DestroyAlgorithmID(algID, PR_TRUE);
- if (rv != SECSuccess) {
- printf ("Could not add the signing algorithm to the cert template.\n");
- CRMF_DestroyCertRequest(certReq);
- return 10;
- }
-
- validity.notBefore = &notBefore;
- validity.notAfter = NULL;
- notBefore = PR_Now();
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfValidity,(void*)(&validity));
- if (rv != SECSuccess) {
- printf ("Could not add validity to cert template\n");
- CRMF_DestroyCertRequest(certReq);
- return 11;
- }
-
- spki = GetSubjectPubKeyInfo(privKey, pubKey);
- if (spki == NULL) {
- printf ("Could not create a Subject Public Key Info to add\n");
- CRMF_DestroyCertRequest(certReq);
- return 12;
- }
- rv = CRMF_CertRequestSetTemplateField(certReq, crmfPublicKey, (void*)spki);
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- if (rv != SECSuccess) {
- printf ("Could not add the public key to the template\n");
- CRMF_DestroyCertRequest(certReq);
- return 13;
- }
-
- caCert =
- CERT_FindCertByNickname(CERT_GetDefaultCertDB(),
- caCertName);
- if (caCert == NULL) {
- printf ("Could not find the certificate for %s\n", caCertName);
- CRMF_DestroyCertRequest(certReq);
- return 50;
- }
-
- issuerUID = GetRandomBitString();
- subjectUID = GetRandomBitString();
- CRMF_CertRequestSetTemplateField(certReq,crmfIssuerUID, (void*)&issuerUID);
- CRMF_CertRequestSetTemplateField(certReq,crmfSubjectUID, (void*)&subjectUID);
- PORT_Free(issuerUID.data);
- PORT_Free(subjectUID.data);
- extInfo = GetExtensions();
- CRMF_CertRequestSetTemplateField(certReq, crmfExtension, (void*)extInfo);
- FreeExtInfo(extInfo);
- encKey = CRMF_CreateEncryptedKeyWithEncryptedValue(*privKey, caCert);
- CERT_DestroyCertificate(caCert);
- if (encKey == NULL) {
- printf ("Could not create Encrypted Key with Encrypted Value.\n");
- return 14;
- }
- pkiArchOpt = CRMF_CreatePKIArchiveOptions(crmfEncryptedPrivateKey, encKey);
- CRMF_DestroyEncryptedKey(encKey);
- if (pkiArchOpt == NULL) {
- printf ("Could not create PKIArchiveOptions.\n");
- return 15;
- }
- rv = CRMF_CertRequestSetPKIArchiveOptions(certReq, pkiArchOpt);
- CRMF_DestroyPKIArchiveOptions(pkiArchOpt);
- if (rv != SECSuccess) {
- printf ("Could not add the PKIArchiveControl to Cert Request.\n");
- return 16;
- }
- *inCertReq = certReq;
- return 0;
-}
-
-int
-Encode (CRMFCertReqMsg *inCertReq,
- CRMFCertReqMsg *secondReq, char *configdir)
-{
-#define PATH_LEN 150
-#define CRMF_FILE "CertReqMessages.der"
- char filePath[PATH_LEN];
- PRFileDesc *fileDesc;
- SECStatus rv;
- int irv = 0;
- CRMFCertReqMsg *msgArr[3];
- CRMFCertReqMsg *newMsg;
-
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE);
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- irv = 14;
- goto finish;
- }
-/* rv = CRMF_EncodeCertReqMsg (inCertReq, WriteItOut, (void*)fileDesc);*/
- msgArr[0] = inCertReq;
- msgArr[1] = secondReq;
- msgArr[2] = NULL;
- rv = CRMF_EncodeCertReqMessages(msgArr, WriteItOut, (void*)fileDesc);
- if (rv != SECSuccess) {
- printf ("An error occurred while encoding.\n");
- irv = 15;
- goto finish;
- }
- finish:
- PR_Close(fileDesc);
- return irv;
-}
-
-int
-AddProofOfPossession(CRMFCertReqMsg *certReqMsg, SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey, CRMFPOPChoice inPOPChoice)
-{
-
- switch(inPOPChoice){
- case crmfSignature:
- CRMF_CertReqMsgSetSignaturePOP(certReqMsg, privKey, pubKey, NULL, NULL,
- NULL);
- break;
- case crmfRAVerified:
- CRMF_CertReqMsgSetRAVerifiedPOP(certReqMsg);
- break;
- case crmfKeyEncipherment:
- CRMF_CertReqMsgSetKeyEnciphermentPOP(certReqMsg,
- crmfSubsequentMessage,
- crmfChallengeResp, NULL);
- break;
- case crmfKeyAgreement:
- {
- SECItem pendejo;
- unsigned char lame[] = { 0xf0, 0x0f, 0xf0, 0x0f, 0xf0 };
-
- pendejo.data = lame;
- pendejo.len = 5;
-
- CRMF_CertReqMsgSetKeyAgreementPOP(certReqMsg, crmfThisMessage,
- crmfNoSubseqMess, &pendejo);
- }
- break;
- default:
- return 1;
- }
- return 0;
-}
-
-#define BUFF_SIZE 150
-
-int
-Decode(char *configdir)
-{
- char filePath[PATH_LEN];
- unsigned char buffer[BUFF_SIZE];
- char *asn1Buff;
- PRFileDesc *fileDesc;
- PRInt32 fileLen = 0;
- PRInt32 bytesRead;
- CRMFCertReqMsg *certReqMsg;
- CRMFCertRequest *certReq;
- CRMFGetValidity validity= {NULL, NULL};
- CRMFCertReqMessages *certReqMsgs;
- int numMsgs, i;
- long lame;
-
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, CRMF_FILE);
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- while (1) {
- bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE);
- if (bytesRead <= 0) break;
- fileLen += bytesRead;
- }
- if (bytesRead < 0) {
- printf ("Error while getting the length of the file %s\n", filePath);
- return 200;
- }
-
- PR_Close(fileDesc);
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- asn1Buff = PORT_ZNewArray(char, fileLen);
- bytesRead = PR_Read(fileDesc, asn1Buff, fileLen);
- if (bytesRead != fileLen) {
- printf ("Error while reading in the contents of %s\n", filePath);
- return 201;
- }
- /*certReqMsg = CRMF_CreateCertReqMsgFromDER(asn1Buff, fileLen);
- if (certReqMsg == NULL) {
- printf ("Error while decoding the CertReqMsg\n");
- return 202;
- }
- certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg);
-*/
- certReqMsgs = CRMF_CreateCertReqMessagesFromDER(asn1Buff, fileLen);
- if (certReqMsgs == NULL) {
- printf ("Error decoding CertReqMessages.\n");
- return 202;
- }
- numMsgs = CRMF_CertReqMessagesGetNumMessages(certReqMsgs);
- if (numMsgs <= 0) {
- printf ("WARNING: The DER contained %d messages.\n", numMsgs);
- }
- for (i=0; i < numMsgs; i++) {
- certReqMsg = CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqMsgs, i);
- if (certReqMsg == NULL) {
- printf ("ERROR: Could not access the message at index %d of %s\n",
- i, filePath);
- }
- CRMF_CertReqMsgGetID(certReqMsg, &lame);
- certReq = CRMF_CertReqMsgGetCertRequest(certReqMsg);
- CRMF_CertRequestGetCertTemplateValidity(certReq, &validity);
- CRMF_DestroyGetValidity(&validity);
- CRMF_DestroyCertRequest(certReq);
- CRMF_DestroyCertReqMsg(certReqMsg);
- }
- CRMF_DestroyCertReqMessages(certReqMsgs);
- PORT_Free(asn1Buff);
- return 0;
-}
-
-void
-GetBitsFromFile(char *filePath, SECItem *fileBits)
-{
- PRFileDesc *fileDesc;
- int bytesRead, fileLen=0;
- char buffer[BUFF_SIZE], *asn1Buf;
-
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- while (1) {
- bytesRead = PR_Read(fileDesc, buffer, BUFF_SIZE);
- if (bytesRead <= 0) break;
- fileLen += bytesRead;
- }
- if (bytesRead < 0) {
- printf ("Error while getting the length of file %s.\n", filePath);
- goto loser;
- }
- PR_Close(fileDesc);
-
- fileDesc = PR_Open(filePath, PR_RDONLY, 0644);
- asn1Buf = PORT_ZNewArray(char, fileLen);
- if (asn1Buf == NULL) {
- printf ("Out of memory in function GetBitsFromFile\n");
- goto loser;
- }
- bytesRead = PR_Read(fileDesc, asn1Buf, fileLen);
- if (bytesRead != fileLen) {
- printf ("Error while reading the contents of %s\n", filePath);
- goto loser;
- }
- fileBits->data = (unsigned char*)asn1Buf;
- fileBits->len = fileLen;
- return;
- loser:
- if (asn1Buf) {
- PORT_Free(asn1Buf);
- }
- fileBits->data = NULL;
- fileBits->len = 0;
-}
-
-int
-DecodeCMMFCertRepContent(char *derFile)
-{
- int fileLen=0;
- char *asn1Buf;
- SECItem fileBits;
- CMMFCertRepContent *certRepContent;
-
-
- GetBitsFromFile(derFile, &fileBits);
- if (fileBits.data == NULL) {
- printf("Could not get bits from file %s\n", derFile);
- return 304;
- }
- asn1Buf = (char*)fileBits.data;
- fileLen = fileBits.len;
- certRepContent = CMMF_CreateCertRepContentFromDER(db, asn1Buf, fileLen);
- if (certRepContent == NULL) {
- printf ("Error while decoding %s\n", derFile);
- return 303;
- }
- CMMF_DestroyCertRepContent(certRepContent);
- PORT_Free(asn1Buf);
- return 0;
-}
-
-int
-DoCMMFStuff(char *configdir)
-{
- CMMFCertResponse *certResp=NULL, *certResp2=NULL, *certResponses[3];
- CMMFCertRepContent *certRepContent=NULL;
- CERTCertificate *cert=NULL, *caCert=NULL;
- CERTCertList *list=NULL;
- PRFileDesc *fileDesc=NULL;
- char filePath[PATH_LEN];
- int rv = 0;
- long random;
- CMMFKeyRecRepContent *repContent=NULL;
- SECKEYPrivateKey *privKey = NULL;
- SECKEYPublicKey *caPubKey;
- SECStatus srv;
- SECItem fileBits;
-
- certResp = CMMF_CreateCertResponse(0xff123);
- CMMF_CertResponseSetPKIStatusInfoStatus(certResp, cmmfGranted);
- cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert);
- if (cert == NULL) {
- printf ("Could not find the certificate for %s\n", personalCert);
- rv = 416;
- goto finish;
- }
- CMMF_CertResponseSetCertificate(certResp, cert);
- certResp2 = CMMF_CreateCertResponse(0xff122);
- CMMF_CertResponseSetPKIStatusInfoStatus(certResp2, cmmfGranted);
- CMMF_CertResponseSetCertificate(certResp2, cert);
-
- certResponses[0] = certResp;
- certResponses[1] = NULL;
- certResponses[2] = NULL;
-
- certRepContent = CMMF_CreateCertRepContent();
- CMMF_CertRepContentSetCertResponses(certRepContent, certResponses, 1);
-
- list = CERT_GetCertChainFromCert(cert, PR_Now(), certUsageEmailSigner);
- CMMF_CertRepContentSetCAPubs(certRepContent, list);
-
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir, "CertRepContent.der");
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- rv = 400;
- goto finish;
- }
-
- srv = CMMF_EncodeCertRepContent(certRepContent, WriteItOut,
- (void*)fileDesc);
- PORT_Assert (srv == SECSuccess);
- PR_Close(fileDesc);
- rv = DecodeCMMFCertRepContent(filePath);
- if (rv != 0) {
- goto finish;
- }
- random = 0xa4e7;
- caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(),
- caCertName);
- if (caCert == NULL) {
- printf ("Could not get the certifcate for %s\n", caCertName);
- rv = 411;
- goto finish;
- }
- repContent = CMMF_CreateKeyRecRepContent();
- if (repContent == NULL) {
- printf ("Could not allocate a CMMFKeyRecRepContent structure\n");
- rv = 407;
- goto finish;
- }
- srv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(repContent,
- cmmfGrantedWithMods);
- if (srv != SECSuccess) {
- printf ("Error trying to set PKIStatusInfo for "
- "CMMFKeyRecRepContent.\n");
- rv = 406;
- goto finish;
- }
- srv = CMMF_KeyRecRepContentSetNewSignCert(repContent, cert);
- if (srv != SECSuccess) {
- printf ("Error trying to set the new signing certificate for "
- "key recovery\n");
- rv = 408;
- goto finish;
- }
- srv = CMMF_KeyRecRepContentSetCACerts(repContent, list);
- if (srv != SECSuccess) {
- printf ("Errory trying to add the list of CA certs to the "
- "CMMFKeyRecRepContent structure.\n");
- rv = 409;
- goto finish;
- }
- privKey = PK11_FindKeyByAnyCert(cert, NULL);
- if (privKey == NULL) {
- printf ("Could not get the private key associated with the\n"
- "certificate %s\n", personalCert);
- rv = 410;
- goto finish;
- }
- caPubKey = CERT_ExtractPublicKey(caCert);
- if (caPubKey == NULL) {
- printf ("Could not extract the public from the "
- "certificate for \n%s\n", caCertName);
- rv = 412;
- goto finish;
- }
- CERT_DestroyCertificate(caCert);
- caCert = NULL;
- srv = CMMF_KeyRecRepContentSetCertifiedKeyPair(repContent, cert, privKey,
- caPubKey);
- SECKEY_DestroyPrivateKey(privKey);
- SECKEY_DestroyPublicKey(caPubKey);
- if (srv != SECSuccess) {
- printf ("Could not set the Certified Key Pair\n");
- rv = 413;
- goto finish;
- }
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir,
- "KeyRecRepContent.der");
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- rv = 414;
- goto finish;
- }
-
- srv = CMMF_EncodeKeyRecRepContent(repContent, WriteItOut,
- (void*)fileDesc);
- PORT_Assert (srv == SECSuccess);
- PR_Close(fileDesc);
- CMMF_DestroyKeyRecRepContent(repContent);
- GetBitsFromFile(filePath, &fileBits);
- repContent =
- CMMF_CreateKeyRecRepContentFromDER(db, (const char *) fileBits.data,
- fileBits.len);
- if (repContent == NULL) {
- printf ("ERROR: CMMF_CreateKeyRecRepContentFromDER failed on file:\n"
- "\t%s\n", filePath);
- rv = 415;
- goto finish;
- }
- finish:
- if (repContent) {
- CMMF_DestroyKeyRecRepContent(repContent);
- }
- if (cert) {
- CERT_DestroyCertificate(cert);
- }
- if (list) {
- CERT_DestroyCertList(list);
- }
- if (certResp) {
- CMMF_DestroyCertResponse(certResp);
- }
- if (certResp2) {
- CMMF_DestroyCertResponse(certResp2);
- }
- if (certRepContent) {
- CMMF_DestroyCertRepContent(certRepContent);
- }
- return rv;
-}
-
-static CK_MECHANISM_TYPE
-mapWrapKeyType(KeyType keyType)
-{
- switch (keyType) {
- case rsaKey:
- return CKM_RSA_PKCS;
- default:
- break;
- }
- return CKM_INVALID_MECHANISM;
-}
-
-#define KNOWN_MESSAGE_LENGTH 20 /*160 bits*/
-
-int
-DoKeyRecovery(char *configdir, SECKEYPrivateKey *privKey)
-{
- SECKEYPublicKey *pubKey;
- PK11SlotInfo *slot;
- CK_OBJECT_HANDLE id;
- CK_MECHANISM mech = { CKM_INVALID_MECHANISM, NULL, 0};
- unsigned char *known_message = (unsigned char*)"Known Crypto Message";
- unsigned char plaintext[KNOWN_MESSAGE_LENGTH];
- char filePath[PATH_LEN];
- CK_RV crv;
- unsigned char *ciphertext;
- CK_ULONG max_bytes_encrypted, bytes_encrypted;
- unsigned char *text_compared;
- CK_ULONG bytes_compared, bytes_decrypted;
- SECKEYPrivateKey *unwrappedPrivKey, *caPrivKey;
- CMMFKeyRecRepContent *keyRecRep;
- SECStatus rv;
- CERTCertificate *caCert, *myCert;
- SECKEYPublicKey *caPubKey;
- PRFileDesc *fileDesc;
- SECItem fileBits, nickname;
- CMMFCertifiedKeyPair *certKeyPair;
-
- /*caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(),
- caCertName);*/
- myCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), personalCert);
- if (myCert == NULL) {
- printf ("Could not find the certificate for %s\n", personalCert);
- return 700;
- }
- caCert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(),
- recoveryEncrypter);
- if (caCert == NULL) {
- printf ("Could not find the certificate for %s\n", recoveryEncrypter);
- return 701;
- }
- caPubKey = CERT_ExtractPublicKey(caCert);
- pubKey = SECKEY_ConvertToPublicKey(privKey);
- max_bytes_encrypted = PK11_GetPrivateModulusLen(privKey);
- slot = PK11_GetBestSlot(mapWrapKeyType(privKey->keyType), NULL);
- id = PK11_ImportPublicKey(slot, pubKey, PR_FALSE);
- switch(privKey->keyType) {
- case rsaKey:
- mech.mechanism = CKM_RSA_PKCS;
- break;
- case dsaKey:
- mech.mechanism = CKM_DSA;
- break;
- case dhKey:
- mech.mechanism = CKM_DH_PKCS_DERIVE;
- break;
- default:
- printf ("Bad Key type in key recovery.\n");
- return 512;
-
- }
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_EncryptInit(slot->session, &mech, id);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- printf ("C_EncryptInit failed in KeyRecovery\n");
- return 500;
- }
- ciphertext = PORT_NewArray(unsigned char, max_bytes_encrypted);
- if (ciphertext == NULL) {
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- printf ("Could not allocate memory for ciphertext.\n");
- return 501;
- }
- bytes_encrypted = max_bytes_encrypted;
- crv = PK11_GETTAB(slot)->C_Encrypt(slot->session,
- known_message,
- KNOWN_MESSAGE_LENGTH,
- ciphertext,
- &bytes_encrypted);
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- if (crv != CKR_OK) {
- PORT_Free(ciphertext);
- return 502;
- }
- /* Always use the smaller of these two values . . . */
- bytes_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH )
- ? KNOWN_MESSAGE_LENGTH
- : bytes_encrypted;
-
- /* If there was a failure, the plaintext */
- /* goes at the end, therefore . . . */
- text_compared = ( bytes_encrypted > KNOWN_MESSAGE_LENGTH )
- ? (ciphertext + bytes_encrypted -
- KNOWN_MESSAGE_LENGTH )
- : ciphertext;
-
- keyRecRep = CMMF_CreateKeyRecRepContent();
- if (keyRecRep == NULL) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not allocate a CMMFKeyRecRepContent structre.\n");
- return 503;
- }
- rv = CMMF_KeyRecRepContentSetPKIStatusInfoStatus(keyRecRep,
- cmmfGranted);
- if (rv != SECSuccess) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not set the status for the KeyRecRepContent\n");
- return 504;
- }
- /* The myCert here should correspond to the certificate corresponding
- * to the private key, but for this test any certificate will do.
- */
- rv = CMMF_KeyRecRepContentSetCertifiedKeyPair(keyRecRep, myCert,
- privKey, caPubKey);
- if (rv != SECSuccess) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not set the Certified Key Pair\n");
- return 505;
- }
- PR_snprintf(filePath, PATH_LEN, "%s/%s", configdir,
- "KeyRecRepContent.der");
- fileDesc = PR_Open (filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("Could not open file %s\n", filePath);
- return 506;
- }
- rv = CMMF_EncodeKeyRecRepContent(keyRecRep, WriteItOut, fileDesc);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- PR_Close(fileDesc);
-
- if (rv != SECSuccess) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- printf ("Error while encoding CMMFKeyRecRepContent\n");
- return 507;
- }
- GetBitsFromFile(filePath, &fileBits);
- if (fileBits.data == NULL) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- printf ("Could not get the bits from file %s\n", filePath);
- return 508;
- }
- keyRecRep =
- CMMF_CreateKeyRecRepContentFromDER(db,(const char*)fileBits.data,
- fileBits.len);
- if (keyRecRep == NULL) {
- printf ("Could not decode the KeyRecRepContent in file %s\n",
- filePath);
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- return 509;
- }
- caPrivKey = PK11_FindKeyByAnyCert(caCert, NULL);
- if (CMMF_KeyRecRepContentGetPKIStatusInfoStatus(keyRecRep) !=
- cmmfGranted) {
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- printf ("A bad status came back with the "
- "KeyRecRepContent structure\n");
- return 510;
- }
-#define NICKNAME "Key Recovery Test Key"
- nickname.data = (unsigned char*)NICKNAME;
- nickname.len = PORT_Strlen(NICKNAME);
- certKeyPair = CMMF_KeyRecRepContentGetCertKeyAtIndex(keyRecRep, 0);
- CMMF_DestroyKeyRecRepContent(keyRecRep);
- rv = CMMF_CertifiedKeyPairUnwrapPrivKey(certKeyPair,
- caPrivKey,
- &nickname,
- PK11_GetInternalKeySlot(),
- db,
- &unwrappedPrivKey, NULL);
- CMMF_DestroyCertifiedKeyPair(certKeyPair);
- if (rv != SECSuccess) {
- printf ("Unwrapping the private key failed.\n");
- return 511;
- }
- /*Now let's try to decrypt the ciphertext with the "recovered" key*/
- PK11_EnterSlotMonitor(slot);
- crv =
- PK11_GETTAB(slot)->C_DecryptInit(unwrappedPrivKey->pkcs11Slot->session,
- &mech,
- unwrappedPrivKey->pkcs11ID);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_Free(ciphertext);
- PK11_FreeSlot(slot);
- printf ("Decrypting with the recovered key failed.\n");
- return 513;
- }
- bytes_decrypted = KNOWN_MESSAGE_LENGTH;
- crv = PK11_GETTAB(slot)->C_Decrypt(unwrappedPrivKey->pkcs11Slot->session,
- ciphertext,
- bytes_encrypted, plaintext,
- &bytes_decrypted);
- SECKEY_DestroyPrivateKey(unwrappedPrivKey);
- PK11_ExitSlotMonitor(slot);
- PORT_Free(ciphertext);
- if (crv != CKR_OK) {
- PK11_FreeSlot(slot);
- printf ("Decrypting the ciphertext with recovered key failed.\n");
- return 514;
- }
- if ((bytes_decrypted != KNOWN_MESSAGE_LENGTH) ||
- (PORT_Memcmp(plaintext, known_message, KNOWN_MESSAGE_LENGTH) != 0)) {
- PK11_FreeSlot(slot);
- printf ("The recovered plaintext does not equal the known message:\n"
- "\tKnown message: %s\n"
- "\tRecovered plaintext: %s\n", known_message, plaintext);
- return 515;
- }
- return 0;
-}
-
-int
-DoChallengeResponse(char *configdir, SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey)
-{
- CMMFPOPODecKeyChallContent *chalContent = NULL;
- CMMFPOPODecKeyRespContent *respContent = NULL;
- CERTCertificate *myCert = NULL;
- CERTGeneralName *myGenName = NULL;
- PRArenaPool *poolp = NULL;
- SECItem DecKeyChallBits;
- long *randomNums;
- int numChallengesFound=0;
- int numChallengesSet = 1,i;
- long retrieved;
- char filePath[PATH_LEN];
- RNGContext *rng;
- SECStatus rv;
- PRFileDesc *fileDesc;
- SECItem *publicValue, *keyID;
- SECKEYPrivateKey *foundPrivKey;
-
- chalContent = CMMF_CreatePOPODecKeyChallContent();
- myCert = CERT_FindCertByNickname(db, personalCert);
- if (myCert == NULL) {
- printf ("Could not find the certificate for %s\n", personalCert);
- return 900;
- }
- poolp = PORT_NewArena(1024);
- if (poolp == NULL) {
- printf("Could no allocate a new arena in DoChallengeResponse\n");
- return 901;
- }
- myGenName = CERT_GetCertificateNames(myCert, poolp);
- if (myGenName == NULL) {
- printf ("Could not get the general names for %s certificate\n",
- personalCert);
- return 902;
- }
- randomNums = PORT_ArenaNewArray(poolp,long, numChallengesSet);
- rng = RNG_CreateContext();
- RNG_GenerateRandomBytes(rng, randomNums, numChallengesSet*sizeof(long));
- for (i=0; i<numChallengesSet; i++) {
- rv = CMMF_POPODecKeyChallContentSetNextChallenge(chalContent,
- randomNums[i],
- myGenName,
- pubKey,
- NULL);
- }
- RNG_DestroyContext(rng, PR_TRUE);
- if (rv != SECSuccess) {
- printf ("Could not set the challenge in DoChallengeResponse\n");
- return 903;
- }
- PR_snprintf(filePath, PATH_LEN, "%s/POPODecKeyChallContent.der",
- configdir);
- fileDesc = PR_Open(filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- return 904;
- }
- rv = CMMF_EncodePOPODecKeyChallContent(chalContent,WriteItOut,
- (void*)fileDesc);
- PR_Close(fileDesc);
- CMMF_DestroyPOPODecKeyChallContent(chalContent);
- if (rv != SECSuccess) {
- printf ("Could not encode the POPODecKeyChallContent.\n");
- return 905;
- }
- GetBitsFromFile(filePath, &DecKeyChallBits);
- chalContent =
- CMMF_CreatePOPODecKeyChallContentFromDER
- ((const char*)DecKeyChallBits.data, DecKeyChallBits.len);
- PORT_Free(DecKeyChallBits.data);
- if (chalContent == NULL) {
- printf ("Could not create the POPODecKeyChallContent from DER\n");
- return 906;
- }
- numChallengesFound =
- CMMF_POPODecKeyChallContentGetNumChallenges(chalContent);
- if (numChallengesFound != numChallengesSet) {
- printf ("Number of Challenges Found (%d) does not equal the number "
- "set (%d)\n", numChallengesFound, numChallengesSet);
- return 907;
- }
- for (i=0; i<numChallengesSet; i++) {
- publicValue = CMMF_POPODecKeyChallContentGetPublicValue(chalContent, i);
- if (publicValue == NULL) {
- printf("Could not get the public value for challenge at index %d\n",
- i);
- return 908;
- }
- keyID = PK11_MakeIDFromPubKey(publicValue);
- if (keyID == NULL) {
- printf ("Could not make the keyID from the public value\n");
- return 909;
- }
- foundPrivKey = PK11_FindKeyByKeyID(privKey->pkcs11Slot,keyID, NULL);
- if (foundPrivKey == NULL) {
- printf ("Could not find the private key corresponding to the public"
- " value.\n");
- return 910;
- }
- rv = CMMF_POPODecKeyChallContDecryptChallenge(chalContent, i,
- foundPrivKey);
- if (rv != SECSuccess) {
- printf ("Could not decrypt the challenge at index %d\n", i);
- return 911;
- }
- rv = CMMF_POPODecKeyChallContentGetRandomNumber(chalContent, i,
- &retrieved);
- if (rv != SECSuccess) {
- printf ("Could not get the random number from the challenge at "
- "index %d\n", i);
- return 912;
- }
- if (retrieved != randomNums[i]) {
- printf ("Retrieved the number (%d), expected (%d)\n", retrieved,
- randomNums[i]);
- return 913;
- }
- }
- CMMF_DestroyPOPODecKeyChallContent(chalContent);
- PR_snprintf(filePath, PATH_LEN, "%s/POPODecKeyRespContent.der",
- configdir);
- fileDesc = PR_Open(filePath, PR_WRONLY | PR_CREATE_FILE | PR_TRUNCATE,
- 0666);
- if (fileDesc == NULL) {
- printf ("Could not open file %s\n", filePath);
- return 914;
- }
- rv = CMMF_EncodePOPODecKeyRespContent(randomNums, numChallengesSet,
- WriteItOut, fileDesc);
- PR_Close(fileDesc);
- if (rv != 0) {
- printf ("Could not encode the POPODecKeyRespContent\n");
- return 915;
- }
- GetBitsFromFile(filePath, &DecKeyChallBits);
- respContent =
- CMMF_CreatePOPODecKeyRespContentFromDER((const char*)DecKeyChallBits.data,
- DecKeyChallBits.len);
- if (respContent == NULL) {
- printf ("Could not decode the contents of the file %s\n", filePath);
- return 916;
- }
- numChallengesFound =
- CMMF_POPODecKeyRespContentGetNumResponses(respContent);
- if (numChallengesFound != numChallengesSet) {
- printf ("Number of responses found (%d) does not match the number "
- "of challenges set (%d)\n",
- numChallengesFound, numChallengesSet);
- return 917;
- }
- for (i=0; i<numChallengesSet; i++) {
- rv = CMMF_POPODecKeyRespContentGetResponse(respContent, i, &retrieved);
- if (rv != SECSuccess) {
- printf ("Could not retrieve the response at index %d\n", i);
- return 918;
- }
- if (retrieved != randomNums[i]) {
- printf ("Retrieved the number (%ld), expected (%ld)\n", retrieved,
- randomNums[i]);
- return 919;
- }
-
- }
- CMMF_DestroyPOPODecKeyRespContent(respContent);
- return 0;
-}
-
-char *
-certdb_name_cb(void *arg, int dbVersion)
-{
- char *configdir = (char *)arg;
- char *dbver;
-
- switch (dbVersion) {
- case 7:
- dbver = "7";
- break;
- case 6:
- dbver = "6";
- break;
- case 5:
- dbver = "5";
- case 4:
- default:
- dbver = "";
- break;
- }
- return PR_smprintf("%s/cert%s.db", configdir, dbver);
-}
-
-SECStatus
-OpenCertDB(char *configdir)
-{
- CERTCertDBHandle *certdb;
- SECStatus status = SECFailure;
-
- certdb = PORT_ZNew(CERTCertDBHandle);
- if (certdb == NULL) {
- goto loser;
- }
- status = CERT_OpenCertDB(certdb, PR_TRUE, certdb_name_cb, configdir);
- if (status == SECSuccess) {
- CERT_SetDefaultCertDB(certdb);
- db = certdb;
- } else {
- PORT_Free(certdb);
- }
- loser:
- return status;
-}
-
-char *
-keydb_name_cb(void *arg, int dbVersion)
-{
- char *configdir = (char*) arg;
- char *dbver;
-
- switch(dbVersion){
- case 3:
- dbver = "3";
- break;
- case 2:
- default:
- dbver = "";
- break;
- }
- return PR_smprintf("%s/key%s.db", configdir, dbver);
-}
-
-SECStatus
-OpenKeyDB(char *configdir)
-{
- SECKEYKeyDBHandle *keydb;
-
- keydb = SECKEY_OpenKeyDB(PR_FALSE, keydb_name_cb, configdir);
- if (keydb == NULL) {
- return SECFailure;
- }
- SECKEY_SetDefaultKeyDB(keydb);
- return SECSuccess;
-}
-
-SECStatus
-OpenSecModDB(char *configdir)
-{
- char *secmodname = PR_smprintf("%d/secmod.db", configdir);
- if (secmodname == NULL) {
- return SECFailure;
- }
- SECMOD_init(secmodname);
- return SECSuccess;
-}
-
-void
-CloseHCL(void)
-{
- CERTCertDBHandle *certHandle;
- SECKEYKeyDBHandle *keyHandle;
-
- certHandle = CERT_GetDefaultCertDB();
- if (certHandle) {
- CERT_ClosePermCertDB(certHandle);
- }
- keyHandle = SECKEY_GetDefaultKeyDB();
- if (keyHandle) {
- SECKEY_CloseKeyDB(keyHandle);
- }
-}
-
-SECStatus
-InitHCL(char *configdir)
-{
- SECStatus status;
- SECStatus rv = SECFailure;
-
- RNG_RNGInit();
- RNG_SystemInfoForRNG();
-
- status = OpenCertDB(configdir);
- if (status != SECSuccess) {
- goto loser;
- }
-
- status = OpenKeyDB(configdir);
- if (status != SECSuccess) {
- goto loser;
- }
-
- status = OpenSecModDB(configdir);
- if (status != SECSuccess) {
- goto loser;
- }
-
- rv = SECSuccess;
-
- loser:
- if (rv != SECSuccess) {
- CloseHCL();
- }
- return rv;
-}
-void
-Usage (void)
-{
- printf ("Usage:\n"
- "\tcrmftest -d [Database Directory] -p [Personal Cert]\n"
- "\t -e [Encrypter] -s [CA Certificate]\n\n"
- "Database Directory\n"
- "\tThis is the directory where the key3.db, cert7.db, and\n"
- "\tsecmod.db files are located. This is also the directory\n"
- "\twhere the program will place CRMF/CMMF der files\n"
- "Personal Cert\n"
- "\tThis is the certificate that already exists in the cert\n"
- "\tdatabase to use while encoding the response. The private\n"
- "\tkey associated with the certificate must also exist in the\n"
- "\tkey database.\n"
- "Encrypter\n"
- "\tThis is the certificate to use when encrypting the the \n"
- "\tkey recovery response. The private key for this cert\n"
- "\tmust also be present in the key database.\n"
- "CA Certificate\n"
- "\tThis is the nickname of the certificate to use as the\n"
- "\tCA when doing all of the encoding.\n");
-}
-
-int
-main(int argc, char **argv)
-{
- CRMFCertRequest *certReq, *certReq2;
- CRMFCertReqMsg *certReqMsg;
- CRMFCertReqMsg *secondMsg;
- char *configdir;
- int irv;
- SECStatus rv;
- SECKEYPrivateKey *privKey;
- SECKEYPublicKey *pubKey;
- int o;
- PRBool hclInit = PR_FALSE, pArg = PR_FALSE, eArg = PR_FALSE,
- sArg = PR_FALSE;
-
- printf ("\ncrmftest v1.0\n");
- while (-1 != (o = getopt(argc, argv, "d:p:e:s:"))) {
- switch(o) {
- case 'd':
- configdir = PORT_Strdup(optarg);
- rv = InitHCL(configdir);
- if (rv != SECSuccess) {
- printf ("InitHCL failed\n");
- return 101;
- }
- hclInit = PR_TRUE;
- break;
- case 'p':
- personalCert = PORT_Strdup(optarg);
- if (personalCert == NULL) {
- return 603;
- }
- pArg = PR_TRUE;
- break;
- case 'e':
- recoveryEncrypter = PORT_Strdup(optarg);
- if (recoveryEncrypter == NULL) {
- return 602;
- }
- eArg = PR_TRUE;
- break;
- case 's':
- caCertName = PORT_Strdup(optarg);
- if (caCertName == NULL) {
- return 604;
- }
- sArg = PR_TRUE;
- break;
- default:
- Usage();
- return 601;
- }
- }
- if (!hclInit || !pArg || !eArg || !sArg) {
- Usage();
- return 600;
- }
-
- InitPKCS11();
-
- irv = CreateCertRequest(&certReq, &privKey, &pubKey);
- if (irv != 0 || certReq == NULL) {
- goto loser;
- }
-
- certReqMsg = CRMF_CreateCertReqMsg();
- secondMsg = CRMF_CreateCertReqMsg();
- CRMF_CertReqMsgSetCertRequest(certReqMsg, certReq);
- CRMF_CertReqMsgSetCertRequest(secondMsg, certReq);
-
- irv = AddProofOfPossession(certReqMsg, privKey, pubKey, crmfSignature);
- irv = AddProofOfPossession(secondMsg, privKey, pubKey, crmfKeyAgreement);
- irv = Encode (certReqMsg, secondMsg, configdir);
- if (irv != 0) {
- goto loser;
- }
-
- rv = CRMF_DestroyCertRequest (certReq);
- if (rv != SECSuccess) {
- printf ("Error when destroy certificate request.\n");
- irv = 100;
- goto loser;
- }
-
- rv = CRMF_DestroyCertReqMsg(certReqMsg);
- CRMF_DestroyCertReqMsg(secondMsg);
-
- irv = Decode (configdir);
- if (irv != 0) {
- printf("Error while decoding\n");
- goto loser;
- }
-
- if ((irv = DoCMMFStuff(configdir)) != 0) {
- printf ("CMMF tests failed.\n");
- goto loser;
- }
-
- if ((irv = DoKeyRecovery(configdir, privKey)) != 0) {
- printf ("Error doing key recovery\n");
- goto loser;
- }
-
- if ((irv = DoChallengeResponse(configdir, privKey, pubKey)) != 0) {
- printf ("Error doing challenge-response\n");
- goto loser;
- }
- printf ("Exiting successfully!!!\n\n");
- irv = 0;
-
- loser:
- CloseHCL();
- PORT_Free(configdir);
- return irv;
-}
diff --git a/security/nss/cmd/dbck/Makefile b/security/nss/cmd/dbck/Makefile
deleted file mode 100644
index 7ca8f0630..000000000
--- a/security/nss/cmd/dbck/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/dbck/dbck.c b/security/nss/cmd/dbck/dbck.c
deleted file mode 100644
index a3f1b9d54..000000000
--- a/security/nss/cmd/dbck/dbck.c
+++ /dev/null
@@ -1,1869 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** dbck.c
-**
-** utility for fixing corrupt cert databases
-**
-*/
-#include <stdio.h>
-#include <string.h>
-
-#include "secutil.h"
-#include "cdbhdl.h"
-#include "certdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-static char *progName;
-
-/* placeholders for pointer error types */
-static void *WrongEntry;
-static void *NoNickname;
-static void *NoSMime;
-
-enum {
- GOBOTH = 0,
- GORIGHT,
- GOLEFT
-};
-
-typedef struct
-{
- PRBool verbose;
- PRBool dograph;
- PRFileDesc *out;
- PRFileDesc *graphfile;
- int dbErrors[10];
-} dbDebugInfo;
-
-/*
- * A list node for a cert db entry. The index is a unique identifier
- * to use for creating generic maps of a db. This struct handles
- * the cert, nickname, and smime db entry types, as all three have a
- * single handle to a subject entry.
- * This structure is pointed to by certDBEntryListNode->appData.
- */
-typedef struct
-{
- PRArenaPool *arena;
- int index;
- certDBEntryListNode *pSubject;
-} certDBEntryMap;
-
-/*
- * Subject entry is special case, it has bidirectional handles. One
- * subject entry can point to several certs (using the same DN), and
- * a nickname and/or smime entry.
- * This structure is pointed to by certDBEntryListNode->appData.
- */
-typedef struct
-{
- PRArenaPool *arena;
- int index;
- int numCerts;
- certDBEntryListNode **pCerts;
- certDBEntryListNode *pNickname;
- certDBEntryListNode *pSMime;
-} certDBSubjectEntryMap;
-
-/*
- * A map of a certdb.
- */
-typedef struct
-{
- int numCerts;
- int numSubjects;
- int numNicknames;
- int numSMime;
- certDBEntryListNode certs; /* pointer to head of cert list */
- certDBEntryListNode subjects; /* pointer to head of subject list */
- certDBEntryListNode nicknames; /* pointer to head of nickname list */
- certDBEntryListNode smime; /* pointer to head of smime list */
-} certDBArray;
-
-/* Cast list to the base element, a certDBEntryListNode. */
-#define LISTNODE_CAST(node) \
- ((certDBEntryListNode *)(node))
-
-static void
-Usage(char *progName)
-{
-#define FPS fprintf(stderr,
- FPS "Type %s -H for more detailed descriptions\n", progName);
- FPS "Usage: %s -D [-d certdir] [-i dbname] [-m] [-v [-f dumpfile]]\n",
- progName);
- FPS " %s -R -o newdbname [-d certdir] [-i dbname] [-aprsx] [-v [-f dumpfile]]\n",
- progName);
- exit(-1);
-}
-
-static void
-LongUsage(char *progName)
-{
- FPS "%-15s Display this help message.\n",
- "-H");
- FPS "%-15s Dump analysis. No changes will be made to the database.\n",
- "-D");
- FPS "%-15s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-15s Input cert database name (default is cert7.db)\n",
- " -i dbname");
- FPS "%-15s Mail a graph of the database to certdb@netscape.com.\n",
- " -m");
- FPS "%-15s This will produce an index graph of your cert db and send\n",
- "");
- FPS "%-15s it to Netscape for analysis. Personal info will be removed.\n",
- "");
- FPS "%-15s Verbose mode. Dumps the entire contents of your cert7.db.\n",
- " -v");
- FPS "%-15s File to dump verbose output into.\n",
- " -f dumpfile");
- FPS "%-15s Repair the database. The program will look for broken\n",
- "-R");
- FPS "%-15s dependencies between subject entries and certificates,\n",
- "");
- FPS "%-15s between nickname entries and subjects, and between SMIME\n",
- "");
- FPS "%-15s profiles and subjects. Any duplicate entries will be\n",
- "");
- FPS "%-15s removed, any missing entries will be created.\n",
- "");
- FPS "%-15s File to store new database in (default is new_cert7.db)\n",
- " -o newdbname");
- FPS "%-15s Cert database directory (default is ~/.netscape)\n",
- " -d certdir");
- FPS "%-15s Input cert database name (default is cert7.db)\n",
- " -i dbname");
- FPS "%-15s Prompt before removing any certificates.\n",
- " -p");
- FPS "%-15s Keep all possible certificates. Only remove certificates\n",
- " -a");
- FPS "%-15s which prevent creation of a consistent database. Thus any\n",
- "");
- FPS "%-15s expired or redundant entries will be kept.\n",
- "");
- FPS "%-15s Keep redundant nickname/email entries. It is possible\n",
- " -r");
- FPS "%-15s only one such entry will be usable.\n",
- "");
- FPS "%-15s Don't require an S/MIME profile in order to keep an S/MIME\n",
- " -s");
- FPS "%-15s cert. An empty profile will be created.\n",
- "");
- FPS "%-15s Keep expired certificates.\n",
- " -x");
- FPS "%-15s Verbose mode - report all activity while recovering db.\n",
- " -v");
- FPS "%-15s File to dump verbose output into.\n",
- " -f dumpfile");
- FPS "\n");
- exit(-1);
-#undef FPS
-}
-
-/*******************************************************************
- *
- * Functions for dbck.
- *
- ******************************************************************/
-
-void
-printHexString(PRFileDesc *out, SECItem *hexval)
-{
- int i;
- for (i = 0; i < hexval->len; i++) {
- if (i != hexval->len - 1) {
- PR_fprintf(out, "%02x:", hexval->data[i]);
- } else {
- PR_fprintf(out, "%02x", hexval->data[i]);
- }
- }
- PR_fprintf(out, "\n");
-}
-
-typedef enum {
-/* 0*/ NoSubjectForCert = 0,
-/* 1*/ SubjectHasNoKeyForCert,
-/* 2*/ NoNicknameOrSMimeForSubject,
-/* 3*/ WrongNicknameForSubject,
-/* 4*/ NoNicknameEntry,
-/* 5*/ WrongSMimeForSubject,
-/* 6*/ NoSMimeEntry,
-/* 7*/ NoSubjectForNickname,
-/* 8*/ NoSubjectForSMime,
-/* 9*/ NicknameAndSMimeEntry
-} dbErrorType;
-
-static char *dbErrorString[] = {
-/* 0*/ "<CERT ENTRY>\nDid not find a subject entry for this certificate.",
-/* 1*/ "<SUBJECT ENTRY>\nSubject has certKey which is not in db.",
-/* 2*/ "<SUBJECT ENTRY>\nSubject does not have a nickname or email address.",
-/* 3*/ "<SUBJECT ENTRY>\nUsing this subject's nickname, found a nickname entry for a different subject.",
-/* 4*/ "<SUBJECT ENTRY>\nDid not find a nickname entry for this subject.",
-/* 5*/ "<SUBJECT ENTRY>\nUsing this subject's email, found an S/MIME entry for a different subject.",
-/* 6*/ "<SUBJECT ENTRY>\nDid not find an S/MIME entry for this subject.",
-/* 7*/ "<NICKNAME ENTRY>\nDid not find a subject entry for this nickname.",
-/* 8*/ "<S/MIME ENTRY>\nDid not find a subject entry for this S/MIME profile.",
-};
-
-SECStatus
-dumpCertificate(CERTCertificate *cert, int num, PRFileDesc *outfile)
-{
- int userCert = 0;
- CERTCertTrust *trust = cert->trust;
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
- if (num >= 0) {
- PR_fprintf(outfile, "Certificate: %3d\n", num);
- } else {
- PR_fprintf(outfile, "Certificate:\n");
- }
- PR_fprintf(outfile, "----------------\n");
- if (userCert)
- PR_fprintf(outfile, "(User Cert)\n");
- PR_fprintf(outfile, "## SUBJECT: %s\n", cert->subjectName);
- PR_fprintf(outfile, "## ISSUER: %s\n", cert->issuerName);
- PR_fprintf(outfile, "## SERIAL NUMBER: ");
- printHexString(outfile, &cert->serialNumber);
- { /* XXX should be separate function. */
- int64 timeBefore, timeAfter;
- PRExplodedTime beforePrintable, afterPrintable;
- char *beforestr, *afterstr;
- DER_UTCTimeToTime(&timeBefore, &cert->validity.notBefore);
- DER_UTCTimeToTime(&timeAfter, &cert->validity.notAfter);
- PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable);
- PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable);
- beforestr = PORT_Alloc(100);
- afterstr = PORT_Alloc(100);
- PR_FormatTime(beforestr, 100, "%a %b %d %H:%M:%S %Y", &beforePrintable);
- PR_FormatTime(afterstr, 100, "%a %b %d %H:%M:%S %Y", &afterPrintable);
- PR_fprintf(outfile, "## VALIDITY: %s to %s\n", beforestr, afterstr);
- }
- PR_fprintf(outfile, "\n");
- return SECSuccess;
-}
-
-SECStatus
-dumpCertEntry(certDBEntryCert *entry, int num, PRFileDesc *outfile)
-{
- CERTCertificate *cert;
- cert = CERT_DecodeDERCertificate(&entry->derCert, PR_FALSE, NULL);
- if (!cert) {
- fprintf(stderr, "Failed to decode certificate.\n");
- return SECFailure;
- }
- cert->trust = &entry->trust;
- dumpCertificate(cert, num, outfile);
- CERT_DestroyCertificate(cert);
- return SECSuccess;
-}
-
-SECStatus
-dumpSubjectEntry(certDBEntrySubject *entry, int num, PRFileDesc *outfile)
-{
- char *subjectName;
- subjectName = CERT_DerNameToAscii(&entry->derSubject);
- PR_fprintf(outfile, "Subject: %3d\n", num);
- PR_fprintf(outfile, "------------\n");
- PR_fprintf(outfile, "## %s\n", subjectName);
- if (entry->nickname)
- PR_fprintf(outfile, "## Subject nickname: %s\n", entry->nickname);
- if (entry->emailAddr)
- PR_fprintf(outfile, "## Subject email address: %s\n",
- entry->emailAddr);
- PR_fprintf(outfile, "## This subject has %d cert(s).\n", entry->ncerts);
- PR_fprintf(outfile, "\n");
- PORT_Free(subjectName);
- return SECSuccess;
-}
-
-SECStatus
-dumpNicknameEntry(certDBEntryNickname *entry, int num, PRFileDesc *outfile)
-{
- PR_fprintf(outfile, "Nickname: %3d\n", num);
- PR_fprintf(outfile, "-------------\n");
- PR_fprintf(outfile, "## \"%s\"\n\n", entry->nickname);
- return SECSuccess;
-}
-
-SECStatus
-dumpSMimeEntry(certDBEntrySMime *entry, int num, PRFileDesc *outfile)
-{
- PR_fprintf(outfile, "S/MIME Profile: %3d\n", num);
- PR_fprintf(outfile, "-------------------\n");
- PR_fprintf(outfile, "## \"%s\"\n", entry->emailAddr);
- PR_fprintf(outfile, "## OPTIONS: ");
- printHexString(outfile, &entry->smimeOptions);
- PR_fprintf(outfile, "## TIMESTAMP: ");
- printHexString(outfile, &entry->optionsDate);
- PR_fprintf(outfile, "\n");
- return SECSuccess;
-}
-
-SECStatus
-mapCertEntries(certDBArray *dbArray)
-{
- certDBEntryCert *certEntry;
- certDBEntrySubject *subjectEntry;
- certDBEntryListNode *certNode, *subjNode;
- certDBSubjectEntryMap *smap;
- certDBEntryMap *map;
- PRArenaPool *tmparena;
- SECItem derSubject;
- SECItem certKey;
- PRCList *cElem, *sElem;
- int i;
-
- /* Arena for decoded entries */
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (tmparena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* Iterate over cert entries and map them to subject entries.
- * NOTE: mapSubjectEntries must be called first to alloc memory
- * for array of subject->cert map.
- */
- for (cElem = PR_LIST_HEAD(&dbArray->certs.link);
- cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) {
- certNode = LISTNODE_CAST(cElem);
- certEntry = (certDBEntryCert *)&certNode->entry;
- map = (certDBEntryMap *)certNode->appData;
- CERT_NameFromDERCert(&certEntry->derCert, &derSubject);
- CERT_KeyFromDERCert(tmparena, &certEntry->derCert, &certKey);
- /* Loop over found subjects for cert's DN. */
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
- subjNode = LISTNODE_CAST(sElem);
- subjectEntry = (certDBEntrySubject *)&subjNode->entry;
- if (SECITEM_ItemsAreEqual(&derSubject, &subjectEntry->derSubject)) {
- /* Found matching subject name, create link. */
- map->pSubject = subjNode;
- /* Make sure subject entry has cert's key. */
- for (i=0; i<subjectEntry->ncerts; i++) {
- if (SECITEM_ItemsAreEqual(&certKey,
- &subjectEntry->certKeys[i])) {
- /* Found matching cert key. */
- smap = (certDBSubjectEntryMap *)subjNode->appData;
- smap->pCerts[i] = certNode;
- break;
- }
- }
- }
- }
- }
- PORT_FreeArena(tmparena, PR_FALSE);
- return SECSuccess;
-}
-
-SECStatus
-mapSubjectEntries(certDBArray *dbArray)
-{
- certDBEntrySubject *subjectEntry;
- certDBEntryNickname *nicknameEntry;
- certDBEntrySMime *smimeEntry;
- certDBEntryListNode *subjNode, *nickNode, *smimeNode;
- certDBSubjectEntryMap *subjMap;
- certDBEntryMap *nickMap, *smimeMap;
- PRCList *sElem, *nElem, *mElem;
-
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
- /* Iterate over subject entries and map subjects to nickname
- * and smime entries. The cert<->subject map will be handled
- * by a subsequent call to mapCertEntries.
- */
- subjNode = LISTNODE_CAST(sElem);
- subjectEntry = (certDBEntrySubject *)&subjNode->entry;
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- /* need to alloc memory here for array of matching certs. */
- subjMap->pCerts = PORT_ArenaAlloc(subjMap->arena,
- subjectEntry->ncerts*sizeof(int));
- subjMap->numCerts = subjectEntry->ncerts;
- if (subjectEntry->nickname) {
- /* Subject should have a nickname entry, so create a link. */
- for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link);
- nElem != &dbArray->nicknames.link;
- nElem = PR_NEXT_LINK(nElem)) {
- /* Look for subject's nickname in nickname entries. */
- nickNode = LISTNODE_CAST(nElem);
- nicknameEntry = (certDBEntryNickname *)&nickNode->entry;
- nickMap = (certDBEntryMap *)nickNode->appData;
- if (PL_strcmp(subjectEntry->nickname,
- nicknameEntry->nickname) == 0) {
- /* Found a nickname entry for subject's nickname. */
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &nicknameEntry->subjectName)) {
- /* Nickname and subject match. */
- subjMap->pNickname = nickNode;
- nickMap->pSubject = subjNode;
- } else {
- /* Nickname entry found is for diff. subject. */
- subjMap->pNickname = WrongEntry;
- }
- }
- }
- } else {
- subjMap->pNickname = NoNickname;
- }
- if (subjectEntry->emailAddr) {
- /* Subject should have an smime entry, so create a link. */
- for (mElem = PR_LIST_HEAD(&dbArray->smime.link);
- mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) {
- /* Look for subject's email in S/MIME entries. */
- smimeNode = LISTNODE_CAST(mElem);
- smimeEntry = (certDBEntrySMime *)&smimeNode->entry;
- smimeMap = (certDBEntryMap *)smimeNode->appData;
- if (PL_strcmp(subjectEntry->emailAddr,
- smimeEntry->emailAddr) == 0) {
- /* Found a S/MIME entry for subject's email. */
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &smimeEntry->subjectName)) {
- /* S/MIME entry and subject match. */
- subjMap->pSMime = smimeNode;
- smimeMap->pSubject = subjNode;
- } else {
- /* S/MIME entry found is for diff. subject. */
- subjMap->pSMime = WrongEntry;
- }
- }
- }
- } else {
- subjMap->pSMime = NoSMime;
- }
- }
- return SECSuccess;
-}
-
-void
-printnode(dbDebugInfo *info, const char *str, int num)
-{
- if (!info->dograph)
- return;
- if (num < 0) {
- PR_fprintf(info->graphfile, str);
- } else {
- PR_fprintf(info->graphfile, str, num);
- }
-}
-
-PRBool
-map_handle_is_ok(dbDebugInfo *info, void *mapPtr, int indent)
-{
- if (mapPtr == NULL) {
- if (indent > 0)
- printnode(info, " ", -1);
- if (indent >= 0)
- printnode(info, "******************* ", -1);
- return PR_FALSE;
- } else if (mapPtr == WrongEntry) {
- if (indent > 0)
- printnode(info, " ", -1);
- if (indent >= 0)
- printnode(info, "??????????????????? ", -1);
- return PR_FALSE;
- } else {
- return PR_TRUE;
- }
-}
-
-/* these call each other */
-void print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap,
- int direction);
-void print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap,
- int direction);
-void print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap,
- int direction, int optindex, int opttype);
-void print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap,
- int direction);
-
-/* Given an smime entry, print its unique identifier. If GOLEFT is
- * specified, print the cert<-subject<-smime map, else just print
- * the smime entry.
- */
-void
-print_smime_graph(dbDebugInfo *info, certDBEntryMap *smimeMap, int direction)
-{
- certDBSubjectEntryMap *subjMap;
- certDBEntryListNode *subjNode;
- if (direction == GOLEFT) {
- /* Need to output subject and cert first, see print_subject_graph */
- subjNode = smimeMap->pSubject;
- if (map_handle_is_ok(info, (void *)subjNode, 1)) {
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- print_subject_graph(info, subjMap, GOLEFT,
- smimeMap->index, certDBEntryTypeSMimeProfile);
- } else {
- printnode(info, "<---- S/MIME %5d ", smimeMap->index);
- }
- } else {
- printnode(info, "S/MIME %5d ", smimeMap->index);
- }
-}
-
-/* Given a nickname entry, print its unique identifier. If GOLEFT is
- * specified, print the cert<-subject<-nickname map, else just print
- * the nickname entry.
- */
-void
-print_nickname_graph(dbDebugInfo *info, certDBEntryMap *nickMap, int direction)
-{
- certDBSubjectEntryMap *subjMap;
- certDBEntryListNode *subjNode;
- if (direction == GOLEFT) {
- /* Need to output subject and cert first, see print_subject_graph */
- subjNode = nickMap->pSubject;
- if (map_handle_is_ok(info, (void *)subjNode, 1)) {
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- print_subject_graph(info, subjMap, GOLEFT,
- nickMap->index, certDBEntryTypeNickname);
- } else {
- printnode(info, "<---- Nickname %5d ", nickMap->index);
- }
- } else {
- printnode(info, "Nickname %5d ", nickMap->index);
- }
-}
-
-/* Given a subject entry, if going right print the graph of the nickname|smime
- * that it maps to (by its unique identifier); and if going left
- * print the list of certs that it points to.
- */
-void
-print_subject_graph(dbDebugInfo *info, certDBSubjectEntryMap *subjMap,
- int direction, int optindex, int opttype)
-{
- certDBEntryMap *map;
- certDBEntryListNode *node;
- int i;
- /* The first line of output always contains the cert id, subject id,
- * and nickname|smime id. Subsequent lines may contain additional
- * cert id's for the subject if going left or both directions.
- * Ex. of printing the graph for a subject entry:
- * Cert 3 <- Subject 5 -> Nickname 32
- * Cert 8 /
- * Cert 9 /
- * means subject 5 has 3 certs, 3, 8, and 9, and corresponds
- * to nickname entry 32.
- * To accomplish the above, it is required to dump the entire first
- * line left-to-right, regardless of the input direction, and then
- * finish up any remaining cert entries. Hence the code is uglier
- * than one may expect.
- */
- if (direction == GOLEFT || direction == GOBOTH) {
- /* In this case, nothing should be output until the first cert is
- * located and output (cert 3 in the above example).
- */
- if (subjMap->numCerts == 0 || subjMap->pCerts == NULL)
- /* XXX uh-oh */
- return;
- /* get the first cert and dump it. */
- node = subjMap->pCerts[0];
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going left here stops. */
- print_cert_graph(info, map, GOLEFT);
- }
- /* Now it is safe to output the subject id. */
- if (direction == GOLEFT)
- printnode(info, "Subject %5d <---- ", subjMap->index);
- else /* direction == GOBOTH */
- printnode(info, "Subject %5d ----> ", subjMap->index);
- }
- if (direction == GORIGHT || direction == GOBOTH) {
- /* Okay, now output the nickname|smime for this subject. */
- if (direction != GOBOTH) /* handled above */
- printnode(info, "Subject %5d ----> ", subjMap->index);
- if (subjMap->pNickname) {
- node = subjMap->pNickname;
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going right here stops. */
- print_nickname_graph(info, map, GORIGHT);
- }
- }
- if (subjMap->pSMime) {
- node = subjMap->pSMime;
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going right here stops. */
- print_smime_graph(info, map, GORIGHT);
- }
- }
- if (!subjMap->pNickname && !subjMap->pSMime) {
- printnode(info, "******************* ", -1);
- }
- }
- if (direction != GORIGHT) { /* going right has only one cert */
- if (opttype == certDBEntryTypeNickname)
- printnode(info, "Nickname %5d ", optindex);
- else if (opttype == certDBEntryTypeSMimeProfile)
- printnode(info, "S/MIME %5d ", optindex);
- for (i=1 /* 1st one already done */; i<subjMap->numCerts; i++) {
- printnode(info, "\n", -1); /* start a new line */
- node = subjMap->pCerts[i];
- if (map_handle_is_ok(info, (void *)node, 0)) {
- map = (certDBEntryMap *)node->appData;
- /* going left here stops. */
- print_cert_graph(info, map, GOLEFT);
- printnode(info, "/", -1);
- }
- }
- }
-}
-
-/* Given a cert entry, print its unique identifer. If GORIGHT is specified,
- * print the cert->subject->nickname|smime map, else just print
- * the cert entry.
- */
-void
-print_cert_graph(dbDebugInfo *info, certDBEntryMap *certMap, int direction)
-{
- certDBSubjectEntryMap *subjMap;
- certDBEntryListNode *subjNode;
- if (direction == GOLEFT) {
- printnode(info, "Cert %5d <---- ", certMap->index);
- /* only want cert entry, terminate here. */
- return;
- }
- /* Keep going right then. */
- printnode(info, "Cert %5d ----> ", certMap->index);
- subjNode = certMap->pSubject;
- if (map_handle_is_ok(info, (void *)subjNode, 0)) {
- subjMap = (certDBSubjectEntryMap *)subjNode->appData;
- print_subject_graph(info, subjMap, GORIGHT, -1, -1);
- }
-}
-
-SECStatus
-computeDBGraph(certDBArray *dbArray, dbDebugInfo *info)
-{
- PRCList *cElem, *sElem, *nElem, *mElem;
- certDBEntryListNode *node;
- certDBEntryMap *map;
- certDBSubjectEntryMap *subjMap;
-
- /* Graph is of this form:
- *
- * certs:
- * cert ---> subject ---> (nickname|smime)
- *
- * subjects:
- * cert <--- subject ---> (nickname|smime)
- *
- * nicknames and smime:
- * cert <--- subject <--- (nickname|smime)
- */
-
- /* Print cert graph. */
- for (cElem = PR_LIST_HEAD(&dbArray->certs.link);
- cElem != &dbArray->certs.link; cElem = PR_NEXT_LINK(cElem)) {
- /* Print graph of everything to right of cert entry. */
- node = LISTNODE_CAST(cElem);
- map = (certDBEntryMap *)node->appData;
- print_cert_graph(info, map, GORIGHT);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- /* Print subject graph. */
- for (sElem = PR_LIST_HEAD(&dbArray->subjects.link);
- sElem != &dbArray->subjects.link; sElem = PR_NEXT_LINK(sElem)) {
- /* Print graph of everything to both sides of subject entry. */
- node = LISTNODE_CAST(sElem);
- subjMap = (certDBSubjectEntryMap *)node->appData;
- print_subject_graph(info, subjMap, GOBOTH, -1, -1);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- /* Print nickname graph. */
- for (nElem = PR_LIST_HEAD(&dbArray->nicknames.link);
- nElem != &dbArray->nicknames.link; nElem = PR_NEXT_LINK(nElem)) {
- /* Print graph of everything to left of nickname entry. */
- node = LISTNODE_CAST(nElem);
- map = (certDBEntryMap *)node->appData;
- print_nickname_graph(info, map, GOLEFT);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- /* Print smime graph. */
- for (mElem = PR_LIST_HEAD(&dbArray->smime.link);
- mElem != &dbArray->smime.link; mElem = PR_NEXT_LINK(mElem)) {
- /* Print graph of everything to left of smime entry. */
- node = LISTNODE_CAST(mElem);
- if (node == NULL) break;
- map = (certDBEntryMap *)node->appData;
- print_smime_graph(info, map, GOLEFT);
- printnode(info, "\n", -1);
- }
- printnode(info, "\n", -1);
-
- return SECSuccess;
-}
-
-/*
- * List the entries in the db, showing handles between entry types.
- */
-void
-verboseOutput(certDBArray *dbArray, dbDebugInfo *info)
-{
- int i, ref;
- PRCList *elem;
- certDBEntryListNode *node;
- certDBEntryMap *map;
- certDBSubjectEntryMap *smap;
- certDBEntrySubject *subjectEntry;
-
- /* List certs */
- for (elem = PR_LIST_HEAD(&dbArray->certs.link);
- elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- map = (certDBEntryMap *)node->appData;
- dumpCertEntry((certDBEntryCert*)&node->entry, map->index, info->out);
- /* walk the cert handle to it's subject entry */
- if (map_handle_is_ok(info, map->pSubject, -1)) {
- smap = (certDBSubjectEntryMap *)map->pSubject->appData;
- ref = smap->index;
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
- }
- }
- /* List subjects */
- for (elem = PR_LIST_HEAD(&dbArray->subjects.link);
- elem != &dbArray->subjects.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- subjectEntry = (certDBEntrySubject *)&node->entry;
- smap = (certDBSubjectEntryMap *)node->appData;
- dumpSubjectEntry(subjectEntry, smap->index, info->out);
- /* iterate over subject's certs */
- for (i=0; i<smap->numCerts; i++) {
- /* walk each subject handle to it's cert entries */
- if (map_handle_is_ok(info, smap->pCerts[i], -1)) {
- ref = ((certDBEntryMap *)smap->pCerts[i]->appData)->index;
- PR_fprintf(info->out, "-->(%d. certificate %d)\n", i, ref);
- } else {
- PR_fprintf(info->out, "-->(%d. MISSING CERT ENTRY)\n", i);
- }
- }
- if (subjectEntry->nickname) {
- /* walk each subject handle to it's nickname entry */
- if (map_handle_is_ok(info, smap->pNickname, -1)) {
- ref = ((certDBEntryMap *)smap->pNickname->appData)->index;
- PR_fprintf(info->out, "-->(nickname %d)\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING NICKNAME ENTRY)\n");
- }
- }
- if (subjectEntry->emailAddr) {
- /* walk each subject handle to it's smime entry */
- if (map_handle_is_ok(info, smap->pSMime, -1)) {
- ref = ((certDBEntryMap *)smap->pSMime->appData)->index;
- PR_fprintf(info->out, "-->(s/mime %d)\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING S/MIME ENTRY)\n");
- }
- }
- PR_fprintf(info->out, "\n\n");
- }
- for (elem = PR_LIST_HEAD(&dbArray->nicknames.link);
- elem != &dbArray->nicknames.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- map = (certDBEntryMap *)node->appData;
- dumpNicknameEntry((certDBEntryNickname*)&node->entry, map->index,
- info->out);
- if (map_handle_is_ok(info, map->pSubject, -1)) {
- ref = ((certDBEntryMap *)map->pSubject->appData)->index;
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
- }
- }
- for (elem = PR_LIST_HEAD(&dbArray->smime.link);
- elem != &dbArray->smime.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- map = (certDBEntryMap *)node->appData;
- dumpSMimeEntry((certDBEntrySMime*)&node->entry, map->index, info->out);
- if (map_handle_is_ok(info, map->pSubject, -1)) {
- ref = ((certDBEntryMap *)map->pSubject->appData)->index;
- PR_fprintf(info->out, "-->(subject %d)\n\n\n", ref);
- } else {
- PR_fprintf(info->out, "-->(MISSING SUBJECT ENTRY)\n\n\n");
- }
- }
- PR_fprintf(info->out, "\n\n");
-}
-
-char *errResult[] = {
- "Certificate entries that had no subject entry.",
- "Certificate entries that had no key in their subject entry.",
- "Subject entries that had no nickname or email address.",
- "Redundant nicknames (subjects with the same nickname).",
- "Subject entries that had no nickname entry.",
- "Redundant email addresses (subjects with the same email address).",
- "Subject entries that had no S/MIME entry.",
- "Nickname entries that had no subject entry.",
- "S/MIME entries that had no subject entry.",
-};
-
-int
-fillDBEntryArray(CERTCertDBHandle *handle, certDBEntryType type,
- certDBEntryListNode *list)
-{
- PRCList *elem;
- certDBEntryListNode *node;
- certDBEntryMap *mnode;
- certDBSubjectEntryMap *smnode;
- PRArenaPool *arena;
- int count = 0;
- /* Initialize a dummy entry in the list. The list head will be the
- * next element, so this element is skipped by for loops.
- */
- PR_INIT_CLIST((PRCList *)list);
- /* Collect all of the cert db entries for this type into a list. */
- SEC_TraverseDBEntries(handle, type, SEC_GetCertDBEntryList,
- (PRCList *)list);
- for (elem = PR_LIST_HEAD(&list->link);
- elem != &list->link; elem = PR_NEXT_LINK(elem)) {
- /* Iterate over the entries and ... */
- node = (certDBEntryListNode *)elem;
- if (type != certDBEntryTypeSubject) {
- arena = PORT_NewArena(sizeof(*mnode));
- mnode = (certDBEntryMap *)PORT_ArenaZAlloc(arena, sizeof(*mnode));
- mnode->arena = arena;
- /* ... assign a unique index number to each node, and ... */
- mnode->index = count;
- /* ... set the map pointer for the node. */
- node->appData = (void *)mnode;
- } else {
- /* allocate some room for the cert pointers also */
- arena = PORT_NewArena(sizeof(*smnode) + 20*sizeof(void *));
- smnode = (certDBSubjectEntryMap *)
- PORT_ArenaZAlloc(arena, sizeof(*smnode));
- smnode->arena = arena;
- smnode->index = count;
- node->appData = (void *)smnode;
- }
- count++;
- }
- return count;
-}
-
-void
-freeDBEntryList(PRCList *list)
-{
- PRCList *next, *elem;
- certDBEntryListNode *node;
- certDBEntryMap *map;
-
- for (elem = PR_LIST_HEAD(list); elem != list;) {
- next = PR_NEXT_LINK(elem);
- node = (certDBEntryListNode *)elem;
- map = (certDBEntryMap *)node->appData;
- PR_REMOVE_LINK(&node->link);
- PORT_FreeArena(map->arena, PR_TRUE);
- PORT_FreeArena(node->entry.common.arena, PR_TRUE);
- elem = next;
- }
-}
-
-void
-DBCK_DebugDB(CERTCertDBHandle *handle, PRFileDesc *out, PRFileDesc *mailfile)
-{
- int i, nCertsFound, nSubjFound, nErr;
- int nCerts, nSubjects, nSubjCerts, nNicknames, nSMime;
- PRCList *elem;
- char c;
- dbDebugInfo info;
- certDBArray dbArray;
-
- PORT_Memset(&dbArray, 0, sizeof(dbArray));
- PORT_Memset(&info, 0, sizeof(info));
- info.verbose = (out == NULL) ? PR_FALSE : PR_TRUE ;
- info.dograph = (mailfile == NULL) ? PR_FALSE : PR_TRUE ;
- info.out = (out) ? out : PR_STDOUT;
- info.graphfile = mailfile;
-
- /* Fill the array structure with cert/subject/nickname/smime entries. */
- dbArray.numCerts = fillDBEntryArray(handle, certDBEntryTypeCert,
- &dbArray.certs);
- dbArray.numSubjects = fillDBEntryArray(handle, certDBEntryTypeSubject,
- &dbArray.subjects);
- dbArray.numNicknames = fillDBEntryArray(handle, certDBEntryTypeNickname,
- &dbArray.nicknames);
- dbArray.numSMime = fillDBEntryArray(handle, certDBEntryTypeSMimeProfile,
- &dbArray.smime);
-
- /* Compute the map between the database entries. */
- mapSubjectEntries(&dbArray);
- mapCertEntries(&dbArray);
- computeDBGraph(&dbArray, &info);
-
- /* Store the totals for later reference. */
- nCerts = dbArray.numCerts;
- nSubjects = dbArray.numSubjects;
- nNicknames = dbArray.numNicknames;
- nSMime = dbArray.numSMime;
- nSubjCerts = 0;
- for (elem = PR_LIST_HEAD(&dbArray.subjects.link);
- elem != &dbArray.subjects.link; elem = PR_NEXT_LINK(elem)) {
- certDBSubjectEntryMap *smap;
- smap = (certDBSubjectEntryMap *)LISTNODE_CAST(elem)->appData;
- nSubjCerts += smap->numCerts;
- }
-
- if (info.verbose) {
- /* Dump the database contents. */
- verboseOutput(&dbArray, &info);
- }
-
- freeDBEntryList(&dbArray.certs.link);
- freeDBEntryList(&dbArray.subjects.link);
- freeDBEntryList(&dbArray.nicknames.link);
- freeDBEntryList(&dbArray.smime.link);
-
- PR_fprintf(info.out, "\n");
- PR_fprintf(info.out, "Database statistics:\n");
- PR_fprintf(info.out, "N0: Found %4d Certificate entries.\n",
- nCerts);
- PR_fprintf(info.out, "N1: Found %4d Subject entries (unique DN's).\n",
- nSubjects);
- PR_fprintf(info.out, "N2: Found %4d Cert keys within Subject entries.\n",
- nSubjCerts);
- PR_fprintf(info.out, "N3: Found %4d Nickname entries.\n",
- nNicknames);
- PR_fprintf(info.out, "N4: Found %4d S/MIME entries.\n",
- nSMime);
- PR_fprintf(info.out, "\n");
-
- nErr = 0;
- for (i=0; i<sizeof(errResult)/sizeof(char*); i++) {
- PR_fprintf(info.out, "E%d: Found %4d %s\n",
- i, info.dbErrors[i], errResult[i]);
- nErr += info.dbErrors[i];
- }
- PR_fprintf(info.out, "--------------\n Found %4d errors in database.\n",
- nErr);
-
- PR_fprintf(info.out, "\nCertificates:\n");
- PR_fprintf(info.out, "N0 == N2 + E%d + E%d\n", NoSubjectForCert,
- SubjectHasNoKeyForCert);
- nCertsFound = nSubjCerts +
- info.dbErrors[NoSubjectForCert] +
- info.dbErrors[SubjectHasNoKeyForCert];
- c = (nCertsFound == nCerts) ? '=' : '!';
- PR_fprintf(info.out, "%d %c= %d + %d + %d\n", nCerts, c, nSubjCerts,
- info.dbErrors[NoSubjectForCert],
- info.dbErrors[SubjectHasNoKeyForCert]);
- PR_fprintf(info.out, "\nSubjects:\n");
- PR_fprintf(info.out, "N1 == N3 + N4 + E%d + E%d + E%d + E%d + E%d - E%d - E%d\n",
- NoNicknameOrSMimeForSubject, WrongNicknameForSubject,
- NoNicknameEntry, WrongSMimeForSubject, NoSMimeEntry,
- NoSubjectForNickname, NoSubjectForSMime);
- PR_fprintf(info.out, " - #(subjects with both nickname and S/MIME entries)\n");
- nSubjFound = nNicknames + nSMime +
- info.dbErrors[NoNicknameOrSMimeForSubject] +
- info.dbErrors[WrongNicknameForSubject] +
- info.dbErrors[NoNicknameEntry] +
- info.dbErrors[WrongSMimeForSubject] +
- info.dbErrors[NoSMimeEntry] -
- info.dbErrors[NoSubjectForNickname] -
- info.dbErrors[NoSubjectForSMime] -
- info.dbErrors[NicknameAndSMimeEntry];
- c = (nSubjFound == nSubjects) ? '=' : '!';
- PR_fprintf(info.out, "%d %c= %d + %d + %d + %d + %d + %d + %d - %d - %d - %d\n",
- nSubjects, c, nNicknames, nSMime,
- info.dbErrors[NoNicknameOrSMimeForSubject],
- info.dbErrors[WrongNicknameForSubject],
- info.dbErrors[NoNicknameEntry],
- info.dbErrors[WrongSMimeForSubject],
- info.dbErrors[NoSMimeEntry],
- info.dbErrors[NoSubjectForNickname],
- info.dbErrors[NoSubjectForSMime],
- info.dbErrors[NicknameAndSMimeEntry]);
- PR_fprintf(info.out, "\n");
-}
-
-#ifdef DORECOVER
-enum {
- dbInvalidCert = 0,
- dbNoSMimeProfile,
- dbOlderCert,
- dbBadCertificate,
- dbCertNotWrittenToDB
-};
-
-typedef struct dbRestoreInfoStr
-{
- CERTCertDBHandle *handle;
- PRBool verbose;
- PRFileDesc *out;
- int nCerts;
- int nOldCerts;
- int dbErrors[5];
- PRBool removeType[3];
- PRBool promptUser[3];
-} dbRestoreInfo;
-
-char *
-IsEmailCert(CERTCertificate *cert)
-{
- char *email, *tmp1, *tmp2;
- PRBool isCA;
- int len;
-
- if (!cert->subjectName) {
- return NULL;
- }
-
- tmp1 = PORT_Strstr(cert->subjectName, "E=");
- tmp2 = PORT_Strstr(cert->subjectName, "MAIL=");
- /* XXX Nelson has cert for KTrilli which does not have either
- * of above but is email cert (has cert->emailAddr).
- */
- if (!tmp1 && !tmp2 && !cert->emailAddr) {
- return NULL;
- }
-
- /* Server or CA cert, not personal email. */
- isCA = CERT_IsCACert(cert, NULL);
- if (isCA)
- return NULL;
-
- /* XXX CERT_IsCACert advertises checking the key usage ext.,
- but doesn't appear to. */
- /* Check the key usage extension. */
- if (cert->keyUsagePresent) {
- /* Must at least be able to sign or encrypt (not neccesarily
- * both if it is one of a dual cert).
- */
- if (!((cert->rawKeyUsage & KU_DIGITAL_SIGNATURE) ||
- (cert->rawKeyUsage & KU_KEY_ENCIPHERMENT)))
- return NULL;
-
- /* CA cert, not personal email. */
- if (cert->rawKeyUsage & (KU_KEY_CERT_SIGN | KU_CRL_SIGN))
- return NULL;
- }
-
- if (cert->emailAddr) {
- email = PORT_Strdup(cert->emailAddr);
- } else {
- if (tmp1)
- tmp1 += 2; /* "E=" */
- else
- tmp1 = tmp2 + 5; /* "MAIL=" */
- len = strcspn(tmp1, ", ");
- email = (char*)PORT_Alloc(len+1);
- PORT_Strncpy(email, tmp1, len);
- email[len] = '\0';
- }
-
- return email;
-}
-
-SECStatus
-deleteit(CERTCertificate *cert, void *arg)
-{
- return SEC_DeletePermCertificate(cert);
-}
-
-/* Different than DeleteCertificate - has the added bonus of removing
- * all certs with the same DN.
- */
-SECStatus
-deleteAllEntriesForCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRFileDesc *outfile)
-{
-#if 0
- certDBEntrySubject *subjectEntry;
- certDBEntryNickname *nicknameEntry;
- certDBEntrySMime *smimeEntry;
- int i;
-#endif
-
- if (outfile) {
- PR_fprintf(outfile, "$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$\n\n");
- PR_fprintf(outfile, "Deleting redundant certificate:\n");
- dumpCertificate(cert, -1, outfile);
- }
-
- CERT_TraverseCertsForSubject(handle, cert->subjectList, deleteit, NULL);
-#if 0
- CERT_LockDB(handle);
- subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject);
- /* It had better be there, or created a bad db. */
- PORT_Assert(subjectEntry);
- for (i=0; i<subjectEntry->ncerts; i++) {
- DeleteDBCertEntry(handle, &subjectEntry->certKeys[i]);
- }
- DeleteDBSubjectEntry(handle, &cert->derSubject);
- if (subjectEntry->emailAddr) {
- smimeEntry = ReadDBSMimeEntry(handle, subjectEntry->emailAddr);
- if (smimeEntry) {
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &smimeEntry->subjectName))
- /* Only delete it if it's for this subject! */
- DeleteDBSMimeEntry(handle, subjectEntry->emailAddr);
- SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
- }
- }
- if (subjectEntry->nickname) {
- nicknameEntry = ReadDBNicknameEntry(handle, subjectEntry->nickname);
- if (nicknameEntry) {
- if (SECITEM_ItemsAreEqual(&subjectEntry->derSubject,
- &nicknameEntry->subjectName))
- /* Only delete it if it's for this subject! */
- DeleteDBNicknameEntry(handle, subjectEntry->nickname);
- SEC_DestroyDBEntry((certDBEntry*)nicknameEntry);
- }
- }
- SEC_DestroyDBEntry((certDBEntry*)subjectEntry);
- CERT_UnlockDB(handle);
-#endif
- return SECSuccess;
-}
-
-void
-getCertsToDelete(char *numlist, int len, int *certNums, int nCerts)
-{
- int j, num;
- char *numstr, *numend, *end;
-
- numstr = numlist;
- end = numstr + len - 1;
- while (numstr != end) {
- numend = strpbrk(numstr, ", \n");
- *numend = '\0';
- if (PORT_Strlen(numstr) == 0)
- return;
- num = PORT_Atoi(numstr);
- if (numstr == numlist)
- certNums[0] = num;
- for (j=1; j<nCerts+1; j++) {
- if (num == certNums[j]) {
- certNums[j] = -1;
- break;
- }
- }
- if (numend == end)
- break;
- numstr = strpbrk(numend+1, "0123456789");
- }
-}
-
-PRBool
-userSaysDeleteCert(CERTCertificate **certs, int nCerts,
- int errtype, dbRestoreInfo *info, int *certNums)
-{
- char response[32];
- int32 nb;
- int i;
- /* User wants to remove cert without prompting. */
- if (info->promptUser[errtype] == PR_FALSE)
- return (info->removeType[errtype]);
- switch (errtype) {
- case dbInvalidCert:
- PR_fprintf(PR_STDOUT, "******** Expired ********\n");
- PR_fprintf(PR_STDOUT, "Cert has expired.\n\n");
- dumpCertificate(certs[0], -1, PR_STDOUT);
- PR_fprintf(PR_STDOUT,
- "Keep it? (y/n - this one, Y/N - all expired certs) [n] ");
- break;
- case dbNoSMimeProfile:
- PR_fprintf(PR_STDOUT, "******** No Profile ********\n");
- PR_fprintf(PR_STDOUT, "S/MIME cert has no profile.\n\n");
- dumpCertificate(certs[0], -1, PR_STDOUT);
- PR_fprintf(PR_STDOUT,
- "Keep it? (y/n - this one, Y/N - all S/MIME w/o profile) [n] ");
- break;
- case dbOlderCert:
- PR_fprintf(PR_STDOUT, "******* Redundant nickname/email *******\n\n");
- PR_fprintf(PR_STDOUT, "These certs have the same nickname/email:\n");
- for (i=0; i<nCerts; i++)
- dumpCertificate(certs[i], i, PR_STDOUT);
- PR_fprintf(PR_STDOUT,
- "Enter the certs you would like to keep from those listed above.\n");
- PR_fprintf(PR_STDOUT,
- "Use a comma-separated list of the cert numbers (ex. 0, 8, 12).\n");
- PR_fprintf(PR_STDOUT,
- "The first cert in the list will be the primary cert\n");
- PR_fprintf(PR_STDOUT,
- " accessed by the nickname/email handle.\n");
- PR_fprintf(PR_STDOUT,
- "List cert numbers to keep here, or hit enter\n");
- PR_fprintf(PR_STDOUT,
- " to always keep only the newest cert: ");
- break;
- default:
- }
- nb = PR_Read(PR_STDIN, response, sizeof(response));
- PR_fprintf(PR_STDOUT, "\n\n");
- if (errtype == dbOlderCert) {
- if (!isdigit(response[0])) {
- info->promptUser[errtype] = PR_FALSE;
- info->removeType[errtype] = PR_TRUE;
- return PR_TRUE;
- }
- getCertsToDelete(response, nb, certNums, nCerts);
- return PR_TRUE;
- }
- /* User doesn't want to be prompted for this type anymore. */
- if (response[0] == 'Y') {
- info->promptUser[errtype] = PR_FALSE;
- info->removeType[errtype] = PR_FALSE;
- return PR_FALSE;
- } else if (response[0] == 'N') {
- info->promptUser[errtype] = PR_FALSE;
- info->removeType[errtype] = PR_TRUE;
- return PR_TRUE;
- }
- return (response[0] != 'y') ? PR_TRUE : PR_FALSE;
-}
-
-SECStatus
-addCertToDB(certDBEntryCert *certEntry, dbRestoreInfo *info,
- CERTCertDBHandle *oldhandle)
-{
- SECStatus rv = SECSuccess;
- PRBool allowOverride;
- PRBool userCert;
- SECCertTimeValidity validity;
- CERTCertificate *oldCert = NULL;
- CERTCertificate *dbCert = NULL;
- CERTCertificate *newCert = NULL;
- CERTCertTrust *trust;
- certDBEntrySMime *smimeEntry = NULL;
- char *email = NULL;
- char *nickname = NULL;
- int nCertsForSubject = 1;
-
- oldCert = CERT_DecodeDERCertificate(&certEntry->derCert, PR_FALSE,
- certEntry->nickname);
- if (!oldCert) {
- info->dbErrors[dbBadCertificate]++;
- SEC_DestroyDBEntry((certDBEntry*)certEntry);
- return SECSuccess;
- }
-
- oldCert->dbEntry = certEntry;
- oldCert->trust = &certEntry->trust;
- oldCert->dbhandle = oldhandle;
-
- trust = oldCert->trust;
-
- info->nOldCerts++;
-
- if (info->verbose)
- PR_fprintf(info->out, "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%\n\n");
-
- if (oldCert->nickname)
- nickname = PORT_Strdup(oldCert->nickname);
-
- /* Always keep user certs. Skip ahead. */
- /* XXX if someone sends themselves a signed message, it is possible
- for their cert to be imported as an "other" cert, not a user cert.
- this mucks with smime entries... */
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
- if (userCert)
- goto createcert;
-
- /* If user chooses so, ignore expired certificates. */
- allowOverride = (PRBool)((oldCert->keyUsage == certUsageSSLServer) ||
- (oldCert->keyUsage == certUsageSSLServerWithStepUp));
- validity = CERT_CheckCertValidTimes(oldCert, PR_Now(), allowOverride);
- /* If cert expired and user wants to delete it, ignore it. */
- if ((validity != secCertTimeValid) &&
- userSaysDeleteCert(&oldCert, 1, dbInvalidCert, info, 0)) {
- info->dbErrors[dbInvalidCert]++;
- if (info->verbose) {
- PR_fprintf(info->out, "Deleting expired certificate:\n");
- dumpCertificate(oldCert, -1, info->out);
- }
- goto cleanup;
- }
-
- /* New database will already have default certs, don't attempt
- to overwrite them. */
- dbCert = CERT_FindCertByDERCert(info->handle, &oldCert->derCert);
- if (dbCert) {
- info->nCerts++;
- if (info->verbose) {
- PR_fprintf(info->out, "Added certificate to database:\n");
- dumpCertificate(oldCert, -1, info->out);
- }
- goto cleanup;
- }
-
- /* Determine if cert is S/MIME and get its email if so. */
- email = IsEmailCert(oldCert);
-
- /*
- XXX Just create empty profiles?
- if (email) {
- SECItem *profile = CERT_FindSMimeProfile(oldCert);
- if (!profile &&
- userSaysDeleteCert(&oldCert, 1, dbNoSMimeProfile, info, 0)) {
- info->dbErrors[dbNoSMimeProfile]++;
- if (info->verbose) {
- PR_fprintf(info->out,
- "Deleted cert missing S/MIME profile.\n");
- dumpCertificate(oldCert, -1, info->out);
- }
- goto cleanup;
- } else {
- SECITEM_FreeItem(profile);
- }
- }
- */
-
-createcert:
-
- /* Sometimes happens... */
- if (!nickname && userCert)
- nickname = PORT_Strdup(oldCert->subjectName);
-
- /* Create a new certificate, copy of the old one. */
- newCert = CERT_NewTempCertificate(info->handle, &oldCert->derCert,
- nickname, PR_FALSE, PR_TRUE);
- if (!newCert) {
- PR_fprintf(PR_STDERR, "Unable to create new certificate.\n");
- dumpCertificate(oldCert, -1, PR_STDERR);
- info->dbErrors[dbBadCertificate]++;
- goto cleanup;
- }
-
- /* Add the cert to the new database. */
- rv = CERT_AddTempCertToPerm(newCert, nickname, oldCert->trust);
- if (rv) {
- PR_fprintf(PR_STDERR, "Failed to write temp cert to perm database.\n");
- dumpCertificate(oldCert, -1, PR_STDERR);
- info->dbErrors[dbCertNotWrittenToDB]++;
- goto cleanup;
- }
-
- if (info->verbose) {
- PR_fprintf(info->out, "Added certificate to database:\n");
- dumpCertificate(oldCert, -1, info->out);
- }
-
- /* If the cert is an S/MIME cert, and the first with it's subject,
- * modify the subject entry to include the email address,
- * CERT_AddTempCertToPerm does not do email addresses and S/MIME entries.
- */
- if (smimeEntry) { /*&& !userCert && nCertsForSubject == 1) { */
-#if 0
- UpdateSubjectWithEmailAddr(newCert, email);
-#endif
- SECItem emailProfile, profileTime;
- rv = CERT_FindFullSMimeProfile(oldCert, &emailProfile, &profileTime);
- /* calls UpdateSubjectWithEmailAddr */
- if (rv == SECSuccess)
- rv = CERT_SaveSMimeProfile(newCert, &emailProfile, &profileTime);
- }
-
- info->nCerts++;
-
-cleanup:
-
- if (nickname)
- PORT_Free(nickname);
- if (email)
- PORT_Free(email);
- if (oldCert)
- CERT_DestroyCertificate(oldCert);
- if (dbCert)
- CERT_DestroyCertificate(dbCert);
- if (newCert)
- CERT_DestroyCertificate(newCert);
- if (smimeEntry)
- SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
- return SECSuccess;
-}
-
-#if 0
-SECStatus
-copyDBEntry(SECItem *data, SECItem *key, certDBEntryType type, void *pdata)
-{
- SECStatus rv;
- CERTCertDBHandle *newdb = (CERTCertDBHandle *)pdata;
- certDBEntryCommon common;
- SECItem dbkey;
-
- common.type = type;
- common.version = CERT_DB_FILE_VERSION;
- common.flags = data->data[2];
- common.arena = NULL;
-
- dbkey.len = key->len + SEC_DB_KEY_HEADER_LEN;
- dbkey.data = (unsigned char *)PORT_Alloc(dbkey.len*sizeof(unsigned char));
- PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], key->data, key->len);
- dbkey.data[0] = type;
-
- rv = WriteDBEntry(newdb, &common, &dbkey, data);
-
- PORT_Free(dbkey.data);
- return rv;
-}
-#endif
-
-int
-certIsOlder(CERTCertificate **cert1, CERTCertificate** cert2)
-{
- return !CERT_IsNewer(*cert1, *cert2);
-}
-
-int
-findNewestSubjectForEmail(CERTCertDBHandle *handle, int subjectNum,
- certDBArray *dbArray, dbRestoreInfo *info,
- int *subjectWithSMime, int *smimeForSubject)
-{
- int newestSubject;
- int subjectsForEmail[50];
- int i, j, ns, sNum;
- certDBEntryListNode *subjects = &dbArray->subjects;
- certDBEntryListNode *smime = &dbArray->smime;
- certDBEntrySubject *subjectEntry1, *subjectEntry2;
- certDBEntrySMime *smimeEntry;
- CERTCertificate **certs;
- CERTCertificate *cert;
- CERTCertTrust *trust;
- PRBool userCert;
- int *certNums;
-
- ns = 0;
- subjectEntry1 = (certDBEntrySubject*)&subjects.entries[subjectNum];
- subjectsForEmail[ns++] = subjectNum;
-
- *subjectWithSMime = -1;
- *smimeForSubject = -1;
- newestSubject = subjectNum;
-
- cert = CERT_FindCertByKey(handle, &subjectEntry1->certKeys[0]);
- if (cert) {
- trust = cert->trust;
- userCert = (SEC_GET_TRUST_FLAGS(trust, trustSSL) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustEmail) & CERTDB_USER) ||
- (SEC_GET_TRUST_FLAGS(trust, trustObjectSigning) & CERTDB_USER);
- CERT_DestroyCertificate(cert);
- }
-
- /* Loop over the remaining subjects. */
- for (i=subjectNum+1; i<subjects.numEntries; i++) {
- subjectEntry2 = (certDBEntrySubject*)&subjects.entries[i];
- if (!subjectEntry2)
- continue;
- if (subjectEntry2->emailAddr &&
- PORT_Strcmp(subjectEntry1->emailAddr,
- subjectEntry2->emailAddr) == 0) {
- /* Found a subject using the same email address. */
- subjectsForEmail[ns++] = i;
- }
- }
-
- /* Find the S/MIME entry for this email address. */
- for (i=0; i<smime.numEntries; i++) {
- smimeEntry = (certDBEntrySMime*)&smime.entries[i];
- if (smimeEntry->common.arena == NULL)
- continue;
- if (PORT_Strcmp(subjectEntry1->emailAddr, smimeEntry->emailAddr) == 0) {
- /* Find which of the subjects uses this S/MIME entry. */
- for (j=0; j<ns && *subjectWithSMime < 0; j++) {
- sNum = subjectsForEmail[j];
- subjectEntry2 = (certDBEntrySubject*)&subjects.entries[sNum];
- if (SECITEM_ItemsAreEqual(&smimeEntry->subjectName,
- &subjectEntry2->derSubject)) {
- /* Found the subject corresponding to the S/MIME entry. */
- *subjectWithSMime = sNum;
- *smimeForSubject = i;
- }
- }
- SEC_DestroyDBEntry((certDBEntry*)smimeEntry);
- PORT_Memset(smimeEntry, 0, sizeof(certDBEntry));
- break;
- }
- }
-
- if (ns <= 1)
- return subjectNum;
-
- if (userCert)
- return *subjectWithSMime;
-
- /* Now find which of the subjects has the newest cert. */
- certs = (CERTCertificate**)PORT_Alloc(ns*sizeof(CERTCertificate*));
- certNums = (int*)PORT_Alloc((ns+1)*sizeof(int));
- certNums[0] = 0;
- for (i=0; i<ns; i++) {
- sNum = subjectsForEmail[i];
- subjectEntry1 = (certDBEntrySubject*)&subjects.entries[sNum];
- certs[i] = CERT_FindCertByKey(handle, &subjectEntry1->certKeys[0]);
- certNums[i+1] = i;
- }
- /* Sort the array by validity. */
- qsort(certs, ns, sizeof(CERTCertificate*),
- (int (*)(const void *, const void *))certIsOlder);
- newestSubject = -1;
- for (i=0; i<ns; i++) {
- sNum = subjectsForEmail[i];
- subjectEntry1 = (certDBEntrySubject*)&subjects.entries[sNum];
- if (SECITEM_ItemsAreEqual(&subjectEntry1->derSubject,
- &certs[0]->derSubject))
- newestSubject = sNum;
- else
- SEC_DestroyDBEntry((certDBEntry*)subjectEntry1);
- }
- if (info && userSaysDeleteCert(certs, ns, dbOlderCert, info, certNums)) {
- for (i=1; i<ns+1; i++) {
- if (certNums[i] >= 0 && certNums[i] != certNums[0]) {
- deleteAllEntriesForCert(handle, certs[certNums[i]], info->out);
- info->dbErrors[dbOlderCert]++;
- }
- }
- }
- CERT_DestroyCertArray(certs, ns);
- return newestSubject;
-}
-
-CERTCertDBHandle *
-DBCK_ReconstructDBFromCerts(CERTCertDBHandle *oldhandle, char *newdbname,
- PRFileDesc *outfile, PRBool removeExpired,
- PRBool requireProfile, PRBool singleEntry,
- PRBool promptUser)
-{
- SECStatus rv;
- dbRestoreInfo info;
- certDBEntryContentVersion *oldContentVersion;
- certDBArray dbArray;
- int i;
-
- PORT_Memset(&dbArray, 0, sizeof(dbArray));
- PORT_Memset(&info, 0, sizeof(info));
- info.verbose = (outfile) ? PR_TRUE : PR_FALSE;
- info.out = (outfile) ? outfile : PR_STDOUT;
- info.removeType[dbInvalidCert] = removeExpired;
- info.removeType[dbNoSMimeProfile] = requireProfile;
- info.removeType[dbOlderCert] = singleEntry;
- info.promptUser[dbInvalidCert] = promptUser;
- info.promptUser[dbNoSMimeProfile] = promptUser;
- info.promptUser[dbOlderCert] = promptUser;
-
- /* Allocate a handle to fill with CERT_OpenCertDB below. */
- info.handle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
- if (!info.handle) {
- fprintf(stderr, "unable to get database handle");
- return NULL;
- }
-
- /* Create a certdb with the most recent set of roots. */
- rv = CERT_OpenCertDBFilename(info.handle, newdbname, PR_FALSE);
-
- if (rv) {
- fprintf(stderr, "could not open certificate database");
- goto loser;
- }
-
- /* Create certificate, subject, nickname, and email records.
- * mcom_db seems to have a sequential access bug. Though reads and writes
- * should be allowed during traversal, they seem to screw up the sequence.
- * So, stuff all the cert entries into an array, and loop over the array
- * doing read/writes in the db.
- */
- fillDBEntryArray(oldhandle, certDBEntryTypeCert, &dbArray.certs);
- for (elem = PR_LIST_HEAD(&dbArray->certs.link);
- elem != &dbArray->certs.link; elem = PR_NEXT_LINK(elem)) {
- node = LISTNODE_CAST(elem);
- addCertToDB((certDBEntryCert*)&node->entry, &info, oldhandle);
- /* entries get destroyed in addCertToDB */
- }
-#if 0
- rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeSMimeProfile,
- copyDBEntry, info.handle);
-#endif
-
- /* Fix up the pointers between (nickname|S/MIME) --> (subject).
- * Create S/MIME entries for S/MIME certs.
- * Have the S/MIME entry point to the last-expiring cert using
- * an email address.
- */
-#if 0
- CERT_RedoHandlesForSubjects(info.handle, singleEntry, &info);
-#endif
-
- freeDBEntryList(&dbArray.certs.link);
-
- /* Copy over the version record. */
- /* XXX Already exists - and _must_ be correct... */
- /*
- versionEntry = ReadDBVersionEntry(oldhandle);
- rv = WriteDBVersionEntry(info.handle, versionEntry);
- */
-
- /* Copy over the content version record. */
- /* XXX Can probably get useful info from old content version?
- * Was this db created before/after this tool? etc.
- */
-#if 0
- oldContentVersion = ReadDBContentVersionEntry(oldhandle);
- CERT_SetDBContentVersion(oldContentVersion->contentVersion, info.handle);
-#endif
-
-#if 0
- /* Copy over the CRL & KRL records. */
- rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeRevocation,
- copyDBEntry, info.handle);
- /* XXX Only one KRL, just do db->get? */
- rv = SEC_TraverseDBEntries(oldhandle, certDBEntryTypeKeyRevocation,
- copyDBEntry, info.handle);
-#endif
-
- PR_fprintf(info.out, "Database had %d certificates.\n", info.nOldCerts);
-
- PR_fprintf(info.out, "Reconstructed %d certificates.\n", info.nCerts);
- PR_fprintf(info.out, "(ax) Rejected %d expired certificates.\n",
- info.dbErrors[dbInvalidCert]);
- PR_fprintf(info.out, "(as) Rejected %d S/MIME certificates missing a profile.\n",
- info.dbErrors[dbNoSMimeProfile]);
- PR_fprintf(info.out, "(ar) Rejected %d certificates for which a newer certificate was found.\n",
- info.dbErrors[dbOlderCert]);
- PR_fprintf(info.out, " Rejected %d corrupt certificates.\n",
- info.dbErrors[dbBadCertificate]);
- PR_fprintf(info.out, " Rejected %d certificates which did not write to the DB.\n",
- info.dbErrors[dbCertNotWrittenToDB]);
-
- if (rv)
- goto loser;
-
- return info.handle;
-
-loser:
- if (info.handle)
- PORT_Free(info.handle);
- return NULL;
-}
-#endif /* DORECOVER */
-
-enum {
- cmd_Debug = 0,
- cmd_LongUsage,
- cmd_Recover
-};
-
-enum {
- opt_KeepAll = 0,
- opt_CertDir,
- opt_Dumpfile,
- opt_InputDB,
- opt_OutputDB,
- opt_Mailfile,
- opt_Prompt,
- opt_KeepRedundant,
- opt_KeepNoSMimeProfile,
- opt_Verbose,
- opt_KeepExpired
-};
-
-static secuCommandFlag dbck_commands[] =
-{
- { /* cmd_Debug, */ 'D', PR_FALSE, 0, PR_FALSE },
- { /* cmd_LongUsage,*/ 'H', PR_FALSE, 0, PR_FALSE },
- { /* cmd_Recover, */ 'R', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag dbck_options[] =
-{
- { /* opt_KeepAll, */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_CertDir, */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_Dumpfile, */ 'f', PR_TRUE, 0, PR_FALSE },
- { /* opt_InputDB, */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_OutputDB, */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_Mailfile, */ 'm', PR_FALSE, 0, PR_FALSE },
- { /* opt_Prompt, */ 'p', PR_FALSE, 0, PR_FALSE },
- { /* opt_KeepRedundant, */ 'r', PR_FALSE, 0, PR_FALSE },
- { /* opt_KeepNoSMimeProfile,*/ 's', PR_FALSE, 0, PR_FALSE },
- { /* opt_Verbose, */ 'v', PR_FALSE, 0, PR_FALSE },
- { /* opt_KeepExpired, */ 'x', PR_FALSE, 0, PR_FALSE }
-};
-
-int
-main(int argc, char **argv)
-{
- CERTCertDBHandle *certHandle;
-
- PRFileInfo fileInfo;
- PRFileDesc *mailfile = NULL;
- PRFileDesc *dumpfile = NULL;
-
- char * pathname = 0;
- char * fullname = 0;
- char * newdbname = 0;
-
- PRBool removeExpired, requireProfile, singleEntry;
-
- SECStatus rv;
-
- secuCommand dbck;
- dbck.numCommands = sizeof(dbck_commands) / sizeof(secuCommandFlag);
- dbck.numOptions = sizeof(dbck_options) / sizeof(secuCommandFlag);
- dbck.commands = dbck_commands;
- dbck.options = dbck_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &dbck);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- if (dbck.commands[cmd_LongUsage].activated)
- LongUsage(progName);
-
- if (!dbck.commands[cmd_Debug].activated &&
- !dbck.commands[cmd_Recover].activated) {
- PR_fprintf(PR_STDERR, "Please specify -D or -R.\n");
- Usage(progName);
- }
-
- removeExpired = !(dbck.options[opt_KeepAll].activated ||
- dbck.options[opt_KeepExpired].activated);
-
- requireProfile = !(dbck.options[opt_KeepAll].activated ||
- dbck.options[opt_KeepNoSMimeProfile].activated);
-
- singleEntry = !(dbck.options[opt_KeepAll].activated ||
- dbck.options[opt_KeepRedundant].activated);
-
- if (dbck.options[opt_OutputDB].activated) {
- newdbname = PL_strdup(dbck.options[opt_OutputDB].arg);
- } else {
- newdbname = PL_strdup("new_cert7.db");
- }
-
- /* Create a generic graph of the database. */
- if (dbck.options[opt_Mailfile].activated) {
- mailfile = PR_Open("./mailfile", PR_RDWR | PR_CREATE_FILE, 00660);
- if (!mailfile) {
- fprintf(stderr, "Unable to create mailfile.\n");
- return -1;
- }
- }
-
- /* Dump all debugging info while running. */
- if (dbck.options[opt_Verbose].activated) {
- if (dbck.options[opt_Dumpfile].activated) {
- dumpfile = PR_Open(dbck.options[opt_Dumpfile].arg,
- PR_RDWR | PR_CREATE_FILE, 00660);
- }
- if (!dumpfile) {
- fprintf(stderr, "Unable to create dumpfile.\n");
- return -1;
- }
- }
-
- /* Set the cert database directory. */
- if (dbck.options[opt_CertDir].activated) {
- SECU_ConfigDirectory(dbck.options[opt_CertDir].arg);
- }
-
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- SEC_Init();
-
- certHandle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
- if (!certHandle) {
- SECU_PrintError(progName, "unable to get database handle");
- return -1;
- }
-
- /* Open the possibly corrupt database. */
- if (dbck.options[opt_InputDB].activated) {
- pathname = SECU_ConfigDirectory(NULL);
- fullname = PR_smprintf("%s/%s", pathname,
- dbck.options[opt_InputDB].arg);
- if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) {
- fprintf(stderr, "Unable to read file \"%s\".\n", fullname);
- return -1;
- }
- rv = CERT_OpenCertDBFilename(certHandle, fullname, PR_TRUE);
- } else {
- /* Use the default. */
- fullname = SECU_CertDBNameCallback(NULL, CERT_DB_FILE_VERSION);
- if (PR_GetFileInfo(fullname, &fileInfo) != PR_SUCCESS) {
- fprintf(stderr, "Unable to read file \"%s\".\n", fullname);
- return -1;
- }
- rv = CERT_OpenCertDB(certHandle, PR_TRUE,
- SECU_CertDBNameCallback, NULL);
- }
-
- if (rv) {
- SECU_PrintError(progName, "unable to open cert database");
- return -1;
- }
-
- if (dbck.commands[cmd_Debug].activated) {
- DBCK_DebugDB(certHandle, dumpfile, mailfile);
- return 0;
- }
-
-#ifdef DORECOVER
- if (dbck.commands[cmd_Recover].activated) {
- DBCK_ReconstructDBFromCerts(certHandle, newdbname,
- dumpfile, removeExpired,
- requireProfile, singleEntry,
- dbck.options[opt_Prompt].activated);
- return 0;
- }
-#endif
-
- if (mailfile)
- PR_Close(mailfile);
- if (dumpfile)
- PR_Close(dumpfile);
- if (certHandle) {
- CERT_ClosePermCertDB(certHandle);
- PORT_Free(certHandle);
- }
- return -1;
-}
diff --git a/security/nss/cmd/dbck/manifest.mn b/security/nss/cmd/dbck/manifest.mn
deleted file mode 100644
index 8424f819d..000000000
--- a/security/nss/cmd/dbck/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
- dbck.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = dbck
diff --git a/security/nss/cmd/derdump/Makefile b/security/nss/cmd/derdump/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/derdump/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/derdump/derdump.c b/security/nss/cmd/derdump/derdump.c
deleted file mode 100644
index 603d5f772..000000000
--- a/security/nss/cmd/derdump/derdump.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "nss.h"
-#include <errno.h>
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-#include "plgetopt.h"
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-r] [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s For formatted items, dump raw bytes as well\n",
- "-r");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- char *progName;
- int option;
- FILE *outFile;
- PRFileDesc *inFile;
- SECItem der;
- SECStatus rv;
- int16 xp_error;
- PRBool raw = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- inFile = 0;
- outFile = 0;
- optstate = PL_CreateOptState(argc, argv, "i:o:r");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'r':
- raw = PR_TRUE;
- break;
-
- default:
- Usage(progName);
- break;
- }
- }
- if (status == PL_OPT_BAD)
- Usage(progName);
-
- if (!inFile) inFile = PR_STDIN;
- if (!outFile) outFile = stdout;
-
- rv = NSS_NoDB_Init(NULL); /* XXX */
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- rv = SECU_ReadDERFromFile(&der, inFile, PR_FALSE);
- if (rv == SECSuccess) {
- rv = DER_PrettyPrint(outFile, &der, raw);
- if (rv == SECSuccess)
- return 0;
- }
-
- xp_error = PORT_GetError();
- if (xp_error) {
- SECU_PrintError(progName, "error %d", xp_error);
- }
- if (errno) {
- SECU_PrintSystemError(progName, "errno=%d", errno);
- }
- return 1;
-}
diff --git a/security/nss/cmd/derdump/makefile.win b/security/nss/cmd/derdump/makefile.win
deleted file mode 100644
index 9a9d4edef..000000000
--- a/security/nss/cmd/derdump/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = derdump
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/derdump/manifest.mn b/security/nss/cmd/derdump/manifest.mn
deleted file mode 100644
index c00df3509..000000000
--- a/security/nss/cmd/derdump/manifest.mn
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = derdump.c
-
-PROGRAM = derdump
diff --git a/security/nss/cmd/digest/Makefile b/security/nss/cmd/digest/Makefile
deleted file mode 100644
index 573c12cac..000000000
--- a/security/nss/cmd/digest/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/digest/digest.c b/security/nss/cmd/digest/digest.c
deleted file mode 100644
index b9987265b..000000000
--- a/security/nss/cmd/digest/digest.c
+++ /dev/null
@@ -1,250 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "pk11func.h"
-#include "secoid.h"
-
-#if defined(XP_WIN) || (defined(__sun) && !defined(SVR4))
-#if !defined(WIN32)
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-#endif
-
-#include "plgetopt.h"
-
-static SECOidData *
-HashTypeToOID(HASH_HashType hashtype)
-{
- SECOidTag hashtag;
-
- if (hashtype <= HASH_AlgNULL || hashtype >= HASH_AlgTOTAL)
- return NULL;
-
- switch (hashtype) {
- case HASH_AlgMD2:
- hashtag = SEC_OID_MD2;
- break;
- case HASH_AlgMD5:
- hashtag = SEC_OID_MD5;
- break;
- case HASH_AlgSHA1:
- hashtag = SEC_OID_SHA1;
- break;
- default:
- fprintf(stderr, "A new hash type has been added to HASH_HashType.\n");
- fprintf(stderr, "This program needs to be updated!\n");
- return NULL;
- }
-
- return SECOID_FindOIDByTag(hashtag);
-}
-
-static SECOidData *
-HashNameToOID(const char *hashName)
-{
- HASH_HashType htype;
- SECOidData *hashOID;
-
- for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) {
- hashOID = HashTypeToOID(htype);
- if (PORT_Strcasecmp(hashName, hashOID->desc) == 0)
- break;
- }
-
- if (htype == HASH_AlgTOTAL)
- return NULL;
-
- return hashOID;
-}
-
-static void
-Usage(char *progName)
-{
- HASH_HashType htype;
-
- fprintf(stderr,
- "Usage: %s -t type [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Specify the digest method (must be one of\n",
- "-t type");
- fprintf(stderr, "%-20s ", "");
- for (htype = HASH_AlgNULL + 1; htype < HASH_AlgTOTAL; htype++) {
- fprintf(stderr, HashTypeToOID(htype)->desc);
- if (htype == (HASH_AlgTOTAL - 2))
- fprintf(stderr, " or ");
- else if (htype != (HASH_AlgTOTAL - 1))
- fprintf(stderr, ", ");
- }
- fprintf(stderr, " (case ignored))\n");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-static int
-DigestFile(FILE *outFile, FILE *inFile, SECOidData *hashOID)
-{
- int nb;
- unsigned char ibuf[4096], digest[32];
- PK11Context *hashcx;
- unsigned int len;
- SECStatus rv;
-
- hashcx = PK11_CreateDigestContext(hashOID->offset);
- if (hashcx == NULL) {
- return -1;
- }
- PK11_DigestBegin(hashcx);
-
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- PK11_DestroyContext(hashcx,PR_TRUE);
- return -1;
- }
- /* eof */
- break;
- }
- }
- rv = PK11_DigestOp(hashcx, ibuf, nb);
- if (rv != SECSuccess) {
- PK11_DestroyContext(hashcx, PR_TRUE);
- return -1;
- }
- }
-
- rv = PK11_DigestFinal(hashcx, digest, &len, 32);
- PK11_DestroyContext(hashcx, PR_TRUE);
-
- if (rv != SECSuccess) return -1;
-
- nb = fwrite(digest, 1, len, outFile);
- if (nb != len) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
-
- return 0;
-}
-
-#include "nss.h"
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- int opt;
- FILE *inFile, *outFile;
- char *hashName;
- SECOidData *hashOID;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = NULL;
- outFile = NULL;
- hashName = NULL;
-
- rv = NSS_Init("/tmp");
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: NSS_Init failed in directory %s\n",
- progName, "/tmp");
- return -1;
- }
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "t:i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "r");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 't':
- hashName = strdup(optstate->value);
- break;
- }
- }
-
- if (!hashName) Usage(progName);
-
- if (!inFile) inFile = stdin;
- if (!outFile) outFile = stdout;
-
- hashOID = HashNameToOID(hashName);
- if (hashOID == NULL) {
- fprintf(stderr, "%s: invalid digest type\n", progName);
- Usage(progName);
- }
-
- if (DigestFile(outFile, inFile, hashOID)) {
- fprintf(stderr, "%s: problem digesting data (%s)\n",
- progName, SECU_Strerror(PORT_GetError()));
- return -1;
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/digest/makefile.win b/security/nss/cmd/digest/makefile.win
deleted file mode 100644
index e8ec27ca2..000000000
--- a/security/nss/cmd/digest/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = digest
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/digest/manifest.mn b/security/nss/cmd/digest/manifest.mn
deleted file mode 100644
index 8150b2c1d..000000000
--- a/security/nss/cmd/digest/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = digest.c
-
-PROGRAM = digest
-
diff --git a/security/nss/cmd/ilock/Makefile b/security/nss/cmd/ilock/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/ilock/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/ilock/ilock.c b/security/nss/cmd/ilock/ilock.c
deleted file mode 100644
index 3e2390b8d..000000000
--- a/security/nss/cmd/ilock/ilock.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape Portable Runtime (NSPR).
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** File: ilock.c
-** Description: ilock.c is a unit test for nssilock. ilock.c
-** tests the basic operation of nssilock. It should not be
-** considered a complete test suite.
-**
-** To check that logging works, before running this test,
-** define the following environment variables:
-**
-**
-**
-**
-**
-*/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <plgetopt.h>
-#include <nspr.h>
-#include <nssilock.h>
-
-
-/*
-** Test harness infrastructure
-*/
-PRLogModuleInfo *lm;
-PRLogModuleLevel msgLevel = PR_LOG_NONE;
-PRIntn debug = 0;
-PRUint32 failed_already = 0;
-/* end Test harness infrastructure */
-
-PRIntn optIterations = 1; /* default iterations */
-
-PRIntn main(PRIntn argc, char *argv[])
-{
- PRIntn i;
- {
- /*
- ** Get command line options
- */
- PLOptStatus os;
- PLOptState *opt = PL_CreateOptState(argc, argv, "hdvi:");
-
- while (PL_OPT_EOL != (os = PL_GetNextOpt(opt)))
- {
- if (PL_OPT_BAD == os) continue;
- switch (opt->option)
- {
- case 'd': /* debug */
- debug = 1;
- msgLevel = PR_LOG_ERROR;
- break;
- case 'v': /* verbose mode */
- msgLevel = PR_LOG_DEBUG;
- break;
- case 'i': /* number of iterations */
- optIterations = atol( opt->value );
- if ( 0 == optIterations ) optIterations = 1; /* coerce default on zero */
- break;
- default:
- break;
- }
- }
- PL_DestroyOptState(opt);
- }
-
- for ( i = 0 ; i < optIterations ; i++ ) {
- /* First, test Lock */
- {
- PZLock *pl;
- PZMonitor *pm;
- PZCondVar *cv;
- PRStatus rc;
-
- pl = PZ_NewLock( nssILockOther );
- if ( NULL == pl ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- PZ_Lock( pl );
-
- rc = PZ_Unlock( pl );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- PZ_DestroyLock( pl );
-
- /* now, test CVar */
- /* re-create the lock we just destroyed */
- pl = PZ_NewLock( nssILockOther );
- if ( NULL == pl ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- cv = PZ_NewCondVar( pl );
- if ( NULL == cv ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- PZ_Lock( pl );
- rc = PZ_NotifyCondVar( cv );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- rc = PZ_NotifyAllCondVar( cv );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- rc = PZ_WaitCondVar( cv, PR_SecondsToInterval(1));
- if ( PR_FAILURE == rc ) {
- if ( PR_UNKNOWN_ERROR != PR_GetError()) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- }
- PZ_Unlock( pl );
- PZ_DestroyCondVar( cv );
-
- /* Now, test Monitor */
- pm = PZ_NewMonitor( nssILockOther );
- if ( NULL == pm ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
-
- PZ_EnterMonitor( pm );
-
- rc = PZ_Notify( pm );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- rc = PZ_NotifyAll( pm );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- rc = PZ_Wait( pm, PR_INTERVAL_NO_WAIT );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- rc = PZ_ExitMonitor( pm );
- if ( PR_FAILURE == rc ) {
- failed_already = PR_TRUE;
- goto Finished;
- }
- PZ_DestroyMonitor( pm );
- }
- } /* --- end for() --- */
-
-
-Finished:
- if (debug) printf("%s\n", (failed_already)? "FAIL" : "PASS");
- return( (failed_already == PR_TRUE )? 1 : 0 );
-} /* main() */
-/* end ilock.c */
-
diff --git a/security/nss/cmd/ilock/manifest.mn b/security/nss/cmd/ilock/manifest.mn
deleted file mode 100644
index fcea16608..000000000
--- a/security/nss/cmd/ilock/manifest.mn
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = ilock.c
-
-PROGRAM = ilock
-# PROGRAM = ./$(OBJDIR)/ilock.exe
-
diff --git a/security/nss/cmd/include/secnew.h b/security/nss/cmd/include/secnew.h
deleted file mode 100644
index eb4c30acd..000000000
--- a/security/nss/cmd/include/secnew.h
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef __secnew_h_
-#define __secnew_h_
-
-#include <stdio.h>
-
-typedef struct BERTemplateStr BERTemplate;
-typedef struct BERParseStr BERParse;
-typedef struct SECArbStr SECArb;
-
-/*
- * An array of these structures define an encoding for an object using
- * DER. The array is terminated with an entry where kind == 0.
- */
-struct BERTemplateStr {
- /* Kind of item to decode/encode */
- unsigned long kind;
-
- /*
- * Offset from base of structure to SECItem that will hold
- * decoded/encoded value.
- */
- unsigned short offset;
-
- /*
- * Used with DER_SET or DER_SEQUENCE. If not zero then points to a
- * sub-template. The sub-template is filled in and completed before
- * continuing on.
- */
- BERTemplate *sub;
-
- /*
- * Argument value, dependent on kind. Size of structure to allocate
- * when kind==DER_POINTER For Context-Specific Implicit types its the
- * underlying type to use.
- */
- unsigned long arg;
-};
-
-/*
- * an arbitrary object
- */
-struct SECArbStr {
- unsigned long tag; /* NOTE: does not support high tag form */
- unsigned long length; /* as reported in stream */
- union {
- SECItem item;
- struct {
- int numSubs;
- SECArb **subs;
- } cons;
- } body;
-};
-
-/*
- * Decode a piece of der encoded data.
- * "dest" points to a structure that will be filled in with the
- * decoding results.
- * "t" is a template structure which defines the shape of the
- * expected data.
- * "src" is the ber encoded data.
- */
-
-extern SECStatus BER_Decode(PRArenaPool * arena, void *dest, BERTemplate *t,
- SECArb *arb);
-
-
-/*
- * Encode a data structure into DER.
- * "dest" will be filled in (and memory allocated) to hold the der
- * encoded structure in "src"
- * "t" is a template structure which defines the shape of the
- * stored data
- * "src" is a pointer to the structure that will be encoded
- */
-
-extern SECStatus BER_Encode(PRArenaPool *arena, SECItem *dest, BERTemplate *t,
- void *src);
-
-/*
- * Client provided function that will get called with all the bytes
- * passing through the parser
- */
-typedef void (*BERFilterProc)(void *instance, unsigned char *buf, int length);
-
-/*
- * Client provided function that can will be called after the tag and
- * length information has been collected. It can be set up to be called
- * either before or after the data has been colleced.
- */
-typedef void (*BERNotifyProc)(
- void *instance, SECArb *arb, int depth, PRBool before);
-
-extern BERParse *BER_ParseInit(PRArenaPool *arena, PRBool forceDER);
-extern SECArb *BER_ParseFini(BERParse *h);
-extern SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len);
-
-extern void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance);
-extern void BER_SetLeafStorage(BERParse *h, PRBool keep);
-extern void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance,
- PRBool beforeData);
-
-/*
- * A BERUnparseProc is used as a callback to put the encoded SECArb tree
- * tree to some stream. It returns PR_TRUE if the unparsing is to be
- * aborted.
- */
-typedef SECStatus (*BERUnparseProc)(
- void *instance, unsigned char *data, int length, SECArb* arb);
-
-/*
- * BER_Unparse walks the SECArb tree calling the BERUnparseProc with
- * various pieces. It returns SECFailure if there was an error during that
- * tree walk.
- */
-extern SECStatus BER_Unparse(SECArb *arb, BERUnparseProc proc, void *instance);
-
-/*
- * BER_ResolveLengths does a recursive walk through the tree generating
- * non-zero entries for the length field of each node. It will fail if it
- * discoveres a non-constructed node with a unknown length data field.
- * Leaves are supposed to be of known length.
- */
-extern SECStatus BER_ResolveLengths(SECArb *arb);
-
-/*
- * BER_PRettyPrintArb will write an ASCII version of the tree to the FILE
- * out.
- */
-extern SECStatus BER_PrettyPrintArb(FILE *out, SECArb* a);
-
-#endif /* __secnew_h_ */
diff --git a/security/nss/cmd/keyutil/Makefile b/security/nss/cmd/keyutil/Makefile
deleted file mode 100644
index a2ed814be..000000000
--- a/security/nss/cmd/keyutil/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/keyutil/keyutil.c b/security/nss/cmd/keyutil/keyutil.c
deleted file mode 100644
index 65e6ad8b0..000000000
--- a/security/nss/cmd/keyutil/keyutil.c
+++ /dev/null
@@ -1,340 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#include <sys/time.h>
-#include <termios.h>
-#endif
-
-#include "secopt.h"
-
-#if defined(XP_WIN)
-#include <time.h>
-#include <conio.h>
-#endif
-
-#if defined(__sun) && !defined(SVR4)
-extern int fclose(FILE*);
-extern int fprintf(FILE *, char *, ...);
-extern int getopt(int, char**, char*);
-extern int isatty(int);
-extern char *optarg;
-extern char *sys_errlist[];
-#define strerror(errno) sys_errlist[errno]
-#endif
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-static char *progName;
-
-static SECStatus
-ListKeys(SECKEYKeyDBHandle *handle, FILE *out)
-{
- int rt;
-
- rt = SECU_PrintKeyNames(handle, out);
- if (rt) {
- SECU_PrintError(progName, "unable to list nicknames");
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECStatus
-DumpPublicKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out)
-{
- SECKEYLowPrivateKey *privKey;
- SECKEYLowPublicKey *publicKey;
-
- /* check if key actually exists */
- if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) {
- SECU_PrintError(progName, "the key \"%s\" does not exist", nickname);
- return SECFailure;
- }
-
- /* Read in key */
- privKey = SECU_GetPrivateKey(handle, nickname);
- if (!privKey) {
- return SECFailure;
- }
-
- publicKey = SECKEY_LowConvertToPublicKey(privKey);
-
- /* Output public key (in the clear) */
- switch(publicKey->keyType) {
- case rsaKey:
- fprintf(out, "RSA Public-Key:\n");
- SECU_PrintInteger(out, &publicKey->u.rsa.modulus, "modulus", 1);
- SECU_PrintInteger(out, &publicKey->u.rsa.publicExponent,
- "publicExponent", 1);
- break;
- case dsaKey:
- fprintf(out, "DSA Public-Key:\n");
- SECU_PrintInteger(out, &publicKey->u.dsa.params.prime, "prime", 1);
- SECU_PrintInteger(out, &publicKey->u.dsa.params.subPrime,
- "subPrime", 1);
- SECU_PrintInteger(out, &publicKey->u.dsa.params.base, "base", 1);
- SECU_PrintInteger(out, &publicKey->u.dsa.publicValue, "publicValue", 1);
- break;
- default:
- fprintf(out, "unknown key type\n");
- break;
- }
- return SECSuccess;
-}
-
-static SECStatus
-DumpPrivateKey(SECKEYKeyDBHandle *handle, char *nickname, FILE *out)
-{
- SECKEYLowPrivateKey *key;
-
- /* check if key actually exists */
- if (SECU_CheckKeyNameExists(handle, nickname) == PR_FALSE) {
- SECU_PrintError(progName, "the key \"%s\" does not exist", nickname);
- return SECFailure;
- }
-
- /* Read in key */
- key = SECU_GetPrivateKey(handle, nickname);
- if (!key) {
- SECU_PrintError(progName, "error retrieving key");
- return SECFailure;
- }
-
- switch(key->keyType) {
- case rsaKey:
- fprintf(out, "RSA Private-Key:\n");
- SECU_PrintInteger(out, &key->u.rsa.modulus, "modulus", 1);
- SECU_PrintInteger(out, &key->u.rsa.publicExponent, "publicExponent", 1);
- SECU_PrintInteger(out, &key->u.rsa.privateExponent,
- "privateExponent", 1);
- SECU_PrintInteger(out, &key->u.rsa.prime1, "prime1", 1);
- SECU_PrintInteger(out, &key->u.rsa.prime2, "prime2", 1);
- SECU_PrintInteger(out, &key->u.rsa.exponent1, "exponent1", 1);
- SECU_PrintInteger(out, &key->u.rsa.exponent2, "exponent2", 1);
- SECU_PrintInteger(out, &key->u.rsa.coefficient, "coefficient", 1);
- break;
- case dsaKey:
- fprintf(out, "DSA Private-Key:\n");
- SECU_PrintInteger(out, &key->u.dsa.params.prime, "prime", 1);
- SECU_PrintInteger(out, &key->u.dsa.params.subPrime, "subPrime", 1);
- SECU_PrintInteger(out, &key->u.dsa.params.base, "base", 1);
- SECU_PrintInteger(out, &key->u.dsa.publicValue, "publicValue", 1);
- SECU_PrintInteger(out, &key->u.dsa.privateValue, "privateValue", 1);
- break;
- default:
- fprintf(out, "unknown key type\n");
- break;
- }
- return SECSuccess;
-}
-
-static SECStatus
-ChangePassword(SECKEYKeyDBHandle *handle)
-{
- SECStatus rv;
-
- /* Write out database with a new password */
- rv = SECU_ChangeKeyDBPassword(handle, NULL);
- if (rv) {
- SECU_PrintError(progName, "unable to change key password");
- }
- return rv;
-}
-
-static SECStatus
-DeletePrivateKey (SECKEYKeyDBHandle *keyHandle, char *nickName)
-{
- SECStatus rv;
-
- rv = SECU_DeleteKeyByName (keyHandle, nickName);
- if (rv != SECSuccess)
- fprintf(stderr, "%s: problem deleting private key (%s)\n",
- progName, SECU_Strerror(PR_GetError()));
- return (rv);
-
-}
-
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
- "Usage: %s -p name [-d keydir]\n", progName);
- fprintf(stderr,
- " %s -P name [-d keydir]\n", progName);
- fprintf(stderr,
- " %s -D name [-d keydir]\n", progName);
- fprintf(stderr,
- " %s -l [-d keydir]\n", progName);
- fprintf(stderr,
- " %s -c [-d keydir]\n", progName);
-
- fprintf(stderr, "%-20s Pretty print public key info for named key\n",
- "-p nickname");
- fprintf(stderr, "%-20s Pretty print private key info for named key\n",
- "-P nickname");
- fprintf(stderr, "%-20s Delete named private key from the key database\n",
- "-D nickname");
- fprintf(stderr, "%-20s List the nicknames for the keys in a database\n",
- "-l");
- fprintf(stderr, "%-20s Change the key database password\n",
- "-c");
- fprintf(stderr, "\n");
- fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
- "-d keydir");
-
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- int o, changePassword, deleteKey, dumpPublicKey, dumpPrivateKey, list;
- char *nickname;
- SECStatus rv;
- SECKEYKeyDBHandle *keyHandle;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- changePassword = deleteKey = dumpPublicKey = dumpPrivateKey = list = 0;
- nickname = NULL;
-
- while ((o = getopt(argc, argv, "ADP:cd:glp:")) != -1) {
- switch (o) {
- case '?':
- Usage(progName);
- break;
-
- case 'A':
- fprintf(stderr, "%s: Can no longer add a key.", progName);
- fprintf(stderr, " Use pkcs12 to import a key.\n\n");
- Usage(progName);
- break;
-
- case 'D':
- deleteKey = 1;
- nickname = optarg;
- break;
-
- case 'P':
- dumpPrivateKey = 1;
- nickname = optarg;
- break;
-
- case 'c':
- changePassword = 1;
- break;
-
- case 'd':
- SECU_ConfigDirectory(optarg);
- break;
-
- case 'g':
- fprintf(stderr, "%s: Can no longer generate a key.", progName);
- fprintf(stderr, " Use certutil to generate a cert request.\n\n");
- Usage(progName);
- break;
-
- case 'l':
- list = 1;
- break;
-
- case 'p':
- dumpPublicKey = 1;
- nickname = optarg;
- break;
- }
- }
-
- if (dumpPublicKey+changePassword+dumpPrivateKey+list+deleteKey != 1)
- Usage(progName);
-
- if ((list || changePassword) && nickname)
- Usage(progName);
-
- if ((dumpPublicKey || dumpPrivateKey || deleteKey) && !nickname)
- Usage(progName);
-
-
- /* Call the libsec initialization routines */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- SEC_Init();
-
- /*
- * XXX Note that the following opens the key database writable.
- * If dumpPublicKey or dumpPrivateKey or list, though, we only want
- * to open it read-only. There needs to be a better interface
- * to the initialization routines so that we can specify which way
- * to open it.
- */
- rv = SECU_PKCS11Init();
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "SECU_PKCS11Init failed");
- return -1;
- }
-
- keyHandle = SECKEY_GetDefaultKeyDB();
- if (keyHandle == NULL) {
- SECU_PrintError(progName, "could not open key database");
- return -1;
- }
-
- if (dumpPublicKey) {
- rv = DumpPublicKey(keyHandle, nickname, stdout);
- } else
- if (changePassword) {
- rv = ChangePassword(keyHandle);
- } else
- if (dumpPrivateKey) {
- rv = DumpPrivateKey(keyHandle, nickname, stdout);
- } else
- if (list) {
- rv = ListKeys(keyHandle, stdout);
- } else
- if (deleteKey) {
- rv = DeletePrivateKey(keyHandle, nickname);
- }
-
-
- return rv ? -1 : 0;
-}
diff --git a/security/nss/cmd/keyutil/manifest.mn b/security/nss/cmd/keyutil/manifest.mn
deleted file mode 100644
index 40b938cac..000000000
--- a/security/nss/cmd/keyutil/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
- keyutil.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-
-PROGRAM = keyutil
diff --git a/security/nss/cmd/lib/Makefile b/security/nss/cmd/lib/Makefile
deleted file mode 100644
index 0769c80a3..000000000
--- a/security/nss/cmd/lib/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
diff --git a/security/nss/cmd/lib/NSPRerrs.h b/security/nss/cmd/lib/NSPRerrs.h
deleted file mode 100644
index bacdef6b2..000000000
--- a/security/nss/cmd/lib/NSPRerrs.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* General NSPR 2.0 errors */
-/* Caller must #include "prerror.h" */
-
-ER2( PR_OUT_OF_MEMORY_ERROR, "Memory allocation attempt failed." )
-ER2( PR_BAD_DESCRIPTOR_ERROR, "Invalid file descriptor." )
-ER2( PR_WOULD_BLOCK_ERROR, "The operation would have blocked." )
-ER2( PR_ACCESS_FAULT_ERROR, "Invalid memory address argument." )
-ER2( PR_INVALID_METHOD_ERROR, "Invalid function for file type." )
-ER2( PR_ILLEGAL_ACCESS_ERROR, "Invalid memory address argument." )
-ER2( PR_UNKNOWN_ERROR, "Some unknown error has occurred." )
-ER2( PR_PENDING_INTERRUPT_ERROR,"Operation interrupted by another thread." )
-ER2( PR_NOT_IMPLEMENTED_ERROR, "function not implemented." )
-ER2( PR_IO_ERROR, "I/O function error." )
-ER2( PR_IO_TIMEOUT_ERROR, "I/O operation timed out." )
-ER2( PR_IO_PENDING_ERROR, "I/O operation on busy file descriptor." )
-ER2( PR_DIRECTORY_OPEN_ERROR, "The directory could not be opened." )
-ER2( PR_INVALID_ARGUMENT_ERROR, "Invalid function argument." )
-ER2( PR_ADDRESS_NOT_AVAILABLE_ERROR, "Network address not available (in use?)." )
-ER2( PR_ADDRESS_NOT_SUPPORTED_ERROR, "Network address type not supported." )
-ER2( PR_IS_CONNECTED_ERROR, "Already connected." )
-ER2( PR_BAD_ADDRESS_ERROR, "Network address is invalid." )
-ER2( PR_ADDRESS_IN_USE_ERROR, "Local Network address is in use." )
-ER2( PR_CONNECT_REFUSED_ERROR, "Connection refused by peer." )
-ER2( PR_NETWORK_UNREACHABLE_ERROR, "Network address is presently unreachable." )
-ER2( PR_CONNECT_TIMEOUT_ERROR, "Connection attempt timed out." )
-ER2( PR_NOT_CONNECTED_ERROR, "Network file descriptor is not connected." )
-ER2( PR_LOAD_LIBRARY_ERROR, "Failure to load dynamic library." )
-ER2( PR_UNLOAD_LIBRARY_ERROR, "Failure to unload dynamic library." )
-ER2( PR_FIND_SYMBOL_ERROR,
-"Symbol not found in any of the loaded dynamic libraries." )
-ER2( PR_INSUFFICIENT_RESOURCES_ERROR, "Insufficient system resources." )
-ER2( PR_DIRECTORY_LOOKUP_ERROR,
-"A directory lookup on a network address has failed." )
-ER2( PR_TPD_RANGE_ERROR,
-"Attempt to access a TPD key that is out of range." )
-ER2( PR_PROC_DESC_TABLE_FULL_ERROR, "Process open FD table is full." )
-ER2( PR_SYS_DESC_TABLE_FULL_ERROR, "System open FD table is full." )
-ER2( PR_NOT_SOCKET_ERROR,
-"Network operation attempted on non-network file descriptor." )
-ER2( PR_NOT_TCP_SOCKET_ERROR,
-"TCP-specific function attempted on a non-TCP file descriptor." )
-ER2( PR_SOCKET_ADDRESS_IS_BOUND_ERROR, "TCP file descriptor is already bound." )
-ER2( PR_NO_ACCESS_RIGHTS_ERROR, "Access Denied." )
-ER2( PR_OPERATION_NOT_SUPPORTED_ERROR,
-"The requested operation is not supported by the platform." )
-ER2( PR_PROTOCOL_NOT_SUPPORTED_ERROR,
-"The host operating system does not support the protocol requested." )
-ER2( PR_REMOTE_FILE_ERROR, "Access to the remote file has been severed." )
-ER2( PR_BUFFER_OVERFLOW_ERROR,
-"The value requested is too large to be stored in the data buffer provided." )
-ER2( PR_CONNECT_RESET_ERROR, "TCP connection reset by peer." )
-ER2( PR_RANGE_ERROR, "Unused." )
-ER2( PR_DEADLOCK_ERROR, "The operation would have deadlocked." )
-ER2( PR_FILE_IS_LOCKED_ERROR, "The file is already locked." )
-ER2( PR_FILE_TOO_BIG_ERROR,
-"Write would result in file larger than the system allows." )
-ER2( PR_NO_DEVICE_SPACE_ERROR, "The device for storing the file is full." )
-ER2( PR_PIPE_ERROR, "Unused." )
-ER2( PR_NO_SEEK_DEVICE_ERROR, "Unused." )
-ER2( PR_IS_DIRECTORY_ERROR,
-"Cannot perform a normal file operation on a directory." )
-ER2( PR_LOOP_ERROR, "Symbolic link loop." )
-ER2( PR_NAME_TOO_LONG_ERROR, "File name is too long." )
-ER2( PR_FILE_NOT_FOUND_ERROR, "File not found." )
-ER2( PR_NOT_DIRECTORY_ERROR,
-"Cannot perform directory operation on a normal file." )
-ER2( PR_READ_ONLY_FILESYSTEM_ERROR,
-"Cannot write to a read-only file system." )
-ER2( PR_DIRECTORY_NOT_EMPTY_ERROR,
-"Cannot delete a directory that is not empty." )
-ER2( PR_FILESYSTEM_MOUNTED_ERROR,
-"Cannot delete or rename a file object while the file system is busy." )
-ER2( PR_NOT_SAME_DEVICE_ERROR,
-"Cannot rename a file to a file system on another device." )
-ER2( PR_DIRECTORY_CORRUPTED_ERROR,
-"The directory object in the file system is corrupted." )
-ER2( PR_FILE_EXISTS_ERROR,
-"Cannot create or rename a filename that already exists." )
-ER2( PR_MAX_DIRECTORY_ENTRIES_ERROR,
-"Directory is full. No additional filenames may be added." )
-ER2( PR_INVALID_DEVICE_STATE_ERROR,
-"The required device was in an invalid state." )
-ER2( PR_DEVICE_IS_LOCKED_ERROR, "The device is locked." )
-ER2( PR_NO_MORE_FILES_ERROR, "No more entries in the directory." )
-ER2( PR_END_OF_FILE_ERROR, "Encountered end of file." )
-ER2( PR_FILE_SEEK_ERROR, "Seek error." )
-ER2( PR_FILE_IS_BUSY_ERROR, "The file is busy." )
-ER2( PR_IN_PROGRESS_ERROR,
-"Operation is still in progress (probably a non-blocking connect)." )
-ER2( PR_ALREADY_INITIATED_ERROR,
-"Operation has already been initiated (probably a non-blocking connect)." )
-
-#ifdef PR_GROUP_EMPTY_ERROR
-ER2( PR_GROUP_EMPTY_ERROR, "The wait group is empty." )
-#endif
-
-#ifdef PR_INVALID_STATE_ERROR
-ER2( PR_INVALID_STATE_ERROR, "Object state improper for request." )
-#endif
-
-ER2( PR_MAX_ERROR, "Placeholder for the end of the list" )
diff --git a/security/nss/cmd/lib/SECerrs.h b/security/nss/cmd/lib/SECerrs.h
deleted file mode 100644
index 41bb03101..000000000
--- a/security/nss/cmd/lib/SECerrs.h
+++ /dev/null
@@ -1,442 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* General security error codes */
-/* Caller must #include "secerr.h" */
-
-ER3(SEC_ERROR_IO, SEC_ERROR_BASE + 0,
-"An I/O error occurred during security authorization.")
-
-ER3(SEC_ERROR_LIBRARY_FAILURE, SEC_ERROR_BASE + 1,
-"security library failure.")
-
-ER3(SEC_ERROR_BAD_DATA, SEC_ERROR_BASE + 2,
-"security library: received bad data.")
-
-ER3(SEC_ERROR_OUTPUT_LEN, SEC_ERROR_BASE + 3,
-"security library: output length error.")
-
-ER3(SEC_ERROR_INPUT_LEN, SEC_ERROR_BASE + 4,
-"security library has experienced an input length error.")
-
-ER3(SEC_ERROR_INVALID_ARGS, SEC_ERROR_BASE + 5,
-"security library: invalid arguments.")
-
-ER3(SEC_ERROR_INVALID_ALGORITHM, SEC_ERROR_BASE + 6,
-"security library: invalid algorithm.")
-
-ER3(SEC_ERROR_INVALID_AVA, SEC_ERROR_BASE + 7,
-"security library: invalid AVA.")
-
-ER3(SEC_ERROR_INVALID_TIME, SEC_ERROR_BASE + 8,
-"Improperly formatted time string.")
-
-ER3(SEC_ERROR_BAD_DER, SEC_ERROR_BASE + 9,
-"security library: improperly formatted DER-encoded message.")
-
-ER3(SEC_ERROR_BAD_SIGNATURE, SEC_ERROR_BASE + 10,
-"Peer's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_EXPIRED_CERTIFICATE, SEC_ERROR_BASE + 11,
-"Peer's Certificate has expired.")
-
-ER3(SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_BASE + 12,
-"Peer's Certificate has been revoked.")
-
-ER3(SEC_ERROR_UNKNOWN_ISSUER, SEC_ERROR_BASE + 13,
-"Peer's Certificate issuer is not recognized.")
-
-ER3(SEC_ERROR_BAD_KEY, SEC_ERROR_BASE + 14,
-"Peer's public key is invalid.")
-
-ER3(SEC_ERROR_BAD_PASSWORD, SEC_ERROR_BASE + 15,
-"The security password entered is incorrect.")
-
-ER3(SEC_ERROR_RETRY_PASSWORD, SEC_ERROR_BASE + 16,
-"New password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_NO_NODELOCK, SEC_ERROR_BASE + 17,
-"security library: no nodelock.")
-
-ER3(SEC_ERROR_BAD_DATABASE, SEC_ERROR_BASE + 18,
-"security library: bad database.")
-
-ER3(SEC_ERROR_NO_MEMORY, SEC_ERROR_BASE + 19,
-"security library: memory allocation failure.")
-
-ER3(SEC_ERROR_UNTRUSTED_ISSUER, SEC_ERROR_BASE + 20,
-"Peer's certificate issuer has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_UNTRUSTED_CERT, SEC_ERROR_BASE + 21,
-"Peer's certificate has been marked as not trusted by the user.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT, (SEC_ERROR_BASE + 22),
-"Certificate already exists in your database.")
-
-ER3(SEC_ERROR_DUPLICATE_CERT_NAME, (SEC_ERROR_BASE + 23),
-"Downloaded certificate's name duplicates one already in your database.")
-
-ER3(SEC_ERROR_ADDING_CERT, (SEC_ERROR_BASE + 24),
-"Error adding certificate to database.")
-
-ER3(SEC_ERROR_FILING_KEY, (SEC_ERROR_BASE + 25),
-"Error refiling the key for this certificate.")
-
-ER3(SEC_ERROR_NO_KEY, (SEC_ERROR_BASE + 26),
-"The private key for this certificate cannot be found in key database")
-
-ER3(SEC_ERROR_CERT_VALID, (SEC_ERROR_BASE + 27),
-"This certificate is valid.")
-
-ER3(SEC_ERROR_CERT_NOT_VALID, (SEC_ERROR_BASE + 28),
-"This certificate is not valid.")
-
-ER3(SEC_ERROR_CERT_NO_RESPONSE, (SEC_ERROR_BASE + 29),
-"Cert Library: No Response")
-
-ER3(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, (SEC_ERROR_BASE + 30),
-"The certificate issuer's certificate has expired. Check your system date and time.")
-
-ER3(SEC_ERROR_CRL_EXPIRED, (SEC_ERROR_BASE + 31),
-"The CRL for the certificate's issuer has expired. Update it or check your system data and time.")
-
-ER3(SEC_ERROR_CRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 32),
-"The CRL for the certificate's issuer has an invalid signature.")
-
-ER3(SEC_ERROR_CRL_INVALID, (SEC_ERROR_BASE + 33),
-"New CRL has an invalid format.")
-
-ER3(SEC_ERROR_EXTENSION_VALUE_INVALID, (SEC_ERROR_BASE + 34),
-"Certificate extension value is invalid.")
-
-ER3(SEC_ERROR_EXTENSION_NOT_FOUND, (SEC_ERROR_BASE + 35),
-"Certificate extension not found.")
-
-ER3(SEC_ERROR_CA_CERT_INVALID, (SEC_ERROR_BASE + 36),
-"Issuer certificate is invalid.")
-
-ER3(SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, (SEC_ERROR_BASE + 37),
-"Certificate path length constraint is invalid.")
-
-ER3(SEC_ERROR_CERT_USAGES_INVALID, (SEC_ERROR_BASE + 38),
-"Certificate usages field is invalid.")
-
-ER3(SEC_INTERNAL_ONLY, (SEC_ERROR_BASE + 39),
-"**Internal ONLY module**")
-
-ER3(SEC_ERROR_INVALID_KEY, (SEC_ERROR_BASE + 40),
-"The key does not support the requested operation.")
-
-ER3(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, (SEC_ERROR_BASE + 41),
-"Certificate contains unknown critical extension.")
-
-ER3(SEC_ERROR_OLD_CRL, (SEC_ERROR_BASE + 42),
-"New CRL is not later than the current one.")
-
-ER3(SEC_ERROR_NO_EMAIL_CERT, (SEC_ERROR_BASE + 43),
-"Not encrypted or signed: you do not yet have an email certificate.")
-
-ER3(SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, (SEC_ERROR_BASE + 44),
-"Not encrypted: you do not have certificates for each of the recipients.")
-
-ER3(SEC_ERROR_NOT_A_RECIPIENT, (SEC_ERROR_BASE + 45),
-"Cannot decrypt: you are not a recipient, or matching certificate and \
-private key not found.")
-
-ER3(SEC_ERROR_PKCS7_KEYALG_MISMATCH, (SEC_ERROR_BASE + 46),
-"Cannot decrypt: key encryption algorithm does not match your certificate.")
-
-ER3(SEC_ERROR_PKCS7_BAD_SIGNATURE, (SEC_ERROR_BASE + 47),
-"Signature verification failed: no signer found, too many signers found, \
-or improper or corrupted data.")
-
-ER3(SEC_ERROR_UNSUPPORTED_KEYALG, (SEC_ERROR_BASE + 48),
-"Unsupported or unknown key algorithm.")
-
-ER3(SEC_ERROR_DECRYPTION_DISALLOWED, (SEC_ERROR_BASE + 49),
-"Cannot decrypt: encrypted using a disallowed algorithm or key size.")
-
-
-/* Fortezza Alerts */
-ER3(XP_SEC_FORTEZZA_BAD_CARD, (SEC_ERROR_BASE + 50),
-"Fortezza card has not been properly initialized. \
-Please remove it and return it to your issuer.")
-
-ER3(XP_SEC_FORTEZZA_NO_CARD, (SEC_ERROR_BASE + 51),
-"No Fortezza cards Found")
-
-ER3(XP_SEC_FORTEZZA_NONE_SELECTED, (SEC_ERROR_BASE + 52),
-"No Fortezza card selected")
-
-ER3(XP_SEC_FORTEZZA_MORE_INFO, (SEC_ERROR_BASE + 53),
-"Please select a personality to get more info on")
-
-ER3(XP_SEC_FORTEZZA_PERSON_NOT_FOUND, (SEC_ERROR_BASE + 54),
-"Personality not found")
-
-ER3(XP_SEC_FORTEZZA_NO_MORE_INFO, (SEC_ERROR_BASE + 55),
-"No more information on that Personality")
-
-ER3(XP_SEC_FORTEZZA_BAD_PIN, (SEC_ERROR_BASE + 56),
-"Invalid Pin")
-
-ER3(XP_SEC_FORTEZZA_PERSON_ERROR, (SEC_ERROR_BASE + 57),
-"Couldn't initialize Fortezza personalities.")
-/* end fortezza alerts. */
-
-ER3(SEC_ERROR_NO_KRL, (SEC_ERROR_BASE + 58),
-"No KRL for this site's certificate has been found.")
-
-ER3(SEC_ERROR_KRL_EXPIRED, (SEC_ERROR_BASE + 59),
-"The KRL for this site's certificate has expired.")
-
-ER3(SEC_ERROR_KRL_BAD_SIGNATURE, (SEC_ERROR_BASE + 60),
-"The KRL for this site's certificate has an invalid signature.")
-
-ER3(SEC_ERROR_REVOKED_KEY, (SEC_ERROR_BASE + 61),
-"The key for this site's certificate has been revoked.")
-
-ER3(SEC_ERROR_KRL_INVALID, (SEC_ERROR_BASE + 62),
-"New KRL has an invalid format.")
-
-ER3(SEC_ERROR_NEED_RANDOM, (SEC_ERROR_BASE + 63),
-"security library: need random data.")
-
-ER3(SEC_ERROR_NO_MODULE, (SEC_ERROR_BASE + 64),
-"security library: no security module can perform the requested operation.")
-
-ER3(SEC_ERROR_NO_TOKEN, (SEC_ERROR_BASE + 65),
-"The security card or token does not exist, needs to be initialized, or has been removed.")
-
-ER3(SEC_ERROR_READ_ONLY, (SEC_ERROR_BASE + 66),
-"security library: read-only database.")
-
-ER3(SEC_ERROR_NO_SLOT_SELECTED, (SEC_ERROR_BASE + 67),
-"No slot or token was selected.")
-
-ER3(SEC_ERROR_CERT_NICKNAME_COLLISION, (SEC_ERROR_BASE + 68),
-"A certificate with the same nickname already exists.")
-
-ER3(SEC_ERROR_KEY_NICKNAME_COLLISION, (SEC_ERROR_BASE + 69),
-"A key with the same nickname already exists.")
-
-ER3(SEC_ERROR_SAFE_NOT_CREATED, (SEC_ERROR_BASE + 70),
-"error while creating safe object")
-
-ER3(SEC_ERROR_BAGGAGE_NOT_CREATED, (SEC_ERROR_BASE + 71),
-"error while creating baggage object")
-
-ER3(XP_JAVA_REMOVE_PRINCIPAL_ERROR, (SEC_ERROR_BASE + 72),
-"Couldn't remove the principal")
-
-ER3(XP_JAVA_DELETE_PRIVILEGE_ERROR, (SEC_ERROR_BASE + 73),
-"Couldn't delete the privilege")
-
-ER3(XP_JAVA_CERT_NOT_EXISTS_ERROR, (SEC_ERROR_BASE + 74),
-"This principal doesn't have a certificate")
-
-ER3(SEC_ERROR_BAD_EXPORT_ALGORITHM, (SEC_ERROR_BASE + 75),
-"Required algorithm is not allowed.")
-
-ER3(SEC_ERROR_EXPORTING_CERTIFICATES, (SEC_ERROR_BASE + 76),
-"Error attempting to export certificates.")
-
-ER3(SEC_ERROR_IMPORTING_CERTIFICATES, (SEC_ERROR_BASE + 77),
-"Error attempting to import certificates.")
-
-ER3(SEC_ERROR_PKCS12_DECODING_PFX, (SEC_ERROR_BASE + 78),
-"Unable to import. Decoding error. File not valid.")
-
-ER3(SEC_ERROR_PKCS12_INVALID_MAC, (SEC_ERROR_BASE + 79),
-"Unable to import. Invalid MAC. Incorrect password or corrupt file.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, (SEC_ERROR_BASE + 80),
-"Unable to import. MAC algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE,(SEC_ERROR_BASE + 81),
-"Unable to import. Only password integrity and privacy modes supported.")
-
-ER3(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, (SEC_ERROR_BASE + 82),
-"Unable to import. File structure is corrupt.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, (SEC_ERROR_BASE + 83),
-"Unable to import. Encryption algorithm not supported.")
-
-ER3(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, (SEC_ERROR_BASE + 84),
-"Unable to import. File version not supported.")
-
-ER3(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT,(SEC_ERROR_BASE + 85),
-"Unable to import. Incorrect privacy password.")
-
-ER3(SEC_ERROR_PKCS12_CERT_COLLISION, (SEC_ERROR_BASE + 86),
-"Unable to import. Same nickname already exists in database.")
-
-ER3(SEC_ERROR_USER_CANCELLED, (SEC_ERROR_BASE + 87),
-"The user pressed cancel.")
-
-ER3(SEC_ERROR_PKCS12_DUPLICATE_DATA, (SEC_ERROR_BASE + 88),
-"Not imported, already in database.")
-
-ER3(SEC_ERROR_MESSAGE_SEND_ABORTED, (SEC_ERROR_BASE + 89),
-"Message not sent.")
-
-ER3(SEC_ERROR_INADEQUATE_KEY_USAGE, (SEC_ERROR_BASE + 90),
-"Certificate key usage inadequate for attempted operation.")
-
-ER3(SEC_ERROR_INADEQUATE_CERT_TYPE, (SEC_ERROR_BASE + 91),
-"Certificate type not approved for application.")
-
-ER3(SEC_ERROR_CERT_ADDR_MISMATCH, (SEC_ERROR_BASE + 92),
-"Address in signing certificate does not match address in message headers.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, (SEC_ERROR_BASE + 93),
-"Unable to import. Error attempting to import private key.")
-
-ER3(SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, (SEC_ERROR_BASE + 94),
-"Unable to import. Error attempting to import certificate chain.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, (SEC_ERROR_BASE + 95),
-"Unable to export. Unable to locate certificate or key by nickname.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, (SEC_ERROR_BASE + 96),
-"Unable to export. Private Key could not be located and exported.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_WRITE, (SEC_ERROR_BASE + 97),
-"Unable to export. Unable to write the export file.")
-
-ER3(SEC_ERROR_PKCS12_UNABLE_TO_READ, (SEC_ERROR_BASE + 98),
-"Unable to import. Unable to read the import file.")
-
-ER3(SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, (SEC_ERROR_BASE + 99),
-"Unable to export. Key database corrupt or deleted.")
-
-ER3(SEC_ERROR_KEYGEN_FAIL, (SEC_ERROR_BASE + 100),
-"Unable to generate public/private key pair.")
-
-ER3(SEC_ERROR_INVALID_PASSWORD, (SEC_ERROR_BASE + 101),
-"Password entered is invalid. Please pick a different one.")
-
-ER3(SEC_ERROR_RETRY_OLD_PASSWORD, (SEC_ERROR_BASE + 102),
-"Old password entered incorrectly. Please try again.")
-
-ER3(SEC_ERROR_BAD_NICKNAME, (SEC_ERROR_BASE + 103),
-"Certificate nickname already in use.")
-
-ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER, (SEC_ERROR_BASE + 104),
-"Peer FORTEZZA chain has a non-FORTEZZA Certificate.")
-
-ER3(SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY, (SEC_ERROR_BASE + 105),
-"A sensitive key cannot be moved to the slot where it is needed.")
-
-ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, (SEC_ERROR_BASE + 106),
-"Invalid module name.")
-
-ER3(SEC_ERROR_JS_INVALID_DLL, (SEC_ERROR_BASE + 107),
-"Invalid module path/filename")
-
-ER3(SEC_ERROR_JS_ADD_MOD_FAILURE, (SEC_ERROR_BASE + 108),
-"Unable to add module")
-
-ER3(SEC_ERROR_JS_DEL_MOD_FAILURE, (SEC_ERROR_BASE + 109),
-"Unable to delete module")
-
-ER3(SEC_ERROR_OLD_KRL, (SEC_ERROR_BASE + 110),
-"New KRL is not later than the current one.")
-
-ER3(SEC_ERROR_CKL_CONFLICT, (SEC_ERROR_BASE + 111),
-"New CKL has different issuer than current CKL. Delete current CKL.")
-
-ER3(SEC_ERROR_CERT_NOT_IN_NAME_SPACE, (SEC_ERROR_BASE + 112),
-"The Certifying Authority for this certificate is not permitted to issue a \
-certificate with this name.")
-
-ER3(SEC_ERROR_KRL_NOT_YET_VALID, (SEC_ERROR_BASE + 113),
-"The key revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_CRL_NOT_YET_VALID, (SEC_ERROR_BASE + 114),
-"The certificate revocation list for this certificate is not yet valid.")
-
-ER3(SEC_ERROR_UNKNOWN_CERT, (SEC_ERROR_BASE + 115),
-"The requested certificate could not be found.")
-
-ER3(SEC_ERROR_UNKNOWN_SIGNER, (SEC_ERROR_BASE + 116),
-"The signer's certificate could not be found.")
-
-ER3(SEC_ERROR_CERT_BAD_ACCESS_LOCATION, (SEC_ERROR_BASE + 117),
-"The location for the certificate status server has invalid format.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, (SEC_ERROR_BASE + 118),
-"The OCSP response cannot be fully decoded; it is of an unknown type.")
-
-ER3(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, (SEC_ERROR_BASE + 119),
-"The OCSP server returned unexpected/invalid HTTP data.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_REQUEST, (SEC_ERROR_BASE + 120),
-"The OCSP server found the request to be corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_SERVER_ERROR, (SEC_ERROR_BASE + 121),
-"The OCSP server experienced an internal error.")
-
-ER3(SEC_ERROR_OCSP_TRY_SERVER_LATER, (SEC_ERROR_BASE + 122),
-"The OCSP server suggests trying again later.")
-
-ER3(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, (SEC_ERROR_BASE + 123),
-"The OCSP server requires a signature on this request.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, (SEC_ERROR_BASE + 124),
-"The OCSP server has refused this request as unauthorized.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, (SEC_ERROR_BASE + 125),
-"The OCSP server returned an unrecognizable status.")
-
-ER3(SEC_ERROR_OCSP_UNKNOWN_CERT, (SEC_ERROR_BASE + 126),
-"The OCSP server has no status for the certificate.")
-
-ER3(SEC_ERROR_OCSP_NOT_ENABLED, (SEC_ERROR_BASE + 127),
-"You must enable OCSP before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, (SEC_ERROR_BASE + 128),
-"You must set the OCSP default responder before performing this operation.")
-
-ER3(SEC_ERROR_OCSP_MALFORMED_RESPONSE, (SEC_ERROR_BASE + 129),
-"The response from the OCSP server was corrupted or improperly formed.")
-
-ER3(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, (SEC_ERROR_BASE + 130),
-"The signer of the OCSP response is not authorized to give status for \
-this certificate.")
-
-ER3(SEC_ERROR_OCSP_FUTURE_RESPONSE, (SEC_ERROR_BASE + 131),
-"The OCSP response is not yet valid (contains a date in the future).")
-
-ER3(SEC_ERROR_OCSP_OLD_RESPONSE, (SEC_ERROR_BASE + 132),
-"The OCSP response contains out-of-date information.")
diff --git a/security/nss/cmd/lib/SSLerrs.h b/security/nss/cmd/lib/SSLerrs.h
deleted file mode 100644
index 06803b849..000000000
--- a/security/nss/cmd/lib/SSLerrs.h
+++ /dev/null
@@ -1,366 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* SSL-specific security error codes */
-/* caller must include "sslerr.h" */
-
-ER3(SSL_ERROR_EXPORT_ONLY_SERVER, SSL_ERROR_BASE + 0,
-"Unable to communicate securely. Peer does not support high-grade encryption.")
-
-ER3(SSL_ERROR_US_ONLY_SERVER, SSL_ERROR_BASE + 1,
-"Unable to communicate securely. Peer requires high-grade encryption which is not supported.")
-
-ER3(SSL_ERROR_NO_CYPHER_OVERLAP, SSL_ERROR_BASE + 2,
-"Cannot communicate securely with peer: no common encryption algorithm(s).")
-
-ER3(SSL_ERROR_NO_CERTIFICATE, SSL_ERROR_BASE + 3,
-"Unable to find the certificate or key necessary for authentication.")
-
-ER3(SSL_ERROR_BAD_CERTIFICATE, SSL_ERROR_BASE + 4,
-"Unable to communicate securely with peer: peers's certificate was rejected.")
-
-/* unused (SSL_ERROR_BASE + 5),*/
-
-ER3(SSL_ERROR_BAD_CLIENT, SSL_ERROR_BASE + 6,
-"The server has encountered bad data from the client.")
-
-ER3(SSL_ERROR_BAD_SERVER, SSL_ERROR_BASE + 7,
-"The client has encountered bad data from the server.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE, SSL_ERROR_BASE + 8,
-"Unsupported certificate type.")
-
-ER3(SSL_ERROR_UNSUPPORTED_VERSION, SSL_ERROR_BASE + 9,
-"Peer using unsupported version of security protocol.")
-
-/* unused (SSL_ERROR_BASE + 10),*/
-
-ER3(SSL_ERROR_WRONG_CERTIFICATE, SSL_ERROR_BASE + 11,
-"Client authentication failed: private key in key database does not match public key in certificate database.")
-
-ER3(SSL_ERROR_BAD_CERT_DOMAIN, SSL_ERROR_BASE + 12,
-"Unable to communicate securely with peer: requested domain name does not match the server's certificate.")
-
-/* SSL_ERROR_POST_WARNING (SSL_ERROR_BASE + 13),
- defined in sslerr.h
-*/
-
-ER3(SSL_ERROR_SSL2_DISABLED, (SSL_ERROR_BASE + 14),
-"Peer only supports SSL version 2, which is locally disabled.")
-
-
-ER3(SSL_ERROR_BAD_MAC_READ, (SSL_ERROR_BASE + 15),
-"SSL received a record with an incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_MAC_ALERT, (SSL_ERROR_BASE + 16),
-"SSL peer reports incorrect Message Authentication Code.")
-
-ER3(SSL_ERROR_BAD_CERT_ALERT, (SSL_ERROR_BASE + 17),
-"SSL peer cannot verify your certificate.")
-
-ER3(SSL_ERROR_REVOKED_CERT_ALERT, (SSL_ERROR_BASE + 18),
-"SSL peer rejected your certificate as revoked.")
-
-ER3(SSL_ERROR_EXPIRED_CERT_ALERT, (SSL_ERROR_BASE + 19),
-"SSL peer rejected your certificate as expired.")
-
-ER3(SSL_ERROR_SSL_DISABLED, (SSL_ERROR_BASE + 20),
-"Cannot connect: SSL is disabled.")
-
-ER3(SSL_ERROR_FORTEZZA_PQG, (SSL_ERROR_BASE + 21),
-"Cannot connect: SSL peer is in another FORTEZZA domain.")
-
-
-ER3(SSL_ERROR_UNKNOWN_CIPHER_SUITE , (SSL_ERROR_BASE + 22),
-"An unknown SSL cipher suite has been requested.")
-
-ER3(SSL_ERROR_NO_CIPHERS_SUPPORTED , (SSL_ERROR_BASE + 23),
-"No cipher suites are present and enabled in this program.")
-
-ER3(SSL_ERROR_BAD_BLOCK_PADDING , (SSL_ERROR_BASE + 24),
-"SSL received a record with bad block padding.")
-
-ER3(SSL_ERROR_RX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 25),
-"SSL received a record that exceeded the maximum permissible length.")
-
-ER3(SSL_ERROR_TX_RECORD_TOO_LONG , (SSL_ERROR_BASE + 26),
-"SSL attempted to send a record that exceeded the maximum permissible length.")
-
-/*
- * Received a malformed (too long or short or invalid content) SSL handshake.
- */
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST , (SSL_ERROR_BASE + 27),
-"SSL received a malformed Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO , (SSL_ERROR_BASE + 28),
-"SSL received a malformed Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_HELLO , (SSL_ERROR_BASE + 29),
-"SSL received a malformed Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERTIFICATE , (SSL_ERROR_BASE + 30),
-"SSL received a malformed Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 31),
-"SSL received a malformed Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_REQUEST , (SSL_ERROR_BASE + 32),
-"SSL received a malformed Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HELLO_DONE , (SSL_ERROR_BASE + 33),
-"SSL received a malformed Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CERT_VERIFY , (SSL_ERROR_BASE + 34),
-"SSL received a malformed Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 35),
-"SSL received a malformed Client Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_MALFORMED_FINISHED , (SSL_ERROR_BASE + 36),
-"SSL received a malformed Finished handshake message.")
-
-/*
- * Received a malformed (too long or short) SSL record.
- */
-ER3(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER , (SSL_ERROR_BASE + 37),
-"SSL received a malformed Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_ALERT , (SSL_ERROR_BASE + 38),
-"SSL received a malformed Alert record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_HANDSHAKE , (SSL_ERROR_BASE + 39),
-"SSL received a malformed Handshake record.")
-
-ER3(SSL_ERROR_RX_MALFORMED_APPLICATION_DATA , (SSL_ERROR_BASE + 40),
-"SSL received a malformed Application Data record.")
-
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST , (SSL_ERROR_BASE + 41),
-"SSL received an unexpected Hello Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO , (SSL_ERROR_BASE + 42),
-"SSL received an unexpected Client Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO , (SSL_ERROR_BASE + 43),
-"SSL received an unexpected Server Hello handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERTIFICATE , (SSL_ERROR_BASE + 44),
-"SSL received an unexpected Certificate handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH , (SSL_ERROR_BASE + 45),
-"SSL received an unexpected Server Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST , (SSL_ERROR_BASE + 46),
-"SSL received an unexpected Certificate Request handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE , (SSL_ERROR_BASE + 47),
-"SSL received an unexpected Server Hello Done handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY , (SSL_ERROR_BASE + 48),
-"SSL received an unexpected Certificate Verify handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH , (SSL_ERROR_BASE + 49),
-"SSL received an unexpected Cllient Key Exchange handshake message.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_FINISHED , (SSL_ERROR_BASE + 50),
-"SSL received an unexpected Finished handshake message.")
-
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-ER3(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER , (SSL_ERROR_BASE + 51),
-"SSL received an unexpected Change Cipher Spec record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 52),
-"SSL received an unexpected Alert record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_HANDSHAKE , (SSL_ERROR_BASE + 53),
-"SSL received an unexpected Handshake record.")
-
-ER3(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA, (SSL_ERROR_BASE + 54),
-"SSL received an unexpected Application Data record.")
-
-/*
- * Received record/message with unknown discriminant.
- */
-ER3(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE , (SSL_ERROR_BASE + 55),
-"SSL received a record with an unknown content type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_HANDSHAKE , (SSL_ERROR_BASE + 56),
-"SSL received a handshake message with an unknown message type.")
-
-ER3(SSL_ERROR_RX_UNKNOWN_ALERT , (SSL_ERROR_BASE + 57),
-"SSL received an alert record with an unknown alert description.")
-
-/*
- * Received an alert reporting what we did wrong. (more alerts above)
- */
-ER3(SSL_ERROR_CLOSE_NOTIFY_ALERT , (SSL_ERROR_BASE + 58),
-"SSL peer has closed this connection.")
-
-ER3(SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT , (SSL_ERROR_BASE + 59),
-"SSL peer was not expecting a handshake message it received.")
-
-ER3(SSL_ERROR_DECOMPRESSION_FAILURE_ALERT , (SSL_ERROR_BASE + 60),
-"SSL peer was unable to succesfully decompress an SSL record it received.")
-
-ER3(SSL_ERROR_HANDSHAKE_FAILURE_ALERT , (SSL_ERROR_BASE + 61),
-"SSL peer was unable to negotiate an acceptable set of security parameters.")
-
-ER3(SSL_ERROR_ILLEGAL_PARAMETER_ALERT , (SSL_ERROR_BASE + 62),
-"SSL peer rejected a handshake message for unacceptable content.")
-
-ER3(SSL_ERROR_UNSUPPORTED_CERT_ALERT , (SSL_ERROR_BASE + 63),
-"SSL peer does not support certificates of the type it received.")
-
-ER3(SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT , (SSL_ERROR_BASE + 64),
-"SSL peer had some unspecified issue with the certificate it received.")
-
-
-ER3(SSL_ERROR_GENERATE_RANDOM_FAILURE , (SSL_ERROR_BASE + 65),
-"SSL experienced a failure of its random number generator.")
-
-ER3(SSL_ERROR_SIGN_HASHES_FAILURE , (SSL_ERROR_BASE + 66),
-"Unable to digitally sign data required to verify your certificate.")
-
-ER3(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE , (SSL_ERROR_BASE + 67),
-"SSL was unable to extract the public key from the peer's certificate.")
-
-ER3(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 68),
-"Unspecified failure while processing SSL Server Key Exchange handshake.")
-
-ER3(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE , (SSL_ERROR_BASE + 69),
-"Unspecified failure while processing SSL Client Key Exchange handshake.")
-
-ER3(SSL_ERROR_ENCRYPTION_FAILURE , (SSL_ERROR_BASE + 70),
-"Bulk data encryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILURE , (SSL_ERROR_BASE + 71),
-"Bulk data decryption algorithm failed in selected cipher suite.")
-
-ER3(SSL_ERROR_SOCKET_WRITE_FAILURE , (SSL_ERROR_BASE + 72),
-"Attempt to write encrypted data to underlying socket failed.")
-
-ER3(SSL_ERROR_MD5_DIGEST_FAILURE , (SSL_ERROR_BASE + 73),
-"MD5 digest function failed.")
-
-ER3(SSL_ERROR_SHA_DIGEST_FAILURE , (SSL_ERROR_BASE + 74),
-"SHA-1 digest function failed.")
-
-ER3(SSL_ERROR_MAC_COMPUTATION_FAILURE , (SSL_ERROR_BASE + 75),
-"MAC computation failed.")
-
-ER3(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE , (SSL_ERROR_BASE + 76),
-"Failure to create Symmetric Key context.")
-
-ER3(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE , (SSL_ERROR_BASE + 77),
-"Failure to unwrap the Symmetric key in Client Key Exchange message.")
-
-ER3(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED , (SSL_ERROR_BASE + 78),
-"SSL Server attempted to use domestic-grade public key with export cipher suite.")
-
-ER3(SSL_ERROR_IV_PARAM_FAILURE , (SSL_ERROR_BASE + 79),
-"PKCS11 code failed to translate an IV into a param.")
-
-ER3(SSL_ERROR_INIT_CIPHER_SUITE_FAILURE , (SSL_ERROR_BASE + 80),
-"Failed to initialize the selected cipher suite.")
-
-ER3(SSL_ERROR_SESSION_KEY_GEN_FAILURE , (SSL_ERROR_BASE + 81),
-"Client failed to generate session keys for SSL session.")
-
-ER3(SSL_ERROR_NO_SERVER_KEY_FOR_ALG , (SSL_ERROR_BASE + 82),
-"Server has no key for the attempted key exchange algorithm.")
-
-ER3(SSL_ERROR_TOKEN_INSERTION_REMOVAL , (SSL_ERROR_BASE + 83),
-"PKCS#11 token was inserted or removed while operation was in progress.")
-
-ER3(SSL_ERROR_TOKEN_SLOT_NOT_FOUND , (SSL_ERROR_BASE + 84),
-"No PKCS#11 token could be found to do a required operation.")
-
-ER3(SSL_ERROR_NO_COMPRESSION_OVERLAP , (SSL_ERROR_BASE + 85),
-"Cannot communicate securely with peer: no common compression algorithm(s).")
-
-ER3(SSL_ERROR_HANDSHAKE_NOT_COMPLETED , (SSL_ERROR_BASE + 86),
-"Cannot initiate another SSL handshake until current handshake is complete.")
-
-ER3(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE , (SSL_ERROR_BASE + 87),
-"Received incorrect handshakes hash values from peer.")
-
-ER3(SSL_ERROR_CERT_KEA_MISMATCH , (SSL_ERROR_BASE + 88),
-"The certificate provided cannot be used with the selected key exchange algorithm.")
-
-ER3(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA , (SSL_ERROR_BASE + 89),
-"No certificate authority is trusted for SSL client authentication.")
-
-ER3(SSL_ERROR_SESSION_NOT_FOUND , (SSL_ERROR_BASE + 90),
-"Client's SSL session ID not found in server's session cache.")
-
-ER3(SSL_ERROR_DECRYPTION_FAILED_ALERT , (SSL_ERROR_BASE + 91),
-"Peer was unable to decrypt an SSL record it received.")
-
-ER3(SSL_ERROR_RECORD_OVERFLOW_ALERT , (SSL_ERROR_BASE + 92),
-"Peer received an SSL record that was longer than is permitted.")
-
-ER3(SSL_ERROR_UNKNOWN_CA_ALERT , (SSL_ERROR_BASE + 93),
-"Peer does not recognize and trust the CA that issued your certificate.")
-
-ER3(SSL_ERROR_ACCESS_DENIED_ALERT , (SSL_ERROR_BASE + 94),
-"Peer received a valid certificate, but access was denied.")
-
-ER3(SSL_ERROR_DECODE_ERROR_ALERT , (SSL_ERROR_BASE + 95),
-"Peer could not decode an SSL handshake message.")
-
-ER3(SSL_ERROR_DECRYPT_ERROR_ALERT , (SSL_ERROR_BASE + 96),
-"Peer reports failure of signature verification or key exchange.")
-
-ER3(SSL_ERROR_EXPORT_RESTRICTION_ALERT , (SSL_ERROR_BASE + 97),
-"Peer reports negotiation not in compliance with export regulations.")
-
-ER3(SSL_ERROR_PROTOCOL_VERSION_ALERT , (SSL_ERROR_BASE + 98),
-"Peer reports incompatible or unsupported protocol version.")
-
-ER3(SSL_ERROR_INSUFFICIENT_SECURITY_ALERT , (SSL_ERROR_BASE + 99),
-"Server requires ciphers more secure than those supported by client.")
-
-ER3(SSL_ERROR_INTERNAL_ERROR_ALERT , (SSL_ERROR_BASE + 100),
-"Peer reports it experienced an internal error.")
-
-ER3(SSL_ERROR_USER_CANCELED_ALERT , (SSL_ERROR_BASE + 101),
-"Peer user canceled handshake.")
-
-ER3(SSL_ERROR_NO_RENEGOTIATION_ALERT , (SSL_ERROR_BASE + 102),
-"Peer does not permit renegotiation of SSL security parameters.")
-
diff --git a/security/nss/cmd/lib/berparse.c b/security/nss/cmd/lib/berparse.c
deleted file mode 100644
index c040ab2b1..000000000
--- a/security/nss/cmd/lib/berparse.c
+++ /dev/null
@@ -1,404 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-typedef enum {
- tagDone, lengthDone, leafDone, compositeDone,
- notDone,
- parseError, parseComplete
-} ParseState;
-
-typedef unsigned char Byte;
-typedef void (*ParseProc)(BERParse *h, unsigned char **buf, int *len);
-typedef struct {
- SECArb arb;
- int pos; /* length from global start to item start */
- SECArb *parent;
-} ParseStackElem;
-
-struct BERParseStr {
- PRArenaPool *his;
- PRArenaPool *mine;
- ParseProc proc;
- int stackDepth;
- ParseStackElem *stackPtr;
- ParseStackElem *stack;
- int pending; /* bytes remaining to complete this part */
- int pos; /* running length of consumed characters */
- ParseState state;
- PRBool keepLeaves;
- PRBool derOnly;
- BERFilterProc filter;
- void *filterArg;
- BERNotifyProc before;
- void *beforeArg;
- BERNotifyProc after;
- void *afterArg;
-};
-
-#define UNKNOWN -1
-
-static unsigned char NextChar(BERParse *h, unsigned char **buf, int *len)
-{
- unsigned char c = *(*buf)++;
- (*len)--;
- h->pos++;
- if (h->filter)
- (*h->filter)(h->filterArg, &c, 1);
- return c;
-}
-
-static void ParseTag(BERParse *h, unsigned char **buf, int *len)
-{
- SECArb* arb = &(h->stackPtr->arb);
- arb->tag = NextChar(h, buf, len);
-
- PORT_Assert(h->state == notDone);
-
- /*
- * NOTE: This does not handle the high-tag-number form
- */
- if ((arb->tag & DER_HIGH_TAG_NUMBER) == DER_HIGH_TAG_NUMBER) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return;
- }
-
- h->pending = UNKNOWN;
- arb->length = UNKNOWN;
- if (arb->tag & DER_CONSTRUCTED) {
- arb->body.cons.numSubs = 0;
- arb->body.cons.subs = NULL;
- } else {
- arb->body.item.len = UNKNOWN;
- arb->body.item.data = NULL;
- }
-
- h->state = tagDone;
-}
-
-static void ParseLength(BERParse *h, unsigned char **buf, int *len)
-{
- Byte b;
- SECArb *arb = &(h->stackPtr->arb);
-
- PORT_Assert(h->state == notDone);
-
- if (h->pending == UNKNOWN) {
- b = NextChar(h, buf, len);
- if ((b & 0x80) == 0) { /* short form */
- arb->length = b;
- /*
- * if the tag and the length are both zero bytes, then this
- * should be the marker showing end of list for the
- * indefinite length composite
- */
- if (arb->length == 0 && arb->tag == 0)
- h->state = compositeDone;
- else
- h->state = lengthDone;
- return;
- }
-
- h->pending = b & 0x7f;
- /* 0 implies this is an indefinite length */
- if (h->pending > 4) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return;
- }
- arb->length = 0;
- }
-
- while ((*len > 0) && (h->pending > 0)) {
- b = NextChar(h, buf, len);
- arb->length = (arb->length << 8) + b;
- h->pending--;
- }
- if (h->pending == 0) {
- if (h->derOnly && (arb->length == 0))
- h->state = parseError;
- else
- h->state = lengthDone;
- }
- return;
-}
-
-static void ParseLeaf(BERParse *h, unsigned char **buf, int *len)
-{
- int count;
- SECArb *arb = &(h->stackPtr->arb);
-
- PORT_Assert(h->state == notDone);
- PORT_Assert(h->pending >= 0);
-
- if (*len < h->pending)
- count = *len;
- else
- count = h->pending;
-
- if (h->keepLeaves)
- memcpy(arb->body.item.data + arb->body.item.len, *buf, count);
- if (h->filter)
- (*h->filter)(h->filterArg, *buf, count);
- *buf += count;
- *len -= count;
- arb->body.item.len += count;
- h->pending -= count;
- h->pos += count;
- if (h->pending == 0) {
- h->state = leafDone;
- }
- return;
-}
-
-static void CreateArbNode(BERParse *h)
-{
- SECArb *arb = PORT_ArenaAlloc(h->his, sizeof(SECArb));
-
- *arb = h->stackPtr->arb;
-
- /*
- * Special case closing the root
- */
- if (h->stackPtr == h->stack) {
- PORT_Assert(arb->tag & DER_CONSTRUCTED);
- h->state = parseComplete;
- } else {
- SECArb *parent = h->stackPtr->parent;
- parent->body.cons.subs = DS_ArenaGrow(
- h->his, parent->body.cons.subs,
- (parent->body.cons.numSubs) * sizeof(SECArb*),
- (parent->body.cons.numSubs + 1) * sizeof(SECArb*));
- parent->body.cons.subs[parent->body.cons.numSubs] = arb;
- parent->body.cons.numSubs++;
- h->proc = ParseTag;
- h->state = notDone;
- h->pending = UNKNOWN;
- }
- if (h->after)
- (*h->after)(h->afterArg, arb, h->stackPtr - h->stack, PR_FALSE);
-}
-
-SECStatus BER_ParseSome(BERParse *h, unsigned char *buf, int len)
-{
- if (h->state == parseError) return PR_TRUE;
-
- while (len) {
- (*h->proc)(h, &buf, &len);
- if (h->state == parseComplete) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- if (h->state == parseError) return PR_TRUE;
- PORT_Assert(h->state != parseComplete);
-
- if (h->state <= compositeDone) {
- if (h->proc == ParseTag) {
- PORT_Assert(h->state == tagDone);
- h->proc = ParseLength;
- h->state = notDone;
- } else if (h->proc == ParseLength) {
- SECArb *arb = &(h->stackPtr->arb);
- PORT_Assert(h->state == lengthDone || h->state == compositeDone);
-
- if (h->before)
- (*h->before)(h->beforeArg, arb,
- h->stackPtr - h->stack, PR_TRUE);
-
- /*
- * Check to see if this is the end of an indefinite
- * length composite
- */
- if (h->state == compositeDone) {
- SECArb *parent = h->stackPtr->parent;
- PORT_Assert(parent);
- PORT_Assert(parent->tag & DER_CONSTRUCTED);
- if (parent->length != 0) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- /*
- * NOTE: This does not check for an indefinite length
- * composite being contained inside a definite length
- * composite. It is not clear that is legal.
- */
- h->stackPtr--;
- CreateArbNode(h);
- } else {
- h->stackPtr->pos = h->pos;
-
-
- if (arb->tag & DER_CONSTRUCTED) {
- SECArb *parent;
- /*
- * Make sure there is room on the stack before we
- * stick anything else there.
- */
- PORT_Assert(h->stackPtr - h->stack < h->stackDepth);
- if (h->stackPtr - h->stack == h->stackDepth - 1) {
- int newDepth = h->stackDepth * 2;
- h->stack = DS_ArenaGrow(h->mine, h->stack,
- sizeof(ParseStackElem) * h->stackDepth,
- sizeof(ParseStackElem) * newDepth);
- h->stackPtr = h->stack + h->stackDepth + 1;
- h->stackDepth = newDepth;
- }
- parent = &(h->stackPtr->arb);
- h->stackPtr++;
- h->stackPtr->parent = parent;
- h->proc = ParseTag;
- h->state = notDone;
- h->pending = UNKNOWN;
- } else {
- if (arb->length < 0) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- arb->body.item.len = 0;
- if (arb->length > 0 && h->keepLeaves) {
- arb->body.item.data =
- PORT_ArenaAlloc(h->his, arb->length);
- } else {
- arb->body.item.data = NULL;
- }
- h->proc = ParseLeaf;
- h->state = notDone;
- h->pending = arb->length;
- }
- }
- } else {
- ParseStackElem *parent;
- PORT_Assert(h->state = leafDone);
- PORT_Assert(h->proc == ParseLeaf);
-
- for (;;) {
- CreateArbNode(h);
- if (h->stackPtr == h->stack)
- break;
- parent = (h->stackPtr - 1);
- PORT_Assert(parent->arb.tag & DER_CONSTRUCTED);
- if (parent->arb.length == 0) /* need explicit end */
- break;
- if (parent->pos + parent->arb.length > h->pos)
- break;
- if (parent->pos + parent->arb.length < h->pos) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- h->state = parseError;
- return PR_TRUE;
- }
- h->stackPtr = parent;
- }
- }
-
- }
- }
- return PR_FALSE;
-}
-BERParse *BER_ParseInit(PRArenaPool *arena, PRBool derOnly)
-{
- BERParse *h;
- PRArenaPool *temp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (temp == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- h = PORT_ArenaAlloc(temp, sizeof(BERParse));
- if (h == NULL) {
- PORT_FreeArena(temp, PR_FALSE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- h->his = arena;
- h->mine = temp;
- h->proc = ParseTag;
- h->stackDepth = 20;
- h->stack = PORT_ArenaZAlloc(h->mine,
- sizeof(ParseStackElem) * h->stackDepth);
- h->stackPtr = h->stack;
- h->state = notDone;
- h->pos = 0;
- h->keepLeaves = PR_TRUE;
- h->before = NULL;
- h->after = NULL;
- h->filter = NULL;
- h->derOnly = derOnly;
- return h;
-}
-
-SECArb *BER_ParseFini(BERParse *h)
-{
- PRArenaPool *myArena = h->mine;
- SECArb *arb;
-
- if (h->state != parseComplete) {
- arb = NULL;
- } else {
- arb = PORT_ArenaAlloc(h->his, sizeof(SECArb));
- *arb = h->stackPtr->arb;
- }
-
- PORT_FreeArena(myArena, PR_FALSE);
-
- return arb;
-}
-
-
-void BER_SetFilter(BERParse *h, BERFilterProc proc, void *instance)
-{
- h->filter = proc;
- h->filterArg = instance;
-}
-
-void BER_SetLeafStorage(BERParse *h, PRBool keep)
-{
- h->keepLeaves = keep;
-}
-
-void BER_SetNotifyProc(BERParse *h, BERNotifyProc proc, void *instance,
- PRBool beforeData)
-{
- if (beforeData) {
- h->before = proc;
- h->beforeArg = instance;
- } else {
- h->after = proc;
- h->afterArg = instance;
- }
-}
-
-
-
diff --git a/security/nss/cmd/lib/config.mk b/security/nss/cmd/lib/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/cmd/lib/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/cmd/lib/derprint.c b/security/nss/cmd/lib/derprint.c
deleted file mode 100644
index 7f699dec4..000000000
--- a/security/nss/cmd/lib/derprint.c
+++ /dev/null
@@ -1,619 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-#include "secoid.h"
-
-#ifdef __sun
-extern int fprintf(FILE *strm, const char *format, .../* args */);
-extern int fflush(FILE *stream);
-#endif
-
-#define RIGHT_MARGIN 24
-/*#define RAW_BYTES 1 */
-
-static int prettyColumn = 0;
-
-static int
-getInteger256(unsigned char *data, unsigned int nb)
-{
- int val;
-
- switch (nb) {
- case 1:
- val = data[0];
- break;
- case 2:
- val = (data[0] << 8) | data[1];
- break;
- case 3:
- val = (data[0] << 16) | (data[1] << 8) | data[2];
- break;
- case 4:
- val = (data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3];
- break;
- default:
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- return val;
-}
-
-static int
-prettyNewline(FILE *out)
-{
- int rv;
-
- if (prettyColumn != -1) {
- rv = fprintf(out, "\n");
- prettyColumn = -1;
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
- return 0;
-}
-
-static int
-prettyIndent(FILE *out, unsigned level)
-{
- unsigned int i;
- int rv;
-
- if (prettyColumn == -1) {
- prettyColumn = level;
- for (i = 0; i < level; i++) {
- rv = fprintf(out, " ");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
- }
-
- return 0;
-}
-
-static int
-prettyPrintByte(FILE *out, unsigned char item, unsigned int level)
-{
- int rv;
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- rv = fprintf(out, "%02x ", item);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- prettyColumn++;
- if (prettyColumn >= RIGHT_MARGIN) {
- return prettyNewline(out);
- }
-
- return 0;
-}
-
-static int
-prettyPrintLeaf(FILE *out, unsigned char *data,
- unsigned int len, unsigned int lv)
-{
- unsigned int i;
- int rv;
-
- for (i = 0; i < len; i++) {
- rv = prettyPrintByte(out, *data++, lv);
- if (rv < 0)
- return rv;
- }
- return prettyNewline(out);
-}
-
-static int
-prettyPrintStringStart(FILE *out, unsigned char *str,
- unsigned int len, unsigned int level)
-{
-#define BUF_SIZE 100
- unsigned char buf[BUF_SIZE];
- int rv;
-
- if (len >= BUF_SIZE)
- len = BUF_SIZE - 1;
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- memcpy(buf, str, len);
- buf[len] = '\000';
-
- rv = fprintf(out, "\"%s\"", buf);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- return 0;
-#undef BUF_SIZE
-}
-
-static int
-prettyPrintString(FILE *out, unsigned char *str,
- unsigned int len, unsigned int level, PRBool raw)
-{
- int rv;
-
- rv = prettyPrintStringStart(out, str, len, level);
- if (rv < 0)
- return rv;
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- if (raw) {
- rv = prettyPrintLeaf(out, str, len, level);
- if (rv < 0)
- return rv;
- }
-
- return 0;
-}
-
-static int
-prettyPrintTime(FILE *out, unsigned char *str,
- unsigned int len, unsigned int level, PRBool raw, PRBool utc)
-{
- SECItem time_item;
- int rv;
-
- rv = prettyPrintStringStart(out, str, len, level);
- if (rv < 0)
- return rv;
-
- time_item.data = str;
- time_item.len = len;
-
- rv = fprintf(out, " (");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- if (utc)
- SECU_PrintUTCTime(out, &time_item, NULL, 0);
- else
- SECU_PrintGeneralizedTime(out, &time_item, NULL, 0);
-
- rv = fprintf(out, ")");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- if (raw) {
- rv = prettyPrintLeaf(out, str, len, level);
- if (rv < 0)
- return rv;
- }
-
- return 0;
-}
-
-static int
-prettyPrintObjectID(FILE *out, unsigned char *data,
- unsigned int len, unsigned int level, PRBool raw)
-{
- SECOidData *oiddata;
- SECItem oiditem;
- unsigned int i;
- unsigned long val;
- int rv;
-
-
- /*
- * First print the Object Id in numeric format
- */
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- val = data[0];
- i = val % 40;
- val = val / 40;
- rv = fprintf(out, "%lu %u ", val, i);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- val = 0;
- for (i = 1; i < len; ++i) {
- unsigned long j;
-
- j = data[i];
- val = (val << 7) | (j & 0x7f);
- if (j & 0x80)
- continue;
- rv = fprintf(out, "%lu ", val);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- val = 0;
- }
-
- /*
- * Now try to look it up and print a symbolic version.
- */
- oiditem.data = data;
- oiditem.len = len;
- oiddata = SECOID_FindOID(&oiditem);
- if (oiddata != NULL) {
- i = PORT_Strlen(oiddata->desc);
- if ((prettyColumn + 1 + (i / 3)) > RIGHT_MARGIN) {
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
- }
-
- rv = prettyIndent(out, level);
- if (rv < 0)
- return rv;
-
- rv = fprintf(out, "(%s)", oiddata->desc);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
-
- /*
- * Finally, on a new line, print the raw bytes (if requested).
- */
- if (raw) {
- rv = prettyNewline(out);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- for (i = 0; i < len; i++) {
- rv = prettyPrintByte(out, *data++, level);
- if (rv < 0)
- return rv;
- }
- }
-
- return prettyNewline(out);
-}
-
-static char *prettyTagType [32] = {
- "End of Contents",
- "Boolean",
- "Integer",
- "Bit String",
- "Octet String",
- "NULL",
- "Object Identifier",
- "0x07",
- "0x08",
- "0x09",
- "Enumerated",
- "0x0B",
- "UTF8 String",
- "0x0D",
- "0x0E",
- "0x0F",
- "Sequence",
- "Set",
- "0x12",
- "Printable String",
- "T61 String",
- "0x15",
- "IA5 String",
- "UTC Time",
- "Generalized Time",
- "0x19",
- "Visible String",
- "0x1B",
- "Universal String",
- "0x1D",
- "BMP String",
- "High-Tag-Number"
-};
-
-static int
-prettyPrintTag(FILE *out, unsigned char *src, unsigned char *end,
- unsigned char *codep, unsigned int level, PRBool raw)
-{
- int rv;
- unsigned char code, tagnum;
-
- if (src >= end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- code = *src;
- tagnum = code & SEC_ASN1_TAGNUM_MASK;
-
- /*
- * NOTE: This code does not (yet) handle the high-tag-number form!
- */
- if (tagnum == SEC_ASN1_HIGH_TAG_NUMBER) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- if (raw)
- rv = prettyPrintByte(out, code, level);
- else
- rv = prettyIndent(out, level);
-
- if (rv < 0)
- return rv;
-
- if (code & SEC_ASN1_CONSTRUCTED) {
- rv = fprintf(out, "C-");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
- }
-
- switch (code & SEC_ASN1_CLASS_MASK) {
- case SEC_ASN1_UNIVERSAL:
- rv = fprintf(out, "%s ", prettyTagType[tagnum]);
- break;
- case SEC_ASN1_APPLICATION:
- rv = fprintf(out, "Application: %d ", tagnum);
- break;
- case SEC_ASN1_CONTEXT_SPECIFIC:
- rv = fprintf(out, "[%d] ", tagnum);
- break;
- case SEC_ASN1_PRIVATE:
- rv = fprintf(out, "Private: %d ", tagnum);
- break;
- }
-
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- *codep = code;
-
- return 1;
-}
-
-static int
-prettyPrintLength(FILE *out, unsigned char *data, unsigned char *end,
- int *lenp, PRBool *indefinitep, unsigned int lv, PRBool raw)
-{
- unsigned char lbyte;
- int lenLen;
- int rv;
-
- if (data >= end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- rv = fprintf(out, " ");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- *indefinitep = PR_FALSE;
-
- lbyte = *data++;
- if (lbyte >= 0x80) {
- /* Multibyte length */
- unsigned nb = (unsigned) (lbyte & 0x7f);
- if (nb > 4) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
- if (nb > 0) {
- int il;
-
- if ((data + nb) > end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
- il = getInteger256(data, nb);
- if (il < 0) return -1;
- *lenp = (unsigned) il;
- } else {
- *lenp = 0;
- *indefinitep = PR_TRUE;
- }
- lenLen = nb + 1;
- if (raw) {
- int i;
-
- rv = prettyPrintByte(out, lbyte, lv);
- if (rv < 0)
- return rv;
- for (i = 0; i < nb; i++) {
- rv = prettyPrintByte(out, data[i], lv);
- if (rv < 0)
- return rv;
- }
- }
- } else {
- *lenp = lbyte;
- lenLen = 1;
- if (raw) {
- rv = prettyPrintByte(out, lbyte, lv);
- if (rv < 0)
- return rv;
- }
- }
- if (*indefinitep)
- rv = fprintf(out, "(indefinite)\n");
- else
- rv = fprintf(out, "(%d)\n", *lenp);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return rv;
- }
-
- prettyColumn = -1;
- return lenLen;
-}
-
-static int
-prettyPrintItem(FILE *out, unsigned char *data, unsigned char *end,
- unsigned int lv, PRBool raw)
-{
- int slen;
- int lenLen;
- unsigned char *orig = data;
- int rv;
-
- while (data < end) {
- unsigned char code;
- PRBool indefinite;
-
- slen = prettyPrintTag(out, data, end, &code, lv, raw);
- if (slen < 0)
- return slen;
- data += slen;
-
- lenLen = prettyPrintLength(out, data, end, &slen, &indefinite, lv, raw);
- if (lenLen < 0)
- return lenLen;
- data += lenLen;
-
- /*
- * Just quit now if slen more bytes puts us off the end.
- */
- if ((data + slen) > end) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
-
- if (code & SEC_ASN1_CONSTRUCTED) {
- if (slen > 0 || indefinite) {
- slen = prettyPrintItem(out, data,
- slen == 0 ? end : data + slen,
- lv+1, raw);
- if (slen < 0)
- return slen;
- data += slen;
- }
- } else if (code == 0) {
- if (slen != 0 || lenLen != 1) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return -1;
- }
- break;
- } else {
- switch (code) {
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- rv = prettyPrintString(out, data, slen, lv+1, raw);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_UTC_TIME:
- rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_TRUE);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_GENERALIZED_TIME:
- rv = prettyPrintTime(out, data, slen, lv+1, raw, PR_FALSE);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_OBJECT_ID:
- rv = prettyPrintObjectID(out, data, slen, lv+1, raw);
- if (rv < 0)
- return rv;
- break;
- case SEC_ASN1_BOOLEAN: /* could do nicer job */
- case SEC_ASN1_INTEGER: /* could do nicer job */
- case SEC_ASN1_BIT_STRING: /* could do nicer job */
- case SEC_ASN1_OCTET_STRING:
- case SEC_ASN1_NULL:
- case SEC_ASN1_ENUMERATED: /* could do nicer job, as INTEGER */
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_T61_STRING: /* print as printable string? */
- case SEC_ASN1_UNIVERSAL_STRING:
- case SEC_ASN1_BMP_STRING:
- default:
- rv = prettyPrintLeaf(out, data, slen, lv+1);
- if (rv < 0)
- return rv;
- break;
- }
- data += slen;
- }
- }
-
- rv = prettyNewline(out);
- if (rv < 0)
- return rv;
-
- return data - orig;
-}
-
-SECStatus
-DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw)
-{
- int rv;
-
- prettyColumn = -1;
-
- rv = prettyPrintItem(out, it->data, it->data + it->len, 0, raw);
- if (rv < 0)
- return SECFailure;
- return SECSuccess;
-}
diff --git a/security/nss/cmd/lib/dongle.c b/security/nss/cmd/lib/dongle.c
deleted file mode 100644
index 1c819ee51..000000000
--- a/security/nss/cmd/lib/dongle.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-#include "sechash.h"
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#include <netdb.h>
-#include <sys/types.h>
-#include <netinet/in.h>
-#endif
-#ifdef XP_WIN
-#include <windows.h>
-#include <winsock.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#endif
-#ifdef XP_MAC
-#include <unistd.h>
-#endif
-
-#ifdef XP_UNIX
-#include "prnetdb.h"
-#else
-#define PRHostEnt struct hostent
-#define PR_NETDB_BUF_SIZE 5
-#endif
-
-static RC4Context *
-sec_MakeDongleKey(void)
-{
- RC4Context *rc4;
- char hostname[64];
- PRHostEnt hpbuf, *hent;
- char dbbuf[PR_NETDB_BUF_SIZE];
- int ipaddr;
- struct stat s;
- int found = 1; /* Whether /vmunix, etc. found */
- unsigned char *buf, *totalbuf;
- MD5Context *md5 = 0;
- unsigned char digest[16];
- unsigned int digestLen;
-
- /* NOTE: Fix MAC and WIN to stat something comparable to kernel on UNIX */
-#ifdef XP_MAC
- return NULL;
-#elif defined(XP_WIN)
- return NULL;
-#endif
-
- /* gather system data */
- if( gethostname( hostname, 64 ) < 0 ) {
- return(NULL);
- }
-
-#ifdef XP_UNIX
-#ifndef NSPR20
- hent = PR_gethostbyname(hostname, &hpbuf, dbbuf, sizeof(dbbuf), 0);
-#else
- if (PR_GetHostByName(hostname, dbbuf, sizeof(dbbuf), &hpbuf) == PR_SUCCESS)
- hent = &hpbuf;
- else
- hent = NULL;
-#endif
-#else
- hent = gethostbyname(hostname);
-#endif
- if (hent == NULL) {
- return(NULL);
- }
-
- ipaddr = htonl(((struct in_addr *)hent->h_addr)->s_addr);
-
- /*
- ** /unix IRIX & AIX & SCO
- ** /vmunix SunOS & OSF
- ** /kernel/unix Solaris
- ** /vmlinuz Linux
- ** /hp-ux HP-UX
- ** /bsd BSD
- */
- if ( (stat("/unix", &s) == -1 ) && (stat("/vmunix", &s) == -1) &&
- (stat("/bsd", &s) == -1) && (stat("kernel/unix", &s)== -1) &&
- (stat("/hp-ux", &s) == -1) && (stat("/vmlinuz", &s) == -1) ) {
- found = 0;
- }
-
- buf = totalbuf = (unsigned char *)
- XP_CALLOC(1, 1000 + sizeof(ipaddr) + sizeof(s) + PORT_Strlen(hostname));
-
- if ( buf == 0 ) {
- return(NULL);
- }
-
- PORT_Memcpy(buf, hostname, PORT_Strlen(hostname));
- buf += PORT_Strlen(hostname);
-
- PORT_Memcpy(buf, &ipaddr, sizeof(ipaddr));
- buf += sizeof(ipaddr);
-
- if (found) {
- PORT_Memcpy(buf, &s.st_mode, sizeof(s.st_mode));
- buf += sizeof(s.st_mode);
-
- PORT_Memcpy(buf, &s.st_ino, sizeof(s.st_ino));
- buf += sizeof(s.st_ino);
-
- PORT_Memcpy(buf, &s.st_dev, sizeof(s.st_dev));
- buf += sizeof(s.st_dev);
-
- PORT_Memcpy(buf, &s.st_mtime, sizeof(s.st_mtime));
- buf += sizeof(s.st_mtime);
- }
-
- /* Digest the system info using MD5 */
- md5 = MD5_NewContext();
- if (md5 == NULL) {
- return (NULL);
- }
-
- MD5_Begin(md5);
- MD5_Update(md5, totalbuf, PORT_Strlen((char *)totalbuf));
- MD5_End(md5, digest, &digestLen, MD5_LENGTH);
-
- /* Make an RC4 key using the digest */
- rc4 = RC4_CreateContext(digest, digestLen);
-
- /* Zero out information */
- MD5_DestroyContext(md5, PR_TRUE);
- PORT_Memset(digest, 0 , sizeof(digest));
-
-
- return(rc4);
-}
-
-extern unsigned char *
-SEC_ReadDongleFile(int fd)
-{
- RC4Context *rc4;
- struct stat s;
- unsigned char *inbuf, *pw;
- int nb;
- unsigned int pwlen, inlen;
- SECStatus rv;
-
- rc4 = sec_MakeDongleKey();
- if (rc4 == NULL) {
- return(0);
- }
-
- /* get size of file */
- if ( fstat(fd, &s) < 0 ) {
- return(0);
- }
-
- inlen = s.st_size;
-
- inbuf = (unsigned char *) PORT_Alloc(inlen);
- if (!inbuf) {
- return(0);
- }
-
- nb = read(fd, (char *)inbuf, inlen);
- if (nb != inlen) {
- return(0);
- }
-
- pw = (unsigned char *) PORT_Alloc(inlen);
- if (pw == 0) {
- return(0);
- }
-
- rv = RC4_Decrypt(rc4, pw, &pwlen, inlen, inbuf, inlen);
- if (rv) {
- return(0);
- }
-
- PORT_Free(inbuf);
-
- return(pw);
-}
-
-extern SECStatus
-SEC_WriteDongleFile(int fd, unsigned char *pw)
-{
- RC4Context *rc4;
- unsigned char *outbuf;
- unsigned int outlen;
- SECStatus rv;
- int nb;
-
- rc4 = sec_MakeDongleKey();
- if (rc4 == NULL) {
- return(SECFailure);
- }
-
- outbuf = (unsigned char *) PORT_Alloc(PORT_Strlen((char *)pw) + 1);
- if (!outbuf) {
- return(SECFailure);
- }
-
- rv = RC4_Encrypt(rc4, outbuf, &outlen, PORT_Strlen((char *)pw), pw,
- PORT_Strlen((char *)pw));
- if (rv) {
- return(SECFailure);
- }
-
- RC4_DestroyContext(rc4, PR_TRUE);
-
- nb = write(fd, (char *)outbuf, outlen);
- if (nb != outlen) {
- return(SECFailure);
- }
-
- PORT_Free(outbuf);
-
- return(SECSuccess);
-}
-
diff --git a/security/nss/cmd/lib/fe_util.c b/security/nss/cmd/lib/fe_util.c
deleted file mode 100644
index 646277e35..000000000
--- a/security/nss/cmd/lib/fe_util.c
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secpkcs7.h"
-
-void
-fe_GetProgramDirectory(char *path, int len)
-{
- PORT_Strcpy( path, ".");
-}
-
diff --git a/security/nss/cmd/lib/ffs.c b/security/nss/cmd/lib/ffs.c
deleted file mode 100644
index 3fce2c7c2..000000000
--- a/security/nss/cmd/lib/ffs.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef XP_PC
-
-int ffs( unsigned int i)
-{
- int rv = 1;
-
- if (!i) return 0;
-
- while (!(i & 1)) {
- i >>= 1;
- ++rv;
- }
-
- return rv;
-}
-#endif
diff --git a/security/nss/cmd/lib/filestub.c b/security/nss/cmd/lib/filestub.c
deleted file mode 100644
index 368b7284d..000000000
--- a/security/nss/cmd/lib/filestub.c
+++ /dev/null
@@ -1,1118 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#define CMD_STUB 1 /* this is just a stub for security/cmd/* */
-#define MOZ_LITE 1 /* don't need that other stuff, either */
-
-#if 0
-#include "stdafx.h"
-#include "dialog.h"
-#include "mainfrm.h"
-#include "custom.h"
-#include "shcut.h"
-#include "edt.h"
-#include "prmon.h"
-#include "fegui.h"
-#include "prefapi.h"
-#include <io.h>
-#include "secrng.h"
-#include "mailass.h"
-#include "ipframe.h"
-#include "mnprefs.h"
-
-#else
-
-#include <xp_core.h>
-#include <xp_file.h>
-#include <xp_mcom.h>
-
-#define ASSERT assert
-#endif
-
-#ifdef XP_MAC
-#include "prpriv.h" /* For PR_NewNamedMonitor */
-#else
-#include "private/prpriv.h"
-#endif
-
-#ifdef XP_WIN
-
-#ifndef _AFXDLL
-/* MSVC Debugging new...goes to regular new in release mode */
-#define new DEBUG_NEW
-#endif
-
-#ifdef __BORLANDC__
- #define _lseek lseek
-#endif
-
-#define WIDTHBYTES(i) ((i + 31) / 32 * 4)
-#define MAXREAD 32767
-
-MODULE_PRIVATE char * XP_CacheFileName();
-
-#define MAXSTRINGLEN 8192
-
-#ifndef CMD_STUB
-
-/* Return a string the same as the In string
-** but with all of the \n's replaced with \r\n's
-*/
-MODULE_PRIVATE char *
-FE_Windowsify(const char * In)
-{
- char *Out;
- char *o, *i;
- int32 len;
-
- if(!In)
- return NULL;
-
- /* if every character is a \n then new string is twice as long */
- len = (int32) XP_STRLEN(In) * 2 + 1;
- Out = (char *) XP_ALLOC(len);
- if(!Out)
- return NULL;
-
- /* Move the characters over one by one. If the current character is */
- /* a \n replace add a \r before moving the \n over */
- for(i = (char *) In, o = Out; i && *i; *o++ = *i++)
- if(*i == '\n')
- *o++ = '\r';
-
- /* Make sure our new string is NULL terminated */
- *o = '\0';
- return(Out);
-}
-
-
-/* Return some adjusted out full path on the mac. */
-/* For windows, we just return what was passed in. */
-/* We must provide it in a seperate buffer, otherwise they might change */
-/* the original and change also what they believe to be saved. */
-char *
-WH_FilePlatformName(const char *pName)
-{
-
- if(pName) {
- return XP_STRDUP(pName);
- }
-
- return NULL;
-}
-
-
-char *
-FE_GetProgramDirectory(char *buffer, int length)
-{
- ::GetModuleFileName(theApp.m_hInstance, buffer, length);
-
- /* Find the trailing slash. */
- char *pSlash = ::strrchr(buffer, '\\');
- if(pSlash) {
- *(pSlash+1) = '\0';
- } else {
- buffer[0] = '\0';
- }
- return (buffer);
-}
-
-
-char*
-XP_TempDirName(void)
-{
- char *tmp = theApp.m_pTempDir;
- if (!tmp)
- return XP_STRDUP(".");
- return XP_STRDUP(tmp);
-}
-
-/* Windows _tempnam() lets the TMP environment variable override things sent
-** in so it look like we're going to have to make a temp name by hand.
-
-** The user should *NOT* free the returned string.
-** It is stored in static space
-** and so is not valid across multiple calls to this function.
-
-** The names generated look like
-** c:\netscape\cache\m0.moz
-** c:\netscape\cache\m1.moz
-** up to...
-** c:\netscape\cache\m9999999.moz
-** after that if fails
-** */
-PUBLIC char *
-xp_TempFileName(int type, const char * request_prefix, const char * extension,
- char* file_buf)
-{
- const char * directory = NULL;
- char * ext = NULL; /* file extension if any */
- char * prefix = NULL; /* file prefix if any */
-
-
- XP_StatStruct statinfo;
- int status;
-
- /* */
- /* based on the type of request determine what directory we should be */
- /* looking into */
- /* */
- switch(type) {
- case xpCache:
- directory = theApp.m_pCacheDir;
- ext = ".MOZ";
- prefix = CACHE_PREFIX;
- break;
-#ifndef MOZ_LITE
- case xpSNewsRC:
- case xpNewsRC:
- case xpNewsgroups:
- case xpSNewsgroups:
- case xpTemporaryNewsRC:
- directory = g_MsgPrefs.m_csNewsDir;
- ext = (char *)extension;
- prefix = (char *)request_prefix;
- break;
- case xpMailFolderSummary:
- case xpMailFolder:
- directory = g_MsgPrefs.m_csMailDir;
- ext = (char *)extension;
- prefix = (char *)request_prefix;
- break;
- case xpAddrBook:
- /*changed to support multi-profile */
- /*directory = theApp.m_pInstallDir->GetCharValue(); */
- directory = (const char *)theApp.m_UserDirectory;
- if ((request_prefix == 0) || (XP_STRLEN (request_prefix) == 0))
- prefix = "abook";
- ext = ".nab";
- break;
-#endif /* MOZ_LITE */
- case xpCacheFAT:
- directory = theApp.m_pCacheDir;
- prefix = "fat";
- ext = "db";
- break;
- case xpJPEGFile:
- directory = theApp.m_pTempDir;
- ext = ".jpg";
- prefix = (char *)request_prefix;
- break;
- case xpPKCS12File:
- directory = theApp.m_pTempDir;
- ext = ".p12";
- prefix = (char *)request_prefix;
- break;
- case xpTemporary:
- default:
- directory = theApp.m_pTempDir;
- ext = (char *)extension;
- prefix = (char *)request_prefix;
- break;
- }
-
- if(!directory)
- return(NULL);
-
- if(!prefix)
- prefix = "X";
-
- if(!ext)
- ext = ".TMP";
-
- /* We need to base our temporary file names on time, and not on sequential */
- /* addition because of the cache not being updated when the user */
- /* crashes and files that have been deleted are over written with */
- /* other files; bad data. */
- /* The 52 valid DOS file name characters are */
- /* 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_^$~!#%&-{}@`'() */
- /* We will only be using the first 32 of the choices. */
- /* */
- /* Time name format will be M+++++++.MOZ */
- /* Where M is the single letter prefix (can be longer....) */
- /* Where +++++++ is the 7 character time representation (a full 8.3 */
- /* file name will be made). */
- /* Where .MOZ is the file extension to be used. */
- /* */
- /* In the event that the time requested is the same time as the last call */
- /* to this function, then the current time is incremented by one, */
- /* as is the last time called to facilitate unique file names. */
- /* In the event that the invented file name already exists (can't */
- /* really happen statistically unless the clock is messed up or we */
- /* manually incremented the time), then the times are incremented */
- /* until an open name can be found. */
- /* */
- /* time_t (the time) has 32 bits, or 4,294,967,296 combinations. */
- /* We will map the 32 bits into the 7 possible characters as follows: */
- /* Starting with the lsb, sets of 5 bits (32 values) will be mapped */
- /* over to the appropriate file name character, and then */
- /* incremented to an approprate file name character. */
- /* The left over 2 bits will be mapped into the seventh file name */
- /* character. */
- /* */
-
- int i_letter, i_timechars, i_numtries = 0;
- char ca_time[8];
- time_t this_call = (time_t)0;
-
- /* We have to base the length of our time string on the length */
- /* of the incoming prefix.... */
- /* */
- i_timechars = 8 - strlen(prefix);
-
- /* Infinite loop until the conditions are satisfied. */
- /* There is no danger, unless every possible file name is used. */
- /* */
- while(1) {
- /* We used to use the time to generate this. */
- /* Now, we use some crypto to avoid bug #47027 */
- RNG_GenerateGlobalRandomBytes((void *)&this_call, sizeof(this_call));
-
- /* Convert the time into a 7 character string. */
- /* Strip only the signifigant 5 bits. */
- /* We'll want to reverse the string to make it look coherent */
- /* in a directory of file names. */
- /* */
- for(i_letter = 0; i_letter < i_timechars; i_letter++) {
- ca_time[i_letter] = (char)((this_call >> (i_letter * 5)) & 0x1F);
-
- /* Convert any numbers to their equivalent ascii code */
- /* */
- if(ca_time[i_letter] <= 9) {
- ca_time[i_letter] += '0';
- }
- /* Convert the character to it's equivalent ascii code */
- /* */
- else {
- ca_time[i_letter] += 'A' - 10;
- }
- }
-
- /* End the created time string. */
- /* */
- ca_time[i_letter] = '\0';
-
- /* Reverse the time string. */
- /* */
- _strrev(ca_time);
-
- /* Create the fully qualified path and file name. */
- /* */
- sprintf(file_buf, "%s\\%s%s%s", directory, prefix, ca_time, ext);
-
- /* Determine if the file exists, and mark that we've tried yet */
- /* another file name (mark to be used later). */
- /* */
- /* Use the system call instead of XP_Stat since we already */
- /* know the name and we don't want recursion */
- /* */
- status = _stat(file_buf, &statinfo);
- i_numtries++;
-
- /* If it does not exists, we are successful, return the name. */
- /* */
- if(status == -1) {
- /* don't generate a directory as part of the cache temp names.
- * When the cache file name is passed into the other XP_File
- * functions we will append the cache directory to the name
- * to get the complete path.
- * This will allow the cache to be moved around
- * and for netscape to be used to generate external cache FAT's.
- */
- if(type == xpCache )
- sprintf(file_buf, "%s%s%s", prefix, ca_time, ext);
-
- TRACE("Temp file name is %s\n", file_buf);
- return(file_buf);
- }
-
- /* If there is no room for additional characters in the time, */
- /* we'll have to return NULL here, or we go infinite. */
- /* This is a one case scenario where the requested prefix is */
- /* actually 8 letters long! */
- /* Infinite loops could occur with a 7, 6, 5, etc character prefixes */
- /* if available files are all eaten up (rare to impossible), in */
- /* which case, we should check at some arbitrary frequency of */
- /* tries before we give up instead of attempting to Vulcanize */
- /* this code. Live long and prosper. */
- /* */
- if(i_timechars == 0) {
- break;
- } else if(i_numtries == 0x00FF) {
- break;
- }
- }
-
- /* Requested name is thought to be impossible to generate. */
- /* */
- TRACE("No more temp file names....\n");
- return(NULL);
-
-}
-
-PUBLIC char *
-WH_TempFileName(int type, const char * request_prefix, const char * extension)
-{
- static char file_buf[_MAX_PATH]; /* protected by _pr_TempName_lock */
- char* result;
-
- if (_pr_TempName_lock == NULL)
- _pr_TempName_lock = PR_NewNamedMonitor("TempName-lock");
- PR_EnterMonitor(_pr_TempName_lock);
-
- result = XP_STRDUP(xp_TempFileName(type, request_prefix, extension, file_buf));
- PR_ExitMonitor(_pr_TempName_lock);
- return result;
-}
-
-#endif /* CMD_STUB */
-
-/* */
-/* Return a string that is equal to the NetName string but with the */
-/* cross-platform characters changed back into DOS characters */
-/* The caller is responsible for XP_FREE()ing the string */
-/* */
-MODULE_PRIVATE char *
-XP_NetToDosFileName(const char * NetName)
-{
- char *p, *newName;
- BOOL bChopSlash = FALSE;
-
- if(!NetName)
- return NULL;
-
- /* If the name is only '/' or begins '//' keep the */
- /* whole name else strip the leading '/' */
-
- if(NetName[0] == '/')
- bChopSlash = TRUE;
-
- /* save just / as a path */
- if(NetName[0] == '/' && NetName[1] == '\0')
- bChopSlash = FALSE;
-
- /* spanky Win9X path name */
- if(NetName[0] == '/' && NetName[1] == '/')
- bChopSlash = FALSE;
-
- if(bChopSlash)
- newName = XP_STRDUP(&(NetName[1]));
- else
- newName = XP_STRDUP(NetName);
-
- if(!newName)
- return NULL;
-
- for(p = newName; *p; p++) {
- switch(*p) {
- case '|':
- *p = ':';
- break;
- case '/':
- *p = '\\';
- break;
- default:
- break;
- }
- }
-
- return(newName);
-
-}
-
-
-/* */
-/* Returns the absolute name of a file */
-/* */
-/* The result of this function can be used with the standard */
-/* open/fopen ansi file functions */
-/* */
-PUBLIC char *
-xp_FileName(const char * name, XP_FileType type, char* *myName)
-{
- char * newName = NULL;
- char * netLibName = NULL;
- char * tempName = NULL;
- char * prefStr = NULL;
- BOOL bNeedToRegister = FALSE; /* == do we need to register a new */
- /* newshost->file name mapping */
- struct _stat sInfo;
- int iDot;
- int iColon;
-
-#ifndef CMD_STUB
- CString csHostName;
- CString csHost;
- CString fileName;
-#endif
-
- switch(type) {
-
-#ifndef CMD_STUB
- case xpCacheFAT:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\fat.db", (const char *)theApp.m_pCacheDir);
- break;
- case xpExtCacheIndex:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\extcache.fat", (const char *)theApp.m_pCacheDir);
- break;
-
- case xpSARCacheIndex:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\archive.fat", theApp.m_pSARCacheDir);
- break;
-
- case xpHTTPCookie:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- /*sprintf(newName, "%s\\cookies.txt", theApp.m_pInstallDir->GetCharValue()); */
- /* changed to support multi-profile */
- sprintf(newName, "%s\\cookies.txt", (const char *)theApp.m_UserDirectory);
- break;
-#ifndef MOZ_LITE
- case xpSNewsRC:
- case xpNewsRC:
- /* see if we are asking about the default news host */
- /* else look up in netlib */
- if ( !name || !strlen(name) )
- name = g_MsgPrefs.m_csNewsHost;
-
- netLibName = NET_MapNewsrcHostToFilename((char *)name,
- (type == xpSNewsRC),
- FALSE);
-
- /* if we found something in our map just skip the rest of this */
- if(netLibName && *netLibName) {
- newName = XP_STRDUP(netLibName);
- break;
- }
-
- /* whatever name we eventually end up with we will need to register it */
- /* before we leave the function */
- bNeedToRegister = TRUE;
-
- /* If we are on the default host see if there is a newsrc file in the */
- /* news directory. If so, that is what we want */
- if(!stricmp(name, g_MsgPrefs.m_csNewsHost)) {
- csHostName = g_MsgPrefs.m_csNewsDir;
- csHostName += "\\newsrc";
- if(_stat((const char *) csHostName, &sInfo) == 0) {
- newName = XP_STRDUP((const char *) csHostName);
- break;
- }
- }
-
- /* See if we are going to be able to build a file name based */
- /* on the hostname */
- csHostName = g_MsgPrefs.m_csNewsDir;
- csHostName += '\\';
-
- /* build up '<hostname>.rc' so we can tell how long its going to be */
- /* we will use that as the default name to try */
- if(type == xpSNewsRC)
- csHost += 's';
- csHost += name;
-
- /* if we have a news host news.foo.com we just want to use the "news" */
- /* part */
- iDot = csHost.Find('.');
- if(iDot != -1)
- csHost = csHost.Left(iDot);
-
-#ifdef XP_WIN16
- if(csHost.GetLength() > 8)
- csHost = csHost.Left(8);
-#endif
-
- iColon = csHost.Find(':');
- if (iColon != -1) {
- /* Windows file system seems to do horrid things if you have */
- /* a filename with a colon in it. */
- csHost = csHost.Left(iColon);
- }
-
- csHost += ".rc";
-
- /* csHost is now of the form <hostname>.rc and is in 8.3 format */
- /* if we are on a Win16 box */
-
- csHostName += csHost;
-
- /* looks like a file with that name already exists -- panic */
- if(_stat((const char *) csHostName, &sInfo) != -1) {
-
- char host[5];
-
- /* else generate a new file in news directory */
- strncpy(host, name, 4);
- host[4] = '\0';
-
- newName = WH_TempFileName(type, host, ".rc");
- if(!newName)
- return(NULL);
-
- } else {
-
- newName = XP_STRDUP((const char *) csHostName);
-
- }
-
- break;
- case xpNewsrcFileMap:
- /* return name of FAT file in news directory */
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\fat", (const char *)g_MsgPrefs.m_csNewsDir);
- break;
- case xpNewsgroups:
- case xpSNewsgroups:
- /* look up in netlib */
- if ( !name || !strlen(name) )
- name = g_MsgPrefs.m_csNewsHost;
-
- netLibName = NET_MapNewsrcHostToFilename((char *)name,
- (type == xpSNewsgroups),
- TRUE);
-
- if(!netLibName) {
-
- csHostName = g_MsgPrefs.m_csNewsDir;
- csHostName += '\\';
-
- if(type == xpSNewsgroups)
- csHost += 's';
- csHost += name;
-
- /* see if we can just use "<hostname>.rcg" */
- /* it might be news.foo.com so just take "news" */
- int iDot = csHost.Find('.');
- if(iDot != -1)
- csHost = csHost.Left(iDot);
-
-#ifdef XP_WIN16
- if(csHost.GetLength() > 8)
- csHost = csHost.Left(8);
-#endif
-
- iColon = csHost.Find(':');
- if (iColon != -1) {
- /* Windows file system seems to do horrid things if you have */
- /* a filename with a colon in it. */
- csHost = csHost.Left(iColon);
- }
-
- csHost += ".rcg";
-
- /* csHost is now of the form <hostname>.rcg */
-
- csHostName += csHost;
-
- /* looks like a file with that name already exists -- panic */
- if(_stat((const char *) csHostName, &sInfo) != -1) {
-
- char host[5];
-
- /* else generate a new file in news directory */
- strncpy(host, name, 4);
- host[4] = '\0';
-
- newName = WH_TempFileName(type, host, ".rcg");
- if(!newName)
- return(NULL);
-
- } else {
-
- newName = XP_STRDUP((const char *) csHostName);
-
- }
-
- if ( !name || !strlen(name))
- NET_RegisterNewsrcFile(newName,(char *)(const char *)g_MsgPrefs.m_csNewsHost,
- (type == xpSNewsgroups), TRUE );
- else
- NET_RegisterNewsrcFile(newName,(char*)name,(type == xpSNewsgroups), TRUE );
-
- } else {
-
- newName = XP_STRDUP(netLibName);
-
- }
- break;
- case xpMimeTypes:
- name = NULL;
- break;
-#endif /* MOZ_LITE */
- case xpGlobalHistory:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- /* changed to support multi-profile */
- /*sprintf(newName, "%s\\netscape.hst", theApp.m_pInstallDir->GetCharValue()); */
- sprintf(newName, "%s\\netscape.hst", (const char *)theApp.m_UserDirectory);
- break;
- case xpGlobalHistoryList:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf( newName, "%s\\ns_hstry.htm" );
- break;
- case xpKeyChain:
- name = NULL;
- break;
-
- /* larubbio */
- case xpSARCache:
- if(!name) {
- return NULL;
- }
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\%s", theApp.m_pSARCacheDir, name);
- break;
-
- case xpCache:
- if(!name) {
- tempName = WH_TempFileName(xpCache, NULL, NULL);
- if (!tempName) return NULL;
- name = tempName;
- }
- newName = (char *) XP_ALLOC(_MAX_PATH);
- if ((strchr(name,'|') || strchr(name,':'))) { /* Local File URL if find a | */
- if(name[0] == '/')
- strcpy(newName,name+1); /* skip past extra slash */
- else
- strcpy(newName,name); /* absolute path is valid */
- } else {
- sprintf(newName, "%s\\%s", (const char *)theApp.m_pCacheDir, name);
- }
- break;
- case xpBookmarks:
- case xpHotlist:
- if (!name || !strlen(name))
- name = theApp.m_pBookmarkFile;
- break;
-#endif /* CMD_STUB */
-
- case xpSocksConfig:
- prefStr = NULL;
-#ifndef CMD_STUB
- PREF_CopyCharPref("browser.socksfile_location", &prefStr);
-#else
- ASSERT(0);
-#endif
- name = prefStr;
- break;
-
-#ifndef CMD_STUB
- case xpCertDB:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- if ( name ) {
- sprintf(newName, "%s\\cert%s.db", (const char *)theApp.m_UserDirectory, name);
- } else {
- sprintf(newName, "%s\\cert.db", (const char *)theApp.m_UserDirectory);
- }
- break;
- case xpCertDBNameIDX:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\certni.db", (const char *)theApp.m_UserDirectory);
- break;
- case xpKeyDB:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- if ( name ) {
- sprintf(newName, "%s\\key%s.db", (const char *)theApp.m_UserDirectory, name);
- } else {
- sprintf(newName, "%s\\key.db", (const char *)theApp.m_UserDirectory);
- }
- break;
- case xpSecModuleDB:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\secmod.db", (const char *)theApp.m_UserDirectory);
- break;
- case xpSignedAppletDB:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- if ( name ) {
- sprintf(newName, "%s\\signed%s.db", (const char *)theApp.m_UserDirectory, name);
- } else {
- sprintf(newName, "%s\\signed.db", (const char *)theApp.m_UserDirectory);
- }
- break;
-#ifndef MOZ_LITE
- case xpAddrBook:
-#ifdef XP_WIN16
- if(!name || !strlen(name) )
- newName = WH_TempName(type, NULL);
-#else
- newName = (char *) XP_ALLOC(_MAX_PATH);
- strcpy(newName, name);
-
- /* strip off the extension */
- {
- char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
- if(!pEnd)
- pEnd = newName;
-
- pEnd = strchr(pEnd, '.');
- if(pEnd)
- *pEnd = '\0';
- }
- strcat(newName, ".nab");
-#endif
- break;
- case xpAddrBookNew:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\%s", (const char *)theApp.m_UserDirectory, name);
- break;
- case xpVCardFile:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- strcpy(newName, name);
-
- /* strip off the extension */
- {
- char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
- if(!pEnd)
- pEnd = newName;
-
- pEnd = strchr(pEnd, '.');
- if(pEnd)
- *pEnd = '\0';
- }
- strcat(newName, ".vcf");
- break;
- case xpLDIFFile:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- strcpy(newName, name);
-
- /* strip off the extension */
- {
- char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
- if(!pEnd)
- pEnd = newName;
-
- pEnd = strchr(pEnd, '.');
- if(pEnd)
- *pEnd = '\0';
- }
-#ifdef XP_WIN16
- strcat(newName, ".ldi");
-#else
- strcat(newName, ".ldif");
-#endif
- break;
- case xpTemporaryNewsRC:
- {
- CString csHostName = g_MsgPrefs.m_csNewsDir;
- csHostName += "\\news.tmp";
- newName = XP_STRDUP((const char *) csHostName);
- }
- break;
-#endif /* MOZ_LITE */
- case xpPKCS12File:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- strcpy(newName, name);
-
- /* strip off the extension */
- {
- char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
- if(!pEnd)
- pEnd = newName;
-
- pEnd = strchr(pEnd, '.');
- if(pEnd)
- *pEnd = '\0';
- }
- strcat(newName, ".p12");
- break;
- case xpTemporary:
- if(!name || !strlen(name) )
- newName = WH_TempName(type, NULL);
- break;
-#ifndef MOZ_LITE
- case xpMailFolder:
- if(!name)
- name = g_MsgPrefs.m_csMailDir;
- break;
- case xpMailFolderSummary:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- strcpy(newName, name);
-
- /* strip off the extension */
- {
- char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
- if(!pEnd)
- pEnd = newName;
-
-#ifdef XP_WIN16 /* backend won't allow '.' in win16 folder names, but just to be safe. */
- pEnd = strchr(pEnd, '.');
- if(pEnd)
- *pEnd = '\0';
-#endif
- }
- strcat(newName, ".snm");
- break;
- case xpMailSort:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\rules.dat", (const char *)g_MsgPrefs.m_csMailDir);
- break;
- case xpMailFilterLog:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\mailfilt.log", (const char *)g_MsgPrefs.m_csMailDir);
- break;
- case xpNewsFilterLog:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\newsfilt.log", (const char *)g_MsgPrefs.m_csNewsDir);
- break;
- case xpMailPopState:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\popstate.dat", (const char *)g_MsgPrefs.m_csMailDir);
- break;
- case xpMailSubdirectory:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- strcpy(newName, name);
-
- /* strip off the trailing slash if any */
- {
- char * pEnd = max(strrchr(newName, '\\'), strrchr(newName, '/'));
- if(!pEnd)
- pEnd = newName;
- }
-
- strcat(newName, ".sbd");
- break;
-#endif /* MOZ_LITE */
- /* name of global cross-platform registry */
- case xpRegistry:
- /* eventually need to support arbitrary names; this is the default */
- newName = (char *) XP_ALLOC(_MAX_PATH);
- if ( newName != NULL ) {
- GetWindowsDirectory(newName, _MAX_PATH);
- int namelen = strlen(newName);
- if ( newName[namelen-1] == '\\' )
- namelen--;
- strcpy(newName+namelen, "\\nsreg.dat");
- }
- break;
- /* name of news group database */
-#ifndef MOZ_LITE
- case xpXoverCache:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\%s", (const char *)g_MsgPrefs.m_csNewsDir, name);
- break;
-#endif /* MOZ_LITE */
- case xpProxyConfig:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- /*sprintf(newName, "%s\\proxy.cfg", theApp.m_pInstallDir->GetCharValue()); */
- sprintf(newName, "%s\\proxy.cfg", (const char *)theApp.m_UserDirectory);
- break;
-
- /* add any cases where no modification is necessary here */
- /* The name is fine all by itself, no need to modify it */
- case xpFileToPost:
- case xpExtCache:
- case xpURL:
- /* name is OK as it is */
- break;
-#ifndef MOZ_LITE
- case xpNewsHostDatabase:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- sprintf(newName, "%s\\news.db", (const char *)g_MsgPrefs.m_csNewsDir);
- break;
-
- case xpImapRootDirectory:
- newName = PR_smprintf ("%s\\ImapMail", (const char *)theApp.m_UserDirectory);
- break;
- case xpImapServerDirectory:
- {
- int len = 0;
- char *tempImapServerDir = XP_STRDUP(name);
- char *imapServerDir = tempImapServerDir;
-#ifdef XP_WIN16
- if ((len = XP_STRLEN(imapServerDir)) > 8) {
- imapServerDir = imapServerDir + len - 8;
- }
-#endif
- newName = PR_smprintf ("%s\\ImapMail\\%s", (const char *)theApp.m_UserDirectory, imapServerDir);
- if (tempImapServerDir) XP_FREE(tempImapServerDir);
- }
- break;
-
- case xpJSMailFilters:
- newName = PR_smprintf("%s\\filters.js", (const char *)g_MsgPrefs.m_csMailDir);
- break;
-#endif /* MOZ_LITE */
- case xpFolderCache:
- newName = PR_smprintf ("%s\\summary.dat", (const char *)theApp.m_UserDirectory);
- break;
-
- case xpCryptoPolicy:
- newName = (char *) XP_ALLOC(_MAX_PATH);
- FE_GetProgramDirectory(newName, _MAX_PATH);
- strcat(newName, "moz40p3");
- break;
-#endif /* CMD_STUB */
-
- default:
- ASSERT(0); /* all types should be covered */
- break;
- }
-
-#ifndef MOZ_LITE
- /* make sure we have the correct newsrc file registered for next time */
- if((type == xpSNewsRC || type == xpNewsRC) && bNeedToRegister)
- NET_RegisterNewsrcFile(newName, (char *)name, (type == xpSNewsRC), FALSE );
-#endif
-
- /* determine what file we are supposed to load and make sure it looks */
- /* like a DOS pathname and not some unix-like name */
- if(newName) {
- *myName = XP_NetToDosFileName((const char*)newName);
- XP_FREE(newName);
- } else {
- *myName = XP_NetToDosFileName((const char*)name);
- }
-
- if (tempName) XP_FREE(tempName);
-
- if (prefStr) XP_FREE(prefStr);
-
- /* whee, we're done */
- return(*myName);
-}
-
-/* */
-/* Open a file with the given name */
-/* If a special file type is provided we might need to get the name */
-/* out of the preferences list */
-/* */
-PUBLIC XP_File
-XP_FileOpen(const char * name, XP_FileType type, const XP_FilePerm perm)
-{
- XP_File fp;
- char *filename = WH_FileName(name, type);
-
- if(!filename)
- return(NULL);
-
-#ifdef DEBUG_nobody
- TRACE("Opening a file type (%d) permissions: %s (%s)\n", type, perm, filename);
-#endif
-
-#ifdef XP_WIN32
- if (type == xpURL) {
- HANDLE hFile;
- DWORD dwType;
-
- /* Check if we're trying to open a device. We don't allow this */
- hFile = CreateFile(filename, GENERIC_READ, FILE_SHARE_READ, NULL,
- OPEN_EXISTING, 0, NULL);
-
- if (hFile != INVALID_HANDLE_VALUE) {
- dwType = GetFileType(hFile);
- CloseHandle(hFile);
-
- if (dwType != FILE_TYPE_DISK) {
- XP_FREE(filename);
- return NULL;
- }
- }
- }
-#endif
-
-#ifdef XP_WIN16
- /* Windows uses ANSI codepage, DOS uses OEM codepage, */
- /* fopen takes OEM codepage */
- /* That's why we need to do conversion here. */
- CString oembuff = filename;
- oembuff.AnsiToOem();
- fp = fopen(oembuff, (char *) perm);
-
- if (fp && type == xpURL) {
- union _REGS inregs, outregs;
-
- /* Check if we opened a device. Execute an Interrupt 21h to invoke */
- /* MS-DOS system call 44h */
- inregs.x.ax = 0x4400; /* MS-DOS function to get device information */
- inregs.x.bx = _fileno(fp);
- _int86(0x21, &inregs, &outregs);
-
- if (outregs.x.dx & 0x80) {
- /* It's a device. Don't allow any reading/writing */
- fclose(fp);
- XP_FREE(filename);
- return NULL;
- }
- }
-#else
- fp = fopen(filename, (char *) perm);
-#endif
- XP_FREE(filename);
- return(fp);
-}
-
-
-
-/******************************************************************************/
-/* Thread-safe entry points: */
-
-extern PRMonitor* _pr_TempName_lock;
-
-#ifndef CMD_STUB
-
-char *
-WH_TempName(XP_FileType type, const char * prefix)
-{
- static char buf[_MAX_PATH]; /* protected by _pr_TempName_lock */
- char* result;
-
- if (_pr_TempName_lock == NULL)
- _pr_TempName_lock = PR_NewNamedMonitor("TempName-lock");
- PR_EnterMonitor(_pr_TempName_lock);
-
- result = XP_STRDUP(xp_TempFileName(type, prefix, NULL, buf));
-
- PR_ExitMonitor(_pr_TempName_lock);
-
- return result;
-}
-
-#endif /* CMD_STUB */
-
-PUBLIC char *
-WH_FileName (const char *name, XP_FileType type)
-{
- char* myName;
- char* result;
- /*
- ** I'm not sure this lock is really needed by windows, but just
- ** to be safe:
- */
- /* XP_ASSERT(_pr_TempName_lock); */
- /* PR_EnterMonitor(_pr_TempName_lock); */
- result = xp_FileName(name, type, &myName);
- /* PR_ExitMonitor(_pr_TempName_lock); */
- return myName;
-}
-
-#endif /* XP_WIN */
diff --git a/security/nss/cmd/lib/makefile.win b/security/nss/cmd/lib/makefile.win
deleted file mode 100644
index 92081a2f8..000000000
--- a/security/nss/cmd/lib/makefile.win
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include <manifest.mn>
-
-include <$(DEPTH)\config\config.mak>
-
-# include files are aought in LINCS and INCS.
-# LINCS are generated from REQUIRES in manigest.mn
-INCS = $(INCS) \
- -I..\include \
- -I..\..\lib\cert \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)\dist\public\security \
- -I$(DEPTH)\dist\public\nspr \
- -I$(DEPTH)\cmd\winfe \
- $(NULL)
-
-LCFLAGS = -DUSE_SSL -DEXPORT_VERSION
-
-PDBFILE = $(LIBNAME).pdb
-
-# work around a bug in rules.mak
-LIBRARY_SUFFIX = $(MOZ_BITS)
-
-include <$(DEPTH)\config\rules.mak>
-
-install:: $(LIBRARY)
-# $(MAKE_INSTALL) $(LIBRARY) $(DIST)\lib
-
-
-symbols::
- @echo "LIBRARY_NAME is $(LIBRARY_NAME)"
- @echo "LIBRARY is $(LIBRARY)"
diff --git a/security/nss/cmd/lib/manifest.mn b/security/nss/cmd/lib/manifest.mn
deleted file mode 100644
index 969596863..000000000
--- a/security/nss/cmd/lib/manifest.mn
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-LIBRARY_NAME = sectool
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = seccmd
-
-DEFINES = -DNSPR20
-
-EXPORTS = secutil.h \
- $(NULL)
-
-CSRCS = secutil.c \
- secpwd.c \
- derprint.c \
- secerror.c \
- seccnames.c \
- ffs.c \
- $(NULL)
-
-OLD_CSRCS = dongle.c \
- derprint.c \
- err.c \
- fe_util.c \
- ffs.c \
- filestub.c \
- secarb.c \
- secpwd.c \
- secutil.c \
- sslstubs.c \
- strerror.c \
- stubs.c \
- $(NULL)
-
-REQUIRES = security nspr dbm
-
diff --git a/security/nss/cmd/lib/secarb.c b/security/nss/cmd/lib/secarb.c
deleted file mode 100644
index 176fcbf8b..000000000
--- a/security/nss/cmd/lib/secarb.c
+++ /dev/null
@@ -1,372 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-#ifdef __sun
-extern int fprintf(FILE *strm, const char *format, .../* args */);
-extern int fflush(FILE *stream);
-#endif
-
-#define RIGHT_MARGIN 24
-/*#define RAW_BYTES 1 */
-
-typedef unsigned char Byte;
-
-static int prettyColumn; /* NOTE: This is NOT reentrant. */
-
-static char *prettyTagType [32] = {
- "End of Contents", "Boolean", "Integer", "Bit String", "Octet String",
- "NULL", "Object Identifier", "0x07", "0x08", "0x09", "0x0A",
- "0x0B", "0X0C", "0X0D", "0X0E", "0X0F", "Sequence", "Set",
- "0x12", "Printable String", "T61 String", "0x15", "IA5 String",
- "UTCTime",
- "0x18", "0x19", "0x1A", "0x1B", "0x1C", "0x1D", "0x1E",
- "High-Tag-Number"
-};
-
-static SECStatus prettyNewline(FILE *out)
-{
- int rv;
-
- if (prettyColumn != -1) {
- rv = fprintf(out, "\n");
- prettyColumn = -1;
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-static SECStatus prettyIndent(FILE *out, unsigned level)
-{
- unsigned i;
- SECStatus rv;
-
- if (prettyColumn == -1) {
- prettyColumn = level;
- for (i = 0; i < level; i++) {
- rv = (SECStatus) fprintf(out, " ");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
- }
- }
- return SECSuccess;
-}
-
-static SECStatus prettyPrintByte(FILE *out, Byte item, unsigned level)
-{
- SECStatus rv;
-
- rv = prettyIndent(out, level);
- if (rv) return rv;
-
- rv = (SECStatus) fprintf(out, "%02x ", item);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
- prettyColumn++;
- if (prettyColumn >= RIGHT_MARGIN) {
- rv = prettyNewline(out);
- return rv;
- }
- return SECSuccess;
-}
-
-static SECStatus prettyPrintCString(FILE *out, char *str, unsigned level)
-{
- SECStatus rv;
-
- rv = prettyNewline(out);
- if (rv) return rv;
-
- rv = prettyIndent(out, level);
- if (rv) return rv;
-
- rv = (SECStatus) fprintf(out, str);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
- rv = prettyNewline(out);
- return rv;
-}
-
-static SECStatus prettyPrintLeafString(FILE *out, SECArb *arb, unsigned lv)
-{
- unsigned char buf[100];
- SECStatus rv;
- int length = arb->body.item.len;
-
- if (length > 0 && arb->body.item.data == NULL)
- return prettyPrintCString(out, "(string contents not available)", lv);
-
- if (length >= sizeof(buf))
- length = sizeof(buf) - 1;
-
- rv = prettyNewline(out);
- if (rv) return rv;
-
- rv = prettyIndent(out, lv);
- if (rv) return rv;
-
- memcpy(buf, arb->body.item.data, length);
- buf[length] = '\000';
-
- rv = (SECStatus) fprintf(out, "\"%s\"", buf);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
- rv = prettyNewline(out);
- if (rv) return rv;
-
- return SECSuccess;
-}
-
-static SECStatus prettyPrintLeaf(FILE *out, SECArb* arb, unsigned lv)
-{
- unsigned i;
- SECStatus rv;
- Byte *data = arb->body.item.data;
-
- if (data == NULL && arb->body.item.len > 0)
- return prettyPrintCString(out, "(data not availabe)", lv);
-
- for (i = 0; i < arb->body.item.len; i++) {
- rv = prettyPrintByte(out, *data++, lv);
- if (rv) return rv;
- }
-
- rv = prettyNewline(out);
- return rv;
-}
-
-static SECStatus prettyPrintEndContents(FILE *out, unsigned level)
-{
- return prettyPrintCString(out, prettyTagType[0], level);
-}
-
-static SECStatus prettyPrintTag(FILE *out, SECArb *arb, unsigned level)
-{
- int rv;
-
-#ifdef RAW_BYTES
- if (prettyPrintByte(out, arb->tag, level)) return PR_TRUE;
-#else
- if (prettyIndent(out, level)) return PR_TRUE;
-#endif
-
- if (arb->tag & DER_CONSTRUCTED) {
- rv = fprintf(out, "C-");
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return PR_TRUE;
- }
- }
-
- switch(arb->tag & 0xC0) {
- case DER_UNIVERSAL:
- rv = fprintf(out, "%s ", prettyTagType[arb->tag & 0x17]);
- break;
- case DER_APPLICATION:
- rv = fprintf(out, "Application: %d ", arb->tag & 0x17);
- break;
- case DER_CONTEXT_SPECIFIC:
- rv = fprintf(out, "[%d] ", arb->tag & 0x17);
- break;
- case DER_PRIVATE:
- rv = fprintf(out, "Private: %d ", arb->tag & 0x17);
- break;
- }
-
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static SECStatus prettyPrintLength(FILE *out, SECArb *arb, unsigned lv)
-{
- int rv = fprintf(out, " (%d)\n", arb->length);
- if (rv < 0) {
- PORT_SetError(SEC_ERROR_IO);
- return -1;
- }
- prettyColumn = -1;
- return PR_FALSE;
-}
-
-static SECStatus prettyPrint(FILE *out, SECArb *arb, unsigned lv)
-{
- int i;
-
- prettyPrintTag(out, arb, lv);
- prettyPrintLength(out, arb, lv);
-
- if (arb->tag & DER_CONSTRUCTED) {
- for (i = 0; i < arb->body.cons.numSubs; i++)
- prettyPrint(out, arb->body.cons.subs[i], lv + 1);
- if (arb->length == 0)
- prettyPrintEndContents(out, lv);
- } else {
- if (arb->tag == DER_PRINTABLE_STRING || arb->tag == DER_UTC_TIME) {
- if (prettyPrintLeafString(out, arb, lv+1)) return PR_TRUE;
-#ifdef RAW_BYTES
- if (prettyPrintLeaf(out, arb, lv+1)) return PR_TRUE;
-#endif
- } else {
- if (prettyPrintLeaf(out, arb, lv+1)) return PR_TRUE;
- }
- }
-
- return prettyNewline(out);
-}
-
-SECStatus BER_PrettyPrintArb(FILE *out, SECArb *a)
-{
- prettyColumn = -1;
- return prettyPrint(out, a, 0);
-}
-
-/*
- * PackHeader puts the tag and length field into a buffer provided by the
- * client. It assumes the client has made the buffer at least big
- * enough. (8 bytes will suffice for now). It returns the number of
- * valid bytes
- */
-static int PackHeader(SECArb *arb, unsigned char *header)
-{
- int tagBytes, lengthBytes;
- unsigned long length = arb->length;
- /*
- * XXX only handles short form tags
- */
- header[0] = arb->tag;
- tagBytes = 1;
-
- if (length < 0x80) {
- if ((arb->tag & DER_CONSTRUCTED) && (arb->length == 0))
- header[tagBytes] = 0x80; /* indefinite length form */
- else
- header[tagBytes] = arb->length;
- lengthBytes = 1;
- } else {
- int i;
- lengthBytes = 0;
- for (i = 0; i < 4; i++) {
- if ((length & 0xFF000000) || (lengthBytes > 0)) {
- header[tagBytes + lengthBytes + 1] = length >> 24;
- lengthBytes++;
- }
- length <<= 8;
- }
- header[tagBytes] = 0x80 + lengthBytes;
- lengthBytes++; /* allow for the room for the length length */
- }
- return tagBytes + lengthBytes;
-}
-
-SECStatus BER_Unparse(SECArb *arb, BERUnparseProc proc, void *instance)
-{
- int i, length;
- SECStatus rv;
- unsigned char header[12];
-
- length = PackHeader(arb, header);
- rv = (*proc)(instance, header, length, arb);
- if (rv) return rv;
-
- if (arb->tag & DER_CONSTRUCTED) {
- for (i = 0; i < arb->body.cons.numSubs; i++) {
- rv = BER_Unparse(arb->body.cons.subs[i], proc, instance);
- if (rv) return rv;
- }
- if (arb->length == 0) {
- rv = (*proc)(instance, "\0\0", 2, arb);
- if (rv) return rv;
- }
- } else {
- if ((arb->length > 0) && (arb->body.item.data == NULL))
- return SECFailure;
- if (arb->length != arb->body.item.len)
- return SECFailure;
- rv = (*proc)(instance, arb->body.item.data, arb->length, arb);
- }
- return SECSuccess;
-}
-
-static int ResolveLength(SECArb *arb)
-{
- int length, i, rv;
- unsigned char header[12];
-
- /*
- * One theory is that there might be valid subtrees along with
- * still yet uknown length trees. That would imply that the scan
- * should not be aborted on first failure.
- */
-
- length = PackHeader(arb, header);
- if (arb->tag | DER_CONSTRUCTED) {
- if (arb->length > 0)
- length += arb->length;
- else {
- for (i = 0; i < arb->body.cons.numSubs; i++) {
- rv = ResolveLength(arb->body.cons.subs[i]);
- if (rv < 0) return -1;
- length += rv;
- }
- arb->length = length;
- }
- } else {
- if (arb->length != arb->body.item.len)
- return -1;
- length += arb->length;
- }
- return length;
-}
-
-SECStatus BER_ResolveLengths(SECArb *arb)
-{
- int rv;
- rv = ResolveLength(arb);
- if (rv < 0) return SECFailure;
- return SECSuccess;
-}
diff --git a/security/nss/cmd/lib/seccnames.c b/security/nss/cmd/lib/seccnames.c
deleted file mode 100644
index 833361e41..000000000
--- a/security/nss/cmd/lib/seccnames.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "prerror.h"
-#include "prprf.h"
-#include "plgetopt.h"
-
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "secrng.h"
-#include <sys/stat.h>
-#include <stdarg.h>
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "certt.h"
-#include "certdb.h"
-
-typedef struct {
- char * name;
- CERTCertTrust trust;
-} certNameAndTrustEntry;
-
-typedef struct {
- int numCerts;
- certNameAndTrustEntry *nameAndTrustEntries;
-} certNameAndTrustList;
-
-SECStatus
-sec_CountCerts(CERTCertificate *cert, SECItem *unknown, void *arg)
-{
- (*(int*)arg)++;
- return SECSuccess;
-}
-
-SECStatus
-sec_CollectCertNamesAndTrust(CERTCertificate *cert, SECItem *unknown, void *arg)
-{
- certNameAndTrustList *pCertNames = (certNameAndTrustList*)arg;
- char *name;
- int i;
-
- i = pCertNames->numCerts;
- name = cert->nickname ? cert->nickname : cert->emailAddr;
-
- if (name)
- pCertNames->nameAndTrustEntries[i].name = PORT_Strdup(name);
- else
- pCertNames->nameAndTrustEntries[i].name = PORT_Strdup("<unknown>");
-
- PORT_Memcpy(&pCertNames->nameAndTrustEntries[i].trust, cert->trust, sizeof(*cert->trust));
-
- pCertNames->numCerts++;
-
- return SECSuccess;
-}
-
-
-static int
-sec_name_and_trust_compare_by_name(const void *p1, const void *p2)
-{
- certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1;
- certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2;
- return PORT_Strcmp(e1->name, e2->name);
-}
-
-static int
-sec_combine_trust_flags(CERTCertTrust *trust)
-{
- if (trust == NULL)
- return 0;
- return trust->sslFlags | trust->emailFlags | trust->objectSigningFlags;
-}
-
-static int
-sec_name_and_trust_compare_by_trust(const void *p1, const void *p2)
-{
- certNameAndTrustEntry *e1 = (certNameAndTrustEntry *)p1;
- certNameAndTrustEntry *e2 = (certNameAndTrustEntry *)p2;
- int e1_is_ca, e2_is_ca;
- int e1_is_user, e2_is_user;
- int rv;
-
- e1_is_ca = (sec_combine_trust_flags(&e1->trust) & CERTDB_VALID_CA) != 0;
- e2_is_ca = (sec_combine_trust_flags(&e2->trust) & CERTDB_VALID_CA) != 0;
- e1_is_user = (sec_combine_trust_flags(&e1->trust) & CERTDB_USER) != 0;
- e2_is_user = (sec_combine_trust_flags(&e2->trust) & CERTDB_USER) != 0;
-
- /* first, sort by user status, then CA status, */
- /* then by actual comparison of CA flags, then by name */
- if ((rv = (e2_is_user - e1_is_user)) == 0 && (rv = (e1_is_ca - e2_is_ca)) == 0)
- if (e1_is_ca || (rv = memcmp(&e1->trust, &e2->trust, sizeof(CERTCertTrust))) == 0)
- return PORT_Strcmp(e1->name, e2->name);
- else
- return rv;
- else
- return rv;
-}
-
-SECStatus
-SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc *out,
- PRBool sortByName, PRBool sortByTrust)
-{
- certNameAndTrustList certNames = { 0, NULL };
- int numCerts, i;
- SECStatus rv;
- int (*comparefn)(const void *, const void *);
- char trusts[30];
-
- numCerts = 0;
-
- rv = SEC_TraversePermCerts(handle, sec_CountCerts, &numCerts);
- if (rv != SECSuccess)
- return SECFailure;
-
- certNames.nameAndTrustEntries =
- (certNameAndTrustEntry *)PORT_Alloc(numCerts * sizeof(certNameAndTrustEntry));
- if (certNames.nameAndTrustEntries == NULL)
- return SECFailure;
-
- rv = SEC_TraversePermCerts(handle, sec_CollectCertNamesAndTrust, &certNames);
- if (rv != SECSuccess)
- return SECFailure;
-
- if (sortByName)
- comparefn = sec_name_and_trust_compare_by_name;
- else if (sortByTrust)
- comparefn = sec_name_and_trust_compare_by_trust;
- else
- comparefn = NULL;
-
- if (comparefn)
- qsort(certNames.nameAndTrustEntries, certNames.numCerts,
- sizeof(certNameAndTrustEntry), comparefn);
-
- PR_fprintf(out, "\n%-60s %-5s\n\n", "Certificate Name", "Trust Attributes");
- for (i = 0; i < certNames.numCerts; i++) {
- PORT_Memset (trusts, 0, sizeof(trusts));
- printflags(trusts, certNames.nameAndTrustEntries[i].trust.sslFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, certNames.nameAndTrustEntries[i].trust.emailFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, certNames.nameAndTrustEntries[i].trust.objectSigningFlags);
- PR_fprintf(out, "%-60s %-5s\n",
- certNames.nameAndTrustEntries[i].name, trusts);
- }
- PR_fprintf(out, "\n");
- PR_fprintf(out, "p Valid peer\n");
- PR_fprintf(out, "P Trusted peer (implies p)\n");
- PR_fprintf(out, "c Valid CA\n");
- PR_fprintf(out, "T Trusted CA to issue client certs (implies c)\n");
- PR_fprintf(out, "C Trusted CA to certs(only server certs for ssl) (implies c)\n");
- PR_fprintf(out, "u User cert\n");
- PR_fprintf(out, "w Send warning\n");
-
- for (i = 0; i < certNames.numCerts; i++)
- PORT_Free(certNames.nameAndTrustEntries[i].name);
- PORT_Free(certNames.nameAndTrustEntries);
-
- return rv;
-}
diff --git a/security/nss/cmd/lib/secerror.c b/security/nss/cmd/lib/secerror.c
deleted file mode 100644
index 857704b79..000000000
--- a/security/nss/cmd/lib/secerror.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "nspr.h"
-
-struct tuple_str {
- PRErrorCode errNum;
- const char * errString;
-};
-
-typedef struct tuple_str tuple_str;
-
-#define ER2(a,b) {a, b},
-#define ER3(a,b,c) {a, c},
-
-#include "secerr.h"
-#include "sslerr.h"
-
-const tuple_str errStrings[] = {
-
-/* keep this list in asceding order of error numbers */
-#include "SSLerrs.h"
-#include "SECerrs.h"
-#include "NSPRerrs.h"
-
-};
-
-const PRInt32 numStrings = sizeof(errStrings) / sizeof(tuple_str);
-
-/* Returns a UTF-8 encoded constant error string for "errNum".
- * Returns NULL of errNum is unknown.
- */
-const char *
-SECU_Strerror(PRErrorCode errNum) {
- PRInt32 low = 0;
- PRInt32 high = numStrings - 1;
- PRInt32 i;
- PRErrorCode num;
- static int initDone;
-
- /* make sure table is in ascending order.
- * binary search depends on it.
- */
- if (!initDone) {
- PRErrorCode lastNum = ((PRInt32)0x80000000);
- for (i = low; i <= high; ++i) {
- num = errStrings[i].errNum;
- if (num <= lastNum) {
- fprintf(stderr,
-"sequence error in error strings at item %d\n"
-"error %d (%s)\n"
-"should come after \n"
-"error %d (%s)\n",
- i, lastNum, errStrings[i-1].errString,
- num, errStrings[i].errString);
- }
- lastNum = num;
- }
- initDone = 1;
- }
-
- /* Do binary search of table. */
- while (low + 1 < high) {
- i = (low + high) / 2;
- num = errStrings[i].errNum;
- if (errNum == num)
- return errStrings[i].errString;
- if (errNum < num)
- high = i;
- else
- low = i;
- }
- if (errNum == errStrings[low].errNum)
- return errStrings[low].errString;
- if (errNum == errStrings[high].errNum)
- return errStrings[high].errString;
- return NULL;
-}
diff --git a/security/nss/cmd/lib/secpwd.c b/security/nss/cmd/lib/secpwd.c
deleted file mode 100644
index 57c4aac5f..000000000
--- a/security/nss/cmd/lib/secpwd.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-/*
- * NOTE: The contents of this file are NOT used by the client.
- * (They are part of the security library as a whole, but they are
- * NOT USED BY THE CLIENT.) Do not change things on behalf of the
- * client (like localizing strings), or add things that are only
- * for the client (put them elsewhere).
- */
-
-
-#ifdef XP_UNIX
-#include <termios.h>
-#include <unistd.h>
-#endif
-
-#ifdef _WINDOWS
-#include <conio.h>
-#include <io.h>
-#define QUIET_FGETS quiet_fgets
-static char * quiet_fgets (char *buf, int length, FILE *input);
-#else
-#define QUIET_FGETS fgets
-#endif
-
-static void echoOff(int fd)
-{
-#if defined(XP_UNIX) && !defined(VMS)
- if (isatty(fd)) {
- struct termios tio;
- tcgetattr(fd, &tio);
- tio.c_lflag &= ~ECHO;
- tcsetattr(fd, TCSAFLUSH, &tio);
- }
-#endif
-}
-
-static void echoOn(int fd)
-{
-#if defined(XP_UNIX) && !defined(VMS)
- if (isatty(fd)) {
- struct termios tio;
- tcgetattr(fd, &tio);
- tio.c_lflag |= ECHO;
- tcsetattr(fd, TCSAFLUSH, &tio);
- }
-#endif
-}
-
-char *SEC_GetPassword(FILE *input, FILE *output, char *prompt,
- PRBool (*ok)(char *))
-{
- char phrase[200];
- int infd = fileno(input);
-#if defined(_WINDOWS) || defined(OS2)
- int isTTY = (input == stdin);
-#else
- int isTTY = isatty(infd);
-#endif
- for (;;) {
- /* Prompt for password */
- if (isTTY) {
- fprintf(output, "%s", prompt);
- fflush (output);
- echoOff(infd);
- }
-
- QUIET_FGETS ( phrase, sizeof(phrase), input);
-
- if (isTTY) {
- fprintf(output, "\n");
- echoOn(infd);
- }
-
- /* stomp on newline */
- phrase[PORT_Strlen(phrase)-1] = 0;
-
- /* Validate password */
- if (!(*ok)(phrase)) {
- /* Not weird enough */
- if (!isTTY) return 0;
- fprintf(output, "Password must be at least 8 characters long with one or more\n");
- fprintf(output, "non-alphabetic characters\n");
- continue;
- }
- return (char*) PORT_Strdup(phrase);
- }
-}
-
-
-
-PRBool SEC_CheckPassword(char *cp)
-{
- int len;
- char *end;
-
- len = PORT_Strlen(cp);
- if (len < 8) {
- return PR_FALSE;
- }
- end = cp + len;
- while (cp < end) {
- unsigned char ch = *cp++;
- if (!((ch >= 'A') && (ch <= 'Z')) &&
- !((ch >= 'a') && (ch <= 'z'))) {
- /* pass phrase has at least one non alphabetic in it */
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-
-PRBool SEC_BlindCheckPassword(char *cp)
-{
- if (cp != NULL) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-/* Get a password from the input terminal, without echoing */
-
-#ifdef _WINDOWS
-static char * quiet_fgets (char *buf, int length, FILE *input)
- {
- int c;
- char *end = buf;
-
- /* fflush (input); */
- memset (buf, 0, length);
-
- if (input != stdin) {
- return fgets(buf,length,input);
- }
-
- while (1)
- {
- c = getch();
-
- if (c == '\b')
- {
- if (end > buf)
- end--;
- }
-
- else if (--length > 0)
- *end++ = c;
-
- if (!c || c == '\n' || c == '\r')
- break;
- }
-
- return buf;
- }
-#endif
diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c
deleted file mode 100644
index b706ab7b7..000000000
--- a/security/nss/cmd/lib/secutil.c
+++ /dev/null
@@ -1,2519 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "prerror.h"
-#include "prprf.h"
-#include "plgetopt.h"
-
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "secrng.h"
-#include <sys/stat.h>
-#include <stdarg.h>
-#include <errno.h>
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "certt.h"
-#include "certdb.h"
-
-/* #include "secmod.h" */
-#include "pk11func.h"
-#include "secoid.h"
-
-static char consoleName[] = {
-#ifdef XP_UNIX
-#ifdef VMS
- "TT"
-#else
- "/dev/tty"
-#endif
-#else
- "CON:"
-#endif
-};
-
-char *
-SECU_GetString(int16 error_number)
-{
-
- static char errString[80];
- sprintf(errString, "Unknown error string (%d)", error_number);
- return errString;
-}
-
-void
-SECU_PrintError(char *progName, char *msg, ...)
-{
- va_list args;
- PRErrorCode err = PORT_GetError();
- const char * errString = SECU_Strerror(err);
-
- va_start(args, msg);
-
- fprintf(stderr, "%s: ", progName);
- vfprintf(stderr, msg, args);
- if (errString != NULL && PORT_Strlen(errString) > 0)
- fprintf(stderr, ": %s\n", errString);
- else
- fprintf(stderr, "\n");
-
- va_end(args);
-}
-
-void
-SECU_PrintSystemError(char *progName, char *msg, ...)
-{
- va_list args;
-
- va_start(args, msg);
- fprintf(stderr, "%s: ", progName);
- vfprintf(stderr, msg, args);
- fprintf(stderr, ": %s\n", strerror(errno));
- va_end(args);
-}
-
-static void
-secu_ClearPassword(char *p)
-{
- if (p) {
- PORT_Memset(p, 0, PORT_Strlen(p));
- PORT_Free(p);
- }
-}
-
-char *
-SECU_GetPasswordString(void *arg, char *prompt)
-{
-#ifndef _WINDOWS
- char *p = NULL;
- FILE *input, *output;
-
- /* open terminal */
- input = fopen(consoleName, "r");
- if (input == NULL) {
- fprintf(stderr, "Error opening input terminal for read\n");
- return NULL;
- }
-
- output = fopen(consoleName, "w");
- if (output == NULL) {
- fprintf(stderr, "Error opening output terminal for write\n");
- return NULL;
- }
-
- p = SEC_GetPassword (input, output, prompt, SEC_BlindCheckPassword);
-
-
- fclose(input);
- fclose(output);
-
- return p;
-
-#else
- /* Win32 version of above. opening the console may fail
- on windows95, and certainly isn't necessary.. */
-
- char *p = NULL;
-
- p = SEC_GetPassword (stdin, stdout, prompt, SEC_BlindCheckPassword);
- return p;
-
-#endif
-}
-
-
-/*
- * p a s s w o r d _ h a r d c o d e
- *
- * A function to use the password passed in the -f(pwfile) argument
- * of the command line.
- * After use once, null it out otherwise PKCS11 calls us forever.?
- *
- */
-char *
-SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- unsigned char phrase[200];
- PRFileDesc *fd;
- PRInt32 nb;
- char *pwFile = arg;
- int i;
-
- if (!pwFile)
- return 0;
-
- if (retry) {
- return 0; /* no good retrying - the files contents will be the same */
- }
-
- fd = PR_Open(pwFile, PR_RDONLY, 0);
- if (!fd) {
- fprintf(stderr, "No password file \"%s\" exists.\n", pwFile);
- return NULL;
- }
-
- nb = PR_Read(fd, phrase, sizeof(phrase));
-
- PR_Close(fd);
- /* handle the Windows EOL case */
- i = 0;
- while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb) i++;
- phrase[i] = '\0';
- if (nb == 0) {
- fprintf(stderr,"password file contains no data\n");
- return NULL;
- }
- return (char*) PORT_Strdup((char*)phrase);
-}
-
-char *
-SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char prompt[255];
- secuPWData *pwdata = (secuPWData *)arg;
- secuPWData pwnull = { PW_NONE, 0 };
- char *pw;
-
- if (pwdata == NULL)
- pwdata = &pwnull;
-
- if (retry && pwdata->source != PW_NONE) {
- PR_fprintf(PR_STDERR, "incorrect password entered at command line.\n");
- return NULL;
- }
-
- switch (pwdata->source) {
- case PW_NONE:
- sprintf(prompt, "Enter Password or Pin for \"%s\":",
- PK11_GetTokenName(slot));
- return SECU_GetPasswordString(NULL, prompt);
- case PW_FROMFILE:
- /* Instead of opening and closing the file every time, get the pw
- * once, then keep it in memory (duh).
- */
- pw = SECU_FilePasswd(slot, retry, pwdata->data);
- pwdata->source = PW_PLAINTEXT;
- pwdata->data = PL_strdup(pw);
- /* it's already been dup'ed */
- return pw;
- case PW_PLAINTEXT:
- return PL_strdup(pwdata->data);
- default:
- break;
- }
-
- PR_fprintf(PR_STDERR, "Password check failed: No password found.\n");
- return NULL;
-}
-
-char *
-secu_InitSlotPassword(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char *p0 = NULL;
- char *p1 = NULL;
- FILE *input, *output;
- secuPWData *pwdata = arg;
-
- if (pwdata->source == PW_FROMFILE) {
- return SECU_FilePasswd(slot, retry, pwdata->data);
- } else if (pwdata->source == PW_PLAINTEXT) {
- return PL_strdup(pwdata->data);
- }
-
- /* PW_NONE - get it from tty */
- /* open terminal */
-#ifdef _WINDOWS
- input = stdin;
-#else
- input = fopen(consoleName, "r");
-#endif
- if (input == NULL) {
- PR_fprintf(PR_STDERR, "Error opening input terminal for read\n");
- return NULL;
- }
-
- /* we have no password, so initialize database with one */
- PR_fprintf(PR_STDERR, "In order to finish creating your database, you\n");
- PR_fprintf(PR_STDERR, "must enter a password which will be used to\n");
- PR_fprintf(PR_STDERR, "encrypt this key and any future keys.\n\n");
- PR_fprintf(PR_STDERR, "The password must be at least 8 characters long,\n");
- PR_fprintf(PR_STDERR, "and must contain at least one non-alphabetic ");
- PR_fprintf(PR_STDERR, "character.\n\n");
-
- output = fopen(consoleName, "w");
- if (output == NULL) {
- PR_fprintf(PR_STDERR, "Error opening output terminal for write\n");
- return NULL;
- }
-
-
- for (;;) {
- if (!p0) {
- p0 = SEC_GetPassword(input, output, "Enter new password: ",
- SEC_BlindCheckPassword);
- }
- if (pwdata->source == PW_NONE) {
- p1 = SEC_GetPassword(input, output, "Re-enter password: ",
- SEC_BlindCheckPassword);
- }
- if (pwdata->source != PW_NONE || (PORT_Strcmp(p0, p1) == 0)) {
- break;
- }
- PR_fprintf(PR_STDERR, "Passwords do not match. Try again.\n");
- }
-
- /* clear out the duplicate password string */
- secu_ClearPassword(p1);
-
- fclose(input);
- fclose(output);
-
- return p0;
-}
-
-SECStatus
-SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile)
-{
- SECStatus rv;
- secuPWData pwdata, newpwdata;
- char *oldpw = NULL, *newpw = NULL;
-
- if (passwd) {
- pwdata.source = PW_PLAINTEXT;
- pwdata.data = passwd;
- } else if (pwFile) {
- pwdata.source = PW_FROMFILE;
- pwdata.data = pwFile;
- } else {
- pwdata.source = PW_NONE;
- pwdata.data = NULL;
- }
-
- if (PK11_NeedUserInit(slot)) {
- newpw = secu_InitSlotPassword(slot, PR_FALSE, &pwdata);
- rv = PK11_InitPin(slot, (char*)NULL, newpw);
- goto done;
- }
-
- for (;;) {
- oldpw = SECU_GetModulePassword(slot, PR_FALSE, &pwdata);
-
- if (PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
- if (pwdata.source == PW_NONE) {
- PR_fprintf(PR_STDERR, "Invalid password. Try again.\n");
- } else {
- PR_fprintf(PR_STDERR, "Invalid password.\n");
- PORT_Memset(oldpw, 0, PL_strlen(oldpw));
- PORT_Free(oldpw);
- return SECFailure;
- }
- } else
- break;
-
- PORT_Free(oldpw);
- }
-
- newpwdata.source = PW_NONE;
- newpwdata.data = NULL;
-
- newpw = secu_InitSlotPassword(slot, PR_FALSE, &newpwdata);
-
- if (PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, "Failed to change password.\n");
- return SECFailure;
- }
-
- PORT_Memset(oldpw, 0, PL_strlen(oldpw));
- PORT_Free(oldpw);
-
- PR_fprintf(PR_STDOUT, "Password changed successfully.\n");
-
-done:
- PORT_Memset(newpw, 0, PL_strlen(newpw));
- PORT_Free(newpw);
- return SECSuccess;
-}
-
-struct matchobj {
- SECItem index;
- char *nname;
- PRBool found;
-};
-
-char *
-SECU_DefaultSSLDir(void)
-{
- char *dir;
- static char sslDir[1000];
-
- dir = getenv("SSL_DIR");
- if (!dir)
- return NULL;
-
- sprintf(sslDir, "%s", dir);
-
- if (sslDir[strlen(sslDir)-1] == '/')
- sslDir[strlen(sslDir)-1] = 0;
-
- return sslDir;
-}
-
-char *
-SECU_AppendFilenameToDir(char *dir, char *filename)
-{
- static char path[1000];
-
- if (dir[strlen(dir)-1] == '/')
- sprintf(path, "%s%s", dir, filename);
- else
- sprintf(path, "%s/%s", dir, filename);
- return path;
-}
-
-char *
-SECU_ConfigDirectory(const char* base)
-{
- static PRBool initted = PR_FALSE;
- const char *dir = ".netscape";
- char *home;
- static char buf[1000];
-
- if (initted) return buf;
-
-
- if (base == NULL || *base == 0) {
- home = getenv("HOME");
- if (!home) home = "";
-
- if (*home && home[strlen(home) - 1] == '/')
- sprintf (buf, "%.900s%s", home, dir);
- else
- sprintf (buf, "%.900s/%s", home, dir);
- } else {
- sprintf(buf, "%.900s", base);
- if (buf[strlen(buf) - 1] == '/')
- buf[strlen(buf) - 1] = 0;
- }
-
-
- initted = PR_TRUE;
- return buf;
-}
-
-/*Turn off SSL for now */
-/* This gets called by SSL when server wants our cert & key */
-int
-SECU_GetClientAuthData(void *arg, PRFileDesc *fd,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
- SECKEYPrivateKey *key;
- CERTCertificate *cert;
- int errsave;
-
- if (arg == NULL) {
- fprintf(stderr, "no key/cert name specified for client auth\n");
- return -1;
- }
- cert = PK11_FindCertFromNickname(arg, NULL);
- errsave = PORT_GetError();
- if (!cert) {
- if (errsave == SEC_ERROR_BAD_PASSWORD)
- fprintf(stderr, "Bad password\n");
- else if (errsave > 0)
- fprintf(stderr, "Unable to read cert (error %d)\n", errsave);
- else if (errsave == SEC_ERROR_BAD_DATABASE)
- fprintf(stderr, "Unable to get cert from database (%d)\n", errsave);
- else
- fprintf(stderr, "SECKEY_FindKeyByName: internal error %d\n", errsave);
- return -1;
- }
-
- key = PK11_FindKeyByAnyCert(arg,NULL);
- if (!key) {
- fprintf(stderr, "Unable to get key (%d)\n", PORT_GetError());
- return -1;
- }
-
-
- *pRetCert = cert;
- *pRetKey = key;
-
- return 0;
-}
-
-SECStatus
-secu_StdinToItem(SECItem *dst)
-{
- unsigned char buf[1000];
- PRInt32 numBytes;
- PRBool notDone = PR_TRUE;
-
- dst->len = 0;
- dst->data = NULL;
-
- while (notDone) {
- numBytes = PR_Read(PR_STDIN, buf, sizeof(buf));
-
- if (numBytes < 0) {
- PORT_SetError(PR_IO_ERROR);
- return SECFailure;
- }
-
- if (numBytes == 0)
- break;
-
- if (buf[numBytes-1] == '\n') {
- buf[numBytes-1] = '\0';
- notDone = PR_FALSE;
- }
-
- if (dst->data) {
- dst->data = (unsigned char*)PORT_Realloc(dst->data,
- dst->len+numBytes);
- PORT_Memcpy(dst->data+dst->len, buf, numBytes);
- } else {
- dst->data = (unsigned char*)PORT_Alloc(numBytes);
- PORT_Memcpy(dst->data, buf, numBytes);
- }
- dst->len += numBytes;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-SECU_FileToItem(SECItem *dst, PRFileDesc *src)
-{
- PRFileInfo info;
- PRInt32 numBytes;
- PRStatus prStatus;
-
- if (src == PR_STDIN)
- return secu_StdinToItem(dst);
-
- prStatus = PR_GetOpenFileInfo(src, &info);
-
- if (prStatus != PR_SUCCESS) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
- /* XXX workaround for 3.1, not all utils zero dst before sending */
- dst->data = 0;
- if (!SECITEM_AllocItem(NULL, dst, info.size))
- goto loser;
-
- numBytes = PR_Read(src, dst->data, info.size);
- if (numBytes != info.size) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
-
- return SECSuccess;
-loser:
- SECITEM_FreeItem(dst, PR_FALSE);
- return SECFailure;
-}
-
-SECStatus
-SECU_TextFileToItem(SECItem *dst, PRFileDesc *src)
-{
- PRFileInfo info;
- PRInt32 numBytes;
- PRStatus prStatus;
- unsigned char *buf;
-
- if (src == PR_STDIN)
- return secu_StdinToItem(dst);
-
- prStatus = PR_GetOpenFileInfo(src, &info);
-
- if (prStatus != PR_SUCCESS) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
- buf = (unsigned char*)PORT_Alloc(info.size);
- if (!buf)
- return SECFailure;
-
- numBytes = PR_Read(src, buf, info.size);
- if (numBytes != info.size) {
- PORT_SetError(SEC_ERROR_IO);
- goto loser;
- }
-
- if (buf[numBytes-1] == '\n') numBytes--;
-#ifdef _WINDOWS
- if (buf[numBytes-1] == '\r') numBytes--;
-#endif
-
- /* XXX workaround for 3.1, not all utils zero dst before sending */
- dst->data = 0;
- if (!SECITEM_AllocItem(NULL, dst, numBytes))
- goto loser;
-
- memcpy(dst->data, buf, numBytes);
-
- PORT_Free(buf);
- return SECSuccess;
-loser:
- PORT_Free(buf);
- return SECFailure;
-}
-
-SECStatus
-SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii)
-{
- SECStatus rv;
- char *asc, *body, *trailer;
- if (ascii) {
- /* First convert ascii to binary */
- SECItem filedata;
-
- /* Read in ascii data */
- rv = SECU_FileToItem(&filedata, inFile);
- asc = (char *)filedata.data;
- if (!asc) {
- fprintf(stderr, "unable to read data from input file\n");
- return SECFailure;
- }
-
- /* check for headers and trailers and remove them */
- if ((body = strstr(asc, "-----BEGIN")) != NULL) {
- body = PORT_Strchr(body, '\n') + 1;
- trailer = strstr(body, "-----END");
- if (trailer != NULL) {
- *trailer = '\0';
- } else {
- fprintf(stderr, "input has header but no trailer\n");
- return SECFailure;
- }
- } else {
- body = asc;
- }
-
- /* Convert to binary */
- rv = ATOB_ConvertAsciiToItem(der, body);
- if (rv) {
- fprintf(stderr, "error converting ascii to binary (%s)\n",
- SECU_Strerror(PORT_GetError()));
- return SECFailure;
- }
- PORT_Free(asc);
- } else {
- /* Read in binary der */
- rv = SECU_FileToItem(der, inFile);
- if (rv) {
- fprintf(stderr, "error converting der (%s)\n",
- SECU_Strerror(PORT_GetError()));
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-#define INDENT_MULT 4
-void
-SECU_Indent(FILE *out, int level)
-{
- int i;
- for (i = 0; i < level; i++) {
- fprintf(out, " ");
- }
-}
-
-static void secu_Newline(FILE *out)
-{
- fprintf(out, "\n");
-}
-
-void
-SECU_PrintAsHex(FILE *out, SECItem *data, char *m, int level)
-{
- unsigned i;
- int column;
-
- if ( m ) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- level++;
- }
-
- SECU_Indent(out, level); column = level*INDENT_MULT;
- for (i = 0; i < data->len; i++) {
- if (i != data->len - 1) {
- fprintf(out, "%02x:", data->data[i]);
- column += 4;
- } else {
- fprintf(out, "%02x", data->data[i]);
- column += 3;
- break;
- }
- if (column > 76) {
- secu_Newline(out);
- SECU_Indent(out, level); column = level*INDENT_MULT;
- }
- }
- level--;
- if (column != level*INDENT_MULT) {
- secu_Newline(out);
- }
-}
-
-static const char *hex = "0123456789abcdef";
-
-static const char printable[257] = {
- "................" /* 0x */
- "................" /* 1x */
- " !\"#$%&'()*+,-./" /* 2x */
- "0123456789:;<=>?" /* 3x */
- "@ABCDEFGHIJKLMNO" /* 4x */
- "PQRSTUVWXYZ[\\]^_" /* 5x */
- "`abcdefghijklmno" /* 6x */
- "pqrstuvwxyz{|}~." /* 7x */
- "................" /* 8x */
- "................" /* 9x */
- "................" /* ax */
- "................" /* bx */
- "................" /* cx */
- "................" /* dx */
- "................" /* ex */
- "................" /* fx */
-};
-
-void
-SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len)
-{
- const unsigned char *cp = (const unsigned char *)vp;
- char buf[80];
- char *bp;
- char *ap;
-
- fprintf(out, "%s [Len: %d]\n", msg, len);
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- while (--len >= 0) {
- unsigned char ch = *cp++;
- *bp++ = hex[(ch >> 4) & 0xf];
- *bp++ = hex[ch & 0xf];
- *bp++ = ' ';
- *ap++ = printable[ch];
- if (ap - buf >= 66) {
- *ap = 0;
- fprintf(out, " %s\n", buf);
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- }
- }
- if (bp > buf) {
- *ap = 0;
- fprintf(out, " %s\n", buf);
- }
-}
-
-void
-SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level)
-{
- int iv;
-
- if (i->len > 4) {
- SECU_PrintAsHex(out, i, m, level);
- } else {
- iv = DER_GetInteger(i);
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: %d (0x%x)\n", m, iv, iv);
- } else {
- fprintf(out, "%d (0x%x)\n", iv, iv);
- }
- }
-}
-
-void
-SECU_PrintString(FILE *out, SECItem *i, char *m, int level)
-{
- char *string;
- unsigned char *data = i->data;
- int len = i->len;
- int lenlen;
- int tag;
-
- string = PORT_ZAlloc(i->len+1);
-
- tag = *data++; len--;
- if (data[1] & 0x80) {
- lenlen = data[1] & 0x1f;
- } else {
- lenlen = 1;
- }
- data += lenlen; len -= lenlen;
- if (len <= 0) return;
- PORT_Memcpy(string,data,len);
-
- /* should check the validity of tag, and convert the string as necessary */
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: \"%s\"\n", m, string);
- } else {
- fprintf(out, "\"%s\"\n", string);
- }
-}
-
-static void
-secu_PrintBoolean(FILE *out, SECItem *i, char *m, int level)
-{
- int val = 0;
-
- if ( i->data ) {
- val = i->data[0];
- }
-
- if (m) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", m); level++;
- }
- if ( val ) {
- SECU_Indent(out, level); fprintf(out, "%s\n", "True");
- } else {
- SECU_Indent(out, level); fprintf(out, "%s\n", "False");
- }
-}
-
-/*
- * Format and print "time". If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-static void
-secu_PrintTime(FILE *out, int64 time, char *m, int level)
-{
- PRExplodedTime printableTime;
- char *timeString;
-
- /* Convert to local time */
- PR_ExplodeTime(time, PR_GMTParameters, &printableTime);
-
- timeString = PORT_Alloc(100);
- if (timeString == NULL)
- return;
-
- if (m != NULL) {
- SECU_Indent(out, level);
- fprintf(out, "%s: ", m);
- }
-
- PR_FormatTime(timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime);
- fprintf(out, timeString);
-
- if (m != NULL)
- fprintf(out, "\n");
-
- PORT_Free(timeString);
-}
-
-/*
- * Format and print the UTC Time "t". If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-void
-SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level)
-{
- int64 time;
- SECStatus rv;
-
- rv = DER_UTCTimeToTime(&time, t);
- if (rv != SECSuccess)
- return;
-
- secu_PrintTime(out, time, m, level);
-}
-
-/*
- * Format and print the Generalized Time "t". If the tag message "m"
- * is not NULL, * do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-void
-SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m, int level)
-{
- int64 time;
- SECStatus rv;
-
-
- rv = DER_GeneralizedTimeToTime(&time, t);
- if (rv != SECSuccess)
- return;
-
- secu_PrintTime(out, time, m, level);
-}
-
-static void secu_PrintAny(FILE *out, SECItem *i, char *m, int level);
-
-void
-SECU_PrintSet(FILE *out, SECItem *t, char *m, int level)
-{
- int type= t->data[0] & 0x1f;
- int start;
- unsigned char *bp;
-
- SECU_Indent(out, level);
- if (m) {
- fprintf(out, "%s: ", m);
- }
- fprintf(out,"%s {\n",
- type == SEC_ASN1_SET ? "Set" : "Sequence");
-
- start = 2;
- if (t->data[1] & 0x80) {
- start = (t->data[1] & 0x7f) +1;
- }
- for (bp=&t->data[start]; bp < &t->data[t->len]; ) {
- SECItem tmp;
- unsigned int i,len,lenlen;
-
- if (bp[1] & 0x80) {
- lenlen = bp[1] & 0x1f;
- len = 0;
- for (i=0; i < lenlen; i++) {
- len = len * 255 + bp[2+i];
- }
- } else {
- lenlen = 1;
- len = bp[1];
- }
- tmp.len = len+lenlen+1;
- tmp.data = bp;
- bp += tmp.len;
- secu_PrintAny(out,&tmp,NULL,level+1);
- }
- SECU_Indent(out, level); fprintf(out, "}\n");
-
-}
-
-static void
-secu_PrintAny(FILE *out, SECItem *i, char *m, int level)
-{
- if ( i->len ) {
- switch (i->data[0] & 0x1f) {
- case SEC_ASN1_INTEGER:
- SECU_PrintInteger(out, i, m, level);
- break;
- case SEC_ASN1_OBJECT_ID:
- SECU_PrintObjectID(out, i, m, level);
- break;
- case SEC_ASN1_BOOLEAN:
- secu_PrintBoolean(out, i, m, level);
- break;
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- case SEC_ASN1_BMP_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_T61_STRING:
- case SEC_ASN1_UNIVERSAL_STRING:
- SECU_PrintString(out, i, m, level);
- break;
- case SEC_ASN1_GENERALIZED_TIME:
- SECU_PrintGeneralizedTime(out, i, m, level);
- break;
- case SEC_ASN1_UTC_TIME:
- SECU_PrintUTCTime(out, i, m, level);
- break;
- case SEC_ASN1_NULL:
- SECU_Indent(out, level); fprintf(out, "%s: NULL\n", m);
- break;
- case SEC_ASN1_SET:
- case SEC_ASN1_SEQUENCE:
- SECU_PrintSet(out, i, m, level);
- break;
-
- default:
- SECU_PrintAsHex(out, i, m, level);
- break;
- }
- }
-}
-
-static int
-secu_PrintValidity(FILE *out, CERTValidity *v, char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintUTCTime(out, &v->notBefore, "Not Before", level+1);
- SECU_PrintUTCTime(out, &v->notAfter, "Not After", level+1);
- return 0;
-}
-
-void
-SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level)
-{
- char *name;
- SECOidData *oiddata;
-
- oiddata = SECOID_FindOID(oid);
- if (oiddata == NULL) {
- SECU_PrintAsHex(out, oid, m, level);
- return;
- }
- name = oiddata->desc;
-
- SECU_Indent(out, level);
- if (m != NULL)
- fprintf(out, "%s: ", m);
- fprintf(out, "%s\n", name);
-}
-
-void
-SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m, int level)
-{
- SECU_PrintObjectID(out, &a->algorithm, m, level);
-
- if (a->parameters.len == 0
- || (a->parameters.len == 2
- && PORT_Memcmp(a->parameters.data, "\005\000", 2) == 0)) {
- /* No arguments or NULL argument */
- } else {
- /* Print args to algorithm */
- SECU_PrintAsHex(out, &a->parameters, "Args", level+1);
- }
-}
-
-static void
-secu_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m, int level)
-{
- SECItem *value;
- int i;
- char om[100];
-
- if (m) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- }
-
- /*
- * Should make this smarter; look at the type field and then decode
- * and print the value(s) appropriately!
- */
- SECU_PrintObjectID(out, &(attr->type), "Type", level+1);
- if (attr->values != NULL) {
- i = 0;
- while ((value = attr->values[i++]) != NULL) {
- sprintf(om, "Value (%d)%s", i, attr->encoded ? " (encoded)" : "");
- if (attr->encoded || attr->typeTag == NULL) {
- SECU_PrintAsHex(out, value, om, level+1);
- } else {
- switch (attr->typeTag->offset) {
- default:
- SECU_PrintAsHex(out, value, om, level+1);
- break;
- case SEC_OID_PKCS9_CONTENT_TYPE:
- SECU_PrintObjectID(out, value, om, level+1);
- break;
- case SEC_OID_PKCS9_SIGNING_TIME:
- SECU_PrintUTCTime(out, value, om, level+1);
- break;
- }
- }
- }
- }
-}
-
-static void
-secu_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
-{
-#if 0 /*
- * um, yeah, that might be nice, but if you look at the callers
- * you will see that they do not *set* this, so this will not work!
- * Instead, somebody needs to fix the callers to be smarter about
- * public key stuff, if that is important.
- */
- PORT_Assert(pk->keyType == rsaKey);
-#endif
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &pk->u.rsa.modulus, "Modulus", level+1);
- SECU_PrintInteger(out, &pk->u.rsa.publicExponent, "Exponent", level+1);
-}
-
-static void
-secu_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &pk->u.dsa.params.prime, "Prime", level+1);
- SECU_PrintInteger(out, &pk->u.dsa.params.subPrime, "Subprime", level+1);
- SECU_PrintInteger(out, &pk->u.dsa.params.base, "Base", level+1);
- SECU_PrintInteger(out, &pk->u.dsa.publicValue, "PublicValue", level+1);
-}
-
-static int
-secu_PrintSubjectPublicKeyInfo(FILE *out, PRArenaPool *arena,
- CERTSubjectPublicKeyInfo *i, char *msg, int level)
-{
- SECKEYPublicKey *pk;
- int rv;
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", msg);
- SECU_PrintAlgorithmID(out, &i->algorithm, "Public Key Algorithm", level+1);
-
- pk = (SECKEYPublicKey*) PORT_ZAlloc(sizeof(SECKEYPublicKey));
- if (!pk)
- return PORT_GetError();
-
- DER_ConvertBitString(&i->subjectPublicKey);
- switch(SECOID_FindOIDTag(&i->algorithm.algorithm)) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- rv = SEC_ASN1DecodeItem(arena, pk,
- SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate),
- &i->subjectPublicKey);
- if (rv)
- return rv;
- secu_PrintRSAPublicKey(out, pk, "RSA Public Key", level +1);
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- rv = SEC_ASN1DecodeItem(arena, pk,
- SEC_ASN1_GET(SECKEY_DSAPublicKeyTemplate),
- &i->subjectPublicKey);
- if (rv)
- return rv;
- secu_PrintDSAPublicKey(out, pk, "DSA Public Key", level +1);
- break;
- default:
- fprintf(out, "bad SPKI algorithm type\n");
- return 0;
- }
-
- return 0;
-}
-
-static SECStatus
-secu_PrintX509InvalidDate(FILE *out, SECItem *value, char *msg, int level)
-{
- SECItem decodedValue;
- SECStatus rv;
- int64 invalidTime;
- char *formattedTime = NULL;
-
- decodedValue.data = NULL;
- rv = SEC_ASN1DecodeItem (NULL, &decodedValue,
- SEC_ASN1_GET(SEC_GeneralizedTimeTemplate),
- value);
- if (rv == SECSuccess) {
- rv = DER_GeneralizedTimeToTime(&invalidTime, &decodedValue);
- if (rv == SECSuccess) {
- formattedTime = CERT_GenTime2FormattedAscii
- (invalidTime, "%a %b %d %H:%M:%S %Y");
- SECU_Indent(out, level +1);
- fprintf (out, "%s: %s\n", msg, formattedTime);
- PORT_Free (formattedTime);
- }
- }
- PORT_Free (decodedValue.data);
- return (rv);
-}
-
-static SECStatus
-PrintExtKeyUsageExten (FILE *out, SECItem *value, char *msg, int level)
-{
- CERTOidSequence *os;
- SECItem **op;
-
- SECU_Indent(out, level); fprintf(out, "Extended Key Usage Extension:\n");
-
- os = CERT_DecodeOidSequence(value);
- if( (CERTOidSequence *)NULL == os ) {
- return SECFailure;
- }
-
- for( op = os->oids; *op; op++ ) {
- SECOidData *od = SECOID_FindOID(*op);
-
- if( (SECOidData *)NULL == od ) {
- SECU_Indent(out, level+1);
- SECU_PrintAsHex(out, *op, "Unknown:", level+2);
- secu_Newline(out);
- continue;
- }
-
- SECU_Indent(out, level+1);
- if( od->desc ) fprintf(out, "%s", od->desc);
- else SECU_PrintAsHex(out, &od->oid, "", level+2);
-
- secu_Newline(out);
- }
-
- return SECSuccess;
-}
-
-char *
-itemToString(SECItem *item)
-{
- char *string;
-
- string = PORT_ZAlloc(item->len+1);
- if (string == NULL) return NULL;
- PORT_Memcpy(string,item->data,item->len);
- string[item->len] = 0;
- return string;
-}
-
-static SECStatus
-secu_PrintPolicyQualifier(FILE *out,CERTPolicyQualifier *policyQualifier,char *msg,int level)
-{
- CERTUserNotice *userNotice;
- SECItem **itemList = NULL;
- char *string;
-
- SECU_PrintObjectID(out, &policyQualifier->qualifierID ,
- "Policy Qualifier Name", level);
-
- switch (policyQualifier->oid) {
- case SEC_OID_PKIX_USER_NOTICE_QUALIFIER:
- userNotice = CERT_DecodeUserNotice(&policyQualifier->qualifierValue);
- if (userNotice) {
- if (userNotice->noticeReference.organization.len != 0) {
- string=itemToString(&userNotice->noticeReference.organization);
- itemList = userNotice->noticeReference.noticeNumbers;
- while (*itemList) {
- SECU_PrintInteger(out,*itemList,string,level+1);
- itemList++;
- }
- PORT_Free(string);
- }
- if (userNotice->displayText.len != 0) {
- SECU_PrintString(out,&userNotice->displayText,
- "Display Text", level+1);
- }
- break;
- }
- /* fall through on error */
- case SEC_OID_PKIX_CPS_POINTER_QUALIFIER:
- default:
- secu_PrintAny(out, &policyQualifier->qualifierValue, "Policy Qualifier Data", level+1);
- break;
- }
-
- return SECSuccess;
-
-}
-
-static SECStatus
-secu_PrintPolicyInfo(FILE *out,CERTPolicyInfo *policyInfo,char *msg,int level)
-{
- CERTPolicyQualifier **policyQualifiers;
-
- policyQualifiers = policyInfo->policyQualifiers;
- SECU_PrintObjectID(out, &policyInfo->policyID , "Policy Name", level);
-
- while (*policyQualifiers != NULL) {
- secu_PrintPolicyQualifier(out,*policyQualifiers,"",level+1);
- policyQualifiers++;
- }
- return SECSuccess;
-
-}
-
-static SECStatus
-secu_PrintPolicy(FILE *out, SECItem *value, char *msg, int level)
-{
- CERTCertificatePolicies *policies = NULL;
- CERTPolicyInfo **policyInfos;
-
- if (msg) {
- SECU_Indent(out, level);
- fprintf(out,"%s: \n",msg);
- level++;
- }
- policies = CERT_DecodeCertificatePoliciesExtension(value);
- if (policies == NULL) {
- SECU_PrintAsHex(out, value, "Invalid Policy Data", level);
- return SECFailure;
- }
-
- policyInfos = policies->policyInfos;
- while (*policyInfos != NULL) {
- secu_PrintPolicyInfo(out,*policyInfos,"",level);
- policyInfos++;
- }
-
- CERT_DestroyCertificatePoliciesExtension(policies);
- return SECSuccess;
-}
-
-char *nsTypeBits[] = {
-"SSL Client","SSL Server","S/MIME","Object Signing","Reserved","SSL CA","S/MIME CA","ObjectSigning CA" };
-
-static SECStatus
-secu_PrintBasicConstraints(FILE *out, SECItem *value, char *msg, int level) {
- CERTBasicConstraints constraints;
- SECStatus rv;
-
- SECU_Indent(out, level);
- if (msg) {
- fprintf(out,"%s: ",msg);
- }
- rv = CERT_DecodeBasicConstraintValue(&constraints,value);
- if (rv == SECSuccess && constraints.isCA) {
- fprintf(out,"Is a CA with a maximum path length of %d.\n",
- constraints.pathLenConstraint);
- } else {
- fprintf(out,"Is not a CA.\n");
- }
- return SECSuccess;
-}
-
-static SECStatus
-secu_PrintNSCertType(FILE *out, SECItem *value, char *msg, int level) {
- char NS_Type=0;
- int len, i, found=0;
-
- if (value->data[1] & 0x80) {
- len = 3;
- } else {
- len = value->data[1];
- }
- if ((value->data[0] != SEC_ASN1_BIT_STRING) || (len < 2)) {
- secu_PrintAny(out, value, "Data", level);
- return SECSuccess;
- }
- NS_Type=value->data[3];
-
-
- if (msg) {
- SECU_Indent(out, level);
- fprintf(out,"%s: ",msg);
- } else {
- SECU_Indent(out, level);
- fprintf(out,"Netscape Certificate Type: ");
- }
- for (i=0; i < 8; i++) {
- if ( (0x80 >> i) & NS_Type) {
- fprintf(out,"%c%s",found?',':'<',nsTypeBits[i]);
- found = 1;
- }
- }
- if (found) { fprintf(out,">\n"); } else { fprintf(out,"none\n"); }
- return SECSuccess;
-}
-
-void
-SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions,
- char *msg, int level)
-{
- SECOidTag oidTag;
-
- if ( extensions ) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", msg);
-
- while ( *extensions ) {
- SECItem *tmpitem;
- SECU_Indent(out, level+1); fprintf(out, "Name:\n");
-
- tmpitem = &(*extensions)->id;
- SECU_PrintObjectID(out, tmpitem, NULL, level+2);
-
- tmpitem = &(*extensions)->critical;
- if ( tmpitem->len ) {
- secu_PrintBoolean(out, tmpitem, "Critical", level+1);
- }
-
- oidTag = SECOID_FindOIDTag (&((*extensions)->id));
- tmpitem = &((*extensions)->value);
-
- switch (oidTag) {
- case SEC_OID_X509_INVALID_DATE:
- case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME:
- secu_PrintX509InvalidDate(out, tmpitem, "Date", level + 1);
- break;
- case SEC_OID_X509_CERTIFICATE_POLICIES:
- secu_PrintPolicy(out, tmpitem, "Data", level +1);
- break;
- case SEC_OID_NS_CERT_EXT_BASE_URL:
- case SEC_OID_NS_CERT_EXT_REVOCATION_URL:
- case SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL:
- case SEC_OID_NS_CERT_EXT_CA_CRL_URL:
- case SEC_OID_NS_CERT_EXT_CA_CERT_URL:
- case SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL:
- case SEC_OID_NS_CERT_EXT_CA_POLICY_URL:
- case SEC_OID_NS_CERT_EXT_HOMEPAGE_URL:
- case SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL:
- case SEC_OID_OCSP_RESPONDER:
- SECU_PrintString(out,tmpitem, "URL", level+1);
- break;
- case SEC_OID_NS_CERT_EXT_COMMENT:
- SECU_PrintString(out,tmpitem, "Comment", level+1);
- break;
- case SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME:
- SECU_PrintString(out,tmpitem, "ServerName", level+1);
- break;
- case SEC_OID_NS_CERT_EXT_CERT_TYPE:
- secu_PrintNSCertType(out,tmpitem,"Data",level+1);
- break;
- case SEC_OID_X509_BASIC_CONSTRAINTS:
- secu_PrintBasicConstraints(out,tmpitem,"Data",level+1);
- break;
- case SEC_OID_X509_SUBJECT_ALT_NAME:
- case SEC_OID_X509_ISSUER_ALT_NAME:
- /*
- * We should add at least some of the more interesting cases
- * here, but need to have subroutines to back them up.
- */
- case SEC_OID_NS_CERT_EXT_NETSCAPE_OK:
- case SEC_OID_NS_CERT_EXT_ISSUER_LOGO:
- case SEC_OID_NS_CERT_EXT_SUBJECT_LOGO:
- case SEC_OID_NS_CERT_EXT_ENTITY_LOGO:
- case SEC_OID_NS_CERT_EXT_USER_PICTURE:
- case SEC_OID_NS_KEY_USAGE_GOVT_APPROVED:
-
- /* x.509 v3 Extensions */
- case SEC_OID_X509_SUBJECT_DIRECTORY_ATTR:
- case SEC_OID_X509_SUBJECT_KEY_ID:
- case SEC_OID_X509_KEY_USAGE:
- case SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD:
- case SEC_OID_X509_NAME_CONSTRAINTS:
- case SEC_OID_X509_CRL_DIST_POINTS:
- case SEC_OID_X509_POLICY_MAPPINGS:
- case SEC_OID_X509_POLICY_CONSTRAINTS:
- case SEC_OID_X509_AUTH_KEY_ID:
- goto defualt;
- case SEC_OID_X509_EXT_KEY_USAGE:
- PrintExtKeyUsageExten(out, tmpitem, "", level+1);
- break;
- case SEC_OID_X509_AUTH_INFO_ACCESS:
-
- case SEC_OID_X509_CRL_NUMBER:
- case SEC_OID_X509_REASON_CODE:
-
- /* PKIX OIDs */
- case SEC_OID_PKIX_OCSP:
- case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
- case SEC_OID_PKIX_OCSP_NONCE:
- case SEC_OID_PKIX_OCSP_CRL:
- case SEC_OID_PKIX_OCSP_RESPONSE:
- case SEC_OID_PKIX_OCSP_NO_CHECK:
- case SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF:
- case SEC_OID_PKIX_OCSP_SERVICE_LOCATOR:
- case SEC_OID_PKIX_REGCTRL_REGTOKEN:
- case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
- case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
- case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
- case SEC_OID_PKIX_REGINFO_UTF8_PAIRS:
- case SEC_OID_PKIX_REGINFO_CERT_REQUEST:
- case SEC_OID_EXT_KEY_USAGE_SERVER_AUTH:
- case SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH:
- case SEC_OID_EXT_KEY_USAGE_CODE_SIGN:
- case SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT:
- case SEC_OID_EXT_KEY_USAGE_TIME_STAMP:
-
- default:
- defualt:
- /*SECU_PrintAsHex(out, tmpitem, "Data", level+1); */
- secu_PrintAny(out, tmpitem, "Data", level+1);
- break;
- }
-
- secu_Newline(out);
- extensions++;
- }
- }
-}
-
-
-void
-SECU_PrintName(FILE *out, CERTName *name, char *msg, int level)
-{
- char *str;
-
- SECU_Indent(out, level); fprintf(out, "%s: ", msg);
-
- str = CERT_NameToAscii(name);
- if (!str)
- str = "!Invalid AVA!";
- fprintf(out, str);
-
- secu_Newline(out);
-}
-
-void
-printflags(char *trusts, unsigned int flags)
-{
- if (flags & CERTDB_VALID_CA)
- if (!(flags & CERTDB_TRUSTED_CA) &&
- !(flags & CERTDB_TRUSTED_CLIENT_CA))
- PORT_Strcat(trusts, "c");
- if (flags & CERTDB_VALID_PEER)
- if (!(flags & CERTDB_TRUSTED))
- PORT_Strcat(trusts, "p");
- if (flags & CERTDB_TRUSTED_CA)
- PORT_Strcat(trusts, "C");
- if (flags & CERTDB_TRUSTED_CLIENT_CA)
- PORT_Strcat(trusts, "T");
- if (flags & CERTDB_TRUSTED)
- PORT_Strcat(trusts, "P");
- if (flags & CERTDB_USER)
- PORT_Strcat(trusts, "u");
- if (flags & CERTDB_SEND_WARN)
- PORT_Strcat(trusts, "w");
- if (flags & CERTDB_INVISIBLE_CA)
- PORT_Strcat(trusts, "I");
- if (flags & CERTDB_GOVT_APPROVED_CA)
- PORT_Strcat(trusts, "G");
- return;
-}
-
-/* callback for listing certs through pkcs11 */
-SECStatus
-SECU_PrintCertNickname(CERTCertificate *cert, void *data)
-{
- CERTCertTrust *trust;
- FILE *out;
- char trusts[30];
- char *name;
-
- PORT_Memset (trusts, 0, sizeof (trusts));
- out = (FILE *)data;
-
- name = cert->nickname;
- if ( name == NULL ) {
- name = cert->emailAddr;
- }
-
- trust = cert->trust;
- if (trust) {
- printflags(trusts, trust->sslFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, trust->emailFlags);
- PORT_Strcat(trusts, ",");
- printflags(trusts, trust->objectSigningFlags);
- } else {
- PORT_Memcpy(trusts,",,",3);
- }
- fprintf(out, "%-60s %-5s\n", name, trusts);
-
- return (SECSuccess);
-}
-
-int
-SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = NULL;
- CERTCertificateRequest *cr;
- int rv;
-
- /* Decode certificate request */
- cr = (CERTCertificateRequest*) PORT_ZAlloc(sizeof(CERTCertificateRequest));
- if (!cr)
- return PORT_GetError();
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena)
- return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_ASN1DecodeItem(arena, cr,
- SEC_ASN1_GET(CERT_CertificateRequestTemplate), der);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
- /* Pretty print it out */
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &cr->version, "Version", level+1);
- SECU_PrintName(out, &cr->subject, "Subject", level+1);
- rv = secu_PrintSubjectPublicKeyInfo(out, arena, &cr->subjectPublicKeyInfo,
- "Subject Public Key Info", level+1);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
- secu_PrintAny(out, cr->attributes[0], "Attributes", level+1);
-
- PORT_FreeArena(arena, PR_FALSE);
- return 0;
-}
-
-int
-SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = NULL;
- CERTCertificate *c;
- int rv;
- int iv;
-
- /* Decode certificate */
- c = (CERTCertificate*) PORT_ZAlloc(sizeof(CERTCertificate));
- if (!c)
- return PORT_GetError();
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena)
- return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_ASN1DecodeItem(arena, c,
- SEC_ASN1_GET(CERT_CertificateTemplate), der);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
- /* Pretty print it out */
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- iv = DER_GetInteger(&c->version);
- SECU_Indent(out, level+1); fprintf(out, "%s: %d (0x%x)\n", "Version", iv + 1, iv);
-
- SECU_PrintInteger(out, &c->serialNumber, "Serial Number", level+1);
- SECU_PrintAlgorithmID(out, &c->signature, "Signature Algorithm", level+1);
- SECU_PrintName(out, &c->issuer, "Issuer", level+1);
- secu_PrintValidity(out, &c->validity, "Validity", level+1);
- SECU_PrintName(out, &c->subject, "Subject", level+1);
- rv = secu_PrintSubjectPublicKeyInfo(out, arena, &c->subjectPublicKeyInfo,
- "Subject Public Key Info", level+1);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
- SECU_PrintExtensions(out, c->extensions, "Signed Extensions", level+1);
-
- SECU_PrintFingerprints(out, &c->derCert, "Fingerprint", level);
-
- PORT_FreeArena(arena, PR_FALSE);
- return 0;
-}
-
-int
-SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = NULL;
- SECKEYPublicKey key;
- int rv;
-
- PORT_Memset(&key, 0, sizeof(key));
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena)
- return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_ASN1DecodeItem(arena, &key,
- SEC_ASN1_GET(SECKEY_RSAPublicKeyTemplate), der);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
- /* Pretty print it out */
- secu_PrintRSAPublicKey(out, &key, m, level);
-
- PORT_FreeArena(arena, PR_FALSE);
- return 0;
-}
-
-#ifdef HAVE_EPV_TEMPLATE
-int
-SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = NULL;
- SECKEYEncryptedPrivateKeyInfo key;
- int rv;
-
- PORT_Memset(&key, 0, sizeof(key));
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena)
- return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_ASN1DecodeItem(arena, &key,
- SEC_ASN1_GET(SECKEY_EncryptedPrivateKeyInfoTemplate), der);
- if (rv) {
- PORT_FreeArena(arena, PR_TRUE);
- return rv;
- }
-
- /* Pretty print it out */
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintAlgorithmID(out, &key.algorithm, "Encryption Algorithm",
- level+1);
- SECU_PrintAsHex(out, &key.encryptedData, "Encrypted Data", level+1);
-
- PORT_FreeArena(arena, PR_TRUE);
- return 0;
-}
-#endif
-
-int
-SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m, int level)
-{
- unsigned char fingerprint[20];
- char *fpStr = NULL;
- SECItem fpItem;
- /* print MD5 fingerprint */
- memset(fingerprint, 0, sizeof fingerprint);
- PK11_HashBuf(SEC_OID_MD5,fingerprint, derCert->data, derCert->len);
- fpItem.data = fingerprint;
- fpItem.len = MD5_LENGTH;
- fpStr = CERT_Hexify(&fpItem, 1);
- SECU_Indent(out, level); fprintf(out, "%s (MD5):\n", m);
- SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
- PORT_Free(fpStr);
- fpStr = NULL;
- /* print SHA1 fingerprint */
- memset(fingerprint, 0, sizeof fingerprint);
- PK11_HashBuf(SEC_OID_SHA1,fingerprint, derCert->data, derCert->len);
- fpItem.data = fingerprint;
- fpItem.len = SHA1_LENGTH;
- fpStr = CERT_Hexify(&fpItem, 1);
- SECU_Indent(out, level); fprintf(out, "%s (SHA1):\n", m);
- SECU_Indent(out, level+1); fprintf(out, "%s\n", fpStr);
- PORT_Free(fpStr);
- fprintf(out, "\n");
- return 0;
-}
-
-/*
-** PKCS7 Support
-*/
-
-/* forward declaration */
-static int
-secu_PrintPKCS7ContentInfo(FILE *, SEC_PKCS7ContentInfo *, char *, int);
-
-/*
-** secu_PrintPKCS7EncContent
-** Prints a SEC_PKCS7EncryptedContentInfo (without decrypting it)
-*/
-static void
-secu_PrintPKCS7EncContent(FILE *out, SEC_PKCS7EncryptedContentInfo *src,
- char *m, int level)
-{
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- SECU_Indent(out, level);
- fprintf(out, "%s:\n", m);
- SECU_Indent(out, level + 1);
- fprintf(out, "Content Type: %s\n",
- (src->contentTypeTag != NULL) ? src->contentTypeTag->desc
- : "Unknown");
- SECU_PrintAlgorithmID(out, &(src->contentEncAlg),
- "Content Encryption Algorithm", level+1);
- SECU_PrintAsHex(out, &(src->encContent),
- "Encrypted Content", level+1);
-}
-
-/*
-** secu_PrintRecipientInfo
-** Prints a PKCS7RecipientInfo type
-*/
-static void
-secu_PrintRecipientInfo(FILE *out, SEC_PKCS7RecipientInfo *info, char *m,
- int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(info->version), "Version", level + 1);
-
- SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer",
- level + 1);
- SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "Serial Number", level + 1);
-
- /* Parse and display encrypted key */
- SECU_PrintAlgorithmID(out, &(info->keyEncAlg),
- "Key Encryption Algorithm", level + 1);
- SECU_PrintAsHex(out, &(info->encKey), "Encrypted Key", level + 1);
-}
-
-/*
-** secu_PrintSignerInfo
-** Prints a PKCS7SingerInfo type
-*/
-static void
-secu_PrintSignerInfo(FILE *out, SEC_PKCS7SignerInfo *info, char *m, int level)
-{
- SEC_PKCS7Attribute *attr;
- int iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(info->version), "Version", level + 1);
-
- SECU_PrintName(out, &(info->issuerAndSN->issuer), "Issuer",
- level + 1);
- SECU_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "Serial Number", level + 1);
-
- SECU_PrintAlgorithmID(out, &(info->digestAlg), "Digest Algorithm",
- level + 1);
-
- if (info->authAttr != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Authenticated Attributes:\n");
- iv = 0;
- while ((attr = info->authAttr[iv++]) != NULL) {
- sprintf(om, "Attribute (%d)", iv);
- secu_PrintAttribute(out, attr, om, level + 2);
- }
- }
-
- /* Parse and display signature */
- SECU_PrintAlgorithmID(out, &(info->digestEncAlg),
- "Digest Encryption Algorithm", level + 1);
- SECU_PrintAsHex(out, &(info->encDigest), "Encrypted Digest", level + 1);
-
- if (info->unAuthAttr != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Unauthenticated Attributes:\n");
- iv = 0;
- while ((attr = info->unAuthAttr[iv++]) != NULL) {
- sprintf(om, "Attribute (%x)", iv);
- secu_PrintAttribute(out, attr, om, level + 2);
- }
- }
-}
-
-void
-SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level)
-{
- CERTCrlEntry *entry;
- int iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintAlgorithmID(out, &(crl->signatureAlg), "Signature Algorithm",
- level + 1);
- SECU_PrintName(out, &(crl->name), "Name", level + 1);
- SECU_PrintUTCTime(out, &(crl->lastUpdate), "Last Update", level + 1);
- SECU_PrintUTCTime(out, &(crl->nextUpdate), "Next Update", level + 1);
-
- if (crl->entries != NULL) {
- iv = 0;
- while ((entry = crl->entries[iv++]) != NULL) {
- sprintf(om, "Entry (%x):\n", iv);
- SECU_Indent(out, level + 1); fprintf(out, om);
- SECU_PrintInteger(out, &(entry->serialNumber), "Serial Number",
- level + 2);
- SECU_PrintUTCTime(out, &(entry->revocationDate), "Revocation Date",
- level + 2);
- SECU_PrintExtensions
- (out, entry->extensions, "Signed CRL Entries Extensions", level + 1);
- }
- }
- SECU_PrintExtensions
- (out, crl->extensions, "Signed CRL Extension", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Signed
-** Pretty print a PKCS7 signed data type (up to version 1).
-*/
-static int
-secu_PrintPKCS7Signed(FILE *out, SEC_PKCS7SignedData *src, char *m, int level)
-{
- SECAlgorithmID *digAlg; /* digest algorithms */
- SECItem *aCert; /* certificate */
- CERTSignedCrl *aCrl; /* certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* signer information */
- int rv, iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n");
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
- sprintf(om, "Digest Algorithm (%x)", iv);
- SECU_PrintAlgorithmID(out, digAlg, om, level + 2);
- }
- }
-
- /* Now for the content */
- rv = secu_PrintPKCS7ContentInfo(out, &(src->contentInfo),
- "Content Information", level + 1);
- if (rv != 0)
- return rv;
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n");
- iv = 0;
- while ((aCert = src->rawCerts[iv++]) != NULL) {
- sprintf(om, "Certificate (%x)", iv);
- rv = SECU_PrintSignedData(out, aCert, om, level + 2,
- SECU_PrintCertificate);
- if (rv)
- return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signed Revocation Lists:\n");
- iv = 0;
- while ((aCrl = src->crls[iv++]) != NULL) {
- sprintf(om, "Signed Revocation List (%x)", iv);
- SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om);
- SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "Signature Algorithm", level+3);
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
- level+3);
- SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List",
- level + 3);
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signer Information List:\n");
- iv = 0;
- while ((sigInfo = src->signerInfos[iv++]) != NULL) {
- sprintf(om, "Signer Information (%x)", iv);
- secu_PrintSignerInfo(out, sigInfo, om, level + 2);
- }
- }
-
- return 0;
-}
-
-/*
-** secu_PrintPKCS7Enveloped
-** Pretty print a PKCS7 enveloped data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Enveloped(FILE *out, SEC_PKCS7EnvelopedData *src,
- char *m, int level)
-{
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for signer information */
- int iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7SignedEnveloped
-** Pretty print a PKCS7 singed and enveloped data type (up to version 1).
-*/
-static int
-secu_PrintPKCS7SignedAndEnveloped(FILE *out,
- SEC_PKCS7SignedAndEnvelopedData *src,
- char *m, int level)
-{
- SECAlgorithmID *digAlg; /* pointer for digest algorithms */
- SECItem *aCert; /* pointer for certificate */
- CERTSignedCrl *aCrl; /* pointer for certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* pointer for signer information */
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for recipient information */
- int rv, iv;
- char om[100];
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n");
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
- sprintf(om, "Digest Algorithm (%x)", iv);
- SECU_PrintAlgorithmID(out, digAlg, om, level + 2);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- SECU_Indent(out, level + 1); fprintf(out, "Certificate List:\n");
- iv = 0;
- while ((aCert = src->rawCerts[iv++]) != NULL) {
- sprintf(om, "Certificate (%x)", iv);
- rv = SECU_PrintSignedData(out, aCert, om, level + 2,
- SECU_PrintCertificate);
- if (rv)
- return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signed Revocation Lists:\n");
- iv = 0;
- while ((aCrl = src->crls[iv++]) != NULL) {
- sprintf(om, "Signed Revocation List (%x)", iv);
- SECU_Indent(out, level + 2); fprintf(out, "%s:\n", om);
- SECU_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "Signature Algorithm", level+3);
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- SECU_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
- level+3);
- SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List",
- level + 3);
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- SECU_Indent(out, level + 1);
- fprintf(out, "Signer Information List:\n");
- iv = 0;
- while ((sigInfo = src->signerInfos[iv++]) != NULL) {
- sprintf(om, "Signer Information (%x)", iv);
- secu_PrintSignerInfo(out, sigInfo, om, level + 2);
- }
- }
-
- return 0;
-}
-
-int
-SECU_PrintCrl (FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = NULL;
- CERTCrl *c = NULL;
- int rv;
-
- do {
- /* Decode CRL */
- c = (CERTCrl*) PORT_ZAlloc(sizeof(CERTCrl));
- if (!c) {
- rv = PORT_GetError();
- break;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- rv = SEC_ERROR_NO_MEMORY;
- break;
- }
-
- rv = SEC_ASN1DecodeItem(arena, c, SEC_ASN1_GET(CERT_CrlTemplate), der);
- if (rv != SECSuccess)
- break;
- SECU_PrintCRLInfo (out, c, m, level);
- } while (0);
- PORT_FreeArena (arena, PR_FALSE);
- PORT_Free (c);
- return (rv);
-}
-
-
-/*
-** secu_PrintPKCS7Encrypted
-** Pretty print a PKCS7 encrypted data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Encrypted(FILE *out, SEC_PKCS7EncryptedData *src,
- char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Digested
-** Pretty print a PKCS7 digested data type (up to version 1).
-*/
-static void
-secu_PrintPKCS7Digested(FILE *out, SEC_PKCS7DigestedData *src,
- char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_PrintInteger(out, &(src->version), "Version", level + 1);
-
- SECU_PrintAlgorithmID(out, &src->digestAlg, "Digest Algorithm",
- level + 1);
- secu_PrintPKCS7ContentInfo(out, &src->contentInfo, "Content Information",
- level + 1);
- SECU_PrintAsHex(out, &src->digest, "Digest", level + 1);
-}
-
-/*
-** secu_PrintPKCS7ContentInfo
-** Takes a SEC_PKCS7ContentInfo type and sends the contents to the
-** appropriate function
-*/
-static int
-secu_PrintPKCS7ContentInfo(FILE *out, SEC_PKCS7ContentInfo *src,
- char *m, int level)
-{
- char *desc;
- SECOidTag kind;
- int rv;
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- level++;
-
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- if (src->contentTypeTag == NULL) {
- desc = "Unknown";
- kind = SEC_OID_PKCS7_DATA;
- } else {
- desc = src->contentTypeTag->desc;
- kind = src->contentTypeTag->offset;
- }
-
- if (src->content.data == NULL) {
- SECU_Indent(out, level); fprintf(out, "%s:\n", desc);
- level++;
- SECU_Indent(out, level); fprintf(out, "<no content>\n");
- return 0;
- }
-
- rv = 0;
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA: /* Signed Data */
- rv = secu_PrintPKCS7Signed(out, src->content.signedData, desc, level);
- break;
-
- case SEC_OID_PKCS7_ENVELOPED_DATA: /* Enveloped Data */
- secu_PrintPKCS7Enveloped(out, src->content.envelopedData, desc, level);
- break;
-
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: /* Signed and Enveloped */
- rv = secu_PrintPKCS7SignedAndEnveloped(out,
- src->content.signedAndEnvelopedData,
- desc, level);
- break;
-
- case SEC_OID_PKCS7_DIGESTED_DATA: /* Digested Data */
- secu_PrintPKCS7Digested(out, src->content.digestedData, desc, level);
- break;
-
- case SEC_OID_PKCS7_ENCRYPTED_DATA: /* Encrypted Data */
- secu_PrintPKCS7Encrypted(out, src->content.encryptedData, desc, level);
- break;
-
- default:
- SECU_PrintAsHex(out, src->content.data, desc, level);
- break;
- }
-
- return rv;
-}
-
-/*
-** SECU_PrintPKCS7ContentInfo
-** Decode and print any major PKCS7 data type (up to version 1).
-*/
-int
-SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m, int level)
-{
- SEC_PKCS7ContentInfo *cinfo;
- int rv;
-
- cinfo = SEC_PKCS7DecodeItem(der, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
- if (cinfo != NULL) {
- /* Send it to recursive parsing and printing module */
- rv = secu_PrintPKCS7ContentInfo(out, cinfo, m, level);
- SEC_PKCS7DestroyContentInfo(cinfo);
- } else {
- rv = -1;
- }
-
- return rv;
-}
-
-/*
-** End of PKCS7 functions
-*/
-
-void
-printFlags(FILE *out, unsigned int flags, int level)
-{
- if ( flags & CERTDB_VALID_PEER ) {
- SECU_Indent(out, level); fprintf(out, "Valid Peer\n");
- }
- if ( flags & CERTDB_TRUSTED ) {
- SECU_Indent(out, level); fprintf(out, "Trusted\n");
- }
- if ( flags & CERTDB_SEND_WARN ) {
- SECU_Indent(out, level); fprintf(out, "Warn When Sending\n");
- }
- if ( flags & CERTDB_VALID_CA ) {
- SECU_Indent(out, level); fprintf(out, "Valid CA\n");
- }
- if ( flags & CERTDB_TRUSTED_CA ) {
- SECU_Indent(out, level); fprintf(out, "Trusted CA\n");
- }
- if ( flags & CERTDB_NS_TRUSTED_CA ) {
- SECU_Indent(out, level); fprintf(out, "Netscape Trusted CA\n");
- }
- if ( flags & CERTDB_USER ) {
- SECU_Indent(out, level); fprintf(out, "User\n");
- }
- if ( flags & CERTDB_TRUSTED_CLIENT_CA ) {
- SECU_Indent(out, level); fprintf(out, "Trusted Client CA\n");
- }
-#ifdef DEBUG
- if ( flags & CERTDB_GOVT_APPROVED_CA ) {
- SECU_Indent(out, level); fprintf(out, "Step-up\n");
- }
-#endif /* DEBUG */
-}
-
-void
-SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level)
-{
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- SECU_Indent(out, level+1); fprintf(out, "SSL Flags:\n");
- printFlags(out, trust->sslFlags, level+2);
- SECU_Indent(out, level+1); fprintf(out, "Email Flags:\n");
- printFlags(out, trust->emailFlags, level+2);
- SECU_Indent(out, level+1); fprintf(out, "Object Signing Flags:\n");
- printFlags(out, trust->objectSigningFlags, level+2);
-}
-
-int SECU_PrintSignedData(FILE *out, SECItem *der, char *m,
- int level, SECU_PPFunc inner)
-{
- PRArenaPool *arena = NULL;
- CERTSignedData *sd;
- int rv;
-
- /* Strip off the signature */
- sd = (CERTSignedData*) PORT_ZAlloc(sizeof(CERTSignedData));
- if (!sd)
- return PORT_GetError();
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena)
- return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_ASN1DecodeItem(arena, sd, SEC_ASN1_GET(CERT_SignedDataTemplate),
- der);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
- SECU_Indent(out, level); fprintf(out, "%s:\n", m);
- rv = (*inner)(out, &sd->data, "Data", level+1);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
- SECU_PrintAlgorithmID(out, &sd->signatureAlgorithm, "Signature Algorithm",
- level+1);
- DER_ConvertBitString(&sd->signature);
- SECU_PrintAsHex(out, &sd->signature, "Signature", level+1);
-
- PORT_FreeArena(arena, PR_FALSE);
- return 0;
-
-}
-
-
-#ifdef AIX
-int _OS_SELECT (int nfds, void *readfds, void *writefds,
- void *exceptfds, struct timeval *timeout) {
- return select (nfds,readfds,writefds,exceptfds,timeout);
-}
-#endif
-
-SECItem *
-SECU_GetPBEPassword(void *arg)
-{
- char *p = NULL;
- SECItem *pwitem = NULL;
-
- p = SECU_GetPasswordString(arg,"Password: ");
-
- /* NOTE: This function is obviously unfinished. */
-
- if ( pwitem == NULL ) {
- fprintf(stderr, "Error hashing password\n");
- return NULL;
- }
-
- return pwitem;
-}
-
-SECStatus
-SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd)
-{
- PRBool found;
- PLOptState *optstate;
- PLOptStatus status;
- char *optstring;
- int i, j;
-
- optstring = (char *)malloc(cmd->numCommands + 2*cmd->numOptions);
- j = 0;
-
- for (i=0; i<cmd->numCommands; i++) {
- optstring[j++] = cmd->commands[i].flag;
- }
- for (i=0; i<cmd->numOptions; i++) {
- optstring[j++] = cmd->options[i].flag;
- if (cmd->options[i].needsArg)
- optstring[j++] = ':';
- }
- optstring[j] = '\0';
- optstate = PL_CreateOptState(argc, argv, optstring);
-
- /* Parse command line arguments */
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
-
- /* Wasn't really an option, just standalone arg. */
- if (optstate->option == '\0')
- continue;
-
- found = PR_FALSE;
-
- for (i=0; i<cmd->numCommands; i++) {
- if (cmd->commands[i].flag == optstate->option) {
- cmd->commands[i].activated = PR_TRUE;
- if (optstate->value) {
- cmd->commands[i].arg = (char *)optstate->value;
- }
- found = PR_TRUE;
- break;
- }
- }
-
- if (found)
- continue;
-
- for (i=0; i<cmd->numOptions; i++) {
- if (cmd->options[i].flag == optstate->option) {
- cmd->options[i].activated = PR_TRUE;
- if (optstate->value) {
- cmd->options[i].arg = (char *)optstate->value;
- }
- found = PR_TRUE;
- break;
- }
- }
-
- if (!found)
- return SECFailure;
- }
- if (status == PL_OPT_BAD)
- return SECFailure;
- return SECSuccess;
-}
-
-char *
-SECU_GetOptionArg(secuCommand *cmd, int optionNum)
-{
- if (optionNum < 0 || optionNum >= cmd->numOptions)
- return NULL;
- if (cmd->options[optionNum].activated)
- return PL_strdup(cmd->options[optionNum].arg);
- else
- return NULL;
-}
-
-static char SECUErrorBuf[64];
-
-char *
-SECU_ErrorStringRaw(int16 err)
-{
- if (err == 0)
- sprintf(SECUErrorBuf, "");
- else if (err == SEC_ERROR_BAD_DATA)
- sprintf(SECUErrorBuf, "Bad data");
- else if (err == SEC_ERROR_BAD_DATABASE)
- sprintf(SECUErrorBuf, "Problem with database");
- else if (err == SEC_ERROR_BAD_DER)
- sprintf(SECUErrorBuf, "Problem with DER");
- else if (err == SEC_ERROR_BAD_KEY)
- sprintf(SECUErrorBuf, "Problem with key");
- else if (err == SEC_ERROR_BAD_PASSWORD)
- sprintf(SECUErrorBuf, "Incorrect password");
- else if (err == SEC_ERROR_BAD_SIGNATURE)
- sprintf(SECUErrorBuf, "Bad signature");
- else if (err == SEC_ERROR_EXPIRED_CERTIFICATE)
- sprintf(SECUErrorBuf, "Expired certificate");
- else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID)
- sprintf(SECUErrorBuf, "Invalid extension value");
- else if (err == SEC_ERROR_INPUT_LEN)
- sprintf(SECUErrorBuf, "Problem with input length");
- else if (err == SEC_ERROR_INVALID_ALGORITHM)
- sprintf(SECUErrorBuf, "Invalid algorithm");
- else if (err == SEC_ERROR_INVALID_ARGS)
- sprintf(SECUErrorBuf, "Invalid arguments");
- else if (err == SEC_ERROR_INVALID_AVA)
- sprintf(SECUErrorBuf, "Invalid AVA");
- else if (err == SEC_ERROR_INVALID_TIME)
- sprintf(SECUErrorBuf, "Invalid time");
- else if (err == SEC_ERROR_IO)
- sprintf(SECUErrorBuf, "Security I/O error");
- else if (err == SEC_ERROR_LIBRARY_FAILURE)
- sprintf(SECUErrorBuf, "Library failure");
- else if (err == SEC_ERROR_NO_MEMORY)
- sprintf(SECUErrorBuf, "Out of memory");
- else if (err == SEC_ERROR_OLD_CRL)
- sprintf(SECUErrorBuf, "CRL is older than the current one");
- else if (err == SEC_ERROR_OUTPUT_LEN)
- sprintf(SECUErrorBuf, "Problem with output length");
- else if (err == SEC_ERROR_UNKNOWN_ISSUER)
- sprintf(SECUErrorBuf, "Unknown issuer");
- else if (err == SEC_ERROR_UNTRUSTED_CERT)
- sprintf(SECUErrorBuf, "Untrusted certificate");
- else if (err == SEC_ERROR_UNTRUSTED_ISSUER)
- sprintf(SECUErrorBuf, "Untrusted issuer");
- else if (err == SSL_ERROR_BAD_CERTIFICATE)
- sprintf(SECUErrorBuf, "Bad certificate");
- else if (err == SSL_ERROR_BAD_CLIENT)
- sprintf(SECUErrorBuf, "Bad client");
- else if (err == SSL_ERROR_BAD_SERVER)
- sprintf(SECUErrorBuf, "Bad server");
- else if (err == SSL_ERROR_EXPORT_ONLY_SERVER)
- sprintf(SECUErrorBuf, "Export only server");
- else if (err == SSL_ERROR_NO_CERTIFICATE)
- sprintf(SECUErrorBuf, "No certificate");
- else if (err == SSL_ERROR_NO_CYPHER_OVERLAP)
- sprintf(SECUErrorBuf, "No cypher overlap");
- else if (err == SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE)
- sprintf(SECUErrorBuf, "Unsupported certificate type");
- else if (err == SSL_ERROR_UNSUPPORTED_VERSION)
- sprintf(SECUErrorBuf, "Unsupported version");
- else if (err == SSL_ERROR_US_ONLY_SERVER)
- sprintf(SECUErrorBuf, "U.S. only server");
- else if (err == PR_IO_ERROR)
- sprintf(SECUErrorBuf, "I/O error");
-
- else if (err == SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE)
- sprintf (SECUErrorBuf, "Expired Issuer Certificate");
- else if (err == SEC_ERROR_REVOKED_CERTIFICATE)
- sprintf (SECUErrorBuf, "Revoked certificate");
- else if (err == SEC_ERROR_NO_KEY)
- sprintf (SECUErrorBuf, "No private key in database for this cert");
- else if (err == SEC_ERROR_CERT_NOT_VALID)
- sprintf (SECUErrorBuf, "Certificate is not valid");
- else if (err == SEC_ERROR_EXTENSION_NOT_FOUND)
- sprintf (SECUErrorBuf, "Certificate extension was not found");
- else if (err == SEC_ERROR_EXTENSION_VALUE_INVALID)
- sprintf (SECUErrorBuf, "Certificate extension value invalid");
- else if (err == SEC_ERROR_CA_CERT_INVALID)
- sprintf (SECUErrorBuf, "Issuer certificate is invalid");
- else if (err == SEC_ERROR_CERT_USAGES_INVALID)
- sprintf (SECUErrorBuf, "Certificate usages is invalid");
- else if (err == SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION)
- sprintf (SECUErrorBuf, "Certificate has unknown critical extension");
- else if (err == SEC_ERROR_PKCS7_BAD_SIGNATURE)
- sprintf (SECUErrorBuf, "Bad PKCS7 signature");
- else if (err == SEC_ERROR_INADEQUATE_KEY_USAGE)
- sprintf (SECUErrorBuf, "Certificate not approved for this operation");
- else if (err == SEC_ERROR_INADEQUATE_CERT_TYPE)
- sprintf (SECUErrorBuf, "Certificate not approved for this operation");
-
- return SECUErrorBuf;
-}
-
-char *
-SECU_ErrorString(int16 err)
-{
- char *error_string;
-
- *SECUErrorBuf = 0;
- SECU_ErrorStringRaw (err);
-
- if (*SECUErrorBuf == 0) {
- error_string = SECU_GetString(err);
- if (error_string == NULL || *error_string == '\0')
- sprintf(SECUErrorBuf, "No error string found for %d.", err);
- else
- return error_string;
- }
-
- return SECUErrorBuf;
-}
-
-
-void
-SECU_PrintPRandOSError(char *progName)
-{
- char buffer[513];
- PRErrorCode err = PR_GetError();
- PRInt32 errLen = PR_GetErrorTextLength();
- if (errLen > 0 && errLen < sizeof buffer) {
- PR_GetErrorText(buffer);
- }
- SECU_PrintError(progName, "NSS_Initialize failed");
- if (errLen > 0 && errLen < sizeof buffer) {
- PR_fprintf(PR_STDERR, "\t%s\n", buffer);
- }
-}
diff --git a/security/nss/cmd/lib/secutil.h b/security/nss/cmd/lib/secutil.h
deleted file mode 100644
index e2db2f4c8..000000000
--- a/security/nss/cmd/lib/secutil.h
+++ /dev/null
@@ -1,327 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _SEC_UTIL_H_
-#define _SEC_UTIL_H_
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "prerror.h"
-#include "base64.h"
-#include "key.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secder.h"
-#include <stdio.h>
-
-#define SEC_CT_PRIVATE_KEY "private-key"
-#define SEC_CT_PUBLIC_KEY "public-key"
-#define SEC_CT_CERTIFICATE "certificate"
-#define SEC_CT_CERTIFICATE_REQUEST "certificate-request"
-#define SEC_CT_PKCS7 "pkcs7"
-#define SEC_CT_CRL "crl"
-
-#define NS_CERTREQ_HEADER "-----BEGIN NEW CERTIFICATE REQUEST-----"
-#define NS_CERTREQ_TRAILER "-----END NEW CERTIFICATE REQUEST-----"
-
-#define NS_CERT_HEADER "-----BEGIN CERTIFICATE-----"
-#define NS_CERT_TRAILER "-----END CERTIFICATE-----"
-
-/* From libsec/pcertdb.c --- it's not declared in sec.h */
-extern SECStatus SEC_AddPermCertificate(CERTCertDBHandle *handle,
- SECItem *derCert, char *nickname, CERTCertTrust *trust);
-
-
-#ifdef SECUTIL_NEW
-typedef int (*SECU_PPFunc)(PRFileDesc *out, SECItem *item,
- char *msg, int level);
-#else
-typedef int (*SECU_PPFunc)(FILE *out, SECItem *item, char *msg, int level);
-#endif
-
-typedef struct {
- enum {
- PW_NONE = 0,
- PW_FROMFILE = 1,
- PW_PLAINTEXT = 2
- } source;
- char *data;
-} secuPWData;
-
-/*
-** Change a password on a token, or initialize a token with a password
-** if it does not already have one.
-** Use passwd to send the password in plaintext, pwFile to specify a
-** file containing the password, or NULL for both to prompt the user.
-*/
-SECStatus SECU_ChangePW(PK11SlotInfo *slot, char *passwd, char *pwFile);
-
-/* These were stolen from the old sec.h... */
-/*
-** Check a password for legitimacy. Passwords must be at least 8
-** characters long and contain one non-alphabetic. Return DSTrue if the
-** password is ok, DSFalse otherwise.
-*/
-extern PRBool SEC_CheckPassword(char *password);
-
-/*
-** Blind check of a password. Complement to SEC_CheckPassword which
-** ignores length and content type, just retuning DSTrue is the password
-** exists, DSFalse if NULL
-*/
-extern PRBool SEC_BlindCheckPassword(char *password);
-
-/*
-** Get a password.
-** First prompt with "msg" on "out", then read the password from "in".
-** The password is then checked using "chkpw".
-*/
-extern char *SEC_GetPassword(FILE *in, FILE *out, char *msg,
- PRBool (*chkpw)(char *));
-
-char *SECU_FilePasswd(PK11SlotInfo *slot, PRBool retry, void *arg);
-
-char *SECU_GetPasswordString(void *arg, char *prompt);
-
-/*
-** Write a dongle password.
-** Uses MD5 to hash constant system data (hostname, etc.), and then
-** creates RC4 key to encrypt a password "pw" into a file "fd".
-*/
-extern SECStatus SEC_WriteDongleFile(int fd, char *pw);
-
-/*
-** Get a dongle password.
-** Uses MD5 to hash constant system data (hostname, etc.), and then
-** creates RC4 key to decrypt and return a password from file "fd".
-*/
-extern char *SEC_ReadDongleFile(int fd);
-
-
-/* End stolen headers */
-
-/* Just sticks the two strings together with a / if needed */
-char *SECU_AppendFilenameToDir(char *dir, char *filename);
-
-/* Returns result of getenv("SSL_DIR") or NULL */
-extern char *SECU_DefaultSSLDir(void);
-
-/*
-** Should be called once during initialization to set the default
-** directory for looking for cert.db, key.db, and cert-nameidx.db files
-** Removes trailing '/' in 'base'
-** If 'base' is NULL, defaults to set to .netscape in home directory.
-*/
-extern char *SECU_ConfigDirectory(const char* base);
-
-/*
-** Basic callback function for SSL_GetClientAuthDataHook
-*/
-extern int
-SECU_GetClientAuthData(void *arg, PRFileDesc *fd,
- struct CERTDistNamesStr *caNames,
- struct CERTCertificateStr **pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
-/* print out an error message */
-extern void SECU_PrintError(char *progName, char *msg, ...);
-
-/* print out a system error message */
-extern void SECU_PrintSystemError(char *progName, char *msg, ...);
-
-/* Return informative error string */
-extern const char * SECU_Strerror(PRErrorCode errNum);
-
-/* Read the contents of a file into a SECItem */
-extern SECStatus SECU_FileToItem(SECItem *dst, PRFileDesc *src);
-extern SECStatus SECU_TextFileToItem(SECItem *dst, PRFileDesc *src);
-
-/* Read in a DER from a file, may be ascii */
-extern SECStatus
-SECU_ReadDERFromFile(SECItem *der, PRFileDesc *inFile, PRBool ascii);
-
-/* Indent based on "level" */
-extern void SECU_Indent(FILE *out, int level);
-
-/* Print integer value and hex */
-extern void SECU_PrintInteger(FILE *out, SECItem *i, char *m, int level);
-
-/* Print ObjectIdentifier symbolically */
-extern void SECU_PrintObjectID(FILE *out, SECItem *oid, char *m, int level);
-
-/* Print AlgorithmIdentifier symbolically */
-extern void SECU_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m,
- int level);
-
-/* Print SECItem as hex */
-extern void SECU_PrintAsHex(FILE *out, SECItem *i, char *m, int level);
-
-/* dump a buffer in hex and ASCII */
-extern void SECU_PrintBuf(FILE *out, const char *msg, const void *vp, int len);
-
-/*
- * Format and print the UTC Time "t". If the tag message "m" is not NULL,
- * do indent formatting based on "level" and add a newline afterward;
- * otherwise just print the formatted time string only.
- */
-extern void SECU_PrintUTCTime(FILE *out, SECItem *t, char *m, int level);
-
-/*
- * Format and print the Generalized Time "t". If the tag message "m"
- * is not NULL, * do indent formatting based on "level" and add a newline
- * afterward; otherwise just print the formatted time string only.
- */
-extern void SECU_PrintGeneralizedTime(FILE *out, SECItem *t, char *m,
- int level);
-
-/* callback for listing certs through pkcs11 */
-extern SECStatus SECU_PrintCertNickname(CERTCertificate *cert, void *data);
-
-/* Dump all certificate nicknames in a database */
-extern SECStatus
-SECU_PrintCertificateNames(CERTCertDBHandle *handle, PRFileDesc* out,
- PRBool sortByName, PRBool sortByTrust);
-
-/* See if nickname already in database. Return 1 true, 0 false, -1 error */
-int SECU_CheckCertNameExists(CERTCertDBHandle *handle, char *nickname);
-
-/* Dump contents of cert req */
-extern int SECU_PrintCertificateRequest(FILE *out, SECItem *der, char *m,
- int level);
-
-/* Dump contents of certificate */
-extern int SECU_PrintCertificate(FILE *out, SECItem *der, char *m, int level);
-
-/* print trust flags on a cert */
-extern void SECU_PrintTrustFlags(FILE *out, CERTCertTrust *trust, char *m, int level);
-
-/* Dump contents of public key */
-extern int SECU_PrintPublicKey(FILE *out, SECItem *der, char *m, int level);
-
-#ifdef HAVE_EPV_TEMPLATE
-/* Dump contents of private key */
-extern int SECU_PrintPrivateKey(FILE *out, SECItem *der, char *m, int level);
-#endif
-
-/* Print the MD5 and SHA1 fingerprints of a cert */
-extern int SECU_PrintFingerprints(FILE *out, SECItem *derCert, char *m,
- int level);
-
-/* Pretty-print any PKCS7 thing */
-extern int SECU_PrintPKCS7ContentInfo(FILE *out, SECItem *der, char *m,
- int level);
-
-/* Init PKCS11 stuff */
-extern SECStatus SECU_PKCS11Init(PRBool readOnly);
-
-/* Dump contents of signed data */
-extern int SECU_PrintSignedData(FILE *out, SECItem *der, char *m, int level,
- SECU_PPFunc inner);
-
-extern int SECU_PrintCrl(FILE *out, SECItem *der, char *m, int level);
-
-extern void
-SECU_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m, int level);
-
-extern void SECU_PrintExtensions(FILE *out, CERTCertExtension **extensions,
- char *msg, int level);
-
-extern void SECU_PrintName(FILE *out, CERTName *name, char *msg, int level);
-
-#ifdef SECU_GetPassword
-/* Convert a High public Key to a Low public Key */
-extern SECKEYLowPublicKey *SECU_ConvHighToLow(SECKEYPublicKey *pubHighKey);
-#endif
-
-extern SECItem *SECU_GetPBEPassword(void *arg);
-
-extern char *SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg);
-
-extern SECStatus DER_PrettyPrint(FILE *out, SECItem *it, PRBool raw);
-extern void SEC_Init(void);
-
-extern char *SECU_SECModDBName(void);
-
-extern void SECU_PrintPRandOSError(char *progName);
-
-/*
- *
- * Utilities for parsing security tools command lines
- *
- */
-
-/* A single command flag */
-typedef struct {
- char flag;
- PRBool needsArg;
- char *arg;
- PRBool activated;
-} secuCommandFlag;
-
-/* A full array of command/option flags */
-typedef struct
-{
- int numCommands;
- int numOptions;
-
- secuCommandFlag *commands;
- secuCommandFlag *options;
-} secuCommand;
-
-/* fill the "arg" and "activated" fields for each flag */
-SECStatus
-SECU_ParseCommandLine(int argc, char **argv, char *progName, secuCommand *cmd);
-char *
-SECU_GetOptionArg(secuCommand *cmd, int optionNum);
-
-/*
- *
- * Error messaging
- *
- */
-
-/* Return informative error string */
-char *SECU_ErrorString(int16 err);
-
-/* Return informative error string. Does not call XP_GetString */
-char *SECU_ErrorStringRaw(int16 err);
-
-void printflags(char *trusts, unsigned int flags);
-
-#ifndef XP_UNIX
-extern int ffs(unsigned int i);
-#endif
-
-#include "secerr.h"
-#include "sslerr.h"
-
-#endif /* _SEC_UTIL_H_ */
diff --git a/security/nss/cmd/lib/sslstubs.c b/security/nss/cmd/lib/sslstubs.c
deleted file mode 100644
index a7ceda64a..000000000
--- a/security/nss/cmd/lib/sslstubs.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secport.h" /* for UUID */
-#ifdef XP_WIN
-#include <IO.H>
-#endif
-
-#ifndef NOT_NULL
-char *NOT_NULL(const char *x)
-{
- return((char *) x);
-}
-#endif
-
-/* Override the macro definition in xpassert.h if necessary. */
-#ifdef XP_AssertAtLine
-#undef XP_AssertAtLine
-#endif
-
-void XP_AssertAtLine(char *pFileName, int iLine)
-{
- abort();
-}
-
-void FE_Trace(const char *msg)
-{
- fputs(msg, stderr);
-}
-
-#ifdef XP_WIN
-RPC_STATUS __stdcall UuidCreate(UUID *Uuid)
-{
- return 0;
-}
-
-void FEU_StayingAlive(void)
-{
-}
-
-int dupsocket(int sock)
-{
- return dup(sock);
-}
-#endif
diff --git a/security/nss/cmd/lib/strerror.c b/security/nss/cmd/lib/strerror.c
deleted file mode 100644
index 32af63603..000000000
--- a/security/nss/cmd/lib/strerror.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#if defined(XP_WIN)
-#include <errno.h>
-#include <winsock.h>
-#define EWOULDBLOCK WSAEWOULDBLOCK
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-static char *(mcom_include_merrors_i_strings)(int16 i) ;
-static char *(mcom_include_secerr_i_strings)(int16 i) ;
-static char *(mcom_include_sslerr_i_strings)(int16 i) ;
-static char *(mcom_include_xp_error_i_strings)(int16 i) ;
-static char *(mcom_include_xp_msg_i_strings)(int16 i) ;
-
-
-#ifdef XP_WIN
-
-#define EWOULDBLOCK WSAEWOULDBLOCK
-#define EINPROGRESS WSAEINPROGRESS
-#define EALREADY WSAEALREADY
-#define ENOTSOCK WSAENOTSOCK
-#define EDESTADDRREQ WSAEDESTADDRREQ
-#define EMSGSIZE WSAEMSGSIZE
-#define EPROTOTYPE WSAEPROTOTYPE
-#define ENOPROTOOPT WSAENOPROTOOPT
-#define EPROTONOSUPPORT WSAEPROTONOSUPPORT
-#define ESOCKTNOSUPPORT WSAESOCKTNOSUPPORT
-#define EOPNOTSUPP WSAEOPNOTSUPP
-#define EPFNOSUPPORT WSAEPFNOSUPPORT
-#define EAFNOSUPPORT WSAEAFNOSUPPORT
-#define EADDRINUSE WSAEADDRINUSE
-#define EADDRNOTAVAIL WSAEADDRNOTAVAIL
-#define ENETDOWN WSAENETDOWN
-#define ENETUNREACH WSAENETUNREACH
-#define ENETRESET WSAENETRESET
-#define ECONNABORTED WSAECONNABORTED
-#define ECONNRESET WSAECONNRESET
-#define ENOBUFS WSAENOBUFS
-#define EISCONN WSAEISCONN
-#define ENOTCONN WSAENOTCONN
-#define ESHUTDOWN WSAESHUTDOWN
-#define ETOOMANYREFS WSAETOOMANYREFS
-#define ETIMEDOUT WSAETIMEDOUT
-#define ECONNREFUSED WSAECONNREFUSED
-#define ELOOP WSAELOOP
-#define EHOSTDOWN WSAEHOSTDOWN
-#define EHOSTUNREACH WSAEHOSTUNREACH
-#define EPROCLIM WSAEPROCLIM
-#define EUSERS WSAEUSERS
-#define EDQUOT WSAEDQUOT
-#define ESTALE WSAESTALE
-#define EREMOTE WSAEREMOTE
-
-#endif
-
-#undef XP_WIN
-#undef XP_UNIX
-#undef RESOURCE_STR_X
-#undef RESOURCE_STR
-
-#define XP_UNIX 1
-#define RESOURCE_STR 1
-
-#include "allxpstr.h"
-
-const char *
-SECU_Strerror(int error)
-{
- char * errString;
- int16 err = error + RES_OFFSET;
-
- errString = mcom_include_merrors_i_strings(err) ;
- if (!errString)
- errString = mcom_include_secerr_i_strings(err) ;
- if (!errString)
- errString = mcom_include_sslerr_i_strings(err) ;
- if (!errString)
- errString = mcom_include_xp_error_i_strings(err) ;
- if (!errString)
- errString = mcom_include_xp_msg_i_strings(err) ;
- if (!errString)
- errString = "ERROR NOT FOUND! \n";
-
-/* printf( "%s\n", errString); */
-
- return (const char *)errString;
-}
-
diff --git a/security/nss/cmd/lib/stubs.c b/security/nss/cmd/lib/stubs.c
deleted file mode 100644
index 6dfafcb66..000000000
--- a/security/nss/cmd/lib/stubs.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secport.h" /* for UUID */
-
-#if !defined(SUNOS) && !defined(SUN) && !defined(SOLARIS)
-void SSL_InitHashLock (void)
- {
- }
-
-void SSL3_Init (void)
- {
- }
-#endif
-
-int
-PREF_GetCharPref(const char *pref_name, char * return_buffer, int * length)
-{
- assert(0);
- return -1;
-}
diff --git a/security/nss/cmd/makefile.inc b/security/nss/cmd/makefile.inc
deleted file mode 100644
index 029576e7c..000000000
--- a/security/nss/cmd/makefile.inc
+++ /dev/null
@@ -1,84 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-INCLUDES += \
- -I$(DEPTH)/security/lib/cert \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- -I../include \
- $(NULL)
-
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
- $(DIST)/lib/libdbm.a \
- $(DIST)/lib/libxp.a \
- $(DIST)/lib/libnspr21.a \
- $(NULL)
-
-
-#There is a circular dependancy in security/lib, and here is a gross fix
-SEC_LIBS = \
- $(DIST)/lib/libsecnav.a \
- $(DIST)/lib/libssl.a \
- $(DIST)/lib/libpkcs7.a \
- $(DIST)/lib/libcert.a \
- $(DIST)/lib/libkey.a \
- $(DIST)/lib/libsecmod.a \
- $(DIST)/lib/libcrypto.a \
- $(DIST)/lib/libsecutil.a \
- $(DIST)/lib/libssl.a \
- $(DIST)/lib/libpkcs7.a \
- $(DIST)/lib/libcert.a \
- $(DIST)/lib/libkey.a \
- $(DIST)/lib/libsecmod.a \
- $(DIST)/lib/libcrypto.a \
- $(DIST)/lib/libsecutil.a \
- $(DIST)/lib/libhash.a \
- $(NULL)
-
-MYLIBDIR= ../lib/$(OBJDIR)
-MYLIB = $(MYLIBDIR)/libsectool.a
-
-US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-
-# this hack is necessary because rules.mk doesn't put anything like $(LIBS)
-# on the link command line (!?!?!?!)
-LDFLAGS += $(EX_LIBS)
-
diff --git a/security/nss/cmd/makefile.win b/security/nss/cmd/makefile.win
deleted file mode 100644
index 5e506590b..000000000
--- a/security/nss/cmd/makefile.win
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-include <$(DEPTH)\config\config.mak>
-
-include <$(DEPTH)\config\rules.mak>
-
-objs: $(OBJS)
-
-programs: $(PROGRAM)
-
-syms:
- @echo "OBJS is $(OBJS)"
- @echo "INCS is $(INCS)"
-
diff --git a/security/nss/cmd/makepqg/Makefile b/security/nss/cmd/makepqg/Makefile
deleted file mode 100644
index 36bf774fb..000000000
--- a/security/nss/cmd/makepqg/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
-
diff --git a/security/nss/cmd/makepqg/makefile.win b/security/nss/cmd/makepqg/makefile.win
deleted file mode 100644
index 462448d73..000000000
--- a/security/nss/cmd/makepqg/makefile.win
+++ /dev/null
@@ -1,156 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-PROGRAM = makepqg
-PROGRAM = $(OBJDIR)\$(PROGRAM).exe
-
-include <$(DEPTH)\config\config.mak>
-
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I$(DEPTH)/security/lib/crypto \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-# awt3240.lib # brpref32.lib # cert32.lib
-# crypto32.lib # dllcom.lib # editor32.lib
-# edpref32.lib # edtplug.lib # font.lib
-# hash32.lib # htmldg32.lib # img32.lib
-# javart32.lib # jbn3240.lib # jdb3240.lib
-# jmc.lib # jpeg3240.lib # jpw3240.lib
-# jrt3240.lib # js3240.lib # jsd3240.lib
-# key32.lib # libapplet32.lib # libnjs32.lib
-# libnsc32.lib # libreg32.lib # mm3240.lib
-# mnpref32.lib # netcst32.lib # nsdlg32.lib
-# nsldap32.lib # nsldaps32.lib # nsn32.lib
-# pkcs1232.lib # pkcs732.lib # pr3240.lib
-# prefui32.lib # prefuuid.lib # secmod32.lib
-# secnav32.lib # secutl32.lib # softup32.lib
-# sp3240.lib # ssl32.lib # uni3200.lib
-# unicvt32.lib # win32md.lib # winfont.lib
-# xppref32.lib # zlib32.lib
-
-include <$(DEPTH)\config\rules.mak>
-
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-# ALLXPSTR.obj XP_ALLOC.obj XP_HASH.obj XP_RGB.obj XP_WRAP.obj
-# CXPRINT.obj XP_C.cl XP_LIST.obj XP_SEC.obj netscape.exp
-# CXPRNDLG.obj XP_CNTXT.obj XP_MD5.obj XP_STR.obj xp.pch
-# EXPORT.obj XP_CORE.obj XP_MESG.obj XP_THRMO.obj xppref32.dll
-# XPASSERT.obj XP_ERROR.obj XP_RECT.obj XP_TIME.obj
-# XPLOCALE.obj XP_FILE.obj XP_REG.obj XP_TRACE.obj
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/makepqg/makepqg.c b/security/nss/cmd/makepqg/makepqg.c
deleted file mode 100644
index ead4698ad..000000000
--- a/security/nss/cmd/makepqg/makepqg.c
+++ /dev/null
@@ -1,277 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-
-#include "secutil.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "pqgutil.h"
-#include "secrng.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include "plgetopt.h"
-
-#define BPB 8 /* bits per byte. */
-
-char *progName;
-
-
-void
-Usage(void)
-{
- fprintf(stderr, "Usage: %s\n", progName);
- fprintf(stderr,
-"-a Output DER-encoded PQG params, BTOA encoded.\n"
-" -l prime-length Length of prime in bits (1024 is default)\n"
-" -o file Output to this file (default is stdout)\n"
-"-b Output DER-encoded PQG params in binary\n"
-" -l prime-length Length of prime in bits (1024 is default)\n"
-" -o file Output to this file (default is stdout)\n"
-"-r Output P, Q and G in ASCII hexadecimal. \n"
-" -l prime-length Length of prime in bits (1024 is default)\n"
-" -o file Output to this file (default is stdout)\n"
-"-g bits Generate SEED this many bits long.\n"
-);
- exit(-1);
-
-}
-
-int
-outputPQGParams(PQGParams * pqgParams, PRBool output_binary, PRBool output_raw,
- FILE * outFile)
-{
- PRArenaPool * arena = NULL;
- char * PQG;
- SECItem encodedParams;
-
- if (output_raw) {
- SECItem item;
-
- PQG_GetPrimeFromParams(pqgParams, &item);
- SECU_PrintInteger(outFile, &item, "Prime", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- PQG_GetSubPrimeFromParams(pqgParams, &item);
- SECU_PrintInteger(outFile, &item, "Subprime", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- PQG_GetBaseFromParams(pqgParams, &item);
- SECU_PrintInteger(outFile, &item, "Base", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- fprintf(outFile, "\n");
- return 0;
- }
-
- encodedParams.data = NULL;
- encodedParams.len = 0;
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams,
- SECKEY_PQGParamsTemplate);
- if (output_binary) {
- fwrite(encodedParams.data, encodedParams.len, sizeof(char), outFile);
- printf("\n");
- return 0;
- }
-
- /* must be output ASCII */
- PQG = BTOA_DataToAscii(encodedParams.data, encodedParams.len);
-
- fprintf(outFile,"%s",PQG);
- printf("\n");
- return 0;
-}
-
-int
-outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw,
- FILE * outFile)
-{
- if (output_raw) {
- SECItem item;
- unsigned int counter;
-
- PQG_GetHFromVerify(pqgVerify, &item);
- SECU_PrintInteger(outFile, &item, "h", 1);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- PQG_GetSeedFromVerify(pqgVerify, &item);
- SECU_PrintInteger(outFile, &item, "SEED", 1);
- fprintf(outFile, " g: %d\n", item.len * BPB);
- SECITEM_FreeItem(&item, PR_FALSE);
-
- counter = PQG_GetCounterFromVerify(pqgVerify);
- fprintf(outFile, " counter: %d\n", counter);
- fprintf(outFile, "\n");
- return 0;
- }
- return 0;
-}
-
-int
-main(int argc, char **argv)
-{
- FILE * outFile = NULL;
- PQGParams * pqgParams = NULL;
- PQGVerify * pqgVerify = NULL;
- int keySizeInBits = 1024;
- int j;
- int o;
- int g = 0;
- SECStatus rv = 0;
- SECStatus passed = 0;
- PRBool output_ascii = PR_FALSE;
- PRBool output_binary = PR_FALSE;
- PRBool output_raw = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
-
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- /* Parse command line arguments */
- optstate = PL_CreateOptState(argc, argv, "l:abro:g:" );
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
-
- case 'l':
- keySizeInBits = atoi(optstate->value);
- break;
-
- case 'a':
- output_ascii = PR_TRUE;
- break;
-
- case 'b':
- output_binary = PR_TRUE;
- break;
-
- case 'r':
- output_raw = PR_TRUE;
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "wb");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- rv = -1;
- }
- break;
-
- case 'g':
- g = atoi(optstate->value);
- break;
-
- default:
- case '?':
- Usage();
- break;
-
- }
- }
-
- if (rv != 0) {
- return rv;
- }
-
- /* exactly 1 of these options must be set. */
- if (1 != ((output_ascii != PR_FALSE) +
- (output_binary != PR_FALSE) +
- (output_raw != PR_FALSE))) {
- Usage();
- }
-
- j = PQG_PBITS_TO_INDEX(keySizeInBits);
- if (j < 0) {
- fprintf(stderr, "%s: Illegal prime length, \n"
- "\tacceptable values are between 512 and 1024,\n"
- "\tand divisible by 64\n", progName);
- return -1;
- }
- if (g != 0 && (g < 160 || g >= 2048 || g % 8 != 0)) {
- fprintf(stderr, "%s: Illegal g bits, \n"
- "\tacceptable values are between 160 and 2040,\n"
- "\tand divisible by 8\n", progName);
- return -1;
- }
-
- if (outFile == NULL) {
- outFile = stdout;
- }
-
- RNG_RNGInit();
- RNG_SystemInfoForRNG();
- if (g)
- rv = PQG_ParamGenSeedLen((unsigned)j, (unsigned)(g/8),
- &pqgParams, &pqgVerify);
- else
- rv = PQG_ParamGen((unsigned)j, &pqgParams, &pqgVerify);
-
- if (rv != SECSuccess || pqgParams == NULL) {
- fprintf(stderr, "%s: PQG parameter generation failed.\n", progName);
- goto loser;
- }
- fprintf(stderr, "%s: PQG parameter generation completed.\n", progName);
-
- o = outputPQGParams(pqgParams, output_binary, output_raw, outFile);
- o = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile);
-
- rv = PQG_VerifyParams(pqgParams, pqgVerify, &passed);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: PQG parameter verification aborted.\n", progName);
- goto loser;
- }
- if (passed != SECSuccess) {
- fprintf(stderr, "%s: PQG parameters failed verification.\n", progName);
- goto loser;
- }
- fprintf(stderr, "%s: PQG parameters passed verification.\n", progName);
-
- PQG_DestroyParams(pqgParams);
- PQG_DestroyVerify(pqgVerify);
- return 0;
-
-loser:
- PQG_DestroyParams(pqgParams);
- PQG_DestroyVerify(pqgVerify);
- return 1;
-}
diff --git a/security/nss/cmd/makepqg/manifest.mn b/security/nss/cmd/makepqg/manifest.mn
deleted file mode 100644
index 1bf4337c1..000000000
--- a/security/nss/cmd/makepqg/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = security seccmd dbm
-
-# DIRS =
-
-CSRCS = makepqg.c
-
-PROGRAM = makepqg
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/makepqg/testit.ksh b/security/nss/cmd/makepqg/testit.ksh
deleted file mode 100644
index 98cb7fa9d..000000000
--- a/security/nss/cmd/makepqg/testit.ksh
+++ /dev/null
@@ -1,41 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-COUNTER=75
-while [ $COUNTER -ge "1" ]
-do
- COUNTER=$(eval expr $COUNTER - 1)
- echo $COUNTER
- */makepqg.exe -r -l 640 -g 160 || exit 1
-done
-
diff --git a/security/nss/cmd/manifest.mn b/security/nss/cmd/manifest.mn
deleted file mode 100644
index f0d928607..000000000
--- a/security/nss/cmd/manifest.mn
+++ /dev/null
@@ -1,87 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEPTH = ../..
-# MODULE = seccmd
-
-REQUIRES = security nspr libdbm
-
-DIRS = lib \
- zlib \
- atob \
- bltest \
- btoa \
- certcgi \
- certutil \
- checkcert \
- crlutil \
- derdump \
- digest \
- makepqg \
- ocspclnt \
- oidcalc \
- p7content \
- p7env \
- p7sign \
- p7verify \
- pk12util \
- pp \
- rngtest \
- rsaperf \
- sdrtest \
- selfserv \
- signtool \
- signver \
- smimetools \
- SSLsample \
- ssltap \
- strsclnt \
- swfort \
- tstclnt \
- modutil \
- $(NULL)
-
-TEMPORARILY_DONT_BUILD = \
- $(NULL)
-
-# rsaperf \
-#
-# needs to look at what needs to happen to make jar build in
-# the binary release environment.
-#
-# perror requires lib/strerror.c which requires the client code installed
-# to build (requires allxpstr.h)
-#
-DONT_BULD = jar \
- perror \
-$(NULL)
diff --git a/security/nss/cmd/modutil/Makefile b/security/nss/cmd/modutil/Makefile
deleted file mode 100644
index 3d2bbb412..000000000
--- a/security/nss/cmd/modutil/Makefile
+++ /dev/null
@@ -1,80 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
-#
-# Cancel the built-in implicit yacc and lex rules.
-#
-
-%.c: %.y
-%.c: %.l
diff --git a/security/nss/cmd/modutil/README b/security/nss/cmd/modutil/README
deleted file mode 100644
index 12d192c9f..000000000
--- a/security/nss/cmd/modutil/README
+++ /dev/null
@@ -1,7 +0,0 @@
- CRYPTOGRAPHIC MODULE UTILITY (modutil)
- VERSION 1.0
- ===============================================
-
-The file specification.html documentats the software.
-
-The file pk11jar.html documents the PKCS #11 JAR format.
diff --git a/security/nss/cmd/modutil/README.TXT b/security/nss/cmd/modutil/README.TXT
deleted file mode 100644
index 279e3ebe6..000000000
--- a/security/nss/cmd/modutil/README.TXT
+++ /dev/null
@@ -1,7 +0,0 @@
- CRYPTOGRAPHIC MODULE UTILITY (modutil)
- VERSION 1.0
- ===============================================
-
-The file specification.html documentats the software.
-
-The file pk11jar.html documents the PKCS #11 JAR format.
diff --git a/security/nss/cmd/modutil/config.mk b/security/nss/cmd/modutil/config.mk
deleted file mode 100644
index 3da32a667..000000000
--- a/security/nss/cmd/modutil/config.mk
+++ /dev/null
@@ -1,77 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-LDFLAGS = \
- $(DYNAMIC_LIB_PATH) \
- $(LDOPTS) \
- $(LIBSECTOOLS) \
- $(LIBSECMOD) \
- $(LIBHASH) \
- $(LIBCERT) \
- $(LIBKEY) \
- $(LIBCRYPTO) \
- $(LIBSECUTIL) \
- $(LIBDBM) \
- $(LIBPLC3) \
- $(LIBPLDS3) \
- $(LIBPR3) \
- $(DLLSYSTEM) \
- $(LIBJAR) \
- $(LIBZLIB) \
- $(LIBPKCS7) \
- $(LIBPLC3)
-
-# Strip out the symbols
-ifdef BUILD_OPT
- ifneq ($(OS_ARCH),WINNT)
- LDFLAGS += -s
- endif
-endif
-
-#######################################################################
-# Adjust specific variables for all platforms #
-#######################################################################
-
-
-ifeq ($(OS_ARCH),WINNT)
- PACKAGE_FILES = license.txt README.TXT specification.html pk11jar.html modutil.exe
-else
- PACKAGE_FILES = license.doc README specification.html pk11jar.html modutil
-endif
-
-ARCHIVE_NAME = modutil_$(OS_CONFIG)
diff --git a/security/nss/cmd/modutil/error.h b/security/nss/cmd/modutil/error.h
deleted file mode 100644
index 42583a355..000000000
--- a/security/nss/cmd/modutil/error.h
+++ /dev/null
@@ -1,180 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef MODUTIL_ERROR_H
-#define MODUTIL_ERROR_H
-
-typedef enum {
- NO_ERR=0,
- INVALID_USAGE_ERR,
- UNEXPECTED_ARG_ERR,
- UNKNOWN_OPTION_ERR,
- MULTIPLE_COMMAND_ERR,
- OPTION_NEEDS_ARG_ERR,
- DUPLICATE_OPTION_ERR,
- MISSING_PARAM_ERR,
- INVALID_FIPS_ARG,
- NO_COMMAND_ERR,
- NO_DBDIR_ERR,
- FIPS_SWITCH_FAILED_ERR,
- FIPS_ALREADY_ON_ERR,
- FIPS_ALREADY_OFF_ERR,
- FILE_ALREADY_EXISTS_ERR,
- FILE_DOESNT_EXIST_ERR,
- FILE_NOT_READABLE_ERR,
- FILE_NOT_WRITEABLE_ERR,
- DIR_DOESNT_EXIST_ERR,
- DIR_NOT_READABLE_ERR,
- DIR_NOT_WRITEABLE_ERR,
- INVALID_CONSTANT_ERR,
- ADD_MODULE_FAILED_ERR,
- OUT_OF_MEM_ERR,
- DELETE_INTERNAL_ERR,
- DELETE_FAILED_ERR,
- NO_LIST_LOCK_ERR,
- NO_MODULE_LIST_ERR,
- NO_SUCH_MODULE_ERR,
- MOD_INFO_ERR,
- SLOT_INFO_ERR,
- TOKEN_INFO_ERR,
- NO_SUCH_TOKEN_ERR,
- CHANGEPW_FAILED_ERR,
- BAD_PW_ERR,
- DB_ACCESS_ERR,
- AUTHENTICATION_FAILED_ERR,
- NO_SUCH_SLOT_ERR,
- ENABLE_FAILED_ERR,
- UPDATE_MOD_FAILED_ERR,
- DEFAULT_FAILED_ERR,
- UNDEFAULT_FAILED_ERR,
- STDIN_READ_ERR,
- UNSPECIFIED_ERR,
- NOCERTDB_MISUSE_ERR,
- NSS_INITIALIZE_FAILED_ERR,
-
- LAST_ERR /* must be last */
-} Error;
-#define SUCCESS NO_ERR
-
-/* !!! Should move this into its own .c and un-static it. */
-static char *errStrings[] = {
- "Operation completed successfully.\n",
- "ERROR: Invalid command line.\n",
- "ERROR: Not expecting argument \"%s\".\n",
- "ERROR: Unknown option: %s.\n",
- "ERROR: %s: multiple commands are not allowed on the command line.\n",
- "ERROR: %s: option needs an argument.\n",
- "ERROR: %s: option cannot be given more than once.\n",
- "ERROR: Command \"%s\" requires parameter \"%s\".\n",
- "ERROR: Argument to -fips must be \"true\" or \"false\".\n",
- "ERROR: No command was specified.\n",
- "ERROR: Cannot determine database directory: use the -dbdir option.\n",
- "ERROR: Unable to switch FIPS modes.\n",
- "FIPS mode already enabled.\n",
- "FIPS mode already disabled.\n",
- "ERROR: File \"%s\" already exists.\n",
- "ERROR: File \"%s\" does not exist.\n",
- "ERROR: File \"%s\" is not readable.\n",
- "ERROR: File \"%s\" is not writeable.\n",
- "ERROR: Directory \"%s\" does not exist.\n",
- "ERROR: Directory \"%s\" is not readable.\n",
- "ERROR: Directory \"%s\" is not writeable.\n",
- "\"%s\" is not a recognized value.\n",
- "ERROR: Failed to add module \"%s\".\n",
- "ERROR: Out of memory.\n",
- "ERROR: Cannot delete internal module.\n",
- "ERROR: Failed to delete module \"%s\".\n",
- "ERROR: Unable to obtain lock on module list.\n",
- "ERROR: Unable to obtain module list.\n",
- "ERROR: Module \"%s\" not found in database.\n",
- "ERROR: Unable to get information about module \"%s\".\n",
- "ERROR: Unable to get information about slot \"%s\".\n",
- "ERROR: Unable to get information about token \"%s\".\n",
- "ERROR: Token \"%s\" not found.\n",
- "ERROR: Unable to change password on token \"%s\".\n",
- "ERROR: Incorrect password.\n",
- "ERROR: Unable to access database \"%s\".\n",
- "ERROR: Unable to authenticate to token \"%s\".\n",
- "ERROR: Slot \"%s\" not found.\n",
- "ERROR: Failed to %s slot \"%s\".\n",
- "ERROR: Failed to update module \"%s\".\n",
- "ERROR: Failed to change defaults.\n",
- "ERROR: Failed to change default.\n",
- "ERROR: Unable to read from standard input.\n",
- "ERROR: Unknown error occurred.\n",
- "ERROR: -nocertdb option can only be used with the -jar command.\n"
- "ERROR: NSS_Initialize() failed.\n"
-};
-
-typedef enum {
- FIPS_ENABLED_MSG=0,
- FIPS_DISABLED_MSG,
- USING_DBDIR_MSG,
- CREATING_DB_MSG,
- ADD_MODULE_SUCCESS_MSG,
- DELETE_SUCCESS_MSG,
- CHANGEPW_SUCCESS_MSG,
- BAD_PW_MSG,
- PW_MATCH_MSG,
- DONE_MSG,
- ENABLE_SUCCESS_MSG,
- DEFAULT_SUCCESS_MSG,
- UNDEFAULT_SUCCESS_MSG,
- BROWSER_RUNNING_MSG,
- ABORTING_MSG,
-
- LAST_MSG /* must be last */
-} Message;
-
-static char *msgStrings[] = {
- "FIPS mode enabled.\n",
- "FIPS mode disabled.\n",
- "Using database directory %s...\n",
- "Creating \"%s\"...",
- "Module \"%s\" added to database.\n",
- "Module \"%s\" deleted from database.\n",
- "Token \"%s\" password changed successfully.\n",
- "Incorrect password, try again...\n",
- "Passwords do not match, try again...\n",
- "done.\n",
- "Slot \"%s\" %s.\n",
- "Successfully changed defaults.\n",
- "Successfully changed defaults.\n",
-"\nWARNING: Performing this operation while the browser is running could cause"
-"\ncorruption of your security databases. If the browser is currently running,"
-"\nyou should exit browser before continuing this operation. Type "
-"\n'q <enter>' to abort, or <enter> to continue: ",
- "\nAborting...\n"
-};
-
-#endif /* MODUTIL_ERROR_H */
diff --git a/security/nss/cmd/modutil/install-ds.c b/security/nss/cmd/modutil/install-ds.c
deleted file mode 100644
index e6b90ded3..000000000
--- a/security/nss/cmd/modutil/install-ds.c
+++ /dev/null
@@ -1,1541 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "install-ds.h"
-#include <prmem.h>
-#include <plstr.h>
-#include <prprf.h>
-#include <string.h>
-
-#define PORT_Strcasecmp PL_strcasecmp
-
-#define MODULE_FILE_STRING "ModuleFile"
-#define MODULE_NAME_STRING "ModuleName"
-#define MECH_FLAGS_STRING "DefaultMechanismFlags"
-#define CIPHER_FLAGS_STRING "DefaultCipherFlags"
-#define FILES_STRING "Files"
-#define FORWARD_COMPATIBLE_STRING "ForwardCompatible"
-#define PLATFORMS_STRING "Platforms"
-#define RELATIVE_DIR_STRING "RelativePath"
-#define ABSOLUTE_DIR_STRING "AbsolutePath"
-#define FILE_PERMISSIONS_STRING "FilePermissions"
-#define EQUIVALENT_PLATFORM_STRING "EquivalentPlatform"
-#define EXECUTABLE_STRING "Executable"
-
-#define DEFAULT_PERMISSIONS 0777
-
-#define PLATFORM_SEPARATOR_CHAR ':'
-
-/* Error codes */
-enum {
- BOGUS_RELATIVE_DIR=0,
- BOGUS_ABSOLUTE_DIR,
- BOGUS_FILE_PERMISSIONS,
- NO_RELATIVE_DIR,
- NO_ABSOLUTE_DIR,
- EMPTY_PLATFORM_STRING,
- BOGUS_PLATFORM_STRING,
- REPEAT_MODULE_FILE,
- REPEAT_MODULE_NAME,
- BOGUS_MODULE_FILE,
- BOGUS_MODULE_NAME,
- REPEAT_MECH,
- BOGUS_MECH_FLAGS,
- REPEAT_CIPHER,
- BOGUS_CIPHER_FLAGS,
- REPEAT_FILES,
- REPEAT_EQUIV,
- BOGUS_EQUIV,
- EQUIV_TOO_MUCH_INFO,
- NO_FILES,
- NO_MODULE_FILE,
- NO_MODULE_NAME,
- NO_PLATFORMS,
- EQUIV_LOOP,
- UNKNOWN_MODULE_FILE
-};
-
-/* Indexed by the above error codes */
-static const char *errString[] = {
- "%s: Invalid relative directory",
- "%s: Invalid absolute directory",
- "%s: Invalid file permissions",
- "%s: No relative directory specified",
- "%s: No absolute directory specified",
- "Empty string given for platform name",
- "%s: invalid platform string",
- "More than one ModuleFile entry given for platform %s",
- "More than one ModuleName entry given for platform %s",
- "Invalid ModuleFile specification for platform %s",
- "Invalid ModuleName specification for platform %s",
- "More than one DefaultMechanismFlags entry given for platform %s",
- "Invalid DefaultMechanismFlags specification for platform %s",
- "More than one DefaultCipherFlags entry given for platform %s",
- "Invalid DefaultCipherFlags entry given for platform %s",
- "More than one Files entry given for platform %s",
- "More than one EquivalentPlatform entry given for platform %s",
- "Invalid EquivalentPlatform specification for platform %s",
- "Module %s uses an EquivalentPlatform but also specifies its own"
- " information",
- "No Files specification in module %s",
- "No ModuleFile specification in module %s",
- "No ModuleName specification in module %s",
- "No Platforms specification in installer script",
- "Platform %s has an equivalency loop",
- "Module file \"%s\" in platform \"%s\" does not exist"
-};
-
-static char* PR_Strdup(const char* str);
-
-#define PAD(x) {int i; for(i=0;i<x;i++) printf(" ");}
-#define PADINC 4
-
-Pk11Install_File*
-Pk11Install_File_new()
-{
- Pk11Install_File* new_this;
- new_this = (Pk11Install_File*)PR_Malloc(sizeof(Pk11Install_File));
- Pk11Install_File_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_File_init(Pk11Install_File* _this)
-{
- _this->jarPath=NULL;
- _this->relativePath=NULL;
- _this->absolutePath=NULL;
- _this->executable=PR_FALSE;
- _this->permissions=0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_File
-// Class: Pk11Install_File
-// Notes: Destructor.
-*/
-void
-Pk11Install_File_delete(Pk11Install_File* _this)
-{
- Pk11Install_File_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_File
-*/
-void
-Pk11Install_File_Cleanup(Pk11Install_File* _this)
-{
- if(_this->jarPath) {
- PR_Free(_this->jarPath);
- _this->jarPath = NULL;
- }
- if(_this->relativePath) {
- PR_Free(_this->relativePath);
- _this->relativePath = NULL;
- }
- if(_this->absolutePath) {
- PR_Free(_this->absolutePath);
- _this->absolutePath = NULL;
- }
-
- _this->permissions = 0;
- _this->executable = PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_File
-// Notes: Creates a file data structure from a syntax tree.
-// Returns: NULL for success, otherwise an error message.
-*/
-char*
-Pk11Install_File_Generate(Pk11Install_File* _this,
- const Pk11Install_Pair *pair)
-{
- Pk11Install_ListIter *iter;
- Pk11Install_Value *val;
- Pk11Install_Pair *subpair;
- Pk11Install_ListIter *subiter;
- Pk11Install_Value *subval;
- char* errStr;
- char *endp;
- PRBool gotPerms;
-
- iter=NULL;
- subiter=NULL;
- errStr=NULL;
- gotPerms=PR_FALSE;
-
- /* Clear out old values */
- Pk11Install_File_Cleanup(_this);
-
- _this->jarPath = PR_Strdup(pair->key);
-
- /* Go through all the pairs under this file heading */
- iter = Pk11Install_ListIter_new(pair->list);
- for( ; (val = iter->current); Pk11Install_ListIter_nextItem(iter)) {
- if(val->type == PAIR_VALUE) {
- subpair = val->pair;
-
- /* Relative directory */
- if(!PORT_Strcasecmp(subpair->key, RELATIVE_DIR_STRING)) {
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)){
- errStr = PR_smprintf(errString[BOGUS_RELATIVE_DIR],
- _this->jarPath);
- goto loser;
- }
- _this->relativePath = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- subiter = NULL;
-
- /* Absolute directory */
- } else if( !PORT_Strcasecmp(subpair->key, ABSOLUTE_DIR_STRING)) {
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)){
- errStr = PR_smprintf(errString[BOGUS_ABSOLUTE_DIR],
- _this->jarPath);
- goto loser;
- }
- _this->absolutePath = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- subiter = NULL;
-
- /* file permissions */
- } else if( !PORT_Strcasecmp(subpair->key,
- FILE_PERMISSIONS_STRING)) {
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)){
- errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],
- _this->jarPath);
- goto loser;
- }
- _this->permissions = (int) strtol(subval->string, &endp, 8);
- if(*endp != '\0' || subval->string == "\0") {
- errStr = PR_smprintf(errString[BOGUS_FILE_PERMISSIONS],
- _this->jarPath);
- goto loser;
- }
- gotPerms = PR_TRUE;
- Pk11Install_ListIter_delete(subiter);
- subiter = NULL;
- }
- } else {
- if(!PORT_Strcasecmp(val->string, EXECUTABLE_STRING)) {
- _this->executable = PR_TRUE;
- }
- }
- }
-
- /* Default permission value */
- if(!gotPerms) {
- _this->permissions = DEFAULT_PERMISSIONS;
- }
-
- /* Make sure we got all the information */
- if(!_this->relativePath && !_this->absolutePath) {
- errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath);
- goto loser;
- }
-#if 0
- if(!_this->relativePath ) {
- errStr = PR_smprintf(errString[NO_RELATIVE_DIR], _this->jarPath);
- goto loser;
- }
- if(!_this->absolutePath) {
- errStr = PR_smprintf(errString[NO_ABSOLUTE_DIR], _this->jarPath);
- goto loser;
- }
-#endif
-
-loser:
- if(iter) {
- Pk11Install_ListIter_delete(iter);
- PR_Free(iter);
- }
- if(subiter) {
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- }
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_File
-*/
-void
-Pk11Install_File_Print(Pk11Install_File* _this, int pad)
-{
- PAD(pad); printf("jarPath: %s\n",
- _this->jarPath ? _this->jarPath : "<NULL>");
- PAD(pad); printf("relativePath: %s\n",
- _this->relativePath ? _this->relativePath: "<NULL>");
- PAD(pad); printf("absolutePath: %s\n",
- _this->absolutePath ? _this->absolutePath: "<NULL>");
- PAD(pad); printf("permissions: %o\n", _this->permissions);
-}
-
-Pk11Install_PlatformName*
-Pk11Install_PlatformName_new()
-{
- Pk11Install_PlatformName* new_this;
- new_this = (Pk11Install_PlatformName*)
- PR_Malloc(sizeof(Pk11Install_PlatformName));
- Pk11Install_PlatformName_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this)
-{
- _this->OS = NULL;
- _this->verString = NULL;
- _this->numDigits = 0;
- _this->arch = NULL;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_PlatformName
-// Class: Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this)
-{
- Pk11Install_PlatformName_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this)
-{
- if(_this->OS) {
- PR_Free(_this->OS);
- _this->OS = NULL;
- }
- if(_this->verString) {
- int i;
- for (i=0; i<_this->numDigits; i++) {
- PR_Free(_this->verString[i]);
- }
- PR_Free(_this->verString);
- _this->verString = NULL;
- }
- if(_this->arch) {
- PR_Free(_this->arch);
- _this->arch = NULL;
- }
- _this->numDigits = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_PlatformName
-// Notes: Extracts the information from a platform string.
-*/
-char*
-Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this,
- const char *str)
-{
- char *errStr;
- char *copy;
- char *end, *start; /* start and end of a section (OS, version, arch)*/
- char *pend, *pstart; /* start and end of one portion of version*/
- char *endp; /* used by strtol*/
- int periods, i;
-
- errStr=NULL;
- copy=NULL;
-
- if(!str) {
- errStr = PR_smprintf(errString[EMPTY_PLATFORM_STRING]);
- goto loser;
- }
- copy = PR_Strdup(str);
-
- /*
- // Get the OS
- */
- end = strchr(copy, PLATFORM_SEPARATOR_CHAR);
- if(!end || end==copy) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- *end = '\0';
-
- _this->OS = PR_Strdup(copy);
-
- /*
- // Get the digits of the version of form: x.x.x (arbitrary number of digits)
- */
-
- start = end+1;
- end = strchr(start, PLATFORM_SEPARATOR_CHAR);
- if(!end) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- *end = '\0';
-
- if(end!=start) {
- /* Find out how many periods*/
- periods = 0;
- pstart = start;
- while( (pend=strchr(pstart, '.')) ) {
- periods++;
- pstart = pend+1;
- }
- _this->numDigits= 1+ periods;
- _this->verString = (char**)PR_Malloc(sizeof(char*)*_this->numDigits);
-
- pstart = start;
- i = 0;
- /* Get the digits before each period*/
- while( (pend=strchr(pstart, '.')) ) {
- if(pend == pstart) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- *pend = '\0';
- _this->verString[i] = PR_Strdup(pstart);
- endp = pend;
- if(endp==pstart || (*endp != '\0')) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- pstart = pend+1;
- i++;
- }
- /* Last digit comes after the last period*/
- if(*pstart == '\0') {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- _this->verString[i] = PR_Strdup(pstart);
- /*
- if(endp==pstart || (*endp != '\0')) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- */
- } else {
- _this->verString = NULL;
- _this->numDigits = 0;
- }
-
- /*
- // Get the architecture
- */
- start = end+1;
- if( strchr(start, PLATFORM_SEPARATOR_CHAR) ) {
- errStr = PR_smprintf(errString[BOGUS_PLATFORM_STRING], str);
- goto loser;
- }
- _this->arch = PR_Strdup(start);
-
- if(copy) {
- PR_Free(copy);
- }
- return NULL;
-loser:
- if(_this->OS) {
- PR_Free(_this->OS);
- _this->OS = NULL;
- }
- if(_this->verString) {
- for (i=0; i<_this->numDigits; i++) {
- PR_Free(_this->verString[i]);
- }
- PR_Free(_this->verString);
- _this->verString = NULL;
- }
- _this->numDigits = 0;
- if(_this->arch) {
- PR_Free(_this->arch);
- _this->arch = NULL;
- }
-
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: operator ==
-// Class: Pk11Install_PlatformName
-// Returns: PR_TRUE if the platform have the same OS, arch, and version
-*/
-PRBool
-Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp)
-{
- int i;
-
- if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) {
- return PR_FALSE;
- }
-
- if( PORT_Strcasecmp(_this->OS, cmp->OS) ||
- PORT_Strcasecmp(_this->arch, cmp->arch) ||
- _this->numDigits != cmp->numDigits ) {
- return PR_FALSE;
- }
-
- for(i=0; i < _this->numDigits; i++) {
- if(PORT_Strcasecmp(_this->verString[i], cmp->verString[i])) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: operator <=
-// Class: Pk11Install_PlatformName
-// Returns: PR_TRUE if the platform have the same OS and arch and a lower
-// or equal release.
-*/
-PRBool
-Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp)
-{
- return (Pk11Install_PlatformName_equal(_this,cmp) ||
- Pk11Install_PlatformName_lt(_this,cmp)) ? PR_TRUE : PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: operator <
-// Class: Pk11Install_PlatformName
-// Returns: PR_TRUE if the platform have the same OS and arch and a greater
-// release.
-*/
-PRBool
-Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp)
-{
- int i, scmp;
-
- if(!_this->OS || !_this->arch || !cmp->OS || !cmp->arch) {
- return PR_FALSE;
- }
-
- if( PORT_Strcasecmp(_this->OS, cmp->OS) ) {
- return PR_FALSE;
- }
- if( PORT_Strcasecmp(_this->arch, cmp->arch) ) {
- return PR_FALSE;
- }
-
- for(i=0; (i < _this->numDigits) && (i < cmp->numDigits); i++) {
- scmp = PORT_Strcasecmp(_this->verString[i], cmp->verString[i]);
- if (scmp > 0) {
- return PR_FALSE;
- } else if (scmp < 0) {
- return PR_TRUE;
- }
- }
- /* All the digits they have in common are the same. */
- if(_this->numDigits < cmp->numDigits) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: GetString
-// Class: Pk11Install_PlatformName
-// Returns: String composed of OS, release, and architecture separated
-// by the separator char. Memory is allocated by this function
-// but is the responsibility of the caller to de-allocate.
-*/
-char*
-Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this)
-{
- char *ret;
- char *ver;
- char *OS_;
- char *arch_;
-
- OS_=NULL;
- arch_=NULL;
-
- OS_ = _this->OS ? _this->OS : "";
- arch_ = _this->arch ? _this->arch : "";
-
- ver = Pk11Install_PlatformName_GetVerString(_this);
- ret = PR_smprintf("%s%c%s%c%s", OS_, PLATFORM_SEPARATOR_CHAR, ver,
- PLATFORM_SEPARATOR_CHAR, arch_);
-
- PR_Free(ver);
-
- return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: GetVerString
-// Class: Pk11Install_PlatformName
-// Returns: The version string for this platform, in the form x.x.x with an
-// arbitrary number of digits. Memory allocated by function,
-// must be de-allocated by caller.
-*/
-char*
-Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this)
-{
- char *tmp;
- char *ret;
- int i;
- char buf[80];
-
- tmp = (char*)PR_Malloc(80*_this->numDigits+1);
- tmp[0] = '\0';
-
- for(i=0; i < _this->numDigits-1; i++) {
- sprintf(buf, "%s.", _this->verString[i]);
- strcat(tmp, buf);
- }
- if(i < _this->numDigits) {
- sprintf(buf, "%s", _this->verString[i]);
- strcat(tmp, buf);
- }
-
- ret = PR_Strdup(tmp);
- free(tmp);
-
- return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_PlatformName
-*/
-void
-Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad)
-{
- PAD(pad); printf("OS: %s\n", _this->OS ? _this->OS : "<NULL>");
- PAD(pad); printf("Digits: ");
- if(_this->numDigits == 0) {
- printf("None\n");
- } else {
- printf("%s\n", Pk11Install_PlatformName_GetVerString(_this));
- }
- PAD(pad); printf("arch: %s\n", _this->arch ? _this->arch : "<NULL>");
-}
-
-Pk11Install_Platform*
-Pk11Install_Platform_new()
-{
- Pk11Install_Platform* new_this;
- new_this = (Pk11Install_Platform*)PR_Malloc(sizeof(Pk11Install_Platform));
- Pk11Install_Platform_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_Platform_init(Pk11Install_Platform* _this)
-{
- Pk11Install_PlatformName_init(&_this->name);
- Pk11Install_PlatformName_init(&_this->equivName);
- _this->equiv = NULL;
- _this->usesEquiv = PR_FALSE;
- _this->moduleFile = NULL;
- _this->moduleName = NULL;
- _this->modFile = -1;
- _this->mechFlags = 0;
- _this->cipherFlags = 0;
- _this->files = NULL;
- _this->numFiles = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_Platform
-// Class: Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_delete(Pk11Install_Platform* _this)
-{
- Pk11Install_Platform_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this)
-{
- int i;
- if(_this->moduleFile) {
- PR_Free(_this->moduleFile);
- _this->moduleFile = NULL;
- }
- if(_this->moduleName) {
- PR_Free(_this->moduleName);
- _this->moduleName = NULL;
- }
- if(_this->files) {
- for (i=0;i<_this->numFiles;i++) {
- Pk11Install_File_delete(&_this->files[i]);
- }
- PR_Free(_this->files);
- _this->files = NULL;
- }
- _this->equiv = NULL;
- _this->usesEquiv = PR_FALSE;
- _this->modFile = -1;
- _this->numFiles = 0;
- _this->mechFlags = _this->cipherFlags = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_Platform
-// Notes: Creates a platform data structure from a syntax tree.
-// Returns: NULL for success, otherwise an error message.
-*/
-char*
-Pk11Install_Platform_Generate(Pk11Install_Platform* _this,
- const Pk11Install_Pair *pair)
-{
- char* errStr;
- char* endptr;
- char* tmp;
- int i;
- Pk11Install_ListIter *iter;
- Pk11Install_Value *val;
- Pk11Install_Value *subval;
- Pk11Install_Pair *subpair;
- Pk11Install_ListIter *subiter;
- PRBool gotModuleFile, gotModuleName, gotMech,
- gotCipher, gotFiles, gotEquiv;
-
- errStr=NULL;
- iter=subiter=NULL;
- val=subval=NULL;
- subpair=NULL;
- gotModuleFile=gotModuleName=gotMech=gotCipher=gotFiles=gotEquiv=PR_FALSE;
- Pk11Install_Platform_Cleanup(_this);
-
- errStr = Pk11Install_PlatformName_Generate(&_this->name,pair->key);
- if(errStr) {
- tmp = PR_smprintf("%s: %s", pair->key, errStr);
- PR_smprintf_free(errStr);
- errStr = tmp;
- goto loser;
- }
-
- iter = Pk11Install_ListIter_new(pair->list);
- for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) {
- if(val->type==PAIR_VALUE) {
- subpair = val->pair;
-
- if( !PORT_Strcasecmp(subpair->key, MODULE_FILE_STRING)) {
- if(gotModuleFile) {
- errStr = PR_smprintf(errString[REPEAT_MODULE_FILE],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_MODULE_FILE],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->moduleFile = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- gotModuleFile = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key, MODULE_NAME_STRING)){
- if(gotModuleName) {
- errStr = PR_smprintf(errString[REPEAT_MODULE_NAME],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_MODULE_NAME],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->moduleName = PR_Strdup(subval->string);
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- gotModuleName = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key, MECH_FLAGS_STRING)) {
- endptr=NULL;
-
- if(gotMech) {
- errStr = PR_smprintf(errString[REPEAT_MECH],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->mechFlags = strtol(subval->string, &endptr, 0);
- if(*endptr!='\0' || (endptr==subval->string) ) {
- errStr = PR_smprintf(errString[BOGUS_MECH_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter=NULL;
- gotMech = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key,CIPHER_FLAGS_STRING)) {
- endptr=NULL;
-
- if(gotCipher) {
- errStr = PR_smprintf(errString[REPEAT_CIPHER],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE)) {
- errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- _this->cipherFlags = strtol(subval->string, &endptr, 0);
- if(*endptr!='\0' || (endptr==subval->string) ) {
- errStr = PR_smprintf(errString[BOGUS_CIPHER_FLAGS],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter=NULL;
- gotCipher = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key, FILES_STRING)) {
- if(gotFiles) {
- errStr = PR_smprintf(errString[REPEAT_FILES],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- _this->numFiles = subpair->list->numPairs;
- _this->files = (Pk11Install_File*)
- PR_Malloc(sizeof(Pk11Install_File)*_this->numFiles);
- for(i=0; i < _this->numFiles; i++,
- Pk11Install_ListIter_nextItem(subiter)) {
- Pk11Install_File_init(&_this->files[i]);
- val = subiter->current;
- if(val && (val->type==PAIR_VALUE)) {
- errStr = Pk11Install_File_Generate(&_this->files[i],val->pair);
- if(errStr) {
- tmp = PR_smprintf("%s: %s",
- Pk11Install_PlatformName_GetString(&_this->name),errStr);
- PR_smprintf_free(errStr);
- errStr = tmp;
- goto loser;
- }
- }
- }
- gotFiles = PR_TRUE;
- } else if(!PORT_Strcasecmp(subpair->key,
- EQUIVALENT_PLATFORM_STRING)) {
- if(gotEquiv) {
- errStr = PR_smprintf(errString[REPEAT_EQUIV],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- subiter = Pk11Install_ListIter_new(subpair->list);
- subval = subiter->current;
- if(!subval || (subval->type != STRING_VALUE) ) {
- errStr = PR_smprintf(errString[BOGUS_EQUIV],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- errStr = Pk11Install_PlatformName_Generate(&_this->equivName,
- subval->string);
- if(errStr) {
- tmp = PR_smprintf("%s: %s",
- Pk11Install_PlatformName_GetString(&_this->name), errStr);
- tmp = PR_smprintf("%s: %s",
- Pk11Install_PlatformName_GetString(&_this->name), errStr);
- PR_smprintf_free(errStr);
- errStr = tmp;
- goto loser;
- }
- _this->usesEquiv = PR_TRUE;
- }
- }
- }
-
- /* Make sure we either have an EquivalentPlatform or all the other info */
- if(_this->usesEquiv &&
- (gotFiles || gotModuleFile || gotModuleName || gotMech || gotCipher)) {
- errStr = PR_smprintf(errString[EQUIV_TOO_MUCH_INFO],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- if(!gotFiles && !_this->usesEquiv) {
- errStr = PR_smprintf(errString[NO_FILES],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- if(!gotModuleFile && !_this->usesEquiv) {
- errStr= PR_smprintf(errString[NO_MODULE_FILE],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- if(!gotModuleName && !_this->usesEquiv) {
- errStr = PR_smprintf(errString[NO_MODULE_NAME],
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
-
- /* Point the modFile pointer to the correct file */
- if(gotModuleFile) {
- for(i=0; i < _this->numFiles; i++) {
- if(!PORT_Strcasecmp(_this->moduleFile, _this->files[i].jarPath) ) {
- _this->modFile = i;
- break;
- }
- }
- if(_this->modFile==-1) {
- errStr = PR_smprintf(errString[UNKNOWN_MODULE_FILE],
- _this->moduleFile,
- Pk11Install_PlatformName_GetString(&_this->name));
- goto loser;
- }
- }
-
-loser:
- if(iter) {
- PR_Free(iter);
- }
- if(subiter) {
- PR_Free(subiter);
- }
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_Platform
-*/
-void
-Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad)
-{
- int i;
-
- PAD(pad); printf("Name:\n");
- Pk11Install_PlatformName_Print(&_this->name,pad+PADINC);
- PAD(pad); printf("equivName:\n");
- Pk11Install_PlatformName_Print(&_this->equivName,pad+PADINC);
- PAD(pad);
- if(_this->usesEquiv) {
- printf("Uses equiv, which points to:\n");
- Pk11Install_Platform_Print(_this->equiv,pad+PADINC);
- } else {
- printf("Doesn't use equiv\n");
- }
- PAD(pad);
- printf("Module File: %s\n", _this->moduleFile ? _this->moduleFile
- : "<NULL>");
- PAD(pad); printf("mechFlags: %lx\n", _this->mechFlags);
- PAD(pad); printf("cipherFlags: %lx\n", _this->cipherFlags);
- PAD(pad); printf("Files:\n");
- for(i=0; i < _this->numFiles; i++) {
- Pk11Install_File_Print(&_this->files[i],pad+PADINC);
- PAD(pad); printf("--------------------\n");
- }
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Pk11Install_Info
-// Class: Pk11Install_Info
-*/
-Pk11Install_Info*
-Pk11Install_Info_new()
-{
- Pk11Install_Info* new_this;
- new_this = (Pk11Install_Info*)PR_Malloc(sizeof(Pk11Install_Info));
- Pk11Install_Info_init(new_this);
- return new_this;
-}
-
-void
-Pk11Install_Info_init(Pk11Install_Info* _this)
-{
- _this->platforms = NULL;
- _this->numPlatforms = 0;
- _this->forwardCompatible = NULL;
- _this->numForwardCompatible = 0;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: ~Pk11Install_Info
-// Class: Pk11Install_Info
-*/
-void
-Pk11Install_Info_delete(Pk11Install_Info* _this)
-{
- Pk11Install_Info_Cleanup(_this);
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Cleanup
-// Class: Pk11Install_Info
-*/
-void
-Pk11Install_Info_Cleanup(Pk11Install_Info* _this)
-{
- int i;
- if(_this->platforms) {
- for (i=0;i<_this->numPlatforms;i++) {
- Pk11Install_Platform_delete(&_this->platforms[i]);
- }
- PR_Free(&_this->platforms);
- _this->platforms = NULL;
- _this->numPlatforms = 0;
- }
-
- if(_this->forwardCompatible) {
- for (i=0;i<_this->numForwardCompatible;i++) {
- Pk11Install_PlatformName_delete(&_this->forwardCompatible[i]);
- }
- PR_Free(&_this->forwardCompatible);
- _this->numForwardCompatible = 0;
- }
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Generate
-// Class: Pk11Install_Info
-// Takes: Pk11Install_ValueList *list, the top-level list
-// resulting from parsing an installer file.
-// Returns: char*, NULL if successful, otherwise an error string.
-// Caller is responsible for freeing memory.
-*/
-char*
-Pk11Install_Info_Generate(Pk11Install_Info* _this,
- const Pk11Install_ValueList *list)
-{
- char *errStr;
- Pk11Install_ListIter *iter;
- Pk11Install_Value *val;
- Pk11Install_Pair *pair;
- Pk11Install_ListIter *subiter;
- Pk11Install_Value *subval;
- Pk11Install_Platform *first, *second;
- int i, j;
-
- errStr=NULL;
- iter=subiter=NULL;
- Pk11Install_Info_Cleanup(_this);
-
- iter = Pk11Install_ListIter_new(list);
- for( ; (val=iter->current); Pk11Install_ListIter_nextItem(iter)) {
- if(val->type == PAIR_VALUE) {
- pair = val->pair;
-
- if(!PORT_Strcasecmp(pair->key, FORWARD_COMPATIBLE_STRING)) {
- subiter = Pk11Install_ListIter_new(pair->list);
- _this->numForwardCompatible = pair->list->numStrings;
- _this->forwardCompatible = (Pk11Install_PlatformName*)
- PR_Malloc(sizeof(Pk11Install_PlatformName)*
- _this->numForwardCompatible);
- for(i=0; i < _this->numForwardCompatible; i++,
- Pk11Install_ListIter_nextItem(subiter)) {
- subval = subiter->current;
- if(subval->type == STRING_VALUE) {
- errStr = Pk11Install_PlatformName_Generate(
- &_this->forwardCompatible[i], subval->string);
- if(errStr) {
- goto loser;
- }
- }
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- } else if(!PORT_Strcasecmp(pair->key, PLATFORMS_STRING)) {
- subiter = Pk11Install_ListIter_new(pair->list);
- _this->numPlatforms = pair->list->numPairs;
- _this->platforms = (Pk11Install_Platform*)
- PR_Malloc(sizeof(Pk11Install_Platform)*
- _this->numPlatforms);
- for(i=0; i < _this->numPlatforms; i++,
- Pk11Install_ListIter_nextItem(subiter)) {
- Pk11Install_Platform_init(&_this->platforms[i]);
- subval = subiter->current;
- if(subval->type == PAIR_VALUE) {
- errStr = Pk11Install_Platform_Generate(&_this->platforms[i],subval->pair);
- if(errStr) {
- goto loser;
- }
- }
- }
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- }
- }
- }
-
- if(_this->numPlatforms == 0) {
- errStr = PR_smprintf(errString[NO_PLATFORMS]);
- goto loser;
- }
-
-/*
- //
- // Now process equivalent platforms
- //
-
- // First the naive pass
-*/
- for(i=0; i < _this->numPlatforms; i++) {
- if(_this->platforms[i].usesEquiv) {
- _this->platforms[i].equiv = NULL;
- for(j=0; j < _this->numPlatforms; j++) {
- if (Pk11Install_PlatformName_equal(&_this->platforms[i].equivName,
- &_this->platforms[j].name)) {
- if(i==j) {
- errStr = PR_smprintf(errString[EQUIV_LOOP],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- _this->platforms[i].equiv = &_this->platforms[j];
- break;
- }
- }
- if(_this->platforms[i].equiv == NULL) {
- errStr = PR_smprintf(errString[BOGUS_EQUIV],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- }
- }
-
-/*
- // Now the intelligent pass, which will also detect loops.
- // We will send two pointers through the linked list of equivalent
- // platforms. Both start with the current node. "first" traverses
- // two nodes for each iteration. "second" lags behind, only traversing
- // one node per iteration. Eventually one of two things will happen:
- // first will hit the end of the list (a platform that doesn't use
- // an equivalency), or first will equal second if there is a loop.
-*/
- for(i=0; i < _this->numPlatforms; i++) {
- if(_this->platforms[i].usesEquiv) {
- second = _this->platforms[i].equiv;
- if(!second->usesEquiv) {
- /* The first link is the terminal node */
- continue;
- }
- first = second->equiv;
- while(first->usesEquiv) {
- if(first == second) {
- errStr = PR_smprintf(errString[EQUIV_LOOP],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- first = first->equiv;
- if(!first->usesEquiv) {
- break;
- }
- if(first == second) {
- errStr = PR_smprintf(errString[EQUIV_LOOP],
- Pk11Install_PlatformName_GetString(&_this->platforms[i].name));
- goto loser;
- }
- second = second->equiv;
- first = first->equiv;
- }
- _this->platforms[i].equiv = first;
- }
- }
-
-loser:
- if(iter) {
- Pk11Install_ListIter_delete(iter);
- PR_Free(iter);
- iter = NULL;
- }
- if(subiter) {
- Pk11Install_ListIter_delete(subiter);
- PR_Free(subiter);
- subiter = NULL;
- }
- return errStr;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: GetBestPlatform
-// Class: Pk11Install_Info
-// Takes: char *myPlatform, the platform we are currently running
-// on.
-*/
-Pk11Install_Platform*
-Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char *myPlatform)
-{
- Pk11Install_PlatformName plat;
- char *errStr;
- int i, j;
-
- errStr=NULL;
-
- Pk11Install_PlatformName_init(&plat);
- if( (errStr=Pk11Install_PlatformName_Generate(&plat, myPlatform)) ) {
- PR_smprintf_free(errStr);
- return NULL;
- }
-
- /* First try real platforms */
- for(i=0; i < _this->numPlatforms; i++) {
- if(Pk11Install_PlatformName_equal(&_this->platforms[i].name,&plat)) {
- if(_this->platforms[i].equiv) {
- return _this->platforms[i].equiv;
- }
- else {
- return &_this->platforms[i];
- }
- }
- }
-
- /* Now try forward compatible platforms */
- for(i=0; i < _this->numForwardCompatible; i++) {
- if(Pk11Install_PlatformName_lteq(&_this->forwardCompatible[i],&plat)) {
- break;
- }
- }
- if(i == _this->numForwardCompatible) {
- return NULL;
- }
-
- /* Got a forward compatible name, find the actual platform. */
- for(j=0; j < _this->numPlatforms; j++) {
- if(Pk11Install_PlatformName_equal(&_this->platforms[j].name,
- &_this->forwardCompatible[i])) {
- if(_this->platforms[j].equiv) {
- return _this->platforms[j].equiv;
- } else {
- return &_this->platforms[j];
- }
- }
- }
-
- return NULL;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Method: Print
-// Class: Pk11Install_Info
-*/
-void
-Pk11Install_Info_Print(Pk11Install_Info* _this, int pad)
-{
- int i;
-
- PAD(pad); printf("Forward Compatible:\n");
- for(i = 0; i < _this->numForwardCompatible; i++) {
- Pk11Install_PlatformName_Print(&_this->forwardCompatible[i],pad+PADINC);
- PAD(pad); printf("-------------------\n");
- }
- PAD(pad); printf("Platforms:\n");
- for( i = 0; i < _this->numPlatforms; i++) {
- Pk11Install_Platform_Print(&_this->platforms[i],pad+PADINC);
- PAD(pad); printf("-------------------\n");
- }
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-*/
-static char*
-PR_Strdup(const char* str)
-{
- char *tmp;
- tmp = (char*) PR_Malloc((unsigned int)(strlen(str)+1));
- strcpy(tmp, str);
- return tmp;
-}
-
-/* The global value list, the top of the tree */
-Pk11Install_ValueList* Pk11Install_valueList=NULL;
-
-/****************************************************************************/
-void
-Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this,
- Pk11Install_Value *item)
-{
- _this->numItems++;
- if (item->type == STRING_VALUE) {
- _this->numStrings++;
- } else {
- _this->numPairs++;
- }
- item->next = _this->head;
- _this->head = item;
-}
-
-/****************************************************************************/
-Pk11Install_ListIter*
-Pk11Install_ListIter_new_default()
-{
- Pk11Install_ListIter* new_this;
- new_this = (Pk11Install_ListIter*)
- PR_Malloc(sizeof(Pk11Install_ListIter));
- Pk11Install_ListIter_init(new_this);
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_init(Pk11Install_ListIter* _this)
-{
- _this->list = NULL;
- _this->current = NULL;
-}
-
-/****************************************************************************/
-Pk11Install_ListIter*
-Pk11Install_ListIter_new(const Pk11Install_ValueList *_list)
-{
- Pk11Install_ListIter* new_this;
- new_this = (Pk11Install_ListIter*)
- PR_Malloc(sizeof(Pk11Install_ListIter));
- new_this->list = _list;
- new_this->current = _list->head;
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_delete(Pk11Install_ListIter* _this)
-{
- _this->list=NULL;
- _this->current=NULL;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ListIter_reset(Pk11Install_ListIter* _this)
-{
- if(_this->list) {
- _this->current = _this->list->head;
- }
-}
-
-/*************************************************************************/
-Pk11Install_Value*
-Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this)
-{
- if(_this->current) {
- _this->current = _this->current->next;
- }
-
- return _this->current;
-}
-
-/****************************************************************************/
-Pk11Install_ValueList*
-Pk11Install_ValueList_new()
-{
- Pk11Install_ValueList* new_this;
- new_this = (Pk11Install_ValueList*)
- PR_Malloc(sizeof(Pk11Install_ValueList));
- new_this->numItems = 0;
- new_this->numPairs = 0;
- new_this->numStrings = 0;
- new_this->head = NULL;
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_ValueList_delete(Pk11Install_ValueList* _this)
-{
-
- Pk11Install_Value *tmp;
- Pk11Install_Value *list;
- list = _this->head;
-
- while(list != NULL) {
- tmp = list;
- list = list->next;
- PR_Free(tmp);
- }
- PR_Free(_this);
-}
-
-/****************************************************************************/
-Pk11Install_Value*
-Pk11Install_Value_new_default()
-{
- Pk11Install_Value* new_this;
- new_this = (Pk11Install_Value*)PR_Malloc(sizeof(Pk11Install_Value));
- new_this->type = STRING_VALUE;
- new_this->string = NULL;
- new_this->pair = NULL;
- new_this->next = NULL;
- return new_this;
-}
-
-/****************************************************************************/
-Pk11Install_Value*
-Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr)
-{
- Pk11Install_Value* new_this;
- new_this = Pk11Install_Value_new_default();
- new_this->type = _type;
- if(_type == STRING_VALUE) {
- new_this->pair = NULL;
- new_this->string = ptr.string;
- } else {
- new_this->string = NULL;
- new_this->pair = ptr.pair;
- }
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_Value_delete(Pk11Install_Value* _this)
-{
- if(_this->type == STRING_VALUE) {
- PR_Free(_this->string);
- } else {
- PR_Free(_this->pair);
- }
-}
-
-/****************************************************************************/
-Pk11Install_Pair*
-Pk11Install_Pair_new_default()
-{
- return Pk11Install_Pair_new(NULL,NULL);
-}
-
-/****************************************************************************/
-Pk11Install_Pair*
-Pk11Install_Pair_new(char *_key, Pk11Install_ValueList *_list)
-{
- Pk11Install_Pair* new_this;
- new_this = (Pk11Install_Pair*)PR_Malloc(sizeof(Pk11Install_Pair));
- new_this->key = _key;
- new_this->list = _list;
- return new_this;
-}
-
-/****************************************************************************/
-void
-Pk11Install_Pair_delete(Pk11Install_Pair* _this)
-{
- PR_Free(_this->key);
- Pk11Install_ValueList_delete(_this->list);
- PR_Free(_this->list);
-}
-
-/*************************************************************************/
-void
-Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad)
-{
- while (_this) {
- /*PAD(pad); printf("**Pair\n");
- PAD(pad); printf("***Key====\n");*/
- PAD(pad); printf("%s {\n", _this->key);
- /*PAD(pad); printf("====\n");*/
- /*PAD(pad); printf("***ValueList\n");*/
- Pk11Install_ValueList_Print(_this->list,pad+PADINC);
- PAD(pad); printf("}\n");
- }
-}
-
-/*************************************************************************/
-void
-Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad)
-{
- Pk11Install_Value *v;
-
- /*PAD(pad);printf("**Value List**\n");*/
- for(v = _this->head; v != NULL; v=v->next) {
- Pk11Install_Value_Print(v,pad);
- }
-}
-
-/*************************************************************************/
-void
-Pk11Install_Value_Print(Pk11Install_Value* _this, int pad)
-{
- /*PAD(pad); printf("**Value, type=%s\n",
- type==STRING_VALUE ? "string" : "pair");*/
- if(_this->type==STRING_VALUE) {
- /*PAD(pad+PADINC); printf("====\n");*/
- PAD(pad); printf("%s\n", _this->string);
- /*PAD(pad+PADINC); printf("====\n");*/
- } else {
- Pk11Install_Pair_Print(_this->pair,pad+PADINC);
- }
-}
diff --git a/security/nss/cmd/modutil/install-ds.h b/security/nss/cmd/modutil/install-ds.h
deleted file mode 100644
index 2311f0928..000000000
--- a/security/nss/cmd/modutil/install-ds.h
+++ /dev/null
@@ -1,290 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef INSTALL_DS_H
-#define INSTALL_DS_H
-
-#include <stdio.h>
-#include <prio.h>
-#include <prmem.h>
-
-extern PRFileDesc *Pk11Install_FD;
-extern int Pk11Install_yylex();
-extern int Pk11Install_yylinenum;
-extern char *Pk11Install_yyerrstr;
-
-typedef enum { STRING_VALUE, PAIR_VALUE } ValueType;
-
-typedef struct Pk11Install_Pair_str Pk11Install_Pair;
-typedef union Pk11Install_Pointer_str Pk11Install_Pointer;
-typedef struct Pk11Install_Value_str Pk11Install_Value;
-typedef struct Pk11Install_ValueList_str Pk11Install_ValueList;
-typedef struct Pk11Install_ListIter_str Pk11Install_ListIter;
-typedef struct Pk11Install_File_str Pk11Install_File;
-typedef struct Pk11Install_PlatformName_str Pk11Install_PlatformName;
-typedef struct Pk11Install_Platform_str Pk11Install_Platform;
-typedef struct Pk11Install_Info_str Pk11Install_Info;
-
-extern Pk11Install_Pointer Pk11Install_yylval;
-extern Pk11Install_ValueList* Pk11Install_valueList;
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Pair
-//////////////////////////////////////////////////////////////////////////
-*/
-
-struct Pk11Install_Pair_str {
- char * key;
- Pk11Install_ValueList *list;
-
-};
-
-Pk11Install_Pair*
-Pk11Install_Pair_new_default();
-Pk11Install_Pair*
-Pk11Install_Pair_new( char* _key, Pk11Install_ValueList* _list);
-void
-Pk11Install_Pair_delete(Pk11Install_Pair* _this);
-void
-Pk11Install_Pair_Print(Pk11Install_Pair* _this, int pad);
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Pointer
-//////////////////////////////////////////////////////////////////////////
-*/
-union Pk11Install_Pointer_str {
- Pk11Install_ValueList *list;
- Pk11Install_Value *value;
- Pk11Install_Pair *pair;
- char *string;
-};
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_Value
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_Value_str {
-
- ValueType type;
- char *string;
- Pk11Install_Pair *pair;
- struct Pk11Install_Value_str *next;
-};
-
-Pk11Install_Value*
-Pk11Install_Value_new_default();
-Pk11Install_Value*
-Pk11Install_Value_new(ValueType _type, Pk11Install_Pointer ptr);
-void
-Pk11Install_Value_delete(Pk11Install_Value* _this);
-void
-Pk11Install_Value_Print(Pk11Install_Value* _this, int pad);
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_ValueList
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_ValueList_str {
- int numItems;
- int numPairs;
- int numStrings;
- Pk11Install_Value *head;
-};
-
-Pk11Install_ValueList*
-Pk11Install_ValueList_new();
-void
-Pk11Install_ValueList_delete(Pk11Install_ValueList* _this);
-void
-Pk11Install_ValueList_AddItem(Pk11Install_ValueList* _this,
- Pk11Install_Value* item);
-void
-Pk11Install_ValueList_Print(Pk11Install_ValueList* _this, int pad);
-
-
-/*
-//////////////////////////////////////////////////////////////////////////
-// Pk11Install_ListIter
-//////////////////////////////////////////////////////////////////////////
-*/
-struct Pk11Install_ListIter_str {
- const Pk11Install_ValueList *list;
- Pk11Install_Value *current;
-};
-
-Pk11Install_ListIter*
-Pk11Install_ListIter_new_default();
-void
-Pk11Install_ListIter_init(Pk11Install_ListIter* _this);
-Pk11Install_ListIter*
-Pk11Install_ListIter_new(const Pk11Install_ValueList* _list);
-void
-Pk11Install_ListIter_delete(Pk11Install_ListIter* _this);
-void
-Pk11Install_ListIter_reset(Pk11Install_ListIter* _this);
-Pk11Install_Value*
-Pk11Install_ListIter_nextItem(Pk11Install_ListIter* _this);
-
-/************************************************************************
- *
- * Pk11Install_File
- */
-struct Pk11Install_File_str {
- char *jarPath;
- char *relativePath;
- char *absolutePath;
- PRBool executable;
- int permissions;
-};
-
-Pk11Install_File*
-Pk11Install_File_new();
-void
-Pk11Install_File_init(Pk11Install_File* _this);
-void
-Pk11Install_file_delete(Pk11Install_File* _this);
-/*// Parses a syntax tree to obtain all attributes.
-// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_File_Generate(Pk11Install_File* _this,
- const Pk11Install_Pair* pair);
-void
-Pk11Install_File_Print(Pk11Install_File* _this, int pad);
-void
-Pk11Install_File_Cleanup(Pk11Install_File* _this);
-
-/************************************************************************
- *
- * Pk11Install_PlatformName
- */
-struct Pk11Install_PlatformName_str {
- char *OS;
- char **verString;
- int numDigits;
- char *arch;
-};
-
-Pk11Install_PlatformName*
-Pk11Install_PlatformName_new();
-void
-Pk11Install_PlatformName_init(Pk11Install_PlatformName* _this);
-void
-Pk11Install_PlatformName_delete(Pk11Install_PlatformName* _this);
-char*
-Pk11Install_PlatformName_Generate(Pk11Install_PlatformName* _this,
- const char* str);
-char*
-Pk11Install_PlatformName_GetString(Pk11Install_PlatformName* _this);
-char*
-Pk11Install_PlatformName_GetVerString(Pk11Install_PlatformName* _this);
-void
-Pk11Install_PlatformName_Print(Pk11Install_PlatformName* _this, int pad);
-void
-Pk11Install_PlatformName_Cleanup(Pk11Install_PlatformName* _this);
-PRBool
-Pk11Install_PlatformName_equal(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp);
-PRBool
-Pk11Install_PlatformName_lteq(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp);
-PRBool
-Pk11Install_PlatformName_lt(Pk11Install_PlatformName* _this,
- Pk11Install_PlatformName* cmp);
-
-/************************************************************************
- *
- * Pk11Install_Platform
- */
-struct Pk11Install_Platform_str {
- Pk11Install_PlatformName name;
- Pk11Install_PlatformName equivName;
- struct Pk11Install_Platform_str *equiv;
- PRBool usesEquiv;
- char *moduleFile;
- char *moduleName;
- int modFile;
- unsigned long mechFlags;
- unsigned long cipherFlags;
- Pk11Install_File *files;
- int numFiles;
-};
-
-Pk11Install_Platform*
-Pk11Install_Platform_new();
-void
-Pk11Install_Platform_init(Pk11Install_Platform* _this);
-void
-Pk11Install_Platform_delete(Pk11Install_Platform* _this);
-/*// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_Platform_Generate(Pk11Install_Platform* _this,
- const Pk11Install_Pair *pair);
-void
-Pk11Install_Platform_Print(Pk11Install_Platform* _this, int pad);
-void
-Pk11Install_Platform_Cleanup(Pk11Install_Platform* _this);
-
-/************************************************************************
- *
- * Pk11Install_Info
- */
-struct Pk11Install_Info_str {
- Pk11Install_Platform *platforms;
- int numPlatforms;
- Pk11Install_PlatformName *forwardCompatible;
- int numForwardCompatible;
-};
-
-Pk11Install_Info*
-Pk11Install_Info_new();
-void
-Pk11Install_Info_init();
-void
-Pk11Install_Info_delete(Pk11Install_Info* _this);
-/*// Returns NULL for success, error message if parse error.*/
-char*
-Pk11Install_Info_Generate(Pk11Install_Info* _this,
- const Pk11Install_ValueList *list);
- /*// Returns NULL if there is no matching platform*/
-Pk11Install_Platform*
-Pk11Install_Info_GetBestPlatform(Pk11Install_Info* _this, char* myPlatform);
-void
-Pk11Install_Info_Print(Pk11Install_Info* _this, int pad);
-void
-Pk11Install_Info_Cleanup(Pk11Install_Info* _this);
-
-#endif /* INSTALL_DS_H */
diff --git a/security/nss/cmd/modutil/install.c b/security/nss/cmd/modutil/install.c
deleted file mode 100644
index 452b70f01..000000000
--- a/security/nss/cmd/modutil/install.c
+++ /dev/null
@@ -1,979 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "install.h"
-#include "install-ds.h"
-#include <prlock.h>
-#include <prio.h>
-#include <prmem.h>
-#include <prprf.h>
-#include <prsystem.h>
-#include <prproces.h>
-
-/*extern "C" {*/
-#include <jar.h>
-/*}*/
-
-extern /*"C"*/
-int Pk11Install_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags);
-extern /*"C"*/
-short Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out,
- PRBool query);
-extern /*"C"*/
-const char* mySECU_ErrorString(int16);
-extern
-int Pk11Install_yyparse();
-
-#define INSTALL_METAINFO_TAG "Pkcs11_install_script"
-#define SCRIPT_TEMP_FILE "pkcs11inst.tmp"
-#define ROOT_MARKER "%root%"
-#define TEMP_MARKER "%temp%"
-#define PRINTF_ROOT_MARKER "%%root%%"
-#define TEMPORARY_DIRECTORY_NAME "pk11inst.dir"
-#define JAR_BASE_END (JAR_BASE+100)
-
-static PRLock* errorHandlerLock=NULL;
-static Pk11Install_ErrorHandler errorHandler=NULL;
-static char* PR_Strdup(const char* str);
-static int rm_dash_r (char *path);
-static int make_dirs(char *path, int file_perms);
-static int dir_perms(int perms);
-
-static Pk11Install_Error DoInstall(JAR *jar, const char *installDir,
- const char* tempDir, Pk11Install_Platform *platform,
- PRFileDesc *feedback, PRBool noverify);
-
-static char *errorString[]= {
- "Operation was successful", /* PK11_INSTALL_NO_ERROR */
- "Directory \"%s\" does not exist", /* PK11_INSTALL_DIR_DOESNT_EXIST */
- "File \"%s\" does not exist", /* PK11_INSTALL_FILE_DOESNT_EXIST */
- "File \"%s\" is not readable", /* PK11_INSTALL_FILE_NOT_READABLE */
- "%s", /* PK11_INSTALL_ERROR_STRING */
- "Error in JAR file %s: %s", /* PK11_INSTALL_JAR_ERROR */
- "No Pkcs11_install_script specified in JAR metainfo file",
- /* PK11_INSTALL_NO_INSTALLER_SCRIPT */
- "Could not delete temporary file \"%s\"",
- /*PK11_INSTALL_DELETE_TEMP_FILE */
- "Could not open temporary file \"%s\"", /*PK11_INSTALL_OPEN_SCRIPT_FILE*/
- "%s: %s", /* PK11_INSTALL_SCRIPT_PARSE */
- "Error in script: %s",
- "Unable to obtain system platform information",
- "Installer script has no information about the current platform (%s)",
- "Relative directory \"%s\" does not contain "PRINTF_ROOT_MARKER,
- "Module File \"%s\" not found",
- "Error occurred installing module \"%s\" into database",
- "Error extracting \"%s\" from JAR file: %s",
- "Directory \"%s\" is not writeable",
- "Could not create directory \"%s\"",
- "Could not remove directory \"%s\"",
- "Unable to execute \"%s\"",
- "Unable to wait for process \"%s\"",
- "\"%s\" returned error code %d",
- "User aborted operation",
- "Unspecified error"
-};
-
-enum {
- INSTALLED_FILE_MSG=0,
- INSTALLED_MODULE_MSG,
- INSTALLER_SCRIPT_NAME,
- MY_PLATFORM_IS,
- USING_PLATFORM,
- PARSED_INSTALL_SCRIPT,
- EXEC_FILE_MSG,
- EXEC_SUCCESS,
- INSTALLATION_COMPLETE_MSG,
- USER_ABORT
-};
-
-static char *msgStrings[] = {
- "Installed file %s to %s\n",
- "Installed module \"%s\" into module database\n",
- "Using installer script \"%s\"\n",
- "Current platform is %s\n",
- "Using installation parameters for platform %s\n",
- "Successfully parsed installation script\n",
- "Executing \"%s\"...\n",
- "\"%s\" executed successfully\n",
- "\nInstallation completed successfully\n",
- "\nAborting...\n"
-};
-
-/**************************************************************************
- * S t r i n g N o d e
- */
-typedef struct StringNode_str {
- char *str;
- struct StringNode_str* next;
-} StringNode;
-
-StringNode* StringNode_new()
-{
- StringNode* new_this;
- new_this = (StringNode*)malloc(sizeof(StringNode));
- new_this->str=NULL;
- new_this->next=NULL;
- return new_this;
-}
-
-void StringNode_delete(StringNode* s)
-{
- if(s->str) {
- PR_Free(s->str);
- s->str=NULL;
- }
-}
-
-/*************************************************************************
- * S t r i n g L i s t
- */
-typedef struct StringList_str {
- StringNode* head;
- StringNode* tail;
-} StringList;
-
-void StringList_new(StringList* list)
-{
- list->head=NULL;
- list->tail=NULL;
-}
-
-void StringList_delete(StringList* list)
-{
- StringNode *tmp;
- while(list->head) {
- tmp = list->head;
- list->head = list->head->next;
- StringNode_delete(tmp);
- }
-}
-
-void
-StringList_Append(StringList* list, char* str)
-{
- if(!str) {
- return;
- }
-
- if(!list->tail) {
- /* This is the first element */
- list->head = list->tail = StringNode_new();
- } else {
- list->tail->next = StringNode_new();
- list->tail = list->tail->next;
- }
-
- list->tail->str = PR_Strdup(str);
- list->tail->next = NULL; /* just to be sure */
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r
- *
- * Sets the error handler to be used by the library. Returns the current
- * error handler function.
- */
-Pk11Install_ErrorHandler
-Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler)
-{
- Pk11Install_ErrorHandler old;
-
- if(!errorHandlerLock) {
- errorHandlerLock = PR_NewLock();
- }
-
- PR_Lock(errorHandlerLock);
-
- old = errorHandler;
- errorHandler = handler;
-
- PR_Unlock(errorHandlerLock);
-
- return old;
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ I n i t
- *
- * Does initialization that otherwise would be done on the fly. Only
- * needs to be called by multithreaded apps, before they make any calls
- * to this library.
- */
-void
-Pk11Install_Init()
-{
- if(!errorHandlerLock) {
- errorHandlerLock = PR_NewLock();
- }
-}
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ R e l e a s e
- *
- * Releases static data structures used by the library. Don't use the
- * library after calling this, unless you call Pk11Install_Init()
- * first. This function doesn't have to be called at all unless you're
- * really anal about freeing memory before your program exits.
- */
-void
-Pk11Install_Release()
-{
- if(errorHandlerLock) {
- PR_Free(errorHandlerLock);
- errorHandlerLock = NULL;
- }
-}
-
-/*************************************************************************
- *
- * e r r o r
- *
- * Takes an error code and its arguments, creates the error string,
- * and sends the string to the handler function if it exists.
- */
-
-#ifdef OSF1
-/* stdarg has already been pulled in from NSPR */
-#undef va_start
-#undef va_end
-#undef va_arg
-#include <varargs.h>
-#else
-#include <stdarg.h>
-#endif
-
-#ifdef OSF1
-static void
-error(long va_alist, ...)
-#else
-static void
-error(Pk11Install_Error errcode, ...)
-#endif
-{
-
- va_list ap;
- char *errstr;
- Pk11Install_ErrorHandler handler;
-
- if(!errorHandlerLock) {
- errorHandlerLock = PR_NewLock();
- }
-
- PR_Lock(errorHandlerLock);
-
- handler = errorHandler;
-
- PR_Unlock(errorHandlerLock);
-
- if(handler) {
-#ifdef OSF1
- va_start(ap);
- errstr = PR_vsmprintf(errorString[va_arg(ap, Pk11Install_Error)], ap);
-#else
- va_start(ap, errcode);
- errstr = PR_vsmprintf(errorString[errcode], ap);
-#endif
- handler(errstr);
- PR_smprintf_free(errstr);
- va_end(ap);
- }
-}
-
-/*************************************************************************
- *
- * j a r _ c a l l b a c k
- */
-static int
-jar_callback(int status, JAR *foo, const char *bar, char *pathname,
- char *errortext) {
- char *string;
-
- string = PR_smprintf("JAR error %d: %s in file %s\n", status, errortext,
- pathname);
- error(PK11_INSTALL_ERROR_STRING, string);
- PR_smprintf_free(string);
- return 0;
-}
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ D o I n s t a l l
- *
- * jarFile is the path of a JAR in the PKCS #11 module JAR format.
- * installDir is the directory relative to which files will be
- * installed.
- */
-Pk11Install_Error
-Pk11Install_DoInstall(char *jarFile, const char *installDir,
- const char *tempDir, PRFileDesc *feedback, short force, PRBool noverify)
-{
- JAR *jar;
- char *installer;
- unsigned long installer_len;
- int status;
- Pk11Install_Error ret;
- PRBool made_temp_file;
- Pk11Install_Info installInfo;
- Pk11Install_Platform *platform;
- char* errMsg;
- char sysname[SYS_INFO_BUFFER_LENGTH], release[SYS_INFO_BUFFER_LENGTH],
- arch[SYS_INFO_BUFFER_LENGTH];
- char *myPlatform;
-
- jar=NULL;
- ret = PK11_INSTALL_UNSPECIFIED;
- made_temp_file=PR_FALSE;
- errMsg=NULL;
- Pk11Install_Info_init(&installInfo);
-
- /*
- printf("Inside DoInstall, jarFile=%s, installDir=%s, tempDir=%s\n",
- jarFile, installDir, tempDir);
- */
-
- /*
- * Check out jarFile and installDir for validity
- */
- if( PR_Access(installDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) {
- error(PK11_INSTALL_DIR_DOESNT_EXIST, installDir);
- return PK11_INSTALL_DIR_DOESNT_EXIST;
- }
- if(!tempDir) {
- tempDir = ".";
- }
- if( PR_Access(tempDir, PR_ACCESS_EXISTS) != PR_SUCCESS ) {
- error(PK11_INSTALL_DIR_DOESNT_EXIST, tempDir);
- return PK11_INSTALL_DIR_DOESNT_EXIST;
- }
- if( PR_Access(tempDir, PR_ACCESS_WRITE_OK) != PR_SUCCESS ) {
- error(PK11_INSTALL_DIR_NOT_WRITEABLE, tempDir);
- return PK11_INSTALL_DIR_NOT_WRITEABLE;
- }
- if( (PR_Access(jarFile, PR_ACCESS_EXISTS) != PR_SUCCESS) ) {
- error(PK11_INSTALL_FILE_DOESNT_EXIST, jarFile);
- return PK11_INSTALL_FILE_DOESNT_EXIST;
- }
- if( PR_Access(jarFile, PR_ACCESS_READ_OK) != PR_SUCCESS ) {
- error(PK11_INSTALL_FILE_NOT_READABLE, jarFile);
- return PK11_INSTALL_FILE_NOT_READABLE;
- }
-
- /*
- * Extract the JAR file
- */
- jar = JAR_new();
- JAR_set_callback(JAR_CB_SIGNAL, jar, jar_callback);
-
- if(noverify) {
- status = JAR_pass_archive_unverified(jar, jarArchGuess, jarFile, "url");
- } else {
- status = JAR_pass_archive(jar, jarArchGuess, jarFile, "url");
- }
- if( (status < 0) || (jar->valid < 0) ) {
- if (status >= JAR_BASE && status <= JAR_BASE_END) {
- error(PK11_INSTALL_JAR_ERROR, jarFile, JAR_get_error(status));
- } else {
- error(PK11_INSTALL_JAR_ERROR, jarFile,
- mySECU_ErrorString((int16) PORT_GetError()) );
- }
- ret=PK11_INSTALL_JAR_ERROR;
- goto loser;
- }
- /*printf("passed the archive\n");*/
-
- /*
- * Show the user security information, allow them to abort or continue
- */
- if( Pk11Install_UserVerifyJar(jar, PR_STDOUT,
- force?PR_FALSE:PR_TRUE) && !force) {
- if(feedback) {
- PR_fprintf(feedback, msgStrings[USER_ABORT]);
- }
- ret=PK11_INSTALL_USER_ABORT;
- goto loser;
- }
-
- /*
- * Get the name of the installation file
- */
- if( JAR_get_metainfo(jar, NULL, INSTALL_METAINFO_TAG, (void**)&installer,
- (unsigned long*)&installer_len) ) {
- error(PK11_INSTALL_NO_INSTALLER_SCRIPT);
- ret=PK11_INSTALL_NO_INSTALLER_SCRIPT;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLER_SCRIPT_NAME], installer);
- }
-
- /*
- * Extract the installation file
- */
- if( PR_Access(SCRIPT_TEMP_FILE, PR_ACCESS_EXISTS) == PR_SUCCESS) {
- if( PR_Delete(SCRIPT_TEMP_FILE) != PR_SUCCESS) {
- error(PK11_INSTALL_DELETE_TEMP_FILE, SCRIPT_TEMP_FILE);
- ret=PK11_INSTALL_DELETE_TEMP_FILE;
- goto loser;
- }
- }
- if(noverify) {
- status = JAR_extract(jar, installer, SCRIPT_TEMP_FILE);
- } else {
- status = JAR_verified_extract(jar, installer, SCRIPT_TEMP_FILE);
- }
- if(status) {
- if (status >= JAR_BASE && status <= JAR_BASE_END) {
- error(PK11_INSTALL_JAR_EXTRACT, installer, JAR_get_error(status));
- } else {
- error(PK11_INSTALL_JAR_EXTRACT, installer,
- mySECU_ErrorString((int16) PORT_GetError()) );
- }
- ret = PK11_INSTALL_JAR_EXTRACT;
- goto loser;
- } else {
- made_temp_file = PR_TRUE;
- }
-
- /*
- * Parse the installation file into a syntax tree
- */
- Pk11Install_FD = PR_Open(SCRIPT_TEMP_FILE, PR_RDONLY, 0);
- if(!Pk11Install_FD) {
- error(PK11_INSTALL_OPEN_SCRIPT_FILE, SCRIPT_TEMP_FILE);
- ret=PK11_INSTALL_OPEN_SCRIPT_FILE;
- goto loser;
- }
- if(Pk11Install_yyparse()) {
- error(PK11_INSTALL_SCRIPT_PARSE, installer,
- Pk11Install_yyerrstr ? Pk11Install_yyerrstr : "");
- ret=PK11_INSTALL_SCRIPT_PARSE;
- goto loser;
- }
-
-#if 0
- /* for debugging */
- Pk11Install_valueList->Print(0);
-#endif
-
- /*
- * From the syntax tree, build a semantic structure
- */
- errMsg = Pk11Install_Info_Generate(&installInfo,Pk11Install_valueList);
- if(errMsg) {
- error(PK11_INSTALL_SEMANTIC, errMsg);
- ret=PK11_INSTALL_SEMANTIC;
- goto loser;
- }
-#if 0
- installInfo.Print(0);
-#endif
-
- if(feedback) {
- PR_fprintf(feedback, msgStrings[PARSED_INSTALL_SCRIPT]);
- }
-
- /*
- * Figure out which platform to use
- */
- {
- sysname[0] = release[0] = arch[0] = '\0';
-
- if( (PR_GetSystemInfo(PR_SI_SYSNAME, sysname, SYS_INFO_BUFFER_LENGTH)
- != PR_SUCCESS) ||
- (PR_GetSystemInfo(PR_SI_RELEASE, release, SYS_INFO_BUFFER_LENGTH)
- != PR_SUCCESS) ||
- (PR_GetSystemInfo(PR_SI_ARCHITECTURE, arch, SYS_INFO_BUFFER_LENGTH)
- != PR_SUCCESS) ) {
- error(PK11_INSTALL_SYSINFO);
- ret=PK11_INSTALL_SYSINFO;
- goto loser;
- }
- myPlatform = PR_smprintf("%s:%s:%s", sysname, release, arch);
- platform = Pk11Install_Info_GetBestPlatform(&installInfo,myPlatform);
- if(!platform) {
- error(PK11_INSTALL_NO_PLATFORM, myPlatform);
- PR_smprintf_free(myPlatform);
- ret=PK11_INSTALL_NO_PLATFORM;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[MY_PLATFORM_IS], myPlatform);
- PR_fprintf(feedback, msgStrings[USING_PLATFORM],
- Pk11Install_PlatformName_GetString(&platform->name));
- }
- PR_smprintf_free(myPlatform);
- }
-
- /* Run the install for that platform */
- ret = DoInstall(jar, installDir, tempDir, platform, feedback, noverify);
- if(ret) {
- goto loser;
- }
-
- ret = PK11_INSTALL_SUCCESS;
-loser:
- if(Pk11Install_valueList) {
- Pk11Install_ValueList_delete(Pk11Install_valueList);
- PR_Free(Pk11Install_valueList);
- Pk11Install_valueList = NULL;
- }
- if(jar) {
- JAR_destroy(jar);
- }
- if(made_temp_file) {
- PR_Delete(SCRIPT_TEMP_FILE);
- }
- if(errMsg) {
- PR_smprintf_free(errMsg);
- }
- return ret;
-}
-
-/*
-/////////////////////////////////////////////////////////////////////////
-// actually run the installation, copying files to and fro
-*/
-static Pk11Install_Error
-DoInstall(JAR *jar, const char *installDir, const char *tempDir,
- Pk11Install_Platform *platform, PRFileDesc *feedback, PRBool noverify)
-{
- Pk11Install_File *file;
- Pk11Install_Error ret;
- char *reldir;
- char *dest;
- char *modDest;
- char *cp;
- int i;
- int status;
- char *tempname, *temp;
- StringList executables;
- StringNode *execNode;
- PRProcessAttr *attr;
- PRProcess *proc;
- char *argv[2];
- char *envp[1];
- int errcode;
-
- ret=PK11_INSTALL_UNSPECIFIED;
- reldir=NULL;
- dest=NULL;
- modDest=NULL;
- tempname=NULL;
-
- StringList_new(&executables);
- /*
- // Create Temporary directory
- */
- tempname = PR_smprintf("%s/%s", tempDir, TEMPORARY_DIRECTORY_NAME);
- if( PR_Access(tempname, PR_ACCESS_EXISTS)==PR_SUCCESS ) {
- /* Left over from previous run? Delete it. */
- rm_dash_r(tempname);
- }
- if(PR_MkDir(tempname, 0700) != PR_SUCCESS) {
- error(PK11_INSTALL_CREATE_DIR, tempname);
- ret = PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
-
- /*
- // Install all the files
- */
- for(i=0; i < platform->numFiles; i++) {
- file = &platform->files[i];
-
- if(file->relativePath) {
- PRBool foundMarker = PR_FALSE;
- reldir = PR_Strdup(file->relativePath);
-
- /* Replace all the markers with the directories for which they stand */
- while(1) {
- if( (cp=PL_strcasestr(reldir, ROOT_MARKER)) ) {
- /* Has a %root% marker */
- *cp = '\0';
- temp = PR_smprintf("%s%s%s", reldir, installDir,
- cp+strlen(ROOT_MARKER));
- PR_Free(reldir);
- reldir = temp;
- foundMarker = PR_TRUE;
- } else if( (cp = PL_strcasestr(reldir, TEMP_MARKER)) ) {
- /* Has a %temp% marker */
- *cp = '\0';
- temp = PR_smprintf("%s%s%s", reldir, tempname,
- cp+strlen(TEMP_MARKER));
- PR_Free(reldir);
- reldir = temp;
- foundMarker = PR_TRUE;
- } else {
- break;
- }
- }
- if(!foundMarker) {
- /* Has no markers...this isn't really a relative directory */
- error(PK11_INSTALL_BOGUS_REL_DIR, file->relativePath);
- ret = PK11_INSTALL_BOGUS_REL_DIR;
- goto loser;
- }
- dest = reldir;
- reldir = NULL;
- } else if(file->absolutePath) {
- dest = PR_Strdup(file->absolutePath);
- }
-
- /* Remember if this is the module file, we'll need to add it later */
- if(i == platform->modFile) {
- modDest = PR_Strdup(dest);
- }
-
- /* Remember is this is an executable, we'll need to run it later */
- if(file->executable) {
- StringList_Append(&executables,dest);
- /*executables.Append(dest);*/
- }
-
- /* Make sure the directory we are targetting exists */
- if( make_dirs(dest, file->permissions) ) {
- ret=PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
-
- /* Actually extract the file onto the filesystem */
- if(noverify) {
- status = JAR_extract(jar, (char*)file->jarPath, dest);
- } else {
- status = JAR_verified_extract(jar, (char*)file->jarPath, dest);
- }
- if(status) {
- if (status >= JAR_BASE && status <= JAR_BASE_END) {
- error(PK11_INSTALL_JAR_EXTRACT, file->jarPath,
- JAR_get_error(status));
- } else {
- error(PK11_INSTALL_JAR_EXTRACT, file->jarPath,
- mySECU_ErrorString((int16) PORT_GetError()) );
- }
- ret=PK11_INSTALL_JAR_EXTRACT;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLED_FILE_MSG],
- file->jarPath, dest);
- }
-
- /* no NSPR command to change permissions? */
-#ifdef XP_UNIX
- chmod(dest, file->permissions);
-#endif
-
- /* Memory clean-up tasks */
- if(reldir) {
- PR_Free(reldir);
- reldir = NULL;
- }
- if(dest) {
- PR_Free(dest);
- dest = NULL;
- }
- }
- /* Make sure we found the module file */
- if(!modDest) {
- /* Internal problem here, since every platform is supposed to have
- a module file */
- error(PK11_INSTALL_NO_MOD_FILE, platform->moduleName);
- ret=PK11_INSTALL_NO_MOD_FILE;
- goto loser;
- }
-
- /*
- // Execute any executable files
- */
- {
- argv[1] = NULL;
- envp[0] = NULL;
- for(execNode = executables.head; execNode; execNode = execNode->next) {
- attr = PR_NewProcessAttr();
- argv[0] = PR_Strdup(execNode->str);
-
- /* Announce our intentions */
- if(feedback) {
- PR_fprintf(feedback, msgStrings[EXEC_FILE_MSG], execNode->str);
- }
-
- /* start the process */
- if( !(proc=PR_CreateProcess(execNode->str, argv, envp, attr)) ) {
- PR_Free(argv[0]);
- PR_DestroyProcessAttr(attr);
- error(PK11_INSTALL_EXEC_FILE, execNode->str);
- ret=PK11_INSTALL_EXEC_FILE;
- goto loser;
- }
-
- /* wait for it to finish */
- if( PR_WaitProcess(proc, &errcode) != PR_SUCCESS) {
- PR_Free(argv[0]);
- PR_DestroyProcessAttr(attr);
- error(PK11_INSTALL_WAIT_PROCESS, execNode->str);
- ret=PK11_INSTALL_WAIT_PROCESS;
- goto loser;
- }
-
- /* What happened? */
- if(errcode) {
- /* process returned an error */
- error(PK11_INSTALL_PROC_ERROR, execNode->str, errcode);
- } else if(feedback) {
- /* process ran successfully */
- PR_fprintf(feedback, msgStrings[EXEC_SUCCESS], execNode->str);
- }
-
- PR_Free(argv[0]);
- PR_DestroyProcessAttr(attr);
- }
- }
-
- /*
- // Add the module
- */
- status = Pk11Install_AddNewModule((char*)platform->moduleName,
- (char*)modDest, platform->mechFlags, platform->cipherFlags );
-
- if(status != SECSuccess) {
- error(PK11_INSTALL_ADD_MODULE, platform->moduleName);
- ret=PK11_INSTALL_ADD_MODULE;
- goto loser;
- }
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLED_MODULE_MSG],
- platform->moduleName);
- }
-
- if(feedback) {
- PR_fprintf(feedback, msgStrings[INSTALLATION_COMPLETE_MSG]);
- }
-
- ret = PK11_INSTALL_SUCCESS;
-
-loser:
- if(reldir) {
- PR_Free(reldir);
- }
- if(dest) {
- PR_Free(dest);
- }
- if(modDest) {
- PR_Free(modDest);
- }
- if(tempname) {
- PRFileInfo info;
- if(PR_GetFileInfo(tempname, &info) == PR_SUCCESS) {
- if((info.type == PR_FILE_DIRECTORY)) {
- /* Recursively remove temporary directory */
- if(rm_dash_r(tempname)) {
- error(PK11_INSTALL_REMOVE_DIR,
- tempname);
- ret=PK11_INSTALL_REMOVE_DIR;
- }
-
- }
- }
- PR_Free(tempname);
- }
- StringList_delete(&executables);
- return ret;
-}
-
-/*
-//////////////////////////////////////////////////////////////////////////
-*/
-static char*
-PR_Strdup(const char* str)
-{
- char *tmp = (char*) PR_Malloc(strlen(str)+1);
- strcpy(tmp, str);
- return tmp;
-}
-
-/*
- * r m _ d a s h _ r
- *
- * Remove a file, or a directory recursively.
- *
- */
-static int
-rm_dash_r (char *path)
-{
- PRDir *dir;
- PRDirEntry *entry;
- PRFileInfo fileinfo;
- char filename[240];
-
- if(PR_GetFileInfo(path, &fileinfo) != PR_SUCCESS) {
- /*fprintf(stderr, "Error: Unable to access %s\n", filename);*/
- return -1;
- }
- if(fileinfo.type == PR_FILE_DIRECTORY) {
-
- dir = PR_OpenDir(path);
- if(!dir) {
- return -1;
- }
-
- /* Recursively delete all entries in the directory */
- while((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
- sprintf(filename, "%s/%s", path, entry->name);
- if(rm_dash_r(filename)) return -1;
- }
-
- if(PR_CloseDir(dir) != PR_SUCCESS) {
- return -1;
- }
-
- /* Delete the directory itself */
- if(PR_RmDir(path) != PR_SUCCESS) {
- return -1;
- }
- } else {
- if(PR_Delete(path) != PR_SUCCESS) {
- return -1;
- }
- }
- return 0;
-}
-
-/***************************************************************************
- *
- * m a k e _ d i r s
- *
- * Ensure that the directory portion of the path exists. This may require
- * making the directory, and its parent, and its parent's parent, etc.
- */
-static int
-make_dirs(char *path, int file_perms)
-{
- char *Path;
- char *start;
- char *sep;
- int ret = 0;
- PRFileInfo info;
-
- if(!path) {
- return 0;
- }
-
- Path = PR_Strdup(path);
- start = strpbrk(Path, "/\\");
- if(!start) {
- return 0;
- }
- start++; /* start right after first slash */
-
- /* Each time through the loop add one more directory. */
- while( (sep=strpbrk(start, "/\\")) ) {
- *sep = '\0';
-
- if( PR_GetFileInfo(Path, &info) != PR_SUCCESS) {
- /* No such dir, we have to create it */
- if( PR_MkDir(Path, dir_perms(file_perms)) != PR_SUCCESS) {
- error(PK11_INSTALL_CREATE_DIR, Path);
- ret = PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
- } else {
- /* something exists by this name, make sure it's a directory */
- if( info.type != PR_FILE_DIRECTORY ) {
- error(PK11_INSTALL_CREATE_DIR, Path);
- ret = PK11_INSTALL_CREATE_DIR;
- goto loser;
- }
- }
-
- /* If this is the lowest directory level, make sure it is writeable */
- if(!strpbrk(sep+1, "/\\")) {
- if( PR_Access(Path, PR_ACCESS_WRITE_OK)!=PR_SUCCESS) {
- error(PK11_INSTALL_DIR_NOT_WRITEABLE, Path);
- ret = PK11_INSTALL_DIR_NOT_WRITEABLE;
- goto loser;
- }
- }
-
- start = sep+1; /* start after the next slash */
- *sep = '/';
- }
-
-loser:
- PR_Free(Path);
- return ret;
-}
-
-/*************************************************************************
- * d i r _ p e r m s
- *
- * Guesses the desired permissions on a directory based on the permissions
- * of a file that will be stored in it. Give read, write, and
- * execute to the owner (so we can create the file), read and
- * execute to anyone who has read permissions on the file, and write
- * to anyone who has write permissions on the file.
- */
-static int
-dir_perms(int perms)
-{
- int ret = 0;
-
- /* owner */
- ret |= 0700;
-
- /* group */
- if(perms & 0040) {
- /* read on the file -> read and execute on the directory */
- ret |= 0050;
- }
- if(perms & 0020) {
- /* write on the file -> write on the directory */
- ret |= 0020;
- }
-
- /* others */
- if(perms & 0004) {
- /* read on the file -> read and execute on the directory */
- ret |= 0005;
- }
- if(perms & 0002) {
- /* write on the file -> write on the directory */
- ret |= 0002;
- }
-
- return ret;
-}
diff --git a/security/nss/cmd/modutil/install.h b/security/nss/cmd/modutil/install.h
deleted file mode 100644
index 3874ed77e..000000000
--- a/security/nss/cmd/modutil/install.h
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PK11INSTALL_H
-#define PK11INSTALL_H
-
-#include <prio.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef void (*Pk11Install_ErrorHandler)(char *);
-
-typedef enum {
- PK11_INSTALL_NO_ERROR=0,
- PK11_INSTALL_DIR_DOESNT_EXIST,
- PK11_INSTALL_FILE_DOESNT_EXIST,
- PK11_INSTALL_FILE_NOT_READABLE,
- PK11_INSTALL_ERROR_STRING,
- PK11_INSTALL_JAR_ERROR,
- PK11_INSTALL_NO_INSTALLER_SCRIPT,
- PK11_INSTALL_DELETE_TEMP_FILE,
- PK11_INSTALL_OPEN_SCRIPT_FILE,
- PK11_INSTALL_SCRIPT_PARSE,
- PK11_INSTALL_SEMANTIC,
- PK11_INSTALL_SYSINFO,
- PK11_INSTALL_NO_PLATFORM,
- PK11_INSTALL_BOGUS_REL_DIR,
- PK11_INSTALL_NO_MOD_FILE,
- PK11_INSTALL_ADD_MODULE,
- PK11_INSTALL_JAR_EXTRACT,
- PK11_INSTALL_DIR_NOT_WRITEABLE,
- PK11_INSTALL_CREATE_DIR,
- PK11_INSTALL_REMOVE_DIR,
- PK11_INSTALL_EXEC_FILE,
- PK11_INSTALL_WAIT_PROCESS,
- PK11_INSTALL_PROC_ERROR,
- PK11_INSTALL_USER_ABORT,
- PK11_INSTALL_UNSPECIFIED
-} Pk11Install_Error;
-#define PK11_INSTALL_SUCCESS PK11_INSTALL_NO_ERROR
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ I n i t
- *
- * Does initialization that otherwise would be done on the fly. Only
- * needs to be called by multithreaded apps, before they make any calls
- * to this library.
- */
-void
-Pk11Install_Init();
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ S e t E r r o r H a n d l e r
- *
- * Sets the error handler to be used by the library. Returns the current
- * error handler function.
- */
-Pk11Install_ErrorHandler
-Pk11Install_SetErrorHandler(Pk11Install_ErrorHandler handler);
-
-
-/**************************************************************************
- *
- * P k 1 1 I n s t a l l _ R e l e a s e
- *
- * Releases static data structures used by the library. Don't use the
- * library after calling this, unless you call Pk11Install_Init()
- * first. This function doesn't have to be called at all unless you're
- * really anal about freeing memory before your program exits.
- */
-void
-Pk11Install_Release();
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ D o I n s t a l l
- *
- * jarFile is the path of a JAR in the PKCS #11 module JAR format.
- * installDir is the directory relative to which files will be
- * installed.
- * feedback is a file descriptor to which to write informative (not error)
- * status messages: what files are being installed, what modules are being
- * installed. If feedback==NULL, no messages will be displayed.
- * If force != 0, interactive prompts will be suppressed.
- * If noverify == PR_TRUE, signatures won't be checked on the JAR file.
- */
-Pk11Install_Error
-Pk11Install_DoInstall(char *jarFile, const char *installDir,
- const char *tempDir, PRFileDesc *feedback, short force,
- PRBool noverify);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /*PK11INSTALL_H*/
diff --git a/security/nss/cmd/modutil/installparse.c b/security/nss/cmd/modutil/installparse.c
deleted file mode 100644
index 16f81b6eb..000000000
--- a/security/nss/cmd/modutil/installparse.c
+++ /dev/null
@@ -1,429 +0,0 @@
-#ifndef lint
-char yysccsid[] = "@(#)yaccpar 1.4 (Berkeley) 02/25/90";
-#endif
-#line 37 "installparse.y"
-
-#define yyparse Pk11Install_yyparse
-#define yylex Pk11Install_yylex
-#define yyerror Pk11Install_yyerror
-#define yychar Pk11Install_yychar
-#define yyval Pk11Install_yyval
-#define yylval Pk11Install_yylval
-#define yydebug Pk11Install_yydebug
-#define yynerrs Pk11Install_yynerrs
-#define yyerrflag Pk11Install_yyerrflag
-#define yyss Pk11Install_yyss
-#define yyssp Pk11Install_yyssp
-#define yyvs Pk11Install_yyvs
-#define yyvsp Pk11Install_yyvsp
-#define yylhs Pk11Install_yylhs
-#define yylen Pk11Install_yylen
-#define yydefred Pk11Install_yydefred
-#define yydgoto Pk11Install_yydgoto
-#define yysindex Pk11Install_yysindex
-#define yyrindex Pk11Install_yyrindex
-#define yygindex Pk11Install_yygindex
-#define yytable Pk11Install_yytable
-#define yycheck Pk11Install_yycheck
-#define yyname Pk11Install_yyname
-#define yyrule Pk11Install_yyrule
-
-/* C Stuff */
-#include "install-ds.h"
-#include <prprf.h>
-
-#define YYSTYPE Pk11Install_Pointer
-extern char *Pk11Install_yytext;
-char *Pk11Install_yyerrstr=NULL;
-
-#line 40 "ytab.c"
-#define OPENBRACE 257
-#define CLOSEBRACE 258
-#define STRING 259
-#define YYERRCODE 256
-short yylhs[] = { -1,
- 0, 1, 1, 2, 2, 3, 4,
-};
-short yylen[] = { 2,
- 1, 2, 0, 1, 1, 4, 1,
-};
-short yydefred[] = { 0,
- 0, 0, 1, 0, 4, 0, 2, 0, 0, 6,
-};
-short yydgoto[] = { 2,
- 3, 4, 5, 6,
-};
-short yysindex[] = { -257,
- 0, 0, 0, -257, 0, -252, 0, -257, -251, 0,
-};
-short yyrindex[] = { 6,
- 1, 0, 0, 3, 0, 0, 0, -250, 0, 0,
-};
-short yygindex[] = { 0,
- -4, 0, 0, 0,
-};
-#define YYTABLESIZE 261
-short yytable[] = { 7,
- 5, 1, 3, 9, 8, 3, 10, 3, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 7, 5, 5,
- 3,
-};
-short yycheck[] = { 4,
- 0, 259, 0, 8, 257, 0, 258, 258, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, -1, -1, 257, 258, 259,
- 258,
-};
-#define YYFINAL 2
-#ifndef YYDEBUG
-#define YYDEBUG 0
-#endif
-#define YYMAXTOKEN 259
-#if YYDEBUG
-char *yyname[] = {
-"end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,"OPENBRACE","CLOSEBRACE","STRING",
-};
-char *yyrule[] = {
-"$accept : toplist",
-"toplist : valuelist",
-"valuelist : value valuelist",
-"valuelist :",
-"value : key_value_pair",
-"value : STRING",
-"key_value_pair : key OPENBRACE valuelist CLOSEBRACE",
-"key : STRING",
-};
-#endif
-#ifndef YYSTYPE
-typedef int YYSTYPE;
-#endif
-#define yyclearin (yychar=(-1))
-#define yyerrok (yyerrflag=0)
-#ifndef YYSTACKSIZE
-#ifdef YYMAXDEPTH
-#define YYSTACKSIZE YYMAXDEPTH
-#else
-#define YYSTACKSIZE 300
-#endif
-#endif
-int yydebug;
-int yynerrs;
-int yyerrflag;
-int yychar;
-short *yyssp;
-YYSTYPE *yyvsp;
-YYSTYPE yyval;
-YYSTYPE yylval;
-#define yystacksize YYSTACKSIZE
-short yyss[YYSTACKSIZE];
-YYSTYPE yyvs[YYSTACKSIZE];
-#line 118 "installparse.y"
-/*----------------------- Program Section --------------------------------*/
-
-/*************************************************************************/
-void
-Pk11Install_yyerror(char *message)
-{
- char *tmp;
- if(Pk11Install_yyerrstr) {
- tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr,
- Pk11Install_yylinenum, message);
- PR_smprintf_free(Pk11Install_yyerrstr);
- } else {
- tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message);
- }
- Pk11Install_yyerrstr=tmp;
-}
-#line 191 "ytab.c"
-#define YYABORT goto yyabort
-#define YYACCEPT goto yyaccept
-#define YYERROR goto yyerrlab
-int
-yyparse()
-{
- register int yym, yyn, yystate;
-#if YYDEBUG
- register char *yys;
- extern char *getenv();
-
- if (yys = getenv("YYDEBUG"))
- {
- yyn = *yys;
- if (yyn >= '0' && yyn <= '9')
- yydebug = yyn - '0';
- }
-#endif
-
- yynerrs = 0;
- yyerrflag = 0;
- yychar = (-1);
-
- yyssp = yyss;
- yyvsp = yyvs;
- *yyssp = yystate = 0;
-
-yyloop:
- if (yyn = yydefred[yystate]) goto yyreduce;
- if (yychar < 0)
- {
- if ((yychar = yylex()) < 0) yychar = 0;
-#if YYDEBUG
- if (yydebug)
- {
- yys = 0;
- if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
- if (!yys) yys = "illegal-symbol";
- printf("yydebug: state %d, reading %d (%s)\n", yystate,
- yychar, yys);
- }
-#endif
- }
- if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
- {
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: state %d, shifting to state %d\n",
- yystate, yytable[yyn]);
-#endif
- if (yyssp >= yyss + yystacksize - 1)
- {
- goto yyoverflow;
- }
- *++yyssp = yystate = yytable[yyn];
- *++yyvsp = yylval;
- yychar = (-1);
- if (yyerrflag > 0) --yyerrflag;
- goto yyloop;
- }
- if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
- {
- yyn = yytable[yyn];
- goto yyreduce;
- }
- if (yyerrflag) goto yyinrecovery;
-#ifdef lint
- goto yynewerror;
-#endif
-yynewerror:
- yyerror("syntax error");
-#ifdef lint
- goto yyerrlab;
-#endif
-yyerrlab:
- ++yynerrs;
-yyinrecovery:
- if (yyerrflag < 3)
- {
- yyerrflag = 3;
- for (;;)
- {
- if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
- {
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: state %d, error recovery shifting\
- to state %d\n", *yyssp, yytable[yyn]);
-#endif
- if (yyssp >= yyss + yystacksize - 1)
- {
- goto yyoverflow;
- }
- *++yyssp = yystate = yytable[yyn];
- *++yyvsp = yylval;
- goto yyloop;
- }
- else
- {
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: error recovery discarding state %d\n",
- *yyssp);
-#endif
- if (yyssp <= yyss) goto yyabort;
- --yyssp;
- --yyvsp;
- }
- }
- }
- else
- {
- if (yychar == 0) goto yyabort;
-#if YYDEBUG
- if (yydebug)
- {
- yys = 0;
- if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
- if (!yys) yys = "illegal-symbol";
- printf("yydebug: state %d, error recovery discards token %d (%s)\n",
- yystate, yychar, yys);
- }
-#endif
- yychar = (-1);
- goto yyloop;
- }
-yyreduce:
-#if YYDEBUG
- if (yydebug)
- printf("yydebug: state %d, reducing by rule %d (%s)\n",
- yystate, yyn, yyrule[yyn]);
-#endif
- yym = yylen[yyn];
- yyval = yyvsp[1-yym];
- switch (yyn)
- {
-case 1:
-#line 84 "installparse.y"
-{
- Pk11Install_valueList = yyvsp[0].list;
-}
-break;
-case 2:
-#line 89 "installparse.y"
-{
- Pk11Install_ValueList_AddItem(yyvsp[0].list,yyvsp[-1].value);
- yyval .list = yyvsp[0].list;
-}
-break;
-case 3:
-#line 94 "installparse.y"
-{
- yyval .list = Pk11Install_ValueList_new();
-}
-break;
-case 4:
-#line 99 "installparse.y"
-{
- yyval .value= Pk11Install_Value_new(PAIR_VALUE,yyvsp[0]);
-}
-break;
-case 5:
-#line 103 "installparse.y"
-{
- yyval .value= Pk11Install_Value_new(STRING_VALUE, yyvsp[0]);
-}
-break;
-case 6:
-#line 108 "installparse.y"
-{
- yyval .pair = Pk11Install_Pair_new(yyvsp[-3].string,yyvsp[-1].list);
-}
-break;
-case 7:
-#line 113 "installparse.y"
-{
- yyval .string = yyvsp[0].string;
-}
-break;
-#line 374 "ytab.c"
- }
- yyssp -= yym;
- yystate = *yyssp;
- yyvsp -= yym;
- yym = yylhs[yyn];
- if (yystate == 0 && yym == 0)
- {
-#ifdef YYDEBUG
- if (yydebug)
- printf("yydebug: after reduction, shifting from state 0 to\
- state %d\n", YYFINAL);
-#endif
- yystate = YYFINAL;
- *++yyssp = YYFINAL;
- *++yyvsp = yyval;
- if (yychar < 0)
- {
- if ((yychar = yylex()) < 0) yychar = 0;
-#if YYDEBUG
- if (yydebug)
- {
- yys = 0;
- if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
- if (!yys) yys = "illegal-symbol";
- printf("yydebug: state %d, reading %d (%s)\n",
- YYFINAL, yychar, yys);
- }
-#endif
- }
- if (yychar == 0) goto yyaccept;
- goto yyloop;
- }
- if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
- yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
- yystate = yytable[yyn];
- else
- yystate = yydgoto[yym];
-#ifdef YYDEBUG
- if (yydebug)
- printf("yydebug: after reduction, shifting from state %d \
-to state %d\n", *yyssp, yystate);
-#endif
- if (yyssp >= yyss + yystacksize - 1)
- {
- goto yyoverflow;
- }
- *++yyssp = yystate;
- *++yyvsp = yyval;
- goto yyloop;
-yyoverflow:
- yyerror("yacc stack overflow");
-yyabort:
- return (1);
-yyaccept:
- return (0);
-}
diff --git a/security/nss/cmd/modutil/installparse.h b/security/nss/cmd/modutil/installparse.h
deleted file mode 100644
index 75686d4fd..000000000
--- a/security/nss/cmd/modutil/installparse.h
+++ /dev/null
@@ -1,3 +0,0 @@
-#define OPENBRACE 257
-#define CLOSEBRACE 258
-#define STRING 259
diff --git a/security/nss/cmd/modutil/installparse.l b/security/nss/cmd/modutil/installparse.l
deleted file mode 100644
index 6befe16cb..000000000
--- a/security/nss/cmd/modutil/installparse.l
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-/* lex file for analyzing PKCS #11 Module installation instructions */
-
-/*----------------------------- Definitions ---------------------------*/
-%{
-#include <string.h>
-
-#include "install-ds.h" /* defines tokens and data structures */
-#include "installparse.h" /* produced by yacc -d */
-#include <prprf.h>
-static char *putSimpleString(char*); /* return copy of string */
-static char *putComplexString(char*); /* strip out quotes, deal with */
- /* escaped characters */
-
-void Pk11Install_yyerror(char *);
-
-/* Overrides to use NSPR */
-#define malloc PR_Malloc
-#define realloc PR_Realloc
-#define free PR_Free
-
-int Pk11Install_yylinenum=1;
-static char *err;
-
-#define YY_NEVER_INTERACTIVE 1
-#define yyunput Pkcs11Install_yyunput
-
-/* This is the default YY_INPUT modified for NSPR */
-#define YY_INPUT(buf,result,max_size) \
- if ( yy_current_buffer->yy_is_interactive ) { \
- char c; \
- int n; \
- for ( n = 0; n < max_size && \
- PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \
- buf[n] = c; \
- } \
- if ( c == '\n' ) { \
- buf[n++] = c; \
- } \
- result = n; \
- } else { \
- result = PR_Read(Pk11Install_FD, buf, max_size); \
- }
-
-%}
-
-/*** Regular expression definitions ***/
-/* simple_string has no whitespace, quotes, or braces */
-simple_string [^ \t\r\n\""{""}"]+
-
-/* complex_string is enclosed in quotes. Inside the quotes, quotes and
- backslashes must be backslash-escaped. No newlines or carriage returns
- are allowed inside the quotes. Otherwise, anything goes. */
-complex_string \"([^\"\\\r\n]|(\\\")|(\\\\))+\"
-
-/* Standard whitespace */
-whitespace [ \t\r]+
-
-other .
-
-/*---------------------------- Actions --------------------------------*/
-%%
-
-"{" return OPENBRACE;
-"}" return CLOSEBRACE;
-{simple_string} {Pk11Install_yylval.string =
- putSimpleString(Pk11Install_yytext);
- return STRING;}
-{complex_string} {Pk11Install_yylval.string =
- putComplexString(Pk11Install_yytext);
- return STRING;}
-
-"\n" Pk11Install_yylinenum++;
-
-{whitespace} ;
-
-{other} {err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext);
- Pk11Install_yyerror(err);
- PR_smprintf_free(err);
- return 1;
- }
-
-%%
-/*------------------------ Program Section ----------------------------*/
-
-PRFileDesc *Pk11Install_FD=NULL;
-
-/*************************************************************************/
-/* dummy function required by lex */
-int Pk11Install_yywrap(void) { return 1;}
-
-/*************************************************************************/
-/* Return a copy of the given string */
-static char*
-putSimpleString(char *str)
-{
- char *tmp = (char*) PR_Malloc(strlen(str)+1);
- strcpy(tmp, str);
- return tmp;
-}
-
-/*************************************************************************/
-/* Strip out quotes, replace escaped characters with what they stand for.
- This function assumes that what is passed in is actually a complex
- string, so error checking is lax. */
-static char*
-putComplexString(char *str)
-{
- int size, i,j;
- char *tmp;
-
- if(!str) {
- return NULL;
- }
- size = strlen(str);
-
- /* Allocate the new space. This string will actually be too big,
- since quotes and backslashes will be stripped out. But that's ok. */
- tmp = (char*) PR_Malloc(size+1);
-
- /* Copy it over */
- for(i=0, j=0; i < size; i++) {
- if(str[i]=='\"') {
- continue; /* skip un-escaped quotes */
- } else if(str[i]=='\\') {
- ++i; /* escaped character. skip the backslash */
- }
- tmp[j++] = str[i];
- }
- tmp[j] = '\0';
-
- return tmp;
-}
diff --git a/security/nss/cmd/modutil/installparse.y b/security/nss/cmd/modutil/installparse.y
deleted file mode 100644
index 6a32e25ab..000000000
--- a/security/nss/cmd/modutil/installparse.y
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* yacc file for parsing PKCS #11 module installation instructions */
-/*------------------------ Definition Section ---------------------------*/
-
-%{
-#define yyparse Pk11Install_yyparse
-#define yylex Pk11Install_yylex
-#define yyerror Pk11Install_yyerror
-#define yychar Pk11Install_yychar
-#define yyval Pk11Install_yyval
-#define yylval Pk11Install_yylval
-#define yydebug Pk11Install_yydebug
-#define yynerrs Pk11Install_yynerrs
-#define yyerrflag Pk11Install_yyerrflag
-#define yyss Pk11Install_yyss
-#define yyssp Pk11Install_yyssp
-#define yyvs Pk11Install_yyvs
-#define yyvsp Pk11Install_yyvsp
-#define yylhs Pk11Install_yylhs
-#define yylen Pk11Install_yylen
-#define yydefred Pk11Install_yydefred
-#define yydgoto Pk11Install_yydgoto
-#define yysindex Pk11Install_yysindex
-#define yyrindex Pk11Install_yyrindex
-#define yygindex Pk11Install_yygindex
-#define yytable Pk11Install_yytable
-#define yycheck Pk11Install_yycheck
-#define yyname Pk11Install_yyname
-#define yyrule Pk11Install_yyrule
-
-/* C Stuff */
-#include "install-ds.h"
-#include <prprf.h>
-
-#define YYSTYPE Pk11Install_Pointer
-extern char *Pk11Install_yytext;
-char *Pk11Install_yyerrstr=NULL;
-
-%}
-
-/* Tokens */
-%token OPENBRACE
-%token CLOSEBRACE
-%token STRING
-%start toplist
-
-%%
-
-/*--------------------------- Productions -------------------------------*/
-
-toplist : valuelist
-{
- Pk11Install_valueList = $1.list;
-}
-
-valuelist : value valuelist
-{
- Pk11Install_ValueList_AddItem($2.list,$1.value);
- $$.list = $2.list;
-}
-|
-{
- $$.list = Pk11Install_ValueList_new();
-};
-
-value : key_value_pair
-{
- $$.value= Pk11Install_Value_new(PAIR_VALUE,$1);
-}
-| STRING
-{
- $$.value= Pk11Install_Value_new(STRING_VALUE, $1);
-};
-
-key_value_pair : key OPENBRACE valuelist CLOSEBRACE
-{
- $$.pair = Pk11Install_Pair_new($1.string,$3.list);
-};
-
-key : STRING
-{
- $$.string = $1.string;
-};
-
-%%
-/*----------------------- Program Section --------------------------------*/
-
-/*************************************************************************/
-void
-Pk11Install_yyerror(char *message)
-{
- char *tmp;
- if(Pk11Install_yyerrstr) {
- tmp=PR_smprintf("%sline %d: %s\n", Pk11Install_yyerrstr,
- Pk11Install_yylinenum, message);
- PR_smprintf_free(Pk11Install_yyerrstr);
- } else {
- tmp = PR_smprintf("line %d: %s\n", Pk11Install_yylinenum, message);
- }
- Pk11Install_yyerrstr=tmp;
-}
diff --git a/security/nss/cmd/modutil/instsec.c b/security/nss/cmd/modutil/instsec.c
deleted file mode 100644
index e6eaa384b..000000000
--- a/security/nss/cmd/modutil/instsec.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <plarena.h>
-#include <prio.h>
-#include <prprf.h>
-#include <seccomon.h>
-#include <secmod.h>
-#include <jar.h>
-#include <secutil.h>
-
-/* These are installation functions that make calls to the security library.
- * We don't want to include security include files in the C++ code too much.
- */
-
-static char* PR_fgets(char *buf, int size, PRFileDesc *file);
-
-/***************************************************************************
- *
- * P k 1 1 I n s t a l l _ A d d N e w M o d u l e
- */
-int
-Pk11Install_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags)
-{
- return (SECMOD_AddNewModule(moduleName, dllPath,
- SECMOD_PubMechFlagstoInternal(defaultMechanismFlags),
- SECMOD_PubCipherFlagstoInternal(cipherEnableFlags))
- == SECSuccess) ? 0 : -1;
-}
-
-/*************************************************************************
- *
- * P k 1 1 I n s t a l l _ U s e r V e r i f y J a r
- *
- * Gives the user feedback on the signatures of a JAR files, asks them
- * whether they actually want to continue.
- * Assumes the jar structure has already been created and is valid.
- * Returns 0 if the user wants to continue the installation, nonzero
- * if the user wishes to abort.
- */
-short
-Pk11Install_UserVerifyJar(JAR *jar, PRFileDesc *out, PRBool query)
-{
- JAR_Context *ctx;
- JAR_Cert *fing;
- JAR_Item *item;
- char stdinbuf[80];
- int count=0;
-
- CERTCertificate *cert, *prev=NULL;
-
- PR_fprintf(out, "\nThis installation JAR file was signed by:\n");
-
- ctx = JAR_find(jar, NULL, jarTypeSign);
-
- while(JAR_find_next(ctx, &item) >= 0 ) {
- fing = (JAR_Cert*) item->data;
- cert = fing->cert;
- if(cert==prev) {
- continue;
- }
-
- count++;
- PR_fprintf(out, "----------------------------------------------\n");
- if(cert) {
- if(cert->nickname) {
- PR_fprintf(out, "**NICKNAME**\n%s\n", cert->nickname);
- }
- if(cert->subjectName) {
- PR_fprintf(out, "**SUBJECT NAME**\n%s\n", cert->subjectName); }
- if(cert->issuerName) {
- PR_fprintf(out, "**ISSUER NAME**\n%s\n", cert->issuerName);
- }
- } else {
- PR_fprintf(out, "No matching certificate could be found.\n");
- }
- PR_fprintf(out, "----------------------------------------------\n\n");
-
- prev=cert;
- }
-
- JAR_find_end(ctx);
-
- if(count==0) {
- PR_fprintf(out, "No signatures found: JAR FILE IS UNSIGNED.\n");
- }
-
- if(query) {
- PR_fprintf(out,
-"Do you wish to continue this installation? (y/n) ");
-
- if(PR_fgets(stdinbuf, 80, PR_STDIN) != NULL) {
- char *response;
-
- if( (response=strtok(stdinbuf, " \t\n\r")) ) {
- if( !PL_strcasecmp(response, "y") ||
- !PL_strcasecmp(response, "yes") ) {
- return 0;
- }
- }
- }
- }
-
- return 1;
-}
-
-/**************************************************************************
- *
- * P R _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-static char*
-PR_fgets(char *buf, int size, PRFileDesc *file)
-{
- int i;
- int status;
- char c;
-
- i=0;
- while(i < size-1) {
- status = PR_Read(file, (void*) &c, 1);
- if(status==-1) {
- return NULL;
- } else if(status==0) {
- break;
- }
- buf[i++] = c;
- if(c=='\n') {
- break;
- }
- }
- buf[i]='\0';
-
- return buf;
-}
-
-/**************************************************************************
- *
- * m y S E C U _ E r r o r S t r i n g
- *
- */
-const char* mySECU_ErrorString(int16 errnum)
-{
- return SECU_Strerror(errnum);
-}
diff --git a/security/nss/cmd/modutil/lex.Pk11Install_yy.c b/security/nss/cmd/modutil/lex.Pk11Install_yy.c
deleted file mode 100644
index 3943503db..000000000
--- a/security/nss/cmd/modutil/lex.Pk11Install_yy.c
+++ /dev/null
@@ -1,1691 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#define yy_create_buffer Pk11Install_yy_create_buffer
-#define yy_delete_buffer Pk11Install_yy_delete_buffer
-#define yy_scan_buffer Pk11Install_yy_scan_buffer
-#define yy_scan_string Pk11Install_yy_scan_string
-#define yy_scan_bytes Pk11Install_yy_scan_bytes
-#define yy_flex_debug Pk11Install_yy_flex_debug
-#define yy_init_buffer Pk11Install_yy_init_buffer
-#define yy_flush_buffer Pk11Install_yy_flush_buffer
-#define yy_load_buffer_state Pk11Install_yy_load_buffer_state
-#define yy_switch_to_buffer Pk11Install_yy_switch_to_buffer
-#define yyin Pk11Install_yyin
-#define yyleng Pk11Install_yyleng
-#define yylex Pk11Install_yylex
-#define yyout Pk11Install_yyout
-#define yyrestart Pk11Install_yyrestart
-#define yytext Pk11Install_yytext
-#define yywrap Pk11Install_yywrap
-
-#line 20 "lex.Pk11Install_yy.c"
-/* A lexical scanner generated by flex */
-
-/* Scanner skeleton version:
- * $Header$
- */
-
-#define FLEX_SCANNER
-#define YY_FLEX_MAJOR_VERSION 2
-#define YY_FLEX_MINOR_VERSION 5
-
-#include <stdio.h>
-
-
-/* cfront 1.2 defines "c_plusplus" instead of "__cplusplus" */
-#ifdef c_plusplus
-#ifndef __cplusplus
-#define __cplusplus
-#endif
-#endif
-
-
-#ifdef __cplusplus
-
-#include <stdlib.h>
-//#include <unistd.h>
-
-/* Use prototypes in function declarations. */
-#define YY_USE_PROTOS
-
-/* The "const" storage-class-modifier is valid. */
-#define YY_USE_CONST
-
-#else /* ! __cplusplus */
-
-#if __STDC__
-
-#define YY_USE_PROTOS
-#define YY_USE_CONST
-
-#endif /* __STDC__ */
-#endif /* ! __cplusplus */
-
-#ifdef __TURBOC__
- #pragma warn -rch
- #pragma warn -use
-#include <io.h>
-#include <stdlib.h>
-#define YY_USE_CONST
-#define YY_USE_PROTOS
-#endif
-
-#ifdef YY_USE_CONST
-#define yyconst const
-#else
-#define yyconst
-#endif
-
-
-#ifdef YY_USE_PROTOS
-#define YY_PROTO(proto) proto
-#else
-#define YY_PROTO(proto) ()
-#endif
-
-/* Returned upon end-of-file. */
-#define YY_NULL 0
-
-/* Promotes a possibly negative, possibly signed char to an unsigned
- * integer for use as an array index. If the signed char is negative,
- * we want to instead treat it as an 8-bit unsigned char, hence the
- * double cast.
- */
-#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
-
-/* Enter a start condition. This macro really ought to take a parameter,
- * but we do it the disgusting crufty way forced on us by the ()-less
- * definition of BEGIN.
- */
-#define BEGIN yy_start = 1 + 2 *
-
-/* Translate the current start state into a value that can be later handed
- * to BEGIN to return to the state. The YYSTATE alias is for lex
- * compatibility.
- */
-#define YY_START ((yy_start - 1) / 2)
-#define YYSTATE YY_START
-
-/* Action number for EOF rule of a given start state. */
-#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
-
-/* Special action meaning "start processing a new file". */
-#define YY_NEW_FILE yyrestart( yyin )
-
-#define YY_END_OF_BUFFER_CHAR 0
-
-/* Size of default input buffer. */
-#define YY_BUF_SIZE 16384
-
-typedef struct yy_buffer_state *YY_BUFFER_STATE;
-
-extern int yyleng;
-extern FILE *yyin, *yyout;
-
-#define EOB_ACT_CONTINUE_SCAN 0
-#define EOB_ACT_END_OF_FILE 1
-#define EOB_ACT_LAST_MATCH 2
-
-/* The funky do-while in the following #define is used to turn the definition
- * int a single C statement (which needs a semi-colon terminator). This
- * avoids problems with code like:
- *
- * if ( condition_holds )
- * yyless( 5 );
- * else
- * do_something_else();
- *
- * Prior to using the do-while the compiler would get upset at the
- * "else" because it interpreted the "if" statement as being all
- * done when it reached the ';' after the yyless() call.
- */
-
-/* Return all but the first 'n' matched characters back to the input stream. */
-
-#define yyless(n) \
- do \
- { \
- /* Undo effects of setting up yytext. */ \
- *yy_cp = yy_hold_char; \
- YY_RESTORE_YY_MORE_OFFSET \
- yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \
- YY_DO_BEFORE_ACTION; /* set up yytext again */ \
- } \
- while ( 0 )
-
-#define unput(c) yyunput( c, yytext_ptr )
-
-/* The following is because we cannot portably get our hands on size_t
- * (without autoconf's help, which isn't available because we want
- * flex-generated scanners to compile on their own).
- */
-typedef unsigned int yy_size_t;
-
-
-struct yy_buffer_state
- {
- FILE *yy_input_file;
-
- char *yy_ch_buf; /* input buffer */
- char *yy_buf_pos; /* current position in input buffer */
-
- /* Size of input buffer in bytes, not including room for EOB
- * characters.
- */
- yy_size_t yy_buf_size;
-
- /* Number of characters read into yy_ch_buf, not including EOB
- * characters.
- */
- int yy_n_chars;
-
- /* Whether we "own" the buffer - i.e., we know we created it,
- * and can realloc() it to grow it, and should free() it to
- * delete it.
- */
- int yy_is_our_buffer;
-
- /* Whether this is an "interactive" input source; if so, and
- * if we're using stdio for input, then we want to use getc()
- * instead of fread(), to make sure we stop fetching input after
- * each newline.
- */
- int yy_is_interactive;
-
- /* Whether we're considered to be at the beginning of a line.
- * If so, '^' rules will be active on the next match, otherwise
- * not.
- */
- int yy_at_bol;
-
- /* Whether to try to fill the input buffer when we reach the
- * end of it.
- */
- int yy_fill_buffer;
-
- int yy_buffer_status;
-#define YY_BUFFER_NEW 0
-#define YY_BUFFER_NORMAL 1
- /* When an EOF's been seen but there's still some text to process
- * then we mark the buffer as YY_EOF_PENDING, to indicate that we
- * shouldn't try reading from the input source any more. We might
- * still have a bunch of tokens to match, though, because of
- * possible backing-up.
- *
- * When we actually see the EOF, we change the status to "new"
- * (via yyrestart()), so that the user can continue scanning by
- * just pointing yyin at a new input file.
- */
-#define YY_BUFFER_EOF_PENDING 2
- };
-
-static YY_BUFFER_STATE yy_current_buffer = 0;
-
-/* We provide macros for accessing buffer states in case in the
- * future we want to put the buffer states in a more general
- * "scanner state".
- */
-#define YY_CURRENT_BUFFER yy_current_buffer
-
-
-/* yy_hold_char holds the character lost when yytext is formed. */
-static char yy_hold_char;
-
-static int yy_n_chars; /* number of characters read into yy_ch_buf */
-
-
-int yyleng;
-
-/* Points to current character in buffer. */
-static char *yy_c_buf_p = (char *) 0;
-static int yy_init = 1; /* whether we need to initialize */
-static int yy_start = 0; /* start state number */
-
-/* Flag which is used to allow yywrap()'s to do buffer switches
- * instead of setting up a fresh yyin. A bit of a hack ...
- */
-static int yy_did_buffer_switch_on_eof;
-
-void yyrestart YY_PROTO(( FILE *input_file ));
-
-void yy_switch_to_buffer YY_PROTO(( YY_BUFFER_STATE new_buffer ));
-void yy_load_buffer_state YY_PROTO(( void ));
-YY_BUFFER_STATE yy_create_buffer YY_PROTO(( FILE *file, int size ));
-void yy_delete_buffer YY_PROTO(( YY_BUFFER_STATE b ));
-void yy_init_buffer YY_PROTO(( YY_BUFFER_STATE b, FILE *file ));
-void yy_flush_buffer YY_PROTO(( YY_BUFFER_STATE b ));
-#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer )
-
-YY_BUFFER_STATE yy_scan_buffer YY_PROTO(( char *base, yy_size_t size ));
-YY_BUFFER_STATE yy_scan_string YY_PROTO(( yyconst char *yy_str ));
-YY_BUFFER_STATE yy_scan_bytes YY_PROTO(( yyconst char *bytes, int len ));
-
-static void *yy_flex_alloc YY_PROTO(( yy_size_t ));
-static void *yy_flex_realloc YY_PROTO(( void *, yy_size_t ));
-static void yy_flex_free YY_PROTO(( void * ));
-
-#define yy_new_buffer yy_create_buffer
-
-#define yy_set_interactive(is_interactive) \
- { \
- if ( ! yy_current_buffer ) \
- yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
- yy_current_buffer->yy_is_interactive = is_interactive; \
- }
-
-#define yy_set_bol(at_bol) \
- { \
- if ( ! yy_current_buffer ) \
- yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
- yy_current_buffer->yy_at_bol = at_bol; \
- }
-
-#define YY_AT_BOL() (yy_current_buffer->yy_at_bol)
-
-typedef unsigned char YY_CHAR;
-FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
-typedef int yy_state_type;
-extern char *yytext;
-#define yytext_ptr yytext
-
-static yy_state_type yy_get_previous_state YY_PROTO(( void ));
-static yy_state_type yy_try_NUL_trans YY_PROTO(( yy_state_type current_state ));
-static int yy_get_next_buffer YY_PROTO(( void ));
-static void yy_fatal_error YY_PROTO(( yyconst char msg[] ));
-
-/* Done after the current pattern has been matched and before the
- * corresponding action - sets up yytext.
- */
-#define YY_DO_BEFORE_ACTION \
- yytext_ptr = yy_bp; \
- yyleng = (int) (yy_cp - yy_bp); \
- yy_hold_char = *yy_cp; \
- *yy_cp = '\0'; \
- yy_c_buf_p = yy_cp;
-
-#define YY_NUM_RULES 8
-#define YY_END_OF_BUFFER 9
-static yyconst short int yy_accept[16] =
- { 0,
- 0, 0, 9, 3, 6, 5, 7, 1, 2, 3,
- 6, 0, 0, 4, 0
- } ;
-
-static yyconst int yy_ec[256] =
- { 0,
- 1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
- 1, 1, 4, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 2, 1, 5, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 6, 1, 1, 1, 1, 1, 1, 1, 1,
-
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 7, 1, 8, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
- 1, 1, 1, 1, 1
- } ;
-
-static yyconst int yy_meta[9] =
- { 0,
- 1, 2, 3, 4, 3, 1, 5, 5
- } ;
-
-static yyconst short int yy_base[19] =
- { 0,
- 0, 0, 19, 0, 0, 21, 12, 21, 21, 0,
- 0, 4, 6, 21, 21, 13, 11, 15
- } ;
-
-static yyconst short int yy_def[19] =
- { 0,
- 15, 1, 15, 16, 17, 15, 18, 15, 15, 16,
- 17, 18, 15, 15, 0, 15, 15, 15
- } ;
-
-static yyconst short int yy_nxt[30] =
- { 0,
- 4, 5, 6, 5, 7, 4, 8, 9, 14, 13,
- 12, 12, 11, 10, 11, 12, 12, 13, 15, 12,
- 3, 15, 15, 15, 15, 15, 15, 15, 15
- } ;
-
-static yyconst short int yy_chk[30] =
- { 0,
- 1, 1, 1, 1, 1, 1, 1, 1, 12, 12,
- 13, 13, 17, 16, 17, 18, 18, 7, 3, 18,
- 15, 15, 15, 15, 15, 15, 15, 15, 15
- } ;
-
-static yy_state_type yy_last_accepting_state;
-static char *yy_last_accepting_cpos;
-
-/* The intent behind this definition is that it'll catch
- * any uses of REJECT which flex missed.
- */
-#define REJECT reject_used_but_not_detected
-#define yymore() yymore_used_but_not_detected
-#define YY_MORE_ADJ 0
-#define YY_RESTORE_YY_MORE_OFFSET
-char *yytext;
-#line 1 "installparse.l"
-#define INITIAL 0
-/* lex file for analyzing PKCS #11 Module installation instructions */
-/*----------------------------- Definitions ---------------------------*/
-#line 5 "installparse.l"
-#include <string.h>
-
-#include "install-ds.h" /* defines tokens and data structures */
-#include "installparse.h" /* produced by yacc -d */
-#include <prprf.h>
-static char *putSimpleString(char*); /* return copy of string */
-static char *putComplexString(char*); /* strip out quotes, deal with */
- /* escaped characters */
-
-void Pk11Install_yyerror(char *);
-
-/* Overrides to use NSPR */
-#define malloc PR_Malloc
-#define realloc PR_Realloc
-#define free PR_Free
-
-int Pk11Install_yylinenum=1;
-static char *err;
-
-#define YY_NEVER_INTERACTIVE 1
-#define yyunput Pkcs11Install_yyunput
-
-/* This is the default YY_INPUT modified for NSPR */
-#define YY_INPUT(buf,result,max_size) \
- if ( yy_current_buffer->yy_is_interactive ) { \
- char c; \
- int n; \
- for ( n = 0; n < max_size && \
- PR_Read(Pk11Install_FD, &c, 1)==1 && c != '\n'; ++n ) { \
- buf[n] = c; \
- } \
- if ( c == '\n' ) { \
- buf[n++] = c; \
- } \
- result = n; \
- } else { \
- result = PR_Read(Pk11Install_FD, buf, max_size); \
- }
-
-/*** Regular expression definitions ***/
-/* simple_string has no whitespace, quotes, or braces */
-/* complex_string is enclosed in quotes. Inside the quotes, quotes and
- backslashes must be backslash-escaped. Otherwise, anything goes. */
-/* Standard whitespace */
-/*---------------------------- Actions --------------------------------*/
-#line 437 "lex.Pk11Install_yy.cpp"
-
-/* Macros after this point can all be overridden by user definitions in
- * section 1.
- */
-
-#ifndef YY_SKIP_YYWRAP
-#ifdef __cplusplus
-extern "C" int yywrap YY_PROTO(( void ));
-#else
-extern int yywrap YY_PROTO(( void ));
-#endif
-#endif
-
-#ifndef YY_NO_UNPUT
-static void yyunput YY_PROTO(( int c, char *buf_ptr ));
-#endif
-
-#ifndef yytext_ptr
-static void yy_flex_strncpy YY_PROTO(( char *, yyconst char *, int ));
-#endif
-
-#ifdef YY_NEED_STRLEN
-static int yy_flex_strlen YY_PROTO(( yyconst char * ));
-#endif
-
-#ifndef YY_NO_INPUT
-#ifdef __cplusplus
-static int yyinput YY_PROTO(( void ));
-#else
-static int input YY_PROTO(( void ));
-#endif
-#endif
-
-#if YY_STACK_USED
-static int yy_start_stack_ptr = 0;
-static int yy_start_stack_depth = 0;
-static int *yy_start_stack = 0;
-#ifndef YY_NO_PUSH_STATE
-static void yy_push_state YY_PROTO(( int new_state ));
-#endif
-#ifndef YY_NO_POP_STATE
-static void yy_pop_state YY_PROTO(( void ));
-#endif
-#ifndef YY_NO_TOP_STATE
-static int yy_top_state YY_PROTO(( void ));
-#endif
-
-#else
-#define YY_NO_PUSH_STATE 1
-#define YY_NO_POP_STATE 1
-#define YY_NO_TOP_STATE 1
-#endif
-
-#ifdef YY_MALLOC_DECL
-YY_MALLOC_DECL
-#else
-#if __STDC__
-#ifndef __cplusplus
-#include <stdlib.h>
-#endif
-#else
-/* Just try to get by without declaring the routines. This will fail
- * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int)
- * or sizeof(void*) != sizeof(int).
- */
-#endif
-#endif
-
-/* Amount of stuff to slurp up with each read. */
-#ifndef YY_READ_BUF_SIZE
-#define YY_READ_BUF_SIZE 8192
-#endif
-
-/* Copy whatever the last rule matched to the standard output. */
-
-#ifndef ECHO
-/* This used to be an fputs(), but since the string might contain NUL's,
- * we now use fwrite().
- */
-#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )
-#endif
-
-/* Gets input and stuffs it into "buf". number of characters read, or YY_NULL,
- * is returned in "result".
- */
-#ifndef YY_INPUT
-#define YY_INPUT(buf,result,max_size) \
- if ( yy_current_buffer->yy_is_interactive ) \
- { \
- int c = '*', n; \
- for ( n = 0; n < max_size && \
- (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
- buf[n] = (char) c; \
- if ( c == '\n' ) \
- buf[n++] = (char) c; \
- if ( c == EOF && ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" ); \
- result = n; \
- } \
- else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \
- && ferror( yyin ) ) \
- YY_FATAL_ERROR( "input in flex scanner failed" );
-#endif
-
-/* No semi-colon after return; correct usage is to write "yyterminate();" -
- * we don't want an extra ';' after the "return" because that will cause
- * some compilers to complain about unreachable statements.
- */
-#ifndef yyterminate
-#define yyterminate() return YY_NULL
-#endif
-
-/* Number of entries by which start-condition stack grows. */
-#ifndef YY_START_STACK_INCR
-#define YY_START_STACK_INCR 25
-#endif
-
-/* Report a fatal error. */
-#ifndef YY_FATAL_ERROR
-#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
-#endif
-
-/* Default declaration of generated scanner - a define so the user can
- * easily add parameters.
- */
-#ifndef YY_DECL
-#define YY_DECL int yylex YY_PROTO(( void ))
-#endif
-
-/* Code executed at the beginning of each rule, after yytext and yyleng
- * have been set up.
- */
-#ifndef YY_USER_ACTION
-#define YY_USER_ACTION
-#endif
-
-/* Code executed at the end of each rule. */
-#ifndef YY_BREAK
-#define YY_BREAK break;
-#endif
-
-#define YY_RULE_SETUP \
- YY_USER_ACTION
-
-YY_DECL
- {
- register yy_state_type yy_current_state;
- register char *yy_cp, *yy_bp;
- register int yy_act;
-
-#line 60 "installparse.l"
-
-
-#line 591 "lex.Pk11Install_yy.cpp"
-
- if ( yy_init )
- {
- yy_init = 0;
-
-#ifdef YY_USER_INIT
- YY_USER_INIT;
-#endif
-
- if ( ! yy_start )
- yy_start = 1; /* first start state */
-
- if ( ! yyin )
- yyin = stdin;
-
- if ( ! yyout )
- yyout = stdout;
-
- if ( ! yy_current_buffer )
- yy_current_buffer =
- yy_create_buffer( yyin, YY_BUF_SIZE );
-
- yy_load_buffer_state();
- }
-
- while ( 1 ) /* loops until end-of-file is reached */
- {
- yy_cp = yy_c_buf_p;
-
- /* Support of yytext. */
- *yy_cp = yy_hold_char;
-
- /* yy_bp points to the position in yy_ch_buf of the start of
- * the current run.
- */
- yy_bp = yy_cp;
-
- yy_current_state = yy_start;
-yy_match:
- do
- {
- register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
- if ( yy_accept[yy_current_state] )
- {
- yy_last_accepting_state = yy_current_state;
- yy_last_accepting_cpos = yy_cp;
- }
- while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
- {
- yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 16 )
- yy_c = yy_meta[(unsigned int) yy_c];
- }
- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- ++yy_cp;
- }
- while ( yy_base[yy_current_state] != 21 );
-
-yy_find_action:
- yy_act = yy_accept[yy_current_state];
- if ( yy_act == 0 )
- { /* have to back up */
- yy_cp = yy_last_accepting_cpos;
- yy_current_state = yy_last_accepting_state;
- yy_act = yy_accept[yy_current_state];
- }
-
- YY_DO_BEFORE_ACTION;
-
-
-do_action: /* This label is used only to access EOF actions. */
-
-
- switch ( yy_act )
- { /* beginning of action switch */
- case 0: /* must back up */
- /* undo the effects of YY_DO_BEFORE_ACTION */
- *yy_cp = yy_hold_char;
- yy_cp = yy_last_accepting_cpos;
- yy_current_state = yy_last_accepting_state;
- goto yy_find_action;
-
-case 1:
-YY_RULE_SETUP
-#line 62 "installparse.l"
-return OPENBRACE;
- YY_BREAK
-case 2:
-YY_RULE_SETUP
-#line 63 "installparse.l"
-return CLOSEBRACE;
- YY_BREAK
-case 3:
-YY_RULE_SETUP
-#line 64 "installparse.l"
-{Pk11Install_yylval.string =
- putSimpleString(Pk11Install_yytext);
- return STRING;}
- YY_BREAK
-case 4:
-YY_RULE_SETUP
-#line 67 "installparse.l"
-{Pk11Install_yylval.string =
- putComplexString(Pk11Install_yytext);
- return STRING;}
- YY_BREAK
-case 5:
-YY_RULE_SETUP
-#line 71 "installparse.l"
-Pk11Install_yylinenum++;
- YY_BREAK
-case 6:
-YY_RULE_SETUP
-#line 73 "installparse.l"
-;
- YY_BREAK
-case 7:
-YY_RULE_SETUP
-#line 75 "installparse.l"
-{err = PR_smprintf("Invalid lexeme: %s",Pk11Install_yytext);
- Pk11Install_yyerror(err);
- PR_smprintf_free(err);
- return 1;
- }
- YY_BREAK
-case 8:
-YY_RULE_SETUP
-#line 81 "installparse.l"
-ECHO;
- YY_BREAK
-#line 722 "lex.Pk11Install_yy.cpp"
-case YY_STATE_EOF(INITIAL):
- yyterminate();
-
- case YY_END_OF_BUFFER:
- {
- /* Amount of text matched not including the EOB char. */
- int yy_amount_of_matched_text = (int) (yy_cp - yytext_ptr) - 1;
-
- /* Undo the effects of YY_DO_BEFORE_ACTION. */
- *yy_cp = yy_hold_char;
- YY_RESTORE_YY_MORE_OFFSET
-
- if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_NEW )
- {
- /* We're scanning a new file or input source. It's
- * possible that this happened because the user
- * just pointed yyin at a new source and called
- * yylex(). If so, then we have to assure
- * consistency between yy_current_buffer and our
- * globals. Here is the right place to do so, because
- * this is the first action (other than possibly a
- * back-up) that will match for the new input source.
- */
- yy_n_chars = yy_current_buffer->yy_n_chars;
- yy_current_buffer->yy_input_file = yyin;
- yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL;
- }
-
- /* Note that here we test for yy_c_buf_p "<=" to the position
- * of the first EOB in the buffer, since yy_c_buf_p will
- * already have been incremented past the NUL character
- * (since all states make transitions on EOB to the
- * end-of-buffer state). Contrast this with the test
- * in input().
- */
- if ( yy_c_buf_p <= &yy_current_buffer->yy_ch_buf[yy_n_chars] )
- { /* This was really a NUL. */
- yy_state_type yy_next_state;
-
- yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text;
-
- yy_current_state = yy_get_previous_state();
-
- /* Okay, we're now positioned to make the NUL
- * transition. We couldn't have
- * yy_get_previous_state() go ahead and do it
- * for us because it doesn't know how to deal
- * with the possibility of jamming (and we don't
- * want to build jamming into it because then it
- * will run more slowly).
- */
-
- yy_next_state = yy_try_NUL_trans( yy_current_state );
-
- yy_bp = yytext_ptr + YY_MORE_ADJ;
-
- if ( yy_next_state )
- {
- /* Consume the NUL. */
- yy_cp = ++yy_c_buf_p;
- yy_current_state = yy_next_state;
- goto yy_match;
- }
-
- else
- {
- yy_cp = yy_c_buf_p;
- goto yy_find_action;
- }
- }
-
- else switch ( yy_get_next_buffer() )
- {
- case EOB_ACT_END_OF_FILE:
- {
- yy_did_buffer_switch_on_eof = 0;
-
- if ( yywrap() )
- {
- /* Note: because we've taken care in
- * yy_get_next_buffer() to have set up
- * yytext, we can now set up
- * yy_c_buf_p so that if some total
- * hoser (like flex itself) wants to
- * call the scanner after we return the
- * YY_NULL, it'll still work - another
- * YY_NULL will get returned.
- */
- yy_c_buf_p = yytext_ptr + YY_MORE_ADJ;
-
- yy_act = YY_STATE_EOF(YY_START);
- goto do_action;
- }
-
- else
- {
- if ( ! yy_did_buffer_switch_on_eof )
- YY_NEW_FILE;
- }
- break;
- }
-
- case EOB_ACT_CONTINUE_SCAN:
- yy_c_buf_p =
- yytext_ptr + yy_amount_of_matched_text;
-
- yy_current_state = yy_get_previous_state();
-
- yy_cp = yy_c_buf_p;
- yy_bp = yytext_ptr + YY_MORE_ADJ;
- goto yy_match;
-
- case EOB_ACT_LAST_MATCH:
- yy_c_buf_p =
- &yy_current_buffer->yy_ch_buf[yy_n_chars];
-
- yy_current_state = yy_get_previous_state();
-
- yy_cp = yy_c_buf_p;
- yy_bp = yytext_ptr + YY_MORE_ADJ;
- goto yy_find_action;
- }
- break;
- }
-
- default:
- YY_FATAL_ERROR(
- "fatal flex scanner internal error--no action found" );
- } /* end of action switch */
- } /* end of scanning one token */
- } /* end of yylex */
-
-
-/* yy_get_next_buffer - try to read in a new buffer
- *
- * Returns a code representing an action:
- * EOB_ACT_LAST_MATCH -
- * EOB_ACT_CONTINUE_SCAN - continue scanning from current position
- * EOB_ACT_END_OF_FILE - end of file
- */
-
-static int yy_get_next_buffer()
- {
- register char *dest = yy_current_buffer->yy_ch_buf;
- register char *source = yytext_ptr;
- register int number_to_move, i;
- int ret_val;
-
- if ( yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1] )
- YY_FATAL_ERROR(
- "fatal flex scanner internal error--end of buffer missed" );
-
- if ( yy_current_buffer->yy_fill_buffer == 0 )
- { /* Don't try to fill the buffer, so this is an EOF. */
- if ( yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1 )
- {
- /* We matched a single character, the EOB, so
- * treat this as a final EOF.
- */
- return EOB_ACT_END_OF_FILE;
- }
-
- else
- {
- /* We matched some text prior to the EOB, first
- * process it.
- */
- return EOB_ACT_LAST_MATCH;
- }
- }
-
- /* Try to read more data. */
-
- /* First move last chars to start of buffer. */
- number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1;
-
- for ( i = 0; i < number_to_move; ++i )
- *(dest++) = *(source++);
-
- if ( yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING )
- /* don't do the read, it's not guaranteed to return an EOF,
- * just force an EOF
- */
- yy_current_buffer->yy_n_chars = yy_n_chars = 0;
-
- else
- {
- int num_to_read =
- yy_current_buffer->yy_buf_size - number_to_move - 1;
-
- while ( num_to_read <= 0 )
- { /* Not enough room in the buffer - grow it. */
-#ifdef YY_USES_REJECT
- YY_FATAL_ERROR(
-"input buffer overflow, can't enlarge buffer because scanner uses REJECT" );
-#else
-
- /* just a shorter name for the current buffer */
- YY_BUFFER_STATE b = yy_current_buffer;
-
- int yy_c_buf_p_offset =
- (int) (yy_c_buf_p - b->yy_ch_buf);
-
- if ( b->yy_is_our_buffer )
- {
- int new_size = b->yy_buf_size * 2;
-
- if ( new_size <= 0 )
- b->yy_buf_size += b->yy_buf_size / 8;
- else
- b->yy_buf_size *= 2;
-
- b->yy_ch_buf = (char *)
- /* Include room in for 2 EOB chars. */
- yy_flex_realloc( (void *) b->yy_ch_buf,
- b->yy_buf_size + 2 );
- }
- else
- /* Can't grow it, we don't own it. */
- b->yy_ch_buf = 0;
-
- if ( ! b->yy_ch_buf )
- YY_FATAL_ERROR(
- "fatal error - scanner input buffer overflow" );
-
- yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset];
-
- num_to_read = yy_current_buffer->yy_buf_size -
- number_to_move - 1;
-#endif
- }
-
- if ( num_to_read > YY_READ_BUF_SIZE )
- num_to_read = YY_READ_BUF_SIZE;
-
- /* Read in more data. */
- YY_INPUT( (&yy_current_buffer->yy_ch_buf[number_to_move]),
- yy_n_chars, num_to_read );
-
- yy_current_buffer->yy_n_chars = yy_n_chars;
- }
-
- if ( yy_n_chars == 0 )
- {
- if ( number_to_move == YY_MORE_ADJ )
- {
- ret_val = EOB_ACT_END_OF_FILE;
- yyrestart( yyin );
- }
-
- else
- {
- ret_val = EOB_ACT_LAST_MATCH;
- yy_current_buffer->yy_buffer_status =
- YY_BUFFER_EOF_PENDING;
- }
- }
-
- else
- ret_val = EOB_ACT_CONTINUE_SCAN;
-
- yy_n_chars += number_to_move;
- yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR;
- yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR;
-
- yytext_ptr = &yy_current_buffer->yy_ch_buf[0];
-
- return ret_val;
- }
-
-
-/* yy_get_previous_state - get the state just before the EOB char was reached */
-
-static yy_state_type yy_get_previous_state()
- {
- register yy_state_type yy_current_state;
- register char *yy_cp;
-
- yy_current_state = yy_start;
-
- for ( yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp )
- {
- register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
- if ( yy_accept[yy_current_state] )
- {
- yy_last_accepting_state = yy_current_state;
- yy_last_accepting_cpos = yy_cp;
- }
- while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
- {
- yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 16 )
- yy_c = yy_meta[(unsigned int) yy_c];
- }
- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- }
-
- return yy_current_state;
- }
-
-
-/* yy_try_NUL_trans - try to make a transition on the NUL character
- *
- * synopsis
- * next_state = yy_try_NUL_trans( current_state );
- */
-
-#ifdef YY_USE_PROTOS
-static yy_state_type yy_try_NUL_trans( yy_state_type yy_current_state )
-#else
-static yy_state_type yy_try_NUL_trans( yy_current_state )
-yy_state_type yy_current_state;
-#endif
- {
- register int yy_is_jam;
- register char *yy_cp = yy_c_buf_p;
-
- register YY_CHAR yy_c = 1;
- if ( yy_accept[yy_current_state] )
- {
- yy_last_accepting_state = yy_current_state;
- yy_last_accepting_cpos = yy_cp;
- }
- while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state )
- {
- yy_current_state = (int) yy_def[yy_current_state];
- if ( yy_current_state >= 16 )
- yy_c = yy_meta[(unsigned int) yy_c];
- }
- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
- yy_is_jam = (yy_current_state == 15);
-
- return yy_is_jam ? 0 : yy_current_state;
- }
-
-
-#ifndef YY_NO_UNPUT
-#ifdef YY_USE_PROTOS
-static void yyunput( int c, register char *yy_bp )
-#else
-static void yyunput( c, yy_bp )
-int c;
-register char *yy_bp;
-#endif
- {
- register char *yy_cp = yy_c_buf_p;
-
- /* undo effects of setting up yytext */
- *yy_cp = yy_hold_char;
-
- if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 )
- { /* need to shift things up to make room */
- /* +2 for EOB chars. */
- register int number_to_move = yy_n_chars + 2;
- register char *dest = &yy_current_buffer->yy_ch_buf[
- yy_current_buffer->yy_buf_size + 2];
- register char *source =
- &yy_current_buffer->yy_ch_buf[number_to_move];
-
- while ( source > yy_current_buffer->yy_ch_buf )
- *--dest = *--source;
-
- yy_cp += (int) (dest - source);
- yy_bp += (int) (dest - source);
- yy_current_buffer->yy_n_chars =
- yy_n_chars = yy_current_buffer->yy_buf_size;
-
- if ( yy_cp < yy_current_buffer->yy_ch_buf + 2 )
- YY_FATAL_ERROR( "flex scanner push-back overflow" );
- }
-
- *--yy_cp = (char) c;
-
-
- yytext_ptr = yy_bp;
- yy_hold_char = *yy_cp;
- yy_c_buf_p = yy_cp;
- }
-#endif /* ifndef YY_NO_UNPUT */
-
-
-#ifdef __cplusplus
-static int yyinput()
-#else
-static int input()
-#endif
- {
- int c;
-
- *yy_c_buf_p = yy_hold_char;
-
- if ( *yy_c_buf_p == YY_END_OF_BUFFER_CHAR )
- {
- /* yy_c_buf_p now points to the character we want to return.
- * If this occurs *before* the EOB characters, then it's a
- * valid NUL; if not, then we've hit the end of the buffer.
- */
- if ( yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars] )
- /* This was really a NUL. */
- *yy_c_buf_p = '\0';
-
- else
- { /* need more input */
- int offset = yy_c_buf_p - yytext_ptr;
- ++yy_c_buf_p;
-
- switch ( yy_get_next_buffer() )
- {
- case EOB_ACT_LAST_MATCH:
- /* This happens because yy_g_n_b()
- * sees that we've accumulated a
- * token and flags that we need to
- * try matching the token before
- * proceeding. But for input(),
- * there's no matching to consider.
- * So convert the EOB_ACT_LAST_MATCH
- * to EOB_ACT_END_OF_FILE.
- */
-
- /* Reset buffer status. */
- yyrestart( yyin );
-
- /* fall through */
-
- case EOB_ACT_END_OF_FILE:
- {
- if ( yywrap() )
- return EOF;
-
- if ( ! yy_did_buffer_switch_on_eof )
- YY_NEW_FILE;
-#ifdef __cplusplus
- return yyinput();
-#else
- return input();
-#endif
- }
-
- case EOB_ACT_CONTINUE_SCAN:
- yy_c_buf_p = yytext_ptr + offset;
- break;
- }
- }
- }
-
- c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */
- *yy_c_buf_p = '\0'; /* preserve yytext */
- yy_hold_char = *++yy_c_buf_p;
-
-
- return c;
- }
-
-
-#ifdef YY_USE_PROTOS
-void yyrestart( FILE *input_file )
-#else
-void yyrestart( input_file )
-FILE *input_file;
-#endif
- {
- if ( ! yy_current_buffer )
- yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE );
-
- yy_init_buffer( yy_current_buffer, input_file );
- yy_load_buffer_state();
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_switch_to_buffer( YY_BUFFER_STATE new_buffer )
-#else
-void yy_switch_to_buffer( new_buffer )
-YY_BUFFER_STATE new_buffer;
-#endif
- {
- if ( yy_current_buffer == new_buffer )
- return;
-
- if ( yy_current_buffer )
- {
- /* Flush out information for old buffer. */
- *yy_c_buf_p = yy_hold_char;
- yy_current_buffer->yy_buf_pos = yy_c_buf_p;
- yy_current_buffer->yy_n_chars = yy_n_chars;
- }
-
- yy_current_buffer = new_buffer;
- yy_load_buffer_state();
-
- /* We don't actually know whether we did this switch during
- * EOF (yywrap()) processing, but the only time this flag
- * is looked at is after yywrap() is called, so it's safe
- * to go ahead and always set it.
- */
- yy_did_buffer_switch_on_eof = 1;
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_load_buffer_state( void )
-#else
-void yy_load_buffer_state()
-#endif
- {
- yy_n_chars = yy_current_buffer->yy_n_chars;
- yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos;
- yyin = yy_current_buffer->yy_input_file;
- yy_hold_char = *yy_c_buf_p;
- }
-
-
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_create_buffer( FILE *file, int size )
-#else
-YY_BUFFER_STATE yy_create_buffer( file, size )
-FILE *file;
-int size;
-#endif
- {
- YY_BUFFER_STATE b;
-
- b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) );
- if ( ! b )
- YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
-
- b->yy_buf_size = size;
-
- /* yy_ch_buf has to be 2 characters longer than the size given because
- * we need to put in 2 end-of-buffer characters.
- */
- b->yy_ch_buf = (char *) yy_flex_alloc( b->yy_buf_size + 2 );
- if ( ! b->yy_ch_buf )
- YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
-
- b->yy_is_our_buffer = 1;
-
- yy_init_buffer( b, file );
-
- return b;
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_delete_buffer( YY_BUFFER_STATE b )
-#else
-void yy_delete_buffer( b )
-YY_BUFFER_STATE b;
-#endif
- {
- if ( ! b )
- return;
-
- if ( b == yy_current_buffer )
- yy_current_buffer = (YY_BUFFER_STATE) 0;
-
- if ( b->yy_is_our_buffer )
- yy_flex_free( (void *) b->yy_ch_buf );
-
- yy_flex_free( (void *) b );
- }
-
-
-#ifndef YY_ALWAYS_INTERACTIVE
-#ifndef YY_NEVER_INTERACTIVE
-extern int isatty YY_PROTO(( int ));
-#endif
-#endif
-
-#ifdef YY_USE_PROTOS
-void yy_init_buffer( YY_BUFFER_STATE b, FILE *file )
-#else
-void yy_init_buffer( b, file )
-YY_BUFFER_STATE b;
-FILE *file;
-#endif
-
-
- {
- yy_flush_buffer( b );
-
- b->yy_input_file = file;
- b->yy_fill_buffer = 1;
-
-#if YY_ALWAYS_INTERACTIVE
- b->yy_is_interactive = 1;
-#else
-#if YY_NEVER_INTERACTIVE
- b->yy_is_interactive = 0;
-#else
- b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0;
-#endif
-#endif
- }
-
-
-#ifdef YY_USE_PROTOS
-void yy_flush_buffer( YY_BUFFER_STATE b )
-#else
-void yy_flush_buffer( b )
-YY_BUFFER_STATE b;
-#endif
-
- {
- if ( ! b )
- return;
-
- b->yy_n_chars = 0;
-
- /* We always need two end-of-buffer characters. The first causes
- * a transition to the end-of-buffer state. The second causes
- * a jam in that state.
- */
- b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
- b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
-
- b->yy_buf_pos = &b->yy_ch_buf[0];
-
- b->yy_at_bol = 1;
- b->yy_buffer_status = YY_BUFFER_NEW;
-
- if ( b == yy_current_buffer )
- yy_load_buffer_state();
- }
-
-
-#ifndef YY_NO_SCAN_BUFFER
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_buffer( char *base, yy_size_t size )
-#else
-YY_BUFFER_STATE yy_scan_buffer( base, size )
-char *base;
-yy_size_t size;
-#endif
- {
- YY_BUFFER_STATE b;
-
- if ( size < 2 ||
- base[size-2] != YY_END_OF_BUFFER_CHAR ||
- base[size-1] != YY_END_OF_BUFFER_CHAR )
- /* They forgot to leave room for the EOB's. */
- return 0;
-
- b = (YY_BUFFER_STATE) yy_flex_alloc( sizeof( struct yy_buffer_state ) );
- if ( ! b )
- YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" );
-
- b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */
- b->yy_buf_pos = b->yy_ch_buf = base;
- b->yy_is_our_buffer = 0;
- b->yy_input_file = 0;
- b->yy_n_chars = b->yy_buf_size;
- b->yy_is_interactive = 0;
- b->yy_at_bol = 1;
- b->yy_fill_buffer = 0;
- b->yy_buffer_status = YY_BUFFER_NEW;
-
- yy_switch_to_buffer( b );
-
- return b;
- }
-#endif
-
-
-#ifndef YY_NO_SCAN_STRING
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_string( yyconst char *yy_str )
-#else
-YY_BUFFER_STATE yy_scan_string( yy_str )
-yyconst char *yy_str;
-#endif
- {
- int len;
- for ( len = 0; yy_str[len]; ++len )
- ;
-
- return yy_scan_bytes( yy_str, len );
- }
-#endif
-
-
-#ifndef YY_NO_SCAN_BYTES
-#ifdef YY_USE_PROTOS
-YY_BUFFER_STATE yy_scan_bytes( yyconst char *bytes, int len )
-#else
-YY_BUFFER_STATE yy_scan_bytes( bytes, len )
-yyconst char *bytes;
-int len;
-#endif
- {
- YY_BUFFER_STATE b;
- char *buf;
- yy_size_t n;
- int i;
-
- /* Get memory for full buffer, including space for trailing EOB's. */
- n = len + 2;
- buf = (char *) yy_flex_alloc( n );
- if ( ! buf )
- YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
-
- for ( i = 0; i < len; ++i )
- buf[i] = bytes[i];
-
- buf[len] = buf[len+1] = YY_END_OF_BUFFER_CHAR;
-
- b = yy_scan_buffer( buf, n );
- if ( ! b )
- YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" );
-
- /* It's okay to grow etc. this buffer, and we should throw it
- * away when we're done.
- */
- b->yy_is_our_buffer = 1;
-
- return b;
- }
-#endif
-
-
-#ifndef YY_NO_PUSH_STATE
-#ifdef YY_USE_PROTOS
-static void yy_push_state( int new_state )
-#else
-static void yy_push_state( new_state )
-int new_state;
-#endif
- {
- if ( yy_start_stack_ptr >= yy_start_stack_depth )
- {
- yy_size_t new_size;
-
- yy_start_stack_depth += YY_START_STACK_INCR;
- new_size = yy_start_stack_depth * sizeof( int );
-
- if ( ! yy_start_stack )
- yy_start_stack = (int *) yy_flex_alloc( new_size );
-
- else
- yy_start_stack = (int *) yy_flex_realloc(
- (void *) yy_start_stack, new_size );
-
- if ( ! yy_start_stack )
- YY_FATAL_ERROR(
- "out of memory expanding start-condition stack" );
- }
-
- yy_start_stack[yy_start_stack_ptr++] = YY_START;
-
- BEGIN(new_state);
- }
-#endif
-
-
-#ifndef YY_NO_POP_STATE
-static void yy_pop_state()
- {
- if ( --yy_start_stack_ptr < 0 )
- YY_FATAL_ERROR( "start-condition stack underflow" );
-
- BEGIN(yy_start_stack[yy_start_stack_ptr]);
- }
-#endif
-
-
-#ifndef YY_NO_TOP_STATE
-static int yy_top_state()
- {
- return yy_start_stack[yy_start_stack_ptr - 1];
- }
-#endif
-
-#ifndef YY_EXIT_FAILURE
-#define YY_EXIT_FAILURE 2
-#endif
-
-#ifdef YY_USE_PROTOS
-static void yy_fatal_error( yyconst char msg[] )
-#else
-static void yy_fatal_error( msg )
-char msg[];
-#endif
- {
- (void) fprintf( stderr, "%s\n", msg );
- exit( YY_EXIT_FAILURE );
- }
-
-
-
-/* Redefine yyless() so it works in section 3 code. */
-
-#undef yyless
-#define yyless(n) \
- do \
- { \
- /* Undo effects of setting up yytext. */ \
- yytext[yyleng] = yy_hold_char; \
- yy_c_buf_p = yytext + n; \
- yy_hold_char = *yy_c_buf_p; \
- *yy_c_buf_p = '\0'; \
- yyleng = n; \
- } \
- while ( 0 )
-
-
-/* Internal utility routines. */
-
-#ifndef yytext_ptr
-#ifdef YY_USE_PROTOS
-static void yy_flex_strncpy( char *s1, yyconst char *s2, int n )
-#else
-static void yy_flex_strncpy( s1, s2, n )
-char *s1;
-yyconst char *s2;
-int n;
-#endif
- {
- register int i;
- for ( i = 0; i < n; ++i )
- s1[i] = s2[i];
- }
-#endif
-
-#ifdef YY_NEED_STRLEN
-#ifdef YY_USE_PROTOS
-static int yy_flex_strlen( yyconst char *s )
-#else
-static int yy_flex_strlen( s )
-yyconst char *s;
-#endif
- {
- register int n;
- for ( n = 0; s[n]; ++n )
- ;
-
- return n;
- }
-#endif
-
-
-#ifdef YY_USE_PROTOS
-static void *yy_flex_alloc( yy_size_t size )
-#else
-static void *yy_flex_alloc( size )
-yy_size_t size;
-#endif
- {
- return (void *) malloc( size );
- }
-
-#ifdef YY_USE_PROTOS
-static void *yy_flex_realloc( void *ptr, yy_size_t size )
-#else
-static void *yy_flex_realloc( ptr, size )
-void *ptr;
-yy_size_t size;
-#endif
- {
- /* The cast to (char *) in the following accommodates both
- * implementations that use char* generic pointers, and those
- * that use void* generic pointers. It works with the latter
- * because both ANSI C and C++ allow castless assignment from
- * any pointer type to void*, and deal with argument conversions
- * as though doing an assignment.
- */
- return (void *) realloc( (char *) ptr, size );
- }
-
-#ifdef YY_USE_PROTOS
-static void yy_flex_free( void *ptr )
-#else
-static void yy_flex_free( ptr )
-void *ptr;
-#endif
- {
- free( ptr );
- }
-
-#if YY_MAIN
-int main()
- {
- yylex();
- return 0;
- }
-#endif
-#line 81 "installparse.l"
-
-/*------------------------ Program Section ----------------------------*/
-
-PRFileDesc *Pk11Install_FD=NULL;
-
-/*************************************************************************/
-/* dummy function required by lex */
-int Pk11Install_yywrap(void) { return 1;}
-
-/*************************************************************************/
-/* Return a copy of the given string */
-static char*
-putSimpleString(char *str)
-{
- char *tmp = (char*) PR_Malloc(strlen(str)+1);
- strcpy(tmp, str);
- return tmp;
-}
-
-/*************************************************************************/
-/* Strip out quotes, replace escaped characters with what they stand for.
- This function assumes that what is passed in is actually a complex
- string, so error checking is lax. */
-static char*
-putComplexString(char *str)
-{
- int size, i,j;
- char *tmp;
-
- if(!str) {
- return NULL;
- }
- size = strlen(str);
-
- /* Allocate the new space. This string will actually be too big,
- since quotes and backslashes will be stripped out. But that's ok. */
- tmp = (char*) PR_Malloc(size+1);
-
- /* Copy it over */
- for(i=0, j=0; i < size; i++) {
- if(str[i]=='\"') {
- continue; /* skip un-escaped quotes */
- } else if(str[i]=='\\') {
- ++i; /* escaped character. skip the backslash */
- }
- tmp[j++] = str[i];
- }
- tmp[j] = '\0';
-
- return tmp;
-}
diff --git a/security/nss/cmd/modutil/manifest.mn b/security/nss/cmd/modutil/manifest.mn
deleted file mode 100644
index a40aec6db..000000000
--- a/security/nss/cmd/modutil/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = sectools
-
-EXPORTS =
-
-CSRCS = modutil.c \
- pk11.c \
- instsec.c \
- install.c \
- installparse.c \
- install-ds.c \
- lex.Pk11Install_yy.c \
- $(NULL)
-
-CPPSRCS =
-
-PROGRAM = modutil
-
-REQUIRES = seccmd security dbm
-
-DEFINES = -DNSPR20
-
-# sigh
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/pk11wrap
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/modutil/modutil.c b/security/nss/cmd/modutil/modutil.c
deleted file mode 100644
index b3505f7fc..000000000
--- a/security/nss/cmd/modutil/modutil.c
+++ /dev/null
@@ -1,958 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "modutil.h"
-#include "install.h"
-#include <plstr.h>
-#include "secrng.h"
-#include "certdb.h" /* for CERT_DB_FILE_VERSION */
-#include "nss.h"
-
-static void install_error(char *message);
-static char* PR_fgets(char *buf, int size, PRFileDesc *file);
-static char *progName;
-
-
-/* This enum must be kept in sync with the commandNames list */
-typedef enum {
- NO_COMMAND,
- ADD_COMMAND,
- CHANGEPW_COMMAND,
- CREATE_COMMAND,
- DEFAULT_COMMAND,
- DELETE_COMMAND,
- DISABLE_COMMAND,
- ENABLE_COMMAND,
- FIPS_COMMAND,
- JAR_COMMAND,
- LIST_COMMAND,
- RAW_LIST_COMMAND,
- RAW_ADD_COMMAND,
- UNDEFAULT_COMMAND
-} Command;
-
-/* This list must be kept in sync with the Command enum */
-static char *commandNames[] = {
- "(no command)",
- "-add",
- "-changepw",
- "-create",
- "-default",
- "-delete",
- "-disable",
- "-enable",
- "-fips",
- "-jar",
- "-list",
- "-rawlist",
- "-rawadd",
- "-undefault"
-};
-
-
-/* this enum must be kept in sync with the optionStrings list */
-typedef enum {
- ADD_ARG=0,
- RAW_ADD_ARG,
- CHANGEPW_ARG,
- CIPHERS_ARG,
- CREATE_ARG,
- DBDIR_ARG,
- DBPREFIX_ARG,
- DEFAULT_ARG,
- DELETE_ARG,
- DISABLE_ARG,
- ENABLE_ARG,
- FIPS_ARG,
- FORCE_ARG,
- JAR_ARG,
- LIBFILE_ARG,
- LIST_ARG,
- RAW_LIST_ARG,
- MECHANISMS_ARG,
- NEWPWFILE_ARG,
- PWFILE_ARG,
- SLOT_ARG,
- UNDEFAULT_ARG,
- INSTALLDIR_ARG,
- TEMPDIR_ARG,
- SECMOD_ARG,
- NOCERTDB_ARG,
-
- NUM_ARGS /* must be last */
-} Arg;
-
-/* This list must be kept in sync with the Arg enum */
-static char *optionStrings[] = {
- "-add",
- "-rawadd",
- "-changepw",
- "-ciphers",
- "-create",
- "-dbdir",
- "-dbprefix",
- "-default",
- "-delete",
- "-disable",
- "-enable",
- "-fips",
- "-force",
- "-jar",
- "-libfile",
- "-list",
- "-rawlist",
- "-mechanisms",
- "-newpwfile",
- "-pwfile",
- "-slot",
- "-undefault",
- "-installdir",
- "-tempdir",
- "-secmod",
- "-nocertdb"
-};
-
-/* Increment i if doing so would have i still be less than j. If you
- are able to do this, return 0. Otherwise return 1. */
-#define TRY_INC(i,j) ( ((i+1)<j) ? (++i, 0) : 1 )
-
-/********************************************************************
- *
- * file-wide variables obtained from the command line
- */
-static Command command = NO_COMMAND;
-static char* pwFile = NULL;
-static char* newpwFile = NULL;
-static char* moduleName = NULL;
-static char* moduleSpec = NULL;
-static char* slotName = NULL;
-static char* secmodName = NULL;
-static char* tokenName = NULL;
-static char* libFile = NULL;
-static char* dbdir = NULL;
-static char* dbprefix = "";
-static char* mechanisms = NULL;
-static char* ciphers = NULL;
-static char* fipsArg = NULL;
-static char* jarFile = NULL;
-static char* installDir = NULL;
-static char* tempDir = NULL;
-static short force = 0;
-static PRBool nocertdb = PR_FALSE;
-
-/*******************************************************************
- *
- * p a r s e _ a r g s
- */
-static Error
-parse_args(int argc, char *argv[])
-{
- int i;
- char *arg;
- int optionType;
-
- /* Loop over all arguments */
- for(i=1; i < argc; i++) {
- arg = argv[i];
-
- /* Make sure this is an option and not some floating argument */
- if(arg[0] != '-') {
- PR_fprintf(PR_STDERR, errStrings[UNEXPECTED_ARG_ERR], argv[i]);
- return UNEXPECTED_ARG_ERR;
- }
-
- /* Find which option this is */
- for(optionType=0; optionType < NUM_ARGS; optionType++) {
- if(! strcmp(arg, optionStrings[optionType])) {
- break;
- }
- }
-
- /* Deal with this specific option */
- switch(optionType) {
- case NUM_ARGS:
- default:
- PR_fprintf(PR_STDERR, errStrings[UNKNOWN_OPTION_ERR], arg);
- return UNKNOWN_OPTION_ERR;
- break;
- case ADD_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = ADD_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case CHANGEPW_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = CHANGEPW_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- tokenName = argv[i];
- break;
- case CIPHERS_ARG:
- if(ciphers != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- ciphers = argv[i];
- break;
- case CREATE_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = CREATE_COMMAND;
- break;
- case DBDIR_ARG:
- if(dbdir != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- dbdir = argv[i];
- break;
- case DBPREFIX_ARG:
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- dbprefix = argv[i];
- break;
- case UNDEFAULT_ARG:
- case DEFAULT_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- if(optionType == DEFAULT_ARG) {
- command = DEFAULT_COMMAND;
- } else {
- command = UNDEFAULT_COMMAND;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case DELETE_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = DELETE_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case DISABLE_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = DISABLE_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case ENABLE_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = ENABLE_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleName = argv[i];
- break;
- case FIPS_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = FIPS_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- fipsArg = argv[i];
- break;
- case FORCE_ARG:
- force = 1;
- break;
- case NOCERTDB_ARG:
- nocertdb = PR_TRUE;
- break;
- case INSTALLDIR_ARG:
- if(installDir != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- installDir = argv[i];
- break;
- case TEMPDIR_ARG:
- if(tempDir != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- tempDir = argv[i];
- break;
- case JAR_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = JAR_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- jarFile = argv[i];
- break;
- case LIBFILE_ARG:
- if(libFile != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- libFile = argv[i];
- break;
- case LIST_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = LIST_COMMAND;
- /* This option may or may not have an argument */
- if( (i+1 < argc) && (argv[i+1][0] != '-') ) {
- moduleName = argv[++i];
- }
- break;
- case RAW_LIST_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = RAW_LIST_COMMAND;
- /* This option may or may not have an argument */
- if( (i+1 < argc) && (argv[i+1][0] != '-') ) {
- moduleName = argv[++i];
- }
- break;
- case RAW_ADD_ARG:
- if(command != NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[MULTIPLE_COMMAND_ERR], arg);
- return MULTIPLE_COMMAND_ERR;
- }
- command = RAW_ADD_COMMAND;
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- moduleSpec = argv[i];
- break;
- case MECHANISMS_ARG:
- if(mechanisms != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- mechanisms = argv[i];
- break;
- case NEWPWFILE_ARG:
- if(newpwFile != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- newpwFile = argv[i];
- break;
- case PWFILE_ARG:
- if(pwFile != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- pwFile = argv[i];
- break;
- case SLOT_ARG:
- if(slotName != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- slotName = argv[i];
- break;
- case SECMOD_ARG:
- if(secmodName != NULL) {
- PR_fprintf(PR_STDERR, errStrings[DUPLICATE_OPTION_ERR], arg);
- return DUPLICATE_OPTION_ERR;
- }
- if(TRY_INC(i, argc)) {
- PR_fprintf(PR_STDERR, errStrings[OPTION_NEEDS_ARG_ERR], arg);
- return OPTION_NEEDS_ARG_ERR;
- }
- secmodName = argv[i];
- break;
- }
- }
- return SUCCESS;
-}
-
-/************************************************************************
- *
- * v e r i f y _ p a r a m s
- */
-static Error
-verify_params()
-{
- switch(command) {
- case ADD_COMMAND:
- if(libFile == NULL) {
- PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR],
- commandNames[ADD_COMMAND], optionStrings[LIBFILE_ARG]);
- return MISSING_PARAM_ERR;
- }
- break;
- case CHANGEPW_COMMAND:
- break;
- case CREATE_COMMAND:
- break;
- case DELETE_COMMAND:
- break;
- case DISABLE_COMMAND:
- break;
- case ENABLE_COMMAND:
- break;
- case FIPS_COMMAND:
- if(PL_strcasecmp(fipsArg, "true") &&
- PL_strcasecmp(fipsArg, "false")) {
- PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
- return INVALID_FIPS_ARG;
- }
- break;
- case JAR_COMMAND:
- if(installDir == NULL) {
- PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR],
- commandNames[JAR_COMMAND], optionStrings[INSTALLDIR_ARG]);
- return MISSING_PARAM_ERR;
- }
- break;
- case LIST_COMMAND:
- case RAW_LIST_COMMAND:
- break;
- case RAW_ADD_COMMAND:
- break;
- case UNDEFAULT_COMMAND:
- case DEFAULT_COMMAND:
- if(mechanisms == NULL) {
- PR_fprintf(PR_STDERR, errStrings[MISSING_PARAM_ERR],
- commandNames[command], optionStrings[MECHANISMS_ARG]);
- return MISSING_PARAM_ERR;
- }
- break;
- default:
- /* Ignore this here */
- break;
- }
-
- return SUCCESS;
-}
-
-/********************************************************************
- *
- * i n i t _ c r y p t o
- *
- * Does crypto initialization that all commands will require.
- * If -nocertdb option is specified, don't open key or cert db (we don't
- * need them if we aren't going to be verifying signatures). This is
- * because serverland doesn't always have cert and key database files
- * available.
- */
-static Error
-init_crypto(PRBool create, PRBool readOnly)
-{
- char *dir;
-#ifdef notdef
- char *moddbname=NULL, *keydbname, *certdbname;
- PRBool free_moddbname = PR_FALSE;
-#endif
- Error retval;
- SECStatus rv;
- PRUint32 flags = 0;
-
- if (secmodName == NULL) {
- secmodName = "secmod.db";
- }
-
- if(SECU_ConfigDirectory(dbdir)[0] == '\0') {
- PR_fprintf(PR_STDERR, errStrings[NO_DBDIR_ERR]);
- retval=NO_DBDIR_ERR;
- goto loser;
- }
- dir = SECU_ConfigDirectory(NULL);
-
- /* Make sure db directory exists and is readable */
- if(PR_Access(dir, PR_ACCESS_EXISTS) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_DOESNT_EXIST_ERR], dir);
- retval = DIR_DOESNT_EXIST_ERR;
- goto loser;
- } else if(PR_Access(dir, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_NOT_READABLE_ERR], dir);
- retval = DIR_NOT_READABLE_ERR;
- goto loser;
- }
-
- /* Check for the proper permissions on databases */
- if(create) {
- /* Make sure dbs don't already exist, and the directory is
- writeable */
-#ifdef notdef
- if(PR_Access(moddbname, PR_ACCESS_EXISTS)==PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR],
- moddbname);
- retval=FILE_ALREADY_EXISTS_ERR;
- goto loser;
- } else if(PR_Access(keydbname, PR_ACCESS_EXISTS)==PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR], keydbname);
- retval=FILE_ALREADY_EXISTS_ERR;
- goto loser;
- } else if(PR_Access(certdbname, PR_ACCESS_EXISTS)==PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_ALREADY_EXISTS_ERR],certdbname);
- retval=FILE_ALREADY_EXISTS_ERR;
- goto loser;
- } else
-#endif
- if(PR_Access(dir, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[DIR_NOT_WRITEABLE_ERR], dir);
- retval=DIR_NOT_WRITEABLE_ERR;
- goto loser;
- }
- } else {
-#ifdef notdef
- /* Make sure dbs are readable and writeable */
- if(PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-#ifndef XP_PC
- /* in serverland, they always use secmod.db, even on UNIX. Try
- this */
- moddbname = PR_smprintf("%s/secmod.db", dir);
- free_moddbname = PR_TRUE;
- if(PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
-#endif
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR], moddbname);
- retval=FILE_NOT_READABLE_ERR;
- goto loser;
-#ifndef XP_PC
- }
-#endif
- }
- if(!nocertdb) { /* don't open cert and key db if -nocertdb */
- if(PR_Access(keydbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR],
- keydbname);
- retval=FILE_NOT_READABLE_ERR;
- goto loser;
- }
- if(PR_Access(certdbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_READABLE_ERR],
- certdbname);
- retval=FILE_NOT_READABLE_ERR;
- goto loser;
- }
- }
-#endif
-
- /* Check for write access if we'll be making changes */
- if( !readOnly ) {
-#ifdef notdef
- if(PR_Access(moddbname, PR_ACCESS_WRITE_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
- moddbname);
- retval=FILE_NOT_WRITEABLE_ERR;
- goto loser;
- }
- if(!nocertdb) { /* don't open key and cert db if -nocertdb */
- if(PR_Access(keydbname, PR_ACCESS_WRITE_OK)
- != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
- keydbname);
- retval=FILE_NOT_WRITEABLE_ERR;
- goto loser;
- }
- if(PR_Access(certdbname, PR_ACCESS_WRITE_OK)
- != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, errStrings[FILE_NOT_WRITEABLE_ERR],
- certdbname);
- retval=FILE_NOT_WRITEABLE_ERR;
- goto loser;
- }
- }
-#endif
- }
- PR_fprintf(PR_STDOUT, msgStrings[USING_DBDIR_MSG],
- SECU_ConfigDirectory(NULL));
- }
-
- /* Open/create key database */
- flags = 0;
- if (readOnly) flags |= NSS_INIT_READONLY;
- if (nocertdb) flags |= NSS_INIT_NOCERTDB;
- rv = NSS_Initialize(SECU_ConfigDirectory(NULL), dbprefix, dbprefix,
- secmodName, flags);
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- retval=NSS_INITIALIZE_FAILED_ERR;
- goto loser;
- }
-
- retval=SUCCESS;
-loser:
-#ifdef notdef
- if(free_moddbname) {
- PR_Free(moddbname);
- }
-#endif
- return retval;
-}
-
-/*************************************************************************
- *
- * u s a g e
- */
-static void
-usage()
-{
- PR_fprintf(PR_STDOUT,
-"\nNetscape Cryptographic Module Utility\n"
-"Usage: modutil [command] [options]\n\n"
-" COMMANDS\n"
-"---------------------------------------------------------------------------\n"
-"-add MODULE_NAME Add the named module to the module database\n"
-" -libfile LIBRARY_FILE The name of the file (.so or .dll)\n"
-" containing the implementation of PKCS #11\n"
-" [-ciphers CIPHER_LIST] Enable the given ciphers on this module\n"
-" [-mechanisms MECHANISM_LIST] Make the module a default provider of the\n"
-" given mechanisms\n"
-"-changepw TOKEN Change the password on the named token\n"
-" [-pwfile FILE] The old password is in this file\n"
-" [-newpwfile FILE] The new password is in this file\n"
-"-create Create a new set of security databases\n"
-"-default MODULE Make the given module a default provider\n"
-" -mechanisms MECHANISM_LIST of the given mechanisms\n"
-" [-slot SLOT] limit change to only the given slot\n"
-"-delete MODULE Remove the named module from the module\n"
-" database\n"
-"-disable MODULE Disable the named module\n"
-" [-slot SLOT] Disable only the named slot on the module\n"
-"-enable MODULE Enable the named module\n"
-" [-slot SLOT] Enable only the named slot on the module\n"
-"-fips [ true | false ] If true, enable FIPS mode. If false,\n"
-" disable FIPS mode\n"
-"-force Do not run interactively\n"
-"-jar JARFILE Install a PKCS #11 module from the given\n"
-" JAR file in the PKCS #11 JAR format\n"
-" -installdir DIR Use DIR as the root directory of the\n"
-" installation\n"
-" [-tempdir DIR] Use DIR as the temporary installation\n"
-" directory. If not specified, the current\n"
-" directory is used\n"
-"-list [MODULE] Lists information about the specified module\n"
-" or about all modules if none is specified\n"
-"-undefault MODULE The given module is NOT a default provider\n"
-" -mechanisms MECHANISM_LIST of the listed mechanisms\n"
-" [-slot SLOT] limit change to only the given slot\n"
-"---------------------------------------------------------------------------\n"
-"\n"
-" OPTIONS\n"
-"---------------------------------------------------------------------------\n"
-"-dbdir DIR Directory DIR contains the security databases\n"
-"-dbprefix prefix Prefix for the security databases\n"
-"-nocertdb Do not load certificate or key databases. No\n"
-" verification will be performed on JAR files.\n"
-"-secmod secmodName Name of the security modules file\n"
-"---------------------------------------------------------------------------\n"
-"\n"
-"Mechanism lists are colon-separated. The following mechanisms are recognized:\n"
-"RSA, DSA, RC2, RC4, RC5, DES, DH, FORTEZZA, SHA1, MD5, MD2, SSL, TLS, RANDOM,\n"
-" FRIENDLY\n"
-"\n"
-"Cipher lists are colon-separated. The following ciphers are recognized:\n"
-"FORTEZZA\n"
-"\nQuestions or bug reports should be sent to modutil-support@netscape.com.\n"
-);
-
-}
-
-/*************************************************************************
- *
- * m a i n
- */
-int
-main(int argc, char *argv[])
-{
- int errcode = SUCCESS;
- PRBool createdb, readOnly;
-#define STDINBUF_SIZE 80
- char stdinbuf[STDINBUF_SIZE];
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
-
- PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-
- if(parse_args(argc, argv) != SUCCESS) {
- usage();
- errcode = INVALID_USAGE_ERR;
- goto loser;
- }
-
- if(verify_params() != SUCCESS) {
- usage();
- errcode = INVALID_USAGE_ERR;
- goto loser;
- }
-
- if(command==NO_COMMAND) {
- PR_fprintf(PR_STDERR, errStrings[NO_COMMAND_ERR]);
- usage();
- errcode = INVALID_USAGE_ERR;
- goto loser;
- }
-
- if ((command == RAW_LIST_COMMAND) || (command == RAW_ADD_COMMAND)) {
- if(!moduleName) {
- char *readOnlyStr, *noCertDBStr, *sep;
- if (!secmodName) secmodName="secmod.db";
- if (!dbprefix) dbprefix = "";
- sep = ((command == RAW_LIST_COMMAND) && nocertdb) ? "," : " ";
- readOnlyStr = (command == RAW_LIST_COMMAND) ? "readOnly" : "" ;
- noCertDBStr = nocertdb ? "noCertDB" : "";
- SECU_ConfigDirectory(dbdir);
-
- moduleName=PR_smprintf("name=\"NSS default Module DB\" parameters=\"configdir=%s certPrefix=%s keyPrefix=%s secmod=%s flags=%s%s%s\" NSS=\"flags=internal,moduleDB,moduleDBOnly,critical\"",
- SECU_ConfigDirectory(NULL),dbprefix, dbprefix,
- secmodName, readOnlyStr,sep, noCertDBStr);
- }
- if (command == RAW_LIST_COMMAND) {
- errcode = RawListModule(moduleName);
- } else {
- PORT_Assert(moduleSpec);
- errcode = RawAddModule(moduleName,moduleSpec);
- }
- goto loser;
- }
-
- /* Set up crypto stuff */
- createdb = command==CREATE_COMMAND;
- readOnly = command==LIST_COMMAND;
-
- /* Make sure browser is not running if we're writing to a database */
- /* Do this before initializing crypto */
- if(!readOnly && !force) {
- char *response;
-
- PR_fprintf(PR_STDOUT, msgStrings[BROWSER_RUNNING_MSG]);
- if( ! PR_fgets(stdinbuf, STDINBUF_SIZE, PR_STDIN)) {
- PR_fprintf(PR_STDERR, errStrings[STDIN_READ_ERR]);
- errcode = STDIN_READ_ERR;
- goto loser;
- }
- if( (response=strtok(stdinbuf, " \r\n\t")) ) {
- if(!PL_strcasecmp(response, "q")) {
- PR_fprintf(PR_STDOUT, msgStrings[ABORTING_MSG]);
- errcode = SUCCESS;
- goto loser;
- }
- }
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- errcode = init_crypto(createdb, readOnly);
- if( errcode != SUCCESS) {
- goto loser;
- }
-
-
- /* Execute the command */
- switch(command) {
- case ADD_COMMAND:
- errcode = AddModule(moduleName, libFile, ciphers, mechanisms);
- break;
- case CHANGEPW_COMMAND:
- errcode = ChangePW(tokenName, pwFile, newpwFile);
- break;
- case CREATE_COMMAND:
- /* The work was already done in init_crypto() */
- break;
- case DEFAULT_COMMAND:
- errcode = SetDefaultModule(moduleName, slotName, mechanisms);
- break;
- case DELETE_COMMAND:
- errcode = DeleteModule(moduleName);
- break;
- case DISABLE_COMMAND:
- errcode = EnableModule(moduleName, slotName, PR_FALSE);
- break;
- case ENABLE_COMMAND:
- errcode = EnableModule(moduleName, slotName, PR_TRUE);
- break;
- case FIPS_COMMAND:
- errcode = FipsMode(fipsArg);
- break;
- case JAR_COMMAND:
- Pk11Install_SetErrorHandler(install_error);
- errcode = Pk11Install_DoInstall(jarFile, installDir, tempDir,
- PR_STDOUT, force, nocertdb);
- break;
- case LIST_COMMAND:
- if(moduleName) {
- errcode = ListModule(moduleName);
- } else {
- errcode = ListModules();
- }
- break;
- case UNDEFAULT_COMMAND:
- errcode = UnsetDefaultModule(moduleName, slotName, mechanisms);
- break;
- default:
- PR_fprintf(PR_STDERR, "This command is not supported yet.\n");
- errcode = INVALID_USAGE_ERR;
- break;
- }
-
-loser:
- PR_Cleanup();
- return errcode;
-}
-
-/************************************************************************
- *
- * i n s t a l l _ e r r o r
- *
- * Callback function to handle errors in PK11 JAR file installation.
- */
-static void
-install_error(char *message)
-{
- PR_fprintf(PR_STDERR, "Install error: %s\n", message);
-}
-
-/*************************************************************************
- *
- * o u t _ o f _ m e m o r y
- */
-void
-out_of_memory(void)
-{
- PR_fprintf(PR_STDERR, errStrings[OUT_OF_MEM_ERR]);
- exit(OUT_OF_MEM_ERR);
-}
-
-
-/**************************************************************************
- *
- * P R _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-static char*
-PR_fgets(char *buf, int size, PRFileDesc *file)
-{
- int i;
- int status;
- char c;
-
- i=0;
- while(i < size-1) {
- status = PR_Read(file, (void*) &c, 1);
- if(status==-1) {
- return NULL;
- } else if(status==0) {
- break;
- }
- buf[i++] = c;
- if(c=='\n') {
- break;
- }
- }
- buf[i]='\0';
-
- return buf;
-}
diff --git a/security/nss/cmd/modutil/modutil.h b/security/nss/cmd/modutil/modutil.h
deleted file mode 100644
index 16c58fb49..000000000
--- a/security/nss/cmd/modutil/modutil.h
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef MODUTIL_H
-#define MODUTIL_H
-
-#include <stdio.h>
-#include <prio.h>
-#include <prprf.h>
-#include <prinit.h>
-#include <prmem.h>
-#include <plarena.h>
-#include <string.h>
-#include <seccomon.h>
-#include <secmod.h>
-#include <secutil.h>
-
-#include <prlock.h>
-
-#include "error.h"
-
-Error FipsMode(char *arg);
-Error AddModule(char *moduleName, char *libFile, char *ciphers,
- char *mechanisms);
-Error DeleteModule(char *moduleName);
-Error ListModule(char *moduleName);
-Error ListModules();
-Error ChangePW(char *tokenName, char *pwFile, char *newpwFile);
-Error EnableModule(char *moduleName, char *slotName, PRBool enable);
-Error SetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
-Error UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms);
-void out_of_memory(void);
-
-#endif /*MODUTIL_H*/
diff --git a/security/nss/cmd/modutil/pk11.c b/security/nss/cmd/modutil/pk11.c
deleted file mode 100644
index d20807b06..000000000
--- a/security/nss/cmd/modutil/pk11.c
+++ /dev/null
@@ -1,850 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "modutil.h"
-#include "secmodti.h"
-#include "pk11func.h"
-
-extern PK11DefaultArrayEntry PK11_DefaultArray[];
-extern int num_pk11_default_mechanisms;
-extern SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo*, PK11DefaultArrayEntry*,
- PRBool);
-
-/*************************************************************************
- *
- * F i p s M o d e
- * If arg=="true", enable FIPS mode on the internal module. If arg=="false",
- * disable FIPS mode on the internal module.
- */
-Error
-FipsMode(char *arg)
-{
-
- char *internal_name;
-
- if(!PORT_Strcasecmp(arg, "true")) {
- if(!PK11_IsFIPS()) {
- internal_name = PR_smprintf("%s",
- SECMOD_GetInternalModule()->commonName);
- if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_ENABLED_MSG]);
- } else {
- PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_ON_ERR]);
- return FIPS_ALREADY_ON_ERR;
- }
- } else if(!PORT_Strcasecmp(arg, "false")) {
- if(PK11_IsFIPS()) {
- internal_name = PR_smprintf("%s",
- SECMOD_GetInternalModule()->commonName);
- if(SECMOD_DeleteInternalModule(internal_name) != SECSuccess) {
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDERR, errStrings[FIPS_SWITCH_FAILED_ERR]);
- return FIPS_SWITCH_FAILED_ERR;
- }
- PR_smprintf_free(internal_name);
- PR_fprintf(PR_STDOUT, msgStrings[FIPS_DISABLED_MSG]);
- } else {
- PR_fprintf(PR_STDERR, errStrings[FIPS_ALREADY_OFF_ERR]);
- return FIPS_ALREADY_OFF_ERR;
- }
- } else {
- PR_fprintf(PR_STDERR, errStrings[INVALID_FIPS_ARG]);
- return INVALID_FIPS_ARG;
- }
-
- return SUCCESS;
-}
-
-/************************************************************************
- * Cipher and Mechanism name-bitmask translation tables
- */
-
-typedef struct {
- char *name;
- unsigned long mask;
-} MaskString;
-
-static MaskString mechanismStrings[] = {
- {"RSA", PUBLIC_MECH_RSA_FLAG},
- {"DSA", PUBLIC_MECH_DSA_FLAG},
- {"RC2", PUBLIC_MECH_RC2_FLAG},
- {"RC4", PUBLIC_MECH_RC4_FLAG},
- {"RC5", PUBLIC_MECH_RC5_FLAG},
- {"DES", PUBLIC_MECH_DES_FLAG},
- {"DH", PUBLIC_MECH_DH_FLAG},
- {"FORTEZZA", PUBLIC_MECH_FORTEZZA_FLAG},
- {"SHA1", PUBLIC_MECH_SHA1_FLAG},
- {"MD5", PUBLIC_MECH_MD5_FLAG},
- {"MD2", PUBLIC_MECH_MD2_FLAG},
- {"SSL", PUBLIC_MECH_SSL_FLAG},
- {"TLS", PUBLIC_MECH_TLS_FLAG},
- {"RANDOM", PUBLIC_MECH_RANDOM_FLAG},
- {"FRIENDLY", PUBLIC_MECH_FRIENDLY_FLAG}
-};
-static int numMechanismStrings =
- sizeof(mechanismStrings) / sizeof(mechanismStrings[0]);
-
-static MaskString cipherStrings[] = {
- {"FORTEZZA", PUBLIC_CIPHER_FORTEZZA_FLAG}
-};
-static int numCipherStrings =
- sizeof(cipherStrings) / sizeof(cipherStrings[0]);
-
-/* Maximum length of a colon-separated list of all the strings in an
- * array. */
-#define MAX_STRING_LIST_LEN 240 /* or less */
-
-/************************************************************************
- *
- * g e t F l a g s F r o m S t r i n g
- *
- * Parses a mechanism list passed on the command line and converts it
- * to an unsigned long bitmask.
- * string is a colon-separated string of constants
- * array is an array of MaskStrings.
- * elements is the number of elements in array.
- */
-static unsigned long
-getFlagsFromString(char *string, MaskString array[], int elements)
-{
- unsigned long ret = 0;
- short i = 0;
- char *cp;
- char *buf;
- char *end;
-
- if(!string || !string[0]) {
- return ret;
- }
-
- /* Make a temporary copy of the string */
- buf = PR_Malloc(strlen(string)+1);
- if(!buf) {
- out_of_memory();
- }
- strcpy(buf, string);
-
- /* Look at each element of the list passed in */
- for(cp=buf; cp && *cp; cp = (end ? end+1 : NULL) ) {
- /* Look at the string up to the next colon */
- end = strchr(cp, ':');
- if(end) {
- *end = '\0';
- }
-
- /* Find which element this is */
- for(i=0; i < elements; i++) {
- if( !PORT_Strcasecmp(cp, array[i].name) ) {
- break;
- }
- }
- if(i == elements) {
- /* Skip a bogus string, but print a warning message */
- PR_fprintf(PR_STDERR, errStrings[INVALID_CONSTANT_ERR], cp);
- continue;
- }
- ret |= array[i].mask;
- }
-
- PR_Free(buf);
- return ret;
-}
-
-/**********************************************************************
- *
- * g e t S t r i n g F r o m F l a g s
- *
- * The return string's memory is owned by this function. Copy it
- * if you need it permanently or you want to change it.
- */
-static char *
-getStringFromFlags(unsigned long flags, MaskString array[], int elements)
-{
- static char buf[MAX_STRING_LIST_LEN];
- int i;
- int count=0;
-
- buf[0] = '\0';
- for(i=0; i<elements; i++) {
- if( flags & array[i].mask ) {
- ++count;
- if(count!=1) {
- strcat(buf, ":");
- }
- strcat(buf, array[i].name);
- }
- }
- return buf;
-}
-
-/**********************************************************************
- *
- * A d d M o d u l e
- *
- * Add the named module, with the given library file, ciphers, and
- * default mechanism flags
- */
-Error
-AddModule(char *moduleName, char *libFile, char *cipherString,
- char *mechanismString)
-{
- unsigned long ciphers;
- unsigned long mechanisms;
- SECStatus status;
-
- mechanisms =
- getFlagsFromString(mechanismString, mechanismStrings,
- numMechanismStrings);
- ciphers =
- getFlagsFromString(cipherString, cipherStrings, numCipherStrings);
-
- status =
- SECMOD_AddNewModule(moduleName, libFile,
- SECMOD_PubMechFlagstoInternal(mechanisms),
- SECMOD_PubCipherFlagstoInternal(ciphers) );
-
- if(status != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[ADD_MODULE_FAILED_ERR], moduleName);
- return ADD_MODULE_FAILED_ERR;
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[ADD_MODULE_SUCCESS_MSG], moduleName);
- return SUCCESS;
- }
-}
-
-/***********************************************************************
- *
- * D e l e t e M o d u l e
- *
- * Deletes the named module from the database.
- */
-Error
-DeleteModule(char *moduleName)
-{
- SECStatus status;
- int type;
-
- status = SECMOD_DeleteModule(moduleName, &type);
-
- if(status != SECSuccess) {
- if(type == SECMOD_FIPS || type == SECMOD_INTERNAL) {
- PR_fprintf(PR_STDERR, errStrings[DELETE_INTERNAL_ERR]);
- return DELETE_INTERNAL_ERR;
- } else {
- PR_fprintf(PR_STDERR, errStrings[DELETE_FAILED_ERR], moduleName);
- return DELETE_FAILED_ERR;
- }
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[DELETE_SUCCESS_MSG], moduleName);
- return SUCCESS;
-}
-
-/************************************************************************
- *
- * R a w L i s t M o d u l e s
- *
- * Lists all the modules in the database, along with their slots and tokens.
- */
-Error
-RawListModule(char *modulespec)
-{
- SECMODModule *module;
- char **moduleSpecList;
- SECStatus rv;
-
- module = SECMOD_LoadModule(modulespec,NULL,PR_FALSE);
- if (module == NULL) {
- /* handle error */
- return NO_SUCH_MODULE_ERR;
- }
-
- moduleSpecList = SECMOD_GetModuleSpecList(module);
-
- for ( ;*moduleSpecList; moduleSpecList++) {
- printf("%s\n",*moduleSpecList);
- }
-
- return SUCCESS;
-}
-
-RawAddModule(char *dbmodulespec, char *modulespec)
-{
- SECMODModule *module;
- SECMODModule *dbmodule;
-
-
- dbmodule = SECMOD_LoadModule(dbmodulespec,NULL,PR_TRUE);
- if (dbmodule == NULL) {
- /* handle error */
- return NO_SUCH_MODULE_ERR;
- }
-
- module = SECMOD_LoadModule(modulespec,dbmodule,PR_FALSE);
- if (module == NULL) {
- /* handle error */
- return NO_SUCH_MODULE_ERR;
- }
-
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], modulespec);
- return UPDATE_MOD_FAILED_ERR;
- }
- return SUCCESS;
-}
-
-/************************************************************************
- *
- * L i s t M o d u l e s
- *
- * Lists all the modules in the database, along with their slots and tokens.
- */
-Error
-ListModules()
-{
- SECMODListLock *lock;
- SECMODModuleList *list;
- SECMODModuleList *mlp;
- Error ret=UNSPECIFIED_ERR;
- int count = 0, i;
-
- lock = SECMOD_GetDefaultModuleListLock();
- if(!lock) {
- PR_fprintf(PR_STDERR, errStrings[NO_LIST_LOCK_ERR]);
- return NO_LIST_LOCK_ERR;
- }
-
- SECMOD_GetReadLock(lock);
-
- list = SECMOD_GetDefaultModuleList();
- if(!list) {
- PR_fprintf(PR_STDERR, errStrings[NO_MODULE_LIST_ERR]);
- ret = NO_MODULE_LIST_ERR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT,
- "\nListing of PKCS #11 Modules\n"
- "-----------------------------------------------------------\n");
-
- for(mlp=list; mlp != NULL; mlp = mlp->next) {
- ++count;
- if(count!=1) {
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- PR_fprintf(PR_STDOUT, "%3d. %s\n", count, mlp->module->commonName);
-
- if(mlp->module->dllName) {
- PR_fprintf(PR_STDOUT, "\tlibrary name: %s\n", mlp->module->dllName);
- }
-
- if(mlp->module->slotCount == 0) {
- PR_fprintf(PR_STDOUT,
- "\t slots: There are no slots attached to this module\n");
- } else {
- PR_fprintf(PR_STDOUT,
- "\t slots: %d slot%s attached\n", mlp->module->slotCount,
- (mlp->module->slotCount==1 ? "" : "s") );
- }
-
- if(mlp->module->loaded == 0) {
- PR_fprintf(PR_STDOUT, "\tstatus: Not loaded\n");
- } else {
- PR_fprintf(PR_STDOUT, "\tstatus: loaded\n");
- }
-
- /* Print slot and token names */
- for (i = 0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *slot = mlp->module->slots[i];
-
- PR_fprintf(PR_STDOUT, "\n");
- PR_fprintf(PR_STDOUT, "\t slot: %s\n", PK11_GetSlotName(slot));
- PR_fprintf(PR_STDOUT, "\ttoken: %s\n", PK11_GetTokenName(slot));
- }
- }
-
- PR_fprintf(PR_STDOUT,
- "-----------------------------------------------------------\n");
-
- ret = SUCCESS;
-
-loser:
- SECMOD_ReleaseReadLock(lock);
- return ret;
-}
-
-/* Strings describing PK11DisableReasons */
-static char *disableReasonStr[] = {
- "no reason",
- "user disabled",
- "could not initialize token",
- "could not verify token",
- "token not present"
-};
-static int numDisableReasonStr =
- sizeof(disableReasonStr) / sizeof(disableReasonStr[0]);
-
-/***********************************************************************
- *
- * L i s t M o d u l e
- *
- * Lists detailed information about the named module.
- */
-Error
-ListModule(char *moduleName)
-{
- SECMODModule *module;
- PK11SlotInfo *slot;
- int slotnum;
- CK_INFO modinfo;
- CK_SLOT_INFO slotinfo;
- CK_TOKEN_INFO tokeninfo;
- char *ciphers, *mechanisms;
- PK11DisableReasons reason;
- Error rv = SUCCESS;
-
- if(!moduleName) {
- return SUCCESS;
- }
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- return NO_SUCH_MODULE_ERR;
- }
-
- if(PK11_GetModInfo(module, &modinfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[MOD_INFO_ERR], moduleName);
- return MOD_INFO_ERR;
- }
-
- /* Module info */
- PR_fprintf(PR_STDOUT,
- "\n-----------------------------------------------------------\n");
- PR_fprintf(PR_STDOUT, "Name: %s\n", module->commonName);
- if(module->internal || !module->dllName) {
- PR_fprintf(PR_STDOUT, "Library file: **Internal ONLY module**\n");
- } else {
- PR_fprintf(PR_STDOUT, "Library file: %s\n", module->dllName);
- }
-
- PR_fprintf(PR_STDOUT, "Manufacturer: %.32s\n", modinfo.manufacturerID);
- PR_fprintf(PR_STDOUT, "Description: %.32s\n", modinfo.libraryDescription);
- PR_fprintf(PR_STDOUT, "PKCS #11 Version %d.%d\n",
- modinfo.cryptokiVersion.major, modinfo.cryptokiVersion.minor);
- PR_fprintf(PR_STDOUT, "Library Version: %d.%d\n",
- modinfo.libraryVersion.major, modinfo.libraryVersion.minor);
-
- /* Get cipher and mechanism flags */
- ciphers = getStringFromFlags(module->ssl[0], cipherStrings,
- numCipherStrings);
- if(ciphers[0] == '\0') {
- ciphers = "None";
- }
- PR_fprintf(PR_STDOUT, "Cipher Enable Flags: %s\n", ciphers);
- mechanisms = NULL;
- if(module->slotCount > 0) {
- mechanisms = getStringFromFlags(module->slots[0]->defaultFlags,
- mechanismStrings, numMechanismStrings);
- }
- if(mechanisms[0] =='\0') {
- mechanisms = "None";
- }
- PR_fprintf(PR_STDOUT, "Default Mechanism Flags: %s\n", mechanisms);
-
-#define PAD " "
-
- /* Loop over each slot */
- for(slotnum=0; slotnum < module->slotCount; slotnum++) {
- slot = module->slots[slotnum];
- if(PK11_GetSlotInfo(slot, &slotinfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[SLOT_INFO_ERR],
- PK11_GetSlotName(slot));
- rv = SLOT_INFO_ERR;
- continue;
- }
-
- /* Slot Info */
- PR_fprintf(PR_STDOUT, "\n"PAD"Slot: %s\n", PK11_GetSlotName(slot));
- mechanisms = getStringFromFlags(slot->defaultFlags,
- mechanismStrings, numMechanismStrings);
- if(mechanisms[0] =='\0') {
- mechanisms = "None";
- }
- PR_fprintf(PR_STDOUT, PAD"Slot Mechanism Flags: %s\n", mechanisms);
- PR_fprintf(PR_STDOUT, PAD"Manufacturer: %.32s\n",
- slotinfo.manufacturerID);
- if(slot->isHW) {
- PR_fprintf(PR_STDOUT, PAD"Type: Hardware\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"Type: Software\n");
- }
- PR_fprintf(PR_STDOUT, PAD"Version Number: %d.%d\n",
- slotinfo.hardwareVersion.major, slotinfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, PAD"Firmware Version: %d.%d\n",
- slotinfo.firmwareVersion.major, slotinfo.firmwareVersion.minor);
- if(slot->disabled) {
- reason = PK11_GetDisabledReason(slot);
- if(reason < numDisableReasonStr) {
- PR_fprintf(PR_STDOUT, PAD"Status: DISABLED (%s)\n",
- disableReasonStr[reason]);
- } else {
- PR_fprintf(PR_STDOUT, PAD"Status: DISABLED\n");
- }
- } else {
- PR_fprintf(PR_STDOUT, PAD"Status: Enabled\n");
- }
-
- if(PK11_GetTokenInfo(slot, &tokeninfo) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[TOKEN_INFO_ERR],
- slot->token_name);
- rv = TOKEN_INFO_ERR;
- continue;
- }
-
- /* Token Info */
- PR_fprintf(PR_STDOUT, PAD"Token Name: %.32s\n",
- tokeninfo.label);
- PR_fprintf(PR_STDOUT, PAD"Token Manufacturer: %.32s\n",
- tokeninfo.manufacturerID);
- PR_fprintf(PR_STDOUT, PAD"Token Model: %.16s\n", tokeninfo.model);
- PR_fprintf(PR_STDOUT, PAD"Token Serial Number: %.16s\n",
- tokeninfo.serialNumber);
- PR_fprintf(PR_STDOUT, PAD"Token Version: %d.%d\n",
- tokeninfo.hardwareVersion.major, tokeninfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, PAD"Token Firmware Version: %d.%d\n",
- tokeninfo.firmwareVersion.major, tokeninfo.firmwareVersion.minor);
- if(tokeninfo.flags & CKF_WRITE_PROTECTED) {
- PR_fprintf(PR_STDOUT, PAD"Access: Write Protected\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"Access: NOT Write Protected\n");
- }
- if(tokeninfo.flags & CKF_LOGIN_REQUIRED) {
- PR_fprintf(PR_STDOUT, PAD"Login Type: Login required\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD
- "Login Type: Public (no login required)\n");
- }
- if(tokeninfo.flags & CKF_USER_PIN_INITIALIZED) {
- PR_fprintf(PR_STDOUT, PAD"User Pin: Initialized\n");
- } else {
- PR_fprintf(PR_STDOUT, PAD"User Pin: NOT Initialized\n");
- }
- }
- PR_fprintf(PR_STDOUT,
- "\n-----------------------------------------------------------\n");
- return rv;
-}
-
-/************************************************************************
- *
- * C h a n g e P W
- */
-Error
-ChangePW(char *tokenName, char *pwFile, char *newpwFile)
-{
- char *oldpw=NULL, *newpw=NULL, *newpw2=NULL;
- PK11SlotInfo *slot;
- Error ret=UNSPECIFIED_ERR;
- PRBool matching;
-
- slot = PK11_FindSlotByName(tokenName);
- if(!slot) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_TOKEN_ERR], tokenName);
- return NO_SUCH_TOKEN_ERR;
- }
-
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- /* Get old password */
- if(! PK11_NeedUserInit(slot)) {
- if(pwFile) {
- oldpw = SECU_FilePasswd(NULL, PR_FALSE, pwFile);
- if(PK11_CheckUserPassword(slot, oldpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[BAD_PW_ERR]);
- ret=BAD_PW_ERR;
- goto loser;
- }
- } else {
- for(matching=PR_FALSE; !matching; ) {
- oldpw = SECU_GetPasswordString(NULL, "Enter old password: ");
- if(PK11_CheckUserPassword(slot, oldpw) == SECSuccess) {
- matching = PR_TRUE;
- } else {
- PR_fprintf(PR_STDOUT, msgStrings[BAD_PW_MSG]);
- }
- }
- }
- }
-
- /* Get new password */
- if(newpwFile) {
- newpw = SECU_FilePasswd(NULL, PR_FALSE, newpwFile);
- } else {
- for(matching=PR_FALSE; !matching; ) {
- newpw = SECU_GetPasswordString(NULL, "Enter new password: ");
- newpw2 = SECU_GetPasswordString(NULL, "Re-enter new password: ");
- if(strcmp(newpw, newpw2)) {
- PR_fprintf(PR_STDOUT, msgStrings[PW_MATCH_MSG]);
- } else {
- matching = PR_TRUE;
- }
- }
- }
-
- /* Change the password */
- if(PK11_NeedUserInit(slot)) {
- if(PK11_InitPin(slot, NULL /*ssopw*/, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
- ret = CHANGEPW_FAILED_ERR;
- goto loser;
- }
- } else {
- if(PK11_ChangePW(slot, oldpw, newpw) != SECSuccess) {
- PR_fprintf(PR_STDERR, errStrings[CHANGEPW_FAILED_ERR], tokenName);
- ret = CHANGEPW_FAILED_ERR;
- goto loser;
- }
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[CHANGEPW_SUCCESS_MSG], tokenName);
- ret = SUCCESS;
-
-loser:
- if(oldpw) {
- memset(oldpw, 0, strlen(oldpw));
- PORT_Free(oldpw);
- }
- if(newpw) {
- memset(newpw, 0, strlen(newpw));
- PORT_Free(newpw);
- }
- if(newpw2) {
- memset(newpw2, 0, strlen(newpw));
- PORT_Free(newpw2);
- }
- return ret;
-}
-
-/***********************************************************************
- *
- * E n a b l e M o d u l e
- *
- * If enable==PR_TRUE, enables the module or slot.
- * If enable==PR_FALSE, disables the module or slot.
- * moduleName is the name of the module.
- * slotName is the name of the slot. It is optional.
- */
-Error
-EnableModule(char *moduleName, char *slotName, PRBool enable)
-{
- int i;
- SECMODModule *module;
- PK11SlotInfo *slot = NULL;
- PRBool found = PR_FALSE;
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- return NO_SUCH_MODULE_ERR;
- }
-
- for(i=0; i < module->slotCount; i++) {
- slot = module->slots[i];
- if(slotName && strcmp(PK11_GetSlotName(slot), slotName)) {
- /* Not the right slot */
- continue;
- }
- if(enable) {
- if(! PK11_UserEnableSlot(slot)) {
- PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
- "enable", PK11_GetSlotName(slot));
- return ENABLE_FAILED_ERR;
- } else {
- found = PR_TRUE;
- PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
- PK11_GetSlotName(slot), "enabled");
- }
- } else {
- if(! PK11_UserDisableSlot(slot)) {
- PR_fprintf(PR_STDERR, errStrings[ENABLE_FAILED_ERR],
- "disable", PK11_GetSlotName(slot));
- return ENABLE_FAILED_ERR;
- } else {
- found = PR_TRUE;
- PR_fprintf(PR_STDOUT, msgStrings[ENABLE_SUCCESS_MSG],
- PK11_GetSlotName(slot), "disabled");
- }
- }
- }
-
- if(slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- return NO_SUCH_SLOT_ERR;
- }
-
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UPDATE_MOD_FAILED_ERR], moduleName);
- return UPDATE_MOD_FAILED_ERR;
- }
-
- return SUCCESS;
-}
-
-/*************************************************************************
- *
- * S e t D e f a u l t M o d u l e
- *
- */
-Error
-SetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
- SECMODModule *module;
- PK11SlotInfo *slot;
- int s, i;
- unsigned long mechFlags = getFlagsFromString(mechanisms, mechanismStrings,
- numMechanismStrings);
- PRBool found = PR_FALSE;
- Error errcode = UNSPECIFIED_ERR;
-
- mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- errcode = NO_SUCH_MODULE_ERR;
- goto loser;
- }
-
- /* Go through each slot */
- for(s=0; s < module->slotCount; s++) {
- slot = module->slots[s];
-
- if ((slotName != NULL) &&
- !((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
- (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
- /* we are only interested in changing the one slot */
- continue;
- }
-
- found = PR_TRUE;
-
- /* Go through each mechanism */
- for(i=0; i < num_pk11_default_mechanisms; i++) {
- if(PK11_DefaultArray[i].flag & mechFlags) {
- /* Enable this default mechanism */
- PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]),
- PR_TRUE);
- }
- }
- }
- if (slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- errcode = NO_SUCH_SLOT_ERR;
- goto loser;
- }
-
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[DEFAULT_FAILED_ERR],
- moduleName);
- errcode = DEFAULT_FAILED_ERR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[DEFAULT_SUCCESS_MSG]);
-
- errcode = SUCCESS;
-loser:
- return errcode;
-}
-
-/************************************************************************
- *
- * U n s e t D e f a u l t M o d u l e
- */
-Error
-UnsetDefaultModule(char *moduleName, char *slotName, char *mechanisms)
-{
- SECMODModule * module;
- PK11SlotInfo *slot;
- int s, i;
- unsigned long mechFlags = getFlagsFromString(mechanisms,
- mechanismStrings, numMechanismStrings);
- PRBool found = PR_FALSE;
-
- mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
-
- module = SECMOD_FindModule(moduleName);
- if(!module) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
- return NO_SUCH_MODULE_ERR;
- }
-
- for(s=0; s < module->slotCount; s++) {
- slot = module->slots[s];
- if ((slotName != NULL) &&
- !((strcmp(PK11_GetSlotName(slot),slotName) == 0) ||
- (strcmp(PK11_GetTokenName(slot),slotName) == 0)) ) {
- /* we are only interested in changing the one slot */
- continue;
- }
- for(i=0; i <num_pk11_default_mechanisms; i++) {
- if(PK11_DefaultArray[i].flag & mechFlags) {
- PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]),
- PR_FALSE);
- }
- }
- }
- if (slotName && !found) {
- PR_fprintf(PR_STDERR, errStrings[NO_SUCH_SLOT_ERR], slotName);
- return NO_SUCH_SLOT_ERR;
- }
-
- /* Delete and re-add module to save changes */
- if( SECMOD_UpdateModule(module) != SECSuccess ) {
- PR_fprintf(PR_STDERR, errStrings[UNDEFAULT_FAILED_ERR],
- moduleName);
- return UNDEFAULT_FAILED_ERR;
- }
-
- PR_fprintf(PR_STDOUT, msgStrings[UNDEFAULT_SUCCESS_MSG]);
- return SUCCESS;
-}
diff --git a/security/nss/cmd/modutil/pk11jar.html b/security/nss/cmd/modutil/pk11jar.html
deleted file mode 100644
index 9440db014..000000000
--- a/security/nss/cmd/modutil/pk11jar.html
+++ /dev/null
@@ -1,309 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<head>
-<title>PKCS #11 JAR Format</title>
-</head>
-<body bgcolor=white text=black link=blue vlink=purple alink=red>
-<center><h1>PKCS #11 JAR Format</h1></center>
-
-<p>PKCS #11 modules can be packaged into JAR files that support automatic
-installation onto the filesystem and into the security module database.
-The JAR file should contain:
-<ul>
-<li>All files that will be installed onto the target machine. This will
-include at least the PKCS #11 module library file (.DLL or .so), and
-may also include any other file that should be installed (such as
-documentation).
-<li>A script to perform the installation.
-</ul>
-The script can be in one of two forms. If the JAR file is to be
-run by Communicator (or any program that interprets Javascript), the
-instructions will be in the form of a SmartUpdate script.
-<a href="http://devedge/library/documentation/security/jmpkcs/">Documentation
-</a> on creating this script can be found on DevEdge.
-
-<p>If the
-JAR file is to be run by a server, modutil, or any other program that
-doesn't interpret Javascript, a special information file must be included
-in the format described in this document.
-
-<h2>Declaring the Script in the Manifest File</h2>
-The script can have any name, but it must be declared in the manifest file
-of the JAR archive. The metainfo tag for this is
-<code>Pkcs11_install_script</code>. Meta-information is put in the manifest
-file by putting it in a file which is passed to
-<a href="http://developer.netscape.com/software/index_frame.html?content=signedobj/jarpack.html#signtool1.3">Signtool</a>. For example,
-suppose the PKCS #11 installer script is in the file <code>pk11install</code>.
-In Signtool's metainfo file, you would have a line like this:
-<blockquote><pre>
-+ Pkcs11_install_script: pk11install
-</pre></blockquote>
-
-<h2>Sample Script File</h2>
-<blockquote><pre>
-ForwardCompatible { IRIX:6.2:mips Solaris:5.5.1:sparc }
-Platforms {
- WINNT::x86 {
- ModuleName { "Fortezza Module" }
- ModuleFile { win32/fort32.dll }
- DefaultMechanismFlags{0x0001}
- DefaultCipherFlags{0x0001}
- Files {
- win32/setup.exe {
- Executable
- RelativePath { %temp%/setup.exe }
- }
- win32/setup.hlp {
- RelativePath { %temp%/setup.hlp }
- }
- win32/setup.cab {
- RelativePath { %temp%/setup.cab }
- }
- }
- }
- WIN95::x86 {
- EquivalentPlatform {WINNT::x86}
- }
- Solaris:5.5.1:sparc {
- ModuleName { "Fortezza UNIX Module" }
- ModuleFile { unix/fort.so }
- DefaultMechanismFlags{0x0001}
- CipherEnableFlags{0x0001}
- Files {
- unix/fort.so {
- RelativePath{%root%/lib/fort.so}
- AbsolutePath{/usr/local/netscape/lib/fort.so}
- FilePermissions{555}
- }
- xplat/instr.html {
- RelativePath{%root%/docs/inst.html}
- AbsolutePath{/usr/local/netscape/docs/inst.html}
- FilePermissions{555}
- }
- }
- }
- IRIX:6.2:mips {
- EquivalentPlatform { Solaris:5.5.1:sparc }
- }
-}
-</pre></blockquote>
-
-<hr>
-
-<h2>Script File Grammar</h2>
-<blockquote><pre>
---> <i>valuelist</i>
-
-<i>valuelist</i> --> <i>value</i> <i>valuelist</i>
-<i> </i> <i>&lt;null&gt;</i>
-
-<i>value</i> --> <i>key_value_pair</i>
-<i> </i> <i>string</i>
-
-<i>key_value_pair</i> --> <i>key</i> { <i>valuelist</i> }
-
-<i>key</i> --> <i>string</i>
-
-<i>string</i> --> <i>simple_string</i>
-<i> </i> "<i>complex_string</i>"
-
-<i>simple_string</i> --> [^ \t\n\""{""}"]+ <font size=-1><i>(no whitespace, quotes, or braces)</i></font>
-
-<i>complex_string</i> --> ([^\"\\\r\n]|(\\\")|(\\\\))+ <font size=-1><i>(quotes and backslashes must be escaped with a backslash, no newlines or carriage returns are allowed in the string)</i></font>
-</pre></blockquote>
-Outside of complex strings, all whitespace (space, tab, newline) is considered
-equal and is used only to delimit tokens.
-
-<hr>
-
-<h2>Keys</h2>
-Keys are case-insensitive.
-<h3>Global Keys</h3>
-<dl>
-<dt><code>ForwardCompatible</code>
-<dd>Gives a list of platforms that are forward compatible. If the current
-platform cannot be found in the list of supported platforms, then the
-ForwardCompatible list will be checked for any platforms that have the same
-OS and architecture and an earlier version. If one is found, its
-attributes will be used for the current platform.
-<dt><code>Platforms</code> (<i>required</i>)
-<dd>Gives a list of platforms. Each entry in the list is itself a key-value
-pair:
-the key is the name of the platform, and the valuelist contains various
-attributes of the platform. The ModuleName, ModuleFile, and Files attributes
-must be specified, unless an EquivalentPlatform attribute is specified.
-The platform string is in the following
-format: <u><i>system name</i></u>:<u><i>os release</i></u>:<u><i>architecture</i></u>. The installer
-will obtain these values from NSPR. <u><i>os release</i></u> is an empty
-string on non-UNIX operating systems. The following system names and platforms
-are currently defined by NSPR:<code>
-<ul>
-<li>AIX (rs6000)
-<li>BSDI (x86)
-<li>FREEBSD (x86)
-<li>HPUX (hppa1.1)
-<li>IRIX (mips)
-<li>LINUX (ppc, alpha, x86)
-<li>MacOS (PowerPC) </code>(<i>Note: NSPR actually defines the OS as
-"</i><code>Mac OS</code><i>". The
-space makes the name unsuitable for being embedded in identifiers. Until
-NSPR changes, you will have to add some special code to deal with this case.
-</i>)<code>
-<li>NCR (x86)
-<li>NEC (mips)
-<li>OS2 (x86)
-<li>OSF (alpha)
-<li>ReliantUNIX (mips)
-<li>SCO (x86)
-<li>SOLARIS (sparc)
-<li>SONY (mips)
-<li>SUNOS (sparc)
-<li>UnixWare (x86)
-<li>WIN16 (x86)
-<li>WIN95 (x86)
-<li>WINNT (x86)
-</ul>
-</code>
-Examples of valid platform strings: <code>IRIX:6.2:mips, Solaris:5.5.1:sparc,
-Linux:2.0.32:x86, WIN95::x86</code>.
-</dl>
-
-<h3>Per-Platform Keys</h3>
-These keys only have meaning within the value list of an entry in
-the <code>Platforms</code> list.
-<dl>
-<dt><code>ModuleName</code> (<i>required</i>)
-<dd>Gives the common name for the module. This name will be used to
-reference the module from Communicator, modutil, servers, or any other
-program that uses the Netscape security module database.
-<dt><code>ModuleFile</code> (<i>required</i>)
-<dd>Names the PKCS #11 module file (DLL or .so) for this platform. The name
-is given as the relative path of the file within the JAR archive.
-<dt><code>Files</code> (<i>required</i>)
-<dd>Lists the files that should be installed for this module. Each entry
-in the file list is a key-value pair: the key is the path of the file in
-the JAR archive, and
-the valuelist contains attributes of the file. At least RelativePath and
-AbsoluteDir must be specified in this valuelist.
-<dt><code>DefaultMechanismFlags</code>
-<dd>This key-value pair specifies
-of which mechanisms this module will be a default provider. It is a bitstring
-specified in hexadecimal (0x) format. It is constructed as a bitwise OR
-of the following constants. If the <code>DefaultMechanismFlags</code>
-entry is omitted, the value will default to 0x0.
-<blockquote><pre>
-RSA: 0x0000 0001
-DSA: 0x0000 0002
-RC2: 0x0000 0004
-RC4: 0x0000 0008
-DES: 0x0000 0010
-DH: 0x0000 0020
-FORTEZZA: 0x0000 0040
-RC5: 0x0000 0080
-SHA1: 0x0000 0100
-MD5: 0x0000 0200
-MD2: 0x0000 0400
-RANDOM: 0x0800 0000
-FRIENDLY: 0x1000 0000
-OWN_PW_DEFAULTS: 0x2000 0000
-DISABLE: 0x4000 0000
-</pre></blockquote>
-<dt><code>CipherEnableFlags</code>
-<dd>This key-value pair specifies
-which SSL ciphers will be enabled. It is a bitstring specified in
-hexadecimal (0x) format. It is constructed as a bitwise OR of the following
-constants. If the <code>CipherEnableFlags</code> entry is omitted, the
-value will default to 0x0.
-<blockquote><pre>
-FORTEZZA: 0x0000 0001
-</pre></blockquote>
-<dt><code>EquivalentPlatform</code>
-<dd>Specifies that the attributes of the named platform should also be used
-for the current platform. Saves typing when there is more than one platform
-that uses the same settings.
-</dl>
-
-<h3>Per-File Keys</h3>
-These keys only have meaning within the valuelist of an entry in a
-<code>Files</code> list. At least one of <code>RelativePath</code> and
-<code>AbsolutePath</code> must be specified. If both are specified, the
-relative path will be tried first and the absolute path used only if no
-relative root directory is provided by the installer program.
-<dl>
-<dt><code>RelativePath</code>
-<dd>Specifies the destination directory of the file, relative to some directory
-decided at install-time. Two variables can be used in the relative
-path, "%root%" and "%temp%". "%root%" will be replaced at run-time with
-the directory relative to which files should be installed; for
-example, it may be the server's root directory or Communicator's root
-directory. "%temp%" is a directory that will be created at the beginning
-of the installation and destroyed at the end of the installation. Its purpose
-is to hold executable files (such as setup programs), or files that are
-used by these programs. For example, a Windows installation might consist
-of a <code>setup.exe</code> installation program, a help file, and a .cab file
-containing compressed information. All these files could be installed into the
-temporary directory. Files destined for the temporary directory are guaranteed
-to be in place before any executable file is run, and will not be deleted
-until all executable files have finished.
-<dt><code>AbsoluteDir</code>
-<dd>Specifies the destination directory of the file as an absolute path.
-This will only be used if the installer is unable to determine a
-relative directory.
-<dt><code>Executable</code>
-<dd>This string specifies that the file is to be executed during the
-course of the
-installation. Typically this would be used for a setup program provided
-by a module vendor, such as a self-extracting <code>setup.exe</code>.
-More than one file can be specified as executable, in which case they will
-be run in the order they are specified in the script file.
-<dt><code>FilePermissions</code>
-<dd>This string is interpreted as a string of octal digits, according to the
-standard UNIX format. It is a bitwise OR of the following constants:
-<blockquote><pre>
-user read: 400
-user write: 200
-user execute: 100
-group read: 040
-group write: 020
-group execute: 010
-other read: 004
-other write: 002
-other execute: 001
-</pre></blockquote>
-Some platforms may not understand these permissions. They will only be
-applied insofar as makes sense for the current platform. If this attribute
-is omitted, a default of 777 is assumed.
-
-</body>
-</html>
diff --git a/security/nss/cmd/modutil/rules.mk b/security/nss/cmd/modutil/rules.mk
deleted file mode 100644
index b34662513..000000000
--- a/security/nss/cmd/modutil/rules.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Some versions of yacc generate files that include platform-specific
-# system headers. For example, the yacc in Solaris 2.6 inserts
-# #include <values.h>
-# which does not exist on NT. For portability, always use Berkeley
-# yacc (such as the yacc in Linux) to generate files.
-#
-
-generate: installparse.c installparse.l
-
-installparse.c:
- yacc -p Pk11Install_yy -d installparse.y
- mv y.tab.c installparse.c
- mv y.tab.h installparse.h
-
-installparse.l:
- lex -olex.Pk11Install_yy.c -PPk11Install_yy installparse.l
- @echo
- @echo "**YOU MUST COMMENT OUT UNISTD.H FROM lex.Pk11Install_yy.cpp**"
-
-install.c: install-ds.h install.h
diff --git a/security/nss/cmd/modutil/specification.html b/security/nss/cmd/modutil/specification.html
deleted file mode 100644
index 48a1ab7cd..000000000
--- a/security/nss/cmd/modutil/specification.html
+++ /dev/null
@@ -1,351 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<head>
-<title>Modutil Specification</title>
-</head>
-<body bgcolor=white fgcolor=black>
-<center><h1>PKCS #11 Module Management Utility
-<br><i>Specification</i></h1></center>
-
-<!---------------------------------------------------------------------->
-<!-------------------------- capabilities ------------------------------>
-<!---------------------------------------------------------------------->
-<h2>Capabilities</h2>
-<ul>
-<li>Add a PKCS #11 module, specifying a name and library file.
-(<a href="#add">-add</a>)
-<li>Add a PKCS #11 module from a server-formatted JAR file.
-(<a href="#jar">-jar</a>)
-<li>Change the password on or initialize a token.
-(<a href="#changepw">-changepw</a>)
-<li>Create databases (secmod[ule].db, key3.db, cert7.db) from scratch.
-(<a href="#create">-create</a>)
-<li>Switch to and from FIPS-140-1 compliant mode.
-(<a href="#fips">-fips</a>)
-<li>Delete a PKCS #11 module. (<a href="#delete">-delete</a>)
-<li>List installed PKCS #11 modules. (<a href="#list">-list</a>)
-<li>List detailed info on a particular module and its tokens, including
-whether needs login, is hardware, needs user init
-(<a href="#list">-list</a>)
-<li>Specify which modules should be the default provider of various
-cryptographic operations.(<a href="#default">-default</a>,
-<a href="#undefault">-undefault</a>)
-<li>Disable and enable slots, find out whether and why they are disabled.
-(<a href="#disable">-disable</a>, <a href="#enable">-enable</a>,
-<a href="#list">-list</a>)
-</ul>
-
-<hr>
-
-<!---------------------------------------------------------------------->
-<!-------------------------- Usage ------------------------------------->
-<!---------------------------------------------------------------------->
-<h2>Usage</h2>
-<code>modutil [<i>command</i>] [<i>options</i>]</code>
-<p>At most one command can be specified. With no arguments,
-<code>modutil</code> prints a usage message.
-<h3>Commands:</h3>
-<table border>
-<tr bgcolor="#cccccc">
-<th>Command</th><th>Description</th>
-</tr>
-
-<!---------------------------- -add ------------------------------>
-<tr>
-<td> <a name="add"></a>
-<code>-add <u><i>module name</i></u> -libfile <u><i>library file</i></u>
- [-ciphers <u><i>cipher enable list</i></u>]
- [-mechanisms <u><i>default mechanism list</i></u>]
-</code></td>
-<td>Adds a new module to the database with the given name.
-
-<p><u><i>library file</i></u> is the path of the DLL or other library file
-containing the module's implementation of the PKCS #11 interface.
-
-<p><u><i>cipher enable flags</i></u> is a colon-separated list of ciphers
-that will be enabled on this module. The list should be enclosed within quotes
-if necessary to prevent shell interpretation. The following ciphers are
-currently available:
-<ul>
-<li>FORTEZZA
-</ul>
-
-<p><u><i>default mechanism flags</i></u> is a colon-separated list of
-mechanisms for which this module should be the default provider. The
-list should be enclosed within quotes if necessary to prevent shell
-interpretation. <b>This
-list does not enable the mechanisms; it only specifies that this module
-will be a default provider for the listed mechanisms.</b> If more than
-one module claims to be a default provider for a given mechanism, it is
-undefined which will actually be chosen to provide that mechanism. The
-following mechanisms are currently available:
-<ul>
-<li>RSA
-<li>DSA
-<li>RC2
-<li>RC4
-<li>RC5
-<li>DES
-<li>DH
-<li>FORTEZZA
-<li>SHA1
-<li>MD5
-<li>MD2
-<li>RANDOM <i>(random number generation)</i>
-<li>FRIENDLY <i>(certificates are publicly-readable)</i>
-</ul>
-</td>
-</tr>
-
-<!-------------------------- -changepw ------------------------------------->
-<tr>
-<td><a name="changepw"></a><code>-changepw <u><i>token name</i></u>
-[-pwfile <u><i>old password file</i></u>]
-[-newpwfile <u><i>new password file</i></u>]</code></td>
-<td>Changes the password on the named token. If the token has not been
-initialized, this command will initialize the PIN.
-If a password file is given, the password will be read from that file;
-otherwise, the password will be obtained interactively.
-<b>Storing passwords in a file is much less secure than supplying them
-interactively.</b>
-<p>The password on the Netscape internal module cannot be changed if
-the <code>-nocertdb</code> option is specified.
-</td>
-</tr>
-
-<!-------------------------- -create ------------------------------------->
-<tr>
-<td><a name="create"></a><code>-create</code></td>
-<td>Creates a new secmod[ule].db, key3.db, and cert7.db in the directory
-specified with the
-<code>-dbdir</code> option, if one is specified. If no directory is
-specified, UNIX systems will use the user's .netscape directory, while other
-systems will return with an error message. If any of these databases already
-exist in the chosen directory, an error message is returned.
-<p>If used with <code>-nocertdb</code>, only secmod[ule].db will be created;
-cert7.db and key3.db will not be created.
-</td>
-</tr>
-
-<!------------------------------ -default -------------------------------->
-<tr>
-<td> <a name="default"></a> <code>-default <u><i>module name</i></u>
--mechanisms <u><i>mechanism list</i></u></code>
-</td>
-<td>Specifies that the given module will be a default provider of the
-listed mechanisms. The mechanism list is the same as in the <code>-add</code>
-command.
-</td>
-</tr>
-
-<!-------------------------- -delete ------------------------------------->
-<tr>
-<td><a name="delete"></a><code>-delete <u><i>module name</i></u></code></td>
-<td>Deletes the named module from the database</td>
-</tr>
-
-<!-------------------------- -disable ------------------------------------->
-<tr>
-<td> <a name="disable"></a> <code>-disable <u><i>module name</i></u>
-[-slot <u><i>slot name</i></u>]</code></td>
-<td>Disables the named slot. If no slot is specified, all slots on
-the module are disabled.</td>
-</tr>
-
-<!-------------------------- -enable ------------------------------------->
-<tr>
-<td> <a name="enable"></a> <code>-enable <u><i>module name</i></u>
-[-slot <u><i>slot name</i></u>]</code></td>
-<td>Enables the named slot. If no slot is specified, all slots on
-the module are enabled.</td>
-</tr>
-
-<!-------------------------- -fips ------------------------------------->
-<tr>
-<td><a name="fips"></a><code>-fips [true | false]</code></td>
-<td>Enables or disables FIPS mode on the internal module. Passing
-<code>true</code> enables FIPS mode, passing <code>false</code> disables
-FIPS mode.</td>
-</tr>
-
-<!-------------------------- -force ------------------------------------->
-<tr>
-<td><a name="force"></a><code>-force</code></td>
-<td>Disables interactive prompts, so modutil can be run in a script.
-Should only be used by experts, since the prompts may relate to security
-or database integrity. Before using this option, test the command
-interactively once to see the warnings that are produced.</td>
-</tr>
-
-<!-------------------------- -jar ------------------------------------->
-<tr>
-<td><a name="jar"></a><code>-jar <u><i>JAR file</i></u>
--installdir <u><i>root installation directory</i></u>
-[-tempdir <u><i>temporary directory</i></u>]</code></td>
-<td>Adds a new module from the given JAR file. The JAR file uses the
-server <a href="pk11jar.html">PKCS #11 JAR format</a> to describe the names of
-any files that need to be installed, the name of the module, mechanism flags,
-and cipher flags. The <u><i>root installation directory</i></u>
-is the directory relative to which files will be installed. This should be a
- directory
-under which it would be natural to store dynamic library files, such as
-a server's root directory, or Communicator's root directory.
-The <u><i>temporary directory</i></u> is where temporary modutil files
-will be created in the course of the installation. If no temporary directory
-is specified, the current directory will be used.
-<p>If used with the <code>-nocertdb</code> option, the signatures on the JAR
-file will not be checked.</td>
-</tr>
-
-<!----------------------------- -list ------------------------------>
-<tr>
-<td><a name="list"></a><code>-list [<u><i>module name</i></u>]</code></td>
-<td>Without an argument, lists the PKCS #11 modules present in the module
-database.
-<blockquote>
-<pre>
-% <b>modutil -list</b>
-Using database directory /u/nicolson/.netscape...
-
-Listing of PKCS #11 Modules
------------------------------------------------------------
- 1. Netscape Internal PKCS #11 Module
- slots: 2 slots attached
- status: loaded
-
- slot: Communicator Internal Cryptographic Services Version 4.0
- token: Communicator Generic Crypto Svcs
-
- slot: Communicator User Private Key and Certificate Services
- token: Communicator Certificate DB
------------------------------------------------------------
-</pre>
-</blockquote>
-<p>With an argument, provides a detailed description of the named module
-and its slots and tokens.
-<blockquote>
-<pre>
-% <b>modutil -list "Netscape Internal PKCS #11 Module"</b>
-Using database directory /u/nicolson/.netscape...
-
------------------------------------------------------------
-Name: Netscape Internal PKCS #11 Module
-Library file: **Internal ONLY module**
-Manufacturer: Netscape Communications Corp
-Description: Communicator Internal Crypto Svc
-PKCS #11 Version 2.0
-Library Version: 4.0
-Cipher Enable Flags: None
-Default Mechanism Flags: RSA:DSA:RC2:RC4:DES:SHA1:MD5:MD2
-
- Slot: Communicator Internal Cryptographic Services Version 4.0
- Manufacturer: Netscape Communications Corp
- Type: Software
- Version Number: 4.1
- Firmware Version: 0.0
- Status: Enabled
- Token Name: Communicator Generic Crypto Svcs
- Token Manufacturer: Netscape Communications Corp
- Token Model: Libsec 4.0
- Token Serial Number: 0000000000000000
- Token Version: 4.0
- Token Firmware Version: 0.0
- Access: Write Protected
- Login Type: Public (no login required)
- User Pin: NOT Initialized
-
- Slot: Communicator User Private Key and Certificate Services
- Manufacturer: Netscape Communications Corp
- Type: Software
- Version Number: 3.0
- Firmware Version: 0.0
- Status: Enabled
- Token Name: Communicator Certificate DB
- Token Manufacturer: Netscape Communications Corp
- Token Model: Libsec 4.0
- Token Serial Number: 0000000000000000
- Token Version: 7.0
- Token Firmware Version: 0.0
- Access: NOT Write Protected
- Login Type: Login required
- User Pin: Initialized
-
------------------------------------------------------------
-</pre>
-</blockquote>
-</td>
-</tr>
-
-<!------------------------------ Undefault ------------------------------->
-<tr>
-<td><a name="undefault"></a><code>-undefault <u><i>module name</i></u>
--mechanisms <u><i>mechanism list</i></u></code></td>
-<td>Specifies that the given module will NOT be a default provider of
-the listed mechanisms. This command clears the default mechanism flags
-for the given module.</td>
-</tr>
-
-</table>
-
-<!------------------------------------------------------------------------>
-<!------------------------------ Options --------------------------------->
-<!------------------------------------------------------------------------>
-<h3>Options:</h3>
-<table border>
-<tr bgcolor="#cccccc"><th>Option</th><th>Description</th> </tr>
-
-<!------------------------------ -dbdir ---------------------------------->
-<tr>
-<td><code>-dbdir <u><i>directory</i></u></code></td>
-<td>Specifies which directory holds the module database. On UNIX systems,
-the user's netscape directory is the default. On other systems, there is
-no default, and this option must be used.</td>
-</tr>
-
-<!------------------------------ -dbdir ---------------------------------->
-<tr>
-<td><code>-nocertdb</code></td>
-<td>Do not open the certificate or key databases. This has several effects.
-With the <code>-create</code> command, this means that only a secmod.db file
-will be created; cert7.db and key3.db will not be created. With the
-<code>-jar</code> command, signatures on the JAR file will not be checked.
-With the <code>-changepw</code> command, the password on the Netscape internal
-module cannot be set or changed, since this password is stored in key3.db.
-</td>
-</tr>
-
-</table>
-
-</body>
-</html>
diff --git a/security/nss/cmd/ocspclnt/Makefile b/security/nss/cmd/ocspclnt/Makefile
deleted file mode 100644
index 490f738e5..000000000
--- a/security/nss/cmd/ocspclnt/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
diff --git a/security/nss/cmd/ocspclnt/manifest.mn b/security/nss/cmd/ocspclnt/manifest.mn
deleted file mode 100644
index 225bc7c4a..000000000
--- a/security/nss/cmd/ocspclnt/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
- ocspclnt.c \
- $(NULL)
-
-# headers for the MODULE (defined above) are implicitly required.
-REQUIRES = dbm seccmd
-
-# WINNT uses EXTRA_LIBS as the list of libs to link in.
-# Unix uses OS_LIBS for that purpose.
-# We can solve this via conditional makefile code, but
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-# So, look in the local Makefile for the defines for the list of libs.
-
-PROGRAM = ocspclnt
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/ocspclnt/ocspclnt.c b/security/nss/cmd/ocspclnt/ocspclnt.c
deleted file mode 100644
index a5a1448c6..000000000
--- a/security/nss/cmd/ocspclnt/ocspclnt.c
+++ /dev/null
@@ -1,1219 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Test program for client-side OCSP.
- *
- * $Id$
- */
-
-#include "secutil.h"
-#include "nspr.h"
-#include "plgetopt.h"
-#include "nss.h"
-#include "cert.h"
-#include "ocsp.h"
-#include "xconst.h" /*
- * XXX internal header file; needed to get at
- * cert_DecodeAuthInfoAccessExtension -- would be
- * nice to not need this, but that would require
- * better/different APIs.
- */
-
-#ifndef NO_PP /*
- * Compile with this every once in a while to be
- * sure that no dependencies on it get added
- * outside of the pretty-printing routines.
- */
-#include "ocspti.h" /* internals for pretty-printing routines *only* */
-#endif /* NO_PP */
-
-#define DEFAULT_DB_DIR "~/.netscape"
-
-
-static void
-synopsis (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- PR_fprintf (pr_stderr, "Usage:");
- PR_fprintf (pr_stderr,
- "\t%s -p [-d <dir>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -P [-d <dir>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -r <name> [-L] [-s <name>] [-d <dir>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -R <name> [-l <location>] [-s <name>] [-d <dir>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t%s -S <name> [-l <location> -t <name>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t\t [-s <name>] [-w <time>] [-d <dir>]\n");
- PR_fprintf (pr_stderr,
- "\t%s -V <name> -u <usage> [-l <location> -t <name>]\n",
- program_name);
- PR_fprintf (pr_stderr,
- "\t\t [-s <name>] [-w <time>] [-d <dir>]\n");
-}
-
-
-static void
-short_usage (char *program_name)
-{
- PR_fprintf (PR_STDERR,
- "Type %s -H for more detailed descriptions\n",
- program_name);
- synopsis (program_name);
-}
-
-
-static void
-long_usage (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- synopsis (program_name);
- PR_fprintf (pr_stderr, "\nCommands (must specify exactly one):\n");
- PR_fprintf (pr_stderr,
- " %-13s Pretty-print a binary request read from stdin\n",
- "-p");
- PR_fprintf (pr_stderr,
- " %-13s Pretty-print a binary response read from stdin\n",
- "-P");
- PR_fprintf (pr_stderr,
- " %-13s Create a request for cert \"nickname\" on stdout\n",
- "-r nickname");
- PR_fprintf (pr_stderr,
- " %-13s Get response for cert \"nickname\", dump to stdout\n",
- "-R nickname");
- PR_fprintf (pr_stderr,
- " %-13s Get status for cert \"nickname\"\n",
- "-S nickname");
- PR_fprintf (pr_stderr,
- " %-13s Fully verify cert \"nickname\", w/ status check\n",
- "-V nickname");
- PR_fprintf (pr_stderr, "Options:\n");
- PR_fprintf (pr_stderr,
- " %-13s Add the service locator extension to the request\n",
- "-L");
- PR_fprintf (pr_stderr,
- " %-13s Find security databases in \"dbdir\" (default %s)\n",
- "-d dbdir", DEFAULT_DB_DIR);
- PR_fprintf (pr_stderr,
- " %-13s Use \"location\" as URL of responder\n",
- "-l location");
- PR_fprintf (pr_stderr,
- " %-13s Trust cert \"nickname\" as response signer\n",
- "-t nickname");
- PR_fprintf (pr_stderr,
- " %-13s Sign requests with cert \"nickname\"\n",
- "-s nickname");
- PR_fprintf (pr_stderr,
- " %-13s Type of certificate usage for verification:\n",
- "-u usage");
- PR_fprintf (pr_stderr,
- "%-17s c SSL Client\n", "");
- PR_fprintf (pr_stderr,
- "%-17s s SSL Server\n", "");
- PR_fprintf (pr_stderr,
- "%-17s e Email Recipient\n", "");
- PR_fprintf (pr_stderr,
- "%-17s E Email Signer\n", "");
- PR_fprintf (pr_stderr,
- "%-17s S Object Signer\n", "");
- PR_fprintf (pr_stderr,
- "%-17s C CA\n", "");
- PR_fprintf (pr_stderr,
- " %-13s Validity time (default current time), one of:\n",
- "-w time");
- PR_fprintf (pr_stderr,
- "%-17s %-25s (GMT)\n", "", "YYMMDDhhmm[ss]Z");
- PR_fprintf (pr_stderr,
- "%-17s %-25s (later than GMT)\n", "", "YYMMDDhhmm[ss]+hhmm");
- PR_fprintf (pr_stderr,
- "%-17s %-25s (earlier than GMT)\n", "", "YYMMDDhhmm[ss]-hhmm");
-}
-
-
-/*
- * XXX This is a generic function that would probably make a good
- * replacement for SECU_DER_Read (which is not at all specific to DER,
- * despite its name), but that requires fixing all of the tools...
- * Still, it should be done, whenenver I/somebody has the time.
- * (Also, consider whether this actually belongs in the security
- * library itself, not just in the command library.)
- *
- * This function takes an open file (a PRFileDesc *) and reads the
- * entire file into a SECItem. (Obviously, the file is intended to
- * be small enough that such a thing is advisable.) Both the SECItem
- * and the buffer it points to are allocated from the heap; the caller
- * is expected to free them. ("SECITEM_FreeItem(item, PR_TRUE)")
- */
-static SECItem *
-read_file_into_item (PRFileDesc *in_file, SECItemType si_type)
-{
- PRStatus prv;
- SECItem *item;
- PRFileInfo file_info;
- PRInt32 bytes_read;
-
- prv = PR_GetOpenFileInfo (in_file, &file_info);
- if (prv != PR_SUCCESS)
- return NULL;
-
- if (file_info.size == 0) {
- /* XXX Need a better error; just grabbed this one for expediency. */
- PORT_SetError (SEC_ERROR_INPUT_LEN);
- return NULL;
- }
-
- if (file_info.size > 0xffff) { /* I think this is too big. */
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- item = PORT_Alloc (sizeof (SECItem));
- if (item == NULL)
- return NULL;
-
- item->type = si_type;
- item->len = (unsigned int) file_info.size;
- item->data = PORT_Alloc ((size_t)item->len);
- if (item->data == NULL)
- goto loser;
-
- bytes_read = PR_Read (in_file, item->data, (PRInt32) item->len);
- if (bytes_read < 0) {
- /* Something went wrong; error is already set for us. */
- goto loser;
- } else if (bytes_read == 0) {
- /* Something went wrong; we read nothing. But no system/nspr error. */
- /* XXX Need to set an error here. */
- goto loser;
- } else if (item->len != (unsigned int)bytes_read) {
- /* Something went wrong; we read less (or more!?) than we expected. */
- /* XXX Need to set an error here. */
- goto loser;
- }
-
- return item;
-
-loser:
- SECITEM_FreeItem (item, PR_TRUE);
- return NULL;
-}
-
-
-/*
- * Create a DER-encoded OCSP request (for the certificate whose nickname
- * is "name") and dump it out.
- */
-static SECStatus
-create_request (FILE *out_file, CERTCertDBHandle *handle, const char *cert_name,
- PRBool add_service_locator, PRBool add_acceptable_responses)
-{
- CERTCertificate *cert = NULL;
- CERTCertList *certs = NULL;
- CERTOCSPRequest *request = NULL;
- int64 now = PR_Now();
- SECItem *encoding = NULL;
- SECStatus rv = SECFailure;
-
- if (handle == NULL || cert_name == NULL)
- goto loser;
-
- cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
- if (cert == NULL)
- goto loser;
-
- /*
- * We need to create a list of one.
- */
- certs = CERT_NewCertList();
- if (certs == NULL)
- goto loser;
-
- if (CERT_AddCertToListTail (certs, cert) != SECSuccess)
- goto loser;
-
- /*
- * Now that cert is included in the list, we need to be careful
- * that we do not try to destroy it twice. This will prevent that.
- */
- cert = NULL;
-
- request = CERT_CreateOCSPRequest (certs, now, add_service_locator, NULL);
- if (request == NULL)
- goto loser;
-
- if (add_acceptable_responses) {
- rv = CERT_AddOCSPAcceptableResponses(request,
- SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
- if (rv != SECSuccess)
- goto loser;
- }
-
- encoding = CERT_EncodeOCSPRequest (NULL, request, NULL);
- if (encoding == NULL)
- goto loser;
-
- if (fwrite (encoding->data, encoding->len, 1, out_file) != 1)
- goto loser;
-
- rv = SECSuccess;
-
-loser:
- if (encoding != NULL)
- SECITEM_FreeItem(encoding, PR_TRUE);
- if (request != NULL)
- CERT_DestroyOCSPRequest(request);
- if (certs != NULL)
- CERT_DestroyCertList (certs);
- if (cert != NULL)
- CERT_DestroyCertificate (cert);
-
- return rv;
-}
-
-
-/*
- * Create a DER-encoded OCSP request (for the certificate whose nickname is
- * "cert_name"), then get and dump a corresponding response. The responder
- * location is either specified explicitly (as "responder_url") or found
- * via the AuthorityInfoAccess URL in the cert.
- */
-static SECStatus
-dump_response (FILE *out_file, CERTCertDBHandle *handle, const char *cert_name,
- const char *responder_url)
-{
- CERTCertificate *cert = NULL;
- CERTCertList *certs = NULL;
- char *loc = NULL;
- int64 now = PR_Now();
- SECItem *response = NULL;
- SECStatus rv = SECFailure;
- PRBool includeServiceLocator;
-
- if (handle == NULL || cert_name == NULL)
- goto loser;
-
- cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
- if (cert == NULL)
- goto loser;
-
- if (responder_url != NULL) {
- loc = (char *) responder_url;
- includeServiceLocator = PR_TRUE;
- } else {
- loc = CERT_GetOCSPAuthorityInfoAccessLocation (cert);
- if (loc == NULL)
- goto loser;
- includeServiceLocator = PR_FALSE;
- }
-
- /*
- * We need to create a list of one.
- */
- certs = CERT_NewCertList();
- if (certs == NULL)
- goto loser;
-
- if (CERT_AddCertToListTail (certs, cert) != SECSuccess)
- goto loser;
-
- /*
- * Now that cert is included in the list, we need to be careful
- * that we do not try to destroy it twice. This will prevent that.
- */
- cert = NULL;
-
- response = CERT_GetEncodedOCSPResponse (NULL, certs, loc, now,
- includeServiceLocator,
- NULL, NULL, NULL);
- if (response == NULL)
- goto loser;
-
- if (fwrite (response->data, response->len, 1, out_file) != 1)
- goto loser;
-
- rv = SECSuccess;
-
-loser:
- if (response != NULL)
- SECITEM_FreeItem (response, PR_TRUE);
- if (certs != NULL)
- CERT_DestroyCertList (certs);
- if (loc != NULL && loc != responder_url)
- PORT_Free (loc);
- if (cert != NULL)
- CERT_DestroyCertificate (cert);
-
- return rv;
-}
-
-
-/*
- * Get the status for the specified certificate (whose nickname is "cert_name").
- * Directly use the OCSP function rather than doing a full verification.
- */
-static SECStatus
-get_cert_status (FILE *out_file, CERTCertDBHandle *handle,
- const char *cert_name, int64 verify_time)
-{
- CERTCertificate *cert = NULL;
- SECStatus rv = SECFailure;
-
- if (handle == NULL || cert_name == NULL)
- goto loser;
-
- cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
- if (cert == NULL)
- goto loser;
-
- rv = CERT_CheckOCSPStatus (handle, cert, verify_time, NULL);
-
- fprintf (out_file, "Check of certificate \"%s\" ", cert_name);
- if (rv == SECSuccess) {
- fprintf (out_file, "succeeded.\n");
- } else {
- const char *error_string = SECU_Strerror(PORT_GetError());
- fprintf (out_file, "failed. Reason:\n");
- if (error_string != NULL && PORT_Strlen(error_string) > 0)
- fprintf (out_file, "%s\n", error_string);
- else
- fprintf (out_file, "Unknown\n");
- }
-
- rv = SECSuccess;
-
-loser:
- if (cert != NULL)
- CERT_DestroyCertificate (cert);
-
- return rv;
-}
-
-
-/*
- * Verify the specified certificate (whose nickname is "cert_name").
- * OCSP is already turned on, so we just need to call the standard
- * certificate verification API and let it do all the work.
- */
-static SECStatus
-verify_cert (FILE *out_file, CERTCertDBHandle *handle, const char *cert_name,
- SECCertUsage cert_usage, int64 verify_time)
-{
- CERTCertificate *cert = NULL;
- SECStatus rv = SECFailure;
-
- if (handle == NULL || cert_name == NULL)
- goto loser;
-
- cert = CERT_FindCertByNicknameOrEmailAddr (handle, (char *) cert_name);
- if (cert == NULL)
- goto loser;
-
- rv = CERT_VerifyCert (handle, cert, PR_TRUE, cert_usage, verify_time,
- NULL, NULL);
-
- fprintf (out_file, "Verification of certificate \"%s\" ", cert_name);
- if (rv == SECSuccess) {
- fprintf (out_file, "succeeded.\n");
- } else {
- const char *error_string = SECU_Strerror(PORT_GetError());
- fprintf (out_file, "failed. Reason:\n");
- if (error_string != NULL && PORT_Strlen(error_string) > 0)
- fprintf (out_file, "%s\n", error_string);
- else
- fprintf (out_file, "Unknown\n");
- }
-
- rv = SECSuccess;
-
-loser:
- if (cert != NULL)
- CERT_DestroyCertificate (cert);
-
- return rv;
-}
-
-
-#ifdef NO_PP
-
-static SECStatus
-print_request (FILE *out_file, SECItem *data)
-{
- fprintf (out_file, "Cannot pretty-print request compiled with NO_PP.\n");
- return SECSuccess;
-}
-
-static SECStatus
-print_response (FILE *out_file, SECItem *data, CERTCertDBHandle *handle)
-{
- fprintf (out_file, "Cannot pretty-print response compiled with NO_PP.\n");
- return SECSuccess;
-}
-
-#else /* NO_PP */
-
-static void
-print_ocsp_version (FILE *out_file, SECItem *version, int level)
-{
- if (version->len > 0) {
- SECU_PrintInteger (out_file, version, "Version", level);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "Version: DEFAULT\n");
- }
-}
-
-
-static void
-print_ocsp_cert_id (FILE *out_file, CERTOCSPCertID *cert_id, int level)
-{
- SECU_Indent (out_file, level);
- fprintf (out_file, "Cert ID:\n");
- level++;
-
- SECU_PrintAlgorithmID (out_file, &(cert_id->hashAlgorithm),
- "Hash Algorithm", level);
- SECU_PrintAsHex (out_file, &(cert_id->issuerNameHash),
- "Issuer Name Hash", level);
- SECU_PrintAsHex (out_file, &(cert_id->issuerKeyHash),
- "Issuer Key Hash", level);
- SECU_PrintInteger (out_file, &(cert_id->serialNumber),
- "Serial Number", level);
- /* XXX lookup the cert; if found, print something nice (nickname?) */
-}
-
-
-static void
-print_raw_certificates (FILE *out_file, SECItem **raw_certs, int level)
-{
- SECItem *raw_cert;
- int i = 0;
- char cert_label[50];
-
- SECU_Indent (out_file, level);
-
- if (raw_certs == NULL) {
- fprintf (out_file, "No Certificates.\n");
- return;
- }
-
- fprintf (out_file, "Certificate List:\n");
- while ((raw_cert = raw_certs[i++]) != NULL) {
- sprintf (cert_label, "Certificate (%d)", i);
- (void) SECU_PrintSignedData (out_file, raw_cert, cert_label, level + 1,
- SECU_PrintCertificate);
- }
-}
-
-
-static void
-print_ocsp_extensions (FILE *out_file, CERTCertExtension **extensions,
- char *msg, int level)
-{
- if (extensions) {
- SECU_PrintExtensions (out_file, extensions, msg, level);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No %s\n", msg);
- }
-}
-
-
-static void
-print_single_request (FILE *out_file, ocspSingleRequest *single, int level)
-{
- print_ocsp_cert_id (out_file, single->reqCert, level);
- print_ocsp_extensions (out_file, single->singleRequestExtensions,
- "Single Request Extensions", level);
-}
-
-
-/*
- * Decode the DER/BER-encoded item "data" as an OCSP request
- * and pretty-print the subfields.
- */
-static SECStatus
-print_request (FILE *out_file, SECItem *data)
-{
- CERTOCSPRequest *request;
- ocspTBSRequest *tbsRequest;
- int level = 0;
-
- PORT_Assert (out_file != NULL);
- PORT_Assert (data != NULL);
- if (out_file == NULL || data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- request = CERT_DecodeOCSPRequest (data);
- if (request == NULL || request->tbsRequest == NULL)
- return SECFailure;
-
- tbsRequest = request->tbsRequest;
-
- fprintf (out_file, "TBS Request:\n");
- level++;
-
- print_ocsp_version (out_file, &(tbsRequest->version), level);
-
- /*
- * XXX Probably should be an interface to get the signer name
- * without looking inside the tbsRequest at all.
- */
- if (tbsRequest->requestorName != NULL) {
- SECU_Indent (out_file, level);
- fprintf (out_file, "XXX print the requestorName\n");
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No Requestor Name.\n");
- }
-
- if (tbsRequest->requestList != NULL) {
- int i;
-
- for (i = 0; tbsRequest->requestList[i] != NULL; i++) {
- SECU_Indent (out_file, level);
- fprintf (out_file, "Request %d:\n", i);
- print_single_request (out_file, tbsRequest->requestList[i],
- level + 1);
- }
- } else {
- fprintf (out_file, "Request list is empty.\n");
- }
-
- print_ocsp_extensions (out_file, tbsRequest->requestExtensions,
- "Request Extensions", level);
-
- if (request->optionalSignature != NULL) {
- ocspSignature *whole_sig;
- SECItem rawsig;
-
- fprintf (out_file, "Signature:\n");
-
- whole_sig = request->optionalSignature;
- SECU_PrintAlgorithmID (out_file, &(whole_sig->signatureAlgorithm),
- "Signature Algorithm", level);
-
- rawsig = whole_sig->signature;
- DER_ConvertBitString (&rawsig);
- SECU_PrintAsHex (out_file, &rawsig, "Signature", level);
-
- print_raw_certificates (out_file, whole_sig->derCerts, level);
-
- fprintf (out_file, "XXX verify the sig and print result\n");
- } else {
- fprintf (out_file, "No Signature\n");
- }
-
- CERT_DestroyOCSPRequest (request);
- return SECSuccess;
-}
-
-
-static void
-print_revoked_info (FILE *out_file, ocspRevokedInfo *revoked_info, int level)
-{
- SECU_PrintGeneralizedTime (out_file, &(revoked_info->revocationTime),
- "Revocation Time", level);
-
- if (revoked_info->revocationReason != NULL) {
- SECU_PrintAsHex (out_file, revoked_info->revocationReason,
- "Revocation Reason", level);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No Revocation Reason.\n");
- }
-}
-
-
-static void
-print_cert_status (FILE *out_file, ocspCertStatus *status, int level)
-{
- SECU_Indent (out_file, level);
- fprintf (out_file, "Status: ");
-
- switch (status->certStatusType) {
- case ocspCertStatus_good:
- fprintf (out_file, "Cert is good.\n");
- break;
- case ocspCertStatus_revoked:
- fprintf (out_file, "Cert has been revoked.\n");
- print_revoked_info (out_file, status->certStatusInfo.revokedInfo,
- level + 1);
- break;
- case ocspCertStatus_unknown:
- fprintf (out_file, "Cert is unknown to responder.\n");
- break;
- default:
- fprintf (out_file, "Unrecognized status.\n");
- break;
- }
-}
-
-
-static void
-print_single_response (FILE *out_file, CERTOCSPSingleResponse *single,
- int level)
-{
- print_ocsp_cert_id (out_file, single->certID, level);
-
- print_cert_status (out_file, single->certStatus, level);
-
- SECU_PrintGeneralizedTime (out_file, &(single->thisUpdate),
- "This Update", level);
-
- if (single->nextUpdate != NULL) {
- SECU_PrintGeneralizedTime (out_file, single->nextUpdate,
- "Next Update", level);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No Next Update\n");
- }
-
- print_ocsp_extensions (out_file, single->singleExtensions,
- "Single Response Extensions", level);
-}
-
-
-static void
-print_responder_id (FILE *out_file, ocspResponderID *responderID, int level)
-{
- SECU_Indent (out_file, level);
- fprintf (out_file, "Responder ID ");
-
- switch (responderID->responderIDType) {
- case ocspResponderID_byName:
- fprintf (out_file, "(byName):\n");
- SECU_PrintName (out_file, &(responderID->responderIDValue.name),
- "Name", level + 1);
- break;
- case ocspResponderID_byKey:
- fprintf (out_file, "(byKey):\n");
- SECU_PrintAsHex (out_file, &(responderID->responderIDValue.keyHash),
- "Key Hash", level + 1);
- break;
- default:
- fprintf (out_file, "Unrecognized Responder ID Type\n");
- break;
- }
-}
-
-
-static void
-print_response_data (FILE *out_file, ocspResponseData *responseData, int level)
-{
- SECU_Indent (out_file, level);
- fprintf (out_file, "Response Data:\n");
- level++;
-
- print_ocsp_version (out_file, &(responseData->version), level);
-
- print_responder_id (out_file, responseData->responderID, level);
-
- SECU_PrintGeneralizedTime (out_file, &(responseData->producedAt),
- "Produced At", level);
-
- if (responseData->responses != NULL) {
- int i;
-
- for (i = 0; responseData->responses[i] != NULL; i++) {
- SECU_Indent (out_file, level);
- fprintf (out_file, "Response %d:\n", i);
- print_single_response (out_file, responseData->responses[i],
- level + 1);
- }
- } else {
- fprintf (out_file, "Response list is empty.\n");
- }
-
- print_ocsp_extensions (out_file, responseData->responseExtensions,
- "Response Extensions", level);
-}
-
-
-static void
-print_basic_response (FILE *out_file, ocspBasicOCSPResponse *basic, int level)
-{
- SECItem rawsig;
-
- SECU_Indent (out_file, level);
- fprintf (out_file, "Basic OCSP Response:\n");
- level++;
-
- print_response_data (out_file, basic->tbsResponseData, level);
-
- SECU_PrintAlgorithmID (out_file,
- &(basic->responseSignature.signatureAlgorithm),
- "Signature Algorithm", level);
-
- rawsig = basic->responseSignature.signature;
- DER_ConvertBitString (&rawsig);
- SECU_PrintAsHex (out_file, &rawsig, "Signature", level);
-
- print_raw_certificates (out_file, basic->responseSignature.derCerts, level);
-}
-
-
-/*
- * Note this must match (exactly) the enumeration ocspResponseStatus.
- */
-static char *responseStatusNames[] = {
- "successful (Response has valid confirmations)",
- "malformedRequest (Illegal confirmation request)",
- "internalError (Internal error in issuer)",
- "tryLater (Try again later)",
- "unused ((4) is not used)",
- "sigRequired (Must sign the request)",
- "unauthorized (Request unauthorized)",
- "other (Status value out of defined range)"
-};
-
-/*
- * Decode the DER/BER-encoded item "data" as an OCSP response
- * and pretty-print the subfields.
- */
-static SECStatus
-print_response (FILE *out_file, SECItem *data, CERTCertDBHandle *handle)
-{
- CERTOCSPResponse *response;
- int level = 0;
-
- PORT_Assert (out_file != NULL);
- PORT_Assert (data != NULL);
- if (out_file == NULL || data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- response = CERT_DecodeOCSPResponse (data);
- if (response == NULL)
- return SECFailure;
-
- PORT_Assert (response->statusValue <= ocspResponse_other);
- fprintf (out_file, "Response Status: %s\n",
- responseStatusNames[response->statusValue]);
-
- if (response->statusValue == ocspResponse_successful) {
- ocspResponseBytes *responseBytes = response->responseBytes;
- SECStatus sigStatus;
- CERTCertificate *signerCert = NULL;
-
- PORT_Assert (responseBytes != NULL);
-
- level++;
- fprintf (out_file, "Response Bytes:\n");
- SECU_PrintObjectID (out_file, &(responseBytes->responseType),
- "Response Type", level);
- switch (response->responseBytes->responseTypeTag) {
- case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
- print_basic_response (out_file,
- responseBytes->decodedResponse.basic,
- level);
- break;
- default:
- SECU_Indent (out_file, level);
- fprintf (out_file, "Unknown response syntax\n");
- break;
- }
-
- sigStatus = CERT_VerifyOCSPResponseSignature (response, handle,
- NULL, &signerCert, NULL);
- SECU_Indent (out_file, level);
- fprintf (out_file, "Signature verification ");
- if (sigStatus != SECSuccess) {
- fprintf (out_file, "failed: %s\n", SECU_Strerror (PORT_GetError()));
- } else {
- fprintf (out_file, "succeeded.\n");
- if (signerCert != NULL) {
- SECU_PrintName (out_file, &signerCert->subject, "Signer",
- level);
- CERT_DestroyCertificate (signerCert);
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "No signer cert returned?\n");
- }
- }
- } else {
- SECU_Indent (out_file, level);
- fprintf (out_file, "Unsuccessful response, no more information.\n");
- }
-
- CERT_DestroyOCSPResponse (response);
- return SECSuccess;
-}
-
-#endif /* NO_PP */
-
-
-static SECStatus
-cert_usage_from_char (const char *cert_usage_str, SECCertUsage *cert_usage)
-{
- PORT_Assert (cert_usage_str != NULL);
- PORT_Assert (cert_usage != NULL);
-
- if (PORT_Strlen (cert_usage_str) != 1)
- return SECFailure;
-
- switch (*cert_usage_str) {
- case 'c':
- *cert_usage = certUsageSSLClient;
- break;
- case 's':
- *cert_usage = certUsageSSLServer;
- break;
- case 'e':
- *cert_usage = certUsageEmailRecipient;
- break;
- case 'E':
- *cert_usage = certUsageEmailSigner;
- break;
- case 'S':
- *cert_usage = certUsageObjectSigner;
- break;
- case 'C':
- *cert_usage = certUsageVerifyCA;
- break;
- default:
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-int
-main (int argc, char **argv)
-{
- int retval;
- char *program_name;
- PRFileDesc *in_file;
- FILE *out_file; /* not PRFileDesc until SECU accepts it */
- int crequest, dresponse;
- int prequest, presponse;
- int ccert, vcert;
- const char *db_dir, *date_str, *cert_usage_str, *name;
- const char *responder_name, *responder_url, *signer_name;
- PRBool add_acceptable_responses, add_service_locator;
- SECItem *data = NULL;
- PLOptState *optstate;
- SECStatus rv;
- CERTCertDBHandle *handle = NULL;
- SECCertUsage cert_usage;
- int64 verify_time;
-
- retval = -1; /* what we return/exit with on error */
-
- program_name = PL_strrchr(argv[0], '/');
- program_name = program_name ? (program_name + 1) : argv[0];
-
- in_file = PR_STDIN;
- out_file = stdout;
-
- crequest = 0;
- dresponse = 0;
- prequest = 0;
- presponse = 0;
- ccert = 0;
- vcert = 0;
-
- db_dir = NULL;
- date_str = NULL;
- cert_usage_str = NULL;
- name = NULL;
- responder_name = NULL;
- responder_url = NULL;
- signer_name = NULL;
-
- add_acceptable_responses = PR_FALSE;
- add_service_locator = PR_FALSE;
-
- optstate = PL_CreateOptState (argc, argv, "AHLPR:S:V:d:l:pr:s:t:u:w:");
- if (optstate == NULL) {
- SECU_PrintError (program_name, "PL_CreateOptState failed");
- return retval;
- }
-
- while (PL_GetNextOpt (optstate) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- short_usage (program_name);
- return retval;
-
- case 'A':
- add_acceptable_responses = PR_TRUE;
- break;
-
- case 'H':
- long_usage (program_name);
- return retval;
-
- case 'L':
- add_service_locator = PR_TRUE;
- break;
-
- case 'P':
- presponse = 1;
- break;
-
- case 'R':
- dresponse = 1;
- name = optstate->value;
- break;
-
- case 'S':
- ccert = 1;
- name = optstate->value;
- break;
-
- case 'V':
- vcert = 1;
- name = optstate->value;
- break;
-
- case 'd':
- db_dir = optstate->value;
- break;
-
- case 'l':
- responder_url = optstate->value;
- break;
-
- case 'p':
- prequest = 1;
- break;
-
- case 'r':
- crequest = 1;
- name = optstate->value;
- break;
-
- case 's':
- signer_name = optstate->value;
- break;
-
- case 't':
- responder_name = optstate->value;
- break;
-
- case 'u':
- cert_usage_str = optstate->value;
- break;
-
- case 'w':
- date_str = optstate->value;
- break;
- }
- }
-
- if ((crequest + dresponse + prequest + presponse + ccert + vcert) != 1) {
- PR_fprintf (PR_STDERR, "%s: must specify exactly one command\n\n",
- program_name);
- short_usage (program_name);
- return retval;
- }
-
- if (vcert) {
- if (cert_usage_str == NULL) {
- PR_fprintf (PR_STDERR, "%s: verification requires cert usage\n\n",
- program_name);
- short_usage (program_name);
- return retval;
- }
-
- rv = cert_usage_from_char (cert_usage_str, &cert_usage);
- if (rv != SECSuccess) {
- PR_fprintf (PR_STDERR, "%s: invalid cert usage (\"%s\")\n\n",
- program_name, cert_usage_str);
- long_usage (program_name);
- return retval;
- }
- }
-
- if (ccert + vcert) {
- if (responder_url != NULL || responder_name != NULL) {
- /*
- * To do a full status check, both the URL and the cert name
- * of the responder must be specified if either one is.
- */
- if (responder_url == NULL || responder_name == NULL) {
- if (responder_url == NULL)
- PR_fprintf (PR_STDERR,
- "%s: must also specify responder location\n\n",
- program_name);
- else
- PR_fprintf (PR_STDERR,
- "%s: must also specify responder name\n\n",
- program_name);
- short_usage (program_name);
- return retval;
- }
- }
-
- if (date_str != NULL) {
- rv = DER_AsciiToTime (&verify_time, (char *) date_str);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name, "error converting time string");
- PR_fprintf (PR_STDERR, "\n");
- long_usage (program_name);
- return retval;
- }
- } else {
- verify_time = PR_Now();
- }
- }
-
- retval = -2; /* errors change from usage to runtime */
-
- /*
- * Initialize the NSPR and Security libraries.
- */
- PR_Init (PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- db_dir = SECU_ConfigDirectory (db_dir);
- rv = NSS_Init (db_dir);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name, "NSS_Init failed");
- goto prdone;
- }
-
- if (prequest + presponse) {
- data = read_file_into_item (in_file, siBuffer);
- if (data == NULL) {
- SECU_PrintError (program_name, "problem reading input");
- goto nssdone;
- }
- }
-
- if (crequest + dresponse + presponse + ccert + vcert) {
- handle = CERT_GetDefaultCertDB();
- if (handle == NULL) {
- SECU_PrintError (program_name, "problem getting certdb handle");
- goto nssdone;
- }
-
- /*
- * It would be fine to do the enable for all of these commands,
- * but this way we check that everything but an overall verify
- * can be done without it. That is, that the individual pieces
- * work on their own.
- */
- if (vcert) {
- rv = CERT_EnableOCSPChecking (handle);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name, "error enabling OCSP checking");
- goto nssdone;
- }
- }
-
- if ((ccert + vcert) && (responder_name != NULL)) {
- rv = CERT_SetOCSPDefaultResponder (handle, responder_url,
- responder_name);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name,
- "error setting default responder");
- goto nssdone;
- }
-
- rv = CERT_EnableOCSPDefaultResponder (handle);
- if (rv != SECSuccess) {
- SECU_PrintError (program_name,
- "error enabling default responder");
- goto nssdone;
- }
- }
- }
-
-#define NOTYET(opt) \
- { \
- PR_fprintf (PR_STDERR, "%s not yet working\n", opt); \
- exit (-1); \
- }
-
- if (crequest) {
- if (signer_name != NULL) {
- NOTYET("-s");
- }
- rv = create_request (out_file, handle, name, add_service_locator,
- add_acceptable_responses);
- } else if (dresponse) {
- if (signer_name != NULL) {
- NOTYET("-s");
- }
- rv = dump_response (out_file, handle, name, responder_url);
- } else if (prequest) {
- rv = print_request (out_file, data);
- } else if (presponse) {
- rv = print_response (out_file, data, handle);
- } else if (ccert) {
- if (signer_name != NULL) {
- NOTYET("-s");
- }
- rv = get_cert_status (out_file, handle, name, verify_time);
- } else if (vcert) {
- if (signer_name != NULL) {
- NOTYET("-s");
- }
- rv = verify_cert (out_file, handle, name, cert_usage, verify_time);
- }
-
- if (rv != SECSuccess)
- SECU_PrintError (program_name, "error performing requested operation");
- else
- retval = 0;
-
-nssdone:
- if (data != NULL) {
- SECITEM_FreeItem (data, PR_TRUE);
- }
-
- if (handle != NULL) {
- (void) CERT_DisableOCSPChecking (handle);
- }
-
- NSS_Shutdown ();
-
-prdone:
- PR_Cleanup ();
- return retval;
-}
diff --git a/security/nss/cmd/oidcalc/Makefile b/security/nss/cmd/oidcalc/Makefile
deleted file mode 100644
index 689240abd..000000000
--- a/security/nss/cmd/oidcalc/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/oidcalc/manifest.mn b/security/nss/cmd/oidcalc/manifest.mn
deleted file mode 100644
index 890e112ef..000000000
--- a/security/nss/cmd/oidcalc/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = oidcalc.c
-
-PROGRAM = oidcalc
diff --git a/security/nss/cmd/oidcalc/oidcalc.c b/security/nss/cmd/oidcalc/oidcalc.c
deleted file mode 100644
index cadc425a4..000000000
--- a/security/nss/cmd/oidcalc/oidcalc.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-int
-main(int argc, char **argv)
-{
- char *curstr;
- char *nextstr;
- unsigned int firstval;
- unsigned int secondval;
- unsigned int val;
- unsigned char buf[5];
- int count;
-
- if ( argc != 2 ) {
- fprintf(stderr, "wrong number of args\n");
- exit(-1);
- }
-
- curstr = argv[1];
-
- nextstr = strchr(curstr, '.');
-
- if ( nextstr == NULL ) {
- fprintf(stderr, "only one component\n");
- exit(-1);
- }
-
- *nextstr = '\0';
- firstval = atoi(curstr);
-
- curstr = nextstr + 1;
-
- nextstr = strchr(curstr, '.');
-
- if ( nextstr ) {
- *nextstr = '\0';
- }
-
- secondval = atoi(curstr);
-
- if ( ( firstval < 0 ) || ( firstval > 2 ) ) {
- fprintf(stderr, "first component out of range\n");
- exit(-1);
-
- }
-
- if ( ( secondval < 0 ) || ( secondval > 39 ) ) {
- fprintf(stderr, "second component out of range\n");
- exit(-1);
- }
-
- printf("0x%x, ", ( firstval * 40 ) + secondval );
- while ( nextstr ) {
- curstr = nextstr + 1;
-
- nextstr = strchr(curstr, '.');
-
- if ( nextstr ) {
- *nextstr = '\0';
- }
-
- memset(buf, 0, sizeof(buf));
- val = atoi(curstr);
- count = 0;
- while ( val ) {
- buf[count] = ( val & 0x7f );
- val = val >> 7;
- count++;
- }
-
- while ( count-- ) {
- if ( count ) {
- printf("0x%x, ", buf[count] | 0x80 );
- } else {
- printf("0x%x, ", buf[count] );
- }
- }
- }
- printf("\n");
- return 0;
-}
-
diff --git a/security/nss/cmd/p7content/Makefile b/security/nss/cmd/p7content/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7content/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7content/manifest.mn b/security/nss/cmd/p7content/manifest.mn
deleted file mode 100644
index 442e51f0c..000000000
--- a/security/nss/cmd/p7content/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = p7content.c
-
-REQUIRES = seccmd dbm
-
-PROGRAM = p7content
-# PROGRAM = ./$(OBJDIR)/p7content.exe
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/p7content/p7content.c b/security/nss/cmd/p7content/p7content.c
deleted file mode 100644
index b03950c60..000000000
--- a/security/nss/cmd/p7content/p7content.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7content -- A command to display pkcs7 content.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-d dbdir] [-i input] [-o output]\n",
- progName);
- fprintf(stderr,
- "%-20s Key/Cert database directory (default is ~/.netscape)\n",
- "-d dbdir");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-static PRBool saw_content;
-
-static void
-PrintBytes(void *arg, const char *buf, unsigned long len)
-{
- FILE *out;
-
- out = arg;
- fwrite (buf, len, 1, out);
-
- saw_content = PR_TRUE;
-}
-
-/*
- * XXX Someday we may want to do real policy stuff here. This allows
- * anything to be decrypted, which is okay for a test program but does
- * not set an example of how a real client with a real policy would
- * need to do it.
- */
-static PRBool
-decryption_allowed(SECAlgorithmID *algid, PK11SymKey *key)
-{
- return PR_TRUE;
-}
-
-int
-DecodeAndPrintFile(FILE *out, PRFileDesc *in, char *progName)
-{
- SECItem derdata;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7DecoderContext *dcx;
-
- if (SECU_ReadDERFromFile(&derdata, in, PR_FALSE)) {
- SECU_PrintError(progName, "error converting der");
- return -1;
- }
-
- fprintf(out,
- "Content printed between bars (newline added before second bar):");
- fprintf(out, "\n---------------------------------------------\n");
-
- saw_content = PR_FALSE;
- dcx = SEC_PKCS7DecoderStart(PrintBytes, out, NULL, NULL,
- NULL, NULL, decryption_allowed);
- if (dcx != NULL) {
-#if 0 /* Test that decoder works when data is really streaming in. */
- {
- unsigned long i;
- for (i = 0; i < derdata.len; i++)
- SEC_PKCS7DecoderUpdate(dcx, derdata.data + i, 1);
- }
-#else
- SEC_PKCS7DecoderUpdate(dcx, (char *)derdata.data, derdata.len);
-#endif
- cinfo = SEC_PKCS7DecoderFinish(dcx);
- }
-
- fprintf(out, "\n---------------------------------------------\n");
-
- if (cinfo == NULL)
- return -1;
-
- fprintf(out, "Content was%s encrypted.\n",
- SEC_PKCS7ContentIsEncrypted(cinfo) ? "" : " not");
-
- if (SEC_PKCS7ContentIsSigned(cinfo)) {
- char *signer_cname, *signer_ename;
- SECItem *signing_time;
-
- if (saw_content) {
- fprintf(out, "Signature is ");
- PORT_SetError(0);
- if (SEC_PKCS7VerifySignature(cinfo, certUsageEmailSigner, PR_FALSE))
- fprintf(out, "valid.\n");
- else
- fprintf(out, "invalid (Reason: %s).\n",
- SECU_Strerror(PORT_GetError()));
- } else {
- fprintf(out,
- "Content is detached; signature cannot be verified.\n");
- }
-
- signer_cname = SEC_PKCS7GetSignerCommonName(cinfo);
- if (signer_cname != NULL) {
- fprintf(out, "The signer's common name is %s\n", signer_cname);
- PORT_Free(signer_cname);
- } else {
- fprintf(out, "No signer common name.\n");
- }
-
- signer_ename = SEC_PKCS7GetSignerEmailAddress(cinfo);
- if (signer_ename != NULL) {
- fprintf(out, "The signer's email address is %s\n", signer_ename);
- PORT_Free(signer_ename);
- } else {
- fprintf(out, "No signer email address.\n");
- }
-
- signing_time = SEC_PKCS7GetSigningTime(cinfo);
- if (signing_time != NULL) {
- SECU_PrintUTCTime(out, signing_time, "Signing time", 0);
- } else {
- fprintf(out, "No signing time included.\n");
- }
- } else {
- fprintf(out, "Content was not signed.\n");
- }
-
- fprintf(out, "There were%s certs or crls included.\n",
- SEC_PKCS7ContainsCertsOrCrls(cinfo) ? "" : " no");
-
- SEC_PKCS7DestroyContentInfo(cinfo);
- return 0;
-}
-
-
-/*
- * Print the contents of a PKCS7 message, indicating signatures, etc.
- */
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- FILE *outFile;
- PRFileDesc *inFile;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = NULL;
- outFile = NULL;
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "d:i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- default:
- Usage(progName);
- break;
- }
- }
- if (status == PL_OPT_BAD)
- Usage(progName);
-
- if (!inFile) inFile = PR_STDIN;
- if (!outFile) outFile = stdout;
-
- /* Call the initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- if (DecodeAndPrintFile(outFile, inFile, progName)) {
- SECU_PrintError(progName, "problem decoding data");
- return -1;
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/p7env/Makefile b/security/nss/cmd/p7env/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7env/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7env/manifest.mn b/security/nss/cmd/p7env/manifest.mn
deleted file mode 100644
index 8b558b6c6..000000000
--- a/security/nss/cmd/p7env/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = p7env.c
-
-REQUIRES = seccmd dbm
-
-PROGRAM = p7env
-# PROGRAM = ./$(OBJDIR)/p7env.exe
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/p7env/p7env.c b/security/nss/cmd/p7env/p7env.c
deleted file mode 100644
index 54d79fbfc..000000000
--- a/security/nss/cmd/p7env/p7env.c
+++ /dev/null
@@ -1,273 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7env -- A command to create a pkcs7 enveloped data.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-extern void SEC_Init(void); /* XXX */
-
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -r recipient [-d dbdir] [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Nickname of cert to use for encryption\n",
- "-r recipient");
- fprintf(stderr, "%-20s Cert database directory (default is ~/.netscape)\n",
- "-d dbdir");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-struct recipient {
- struct recipient *next;
- char *nickname;
- CERTCertificate *cert;
-};
-
-static void
-EncryptOut(void *arg, const char *buf, unsigned long len)
-{
- FILE *out;
-
- out = arg;
- fwrite (buf, len, 1, out);
-}
-
-static int
-EncryptFile(FILE *outFile, FILE *inFile, struct recipient *recipients,
- char *progName)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7EncoderContext *ecx;
- struct recipient *rcpt;
- SECStatus rv;
-
- if (outFile == NULL || inFile == NULL || recipients == NULL)
- return -1;
-
- /* XXX Need a better way to handle that certUsage stuff! */
- /* XXX keysize? */
- cinfo = SEC_PKCS7CreateEnvelopedData (recipients->cert,
- certUsageEmailRecipient,
- NULL, SEC_OID_DES_EDE3_CBC, 0,
- NULL, NULL);
- if (cinfo == NULL)
- return -1;
-
- for (rcpt = recipients->next; rcpt != NULL; rcpt = rcpt->next) {
- rv = SEC_PKCS7AddRecipient (cinfo, rcpt->cert, certUsageEmailRecipient,
- NULL);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error adding recipient \"%s\"",
- rcpt->nickname);
- return -1;
- }
- }
-
- ecx = SEC_PKCS7EncoderStart (cinfo, EncryptOut, outFile, NULL);
- if (ecx == NULL)
- return -1;
-
- for (;;) {
- char ibuf[1024];
- int nb;
-
- if (feof(inFile))
- break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- rv = SECFailure;
- }
- break;
- }
- rv = SEC_PKCS7EncoderUpdate(ecx, ibuf, nb);
- if (rv != SECSuccess)
- break;
- }
-
- if (SEC_PKCS7EncoderFinish(ecx, NULL, NULL) != SECSuccess)
- rv = SECFailure;
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- if (rv != SECSuccess)
- return -1;
-
- return 0;
-}
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- FILE *inFile, *outFile;
- char *certName;
- CERTCertDBHandle *certHandle;
- CERTCertificate *cert;
- struct recipient *recipients, *rcpt;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = NULL;
- outFile = NULL;
- certName = NULL;
- recipients = NULL;
- rcpt = NULL;
-
- /*
- * Parse command line arguments
- * XXX This needs to be enhanced to allow selection of algorithms
- * and key sizes (or to look up algorithms and key sizes for each
- * recipient in the magic database).
- */
- optstate = PL_CreateOptState(argc, argv, "d:i:o:r:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- inFile = fopen(optstate->value, "r");
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'r':
- if (rcpt == NULL) {
- recipients = rcpt = PORT_Alloc (sizeof(struct recipient));
- } else {
- rcpt->next = PORT_Alloc (sizeof(struct recipient));
- rcpt = rcpt->next;
- }
- if (rcpt == NULL) {
- fprintf(stderr, "%s: unable to allocate recipient struct\n",
- progName);
- return -1;
- }
- rcpt->nickname = strdup(optstate->value);
- rcpt->cert = NULL;
- rcpt->next = NULL;
- break;
- }
- }
-
- if (!recipients) Usage(progName);
-
- if (!inFile) inFile = stdin;
- if (!outFile) outFile = stdout;
-
- /* Call the libsec initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- /* open cert database */
- certHandle = CERT_GetDefaultCertDB();
- if (certHandle == NULL) {
- return -1;
- }
-
- /* find certs */
- for (rcpt = recipients; rcpt != NULL; rcpt = rcpt->next) {
- rcpt->cert = CERT_FindCertByNickname(certHandle, rcpt->nickname);
- if (rcpt->cert == NULL) {
- SECU_PrintError(progName,
- "the cert for name \"%s\" not found in database",
- rcpt->nickname);
- return -1;
- }
- }
-
- if (EncryptFile(outFile, inFile, recipients, progName)) {
- SECU_PrintError(progName, "problem encrypting data");
- return -1;
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/p7sign/Makefile b/security/nss/cmd/p7sign/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7sign/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7sign/manifest.mn b/security/nss/cmd/p7sign/manifest.mn
deleted file mode 100644
index 5665dbc7b..000000000
--- a/security/nss/cmd/p7sign/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = p7sign.c
-
-REQUIRES = seccmd dbm
-
-PROGRAM = p7sign
-# PROGRAM = ./$(OBJDIR)/p7sign.exe
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/p7sign/p7sign.c b/security/nss/cmd/p7sign/p7sign.c
deleted file mode 100644
index 97a69974b..000000000
--- a/security/nss/cmd/p7sign/p7sign.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7sign -- A command to create a *detached* pkcs7 signature (over a given
- * input file).
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "plgetopt.h"
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fwrite(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -k keyname [-d keydir] [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Nickname of key to use for signature\n",
- "-k keyname");
- fprintf(stderr, "%-20s Key database directory (default is ~/.netscape)\n",
- "-d keydir");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- fprintf(stderr, "%-20s Encapsulate content in signature message\n",
- "-e");
- exit(-1);
-}
-
-static void
-SignOut(void *arg, const char *buf, unsigned long len)
-{
- FILE *out;
-
- out = arg;
- fwrite (buf, len, 1, out);
-}
-
-static int
-CreateDigest(SECItem *data, char *digestdata, unsigned int *len, unsigned int maxlen)
-{
- const SECHashObject *hashObj;
- void *hashcx;
-
- /* XXX probably want to extend interface to allow other hash algorithms */
- hashObj = HASH_GetHashObject(HASH_AlgSHA1);
-
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return -1;
-
- (* hashObj->begin)(hashcx);
- (* hashObj->update)(hashcx, data->data, data->len);
- (* hashObj->end)(hashcx, (unsigned char *)digestdata, len, maxlen);
- (* hashObj->destroy)(hashcx, PR_TRUE);
- return 0;
-}
-
-static int
-SignFile(FILE *outFile, PRFileDesc *inFile, CERTCertificate *cert,
- PRBool encapsulated)
-{
- int nb;
- char digestdata[32];
- unsigned int len;
- SECItem digest, data2sign;
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- if (outFile == NULL || inFile == NULL || cert == NULL)
- return -1;
-
- /* suck the file in */
- if (SECU_ReadDERFromFile(&data2sign, inFile, PR_FALSE) != SECSuccess)
- return -1;
-
- if (!encapsulated) {
- /* unfortunately, we must create the digest ourselves */
- /* SEC_PKCS7CreateSignedData should have a flag to not include */
- /* the content for non-encapsulated content at encode time, but */
- /* should always compute the hash itself */
- if (CreateDigest(&data2sign, digestdata, &len, 32) < 0)
- return -1;
- digest.data = (unsigned char *)digestdata;
- digest.len = len;
- }
-
- /* XXX Need a better way to handle that usage stuff! */
- cinfo = SEC_PKCS7CreateSignedData (cert, certUsageEmailSigner, NULL,
- SEC_OID_SHA1,
- encapsulated ? NULL : &digest,
- NULL, NULL);
- if (cinfo == NULL)
- return -1;
-
- if (encapsulated) {
- SEC_PKCS7SetContent(cinfo, (char *)data2sign.data, data2sign.len);
- }
-
- rv = SEC_PKCS7IncludeCertChain (cinfo, NULL);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return -1;
- }
-
- rv = SEC_PKCS7Encode (cinfo, SignOut, outFile, NULL,
- NULL, NULL);
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- if (rv != SECSuccess)
- return -1;
-
- return 0;
-}
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- FILE *outFile;
- PRFileDesc *inFile;
- char *keyName;
- CERTCertDBHandle *certHandle;
- CERTCertificate *cert;
- PRBool encapsulated = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = NULL;
- outFile = NULL;
- keyName = NULL;
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "ed:k:i:o:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'e':
- /* create a message with the signed content encapsulated */
- encapsulated = PR_TRUE;
- break;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'k':
- keyName = strdup(optstate->value);
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
- }
- }
-
- if (!keyName) Usage(progName);
-
- if (!inFile) inFile = PR_STDIN;
- if (!outFile) outFile = stdout;
-
- /* Call the initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- /* open cert database */
- certHandle = CERT_GetDefaultCertDB();
- if (certHandle == NULL) {
- return -1;
- }
-
- /* find cert */
- cert = CERT_FindCertByNickname(certHandle, keyName);
- if (cert == NULL) {
- SECU_PrintError(progName,
- "the corresponding cert for key \"%s\" does not exist",
- keyName);
- return -1;
- }
-
- if (SignFile(outFile, inFile, cert, encapsulated)) {
- SECU_PrintError(progName, "problem signing data");
- return -1;
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/p7verify/Makefile b/security/nss/cmd/p7verify/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/p7verify/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/p7verify/manifest.mn b/security/nss/cmd/p7verify/manifest.mn
deleted file mode 100644
index 51fd7091d..000000000
--- a/security/nss/cmd/p7verify/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = p7verify.c
-
-REQUIRES = seccmd dbm
-
-PROGRAM = p7verify
-# PROGRAM = ./$(OBJDIR)/p7verify.exe
-
-USE_STATIC_LIBS = 1
-
diff --git a/security/nss/cmd/p7verify/p7verify.c b/security/nss/cmd/p7verify/p7verify.c
deleted file mode 100644
index d81dbb3db..000000000
--- a/security/nss/cmd/p7verify/p7verify.c
+++ /dev/null
@@ -1,301 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * p7verify -- A command to do a verification of a *detached* pkcs7 signature.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secoid.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-#include "nss.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#if (defined(XP_WIN) && !defined(WIN32)) || (defined(__sun) && !defined(SVR4))
-extern int fread(char *, size_t, size_t, FILE*);
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-
-static HASH_HashType
-AlgorithmToHashType(SECAlgorithmID *digestAlgorithms)
-{
-
- SECOidTag tag;
-
- tag = SECOID_GetAlgorithmTag(digestAlgorithms);
-
- switch (tag) {
- case SEC_OID_MD2:
- return HASH_AlgMD2;
- case SEC_OID_MD5:
- return HASH_AlgMD5;
- case SEC_OID_SHA1:
- return HASH_AlgSHA1;
- default:
- fprintf(stderr, "should never get here\n");
- return HASH_AlgNULL;
- }
-}
-
-static int
-DigestFile(unsigned char *digest, unsigned int *len, unsigned int maxLen,
- FILE *inFile, HASH_HashType hashType)
-{
- int nb;
- unsigned char ibuf[4096];
- const SECHashObject *hashObj;
- void *hashcx;
-
- hashObj = HASH_GetHashObject(hashType);
-
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return -1;
-
- (* hashObj->begin)(hashcx);
-
- for (;;) {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb != sizeof(ibuf)) {
- if (nb == 0) {
- if (ferror(inFile)) {
- PORT_SetError(SEC_ERROR_IO);
- (* hashObj->destroy)(hashcx, PR_TRUE);
- return -1;
- }
- /* eof */
- break;
- }
- }
- (* hashObj->update)(hashcx, ibuf, nb);
- }
-
- (* hashObj->end)(hashcx, digest, len, maxLen);
- (* hashObj->destroy)(hashcx, PR_TRUE);
-
- return 0;
-}
-
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -c content -s signature [-d dbdir] [-u certusage]\n",
- progName);
- fprintf(stderr, "%-20s content file that was signed\n",
- "-c content");
- fprintf(stderr, "%-20s file containing signature for that content\n",
- "-s signature");
- fprintf(stderr,
- "%-20s Key/Cert database directory (default is ~/.netscape)\n",
- "-d dbdir");
- fprintf(stderr, "%-20s Define the type of certificate usage (default is certUsageEmailSigner)\n",
- "-u certusage");
- fprintf(stderr, "%-25s 0 - certUsageSSLClient\n", " ");
- fprintf(stderr, "%-25s 1 - certUsageSSLServer\n", " ");
- fprintf(stderr, "%-25s 2 - certUsageSSLServerWithStepUp\n", " ");
- fprintf(stderr, "%-25s 3 - certUsageSSLCA\n", " ");
- fprintf(stderr, "%-25s 4 - certUsageEmailSigner\n", " ");
- fprintf(stderr, "%-25s 5 - certUsageEmailRecipient\n", " ");
- fprintf(stderr, "%-25s 6 - certUsageObjectSigner\n", " ");
- fprintf(stderr, "%-25s 7 - certUsageUserCertImport\n", " ");
- fprintf(stderr, "%-25s 8 - certUsageVerifyCA\n", " ");
- fprintf(stderr, "%-25s 9 - certUsageProtectedObjectSigner\n", " ");
- fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
- fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
-
- exit(-1);
-}
-
-static int
-HashDecodeAndVerify(FILE *out, FILE *content, PRFileDesc *signature,
- SECCertUsage usage, char *progName)
-{
- SECItem derdata;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7SignedData *signedData;
- HASH_HashType digestType;
- SECItem digest;
- unsigned char buffer[32];
-
- if (SECU_ReadDERFromFile(&derdata, signature, PR_FALSE) != SECSuccess) {
- SECU_PrintError(progName, "error reading signature file");
- return -1;
- }
-
- cinfo = SEC_PKCS7DecodeItem(&derdata, NULL, NULL, NULL, NULL,
- NULL, NULL, NULL);
- if (cinfo == NULL)
- return -1;
-
- if (! SEC_PKCS7ContentIsSigned(cinfo)) {
- fprintf (out, "Signature file is pkcs7 data, but not signed.\n");
- return -1;
- }
-
- signedData = cinfo->content.signedData;
-
- /* assume that there is only one digest algorithm for now */
- digestType = AlgorithmToHashType(signedData->digestAlgorithms[0]);
- if (digestType == HASH_AlgNULL) {
- fprintf (out, "Invalid hash algorithmID\n");
- return -1;
- }
-
- digest.data = buffer;
- if (DigestFile (digest.data, &digest.len, 32, content, digestType)) {
- SECU_PrintError (progName, "problem computing message digest");
- return -1;
- }
-
- fprintf(out, "Signature is ");
- if (SEC_PKCS7VerifyDetachedSignature (cinfo, usage, &digest, digestType,
- PR_FALSE))
- fprintf(out, "valid.\n");
- else
- fprintf(out, "invalid (Reason: %s).\n",
- SECU_Strerror(PORT_GetError()));
-
- SEC_PKCS7DestroyContentInfo(cinfo);
- return 0;
-}
-
-
-int
-main(int argc, char **argv)
-{
- char *progName;
- FILE *contentFile, *outFile;
- PRFileDesc *signatureFile;
- SECCertUsage certUsage = certUsageEmailSigner;
- PLOptState *optstate;
- PLOptStatus status;
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- contentFile = NULL;
- signatureFile = NULL;
- outFile = NULL;
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv, "c:d:o:s:u:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'c':
- contentFile = fopen(optstate->value, "r");
- if (!contentFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 's':
- signatureFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!signatureFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'u': {
- int usageType;
-
- usageType = atoi (strdup(optstate->value));
- if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
- return -1;
- certUsage = (SECCertUsage)usageType;
- break;
- }
-
- }
- }
-
- if (!contentFile) Usage (progName);
- if (!signatureFile) Usage (progName);
- if (!outFile) outFile = stdout;
-
- /* Call the libsec initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- if (HashDecodeAndVerify(outFile, contentFile, signatureFile,
- certUsage, progName)) {
- SECU_PrintError(progName, "problem decoding/verifying signature");
- return -1;
- }
-
- return 0;
-}
diff --git a/security/nss/cmd/pk12util/Makefile b/security/nss/cmd/pk12util/Makefile
deleted file mode 100644
index 8650a607d..000000000
--- a/security/nss/cmd/pk12util/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/pk12util/manifest.mn b/security/nss/cmd/pk12util/manifest.mn
deleted file mode 100644
index a15daef6b..000000000
--- a/security/nss/cmd/pk12util/manifest.mn
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
- pk12util.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = pk12util
-
-# USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/pk12util/pk12util.c b/security/nss/cmd/pk12util/pk12util.c
deleted file mode 100644
index 6e2ec7d0d..000000000
--- a/security/nss/cmd/pk12util/pk12util.c
+++ /dev/null
@@ -1,837 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "pk11func.h"
-#include "pkcs12.h"
-#include "p12plcy.h"
-#include "pk12util.h"
-#include "nss.h"
-#include "secport.h"
-
-#define PKCS12_IN_BUFFER_SIZE 200
-
-static char *progName;
-PRBool pk12_debugging = PR_FALSE;
-
-PRIntn pk12uErrno = 0;
-
-static void
-Usage(char *progName)
-{
-#define FPS PR_fprintf(PR_STDERR,
- FPS "Usage: %s -i importfile [-d certdir] [-P dbprefix] [-h tokenname]\n",
- progName);
- FPS "\t\t [-k slotpwfile | -K slotpw] [-w p12filepwfile | -W p12filepw]\n");
- FPS "Usage: %s -o exportfile -n certname [-d certdir] [-P dbprefix]\n", progName);
- FPS "\t\t [-k slotpwfile | -K slotpw] [-w p12filepwfile | -W p12filepw]\n");
- exit(PK12UERR_USAGE);
-}
-
-static PRBool
-p12u_OpenExportFile(p12uContext *p12cxt, PRBool fileRead)
-{
- if(!p12cxt || !p12cxt->filename) {
- return PR_FALSE;
- }
-
- if(fileRead) {
- p12cxt->file = PR_Open(p12cxt->filename,
- PR_RDONLY, 0400);
- } else {
- p12cxt->file = PR_Open(p12cxt->filename,
- PR_CREATE_FILE | PR_RDWR | PR_TRUNCATE,
- 0600);
- }
-
- if(!p12cxt->file) {
- p12cxt->error = PR_TRUE;
- PR_SetError(SEC_ERROR_NO_MEMORY, 0);
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-static void
-p12u_DestroyExportFileInfo(p12uContext **exp_ptr, PRBool removeFile)
-{
- if(!exp_ptr || !(*exp_ptr)) {
- return;
- }
-
- if((*exp_ptr)->file != NULL) {
- PR_Close((*exp_ptr)->file);
- }
-
- if((*exp_ptr)->filename != NULL) {
- if(removeFile) {
- PR_Delete((*exp_ptr)->filename);
- }
- PR_Free((*exp_ptr)->filename);
- }
-
- PR_Free(*exp_ptr);
- *exp_ptr = NULL;
-}
-
-static p12uContext *
-p12u_InitFile(PRBool fileImport, char *filename)
-{
- p12uContext *p12cxt;
- PRBool fileExist;
-
- if(fileImport)
- fileExist = PR_TRUE;
- else
- fileExist = PR_FALSE;
-
- p12cxt = (p12uContext *)PORT_ZAlloc(sizeof(p12uContext));
- if(!p12cxt) {
- PR_SetError(SEC_ERROR_NO_MEMORY, 0);
- return NULL;
- }
-
- p12cxt->error = PR_FALSE;
- p12cxt->errorValue = 0;
- p12cxt->filename = strdup(filename);
-
- if(!p12u_OpenExportFile(p12cxt, fileImport)) {
- PR_SetError(p12cxt->errorValue, 0);
- p12u_DestroyExportFileInfo(&p12cxt, PR_FALSE);
- return NULL;
- }
-
- return p12cxt;
-}
-
-SECItem *
-P12U_NicknameCollisionCallback(SECItem *old_nick, PRBool *cancel, void *wincx)
-{
- char *nick = NULL;
- SECItem *ret_nick = NULL;
-
- if(cancel == NULL) {
- pk12uErrno = PK12UERR_USER_CANCELLED;
- return NULL;
- }
-
- if (!old_nick)
- fprintf(stdout, "pk12util: no nickname for cert...not handled\n");
-
- /* XXX not handled yet */
- *cancel = PR_TRUE;
- return NULL;
-
-#if 0
- nick = strdup( DEFAULT_CERT_NICKNAME );
-
- if(old_nick && !PORT_Strcmp((char *)old_nick->data, nick)) {
- PORT_Free(nick);
- return NULL;
- }
-
- ret_nick = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(ret_nick == NULL) {
- PORT_Free(nick);
- return NULL;
- }
-
- ret_nick->data = (unsigned char *)nick;
- ret_nick->len = PORT_Strlen(nick);
-
- return ret_nick;
-#endif
-}
-
-static SECStatus
-p12u_SwapUnicodeBytes(SECItem *uniItem)
-{
- unsigned int i;
- unsigned char a;
- if((uniItem == NULL) || (uniItem->len % 2)) {
- return SECFailure;
- }
- for(i = 0; i < uniItem->len; i += 2) {
- a = uniItem->data[i];
- uniItem->data[i] = uniItem->data[i+1];
- uniItem->data[i+1] = a;
- }
- return SECSuccess;
-}
-
-static PRBool
-p12u_ucs2_ascii_conversion_function(PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen,
- PRBool swapBytes)
-{
- SECItem it = { 0 };
- SECItem *dup = NULL;
- PRBool ret;
- /* If converting Unicode to ASCII, swap bytes before conversion
- * as neccessary.
- */
- if (pk12_debugging) {
- int i;
- printf("Converted from:\n");
- for (i=0; i<inBufLen; i++) {
- printf("%2x ", inBuf[i]);
- /*if (i%60 == 0) printf("\n");*/
- }
- printf("\n");
- }
- it.data = inBuf;
- it.len = inBufLen;
- dup = SECITEM_DupItem(&it);
- if (!toUnicode && swapBytes) {
- if (p12u_SwapUnicodeBytes(dup) != SECSuccess) {
- SECITEM_ZfreeItem(dup, PR_TRUE);
- return PR_FALSE;
- }
- }
- /* Perform the conversion. */
- ret = PORT_UCS2_UTF8Conversion(toUnicode, dup->data, dup->len,
- outBuf, maxOutBufLen, outBufLen);
- if (dup)
- SECITEM_ZfreeItem(dup, PR_TRUE);
- /* If converting ASCII to Unicode, swap bytes before returning
- * as neccessary.
- */
-#if 0
- if (toUnicode && swapBytes) {
- it.data = outBuf;
- it.len = *outBufLen;
- dup = SECITEM_DupItem(&it);
- if (p12u_SwapUnicodeBytes(dup) != SECSuccess) {
- SECITEM_ZfreeItem(dup, PR_TRUE);
- return PR_FALSE;
- }
- memcpy(outBuf, dup->data, *outBufLen);
- SECITEM_ZfreeItem(dup, PR_TRUE);
- }
-#endif
- if (pk12_debugging) {
- int i;
- printf("Converted to:\n");
- for (i=0; i<*outBufLen; i++) {
- printf("%2x ", outBuf[i]);
- /*if (i%60 == 0) printf("\n");*/
- }
- printf("\n");
- }
- return ret;
-}
-
-SECStatus
-P12U_UnicodeConversion(PRArenaPool *arena, SECItem *dest, SECItem *src,
- PRBool toUnicode, PRBool swapBytes)
-{
- unsigned int allocLen;
- if(!dest || !src) {
- return SECFailure;
- }
- allocLen = ((toUnicode) ? (src->len << 2) : src->len);
- if(arena) {
- dest->data = PORT_ArenaZAlloc(arena, allocLen);
- } else {
- dest->data = PORT_ZAlloc(allocLen);
- }
- if(PORT_UCS2_ASCIIConversion(toUnicode, src->data, src->len,
- dest->data, allocLen, &dest->len,
- swapBytes) == PR_FALSE) {
- if(!arena) {
- PORT_Free(dest->data);
- }
- dest->data = NULL;
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- *
- */
-SECItem *
-P12U_GetP12FilePassword(PRBool confirmPw, secuPWData *p12FilePw)
-{
- char *p0 = NULL, *p1 = NULL;
- SECItem *pwItem = NULL;
-
- if (p12FilePw == NULL || p12FilePw->source == PW_NONE) {
- for (;;) {
- p0 = SECU_GetPasswordString(NULL,
- "Enter password for PKCS12 file: ");
- if (!confirmPw)
- break;
- p1 = SECU_GetPasswordString(NULL, "Re-enter password: ");
- if (PL_strcmp(p0, p1) == 0)
- break;
- }
- } else if (p12FilePw->source == PW_FROMFILE) {
- p0 = SECU_FilePasswd(NULL, PR_FALSE, p12FilePw->data);
- } else { /* Plaintext */
- p0 = p12FilePw->data;
- }
-
- pwItem = SECITEM_AllocItem(NULL, NULL, PL_strlen(p0) + 1);
- memcpy(pwItem->data, p0, pwItem->len);
-
- PORT_Memset(p0, 0, PL_strlen(p0));
- PORT_Free(p0);
-
- PORT_Memset(p1, 0, PL_strlen(p1));
- PORT_Free(p1);
-
- return pwItem;
-}
-
-SECStatus
-P12U_InitSlot(PK11SlotInfo *slot, secuPWData *slotPw)
-{
- SECStatus rv;
-
- /* New databases, initialize keydb password. */
- if (PK11_NeedUserInit(slot)) {
- rv = SECU_ChangePW(slot,
- (slotPw->source == PW_PLAINTEXT) ? slotPw->data : 0,
- (slotPw->source == PW_FROMFILE) ? slotPw->data : 0);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "Failed to initialize slot \"%s\"",
- PK11_GetSlotName(slot));
- return SECFailure;
- }
- }
-
- if (PK11_Authenticate(slot, PR_TRUE, slotPw) != SECSuccess) {
- SECU_PrintError(progName,
- "Failed to authenticate to PKCS11 slot");
- PORT_SetError(SEC_ERROR_USER_CANCELLED);
- pk12uErrno = PK12UERR_USER_CANCELLED;
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/*
- * given a filename for pkcs12 file, imports certs and keys
- *
- * Change: altitude
- * I've changed this function so that it takes the keydb and pkcs12 file
- * passwords from files. The "pwdKeyDB" and "pwdP12File"
- * variables have been added for this purpose.
- */
-PRIntn
-P12U_ImportPKCS12Object(char *in_file, PK11SlotInfo *slot,
- secuPWData *slotPw, secuPWData *p12FilePw)
-{
- p12uContext *p12cxt = NULL;
- unsigned char inBuf[PKCS12_IN_BUFFER_SIZE];
- SEC_PKCS12DecoderContext *p12dcx = NULL;
- SECItem *pwitem = NULL, uniPwitem = { 0 };
- SECItem p12file = { 0 };
- SECStatus rv = SECFailure;
- PRBool swapUnicode = PR_FALSE;
- int error;
-
-#ifdef IS_LITTLE_ENDIAN
- swapUnicode = PR_TRUE;
-#endif
-
- rv = P12U_InitSlot(slot, slotPw);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "Failed to authenticate to \"%s\"",
- PK11_GetSlotName(slot));
- pk12uErrno = PK12UERR_PK11GETSLOT;
- goto loser;
- }
-
- p12cxt = p12u_InitFile(PR_TRUE, in_file);
- if(!p12cxt) {
- SECU_PrintError(progName,"Initialization failed: %s", in_file);
- pk12uErrno = PK12UERR_INIT_FILE;
- goto loser;
- }
-
- /* get the password */
- pwitem = P12U_GetP12FilePassword(PR_FALSE, p12FilePw);
- if (!pwitem) {
- pk12uErrno = PK12UERR_USER_CANCELLED;
- goto loser;
- }
-
- if(P12U_UnicodeConversion(NULL, &uniPwitem, pwitem, PR_TRUE,
- swapUnicode) != SECSuccess) {
- SECU_PrintError(progName,"Unicode conversion failed");
- pk12uErrno = PK12UERR_UNICODECONV;
- goto loser;
- }
-
- /* init the decoder context */
- p12dcx = SEC_PKCS12DecoderStart(&uniPwitem, slot, slotPw,
- NULL, NULL, NULL, NULL, NULL);
- if(!p12dcx) {
- SECU_PrintError(progName,"PKCS12 decoder start failed");
- pk12uErrno = PK12UERR_PK12DECODESTART;
- goto loser;
- }
-
- /* decode the item */
- rv = SECU_FileToItem(&p12file, p12cxt->file);
- if (rv != SECSuccess) {
- SECU_PrintError(progName,"Failed to read from import file");
- goto loser;
- }
- rv = SEC_PKCS12DecoderUpdate(p12dcx, p12file.data, p12file.len);
-
- if(rv != SECSuccess) {
- error = PR_GetError();
- if(error == SEC_ERROR_DECRYPTION_DISALLOWED) {
- PR_SetError(error, 0);
- goto loser;
- }
-#ifdef EXTRA
- /* unable to import as a new blob, it might be an old one */
- if(p12u_TryToImportOldPDU(p12cxt, pwitem, slot, import_arg->nickCb,
- import_arg->proto_win) != SECSuccess) {
- goto loser;
- }
- goto tried_pdu_import;
-#endif /* EXTRA */
- SECU_PrintError(progName,"PKCS12 decoding failed");
- pk12uErrno = PK12UERR_DECODE;
- }
-
- rv = SECFailure;
-
- /* does the blob authenticate properly? */
- if(SEC_PKCS12DecoderVerify(p12dcx) != SECSuccess) {
- SECU_PrintError(progName,"PKCS12 decode not verified");
- pk12uErrno = PK12UERR_DECODEVERIFY;
- goto loser;
- }
-
- /* make sure the bags are okey dokey -- nicknames correct, etc. */
- if (SEC_PKCS12DecoderValidateBags(p12dcx, P12U_NicknameCollisionCallback)
- != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_PKCS12_DUPLICATE_DATA) {
- pk12uErrno = PK12UERR_CERTALREADYEXISTS;
- } else {
- pk12uErrno = PK12UERR_DECODEVALIBAGS;
- }
- SECU_PrintError(progName,"PKCS12 decode validate bags failed");
- goto loser;
- }
-
- /* stuff 'em in */
- if(SEC_PKCS12DecoderImportBags(p12dcx) != SECSuccess) {
- SECU_PrintError(progName,"PKCS12 decode import bags failed");
- pk12uErrno = PK12UERR_DECODEIMPTBAGS;
- goto loser;
- }
-
-#if 0
- /* important - to add the password hash into the key database */
- rv = PK11_CheckUserPassword(slot, pw_string);
- if( rv != SECSuccess ) {
- SECU_PrintError(progName,"Failed to CheckUserPassword");
- exit(-1);
- }
-#endif
-
- PR_Close(p12cxt->file);
- p12cxt->file = NULL;
- PK11_FreeSlot(slot);
-
- rv = SECSuccess;
-
-loser:
- if (rv != SECSuccess) {
- /* pk12u_report_failure */
- } else {
- /* pk12u_report_success ? */
- }
-
- if (p12dcx) {
- SEC_PKCS12DecoderFinish(p12dcx);
- }
- p12u_DestroyExportFileInfo(&p12cxt, PR_FALSE);
-
- if (uniPwitem.data) {
- SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
- }
-
- if (pwitem) {
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- }
-
-
- return rv;
-}
-
-static void
-p12u_DoPKCS12ExportErrors()
-{
- int error_value;
-
- error_value = PORT_GetError();
- if ((error_value == SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY) ||
- (error_value == SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME) ||
- (error_value == SEC_ERROR_PKCS12_UNABLE_TO_WRITE)) {
- fprintf(stderr, SECU_ErrorStringRaw((int16)error_value));
- } else if(error_value == SEC_ERROR_USER_CANCELLED) {
- ;
- } else {
- fprintf(stderr, SECU_ErrorStringRaw(SEC_ERROR_EXPORTING_CERTIFICATES));
- }
-}
-
-static void
-p12u_WriteToExportFile(void *arg, const char *buf, unsigned long len)
-{
- p12uContext *p12cxt = arg;
- int writeLen;
-
- if(!p12cxt || (p12cxt->error == PR_TRUE)) {
- return;
- }
-
- if(p12cxt->file == NULL) {
- p12cxt->errorValue = SEC_ERROR_PKCS12_UNABLE_TO_WRITE;
- p12cxt->error = PR_TRUE;
- return;
- }
-
- writeLen = PR_Write(p12cxt->file, (unsigned char *)buf, (int32)len);
-
- if(writeLen != (int)len) {
- PR_Close(p12cxt->file);
- PR_Free(p12cxt->filename);
- p12cxt->filename = NULL;
- p12cxt->file = NULL;
- p12cxt->errorValue = SEC_ERROR_PKCS12_UNABLE_TO_WRITE;
- p12cxt->error = PR_TRUE;
- }
-}
-
-void
-P12U_ExportPKCS12Object(char *nn, char *outfile, PK11SlotInfo *inSlot,
- secuPWData *slotPw, secuPWData *p12FilePw)
-{
- SEC_PKCS12ExportContext *p12ecx = NULL;
- SEC_PKCS12SafeInfo *keySafe = NULL, *certSafe = NULL;
- SECItem *pwitem = NULL;
- PK11SlotInfo *slot = NULL;
- p12uContext *p12cxt = NULL;
- CERTCertificate *cert;
-
- if (P12U_InitSlot(inSlot, slotPw) != SECSuccess) {
- SECU_PrintError(progName,"Failed to authenticate to \"%s\"",
- PK11_GetSlotName(inSlot));
- pk12uErrno = PK12UERR_PK11GETSLOT;
- goto loser;
- }
- cert = PK11_FindCertFromNickname(nn, slotPw);
- if(!cert) {
- SECU_PrintError(progName,"find cert by nickname failed");
- pk12uErrno = PK12UERR_FINDCERTBYNN;
- return;
- }
-
- if (!cert->slot) {
- SECU_PrintError(progName,"cert does not have a slot");
- pk12uErrno = PK12UERR_FINDCERTBYNN;
- goto loser;
- }
-
- /* Password to use for PKCS12 file. */
- pwitem = P12U_GetP12FilePassword(PR_TRUE, p12FilePw);
- if(!pwitem) {
- goto loser;
- }
-
- p12ecx = SEC_PKCS12CreateExportContext(NULL, NULL, cert->slot, slotPw);
- if(!p12ecx) {
- SECU_PrintError(progName,"export context creation failed");
- pk12uErrno = PK12UERR_EXPORTCXCREATE;
- goto loser;
- }
-
- if(SEC_PKCS12AddPasswordIntegrity(p12ecx, pwitem, SEC_OID_SHA1)
- != SECSuccess) {
- SECU_PrintError(progName,"PKCS12 add password integrity failed");
- pk12uErrno = PK12UERR_PK12ADDPWDINTEG;
- goto loser;
- }
-
- keySafe = SEC_PKCS12CreateUnencryptedSafe(p12ecx);
- if(/*!SEC_PKCS12IsEncryptionAllowed() || */ PK11_IsFIPS()) {
- certSafe = keySafe;
- } else {
- certSafe = SEC_PKCS12CreatePasswordPrivSafe(p12ecx, pwitem,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC);
- }
-
- if(!certSafe || !keySafe) {
- SECU_PrintError(progName,"key or cert safe creation failed");
- pk12uErrno = PK12UERR_CERTKEYSAFE;
- goto loser;
- }
-
- if(SEC_PKCS12AddCertAndKey(p12ecx, certSafe, NULL, cert,
- CERT_GetDefaultCertDB(), keySafe, NULL, PR_TRUE, pwitem,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC)
- != SECSuccess) {
- SECU_PrintError(progName,"add cert and key failed");
- pk12uErrno = PK12UERR_ADDCERTKEY;
- goto loser;
- }
-
- p12cxt = p12u_InitFile(PR_FALSE, outfile);
- if(!p12cxt) {
- SECU_PrintError(progName,"Initialization failed: %s", outfile);
- pk12uErrno = PK12UERR_INIT_FILE;
- goto loser;
- }
-
- if(SEC_PKCS12Encode(p12ecx, p12u_WriteToExportFile, p12cxt)
- != SECSuccess) {
- SECU_PrintError(progName,"PKCS12 encode failed");
- pk12uErrno = PK12UERR_ENCODE;
- goto loser;
- }
-
- p12u_DestroyExportFileInfo(&p12cxt, PR_FALSE);
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- CERT_DestroyCertificate(cert);
- if(slot) {
- PK11_FreeSlot(slot);
- }
-
- fprintf(stdout, "%s: PKCS12 EXPORT SUCCESSFUL\n", progName);
- SEC_PKCS12DestroyExportContext(p12ecx);
-
- return;
-
-loser:
- SEC_PKCS12DestroyExportContext(p12ecx);
-
- if (slotPw)
- PR_Free(slotPw->data);
-
- if (p12FilePw)
- PR_Free(p12FilePw->data);
-
- if(slot && (slot != cert->slot)) {
- PK11_FreeSlot(slot);
- }
- if(cert) {
- CERT_DestroyCertificate(cert);
- }
- p12u_DestroyExportFileInfo(&p12cxt, PR_TRUE);
- if(pwitem) {
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- }
- p12u_DoPKCS12ExportErrors();
- return;
-}
-
-static void
-p12u_EnableAllCiphers()
-{
- SEC_PKCS12EnableCipher(PKCS12_RC4_40, 1);
- SEC_PKCS12EnableCipher(PKCS12_RC4_128, 1);
- SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_40, 1);
- SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_128, 1);
- SEC_PKCS12EnableCipher(PKCS12_DES_56, 1);
- SEC_PKCS12EnableCipher(PKCS12_DES_EDE3_168, 1);
- SEC_PKCS12SetPreferredCipher(PKCS12_DES_EDE3_168, 1);
-}
-
-static PRUintn
-P12U_Init(char *dir, char *dbprefix)
-{
- SECStatus rv;
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_Initialize(dir,dbprefix,dbprefix,"secmod.db",0);
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- exit(-1);
- }
-
- /* setup unicode callback functions */
- PORT_SetUCS2_ASCIIConversionFunction(p12u_ucs2_ascii_conversion_function);
- /* use the defaults for UCS4-UTF8 and UCS2-UTF8 */
-
- p12u_EnableAllCiphers();
-
- return 0;
-}
-
-enum {
- opt_CertDir = 0,
- opt_TokenName,
- opt_Import,
- opt_SlotPWFile,
- opt_SlotPW,
- opt_Mode,
- opt_Nickname,
- opt_Export,
- opt_P12FilePWFile,
- opt_P12FilePW,
- opt_DBPrefix,
- opt_Debug
-};
-
-static secuCommandFlag pk12util_options[] =
-{
- { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_TokenName */ 'h', PR_TRUE, 0, PR_FALSE },
- { /* opt_Import */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_SlotPWFile */ 'k', PR_TRUE, 0, PR_FALSE },
- { /* opt_SlotPW */ 'K', PR_TRUE, 0, PR_FALSE },
- { /* opt_Mode */ 'm', PR_TRUE, 0, PR_FALSE },
- { /* opt_Nickname */ 'n', PR_TRUE, 0, PR_FALSE },
- { /* opt_Export */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_P12FilePWFile */ 'w', PR_TRUE, 0, PR_FALSE },
- { /* opt_P12FilePW */ 'W', PR_TRUE, 0, PR_FALSE },
- { /* opt_DBPrefix */ 'P', PR_TRUE, 0, PR_FALSE },
- { /* opt_Debug */ 'v', PR_FALSE, 0, PR_FALSE }
-};
-
-int
-main(int argc, char **argv)
-{
- PRIntn ret = 0;
- secuPWData slotPw = { PW_NONE, NULL };
- secuPWData p12FilePw = { PW_NONE, NULL };
- PK11SlotInfo *slot;
- char *slotname = NULL;
- char *import_file = NULL;
- char *export_file = NULL;
- char *dbprefix = "";
- SECStatus rv;
-
- secuCommand pk12util;
- pk12util.numCommands = 0;
- pk12util.commands = 0;
- pk12util.numOptions = sizeof(pk12util_options) / sizeof(secuCommandFlag);
- pk12util.options = pk12util_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- rv = SECU_ParseCommandLine(argc, argv, progName, &pk12util);
-
- if (rv != SECSuccess)
- Usage(progName);
-
- pk12_debugging = pk12util.options[opt_Debug].activated;
-
- if (pk12util.options[opt_Import].activated &&
- pk12util.options[opt_Export].activated) {
- Usage(progName);
- }
-
- if (pk12util.options[opt_Export].activated &&
- !pk12util.options[opt_Nickname].activated) {
- Usage(progName);
- }
-
- slotname = SECU_GetOptionArg(&pk12util, opt_TokenName);
- import_file = SECU_GetOptionArg(&pk12util, opt_Import);
- export_file = SECU_GetOptionArg(&pk12util, opt_Export);
-
- if (pk12util.options[opt_P12FilePWFile].activated) {
- p12FilePw.source = PW_FROMFILE;
- p12FilePw.data = PL_strdup(pk12util.options[opt_P12FilePWFile].arg);
- }
-
- if (pk12util.options[opt_P12FilePW].activated) {
- p12FilePw.source = PW_PLAINTEXT;
- p12FilePw.data = PL_strdup(pk12util.options[opt_P12FilePW].arg);
- }
-
- if (pk12util.options[opt_SlotPWFile].activated) {
- slotPw.source = PW_FROMFILE;
- slotPw.data = PL_strdup(pk12util.options[opt_SlotPWFile].arg);
- }
-
- if (pk12util.options[opt_SlotPW].activated) {
- slotPw.source = PW_PLAINTEXT;
- slotPw.data = PL_strdup(pk12util.options[opt_SlotPW].arg);
- }
-
- if (pk12util.options[opt_CertDir].activated) {
- SECU_ConfigDirectory(pk12util.options[opt_CertDir].arg);
- }
- if (pk12util.options[opt_DBPrefix].activated) {
- dbprefix = pk12util.options[opt_DBPrefix].arg;
- }
- P12U_Init(SECU_ConfigDirectory(NULL),dbprefix);
-
- if (!slotname || PL_strcmp(slotname, "internal") == 0)
- slot = PK11_GetInternalKeySlot();
- else
- slot = PK11_FindSlotByName(slotname);
-
- if (!slot) {
- SECU_PrintError(progName,"Invalid slot \"%s\"", slotname);
- goto done;
- }
-
- if (pk12util.options[opt_Import].activated) {
-
- if ((ret = P12U_ImportPKCS12Object(import_file, slot, &slotPw,
- &p12FilePw)) != 0)
- goto done;
-
- } else if (pk12util.options[opt_Export].activated) {
- P12U_ExportPKCS12Object(pk12util.options[opt_Nickname].arg,
- export_file, slot, &slotPw, &p12FilePw);
- } else {
- Usage(progName);
- pk12uErrno = PK12UERR_USAGE;
- }
-
-done:
- NSS_Shutdown();
- exit(pk12uErrno);
-}
diff --git a/security/nss/cmd/pk12util/pk12util.h b/security/nss/cmd/pk12util/pk12util.h
deleted file mode 100644
index 8e456d98c..000000000
--- a/security/nss/cmd/pk12util/pk12util.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ERROR codes in pk12util
- * - should be organized better later
- */
-#define PK12UERR_USER_CANCELLED 1
-#define PK12UERR_USAGE 2
-#define PK12UERR_CERTDB_OPEN 8
-#define PK12UERR_KEYDB_OPEN 9
-#define PK12UERR_INIT_FILE 10
-#define PK12UERR_UNICODECONV 11
-#define PK12UERR_TMPDIGCREATE 12
-#define PK12UERR_PK11GETSLOT 13
-#define PK12UERR_PK12DECODESTART 14
-#define PK12UERR_IMPORTFILEREAD 15
-#define PK12UERR_DECODE 16
-#define PK12UERR_DECODEVERIFY 17
-#define PK12UERR_DECODEVALIBAGS 18
-#define PK12UERR_DECODEIMPTBAGS 19
-#define PK12UERR_CERTALREADYEXISTS 20
-#define PK12UERR_PATCHDB 22
-#define PK12UERR_GETDEFCERTDB 23
-#define PK12UERR_FINDCERTBYNN 24
-#define PK12UERR_EXPORTCXCREATE 25
-#define PK12UERR_PK12ADDPWDINTEG 26
-#define PK12UERR_CERTKEYSAFE 27
-#define PK12UERR_ADDCERTKEY 28
-#define PK12UERR_ENCODE 29
-
-
-/* additions for importing and exporting PKCS 12 files */
-typedef struct p12uContextStr {
- char *filename; /* name of file */
- PRFileDesc *file; /* pointer to file */
- PRBool error; /* error occurred? */
- int errorValue; /* which error occurred? */
-} p12uContext;
diff --git a/security/nss/cmd/pkiutil/Makefile b/security/nss/cmd/pkiutil/Makefile
deleted file mode 100644
index 23afa3799..000000000
--- a/security/nss/cmd/pkiutil/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/pkiutil/manifest.mn b/security/nss/cmd/pkiutil/manifest.mn
deleted file mode 100644
index 3ab2925fe..000000000
--- a/security/nss/cmd/pkiutil/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
- pkiutil.c \
- $(NULL)
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = dbm seccmd
-
-PROGRAM = pkiutil
diff --git a/security/nss/cmd/pkiutil/pkiutil.c b/security/nss/cmd/pkiutil/pkiutil.c
deleted file mode 100644
index 7d45c3191..000000000
--- a/security/nss/cmd/pkiutil/pkiutil.c
+++ /dev/null
@@ -1,371 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "prtypes.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "nss.h"
-#include "cmdutil.h"
-#include "nsspki.h"
-/* hmmm...*/
-#include "pki.h"
-
-#define PKIUTIL_VERSION_STRING "pkiutil version 0.1"
-
-char *progName = NULL;
-
-typedef struct {
- PRBool raw;
- PRBool ascii;
- char *name;
- PRFileDesc *file;
-} objOutputMode;
-
-typedef enum {
- PKIUnknown = -1,
- PKICertificate,
- PKIPublicKey,
- PKIPrivateKey,
- PKIAny
-} PKIObjectType;
-
-static PKIObjectType
-get_object_class(char *type)
-{
- if (strcmp(type, "certificate") == 0 || strcmp(type, "cert") == 0 ||
- strcmp(type, "Certificate") == 0 || strcmp(type, "Cert") == 0) {
- return PKICertificate;
- } else if (strcmp(type, "public_key") == 0 ||
- strcmp(type, "PublicKey") == 0) {
- return PKIPublicKey;
- } else if (strcmp(type, "private_key") == 0 ||
- strcmp(type, "PrivateKey") == 0) {
- return PKIPrivateKey;
- } else if (strcmp(type, "all") == 0 || strcmp(type, "any") == 0) {
- return PKIAny;
- }
- fprintf(stderr, "%s: \"%s\" is not a valid PKCS#11 object type.\n",
- progName, type);
- return PKIUnknown;
-}
-
-static PRStatus
-print_cert_callback(NSSCertificate *c, void *arg)
-{
- int i;
- NSSUTF8 *label;
- NSSItem *id;
- label = NSSCertificate_GetLabel(c);
- printf("%s\n", label);
- nss_ZFreeIf((void*)label);
-#if 0
- id = NSSCertificate_GetID(c);
- for (i=0; i<id->size; i++) {
- printf("%c", ((char *)id->data)[i]);
- }
- printf("\n");
-#endif
- return PR_SUCCESS;
-}
-
-/* pkiutil commands */
-enum {
- cmd_Add = 0,
- cmd_Dump,
- cmd_List,
- cmd_Version,
- pkiutil_num_commands
-};
-
-/* pkiutil options */
-enum {
- opt_Help = 0,
- opt_Ascii,
- opt_ProfileDir,
- opt_TokenName,
- opt_InputFile,
- opt_Nickname,
- opt_OutputFile,
- opt_Binary,
- opt_Trust,
- opt_Type,
- pkiutil_num_options
-};
-
-static cmdCommandLineArg pkiutil_commands[] =
-{
- { /* cmd_Add */ 'A', "add", CMDNoArg, 0, PR_FALSE,
- CMDBIT(opt_Nickname) | CMDBIT(opt_Trust),
- CMDBIT(opt_Ascii) | CMDBIT(opt_ProfileDir)
- | CMDBIT(opt_TokenName) | CMDBIT(opt_InputFile)
- | CMDBIT(opt_Binary) | CMDBIT(opt_Type) },
- { /* cmd_Dump */ 0 , "dump", CMDNoArg, 0, PR_FALSE,
- CMDBIT(opt_Nickname),
- CMDBIT(opt_Ascii) | CMDBIT(opt_ProfileDir)
- | CMDBIT(opt_TokenName) | CMDBIT(opt_Binary)
- | CMDBIT(opt_Type) },
- { /* cmd_List */ 'L', "list", CMDNoArg, 0, PR_FALSE, 0,
- CMDBIT(opt_Ascii) | CMDBIT(opt_ProfileDir)
- | CMDBIT(opt_TokenName) | CMDBIT(opt_Binary)
- | CMDBIT(opt_Nickname) | CMDBIT(opt_Type) },
- { /* cmd_Version */ 'Y', "version", CMDNoArg, 0, PR_FALSE, 0, 0 }
-};
-
-static cmdCommandLineOpt pkiutil_options[] =
-{
- { /* opt_Help */ '?', "help", CMDNoArg, 0, PR_FALSE },
- { /* opt_Ascii */ 'a', "ascii", CMDNoArg, 0, PR_FALSE },
- { /* opt_ProfileDir */ 'd', "dbdir", CMDArgReq, 0, PR_FALSE },
- { /* opt_TokenName */ 'h', "token", CMDArgReq, 0, PR_FALSE },
- { /* opt_InputFile */ 'i', "infile", CMDArgReq, 0, PR_FALSE },
- { /* opt_Nickname */ 'n', "nickname", CMDArgReq, 0, PR_FALSE },
- { /* opt_OutputFile */ 'o', "outfile", CMDArgReq, 0, PR_FALSE },
- { /* opt_Binary */ 'r', "raw", CMDNoArg, 0, PR_FALSE },
- { /* opt_Trust */ 't', "trust", CMDArgReq, 0, PR_FALSE },
- { /* opt_Type */ 0 , "type", CMDArgReq, 0, PR_FALSE }
-};
-
-void pkiutil_usage(cmdPrintState *ps,
- int num, PRBool cmd, PRBool header, PRBool footer)
-{
-#define pusg CMD_PrintUsageString
- if (header) {
- pusg(ps, "utility for managing PKCS#11 objects (certs and keys)\n");
- } else if (footer) {
- /*
- printf("certificate trust can be:\n");
- printf(" p - valid peer, P - trusted peer (implies p)\n");
- printf(" c - valid CA\n");
- printf(" T - trusted CA to issue client certs (implies c)\n");
- printf(" C - trusted CA to issue server certs (implies c)\n");
- printf(" u - user cert\n");
- printf(" w - send warning\n");
- */
- } else if (cmd) {
- switch(num) {
- case cmd_Add:
- pusg(ps, "Add an object to the token"); break;
- case cmd_Dump:
- pusg(ps, "Dump a single object"); break;
- case cmd_List:
- pusg(ps, "List objects on the token (-n for single object)"); break;
- case cmd_Version:
- pusg(ps, "Report version"); break;
- default:
- pusg(ps, "Unrecognized command"); break;
- }
- } else {
- switch(num) {
- case opt_Ascii:
- pusg(ps, "Use ascii (base-64 encoded) mode for I/O"); break;
- case opt_ProfileDir:
- pusg(ps, "Directory containing security databases (def: \".\")");
- break;
- case opt_TokenName:
- pusg(ps, "Name of PKCS#11 token to use (def: internal)"); break;
- case opt_InputFile:
- pusg(ps, "File for input (def: stdin)"); break;
- case opt_Nickname:
- pusg(ps, "Nickname of object"); break;
- case opt_OutputFile:
- pusg(ps, "File for output (def: stdout)"); break;
- case opt_Binary:
- pusg(ps, "Use raw (binary der-encoded) mode for I/O"); break;
- case opt_Trust:
- pusg(ps, "Trust level for certificate"); break;
- case opt_Help: break;
- default:
- pusg(ps, "Unrecognized option");
- }
- }
-}
-
-int
-main(int argc, char **argv)
-{
- PRFileDesc *infile = NULL;
- PRFileDesc *outfile = NULL;
- char *profiledir = "./";
-#if 0
- secuPWData pwdata = { PW_NONE, 0 };
-#endif
- int objclass = 3; /* ANY */
- NSSTrustDomain *root_cert_td = NULL;
- char *rootpath = NULL;
- char builtin_name[]= "libnssckbi.so"; /* temporary hardcode */
- PRStatus rv = PR_SUCCESS;
-
- int cmdToRun;
- cmdCommand pkiutil;
- pkiutil.ncmd = pkiutil_num_commands;
- pkiutil.nopt = pkiutil_num_options;
- pkiutil.cmd = pkiutil_commands;
- pkiutil.opt = pkiutil_options;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- cmdToRun = CMD_ParseCommandLine(argc, argv, progName, &pkiutil);
-
-#if 0
- { int i, nc;
- for (i=0; i<pkiutil.ncmd; i++)
- printf("%s: %s <%s>\n", pkiutil.cmd[i].s,
- (pkiutil.cmd[i].on) ? "on" : "off",
- pkiutil.cmd[i].arg);
- for (i=0; i<pkiutil.nopt; i++)
- printf("%s: %s <%s>\n", pkiutil.opt[i].s,
- (pkiutil.opt[i].on) ? "on" : "off",
- pkiutil.opt[i].arg);
- }
-#endif
-
- if (pkiutil.opt[opt_Help].on)
- CMD_LongUsage(progName, &pkiutil, pkiutil_usage);
-
- if (cmdToRun < 0)
- CMD_Usage(progName, &pkiutil);
-
- /* -d */
- if (pkiutil.opt[opt_ProfileDir].on) {
- profiledir = strdup(pkiutil.opt[opt_ProfileDir].arg);
- }
-
- /* -i */
- if (pkiutil.opt[opt_InputFile].on) {
- char *fn = pkiutil.opt[opt_InputFile].arg;
- infile = PR_Open(fn, PR_RDONLY, 0660);
- } else {
- infile = PR_STDIN;
- }
-
- /* -o */
- if (pkiutil.opt[opt_OutputFile].on) {
- char *fn = pkiutil.opt[opt_OutputFile].arg;
- outfile = PR_Open(fn, PR_WRONLY | PR_CREATE_FILE, 0660);
- } else {
- outfile = PR_STDOUT;
- }
-
- /* --type can be found on many options */
- if (pkiutil.opt[opt_Type].on)
- objclass = get_object_class(pkiutil.opt[opt_Type].arg);
- else if (cmdToRun == cmd_Dump && pkiutil.cmd[cmd_Dump].arg)
- objclass = get_object_class(pkiutil.cmd[cmd_Dump].arg);
- else if (cmdToRun == cmd_List && pkiutil.cmd[cmd_List].arg)
- objclass = get_object_class(pkiutil.cmd[cmd_List].arg);
- else if (cmdToRun == cmd_Add && pkiutil.cmd[cmd_Add].arg)
- objclass = get_object_class(pkiutil.cmd[cmd_Add].arg);
- if (objclass < 0)
- goto done;
-
- /* --print is an alias for --list --nickname */
- if (cmdToRun == cmd_Dump) cmdToRun = cmd_List;
-
- /* if list has raw | ascii must have -n. can't have both raw and ascii */
- if (pkiutil.opt[opt_Binary].on || pkiutil.opt[opt_Ascii].on) {
- if (cmdToRun == cmd_List && !pkiutil.opt[opt_Nickname].on) {
- fprintf(stderr, "%s: specify a object to output with -n\n",
- progName);
- CMD_LongUsage(progName, &pkiutil, pkiutil_usage);
- }
- }
-
- /* initialize */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- /* NSS_InitReadWrite(profiledir); */
- NSS_NoDB_Init(NULL);
-
- /* Display version info and exit */
- if (cmdToRun == cmd_Version) {
- printf("%s\nNSS Version %s\n", PKIUTIL_VERSION_STRING, NSS_VERSION);
- goto done;
- }
-
- /* XXX okay - bootstrap stan by loading the root cert module for testing */
- root_cert_td = NSSTrustDomain_Create(NULL, NULL, NULL, NULL);
- {
- int rootpathlen = strlen(profiledir) + strlen(builtin_name) + 1;
- rootpath = (char *)malloc(rootpathlen);
- memcpy(rootpath, profiledir, strlen(profiledir));
- memcpy(rootpath + strlen(profiledir),
- builtin_name, strlen(builtin_name));
- rootpath[rootpathlen - 1] = '\0';
- }
- NSSTrustDomain_LoadModule(root_cert_td, "Builtin Root Module", rootpath,
- NULL, NULL);
-
- printf("\n");
- if (pkiutil.opt[opt_Nickname].on) {
- int i;
- NSSCertificate **certs;
- NSSCertificate *cert;
- certs = NSSTrustDomain_FindCertificatesByNickname(root_cert_td,
- pkiutil.opt[opt_Nickname].arg, NULL, 0, NULL);
- i = 0;
- while ((cert = certs[i++]) != NULL) {
- printf("Found cert:\n");
- print_cert_callback(cert, NULL);
- }
- } else {
- NSSTrustDomain_TraverseCertificates(root_cert_td, print_cert_callback, 0);
- }
-
- NSSTrustDomain_Destroy(root_cert_td);
-
- /* List token objects */
- if (cmdToRun == cmd_List) {
-#if 0
- rv = list_token_objects(slot, objclass,
- pkiutil.opt[opt_Nickname].arg,
- pkiutil.opt[opt_Binary].on,
- pkiutil.opt[opt_Ascii].on,
- outfile, &pwdata);
-#endif
- goto done;
- }
-
-#if 0
- /* Import an object into the token. */
- if (cmdToRun == cmd_Add) {
- rv = add_object_to_token(slot, object);
- goto done;
- }
-#endif
-
-done:
- NSS_Shutdown();
-
- return rv;
-}
diff --git a/security/nss/cmd/pkiutil/platlibs.mk b/security/nss/cmd/pkiutil/platlibs.mk
deleted file mode 100644
index 9a714f300..000000000
--- a/security/nss/cmd/pkiutil/platlibs.mk
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-EXTRA_LIBS += \
- $(DIST)/lib/libcmdutil.$(LIB_SUFFIX) \
- $(NULL)
-
-ifeq ($(OS_ARCH), AIX)
-EXTRA_SHARED_LIBS += -brtl
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lnsspki3 \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-
diff --git a/security/nss/cmd/platlibs.mk b/security/nss/cmd/platlibs.mk
deleted file mode 100644
index f6ebce08d..000000000
--- a/security/nss/cmd/platlibs.mk
+++ /dev/null
@@ -1,187 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-ifdef USE_STATIC_LIBS
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-DEFINES += -DNSS_USE_STATIC_LIBS
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/freebl.lib
-ifdef MOZILLA_SECURITY_BUILD
- CRYPTOLIB=$(DIST)/lib/crypto.lib
-endif
-ifdef MOZILLA_BSAFE_BUILD
- CRYPTOLIB+=$(DIST)/lib/bsafe$(BSAFEVER).lib
- CRYPTOLIB+=$(DIST)/lib/freebl.lib
-endif
-
-EXTRA_LIBS += \
- $(DIST)/lib/smime.lib \
- $(DIST)/lib/ssl.lib \
- $(DIST)/lib/jar.lib \
- $(DIST)/lib/zlib.lib \
- $(DIST)/lib/nss.lib \
- $(DIST)/lib/ssl.lib \
- $(DIST)/lib/sectool.lib \
- $(DIST)/lib/pkcs12.lib \
- $(DIST)/lib/pkcs7.lib \
- $(DIST)/lib/certhi.lib \
- $(DIST)/lib/cryptohi.lib \
- $(DIST)/lib/pk11wrap.lib \
- $(DIST)/lib/certdb.lib \
- $(DIST)/lib/softokn.lib \
- $(CRYPTOLIB) \
- $(DIST)/lib/swfci.lib \
- $(DIST)/lib/secutil.lib \
- $(DIST)/lib/nsspki.lib \
- $(DIST)/lib/nssdev.lib \
- $(DIST)/lib/nssb.lib \
- $(DIST)/lib/dbm.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(OS_LIBS)
-OS_LIBS += \
- wsock32.lib \
- winmm.lib \
- $(NULL)
-else
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/libfreebl.$(LIB_SUFFIX)
-ifdef MOZILLA_SECURITY_BUILD
- CRYPTOLIB=$(DIST)/lib/libcrypto.$(LIB_SUFFIX)
-endif
-ifdef MOZILLA_BSAFE_BUILD
- CRYPTOLIB+=$(DIST)/lib/libbsafe.$(LIB_SUFFIX)
- CRYPTOLIB+=$(DIST)/lib/libfreebl.$(LIB_SUFFIX)
-endif
-EXTRA_LIBS += \
- $(DIST)/lib/libsmime.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libjar.$(LIB_SUFFIX) \
- $(DIST)/lib/libzlib.$(LIB_SUFFIX) \
- $(DIST)/lib/libnss.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libsectool.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs12.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcerthi.$(LIB_SUFFIX) \
- $(DIST)/lib/libpk11wrap.$(LIB_SUFFIX) \
- $(DIST)/lib/libcryptohi.$(LIB_SUFFIX) \
- $(DIST)/lib/libcerthi.$(LIB_SUFFIX) \
- $(DIST)/lib/libnsspki.$(LIB_SUFFIX) \
- $(DIST)/lib/libpk11wrap.$(LIB_SUFFIX) \
- $(DIST)/lib/libsoftokn.$(LIB_SUFFIX) \
- $(DIST)/lib/libcertdb.$(LIB_SUFFIX) \
- $(DIST)/lib/libnsspki.$(LIB_SUFFIX) \
- $(DIST)/lib/libnssdev.$(LIB_SUFFIX) \
- $(DIST)/lib/libnssb.$(LIB_SUFFIX) \
- $(DIST)/lib/libswfci.$(LIB_SUFFIX) \
- $(CRYPTOLIB) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libdbm.$(LIB_SUFFIX) \
- $(NULL)
-
-ifeq ($(OS_ARCH), AIX)
-EXTRA_SHARED_LIBS += -brtl
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-ifdef XP_OS2_VACPP
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/plc4.lib \
- $(DIST)/lib/plds4.lib \
- $(DIST)/lib/nspr4.lib \
- $(NULL)
-else
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-endif
-endif
-
-else
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-EXTRA_LIBS += \
- $(DIST)/lib/sectool.lib \
- $(DIST)/lib/smime3.lib \
- $(DIST)/lib/ssl3.lib \
- $(DIST)/lib/nss3.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(OS_LIBS)
-OS_LIBS += \
- wsock32.lib \
- winmm.lib \
- $(NULL)
-else
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-EXTRA_LIBS += \
- $(DIST)/lib/libsectool.$(LIB_SUFFIX) \
- $(NULL)
-
-ifeq ($(OS_ARCH), AIX)
-EXTRA_SHARED_LIBS += -brtl
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lsoftokn3 \
- -lssl3 \
- -lsmime3 \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-endif
-
-endif
diff --git a/security/nss/cmd/platrules.mk b/security/nss/cmd/platrules.mk
deleted file mode 100644
index 3e5c19933..000000000
--- a/security/nss/cmd/platrules.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-show:
- @echo "DEFINES = ${DEFINES}"
- @echo "EXTRA_LIBS = >$(EXTRA_LIBS)<"
- @echo "IMPORT_LIBRARY = $(IMPORT_LIBRARY)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "OBJS = $(OBJS)"
- @echo "OS_ARCH = $(OS_ARCH)"
- @echo "PROGRAM = >$(PROGRAM)<"
- @echo "PROGRAMS = $(PROGRAMS)"
- @echo "SHARED_LIBRARY = $(SHARED_LIBRARY)"
- @echo "TARGETS = >$(TARGETS)<"
-
-showplatform:
- @echo $(PLATFORM)
diff --git a/security/nss/cmd/pp/Makefile b/security/nss/cmd/pp/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/pp/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/pp/manifest.mn b/security/nss/cmd/pp/manifest.mn
deleted file mode 100644
index dc0da84f9..000000000
--- a/security/nss/cmd/pp/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = seccmd dbm
-
-DEFINES = -DNSPR20
-
-CSRCS = pp.c
-
-PROGRAM = pp
diff --git a/security/nss/cmd/pp/pp.c b/security/nss/cmd/pp/pp.c
deleted file mode 100644
index 157dec0af..000000000
--- a/security/nss/cmd/pp/pp.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Pretty-print some well-known BER or DER encoded data (e.g. certificates,
- * keys, pkcs7)
- *
- * $Id$
- */
-
-#include "secutil.h"
-
-#if defined(__sun) && !defined(SVR4)
-extern int fprintf(FILE *, char *, ...);
-#endif
-
-#include "plgetopt.h"
-
-#include "pk11func.h"
-#include "nspr.h"
-#include "nss.h"
-
-static void Usage(char *progName)
-{
- fprintf(stderr,
- "Usage: %s -t type [-a] [-i input] [-o output]\n",
- progName);
- fprintf(stderr, "%-20s Specify the input type (must be one of %s,\n",
- "-t type", SEC_CT_PRIVATE_KEY);
- fprintf(stderr, "%-20s %s, %s, %s,\n", "", SEC_CT_PUBLIC_KEY,
- SEC_CT_CERTIFICATE, SEC_CT_CERTIFICATE_REQUEST);
- fprintf(stderr, "%-20s %s or %s)\n", "", SEC_CT_PKCS7, SEC_CT_CRL);
- fprintf(stderr, "%-20s Input is in ascii encoded form (RFC1113)\n",
- "-a");
- fprintf(stderr, "%-20s Define an input file to use (default is stdin)\n",
- "-i input");
- fprintf(stderr, "%-20s Define an output file to use (default is stdout)\n",
- "-o output");
- exit(-1);
-}
-
-int main(int argc, char **argv)
-{
- int rv, ascii;
- char *progName;
- FILE *outFile;
- PRFileDesc *inFile;
- SECItem der, data;
- char *typeTag;
- PLOptState *optstate;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- ascii = 0;
- inFile = 0;
- outFile = 0;
- typeTag = 0;
- optstate = PL_CreateOptState(argc, argv, "at:i:o:");
- while ( PL_GetNextOpt(optstate) == PL_OPT_OK ) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'a':
- ascii = 1;
- break;
-
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 0);
- if (!inFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 'o':
- outFile = fopen(optstate->value, "w");
- if (!outFile) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- return -1;
- }
- break;
-
- case 't':
- typeTag = strdup(optstate->value);
- break;
- }
- }
-
- if (!typeTag) Usage(progName);
-
- if (!inFile) inFile = PR_STDIN;
- if (!outFile) outFile = stdout;
-
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_NoDB_Init(NULL);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: NSS_NoDB_Init failed\n", progName);
- exit(1);
- }
-
- rv = SECU_ReadDERFromFile(&der, inFile, ascii);
- if (rv != SECSuccess) {
- fprintf(stderr, "%s: SECU_ReadDERFromFile failed\n", progName);
- exit(1);
- }
-
- /* Data is untyped, using the specified type */
- data.data = der.data;
- data.len = der.len;
-
- /* Pretty print it */
- if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE) == 0) {
- rv = SECU_PrintSignedData(outFile, &data, "Certificate", 0,
- SECU_PrintCertificate);
- } else if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE_REQUEST) == 0) {
- rv = SECU_PrintSignedData(outFile, &data, "Certificate Request", 0,
- SECU_PrintCertificateRequest);
- } else if (PORT_Strcmp (typeTag, SEC_CT_CRL) == 0) {
- rv = SECU_PrintSignedData (outFile, &data, "CRL", 0, SECU_PrintCrl);
-#ifdef HAVE_EPV_TEMPLATE
- } else if (PORT_Strcmp(typeTag, SEC_CT_PRIVATE_KEY) == 0) {
- rv = SECU_PrintPrivateKey(outFile, &data, "Private Key", 0);
-#endif
- } else if (PORT_Strcmp(typeTag, SEC_CT_PUBLIC_KEY) == 0) {
- rv = SECU_PrintPublicKey(outFile, &data, "Public Key", 0);
- } else if (PORT_Strcmp(typeTag, SEC_CT_PKCS7) == 0) {
- rv = SECU_PrintPKCS7ContentInfo(outFile, &data,
- "PKCS #7 Content Info", 0);
- } else {
- fprintf(stderr, "%s: don't know how to print out '%s' files\n",
- progName, typeTag);
- return -1;
- }
-
- if (rv) {
- fprintf(stderr, "%s: problem converting data (%s)\n",
- progName, SECU_Strerror(PORT_GetError()));
- return -1;
- }
- return 0;
-}
diff --git a/security/nss/cmd/rsaperf/Makefile b/security/nss/cmd/rsaperf/Makefile
deleted file mode 100644
index cf93911eb..000000000
--- a/security/nss/cmd/rsaperf/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-ifeq ($(OS_ARCH), WINNT)
-ifndef BUILD_OPT
-LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/rsaperf/defkey.c b/security/nss/cmd/rsaperf/defkey.c
deleted file mode 100644
index fe4870d77..000000000
--- a/security/nss/cmd/rsaperf/defkey.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* This key is the 1024-bit test key used for speed testing of RSA private
-** key ops.
-*/
-#include "seccomon.h"
-#include "secoidt.h"
-#include "lowkeyti.h"
-
-#define CONST
-
-static CONST unsigned char default_n[128] = {
-0xc2,0xae,0x96,0x89,0xaf,0xce,0xd0,0x7b,0x3b,0x35,0xfd,0x0f,0xb1,0xf4,0x7a,0xd1,
-0x3c,0x7d,0xb5,0x86,0xf2,0x68,0x36,0xc9,0x97,0xe6,0x82,0x94,0x86,0xaa,0x05,0x39,
-0xec,0x11,0x51,0xcc,0x5c,0xa1,0x59,0xba,0x29,0x18,0xf3,0x28,0xf1,0x9d,0xe3,0xae,
-0x96,0x5d,0x6d,0x87,0x73,0xf6,0xf6,0x1f,0xd0,0x2d,0xfb,0x2f,0x7a,0x13,0x7f,0xc8,
-0x0c,0x7a,0xe9,0x85,0xfb,0xce,0x74,0x86,0xf8,0xef,0x2f,0x85,0x37,0x73,0x0f,0x62,
-0x4e,0x93,0x17,0xb7,0x7e,0x84,0x9a,0x94,0x11,0x05,0xca,0x0d,0x31,0x4b,0x2a,0xc8,
-0xdf,0xfe,0xe9,0x0c,0x13,0xc7,0xf2,0xad,0x19,0x64,0x28,0x3c,0xb5,0x6a,0xc8,0x4b,
-0x79,0xea,0x7c,0xce,0x75,0x92,0x45,0x3e,0xa3,0x9d,0x64,0x6f,0x04,0x69,0x19,0x17
-};
-
-static CONST unsigned char default_e[3] = { 0x01,0x00,0x01 };
-
-static CONST unsigned char default_d[128] = {
-0x13,0xcb,0xbc,0xf2,0xf3,0x35,0x8c,0x6d,0x7b,0x6f,0xd9,0xf3,0xa6,0x9c,0xbd,0x80,
-0x59,0x2e,0x4f,0x2f,0x11,0xa7,0x17,0x2b,0x18,0x8f,0x0f,0xe8,0x1a,0x69,0x5f,0x6e,
-0xac,0x5a,0x76,0x7e,0xd9,0x4c,0x6e,0xdb,0x47,0x22,0x8a,0x57,0x37,0x7a,0x5e,0x94,
-0x7a,0x25,0xb5,0xe5,0x78,0x1d,0x3c,0x99,0xaf,0x89,0x7d,0x69,0x2e,0x78,0x9d,0x1d,
-0x84,0xc8,0xc1,0xd7,0x1a,0xb2,0x6d,0x2d,0x8a,0xd9,0xab,0x6b,0xce,0xae,0xb0,0xa0,
-0x58,0x55,0xad,0x5c,0x40,0x8a,0xd6,0x96,0x08,0x8a,0xe8,0x63,0xe6,0x3d,0x6c,0x20,
-0x49,0xc7,0xaf,0x0f,0x25,0x73,0xd3,0x69,0x43,0x3b,0xf2,0x32,0xf8,0x3d,0x5e,0xee,
-0x7a,0xca,0xd6,0x94,0x55,0xe5,0xbd,0x25,0x34,0x8d,0x63,0x40,0xb5,0x8a,0xc3,0x01
-};
-
-static CONST unsigned char default_p[64] = {
-0xf6,0x3c,0x3f,0x56,0x58,0x4f,0xb3,0x82,0x0c,0xf0,0x5b,0x42,0x36,0x1c,0x93,0xde,
-0x9b,0x32,0x01,0xb1,0x48,0xf8,0x00,0x57,0x9b,0xc1,0xbe,0x66,0xc2,0xbb,0xea,0x7c,
-0x75,0x29,0x2c,0x22,0xaa,0x7c,0xaf,0xbd,0x0d,0x3f,0xb0,0x64,0x97,0xf0,0x88,0x25,
-0xcb,0x8d,0xc7,0x19,0x0a,0x75,0x44,0xa4,0x5a,0xc3,0xb5,0xb9,0x85,0xea,0x27,0xa7
-};
-
-static CONST unsigned char default_q[64] = {
-0xca,0x66,0xfa,0x18,0x6a,0x46,0x36,0x1c,0x46,0xfe,0x47,0xe9,0x7e,0x52,0x83,0x8a,
-0xbb,0x72,0x13,0xcc,0x83,0x56,0x3d,0x64,0x22,0xdd,0xfa,0x7c,0x61,0x99,0xea,0xa4,
-0xb3,0x0e,0x8f,0x79,0x10,0xab,0xba,0x4a,0x73,0xd1,0x48,0x40,0x34,0x34,0xd3,0xd2,
-0x54,0x92,0xbe,0xf5,0xc8,0xc4,0x60,0x5f,0xd3,0xf7,0xce,0xbe,0x60,0x3e,0xb1,0x11
-};
-
-static CONST unsigned char default_dModP[64] = {
-0x8e,0x80,0xbf,0x87,0x11,0x04,0xcf,0x36,0x6c,0x96,0x8d,0xb9,0xfb,0xe6,0xfe,0x0c,
-0xce,0x74,0x5a,0x56,0x67,0x8c,0x5f,0x66,0x54,0x56,0x04,0x03,0x24,0x9f,0xec,0x4c,
-0xaa,0xe1,0x71,0x11,0x7e,0xe9,0x3a,0x2b,0x87,0x07,0x5c,0xe6,0x5a,0xa8,0x71,0xa2,
-0xad,0xf3,0x17,0x4e,0x7e,0xa6,0xef,0x5a,0xce,0xcc,0x84,0xd7,0x21,0x91,0x29,0xf1
-};
-
-static CONST unsigned char default_dModQ[64] = {
-0x87,0x60,0x1d,0x02,0xdb,0x82,0x1e,0x8b,0x07,0x48,0xe8,0x5c,0x59,0xeb,0x62,0xa4,
-0x15,0xff,0x95,0x12,0x82,0xfd,0xd9,0x8d,0xf2,0x6c,0x3a,0x2f,0x9b,0x30,0x51,0x6a,
-0xdb,0x80,0x6f,0xa1,0xef,0xee,0x8c,0x69,0x63,0xd1,0xa4,0xdb,0x9c,0x8f,0x80,0xe5,
-0xfb,0x3f,0x33,0x8e,0x3d,0x3c,0x6b,0xa1,0x6c,0xab,0x20,0x92,0xe0,0xd8,0xcd,0xa1
-};
-
-static CONST unsigned char default_qInvModP[64] = {
-0xce,0xcf,0x5a,0xad,0xc4,0x8c,0x44,0x91,0x3a,0xbc,0x7b,0xf8,0x80,0xf8,0x53,0xf5,
-0x12,0x84,0x8c,0x9c,0x6b,0x33,0x93,0x0d,0xa1,0x11,0xea,0xfa,0x4a,0xc1,0xeb,0x48,
-0xdc,0x44,0x86,0x93,0x1b,0x98,0xc7,0x82,0x22,0x68,0x30,0x44,0xd7,0x62,0x1b,0x90,
-0x54,0x07,0x4b,0x66,0xa7,0xc5,0x75,0x5a,0x72,0x77,0x92,0xdd,0x6c,0xf3,0x37,0xab
-};
-
-
-static struct NSSLOWKEYPrivateKeyStr rsaPriv;
-
-NSSLOWKEYPrivateKey *
-getDefaultRSAPrivateKey(void)
-{
- if (rsaPriv.keyType != NSSLOWKEYRSAKey) {
-
- /* leaving arena uninitialized. It isn't used in this test. */
-
- rsaPriv.keyType = NSSLOWKEYRSAKey;
-
- /* leaving arena uninitialized. It isn't used. */
- /* leaving version uninitialized. It isn't used. */
-
- rsaPriv.u.rsa.modulus.data = default_n;
- rsaPriv.u.rsa.modulus.len = sizeof default_n;
- rsaPriv.u.rsa.publicExponent.data = default_e;
- rsaPriv.u.rsa.publicExponent.len = sizeof default_e;
- rsaPriv.u.rsa.privateExponent.data = default_d;
- rsaPriv.u.rsa.privateExponent.len = sizeof default_d;
- rsaPriv.u.rsa.prime1.data = default_p;
- rsaPriv.u.rsa.prime1.len = sizeof default_p;
- rsaPriv.u.rsa.prime2.data = default_q;
- rsaPriv.u.rsa.prime2.len = sizeof default_q;
- rsaPriv.u.rsa.exponent1.data = default_dModP;
- rsaPriv.u.rsa.exponent1.len = sizeof default_dModP;
- rsaPriv.u.rsa.exponent2.data = default_dModQ;
- rsaPriv.u.rsa.exponent2.len = sizeof default_dModQ;
- rsaPriv.u.rsa.coefficient.data = default_qInvModP;
- rsaPriv.u.rsa.coefficient.len = sizeof default_qInvModP;
- }
- return &rsaPriv;
-}
-
-static struct NSSLOWKEYPublicKeyStr rsaPub;
-
-NSSLOWKEYPublicKey *
-getDefaultRSAPublicKey(void)
-{
- if (rsaPub.keyType != NSSLOWKEYRSAKey) {
-
- rsaPub.keyType = NSSLOWKEYRSAKey;
-
- rsaPub.u.rsa.modulus.data = default_n;
- rsaPub.u.rsa.modulus.len = sizeof default_n;
-
- rsaPub.u.rsa.publicExponent.data = default_e;
- rsaPub.u.rsa.publicExponent.len = sizeof default_e;
- }
- return &rsaPub;
-}
-
-/* modPop = 536, privPop = 531, ex1Pop = 261, ex2Pop = 257
- * After 46 tries, found this key:
- * Version: 0 (0x0)
- * Modulus:
- * c2:ae:96:89:af:ce:d0:7b:3b:35:fd:0f:b1:f4:7a:d1:3c:7d:b5:
- * 86:f2:68:36:c9:97:e6:82:94:86:aa:05:39:ec:11:51:cc:5c:a1:
- * 59:ba:29:18:f3:28:f1:9d:e3:ae:96:5d:6d:87:73:f6:f6:1f:d0:
- * 2d:fb:2f:7a:13:7f:c8:0c:7a:e9:85:fb:ce:74:86:f8:ef:2f:85:
- * 37:73:0f:62:4e:93:17:b7:7e:84:9a:94:11:05:ca:0d:31:4b:2a:
- * c8:df:fe:e9:0c:13:c7:f2:ad:19:64:28:3c:b5:6a:c8:4b:79:ea:
- * 7c:ce:75:92:45:3e:a3:9d:64:6f:04:69:19:17
- * Public Exponent: 65537 (0x10001)
- * Private Exponent:
- * 13:cb:bc:f2:f3:35:8c:6d:7b:6f:d9:f3:a6:9c:bd:80:59:2e:4f:
- * 2f:11:a7:17:2b:18:8f:0f:e8:1a:69:5f:6e:ac:5a:76:7e:d9:4c:
- * 6e:db:47:22:8a:57:37:7a:5e:94:7a:25:b5:e5:78:1d:3c:99:af:
- * 89:7d:69:2e:78:9d:1d:84:c8:c1:d7:1a:b2:6d:2d:8a:d9:ab:6b:
- * ce:ae:b0:a0:58:55:ad:5c:40:8a:d6:96:08:8a:e8:63:e6:3d:6c:
- * 20:49:c7:af:0f:25:73:d3:69:43:3b:f2:32:f8:3d:5e:ee:7a:ca:
- * d6:94:55:e5:bd:25:34:8d:63:40:b5:8a:c3:01
- * Prime 1:
- * f6:3c:3f:56:58:4f:b3:82:0c:f0:5b:42:36:1c:93:de:9b:32:01:
- * b1:48:f8:00:57:9b:c1:be:66:c2:bb:ea:7c:75:29:2c:22:aa:7c:
- * af:bd:0d:3f:b0:64:97:f0:88:25:cb:8d:c7:19:0a:75:44:a4:5a:
- * c3:b5:b9:85:ea:27:a7
- * Prime 2:
- * ca:66:fa:18:6a:46:36:1c:46:fe:47:e9:7e:52:83:8a:bb:72:13:
- * cc:83:56:3d:64:22:dd:fa:7c:61:99:ea:a4:b3:0e:8f:79:10:ab:
- * ba:4a:73:d1:48:40:34:34:d3:d2:54:92:be:f5:c8:c4:60:5f:d3:
- * f7:ce:be:60:3e:b1:11
- * Exponent 1:
- * 8e:80:bf:87:11:04:cf:36:6c:96:8d:b9:fb:e6:fe:0c:ce:74:5a:
- * 56:67:8c:5f:66:54:56:04:03:24:9f:ec:4c:aa:e1:71:11:7e:e9:
- * 3a:2b:87:07:5c:e6:5a:a8:71:a2:ad:f3:17:4e:7e:a6:ef:5a:ce:
- * cc:84:d7:21:91:29:f1
- * Exponent 2:
- * 87:60:1d:02:db:82:1e:8b:07:48:e8:5c:59:eb:62:a4:15:ff:95:
- * 12:82:fd:d9:8d:f2:6c:3a:2f:9b:30:51:6a:db:80:6f:a1:ef:ee:
- * 8c:69:63:d1:a4:db:9c:8f:80:e5:fb:3f:33:8e:3d:3c:6b:a1:6c:
- * ab:20:92:e0:d8:cd:a1
- * Coefficient:
- * ce:cf:5a:ad:c4:8c:44:91:3a:bc:7b:f8:80:f8:53:f5:12:84:8c:
- * 9c:6b:33:93:0d:a1:11:ea:fa:4a:c1:eb:48:dc:44:86:93:1b:98:
- * c7:82:22:68:30:44:d7:62:1b:90:54:07:4b:66:a7:c5:75:5a:72:
- * 77:92:dd:6c:f3:37:ab
- */
-
diff --git a/security/nss/cmd/rsaperf/manifest.mn b/security/nss/cmd/rsaperf/manifest.mn
deleted file mode 100644
index b208672b7..000000000
--- a/security/nss/cmd/rsaperf/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1998-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-DEPTH = ../../..
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-INCLUDES += -I$(CORE_DEPTH)/nss/lib/softoken
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-REQUIRES = dbm seccmd
-
-# DIRS =
-
-CSRCS = rsaperf.c defkey.c
-
-PROGRAM = rsaperf
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/rsaperf/rsaperf.c b/security/nss/cmd/rsaperf/rsaperf.c
deleted file mode 100644
index 36a9ea383..000000000
--- a/security/nss/cmd/rsaperf/rsaperf.c
+++ /dev/null
@@ -1,398 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "seccomon.h"
-#include "cert.h"
-#include "secutil.h"
-#include "nspr.h"
-#include "nss.h"
-#include "blapi.h"
-#include "plgetopt.h"
-#include "lowkeyi.h"
-
-
-#define MAX_RSA_MODULUS_BYTES (1024/8)
-#define DEFAULT_ITERS 10
-
-extern NSSLOWKEYPrivateKey * getDefaultRSAPrivateKey(void);
-extern NSSLOWKEYPublicKey * getDefaultRSAPublicKey(void);
-
-typedef struct TimingContextStr TimingContext;
-
-struct TimingContextStr {
- int64 start;
- int64 end;
- int64 interval;
-
- long days;
- int hours;
- int minutes;
- int seconds;
- int millisecs;
-};
-
-TimingContext *CreateTimingContext(void) {
- return PR_Malloc(sizeof(TimingContext));
-}
-
-void DestroyTimingContext(TimingContext *ctx) {
- PR_Free(ctx);
-}
-
-void TimingBegin(TimingContext *ctx) {
- ctx->start = PR_Now();
-}
-
-static void timingUpdate(TimingContext *ctx) {
- int64 tmp, remaining;
- int64 L1000,L60,L24;
-
- LL_I2L(L1000,1000);
- LL_I2L(L60,60);
- LL_I2L(L24,24);
-
- LL_DIV(remaining, ctx->interval, L1000);
- LL_MOD(tmp, remaining, L1000);
- LL_L2I(ctx->millisecs, tmp);
- LL_DIV(remaining, remaining, L1000);
- LL_MOD(tmp, remaining, L60);
- LL_L2I(ctx->seconds, tmp);
- LL_DIV(remaining, remaining, L60);
- LL_MOD(tmp, remaining, L60);
- LL_L2I(ctx->minutes, tmp);
- LL_DIV(remaining, remaining, L60);
- LL_MOD(tmp, remaining, L24);
- LL_L2I(ctx->hours, tmp);
- LL_DIV(remaining, remaining, L24);
- LL_L2I(ctx->days, remaining);
-}
-
-void TimingEnd(TimingContext *ctx) {
- ctx->end = PR_Now();
- LL_SUB(ctx->interval, ctx->end, ctx->start);
- PORT_Assert(LL_GE_ZERO(ctx->interval));
- timingUpdate(ctx);
-}
-
-void TimingDivide(TimingContext *ctx, int divisor) {
- int64 tmp;
-
- LL_I2L(tmp, divisor);
- LL_DIV(ctx->interval, ctx->interval, tmp);
-
- timingUpdate(ctx);
-}
-
-char *TimingGenerateString(TimingContext *ctx) {
- char *buf = NULL;
-
- if (ctx->days != 0) {
- buf = PR_sprintf_append(buf, "%d days", ctx->days);
- }
- if (ctx->hours != 0) {
- if (buf != NULL) buf = PR_sprintf_append(buf, ", ");
- buf = PR_sprintf_append(buf, "%d hours", ctx->hours);
- }
- if (ctx->minutes != 0) {
- if (buf != NULL) buf = PR_sprintf_append(buf, ", ");
- buf = PR_sprintf_append(buf, "%d minutes", ctx->minutes);
- }
- if (buf != NULL) buf = PR_sprintf_append(buf, ", and ");
- if (!buf && ctx->seconds == 0) {
- int interval;
- LL_L2I(interval, ctx->interval);
- if (ctx->millisecs < 100)
- buf = PR_sprintf_append(buf, "%d microseconds", interval);
- else
- buf = PR_sprintf_append(buf, "%d milliseconds", ctx->millisecs);
- } else if (ctx->millisecs == 0) {
- buf = PR_sprintf_append(buf, "%d seconds", ctx->seconds);
- } else {
- buf = PR_sprintf_append(buf, "%d.%03d seconds",
- ctx->seconds, ctx->millisecs);
- }
- return buf;
-}
-
-void
-Usage(char *progName)
-{
- fprintf(stderr, "Usage: %s [-d certdir] [-i iterations] [-s | -e]"
- " -n nickname\n",
- progName);
- fprintf(stderr, "%-20s Cert database directory (default is ~/.netscape)\n",
- "-d certdir");
- fprintf(stderr, "%-20s How many operations to perform\n", "-i iterations");
- fprintf(stderr, "%-20s Perform signing (private key) operations\n", "-s");
- fprintf(stderr, "%-20s Perform encryption (public key) operations\n", "-e");
- fprintf(stderr, "%-20s Nickname of certificate or key\n", "-n nickname");
- exit(-1);
-}
-
-void
-printCount(int iterations)
-{
-
-}
-
-
-static void
-dumpBytes( unsigned char * b, int l)
-{
- int i;
- if (l <= 0)
- return;
- for (i = 0; i < l; ++i) {
- if (i % 16 == 0)
- printf("\t");
- printf(" %02x", b[i]);
- if (i % 16 == 15)
- printf("\n");
- }
- if ((i % 16) != 0)
- printf("\n");
-}
-
-static void
-dumpItem( SECItem * item, const char * description)
-{
- if (item->len & 1 && item->data[0] == 0) {
- printf("%s: (%d bytes)\n", description, item->len - 1);
- dumpBytes(item->data + 1, item->len - 1);
- } else {
- printf("%s: (%d bytes)\n", description, item->len);
- dumpBytes(item->data, item->len);
- }
-}
-
-void
-printPrivKey(NSSLOWKEYPrivateKey * privKey)
-{
- RSAPrivateKey *rsa = &privKey->u.rsa;
-
- dumpItem( &rsa->modulus, "n");
- dumpItem( &rsa->publicExponent, "e");
- dumpItem( &rsa->privateExponent, "d");
- dumpItem( &rsa->prime1, "P");
- dumpItem( &rsa->prime2, "Q");
- dumpItem( &rsa->exponent1, "d % (P-1)");
- dumpItem( &rsa->exponent2, "d % (Q-1)");
- dumpItem( &rsa->coefficient, "(Q ** -1) % P");
- puts("");
-}
-
-void
-printFnCounts(long doPrint)
-{
-
-}
-
-typedef SECStatus (* RSAOp)(void * key,
- unsigned char * output,
- unsigned char * input);
-
-
-int
-main(int argc, char **argv)
-{
- TimingContext * timeCtx;
- SECKEYPublicKey * pubHighKey;
- NSSLOWKEYPrivateKey * privKey;
- NSSLOWKEYPublicKey * pubKey;
- CERTCertificate * cert;
- char * progName;
- char * secDir = NULL;
- char * nickname = NULL;
- RSAOp fn;
- void * rsaKey;
- PLOptState * optstate;
- PLOptStatus optstatus;
- long iters = DEFAULT_ITERS;
- int i;
- PRBool doPriv = PR_FALSE;
- PRBool doPub = PR_FALSE;
- int rv;
- CERTCertDBHandle * certdb;
- unsigned char buf[1024];
- unsigned char buf2[1024];
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- optstate = PL_CreateOptState(argc, argv, "d:i:sen:");
- while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
- case 'd':
- secDir = PORT_Strdup(optstate->value);
- break;
- case 'i':
- iters = atol(optstate->value);
- break;
- case 's':
- doPriv = PR_TRUE;
- break;
- case 'e':
- doPub = PR_TRUE;
- break;
- case 'n':
- nickname = PORT_Strdup(optstate->value);
- break;
- }
- }
- if (optstatus == PL_OPT_BAD)
- Usage(progName);
-
- if ((doPriv && doPub) || (nickname == NULL)) Usage(progName);
-
- if (!doPriv && !doPub) doPriv = PR_TRUE;
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- secDir = SECU_ConfigDirectory(secDir);
- if (strcmp(nickname, "none")) {
- rv = NSS_Init(secDir);
- if (rv != SECSuccess) {
- fprintf(stderr, "NSS_Init failed.\n");
- exit(1);
- }
- certdb = CERT_GetDefaultCertDB();
- } else {
- rv = NSS_NoDB_Init(secDir);
- if (rv != SECSuccess) {
- fprintf(stderr, "NSS_NoDB_Init failed.\n");
- exit(1);
- }
- }
-#if defined(SECU_GetPassword)
- if (doPub) {
- if (!strcmp(nickname, "none")) {
- pubKey = getDefaultRSAPublicKey();
- } else {
- cert = CERT_FindCertByNickname(certdb, nickname);
- if (cert == NULL) {
- fprintf(stderr,
- "Can't find certificate by name \"%s\"\n", nickname);
- exit(1);
- }
- pubHighKey = CERT_ExtractPublicKey(cert);
- pubKey = SECU_ConvHighToLow(pubHighKey);
- }
- if (pubKey == NULL) {
- fprintf(stderr, "Can't extract public key from certificate");
- exit(1);
- }
- fn = (RSAOp)RSA_PublicKeyOp;
- rsaKey = (void *)(&pubKey->u.rsa);
- }
-
- if (doPriv) {
-
- if (!strcmp(nickname, "none")) {
- privKey = getDefaultRSAPrivateKey();
- } else {
- cert = CERT_FindCertByNickname(certdb, nickname);
- if (cert == NULL) {
- fprintf(stderr,
- "Can't find certificate by name \"%s\"\n", nickname);
- exit(1);
- }
-
- privKey = SECKEY_FindKeyByCert(keydb, cert, SECU_GetPassword, NULL);
- }
- if (privKey == NULL) {
- fprintf(stderr,
- "Can't find private key by name \"%s\"\n", nickname);
- exit(1);
- }
-
- fn = (RSAOp)RSA_PrivateKeyOp;
- rsaKey = (void *)(&privKey->u.rsa);
- }
-#else
- if (doPub) {
- pubKey = getDefaultRSAPublicKey();
- fn = (RSAOp)RSA_PublicKeyOp;
- rsaKey = (void *)(&pubKey->u.rsa);
- }
- if (doPriv) {
- privKey = getDefaultRSAPrivateKey();
- fn = (RSAOp)RSA_PrivateKeyOp;
- rsaKey = (void *)(&privKey->u.rsa);
- }
-#endif
-
- memset(buf, 1, sizeof buf);
- rv = fn(rsaKey, buf2, buf);
- if (rv != SECSuccess) {
- PRErrorCode errNum;
- const char * errStr = NULL;
-
- errNum = PR_GetError();
- if (errNum)
- errStr = SECU_Strerror(errNum);
- else
- errNum = rv;
- if (!errStr)
- errStr = "(null)";
- fprintf(stderr, "Error in RSA operation: %d : %s\n", errNum, errStr);
- exit(1);
- }
-
-/* printf("START\n"); */
-
- timeCtx = CreateTimingContext();
- TimingBegin(timeCtx);
- i = iters;
- while (i--) {
- rv = fn(rsaKey, buf2, buf);
- if (rv != SECSuccess) {
- PRErrorCode errNum = PR_GetError();
- const char * errStr = SECU_Strerror(errNum);
- fprintf(stderr, "Error in RSA operation: %d : %s\n",
- errNum, errStr);
- exit(1);
- }
- }
- TimingEnd(timeCtx);
- printf("%ld iterations in %s\n",
- iters, TimingGenerateString(timeCtx));
- TimingDivide(timeCtx, iters);
- printf("one operation every %s\n", TimingGenerateString(timeCtx));
-
- return 0;
-}
diff --git a/security/nss/cmd/samples/cert b/security/nss/cmd/samples/cert
deleted file mode 100644
index 3f8ec48df..000000000
--- a/security/nss/cmd/samples/cert
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIB7TCCAVYCAgMaMA0GCSqGSIb3DQEBBAUAMEcxCzAJBgNVBAYTAlVTMRAwDgYD
-VQQLEwdUZXN0IENBMSYwJAYDVQQKEx1OZXRzY2FwZSBDb21tdW5pY2F0aW9ucyBD
-b3JwLjAeFw05NTEyMDgwMjQwMjdaFw05NjAzMDcwMjQwMjdaMDgxFjAUBgNVBAMT
-DURhdmlkIGthcmx0b24xETAPBgNVBAoTCE5ldHNjYXBlMQswCQYDVQQGEwJVUzCB
-nTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEAltV2TH+QxqlgfUFk+UyiYAjByxrC
-dCSIa/FwRaPceLvE7ycD9L6AC4JA6k58E6ICsr/Y8TsXT4UmZhhLNc50VgSo8cGQ
-lajqIDvntq8M1uCXiVOnXmIAqoB6E8GiqW+9evOkgkumMksSwXiXAhMM7vJt3IU6
-b+FwdF5cRs0u1FUCAQMwDQYJKoZIhvcNAQEEBQADgYEAkFdr3ypcvI2+Xgwfp7+d
-YtN7w4UnQ7LR9FKmlnBauTVLmUtichn/O3WMT9cYTtZm5QQVRaE3qrGh0Nr6Ko1E
-nIHowd36TN45zkFraWoATfCV/f+P37WaADp20l2ryEY0Jpe4gnoeZ0+/ffoxyajC
-LZEJL6Dv2Ed83cebLjYxKsI=
-
------END CERTIFICATE-----
-
diff --git a/security/nss/cmd/samples/cert0 b/security/nss/cmd/samples/cert0
deleted file mode 100644
index 05cdc8553..000000000
--- a/security/nss/cmd/samples/cert0
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/cert1 b/security/nss/cmd/samples/cert1
deleted file mode 100644
index 38a7d299a..000000000
--- a/security/nss/cmd/samples/cert1
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/cert2 b/security/nss/cmd/samples/cert2
deleted file mode 100644
index 147c3eb9e..000000000
--- a/security/nss/cmd/samples/cert2
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/pkcs7.ber b/security/nss/cmd/samples/pkcs7.ber
deleted file mode 100644
index 6e3814c37..000000000
--- a/security/nss/cmd/samples/pkcs7.ber
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/pkcs7bday.ber b/security/nss/cmd/samples/pkcs7bday.ber
deleted file mode 100644
index 0ee6cfc13..000000000
--- a/security/nss/cmd/samples/pkcs7bday.ber
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/pkcs7cnet.ber b/security/nss/cmd/samples/pkcs7cnet.ber
deleted file mode 100644
index df2bb2dd1..000000000
--- a/security/nss/cmd/samples/pkcs7cnet.ber
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/pkcs7news.ber b/security/nss/cmd/samples/pkcs7news.ber
deleted file mode 100644
index c46a1786d..000000000
--- a/security/nss/cmd/samples/pkcs7news.ber
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/x509v3.der b/security/nss/cmd/samples/x509v3.der
deleted file mode 100644
index 1ada57c56..000000000
--- a/security/nss/cmd/samples/x509v3.der
+++ /dev/null
Binary files differ
diff --git a/security/nss/cmd/samples/x509v3.txt b/security/nss/cmd/samples/x509v3.txt
deleted file mode 100644
index dde307697..000000000
--- a/security/nss/cmd/samples/x509v3.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-MIIByzCCAXWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBLMQswCQYDVQQGEwJVUzEW
-MBQGA1UEChMNVmVyaVNpZ24gSW5jLjEUMBIGA1UECxMLRW5naW5lZXJpbmcxDjAM
-BgNVBAMTBUphc29uMB4XDTk1MDgwODA3MDAwMFoXDTk2MDgwNzA3MDAwMFowSzEL
-MAkGA1UEBhMCVVMxFjAUBgNVBAoTDVZlcmlTaWduIEluYy4xFDASBgNVBAsTC0Vu
-Z2luZWVyaW5nMQ4wDAYDVQQDEwVKYXNvbjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
-QQCvpXRU9t3NPFXvxJz2vuxX4zI55AA+xY1PsAEadhwWEMF2EnpG8woF4EGTwLdx
-xrw3Eirzu5RAAhqegCN1aPVBAgMBAAGjRDBCMBQGA2FiYwEB/wQKZXh0ZW5zaW9u
-MTAUBgNkZWYBAf8ECmV4dGVuc2lvbjIwFAYDZ2hpAQH/BApleHRlbnNpb24zMA0G
-CSqGSIb3DQEBBAUAA0EAawLNWFSYMtywAqkSYJb1gejljqi9QAtLZIM2ui+RCTP2
-jEjW5bp4oU1RX2iBSfU+MdEZx9DpMNjqBLrgOy1Djw==
diff --git a/security/nss/cmd/sdrtest/Makefile b/security/nss/cmd/sdrtest/Makefile
deleted file mode 100644
index 490f738e5..000000000
--- a/security/nss/cmd/sdrtest/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
diff --git a/security/nss/cmd/sdrtest/manifest.mn b/security/nss/cmd/sdrtest/manifest.mn
deleted file mode 100644
index 61daf390b..000000000
--- a/security/nss/cmd/sdrtest/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = \
- sdrtest.c \
- $(NULL)
-
-# headers for the MODULE (defined above) are implicitly required.
-REQUIRES = dbm seccmd
-
-# WINNT uses EXTRA_LIBS as the list of libs to link in.
-# Unix uses OS_LIBS for that purpose.
-# We can solve this via conditional makefile code, but
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-# So, look in the local Makefile for the defines for the list of libs.
-
-PROGRAM = sdrtest
-
-#USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/sdrtest/sdrtest.c b/security/nss/cmd/sdrtest/sdrtest.c
deleted file mode 100644
index 3124ef6cf..000000000
--- a/security/nss/cmd/sdrtest/sdrtest.c
+++ /dev/null
@@ -1,302 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Test program for SDR (Secret Decoder Ring) functions.
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "string.h"
-#include "nss.h"
-#include "secutil.h"
-#include "cert.h"
-#include "pk11func.h"
-
-#include "plgetopt.h"
-#include "pk11sdr.h"
-#include "secrng.h"
-
-#define DEFAULT_VALUE "Test"
-
-static void
-synopsis (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- PR_fprintf (pr_stderr, "Usage:");
- PR_fprintf (pr_stderr,
- "\t%s [-i <input-file>] [-o <output-file>] [-r <text>] [-d <dir>]\n",
- program_name);
-}
-
-
-static void
-short_usage (char *program_name)
-{
- PR_fprintf (PR_STDERR,
- "Type %s -H for more detailed descriptions\n",
- program_name);
- synopsis (program_name);
-}
-
-
-static void
-long_usage (char *program_name)
-{
- PRFileDesc *pr_stderr;
-
- pr_stderr = PR_STDERR;
- synopsis (program_name);
- PR_fprintf (pr_stderr, "\nSecret Decoder Test:\n");
- PR_fprintf (pr_stderr,
- " %-13s Read encrypted data from \"file\"\n",
- "-i file");
- PR_fprintf (pr_stderr,
- " %-13s Write newly generated encrypted data to \"file\"\n",
- "-o file");
- PR_fprintf (pr_stderr,
- " %-13s Use \"text\" as the plaintext for encryption and verification\n",
- "-t text");
- PR_fprintf (pr_stderr,
- " %-13s Find security databases in \"dbdir\"\n",
- "-d dbdir");
-}
-
-int
-main (int argc, char **argv)
-{
- int retval = 0; /* 0 - test succeeded. -1 - test failed */
- SECStatus rv;
- const char *certDir = ".";
- PLOptState *optstate;
- char *program_name;
- const char *input_file = NULL; /* read encrypted data from here (or create) */
- const char *output_file = NULL; /* write new encrypted data here */
- const char *value = DEFAULT_VALUE; /* Use this for plaintext */
- SECItem data;
- SECItem result;
- SECItem text;
- PRBool verbose = PR_FALSE;
-
- result.data = 0;
- text.data = 0; text.len = 0;
-
- program_name = PL_strrchr(argv[0], '/');
- program_name = program_name ? (program_name + 1) : argv[0];
-
- optstate = PL_CreateOptState (argc, argv, "Hd:i:o:t:v");
- if (optstate == NULL) {
- SECU_PrintError (program_name, "PL_CreateOptState failed");
- return -1;
- }
-
- while (PL_GetNextOpt (optstate) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- short_usage (program_name);
- return retval;
-
- case 'H':
- long_usage (program_name);
- return retval;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'i':
- input_file = optstate->value;
- break;
-
- case 'o':
- output_file = optstate->value;
- break;
-
- case 't':
- value = optstate->value;
- break;
-
- case 'v':
- verbose = PR_TRUE;
- break;
- }
- }
-
- /*
- * Initialize the Security libraries.
- */
- PK11_SetPasswordFunc(SECU_GetModulePassword);
-
- if (output_file) {
- rv = NSS_InitReadWrite(SECU_ConfigDirectory(NULL));
- } else {
- rv = NSS_Init(SECU_ConfigDirectory(NULL));
- }
- if (rv != SECSuccess) {
- retval = -1;
- goto prdone;
- }
-
- /* Convert value into an item */
- data.data = (unsigned char *)value;
- data.len = strlen(value);
-
- /* Get the encrypted result, either from the input file
- * or from encrypting the plaintext value
- */
- if (input_file)
- {
- PRFileDesc *file /* = PR_OpenFile(input_file, 0) */;
- PRFileInfo info;
- PRStatus s;
- PRInt32 count;
-
- if (verbose) printf("Reading data from %s\n", input_file);
-
- file = PR_Open(input_file, PR_RDONLY, 0);
- if (!file) {
- if (verbose) printf("Open of file failed\n");
- retval = -1;
- goto loser;
- }
-
- s = PR_GetOpenFileInfo(file, &info);
- if (s != PR_SUCCESS) {
- if (verbose) printf("File info operation failed\n");
- retval = -1;
- goto file_loser;
- }
-
- result.len = info.size;
- result.data = (unsigned char *)malloc(result.len);
- if (!result.data) {
- if (verbose) printf("Allocation of buffer failed\n");
- retval = -1;
- goto file_loser;
- }
-
- count = PR_Read(file, result.data, result.len);
- if (count != result.len) {
- if (verbose) printf("Read failed\n");
- retval = -1;
- goto file_loser;
- }
-
-file_loser:
- PR_Close(file);
- if (retval != 0) goto loser;
- }
- else
- {
- SECItem keyid = { 0, 0, 0 };
- PK11SlotInfo *slot = NULL;
-
- /* sigh, initialize the key database */
- slot = PK11_GetInternalKeySlot();
- if (slot && PK11_NeedUserInit(slot)) {
- rv = SECU_ChangePW(slot, "", 0);
- if (rv != SECSuccess) {
- SECU_PrintError(program_name, "Failed to initialize slot \"%s\"",
- PK11_GetSlotName(slot));
- return SECFailure;
- }
- PK11_FreeSlot(slot);
- }
-
- rv = PK11SDR_Encrypt(&keyid, &data, &result, 0);
- if (rv != SECSuccess) {
- if (verbose) printf("Encrypt operation failed\n");
- retval = -1;
- goto loser;
- }
-
- if (verbose) printf("Encrypted result is %d bytes long\n", result.len);
-
- /* -v printf("Result is %.*s\n", text.len, text.data); */
- if (output_file)
- {
- PRFileDesc *file;
- PRInt32 count;
-
- if (verbose) printf("Writing result to %s\n", output_file);
-
- /* Write to file */
- file = PR_Open(output_file, PR_CREATE_FILE|PR_WRONLY, 0666);
- if (!file) {
- if (verbose) printf("Open of output file failed\n");
- retval = -1;
- goto loser;
- }
-
- count = PR_Write(file, result.data, result.len);
-
- PR_Close(file);
-
- if (count != result.len) {
- if (verbose) printf("Write failed\n");
- retval = -1;
- goto loser;
- }
- }
- }
-
- /* Decrypt the value */
- rv = PK11SDR_Decrypt(&result, &text, 0);
- if (rv != SECSuccess) {
- if (verbose) printf("Decrypt operation failed\n");
- retval = -1;
- goto loser;
- }
-
- if (verbose) printf("Decrypted result is %.*s\n", text.len, text.data);
-
- /* Compare to required value */
- if (text.len != data.len || memcmp(data.data, text.data, text.len) != 0)
- {
- if (verbose) printf("Comparison failed\n");
- retval = -1;
- goto loser;
- }
-
-loser:
- if (text.data) free(text.data);
- if (result.data) free(result.data);
- NSS_Shutdown();
-
-prdone:
- PR_Cleanup ();
- return retval;
-}
diff --git a/security/nss/cmd/selfserv/Makefile b/security/nss/cmd/selfserv/Makefile
deleted file mode 100644
index f2a407990..000000000
--- a/security/nss/cmd/selfserv/Makefile
+++ /dev/null
@@ -1,74 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/selfserv/makefile.win b/security/nss/cmd/selfserv/makefile.win
deleted file mode 100644
index 8fda0b906..000000000
--- a/security/nss/cmd/selfserv/makefile.win
+++ /dev/null
@@ -1,136 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = selfserv
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-IGNORE_ME2 = \
- $(WINFE)/feutil.obj \
- $(WINFE)/fenet.obj \
- $(WINFE)/fegui.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- $(SEC_LIBS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/selfserv/manifest.mn b/security/nss/cmd/selfserv/manifest.mn
deleted file mode 100644
index f8050ed9e..000000000
--- a/security/nss/cmd/selfserv/manifest.mn
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = selfserv.c
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-PROGRAM = selfserv
-
diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c
deleted file mode 100644
index 5331ae9a7..000000000
--- a/security/nss/cmd/selfserv/selfserv.c
+++ /dev/null
@@ -1,1658 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* -r flag is interepreted as follows:
- * 1 -r means request, not require, on initial handshake.
- * 2 -r's mean request and require, on initial handshake.
- * 3 -r's mean request, not require, on second handshake.
- * 4 -r's mean request and require, on second handshake.
- */
-#include <stdio.h>
-#include <string.h>
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#if defined(_WINDOWS)
-#include <process.h> /* for getpid() */
-#endif
-
-#ifdef XP_OS2_VACPP
-#include <Process.h> /* for getpid() */
-#endif
-
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "prio.h"
-#include "prerror.h"
-#include "prnetdb.h"
-#include "prclist.h"
-#include "plgetopt.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "nss.h"
-#include "ssl.h"
-#include "sslproto.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#ifndef PORT_Strstr
-#define PORT_Strstr strstr
-#endif
-
-#ifndef PORT_Malloc
-#define PORT_Malloc PR_Malloc
-#endif
-
-#define NUM_SID_CACHE_ENTRIES 1024
-
-static int handle_connection( PRFileDesc *, PRFileDesc *, int );
-
-static const char envVarName[] = { SSL_ENV_VAR_NAME };
-static const char inheritableSockName[] = { "SELFSERV_LISTEN_SOCKET" };
-
-static PRBool logStats = PR_FALSE;
-static int logPeriod = 30;
-static PRUint32 loggerOps = 0;
-
-const int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
- 0
-};
-
-const int ssl3CipherSuites[] = {
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- SSL_RSA_WITH_RC4_128_SHA, /* n */
- TLS_DHE_DSS_WITH_RC4_128_SHA, /* o */
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, /* p */
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, /* q */
- SSL_DHE_RSA_WITH_DES_CBC_SHA, /* r */
- SSL_DHE_DSS_WITH_DES_CBC_SHA, /* s */
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA, /* t */
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA, /* u */
- TLS_RSA_WITH_AES_128_CBC_SHA, /* v */
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA, /* w */
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA, /* x */
- TLS_RSA_WITH_AES_256_CBC_SHA, /* y */
- 0
-};
-
-/* data and structures for shutdown */
-static int stopping;
-
-static PRBool noDelay;
-static int requestCert;
-static int verbose;
-static SECItem bigBuf;
-
-static PRThread * acceptorThread;
-
-static PRLogModuleInfo *lm;
-
-/* Add custom password handler because SECU_GetModulePassword
- * makes automation of this program next to impossible.
- */
-
-char *
-ownPasswd(PK11SlotInfo *info, PRBool retry, void *arg)
-{
- char * passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PL_strdup((char *)arg);
- }
-
- return passwd;
-}
-
-#define PRINTF if (verbose) printf
-#define FPRINTF if (verbose) fprintf
-#define FLUSH if (verbose) { fflush(stdout); fflush(stderr); }
-#define VLOG(arg) PR_LOG(lm,PR_LOG_DEBUG,arg)
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
-
-"Usage: %s -n rsa_nickname -p port [-3DRTmrvx] [-w password] [-t threads]\n"
-" [-i pid_file] [-c ciphers] [-d dbdir] [-f fortezza_nickname] \n"
-" [-M maxProcs] [-l]\n"
-"-3 means disable SSL v3\n"
-"-D means disable Nagle delays in TCP\n"
-"-T means disable TLS\n"
-"-R means disable detection of rollback from TLS to SSL3\n"
-"-m means test the model-socket feature of SSL_ImportFD.\n"
-"-r flag is interepreted as follows:\n"
-" 1 -r means request, not require, cert on initial handshake.\n"
-" 2 -r's mean request and require, cert on initial handshake.\n"
-" 3 -r's mean request, not require, cert on second handshake.\n"
-" 4 -r's mean request and require, cert on second handshake.\n"
-"-v means verbose output\n"
-"-x means use export policy.\n"
-"-M maxProcs tells how many processes to run in a multi-process server\n"
-"-t threads -- specify the number of threads to use for connections.\n"
-"-i pid_file file to write the process id of selfserve\n"
-"-c ciphers Letter(s) chosen from the following list\n"
-"-l means use local threads instead of global threads"
-"A SSL2 RC4 128 WITH MD5\n"
-"B SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C SSL2 RC2 128 CBC WITH MD5\n"
-"D SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E SSL2 DES 64 CBC WITH MD5\n"
-"F SSL2 DES 192 EDE3 CBC WITH MD5\n"
-"\n"
-"a SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
-"b SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"
-"c SSL3 RSA WITH RC4 128 MD5\n"
-"d SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e SSL3 RSA WITH DES CBC SHA\n"
-"f SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"h SSL3 FORTEZZA DMS WITH NULL SHA\n"
-"i SSL3 RSA WITH NULL MD5\n"
-"j SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n"
-"n SSL3 RSA WITH RC4 128 SHA\n"
-"v TLS_RSA_WITH_AES_128_CBC_SHA\n"
-"y TLS_RSA_WITH_AES_256_CBC_SHA\n"
- ,progName);
-}
-
-static const char *
-errWarn(char * funcString)
-{
- PRErrorCode perr = PR_GetError();
- const char * errString = SECU_Strerror(perr);
-
- fprintf(stderr, "selfserv: %s returned error %d:\n%s\n",
- funcString, perr, errString);
- return errString;
-}
-
-static void
-errExit(char * funcString)
-{
- errWarn(funcString);
- exit(3);
-}
-
-
-/**************************************************************************
-**
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
- suite, i);
- errWarn("SSL_CipherPrefSetDefault");
- exit(2);
- }
- }
-}
-
-static SECStatus
-mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
- PRBool isServer)
-{
- SECStatus rv;
- CERTCertificate * peerCert;
-
- peerCert = SSL_PeerCertificate(fd);
-
- PRINTF("selfserv: Subject: %s\nselfserv: Issuer : %s\n",
- peerCert->subjectName, peerCert->issuerName);
-
- rv = SSL_AuthCertificate(arg, fd, checkSig, isServer);
-
- if (rv == SECSuccess) {
- PRINTF("selfserv: -- SSL3: Certificate Validated.\n");
- } else {
- int err = PR_GetError();
- FPRINTF(stderr, "selfserv: -- SSL3: Certificate Invalid, err %d.\n%s\n",
- err, SECU_Strerror(err));
- }
- CERT_DestroyCertificate(peerCert);
- FLUSH;
- return rv;
-}
-
-void
-printSecurityInfo(PRFileDesc *fd)
-{
- CERTCertificate * cert = NULL;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
- SECStatus result;
- SSLChannelInfo channel;
- SSLCipherSuiteInfo suite;
-
- PRINTF(
- "selfserv: %ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
- ssl3stats->hch_sid_cache_not_ok);
-
- result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
- if (result == SECSuccess &&
- channel.length == sizeof channel &&
- channel.cipherSuite) {
- result = SSL_GetCipherSuiteInfo(channel.cipherSuite,
- &suite, sizeof suite);
- if (result == SECSuccess) {
- FPRINTF(stderr,
- "selfserv: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n",
- channel.protocolVersion >> 8, channel.protocolVersion & 0xff,
- suite.effectiveKeyBits, suite.symCipherName,
- suite.macBits, suite.macAlgorithmName);
- FPRINTF(stderr,
- "selfserv: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n",
- channel.authKeyBits, suite.authAlgorithmName,
- channel.keaKeyBits, suite.keaTypeName);
- }
- }
- if (requestCert)
- cert = SSL_PeerCertificate(fd);
- else
- cert = SSL_LocalCertificate(fd);
- if (cert) {
- char * ip = CERT_NameToAscii(&cert->issuer);
- char * sp = CERT_NameToAscii(&cert->subject);
- if (sp) {
- FPRINTF(stderr, "selfserv: subject DN: %s\n", sp);
- PR_Free(sp);
- }
- if (ip) {
- FPRINTF(stderr, "selfserv: issuer DN: %s\n", ip);
- PR_Free(ip);
- }
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
- FLUSH;
-}
-
-static int MakeCertOK;
-
-static SECStatus
-myBadCertHandler( void *arg, PRFileDesc *fd)
-{
- int err = PR_GetError();
- if (!MakeCertOK)
- fprintf(stderr,
- "selfserv: -- SSL: Client Certificate Invalid, err %d.\n%s\n",
- err, SECU_Strerror(err));
- return (MakeCertOK ? SECSuccess : SECFailure);
-}
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-#define MIN_THREADS 3
-#define DEFAULT_THREADS 8
-#define MAX_THREADS 128
-#define MAX_PROCS 25
-static int maxThreads = DEFAULT_THREADS;
-
-
-typedef struct jobStr {
- PRCList link;
- PRFileDesc *tcp_sock;
- PRFileDesc *model_sock;
- int requestCert;
-} JOB;
-
-static PZLock * qLock; /* this lock protects all data immediately below */
-static PZCondVar * jobQNotEmptyCv;
-static PZCondVar * freeListNotEmptyCv;
-static PZCondVar * threadCountChangeCv;
-static int threadCount;
-static PRCList jobQ;
-static PRCList freeJobs;
-static JOB *jobTable;
-
-SECStatus
-setupJobs(int maxJobs)
-{
- int i;
-
- jobTable = (JOB *)PR_Calloc(maxJobs, sizeof(JOB));
- if (!jobTable)
- return SECFailure;
-
- PR_INIT_CLIST(&jobQ);
- PR_INIT_CLIST(&freeJobs);
-
- for (i = 0; i < maxJobs; ++i) {
- JOB * pJob = jobTable + i;
- PR_APPEND_LINK(&pJob->link, &freeJobs);
- }
- return SECSuccess;
-}
-
-typedef int startFn(PRFileDesc *a, PRFileDesc *b, int c);
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
- PRFileDesc *a;
- PRFileDesc *b;
- int c;
- int rv;
- startFn * startFunc;
- PRThread * prThread;
- runState state;
-} perThread;
-
-static perThread *threads;
-
-void
-thread_wrapper(void * arg)
-{
- perThread * slot = (perThread *)arg;
-
- slot->rv = (* slot->startFunc)(slot->a, slot->b, slot->c);
-
- /* notify the thread exit handler. */
- PZ_Lock(qLock);
- slot->state = rs_zombie;
- --threadCount;
- PZ_NotifyAllCondVar(threadCountChangeCv);
- PZ_Unlock(qLock);
-}
-
-int
-jobLoop(PRFileDesc *a, PRFileDesc *b, int c)
-{
- PRCList * myLink = 0;
- JOB * myJob;
-
- PZ_Lock(qLock);
- do {
- myLink = 0;
- while (PR_CLIST_IS_EMPTY(&jobQ) && !stopping) {
- PZ_WaitCondVar(jobQNotEmptyCv, PR_INTERVAL_NO_TIMEOUT);
- }
- if (!PR_CLIST_IS_EMPTY(&jobQ)) {
- myLink = PR_LIST_HEAD(&jobQ);
- PR_REMOVE_AND_INIT_LINK(myLink);
- }
- PZ_Unlock(qLock);
- myJob = (JOB *)myLink;
- /* myJob will be null when stopping is true and jobQ is empty */
- if (!myJob)
- break;
- handle_connection( myJob->tcp_sock, myJob->model_sock,
- myJob->requestCert);
- PZ_Lock(qLock);
- PR_APPEND_LINK(myLink, &freeJobs);
- PZ_NotifyCondVar(freeListNotEmptyCv);
- } while (PR_TRUE);
- return 0;
-}
-
-
-SECStatus
-launch_threads(
- startFn *startFunc,
- PRFileDesc *a,
- PRFileDesc *b,
- int c,
- PRBool local)
-{
- int i;
- SECStatus rv = SECSuccess;
-
- /* create the thread management serialization structs */
- qLock = PZ_NewLock(nssILockSelfServ);
- jobQNotEmptyCv = PZ_NewCondVar(qLock);
- freeListNotEmptyCv = PZ_NewCondVar(qLock);
- threadCountChangeCv = PZ_NewCondVar(qLock);
-
- /* allocate the array of thread slots */
- threads = PR_Calloc(maxThreads, sizeof(perThread));
- if ( NULL == threads ) {
- fprintf(stderr, "Oh Drat! Can't allocate the perThread array\n");
- return SECFailure;
- }
- /* 5 is a little extra, intended to keep the jobQ from underflowing.
- ** That is, from going empty while not stopping and clients are still
- ** trying to contact us.
- */
- rv = setupJobs(maxThreads + 5);
- if (rv != SECSuccess)
- return rv;
-
- PZ_Lock(qLock);
- for (i = 0; i < maxThreads; ++i) {
- perThread * slot = threads + i;
-
- slot->state = rs_running;
- slot->a = a;
- slot->b = b;
- slot->c = c;
- slot->startFunc = startFunc;
- slot->prThread = PR_CreateThread(PR_USER_THREAD,
- thread_wrapper, slot, PR_PRIORITY_NORMAL,
- (PR_TRUE==local)?PR_LOCAL_THREAD:PR_GLOBAL_THREAD,
- PR_UNJOINABLE_THREAD, 0);
- if (slot->prThread == NULL) {
- printf("selfserv: Failed to launch thread!\n");
- slot->state = rs_idle;
- rv = SECFailure;
- break;
- }
-
- ++threadCount;
- }
- PZ_Unlock(qLock);
-
- return rv;
-}
-
-#define DESTROY_CONDVAR(name) if (name) { \
- PZ_DestroyCondVar(name); name = NULL; }
-#define DESTROY_LOCK(name) if (name) { \
- PZ_DestroyLock(name); name = NULL; }
-
-
-void
-terminateWorkerThreads(void)
-{
- VLOG(("selfserv: server_thead: waiting on stopping"));
- PZ_Lock(qLock);
- PZ_NotifyAllCondVar(jobQNotEmptyCv);
- while (threadCount > 0) {
- PZ_WaitCondVar(threadCountChangeCv, PR_INTERVAL_NO_TIMEOUT);
- }
- PZ_Unlock(qLock);
-
- DESTROY_CONDVAR(jobQNotEmptyCv);
- DESTROY_CONDVAR(freeListNotEmptyCv);
- DESTROY_CONDVAR(threadCountChangeCv);
-
- DESTROY_LOCK(qLock);
- PR_Free(jobTable);
- PR_Free(threads);
-}
-
-static void
-logger(void *arg)
-{
- PRFloat64 seconds;
- PRFloat64 opsPerSec;
- PRIntervalTime period;
- PRIntervalTime previousTime;
- PRIntervalTime latestTime;
- PRUint32 previousOps;
- PRUint32 ops;
- PRIntervalTime logPeriodTicks = PR_SecondsToInterval(logPeriod);
- PRFloat64 secondsPerTick = 1.0 / (PRFloat64)PR_TicksPerSecond();
-
- previousOps = loggerOps;
- previousTime = PR_IntervalNow();
-
- for (;;) {
- PR_Sleep(logPeriodTicks);
- latestTime = PR_IntervalNow();
- ops = loggerOps;
- period = latestTime - previousTime;
- seconds = (PRFloat64) period*secondsPerTick;
- opsPerSec = (ops - previousOps) / seconds;
- printf("%.2f ops/second, %d threads\n", opsPerSec, threadCount);
- fflush(stdout);
- previousOps = ops;
- previousTime = latestTime;
- }
-}
-
-
-/**************************************************************************
-** End thread management routines.
-**************************************************************************/
-
-PRBool useModelSocket = PR_FALSE;
-PRBool disableSSL3 = PR_FALSE;
-PRBool disableTLS = PR_FALSE;
-PRBool disableRollBack = PR_FALSE;
-
-static const char stopCmd[] = { "GET /stop " };
-static const char getCmd[] = { "GET " };
-static const char EOFmsg[] = { "EOF\r\n\r\n\r\n" };
-static const char outHeader[] = {
- "HTTP/1.0 200 OK\r\n"
- "Server: Generic Web Server\r\n"
- "Date: Tue, 26 Aug 1997 22:10:05 GMT\r\n"
- "Content-type: text/plain\r\n"
- "\r\n"
-};
-
-#ifdef FULL_DUPLEX_CAPABLE
-
-struct lockedVarsStr {
- PZLock * lock;
- int count;
- int waiters;
- PZCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void
-lockedVars_Init( lockedVars * lv)
-{
- lv->count = 0;
- lv->waiters = 0;
- lv->lock = PZ_NewLock(nssILockSelfServ);
- lv->condVar = PZ_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
- PZ_DestroyCondVar(lv->condVar);
- lv->condVar = NULL;
-
- PZ_DestroyLock(lv->lock);
- lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
- PZ_Lock(lv->lock);
- while (lv->count > 0) {
- PZ_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
- }
- PZ_Unlock(lv->lock);
-}
-
-int /* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
- int rv;
-
- PZ_Lock(lv->lock);
- rv = lv->count += addend;
- if (rv <= 0) {
- PZ_NotifyCondVar(lv->condVar);
- }
- PZ_Unlock(lv->lock);
- return rv;
-}
-
-int
-do_writes(
- PRFileDesc * ssl_sock,
- PRFileDesc * model_sock,
- int requestCert
- )
-{
- int sent = 0;
- int count = 0;
- lockedVars * lv = (lockedVars *)model_sock;
-
- VLOG(("selfserv: do_writes: starting"));
- while (sent < bigBuf.len) {
-
- count = PR_Write(ssl_sock, bigBuf.data + sent, bigBuf.len - sent);
- if (count < 0) {
- errWarn("PR_Write bigBuf");
- break;
- }
- FPRINTF(stderr, "selfserv: PR_Write wrote %d bytes from bigBuf\n", count );
- sent += count;
- }
- if (count >= 0) { /* last write didn't fail. */
- PR_Shutdown(ssl_sock, PR_SHUTDOWN_SEND);
- }
-
- /* notify the reader that we're done. */
- lockedVars_AddToCount(lv, -1);
- FLUSH;
- VLOG(("selfserv: do_writes: exiting"));
- return (sent < bigBuf.len) ? SECFailure : SECSuccess;
-}
-
-static int
-handle_fdx_connection(
- PRFileDesc * tcp_sock,
- PRFileDesc * model_sock,
- int requestCert
- )
-{
- PRFileDesc * ssl_sock = NULL;
- SECStatus result;
- int firstTime = 1;
- lockedVars lv;
- PRSocketOptionData opt;
- char buf[10240];
-
-
- VLOG(("selfserv: handle_fdx_connection: starting"));
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- PR_SetSocketOption(tcp_sock, &opt);
-
- if (useModelSocket && model_sock) {
- SECStatus rv;
- ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
- if (!ssl_sock) {
- errWarn("SSL_ImportFD with model");
- goto cleanup;
- }
- rv = SSL_ResetHandshake(ssl_sock, /* asServer */ 1);
- if (rv != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- goto cleanup;
- }
- } else {
- ssl_sock = tcp_sock;
- }
-
- lockedVars_Init(&lv);
- lockedVars_AddToCount(&lv, 1);
-
- /* Attempt to launch the writer thread. */
- result = launch_thread(do_writes, ssl_sock, (PRFileDesc *)&lv,
- requestCert);
-
- if (result == SECSuccess)
- do {
- /* do reads here. */
- int count;
- count = PR_Read(ssl_sock, buf, sizeof buf);
- if (count < 0) {
- errWarn("FDX PR_Read");
- break;
- }
- FPRINTF(stderr, "selfserv: FDX PR_Read read %d bytes.\n", count );
- if (firstTime) {
- firstTime = 0;
- printSecurityInfo(ssl_sock);
- }
- } while (lockedVars_AddToCount(&lv, 0) > 0);
-
- /* Wait for writer to finish */
- lockedVars_WaitForDone(&lv);
- lockedVars_Destroy(&lv);
- FLUSH;
-
-cleanup:
- if (ssl_sock)
- PR_Close(ssl_sock);
- else
- PR_Close(tcp_sock);
-
- VLOG(("selfserv: handle_fdx_connection: exiting"));
- return SECSuccess;
-}
-
-#endif
-
-int
-handle_connection(
- PRFileDesc *tcp_sock,
- PRFileDesc *model_sock,
- int requestCert
- )
-{
- PRFileDesc * ssl_sock = NULL;
- PRFileDesc * local_file_fd = NULL;
- char * post;
- char * pBuf; /* unused space at end of buf */
- const char * errString;
- PRStatus status;
- int bufRem; /* unused bytes at end of buf */
- int bufDat; /* characters received in buf */
- int newln = 0; /* # of consecutive newlns */
- int firstTime = 1;
- int reqLen;
- int rv;
- int numIOVs;
- PRSocketOptionData opt;
- PRIOVec iovs[16];
- char msgBuf[160];
- char buf[10240];
- char fileName[513];
-
- pBuf = buf;
- bufRem = sizeof buf;
- memset(buf, 0, sizeof buf);
-
- VLOG(("selfserv: handle_connection: starting"));
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- PR_SetSocketOption(tcp_sock, &opt);
-
- VLOG(("selfserv: handle_connection: starting\n"));
- if (useModelSocket && model_sock) {
- SECStatus rv;
- ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
- if (!ssl_sock) {
- errWarn("SSL_ImportFD with model");
- goto cleanup;
- }
- rv = SSL_ResetHandshake(ssl_sock, /* asServer */ 1);
- if (rv != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- goto cleanup;
- }
- } else {
- ssl_sock = tcp_sock;
- }
-
- if (noDelay) {
- opt.option = PR_SockOpt_NoDelay;
- opt.value.no_delay = PR_TRUE;
- status = PR_SetSocketOption(ssl_sock, &opt);
- if (status != PR_SUCCESS) {
- errWarn("PR_SetSocketOption(PR_SockOpt_NoDelay, PR_TRUE)");
- PR_Close(ssl_sock);
- return SECFailure;
- }
- }
-
- while (1) {
- newln = 0;
- reqLen = 0;
- rv = PR_Read(ssl_sock, pBuf, bufRem);
- if (rv == 0 ||
- (rv < 0 && PR_END_OF_FILE_ERROR == PR_GetError())) {
- if (verbose)
- errWarn("HDX PR_Read hit EOF");
- break;
- }
- if (rv < 0) {
- errWarn("HDX PR_Read");
- goto cleanup;
- }
- if (firstTime) {
- firstTime = 0;
- printSecurityInfo(ssl_sock);
- }
-
- pBuf += rv;
- bufRem -= rv;
- bufDat = pBuf - buf;
- /* Parse the input, starting at the beginning of the buffer.
- * Stop when we detect two consecutive \n's (or \r\n's)
- * as this signifies the end of the GET or POST portion.
- * The posted data follows.
- */
- while (reqLen < bufDat && newln < 2) {
- int octet = buf[reqLen++];
- if (octet == '\n') {
- newln++;
- } else if (octet != '\r') {
- newln = 0;
- }
- }
-
- /* came to the end of the buffer, or second newln
- * If we didn't get an empty line (CRLFCRLF) then keep on reading.
- */
- if (newln < 2)
- continue;
-
- /* we're at the end of the HTTP request.
- * If the request is a POST, then there will be one more
- * line of data.
- * This parsing is a hack, but ok for SSL test purposes.
- */
- post = PORT_Strstr(buf, "POST ");
- if (!post || *post != 'P')
- break;
-
- /* It's a post, so look for the next and final CR/LF. */
- /* We should parse content length here, but ... */
- while (reqLen < bufDat && newln < 3) {
- int octet = buf[reqLen++];
- if (octet == '\n') {
- newln++;
- }
- }
- if (newln == 3)
- break;
- } /* read loop */
-
- bufDat = pBuf - buf;
- if (bufDat) do { /* just close if no data */
- /* Have either (a) a complete get, (b) a complete post, (c) EOF */
- if (reqLen > 0 && !strncmp(buf, getCmd, sizeof getCmd - 1)) {
- char * fnBegin = buf + 4;
- char * fnEnd;
- PRFileInfo info;
- /* try to open the file named.
- * If succesful, then write it to the client.
- */
- fnEnd = strpbrk(fnBegin, " \r\n");
- if (fnEnd) {
- int fnLen = fnEnd - fnBegin;
- if (fnLen < sizeof fileName) {
- strncpy(fileName, fnBegin, fnLen);
- fileName[fnLen] = 0; /* null terminate */
- status = PR_GetFileInfo(fileName, &info);
- if (status == PR_SUCCESS &&
- info.type == PR_FILE_FILE &&
- info.size >= 0 ) {
- local_file_fd = PR_Open(fileName, PR_RDONLY, 0);
- }
- }
- }
- }
- /* if user has requested client auth in a subsequent handshake,
- * do it here.
- */
- if (requestCert > 2) { /* request cert was 3 or 4 */
- CERTCertificate * cert = SSL_PeerCertificate(ssl_sock);
- if (cert) {
- CERT_DestroyCertificate(cert);
- } else {
- rv = SSL_OptionSet(ssl_sock, SSL_REQUEST_CERTIFICATE, 1);
- if (rv < 0) {
- errWarn("second SSL_OptionSet SSL_REQUEST_CERTIFICATE");
- break;
- }
- rv = SSL_OptionSet(ssl_sock, SSL_REQUIRE_CERTIFICATE,
- (requestCert == 4));
- if (rv < 0) {
- errWarn("second SSL_OptionSet SSL_REQUIRE_CERTIFICATE");
- break;
- }
- rv = SSL_ReHandshake(ssl_sock, PR_TRUE);
- if (rv != 0) {
- errWarn("SSL_ReHandshake");
- break;
- }
- rv = SSL_ForceHandshake(ssl_sock);
- if (rv < 0) {
- errWarn("SSL_ForceHandshake");
- break;
- }
- }
- }
-
- numIOVs = 0;
-
- iovs[numIOVs].iov_base = (char *)outHeader;
- iovs[numIOVs].iov_len = (sizeof(outHeader)) - 1;
- numIOVs++;
-
- if (local_file_fd) {
- PRInt32 bytes;
- int errLen;
- bytes = PR_TransmitFile(ssl_sock, local_file_fd, outHeader,
- sizeof outHeader - 1,
- PR_TRANSMITFILE_KEEP_OPEN,
- PR_INTERVAL_NO_TIMEOUT);
- if (bytes >= 0) {
- bytes -= sizeof outHeader - 1;
- FPRINTF(stderr,
- "selfserv: PR_TransmitFile wrote %d bytes from %s\n",
- bytes, fileName);
- break;
- }
- errString = errWarn("PR_TransmitFile");
- errLen = PORT_Strlen(errString);
- if (errLen > sizeof msgBuf - 1)
- errLen = sizeof msgBuf - 1;
- PORT_Memcpy(msgBuf, errString, errLen);
- msgBuf[errLen] = 0;
-
- iovs[numIOVs].iov_base = msgBuf;
- iovs[numIOVs].iov_len = PORT_Strlen(msgBuf);
- numIOVs++;
- } else if (reqLen <= 0) { /* hit eof */
- PORT_Sprintf(msgBuf, "Get or Post incomplete after %d bytes.\r\n",
- bufDat);
-
- iovs[numIOVs].iov_base = msgBuf;
- iovs[numIOVs].iov_len = PORT_Strlen(msgBuf);
- numIOVs++;
- } else if (reqLen < bufDat) {
- PORT_Sprintf(msgBuf, "Discarded %d characters.\r\n",
- bufDat - reqLen);
-
- iovs[numIOVs].iov_base = msgBuf;
- iovs[numIOVs].iov_len = PORT_Strlen(msgBuf);
- numIOVs++;
- }
-
- if (reqLen > 0) {
- if (verbose > 1)
- fwrite(buf, 1, reqLen, stdout); /* display it */
-
- iovs[numIOVs].iov_base = buf;
- iovs[numIOVs].iov_len = reqLen;
- numIOVs++;
-
-/* printSecurityInfo(ssl_sock); */
- }
-
- iovs[numIOVs].iov_base = (char *)EOFmsg;
- iovs[numIOVs].iov_len = sizeof EOFmsg - 1;
- numIOVs++;
-
- rv = PR_Writev(ssl_sock, iovs, numIOVs, PR_INTERVAL_NO_TIMEOUT);
- if (rv < 0) {
- errWarn("PR_Writev");
- break;
- }
- } while (0);
-
-cleanup:
- PR_Close(ssl_sock);
- if (local_file_fd)
- PR_Close(local_file_fd);
- VLOG(("selfserv: handle_connection: exiting\n"));
-
- /* do a nice shutdown if asked. */
- if (!strncmp(buf, stopCmd, sizeof stopCmd - 1)) {
- stopping = 1;
- VLOG(("selfserv: handle_connection: stop command"));
- PR_Interrupt(acceptorThread);
- PZ_TraceFlush();
- }
- VLOG(("selfserv: handle_connection: exiting"));
- return SECSuccess; /* success */
-}
-
-SECStatus
-do_accepts(
- PRFileDesc *listen_sock,
- PRFileDesc *model_sock,
- int requestCert
- )
-{
- PRNetAddr addr;
- PRErrorCode perr;
-
- VLOG(("selfserv: do_accepts: starting"));
- PR_SetThreadPriority( PR_GetCurrentThread(), PR_PRIORITY_HIGH);
-
- acceptorThread = PR_GetCurrentThread();
- while (!stopping) {
- PRFileDesc *tcp_sock;
- PRCList *myLink;
-
- FPRINTF(stderr, "\n\n\nselfserv: About to call accept.\n");
- tcp_sock = PR_Accept(listen_sock, &addr, PR_INTERVAL_NO_TIMEOUT);
- if (tcp_sock == NULL) {
- perr = PR_GetError();
- if ((perr != PR_CONNECT_RESET_ERROR &&
- perr != PR_PENDING_INTERRUPT_ERROR) || verbose) {
- errWarn("PR_Accept");
- }
- if (perr == PR_CONNECT_RESET_ERROR) {
- FPRINTF(stderr,
- "Ignoring PR_CONNECT_RESET_ERROR error - continue\n");
- continue;
- }
- stopping = 1;
- break;
- }
-
- VLOG(("selfserv: do_accept: Got connection\n"));
-
- if (logStats) {
- loggerOps++;
- }
-
- PZ_Lock(qLock);
- while (PR_CLIST_IS_EMPTY(&freeJobs) && !stopping) {
- PZ_WaitCondVar(freeListNotEmptyCv, PR_INTERVAL_NO_TIMEOUT);
- }
- if (stopping) {
- PZ_Unlock(qLock);
- PR_Close(tcp_sock);
- break;
- }
- myLink = PR_LIST_HEAD(&freeJobs);
- PR_REMOVE_AND_INIT_LINK(myLink);
- /* could release qLock here and reaquire it 7 lines below, but
- ** why bother for 4 assignment statements?
- */
- {
- JOB * myJob = (JOB *)myLink;
- myJob->tcp_sock = tcp_sock;
- myJob->model_sock = model_sock;
- myJob->requestCert = requestCert;
- }
-
- PR_APPEND_LINK(myLink, &jobQ);
- PZ_NotifyCondVar(jobQNotEmptyCv);
- PZ_Unlock(qLock);
- }
-
- FPRINTF(stderr, "selfserv: Closing listen socket.\n");
- VLOG(("selfserv: do_accepts: exiting"));
- PR_Close(listen_sock);
- return SECSuccess;
-}
-
-PRFileDesc *
-getBoundListenSocket(unsigned short port)
-{
- PRFileDesc * listen_sock;
- int listenQueueDepth = 5 + (2 * maxThreads);
- PRStatus prStatus;
- PRNetAddr addr;
- PRSocketOptionData opt;
-
- addr.inet.family = PR_AF_INET;
- addr.inet.ip = PR_INADDR_ANY;
- addr.inet.port = PR_htons(port);
-
- listen_sock = PR_NewTCPSocket();
- if (listen_sock == NULL) {
- errExit("PR_NewTCPSocket");
- }
-
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- prStatus = PR_SetSocketOption(listen_sock, &opt);
- if (prStatus < 0) {
- errExit("PR_SetSocketOption(PR_SockOpt_Nonblocking)");
- }
-
- opt.option=PR_SockOpt_Reuseaddr;
- opt.value.reuse_addr = PR_TRUE;
- prStatus = PR_SetSocketOption(listen_sock, &opt);
- if (prStatus < 0) {
- errExit("PR_SetSocketOption(PR_SockOpt_Reuseaddr)");
- }
-
- prStatus = PR_Bind(listen_sock, &addr);
- if (prStatus < 0) {
- errExit("PR_Bind");
- }
-
- prStatus = PR_Listen(listen_sock, listenQueueDepth);
- if (prStatus < 0) {
- errExit("PR_Listen");
- }
- return listen_sock;
-}
-
-void
-server_main(
- PRFileDesc * listen_sock,
- int requestCert,
- SECKEYPrivateKey ** privKey,
- CERTCertificate ** cert)
-{
- PRFileDesc *model_sock = NULL;
- int rv;
- SSLKEAType kea;
- SECStatus secStatus;
-
- if (useModelSocket) {
- model_sock = PR_NewTCPSocket();
- if (model_sock == NULL) {
- errExit("PR_NewTCPSocket on model socket");
- }
- model_sock = SSL_ImportFD(NULL, model_sock);
- if (model_sock == NULL) {
- errExit("SSL_ImportFD");
- }
- } else {
- model_sock = listen_sock = SSL_ImportFD(NULL, listen_sock);
- if (listen_sock == NULL) {
- errExit("SSL_ImportFD");
- }
- }
-
- /* do SSL configuration. */
- /* all suites except RSA_NULL_MD5 are enabled by default */
-
-#if 0
- /* This is supposed to be true by default.
- ** Setting it explicitly should not be necessary.
- ** Let's test and make sure that's true.
- */
- rv = SSL_OptionSet(model_sock, SSL_SECURITY, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_SECURITY");
- }
-#endif
-
- rv = SSL_OptionSet(model_sock, SSL_ENABLE_SSL3, !disableSSL3);
- if (rv != SECSuccess) {
- errExit("error enabling SSLv3 ");
- }
-
- rv = SSL_OptionSet(model_sock, SSL_ENABLE_TLS, !disableTLS);
- if (rv != SECSuccess) {
- errExit("error enabling TLS ");
- }
-
- rv = SSL_OptionSet(model_sock, SSL_ROLLBACK_DETECTION, !disableRollBack);
- if (rv != SECSuccess) {
- errExit("error enabling RollBack detection ");
- }
-
- for (kea = kt_rsa; kea < kt_kea_size; kea++) {
- if (cert[kea] != NULL) {
- secStatus = SSL_ConfigSecureServer(model_sock,
- cert[kea], privKey[kea], kea);
- if (secStatus != SECSuccess)
- errExit("SSL_ConfigSecureServer");
- }
- }
-
- if (bigBuf.data) { /* doing FDX */
- rv = SSL_OptionSet(model_sock, SSL_ENABLE_FDX, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_ENABLE_FDX");
- }
- }
-
- /* This cipher is not on by default. The Acceptance test
- * would like it to be. Turn this cipher on.
- */
-
- secStatus = SSL_CipherPrefSetDefault( SSL_RSA_WITH_NULL_MD5, PR_TRUE);
- if ( secStatus != SECSuccess ) {
- errExit("SSL_CipherPrefSetDefault:SSL_RSA_WITH_NULL_MD5");
- }
-
-
- if (requestCert) {
- SSL_AuthCertificateHook(model_sock, mySSLAuthCertificate,
- (void *)CERT_GetDefaultCertDB());
- if (requestCert <= 2) {
- rv = SSL_OptionSet(model_sock, SSL_REQUEST_CERTIFICATE, 1);
- if (rv < 0) {
- errExit("first SSL_OptionSet SSL_REQUEST_CERTIFICATE");
- }
- rv = SSL_OptionSet(model_sock, SSL_REQUIRE_CERTIFICATE,
- (requestCert == 2));
- if (rv < 0) {
- errExit("first SSL_OptionSet SSL_REQUIRE_CERTIFICATE");
- }
- }
- }
-
- if (MakeCertOK)
- SSL_BadCertHook(model_sock, myBadCertHandler, NULL);
-
- /* end of ssl configuration. */
-
-
- /* Now, do the accepting, here in the main thread. */
- rv = do_accepts(listen_sock, model_sock, requestCert);
-
- terminateWorkerThreads();
-
- if (useModelSocket && model_sock) {
- PR_Close(model_sock);
- }
-
-}
-
-SECStatus
-readBigFile(const char * fileName)
-{
- PRFileInfo info;
- PRStatus status;
- SECStatus rv = SECFailure;
- int count;
- int hdrLen;
- PRFileDesc *local_file_fd = NULL;
-
- status = PR_GetFileInfo(fileName, &info);
-
- if (status == PR_SUCCESS &&
- info.type == PR_FILE_FILE &&
- info.size > 0 &&
- NULL != (local_file_fd = PR_Open(fileName, PR_RDONLY, 0))) {
-
- hdrLen = PORT_Strlen(outHeader);
- bigBuf.len = hdrLen + info.size;
- bigBuf.data = PORT_Malloc(bigBuf.len + 4095);
- if (!bigBuf.data) {
- errWarn("PORT_Malloc");
- goto done;
- }
-
- PORT_Memcpy(bigBuf.data, outHeader, hdrLen);
-
- count = PR_Read(local_file_fd, bigBuf.data + hdrLen, info.size);
- if (count != info.size) {
- errWarn("PR_Read local file");
- goto done;
- }
- rv = SECSuccess;
-done:
- PR_Close(local_file_fd);
- }
- return rv;
-}
-
-int numChildren;
-PRProcess * child[MAX_PROCS];
-
-PRProcess *
-haveAChild(int argc, char **argv, PRProcessAttr * attr)
-{
- PRProcess * newProcess;
-
- newProcess = PR_CreateProcess(argv[0], argv, NULL, attr);
- if (!newProcess) {
- errWarn("Can't create new process.");
- } else {
- child[numChildren++] = newProcess;
- }
- return newProcess;
-}
-
-void
-beAGoodParent(int argc, char **argv, int maxProcs, PRFileDesc * listen_sock)
-{
- PRProcess * newProcess;
- PRProcessAttr * attr;
- int i;
- PRInt32 exitCode;
- PRStatus rv;
-
- rv = PR_SetFDInheritable(listen_sock, PR_TRUE);
- if (rv != PR_SUCCESS)
- errExit("PR_SetFDInheritable");
-
- attr = PR_NewProcessAttr();
- if (!attr)
- errExit("PR_NewProcessAttr");
-
- rv = PR_ProcessAttrSetInheritableFD(attr, listen_sock, inheritableSockName);
- if (rv != PR_SUCCESS)
- errExit("PR_ProcessAttrSetInheritableFD");
-
- for (i = 0; i < maxProcs; ++i) {
- newProcess = haveAChild(argc, argv, attr);
- if (!newProcess)
- break;
- }
-
- rv = PR_SetFDInheritable(listen_sock, PR_FALSE);
- if (rv != PR_SUCCESS)
- errExit("PR_SetFDInheritable");
-
- while (numChildren > 0) {
- newProcess = child[numChildren - 1];
- PR_WaitProcess(newProcess, &exitCode);
- fprintf(stderr, "Child %d exited with exit code %x\n",
- numChildren, exitCode);
- numChildren--;
- }
- exit(0);
-}
-
-#ifdef DEBUG_nelsonb
-void
-WaitForDebugger(void)
-{
-
- int waiting = 12;
- int myPid = _getpid();
- PRIntervalTime nrval = PR_SecondsToInterval(5);
-
- while (waiting) {
- printf("child %d is waiting to be debugged!\n", myPid);
- PR_Sleep(nrval);
- --waiting;
- }
-}
-#endif
-
-int
-main(int argc, char **argv)
-{
- char * progName = NULL;
- char * nickName = NULL;
- char * fNickName = NULL;
- const char * fileName = NULL;
- char * cipherString= NULL;
- const char * dir = ".";
- char * passwd = NULL;
- const char * pidFile = NULL;
- char * tmp;
- char * envString;
- PRFileDesc * listen_sock;
- CERTCertificate * cert [kt_kea_size] = { NULL };
- SECKEYPrivateKey * privKey[kt_kea_size] = { NULL };
- int optionsFound = 0;
- int maxProcs = 1;
- unsigned short port = 0;
- SECStatus rv;
- PRStatus prStatus;
- PRBool useExportPolicy = PR_FALSE;
- PRBool useLocalThreads = PR_FALSE;
- PLOptState *optstate;
- PLOptStatus status;
- PRThread *loggerThread;
-
-
- tmp = strrchr(argv[0], '/');
- tmp = tmp ? tmp + 1 : argv[0];
- progName = strrchr(tmp, '\\');
- progName = progName ? progName + 1 : tmp;
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- /* please keep this list of options in ASCII collating sequence.
- ** numbers, then capital letters, then lower case, alphabetical.
- */
- optstate = PL_CreateOptState(argc, argv,
- "2:3DL:M:RTc:d:f:hi:lmn:op:rt:vw:x");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- ++optionsFound;
- switch(optstate->option) {
- case '2': fileName = optstate->value; break;
-
- case '3': disableSSL3 = PR_TRUE; break;
-
- case 'D': noDelay = PR_TRUE; break;
-
- case 'L':
- logStats = PR_TRUE;
- logPeriod = PORT_Atoi(optstate->value);
- if (logPeriod < 0) logPeriod = 30;
- break;
-
- case 'M':
- maxProcs = PORT_Atoi(optstate->value);
- if (maxProcs < 1) maxProcs = 1;
- if (maxProcs > MAX_PROCS) maxProcs = MAX_PROCS;
- break;
-
- case 'R': disableRollBack = PR_TRUE; break;
-
- case 'T': disableTLS = PR_TRUE; break;
-
- case 'c': cipherString = strdup(optstate->value); break;
-
- case 'd': dir = optstate->value; break;
-
- case 'f': fNickName = strdup(optstate->value); break;
-
- case 'h': Usage(progName); exit(0); break;
-
- case 'i': pidFile = optstate->value; break;
-
- case 'l': useLocalThreads = PR_TRUE; break;
-
- case 'm': useModelSocket = PR_TRUE; break;
-
- case 'n': nickName = strdup(optstate->value); break;
-
- case 'o': MakeCertOK = 1; break;
-
- case 'p': port = PORT_Atoi(optstate->value); break;
-
- case 'r': ++requestCert; break;
-
- case 't':
- maxThreads = PORT_Atoi(optstate->value);
- if ( maxThreads > MAX_THREADS ) maxThreads = MAX_THREADS;
- if ( maxThreads < MIN_THREADS ) maxThreads = MIN_THREADS;
- break;
-
- case 'v': verbose++; break;
-
- case 'w': passwd = strdup(optstate->value); break;
-
- case 'x': useExportPolicy = PR_TRUE; break;
-
- default:
- case '?':
- fprintf(stderr, "Unrecognized or bad option specified.\n");
- fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
- exit(4);
- break;
- }
- }
- PL_DestroyOptState(optstate);
- if (status == PL_OPT_BAD) {
- fprintf(stderr, "Unrecognized or bad option specified.\n");
- fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
- exit(5);
- }
- if (!optionsFound) {
- Usage(progName);
- exit(51);
- }
-
- if ((nickName == NULL) && (fNickName == NULL)) {
- fprintf(stderr, "Required arg '-n' (rsa nickname) not supplied.\n");
- fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
- exit(6);
- }
-
- if (port == 0) {
- fprintf(stderr, "Required argument 'port' must be non-zero value\n");
- exit(7);
- }
-
- if (pidFile) {
- FILE *tmpfile=fopen(pidFile,"w+");
-
- if (tmpfile) {
- fprintf(tmpfile,"%d",getpid());
- fclose(tmpfile);
- }
- }
-
- envString = getenv(envVarName);
- tmp = getenv("TMP");
- if (!tmp)
- tmp = getenv("TMPDIR");
- if (!tmp)
- tmp = getenv("TEMP");
- if (envString) {
- /* we're one of the children in a multi-process server. */
- listen_sock = PR_GetInheritedFD(inheritableSockName);
- if (!listen_sock)
- errExit("PR_GetInheritedFD");
-#ifndef WINNT
- /* we can't do this on NT because it breaks NSPR and
- PR_Accept will fail on the socket in the child process if
- the socket state is change to non inheritable
- It is however a security issue to leave it accessible,
- but it is OK for a test server such as selfserv.
- NSPR should fix it eventually . see bugzilla 101617
- and 102077
- */
- prStatus = PR_SetFDInheritable(listen_sock, PR_FALSE);
- if (prStatus != PR_SUCCESS)
- errExit("PR_SetFDInheritable");
-#endif
-#ifdef DEBUG_nelsonb
- WaitForDebugger();
-#endif
- rv = SSL_InheritMPServerSIDCache(envString);
- if (rv != SECSuccess)
- errExit("SSL_InheritMPServerSIDCache");
- } else if (maxProcs > 1) {
- /* we're going to be the parent in a multi-process server. */
- listen_sock = getBoundListenSocket(port);
- rv = SSL_ConfigMPServerSIDCache(NUM_SID_CACHE_ENTRIES, 0, 0, tmp);
- if (rv != SECSuccess)
- errExit("SSL_ConfigMPServerSIDCache");
- beAGoodParent(argc, argv, maxProcs, listen_sock);
- exit(99); /* should never get here */
- } else {
- /* we're an ordinary single process server. */
- listen_sock = getBoundListenSocket(port);
- prStatus = PR_SetFDInheritable(listen_sock, PR_FALSE);
- if (prStatus != PR_SUCCESS)
- errExit("PR_SetFDInheritable");
- rv = SSL_ConfigServerSessionIDCache(NUM_SID_CACHE_ENTRIES, 0, 0, tmp);
- if (rv != SECSuccess)
- errExit("SSL_ConfigServerSessionIDCache");
- }
-
- lm = PR_NewLogModule("TestCase");
-
- if (fileName)
- readBigFile(fileName);
-
- /* set our password function */
- PK11_SetPasswordFunc( passwd ? ownPasswd : SECU_GetModulePassword);
-
- /* Call the libsec initialization routines */
- rv = NSS_Init(dir);
- if (rv != SECSuccess) {
- fputs("NSS_Init failed.\n", stderr);
- exit(8);
- }
-
- /* set the policy bits true for all the cipher suites. */
- if (useExportPolicy)
- NSS_SetExportPolicy();
- else
- NSS_SetDomesticPolicy();
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- const int *cptr;
- int cipher;
-
- if (! isalpha(ndx)) {
- fprintf(stderr,
- "Non-alphabetic char in cipher string (-c arg).\n");
- exit(9);
- }
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SECStatus status;
- status = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED);
- if (status != SECSuccess)
- SECU_PrintError(progName, "SSL_CipherPrefSet()");
- }
- }
- }
-
- if (nickName) {
- cert[kt_rsa] = PK11_FindCertFromNickname(nickName, passwd);
- if (cert[kt_rsa] == NULL) {
- fprintf(stderr, "selfserv: Can't find certificate %s\n", nickName);
- exit(10);
- }
- privKey[kt_rsa] = PK11_FindKeyByAnyCert(cert[kt_rsa], passwd);
- if (privKey[kt_rsa] == NULL) {
- fprintf(stderr, "selfserv: Can't find Private Key for cert %s\n",
- nickName);
- exit(11);
- }
- }
- if (fNickName) {
- cert[kt_fortezza] = PK11_FindCertFromNickname(fNickName, NULL);
- if (cert[kt_fortezza] == NULL) {
- fprintf(stderr, "selfserv: Can't find certificate %s\n", fNickName);
- exit(12);
- }
- privKey[kt_fortezza] = PK11_FindKeyByAnyCert(cert[kt_fortezza], NULL);
- }
-
- /* allocate the array of thread slots, and launch the worker threads. */
- rv = launch_threads(&jobLoop, 0, 0, requestCert, useLocalThreads);
-
- if (rv == SECSuccess && logStats) {
- loggerThread = PR_CreateThread(PR_USER_THREAD,
- logger, NULL, PR_PRIORITY_NORMAL,
- useLocalThreads ? PR_LOCAL_THREAD:PR_GLOBAL_THREAD,
- PR_UNJOINABLE_THREAD, 0);
- if (loggerThread == NULL) {
- fprintf(stderr, "selfserv: Failed to launch logger thread!\n");
- rv = SECFailure;
- }
- }
-
- if (rv == SECSuccess) {
- server_main(listen_sock, requestCert, privKey, cert);
- }
-
- VLOG(("selfserv: server_thread: exiting"));
-
- NSS_Shutdown();
- PR_Cleanup();
- return 0;
-}
diff --git a/security/nss/cmd/signtool/Makefile b/security/nss/cmd/signtool/Makefile
deleted file mode 100644
index 20225ffe1..000000000
--- a/security/nss/cmd/signtool/Makefile
+++ /dev/null
@@ -1,87 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-EXTRA_LIBS += \
- $(DIST)/lib/jar.lib \
- $(DIST)/lib/zlib.lib \
- $(NULL)
-
-else
-
-EXTRA_LIBS += \
- $(DIST)/lib/libjar.$(LIB_SUFFIX) \
- $(DIST)/lib/libzlib.$(LIB_SUFFIX) \
- $(NULL)
-endif
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/signtool/README b/security/nss/cmd/signtool/README
deleted file mode 100644
index 2bdb705c7..000000000
--- a/security/nss/cmd/signtool/README
+++ /dev/null
@@ -1,119 +0,0 @@
- Signing Tool (signtool)
- 1.3 Release Notes
- ========================================
-
-Documentation is provided online at mozilla.org
-
-Problems or questions not covered by the online documentation can be
-discussed in the DevEdge Security Newsgroup.
-
-=== New Features in 1.3
-=======================
-
-The security library components have been upgraded to utilize NSS_2_7_1_RTM.
-This means that the maximum RSA keysize now supported should be 4096 bits.
-
-=== Zigbert 0.6 Support
-=======================
-This program was previously named Zigbert. The last version of zigbert
-was Zigbert 0.6. Because all the functionality of Zigbert is maintained in
-signtool 1.2, Zigbert is no longer supported. If you have problems
-using Zigbert, please upgrade to signtool 1.2.
-
-=== New Features in 1.2
-=======================
-
-Certificate Generation Improvements
------------------------------------
-Two new options have been added to control generation of self-signed object
-signing certificates with the -G option. The -s option takes the size (in bits)
-of the generated RSA private key. The -t option takes the name of the PKCS #11
-token on which to generate the keypair and install the certificate. Both
-options are optional. By default, the private key is 1024 bits and is generated
-on the internal software token.
-
-
-=== New Features in 1.1
-=======================
-
-File I/O
---------
-Signtool can now read its options from a command file specified with the -f
-option on the command line. The format for the file is described in the
-documentation.
-Error messages and informational output can be redirected to an output file
-by supplying the "--outfile" option on the command line or the "outfile="
-option in the command file.
-
-New Options
------------
-"--norecurse" tells Signtool not to recurse into subdirectories when signing
-directories or parsing HTML with the -J option.
-"--leavearc" tells Signtool not to delete the temporary .arc directories
-produced by the -J option. This can aid debugging.
-"--verbosity" tells Signtool how much information to display. 0 is the
-default. -1 suppresses most messages, except for errors.
-
-=== Bug Fixes in 1.1
-====================
-
--J option revamped
-------------------
-The -J option, which parses HTML files, extracts Java and Javascript code,
-and stores them in signed JAR files, has been re-implemented. Several bugs
-have been fixed:
-- CODEBASE attribute is no longer ignored
-- CLASS and SRC attributes can be be paths ("xxx/xxx/x.class") rather than
- just filenames ("x.class").
-- LINK tags are handled correctly
-- various HTML parsing bugs fixed
-- error messages are more informative
-
-No Password on Key Database
----------------------------
-If you had not yet set a Communicator password (which locks key3.db, the
-key database), signtool would fail with a cryptic error message whenever it
-attempted to verify the password. Now this condition is detected at the
-beginning of the program, and a more informative message is displayed.
-
--x and -e Options
------------------
-Previously, only one of each of these options could be specified on the command
-line. Now arbitrarily many can be specified. For example, to sign only files
-with .class or .js extensions, the arguments "-eclass -ejs" could both be
-specified. To exclude the directories "subdir1" and "subdir2" from signing,
-the arguments "-x subdir1 -x subdir2" could both be specified.
-
-New Features in 1.0
-===================
-
-Creation of JAR files
-----------------------
-The -Z option causes signtool to output a JAR file formed by storing the
-signed archive in ZIP format. This eliminates the need to use a separate ZIP
-utility. The -c option specifies the compression level of the resulting
-JAR file.
-
-Generation of Object-Signing Certificates and Keys
---------------------------------------------------
-The -G option will create a new, self-signed object-signing certificate
-which can be used for testing purposes. The generated certificate and
-associated public and private keys will be installed in the cert7.db and
-key3.db files in the directory specified with the -d option (unless the key
-is generated on an external token using the -t option). On Unix systems,
-if no directory is specified, the user's Netscape directory (~/.netscape)
-will be used. In addition, the certificate is output in X509 format to the
-files x509.raw and x509.cacert in the current directory. x509.cacert can
-be published on a web page and imported into browsers that visit that page.
-
-Extraction and Signing of JavaScript from HTML
-----------------------------------------------
-The -J option activates the same functionality provided by the signpages
-Perl script. It will parse a directory of html files, creating archives
-of the JavaScript called from the HTML. These archives are then signed and
-made into JAR files.
-
-Enhanced Smart Card Support
----------------------------
-Certificates that reside on smart cards are displayed when using the -L and
--l options.
diff --git a/security/nss/cmd/signtool/README.TXT b/security/nss/cmd/signtool/README.TXT
deleted file mode 100644
index db79ec992..000000000
--- a/security/nss/cmd/signtool/README.TXT
+++ /dev/null
@@ -1,119 +0,0 @@
- Signing Tool (signtool)
- 1.3 Release Notes
- ========================================
-
-Documentation is provided online at mozilla.org
-
-Problems or questions not covered by the online documentation can be
-discussed in the DevEdge Security Newsgroup.
-
-=== New Features in 1.3
-=======================
-
-The security library components have been upgraded to utilize NSS_2_7_1_RTM.
-This means that the maximum RSA keysize now supported should be 4096 bits.
-
-=== Zigbert 0.6 Support
-=======================
-This program was previously named Zigbert. The last version of zigbert
-was Zigbert 0.6. Because all the functionality of Zigbert is maintained in
-signtool 1.2, Zigbert is no longer supported. If you have problems
-using Zigbert, please upgrade to signtool 1.2.
-
-=== New Features in 1.2
-=======================
-
-Certificate Generation Improvements
------------------------------------
-Two new options have been added to control generation of self-signed object
-signing certificates with the -G option. The -s option takes the size (in bits)
-of the generated RSA private key. The -t option takes the name of the PKCS #11
-token on which to generate the keypair and install the certificate. Both
-options are optional. By default, the private key is 1024 bits and is generated
-on the internal software token.
-
-
-=== New Features in 1.1
-=======================
-
-File I/O
---------
-Signtool can now read its options from a command file specified with the -f
-option on the command line. The format for the file is described in the
-documentation.
-Error messages and informational output can be redirected to an output file
-by supplying the "--outfile" option on the command line or the "outfile="
-option in the command file.
-
-New Options
------------
-"--norecurse" tells Signtool not to recurse into subdirectories when signing
-directories or parsing HTML with the -J option.
-"--leavearc" tells Signtool not to delete the temporary .arc directories
-produced by the -J option. This can aid debugging.
-"--verbosity" tells Signtool how much information to display. 0 is the
-default. -1 suppresses most messages, except for errors.
-
-=== Bug Fixes in 1.1
-====================
-
--J option revamped
-------------------
-The -J option, which parses HTML files, extracts Java and Javascript code,
-and stores them in signed JAR files, has been re-implemented. Several bugs
-have been fixed:
-- CODEBASE attribute is no longer ignored
-- CLASS and SRC attributes can be be paths ("xxx/xxx/x.class") rather than
- just filenames ("x.class").
-- LINK tags are handled correctly
-- various HTML parsing bugs fixed
-- error messages are more informative
-
-No Password on Key Database
----------------------------
-If you had not yet set a Communicator password (which locks key3.db, the
-key database), signtool would fail with a cryptic error message whenever it
-attempted to verify the password. Now this condition is detected at the
-beginning of the program, and a more informative message is displayed.
-
--x and -e Options
------------------
-Previously, only one of each of these options could be specified on the command
-line. Now arbitrarily many can be specified. For example, to sign only files
-with .class or .js extensions, the arguments "-eclass -ejs" could both be
-specified. To exclude the directories "subdir1" and "subdir2" from signing,
-the arguments "-x subdir1 -x subdir2" could both be specified.
-
-New Features in 1.0
-===================
-
-Creation of JAR files
-----------------------
-The -Z option causes signtool to output a JAR file formed by storing the
-signed archive in ZIP format. This eliminates the need to use a separate ZIP
-utility. The -c option specifies the compression level of the resulting
-JAR file.
-
-Generation of Object-Signing Certificates and Keys
---------------------------------------------------
-The -G option will create a new, self-signed object-signing certificate
-which can be used for testing purposes. The generated certificate and
-associated public and private keys will be installed in the cert7.db and
-key3.db files in the directory specified with the -d option (unless the key
-is generated on an external token using the -t option). On Unix systems,
-if no directory is specified, the user's Netscape directory (~/.netscape)
-will be used. In addition, the certificate is output in X509 format to the
-files x509.raw and x509.cacert in the current directory. x509.cacert can
-be published on a web page and imported into browsers that visit that page.
-
-Extraction and Signing of JavaScript from HTML
-----------------------------------------------
-The -J option activates the same functionality provided by the signpages
-Perl script. It will parse a directory of html files, creating archives
-of the JavaScript called from the HTML. These archives are then signed and
-made into JAR files.
-
-Enhanced Smart Card Support
----------------------------
-Certificates that reside on smart cards are displayed when using the -L and
--l options.
diff --git a/security/nss/cmd/signtool/certgen.c b/security/nss/cmd/signtool/certgen.c
deleted file mode 100644
index dd7128eaa..000000000
--- a/security/nss/cmd/signtool/certgen.c
+++ /dev/null
@@ -1,728 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-
-#include "secoid.h"
-#include "cryptohi.h"
-#include "certdb.h"
-
-static char* GetSubjectFromUser(unsigned long serial);
-static CERTCertificate* GenerateSelfSignedObjectSigningCert(char *nickname,
- CERTCertDBHandle *db, char *subject, unsigned long serial, int keysize,
- char *token);
-static SECStatus ChangeTrustAttributes(CERTCertDBHandle *db,
- CERTCertificate *cert, char *trusts);
-static SECStatus set_cert_type(CERTCertificate *cert, unsigned int type);
-static SECItem *sign_cert(CERTCertificate *cert, SECKEYPrivateKey *privk);
-static CERTCertificate* install_cert(CERTCertDBHandle *db, PK11SlotInfo *slot,
- SECItem *derCert, char *nickname);
-static SECStatus GenerateKeyPair(PK11SlotInfo *slot, SECKEYPublicKey **pubk,
- SECKEYPrivateKey **privk, int keysize);
-static CERTCertificateRequest* make_cert_request(char *subject,
- SECKEYPublicKey *pubk);
-static CERTCertificate * make_cert(CERTCertificateRequest *req,
- unsigned long serial, CERTName *ca_subject);
-static void output_ca_cert (CERTCertificate *cert, CERTCertDBHandle *db);
-
-
-/***********************************************************************
- *
- * G e n e r a t e C e r t
- *
- * Runs the whole process of creating a new cert, getting info from the
- * user, etc.
- */
-int
-GenerateCert(char *nickname, int keysize, char *token)
-{
- CERTCertDBHandle *db;
- CERTCertificate *cert;
- char *subject;
- unsigned long serial;
- char stdinbuf[160];
-
- /* Print warning about having the browser open */
- PR_fprintf(PR_STDOUT /*always go to console*/,
-"\nWARNING: Performing this operation while the browser is running could cause"
-"\ncorruption of your security databases. If the browser is currently running,"
-"\nyou should exit the browser before continuing this operation. Enter "
-"\n\"y\" to continue, or anything else to abort: ");
- pr_fgets(stdinbuf, 160, PR_STDIN);
- PR_fprintf(PR_STDOUT, "\n");
- if(tolower(stdinbuf[0]) != 'y') {
- PR_fprintf(errorFD, "Operation aborted at user's request.\n");
- errorCount++;
- return -1;
- }
-
- db = CERT_GetDefaultCertDB();
- if(!db) {
- FatalError("Unable to open certificate database");
- }
-
- if(PK11_FindCertFromNickname(nickname, NULL)) {
- PR_fprintf(errorFD,
-"ERROR: Certificate with nickname \"%s\" already exists in database. You\n"
-"must choose a different nickname.\n", nickname);
- errorCount++;
- exit(ERRX);
- }
-
- LL_L2UI(serial, PR_Now());
-
- subject = GetSubjectFromUser(serial);
-
- cert = GenerateSelfSignedObjectSigningCert(nickname, db, subject,
- serial, keysize, token);
-
- if(cert) {
- output_ca_cert(cert, db);
- }
-
- PORT_Free(subject);
- return 0;
-}
-
-#undef VERBOSE_PROMPTS
-
-/*********************************************************************8
- * G e t S u b j e c t F r o m U s e r
- *
- * Construct the subject information line for a certificate by querying
- * the user on stdin.
- */
-static char*
-GetSubjectFromUser(unsigned long serial)
-{
- char buf[STDIN_BUF_SIZE];
- char common_name_buf[STDIN_BUF_SIZE];
- char *common_name, *state, *orgunit, *country, *org, *locality;
- char *email, *uid;
- char *subject;
- char *cp;
- int subjectlen=0;
-
- common_name = state = orgunit = country = org = locality = email =
- uid = subject = NULL;
-
- /* Get subject information */
- PR_fprintf(PR_STDOUT,
-"\nEnter certificate information. All fields are optional. Acceptable\n"
-"characters are numbers, letters, spaces, and apostrophes.\n");
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nCOMMON NAME\n"
-"Enter the full name you want to give your certificate. (Example: Test-Only\n"
-"Object Signing Certificate)\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "certificate common name: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp == '\0') {
- sprintf(common_name_buf, "%s (%lu)", DEFAULT_COMMON_NAME, serial);
- cp = common_name_buf;
- }
- common_name = PORT_ZAlloc(strlen(cp) + 6);
- if(!common_name) {out_of_memory();}
- sprintf(common_name, "CN=%s, ", cp);
- subjectlen += strlen(common_name);
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nORGANIZATION NAME\n"
-"Enter the name of your organization. For example, this could be the name\n"
-"of your company.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "organization: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- org = PORT_ZAlloc(strlen(cp) + 5);
- if(!org) {out_of_memory();}
- sprintf(org, "O=%s, ", cp);
- subjectlen += strlen(org);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nORGANIZATION UNIT\n"
-"Enter the name of your organization unit. For example, this could be the\n"
-"name of your department.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "organization unit: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- orgunit = PORT_ZAlloc(strlen(cp)+6);
- if(!orgunit) {out_of_memory();}
- sprintf(orgunit, "OU=%s, ", cp);
- subjectlen += strlen(orgunit);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nSTATE\n"
-"Enter the name of your state or province.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "state or province: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- state = PORT_ZAlloc(strlen(cp)+6);
- if(!state) {out_of_memory();}
- sprintf(state, "ST=%s, ", cp);
- subjectlen += strlen(state);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nCOUNTRY\n"
-"Enter the 2-character abbreviation for the name of your country.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "country (must be exactly 2 characters): ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(cp);
- if(strlen(cp) != 2) {
- *cp = '\0'; /* country code must be 2 chars */
- }
- if(*cp != '\0') {
- country = PORT_ZAlloc(strlen(cp)+5);
- if(!country) {out_of_memory();}
- sprintf(country, "C=%s, ", cp);
- subjectlen += strlen(country);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nUSERNAME\n"
-"Enter your system username or UID\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "username: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- uid = PORT_ZAlloc(strlen(cp)+7);
- if(!uid) {out_of_memory();}
- sprintf(uid, "UID=%s, ", cp);
- subjectlen += strlen(uid);
- }
-
-#ifdef VERBOSE_PROMPTS
- PR_fprintf(PR_STDOUT, "\nEMAIL ADDRESS\n"
-"Enter your email address.\n"
-"-->");
-#else
- PR_fprintf(PR_STDOUT, "email address: ");
-#endif
- fgets(buf, STDIN_BUF_SIZE, stdin);
- cp = chop(buf);
- if(*cp != '\0') {
- email = PORT_ZAlloc(strlen(cp)+5);
- if(!email) {out_of_memory();}
- sprintf(email, "E=%s,", cp);
- subjectlen += strlen(email);
- }
-
- subjectlen++;
-
- subject = PORT_ZAlloc(subjectlen);
- if(!subject) {out_of_memory();}
-
- sprintf(subject, "%s%s%s%s%s%s%s",
- common_name ? common_name : "",
- org ? org : "",
- orgunit ? orgunit : "",
- state ? state : "",
- country ? country : "",
- uid ? uid : "",
- email ? email : ""
- );
- if( (strlen(subject) > 1) && (subject[strlen(subject)-1] == ' ') ) {
- subject[strlen(subject)-2] = '\0';
- }
-
- PORT_Free(common_name);
- PORT_Free(org);
- PORT_Free(orgunit);
- PORT_Free(state);
- PORT_Free(country);
- PORT_Free(uid);
- PORT_Free(email);
-
- return subject;
-}
-
-/**************************************************************************
- *
- * G e n e r a t e S e l f S i g n e d O b j e c t S i g n i n g C e r t
- * *phew*^
- *
- */
-static CERTCertificate*
-GenerateSelfSignedObjectSigningCert(char *nickname, CERTCertDBHandle *db,
- char *subject, unsigned long serial, int keysize, char *token)
-{
- CERTCertificate *cert, *temp_cert;
- SECItem *derCert;
- CERTCertificateRequest *req;
-
- PK11SlotInfo *slot = NULL;
- SECKEYPrivateKey *privk = NULL;
- SECKEYPublicKey *pubk = NULL;
-
- if( token ) {
- slot = PK11_FindSlotByName(token);
- } else {
- slot = PK11_GetInternalKeySlot();
- }
-
- if (slot == NULL) {
- PR_fprintf(errorFD, "Can't find PKCS11 slot %s\n",
- token ? token : "");
- errorCount++;
- exit (ERRX);
- }
-
- if( GenerateKeyPair(slot, &pubk, &privk, keysize) != SECSuccess) {
- FatalError("Error generating keypair.");
- }
- req = make_cert_request (subject, pubk);
- temp_cert = make_cert (req, serial, &req->subject);
- if(set_cert_type(temp_cert,
- NS_CERT_TYPE_OBJECT_SIGNING | NS_CERT_TYPE_OBJECT_SIGNING_CA)
- != SECSuccess) {
- FatalError("Unable to set cert type");
- }
-
- derCert = sign_cert (temp_cert, privk);
- cert = install_cert(db, slot, derCert, nickname);
- if(ChangeTrustAttributes(db, cert, ",,uC") != SECSuccess) {
- FatalError("Unable to change trust on generated certificate");
- }
-
- /* !!! Free memory ? !!! */
- PK11_FreeSlot(slot);
-
- return cert;
-}
-
-/**************************************************************************
- *
- * C h a n g e T r u s t A t t r i b u t e s
- */
-static SECStatus
-ChangeTrustAttributes(CERTCertDBHandle *db, CERTCertificate *cert, char *trusts)
-{
-
- CERTCertTrust *trust;
-
- if(!db || !cert || !trusts) {
- PR_fprintf(errorFD,"ChangeTrustAttributes got incomplete arguments.\n");
- errorCount++;
- return SECFailure;
- }
-
- trust = (CERTCertTrust*) PORT_ZAlloc(sizeof(CERTCertTrust));
- if(!trust) {
- PR_fprintf(errorFD, "ChangeTrustAttributes unable to allocate "
- "CERTCertTrust\n");
- errorCount++;
- return SECFailure;
- }
-
- if( CERT_DecodeTrustString(trust, trusts) ) {
- return SECFailure;
- }
-
- if( CERT_ChangeCertTrust(db, cert, trust) ) {
- PR_fprintf(errorFD, "unable to modify trust attributes for cert %s\n",
- cert->nickname ? cert->nickname : "");
- errorCount++;
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/*************************************************************************
- *
- * s e t _ c e r t _ t y p e
- */
-static SECStatus
-set_cert_type(CERTCertificate *cert, unsigned int type)
-{
- void *context;
- SECStatus status = SECSuccess;
- SECItem certType;
- char ctype;
-
- context = CERT_StartCertExtensions(cert);
-
- certType.type = siBuffer;
- certType.data = (unsigned char*) &ctype;
- certType.len = 1;
- ctype = (unsigned char)type;
- if(CERT_EncodeAndAddBitStrExtension(context, SEC_OID_NS_CERT_EXT_CERT_TYPE,
- &certType, PR_TRUE /*critical*/) != SECSuccess) {
- status = SECFailure;
- }
-
- if(CERT_FinishExtensions(context) != SECSuccess) {
- status = SECFailure;
- }
-
- return status;
-}
-
-/********************************************************************
- *
- * s i g n _ c e r t
- */
-static SECItem *
-sign_cert(CERTCertificate *cert, SECKEYPrivateKey *privk)
-{
- SECStatus rv;
-
- SECItem der2;
- SECItem *result2;
-
- void *dummy;
- SECOidTag alg;
-
- switch (privk->keyType)
- {
- case rsaKey:
- alg = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- break;
-
- case dsaKey:
- alg = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- FatalError("Unknown key type");
- }
-
- rv = SECOID_SetAlgorithmID (cert->arena, &cert->signature, alg, 0);
-
- if (rv != SECSuccess)
- {
- PR_fprintf(errorFD, "%s: unable to set signature alg id\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- der2.len = 0;
- der2.data = NULL;
-
- dummy = SEC_ASN1EncodeItem
- (cert->arena, &der2, cert, CERT_CertificateTemplate);
-
- if (rv != SECSuccess)
- {
- PR_fprintf(errorFD, "%s: error encoding cert\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- result2 = (SECItem *) PORT_ArenaZAlloc (cert->arena, sizeof (SECItem));
- if (result2 == NULL)
- out_of_memory();
-
- rv = SEC_DerSignData
- (cert->arena, result2, der2.data, der2.len, privk, alg);
-
- if (rv != SECSuccess)
- {
- PR_fprintf(errorFD, "can't sign encoded certificate data\n");
- errorCount++;
- exit (ERRX);
- }
- else if(verbosity >= 0) {
- PR_fprintf(outputFD, "certificate has been signed\n");
- }
-
- cert->derCert = *result2;
-
- return result2;
-}
-
-/*********************************************************************
- *
- * i n s t a l l _ c e r t
- *
- * Installs the cert in the permanent database.
- */
-static CERTCertificate*
-install_cert(CERTCertDBHandle *db, PK11SlotInfo *slot, SECItem *derCert,
- char *nickname)
-{
- CERTCertificate *newcert;
- CERTCertTrust trust;
- PK11SlotInfo *newSlot;
-
- newcert = CERT_DecodeDERCertificate(derCert, PR_TRUE, NULL);
-
- if (newcert == NULL) {
- PR_fprintf(errorFD, "%s: can't create new certificate\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- newSlot = PK11_ImportCertForKey(newcert, nickname, NULL /*wincx*/);
- if( slot == NULL ) {
- PR_fprintf(errorFD, "Unable to install certificate\n");
- errorCount++;
- exit(ERRX);
- }
-
- PORT_Memset ((void *) &trust, 0, sizeof(trust));
- trust.objectSigningFlags |= CERTDB_USER;
-
- if( newSlot == PK11_GetInternalKeySlot() ) {
- /* newcert is now a permanent cert */
- if( CERT_ChangeCertTrust(db, newcert, &trust) != SECSuccess) {
- PR_fprintf(errorFD,
- "Failed to change trust of generated certificate\n");
- errorCount++;
- exit(ERRX);
- }
- } else {
- if (CERT_AddTempCertToPerm (newcert, nickname, &trust) != SECSuccess) {
- PR_fprintf(errorFD, "%s: Failure adding \"%s\" certificate to "
- "permanent DB\n", PROGRAM_NAME, nickname);
- errorCount++;
- exit (ERRX);
- }
- }
-
- if(verbosity >= 0){
- PR_fprintf(outputFD, "certificate \"%s\" added to database\n", nickname);
- }
-
- return newcert;
-}
-
-/******************************************************************
- *
- * G e n e r a t e K e y P a i r
- */
-static SECStatus
-GenerateKeyPair(PK11SlotInfo *slot, SECKEYPublicKey **pubk,
- SECKEYPrivateKey **privk, int keysize)
-{
-
- PK11RSAGenParams rsaParams;
-
- if( keysize == -1 ) {
- rsaParams.keySizeInBits = DEFAULT_RSA_KEY_SIZE;
- } else {
- rsaParams.keySizeInBits = keysize;
- }
- rsaParams.pe = 0x10001;
-
- if(PK11_Authenticate( slot, PR_FALSE /*loadCerts*/, NULL /*wincx*/)
- != SECSuccess) {
- SECU_PrintError(progName, "failure authenticating to key database.\n");
- exit(ERRX);
- }
-
- *privk = PK11_GenerateKeyPair (slot, CKM_RSA_PKCS_KEY_PAIR_GEN, &rsaParams,
- pubk, PR_TRUE /*isPerm*/, PR_TRUE /*isSensitive*/, NULL /*wincx*/ );
-
- if (*privk != NULL && *pubk != NULL) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "generated public/private key pair\n");
- }
- } else {
- SECU_PrintError(progName, "failure generating key pair\n");
- exit (ERRX);
- }
-
- return SECSuccess;
-}
-
-/******************************************************************
- *
- * m a k e _ c e r t _ r e q u e s t
- */
-static CERTCertificateRequest*
-make_cert_request(char *subject, SECKEYPublicKey *pubk)
-{
- CERTName *subj;
- CERTSubjectPublicKeyInfo *spki;
-
- CERTCertificateRequest *req;
-
- /* Create info about public key */
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
- if (!spki) {
- SECU_PrintError(progName, "unable to create subject public key");
- exit (ERRX);
- }
-
- subj = CERT_AsciiToName (subject);
- if(subj == NULL) {
- FatalError("Invalid data in certificate description");
- }
-
- /* Generate certificate request */
- req = CERT_CreateCertificateRequest(subj, spki, 0);
- if (!req) {
- SECU_PrintError(progName, "unable to make certificate request");
- exit (ERRX);
- }
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "certificate request generated\n");
- }
-
- return req;
-}
-
-/******************************************************************
- *
- * m a k e _ c e r t
- */
-static CERTCertificate *
-make_cert(CERTCertificateRequest *req, unsigned long serial,
- CERTName *ca_subject)
-{
- CERTCertificate *cert;
-
- CERTValidity *validity = NULL;
-
- PRTime now, after;
- PRExplodedTime printableTime;
-
- now = PR_Now();
- PR_ExplodeTime (now, PR_GMTParameters, &printableTime);
-
- printableTime.tm_month += 3;
- after = PR_ImplodeTime (&printableTime);
-
- validity = CERT_CreateValidity (now, after);
-
- if (validity == NULL)
- {
- PR_fprintf(errorFD, "%s: error creating certificate validity\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- cert = CERT_CreateCertificate
- (serial, ca_subject, validity, req);
-
- if (cert == NULL)
- {
- /* should probably be more precise here */
- PR_fprintf(errorFD, "%s: error while generating certificate\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- return cert;
- }
-
-/*************************************************************************
- *
- * o u t p u t _ c a _ c e r t
- */
-static void
-output_ca_cert (CERTCertificate *cert, CERTCertDBHandle *db)
- {
- FILE *out;
-
- SECItem *encodedCertChain;
- SEC_PKCS7ContentInfo *certChain;
- char *filename;
-
- /* the raw */
-
- filename = PORT_ZAlloc(strlen(DEFAULT_X509_BASENAME)+8);
- if(!filename) out_of_memory();
-
- sprintf(filename, "%s.raw", DEFAULT_X509_BASENAME);
- if ((out = fopen (filename, "wb")) == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't open %s output file\n", PROGRAM_NAME, filename);
- errorCount++;
- exit(ERRX);
- }
-
- certChain = SEC_PKCS7CreateCertsOnly (cert, PR_TRUE, db);
- encodedCertChain
- = SEC_PKCS7EncodeItem (NULL, NULL, certChain, NULL, NULL, NULL);
-
- if (encodedCertChain)
- {
- fprintf(out, "Content-type: application/x-x509-ca-cert\n\n");
- fwrite (encodedCertChain->data, 1, encodedCertChain->len, out);
- }
- else {
- PR_fprintf(errorFD, "%s: Can't DER encode this certificate\n", PROGRAM_NAME);
- errorCount++;
- exit(ERRX);
- }
-
- fclose (out);
-
- /* and the cooked */
-
- sprintf(filename, "%s.cacert", DEFAULT_X509_BASENAME);
- if ((out = fopen (filename, "wb")) == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't open %s output file\n", PROGRAM_NAME, filename);
- errorCount++;
- return;
- }
-
- fprintf (out, "%s\n%s\n%s\n",
- NS_CERT_HEADER,
- BTOA_DataToAscii (cert->derCert.data, cert->derCert.len),
- NS_CERT_TRAILER);
-
- fclose (out);
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "Exported certificate to %s.raw and %s.cacert.\n",
- DEFAULT_X509_BASENAME, DEFAULT_X509_BASENAME);
- }
-}
diff --git a/security/nss/cmd/signtool/javascript.c b/security/nss/cmd/signtool/javascript.c
deleted file mode 100644
index 26bf39f9b..000000000
--- a/security/nss/cmd/signtool/javascript.c
+++ /dev/null
@@ -1,1787 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include <prmem.h>
-#include <prio.h>
-#include <prenv.h>
-
-static int javascript_fn(char *relpath, char *basedir, char *reldir,
- char *filename, void *arg);
-static int extract_js (char *filename);
-static int copyinto (char *from, char *to);
-static PRStatus ensureExists (char *base, char *path);
-static int make_dirs(char *path, PRInt32 file_perms);
-
-static char *jartree = NULL;
-static int idOrdinal;
-static PRBool dumpParse=PR_FALSE;
-
-static char *event_handlers[] = {
-"onAbort",
-"onBlur",
-"onChange",
-"onClick",
-"onDblClick",
-"onDragDrop",
-"onError",
-"onFocus",
-"onKeyDown",
-"onKeyPress",
-"onKeyUp",
-"onLoad",
-"onMouseDown",
-"onMouseMove",
-"onMouseOut",
-"onMouseOver",
-"onMouseUp",
-"onMove",
-"onReset",
-"onResize",
-"onSelect",
-"onSubmit",
-"onUnload"
-};
-static int num_handlers = 23;
-
-/*
- * I n l i n e J a v a S c r i p t
- *
- * Javascript signing. Instead of passing an archive to signtool,
- * a directory containing html files is given. Archives are created
- * from the archive= and src= tag attributes inside the html,
- * as appropriate. Then the archives are signed.
- *
- */
-int
-InlineJavaScript(char *dir, PRBool recurse)
-{
- jartree = dir;
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "\nGenerating inline signatures from HTML files in: %s\n", dir);
- }
- if(PR_GetEnv("SIGNTOOL_DUMP_PARSE")) {
- dumpParse = PR_TRUE;
- }
-
- return foreach(dir, "", javascript_fn, recurse, PR_FALSE /*include dirs*/,
- (void*)NULL);
-
-}
-
-/************************************************************************
- *
- * j a v a s c r i p t _ f n
- */
-static int javascript_fn
- (char *relpath, char *basedir, char *reldir, char *filename, void *arg)
-{
- char fullname [FNSIZE];
-
- /* only process inline scripts from .htm, .html, and .shtml*/
-
- if(! (PL_strcaserstr(filename, ".htm") == filename + strlen(filename) -4) &&
- ! (PL_strcaserstr(filename, ".html") == filename + strlen(filename) -5)&&
- ! (PL_strcaserstr(filename, ".shtml") == filename + strlen(filename)-6)){
- return 0;
- }
-
- /* don't process scripts that signtool has already
- extracted (those that are inside .arc directories) */
-
- if(PL_strcaserstr(filename, ".arc") == filename + strlen(filename) - 4)
- return 0;
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "Processing HTML file: %s\n", relpath);
- }
-
- /* reset firstArchive at top of each HTML file */
-
- /* skip directories that contain extracted scripts */
-
- if(PL_strcaserstr(reldir, ".arc") == reldir + strlen(reldir) - 4)
- return 0;
-
- sprintf (fullname, "%s/%s", basedir, relpath);
- return extract_js (fullname);
-}
-
-/*===========================================================================
- =
- = D A T A S T R U C T U R E S
- =
-*/
-typedef enum {
- TEXT_HTML_STATE=0,
- SCRIPT_HTML_STATE
-} HTML_STATE ;
-
-typedef enum {
- /* we start in the start state */
- START_STATE,
-
- /* We are looking for or reading in an attribute */
- GET_ATT_STATE,
-
- /* We're burning ws before finding an attribute */
- PRE_ATT_WS_STATE,
-
- /* We're burning ws after an attribute. Looking for an '='. */
- POST_ATT_WS_STATE,
-
- /* We're burning ws after an '=', waiting for a value */
- PRE_VAL_WS_STATE,
-
- /* We're reading in a value */
- GET_VALUE_STATE,
-
- /* We're reading in a value that's inside quotes */
- GET_QUOTED_VAL_STATE,
-
- /* We've encountered the closing '>' */
- DONE_STATE,
-
- /* Error state */
- ERR_STATE
-} TAG_STATE ;
-
-typedef struct AVPair_Str {
- char *attribute;
- char *value;
- unsigned int valueLine; /* the line that the value ends on */
- struct AVPair_Str *next;
-} AVPair;
-
-typedef enum {
- APPLET_TAG,
- SCRIPT_TAG,
- LINK_TAG,
- STYLE_TAG,
- COMMENT_TAG,
- OTHER_TAG
-} TAG_TYPE ;
-
-typedef struct {
- TAG_TYPE type;
- AVPair *attList;
- AVPair *attListTail;
- char *text;
-} TagItem;
-
-typedef enum {
- TAG_ITEM,
- TEXT_ITEM
-} ITEM_TYPE ;
-
-typedef struct HTMLItem_Str{
- unsigned int startLine;
- unsigned int endLine;
- ITEM_TYPE type;
- union {
- TagItem *tag;
- char *text;
- } item;
- struct HTMLItem_Str *next;
-} HTMLItem;
-
-typedef struct {
- PRFileDesc *fd;
- PRInt32 curIndex;
- PRBool IsEOF;
-#define FILE_BUFFER_BUFSIZE 512
- char buf[FILE_BUFFER_BUFSIZE];
- PRInt32 startOffset;
- PRInt32 maxIndex;
- unsigned int lineNum;
-} FileBuffer;
-
-/*===========================================================================
- =
- = F U N C T I O N S
- =
-*/
-static HTMLItem* CreateTextItem(char *text, unsigned int startline,
- unsigned int endline);
-static HTMLItem* CreateTagItem(TagItem* ti, unsigned int startline,
- unsigned int endline);
-static TagItem* ProcessTag(FileBuffer* fb, char **errStr);
-static void DestroyHTMLItem(HTMLItem *item);
-static void DestroyTagItem(TagItem* ti);
-static TAG_TYPE GetTagType(char *att);
-static FileBuffer* FB_Create(PRFileDesc* fd);
-static int FB_GetChar(FileBuffer *fb);
-static PRInt32 FB_GetPointer(FileBuffer *fb);
-static PRInt32 FB_GetRange(FileBuffer *fb, PRInt32 start, PRInt32 end,
- char **buf);
-static unsigned int FB_GetLineNum(FileBuffer *fb);
-static void FB_Destroy(FileBuffer *fb);
-static void PrintTagItem(PRFileDesc *fd, TagItem *ti);
-static void PrintHTMLStream(PRFileDesc *fd, HTMLItem *head);
-
-/************************************************************************
- *
- * C r e a t e T e x t I t e m
- */
-static HTMLItem*
-CreateTextItem(char *text, unsigned int startline, unsigned int endline)
-{
- HTMLItem *item;
-
- item = PR_Malloc(sizeof(HTMLItem));
- if(!item) {
- return NULL;
- }
-
- item->type = TEXT_ITEM;
- item->item.text = text;
- item->next = NULL;
- item->startLine = startline;
- item->endLine = endline;
-
- return item;
-}
-
-/************************************************************************
- *
- * C r e a t e T a g I t e m
- */
-static HTMLItem*
-CreateTagItem(TagItem* ti, unsigned int startline, unsigned int endline)
-{
- HTMLItem *item;
-
- item = PR_Malloc(sizeof(HTMLItem));
- if(!item) {
- return NULL;
- }
-
- item->type = TAG_ITEM;
- item->item.tag = ti;
- item->next = NULL;
- item->startLine = startline;
- item->endLine = endline;
-
- return item;
-}
-
-static PRBool
-isAttChar(char c)
-{
- return (isalnum(c) || c=='/' || c=='-');
-}
-
-/************************************************************************
- *
- * P r o c e s s T a g
- */
-static TagItem*
-ProcessTag(FileBuffer* fb, char **errStr)
-{
- TAG_STATE state;
- PRInt32 startText, startID, curPos;
- PRBool firstAtt;
- int curchar;
- TagItem *ti=NULL;
- AVPair *curPair=NULL;
- char quotechar;
- unsigned int linenum;
- unsigned int startline;
-
- state = START_STATE;
-
- startID = FB_GetPointer(fb);
- startText = startID;
- firstAtt = PR_TRUE;
-
- ti = (TagItem*) PR_Malloc(sizeof(TagItem));
- if(!ti) out_of_memory();
- ti->type = OTHER_TAG;
- ti->attList = NULL;
- ti->attListTail = NULL;
- ti->text = NULL;
-
- startline = FB_GetLineNum(fb);
-
- while(state != DONE_STATE && state != ERR_STATE) {
- linenum = FB_GetLineNum(fb);
- curchar = FB_GetChar(fb);
- if(curchar == EOF) {
- *errStr = PR_smprintf(
- "line %d: Unexpected end-of-file while parsing tag starting at line %d.\n", linenum, startline);
- state = ERR_STATE;
- continue;
- }
-
- switch(state) {
- case START_STATE:
- if(curchar=='!') {
- /*
- * SGML tag or comment
- * Here's the general rule for SGML tags. Everything from
- * <! to > is the tag. Inside the tag, comments are
- * delimited with --. So we are looking for the first '>'
- * that is not commented out, that is, not inside a pair
- * of --: <!DOCTYPE --this is a comment >(psyche!) -->
- */
-
- PRBool inComment = PR_FALSE;
- short hyphenCount = 0; /* number of consecutive hyphens */
-
- while(1) {
- linenum = FB_GetLineNum(fb);
- curchar = FB_GetChar(fb);
- if(curchar == EOF) {
- /* Uh oh, EOF inside comment */
- *errStr = PR_smprintf(
- "line %d: Unexpected end-of-file inside comment starting at line %d.\n",
- linenum, startline);
- state = ERR_STATE;
- break;
- }
- if(curchar=='-') {
- if(hyphenCount==1) {
- /* This is a comment delimiter */
- inComment = !inComment;
- hyphenCount=0;
- } else {
- /* beginning of a comment delimiter? */
- hyphenCount=1;
- }
- } else if(curchar=='>') {
- if(!inComment) {
- /* This is the end of the tag */
- state = DONE_STATE;
- break;
- } else {
- /* The > is inside a comment, so it's not
- * really the end of the tag */
- hyphenCount=0;
- }
- } else {
- hyphenCount = 0;
- }
- }
- ti->type = COMMENT_TAG;
- break;
- }
- /* fall through */
- case GET_ATT_STATE:
- if(isspace(curchar) || curchar=='=' || curchar=='>') {
- /* end of the current attribute */
- curPos = FB_GetPointer(fb)-2;
- if(curPos >= startID) {
- /* We have an attribute */
- curPair = (AVPair*)PR_Malloc(sizeof(AVPair));
- if(!curPair) out_of_memory();
- curPair->value = NULL;
- curPair->next = NULL;
- FB_GetRange(fb, startID, curPos, &curPair->attribute);
-
- /* Stick this attribute on the list */
- if(ti->attListTail) {
- ti->attListTail->next = curPair;
- ti->attListTail = curPair;
- } else {
- ti->attList = ti->attListTail = curPair;
- }
-
- /* If this is the first attribute, find the type of tag
- * based on it. Also, start saving the text of the tag. */
- if(firstAtt) {
- ti->type = GetTagType(curPair->attribute);
- startText = FB_GetPointer(fb)-1;
- firstAtt = PR_FALSE;
- }
- } else {
- if(curchar=='=') {
- /* If we don't have any attribute but we do have an
- * equal sign, that's an error */
- *errStr = PR_smprintf("line %d: Malformed tag starting at line %d.\n", linenum, startline);
- state = ERR_STATE;
- break;
- }
- }
-
- /* Compute next state */
- if(curchar=='=') {
- startID = FB_GetPointer(fb);
- state = PRE_VAL_WS_STATE;
- } else if(curchar=='>') {
- state = DONE_STATE;
- } else if(curPair) {
- state = POST_ATT_WS_STATE;
- } else {
- state = PRE_ATT_WS_STATE;
- }
- } else if(isAttChar(curchar)) {
- /* Just another char in the attribute. Do nothing */
- state = GET_ATT_STATE;
- } else {
- /* bogus char */
- *errStr= PR_smprintf("line %d: Bogus chararacter '%c' in tag.\n",
- linenum, curchar);
- state = ERR_STATE;
- break;
- }
- break;
- case PRE_ATT_WS_STATE:
- if(curchar=='>') {
- state = DONE_STATE;
- } else if(isspace(curchar)) {
- /* more whitespace, do nothing */
- } else if(isAttChar(curchar)) {
- /* starting another attribute */
- startID = FB_GetPointer(fb)-1;
- state = GET_ATT_STATE;
- } else {
- /* bogus char */
- *errStr = PR_smprintf("line %d: Bogus character '%c' in tag.\n",
- linenum, curchar);
- state = ERR_STATE;
- break;
- }
- break;
- case POST_ATT_WS_STATE:
- if(curchar=='>') {
- state = DONE_STATE;
- } else if(isspace(curchar)) {
- /* more whitespace, do nothing */
- } else if(isAttChar(curchar)) {
- /* starting another attribute */
- startID = FB_GetPointer(fb)-1;
- state = GET_ATT_STATE;
- } else if(curchar=='=') {
- /* there was whitespace between the attribute and its equal
- * sign, which means there's a value coming up */
- state = PRE_VAL_WS_STATE;
- } else {
- /* bogus char */
- *errStr = PR_smprintf("line %d: Bogus character '%c' in tag.\n",
- linenum, curchar);
- state = ERR_STATE;
- break;
- }
- break;
- case PRE_VAL_WS_STATE:
- if(curchar=='>') {
- /* premature end-of-tag (sounds like a personal problem). */
- *errStr = PR_smprintf(
- "line %d: End of tag while waiting for value.\n", linenum);
- state = ERR_STATE;
- break;
- } else if(isspace(curchar)) {
- /* more whitespace, do nothing */
- break;
- } else {
- /* this must be some sort of value. Fall through
- * to GET_VALUE_STATE */
- startID=FB_GetPointer(fb)-1;
- state = GET_VALUE_STATE;
- }
- /* Fall through if we didn't break on '>' or whitespace */
- case GET_VALUE_STATE:
- if(isspace(curchar) || curchar=='>') {
- /* end of value */
- curPos = FB_GetPointer(fb)-2;
- if(curPos >= startID) {
- /* Grab the value */
- FB_GetRange(fb, startID, curPos, &curPair->value);
- curPair->valueLine = linenum;
- } else {
- /* empty value, leave as NULL */
- }
- if(isspace(curchar)) {
- state = PRE_ATT_WS_STATE;
- } else {
- state = DONE_STATE;
- }
- } else if(curchar=='\"' || curchar=='\'') {
- /* quoted value. Start recording the value inside the quote*/
- startID = FB_GetPointer(fb);
- state = GET_QUOTED_VAL_STATE;
- quotechar = curchar; /* look for matching quote type */
- } else {
- /* just more value */
- }
- break;
- case GET_QUOTED_VAL_STATE:
- if(curchar == quotechar) {
- /* end of quoted value */
- curPos = FB_GetPointer(fb)-2;
- if(curPos >= startID) {
- /* Grab the value */
- FB_GetRange(fb, startID, curPos, &curPair->value);
- curPair->valueLine = linenum;
- } else {
- /* empty value, leave it as NULL */
- }
- state = GET_ATT_STATE;
- startID = FB_GetPointer(fb);
- } else {
- /* more quoted value, continue */
- }
- break;
- case DONE_STATE:
- case ERR_STATE:
- default:
- ; /* should never get here */
- }
- }
-
- if(state == DONE_STATE) {
- /* Get the text of the tag */
- curPos = FB_GetPointer(fb)-1;
- FB_GetRange(fb, startText, curPos, &ti->text);
-
- /* Return the tag */
- return ti;
- }
-
- /* Uh oh, an error. Kill the tag item*/
- DestroyTagItem(ti);
- return NULL;
-}
-
-/************************************************************************
- *
- * D e s t r o y H T M L I t e m
- */
-static void
-DestroyHTMLItem(HTMLItem *item)
-{
- if(item->type == TAG_ITEM) {
- DestroyTagItem(item->item.tag);
- } else {
- if(item->item.text) {
- PR_Free(item->item.text);
- }
- }
-}
-
-/************************************************************************
- *
- * D e s t r o y T a g I t e m
- */
-static void
-DestroyTagItem(TagItem* ti)
-{
- AVPair *temp;
-
- if(ti->text) {
- PR_Free(ti->text); ti->text = NULL;
- }
-
- while(ti->attList) {
- temp = ti->attList;
- ti->attList = ti->attList->next;
-
- if(temp->attribute) {
- PR_Free(temp->attribute); temp->attribute = NULL;
- }
- if(temp->value) {
- PR_Free(temp->value); temp->value = NULL;
- }
- PR_Free(temp);
- }
-
- PR_Free(ti);
-}
-
-/************************************************************************
- *
- * G e t T a g T y p e
- */
-static TAG_TYPE
-GetTagType(char *att)
-{
- if(!PORT_Strcasecmp(att, "APPLET")) {
- return APPLET_TAG;
- }
- if(!PORT_Strcasecmp(att, "SCRIPT")) {
- return SCRIPT_TAG;
- }
- if(!PORT_Strcasecmp(att, "LINK")) {
- return LINK_TAG;
- }
- if(!PORT_Strcasecmp(att, "STYLE")) {
- return STYLE_TAG;
- }
- return OTHER_TAG;
-}
-
-/************************************************************************
- *
- * F B _ C r e a t e
- */
-static FileBuffer*
-FB_Create(PRFileDesc* fd)
-{
- FileBuffer *fb;
- PRInt32 amountRead;
- PRInt32 storedOffset;
-
- fb = (FileBuffer*) PR_Malloc(sizeof(FileBuffer));
- fb->fd = fd;
- storedOffset = PR_Seek(fd, 0, PR_SEEK_CUR);
- PR_Seek(fd, 0, PR_SEEK_SET);
- fb->startOffset = 0;
- amountRead = PR_Read(fd, fb->buf, FILE_BUFFER_BUFSIZE);
- if(amountRead == -1) goto loser;
- fb->maxIndex = amountRead-1;
- fb->curIndex = 0;
- fb->IsEOF = (fb->curIndex>fb->maxIndex) ? PR_TRUE : PR_FALSE;
- fb->lineNum = 1;
-
- PR_Seek(fd, storedOffset, PR_SEEK_SET);
- return fb;
-loser:
- PR_Seek(fd, storedOffset, PR_SEEK_SET);
- PR_Free(fb);
- return NULL;
-}
-
-/************************************************************************
- *
- * F B _ G e t C h a r
- */
-static int
-FB_GetChar(FileBuffer *fb)
-{
- PRInt32 storedOffset;
- PRInt32 amountRead;
- int retval=-1;
-
- if(fb->IsEOF) {
- return EOF;
- }
-
- storedOffset = PR_Seek(fb->fd, 0, PR_SEEK_CUR);
-
- retval = fb->buf[fb->curIndex++];
- if(retval=='\n') fb->lineNum++;
-
- if(fb->curIndex > fb->maxIndex) {
- /* We're at the end of the buffer. Try to get some new data from the
- * file */
- fb->startOffset += fb->maxIndex+1;
- PR_Seek(fb->fd, fb->startOffset, PR_SEEK_SET);
- amountRead = PR_Read(fb->fd, fb->buf, FILE_BUFFER_BUFSIZE);
- if(amountRead==-1) goto loser;
- fb->maxIndex = amountRead-1;
- fb->curIndex = 0;
- }
-
- fb->IsEOF = (fb->curIndex > fb->maxIndex) ? PR_TRUE : PR_FALSE;
-
-loser:
- PR_Seek(fb->fd, storedOffset, PR_SEEK_SET);
- return retval;
-}
-
-/************************************************************************
- *
- * F B _ G e t L i n e N u m
- *
- */
-static unsigned int
-FB_GetLineNum(FileBuffer *fb)
-{
- return fb->lineNum;
-}
-
-/************************************************************************
- *
- * F B _ G e t P o i n t e r
- *
- */
-static PRInt32
-FB_GetPointer(FileBuffer *fb)
-{
- return fb->startOffset + fb->curIndex;
-}
-
-/************************************************************************
- *
- * F B _ G e t R a n g e
- *
- */
-static PRInt32
-FB_GetRange(FileBuffer *fb, PRInt32 start, PRInt32 end, char **buf)
-{
- PRInt32 amountRead;
- PRInt32 storedOffset;
-
- *buf = PR_Malloc(end-start+2);
- if(*buf == NULL) {
- return 0;
- }
-
- storedOffset = PR_Seek(fb->fd, 0, PR_SEEK_CUR);
- PR_Seek(fb->fd, start, PR_SEEK_SET);
- amountRead = PR_Read(fb->fd, *buf, end-start+1);
- PR_Seek(fb->fd, storedOffset, PR_SEEK_SET);
- if(amountRead == -1) {
- PR_Free(*buf);
- *buf = NULL;
- return 0;
- }
-
- (*buf)[end-start+1] = '\0';
- return amountRead;
-}
-
-
-/************************************************************************
- *
- * F B _ D e s t r o y
- *
- */
-static void
-FB_Destroy(FileBuffer *fb)
-{
- if(fb) {
- PR_Free(fb);
- }
-}
-
-/************************************************************************
- *
- * P r i n t T a g I t e m
- *
- */
-static void
-PrintTagItem(PRFileDesc *fd, TagItem *ti)
-{
- AVPair *pair;
-
- PR_fprintf(fd, "TAG:\n----\nType: ");
- switch(ti->type) {
- case APPLET_TAG:
- PR_fprintf(fd, "applet\n");
- break;
- case SCRIPT_TAG:
- PR_fprintf(fd, "script\n");
- break;
- case LINK_TAG:
- PR_fprintf(fd, "link\n");
- break;
- case STYLE_TAG:
- PR_fprintf(fd, "style\n");
- break;
- case COMMENT_TAG:
- PR_fprintf(fd, "comment\n");
- break;
- case OTHER_TAG:
- default:
- PR_fprintf(fd, "other\n");
- break;
- }
-
- PR_fprintf(fd, "Attributes:\n");
- for(pair = ti->attList; pair; pair=pair->next) {
- PR_fprintf(fd, "\t%s=%s\n", pair->attribute,
- pair->value ? pair->value : "");
- }
- PR_fprintf(fd, "Text:%s\n", ti->text ? ti->text : "");
-
- PR_fprintf(fd, "---End of tag---\n");
-}
-
-
-/************************************************************************
- *
- * P r i n t H T M L S t r e a m
- *
- */
-static void
-PrintHTMLStream(PRFileDesc *fd, HTMLItem *head)
-{
- while(head) {
- if(head->type==TAG_ITEM) {
- PrintTagItem(fd, head->item.tag);
- } else {
- PR_fprintf(fd, "\nTEXT:\n-----\n%s\n-----\n\n", head->item.text);
- }
- head = head->next;
- }
-}
-
-/************************************************************************
- *
- * S a v e I n l i n e S c r i p t
- *
- */
-static int
-SaveInlineScript(char *text, char *id, char *basedir, char *archiveDir)
-{
- char *filename=NULL;
- PRFileDesc *fd=NULL;
- int retval = -1;
- PRInt32 writeLen;
- char *ilDir=NULL;
-
- if(!text || !id || !archiveDir) {
- return -1;
- }
-
- if(dumpParse) {
- PR_fprintf(outputFD, "SaveInlineScript: text=%s, id=%s, \n"
- "basedir=%s, archiveDir=%s\n",
- text, id, basedir, archiveDir);
- }
-
- /* Make sure the archive directory is around */
- if(ensureExists(basedir, archiveDir) != PR_SUCCESS) {
- PR_fprintf(errorFD,
- "ERROR: Unable to create archive directory %s.\n", archiveDir);
- errorCount++;
- return -1;
- }
-
- /* Make sure the inline script directory is around */
- ilDir = PR_smprintf("%s/inlineScripts", archiveDir);
- scriptdir = "inlineScripts";
- if(ensureExists(basedir, ilDir) != PR_SUCCESS) {
- PR_fprintf(errorFD,
- "ERROR: Unable to create directory %s.\n", ilDir);
- errorCount++;
- return -1;
- }
-
- filename = PR_smprintf("%s/%s/%s", basedir, ilDir, id);
-
- /* If the file already exists, give a warning, then blow it away */
- if(PR_Access(filename, PR_ACCESS_EXISTS) == PR_SUCCESS) {
- PR_fprintf(errorFD,
- "warning: file \"%s\" already exists--will overwrite.\n",
- filename);
- warningCount++;
- if(rm_dash_r(filename)) {
- PR_fprintf(errorFD,
- "ERROR: Unable to delete %s.\n", filename);
- errorCount++;
- goto finish;
- }
- }
-
- /* Write text into file with name id */
- fd = PR_Open(filename, PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777);
- if(!fd) {
- PR_fprintf(errorFD, "ERROR: Unable to create file \"%s\".\n",
- filename);
- errorCount++;
- goto finish;
- }
- writeLen = strlen(text);
- if( PR_Write(fd, text, writeLen) != writeLen) {
- PR_fprintf(errorFD, "ERROR: Unable to write to file \"%s\".\n",
- filename);
- errorCount++;
- goto finish;
- }
-
- retval = 0;
-finish:
- if(filename) {
- PR_smprintf_free(filename);
- }
- if(ilDir) {
- PR_smprintf_free(ilDir);
- }
- if(fd) {
- PR_Close(fd);
- }
- return retval;
-}
-
-/************************************************************************
- *
- * S a v e U n n a m a b l e S c r i p t
- *
- */
-static int
-SaveUnnamableScript(char *text, char *basedir, char *archiveDir,
- char *HTMLfilename)
-{
- char *id=NULL;
- char *ext=NULL;
- char *start=NULL;
- int retval = -1;
-
- if(!text || !archiveDir || !HTMLfilename) {
- return -1;
- }
-
- if(dumpParse) {
- PR_fprintf(outputFD, "SaveUnnamableScript: text=%s, basedir=%s,\n"
- "archiveDir=%s, filename=%s\n", text, basedir, archiveDir,
- HTMLfilename);
- }
-
- /* Construct the filename */
- ext = PL_strrchr(HTMLfilename, '.');
- if(ext) {
- *ext = '\0';
- }
- for(start=HTMLfilename; strpbrk(start, "/\\");
- start=strpbrk(start, "/\\")+1);
- if(*start=='\0') start = HTMLfilename;
- id = PR_smprintf("_%s%d", start, idOrdinal++);
- if(ext) {
- *ext = '.';
- }
-
- /* Now call SaveInlineScript to do the work */
- retval = SaveInlineScript(text, id, basedir, archiveDir);
-
- PR_Free(id);
-
- return retval;
-}
-
-/************************************************************************
- *
- * S a v e S o u r c e
- *
- */
-static int
-SaveSource(char *src, char *codebase, char *basedir, char *archiveDir)
-{
- char *from=NULL, *to=NULL;
- int retval = -1;
- char *arcDir=NULL;
-
- if(!src || !archiveDir) {
- return -1;
- }
-
- if(dumpParse) {
- PR_fprintf(outputFD, "SaveSource: src=%s, codebase=%s, basedir=%s,\n"
- "archiveDir=%s\n", src, codebase, basedir, archiveDir);
- }
-
- if(codebase) {
- arcDir = PR_smprintf("%s/%s/%s/", basedir, codebase, archiveDir);
- } else {
- arcDir = PR_smprintf("%s/%s/", basedir, archiveDir);
- }
-
- if(codebase) {
- from = PR_smprintf("%s/%s/%s", basedir, codebase, src);
- to = PR_smprintf("%s%s", arcDir, src);
- } else {
- from = PR_smprintf("%s/%s", basedir, src);
- to = PR_smprintf("%s%s", arcDir, src);
- }
-
- if(make_dirs(to, 0777)) {
- PR_fprintf(errorFD,
- "ERROR: Unable to create archive directory %s.\n", archiveDir);
- errorCount++;
- goto finish;
- }
-
- retval = copyinto(from, to);
-finish:
- if(from) PR_Free(from);
- if(to) PR_Free(to);
- if(arcDir) PR_Free(arcDir);
- return retval;
-}
-
-/************************************************************************
- *
- * T a g T y p e T o S t r i n g
- *
- */
-char *
-TagTypeToString(TAG_TYPE type)
-{
- switch(type) {
- case APPLET_TAG:
- return "APPLET";
- case SCRIPT_TAG:
- return "SCRIPT";
- case LINK_TAG:
- return "LINK";
- case STYLE_TAG:
- return "STYLE";
- default:
- break;
- }
- return "unknown";
-}
-
-/************************************************************************
- *
- * e x t r a c t _ j s
- *
- */
-static int
-extract_js(char *filename)
-{
- PRFileDesc *fd=NULL;
- FileBuffer *fb=NULL;
- HTML_STATE state;
- int curchar;
- HTMLItem *head = NULL;
- HTMLItem *tail = NULL;
- PRInt32 textStart;
- PRInt32 curOffset;
- TagItem *tagp=NULL;
- char *text=NULL;
- HTMLItem *curitem=NULL;
- int retval = -1;
- char *tagerr=NULL;
- unsigned int linenum, startLine;
- char *archiveDir=NULL, *firstArchiveDir=NULL;
- HTMLItem *styleList, *styleListTail;
- HTMLItem *entityList, *entityListTail;
- char *basedir=NULL;
-
- styleList = entityList = styleListTail = entityListTail = NULL;
-
- /* Initialize the implicit ID counter for each file */
- idOrdinal = 0;
-
- /*
- * First, parse the HTML into a stream of tags and text.
- */
-
- fd = PR_Open(filename, PR_RDONLY, 0);
- if(!fd) {
- PR_fprintf(errorFD, "Unable to open %s for reading.\n", filename);
- errorCount++;
- return -1;
- }
-
- /* Construct base directory of filename. */
- {
- char *cp;
-
- basedir = PL_strdup(filename);
-
- /* Remove trailing slashes */
- while( (cp = PL_strprbrk(basedir, "/\\")) ==
- (basedir + strlen(basedir) - 1)) {
- *cp = '\0';
- }
-
- /* Now remove everything from the last slash (which will be followed
- * by a filename) to the end */
- cp = PL_strprbrk(basedir, "/\\");
- if(cp) {
- *cp = '\0';
- }
- }
-
- state = TEXT_HTML_STATE;
-
- fb = FB_Create(fd);
-
- textStart=0;
- startLine = 0;
- while(linenum=FB_GetLineNum(fb), (curchar = FB_GetChar(fb)) != EOF) {
- switch(state) {
- case TEXT_HTML_STATE:
- if(curchar == '<') {
- /*
- * Found a tag
- */
- /* Save the text so far to a new text item */
- curOffset = FB_GetPointer(fb)-2;
- if(curOffset >= textStart) {
- if(FB_GetRange(fb, textStart, curOffset, &text) !=
- curOffset-textStart+1) {
- PR_fprintf(errorFD,
- "Unable to read from %s.\n", filename);
- errorCount++;
- goto loser;
- }
- /* little fudge here. If the first character on a line
- * is '<', meaning a new tag, the preceding text item
- * actually ends on the previous line. In this case
- * we will be saying that the text segment ends on the
- * next line. I don't think this matters for text items. */
- curitem = CreateTextItem(text, startLine, linenum);
- text = NULL;
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
- }
-
- /* Process the tag */
- tagp = ProcessTag(fb, &tagerr);
- if(!tagp) {
- if(tagerr) {
- PR_fprintf(errorFD, "Error in file %s: %s\n",
- filename, tagerr);
- errorCount++;
- } else {
- PR_fprintf(errorFD,
- "Error in file %s, in tag starting at line %d\n",
- filename, linenum);
- errorCount++;
- }
- goto loser;
- }
- /* Add the tag to the list */
- curitem = CreateTagItem(tagp, linenum, FB_GetLineNum(fb));
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
-
- /* What's the next state */
- if(tagp->type == SCRIPT_TAG) {
- state = SCRIPT_HTML_STATE;
- }
-
- /* Start recording text from the new offset */
- textStart = FB_GetPointer(fb);
- startLine = FB_GetLineNum(fb);
- } else {
- /* regular character. Next! */
- }
- break;
- case SCRIPT_HTML_STATE:
- if(curchar == '<') {
- char *cp;
- /*
- * If this is a </script> tag, then we're at the end of the
- * script. Otherwise, ignore
- */
- curOffset = FB_GetPointer(fb)-1;
- cp = NULL;
- if(FB_GetRange(fb, curOffset, curOffset+8, &cp) != 9) {
- if(cp) { PR_Free(cp); cp = NULL; }
- } else {
- /* compare the strings */
- if( !PORT_Strncasecmp(cp, "</script>", 9) ) {
- /* This is the end of the script. Record the text. */
- curOffset--;
- if(curOffset >= textStart) {
- if(FB_GetRange(fb, textStart, curOffset, &text) !=
- curOffset-textStart+1) {
- PR_fprintf(errorFD,
- "Unable to read from %s.\n", filename);
- errorCount++;
- goto loser;
- }
- curitem = CreateTextItem(text, startLine, linenum);
- text = NULL;
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
- }
-
- /* Now parse the /script tag and put it on the list */
- tagp = ProcessTag(fb, &tagerr);
- if(!tagp) {
- if(tagerr) {
- PR_fprintf(errorFD,
- "Error in file %s: %s\n", filename, tagerr);
- } else {
- PR_fprintf(errorFD,
- "Error in file %s, in tag starting at"
- " line %d\n", filename, linenum);
- }
- errorCount++;
- goto loser;
- }
- curitem = CreateTagItem(tagp, linenum,
- FB_GetLineNum(fb));
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
-
- /* go back to text state */
- state = TEXT_HTML_STATE;
-
- textStart = FB_GetPointer(fb);
- startLine = FB_GetLineNum(fb);
- }
- }
- }
- break;
- }
- }
-
- /* End of the file. Wrap up any remaining text */
- if(state == SCRIPT_HTML_STATE) {
- if(tail && tail->type==TAG_ITEM) {
- PR_fprintf(errorFD, "ERROR: <SCRIPT> tag at %s:%d is not followed "
- "by a </SCRIPT> tag.\n", filename, tail->startLine);
- } else {
- PR_fprintf(errorFD, "ERROR: <SCRIPT> tag in file %s is not followed"
- " by a </SCRIPT tag.\n", filename);
- }
- errorCount++;
- goto loser;
- }
- curOffset = FB_GetPointer(fb)-1;
- if(curOffset >= textStart) {
- text = NULL;
- if( FB_GetRange(fb, textStart, curOffset, &text) !=
- curOffset-textStart+1) {
- PR_fprintf(errorFD, "Unable to read from %s.\n", filename);
- errorCount++;
- goto loser;
- }
- curitem = CreateTextItem(text, startLine, linenum);
- text = NULL;
- if(tail == NULL) {
- head = tail = curitem;
- } else {
- tail->next = curitem;
- tail = curitem;
- }
- }
-
- if(dumpParse) {
- PrintHTMLStream(outputFD, head);
- }
-
-
-
-
- /*
- * Now we have a stream of tags and text. Go through and deal with each.
- */
- for(curitem = head; curitem; curitem = curitem->next) {
- TagItem *tagp=NULL;
- AVPair *pairp=NULL;
- char *src=NULL, *id=NULL, *codebase=NULL;
- PRBool hasEventHandler=PR_FALSE;
- int i;
-
- /* Reset archive directory for each tag */
- if(archiveDir) {
- PR_Free(archiveDir); archiveDir = NULL;
- }
-
- /* We only analyze tags */
- if(curitem->type != TAG_ITEM) {
- continue;
- }
-
- tagp = curitem->item.tag;
-
- /* go through the attributes to get information */
- for(pairp=tagp->attList; pairp; pairp=pairp->next) {
-
- /* ARCHIVE= */
- if( !PL_strcasecmp(pairp->attribute, "archive")) {
- if(archiveDir) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " in tag starting at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- PR_Free(archiveDir);
- }
- archiveDir = PL_strdup(pairp->value);
-
- /* Substiture ".arc" for ".jar" */
- if( (PL_strlen(archiveDir)<4) ||
- PL_strcasecmp((archiveDir+strlen(archiveDir)-4), ".jar")){
- PR_fprintf(errorFD,
- "warning: ARCHIVE attribute should end in \".jar\" in tag"
- " starting on %s:%d.\n", filename, curitem->startLine);
- warningCount++;
- PR_Free(archiveDir);
- archiveDir = PR_smprintf("%s.arc", archiveDir);
- } else {
- PL_strcpy(archiveDir+strlen(archiveDir)-4, ".arc");
- }
-
- /* Record the first archive. This will be used later if
- * the archive is not specified */
- if(firstArchiveDir == NULL) {
- firstArchiveDir = PL_strdup(archiveDir);
- }
- }
-
- /* CODEBASE= */
- else if( !PL_strcasecmp(pairp->attribute, "codebase")) {
- if(codebase) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " in tag staring at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- }
- codebase = pairp->value;
- }
-
- /* SRC= and HREF= */
- else if( !PORT_Strcasecmp(pairp->attribute, "src") ||
- !PORT_Strcasecmp(pairp->attribute, "href") ) {
- if(src) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " in tag staring at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- }
- src = pairp->value;
- }
-
- /* CODE= */
- else if(!PORT_Strcasecmp(pairp->attribute, "code") ) {
- /*!!!XXX Change PORT to PL all over this code !!! */
- if(src) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " ,in tag staring at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- }
- src = pairp->value;
-
- /* Append a .class if one is not already present */
- if( (PL_strlen(src)<6) ||
- PL_strcasecmp( (src + PL_strlen(src) - 6), ".class") ) {
- src = PR_smprintf("%s.class", src);
- /* Put this string back into the data structure so it
- * will be deallocated properly */
- PR_Free(pairp->value);
- pairp->value = src;
- }
- }
-
- /* ID= */
- else if (!PL_strcasecmp(pairp->attribute, "id") ) {
- if(id) {
- /* Duplicate attribute. Print warning */
- PR_fprintf(errorFD,
- "warning: \"%s\" attribute overwrites previous attribute"
- " in tag staring at %s:%d.\n",
- pairp->attribute, filename, curitem->startLine);
- warningCount++;
- }
- id = pairp->value;
- }
-
- /* STYLE= */
- /* style= attributes, along with JS entities, are stored into
- * files with dynamically generated names. The filenames are
- * based on the order in which the text is found in the file.
- * All JS entities on all lines up to and including the line
- * containing the end of the tag that has this style= attribute
- * will be processed before this style=attribute. So we need
- * to record the line that this _tag_ (not the attribute) ends on.
- */
- else if(!PL_strcasecmp(pairp->attribute, "style") && pairp->value) {
- HTMLItem *styleItem;
- /* Put this item on the style list */
- styleItem = CreateTextItem(PL_strdup(pairp->value),
- curitem->startLine, curitem->endLine);
- if(styleListTail == NULL) {
- styleList = styleListTail = styleItem;
- } else {
- styleListTail->next = styleItem;
- styleListTail = styleItem;
- }
- }
-
- /* Event handlers */
- else {
- for(i=0; i < num_handlers; i++) {
- if(!PL_strcasecmp(event_handlers[i], pairp->attribute)) {
- hasEventHandler = PR_TRUE;
- break;
- }
- }
- }
-
- /* JS Entity */
- {
- char *entityStart, *entityEnd;
- HTMLItem *entityItem;
-
- /* go through each JavaScript entity ( &{...}; ) and store it
- * in the entityList. The important thing is to record what
- * line number it's on, so we can get it in the right order
- * in relation to style= attributes.
- * Apparently, these can't flow across lines, so the start and
- * end line will be the same. That helps matters.
- */
- entityEnd = pairp->value;
- while( entityEnd &&
- (entityStart = PL_strstr(entityEnd, "&{")) != NULL) {
- entityStart +=2; /* point at beginning of actual entity */
- entityEnd = PL_strstr(entityStart, "}");
- if(entityEnd) {
- /* Put this item on the entity list */
- *entityEnd = '\0';
- entityItem = CreateTextItem(PL_strdup(entityStart),
- pairp->valueLine, pairp->valueLine);
- *entityEnd = '}';
- if(entityListTail) {
- entityListTail->next = entityItem;
- entityListTail = entityItem;
- } else {
- entityList = entityListTail = entityItem;
- }
- }
- }
- }
-
- }
-
- /* If no archive was supplied, we use the first one of the file */
- if(!archiveDir && firstArchiveDir) {
- archiveDir = PL_strdup(firstArchiveDir);
- }
-
- /* If we have an event handler, we need to archive this tag */
- if(hasEventHandler) {
- if(!id) {
- PR_fprintf(errorFD,
- "warning: tag starting at %s:%d has event handler but"
- " no ID attribute. The tag will not be signed.\n",
- filename, curitem->startLine);
- warningCount++;
- } else if(!archiveDir) {
- PR_fprintf(errorFD,
- "warning: tag starting at %s:%d has event handler but"
- " no ARCHIVE attribute. The tag will not be signed.\n",
- filename, curitem->startLine);
- warningCount++;
- } else {
- if(SaveInlineScript(tagp->text, id, basedir, archiveDir)) {
- goto loser;
- }
- }
- }
-
- switch(tagp->type) {
- case APPLET_TAG:
- if(!src) {
- PR_fprintf(errorFD,
- "error: APPLET tag starting on %s:%d has no CODE "
- "attribute.\n", filename, curitem->startLine);
- errorCount++;
- goto loser;
- } else if(!archiveDir) {
- PR_fprintf(errorFD,
- "error: APPLET tag starting on %s:%d has no ARCHIVE "
- "attribute.\n", filename, curitem->startLine);
- errorCount++;
- goto loser;
- } else {
- if(SaveSource(src, codebase, basedir, archiveDir)) {
- goto loser;
- }
- }
- break;
- case SCRIPT_TAG:
- case LINK_TAG:
- case STYLE_TAG:
- if(!archiveDir) {
- PR_fprintf(errorFD,
- "error: %s tag starting on %s:%d has no ARCHIVE "
- "attribute.\n", TagTypeToString(tagp->type),
- filename, curitem->startLine);
- errorCount++;
- goto loser;
- } else if(src) {
- if(SaveSource(src, codebase, basedir, archiveDir)) {
- goto loser;
- }
- } else if(id) {
- /* Save the next text item */
- if(!curitem->next || (curitem->next->type != TEXT_ITEM)) {
- PR_fprintf(errorFD,
- "warning: %s tag starting on %s:%d is not followed"
- " by script text.\n", TagTypeToString(tagp->type),
- filename, curitem->startLine);
- warningCount++;
- /* just create empty file */
- if(SaveInlineScript("", id, basedir, archiveDir)) {
- goto loser;
- }
- } else {
- curitem = curitem->next;
- if(SaveInlineScript(curitem->item.text, id, basedir,
- archiveDir)){
- goto loser;
- }
- }
- } else {
- /* No src or id tag--warning */
- PR_fprintf(errorFD,
- "warning: %s tag starting on %s:%d has no SRC or"
- " ID attributes. Will not sign.\n",
- TagTypeToString(tagp->type), filename, curitem->startLine);
- warningCount++;
- }
- break;
- default:
- /* do nothing for other tags */
- break;
- }
-
- }
-
- /* Now deal with all the unnamable scripts */
- if(firstArchiveDir) {
- HTMLItem *style, *entity;
-
- /* Go through the lists of JS entities and style attributes. Do them
- * in chronological order within a list. Pick the list with the lower
- * endLine. In case of a tie, entities come first.
- */
- style = styleList; entity = entityList;
- while(style || entity) {
- if(!entity || (style && (style->endLine < entity->endLine))) {
- /* Process style */
- SaveUnnamableScript(style->item.text, basedir, firstArchiveDir,
- filename);
- style=style->next;
- } else {
- /* Process entity */
- SaveUnnamableScript(entity->item.text, basedir, firstArchiveDir,
- filename);
- entity=entity->next;
- }
- }
- }
-
-
- retval = 0;
-loser:
- /* Blow away the stream */
- while(head) {
- curitem = head;
- head = head->next;
- DestroyHTMLItem(curitem);
- }
- while(styleList) {
- curitem = styleList;
- styleList = styleList->next;
- DestroyHTMLItem(curitem);
- }
- while(entityList) {
- curitem = entityList;
- entityList = entityList->next;
- DestroyHTMLItem(curitem);
- }
- if(text) {
- PR_Free(text); text=NULL;
- }
- if(fb) {
- FB_Destroy(fb); fb=NULL;
- }
- if(fd) {
- PR_Close(fd);
- }
- if(tagerr) {
- PR_smprintf_free(tagerr); tagerr=NULL;
- }
- if(archiveDir) {
- PR_Free(archiveDir); archiveDir=NULL;
- }
- if(firstArchiveDir) {
- PR_Free(firstArchiveDir); firstArchiveDir=NULL;
- }
- return retval;
-}
-
-/**********************************************************************
- *
- * e n s u r e E x i s t s
- *
- * Check for existence of indicated directory. If it doesn't exist,
- * it will be created.
- * Returns PR_SUCCESS if the directory is present, PR_FAILURE otherwise.
- */
-static PRStatus
-ensureExists (char *base, char *path)
-{
- char fn [FNSIZE];
- PRDir *dir;
- sprintf (fn, "%s/%s", base, path);
-
- /*PR_fprintf(outputFD, "Trying to open directory %s.\n", fn);*/
-
- if( (dir=PR_OpenDir(fn)) ) {
- PR_CloseDir(dir);
- return PR_SUCCESS;
- }
- return PR_MkDir(fn, 0777);
-}
-
-/***************************************************************************
- *
- * m a k e _ d i r s
- *
- * Ensure that the directory portion of the path exists. This may require
- * making the directory, and its parent, and its parent's parent, etc.
- */
-static int
-make_dirs(char *path, int file_perms)
-{
- char *Path;
- char *start;
- char *sep;
- int ret = 0;
- PRFileInfo info;
-
- if(!path) {
- return 0;
- }
-
- Path = PL_strdup(path);
- start = strpbrk(Path, "/\\");
- if(!start) {
- return 0;
- }
- start++; /* start right after first slash */
-
- /* Each time through the loop add one more directory. */
- while( (sep=strpbrk(start, "/\\")) ) {
- *sep = '\0';
-
- if( PR_GetFileInfo(Path, &info) != PR_SUCCESS) {
- /* No such dir, we have to create it */
- if( PR_MkDir(Path, file_perms) != PR_SUCCESS) {
- PR_fprintf(errorFD, "ERROR: Unable to create directory %s.\n",
- Path);
- errorCount++;
- ret = -1;
- goto loser;
- }
- } else {
- /* something exists by this name, make sure it's a directory */
- if( info.type != PR_FILE_DIRECTORY ) {
- PR_fprintf(errorFD, "ERROR: Unable to create directory %s.\n",
- Path);
- errorCount++;
- ret = -1;
- goto loser;
- }
- }
-
- start = sep+1; /* start after the next slash */
- *sep = '/';
- }
-
-loser:
- PR_Free(Path);
- return ret;
-}
-
-/*
- * c o p y i n t o
- *
- * Function to copy file "from" to path "to".
- *
- */
-static int
-copyinto (char *from, char *to)
-{
- PRInt32 num;
- char buf [BUFSIZ];
- PRFileDesc *infp=NULL, *outfp=NULL;
- int retval = -1;
-
- if ((infp = PR_Open(from, PR_RDONLY, 0777)) == NULL) {
- PR_fprintf(errorFD, "ERROR: Unable to open \"%s\" for reading.\n",
- from);
- errorCount++;
- goto finish;
- }
-
- /* If to already exists, print a warning before deleting it */
- if(PR_Access(to, PR_ACCESS_EXISTS) == PR_SUCCESS) {
- PR_fprintf(errorFD, "warning: %s already exists--will overwrite\n",
- to);
- warningCount++;
- if(rm_dash_r(to)) {
- PR_fprintf(errorFD,
- "ERROR: Unable to remove %s.\n", to);
- errorCount++;
- goto finish;
- }
- }
-
- if ((outfp = PR_Open(to, PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777))
- == NULL) {
- char *errBuf=NULL;
-
- errBuf = PR_Malloc(PR_GetErrorTextLength());
- PR_fprintf(errorFD, "ERROR: Unable to open \"%s\" for writing.\n",
- to);
- if(PR_GetErrorText(errBuf)) {
- PR_fprintf(errorFD, "Cause: %s\n", errBuf);
- }
- if(errBuf) {
- PR_Free(errBuf);
- }
- errorCount++;
- goto finish;
- }
-
- while( (num = PR_Read(infp, buf, BUFSIZ)) >0) {
- if(PR_Write(outfp, buf, num) != num) {
- PR_fprintf(errorFD, "ERROR: Error writing to %s.\n", to);
- errorCount++;
- goto finish;
- }
- }
-
- retval = 0;
-finish:
- if(infp) PR_Close(infp);
- if(outfp) PR_Close(outfp);
-
- return retval;
-}
diff --git a/security/nss/cmd/signtool/list.c b/security/nss/cmd/signtool/list.c
deleted file mode 100644
index 2e2d1d1ac..000000000
--- a/security/nss/cmd/signtool/list.c
+++ /dev/null
@@ -1,283 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "pk11func.h"
-#include "certdb.h"
-
-static int num_trav_certs = 0;
-static SECStatus cert_trav_callback(CERTCertificate *cert, SECItem *k,
- void *data);
-
-/*********************************************************************
- *
- * L i s t C e r t s
- */
-int
-ListCerts(char *key, int list_certs)
-{
- int failed = 0;
- SECStatus rv;
- char *ugly_list;
- CERTCertDBHandle *db;
-
- CERTCertificate *cert;
- CERTVerifyLog errlog;
-
- errlog.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if( errlog.arena == NULL) {
- out_of_memory();
- }
- errlog.head = NULL;
- errlog.tail = NULL;
- errlog.count = 0;
-
- ugly_list = PORT_ZAlloc (16);
-
- if (ugly_list == NULL) {
- out_of_memory();
- }
-
- *ugly_list = 0;
-
- db= CERT_GetDefaultCertDB();
-
- if (list_certs == 2) {
- PR_fprintf(outputFD, "\nS Certificates\n");
- PR_fprintf(outputFD, "- ------------\n");
- } else {
- PR_fprintf(outputFD, "\nObject signing certificates\n");
- PR_fprintf(outputFD, "---------------------------------------\n");
- }
-
- num_trav_certs = 0;
-
- /* Traverse non-internal DBs */
- rv = PK11_TraverseSlotCerts(cert_trav_callback, (void*)&list_certs,
- NULL /*wincx*/);
-
- if (rv) {
- PR_fprintf(outputFD, "**Traverse of non-internal DBs failed**\n");
- return -1;
- }
-
- if (num_trav_certs == 0) {
- PR_fprintf(outputFD,
- "You don't appear to have any object signing certificates.\n");
- }
-
- if (list_certs == 2) {
- PR_fprintf(outputFD, "- ------------\n");
- } else {
- PR_fprintf(outputFD, "---------------------------------------\n");
- }
-
- if (list_certs == 1) {
- PR_fprintf(outputFD,
- "For a list including CA's, use \"%s -L\"\n", PROGRAM_NAME);
- }
-
- if(list_certs == 2) {
- PR_fprintf(outputFD,
- "Certificates that can be used to sign objects have *'s to "
- "their left.\n");
- }
-
- if (key) {
- /* Do an analysis of the given cert */
-
- cert = PK11_FindCertFromNickname(key, NULL /*wincx*/);
-
- if (cert) {
- PR_fprintf(outputFD,
- "\nThe certificate with nickname \"%s\" was found:\n",
- cert->nickname);
- PR_fprintf(outputFD,
- "\tsubject name: %s\n", cert->subjectName);
- PR_fprintf(outputFD,
- "\tissuer name: %s\n", cert->issuerName);
-
- PR_fprintf(outputFD, "\n");
-
- rv = CERT_CertTimesValid (cert);
- if(rv != SECSuccess) {
- PR_fprintf(outputFD, "**This certificate is expired**\n");
- } else {
- PR_fprintf(outputFD, "This certificate is not expired.\n");
- }
-
- rv = CERT_VerifyCert (db, cert, PR_TRUE,
- certUsageObjectSigner, PR_Now(), NULL, &errlog);
-
- if (rv != SECSuccess) {
- failed = 1;
- if(errlog.count > 0) {
- PR_fprintf(outputFD,
- "**Certificate validation failed for the "
- "following reason(s):**\n");
- } else {
- PR_fprintf(outputFD, "**Certificate validation failed**");
- }
- } else {
- PR_fprintf(outputFD, "This certificate is valid.\n");
- }
- displayVerifyLog(&errlog);
-
-
- } else {
- failed = 1;
- PR_fprintf(outputFD,
- "The certificate with nickname \"%s\" was NOT FOUND\n",
- key);
- }
- }
-
- if(errlog.arena != NULL) {
- PORT_FreeArena(errlog.arena, PR_FALSE);
- }
-
- if (failed) {
- return -1;
- }
- return 0;
-}
-
-/********************************************************************
- *
- * c e r t _ t r a v _ c a l l b a c k
- */
-static SECStatus
-cert_trav_callback(CERTCertificate *cert, SECItem *k, void *data)
-{
- int isSigningCert;
- int list_certs = 1;
-
- char *name, *issuerCN, *expires;
- CERTCertificate *issuerCert = NULL;
-
- if(data) {
- list_certs = *((int*)data);
- }
-
- if (cert->nickname)
- {
- name = cert->nickname;
-
- isSigningCert = cert->nsCertType & NS_CERT_TYPE_OBJECT_SIGNING;
- issuerCert = CERT_FindCertIssuer (cert, PR_Now(), certUsageObjectSigner);
- issuerCN = CERT_GetCommonName (&cert->issuer);
-
- if (!isSigningCert && list_certs == 1)
- return (SECSuccess);
-
- /* Add this name or email to list */
-
- if (name)
- {
- int rv;
-
- num_trav_certs++;
- if(list_certs == 2) {
- PR_fprintf(outputFD, "%s ", isSigningCert ? "*" : " ");
- }
- PR_fprintf(outputFD, "%s\n", name);
-
- if (list_certs == 1)
- {
- if(issuerCert == NULL) {
- PR_fprintf(outputFD,
- "\t++ Error ++ Unable to find issuer certificate\n");
- return SECSuccess; /*function was a success even if cert is bogus*/
- }
- if (issuerCN == NULL)
- PR_fprintf(outputFD, " Issued by: %s\n", issuerCert->nickname);
- else
- PR_fprintf(outputFD,
- " Issued by: %s (%s)\n", issuerCert->nickname, issuerCN);
-
- expires = DER_UTCDayToAscii (&cert->validity.notAfter);
-
- if (expires)
- PR_fprintf(outputFD, " Expires: %s\n", expires);
-
- rv = CERT_CertTimesValid (cert);
-
- if (rv != SECSuccess)
- PR_fprintf(outputFD, " ++ Error ++ THIS CERTIFICATE IS EXPIRED\n");
-
- if (rv == SECSuccess)
- {
- rv = CERT_VerifyCertNow (cert->dbhandle, cert,
- PR_TRUE, certUsageObjectSigner, NULL);
-
- if (rv != SECSuccess)
- {
- rv = PORT_GetError();
- PR_fprintf(outputFD,
- " ++ Error ++ THIS CERTIFICATE IS NOT VALID (%s)\n",
- secErrorString(rv)); }
- }
-
- expires = DER_UTCDayToAscii (&issuerCert->validity.notAfter);
- if (expires == NULL) expires = "(unknown)";
-
- rv = CERT_CertTimesValid (issuerCert);
-
- if (rv != SECSuccess)
- PR_fprintf(outputFD,
- " ++ Error ++ ISSUER CERT \"%s\" EXPIRED ON %s\n",
- issuerCert->nickname, expires);
-
- if (rv == SECSuccess)
- {
- /*
- rv = CERT_VerifyCertNow (issuerCert->dbhandle, issuerCert,
- PR_TRUE, certUsageVerifyCA, NULL);
- */
- rv = CERT_VerifyCertNow (issuerCert->dbhandle, issuerCert,
- PR_TRUE, certUsageAnyCA, NULL);
-
- if (rv != SECSuccess)
- {
- rv = PORT_GetError();
- PR_fprintf(outputFD,
- " ++ Error ++ ISSUER CERT \"%s\" IS NOT VALID (%s)\n", issuerCert->nickname, secErrorString(rv));
- }
- }
- }
- }
- }
-
- return (SECSuccess);
-}
-
diff --git a/security/nss/cmd/signtool/manifest.mn b/security/nss/cmd/signtool/manifest.mn
deleted file mode 100644
index df226eebe..000000000
--- a/security/nss/cmd/signtool/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-EXPORTS =
-
-CSRCS = signtool.c \
- certgen.c \
- javascript.c \
- list.c \
- sign.c \
- util.c \
- verify.c \
- zip.c \
- $(NULL)
-
-PROGRAM = signtool
-
-REQUIRES = security dbm seccmd
-
-DEFINES += -DNSPR20
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/signtool/sign.c b/security/nss/cmd/signtool/sign.c
deleted file mode 100644
index c5fbcf168..000000000
--- a/security/nss/cmd/signtool/sign.c
+++ /dev/null
@@ -1,855 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "zip.h"
-#include "prmem.h"
-#include "blapi.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-
-static int create_pk7 (char *dir, char *keyName, int *keyType);
-static int jar_find_key_type (CERTCertificate *cert);
-static int manifesto (char *dirname, char *install_script, PRBool recurse);
-static int manifesto_fn(char *relpath, char *basedir, char *reldir,
- char *filename, void *arg);
-static int sign_all_arc_fn(char *relpath, char *basedir, char *reldir,
- char *filename, void *arg);
-static int add_meta (FILE *fp, char *name);
-static int SignFile (FILE *outFile, FILE *inFile, CERTCertificate *cert);
-static int generate_SF_file (char *manifile, char *who);
-static int calculate_MD5_range (FILE *fp, long r1, long r2, JAR_Digest *dig);
-static void SignOut (void *arg, const char *buf, unsigned long len);
-
-static char *metafile = NULL;
-static int optimize = 0;
-static FILE *mf;
-static ZIPfile *zipfile=NULL;
-
-/*
- * S i g n A r c h i v e
- *
- * Sign an individual archive tree. A directory
- * called META-INF is created underneath this.
- *
- */
-int
-SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
- char *meta_file, char *install_script, int _optimize, PRBool recurse)
-{
- int status;
- char tempfn [FNSIZE], fullfn [FNSIZE];
- int keyType = rsaKey;
-
- metafile = meta_file;
- optimize = _optimize;
-
- if(zip_file) {
- zipfile = JzipOpen(zip_file, NULL /*no comment*/);
- }
-
- manifesto (tree, install_script, recurse);
-
- if (keyName)
- {
- status = create_pk7 (tree, keyName, &keyType);
- if (status < 0)
- {
- PR_fprintf(errorFD, "the tree \"%s\" was NOT SUCCESSFULLY SIGNED\n", tree);
- errorCount++;
- exit (ERRX);
- }
- }
-
- /* mf to zip */
-
- strcpy (tempfn, "META-INF/manifest.mf");
- sprintf (fullfn, "%s/%s", tree, tempfn);
- JzipAdd(fullfn, tempfn, zipfile, compression_level);
-
- /* sf to zip */
-
- sprintf (tempfn, "META-INF/%s.sf", base);
- sprintf (fullfn, "%s/%s", tree, tempfn);
- JzipAdd(fullfn, tempfn, zipfile, compression_level);
-
- /* rsa/dsa to zip */
-
- sprintf (tempfn, "META-INF/%s.%s", base, (keyType==dsaKey ? "dsa" : "rsa"));
- sprintf (fullfn, "%s/%s", tree, tempfn);
- JzipAdd(fullfn, tempfn, zipfile, compression_level);
-
- JzipClose(zipfile);
-
- if(verbosity >= 0) {
- if (javascript) {
- PR_fprintf(outputFD,"jarfile \"%s\" signed successfully\n",
- zip_file);
- } else {
- PR_fprintf(outputFD, "tree \"%s\" signed successfully\n", tree);
- }
- }
-
- return 0;
-}
-
-typedef struct {
- char *keyName;
- int javascript;
- char *metafile;
- char *install_script;
- int optimize;
-} SignArcInfo;
-
-/*
- * S i g n A l l A r c
- *
- * Javascript may generate multiple .arc directories, one
- * for each jar archive needed. Sign them all.
- *
- */
-int
-SignAllArc(char *jartree, char *keyName, int javascript, char *metafile,
- char *install_script, int optimize, PRBool recurse)
-{
- SignArcInfo info;
-
- info.keyName = keyName;
- info.javascript = javascript;
- info.metafile = metafile;
- info.install_script = install_script;
- info.optimize = optimize;
-
- return foreach(jartree, "", sign_all_arc_fn, recurse,
- PR_TRUE /*include dirs*/, (void*)&info);
-}
-
-static int
-sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename,
- void *arg)
-{
- char *zipfile=NULL;
- char *arc=NULL, *archive=NULL;
- int retval=0;
- SignArcInfo *infop = (SignArcInfo*)arg;
-
- /* Make sure there is one and only one ".arc" in the relative path,
- * and that it is at the end of the path (don't sign .arcs within .arcs) */
- if ( (PL_strcaserstr(relpath, ".arc") == relpath + strlen(relpath) - 4) &&
- (PL_strcasestr(relpath, ".arc") == relpath + strlen(relpath) - 4) ) {
-
- if(!infop) {
- PR_fprintf(errorFD, "%s: Internal failure\n", PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto finish;
- }
- archive = PR_smprintf("%s/%s", basedir, relpath);
-
- zipfile = PL_strdup(archive);
- arc = PORT_Strrchr (zipfile, '.');
-
- if (arc == NULL) {
- PR_fprintf(errorFD, "%s: Internal failure\n", PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto finish;
- }
-
- PL_strcpy (arc, ".jar");
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "\nsigning: %s\n", zipfile);
- }
- retval = SignArchive(archive, infop->keyName, zipfile,
- infop->javascript, infop->metafile, infop->install_script,
- infop->optimize, PR_TRUE /* recurse */);
- }
-finish:
- if(archive) PR_Free(archive);
- if(zipfile) PR_Free(zipfile);
-
- return retval;
-}
-
-/*********************************************************************
- *
- * c r e a t e _ p k 7
- */
-static int
-create_pk7 (char *dir, char *keyName, int *keyType)
-{
- int status = 0;
- char *file_ext;
-
- CERTCertificate *cert;
- CERTCertDBHandle *db;
-
- FILE *in, *out;
-
- char sf_file [FNSIZE];
- char pk7_file [FNSIZE];
-
-
- /* open cert database */
- db = CERT_GetDefaultCertDB();
-
- if (db == NULL)
- return -1;
-
-
- /* find cert */
- /*cert = CERT_FindCertByNicknameOrEmailAddr(db, keyName);*/
- cert = PK11_FindCertFromNickname(keyName, NULL /*wincx*/);
-
- if (cert == NULL)
- {
- SECU_PrintError
- (
- PROGRAM_NAME,
- "the cert \"%s\" does not exist in the database",
- keyName
- );
- return -1;
- }
-
-
- /* determine the key type, which sets the extension for pkcs7 object */
-
- *keyType = jar_find_key_type (cert);
- file_ext = (*keyType == dsaKey) ? "dsa" : "rsa";
-
- sprintf (sf_file, "%s/META-INF/%s.sf", dir, base);
- sprintf (pk7_file, "%s/META-INF/%s.%s", dir, base, file_ext);
-
- if ((in = fopen (sf_file, "rb")) == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't open %s for reading\n", PROGRAM_NAME, sf_file);
- errorCount++;
- exit (ERRX);
- }
-
- if ((out = fopen (pk7_file, "wb")) == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't open %s for writing\n", PROGRAM_NAME, sf_file);
- errorCount++;
- exit (ERRX);
- }
-
- status = SignFile (out, in, cert);
-
- fclose (in);
- fclose (out);
-
- if (status)
- {
- PR_fprintf(errorFD, "%s: PROBLEM signing data (%s)\n",
- PROGRAM_NAME, SECU_ErrorString ((int16) PORT_GetError()));
- errorCount++;
- return -1;
- }
-
- return 0;
-}
-
-/*
- * j a r _ f i n d _ k e y _ t y p e
- *
- * Determine the key type for a given cert, which
- * should be rsaKey or dsaKey. Any error return 0.
- *
- */
-static int
-jar_find_key_type (CERTCertificate *cert)
-{
- PK11SlotInfo *slot = NULL;
- SECKEYPrivateKey *privk = NULL;
-
- /* determine its type */
- PK11_FindObjectForCert (cert, /*wincx*/ NULL, &slot);
-
- if (slot == NULL)
- {
- PR_fprintf(errorFD, "warning - can't find slot for this cert\n");
- warningCount++;
- return 0;
- }
-
- privk = PK11_FindPrivateKeyFromCert (slot, cert, /*wincx*/ NULL);
-
- if (privk == NULL)
- {
- PR_fprintf(errorFD, "warning - can't find private key for this cert\n");
- warningCount++;
- return 0;
- }
-
- return privk->keyType;
- }
-
-
-/*
- * m a n i f e s t o
- *
- * Run once for every subdirectory in which a
- * manifest is to be created -- usually exactly once.
- *
- */
-static int
-manifesto (char *dirname, char *install_script, PRBool recurse)
-{
- char metadir [FNSIZE], sfname [FNSIZE];
-
- /* Create the META-INF directory to hold signing info */
-
- if (PR_Access (dirname, PR_ACCESS_READ_OK))
- {
- PR_fprintf(errorFD, "%s: unable to read your directory: %s\n", PROGRAM_NAME,
- dirname);
- errorCount++;
- perror (dirname);
- exit (ERRX);
- }
-
- if (PR_Access (dirname, PR_ACCESS_WRITE_OK)) {
- PR_fprintf(errorFD, "%s: unable to write to your directory: %s\n",
- PROGRAM_NAME, dirname);
- errorCount++;
- perror(dirname);
- exit(ERRX);
- }
-
- sprintf (metadir, "%s/META-INF", dirname);
-
- strcpy (sfname, metadir);
-
- PR_MkDir (metadir, 0777);
-
- strcat (metadir, "/");
- strcat (metadir, MANIFEST);
-
- if ((mf = fopen (metadir, "wb")) == NULL)
- {
- perror (MANIFEST);
- PR_fprintf(errorFD, "%s: Probably, the directory you are trying to"
-
- " sign has\n", PROGRAM_NAME);
- PR_fprintf(errorFD, "%s: permissions problems or may not exist.\n",
- PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "Generating %s file..\n", metadir);
- }
-
- fprintf(mf, "Manifest-Version: 1.0\n");
- fprintf (mf, "Created-By: %s\n", CREATOR);
- fprintf (mf, "Comments: %s\n", BREAKAGE);
-
- if (scriptdir)
- {
- fprintf (mf, "Comments: --\n");
- fprintf (mf, "Comments: --\n");
- fprintf (mf, "Comments: -- This archive signs Javascripts which may not necessarily\n");
- fprintf (mf, "Comments: -- be included in the physical jar file.\n");
- fprintf (mf, "Comments: --\n");
- fprintf (mf, "Comments: --\n");
- }
-
- if (install_script)
- fprintf (mf, "Install-Script: %s\n", install_script);
-
- if (metafile)
- add_meta (mf, "+");
-
- /* Loop through all files & subdirectories */
- foreach (dirname, "", manifesto_fn, recurse, PR_FALSE /*include dirs */,
- (void*)NULL);
-
- fclose (mf);
-
- strcat (sfname, "/");
- strcat (sfname, base);
- strcat (sfname, ".sf");
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "Generating %s.sf file..\n", base);
- }
- generate_SF_file (metadir, sfname);
-
- return 0;
-}
-
-/*
- * m a n i f e s t o _ f n
- *
- * Called by pointer from manifesto(), once for
- * each file within the directory.
- *
- */
-static int manifesto_fn
- (char *relpath, char *basedir, char *reldir, char *filename, void *arg)
-{
- int use_js;
-
- JAR_Digest dig;
- char fullname [FNSIZE];
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "--> %s\n", relpath);
- }
-
- /* extension matching */
- if(extensionsGiven) {
- char *ext;
-
- ext = PL_strrchr(relpath, '.');
- if(!ext) {
- return 0;
- } else {
- if(!PL_HashTableLookup(extensions, ext)) {
- return 0;
- }
- }
- }
-
- sprintf (fullname, "%s/%s", basedir, relpath);
-
- fprintf (mf, "\n");
-
- use_js = 0;
-
- if (scriptdir && !PORT_Strcmp (scriptdir, reldir))
- use_js++;
-
- /* sign non-.js files inside .arc directories
- using the javascript magic */
-
- if ( (PL_strcaserstr(filename, ".js") != filename + strlen(filename) - 3)
- && (PL_strcaserstr(reldir, ".arc") == reldir + strlen(filename)-4))
- use_js++;
-
- if (use_js)
- {
- fprintf (mf, "Name: %s\n", filename);
- fprintf (mf, "Magic: javascript\n");
-
- if (optimize == 0)
- fprintf (mf, "javascript.id: %s\n", filename);
-
- if (metafile)
- add_meta (mf, filename);
- }
- else
- {
- fprintf (mf, "Name: %s\n", relpath);
- if (metafile)
- add_meta (mf, relpath);
- }
-
- JAR_digest_file (fullname, &dig);
-
-
- if (optimize == 0)
- {
- fprintf (mf, "Digest-Algorithms: MD5 SHA1\n");
- fprintf (mf, "MD5-Digest: %s\n", BTOA_DataToAscii (dig.md5, MD5_LENGTH));
- }
-
- fprintf (mf, "SHA1-Digest: %s\n", BTOA_DataToAscii (dig.sha1, SHA1_LENGTH));
-
- if(!use_js) {
- JzipAdd(fullname, relpath, zipfile, compression_level);
- }
-
- return 0;
-}
-
-/*
- * a d d _ m e t a
- *
- * Parse the metainfo file, and add any details
- * necessary to the manifest file. In most cases you
- * should be using the -i option (ie, for SmartUpdate).
- *
- */
-static int add_meta (FILE *fp, char *name)
-{
- FILE *met;
- char buf [BUFSIZ];
-
- int place;
- char *pattern, *meta;
-
- int num = 0;
-
- if ((met = fopen (metafile, "r")) != NULL)
- {
- while (fgets (buf, BUFSIZ, met))
- {
- char *s;
-
- for (s = buf; *s && *s != '\n' && *s != '\r'; s++);
- *s = 0;
-
- if (*buf == 0)
- continue;
-
- pattern = buf;
-
- /* skip to whitespace */
- for (s = buf; *s && *s != ' ' && *s != '\t'; s++);
-
- /* terminate pattern */
- if (*s == ' ' || *s == '\t') *s++ = 0;
-
- /* eat through whitespace */
- while (*s == ' ' || *s == '\t') s++;
-
- meta = s;
-
- /* this will eventually be regexp matching */
-
- place = 0;
- if (!PORT_Strcmp (pattern, name))
- place = 1;
-
- if (place)
- {
- num++;
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "[%s] %s\n", name, meta);
- }
- fprintf (fp, "%s\n", meta);
- }
- }
- fclose (met);
- }
- else
- {
- PR_fprintf(errorFD, "%s: can't open metafile: %s\n", PROGRAM_NAME, metafile);
- errorCount++;
- exit (ERRX);
- }
-
- return num;
-}
-
-/**********************************************************************
- *
- * S i g n F i l e
- */
-static int
-SignFile (FILE *outFile, FILE *inFile, CERTCertificate *cert)
-{
- int nb;
- char ibuf[4096], digestdata[32];
- const SECHashObject *hashObj;
- void *hashcx;
- unsigned int len;
-
- SECItem digest;
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- if (outFile == NULL || inFile == NULL || cert == NULL)
- return -1;
-
- /* XXX probably want to extend interface to allow other hash algorithms */
- hashObj = HASH_GetHashObject(HASH_AlgSHA1);
-
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return -1;
-
- (* hashObj->begin)(hashcx);
-
- for (;;)
- {
- if (feof(inFile)) break;
- nb = fread(ibuf, 1, sizeof(ibuf), inFile);
- if (nb == 0)
- {
- if (ferror(inFile))
- {
- PORT_SetError(SEC_ERROR_IO);
- (* hashObj->destroy)(hashcx, PR_TRUE);
- return -1;
- }
- /* eof */
- break;
- }
- (* hashObj->update)(hashcx, (unsigned char *) ibuf, nb);
- }
-
- (* hashObj->end)(hashcx, (unsigned char *) digestdata, &len, 32);
- (* hashObj->destroy)(hashcx, PR_TRUE);
-
- digest.data = (unsigned char *) digestdata;
- digest.len = len;
-
- cinfo = SEC_PKCS7CreateSignedData
- (cert, certUsageObjectSigner, NULL,
- SEC_OID_SHA1, &digest, NULL, NULL);
-
- if (cinfo == NULL)
- return -1;
-
- rv = SEC_PKCS7IncludeCertChain (cinfo, NULL);
- if (rv != SECSuccess)
- {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return -1;
- }
-
- if (no_time == 0)
- {
- rv = SEC_PKCS7AddSigningTime (cinfo);
- if (rv != SECSuccess)
- {
- /* don't check error */
- }
- }
-
- if(password) {
- rv = SEC_PKCS7Encode(cinfo, SignOut, outFile, NULL,
- (SECKEYGetPasswordKey) password_hardcode, NULL);
- } else {
- rv = SEC_PKCS7Encode(cinfo, SignOut, outFile, NULL, NULL,
- NULL);
- }
-
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- if (rv != SECSuccess)
- return -1;
-
- return 0;
-}
-
-/*
- * g e n e r a t e _ S F _ f i l e
- *
- * From the supplied manifest file, calculates
- * digests on the various sections, creating a .SF
- * file in the process.
- *
- */
-static int generate_SF_file (char *manifile, char *who)
-{
- FILE *sf;
- FILE *mf;
-
- long r1, r2, r3;
-
- char whofile [FNSIZE];
- char *buf, *name;
-
- JAR_Digest dig;
-
- int line = 0;
-
- strcpy (whofile, who);
-
- if ((mf = fopen (manifile, "rb")) == NULL)
- {
- perror (manifile);
- exit (ERRX);
- }
-
- if ((sf = fopen (whofile, "wb")) == NULL)
- {
- perror (who);
- exit (ERRX);
- }
-
- buf = (char *) PORT_ZAlloc (BUFSIZ);
-
- if (buf)
- name = (char *) PORT_ZAlloc (BUFSIZ);
-
- if (buf == NULL || name == NULL)
- out_of_memory();
-
- fprintf (sf, "Signature-Version: 1.0\n");
- fprintf (sf, "Created-By: %s\n", CREATOR);
- fprintf (sf, "Comments: %s\n", BREAKAGE);
-
- if (fgets (buf, BUFSIZ, mf) == NULL)
- {
- PR_fprintf(errorFD, "%s: empty manifest file!\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- if (strncmp (buf, "Manifest-Version:", 17))
- {
- PR_fprintf(errorFD, "%s: not a manifest file!\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- fseek (mf, 0L, SEEK_SET);
-
- /* Process blocks of headers, and calculate their hashen */
-
- while (1)
- {
- /* Beginning range */
- r1 = ftell (mf);
-
- if (fgets (name, BUFSIZ, mf) == NULL)
- break;
-
- line++;
-
- if (r1 != 0 && strncmp (name, "Name:", 5))
- {
- PR_fprintf(errorFD, "warning: unexpected input in manifest file \"%s\" at line %d:\n", manifile, line);
- PR_fprintf(errorFD, "%s\n", name);
- warningCount++;
- }
-
- while (fgets (buf, BUFSIZ, mf))
- {
- if (*buf == 0 || *buf == '\n' || *buf == '\r')
- break;
-
- line++;
-
- /* Ending range for hashing */
- r2 = ftell (mf);
- }
-
- r3 = ftell (mf);
-
- if (r1)
- {
- fprintf (sf, "\n");
- fprintf (sf, "%s", name);
- }
-
- calculate_MD5_range (mf, r1, r2, &dig);
-
- if (optimize == 0)
- {
- fprintf (sf, "Digest-Algorithms: MD5 SHA1\n");
- fprintf (sf, "MD5-Digest: %s\n",
- BTOA_DataToAscii (dig.md5, MD5_LENGTH));
- }
-
- fprintf (sf, "SHA1-Digest: %s\n",
- BTOA_DataToAscii (dig.sha1, SHA1_LENGTH));
-
- /* restore normalcy after changing offset position */
- fseek (mf, r3, SEEK_SET);
- }
-
- PORT_Free (buf);
- PORT_Free (name);
-
- fclose (sf);
- fclose (mf);
-
- return 0;
-}
-
-/*
- * c a l c u l a t e _ M D 5 _ r a n g e
- *
- * Calculate the MD5 digest on a range of bytes in
- * the specified fopen'd file. Returns base64.
- *
- */
-static int
-calculate_MD5_range (FILE *fp, long r1, long r2, JAR_Digest *dig)
-{
- int num;
- int range;
- unsigned char *buf;
-
- MD5Context *md5 = 0;
- SHA1Context *sha1 = 0;
-
- unsigned int sha1_length, md5_length;
-
- range = r2 - r1;
-
- /* position to the beginning of range */
- fseek (fp, r1, SEEK_SET);
-
- buf = (unsigned char *) PORT_ZAlloc (range);
- if (buf == NULL)
- out_of_memory();
-
- if ((num = fread (buf, 1, range, fp)) != range)
- {
- PR_fprintf(errorFD, "%s: expected %d bytes, got %d\n", PROGRAM_NAME,
- range, num);
- errorCount++;
- exit (ERRX);
- }
-
- md5 = MD5_NewContext();
- sha1 = SHA1_NewContext();
-
- if (md5 == NULL || sha1 == NULL)
- {
- PR_fprintf(errorFD, "%s: can't generate digest context\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- MD5_Begin (md5);
- SHA1_Begin (sha1);
-
- MD5_Update (md5, buf, range);
- SHA1_Update (sha1, buf, range);
-
- MD5_End (md5, dig->md5, &md5_length, MD5_LENGTH);
- SHA1_End (sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
-
- MD5_DestroyContext (md5, PR_TRUE);
- SHA1_DestroyContext (sha1, PR_TRUE);
-
- PORT_Free (buf);
-
- return 0;
-}
-
-static void SignOut (void *arg, const char *buf, unsigned long len)
-{
- fwrite (buf, len, 1, (FILE *) arg);
-}
diff --git a/security/nss/cmd/signtool/signtool.c b/security/nss/cmd/signtool/signtool.c
deleted file mode 100644
index 98b5b7e39..000000000
--- a/security/nss/cmd/signtool/signtool.c
+++ /dev/null
@@ -1,1034 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * SIGNTOOL
- *
- * A command line tool to create manifest files
- * from a directory hierarchy. It is assumed that
- * the tree will be equivalent to what resides
- * or will reside in an archive.
- *
- *
- */
-
-#include "signtool.h"
-#include <prmem.h>
-#include <prio.h>
-
-/***********************************************************************
- * Global Variable Definitions
- */
-char *progName; /* argv[0] */
-
-/* password on command line. Use for build testing only */
-char *password = NULL;
-
-/* directories or files to exclude in descent */
-PLHashTable *excludeDirs = NULL;
-static PRBool exclusionsGiven = PR_FALSE;
-
-/* zatharus is the man who knows no time, dies tragic death */
-int no_time = 0;
-
-/* -b basename of .rsa, .sf files */
-char *base = DEFAULT_BASE_NAME;
-
-/* Only sign files with this extension */
-PLHashTable *extensions=NULL;
-PRBool extensionsGiven = PR_FALSE;
-
-char *scriptdir = NULL;
-
-int verbosity = 0;
-
-PRFileDesc *outputFD=NULL, *errorFD=NULL;
-
-int errorCount=0, warningCount=0;
-
-int compression_level=DEFAULT_COMPRESSION_LEVEL;
-PRBool compression_level_specified = PR_FALSE;
-
-/* Command-line arguments */
-static char *genkey = NULL;
-static char *verify = NULL;
-static char *zipfile = NULL;
-static char *cert_dir = NULL;
-static int javascript = 0;
-static char *jartree = NULL;
-static char *keyName = NULL;
-static char *metafile = NULL;
-static char *install_script = NULL;
-static int list_certs = 0;
-static int list_modules = 0;
-static int optimize = 0;
-static char *tell_who = NULL;
-static char *outfile = NULL;
-static char *cmdFile = NULL;
-static PRBool noRecurse = PR_FALSE;
-static PRBool leaveArc = PR_FALSE;
-static int keySize = -1;
-static char *token = NULL;
-
-typedef enum {
- UNKNOWN_OPT,
- QUESTION_OPT,
- BASE_OPT,
- COMPRESSION_OPT,
- CERT_DIR_OPT,
- EXTENSION_OPT,
- INSTALL_SCRIPT_OPT,
- SCRIPTDIR_OPT,
- CERTNAME_OPT,
- LIST_OBJSIGN_CERTS_OPT,
- LIST_ALL_CERTS_OPT,
- METAFILE_OPT,
- OPTIMIZE_OPT,
- PASSWORD_OPT,
- VERIFY_OPT,
- WHO_OPT,
- EXCLUDE_OPT,
- NO_TIME_OPT,
- JAVASCRIPT_OPT,
- ZIPFILE_OPT,
- GENKEY_OPT,
- MODULES_OPT,
- NORECURSE_OPT,
- SIGNDIR_OPT,
- OUTFILE_OPT,
- COMMAND_FILE_OPT,
- LEAVE_ARC_OPT,
- VERBOSITY_OPT,
- KEYSIZE_OPT,
- TOKEN_OPT
-} OPT_TYPE;
-
-typedef enum {
- DUPLICATE_OPTION_ERR=0,
- OPTION_NEEDS_ARG_ERR
-} Error;
-
-static char *errStrings[] = {
-"warning: %s option specified more than once. Only last specification will be used.\n",
-"ERROR: option \"%s\" requires an argument.\n"
-};
-
-
-static int ProcessOneOpt(OPT_TYPE type, char *arg);
-
-/*********************************************************************
- *
- * P r o c e s s C o m m a n d F i l e
- */
-int
-ProcessCommandFile()
-{
- PRFileDesc *fd;
-#define CMD_FILE_BUFSIZE 1024
- char buf[CMD_FILE_BUFSIZE];
- char *equals;
- int linenum=0;
- int retval=-1;
- OPT_TYPE type;
-
- fd = PR_Open(cmdFile, PR_RDONLY, 0777);
- if(!fd) {
- PR_fprintf(errorFD, "ERROR: Unable to open command file %s.\n");
- errorCount++;
- return -1;
- }
-
- while(pr_fgets(buf, CMD_FILE_BUFSIZE, fd), buf && *buf!='\0') {
- char *eol;
- linenum++;
-
- /* Chop off final newline */
- eol = PL_strchr(buf, '\r');
- if(!eol) {
- eol = PL_strchr(buf, '\n');
- }
- if(eol) *eol = '\0';
-
- equals = PL_strchr(buf, '=');
- if(!equals) {
- continue;
- }
-
- *equals = '\0';
- equals++;
-
- /* Now buf points to the attribute, and equals points to the value. */
-
- /* This is pretty straightforward, just deal with whatever attribute
- * this is */
- if(!PL_strcasecmp(buf, "basename")) {
- type = BASE_OPT;
- } else if(!PL_strcasecmp(buf, "compression")) {
- type = COMPRESSION_OPT;
- } else if(!PL_strcasecmp(buf, "certdir")) {
- type = CERT_DIR_OPT;
- } else if(!PL_strcasecmp(buf, "extension")) {
- type = EXTENSION_OPT;
- } else if(!PL_strcasecmp(buf, "generate")) {
- type = GENKEY_OPT;
- } else if(!PL_strcasecmp(buf, "installScript")) {
- type = INSTALL_SCRIPT_OPT;
- } else if(!PL_strcasecmp(buf, "javascriptdir")) {
- type = SCRIPTDIR_OPT;
- } else if(!PL_strcasecmp(buf, "htmldir")) {
- type = JAVASCRIPT_OPT;
- if(jartree) {
- PR_fprintf(errorFD,
- "warning: directory to be signed specified more than once."
- " Only last specification will be used.\n");
- warningCount++;
- PR_Free(jartree); jartree=NULL;
- }
- jartree = PL_strdup(equals);
- } else if(!PL_strcasecmp(buf, "certname")) {
- type = CERTNAME_OPT;
- } else if(!PL_strcasecmp(buf, "signdir")) {
- type = SIGNDIR_OPT;
- } else if(!PL_strcasecmp(buf, "list")) {
- type = LIST_OBJSIGN_CERTS_OPT;
- } else if(!PL_strcasecmp(buf, "listall")) {
- type = LIST_ALL_CERTS_OPT;
- } else if(!PL_strcasecmp(buf, "metafile")) {
- type = METAFILE_OPT;
- } else if(!PL_strcasecmp(buf, "modules")) {
- type = MODULES_OPT;
- } else if(!PL_strcasecmp(buf, "optimize")) {
- type = OPTIMIZE_OPT;
- } else if(!PL_strcasecmp(buf, "password")) {
- type = PASSWORD_OPT;
- } else if(!PL_strcasecmp(buf, "verify")) {
- type = VERIFY_OPT;
- } else if(!PL_strcasecmp(buf, "who")) {
- type = WHO_OPT;
- } else if(!PL_strcasecmp(buf, "exclude")) {
- type = EXCLUDE_OPT;
- } else if(!PL_strcasecmp(buf, "notime")) {
- type = NO_TIME_OPT;
- } else if(!PL_strcasecmp(buf, "jarfile")) {
- type = ZIPFILE_OPT;
- } else if(!PL_strcasecmp(buf, "outfile")) {
- type = OUTFILE_OPT;
- } else if(!PL_strcasecmp(buf, "leavearc")) {
- type = LEAVE_ARC_OPT;
- } else if(!PL_strcasecmp(buf, "verbosity")) {
- type = VERBOSITY_OPT;
- } else if(!PL_strcasecmp(buf, "keysize")) {
- type = KEYSIZE_OPT;
- } else if(!PL_strcasecmp(buf, "token")) {
- type = TOKEN_OPT;
- } else {
- PR_fprintf(errorFD,
- "warning: unknown attribute \"%s\" in command file, line %d.\n",
- buf, linenum);
- warningCount++;
- type = UNKNOWN_OPT;
- }
-
- /* Process the option, whatever it is */
- if(type != UNKNOWN_OPT) {
- if(ProcessOneOpt(type, equals)==-1) {
- goto finish;
- }
- }
- }
-
- retval = 0;
-
-finish:
- PR_Close(fd);
- return retval;
-}
-
-/*********************************************************************
- *
- * p a r s e _ a r g s
- */
-static int
-parse_args(int argc, char *argv[])
-{
- char *opt;
- char *arg;
- int needsInc;
- int i;
- OPT_TYPE type;
-
- /* Loop over all arguments */
- for(i=1; i < argc; i++) {
- opt = argv[i];
- arg = NULL;
-
- if(opt[0] == '-') {
- if(opt[1] == '-') {
- /* word option */
- if(i < argc-1) {
- needsInc = 1;
- arg = argv[i+1];
- } else {
- needsInc = 0;
- arg = NULL;
- }
-
- if( !PL_strcasecmp(opt+2, "norecurse")) {
- type = NORECURSE_OPT;
- } else if( !PL_strcasecmp(opt+2, "leavearc")) {
- type = LEAVE_ARC_OPT;
- } else if( !PL_strcasecmp(opt+2, "verbosity")) {
- type = VERBOSITY_OPT;
- } else if( !PL_strcasecmp(opt+2, "outfile")) {
- type = OUTFILE_OPT;
- } else if( !PL_strcasecmp(opt+2, "keysize")) {
- type = KEYSIZE_OPT;
- } else if( !PL_strcasecmp(opt+2, "token")) {
- type = TOKEN_OPT;
- } else {
- PR_fprintf(errorFD, "warning: unknown option: %s\n", opt);
- warningCount++;
- type = UNKNOWN_OPT;
- }
- } else {
- /* char option */
- if(opt[2]!='\0') {
- needsInc = 0;
- arg = opt+2;
- } else if(i < argc-1) {
- needsInc = 1;
- arg = argv[i+1];
- } else {
- needsInc = 0;
- arg = NULL;
- }
-
- switch(opt[1]) {
- case '?':
- type = QUESTION_OPT;
- break;
- case 'b':
- type = BASE_OPT;
- break;
- case 'c':
- type = COMPRESSION_OPT;
- break;
- case 'd':
- type = CERT_DIR_OPT;
- break;
- case 'e':
- type = EXTENSION_OPT;
- break;
- case 'f':
- type = COMMAND_FILE_OPT;
- break;
- case 'i':
- type = INSTALL_SCRIPT_OPT;
- break;
- case 'j':
- type = SCRIPTDIR_OPT;
- break;
- case 'k':
- type = CERTNAME_OPT;
- break;
- case 'l':
- type = LIST_OBJSIGN_CERTS_OPT;
- break;
- case 'L':
- type = LIST_ALL_CERTS_OPT;
- break;
- case 'm':
- type = METAFILE_OPT;
- break;
- case 'o':
- type = OPTIMIZE_OPT;
- break;
- case 'p':
- type = PASSWORD_OPT;
- break;
- case 'v':
- type = VERIFY_OPT;
- break;
- case 'w':
- type = WHO_OPT;
- break;
- case 'x':
- type = EXCLUDE_OPT;
- break;
- case 'z':
- type = NO_TIME_OPT;
- break;
- case 'J':
- type = JAVASCRIPT_OPT;
- break;
- case 'Z':
- type = ZIPFILE_OPT;
- break;
- case 'G':
- type = GENKEY_OPT;
- break;
- case 'M':
- type = MODULES_OPT;
- break;
- case 's':
- type = KEYSIZE_OPT;
- break;
- case 't':
- type = TOKEN_OPT;
- break;
- default:
- type = UNKNOWN_OPT;
- PR_fprintf(errorFD, "warning: unrecognized option: -%c.\n",
- opt[1]);
- warningCount++;
- break;
- }
- }
- } else {
- if(i == argc-1) {
- type = UNKNOWN_OPT;
- if(jartree) {
- PR_fprintf(errorFD,
- "warning: directory to be signed specified more than once."
- " Only last specification will be used.\n");
- warningCount++;
- PR_Free(jartree); jartree = NULL;
- }
- jartree = PL_strdup(opt);
- } else {
- type = UNKNOWN_OPT;
- PR_fprintf(errorFD, "warning: unrecognized option: %s\n", opt);
- warningCount++;
- }
- }
-
- if(type != UNKNOWN_OPT) {
- short ateArg;
-
- ateArg = ProcessOneOpt(type, arg);
- if(ateArg==-1) {
- /* error */
- return -1;
- } else if(ateArg && needsInc) {
- i++;
- }
- }
- }
-
- return 0;
-}
-
-/*********************************************************************
- *
- * P r o c e s s O n e O p t
- *
- * Since options can come from different places (command file, word options,
- * char options), this is a central function that is called to deal with
- * them no matter where they come from.
- *
- * type is the type of option.
- * arg is the argument to the option, possibly NULL.
- * Returns 1 if the argument was eaten, 0 if it wasn't, and -1 for error.
- */
-static int
-ProcessOneOpt(OPT_TYPE type, char *arg)
-{
- int ate=0;
-
- switch(type) {
- case QUESTION_OPT:
- usage();
- break;
- case BASE_OPT:
- if(base) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-b");
- warningCount++;
- PR_Free(base); base=NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-b");
- errorCount++;
- goto loser;
- }
- base = PL_strdup(arg);
- ate = 1;
- break;
- case COMPRESSION_OPT:
- if(compression_level_specified) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-c");
- warningCount++;
- }
- if( !arg ) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-c");
- errorCount++;
- goto loser;
- }
- compression_level = atoi(arg);
- compression_level_specified = PR_TRUE;
- ate = 1;
- break;
- case CERT_DIR_OPT:
- if(cert_dir) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-d");
- warningCount++;
- PR_Free(cert_dir); cert_dir = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-d");
- errorCount++;
- goto loser;
- }
- cert_dir = PL_strdup(arg);
- ate = 1;
- break;
- case EXTENSION_OPT:
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "extension (-e)");
- errorCount++;
- goto loser;
- }
- PL_HashTableAdd(extensions, arg, arg);
- extensionsGiven = PR_TRUE;
- ate = 1;
- break;
- case INSTALL_SCRIPT_OPT:
- if(install_script) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "installScript (-i)");
- warningCount++;
- PR_Free(install_script); install_script = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "installScript (-i)");
- errorCount++;
- goto loser;
- }
- install_script = PL_strdup(arg);
- ate = 1;
- break;
- case SCRIPTDIR_OPT:
- if(scriptdir) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "javascriptdir (-j)");
- warningCount++;
- PR_Free(scriptdir); scriptdir = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "javascriptdir (-j)");
- errorCount++;
- goto loser;
- }
- scriptdir = PL_strdup(arg);
- ate = 1;
- break;
- case CERTNAME_OPT:
- if(keyName) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "keyName (-k)");
- warningCount++;
- PR_Free(keyName); keyName = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "keyName (-k)");
- errorCount++;
- goto loser;
- }
- keyName = PL_strdup(arg);
- ate = 1;
- break;
- case LIST_OBJSIGN_CERTS_OPT:
- case LIST_ALL_CERTS_OPT:
- if(list_certs != 0) {
- PR_fprintf(errorFD,
- "warning: only one of -l and -L may be specified.\n");
- warningCount++;
- }
- list_certs = (type==LIST_OBJSIGN_CERTS_OPT ? 1 : 2);
- break;
- case METAFILE_OPT:
- if(metafile) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "metafile (-m)");
- warningCount++;
- PR_Free(metafile); metafile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "metafile (-m)");
- errorCount++;
- goto loser;
- }
- metafile = PL_strdup(arg);
- ate = 1;
- break;
- case OPTIMIZE_OPT:
- optimize = 1;
- break;
- case PASSWORD_OPT:
- if(password) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "password (-p)");
- warningCount++;
- PR_Free(password); password= NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "password (-p)");
- errorCount++;
- goto loser;
- }
- password = PL_strdup(arg);
- ate = 1;
- break;
- case VERIFY_OPT:
- if(verify) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "verify (-v)");
- warningCount++;
- PR_Free(verify); verify = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "verify (-v)");
- errorCount++;
- goto loser;
- }
- verify = PL_strdup(arg);
- ate = 1;
- break;
- case WHO_OPT:
- if(tell_who) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "who (-v)");
- warningCount++;
- PR_Free(tell_who); tell_who = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "who (-w)");
- errorCount++;
- goto loser;
- }
- tell_who = PL_strdup(arg);
- ate = 1;
- break;
- case EXCLUDE_OPT:
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "exclude (-x)");
- errorCount++;
- goto loser;
- }
- PL_HashTableAdd(excludeDirs, arg, arg);
- exclusionsGiven = PR_TRUE;
- ate = 1;
- break;
- case NO_TIME_OPT:
- no_time = 1;
- break;
- case JAVASCRIPT_OPT:
- javascript++;
- break;
- case ZIPFILE_OPT:
- if(zipfile) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "jarfile (-Z)");
- warningCount++;
- PR_Free(zipfile); zipfile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "jarfile (-Z)");
- errorCount++;
- goto loser;
- }
- zipfile = PL_strdup(arg);
- ate = 1;
- break;
- case GENKEY_OPT:
- if(genkey) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "generate (-G)");
- warningCount++;
- PR_Free(zipfile); zipfile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "generate (-G)");
- errorCount++;
- goto loser;
- }
- genkey = PL_strdup(arg);
- ate = 1;
- break;
- case MODULES_OPT:
- list_modules++;
- break;
- case SIGNDIR_OPT:
- if(jartree) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "signdir");
- warningCount++;
- PR_Free(jartree); jartree = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "signdir");
- errorCount++;
- goto loser;
- }
- jartree = PL_strdup(arg);
- ate = 1;
- break;
- case OUTFILE_OPT:
- if(outfile) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR],
- "outfile");
- warningCount++;
- PR_Free(outfile); outfile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "outfile");
- errorCount++;
- goto loser;
- }
- outfile = PL_strdup(arg);
- ate = 1;
- break;
- case COMMAND_FILE_OPT:
- if(cmdFile) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-f");
- warningCount++;
- PR_Free(cmdFile); cmdFile = NULL;
- }
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-f");
- errorCount++;
- goto loser;
- }
- cmdFile = PL_strdup(arg);
- ate = 1;
- break;
- case NORECURSE_OPT:
- noRecurse = PR_TRUE;
- break;
- case LEAVE_ARC_OPT:
- leaveArc = PR_TRUE;
- break;
- case VERBOSITY_OPT:
- if(!arg) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR],
- "--verbosity");
- errorCount++;
- goto loser;
- }
- verbosity = atoi(arg);
- ate = 1;
- break;
- case KEYSIZE_OPT:
- if( keySize != -1 ) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-s");
- warningCount++;
- }
- keySize = atoi(arg);
- ate = 1;
- if( keySize < 1 || keySize > MAX_RSA_KEY_SIZE ) {
- PR_fprintf(errorFD, "Invalid key size: %d.\n", keySize);
- errorCount++;
- goto loser;
- }
- break;
- case TOKEN_OPT:
- if( token ) {
- PR_fprintf(errorFD, errStrings[DUPLICATE_OPTION_ERR], "-t");
- PR_Free(token); token = NULL;
- }
- if( ! arg ) {
- PR_fprintf(errorFD, errStrings[OPTION_NEEDS_ARG_ERR], "-t");
- errorCount++;
- goto loser;
- }
- token = PL_strdup(arg);
- ate = 1;
- break;
- default:
- PR_fprintf(errorFD, "warning: unknown option\n");
- warningCount++;
- break;
- }
-
- return ate;
-loser:
- return -1;
-}
-
-
-/*********************************************************************
- *
- * m a i n
- */
-int
-main(int argc, char *argv[])
-{
- PRBool readOnly;
- int retval=0;
-
- outputFD = PR_STDOUT;
- errorFD = PR_STDERR;
-
- progName = argv[0];
-
- if (argc < 2)
- {
- usage();
- }
-
- excludeDirs = PL_NewHashTable(10, PL_HashString, PL_CompareStrings,
- PL_CompareStrings, NULL, NULL);
- extensions = PL_NewHashTable(10, PL_HashString, PL_CompareStrings,
- PL_CompareStrings, NULL, NULL);
-
- if(parse_args(argc, argv)) {
- retval = -1;
- goto cleanup;
- }
-
- /* Parse the command file if one was given */
- if(cmdFile) {
- if(ProcessCommandFile()) {
- retval = -1;
- goto cleanup;
- }
- }
-
- /* Set up output redirection */
- if(outfile) {
- if(PR_Access(outfile, PR_ACCESS_EXISTS)==PR_SUCCESS) {
- /* delete the file if it is already present */
- PR_fprintf(errorFD,
- "warning: %s already exists and will be overwritten.\n",
- outfile);
- warningCount++;
- if(PR_Delete(outfile) != PR_SUCCESS) {
- PR_fprintf(errorFD, "ERROR: unable to delete %s.\n", outfile);
- errorCount++;
- exit(ERRX);
- }
- }
- outputFD = PR_Open(outfile,
- PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777);
- if(!outputFD) {
- PR_fprintf(errorFD, "ERROR: Unable to create %s.\n", outfile);
- errorCount++;
- exit(ERRX);
- }
- errorFD = outputFD;
- }
-
- /* This seems to be a fairly common user error */
-
- if (verify && list_certs > 0)
- {
- PR_fprintf (errorFD, "%s: Can't use -l and -v at the same time\n",
- PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- /* -J assumes -Z now */
-
- if (javascript && zipfile)
- {
- PR_fprintf (errorFD, "%s: Can't use -J and -Z at the same time\n",
- PROGRAM_NAME);
- PR_fprintf (errorFD, "%s: -J option will create the jar files for you\n",
- PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- /* Less common mixing of -L with various options */
-
- if (list_certs > 0 &&
- (tell_who || zipfile || javascript ||
- scriptdir || extensionsGiven || exclusionsGiven || install_script)) {
- PR_fprintf(errorFD, "%s: Can't use -l or -L with that option\n",
- PROGRAM_NAME);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
-
- if (!cert_dir)
- cert_dir = get_default_cert_dir();
-
- VerifyCertDir(cert_dir, keyName);
-
-
- if( compression_level < MIN_COMPRESSION_LEVEL ||
- compression_level > MAX_COMPRESSION_LEVEL) {
- PR_fprintf(errorFD, "Compression level must be between %d and %d.\n",
- MIN_COMPRESSION_LEVEL, MAX_COMPRESSION_LEVEL);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- if(jartree && !keyName) {
- PR_fprintf(errorFD, "You must specify a key with which to sign.\n");
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- readOnly = (genkey == NULL); /* only key generation requires write */
- if(InitCrypto(cert_dir, readOnly)) {
- PR_fprintf(errorFD, "ERROR: Cryptographic initialization failed.\n");
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- if (verify)
- {
- if (VerifyJar(verify))
- {
- errorCount++;
- retval = -1;
- goto cleanup;
- }
- }
- else if (list_certs)
- {
- if (ListCerts(keyName, list_certs))
- {
- errorCount++;
- retval = -1;
- goto cleanup;
- }
- }
- else if (list_modules)
- {
- JarListModules();
- }
- else if (genkey)
- {
- if (GenerateCert(genkey, keySize, token))
- {
- errorCount++;
- retval = -1;
- goto cleanup;
- }
- }
- else if (tell_who)
- {
- if (JarWho(tell_who))
- {
- errorCount++;
- retval = -1;
- goto cleanup;
- }
- }
- else if (javascript && jartree)
- {
- /* make sure directory exists */
- PRDir *dir;
- dir = PR_OpenDir(jartree);
- if(!dir) {
- PR_fprintf(errorFD, "ERROR: unable to open directory %s.\n", jartree);
- errorCount++;
- retval = -1;
- goto cleanup;
- } else {
- PR_CloseDir(dir);
- }
-
- /* undo junk from prior runs of signtool*/
- if(RemoveAllArc(jartree)) {
- PR_fprintf(errorFD, "Error removing archive directories under %s\n", jartree);
- errorCount++;
- retval = -1;
- goto cleanup;
- }
-
- /* traverse all the htm|html files in the directory */
- if(InlineJavaScript(jartree, !noRecurse)) {
- retval = -1;
- goto cleanup;
- }
-
- /* sign any resultant .arc directories created in above step */
- if(SignAllArc(jartree, keyName, javascript, metafile, install_script,
- optimize, !noRecurse)) {
- retval = -1;
- goto cleanup;
- }
-
- if(!leaveArc) {
- RemoveAllArc(jartree);
- }
-
- if(errorCount>0 || warningCount>0) {
- PR_fprintf(outputFD, "%d error%s, %d warning%s.\n", errorCount,
- errorCount==1?"":"s", warningCount, warningCount==1?"":"s");
- } else {
- PR_fprintf(outputFD, "Directory %s signed successfully.\n", jartree);
- }
- } else if (jartree)
- {
- SignArchive(jartree, keyName, zipfile, javascript, metafile,
- install_script, optimize, !noRecurse);
- }
- else
- usage();
-
-cleanup:
- if(extensions) {
- PL_HashTableDestroy(extensions); extensions = NULL;
- }
- if(excludeDirs) {
- PL_HashTableDestroy(excludeDirs); excludeDirs = NULL;
- }
- if(outputFD != PR_STDOUT) {
- PR_Close(outputFD);
- }
- rm_dash_r(TMP_OUTPUT);
- return retval;
-}
-
diff --git a/security/nss/cmd/signtool/signtool.h b/security/nss/cmd/signtool/signtool.h
deleted file mode 100644
index 741c4d6b9..000000000
--- a/security/nss/cmd/signtool/signtool.h
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef SIGNTOOL_H
-#define SIGNTOOL_H
-
-#define DJN_TEST
-
-#include <stdio.h>
-#include <string.h>
-
-#include "errno.h"
-#include "prprf.h"
-#include "prio.h"
-#include "secutil.h"
-#include "jar.h"
-#include "jarfile.h"
-#include "secpkcs7.h"
-#include "pk11func.h"
-#include "secmod.h"
-#include "plhash.h"
-
-#ifdef _UNIX
-#include <unistd.h>
-#endif
-
-/**********************************************************************
- * General Defines
- */
-#define JAR_BASE_END JAR_BASE + 100
-#define ERRX (-1) /* the exit code used on failure */
-#define FNSIZE 256 /* the maximum length for filenames */
-#define MAX_RSA_KEY_SIZE 4096
-#define DEFAULT_RSA_KEY_SIZE 1024
-#define MANIFEST "manifest.mf"
-#define DEFAULT_X509_BASENAME "x509"
-#define DEFAULT_COMMON_NAME "Signtool 1.3 Testing Certificate"
-#define CREATOR "Signtool (signtool 1.3)"
-#define BREAKAGE "PLEASE DO NOT EDIT THIS FILE. YOU WILL BREAK IT."
-#define MIN_COMPRESSION_LEVEL (-1)
-#define MAX_COMPRESSION_LEVEL 9
-#define DEFAULT_COMPRESSION_LEVEL (-1) /* zlib understands this to be default*/
-#define STDIN_BUF_SIZE 160
-#define PROGRAM_NAME "signtool"
-#define LONG_PROGRAM_NAME "Signing Tool"
-#define DEFAULT_BASE_NAME "zigbert"
-#define VERSION "1.3"
-#define TMP_OUTPUT "signtool.tmp"
-
-
-/***************************************************************
- * Main Task Functions
- */
-int GenerateCert(char *nickname, int keysize, char *token);
-int ListCerts(char *key, int list_certs);
-int VerifyJar(char *filename);
-int SignArchive(char *tree, char *keyName, char *zip_file, int javascript,
- char *meta_file, char *install_script, int _optimize, PRBool recurse);
-int SignAllArc(char *jartree, char *keyName, int javascript, char *metafile,
- char *install_script, int optimize, PRBool recurse);
-int InlineJavaScript(char *dir, PRBool recurse);
-int JarWho(char *filename);
-void JarListModules(void);
-
-/**************************************************************
- * Utility Functions
- */
-CERTCertDBHandle *OpenCertDB (PRBool readOnly);
-
-int RemoveAllArc(char *tree);
-void VerifyCertDir(char *dir, char *keyName);
-int InitCrypto(char *cert_dir, PRBool readOnly);
-int foreach (char *dirname, char *prefix,
- int (*fn)(char *filename, char *dirname, char *basedir,char *base,void*arg),
- PRBool recurse, PRBool includeDirs, void *arg);
-void print_error (int i);
-void give_help (int status);
-const char* secErrorString(long code);
-void displayVerifyLog(CERTVerifyLog *log);
-void usage (void);
-char* chop(char*);
-void out_of_memory(void);
-void FatalError(char *msg);
-char* get_default_cert_dir(void);
-SECItem *password_hardcode(void *arg, void *handle);
-char* pk11_password_hardcode(PK11SlotInfo *slot, PRBool retry, void *arg);
-int rm_dash_r(char *path);
-char* pr_fgets(char *buf, int size, PRFileDesc *file);
-
-
-/*****************************************************************
- * Global Variables (*gag*)
- */
-extern char *password; /* the password passed in on the command line */
-extern PLHashTable *excludeDirs; /* directory entry to skip while recursing */
-extern int no_time;
-extern char *base; /* basename of ".rsa" and ".sf" files */
-extern long *mozilla_event_queue;
-extern char *progName; /* argv[0] */
-extern PLHashTable *extensions;/* only sign files with this extension */
-extern PRBool extensionsGiven;
-extern char *scriptdir;
-extern int compression_level;
-extern PRFileDesc *outputFD, *errorFD;
-extern int verbosity;
-extern int errorCount;
-extern int warningCount;
-
-#endif /* SIGNTOOL_H */
diff --git a/security/nss/cmd/signtool/util.c b/security/nss/cmd/signtool/util.c
deleted file mode 100644
index 6d92bbba2..000000000
--- a/security/nss/cmd/signtool/util.c
+++ /dev/null
@@ -1,974 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "prio.h"
-#include "prmem.h"
-#include "nss.h"
-
-static int is_dir (char *filename);
-
-/***********************************************************
- * Nasty hackish function definitions
- */
-
-long *mozilla_event_queue = 0;
-
-#ifndef XP_WIN
-char *XP_GetString (int i)
-{
- return SECU_ErrorStringRaw ((int16) i);
-}
-#endif
-
-void FE_SetPasswordEnabled()
-{
-}
-
-void /*MWContext*/ *FE_GetInitContext (void)
-{
- return 0;
-}
-
-void /*MWContext*/ *XP_FindSomeContext()
-{
- /* No windows context in command tools */
- return NULL;
-}
-
-void ET_moz_CallFunction()
-{
-}
-
-
-/*
- * R e m o v e A l l A r c
- *
- * Remove .arc directories that are lingering
- * from a previous run of signtool.
- *
- */
-int
-RemoveAllArc(char *tree)
-{
- PRDir *dir;
- PRDirEntry *entry;
- char *archive=NULL;
- int retval = 0;
-
- dir = PR_OpenDir (tree);
- if (!dir) return -1;
-
- for (entry = PR_ReadDir (dir,0); entry; entry = PR_ReadDir (dir,0)) {
-
- if(entry->name[0] == '.') {
- continue;
- }
-
- if(archive) PR_Free(archive);
- archive = PR_smprintf("%s/%s", tree, entry->name);
-
- if (PL_strcaserstr (entry->name, ".arc")
- == (entry->name + strlen(entry->name) - 4) ) {
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "removing: %s\n", archive);
- }
-
- if(rm_dash_r(archive)) {
- PR_fprintf(errorFD, "Error removing %s\n", archive);
- errorCount++;
- retval = -1;
- goto finish;
- }
- } else if(is_dir(archive)) {
- if(RemoveAllArc(archive)) {
- retval = -1;
- goto finish;
- }
- }
- }
-
-finish:
- PR_CloseDir (dir);
- if(archive) PR_Free(archive);
-
- return retval;
-}
-
-/*
- * r m _ d a s h _ r
- *
- * Remove a file, or a directory recursively.
- *
- */
-int rm_dash_r (char *path)
-{
- PRDir *dir;
- PRDirEntry *entry;
- PRFileInfo fileinfo;
- char filename[FNSIZE];
-
- if(PR_GetFileInfo(path, &fileinfo) != PR_SUCCESS) {
- /*fprintf(stderr, "Error: Unable to access %s\n", filename);*/
- return -1;
- }
- if(fileinfo.type == PR_FILE_DIRECTORY) {
-
- dir = PR_OpenDir(path);
- if(!dir) {
- PR_fprintf(errorFD, "Error: Unable to open directory %s.\n", path);
- errorCount++;
- return -1;
- }
-
- /* Recursively delete all entries in the directory */
- while((entry = PR_ReadDir(dir, PR_SKIP_BOTH)) != NULL) {
- sprintf(filename, "%s/%s", path, entry->name);
- if(rm_dash_r(filename)) return -1;
- }
-
- if(PR_CloseDir(dir) != PR_SUCCESS) {
- PR_fprintf(errorFD, "Error: Could not close %s.\n", path);
- errorCount++;
- return -1;
- }
-
- /* Delete the directory itself */
- if(PR_RmDir(path) != PR_SUCCESS) {
- PR_fprintf(errorFD, "Error: Unable to delete %s\n", path);
- errorCount++;
- return -1;
- }
- } else {
- if(PR_Delete(path) != PR_SUCCESS) {
- PR_fprintf(errorFD, "Error: Unable to delete %s\n", path);
- errorCount++;
- return -1;
- }
- }
- return 0;
-}
-
-/*
- * u s a g e
- *
- * Print some useful help information
- *
- */
-void
-usage (void)
-{
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s %s - a signing tool for jar files\n", LONG_PROGRAM_NAME, VERSION);
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "Usage: %s [options] directory-tree \n\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " -b\"basename\"\t\tbasename of .sf, .rsa files for signing\n");
- PR_fprintf(outputFD, " -c#\t\t\t\tCompression level, 0-9, 0=none\n");
- PR_fprintf(outputFD, " -d\"certificate directory\"\tcontains cert*.db and key*.db\n");
- PR_fprintf(outputFD, " -e\".ext\"\t\t\tsign only files with this extension\n");
- PR_fprintf(outputFD, " -f\"filename\"\t\t\tread commands from file\n");
- PR_fprintf(outputFD, " -G\"nickname\"\t\tcreate object-signing cert with this nickname\n");
- PR_fprintf(outputFD, " -i\"installer script\"\tassign installer javascript\n");
- PR_fprintf(outputFD, " -j\"javascript directory\"\tsign javascript files in this subtree\n");
- PR_fprintf(outputFD, " -J\t\t\t\tdirectory contains HTML files. Javascript will\n"
- "\t\t\t\tbe extracted and signed.\n");
- PR_fprintf(outputFD, " -k\"cert nickname\"\t\tsign with this certificate\n");
- PR_fprintf(outputFD, " --leavearc\t\t\tdo not delete .arc directories created\n"
- "\t\t\t\tby -J option\n");
- PR_fprintf(outputFD, " -m\"metafile\"\t\tinclude custom meta-information\n");
- PR_fprintf(outputFD, " --norecurse\t\t\tdo not operate on subdirectories\n");
- PR_fprintf(outputFD, " -o\t\t\t\toptimize - omit optional headers\n");
- PR_fprintf(outputFD, " --outfile \"filename\"\tredirect output to file\n");
- PR_fprintf(outputFD, " -p\"password\"\t\tfor password on command line (insecure)\n");
- PR_fprintf(outputFD, " -s keysize\t\t\tkeysize in bits of generated cert\n");
- PR_fprintf(outputFD, " -t token\t\t\tname of token on which to generate cert\n");
- PR_fprintf(outputFD, " --verbosity #\t\tSet amount of debugging information to generate.\n"
- "\t\t\t\tLower number means less output, 0 is default.\n");
- PR_fprintf(outputFD, " -x\"name\"\t\t\tdirectory or filename to exclude\n");
- PR_fprintf(outputFD, " -z\t\t\t\tomit signing time from signature\n");
- PR_fprintf(outputFD, " -Z\"jarfile\"\t\t\tcreate JAR file with the given name.\n"
- "\t\t\t\t(Default compression level is 6.)\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -l\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " lists the signing certificates in your database\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -L\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " lists all certificates in your database, marks object-signing certificates\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -M\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " lists the PKCS #11 modules available to %s\n", PROGRAM_NAME);
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -v file.jar\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " show the contents of the specified jar file\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%s -w file.jar\n", PROGRAM_NAME);
- PR_fprintf(outputFD, " if valid, tries to tell you who signed the jar file\n");
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "For more details, visit\n");
- PR_fprintf(outputFD,
-" http://developer.netscape.com/library/documentation/signedobj/signtool/\n");
-
- exit (ERRX);
-}
-
-/*
- * p r i n t _ e r r o r
- *
- * For the undocumented -E function. If an older version
- * of communicator gives you a numeric error, we can see what
- * really happened without doing hex math.
- *
- */
-
-void
-print_error (int err)
-{
- PR_fprintf(errorFD, "Error %d: %s\n", err, JAR_get_error (err));
- errorCount++;
- give_help (err);
-}
-
-/*
- * o u t _ o f _ m e m o r y
- *
- * Out of memory, exit Signtool.
- *
- */
-void
-out_of_memory (void)
-{
- PR_fprintf(errorFD, "%s: out of memory\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
-}
-
-/*
- * V e r i f y C e r t D i r
- *
- * Validate that the specified directory
- * contains a certificate database
- *
- */
-void
-VerifyCertDir(char *dir, char *keyName)
-{
- char fn [FNSIZE];
-
- sprintf (fn, "%s/cert7.db", dir);
-
- if (PR_Access (fn, PR_ACCESS_EXISTS))
- {
- PR_fprintf(errorFD, "%s: No certificate database in \"%s\"\n", PROGRAM_NAME,
- dir);
- PR_fprintf(errorFD, "%s: Check the -d arguments that you gave\n",
- PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "using certificate directory: %s\n", dir);
- }
-
- if (keyName == NULL)
- return;
-
- /* if the user gave the -k key argument, verify that
- a key database already exists */
-
- sprintf (fn, "%s/key3.db", dir);
-
- if (PR_Access (fn, PR_ACCESS_EXISTS))
- {
- PR_fprintf(errorFD, "%s: No private key database in \"%s\"\n", PROGRAM_NAME,
- dir);
- PR_fprintf(errorFD, "%s: Check the -d arguments that you gave\n",
- PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-}
-
-/*
- * f o r e a c h
- *
- * A recursive function to loop through all names in
- * the specified directory, as well as all subdirectories.
- *
- * FIX: Need to see if all platforms allow multiple
- * opendir's to be called.
- *
- */
-
-int
-foreach(char *dirname, char *prefix,
- int (*fn)(char *relpath, char *basedir, char *reldir, char *filename,
- void* arg),
- PRBool recurse, PRBool includeDirs, void *arg) {
- char newdir [FNSIZE];
- int retval = 0;
-
- PRDir *dir;
- PRDirEntry *entry;
-
- strcpy (newdir, dirname);
- if (*prefix) {
- strcat (newdir, "/");
- strcat (newdir, prefix);
- }
-
- dir = PR_OpenDir (newdir);
- if (!dir) return -1;
-
- for (entry = PR_ReadDir (dir,0); entry; entry = PR_ReadDir (dir,0)) {
- if ( strcmp(entry->name, ".")==0 ||
- strcmp(entry->name, "..")==0 )
- {
- /* no infinite recursion, please */
- continue;
- }
-
- /* can't sign self */
- if (!strcmp (entry->name, "META-INF"))
- continue;
-
- /* -x option */
- if (PL_HashTableLookup(excludeDirs, entry->name))
- continue;
-
- strcpy (newdir, dirname);
- if (*dirname)
- strcat (newdir, "/");
-
- if (*prefix) {
- strcat (newdir, prefix);
- strcat (newdir, "/");
- }
- strcat (newdir, entry->name);
-
- if(!is_dir(newdir) || includeDirs) {
- char newpath [FNSIZE];
-
- strcpy (newpath, prefix);
- if (*newpath)
- strcat (newpath, "/");
- strcat (newpath, entry->name);
-
- if( (*fn) (newpath, dirname, prefix, (char *) entry->name, arg)) {
- retval = -1;
- break;
- }
- }
-
- if (is_dir (newdir)) {
- if(recurse) {
- char newprefix [FNSIZE];
-
- strcpy (newprefix, prefix);
- if (*newprefix) {
- strcat (newprefix, "/");
- }
- strcat (newprefix, entry->name);
-
- if(foreach (dirname, newprefix, fn, recurse, includeDirs,arg)) {
- retval = -1;
- break;
- }
- }
- }
-
- }
-
- PR_CloseDir (dir);
-
- return retval;
-}
-
-/*
- * i s _ d i r
- *
- * Return 1 if file is a directory.
- * Wonder if this runs on a mac, trust not.
- *
- */
-static int is_dir (char *filename)
-{
- PRFileInfo finfo;
-
- if( PR_GetFileInfo(filename, &finfo) != PR_SUCCESS ) {
- printf("Unable to get information about %s\n", filename);
- return 0;
- }
-
- return ( finfo.type == PR_FILE_DIRECTORY );
-}
-
-/*
- * p a s s w o r d _ h a r d c o d e
- *
- * A function to use the password passed in the -p(password) argument
- * of the command line. This is only to be used for build & testing purposes,
- * as it's extraordinarily insecure.
- *
- * After use once, null it out otherwise PKCS11 calls us forever.
- *
- */
-SECItem *
-password_hardcode(void *arg, void *handle)
-{
- SECItem *pw = NULL;
- if (password) {
- pw = SECITEM_AllocItem(NULL, NULL, PL_strlen(password));
- pw->data = (unsigned char *)PL_strdup(password);
- password = NULL;
- }
- return pw;
-}
-
-char *
-pk11_password_hardcode(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char *pw;
- pw = password ? PORT_Strdup (password) : NULL;
- /* XXX don't do this, or FIPS won't work */
- /*password = NULL;*/
- return pw;
-}
-
-/************************************************************************
- *
- * c e r t D B N a m e C a l l b a c k
- */
-static char *
-certDBNameCallback(void *arg, int dbVersion)
-{
- char *fnarg;
- char *dir;
- char *filename;
-
- dir = SECU_ConfigDirectory (NULL);
-
- switch ( dbVersion ) {
- case 7:
- fnarg = "7";
- break;
- case 6:
- fnarg = "6";
- break;
- case 5:
- fnarg = "5";
- break;
- case 4:
- default:
- fnarg = "";
- break;
- }
- filename = PR_smprintf("%s/cert%s.db", dir, fnarg);
- return(filename);
-}
-
-/***************************************************************
- *
- * s e c E r r o r S t r i n g
- *
- * Returns an error string corresponding to the given error code.
- * Doesn't cover all errors; returns a default for many.
- * Returned string is only valid until the next call of this function.
- */
-const char*
-secErrorString(long code)
-{
- static char errstring[80]; /* dynamically constructed error string */
- char *c; /* the returned string */
-
- switch(code) {
- case SEC_ERROR_IO: c = "io error";
- break;
- case SEC_ERROR_LIBRARY_FAILURE: c = "security library failure";
- break;
- case SEC_ERROR_BAD_DATA: c = "bad data";
- break;
- case SEC_ERROR_OUTPUT_LEN: c = "output length";
- break;
- case SEC_ERROR_INPUT_LEN: c = "input length";
- break;
- case SEC_ERROR_INVALID_ARGS: c = "invalid args";
- break;
- case SEC_ERROR_EXPIRED_CERTIFICATE: c = "expired certificate";
- break;
- case SEC_ERROR_REVOKED_CERTIFICATE: c = "revoked certificate";
- break;
- case SEC_ERROR_INADEQUATE_KEY_USAGE: c = "inadequate key usage";
- break;
- case SEC_ERROR_INADEQUATE_CERT_TYPE: c = "inadequate certificate type";
- break;
- case SEC_ERROR_UNTRUSTED_CERT: c = "untrusted cert";
- break;
- case SEC_ERROR_NO_KRL: c = "no key revocation list";
- break;
- case SEC_ERROR_KRL_BAD_SIGNATURE: c = "key revocation list: bad signature";
- break;
- case SEC_ERROR_KRL_EXPIRED: c = "key revocation list expired";
- break;
- case SEC_ERROR_REVOKED_KEY: c = "revoked key";
- break;
- case SEC_ERROR_CRL_BAD_SIGNATURE:
- c = "certificate revocation list: bad signature";
- break;
- case SEC_ERROR_CRL_EXPIRED: c = "certificate revocation list expired";
- break;
- case SEC_ERROR_CRL_NOT_YET_VALID:
- c = "certificate revocation list not yet valid";
- break;
- case SEC_ERROR_UNKNOWN_ISSUER: c = "unknown issuer";
- break;
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE: c = "expired issuer certificate";
- break;
- case SEC_ERROR_BAD_SIGNATURE: c = "bad signature";
- break;
- case SEC_ERROR_BAD_KEY: c = "bad key";
- break;
- case SEC_ERROR_NOT_FORTEZZA_ISSUER: c = "not fortezza issuer";
- break;
- case SEC_ERROR_CA_CERT_INVALID:
- c = "Certificate Authority certificate invalid";
- break;
- case SEC_ERROR_EXTENSION_NOT_FOUND: c = "extension not found";
- break;
- case SEC_ERROR_CERT_NOT_IN_NAME_SPACE: c = "certificate not in name space";
- break;
- case SEC_ERROR_UNTRUSTED_ISSUER: c = "untrusted issuer";
- break;
- default:
- sprintf(errstring, "security error %ld", code);
- c = errstring;
- break;
- }
-
- return c;
-}
-
-/***************************************************************
- *
- * d i s p l a y V e r i f y L o g
- *
- * Prints the log of a cert verification.
- */
-void
-displayVerifyLog(CERTVerifyLog *log)
-{
- CERTVerifyLogNode *node;
- CERTCertificate *cert;
- char *name;
-
- if( !log || (log->count <= 0) ) {
- return;
- }
-
- for(node = log->head; node != NULL; node = node->next) {
-
- if( !(cert = node->cert) ) {
- continue;
- }
-
- /* Get a name for this cert */
- if(cert->nickname != NULL) {
- name = cert->nickname;
- } else if(cert->emailAddr != NULL) {
- name = cert->emailAddr;
- } else {
- name = cert->subjectName;
- }
-
- printf( "%s%s:\n",
- name,
- (node->depth > 0) ? " [Certificate Authority]" : ""
- );
-
- printf("\t%s\n", secErrorString(node->error));
-
- }
-}
-/*
- * J a r L i s t M o d u l e s
- *
- * Print a list of the PKCS11 modules that are
- * available. This is useful for smartcard people to
- * make sure they have the drivers loaded.
- *
- */
-void
-JarListModules(void)
-{
- int i;
- int count = 0;
-
- SECMODModuleList *modules = NULL;
- static SECMODListLock *moduleLock = NULL;
-
- SECMODModuleList *mlp;
-
- modules = SECMOD_GetDefaultModuleList();
-
- if (modules == NULL)
- {
- PR_fprintf(errorFD, "%s: Can't get module list\n", PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- if ((moduleLock = SECMOD_NewListLock()) == NULL)
- {
- /* this is the wrong text */
- PR_fprintf(errorFD, "%s: unable to acquire lock on module list\n",
- PROGRAM_NAME);
- errorCount++;
- exit (ERRX);
- }
-
- SECMOD_GetReadLock (moduleLock);
-
- PR_fprintf(outputFD, "\nListing of PKCS11 modules\n");
- PR_fprintf(outputFD, "-----------------------------------------------\n");
-
- for (mlp = modules; mlp != NULL; mlp = mlp->next)
- {
- count++;
- PR_fprintf(outputFD, "%3d. %s\n", count, mlp->module->commonName);
-
- if (mlp->module->internal)
- PR_fprintf(outputFD, " (this module is internally loaded)\n");
- else
- PR_fprintf(outputFD, " (this is an external module)\n");
-
- if (mlp->module->dllName)
- PR_fprintf(outputFD, " DLL name: %s\n", mlp->module->dllName);
-
- if (mlp->module->slotCount == 0)
- PR_fprintf(outputFD, " slots: There are no slots attached to this module\n");
- else
- PR_fprintf(outputFD, " slots: %d slots attached\n", mlp->module->slotCount);
-
- if (mlp->module->loaded == 0)
- PR_fprintf(outputFD, " status: Not loaded\n");
- else
- PR_fprintf(outputFD, " status: loaded\n");
-
- for (i = 0; i < mlp->module->slotCount; i++)
- {
- PK11SlotInfo *slot = mlp->module->slots[i];
-
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, " slot: %s\n", PK11_GetSlotName(slot));
- PR_fprintf(outputFD, " token: %s\n", PK11_GetTokenName(slot));
- }
- }
-
- PR_fprintf(outputFD, "-----------------------------------------------\n");
-
- if (count == 0)
- PR_fprintf(outputFD,
- "Warning: no modules were found (should have at least one)\n");
-
- SECMOD_ReleaseReadLock (moduleLock);
-}
-
-/**********************************************************************
- * c h o p
- *
- * Eliminates leading and trailing whitespace. Returns a pointer to the
- * beginning of non-whitespace, or an empty string if it's all whitespace.
- */
-char*
-chop(char *str)
-{
- char *start, *end;
-
- if(str) {
- start = str;
-
- /* Nip leading whitespace */
- while(isspace(*start)) {
- start++;
- }
-
- /* Nip trailing whitespace */
- if(strlen(start) > 0) {
- end = start + strlen(start) - 1;
- while(isspace(*end) && end > start) {
- end--;
- }
- *(end+1) = '\0';
- }
-
- return start;
- } else {
- return NULL;
- }
-}
-
-/***********************************************************************
- *
- * F a t a l E r r o r
- *
- * Outputs an error message and bails out of the program.
- */
-void
-FatalError(char *msg)
-{
- if(!msg) msg = "";
-
- PR_fprintf(errorFD, "FATAL ERROR: %s\n", msg);
- errorCount++;
- exit(ERRX);
-}
-
-/*************************************************************************
- *
- * I n i t C r y p t o
- */
-int
-InitCrypto(char *cert_dir, PRBool readOnly)
-{
- SECStatus rv;
- static int prior = 0;
- PK11SlotInfo *slotinfo;
-
- CERTCertDBHandle *db;
-
- if (prior == 0) {
- /* some functions such as OpenKeyDB expect this path to be
- * implicitly set prior to calling */
- if (readOnly) {
- rv = NSS_Init(cert_dir);
- } else {
- rv = NSS_InitReadWrite(cert_dir);
- }
- if (rv != SECSuccess) {
- SECU_PrintPRandOSError(PROGRAM_NAME);
- exit(-1);
- }
-
- SECU_ConfigDirectory (cert_dir);
-
- /* Been there done that */
- prior++;
-
- if(password) {
- PK11_SetPasswordFunc(pk11_password_hardcode);
- }
-
- /* Must login to FIPS before you do anything else */
- if(PK11_IsFIPS()) {
- slotinfo = PK11_GetInternalSlot();
- if(!slotinfo) {
- fprintf(stderr, "%s: Unable to get PKCS #11 Internal Slot."
- "\n", PROGRAM_NAME);
- return -1;
- }
- if(PK11_Authenticate(slotinfo, PR_FALSE /*loadCerts*/,
- NULL /*wincx*/) != SECSuccess) {
- fprintf(stderr, "%s: Unable to authenticate to %s.\n",
- PROGRAM_NAME, PK11_GetSlotName(slotinfo));
- return -1;
- }
- }
-
- /* Make sure there is a password set on the internal key slot */
- slotinfo = PK11_GetInternalKeySlot();
- if(!slotinfo) {
- fprintf(stderr, "%s: Unable to get PKCS #11 Internal Key Slot."
- "\n", PROGRAM_NAME);
- return -1;
- }
- if(PK11_NeedUserInit(slotinfo)) {
- PR_fprintf(errorFD,
-"\nWARNING: No password set on internal key database. Most operations will fail."
-"\nYou must use Communicator to create a password.\n");
- warningCount++;
- }
-
- /* Make sure we can authenticate to the key slot in FIPS mode */
- if(PK11_IsFIPS()) {
- if(PK11_Authenticate(slotinfo, PR_FALSE /*loadCerts*/,
- NULL /*wincx*/) != SECSuccess) {
- fprintf(stderr, "%s: Unable to authenticate to %s.\n",
- PROGRAM_NAME, PK11_GetSlotName(slotinfo));
- return -1;
- }
- }
- }
-
- return 0;
-}
-
-/* Windows foolishness is now in the secutil lib */
-
-/*****************************************************************
- * g e t _ d e f a u l t _ c e r t _ d i r
- *
- * Attempt to locate a certificate directory.
- * Failing that, complain that the user needs to
- * use the -d(irectory) parameter.
- *
- */
-char *get_default_cert_dir (void)
-{
- char *home;
-
- char *cd = NULL;
- static char db [FNSIZE];
-
-#ifdef XP_UNIX
- home = getenv ("HOME");
-
- if (home && *home)
- {
- sprintf (db, "%s/.netscape", home);
- cd = db;
- }
-#endif
-
-#ifdef XP_PC
- FILE *fp;
-
- /* first check the environment override */
-
- home = getenv ("JAR_HOME");
-
- if (home && *home)
- {
- sprintf (db, "%s/cert7.db", home);
-
- if ((fp = fopen (db, "r")) != NULL)
- {
- fclose (fp);
- cd = home;
- }
- }
-
- /* try the old navigator directory */
-
- if (cd == NULL)
- {
- home = "c:/Program Files/Netscape/Navigator";
-
- sprintf (db, "%s/cert7.db", home);
-
- if ((fp = fopen (db, "r")) != NULL)
- {
- fclose (fp);
- cd = home;
- }
- }
-
- /* Try the current directory, I wonder if this
- is really a good idea. Remember, Windows only.. */
-
- if (cd == NULL)
- {
- home = ".";
-
- sprintf (db, "%s/cert7.db", home);
-
- if ((fp = fopen (db, "r")) != NULL)
- {
- fclose (fp);
- cd = home;
- }
- }
-
-#endif
-
- if (!cd)
- {
- PR_fprintf(errorFD,
- "You must specify the location of your certificate directory\n");
- PR_fprintf(errorFD,
- "with the -d option. Example: -d ~/.netscape in many cases with Unix.\n");
- errorCount++;
- exit (ERRX);
- }
-
- return cd;
-}
-
-/************************************************************************
- * g i v e _ h e l p
- */
-void give_help (int status)
-{
- if (status == SEC_ERROR_UNKNOWN_ISSUER)
- {
- PR_fprintf(errorFD,
- "The Certificate Authority (CA) for this certificate\n");
- PR_fprintf(errorFD,
- "does not appear to be in your database. You should contact\n");
- PR_fprintf(errorFD,
- "the organization which issued this certificate to obtain\n");
- PR_fprintf(errorFD, "a copy of its CA Certificate.\n");
- }
-}
-
-/**************************************************************************
- *
- * p r _ f g e t s
- *
- * fgets implemented with NSPR.
- */
-char*
-pr_fgets(char *buf, int size, PRFileDesc *file)
-{
- int i;
- int status;
- char c;
-
- i=0;
- while(i < size-1) {
- status = PR_Read(file, (void*) &c, 1);
- if(status==-1) {
- return NULL;
- } else if(status==0) {
- break;
- }
- buf[i++] = c;
- if(c=='\n') {
- break;
- }
- }
- buf[i]='\0';
-
- return buf;
-}
-
diff --git a/security/nss/cmd/signtool/verify.c b/security/nss/cmd/signtool/verify.c
deleted file mode 100644
index fd80ef737..000000000
--- a/security/nss/cmd/signtool/verify.c
+++ /dev/null
@@ -1,382 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-
-
-static int jar_cb(int status, JAR *jar, const char *metafile,
- char *pathname, char *errortext);
-static int verify_global (JAR *jar);
-
-/*************************************************************************
- *
- * V e r i f y J a r
- */
-int
-VerifyJar(char *filename)
-{
- FILE *fp;
-
- int ret;
- int status;
- int failed = 0;
- char *err;
-
- JAR *jar;
- JAR_Context *ctx;
-
- JAR_Item *it;
-
- jar = JAR_new();
-
- if ((fp = fopen (filename, "r")) == NULL)
- {
- perror (filename);
- exit (ERRX);
- }
- else
- fclose (fp);
-
- JAR_set_callback (JAR_CB_SIGNAL, jar, jar_cb);
-
-
- status = JAR_pass_archive (jar, jarArchGuess, filename, "some-url");
-
- if (status < 0 || jar->valid < 0)
- {
- failed = 1;
- PR_fprintf(outputFD, "\nNOTE -- \"%s\" archive DID NOT PASS crypto verification.\n", filename);
- if (status < 0)
- {
- char *errtext;
-
- if (status >= JAR_BASE && status <= JAR_BASE_END)
- {
- errtext = JAR_get_error (status);
- }
- else
- {
- errtext = SECU_ErrorString ((int16) PORT_GetError());
- }
-
- PR_fprintf(outputFD, " (reported reason: %s)\n\n", errtext);
-
- /* corrupt files should not have their contents listed */
-
- if (status == JAR_ERR_CORRUPT)
- return -1;
- }
- PR_fprintf(outputFD,
- "entries shown below will have their digests checked only.\n");
- jar->valid = 0;
- }
- else
- PR_fprintf(outputFD,
- "archive \"%s\" has passed crypto verification.\n", filename);
-
- if (verify_global (jar))
- failed = 1;
-
- PR_fprintf(outputFD, "\n");
- PR_fprintf(outputFD, "%16s %s\n", "status", "path");
- PR_fprintf(outputFD, "%16s %s\n", "------------", "-------------------");
-
- ctx = JAR_find (jar, NULL, jarTypeMF);
-
- while (JAR_find_next (ctx, &it) >= 0)
- {
- if (it && it->pathname)
- {
- rm_dash_r(TMP_OUTPUT);
- ret = JAR_verified_extract (jar, it->pathname, TMP_OUTPUT);
- /* if (ret < 0) printf ("error %d on %s\n", ret, it->pathname); */
- if (ret < 0) failed = 1;
-
- if (ret == JAR_ERR_PNF)
- err = "NOT PRESENT";
- else if (ret == JAR_ERR_HASH)
- err = "HASH FAILED";
- else
- err = "NOT VERIFIED";
-
- PR_fprintf(outputFD, "%16s %s\n",
- ret >= 0 ? "verified" : err, it->pathname);
-
- if (ret != 0 && ret != JAR_ERR_PNF && ret != JAR_ERR_HASH)
- PR_fprintf(outputFD, " (reason: %s)\n", JAR_get_error (ret));
- }
- }
-
- JAR_find_end (ctx);
-
- if (status < 0 || jar->valid < 0)
- {
- failed = 1;
- PR_fprintf(outputFD,
- "\nNOTE -- \"%s\" archive DID NOT PASS crypto verification.\n", filename);
- give_help (status);
- }
-
- JAR_destroy (jar);
-
- if (failed)
- return -1;
- return 0;
-}
-
-/***************************************************************************
- *
- * v e r i f y _ g l o b a l
- */
-static int
-verify_global (JAR *jar)
-{
- FILE *fp;
- JAR_Context *ctx;
-
- char *ext;
-
- JAR_Item *it;
- JAR_Digest *globaldig;
-
- unsigned int sha1_length, md5_length;
-
- char buf [BUFSIZ];
-
- unsigned char *md5_digest, *sha1_digest;
-
- int retval = 0;
-
- ctx = JAR_find (jar, "*", jarTypePhy);
-
- while (JAR_find_next (ctx, &it) >= 0) {
- if (!PORT_Strncmp (it->pathname, "META-INF", 8)) {
- for (ext = it->pathname; *ext; ext++);
- while (ext > it->pathname && *ext != '.') ext--;
-
- if(verbosity >= 0) {
- if (!PORT_Strcasecmp (ext, ".rsa")) {
- PR_fprintf(outputFD, "found a RSA signature file: %s\n",
- it->pathname);
- }
-
- if(!PORT_Strcasecmp (ext, ".dsa")) {
- PR_fprintf(outputFD, "found a DSA signature file: %s\n",
- it->pathname);
- }
-
- if (!PORT_Strcasecmp (ext, ".mf")) {
- PR_fprintf(outputFD,
- "found a MF master manifest file: %s\n", it->pathname);
- }
- }
-
- if (!PORT_Strcasecmp (ext, ".sf")) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD,
- "found a SF signature manifest file: %s\n", it->pathname);
- }
-
- rm_dash_r(TMP_OUTPUT);
- if (JAR_extract (jar, it->pathname, TMP_OUTPUT) < 0) {
- PR_fprintf(errorFD, "%s: error extracting %s\n", PROGRAM_NAME,
- it->pathname);
- errorCount++;
- retval = -1;
- continue;
- }
-
- md5_digest = NULL;
- sha1_digest = NULL;
-
- if ((fp = fopen (TMP_OUTPUT, "rb")) != NULL) {
- while (fgets (buf, BUFSIZ, fp)) {
- char *s;
-
- if (*buf == 0 || *buf == '\n' || *buf == '\r') break;
-
- for (s = buf; *s && *s != '\n' && *s != '\r'; s++);
- *s = 0;
-
- if (!PORT_Strncmp (buf, "MD5-Digest: ", 12)) {
- md5_digest = ATOB_AsciiToData (buf + 12, &md5_length);
- }
-
- if (!PORT_Strncmp (buf, "SHA1-Digest: ", 13)) {
- sha1_digest = ATOB_AsciiToData (buf + 13, &sha1_length);
- }
-
- if (!PORT_Strncmp (buf, "SHA-Digest: ", 12)) {
- sha1_digest = ATOB_AsciiToData (buf + 12, &sha1_length);
- }
- }
-
- globaldig = jar->globalmeta;
-
- if (globaldig && md5_digest) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD,
- " md5 digest on global metainfo: %s\n",
- PORT_Memcmp (md5_digest, globaldig->md5, MD5_LENGTH) ?
- "no match" : "match");
- }
- }
-
- if (globaldig && sha1_digest) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD,
- " sha digest on global metainfo: %s\n",
- PORT_Memcmp(sha1_digest, globaldig->sha1,
- SHA1_LENGTH) ? "no match" : "match");
- }
- }
-
- if (globaldig == NULL) {
- if(verbosity >= 0) {
- PR_fprintf(outputFD,
- "global metadigest is not available, strange.\n");
- }
- }
-
- fclose (fp);
- }
- }
- }
- }
-
- JAR_find_end (ctx);
-
- return retval;
-}
-
-/************************************************************************
- *
- * J a r W h o
- */
-int
-JarWho(char *filename)
- {
- FILE *fp;
-
- JAR *jar;
- JAR_Context *ctx;
-
- int status;
- int retval = 0;
-
- JAR_Item *it;
- JAR_Cert *fing;
-
- CERTCertificate *cert, *prev = NULL;
-
- jar = JAR_new();
-
- if ((fp = fopen (filename, "r")) == NULL)
- {
- perror (filename);
- exit (ERRX);
- }
- else
- fclose (fp);
-
- status = JAR_pass_archive (jar, jarArchGuess, filename, "some-url");
-
- if (status < 0 || jar->valid < 0)
- {
- PR_fprintf(outputFD,
- "NOTE -- \"%s\" archive DID NOT PASS crypto verification.\n", filename);
- retval = -1;
- if (jar->valid < 0 || status != -1)
- {
- char *errtext;
-
- if (status >= JAR_BASE && status <= JAR_BASE_END)
- {
- errtext = JAR_get_error (status);
- }
- else
- {
- errtext = SECU_ErrorString ((int16) PORT_GetError());
- }
-
- PR_fprintf(outputFD, " (reported reason: %s)\n\n", errtext);
- }
- }
-
- PR_fprintf(outputFD, "\nSigner information:\n\n");
-
- ctx = JAR_find (jar, NULL, jarTypeSign);
-
- while (JAR_find_next (ctx, &it) >= 0)
- {
- fing = (JAR_Cert *) it->data;
- cert = fing->cert;
-
- if (cert)
- {
- if (prev == cert)
- break;
-
- if (cert->nickname)
- PR_fprintf(outputFD, "nickname: %s\n", cert->nickname);
- if (cert->subjectName)
- PR_fprintf(outputFD, "subject name: %s\n", cert->subjectName);
- if (cert->issuerName)
- PR_fprintf(outputFD, "issuer name: %s\n", cert->issuerName);
- }
- else
- {
- PR_fprintf(outputFD, "no certificate could be found\n");
- retval = -1;
- }
-
- prev = cert;
- }
-
- JAR_find_end (ctx);
-
- JAR_destroy (jar);
- return retval;
-}
-
-/************************************************************************
- * j a r _ c b
- */
-static int jar_cb(int status, JAR *jar, const char *metafile,
- char *pathname, char *errortext)
-{
- PR_fprintf(errorFD, "error %d: %s IN FILE %s\n", status, errortext, pathname);
- errorCount++;
- return 0;
-}
-
diff --git a/security/nss/cmd/signtool/zip.c b/security/nss/cmd/signtool/zip.c
deleted file mode 100644
index 62e885137..000000000
--- a/security/nss/cmd/signtool/zip.c
+++ /dev/null
@@ -1,678 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "signtool.h"
-#include "zip.h"
-#include "zlib.h"
-#include "prmem.h"
-
-static void inttox (int in, char *out);
-static void longtox (long in, char *out);
-
-/****************************************************************
- *
- * J z i p O p e n
- *
- * Opens a new ZIP file and creates a new ZIPfile structure to
- * control the process of installing files into a zip.
- */
-ZIPfile*
-JzipOpen(char *filename, char *comment)
-{
- ZIPfile *zipfile;
- PRExplodedTime prtime;
-
- zipfile = PORT_ZAlloc(sizeof(ZIPfile));
- if(!zipfile) out_of_memory();
-
- /* Construct time and date */
- PR_ExplodeTime(PR_Now(), PR_LocalTimeParameters, &prtime);
- zipfile->date = ((prtime.tm_year-1980) << 9) |
- ((prtime.tm_month+1) << 5) |
- prtime.tm_mday;
- zipfile->time = (prtime.tm_hour<<11) |
- (prtime.tm_min<<5) |
- (prtime.tm_sec&0x3f);
-
- if (filename &&
- (zipfile->fp = PR_Open(filename,
- PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 0777)) == NULL) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "%s: can't open output jar, %s.%s\n", PROGRAM_NAME,
- filename, nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit (ERRX);
- }
-
- zipfile->list = NULL;
- if(filename) {
- zipfile->filename = PORT_ZAlloc(strlen(filename)+1);
- if(!zipfile->filename) out_of_memory();
- PORT_Strcpy(zipfile->filename, filename);
- }
- if(comment) {
- zipfile->comment = PORT_ZAlloc(strlen(comment)+1);
- if(!zipfile->comment) out_of_memory();
- PORT_Strcpy(zipfile->comment, comment);
- }
-
- return zipfile;
-}
-
-static
-void*
-my_alloc_func(void* opaque, uInt items, uInt size)
-{
- return PORT_Alloc(items*size);
-}
-
-static
-void
-my_free_func(void* opaque, void* address)
-{
- PORT_Free(address);
-}
-
-static
-void
-handle_zerror(int err, char *msg)
-{
- if(!msg) {
- msg = "";
- }
-
- errorCount++; /* unless Z_OK...see below */
-
- switch(err) {
- case Z_OK:
- PR_fprintf(errorFD, "No error: %s\n", msg);
- errorCount--; /* this was incremented above */
- break;
- case Z_MEM_ERROR:
- PR_fprintf(errorFD, "Deflation ran out of memory: %s\n", msg);
- break;
- case Z_STREAM_ERROR:
- PR_fprintf(errorFD, "Invalid compression level: %s\n", msg);
- break;
- case Z_VERSION_ERROR:
- PR_fprintf(errorFD, "Incompatible compression library version: %s\n", msg);
- break;
- case Z_DATA_ERROR:
- PR_fprintf(errorFD, "Compression data error: %s\n", msg);
- break;
- default:
- PR_fprintf(errorFD, "Unknown error in compression library: %s\n", msg);
- break;
- }
-}
-
-
-/****************************************************************
- *
- * J z i p A d d
- *
- * Adds a new file into a ZIP file. The ZIP file must have already
- * been opened with JzipOpen.
- */
-int
-JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level)
-{
- ZIPentry *entry;
- PRFileDesc *readfp;
- PRFileDesc *zipfp;
- int num;
- Bytef inbuf[BUFSIZ], outbuf[BUFSIZ];
- unsigned long crc;
- z_stream zstream;
- int err;
- unsigned long local_size_pos;
- int deflate_percent;
-
-
- if( !fullname || !filename || !zipfile) {
- return -1;
- }
-
- zipfp = zipfile->fp;
-
-
- if( (readfp = PR_Open(fullname, PR_RDONLY, 0777)) == NULL) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "%s: %s\n", fullname, nsprErr ? nsprErr : "");
- errorCount++;
- if(nsprErr) PR_Free(nsprErr);
- exit(ERRX);
- }
-
- /*
- * Make sure the input file is not the output file.
- * Add a few bytes to the end of the JAR file and see if the input file
- * twitches
- */
- {
- PRInt32 endOfJar;
- PRInt32 inputSize;
- PRBool isSame;
-
- inputSize = PR_Available(readfp);
-
- endOfJar = PR_Seek(zipfp, 0L, PR_SEEK_CUR);
-
- if(PR_Write(zipfp, "abcde", 5) < 5) {
- char *nsprErr;
-
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing to zip file: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- isSame = (PR_Available(readfp) != inputSize);
-
- PR_Seek(zipfp, endOfJar, PR_SEEK_SET);
-
- if(isSame) {
- /* It's the same file! Forget it! */
- PR_Close(readfp);
- return 0;
- }
- }
-
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "adding %s to %s...", fullname, zipfile->filename);
- }
-
- entry = PORT_ZAlloc(sizeof(ZIPentry));
- if(!entry) out_of_memory();
-
- entry->filename = PORT_Strdup(filename);
- entry->comment = NULL;
-
- /* Set up local file header */
- longtox(LSIG, entry->local.signature);
- inttox(strlen(filename), entry->local.filename_len);
- inttox(zipfile->time, entry->local.time);
- inttox(zipfile->date, entry->local.date);
- inttox(Z_DEFLATED, entry->local.method);
-
- /* Set up central directory entry */
- longtox(CSIG, entry->central.signature);
- inttox(strlen(filename), entry->central.filename_len);
- if(entry->comment) {
- inttox(strlen(entry->comment), entry->central.commentfield_len);
- }
- longtox(PR_Seek(zipfile->fp, 0, PR_SEEK_CUR),
- entry->central.localhdr_offset);
- inttox(zipfile->time, entry->central.time);
- inttox(zipfile->date, entry->central.date);
- inttox(Z_DEFLATED, entry->central.method);
-
- /* Compute crc. Too bad we have to process the whole file to do this*/
- crc = crc32(0L, NULL, 0);
- while( (num = PR_Read(readfp, inbuf, BUFSIZ)) > 0) {
- crc = crc32(crc, inbuf, num);
- }
- PR_Seek(readfp, 0L, PR_SEEK_SET);
-
- /* Store CRC */
- longtox(crc, entry->local.crc32);
- longtox(crc, entry->central.crc32);
-
- /* Stick this entry onto the end of the list */
- entry->next = NULL;
- if( zipfile->list == NULL ) {
- /* First entry */
- zipfile->list = entry;
- } else {
- ZIPentry *pe;
-
- pe = zipfile->list;
- while(pe->next != NULL) {
- pe = pe->next;
- }
- pe->next = entry;
- }
-
- /*
- * Start writing stuff out
- */
-
- local_size_pos = PR_Seek(zipfp, 0, PR_SEEK_CUR) + 18;
- /* File header */
- if(PR_Write(zipfp, &entry->local, sizeof(struct ZipLocal))
- < sizeof(struct ZipLocal)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /* File Name */
- if( PR_Write(zipfp, filename, strlen(filename)) < strlen(filename)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /*
- * File data
- */
- /* Initialize zstream */
- zstream.zalloc = my_alloc_func;
- zstream.zfree = my_free_func;
- zstream.opaque = NULL;
- zstream.next_in = inbuf;
- zstream.avail_in = BUFSIZ;
- zstream.next_out = outbuf;
- zstream.avail_out = BUFSIZ;
- /* Setting the windowBits to -MAX_WBITS is an undocumented feature of
- * zlib (see deflate.c in zlib). It is the same thing that Java does
- * when you specify the nowrap option for deflation in java.util.zip.
- * It causes zlib to leave out its headers and footers, which don't
- * work in PKZIP files.
- */
- err = deflateInit2(&zstream, compression_level, Z_DEFLATED,
- -MAX_WBITS, 8 /*default*/, Z_DEFAULT_STRATEGY);
- if(err != Z_OK) {
- handle_zerror(err, zstream.msg);
- exit(ERRX);
- }
-
- while( (zstream.avail_in = PR_Read(readfp, inbuf, BUFSIZ)) > 0) {
- zstream.next_in = inbuf;
- /* Process this chunk of data */
- while(zstream.avail_in > 0) {
- err = deflate(&zstream, Z_NO_FLUSH);
- if(err != Z_OK) {
- handle_zerror(err, zstream.msg);
- exit(ERRX);
- }
- if(zstream.avail_out <= 0) {
- if( PR_Write(zipfp, outbuf, BUFSIZ) < BUFSIZ) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- zstream.next_out = outbuf;
- zstream.avail_out = BUFSIZ;
- }
- }
- }
-
- /* Now flush everything */
- while(1) {
- err = deflate(&zstream, Z_FINISH);
- if(err == Z_STREAM_END) {
- break;
- } else if(err == Z_OK) {
- /* output buffer full, repeat */
- } else {
- handle_zerror(err, zstream.msg);
- exit(ERRX);
- }
- if( PR_Write(zipfp, outbuf, BUFSIZ) < BUFSIZ) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- zstream.avail_out = BUFSIZ;
- zstream.next_out = outbuf;
- }
-
- /* If there's any output left, write it out. */
- if(zstream.next_out != outbuf) {
- if( PR_Write(zipfp, outbuf, zstream.next_out-outbuf) <
- zstream.next_out-outbuf) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- zstream.avail_out = BUFSIZ;
- zstream.next_out = outbuf;
- }
-
- /* Now that we know the compressed size, write this to the headers */
- longtox(zstream.total_in, entry->local.orglen);
- longtox(zstream.total_out, entry->local.size);
- if(PR_Seek(zipfp, local_size_pos, PR_SEEK_SET) == -1) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Accessing zip file: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- if( PR_Write(zipfp, entry->local.size, 8) != 8) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- if(PR_Seek(zipfp, 0L, PR_SEEK_END) == -1) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Accessing zip file: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- longtox(zstream.total_in, entry->central.orglen);
- longtox(zstream.total_out, entry->central.size);
-
- /* Close out the deflation operation */
- err = deflateEnd(&zstream);
- if(err != Z_OK) {
- handle_zerror(err, zstream.msg);
- exit(ERRX);
- }
-
- PR_Close(readfp);
-
- if((zstream.total_in > zstream.total_out) && (zstream.total_in > 0)) {
- deflate_percent = (int) ( (zstream.total_in-zstream.total_out)*100 /
- zstream.total_in );
- } else {
- deflate_percent = 0;
- }
- if(verbosity >= 0) {
- PR_fprintf(outputFD, "(deflated %d%%)\n", deflate_percent);
- }
-
- return 0;
-}
-
-/********************************************************************
- * J z i p C l o s e
- *
- * Finishes the ZipFile. ALSO DELETES THE ZIPFILE STRUCTURE PASSED IN!!
- */
-int
-JzipClose(ZIPfile *zipfile)
-{
- ZIPentry *pe, *dead;
- PRFileDesc *zipfp;
- struct ZipEnd zipend;
- unsigned int entrycount = 0;
-
- if(!zipfile) {
- return -1;
- }
-
- if(!zipfile->filename) {
- /* bogus */
- return 0;
- }
-
- zipfp = zipfile->fp;
- zipfile->central_start = PR_Seek(zipfp, 0L, PR_SEEK_CUR);
-
- /* Write out all the central directories */
- pe = zipfile->list;
- while(pe) {
- entrycount++;
-
- /* Write central directory info */
- if( PR_Write(zipfp, &pe->central, sizeof(struct ZipCentral))
- < sizeof(struct ZipCentral)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /* Write filename */
- if( PR_Write(zipfp, pe->filename, strlen(pe->filename))
- < strlen(pe->filename)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /* Write file comment */
- if(pe->comment) {
- if( PR_Write(zipfp, pe->comment, strlen(pe->comment))
- < strlen(pe->comment)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- }
-
- /* Delete the structure */
- dead = pe;
- pe = pe->next;
- if(dead->filename) {
- PORT_Free(dead->filename);
- }
- if(dead->comment) {
- PORT_Free(dead->comment);
- }
- PORT_Free(dead);
- }
- zipfile->central_end = PR_Seek(zipfile->fp, 0L, PR_SEEK_CUR);
-
- /* Create the ZipEnd structure */
- PORT_Memset(&zipend, 0, sizeof(zipend));
- longtox(ESIG, zipend.signature);
- inttox(entrycount, zipend.total_entries_disk);
- inttox(entrycount, zipend.total_entries_archive);
- longtox(zipfile->central_end-zipfile->central_start,
- zipend.central_dir_size);
- longtox(zipfile->central_start, zipend.offset_central_dir);
- if(zipfile->comment) {
- inttox(strlen(zipfile->comment), zipend.commentfield_len);
- }
-
- /* Write out ZipEnd xtructure */
- if( PR_Write(zipfp, &zipend, sizeof(zipend)) < sizeof(zipend)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n", nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
-
- /* Write out Zipfile comment */
- if(zipfile->comment) {
- if( PR_Write(zipfp, zipfile->comment, strlen(zipfile->comment))
- < strlen(zipfile->comment)) {
- char *nsprErr;
- if(PR_GetErrorTextLength()) {
- nsprErr = PR_Malloc(PR_GetErrorTextLength());
- PR_GetErrorText(nsprErr);
- } else {
- nsprErr = NULL;
- }
- PR_fprintf(errorFD, "Writing zip data: %s\n",
- nsprErr ? nsprErr : "");
- if(nsprErr) PR_Free(nsprErr);
- errorCount++;
- exit(ERRX);
- }
- }
-
- PR_Close(zipfp);
-
- /* Free the memory of the zipfile structure */
- if(zipfile->filename) {
- PORT_Free(zipfile->filename);
- }
- if(zipfile->comment) {
- PORT_Free(zipfile->comment);
- }
- PORT_Free(zipfile);
-
- return 0;
-}
-
-/**********************************************
- * i n t t o x
- *
- * Converts a two byte ugly endianed integer
- * to our platform's integer.
- *
- */
-
-static void inttox (int in, char *out)
-{
- out [0] = (in & 0xFF);
- out [1] = (in & 0xFF00) >> 8;
-}
-
-/*********************************************
- * l o n g t o x
- *
- * Converts a four byte ugly endianed integer
- * to our platform's integer.
- *
- */
-
-static void longtox (long in, char *out)
-{
- out [0] = (in & 0xFF);
- out [1] = (in & 0xFF00) >> 8;
- out [2] = (in & 0xFF0000) >> 16;
- out [3] = (in & 0xFF000000) >> 24;
-}
-
diff --git a/security/nss/cmd/signtool/zip.h b/security/nss/cmd/signtool/zip.h
deleted file mode 100644
index 08512f3c4..000000000
--- a/security/nss/cmd/signtool/zip.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* zip.h
- * Structures and functions for creating ZIP archives.
- */
-#ifndef ZIP_H
-#define ZIP_H
-
-/* For general information on ZIP formats, you can look at jarfile.h
- * in ns/security/lib/jar. Or look it up on the web...
- */
-
-/* One entry in a ZIPfile. This corresponds to one file in the archive.
- * We have to save this information because first all the files go into
- * the archive with local headers; then at the end of the file we have to
- * put the central directory entries for each file.
- */
-typedef struct ZIPentry_s {
- struct ZipLocal local; /* local header info */
- struct ZipCentral central; /* central directory info */
- char *filename; /* name of file */
- char *comment; /* comment for this file -- optional */
-
- struct ZIPentry_s *next;
-} ZIPentry;
-
-/* This structure contains the necessary data for putting a ZIP file
- * together. Has some overall information and a list of ZIPentrys.
- */
-typedef struct ZIPfile_s {
- char *filename; /* ZIP file name */
- char *comment; /* ZIP file comment -- may be NULL */
- PRFileDesc *fp; /* ZIP file pointer */
- ZIPentry *list; /* one entry for each file in the archive */
- unsigned int time; /* the GMT time of creation, in DOS format */
- unsigned int date; /* the GMT date of creation, in DOS format */
- unsigned long central_start; /* starting offset of central directory */
- unsigned long central_end; /*index right after the last byte of central*/
-} ZIPfile;
-
-
-/* Open a new ZIP file. Takes the name of the zip file and an optional
- * comment to be included in the file. Returns a new ZIPfile structure
- * which is used by JzipAdd and JzipClose
- */
-ZIPfile* JzipOpen(char *filename, char *comment);
-
-/* Add a file to a ZIP archive. Fullname is the path relative to the
- * current directory. Filename is what the name will be stored as in the
- * archive, and thus what it will be restored as. zipfile is a structure
- * returned from a previous call to JzipOpen.
- *
- * Non-zero return code means error (although usually the function will
- * call exit() rather than return an error--gotta fix this).
- */
-int JzipAdd(char *fullname, char *filename, ZIPfile *zipfile,
- int compression_level);
-
-/* Finalize a ZIP archive. Adds all the footer information to the end of
- * the file and closes it. Also DELETES THE ZIPFILE STRUCTURE that was
- * passed in. So you never have to allocate or free a ZIPfile yourself.
- *
- * Non-zero return code means error (although usually the function will
- * call exit() rather than return an error--gotta fix this).
- */
-int JzipClose (ZIPfile *zipfile);
-
-
-#endif /* ZIP_H */
diff --git a/security/nss/cmd/signver/Makefile b/security/nss/cmd/signver/Makefile
deleted file mode 100644
index e4a3a6069..000000000
--- a/security/nss/cmd/signver/Makefile
+++ /dev/null
@@ -1,71 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
diff --git a/security/nss/cmd/signver/examples/1/form.pl b/security/nss/cmd/signver/examples/1/form.pl
deleted file mode 100755
index 2034bf728..000000000
--- a/security/nss/cmd/signver/examples/1/form.pl
+++ /dev/null
@@ -1,50 +0,0 @@
-#! /usr/bin/perl
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-print "Content-type: text/html\n\n";
-print "<B>Server Name:</B> ", $ENV{'SERVER_NAME'}, "<BR>", "\n";
-print "<B>Server Port:</B> ", $ENV{'SERVER_PORT'}, "<BR>", "\n";
-print "<B>Server Software:</B> ", $ENV{'SERVER_SOFTWARE'}, "<BR>", "\n";
-print "<B>Server Protocol:</B> ", $ENV{'SERVER_PROTOCOL'}, "<BR>", "\n";
-print "<B>CGI Revision:</B> ", $ENV{'GATEWAY_INTERFACE'}, "<BR>", "\n";
-print "<B>Browser:</B> ", $ENV{'HTTP_USER_AGENT'}, "<BR>", "\n";
-print "<B>Remote Address:</B> ", $ENV{'REMOTE_ADDR'}, "<BR>", "\n";
-print "<B>Remote Host:</B> ", $ENV{'REMOTE_HOST'}, "<BR>", "\n";
-print "<B>Remote User:</B> ", $ENV{'REMOTE_USER'}, "<BR>", "\n";
-print "You typed:\n";
-
-while( $_ = <STDIN>) {
- print "$_";
-}
-
diff --git a/security/nss/cmd/signver/examples/1/signedForm.html b/security/nss/cmd/signver/examples/1/signedForm.html
deleted file mode 100644
index 1444a1775..000000000
--- a/security/nss/cmd/signver/examples/1/signedForm.html
+++ /dev/null
@@ -1,84 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<head>
-<title>Form to sign</title>
-<script language="javascript">
-<!--
-function submitSigned(form){
- var signature = "";
- var dataToSign = "";
- var i;
-
- form.action='signedForm.pl';
- for (i = 0; i < form.length; i++)
- if (form.elements[i].type == "text")
- dataToSign += form.elements[i].value;
-
- // alert("Data to sign:\n" + dataToSign);
- signature = crypto.signText(dataToSign, "ask");
- /* alert("You cannot see this alert");
- alert("Data signature:\n" + signature); */
-
- if (signature != "error:userCancel") {
- for (i = 0; i < form.length; i++) {
- if (form.elements[i].type == "hidden") {
- if (form.elements[i].name == "dataToSign")
- form.elements[i].value = dataToSign;
- if (form.elements[i].name == "dataSignature")
- form.elements[i].value = signature;
- }
- }
- form.submit();
- }
-}
-//-->
-</script>
-</head>
-
-<body>
-<form method=post Action="form.pl">
-<input type=hidden size=30 name=dataSignature>
-<input type=hidden size=30 name=dataToSign>
-<input type=text size=30 name=p>
-<BR>
-<input type=text size=30 name=q>
-<BR>
-<input type=text size=30 name=r>
-<BR>
-<input type=submit value="Submit Data">
-<input type=button value="Sign and Submit Data" onclick=submitSigned(this.form)>
-<input type=reset value=Reset>
-</form>
-</body>
-</html>
diff --git a/security/nss/cmd/signver/examples/1/signedForm.nt.html b/security/nss/cmd/signver/examples/1/signedForm.nt.html
deleted file mode 100644
index 5487739ce..000000000
--- a/security/nss/cmd/signver/examples/1/signedForm.nt.html
+++ /dev/null
@@ -1,84 +0,0 @@
-<html>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<head>
-<title>Form to sign</title>
-<script language="javascript">
-<!--
-function submitSigned(form){
- var signature = "";
- var dataToSign = "";
- var i;
-
- form.action='cgi-bin/signedForm.pl';
- for (i = 0; i < form.length; i++)
- if (form.elements[i].type == "text")
- dataToSign += form.elements[i].value;
-
- // alert("Data to sign:\n" + dataToSign);
- signature = crypto.signText(dataToSign, "ask");
- /* alert("You cannot see this alert");
- alert("Data signature:\n" + signature); */
-
- if (signature != "error:userCancel") {
- for (i = 0; i < form.length; i++) {
- if (form.elements[i].type == "hidden") {
- if (form.elements[i].name == "dataToSign")
- form.elements[i].value = dataToSign;
- if (form.elements[i].name == "dataSignature")
- form.elements[i].value = signature;
- }
- }
- form.submit();
- }
-}
-//-->
-</script>
-</head>
-
-<body>
-<form method=post Action="cgi-bin/form.pl">
-<input type=hidden size=30 name=dataSignature>
-<input type=hidden size=30 name=dataToSign>
-<input type=text size=30 name=p>
-<BR>
-<input type=text size=30 name=q>
-<BR>
-<input type=text size=30 name=r>
-<BR>
-<input type=submit value="Submit Data">
-<input type=button value="Sign and Submit Data" onclick=submitSigned(this.form)>
-<input type=reset value=Reset>
-</form>
-</body>
-</html>
diff --git a/security/nss/cmd/signver/examples/1/signedForm.pl b/security/nss/cmd/signver/examples/1/signedForm.pl
deleted file mode 100755
index 3c2cd0ed3..000000000
--- a/security/nss/cmd/signver/examples/1/signedForm.pl
+++ /dev/null
@@ -1,88 +0,0 @@
-#! /usr/bin/perl
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-
-sub decode {
- read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
- @pairs = split(/&/, $buffer);
- foreach $pair (@pairs)
- {
- ($name, $value) = split(/=/, $pair);
- $value =~tr/+/ /;
- $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
- $FORM{$name} = $value;
-# print "name=$name value=$value<BR>\n";
- }
-}
-
-print "Content-type: text/html\n\n";
-
-&decode();
-
-$dataSignature = $FORM{'dataSignature'};
-$dataToSign = $FORM{'dataToSign'};
-
-unlink("signature");
-open(FILE1,">signature") || die("Cannot open file for writing\n");
-
-print FILE1 "$dataSignature";
-
-close(FILE1);
-
-
-unlink("data");
-open(FILE2,">data") || die("Cannot open file for writing\n");
-
-print FILE2 "$dataToSign";
-
-close(FILE2);
-
-
-print "<BR><B>Signed Data:</B><BR>", "$dataToSign", "<BR>";
-
-print "<BR><b>Verification Info:</b><BR>";
-
-$verInfo = `./signver -D . -s signature -d data -v`;
-print "<font color=red><b>$verInfo</b></font><BR>";
-
-print "<BR><B>Signature Data:</B><BR>", "$dataSignature", "<BR>";
-
-print "<BR><b>Signature Info:</b><BR>";
-
-foreach $line (`./signver -s signature -A`) {
- print "$line<BR>\n";
-}
-
-print "<b>End of Info</b><BR>";
-
diff --git a/security/nss/cmd/signver/manifest.mn b/security/nss/cmd/signver/manifest.mn
deleted file mode 100644
index 1ddccb504..000000000
--- a/security/nss/cmd/signver/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = signver.c \
- pk7print.c \
- $(NULL)
-
-REQUIRES = security dbm seccmd
-
-PROGRAM = signver
-
-PACKAGE_FILES = README.txt signedForm.html signedForm.pl form.pl
-ifeq ($(subst /,_,$(shell uname -s)),WINNT)
-PACKAGE_FILES += signedForm.nt.pl signver.exe
-else
-PACKAGE_FILES += signver
-endif
-
-ARCHIVE_NAME = signver
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/signver/pk7print.c b/security/nss/cmd/signver/pk7print.c
deleted file mode 100644
index 3310ec832..000000000
--- a/security/nss/cmd/signver/pk7print.c
+++ /dev/null
@@ -1,918 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** secutil.c - various functions used by security stuff
-**
-*/
-
-/* pkcs #7 -related functions */
-
-
-#include "secutil.h"
-#include "secpkcs7.h"
-#include "secoid.h"
-#include <sys/stat.h>
-#include <stdarg.h>
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-
-/* for SEC_TraverseNames */
-#include "cert.h"
-#include "prtypes.h"
-#include "prtime.h"
-
-#include "prlong.h"
-#include "secmod.h"
-#include "pk11func.h"
-#include "prerror.h"
-
-
-
-
-/*
-** PKCS7 Support
-*/
-
-/* forward declaration */
-int
-sv_PrintPKCS7ContentInfo(FILE *, SEC_PKCS7ContentInfo *, char *);
-
-
-void
-sv_PrintAsHex(FILE *out, SECItem *data, char *m)
-{
- unsigned i;
-
- if (m) fprintf(out, m);
-
- for (i = 0; i < data->len; i++) {
- if (i < data->len - 1) {
- fprintf(out, "%02x:", data->data[i]);
- } else {
- fprintf(out, "%02x\n", data->data[i]);
- break;
- }
- }
-}
-
-void
-sv_PrintInteger(FILE *out, SECItem *i, char *m)
-{
- int iv;
-
- if (i->len > 4) {
- sv_PrintAsHex(out, i, m);
- } else {
- iv = DER_GetInteger(i);
- fprintf(out, "%s%d (0x%x)\n", m, iv, iv);
- }
-}
-
-
-int
-sv_PrintUTCTime(FILE *out, SECItem *t, char *m)
-{
- PRExplodedTime printableTime;
- int64 time;
- char *timeString;
- int rv;
-
- rv = DER_UTCTimeToTime(&time, t);
- if (rv) return rv;
-
- /* Converse to local time */
- PR_ExplodeTime(time, PR_GMTParameters, &printableTime);
-
- timeString = (char *)PORT_Alloc(100);
-
- if ( timeString ) {
- PR_FormatTime( timeString, 100, "%a %b %d %H:%M:%S %Y", &printableTime );
- fprintf(out, "%s%s\n", m, timeString);
- PORT_Free(timeString);
- return 0;
- }
- return SECFailure;
-}
-
-
-int
-sv_PrintValidity(FILE *out, CERTValidity *v, char *m)
-{
- int rv;
-
- fprintf(out, m);
- rv = sv_PrintUTCTime(out, &v->notBefore, "notBefore=");
- if (rv) return rv;
- fprintf(out, m);
- sv_PrintUTCTime(out, &v->notAfter, "notAfter=");
- return rv;
-}
-
-void
-sv_PrintObjectID(FILE *out, SECItem *oid, char *m)
-{
- char *name;
- SECOidData *oiddata;
-
- oiddata = SECOID_FindOID(oid);
- if (oiddata == NULL) {
- sv_PrintAsHex(out, oid, m);
- return;
- }
- name = oiddata->desc;
-
- if (m != NULL)
- fprintf(out, "%s", m);
- fprintf(out, "%s\n", name);
-}
-
-void
-sv_PrintAlgorithmID(FILE *out, SECAlgorithmID *a, char *m)
-{
- sv_PrintObjectID(out, &a->algorithm, m);
-
- if ((a->parameters.len != 2) ||
- (PORT_Memcmp(a->parameters.data, "\005\000", 2) != 0)) {
- /* Print args to algorithm */
- sv_PrintAsHex(out, &a->parameters, "Args=");
- }
-}
-
-void
-sv_PrintAttribute(FILE *out, SEC_PKCS7Attribute *attr, char *m)
-{
- SECItem *value;
- int i;
- char om[100];
-
- fprintf(out, m);
-
- /*
- * XXX Make this smarter; look at the type field and then decode
- * and print the value(s) appropriately!
- */
- sv_PrintObjectID(out, &(attr->type), "type=");
- if (attr->values != NULL) {
- i = 0;
- while ((value = attr->values[i]) != NULL) {
- sprintf(om, "%svalue[%d]=%s", m, i++, attr->encoded ? "(encoded)" : "");
- if (attr->encoded || attr->typeTag == NULL) {
- sv_PrintAsHex(out, value, om);
- } else {
- switch (attr->typeTag->offset) {
- default:
- sv_PrintAsHex(out, value, om);
- break;
- case SEC_OID_PKCS9_CONTENT_TYPE:
- sv_PrintObjectID(out, value, om);
- break;
- case SEC_OID_PKCS9_SIGNING_TIME:
- sv_PrintUTCTime(out, value, om);
- break;
- }
- }
- }
- }
-}
-
-void
-sv_PrintName(FILE *out, CERTName *name, char *msg)
-{
- char *str;
-
- str = CERT_NameToAscii(name);
- fprintf(out, "%s%s\n", msg, str);
-}
-
-
-#if 0
-/*
-** secu_PrintPKCS7EncContent
-** Prints a SEC_PKCS7EncryptedContentInfo (without decrypting it)
-*/
-void
-secu_PrintPKCS7EncContent(FILE *out, SEC_PKCS7EncryptedContentInfo *src,
- char *m, int level)
-{
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- secu_Indent(out, level);
- fprintf(out, "%s:\n", m);
- secu_Indent(out, level + 1);
- fprintf(out, "Content Type: %s\n",
- (src->contentTypeTag != NULL) ? src->contentTypeTag->desc
- : "Unknown");
- sv_PrintAlgorithmID(out, &(src->contentEncAlg),
- "Content Encryption Algorithm");
- sv_PrintAsHex(out, &(src->encContent),
- "Encrypted Content", level+1);
-}
-
-/*
-** secu_PrintRecipientInfo
-** Prints a PKCS7RecipientInfo type
-*/
-void
-secu_PrintRecipientInfo(FILE *out, SEC_PKCS7RecipientInfo *info, char *m,
- int level)
-{
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(info->version), "Version");
-
- sv_PrintName(out, &(info->issuerAndSN->issuer), "Issuer");
- sv_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "Serial Number");
-
- /* Parse and display encrypted key */
- sv_PrintAlgorithmID(out, &(info->keyEncAlg),
- "Key Encryption Algorithm");
- sv_PrintAsHex(out, &(info->encKey), "Encrypted Key", level + 1);
-}
-#endif
-
-/*
-** secu_PrintSignerInfo
-** Prints a PKCS7SingerInfo type
-*/
-void
-sv_PrintSignerInfo(FILE *out, SEC_PKCS7SignerInfo *info, char *m)
-{
- SEC_PKCS7Attribute *attr;
- int iv;
-
- fprintf(out, m);
- sv_PrintInteger(out, &(info->version), "version=");
-
- fprintf(out, m);
- sv_PrintName(out, &(info->issuerAndSN->issuer), "issuerName=");
- fprintf(out, m);
- sv_PrintInteger(out, &(info->issuerAndSN->serialNumber),
- "serialNumber=");
-
- fprintf(out, m);
- sv_PrintAlgorithmID(out, &(info->digestAlg), "digestAlgorithm=");
-
- if (info->authAttr != NULL) {
- char mm[120];
-
- iv = 0;
- while (info->authAttr[iv] != NULL) iv++;
- fprintf(out, "%sauthenticatedAttributes=%d\n", m, iv);
- iv = 0;
- while ((attr = info->authAttr[iv]) != NULL) {
- sprintf(mm, "%sattribute[%d].", m, iv++);
- sv_PrintAttribute(out, attr, mm);
- }
- }
-
- /* Parse and display signature */
- fprintf(out, m);
- sv_PrintAlgorithmID(out, &(info->digestEncAlg), "digestEncryptionAlgorithm=");
- fprintf(out, m);
- sv_PrintAsHex(out, &(info->encDigest), "encryptedDigest=");
-
- if (info->unAuthAttr != NULL) {
- char mm[120];
-
- iv = 0;
- while (info->unAuthAttr[iv] != NULL) iv++;
- fprintf(out, "%sunauthenticatedAttributes=%d\n", m, iv);
- iv = 0;
- while ((attr = info->unAuthAttr[iv]) != NULL) {
- sprintf(mm, "%sattribute[%d].", m, iv++);
- sv_PrintAttribute(out, attr, mm);
- }
- }
-}
-
-void
-sv_PrintRSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m)
-{
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.rsa.modulus, "modulus=");
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.rsa.publicExponent, "exponent=");
-}
-
-void
-sv_PrintDSAPublicKey(FILE *out, SECKEYPublicKey *pk, char *m)
-{
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.dsa.params.prime, "prime=");
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.dsa.params.subPrime, "subprime=");
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.dsa.params.base, "base=");
- fprintf(out, m);
- sv_PrintInteger(out, &pk->u.dsa.publicValue, "publicValue=");
-}
-
-int
-sv_PrintSubjectPublicKeyInfo(FILE *out, PRArenaPool *arena,
- CERTSubjectPublicKeyInfo *i, char *msg)
-{
- SECKEYPublicKey *pk;
- int rv;
- char mm[200];
-
- sprintf(mm, "%s.publicKeyAlgorithm=", msg);
- sv_PrintAlgorithmID(out, &i->algorithm, mm);
-
- pk = (SECKEYPublicKey*) PORT_ZAlloc(sizeof(SECKEYPublicKey));
- if (!pk) return PORT_GetError();
-
- DER_ConvertBitString(&i->subjectPublicKey);
- switch(SECOID_FindOIDTag(&i->algorithm.algorithm)) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- rv = SEC_ASN1DecodeItem(arena, pk, SECKEY_RSAPublicKeyTemplate,
- &i->subjectPublicKey);
- if (rv) return rv;
- sprintf(mm, "%s.rsaPublicKey.", msg);
- sv_PrintRSAPublicKey(out, pk, mm);
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- rv = SEC_ASN1DecodeItem(arena, pk, SECKEY_DSAPublicKeyTemplate,
- &i->subjectPublicKey);
- if (rv) return rv;
- sprintf(mm, "%s.dsaPublicKey.", msg);
- sv_PrintDSAPublicKey(out, pk, mm);
- break;
- default:
- fprintf(out, "%s=bad SPKI algorithm type\n", msg);
- return 0;
- }
-
- return 0;
-}
-
-SECStatus
-sv_PrintInvalidDateExten (FILE *out, SECItem *value, char *msg)
-{
- SECItem decodedValue;
- SECStatus rv;
- int64 invalidTime;
- char *formattedTime = NULL;
-
- decodedValue.data = NULL;
- rv = SEC_ASN1DecodeItem (NULL, &decodedValue, SEC_GeneralizedTimeTemplate,
- value);
- if (rv == SECSuccess) {
- rv = DER_GeneralizedTimeToTime(&invalidTime, &decodedValue);
- if (rv == SECSuccess) {
- formattedTime = CERT_GenTime2FormattedAscii(invalidTime, "%a %b %d %H:%M:%S %Y");
- fprintf (out, "%s: %s\n", msg, formattedTime);
- PORT_Free (formattedTime);
- }
- }
- PORT_Free (decodedValue.data);
-
- return (rv);
-}
-
-int
-sv_PrintExtensions(FILE *out, CERTCertExtension **extensions, char *msg)
-{
- SECOidTag oidTag;
-
- if (extensions) {
-
- while ( *extensions ) {
- SECItem *tmpitem;
-
- fprintf(out, "%sname=", msg);
-
- tmpitem = &(*extensions)->id;
- sv_PrintObjectID(out, tmpitem, NULL);
-
- tmpitem = &(*extensions)->critical;
- if ( tmpitem->len )
- fprintf(out, "%scritical=%s\n", msg,
- (tmpitem->data && tmpitem->data[0])? "True": "False");
-
- oidTag = SECOID_FindOIDTag (&((*extensions)->id));
-
- fprintf(out, msg);
- tmpitem = &((*extensions)->value);
- if (oidTag == SEC_OID_X509_INVALID_DATE)
- sv_PrintInvalidDateExten (out, tmpitem,"invalidExt");
- else
- sv_PrintAsHex(out,tmpitem, "data=");
-
- /*fprintf(out, "\n");*/
- extensions++;
- }
- }
-
- return 0;
-}
-
-void
-sv_PrintCRLInfo(FILE *out, CERTCrl *crl, char *m)
-{
- CERTCrlEntry *entry;
- int iv;
- char om[100];
-
- fprintf(out, m);
- sv_PrintAlgorithmID(out, &(crl->signatureAlg), "signatureAlgorithm=");
- fprintf(out, m);
- sv_PrintName(out, &(crl->name), "name=");
- fprintf(out, m);
- sv_PrintUTCTime(out, &(crl->lastUpdate), "lastUpdate=");
- fprintf(out, m);
- sv_PrintUTCTime(out, &(crl->nextUpdate), "nextUpdate=");
-
- if (crl->entries != NULL) {
- iv = 0;
- while ((entry = crl->entries[iv]) != NULL) {
- fprintf(out, "%sentry[%d].", m, iv);
- sv_PrintInteger(out, &(entry->serialNumber), "serialNumber=");
- fprintf(out, "%sentry[%d].", m, iv);
- sv_PrintUTCTime(out, &(entry->revocationDate), "revocationDate=");
- sprintf(om, "%sentry[%d].signedCRLEntriesExtensions.", m, iv++);
- sv_PrintExtensions(out, entry->extensions, om);
- }
- }
- sprintf(om, "%ssignedCRLEntriesExtensions.", m);
- sv_PrintExtensions(out, crl->extensions, om);
-}
-
-
-int
-sv_PrintCertificate(FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = NULL;
- CERTCertificate *c;
- int rv;
- int iv;
- char mm[200];
-
- /* Decode certificate */
- c = (CERTCertificate*) PORT_ZAlloc(sizeof(CERTCertificate));
- if (!c) return PORT_GetError();
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_ASN1DecodeItem(arena, c, CERT_CertificateTemplate, der);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
- /* Pretty print it out */
- iv = DER_GetInteger(&c->version);
- fprintf(out, "%sversion=%d (0x%x)\n", m, iv + 1, iv);
- sprintf(mm, "%sserialNumber=", m);
- sv_PrintInteger(out, &c->serialNumber, mm);
- sprintf(mm, "%ssignatureAlgorithm=", m);
- sv_PrintAlgorithmID(out, &c->signature, mm);
- sprintf(mm, "%sissuerName=", m);
- sv_PrintName(out, &c->issuer, mm);
- sprintf(mm, "%svalidity.", m);
- sv_PrintValidity(out, &c->validity, mm);
- sprintf(mm, "%ssubject=", m);
- sv_PrintName(out, &c->subject, mm);
- sprintf(mm, "%ssubjectPublicKeyInfo", m);
- rv = sv_PrintSubjectPublicKeyInfo(out, arena, &c->subjectPublicKeyInfo, mm);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
- sprintf(mm, "%ssignedExtensions.", m);
- sv_PrintExtensions(out, c->extensions, mm);
-
- PORT_FreeArena(arena, PR_FALSE);
- return 0;
-}
-
-int
-sv_PrintSignedData(FILE *out, SECItem *der, char *m, SECU_PPFunc inner)
-{
- PRArenaPool *arena = NULL;
- CERTSignedData *sd;
- int rv;
-
- /* Strip off the signature */
- sd = (CERTSignedData*) PORT_ZAlloc(sizeof(CERTSignedData));
- if (!sd) return PORT_GetError();
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) return SEC_ERROR_NO_MEMORY;
-
- rv = SEC_ASN1DecodeItem(arena, sd, CERT_SignedDataTemplate, der);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
-/* fprintf(out, "%s:\n", m); */
- PORT_Strcat(m, "data.");
-
- rv = (*inner)(out, &sd->data, m, 0);
- if (rv) {
- PORT_FreeArena(arena, PR_FALSE);
- return rv;
- }
-
- m[PORT_Strlen(m) - 5] = 0;
- fprintf(out, m);
- sv_PrintAlgorithmID(out, &sd->signatureAlgorithm, "signatureAlgorithm=");
- DER_ConvertBitString(&sd->signature);
- fprintf(out, m);
- sv_PrintAsHex(out, &sd->signature, "signature=");
-
- PORT_FreeArena(arena, PR_FALSE);
- return 0;
-
-}
-
-
-/*
-** secu_PrintPKCS7Signed
-** Pretty print a PKCS7 signed data type (up to version 1).
-*/
-int
-sv_PrintPKCS7Signed(FILE *out, SEC_PKCS7SignedData *src)
-{
- SECAlgorithmID *digAlg; /* digest algorithms */
- SECItem *aCert; /* certificate */
- CERTSignedCrl *aCrl; /* certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* signer information */
- int rv, iv;
- char om[120];
-
- sv_PrintInteger(out, &(src->version), "pkcs7.version=");
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- iv = 0;
- while (src->digestAlgorithms[iv] != NULL)
- iv++;
- fprintf(out, "pkcs7.digestAlgorithmListLength=%d\n", iv);
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv]) != NULL) {
- sprintf(om, "pkcs7.digestAlgorithm[%d]=", iv++);
- sv_PrintAlgorithmID(out, digAlg, om);
- }
- }
-
- /* Now for the content */
- rv = sv_PrintPKCS7ContentInfo(out, &(src->contentInfo),
- "pkcs7.contentInformation=");
- if (rv != 0) return rv;
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- iv = 0;
- while (src->rawCerts[iv] != NULL)
- iv++;
- fprintf(out, "pkcs7.certificateListLength=%d\n", iv);
-
- iv = 0;
- while ((aCert = src->rawCerts[iv]) != NULL) {
- sprintf(om, "certificate[%d].", iv++);
- rv = sv_PrintSignedData(out, aCert, om, sv_PrintCertificate);
- if (rv) return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- iv = 0;
- while (src->crls[iv] != NULL) iv++;
- fprintf(out, "pkcs7.signedRevocationLists=%d\n", iv);
- iv = 0;
- while ((aCrl = src->crls[iv]) != NULL) {
- sprintf(om, "signedRevocationList[%d].", iv);
- fprintf(out, om);
- sv_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "signatureAlgorithm=");
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- fprintf(out, om);
- sv_PrintAsHex(out, &aCrl->signatureWrap.signature, "signature=");
- sprintf(om, "certificateRevocationList[%d].", iv);
- sv_PrintCRLInfo(out, &aCrl->crl, om);
- iv++;
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- iv = 0;
- while (src->signerInfos[iv] != NULL)
- iv++;
- fprintf(out, "pkcs7.signerInformationListLength=%d\n", iv);
- iv = 0;
- while ((sigInfo = src->signerInfos[iv]) != NULL) {
- sprintf(om, "signerInformation[%d].", iv++);
- sv_PrintSignerInfo(out, sigInfo, om);
- }
- }
-
- return 0;
-}
-
-#if 0
-/*
-** secu_PrintPKCS7Enveloped
-** Pretty print a PKCS7 enveloped data type (up to version 1).
-*/
-void
-secu_PrintPKCS7Enveloped(FILE *out, SEC_PKCS7EnvelopedData *src,
- char *m, int level)
-{
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for signer information */
- int iv;
- char om[100];
-
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- secu_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7SignedEnveloped
-** Pretty print a PKCS7 singed and enveloped data type (up to version 1).
-*/
-int
-secu_PrintPKCS7SignedAndEnveloped(FILE *out,
- SEC_PKCS7SignedAndEnvelopedData *src,
- char *m, int level)
-{
- SECAlgorithmID *digAlg; /* pointer for digest algorithms */
- SECItem *aCert; /* pointer for certificate */
- CERTSignedCrl *aCrl; /* pointer for certificate revocation list */
- SEC_PKCS7SignerInfo *sigInfo; /* pointer for signer information */
- SEC_PKCS7RecipientInfo *recInfo; /* pointer for recipient information */
- int rv, iv;
- char om[100];
-
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
- /* Parse and list recipients (this is not optional) */
- if (src->recipientInfos != NULL) {
- secu_Indent(out, level + 1);
- fprintf(out, "Recipient Information List:\n");
- iv = 0;
- while ((recInfo = src->recipientInfos[iv++]) != NULL) {
- sprintf(om, "Recipient Information (%x)", iv);
- secu_PrintRecipientInfo(out, recInfo, om, level + 2);
- }
- }
-
- /* Parse and list digest algorithms (if any) */
- if (src->digestAlgorithms != NULL) {
- secu_Indent(out, level + 1); fprintf(out, "Digest Algorithm List:\n");
- iv = 0;
- while ((digAlg = src->digestAlgorithms[iv++]) != NULL) {
- sprintf(om, "Digest Algorithm (%x)", iv);
- sv_PrintAlgorithmID(out, digAlg, om);
- }
- }
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-
- /* Parse and list certificates (if any) */
- if (src->rawCerts != NULL) {
- secu_Indent(out, level + 1); fprintf(out, "Certificate List:\n");
- iv = 0;
- while ((aCert = src->rawCerts[iv++]) != NULL) {
- sprintf(om, "Certificate (%x)", iv);
- rv = SECU_PrintSignedData(out, aCert, om, level + 2,
- SECU_PrintCertificate);
- if (rv)
- return rv;
- }
- }
-
- /* Parse and list CRL's (if any) */
- if (src->crls != NULL) {
- secu_Indent(out, level + 1);
- fprintf(out, "Signed Revocation Lists:\n");
- iv = 0;
- while ((aCrl = src->crls[iv++]) != NULL) {
- sprintf(om, "Signed Revocation List (%x)", iv);
- secu_Indent(out, level + 2); fprintf(out, "%s:\n", om);
- sv_PrintAlgorithmID(out, &aCrl->signatureWrap.signatureAlgorithm,
- "Signature Algorithm");
- DER_ConvertBitString(&aCrl->signatureWrap.signature);
- sv_PrintAsHex(out, &aCrl->signatureWrap.signature, "Signature",
- level+3);
- SECU_PrintCRLInfo(out, &aCrl->crl, "Certificate Revocation List",
- level + 3);
- }
- }
-
- /* Parse and list signatures (if any) */
- if (src->signerInfos != NULL) {
- secu_Indent(out, level + 1);
- fprintf(out, "Signer Information List:\n");
- iv = 0;
- while ((sigInfo = src->signerInfos[iv++]) != NULL) {
- sprintf(om, "Signer Information (%x)", iv);
- secu_PrintSignerInfo(out, sigInfo, om, level + 2);
- }
- }
-
- return 0;
-}
-
-PR_IMPLEMENT(int)
-SECU_PrintCrl (FILE *out, SECItem *der, char *m, int level)
-{
- PRArenaPool *arena = NULL;
- CERTCrl *c = NULL;
- int rv;
-
- do {
- /* Decode CRL */
- c = (CERTCrl*) PORT_ZAlloc(sizeof(CERTCrl));
- if (!c) {
- rv = PORT_GetError();
- break;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- rv = SEC_ERROR_NO_MEMORY;
- break;
- }
-
- rv = SEC_ASN1DecodeItem(arena, c, CERT_CrlTemplate, der);
- if (rv != SECSuccess)
- break;
- SECU_PrintCRLInfo (out, c, m, level);
- } while (0);
- PORT_FreeArena (arena, PR_FALSE);
- PORT_Free (c);
- return (rv);
-}
-
-/*
-** secu_PrintPKCS7Encrypted
-** Pretty print a PKCS7 encrypted data type (up to version 1).
-*/
-void
-secu_PrintPKCS7Encrypted(FILE *out, SEC_PKCS7EncryptedData *src,
- char *m, int level)
-{
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
- secu_PrintPKCS7EncContent(out, &src->encContentInfo,
- "Encrypted Content Information", level + 1);
-}
-
-/*
-** secu_PrintPKCS7Digested
-** Pretty print a PKCS7 digested data type (up to version 1).
-*/
-void
-sv_PrintPKCS7Digested(FILE *out, SEC_PKCS7DigestedData *src)
-{
- secu_Indent(out, level); fprintf(out, "%s:\n", m);
- sv_PrintInteger(out, &(src->version), "Version", level + 1);
-
- sv_PrintAlgorithmID(out, &src->digestAlg, "Digest Algorithm");
- sv_PrintPKCS7ContentInfo(out, &src->contentInfo, "Content Information",
- level + 1);
- sv_PrintAsHex(out, &src->digest, "Digest", level + 1);
-}
-
-#endif
-
-/*
-** secu_PrintPKCS7ContentInfo
-** Takes a SEC_PKCS7ContentInfo type and sends the contents to the
-** appropriate function
-*/
-int
-sv_PrintPKCS7ContentInfo(FILE *out, SEC_PKCS7ContentInfo *src, char *m)
-{
- char *desc;
- SECOidTag kind;
- int rv;
-
- if (src->contentTypeTag == NULL)
- src->contentTypeTag = SECOID_FindOID(&(src->contentType));
-
- if (src->contentTypeTag == NULL) {
- desc = "Unknown";
- kind = SEC_OID_PKCS7_DATA;
- } else {
- desc = src->contentTypeTag->desc;
- kind = src->contentTypeTag->offset;
- }
-
- fprintf(out, "%s%s\n", m, desc);
-
- if (src->content.data == NULL) {
- fprintf(out, "pkcs7.data=<no content>\n");
- return 0;
- }
-
- rv = 0;
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA: /* Signed Data */
- rv = sv_PrintPKCS7Signed(out, src->content.signedData);
- break;
-
- case SEC_OID_PKCS7_ENVELOPED_DATA: /* Enveloped Data */
- fprintf(out, "pkcs7EnvelopedData=<unsupported>\n");
- /*sv_PrintPKCS7Enveloped(out, src->content.envelopedData);*/
- break;
-
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA: /* Signed and Enveloped */
- fprintf(out, "pkcs7SignedEnvelopedData=<unsupported>\n");
- /*rv = sv_PrintPKCS7SignedAndEnveloped(out,
- src->content.signedAndEnvelopedData);*/
- break;
-
- case SEC_OID_PKCS7_DIGESTED_DATA: /* Digested Data */
- fprintf(out, "pkcs7DigestedData=<unsupported>\n");
- /*sv_PrintPKCS7Digested(out, src->content.digestedData);*/
- break;
-
- case SEC_OID_PKCS7_ENCRYPTED_DATA: /* Encrypted Data */
- fprintf(out, "pkcs7EncryptedData=<unsupported>\n");
- /*sv_PrintPKCS7Encrypted(out, src->content.encryptedData);*/
- break;
-
- default:
- fprintf(out, "pkcs7UnknownData=<unsupported>\n");
- /*sv_PrintAsHex(out, src->content.data);*/
- break;
- }
-
- return rv;
-}
-
-
-int
-SV_PrintPKCS7ContentInfo(FILE *out, SECItem *der)
-{
- SEC_PKCS7ContentInfo *cinfo;
- int rv = -1;
-
- cinfo = SEC_PKCS7DecodeItem(der, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
-
- if (cinfo != NULL) {
- rv = sv_PrintPKCS7ContentInfo(out, cinfo, "pkcs7.contentInfo=");
- SEC_PKCS7DestroyContentInfo(cinfo);
- }
-
- return rv;
-}
-/*
-** End of PKCS7 functions
-*/
diff --git a/security/nss/cmd/signver/signver.c b/security/nss/cmd/signver/signver.c
deleted file mode 100644
index c66d80017..000000000
--- a/security/nss/cmd/signver/signver.c
+++ /dev/null
@@ -1,450 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secutil.h"
-#include "secmod.h"
-#include "cert.h"
-#include "secoid.h"
-#include "nss.h"
-
-/* NSPR 2.0 header files */
-#include "prinit.h"
-#include "prprf.h"
-#include "prsystem.h"
-#include "prmem.h"
-/* Portable layer header files */
-#include "plstr.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-
-static int debugInfo = 0;
-
-static char *usageInfo[] = {
- "Options:",
- " -a signature file is ASCII",
- " -d certdir directory containing cert database",
- " -i dataFileName input file name containing data,",
- " leave filename blank to use stdin",
- " -s signatureFileName input file name containing signature,",
- " leave filename blank to use stdin",
- " -o outputFileName output file name, default stdout",
- " -A display all information from pkcs #7",
- " -C display all information from all certs",
- " -C -n display number of certificates",
- " -C -n certNum display all information from the certNum",
- " certificate in pkcs #7 signed object",
- " -C -n certNum f1 ... fN display information about specified",
- " fields from the certNum certificate in",
- " the pkcs #7 signed object",
- " -S display signer information list",
- " -S -n display number of signer information blocks",
- " -S -n signerNum display all information from the signerNum",
- " signer information block in pkcs #7",
- " -S -n signerNum f1 ... fN display information about specified",
- " fields from the signerNum signer",
- " information block in pkcs #7 object",
- " -V verify the signed object and display result",
- " -V -v verify the signed object and display",
- " result and reason for failure",
- "Version 2.0"
-};
-static int nUsageInfo = sizeof(usageInfo)/sizeof(char *);
-
-extern int SV_PrintPKCS7ContentInfo(FILE *, SECItem *);
-
-static void Usage(char *progName, FILE *outFile)
-{
- int i;
- fprintf(outFile, "Usage: %s options\n", progName);
- for (i = 0; i < nUsageInfo; i++)
- fprintf(outFile, "%s\n", usageInfo[i]);
- exit(-1);
-}
-
-static HASH_HashType
-AlgorithmToHashType(SECAlgorithmID *digestAlgorithms)
-{
- SECOidTag tag;
-
- tag = SECOID_GetAlgorithmTag(digestAlgorithms);
-
- switch (tag) {
- case SEC_OID_MD2:
- if (debugInfo) PR_fprintf(PR_STDERR, "Hash algorithm: HASH_AlgMD2 SEC_OID_MD2\n");
- return HASH_AlgMD2;
- case SEC_OID_MD5:
- if (debugInfo) PR_fprintf(PR_STDERR, "Hash algorithm: HASH_AlgMD5 SEC_OID_MD5\n");
- return HASH_AlgMD5;
- case SEC_OID_SHA1:
- if (debugInfo) PR_fprintf(PR_STDERR, "Hash algorithm: HASH_AlgSHA1 SEC_OID_SHA1\n");
- return HASH_AlgSHA1;
- default:
- if (debugInfo) PR_fprintf(PR_STDERR, "should never get here\n");
- return HASH_AlgNULL;
- }
-}
-
-
-static int
-DigestData (unsigned char *digest, unsigned char *data,
- unsigned int *len, unsigned int maxLen,
- HASH_HashType hashType)
-{
- const SECHashObject *hashObj;
- void *hashcx;
-
- hashObj = HASH_GetHashObject(hashType);
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return -1;
-
- (* hashObj->begin)(hashcx);
- (* hashObj->update)(hashcx, data, PORT_Strlen((char *)data));
- (* hashObj->end)(hashcx, digest, len, maxLen);
- (* hashObj->destroy)(hashcx, PR_TRUE);
-
- return 0;
-}
-
-enum {
- cmd_DisplayAllPCKS7Info = 0,
- cmd_DisplayCertInfo,
- cmd_DisplaySignerInfo,
- cmd_VerifySignedObj
-};
-
-enum {
- opt_ASCII,
- opt_CertDir,
- opt_InputDataFile,
- opt_ItemNumber,
- opt_OutputFile,
- opt_InputSigFile,
- opt_TypeTag,
- opt_PrintWhyFailure
-};
-
-static secuCommandFlag signver_commands[] =
-{
- { /* cmd_DisplayAllPCKS7Info*/ 'A', PR_FALSE, 0, PR_FALSE },
- { /* cmd_DisplayCertInfo */ 'C', PR_FALSE, 0, PR_FALSE },
- { /* cmd_DisplaySignerInfo */ 'S', PR_FALSE, 0, PR_FALSE },
- { /* cmd_VerifySignedObj */ 'V', PR_FALSE, 0, PR_FALSE }
-};
-
-static secuCommandFlag signver_options[] =
-{
- { /* opt_ASCII */ 'a', PR_FALSE, 0, PR_FALSE },
- { /* opt_CertDir */ 'd', PR_TRUE, 0, PR_FALSE },
- { /* opt_InputDataFile */ 'i', PR_TRUE, 0, PR_FALSE },
- { /* opt_ItemNumber */ 'n', PR_FALSE, 0, PR_FALSE },
- { /* opt_OutputFile */ 'o', PR_TRUE, 0, PR_FALSE },
- { /* opt_InputSigFile */ 's', PR_TRUE, 0, PR_FALSE },
- { /* opt_TypeTag */ 't', PR_TRUE, 0, PR_FALSE },
- { /* opt_PrintWhyFailure */ 'v', PR_FALSE, 0, PR_FALSE }
-};
-
-int main(int argc, char **argv)
-{
- PRExplodedTime explodedCurrent;
- SECItem der, data;
- char *progName;
- int rv;
- PRFileDesc *dataFile = 0;
- PRFileDesc *signFile = 0;
- FILE *outFile = stdout;
- char *typeTag = 0;
- PRBool displayAllCerts = PR_FALSE;
- PRBool displayAllSigners = PR_FALSE;
- PRFileInfo info;
- PRInt32 nb;
- SECStatus secstatus;
-
- secuCommand signver;
- signver.numCommands = sizeof(signver_commands) /sizeof(secuCommandFlag);
- signver.numOptions = sizeof(signver_options) / sizeof(secuCommandFlag);
- signver.commands = signver_commands;
- signver.options = signver_options;
-
-#ifdef XP_PC
- progName = strrchr(argv[0], '\\');
-#else
- progName = strrchr(argv[0], '/');
-#endif
- progName = progName ? progName+1 : argv[0];
-
- /*_asm int 3*/
-
- PR_ExplodeTime(PR_Now(), PR_LocalTimeParameters, &explodedCurrent);
-#if 0
- if (explodedCurrent.tm_year >= 1998
- && explodedCurrent.tm_month >= 5 /* months past tm_year (0-11, Jan = 0) */
- && explodedCurrent.tm_mday >= 1) {
- PR_fprintf(PR_STDERR, "%s: expired\n", progName);
- return -1;
- }
-#endif
-
- SECU_ParseCommandLine(argc, argv, progName, &signver);
-
- /* Set the certdb directory (default is ~/.{browser}) */
- SECU_ConfigDirectory(signver.options[opt_CertDir].arg);
-
- /* Set the certificate type. */
- typeTag = SECU_GetOptionArg(&signver, opt_TypeTag);
-
- /* -i and -s without filenames */
- if (signver.options[opt_InputDataFile].activated &&
- signver.options[opt_InputSigFile].activated &&
- !signver.options[opt_InputDataFile].arg &&
- !signver.options[opt_InputSigFile].arg)
- PR_fprintf(PR_STDERR,
- "%s: Only data or signature file can use stdin (not both).\n",
- progName);
-
- /* Open the input data file (no arg == use stdin). */
- if (signver.options[opt_InputDataFile].activated) {
- if (signver.options[opt_InputDataFile].arg)
- dataFile = PR_Open(signver.options[opt_InputDataFile].arg,
- PR_RDONLY, 0);
- else
- dataFile = PR_STDIN;
- if (!dataFile) {
- PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading.\n",
- progName, signver.options[opt_InputDataFile].arg);
- return -1;
- }
- }
-
- /* Open the input signature file (no arg == use stdin). */
- if (signver.options[opt_InputSigFile].activated) {
- if (signver.options[opt_InputSigFile].arg)
- signFile = PR_Open(signver.options[opt_InputSigFile].arg,
- PR_RDONLY, 0);
- else
- signFile = PR_STDIN;
- if (!signFile) {
- PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for reading.\n",
- progName, signver.options[opt_InputSigFile].arg);
- return -1;
- }
- }
-
-#if 0
- if (!typeTag) ascii = 1;
-#endif
-
- /* Open|Create the output file. */
- if (signver.options[opt_OutputFile].activated) {
- outFile = fopen(signver.options[opt_OutputFile].arg, "w");
- /*
- outFile = PR_Open(signver.options[opt_OutputFile].arg,
- PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE, 00660);
- */
- if (!outFile) {
- PR_fprintf(PR_STDERR, "%s: unable to open \"%s\" for writing.\n",
- progName, signver.options[opt_OutputFile].arg);
- return -1;
- }
- }
-
- if (signver.commands[cmd_DisplayCertInfo].activated &&
- !signver.options[opt_ItemNumber].arg)
- displayAllCerts = PR_TRUE;
-
- if (signver.commands[cmd_DisplaySignerInfo].activated &&
- !signver.options[opt_ItemNumber].arg)
- displayAllSigners = PR_TRUE;
-
-#if 0
- case 'W':
- debugInfo = 1;
- break;
-#endif
-
- if (!signFile && !dataFile && !typeTag)
- Usage(progName, outFile);
-
- if (!signFile && !dataFile &&
- signver.commands[cmd_VerifySignedObj].activated) {
- PR_fprintf(PR_STDERR,
- "%s: unable to read all data from standard input\n",
- progName);
- return -1;
- }
-
- PR_SetError(0, 0); /* PR_Init("pp", 1, 1, 0);*/
- secstatus = NSS_Init(SECU_ConfigDirectory(NULL));
- if (secstatus != SECSuccess) {
- SECU_PrintPRandOSError(progName);
- return -1;
- }
-
- rv = SECU_ReadDERFromFile(&der, signFile,
- signver.options[opt_ASCII].activated);
-
- /* Data is untyped, using the specified type */
- data.data = der.data;
- data.len = der.len;
-
-
- /* Signature Verification */
- if (!signver.options[opt_TypeTag].activated) {
- if (signver.commands[cmd_VerifySignedObj].activated) {
- SEC_PKCS7ContentInfo *cinfo;
-
- cinfo = SEC_PKCS7DecodeItem(&data, NULL, NULL, NULL, NULL,
- NULL, NULL, NULL);
- if (cinfo != NULL) {
-#if 0
- if (debugInfo) {
- PR_fprintf(PR_STDERR, "Content %s encrypted.\n",
- SEC_PKCS7ContentIsEncrypted(cinfo) ? "was" : "was not");
-
- PR_fprintf(PR_STDERR, "Content %s signed.\n",
- SEC_PKCS7ContentIsSigned(cinfo) ? "was" : "was not");
- }
-#endif
-
- if (SEC_PKCS7ContentIsSigned(cinfo)) {
- SEC_PKCS7SignedData *signedData;
- HASH_HashType digestType;
- SECItem digest, data;
- unsigned char *dataToVerify, digestBuffer[32];
-
- signedData = cinfo->content.signedData;
-
- /* assume that there is only one digest algorithm for now */
- digestType =
- AlgorithmToHashType(signedData->digestAlgorithms[0]);
- if (digestType == HASH_AlgNULL) {
- PR_fprintf(PR_STDERR, "Invalid hash algorithmID\n");
- return (-1);
- }
- rv = SECU_FileToItem(&data, dataFile);
- dataToVerify = data.data;
- if (dataToVerify) {
- /*certUsageObjectSigner;*/
- SECCertUsage usage = certUsageEmailSigner;
-
-
-#if 0
- if (debugInfo)
- PR_fprintf(PR_STDERR, "dataToVerify=%s\n",
- dataToVerify);
-#endif
- digest.data = digestBuffer;
- if (DigestData (digest.data, dataToVerify,
- &digest.len, 32, digestType)) {
- PR_fprintf(PR_STDERR, "Fail to compute message digest for verification. Reason: %s\n",
- SECU_ErrorString((int16)PORT_GetError()));
- return (-1);
- }
-#if 0
- if (debugInfo) {
- PR_fprintf(PR_STDERR, "Data Digest=:");
- for (i = 0; i < digest.len; i++)
- PR_fprintf(PR_STDERR, "%02x:", digest.data[i]);
- PR_fprintf(PR_STDERR, "\n");
- }
-#endif
-
-
- if (signver.commands[cmd_VerifySignedObj].activated)
- fprintf(outFile, "signatureValid=");
- PORT_SetError(0);
- if (SEC_PKCS7VerifyDetachedSignature (cinfo, usage,
- &digest, digestType, PR_FALSE)) {
- if (signver.commands[cmd_VerifySignedObj].activated)
- fprintf(outFile, "yes");
- } else {
- if (signver.commands[cmd_VerifySignedObj].activated){
- fprintf(outFile, "no");
- if (signver.options[opt_PrintWhyFailure].activated)
- fprintf(outFile, ":%s", SECU_ErrorString((int16)PORT_GetError()));
- }
- }
- if (signver.commands[cmd_VerifySignedObj].activated)
- fprintf(outFile, "\n");
-
- SECITEM_FreeItem(&data, PR_FALSE);
- } else {
- PR_fprintf(PR_STDERR, "Cannot read data\n");
- return (-1);
- }
- }
-
- SEC_PKCS7DestroyContentInfo(cinfo);
- } else
- PR_fprintf(PR_STDERR, "Unable to decode PKCS7 data\n");
- }
-
- if (signver.commands[cmd_DisplayAllPCKS7Info].activated)
- SV_PrintPKCS7ContentInfo(outFile, &data);
-
- if (displayAllCerts)
- PR_fprintf(PR_STDERR, "-C option is not implemented in this version\n");
-
- if (displayAllSigners)
- PR_fprintf(PR_STDERR, "-S option is not implemented in this version\n");
-
- /* Pretty print it */
- } else if (PL_strcmp(typeTag, SEC_CT_CERTIFICATE) == 0) {
- rv = SECU_PrintSignedData(outFile, &data, "Certificate", 0,
- SECU_PrintCertificate);
- } else if (PL_strcmp(typeTag, SEC_CT_CERTIFICATE_REQUEST) == 0) {
- rv = SECU_PrintSignedData(outFile, &data, "Certificate Request", 0,
- SECU_PrintCertificateRequest);
- } else if (PL_strcmp (typeTag, SEC_CT_CRL) == 0) {
- rv = SECU_PrintSignedData (outFile, &data, "CRL", 0, SECU_PrintCrl);
-#ifdef HAVE_EPK_TEMPLATE
- } else if (PL_strcmp(typeTag, SEC_CT_PRIVATE_KEY) == 0) {
- rv = SECU_PrintPrivateKey(outFile, &data, "Private Key", 0);
-#endif
- } else if (PL_strcmp(typeTag, SEC_CT_PUBLIC_KEY) == 0) {
- rv = SECU_PrintPublicKey(outFile, &data, "Public Key", 0);
- } else if (PL_strcmp(typeTag, SEC_CT_PKCS7) == 0) {
- rv = SECU_PrintPKCS7ContentInfo(outFile, &data,
- "PKCS #7 Content Info", 0);
- } else {
- PR_fprintf(PR_STDERR, "%s: don't know how to print out '%s' files\n",
- progName, typeTag);
- return -1;
- }
-
- if (rv) {
- PR_fprintf(PR_STDERR, "%s: problem converting data (%s)\n",
- progName, SECU_ErrorString((int16)PORT_GetError()));
- return -1;
- }
- return 0;
-}
diff --git a/security/nss/cmd/smimetools/Makefile b/security/nss/cmd/smimetools/Makefile
deleted file mode 100644
index 9e3263d43..000000000
--- a/security/nss/cmd/smimetools/Makefile
+++ /dev/null
@@ -1,73 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include rules.mk
-
-include ../platrules.mk
diff --git a/security/nss/cmd/smimetools/cmsutil.c b/security/nss/cmd/smimetools/cmsutil.c
deleted file mode 100644
index 1ca382fc4..000000000
--- a/security/nss/cmd/smimetools/cmsutil.c
+++ /dev/null
@@ -1,1357 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * cmsutil -- A command to work with CMS data
- *
- * $Id$
- */
-
-#include "nspr.h"
-#include "secutil.h"
-#include "plgetopt.h"
-#include "secpkcs7.h"
-#include "cert.h"
-#include "certdb.h"
-#include "secoid.h"
-#include "cms.h"
-#include "nss.h"
-#include "smime.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-
-#if defined(_WIN32)
-#include "fcntl.h"
-#include "io.h"
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-extern void SEC_Init(void); /* XXX */
-char *progName = NULL;
-static int cms_verbose = 0;
-
-/* XXX stolen from cmsarray.c
- * nss_CMSArray_Count - count number of elements in array
- */
-int
-nss_CMSArray_Count(void **array)
-{
- int n = 0;
- if (array == NULL)
- return 0;
- while (*array++ != NULL)
- n++;
- return n;
-}
-
-static SECStatus
-DigestFile(PLArenaPool *poolp, SECItem ***digests, SECItem *input,
- SECAlgorithmID **algids)
-{
- NSSCMSDigestContext *digcx;
-
- digcx = NSS_CMSDigestContext_StartMultiple(algids);
- if (digcx == NULL)
- return SECFailure;
-
- NSS_CMSDigestContext_Update(digcx, input->data, input->len);
-
- return NSS_CMSDigestContext_FinishMultiple(digcx, poolp, digests);
-}
-
-
-static void
-Usage(char *progName)
-{
- fprintf(stderr, "Usage: %s [-D|-S|-E] [<options>] [-d dbdir] [-u certusage]\n", progName);
- fprintf(stderr, " -i infile use infile as source of data (default: stdin)\n");
- fprintf(stderr, " -o outfile use outfile as destination of data (default: stdout)\n");
- fprintf(stderr, " -d dbdir key/cert database directory (default: ~/.netscape)\n");
- fprintf(stderr, " -p password use password as key db password (default: prompt)\n");
- fprintf(stderr, " -u certusage set type of certificate usage (default: certUsageEmailSigner)\n");
- fprintf(stderr, "\n");
- fprintf(stderr, " -D decode a CMS message\n");
- fprintf(stderr, " -c content use this detached content\n");
- fprintf(stderr, " -n suppress output of content\n");
- fprintf(stderr, " -h num generate email headers with info about CMS message\n");
- fprintf(stderr, " -S create a CMS signed message\n");
- fprintf(stderr, " -N nick use certificate named \"nick\" for signing\n");
- fprintf(stderr, " -T do not include content in CMS message\n");
- fprintf(stderr, " -G include a signing time attribute\n");
- fprintf(stderr, " -P include a SMIMECapabilities attribute\n");
- fprintf(stderr, " -Y nick include a EncryptionKeyPreference attribute with cert\n");
- fprintf(stderr, " -E create a CMS enveloped message (NYI)\n");
- fprintf(stderr, " -r id,... create envelope for these recipients,\n");
- fprintf(stderr, " where id can be a certificate nickname or email address\n");
- fprintf(stderr, " -v print debugging information\n");
- fprintf(stderr, "\nCert usage codes:\n");
- fprintf(stderr, "%-25s 0 - certUsageSSLClient\n", " ");
- fprintf(stderr, "%-25s 1 - certUsageSSLServer\n", " ");
- fprintf(stderr, "%-25s 2 - certUsageSSLServerWithStepUp\n", " ");
- fprintf(stderr, "%-25s 3 - certUsageSSLCA\n", " ");
- fprintf(stderr, "%-25s 4 - certUsageEmailSigner\n", " ");
- fprintf(stderr, "%-25s 5 - certUsageEmailRecipient\n", " ");
- fprintf(stderr, "%-25s 6 - certUsageObjectSigner\n", " ");
- fprintf(stderr, "%-25s 7 - certUsageUserCertImport\n", " ");
- fprintf(stderr, "%-25s 8 - certUsageVerifyCA\n", " ");
- fprintf(stderr, "%-25s 9 - certUsageProtectedObjectSigner\n", " ");
- fprintf(stderr, "%-25s 10 - certUsageStatusResponder\n", " ");
- fprintf(stderr, "%-25s 11 - certUsageAnyCA\n", " ");
-
- exit(-1);
-}
-
-char *
-ownpw(PK11SlotInfo *info, PRBool retry, void *arg)
-{
- char * passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PL_strdup((char *)arg);
- }
-
- return passwd;
-}
-
-struct optionsStr {
- char *password;
- SECCertUsage certUsage;
- CERTCertDBHandle *certHandle;
-};
-
-struct decodeOptionsStr {
- struct optionsStr *options;
- PRFileDesc *contentFile;
- int headerLevel;
- PRBool suppressContent;
- NSSCMSGetDecryptKeyCallback dkcb;
- PK11SymKey *bulkkey;
-};
-
-struct signOptionsStr {
- struct optionsStr *options;
- char *nickname;
- char *encryptionKeyPreferenceNick;
- PRBool signingTime;
- PRBool smimeProfile;
- PRBool detached;
-};
-
-struct envelopeOptionsStr {
- struct optionsStr *options;
- char **recipients;
-};
-
-struct certsonlyOptionsStr {
- struct optionsStr *options;
- char **recipients;
-};
-
-struct encryptOptionsStr {
- struct optionsStr *options;
- char **recipients;
- NSSCMSMessage *envmsg;
- SECItem *input;
- FILE *outfile;
- PRFileDesc *envFile;
- PK11SymKey *bulkkey;
- SECOidTag bulkalgtag;
- int keysize;
-};
-
-static NSSCMSMessage *
-decode(FILE *out, SECItem *output, SECItem *input,
- struct decodeOptionsStr *decodeOptions)
-{
- NSSCMSDecoderContext *dcx;
- NSSCMSMessage *cmsg;
- NSSCMSContentInfo *cinfo;
- NSSCMSSignedData *sigd = NULL;
- NSSCMSEnvelopedData *envd;
- NSSCMSEncryptedData *encd;
- SECAlgorithmID **digestalgs;
- int nlevels, i, nsigners, j;
- char *signercn;
- NSSCMSSignerInfo *si;
- SECOidTag typetag;
- SECItem **digests;
- PLArenaPool *poolp;
- PK11PasswordFunc pwcb;
- void *pwcb_arg;
- SECItem *item, sitem = { 0, 0, 0 };
-
- pwcb = (decodeOptions->options->password != NULL) ? ownpw : NULL;
- pwcb_arg = (decodeOptions->options->password != NULL) ?
- (void *)decodeOptions->options->password : NULL;
-
- if (decodeOptions->contentFile) {
- /* detached content: grab content file */
- SECU_FileToItem(&sitem, decodeOptions->contentFile);
- item = &sitem;
- }
-
- dcx = NSS_CMSDecoder_Start(NULL,
- NULL, NULL, /* content callback */
- pwcb, pwcb_arg, /* password callback */
- decodeOptions->dkcb, /* decrypt key callback */
- decodeOptions->bulkkey);
- (void)NSS_CMSDecoder_Update(dcx, (char *)input->data, input->len);
- cmsg = NSS_CMSDecoder_Finish(dcx);
- if (cmsg == NULL) {
- fprintf(stderr, "%s: failed to decode message.\n", progName);
- return NULL;
- }
-
- if (decodeOptions->headerLevel >= 0) {
- /*fprintf(out, "SMIME: ", decodeOptions->headerLevel, i);*/
- fprintf(out, "SMIME: ");
- }
-
- nlevels = NSS_CMSMessage_ContentLevelCount(cmsg);
- for (i = 0; i < nlevels; i++) {
- cinfo = NSS_CMSMessage_ContentLevel(cmsg, i);
- typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "\tlevel=%d.%d; ", decodeOptions->headerLevel, nlevels - i);
-
- switch (typetag) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "type=signedData; ");
- sigd = (NSSCMSSignedData *)NSS_CMSContentInfo_GetContent(cinfo);
- if (sigd == NULL) {
- SECU_PrintError(progName,
- "problem finding signedData component");
- goto loser;
- }
-
- /* if we have a content file, but no digests for this signedData */
- if (decodeOptions->contentFile != NULL && !NSS_CMSSignedData_HasDigests(sigd)) {
- if ((poolp = PORT_NewArena(1024)) == NULL) {
- fprintf(stderr, "cmsutil: Out of memory.\n");
- goto loser;
- }
- digestalgs = NSS_CMSSignedData_GetDigestAlgs(sigd);
- if (DigestFile (poolp, &digests, item, digestalgs)
- != SECSuccess) {
- SECU_PrintError(progName,
- "problem computing message digest");
- goto loser;
- }
- if (NSS_CMSSignedData_SetDigests(sigd, digestalgs, digests) != SECSuccess) {
-
- SECU_PrintError(progName,
- "problem setting message digests");
- goto loser;
- }
- PORT_FreeArena(poolp, PR_FALSE);
- }
-
- /* import the certificates */
- if (NSS_CMSSignedData_ImportCerts(sigd,
- decodeOptions->options->certHandle,
- decodeOptions->options->certUsage,
- PR_FALSE)
- != SECSuccess) {
- SECU_PrintError(progName, "cert import failed");
- goto loser;
- }
-
- /* find out about signers */
- nsigners = NSS_CMSSignedData_SignerInfoCount(sigd);
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "nsigners=%d; ", nsigners);
- if (nsigners == 0) {
- /* must be a cert transport message */
- SECStatus rv;
- /* XXX workaround for bug #54014 */
- NSS_CMSSignedData_ImportCerts(sigd,
- decodeOptions->options->certHandle,
- decodeOptions->options->certUsage,
- PR_TRUE);
- rv = NSS_CMSSignedData_VerifyCertsOnly(sigd,
- decodeOptions->options->certHandle,
- decodeOptions->options->certUsage);
- if (rv != SECSuccess) {
- fprintf(stderr, "cmsutil: Verify certs-only failed!\n");
- goto loser;
- }
- return cmsg;
- }
-
- /* still no digests? */
- if (!NSS_CMSSignedData_HasDigests(sigd)) {
- SECU_PrintError(progName, "no message digests");
- goto loser;
- }
-
- for (j = 0; j < nsigners; j++) {
- si = NSS_CMSSignedData_GetSignerInfo(sigd, j);
- signercn = NSS_CMSSignerInfo_GetSignerCommonName(si);
- if (signercn == NULL)
- signercn = "";
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "\n\t\tsigner%d.id=\"%s\"; ", j, signercn);
- (void)NSS_CMSSignedData_VerifySignerInfo(sigd, j,
- decodeOptions->options->certHandle,
- decodeOptions->options->certUsage);
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "signer%d.status=%s; ", j,
- NSS_CMSUtil_VerificationStatusToString(
- NSS_CMSSignerInfo_GetVerificationStatus(si)));
- /* XXX what do we do if we don't print headers? */
- }
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "type=envelopedData; ");
- envd = (NSSCMSEnvelopedData *)NSS_CMSContentInfo_GetContent(cinfo);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "type=encryptedData; ");
- encd = (NSSCMSEncryptedData *)NSS_CMSContentInfo_GetContent(cinfo);
- break;
- case SEC_OID_PKCS7_DATA:
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "type=data; ");
- break;
- default:
- break;
- }
- if (decodeOptions->headerLevel >= 0)
- fprintf(out, "\n");
- }
-
- if (!decodeOptions->suppressContent) {
- if (!decodeOptions->contentFile)
- item = NSS_CMSMessage_GetContent(cmsg);
- SECITEM_CopyItem(NULL, output, item);
- }
-
- return cmsg;
-loser:
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
-}
-
-/* example of a callback function to use with encoder */
-/*
-static void
-writeout(void *arg, const char *buf, unsigned long len)
-{
- FILE *f = (FILE *)arg;
-
- if (f != NULL && buf != NULL)
- (void)fwrite(buf, len, 1, f);
-}
-*/
-
-static NSSCMSMessage *
-signed_data(struct signOptionsStr *signOptions)
-{
- NSSCMSMessage *cmsg = NULL;
- NSSCMSContentInfo *cinfo;
- NSSCMSSignedData *sigd;
- NSSCMSSignerInfo *signerinfo;
- CERTCertificate *cert, *ekpcert;
-
- if (cms_verbose) {
- fprintf(stderr, "Input to signed_data:\n");
- if (signOptions->options->password)
- fprintf(stderr, "password [%s]\n", signOptions->options->password);
- else
- fprintf(stderr, "password [NULL]\n");
- fprintf(stderr, "certUsage [%d]\n", signOptions->options->certUsage);
- if (signOptions->options->certHandle)
- fprintf(stderr, "certdb [%x]\n", signOptions->options->certHandle);
- else
- fprintf(stderr, "certdb [NULL]\n");
- if (signOptions->nickname)
- fprintf(stderr, "nickname [%s]\n", signOptions->nickname);
- else
- fprintf(stderr, "nickname [NULL]\n");
- }
- if (signOptions->nickname == NULL) {
- fprintf(stderr,
- "ERROR: please indicate the nickname of a certificate to sign with.\n");
- return NULL;
- }
- if ((cert = CERT_FindCertByNickname(signOptions->options->certHandle,
- signOptions->nickname)) == NULL) {
- SECU_PrintError(progName,
- "the corresponding cert for key \"%s\" does not exist",
- signOptions->nickname);
- return NULL;
- }
- if (cms_verbose) {
- fprintf(stderr, "Found certificate for %s\n", signOptions->nickname);
- }
- /*
- * create the message object
- */
- cmsg = NSS_CMSMessage_Create(NULL); /* create a message on its own pool */
- if (cmsg == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS message.\n");
- return NULL;
- }
- /*
- * build chain of objects: message->signedData->data
- */
- if ((sigd = NSS_CMSSignedData_Create(cmsg)) == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS signedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
- if (NSS_CMSContentInfo_SetContent_SignedData(cmsg, cinfo, sigd)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS signedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSSignedData_GetContentInfo(sigd);
- /* we're always passing data in and detaching optionally */
- if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL,
- signOptions->detached)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
- goto loser;
- }
- /*
- * create & attach signer information
- */
- if ((signerinfo = NSS_CMSSignerInfo_Create(cmsg, cert, SEC_OID_SHA1))
- == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS signerInfo object.\n");
- goto loser;
- }
- if (cms_verbose) {
- fprintf(stderr,
- "Created CMS message, added signed data w/ signerinfo\n");
- }
- /* we want the cert chain included for this one */
- if (NSS_CMSSignerInfo_IncludeCerts(signerinfo, NSSCMSCM_CertChain,
- signOptions->options->certUsage)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot find cert chain.\n");
- goto loser;
- }
- if (cms_verbose) {
- fprintf(stderr, "imported certificate\n");
- }
- if (signOptions->signingTime) {
- if (NSS_CMSSignerInfo_AddSigningTime(signerinfo, PR_Now())
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add signingTime attribute.\n");
- goto loser;
- }
- }
- if (signOptions->smimeProfile) {
- if (NSS_CMSSignerInfo_AddSMIMECaps(signerinfo) != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add SMIMECaps attribute.\n");
- goto loser;
- }
- }
- if (signOptions->encryptionKeyPreferenceNick) {
- /* get the cert, add it to the message */
- if ((ekpcert = CERT_FindCertByNickname(signOptions->options->certHandle,
- signOptions->encryptionKeyPreferenceNick))
- == NULL) {
- SECU_PrintError(progName,
- "the corresponding cert for key \"%s\" does not exist",
- signOptions->encryptionKeyPreferenceNick);
- goto loser;
- }
- if (NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(signerinfo, ekpcert,
- signOptions->options->certHandle)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add SMIMEEncKeyPrefs attribute.\n");
- goto loser;
- }
- if (NSS_CMSSignedData_AddCertificate(sigd, ekpcert) != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add encryption certificate.\n");
- goto loser;
- }
- } else {
- /* check signing cert for fitness as encryption cert */
- /* if yes, add signing cert as EncryptionKeyPreference */
- if (NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(signerinfo, cert,
- signOptions->options->certHandle)
- != SECSuccess) {
- fprintf(stderr,
- "ERROR: cannot add default SMIMEEncKeyPrefs attribute.\n");
- goto loser;
- }
- }
- if (NSS_CMSSignedData_AddSignerInfo(sigd, signerinfo) != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add CMS signerInfo object.\n");
- goto loser;
- }
- if (cms_verbose) {
- fprintf(stderr, "created signed-date message\n");
- }
- return cmsg;
-loser:
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
-}
-
-static NSSCMSMessage *
-enveloped_data(struct envelopeOptionsStr *envelopeOptions)
-{
- NSSCMSMessage *cmsg = NULL;
- NSSCMSContentInfo *cinfo;
- NSSCMSEnvelopedData *envd;
- NSSCMSRecipientInfo *recipientinfo;
- CERTCertificate **recipientcerts;
- CERTCertDBHandle *dbhandle;
- PLArenaPool *tmppoolp = NULL;
- SECOidTag bulkalgtag;
- int keysize, i;
- int cnt;
- dbhandle = envelopeOptions->options->certHandle;
- /* count the recipients */
- if ((cnt = nss_CMSArray_Count((void **)envelopeOptions->recipients)) == 0) {
- fprintf(stderr, "ERROR: please name at least one recipient.\n");
- goto loser;
- }
- if ((tmppoolp = PORT_NewArena (1024)) == NULL) {
- fprintf(stderr, "ERROR: out of memory.\n");
- goto loser;
- }
- /* XXX find the recipient's certs by email address or nickname */
- if ((recipientcerts =
- (CERTCertificate **)PORT_ArenaZAlloc(tmppoolp,
- (cnt+1)*sizeof(CERTCertificate*)))
- == NULL) {
- fprintf(stderr, "ERROR: out of memory.\n");
- goto loser;
- }
- for (i=0; envelopeOptions->recipients[i] != NULL; i++) {
- if ((recipientcerts[i] =
- CERT_FindCertByNicknameOrEmailAddr(dbhandle,
- envelopeOptions->recipients[i]))
- == NULL) {
- SECU_PrintError(progName, "cannot find certificate for \"%s\"",
- envelopeOptions->recipients[i]);
- goto loser;
- }
- }
- recipientcerts[i] = NULL;
- /* find a nice bulk algorithm */
- if (NSS_SMIMEUtil_FindBulkAlgForRecipients(recipientcerts, &bulkalgtag,
- &keysize) != SECSuccess) {
- fprintf(stderr, "ERROR: cannot find common bulk algorithm.\n");
- goto loser;
- }
- /*
- * create the message object
- */
- cmsg = NSS_CMSMessage_Create(NULL); /* create a message on its own pool */
- if (cmsg == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS message.\n");
- goto loser;
- }
- /*
- * build chain of objects: message->envelopedData->data
- */
- if ((envd = NSS_CMSEnvelopedData_Create(cmsg, bulkalgtag, keysize))
- == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS envelopedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
- if (NSS_CMSContentInfo_SetContent_EnvelopedData(cmsg, cinfo, envd)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS envelopedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSEnvelopedData_GetContentInfo(envd);
- /* we're always passing data in, so the content is NULL */
- if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
- goto loser;
- }
- /*
- * create & attach recipient information
- */
- for (i = 0; recipientcerts[i] != NULL; i++) {
- if ((recipientinfo = NSS_CMSRecipientInfo_Create(cmsg,
- recipientcerts[i]))
- == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS recipientInfo object.\n");
- goto loser;
- }
- if (NSS_CMSEnvelopedData_AddRecipient(envd, recipientinfo)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot add CMS recipientInfo object.\n");
- goto loser;
- }
- }
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return cmsg;
-loser:
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return NULL;
-}
-
-PK11SymKey *dkcb(void *arg, SECAlgorithmID *algid)
-{
- return (PK11SymKey*)arg;
-}
-
-static SECStatus
-get_enc_params(struct encryptOptionsStr *encryptOptions)
-{
- struct envelopeOptionsStr envelopeOptions;
- SECStatus rv = SECFailure;
- NSSCMSMessage *env_cmsg;
- NSSCMSContentInfo *cinfo;
- PK11SymKey *bulkkey = NULL;
- SECOidTag bulkalgtag;
- int keysize;
- int i, nlevels;
- /*
- * construct an enveloped data message to obtain bulk keys
- */
- if (encryptOptions->envmsg) {
- env_cmsg = encryptOptions->envmsg; /* get it from an old message */
- } else {
- SECItem dummyOut = { 0, 0, 0 };
- SECItem dummyIn = { 0, 0, 0 };
- char str[] = "Hello!";
- PLArenaPool *tmparena = PORT_NewArena(1024);
- dummyIn.data = (unsigned char *)str;
- dummyIn.len = strlen(str);
- envelopeOptions.options = encryptOptions->options;
- envelopeOptions.recipients = encryptOptions->recipients;
- env_cmsg = enveloped_data(&envelopeOptions);
- NSS_CMSDEREncode(env_cmsg, &dummyIn, &dummyOut, tmparena);
- PR_Write(encryptOptions->envFile, dummyOut.data, dummyOut.len);
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- /*
- * get the content info for the enveloped data
- */
- nlevels = NSS_CMSMessage_ContentLevelCount(env_cmsg);
- for (i = 0; i < nlevels; i++) {
- SECOidTag typetag;
- cinfo = NSS_CMSMessage_ContentLevel(env_cmsg, i);
- typetag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
- if (typetag == SEC_OID_PKCS7_DATA) {
- /*
- * get the symmetric key
- */
- bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo);
- keysize = NSS_CMSContentInfo_GetBulkKeySize(cinfo);
- bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
- break;
- }
- }
- if (i == nlevels) {
- fprintf(stderr, "%s: could not retrieve enveloped data.", progName);
- goto loser;
- }
- encryptOptions->bulkalgtag = bulkalgtag;
- encryptOptions->bulkkey = bulkkey;
- encryptOptions->keysize = keysize;
- rv = SECSuccess;
-loser:
- if (env_cmsg)
- NSS_CMSMessage_Destroy(env_cmsg);
- return rv;
-}
-
-static NSSCMSMessage *
-encrypted_data(struct encryptOptionsStr *encryptOptions)
-{
- SECStatus rv = SECFailure;
- NSSCMSMessage *cmsg = NULL;
- NSSCMSContentInfo *cinfo;
- NSSCMSEncryptedData *encd;
- NSSCMSEncoderContext *ecx = NULL;
- PLArenaPool *tmppoolp = NULL;
- SECItem derOut = { 0, 0, 0 };
- /* arena for output */
- tmppoolp = PORT_NewArena(1024);
- if (!tmppoolp) {
- fprintf(stderr, "%s: out of memory.\n", progName);
- return NULL;
- }
- /*
- * create the message object
- */
- cmsg = NSS_CMSMessage_Create(NULL);
- if (cmsg == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS message.\n");
- goto loser;
- }
- /*
- * build chain of objects: message->encryptedData->data
- */
- if ((encd = NSS_CMSEncryptedData_Create(cmsg, encryptOptions->bulkalgtag,
- encryptOptions->keysize))
- == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS encryptedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
- if (NSS_CMSContentInfo_SetContent_EncryptedData(cmsg, cinfo, encd)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS encryptedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSEncryptedData_GetContentInfo(encd);
- /* we're always passing data in, so the content is NULL */
- if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
- goto loser;
- }
- ecx = NSS_CMSEncoder_Start(cmsg, NULL, NULL, &derOut, tmppoolp, NULL, NULL,
- dkcb, encryptOptions->bulkkey, NULL, NULL);
- if (!ecx) {
- fprintf(stderr, "%s: cannot create encoder context.\n", progName);
- goto loser;
- }
- rv = NSS_CMSEncoder_Update(ecx, (char *)encryptOptions->input->data,
- encryptOptions->input->len);
- if (rv) {
- fprintf(stderr, "%s: failed to add data to encoder.\n", progName);
- goto loser;
- }
- rv = NSS_CMSEncoder_Finish(ecx);
- if (rv) {
- fprintf(stderr, "%s: failed to encrypt data.\n", progName);
- goto loser;
- }
- fwrite(derOut.data, derOut.len, 1, encryptOptions->outfile);
- /*
- if (bulkkey)
- PK11_FreeSymKey(bulkkey);
- */
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return cmsg;
-loser:
- /*
- if (bulkkey)
- PK11_FreeSymKey(bulkkey);
- */
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
-}
-
-static NSSCMSMessage *
-signed_data_certsonly(struct certsonlyOptionsStr *certsonlyOptions)
-{
- NSSCMSMessage *cmsg = NULL;
- NSSCMSContentInfo *cinfo;
- NSSCMSSignedData *sigd;
- CERTCertificate **certs;
- CERTCertDBHandle *dbhandle;
- PLArenaPool *tmppoolp = NULL;
- int i, cnt;
- dbhandle = certsonlyOptions->options->certHandle;
- if ((cnt = nss_CMSArray_Count((void**)certsonlyOptions->recipients)) == 0) {
- fprintf(stderr,
- "ERROR: please indicate the nickname of a certificate to sign with.\n");
- goto loser;
- }
- if ((tmppoolp = PORT_NewArena (1024)) == NULL) {
- fprintf(stderr, "ERROR: out of memory.\n");
- goto loser;
- }
- if ((certs =
- (CERTCertificate **)PORT_ArenaZAlloc(tmppoolp,
- (cnt+1)*sizeof(CERTCertificate*)))
- == NULL) {
- fprintf(stderr, "ERROR: out of memory.\n");
- goto loser;
- }
- for (i=0; certsonlyOptions->recipients[i] != NULL; i++) {
- if ((certs[i] =
- CERT_FindCertByNicknameOrEmailAddr(dbhandle,
- certsonlyOptions->recipients[i]))
- == NULL) {
- SECU_PrintError(progName, "cannot find certificate for \"%s\"",
- certsonlyOptions->recipients[i]);
- goto loser;
- }
- }
- certs[i] = NULL;
- /*
- * create the message object
- */
- cmsg = NSS_CMSMessage_Create(NULL);
- if (cmsg == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS message.\n");
- goto loser;
- }
- /*
- * build chain of objects: message->signedData->data
- */
- if ((sigd = NSS_CMSSignedData_CreateCertsOnly(cmsg, certs[0], PR_TRUE))
- == NULL) {
- fprintf(stderr, "ERROR: cannot create CMS signedData object.\n");
- goto loser;
- }
- for (i=1; i<cnt; i++) {
- if (NSS_CMSSignedData_AddCertChain(sigd, certs[i])) {
- fprintf(stderr, "ERROR: cannot add cert chain for \"%s\".\n",
- certsonlyOptions->recipients[i]);
- goto loser;
- }
- }
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
- if (NSS_CMSContentInfo_SetContent_SignedData(cmsg, cinfo, sigd)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS signedData object.\n");
- goto loser;
- }
- cinfo = NSS_CMSSignedData_GetContentInfo(sigd);
- if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE)
- != SECSuccess) {
- fprintf(stderr, "ERROR: cannot attach CMS data object.\n");
- goto loser;
- }
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return cmsg;
-loser:
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- if (tmppoolp)
- PORT_FreeArena(tmppoolp, PR_FALSE);
- return NULL;
-}
-
-typedef enum { UNKNOWN, DECODE, SIGN, ENCRYPT, ENVELOPE, CERTSONLY } Mode;
-
-#if 0
-void
-parse_message_for_recipients(PRFileDesc *inFile,
- struct envelopeOptionsStr *envelopeOptions)
-{
- SECItem filedata;
- SECStatus rv;
- rv = SECU_FileToItem(&filedata, inFile);
-}
-#endif
-
-int
-main(int argc, char **argv)
-{
- FILE *outFile;
- NSSCMSMessage *cmsg;
- PRFileDesc *inFile;
- PLOptState *optstate;
- PLOptStatus status;
- Mode mode = UNKNOWN;
- PK11PasswordFunc pwcb;
- void *pwcb_arg;
- struct decodeOptionsStr decodeOptions = { 0 };
- struct signOptionsStr signOptions = { 0 };
- struct envelopeOptionsStr envelopeOptions = { 0 };
- struct certsonlyOptionsStr certsonlyOptions = { 0 };
- struct encryptOptionsStr encryptOptions = { 0 };
- struct optionsStr options = { 0 };
- int exitstatus;
- static char *ptrarray[128] = { 0 };
- int nrecipients = 0;
- char *str, *tok;
- char *envFileName;
- SECItem input = { 0, 0, 0};
- SECItem output = { 0, 0, 0};
- SECItem dummy = { 0, 0, 0 };
- SECItem envmsg = { 0, 0, 0 };
- SECStatus rv;
-
- progName = strrchr(argv[0], '/');
- progName = progName ? progName+1 : argv[0];
-
- inFile = PR_STDIN;
- outFile = stdout;
- envFileName = NULL;
- mode = UNKNOWN;
- decodeOptions.contentFile = NULL;
- decodeOptions.suppressContent = PR_FALSE;
- decodeOptions.headerLevel = -1;
- options.certUsage = certUsageEmailSigner;
- options.password = NULL;
- signOptions.nickname = NULL;
- signOptions.detached = PR_FALSE;
- signOptions.signingTime = PR_FALSE;
- signOptions.smimeProfile = PR_FALSE;
- signOptions.encryptionKeyPreferenceNick = NULL;
- envelopeOptions.recipients = NULL;
- encryptOptions.recipients = NULL;
- encryptOptions.envmsg = NULL;
- encryptOptions.envFile = NULL;
- encryptOptions.bulkalgtag = SEC_OID_UNKNOWN;
- encryptOptions.bulkkey = NULL;
- encryptOptions.keysize = -1;
-
- /*
- * Parse command line arguments
- */
- optstate = PL_CreateOptState(argc, argv,
- "CDSEOnN:TGPYv:h:p:i:c:d:e:o:s:u:r:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- Usage(progName);
- break;
-
- case 'C':
- mode = ENCRYPT;
- break;
- case 'D':
- mode = DECODE;
- break;
- case 'S':
- mode = SIGN;
- break;
- case 'E':
- mode = ENVELOPE;
- break;
- case 'O':
- mode = CERTSONLY;
- break;
- case 'v':
- cms_verbose = 1;
- break;
-
- case 'n':
- if (mode != DECODE) {
- fprintf(stderr,
- "%s: option -n only supported with option -D.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- decodeOptions.suppressContent = PR_TRUE;
- break;
-
- case 'N':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -N only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.nickname = strdup(optstate->value);
- break;
-
- case 'Y':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -Y only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.encryptionKeyPreferenceNick = strdup(optstate->value);
- break;
-
- case 'T':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -T only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.detached = PR_TRUE;
- break;
-
- case 'G':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -G only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.signingTime = PR_TRUE;
- break;
-
- case 'P':
- if (mode != SIGN) {
- fprintf(stderr,
- "%s: option -P only supported with option -S.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- signOptions.smimeProfile = PR_TRUE;
- break;
-
- case 'h':
- if (mode != DECODE) {
- fprintf(stderr,
- "%s: option -h only supported with option -D.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- decodeOptions.headerLevel = atoi(optstate->value);
- if (decodeOptions.headerLevel < 0) {
- fprintf(stderr, "option -h cannot have a negative value.\n");
- exit(1);
- }
- break;
-
- case 'p':
- if (!optstate->value) {
- fprintf(stderr, "%s: option -p must have a value.\n", progName);
- Usage(progName);
- exit(1);
- }
-
- options.password = strdup(optstate->value);
- break;
-
- case 'i':
- inFile = PR_Open(optstate->value, PR_RDONLY, 00660);
- if (inFile == NULL) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
- progName, optstate->value);
- exit(1);
- }
- break;
-
- case 'c':
- if (mode != DECODE) {
- fprintf(stderr,
- "%s: option -c only supported with option -D.\n",
- progName);
- Usage(progName);
- exit(1);
- }
- if ((decodeOptions.contentFile =
- PR_Open(optstate->value, PR_RDONLY, 006600)) == NULL) {
- fprintf(stderr, "%s: unable to open \"%s\" for reading.\n",
- progName, optstate->value);
- exit(1);
- }
- break;
-
- case 'o':
-#if 0
- if (mode == DECODE) {
- outFile = fopen(optstate->value, "w");
- } else {
- outFile = fopen(optstate->value, "wb");
- }
-#endif
- outFile = fopen(optstate->value, "wb");
- if (outFile == NULL) {
- fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
- progName, optstate->value);
- exit(1);
- }
- break;
-
- case 'r':
- if (!optstate->value) {
- fprintf(stderr, "%s: option -r must have a value.\n", progName);
- Usage(progName);
- exit(1);
- }
-#if 0
- fprintf(stderr, "recipient = %s\n", optstate->value);
-#endif
- envelopeOptions.recipients = ptrarray;
- str = (char *)optstate->value;
- do {
- tok = strchr(str, ',');
- if (tok) *tok = '\0';
- envelopeOptions.recipients[nrecipients++] = strdup(str);
- if (tok) str = tok + 1;
- } while (tok);
- envelopeOptions.recipients[nrecipients] = NULL;
- encryptOptions.recipients = envelopeOptions.recipients;
- certsonlyOptions.recipients = envelopeOptions.recipients;
- break;
-
- case 'd':
- SECU_ConfigDirectory(optstate->value);
- break;
-
- case 'e':
- envFileName = strdup(optstate->value);
- encryptOptions.envFile = PR_Open(envFileName, PR_RDONLY, 00660);
- break;
-
- case 'u': {
- int usageType;
-
- usageType = atoi (strdup(optstate->value));
- if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
- return -1;
- options.certUsage = (SECCertUsage)usageType;
- break;
- }
-
- }
- }
-
- if (mode == UNKNOWN)
- Usage(progName);
-
- if (mode != CERTSONLY)
- SECU_FileToItem(&input, inFile);
- if (inFile != PR_STDIN)
- PR_Close(inFile);
- if (cms_verbose) {
- fprintf(stderr, "received commands\n");
- }
-
- /* Call the libsec initialization routines */
- PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
- rv = NSS_InitReadWrite(SECU_ConfigDirectory(NULL));
- if (SECSuccess != rv) {
- SECU_PrintError(progName, "NSS_Init failed");
- exit(1);
- }
- if (cms_verbose) {
- fprintf(stderr, "NSS has been initialized.\n");
- }
- options.certHandle = CERT_GetDefaultCertDB();
- if (!options.certHandle) {
- SECU_PrintError(progName, "No default cert DB");
- exit(1);
- }
- if (cms_verbose) {
- fprintf(stderr, "Got default certdb\n");
- }
-
-#if defined(_WIN32)
- /*if (outFile == stdout && mode != DECODE) {*/
- if (outFile == stdout) {
- /* If we're going to write binary data to stdout, we must put stdout
- ** into O_BINARY mode or else outgoing \n's will become \r\n's.
- */
- int smrv = _setmode(_fileno(stdout), _O_BINARY);
- if (smrv == -1) {
- fprintf(stderr,
- "%s: Cannot change stdout to binary mode. Use -o option instead.\n",
- progName);
- return smrv;
- }
- }
-#endif
-
- exitstatus = 0;
- switch (mode) {
- case DECODE:
- decodeOptions.options = &options;
- if (encryptOptions.envFile) {
- /* Decoding encrypted-data, so get the bulkkey from an
- * enveloped-data message.
- */
- SECU_FileToItem(&envmsg, encryptOptions.envFile);
- decodeOptions.options = &options;
- encryptOptions.envmsg = decode(NULL, &dummy, &envmsg,
- &decodeOptions);
- if (!encryptOptions.envmsg) {
- SECU_PrintError(progName, "problem decoding env msg");
- exitstatus = 1;
- break;
- }
- rv = get_enc_params(&encryptOptions);
- decodeOptions.dkcb = dkcb;
- decodeOptions.bulkkey = encryptOptions.bulkkey;
- }
- cmsg = decode(outFile, &output, &input, &decodeOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem decoding");
- exitstatus = 1;
- }
- fwrite(output.data, output.len, 1, outFile);
- break;
- case SIGN:
- signOptions.options = &options;
- cmsg = signed_data(&signOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem signing");
- exitstatus = 1;
- }
- break;
- case ENCRYPT:
- if (!envFileName) {
- fprintf(stderr, "%s: you must specify an envelope file with -e.\n",
- progName);
- exit(1);
- }
- encryptOptions.options = &options;
- encryptOptions.input = &input;
- encryptOptions.outfile = outFile;
- if (!encryptOptions.envFile) {
- encryptOptions.envFile = PR_Open(envFileName,
- PR_WRONLY|PR_CREATE_FILE, 00660);
- if (!encryptOptions.envFile) {
- fprintf(stderr, "%s: failed to create file %s.\n", progName,
- envFileName);
- exit(1);
- }
- } else {
- SECU_FileToItem(&envmsg, encryptOptions.envFile);
- decodeOptions.options = &options;
- encryptOptions.envmsg = decode(NULL, &dummy, &envmsg,
- &decodeOptions);
- if (encryptOptions.envmsg == NULL) {
- SECU_PrintError(progName, "problem decrypting env msg");
- exitstatus = 1;
- break;
- }
- }
- /* decode an enveloped-data message to get the bulkkey (create
- * a new one if neccessary)
- */
- rv = get_enc_params(&encryptOptions);
- /* create the encrypted-data message */
- cmsg = encrypted_data(&encryptOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem encrypting");
- exitstatus = 1;
- }
- break;
- case ENVELOPE:
- envelopeOptions.options = &options;
-#if 0
- if (!envelopeOptions.recipients)
- parse_message_for_recipients(myIn, &envelopeOptions);
-#endif
- cmsg = enveloped_data(&envelopeOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem enveloping");
- exitstatus = 1;
- }
- break;
- case CERTSONLY:
- certsonlyOptions.options = &options;
- cmsg = signed_data_certsonly(&certsonlyOptions);
- if (!cmsg) {
- SECU_PrintError(progName, "problem with certs-only");
- exitstatus = 1;
- }
- break;
- default:
- fprintf(stderr, "One of options -D, -S or -E must be set.\n");
- Usage(progName);
- exitstatus = 1;
- }
- if (mode == SIGN || mode == ENVELOPE || mode == CERTSONLY) {
- PLArenaPool *arena = PORT_NewArena(1024);
- NSSCMSEncoderContext *ecx;
- SECItem output = { 0, 0, 0 };
- if (!arena) {
- fprintf(stderr, "%s: out of memory.\n", progName);
- exit(1);
- }
- pwcb = (options.password != NULL) ? ownpw : NULL;
- pwcb_arg = (options.password != NULL) ? (void *)options.password : NULL;
- if (cms_verbose) {
- fprintf(stderr, "cmsg [%x]\n", cmsg);
- fprintf(stderr, "arena [%x]\n", arena);
- if (pwcb_arg)
- fprintf(stderr, "password [%s]\n", (char *)pwcb_arg);
- else
- fprintf(stderr, "password [NULL]\n");
- }
- ecx = NSS_CMSEncoder_Start(cmsg,
- NULL, NULL, /* DER output callback */
- &output, arena, /* destination storage */
- pwcb, pwcb_arg, /* password callback */
- NULL, NULL, /* decrypt key callback */
- NULL, NULL ); /* detached digests */
- if (!ecx) {
- fprintf(stderr, "%s: cannot create encoder context.\n", progName);
- exit(1);
- }
- if (cms_verbose) {
- fprintf(stderr, "input len [%d]\n", input.len);
- { int j;
- for(j=0;j<input.len;j++)
- fprintf(stderr, "%2x%c", input.data[j], (j>0&&j%35==0)?'\n':' ');
- }
- }
- if (input.len > 0) { /* skip if certs-only (or other zero content) */
- rv = NSS_CMSEncoder_Update(ecx, (char *)input.data, input.len);
- if (rv) {
- fprintf(stderr,
- "%s: failed to add data to encoder.\n", progName);
- exit(1);
- }
- }
- rv = NSS_CMSEncoder_Finish(ecx);
- if (rv) {
- fprintf(stderr, "%s: failed to encode data.\n", progName);
- exit(1);
- }
-
- if (cms_verbose) {
- fprintf(stderr, "encoding passed\n");
- }
- /*PR_Write(output.data, output.len);*/
- fwrite(output.data, output.len, 1, outFile);
- if (cms_verbose) {
- fprintf(stderr, "wrote to file\n");
- }
- PORT_FreeArena(arena, PR_FALSE);
- }
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- if (outFile != stdout)
- fclose(outFile);
-
- if (decodeOptions.contentFile)
- PR_Close(decodeOptions.contentFile);
- exit(exitstatus);
-}
diff --git a/security/nss/cmd/smimetools/manifest.mn b/security/nss/cmd/smimetools/manifest.mn
deleted file mode 100644
index 9ed96c658..000000000
--- a/security/nss/cmd/smimetools/manifest.mn
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-CSRCS = cmsutil.c
-
-MYLIB = $(DIST)/lib/libsmime.a
-
-REQUIRES = seccmd dbm
-
-PROGRAM = cmsutil
-SCRIPTS = smime
diff --git a/security/nss/cmd/smimetools/rules.mk b/security/nss/cmd/smimetools/rules.mk
deleted file mode 100644
index 51e0baaed..000000000
--- a/security/nss/cmd/smimetools/rules.mk
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-# $Id$
-#
-
-install::
- $(INSTALL) -m 755 $(SCRIPTS) $(SOURCE_BIN_DIR)
diff --git a/security/nss/cmd/smimetools/smime b/security/nss/cmd/smimetools/smime
deleted file mode 100755
index d23a912ed..000000000
--- a/security/nss/cmd/smimetools/smime
+++ /dev/null
@@ -1,576 +0,0 @@
-#!/usr/local/bin/perl
-
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-#
-# smime.pl - frontend for S/MIME message generation and parsing
-#
-# $Id$
-#
-
-use Getopt::Std;
-
-@boundarychars = ( "0" .. "9", "A" .. "F" );
-
-# path to cmsutil
-$cmsutilpath = "cmsutil";
-
-#
-# Thanks to Gisle Aas <gisle@aas.no> for the base64 functions
-# originally taken from MIME-Base64-2.11 at www.cpan.org
-#
-sub encode_base64($)
-{
- my $res = "";
- pos($_[0]) = 0; # ensure start at the beginning
- while ($_[0] =~ /(.{1,45})/gs) {
- $res .= substr(pack('u', $1), 1); # get rid of length byte after packing
- chop($res);
- }
- $res =~ tr|` -_|AA-Za-z0-9+/|;
- # fix padding at the end
- my $padding = (3 - length($_[0]) % 3) % 3;
- $res =~ s/.{$padding}$/'=' x $padding/e if $padding;
- # break encoded string into lines of no more than 76 characters each
- $res =~ s/(.{1,76})/$1\n/g;
- $res;
-}
-
-sub decode_base64($)
-{
- local($^W) = 0; # unpack("u",...) gives bogus warning in 5.00[123]
-
- my $str = shift;
- my $res = "";
-
- $str =~ tr|A-Za-z0-9+=/||cd; # remove non-base64 chars
- if (length($str) % 4) {
- require Carp;
- Carp::carp("Length of base64 data not a multiple of 4")
- }
- $str =~ s/=+$//; # remove padding
- $str =~ tr|A-Za-z0-9+/| -_|; # convert to uuencoded format
- while ($str =~ /(.{1,60})/gs) {
- my $len = chr(32 + length($1)*3/4); # compute length byte
- $res .= unpack("u", $len . $1 ); # uudecode
- }
- $res;
-}
-
-#
-# parse headers into a hash
-#
-# %headers = parseheaders($headertext);
-#
-sub parseheaders($)
-{
- my ($headerdata) = @_;
- my $hdr;
- my %hdrhash;
- my $hdrname;
- my $hdrvalue;
- my @hdrvalues;
- my $subhdrname;
- my $subhdrvalue;
-
- # the expression in split() correctly handles continuation lines
- foreach $hdr (split(/\n(?=\S)/, $headerdata)) {
- $hdr =~ s/\r*\n\s+/ /g; # collapse continuation lines
- ($hdrname, $hdrvalue) = $hdr =~ m/^(\S+):\s+(.*)$/;
-
- # ignore non-headers (or should we die horribly?)
- next unless (defined($hdrname));
- $hdrname =~ tr/A-Z/a-z/; # lowercase the header name
- @hdrvalues = split(/\s*;\s*/, $hdrvalue); # split header values (XXXX quoting)
-
- # there is guaranteed to be at least one value
- $hdrvalue = shift @hdrvalues;
- if ($hdrvalue =~ /^\s*\"(.*)\"\s*$/) { # strip quotes if there
- $hdrvalue = $1;
- }
-
- $hdrhash{$hdrname}{MAIN} = $hdrvalue;
- # print "XXX $hdrname = $hdrvalue\n";
-
- # deal with additional name-value pairs
- foreach $hdrvalue (@hdrvalues) {
- ($subhdrname, $subhdrvalue) = $hdrvalue =~ m/^(\S+)\s*=\s*(.*)$/;
- # ignore non-name-value pairs (or should we die?)
- next unless (defined($subhdrname));
- $subhdrname =~ tr/A-Z/a-z/;
- if ($subhdrvalue =~ /^\s*\"(.*)\"\s*$/) { # strip quotes if there
- $subhdrvalue = $1;
- }
- $hdrhash{$hdrname}{$subhdrname} = $subhdrvalue;
- }
-
- }
- return %hdrhash;
-}
-
-#
-# encryptentity($entity, $options) - encrypt an S/MIME entity,
-# creating a new application/pkcs7-smime entity
-#
-# entity - string containing entire S/MIME entity to encrypt
-# options - options for cmsutil
-#
-# this will generate and return a new application/pkcs7-smime entity containing
-# the enveloped input entity.
-#
-sub encryptentity($$)
-{
- my ($entity, $cmsutiloptions) = @_;
- my $out = "";
- my $boundary;
-
- $tmpencfile = "/tmp/encryptentity.$$";
-
- #
- # generate a random boundary string
- #
- $boundary = "------------ms" . join("", @boundarychars[map{rand @boundarychars }( 1 .. 24 )]);
-
- #
- # tell cmsutil to generate a enveloped CMS message using our data
- #
- open(CMS, "|$cmsutilpath -E $cmsutiloptions -o $tmpencfile") or die "ERROR: cannot pipe to cmsutil";
- print CMS $entity;
- unless (close(CMS)) {
- print STDERR "ERROR: encryption failed.\n";
- unlink($tmpsigfile);
- exit 1;
- }
-
- $out = "Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name=smime.p7m\n";
- $out .= "Content-Transfer-Encoding: base64\n";
- $out .= "Content-Disposition: attachment; filename=smime.p7m\n";
- $out .= "\n"; # end of entity header
-
- open (ENC, $tmpencfile) or die "ERROR: cannot find newly generated encrypted content";
- local($/) = undef; # slurp whole file
- $out .= encode_base64(<ENC>), "\n"; # entity body is base64-encoded CMS message
- close(ENC);
-
- unlink($tmpencfile);
-
- $out;
-}
-
-#
-# signentity($entity, $options) - sign an S/MIME entity
-#
-# entity - string containing entire S/MIME entity to sign
-# options - options for cmsutil
-#
-# this will generate and return a new multipart/signed entity consisting
-# of the canonicalized original content, plus a signature block.
-#
-sub signentity($$)
-{
- my ($entity, $cmsutiloptions) = @_;
- my $out = "";
- my $boundary;
-
- $tmpsigfile = "/tmp/signentity.$$";
-
- #
- # generate a random boundary string
- #
- $boundary = "------------ms" . join("", @boundarychars[map{rand @boundarychars }( 1 .. 24 )]);
-
- #
- # tell cmsutil to generate a signed CMS message using the canonicalized data
- # The signedData has detached content (-T) and includes a signing time attribute (-G)
- #
- # if we do not provide a password on the command line, here's where we would be asked for it
- #
- open(CMS, "|$cmsutilpath -S -T -G $cmsutiloptions -o $tmpsigfile") or die "ERROR: cannot pipe to cmsutil";
- print CMS $entity;
- unless (close(CMS)) {
- print STDERR "ERROR: signature generation failed.\n";
- unlink($tmpsigfile);
- exit 1;
- }
-
- open (SIG, $tmpsigfile) or die "ERROR: cannot find newly generated signature";
-
- #
- # construct a new multipart/signed MIME entity consisting of the original content and
- # the signature
- #
- # (we assume that cmsutil generates a SHA1 digest)
- $out .= "Content-Type: multipart/signed; protocol=\"application/pkcs7-signature\"; micalg=sha1; boundary=\"${boundary}\"\n";
- $out .= "\n"; # end of entity header
- $out .= "This is a cryptographically signed message in MIME format.\n"; # explanatory comment
- $out .= "\n--${boundary}\n";
- $out .= $entity;
- $out .= "\n--${boundary}\n";
- $out .= "Content-Type: application/pkcs7-signature; name=smime.p7s\n";
- $out .= "Content-Transfer-Encoding: base64\n";
- $out .= "Content-Disposition: attachment; filename=smime.p7s\n";
- $out .= "Content-Description: S/MIME Cryptographic Signature\n";
- $out .= "\n"; # end of signature subentity header
-
- local($/) = undef; # slurp whole file
- $out .= encode_base64(<SIG>); # append base64-encoded signature
- $out .= "\n--${boundary}--\n";
-
- close(SIG);
- unlink($tmpsigfile);
-
- $out;
-}
-
-sub usage {
- print STDERR "usage: smime [options]\n";
- print STDERR " options:\n";
- print STDERR " -S nick generate signed message, use certificate named \"nick\"\n";
- print STDERR " -p passwd use \"passwd\" as security module password\n";
- print STDERR " -E rec1[,rec2...] generate encrypted message for recipients\n";
- print STDERR " -D decode a S/MIME message\n";
- print STDERR " -p passwd use \"passwd\" as security module password\n";
- print STDERR " (required for decrypting only)\n";
- print STDERR " -C pathname set pathname of \"cmsutil\"\n";
- print STDERR " -d directory set directory containing certificate db\n";
- print STDERR " (default: ~/.netscape)\n";
- print STDERR "\nWith -S or -E, smime will take a regular RFC822 message or MIME entity\n";
- print STDERR "on stdin and generate a signed or encrypted S/MIME message with the same\n";
- print STDERR "headers and content from it. The output can be used as input to a MTA.\n";
- print STDERR "-D causes smime to strip off all S/MIME layers if possible and output\n";
- print STDERR "the \"inner\" message.\n";
-}
-
-#
-# start of main procedures
-#
-
-#
-# process command line options
-#
-unless (getopts('S:E:p:d:C:D')) {
- usage();
- exit 1;
-}
-
-unless (defined($opt_S) or defined($opt_E) or defined($opt_D)) {
- print STDERR "ERROR: -S and/or -E, or -D must be specified.\n";
- usage();
- exit 1;
-}
-
-$signopts = "";
-$encryptopts = "";
-$decodeopts = "";
-
-# pass -d option along
-if (defined($opt_d)) {
- $signopts .= "-d \"$opt_d\" ";
- $encryptopts .= "-d \"$opt_d\" ";
- $decodeopts .= "-d \"$opt_d\" ";
-}
-
-if (defined($opt_S)) {
- $signopts .= "-N \"$opt_S\" ";
-}
-
-if (defined($opt_p)) {
- $signopts .= "-p \"$opt_p\" ";
- $decodeopts .= "-p \"$opt_p\" ";
-}
-
-if (defined($opt_E)) {
- @recipients = split(",", $opt_E);
- $encryptopts .= "-r ";
- $encryptopts .= join (" -r ", @recipients);
-}
-
-if (defined($opt_C)) {
- $cmsutilpath = $opt_C;
-}
-
-#
-# split headers into mime entity headers and RFC822 headers
-# The RFC822 headers are preserved and stay on the outer layer of the message
-#
-$rfc822headers = "";
-$mimeheaders = "";
-$mimebody = "";
-$skippedheaders = "";
-while (<STDIN>) {
- last if (/^$/);
- if (/^content-\S+: /i) {
- $lastref = \$mimeheaders;
- } elsif (/^mime-version: /i) {
- $lastref = \$skippedheaders; # skip it
- } elsif (/^\s/) {
- ;
- } else {
- $lastref = \$rfc822headers;
- }
- $$lastref .= $_;
-}
-
-#
-# if there are no MIME entity headers, generate some default ones
-#
-if ($mimeheaders eq "") {
- $mimeheaders .= "Content-Type: text/plain; charset=us-ascii\n";
- $mimeheaders .= "Content-Transfer-Encoding: 7bit\n";
-}
-
-#
-# slurp in the entity body
-#
-$saveRS = $/;
-$/ = undef;
-$mimebody = <STDIN>;
-$/ = $saveRS;
-chomp($mimebody);
-
-if (defined $opt_D) {
- #
- # decode
- #
- # possible options would be:
- # - strip off only one layer
- # - strip off outer signature (if present)
- # - just print information about the structure of the message
- # - strip n layers, then dump DER of CMS message
-
- $layercounter = 1;
-
- while (1) {
- %hdrhash = parseheaders($mimeheaders);
- unless (exists($hdrhash{"content-type"}{MAIN})) {
- print STDERR "ERROR: no content type header found in MIME entity\n";
- last; # no content-type - we're done
- }
-
- $contenttype = $hdrhash{"content-type"}{MAIN};
- if ($contenttype eq "application/pkcs7-mime") {
- #
- # opaque-signed or enveloped message
- #
- unless (exists($hdrhash{"content-type"}{"smime-type"})) {
- print STDERR "ERROR: no smime-type attribute in application/pkcs7-smime entity.\n";
- last;
- }
- $smimetype = $hdrhash{"content-type"}{"smime-type"};
- if ($smimetype eq "signed-data" or $smimetype eq "enveloped-data") {
- # it's verification or decryption time!
-
- # can handle only base64 encoding for now
- # all other encodings are treated as binary (8bit)
- if ($hdrhash{"content-transfer-encoding"}{MAIN} eq "base64") {
- $mimebody = decode_base64($mimebody);
- }
-
- # if we need to dump the DER, we would do it right here
-
- # now write the DER
- $tmpderfile = "/tmp/der.$$";
- open(TMP, ">$tmpderfile") or die "ERROR: cannot write signature data to temporary file";
- print TMP $mimebody;
- unless (close(TMP)) {
- print STDERR "ERROR: writing signature data to temporary file.\n";
- unlink($tmpderfile);
- exit 1;
- }
-
- $mimeheaders = "";
- open(TMP, "$cmsutilpath -D $decodeopts -h $layercounter -i $tmpderfile |") or die "ERROR: cannot open pipe to cmsutil";
- $layercounter++;
- while (<TMP>) {
- last if (/^\r?$/); # empty lines mark end of header
- if (/^SMIME: /) { # add all SMIME info to the rfc822 hdrs
- $lastref = \$rfc822headers;
- } elsif (/^\s/) {
- ; # continuation lines go to the last dest
- } else {
- $lastref = \$mimeheaders; # all other headers are mime headers
- }
- $$lastref .= $_;
- }
- # slurp in rest of the data to $mimebody
- $saveRS = $/; $/ = undef; $mimebody = <TMP>; $/ = $saveRS;
- close(TMP);
-
- unlink($tmpderfile);
-
- } else {
- print STDERR "ERROR: unknown smime-type \"$smimetype\" in application/pkcs7-smime entity.\n";
- last;
- }
- } elsif ($contenttype eq "multipart/signed") {
- #
- # clear signed message
- #
- unless (exists($hdrhash{"content-type"}{"protocol"})) {
- print STDERR "ERROR: content type has no protocol attribute in multipart/signed entity.\n";
- last;
- }
- if ($hdrhash{"content-type"}{"protocol"} ne "application/pkcs7-signature") {
- # we cannot handle this guy
- print STDERR "ERROR: unknown protocol \"", $hdrhash{"content-type"}{"protocol"},
- "\" in multipart/signed entity.\n";
- last;
- }
- unless (exists($hdrhash{"content-type"}{"boundary"})) {
- print STDERR "ERROR: no boundary attribute in multipart/signed entity.\n";
- last;
- }
- $boundary = $hdrhash{"content-type"}{"boundary"};
-
- # split $mimebody along \n--$boundary\n - gets you four parts
- # first (0), any comments the sending agent might have put in
- # second (1), the message itself
- # third (2), the signature as a mime entity
- # fourth (3), trailing data (there shouldn't be any)
-
- @multiparts = split(/\r?\n--$boundary(?:--)?\r?\n/, $mimebody);
-
- #
- # parse the signature headers
- ($submimeheaders, $submimebody) = split(/^$/m, $multiparts[2]);
- %sighdrhash = parseheaders($submimeheaders);
- unless (exists($sighdrhash{"content-type"}{MAIN})) {
- print STDERR "ERROR: signature entity has no content type.\n";
- last;
- }
- if ($sighdrhash{"content-type"}{MAIN} ne "application/pkcs7-signature") {
- # we cannot handle this guy
- print STDERR "ERROR: unknown content type \"", $sighdrhash{"content-type"}{MAIN},
- "\" in signature entity.\n";
- last;
- }
- if ($sighdrhash{"content-transfer-encoding"}{MAIN} eq "base64") {
- $submimebody = decode_base64($submimebody);
- }
-
- # we would dump the DER at this point
-
- $tmpsigfile = "/tmp/sig.$$";
- open(TMP, ">$tmpsigfile") or die "ERROR: cannot write signature data to temporary file";
- print TMP $submimebody;
- unless (close(TMP)) {
- print STDERR "ERROR: writing signature data to temporary file.\n";
- unlink($tmpsigfile);
- exit 1;
- }
-
- $tmpmsgfile = "/tmp/msg.$$";
- open(TMP, ">$tmpmsgfile") or die "ERROR: cannot write message data to temporary file";
- print TMP $multiparts[1];
- unless (close(TMP)) {
- print STDERR "ERROR: writing message data to temporary file.\n";
- unlink($tmpsigfile);
- unlink($tmpmsgfile);
- exit 1;
- }
-
- $mimeheaders = "";
- open(TMP, "$cmsutilpath -D $decodeopts -h $layercounter -c $tmpmsgfile -i $tmpsigfile |") or die "ERROR: cannot open pipe to cmsutil";
- $layercounter++;
- while (<TMP>) {
- last if (/^\r?$/);
- if (/^SMIME: /) {
- $lastref = \$rfc822headers;
- } elsif (/^\s/) {
- ;
- } else {
- $lastref = \$mimeheaders;
- }
- $$lastref .= $_;
- }
- $saveRS = $/; $/ = undef; $mimebody = <TMP>; $/ = $saveRS;
- close(TMP);
- unlink($tmpsigfile);
- unlink($tmpmsgfile);
-
- } else {
-
- # not a content type we know - we're done
- last;
-
- }
- }
-
- # so now we have the S/MIME parsing information in rfc822headers
- # and the first mime entity we could not handle in mimeheaders and mimebody.
- # dump 'em out and we're done.
- print $rfc822headers;
- print $mimeheaders . "\n" . $mimebody;
-
-} else {
-
- #
- # encode (which is much easier than decode)
- #
-
- $mimeentity = $mimeheaders . "\n" . $mimebody;
-
- #
- # canonicalize inner entity (rudimentary yet)
- # convert single LFs to CRLF
- # if no Content-Transfer-Encoding header present:
- # if 8 bit chars present, use Content-Transfer-Encoding: quoted-printable
- # otherwise, use Content-Transfer-Encoding: 7bit
- #
- $mimeentity =~ s/\r*\n/\r\n/mg;
-
- #
- # now do the wrapping
- # we sign first, then encrypt because that's what Communicator needs
- #
- if (defined($opt_S)) {
- $mimeentity = signentity($mimeentity, $signopts);
- }
-
- if (defined($opt_E)) {
- $mimeentity = encryptentity($mimeentity, $encryptopts);
- }
-
- #
- # XXX sign again to do triple wrapping (RFC2634)
- #
-
- #
- # now write out the RFC822 headers
- # followed by the final $mimeentity
- #
- print $rfc822headers;
- print "MIME-Version: 1.0 (NSS SMIME - http://www.mozilla.org/projects/security)\n"; # set up the flag
- print $mimeentity;
-}
-
-exit 0;
diff --git a/security/nss/cmd/sslstrength/Makefile b/security/nss/cmd/sslstrength/Makefile
deleted file mode 100644
index a6a708692..000000000
--- a/security/nss/cmd/sslstrength/Makefile
+++ /dev/null
@@ -1,72 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include $(CORE_DEPTH)/security/cmd/platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/cmd/sslstrength/manifest.mn b/security/nss/cmd/sslstrength/manifest.mn
deleted file mode 100644
index e76d1c639..000000000
--- a/security/nss/cmd/sslstrength/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-EXPORTS =
-
-CSRCS = sslstrength.c \
- $(NULL)
-
-PROGRAM = sslstrength
-
-REQUIRES = security dbm seccmd
-
-DEFINES = -DNSPR20
-
-PACKAGE_FILES = sslstrength
-
-ARCHIVE_NAME = sslstrength
diff --git a/security/nss/cmd/sslstrength/sslstr.cgi b/security/nss/cmd/sslstrength/sslstr.cgi
deleted file mode 100644
index ab6a1bff9..000000000
--- a/security/nss/cmd/sslstrength/sslstr.cgi
+++ /dev/null
@@ -1,296 +0,0 @@
-#!/usr/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-use CGI qw(:standard);
-
-
-
-# Replace this will the full path to the sslstrength executable.
-$sslstrength = "./sslstrength";
-
-
-# Replace this with the name of this CGI.
-
-$sslcgi = "sslstr.cgi";
-
-
-$query = new CGI;
-
-print header;
-
-print "<HTML><HEAD>
-<SCRIPT language='javascript'>
-
-function doexport(form) {
- form.ssl2ciphers.options[0].selected=0;
- form.ssl2ciphers.options[1].selected=0;
- form.ssl2ciphers.options[2].selected=0;
- form.ssl2ciphers.options[3].selected=0;
- form.ssl2ciphers.options[4].selected=1;
- form.ssl2ciphers.options[5].selected=1;
-
- form.ssl3ciphers.options[0].selected=1;
- form.ssl3ciphers.options[1].selected=1;
- form.ssl3ciphers.options[2].selected=0;
- form.ssl3ciphers.options[3].selected=1;
- form.ssl3ciphers.options[4].selected=1;
- form.ssl3ciphers.options[5].selected=1;
- form.ssl3ciphers.options[6].selected=0;
- form.ssl3ciphers.options[7].selected=0;
-
-
-}
-
-function dodomestic(form) {
- form.ssl2ciphers.options[0].selected=1;
- form.ssl2ciphers.options[1].selected=1;
- form.ssl2ciphers.options[2].selected=1;
- form.ssl2ciphers.options[3].selected=1;
- form.ssl2ciphers.options[4].selected=1;
- form.ssl2ciphers.options[5].selected=1;
-
- form.ssl3ciphers.options[0].selected=1;
- form.ssl3ciphers.options[1].selected=1;
- form.ssl3ciphers.options[2].selected=1;
- form.ssl3ciphers.options[3].selected=1;
- form.ssl3ciphers.options[4].selected=1;
- form.ssl3ciphers.options[5].selected=1;
- form.ssl3ciphers.options[6].selected=1;
- form.ssl3ciphers.options[7].selected=1;
-
-}
-
-function doclearssl2(form) {
- form.ssl2ciphers.options[0].selected=0;
- form.ssl2ciphers.options[1].selected=0;
- form.ssl2ciphers.options[2].selected=0;
- form.ssl2ciphers.options[3].selected=0;
- form.ssl2ciphers.options[4].selected=0;
- form.ssl2ciphers.options[5].selected=0;
-}
-
-
-function doclearssl3(form) {
- form.ssl3ciphers.options[0].selected=0;
- form.ssl3ciphers.options[1].selected=0;
- form.ssl3ciphers.options[2].selected=0;
- form.ssl3ciphers.options[3].selected=0;
- form.ssl3ciphers.options[4].selected=0;
- form.ssl3ciphers.options[5].selected=0;
- form.ssl3ciphers.options[6].selected=0;
- form.ssl3ciphers.options[7].selected=0;
-
-}
-
-function dohost(form,hostname) {
- form.host.value=hostname;
- }
-
-
-
-</SCRIPT>
-<TITLE>\n";
-print "SSLStrength\n";
-print "</TITLE></HEAD>\n";
-
-print "<h1>SSLStrength</h1>\n";
-
-if ($query->param('dotest')) {
- print "Output from sslstrength: \n";
- print "<pre>\n";
-
- $cs = "";
-
- @ssl2ciphers = $query->param('ssl2ciphers');
- for $cipher (@ssl2ciphers) {
- if ($cipher eq "SSL_EN_RC2_128_WITH_MD5") { $cs .= "a"; }
- if ($cipher eq "SSL_EN_RC2_128_CBC_WITH_MD5") { $cs .= "b"; }
- if ($cipher eq "SSL_EN_DES_192_EDE3_CBC_WITH_MD5") { $cs .= "c"; }
- if ($cipher eq "SSL_EN_DES_64_CBC_WITH_MD5") { $cs .= "d"; }
- if ($cipher eq "SSL_EN_RC4_128_EXPORT40_WITH_MD5") { $cs .= "e"; }
- if ($cipher eq "SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5") { $cs .= "f"; }
- }
-
- @ssl3ciphers = $query->param('ssl3ciphers');
- for $cipher (@ssl3ciphers) {
- if ($cipher eq "SSL_RSA_WITH_RC4_128_MD5") { $cs .= "i"; }
- if ($cipher eq "SSL_RSA_WITH_3DES_EDE_CBC_SHA") { $cs .= "j"; }
- if ($cipher eq "SSL_RSA_WITH_DES_CBC_SHA") { $cs .= "k"; }
- if ($cipher eq "SSL_RSA_EXPORT_WITH_RC4_40_MD5") { $cs .= "l"; }
- if ($cipher eq "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5") { $cs .= "m"; }
- if ($cipher eq "SSL_RSA_WITH_NULL_MD5") { $cs .= "o"; }
- if ($cipher eq "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA") { $cs .= "p"; }
- if ($cipher eq "SSL_RSA_FIPS_WITH_DES_CBC_SHA") { $cs .= "q"; }
- }
-
- $hs = $query->param('host');
- if ($hs eq "") {
- print "</pre>You must specify a host to connect to.<br><br>\n";
- exit(0);
- }
-
- $ps = $query->param('policy');
-
- $cmdstring = "$sslstrength $hs policy=$ps ciphers=$cs";
-
- print "running sslstrength:\n";
- print "$cmdstring\n";
-
- $r = open(SSLS, "$cmdstring |");
- if ($r == 0) {
- print "<pre>There was a problem starting $cmdstring<br><br>\n";
- exit(0);
- }
- while (<SSLS>) {
- print "$_";
- }
- close(SSLS);
-
-
- print "</pre>\n";
-
-}
-
-else {
-print "<FORM method=post action=$sslcgi>\n";
-print "<hr>
-<h2>Host Name</h2>
-<TABLE BORDER=0 CELLPADDING=20>
-<TR>
-<TD>
-Type hostname here:<br>
-<input type=text name=host size=30>&nbsp;<br><br>
-<TD>
- <b>Or click these buttons to test some well-known servers</b><br>
- <TABLE BORDER=0>
- <TR>
- <TD>
- Export servers:
- <TD>
- <input type=button value='F-Tech' onclick=dohost(this.form,'strongbox.ftech.net')>
- </TR>
- <TR>
- <TD>
- Domestic servers:
- <TD>
- <input type=button value='Wells Fargo' onclick=dohost(this.form,'banking.wellsfargo.com')>
- </TR>
- <TR>
- <TD>
- Step-Up Servers
- <TD>
- <input type=button value='Barclaycard' onclick=dohost(this.form,'enigma.barclaycard.co.uk')>
- <input type=button value='BBVnet' onclick=dohost(this.form,'www.bbvnet.com')>&nbsp;
- <input type=button value='BHIF' onclick=dohost(this.form,'empresas.bhif.cl')>&nbsp;
- </TR>
- </TABLE>
-</TR>
-</TABLE>
-<br>
-<hr>
-<br>
-<h2>Encryption policy</h2>
-<input type=radio name=policy VALUE=export onclick=doexport(this.form)>&nbsp;
-Export<br>
-<input type=radio name=policy VALUE=domestic CHECKED onclick=dodomestic(this.form)>&nbsp;
-Domestic<br>
-<br>
-<hr>
-<br>
-<h2>Cipher Selection</h2>
-(use ctrl to multi-select)<br>
-<table>
-<tr>
-<td>SSL 2 Ciphers
-<td>
-<SELECT NAME=ssl2ciphers SIZE=6 MULTIPLE align=bottom>
-<OPTION SELECTED>SSL_EN_RC4_128_WITH_MD5
-<OPTION SELECTED>SSL_EN_RC2_128_CBC_WITH_MD5
-<OPTION SELECTED>SSL_EN_DES_192_EDE3_CBC_WITH_MD5
-<OPTION SELECTED>SSL_EN_DES_64_CBC_WITH_MD5
-<OPTION SELECTED>SSL_EN_RC4_128_EXPORT40_WITH_MD5
-<OPTION SELECTED>SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5
-</SELECT>
-<input type=button Value='Clear all' onclick = 'doclearssl2(this.form)'>
-</tr>
-<tr>
-<td>SSL3 Ciphers
-<td>
-<SELECT NAME=ssl3ciphers SIZE=8 MULTIPLE>
-<OPTION SELECTED>SSL_RSA_WITH_RC4_128_MD5
-<OPTION SELECTED>SSL_RSA_WITH_3DES_EDE_CBC_SHA
-<OPTION SELECTED>SSL_RSA_WITH_DES_CBC_SHA
-<OPTION SELECTED>SSL_RSA_EXPORT_WITH_RC4_40_MD5
-<OPTION SELECTED>SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
-<OPTION SELECTED>SSL_RSA_WITH_NULL_MD5
-<OPTION SELECTED>SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
-<OPTION SELECTED>SSL_RSA_FIPS_WITH_DES_CBC_SHA
-</SELECT>
-<input type=button value='Clear all' onclick = 'doclearssl3(this.form)'>
-
-<TD>
-<input type=submit name=dotest value='Run SSLStrength'>
-</tr>
-</table>
-<input type=hidden name=dotest>
-<br>
-<br>
-</form>
-\n";
-
-}
-
-
-exit(0);
-
-
-__END__
-
- id CipherName Domestic Export
- a SSL_EN_RC4_128_WITH_MD5 (ssl2) Yes No
- b SSL_EN_RC2_128_CBC_WITH_MD5 (ssl2) Yes No
- c SSL_EN_DES_192_EDE3_CBC_WITH_MD5 (ssl2) Yes No
- d SSL_EN_DES_64_CBC_WITH_MD5 (ssl2) Yes No
- e SSL_EN_RC4_128_EXPORT40_WITH_MD5 (ssl2) Yes Yes
- f SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 (ssl2) Yes Yes
- i SSL_RSA_WITH_RC4_128_MD5 (ssl3) Yes Step-up only
- j SSL_RSA_WITH_3DES_EDE_CBC_SHA (ssl3) Yes Step-up only
- k SSL_RSA_WITH_DES_CBC_SHA (ssl3) Yes No
- l SSL_RSA_EXPORT_WITH_RC4_40_MD5 (ssl3) Yes Yes
- m SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (ssl3) Yes Yes
- o SSL_RSA_WITH_NULL_MD5 (ssl3) Yes Yes
-
-
-
diff --git a/security/nss/cmd/sslstrength/sslstrength.c b/security/nss/cmd/sslstrength/sslstrength.c
deleted file mode 100644
index 7351dfea0..000000000
--- a/security/nss/cmd/sslstrength/sslstrength.c
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef SSLTELNET
-#include <termios.h>
-#endif
-
-/* Portable layer header files */
-#include "prinit.h"
-#include "prprf.h"
-#include "prsystem.h"
-#include "prmem.h"
-#include "plstr.h"
-#include "prnetdb.h"
-#include "prinrval.h"
-
-#include "secutil.h"
-
-/* Security library files */
-#include "cert.h"
-#include "ssl.h"
-#include "sslproto.h"
-
-/* define this if you want telnet capability! */
-
-/* #define SSLTELNET 1 */
-
-PRInt32 debug;
-
-#ifdef DEBUG_stevep
-#define dbmsg(x) if (verbose) PR_fprintf(PR_STDOUT,x);
-#else
-#define dbmsg(x) ;
-#endif
-
-
-/* Set SSL Policy to Domestic (strong=1) or Export (strong=0) */
-
-#define ALLOW(x) SSL_CipherPolicySet(x,SSL_ALLOWED); SSL_CipherPrefSetDefault(x,1);
-#define DISALLOW(x) SSL_CipherPolicySet(x,SSL_NOT_ALLOWED); SSL_CipherPrefSetDefault(x,0);
-#define MAYBEALLOW(x) SSL_CipherPolicySet(x,SSL_RESTRICTED); SSL_CipherPrefSetDefault(x,1);
-
-struct CipherPolicy {
- char number;
- long id;
- char *name;
- PRInt32 pref;
- PRInt32 domestic;
- PRInt32 export;
-};
-
-struct CipherPolicy ciphers[] = {
- { 'a',SSL_EN_RC4_128_WITH_MD5, "SSL_EN_RC4_128_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'b',SSL_EN_RC2_128_CBC_WITH_MD5, "SSL_EN_RC2_128_CBC_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'c',SSL_EN_DES_192_EDE3_CBC_WITH_MD5, "SSL_EN_DES_192_EDE3_CBC_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'd',SSL_EN_DES_64_CBC_WITH_MD5, "SSL_EN_DES_64_CBC_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'e',SSL_EN_RC4_128_EXPORT40_WITH_MD5, "SSL_EN_RC4_128_EXPORT40_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_ALLOWED },
- { 'f',SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, "SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 (ssl2)",1, SSL_ALLOWED,SSL_ALLOWED },
-#ifdef FORTEZZA
- { 'g',SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, "SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA",1,SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'h',SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, "SSL_FORTEZZA_DMS_WITH_RC4_128_SHA",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-#endif
- { 'i',SSL_RSA_WITH_RC4_128_MD5, "SSL_RSA_WITH_RC4_128_MD5 (ssl3)",1, SSL_ALLOWED,SSL_RESTRICTED },
- { 'j',SSL_RSA_WITH_3DES_EDE_CBC_SHA, "SSL_RSA_WITH_3DES_EDE_CBC_SHA (ssl3)",1, SSL_ALLOWED,SSL_RESTRICTED },
- { 'k',SSL_RSA_WITH_DES_CBC_SHA, "SSL_RSA_WITH_DES_CBC_SHA (ssl3)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'l',SSL_RSA_EXPORT_WITH_RC4_40_MD5, "SSL_RSA_EXPORT_WITH_RC4_40_MD5 (ssl3)",1, SSL_ALLOWED,SSL_ALLOWED },
- { 'm',SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (ssl3)",1, SSL_ALLOWED,SSL_ALLOWED },
-#ifdef FORTEZZA
- { 'n',SSL_FORTEZZA_DMS_WITH_NULL_SHA, "SSL_FORTEZZA_DMS_WITH_NULL_SHA",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
-#endif
- { 'o',SSL_RSA_WITH_NULL_MD5, "SSL_RSA_WITH_NULL_MD5 (ssl3)",1, SSL_ALLOWED,SSL_ALLOWED },
- { 'p',SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (ssl3)",1, SSL_ALLOWED,SSL_NOT_ALLOWED },
- { 'q',SSL_RSA_FIPS_WITH_DES_CBC_SHA, "SSL_RSA_FIPS_WITH_DES_CBC_SHA (ssl3)",1, SSL_ALLOWED,SSL_NOT_ALLOWED }
-
-};
-
-void PrintErrString(char *progName,char *msg) {
-
- PRErrorCode e = PORT_GetError();
- char *s=NULL;
-
-
- if ((e >= PR_NSPR_ERROR_BASE) && (e < PR_MAX_ERROR)) {
-
- if (e == PR_DIRECTORY_LOOKUP_ERROR)
- s = PL_strdup("Hostname Lookup Failed");
- else if (e == PR_NETWORK_UNREACHABLE_ERROR)
- s = PL_strdup("Network Unreachable");
- else if (e == PR_CONNECT_TIMEOUT_ERROR)
- s = PL_strdup("Connection Timed Out");
- else s = PR_smprintf("%d",e);
-
- if (!s) return;
- }
- else {
- s = PL_strdup(SECU_ErrorString(e));
- }
-
- PR_fprintf(PR_STDOUT,"%s: ",progName);
- if (s) {
- if (strlen(s) > 0)
- PR_fprintf(PR_STDOUT, "%s\n", s);
- else
- PR_fprintf(PR_STDOUT, "\n");
-
- PR_Free(s);
- }
-
-}
-
-void PrintCiphers(int onlyenabled) {
- int ciphercount,i;
-
- if (onlyenabled) {
- PR_fprintf(PR_STDOUT,"Your Cipher preference:\n");
- }
-
- ciphercount = sizeof(ciphers)/sizeof(struct CipherPolicy);
- PR_fprintf(PR_STDOUT,
- " %s %-45s %-12s %-12s\n","id","CipherName","Domestic","Export");
-
- for (i=0;i<ciphercount;i++) {
- if ( (onlyenabled ==0) || ((onlyenabled==1)&&(ciphers[i].pref))) {
- PR_fprintf(PR_STDOUT,
- " %c %-45s %-12s %-12s\n",ciphers[i].number,ciphers[i].name,
- (ciphers[i].domestic==SSL_ALLOWED)?"Yes":
- ( (ciphers[i].domestic==SSL_NOT_ALLOWED)?"No":"Step-up only"),
- (ciphers[i].export==SSL_ALLOWED)?"Yes":
- ( (ciphers[i].export==SSL_NOT_ALLOWED)?"No":"Step-up only"));
- }
- }
-}
-
-
-void SetPolicy(char *c,int policy) { /* policy==1 : domestic, policy==0, export */
- int i,j,cpolicy;
- /* first, enable all relevant ciphers according to policy */
- for (j=0;j<(sizeof(ciphers)/sizeof(struct CipherPolicy));j++) {
- SSL_CipherPolicySet(ciphers[j].id,policy?ciphers[j].domestic:ciphers[j].export);
- SSL_CipherPrefSetDefault(ciphers[j].id, PR_FALSE);
- ciphers[j].pref =0;
- }
-
-
- for (i=0;i<PL_strlen(c);i++) {
- for (j=0;j<(sizeof(ciphers)/sizeof(struct CipherPolicy));j++) {
- if (ciphers[j].number == c[i]) {
- cpolicy = policy?ciphers[j].domestic:ciphers[j].export;
- if (cpolicy == SSL_NOT_ALLOWED) {
- PR_fprintf(PR_STDOUT, "You're trying to enable a cipher (%c:%s) outside of your policy. ignored\n",
- c[i],ciphers[j].name);
- }
- else {
- ciphers[j].pref=1;
- SSL_CipherPrefSetDefault(ciphers[j].id, PR_TRUE);
- }
- }
- }
- }
-}
-
-
-int MyAuthCertificateHook(void *arg, PRFileDesc *fd, PRBool checksig, PRBool isserver) {
- return SECSuccess;
-}
-
-
-void Usage() {
-#ifdef SSLTELNET
- PR_fprintf(PR_STDOUT,"SSLTelnet ");
-#else
- PR_fprintf(PR_STDOUT,"SSLStrength (No telnet functionality) ");
-#endif
- PR_fprintf(PR_STDOUT,"Version 1.5\n");
-
- PR_fprintf(PR_STDOUT,"Usage:\n sslstrength hostname[:port] [ciphers=xyz] [certdir=x] [debug] [verbose] "
-#ifdef SSLTELNET
-"[telnet]|[servertype]|[querystring=<string>] "
-#endif
-"[policy=export|domestic]\n sslstrength ciphers\n");
-}
-
-
-PRInt32 debug = 0;
-PRInt32 verbose = 0;
-
-PRInt32 main(PRInt32 argc,char **argv, char **envp)
-{
-
-
- /* defaults for command line arguments */
- char *hostnamearg=NULL;
- char *portnumarg=NULL;
- char *sslversionarg=NULL;
- char *keylenarg=NULL;
- char *certdir=NULL;
- char *hostname;
- char *nickname=NULL;
- char *progname=NULL;
- /* struct sockaddr_in addr; */
- PRNetAddr addr;
-
- int ss_on;
- char *ss_cipher;
- int ss_keysize;
- int ss_secretsize;
- char *ss_issuer;
- char *ss_subject;
- int policy=1;
- char *set_ssl_policy=NULL;
- int print_ciphers=0;
-
- char buf[10];
- char netdbbuf[PR_NETDB_BUF_SIZE];
- PRHostEnt hp;
- PRStatus r;
- PRNetAddr na;
- SECStatus rv;
- int portnum=443; /* default https: port */
- PRFileDesc *s,*fd;
-
- CERTCertDBHandle *handle;
- CERTCertificate *c;
- PRInt32 i;
-#ifdef SSLTELNET
- struct termios tmp_tc;
- char cb;
- int prev_lflag,prev_oflag,prev_iflag;
- int t_fin,t_fout;
- int servertype=0, telnet=0;
- char *querystring=NULL;
-#endif
-
- debug = 0;
-
- progname = (char *)PL_strrchr(argv[0], '/');
- progname = progname ? progname+1 : argv[0];
-
- /* Read in command line args */
- if (argc == 1) {
- Usage();
- return(0);
- }
-
- if (! PL_strcmp("ciphers",argv[1])) {
- PrintCiphers(0);
- exit(0);
- }
-
- hostname = argv[1];
-
- if (!PL_strcmp(hostname , "usage") || !PL_strcmp(hostname, "-help") ) {
- Usage();
- exit(0);
- }
-
- if ((portnumarg = PL_strchr(hostname,':'))) {
- *portnumarg = 0;
- portnumarg = &portnumarg[1];
- }
-
- if (portnumarg) {
- if (PL_strlen(portnumarg) == 0) {
- PR_fprintf(PR_STDOUT,"malformed port number supplied\n");
- return(1);
- }
- portnum = atoi(portnumarg);
- }
-
- for (i = 2 ; i < argc; i++)
- {
- if (!PL_strncmp(argv[i] , "sslversion=",11) )
- sslversionarg=&(argv[i][11]);
- else if (!PL_strncmp(argv[i], "certdir=",8) )
- certdir = &(argv[i][8]);
- else if (!PL_strncmp(argv[i], "ciphers=",8) )
- {
- set_ssl_policy=&(argv[i][8]);
- }
- else if (!PL_strncmp(argv[i], "policy=",7) ) {
- if (!PL_strcmp(&(argv[i][7]),"domestic")) policy=1;
- else if (!PL_strcmp(&(argv[i][7]),"export")) policy=0;
- else {
- PR_fprintf(PR_STDOUT,"sslstrength: invalid argument. policy must be one of (domestic,export)\n");
- }
- }
- else if (!PL_strcmp(argv[i] , "debug") )
- debug = 1;
-#ifdef SSLTELNET
- else if (!PL_strcmp(argv[i] , "telnet") )
- telnet = 1;
- else if (!PL_strcmp(argv[i] , "servertype") )
- servertype = 1;
- else if (!PL_strncmp(argv[i] , "querystring=",11) )
- querystring = &argv[i][12];
-#endif
- else if (!PL_strcmp(argv[i] , "verbose") )
- verbose = 1;
- }
-
-#ifdef SSLTELNET
- if (telnet && (servertype || querystring)) {
- PR_fprintf(PR_STDOUT,"You can't use telnet and (server or querystring) options at the same time\n");
- exit(1);
- }
-#endif
-
- PR_fprintf(PR_STDOUT,"Using %s policy\n",policy?"domestic":"export");
-
- /* use current directory for certificate database if not set */
-
- if (! certdir) {
- certdir = PR_smprintf(".");
- }
-
- SECU_ConfigDirectory(certdir);
-
-
- /* allow you to set env var SSLDIR to set the cert directory */
- if (! certdir) certdir = SECU_DefaultSSLDir();
- if (certdir) SECU_ConfigDirectory(certdir);
-
- /* PR_Init(progname, 1, 1, 0); */
- SECU_PKCS11Init(PR_FALSE /*readOnly==PR_FALSE*/);
-
- /* Lookup host */
- r = PR_GetHostByName(hostname,netdbbuf,PR_NETDB_BUF_SIZE,&hp);
-
- if (r) {
- PrintErrString(progname,"Host Name lookup failed");
- return(1);
- }
-
- /* should the third field really be 0? */
-
- PR_EnumerateHostEnt(0,&hp,0,&na);
- PR_InitializeNetAddr(PR_IpAddrNull,portnum,&na);
-
- PR_fprintf(PR_STDOUT,"Connecting to %s:%d\n",hostname, portnum);
-
- /* Create socket */
-
- fd = PR_NewTCPSocket();
- if (fd == NULL) {
- PrintErrString(progname, "error creating socket");
- return -1;
- }
-
- s = SSL_ImportFD(NULL,fd);
- if (s == NULL) {
- PrintErrString(progname, "error creating socket");
- return -1;
- }
-
- /* Initialize all the libsec goodies */
- SEC_Init();
-
- dbmsg("10: About to enable security\n");
-
- rv = SSL_OptionSet(s, SSL_SECURITY, PR_TRUE);
- if (rv < 0) {
- PrintErrString(progname, "error enabling socket");
- return -1;
- }
-
- if (set_ssl_policy) {
- SetPolicy(set_ssl_policy,policy);
- }
- else {
- PR_fprintf(PR_STDOUT,"Using all ciphersuites usually found in client\n");
- if (policy) {
- SetPolicy("abcdefghijklmnopqrst",policy);
- }
- else {
- SetPolicy("efghijlmo",policy);
- }
- }
-
- PrintCiphers(1);
-
- rv = SSL_OptionSet(s, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
- if (rv < 0) {
- PrintErrString(progname, "error enabling client handshake");
- return -1;
- }
-
- handle = (CERTCertDBHandle *)PORT_ZAlloc(sizeof(CERTCertDBHandle));
- if (!handle) {
- PrintErrString(progname, "could not allocate database handle");
- return -1;
- }
-
- dbmsg("20: About to open certificate database\n");
-
-
- /* Open up the certificate database */
- rv = CERT_OpenCertDBFilename(handle, "cert7.db", PR_TRUE);
- if ( rv ) {
- PrintErrString(progname, "unable to open cert database");
- rv = CERT_OpenVolatileCertDB(handle);
- }
-
- CERT_SetDefaultCertDB(handle);
-
- dbmsg("30: About to set AuthCertificateHook\n");
-
-
- SSL_AuthCertificateHook(s, MyAuthCertificateHook, (void *)handle);
- /* SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle); */
- /* SSL_GetClientAuthDataHook(s, GetClientAuthDataHook, (void *)nickname);*/
-
-
- dbmsg("40: About to SSLConnect\n");
-
- /* Try to connect to the server */
- /* now SSL_Connect takes new arguments. */
-
-
- r = PR_Connect(s, &na, PR_TicksPerSecond()*5);
- if (r < 0) {
- PrintErrString(progname, "unable to connect");
- return -1;
- }
-
- rv = SSL_ForceHandshake(s);
-
- if (rv) {
- PrintErrString(progname,"SSL Handshake failed. ");
- exit(1);
- }
-
- rv = SSL_SecurityStatus(s, &ss_on, &ss_cipher,
- &ss_keysize, &ss_secretsize,
- &ss_issuer, &ss_subject);
-
-
- dbmsg("60: done with security status, about to print\n");
-
- c = SSL_PeerCertificate(s);
- if (!c) PR_fprintf(PR_STDOUT,"Couldn't retrieve peers Certificate\n");
- PR_fprintf(PR_STDOUT,"SSL Connection Status\n",rv);
-
- PR_fprintf(PR_STDOUT," Cipher: %s\n",ss_cipher);
- PR_fprintf(PR_STDOUT," Key Size: %d\n",ss_keysize);
- PR_fprintf(PR_STDOUT," Secret Key Size: %d\n",ss_secretsize);
- PR_fprintf(PR_STDOUT," Issuer: %s\n",ss_issuer);
- PR_fprintf(PR_STDOUT," Subject: %s\n",ss_subject);
-
- PR_fprintf(PR_STDOUT," Valid: from %s to %s\n",
- c==NULL?"???":DER_UTCDayToAscii(&c->validity.notBefore),
- c==NULL?"???":DER_UTCDayToAscii(&c->validity.notAfter));
-
-#ifdef SSLTELNET
-
-
-
-
- if (servertype || querystring) {
- char buffer[1024];
- char ch;
- char qs[] = "HEAD / HTTP/1.0";
-
-
-
-
- if (!querystring) querystring = qs;
- PR_fprintf(PR_STDOUT,"\nServer query mode\n>>Sending:\n%s\n",querystring);
-
- PR_fprintf(PR_STDOUT,"\n*** Server said:\n");
- ch = querystring[PL_strlen(querystring)-1];
- if (ch == '"' || ch == '\'') {
- PR_fprintf(PR_STDOUT,"Warning: I'm not smart enough to cope with quotes mid-string like that\n");
- }
-
- rv = PR_Write(s,querystring,PL_strlen(querystring));
- if ((rv < 1) ) {
- PR_fprintf(PR_STDOUT,"Oh dear - couldn't send servertype query\n");
- goto closedown;
- }
-
- rv = PR_Write(s,"\r\n\r\n",4);
- rv = PR_Read(s,buffer,1024);
- if ((rv < 1) ) {
- PR_fprintf(PR_STDOUT,"Oh dear - couldn't read server repsonse\n");
- goto closedown;
- }
- PR_Write(PR_STDOUT,buffer,rv);
- }
-
-
- if (telnet) {
-
- PR_fprintf(PR_STDOUT,"---------------------------\n"
- "telnet mode. CTRL-C to exit\n"
- "---------------------------\n");
-
-
-
- /* fudge terminal attributes */
- t_fin = PR_FileDesc2NativeHandle(PR_STDIN);
- t_fout = PR_FileDesc2NativeHandle(PR_STDOUT);
-
- tcgetattr(t_fin,&tmp_tc);
- prev_lflag = tmp_tc.c_lflag;
- prev_oflag = tmp_tc.c_oflag;
- prev_iflag = tmp_tc.c_iflag;
- tmp_tc.c_lflag &= ~ECHO;
- /* tmp_tc.c_oflag &= ~ONLCR; */
- tmp_tc.c_lflag &= ~ICANON;
- tmp_tc.c_iflag &= ~ICRNL;
- tmp_tc.c_cflag |= CS8;
- tmp_tc.c_cc[VMIN] = 1;
- tmp_tc.c_cc[VTIME] = 0;
-
- tcsetattr(t_fin, TCSANOW, &tmp_tc);
- /* ioctl(tin, FIONBIO, (char *)&onoff);
- ioctl(tout, FIONBIO, (char *)&onoff);*/
-
-
- {
- PRPollDesc pds[2];
- char buffer[1024];
- int amt,amtwritten;
- char *x;
-
- /* STDIN */
- pds[0].fd = PR_STDIN;
- pds[0].in_flags = PR_POLL_READ;
- pds[1].fd = s;
- pds[1].in_flags = PR_POLL_READ | PR_POLL_EXCEPT;
-
- while (1) {
- int nfds;
-
- nfds = PR_Poll(pds,2,PR_SecondsToInterval(2));
- if (nfds == 0) continue;
-
- /** read input from keyboard*/
- /* note: this is very inefficient if reading from a file */
-
- if (pds[0].out_flags & PR_POLL_READ) {
- amt = PR_Read(PR_STDIN,&buffer,1);
- /* PR_fprintf(PR_STDOUT,"fd[0]:%d=%d\r\n",amt,buffer[0]); */
- if (amt == 0) {
- PR_fprintf(PR_STDOUT,"\n");
- goto loser;
- }
-
- if (buffer[0] == '\r') {
- buffer[0] = '\r';
- buffer[1] = '\n';
- amt = 2;
- }
- rv = PR_Write(PR_STDOUT,buffer,amt);
-
-
- rv = PR_Write(s,buffer,amt);
- if (rv == -1) {
- PR_fprintf(PR_STDOUT,"Error writing to socket: %d\n",PR_GetError());
- }
- }
-
- /***/
-
-
- /***/
- if (pds[1].out_flags & PR_POLL_EXCEPT) {
- PR_fprintf(PR_STDOUT,"\r\nServer closed connection\r\n");
- goto loser;
- }
- if (pds[1].out_flags & PR_POLL_READ) {
- amt = PR_Read(s,&buffer,1024);
-
- if (amt == 0) {
- PR_fprintf(PR_STDOUT,"\r\nServer closed connection\r\n");
- goto loser;
- }
- rv = PR_Write(PR_STDOUT,buffer,amt);
- }
- /***/
-
- }
- }
- loser:
-
- /* set terminal back to normal */
- tcgetattr(t_fin,&tmp_tc);
-
- tmp_tc.c_lflag = prev_lflag;
- tmp_tc.c_oflag = prev_oflag;
- tmp_tc.c_iflag = prev_iflag;
- tcsetattr(t_fin, TCSANOW, &tmp_tc);
-
- /* ioctl(tin, FIONBIO, (char *)&onoff);
- ioctl(tout, FIONBIO, (char *)&onoff); */
- }
-
-#endif
- /* SSLTELNET */
-
- closedown:
-
- PR_Close(s);
-
- return(0);
-
-} /* main */
-
-/*EOF*/
-
diff --git a/security/nss/cmd/sslstrength/sslwrap b/security/nss/cmd/sslstrength/sslwrap
deleted file mode 100755
index e6955dc92..000000000
--- a/security/nss/cmd/sslstrength/sslwrap
+++ /dev/null
@@ -1,181 +0,0 @@
-#!/usr/bin/perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-@profiles = (
-# "host:port" "policy" "ciphers" "exp-cipher" "expkeysize"
-
- [ "cfu:443", "export", "efijlmo", "RC4-40", "40" ],
- [ "hbombsgi:448", "export", "efijlmo", "RC4-40", "40" ],
- [ "hbombsgi:448", "domestic", "abcdefijklmo", "RC4", "128" ],
- [ "gandalf:5666", "domestic", "abcdefijklmo", "RC4", "128" ],
- [ "gandalf:5666", "export", "efijlmo", "RC4", "128" ],
- [ "gandalf:5666", "domestic", "j", "3DES-EDE-CBC", "168" ],
- [ "gandalf:5666", "domestic", "k", "DES-CBC", "56" ],
- [ "gandalf:5666", "export", "l", "RC4-40", "40" ],
- [ "gandalf:5666", "export", "efijlmo", "RC4", "128" ],
- [ "hbombcfu:443", "export", "efijlmo", "RC4", "128" ],
-
- );
-
-$file = &filename;
-
-open(HTML, ">$file.htm") || die"Cannot open html output file\n";
-
-$mutversion = "";
-$platform = $ARGV[0];
-
-
-print HTML
-"<HTML><HEAD>
-<TITLE>ssl/sslstrength: Version: $mutversion Platform: $platform Run date mm/dd/yy</TITLE></HEAD><BODY>\n";
-
-print HTML
-"<TABLE BORDER=1><TR>
-<TD><B>Test Case Number</B></TD>
-<TD><B>Program</B></TD>
-<TD><B>Description of Test Case</B></TD>
-<TD><B>Start date/time<B></TD>
-<TD><B>End date/time<B></TD>
-<TD><B>PASS/FAIL</B></TD>
-</TR>\n";
-
-$countpass =0;
-$countfail =0;
-
-
-$testnum =0;
-for $profile (@profiles) {
- $testnum ++;
- ($host, $policy, $ciphers, $expcipher, $expkeysize) = @$profile;
-
- $cmd = "./sslstrength $host policy=$policy ciphers=$ciphers";
-
- $starttime = &datestring." ".&timestring;
- print STDERR "$cmd\n";
- open(PIPE, "$cmd|") || die "Cannot start sslstrength\n";
-
- $cipher = "";
- $keysize = "";
- while (<PIPE>) {
- chop;
- if (/^ Cipher: *(.*)/) {
- $cipher = $1;
- }
- if (/^ Secret Key Size: (.*)/) {
- $keysize = $1;
- }
- }
- close(PIPE);
- $endtime = &datestring." ".&timestring;
-
- if (( $? != 0) || ($cipher ne $expcipher) || ($keysize ne $expkeysize)) {
- $countfail ++;
- $passed =0;
- }
- else {
- $countpass ++;
- $passed =1;
- }
-
-print HTML
-"<TR>
-<TD><B>$testnum</B></TD>
-<TD></TD>
-<TD>$cmd</TD>
-<TD>$starttime</TD>
-<TD>$endtime</TD>
-<TD><B>".($passed ? "PASS" : "<FONT COLOR=red>FAIL: return code =
-c=$cipher, ec=$expcipher, s=$keysize, es=$expkeysize.</FONT>")."
-</B></TD>
-</TR>\n";
-
-}
-
-print HTML "</table>\n";
-
-close(HTML);
-
-open (SUM, ">$file.sum") ||die "couldn't open summary file for writing\n";
-
-print SUM <<EOM;
-[Status]
-mut=SSL
-mutversion=1.0
-platform=$platform
-pass=$countpass
-fail=$countfail
-knownFail=0
-malformed=0
-EOM
-
- close(SUM);
-
-
-
-sub timestring
-{
-
- my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
- my $string;
-
- $string = sprintf "%2d:%02d:%02d",$hour, $min, $sec;
- return $string;
-}
-
-sub datestring
-{
-
- my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
- my $string;
-
- $string = sprintf "%d/%d/%2d",$mon+1, $mday+1, $year;
- return $string;
-}
-
-sub filename
-{
-
- my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = localtime(time);
- my $string;
-
- $string = sprintf "%04d%02d%02d",$year+1900, $mon+1, $mday;
- return $string;
-}
-
-
-
-
-
-
diff --git a/security/nss/cmd/ssltap/Makefile b/security/nss/cmd/ssltap/Makefile
deleted file mode 100644
index f6d8cc93e..000000000
--- a/security/nss/cmd/ssltap/Makefile
+++ /dev/null
@@ -1,79 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-# Since ssltap doesn't use any of NSS, we'll skip NSS's link libs,
-# and just link with NSPR.
-#
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
--include ../platrules.mk
-
diff --git a/security/nss/cmd/ssltap/config.mk b/security/nss/cmd/ssltap/config.mk
deleted file mode 100644
index 23b15fbd5..000000000
--- a/security/nss/cmd/ssltap/config.mk
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-LDFLAGS = \
- $(DYNAMIC_LIB_PATH) \
- $(LDOPTS) \
- $(LIBPLC) \
- $(LIBPR) \
- $(DLLSYSTEM)
-
-#######################################################################
-# Adjust specific variables for all platforms #
-#######################################################################
-
-OS_CFLAGS += -DNSPR20=1
-
-
diff --git a/security/nss/cmd/ssltap/manifest.mn b/security/nss/cmd/ssltap/manifest.mn
deleted file mode 100644
index 0719e6de4..000000000
--- a/security/nss/cmd/ssltap/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-EXPORTS =
-
-CSRCS = ssltap.c \
- $(NULL)
-
-PROGRAM = ssltap
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = security seccmd dbm
-
-PACKAGE_FILES = ssltap-manual.html licence.doc ssltap.exe
-
-ARCHIVE_NAME = ssltap
-
diff --git a/security/nss/cmd/ssltap/ssltap-manual.html b/security/nss/cmd/ssltap/ssltap-manual.html
deleted file mode 100644
index 28c9e17ee..000000000
--- a/security/nss/cmd/ssltap/ssltap-manual.html
+++ /dev/null
@@ -1,199 +0,0 @@
-<HTML>
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<HEAD>
- <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
- <META NAME="GENERATOR" CONTENT="Mozilla/4.05 [en] (WinNT; U) [Netscape]">
- <META NAME="Author" CONTENT="Steve Parkinson">
- <TITLE>SSLTap - manual</TITLE>
-</HEAD>
-<BODY>
-
-<H1>
-SSLTap Manual page</H1>
-
-<H3>
-Summary</H3>
-A command-line proxy which is SSL-aware. It snoops on TCP connections,
-and displays the data going by, including SSL records and handshaking&nbsp;
-if the connection is SSL.
-<H3>
-Synopsis</H3>
-<TT>ssltap [-vhfsxl] [-p port] hostname:port</TT>
-
-<P><TT>&nbsp;&nbsp; -v&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [prints version string]</TT>
-<BR><TT>&nbsp;&nbsp; -h&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [outputs hex instead
-of ASCII]</TT>
-<BR><TT>&nbsp;&nbsp; -f&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [turn on Fancy HTML
-coloring]</TT>
-<BR><TT>&nbsp;&nbsp; -s&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [turn on SSL decoding]</TT>
-<BR><TT>&nbsp;&nbsp; -x&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [turn on extra SSL
-hex dumps]</TT>
-<BR><TT>&nbsp;&nbsp; -p port [specify rendezvous port (default 1924)]</TT>
-<BR><TT>&nbsp;&nbsp; -l&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [loop - continue
-to wait for more connections]</TT>
-<H3>
-Description</H3>
-SSLTap opens a socket on a rendezvous port, and waits for an incoming connection
-(client side). Once this connection arrives, SSLTap makes another connection
-to hostname:port (server side). It passes any data sent by the client to
-the server, and vice versa. However, SSLTap will also display the data
-to the console. It can do this for plain HTTP connections, or any TCP protocol.
-However, SSLTap can also work with SSL streams, as detailed below.
-
-<P>Let's assume your development machine is called 'intercept'. The simplest
-usage of SSLTap is to run the command <TT>'ssltap www.netscape.com:80'</TT>
-on intercept. The program will wait for an incoming connection on port
-1924. Next you would want to go to your browser, and enter the URL http://intercept:1924.
-The page retrieved by the browser will actually be gotten from the server
-at www.netscape.com, but will go via SSLTap.
-
-<P>Data sent from the client to the server is surrounded by a '--> [ ]'
-symbol, and data sent from the server to the client, a '&lt;---[&nbsp;
-]' symbol.
-
-<P>You'll notice that the page retrieved with this example looks incomplete.
-This is because SSLTap by default closes down after the first connection
-is complete, so the browser is not able to load images. To make the SSLTap
-continue to accept connections, switch on looping mode with the -l option.
-
-<P>You can change the default rendezvous port to something else with the
--p option.
-
-<P>The remaining options change the way the output is produced.
-
-<P>The -f option prints 'fancy' output - in colored HTML. Data sent from
-the client to the server is in blue. The server's reply is in red. This
-is designed so you can load the output up into a browser. When used with
-looping mode, the different connections are separated with horizontal lines.
-
-<P>-x will turn on HEX printing. Instead of being output as ascii, the
-data is shown as Hex, like this:
-<UL><TT>&lt;-- [</TT>
-<BR><TT>&nbsp;&nbsp; 0: 56 d5 16 3e&nbsp; a1 6b b1 4a&nbsp; 8f 67 c4 d7&nbsp;
-21 2f 6f dd&nbsp; | V..>.k.J.g..!/o.</TT>
-<BR><TT>&nbsp; 10: bb 22 c4 75&nbsp; 8c f4 ce 28&nbsp; 16 a6 20 aa&nbsp;
-fb 9a 59 a1&nbsp; | .".u...(.. ...Y.</TT>
-<BR><TT>&nbsp; 20: 51 91 14 d2&nbsp; fc 9f a7 ea&nbsp; 4d 9c f7 3a&nbsp;
-9d 83 62 4a&nbsp; | Q.......M..:..bJ</TT>
-<BR><TT>]</TT>
-<BR>&nbsp;</UL>
-
-<H4>
-SSL Parse mode</H4>
-The following options deal with SSL connections.
-<UL>-s will turn on SSL parsing. (SSLTap doesn't automatically detect SSL
-sessions.)
-<BR>-x will turn on extra SSL hexdumps. Mostly, if SSL can decode the data,
-it doesn't display the hex.</UL>
-The following SSL3 Data structures are parsed: Handshake, ClientHello,
-ServerHello, CertificateChain, Certificate. In addition, SSL2 ClientHello,
-ServerHello, ClientMasterKey are also partly parsed. NO DECRYPTION IS PERFORMED
-ON THE DATA. SSLTAP CANNOT DECRYPT the data.
-
-<P>If a certificate chain is detected, DER-encoded certificates will be
-saved into files in the current directory called 'cert.0x' where x is the
-sequence number of the certificate.
-<BR>&nbsp;
-<H3>
-Operation Hints</H3>
-Often, you'll find that the server certificate does not get transferred,
-or other parts of the handshake do not happen. This is because the browser
-is taking advantage of session-id-reuse (using the handshake results from
-a previous session). If you restart the browser, it'll clear the session
-id cache.
-
-<P>If you run the ssltap on a different machine that the ssl server you're
-trying to connect to, the browser will complain that the host name you're
-trying to connect to is different to the certificate, but it will still
-let you connect, after showing you a dialog.
-<H3>
-Bugs</H3>
-Please contact <A HREF="mailto:ssltap-support@netscape.com">ssltap-support@netscape.com</A>
-for bug reports.
-<H3>
-History</H3>
-2.1 - First public release (March 1998)
-<BR>&nbsp;
-<H3>
-Other</H3>
-For reference, here is a table of some well-known port numbers:
-<BR>&nbsp;
-<TABLE BORDER=2 >
-<TR>
-<TD>HTTP</TD>
-
-<TD>80</TD>
-</TR>
-
-<TR>
-<TD>SMTP</TD>
-
-<TD>25</TD>
-</TR>
-
-<TR>
-<TD>HTTPS</TD>
-
-<TD>443</TD>
-</TR>
-
-<TR>
-<TD>FTP</TD>
-
-<TD>21</TD>
-</TR>
-
-<TR>
-<TD>IMAPS</TD>
-
-<TD>993</TD>
-</TR>
-
-<TR>
-<TD>NNTP</TD>
-
-<TD>119</TD>
-</TR>
-
-<TR>
-<TD>NNTPS</TD>
-
-<TD>563</TD>
-</TR>
-</TABLE>
-&nbsp;
-
-<P>&nbsp;
-</BODY>
-</HTML>
diff --git a/security/nss/cmd/ssltap/ssltap.c b/security/nss/cmd/ssltap/ssltap.c
deleted file mode 100644
index 70c77ce31..000000000
--- a/security/nss/cmd/ssltap/ssltap.c
+++ /dev/null
@@ -1,1339 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ssltap.c
- *
- * Version 1.0 : Frederick Roeber : 11 June 1997
- * Version 2.0 : Steve Parkinson : 13 November 1997
- * Version 3.0 : Nelson Bolyard : 22 July 1998
- * Version 3.1 : Nelson Bolyard : 24 May 1999
- *
- * changes in version 2.0:
- * Uses NSPR20
- * Shows structure of SSL negotiation, if enabled.
- *
- * This "proxies" a socket connection (like a socks tunnel), but displays the
- * data is it flies by.
- *
- * In the code, the 'client' socket is the one on the client side of the
- * proxy, and the server socket is on the server side.
- *
- */
-
-#include "nspr.h"
-#include "plstr.h"
-#include "secutil.h"
-#include <memory.h> /* for memcpy, etc. */
-#include <string.h>
-#include <time.h>
-
-#include "plgetopt.h"
-
-#define VERSIONSTRING "$Revision$ ($Date$) $Author$"
-
-
-struct _DataBufferList;
-struct _DataBuffer;
-
-typedef struct _DataBufferList {
- struct _DataBuffer *first,*last;
- int size;
- int isEncrypted;
-} DataBufferList;
-
-typedef struct _DataBuffer {
- unsigned char *buffer;
- int length;
- int offset; /* offset of first good byte */
- struct _DataBuffer *next;
-} DataBuffer;
-
-
-DataBufferList
- clientstream = {NULL, NULL, 0, 0},
- serverstream = {NULL, NULL, 0, 0};
-
-struct sslhandshake {
- PRUint8 type;
- PRUint32 length;
-};
-
-typedef struct _SSLRecord {
- PRUint8 type;
- PRUint8 ver_maj,ver_min;
-
- PRUint8 length[2];
-} SSLRecord;
-
-typedef struct _ClientHelloV2 {
- PRUint8 length[2];
- PRUint8 type;
- PRUint8 version[2];
- PRUint8 cslength[2];
- PRUint8 sidlength[2];
- PRUint8 rndlength[2];
- PRUint8 csuites[1];
-} ClientHelloV2;
-
-typedef struct _ServerHelloV2 {
- PRUint8 length[2];
- PRUint8 type;
- PRUint8 sidhit;
- PRUint8 certtype;
- PRUint8 version[2];
- PRUint8 certlength[2];
- PRUint8 cslength[2];
- PRUint8 cidlength[2];
-} ServerHelloV2;
-
-typedef struct _ClientMasterKeyV2 {
- PRUint8 length[2];
- PRUint8 type;
-
- PRUint8 cipherkind[3];
- PRUint8 clearkey[2];
- PRUint8 secretkey[2];
-
-} ClientMasterKeyV2;
-
-
-
-#define TAPBUFSIZ 16384
-
-#define DEFPORT 1924
-#include <ctype.h>
-
-int hexparse=0;
-int sslparse=0;
-int sslhexparse=0;
-int looparound=0;
-int fancy=0;
-int isV2Session=0;
-
-#define GET_SHORT(x) ((PRUint16)(((PRUint16)((PRUint8*)x)[0]) << 8) + ((PRUint16)((PRUint8*)x)[1]))
-#define GET_24(x) ((PRUint32) ( \
- (((PRUint32)((PRUint8*)x)[0]) << 16) \
- + \
- (((PRUint32)((PRUint8*)x)[1]) << 8) \
- + \
- (((PRUint32)((PRUint8*)x)[2]) << 0) \
- ) )
-
-void print_hex(int amt, unsigned char *buf);
-void read_stream_bytes(unsigned char *d, DataBufferList *db, int length);
-
-void myhalt(int dblsize,int collectedsize) {
-
- while(1) ;
-
-}
-
-const char *get_error_text(int error) {
- switch (error) {
- case PR_IO_TIMEOUT_ERROR:
- return "Timeout";
- break;
- case PR_CONNECT_REFUSED_ERROR:
- return "Connection refused";
- break;
- case PR_NETWORK_UNREACHABLE_ERROR:
- return "Network unreachable";
- break;
- case PR_BAD_ADDRESS_ERROR:
- return "Bad address";
- break;
- case PR_CONNECT_RESET_ERROR:
- return "Connection reset";
- break;
- case PR_PIPE_ERROR:
- return "Pipe error";
- break;
- }
-
- return "";
-}
-
-
-
-
-
-void check_integrity(DataBufferList *dbl) {
- DataBuffer *db;
- int i;
-
- db = dbl->first;
- i =0;
- while (db) {
- i+= db->length - db->offset;
- db = db->next;
- }
- if (i != dbl->size) {
- myhalt(dbl->size,i);
- }
-}
-
-/* Free's the DataBuffer at the head of the list and returns the pointer
- * to the new head of the list.
- */
-DataBuffer *
-free_head(DataBufferList *dbl)
-{
- DataBuffer *db = dbl->first;
- PR_ASSERT(db->offset >= db->length);
- if (db->offset >= db->length) {
- dbl->first = db->next;
- if (dbl->first == NULL) {
- dbl->last = NULL;
- }
- PR_Free(db->buffer);
- PR_Free(db);
- db = dbl->first;
- }
- return db;
-}
-
-void
-read_stream_bytes(unsigned char *d, DataBufferList *dbl, int length) {
- int copied = 0;
- DataBuffer *db = dbl->first;
-
- if (!db) {
- PR_fprintf(PR_STDERR,"assert failed - dbl->first is null\n");
- exit(8);
- }
- while (length) {
- int toCopy;
- /* find the number of bytes to copy from the head buffer */
- /* if there's too many in this buffer, then only copy 'length' */
- toCopy = PR_MIN(db->length - db->offset, length);
-
- memcpy(d + copied, db->buffer + db->offset, toCopy);
- copied += toCopy;
- db->offset += toCopy;
- length -= toCopy;
- dbl->size -= toCopy;
-
- /* if we emptied the head buffer */
- if (db->offset >= db->length) {
- db = free_head(dbl);
- }
- }
-
- check_integrity(dbl);
-
-}
-
-void
-flush_stream(DataBufferList *dbl)
-{
- DataBuffer *db = dbl->first;
- check_integrity(dbl);
- while (db) {
- db->offset = db->length;
- db = free_head(dbl);
- }
- dbl->size = 0;
- check_integrity(dbl);
-}
-
-
-const char * V2CipherString(int cs_int) {
- char *cs_str;
- cs_str = NULL;
- switch (cs_int) {
-
- case 0x010080: cs_str = "SSL2/RSA/RC4-128/MD5"; break;
- case 0x020080: cs_str = "SSL2/RSA/RC4-40/MD5"; break;
- case 0x030080: cs_str = "SSL2/RSA/RC2CBC128/MD5"; break;
- case 0x040080: cs_str = "SSL2/RSA/RC2CBC40/MD5"; break;
- case 0x050080: cs_str = "SSL2/RSA/IDEA128CBC/MD5"; break;
- case 0x060040: cs_str = "SSL2/RSA/DES56-CBC/MD5"; break;
- case 0x0700C0: cs_str = "SSL2/RSA/3DES192EDE-CBC/MD5"; break;
-
- case 0x000001: cs_str = "SSL3/RSA/NULL/MD5"; break;
- case 0x000002: cs_str = "SSL3/RSA/NULL/SHA"; break;
- case 0x000003: cs_str = "SSL3/RSA/RC4-40/MD5"; break;
- case 0x000004: cs_str = "SSL3/RSA/RC4-128/MD5"; break;
- case 0x000005: cs_str = "SSL3/RSA/RC4-128/SHA"; break;
- case 0x000006: cs_str = "SSL3/RSA/RC2CBC40/MD5"; break;
- case 0x000007: cs_str = "SSL3/RSA/IDEA128CBC/SHA"; break;
- case 0x000008: cs_str = "SSL3/RSA/DES40-CBC/SHA"; break;
- case 0x000009: cs_str = "SSL3/RSA/DES56-CBC/SHA"; break;
- case 0x00000A: cs_str = "SSL3/RSA/3DES192EDE-CBC/SHA"; break;
-
- case 0x00000B: cs_str = "SSL3/DH-DSS/DES40-CBC/SHA"; break;
- case 0x00000C: cs_str = "SSL3/DH_DSS/DES56-CBC/SHA"; break;
- case 0x00000D: cs_str = "SSL3/DH-DSS/DES192EDE3CBC/SHA"; break;
- case 0x00000E: cs_str = "SSL3/DH-RSA/DES40-CBC/SHA"; break;
- case 0x00000F: cs_str = "SSL3/DH_RSA/DES56-CBC/SHA"; break;
- case 0x000010: cs_str = "SSL3/DH-RSA/3DES192EDE-CBC/SHA"; break;
-
- case 0x000011: cs_str = "SSL3/DHE-DSS/DES40-CBC/SHA"; break;
- case 0x000012: cs_str = "SSL3/DHE_DSS/DES56-CBC/SHA"; break;
- case 0x000013: cs_str = "SSL3/DHE-DSS/DES192EDE3CBC/SHA"; break;
- case 0x000014: cs_str = "SSL3/DHE-RSA/DES40-CBC/SHA"; break;
- case 0x000015: cs_str = "SSL3/DHE_RSA/DES56-CBC/SHA"; break;
- case 0x000016: cs_str = "SSL3/DHE-RSA/3DES192EDE-CBC/SHA"; break;
-
- case 0x000017: cs_str = "SSL3/DH-anon/RC4-40/MD5"; break;
- case 0x000018: cs_str = "SSL3/DH-anon/RC4-128/MD5"; break;
- case 0x000019: cs_str = "SSL3/DH-anon/DES40-CBC/SHA"; break;
- case 0x00001A: cs_str = "SSL3/DH-anon/DES56-CBC/SHA"; break;
- case 0x00001B: cs_str = "SSL3/DH-anon/3DES192EDE-CBC/SHA"; break;
-
- case 0x00001C: cs_str = "SSL3/FORTEZZA-DMS/NULL/SHA"; break;
- case 0x00001D: cs_str = "SSL3/FORTEZZA-DMS/FORTEZZA-CBC/SHA"; break;
- case 0x00001E: cs_str = "SSL3/FORTEZZA-DMS/RC4-128/SHA"; break;
-
- case 0x000062: cs_str = "TLS/RSA_EXPORT1024/DES56_CBC/SHA"; break;
- case 0x000064: cs_str = "TLS/RSA_EXPORT1024/RC4-56/SHA"; break;
- case 0x000063: cs_str = "TLS/DHE-DSS_EXPORT1024/DES56-CBC/SHA"; break;
- case 0x000065: cs_str = "TLS/DHE-DSS_EXPORT1024/RC4-56/SHA"; break;
- case 0x000066: cs_str = "TLS/DHE-DSS/RC4-128/SHA"; break;
-
- case 0x00ffe1: cs_str = "SSL3/RSA-FIPS/DES56-CBC/SHA"; break;
- case 0x00ffe0: cs_str = "SSL3/RSA-FIPS/3DES192EDE-CBC/SHA"; break;
-
- default: cs_str = "????/????????/?????????/???"; break;
- }
-
- return cs_str;
-}
-
-void partial_packet(int thispacket, int size, int needed)
-{
- PR_fprintf(PR_STDOUT,"(%u bytes", thispacket);
- if (thispacket < needed) {
- PR_fprintf(PR_STDOUT,", making %u", size);
- }
- PR_fprintf(PR_STDOUT," of %u", needed);
- if (size > needed) {
- PR_fprintf(PR_STDOUT,", with %u left over", size - needed);
- }
- PR_fprintf(PR_STDOUT,")\n");
-}
-
-char * get_time_string(void)
-{
- struct tm *tm;
- char *cp;
- char *eol;
- time_t tt;
-
- time(&tt);
-#if 0
- tm = localtime(&tt);
- cp = asctime(tm);
-#else
- cp = ctime(&tt);
-#endif
- eol = strchr(cp, '\n');
- if (eol)
- *eol = 0;
- return cp;
-}
-
-void print_sslv2(DataBufferList *s, unsigned char *tbuf, unsigned int alloclen)
-{
- ClientHelloV2 *chv2;
- ServerHelloV2 *shv2;
- unsigned char *pos;
- unsigned int p;
- unsigned int q;
- PRUint32 len;
-
- chv2 = (ClientHelloV2 *)tbuf;
- shv2 = (ServerHelloV2 *)tbuf;
- if (s->isEncrypted) {
- PR_fprintf(PR_STDOUT," [ssl2] Encrypted {...}\n");
- return;
- }
- PR_fprintf(PR_STDOUT," [%s]", get_time_string() );
- switch(chv2->type) {
- case 1:
- PR_fprintf(PR_STDOUT," [ssl2] ClientHelloV2 {\n");
- PR_fprintf(PR_STDOUT," version = {0x%02x, 0x%02x}\n",
- (PRUint32)chv2->version[0],(PRUint32)chv2->version[1]);
- PR_fprintf(PR_STDOUT," cipher-specs-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((chv2->cslength))),
- (PRUint32)(GET_SHORT((chv2->cslength))));
- PR_fprintf(PR_STDOUT," sid-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((chv2->sidlength))),
- (PRUint32)(GET_SHORT((chv2->sidlength))));
- PR_fprintf(PR_STDOUT," challenge-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((chv2->rndlength))),
- (PRUint32)(GET_SHORT((chv2->rndlength))));
- PR_fprintf(PR_STDOUT," cipher-suites = { \n");
- for (p=0;p<GET_SHORT((chv2->cslength));p+=3) {
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- cs_int = GET_24((&chv2->csuites[p]));
- cs_str = V2CipherString(cs_int);
-
- PR_fprintf(PR_STDOUT," (0x%06x) %s\n",
- cs_int, cs_str);
- }
- q = p;
- PR_fprintf(PR_STDOUT," }\n");
- if (chv2->sidlength) {
- PR_fprintf(PR_STDOUT," session-id = { ");
- for (p=0;p<GET_SHORT((chv2->sidlength));p+=2) {
- PR_fprintf(PR_STDOUT,"0x%04x ",(PRUint32)(GET_SHORT((&chv2->csuites[p+q]))));
- }
- }
- q += p;
- PR_fprintf(PR_STDOUT,"}\n");
- if (chv2->rndlength) {
- PR_fprintf(PR_STDOUT," challenge = { ");
- for (p=0;p<GET_SHORT((chv2->rndlength));p+=2) {
- PR_fprintf(PR_STDOUT,"0x%04x ",(PRUint32)(GET_SHORT((&chv2->csuites[p+q]))));
- }
- PR_fprintf(PR_STDOUT,"}\n");
- }
- PR_fprintf(PR_STDOUT,"}\n");
- break;
- /* end of V2 CLientHello Parsing */
-
- case 2: /* Client Master Key */
- {
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- ClientMasterKeyV2 *cmkv2;
- cmkv2 = (ClientMasterKeyV2 *)chv2;
- isV2Session = 1;
-
- PR_fprintf(PR_STDOUT," [ssl2] ClientMasterKeyV2 { \n");
-
- cs_int = GET_24(&cmkv2->cipherkind[0]);
- cs_str = V2CipherString(cs_int);
- PR_fprintf(PR_STDOUT," cipher-spec-chosen = (0x%06x) %s\n",
- cs_int, cs_str);
-
- PR_fprintf(PR_STDOUT," clear-portion = %d bits\n",
- 8*(PRUint32)(GET_SHORT((cmkv2->clearkey))));
-
- PR_fprintf(PR_STDOUT," }\n");
- clientstream.isEncrypted = 1;
- serverstream.isEncrypted = 1;
- }
- break;
-
-
- case 3:
- PR_fprintf(PR_STDOUT," [ssl2] Client Finished V2 {...}\n");
- isV2Session = 1;
- break;
-
-
- case 4: /* V2 Server Hello */
- isV2Session = 1;
-
- PR_fprintf(PR_STDOUT," [ssl2] ServerHelloV2 {\n");
- PR_fprintf(PR_STDOUT," sid hit = {0x%02x}\n",
- (PRUintn)shv2->sidhit);
- PR_fprintf(PR_STDOUT," version = {0x%02x, 0x%02x}\n",
- (PRUint32)shv2->version[0],(PRUint32)shv2->version[1]);
- PR_fprintf(PR_STDOUT," cipher-specs-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((shv2->cslength))),
- (PRUint32)(GET_SHORT((shv2->cslength))));
- PR_fprintf(PR_STDOUT," sid-length = %d (0x%02x)\n",
- (PRUint32)(GET_SHORT((shv2->cidlength))),
- (PRUint32)(GET_SHORT((shv2->cidlength))));
-
- pos = (unsigned char *)shv2;
- pos += 2; /* skip length header */
- pos += 11; /* position pointer to Certificate data area */
- q = GET_SHORT(&shv2->certlength);
- if (q >alloclen) {
- goto eosh;
- }
- pos += q; /* skip certificate */
-
- PR_fprintf(PR_STDOUT," cipher-suites = { ");
- len = GET_SHORT((shv2->cslength));
- for (p = 0; p < len; p += 3) {
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- cs_int = GET_24((pos+p));
- cs_str = V2CipherString(cs_int);
- PR_fprintf(PR_STDOUT,"\n ");
- PR_fprintf(PR_STDOUT,"(0x%06x) %s", cs_int, cs_str);
- }
- pos += len;
- PR_fprintf(PR_STDOUT," }\n"); /* End of cipher suites */
- len = (PRUint32)GET_SHORT((shv2->cidlength));
- if (len) {
- PR_fprintf(PR_STDOUT," connection-id = { ");
- for (p = 0; p < len; p += 2) {
- PR_fprintf(PR_STDOUT,"0x%04x ", (PRUint32)(GET_SHORT((pos + p))));
- }
- PR_fprintf(PR_STDOUT," }\n"); /* End of connection id */
- }
-eosh:
- PR_fprintf(PR_STDOUT,"\n }\n"); /* end of ServerHelloV2 */
- if (shv2->sidhit) {
- clientstream.isEncrypted = 1;
- serverstream.isEncrypted = 1;
- }
- break;
-
- case 5:
- PR_fprintf(PR_STDOUT," [ssl2] Server Verify V2 {...}\n");
- isV2Session = 1;
- break;
-
- case 6:
- PR_fprintf(PR_STDOUT," [ssl2] Server Finished V2 {...}\n");
- isV2Session = 1;
- break;
-
- case 7:
- PR_fprintf(PR_STDOUT," [ssl2] Request Certificate V2 {...}\n");
- isV2Session = 1;
- break;
-
- case 8:
- PR_fprintf(PR_STDOUT," [ssl2] Client Certificate V2 {...}\n");
- isV2Session = 1;
- break;
-
- default:
- PR_fprintf(PR_STDOUT," [ssl2] UnknownType 0x%02x {...}\n",
- (PRUint32)chv2->type);
- break;
- }
-}
-
-
-
-
-
-
-void print_ssl3_handshake(unsigned char *tbuf,
- unsigned int alloclen,
- SSLRecord * sr)
-{
- struct sslhandshake sslh;
- unsigned char * hsdata;
- int offset=0;
-
- PR_fprintf(PR_STDOUT," handshake {\n");
-
- while (offset < alloclen) {
- sslh.type = tbuf[offset];
- sslh.length = GET_24(tbuf+offset+1);
- hsdata= &tbuf[offset+4];
-
- if (sslhexparse) print_hex(4,tbuf+offset);
-
- PR_fprintf(PR_STDOUT," type = %d (",sslh.type);
- switch(sslh.type) {
- case 0: PR_fprintf(PR_STDOUT,"hello_request)\n"); break;
- case 1: PR_fprintf(PR_STDOUT,"client_hello)\n"); break;
- case 2: PR_fprintf(PR_STDOUT,"server_hello)\n"); break;
- case 11: PR_fprintf(PR_STDOUT,"certificate)\n"); break;
- case 12: PR_fprintf(PR_STDOUT,"server_key_exchange)\n"); break;
- case 13: PR_fprintf(PR_STDOUT,"certificate_request)\n"); break;
- case 14: PR_fprintf(PR_STDOUT,"server_hello_done)\n"); break;
- case 15: PR_fprintf(PR_STDOUT,"certificate_verify)\n"); break;
- case 16: PR_fprintf(PR_STDOUT,"client_key_exchange)\n"); break;
- case 20: PR_fprintf(PR_STDOUT,"finished)\n"); break;
- default: PR_fprintf(PR_STDOUT,"unknown)\n");
- }
-
- PR_fprintf(PR_STDOUT," length = %d (0x%06x)\n",sslh.length,sslh.length);
- switch (sslh.type) {
-
- case 1: /* client hello */
- switch (sr->ver_maj) {
- case 2: /* ssl version 2 */
- PR_fprintf(PR_STDOUT," ClientHelloV2 {...}\n");
- break;
- case 3: /* ssl version 3 */
- {
- int sidlength,pos,csuitelength,w;
- PR_fprintf(PR_STDOUT," ClientHelloV3 {\n");
- PR_fprintf(PR_STDOUT," client_version = {%d, %d}\n",
- (PRUint8)hsdata[0],(PRUint8)hsdata[1]);
- PR_fprintf(PR_STDOUT," random = {...}\n");
- if (sslhexparse) print_hex(32,&hsdata[2]);
- PR_fprintf(PR_STDOUT," session ID = {\n");
- sidlength = (int)hsdata[2+32];
- PR_fprintf(PR_STDOUT," length = %d\n",sidlength);
- PR_fprintf(PR_STDOUT," contents = {..}\n");
- if (sslhexparse) print_hex(sidlength,&hsdata[2+32+1]);
- PR_fprintf(PR_STDOUT," }\n");
- pos = 2+32+1+sidlength;
- csuitelength = GET_SHORT((hsdata+pos));
- PR_fprintf(PR_STDOUT," cipher_suites[%d] = { \n",
- csuitelength/2);
- if (csuitelength%1) {
- PR_fprintf(PR_STDOUT,
- "*error in protocol - csuitelength shouldn't be odd*\n");
- }
-
- for (w=0; w<csuitelength; w+=2) {
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- cs_int = GET_SHORT((hsdata+pos+2+w));
- cs_str = V2CipherString(cs_int);
-
- PR_fprintf(PR_STDOUT,
- " (0x%04x) %s\n", cs_int, cs_str);
- }
-
- /* for (w=0;w<csuitelength;w+=2) {
- PR_fprintf(PR_STDOUT,"0x%04x ",GET_SHORT((hsdata+pos+2+w)));
- } */
-
- PR_fprintf(PR_STDOUT,"\n }\n");
- PR_fprintf(PR_STDOUT," }\n");
-
-
-
- } /* end of ssl version 3 */
- break;
- default:
- PR_fprintf(PR_STDOUT," ClientHelloUndefinedVersion{}\n");
- } /* end of switch sr->ver_maj */
- break;
-
- case 2: /* server hello */
- {
- int sidlength, pos;
- const char *cs_str=NULL;
- PRUint32 cs_int=0;
- PR_fprintf(PR_STDOUT," ServerHello {\n");
- PR_fprintf(PR_STDOUT," server_version = {%d, %d}\n",
- (PRUint8)hsdata[0],(PRUint8)hsdata[1]);
- PR_fprintf(PR_STDOUT," random = {...}\n");
- if (sslhexparse) print_hex(32,&hsdata[2]);
- PR_fprintf(PR_STDOUT," session ID = {\n");
- sidlength = (int)hsdata[2+32];
- PR_fprintf(PR_STDOUT," length = %d\n",sidlength);
- PR_fprintf(PR_STDOUT," contents = {..}\n");
- if (sslhexparse) print_hex(sidlength,&hsdata[2+32+1]);
- PR_fprintf(PR_STDOUT," }\n");
- pos = 2+32+1+sidlength;
- cs_int = GET_SHORT((hsdata+pos));
- cs_str = V2CipherString(cs_int);
- PR_fprintf(PR_STDOUT," cipher_suite = (0x%04x) %s\n",
- cs_int, cs_str);
- PR_fprintf(PR_STDOUT," }\n");
- }
- break;
-
-
-
- case 11: /* certificate */
- {
- PRFileDesc *cfd;
- int pos;
- int certslength;
- int certlength;
- int certbytesread = 0;
- static int certFileNumber;
- char certFileName[20];
-
- PR_fprintf(PR_STDOUT," CertificateChain {\n");
- certslength = GET_24(hsdata);
- PR_fprintf(PR_STDOUT," chainlength = %d (0x%04x)\n",
- certslength,certslength);
- pos = 3;
- while (certbytesread < certslength) {
- certlength = GET_24((hsdata+pos));
- pos += 3;
- PR_fprintf(PR_STDOUT," Certificate {\n");
- PR_fprintf(PR_STDOUT," size = %d (0x%04x)\n",
- certlength,certlength);
-
- PR_snprintf(certFileName, sizeof certFileName, "cert.%03d",
- ++certFileNumber);
- cfd = PR_Open(certFileName, PR_WRONLY|PR_CREATE_FILE, 0664);
- if (!cfd) {
- PR_fprintf(PR_STDOUT,
- " data = { couldn't save file '%s' }\n",
- certFileName);
- } else {
- PR_Write(cfd, (hsdata+pos), certlength);
- PR_fprintf(PR_STDOUT,
- " data = { saved in file '%s' }\n",
- certFileName);
- PR_Close(cfd);
- }
-
- PR_fprintf(PR_STDOUT," }\n");
- pos += certlength;
- certbytesread += certlength+3;
- }
- PR_fprintf(PR_STDOUT," }\n");
- }
- break;
-
- case 13: /* certificate request */
- if (sslhexparse) {
- PR_fprintf(PR_STDOUT," CertificateRequest {\n");
- print_hex(sslh.length, hsdata);
- PR_fprintf(PR_STDOUT," }\n");
- }
- break;
-
- case 16: /* client key exchange */
- {
- PR_fprintf(PR_STDOUT," ClientKeyExchange {\n");
- PR_fprintf(PR_STDOUT," message = {...}\n");
- PR_fprintf(PR_STDOUT," }\n");
- }
- break;
-
- } /* end of switch sslh.type */
- offset += sslh.length + 4; /* +4 because of length (3 bytes) and type (1 byte) */
- } /* while */
- PR_fprintf(PR_STDOUT," }\n");
-}
-
-
-void print_ssl(DataBufferList *s, int length, unsigned char *buffer)
-{
- /* -------------------------------------------------------- */
- /* first, create a new buffer object for this piece of data. */
-
- DataBuffer *db;
- int i,l;
-
- if (s->size == 0 && length > 0 && buffer[0] >= 32 && buffer[0] < 128) {
- /* Not an SSL record, treat entire buffer as plaintext */
- PR_Write(PR_STDOUT,buffer,length);
- return;
- }
-
-
- check_integrity(s);
-
- i = 0;
- l = length;
-
- db = PR_NEW(struct _DataBuffer);
-
- db->buffer = (unsigned char*)PR_Malloc(length);
- db->length = length;
- db->offset = 0;
- memcpy(db->buffer, buffer, length);
- db->next = NULL;
-
- /* now, add it to the stream */
-
- if (s->last != NULL) s->last->next = db;
- s->last = db;
- s->size += length;
- if (s->first == NULL) s->first = db;
-
- check_integrity(s);
-
- /*------------------------------------------------------- */
- /* now we look at the stream to see if we have enough data to
- decode */
-
- while (s->size > 0 ) {
- unsigned char *tbuf = NULL;
-
- SSLRecord sr;
- unsigned alloclen;
- unsigned recordsize;
-
- check_integrity(s);
-
- if ( s->first == NULL) {
- PR_fprintf(PR_STDOUT,"ERROR: s->first is null\n");
- exit(9);
- }
-
- /* in the case of an SSL 2 client-hello (which is all ssltap supports) */
- /* will have the high-bit set, whereas an SSL 3 client-hello will not */
- /* SSL2 can also send records that begin with the high bit clear.
- * This code will incorrectly handle them. XXX
- */
- if (isV2Session || s->first->buffer[s->first->offset] & 0x80) {
- /* it's an SSL 2 packet */
- unsigned char lenbuf[3];
-
- /* first, we check if there's enough data for it to be an SSL2-type
- * record. What a pain.*/
- if (s->size < sizeof lenbuf) {
- partial_packet(length, s->size, sizeof lenbuf);
- return;
- }
-
- /* read the first two bytes off the stream. */
- read_stream_bytes(lenbuf, s, sizeof(lenbuf));
- alloclen = ((unsigned int)(lenbuf[0] & 0x7f) << 8) + lenbuf[1] +
- ((lenbuf[0] & 0x80) ? 2 : 3);
- PR_fprintf(PR_STDOUT, "alloclen = %u bytes\n", alloclen);
-
- /* put 'em back on the head of the stream. */
- db = PR_NEW(struct _DataBuffer);
-
- db->length = sizeof lenbuf;
- db->buffer = (unsigned char*) PR_Malloc(db->length);
- db->offset = 0;
- memcpy(db->buffer, lenbuf, sizeof lenbuf);
-
- db->next = s->first;
- s->first = db;
- if (s->last == NULL)
- s->last = db;
- s->size += db->length;
-
- /* if there wasn't enough, go back for more. */
- if (s->size < alloclen) {
- check_integrity(s);
- partial_packet(length, s->size, alloclen);
- return;
- }
- partial_packet(length, s->size, alloclen);
-
- /* read in the whole record. */
- tbuf = PR_Malloc(alloclen);
- read_stream_bytes(tbuf, s, alloclen);
-
- print_sslv2(s, tbuf, alloclen);
- PR_FREEIF(tbuf);
- check_integrity(s);
-
- continue;
- }
-
- /***********************************************************/
- /* It's SSL v3 */
- /***********************************************************/
- check_integrity(s);
-
- if (s->size < sizeof(SSLRecord)) {
- partial_packet(length, s->size, sizeof(SSLRecord));
- return;
- }
-
- read_stream_bytes((unsigned char *)&sr, s, sizeof sr);
-
- /* we have read the stream bytes. Look at the length of
- the ssl record. If we don't have enough data to satisfy this
- request, then put the bytes we just took back at the head
- of the queue */
- recordsize = GET_SHORT(sr.length);
-
- if (recordsize > s->size) {
- db = PR_NEW(struct _DataBuffer);
-
- db->length = sizeof sr;
- db->buffer = (unsigned char*) PR_Malloc(db->length);
- db->offset = 0;
- memcpy(db->buffer, &sr, sizeof sr);
- db->next = s->first;
-
- /* now, add it back on to the head of the stream */
-
- s->first = db;
- if (s->last == NULL)
- s->last = db;
- s->size += db->length;
-
- check_integrity(s);
- partial_packet(length, s->size, recordsize);
- return;
- }
- partial_packet(length, s->size, recordsize);
-
-
- PR_fprintf(PR_STDOUT,"SSLRecord { [%s]\n", get_time_string() );
- if (sslhexparse) {
- print_hex(5,(unsigned char*)&sr);
- }
-
- check_integrity(s);
-
- PR_fprintf(PR_STDOUT," type = %d (",sr.type);
- switch(sr.type) {
- case 20 :
- PR_fprintf(PR_STDOUT,"change_cipher_spec)\n");
- break;
- case 21 :
- PR_fprintf(PR_STDOUT,"alert)\n");
- break;
- case 22 :
- PR_fprintf(PR_STDOUT,"handshake)\n");
- break;
- case 23 :
- PR_fprintf(PR_STDOUT,"application_data)\n");
- break;
- default:
- PR_fprintf(PR_STDOUT,"unknown)\n");
- break;
- }
- PR_fprintf(PR_STDOUT," version = { %d,%d }\n",
- (PRUint32)sr.ver_maj,(PRUint32)sr.ver_min);
- PR_fprintf(PR_STDOUT," length = %d (0x%x)\n",
- (PRUint32)GET_SHORT(sr.length), (PRUint32)GET_SHORT(sr.length));
-
-
- alloclen = recordsize;
- PR_ASSERT(s->size >= alloclen);
- if (s->size >= alloclen) {
- tbuf = (unsigned char*) PR_Malloc(alloclen);
- read_stream_bytes(tbuf, s, alloclen);
-
- if (s->isEncrypted) {
- PR_fprintf(PR_STDOUT," < encrypted >\n");
- } else
-
- switch(sr.type) {
- case 20 : /* change_cipher_spec */
- if (sslhexparse) print_hex(alloclen,tbuf);
- s->isEncrypted = 1; /* mark to say we can only dump hex form now on */
- break;
-
- case 21 : /* alert */
- switch(tbuf[0]) {
- case 1: PR_fprintf(PR_STDOUT, " warning: "); break;
- case 2: PR_fprintf(PR_STDOUT, " fatal: "); break;
- default: PR_fprintf(PR_STDOUT, " unknown level %d: ", tbuf[0]); break;
- }
-
- switch(tbuf[1]) {
- case 0: PR_fprintf(PR_STDOUT, "close notify\n"); break;
- case 10: PR_fprintf(PR_STDOUT, "unexpected message\n"); break;
- case 20: PR_fprintf(PR_STDOUT, "bad record mac\n"); break;
- case 21: PR_fprintf(PR_STDOUT, "decryption failed\n"); break;
- case 22: PR_fprintf(PR_STDOUT, "record overflow\n"); break;
- case 30: PR_fprintf(PR_STDOUT, "decompression failure\n"); break;
- case 40: PR_fprintf(PR_STDOUT, "handshake failure\n"); break;
- case 41: PR_fprintf(PR_STDOUT, "no certificate\n"); break;
- case 42: PR_fprintf(PR_STDOUT, "bad certificate\n"); break;
- case 43: PR_fprintf(PR_STDOUT, "unsupported certificate\n"); break;
- case 44: PR_fprintf(PR_STDOUT, "certificate revoked\n"); break;
- case 45: PR_fprintf(PR_STDOUT, "certificate expired\n"); break;
- case 46: PR_fprintf(PR_STDOUT, "certificate unknown\n"); break;
- case 47: PR_fprintf(PR_STDOUT, "illegal parameter\n"); break;
- case 48: PR_fprintf(PR_STDOUT, "unknown CA\n"); break;
- case 49: PR_fprintf(PR_STDOUT, "access denied\n"); break;
- case 50: PR_fprintf(PR_STDOUT, "decode error\n"); break;
- case 51: PR_fprintf(PR_STDOUT, "decrypt error\n"); break;
- case 60: PR_fprintf(PR_STDOUT, "export restriction\n"); break;
- case 70: PR_fprintf(PR_STDOUT, "protocol version\n"); break;
- case 71: PR_fprintf(PR_STDOUT, "insufficient security\n"); break;
- case 80: PR_fprintf(PR_STDOUT, "internal error\n"); break;
- case 90: PR_fprintf(PR_STDOUT, "user canceled\n"); break;
- case 100: PR_fprintf(PR_STDOUT, "no renegotiation\n"); break;
- default: PR_fprintf(PR_STDOUT, "unknown error %d\n", tbuf[1]); break;
- }
-
- if (sslhexparse) print_hex(alloclen,tbuf);
- break;
-
- case 22 : /* handshake */
- print_ssl3_handshake( tbuf, alloclen, &sr );
- break;
-
- case 23 : /* application data */
- default:
- print_hex(alloclen,tbuf);
- break;
- }
- }
- PR_fprintf(PR_STDOUT,"}\n");
- PR_FREEIF(tbuf);
- check_integrity(s);
- }
-}
-
-void print_hex(int amt, unsigned char *buf) {
- int i,j,k;
- char *string = (char*)PR_Malloc(5000);
- char t[20];
-
-
- for(i=0;i<amt;i++) {
- t[1] =0;
-
- if (i%16 ==0) { /* if we are at the beginning of a line */
- PR_fprintf(PR_STDOUT,"%4x:",i); /* print the line number */
- strcpy(string,"");
- }
-
- if (i%4 == 0) {
- PR_fprintf(PR_STDOUT," ");
- }
-
- t[0] = buf[i];
-
- if (!isprint(t[0])) {
- t[0] = '.';
- }
- if (fancy) {
- switch (t[0]) {
- case '<':
- strcpy(t,"&lt;");
- break;
- case '>':
- strcpy(t,"&gt;");
- break;
- case '&':
- strcpy(t,"&amp;");
- break;
- }
- }
- strcat(string,t);
-
- PR_fprintf(PR_STDOUT,"%02x ",(PRUint8) buf[i]);
-
- /* if we've reached the end of the line - add the string */
- if (i%16 == 15) PR_fprintf(PR_STDOUT," | %s\n",string);
- }
- /* we reached the end of the buffer,*/
- /* do we have buffer left over? */
- j = i%16;
- if (j > 0) {
- for (k=0;k<(16-j);k++) PR_fprintf(PR_STDOUT," ");
- PR_fprintf(PR_STDOUT," |%s\n",string);
- }
- PR_Free(string);
-}
-
-void Usage(void) {
- PR_fprintf(PR_STDERR, "SSLTAP (C) 1997, 1998 Netscape Communications Corporation.\n");
- PR_fprintf(PR_STDERR, "Usage: ssltap [-vhfsxl] [-p port] hostname:port\n");
- PR_fprintf(PR_STDERR, " -v [prints version string]\n");
- PR_fprintf(PR_STDERR, " -h [outputs hex instead of ASCII]\n");
- PR_fprintf(PR_STDERR, " -f [turn on Fancy HTML coloring]\n");
- PR_fprintf(PR_STDERR, " -s [turn on SSL decoding]\n");
- PR_fprintf(PR_STDERR, " -x [turn on extra SSL hex dumps]\n");
- PR_fprintf(PR_STDERR, " -p port [specify rendezvous port (default 1924)]\n");
- PR_fprintf(PR_STDERR, " -l [loop - continue to wait for more connections]\n");
-
-
-}
-
-void
-showErr(const char * msg) {
- PRErrorCode err = PR_GetError();
- const char * errString;
-
- if (err == PR_UNKNOWN_ERROR)
- err = PR_CONNECT_RESET_ERROR; /* bug in NSPR. */
- errString = SECU_Strerror(err);
-
- if (!errString)
- errString = "(no text available)";
- PR_fprintf(PR_STDERR, "Error %d: %s: %s", err, errString, msg);
-}
-
-int main(int argc, char *argv[])
-{
- char *hostname;
- PRUint16 rendport=DEFPORT,port;
- PRHostEnt hp;
- PRStatus r;
- PRNetAddr na_client,na_server,na_rend;
- PRFileDesc *s_server,*s_client,*s_rend; /*rendezvous */
- char netdbbuf[PR_NETDB_BUF_SIZE];
- int c_count=0;
- PLOptState *optstate;
- PLOptStatus status;
-
- optstate = PL_CreateOptState(argc,argv,"fvxhslp:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case 'f':
- fancy++;
- break;
- case 'h':
- hexparse++;
- break;
- case 'v':
- PR_fprintf(PR_STDOUT,"Version: %s\n",VERSIONSTRING);
- break;
- case 's':
- sslparse++;
- break;
- case 'x':
- sslhexparse++;
- break;
- case 'l':
- looparound++;
- break;
- case 'p':
- rendport = atoi(optstate->value);
- break;
- case '\0':
- hostname = PL_strdup(optstate->value);
- }
- }
- if (status == PL_OPT_BAD)
- Usage();
-
- if (fancy) {
- if (!hexparse && !sslparse) {
- PR_fprintf(PR_STDERR,
-"Note: use of -f without -s or -h not recommended, \n"
-"as the output looks a little strange. It may be useful, however\n");
- }
- }
-
- if(! hostname ) Usage(), exit(2);
-
- {
- char *colon = (char *)strchr(hostname, ':');
- if (!colon) {
- PR_fprintf(PR_STDERR,
- "You must specify the host AND port you wish to connect to\n");
- Usage(), exit(3);
- }
- port = atoi(&colon[1]);
- *colon = '\0';
-
- if (port == 0) {
- PR_fprintf(PR_STDERR, "Port must be a nonzero number.\n");
- exit(4);
- }
- }
-
- /* find the 'server' IP address so we don't have to look it up later */
-
- if (fancy) {
- PR_fprintf(PR_STDOUT,"<HTML><HEAD><TITLE>SSLTAP output</TITLE></HEAD>\n");
- PR_fprintf(PR_STDOUT,"<BODY><PRE>\n");
- }
- PR_fprintf(PR_STDERR,"Looking up \"%s\"...\n", hostname);
- r = PR_GetHostByName(hostname,netdbbuf,PR_NETDB_BUF_SIZE,&hp);
- if (r) {
- showErr("Host Name lookup failed\n");
- exit(5);
- }
-
- PR_EnumerateHostEnt(0,&hp,0,&na_server);
- PR_InitializeNetAddr(PR_IpAddrNull,port,&na_server);
- /* set up the port which the client will connect to */
-
- r = PR_InitializeNetAddr(PR_IpAddrAny,rendport,&na_rend);
- if (r == PR_FAILURE) {
- PR_fprintf(PR_STDERR,
- "PR_InitializeNetAddr(,%d,) failed with error %d\n",PR_GetError());
- exit(0);
- }
-
-
- s_rend = PR_NewTCPSocket();
- if (!s_rend) {
- showErr("Couldn't create socket\n");
- exit(6);
- }
-
- if (PR_Bind(s_rend, &na_rend )) {
- PR_fprintf(PR_STDERR,"Couldn't bind to port %d (error %d)\n",rendport, PR_GetError());
- exit(-1);
- }
-
- if ( PR_Listen(s_rend, 5)) {
- showErr("Couldn't listen\n");
- exit(-1);
- }
-
- PR_fprintf(PR_STDERR,"Proxy socket ready and listening\n");
- do { /* accept one connection and process it. */
- PRPollDesc pds[2];
-
- s_client = PR_Accept(s_rend,&na_client,PR_SecondsToInterval(3600));
- if (s_client == NULL) {
- showErr("accept timed out\n");
- exit(7);
- }
-
- s_server = PR_NewTCPSocket();
- if (s_server == NULL) {
- showErr("couldn't open new socket to connect to server \n");
- exit(8);
- }
-
- r = PR_Connect(s_server,&na_server,PR_SecondsToInterval(5));
-
- if ( r == PR_FAILURE )
- {
- showErr("Couldn't connect\n");
- return -1;
- }
-
- if (looparound) {
- if (fancy) PR_fprintf(PR_STDOUT,"<p><HR><H2>");
- PR_fprintf(PR_STDOUT,"Connection #%d [%s]\n", c_count+1,
- get_time_string());
- if (fancy) PR_fprintf(PR_STDOUT,"</H2>");
- }
-
-
- PR_fprintf(PR_STDOUT,"Connected to %s:%d\n", hostname, port);
-
-#define PD_C 0
-#define PD_S 1
-
- pds[PD_C].fd = s_client;
- pds[PD_S].fd = s_server;
- pds[PD_C].in_flags = PR_POLL_READ;
- pds[PD_S].in_flags = PR_POLL_READ;
-
- /* make sure the new connections don't start out encrypted. */
- clientstream.isEncrypted = 0;
- serverstream.isEncrypted = 0;
- isV2Session = 0;
-
- while( (pds[PD_C].in_flags & PR_POLL_READ) != 0 ||
- (pds[PD_S].in_flags & PR_POLL_READ) != 0 )
- { /* Handle all messages on the connection */
- PRInt32 amt;
- PRInt32 wrote;
- unsigned char buffer[ TAPBUFSIZ ];
-
- amt = PR_Poll(pds,2,PR_INTERVAL_NO_TIMEOUT);
- if (amt <= 0) {
- if (amt)
- showErr( "PR_Poll failed.\n");
- else
- showErr( "PR_Poll timed out.\n");
- break;
- }
-
- if (pds[PD_C].out_flags & PR_POLL_EXCEPT) {
- showErr( "Exception on client-side socket.\n");
- break;
- }
-
- if (pds[PD_S].out_flags & PR_POLL_EXCEPT) {
- showErr( "Exception on server-side socket.\n");
- break;
- }
-
-
-/* read data, copy it to stdout, and write to other socket */
-
- if ((pds[PD_C].in_flags & PR_POLL_READ) != 0 &&
- (pds[PD_C].out_flags & PR_POLL_READ) != 0 ) {
-
- amt = PR_Read(s_client, buffer, sizeof(buffer));
-
- if ( amt < 0) {
- showErr( "Client socket read failed.\n");
- break;
- }
-
- if( amt == 0 ) {
- PR_fprintf(PR_STDOUT, "Read EOF on Client socket. [%s]\n",
- get_time_string() );
- pds[PD_C].in_flags &= ~PR_POLL_READ;
- PR_Shutdown(s_server, PR_SHUTDOWN_SEND);
- continue;
- }
-
- PR_fprintf(PR_STDOUT,"--> [\n");
- if (fancy) PR_fprintf(PR_STDOUT,"<font color=blue>");
-
- if (hexparse) print_hex(amt, buffer);
- if (sslparse) print_ssl(&clientstream,amt,buffer);
- if (!hexparse && !sslparse) PR_Write(PR_STDOUT,buffer,amt);
- if (fancy) PR_fprintf(PR_STDOUT,"</font>");
- PR_fprintf(PR_STDOUT,"]\n");
-
- wrote = PR_Write(s_server, buffer, amt);
- if (wrote != amt ) {
- if (wrote < 0) {
- showErr("Write to server socket failed.\n");
- break;
- } else {
- PR_fprintf(PR_STDERR, "Short write to server socket!\n");
- }
- }
- } /* end of read from client socket. */
-
-/* read data, copy it to stdout, and write to other socket */
- if ((pds[PD_S].in_flags & PR_POLL_READ) != 0 &&
- (pds[PD_S].out_flags & PR_POLL_READ) != 0 ) {
-
- amt = PR_Read(s_server, buffer, sizeof(buffer));
-
- if ( amt < 0) {
- showErr( "error on server-side socket.\n");
- break;
- }
-
- if( amt == 0 ) {
- PR_fprintf(PR_STDOUT, "Read EOF on Server socket. [%s]\n",
- get_time_string() );
- pds[PD_S].in_flags &= ~PR_POLL_READ;
- PR_Shutdown(s_client, PR_SHUTDOWN_SEND);
- continue;
- }
-
- PR_fprintf(PR_STDOUT,"<-- [\n");
- if (fancy) PR_fprintf(PR_STDOUT,"<font color=red>");
- if (hexparse) print_hex(amt, (unsigned char *)buffer);
- if (sslparse) print_ssl(&serverstream,amt,(unsigned char *)buffer);
- if (!hexparse && !sslparse) PR_Write(PR_STDOUT,buffer,amt);
- if (fancy) PR_fprintf(PR_STDOUT,"</font>");
- PR_fprintf(PR_STDOUT,"]\n");
-
-
- wrote = PR_Write(s_client, buffer, amt);
- if (wrote != amt ) {
- if (wrote < 0) {
- showErr("Write to client socket failed.\n");
- break;
- } else {
- PR_fprintf(PR_STDERR, "Short write to client socket!\n");
- }
- }
-
- } /* end of read from server socket. */
-
-/* Loop, handle next message. */
-
- } /* handle messages during a connection loop */
- PR_Close(s_client);
- PR_Close(s_server);
- flush_stream(&clientstream);
- flush_stream(&serverstream);
-
- c_count++;
- PR_fprintf(PR_STDERR,"Connection %d Complete [%s]\n", c_count,
- get_time_string() );
- } while (looparound); /* accept connection and process it. */
- PR_Close(s_rend);
- return 0;
-}
diff --git a/security/nss/cmd/strsclnt/Makefile b/security/nss/cmd/strsclnt/Makefile
deleted file mode 100644
index 4e39ffc3f..000000000
--- a/security/nss/cmd/strsclnt/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/strsclnt/manifest.mn b/security/nss/cmd/strsclnt/manifest.mn
deleted file mode 100644
index 2333e2c2e..000000000
--- a/security/nss/cmd/strsclnt/manifest.mn
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = strsclnt.c
-
-# the MODULE above is always implicitly REQUIREd
-REQUIRES = seccmd dbm
-
-PROGRAM = strsclnt
-# PROGRAM = ./$(OBJDIR)/strsclnt.exe
-
diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c
deleted file mode 100644
index e14404619..000000000
--- a/security/nss/cmd/strsclnt/strsclnt.c
+++ /dev/null
@@ -1,1133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-#include <string.h>
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#endif
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "plgetopt.h"
-
-#include "nspr.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "prerror.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "sslproto.h"
-#include "nss.h"
-#include "ssl.h"
-
-#ifndef PORT_Sprintf
-#define PORT_Sprintf sprintf
-#endif
-
-#ifndef PORT_Strstr
-#define PORT_Strstr strstr
-#endif
-
-#ifndef PORT_Malloc
-#define PORT_Malloc PR_Malloc
-#endif
-
-#define RD_BUF_SIZE (60 * 1024)
-
-/* Include these cipher suite arrays to re-use tstclnt's
- * cipher selection code.
- */
-
-int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
- 0
-};
-
-int ssl3CipherSuites[] = {
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- SSL_RSA_WITH_RC4_128_SHA, /* n */
- TLS_DHE_DSS_WITH_RC4_128_SHA, /* o */
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, /* p */
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, /* q */
- SSL_DHE_RSA_WITH_DES_CBC_SHA, /* r */
- SSL_DHE_DSS_WITH_DES_CBC_SHA, /* s */
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA, /* t */
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA, /* u */
- TLS_RSA_WITH_AES_128_CBC_SHA, /* v */
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA, /* w */
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA, /* x */
- TLS_RSA_WITH_AES_256_CBC_SHA, /* y */
- 0
-};
-
-/* This global string is so that client main can see
- * which ciphers to use.
- */
-
-static const char *cipherString;
-
-static int certsTested;
-static int MakeCertOK;
-static int NoReuse;
-static PRBool NoDelay;
-static PRBool QuitOnTimeout = PR_FALSE;
-
-static SSL3Statistics * ssl3stats;
-
-static int failed_already = 0;
-
-
-char * ownPasswd( PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char *passwd = NULL;
-
- if ( (!retry) && arg ) {
- passwd = PL_strdup((char *)arg);
- }
-
- return passwd;
-}
-
-int stopping;
-int verbose;
-SECItem bigBuf;
-
-#define PRINTF if (verbose) printf
-#define FPRINTF if (verbose) fprintf
-
-static void
-Usage(const char *progName)
-{
- fprintf(stderr,
- "Usage: %s [-n rsa_nickname] [-p port] [-d dbdir] [-c connections]\n"
- " [-DNvq] [-f fortezza_nickname] [-2 filename]\n"
- " [-w dbpasswd] [-C cipher(s)] [-t threads] hostname\n"
- " where -v means verbose\n"
- " -D means no TCP delays\n"
- " -q means quit when server gone (timeout rather than retry forever)\n"
- " -N means no session reuse\n",
- progName);
- exit(1);
-}
-
-
-static void
-errWarn(char * funcString)
-{
- PRErrorCode perr = PR_GetError();
- const char * errString = SECU_Strerror(perr);
-
- fprintf(stderr, "strsclnt: %s returned error %d:\n%s\n",
- funcString, perr, errString);
-}
-
-static void
-errExit(char * funcString)
-{
- errWarn(funcString);
- exit(1);
-}
-
-/**************************************************************************
-**
-** Routines for disabling SSL ciphers.
-**
-**************************************************************************/
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- printf("SSL_CipherPrefSetDefault didn't like value 0x%04x (i = %d)\n",
- suite, i);
- errWarn("SSL_CipherPrefSetDefault");
- exit(2);
- }
- }
-}
-
-/* This invokes the "default" AuthCert handler in libssl.
-** The only reason to use this one is that it prints out info as it goes.
-*/
-static SECStatus
-mySSLAuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig,
- PRBool isServer)
-{
- SECStatus rv;
- CERTCertificate * peerCert;
-
- peerCert = SSL_PeerCertificate(fd);
-
- PRINTF("strsclnt: Subject: %s\nstrsclnt: Issuer : %s\n",
- peerCert->subjectName, peerCert->issuerName);
- /* invoke the "default" AuthCert handler. */
- rv = SSL_AuthCertificate(arg, fd, checkSig, isServer);
-
- ++certsTested;
- if (rv == SECSuccess) {
- fputs("strsclnt: -- SSL: Server Certificate Validated.\n", stderr);
- }
- CERT_DestroyCertificate(peerCert);
- /* error, if any, will be displayed by the Bad Cert Handler. */
- return rv;
-}
-
-static SECStatus
-myBadCertHandler( void *arg, PRFileDesc *fd)
-{
- int err = PR_GetError();
- if (!MakeCertOK)
- fprintf(stderr,
- "strsclnt: -- SSL: Server Certificate Invalid, err %d.\n%s\n",
- err, SECU_Strerror(err));
- return (MakeCertOK ? SECSuccess : SECFailure);
-}
-
-void
-printSecurityInfo(PRFileDesc *fd)
-{
- CERTCertificate * cert = NULL;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
- SECStatus result;
- SSLChannelInfo channel;
- SSLCipherSuiteInfo suite;
-
- static int only_once;
-
- if (only_once && verbose < 2)
- return;
- only_once = 1;
-
- result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
- if (result == SECSuccess &&
- channel.length == sizeof channel &&
- channel.cipherSuite) {
- result = SSL_GetCipherSuiteInfo(channel.cipherSuite,
- &suite, sizeof suite);
- if (result == SECSuccess) {
- FPRINTF(stderr,
- "strsclnt: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n",
- channel.protocolVersion >> 8, channel.protocolVersion & 0xff,
- suite.effectiveKeyBits, suite.symCipherName,
- suite.macBits, suite.macAlgorithmName);
- FPRINTF(stderr,
- "strsclnt: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n",
- channel.authKeyBits, suite.authAlgorithmName,
- channel.keaKeyBits, suite.keaTypeName);
- }
- }
-
- cert = SSL_LocalCertificate(fd);
- if (!cert)
- cert = SSL_PeerCertificate(fd);
-
- if (verbose && cert) {
- char * ip = CERT_NameToAscii(&cert->issuer);
- char * sp = CERT_NameToAscii(&cert->subject);
- if (sp) {
- fprintf(stderr, "strsclnt: subject DN: %s\n", sp);
- PR_Free(sp);
- }
- if (ip) {
- fprintf(stderr, "strsclnt: issuer DN: %s\n", ip);
- PR_Free(ip);
- }
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
- fprintf(stderr,
- "strsclnt: %ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hsh_sid_cache_hits,
- ssl3stats->hsh_sid_cache_misses,
- ssl3stats->hsh_sid_cache_not_ok);
-
-}
-
-/**************************************************************************
-** Begin thread management routines and data.
-**************************************************************************/
-
-#define MAX_THREADS 128
-
-typedef int startFn(void *a, void *b, int c);
-
-PRLock * threadLock;
-PRCondVar * threadStartQ;
-PRCondVar * threadEndQ;
-
-int numUsed;
-int numRunning;
-PRInt32 numConnected;
-int max_threads = 8; /* default much less than max. */
-
-typedef enum { rs_idle = 0, rs_running = 1, rs_zombie = 2 } runState;
-
-typedef struct perThreadStr {
- void * a;
- void * b;
- int c;
- int rv;
- startFn * startFunc;
- PRThread * prThread;
- PRBool inUse;
- runState running;
-} perThread;
-
-perThread threads[MAX_THREADS];
-
-void
-thread_wrapper(void * arg)
-{
- perThread * slot = (perThread *)arg;
-
- /* wait for parent to finish launching us before proceeding. */
- PR_Lock(threadLock);
- PR_Unlock(threadLock);
-
- slot->rv = (* slot->startFunc)(slot->a, slot->b, slot->c);
-
- /* Handle cleanup of thread here. */
- PRINTF("strsclnt: Thread in slot %d returned %d\n",
- slot - threads, slot->rv);
-
- PR_Lock(threadLock);
- slot->running = rs_idle;
- --numRunning;
-
- /* notify the thread launcher. */
- PR_NotifyCondVar(threadStartQ);
-
- PR_Unlock(threadLock);
-}
-
-SECStatus
-launch_thread(
- startFn * startFunc,
- void * a,
- void * b,
- int c)
-{
- perThread * slot;
- int i;
-
- if (!threadStartQ) {
- threadLock = PR_NewLock();
- threadStartQ = PR_NewCondVar(threadLock);
- threadEndQ = PR_NewCondVar(threadLock);
- }
- PR_Lock(threadLock);
- while (numRunning >= max_threads) {
- PR_WaitCondVar(threadStartQ, PR_INTERVAL_NO_TIMEOUT);
- }
- for (i = 0; i < numUsed; ++i) {
- slot = threads + i;
- if (slot->running == rs_idle)
- break;
- }
- if (i >= numUsed) {
- if (i >= MAX_THREADS) {
- /* something's really wrong here. */
- PORT_Assert(i < MAX_THREADS);
- PR_Unlock(threadLock);
- return SECFailure;
- }
- ++numUsed;
- PORT_Assert(numUsed == i + 1);
- slot = threads + i;
- }
-
- slot->a = a;
- slot->b = b;
- slot->c = c;
-
- slot->startFunc = startFunc;
-
- slot->prThread = PR_CreateThread(PR_USER_THREAD,
- thread_wrapper, slot,
- PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD,
- PR_UNJOINABLE_THREAD, 0);
- if (slot->prThread == NULL) {
- PR_Unlock(threadLock);
- printf("strsclnt: Failed to launch thread!\n");
- return SECFailure;
- }
-
- slot->inUse = 1;
- slot->running = 1;
- ++numRunning;
- PR_Unlock(threadLock);
- PRINTF("strsclnt: Launched thread in slot %d \n", i);
-
- return SECSuccess;
-}
-
-/* Wait until numRunning == 0 */
-int
-reap_threads(void)
-{
- perThread * slot;
- int i;
-
- if (!threadLock)
- return 0;
- PR_Lock(threadLock);
- while (numRunning > 0) {
- PR_WaitCondVar(threadStartQ, PR_INTERVAL_NO_TIMEOUT);
- }
-
- /* Safety Sam sez: make sure count is right. */
- for (i = 0; i < numUsed; ++i) {
- slot = threads + i;
- if (slot->running != rs_idle) {
- FPRINTF(stderr, "strsclnt: Thread in slot %d is in state %d!\n",
- i, slot->running);
- }
- }
- PR_Unlock(threadLock);
- return 0;
-}
-
-void
-destroy_thread_data(void)
-{
- PORT_Memset(threads, 0, sizeof threads);
-
- if (threadEndQ) {
- PR_DestroyCondVar(threadEndQ);
- threadEndQ = NULL;
- }
- if (threadStartQ) {
- PR_DestroyCondVar(threadStartQ);
- threadStartQ = NULL;
- }
- if (threadLock) {
- PR_DestroyLock(threadLock);
- threadLock = NULL;
- }
-}
-
-/**************************************************************************
-** End thread management routines.
-**************************************************************************/
-
-PRBool useModelSocket = PR_TRUE;
-
-static const char stopCmd[] = { "GET /stop " };
-static const char outHeader[] = {
- "HTTP/1.0 200 OK\r\n"
- "Server: Netscape-Enterprise/2.0a\r\n"
- "Date: Tue, 26 Aug 1997 22:10:05 GMT\r\n"
- "Content-type: text/plain\r\n"
- "\r\n"
-};
-
-struct lockedVarsStr {
- PRLock * lock;
- int count;
- int waiters;
- PRCondVar * condVar;
-};
-
-typedef struct lockedVarsStr lockedVars;
-
-void
-lockedVars_Init( lockedVars * lv)
-{
- lv->count = 0;
- lv->waiters = 0;
- lv->lock = PR_NewLock();
- lv->condVar = PR_NewCondVar(lv->lock);
-}
-
-void
-lockedVars_Destroy( lockedVars * lv)
-{
- PR_DestroyCondVar(lv->condVar);
- lv->condVar = NULL;
-
- PR_DestroyLock(lv->lock);
- lv->lock = NULL;
-}
-
-void
-lockedVars_WaitForDone(lockedVars * lv)
-{
- PR_Lock(lv->lock);
- while (lv->count > 0) {
- PR_WaitCondVar(lv->condVar, PR_INTERVAL_NO_TIMEOUT);
- }
- PR_Unlock(lv->lock);
-}
-
-int /* returns count */
-lockedVars_AddToCount(lockedVars * lv, int addend)
-{
- int rv;
-
- PR_Lock(lv->lock);
- rv = lv->count += addend;
- if (rv <= 0) {
- PR_NotifyCondVar(lv->condVar);
- }
- PR_Unlock(lv->lock);
- return rv;
-}
-
-int
-do_writes(
- void * a,
- void * b,
- int c)
-{
- PRFileDesc * ssl_sock = (PRFileDesc *)a;
- lockedVars * lv = (lockedVars *)b;
- int sent = 0;
- int count = 0;
-
- while (sent < bigBuf.len) {
-
- count = PR_Write(ssl_sock, bigBuf.data + sent, bigBuf.len - sent);
- if (count < 0) {
- errWarn("PR_Write bigBuf");
- break;
- }
- FPRINTF(stderr, "strsclnt: PR_Write wrote %d bytes from bigBuf\n",
- count );
- sent += count;
- }
- if (count >= 0) { /* last write didn't fail. */
- PR_Shutdown(ssl_sock, PR_SHUTDOWN_SEND);
- }
-
- /* notify the reader that we're done. */
- lockedVars_AddToCount(lv, -1);
- return (sent < bigBuf.len) ? SECFailure : SECSuccess;
-}
-
-int
-handle_fdx_connection( PRFileDesc * ssl_sock, int connection)
-{
- SECStatus result;
- int firstTime = 1;
- int countRead = 0;
- lockedVars lv;
- char *buf;
-
-
- lockedVars_Init(&lv);
- lockedVars_AddToCount(&lv, 1);
-
- /* Attempt to launch the writer thread. */
- result = launch_thread(do_writes, ssl_sock, &lv, connection);
-
- if (result != SECSuccess)
- goto cleanup;
-
- buf = PR_Malloc(RD_BUF_SIZE);
-
- if (buf) {
- do {
- /* do reads here. */
- PRInt32 count;
-
- count = PR_Read(ssl_sock, buf, RD_BUF_SIZE);
- if (count < 0) {
- errWarn("PR_Read");
- break;
- }
- countRead += count;
- FPRINTF(stderr,
- "strsclnt: connection %d read %d bytes (%d total).\n",
- connection, count, countRead );
- if (firstTime) {
- firstTime = 0;
- printSecurityInfo(ssl_sock);
- }
- } while (lockedVars_AddToCount(&lv, 0) > 0);
- PR_Free(buf);
- buf = 0;
- }
-
- /* Wait for writer to finish */
- lockedVars_WaitForDone(&lv);
- lockedVars_Destroy(&lv);
-
- FPRINTF(stderr,
- "strsclnt: connection %d read %d bytes total. -----------------------\n",
- connection, countRead);
-
-cleanup:
- /* Caller closes the socket. */
-
- return SECSuccess;
-}
-
-const char request[] = {"GET /abc HTTP/1.0\r\n\r\n" };
-
-SECStatus
-handle_connection( PRFileDesc *ssl_sock, int connection)
-{
- int countRead = 0;
- PRInt32 rv;
- char *buf;
-
- buf = PR_Malloc(RD_BUF_SIZE);
- if (!buf)
- return SECFailure;
-
- /* compose the http request here. */
-
- rv = PR_Write(ssl_sock, request, strlen(request));
- if (rv <= 0) {
- errWarn("PR_Write");
- PR_Free(buf);
- buf = 0;
- failed_already = 1;
- return SECFailure;
- }
- printSecurityInfo(ssl_sock);
-
- /* read until EOF */
- while (1) {
- rv = PR_Read(ssl_sock, buf, RD_BUF_SIZE);
- if (rv == 0) {
- break; /* EOF */
- }
- if (rv < 0) {
- errWarn("PR_Read");
- break;
- }
-
- countRead += rv;
- FPRINTF(stderr, "strsclnt: connection %d read %d bytes (%d total).\n",
- connection, rv, countRead );
- }
- PR_Free(buf);
- buf = 0;
-
- /* Caller closes the socket. */
-
- FPRINTF(stderr,
- "strsclnt: connection %d read %d bytes total. -----------------------\n",
- connection, countRead);
-
- return SECSuccess; /* success */
-}
-
-/* one copy of this function is launched in a separate thread for each
-** connection to be made.
-*/
-int
-do_connects(
- void * a,
- void * b,
- int connection)
-{
- PRNetAddr * addr = (PRNetAddr *) a;
- PRFileDesc * model_sock = (PRFileDesc *) b;
- PRFileDesc * ssl_sock = 0;
- PRFileDesc * tcp_sock = 0;
- PRStatus prStatus;
- PRUint32 sleepInterval = 50; /* milliseconds */
- SECStatus result;
- int rv = SECSuccess;
- PRSocketOptionData opt;
-
-retry:
-
- tcp_sock = PR_NewTCPSocket();
- if (tcp_sock == NULL) {
- errExit("PR_NewTCPSocket");
- }
-
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- prStatus = PR_SetSocketOption(tcp_sock, &opt);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_SetSocketOption(PR_SockOpt_Nonblocking, PR_FALSE)");
- PR_Close(tcp_sock);
- return SECSuccess;
- }
-
- if (NoDelay) {
- opt.option = PR_SockOpt_NoDelay;
- opt.value.no_delay = PR_TRUE;
- prStatus = PR_SetSocketOption(tcp_sock, &opt);
- if (prStatus != PR_SUCCESS) {
- errWarn("PR_SetSocketOption(PR_SockOpt_NoDelay, PR_TRUE)");
- PR_Close(tcp_sock);
- return SECSuccess;
- }
- }
-
- prStatus = PR_Connect(tcp_sock, addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus != PR_SUCCESS) {
- PRErrorCode err = PR_GetError();
- if ((err == PR_CONNECT_REFUSED_ERROR) ||
- (err == PR_CONNECT_RESET_ERROR) ) {
- int connections = numConnected;
-
- PR_Close(tcp_sock);
- if (connections > 2 && max_threads >= connections) {
- max_threads = connections - 1;
- fprintf(stderr,"max_threads set down to %d\n", max_threads);
- }
- if (QuitOnTimeout && sleepInterval > 40000) {
- fprintf(stderr,
- "strsclnt: Client timed out waiting for connection to server.\n");
- exit(1);
- }
- PR_Sleep(PR_MillisecondsToInterval(sleepInterval));
- sleepInterval <<= 1;
- goto retry;
- }
- errWarn("PR_Connect");
- rv = SECFailure;
- goto done;
- }
-
- ssl_sock = SSL_ImportFD(model_sock, tcp_sock);
- /* XXX if this import fails, close tcp_sock and return. */
- if (!ssl_sock) {
- PR_Close(tcp_sock);
- return SECSuccess;
- }
-
- rv = SSL_ResetHandshake(ssl_sock, /* asServer */ 0);
- if (rv != SECSuccess) {
- errWarn("SSL_ResetHandshake");
- goto done;
- }
-
- PR_AtomicIncrement(&numConnected);
-
- if (bigBuf.data != NULL) {
- result = handle_fdx_connection( ssl_sock, connection);
- } else {
- result = handle_connection( ssl_sock, connection);
- }
-
- PR_AtomicDecrement(&numConnected);
-
-done:
- if (ssl_sock) {
- PR_Close(ssl_sock);
- } else if (tcp_sock) {
- PR_Close(tcp_sock);
- }
- return SECSuccess;
-}
-
-/* Returns IP address for hostname as PRUint32 in Host Byte Order.
-** Since the value returned is an integer (not a string of bytes),
-** it is inherently in Host Byte Order.
-*/
-PRUint32
-getIPAddress(const char * hostName)
-{
- const unsigned char *p;
- PRStatus prStatus;
- PRUint32 rv;
- PRHostEnt prHostEnt;
- char scratch[PR_NETDB_BUF_SIZE];
-
- prStatus = PR_GetHostByName(hostName, scratch, sizeof scratch, &prHostEnt);
- if (prStatus != PR_SUCCESS)
- errExit("PR_GetHostByName");
-
-#undef h_addr
-#define h_addr h_addr_list[0] /* address, for backward compatibility */
-
- p = (const unsigned char *)(prHostEnt.h_addr); /* in Network Byte order */
- FPRINTF(stderr, "strsclnt: %s -> %d.%d.%d.%d\n", hostName,
- p[0], p[1], p[2], p[3]);
- rv = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
- return rv;
-}
-
-void
-client_main(
- unsigned short port,
- int connections,
- SECKEYPrivateKey ** privKey,
- CERTCertificate ** cert,
- const char * hostName,
- char * nickName)
-{
- PRFileDesc *model_sock = NULL;
- int i;
- int rv;
- PRUint32 ipAddress; /* in host byte order */
- PRNetAddr addr;
-
- /* Assemble NetAddr struct for connections. */
- ipAddress = getIPAddress(hostName);
-
- addr.inet.family = PR_AF_INET;
- addr.inet.port = PR_htons(port);
- addr.inet.ip = PR_htonl(ipAddress);
-
- /* all suites except RSA_NULL_MD5 are enabled by Domestic Policy */
- NSS_SetDomesticPolicy();
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage("strsclnt");
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SECStatus rv;
- rv = SSL_CipherPrefSetDefault(cipher, PR_TRUE);
- if (rv != SECSuccess) {
- fprintf(stderr,
- "strsclnt: SSL_CipherPrefSetDefault failed with value 0x%04x\n",
- cipher);
- exit(1);
- }
- }
- }
- }
-
- /* configure model SSL socket. */
-
- model_sock = PR_NewTCPSocket();
- if (model_sock == NULL) {
- errExit("PR_NewTCPSocket on model socket");
- }
-
- model_sock = SSL_ImportFD(NULL, model_sock);
- if (model_sock == NULL) {
- errExit("SSL_ImportFD");
- }
-
- /* do SSL configuration. */
-
- rv = SSL_OptionSet(model_sock, SSL_SECURITY, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_SECURITY");
- }
-
- if (bigBuf.data) { /* doing FDX */
- rv = SSL_OptionSet(model_sock, SSL_ENABLE_FDX, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_ENABLE_FDX");
- }
- }
-
- if (NoReuse) {
- rv = SSL_OptionSet(model_sock, SSL_NO_CACHE, 1);
- if (rv < 0) {
- errExit("SSL_OptionSet SSL_NO_CACHE");
- }
- }
-
- SSL_SetURL(model_sock, hostName);
-
- SSL_AuthCertificateHook(model_sock, mySSLAuthCertificate,
- (void *)CERT_GetDefaultCertDB());
-
- SSL_BadCertHook(model_sock, myBadCertHandler, NULL);
-
- SSL_GetClientAuthDataHook(model_sock, NSS_GetClientAuthData, nickName);
-
- /* I'm not going to set the HandshakeCallback function. */
-
- /* end of ssl configuration. */
-
- i = 1;
- if (!NoReuse) {
- rv = launch_thread(do_connects, &addr, model_sock, i);
- --connections;
- ++i;
- /* wait for the first connection to terminate, then launch the rest. */
- reap_threads();
- }
- if (connections > 0) {
- /* Start up the connections */
- do {
- rv = launch_thread(do_connects, &addr, model_sock, i);
- ++i;
- } while (--connections > 0);
- reap_threads();
- }
- destroy_thread_data();
-
- PR_Close(model_sock);
-
-}
-
-SECStatus
-readBigFile(const char * fileName)
-{
- PRFileInfo info;
- PRStatus status;
- SECStatus rv = SECFailure;
- int count;
- int hdrLen;
- PRFileDesc *local_file_fd = NULL;
-
- status = PR_GetFileInfo(fileName, &info);
-
- if (status == PR_SUCCESS &&
- info.type == PR_FILE_FILE &&
- info.size > 0 &&
- NULL != (local_file_fd = PR_Open(fileName, PR_RDONLY, 0))) {
-
- hdrLen = PORT_Strlen(outHeader);
- bigBuf.len = hdrLen + info.size;
- bigBuf.data = PORT_Malloc(bigBuf.len + 4095);
- if (!bigBuf.data) {
- errWarn("PORT_Malloc");
- goto done;
- }
-
- PORT_Memcpy(bigBuf.data, outHeader, hdrLen);
-
- count = PR_Read(local_file_fd, bigBuf.data + hdrLen, info.size);
- if (count != info.size) {
- errWarn("PR_Read local file");
- goto done;
- }
- rv = SECSuccess;
-done:
- PR_Close(local_file_fd);
- }
- return rv;
-}
-
-int
-main(int argc, char **argv)
-{
- const char * dir = ".";
- char * fNickName = NULL;
- const char * fileName = NULL;
- char * hostName = NULL;
- char * nickName = NULL;
- char * progName = NULL;
- char * tmp = NULL;
- char * passwd = NULL;
- CERTCertificate * cert [kt_kea_size] = { NULL };
- SECKEYPrivateKey * privKey[kt_kea_size] = { NULL };
- int connections = 1;
- int exitVal;
- int tmpInt;
- unsigned short port = 443;
- SECStatus rv;
- PLOptState * optstate;
- PLOptStatus status;
-
- /* Call the NSPR initialization routines */
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- tmp = strrchr(argv[0], '/');
- tmp = tmp ? tmp + 1 : argv[0];
- progName = strrchr(tmp, '\\');
- progName = progName ? progName + 1 : tmp;
-
-
- optstate = PL_CreateOptState(argc, argv, "2:C:DNc:d:f:n:op:t:vqw:");
- while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch(optstate->option) {
-
- case '2': fileName = optstate->value; break;
-
- case 'C': cipherString = optstate->value; break;
-
- case 'D': NoDelay = PR_TRUE; break;
-
- case 'N': NoReuse = 1; break;
-
- case 'c': connections = PORT_Atoi(optstate->value); break;
-
- case 'd': dir = optstate->value; break;
-
- case 'f': fNickName = PL_strdup(optstate->value); break;
-
- case 'n': nickName = PL_strdup(optstate->value); break;
-
- case 'o': MakeCertOK = 1; break;
-
- case 'p': port = PORT_Atoi(optstate->value); break;
-
- case 'q': QuitOnTimeout = PR_TRUE; break;
-
- case 't':
- tmpInt = PORT_Atoi(optstate->value);
- if (tmpInt > 0 && tmpInt < MAX_THREADS)
- max_threads = tmpInt;
- break;
-
- case 'v': verbose++; break;
-
- case 'w': passwd = PL_strdup(optstate->value); break;
-
- case 0: /* positional parameter */
- if (hostName) {
- Usage(progName);
- }
- hostName = PL_strdup(optstate->value);
- break;
-
- default:
- case '?':
- Usage(progName);
- break;
-
- }
- }
- if (!hostName || status == PL_OPT_BAD)
- Usage(progName);
-
- if (port == 0)
- Usage(progName);
-
- if (fileName)
- readBigFile(fileName);
-
- /* set our password function */
- if ( passwd ) {
- PK11_SetPasswordFunc(ownPasswd);
- } else {
- PK11_SetPasswordFunc(SECU_GetModulePassword);
- }
-
- /* Call the libsec initialization routines */
- rv = NSS_Init(dir);
- if (rv != SECSuccess) {
- fputs("NSS_Init failed.\n", stderr);
- exit(1);
- }
- ssl3stats = SSL_GetStatistics();
-
- if (nickName && strcmp(nickName, "none")) {
-
- cert[kt_rsa] = PK11_FindCertFromNickname(nickName, passwd);
- if (cert[kt_rsa] == NULL) {
- fprintf(stderr, "strsclnt: Can't find certificate %s\n", nickName);
- exit(1);
- }
-
- privKey[kt_rsa] = PK11_FindKeyByAnyCert(cert[kt_rsa], passwd);
- if (privKey[kt_rsa] == NULL) {
- fprintf(stderr, "strsclnt: Can't find Private Key for cert %s\n",
- nickName);
- exit(1);
- }
-
- }
- if (fNickName) {
- cert[kt_fortezza] = PK11_FindCertFromNickname(fNickName, passwd);
- if (cert[kt_fortezza] == NULL) {
- fprintf(stderr, "strsclnt: Can't find certificate %s\n", fNickName);
- exit(1);
- }
-
- privKey[kt_fortezza] = PK11_FindKeyByAnyCert(cert[kt_fortezza], passwd);
- if (privKey[kt_fortezza] == NULL) {
- fprintf(stderr, "strsclnt: Can't find Private Key for cert %s\n",
- fNickName);
- exit(1);
- }
- }
-
- client_main(port, connections, privKey, cert, hostName, nickName);
-
- /* some final stats. */
- if (ssl3stats->hsh_sid_cache_hits + ssl3stats->hsh_sid_cache_misses +
- ssl3stats->hsh_sid_cache_not_ok == 0) {
- /* presumably we were testing SSL2. */
- printf("strsclnt: %d server certificates tested.\n", certsTested);
- } else {
- printf(
- "strsclnt: %ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hsh_sid_cache_hits,
- ssl3stats->hsh_sid_cache_misses,
- ssl3stats->hsh_sid_cache_not_ok);
- }
-
- if (!NoReuse)
- exitVal = (ssl3stats->hsh_sid_cache_misses > 1) ||
- (ssl3stats->hsh_sid_cache_not_ok != 0) ||
- (certsTested > 1);
- else
- exitVal = (ssl3stats->hsh_sid_cache_misses != connections) ||
- (certsTested != connections);
-
- exitVal = ( exitVal || failed_already );
- NSS_Shutdown();
- PR_Cleanup();
- return exitVal;
-}
-
diff --git a/security/nss/cmd/swfort/Makefile b/security/nss/cmd/swfort/Makefile
deleted file mode 100644
index a5b4350a6..000000000
--- a/security/nss/cmd/swfort/Makefile
+++ /dev/null
@@ -1,108 +0,0 @@
-#! gmake
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-CORE_DEPTH = ../../..
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-
-# $(NULL)
-
-
-INCLUDES += \
- -I$(DIST)/../public/security \
- -I$(DIST)/../private/security \
- -I$(DEPTH)/security/lib/cert \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- -I./include \
- $(NULL)
-
-
-# For the time being, sec stuff is export only
-# US_FLAGS = -DEXPORT_VERSION -DUS_VERSION
-
-US_FLAGS = -DEXPORT_VERSION
-EXPORT_FLAGS = -DEXPORT_VERSION
-
-BASE_LIBS = \
- $(DIST)/lib/libdbm.$(LIB_SUFFIX) \
- $(DIST)/lib/libxp.$(LIB_SUFFIX) \
- $(DIST)/lib/libnspr.$(LIB_SUFFIX) \
- $(NULL)
-
-# $(DIST)/lib/libpurenspr.$(LIB_SUFFIX) \
-
-#There are a circular dependancies in security/lib, and we deal with it by
-# double linking some libraries
-SEC_LIBS = \
- $(DIST)/lib/libsecnav.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libssl.$(LIB_SUFFIX) \
- $(DIST)/lib/libpkcs7.$(LIB_SUFFIX) \
- $(DIST)/lib/libcert.$(LIB_SUFFIX) \
- $(DIST)/lib/libkey.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecmod.$(LIB_SUFFIX) \
- $(DIST)/lib/libcrypto.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libhash.$(LIB_SUFFIX) \
- $(NULL)
-
-MYLIB = lib/$(OBJDIR)/libsectool.$(LIB_SUFFIX)
-
-US_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-EX_LIBS = $(MYLIB) $(SEC_LIBS) $(BASE_LIBS) $(MYLIB) $(BASE_LIBS)
-
-REQUIRES = libxp nspr security
-
-CSRCS = $(EXEC_SRCS) $(BI_SRCS)
-
-OBJS = $(CSRCS:.c=.o) $(BI_SRCS:.c=-us.o) $(BI_SRCS:.c=-ex.o)
-
-PROGS = $(addprefix $(OBJDIR)/, $(EXEC_SRCS:.c=$(BIN_SUFFIX)))
-US_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-us$(BIN_SUFFIX)))
-EX_PROGS = $(addprefix $(OBJDIR)/, $(BI_SRCS:.c=-ex$(BIN_SUFFIX)))
-
-
-NON_DIRS = $(PROGS) $(US_PROGS) $(EX_PROGS)
-TARGETS = $(NON_DIRS)
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-symbols::
- @echo "TARGETS = $(TARGETS)"
diff --git a/security/nss/cmd/swfort/instinit/Makefile b/security/nss/cmd/swfort/instinit/Makefile
deleted file mode 100644
index f912d54cd..000000000
--- a/security/nss/cmd/swfort/instinit/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../../platrules.mk
diff --git a/security/nss/cmd/swfort/instinit/instinit.c b/security/nss/cmd/swfort/instinit/instinit.c
deleted file mode 100644
index f6e5e5e2f..000000000
--- a/security/nss/cmd/swfort/instinit/instinit.c
+++ /dev/null
@@ -1,423 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-
-#include "prio.h"
-#include "seccomon.h"
-#include "swforti.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "nss.h"
-#include "secutil.h"
-
-#define CERTDB_VALID_CA (1<<3)
-#define CERTDB_TRUSTED_CA (1<<4) /* trusted for issuing server certs */
-
-void secmod_GetInternalModule(SECMODModule *module);
-void sec_SetCheckKRLState(int i);
-
-#define STEP 16
-void
-printItem(SECItem *key) {
- int i;
- unsigned char *block;
- int len;
- for (block=key->data,len=key->len; len > 0; len -= STEP,block += STEP) {
- for(i=0; i < STEP && i < len; i++) printf(" %02x ",block[i]);
- printf("\n");
- }
- printf("\n");
-}
-
-void
-dump(unsigned char *block, int len) {
- int i;
- for (; len > 0; len -= STEP,block += STEP) {
- for(i=0; i < STEP && i < len; i++) printf(" %02x ",block[i]);
- printf("\n");
- }
- printf("\n");
-}
-
-
-/*
- * We need to move this to security/cmd .. so we can use the password
- * prompting infrastructure.
- */
-char *GetUserInput(char * prompt)
-{
- char phrase[200];
-
- fprintf(stderr, "%s", prompt);
- fflush (stderr);
-
- fgets ((char*) phrase, sizeof(phrase), stdin);
-
- /* stomp on newline */
- phrase[PORT_Strlen((char*)phrase)-1] = 0;
-
- /* Validate password */
- return (char*) PORT_Strdup((char*)phrase);
-}
-
-void ClearPass(char *pass) {
- PORT_Memset(pass,0,strlen(pass));
- PORT_Free(pass);
-}
-
-char *
-formatDERIssuer(FORTSWFile *file,SECItem *derIssuer)
-{
- CERTName name;
- SECStatus rv;
-
- PORT_Memset(&name,0,sizeof(name));;
- rv = SEC_ASN1DecodeItem(file->arena,&name,CERT_NameTemplate,derIssuer);
- if (rv != SECSuccess) {
- return NULL;
- }
- return CERT_NameToAscii(&name);
-}
-
-#define NETSCAPE_INIT_FILE "nsswft.swf"
-
-char *getDefaultTarget(void)
-{
- char *fname = NULL;
- char *home = NULL;
- static char unix_home[512];
-
- /* first try to get it from the environment */
- fname = getenv("SW_FORTEZZA_FILE");
- if (fname != NULL) {
- return PORT_Strdup(fname);
- }
-
-#ifdef XP_UNIX
- home = getenv("HOME");
- if (home) {
- strncpy(unix_home,home, sizeof(unix_home)-sizeof("/.netscape/"NETSCAPE_INIT_FILE));
- strcat(unix_home,"/.netscape/"NETSCAPE_INIT_FILE);
- return unix_home;
- }
-#endif
-#ifdef XP_WIN
- home = getenv("windir");
- if (home) {
- strncpy(unix_home,home, sizeof(unix_home)-sizeof("\\"NETSCAPE_INIT_FILE));
- strcat(unix_home,"\\"NETSCAPE_INIT_FILE);
- return unix_home;
- }
-#endif
- return (NETSCAPE_INIT_FILE);
-}
-
-void
-usage(char *prog) {
- fprintf(stderr,"usage: %s [-v][-f][-t transport_pass][-u user_pass][-o output_file] source_file\n",prog);
- exit(1);
-}
-
-main(int argc, char ** argv)
-{
-
- FORTSignedSWFile * swfile;
- int size;
- SECItem file;
- char *progname = *argv++;
- char *filename = NULL;
- char *outname = NULL;
- char *cp;
- int verbose = 0;
- int force = 0;
- CERTCertDBHandle *certhandle = NULL;
- CERTCertificate *cert;
- CERTCertTrust *trust;
- char * pass;
- SECStatus rv;
- int i;
- SECMODModule *module;
- int64 now; /* XXXX */
- char *issuer;
- char *transport_pass = NULL;
- char *user_pass = NULL;
- SECItem *outItem = NULL;
- PRFileDesc *fd;
- PRFileInfo info;
- PRStatus prv;
-
-
-
-
- /* put better argument parsing here */
- while ((cp = *argv++) != NULL) {
- if (*cp == '-') {
- while (*++cp) {
- switch (*cp) {
- /* verbose mode */
- case 'v':
- verbose++;
- break;
- /* explicitly set the target */
- case 'o':
- outname = *argv++;
- break;
- case 'f':
- /* skip errors in signatures without prompts */
- force++;
- break;
- case 't':
- /* provide password on command line */
- transport_pass = *argv++;
- break;
- case 'u':
- /* provide user password on command line */
- user_pass = *argv++;
- break;
- default:
- usage(progname);
- break;
- }
- }
- } else if (filename) {
- usage(progname);
- } else {
- filename = cp;
- }
- }
-
- if (filename == NULL) usage(progname);
- if (outname == NULL) outname = getDefaultTarget();
-
-
- now = PR_Now();
- /* read the file in */
- fd = PR_Open(filename,PR_RDONLY,0);
- if (fd == NULL) {
- fprintf(stderr,"%s: couldn't open file \"%s\".\n",progname,filename);
- exit(1);
- }
-
- prv = PR_GetOpenFileInfo(fd,&info);
- if (prv != PR_SUCCESS) {
- fprintf(stderr,"%s: couldn't get info on file \"%s\".\n",
- progname,filename);
- exit(1);
- }
-
- size = info.size;
-
- file.data = malloc(size);
- file.len = size;
-
- file.len = PR_Read(fd,file.data,file.len);
- if (file.len < 0) {
- fprintf(stderr,"%s: couldn't read file \"%s\".\n",progname, filename);
- exit(1);
- }
-
- PR_Close(fd);
-
- /* Parse the file */
- swfile = FORT_GetSWFile(&file);
- if (swfile == NULL) {
- fprintf(stderr,
- "%s: File \"%s\" not a valid FORTEZZA initialization file.\n",
- progname,filename);
- exit(1);
- }
-
- issuer = formatDERIssuer(&swfile->file,&swfile->file.derIssuer);
- if (issuer == NULL) {
- issuer = "<Invalid Issuer DER>";
- }
-
- if (verbose) {
- printf("Processing file %s ....\n",filename);
- printf(" Version %d\n",DER_GetInteger(&swfile->file.version));
- printf(" Issuer: %s\n",issuer);
- printf(" Serial Number: ");
- for (i=0; i < (int)swfile->file.serialID.len; i++) {
- printf(" %02x",swfile->file.serialID.data[i]);
- }
- printf("\n");
- }
-
-
- /* Check the Initalization phrase and save Kinit */
- if (!transport_pass) {
- pass = SECU_GetPasswordString(NULL,"Enter the Initialization Memphrase:");
- transport_pass = pass;
- }
- rv = FORT_CheckInitPhrase(swfile,transport_pass);
- if (rv != SECSuccess) {
- fprintf(stderr,
- "%s: Invalid Initialization Memphrase for file \"%s\".\n",
- progname,filename);
- exit(1);
- }
-
- /* Check the user or init phrase and save Ks, use Kinit to unwrap the
- * remaining data. */
- if (!user_pass) {
- pass = SECU_GetPasswordString(NULL,"Enter the User Memphrase or the User PIN:");
- user_pass = pass;
- }
- rv = FORT_CheckUserPhrase(swfile,user_pass);
- if (rv != SECSuccess) {
- fprintf(stderr,"%s: Invalid User Memphrase or PIN for file \"%s\".\n",
- progname,filename);
- exit(1);
- }
-
- NSS_NoDB_Init(NULL);
- sec_SetCheckKRLState(1);
- certhandle = CERT_GetDefaultCertDB();
-
- /* now dump the certs into the temparary data base */
- for (i=0; swfile->file.slotEntries[i]; i++) {
- int trusted = 0;
- SECItem *derCert = FORT_GetDERCert(swfile,
- swfile->file.slotEntries[i]->certIndex);
-
- if (derCert == NULL) {
- if (verbose) {
- printf(" Cert %02d: %s \"%s\" \n",
- swfile->file.slotEntries[i]->certIndex,
- "untrusted", "Couldn't decrypt Cert");
- }
- continue;
- }
- cert = (CERTCertificate *)
- __CERT_NewTempCertificate(certhandle,derCert, NULL,
- PR_FALSE, PR_TRUE);
- if (cert == NULL) {
- if (verbose) {
- printf(" Cert %02d: %s \"%s\" \n",
- swfile->file.slotEntries[i]->certIndex,
- "untrusted", "Couldn't decode Cert");
- }
- continue;
- }
- if (swfile->file.slotEntries[i]->trusted.data[0]) {
- /* Add TRUST */
- trust = PORT_ArenaAlloc(cert->arena,sizeof(CERTCertTrust));
- if (trust != NULL) {
- trust->sslFlags = CERTDB_VALID_CA|CERTDB_TRUSTED_CA;
- trust->emailFlags = CERTDB_VALID_CA|CERTDB_TRUSTED_CA;
- trust->objectSigningFlags = CERTDB_VALID_CA|CERTDB_TRUSTED_CA;
- cert->trust = trust;
- trusted++;
- }
- }
- if (verbose) {
- printf(" Cert %02d: %s \"%s\" \n",
- swfile->file.slotEntries[i]->certIndex,
- trusted?" trusted ":"untrusted",
- CERT_NameToAscii(&cert->subject));
- }
- }
-
- fflush(stdout);
-
-
- cert = CERT_FindCertByName(certhandle,&swfile->file.derIssuer);
- if (cert == NULL) {
- fprintf(stderr,"%s: Couldn't find signer certificate \"%s\".\n",
- progname,issuer);
- rv = SECFailure;
- goto noverify;
- }
- rv = CERT_VerifySignedData(&swfile->signatureWrap,cert, now, NULL);
- if (rv != SECSuccess) {
- fprintf(stderr,
- "%s: Couldn't verify the signature on file \"%s\" with certificate \"%s\".\n",
- progname,filename,issuer);
- goto noverify;
- }
- rv = CERT_VerifyCert(certhandle, cert, PR_TRUE, certUsageSSLServer,
- now ,NULL,NULL);
- /* not an normal cert, see if it's a CA? */
- if (rv != SECSuccess) {
- rv = CERT_VerifyCert(certhandle, cert, PR_TRUE, certUsageAnyCA,
- now ,NULL,NULL);
- }
- if (rv != SECSuccess) {
- fprintf(stderr,"%s: Couldn't verify the signer certificate \"%s\".\n",
- progname,issuer);
- goto noverify;
- }
-
-noverify:
- if (rv != SECSuccess) {
- if (!force) {
- pass = GetUserInput(
- "Signature verify failed, continue without verification? ");
- if (!(pass && ((*pass == 'Y') || (*pass == 'y')))) {
- exit(1);
- }
- }
- }
-
-
- /* now write out the modified init file for future use */
- outItem = FORT_PutSWFile(swfile);
- if (outItem == NULL) {
- fprintf(stderr,"%s: Couldn't format target init file.\n",
- progname);
- goto noverify;
- }
-
- if (verbose) {
- printf("writing modified file out to \"%s\".\n",outname);
- }
-
- /* now write it out */
- fd = PR_Open(outname,PR_WRONLY|PR_CREATE_FILE|PR_TRUNCATE,0700);
- if (fd == NULL) {
- fprintf(stderr,"%s: couldn't open file \"%s\".\n",progname,outname);
- exit(1);
- }
-
- file.len = PR_Write(fd,outItem->data,outItem->len);
- if (file.len < 0) {
- fprintf(stderr,"%s: couldn't read file \"%s\".\n",progname, filename);
- exit(1);
- }
-
- PR_Close(fd);
-
- exit(0);
- return (0);
-}
-
diff --git a/security/nss/cmd/swfort/instinit/manifest.mn b/security/nss/cmd/swfort/instinit/manifest.mn
deleted file mode 100644
index 83cb3e2da..000000000
--- a/security/nss/cmd/swfort/instinit/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../..
-
-DEFINES += -DNSPR20
-
-MODULE = security
-
-CSRCS = instinit.c
-
-REQUIRES = security nspr dbm seccmd
-
-PROGRAM = instinit
-# PROGRAM = ./$(OBJDIR)/selfserv.exe
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/swfort/manifest.mn b/security/nss/cmd/swfort/manifest.mn
deleted file mode 100644
index 2f8be569d..000000000
--- a/security/nss/cmd/swfort/manifest.mn
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-REQUIRES = security seccmd dbm
-
-
-DIRS = instinit newuser
diff --git a/security/nss/cmd/swfort/newuser/Makefile b/security/nss/cmd/swfort/newuser/Makefile
deleted file mode 100644
index f0a47a0a3..000000000
--- a/security/nss/cmd/swfort/newuser/Makefile
+++ /dev/null
@@ -1,83 +0,0 @@
-#! gmake
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-ctmp := $(shell $(MAKE) -C ../../../lib/fortcrypt --no-print-directory cilib_name)
-ifeq ($(ctmp), $(patsubst /%,/,$(ctmp)))
- CILIB := ../../../lib/fortcrypt/$(ctmp)
-else
- CILIB := $(ctmp)
-endif
-
-EXTRA_LIBS += $(CILIB)
-
-include ../../platlibs.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../../platrules.mk
-
diff --git a/security/nss/cmd/swfort/newuser/manifest.mn b/security/nss/cmd/swfort/newuser/manifest.mn
deleted file mode 100644
index d48803b1e..000000000
--- a/security/nss/cmd/swfort/newuser/manifest.mn
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../..
-
-DEFINES += -DNSPR20
-
-MODULE = security
-
-CSRCS = newuser.c mktst.c
-
-REQUIRES = security nspr dbm seccmd
-
-PROGRAM = newuser
-
-USE_STATIC_LIBS = 1
diff --git a/security/nss/cmd/swfort/newuser/mktst.c b/security/nss/cmd/swfort/newuser/mktst.c
deleted file mode 100644
index 6e111d3dd..000000000
--- a/security/nss/cmd/swfort/newuser/mktst.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-
-#include "prio.h"
-#include "swforti.h"
-#include "maci.h"
-#include "secder.h"
-#include "blapi.h"
-
-void
-printkey(char *s, unsigned char *block) {
- int i;
- printf("%s \n 0x",s);
- for(i=0; i < 10; i++) printf("%02x",block[i]);
- printf("\n");
-}
-
-void
-printblock(char *s, unsigned char *block) {
- int i;
- printf("%s \n 0x",s);
- for(i=0; i < 8; i++) printf("%02x",block[i]);
- printf("\n 0x");
- for(i=8; i < 16; i++) printf("%02x",block[i]);
- printf("\n");
-}
-
-
-static char *leafbits="THIS IS NOT LEAF";
-
-static void
-encryptCertEntry(fortProtectedData *pdata,FORTSkipjackKeyPtr Ks,
- unsigned char *data,int len)
-{
- unsigned char *dataout;
- int enc_len;
- /* XXX Make length */
- pdata->dataIV.data = PORT_ZAlloc(24);
- pdata->dataIV.len = 24;
- PORT_Memcpy(pdata->dataIV.data,leafbits,SKIPJACK_LEAF_SIZE);
- fort_GenerateRandom(&pdata->dataIV.data[SKIPJACK_LEAF_SIZE],
- SKIPJACK_BLOCK_SIZE);
- enc_len = (len + (SKIPJACK_BLOCK_SIZE-1)) & ~(SKIPJACK_BLOCK_SIZE-1);
- dataout = pdata->dataEncryptedWithKs.data = PORT_ZAlloc(enc_len);
- pdata->dataEncryptedWithKs.len = enc_len;
- fort_skipjackEncrypt(Ks,&pdata->dataIV.data[SKIPJACK_LEAF_SIZE],
- enc_len, data,dataout);
- if (len > 255) {
- pdata->length.data = PORT_ZAlloc(2);
- pdata->length.data[0] = (len >> 8) & 0xff;
- pdata->length.data[1] = len & 0xff;
- pdata->length.len = 2;
- } else {
- pdata->length.data = PORT_ZAlloc(1);
- pdata->length.data[0] = len & 0xff;
- pdata->length.len = 1;
- }
-
-}
-
-unsigned char issuer[30] = { 0 };
-
-void
-makeCertSlot(fortSlotEntry *entry,int index,char *label,SECItem *cert,
- FORTSkipjackKeyPtr Ks, unsigned char *xKEA, unsigned char *xDSA,
- unsigned char *pubKey, int pubKeyLen, unsigned char *p, unsigned char *q,
- unsigned char *g)
-{
- unsigned char *key; /* private key */
-
- entry->trusted.data = PORT_Alloc(1);
- *entry->trusted.data = index == 0 ? 1 : 0;
- entry->trusted.len = 1;
- entry->certificateIndex.data = PORT_Alloc(1);
- *entry->certificateIndex.data = index;
- entry->certificateIndex.len = 1;
- entry->certIndex = index;
- encryptCertEntry(&entry->certificateLabel,Ks,
- (unsigned char *)label, strlen(label));
- encryptCertEntry(&entry->certificateData,Ks, cert->data, cert->len);
- if (xKEA) {
- entry->exchangeKeyInformation = PORT_ZNew(fortKeyInformation);
- entry->exchangeKeyInformation->keyFlags.data = PORT_ZAlloc(1);
- entry->exchangeKeyInformation->keyFlags.data[0] = 1;
- entry->exchangeKeyInformation->keyFlags.len = 1;
- key = PORT_Alloc(24);
- fort_skipjackWrap(Ks,24,xKEA,key);
- entry->exchangeKeyInformation->privateKeyWrappedWithKs.data = key;
- entry->exchangeKeyInformation->privateKeyWrappedWithKs.len = 24;
- entry->exchangeKeyInformation->derPublicKey.data = pubKey;
- entry->exchangeKeyInformation->derPublicKey.len = pubKeyLen;
- entry->exchangeKeyInformation->p.data = p;
- entry->exchangeKeyInformation->p.len = 128;
- entry->exchangeKeyInformation->q.data = q;
- entry->exchangeKeyInformation->q.len = 20;
- entry->exchangeKeyInformation->g.data = g;
- entry->exchangeKeyInformation->g.len = 128;
-
- entry->signatureKeyInformation = PORT_ZNew(fortKeyInformation);
- entry->signatureKeyInformation->keyFlags.data = PORT_ZAlloc(1);
- entry->signatureKeyInformation->keyFlags.data[0] = 1;
- entry->signatureKeyInformation->keyFlags.len = 1;
- key = PORT_Alloc(24);
- fort_skipjackWrap(Ks,24,xDSA,key);
- entry->signatureKeyInformation->privateKeyWrappedWithKs.data = key;
- entry->signatureKeyInformation->privateKeyWrappedWithKs.len = 24;
- entry->signatureKeyInformation->derPublicKey.data = pubKey;
- entry->signatureKeyInformation->derPublicKey.len = pubKeyLen;
- entry->signatureKeyInformation->p.data = p;
- entry->signatureKeyInformation->p.len = 128;
- entry->signatureKeyInformation->q.data = q;
- entry->signatureKeyInformation->q.len = 20;
- entry->signatureKeyInformation->g.data = g;
- entry->signatureKeyInformation->g.len = 128;
- } else {
- entry->exchangeKeyInformation = NULL;
- entry->signatureKeyInformation = NULL;
- }
-
- return;
-}
-
-
-void
-makeProtectedPhrase(FORTSWFile *file, fortProtectedPhrase *prot_phrase,
- FORTSkipjackKeyPtr Ks, FORTSkipjackKeyPtr Kinit, char *phrase)
-{
- SHA1Context *sha;
- unsigned char hashout[SHA1_LENGTH];
- FORTSkipjackKey Kfek;
- unsigned int len;
- unsigned char cw[4];
- unsigned char enc_version[2];
- unsigned char *data = NULL;
- int keySize;
- int i,version;
- char tmp_data[13];
-
- if (strlen(phrase) < 12) {
- PORT_Memset(tmp_data, ' ', sizeof(tmp_data));
- PORT_Memcpy(tmp_data,phrase,strlen(phrase));
- tmp_data[12] = 0;
- phrase = tmp_data;
- }
-
- /* now calculate the PBE key for fortezza */
- sha = SHA1_NewContext();
- SHA1_Begin(sha);
- version = DER_GetUInteger(&file->version);
- enc_version[0] = (version >> 8) & 0xff;
- enc_version[1] = version & 0xff;
- SHA1_Update(sha,enc_version,sizeof(enc_version));
- SHA1_Update(sha,file->derIssuer.data, file->derIssuer.len);
- SHA1_Update(sha,file->serialID.data, file->serialID.len);
- SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
- SHA1_End(sha,hashout,&len,SHA1_LENGTH);
- PORT_Memcpy(Kfek,hashout,sizeof(FORTSkipjackKey));
-
- keySize = sizeof(CI_KEY);
- if (Kinit) keySize = SKIPJACK_BLOCK_SIZE*2;
- data = PORT_ZAlloc(keySize);
- prot_phrase->wrappedKValue.data = data;
- prot_phrase->wrappedKValue.len = keySize;
- fort_skipjackWrap(Kfek,sizeof(CI_KEY),Ks,data);
-
- /* first, decrypt the hashed/Encrypted Memphrase */
- data = (unsigned char *) PORT_ZAlloc(SHA1_LENGTH+sizeof(cw));
-
- /* now build the hash for comparisons */
- SHA1_Begin(sha);
- SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
- SHA1_End(sha,hashout,&len,SHA1_LENGTH);
- SHA1_DestroyContext(sha,PR_TRUE);
-
-
- /* now calcuate the checkword and compare it */
- cw[0] = cw[1] = cw[2] = cw[3] = 0;
- for (i=0; i <5 ; i++) {
- cw[0] = cw[0] ^ hashout[i*4];
- cw[1] = cw[1] ^ hashout[i*4+1];
- cw[2] = cw[2] ^ hashout[i*4+2];
- cw[3] = cw[3] ^ hashout[i*4+3];
- }
-
- PORT_Memcpy(data,hashout,len);
- PORT_Memcpy(data+len,cw,sizeof(cw));
-
- prot_phrase->memPhraseIV.data = PORT_ZAlloc(24);
- prot_phrase->memPhraseIV.len = 24;
- PORT_Memcpy(prot_phrase->memPhraseIV.data,leafbits,SKIPJACK_LEAF_SIZE);
- fort_GenerateRandom(&prot_phrase->memPhraseIV.data[SKIPJACK_LEAF_SIZE],
- SKIPJACK_BLOCK_SIZE);
- prot_phrase->kValueIV.data = PORT_ZAlloc(24);
- prot_phrase->kValueIV.len = 24;
- PORT_Memcpy(prot_phrase->kValueIV.data,leafbits,SKIPJACK_LEAF_SIZE);
- fort_GenerateRandom(&prot_phrase->kValueIV.data[SKIPJACK_LEAF_SIZE],
- SKIPJACK_BLOCK_SIZE);
- fort_skipjackEncrypt(Ks,&prot_phrase->memPhraseIV.data[SKIPJACK_LEAF_SIZE],
- len+sizeof(cw), data,data);
-
- prot_phrase->hashedEncryptedMemPhrase.data = data;
- prot_phrase->hashedEncryptedMemPhrase.len = len+sizeof(cw);
-
- if (Kinit) {
- fort_skipjackEncrypt(Kinit,
- &prot_phrase->kValueIV.data[SKIPJACK_LEAF_SIZE],
- prot_phrase->wrappedKValue.len,
- prot_phrase->wrappedKValue.data,
- prot_phrase->wrappedKValue.data );
- }
-
- return;
-}
-
-
-void
-fill_in(SECItem *item,unsigned char *data, int len)
-{
- item->data = PORT_Alloc(len);
- PORT_Memcpy(item->data,data,len);
- item->len = len;
-}
-
diff --git a/security/nss/cmd/swfort/newuser/newuser.c b/security/nss/cmd/swfort/newuser/newuser.c
deleted file mode 100644
index 94e6c21ab..000000000
--- a/security/nss/cmd/swfort/newuser/newuser.c
+++ /dev/null
@@ -1,1132 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <stdio.h>
-#include <fcntl.h>
-#include <sys/types.h>
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-#include "cryptint.h"
-#include "blapi.h" /* program calls low level functions directly!*/
-#include "pk11func.h"
-#include "secmod.h"
-/*#include "secmodi.h"*/
-#include "cert.h"
-#include "key.h"
-#include "swforti.h"
-#include "secutil.h"
-#include "secrng.h"
-
-#ifndef O_BINARY
-#define O_BINARY 0
-#endif
-
-#define MAX_PERSONALITIES 50
-typedef struct {
- int index;
- CI_CERT_STR label;
- CERTCertificate *cert;
-} certlist;
-
-typedef struct {
- int card;
- int index;
- CI_CERT_STR label;
- certlist valid[MAX_PERSONALITIES];
- int count;
-} Cert;
-
-
-#define EMAIL_OID_LEN 9
-#define EMAIL_OID 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01
-unsigned char emailAVA[127] = {
- 0x31, 6+EMAIL_OID_LEN, /* Set */
- 0x30, 4+EMAIL_OID_LEN, /* Sequence */
- 0x06, EMAIL_OID_LEN, EMAIL_OID,
- 0x13, 0, /* printable String */
-};
-#define EMAIL_DATA_START 8+EMAIL_OID_LEN
-
-int emailOffset[] = { 1, 3, EMAIL_DATA_START-1 };
-int offsetCount = sizeof(emailOffset)/sizeof(emailOffset[0]);
-
-unsigned char hash[20] = { 'H', 'a', 's', 'h', ' ', 'F', 'a', 'i', 'l', 'e',
- 'd', ' ', '*', '*', '*', '*', '*', '*', '*', '*' };
-unsigned char sig[40] = { 'H', 'a', 's', 'h', ' ', 'F', 'a', 'i', 'l', 'e',
- 'd', ' ', '*', '*', '*', '*', '*', '*', '*', '*',
- '>', '>', '>', ' ', 'N', 'o', 't', ' ', 'S', 'i',
- 'g', 'n', 'd', ' ', '<', '<', '<', ' ', ' ', ' ' };
-
-
-/*void *malloc(int); */
-
-unsigned char *data_start(unsigned char *buf, int length, int *data_length)
-{
- unsigned char tag;
- int used_length= 0;
-
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0) {
- return NULL;
- }
-
- *data_length = buf[used_length++];
-
- if (*data_length&0x80) {
- int len_count = *data_length & 0x7f;
-
- *data_length = 0;
-
- while (len_count-- > 0) {
- *data_length = (*data_length << 8) | buf[used_length++];
- }
- }
-
- if (*data_length > (length-used_length) ) {
- *data_length = length-used_length;
- return NULL;
- }
-
- return (buf + used_length);
-}
-
-unsigned char *
-GetAbove(unsigned char *cert,int cert_length,int *above_len)
-{
- unsigned char *buf = cert;
- int buf_length = cert_length;
- unsigned char *tmp;
- int len;
-
- *above_len = 0;
-
- /* optional serial number */
- if ((buf[0] & 0xa0) == 0xa0) {
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- }
- /* serial number */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* skip the OID */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* issuer */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* skip the date */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
-
- *above_len = buf - cert;
- return cert;
-}
-
-unsigned char *
-GetSubject(unsigned char *cert,int cert_length,int *subj_len) {
- unsigned char *buf = cert;
- int buf_length = cert_length;
- unsigned char *tmp;
- int len;
-
- *subj_len = 0;
-
- /* optional serial number */
- if ((buf[0] & 0xa0) == 0xa0) {
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- }
- /* serial number */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* skip the OID */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* issuer */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* skip the date */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
-
- return data_start(buf,buf_length,subj_len);
-}
-
-unsigned char *
-GetBelow(unsigned char *cert,int cert_length,int *below_len) {
- unsigned char *subj;
- int subj_len;
- unsigned char *below;
-
- *below_len = 0;
-
- subj = GetSubject(cert,cert_length,&subj_len);
-
- below = subj + subj_len;
- *below_len = cert_length - (below - cert);
- return below;
-}
-
-unsigned char *
-GetSignature(unsigned char *sig,int sig_length,int *subj_len) {
- unsigned char *buf = sig;
- int buf_length = sig_length;
- unsigned char *tmp;
- int len;
-
- *subj_len = 0;
-
- /* signature oid */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
- buf_length -= (tmp-buf) + len;
- buf = tmp + len;
- /* signature data */
- tmp = data_start(buf,buf_length,&len);
- if (tmp == NULL) return NULL;
-
- *subj_len = len -1;
- return tmp+1;
-}
-
-int DER_Sequence(unsigned char *buf, int length) {
- int next = 0;
-
- buf[next++] = 0x30;
- if (length < 0x80) {
- buf[next++] = length;
- } else {
- buf[next++] = 0x82;
- buf[next++] = (length >> 8) & 0xff;
- buf[next++] = length & 0xff;
- }
- return next;
-}
-
-static
-int Cert_length(unsigned char *buf, int length) {
- unsigned char tag;
- int used_length= 0;
- int data_length;
-
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0) {
- return 0;
- }
-
- data_length = buf[used_length++];
-
- if (data_length&0x80) {
- int len_count = data_length & 0x7f;
-
- data_length = 0;
-
- while (len_count-- > 0) {
- data_length = (data_length << 8) | buf[used_length++];
- }
- }
-
- if (data_length > (length-used_length) ) {
- return length;
- }
-
- return (data_length + used_length);
-}
-
-int
-InitCard(int card, char *inpass) {
- int cirv;
- char buf[50];
- char *pass;
-
- cirv = CI_Open( 0 /* flags */, card);
- if (cirv != CI_OK) return cirv;
-
- if (inpass == NULL) {
- sprintf(buf,"Enter PIN for card in socket %d: ",card);
- pass = SECU_GetPasswordString(NULL, buf);
-
- if (pass == NULL) {
- CI_Close(CI_POWER_DOWN_FLAG,card);
- return CI_FAIL;
- }
- } else pass=inpass;
-
- cirv = CI_CheckPIN(CI_USER_PIN,(unsigned char *)pass);
- if (cirv != CI_OK) {
- CI_Close(CI_POWER_DOWN_FLAG,card);
- }
- return cirv;
-}
-
-int
-isUser(CI_PERSON *person) {
- return 1;
-}
-
-int
-isCA(CI_PERSON *person) {
- return 0;
-}
-
-int FoundCert(int card, char *name, Cert *cert) {
- CI_PERSON personalities[MAX_PERSONALITIES];
- CI_PERSON *person;
- int cirv;
- int i;
- int user_len = strlen(name);
-
- PORT_Memset(personalities, 0, sizeof(CI_PERSON)*MAX_PERSONALITIES);
-
- cirv = CI_GetPersonalityList(MAX_PERSONALITIES,personalities);
- if (cirv != CI_OK) return 0;
-
-
- cert->count = 1;
- cert->valid[0].index = 0;
- memcpy(cert->valid[0].label,"RRXX0000Root PAA Certificate ",
- sizeof(cert->valid[0].label));
- cert->valid[0].cert = NULL;
- for (i=0; i < MAX_PERSONALITIES; i++) {
- person = &personalities[i];
- if ( (PORT_Memcmp(person->CertLabel,"RRXX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"RTXX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"LAXX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"INKS",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"INKX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"ONKS",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"ONKX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"KEAK",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"3IKX",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"DSA1",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"DSAI",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"DSAO",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"3IXS",4) == 0) ||
- (PORT_Memcmp(person->CertLabel,"3OXS",4) == 0) ){
- int index;
-
- cert->valid[cert->count].cert = NULL;
- memcpy(cert->valid[cert->count].label,
- person->CertLabel,sizeof(person->CertLabel));
- for (index = sizeof(person->CertLabel)-1;
- cert->valid[cert->count].label[index] == ' '; index--) {
- cert->valid[cert->count].label[index] = 0;
- }
- cert->valid[cert->count++].index = person->CertificateIndex;
- }
- }
- for (i=0; i < MAX_PERSONALITIES; i++) {
- person = &personalities[i];
- if (strncmp((char *)&person->CertLabel[8],name,user_len) == 0) {
- cert->card = card;
- cert->index = person->CertificateIndex;
- memcpy(&cert->label,person->CertLabel,sizeof(person->CertLabel));
- return 1;
- }
- }
- return 0;
-}
-
-void
-Terminate(char *mess, int cirv, int card1, int card2)
-{
- fprintf(stderr,"FAIL: %s error %d\n",mess,cirv);
- if (card1 != -1) CI_Close(CI_POWER_DOWN_FLAG,card1);
- if (card2 != -1) CI_Close(CI_POWER_DOWN_FLAG,card2);
- CI_Terminate();
- exit(1);
-}
-
-void
-usage(char *prog)
-{
- fprintf(stderr,"usage: %s [-e email][-t transport][-u userpin][-U userpass][-s ssopin][-S ssopass][-o outfile] common_name ca_label\n",prog);
- exit(1);
-}
-
-#define CERT_SIZE 2048
-
-
-/* version and oid */
-unsigned char header[] = {
- /* Cert OID */
- 0x02, 0x10,
- 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00,
- 0x30, 0x0b, 0x06, 0x09,
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x13 };
-
-#define KEY_START 21
-#define KMID_OFFSET 4
-#define KEA_OFFSET 15
-#define DSA_OFFSET 148
-unsigned char key[] = {
- /* Sequence(Constructed): 293 bytes (0x125) */
- 0x30, 0x82, 0x01, 0x25,
- /*Sequence(Constructed): 11 bytes (0xb) */
- 0x30, 0x0b,
- /* ObjectId(Universal): 9 bytes (0x9) */
- 0x06, 0x09,
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x14,
- /* BitString(Universal): 276 bytes (0x114) */
- 0x03, 0x82, 0x01, 0x14,
- 0x00, 0x00, 0x01, 0xef, 0x04, 0x01, 0x00, 0x01,
- 0x00, 0x00, 0x69, 0x60, 0x70, 0x00, 0x80, 0x02,
- 0x2e, 0x46, 0xb9, 0xcb, 0x22, 0x72, 0x0b, 0x1c,
- 0xe6, 0x25, 0x20, 0x16, 0x86, 0x05, 0x8e, 0x2b,
- 0x98, 0xd1, 0x46, 0x3d, 0x00, 0xb8, 0x69, 0xe1,
- 0x1a, 0x42, 0x7d, 0x7d, 0xb5, 0xbf, 0x9f, 0x26,
- 0xd3, 0x2c, 0xb1, 0x73, 0x01, 0xb6, 0xb2, 0x6f,
- 0x7b, 0xa5, 0x54, 0x85, 0x60, 0x77, 0x81, 0x8a,
- 0x87, 0x86, 0xe0, 0x2d, 0xbf, 0xdb, 0x28, 0xe8,
- 0xfa, 0x20, 0x35, 0xb4, 0xc0, 0x94, 0x10, 0x8e,
- 0x1c, 0x58, 0xaa, 0x02, 0x60, 0x97, 0xf5, 0xb3,
- 0x2f, 0xf8, 0x99, 0x29, 0x28, 0x73, 0x47, 0x36,
- 0xdd, 0x1d, 0x78, 0x95, 0xeb, 0xb8, 0xec, 0x45,
- 0x96, 0x69, 0x6f, 0x54, 0xc8, 0x1f, 0x2d, 0x3a,
- 0xd9, 0x0e, 0x8e, 0xaa, 0x59, 0x11, 0x8c, 0x3b,
- 0x8d, 0xa4, 0xed, 0xf2, 0x7d, 0xdc, 0x42, 0xaa,
- 0xa4, 0xd2, 0x1c, 0xb9, 0x87, 0xd0, 0xd9, 0x3d,
- 0x8e, 0x89, 0xbb, 0x06, 0x54, 0xcf, 0x32, 0x00,
- 0x02, 0x00, 0x00, 0x80, 0x0b, 0x80, 0x6c, 0x0f,
- 0x71, 0xd1, 0xa1, 0xa9, 0x26, 0xb4, 0xf1, 0xcd,
- 0x6a, 0x7a, 0x09, 0xaa, 0x58, 0x28, 0xd7, 0x35,
- 0x74, 0x8e, 0x7c, 0x83, 0xcb, 0xfe, 0x00, 0x3b,
- 0x62, 0x00, 0xfb, 0x90, 0x37, 0xcd, 0x93, 0xcf,
- 0xf3, 0xe4, 0x6d, 0x8d, 0xdd, 0xb8, 0x53, 0xe0,
- 0x5c, 0xda, 0x1a, 0x7e, 0x56, 0x03, 0x95, 0x03,
- 0x2f, 0x74, 0x86, 0xb1, 0xa0, 0xbb, 0x05, 0x91,
- 0xe4, 0x76, 0x83, 0xe6, 0x62, 0xf9, 0x12, 0x64,
- 0x5a, 0x62, 0xd8, 0x94, 0x04, 0x1f, 0x83, 0x02,
- 0x2e, 0xc5, 0xa7, 0x17, 0x46, 0x46, 0x21, 0x96,
- 0xc3, 0xa9, 0x8e, 0x92, 0x18, 0xd1, 0x52, 0x08,
- 0x1d, 0xff, 0x8e, 0x24, 0xdb, 0x6c, 0xd8, 0xfe,
- 0x80, 0x93, 0xe1, 0xa5, 0x4a, 0x0a, 0x37, 0x24,
- 0x18, 0x07, 0xbe, 0x0f, 0xaf, 0x73, 0xea, 0x50,
- 0x64, 0xa1, 0xb3, 0x77, 0xe5, 0x41, 0x02, 0x82,
- 0x39, 0xb9, 0xe3, 0x94
-};
-
-unsigned char valitity[] = {
- 0x30, 0x1e,
- 0x17, 0x0d,
- '2','0','0','0','0','1','0','1','0','0','0','0','Z',
- 0x17, 0x0d,
- '2','0','0','5','1','2','0','1','0','0','0','0','Z'
-};
-
-
-unsigned char cnam_oid[] = { 0x06, 0x03, 0x55, 0x04, 0x03 };
-
-unsigned char signature[] = {
- /* the OID */
- 0x30, 0x0b, 0x06, 0x09,
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x13,
- /* signature wrap */
- 0x03, 0x29, 0x00,
- /* 40 byte dsa signature */
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
-};
-
-unsigned char fortezza_oid [] = {
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01, 0x13
-};
-
-unsigned char software_ou[] = {
- 0x31, 26, 0x30, 24,
- 0x06, 0x03, 0x55, 0x04, 0x0b,
- 0x13, 17,
- 'S','o','f','t','w',
- 'a','r','e',' ','F',
- 'O','R','T','E','Z','Z','A'
-};
-
-
-char letterarray[] = {
- 'a','b','c','d','e','f','g','h','i','j','k','l','m','n',
- 'o','p','q','r','s','t','u','v','w','x','y','z' };
-
-char constarray[] = {
- 'b','c','d','f','g','h','j','k','l','m','n',
- 'p','q','r','s','t','v','w','x','y','z' };
-
-char vowelarray[] = {
- 'a','e','i','o','u','y' };
-
-char digitarray[] = {
- '0','1','2','3','4','5','6','7','8','9' };
-
-unsigned long
-getRandom(unsigned long max) {
- unsigned short data;
- unsigned long result;
-
- fort_GenerateRandom((unsigned char *)&data,sizeof(data));
-
- result = (unsigned long)data * max;
- result = result >> 16;
- return result;
-}
-
-
-char getLetter(void)
-{
- return letterarray[getRandom(sizeof(letterarray))];
-}
-char getVowel(void)
-{
- return vowelarray[getRandom(sizeof(vowelarray))];
-}
-char getDigit(void)
-{
- return digitarray[getRandom(sizeof(digitarray))];
-}
-
-char getConst(void)
-{
- return constarray[getRandom(sizeof(constarray))];
-}
-
-char *getPinPhrase(void)
-{
- char * pass = PORT_ZAlloc(5);
-
- pass[0] = getDigit();
- pass[1] = getDigit();
- pass[2] = getDigit();
- pass[3] = getDigit();
-
- return pass;
-}
-
-char *getPassPhrase(void)
-{
- char * pass = PORT_ZAlloc(13);
-
- pass[0] = getConst()+'A'-'a';
- pass[1] = getVowel();
- pass[2] = getConst();
- pass[3] = getVowel();
- pass[4] = getConst();
- pass[5] = getVowel();
- pass[6] = getConst();
- pass[7] = getDigit();
- pass[8] = getDigit();
- pass[9] = getDigit();
- pass[10] = getDigit();
- pass[11] = getLetter()+'A'-'a';
-
- return pass;
-}
-
-extern void
-makeCertSlot(fortSlotEntry * entry,
- int index,
- char * label,
- SECItem * cert,
- FORTSkipjackKeyPtr Ks,
- unsigned char *xKEA,
- unsigned char *xDSA,
- unsigned char *pubKey,
- int pubKeyLen,
- unsigned char *p,
- unsigned char *q,
- unsigned char *g);
-
-extern void
-makeProtectedPhrase(FORTSWFile * file,
- fortProtectedPhrase *prot_phrase,
- FORTSkipjackKeyPtr Ks,
- FORTSkipjackKeyPtr Kinit,
- char * phrase);
-
-extern void
-fill_in(SECItem *item, unsigned char *data, int len);
-
-char *userLabel = "INKS0002 ";
-main(int argc, char **argv)
-{
- char *progname = *argv++;
- char *commonName = NULL;
- char *caname = NULL;
- char *email = NULL;
- char *outname = NULL;
- char *cp;
- int arg_count = 0;
- Cert caCert;
- SECItem userCert;
- int cirv,i;
- int cards, start;
- unsigned char *subject;
- int subject_len;
- int signature_len = sizeof(signature);
- int newSubject_len, newCertBody_len, len;
- int cname1_len, cname_len, pstring_len;
- int valitity_len = sizeof(valitity);
- unsigned char origCert[CERT_SIZE];
- unsigned char newSubject[CERT_SIZE];
- unsigned char newCertBody[CERT_SIZE];
- unsigned char newCert[CERT_SIZE];
- unsigned char pstring[CERT_SIZE];
- unsigned char cname1[CERT_SIZE];
- unsigned char cname[CERT_SIZE];
- CERTCertificate *myCACert = NULL;
- CERTCertificate *cert;
- CERTCertDBHandle *certhandle;
- SECStatus rv;
- unsigned char serial[16];
- SECKEYPublicKey *pubKey;
- DSAPrivateKey *keaPrivKey;
- DSAPrivateKey *dsaPrivKey;
- CI_RANDOM randomVal;
- PQGParams *params;
- int pca_index = -1;
- unsigned char *p,*q,*g;
- FORTSkipjackKey Ks;
- FORTSkipjackKey Kinit;
- FORTSWFile *file;
- FORTSignedSWFile *signed_file;
- FORTSignedSWFile *signed_file2;
- unsigned char random[20];
- unsigned char vers;
- unsigned char *data;
- char *transportPin=NULL;
- char *ssoMemPhrase=NULL;
- char *userMemPhrase=NULL;
- char *ssoPin=NULL;
- char *userPin=NULL;
- char *pass=NULL;
- SECItem *outItem;
- int email_len = 0;
- int emailAVA_len = 0;
-
-
- /* put better argument parsing here */
- while ((cp = *argv++) != NULL) {
- if (*cp == '-') {
- while (*++cp) {
- switch (*cp) {
- /* verbose mode */
- case 'e':
- email = *argv++;
- break;
- /* explicitly set the target */
- case 'o':
- outname = *argv++;
- break;
- case 't':
- /* provide password on command line */
- transportPin = *argv++;
- break;
- case 'u':
- /* provide user password on command line */
- userPin = *argv++;
- break;
- case 'U':
- /* provide user password on command line */
- userMemPhrase = *argv++;
- break;
- case 's':
- /* provide user password on command line */
- ssoPin = *argv++;
- break;
- case 'S':
- /* provide user password on command line */
- ssoMemPhrase = *argv++;
- break;
- case 'p':
- /* provide card password on command line */
- pass = *argv++;
- break;
- case 'd':
- transportPin="test1234567890";
- ssoMemPhrase="sso1234567890";
- userMemPhrase="user1234567890";
- ssoPin="9999";
- userPin="0000";
- break;
- default:
- usage(progname);
- break;
- }
- }
- } else switch (arg_count++) {
- case 0:
- commonName = cp;
- break;
- case 1:
- caname = cp;
- break;
- default:
- usage(progname);
- }
- }
-
- if (outname == NULL) outname = "swfort.sfi";
- if (caname == NULL) usage(progname);
-
-
-
- caCert.card = -1;
- memset(newCert,0,CERT_SIZE);
-
- if (commonName == NULL) usage(progname);
-
-
- cirv = CI_Initialize(&cards);
-
- start = 0;
- for (i=0; i < cards; i++) {
- cirv = InitCard(i+1,pass);
- if (cirv == CI_OK) {
- if (FoundCert(i+1,caname,&caCert)) {
- break;
- }
- }
- }
-
- if (caCert.card == -1) {
- fprintf(stderr,
- "WARNING: Couldn't find Signing CA...new cert will not be signed\n");
- }
-
-
- /*
- * initialize enough security to deal with certificates.
- */
- NSS_NoDB_Init(NULL);
- certhandle = CERT_GetDefaultCertDB();
- if (certhandle == NULL) {
- Terminate("Couldn't build temparary Cert Database",
- 1, -1, caCert.card);
- exit(1);
- }
-
- CI_GenerateRandom(random);
- RNG_RandomUpdate(random,sizeof(random));
- CI_GenerateRandom(random);
- RNG_RandomUpdate(random,sizeof(random));
-
-
- if (transportPin == NULL) transportPin = getPassPhrase();
- if (ssoMemPhrase == NULL) ssoMemPhrase = getPassPhrase();
- if (userMemPhrase == NULL) userMemPhrase = getPassPhrase();
- if (ssoPin == NULL) ssoPin = getPinPhrase();
- if (userPin == NULL) userPin = getPinPhrase();
-
-
-
- /* now dump the certs into the temparary data base */
- for (i=0; i < caCert.count; i++) {
- int trusted = 0;
- SECItem derCert;
-
- cirv = CI_Select(caCert.card);
- if (cirv != CI_OK) {
- Terminate("Couldn't select on CA card",cirv,
- -1, caCert.card);
- }
- cirv = CI_GetCertificate(caCert.valid[i].index,origCert);
- if (cirv != CI_OK) {
- continue;
- }
- derCert.data = origCert;
- derCert.len = Cert_length(origCert, sizeof(origCert));
- cert =
- (CERTCertificate *)CERT_NewTempCertificate(certhandle,&derCert, NULL,
- PR_FALSE, PR_TRUE);
- caCert.valid[i].cert = cert;
- if (cert == NULL) continue;
- if (caCert.valid[i].index == caCert.index) myCACert=cert;
- if (caCert.valid[i].index == atoi((char *)&caCert.label[4]))
- pca_index = i;
- }
-
- if (myCACert == NULL) {
- Terminate("Couldn't find CA's Certificate", 1, -1, caCert.card);
- exit(1);
- }
-
-
- /*
- * OK now build the user cert.
- */
- /* first get the serial number and KMID */
- cirv = CI_GenerateRandom(randomVal);
- memcpy(&header[2],randomVal,sizeof(serial));
- memcpy(serial,randomVal,sizeof(serial));
- memcpy(&key[KEY_START+KMID_OFFSET],randomVal+sizeof(serial),7);
- /* KMID */
-
- /* now generate the keys */
- pubKey = CERT_ExtractPublicKey(myCACert);
- if (pubKey == NULL) {
- Terminate("Couldn't extract CA's public key",
- 1, -1, caCert.card);
- exit(1);
- }
-
-
- switch (pubKey->keyType) {
- case fortezzaKey:
- params = (PQGParams *)&pubKey->u.fortezza.params;
- break;
- case dsaKey:
- params = (PQGParams *)&pubKey->u.dsa.params;
- break;
- default:
- Terminate("Certificate is not a fortezza or DSA Cert",
- 1, -1, caCert.card);
- exit(1);
- }
-
- rv = DSA_NewKey(params,&keaPrivKey);
- if (rv != SECSuccess) {
- Terminate("Couldn't Generate KEA key",
- PORT_GetError(), -1, caCert.card);
- exit(1);
- }
- rv = DSA_NewKey(params,&dsaPrivKey);
- if (rv != SECSuccess) {
- Terminate("Couldn't Generate DSA key",
- PORT_GetError(), -1, caCert.card);
- exit(1);
- }
-
- if (keaPrivKey->publicValue.len == 129)
- keaPrivKey->publicValue.data++;
- if (dsaPrivKey->publicValue.len == 129)
- dsaPrivKey->publicValue.data++;
- if (keaPrivKey->privateValue.len == 21)
- keaPrivKey->privateValue.data++;
- if (dsaPrivKey->privateValue.len == 21)
- dsaPrivKey->privateValue.data++;
-
- /* save the parameters */
- p = params->prime.data;
- if (params->prime.len == 129) p++;
- q = params->subPrime.data;
- if (params->subPrime.len == 21) q++;
- g = params->base.data;
- if (params->base.len == 129) g++;
-
- memcpy(&key[KEY_START+KEA_OFFSET],
- keaPrivKey->publicValue.data,
- keaPrivKey->publicValue.len);
- memcpy(&key[KEY_START+DSA_OFFSET],
- dsaPrivKey->publicValue.data,
- dsaPrivKey->publicValue.len);
-
- /* build the der subject */
- subject = data_start(myCACert->derSubject.data,myCACert->derSubject.len,
- &subject_len);
-
- /* build the new Common name AVA */
- len = DER_Sequence(pstring,strlen(commonName));
- memcpy(pstring+len,commonName,strlen(commonName));
- len += strlen(commonName);
- pstring_len = len;
- pstring[0] = 0x13;
-
- len = DER_Sequence(cname1,sizeof(cnam_oid)+pstring_len);
- memcpy(cname1+len,cnam_oid,sizeof(cnam_oid)); len += sizeof(cnam_oid);
- memcpy(cname1+len,pstring,pstring_len); len += pstring_len;
- cname1_len = len;
-
- len = DER_Sequence(cname, cname1_len);
- memcpy(cname+len,cname1,cname1_len); len += cname1_len;
- cname_len = len;
- cname[0] = 0x31; /* make it a set rather than a sequence */
-
- if (email) {
- email_len = strlen(email);
- emailAVA_len = EMAIL_DATA_START + email_len;
- }
-
- /* now assemble it */
- len = DER_Sequence(newSubject,subject_len + sizeof(software_ou) +
- cname_len + emailAVA_len);
- memcpy(newSubject+len,subject,subject_len);
-
- for (i=0; i < subject_len; i++) {
- if (memcmp(newSubject+len+i,cnam_oid,sizeof(cnam_oid)) == 0) {
- newSubject[i+len+4] = 0x0b; /* change CN to OU */
- break;
- }
- }
- len += subject_len;
- memcpy(newSubject+len,software_ou,sizeof(software_ou));
- len += sizeof(software_ou);
- memcpy(newSubject+len,cname,cname_len); len += cname_len;
- newSubject_len = len;
-
- /*
- * build the email AVA
- */
- if (email) {
- memcpy(&emailAVA[EMAIL_DATA_START],email,email_len);
- for (i=0; i < offsetCount; i++) {
- emailAVA[emailOffset[i]] += email_len;
- }
- memcpy(newSubject+len,emailAVA,emailAVA_len);
- newSubject_len += emailAVA_len;
- }
-
-
- /*
- * Assemble the Cert
- */
-
- len = DER_Sequence(newCertBody,sizeof(header)+newSubject_len+
- valitity_len+myCACert->derSubject.len+sizeof(key));
- memcpy(newCertBody+len,header,sizeof(header));len += sizeof(header);
- memcpy(newCertBody+len,myCACert->derSubject.data,
- myCACert->derSubject.len);len += myCACert->derSubject.len;
- memcpy(newCertBody+len,valitity,valitity_len);len += valitity_len;
- memcpy(newCertBody+len,newSubject,newSubject_len);
- len += newSubject_len;
- memcpy(newCertBody+len,key,sizeof(key));len += sizeof(key);
- newCertBody_len = len;
-
-
- /*
- * generate the hash
- */
- cirv = CI_InitializeHash();
- if (cirv == CI_OK) {
- int hash_left = newCertBody_len & 63;
- int hash_len = newCertBody_len - hash_left;
- cirv = CI_Hash(hash_len,newCertBody);
- if (cirv == CI_OK) {
- cirv = CI_GetHash(hash_left,newCertBody+hash_len,hash);
- }
- }
-
- /*
- * now sign the hash
- */
- if ((cirv == CI_OK) && (caCert.card != -1)) {
- cirv = CI_Select(caCert.card);
- if (cirv == CI_OK) {
- cirv = CI_SetPersonality(caCert.index);
- if (cirv == CI_OK) {
- cirv = CI_Sign(hash,sig);
- }
- }
- } else cirv = -1;
-
- if (cirv != CI_OK) {
- memcpy(sig,hash,sizeof(hash));
- }
-
- /*
- * load in new signature
- */
- {
- int sig_len;
- unsigned char *sig_start =
- GetSignature(signature,signature_len,&sig_len);
- memcpy(sig_start,sig,sizeof(sig));
- }
-
- /*
- * now do the final wrap
- */
- len = DER_Sequence(newCert,newCertBody_len+signature_len);
- memcpy(newCert+len,newCertBody,newCertBody_len); len += newCertBody_len;
- memcpy(newCert+len, signature, signature_len); len +=signature_len;
- userCert.data = newCert;
- userCert.len = len;
-
-
- /* OK, we now have our cert, let's go build our software file */
- signed_file = PORT_ZNew(FORTSignedSWFile);
- file = &signed_file->file;
-
- signed_file->signatureWrap.signature.data = PORT_ZAlloc(40);
- signed_file->signatureWrap.signature.len = 40;
- signed_file->signatureWrap.signatureAlgorithm.algorithm.data =
- fortezza_oid;
- signed_file->signatureWrap.signatureAlgorithm.algorithm.len =
- sizeof(fortezza_oid);
-
- vers = 1;
- fill_in(&file->version,&vers,1);
- file->derIssuer.data = myCACert->derSubject.data;
- file->derIssuer.len = myCACert->derSubject.len;
- file->serialID.data = serial;
- file->serialID.len =sizeof(serial);
- /* generate out Ks value */
- fort_GenerateRandom(Ks,sizeof(Ks));
- makeProtectedPhrase(file,&file->initMemPhrase,Kinit,NULL,transportPin);
- makeProtectedPhrase(file,&file->ssoMemPhrase,Ks,Kinit,ssoMemPhrase);
- makeProtectedPhrase(file,&file->ssoPinPhrase,Ks,Kinit,ssoPin);
- makeProtectedPhrase(file,&file->userMemPhrase,Ks,Kinit,userMemPhrase);
- makeProtectedPhrase(file,&file->userPinPhrase,Ks,Kinit,userPin);
- file->wrappedRandomSeed.data = PORT_ZAlloc(12);
- file->wrappedRandomSeed.len = 12;
- cirv = fort_GenerateRandom(file->wrappedRandomSeed.data,10);
- if (cirv != CI_OK) {
- Terminate("Couldn't get Random Seed",
- cirv, -1, caCert.card);
- }
- fort_skipjackWrap(Ks,12,file->wrappedRandomSeed.data,
- file->wrappedRandomSeed.data);
- file->slotEntries = PORT_ZAlloc(sizeof(fortSlotEntry *)*5);
- /* paa */
- file->slotEntries[0] = PORT_ZNew(fortSlotEntry);
- makeCertSlot(file->slotEntries[0],0,
- (char *)caCert.valid[0].label,
- &caCert.valid[0].cert->derCert,
- Ks,NULL,NULL,NULL,0,p,q,g);
- /* pca */
- file->slotEntries[1] = PORT_ZNew(fortSlotEntry);
- makeCertSlot(file->slotEntries[1],1,
- (char *)caCert.valid[pca_index].label,
- &caCert.valid[pca_index].cert->derCert,
- Ks,NULL,NULL,NULL,0,p,q,g);
- /* ca */
- file->slotEntries[2] = PORT_ZNew(fortSlotEntry);
- /* make sure the caCert lable points to our new pca slot location */
- caCert.label[4] = '0';
- caCert.label[5] = '0';
- caCert.label[6] = '0';
- caCert.label[7] = '1';
- makeCertSlot(file->slotEntries[2],2,(char *)caCert.label,
- &myCACert->derCert,Ks,NULL,NULL,NULL,0,p,q,g);
- /* user */
- file->slotEntries[3] = PORT_ZNew(fortSlotEntry);
- strncpy(&userLabel[8],commonName,sizeof(CI_PERSON)-8);
- makeCertSlot(file->slotEntries[3],3,userLabel,&userCert,Ks,
- keaPrivKey->privateValue.data,
- dsaPrivKey->privateValue.data,
- key, sizeof(key), p, q, g);
- file->slotEntries[4] = 0;
-
- /* encode the file so we can sign it */
- outItem = FORT_PutSWFile(signed_file);
-
- /* get the der encoded data to sign */
- signed_file2 = FORT_GetSWFile(outItem);
-
- /* now sign it */
- len = signed_file2->signatureWrap.data.len;
- data = signed_file2->signatureWrap.data.data;
- /*
- * generate the hash
- */
- cirv = CI_InitializeHash();
- if (cirv == CI_OK) {
- int hash_left = len & 63;
- int hash_len = len - hash_left;
- cirv = CI_Hash(hash_len,data);
- if (cirv == CI_OK) {
- cirv = CI_GetHash(hash_left,data+hash_len,hash);
- }
- }
-
- /*
- * now sign the hash
- */
- if ((cirv == CI_OK) && (caCert.card != -1)) {
- cirv = CI_Select(caCert.card);
- if (cirv == CI_OK) {
- cirv = CI_SetPersonality(caCert.index);
- if (cirv == CI_OK) {
- cirv = CI_Sign(hash,sig);
- }
- }
- } else cirv = -1;
-
- if (cirv != CI_OK) {
- memcpy(sig,hash,sizeof(hash));
- }
- memcpy( signed_file->signatureWrap.signature.data,sig,sizeof(sig));
- signed_file->signatureWrap.signature.len = sizeof(sig)*8;
-
-
- /* encode it for the last time */
- outItem = FORT_PutSWFile(signed_file);
-
-
- /*
- * write it out to the .sfi file
- */
- {
- int fd = open(outname,O_WRONLY|O_CREAT|O_BINARY,0777);
-
- write(fd,outItem->data,outItem->len);
- close(fd);
- }
- CI_Close(CI_POWER_DOWN_FLAG,caCert.card);
- CI_Terminate();
-
- printf("Wrote %s to file %s.\n",commonName,outname);
- printf("Initialization Memphrase: %s\n",transportPin);
- printf("SSO Memphrase: %s\n",ssoMemPhrase);
- printf("User Memphrase: %s\n",userMemPhrase);
- printf("SSO pin: %s\n",ssoPin);
- printf("User pin: %s\n",userPin);
-
- return 0;
-}
-
diff --git a/security/nss/cmd/tstclnt/Makefile b/security/nss/cmd/tstclnt/Makefile
deleted file mode 100644
index 7e236b453..000000000
--- a/security/nss/cmd/tstclnt/Makefile
+++ /dev/null
@@ -1,82 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include ../platlibs.mk
-
-ifeq ($(OS_ARCH), WINNT)
-ifndef BUILD_OPT
-LDFLAGS += /subsystem:console /profile /debug /machine:I386 /incremental:no
-OS_CFLAGS += -D_CONSOLE
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include ../platlibs.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/tstclnt/makefile.win b/security/nss/cmd/tstclnt/makefile.win
deleted file mode 100644
index 6cf6c12cf..000000000
--- a/security/nss/cmd/tstclnt/makefile.win
+++ /dev/null
@@ -1,130 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-VERBOSE = 1
-include <manifest.mn>
-
-#cannot define PROGRAM in manifest compatibly with NT and UNIX
-PROGRAM = tstclnt
-PROGRAM = ./$(OBJDIR)/$(PROGRAM).exe
-include <$(DEPTH)\config\config.mak>
-
-# let manifest generate C_OBJS, it will prepend ./$(OBJDIR)/
-# rules.mak will append C_OBJS onto OBJS.
-# OBJS = $(CSRCS:.c=.obj)
-
-# include files are looked for in $LINCS and $INCS.
-# $LINCS is in manifest.mnw, computed from REQUIRES=
-INCS = $(INCS) \
- -I$(DEPTH)/security/lib/cert \
- -I../include \
- $(NULL)
-
-IGNORE_ME = \
- -I$(DEPTH)/security/lib/key \
- -I$(DEPTH)/security/lib/util \
- $(NULL)
-
-
-WINFE = $(DEPTH)/cmd/winfe/mkfiles$(MOZ_BITS)/x86Dbg
-
-# these files are the content of libdbm
-DBM_LIB = \
- $(WINFE)/DB.obj \
- $(WINFE)/HASH.obj \
- $(WINFE)/H_BIGKEY.obj \
- $(WINFE)/H_PAGE.obj \
- $(WINFE)/H_LOG2.obj \
- $(WINFE)/H_FUNC.obj \
- $(WINFE)/HASH_BUF.obj \
- $(NULL)
-
-MOZ_LIBS = \
- $(WINFE)/ALLXPSTR.obj \
- $(WINFE)/XP_ERROR.obj \
- $(WINFE)/XPASSERT.obj \
- $(WINFE)/XP_REG.obj \
- $(WINFE)/XP_TRACE.obj \
- $(DBM_LIB) \
- $(WINFE)/XP_STR.obj \
- $(WINFE)/MKTEMP.obj \
- $(NULL)
-
-SEC_LIBS = \
- $(DIST)/lib/cert$(MOZ_BITS).lib \
- $(DIST)/lib/crypto$(MOZ_BITS).lib \
- $(DIST)/lib/hash$(MOZ_BITS).lib \
- $(DIST)/lib/key$(MOZ_BITS).lib \
- $(DIST)/lib/pkcs7$(MOZ_BITS).lib \
- $(DIST)/lib/secmod$(MOZ_BITS).lib \
- $(DIST)/lib/secutl$(MOZ_BITS).lib \
- $(DIST)/lib/ssl$(MOZ_BITS).lib \
- $(NULL)
-
-LLFLAGS = $(LLFLAGS) \
- ../lib/$(OBJDIR)/sectool$(MOZ_BITS).lib \
- $(SEC_LIBS) \
- $(MOZ_LIBS) \
- $(DEPTH)/nspr/src/$(OBJDIR)/getopt.obj \
- $(LIBNSPR) \
- $(NULL)
-
-
-include <$(DEPTH)\config\rules.mak>
-
-INSTALL = $(MAKE_INSTALL)
-
-objs: $(OBJS)
-
-$(PROGRAM)::
- $(INSTALL) $(DIST)/bin/pr3240.dll ./$(OBJDIR)
-
-programs: $(PROGRAM)
-
-install:: $(TARGETS)
- $(INSTALL) $(TARGETS) $(DIST)/bin
-
-
-symbols:
- @echo "CSRCS = $(CSRCS)"
- @echo "INCS = $(INCS)"
- @echo "OBJS = $(OBJS)"
- @echo "LIBRARY = $(LIBRARY)"
- @echo "PROGRAM = $(PROGRAM)"
- @echo "TARGETS = $(TARGETS)"
- @echo "DIST = $(DIST)"
- @echo "VERSION_NUMBER = $(VERSION_NUMBER)"
- @echo "WINFE = $(WINFE)"
- @echo "DBM_LIB = $(DBM_LIB)"
- @echo "INSTALL = $(INSTALL)"
-
diff --git a/security/nss/cmd/tstclnt/manifest.mn b/security/nss/cmd/tstclnt/manifest.mn
deleted file mode 100644
index 00378736a..000000000
--- a/security/nss/cmd/tstclnt/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-# This next line is used by .mk files
-# and gets translated into $LINCS in manifest.mnw
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-# DIRS =
-
-CSRCS = tstclnt.c
-
-PROGRAM = tstclnt
-
diff --git a/security/nss/cmd/tstclnt/tstclnt.c b/security/nss/cmd/tstclnt/tstclnt.c
deleted file mode 100644
index f576b6af4..000000000
--- a/security/nss/cmd/tstclnt/tstclnt.c
+++ /dev/null
@@ -1,730 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-**
-** Sample client side test program that uses SSL and libsec
-**
-*/
-
-#include "secutil.h"
-
-#if defined(XP_UNIX)
-#include <unistd.h>
-#else
-#include "ctype.h" /* for isalpha() */
-#endif
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdarg.h>
-
-#include "nspr.h"
-#include "prio.h"
-#include "prnetdb.h"
-#include "nss.h"
-#include "ssl.h"
-#include "sslproto.h"
-#include "pk11func.h"
-#include "plgetopt.h"
-
-#define PRINTF if (verbose) printf
-#define FPRINTF if (verbose) fprintf
-
-#define MAX_WAIT_FOR_SERVER 600
-#define WAIT_INTERVAL 100
-
-int ssl2CipherSuites[] = {
- SSL_EN_RC4_128_WITH_MD5, /* A */
- SSL_EN_RC4_128_EXPORT40_WITH_MD5, /* B */
- SSL_EN_RC2_128_CBC_WITH_MD5, /* C */
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, /* D */
- SSL_EN_DES_64_CBC_WITH_MD5, /* E */
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* F */
- 0
-};
-
-int ssl3CipherSuites[] = {
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* a */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, /* b */
- SSL_RSA_WITH_RC4_128_MD5, /* c */
- SSL_RSA_WITH_3DES_EDE_CBC_SHA, /* d */
- SSL_RSA_WITH_DES_CBC_SHA, /* e */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5, /* f */
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, /* g */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA, /* h */
- SSL_RSA_WITH_NULL_MD5, /* i */
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, /* j */
- SSL_RSA_FIPS_WITH_DES_CBC_SHA, /* k */
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, /* l */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, /* m */
- SSL_RSA_WITH_RC4_128_SHA, /* n */
- TLS_DHE_DSS_WITH_RC4_128_SHA, /* o */
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, /* p */
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, /* q */
- SSL_DHE_RSA_WITH_DES_CBC_SHA, /* r */
- SSL_DHE_DSS_WITH_DES_CBC_SHA, /* s */
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA, /* t */
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA, /* u */
- TLS_RSA_WITH_AES_128_CBC_SHA, /* v */
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA, /* w */
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA, /* x */
- TLS_RSA_WITH_AES_256_CBC_SHA, /* y */
- 0
-};
-
-unsigned long __cmp_umuls;
-PRBool verbose;
-
-static char *progName;
-
-/* This exists only for the automated test suite. It allows us to
- * pass in a password on the command line.
- */
-
-char *password = NULL;
-
-char * ownPasswd( PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- char *passwd = NULL;
- if ( (!retry) && arg ) {
- passwd = PL_strdup((char *)arg);
- }
- return passwd;
-}
-
-void printSecurityInfo(PRFileDesc *fd)
-{
- CERTCertificate * cert;
- SSL3Statistics * ssl3stats = SSL_GetStatistics();
- SECStatus result;
- SSLChannelInfo channel;
- SSLCipherSuiteInfo suite;
-
- result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
- if (result == SECSuccess &&
- channel.length == sizeof channel &&
- channel.cipherSuite) {
- result = SSL_GetCipherSuiteInfo(channel.cipherSuite,
- &suite, sizeof suite);
- if (result == SECSuccess) {
- FPRINTF(stderr,
- "tstclnt: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n",
- channel.protocolVersion >> 8, channel.protocolVersion & 0xff,
- suite.effectiveKeyBits, suite.symCipherName,
- suite.macBits, suite.macAlgorithmName);
- FPRINTF(stderr,
- "tstclnt: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n",
- channel.authKeyBits, suite.authAlgorithmName,
- channel.keaKeyBits, suite.keaTypeName);
- }
- }
- cert = SSL_RevealCert(fd);
- if (cert) {
- char * ip = CERT_NameToAscii(&cert->issuer);
- char * sp = CERT_NameToAscii(&cert->subject);
- if (sp) {
- fprintf(stderr, "subject DN: %s\n", sp);
- PR_Free(sp);
- }
- if (ip) {
- fprintf(stderr, "issuer DN: %s\n", ip);
- PR_Free(ip);
- }
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
- fprintf(stderr,
- "%ld cache hits; %ld cache misses, %ld cache not reusable\n",
- ssl3stats->hsh_sid_cache_hits, ssl3stats->hsh_sid_cache_misses,
- ssl3stats->hsh_sid_cache_not_ok);
-
-}
-
-void
-handshakeCallback(PRFileDesc *fd, void *client_data)
-{
- printSecurityInfo(fd);
-}
-
-static void Usage(const char *progName)
-{
- printf(
-"Usage: %s -h host [-p port] [-d certdir] [-n nickname] [-23Tovx] \n"
-" [-c ciphers] [-w passwd] [-q]\n", progName);
- printf("%-20s Hostname to connect with\n", "-h host");
- printf("%-20s Port number for SSL server\n", "-p port");
- printf("%-20s Directory with cert database (default is ~/.netscape)\n",
- "-d certdir");
- printf("%-20s Nickname of key and cert for client auth\n", "-n nickname");
- printf("%-20s Disable SSL v2.\n", "-2");
- printf("%-20s Disable SSL v3.\n", "-3");
- printf("%-20s Disable TLS (SSL v3.1).\n", "-T");
- printf("%-20s Override bad server cert. Make it OK.\n", "-o");
- printf("%-20s Verbose progress reporting.\n", "-v");
- printf("%-20s Use export policy.\n", "-x");
- printf("%-20s Ping the server and then exit.\n", "-q");
- printf("%-20s Letter(s) chosen from the following list\n", "-c ciphers");
- printf(
-"A SSL2 RC4 128 WITH MD5\n"
-"B SSL2 RC4 128 EXPORT40 WITH MD5\n"
-"C SSL2 RC2 128 CBC WITH MD5\n"
-"D SSL2 RC2 128 CBC EXPORT40 WITH MD5\n"
-"E SSL2 DES 64 CBC WITH MD5\n"
-"F SSL2 DES 192 EDE3 CBC WITH MD5\n"
-"\n"
-"a SSL3 FORTEZZA DMS WITH FORTEZZA CBC SHA\n"
-"b SSL3 FORTEZZA DMS WITH RC4 128 SHA\n"
-"c SSL3 RSA WITH RC4 128 MD5\n"
-"d SSL3 RSA WITH 3DES EDE CBC SHA\n"
-"e SSL3 RSA WITH DES CBC SHA\n"
-"f SSL3 RSA EXPORT WITH RC4 40 MD5\n"
-"g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5\n"
-"h SSL3 FORTEZZA DMS WITH NULL SHA\n"
-"i SSL3 RSA WITH NULL MD5\n"
-"j SSL3 RSA FIPS WITH 3DES EDE CBC SHA\n"
-"k SSL3 RSA FIPS WITH DES CBC SHA\n"
-"l SSL3 RSA EXPORT WITH DES CBC SHA\t(new)\n"
-"m SSL3 RSA EXPORT WITH RC4 56 SHA\t(new)\n"
-"n SSL3 RSA WITH RC4 128 SHA\n"
-"o TLS DHE DSS WITH RC4 128 SHA\n"
-"p SSL3 DHE RSA WITH 3DES EDE CBC SHA\n"
-"q SSL3 DHE DSS WITH 3DES EDE CBC SHA\n"
-"r SSL3 DHE RSA WITH DES CBC SHA\n"
-"s SSL3 DHE DSS WITH DES CBC SHA\n"
-"t TLS_DHE_DSS_WITH_AES_128_CBC_SHA\n"
-"u TLS_DHE_RSA_WITH_AES_128_CBC_SHA\n"
-"v TLS_RSA_WITH_AES_128_CBC_SHA\n"
-"w TLS_DHE_DSS_WITH_AES_256_CBC_SHA\n"
-"x TLS_DHE_RSA_WITH_AES_256_CBC_SHA\n"
-"y TLS_RSA_WITH_AES_256_CBC_SHA\n"
- );
- exit(1);
-}
-
-void
-milliPause(PRUint32 milli)
-{
- PRIntervalTime ticks = PR_MillisecondsToInterval(milli);
- PR_Sleep(ticks);
-}
-
-void
-disableAllSSLCiphers(void)
-{
- const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
- int i = SSL_NumImplementedCiphers;
- SECStatus rv;
-
- /* disable all the SSL3 cipher suites */
- while (--i >= 0) {
- PRUint16 suite = cipherSuites[i];
- rv = SSL_CipherPrefSetDefault(suite, PR_FALSE);
- if (rv != SECSuccess) {
- PRErrorCode err = PR_GetError();
- printf("SSL_CipherPrefSet didn't like value 0x%04x (i = %d): %s\n",
- suite, i, SECU_Strerror(err));
- exit(2);
- }
- }
-}
-
-/*
- * Callback is called when incoming certificate is not valid.
- * Returns SECSuccess to accept the cert anyway, SECFailure to reject.
- */
-static SECStatus
-ownBadCertHandler(void * arg, PRFileDesc * socket)
-{
- PRErrorCode err = PR_GetError();
- /* can log invalid cert here */
- printf("Bad server certificate: %d, %s\n", err, SECU_Strerror(err));
- return SECSuccess; /* override, say it's OK. */
-}
-
-int main(int argc, char **argv)
-{
- PRFileDesc * s;
- PRFileDesc * std_out;
- CERTCertDBHandle * handle;
- char * host = NULL;
- char * port = "443";
- char * certDir = NULL;
- char * nickname = NULL;
- char * cipherString = NULL;
- int multiplier = 0;
- SECStatus rv;
- PRStatus status;
- PRInt32 filesReady;
- PRInt32 ip;
- int npds;
- int override = 0;
- int disableSSL2 = 0;
- int disableSSL3 = 0;
- int disableTLS = 0;
- int useExportPolicy = 0;
- int file_read = 0;
- PRSocketOptionData opt;
- PRNetAddr addr;
- PRHostEnt hp;
- PRPollDesc pollset[2];
- char buf[PR_NETDB_BUF_SIZE];
- PRBool useCommandLinePassword = PR_FALSE;
- PRBool pingServerFirst = PR_FALSE;
- int error=0;
- PLOptState *optstate;
- PLOptStatus optstatus;
- PRStatus prStatus;
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- optstate = PL_CreateOptState(argc, argv, "23Tfc:h:p:d:m:n:oqvw:x");
- while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
- switch (optstate->option) {
- case '?':
- default : Usage(progName); break;
-
- case '2': disableSSL2 = 1; break;
-
- case '3': disableSSL3 = 1; break;
-
- case 'T': disableTLS = 1; break;
-
- case 'c': cipherString = strdup(optstate->value); break;
-
- case 'h': host = strdup(optstate->value); break;
-#ifdef _WINDOWS
- case 'f': file_read = 1; break;
-#else
- case 'f': break;
-#endif
-
- case 'd':
- certDir = strdup(optstate->value);
- certDir = SECU_ConfigDirectory(certDir);
- break;
-
- case 'm':
- multiplier = atoi(optstate->value);
- if (multiplier < 0)
- multiplier = 0;
- break;
-
- case 'n': nickname = strdup(optstate->value); break;
-
- case 'o': override = 1; break;
-
- case 'p': port = strdup(optstate->value); break;
-
- case 'q': pingServerFirst = PR_TRUE; break;
-
- case 'v': verbose++; break;
-
- case 'w':
- password = PORT_Strdup(optstate->value);
- useCommandLinePassword = PR_TRUE;
- break;
-
- case 'x': useExportPolicy = 1; break;
- }
- }
- if (optstatus == PL_OPT_BAD)
- Usage(progName);
-
- if (!host || !port) Usage(progName);
-
- if (!certDir) {
- certDir = SECU_DefaultSSLDir(); /* Look in $SSL_DIR */
- certDir = SECU_ConfigDirectory(certDir); /* call even if it's NULL */
- }
-
- PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
-
- /* set our password function */
- if ( useCommandLinePassword ) {
- PK11_SetPasswordFunc(ownPasswd);
- } else {
- PK11_SetPasswordFunc(SECU_GetModulePassword);
- }
-
- /* open the cert DB, the key DB, and the secmod DB. */
- rv = NSS_Init(certDir);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "unable to open cert database");
-#if 0
- rv = CERT_OpenVolatileCertDB(handle);
- CERT_SetDefaultCertDB(handle);
-#else
- return 1;
-#endif
- }
- handle = CERT_GetDefaultCertDB();
-
- /* set the policy bits true for all the cipher suites. */
- if (useExportPolicy)
- NSS_SetExportPolicy();
- else
- NSS_SetDomesticPolicy();
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- /* disable all the ciphers, then enable the ones we want. */
- disableAllSSLCiphers();
- }
-
- /* Lookup host */
- status = PR_GetHostByName(host, buf, sizeof(buf), &hp);
- if (status != PR_SUCCESS) {
- SECU_PrintError(progName, "error looking up host");
- return 1;
- }
- if (PR_EnumerateHostEnt(0, &hp, atoi(port), &addr) == -1) {
- SECU_PrintError(progName, "error looking up host address");
- return 1;
- }
-
- ip = PR_ntohl(addr.inet.ip);
- PRINTF("%s: connecting to %s:%d (address=%d.%d.%d.%d)\n",
- progName, host, PR_ntohs(addr.inet.port),
- (ip >> 24) & 0xff,
- (ip >> 16) & 0xff,
- (ip >> 8) & 0xff,
- (ip >> 0) & 0xff);
-
- if (pingServerFirst) {
- int iter = 0;
- PRErrorCode err;
- do {
- s = PR_NewTCPSocket();
- if (s == NULL) {
- SECU_PrintError(progName, "Failed to create a TCP socket");
- }
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- prStatus = PR_SetSocketOption(s, &opt);
- if (prStatus != PR_SUCCESS) {
- PR_Close(s);
- SECU_PrintError(progName,
- "Failed to set blocking socket option");
- return 1;
- }
- prStatus = PR_Connect(s, &addr, PR_INTERVAL_NO_TIMEOUT);
- if (prStatus == PR_SUCCESS) {
- PR_Shutdown(s, PR_SHUTDOWN_BOTH);
- PR_Close(s);
- NSS_Shutdown();
- PR_Cleanup();
- return 0;
- }
- err = PR_GetError();
- if ((err != PR_CONNECT_REFUSED_ERROR) &&
- (err != PR_CONNECT_RESET_ERROR)) {
- SECU_PrintError(progName, "TCP Connection failed");
- return 1;
- }
- PR_Close(s);
- PR_Sleep(PR_MillisecondsToInterval(WAIT_INTERVAL));
- } while (++iter < MAX_WAIT_FOR_SERVER);
- SECU_PrintError(progName,
- "Client timed out while waiting for connection to server");
- return 1;
- }
-
- /* Create socket */
- s = PR_NewTCPSocket();
- if (s == NULL) {
- SECU_PrintError(progName, "error creating socket");
- return 1;
- }
-
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_TRUE;
- PR_SetSocketOption(s, &opt);
- /*PR_SetSocketOption(PR_GetSpecialFD(PR_StandardInput), &opt);*/
-
- s = SSL_ImportFD(NULL, s);
- if (s == NULL) {
- SECU_PrintError(progName, "error importing socket");
- return 1;
- }
-
- rv = SSL_OptionSet(s, SSL_SECURITY, 1);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling socket");
- return 1;
- }
-
- rv = SSL_OptionSet(s, SSL_HANDSHAKE_AS_CLIENT, 1);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling client handshake");
- return 1;
- }
-
- /* all the SSL2 and SSL3 cipher suites are enabled by default. */
- if (cipherString) {
- int ndx;
-
- while (0 != (ndx = *cipherString++)) {
- int *cptr;
- int cipher;
-
- if (! isalpha(ndx))
- Usage(progName);
- cptr = islower(ndx) ? ssl3CipherSuites : ssl2CipherSuites;
- for (ndx &= 0x1f; (cipher = *cptr++) != 0 && --ndx > 0; )
- /* do nothing */;
- if (cipher) {
- SECStatus status;
- status = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED);
- if (status != SECSuccess)
- SECU_PrintError(progName, "SSL_CipherPrefSet()");
- }
- }
- }
-
- rv = SSL_OptionSet(s, SSL_ENABLE_SSL2, !disableSSL2);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling SSLv2 ");
- return 1;
- }
-
- rv = SSL_OptionSet(s, SSL_ENABLE_SSL3, !disableSSL3);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling SSLv3 ");
- return 1;
- }
-
- rv = SSL_OptionSet(s, SSL_ENABLE_TLS, !disableTLS);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error enabling TLS ");
- return 1;
- }
-
- /* disable ssl2 and ssl2-compatible client hellos. */
- rv = SSL_OptionSet(s, SSL_V2_COMPATIBLE_HELLO, !disableSSL2);
- if (rv != SECSuccess) {
- SECU_PrintError(progName, "error disabling v2 compatibility");
- return 1;
- }
-
- if (useCommandLinePassword) {
- SSL_SetPKCS11PinArg(s, password);
- }
-
- SSL_AuthCertificateHook(s, SSL_AuthCertificate, (void *)handle);
- if (override) {
- SSL_BadCertHook(s, ownBadCertHandler, NULL);
- }
- SSL_GetClientAuthDataHook(s, NSS_GetClientAuthData, (void *)nickname);
- SSL_HandshakeCallback(s, handshakeCallback, NULL);
- SSL_SetURL(s, host);
-
- /* Try to connect to the server */
- status = PR_Connect(s, &addr, PR_INTERVAL_NO_TIMEOUT);
- if (status != PR_SUCCESS) {
- if (PR_GetError() == PR_IN_PROGRESS_ERROR) {
- if (verbose)
- SECU_PrintError(progName, "connect");
- milliPause(50 * multiplier);
- pollset[0].in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT;
- pollset[0].out_flags = 0;
- pollset[0].fd = s;
- while(1) {
- PRINTF("%s: about to call PR_Poll for connect completion!\n", progName);
- filesReady = PR_Poll(pollset, 1, PR_INTERVAL_NO_TIMEOUT);
- if (filesReady < 0) {
- SECU_PrintError(progName, "unable to connect (poll)");
- return 1;
- }
- PRINTF("%s: PR_Poll returned 0x%02x for socket out_flags.\n",
- progName, pollset[0].out_flags);
- if (filesReady == 0) { /* shouldn't happen! */
- PRINTF("%s: PR_Poll returned zero!\n", progName);
- return 1;
- }
- /* Must milliPause between PR_Poll and PR_GetConnectStatus,
- * Or else winsock gets mighty confused.
- * Sleep(0);
- */
- milliPause(1);
- status = PR_GetConnectStatus(pollset);
- if (status == PR_SUCCESS) {
- break;
- }
- if (PR_GetError() != PR_IN_PROGRESS_ERROR) {
- SECU_PrintError(progName, "unable to connect (poll)");
- return 1;
- }
- SECU_PrintError(progName, "poll");
- milliPause(50 * multiplier);
- }
- } else {
- SECU_PrintError(progName, "unable to connect");
- return 1;
- }
- }
-
- pollset[0].fd = s;
- pollset[0].in_flags = PR_POLL_READ;
- pollset[1].fd = PR_GetSpecialFD(PR_StandardInput);
- pollset[1].in_flags = PR_POLL_READ;
- npds = 2;
- std_out = PR_GetSpecialFD(PR_StandardOutput);
-
-
- if (file_read) {
- pollset[1].out_flags = PR_POLL_READ;
- npds=1;
- }
-
- /*
- ** Select on stdin and on the socket. Write data from stdin to
- ** socket, read data from socket and write to stdout.
- */
- PRINTF("%s: ready...\n", progName);
-
- while (pollset[0].in_flags || pollset[1].in_flags) {
- char buf[4000]; /* buffer for stdin */
- int nb; /* num bytes read from stdin. */
-
- pollset[0].out_flags = 0;
- if (!file_read) {
- pollset[1].out_flags = 0;
- }
-
- PRINTF("%s: about to call PR_Poll !\n", progName);
- if (pollset[1].in_flags && file_read) {
- filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_WAIT);
- filesReady++;
- } else {
- filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_TIMEOUT);
- }
- if (filesReady < 0) {
- SECU_PrintError(progName, "select failed");
- error=1;
- goto done;
- }
- if (filesReady == 0) { /* shouldn't happen! */
- PRINTF("%s: PR_Poll returned zero!\n", progName);
- return 1;
- }
- PRINTF("%s: PR_Poll returned!\n", progName);
- if (pollset[1].in_flags) {
- PRINTF("%s: PR_Poll returned 0x%02x for stdin out_flags.\n",
- progName, pollset[1].out_flags);
-#ifndef _WINDOWS
- }
- if (pollset[1].out_flags & PR_POLL_READ) {
-#endif
- /* Read from stdin and write to socket */
- nb = PR_Read(pollset[1].fd, buf, sizeof(buf));
- PRINTF("%s: stdin read %d bytes\n", progName, nb);
- if (nb < 0) {
- if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
- SECU_PrintError(progName, "read from stdin failed");
- error=1;
- break;
- }
- } else if (nb == 0) {
- pollset[1].in_flags = 0;
- } else {
- char * bufp = buf;
- PRINTF("%s: Writing %d bytes to server\n", progName, nb);
- do {
- PRInt32 cc = PR_Write(s, bufp, nb);
- if (cc < 0) {
- PRErrorCode err = PR_GetError();
- if (err != PR_WOULD_BLOCK_ERROR) {
- SECU_PrintError(progName,
- "write to SSL socket failed");
- error=254;
- goto done;
- }
- cc = 0;
- }
- bufp += cc;
- nb -= cc;
- if (nb <= 0)
- break;
- pollset[0].in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT;
- pollset[0].out_flags = 0;
- PRINTF("%s: about to call PR_Poll on writable socket !\n", progName);
- cc = PR_Poll(pollset, 1, PR_INTERVAL_NO_TIMEOUT);
- PRINTF("%s: PR_Poll returned with writable socket !\n", progName);
- } while (1);
- pollset[0].in_flags = PR_POLL_READ;
- }
- }
-
- if (pollset[0].in_flags) {
- PRINTF("%s: PR_Poll returned 0x%02x for socket out_flags.\n",
- progName, pollset[0].out_flags);
- }
- if ( (pollset[0].out_flags & PR_POLL_READ)
- || (pollset[0].out_flags & PR_POLL_ERR)
-#ifdef PR_POLL_HUP
- || (pollset[0].out_flags & PR_POLL_HUP)
-#endif
- ) {
- /* Read from socket and write to stdout */
- nb = PR_Read(pollset[0].fd, buf, sizeof(buf));
- PRINTF("%s: Read from server %d bytes\n", progName, nb);
- if (nb < 0) {
- if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
- SECU_PrintError(progName, "read from socket failed");
- error=1;
- goto done;
- }
- } else if (nb == 0) {
- /* EOF from socket... bye bye */
- pollset[0].in_flags = 0;
- } else {
- PR_Write(std_out, buf, nb);
- puts("\n\n");
- }
- }
- milliPause(50 * multiplier);
- }
-
- done:
- PR_Close(s);
- NSS_Shutdown();
- PR_Cleanup();
- return error;
-}
diff --git a/security/nss/cmd/ttformat/Makefile b/security/nss/cmd/ttformat/Makefile
deleted file mode 100644
index f2a407990..000000000
--- a/security/nss/cmd/ttformat/Makefile
+++ /dev/null
@@ -1,74 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include ../platlibs.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-include ../platrules.mk
-
diff --git a/security/nss/cmd/ttformat/manifest.mn b/security/nss/cmd/ttformat/manifest.mn
deleted file mode 100644
index d743cfb1c..000000000
--- a/security/nss/cmd/ttformat/manifest.mn
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-DEFINES += -DNSPR20
-
-# MODULE public and private header directories are implicitly REQUIRED.
-MODULE = security
-
-CSRCS = ttformat.c
-
-# The MODULE is always implicitly required.
-# Listing it here in REQUIRES makes it appear twice in the cc command line.
-REQUIRES = seccmd dbm
-
-PROGRAM = ttformat
-
diff --git a/security/nss/cmd/ttformat/nClient b/security/nss/cmd/ttformat/nClient
deleted file mode 100755
index aab8402bd..000000000
--- a/security/nss/cmd/ttformat/nClient
+++ /dev/null
@@ -1,49 +0,0 @@
-# /bin/ksh
-#
-# nClient -- run the nss test strsclnt for performance testing
-#
-# syntax: nClient [options]
-#
-# where: options are:
-# any valid command line option for strsclnt
-# Note that some options are set by this script!
-#
-# Description:
-# nClient runs the nss test program "strsclnt" for purposes of
-# gathering performance data.
-#
-# some shell variables are set at the top of the script
-# you may have to change these, depending on the host you
-# are running on and other "stuff". caveat emptor.
-#
-# You will have to tinker with this script to get it to
-# run for you.
-#
-# See also: nServ
-#
-# --- begin nClient -------------------------------------------------------
-baseDir=/home/lorenzo/nss-raw/mozilla
-#
-# shell variables for running strsclnt
-#
-export HOST=`hostname -s`
-export DOMSUF=red.iplanet.com
-serverHost=dbldog
-nssDB=${baseDir}/tests_results/security/${HOST}.1/client
-nssHost=${HOST}.red.iplanet.com
-pushd ${baseDir}/security/nss/tests/common
-objDir=`gmake objdir_name`
-popd
-#
-#
-nssOptions="-p 12944 ${serverHost}.red.iplanet.com"
-export LD_LIBRARY_PATH=${baseDir}/dist/${objDir}/lib
-clientProg=${baseDir}/security/nss/cmd/strsclnt/${objDir}/strsclnt
-#
-# do the test
-#
-nssCommand="${clientProg} -d ${nssDB} ${nssOptions}"
-echo $nssCommand $*
-${nssCommand} $* &
-#
-# --- end nClient --------------------------------------------------------
diff --git a/security/nss/cmd/ttformat/nServ b/security/nss/cmd/ttformat/nServ
deleted file mode 100755
index ddf51b0e8..000000000
--- a/security/nss/cmd/ttformat/nServ
+++ /dev/null
@@ -1,49 +0,0 @@
-# /bin/ksh
-#
-# nServ -- run the nss test selfserv for performance testing
-#
-# syntax: nServ [options]
-#
-# where: options are:
-# Valid arguments to the selfserv program
-# Note that this script sets some options
-#
-# Description:
-# nServ runs the nss test program "selfserv" for purposes of
-# gathering performance data.
-#
-# some shell variables are set at the top of the script
-# you may have to change these, depending on the host you
-# are running on and other "stuff". caveat emptor.
-#
-# See also: nClinet
-#
-# --- begin nServ -------------------------------------------------------
-#
-baseDir=/home/lorenzo/nss-server/mozilla
-#
-# shell variables for running selfserv
-#
-export HOST=`hostname -s`
-export DOMSUF=red.iplanet.com
-nssDB=${baseDir}/tests_results/security/${HOST}.1/server
-nssHost=${HOST}.red.iplanet.com
-nssOptions="-p 12944 -w nss"
-pushd ${baseDir}/security/nss/tests/common
-objDir=`gmake objdir_name`
-popd
-export LD_LIBRARY_PATH=${baseDir}/dist/${objDir}/lib
-#
-# shell variables for capturing instrumentation data
-#
-export NSPR_LOG_MODULES=TestCase:6
-export NSPR_LOG_FILE=xxxLogfile
-#
-# do the test
-#
-nssCommand="${baseDir}/dist/${objDir}/bin/selfserv -d ${nssDB} -n ${nssHost} ${nssOptions}"
-echo $nssCommand
-${nssCommand} $* &
-# xxgdb ${baseDir}/dist/${objDir}/bin/selfserv
-#
-# --- end nServ -------------------------------------------------------
diff --git a/security/nss/cmd/ttformat/redux.pl b/security/nss/cmd/ttformat/redux.pl
deleted file mode 100755
index ccc13c24a..000000000
--- a/security/nss/cmd/ttformat/redux.pl
+++ /dev/null
@@ -1,77 +0,0 @@
-#
-# redux.pl -- general nss trace data extraction
-#
-# syntax: redux.pl
-#
-# redux.pl reads a file of formatted trace table records from stdin
-# The trace records are formatted by nssilock.c
-# redux.pl parses the lines and accumulates data in a hash
-# When finished with stdin, redux.pl traverses the hash and emits
-# the accumulated data.
-#
-# Operation:
-# read stdin, accumulate in a hash by file, line, type.
-# traverse the hash, reporting data.
-#
-# raw data format:
-# thredid op ltype callTime heldTime lock line file
-#
-# Notes:
-# After running redux.pl, sort the report on column 4 in decending sequence
-# to see where the lock contention is.
-#
-#
-# -----------------------------------------------------------------------
-use Getopt::Std;
-
-getopts("h") || die "redux.pl: unrecognized command option";
-
-
-# -----------------------------------------------------------------------
-# read stdin to exhaustion
-while ( <STDIN> ) {
- $recordCount++;
-# next if ($recordCount < 36000 ); # skip initialization records
- chomp;
- ($thredid, $op, $ltype, $callTime, $heldTime, $lock, $line, $file) = split;
-
-# select out un-interesting lines
-# next if (( $callTime < $opt_c ) && ( $heldTime < $opt_h ));
-# print $_, "\n";
-
-# count general stats
- $interesting++;
-
-# format the key
- $hashKey = $file ." ". $line ." ". $ltype;
-
-# Update the data in the hash entry
- $theData = $theHash{$hashKey}; # read it if it already exists
- ( $hCount, $hcallTime, $hheldTime, $hcallMax, $hheldMax ) = split(/\s+/, $theData );
- $hCount++;
- $hcallTime += $callTime;
- $hheldTime += $heldTime;
- $hcallMax = ( $hcallMax > $callTime )? $hcallMax : $callTime;
- $hheldMax = ( $hheldMax > $heldTime )? $hheldMax : $heldTime;
-
-# Write theData back to the hash
- $theData = $hCount." ".$hcallTime." ".$hheldTime." ".$hcallMax." ".$hheldMax;
- $theHash{$hashKey} = $theData;
-} # end while()
-
-# -----------------------------------------------------------------------
-# traverse theHash
- printf("%-16s %6s %-16s %8s %8s %8s %8s %8s\n",
- "File","line","ltype","hits","calltim","heldtim","callmax","heldmax" );
-while (($hashKey,$theData) = each(%theHash)) {
- $hashElements++;
- ($file, $line, $ltype) = split(/\s+/, $hashKey );
- ( $hCount, $hcallTime, $hheldTime, $hcallMax, $hheldMax ) = split(/\s+/, $theData );
- printf("%-16s %6d %-16s %8d %8d %8d %8d %8d\n",
- $file, $line, $ltype, $hCount, $hcallTime, $hheldTime, $hcallMax, $hheldMax );
-} # end while()
-
-# -----------------------------------------------------------------------
-# dump global statistics
-printf ("Record count: %d\n", $recordCount );
-printf("Interesting: %d, HashElements: %d\n", $interesting, $hashElements);
diff --git a/security/nss/cmd/ttformat/reduxhwm.pl b/security/nss/cmd/ttformat/reduxhwm.pl
deleted file mode 100644
index f442ff4e4..000000000
--- a/security/nss/cmd/ttformat/reduxhwm.pl
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# reduxhwm.pl -- analyze highwatermark data in xxxLogfile
-#
-# example interesting line in xxxLogfile
-# 1026[8154da0]: selfserv: Launched thread in slot 37, highWaterMark: 63
-#
-#
-#
-while ( <STDIN> ) {
- chomp;
- ($proc, $who, $launched, $thread, $in, $slotx, $slot, $hwm, $highwatermark) = split;
- if ( $launched == "Launched" ) {
- next if ( $slot == 0 );
- $notInteresting++;
- if ( $hwmMax < $highwatermark ){
- $hwmMax = $highwatermark;
- }
- $hwmArray[$slot] += 1;
- $interesting++;
- }
-} # end while()
-
-printf ("Interesteing: %d\n", $interesting );
-printf ("Not Interesting: %d\n", $notInteresting - $interesting );
-
-foreach $element (@hwmArray) {
- $percent = 100*($element / $interesting);
- $percentTotal += $percent;
- printf("Slot %2d: %d hits, %2.2f percent, %2.2f total percent\n", $i, $element, $percent, $percentTotal );
- $i++;
-}
-printf("Sum of percentages: %3.2f\n", $percentTotal );
-# --- end ---
diff --git a/security/nss/cmd/ttformat/ttformat.c b/security/nss/cmd/ttformat/ttformat.c
deleted file mode 100644
index 7fcf04f86..000000000
--- a/security/nss/cmd/ttformat/ttformat.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape Portable Runtime (NSPR).
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** File: ttformat.c
-** Description: ttformat.c reads the file "xxxTTLog". xxxTTLog
-** contains fixed length binary data written by nssilock.
-** ttformat formats the data to a human readable form (printf)
-** usable for visual scanning and for processing via a perl script.
-** Output is written to stdout
-**
-*/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <nssilock.h>
-
-/*
-** struct maps enum nssILockType to character representation
-*/
-struct {
- nssILockType ltype;
- char *name;
-} ltypeNameT[] = {
- { nssILockArena, "Arena" },
- { nssILockSession, "Session" },
- { nssILockObject, "Object" },
- { nssILockRefLock, "RefLock" },
- { nssILockCert, "Cert", },
- { nssILockCertDB, "CertDB" },
- { nssILockDBM, "DBM" },
- { nssILockCache, "Cache" },
- { nssILockSSL, "SSL" },
- { nssILockList, "List" },
- { nssILockSlot, "Slot" },
- { nssILockFreelist, "Freelist" },
- { nssILockOID, "OID" },
- { nssILockAttribute, "Attribute" },
- { nssILockPK11cxt, "PK11Context" },
- { nssILockRWLock, "RWLock" },
- { nssILockOther, "Other" },
- { nssILockSelfServ, "SelfServ" }
-}; /* end ltypeNameT */
-
-/*
-** struct maps enum nssILockOp to character representation
-*/
-struct {
- nssILockOp op;
- char *name;
-} opNameT[] = {
- { FlushTT, "FlushTT" },
- { NewLock, "NewLock" },
- { Lock, "Lock" },
- { Unlock, "Unlock" },
- { DestroyLock, "DestroyLock" },
- { NewCondVar, "NewCondVar" },
- { WaitCondVar, "WaitCondVar" },
- { NotifyCondVar, "NotifyCondVar" },
- { NotifyAllCondVar, "NotifyAllCondVar" },
- { DestroyCondVar, "DestroyCondVar" },
- { NewMonitor, "NewMonitor" },
- { EnterMonitor, "EnterMonitor" },
- { ExitMonitor, "ExitMonitor" },
- { Notify, "Notify" },
- { NotifyAll, "NotifyAll" },
- { Wait, "Wait" },
- { DestroyMonitor, "DestroyMonitor" }
-}; /* end opNameT */
-
-
-int main(int argc, char *argv[])
-{
- FILE *filea;
- struct pzTrace_s inBuf;
- char *opName;
- char *ltypeName;
- int rCount = 0;
- int oCount = 0;
-
- filea = fopen( "xxxTTLog", "r" );
- if ( NULL == filea ) {
- fprintf( stderr, "ttformat: Oh drat! Can't open 'xxxTTLog'\n" );
- exit(1);
- }
-
- while(1 == (fread( &inBuf, sizeof(inBuf), 1 , filea ))) {
- ++rCount;
- if ( inBuf.op > DestroyMonitor ) continue;
- if ( inBuf.op < FlushTT ) continue;
-
- opName = opNameT[inBuf.op].name;
- ltypeName = ltypeNameT[inBuf.ltype].name;
-
- ++oCount;
- printf("%8d %18s %18s %6d %6d %12p %6d %20s\n",
- inBuf.threadID, opName, ltypeName, inBuf.callTime, inBuf.heldTime,
- inBuf.lock, inBuf.line, inBuf.file );
- } /* end while() */
-
- fprintf( stderr, "Read: %d, Wrote: %d\n", rCount, oCount );
- return 0;
-} /* main() */
-/* end ttformat.c */
diff --git a/security/nss/cmd/zlib/Makefile b/security/nss/cmd/zlib/Makefile
deleted file mode 100644
index fa46e6763..000000000
--- a/security/nss/cmd/zlib/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/cmd/zlib/README b/security/nss/cmd/zlib/README
deleted file mode 100644
index 28adc90b2..000000000
--- a/security/nss/cmd/zlib/README
+++ /dev/null
@@ -1,99 +0,0 @@
-zlib 1.0.4 is a general purpose data compression library. All the code
-is reentrant (thread safe). The data format used by the zlib library
-is described by RFCs (Request for Comments) 1950 to 1952 in the files
-ftp://ds.internic.net/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate
-format) and rfc1952.txt (gzip format). These documents are also available in
-other formats from ftp://ftp.uu.net/graphics/png/documents/zlib/zdoc-index.html
-
-All functions of the compression library are documented in the file
-zlib.h. A usage example of the library is given in the file example.c
-which also tests that the library is working correctly. Another
-example is given in the file minigzip.c. The compression library itself
-is composed of all source files except example.c and minigzip.c.
-
-To compile all files and run the test program, follow the instructions
-given at the top of Makefile. In short "make test; make install"
-should work for most machines. For MSDOS, use one of the special
-makefiles such as Makefile.msc; for VMS, use Make_vms.com or descrip.mms.
-
-Questions about zlib should be sent to <zlib@quest.jpl.nasa.gov> or,
-if this fails, to the addresses given below in the Copyright section.
-The zlib home page is http://quest.jpl.nasa.gov/zlib/
-
-The changes made in version 1.0.4 are documented in the file ChangeLog.
-The main changes since 1.0.3 are:
-
-- In very rare conditions, deflate(s, Z_FINISH) could fail to produce an EOF
- bit, so the decompressor could decompress all the correct data but went
- on to attempt decompressing extra garbage data. This affected minigzip too.
-- zlibVersion and gzerror return const char* (needed for DLL)
-- port to RISCOS (no fdopen, no multiple dots, no unlink, no fileno)
-
-
-A Perl interface to zlib written by Paul Marquess <pmarquess@bfsec.bt.co.uk>
-is in the CPAN (Comprehensive Perl Archive Network) sites, such as:
-ftp://ftp.cis.ufl.edu/pub/perl/CPAN/modules/by-module/Compress/Compress-Zlib*
-
-
-Notes for some targets:
-
-- For Turbo C the small model is supported only with reduced performance to
- avoid any far allocation; it was tested with -DMAX_WBITS=11 -DMAX_MEM_LEVEL=3
-
-- For 64-bit Iris, deflate.c must be compiled without any optimization.
- With -O, one libpng test fails. The test works in 32 bit mode (with
- the -32 compiler flag). The compiler bug has been reported to SGI.
-
-- zlib doesn't work with gcc 2.6.3 on a DEC 3000/300LX under OSF/1 2.1
- it works when compiled with cc.
-
-- zlib doesn't work on HP-UX 9.05 with one cc compiler (the one not
- accepting the -O option). It works with the other cc compiler.
-
-- To build a Windows DLL version, include in a DLL project zlib.def, zlib.rc
- and all .c files except example.c and minigzip.c; compile with -DZLIB_DLL
- For help on building a zlib DLL, contact Alessandro Iacopetti
- <iaco@email.alessandria.alpcom.it> http://lisa.unial.it/iaco ,
- or contact Brad Clarke <bclarke@cyberus.ca>.
-
-- gzdopen is not supported on RISCOS
-
-
-Acknowledgments:
-
- The deflate format used by zlib was defined by Phil Katz. The deflate
- and zlib specifications were written by Peter Deutsch. Thanks to all the
- people who reported problems and suggested various improvements in zlib;
- they are too numerous to cite here.
-
-Copyright notice:
-
- (C) 1995-1996 Jean-loup Gailly and Mark Adler
-
- This software is provided 'as-is', without any express or implied
- warranty. In no event will the authors be held liable for any damages
- arising from the use of this software.
-
- Permission is granted to anyone to use this software for any purpose,
- including commercial applications, and to alter it and redistribute it
- freely, subject to the following restrictions:
-
- 1. The origin of this software must not be misrepresented; you must not
- claim that you wrote the original software. If you use this software
- in a product, an acknowledgment in the product documentation would be
- appreciated but is not required.
- 2. Altered source versions must be plainly marked as such, and must not be
- misrepresented as being the original software.
- 3. This notice may not be removed or altered from any source distribution.
-
- Jean-loup Gailly Mark Adler
- gzip@prep.ai.mit.edu madler@alumni.caltech.edu
-
-If you use the zlib library in a product, we would appreciate *not*
-receiving lengthy legal documents to sign. The sources are provided
-for free but without warranty of any kind. The library has been
-entirely written by Jean-loup Gailly and Mark Adler; it does not
-include third-party code.
-
-If you redistribute modified sources, we would appreciate that you include
-in the file ChangeLog history information documenting your changes.
diff --git a/security/nss/cmd/zlib/adler32.c b/security/nss/cmd/zlib/adler32.c
deleted file mode 100644
index 9f4afd63c..000000000
--- a/security/nss/cmd/zlib/adler32.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/* adler32.c -- compute the Adler-32 checksum of a data stream
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-#define BASE 65521L /* largest prime smaller than 65536 */
-#define NMAX 5552
-/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
-
-#define DO1(buf,i) {s1 += buf[i]; s2 += s1;}
-#define DO2(buf,i) DO1(buf,i); DO1(buf,i+1);
-#define DO4(buf,i) DO2(buf,i); DO2(buf,i+2);
-#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
-#define DO16(buf) DO8(buf,0); DO8(buf,8);
-
-/* ========================================================================= */
-PR_PUBLIC_API(uLong) adler32(adler, buf, len)
- uLong adler;
- const Bytef *buf;
- uInt len;
-{
- unsigned long s1 = adler & 0xffff;
- unsigned long s2 = (adler >> 16) & 0xffff;
- int k;
-
- if (buf == Z_NULL) return 1L;
-
- while (len > 0) {
- k = len < NMAX ? len : NMAX;
- len -= k;
- while (k >= 16) {
- DO16(buf);
- buf += 16;
- k -= 16;
- }
- if (k != 0) do {
- s1 += *buf++;
- s2 += s1;
- } while (--k);
- s1 %= BASE;
- s2 %= BASE;
- }
- return (s2 << 16) | s1;
-}
diff --git a/security/nss/cmd/zlib/compress.c b/security/nss/cmd/zlib/compress.c
deleted file mode 100644
index 3e1cc7c09..000000000
--- a/security/nss/cmd/zlib/compress.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/* compress.c -- compress a memory buffer
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-/* ===========================================================================
- Compresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be at least 0.1% larger than
- sourceLen plus 8 bytes. Upon exit, destLen is the actual size of the
- compressed buffer.
- This function can be used to compress a whole file at once if the
- input file is mmap'ed.
- compress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer.
-*/
-PR_PUBLIC_API(int) compress (dest, destLen, source, sourceLen)
- Bytef *dest;
- uLongf *destLen;
- const Bytef *source;
- uLong sourceLen;
-{
- z_stream stream;
- int err;
-
- stream.next_in = (Bytef*)source;
- stream.avail_in = (uInt)sourceLen;
-#ifdef MAXSEG_64K
- /* Check for source > 64K on 16-bit machine: */
- if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
-#endif
- stream.next_out = dest;
- stream.avail_out = (uInt)*destLen;
- if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
-
- stream.zalloc = (alloc_func)0;
- stream.zfree = (free_func)0;
- stream.opaque = (voidpf)0;
-
- err = deflateInit(&stream, Z_DEFAULT_COMPRESSION);
- if (err != Z_OK) return err;
-
- err = deflate(&stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- deflateEnd(&stream);
- return err == Z_OK ? Z_BUF_ERROR : err;
- }
- *destLen = stream.total_out;
-
- err = deflateEnd(&stream);
- return err;
-}
diff --git a/security/nss/cmd/zlib/config.mk b/security/nss/cmd/zlib/config.mk
deleted file mode 100644
index 090b93d70..000000000
--- a/security/nss/cmd/zlib/config.mk
+++ /dev/null
@@ -1,67 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Currently, override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-SECTOOLS_LIBS = $(LDOPTS) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBSECMOD) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBSECMOD) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBHASH) $(LIBDBM) $(DLLPLC) $(DLLPLDS) $(DLLPR) $(DLLSYSTEM)
-
-ifeq ($(OS_ARCH),AIX)
- OS_LIBS += $(SECTOOLS_LIBS)
-endif
-
-ifeq ($(OS_ARCH),NCR)
- OS_LIBS += $(SECTOOLS_LIBS)
-endif
-
-ifeq ($(OS_ARCH),SCO_SV)
- OS_LIBS += $(SECTOOLS_LIBS)
-endif
-
-LDFLAGS += $(SECTOOLS_LIBS)
-
-
-
-
diff --git a/security/nss/cmd/zlib/crc32.c b/security/nss/cmd/zlib/crc32.c
deleted file mode 100644
index 398871cf8..000000000
--- a/security/nss/cmd/zlib/crc32.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/* crc32.c -- compute the CRC-32 of a data stream
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-#define local static
-
-#ifdef DYNAMIC_CRC_TABLE
-
-local int crc_table_empty = 1;
-local uLongf crc_table[256];
-local void make_crc_table OF((void));
-
-/*
- Generate a table for a byte-wise 32-bit CRC calculation on the polynomial:
- x^32+x^26+x^23+x^22+x^16+x^12+x^11+x^10+x^8+x^7+x^5+x^4+x^2+x+1.
-
- Polynomials over GF(2) are represented in binary, one bit per coefficient,
- with the lowest powers in the most significant bit. Then adding polynomials
- is just exclusive-or, and multiplying a polynomial by x is a right shift by
- one. If we call the above polynomial p, and represent a byte as the
- polynomial q, also with the lowest power in the most significant bit (so the
- byte 0xb1 is the polynomial x^7+x^3+x+1), then the CRC is (q*x^32) mod p,
- where a mod b means the remainder after dividing a by b.
-
- This calculation is done using the shift-register method of multiplying and
- taking the remainder. The register is initialized to zero, and for each
- incoming bit, x^32 is added mod p to the register if the bit is a one (where
- x^32 mod p is p+x^32 = x^26+...+1), and the register is multiplied mod p by
- x (which is shifting right by one and adding x^32 mod p if the bit shifted
- out is a one). We start with the highest power (least significant bit) of
- q and repeat for all eight bits of q.
-
- The table is simply the CRC of all possible eight bit values. This is all
- the information needed to generate CRC's on data a byte at a time for all
- combinations of CRC register values and incoming bytes.
-*/
-local void make_crc_table()
-{
- uLong c;
- int n, k;
- uLong poly; /* polynomial exclusive-or pattern */
- /* terms of polynomial defining this crc (except x^32): */
- static Byte p[] = {0,1,2,4,5,7,8,10,11,12,16,22,23,26};
-
- /* make exclusive-or pattern from polynomial (0xedb88320L) */
- poly = 0L;
- for (n = 0; n < sizeof(p)/sizeof(Byte); n++)
- poly |= 1L << (31 - p[n]);
-
- for (n = 0; n < 256; n++)
- {
- c = (uLong)n;
- for (k = 0; k < 8; k++)
- c = c & 1 ? poly ^ (c >> 1) : c >> 1;
- crc_table[n] = c;
- }
- crc_table_empty = 0;
-}
-#else
-/* ========================================================================
- * Table of CRC-32's of all single-byte values (made by make_crc_table)
- */
-local uLongf crc_table[256] = {
- 0x00000000UL, 0x77073096UL, 0xee0e612cUL, 0x990951baUL, 0x076dc419UL,
- 0x706af48fUL, 0xe963a535UL, 0x9e6495a3UL, 0x0edb8832UL, 0x79dcb8a4UL,
- 0xe0d5e91eUL, 0x97d2d988UL, 0x09b64c2bUL, 0x7eb17cbdUL, 0xe7b82d07UL,
- 0x90bf1d91UL, 0x1db71064UL, 0x6ab020f2UL, 0xf3b97148UL, 0x84be41deUL,
- 0x1adad47dUL, 0x6ddde4ebUL, 0xf4d4b551UL, 0x83d385c7UL, 0x136c9856UL,
- 0x646ba8c0UL, 0xfd62f97aUL, 0x8a65c9ecUL, 0x14015c4fUL, 0x63066cd9UL,
- 0xfa0f3d63UL, 0x8d080df5UL, 0x3b6e20c8UL, 0x4c69105eUL, 0xd56041e4UL,
- 0xa2677172UL, 0x3c03e4d1UL, 0x4b04d447UL, 0xd20d85fdUL, 0xa50ab56bUL,
- 0x35b5a8faUL, 0x42b2986cUL, 0xdbbbc9d6UL, 0xacbcf940UL, 0x32d86ce3UL,
- 0x45df5c75UL, 0xdcd60dcfUL, 0xabd13d59UL, 0x26d930acUL, 0x51de003aUL,
- 0xc8d75180UL, 0xbfd06116UL, 0x21b4f4b5UL, 0x56b3c423UL, 0xcfba9599UL,
- 0xb8bda50fUL, 0x2802b89eUL, 0x5f058808UL, 0xc60cd9b2UL, 0xb10be924UL,
- 0x2f6f7c87UL, 0x58684c11UL, 0xc1611dabUL, 0xb6662d3dUL, 0x76dc4190UL,
- 0x01db7106UL, 0x98d220bcUL, 0xefd5102aUL, 0x71b18589UL, 0x06b6b51fUL,
- 0x9fbfe4a5UL, 0xe8b8d433UL, 0x7807c9a2UL, 0x0f00f934UL, 0x9609a88eUL,
- 0xe10e9818UL, 0x7f6a0dbbUL, 0x086d3d2dUL, 0x91646c97UL, 0xe6635c01UL,
- 0x6b6b51f4UL, 0x1c6c6162UL, 0x856530d8UL, 0xf262004eUL, 0x6c0695edUL,
- 0x1b01a57bUL, 0x8208f4c1UL, 0xf50fc457UL, 0x65b0d9c6UL, 0x12b7e950UL,
- 0x8bbeb8eaUL, 0xfcb9887cUL, 0x62dd1ddfUL, 0x15da2d49UL, 0x8cd37cf3UL,
- 0xfbd44c65UL, 0x4db26158UL, 0x3ab551ceUL, 0xa3bc0074UL, 0xd4bb30e2UL,
- 0x4adfa541UL, 0x3dd895d7UL, 0xa4d1c46dUL, 0xd3d6f4fbUL, 0x4369e96aUL,
- 0x346ed9fcUL, 0xad678846UL, 0xda60b8d0UL, 0x44042d73UL, 0x33031de5UL,
- 0xaa0a4c5fUL, 0xdd0d7cc9UL, 0x5005713cUL, 0x270241aaUL, 0xbe0b1010UL,
- 0xc90c2086UL, 0x5768b525UL, 0x206f85b3UL, 0xb966d409UL, 0xce61e49fUL,
- 0x5edef90eUL, 0x29d9c998UL, 0xb0d09822UL, 0xc7d7a8b4UL, 0x59b33d17UL,
- 0x2eb40d81UL, 0xb7bd5c3bUL, 0xc0ba6cadUL, 0xedb88320UL, 0x9abfb3b6UL,
- 0x03b6e20cUL, 0x74b1d29aUL, 0xead54739UL, 0x9dd277afUL, 0x04db2615UL,
- 0x73dc1683UL, 0xe3630b12UL, 0x94643b84UL, 0x0d6d6a3eUL, 0x7a6a5aa8UL,
- 0xe40ecf0bUL, 0x9309ff9dUL, 0x0a00ae27UL, 0x7d079eb1UL, 0xf00f9344UL,
- 0x8708a3d2UL, 0x1e01f268UL, 0x6906c2feUL, 0xf762575dUL, 0x806567cbUL,
- 0x196c3671UL, 0x6e6b06e7UL, 0xfed41b76UL, 0x89d32be0UL, 0x10da7a5aUL,
- 0x67dd4accUL, 0xf9b9df6fUL, 0x8ebeeff9UL, 0x17b7be43UL, 0x60b08ed5UL,
- 0xd6d6a3e8UL, 0xa1d1937eUL, 0x38d8c2c4UL, 0x4fdff252UL, 0xd1bb67f1UL,
- 0xa6bc5767UL, 0x3fb506ddUL, 0x48b2364bUL, 0xd80d2bdaUL, 0xaf0a1b4cUL,
- 0x36034af6UL, 0x41047a60UL, 0xdf60efc3UL, 0xa867df55UL, 0x316e8eefUL,
- 0x4669be79UL, 0xcb61b38cUL, 0xbc66831aUL, 0x256fd2a0UL, 0x5268e236UL,
- 0xcc0c7795UL, 0xbb0b4703UL, 0x220216b9UL, 0x5505262fUL, 0xc5ba3bbeUL,
- 0xb2bd0b28UL, 0x2bb45a92UL, 0x5cb36a04UL, 0xc2d7ffa7UL, 0xb5d0cf31UL,
- 0x2cd99e8bUL, 0x5bdeae1dUL, 0x9b64c2b0UL, 0xec63f226UL, 0x756aa39cUL,
- 0x026d930aUL, 0x9c0906a9UL, 0xeb0e363fUL, 0x72076785UL, 0x05005713UL,
- 0x95bf4a82UL, 0xe2b87a14UL, 0x7bb12baeUL, 0x0cb61b38UL, 0x92d28e9bUL,
- 0xe5d5be0dUL, 0x7cdcefb7UL, 0x0bdbdf21UL, 0x86d3d2d4UL, 0xf1d4e242UL,
- 0x68ddb3f8UL, 0x1fda836eUL, 0x81be16cdUL, 0xf6b9265bUL, 0x6fb077e1UL,
- 0x18b74777UL, 0x88085ae6UL, 0xff0f6a70UL, 0x66063bcaUL, 0x11010b5cUL,
- 0x8f659effUL, 0xf862ae69UL, 0x616bffd3UL, 0x166ccf45UL, 0xa00ae278UL,
- 0xd70dd2eeUL, 0x4e048354UL, 0x3903b3c2UL, 0xa7672661UL, 0xd06016f7UL,
- 0x4969474dUL, 0x3e6e77dbUL, 0xaed16a4aUL, 0xd9d65adcUL, 0x40df0b66UL,
- 0x37d83bf0UL, 0xa9bcae53UL, 0xdebb9ec5UL, 0x47b2cf7fUL, 0x30b5ffe9UL,
- 0xbdbdf21cUL, 0xcabac28aUL, 0x53b39330UL, 0x24b4a3a6UL, 0xbad03605UL,
- 0xcdd70693UL, 0x54de5729UL, 0x23d967bfUL, 0xb3667a2eUL, 0xc4614ab8UL,
- 0x5d681b02UL, 0x2a6f2b94UL, 0xb40bbe37UL, 0xc30c8ea1UL, 0x5a05df1bUL,
- 0x2d02ef8dL
-};
-#endif
-
-/* =========================================================================
- * This function can be used by asm versions of crc32()
- */
-uLongf *get_crc_table()
-{
-#ifdef DYNAMIC_CRC_TABLE
- if (crc_table_empty) make_crc_table();
-#endif
- return (uLongf *)crc_table;
-}
-
-/* ========================================================================= */
-#define DO1(buf) crc = crc_table[((int)crc ^ (*buf++)) & 0xff] ^ (crc >> 8);
-#define DO2(buf) DO1(buf); DO1(buf);
-#define DO4(buf) DO2(buf); DO2(buf);
-#define DO8(buf) DO4(buf); DO4(buf);
-
-/* ========================================================================= */
-PR_PUBLIC_API(uLong) crc32(crc, buf, len)
- uLong crc;
- const Bytef *buf;
- uInt len;
-{
- if (buf == Z_NULL) return 0L;
-#ifdef DYNAMIC_CRC_TABLE
- if (crc_table_empty)
- make_crc_table();
-#endif
- crc = crc ^ 0xffffffffUL;
- while (len >= 8)
- {
- DO8(buf);
- len -= 8;
- }
- if (len) do {
- DO1(buf);
- } while (--len);
- return crc ^ 0xffffffffUL;
-}
diff --git a/security/nss/cmd/zlib/deflate.c b/security/nss/cmd/zlib/deflate.c
deleted file mode 100644
index f748ce156..000000000
--- a/security/nss/cmd/zlib/deflate.c
+++ /dev/null
@@ -1,1209 +0,0 @@
-/* deflate.c -- compress data using the deflation algorithm
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/*
- * ALGORITHM
- *
- * The "deflation" process depends on being able to identify portions
- * of the input text which are identical to earlier input (within a
- * sliding window trailing behind the input currently being processed).
- *
- * The most straightforward technique turns out to be the fastest for
- * most input files: try all possible matches and select the longest.
- * The key feature of this algorithm is that insertions into the string
- * dictionary are very simple and thus fast, and deletions are avoided
- * completely. Insertions are performed at each input character, whereas
- * string matches are performed only when the previous match ends. So it
- * is preferable to spend more time in matches to allow very fast string
- * insertions and avoid deletions. The matching algorithm for small
- * strings is inspired from that of Rabin & Karp. A brute force approach
- * is used to find longer strings when a small match has been found.
- * A similar algorithm is used in comic (by Jan-Mark Wams) and freeze
- * (by Leonid Broukhis).
- * A previous version of this file used a more sophisticated algorithm
- * (by Fiala and Greene) which is guaranteed to run in linear amortized
- * time, but has a larger average cost, uses more memory and is patented.
- * However the F&G algorithm may be faster for some highly redundant
- * files if the parameter max_chain_length (described below) is too large.
- *
- * ACKNOWLEDGEMENTS
- *
- * The idea of lazy evaluation of matches is due to Jan-Mark Wams, and
- * I found it in 'freeze' written by Leonid Broukhis.
- * Thanks to many people for bug reports and testing.
- *
- * REFERENCES
- *
- * Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
- * Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
- *
- * A description of the Rabin and Karp algorithm is given in the book
- * "Algorithms" by R. Sedgewick, Addison-Wesley, p252.
- *
- * Fiala,E.R., and Greene,D.H.
- * Data Compression with Finite Windows, Comm.ACM, 32,4 (1989) 490-595
- *
- */
-
-/* $Id$ */
-
-#include "deflate.h"
-
-char deflate_copyright[] = " deflate 1.0.4 Copyright 1995-1996 Jean-loup Gailly ";
-/*
- If you use the zlib library in a product, an acknowledgment is welcome
- in the documentation of your product. If for some reason you cannot
- include such an acknowledgment, I would appreciate that you keep this
- copyright string in the executable of your product.
- */
-
-/* ===========================================================================
- * Function prototypes.
- */
-typedef enum {
- need_more, /* block not completed, need more input or more output */
- block_done, /* block flush performed */
- finish_started, /* finish started, need only more output at next deflate */
- finish_done /* finish done, accept no more input or output */
-} block_state;
-
-typedef block_state (*compress_func) OF((deflate_state *s, int flush));
-/* Compression function. Returns the block state after the call. */
-
-local void fill_window OF((deflate_state *s));
-local block_state deflate_stored OF((deflate_state *s, int flush));
-local block_state deflate_fast OF((deflate_state *s, int flush));
-local block_state deflate_slow OF((deflate_state *s, int flush));
-local void lm_init OF((deflate_state *s));
-local uInt longest_match OF((deflate_state *s, IPos cur_match));
-local void putShortMSB OF((deflate_state *s, uInt b));
-local void flush_pending OF((z_streamp strm));
-local int read_buf OF((z_streamp strm, charf *buf, unsigned size));
-#ifdef ASMV
- void match_init OF((void)); /* asm code initialization */
-#endif
-
-#ifdef DEBUG_NEVER
-local void check_match OF((deflate_state *s, IPos start, IPos match,
- int length));
-#endif
-
-/* ===========================================================================
- * Local data
- */
-
-#define NIL 0
-/* Tail of hash chains */
-
-#ifndef TOO_FAR
-# define TOO_FAR 4096
-#endif
-/* Matches of length 3 are discarded if their distance exceeds TOO_FAR */
-
-#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-/* Minimum amount of lookahead, except at the end of the input file.
- * See deflate.c for comments about the MIN_MATCH+1.
- */
-
-/* Values for max_lazy_match, good_match and max_chain_length, depending on
- * the desired pack level (0..9). The values given below have been tuned to
- * exclude worst case performance for pathological files. Better values may be
- * found for specific files.
- */
-typedef struct config_s {
- ush good_length; /* reduce lazy search above this match length */
- ush max_lazy; /* do not perform lazy search above this match length */
- ush nice_length; /* quit search above this match length */
- ush max_chain;
- compress_func func;
-} config;
-
-local config configuration_table[10] = {
-/* good lazy nice chain */
-/* 0 */ {0, 0, 0, 0, deflate_stored}, /* store only */
-/* 1 */ {4, 4, 8, 4, deflate_fast}, /* maximum speed, no lazy matches */
-/* 2 */ {4, 5, 16, 8, deflate_fast},
-/* 3 */ {4, 6, 32, 32, deflate_fast},
-
-/* 4 */ {4, 4, 16, 16, deflate_slow}, /* lazy matches */
-/* 5 */ {8, 16, 32, 32, deflate_slow},
-/* 6 */ {8, 16, 128, 128, deflate_slow},
-/* 7 */ {8, 32, 128, 256, deflate_slow},
-/* 8 */ {32, 128, 258, 1024, deflate_slow},
-/* 9 */ {32, 258, 258, 4096, deflate_slow}}; /* maximum compression */
-
-/* Note: the deflate() code requires max_lazy >= MIN_MATCH and max_chain >= 4
- * For deflate_fast() (levels <= 3) good is ignored and lazy has a different
- * meaning.
- */
-
-#define EQUAL 0
-/* result of memcmp for equal strings */
-
-struct static_tree_desc_s {int dummy;}; /* for buggy compilers */
-
-/* ===========================================================================
- * Update a hash value with the given input byte
- * IN assertion: all calls to to UPDATE_HASH are made with consecutive
- * input characters, so that a running hash key can be computed from the
- * previous key instead of complete recalculation each time.
- */
-#define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask)
-
-
-/* ===========================================================================
- * Insert string str in the dictionary and set match_head to the previous head
- * of the hash chain (the most recent string with same hash key). Return
- * the previous length of the hash chain.
- * IN assertion: all calls to to INSERT_STRING are made with consecutive
- * input characters and the first MIN_MATCH bytes of str are valid
- * (except for the last MIN_MATCH-1 bytes of the input file).
- */
-#define INSERT_STRING(s, str, match_head) \
- (UPDATE_HASH(s, s->ins_h, s->window[(str) + (MIN_MATCH-1)]), \
- s->prev[(str) & s->w_mask] = match_head = s->head[s->ins_h], \
- s->head[s->ins_h] = (Pos)(str))
-
-/* ===========================================================================
- * Initialize the hash table (avoiding 64K overflow for 16 bit systems).
- * prev[] will be initialized on the fly.
- */
-#define CLEAR_HASH(s) \
- s->head[s->hash_size-1] = NIL; \
- zmemzero((charf *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateInit_(strm, level, version, stream_size)
- z_streamp strm;
- int level;
- const char *version;
- int stream_size;
-{
- return deflateInit2_(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL,
- Z_DEFAULT_STRATEGY, version, stream_size);
- /* To do: ignore strm->next_in if we use it as window */
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
- version, stream_size)
- z_streamp strm;
- int level;
- int method;
- int windowBits;
- int memLevel;
- int strategy;
- const char *version;
- int stream_size;
-{
- deflate_state *s;
- int noheader = 0;
-
- ushf *overlay;
- /* We overlay pending_buf and d_buf+l_buf. This works since the average
- * output size for (length,distance) codes is <= 24 bits.
- */
-
- if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
- stream_size != sizeof(z_stream)) {
- return Z_VERSION_ERROR;
- }
- if (strm == Z_NULL) return Z_STREAM_ERROR;
-
- strm->msg = Z_NULL;
- if (strm->zalloc == Z_NULL) {
- strm->zalloc = zcalloc;
- strm->opaque = (voidpf)0;
- }
- if (strm->zfree == Z_NULL) strm->zfree = zcfree;
-
- if (level == Z_DEFAULT_COMPRESSION) level = 6;
-
- if (windowBits < 0) { /* undocumented feature: suppress zlib header */
- noheader = 1;
- windowBits = -windowBits;
- }
- if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED ||
- windowBits < 8 || windowBits > 15 || level < 0 || level > 9 ||
- strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
- return Z_STREAM_ERROR;
- }
- s = (deflate_state *) ZALLOC(strm, 1, sizeof(deflate_state));
- if (s == Z_NULL) return Z_MEM_ERROR;
- strm->state = (struct internal_state FAR *)s;
- s->strm = strm;
-
- s->noheader = noheader;
- s->w_bits = windowBits;
- s->w_size = 1 << s->w_bits;
- s->w_mask = s->w_size - 1;
-
- s->hash_bits = memLevel + 7;
- s->hash_size = 1 << s->hash_bits;
- s->hash_mask = s->hash_size - 1;
- s->hash_shift = ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH);
-
- s->window = (Bytef *) ZALLOC(strm, s->w_size, 2*sizeof(Byte));
- s->prev = (Posf *) ZALLOC(strm, s->w_size, sizeof(Pos));
- s->head = (Posf *) ZALLOC(strm, s->hash_size, sizeof(Pos));
-
- s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
-
- overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
- s->pending_buf = (uchf *) overlay;
-
- if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
- s->pending_buf == Z_NULL) {
- strm->msg = (char*)ERR_MSG(Z_MEM_ERROR);
- deflateEnd (strm);
- return Z_MEM_ERROR;
- }
- s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
- s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
-
- s->level = level;
- s->strategy = strategy;
- s->method = (Byte)method;
-
- return deflateReset(strm);
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateSetDictionary (strm, dictionary, dictLength)
- z_streamp strm;
- const Bytef *dictionary;
- uInt dictLength;
-{
- deflate_state *s;
- uInt length = dictLength;
- uInt n;
- IPos hash_head = 0;
-
- if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL ||
- strm->state->status != INIT_STATE) return Z_STREAM_ERROR;
-
- s = strm->state;
- strm->adler = adler32(strm->adler, dictionary, dictLength);
-
- if (length < MIN_MATCH) return Z_OK;
- if (length > MAX_DIST(s)) {
- length = MAX_DIST(s);
- dictionary += dictLength - length;
- }
- zmemcpy((charf *)s->window, dictionary, length);
- s->strstart = length;
- s->block_start = (long)length;
-
- /* Insert all strings in the hash table (except for the last two bytes).
- * s->lookahead stays null, so s->ins_h will be recomputed at the next
- * call of fill_window.
- */
- s->ins_h = s->window[0];
- UPDATE_HASH(s, s->ins_h, s->window[1]);
- for (n = 0; n <= length - MIN_MATCH; n++) {
- INSERT_STRING(s, n, hash_head);
- }
- if (hash_head) hash_head = 0; /* to make compiler happy */
- return Z_OK;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateReset (strm)
- z_streamp strm;
-{
- deflate_state *s;
-
- if (strm == Z_NULL || strm->state == Z_NULL ||
- strm->zalloc == Z_NULL || strm->zfree == Z_NULL) return Z_STREAM_ERROR;
-
- strm->total_in = strm->total_out = 0;
- strm->msg = Z_NULL; /* use zfree if we ever allocate msg dynamically */
- strm->data_type = Z_UNKNOWN;
-
- s = (deflate_state *)strm->state;
- s->pending = 0;
- s->pending_out = s->pending_buf;
-
- if (s->noheader < 0) {
- s->noheader = 0; /* was set to -1 by deflate(..., Z_FINISH); */
- }
- s->status = s->noheader ? BUSY_STATE : INIT_STATE;
- strm->adler = 1;
- s->last_flush = Z_NO_FLUSH;
-
- _tr_init(s);
- lm_init(s);
-
- return Z_OK;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateParams(strm, level, strategy)
- z_streamp strm;
- int level;
- int strategy;
-{
- deflate_state *s;
- compress_func func;
- int err = Z_OK;
-
- if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
- s = strm->state;
-
- if (level == Z_DEFAULT_COMPRESSION) {
- level = 6;
- }
- if (level < 0 || level > 9 || strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
- return Z_STREAM_ERROR;
- }
- func = configuration_table[s->level].func;
-
- if (func != configuration_table[level].func && strm->total_in != 0) {
- /* Flush the last buffer: */
- err = deflate(strm, Z_PARTIAL_FLUSH);
- }
- if (s->level != level) {
- s->level = level;
- s->max_lazy_match = configuration_table[level].max_lazy;
- s->good_match = configuration_table[level].good_length;
- s->nice_match = configuration_table[level].nice_length;
- s->max_chain_length = configuration_table[level].max_chain;
- }
- s->strategy = strategy;
- return err;
-}
-
-/* =========================================================================
- * Put a short in the pending buffer. The 16-bit value is put in MSB order.
- * IN assertion: the stream state is correct and there is enough room in
- * pending_buf.
- */
-local void putShortMSB (s, b)
- deflate_state *s;
- uInt b;
-{
- put_byte(s, (Byte)(b >> 8));
- put_byte(s, (Byte)(b & 0xff));
-}
-
-/* =========================================================================
- * Flush as much pending output as possible. All deflate() output goes
- * through this function so some applications may wish to modify it
- * to avoid allocating a large strm->next_out buffer and copying into it.
- * (See also read_buf()).
- */
-local void flush_pending(strm)
- z_streamp strm;
-{
- unsigned len = strm->state->pending;
-
- if (len > strm->avail_out) len = strm->avail_out;
- if (len == 0) return;
-
- zmemcpy(strm->next_out, strm->state->pending_out, len);
- strm->next_out += len;
- strm->state->pending_out += len;
- strm->total_out += len;
- strm->avail_out -= len;
- strm->state->pending -= len;
- if (strm->state->pending == 0) {
- strm->state->pending_out = strm->state->pending_buf;
- }
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflate (strm, flush)
- z_streamp strm;
- int flush;
-{
- int old_flush; /* value of flush param for previous deflate call */
- deflate_state *s;
-
- if (strm == Z_NULL || strm->state == Z_NULL ||
- flush > Z_FINISH || flush < 0) {
- return Z_STREAM_ERROR;
- }
- s = strm->state;
-
- if (strm->next_out == Z_NULL ||
- (strm->next_in == Z_NULL && strm->avail_in != 0) ||
- (s->status == FINISH_STATE && flush != Z_FINISH)) {
- ERR_RETURN(strm, Z_STREAM_ERROR);
- }
- if (strm->avail_out == 0) ERR_RETURN(strm, Z_BUF_ERROR);
-
- s->strm = strm; /* just in case */
- old_flush = s->last_flush;
- s->last_flush = flush;
-
- /* Write the zlib header */
- if (s->status == INIT_STATE) {
-
- uInt header = (Z_DEFLATED + ((s->w_bits-8)<<4)) << 8;
- uInt level_flags = (s->level-1) >> 1;
-
- if (level_flags > 3) level_flags = 3;
- header |= (level_flags << 6);
- if (s->strstart != 0) header |= PRESET_DICT;
- header += 31 - (header % 31);
-
- s->status = BUSY_STATE;
- putShortMSB(s, header);
-
- /* Save the adler32 of the preset dictionary: */
- if (s->strstart != 0) {
- putShortMSB(s, (uInt)(strm->adler >> 16));
- putShortMSB(s, (uInt)(strm->adler & 0xffff));
- }
- strm->adler = 1L;
- }
-
- /* Flush as much pending output as possible */
- if (s->pending != 0) {
- flush_pending(strm);
- if (strm->avail_out == 0) {
- /* Since avail_out is 0, deflate will be called again with
- * more output space, but possibly with both pending and
- * avail_in equal to zero. There won't be anything to do,
- * but this is not an error situation so make sure we
- * return OK instead of BUF_ERROR at next call of deflate:
- */
- s->last_flush = -1;
- return Z_OK;
- }
-
- /* Make sure there is something to do and avoid duplicate consecutive
- * flushes. For repeated and useless calls with Z_FINISH, we keep
- * returning Z_STREAM_END instead of Z_BUFF_ERROR.
- */
- } else if (strm->avail_in == 0 && flush <= old_flush &&
- flush != Z_FINISH) {
- ERR_RETURN(strm, Z_BUF_ERROR);
- }
-
- /* User must not provide more input after the first FINISH: */
- if (s->status == FINISH_STATE && strm->avail_in != 0) {
- ERR_RETURN(strm, Z_BUF_ERROR);
- }
-
- /* Start a new block or continue the current one.
- */
- if (strm->avail_in != 0 || s->lookahead != 0 ||
- (flush != Z_NO_FLUSH && s->status != FINISH_STATE)) {
- block_state bstate;
-
- bstate = (*(configuration_table[s->level].func))(s, flush);
-
- if (bstate == finish_started || bstate == finish_done) {
- s->status = FINISH_STATE;
- }
- if (bstate == need_more || bstate == finish_started) {
- if (strm->avail_out == 0) {
- s->last_flush = -1; /* avoid BUF_ERROR next call, see above */
- }
- return Z_OK;
- /* If flush != Z_NO_FLUSH && avail_out == 0, the next call
- * of deflate should use the same flush parameter to make sure
- * that the flush is complete. So we don't have to output an
- * empty block here, this will be done at next call. This also
- * ensures that for a very small output buffer, we emit at most
- * one empty block.
- */
- }
- if (bstate == block_done) {
- if (flush == Z_PARTIAL_FLUSH) {
- _tr_align(s);
- } else { /* FULL_FLUSH or SYNC_FLUSH */
- _tr_stored_block(s, (char*)0, 0L, 0);
- /* For a full flush, this empty block will be recognized
- * as a special marker by inflate_sync().
- */
- if (flush == Z_FULL_FLUSH) {
- CLEAR_HASH(s); /* forget history */
- }
- }
- flush_pending(strm);
- if (strm->avail_out == 0) {
- s->last_flush = -1; /* avoid BUF_ERROR at next call, see above */
- return Z_OK;
- }
- }
- }
- Assert(strm->avail_out > 0, "bug2");
-
- if (flush != Z_FINISH) return Z_OK;
- if (s->noheader) return Z_STREAM_END;
-
- /* Write the zlib trailer (adler32) */
- putShortMSB(s, (uInt)(strm->adler >> 16));
- putShortMSB(s, (uInt)(strm->adler & 0xffff));
- flush_pending(strm);
- /* If avail_out is zero, the application will call deflate again
- * to flush the rest.
- */
- s->noheader = -1; /* write the trailer only once! */
- return s->pending != 0 ? Z_OK : Z_STREAM_END;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateEnd (strm)
- z_streamp strm;
-{
- int status;
-
- if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
-
- /* Deallocate in reverse order of allocations: */
- TRY_FREE(strm, strm->state->pending_buf);
- TRY_FREE(strm, strm->state->head);
- TRY_FREE(strm, strm->state->prev);
- TRY_FREE(strm, strm->state->window);
-
- status = strm->state->status;
- ZFREE(strm, strm->state);
- strm->state = Z_NULL;
-
- return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK;
-}
-
-/* ========================================================================= */
-PR_PUBLIC_API(int) deflateCopy (dest, source)
- z_streamp dest;
- z_streamp source;
-{
- if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) {
- return Z_STREAM_ERROR;
- }
- *dest = *source;
- return Z_STREAM_ERROR; /* to be implemented */
-#if 0
- dest->state = (struct internal_state FAR *)
- (*dest->zalloc)(1, sizeof(deflate_state));
- if (dest->state == Z_NULL) return Z_MEM_ERROR;
-
- *(dest->state) = *(source->state);
- return Z_OK;
-#endif
-}
-
-/* ===========================================================================
- * Read a new buffer from the current input stream, update the adler32
- * and total number of bytes read. All deflate() input goes through
- * this function so some applications may wish to modify it to avoid
- * allocating a large strm->next_in buffer and copying from it.
- * (See also flush_pending()).
- */
-local int read_buf(strm, buf, size)
- z_streamp strm;
- charf *buf;
- unsigned size;
-{
- unsigned len = strm->avail_in;
-
- if (len > size) len = size;
- if (len == 0) return 0;
-
- strm->avail_in -= len;
-
- if (!strm->state->noheader) {
- strm->adler = adler32(strm->adler, strm->next_in, len);
- }
- zmemcpy(buf, strm->next_in, len);
- strm->next_in += len;
- strm->total_in += len;
-
- return (int)len;
-}
-
-/* ===========================================================================
- * Initialize the "longest match" routines for a new zlib stream
- */
-local void lm_init (s)
- deflate_state *s;
-{
- s->window_size = (ulg)2L*s->w_size;
-
- CLEAR_HASH(s);
-
- /* Set the default configuration parameters:
- */
- s->max_lazy_match = configuration_table[s->level].max_lazy;
- s->good_match = configuration_table[s->level].good_length;
- s->nice_match = configuration_table[s->level].nice_length;
- s->max_chain_length = configuration_table[s->level].max_chain;
-
- s->strstart = 0;
- s->block_start = 0L;
- s->lookahead = 0;
- s->match_length = s->prev_length = MIN_MATCH-1;
- s->match_available = 0;
- s->ins_h = 0;
-#ifdef ASMV
- match_init(); /* initialize the asm code */
-#endif
-}
-
-/* ===========================================================================
- * Set match_start to the longest match starting at the given string and
- * return its length. Matches shorter or equal to prev_length are discarded,
- * in which case the result is equal to prev_length and match_start is
- * garbage.
- * IN assertions: cur_match is the head of the hash chain for the current
- * string (strstart) and its distance is <= MAX_DIST, and prev_length >= 1
- * OUT assertion: the match length is not greater than s->lookahead.
- */
-#ifndef ASMV
-/* For 80x86 and 680x0, an optimized version will be provided in match.asm or
- * match.S. The code will be functionally equivalent.
- */
-local uInt longest_match(s, cur_match)
- deflate_state *s;
- IPos cur_match; /* current match */
-{
- unsigned chain_length = s->max_chain_length;/* max hash chain length */
- register Bytef *scan = s->window + s->strstart; /* current string */
- register Bytef *match; /* matched string */
- register int len; /* length of current match */
- int best_len = s->prev_length; /* best match length so far */
- int nice_match = s->nice_match; /* stop if match long enough */
- IPos limit = s->strstart > (IPos)MAX_DIST(s) ?
- s->strstart - (IPos)MAX_DIST(s) : NIL;
- /* Stop when cur_match becomes <= limit. To simplify the code,
- * we prevent matches with the string of window index 0.
- */
- Posf *prev = s->prev;
- uInt wmask = s->w_mask;
-
-#ifdef UNALIGNED_OK
- /* Compare two bytes at a time. Note: this is not always beneficial.
- * Try with and without -DUNALIGNED_OK to check.
- */
- register Bytef *strend = s->window + s->strstart + MAX_MATCH - 1;
- register ush scan_start = *(ushf*)scan;
- register ush scan_end = *(ushf*)(scan+best_len-1);
-#else
- register Bytef *strend = s->window + s->strstart + MAX_MATCH;
- register Byte scan_end1 = scan[best_len-1];
- register Byte scan_end = scan[best_len];
-#endif
-
- /* The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
- * It is easy to get rid of this optimization if necessary.
- */
- Assert(s->hash_bits >= 8 && MAX_MATCH == 258, "Code too clever");
-
- /* Do not waste too much time if we already have a good match: */
- if (s->prev_length >= s->good_match) {
- chain_length >>= 2;
- }
- /* Do not look for matches beyond the end of the input. This is necessary
- * to make deflate deterministic.
- */
- if ((uInt)nice_match > s->lookahead) nice_match = s->lookahead;
-
- Assert((ulg)s->strstart <= s->window_size-MIN_LOOKAHEAD, "need lookahead");
-
- do {
- Assert(cur_match < s->strstart, "no future");
- match = s->window + cur_match;
-
- /* Skip to next match if the match length cannot increase
- * or if the match length is less than 2:
- */
-#if (defined(UNALIGNED_OK) && MAX_MATCH == 258)
- /* This code assumes sizeof(unsigned short) == 2. Do not use
- * UNALIGNED_OK if your compiler uses a different size.
- */
- if (*(ushf*)(match+best_len-1) != scan_end ||
- *(ushf*)match != scan_start) continue;
-
- /* It is not necessary to compare scan[2] and match[2] since they are
- * always equal when the other bytes match, given that the hash keys
- * are equal and that HASH_BITS >= 8. Compare 2 bytes at a time at
- * strstart+3, +5, ... up to strstart+257. We check for insufficient
- * lookahead only every 4th comparison; the 128th check will be made
- * at strstart+257. If MAX_MATCH-2 is not a multiple of 8, it is
- * necessary to put more guard bytes at the end of the window, or
- * to check more often for insufficient lookahead.
- */
- Assert(scan[2] == match[2], "scan[2]?");
- scan++, match++;
- do {
- } while (*(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
- *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
- *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
- *(ushf*)(scan+=2) == *(ushf*)(match+=2) &&
- scan < strend);
- /* The funny "do {}" generates better code on most compilers */
-
- /* Here, scan <= window+strstart+257 */
- Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
- if (*scan == *match) scan++;
-
- len = (MAX_MATCH - 1) - (int)(strend-scan);
- scan = strend - (MAX_MATCH-1);
-
-#else /* UNALIGNED_OK */
-
- if (match[best_len] != scan_end ||
- match[best_len-1] != scan_end1 ||
- *match != *scan ||
- *++match != scan[1]) continue;
-
- /* The check at best_len-1 can be removed because it will be made
- * again later. (This heuristic is not always a win.)
- * It is not necessary to compare scan[2] and match[2] since they
- * are always equal when the other bytes match, given that
- * the hash keys are equal and that HASH_BITS >= 8.
- */
- scan += 2, match++;
- Assert(*scan == *match, "match[2]?");
-
- /* We check for insufficient lookahead only every 8th comparison;
- * the 256th check will be made at strstart+258.
- */
- do {
- } while (*++scan == *++match && *++scan == *++match &&
- *++scan == *++match && *++scan == *++match &&
- *++scan == *++match && *++scan == *++match &&
- *++scan == *++match && *++scan == *++match &&
- scan < strend);
-
- Assert(scan <= s->window+(unsigned)(s->window_size-1), "wild scan");
-
- len = MAX_MATCH - (int)(strend - scan);
- scan = strend - MAX_MATCH;
-
-#endif /* UNALIGNED_OK */
-
- if (len > best_len) {
- s->match_start = cur_match;
- best_len = len;
- if (len >= nice_match) break;
-#ifdef UNALIGNED_OK
- scan_end = *(ushf*)(scan+best_len-1);
-#else
- scan_end1 = scan[best_len-1];
- scan_end = scan[best_len];
-#endif
- }
- } while ((cur_match = prev[cur_match & wmask]) > limit
- && --chain_length != 0);
-
- if ((uInt)best_len <= s->lookahead) return best_len;
- return s->lookahead;
-}
-#endif /* ASMV */
-
-#ifdef DEBUG_NEVER
-/* ===========================================================================
- * Check that the match at match_start is indeed a match.
- */
-local void check_match(s, start, match, length)
- deflate_state *s;
- IPos start, match;
- int length;
-{
- /* check that the match is indeed a match */
- if (zmemcmp((charf *)s->window + match,
- (charf *)s->window + start, length) != EQUAL) {
-#if 0
- fprintf(stderr, " start %u, match %u, length %d\n",
- start, match, length);
-#endif
- do {
- fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
- } while (--length != 0);
- z_error("invalid match");
- }
- if (verbose > 1) {
- fprintf(stderr,"\\[%d,%d]", start-match, length);
- do { putc(s->window[start++], stderr); } while (--length != 0);
- }
-}
-#else
-# define check_match(s, start, match, length)
-#endif
-
-/* ===========================================================================
- * Fill the window when the lookahead becomes insufficient.
- * Updates strstart and lookahead.
- *
- * IN assertion: lookahead < MIN_LOOKAHEAD
- * OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
- * At least one byte has been read, or avail_in == 0; reads are
- * performed for at least two bytes (required for the zip translate_eol
- * option -- not supported here).
- */
-local void fill_window(s)
- deflate_state *s;
-{
- register unsigned n, m;
- register Posf *p;
- unsigned more; /* Amount of free space at the end of the window. */
- uInt wsize = s->w_size;
-
- do {
- more = (unsigned)(s->window_size -(ulg)s->lookahead -(ulg)s->strstart);
-
- /* Deal with !@#$% 64K limit: */
- if (more == 0 && s->strstart == 0 && s->lookahead == 0) {
- more = wsize;
-
- } else if (more == (unsigned)(-1)) {
- /* Very unlikely, but possible on 16 bit machine if strstart == 0
- * and lookahead == 1 (input done one byte at time)
- */
- more--;
-
- /* If the window is almost full and there is insufficient lookahead,
- * move the upper half to the lower one to make room in the upper half.
- */
- } else if (s->strstart >= wsize+MAX_DIST(s)) {
-
- zmemcpy((charf *)s->window, (charf *)s->window+wsize,
- (unsigned)wsize);
- s->match_start -= wsize;
- s->strstart -= wsize; /* we now have strstart >= MAX_DIST */
-
- s->block_start -= (long) wsize;
-
- /* Slide the hash table (could be avoided with 32 bit values
- at the expense of memory usage):
- */
- n = s->hash_size;
- p = &s->head[n];
- do {
- m = *--p;
- *p = (Pos)(m >= wsize ? m-wsize : NIL);
- } while (--n);
-
- n = wsize;
- p = &s->prev[n];
- do {
- m = *--p;
- *p = (Pos)(m >= wsize ? m-wsize : NIL);
- /* If n is not on any hash chain, prev[n] is garbage but
- * its value will never be used.
- */
- } while (--n);
-
- more += wsize;
- }
- if (s->strm->avail_in == 0) return;
-
- /* If there was no sliding:
- * strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
- * more == window_size - lookahead - strstart
- * => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
- * => more >= window_size - 2*WSIZE + 2
- * In the BIG_MEM or MMAP case (not yet supported),
- * window_size == input_size + MIN_LOOKAHEAD &&
- * strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
- * Otherwise, window_size == 2*WSIZE so more >= 2.
- * If there was sliding, more >= WSIZE. So in all cases, more >= 2.
- */
- Assert(more >= 2, "more < 2");
-
- n = read_buf(s->strm, (charf *)s->window + s->strstart + s->lookahead,
- more);
- s->lookahead += n;
-
- /* Initialize the hash value now that we have some input: */
- if (s->lookahead >= MIN_MATCH) {
- s->ins_h = s->window[s->strstart];
- UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-#if MIN_MATCH != 3
- Call UPDATE_HASH() MIN_MATCH-3 more times
-#endif
- }
- /* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
- * but this is not important since only literal bytes will be emitted.
- */
-
- } while (s->lookahead < MIN_LOOKAHEAD && s->strm->avail_in != 0);
-}
-
-/* ===========================================================================
- * Flush the current block, with given end-of-file flag.
- * IN assertion: strstart is set to the end of the current match.
- */
-#define FLUSH_BLOCK_ONLY(s, eof) { \
- _tr_flush_block(s, (s->block_start >= 0L ? \
- (charf *)&s->window[(unsigned)s->block_start] : \
- (charf *)Z_NULL), \
- (ulg)((long)s->strstart - s->block_start), \
- (eof)); \
- s->block_start = s->strstart; \
- flush_pending(s->strm); \
- Tracev((stderr,"[FLUSH]")); \
-}
-
-/* Same but force premature exit if necessary. */
-#define FLUSH_BLOCK(s, eof) { \
- FLUSH_BLOCK_ONLY(s, eof); \
- if (s->strm->avail_out == 0) return (eof) ? finish_started : need_more; \
-}
-
-/* ===========================================================================
- * Copy without compression as much as possible from the input stream, return
- * the current block state.
- * This function does not insert new strings in the dictionary since
- * uncompressible data is probably not useful. This function is used
- * only for the level=0 compression option.
- * NOTE: this function should be optimized to avoid extra copying.
- */
-local block_state deflate_stored(s, flush)
- deflate_state *s;
- int flush;
-{
- for (;;) {
- /* Fill the window as much as possible: */
- if (s->lookahead <= 1) {
-
- Assert(s->strstart < s->w_size+MAX_DIST(s) ||
- s->block_start >= (long)s->w_size, "slide too late");
-
- fill_window(s);
- if (s->lookahead == 0 && flush == Z_NO_FLUSH) return need_more;
-
- if (s->lookahead == 0) break; /* flush the current block */
- }
- Assert(s->block_start >= 0L, "block gone");
-
- s->strstart += s->lookahead;
- s->lookahead = 0;
-
- /* Stored blocks are limited to 0xffff bytes: */
- if (s->strstart == 0 || s->strstart > 0xfffe) {
- /* strstart == 0 is possible when wraparound on 16-bit machine */
- s->lookahead = s->strstart - 0xffff;
- s->strstart = 0xffff;
- }
-
- /* Emit a stored block if it is large enough: */
- if (s->strstart - (uInt)s->block_start >= MAX_DIST(s)) {
- FLUSH_BLOCK(s, 0);
- }
- }
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
-}
-
-/* ===========================================================================
- * Compress as much as possible from the input stream, return the current
- * block state.
- * This function does not perform lazy evaluation of matches and inserts
- * new strings in the dictionary only for unmatched strings or for short
- * matches. It is used only for the fast compression options.
- */
-local block_state deflate_fast(s, flush)
- deflate_state *s;
- int flush;
-{
- IPos hash_head = NIL; /* head of the hash chain */
- int bflush; /* set if current block must be flushed */
-
- for (;;) {
- /* Make sure that we always have enough lookahead, except
- * at the end of the input file. We need MAX_MATCH bytes
- * for the next match, plus MIN_MATCH bytes to insert the
- * string following the next match.
- */
- if (s->lookahead < MIN_LOOKAHEAD) {
- fill_window(s);
- if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
- return need_more;
- }
- if (s->lookahead == 0) break; /* flush the current block */
- }
-
- /* Insert the string window[strstart .. strstart+2] in the
- * dictionary, and set hash_head to the head of the hash chain:
- */
- if (s->lookahead >= MIN_MATCH) {
- INSERT_STRING(s, s->strstart, hash_head);
- }
-
- /* Find the longest match, discarding those <= prev_length.
- * At this point we have always match_length < MIN_MATCH
- */
- if (hash_head != NIL && s->strstart - hash_head <= MAX_DIST(s)) {
- /* To simplify the code, we prevent matches with the string
- * of window index 0 (in particular we have to avoid a match
- * of the string with itself at the start of the input file).
- */
- if (s->strategy != Z_HUFFMAN_ONLY) {
- s->match_length = longest_match (s, hash_head);
- }
- /* longest_match() sets match_start */
- }
- if (s->match_length >= MIN_MATCH) {
- check_match(s, s->strstart, s->match_start, s->match_length);
-
- bflush = _tr_tally(s, s->strstart - s->match_start,
- s->match_length - MIN_MATCH);
-
- s->lookahead -= s->match_length;
-
- /* Insert new strings in the hash table only if the match length
- * is not too large. This saves time but degrades compression.
- */
- if (s->match_length <= s->max_insert_length &&
- s->lookahead >= MIN_MATCH) {
- s->match_length--; /* string at strstart already in hash table */
- do {
- s->strstart++;
- INSERT_STRING(s, s->strstart, hash_head);
- /* strstart never exceeds WSIZE-MAX_MATCH, so there are
- * always MIN_MATCH bytes ahead.
- */
- } while (--s->match_length != 0);
- s->strstart++;
- } else {
- s->strstart += s->match_length;
- s->match_length = 0;
- s->ins_h = s->window[s->strstart];
- UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
-#if MIN_MATCH != 3
- Call UPDATE_HASH() MIN_MATCH-3 more times
-#endif
- /* If lookahead < MIN_MATCH, ins_h is garbage, but it does not
- * matter since it will be recomputed at next deflate call.
- */
- }
- } else {
- /* No match, output a literal byte */
- Tracevv((stderr,"%c", s->window[s->strstart]));
- bflush = _tr_tally (s, 0, s->window[s->strstart]);
- s->lookahead--;
- s->strstart++;
- }
- if (bflush) FLUSH_BLOCK(s, 0);
- }
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
-}
-
-/* ===========================================================================
- * Same as above, but achieves better compression. We use a lazy
- * evaluation for matches: a match is finally adopted only if there is
- * no better match at the next window position.
- */
-local block_state deflate_slow(s, flush)
- deflate_state *s;
- int flush;
-{
- IPos hash_head = NIL; /* head of hash chain */
- int bflush; /* set if current block must be flushed */
-
- /* Process the input block. */
- for (;;) {
- /* Make sure that we always have enough lookahead, except
- * at the end of the input file. We need MAX_MATCH bytes
- * for the next match, plus MIN_MATCH bytes to insert the
- * string following the next match.
- */
- if (s->lookahead < MIN_LOOKAHEAD) {
- fill_window(s);
- if (s->lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
- return need_more;
- }
- if (s->lookahead == 0) break; /* flush the current block */
- }
-
- /* Insert the string window[strstart .. strstart+2] in the
- * dictionary, and set hash_head to the head of the hash chain:
- */
- if (s->lookahead >= MIN_MATCH) {
- INSERT_STRING(s, s->strstart, hash_head);
- }
-
- /* Find the longest match, discarding those <= prev_length.
- */
- s->prev_length = s->match_length, s->prev_match = s->match_start;
- s->match_length = MIN_MATCH-1;
-
- if (hash_head != NIL && s->prev_length < s->max_lazy_match &&
- s->strstart - hash_head <= MAX_DIST(s)) {
- /* To simplify the code, we prevent matches with the string
- * of window index 0 (in particular we have to avoid a match
- * of the string with itself at the start of the input file).
- */
- if (s->strategy != Z_HUFFMAN_ONLY) {
- s->match_length = longest_match (s, hash_head);
- }
- /* longest_match() sets match_start */
-
- if (s->match_length <= 5 && (s->strategy == Z_FILTERED ||
- (s->match_length == MIN_MATCH &&
- s->strstart - s->match_start > TOO_FAR))) {
-
- /* If prev_match is also MIN_MATCH, match_start is garbage
- * but we will ignore the current match anyway.
- */
- s->match_length = MIN_MATCH-1;
- }
- }
- /* If there was a match at the previous step and the current
- * match is not better, output the previous match:
- */
- if (s->prev_length >= MIN_MATCH && s->match_length <= s->prev_length) {
- uInt max_insert = s->strstart + s->lookahead - MIN_MATCH;
- /* Do not insert strings in hash table beyond this. */
-
- check_match(s, s->strstart-1, s->prev_match, s->prev_length);
-
- bflush = _tr_tally(s, s->strstart -1 - s->prev_match,
- s->prev_length - MIN_MATCH);
-
- /* Insert in hash table all strings up to the end of the match.
- * strstart-1 and strstart are already inserted. If there is not
- * enough lookahead, the last two strings are not inserted in
- * the hash table.
- */
- s->lookahead -= s->prev_length-1;
- s->prev_length -= 2;
- do {
- if (++s->strstart <= max_insert) {
- INSERT_STRING(s, s->strstart, hash_head);
- }
- } while (--s->prev_length != 0);
- s->match_available = 0;
- s->match_length = MIN_MATCH-1;
- s->strstart++;
-
- if (bflush) FLUSH_BLOCK(s, 0);
-
- } else if (s->match_available) {
- /* If there was no match at the previous position, output a
- * single literal. If there was a match but the current match
- * is longer, truncate the previous match to a single literal.
- */
- Tracevv((stderr,"%c", s->window[s->strstart-1]));
- if (_tr_tally (s, 0, s->window[s->strstart-1])) {
- FLUSH_BLOCK_ONLY(s, 0);
- }
- s->strstart++;
- s->lookahead--;
- if (s->strm->avail_out == 0) return need_more;
- } else {
- /* There is no previous match to compare with, wait for
- * the next step to decide.
- */
- s->match_available = 1;
- s->strstart++;
- s->lookahead--;
- }
- }
- Assert (flush != Z_NO_FLUSH, "no flush?");
- if (s->match_available) {
- Tracevv((stderr,"%c", s->window[s->strstart-1]));
- _tr_tally (s, 0, s->window[s->strstart-1]);
- s->match_available = 0;
- }
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
-}
diff --git a/security/nss/cmd/zlib/deflate.h b/security/nss/cmd/zlib/deflate.h
deleted file mode 100644
index 410b21984..000000000
--- a/security/nss/cmd/zlib/deflate.h
+++ /dev/null
@@ -1,275 +0,0 @@
-/* deflate.h -- internal compression state
- * Copyright (C) 1995-1996 Jean-loup Gailly
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-/* $Id$ */
-
-#ifndef _DEFLATE_H
-#define _DEFLATE_H
-
-#include "zutil.h"
-
-/* ===========================================================================
- * Internal compression state.
- */
-
-#define LENGTH_CODES 29
-/* number of length codes, not counting the special END_BLOCK code */
-
-#define LITERALS 256
-/* number of literal bytes 0..255 */
-
-#define L_CODES (LITERALS+1+LENGTH_CODES)
-/* number of Literal or Length codes, including the END_BLOCK code */
-
-#define D_CODES 30
-/* number of distance codes */
-
-#define BL_CODES 19
-/* number of codes used to transfer the bit lengths */
-
-#define HEAP_SIZE (2*L_CODES+1)
-/* maximum heap size */
-
-#define MAX_BITS 15
-/* All codes must not exceed MAX_BITS bits */
-
-#define INIT_STATE 42
-#define BUSY_STATE 113
-#define FINISH_STATE 666
-/* Stream status */
-
-
-/* Data structure describing a single value and its code string. */
-typedef struct ct_data_s {
- union {
- ush freq; /* frequency count */
- ush code; /* bit string */
- } fc;
- union {
- ush dad; /* father node in Huffman tree */
- ush len; /* length of bit string */
- } dl;
-} FAR ct_data;
-
-#define Freq fc.freq
-#define Code fc.code
-#define Dad dl.dad
-#define Len dl.len
-
-typedef struct static_tree_desc_s static_tree_desc;
-
-typedef struct tree_desc_s {
- ct_data *dyn_tree; /* the dynamic tree */
- int max_code; /* largest code with non zero frequency */
- static_tree_desc *stat_desc; /* the corresponding static tree */
-} FAR tree_desc;
-
-typedef ush Pos;
-typedef Pos FAR Posf;
-typedef unsigned IPos;
-
-/* A Pos is an index in the character window. We use short instead of int to
- * save space in the various tables. IPos is used only for parameter passing.
- */
-
-typedef struct internal_state {
- z_streamp strm; /* pointer back to this zlib stream */
- int status; /* as the name implies */
- Bytef *pending_buf; /* output still pending */
- Bytef *pending_out; /* next pending byte to output to the stream */
- int pending; /* nb of bytes in the pending buffer */
- int noheader; /* suppress zlib header and adler32 */
- Byte data_type; /* UNKNOWN, BINARY or ASCII */
- Byte method; /* STORED (for zip only) or DEFLATED */
- int last_flush; /* value of flush param for previous deflate call */
-
- /* used by deflate.c: */
-
- uInt w_size; /* LZ77 window size (32K by default) */
- uInt w_bits; /* log2(w_size) (8..16) */
- uInt w_mask; /* w_size - 1 */
-
- Bytef *window;
- /* Sliding window. Input bytes are read into the second half of the window,
- * and move to the first half later to keep a dictionary of at least wSize
- * bytes. With this organization, matches are limited to a distance of
- * wSize-MAX_MATCH bytes, but this ensures that IO is always
- * performed with a length multiple of the block size. Also, it limits
- * the window size to 64K, which is quite useful on MSDOS.
- * To do: use the user input buffer as sliding window.
- */
-
- ulg window_size;
- /* Actual size of window: 2*wSize, except when the user input buffer
- * is directly used as sliding window.
- */
-
- Posf *prev;
- /* Link to older string with same hash index. To limit the size of this
- * array to 64K, this link is maintained only for the last 32K strings.
- * An index in this array is thus a window index modulo 32K.
- */
-
- Posf *head; /* Heads of the hash chains or NIL. */
-
- uInt ins_h; /* hash index of string to be inserted */
- uInt hash_size; /* number of elements in hash table */
- uInt hash_bits; /* log2(hash_size) */
- uInt hash_mask; /* hash_size-1 */
-
- uInt hash_shift;
- /* Number of bits by which ins_h must be shifted at each input
- * step. It must be such that after MIN_MATCH steps, the oldest
- * byte no longer takes part in the hash key, that is:
- * hash_shift * MIN_MATCH >= hash_bits
- */
-
- long block_start;
- /* Window position at the beginning of the current output block. Gets
- * negative when the window is moved backwards.
- */
-
- uInt match_length; /* length of best match */
- IPos prev_match; /* previous match */
- int match_available; /* set if previous match exists */
- uInt strstart; /* start of string to insert */
- uInt match_start; /* start of matching string */
- uInt lookahead; /* number of valid bytes ahead in window */
-
- uInt prev_length;
- /* Length of the best match at previous step. Matches not greater than this
- * are discarded. This is used in the lazy match evaluation.
- */
-
- uInt max_chain_length;
- /* To speed up deflation, hash chains are never searched beyond this
- * length. A higher limit improves compression ratio but degrades the
- * speed.
- */
-
- uInt max_lazy_match;
- /* Attempt to find a better match only when the current match is strictly
- * smaller than this value. This mechanism is used only for compression
- * levels >= 4.
- */
-# define max_insert_length max_lazy_match
- /* Insert new strings in the hash table only if the match length is not
- * greater than this length. This saves time but degrades compression.
- * max_insert_length is used only for compression levels <= 3.
- */
-
- int level; /* compression level (1..9) */
- int strategy; /* favor or force Huffman coding*/
-
- uInt good_match;
- /* Use a faster search when the previous match is longer than this */
-
- int nice_match; /* Stop searching when current match exceeds this */
-
- /* used by trees.c: */
- /* Didn't use ct_data typedef below to supress compiler warning */
- struct ct_data_s dyn_ltree[HEAP_SIZE]; /* literal and length tree */
- struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
- struct ct_data_s bl_tree[2*BL_CODES+1]; /* Huffman tree for bit lengths */
-
- struct tree_desc_s l_desc; /* desc. for literal tree */
- struct tree_desc_s d_desc; /* desc. for distance tree */
- struct tree_desc_s bl_desc; /* desc. for bit length tree */
-
- ush bl_count[MAX_BITS+1];
- /* number of codes at each bit length for an optimal tree */
-
- int heap[2*L_CODES+1]; /* heap used to build the Huffman trees */
- int heap_len; /* number of elements in the heap */
- int heap_max; /* element of largest frequency */
- /* The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
- * The same heap array is used to build all trees.
- */
-
- uch depth[2*L_CODES+1];
- /* Depth of each subtree used as tie breaker for trees of equal frequency
- */
-
- uchf *l_buf; /* buffer for literals or lengths */
-
- uInt lit_bufsize;
- /* Size of match buffer for literals/lengths. There are 4 reasons for
- * limiting lit_bufsize to 64K:
- * - frequencies can be kept in 16 bit counters
- * - if compression is not successful for the first block, all input
- * data is still in the window so we can still emit a stored block even
- * when input comes from standard input. (This can also be done for
- * all blocks if lit_bufsize is not greater than 32K.)
- * - if compression is not successful for a file smaller than 64K, we can
- * even emit a stored file instead of a stored block (saving 5 bytes).
- * This is applicable only for zip (not gzip or zlib).
- * - creating new Huffman trees less frequently may not provide fast
- * adaptation to changes in the input data statistics. (Take for
- * example a binary file with poorly compressible code followed by
- * a highly compressible string table.) Smaller buffer sizes give
- * fast adaptation but have of course the overhead of transmitting
- * trees more frequently.
- * - I can't count above 4
- */
-
- uInt last_lit; /* running index in l_buf */
-
- ushf *d_buf;
- /* Buffer for distances. To simplify the code, d_buf and l_buf have
- * the same number of elements. To use different lengths, an extra flag
- * array would be necessary.
- */
-
- ulg opt_len; /* bit length of current block with optimal trees */
- ulg static_len; /* bit length of current block with static trees */
- ulg compressed_len; /* total bit length of compressed file */
- uInt matches; /* number of string matches in current block */
- int last_eob_len; /* bit length of EOB code for last block */
-
-#ifdef DEBUG
- ulg bits_sent; /* bit length of the compressed data */
-#endif
-
- ush bi_buf;
- /* Output buffer. bits are inserted starting at the bottom (least
- * significant bits).
- */
- int bi_valid;
- /* Number of valid bits in bi_buf. All bits above the last valid bit
- * are always zero.
- */
-
-} FAR deflate_state;
-
-/* Output a byte on the stream.
- * IN assertion: there is enough room in pending_buf.
- */
-#define put_byte(s, c) {s->pending_buf[s->pending++] = (c);}
-
-
-#define MIN_LOOKAHEAD (MAX_MATCH+MIN_MATCH+1)
-/* Minimum amount of lookahead, except at the end of the input file.
- * See deflate.c for comments about the MIN_MATCH+1.
- */
-
-#define MAX_DIST(s) ((s)->w_size-MIN_LOOKAHEAD)
-/* In order to simplify the code, particularly on 16 bit machines, match
- * distances are limited to MAX_DIST instead of WSIZE.
- */
-
- /* in trees.c */
-void _tr_init OF((deflate_state *s));
-int _tr_tally OF((deflate_state *s, unsigned dist, unsigned lc));
-ulg _tr_flush_block OF((deflate_state *s, charf *buf, ulg stored_len,
- int eof));
-void _tr_align OF((deflate_state *s));
-void _tr_stored_block OF((deflate_state *s, charf *buf, ulg stored_len,
- int eof));
-#endif
diff --git a/security/nss/cmd/zlib/example.c b/security/nss/cmd/zlib/example.c
deleted file mode 100644
index 7c9176094..000000000
--- a/security/nss/cmd/zlib/example.c
+++ /dev/null
@@ -1,503 +0,0 @@
-/* example.c -- usage example of the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* $Id$ */
-
-#include <stdio.h>
-#include "zlib.h"
-
-#ifdef STDC
-# include <string.h>
-# include <stdlib.h>
-#else
- extern void exit OF((int));
-#endif
-
-#define CHECK_ERR(err, msg) { \
- if (err != Z_OK) { \
- fprintf(stderr, "%s error: %d\n", msg, err); \
- exit(1); \
- } \
-}
-
-const char hello[] = "hello, hello!";
-/* "hello world" would be more standard, but the repeated "hello"
- * stresses the compression code better, sorry...
- */
-
-const char dictionary[] = "hello";
-uLong dictId; /* Adler32 value of the dictionary */
-
-void test_compress OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_gzio OF((const char *out, const char *in,
- Byte *uncompr, int uncomprLen));
-void test_deflate OF((Byte *compr, uLong comprLen));
-void test_inflate OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_large_deflate OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_large_inflate OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_flush OF((Byte *compr, uLong comprLen));
-void test_sync OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-void test_dict_deflate OF((Byte *compr, uLong comprLen));
-void test_dict_inflate OF((Byte *compr, uLong comprLen,
- Byte *uncompr, uLong uncomprLen));
-int main OF((int argc, char *argv[]));
-
-/* ===========================================================================
- * Test compress() and uncompress()
- */
-void test_compress(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- uLong len = strlen(hello)+1;
-
- err = compress(compr, &comprLen, (const Bytef*)hello, len);
- CHECK_ERR(err, "compress");
-
- strcpy((char*)uncompr, "garbage");
-
- err = uncompress(uncompr, &uncomprLen, compr, comprLen);
- CHECK_ERR(err, "uncompress");
-
- if (strcmp((char*)uncompr, hello)) {
- fprintf(stderr, "bad uncompress\n");
- } else {
- printf("uncompress(): %s\n", uncompr);
- }
-}
-
-/* ===========================================================================
- * Test read/write of .gz files
- */
-void test_gzio(out, in, uncompr, uncomprLen)
- const char *out; /* output file */
- const char *in; /* input file */
- Byte *uncompr;
- int uncomprLen;
-{
- int err;
- int len = strlen(hello)+1;
- gzFile file;
-
- file = gzopen(out, "wb");
- if (file == NULL) {
- fprintf(stderr, "gzopen error\n");
- exit(1);
- }
-
- if (gzwrite(file, (const voidp)hello, (unsigned)len) != len) {
- fprintf(stderr, "gzwrite err: %s\n", gzerror(file, &err));
- }
- gzclose(file);
-
- file = gzopen(in, "rb");
- if (file == NULL) {
- fprintf(stderr, "gzopen error\n");
- }
- strcpy((char*)uncompr, "garbage");
-
- uncomprLen = gzread(file, uncompr, (unsigned)uncomprLen);
- if (uncomprLen != len) {
- fprintf(stderr, "gzread err: %s\n", gzerror(file, &err));
- }
- gzclose(file);
-
- if (strcmp((char*)uncompr, hello)) {
- fprintf(stderr, "bad gzread\n");
- } else {
- printf("gzread(): %s\n", uncompr);
- }
-}
-
-/* ===========================================================================
- * Test deflate() with small buffers
- */
-void test_deflate(compr, comprLen)
- Byte *compr;
- uLong comprLen;
-{
- z_stream c_stream; /* compression stream */
- int err;
- int len = strlen(hello)+1;
-
- c_stream.zalloc = (alloc_func)0;
- c_stream.zfree = (free_func)0;
- c_stream.opaque = (voidpf)0;
-
- err = deflateInit(&c_stream, Z_DEFAULT_COMPRESSION);
- CHECK_ERR(err, "deflateInit");
-
- c_stream.next_in = (Bytef*)hello;
- c_stream.next_out = compr;
-
- while (c_stream.total_in != (uLong)len && c_stream.total_out < comprLen) {
- c_stream.avail_in = c_stream.avail_out = 1; /* force small buffers */
- err = deflate(&c_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "deflate");
- }
- /* Finish the stream, still forcing small buffers: */
- for (;;) {
- c_stream.avail_out = 1;
- err = deflate(&c_stream, Z_FINISH);
- if (err == Z_STREAM_END) break;
- CHECK_ERR(err, "deflate");
- }
-
- err = deflateEnd(&c_stream);
- CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflate() with small buffers
- */
-void test_inflate(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- z_stream d_stream; /* decompression stream */
-
- strcpy((char*)uncompr, "garbage");
-
- d_stream.zalloc = (alloc_func)0;
- d_stream.zfree = (free_func)0;
- d_stream.opaque = (voidpf)0;
-
- err = inflateInit(&d_stream);
- CHECK_ERR(err, "inflateInit");
-
- d_stream.next_in = compr;
- d_stream.next_out = uncompr;
-
- while (d_stream.total_out < uncomprLen && d_stream.total_in < comprLen) {
- d_stream.avail_in = d_stream.avail_out = 1; /* force small buffers */
- err = inflate(&d_stream, Z_NO_FLUSH);
- if (err == Z_STREAM_END) break;
- CHECK_ERR(err, "inflate");
- }
-
- err = inflateEnd(&d_stream);
- CHECK_ERR(err, "inflateEnd");
-
- if (strcmp((char*)uncompr, hello)) {
- fprintf(stderr, "bad inflate\n");
- } else {
- printf("inflate(): %s\n", uncompr);
- }
-}
-
-/* ===========================================================================
- * Test deflate() with large buffers and dynamic change of compression level
- */
-void test_large_deflate(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- z_stream c_stream; /* compression stream */
- int err;
-
- c_stream.zalloc = (alloc_func)0;
- c_stream.zfree = (free_func)0;
- c_stream.opaque = (voidpf)0;
-
- err = deflateInit(&c_stream, Z_BEST_SPEED);
- CHECK_ERR(err, "deflateInit");
-
- c_stream.next_out = compr;
- c_stream.avail_out = (uInt)comprLen;
-
- /* At this point, uncompr is still mostly zeroes, so it should compress
- * very well:
- */
- c_stream.next_in = uncompr;
- c_stream.avail_in = (uInt)uncomprLen;
- err = deflate(&c_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "deflate");
- if (c_stream.avail_in != 0) {
- fprintf(stderr, "deflate not greedy\n");
- }
-
- /* Feed in already compressed data and switch to no compression: */
- deflateParams(&c_stream, Z_NO_COMPRESSION, Z_DEFAULT_STRATEGY);
- c_stream.next_in = compr;
- c_stream.avail_in = (uInt)comprLen/2;
- err = deflate(&c_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "deflate");
-
- /* Switch back to compressing mode: */
- deflateParams(&c_stream, Z_BEST_COMPRESSION, Z_FILTERED);
- c_stream.next_in = uncompr;
- c_stream.avail_in = (uInt)uncomprLen;
- err = deflate(&c_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "deflate");
-
- err = deflate(&c_stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- fprintf(stderr, "deflate should report Z_STREAM_END\n");
- }
- err = deflateEnd(&c_stream);
- CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflate() with large buffers
- */
-void test_large_inflate(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- z_stream d_stream; /* decompression stream */
-
- strcpy((char*)uncompr, "garbage");
-
- d_stream.zalloc = (alloc_func)0;
- d_stream.zfree = (free_func)0;
- d_stream.opaque = (voidpf)0;
-
- err = inflateInit(&d_stream);
- CHECK_ERR(err, "inflateInit");
-
- d_stream.next_in = compr;
- d_stream.avail_in = (uInt)comprLen;
-
- for (;;) {
- d_stream.next_out = uncompr; /* discard the output */
- d_stream.avail_out = (uInt)uncomprLen;
- err = inflate(&d_stream, Z_NO_FLUSH);
- if (err == Z_STREAM_END) break;
- CHECK_ERR(err, "large inflate");
- }
-
- err = inflateEnd(&d_stream);
- CHECK_ERR(err, "inflateEnd");
-
- if (d_stream.total_out != 2*uncomprLen + comprLen/2) {
- fprintf(stderr, "bad large inflate: %ld\n", d_stream.total_out);
- } else {
- printf("large_inflate(): OK\n");
- }
-}
-
-/* ===========================================================================
- * Test deflate() with full flush
- */
-void test_flush(compr, comprLen)
- Byte *compr;
- uLong comprLen;
-{
- z_stream c_stream; /* compression stream */
- int err;
- int len = strlen(hello)+1;
-
- c_stream.zalloc = (alloc_func)0;
- c_stream.zfree = (free_func)0;
- c_stream.opaque = (voidpf)0;
-
- err = deflateInit(&c_stream, Z_DEFAULT_COMPRESSION);
- CHECK_ERR(err, "deflateInit");
-
- c_stream.next_in = (Bytef*)hello;
- c_stream.next_out = compr;
- c_stream.avail_in = 3;
- c_stream.avail_out = (uInt)comprLen;
- err = deflate(&c_stream, Z_FULL_FLUSH);
- CHECK_ERR(err, "deflate");
-
- compr[3]++; /* force an error in first compressed block */
- c_stream.avail_in = len - 3;
-
- err = deflate(&c_stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- CHECK_ERR(err, "deflate");
- }
- err = deflateEnd(&c_stream);
- CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflateSync()
- */
-void test_sync(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- z_stream d_stream; /* decompression stream */
-
- strcpy((char*)uncompr, "garbage");
-
- d_stream.zalloc = (alloc_func)0;
- d_stream.zfree = (free_func)0;
- d_stream.opaque = (voidpf)0;
-
- err = inflateInit(&d_stream);
- CHECK_ERR(err, "inflateInit");
-
- d_stream.next_in = compr;
- d_stream.next_out = uncompr;
- d_stream.avail_in = 2; /* just read the zlib header */
- d_stream.avail_out = (uInt)uncomprLen;
-
- inflate(&d_stream, Z_NO_FLUSH);
- CHECK_ERR(err, "inflate");
-
- d_stream.avail_in = (uInt)comprLen-2; /* read all compressed data */
- err = inflateSync(&d_stream); /* but skip the damaged part */
- CHECK_ERR(err, "inflateSync");
-
- err = inflate(&d_stream, Z_FINISH);
- if (err != Z_DATA_ERROR) {
- fprintf(stderr, "inflate should report DATA_ERROR\n");
- /* Because of incorrect adler32 */
- }
- err = inflateEnd(&d_stream);
- CHECK_ERR(err, "inflateEnd");
-
- printf("after inflateSync(): hel%s\n", uncompr);
-}
-
-/* ===========================================================================
- * Test deflate() with preset dictionary
- */
-void test_dict_deflate(compr, comprLen)
- Byte *compr;
- uLong comprLen;
-{
- z_stream c_stream; /* compression stream */
- int err;
-
- c_stream.zalloc = (alloc_func)0;
- c_stream.zfree = (free_func)0;
- c_stream.opaque = (voidpf)0;
-
- err = deflateInit(&c_stream, Z_BEST_COMPRESSION);
- CHECK_ERR(err, "deflateInit");
-
- err = deflateSetDictionary(&c_stream,
- (const Bytef*)dictionary, sizeof(dictionary));
- CHECK_ERR(err, "deflateSetDictionary");
-
- dictId = c_stream.adler;
- c_stream.next_out = compr;
- c_stream.avail_out = (uInt)comprLen;
-
- c_stream.next_in = (Bytef*)hello;
- c_stream.avail_in = (uInt)strlen(hello)+1;
-
- err = deflate(&c_stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- fprintf(stderr, "deflate should report Z_STREAM_END\n");
- }
- err = deflateEnd(&c_stream);
- CHECK_ERR(err, "deflateEnd");
-}
-
-/* ===========================================================================
- * Test inflate() with a preset dictionary
- */
-void test_dict_inflate(compr, comprLen, uncompr, uncomprLen)
- Byte *compr, *uncompr;
- uLong comprLen, uncomprLen;
-{
- int err;
- z_stream d_stream; /* decompression stream */
-
- strcpy((char*)uncompr, "garbage");
-
- d_stream.zalloc = (alloc_func)0;
- d_stream.zfree = (free_func)0;
- d_stream.opaque = (voidpf)0;
-
- err = inflateInit(&d_stream);
- CHECK_ERR(err, "inflateInit");
-
- d_stream.next_in = compr;
- d_stream.avail_in = (uInt)comprLen;
-
- d_stream.next_out = uncompr;
- d_stream.avail_out = (uInt)uncomprLen;
-
- for (;;) {
- err = inflate(&d_stream, Z_NO_FLUSH);
- if (err == Z_STREAM_END) break;
- if (err == Z_NEED_DICT) {
- if (d_stream.adler != dictId) {
- fprintf(stderr, "unexpected dictionary");
- exit(1);
- }
- err = inflateSetDictionary(&d_stream, (const Bytef*)dictionary,
- sizeof(dictionary));
- }
- CHECK_ERR(err, "inflate with dict");
- }
-
- err = inflateEnd(&d_stream);
- CHECK_ERR(err, "inflateEnd");
-
- if (strcmp((char*)uncompr, hello)) {
- fprintf(stderr, "bad inflate with dict\n");
- } else {
- printf("inflate with dictionary: %s\n", uncompr);
- }
-}
-
-/* ===========================================================================
- * Usage: example [output.gz [input.gz]]
- */
-
-int main(argc, argv)
- int argc;
- char *argv[];
-{
- Byte *compr, *uncompr;
- uLong comprLen = 10000*sizeof(int); /* don't overflow on MSDOS */
- uLong uncomprLen = comprLen;
-
- if (zlibVersion()[0] != ZLIB_VERSION[0]) {
- fprintf(stderr, "incompatible zlib version\n");
- exit(1);
-
- } else if (strcmp(zlibVersion(), ZLIB_VERSION) != 0) {
- fprintf(stderr, "warning: different zlib version\n");
- }
-
- compr = (Byte*)calloc((uInt)comprLen, 1);
- uncompr = (Byte*)calloc((uInt)uncomprLen, 1);
- /* compr and uncompr are cleared to avoid reading uninitialized
- * data and to ensure that uncompr compresses well.
- */
- if (compr == Z_NULL || uncompr == Z_NULL) {
- printf("out of memory\n");
- exit(1);
- }
-
- test_compress(compr, comprLen, uncompr, uncomprLen);
-
- test_gzio((argc > 1 ? argv[1] : "foo.gz"),
- (argc > 2 ? argv[2] : "foo.gz"),
- uncompr, (int)uncomprLen);
-
- test_deflate(compr, comprLen);
- test_inflate(compr, comprLen, uncompr, uncomprLen);
-
- test_large_deflate(compr, comprLen, uncompr, uncomprLen);
- test_large_inflate(compr, comprLen, uncompr, uncomprLen);
-
- test_flush(compr, comprLen);
- test_sync(compr, comprLen, uncompr, uncomprLen);
-
- test_dict_deflate(compr, comprLen);
- test_dict_inflate(compr, comprLen, uncompr, uncomprLen);
-
- exit(0);
- return 0; /* to avoid warning */
-}
diff --git a/security/nss/cmd/zlib/gzio.c b/security/nss/cmd/zlib/gzio.c
deleted file mode 100644
index c52d30d30..000000000
--- a/security/nss/cmd/zlib/gzio.c
+++ /dev/null
@@ -1,537 +0,0 @@
-/* gzio.c -- IO on .gz files
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-/* $Id$ */
-
-#include <stdio.h>
-
-#include "zutil.h"
-
-struct internal_state {int dummy;}; /* for buggy compilers */
-
-#define Z_BUFSIZE 4096
-
-#define ALLOC(size) malloc(size)
-#define TRYFREE(p) {if (p) free(p);}
-
-static int gz_magic[2] = {0x1f, 0x8b}; /* gzip magic header */
-
-/* gzip flag byte */
-#define ASCII_FLAG 0x01 /* bit 0 set: file probably ascii text */
-#define HEAD_CRC 0x02 /* bit 1 set: header CRC present */
-#define EXTRA_FIELD 0x04 /* bit 2 set: extra field present */
-#define ORIG_NAME 0x08 /* bit 3 set: original file name present */
-#define COMMENT 0x10 /* bit 4 set: file comment present */
-#define RESERVED 0xE0 /* bits 5..7: reserved */
-
-typedef struct gz_stream {
- z_stream stream;
- int z_err; /* error code for last stream operation */
- int z_eof; /* set if end of input file */
- FILE *file; /* .gz file */
- Byte *inbuf; /* input buffer */
- Byte *outbuf; /* output buffer */
- uLong crc; /* crc32 of uncompressed data */
- char *msg; /* error message */
- char *path; /* path name for debugging only */
- int transparent; /* 1 if input file is not a .gz file */
- char mode; /* 'w' or 'r' */
-} gz_stream;
-
-
-local gzFile gz_open OF((const char *path, const char *mode, int fd));
-local int get_byte OF((gz_stream *s));
-local void check_header OF((gz_stream *s));
-local int destroy OF((gz_stream *s));
-local void putLong OF((FILE *file, uLong x));
-local uLong getLong OF((gz_stream *s));
-
-/* ===========================================================================
- Opens a gzip (.gz) file for reading or writing. The mode parameter
- is as in fopen ("rb" or "wb"). The file is given either by file descriptor
- or path name (if fd == -1).
- gz_open return NULL if the file could not be opened or if there was
- insufficient memory to allocate the (de)compression state; errno
- can be checked to distinguish the two cases (if errno is zero, the
- zlib error is Z_MEM_ERROR).
-*/
-local gzFile gz_open (path, mode, fd)
- const char *path;
- const char *mode;
- int fd;
-{
- int err;
- int level = Z_DEFAULT_COMPRESSION; /* compression level */
- char *p = (char*)mode;
- gz_stream *s;
- char fmode[80]; /* copy of mode, without the compression level */
- char *m = fmode;
-
- if (!path || !mode) return Z_NULL;
-
- s = (gz_stream *)ALLOC(sizeof(gz_stream));
- if (!s) return Z_NULL;
-
- s->stream.zalloc = (alloc_func)0;
- s->stream.zfree = (free_func)0;
- s->stream.opaque = (voidpf)0;
- s->stream.next_in = s->inbuf = Z_NULL;
- s->stream.next_out = s->outbuf = Z_NULL;
- s->stream.avail_in = s->stream.avail_out = 0;
- s->file = NULL;
- s->z_err = Z_OK;
- s->z_eof = 0;
- s->crc = crc32(0L, Z_NULL, 0);
- s->msg = NULL;
- s->transparent = 0;
-
- s->path = (char*)ALLOC(strlen(path)+1);
- if (s->path == NULL) {
- return destroy(s), (gzFile)Z_NULL;
- }
- strcpy(s->path, path); /* do this early for debugging */
-
- s->mode = '\0';
- do {
- if (*p == 'r') s->mode = 'r';
- if (*p == 'w' || *p == 'a') s->mode = 'w';
- if (*p >= '0' && *p <= '9') {
- level = *p - '0';
- } else {
- *m++ = *p; /* copy the mode */
- }
- } while (*p++ && m != fmode + sizeof(fmode));
- if (s->mode == '\0') return destroy(s), (gzFile)Z_NULL;
-
- if (s->mode == 'w') {
- err = deflateInit2(&(s->stream), level,
- Z_DEFLATED, -MAX_WBITS, DEF_MEM_LEVEL, 0);
- /* windowBits is passed < 0 to suppress zlib header */
-
- s->stream.next_out = s->outbuf = (Byte*)ALLOC(Z_BUFSIZE);
-
- if (err != Z_OK || s->outbuf == Z_NULL) {
- return destroy(s), (gzFile)Z_NULL;
- }
- } else {
- err = inflateInit2(&(s->stream), -MAX_WBITS);
- s->stream.next_in = s->inbuf = (Byte*)ALLOC(Z_BUFSIZE);
-
- if (err != Z_OK || s->inbuf == Z_NULL) {
- return destroy(s), (gzFile)Z_NULL;
- }
- }
- s->stream.avail_out = Z_BUFSIZE;
-
- errno = 0;
- s->file = fd < 0 ? FOPEN(path, fmode) : (FILE*)fdopen(fd, fmode);
-
- if (s->file == NULL) {
- return destroy(s), (gzFile)Z_NULL;
- }
- if (s->mode == 'w') {
- /* Write a very simple .gz header:
- */
- fprintf(s->file, "%c%c%c%c%c%c%c%c%c%c", gz_magic[0], gz_magic[1],
- Z_DEFLATED, 0 /*flags*/, 0,0,0,0 /*time*/, 0 /*xflags*/, OS_CODE);
- } else {
- check_header(s); /* skip the .gz header */
- }
- return (gzFile)s;
-}
-
-/* ===========================================================================
- Opens a gzip (.gz) file for reading or writing.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzopen (const char *path, const char *mode)
-#else
-extern gzFile EXPORT gzopen OF((const char *path, const char *mode))
-#endif
-{
- return gz_open (path, mode, -1);
-}
-
-/* ===========================================================================
- Associate a gzFile with the file descriptor fd. fd is not dup'ed here
- to mimic the behavio(u)r of fdopen.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzdopen (int fd, const char *mode)
-#else
-extern gzFile EXPORT gzdopen OF((int fd, const char *mode))
-#endif
-{
- char name[20];
-
- if (fd < 0) return (gzFile)Z_NULL;
- sprintf(name, "<fd:%d>", fd); /* for debugging */
-
- return gz_open (name, mode, fd);
-}
-
-/* ===========================================================================
- Read a byte from a gz_stream; update next_in and avail_in. Return EOF
- for end of file.
- IN assertion: the stream s has been sucessfully opened for reading.
-*/
-local int get_byte(s)
- gz_stream *s;
-{
- if (s->z_eof) return EOF;
- if (s->stream.avail_in == 0) {
- errno = 0;
- s->stream.avail_in = fread(s->inbuf, 1, Z_BUFSIZE, s->file);
- if (s->stream.avail_in == 0) {
- s->z_eof = 1;
- if (ferror(s->file)) s->z_err = Z_ERRNO;
- return EOF;
- }
- s->stream.next_in = s->inbuf;
- }
- s->stream.avail_in--;
- return *(s->stream.next_in)++;
-}
-
-/* ===========================================================================
- Check the gzip header of a gz_stream opened for reading. Set the stream
- mode to transparent if the gzip magic header is not present; set s->err
- to Z_DATA_ERROR if the magic header is present but the rest of the header
- is incorrect.
- IN assertion: the stream s has already been created sucessfully;
- s->stream.avail_in is zero for the first time, but may be non-zero
- for concatenated .gz files.
-*/
-local void check_header(s)
- gz_stream *s;
-{
- int method; /* method byte */
- int flags; /* flags byte */
- uInt len;
- int c;
-
- /* Check the gzip magic header */
- for (len = 0; len < 2; len++) {
- c = get_byte(s);
- if (c != gz_magic[len]) {
- s->transparent = 1;
- if (c != EOF) s->stream.avail_in++, s->stream.next_in--;
- s->z_err = s->stream.avail_in != 0 ? Z_OK : Z_STREAM_END;
- return;
- }
- }
- method = get_byte(s);
- flags = get_byte(s);
- if (method != Z_DEFLATED || (flags & RESERVED) != 0) {
- s->z_err = Z_DATA_ERROR;
- return;
- }
-
- /* Discard time, xflags and OS code: */
- for (len = 0; len < 6; len++) (void)get_byte(s);
-
- if ((flags & EXTRA_FIELD) != 0) { /* skip the extra field */
- len = (uInt)get_byte(s);
- len += ((uInt)get_byte(s))<<8;
- /* len is garbage if EOF but the loop below will quit anyway */
- while (len-- != 0 && get_byte(s) != EOF) ;
- }
- if ((flags & ORIG_NAME) != 0) { /* skip the original file name */
- while ((c = get_byte(s)) != 0 && c != EOF) ;
- }
- if ((flags & COMMENT) != 0) { /* skip the .gz file comment */
- while ((c = get_byte(s)) != 0 && c != EOF) ;
- }
- if ((flags & HEAD_CRC) != 0) { /* skip the header crc */
- for (len = 0; len < 2; len++) (void)get_byte(s);
- }
- s->z_err = s->z_eof ? Z_DATA_ERROR : Z_OK;
-}
-
- /* ===========================================================================
- * Cleanup then free the given gz_stream. Return a zlib error code.
- Try freeing in the reverse order of allocations.
- */
-local int destroy (s)
- gz_stream *s;
-{
- int err = Z_OK;
-
- if (!s) return Z_STREAM_ERROR;
-
- TRYFREE(s->msg);
-
- if (s->stream.state != NULL) {
- if (s->mode == 'w') {
- err = deflateEnd(&(s->stream));
- } else if (s->mode == 'r') {
- err = inflateEnd(&(s->stream));
- }
- }
- if (s->file != NULL && fclose(s->file)) {
- err = Z_ERRNO;
- }
- if (s->z_err < 0) err = s->z_err;
-
- TRYFREE(s->inbuf);
- TRYFREE(s->outbuf);
- TRYFREE(s->path);
- TRYFREE(s);
- return err;
-}
-
-/* ===========================================================================
- Reads the given number of uncompressed bytes from the compressed file.
- gzread returns the number of bytes actually read (0 for end of file).
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzread (gzFile file, voidp buf, unsigned len)
-#else
-extern int EXPORT gzread OF((gzFile file, voidp buf, unsigned len))
-#endif
-{
- gz_stream *s = (gz_stream*)file;
- Bytef *start = buf; /* starting point for crc computation */
- Byte *next_out; /* == stream.next_out but not forced far (for MSDOS) */
-
- if (s == NULL || s->mode != 'r') return Z_STREAM_ERROR;
-
- if (s->z_err == Z_DATA_ERROR || s->z_err == Z_ERRNO) return -1;
- if (s->z_err == Z_STREAM_END) return 0; /* EOF */
-
- s->stream.next_out = next_out = buf;
- s->stream.avail_out = len;
-
- while (s->stream.avail_out != 0) {
-
- if (s->transparent) {
- /* Copy first the lookahead bytes: */
- uInt n = s->stream.avail_in;
- if (n > s->stream.avail_out) n = s->stream.avail_out;
- if (n > 0) {
- zmemcpy(s->stream.next_out, s->stream.next_in, n);
- next_out += n;
- s->stream.next_out = next_out;
- s->stream.next_in += n;
- s->stream.avail_out -= n;
- s->stream.avail_in -= n;
- }
- if (s->stream.avail_out > 0) {
- s->stream.avail_out -= fread(next_out, 1, s->stream.avail_out,
- s->file);
- }
- return (int)(len - s->stream.avail_out);
- }
- if (s->stream.avail_in == 0 && !s->z_eof) {
-
- errno = 0;
- s->stream.avail_in = fread(s->inbuf, 1, Z_BUFSIZE, s->file);
- if (s->stream.avail_in == 0) {
- s->z_eof = 1;
- if (ferror(s->file)) {
- s->z_err = Z_ERRNO;
- break;
- }
- }
- s->stream.next_in = s->inbuf;
- }
- s->z_err = inflate(&(s->stream), Z_NO_FLUSH);
-
- if (s->z_err == Z_STREAM_END) {
- /* Check CRC and original size */
- s->crc = crc32(s->crc, start, (uInt)(s->stream.next_out - start));
- start = s->stream.next_out;
-
- if (getLong(s) != s->crc || getLong(s) != s->stream.total_out) {
- s->z_err = Z_DATA_ERROR;
- } else {
- /* Check for concatenated .gz files: */
- check_header(s);
- if (s->z_err == Z_OK) {
- inflateReset(&(s->stream));
- s->crc = crc32(0L, Z_NULL, 0);
- }
- }
- }
- if (s->z_err != Z_OK || s->z_eof) break;
- }
- s->crc = crc32(s->crc, start, (uInt)(s->stream.next_out - start));
-
- return (int)(len - s->stream.avail_out);
-}
-
-/* ===========================================================================
- Writes the given number of uncompressed bytes into the compressed file.
- gzwrite returns the number of bytes actually written (0 in case of error).
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzwrite (gzFile file, const voidp buf, unsigned len)
-#else
-extern int EXPORT gzwrite OF((gzFile file, const voidp buf, unsigned len))
-#endif
-{
- gz_stream *s = (gz_stream*)file;
-
- if (s == NULL || s->mode != 'w') return Z_STREAM_ERROR;
-
- s->stream.next_in = buf;
- s->stream.avail_in = len;
-
- while (s->stream.avail_in != 0) {
-
- if (s->stream.avail_out == 0) {
-
- s->stream.next_out = s->outbuf;
- if (fwrite(s->outbuf, 1, Z_BUFSIZE, s->file) != Z_BUFSIZE) {
- s->z_err = Z_ERRNO;
- break;
- }
- s->stream.avail_out = Z_BUFSIZE;
- }
- s->z_err = deflate(&(s->stream), Z_NO_FLUSH);
- if (s->z_err != Z_OK) break;
- }
- s->crc = crc32(s->crc, buf, len);
-
- return (int)(len - s->stream.avail_in);
-}
-
-/* ===========================================================================
- Flushes all pending output into the compressed file. The parameter
- flush is as in the deflate() function.
- gzflush should be called only when strictly necessary because it can
- degrade compression.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzflush (gzFile file, int flush)
-#else
-extern int EXPORT gzflush OF((gzFile file, int flush))
-#endif
-{
- uInt len;
- int done = 0;
- gz_stream *s = (gz_stream*)file;
-
- if (s == NULL || s->mode != 'w') return Z_STREAM_ERROR;
-
- s->stream.avail_in = 0; /* should be zero already anyway */
-
- for (;;) {
- len = Z_BUFSIZE - s->stream.avail_out;
-
- if (len != 0) {
- if ((uInt)fwrite(s->outbuf, 1, len, s->file) != len) {
- s->z_err = Z_ERRNO;
- return Z_ERRNO;
- }
- s->stream.next_out = s->outbuf;
- s->stream.avail_out = Z_BUFSIZE;
- }
- if (done) break;
- s->z_err = deflate(&(s->stream), flush);
-
- /* deflate has finished flushing only when it hasn't used up
- * all the available space in the output buffer:
- */
- done = (s->stream.avail_out != 0 || s->z_err == Z_STREAM_END);
-
- if (s->z_err != Z_OK && s->z_err != Z_STREAM_END) break;
- }
- fflush(s->file);
- return s->z_err == Z_STREAM_END ? Z_OK : s->z_err;
-}
-
-/* ===========================================================================
- Outputs a long in LSB order to the given file
-*/
-local void putLong (file, x)
- FILE *file;
- uLong x;
-{
- int n;
- for (n = 0; n < 4; n++) {
- fputc((int)(x & 0xff), file);
- x >>= 8;
- }
-}
-
-/* ===========================================================================
- Reads a long in LSB order from the given gz_stream. Sets
-*/
-local uLong getLong (s)
- gz_stream *s;
-{
- uLong x = (uLong)get_byte(s);
- int c;
-
- x += ((uLong)get_byte(s))<<8;
- x += ((uLong)get_byte(s))<<16;
- c = get_byte(s);
- if (c == EOF) s->z_err = Z_DATA_ERROR;
- x += ((uLong)c)<<24;
- return x;
-}
-
-/* ===========================================================================
- Flushes all pending output if necessary, closes the compressed file
- and deallocates all the (de)compression state.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzclose (gzFile file)
-#else
-extern int EXPORT gzclose OF((gzFile file))
-#endif
-{
- int err;
- gz_stream *s = (gz_stream*)file;
-
- if (s == NULL) return Z_STREAM_ERROR;
-
- if (s->mode == 'w') {
- err = gzflush (file, Z_FINISH);
- if (err != Z_OK) return destroy(file);
-
- putLong (s->file, s->crc);
- putLong (s->file, s->stream.total_in);
-
- }
- return destroy(file);
-}
-
-/* ===========================================================================
- Returns the error message for the last error which occured on the
- given compressed file. errnum is set to zlib error number. If an
- error occured in the file system and not in the compression library,
- errnum is set to Z_ERRNO and the application may consult errno
- to get the exact error code.
-*/
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) gzerror (gzFile file, int *errnum)
-#else
-extern const char * EXPORT gzerror OF((gzFile file, int *errnum))
-#endif
-{
- char *m;
- gz_stream *s = (gz_stream*)file;
-
- if (s == NULL) {
- *errnum = Z_STREAM_ERROR;
- return (const char*)ERR_MSG(Z_STREAM_ERROR);
- }
- *errnum = s->z_err;
- if (*errnum == Z_OK) return (const char*)"";
-
- m = (char*)(*errnum == Z_ERRNO ? zstrerror(errno) : s->stream.msg);
-
- if (m == NULL || *m == '\0') m = (char*)ERR_MSG(s->z_err);
-
- TRYFREE(s->msg);
- s->msg = (char*)ALLOC(strlen(s->path) + strlen(m) + 3);
- strcpy(s->msg, s->path);
- strcat(s->msg, ": ");
- strcat(s->msg, m);
- return (const char*)s->msg;
-}
diff --git a/security/nss/cmd/zlib/infblock.c b/security/nss/cmd/zlib/infblock.c
deleted file mode 100644
index 8eddbafed..000000000
--- a/security/nss/cmd/zlib/infblock.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/* infblock.c -- interpret and process block types to last block
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-#include "zutil.h"
-#include "infblock.h"
-#include "inftrees.h"
-#include "infcodes.h"
-#include "infutil.h"
-
-struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-
-/* Table for deflate from PKZIP's appnote.txt. */
-local uInt border[] = { /* Order of the bit length code lengths */
- 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
-
-/*
- Notes beyond the 1.93a appnote.txt:
-
- 1. Distance pointers never point before the beginning of the output
- stream.
- 2. Distance pointers can point back across blocks, up to 32k away.
- 3. There is an implied maximum of 7 bits for the bit length table and
- 15 bits for the actual data.
- 4. If only one code exists, then it is encoded using one bit. (Zero
- would be more efficient, but perhaps a little confusing.) If two
- codes exist, they are coded using one bit each (0 and 1).
- 5. There is no way of sending zero distance codes--a dummy must be
- sent if there are none. (History: a pre 2.0 version of PKZIP would
- store blocks with no distance codes, but this was discovered to be
- too harsh a criterion.) Valid only for 1.93a. 2.04c does allow
- zero distance codes, which is sent as one code of zero bits in
- length.
- 6. There are up to 286 literal/length codes. Code 256 represents the
- end-of-block. Note however that the static length tree defines
- 288 codes just to fill out the Huffman codes. Codes 286 and 287
- cannot be used though, since there is no length base or extra bits
- defined for them. Similarily, there are up to 30 distance codes.
- However, static trees define 32 codes (all 5 bits) to fill out the
- Huffman codes, but the last two had better not show up in the data.
- 7. Unzip can check dynamic Huffman blocks for complete code sets.
- The exception is that a single code would not be complete (see #4).
- 8. The five bits following the block type is really the number of
- literal codes sent minus 257.
- 9. Length codes 8,16,16 are interpreted as 13 length codes of 8 bits
- (1+6+6). Therefore, to output three times the length, you output
- three codes (1+1+1), whereas to output four times the same length,
- you only need two codes (1+3). Hmm.
- 10. In the tree reconstruction algorithm, Code = Code + Increment
- only if BitLength(i) is not zero. (Pretty obvious.)
- 11. Correction: 4 Bits: # of Bit Length codes - 4 (4 - 19)
- 12. Note: length code 284 can represent 227-258, but length code 285
- really is 258. The last length deserves its own, short code
- since it gets used a lot in very redundant files. The length
- 258 is special since 258 - 3 (the min match length) is 255.
- 13. The literal/length and distance code bit lengths are read as a
- single stream of lengths. It is possible (and advantageous) for
- a repeat code (16, 17, or 18) to go across the boundary between
- the two sets of lengths.
- */
-
-
-void inflate_blocks_reset(s, z, c)
-inflate_blocks_statef *s;
-z_streamp z;
-uLongf *c;
-{
- if (s->checkfn != Z_NULL)
- *c = s->check;
- if (s->mode == BTREE || s->mode == DTREE)
- ZFREE(z, s->sub.trees.blens);
- if (s->mode == CODES)
- {
- inflate_codes_free(s->sub.decode.codes, z);
- inflate_trees_free(s->sub.decode.td, z);
- inflate_trees_free(s->sub.decode.tl, z);
- }
- s->mode = TYPE;
- s->bitk = 0;
- s->bitb = 0;
- s->read = s->write = s->window;
- if (s->checkfn != Z_NULL)
- z->adler = s->check = (*s->checkfn)(0L, Z_NULL, 0);
- Trace((stderr, "inflate: blocks reset\n"));
-}
-
-
-inflate_blocks_statef *inflate_blocks_new(z, c, w)
-z_streamp z;
-check_func c;
-uInt w;
-{
- inflate_blocks_statef *s;
-
- if ((s = (inflate_blocks_statef *)ZALLOC
- (z,1,sizeof(struct inflate_blocks_state))) == Z_NULL)
- return s;
- if ((s->window = (Bytef *)ZALLOC(z, 1, w)) == Z_NULL)
- {
- ZFREE(z, s);
- return Z_NULL;
- }
- s->end = s->window + w;
- s->checkfn = c;
- s->mode = TYPE;
- Trace((stderr, "inflate: blocks allocated\n"));
- inflate_blocks_reset(s, z, &s->check);
- return s;
-}
-
-
-#ifdef DEBUG
- extern uInt inflate_hufts;
-#endif
-int inflate_blocks(s, z, r)
-inflate_blocks_statef *s;
-z_streamp z;
-int r;
-{
- uInt t; /* temporary storage */
- uLong b; /* bit buffer */
- uInt k; /* bits in bit buffer */
- Bytef *p; /* input data pointer */
- uInt n; /* bytes available there */
- Bytef *q; /* output window write pointer */
- uInt m; /* bytes to end of window or read pointer */
-
- /* copy input/output information to locals (UPDATE macro restores) */
- LOAD
-
- /* process input based on current state */
- while (1) switch (s->mode)
- {
- case TYPE:
- NEEDBITS(3)
- t = (uInt)b & 7;
- s->last = t & 1;
- switch (t >> 1)
- {
- case 0: /* stored */
- Trace((stderr, "inflate: stored block%s\n",
- s->last ? " (last)" : ""));
- DUMPBITS(3)
- t = k & 7; /* go to byte boundary */
- DUMPBITS(t)
- s->mode = LENS; /* get length of stored block */
- break;
- case 1: /* fixed */
- Trace((stderr, "inflate: fixed codes block%s\n",
- s->last ? " (last)" : ""));
- {
- uInt bl, bd;
- inflate_huft *tl, *td;
-
- inflate_trees_fixed(&bl, &bd, &tl, &td);
- s->sub.decode.codes = inflate_codes_new(bl, bd, tl, td, z);
- if (s->sub.decode.codes == Z_NULL)
- {
- r = Z_MEM_ERROR;
- LEAVE
- }
- s->sub.decode.tl = Z_NULL; /* don't try to free these */
- s->sub.decode.td = Z_NULL;
- }
- DUMPBITS(3)
- s->mode = CODES;
- break;
- case 2: /* dynamic */
- Trace((stderr, "inflate: dynamic codes block%s\n",
- s->last ? " (last)" : ""));
- DUMPBITS(3)
- s->mode = TABLE;
- break;
- case 3: /* illegal */
- DUMPBITS(3)
- s->mode = BAD;
- z->msg = (char*)"invalid block type";
- r = Z_DATA_ERROR;
- LEAVE
- }
- break;
- case LENS:
- NEEDBITS(32)
- if ((((~b) >> 16) & 0xffff) != (b & 0xffff))
- {
- s->mode = BAD;
- z->msg = (char*)"invalid stored block lengths";
- r = Z_DATA_ERROR;
- LEAVE
- }
- s->sub.left = (uInt)b & 0xffff;
- b = k = 0; /* dump bits */
- Tracev((stderr, "inflate: stored length %u\n", s->sub.left));
- s->mode = s->sub.left ? STORED : (s->last ? DRY : TYPE);
- break;
- case STORED:
- if (n == 0)
- LEAVE
- NEEDOUT
- t = s->sub.left;
- if (t > n) t = n;
- if (t > m) t = m;
- zmemcpy(q, p, t);
- p += t; n -= t;
- q += t; m -= t;
- if ((s->sub.left -= t) != 0)
- break;
- Tracev((stderr, "inflate: stored end, %lu total out\n",
- z->total_out + (q >= s->read ? q - s->read :
- (s->end - s->read) + (q - s->window))));
- s->mode = s->last ? DRY : TYPE;
- break;
- case TABLE:
- NEEDBITS(14)
- s->sub.trees.table = t = (uInt)b & 0x3fff;
-#ifndef PKZIP_BUG_WORKAROUND
- if ((t & 0x1f) > 29 || ((t >> 5) & 0x1f) > 29)
- {
- s->mode = BAD;
- z->msg = (char*)"too many length or distance symbols";
- r = Z_DATA_ERROR;
- LEAVE
- }
-#endif
- t = 258 + (t & 0x1f) + ((t >> 5) & 0x1f);
- if (t < 19)
- t = 19;
- if ((s->sub.trees.blens = (uIntf*)ZALLOC(z, t, sizeof(uInt))) == Z_NULL)
- {
- r = Z_MEM_ERROR;
- LEAVE
- }
- DUMPBITS(14)
- s->sub.trees.index = 0;
- Tracev((stderr, "inflate: table sizes ok\n"));
- s->mode = BTREE;
- case BTREE:
- while (s->sub.trees.index < 4 + (s->sub.trees.table >> 10))
- {
- NEEDBITS(3)
- s->sub.trees.blens[border[s->sub.trees.index++]] = (uInt)b & 7;
- DUMPBITS(3)
- }
- while (s->sub.trees.index < 19)
- s->sub.trees.blens[border[s->sub.trees.index++]] = 0;
- s->sub.trees.bb = 7;
- t = inflate_trees_bits(s->sub.trees.blens, &s->sub.trees.bb,
- &s->sub.trees.tb, z);
- if (t != Z_OK)
- {
- ZFREE(z, s->sub.trees.blens);
- r = t;
- if (r == Z_DATA_ERROR)
- s->mode = BAD;
- LEAVE
- }
- s->sub.trees.index = 0;
- Tracev((stderr, "inflate: bits tree ok\n"));
- s->mode = DTREE;
- case DTREE:
- while (t = s->sub.trees.table,
- s->sub.trees.index < 258 + (t & 0x1f) + ((t >> 5) & 0x1f))
- {
- inflate_huft *h;
- uInt i, j, c;
-
- t = s->sub.trees.bb;
- NEEDBITS(t)
- h = s->sub.trees.tb + ((uInt)b & inflate_mask[t]);
- t = h->word.what.Bits;
- c = h->more.Base;
- if (c < 16)
- {
- DUMPBITS(t)
- s->sub.trees.blens[s->sub.trees.index++] = c;
- }
- else /* c == 16..18 */
- {
- i = c == 18 ? 7 : c - 14;
- j = c == 18 ? 11 : 3;
- NEEDBITS(t + i)
- DUMPBITS(t)
- j += (uInt)b & inflate_mask[i];
- DUMPBITS(i)
- i = s->sub.trees.index;
- t = s->sub.trees.table;
- if (i + j > 258 + (t & 0x1f) + ((t >> 5) & 0x1f) ||
- (c == 16 && i < 1))
- {
- inflate_trees_free(s->sub.trees.tb, z);
- ZFREE(z, s->sub.trees.blens);
- s->mode = BAD;
- z->msg = (char*)"invalid bit length repeat";
- r = Z_DATA_ERROR;
- LEAVE
- }
- c = c == 16 ? s->sub.trees.blens[i - 1] : 0;
- do {
- s->sub.trees.blens[i++] = c;
- } while (--j);
- s->sub.trees.index = i;
- }
- }
- inflate_trees_free(s->sub.trees.tb, z);
- s->sub.trees.tb = Z_NULL;
- {
- uInt bl, bd;
- inflate_huft *tl, *td;
- inflate_codes_statef *c;
-
- bl = 9; /* must be <= 9 for lookahead assumptions */
- bd = 6; /* must be <= 9 for lookahead assumptions */
- t = s->sub.trees.table;
-#ifdef DEBUG
- inflate_hufts = 0;
-#endif
- t = inflate_trees_dynamic(257 + (t & 0x1f), 1 + ((t >> 5) & 0x1f),
- s->sub.trees.blens, &bl, &bd, &tl, &td, z);
- ZFREE(z, s->sub.trees.blens);
- if (t != Z_OK)
- {
- if (t == (uInt)Z_DATA_ERROR)
- s->mode = BAD;
- r = t;
- LEAVE
- }
- Tracev((stderr, "inflate: trees ok, %d * %d bytes used\n",
- inflate_hufts, sizeof(inflate_huft)));
- if ((c = inflate_codes_new(bl, bd, tl, td, z)) == Z_NULL)
- {
- inflate_trees_free(td, z);
- inflate_trees_free(tl, z);
- r = Z_MEM_ERROR;
- LEAVE
- }
- s->sub.decode.codes = c;
- s->sub.decode.tl = tl;
- s->sub.decode.td = td;
- }
- s->mode = CODES;
- case CODES:
- UPDATE
- if ((r = inflate_codes(s, z, r)) != Z_STREAM_END)
- return inflate_flush(s, z, r);
- r = Z_OK;
- inflate_codes_free(s->sub.decode.codes, z);
- inflate_trees_free(s->sub.decode.td, z);
- inflate_trees_free(s->sub.decode.tl, z);
- LOAD
- Tracev((stderr, "inflate: codes end, %lu total out\n",
- z->total_out + (q >= s->read ? q - s->read :
- (s->end - s->read) + (q - s->window))));
- if (!s->last)
- {
- s->mode = TYPE;
- break;
- }
- if (k > 7) /* return unused byte, if any */
- {
- Assert(k < 16, "inflate_codes grabbed too many bytes")
- k -= 8;
- n++;
- p--; /* can always return one */
- }
- s->mode = DRY;
- case DRY:
- FLUSH
- if (s->read != s->write)
- LEAVE
- s->mode = DONE;
- case DONE:
- r = Z_STREAM_END;
- LEAVE
- case BAD:
- r = Z_DATA_ERROR;
- LEAVE
- default:
- r = Z_STREAM_ERROR;
- LEAVE
- }
-}
-
-
-int inflate_blocks_free(s, z, c)
-inflate_blocks_statef *s;
-z_streamp z;
-uLongf *c;
-{
- inflate_blocks_reset(s, z, c);
- ZFREE(z, s->window);
- ZFREE(z, s);
- Trace((stderr, "inflate: blocks freed\n"));
- return Z_OK;
-}
-
-
-void inflate_set_dictionary(s, d, n)
-inflate_blocks_statef *s;
-const Bytef *d;
-uInt n;
-{
- zmemcpy((charf *)s->window, d, n);
- s->read = s->write = s->window + n;
-}
diff --git a/security/nss/cmd/zlib/infblock.h b/security/nss/cmd/zlib/infblock.h
deleted file mode 100644
index 3ecd50cd3..000000000
--- a/security/nss/cmd/zlib/infblock.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* infblock.h -- header to use infblock.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-struct inflate_blocks_state;
-typedef struct inflate_blocks_state FAR inflate_blocks_statef;
-
-extern inflate_blocks_statef * inflate_blocks_new OF((
- z_streamp z,
- check_func c, /* check function */
- uInt w)); /* window size */
-
-extern int inflate_blocks OF((
- inflate_blocks_statef *,
- z_streamp ,
- int)); /* initial return code */
-
-extern void inflate_blocks_reset OF((
- inflate_blocks_statef *,
- z_streamp ,
- uLongf *)); /* check value on output */
-
-extern int inflate_blocks_free OF((
- inflate_blocks_statef *,
- z_streamp ,
- uLongf *)); /* check value on output */
-
-extern void inflate_set_dictionary OF((
- inflate_blocks_statef *s,
- const Bytef *d, /* dictionary */
- uInt n)); /* dictionary length */
diff --git a/security/nss/cmd/zlib/infcodes.c b/security/nss/cmd/zlib/infcodes.c
deleted file mode 100644
index 3ae3818a1..000000000
--- a/security/nss/cmd/zlib/infcodes.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* infcodes.c -- process literals and length/distance pairs
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-#include "zutil.h"
-#include "inftrees.h"
-#include "infblock.h"
-#include "infcodes.h"
-#include "infutil.h"
-#include "inffast.h"
-
-/* simplify the use of the inflate_huft type with some defines */
-#define base more.Base
-#define next more.Next
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-/* inflate codes private state */
-struct inflate_codes_state {
-
- /* mode */
- enum { /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
- START, /* x: set up for LEN */
- LEN, /* i: get length/literal/eob next */
- LENEXT, /* i: getting length extra (have base) */
- DIST, /* i: get distance next */
- DISTEXT, /* i: getting distance extra */
- COPY, /* o: copying bytes in window, waiting for space */
- LIT, /* o: got literal, waiting for output space */
- WASH, /* o: got eob, possibly still output waiting */
- END, /* x: got eob and all data flushed */
- BADCODE} /* x: got error */
- mode; /* current inflate_codes mode */
-
- /* mode dependent information */
- uInt len;
- union {
- struct {
- inflate_huft *tree; /* pointer into tree */
- uInt need; /* bits needed */
- } code; /* if LEN or DIST, where in tree */
- uInt lit; /* if LIT, literal */
- struct {
- uInt get; /* bits to get for extra */
- uInt dist; /* distance back to copy from */
- } copy; /* if EXT or COPY, where and how much */
- } sub; /* submode */
-
- /* mode independent information */
- Byte lbits; /* ltree bits decoded per branch */
- Byte dbits; /* dtree bits decoder per branch */
- inflate_huft *ltree; /* literal/length/eob tree */
- inflate_huft *dtree; /* distance tree */
-
-};
-
-
-inflate_codes_statef *inflate_codes_new(bl, bd, tl, td, z)
-uInt bl, bd;
-inflate_huft *tl;
-inflate_huft *td; /* need separate declaration for Borland C++ */
-z_streamp z;
-{
- inflate_codes_statef *c;
-
- if ((c = (inflate_codes_statef *)
- ZALLOC(z,1,sizeof(struct inflate_codes_state))) != Z_NULL)
- {
- c->mode = START;
- c->lbits = (Byte)bl;
- c->dbits = (Byte)bd;
- c->ltree = tl;
- c->dtree = td;
- Tracev((stderr, "inflate: codes new\n"));
- }
- return c;
-}
-
-
-int inflate_codes(s, z, r)
-inflate_blocks_statef *s;
-z_streamp z;
-int r;
-{
- uInt j; /* temporary storage */
- inflate_huft *t; /* temporary pointer */
- uInt e; /* extra bits or operation */
- uLong b; /* bit buffer */
- uInt k; /* bits in bit buffer */
- Bytef *p; /* input data pointer */
- uInt n; /* bytes available there */
- Bytef *q; /* output window write pointer */
- uInt m; /* bytes to end of window or read pointer */
- Bytef *f; /* pointer to copy strings from */
- inflate_codes_statef *c = s->sub.decode.codes; /* codes state */
-
- /* copy input/output information to locals (UPDATE macro restores) */
- LOAD
-
- /* process input and output based on current state */
- while (1) switch (c->mode)
- { /* waiting for "i:"=input, "o:"=output, "x:"=nothing */
- case START: /* x: set up for LEN */
-#ifndef SLOW
- if (m >= 258 && n >= 10)
- {
- UPDATE
- r = inflate_fast(c->lbits, c->dbits, c->ltree, c->dtree, s, z);
- LOAD
- if (r != Z_OK)
- {
- c->mode = r == Z_STREAM_END ? WASH : BADCODE;
- break;
- }
- }
-#endif /* !SLOW */
- c->sub.code.need = c->lbits;
- c->sub.code.tree = c->ltree;
- c->mode = LEN;
- case LEN: /* i: get length/literal/eob next */
- j = c->sub.code.need;
- NEEDBITS(j)
- t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
- DUMPBITS(t->bits)
- e = (uInt)(t->exop);
- if (e == 0) /* literal */
- {
- c->sub.lit = t->base;
- Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
- "inflate: literal '%c'\n" :
- "inflate: literal 0x%02x\n", t->base));
- c->mode = LIT;
- break;
- }
- if (e & 16) /* length */
- {
- c->sub.copy.get = e & 15;
- c->len = t->base;
- c->mode = LENEXT;
- break;
- }
- if ((e & 64) == 0) /* next table */
- {
- c->sub.code.need = e;
- c->sub.code.tree = t->next;
- break;
- }
- if (e & 32) /* end of block */
- {
- Tracevv((stderr, "inflate: end of block\n"));
- c->mode = WASH;
- break;
- }
- c->mode = BADCODE; /* invalid code */
- z->msg = (char*)"invalid literal/length code";
- r = Z_DATA_ERROR;
- LEAVE
- case LENEXT: /* i: getting length extra (have base) */
- j = c->sub.copy.get;
- NEEDBITS(j)
- c->len += (uInt)b & inflate_mask[j];
- DUMPBITS(j)
- c->sub.code.need = c->dbits;
- c->sub.code.tree = c->dtree;
- Tracevv((stderr, "inflate: length %u\n", c->len));
- c->mode = DIST;
- case DIST: /* i: get distance next */
- j = c->sub.code.need;
- NEEDBITS(j)
- t = c->sub.code.tree + ((uInt)b & inflate_mask[j]);
- DUMPBITS(t->bits)
- e = (uInt)(t->exop);
- if (e & 16) /* distance */
- {
- c->sub.copy.get = e & 15;
- c->sub.copy.dist = t->base;
- c->mode = DISTEXT;
- break;
- }
- if ((e & 64) == 0) /* next table */
- {
- c->sub.code.need = e;
- c->sub.code.tree = t->next;
- break;
- }
- c->mode = BADCODE; /* invalid code */
- z->msg = (char*)"invalid distance code";
- r = Z_DATA_ERROR;
- LEAVE
- case DISTEXT: /* i: getting distance extra */
- j = c->sub.copy.get;
- NEEDBITS(j)
- c->sub.copy.dist += (uInt)b & inflate_mask[j];
- DUMPBITS(j)
- Tracevv((stderr, "inflate: distance %u\n", c->sub.copy.dist));
- c->mode = COPY;
- case COPY: /* o: copying bytes in window, waiting for space */
-#ifndef __TURBOC__ /* Turbo C bug for following expression */
- f = (uInt)(q - s->window) < c->sub.copy.dist ?
- s->end - (c->sub.copy.dist - (q - s->window)) :
- q - c->sub.copy.dist;
-#else
- f = q - c->sub.copy.dist;
- if ((uInt)(q - s->window) < c->sub.copy.dist)
- f = s->end - (c->sub.copy.dist - (uInt)(q - s->window));
-#endif
- while (c->len)
- {
- NEEDOUT
- OUTBYTE(*f++)
- if (f == s->end)
- f = s->window;
- c->len--;
- }
- c->mode = START;
- break;
- case LIT: /* o: got literal, waiting for output space */
- NEEDOUT
- OUTBYTE(c->sub.lit)
- c->mode = START;
- break;
- case WASH: /* o: got eob, possibly more output */
- FLUSH
- if (s->read != s->write)
- LEAVE
- c->mode = END;
- case END:
- r = Z_STREAM_END;
- LEAVE
- case BADCODE: /* x: got error */
- r = Z_DATA_ERROR;
- LEAVE
- default:
- r = Z_STREAM_ERROR;
- LEAVE
- }
-}
-
-
-void inflate_codes_free(c, z)
-inflate_codes_statef *c;
-z_streamp z;
-{
- ZFREE(z, c);
- Tracev((stderr, "inflate: codes free\n"));
-}
diff --git a/security/nss/cmd/zlib/infcodes.h b/security/nss/cmd/zlib/infcodes.h
deleted file mode 100644
index c2c38df2c..000000000
--- a/security/nss/cmd/zlib/infcodes.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* infcodes.h -- header to use infcodes.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-struct inflate_codes_state;
-typedef struct inflate_codes_state FAR inflate_codes_statef;
-
-extern inflate_codes_statef *inflate_codes_new OF((
- uInt, uInt,
- inflate_huft *, inflate_huft *,
- z_streamp ));
-
-extern int inflate_codes OF((
- inflate_blocks_statef *,
- z_streamp ,
- int));
-
-extern void inflate_codes_free OF((
- inflate_codes_statef *,
- z_streamp ));
-
diff --git a/security/nss/cmd/zlib/inffast.c b/security/nss/cmd/zlib/inffast.c
deleted file mode 100644
index 86eee4a29..000000000
--- a/security/nss/cmd/zlib/inffast.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* inffast.c -- process literals and length/distance pairs fast
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-#include "zutil.h"
-#include "inftrees.h"
-#include "infblock.h"
-#include "infcodes.h"
-#include "infutil.h"
-#include "inffast.h"
-
-struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-
-/* simplify the use of the inflate_huft type with some defines */
-#define base more.Base
-#define next more.Next
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-/* macros for bit input with no checking and for returning unused bytes */
-#define GRABBITS(j) {while(k<(j)){b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-#define UNGRAB {n+=(c=k>>3);p-=c;k&=7;}
-
-/* Called with number of bytes left to write in window at least 258
- (the maximum string length) and number of input bytes available
- at least ten. The ten bytes are six bytes for the longest length/
- distance pair plus four bytes for overloading the bit buffer. */
-
-int inflate_fast(bl, bd, tl, td, s, z)
-uInt bl, bd;
-inflate_huft *tl;
-inflate_huft *td; /* need separate declaration for Borland C++ */
-inflate_blocks_statef *s;
-z_streamp z;
-{
- inflate_huft *t; /* temporary pointer */
- uInt e; /* extra bits or operation */
- uLong b; /* bit buffer */
- uInt k; /* bits in bit buffer */
- Bytef *p; /* input data pointer */
- uInt n; /* bytes available there */
- Bytef *q; /* output window write pointer */
- uInt m; /* bytes to end of window or read pointer */
- uInt ml; /* mask for literal/length tree */
- uInt md; /* mask for distance tree */
- uInt c; /* bytes to copy */
- uInt d; /* distance back to copy from */
- Bytef *r; /* copy source pointer */
-
- /* load input, output, bit values */
- LOAD
-
- /* initialize masks */
- ml = inflate_mask[bl];
- md = inflate_mask[bd];
-
- /* do until not enough input or output space for fast loop */
- do { /* assume called with m >= 258 && n >= 10 */
- /* get literal/length code */
- GRABBITS(20) /* max bits for literal/length code */
- if ((e = (t = tl + ((uInt)b & ml))->exop) == 0)
- {
- DUMPBITS(t->bits)
- Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
- "inflate: * literal '%c'\n" :
- "inflate: * literal 0x%02x\n", t->base));
- *q++ = (Byte)t->base;
- m--;
- continue;
- }
- do {
- DUMPBITS(t->bits)
- if (e & 16)
- {
- /* get extra bits for length */
- e &= 15;
- c = t->base + ((uInt)b & inflate_mask[e]);
- DUMPBITS(e)
- Tracevv((stderr, "inflate: * length %u\n", c));
-
- /* decode distance base of block to copy */
- GRABBITS(15); /* max bits for distance code */
- e = (t = td + ((uInt)b & md))->exop;
- do {
- DUMPBITS(t->bits)
- if (e & 16)
- {
- /* get extra bits to add to distance base */
- e &= 15;
- GRABBITS(e) /* get extra bits (up to 13) */
- d = t->base + ((uInt)b & inflate_mask[e]);
- DUMPBITS(e)
- Tracevv((stderr, "inflate: * distance %u\n", d));
-
- /* do the copy */
- m -= c;
- if ((uInt)(q - s->window) >= d) /* offset before dest */
- { /* just copy */
- r = q - d;
- *q++ = *r++; c--; /* minimum count is three, */
- *q++ = *r++; c--; /* so unroll loop a little */
- }
- else /* else offset after destination */
- {
- e = d - (uInt)(q - s->window); /* bytes from offset to end */
- r = s->end - e; /* pointer to offset */
- if (c > e) /* if source crosses, */
- {
- c -= e; /* copy to end of window */
- do {
- *q++ = *r++;
- } while (--e);
- r = s->window; /* copy rest from start of window */
- }
- }
- do { /* copy all or what's left */
- *q++ = *r++;
- } while (--c);
- break;
- }
- else if ((e & 64) == 0)
- e = (t = t->next + ((uInt)b & inflate_mask[e]))->exop;
- else
- {
- z->msg = (char*)"invalid distance code";
- UNGRAB
- UPDATE
- return Z_DATA_ERROR;
- }
- } while (1);
- break;
- }
- if ((e & 64) == 0)
- {
- if ((e = (t = t->next + ((uInt)b & inflate_mask[e]))->exop) == 0)
- {
- DUMPBITS(t->bits)
- Tracevv((stderr, t->base >= 0x20 && t->base < 0x7f ?
- "inflate: * literal '%c'\n" :
- "inflate: * literal 0x%02x\n", t->base));
- *q++ = (Byte)t->base;
- m--;
- break;
- }
- }
- else if (e & 32)
- {
- Tracevv((stderr, "inflate: * end of block\n"));
- UNGRAB
- UPDATE
- return Z_STREAM_END;
- }
- else
- {
- z->msg = (char*)"invalid literal/length code";
- UNGRAB
- UPDATE
- return Z_DATA_ERROR;
- }
- } while (1);
- } while (m >= 258 && n >= 10);
-
- /* not enough input or output--restore pointers and return */
- UNGRAB
- UPDATE
- return Z_OK;
-}
diff --git a/security/nss/cmd/zlib/inffast.h b/security/nss/cmd/zlib/inffast.h
deleted file mode 100644
index 8cc644efb..000000000
--- a/security/nss/cmd/zlib/inffast.h
+++ /dev/null
@@ -1,17 +0,0 @@
-/* inffast.h -- header to use inffast.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-extern int inflate_fast OF((
- uInt,
- uInt,
- inflate_huft *,
- inflate_huft *,
- inflate_blocks_statef *,
- z_streamp ));
diff --git a/security/nss/cmd/zlib/inflate.c b/security/nss/cmd/zlib/inflate.c
deleted file mode 100644
index 8cd0c141c..000000000
--- a/security/nss/cmd/zlib/inflate.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/* inflate.c -- zlib interface to inflate modules
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-#include "zutil.h"
-#include "infblock.h"
-
-struct inflate_blocks_state {int dummy;}; /* for buggy compilers */
-
-/* inflate private state */
-struct internal_state {
-
- /* mode */
- enum {
- METHOD, /* waiting for method byte */
- FLAG, /* waiting for flag byte */
- DICT4, /* four dictionary check bytes to go */
- DICT3, /* three dictionary check bytes to go */
- DICT2, /* two dictionary check bytes to go */
- DICT1, /* one dictionary check byte to go */
- DICT0, /* waiting for inflateSetDictionary */
- BLOCKS, /* decompressing blocks */
- CHECK4, /* four check bytes to go */
- CHECK3, /* three check bytes to go */
- CHECK2, /* two check bytes to go */
- CHECK1, /* one check byte to go */
- DONE, /* finished check, done */
- BAD} /* got an error--stay here */
- mode; /* current inflate mode */
-
- /* mode dependent information */
- union {
- uInt method; /* if FLAGS, method byte */
- struct {
- uLong was; /* computed check value */
- uLong need; /* stream check value */
- } check; /* if CHECK, check values to compare */
- uInt marker; /* if BAD, inflateSync's marker bytes count */
- } sub; /* submode */
-
- /* mode independent information */
- int nowrap; /* flag for no wrapper */
- uInt wbits; /* log2(window size) (8..15, defaults to 15) */
- inflate_blocks_statef
- *blocks; /* current inflate_blocks state */
-
-};
-
-
-PR_PUBLIC_API(int) inflateReset(z)
-z_streamp z;
-{
- uLong c;
-
- if (z == Z_NULL || z->state == Z_NULL)
- return Z_STREAM_ERROR;
- z->total_in = z->total_out = 0;
- z->msg = Z_NULL;
- z->state->mode = z->state->nowrap ? BLOCKS : METHOD;
- inflate_blocks_reset(z->state->blocks, z, &c);
- Trace((stderr, "inflate: reset\n"));
- return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateEnd(z)
-z_streamp z;
-{
- uLong c;
-
- if (z == Z_NULL || z->state == Z_NULL || z->zfree == Z_NULL)
- return Z_STREAM_ERROR;
- if (z->state->blocks != Z_NULL)
- inflate_blocks_free(z->state->blocks, z, &c);
- ZFREE(z, z->state);
- z->state = Z_NULL;
- Trace((stderr, "inflate: end\n"));
- return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateInit2_(z, w, version, stream_size)
-z_streamp z;
-int w;
-const char *version;
-int stream_size;
-{
- if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
- stream_size != sizeof(z_stream))
- return Z_VERSION_ERROR;
-
- /* initialize state */
- if (z == Z_NULL)
- return Z_STREAM_ERROR;
- z->msg = Z_NULL;
- if (z->zalloc == Z_NULL)
- {
- z->zalloc = zcalloc;
- z->opaque = (voidpf)0;
- }
- if (z->zfree == Z_NULL) z->zfree = zcfree;
- if ((z->state = (struct internal_state FAR *)
- ZALLOC(z,1,sizeof(struct internal_state))) == Z_NULL)
- return Z_MEM_ERROR;
- z->state->blocks = Z_NULL;
-
- /* handle undocumented nowrap option (no zlib header or check) */
- z->state->nowrap = 0;
- if (w < 0)
- {
- w = - w;
- z->state->nowrap = 1;
- }
-
- /* set window size */
- if (w < 8 || w > 15)
- {
- inflateEnd(z);
- return Z_STREAM_ERROR;
- }
- z->state->wbits = (uInt)w;
-
- /* create inflate_blocks state */
- if ((z->state->blocks =
- inflate_blocks_new(z, z->state->nowrap ? Z_NULL : adler32, (uInt)1 << w))
- == Z_NULL)
- {
- inflateEnd(z);
- return Z_MEM_ERROR;
- }
- Trace((stderr, "inflate: allocated\n"));
-
- /* reset state */
- inflateReset(z);
- return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateInit_(z, version, stream_size)
-z_streamp z;
-const char *version;
-int stream_size;
-{
- return inflateInit2_(z, DEF_WBITS, version, stream_size);
-}
-
-
-#define NEEDBYTE {if(z->avail_in==0)return r;r=Z_OK;}
-#define NEXTBYTE (z->avail_in--,z->total_in++,*z->next_in++)
-
-PR_PUBLIC_API(int) inflate(z, f)
-z_streamp z;
-int f;
-{
- int r;
- uInt b;
-
- if (z == Z_NULL || z->state == Z_NULL || z->next_in == Z_NULL || f < 0)
- return Z_STREAM_ERROR;
- r = Z_BUF_ERROR;
- while (1) switch (z->state->mode)
- {
- case METHOD:
- NEEDBYTE
- if (((z->state->sub.method = NEXTBYTE) & 0xf) != Z_DEFLATED)
- {
- z->state->mode = BAD;
- z->msg = (char*)"unknown compression method";
- z->state->sub.marker = 5; /* can't try inflateSync */
- break;
- }
- if ((z->state->sub.method >> 4) + 8 > z->state->wbits)
- {
- z->state->mode = BAD;
- z->msg = (char*)"invalid window size";
- z->state->sub.marker = 5; /* can't try inflateSync */
- break;
- }
- z->state->mode = FLAG;
- case FLAG:
- NEEDBYTE
- b = NEXTBYTE;
- if (((z->state->sub.method << 8) + b) % 31)
- {
- z->state->mode = BAD;
- z->msg = (char*)"incorrect header check";
- z->state->sub.marker = 5; /* can't try inflateSync */
- break;
- }
- Trace((stderr, "inflate: zlib header ok\n"));
- if (!(b & PRESET_DICT))
- {
- z->state->mode = BLOCKS;
- break;
- }
- z->state->mode = DICT4;
- case DICT4:
- NEEDBYTE
- z->state->sub.check.need = (uLong)NEXTBYTE << 24;
- z->state->mode = DICT3;
- case DICT3:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE << 16;
- z->state->mode = DICT2;
- case DICT2:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE << 8;
- z->state->mode = DICT1;
- case DICT1:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE;
- z->adler = z->state->sub.check.need;
- z->state->mode = DICT0;
- return Z_NEED_DICT;
- case DICT0:
- z->state->mode = BAD;
- z->msg = (char*)"need dictionary";
- z->state->sub.marker = 0; /* can try inflateSync */
- return Z_STREAM_ERROR;
- case BLOCKS:
- r = inflate_blocks(z->state->blocks, z, r);
- if (r == Z_DATA_ERROR)
- {
- z->state->mode = BAD;
- z->state->sub.marker = 0; /* can try inflateSync */
- break;
- }
- if (r != Z_STREAM_END)
- return r;
- r = Z_OK;
- inflate_blocks_reset(z->state->blocks, z, &z->state->sub.check.was);
- if (z->state->nowrap)
- {
- z->state->mode = DONE;
- break;
- }
- z->state->mode = CHECK4;
- case CHECK4:
- NEEDBYTE
- z->state->sub.check.need = (uLong)NEXTBYTE << 24;
- z->state->mode = CHECK3;
- case CHECK3:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE << 16;
- z->state->mode = CHECK2;
- case CHECK2:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE << 8;
- z->state->mode = CHECK1;
- case CHECK1:
- NEEDBYTE
- z->state->sub.check.need += (uLong)NEXTBYTE;
-
- if (z->state->sub.check.was != z->state->sub.check.need)
- {
- z->state->mode = BAD;
- z->msg = (char*)"incorrect data check";
- z->state->sub.marker = 5; /* can't try inflateSync */
- break;
- }
- Trace((stderr, "inflate: zlib check ok\n"));
- z->state->mode = DONE;
- case DONE:
- return Z_STREAM_END;
- case BAD:
- return Z_DATA_ERROR;
- default:
- return Z_STREAM_ERROR;
- }
-}
-
-
-PR_PUBLIC_API(int) inflateSetDictionary(z, dictionary, dictLength)
-z_streamp z;
-const Bytef *dictionary;
-uInt dictLength;
-{
- uInt length = dictLength;
-
- if (z == Z_NULL || z->state == Z_NULL || z->state->mode != DICT0)
- return Z_STREAM_ERROR;
-
- if (adler32(1L, dictionary, dictLength) != z->adler) return Z_DATA_ERROR;
- z->adler = 1L;
-
- if (length >= ((uInt)1<<z->state->wbits))
- {
- length = (1<<z->state->wbits)-1;
- dictionary += dictLength - length;
- }
- inflate_set_dictionary(z->state->blocks, dictionary, length);
- z->state->mode = BLOCKS;
- return Z_OK;
-}
-
-
-PR_PUBLIC_API(int) inflateSync(z)
-z_streamp z;
-{
- uInt n; /* number of bytes to look at */
- Bytef *p; /* pointer to bytes */
- uInt m; /* number of marker bytes found in a row */
- uLong r, w; /* temporaries to save total_in and total_out */
-
- /* set up */
- if (z == Z_NULL || z->state == Z_NULL)
- return Z_STREAM_ERROR;
- if (z->state->mode != BAD)
- {
- z->state->mode = BAD;
- z->state->sub.marker = 0;
- }
- if ((n = z->avail_in) == 0)
- return Z_BUF_ERROR;
- p = z->next_in;
- m = z->state->sub.marker;
-
- /* search */
- while (n && m < 4)
- {
- if (*p == (Byte)(m < 2 ? 0 : 0xff))
- m++;
- else if (*p)
- m = 0;
- else
- m = 4 - m;
- p++, n--;
- }
-
- /* restore */
- z->total_in += p - z->next_in;
- z->next_in = p;
- z->avail_in = n;
- z->state->sub.marker = m;
-
- /* return no joy or set up to restart on a new block */
- if (m != 4)
- return Z_DATA_ERROR;
- r = z->total_in; w = z->total_out;
- inflateReset(z);
- z->total_in = r; z->total_out = w;
- z->state->mode = BLOCKS;
- return Z_OK;
-}
diff --git a/security/nss/cmd/zlib/inftrees.c b/security/nss/cmd/zlib/inftrees.c
deleted file mode 100644
index 91dc00375..000000000
--- a/security/nss/cmd/zlib/inftrees.c
+++ /dev/null
@@ -1,479 +0,0 @@
-/* inftrees.c -- generate Huffman trees for efficient decoding
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-
-#include "zutil.h"
-#include "inftrees.h"
-
-char inflate_copyright[] = " inflate 1.0.4 Copyright 1995-1996 Mark Adler ";
-/*
- If you use the zlib library in a product, an acknowledgment is welcome
- in the documentation of your product. If for some reason you cannot
- include such an acknowledgment, I would appreciate that you keep this
- copyright string in the executable of your product.
- */
-struct internal_state {int dummy;}; /* for buggy compilers */
-
-/* simplify the use of the inflate_huft type with some defines */
-#define base more.Base
-#define next more.Next
-#define exop word.what.Exop
-#define bits word.what.Bits
-
-
-local int huft_build OF((
- uIntf *, /* code lengths in bits */
- uInt, /* number of codes */
- uInt, /* number of "simple" codes */
- uIntf *, /* list of base values for non-simple codes */
- uIntf *, /* list of extra bits for non-simple codes */
- inflate_huft * FAR*,/* result: starting table */
- uIntf *, /* maximum lookup bits (returns actual) */
- z_streamp )); /* for zalloc function */
-
-local voidpf falloc OF((
- voidpf, /* opaque pointer (not used) */
- uInt, /* number of items */
- uInt)); /* size of item */
-
-/* Tables for deflate from PKZIP's appnote.txt. */
-local uInt cplens[31] = { /* Copy lengths for literal codes 257..285 */
- 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
- 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
- /* see note #13 above about 258 */
-local uInt cplext[31] = { /* Extra bits for literal codes 257..285 */
- 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2,
- 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 112, 112}; /* 112==invalid */
-local uInt cpdist[30] = { /* Copy offsets for distance codes 0..29 */
- 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
- 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
- 8193, 12289, 16385, 24577};
-local uInt cpdext[30] = { /* Extra bits for distance codes */
- 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6,
- 7, 7, 8, 8, 9, 9, 10, 10, 11, 11,
- 12, 12, 13, 13};
-
-/*
- Huffman code decoding is performed using a multi-level table lookup.
- The fastest way to decode is to simply build a lookup table whose
- size is determined by the longest code. However, the time it takes
- to build this table can also be a factor if the data being decoded
- is not very long. The most common codes are necessarily the
- shortest codes, so those codes dominate the decoding time, and hence
- the speed. The idea is you can have a shorter table that decodes the
- shorter, more probable codes, and then point to subsidiary tables for
- the longer codes. The time it costs to decode the longer codes is
- then traded against the time it takes to make longer tables.
-
- This results of this trade are in the variables lbits and dbits
- below. lbits is the number of bits the first level table for literal/
- length codes can decode in one step, and dbits is the same thing for
- the distance codes. Subsequent tables are also less than or equal to
- those sizes. These values may be adjusted either when all of the
- codes are shorter than that, in which case the longest code length in
- bits is used, or when the shortest code is *longer* than the requested
- table size, in which case the length of the shortest code in bits is
- used.
-
- There are two different values for the two tables, since they code a
- different number of possibilities each. The literal/length table
- codes 286 possible values, or in a flat code, a little over eight
- bits. The distance table codes 30 possible values, or a little less
- than five bits, flat. The optimum values for speed end up being
- about one bit more than those, so lbits is 8+1 and dbits is 5+1.
- The optimum values may differ though from machine to machine, and
- possibly even between compilers. Your mileage may vary.
- */
-
-
-/* If BMAX needs to be larger than 16, then h and x[] should be uLong. */
-#define BMAX 15 /* maximum bit length of any code */
-#define N_MAX 288 /* maximum number of codes in any set */
-
-#ifdef DEBUG
- uInt inflate_hufts;
-#endif
-
-local int huft_build(b, n, s, d, e, t, m, zs)
-uIntf *b; /* code lengths in bits (all assumed <= BMAX) */
-uInt n; /* number of codes (assumed <= N_MAX) */
-uInt s; /* number of simple-valued codes (0..s-1) */
-uIntf *d; /* list of base values for non-simple codes */
-uIntf *e; /* list of extra bits for non-simple codes */
-inflate_huft * FAR *t; /* result: starting table */
-uIntf *m; /* maximum lookup bits, returns actual */
-z_streamp zs; /* for zalloc function */
-/* Given a list of code lengths and a maximum table size, make a set of
- tables to decode that set of codes. Return Z_OK on success, Z_BUF_ERROR
- if the given code set is incomplete (the tables are still built in this
- case), Z_DATA_ERROR if the input is invalid (an over-subscribed set of
- set of lengths), or Z_MEM_ERROR if not enough memory. */
-{
-
- uInt a; /* counter for codes of length k */
- uInt c[BMAX+1]; /* bit length count table */
- uInt f; /* i repeats in table every f entries */
- int g; /* maximum code length */
- int h; /* table level */
- register uInt i; /* counter, current code */
- register uInt j; /* counter */
- register int k; /* number of bits in current code */
- int l; /* bits per table (returned in m) */
- register uIntf *p; /* pointer into c[], b[], or v[] */
- inflate_huft *q; /* points to current table */
- struct inflate_huft_s r; /* table entry for structure assignment */
- inflate_huft *u[BMAX]; /* table stack */
- uInt v[N_MAX]; /* values in order of bit length */
- register int w; /* bits before this table == (l * h) */
- uInt x[BMAX+1]; /* bit offsets, then code stack */
- uIntf *xp; /* pointer into x */
- int y; /* number of dummy codes added */
- uInt z; /* number of entries in current table */
-
-
- /* Generate counts for each bit length */
- p = c;
-#define C0 *p++ = 0;
-#define C2 C0 C0 C0 C0
-#define C4 C2 C2 C2 C2
- C4 /* clear c[]--assume BMAX+1 is 16 */
- p = b; i = n;
- do {
- c[*p++]++; /* assume all entries <= BMAX */
- } while (--i);
- if (c[0] == n) /* null input--all zero length codes */
- {
- *t = (inflate_huft *)Z_NULL;
- *m = 0;
- return Z_OK;
- }
-
-
- /* Find minimum and maximum length, bound *m by those */
- l = *m;
- for (j = 1; j <= BMAX; j++)
- if (c[j])
- break;
- k = j; /* minimum code length */
- if ((uInt)l < j)
- l = j;
- for (i = BMAX; i; i--)
- if (c[i])
- break;
- g = i; /* maximum code length */
- if ((uInt)l > i)
- l = i;
- *m = l;
-
-
- /* Adjust last length count to fill out codes, if needed */
- for (y = 1 << j; j < i; j++, y <<= 1)
- if ((y -= c[j]) < 0)
- return Z_DATA_ERROR;
- if ((y -= c[i]) < 0)
- return Z_DATA_ERROR;
- c[i] += y;
-
-
- /* Generate starting offsets into the value table for each length */
- x[1] = j = 0;
- p = c + 1; xp = x + 2;
- while (--i) { /* note that i == g from above */
- *xp++ = (j += *p++);
- }
-
-
- /* Make a table of values in order of bit lengths */
- p = b; i = 0;
- do {
- if ((j = *p++) != 0)
- v[x[j]++] = i;
- } while (++i < n);
- n = x[g]; /* set n to length of v */
-
-
- /* Generate the Huffman codes and for each, make the table entries */
- x[0] = i = 0; /* first Huffman code is zero */
- p = v; /* grab values in bit order */
- h = -1; /* no tables yet--level -1 */
- w = -l; /* bits decoded == (l * h) */
- u[0] = (inflate_huft *)Z_NULL; /* just to keep compilers happy */
- q = (inflate_huft *)Z_NULL; /* ditto */
- z = 0; /* ditto */
-
- /* go through the bit lengths (k already is bits in shortest code) */
- for (; k <= g; k++)
- {
- a = c[k];
- while (a--)
- {
- /* here i is the Huffman code of length k bits for value *p */
- /* make tables up to required level */
- while (k > w + l)
- {
- h++;
- w += l; /* previous table always l bits */
-
- /* compute minimum size table less than or equal to l bits */
- z = g - w;
- z = z > (uInt)l ? l : z; /* table size upper limit */
- if ((f = 1 << (j = k - w)) > a + 1) /* try a k-w bit table */
- { /* too few codes for k-w bit table */
- f -= a + 1; /* deduct codes from patterns left */
- xp = c + k;
- if (j < z)
- while (++j < z) /* try smaller tables up to z bits */
- {
- if ((f <<= 1) <= *++xp)
- break; /* enough codes to use up j bits */
- f -= *xp; /* else deduct codes from patterns */
- }
- }
- z = 1 << j; /* table entries for j-bit table */
-
- /* allocate and link in new table */
- if ((q = (inflate_huft *)ZALLOC
- (zs,z + 1,sizeof(inflate_huft))) == Z_NULL)
- {
- if (h)
- inflate_trees_free(u[0], zs);
- return Z_MEM_ERROR; /* not enough memory */
- }
-#ifdef DEBUG
- inflate_hufts += z + 1;
-#endif
- *t = q + 1; /* link to list for huft_free() */
- *(t = &(q->next)) = Z_NULL;
- u[h] = ++q; /* table starts after link */
-
- /* connect to last table, if there is one */
- if (h)
- {
- x[h] = i; /* save pattern for backing up */
- r.bits = (Byte)l; /* bits to dump before this table */
- r.exop = (Byte)j; /* bits in this table */
- r.next = q; /* pointer to this table */
- j = i >> (w - l); /* (get around Turbo C bug) */
- u[h-1][j] = r; /* connect to last table */
- }
- }
-
- /* set up table entry in r */
- r.bits = (Byte)(k - w);
- if (p >= v + n)
- r.exop = 128 + 64; /* out of values--invalid code */
- else if (*p < s)
- {
- r.exop = (Byte)(*p < 256 ? 0 : 32 + 64); /* 256 is end-of-block */
- r.base = *p++; /* simple code is just the value */
- }
- else
- {
- r.exop = (Byte)(e[*p - s] + 16 + 64);/* non-simple--look up in lists */
- r.base = d[*p++ - s];
- }
-
- /* fill code-like entries with r */
- f = 1 << (k - w);
- for (j = i >> w; j < z; j += f)
- q[j] = r;
-
- /* backwards increment the k-bit code i */
- for (j = 1 << (k - 1); i & j; j >>= 1)
- i ^= j;
- i ^= j;
-
- /* backup over finished tables */
- while ((i & ((1 << w) - 1)) != x[h])
- {
- h--; /* don't need to update q */
- w -= l;
- }
- }
- }
-
-
- /* Return Z_BUF_ERROR if we were given an incomplete table */
- return y != 0 && g != 1 ? Z_BUF_ERROR : Z_OK;
-}
-
-
-int inflate_trees_bits(c, bb, tb, z)
-uIntf *c; /* 19 code lengths */
-uIntf *bb; /* bits tree desired/actual depth */
-inflate_huft * FAR *tb; /* bits tree result */
-z_streamp z; /* for zfree function */
-{
- int r;
-
- r = huft_build(c, 19, 19, (uIntf*)Z_NULL, (uIntf*)Z_NULL, tb, bb, z);
- if (r == Z_DATA_ERROR)
- z->msg = (char*)"oversubscribed dynamic bit lengths tree";
- else if (r == Z_BUF_ERROR || *bb == 0)
- {
- inflate_trees_free(*tb, z);
- z->msg = (char*)"incomplete dynamic bit lengths tree";
- r = Z_DATA_ERROR;
- }
- return r;
-}
-
-
-int inflate_trees_dynamic(nl, nd, c, bl, bd, tl, td, z)
-uInt nl; /* number of literal/length codes */
-uInt nd; /* number of distance codes */
-uIntf *c; /* that many (total) code lengths */
-uIntf *bl; /* literal desired/actual bit depth */
-uIntf *bd; /* distance desired/actual bit depth */
-inflate_huft * FAR *tl; /* literal/length tree result */
-inflate_huft * FAR *td; /* distance tree result */
-z_streamp z; /* for zfree function */
-{
- int r;
-
- /* build literal/length tree */
- r = huft_build(c, nl, 257, cplens, cplext, tl, bl, z);
- if (r != Z_OK || *bl == 0)
- {
- if (r == Z_DATA_ERROR)
- z->msg = (char*)"oversubscribed literal/length tree";
- else if (r != Z_MEM_ERROR)
- {
- inflate_trees_free(*tl, z);
- z->msg = (char*)"incomplete literal/length tree";
- r = Z_DATA_ERROR;
- }
- return r;
- }
-
- /* build distance tree */
- r = huft_build(c + nl, nd, 0, cpdist, cpdext, td, bd, z);
- if (r != Z_OK || (*bd == 0 && nl > 257))
- {
- if (r == Z_DATA_ERROR)
- z->msg = (char*)"oversubscribed literal/length tree";
- else if (r == Z_BUF_ERROR) {
-#ifdef PKZIP_BUG_WORKAROUND
- r = Z_OK;
- }
-#else
- inflate_trees_free(*td, z);
- z->msg = (char*)"incomplete distance tree";
- r = Z_DATA_ERROR;
- }
- else if (r != Z_MEM_ERROR)
- {
- z->msg = (char*)"empty distance tree with lengths";
- r = Z_DATA_ERROR;
- }
- inflate_trees_free(*tl, z);
- return r;
-#endif
- }
-
- /* done */
- return Z_OK;
-}
-
-
-/* build fixed tables only once--keep them here */
-local int fixed_built = 0;
-#define FIXEDH 530 /* number of hufts used by fixed tables */
-local inflate_huft fixed_mem[FIXEDH];
-local uInt fixed_bl;
-local uInt fixed_bd;
-local inflate_huft *fixed_tl;
-local inflate_huft *fixed_td;
-
-
-local voidpf falloc(q, n, s)
-voidpf q; /* opaque pointer */
-uInt n; /* number of items */
-uInt s; /* size of item */
-{
- Assert(s == sizeof(inflate_huft) && n <= *(intf *)q,
- "inflate_trees falloc overflow");
- *(intf *)q -= n+s-s; /* s-s to avoid warning */
- return (voidpf)(fixed_mem + *(intf *)q);
-}
-
-
-int inflate_trees_fixed(bl, bd, tl, td)
-uIntf *bl; /* literal desired/actual bit depth */
-uIntf *bd; /* distance desired/actual bit depth */
-inflate_huft * FAR *tl; /* literal/length tree result */
-inflate_huft * FAR *td; /* distance tree result */
-{
- /* build fixed tables if not already (multiple overlapped executions ok) */
- if (!fixed_built)
- {
- int k; /* temporary variable */
- unsigned c[288]; /* length list for huft_build */
- z_stream z; /* for falloc function */
- int f = FIXEDH; /* number of hufts left in fixed_mem */
-
- /* set up fake z_stream for memory routines */
- z.zalloc = falloc;
- z.zfree = Z_NULL;
- z.opaque = (voidpf)&f;
-
- /* literal table */
- for (k = 0; k < 144; k++)
- c[k] = 8;
- for (; k < 256; k++)
- c[k] = 9;
- for (; k < 280; k++)
- c[k] = 7;
- for (; k < 288; k++)
- c[k] = 8;
- fixed_bl = 7;
- huft_build(c, 288, 257, cplens, cplext, &fixed_tl, &fixed_bl, &z);
-
- /* distance table */
- for (k = 0; k < 30; k++)
- c[k] = 5;
- fixed_bd = 5;
- huft_build(c, 30, 0, cpdist, cpdext, &fixed_td, &fixed_bd, &z);
-
- /* done */
- Assert(f == 0, "invalid build of fixed tables");
- fixed_built = 1;
- }
- *bl = fixed_bl;
- *bd = fixed_bd;
- *tl = fixed_tl;
- *td = fixed_td;
- return Z_OK;
-}
-
-
-int inflate_trees_free(t, z)
-inflate_huft *t; /* table to free */
-z_streamp z; /* for zfree function */
-/* Free the malloc'ed tables built by huft_build(), which makes a linked
- list of the tables it made, with the links in a dummy first entry of
- each table. */
-{
- register inflate_huft *p, *q, *r;
-
- /* Reverse linked list */
- p = Z_NULL;
- q = t;
- while (q != Z_NULL)
- {
- r = (q - 1)->next;
- (q - 1)->next = p;
- p = q;
- q = r;
- }
- /* Go through linked list, freeing from the malloced (t[-1]) address. */
- while (p != Z_NULL)
- {
- q = (--p)->next;
- ZFREE(z,p);
- p = q;
- }
- return Z_OK;
-}
diff --git a/security/nss/cmd/zlib/inftrees.h b/security/nss/cmd/zlib/inftrees.h
deleted file mode 100644
index b06613ddd..000000000
--- a/security/nss/cmd/zlib/inftrees.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/* inftrees.h -- header to use inftrees.c
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-/* Huffman code lookup table entry--this entry is four bytes for machines
- that have 16-bit pointers (e.g. PC's in the small or medium model). */
-
-typedef struct inflate_huft_s FAR inflate_huft;
-
-struct inflate_huft_s {
- union {
- struct {
- Byte Exop; /* number of extra bits or operation */
- Byte Bits; /* number of bits in this code or subcode */
- } what;
- Bytef *pad; /* pad structure to a power of 2 (4 bytes for */
- } word; /* 16-bit, 8 bytes for 32-bit machines) */
- union {
- uInt Base; /* literal, length base, or distance base */
- inflate_huft *Next; /* pointer to next level of table */
- } more;
-};
-
-#ifdef DEBUG
- extern uInt inflate_hufts;
-#endif
-
-extern int inflate_trees_bits OF((
- uIntf *, /* 19 code lengths */
- uIntf *, /* bits tree desired/actual depth */
- inflate_huft * FAR *, /* bits tree result */
- z_streamp )); /* for zalloc, zfree functions */
-
-extern int inflate_trees_dynamic OF((
- uInt, /* number of literal/length codes */
- uInt, /* number of distance codes */
- uIntf *, /* that many (total) code lengths */
- uIntf *, /* literal desired/actual bit depth */
- uIntf *, /* distance desired/actual bit depth */
- inflate_huft * FAR *, /* literal/length tree result */
- inflate_huft * FAR *, /* distance tree result */
- z_streamp )); /* for zalloc, zfree functions */
-
-extern int inflate_trees_fixed OF((
- uIntf *, /* literal desired/actual bit depth */
- uIntf *, /* distance desired/actual bit depth */
- inflate_huft * FAR *, /* literal/length tree result */
- inflate_huft * FAR *)); /* distance tree result */
-
-extern int inflate_trees_free OF((
- inflate_huft *, /* tables to free */
- z_streamp )); /* for zfree function */
-
diff --git a/security/nss/cmd/zlib/infutil.c b/security/nss/cmd/zlib/infutil.c
deleted file mode 100644
index eb21199c3..000000000
--- a/security/nss/cmd/zlib/infutil.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* inflate_util.c -- data and routines common to blocks and codes
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-#include "zutil.h"
-#include "infblock.h"
-#include "inftrees.h"
-#include "infcodes.h"
-#include "infutil.h"
-
-struct inflate_codes_state {int dummy;}; /* for buggy compilers */
-
-/* And'ing with mask[n] masks the lower n bits */
-uInt inflate_mask[17] = {
- 0x0000,
- 0x0001, 0x0003, 0x0007, 0x000f, 0x001f, 0x003f, 0x007f, 0x00ff,
- 0x01ff, 0x03ff, 0x07ff, 0x0fff, 0x1fff, 0x3fff, 0x7fff, 0xffff
-};
-
-
-/* copy as much as possible from the sliding window to the output area */
-int inflate_flush(s, z, r)
-inflate_blocks_statef *s;
-z_streamp z;
-int r;
-{
- uInt n;
- Bytef *p;
- Bytef *q;
-
- /* local copies of source and destination pointers */
- p = z->next_out;
- q = s->read;
-
- /* compute number of bytes to copy as far as end of window */
- n = (uInt)((q <= s->write ? s->write : s->end) - q);
- if (n > z->avail_out) n = z->avail_out;
- if (n && r == Z_BUF_ERROR) r = Z_OK;
-
- /* update counters */
- z->avail_out -= n;
- z->total_out += n;
-
- /* update check information */
- if (s->checkfn != Z_NULL)
- z->adler = s->check = (*s->checkfn)(s->check, q, n);
-
- /* copy as far as end of window */
- zmemcpy(p, q, n);
- p += n;
- q += n;
-
- /* see if more to copy at beginning of window */
- if (q == s->end)
- {
- /* wrap pointers */
- q = s->window;
- if (s->write == s->end)
- s->write = s->window;
-
- /* compute bytes to copy */
- n = (uInt)(s->write - q);
- if (n > z->avail_out) n = z->avail_out;
- if (n && r == Z_BUF_ERROR) r = Z_OK;
-
- /* update counters */
- z->avail_out -= n;
- z->total_out += n;
-
- /* update check information */
- if (s->checkfn != Z_NULL)
- z->adler = s->check = (*s->checkfn)(s->check, q, n);
-
- /* copy */
- zmemcpy(p, q, n);
- p += n;
- q += n;
- }
-
- /* update pointers */
- z->next_out = p;
- s->read = q;
-
- /* done */
- return r;
-}
diff --git a/security/nss/cmd/zlib/infutil.h b/security/nss/cmd/zlib/infutil.h
deleted file mode 100644
index 702cd290c..000000000
--- a/security/nss/cmd/zlib/infutil.h
+++ /dev/null
@@ -1,99 +0,0 @@
-/* infutil.h -- types and macros common to blocks and codes
- * Copyright (C) 1995-1996 Mark Adler
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-#ifndef _INFUTIL_H
-#define _INFUTIL_H
-
-typedef enum {
- TYPE, /* get type bits (3, including end bit) */
- LENS, /* get lengths for stored */
- STORED, /* processing stored block */
- TABLE, /* get table lengths */
- BTREE, /* get bit lengths tree for a dynamic block */
- DTREE, /* get length, distance trees for a dynamic block */
- CODES, /* processing fixed or dynamic block */
- DRY, /* output remaining window bytes */
- DONE, /* finished last block, done */
- BAD} /* got a data error--stuck here */
-inflate_block_mode;
-
-/* inflate blocks semi-private state */
-struct inflate_blocks_state {
-
- /* mode */
- inflate_block_mode mode; /* current inflate_block mode */
-
- /* mode dependent information */
- union {
- uInt left; /* if STORED, bytes left to copy */
- struct {
- uInt table; /* table lengths (14 bits) */
- uInt index; /* index into blens (or border) */
- uIntf *blens; /* bit lengths of codes */
- uInt bb; /* bit length tree depth */
- inflate_huft *tb; /* bit length decoding tree */
- } trees; /* if DTREE, decoding info for trees */
- struct {
- inflate_huft *tl;
- inflate_huft *td; /* trees to free */
- inflate_codes_statef
- *codes;
- } decode; /* if CODES, current state */
- } sub; /* submode */
- uInt last; /* true if this block is the last block */
-
- /* mode independent information */
- uInt bitk; /* bits in bit buffer */
- uLong bitb; /* bit buffer */
- Bytef *window; /* sliding window */
- Bytef *end; /* one byte after sliding window */
- Bytef *read; /* window read pointer */
- Bytef *write; /* window write pointer */
- check_func checkfn; /* check function */
- uLong check; /* check on output */
-
-};
-
-
-/* defines for inflate input/output */
-/* update pointers and return */
-#define UPDBITS {s->bitb=b;s->bitk=k;}
-#define UPDIN {z->avail_in=n;z->total_in+=p-z->next_in;z->next_in=p;}
-#define UPDOUT {s->write=q;}
-#define UPDATE {UPDBITS UPDIN UPDOUT}
-#define LEAVE {UPDATE return inflate_flush(s,z,r);}
-/* get bytes and bits */
-#define LOADIN {p=z->next_in;n=z->avail_in;b=s->bitb;k=s->bitk;}
-#define NEEDBYTE {if(n)r=Z_OK;else LEAVE}
-#define NEXTBYTE (n--,*p++)
-#define NEEDBITS(j) {while(k<(j)){NEEDBYTE;b|=((uLong)NEXTBYTE)<<k;k+=8;}}
-#define DUMPBITS(j) {b>>=(j);k-=(j);}
-/* output bytes */
-#define WAVAIL (uInt)(q<s->read?s->read-q-1:s->end-q)
-#define LOADOUT {q=s->write;m=(uInt)WAVAIL;}
-#define WRAP {if(q==s->end&&s->read!=s->window){q=s->window;m=(uInt)WAVAIL;}}
-#define FLUSH {UPDOUT r=inflate_flush(s,z,r); LOADOUT}
-#define NEEDOUT {if(m==0){WRAP if(m==0){FLUSH WRAP if(m==0) LEAVE}}r=Z_OK;}
-#define OUTBYTE(a) {*q++=(Byte)(a);m--;}
-/* load local pointers */
-#define LOAD {LOADIN LOADOUT}
-
-/* masks for lower bits (size given to avoid silly warnings with Visual C++) */
-extern uInt inflate_mask[17];
-
-/* copy as much as possible from the sliding window to the output area */
-extern int inflate_flush OF((
- inflate_blocks_statef *,
- z_streamp ,
- int));
-
-struct internal_state {int dummy;}; /* for buggy compilers */
-
-#endif
diff --git a/security/nss/cmd/zlib/makefile.win b/security/nss/cmd/zlib/makefile.win
deleted file mode 100644
index 0f87b40b8..000000000
--- a/security/nss/cmd/zlib/makefile.win
+++ /dev/null
@@ -1,91 +0,0 @@
-NODEPEND=1
-IGNORE_MANIFEST = 1
-
-#//------------------------------------------------------------------------
-#//
-# New build system where zip dll is build indepenant of java stubs.
-#//
-#//------------------------------------------------------------------------
-MODULE = zlib
-EXPORTS = \
- zlib.h \
- zconf.h \
- $(NULL)
-
-
-#//------------------------------------------------------------------------
-#//
-#// Specify the depth of the current directory relative to the
-#// root of NS
-#//
-#//------------------------------------------------------------------------
-DEPTH= ..\..\..\
-
-MAKE_OBJ_TYPE=DLL
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Make Variables here: (ie. PDFFILE, MAPFILE, ...)
-#//
-#//------------------------------------------------------------------------
-DLLNAME=$(ZIPDLL)
-PDBFILE=$(MOD_ZIP).pdb
-MAPFILE=$(MOD_ZIP).map
-!if "$(MOZ_BITS)" == "16"
-DEFFILE=zip16.def
-!endif
-#RESFILE=zip.res
-
-#//------------------------------------------------------------------------
-#//
-#// Define the files necessary to build the target (ie. OBJS)
-#//
-#//------------------------------------------------------------------------
-OBJS= \
- .\$(OBJDIR)\adler32.obj \
- .\$(OBJDIR)\compress.obj \
- .\$(OBJDIR)\crc32.obj \
- .\$(OBJDIR)\deflate.obj \
- .\$(OBJDIR)\gzio.obj \
- .\$(OBJDIR)\infblock.obj \
- .\$(OBJDIR)\infcodes.obj \
- .\$(OBJDIR)\inffast.obj \
- .\$(OBJDIR)\inflate.obj \
- .\$(OBJDIR)\inftrees.obj \
- .\$(OBJDIR)\infutil.obj \
- .\$(OBJDIR)\trees.obj \
- .\$(OBJDIR)\uncompr.obj \
- .\$(OBJDIR)\zutil.obj \
- $(NULL)
-
-#//------------------------------------------------------------------------
-#//
-#// Define any Public Targets here (ie. PROGRAM, LIBRARY, DLL, ...)
-#// (these must be defined before the common makefiles are included)
-#//
-#//------------------------------------------------------------------------
-
-DLL=.\$(OBJDIR)\$(DLLNAME)
-MAPFILE= $(MOD_ZIP).map
-
-
-#//------------------------------------------------------------------------
-#//
-#// Define any local options for the make tools
-#// (ie. LCFLAGS, LLFLAGS, LLIBS, LINCS)
-#//
-#//------------------------------------------------------------------------
-LLIBS=$(LLIBS) $(LIBNSPR)
-LINCS=$(LINCS) -I. -I_gen
-# clobber and clobber_all will remove the following garbage:
-GARBAGE = $(GARBAGE) _gen
-
-#//------------------------------------------------------------------------
-#//
-#// Include the common makefile rules
-#//
-#//------------------------------------------------------------------------
-include <$(DEPTH)/sun-java/config/rules.mak>
-
-export:: $(DLL)
- $(MAKE_INSTALL) .\$(OBJDIR)\$(DLLNAME) $(DIST)\bin
- $(MAKE_INSTALL) .\$(OBJDIR)\$(MOD_ZIP).lib $(DIST)\lib
diff --git a/security/nss/cmd/zlib/manifest.mn b/security/nss/cmd/zlib/manifest.mn
deleted file mode 100644
index 6b4fbd4ec..000000000
--- a/security/nss/cmd/zlib/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = seccmd
-
-EXPORTS = zlib.h zconf.h
-
-CSRCS = adler32.c \
- crc32.c \
- compress.c \
- uncompr.c \
- deflate.c \
- trees.c \
- zutil.c \
- inflate.c \
- infblock.c \
- inftrees.c \
- infcodes.c \
- infutil.c \
- inffast.c \
- $(NULL)
-
-LIBRARY_NAME = zlib
-
-# REQUIRES = security
-
-DEFINES = -DNSPR20=1 -DMOZILLA_CLIENT=1
-
diff --git a/security/nss/cmd/zlib/minigzip.c b/security/nss/cmd/zlib/minigzip.c
deleted file mode 100644
index 60a48a12d..000000000
--- a/security/nss/cmd/zlib/minigzip.c
+++ /dev/null
@@ -1,246 +0,0 @@
-/* minigzip.c -- simulate gzip using the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-
-/*
- * minigzip is a minimal implementation of the gzip utility. This is
- * only an example of using zlib and isn't meant to replace the
- * full-featured gzip. No attempt is made to deal with file systems
- * limiting names to 14 or 8+3 characters, etc... Error checking is
- * very limited. So use minigzip only for testing; use gzip for the
- * real thing. On MSDOS, use only on file names without extension
- * or in pipe mode.
- */
-
-/* $Id$ */
-
-#include <stdio.h>
-#include "zlib.h"
-
-#ifdef STDC
-# include <string.h>
-# include <stdlib.h>
-#else
- extern void exit OF((int));
-#endif
-
-
-#if defined(MSDOS) || defined(OS2) || defined(WIN32)
-# include <fcntl.h>
-# include <io.h>
-# define SET_BINARY_MODE(file) setmode(fileno(file), O_BINARY)
-#else
-# define SET_BINARY_MODE(file)
-#endif
-
-#ifdef VMS
-# define unlink delete
-# define GZ_SUFFIX "-gz"
-#endif
-#ifdef RISCOS
-# define unlink remove
-# define GZ_SUFFIX "-gz"
-# define fileno(file) file->__file
-#endif
-
-#ifndef GZ_SUFFIX
-# define GZ_SUFFIX ".gz"
-#endif
-#define SUFFIX_LEN sizeof(GZ_SUFFIX)
-
-extern int unlink OF((const char *));
-
-#define BUFLEN 4096
-#define MAX_NAME_LEN 1024
-
-#define local static
-/* For MSDOS and other systems with limitation on stack size. For Unix,
- #define local
- works also.
- */
-
-char *prog;
-
-void error OF((const char *msg));
-void gz_compress OF((FILE *in, gzFile out));
-void gz_uncompress OF((gzFile in, FILE *out));
-void file_compress OF((char *file));
-void file_uncompress OF((char *file));
-int main OF((int argc, char *argv[]));
-
-/* ===========================================================================
- * Display error message and exit
- */
-void error(msg)
- const char *msg;
-{
- fprintf(stderr, "%s: %s\n", prog, msg);
- exit(1);
-}
-
-/* ===========================================================================
- * Compress input to output then close both files.
- */
-void gz_compress(in, out)
- FILE *in;
- gzFile out;
-{
- local char buf[BUFLEN];
- int len;
- int err;
-
- for (;;) {
- len = fread(buf, 1, sizeof(buf), in);
- if (ferror(in)) {
- perror("fread");
- exit(1);
- }
- if (len == 0) break;
-
- if (gzwrite(out, buf, (unsigned)len) != len) error(gzerror(out, &err));
- }
- fclose(in);
- if (gzclose(out) != Z_OK) error("failed gzclose");
-}
-
-/* ===========================================================================
- * Uncompress input to output then close both files.
- */
-void gz_uncompress(in, out)
- gzFile in;
- FILE *out;
-{
- local char buf[BUFLEN];
- int len;
- int err;
-
- for (;;) {
- len = gzread(in, buf, sizeof(buf));
- if (len < 0) error (gzerror(in, &err));
- if (len == 0) break;
-
- if ((int)fwrite(buf, 1, (unsigned)len, out) != len) {
- error("failed fwrite");
- }
- }
- if (fclose(out)) error("failed fclose");
-
- if (gzclose(in) != Z_OK) error("failed gzclose");
-}
-
-
-/* ===========================================================================
- * Compress the given file: create a corresponding .gz file and remove the
- * original.
- */
-void file_compress(file)
- char *file;
-{
- local char outfile[MAX_NAME_LEN];
- FILE *in;
- gzFile out;
-
- strcpy(outfile, file);
- strcat(outfile, GZ_SUFFIX);
-
- in = fopen(file, "rb");
- if (in == NULL) {
- perror(file);
- exit(1);
- }
- out = gzopen(outfile, "wb"); /* use "wb9" for maximal compression */
- if (out == NULL) {
- fprintf(stderr, "%s: can't gzopen %s\n", prog, outfile);
- exit(1);
- }
- gz_compress(in, out);
-
- unlink(file);
-}
-
-
-/* ===========================================================================
- * Uncompress the given file and remove the original.
- */
-void file_uncompress(file)
- char *file;
-{
- local char buf[MAX_NAME_LEN];
- char *infile, *outfile;
- FILE *out;
- gzFile in;
- int len = strlen(file);
-
- strcpy(buf, file);
-
- if (len > SUFFIX_LEN && strcmp(file+len-SUFFIX_LEN, GZ_SUFFIX) == 0) {
- infile = file;
- outfile = buf;
- outfile[len-3] = '\0';
- } else {
- outfile = file;
- infile = buf;
- strcat(infile, GZ_SUFFIX);
- }
- in = gzopen(infile, "rb");
- if (in == NULL) {
- fprintf(stderr, "%s: can't gzopen %s\n", prog, infile);
- exit(1);
- }
- out = fopen(outfile, "wb");
- if (out == NULL) {
- perror(file);
- exit(1);
- }
-
- gz_uncompress(in, out);
-
- unlink(infile);
-}
-
-
-/* ===========================================================================
- * Usage: minigzip [-d] [files...]
- */
-
-int main(argc, argv)
- int argc;
- char *argv[];
-{
- int uncompr = 0;
- gzFile file;
-
- prog = argv[0];
- argc--, argv++;
-
- if (argc > 0) {
- uncompr = (strcmp(*argv, "-d") == 0);
- if (uncompr) {
- argc--, argv++;
- }
- }
- if (argc == 0) {
- SET_BINARY_MODE(stdin);
- SET_BINARY_MODE(stdout);
- if (uncompr) {
- file = gzdopen(fileno(stdin), "rb");
- if (file == NULL) error("can't gzdopen stdin");
- gz_uncompress(file, stdout);
- } else {
- file = gzdopen(fileno(stdout), "wb"); /* "wb9" for max compr. */
- if (file == NULL) error("can't gzdopen stdout");
- gz_compress(stdin, file);
- }
- } else {
- do {
- if (uncompr) {
- file_uncompress(*argv);
- } else {
- file_compress(*argv);
- }
- } while (argv++, --argc);
- }
- exit(0);
- return 0; /* to avoid warning */
-}
diff --git a/security/nss/cmd/zlib/netscape_mods.doc b/security/nss/cmd/zlib/netscape_mods.doc
deleted file mode 100644
index c8a72d159..000000000
--- a/security/nss/cmd/zlib/netscape_mods.doc
+++ /dev/null
@@ -1,43 +0,0 @@
-
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
- *
- * The contents of this file are subject to the Netscape Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/NPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is mozilla.org code.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1998 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- */
-
-Netscape Modifications to Zlib source -
-
-
-Changes were made to the following files to
-create a zlib dll:
-
- adler32.c
- compress.c
- crc32.c
- deflate.c
- gzio.c
- inflate.c
- uncompr.c
- zutil.c
-
-
-Various changes for cross platform builds
-are clearly marked through out the source.
-
-
diff --git a/security/nss/cmd/zlib/stubs.c b/security/nss/cmd/zlib/stubs.c
deleted file mode 100644
index 2e7a053ef..000000000
--- a/security/nss/cmd/zlib/stubs.c
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
- !!! WARNING: If you add files here, be sure to:
- 1. add them to the Metrowerks project
- 2. edit Makefile and makefile.win to add a dependency on the .c file
-*/
-
-
-/* XXX Mac */
-#ifndef XP_MAC
-#include "_stubs/java_util_zip_Adler32.c"
-#include "_stubs/java_util_zip_CRC32.c"
-#include "_stubs/java_util_zip_Deflater.c"
-#include "_stubs/java_util_zip_Inflater.c"
-PR_PUBLIC_API(void) _java_zlib_init(void) { }
-#endif
-
-
diff --git a/security/nss/cmd/zlib/trees.c b/security/nss/cmd/zlib/trees.c
deleted file mode 100644
index 84623d992..000000000
--- a/security/nss/cmd/zlib/trees.c
+++ /dev/null
@@ -1,1143 +0,0 @@
-/* trees.c -- output deflated data using Huffman coding
- * Copyright (C) 1995-1996 Jean-loup Gailly
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/*
- * ALGORITHM
- *
- * The "deflation" process uses several Huffman trees. The more
- * common source values are represented by shorter bit sequences.
- *
- * Each code tree is stored in a compressed form which is itself
- * a Huffman encoding of the lengths of all the code strings (in
- * ascending order by source values). The actual code strings are
- * reconstructed from the lengths in the inflate process, as described
- * in the deflate specification.
- *
- * REFERENCES
- *
- * Deutsch, L.P.,"'Deflate' Compressed Data Format Specification".
- * Available in ftp.uu.net:/pub/archiving/zip/doc/deflate-1.1.doc
- *
- * Storer, James A.
- * Data Compression: Methods and Theory, pp. 49-50.
- * Computer Science Press, 1988. ISBN 0-7167-8156-5.
- *
- * Sedgewick, R.
- * Algorithms, p290.
- * Addison-Wesley, 1983. ISBN 0-201-06672-6.
- */
-
-/* $Id$ */
-
-#include "deflate.h"
-
-#ifdef DEBUG
-# include <ctype.h>
-#endif
-
-/* ===========================================================================
- * Constants
- */
-
-#define MAX_BL_BITS 7
-/* Bit length codes must not exceed MAX_BL_BITS bits */
-
-#define END_BLOCK 256
-/* end of block literal code */
-
-#define REP_3_6 16
-/* repeat previous bit length 3-6 times (2 bits of repeat count) */
-
-#define REPZ_3_10 17
-/* repeat a zero length 3-10 times (3 bits of repeat count) */
-
-#define REPZ_11_138 18
-/* repeat a zero length 11-138 times (7 bits of repeat count) */
-
-local int extra_lbits[LENGTH_CODES] /* extra bits for each length code */
- = {0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0};
-
-local int extra_dbits[D_CODES] /* extra bits for each distance code */
- = {0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13};
-
-local int extra_blbits[BL_CODES]/* extra bits for each bit length code */
- = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7};
-
-local uch bl_order[BL_CODES]
- = {16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15};
-/* The lengths of the bit length codes are sent in order of decreasing
- * probability, to avoid transmitting the lengths for unused bit length codes.
- */
-
-#define Buf_size (8 * 2*sizeof(char))
-/* Number of bits used within bi_buf. (bi_buf might be implemented on
- * more than 16 bits on some systems.)
- */
-
-/* ===========================================================================
- * Local data. These are initialized only once.
- */
-
-local ct_data static_ltree[L_CODES+2];
-/* The static literal tree. Since the bit lengths are imposed, there is no
- * need for the L_CODES extra codes used during heap construction. However
- * The codes 286 and 287 are needed to build a canonical tree (see _tr_init
- * below).
- */
-
-local ct_data static_dtree[D_CODES];
-/* The static distance tree. (Actually a trivial tree since all codes use
- * 5 bits.)
- */
-
-local uch dist_code[512];
-/* distance codes. The first 256 values correspond to the distances
- * 3 .. 258, the last 256 values correspond to the top 8 bits of
- * the 15 bit distances.
- */
-
-local uch length_code[MAX_MATCH-MIN_MATCH+1];
-/* length code for each normalized match length (0 == MIN_MATCH) */
-
-local int base_length[LENGTH_CODES];
-/* First normalized length for each code (0 = MIN_MATCH) */
-
-local int base_dist[D_CODES];
-/* First normalized distance for each code (0 = distance of 1) */
-
-struct static_tree_desc_s {
- ct_data *static_tree; /* static tree or NULL */
- intf *extra_bits; /* extra bits for each code or NULL */
- int extra_base; /* base index for extra_bits */
- int elems; /* max number of elements in the tree */
- int max_length; /* max bit length for the codes */
-};
-
-local static_tree_desc static_l_desc =
-{static_ltree, extra_lbits, LITERALS+1, L_CODES, MAX_BITS};
-
-local static_tree_desc static_d_desc =
-{static_dtree, extra_dbits, 0, D_CODES, MAX_BITS};
-
-local static_tree_desc static_bl_desc =
-{(ct_data *)0, extra_blbits, 0, BL_CODES, MAX_BL_BITS};
-
-/* ===========================================================================
- * Local (static) routines in this file.
- */
-
-local void tr_static_init OF((void));
-local void init_block OF((deflate_state *s));
-local void pqdownheap OF((deflate_state *s, ct_data *tree, int k));
-local void gen_bitlen OF((deflate_state *s, tree_desc *desc));
-local void gen_codes OF((ct_data *tree, int max_code, ushf *bl_count));
-local void build_tree OF((deflate_state *s, tree_desc *desc));
-local void scan_tree OF((deflate_state *s, ct_data *tree, int max_code));
-local void send_tree OF((deflate_state *s, ct_data *tree, int max_code));
-local int build_bl_tree OF((deflate_state *s));
-local void send_all_trees OF((deflate_state *s, int lcodes, int dcodes,
- int blcodes));
-local void compress_block OF((deflate_state *s, ct_data *ltree,
- ct_data *dtree));
-local void set_data_type OF((deflate_state *s));
-local unsigned bi_reverse OF((unsigned value, int length));
-local void bi_windup OF((deflate_state *s));
-local void bi_flush OF((deflate_state *s));
-local void copy_block OF((deflate_state *s, charf *buf, unsigned len,
- int header));
-
-#ifndef DEBUG_NEVER
-# define send_code(s, c, tree) send_bits(s, tree[c].Code, tree[c].Len)
- /* Send a code of the given tree. c and tree must not have side effects */
-
-#else /* DEBUG */
-# define send_code(s, c, tree) \
- { if (verbose>2) fprintf(stderr,"\ncd %3d ",(c)); \
- send_bits(s, tree[c].Code, tree[c].Len); }
-#endif
-
-#define d_code(dist) \
- ((dist) < 256 ? dist_code[dist] : dist_code[256+((dist)>>7)])
-/* Mapping from a distance to a distance code. dist is the distance - 1 and
- * must not have side effects. dist_code[256] and dist_code[257] are never
- * used.
- */
-
-/* ===========================================================================
- * Output a short LSB first on the stream.
- * IN assertion: there is enough room in pendingBuf.
- */
-#define put_short(s, w) { \
- put_byte(s, (uch)((w) & 0xff)); \
- put_byte(s, (uch)((ush)(w) >> 8)); \
-}
-
-/* ===========================================================================
- * Send a value on a given number of bits.
- * IN assertion: length <= 16 and value fits in length bits.
- */
-#ifdef DEBUG
-local void send_bits OF((deflate_state *s, int value, int length));
-
-local void send_bits(s, value, length)
- deflate_state *s;
- int value; /* value to send */
- int length; /* number of bits */
-{
- Tracevv((stderr," l %2d v %4x ", length, value));
- Assert(length > 0 && length <= 15, "invalid length");
- s->bits_sent += (ulg)length;
-
- /* If not enough room in bi_buf, use (valid) bits from bi_buf and
- * (16 - bi_valid) bits from value, leaving (width - (16-bi_valid))
- * unused bits in value.
- */
- if (s->bi_valid > (int)Buf_size - length) {
- s->bi_buf |= (value << s->bi_valid);
- put_short(s, s->bi_buf);
- s->bi_buf = (ush)value >> (Buf_size - s->bi_valid);
- s->bi_valid += length - Buf_size;
- } else {
- s->bi_buf |= value << s->bi_valid;
- s->bi_valid += length;
- }
-}
-#else /* !DEBUG */
-
-#define send_bits(s, value, length) \
-{ int len = length;\
- if (s->bi_valid > (int)Buf_size - len) {\
- int val = value;\
- s->bi_buf |= (val << s->bi_valid);\
- put_short(s, s->bi_buf);\
- s->bi_buf = (ush)val >> (Buf_size - s->bi_valid);\
- s->bi_valid += len - Buf_size;\
- } else {\
- s->bi_buf |= (value) << s->bi_valid;\
- s->bi_valid += len;\
- }\
-}
-#endif /* DEBUG */
-
-
-#ifndef MAX
-#define MAX(a,b) (a >= b ? a : b)
-#endif
-/* the arguments must not have side effects */
-
-/* ===========================================================================
- * Initialize the various 'constant' tables. In a multi-threaded environment,
- * this function may be called by two threads concurrently, but this is
- * harmless since both invocations do exactly the same thing.
- */
-local void tr_static_init()
-{
- static int static_init_done = 0;
- int n; /* iterates over tree elements */
- int bits; /* bit counter */
- int length; /* length value */
- int code; /* code value */
- int dist; /* distance index */
- ush bl_count[MAX_BITS+1];
- /* number of codes at each bit length for an optimal tree */
-
- if (static_init_done) return;
-
- /* Initialize the mapping length (0..255) -> length code (0..28) */
- length = 0;
- for (code = 0; code < LENGTH_CODES-1; code++) {
- base_length[code] = length;
- for (n = 0; n < (1<<extra_lbits[code]); n++) {
- length_code[length++] = (uch)code;
- }
- }
- Assert (length == 256, "tr_static_init: length != 256");
- /* Note that the length 255 (match length 258) can be represented
- * in two different ways: code 284 + 5 bits or code 285, so we
- * overwrite length_code[255] to use the best encoding:
- */
- length_code[length-1] = (uch)code;
-
- /* Initialize the mapping dist (0..32K) -> dist code (0..29) */
- dist = 0;
- for (code = 0 ; code < 16; code++) {
- base_dist[code] = dist;
- for (n = 0; n < (1<<extra_dbits[code]); n++) {
- dist_code[dist++] = (uch)code;
- }
- }
- Assert (dist == 256, "tr_static_init: dist != 256");
- dist >>= 7; /* from now on, all distances are divided by 128 */
- for ( ; code < D_CODES; code++) {
- base_dist[code] = dist << 7;
- for (n = 0; n < (1<<(extra_dbits[code]-7)); n++) {
- dist_code[256 + dist++] = (uch)code;
- }
- }
- Assert (dist == 256, "tr_static_init: 256+dist != 512");
-
- /* Construct the codes of the static literal tree */
- for (bits = 0; bits <= MAX_BITS; bits++) bl_count[bits] = 0;
- n = 0;
- while (n <= 143) static_ltree[n++].Len = 8, bl_count[8]++;
- while (n <= 255) static_ltree[n++].Len = 9, bl_count[9]++;
- while (n <= 279) static_ltree[n++].Len = 7, bl_count[7]++;
- while (n <= 287) static_ltree[n++].Len = 8, bl_count[8]++;
- /* Codes 286 and 287 do not exist, but we must include them in the
- * tree construction to get a canonical Huffman tree (longest code
- * all ones)
- */
- gen_codes((ct_data *)static_ltree, L_CODES+1, bl_count);
-
- /* The static distance tree is trivial: */
- for (n = 0; n < D_CODES; n++) {
- static_dtree[n].Len = 5;
- static_dtree[n].Code = bi_reverse((unsigned)n, 5);
- }
- static_init_done = 1;
-}
-
-/* ===========================================================================
- * Initialize the tree data structures for a new zlib stream.
- */
-void _tr_init(s)
- deflate_state *s;
-{
- tr_static_init();
-
- s->compressed_len = 0L;
-
- s->l_desc.dyn_tree = s->dyn_ltree;
- s->l_desc.stat_desc = &static_l_desc;
-
- s->d_desc.dyn_tree = s->dyn_dtree;
- s->d_desc.stat_desc = &static_d_desc;
-
- s->bl_desc.dyn_tree = s->bl_tree;
- s->bl_desc.stat_desc = &static_bl_desc;
-
- s->bi_buf = 0;
- s->bi_valid = 0;
- s->last_eob_len = 8; /* enough lookahead for inflate */
-#ifdef DEBUG
- s->bits_sent = 0L;
-#endif
-
- /* Initialize the first block of the first file: */
- init_block(s);
-}
-
-/* ===========================================================================
- * Initialize a new block.
- */
-local void init_block(s)
- deflate_state *s;
-{
- int n; /* iterates over tree elements */
-
- /* Initialize the trees. */
- for (n = 0; n < L_CODES; n++) s->dyn_ltree[n].Freq = 0;
- for (n = 0; n < D_CODES; n++) s->dyn_dtree[n].Freq = 0;
- for (n = 0; n < BL_CODES; n++) s->bl_tree[n].Freq = 0;
-
- s->dyn_ltree[END_BLOCK].Freq = 1;
- s->opt_len = s->static_len = 0L;
- s->last_lit = s->matches = 0;
-}
-
-#define SMALLEST 1
-/* Index within the heap array of least frequent node in the Huffman tree */
-
-
-/* ===========================================================================
- * Remove the smallest element from the heap and recreate the heap with
- * one less element. Updates heap and heap_len.
- */
-#define pqremove(s, tree, top) \
-{\
- top = s->heap[SMALLEST]; \
- s->heap[SMALLEST] = s->heap[s->heap_len--]; \
- pqdownheap(s, tree, SMALLEST); \
-}
-
-/* ===========================================================================
- * Compares to subtrees, using the tree depth as tie breaker when
- * the subtrees have equal frequency. This minimizes the worst case length.
- */
-#define smaller(tree, n, m, depth) \
- (tree[n].Freq < tree[m].Freq || \
- (tree[n].Freq == tree[m].Freq && depth[n] <= depth[m]))
-
-/* ===========================================================================
- * Restore the heap property by moving down the tree starting at node k,
- * exchanging a node with the smallest of its two sons if necessary, stopping
- * when the heap property is re-established (each father smaller than its
- * two sons).
- */
-local void pqdownheap(s, tree, k)
- deflate_state *s;
- ct_data *tree; /* the tree to restore */
- int k; /* node to move down */
-{
- int v = s->heap[k];
- int j = k << 1; /* left son of k */
- while (j <= s->heap_len) {
- /* Set j to the smallest of the two sons: */
- if (j < s->heap_len &&
- smaller(tree, s->heap[j+1], s->heap[j], s->depth)) {
- j++;
- }
- /* Exit if v is smaller than both sons */
- if (smaller(tree, v, s->heap[j], s->depth)) break;
-
- /* Exchange v with the smallest son */
- s->heap[k] = s->heap[j]; k = j;
-
- /* And continue down the tree, setting j to the left son of k */
- j <<= 1;
- }
- s->heap[k] = v;
-}
-
-/* ===========================================================================
- * Compute the optimal bit lengths for a tree and update the total bit length
- * for the current block.
- * IN assertion: the fields freq and dad are set, heap[heap_max] and
- * above are the tree nodes sorted by increasing frequency.
- * OUT assertions: the field len is set to the optimal bit length, the
- * array bl_count contains the frequencies for each bit length.
- * The length opt_len is updated; static_len is also updated if stree is
- * not null.
- */
-local void gen_bitlen(s, desc)
- deflate_state *s;
- tree_desc *desc; /* the tree descriptor */
-{
- ct_data *tree = desc->dyn_tree;
- int max_code = desc->max_code;
- ct_data *stree = desc->stat_desc->static_tree;
- intf *extra = desc->stat_desc->extra_bits;
- int base = desc->stat_desc->extra_base;
- int max_length = desc->stat_desc->max_length;
- int h; /* heap index */
- int n, m; /* iterate over the tree elements */
- int bits; /* bit length */
- int xbits; /* extra bits */
- ush f; /* frequency */
- int overflow = 0; /* number of elements with bit length too large */
-
- for (bits = 0; bits <= MAX_BITS; bits++) s->bl_count[bits] = 0;
-
- /* In a first pass, compute the optimal bit lengths (which may
- * overflow in the case of the bit length tree).
- */
- tree[s->heap[s->heap_max]].Len = 0; /* root of the heap */
-
- for (h = s->heap_max+1; h < HEAP_SIZE; h++) {
- n = s->heap[h];
- bits = tree[tree[n].Dad].Len + 1;
- if (bits > max_length) bits = max_length, overflow++;
- tree[n].Len = (ush)bits;
- /* We overwrite tree[n].Dad which is no longer needed */
-
- if (n > max_code) continue; /* not a leaf node */
-
- s->bl_count[bits]++;
- xbits = 0;
- if (n >= base) xbits = extra[n-base];
- f = tree[n].Freq;
- s->opt_len += (ulg)f * (bits + xbits);
- if (stree) s->static_len += (ulg)f * (stree[n].Len + xbits);
- }
- if (overflow == 0) return;
-
- Trace((stderr,"\nbit length overflow\n"));
- /* This happens for example on obj2 and pic of the Calgary corpus */
-
- /* Find the first bit length which could increase: */
- do {
- bits = max_length-1;
- while (s->bl_count[bits] == 0) bits--;
- s->bl_count[bits]--; /* move one leaf down the tree */
- s->bl_count[bits+1] += 2; /* move one overflow item as its brother */
- s->bl_count[max_length]--;
- /* The brother of the overflow item also moves one step up,
- * but this does not affect bl_count[max_length]
- */
- overflow -= 2;
- } while (overflow > 0);
-
- /* Now recompute all bit lengths, scanning in increasing frequency.
- * h is still equal to HEAP_SIZE. (It is simpler to reconstruct all
- * lengths instead of fixing only the wrong ones. This idea is taken
- * from 'ar' written by Haruhiko Okumura.)
- */
- for (bits = max_length; bits != 0; bits--) {
- n = s->bl_count[bits];
- while (n != 0) {
- m = s->heap[--h];
- if (m > max_code) continue;
- if (tree[m].Len != (unsigned) bits) {
- Trace((stderr,"code %d bits %d->%d\n", m, tree[m].Len, bits));
- s->opt_len += ((long)bits - (long)tree[m].Len)
- *(long)tree[m].Freq;
- tree[m].Len = (ush)bits;
- }
- n--;
- }
- }
-}
-
-/* ===========================================================================
- * Generate the codes for a given tree and bit counts (which need not be
- * optimal).
- * IN assertion: the array bl_count contains the bit length statistics for
- * the given tree and the field len is set for all tree elements.
- * OUT assertion: the field code is set for all tree elements of non
- * zero code length.
- */
-local void gen_codes (tree, max_code, bl_count)
- ct_data *tree; /* the tree to decorate */
- int max_code; /* largest code with non zero frequency */
- ushf *bl_count; /* number of codes at each bit length */
-{
- ush next_code[MAX_BITS+1]; /* next code value for each bit length */
- ush code = 0; /* running code value */
- int bits; /* bit index */
- int n; /* code index */
-
- /* The distribution counts are first used to generate the code values
- * without bit reversal.
- */
- for (bits = 1; bits <= MAX_BITS; bits++) {
- next_code[bits] = code = (code + bl_count[bits-1]) << 1;
- }
- /* Check that the bit counts in bl_count are consistent. The last code
- * must be all ones.
- */
- Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
- "inconsistent bit counts");
- Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
-
- for (n = 0; n <= max_code; n++) {
- int len = tree[n].Len;
- if (len == 0) continue;
- /* Now reverse the bits */
- tree[n].Code = bi_reverse(next_code[len]++, len);
-
- Tracecv(tree != static_ltree, (stderr,"\nn %3d %c l %2d c %4x (%x) ",
- n, (isgraph(n) ? n : ' '), len, tree[n].Code, next_code[len]-1));
- }
-}
-
-/* ===========================================================================
- * Construct one Huffman tree and assigns the code bit strings and lengths.
- * Update the total bit length for the current block.
- * IN assertion: the field freq is set for all tree elements.
- * OUT assertions: the fields len and code are set to the optimal bit length
- * and corresponding code. The length opt_len is updated; static_len is
- * also updated if stree is not null. The field max_code is set.
- */
-local void build_tree(s, desc)
- deflate_state *s;
- tree_desc *desc; /* the tree descriptor */
-{
- ct_data *tree = desc->dyn_tree;
- ct_data *stree = desc->stat_desc->static_tree;
- int elems = desc->stat_desc->elems;
- int n, m; /* iterate over heap elements */
- int max_code = -1; /* largest code with non zero frequency */
- int node; /* new node being created */
-
- /* Construct the initial heap, with least frequent element in
- * heap[SMALLEST]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
- * heap[0] is not used.
- */
- s->heap_len = 0, s->heap_max = HEAP_SIZE;
-
- for (n = 0; n < elems; n++) {
- if (tree[n].Freq != 0) {
- s->heap[++(s->heap_len)] = max_code = n;
- s->depth[n] = 0;
- } else {
- tree[n].Len = 0;
- }
- }
-
- /* The pkzip format requires that at least one distance code exists,
- * and that at least one bit should be sent even if there is only one
- * possible code. So to avoid special checks later on we force at least
- * two codes of non zero frequency.
- */
- while (s->heap_len < 2) {
- node = s->heap[++(s->heap_len)] = (max_code < 2 ? ++max_code : 0);
- tree[node].Freq = 1;
- s->depth[node] = 0;
- s->opt_len--; if (stree) s->static_len -= stree[node].Len;
- /* node is 0 or 1 so it does not have extra bits */
- }
- desc->max_code = max_code;
-
- /* The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
- * establish sub-heaps of increasing lengths:
- */
- for (n = s->heap_len/2; n >= 1; n--) pqdownheap(s, tree, n);
-
- /* Construct the Huffman tree by repeatedly combining the least two
- * frequent nodes.
- */
- node = elems; /* next internal node of the tree */
- do {
- pqremove(s, tree, n); /* n = node of least frequency */
- m = s->heap[SMALLEST]; /* m = node of next least frequency */
-
- s->heap[--(s->heap_max)] = n; /* keep the nodes sorted by frequency */
- s->heap[--(s->heap_max)] = m;
-
- /* Create a new node father of n and m */
- tree[node].Freq = tree[n].Freq + tree[m].Freq;
- s->depth[node] = (uch) (MAX(s->depth[n], s->depth[m]) + 1);
- tree[n].Dad = tree[m].Dad = (ush)node;
-#ifdef DUMP_BL_TREE
- if (tree == s->bl_tree) {
- fprintf(stderr,"\nnode %d(%d), sons %d(%d) %d(%d)",
- node, tree[node].Freq, n, tree[n].Freq, m, tree[m].Freq);
- }
-#endif
- /* and insert the new node in the heap */
- s->heap[SMALLEST] = node++;
- pqdownheap(s, tree, SMALLEST);
-
- } while (s->heap_len >= 2);
-
- s->heap[--(s->heap_max)] = s->heap[SMALLEST];
-
- /* At this point, the fields freq and dad are set. We can now
- * generate the bit lengths.
- */
- gen_bitlen(s, (tree_desc *)desc);
-
- /* The field len is now set, we can generate the bit codes */
- gen_codes ((ct_data *)tree, max_code, s->bl_count);
-}
-
-/* ===========================================================================
- * Scan a literal or distance tree to determine the frequencies of the codes
- * in the bit length tree.
- */
-local void scan_tree (s, tree, max_code)
- deflate_state *s;
- ct_data *tree; /* the tree to be scanned */
- int max_code; /* and its largest code of non zero frequency */
-{
- int n; /* iterates over all tree elements */
- int prevlen = -1; /* last emitted length */
- int curlen; /* length of current code */
- int nextlen = tree[0].Len; /* length of next code */
- int count = 0; /* repeat count of the current code */
- int max_count = 7; /* max repeat count */
- int min_count = 4; /* min repeat count */
-
- if (nextlen == 0) max_count = 138, min_count = 3;
- tree[max_code+1].Len = (ush)0xffff; /* guard */
-
- for (n = 0; n <= max_code; n++) {
- curlen = nextlen; nextlen = tree[n+1].Len;
- if (++count < max_count && curlen == nextlen) {
- continue;
- } else if (count < min_count) {
- s->bl_tree[curlen].Freq += count;
- } else if (curlen != 0) {
- if (curlen != prevlen) s->bl_tree[curlen].Freq++;
- s->bl_tree[REP_3_6].Freq++;
- } else if (count <= 10) {
- s->bl_tree[REPZ_3_10].Freq++;
- } else {
- s->bl_tree[REPZ_11_138].Freq++;
- }
- count = 0; prevlen = curlen;
- if (nextlen == 0) {
- max_count = 138, min_count = 3;
- } else if (curlen == nextlen) {
- max_count = 6, min_count = 3;
- } else {
- max_count = 7, min_count = 4;
- }
- }
-}
-
-/* ===========================================================================
- * Send a literal or distance tree in compressed form, using the codes in
- * bl_tree.
- */
-local void send_tree (s, tree, max_code)
- deflate_state *s;
- ct_data *tree; /* the tree to be scanned */
- int max_code; /* and its largest code of non zero frequency */
-{
- int n; /* iterates over all tree elements */
- int prevlen = -1; /* last emitted length */
- int curlen; /* length of current code */
- int nextlen = tree[0].Len; /* length of next code */
- int count = 0; /* repeat count of the current code */
- int max_count = 7; /* max repeat count */
- int min_count = 4; /* min repeat count */
-
- /* tree[max_code+1].Len = -1; */ /* guard already set */
- if (nextlen == 0) max_count = 138, min_count = 3;
-
- for (n = 0; n <= max_code; n++) {
- curlen = nextlen; nextlen = tree[n+1].Len;
- if (++count < max_count && curlen == nextlen) {
- continue;
- } else if (count < min_count) {
- do { send_code(s, curlen, s->bl_tree); } while (--count != 0);
-
- } else if (curlen != 0) {
- if (curlen != prevlen) {
- send_code(s, curlen, s->bl_tree); count--;
- }
- Assert(count >= 3 && count <= 6, " 3_6?");
- send_code(s, REP_3_6, s->bl_tree); send_bits(s, count-3, 2);
-
- } else if (count <= 10) {
- send_code(s, REPZ_3_10, s->bl_tree); send_bits(s, count-3, 3);
-
- } else {
- send_code(s, REPZ_11_138, s->bl_tree); send_bits(s, count-11, 7);
- }
- count = 0; prevlen = curlen;
- if (nextlen == 0) {
- max_count = 138, min_count = 3;
- } else if (curlen == nextlen) {
- max_count = 6, min_count = 3;
- } else {
- max_count = 7, min_count = 4;
- }
- }
-}
-
-/* ===========================================================================
- * Construct the Huffman tree for the bit lengths and return the index in
- * bl_order of the last bit length code to send.
- */
-local int build_bl_tree(s)
- deflate_state *s;
-{
- int max_blindex; /* index of last bit length code of non zero freq */
-
- /* Determine the bit length frequencies for literal and distance trees */
- scan_tree(s, (ct_data *)s->dyn_ltree, s->l_desc.max_code);
- scan_tree(s, (ct_data *)s->dyn_dtree, s->d_desc.max_code);
-
- /* Build the bit length tree: */
- build_tree(s, (tree_desc *)(&(s->bl_desc)));
- /* opt_len now includes the length of the tree representations, except
- * the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
- */
-
- /* Determine the number of bit length codes to send. The pkzip format
- * requires that at least 4 bit length codes be sent. (appnote.txt says
- * 3 but the actual value used is 4.)
- */
- for (max_blindex = BL_CODES-1; max_blindex >= 3; max_blindex--) {
- if (s->bl_tree[bl_order[max_blindex]].Len != 0) break;
- }
- /* Update opt_len to include the bit length tree and counts */
- s->opt_len += 3*(max_blindex+1) + 5+5+4;
- Tracev((stderr, "\ndyn trees: dyn %ld, stat %ld",
- s->opt_len, s->static_len));
-
- return max_blindex;
-}
-
-/* ===========================================================================
- * Send the header for a block using dynamic Huffman trees: the counts, the
- * lengths of the bit length codes, the literal tree and the distance tree.
- * IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
- */
-local void send_all_trees(s, lcodes, dcodes, blcodes)
- deflate_state *s;
- int lcodes, dcodes, blcodes; /* number of codes for each tree */
-{
- int rank; /* index in bl_order */
-
- Assert (lcodes >= 257 && dcodes >= 1 && blcodes >= 4, "not enough codes");
- Assert (lcodes <= L_CODES && dcodes <= D_CODES && blcodes <= BL_CODES,
- "too many codes");
- Tracev((stderr, "\nbl counts: "));
- send_bits(s, lcodes-257, 5); /* not +255 as stated in appnote.txt */
- send_bits(s, dcodes-1, 5);
- send_bits(s, blcodes-4, 4); /* not -3 as stated in appnote.txt */
- for (rank = 0; rank < blcodes; rank++) {
- Tracev((stderr, "\nbl code %2d ", bl_order[rank]));
- send_bits(s, s->bl_tree[bl_order[rank]].Len, 3);
- }
- Tracev((stderr, "\nbl tree: sent %ld", s->bits_sent));
-
- send_tree(s, (ct_data *)s->dyn_ltree, lcodes-1); /* literal tree */
- Tracev((stderr, "\nlit tree: sent %ld", s->bits_sent));
-
- send_tree(s, (ct_data *)s->dyn_dtree, dcodes-1); /* distance tree */
- Tracev((stderr, "\ndist tree: sent %ld", s->bits_sent));
-}
-
-/* ===========================================================================
- * Send a stored block
- */
-void _tr_stored_block(s, buf, stored_len, eof)
- deflate_state *s;
- charf *buf; /* input block */
- ulg stored_len; /* length of input block */
- int eof; /* true if this is the last block for a file */
-{
- send_bits(s, (STORED_BLOCK<<1)+eof, 3); /* send block type */
- s->compressed_len = (s->compressed_len + 3 + 7) & (ulg)~7L;
- s->compressed_len += (stored_len + 4) << 3;
-
- copy_block(s, buf, (unsigned)stored_len, 1); /* with header */
-}
-
-/* ===========================================================================
- * Send one empty static block to give enough lookahead for inflate.
- * This takes 10 bits, of which 7 may remain in the bit buffer.
- * The current inflate code requires 9 bits of lookahead. If the
- * last two codes for the previous block (real code plus EOB) were coded
- * on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode
- * the last real code. In this case we send two empty static blocks instead
- * of one. (There are no problems if the previous block is stored or fixed.)
- * To simplify the code, we assume the worst case of last real code encoded
- * on one bit only.
- */
-void _tr_align(s)
- deflate_state *s;
-{
- send_bits(s, STATIC_TREES<<1, 3);
- send_code(s, END_BLOCK, static_ltree);
- s->compressed_len += 10L; /* 3 for block type, 7 for EOB */
- bi_flush(s);
- /* Of the 10 bits for the empty block, we have already sent
- * (10 - bi_valid) bits. The lookahead for the last real code (before
- * the EOB of the previous block) was thus at least one plus the length
- * of the EOB plus what we have just sent of the empty static block.
- */
- if (1 + s->last_eob_len + 10 - s->bi_valid < 9) {
- send_bits(s, STATIC_TREES<<1, 3);
- send_code(s, END_BLOCK, static_ltree);
- s->compressed_len += 10L;
- bi_flush(s);
- }
- s->last_eob_len = 7;
-}
-
-/* ===========================================================================
- * Determine the best encoding for the current block: dynamic trees, static
- * trees or store, and output the encoded block to the zip file. This function
- * returns the total compressed length for the file so far.
- */
-ulg _tr_flush_block(s, buf, stored_len, eof)
- deflate_state *s;
- charf *buf; /* input block, or NULL if too old */
- ulg stored_len; /* length of input block */
- int eof; /* true if this is the last block for a file */
-{
- ulg opt_lenb, static_lenb; /* opt_len and static_len in bytes */
- int max_blindex = 0; /* index of last bit length code of non zero freq */
-
- /* Build the Huffman trees unless a stored block is forced */
- if (s->level > 0) {
-
- /* Check if the file is ascii or binary */
- if (s->data_type == Z_UNKNOWN) set_data_type(s);
-
- /* Construct the literal and distance trees */
- build_tree(s, (tree_desc *)(&(s->l_desc)));
- Tracev((stderr, "\nlit data: dyn %ld, stat %ld", s->opt_len,
- s->static_len));
-
- build_tree(s, (tree_desc *)(&(s->d_desc)));
- Tracev((stderr, "\ndist data: dyn %ld, stat %ld", s->opt_len,
- s->static_len));
- /* At this point, opt_len and static_len are the total bit lengths of
- * the compressed block data, excluding the tree representations.
- */
-
- /* Build the bit length tree for the above two trees, and get the index
- * in bl_order of the last bit length code to send.
- */
- max_blindex = build_bl_tree(s);
-
- /* Determine the best encoding. Compute first the block length in bytes*/
- opt_lenb = (s->opt_len+3+7)>>3;
- static_lenb = (s->static_len+3+7)>>3;
-
- Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
- opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
- s->last_lit));
-
- if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
-
- } else {
- Assert(buf != (char*)0, "lost buf");
- opt_lenb = static_lenb = stored_len + 5; /* force a stored block */
- }
-
- /* If compression failed and this is the first and last block,
- * and if the .zip file can be seeked (to rewrite the local header),
- * the whole file is transformed into a stored file:
- */
-#ifdef STORED_FILE_OK
-# ifdef FORCE_STORED_FILE
- if (eof && s->compressed_len == 0L) { /* force stored file */
-# else
- if (stored_len <= opt_lenb && eof && s->compressed_len==0L && seekable()) {
-# endif
- /* Since LIT_BUFSIZE <= 2*WSIZE, the input data must be there: */
- if (buf == (charf*)0) error ("block vanished");
-
- copy_block(buf, (unsigned)stored_len, 0); /* without header */
- s->compressed_len = stored_len << 3;
- s->method = STORED;
- } else
-#endif /* STORED_FILE_OK */
-
-#ifdef FORCE_STORED
- if (buf != (char*)0) { /* force stored block */
-#else
- if (stored_len+4 <= opt_lenb && buf != (char*)0) {
- /* 4: two words for the lengths */
-#endif
- /* The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
- * Otherwise we can't have processed more than WSIZE input bytes since
- * the last block flush, because compression would have been
- * successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
- * transform a block into a stored block.
- */
- _tr_stored_block(s, buf, stored_len, eof);
-
-#ifdef FORCE_STATIC
- } else if (static_lenb >= 0) { /* force static trees */
-#else
- } else if (static_lenb == opt_lenb) {
-#endif
- send_bits(s, (STATIC_TREES<<1)+eof, 3);
- compress_block(s, (ct_data *)static_ltree, (ct_data *)static_dtree);
- s->compressed_len += 3 + s->static_len;
- } else {
- send_bits(s, (DYN_TREES<<1)+eof, 3);
- send_all_trees(s, s->l_desc.max_code+1, s->d_desc.max_code+1,
- max_blindex+1);
- compress_block(s, (ct_data *)s->dyn_ltree, (ct_data *)s->dyn_dtree);
- s->compressed_len += 3 + s->opt_len;
- }
- Assert (s->compressed_len == s->bits_sent, "bad compressed size");
- init_block(s);
-
- if (eof) {
- bi_windup(s);
- s->compressed_len += 7; /* align on byte boundary */
- }
- Tracev((stderr,"\ncomprlen %lu(%lu) ", s->compressed_len>>3,
- s->compressed_len-7*eof));
-
- return s->compressed_len >> 3;
-}
-
-/* ===========================================================================
- * Save the match info and tally the frequency counts. Return true if
- * the current block must be flushed.
- */
-int _tr_tally (s, dist, lc)
- deflate_state *s;
- unsigned dist; /* distance of matched string */
- unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */
-{
- s->d_buf[s->last_lit] = (ush)dist;
- s->l_buf[s->last_lit++] = (uch)lc;
- if (dist == 0) {
- /* lc is the unmatched char */
- s->dyn_ltree[lc].Freq++;
- } else {
- s->matches++;
- /* Here, lc is the match length - MIN_MATCH */
- dist--; /* dist = match distance - 1 */
- Assert((ush)dist < (ush)MAX_DIST(s) &&
- (ush)lc <= (ush)(MAX_MATCH-MIN_MATCH) &&
- (ush)d_code(dist) < (ush)D_CODES, "_tr_tally: bad match");
-
- s->dyn_ltree[length_code[lc]+LITERALS+1].Freq++;
- s->dyn_dtree[d_code(dist)].Freq++;
- }
-
- /* Try to guess if it is profitable to stop the current block here */
- if (s->level > 2 && (s->last_lit & 0xfff) == 0) {
- /* Compute an upper bound for the compressed length */
- ulg out_length = (ulg)s->last_lit*8L;
- ulg in_length = (ulg)((long)s->strstart - s->block_start);
- int dcode;
- for (dcode = 0; dcode < D_CODES; dcode++) {
- out_length += (ulg)s->dyn_dtree[dcode].Freq *
- (5L+extra_dbits[dcode]);
- }
- out_length >>= 3;
- Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
- s->last_lit, in_length, out_length,
- 100L - out_length*100L/in_length));
- if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
- }
- return (s->last_lit == s->lit_bufsize-1);
- /* We avoid equality with lit_bufsize because of wraparound at 64K
- * on 16 bit machines and because stored blocks are restricted to
- * 64K-1 bytes.
- */
-}
-
-/* ===========================================================================
- * Send the block data compressed using the given Huffman trees
- */
-local void compress_block(s, ltree, dtree)
- deflate_state *s;
- ct_data *ltree; /* literal tree */
- ct_data *dtree; /* distance tree */
-{
- unsigned dist; /* distance of matched string */
- int lc; /* match length or unmatched char (if dist == 0) */
- unsigned lx = 0; /* running index in l_buf */
- unsigned code; /* the code to send */
- int extra; /* number of extra bits to send */
-
- if (s->last_lit != 0) do {
- dist = s->d_buf[lx];
- lc = s->l_buf[lx++];
- if (dist == 0) {
- send_code(s, lc, ltree); /* send a literal byte */
- Tracecv(isgraph(lc), (stderr," '%c' ", lc));
- } else {
- /* Here, lc is the match length - MIN_MATCH */
- code = length_code[lc];
- send_code(s, code+LITERALS+1, ltree); /* send the length code */
- extra = extra_lbits[code];
- if (extra != 0) {
- lc -= base_length[code];
- send_bits(s, lc, extra); /* send the extra length bits */
- }
- dist--; /* dist is now the match distance - 1 */
- code = d_code(dist);
- Assert (code < D_CODES, "bad d_code");
-
- send_code(s, code, dtree); /* send the distance code */
- extra = extra_dbits[code];
- if (extra != 0) {
- dist -= base_dist[code];
- send_bits(s, dist, extra); /* send the extra distance bits */
- }
- } /* literal or match pair ? */
-
- /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
- Assert((uInt)s->pending < s->lit_bufsize + 2*lx, "pendingBuf overflow");
-
- } while (lx < s->last_lit);
-
- send_code(s, END_BLOCK, ltree);
- s->last_eob_len = ltree[END_BLOCK].Len;
-}
-
-/* ===========================================================================
- * Set the data type to ASCII or BINARY, using a crude approximation:
- * binary if more than 20% of the bytes are <= 6 or >= 128, ascii otherwise.
- * IN assertion: the fields freq of dyn_ltree are set and the total of all
- * frequencies does not exceed 64K (to fit in an int on 16 bit machines).
- */
-local void set_data_type(s)
- deflate_state *s;
-{
- int n = 0;
- unsigned ascii_freq = 0;
- unsigned bin_freq = 0;
- while (n < 7) bin_freq += s->dyn_ltree[n++].Freq;
- while (n < 128) ascii_freq += s->dyn_ltree[n++].Freq;
- while (n < LITERALS) bin_freq += s->dyn_ltree[n++].Freq;
- s->data_type = (Byte)(bin_freq > (ascii_freq >> 2) ? Z_BINARY : Z_ASCII);
-}
-
-/* ===========================================================================
- * Reverse the first len bits of a code, using straightforward code (a faster
- * method would use a table)
- * IN assertion: 1 <= len <= 15
- */
-local unsigned bi_reverse(code, len)
- unsigned code; /* the value to invert */
- int len; /* its bit length */
-{
- register unsigned res = 0;
- do {
- res |= code & 1;
- code >>= 1, res <<= 1;
- } while (--len > 0);
- return res >> 1;
-}
-
-/* ===========================================================================
- * Flush the bit buffer, keeping at most 7 bits in it.
- */
-local void bi_flush(s)
- deflate_state *s;
-{
- if (s->bi_valid == 16) {
- put_short(s, s->bi_buf);
- s->bi_buf = 0;
- s->bi_valid = 0;
- } else if (s->bi_valid >= 8) {
- put_byte(s, (Byte)s->bi_buf);
- s->bi_buf >>= 8;
- s->bi_valid -= 8;
- }
-}
-
-/* ===========================================================================
- * Flush the bit buffer and align the output on a byte boundary
- */
-local void bi_windup(s)
- deflate_state *s;
-{
- if (s->bi_valid > 8) {
- put_short(s, s->bi_buf);
- } else if (s->bi_valid > 0) {
- put_byte(s, (Byte)s->bi_buf);
- }
- s->bi_buf = 0;
- s->bi_valid = 0;
-#ifdef DEBUG
- s->bits_sent = (s->bits_sent+7) & ~7;
-#endif
-}
-
-/* ===========================================================================
- * Copy a stored block, storing first the length and its
- * one's complement if requested.
- */
-local void copy_block(s, buf, len, header)
- deflate_state *s;
- charf *buf; /* the input data */
- unsigned len; /* its length */
- int header; /* true if block header must be written */
-{
- bi_windup(s); /* align on byte boundary */
- s->last_eob_len = 8; /* enough lookahead for inflate */
-
- if (header) {
- put_short(s, (ush)len);
- put_short(s, (ush)~len);
-#ifdef DEBUG
- s->bits_sent += 2*16;
-#endif
- }
-#ifdef DEBUG
- s->bits_sent += (ulg)len<<3;
-#endif
- while (len--) {
- put_byte(s, *buf++);
- }
-}
diff --git a/security/nss/cmd/zlib/uncompr.c b/security/nss/cmd/zlib/uncompr.c
deleted file mode 100644
index 5e5a83247..000000000
--- a/security/nss/cmd/zlib/uncompr.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/* uncompr.c -- decompress a memory buffer
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include "zlib.h"
-
-/* ===========================================================================
- Decompresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be large enough to hold the
- entire uncompressed data. (The size of the uncompressed data must have
- been saved previously by the compressor and transmitted to the decompressor
- by some mechanism outside the scope of this compression library.)
- Upon exit, destLen is the actual size of the compressed buffer.
- This function can be used to decompress a whole file at once if the
- input file is mmap'ed.
-
- uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer, or Z_DATA_ERROR if the input data was corrupted.
-*/
-PR_PUBLIC_API(int) uncompress (dest, destLen, source, sourceLen)
- Bytef *dest;
- uLongf *destLen;
- const Bytef *source;
- uLong sourceLen;
-{
- z_stream stream;
- int err;
-
- stream.next_in = (Bytef*)source;
- stream.avail_in = (uInt)sourceLen;
- /* Check for source > 64K on 16-bit machine: */
- if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR;
-
- stream.next_out = dest;
- stream.avail_out = (uInt)*destLen;
- if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR;
-
- stream.zalloc = (alloc_func)0;
- stream.zfree = (free_func)0;
-
- err = inflateInit(&stream);
- if (err != Z_OK) return err;
-
- err = inflate(&stream, Z_FINISH);
- if (err != Z_STREAM_END) {
- inflateEnd(&stream);
- return err;
- }
- *destLen = stream.total_out;
-
- err = inflateEnd(&stream);
- return err;
-}
diff --git a/security/nss/cmd/zlib/zconf.h b/security/nss/cmd/zlib/zconf.h
deleted file mode 100644
index 096a448b4..000000000
--- a/security/nss/cmd/zlib/zconf.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#ifndef _ZCONF_H
-#define _ZCONF_H
-
-/*
- * If you *really* need a unique prefix for all types and library functions,
- * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
- */
-#ifdef Z_PREFIX
-# define deflateInit_ z_deflateInit_
-# define deflate z_deflate
-# define deflateEnd z_deflateEnd
-# define inflateInit_ z_inflateInit_
-# define inflate z_inflate
-# define inflateEnd z_inflateEnd
-# define deflateInit2_ z_deflateInit2_
-# define deflateSetDictionary z_deflateSetDictionary
-# define deflateCopy z_deflateCopy
-# define deflateReset z_deflateReset
-# define deflateParams z_deflateParams
-# define inflateInit2_ z_inflateInit2_
-# define inflateSetDictionary z_inflateSetDictionary
-# define inflateSync z_inflateSync
-# define inflateReset z_inflateReset
-# define compress z_compress
-# define uncompress z_uncompress
-# define adler32 z_adler32
-# define crc32 z_crc32
-# define get_crc_table z_get_crc_table
-
-# define Byte z_Byte
-# define uInt z_uInt
-# define uLong z_uLong
-# define Bytef z_Bytef
-# define charf z_charf
-# define intf z_intf
-# define uIntf z_uIntf
-# define uLongf z_uLongf
-# define voidpf z_voidpf
-# define voidp z_voidp
-#endif
-
-#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
-# define WIN32
-#endif
-#if defined(__GNUC__) || defined(WIN32) || defined(__386__) || defined(i386)
-# ifndef __32BIT__
-# define __32BIT__
-# endif
-#endif
-#if defined(__MSDOS__) && !defined(MSDOS)
-# define MSDOS
-#endif
-
-/*
- * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
- * than 64k bytes at a time (needed on systems with 16-bit int).
- */
-#if defined(MSDOS) && !defined(__32BIT__)
-# define MAXSEG_64K
-#endif
-#ifdef MSDOS
-# define UNALIGNED_OK
-#endif
-
-#if (defined(MSDOS) || defined(_WINDOWS) || defined(WIN32) || defined(XP_OS2)) && !defined(STDC)
-# define STDC
-#endif
-#if (defined(__STDC__) || defined(__cplusplus)) && !defined(STDC)
-# define STDC
-#endif
-
-#ifndef STDC
-# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
-# define const
-# endif
-#endif
-
-/* Some Mac compilers merge all .h files incorrectly: */
-#if defined(__MWERKS__) || defined(applec) ||defined(THINK_C) ||defined(__SC__)
-# define NO_DUMMY_DECL
-#endif
-
-/* Maximum value for memLevel in deflateInit2 */
-#ifndef MAX_MEM_LEVEL
-# ifdef MAXSEG_64K
-# define MAX_MEM_LEVEL 8
-# else
-# define MAX_MEM_LEVEL 9
-# endif
-#endif
-
-/* Maximum value for windowBits in deflateInit2 and inflateInit2 */
-#ifndef MAX_WBITS
-# define MAX_WBITS 15 /* 32K LZ77 window */
-#endif
-
-/* The memory requirements for deflate are (in bytes):
- 1 << (windowBits+2) + 1 << (memLevel+9)
- that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
- plus a few kilobytes for small objects. For example, if you want to reduce
- the default memory requirements from 256K to 128K, compile with
- make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
- Of course this will generally degrade compression (there's no free lunch).
-
- The memory requirements for inflate are (in bytes) 1 << windowBits
- that is, 32K for windowBits=15 (default value) plus a few kilobytes
- for small objects.
-*/
-
- /* Type declarations */
-
-#ifndef OF /* function prototypes */
-# ifdef STDC
-# define OF(args) args
-# else
-# define OF(args) ()
-# endif
-#endif
-
-/* The following definitions for FAR are needed only for MSDOS mixed
- * model programming (small or medium model with some far allocations).
- * This was tested only with MSC; for other MSDOS compilers you may have
- * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
- * just define FAR to be empty.
- */
-#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(__32BIT__)
- /* MSC small or medium model */
-# define SMALL_MEDIUM
-# ifdef _MSC_VER
-# define FAR __far
-# else
-# define FAR far
-# endif
-#endif
-#if defined(__BORLANDC__) && (defined(__SMALL__) || defined(__MEDIUM__))
-# ifndef __32BIT__
-# define SMALL_MEDIUM
-# define FAR __far
-# endif
-#endif
-#ifndef FAR
-# define FAR
-#endif
-
-typedef unsigned char Byte; /* 8 bits */
-typedef unsigned int uInt; /* 16 bits or more */
-typedef unsigned long uLong; /* 32 bits or more */
-
-#if defined(__BORLANDC__) && defined(SMALL_MEDIUM)
- /* Borland C/C++ ignores FAR inside typedef */
-# define Bytef Byte FAR
-#else
- typedef Byte FAR Bytef;
-#endif
-typedef char FAR charf;
-typedef int FAR intf;
-typedef uInt FAR uIntf;
-typedef uLong FAR uLongf;
-
-#ifdef STDC
- typedef void FAR *voidpf;
- typedef void *voidp;
-#else
- typedef Byte FAR *voidpf;
- typedef Byte *voidp;
-#endif
-
-#ifdef MOZILLA_CLIENT
-#include "prtypes.h"
-#else
-/* Compile with -DZLIB_DLL for Windows DLL support */
-#if (defined(_WINDOWS) || defined(WINDOWS)) && defined(ZLIB_DLL)
-# include <windows.h>
-# define EXPORT WINAPI
-#else
-# define EXPORT
-#endif
-
-/* #define PR_PUBLIC_API(type) type */
-
-#endif /* MOZILLA_CLIENT */
-
-#endif /* _ZCONF_H */
diff --git a/security/nss/cmd/zlib/zip16.def b/security/nss/cmd/zlib/zip16.def
deleted file mode 100644
index 664eeab09..000000000
--- a/security/nss/cmd/zlib/zip16.def
+++ /dev/null
@@ -1,24 +0,0 @@
-LIBRARY zip1640.DLL
-EXETYPE WINDOWS
-PROTMODE
-
-DESCRIPTION '16-bit Zip DLL'
-
-STUB 'WINSTUB.EXE'
-
-CODE LOADONCALL MOVEABLE DISCARDABLE
-DATA PRELOAD MOVEABLE SINGLE
-
-HEAPSIZE 8192
-
-EXPORTS
-
-IMPORTS
- _malloc = nspr3.2
- _realloc = nspr3.3
- _calloc = nspr3.4
- _free = nspr3.5
- _getenv = nspr3.9
- _printf = nspr3.11
- _sscanf = nspr3.33
-
diff --git a/security/nss/cmd/zlib/zip_nodl.c b/security/nss/cmd/zlib/zip_nodl.c
deleted file mode 100644
index e8ea67d7e..000000000
--- a/security/nss/cmd/zlib/zip_nodl.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/* Automatically generated file; do not edit */
-
-#include "prtypes.h"
-
-#include "prlink.h"
-
-extern void Java_java_util_zip_Adler32_update_stub();
-extern void Java_java_util_zip_Adler32_update1_stub();
-extern void Java_java_util_zip_CRC32_update_stub();
-extern void Java_java_util_zip_CRC32_update1_stub();
-extern void Java_java_util_zip_Deflater_setDictionary_stub();
-extern void Java_java_util_zip_Deflater_deflate_stub();
-extern void Java_java_util_zip_Deflater_getAdler_stub();
-extern void Java_java_util_zip_Deflater_getTotalIn_stub();
-extern void Java_java_util_zip_Deflater_getTotalOut_stub();
-extern void Java_java_util_zip_Deflater_reset_stub();
-extern void Java_java_util_zip_Deflater_end_stub();
-extern void Java_java_util_zip_Deflater_init_stub();
-extern void Java_java_util_zip_Inflater_setDictionary_stub();
-extern void Java_java_util_zip_Inflater_inflate_stub();
-extern void Java_java_util_zip_Inflater_getAdler_stub();
-extern void Java_java_util_zip_Inflater_getTotalIn_stub();
-extern void Java_java_util_zip_Inflater_getTotalOut_stub();
-extern void Java_java_util_zip_Inflater_reset_stub();
-extern void Java_java_util_zip_Inflater_end_stub();
-extern void Java_java_util_zip_Inflater_init_stub();
-
-PRStaticLinkTable zip_nodl_tab[] = {
- { "Java_java_util_zip_Adler32_update_stub", Java_java_util_zip_Adler32_update_stub },
- { "Java_java_util_zip_Adler32_update1_stub", Java_java_util_zip_Adler32_update1_stub },
- { "Java_java_util_zip_CRC32_update_stub", Java_java_util_zip_CRC32_update_stub },
- { "Java_java_util_zip_CRC32_update1_stub", Java_java_util_zip_CRC32_update1_stub },
- { "Java_java_util_zip_Deflater_setDictionary_stub", Java_java_util_zip_Deflater_setDictionary_stub },
- { "Java_java_util_zip_Deflater_deflate_stub", Java_java_util_zip_Deflater_deflate_stub },
- { "Java_java_util_zip_Deflater_getAdler_stub", Java_java_util_zip_Deflater_getAdler_stub },
- { "Java_java_util_zip_Deflater_getTotalIn_stub", Java_java_util_zip_Deflater_getTotalIn_stub },
- { "Java_java_util_zip_Deflater_getTotalOut_stub", Java_java_util_zip_Deflater_getTotalOut_stub },
- { "Java_java_util_zip_Deflater_reset_stub", Java_java_util_zip_Deflater_reset_stub },
- { "Java_java_util_zip_Deflater_end_stub", Java_java_util_zip_Deflater_end_stub },
- { "Java_java_util_zip_Deflater_init_stub", Java_java_util_zip_Deflater_init_stub },
- { "Java_java_util_zip_Inflater_setDictionary_stub", Java_java_util_zip_Inflater_setDictionary_stub },
- { "Java_java_util_zip_Inflater_inflate_stub", Java_java_util_zip_Inflater_inflate_stub },
- { "Java_java_util_zip_Inflater_getAdler_stub", Java_java_util_zip_Inflater_getAdler_stub },
- { "Java_java_util_zip_Inflater_getTotalIn_stub", Java_java_util_zip_Inflater_getTotalIn_stub },
- { "Java_java_util_zip_Inflater_getTotalOut_stub", Java_java_util_zip_Inflater_getTotalOut_stub },
- { "Java_java_util_zip_Inflater_reset_stub", Java_java_util_zip_Inflater_reset_stub },
- { "Java_java_util_zip_Inflater_end_stub", Java_java_util_zip_Inflater_end_stub },
- { "Java_java_util_zip_Inflater_init_stub", Java_java_util_zip_Inflater_init_stub },
- { 0, 0, },
-};
diff --git a/security/nss/cmd/zlib/zlib.h b/security/nss/cmd/zlib/zlib.h
deleted file mode 100644
index b216f00a3..000000000
--- a/security/nss/cmd/zlib/zlib.h
+++ /dev/null
@@ -1,892 +0,0 @@
-/* zlib.h -- interface of the 'zlib' general purpose compression library
- version 1.0.4, Jul 24th, 1996.
-
- Copyright (C) 1995-1996 Jean-loup Gailly and Mark Adler
-
- This software is provided 'as-is', without any express or implied
- warranty. In no event will the authors be held liable for any damages
- arising from the use of this software.
-
- Permission is granted to anyone to use this software for any purpose,
- including commercial applications, and to alter it and redistribute it
- freely, subject to the following restrictions:
-
- 1. The origin of this software must not be misrepresented; you must not
- claim that you wrote the original software. If you use this software
- in a product, an acknowledgment in the product documentation would be
- appreciated but is not required.
- 2. Altered source versions must be plainly marked as such, and must not be
- misrepresented as being the original software.
- 3. This notice may not be removed or altered from any source distribution.
-
- Jean-loup Gailly Mark Adler
- gzip@prep.ai.mit.edu madler@alumni.caltech.edu
-
-
- The data format used by the zlib library is described by RFCs (Request for
- Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt
- (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
-*/
-/* This file was modified since it was taken from the zlib distribution */
-
-#ifndef _ZLIB_H
-#define _ZLIB_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "zconf.h"
-
-#define ZLIB_VERSION "1.0.4"
-
-/*
- The 'zlib' compression library provides in-memory compression and
- decompression functions, including integrity checks of the uncompressed
- data. This version of the library supports only one compression method
- (deflation) but other algorithms may be added later and will have the same
- stream interface.
-
- For compression the application must provide the output buffer and
- may optionally provide the input buffer for optimization. For decompression,
- the application must provide the input buffer and may optionally provide
- the output buffer for optimization.
-
- Compression can be done in a single step if the buffers are large
- enough (for example if an input file is mmap'ed), or can be done by
- repeated calls of the compression function. In the latter case, the
- application must provide more input and/or consume the output
- (providing more output space) before each call.
-
- The library does not install any signal handler. It is recommended to
- add at least a handler for SIGSEGV when decompressing; the library checks
- the consistency of the input data whenever possible but may go nuts
- for some forms of corrupted input.
-*/
-
-typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
-typedef void (*free_func) OF((voidpf opaque, voidpf address));
-
-struct internal_state;
-
-typedef struct z_stream_s {
- Bytef *next_in; /* next input byte */
- uInt avail_in; /* number of bytes available at next_in */
- uLong total_in; /* total nb of input bytes read so far */
-
- Bytef *next_out; /* next output byte should be put there */
- uInt avail_out; /* remaining free space at next_out */
- uLong total_out; /* total nb of bytes output so far */
-
- char *msg; /* last error message, NULL if no error */
- struct internal_state FAR *state; /* not visible by applications */
-
- alloc_func zalloc; /* used to allocate the internal state */
- free_func zfree; /* used to free the internal state */
- voidpf opaque; /* private data object passed to zalloc and zfree */
-
- int data_type; /* best guess about the data type: ascii or binary */
- uLong adler; /* adler32 value of the uncompressed data */
- uLong reserved; /* reserved for future use */
-} z_stream;
-
-typedef z_stream FAR *z_streamp;
-
-/*
- The application must update next_in and avail_in when avail_in has
- dropped to zero. It must update next_out and avail_out when avail_out
- has dropped to zero. The application must initialize zalloc, zfree and
- opaque before calling the init function. All other fields are set by the
- compression library and must not be updated by the application.
-
- The opaque value provided by the application will be passed as the first
- parameter for calls of zalloc and zfree. This can be useful for custom
- memory management. The compression library attaches no meaning to the
- opaque value.
-
- zalloc must return Z_NULL if there is not enough memory for the object.
- On 16-bit systems, the functions zalloc and zfree must be able to allocate
- exactly 65536 bytes, but will not be required to allocate more than this
- if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS,
- pointers returned by zalloc for objects of exactly 65536 bytes *must*
- have their offset normalized to zero. The default allocation function
- provided by this library ensures this (see zutil.c). To reduce memory
- requirements and avoid any allocation of 64K objects, at the expense of
- compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h).
-
- The fields total_in and total_out can be used for statistics or
- progress reports. After compression, total_in holds the total size of
- the uncompressed data and may be saved for use in the decompressor
- (particularly if the decompressor wants to decompress everything in
- a single step).
-*/
-
- /* constants */
-
-#define Z_NO_FLUSH 0
-#define Z_PARTIAL_FLUSH 1
-#define Z_SYNC_FLUSH 2
-#define Z_FULL_FLUSH 3
-#define Z_FINISH 4
-/* Allowed flush values; see deflate() below for details */
-
-#define Z_OK 0
-#define Z_STREAM_END 1
-#define Z_NEED_DICT 2
-#define Z_ERRNO (-1)
-#define Z_STREAM_ERROR (-2)
-#define Z_DATA_ERROR (-3)
-#define Z_MEM_ERROR (-4)
-#define Z_BUF_ERROR (-5)
-#define Z_VERSION_ERROR (-6)
-/* Return codes for the compression/decompression functions. Negative
- * values are errors, positive values are used for special but normal events.
- */
-
-#define Z_NO_COMPRESSION 0
-#define Z_BEST_SPEED 1
-#define Z_BEST_COMPRESSION 9
-#define Z_DEFAULT_COMPRESSION (-1)
-/* compression levels */
-
-#define Z_FILTERED 1
-#define Z_HUFFMAN_ONLY 2
-#define Z_DEFAULT_STRATEGY 0
-/* compression strategy; see deflateInit2() below for details */
-
-#define Z_BINARY 0
-#define Z_ASCII 1
-#define Z_UNKNOWN 2
-/* Possible values of the data_type field */
-
-#define Z_DEFLATED 8
-/* The deflate compression method (the only one supported in this version) */
-
-#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
-
-#define zlib_version zlibVersion()
-/* for compatibility with versions < 1.0.2 */
-
- /* basic functions */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) zlibVersion (void);
-#else
-extern const char * EXPORT zlibVersion OF((void));
-#endif
-/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
- If the first character differs, the library code actually used is
- not compatible with the zlib.h header file used by the application.
- This check is automatically made by deflateInit and inflateInit.
- */
-
-/*
-extern int EXPORT deflateInit OF((z_streamp strm, int level));
-
- Initializes the internal stream state for compression. The fields
- zalloc, zfree and opaque must be initialized before by the caller.
- If zalloc and zfree are set to Z_NULL, deflateInit updates them to
- use default allocation functions.
-
- The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
- 1 gives best speed, 9 gives best compression, 0 gives no compression at
- all (the input data is simply copied a block at a time).
- Z_DEFAULT_COMPRESSION requests a default compromise between speed and
- compression (currently equivalent to level 6).
-
- deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_STREAM_ERROR if level is not a valid compression level,
- Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
- with the version assumed by the caller (ZLIB_VERSION).
- msg is set to null if there is no error message. deflateInit does not
- perform any compression: this will be done by deflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflate (z_streamp strm, int flush);
-#else
-extern int EXPORT deflate OF((z_streamp strm, int flush));
-#endif
-/*
- Performs one or both of the following actions:
-
- - Compress more input starting at next_in and update next_in and avail_in
- accordingly. If not all input can be processed (because there is not
- enough room in the output buffer), next_in and avail_in are updated and
- processing will resume at this point for the next call of deflate().
-
- - Provide more output starting at next_out and update next_out and avail_out
- accordingly. This action is forced if the parameter flush is non zero.
- Forcing flush frequently degrades the compression ratio, so this parameter
- should be set only when necessary (in interactive applications).
- Some output may be provided even if flush is not set.
-
- Before the call of deflate(), the application should ensure that at least
- one of the actions is possible, by providing more input and/or consuming
- more output, and updating avail_in or avail_out accordingly; avail_out
- should never be zero before the call. The application can consume the
- compressed output when it wants, for example when the output buffer is full
- (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK
- and with zero avail_out, it must be called again after making room in the
- output buffer because there might be more output pending.
-
- If the parameter flush is set to Z_PARTIAL_FLUSH, the current compression
- block is terminated and flushed to the output buffer so that the
- decompressor can get all input data available so far. For method 9, a future
- variant on method 8, the current block will be flushed but not terminated.
- Z_SYNC_FLUSH has the same effect as partial flush except that the compressed
- output is byte aligned (the compressor can clear its internal bit buffer)
- and the current block is always terminated; this can be useful if the
- compressor has to be restarted from scratch after an interruption (in which
- case the internal state of the compressor may be lost).
- If flush is set to Z_FULL_FLUSH, the compression block is terminated, a
- special marker is output and the compression dictionary is discarded; this
- is useful to allow the decompressor to synchronize if one compressed block
- has been damaged (see inflateSync below). Flushing degrades compression and
- so should be used only when necessary. Using Z_FULL_FLUSH too often can
- seriously degrade the compression. If deflate returns with avail_out == 0,
- this function must be called again with the same value of the flush
- parameter and more output space (updated avail_out), until the flush is
- complete (deflate returns with non-zero avail_out).
-
- If the parameter flush is set to Z_FINISH, pending input is processed,
- pending output is flushed and deflate returns with Z_STREAM_END if there
- was enough output space; if deflate returns with Z_OK, this function must be
- called again with Z_FINISH and more output space (updated avail_out) but no
- more input data, until it returns with Z_STREAM_END or an error. After
- deflate has returned Z_STREAM_END, the only possible operations on the
- stream are deflateReset or deflateEnd.
-
- Z_FINISH can be used immediately after deflateInit if all the compression
- is to be done in a single step. In this case, avail_out must be at least
- 0.1% larger than avail_in plus 12 bytes. If deflate does not return
- Z_STREAM_END, then it must be called again as described above.
-
- deflate() may update data_type if it can make a good guess about
- the input data type (Z_ASCII or Z_BINARY). In doubt, the data is considered
- binary. This field is only for information purposes and does not affect
- the compression algorithm in any manner.
-
- deflate() returns Z_OK if some progress has been made (more input
- processed or more output produced), Z_STREAM_END if all input has been
- consumed and all output has been produced (only when flush is set to
- Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
- if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateEnd (z_streamp strm);
-#else
-extern int EXPORT deflateEnd OF((z_streamp strm));
-#endif
-/*
- All dynamically allocated data structures for this stream are freed.
- This function discards any unprocessed input and does not flush any
- pending output.
-
- deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
- stream state was inconsistent, Z_DATA_ERROR if the stream was freed
- prematurely (some input or output was discarded). In the error case,
- msg may be set but then points to a static string (which must not be
- deallocated).
-*/
-
-
-/*
-extern int EXPORT inflateInit OF((z_streamp strm));
-
- Initializes the internal stream state for decompression. The fields
- zalloc, zfree and opaque must be initialized before by the caller. If
- zalloc and zfree are set to Z_NULL, inflateInit updates them to use default
- allocation functions.
-
- inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_VERSION_ERROR if the zlib library version is incompatible
- with the version assumed by the caller. msg is set to null if there is no
- error message. inflateInit does not perform any decompression: this will be
- done by inflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflate (z_streamp strm, int flush);
-#else
-extern int EXPORT inflate OF((z_streamp strm, int flush));
-#endif
-/*
- Performs one or both of the following actions:
-
- - Decompress more input starting at next_in and update next_in and avail_in
- accordingly. If not all input can be processed (because there is not
- enough room in the output buffer), next_in is updated and processing
- will resume at this point for the next call of inflate().
-
- - Provide more output starting at next_out and update next_out and avail_out
- accordingly. inflate() provides as much output as possible, until there
- is no more input data or no more space in the output buffer (see below
- about the flush parameter).
-
- Before the call of inflate(), the application should ensure that at least
- one of the actions is possible, by providing more input and/or consuming
- more output, and updating the next_* and avail_* values accordingly.
- The application can consume the uncompressed output when it wants, for
- example when the output buffer is full (avail_out == 0), or after each
- call of inflate(). If inflate returns Z_OK and with zero avail_out, it
- must be called again after making room in the output buffer because there
- might be more output pending.
-
- If the parameter flush is set to Z_PARTIAL_FLUSH, inflate flushes as much
- output as possible to the output buffer. The flushing behavior of inflate is
- not specified for values of the flush parameter other than Z_PARTIAL_FLUSH
- and Z_FINISH, but the current implementation actually flushes as much output
- as possible anyway.
-
- inflate() should normally be called until it returns Z_STREAM_END or an
- error. However if all decompression is to be performed in a single step
- (a single call of inflate), the parameter flush should be set to
- Z_FINISH. In this case all pending input is processed and all pending
- output is flushed; avail_out must be large enough to hold all the
- uncompressed data. (The size of the uncompressed data may have been saved
- by the compressor for this purpose.) The next operation on this stream must
- be inflateEnd to deallocate the decompression state. The use of Z_FINISH
- is never required, but can be used to inform inflate that a faster routine
- may be used for the single inflate() call.
-
- inflate() returns Z_OK if some progress has been made (more input
- processed or more output produced), Z_STREAM_END if the end of the
- compressed data has been reached and all uncompressed output has been
- produced, Z_NEED_DICT if a preset dictionary is needed at this point (see
- inflateSetDictionary below), Z_DATA_ERROR if the input data was corrupted,
- Z_STREAM_ERROR if the stream structure was inconsistent (for example if
- next_in or next_out was NULL), Z_MEM_ERROR if there was not enough memory,
- Z_BUF_ERROR if no progress is possible or if there was not enough room in
- the output buffer when Z_FINISH is used. In the Z_DATA_ERROR case, the
- application may then call inflateSync to look for a good compression block.
- In the Z_NEED_DICT case, strm->adler is set to the Adler32 value of the
- dictionary chosen by the compressor.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateEnd (z_streamp strm);
-#else
-extern int EXPORT inflateEnd OF((z_streamp strm));
-#endif
-/*
- All dynamically allocated data structures for this stream are freed.
- This function discards any unprocessed input and does not flush any
- pending output.
-
- inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
- was inconsistent. In the error case, msg may be set but then points to a
- static string (which must not be deallocated).
-*/
-
- /* Advanced functions */
-
-/*
- The following functions are needed only in some special applications.
-*/
-
-/*
-extern int EXPORT deflateInit2 OF((z_streamp strm,
- int level,
- int method,
- int windowBits,
- int memLevel,
- int strategy));
-
- This is another version of deflateInit with more compression options. The
- fields next_in, zalloc, zfree and opaque must be initialized before by
- the caller.
-
- The method parameter is the compression method. It must be Z_DEFLATED in
- this version of the library. (Method 9 will allow a 64K history buffer and
- partial block flushes.)
-
- The windowBits parameter is the base two logarithm of the window size
- (the size of the history buffer). It should be in the range 8..15 for this
- version of the library (the value 16 will be allowed for method 9). Larger
- values of this parameter result in better compression at the expense of
- memory usage. The default value is 15 if deflateInit is used instead.
-
- The memLevel parameter specifies how much memory should be allocated
- for the internal compression state. memLevel=1 uses minimum memory but
- is slow and reduces compression ratio; memLevel=9 uses maximum memory
- for optimal speed. The default value is 8. See zconf.h for total memory
- usage as a function of windowBits and memLevel.
-
- The strategy parameter is used to tune the compression algorithm. Use the
- value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
- filter (or predictor), or Z_HUFFMAN_ONLY to force Huffman encoding only (no
- string match). Filtered data consists mostly of small values with a
- somewhat random distribution. In this case, the compression algorithm is
- tuned to compress them better. The effect of Z_FILTERED is to force more
- Huffman coding and less string matching; it is somewhat intermediate
- between Z_DEFAULT and Z_HUFFMAN_ONLY. The strategy parameter only affects
- the compression ratio but not the correctness of the compressed output even
- if it is not set appropriately.
-
- If next_in is not null, the library will use this buffer to hold also
- some history information; the buffer must either hold the entire input
- data, or have at least 1<<(windowBits+1) bytes and be writable. If next_in
- is null, the library will allocate its own history buffer (and leave next_in
- null). next_out need not be provided here but must be provided by the
- application for the next call of deflate().
-
- If the history buffer is provided by the application, next_in must
- must never be changed by the application since the compressor maintains
- information inside this buffer from call to call; the application
- must provide more input only by increasing avail_in. next_in is always
- reset by the library in this case.
-
- deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
- not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
- an invalid method). msg is set to null if there is no error message.
- deflateInit2 does not perform any compression: this will be done by
- deflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateSetDictionary (z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength);
-#else
-extern int EXPORT deflateSetDictionary OF((z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength));
-#endif
-/*
- Initializes the compression dictionary (history buffer) from the given
- byte sequence without producing any compressed output. This function must
- be called immediately after deflateInit or deflateInit2, before any call
- of deflate. The compressor and decompressor must use exactly the same
- dictionary (see inflateSetDictionary).
- The dictionary should consist of strings (byte sequences) that are likely
- to be encountered later in the data to be compressed, with the most commonly
- used strings preferably put towards the end of the dictionary. Using a
- dictionary is most useful when the data to be compressed is short and
- can be predicted with good accuracy; the data can then be compressed better
- than with the default empty dictionary. In this version of the library,
- only the last 32K bytes of the dictionary are used.
- Upon return of this function, strm->adler is set to the Adler32 value
- of the dictionary; the decompressor may later use this value to determine
- which dictionary has been used by the compressor. (The Adler32 value
- applies to the whole dictionary even if only a subset of the dictionary is
- actually used by the compressor.)
-
- deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
- parameter is invalid (such as NULL dictionary) or the stream state
- is inconsistent (for example if deflate has already been called for this
- stream). deflateSetDictionary does not perform any compression: this will
- be done by deflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateCopy (z_streamp dest, z_streamp source);
-#else
-extern int EXPORT deflateCopy OF((z_streamp dest, z_streamp source));
-#endif
-/*
- Sets the destination stream as a complete copy of the source stream. If
- the source stream is using an application-supplied history buffer, a new
- buffer is allocated for the destination stream. The compressed output
- buffer is always application-supplied. It's the responsibility of the
- application to provide the correct values of next_out and avail_out for the
- next call of deflate.
-
- This function can be useful when several compression strategies will be
- tried, for example when there are several ways of pre-processing the input
- data with a filter. The streams that will be discarded should then be freed
- by calling deflateEnd. Note that deflateCopy duplicates the internal
- compression state which can be quite large, so this strategy is slow and
- can consume lots of memory.
-
- deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
- (such as zalloc being NULL). msg is left unchanged in both source and
- destination.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateReset (z_streamp strm);
-#else
-extern int EXPORT deflateReset OF((z_streamp strm));
-#endif
-/*
- This function is equivalent to deflateEnd followed by deflateInit,
- but does not free and reallocate all the internal compression state.
- The stream will keep the same compression level and any other attributes
- that may have been set by deflateInit2.
-
- deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
- stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateParams (z_streamp strm, int level, int strategy);
-#else
-extern int EXPORT deflateParams OF((z_streamp strm, int level, int strategy));
-#endif
-/*
- Dynamically update the compression level and compression strategy.
- This can be used to switch between compression and straight copy of
- the input data, or to switch to a different kind of input data requiring
- a different strategy. If the compression level is changed, the input
- available so far is compressed with the old level (and may be flushed);
- the new level will take effect only at the next call of deflate().
-
- Before the call of deflateParams, the stream state must be set as for
- a call of deflate(), since the currently available input may have to
- be compressed and flushed. In particular, strm->avail_out must be non-zero.
-
- deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
- stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR
- if strm->avail_out was zero.
-*/
-
-/*
-extern int EXPORT inflateInit2 OF((z_streamp strm,
- int windowBits));
-
- This is another version of inflateInit with more compression options. The
- fields next_out, zalloc, zfree and opaque must be initialized before by
- the caller.
-
- The windowBits parameter is the base two logarithm of the maximum window
- size (the size of the history buffer). It should be in the range 8..15 for
- this version of the library (the value 16 will be allowed soon). The
- default value is 15 if inflateInit is used instead. If a compressed stream
- with a larger window size is given as input, inflate() will return with
- the error code Z_DATA_ERROR instead of trying to allocate a larger window.
-
- If next_out is not null, the library will use this buffer for the history
- buffer; the buffer must either be large enough to hold the entire output
- data, or have at least 1<<windowBits bytes. If next_out is null, the
- library will allocate its own buffer (and leave next_out null). next_in
- need not be provided here but must be provided by the application for the
- next call of inflate().
-
- If the history buffer is provided by the application, next_out must
- never be changed by the application since the decompressor maintains
- history information inside this buffer from call to call; the application
- can only reset next_out to the beginning of the history buffer when
- avail_out is zero and all output has been consumed.
-
- inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
- not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
- windowBits < 8). msg is set to null if there is no error message.
- inflateInit2 does not perform any decompression: this will be done by
- inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSetDictionary (z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength);
-#else
-extern int EXPORT inflateSetDictionary OF((z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength));
-#endif
-/*
- Initializes the decompression dictionary (history buffer) from the given
- uncompressed byte sequence. This function must be called immediately after
- a call of inflate if this call returned Z_NEED_DICT. The dictionary chosen
- by the compressor can be determined from the Adler32 value returned by this
- call of inflate. The compressor and decompressor must use exactly the same
- dictionary (see deflateSetDictionary).
-
- inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
- parameter is invalid (such as NULL dictionary) or the stream state is
- inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
- expected one (incorrect Adler32 value). inflateSetDictionary does not
- perform any decompression: this will be done by subsequent calls of
- inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSync (z_streamp strm);
-#else
-extern int EXPORT inflateSync OF((z_streamp strm));
-#endif
-/*
- Skips invalid compressed data until the special marker (see deflate()
- above) can be found, or until all available input is skipped. No output
- is provided.
-
- inflateSync returns Z_OK if the special marker has been found, Z_BUF_ERROR
- if no more input was provided, Z_DATA_ERROR if no marker has been found,
- or Z_STREAM_ERROR if the stream structure was inconsistent. In the success
- case, the application may save the current current value of total_in which
- indicates where valid compressed data was found. In the error case, the
- application may repeatedly call inflateSync, providing more input each time,
- until success or end of the input data.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateReset (z_streamp strm);
-#else
-extern int EXPORT inflateReset OF((z_streamp strm));
-#endif
-/*
- This function is equivalent to inflateEnd followed by inflateInit,
- but does not free and reallocate all the internal decompression state.
- The stream will keep attributes that may have been set by inflateInit2.
-
- inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
- stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-
- /* utility functions */
-
-/*
- The following utility functions are implemented on top of the
- basic stream-oriented functions. To simplify the interface, some
- default options are assumed (compression level, window size,
- standard memory allocation functions). The source code of these
- utility functions can easily be modified if you need special options.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) compress (Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT compress OF((Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen));
-#endif
-/*
- Compresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be at least 0.1% larger than
- sourceLen plus 12 bytes. Upon exit, destLen is the actual size of the
- compressed buffer.
- This function can be used to compress a whole file at once if the
- input file is mmap'ed.
- compress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) uncompress (Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT uncompress OF((Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen));
-#endif
-/*
- Decompresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be large enough to hold the
- entire uncompressed data. (The size of the uncompressed data must have
- been saved previously by the compressor and transmitted to the decompressor
- by some mechanism outside the scope of this compression library.)
- Upon exit, destLen is the actual size of the compressed buffer.
- This function can be used to decompress a whole file at once if the
- input file is mmap'ed.
-
- uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer, or Z_DATA_ERROR if the input data was corrupted.
-*/
-
-
-typedef voidp gzFile;
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzopen (const char *path, const char *mode);
-#else
-extern gzFile EXPORT gzopen OF((const char *path, const char *mode));
-#endif
-/*
- Opens a gzip (.gz) file for reading or writing. The mode parameter
- is as in fopen ("rb" or "wb") but can also include a compression level
- ("wb9"). gzopen can be used to read a file which is not in gzip format;
- in this case gzread will directly read from the file without decompression.
- gzopen returns NULL if the file could not be opened or if there was
- insufficient memory to allocate the (de)compression state; errno
- can be checked to distinguish the two cases (if errno is zero, the
- zlib error is Z_MEM_ERROR).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzdopen (int fd, const char *mode);
-#else
-extern gzFile EXPORT gzdopen OF((int fd, const char *mode));
-#endif
-/*
- gzdopen() associates a gzFile with the file descriptor fd. File
- descriptors are obtained from calls like open, dup, creat, pipe or
- fileno (in the file has been previously opened with fopen).
- The mode parameter is as in gzopen.
- The next call of gzclose on the returned gzFile will also close the
- file descriptor fd, just like fclose(fdopen(fd), mode) closes the file
- descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode).
- gzdopen returns NULL if there was insufficient memory to allocate
- the (de)compression state.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzread (gzFile file, voidp buf, unsigned len);
-#else
-extern int EXPORT gzread OF((gzFile file, voidp buf, unsigned len));
-#endif
-/*
- Reads the given number of uncompressed bytes from the compressed file.
- If the input file was not in gzip format, gzread copies the given number
- of bytes into the buffer.
- gzread returns the number of uncompressed bytes actually read (0 for
- end of file, -1 for error). */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzwrite (gzFile file, const voidp buf, unsigned len);
-#else
-extern int EXPORT gzwrite OF((gzFile file, const voidp buf, unsigned len));
-#endif
-/*
- Writes the given number of uncompressed bytes into the compressed file.
- gzwrite returns the number of uncompressed bytes actually written
- (0 in case of error).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzflush (gzFile file, int flush);
-#else
-extern int EXPORT gzflush OF((gzFile file, int flush));
-#endif
-/*
- Flushes all pending output into the compressed file. The parameter
- flush is as in the deflate() function. The return value is the zlib
- error number (see function gzerror below). gzflush returns Z_OK if
- the flush parameter is Z_FINISH and all output could be flushed.
- gzflush should be called only when strictly necessary because it can
- degrade compression.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzclose (gzFile file);
-#else
-extern int EXPORT gzclose OF((gzFile file));
-#endif
-/*
- Flushes all pending output if necessary, closes the compressed file
- and deallocates all the (de)compression state. The return value is the zlib
- error number (see function gzerror below).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) gzerror (gzFile file, int *errnum);
-#else
-extern const char * EXPORT gzerror OF((gzFile file, int *errnum));
-#endif
-/*
- Returns the error message for the last error which occurred on the
- given compressed file. errnum is set to zlib error number. If an
- error occurred in the file system and not in the compression library,
- errnum is set to Z_ERRNO and the application may consult errno
- to get the exact error code.
-*/
-
- /* checksum functions */
-
-/*
- These functions are not related to compression but are exported
- anyway because they might be useful in applications using the
- compression library.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) adler32 (uLong adler, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
-#endif
-
-/*
- Update a running Adler-32 checksum with the bytes buf[0..len-1] and
- return the updated checksum. If buf is NULL, this function returns
- the required initial value for the checksum.
- An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
- much faster. Usage example:
-
- uLong adler = adler32(0L, Z_NULL, 0);
-
- while (read_buffer(buffer, length) != EOF) {
- adler = adler32(adler, buffer, length);
- }
- if (adler != original_adler) error();
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) crc32 (uLong crc, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
-#endif
-/*
- Update a running crc with the bytes buf[0..len-1] and return the updated
- crc. If buf is NULL, this function returns the required initial value
- for the crc. Pre- and post-conditioning (one's complement) is performed
- within this function so it shouldn't be done by the application.
- Usage example:
-
- uLong crc = crc32(0L, Z_NULL, 0);
-
- while (read_buffer(buffer, length) != EOF) {
- crc = crc32(crc, buffer, length);
- }
- if (crc != original_crc) error();
-*/
-
-
- /* various hacks, don't look :) */
-
-/* deflateInit and inflateInit are macros to allow checking the zlib version
- * and the compiler's view of z_stream:
- */
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateInit_ (z_streamp strm, int level, const char *version,
- int stream_size);
-PR_PUBLIC_API(extern int) inflateInit_ (z_streamp strm, const char *version,
- int stream_size);
-PR_PUBLIC_API(extern int) deflateInit2_ (z_streamp strm, int level, int method,
- int windowBits, int memLevel, int strategy,
- const char *version, int stream_size);
-PR_PUBLIC_API(extern int) inflateInit2_ (z_streamp strm, int windowBits,
- const char *version, int stream_size);
-#else
-extern int EXPORT deflateInit_ OF((z_streamp strm, int level, const char *version,
- int stream_size));
-extern int EXPORT inflateInit_ OF((z_streamp strm, const char *version,
- int stream_size));
-extern int EXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
- int windowBits, int memLevel, int strategy,
- const char *version, int stream_size));
-extern int EXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
- const char *version, int stream_size));
-#endif /* MOZILLA_CLIENT */
-
-
-#define deflateInit(strm, level) \
- deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit(strm) \
- inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
-#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
- deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
- (strategy), ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit2(strm, windowBits) \
- inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
-
-#if !defined(_Z_UTIL_H) && !defined(NO_DUMMY_DECL)
- struct internal_state {int dummy;}; /* hack for buggy compilers */
-#endif
-
-uLongf *get_crc_table OF((void)); /* can be used by asm versions of crc32() */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _ZLIB_H */
diff --git a/security/nss/cmd/zlib/zutil.c b/security/nss/cmd/zlib/zutil.c
deleted file mode 100644
index afca3ed0c..000000000
--- a/security/nss/cmd/zlib/zutil.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/* zutil.c -- target dependent utility functions for the compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#include <stdio.h>
-
-#include "zutil.h"
-
-#ifdef MOZILLA_CLIENT
-#include "prtypes.h"
-#include "prlog.h"
-#endif
-
-struct internal_state {int dummy;}; /* for buggy compilers */
-
-#ifndef STDC
-extern void exit OF((int));
-#endif
-
-const char *z_errmsg[10] = {
-"need dictionary", /* Z_NEED_DICT 2 */
-"stream end", /* Z_STREAM_END 1 */
-"", /* Z_OK 0 */
-"file error", /* Z_ERRNO (-1) */
-"stream error", /* Z_STREAM_ERROR (-2) */
-"data error", /* Z_DATA_ERROR (-3) */
-"insufficient memory", /* Z_MEM_ERROR (-4) */
-"buffer error", /* Z_BUF_ERROR (-5) */
-"incompatible version",/* Z_VERSION_ERROR (-6) */
-""};
-
-
-PR_PUBLIC_API(const char *) zlibVersion()
-{
- return ZLIB_VERSION;
-}
-
-#if defined(DEBUG) && defined(MOZILLA_CLIENT)
-void z_error (m)
- char *m;
-{
- PR_ASSERT(0);
-}
-#endif
-
-#ifndef HAVE_MEMCPY
-
-void zmemcpy(dest, source, len)
- Bytef* dest;
- Bytef* source;
- uInt len;
-{
- if (len == 0) return;
- do {
- *dest++ = *source++; /* ??? to be unrolled */
- } while (--len != 0);
-}
-
-int zmemcmp(s1, s2, len)
- Bytef* s1;
- Bytef* s2;
- uInt len;
-{
- uInt j;
-
- for (j = 0; j < len; j++) {
- if (s1[j] != s2[j]) return 2*(s1[j] > s2[j])-1;
- }
- return 0;
-}
-
-void zmemzero(dest, len)
- Bytef* dest;
- uInt len;
-{
- if (len == 0) return;
- do {
- *dest++ = 0; /* ??? to be unrolled */
- } while (--len != 0);
-}
-#endif
-
-#ifdef __TURBOC__
-#if (defined( __BORLANDC__) || !defined(SMALL_MEDIUM)) && !defined(__32BIT__)
-/* Small and medium model in Turbo C are for now limited to near allocation
- * with reduced MAX_WBITS and MAX_MEM_LEVEL
- */
-# define MY_ZCALLOC
-
-/* Turbo C malloc() does not allow dynamic allocation of 64K bytes
- * and farmalloc(64K) returns a pointer with an offset of 8, so we
- * must fix the pointer. Warning: the pointer must be put back to its
- * original form in order to free it, use zcfree().
- */
-
-#define MAX_PTR 10
-/* 10*64K = 640K */
-
-local int next_ptr = 0;
-
-typedef struct ptr_table_s {
- voidpf org_ptr;
- voidpf new_ptr;
-} ptr_table;
-
-local ptr_table table[MAX_PTR];
-/* This table is used to remember the original form of pointers
- * to large buffers (64K). Such pointers are normalized with a zero offset.
- * Since MSDOS is not a preemptive multitasking OS, this table is not
- * protected from concurrent access. This hack doesn't work anyway on
- * a protected system like OS/2. Use Microsoft C instead.
- */
-
-voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-{
- voidpf buf = opaque; /* just to make some compilers happy */
- ulg bsize = (ulg)items*size;
-
- /* If we allocate less than 65520 bytes, we assume that farmalloc
- * will return a usable pointer which doesn't have to be normalized.
- */
- if (bsize < 65520L) {
- buf = farmalloc(bsize);
- if (*(ush*)&buf != 0) return buf;
- } else {
- buf = farmalloc(bsize + 16L);
- }
- if (buf == NULL || next_ptr >= MAX_PTR) return NULL;
- table[next_ptr].org_ptr = buf;
-
- /* Normalize the pointer to seg:0 */
- *((ush*)&buf+1) += ((ush)((uch*)buf-0) + 15) >> 4;
- *(ush*)&buf = 0;
- table[next_ptr++].new_ptr = buf;
- return buf;
-}
-
-void zcfree (voidpf opaque, voidpf ptr)
-{
- int n;
- if (*(ush*)&ptr != 0) { /* object < 64K */
- farfree(ptr);
- return;
- }
- /* Find the original pointer */
- for (n = 0; n < next_ptr; n++) {
- if (ptr != table[n].new_ptr) continue;
-
- farfree(table[n].org_ptr);
- while (++n < next_ptr) {
- table[n-1] = table[n];
- }
- next_ptr--;
- return;
- }
- ptr = opaque; /* just to make some compilers happy */
- Assert(0, "zcfree: ptr not found");
-}
-#endif
-#endif /* __TURBOC__ */
-
-
-#if defined(M_I86) && !defined(__32BIT__)
-/* Microsoft C in 16-bit mode */
-
-# define MY_ZCALLOC
-
-#if (!defined(_MSC_VER) || (_MSC_VER < 600))
-# define _halloc halloc
-# define _hfree hfree
-#endif
-
-voidpf zcalloc (voidpf opaque, unsigned items, unsigned size)
-{
- if (opaque) opaque = 0; /* to make compiler happy */
- return _halloc((long)items, size);
-}
-
-void zcfree (voidpf opaque, voidpf ptr)
-{
- if (opaque) opaque = 0; /* to make compiler happy */
- _hfree(ptr);
-}
-
-#endif /* MSC */
-
-
-#ifndef MY_ZCALLOC /* Any system without a special alloc function */
-
-#ifndef STDC
-extern voidp calloc OF((uInt items, uInt size));
-extern void free OF((voidpf ptr));
-#endif
-
-voidpf zcalloc (opaque, items, size)
- voidpf opaque;
- unsigned items;
- unsigned size;
-{
- if (opaque) items += size - size; /* make compiler happy */
- return (voidpf)calloc(items, size);
-}
-
-void zcfree (opaque, ptr)
- voidpf opaque;
- voidpf ptr;
-{
- free(ptr);
- if (opaque) return; /* make compiler happy */
-}
-
-#endif /* MY_ZCALLOC */
diff --git a/security/nss/cmd/zlib/zutil.h b/security/nss/cmd/zlib/zutil.h
deleted file mode 100644
index 12a59356c..000000000
--- a/security/nss/cmd/zlib/zutil.h
+++ /dev/null
@@ -1,210 +0,0 @@
-/* zutil.h -- internal interface and configuration of the compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* WARNING: this file should *not* be used by applications. It is
- part of the implementation of the compression library and is
- subject to change. Applications should only use zlib.h.
- */
-
-/* $Id$ */
-
-#ifndef _Z_UTIL_H
-#define _Z_UTIL_H
-
-#include "zlib.h"
-
-#if defined(MSDOS)||defined(VMS)||defined(CRAY)||defined(WIN32)||defined(RISCOS)
-# include <stddef.h>
-# include <errno.h>
-#else
- extern int errno;
-#endif
-#ifdef STDC
-# include <string.h>
-# include <stdlib.h>
-#endif
-
-#ifndef local
-# define local static
-#endif
-/* compile with -Dlocal if your debugger can't find static symbols */
-
-typedef unsigned char uch;
-typedef uch FAR uchf;
-typedef unsigned short ush;
-typedef ush FAR ushf;
-typedef unsigned long ulg;
-
-extern const char *z_errmsg[10]; /* indexed by 2-zlib_error */
-/* (size given to avoid silly warnings with Visual C++) */
-
-#define ERR_MSG(err) z_errmsg[Z_NEED_DICT-(err)]
-
-#define ERR_RETURN(strm,err) \
- return (strm->msg = (char*)ERR_MSG(err), (err))
-/* To be used only when the state is known to be valid */
-
- /* common constants */
-
-#ifndef DEF_WBITS
-# define DEF_WBITS MAX_WBITS
-#endif
-/* default windowBits for decompression. MAX_WBITS is for compression only */
-
-#if MAX_MEM_LEVEL >= 8
-# define DEF_MEM_LEVEL 8
-#else
-# define DEF_MEM_LEVEL MAX_MEM_LEVEL
-#endif
-/* default memLevel */
-
-#define STORED_BLOCK 0
-#define STATIC_TREES 1
-#define DYN_TREES 2
-/* The three kinds of block type */
-
-#define MIN_MATCH 3
-#define MAX_MATCH 258
-/* The minimum and maximum match lengths */
-
-#define PRESET_DICT 0x20 /* preset dictionary flag in zlib header */
-
- /* target dependencies */
-
-#ifdef MSDOS
-# define OS_CODE 0x00
-# ifdef __TURBOC__
-# include <alloc.h>
-# else /* MSC or DJGPP */
-# include <malloc.h>
-# endif
-#endif
-
-#ifdef OS2
-# define OS_CODE 0x06
-#endif
-
-#ifdef WIN32 /* Window 95 & Windows NT */
-# define OS_CODE 0x0b
-#endif
-
-#if defined(VAXC) || defined(VMS)
-# define OS_CODE 0x02
-# define FOPEN(name, mode) \
- fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
-#endif
-
-#ifdef AMIGA
-# define OS_CODE 0x01
-#endif
-
-#if defined(ATARI) || defined(atarist)
-# define OS_CODE 0x05
-#endif
-
-#ifdef MACOS
-# define OS_CODE 0x07
-#endif
-
-#ifdef __50SERIES /* Prime/PRIMOS */
-# define OS_CODE 0x0F
-#endif
-
-#ifdef TOPS20
-# define OS_CODE 0x0a
-#endif
-
-#if defined(_BEOS_) || defined(RISCOS)
-# define fdopen(fd,mode) NULL /* No fdopen() */
-#endif
-
- /* Common defaults */
-
-#ifndef OS_CODE
-# define OS_CODE 0x03 /* assume Unix */
-#endif
-
-#ifndef FOPEN
-# define FOPEN(name, mode) fopen((name), (mode))
-#endif
-
- /* functions */
-
-#ifdef HAVE_STRERROR
-#ifndef MOZILLA_CLIENT
- extern char *strerror OF((int));
-#endif
-# define zstrerror(errnum) strerror(errnum)
-#else
-# define zstrerror(errnum) ""
-#endif
-
-#if defined(pyr)
-# define NO_MEMCPY
-#endif
-#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(_MSC_VER)
- /* Use our own functions for small and medium model with MSC <= 5.0.
- * You may have to use the same strategy for Borland C (untested).
- */
-# define NO_MEMCPY
-#endif
-#if defined(STDC) && !defined(HAVE_MEMCPY) && !defined(NO_MEMCPY)
-# define HAVE_MEMCPY
-#endif
-#ifdef HAVE_MEMCPY
-# ifdef SMALL_MEDIUM /* MSDOS small or medium model */
-# define zmemcpy _fmemcpy
-# define zmemcmp _fmemcmp
-# define zmemzero(dest, len) _fmemset(dest, 0, len)
-# else
-# define zmemcpy memcpy
-# define zmemcmp memcmp
-# define zmemzero(dest, len) memset(dest, 0, len)
-# endif
-#else
- extern void zmemcpy OF((Bytef* dest, Bytef* source, uInt len));
- extern int zmemcmp OF((Bytef* s1, Bytef* s2, uInt len));
- extern void zmemzero OF((Bytef* dest, uInt len));
-#endif
-
-/* Diagnostic functions */
-#ifdef DEBUG_ZLIB
-# include <stdio.h>
-# ifndef verbose
-# define verbose 0
-# endif
- extern void z_error OF((char *m));
-# define Assert(cond,msg) {if(!(cond)) z_error(msg);}
-# define Trace(x) fprintf x
-# define Tracev(x) {if (verbose) fprintf x ;}
-# define Tracevv(x) {if (verbose>1) fprintf x ;}
-# define Tracec(c,x) {if (verbose && (c)) fprintf x ;}
-# define Tracecv(c,x) {if (verbose>1 && (c)) fprintf x ;}
-#else
-# include <stdio.h>
-# ifndef verbose
-# define verbose 0
-# endif
- extern void z_error OF((char *m));
-# define Assert(cond,msg)
-# define Trace(x)
-# define Tracev(x)
-# define Tracevv(x)
-# define Tracec(c,x)
-# define Tracecv(c,x)
-#endif
-
-
-typedef uLong (*check_func) OF((uLong check, const Bytef *buf, uInt len));
-
-voidpf zcalloc OF((voidpf opaque, unsigned items, unsigned size));
-void zcfree OF((voidpf opaque, voidpf ptr));
-
-#define ZALLOC(strm, items, size) \
- (*((strm)->zalloc))((strm)->opaque, (items), (size))
-#define ZFREE(strm, addr) (*((strm)->zfree))((strm)->opaque, (voidpf)(addr))
-#define TRY_FREE(s, p) {if (p) ZFREE(s, p);}
-
-#endif /* _Z_UTIL_H */
diff --git a/security/nss/lib/Makefile b/security/nss/lib/Makefile
deleted file mode 100644
index 92aa6ff63..000000000
--- a/security/nss/lib/Makefile
+++ /dev/null
@@ -1,89 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-ifdef MOZILLA_SECURITY_BUILD
-FILES=$(shell ls -d $(CORE_DEPTH)/../../ns/security/lib/crypto/*)
-
-export::
- if test -d $(CORE_DEPTH)/../../ns/security/lib/crypto; then \
- $(NSINSTALL) -D crypto; \
- for file in $(FILES) ; do \
- if test -f $$file; then \
- $(INSTALL) -m 444 $$file crypto; \
- fi; \
- done; \
- $(INSTALL) -m 444 freebl/sha_fast.c crypto; \
- $(INSTALL) -m 444 freebl/sha_fast.h crypto; \
- fi
-endif
diff --git a/security/nss/lib/asn1/Makefile b/security/nss/lib/asn1/Makefile
deleted file mode 100644
index 4cbbfed70..000000000
--- a/security/nss/lib/asn1/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/asn1/asn1.c b/security/nss/lib/asn1/asn1.c
deleted file mode 100644
index 9c584c770..000000000
--- a/security/nss/lib/asn1/asn1.c
+++ /dev/null
@@ -1,1727 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1.c
- *
- * At this point in time, this file contains the NSS wrappers for
- * the old "SEC" ASN.1 encoder/decoder stuff.
- */
-
-#ifndef ASN1M_H
-#include "asn1m.h"
-#endif /* ASN1M_H */
-
-#include "plarena.h"
-#include "secasn1.h"
-
-/*
- * The pointer-tracking stuff
- */
-
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker decoder_pointer_tracker;
-
-static PRStatus
-decoder_add_pointer
-(
- const nssASN1Decoder *decoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&decoder_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&decoder_pointer_tracker, decoder);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-decoder_remove_pointer
-(
- const nssASN1Decoder *decoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&decoder_pointer_tracker, decoder);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssASN1Decoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Decoder
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_verify
-(
- nssASN1Decoder *decoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&decoder_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&decoder_pointer_tracker, decoder);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_ASN1DECODER);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-static nssPointerTracker encoder_pointer_tracker;
-
-static PRStatus
-encoder_add_pointer
-(
- const nssASN1Encoder *encoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&encoder_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&encoder_pointer_tracker, encoder);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-encoder_remove_pointer
-(
- const nssASN1Encoder *encoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&encoder_pointer_tracker, encoder);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssASN1Encoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Encoder
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_verify
-(
- nssASN1Encoder *encoder
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&encoder_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&encoder_pointer_tracker, encoder);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_ASN1ENCODER);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-/*
- * nssASN1Decoder_Create
- *
- * This routine creates an ASN.1 Decoder, which will use the specified
- * template to decode a datastream into the specified destination
- * structure. If the optional arena argument is non-NULL, blah blah
- * blah. XXX fgmr Should we include an nssASN1EncodingType argument,
- * as a hint? Or is each encoding distinctive? This routine may
- * return NULL upon error, in which case an error will have been
- * placed upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * ...
- *
- * Return value:
- * NULL upon error
- * A pointer to an ASN.1 Decoder upon success.
- */
-
-NSS_IMPLEMENT nssASN1Decoder *
-nssASN1Decoder_Create
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[]
-)
-{
- SEC_ASN1DecoderContext *rv;
- PLArenaPool *hack = (PLArenaPool *)arenaOpt;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (nssASN1Decoder *)NULL;
- }
- }
-
- /*
- * May destination be NULL? I'd think so, since one might
- * have only a filter proc. But if not, check the pointer here.
- */
-
- if( (nssASN1Template *)NULL == template ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssASN1Decoder *)NULL;
- }
-#endif /* DEBUG */
-
- rv = SEC_ASN1DecoderStart(hack, destination, template);
- if( (SEC_ASN1DecoderContext *)NULL == rv ) {
- nss_SetError(PORT_GetError()); /* also evil */
- return (nssASN1Decoder *)NULL;
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != decoder_add_pointer(rv) ) {
- (void)SEC_ASN1DecoderFinish(rv);
- return (nssASN1Decoder *)NULL;
- }
-#endif /* DEBUG */
-
- return (nssASN1Decoder *)rv;
-}
-
-/*
- * nssASN1Decoder_Update
- *
- * This routine feeds data to the decoder. In the event of an error,
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ASN1DECODER
- * NSS_ERROR_INVALID_BER
- * ...
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success.
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_Update
-(
- nssASN1Decoder *decoder,
- const void *data,
- PRUint32 amount
-)
-{
- SECStatus rv;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-
- if( (void *)NULL == data ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- rv = SEC_ASN1DecoderUpdate((SEC_ASN1DecoderContext *)decoder,
- (const char *)data,
- (unsigned long)amount);
- if( SECSuccess != rv ) {
- nss_SetError(PORT_GetError()); /* ugly */
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Decoder_Finish
- *
- * This routine finishes the decoding and destroys the decoder.
- * In the event of an error, it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_Finish
-(
- nssASN1Decoder *decoder
-)
-{
- PRStatus rv = PR_SUCCESS;
- SECStatus srv;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- srv = SEC_ASN1DecoderFinish((SEC_ASN1DecoderContext *)decoder);
-
- if( SECSuccess != srv ) {
- nss_SetError(PORT_GetError()); /* ugly */
- rv = PR_FAILURE;
- }
-
-#ifdef DEBUG
- {
- PRStatus rv2 = decoder_remove_pointer(decoder);
- if( PR_SUCCESS == rv ) {
- rv = rv2;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-/*
- * nssASN1Decoder_SetFilter
- *
- * This routine registers a callback filter routine with the decoder,
- * which will be called blah blah blah. The specified argument will
- * be passed as-is to the filter routine. The routine pointer may
- * be NULL, in which case no filter callback will be called. If the
- * noStore boolean is PR_TRUE, then decoded fields will not be stored
- * in the destination structure specified when the decoder was
- * created. This routine returns a PRStatus value; in the event of
- * an error, it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_SetFilter
-(
- nssASN1Decoder *decoder,
- nssASN1DecoderFilterFunction *callback,
- void *argument,
- PRBool noStore
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1DecoderFilterFunction *)NULL == callback ) {
- SEC_ASN1DecoderClearFilterProc((SEC_ASN1DecoderContext *)decoder);
- } else {
- SEC_ASN1DecoderSetFilterProc((SEC_ASN1DecoderContext *)decoder,
- (SEC_ASN1WriteProc)callback,
- argument, noStore);
- }
-
- /* No error returns defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Decoder_GetFilter
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetFilter will be stored at the
- * location indicated by it. If the optional pArgumentOpt
- * pointer is non-null, the filter's closure argument will be stored
- * there. If the optional pNoStoreOpt pointer is non-null, the
- * noStore value specified when setting the filter will be stored
- * there. This routine returns a PRStatus value; in the event of
- * an error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_GetFilter
-(
- nssASN1Decoder *decoder,
- nssASN1DecoderFilterFunction **pCallbackOpt,
- void **pArgumentOpt,
- PRBool *pNoStoreOpt
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1DecoderFilterFunction **)NULL != pCallbackOpt ) {
- *pCallbackOpt = (nssASN1DecoderFilterFunction *)NULL;
- }
-
- if( (void **)NULL != pArgumentOpt ) {
- *pArgumentOpt = (void *)NULL;
- }
-
- if( (PRBool *)NULL != pNoStoreOpt ) {
- *pNoStoreOpt = PR_FALSE;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1Decoder_SetNotify
- *
- * This routine registers a callback notify routine with the decoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine. The routine pointer may be
- * NULL, in which case no notify routine will be called. This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_SetNotify
-(
- nssASN1Decoder *decoder,
- nssASN1NotifyFunction *callback,
- void *argument
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1NotifyFunction *)NULL == callback ) {
- SEC_ASN1DecoderClearNotifyProc((SEC_ASN1DecoderContext *)decoder);
- } else {
- SEC_ASN1DecoderSetNotifyProc((SEC_ASN1DecoderContext *)decoder,
- (SEC_ASN1NotifyProc)callback,
- argument);
- }
-
- /* No error returns defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Decoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetNotify will be stored at the
- * location indicated by it. If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Decoder_GetNotify
-(
- nssASN1Decoder *decoder,
- nssASN1NotifyFunction **pCallbackOpt,
- void **pArgumentOpt
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Decoder_verify(decoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1NotifyFunction **)NULL != pCallbackOpt ) {
- *pCallbackOpt = (nssASN1NotifyFunction *)NULL;
- }
-
- if( (void **)NULL != pArgumentOpt ) {
- *pArgumentOpt = (void *)NULL;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1_Decode
- *
- * This routine will decode the specified data into the specified
- * destination structure, as specified by the specified template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_BER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_Decode
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[],
- const void *berData,
- PRUint32 amount
-)
-{
- PRStatus rv;
- nssASN1Decoder *decoder;
-
- /* This call will do our pointer-checking for us! */
- decoder = nssASN1Decoder_Create(arenaOpt, destination, template);
- if( (nssASN1Decoder *)NULL == decoder ) {
- return PR_FAILURE;
- }
-
- rv = nssASN1Decoder_Update(decoder, berData, amount);
- if( PR_SUCCESS != nssASN1Decoder_Finish(decoder) ) {
- rv = PR_FAILURE;
- }
-
- return rv;
-}
-
-/*
- * nssASN1_DecodeBER
- *
- * This routine will decode the data in the specified NSSBER
- * into the destination structure, as specified by the template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_NSSBER
- * NSS_ERROR_INVALID_BER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_DecodeBER
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[],
- const NSSBER *data
-)
-{
- return nssASN1_Decode(arenaOpt, destination, template,
- data->data, data->size);
-}
-
-/*
- * nssASN1Encoder_Create
- *
- * This routine creates an ASN.1 Encoder, blah blah blah. This
- * may return NULL upon error, in which case an error will have been
- * placed on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * ...
- *
- * Return value:
- * NULL upon error
- * A pointer to an ASN.1 Encoder upon success
- */
-
-NSS_IMPLEMENT nssASN1Encoder *
-nssASN1Encoder_Create
-(
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding,
- nssASN1EncoderWriteFunction *sink,
- void *argument
-)
-{
- SEC_ASN1EncoderContext *rv;
-
-#ifdef DEBUG
- if( (void *)NULL == source ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssASN1Encoder *)NULL;
- }
-
- if( (nssASN1Template *)NULL == template ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssASN1Encoder *)NULL;
- }
-
- if( (nssASN1EncoderWriteFunction *)NULL == sink ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssASN1Encoder *)NULL;
- }
-#endif /* DEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- case NSSASN1DER:
- break;
- case NSSASN1CER:
- case NSSASN1LWER:
- case NSSASN1PER:
- case NSSASN1UnknownEncoding:
- default:
- nss_SetError(NSS_ERROR_ENCODING_NOT_SUPPORTED);
- return (nssASN1Encoder *)NULL;
- }
-
- rv = SEC_ASN1EncoderStart((void *)source, template,
- (SEC_ASN1WriteProc)sink, argument);
- if( (SEC_ASN1EncoderContext *)NULL == rv ) {
- nss_SetError(PORT_GetError()); /* ugly */
- return (nssASN1Encoder *)NULL;
- }
-
- if( NSSASN1DER == encoding ) {
- sec_ASN1EncoderSetDER(rv);
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != encoder_add_pointer(rv) ) {
- (void)SEC_ASN1EncoderFinish(rv);
- return (nssASN1Encoder *)NULL;
- }
-#endif /* DEBUG */
-
- return (nssASN1Encoder *)rv;
-}
-
-/*
- * nssASN1Encoder_Update
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_Update
-(
- nssASN1Encoder *encoder,
- const void *data,
- PRUint32 length
-)
-{
- SECStatus rv;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-
- /*
- * Can data legitimately be NULL? If not, verify..
- */
-#endif /* DEBUG */
-
- rv = SEC_ASN1EncoderUpdate((SEC_ASN1EncoderContext *)encoder,
- (const char *)data,
- (unsigned long)length);
- if( SECSuccess != rv ) {
- nss_SetError(PORT_GetError()); /* ugly */
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_Finish
- *
- * Destructor.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_Finish
-(
- nssASN1Encoder *encoder
-)
-{
- PRStatus rv;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- SEC_ASN1EncoderFinish((SEC_ASN1EncoderContext *)encoder);
- rv = PR_SUCCESS; /* no error return defined for that call */
-
-#ifdef DEBUG
- {
- PRStatus rv2 = encoder_remove_pointer(encoder);
- if( PR_SUCCESS == rv ) {
- rv = rv2;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-/*
- * nssASN1Encoder_SetNotify
- *
- * This routine registers a callback notify routine with the encoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine. The routine pointer may be
- * NULL, in which case no notify routine will be called. This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_SetNotify
-(
- nssASN1Encoder *encoder,
- nssASN1NotifyFunction *callback,
- void *argument
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1NotifyFunction *)NULL == callback ) {
- SEC_ASN1EncoderClearNotifyProc((SEC_ASN1EncoderContext *)encoder);
- } else {
- SEC_ASN1EncoderSetNotifyProc((SEC_ASN1EncoderContext *)encoder,
- (SEC_ASN1NotifyProc)callback,
- argument);
- }
-
- /* no error return defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Encoder_SetNotify will be stored at the
- * location indicated by it. If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_GetNotify
-(
- nssASN1Encoder *encoder,
- nssASN1NotifyFunction **pCallbackOpt,
- void **pArgumentOpt
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (nssASN1NotifyFunction **)NULL != pCallbackOpt ) {
- *pCallbackOpt = (nssASN1NotifyFunction *)NULL;
- }
-
- if( (void **)NULL != pArgumentOpt ) {
- *pArgumentOpt = (void *)NULL;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1Encoder_SetStreaming
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_SetStreaming
-(
- nssASN1Encoder *encoder,
- PRBool streaming
-)
-{
- SEC_ASN1EncoderContext *cx = (SEC_ASN1EncoderContext *)encoder;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( streaming ) {
- SEC_ASN1EncoderSetStreaming(cx);
- } else {
- SEC_ASN1EncoderClearStreaming(cx);
- }
-
- /* no error return defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_GetStreaming
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetStreaming
-(
- nssASN1Encoder *encoder,
- PRBool *pStreaming
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (PRBool *)NULL != pStreaming ) {
- *pStreaming = PR_FALSE;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1Encoder_SetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_SetTakeFromBuffer
-(
- nssASN1Encoder *encoder,
- PRBool takeFromBuffer
-)
-{
- SEC_ASN1EncoderContext *cx = (SEC_ASN1EncoderContext *)encoder;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( takeFromBuffer ) {
- SEC_ASN1EncoderSetTakeFromBuf(cx);
- } else {
- SEC_ASN1EncoderClearTakeFromBuf(cx);
- }
-
- /* no error return defined for those routines */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssASN1Encoder_GetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1Encoder_GetTakeFromBuffer
-(
- nssASN1Encoder *encoder,
- PRBool *pTakeFromBuffer
-)
-{
-#ifdef DEBUG
- if( PR_SUCCESS != nssASN1Encoder_verify(encoder) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( (PRBool *)NULL != pTakeFromBuffer ) {
- *pTakeFromBuffer = PR_FALSE;
- }
-
- /* Error because it's unimplemented */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
-}
-
-/*
- * nssASN1_Encode
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- * ...
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_Encode
-(
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding,
- nssASN1EncoderWriteFunction *sink,
- void *argument
-)
-{
- PRStatus rv;
- nssASN1Encoder *encoder;
-
- encoder = nssASN1Encoder_Create(source, template, encoding, sink, argument);
- if( (nssASN1Encoder *)NULL == encoder ) {
- return PR_FAILURE;
- }
-
- rv = nssASN1Encoder_Update(encoder, (const void *)NULL, 0);
- if( PR_SUCCESS != nssASN1Encoder_Finish(encoder) ) {
- rv = PR_FAILURE;
- }
-
- return rv;
-}
-
-/*
- * nssasn1_encode_item_count
- *
- * This is a helper function for nssASN1_EncodeItem. It just counts
- * up the space required for an encoding.
- */
-
-static void
-nssasn1_encode_item_count
-(
- void *arg,
- const char *buf,
- unsigned long len,
- int depth,
- nssASN1EncodingPart data_kind
-)
-{
- unsigned long *count;
-
- count = (unsigned long*)arg;
- PR_ASSERT (count != NULL);
-
- *count += len;
-}
-
-/*
- * nssasn1_encode_item_store
- *
- * This is a helper function for nssASN1_EncodeItem. It appends the
- * new data onto the destination item.
- */
-
-static void
-nssasn1_encode_item_store
-(
- void *arg,
- const char *buf,
- unsigned long len,
- int depth,
- nssASN1EncodingPart data_kind
-)
-{
- NSSItem *dest;
-
- dest = (NSSItem*)arg;
- PR_ASSERT (dest != NULL);
-
- memcpy((unsigned char *)dest->data + dest->size, buf, len);
- dest->size += len;
-}
-
-/*
- * nssASN1_EncodeItem
- *
- * There must be a better name. If the optional arena argument is
- * non-null, it'll be used for the space. If the optional rvOpt is
- * non-null, it'll be the return value-- if it is null, a new one
- * will be allocated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- *
- * Return value:
- * NULL upon error
- * A valid pointer to an NSSDER upon success
- */
-
-NSS_IMPLEMENT NSSDER *
-nssASN1_EncodeItem
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding
-)
-{
- NSSDER *rv;
- PRUint32 len = 0;
- PRStatus status;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-
- if( (void *)NULL == source ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSDER *)NULL;
- }
-
- if( (nssASN1Template *)NULL == template ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSDER *)NULL;
- }
-#endif /* DEBUG */
-
- status = nssASN1_Encode(source, template, encoding,
- (nssASN1EncoderWriteFunction *)nssasn1_encode_item_count,
- &len);
- if( PR_SUCCESS != status ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSDER *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- rv->size = len;
- rv->data = nss_ZAlloc(arenaOpt, len);
- if( (void *)NULL == rv->data ) {
- if( (NSSDER *)NULL == rvOpt ) {
- nss_ZFreeIf(rv);
- }
- return (NSSDER *)NULL;
- }
-
- rv->size = 0; /* for nssasn1_encode_item_store */
-
- status = nssASN1_Encode(source, template, encoding,
- (nssASN1EncoderWriteFunction *)nssasn1_encode_item_store,
- rv);
- if( PR_SUCCESS != status ) {
- nss_ZFreeIf(rv->data);
- if( (NSSDER *)NULL == rvOpt ) {
- nss_ZFreeIf(rv);
- }
- return (NSSDER *)NULL;
- }
-
- PR_ASSERT(rv->size == len);
-
- return rv;
-}
-
-/*
- * nssASN1_CreatePRUint32FromBER
- *
- */
-
-NSS_IMPLEMENT PRStatus
-nssASN1_CreatePRUint32FromBER
-(
- NSSBER *encoded,
- PRUint32 *pResult
-)
-{
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FALSE;
-}
-
-/*
- * nssASN1_GetDERFromPRUint32
- *
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_GetDERFromPRUint32
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- PRUint32 value
-)
-{
- NSSDER *rv;
- PLArenaPool *hack = (PLArenaPool *)arenaOpt;
- SECItem *item;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- if( (NSSDER *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- item = SEC_ASN1EncodeUnsignedInteger(hack, (SECItem *)rv, value);
- if( (SECItem *)NULL == item ) {
- if( (NSSDER *)NULL == rvOpt ) {
- (void)nss_ZFreeIf(rv);
- }
-
- nss_SetError(PORT_GetError()); /* ugly */
- return (NSSDER *)NULL;
- }
-
- /*
- * I happen to know that these things look alike.. but I'm only
- * doing it for these "temporary" wrappers. This is an evil thing.
- */
- return (NSSDER *)item;
-}
-
-/*himom*/
-NSS_IMPLEMENT PRStatus
-nssASN1_CreatePRInt32FromBER
-(
- NSSBER *encoded,
- PRInt32 *pResult
-)
-{
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FALSE;
-}
-
-/*
- * nssASN1_GetDERFromPRInt32
- *
- */
-
-NSS_IMPLEMENT NSSDER *
-nssASN1_GetDERFromPRInt32
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- PRInt32 value
-)
-{
- NSSDER *rv;
- PLArenaPool *hack = (PLArenaPool *)arenaOpt;
- SECItem *item;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- if( (NSSDER *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- item = SEC_ASN1EncodeInteger(hack, (SECItem *)rv, value);
- if( (SECItem *)NULL == item ) {
- if( (NSSDER *)NULL == rvOpt ) {
- (void)nss_ZFreeIf(rv);
- }
-
- nss_SetError(PORT_GetError()); /* ugly */
- return (NSSDER *)NULL;
- }
-
- /*
- * I happen to know that these things look alike.. but I'm only
- * doing it for these "temporary" wrappers. This is an evil thing.
- */
- return (NSSDER *)item;
-}
-
-/*
- * Generic Templates
- * One for each of the simple types, plus a special one for ANY, plus:
- * - a pointer to each one of those
- * - a set of each one of those
- *
- * Note that these are alphabetical (case insensitive); please add new
- * ones in the appropriate place.
- */
-
-const nssASN1Template *nssASN1Template_Any = (nssASN1Template *)SEC_AnyTemplate;
-const nssASN1Template *nssASN1Template_BitString = (nssASN1Template *)SEC_BitStringTemplate;
-const nssASN1Template *nssASN1Template_BMPString = (nssASN1Template *)SEC_BMPStringTemplate;
-const nssASN1Template *nssASN1Template_Boolean = (nssASN1Template *)SEC_BooleanTemplate;
-const nssASN1Template *nssASN1Template_Enumerated = (nssASN1Template *)SEC_EnumeratedTemplate;
-const nssASN1Template *nssASN1Template_GeneralizedTime = (nssASN1Template *)SEC_GeneralizedTimeTemplate;
-const nssASN1Template *nssASN1Template_IA5String = (nssASN1Template *)SEC_IA5StringTemplate;
-const nssASN1Template *nssASN1Template_Integer = (nssASN1Template *)SEC_IntegerTemplate;
-const nssASN1Template *nssASN1Template_Null = (nssASN1Template *)SEC_NullTemplate;
-const nssASN1Template *nssASN1Template_ObjectID = (nssASN1Template *)SEC_ObjectIDTemplate;
-const nssASN1Template *nssASN1Template_OctetString = (nssASN1Template *)SEC_OctetStringTemplate;
-const nssASN1Template *nssASN1Template_PrintableString = (nssASN1Template *)SEC_PrintableStringTemplate;
-const nssASN1Template *nssASN1Template_T61String = (nssASN1Template *)SEC_T61StringTemplate;
-const nssASN1Template *nssASN1Template_UniversalString = (nssASN1Template *)SEC_UniversalStringTemplate;
-const nssASN1Template *nssASN1Template_UTCTime = (nssASN1Template *)SEC_UTCTimeTemplate;
-const nssASN1Template *nssASN1Template_UTF8String = (nssASN1Template *)SEC_UTF8StringTemplate;
-const nssASN1Template *nssASN1Template_VisibleString = (nssASN1Template *)SEC_VisibleStringTemplate;
-
-const nssASN1Template *nssASN1Template_PointerToAny = (nssASN1Template *)SEC_PointerToAnyTemplate;
-const nssASN1Template *nssASN1Template_PointerToBitString = (nssASN1Template *)SEC_PointerToBitStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToBMPString = (nssASN1Template *)SEC_PointerToBMPStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToBoolean = (nssASN1Template *)SEC_PointerToBooleanTemplate;
-const nssASN1Template *nssASN1Template_PointerToEnumerated = (nssASN1Template *)SEC_PointerToEnumeratedTemplate;
-const nssASN1Template *nssASN1Template_PointerToGeneralizedTime = (nssASN1Template *)SEC_PointerToGeneralizedTimeTemplate;
-const nssASN1Template *nssASN1Template_PointerToIA5String = (nssASN1Template *)SEC_PointerToIA5StringTemplate;
-const nssASN1Template *nssASN1Template_PointerToInteger = (nssASN1Template *)SEC_PointerToIntegerTemplate;
-const nssASN1Template *nssASN1Template_PointerToNull = (nssASN1Template *)SEC_PointerToNullTemplate;
-const nssASN1Template *nssASN1Template_PointerToObjectID = (nssASN1Template *)SEC_PointerToObjectIDTemplate;
-const nssASN1Template *nssASN1Template_PointerToOctetString = (nssASN1Template *)SEC_PointerToOctetStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToPrintableString = (nssASN1Template *)SEC_PointerToPrintableStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToT61String = (nssASN1Template *)SEC_PointerToT61StringTemplate;
-const nssASN1Template *nssASN1Template_PointerToUniversalString = (nssASN1Template *)SEC_PointerToUniversalStringTemplate;
-const nssASN1Template *nssASN1Template_PointerToUTCTime = (nssASN1Template *)SEC_PointerToUTCTimeTemplate;
-const nssASN1Template *nssASN1Template_PointerToUTF8String = (nssASN1Template *)SEC_PointerToUTF8StringTemplate;
-const nssASN1Template *nssASN1Template_PointerToVisibleString = (nssASN1Template *)SEC_PointerToVisibleStringTemplate;
-
-const nssASN1Template *nssASN1Template_SetOfAny = (nssASN1Template *)SEC_SetOfAnyTemplate;
-const nssASN1Template *nssASN1Template_SetOfBitString = (nssASN1Template *)SEC_SetOfBitStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfBMPString = (nssASN1Template *)SEC_SetOfBMPStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfBoolean = (nssASN1Template *)SEC_SetOfBooleanTemplate;
-const nssASN1Template *nssASN1Template_SetOfEnumerated = (nssASN1Template *)SEC_SetOfEnumeratedTemplate;
-const nssASN1Template *nssASN1Template_SetOfGeneralizedTime = (nssASN1Template *)SEC_SetOfGeneralizedTimeTemplate;
-const nssASN1Template *nssASN1Template_SetOfIA5String = (nssASN1Template *)SEC_SetOfIA5StringTemplate;
-const nssASN1Template *nssASN1Template_SetOfInteger = (nssASN1Template *)SEC_SetOfIntegerTemplate;
-const nssASN1Template *nssASN1Template_SetOfNull = (nssASN1Template *)SEC_SetOfNullTemplate;
-const nssASN1Template *nssASN1Template_SetOfObjectID = (nssASN1Template *)SEC_SetOfObjectIDTemplate;
-const nssASN1Template *nssASN1Template_SetOfOctetString = (nssASN1Template *)SEC_SetOfOctetStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfPrintableString = (nssASN1Template *)SEC_SetOfPrintableStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfT61String = (nssASN1Template *)SEC_SetOfT61StringTemplate;
-const nssASN1Template *nssASN1Template_SetOfUniversalString = (nssASN1Template *)SEC_SetOfUniversalStringTemplate;
-const nssASN1Template *nssASN1Template_SetOfUTCTime = (nssASN1Template *)SEC_SetOfUTCTimeTemplate;
-const nssASN1Template *nssASN1Template_SetOfUTF8String = (nssASN1Template *)SEC_SetOfUTF8StringTemplate;
-const nssASN1Template *nssASN1Template_SetOfVisibleString = (nssASN1Template *)SEC_SetOfVisibleStringTemplate;
-
-/*
- *
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssUTF8_CreateFromBER
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSBER *berData
-)
-{
- NSSUTF8 *rv = NULL;
- PRUint8 tag;
- NSSArena *a;
- NSSItem in;
- NSSItem out;
- PRStatus st;
- const nssASN1Template *templ;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-
- if( (NSSBER *)NULL == berData ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSUTF8 *)NULL;
- }
-
- if( (void *)NULL == berData->data ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- a = NSSArena_Create();
- if( (NSSArena *)NULL == a ) {
- return (NSSUTF8 *)NULL;
- }
-
- in = *berData;
-
- /*
- * By the way, at first I succumbed to the temptation to make
- * this an incestuous nested switch statement. Count yourself
- * lucky I cleaned it up.
- */
-
- switch( type ) {
- case nssStringType_DirectoryString:
- /*
- * draft-ietf-pkix-ipki-part1-11 says in part:
- *
- * DirectoryString { INTEGER:maxSize } ::= CHOICE {
- * teletexString TeletexString (SIZE (1..maxSize)),
- * printableString PrintableString (SIZE (1..maxSize)),
- * universalString UniversalString (SIZE (1..maxSize)),
- * bmpString BMPString (SIZE(1..maxSize)),
- * utf8String UTF8String (SIZE(1..maxSize))
- * }
- *
- * The tags are:
- * TeletexString UNIVERSAL 20
- * PrintableString UNIVERSAL 19
- * UniversalString UNIVERSAL 28
- * BMPString UNIVERSAL 30
- * UTF8String UNIVERSAL 12
- *
- * "UNIVERSAL" tags have bits 8 and 7 zero, bit 6 is zero for
- * primitive encodings, and if the tag value is less than 30,
- * the tag value is directly encoded in bits 5 through 1.
- */
- in.data = (void *)&(((PRUint8 *)berData->data)[1]);
- in.size = berData->size-1;
-
- tag = *(PRUint8 *)berData->data;
- switch( tag & nssASN1_TAGNUM_MASK ) {
- case 20:
- /*
- * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
- * below) but is T61 a suitable value for "Latin-1"?
- */
- templ = nssASN1Template_T61String;
- type = nssStringType_TeletexString;
- break;
- case 19:
- templ = nssASN1Template_PrintableString;
- type = nssStringType_PrintableString;
- break;
- case 28:
- templ = nssASN1Template_UniversalString;
- type = nssStringType_UniversalString;
- break;
- case 30:
- templ = nssASN1Template_BMPString;
- type = nssStringType_BMPString;
- break;
- case 12:
- templ = nssASN1Template_UTF8String;
- type = nssStringType_UTF8String;
- break;
- default:
- nss_SetError(NSS_ERROR_INVALID_POINTER); /* "pointer"? */
- (void)NSSArena_Destroy(a);
- return (NSSUTF8 *)NULL;
- }
-
- break;
-
- case nssStringType_TeletexString:
- /*
- * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
- * below) but is T61 a suitable value for "Latin-1"?
- */
- templ = nssASN1Template_T61String;
- break;
-
- case nssStringType_PrintableString:
- templ = nssASN1Template_PrintableString;
- break;
-
- case nssStringType_UniversalString:
- templ = nssASN1Template_UniversalString;
- break;
-
- case nssStringType_BMPString:
- templ = nssASN1Template_BMPString;
- break;
-
- case nssStringType_UTF8String:
- templ = nssASN1Template_UTF8String;
- break;
-
- case nssStringType_PHGString:
- templ = nssASN1Template_IA5String;
- break;
-
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- (void)NSSArena_Destroy(a);
- return (NSSUTF8 *)NULL;
- }
-
- st = nssASN1_DecodeBER(a, &out, templ, &in);
-
- if( PR_SUCCESS == st ) {
- rv = nssUTF8_Create(arenaOpt, type, out.data, out.size);
- }
- (void)NSSArena_Destroy(a);
-
- return rv;
-}
-
-NSS_EXTERN NSSDER *
-nssUTF8_GetDEREncoding
-(
- NSSArena *arenaOpt,
- nssStringType type,
- const NSSUTF8 *string
-)
-{
- NSSDER *rv = (NSSDER *)NULL;
- NSSItem str;
- NSSDER *der;
- const nssASN1Template *templ;
- NSSArena *a;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-
- if( (const NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSDER *)NULL;
- }
-#endif /* NSSDEBUG */
-
- str.data = (void *)string;
- str.size = nssUTF8_Size(string, (PRStatus *)NULL);
- if( 0 == str.size ) {
- return (NSSDER *)NULL;
- }
-
- a = NSSArena_Create();
- if( (NSSArena *)NULL == a ) {
- return (NSSDER *)NULL;
- }
-
- switch( type ) {
- case nssStringType_DirectoryString:
- {
- NSSDER *utf;
- PRUint8 *c;
-
- utf = nssASN1_EncodeItem(a, (NSSDER *)NULL, &str,
- nssASN1Template_UTF8String,
- NSSASN1DER);
- if( (NSSDER *)NULL == utf ) {
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- rv->size = utf->size + 1;
- rv->data = nss_ZAlloc(arenaOpt, rv->size);
- if( (void *)NULL == rv->data ) {
- (void)nss_ZFreeIf(rv);
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- c = (PRUint8 *)rv->data;
- (void)nsslibc_memcpy(&c[1], utf->data, utf->size);
- *c = 12; /* UNIVERSAL primitive encoding tag for UTF8String */
-
- (void)NSSArena_Destroy(a);
- return rv;
- }
- case nssStringType_TeletexString:
- /*
- * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
- * below) but is T61 a suitable value for "Latin-1"?
- */
- templ = nssASN1Template_T61String;
- break;
- case nssStringType_PrintableString:
- templ = nssASN1Template_PrintableString;
- break;
-
- case nssStringType_UniversalString:
- templ = nssASN1Template_UniversalString;
- break;
-
- case nssStringType_BMPString:
- templ = nssASN1Template_BMPString;
- break;
-
- case nssStringType_UTF8String:
- templ = nssASN1Template_UTF8String;
- break;
-
- case nssStringType_PHGString:
- templ = nssASN1Template_IA5String;
- break;
-
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- der = nssUTF8_GetDEREncoding(a, type, string);
- if( (NSSItem *)NULL == der ) {
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- rv = nssASN1_EncodeItem(arenaOpt, (NSSDER *)NULL, der, templ, NSSASN1DER);
- if( (NSSDER *)NULL == rv ) {
- (void)NSSArena_Destroy(a);
- return (NSSDER *)NULL;
- }
-
- (void)NSSArena_Destroy(a);
- return rv;
-}
diff --git a/security/nss/lib/asn1/asn1.h b/security/nss/lib/asn1/asn1.h
deleted file mode 100644
index a81f3213d..000000000
--- a/security/nss/lib/asn1/asn1.h
+++ /dev/null
@@ -1,879 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef ASN1_H
-#define ASN1_H
-
-#ifdef DEBUG
-static const char ASN1_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1.h
- *
- * This file contains the ASN.1 encoder/decoder routines available
- * internally within NSS. It's not clear right now if this file
- * will be folded into base.h or something, I just needed to get this
- * going. At the moment, most of these routines wrap the old SEC_ASN1
- * calls.
- */
-
-#ifndef ASN1T_H
-#include "asn1t.h"
-#endif /* ASN1T_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssASN1Decoder
- *
- * ... description here ...
- *
- * nssASN1Decoder_Create (Factory/Constructor)
- * nssASN1Decoder_Update
- * nssASN1Decoder_Finish (Destructor)
- * nssASN1Decoder_SetFilter
- * nssASN1Decoder_GetFilter
- * nssASN1Decoder_SetNotify
- * nssASN1Decoder_GetNotify
- *
- * Debug builds only:
- *
- * nssASN1Decoder_verify
- *
- * Related functions that aren't type methods:
- *
- * nssASN1_Decode
- * nssASN1_DecodeBER
- */
-
-/*
- * nssASN1Decoder_Create
- *
- * This routine creates an ASN.1 Decoder, which will use the specified
- * template to decode a datastream into the specified destination
- * structure. If the optional arena argument is non-NULL, blah blah
- * blah. XXX fgmr Should we include an nssASN1EncodingType argument,
- * as a hint? Or is each encoding distinctive? This routine may
- * return NULL upon error, in which case an error will have been
- * placed upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * ...
- *
- * Return value:
- * NULL upon error
- * A pointer to an ASN.1 Decoder upon success.
- */
-
-NSS_EXTERN nssASN1Decoder *
-nssASN1Decoder_Create
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[]
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Decoder_Update
- *
- * This routine feeds data to the decoder. In the event of an error,
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ASN1DECODER
- * NSS_ERROR_INVALID_BER
- * ...
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success.
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_Update
-(
- nssASN1Decoder *decoder,
- const void *data,
- PRUint32 amount
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-extern const NSSError NSS_ERROR_INVALID_BER;
-
-/*
- * nssASN1Decoder_Finish
- *
- * This routine finishes the decoding and destroys the decoder.
- * In the event of an error, it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_Finish
-(
- nssASN1Decoder *decoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_SetFilter
- *
- * This routine registers a callback filter routine with the decoder,
- * which will be called blah blah blah. The specified argument will
- * be passed as-is to the filter routine. The routine pointer may
- * be NULL, in which case no filter callback will be called. If the
- * noStore boolean is PR_TRUE, then decoded fields will not be stored
- * in the destination structure specified when the decoder was
- * created. This routine returns a PRStatus value; in the event of
- * an error, it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_SetFilter
-(
- nssASN1Decoder *decoder,
- nssASN1DecoderFilterFunction *callback,
- void *argument,
- PRBool noStore
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_GetFilter
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetFilter will be stored at the
- * location indicated by it. If the optional pArgumentOpt
- * pointer is non-null, the filter's closure argument will be stored
- * there. If the optional pNoStoreOpt pointer is non-null, the
- * noStore value specified when setting the filter will be stored
- * there. This routine returns a PRStatus value; in the event of
- * an error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_GetFilter
-(
- nssASN1Decoder *decoder,
- nssASN1DecoderFilterFunction **pCallbackOpt,
- void **pArgumentOpt,
- PRBool *pNoStoreOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_SetNotify
- *
- * This routine registers a callback notify routine with the decoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine. The routine pointer may be
- * NULL, in which case no notify routine will be called. This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_SetNotify
-(
- nssASN1Decoder *decoder,
- nssASN1NotifyFunction *callback,
- void *argument
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Decoder_SetNotify will be stored at the
- * location indicated by it. If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Decoder_GetNotify
-(
- nssASN1Decoder *decoder,
- nssASN1NotifyFunction **pCallbackOpt,
- void **pArgumentOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-
-/*
- * nssASN1Decoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Decoder
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssASN1Decoder_verify
-(
- nssASN1Decoder *decoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1DECODER;
-#endif /* DEBUG */
-
-/*
- * nssASN1_Decode
- *
- * This routine will decode the specified data into the specified
- * destination structure, as specified by the specified template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_BER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1_Decode
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[],
- const void *berData,
- PRUint32 amount
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_INVALID_BER;
-
-/*
- * nssASN1_DecodeBER
- *
- * This routine will decode the data in the specified NSSBER
- * into the destination structure, as specified by the template.
- * This routine returns a PRStatus value; in the event of an error
- * it will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_NSSBER
- * NSS_ERROR_INVALID_BER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1_DecodeBER
-(
- NSSArena *arenaOpt,
- void *destination,
- const nssASN1Template template[],
- const NSSBER *data
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_INVALID_BER;
-
-/*
- * nssASN1Encoder
- *
- * ... description here ...
- *
- * nssASN1Encoder_Create (Factory/Constructor)
- * nssASN1Encoder_Update
- * nssASN1Encoder_Finish (Destructor)
- * nssASN1Encoder_SetNotify
- * nssASN1Encoder_GetNotify
- * nssASN1Encoder_SetStreaming
- * nssASN1Encoder_GetStreaming
- * nssASN1Encoder_SetTakeFromBuffer
- * nssASN1Encoder_GetTakeFromBuffer
- *
- * Debug builds only:
- *
- * nssASN1Encoder_verify
- *
- * Related functions that aren't type methods:
- *
- * nssASN1_Encode
- * nssASN1_EncodeItem
- */
-
-/*
- * nssASN1Encoder_Create
- *
- * This routine creates an ASN.1 Encoder, blah blah blah. This
- * may return NULL upon error, in which case an error will have been
- * placed on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- * ...
- *
- * Return value:
- * NULL upon error
- * A pointer to an ASN.1 Encoder upon success
- */
-
-NSS_EXTERN nssASN1Encoder *
-nssASN1Encoder_Create
-(
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding,
- nssASN1EncoderWriteFunction *sink,
- void *argument
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_ENCODING_NOT_SUPPORTED;
-
-/*
- * nssASN1Encoder_Update
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_Update
-(
- nssASN1Encoder *encoder,
- const void *data,
- PRUint32 length
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Encoder_Finish
- *
- * Destructor.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_Finish
-(
- nssASN1Encoder *encoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_SetNotify
- *
- * This routine registers a callback notify routine with the encoder,
- * which will be called whenever.. The specified argument will be
- * passed as-is to the notify routine. The routine pointer may be
- * NULL, in which case no notify routine will be called. This routine
- * returns a PRStatus value; in the event of an error it will place
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1DECODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_SetNotify
-(
- nssASN1Encoder *encoder,
- nssASN1NotifyFunction *callback,
- void *argument
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_GetNotify
- *
- * If the optional pCallbackOpt argument to this routine is non-null,
- * then the pointer to any callback function established for this
- * decoder with nssASN1Encoder_SetNotify will be stored at the
- * location indicated by it. If the optional pArgumentOpt pointer is
- * non-null, the filter's closure argument will be stored there.
- * This routine returns a PRStatus value; in the event of an error it
- * will place an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetNotify
-(
- nssASN1Encoder *encoder,
- nssASN1NotifyFunction **pCallbackOpt,
- void **pArgumentOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_SetStreaming
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_SetStreaming
-(
- nssASN1Encoder *encoder,
- PRBool streaming
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_GetStreaming
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetStreaming
-(
- nssASN1Encoder *encoder,
- PRBool *pStreaming
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Encoder_SetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_SetTakeFromBuffer
-(
- nssASN1Encoder *encoder,
- PRBool takeFromBuffer
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-
-/*
- * nssASN1Encoder_GetTakeFromBuffer
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1Encoder_GetTakeFromBuffer
-(
- nssASN1Encoder *encoder,
- PRBool *pTakeFromBuffer
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nssASN1Encoder_verify
- *
- * This routine is only available in debug builds.
- *
- * If the specified pointer is a valid pointer to an nssASN1Encoder
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ASN1ENCODER
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssASN1Encoder_verify
-(
- nssASN1Encoder *encoder
-);
-
-extern const NSSError NSS_ERROR_INVALID_ASN1ENCODER;
-#endif /* DEBUG */
-
-/*
- * nssASN1_Encode
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- * ...
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssASN1_Encode
-(
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding,
- nssASN1EncoderWriteFunction *sink,
- void *argument
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_ENCODING_NOT_SUPPORTED;
-
-/*
- * nssASN1_EncodeItem
- *
- * There must be a better name. If the optional arena argument is
- * non-null, it'll be used for the space. If the optional rvOpt is
- * non-null, it'll be the return value-- if it is null, a new one
- * will be allocated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ENCODING_NOT_SUPPORTED
- *
- * Return value:
- * NULL upon error
- * A valid pointer to an NSSDER upon success
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_EncodeItem
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- const void *source,
- const nssASN1Template template[],
- NSSASN1EncodingType encoding
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_ENCODING_NOT_SUPPORTED;
-
-/*
- * Other basic types' encoding and decoding helper functions:
- *
- * nssASN1_CreatePRUint32FromBER
- * nssASN1_GetDERFromPRUint32
- * nssASN1_CreatePRInt32FromBER
- * nssASN1_GetDERFromPRInt32
- * ..etc..
- */
-
-/*
- * nssASN1_CreatePRUint32FromBER
- *
- */
-
-NSS_EXTERN PRStatus
-nssASN1_CreatePRUint32FromBER
-(
- NSSBER *encoded,
- PRUint32 *pResult
-);
-
-/*
- * nssASN1_GetDERFromPRUint32
- *
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_GetDERFromPRUint32
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- PRUint32 value
-);
-
-/*
- * nssASN1_CreatePRInt32FromBER
- *
- */
-
-NSS_EXTERN PRStatus
-nssASN1_CreatePRInt32FromBER
-(
- NSSBER *encoded,
- PRInt32 *pResult
-);
-
-/*
- * nssASN1_GetDERFromPRInt32
- *
- */
-
-NSS_EXTERN NSSDER *
-nssASN1_GetDERFromPRInt32
-(
- NSSArena *arenaOpt,
- NSSDER *rvOpt,
- PRInt32 value
-);
-
-/*
- * Builtin templates
- */
-
-/*
- * Generic Templates
- * One for each of the simple types, plus a special one for ANY, plus:
- * - a pointer to each one of those
- * - a set of each one of those
- *
- * Note that these are alphabetical (case insensitive); please add new
- * ones in the appropriate place.
- */
-
-extern const nssASN1Template *nssASN1Template_Any;
-extern const nssASN1Template *nssASN1Template_BitString;
-extern const nssASN1Template *nssASN1Template_BMPString;
-extern const nssASN1Template *nssASN1Template_Boolean;
-extern const nssASN1Template *nssASN1Template_Enumerated;
-extern const nssASN1Template *nssASN1Template_GeneralizedTime;
-extern const nssASN1Template *nssASN1Template_IA5String;
-extern const nssASN1Template *nssASN1Template_Integer;
-extern const nssASN1Template *nssASN1Template_Null;
-extern const nssASN1Template *nssASN1Template_ObjectID;
-extern const nssASN1Template *nssASN1Template_OctetString;
-extern const nssASN1Template *nssASN1Template_PrintableString;
-extern const nssASN1Template *nssASN1Template_T61String;
-extern const nssASN1Template *nssASN1Template_UniversalString;
-extern const nssASN1Template *nssASN1Template_UTCTime;
-extern const nssASN1Template *nssASN1Template_UTF8String;
-extern const nssASN1Template *nssASN1Template_VisibleString;
-
-extern const nssASN1Template *nssASN1Template_PointerToAny;
-extern const nssASN1Template *nssASN1Template_PointerToBitString;
-extern const nssASN1Template *nssASN1Template_PointerToBMPString;
-extern const nssASN1Template *nssASN1Template_PointerToBoolean;
-extern const nssASN1Template *nssASN1Template_PointerToEnumerated;
-extern const nssASN1Template *nssASN1Template_PointerToGeneralizedTime;
-extern const nssASN1Template *nssASN1Template_PointerToIA5String;
-extern const nssASN1Template *nssASN1Template_PointerToInteger;
-extern const nssASN1Template *nssASN1Template_PointerToNull;
-extern const nssASN1Template *nssASN1Template_PointerToObjectID;
-extern const nssASN1Template *nssASN1Template_PointerToOctetString;
-extern const nssASN1Template *nssASN1Template_PointerToPrintableString;
-extern const nssASN1Template *nssASN1Template_PointerToT61String;
-extern const nssASN1Template *nssASN1Template_PointerToUniversalString;
-extern const nssASN1Template *nssASN1Template_PointerToUTCTime;
-extern const nssASN1Template *nssASN1Template_PointerToUTF8String;
-extern const nssASN1Template *nssASN1Template_PointerToVisibleString;
-
-extern const nssASN1Template *nssASN1Template_SetOfAny;
-extern const nssASN1Template *nssASN1Template_SetOfBitString;
-extern const nssASN1Template *nssASN1Template_SetOfBMPString;
-extern const nssASN1Template *nssASN1Template_SetOfBoolean;
-extern const nssASN1Template *nssASN1Template_SetOfEnumerated;
-extern const nssASN1Template *nssASN1Template_SetOfGeneralizedTime;
-extern const nssASN1Template *nssASN1Template_SetOfIA5String;
-extern const nssASN1Template *nssASN1Template_SetOfInteger;
-extern const nssASN1Template *nssASN1Template_SetOfNull;
-extern const nssASN1Template *nssASN1Template_SetOfObjectID;
-extern const nssASN1Template *nssASN1Template_SetOfOctetString;
-extern const nssASN1Template *nssASN1Template_SetOfPrintableString;
-extern const nssASN1Template *nssASN1Template_SetOfT61String;
-extern const nssASN1Template *nssASN1Template_SetOfUniversalString;
-extern const nssASN1Template *nssASN1Template_SetOfUTCTime;
-extern const nssASN1Template *nssASN1Template_SetOfUTF8String;
-extern const nssASN1Template *nssASN1Template_SetOfVisibleString;
-
-/*
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-nssUTF8_CreateFromBER
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSBER *berData
-);
-
-NSS_EXTERN NSSDER *
-nssUTF8_GetDEREncoding
-(
- NSSArena *arenaOpt,
- /* Should have an NSSDER *rvOpt */
- nssStringType type,
- const NSSUTF8 *string
-);
-
-PR_END_EXTERN_C
-
-#endif /* ASN1_H */
diff --git a/security/nss/lib/asn1/asn1m.h b/security/nss/lib/asn1/asn1m.h
deleted file mode 100644
index 37ed91919..000000000
--- a/security/nss/lib/asn1/asn1m.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef ASN1M_H
-#define ASN1M_H
-
-#ifdef DEBUG
-static const char ASN1M_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1m.h
- *
- * This file contains the ASN.1 encoder/decoder routines available
- * only within the ASN.1 module itself.
- */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssasn1_number_length
- *
- */
-
-NSS_EXTERN PRUint32
-nssasn1_length_length
-(
- PRUint32 number
-);
-
-/*
- * nssasn1_get_subtemplate
- *
- */
-
-NSS_EXTERN const nssASN1Template *
-nssasn1_get_subtemplate
-(
- const nssASN1Template template[],
- void *thing,
- PRBool encoding
-);
-
-PR_END_EXTERN_C
-
-#endif /* ASN1M_H */
diff --git a/security/nss/lib/asn1/asn1t.h b/security/nss/lib/asn1/asn1t.h
deleted file mode 100644
index 2f6c52cea..000000000
--- a/security/nss/lib/asn1/asn1t.h
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef ASN1T_H
-#define ASN1T_H
-
-#ifdef DEBUG
-static const char ASN1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * asn1t.h
- *
- * This file contains the ASN.1 encoder/decoder types available
- * internally within NSS. It's not clear right now if this file
- * will be folded into baset.h or something, I just needed to
- * get this going. At the moment, these types are wrappers for
- * the old types.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef NSSASN1T_H
-#include "nssasn1t.h"
-#endif /* NSSASN1T_H */
-
-#include "seccomon.h"
-#include "secasn1t.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * XXX fgmr
- *
- * This sort of bites. Let's keep an eye on this, to make sure
- * we aren't stuck with it forever.
- */
-
-struct nssASN1ItemStr {
- PRUint32 reserved;
- PRUint8 *data;
- PRUint32 size;
-};
-
-typedef struct nssASN1ItemStr nssASN1Item;
-
-/*
- * I'm not documenting these here, since this'll require another
- * pass anyway.
- */
-
-typedef SEC_ASN1Template nssASN1Template;
-
-#define nssASN1_TAG_MASK SEC_ASN1_TAG_MASK
-
-#define nssASN1_TAGNUM_MASK SEC_ASN1_TAGNUM_MASK
-#define nssASN1_BOOLEAN SEC_ASN1_BOOLEAN
-#define nssASN1_INTEGER SEC_ASN1_INTEGER
-#define nssASN1_BIT_STRING SEC_ASN1_BIT_STRING
-#define nssASN1_OCTET_STRING SEC_ASN1_OCTET_STRING
-#define nssASN1_NULL SEC_ASN1_NULL
-#define nssASN1_OBJECT_ID SEC_ASN1_OBJECT_ID
-#define nssASN1_OBJECT_DESCRIPTOR SEC_ASN1_OBJECT_DESCRIPTOR
-/* External type and instance-of type 0x08 */
-#define nssASN1_REAL SEC_ASN1_REAL
-#define nssASN1_ENUMERATED SEC_ASN1_ENUMERATED
-#define nssASN1_EMBEDDED_PDV SEC_ASN1_EMBEDDED_PDV
-#define nssASN1_UTF8_STRING SEC_ASN1_UTF8_STRING
-#define nssASN1_SEQUENCE SEC_ASN1_SEQUENCE
-#define nssASN1_SET SEC_ASN1_SET
-#define nssASN1_NUMERIC_STRING SEC_ASN1_NUMERIC_STRING
-#define nssASN1_PRINTABLE_STRING SEC_ASN1_PRINTABLE_STRING
-#define nssASN1_T61_STRING SEC_ASN1_T61_STRING
-#define nssASN1_TELETEX_STRING nssASN1_T61_STRING
-#define nssASN1_VIDEOTEX_STRING SEC_ASN1_VIDEOTEX_STRING
-#define nssASN1_IA5_STRING SEC_ASN1_IA5_STRING
-#define nssASN1_UTC_TIME SEC_ASN1_UTC_TIME
-#define nssASN1_GENERALIZED_TIME SEC_ASN1_GENERALIZED_TIME
-#define nssASN1_GRAPHIC_STRING SEC_ASN1_GRAPHIC_STRING
-#define nssASN1_VISIBLE_STRING SEC_ASN1_VISIBLE_STRING
-#define nssASN1_GENERAL_STRING SEC_ASN1_GENERAL_STRING
-#define nssASN1_UNIVERSAL_STRING SEC_ASN1_UNIVERSAL_STRING
-/* 0x1d */
-#define nssASN1_BMP_STRING SEC_ASN1_BMP_STRING
-#define nssASN1_HIGH_TAG_NUMBER SEC_ASN1_HIGH_TAG_NUMBER
-
-#define nssASN1_METHOD_MASK SEC_ASN1_METHOD_MASK
-#define nssASN1_PRIMITIVE SEC_ASN1_PRIMITIVE
-#define nssASN1_CONSTRUCTED SEC_ASN1_CONSTRUCTED
-
-#define nssASN1_CLASS_MASK SEC_ASN1_CLASS_MASK
-#define nssASN1_UNIVERSAL SEC_ASN1_UNIVERSAL
-#define nssASN1_APPLICATION SEC_ASN1_APPLICATION
-#define nssASN1_CONTEXT_SPECIFIC SEC_ASN1_CONTEXT_SPECIFIC
-#define nssASN1_PRIVATE SEC_ASN1_PRIVATE
-
-#define nssASN1_OPTIONAL SEC_ASN1_OPTIONAL
-#define nssASN1_EXPLICIT SEC_ASN1_EXPLICIT
-#define nssASN1_ANY SEC_ASN1_ANY
-#define nssASN1_INLINE SEC_ASN1_INLINE
-#define nssASN1_POINTER SEC_ASN1_POINTER
-#define nssASN1_GROUP SEC_ASN1_GROUP
-#define nssASN1_DYNAMIC SEC_ASN1_DYNAMIC
-#define nssASN1_SKIP SEC_ASN1_SKIP
-#define nssASN1_INNER SEC_ASN1_INNER
-#define nssASN1_SAVE SEC_ASN1_SAVE
-#define nssASN1_MAY_STREAM SEC_ASN1_MAY_STREAM
-#define nssASN1_SKIP_REST SEC_ASN1_SKIP_REST
-#define nssASN1_CHOICE SEC_ASN1_CHOICE
-
-#define nssASN1_SEQUENCE_OF SEC_ASN1_SEQUENCE_OF
-#define nssASN1_SET_OF SEC_ASN1_SET_OF
-#define nssASN1_ANY_CONTENTS SEC_ASN1_ANY_CONTENTS
-
-typedef SEC_ASN1TemplateChooserPtr nssASN1ChooseTemplateFunction;
-
-typedef SEC_ASN1DecoderContext nssASN1Decoder;
-typedef SEC_ASN1EncoderContext nssASN1Encoder;
-
-typedef enum {
- nssASN1EncodingPartIdentifier = SEC_ASN1_Identifier,
- nssASN1EncodingPartLength = SEC_ASN1_Length,
- nssASN1EncodingPartContents = SEC_ASN1_Contents,
- nssASN1EncodingPartEndOfContents = SEC_ASN1_EndOfContents
-} nssASN1EncodingPart;
-
-typedef SEC_ASN1NotifyProc nssASN1NotifyFunction;
-
-typedef SEC_ASN1WriteProc nssASN1EncoderWriteFunction;
-typedef SEC_ASN1WriteProc nssASN1DecoderFilterFunction;
-
-PR_END_EXTERN_C
-
-#endif /* ASN1T_H */
diff --git a/security/nss/lib/asn1/config.mk b/security/nss/lib/asn1/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/asn1/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/asn1/manifest.mn b/security/nss/lib/asn1/manifest.mn
deleted file mode 100644
index 658266d8e..000000000
--- a/security/nss/lib/asn1/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- asn1t.h \
- asn1m.h \
- asn1.h \
- $(NULL)
-
-EXPORTS = \
- nssasn1t.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- asn1.c \
- $(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = asn1
diff --git a/security/nss/lib/asn1/nssasn1t.h b/security/nss/lib/asn1/nssasn1t.h
deleted file mode 100644
index 2488892b4..000000000
--- a/security/nss/lib/asn1/nssasn1t.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSASN1T_H
-#define NSSASN1T_H
-
-#ifdef DEBUG
-static const char NSSASN1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssasn1t.h
- *
- * This file contains the public types related to our ASN.1 encoder
- * and decoder.
- */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSASN1EncodingType
- *
- * This type enumerates specific types of ASN.1 encodings.
- */
-
-typedef enum {
- NSSASN1BER, /* Basic Encoding Rules */
- NSSASN1CER, /* Canonical Encoding Rules */
- NSSASN1DER, /* Distinguished Encoding Rules */
- NSSASN1LWER, /* LightWeight Encoding Rules */
- NSSASN1PER, /* Packed Encoding Rules */
- NSSASN1UnknownEncoding = -1
-} NSSASN1EncodingType;
-
-PR_END_EXTERN_C
-
-#endif /* NSSASN1T_H */
diff --git a/security/nss/lib/base/Makefile b/security/nss/lib/base/Makefile
deleted file mode 100644
index 4cbbfed70..000000000
--- a/security/nss/lib/base/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/base/arena.c b/security/nss/lib/base/arena.c
deleted file mode 100644
index 0e46da9c5..000000000
--- a/security/nss/lib/base/arena.c
+++ /dev/null
@@ -1,1139 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * arena.c
- *
- * This contains the implementation of NSS's thread-safe arenas.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifdef ARENA_THREADMARK
-#include "prthread.h"
-#endif /* ARENA_THREADMARK */
-
-#include "prlock.h"
-#include "plarena.h"
-
-/*
- * NSSArena
- *
- * This is based on NSPR's arena code, but it is threadsafe.
- *
- * The public methods relating to this type are:
- *
- * NSSArena_Create -- constructor
- * NSSArena_Destroy
- *
- * The nonpublic methods relating to this type are:
- *
- * nssArena_Create -- constructor
- * nssArena_Destroy
- * nssArena_Mark
- * nssArena_Release
- * nssArena_Unmark
- *
- * nss_ZAlloc
- * nss_ZFreeIf
- * nss_ZRealloc
- *
- * In debug builds, the following calls are available:
- *
- * nssArena_verifyPointer
- * nssArena_registerDestructor
- * nssArena_deregisterDestructor
- */
-
-struct NSSArenaStr {
- PLArenaPool pool;
- PRLock *lock;
-#ifdef ARENA_THREADMARK
- PRThread *marking_thread;
- nssArenaMark *first_mark;
- nssArenaMark *last_mark;
-#endif /* ARENA_THREADMARK */
-#ifdef ARENA_DESTRUCTOR_LIST
- struct arena_destructor_node *first_destructor;
- struct arena_destructor_node *last_destructor;
-#endif /* ARENA_DESTRUCTOR_LIST */
-};
-
-/*
- * nssArenaMark
- *
- * This type is used to mark the current state of an NSSArena.
- */
-
-struct nssArenaMarkStr {
- PRUint32 magic;
- void *mark;
-#ifdef ARENA_THREADMARK
- nssArenaMark *next;
-#endif /* ARENA_THREADMARK */
-#ifdef ARENA_DESTRUCTOR_LIST
- struct arena_destructor_node *next_destructor;
- struct arena_destructor_node *prev_destructor;
-#endif /* ARENA_DESTRUCTOR_LIST */
-};
-
-#define MARK_MAGIC 0x4d41524b /* "MARK" how original */
-
-/*
- * But first, the pointer-tracking code
- */
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker arena_pointer_tracker;
-
-static PRStatus
-arena_add_pointer
-(
- const NSSArena *arena
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&arena_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&arena_pointer_tracker, arena);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-arena_remove_pointer
-(
- const NSSArena *arena
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&arena_pointer_tracker, arena);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssArena_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSArena object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_verifyPointer
-(
- const NSSArena *arena
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&arena_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- /*
- * This is a little disingenious. We have to initialize the
- * tracker, because someone could "legitimately" try to verify
- * an arena pointer before one is ever created. And this step
- * might fail, due to lack of memory. But the only way that
- * this step can fail is if it's doing the call_once stuff,
- * (later calls just no-op). And if it didn't no-op, there
- * aren't any valid arenas.. so the argument certainly isn't one.
- */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&arena_pointer_tracker, arena);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-#ifdef ARENA_DESTRUCTOR_LIST
-
-struct arena_destructor_node {
- struct arena_destructor_node *next;
- struct arena_destructor_node *prev;
- void (*destructor)(void *argument);
- void *arg;
-};
-
-/*
- * nssArena_registerDestructor
- *
- * This routine stores a pointer to a callback and an arbitrary
- * pointer-sized argument in the arena, at the current point in
- * the mark stack. If the arena is destroyed, or an "earlier"
- * mark is released, then this destructor will be called at that
- * time. Note that the destructor will be called with the arena
- * locked, which means the destructor may free memory in that
- * arena, but it may not allocate or cause to be allocated any
- * memory. This callback facility was included to support our
- * debug-version pointer-tracker feature; overuse runs counter to
- * the the original intent of arenas. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * unsuccessful, it will set an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_registerDestructor
-(
- NSSArena *arena,
- void (*destructor)(void *argument),
- void *arg
-)
-{
- struct arena_destructor_node *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- it = nss_ZNEW(arena, struct arena_destructor_node);
- if( (struct arena_destructor_node *)NULL == it ) {
- return PR_FAILURE;
- }
-
- it->prev = arena->last_destructor;
- arena->last_destructor->next = it;
- arena->last_destructor = it;
- it->destructor = destructor;
- it->arg = arg;
-
- if( (nssArenaMark *)NULL != arena->last_mark ) {
- arena->last_mark->prev_destructor = it->prev;
- arena->last_mark->next_destructor = it->next;
- }
-
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssArena_deregisterDestructor
-(
- NSSArena *arena,
- void (*destructor)(void *argument),
- void *arg
-)
-{
- struct arena_destructor_node *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- for( it = arena->first_destructor; it; it = it->next ) {
- if( (it->destructor == destructor) && (it->arg == arg) ) {
- break;
- }
- }
-
- if( (struct arena_destructor_node *)NULL == it ) {
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
- }
-
- if( it == arena->first_destructor ) {
- arena->first_destructor = it->next;
- }
-
- if( it == arena->last_destructor ) {
- arena->last_destructor = it->prev;
- }
-
- if( (struct arena_destructor_node *)NULL != it->prev ) {
- it->prev->next = it->next;
- }
-
- if( (struct arena_destructor_node *)NULL != it->next ) {
- it->next->prev = it->prev;
- }
-
- {
- nssArenaMark *m;
- for( m = arena->first_mark; m; m = m->next ) {
- if( m->next_destructor == it ) {
- m->next_destructor = it->next;
- }
- if( m->prev_destructor == it ) {
- m->prev_destructor = it->prev;
- }
- }
- }
-
- nss_ZFreeIf(it);
- return PR_SUCCESS;
-}
-
-static void
-nss_arena_call_destructor_chain
-(
- struct arena_destructor_node *it
-)
-{
- for( ; it ; it = it->next ) {
- (*(it->destructor))(it->arg);
- }
-}
-
-#endif /* ARENA_DESTRUCTOR_LIST */
-
-/*
- * NSSArena_Create
- *
- * This routine creates a new memory arena. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The top-level error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSArena upon success
- */
-
-NSS_IMPLEMENT NSSArena *
-NSSArena_Create
-(
- void
-)
-{
- nss_ClearErrorStack();
- return nssArena_Create();
-}
-
-/*
- * nssArena_Create
- *
- * This routine creates a new memory arena. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSArena upon success
- */
-
-NSS_IMPLEMENT NSSArena *
-nssArena_Create
-(
- void
-)
-{
- NSSArena *rv = (NSSArena *)NULL;
-
- rv = nss_ZNEW((NSSArena *)NULL, NSSArena);
- if( (NSSArena *)NULL == rv ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSArena *)NULL;
- }
-
- rv->lock = PR_NewLock();
- if( (PRLock *)NULL == rv->lock ) {
- (void)nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSArena *)NULL;
- }
-
- /*
- * Arena sizes. The current security code has 229 occurrences of
- * PORT_NewArena. The default chunksizes specified break down as
- *
- * Size Mult. Specified as
- * 512 1 512
- * 1024 7 1024
- * 2048 5 2048
- * 2048 5 CRMF_DEFAULT_ARENA_SIZE
- * 2048 190 DER_DEFAULT_CHUNKSIZE
- * 2048 20 SEC_ASN1_DEFAULT_ARENA_SIZE
- * 4096 1 4096
- *
- * Obviously this "default chunksize" flexibility isn't very
- * useful to us, so I'll just pick 2048.
- */
-
- PL_InitArenaPool(&rv->pool, "NSS", 2048, sizeof(double));
-
-#ifdef DEBUG
- {
- PRStatus st;
- st = arena_add_pointer(rv);
- if( PR_SUCCESS != st ) {
- PL_FinishArenaPool(&rv->pool);
- PR_DestroyLock(rv->lock);
- (void)nss_ZFreeIf(rv);
- return (NSSArena *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-/*
- * NSSArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The top-level error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSArena_Destroy
-(
- NSSArena *arena
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssArena_Destroy(arena);
-}
-
-/*
- * nssArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_Destroy
-(
- NSSArena *arena
-)
-{
- PRLock *lock;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(arena->lock);
- if( (PRLock *)NULL == arena->lock ) {
- /* Just got destroyed */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return PR_FAILURE;
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != arena_remove_pointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
-#ifdef ARENA_DESTRUCTOR_LIST
- /* Note that the arena is locked at this time */
- nss_arena_call_destructor_chain(arena->first_destructor);
-#endif /* ARENA_DESTRUCTOR_LIST */
-
- PL_FinishArenaPool(&arena->pool);
- lock = arena->lock;
- arena->lock = (PRLock *)NULL;
- PR_Unlock(lock);
- PR_DestroyLock(lock);
- (void)nss_ZFreeIf(arena);
- return PR_SUCCESS;
-}
-
-static void *nss_zalloc_arena_locked(NSSArena *arena, PRUint32 size);
-
-/*
- * nssArena_Mark
- *
- * This routine "marks" the current state of an arena. Space
- * allocated after the arena has been marked can be freed by
- * releasing the arena back to the mark with nssArena_Release,
- * or committed by calling nssArena_Unmark. When successful,
- * this routine returns a valid nssArenaMark pointer. This
- * routine may return NULL upon error, in which case it will
- * have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon failure
- * An nssArenaMark pointer upon success
- */
-
-NSS_IMPLEMENT nssArenaMark *
-nssArena_Mark
-(
- NSSArena *arena
-)
-{
- nssArenaMark *rv;
- void *p;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return (nssArenaMark *)NULL;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(arena->lock);
- if( (PRLock *)NULL == arena->lock ) {
- /* Just got destroyed */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return (nssArenaMark *)NULL;
- }
-
-#ifdef ARENA_THREADMARK
- if( (PRThread *)NULL == arena->marking_thread ) {
- /* Unmarked. Store our thread ID */
- arena->marking_thread = PR_GetCurrentThread();
- /* This call never fails. */
- } else {
- /* Marked. Verify it's the current thread */
- if( PR_GetCurrentThread() != arena->marking_thread ) {
- PR_Unlock(arena->lock);
- nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
- return (nssArenaMark *)NULL;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- p = PL_ARENA_MARK(&arena->pool);
- /* No error possible */
-
- /* Do this after the mark */
- rv = (nssArenaMark *)nss_zalloc_arena_locked(arena, sizeof(nssArenaMark));
- if( (nssArenaMark *)NULL == rv ) {
- PR_Unlock(arena->lock);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (nssArenaMark *)NULL;
- }
-
-#ifdef ARENA_THREADMARK
- if ( (nssArenaMark *)NULL == arena->first_mark) {
- arena->first_mark = rv;
- arena->last_mark = rv;
- } else {
- arena->last_mark->next = rv;
- arena->last_mark = rv;
- }
-#endif /* ARENA_THREADMARK */
-
- rv->mark = p;
- rv->magic = MARK_MAGIC;
-
-#ifdef ARENA_DESTRUCTOR_LIST
- rv->prev_destructor = arena->last_destructor;
-#endif /* ARENA_DESTRUCTOR_LIST */
-
- PR_Unlock(arena->lock);
-
- return rv;
-}
-
-/*
- * nss_arena_unmark_release
- *
- * This static routine implements the routines nssArena_Release
- * ans nssArena_Unmark, which are almost identical.
- */
-
-static PRStatus
-nss_arena_unmark_release
-(
- NSSArena *arena,
- nssArenaMark *arenaMark,
- PRBool release
-)
-{
- void *inner_mark;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( MARK_MAGIC != arenaMark->magic ) {
- nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
- return PR_FAILURE;
- }
-
- PR_Lock(arena->lock);
- if( (PRLock *)NULL == arena->lock ) {
- /* Just got destroyed */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return PR_FAILURE;
- }
-
-#ifdef ARENA_THREADMARK
- if( (PRThread *)NULL != arena->marking_thread ) {
- if( PR_GetCurrentThread() != arena->marking_thread ) {
- PR_Unlock(arena->lock);
- nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
- return PR_FAILURE;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- if( MARK_MAGIC != arenaMark->magic ) {
- /* Just got released */
- PR_Unlock(arena->lock);
- nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
- return PR_FAILURE;
- }
-
- arenaMark->magic = 0;
- inner_mark = arenaMark->mark;
-
-#ifdef ARENA_THREADMARK
- {
- nssArenaMark **pMark = &arena->first_mark;
- nssArenaMark *rest;
- nssArenaMark *last = (nssArenaMark *)NULL;
-
- /* Find this mark */
- while( *pMark != arenaMark ) {
- last = *pMark;
- pMark = &(*pMark)->next;
- }
-
- /* Remember the pointer, then zero it */
- rest = (*pMark)->next;
- *pMark = (nssArenaMark *)NULL;
-
- arena->last_mark = last;
-
- /* Invalidate any later marks being implicitly released */
- for( ; (nssArenaMark *)NULL != rest; rest = rest->next ) {
- rest->magic = 0;
- }
-
- /* If we just got rid of the first mark, clear the thread ID */
- if( (nssArenaMark *)NULL == arena->first_mark ) {
- arena->marking_thread = (PRThread *)NULL;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- if( release ) {
-#ifdef ARENA_DESTRUCTOR_LIST
- if( (struct arena_destructor_node *)NULL != arenaMark->prev_destructor ) {
- arenaMark->prev_destructor->next = (struct arena_destructor_node *)NULL;
- }
- arena->last_destructor = arenaMark->prev_destructor;
-
- /* Note that the arena is locked at this time */
- nss_arena_call_destructor_chain(arenaMark->next_destructor);
-#endif /* ARENA_DESTRUCTOR_LIST */
-
- PR_ARENA_RELEASE(&arena->pool, inner_mark);
- /* No error return */
- }
-
- PR_Unlock(arena->lock);
- return PR_SUCCESS;
-}
-
-/*
- * nssArena_Release
- *
- * This routine invalidates and releases all memory allocated from
- * the specified arena after the point at which the specified mark
- * was obtained. This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS. If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ARENA_MARK
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_Release
-(
- NSSArena *arena,
- nssArenaMark *arenaMark
-)
-{
- return nss_arena_unmark_release(arena, arenaMark, PR_TRUE);
-}
-
-/*
- * nssArena_Unmark
- *
- * This routine "commits" the indicated mark and any marks after
- * it, making them unreleasable. Note that any earlier marks can
- * still be released, and such a release will invalidate these
- * later unmarked regions. If an arena is to be safely shared by
- * more than one thread, all marks must be either released or
- * unmarked. This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS. If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ARENA_MARK
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssArena_Unmark
-(
- NSSArena *arena,
- nssArenaMark *arenaMark
-)
-{
- return nss_arena_unmark_release(arena, arenaMark, PR_FALSE);
-}
-
-/*
- * We prefix this header to all allocated blocks. It is a multiple
- * of the alignment size. Note that this usage of a header may make
- * purify spew bogus warnings about "potentially leaked blocks" of
- * memory; if that gets too annoying we can add in a pointer to the
- * header in the header itself. There's not a lot of safety here;
- * maybe we should add a magic value?
- */
-struct pointer_header {
- NSSArena *arena;
- PRUint32 size;
-};
-
-static void *
-nss_zalloc_arena_locked
-(
- NSSArena *arena,
- PRUint32 size
-)
-{
- void *p;
- void *rv;
- struct pointer_header *h;
- PRUint32 my_size = size + sizeof(struct pointer_header);
- PR_ARENA_ALLOCATE(p, &arena->pool, my_size);
- if( (void *)NULL == p ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
- /*
- * Do this before we unlock. This way if the user is using
- * an arena in one thread while destroying it in another, he'll
- * fault/FMR in his code, not ours.
- */
- h = (struct pointer_header *)p;
- h->arena = arena;
- h->size = size;
- rv = (void *)((char *)h + sizeof(struct pointer_header));
- (void)nsslibc_memset(rv, 0, size);
- return rv;
-}
-
-/*
- * nss_ZAlloc
- *
- * This routine allocates and zeroes a section of memory of the
- * size, and returns to the caller a pointer to that memory. If
- * the optional arena argument is non-null, the memory will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in
- * which case it will have set an error upon the error stack. The
- * value specified for size may be zero; in which case a valid
- * zero-length block of memory will be allocated. This block may
- * be expanded by calling nss_ZRealloc.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon error
- * A pointer to the new segment of zeroed memory
- */
-
-NSS_IMPLEMENT void *
-nss_ZAlloc
-(
- NSSArena *arenaOpt,
- PRUint32 size
-)
-{
- struct pointer_header *h;
- PRUint32 my_size = size + sizeof(struct pointer_header);
-
- if( my_size < sizeof(struct pointer_header) ) {
- /* Wrapped */
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- /* Heap allocation, no locking required. */
- h = (struct pointer_header *)PR_Calloc(1, my_size);
- if( (struct pointer_header *)NULL == h ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- h->arena = (NSSArena *)NULL;
- h->size = size;
- /* We used calloc: it's already zeroed */
-
- return (void *)((char *)h + sizeof(struct pointer_header));
- } else {
- void *rv;
- /* Arena allocation */
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (void *)NULL;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(arenaOpt->lock);
- if( (PRLock *)NULL == arenaOpt->lock ) {
- /* Just got destroyed */
- nss_SetError(NSS_ERROR_INVALID_ARENA);
- return (void *)NULL;
- }
-
-#ifdef ARENA_THREADMARK
- if( (PRThread *)NULL != arenaOpt->marking_thread ) {
- if( PR_GetCurrentThread() != arenaOpt->marking_thread ) {
- nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
- PR_Unlock(arenaOpt->lock);
- return (void *)NULL;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- rv = nss_zalloc_arena_locked(arenaOpt, size);
-
- PR_Unlock(arenaOpt->lock);
- return rv;
- }
- /*NOTREACHED*/
-}
-
-/*
- * nss_ZFreeIf
- *
- * If the specified pointer is non-null, then the region of memory
- * to which it points -- which must have been allocated with
- * nss_ZAlloc -- will be zeroed and released. This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nss_ZFreeIf
-(
- void *pointer
-)
-{
- struct pointer_header *h;
-
- if( (void *)NULL == pointer ) {
- return PR_SUCCESS;
- }
-
- h = (struct pointer_header *)&((char *)pointer)
- [ - sizeof(struct pointer_header) ];
-
- /* Check any magic here */
-
- if( (NSSArena *)NULL == h->arena ) {
- /* Heap */
- (void)nsslibc_memset(pointer, 0, h->size);
- PR_Free(h);
- return PR_SUCCESS;
- } else {
- /* Arena */
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(h->arena) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(h->arena->lock);
- if( (PRLock *)NULL == h->arena->lock ) {
- /* Just got destroyed.. so this pointer is invalid */
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- (void)nsslibc_memset(pointer, 0, h->size);
-
- /* No way to "free" it within an NSPR arena. */
-
- PR_Unlock(h->arena->lock);
- return PR_SUCCESS;
- }
- /*NOTREACHED*/
-}
-
-/*
- * nss_ZRealloc
- *
- * This routine reallocates a block of memory obtained by calling
- * nss_ZAlloc or nss_ZRealloc. The portion of memory
- * between the new and old sizes -- which is either being newly
- * obtained or released -- is in either case zeroed. This routine
- * may return NULL upon failure, in which case it will have placed
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon error
- * A pointer to the replacement segment of memory
- */
-
-NSS_EXTERN void *
-nss_ZRealloc
-(
- void *pointer,
- PRUint32 newSize
-)
-{
- struct pointer_header *h, *new_h;
- PRUint32 my_newSize = newSize + sizeof(struct pointer_header);
- void *rv;
-
- if( my_newSize < sizeof(struct pointer_header) ) {
- /* Wrapped */
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- if( (void *)NULL == pointer ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (void *)NULL;
- }
-
- h = (struct pointer_header *)&((char *)pointer)
- [ - sizeof(struct pointer_header) ];
-
- /* Check any magic here */
-
- if( newSize == h->size ) {
- /* saves thrashing */
- return pointer;
- }
-
- if( (NSSArena *)NULL == h->arena ) {
- /* Heap */
- new_h = (struct pointer_header *)PR_Calloc(1, my_newSize);
- if( (struct pointer_header *)NULL == new_h ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- new_h->arena = (NSSArena *)NULL;
- new_h->size = newSize;
- rv = (void *)((char *)new_h + sizeof(struct pointer_header));
-
- if( newSize > h->size ) {
- (void)nsslibc_memcpy(rv, pointer, h->size);
- (void)nsslibc_memset(&((char *)rv)[ h->size ],
- 0, (newSize - h->size));
- } else {
- (void)nsslibc_memcpy(rv, pointer, newSize);
- }
-
- (void)nsslibc_memset(pointer, 0, h->size);
- h->size = 0;
- PR_Free(h);
-
- return rv;
- } else {
- void *p;
- /* Arena */
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssArena_verifyPointer(h->arena) ) {
- return (void *)NULL;
- }
-#endif /* NSSDEBUG */
-
- PR_Lock(h->arena->lock);
- if( (PRLock *)NULL == h->arena->lock ) {
- /* Just got destroyed.. so this pointer is invalid */
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (void *)NULL;
- }
-
-#ifdef ARENA_THREADMARK
- if( (PRThread *)NULL != h->arena->marking_thread ) {
- if( PR_GetCurrentThread() != h->arena->marking_thread ) {
- PR_Unlock(h->arena->lock);
- nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
- return (void *)NULL;
- }
- }
-#endif /* ARENA_THREADMARK */
-
- if( newSize < h->size ) {
- /*
- * We have no general way of returning memory to the arena
- * (mark/release doesn't work because things may have been
- * allocated after this object), so the memory is gone
- * anyway. We might as well just return the same pointer to
- * the user, saying "yeah, uh-hunh, you can only use less of
- * it now." We'll zero the leftover part, of course. And
- * in fact we might as well *not* adjust h->size-- this way,
- * if the user reallocs back up to something not greater than
- * the original size, then voila, there's the memory! This
- * way a thrash big/small/big/small doesn't burn up the arena.
- */
- char *extra = &((char *)pointer)[ newSize ];
- (void)nsslibc_memset(extra, 0, (h->size - newSize));
- PR_Unlock(h->arena->lock);
- return pointer;
- }
-
- PR_ARENA_ALLOCATE(p, &h->arena->pool, my_newSize);
- if( (void *)NULL == p ) {
- PR_Unlock(h->arena->lock);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (void *)NULL;
- }
-
- new_h = (struct pointer_header *)p;
- new_h->arena = h->arena;
- new_h->size = newSize;
- rv = (void *)((char *)h + sizeof(struct pointer_header));
- (void)nsslibc_memcpy(rv, pointer, h->size);
- (void)nsslibc_memset(&((char *)rv)[ h->size ], 0,
- (newSize - h->size));
- (void)nsslibc_memset(pointer, 0, h->size);
- h->arena = (NSSArena *)NULL;
- h->size = 0;
- PR_Unlock(h->arena->lock);
- return rv;
- }
- /*NOTREACHED*/
-}
diff --git a/security/nss/lib/base/base.h b/security/nss/lib/base/base.h
deleted file mode 100644
index 9523a243b..000000000
--- a/security/nss/lib/base/base.h
+++ /dev/null
@@ -1,1415 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef BASE_H
-#define BASE_H
-
-#ifdef DEBUG
-static const char BASE_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * base.h
- *
- * This header file contains basic prototypes and preprocessor
- * definitions used throughout nss but not available publicly.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#include "plhash.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSArena
- *
- * The nonpublic methods relating to this type are:
- *
- * nssArena_Create -- constructor
- * nssArena_Destroy
- * nssArena_Mark
- * nssArena_Release
- * nssArena_Unmark
- *
- * nss_ZAlloc
- * nss_ZFreeIf
- * nss_ZRealloc
- *
- * Additionally, there are some preprocessor macros:
- *
- * nss_ZNEW
- * nss_ZNEWARRAY
- *
- * In debug builds, the following calls are available:
- *
- * nssArena_verifyPointer
- * nssArena_registerDestructor
- * nssArena_deregisterDestructor
- *
- * The following preprocessor macro is also always available:
- *
- * nssArena_VERIFYPOINTER
- *
- * A constant PLHashAllocOps structure is available for users
- * of the NSPL PLHashTable routines.
- *
- * nssArenaHashAllocOps
- */
-
-/*
- * nssArena_Create
- *
- * This routine creates a new memory arena. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSArena upon success
- */
-
-/*
- * XXX fgmr
- * Arenas can be named upon creation; this is mostly of use when
- * debugging. Should we expose that here, allowing an optional
- * "const char *name" argument? Should the public version of this
- * call (NSSArena_Create) have it too?
- */
-
-NSS_EXTERN NSSArena *
-nssArena_Create
-(
- void
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_Destroy
-(
- NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-
-/*
- * nssArena_Mark
- *
- * This routine "marks" the current state of an arena. Space
- * allocated after the arena has been marked can be freed by
- * releasing the arena back to the mark with nssArena_Release,
- * or committed by calling nssArena_Unmark. When successful,
- * this routine returns a valid nssArenaMark pointer. This
- * routine may return NULL upon error, in which case it will
- * have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon failure
- * An nssArenaMark pointer upon success
- */
-
-NSS_EXTERN nssArenaMark *
-nssArena_Mark
-(
- NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-/*
- * nssArena_Release
- *
- * This routine invalidates and releases all memory allocated from
- * the specified arena after the point at which the specified mark
- * was obtained. This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS. If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ARENA_MARK
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_Release
-(
- NSSArena *arena,
- nssArenaMark *arenaMark
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_ARENA_MARK;
-
-/*
- * nssArena_Unmark
- *
- * This routine "commits" the indicated mark and any marks after
- * it, making them unreleasable. Note that any earlier marks can
- * still be released, and such a release will invalidate these
- * later unmarked regions. If an arena is to be safely shared by
- * more than one thread, all marks must be either released or
- * unmarked. This routine returns a PRStatus value; if successful,
- * it will return PR_SUCCESS. If unsuccessful, it will set an error
- * on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ARENA_MARK
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_Unmark
-(
- NSSArena *arena,
- nssArenaMark *arenaMark
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_ARENA_MARK;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-#ifdef ARENA_DESTRUCTOR_LIST
-
-/*
- * nssArena_registerDestructor
- *
- * This routine stores a pointer to a callback and an arbitrary
- * pointer-sized argument in the arena, at the current point in
- * the mark stack. If the arena is destroyed, or an "earlier"
- * mark is released, then this destructor will be called at that
- * time. Note that the destructor will be called with the arena
- * locked, which means the destructor may free memory in that
- * arena, but it may not allocate or cause to be allocated any
- * memory. This callback facility was included to support our
- * debug-version pointer-tracker feature; overuse runs counter to
- * the the original intent of arenas. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * unsuccessful, it will set an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_registerDestructor
-(
- NSSArena *arena,
- void (*destructor)(void *argument),
- void *arg
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssArena_deregisterDestructor
- *
- * This routine will remove the first destructor in the specified
- * arena which has the specified destructor and argument values.
- * The destructor will not be called. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * unsuccessful, it will set an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nssArena_deregisterDestructor
-(
- NSSArena *arena,
- void (*destructor)(void *argument),
- void *arg
-);
-
-extern const NSSError NSS_ERROR_INVALID_ITEM;
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-#endif /* ARENA_DESTRUCTOR_LIST */
-
-/*
- * nss_ZAlloc
- *
- * This routine allocates and zeroes a section of memory of the
- * size, and returns to the caller a pointer to that memory. If
- * the optional arena argument is non-null, the memory will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in
- * which case it will have set an error upon the error stack. The
- * value specified for size may be zero; in which case a valid
- * zero-length block of memory will be allocated. This block may
- * be expanded by calling nss_ZRealloc.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon error
- * A pointer to the new segment of zeroed memory
- */
-
-NSS_EXTERN void *
-nss_ZAlloc
-(
- NSSArena *arenaOpt,
- PRUint32 size
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-/*
- * nss_ZFreeIf
- *
- * If the specified pointer is non-null, then the region of memory
- * to which it points -- which must have been allocated with
- * nss_ZAlloc -- will be zeroed and released. This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_EXTERN PRStatus
-nss_ZFreeIf
-(
- void *pointer
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nss_ZRealloc
- *
- * This routine reallocates a block of memory obtained by calling
- * nss_ZAlloc or nss_ZRealloc. The portion of memory
- * between the new and old sizes -- which is either being newly
- * obtained or released -- is in either case zeroed. This routine
- * may return NULL upon failure, in which case it will have placed
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- *
- * Return value:
- * NULL upon error
- * A pointer to the replacement segment of memory
- */
-
-NSS_EXTERN void *
-nss_ZRealloc
-(
- void *pointer,
- PRUint32 newSize
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD;
-
-/*
- * nss_ZNEW
- *
- * This preprocessor macro will allocate memory for a new object
- * of the specified type with nss_ZAlloc, and will cast the
- * return value appropriately. If the optional arena argument is
- * non-null, the memory will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have set an error
- * upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the new segment of zeroed memory
- */
-
-/* The following line exceeds 72 characters, but emacs screws up if I split it. */
-#define nss_ZNEW(arenaOpt, type) ((type *)nss_ZAlloc((arenaOpt), sizeof(type)))
-
-/*
- * nss_ZNEWARRAY
- *
- * This preprocessor macro will allocate memory for an array of
- * new objects, and will cast the return value appropriately.
- * If the optional arena argument is non-null, the memory will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon
- * error, in which case it will have set an error upon the error
- * stack. The array size may be specified as zero.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the new segment of zeroed memory
- */
-
-/* The following line exceeds 72 characters, but emacs screws up if I split it. */
-#define nss_ZNEWARRAY(arenaOpt, type, quantity) ((type *)nss_ZAlloc((arenaOpt), sizeof(type) * (quantity)))
-
-/*
- * nssArena_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSArena object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssArena_verifyPointer
-(
- const NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-#endif /* DEBUG */
-
-/*
- * nssArena_VERIFYPOINTER
- *
- * This macro is always available. In debug builds it will call
- * nssArena_verifyPointer; in non-debug builds, it will merely
- * check that the pointer is not null. Note that in non-debug
- * builds it cannot place an error on the error stack.
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-#define nssArena_VERIFYPOINTER(p) nssArena_verifyPointer(p)
-#else /* DEBUG */
-/* The following line exceeds 72 characters, but emacs screws up if I split it. */
-#define nssArena_VERIFYPOINTER(p) (((NSSArena *)NULL == (p))?PR_FAILURE:PR_SUCCESS)
-#endif /* DEBUG */
-
-/*
- * nssArenaHashAllocOps
- *
- * This constant structure contains allocation callbacks designed for
- * use with the NSPL routine PL_NewHashTable. For example:
- *
- * NSSArena *hashTableArena = nssArena_Create();
- * PLHashTable *t = PL_NewHashTable(n, hasher, key_compare,
- * value_compare, nssArenaHashAllocOps, hashTableArena);
- */
-
-NSS_EXTERN_DATA PLHashAllocOps nssArenaHashAllocOps;
-
-/*
- * The error stack
- *
- * The nonpublic methods relating to the error stack are:
- *
- * nss_SetError
- * nss_ClearErrorStack
- */
-
-/*
- * nss_SetError
- *
- * This routine places a new error code on the top of the calling
- * thread's error stack. Calling this routine wiht an error code
- * of zero will clear the error stack.
- */
-
-NSS_EXTERN void
-nss_SetError
-(
- PRUint32 error
-);
-
-/*
- * nss_ClearErrorStack
- *
- * This routine clears the calling thread's error stack.
- */
-
-NSS_EXTERN void
-nss_ClearErrorStack
-(
- void
-);
-
-/*
- * NSSItem
- *
- * nssItem_Create
- * nssItem_Duplicate
- * nssItem_Equal
- */
-
-NSS_EXTERN NSSItem *
-nssItem_Create
-(
- NSSArena *arenaOpt,
- NSSItem *rvOpt,
- PRUint32 length,
- const void *data
-);
-
-NSS_EXTERN void
-nssItem_Destroy
-(
- NSSItem *item
-);
-
-NSS_EXTERN NSSItem *
-nssItem_Duplicate
-(
- NSSItem *obj,
- NSSArena *arenaOpt,
- NSSItem *rvOpt
-);
-
-NSS_EXTERN PRBool
-nssItem_Equal
-(
- const NSSItem *one,
- const NSSItem *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSUTF8
- *
- * nssUTF8_CaseIgnoreMatch
- * nssUTF8_Duplicate
- * nssUTF8_Size
- * nssUTF8_Length
- * nssUTF8_CopyIntoFixedBuffer
- */
-
-/*
- * nssUTF8_CaseIgnoreMatch
- *
- * Returns true if the two UTF8-encoded strings pointed to by the
- * two specified NSSUTF8 pointers differ only in typcase.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if the strings match, ignoring case
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssUTF8_CaseIgnoreMatch
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-);
-
-/*
- * nssUTF8_Duplicate
- *
- * This routine duplicates the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer. If the optional arenaOpt argument is
- * not null, the memory required will be obtained from that arena;
- * otherwise, the memory required will be obtained from the heap.
- * A pointer to the new string will be returned. In case of error,
- * an error will be placed on the error stack and NULL will be
- * returned.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- */
-
-NSS_EXTERN NSSUTF8 *
-nssUTF8_Duplicate
-(
- const NSSUTF8 *s,
- NSSArena *arenaOpt
-);
-
-/*
- * nssUTF8_PrintableMatch
- *
- * Returns true if the two Printable strings pointed to by the
- * two specified NSSUTF8 pointers match when compared with the
- * rules for Printable String (leading and trailing spaces are
- * disregarded, extents of whitespace match irregardless of length,
- * and case is not significant), then PR_TRUE will be returned.
- * Otherwise, PR_FALSE will be returned. Upon failure, PR_FALSE
- * will be returned. If the optional statusOpt argument is not
- * NULL, then PR_SUCCESS or PR_FAILURE will be stored in that
- * location.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if the strings match, ignoring case
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssUTF8_PrintableMatch
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-);
-
-/*
- * nssUTF8_Size
- *
- * This routine returns the length in bytes (including the terminating
- * null) of the UTF8-encoded string pointed to by the specified
- * NSSUTF8 pointer. Zero is returned on error.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * nonzero size of the string
- * 0 on error
- */
-
-NSS_EXTERN PRUint32
-nssUTF8_Size
-(
- const NSSUTF8 *s,
- PRStatus *statusOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_VALUE_TOO_LARGE;
-
-/*
- * nssUTF8_Length
- *
- * This routine returns the length in characters (not including the
- * terminating null) of the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_VALUE_TOO_LARGE
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * length of the string (which may be zero)
- * 0 on error
- */
-
-NSS_EXTERN PRUint32
-nssUTF8_Length
-(
- const NSSUTF8 *s,
- PRStatus *statusOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_VALUE_TOO_LARGE;
-extern const NSSError NSS_ERROR_INVALID_STRING;
-
-/*
- * nssUTF8_Create
- *
- * This routine creates a UTF8 string from a string in some other
- * format. Some types of string may include embedded null characters,
- * so for them the length parameter must be used. For string types
- * that are null-terminated, the length parameter is optional; if it
- * is zero, it will be ignored. If the optional arena argument is
- * non-null, the memory used for the new string will be obtained from
- * that arena, otherwise it will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_UNSUPPORTED_TYPE
- *
- * Return value:
- * NULL upon error
- * A non-null pointer to a new UTF8 string otherwise
- */
-
-NSS_EXTERN NSSUTF8 *
-nssUTF8_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- const void *inputString,
- PRUint32 size /* in bytes, not characters */
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_UNSUPPORTED_TYPE;
-
-NSS_EXTERN NSSItem *
-nssUTF8_GetEncoding
-(
- NSSArena *arenaOpt,
- NSSItem *rvOpt,
- nssStringType type,
- NSSUTF8 *string
-);
-
-/*
- * nssUTF8_CopyIntoFixedBuffer
- *
- * This will copy a UTF8 string into a fixed-length buffer, making
- * sure that the all characters are valid. Any remaining space will
- * be padded with the specified ASCII character, typically either
- * null or space.
- *
- * Blah, blah, blah.
- */
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
-
-NSS_EXTERN PRStatus
-nssUTF8_CopyIntoFixedBuffer
-(
- NSSUTF8 *string,
- char *buffer,
- PRUint32 bufferSize,
- char pad
-);
-
-/*
- * nssUTF8_Equal
- *
- */
-
-NSS_EXTERN PRBool
-nssUTF8_Equal
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-);
-
-/*
- * nssList
- *
- * The goal is to provide a simple, optionally threadsafe, linked list
- * class. Since NSS did not seem to use the circularity of PRCList
- * much before, this provides a list that appears to be a linear,
- * NULL-terminated list.
- */
-
-/*
- * nssList_Create
- *
- * If threadsafe is true, the list will be locked during modifications
- * and traversals.
- */
-NSS_EXTERN nssList *
-nssList_Create
-(
- NSSArena *arenaOpt,
- PRBool threadSafe
-);
-
-/*
- * nssList_Destroy
- */
-NSS_EXTERN PRStatus
-nssList_Destroy
-(
- nssList *list
-);
-
-NSS_EXTERN void
-nssList_Clear
-(
- nssList *list,
- nssListElementDestructorFunc destructor
-);
-
-/*
- * nssList_SetCompareFunction
- *
- * By default, two list elements will be compared by comparing their
- * data pointers. By setting this function, the user can control
- * how elements are compared.
- */
-NSS_EXTERN void
-nssList_SetCompareFunction
-(
- nssList *list,
- nssListCompareFunc compareFunc
-);
-
-/*
- * nssList_SetSortFunction
- *
- * Sort function to use for an ordered list.
- */
-NSS_EXTERN void
-nssList_SetSortFunction
-(
- nssList *list,
- nssListSortFunc sortFunc
-);
-
-/*
- * nssList_Add
- */
-NSS_EXTERN PRStatus
-nssList_Add
-(
- nssList *list,
- void *data
-);
-
-/*
- * nssList_AddUnique
- *
- * This will use the compare function to see if the element is already
- * in the list.
- */
-NSS_EXTERN PRStatus
-nssList_AddUnique
-(
- nssList *list,
- void *data
-);
-
-/*
- * nssList_Remove
- *
- * Uses the compare function to locate the element and remove it.
- */
-NSS_EXTERN PRStatus
-nssList_Remove(nssList *list, void *data);
-
-/*
- * nssList_Get
- *
- * Uses the compare function to locate an element. Also serves as
- * nssList_Exists.
- */
-NSS_EXTERN void *
-nssList_Get
-(
- nssList *list,
- void *data
-);
-
-/*
- * nssList_Count
- */
-NSS_EXTERN PRUint32
-nssList_Count
-(
- nssList *list
-);
-
-/*
- * nssList_GetArray
- *
- * Fill rvArray, up to maxElements, with elements in the list. The
- * array is NULL-terminated, so its allocated size must be maxElements + 1.
- */
-NSS_EXTERN PRStatus
-nssList_GetArray
-(
- nssList *list,
- void **rvArray,
- PRUint32 maxElements
-);
-
-/*
- * nssList_CreateIterator
- *
- * Create an iterator for list traversal.
- */
-NSS_EXTERN nssListIterator *
-nssList_CreateIterator
-(
- nssList *list
-);
-
-/*
- * nssListIterator_Destroy
- */
-NSS_EXTERN void
-nssListIterator_Destroy
-(
- nssListIterator *iter
-);
-
-/*
- * nssListIterator_Start
- *
- * Begin a list iteration. After this call, if the list is threadSafe,
- * the list is *locked*.
- */
-NSS_EXTERN void *
-nssListIterator_Start
-(
- nssListIterator *iter
-);
-
-/*
- * nssListIterator_Next
- *
- * Continue a list iteration.
- */
-NSS_EXTERN void *
-nssListIterator_Next
-(
- nssListIterator *iter
-);
-
-/*
- * nssListIterator_Finish
- *
- * Complete a list iteration. This *must* be called in order for the
- * lock to be released.
- */
-NSS_EXTERN PRStatus
-nssListIterator_Finish
-(
- nssListIterator *iter
-);
-
-/*
- * nssHash
- *
- * nssHash_Create
- * nssHash_Destroy
- * nssHash_Add
- * nssHash_Remove
- * nssHash_Count
- * nssHash_Exists
- * nssHash_Lookup
- * nssHash_Iterate
- */
-
-/*
- * nssHash_Create
- *
- */
-
-NSS_EXTERN nssHash *
-nssHash_Create
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets,
- PLHashFunction keyHash,
- PLHashComparator keyCompare,
- PLHashComparator valueCompare
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreatePointer
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreateString
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-);
-
-NSS_EXTERN nssHash *
-nssHash_CreateItem
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-);
-
-/*
- * nssHash_Destroy
- *
- */
-NSS_EXTERN void
-nssHash_Destroy
-(
- nssHash *hash
-);
-
-/*
- * nssHash_Add
- *
- */
-NSS_EXTERN PRStatus
-nssHash_Add
-(
- nssHash *hash,
- const void *key,
- const void *value
-);
-
-/*
- * nssHash_Remove
- *
- */
-NSS_EXTERN void
-nssHash_Remove
-(
- nssHash *hash,
- const void *it
-);
-
-/*
- * nssHash_Count
- *
- */
-NSS_EXTERN PRUint32
-nssHash_Count
-(
- nssHash *hash
-);
-
-/*
- * nssHash_Exists
- *
- */
-NSS_EXTERN PRBool
-nssHash_Exists
-(
- nssHash *hash,
- const void *it
-);
-
-/*
- * nssHash_Lookup
- *
- */
-NSS_EXTERN void *
-nssHash_Lookup
-(
- nssHash *hash,
- const void *it
-);
-
-/*
- * nssHash_Iterate
- *
- */
-NSS_EXTERN void
-nssHash_Iterate
-(
- nssHash *hash,
- nssHashIterator fcn,
- void *closure
-);
-
-
-/*
- * nssPointerTracker
- *
- * This type and these methods are only present in debug builds.
- *
- * The nonpublic methods relating to this type are:
- *
- * nssPointerTracker_initialize
- * nssPointerTracker_finalize
- * nssPointerTracker_add
- * nssPointerTracker_remove
- * nssPointerTracker_verify
- */
-
-/*
- * nssPointerTracker_initialize
- *
- * This method is only present in debug builds.
- *
- * This routine initializes an nssPointerTracker object. Note that
- * the object must have been declared *static* to guarantee that it
- * is in a zeroed state initially. This routine is idempotent, and
- * may even be safely called by multiple threads simultaneously with
- * the same argument. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. On failure it will set an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_initialize
-(
- nssPointerTracker *tracker
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_finalize
- *
- * This method is only present in debug builds.
- *
- * This routine returns the nssPointerTracker object to the pre-
- * initialized state, releasing all resources used by the object.
- * It will *NOT* destroy the objects being tracked by the pointer
- * (should any remain), and therefore cannot be used to "sweep up"
- * remaining objects. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCES. On failure it will set an
- * error on the error stack and return PR_FAILURE. If any objects
- * remain in the tracker when it is finalized, that will be treated
- * as an error.
- *
- * The error may be one of the following values:
- * NSS_ERROR_TRACKER_NOT_EMPTY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_finalize
-(
- nssPointerTracker *tracker
-);
-
-extern const NSSError NSS_ERROR_TRACKER_NOT_EMPTY;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_add
- *
- * This method is only present in debug builds.
- *
- * This routine adds the specified pointer to the nssPointerTracker
- * object. It should be called in constructor objects to register
- * new valid objects. The nssPointerTracker is threadsafe, but this
- * call is not idempotent. This routine returns a PRStatus value;
- * if successful it will return PR_SUCCESS. On failure it will set
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_DUPLICATE_POINTER
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_add
-(
- nssPointerTracker *tracker,
- const void *pointer
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-extern const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED;
-extern const NSSError NSS_ERROR_DUPLICATE_POINTER;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_remove
- *
- * This method is only present in debug builds.
- *
- * This routine removes the specified pointer from the
- * nssPointerTracker object. It does not call any destructor for the
- * object; rather, this should be called from the object's destructor.
- * The nssPointerTracker is threadsafe, but this call is not
- * idempotent. This routine returns a PRStatus value; if successful
- * it will return PR_SUCCESS. On failure it will set an error on the
- * error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_remove
-(
- nssPointerTracker *tracker,
- const void *pointer
-);
-
-extern const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED;
-extern const NSSError NSS_ERROR_POINTER_NOT_REGISTERED;
-#endif /* DEBUG */
-
-/*
- * nssPointerTracker_verify
- *
- * This method is only present in debug builds.
- *
- * This routine verifies that the specified pointer has been registered
- * with the nssPointerTracker object. The nssPointerTracker object is
- * threadsafe, and this call may be safely called from multiple threads
- * simultaneously with the same arguments. This routine returns a
- * PRStatus value; if the pointer is registered this will return
- * PR_SUCCESS. Otherwise it will set an error on the error stack and
- * return PR_FAILURE. Although the error is suitable for leaving on
- * the stack, callers may wish to augment the information available by
- * placing a more type-specific error on the stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILRUE
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssPointerTracker_verify
-(
- nssPointerTracker *tracker,
- const void *pointer
-);
-
-extern const NSSError NSS_ERROR_POINTER_NOT_REGISTERED;
-#endif /* DEBUG */
-
-/*
- * libc
- *
- * nsslibc_memcpy
- * nsslibc_memset
- * nsslibc_offsetof
- */
-
-/*
- * nsslibc_memcpy
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * NULL on error
- * The destination pointer on success
- */
-
-NSS_EXTERN void *
-nsslibc_memcpy
-(
- void *dest,
- const void *source,
- PRUint32 n
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nsslibc_memset
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * NULL on error
- * The destination pointer on success
- */
-
-NSS_EXTERN void *
-nsslibc_memset
-(
- void *dest,
- PRUint8 byte,
- PRUint32 n
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-/*
- * nsslibc_memequal
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if they match
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nsslibc_memequal
-(
- const void *a,
- const void *b,
- PRUint32 len,
- PRStatus *statusOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-
-#define nsslibc_offsetof(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
-
-/*
- * nss_NewThreadPrivateIndex
- *
- */
-
-NSS_EXTERN PRStatus
-nss_NewThreadPrivateIndex
-(
- PRUintn *ip
-);
-
-/*
- * nss_GetThreadPrivate
- *
- */
-
-NSS_EXTERN void *
-nss_GetThreadPrivate
-(
- PRUintn i
-);
-
-/*
- * nss_SetThreadPrivate
- *
- */
-
-NSS_EXTERN void
-nss_SetThreadPrivate
-(
- PRUintn i,
- void *v
-);
-
-
-PR_END_EXTERN_C
-
-#endif /* BASE_H */
diff --git a/security/nss/lib/base/baset.h b/security/nss/lib/base/baset.h
deleted file mode 100644
index 6df6da5aa..000000000
--- a/security/nss/lib/base/baset.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef BASET_H
-#define BASET_H
-
-#ifdef DEBUG
-static const char BASET_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * baset.h
- *
- * This file contains definitions for the basic types used throughout
- * nss but not available publicly.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#include "plhash.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssArenaMark
- *
- * This type is used to mark the current state of an NSSArena.
- */
-
-struct nssArenaMarkStr;
-typedef struct nssArenaMarkStr nssArenaMark;
-
-#ifdef DEBUG
-/*
- * ARENA_THREADMARK
- *
- * Optionally, this arena implementation can be compiled with some
- * runtime checking enabled, which will catch the situation where
- * one thread "marks" the arena, another thread allocates memory,
- * and then the mark is released. Usually this is a surprise to
- * the second thread, and this leads to weird runtime errors.
- * Define ARENA_THREADMARK to catch these cases; we define it for all
- * (internal and external) debug builds.
- */
-#define ARENA_THREADMARK
-
-/*
- * ARENA_DESTRUCTOR_LIST
- *
- * Unfortunately, our pointer-tracker facility, used in debug
- * builds to agressively fight invalid pointers, requries that
- * pointers be deregistered when objects are destroyed. This
- * conflicts with the standard arena usage where "memory-only"
- * objects (that don't hold onto resources outside the arena)
- * can be allocated in an arena, and never destroyed other than
- * when the arena is destroyed. Therefore we have added a
- * destructor-registratio facility to our arenas. This was not
- * a simple decision, since we're getting ever-further away from
- * the original arena philosophy. However, it was felt that
- * adding this in debug builds wouldn't be so bad; as it would
- * discourage them from being used for "serious" purposes.
- * This facility requires ARENA_THREADMARK to be defined.
- */
-#ifdef ARENA_THREADMARK
-#define ARENA_DESTRUCTOR_LIST
-#endif /* ARENA_THREADMARK */
-
-#endif /* DEBUG */
-
-typedef struct nssListStr nssList;
-typedef struct nssListIteratorStr nssListIterator;
-typedef PRBool (* nssListCompareFunc)(void *a, void *b);
-typedef PRIntn (* nssListSortFunc)(void *a, void *b);
-typedef void (* nssListElementDestructorFunc)(void *el);
-
-typedef struct nssHashStr nssHash;
-typedef void (PR_CALLBACK *nssHashIterator)(const void *key,
- void *value,
- void *arg);
-
-/*
- * nssPointerTracker
- *
- * This type is used in debug builds (both external and internal) to
- * track our object pointers. Objects of this type must be statically
- * allocated, which means the structure size must be available to the
- * compiler. Therefore we must expose the contents of this structure.
- * But please don't access elements directly; use the accessors.
- */
-
-#ifdef DEBUG
-struct nssPointerTrackerStr {
- PRCallOnceType once;
- PZLock *lock;
- PLHashTable *table;
-};
-typedef struct nssPointerTrackerStr nssPointerTracker;
-#endif /* DEBUG */
-
-/*
- * nssStringType
- *
- * There are several types of strings in the real world. We try to
- * use only UTF8 and avoid the rest, but that's not always possible.
- * So we have a couple converter routines to go to and from the other
- * string types. We have to be able to specify those string types,
- * so we have this enumeration.
- */
-
-enum nssStringTypeEnum {
- nssStringType_DirectoryString,
- nssStringType_TeletexString, /* Not "teletext" with trailing 't' */
- nssStringType_PrintableString,
- nssStringType_UniversalString,
- nssStringType_BMPString,
- nssStringType_UTF8String,
- nssStringType_PHGString,
- nssStringType_GeneralString,
-
- nssStringType_Unknown = -1
-};
-typedef enum nssStringTypeEnum nssStringType;
-
-PR_END_EXTERN_C
-
-#endif /* BASET_H */
diff --git a/security/nss/lib/base/config.mk b/security/nss/lib/base/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/base/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/base/error.c b/security/nss/lib/base/error.c
deleted file mode 100644
index d3b44c7a0..000000000
--- a/security/nss/lib/base/error.c
+++ /dev/null
@@ -1,298 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * error.c
- *
- * This file contains the code implementing the per-thread error
- * stacks upon which most NSS routines report their errors.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * The stack itself has a header, and a sequence of integers.
- * The header records the amount of space (as measured in stack
- * slots) already allocated for the stack, and the count of the
- * number of records currently being used.
- */
-
-struct stack_header_str {
- PRUint16 space;
- PRUint16 count;
-};
-
-struct error_stack_str {
- struct stack_header_str header;
- PRInt32 stack[1];
-};
-typedef struct error_stack_str error_stack;
-
-/*
- * error_stack_index
- *
- * Thread-private data must be indexed. This is that index.
- * See PR_NewThreadPrivateIndex for more information.
- */
-
-static PRUintn error_stack_index;
-
-/*
- * call_once
- *
- * The thread-private index must be obtained (once!) at runtime.
- * This block is used for that one-time call.
- */
-
-static PRCallOnceType error_call_once;
-
-/*
- * error_once_function
- *
- * This is the once-called callback.
- */
-
-static PRStatus
-error_once_function
-(
- void
-)
-{
- return nss_NewThreadPrivateIndex(&error_stack_index);
- /* return PR_NewThreadPrivateIndex(&error_stack_index, PR_Free); */
-}
-
-/*
- * error_get_my_stack
- *
- * This routine returns the calling thread's error stack, creating
- * it if necessary. It may return NULL upon error, which implicitly
- * means that it ran out of memory.
- */
-
-static error_stack *
-error_get_my_stack
-(
- void
-)
-{
- PRStatus st;
- error_stack *rv;
- PRUintn new_size;
- PRUint32 new_bytes;
- error_stack *new_stack;
-
- if( 0 == error_stack_index ) {
- st = PR_CallOnce(&error_call_once, error_once_function);
- if( PR_SUCCESS != st ) {
- return (error_stack *)NULL;
- }
- }
-
- rv = (error_stack *)nss_GetThreadPrivate(error_stack_index);
- if( (error_stack *)NULL == rv ) {
- /* Doesn't exist; create one */
- new_size = 16;
- } else {
- if( rv->header.count == rv->header.space ) {
- /* Too small, expand it */
- new_size = rv->header.space + 16;
- } else {
- /* Okay, return it */
- return rv;
- }
- }
-
- new_bytes = (new_size * sizeof(PRInt32)) +
- sizeof(struct stack_header_str);
- /* Use NSPR's calloc/realloc, not NSS's, to avoid loops! */
- if( (error_stack *)NULL == rv ) {
- new_stack = PR_Calloc(1, new_bytes);
- } else {
- new_stack = PR_Realloc(rv, new_bytes);
- }
-
- if( (error_stack *)NULL != new_stack ) {
- new_stack->header.space = new_size;
- }
-
- /* Set the value, whether or not the allocation worked */
- nss_SetThreadPrivate(error_stack_index, new_stack);
- return new_stack;
-}
-
-/*
- * The error stack
- *
- * The public methods relating to the error stack are:
- *
- * NSS_GetError
- * NSS_GetErrorStack
- *
- * The nonpublic methods relating to the error stack are:
- *
- * nss_SetError
- * nss_ClearErrorStack
- *
- */
-
-/*
- * NSS_GetError
- *
- * This routine returns the highest-level (most general) error set
- * by the most recent NSS library routine called by the same thread
- * calling this routine.
- *
- * This routine cannot fail. However, it may return zero, which
- * indicates that the previous NSS library call did not set an error.
- *
- * Return value:
- * 0 if no error has been set
- * A nonzero error number
- */
-
-NSS_IMPLEMENT PRInt32
-NSS_GetError
-(
- void
-)
-{
- error_stack *es = error_get_my_stack();
-
- if( (error_stack *)NULL == es ) {
- return NSS_ERROR_NO_MEMORY; /* Good guess! */
- }
-
- if( 0 == es->header.count ) {
- return 0;
- }
-
- return es->stack[ es->header.count-1 ];
-}
-
-/*
- * NSS_GetErrorStack
- *
- * This routine returns a pointer to an array of integers, containing
- * the entire sequence or "stack" of errors set by the most recent NSS
- * library routine called by the same thread calling this routine.
- * NOTE: the caller DOES NOT OWN the memory pointed to by the return
- * value. The pointer will remain valid until the calling thread
- * calls another NSS routine. The lowest-level (most specific) error
- * is first in the array, and the highest-level is last. The array is
- * zero-terminated. This routine may return NULL upon error; this
- * indicates a low-memory situation.
- *
- * Return value:
- * NULL upon error, which is an implied NSS_ERROR_NO_MEMORY
- * A NON-caller-owned pointer to an array of integers
- */
-
-NSS_IMPLEMENT PRInt32 *
-NSS_GetErrorStack
-(
- void
-)
-{
- error_stack *es = error_get_my_stack();
-
- if( (error_stack *)NULL == es ) {
- return (PRInt32 *)NULL;
- }
-
- /* Make sure it's terminated */
- es->stack[ es->header.count ] = 0;
-
- return es->stack;
-}
-
-/*
- * nss_SetError
- *
- * This routine places a new error code on the top of the calling
- * thread's error stack. Calling this routine wiht an error code
- * of zero will clear the error stack.
- */
-
-NSS_IMPLEMENT void
-nss_SetError
-(
- PRUint32 error
-)
-{
- error_stack *es;
-
- if( 0 == error ) {
- nss_ClearErrorStack();
- return;
- }
-
- es = error_get_my_stack();
- if( (error_stack *)NULL == es ) {
- /* Oh, well. */
- return;
- }
-
- es->stack[ es->header.count ] = error;
- es->header.count++;
- return;
-}
-
-/*
- * nss_ClearErrorStack
- *
- * This routine clears the calling thread's error stack.
- */
-
-NSS_IMPLEMENT void
-nss_ClearErrorStack
-(
- void
-)
-{
- error_stack *es = error_get_my_stack();
- if( (error_stack *)NULL == es ) {
- /* Oh, well. */
- return;
- }
-
- es->header.count = 0;
- es->stack[0] = 0;
- return;
-}
diff --git a/security/nss/lib/base/errorval.c b/security/nss/lib/base/errorval.c
deleted file mode 100644
index 03522ba52..000000000
--- a/security/nss/lib/base/errorval.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * errorval.c
- *
- * This file contains the actual error constants used in NSS.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-const NSSError NSS_ERROR_NO_ERROR = 0;
-const NSSError NSS_ERROR_INTERNAL_ERROR = 1;
-const NSSError NSS_ERROR_NO_MEMORY = 2;
-const NSSError NSS_ERROR_INVALID_POINTER = 3;
-const NSSError NSS_ERROR_INVALID_ARENA = 4;
-const NSSError NSS_ERROR_INVALID_ARENA_MARK = 5;
-const NSSError NSS_ERROR_DUPLICATE_POINTER = 6;
-const NSSError NSS_ERROR_POINTER_NOT_REGISTERED = 7;
-const NSSError NSS_ERROR_TRACKER_NOT_EMPTY = 8;
-const NSSError NSS_ERROR_TRACKER_NOT_INITIALIZED = 9;
-const NSSError NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD = 10;
-const NSSError NSS_ERROR_VALUE_TOO_LARGE = 11;
-const NSSError NSS_ERROR_UNSUPPORTED_TYPE = 12;
-const NSSError NSS_ERROR_BUFFER_TOO_SHORT = 13;
-const NSSError NSS_ERROR_INVALID_ATOB_CONTEXT = 14;
-const NSSError NSS_ERROR_INVALID_BASE64 = 15;
-const NSSError NSS_ERROR_INVALID_BTOA_CONTEXT = 16;
-const NSSError NSS_ERROR_INVALID_ITEM = 17;
-const NSSError NSS_ERROR_INVALID_STRING = 18;
-const NSSError NSS_ERROR_INVALID_ASN1ENCODER = 19;
-const NSSError NSS_ERROR_INVALID_ASN1DECODER = 20;
-
-const NSSError NSS_ERROR_INVALID_BER = 21;
-const NSSError NSS_ERROR_INVALID_ATAV = 22;
-const NSSError NSS_ERROR_INVALID_ARGUMENT = 23;
-const NSSError NSS_ERROR_INVALID_UTF8 = 24;
-const NSSError NSS_ERROR_INVALID_NSSOID = 25;
-const NSSError NSS_ERROR_UNKNOWN_ATTRIBUTE = 26;
-
-const NSSError NSS_ERROR_NOT_FOUND = 27;
-
-const NSSError NSS_ERROR_INVALID_PASSWORD = 28;
-const NSSError NSS_ERROR_USER_CANCELED = 29;
-
-const NSSError NSS_ERROR_MAXIMUM_FOUND = 30;
-
-const NSSError NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND = 31;
-
diff --git a/security/nss/lib/base/hash.c b/security/nss/lib/base/hash.c
deleted file mode 100644
index a8678d13e..000000000
--- a/security/nss/lib/base/hash.c
+++ /dev/null
@@ -1,401 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * hash.c
- *
- * This is merely a couple wrappers around NSPR's PLHashTable, using
- * the identity hash and arena-aware allocators.
- * This is a copy of ckfw/hash.c, with modifications to use NSS types
- * (not Cryptoki types). Would like for this to be a single implementation,
- * but doesn't seem like it will work.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * nssHash
- *
- * nssHash_Create
- * nssHash_Destroy
- * nssHash_Add
- * nssHash_Remove
- * nssHash_Count
- * nssHash_Exists
- * nssHash_Lookup
- * nssHash_Iterate
- */
-
-struct nssHashStr {
- NSSArena *arena;
- PRBool i_alloced_arena;
- PRLock *mutex;
-
- /*
- * The invariant that mutex protects is:
- * The count accurately reflects the hashtable state.
- */
-
- PLHashTable *plHashTable;
- PRUint32 count;
-};
-
-static PLHashNumber
-nss_identity_hash
-(
- const void *key
-)
-{
- PRUint32 i = (PRUint32)key;
- PR_ASSERT(sizeof(PLHashNumber) == sizeof(PRUint32));
- return (PLHashNumber)i;
-}
-
-static PLHashNumber
-nss_item_hash
-(
- const void *key
-)
-{
- int i;
- PLHashNumber h;
- NSSItem *it = (NSSItem *)key;
- h = 0;
- for (i=0; i<it->size; i++)
- h = (h >> 28) ^ (h << 4) ^ ((unsigned char *)it->data)[i];
- return h;
-}
-
-static int
-nss_compare_items(const void *v1, const void *v2)
-{
- PRStatus ignore;
- return (int)nssItem_Equal((NSSItem *)v1, (NSSItem *)v2, &ignore);
-}
-
-/*
- * nssHash_create
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_Create
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets,
- PLHashFunction keyHash,
- PLHashComparator keyCompare,
- PLHashComparator valueCompare
-)
-{
- nssHash *rv;
- NSSArena *arena;
- PRBool i_alloced;
-
-#ifdef NSSDEBUG
- if( arenaOpt && PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (nssHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if (arenaOpt) {
- arena = arenaOpt;
- i_alloced = PR_FALSE;
- } else {
- arena = nssArena_Create();
- i_alloced = PR_TRUE;
- }
-
- rv = nss_ZNEW(arena, nssHash);
- if( (nssHash *)NULL == rv ) {
- goto loser;
- }
-
- rv->mutex = PZ_NewLock(nssILockOther);
- if( (PZLock *)NULL == rv->mutex ) {
- goto loser;
- }
-
- rv->plHashTable = PL_NewHashTable(numBuckets,
- keyHash, keyCompare, valueCompare,
- &nssArenaHashAllocOps, arena);
- if( (PLHashTable *)NULL == rv->plHashTable ) {
- (void)PZ_DestroyLock(rv->mutex);
- goto loser;
- }
-
- rv->count = 0;
- rv->arena = arena;
- rv->i_alloced_arena = i_alloced;
-
- return rv;
-loser:
- (void)nss_ZFreeIf(rv);
- return (nssHash *)NULL;
-}
-
-/*
- * nssHash_CreatePointer
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_CreatePointer
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-)
-{
- return nssHash_Create(arenaOpt, numBuckets,
- nss_identity_hash, PL_CompareValues, PL_CompareValues);
-}
-
-/*
- * nssHash_CreateString
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_CreateString
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-)
-{
- return nssHash_Create(arenaOpt, numBuckets,
- PL_HashString, PL_CompareStrings, PL_CompareStrings);
-}
-
-/*
- * nssHash_CreateItem
- *
- */
-NSS_IMPLEMENT nssHash *
-nssHash_CreateItem
-(
- NSSArena *arenaOpt,
- PRUint32 numBuckets
-)
-{
- return nssHash_Create(arenaOpt, numBuckets,
- nss_item_hash, nss_compare_items, PL_CompareValues);
-}
-
-/*
- * nssHash_Destroy
- *
- */
-NSS_IMPLEMENT void
-nssHash_Destroy
-(
- nssHash *hash
-)
-{
- (void)PZ_DestroyLock(hash->mutex);
- PL_HashTableDestroy(hash->plHashTable);
- if (hash->i_alloced_arena) {
- nssArena_Destroy(hash->arena);
- } else {
- nss_ZFreeIf(hash);
- }
-}
-
-/*
- * nssHash_Add
- *
- */
-NSS_IMPLEMENT PRStatus
-nssHash_Add
-(
- nssHash *hash,
- const void *key,
- const void *value
-)
-{
- PRStatus error = PR_SUCCESS;
- PLHashEntry *he;
-
- PZ_Lock(hash->mutex);
-
- he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
- if( (PLHashEntry *)NULL == he ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- } else {
- hash->count++;
- }
-
- (void)PZ_Unlock(hash->mutex);
-
- return error;
-}
-
-/*
- * nssHash_Remove
- *
- */
-NSS_IMPLEMENT void
-nssHash_Remove
-(
- nssHash *hash,
- const void *it
-)
-{
- PRBool found;
-
- PZ_Lock(hash->mutex);
-
- found = PL_HashTableRemove(hash->plHashTable, it);
- if( found ) {
- hash->count--;
- }
-
- (void)PZ_Unlock(hash->mutex);
- return;
-}
-
-/*
- * nssHash_Count
- *
- */
-NSS_IMPLEMENT PRUint32
-nssHash_Count
-(
- nssHash *hash
-)
-{
- PRUint32 count;
-
- PZ_Lock(hash->mutex);
-
- count = hash->count;
-
- (void)PZ_Unlock(hash->mutex);
-
- return count;
-}
-
-/*
- * nssHash_Exists
- *
- */
-NSS_IMPLEMENT PRBool
-nssHash_Exists
-(
- nssHash *hash,
- const void *it
-)
-{
- void *value;
-
- PZ_Lock(hash->mutex);
-
- value = PL_HashTableLookup(hash->plHashTable, it);
-
- (void)PZ_Unlock(hash->mutex);
-
- if( (void *)NULL == value ) {
- return PR_FALSE;
- } else {
- return PR_TRUE;
- }
-}
-
-/*
- * nssHash_Lookup
- *
- */
-NSS_IMPLEMENT void *
-nssHash_Lookup
-(
- nssHash *hash,
- const void *it
-)
-{
- void *rv;
-
- PZ_Lock(hash->mutex);
-
- rv = PL_HashTableLookup(hash->plHashTable, it);
-
- (void)PZ_Unlock(hash->mutex);
-
- return rv;
-}
-
-struct arg_str {
- nssHashIterator fcn;
- void *closure;
-};
-
-static PRIntn
-nss_hash_enumerator
-(
- PLHashEntry *he,
- PRIntn index,
- void *arg
-)
-{
- struct arg_str *as = (struct arg_str *)arg;
- as->fcn(he->key, he->value, as->closure);
- return HT_ENUMERATE_NEXT;
-}
-
-/*
- * nssHash_Iterate
- *
- * NOTE that the iteration function will be called with the hashtable locked.
- */
-NSS_IMPLEMENT void
-nssHash_Iterate
-(
- nssHash *hash,
- nssHashIterator fcn,
- void *closure
-)
-{
- struct arg_str as;
- as.fcn = fcn;
- as.closure = closure;
-
- PZ_Lock(hash->mutex);
-
- PL_HashTableEnumerateEntries(hash->plHashTable, nss_hash_enumerator, &as);
-
- (void)PZ_Unlock(hash->mutex);
-
- return;
-}
diff --git a/security/nss/lib/base/hashops.c b/security/nss/lib/base/hashops.c
deleted file mode 100644
index 1628f3797..000000000
--- a/security/nss/lib/base/hashops.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * hashops.c
- *
- * This file includes a set of PLHashAllocOps that use NSSArenas.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-static void * PR_CALLBACK
-nss_arena_hash_alloc_table
-(
- void *pool,
- PRSize size
-)
-{
- NSSArena *arena = (NSSArena *)pool;
-
-#ifdef NSSDEBUG
- if( (void *)NULL != arena ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return (void *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- return nss_ZAlloc(arena, size);
-}
-
-static void PR_CALLBACK
-nss_arena_hash_free_table
-(
- void *pool,
- void *item
-)
-{
- (void)nss_ZFreeIf(item);
-}
-
-static PLHashEntry * PR_CALLBACK
-nss_arena_hash_alloc_entry
-(
- void *pool,
- const void *key
-)
-{
- NSSArena *arena = (NSSArena *)pool;
-
-#ifdef NSSDEBUG
- if( (void *)NULL != arena ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- return (void *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- return nss_ZNEW(arena, PLHashEntry);
-}
-
-static void PR_CALLBACK
-nss_arena_hash_free_entry
-(
- void *pool,
- PLHashEntry *he,
- PRUintn flag
-)
-{
- if( HT_FREE_ENTRY == flag ) {
- (void)nss_ZFreeIf(he);
- }
-}
-
-NSS_IMPLEMENT_DATA PLHashAllocOps
-nssArenaHashAllocOps = {
- nss_arena_hash_alloc_table,
- nss_arena_hash_free_table,
- nss_arena_hash_alloc_entry,
- nss_arena_hash_free_entry
-};
diff --git a/security/nss/lib/base/item.c b/security/nss/lib/base/item.c
deleted file mode 100644
index efa9d1200..000000000
--- a/security/nss/lib/base/item.c
+++ /dev/null
@@ -1,241 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * item.c
- *
- * This contains some item-manipulation code.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * nssItem_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-nssItem_Create
-(
- NSSArena *arenaOpt,
- NSSItem *rvOpt,
- PRUint32 length,
- const void *data
-)
-{
- NSSItem *rv = (NSSItem *)NULL;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-
- if( (const void *)NULL == data ) {
- if( length > 0 ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSItem *)NULL;
- }
- }
-#endif /* DEBUG */
-
- if( (NSSItem *)NULL == rvOpt ) {
- rv = (NSSItem *)nss_ZNEW(arenaOpt, NSSItem);
- if( (NSSItem *)NULL == rv ) {
- goto loser;
- }
- } else {
- rv = rvOpt;
- }
-
- rv->size = length;
- rv->data = nss_ZAlloc(arenaOpt, length);
- if( (void *)NULL == rv->data ) {
- goto loser;
- }
-
- if( length > 0 ) {
- (void)nsslibc_memcpy(rv->data, data, length);
- }
-
- return rv;
-
- loser:
- if( rv != rvOpt ) {
- nss_ZFreeIf(rv);
- }
-
- return (NSSItem *)NULL;
-}
-
-NSS_IMPLEMENT void
-nssItem_Destroy
-(
- NSSItem *item
-)
-{
- nss_ClearErrorStack();
-
- nss_ZFreeIf(item->data);
- nss_ZFreeIf(item);
-
-}
-
-/*
- * nssItem_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-nssItem_Duplicate
-(
- NSSItem *obj,
- NSSArena *arenaOpt,
- NSSItem *rvOpt
-)
-{
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-
- if( (NSSItem *)NULL == obj ) {
- nss_SetError(NSS_ERROR_INVALID_ITEM);
- return (NSSItem *)NULL;
- }
-#endif /* DEBUG */
-
- return nssItem_Create(arenaOpt, rvOpt, obj->size, obj->data);
-}
-
-#ifdef DEBUG
-/*
- * nssItem_verifyPointer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssItem_verifyPointer
-(
- const NSSItem *item
-)
-{
- if( ((const NSSItem *)NULL == item) ||
- (((void *)NULL == item->data) && (item->size > 0)) ) {
- nss_SetError(NSS_ERROR_INVALID_ITEM);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-/*
- * nssItem_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_TRUE if the items are identical
- * PR_FALSE if they aren't
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssItem_Equal
-(
- const NSSItem *one,
- const NSSItem *two,
- PRStatus *statusOpt
-)
-{
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- if( ((const NSSItem *)NULL == one) && ((const NSSItem *)NULL == two) ) {
- return PR_TRUE;
- }
-
- if( ((const NSSItem *)NULL == one) || ((const NSSItem *)NULL == two) ) {
- return PR_FALSE;
- }
-
- if( one->size != two->size ) {
- return PR_FALSE;
- }
-
- return nsslibc_memequal(one->data, two->data, one->size, statusOpt);
-}
diff --git a/security/nss/lib/base/libc.c b/security/nss/lib/base/libc.c
deleted file mode 100644
index 68ab9d920..000000000
--- a/security/nss/lib/base/libc.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * libc.c
- *
- * This file contains our wrappers/reimplementations for "standard"
- * libc functions. Things like "memcpy." We add to this as we need
- * it. Oh, and let's keep it in alphabetical order, should it ever
- * get large. Most string/character stuff should be in utf8.c, not
- * here. This file (and maybe utf8.c) should be the only ones in
- * NSS to include files with angle brackets.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#include <string.h> /* memcpy, memset */
-
-/*
- * nsslibc_memcpy
- * nsslibc_memset
- * nsslibc_offsetof
- * nsslibc_memequal
- */
-
-/*
- * nsslibc_memcpy
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * NULL on error
- * The destination pointer on success
- */
-
-NSS_IMPLEMENT void *
-nsslibc_memcpy
-(
- void *dest,
- const void *source,
- PRUint32 n
-)
-{
-#ifdef NSSDEBUG
- if( ((void *)NULL == dest) || ((const void *)NULL == source) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (void *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return memcpy(dest, source, (size_t)n);
-}
-
-/*
- * nsslibc_memset
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * NULL on error
- * The destination pointer on success
- */
-
-NSS_IMPLEMENT void *
-nsslibc_memset
-(
- void *dest,
- PRUint8 byte,
- PRUint32 n
-)
-{
-#ifdef NSSDEBUG
- if( ((void *)NULL == dest) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (void *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return memset(dest, (int)byte, (size_t)n);
-}
-
-/*
- * nsslibc_memequal
- *
- * Errors:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if they match
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nsslibc_memequal
-(
- const void *a,
- const void *b,
- PRUint32 len,
- PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
- if( (((void *)NULL == a) || ((void *)NULL == b)) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- if( 0 == memcmp(a, b, len) ) {
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-/*
- * nsslibc_memcmp
- */
-
-NSS_IMPLEMENT PRInt32
-nsslibc_memcmp
-(
- const void *a,
- const void *b,
- PRUint32 len,
- PRStatus *statusOpt
-)
-{
- int v;
-
-#ifdef NSSDEBUG
- if( (((void *)NULL == a) || ((void *)NULL == b)) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return -2;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- v = memcmp(a, b, len);
- return (PRInt32)v;
-}
-
-/*
- * offsetof is a preprocessor definition
- */
diff --git a/security/nss/lib/base/list.c b/security/nss/lib/base/list.c
deleted file mode 100644
index 1469f68d4..000000000
--- a/security/nss/lib/base/list.c
+++ /dev/null
@@ -1,374 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * list.c
- *
- * This contains the implementation of NSS's thread-safe linked list.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-struct nssListElementStr {
- PRCList link;
- void *data;
-};
-
-typedef struct nssListElementStr nssListElement;
-
-struct nssListStr {
- NSSArena *arena;
- PZLock *lock;
- nssListElement *head;
- PRUint32 count;
- nssListCompareFunc compareFunc;
- nssListSortFunc sortFunc;
- PRBool i_alloced_arena;
-};
-
-struct nssListIteratorStr {
- nssList *list;
- nssListElement *current;
-};
-
-#define NSSLIST_LOCK_IF(list) \
- if ((list)->lock) PZ_Lock((list)->lock)
-
-#define NSSLIST_UNLOCK_IF(list) \
- if ((list)->lock) PZ_Unlock((list)->lock)
-
-static PRBool
-pointer_compare(void *a, void *b)
-{
- return (PRBool)(a == b);
-}
-
-static nssListElement *
-nsslist_get_matching_element(nssList *list, void *data)
-{
- PRCList *link;
- nssListElement *node;
- node = list->head;
- link = &node->link;
- while (node) {
- /* using a callback slows things down when it's just compare ... */
- if (list->compareFunc(node->data, data)) {
- break;
- }
- link = &node->link;
- if (link == PR_LIST_TAIL(&list->head->link)) {
- node = NULL;
- break;
- }
- node = (nssListElement *)PR_NEXT_LINK(&node->link);
- }
- return node;
-}
-
-NSS_IMPLEMENT nssList *
-nssList_Create
-(
- NSSArena *arenaOpt,
- PRBool threadSafe
-)
-{
- NSSArena *arena;
- nssList *list;
- PRBool i_alloced;
- if (arenaOpt) {
- arena = arenaOpt;
- i_alloced = PR_FALSE;
- } else {
- arena = nssArena_Create();
- i_alloced = PR_TRUE;
- }
- if (!arena) {
- return (nssList *)NULL;
- }
- list = nss_ZNEW(arena, nssList);
- if (!list) {
- return (nssList *)NULL;
- }
- if (threadSafe) {
- list->lock = PZ_NewLock(nssILockOther);
- if (!list->lock) {
- if (arenaOpt) {
- nss_ZFreeIf(list);
- } else {
- NSSArena_Destroy(arena);
- }
- return (nssList *)NULL;
- }
- }
- list->arena = arena;
- list->i_alloced_arena = i_alloced;
- list->compareFunc = pointer_compare;
- return list;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_Destroy(nssList *list)
-{
- if (!list->i_alloced_arena) {
- nssList_Clear(list, NULL);
- }
- if (list->lock) {
- (void)PZ_DestroyLock(list->lock);
- }
- if (list->i_alloced_arena) {
- NSSArena_Destroy(list->arena);
- list = NULL;
- }
- nss_ZFreeIf(list);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void
-nssList_SetCompareFunction(nssList *list, nssListCompareFunc compareFunc)
-{
- list->compareFunc = compareFunc;
-}
-
-NSS_IMPLEMENT void
-nssList_SetSortFunction(nssList *list, nssListSortFunc sortFunc)
-{
- /* XXX if list already has elements, sort them */
- list->sortFunc = sortFunc;
-}
-
-NSS_IMPLEMENT nssListCompareFunc
-nssList_GetCompareFunction(nssList *list)
-{
- return list->compareFunc;
-}
-
-NSS_IMPLEMENT void
-nssList_Clear(nssList *list, nssListElementDestructorFunc destructor)
-{
- PRCList *link;
- nssListElement *node, *tmp;
- NSSLIST_LOCK_IF(list);
- node = list->head;
- while (node && list->count > 0) {
- if (destructor) (*destructor)(node->data);
- link = &node->link;
- tmp = (nssListElement *)PR_NEXT_LINK(link);
- PR_REMOVE_LINK(link);
- nss_ZFreeIf(node);
- node = tmp;
- --list->count;
- }
- NSSLIST_UNLOCK_IF(list);
-}
-
-static PRStatus
-nsslist_add_element(nssList *list, void *data)
-{
- nssListElement *node = nss_ZNEW(list->arena, nssListElement);
- PR_INIT_CLIST(&node->link);
- node->data = data;
- if (list->head) {
- if (list->sortFunc) {
- PRCList *link;
- nssListElement *currNode;
- currNode = list->head;
- /* insert in ordered list */
- while (currNode) {
- link = &currNode->link;
- if (list->sortFunc(data, currNode->data) <= 0) {
- /* new element goes before current node */
- PR_INSERT_BEFORE(&node->link, link);
- /* reset head if this is first */
- if (currNode == list->head) list->head = node;
- break;
- }
- if (link == PR_LIST_TAIL(&list->head->link)) {
- /* reached end of list, append */
- PR_INSERT_AFTER(&node->link, link);
- break;
- }
- currNode = (nssListElement *)PR_NEXT_LINK(&currNode->link);
- }
- } else {
- /* not sorting */
- PR_APPEND_LINK(&node->link, &list->head->link);
- }
- } else {
- list->head = node;
- }
- ++list->count;
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_Add(nssList *list, void *data)
-{
- PRStatus nssrv;
- NSSLIST_LOCK_IF(list);
- nssrv = nsslist_add_element(list, data);
- NSSLIST_UNLOCK_IF(list);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_AddUnique(nssList *list, void *data)
-{
- PRStatus nssrv;
- nssListElement *node;
- NSSLIST_LOCK_IF(list);
- node = nsslist_get_matching_element(list, data);
- if (node) {
- /* already in, finish */
- NSSLIST_UNLOCK_IF(list);
- return PR_SUCCESS;
- }
- nssrv = nsslist_add_element(list, data);
- NSSLIST_UNLOCK_IF(list);
- return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_Remove(nssList *list, void *data)
-{
- nssListElement *node;
- NSSLIST_LOCK_IF(list);
- node = nsslist_get_matching_element(list, data);
- if (node) {
- if (node == list->head) {
- list->head = (nssListElement *)PR_NEXT_LINK(&node->link);
- }
- PR_REMOVE_LINK(&node->link);
- nss_ZFreeIf(node);
- --list->count;
- }
- NSSLIST_UNLOCK_IF(list);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT void *
-nssList_Get(nssList *list, void *data)
-{
- nssListElement *node;
- NSSLIST_LOCK_IF(list);
- node = nsslist_get_matching_element(list, data);
- NSSLIST_UNLOCK_IF(list);
- return (node) ? node->data : NULL;
-}
-
-NSS_IMPLEMENT PRUint32
-nssList_Count(nssList *list)
-{
- return list->count;
-}
-
-NSS_IMPLEMENT PRStatus
-nssList_GetArray(nssList *list, void **rvArray, PRUint32 maxElements)
-{
- nssListIterator *iter;
- void *el;
- PRUint32 i = 0;
- PR_ASSERT(maxElements > 0);
- iter = nssList_CreateIterator(list);
- for (el = nssListIterator_Start(iter); el != NULL;
- el = nssListIterator_Next(iter))
- {
- rvArray[i++] = el;
- if (i == maxElements) break;
- }
- nssListIterator_Finish(iter);
- nssListIterator_Destroy(iter);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT nssListIterator *
-nssList_CreateIterator(nssList *list)
-{
- nssListIterator *rvIterator;
- rvIterator = nss_ZNEW(list->arena, nssListIterator);
- rvIterator->list = list;
- rvIterator->current = list->head;
- return rvIterator;
-}
-
-NSS_IMPLEMENT void
-nssListIterator_Destroy(nssListIterator *iter)
-{
- nss_ZFreeIf(iter);
-}
-
-NSS_IMPLEMENT void *
-nssListIterator_Start(nssListIterator *iter)
-{
- NSSLIST_LOCK_IF(iter->list);
- if (iter->list->count == 0) {
- return NULL;
- }
- iter->current = iter->list->head;
- return iter->current->data;
-}
-
-NSS_IMPLEMENT void *
-nssListIterator_Next(nssListIterator *iter)
-{
- nssListElement *node;
- PRCList *link;
- if (iter->list->count == 1 || iter->current == NULL) {
- /* Reached the end of the list. Don't change the state, force to
- * user to call nssList_Finish to clean up.
- */
- return NULL;
- }
- node = (nssListElement *)PR_NEXT_LINK(&iter->current->link);
- link = &node->link;
- if (link == PR_LIST_TAIL(&iter->list->head->link)) {
- /* Signal the end of the list. */
- iter->current = NULL;
- return node->data;
- }
- iter->current = node;
- return node->data;
-}
-
-NSS_IMPLEMENT PRStatus
-nssListIterator_Finish(nssListIterator *iter)
-{
- iter->current = iter->list->head;
- return (iter->list->lock) ? PZ_Unlock(iter->list->lock) : PR_SUCCESS;
-}
-
diff --git a/security/nss/lib/base/manifest.mn b/security/nss/lib/base/manifest.mn
deleted file mode 100644
index 13cf9447b..000000000
--- a/security/nss/lib/base/manifest.mn
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- baset.h \
- base.h \
- $(NULL)
-
-EXPORTS = \
- nssbaset.h \
- nssbase.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- arena.c \
- error.c \
- errorval.c \
- hashops.c \
- libc.c \
- tracker.c \
- item.c \
- utf8.c \
- list.c \
- hash.c \
- whatnspr.c \
- $(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nssb
diff --git a/security/nss/lib/base/nssbase.h b/security/nss/lib/base/nssbase.h
deleted file mode 100644
index 3960a7810..000000000
--- a/security/nss/lib/base/nssbase.h
+++ /dev/null
@@ -1,167 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSBASE_H
-#define NSSBASE_H
-
-#ifdef DEBUG
-static const char NSSBASE_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssbase.h
- *
- * This header file contains the prototypes of the basic public
- * NSS routines.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSArena
- *
- * The public methods relating to this type are:
- *
- * NSSArena_Create -- constructor
- * NSSArena_Destroy
- */
-
-/*
- * NSSArena_Create
- *
- * This routine creates a new memory arena. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The top-level error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSArena upon success
- */
-
-NSS_EXTERN NSSArena *
-NSSArena_Create
-(
- void
-);
-
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSArena_Destroy
- *
- * This routine will destroy the specified arena, freeing all memory
- * allocated from it. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The top-level error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSArena_Destroy
-(
- NSSArena *arena
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-
-/*
- * The error stack
- *
- * The public methods relating to the error stack are:
- *
- * NSS_GetError
- * NSS_GetErrorStack
- */
-
-/*
- * NSS_GetError
- *
- * This routine returns the highest-level (most general) error set
- * by the most recent NSS library routine called by the same thread
- * calling this routine.
- *
- * This routine cannot fail. It may return NSS_ERROR_NO_ERROR, which
- * indicates that the previous NSS library call did not set an error.
- *
- * Return value:
- * 0 if no error has been set
- * A nonzero error number
- */
-
-NSS_EXTERN NSSError
-NSS_GetError
-(
- void
-);
-
-extern const NSSError NSS_ERROR_NO_ERROR;
-
-/*
- * NSS_GetErrorStack
- *
- * This routine returns a pointer to an array of NSSError values,
- * containingthe entire sequence or "stack" of errors set by the most
- * recent NSS library routine called by the same thread calling this
- * routine. NOTE: the caller DOES NOT OWN the memory pointed to by
- * the return value. The pointer will remain valid until the calling
- * thread calls another NSS routine. The lowest-level (most specific)
- * error is first in the array, and the highest-level is last. The
- * array is zero-terminated. This routine may return NULL upon error;
- * this indicates a low-memory situation.
- *
- * Return value:
- * NULL upon error, which is an implied NSS_ERROR_NO_MEMORY
- * A NON-caller-owned pointer to an array of NSSError values
- */
-
-NSS_EXTERN NSSError *
-NSS_GetErrorStack
-(
- void
-);
-
-PR_END_EXTERN_C
-
-#endif /* NSSBASE_H */
diff --git a/security/nss/lib/base/nssbaset.h b/security/nss/lib/base/nssbaset.h
deleted file mode 100644
index c3e84c46e..000000000
--- a/security/nss/lib/base/nssbaset.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSBASET_H
-#define NSSBASET_H
-
-#ifdef DEBUG
-static const char NSSBASET_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssbaset.h
- *
- * This file contains the most low-level, fundamental public types.
- */
-
-#include "nspr.h"
-#include "nssilock.h"
-
-/*
- * NSS_EXTERN, NSS_IMPLEMENT, NSS_EXTERN_DATA, NSS_IMPLEMENT_DATA
- *
- * NSS has its own versions of these NSPR macros, in a form which
- * does not confuse ctags and other related utilities. NSPR
- * defines these macros to take the type as an argument, because
- * of a requirement to support win16 dlls. We do not have that
- * requirement, so we can drop that restriction.
- */
-
-#define DUMMY /* dummy */
-#define NSS_EXTERN PR_EXTERN(DUMMY)
-#define NSS_IMPLEMENT PR_IMPLEMENT(DUMMY)
-#define NSS_EXTERN_DATA PR_EXTERN_DATA(DUMMY)
-#define NSS_IMPLEMENT_DATA PR_IMPLEMENT_DATA(DUMMY)
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSError
- *
- * Calls to NSS routines may result in one or more errors being placed
- * on the calling thread's "error stack." Every possible error that
- * may be returned from a function is declared where the function is
- * prototyped. All errors are of the following type.
- */
-
-typedef PRInt32 NSSError;
-
-/*
- * NSSArena
- *
- * Arenas are logical sets of heap memory, from which memory may be
- * allocated. When an arena is destroyed, all memory allocated within
- * that arena is implicitly freed. These arenas are thread-safe:
- * an arena pointer may be used by multiple threads simultaneously.
- * However, as they are not backed by shared memory, they may only be
- * used within one process.
- */
-
-struct NSSArenaStr;
-typedef struct NSSArenaStr NSSArena;
-
-/*
- * NSSItem
- *
- * This is the basic type used to refer to an unconstrained datum of
- * arbitrary size.
- */
-
-struct NSSItemStr {
- void *data;
- PRUint32 size;
-};
-typedef struct NSSItemStr NSSItem;
-
-
-/*
- * NSSBER
- *
- * Data packed according to the Basic Encoding Rules of ASN.1.
- */
-
-typedef NSSItem NSSBER;
-
-/*
- * NSSDER
- *
- * Data packed according to the Distinguished Encoding Rules of ASN.1;
- * this form is also known as the Canonical Encoding Rules form (CER).
- */
-
-typedef NSSBER NSSDER;
-
-/*
- * NSSBitString
- *
- * Some ASN.1 types use "bit strings," which are passed around as
- * octet strings but whose length is counted in bits. We use this
- * typedef of NSSItem to point out the occasions when the length
- * is counted in bits, not octets.
- */
-
-typedef NSSItem NSSBitString;
-
-/*
- * NSSUTF8
- *
- * Character strings encoded in UTF-8, as defined by RFC 2279.
- */
-
-typedef char NSSUTF8;
-
-/*
- * NSSASCII7
- *
- * Character strings guaranteed to be 7-bit ASCII.
- */
-
-typedef char NSSASCII7;
-
-PR_END_EXTERN_C
-
-#endif /* NSSBASET_H */
diff --git a/security/nss/lib/base/tracker.c b/security/nss/lib/base/tracker.c
deleted file mode 100644
index 5198388a2..000000000
--- a/security/nss/lib/base/tracker.c
+++ /dev/null
@@ -1,544 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * tracker.c
- *
- * This file contains the code used by the pointer-tracking calls used
- * in the debug builds to catch bad pointers. The entire contents are
- * only available in debug builds (both internal and external builds).
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifdef DEBUG
-
-/*
- * call_once
- *
- * Unfortunately, NSPR's PR_CallOnce function doesn't accept a closure
- * variable. So I have a static version here which does. This code
- * is based on NSPR's, and uses the NSPR function to initialize the
- * required lock.
- */
-
-/*
- * The is the "once block" that's passed to the "real" PR_CallOnce
- * function, to call the local initializer myOnceFunction once.
- */
-static PRCallOnceType myCallOnce;
-
-/*
- * This structure is used by the call_once function to make sure that
- * any "other" threads calling the call_once don't return too quickly,
- * before the initializer has finished.
- */
-static struct {
- PZLock *ml;
- PZCondVar *cv;
-} mod_init;
-
-/*
- * This is the initializer for the above mod_init structure.
- */
-static PRStatus
-myOnceFunction
-(
- void
-)
-{
- mod_init.ml = PZ_NewLock(nssILockOther);
- if( (PZLock *)NULL == mod_init.ml ) {
- return PR_FAILURE;
- }
-
- mod_init.cv = PZ_NewCondVar(mod_init.ml);
- if( (PZCondVar *)NULL == mod_init.cv ) {
- PZ_DestroyLock(mod_init.ml);
- mod_init.ml = (PZLock *)NULL;
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * The nss call_once callback takes a closure argument.
- */
-typedef PRStatus (PR_CALLBACK *nssCallOnceFN)(void *arg);
-
-/*
- * NSS's call_once function.
- */
-static PRStatus
-call_once
-(
- PRCallOnceType *once,
- nssCallOnceFN func,
- void *arg
-)
-{
- PRStatus rv;
-
- if( !myCallOnce.initialized ) {
- rv = PR_CallOnce(&myCallOnce, myOnceFunction);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
- }
-
- if( !once->initialized ) {
- if( 0 == PR_AtomicSet(&once->inProgress, 1) ) {
- once->status = (*func)(arg);
- PZ_Lock(mod_init.ml);
- once->initialized = 1;
- PZ_NotifyAllCondVar(mod_init.cv);
- PZ_Unlock(mod_init.ml);
- } else {
- PZ_Lock(mod_init.ml);
- while( !once->initialized ) {
- PZ_WaitCondVar(mod_init.cv, PR_INTERVAL_NO_TIMEOUT);
- }
- PZ_Unlock(mod_init.ml);
- }
- }
-
- return once->status;
-}
-
-/*
- * Now we actually get to my own "call once" payload function.
- * But wait, to create the hash, I need a hash function!
- */
-
-/*
- * identity_hash
- *
- * This static callback is a PLHashFunction as defined in plhash.h
- * It merely returns the value of the object pointer as its hash.
- * There are no possible errors.
- */
-
-static PLHashNumber PR_CALLBACK
-identity_hash
-(
- const void *key
-)
-{
- return (PLHashNumber)key;
-}
-
-/*
- * trackerOnceFunc
- *
- * This function is called once, using the nssCallOnce function above.
- * It creates a new pointer tracker object; initialising its hash
- * table and protective lock.
- */
-
-static PRStatus
-trackerOnceFunc
-(
- void *arg
-)
-{
- nssPointerTracker *tracker = (nssPointerTracker *)arg;
-
- tracker->lock = PZ_NewLock(nssILockOther);
- if( (PZLock *)NULL == tracker->lock ) {
- return PR_FAILURE;
- }
-
- tracker->table = PL_NewHashTable(0,
- identity_hash,
- PL_CompareValues,
- PL_CompareValues,
- (PLHashAllocOps *)NULL,
- (void *)NULL);
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_DestroyLock(tracker->lock);
- tracker->lock = (PZLock *)NULL;
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_initialize
- *
- * This method is only present in debug builds.
- *
- * This routine initializes an nssPointerTracker object. Note that
- * the object must have been declared *static* to guarantee that it
- * is in a zeroed state initially. This routine is idempotent, and
- * may even be safely called by multiple threads simultaneously with
- * the same argument. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. On failure it will set an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_initialize
-(
- nssPointerTracker *tracker
-)
-{
- PRStatus rv = call_once(&tracker->once, trackerOnceFunc, tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- }
-
- return rv;
-}
-
-#ifdef DONT_DESTROY_EMPTY_TABLES
-/* See same #ifdef below */
-/*
- * count_entries
- *
- * This static routine is a PLHashEnumerator, as defined in plhash.h.
- * It merely causes the enumeration function to count the number of
- * entries.
- */
-
-static PRIntn PR_CALLBACK
-count_entries
-(
- PLHashEntry *he,
- PRIntn index,
- void *arg
-)
-{
- return HT_ENUMERATE_NEXT;
-}
-#endif /* DONT_DESTROY_EMPTY_TABLES */
-
-/*
- * zero_once
- *
- * This is a guaranteed zeroed once block. It's used to help clear
- * the tracker.
- */
-
-static const PRCallOnceType zero_once;
-
-/*
- * nssPointerTracker_finalize
- *
- * This method is only present in debug builds.
- *
- * This routine returns the nssPointerTracker object to the pre-
- * initialized state, releasing all resources used by the object.
- * It will *NOT* destroy the objects being tracked by the pointer
- * (should any remain), and therefore cannot be used to "sweep up"
- * remaining objects. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCES. On failure it will set an
- * error on the error stack and return PR_FAILURE. If any objects
- * remain in the tracker when it is finalized, that will be treated
- * as an error.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_TRACKER_NOT_EMPTY
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_finalize
-(
- nssPointerTracker *tracker
-)
-{
- PZLock *lock;
- PRIntn count;
-
- if( (nssPointerTracker *)NULL == tracker ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( (PZLock *)NULL == tracker->lock ) {
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- lock = tracker->lock;
- PZ_Lock(lock);
-
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_Unlock(lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
-#ifdef DONT_DESTROY_EMPTY_TABLES
- /*
- * I changed my mind; I think we don't want this after all.
- * Comments?
- */
- count = PL_HashTableEnumerateEntries(tracker->table,
- count_entries,
- (void *)NULL);
-
- if( 0 != count ) {
- PZ_Unlock(lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_EMPTY);
- return PR_FAILURE;
- }
-#endif /* DONT_DESTROY_EMPTY_TABLES */
-
- PL_HashTableDestroy(tracker->table);
- /* memset(tracker, 0, sizeof(nssPointerTracker)); */
- tracker->once = zero_once;
- tracker->lock = (PZLock *)NULL;
- tracker->table = (PLHashTable *)NULL;
-
- PZ_Unlock(lock);
- PZ_DestroyLock(lock);
-
- return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_add
- *
- * This method is only present in debug builds.
- *
- * This routine adds the specified pointer to the nssPointerTracker
- * object. It should be called in constructor objects to register
- * new valid objects. The nssPointerTracker is threadsafe, but this
- * call is not idempotent. This routine returns a PRStatus value;
- * if successful it will return PR_SUCCESS. On failure it will set
- * an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_DUPLICATE_POINTER
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_add
-(
- nssPointerTracker *tracker,
- const void *pointer
-)
-{
- void *check;
- PLHashEntry *entry;
-
- if( (nssPointerTracker *)NULL == tracker ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( (PZLock *)NULL == tracker->lock ) {
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- PZ_Lock(tracker->lock);
-
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_Unlock(tracker->lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- check = PL_HashTableLookup(tracker->table, pointer);
- if( (void *)NULL != check ) {
- PZ_Unlock(tracker->lock);
- nss_SetError(NSS_ERROR_DUPLICATE_POINTER);
- return PR_FAILURE;
- }
-
- entry = PL_HashTableAdd(tracker->table, pointer, (void *)pointer);
-
- PZ_Unlock(tracker->lock);
-
- if( (PLHashEntry *)NULL == entry ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_remove
- *
- * This method is only present in debug builds.
- *
- * This routine removes the specified pointer from the
- * nssPointerTracker object. It does not call any destructor for the
- * object; rather, this should be called from the object's destructor.
- * The nssPointerTracker is threadsafe, but this call is not
- * idempotent. This routine returns a PRStatus value; if successful
- * it will return PR_SUCCESS. On failure it will set an error on the
- * error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILURE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_remove
-(
- nssPointerTracker *tracker,
- const void *pointer
-)
-{
- PRBool registered;
-
- if( (nssPointerTracker *)NULL == tracker ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( (PZLock *)NULL == tracker->lock ) {
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- PZ_Lock(tracker->lock);
-
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_Unlock(tracker->lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- registered = PL_HashTableRemove(tracker->table, pointer);
- PZ_Unlock(tracker->lock);
-
- if( !registered ) {
- nss_SetError(NSS_ERROR_POINTER_NOT_REGISTERED);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssPointerTracker_verify
- *
- * This method is only present in debug builds.
- *
- * This routine verifies that the specified pointer has been registered
- * with the nssPointerTracker object. The nssPointerTracker object is
- * threadsafe, and this call may be safely called from multiple threads
- * simultaneously with the same arguments. This routine returns a
- * PRStatus value; if the pointer is registered this will return
- * PR_SUCCESS. Otherwise it will set an error on the error stack and
- * return PR_FAILURE. Although the error is suitable for leaving on
- * the stack, callers may wish to augment the information available by
- * placing a more type-specific error on the stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_TRACKER_NOT_INITIALIZED
- * NSS_ERROR_POINTER_NOT_REGISTERED
- *
- * Return value:
- * PR_SUCCESS
- * PR_FAILRUE
- */
-
-NSS_IMPLEMENT PRStatus
-nssPointerTracker_verify
-(
- nssPointerTracker *tracker,
- const void *pointer
-)
-{
- void *check;
-
- if( (nssPointerTracker *)NULL == tracker ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( (PZLock *)NULL == tracker->lock ) {
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- PZ_Lock(tracker->lock);
-
- if( (PLHashTable *)NULL == tracker->table ) {
- PZ_Unlock(tracker->lock);
- nss_SetError(NSS_ERROR_TRACKER_NOT_INITIALIZED);
- return PR_FAILURE;
- }
-
- check = PL_HashTableLookup(tracker->table, pointer);
- PZ_Unlock(tracker->lock);
-
- if( (void *)NULL == check ) {
- nss_SetError(NSS_ERROR_POINTER_NOT_REGISTERED);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
diff --git a/security/nss/lib/base/utf8.c b/security/nss/lib/base/utf8.c
deleted file mode 100644
index 3a8641f95..000000000
--- a/security/nss/lib/base/utf8.c
+++ /dev/null
@@ -1,759 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * utf8.c
- *
- * This file contains some additional utility routines required for
- * handling UTF8 strings.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#include "plstr.h"
-
-/*
- * NOTES:
- *
- * There's an "is hex string" function in pki1/atav.c. If we need
- * it in more places, pull that one out.
- */
-
-/*
- * nssUTF8_CaseIgnoreMatch
- *
- * Returns true if the two UTF8-encoded strings pointed to by the
- * two specified NSSUTF8 pointers differ only in typcase.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if the strings match, ignoring case
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssUTF8_CaseIgnoreMatch
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
- if( ((const NSSUTF8 *)NULL == a) ||
- ((const NSSUTF8 *)NULL == b) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- /*
- * XXX fgmr
- *
- * This is, like, so wrong!
- */
- if( 0 == PL_strcasecmp((const char *)a, (const char *)b) ) {
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-/*
- * nssUTF8_PrintableMatch
- *
- * Returns true if the two Printable strings pointed to by the
- * two specified NSSUTF8 pointers match when compared with the
- * rules for Printable String (leading and trailing spaces are
- * disregarded, extents of whitespace match irregardless of length,
- * and case is not significant), then PR_TRUE will be returned.
- * Otherwise, PR_FALSE will be returned. Upon failure, PR_FALSE
- * will be returned. If the optional statusOpt argument is not
- * NULL, then PR_SUCCESS or PR_FAILURE will be stored in that
- * location.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_TRUE if the strings match, ignoring case
- * PR_FALSE if they don't
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssUTF8_PrintableMatch
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-)
-{
- PRUint8 *c;
- PRUint8 *d;
-
-#ifdef NSSDEBUG
- if( ((const NSSUTF8 *)NULL == a) ||
- ((const NSSUTF8 *)NULL == b) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- c = (PRUint8 *)a;
- d = (PRUint8 *)b;
-
- while( ' ' == *c ) {
- c++;
- }
-
- while( ' ' == *d ) {
- d++;
- }
-
- while( ('\0' != *c) && ('\0' != *d) ) {
- PRUint8 e, f;
-
- e = *c;
- f = *d;
-
- if( ('a' <= e) && (e <= 'z') ) {
- e -= ('a' - 'A');
- }
-
- if( ('a' <= f) && (f <= 'z') ) {
- f -= ('a' - 'A');
- }
-
- if( e != f ) {
- return PR_FALSE;
- }
-
- c++;
- d++;
-
- if( ' ' == *c ) {
- while( ' ' == *c ) {
- c++;
- }
- c--;
- }
-
- if( ' ' == *d ) {
- while( ' ' == *d ) {
- d++;
- }
- d--;
- }
- }
-
- while( ' ' == *c ) {
- c++;
- }
-
- while( ' ' == *d ) {
- d++;
- }
-
- if( *c == *d ) {
- /* And both '\0', btw */
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-/*
- * nssUTF8_Duplicate
- *
- * This routine duplicates the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer. If the optional arenaOpt argument is
- * not null, the memory required will be obtained from that arena;
- * otherwise, the memory required will be obtained from the heap.
- * A pointer to the new string will be returned. In case of error,
- * an error will be placed on the error stack and NULL will be
- * returned.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssUTF8_Duplicate
-(
- const NSSUTF8 *s,
- NSSArena *arenaOpt
-)
-{
- NSSUTF8 *rv;
- PRUint32 len;
-
-#ifdef NSSDEBUG
- if( (const NSSUTF8 *)NULL == s ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- len = PL_strlen((const char *)s);
-#ifdef PEDANTIC
- if( '\0' != ((const char *)s)[ len ] ) {
- /* must have wrapped, e.g., too big for PRUint32 */
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-#endif /* PEDANTIC */
- len++; /* zero termination */
-
- rv = nss_ZAlloc(arenaOpt, len);
- if( (void *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- (void)nsslibc_memcpy(rv, s, len);
- return rv;
-}
-
-/*
- * nssUTF8_Size
- *
- * This routine returns the length in bytes (including the terminating
- * null) of the UTF8-encoded string pointed to by the specified
- * NSSUTF8 pointer. Zero is returned on error.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * 0 on error
- * nonzero length of the string.
- */
-
-NSS_IMPLEMENT PRUint32
-nssUTF8_Size
-(
- const NSSUTF8 *s,
- PRStatus *statusOpt
-)
-{
- PRUint32 sv;
-
-#ifdef NSSDEBUG
- if( (const NSSUTF8 *)NULL == s ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return 0;
- }
-#endif /* NSSDEBUG */
-
- sv = PL_strlen((const char *)s) + 1;
-#ifdef PEDANTIC
- if( '\0' != ((const char *)s)[ sv-1 ] ) {
- /* wrapped */
- nss_SetError(NSS_ERROR_VALUE_TOO_LARGE);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return 0;
- }
-#endif /* PEDANTIC */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- return sv;
-}
-
-/*
- * nssUTF8_Length
- *
- * This routine returns the length in characters (not including the
- * terminating null) of the UTF8-encoded string pointed to by the
- * specified NSSUTF8 pointer.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_VALUE_TOO_LARGE
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * length of the string (which may be zero)
- * 0 on error
- */
-
-NSS_IMPLEMENT PRUint32
-nssUTF8_Length
-(
- const NSSUTF8 *s,
- PRStatus *statusOpt
-)
-{
- PRUint32 l = 0;
- const PRUint8 *c = (const PRUint8 *)s;
-
-#ifdef NSSDEBUG
- if( (const NSSUTF8 *)NULL == s ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- /*
- * From RFC 2044:
- *
- * UCS-4 range (hex.) UTF-8 octet sequence (binary)
- * 0000 0000-0000 007F 0xxxxxxx
- * 0000 0080-0000 07FF 110xxxxx 10xxxxxx
- * 0000 0800-0000 FFFF 1110xxxx 10xxxxxx 10xxxxxx
- * 0001 0000-001F FFFF 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0020 0000-03FF FFFF 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0400 0000-7FFF FFFF 1111110x 10xxxxxx ... 10xxxxxx
- */
-
- while( 0 != *c ) {
- PRUint32 incr;
- if( (*c & 0x80) == 0 ) {
- incr = 1;
- } else if( (*c & 0xE0) == 0xC0 ) {
- incr = 2;
- } else if( (*c & 0xF0) == 0xE0 ) {
- incr = 3;
- } else if( (*c & 0xF8) == 0xF0 ) {
- incr = 4;
- } else if( (*c & 0xFC) == 0xF8 ) {
- incr = 5;
- } else if( (*c & 0xFE) == 0xFC ) {
- incr = 6;
- } else {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- goto loser;
- }
-
- l += incr;
-
-#ifdef PEDANTIC
- if( l < incr ) {
- /* Wrapped-- too big */
- nss_SetError(NSS_ERROR_VALUE_TOO_LARGE);
- goto loser;
- }
-
- {
- PRUint8 *d;
- for( d = &c[1]; d < &c[incr]; d++ ) {
- if( (*d & 0xC0) != 0xF0 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- goto loser;
- }
- }
- }
-#endif /* PEDANTIC */
-
- c += incr;
- }
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- return l;
-
- loser:
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return 0;
-}
-
-
-/*
- * nssUTF8_Create
- *
- * This routine creates a UTF8 string from a string in some other
- * format. Some types of string may include embedded null characters,
- * so for them the length parameter must be used. For string types
- * that are null-terminated, the length parameter is optional; if it
- * is zero, it will be ignored. If the optional arena argument is
- * non-null, the memory used for the new string will be obtained from
- * that arena, otherwise it will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following:
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_UNSUPPORTED_TYPE
- *
- * Return value:
- * NULL upon error
- * A non-null pointer to a new UTF8 string otherwise
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR; /* XXX fgmr */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssUTF8_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- const void *inputString,
- PRUint32 size /* in bytes, not characters */
-)
-{
- NSSUTF8 *rv = NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-
- if( (const void *)NULL == inputString ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- switch( type ) {
- case nssStringType_DirectoryString:
- /* This is a composite type requiring BER */
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- break;
- case nssStringType_TeletexString:
- /*
- * draft-ietf-pkix-ipki-part1-11 says in part:
- *
- * In addition, many legacy implementations support names encoded
- * in the ISO 8859-1 character set (Latin1String) but tag them as
- * TeletexString. The Latin1String includes characters used in
- * Western European countries which are not part of the
- * TeletexString charcter set. Implementations that process
- * TeletexString SHOULD be prepared to handle the entire ISO
- * 8859-1 character set.[ISO 8859-1].
- */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_PrintableString:
- /*
- * PrintableString consists of A-Za-z0-9 ,()+,-./:=?
- * This is a subset of ASCII, which is a subset of UTF8.
- * So we can just duplicate the string over.
- */
-
- if( 0 == size ) {
- rv = nssUTF8_Duplicate((const NSSUTF8 *)inputString, arenaOpt);
- } else {
- rv = nss_ZAlloc(arenaOpt, size+1);
- if( (NSSUTF8 *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- (void)nsslibc_memcpy(rv, inputString, size);
- }
-
- break;
- case nssStringType_UniversalString:
- /* 4-byte unicode */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_BMPString:
- /* Base Multilingual Plane of Unicode */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_UTF8String:
- if( 0 == size ) {
- rv = nssUTF8_Duplicate((const NSSUTF8 *)inputString, arenaOpt);
- } else {
- rv = nss_ZAlloc(arenaOpt, size+1);
- if( (NSSUTF8 *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- (void)nsslibc_memcpy(rv, inputString, size);
- }
-
- break;
- case nssStringType_PHGString:
- /*
- * PHGString is an IA5String (with case-insensitive comparisons).
- * IA5 is ~almost~ ascii; ascii has dollar-sign where IA5 has
- * currency symbol.
- */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_GeneralString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- break;
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT NSSItem *
-nssUTF8_GetEncoding
-(
- NSSArena *arenaOpt,
- NSSItem *rvOpt,
- nssStringType type,
- NSSUTF8 *string
-)
-{
- NSSItem *rv = (NSSItem *)NULL;
- PRStatus status = PR_SUCCESS;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSItem *)NULL;
- }
-#endif /* NSSDEBUG */
-
- switch( type ) {
- case nssStringType_DirectoryString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_TeletexString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_PrintableString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_UniversalString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_BMPString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- case nssStringType_UTF8String:
- {
- NSSUTF8 *dup = nssUTF8_Duplicate(string, arenaOpt);
- if( (NSSUTF8 *)NULL == dup ) {
- return (NSSItem *)NULL;
- }
-
- if( (NSSItem *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSItem);
- if( (NSSItem *)NULL == rv ) {
- (void)nss_ZFreeIf(dup);
- return (NSSItem *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- rv->data = dup;
- dup = (NSSUTF8 *)NULL;
- rv->size = nssUTF8_Size(rv->data, &status);
- if( (0 == rv->size) && (PR_SUCCESS != status) ) {
- if( (NSSItem *)NULL == rvOpt ) {
- (void)nss_ZFreeIf(rv);
- }
- return (NSSItem *)NULL;
- }
- }
- break;
- case nssStringType_PHGString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR); /* unimplemented */
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_TYPE);
- break;
- }
-
- return rv;
-}
-
-/*
- * nssUTF8_CopyIntoFixedBuffer
- *
- * This will copy a UTF8 string into a fixed-length buffer, making
- * sure that the all characters are valid. Any remaining space will
- * be padded with the specified ASCII character, typically either
- * null or space.
- *
- * Blah, blah, blah.
- */
-
-NSS_IMPLEMENT PRStatus
-nssUTF8_CopyIntoFixedBuffer
-(
- NSSUTF8 *string,
- char *buffer,
- PRUint32 bufferSize,
- char pad
-)
-{
- PRUint32 stringSize = 0;
-
-#ifdef NSSDEBUG
- if( (char *)NULL == buffer ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FALSE;
- }
-
- if( 0 == bufferSize ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return PR_FALSE;
- }
-
- if( (pad & 0x80) != 0x00 ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == string ) {
- string = (NSSUTF8 *) "";
- }
-
- stringSize = nssUTF8_Size(string, (PRStatus *)NULL);
- stringSize--; /* don't count the trailing null */
- if( stringSize > bufferSize ) {
- PRUint32 bs = bufferSize;
- (void)nsslibc_memcpy(buffer, string, bufferSize);
-
- if( ( ((buffer[ bs-1 ] & 0x80) == 0x00)) ||
- ((bs > 1) && ((buffer[ bs-2 ] & 0xE0) == 0xC0)) ||
- ((bs > 2) && ((buffer[ bs-3 ] & 0xF0) == 0xE0)) ||
- ((bs > 3) && ((buffer[ bs-4 ] & 0xF8) == 0xF0)) ||
- ((bs > 4) && ((buffer[ bs-5 ] & 0xFC) == 0xF8)) ||
- ((bs > 5) && ((buffer[ bs-6 ] & 0xFE) == 0xFC)) ) {
- /* It fit exactly */
- return PR_SUCCESS;
- }
-
- /* Too long. We have to trim the last character */
- for( /*bs*/; bs != 0; bs-- ) {
- if( (buffer[bs-1] & 0xC0) != 0x80 ) {
- buffer[bs-1] = pad;
- break;
- } else {
- buffer[bs-1] = pad;
- }
- }
- } else {
- (void)nsslibc_memset(buffer, pad, bufferSize);
- (void)nsslibc_memcpy(buffer, string, stringSize);
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nssUTF8_Equal
- *
- */
-
-NSS_IMPLEMENT PRBool
-nssUTF8_Equal
-(
- const NSSUTF8 *a,
- const NSSUTF8 *b,
- PRStatus *statusOpt
-)
-{
- PRUint32 la, lb;
-
-#ifdef NSSDEBUG
- if( ((const NSSUTF8 *)NULL == a) ||
- ((const NSSUTF8 *)NULL == b) ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- la = nssUTF8_Size(a, statusOpt);
- if( 0 == la ) {
- return PR_FALSE;
- }
-
- lb = nssUTF8_Size(b, statusOpt);
- if( 0 == lb ) {
- return PR_FALSE;
- }
-
- if( la != lb ) {
- return PR_FALSE;
- }
-
- return nsslibc_memequal(a, b, la, statusOpt);
-}
diff --git a/security/nss/lib/base/whatnspr.c b/security/nss/lib/base/whatnspr.c
deleted file mode 100644
index e82c34166..000000000
--- a/security/nss/lib/base/whatnspr.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * This file isolates us from differences in NSPR versions.
- * We have to detect the library with which we're running at
- * runtime, and switch behaviours there. This lets us do
- * stuff like load cryptoki modules in Communicator.
- *
- * Hey, it's the PORT layer all over again!
- */
-
-static int whatnspr = 0;
-
-static int
-set_whatnspr
-(
- void
-)
-{
- /*
- * The only runtime difference I could find was the
- * return value of PR_dtoa. We can't just look for
- * a symbol in NSPR >=2, because it'll always be
- * found (because we compile against NSPR >=2).
- * Maybe we could look for a symbol merely in NSPR 1?
- *
- */
-
- char buffer[64];
- int decpt = 0, sign = 0;
- char *rve = (char *)0;
- /* extern int PR_dtoa(double, int, int, int *, int *, char **, char *, int); */
- int r = (int)PR_dtoa((double)1.0, 0, 5, &decpt, &sign, &rve,
- buffer, sizeof(buffer));
-
- switch( r ) {
- case 0:
- case -1:
- whatnspr = 2;
- /*
- * If we needed to, *now* we could look up "libVersionPoint"
- * and get more data there.. except all current NSPR's (up
- * to NSPR 4.x at time of writing) still say 2 in their
- * version structure.
- */
- break;
- default:
- whatnspr = 1;
- break;
- }
-
- return whatnspr;
-}
-
-#define WHATNSPR (whatnspr ? whatnspr : set_whatnspr())
-
-NSS_IMPLEMENT PRStatus
-nss_NewThreadPrivateIndex
-(
- PRUintn *ip
-)
-{
- switch( WHATNSPR ) {
- case 1:
- {
- PRLibrary *l = (PRLibrary *)0;
- void *f = PR_FindSymbolAndLibrary("PR_NewThreadPrivateID", &l);
- typedef PRInt32 (*ntpt)(void);
- ntpt ntp = (ntpt) f;
-
- PR_ASSERT((void *)0 != f);
-
- *ip = ntp();
- return PR_SUCCESS;
- }
- case 2:
- default:
- return PR_NewThreadPrivateIndex(ip, NULL);
- }
-}
-
-NSS_IMPLEMENT void *
-nss_GetThreadPrivate
-(
- PRUintn i
-)
-{
- switch( WHATNSPR ) {
- case 1:
- {
- PRLibrary *l = (PRLibrary *)0;
- void *f = PR_FindSymbolAndLibrary("PR_GetThreadPrivate", &l);
- typedef void *(*gtpt)(PRThread *, PRInt32);
- gtpt gtp = (gtpt) f;
-
- PR_ASSERT((void *)0 != f);
-
- return gtp(PR_CurrentThread(), i);
- }
- case 2:
- default:
- return PR_GetThreadPrivate(i);
- }
-}
-
-NSS_IMPLEMENT void
-nss_SetThreadPrivate
-(
- PRUintn i,
- void *v
-)
-{
- switch( WHATNSPR ) {
- case 1:
- {
- PRLibrary *l = (PRLibrary *)0;
- void *f = PR_FindSymbolAndLibrary("PR_SetThreadPrivate", &l);
- typedef PRStatus (*stpt)(PRThread *, PRInt32, void *);
- stpt stp = (stpt) f;
-
- PR_ASSERT((void *)0 != f);
-
- (void)stp(PR_CurrentThread(), i, v);
- return;
- }
- case 2:
- default:
- (void)PR_SetThreadPrivate(i, v);
- return;
- }
-}
diff --git a/security/nss/lib/certdb/.cvsignore b/security/nss/lib/certdb/.cvsignore
deleted file mode 100644
index ec60123e5..000000000
--- a/security/nss/lib/certdb/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-nscertinit.c
diff --git a/security/nss/lib/certdb/Makefile b/security/nss/lib/certdb/Makefile
deleted file mode 100644
index 12eff17ab..000000000
--- a/security/nss/lib/certdb/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/certdb/alg1485.c b/security/nss/lib/certdb/alg1485.c
deleted file mode 100644
index aa3ea1b3b..000000000
--- a/security/nss/lib/certdb/alg1485.c
+++ /dev/null
@@ -1,969 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cert.h"
-#include "xconst.h"
-#include "genname.h"
-#include "secitem.h"
-#include "secerr.h"
-
-struct NameToKind {
- char *name;
- SECOidTag kind;
-};
-
-static struct NameToKind name2kinds[] = {
- { "CN", SEC_OID_AVA_COMMON_NAME, },
- { "ST", SEC_OID_AVA_STATE_OR_PROVINCE, },
- { "OU", SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME, },
- { "DC", SEC_OID_AVA_DC, },
- { "C", SEC_OID_AVA_COUNTRY_NAME, },
- { "O", SEC_OID_AVA_ORGANIZATION_NAME, },
- { "L", SEC_OID_AVA_LOCALITY, },
- { "dnQualifier", SEC_OID_AVA_DN_QUALIFIER, },
- { "E", SEC_OID_PKCS9_EMAIL_ADDRESS, },
- { "UID", SEC_OID_RFC1274_UID, },
- { "MAIL", SEC_OID_RFC1274_MAIL, },
- { 0, SEC_OID_UNKNOWN },
-};
-
-#define C_DOUBLE_QUOTE '\042'
-
-#define C_BACKSLASH '\134'
-
-#define C_EQUAL '='
-
-#define OPTIONAL_SPACE(c) \
- (((c) == ' ') || ((c) == '\r') || ((c) == '\n'))
-
-#define SPECIAL_CHAR(c) \
- (((c) == ',') || ((c) == '=') || ((c) == C_DOUBLE_QUOTE) || \
- ((c) == '\r') || ((c) == '\n') || ((c) == '+') || \
- ((c) == '<') || ((c) == '>') || ((c) == '#') || \
- ((c) == ';') || ((c) == C_BACKSLASH))
-
-
-
-
-
-
-
-#if 0
-/*
-** Find the start and end of a <string>. Strings can be wrapped in double
-** quotes to protect special characters.
-*/
-static int BracketThing(char **startp, char *end, char *result)
-{
- char *start = *startp;
- char c;
-
- /* Skip leading white space */
- while (start < end) {
- c = *start++;
- if (!OPTIONAL_SPACE(c)) {
- start--;
- break;
- }
- }
- if (start == end) return 0;
-
- switch (*start) {
- case '#':
- /* Process hex thing */
- start++;
- *startp = start;
- while (start < end) {
- c = *start++;
- if (((c >= '0') && (c <= '9')) ||
- ((c >= 'a') && (c <= 'f')) ||
- ((c >= 'A') && (c <= 'F'))) {
- continue;
- }
- break;
- }
- rv = IS_HEX;
- break;
-
- case C_DOUBLE_QUOTE:
- start++;
- *startp = start;
- while (start < end) {
- c = *start++;
- if (c == C_DOUBLE_QUOTE) {
- break;
- }
- *result++ = c;
- }
- rv = IS_STRING;
- break;
-
- default:
- while (start < end) {
- c = *start++;
- if (SPECIAL_CHAR(c)) {
- start--;
- break;
- }
- *result++ = c;
- }
- rv = IS_STRING;
- break;
- }
-
- /* Terminate result string */
- *result = 0;
- return start;
-}
-
-static char *BracketSomething(char **startp, char* end, int spacesOK)
-{
- char *start = *startp;
- char c;
- int stopAtDQ;
-
- /* Skip leading white space */
- while (start < end) {
- c = *start;
- if (!OPTIONAL_SPACE(c)) {
- break;
- }
- start++;
- }
- if (start == end) return 0;
- stopAtDQ = 0;
- if (*start == C_DOUBLE_QUOTE) {
- stopAtDQ = 1;
- }
-
- /*
- ** Find the end of the something. The something is terminated most of
- ** the time by a space. However, if spacesOK is true then it is
- ** terminated by a special character only.
- */
- *startp = start;
- while (start < end) {
- c = *start;
- if (stopAtDQ) {
- if (c == C_DOUBLE_QUOTE) {
- *start = ' ';
- break;
- }
- } else {
- if (SPECIAL_CHAR(c)) {
- break;
- }
- if (!spacesOK && OPTIONAL_SPACE(c)) {
- break;
- }
- }
- start++;
- }
- return start;
-}
-#endif
-
-#define IS_PRINTABLE(c) \
- ((((c) >= 'a') && ((c) <= 'z')) || \
- (((c) >= 'A') && ((c) <= 'Z')) || \
- (((c) >= '0') && ((c) <= '9')) || \
- ((c) == ' ') || \
- ((c) == '\'') || \
- ((c) == '\050') || /* ( */ \
- ((c) == '\051') || /* ) */ \
- (((c) >= '+') && ((c) <= '/')) || /* + , - . / */ \
- ((c) == ':') || \
- ((c) == '=') || \
- ((c) == '?'))
-
-static PRBool
-IsPrintable(unsigned char *data, unsigned len)
-{
- unsigned char ch, *end;
-
- end = data + len;
- while (data < end) {
- ch = *data++;
- if (!IS_PRINTABLE(ch)) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
-}
-
-static PRBool
-Is7Bit(unsigned char *data, unsigned len)
-{
- unsigned char ch, *end;
-
- end = data + len;
- while (data < end) {
- ch = *data++;
- if ((ch & 0x80)) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
-}
-
-static void
-skipSpace(char **pbp, char *endptr)
-{
- char *bp = *pbp;
- while (bp < endptr && OPTIONAL_SPACE(*bp)) {
- bp++;
- }
- *pbp = bp;
-}
-
-static SECStatus
-scanTag(char **pbp, char *endptr, char *tagBuf, int tagBufSize)
-{
- char *bp, *tagBufp;
- int taglen;
-
- PORT_Assert(tagBufSize > 0);
-
- /* skip optional leading space */
- skipSpace(pbp, endptr);
- if (*pbp == endptr) {
- /* nothing left */
- return SECFailure;
- }
-
- /* fill tagBuf */
- taglen = 0;
- bp = *pbp;
- tagBufp = tagBuf;
- while (bp < endptr && !OPTIONAL_SPACE(*bp) && (*bp != C_EQUAL)) {
- if (++taglen >= tagBufSize) {
- *pbp = bp;
- return SECFailure;
- }
- *tagBufp++ = *bp++;
- }
- /* null-terminate tagBuf -- guaranteed at least one space left */
- *tagBufp++ = 0;
- *pbp = bp;
-
- /* skip trailing spaces till we hit something - should be an equal sign */
- skipSpace(pbp, endptr);
- if (*pbp == endptr) {
- /* nothing left */
- return SECFailure;
- }
- if (**pbp != C_EQUAL) {
- /* should be an equal sign */
- return SECFailure;
- }
- /* skip over the equal sign */
- (*pbp)++;
-
- return SECSuccess;
-}
-
-static SECStatus
-scanVal(char **pbp, char *endptr, char *valBuf, int valBufSize)
-{
- char *bp, *valBufp;
- int vallen;
- PRBool isQuoted;
-
- PORT_Assert(valBufSize > 0);
-
- /* skip optional leading space */
- skipSpace(pbp, endptr);
- if(*pbp == endptr) {
- /* nothing left */
- return SECFailure;
- }
-
- bp = *pbp;
-
- /* quoted? */
- if (*bp == C_DOUBLE_QUOTE) {
- isQuoted = PR_TRUE;
- /* skip over it */
- bp++;
- } else {
- isQuoted = PR_FALSE;
- }
-
- valBufp = valBuf;
- vallen = 0;
- while (bp < endptr) {
- char c = *bp;
- if (c == C_BACKSLASH) {
- /* escape character */
- bp++;
- if (bp >= endptr) {
- /* escape charater must appear with paired char */
- *pbp = bp;
- return SECFailure;
- }
- } else if (!isQuoted && SPECIAL_CHAR(c)) {
- /* unescaped special and not within quoted value */
- break;
- } else if (c == C_DOUBLE_QUOTE) {
- /* reached unescaped double quote */
- break;
- }
- /* append character */
- vallen++;
- if (vallen >= valBufSize) {
- *pbp = bp;
- return SECFailure;
- }
- *valBufp++ = *bp++;
- }
-
- /* stip trailing spaces from unquoted values */
- if (!isQuoted) {
- if (valBufp > valBuf) {
- valBufp--;
- while ((valBufp > valBuf) && OPTIONAL_SPACE(*valBufp)) {
- valBufp--;
- }
- valBufp++;
- }
- }
-
- if (isQuoted) {
- /* insist that we stopped on a double quote */
- if (*bp != C_DOUBLE_QUOTE) {
- *pbp = bp;
- return SECFailure;
- }
- /* skip over the quote and skip optional space */
- bp++;
- skipSpace(&bp, endptr);
- }
-
- *pbp = bp;
-
- if (valBufp == valBuf) {
- /* empty value -- not allowed */
- return SECFailure;
- }
-
- /* null-terminate valBuf -- guaranteed at least one space left */
- *valBufp++ = 0;
-
- return SECSuccess;
-}
-
-CERTAVA *
-CERT_ParseRFC1485AVA(PRArenaPool *arena, char **pbp, char *endptr,
- PRBool singleAVA)
-{
- CERTAVA *a;
- struct NameToKind *n2k;
- int vt;
- int valLen;
- char *bp;
-
- char tagBuf[32];
- char valBuf[384];
-
- if (scanTag(pbp, endptr, tagBuf, sizeof(tagBuf)) == SECFailure ||
- scanVal(pbp, endptr, valBuf, sizeof(valBuf)) == SECFailure) {
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return 0;
- }
-
- /* insist that if we haven't finished we've stopped on a separator */
- bp = *pbp;
- if (bp < endptr) {
- if (singleAVA || (*bp != ',' && *bp != ';')) {
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- *pbp = bp;
- return 0;
- }
- /* ok, skip over separator */
- bp++;
- }
- *pbp = bp;
-
- for (n2k = name2kinds; n2k->name; n2k++) {
- if (PORT_Strcasecmp(n2k->name, tagBuf) == 0) {
- valLen = PORT_Strlen(valBuf);
- if (n2k->kind == SEC_OID_AVA_COUNTRY_NAME) {
- vt = SEC_ASN1_PRINTABLE_STRING;
- if (valLen != 2) {
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return 0;
- }
- if (!IsPrintable((unsigned char*) valBuf, 2)) {
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return 0;
- }
- } else if ((n2k->kind == SEC_OID_PKCS9_EMAIL_ADDRESS) ||
- (n2k->kind == SEC_OID_RFC1274_MAIL)) {
- vt = SEC_ASN1_IA5_STRING;
- } else {
- /* Hack -- for rationale see X.520 DirectoryString defn */
- if (IsPrintable((unsigned char*)valBuf, valLen)) {
- vt = SEC_ASN1_PRINTABLE_STRING;
- } else if (Is7Bit((unsigned char *)valBuf, valLen)) {
- vt = SEC_ASN1_T61_STRING;
- } else {
- vt = SEC_ASN1_UNIVERSAL_STRING;
- }
- }
- a = CERT_CreateAVA(arena, n2k->kind, vt, (char *) valBuf);
- return a;
- }
- }
- /* matched no kind -- invalid tag */
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return 0;
-}
-
-static CERTName *
-ParseRFC1485Name(char *buf, int len)
-{
- SECStatus rv;
- CERTName *name;
- char *bp, *e;
- CERTAVA *ava;
- CERTRDN *rdn;
-
- name = CERT_CreateName(NULL);
- if (name == NULL) {
- return NULL;
- }
-
- e = buf + len;
- bp = buf;
- while (bp < e) {
- ava = CERT_ParseRFC1485AVA(name->arena, &bp, e, PR_FALSE);
- if (ava == 0) goto loser;
- rdn = CERT_CreateRDN(name->arena, ava, 0);
- if (rdn == 0) goto loser;
- rv = CERT_AddRDN(name, rdn);
- if (rv) goto loser;
- skipSpace(&bp, e);
- }
-
- if (name->rdns[0] == 0) {
- /* empty name -- illegal */
- goto loser;
- }
-
- /* Reverse order of RDNS to comply with RFC */
- {
- CERTRDN **firstRdn;
- CERTRDN **lastRdn;
- CERTRDN *tmp;
-
- /* get first one */
- firstRdn = name->rdns;
-
- /* find last one */
- lastRdn = name->rdns;
- while (*lastRdn) lastRdn++;
- lastRdn--;
-
- /* reverse list */
- for ( ; firstRdn < lastRdn; firstRdn++, lastRdn--) {
- tmp = *firstRdn;
- *firstRdn = *lastRdn;
- *lastRdn = tmp;
- }
- }
-
- /* return result */
- return name;
-
- loser:
- CERT_DestroyName(name);
- return NULL;
-}
-
-CERTName *
-CERT_AsciiToName(char *string)
-{
- CERTName *name;
- name = ParseRFC1485Name(string, PORT_Strlen(string));
- return name;
-}
-
-/************************************************************************/
-
-static SECStatus
-AppendStr(char **bufp, unsigned *buflenp, char *str)
-{
- char *buf;
- unsigned bufLen, bufSize, len;
-
- /* Figure out how much to grow buf by (add in the '\0') */
- buf = *bufp;
- bufLen = *buflenp;
- len = PORT_Strlen(str);
- bufSize = bufLen + len;
- if (buf) {
- buf = (char*) PORT_Realloc(buf, bufSize);
- } else {
- bufSize++;
- buf = (char*) PORT_Alloc(bufSize);
- }
- if (!buf) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- *bufp = buf;
- *buflenp = bufSize;
-
- /* Concatenate str onto buf */
- buf = buf + bufLen;
- if (bufLen) buf--; /* stomp on old '\0' */
- PORT_Memcpy(buf, str, len+1); /* put in new null */
- return SECSuccess;
-}
-
-SECStatus
-CERT_RFC1485_EscapeAndQuote(char *dst, int dstlen, char *src, int srclen)
-{
- int i, reqLen=0;
- char *d = dst;
- PRBool needsQuoting = PR_FALSE;
-
- /* need to make an initial pass to determine if quoting is needed */
- for (i = 0; i < srclen; i++) {
- char c = src[i];
- reqLen++;
- if (SPECIAL_CHAR(c)) {
- /* entirety will need quoting */
- needsQuoting = PR_TRUE;
- }
- if (c == C_DOUBLE_QUOTE || c == C_BACKSLASH) {
- /* this char will need escaping */
- reqLen++;
- }
- }
- /* if it begins or ends in optional space it needs quoting */
- if (srclen > 0 &&
- (OPTIONAL_SPACE(src[srclen-1]) || OPTIONAL_SPACE(src[0]))) {
- needsQuoting = PR_TRUE;
- }
-
- if (needsQuoting) reqLen += 2;
-
- /* space for terminal null */
- reqLen++;
-
- if (reqLen > dstlen) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- return SECFailure;
- }
-
- d = dst;
- if (needsQuoting) *d++ = C_DOUBLE_QUOTE;
- for (i = 0; i < srclen; i++) {
- char c = src[i];
- if (c == C_DOUBLE_QUOTE || c == C_BACKSLASH) {
- /* escape it */
- *d++ = C_BACKSLASH;
- }
- *d++ = c;
- }
- if (needsQuoting) *d++ = C_DOUBLE_QUOTE;
- *d++ = 0;
- return SECSuccess;
-}
-
-static SECStatus
-AppendAVA(char **bufp, unsigned *buflenp, CERTAVA *ava)
-{
- char *tagName;
- char tmpBuf[384];
- unsigned len, maxLen;
- int tag;
- SECStatus rv;
- SECItem *avaValue = NULL;
-
- tag = CERT_GetAVATag(ava);
- switch (tag) {
- case SEC_OID_AVA_COUNTRY_NAME:
- tagName = "C";
- maxLen = 2;
- break;
- case SEC_OID_AVA_ORGANIZATION_NAME:
- tagName = "O";
- maxLen = 64;
- break;
- case SEC_OID_AVA_COMMON_NAME:
- tagName = "CN";
- maxLen = 64;
- break;
- case SEC_OID_AVA_LOCALITY:
- tagName = "L";
- maxLen = 128;
- break;
- case SEC_OID_AVA_STATE_OR_PROVINCE:
- tagName = "ST";
- maxLen = 128;
- break;
- case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
- tagName = "OU";
- maxLen = 64;
- break;
- case SEC_OID_AVA_DC:
- tagName = "DC";
- maxLen = 128;
- break;
- case SEC_OID_AVA_DN_QUALIFIER:
- tagName = "dnQualifier";
- maxLen = 0x7fff;
- break;
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- tagName = "E";
- maxLen = 128;
- break;
- case SEC_OID_RFC1274_UID:
- tagName = "UID";
- maxLen = 256;
- break;
- case SEC_OID_RFC1274_MAIL:
- tagName = "MAIL";
- maxLen = 256;
- break;
- default:
-#if 0
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return SECFailure;
-#else
- rv = AppendStr(bufp, buflenp, "ERR=Unknown AVA");
- return rv;
-#endif
- }
-
- avaValue = CERT_DecodeAVAValue(&ava->value);
- if(!avaValue) {
- return SECFailure;
- }
-
- /* Check value length */
- if (avaValue->len > maxLen) {
- PORT_SetError(SEC_ERROR_INVALID_AVA);
- return SECFailure;
- }
-
- len = PORT_Strlen(tagName);
- PORT_Memcpy(tmpBuf, tagName, len);
- tmpBuf[len++] = '=';
-
- /* escape and quote as necessary */
- rv = CERT_RFC1485_EscapeAndQuote(tmpBuf+len, sizeof(tmpBuf)-len,
- (char *)avaValue->data, avaValue->len);
- SECITEM_FreeItem(avaValue, PR_TRUE);
- if (rv) return SECFailure;
-
- rv = AppendStr(bufp, buflenp, tmpBuf);
- return rv;
-}
-
-char *
-CERT_NameToAscii(CERTName *name)
-{
- SECStatus rv;
- CERTRDN** rdns;
- CERTRDN** lastRdn;
- CERTRDN** rdn;
- CERTAVA** avas;
- CERTAVA* ava;
- PRBool first = PR_TRUE;
- char *buf = NULL;
- unsigned buflen = 0;
-
- rdns = name->rdns;
- if (rdns == NULL) {
- return NULL;
- }
-
- /* find last RDN */
- lastRdn = rdns;
- while (*lastRdn) lastRdn++;
- lastRdn--;
-
- /*
- * Loop over name contents in _reverse_ RDN order appending to string
- */
- for (rdn = lastRdn; rdn >= rdns; rdn--) {
- avas = (*rdn)->avas;
- while ((ava = *avas++) != NULL) {
- /* Put in comma separator */
- if (!first) {
- rv = AppendStr(&buf, &buflen, ", ");
- if (rv) goto loser;
- } else {
- first = PR_FALSE;
- }
-
- /* Add in tag type plus value into buf */
- rv = AppendAVA(&buf, &buflen, ava);
- if (rv) goto loser;
- }
- }
- return buf;
- loser:
- PORT_Free(buf);
- return NULL;
-}
-
-/*
- * Return the string representation of a DER encoded distinguished name
- * "dername" - The DER encoded name to convert
- */
-char *
-CERT_DerNameToAscii(SECItem *dername)
-{
- int rv;
- PRArenaPool *arena = NULL;
- CERTName name;
- char *retstr = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( arena == NULL) {
- goto loser;
- }
-
- rv = SEC_ASN1DecodeItem(arena, &name, CERT_NameTemplate, dername);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- retstr = CERT_NameToAscii(&name);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(retstr);
-}
-
-static char *
-CERT_GetNameElement(CERTName *name, int wantedTag)
-{
- CERTRDN** rdns;
- CERTRDN *rdn;
- CERTAVA** avas;
- CERTAVA* ava;
- char *buf = 0;
- int tag;
- SECItem *decodeItem = NULL;
-
- rdns = name->rdns;
- while ((rdn = *rdns++) != 0) {
- avas = rdn->avas;
- while ((ava = *avas++) != 0) {
- tag = CERT_GetAVATag(ava);
- if ( tag == wantedTag ) {
- decodeItem = CERT_DecodeAVAValue(&ava->value);
- if(!decodeItem) {
- return NULL;
- }
- buf = (char *)PORT_ZAlloc(decodeItem->len + 1);
- if ( buf ) {
- PORT_Memcpy(buf, decodeItem->data, decodeItem->len);
- buf[decodeItem->len] = 0;
- }
- SECITEM_FreeItem(decodeItem, PR_TRUE);
- goto done;
- }
- }
- }
-
- done:
- return buf;
-}
-
-char *
-CERT_GetCertificateEmailAddress(CERTCertificate *cert)
-{
- char *rawEmailAddr = NULL;
- char *emailAddr = NULL;
- SECItem subAltName;
- SECStatus rv;
- CERTGeneralName *nameList = NULL;
- CERTGeneralName *current;
- PRArenaPool *arena = NULL;
- int i;
-
- subAltName.data = NULL;
-
- rawEmailAddr = CERT_GetNameElement(&(cert->subject), SEC_OID_PKCS9_EMAIL_ADDRESS);
- if ( rawEmailAddr == NULL ) {
- rawEmailAddr = CERT_GetNameElement(&(cert->subject), SEC_OID_RFC1274_MAIL);
- }
- if ( rawEmailAddr == NULL) {
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME, &subAltName);
- if (rv != SECSuccess) {
- goto finish;
- }
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- goto finish;
- }
- nameList = current = CERT_DecodeAltNameExtension(arena, &subAltName);
- if (!nameList ) {
- goto finish;
- }
- if (nameList != NULL) {
- do {
- if (current->type == certDirectoryName) {
- rawEmailAddr = CERT_GetNameElement(&(current->name.directoryName),
- SEC_OID_PKCS9_EMAIL_ADDRESS);
- if ( rawEmailAddr == NULL ) {
- rawEmailAddr = CERT_GetNameElement(&(current->name.directoryName),
- SEC_OID_RFC1274_MAIL);
- }
- } else if (current->type == certRFC822Name) {
- rawEmailAddr = (char*)PORT_ZAlloc(current->name.other.len + 1);
- if (!rawEmailAddr) {
- goto finish;
- }
- PORT_Memcpy(rawEmailAddr, current->name.other.data,
- current->name.other.len);
- rawEmailAddr[current->name.other.len] = '\0';
- }
- if (rawEmailAddr) {
- break;
- }
- current = cert_get_next_general_name(current);
- } while (current != nameList);
- }
- }
- if (rawEmailAddr) {
- emailAddr = (char*)PORT_ArenaZAlloc(cert->arena, PORT_Strlen(rawEmailAddr) + 1);
- for (i = 0; i <= PORT_Strlen(rawEmailAddr); i++) {
- emailAddr[i] = tolower(rawEmailAddr[i]);
- }
- } else {
- emailAddr = NULL;
- }
-
-finish:
- if ( rawEmailAddr ) {
- PORT_Free(rawEmailAddr);
- }
-
- /* Don't free nameList, it's part of the arena. */
-
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if ( subAltName.data ) {
- SECITEM_FreeItem(&subAltName, PR_FALSE);
- }
-
- return(emailAddr);
-}
-
-char *
-CERT_GetCertEmailAddress(CERTName *name)
-{
- char *rawEmailAddr;
- char *emailAddr;
-
-
- rawEmailAddr = CERT_GetNameElement(name, SEC_OID_PKCS9_EMAIL_ADDRESS);
- if ( rawEmailAddr == NULL ) {
- rawEmailAddr = CERT_GetNameElement(name, SEC_OID_RFC1274_MAIL);
- }
- emailAddr = CERT_FixupEmailAddr(rawEmailAddr);
- if ( rawEmailAddr ) {
- PORT_Free(rawEmailAddr);
- }
- return(emailAddr);
-}
-
-char *
-CERT_GetCommonName(CERTName *name)
-{
- return(CERT_GetNameElement(name, SEC_OID_AVA_COMMON_NAME));
-}
-
-char *
-CERT_GetCountryName(CERTName *name)
-{
- return(CERT_GetNameElement(name, SEC_OID_AVA_COUNTRY_NAME));
-}
-
-char *
-CERT_GetLocalityName(CERTName *name)
-{
- return(CERT_GetNameElement(name, SEC_OID_AVA_LOCALITY));
-}
-
-char *
-CERT_GetStateName(CERTName *name)
-{
- return(CERT_GetNameElement(name, SEC_OID_AVA_STATE_OR_PROVINCE));
-}
-
-char *
-CERT_GetOrgName(CERTName *name)
-{
- return(CERT_GetNameElement(name, SEC_OID_AVA_ORGANIZATION_NAME));
-}
-
-char *
-CERT_GetDomainComponentName(CERTName *name)
-{
- return(CERT_GetNameElement(name, SEC_OID_AVA_DC));
-}
-
-char *
-CERT_GetOrgUnitName(CERTName *name)
-{
- return(CERT_GetNameElement(name, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME));
-}
-
-char *
-CERT_GetDnQualifier(CERTName *name)
-{
- return(CERT_GetNameElement(name, SEC_OID_AVA_DN_QUALIFIER));
-}
-
-char *
-CERT_GetCertUid(CERTName *name)
-{
- return(CERT_GetNameElement(name, SEC_OID_RFC1274_UID));
-}
-
diff --git a/security/nss/lib/certdb/cert.h b/security/nss/lib/certdb/cert.h
deleted file mode 100644
index 394d518f9..000000000
--- a/security/nss/lib/certdb/cert.h
+++ /dev/null
@@ -1,1364 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * cert.h - public data structures and prototypes for the certificate library
- *
- * $Id$
- */
-
-#ifndef _CERT_H_
-#define _CERT_H_
-
-#include "plarena.h"
-#include "plhash.h"
-#include "prlong.h"
-#include "prlog.h"
-
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "keyt.h"
-#include "certt.h"
-
-SEC_BEGIN_PROTOS
-
-/****************************************************************************
- *
- * RFC1485 ascii to/from X.? RelativeDistinguishedName (aka CERTName)
- *
- ****************************************************************************/
-
-/*
-** Convert an ascii RFC1485 encoded name into its CERTName equivalent.
-*/
-extern CERTName *CERT_AsciiToName(char *string);
-
-/*
-** Convert an CERTName into its RFC1485 encoded equivalent.
-*/
-extern char *CERT_NameToAscii(CERTName *name);
-
-extern CERTAVA *CERT_CopyAVA(PRArenaPool *arena, CERTAVA *src);
-
-/*
-** Examine an AVA and return the tag that refers to it. The AVA tags are
-** defined as SEC_OID_AVA*.
-*/
-extern SECOidTag CERT_GetAVATag(CERTAVA *ava);
-
-/*
-** Compare two AVA's, returning the difference between them.
-*/
-extern SECComparison CERT_CompareAVA(CERTAVA *a, CERTAVA *b);
-
-/*
-** Create an RDN (relative-distinguished-name). The argument list is a
-** NULL terminated list of AVA's.
-*/
-extern CERTRDN *CERT_CreateRDN(PRArenaPool *arena, CERTAVA *avas, ...);
-
-/*
-** Make a copy of "src" storing it in "dest".
-*/
-extern SECStatus CERT_CopyRDN(PRArenaPool *arena, CERTRDN *dest, CERTRDN *src);
-
-/*
-** Destory an RDN object.
-** "rdn" the RDN to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyRDN(CERTRDN *rdn, PRBool freeit);
-
-/*
-** Add an AVA to an RDN.
-** "rdn" the RDN to add to
-** "ava" the AVA to add
-*/
-extern SECStatus CERT_AddAVA(PRArenaPool *arena, CERTRDN *rdn, CERTAVA *ava);
-
-/*
-** Compare two RDN's, returning the difference between them.
-*/
-extern SECComparison CERT_CompareRDN(CERTRDN *a, CERTRDN *b);
-
-/*
-** Create an X.500 style name using a NULL terminated list of RDN's.
-*/
-extern CERTName *CERT_CreateName(CERTRDN *rdn, ...);
-
-/*
-** Make a copy of "src" storing it in "dest". Memory is allocated in
-** "dest" for each of the appropriate sub objects. Memory is not freed in
-** "dest" before allocation is done (use CERT_DestroyName(dest, PR_FALSE) to
-** do that).
-*/
-extern SECStatus CERT_CopyName(PRArenaPool *arena, CERTName *dest, CERTName *src);
-
-/*
-** Destroy a Name object.
-** "name" the CERTName to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyName(CERTName *name);
-
-/*
-** Add an RDN to a name.
-** "name" the name to add the RDN to
-** "rdn" the RDN to add to name
-*/
-extern SECStatus CERT_AddRDN(CERTName *name, CERTRDN *rdn);
-
-/*
-** Compare two names, returning the difference between them.
-*/
-extern SECComparison CERT_CompareName(CERTName *a, CERTName *b);
-
-/*
-** Convert a CERTName into something readable
-*/
-extern char *CERT_FormatName (CERTName *name);
-
-/*
-** Convert a der-encoded integer to a hex printable string form.
-** Perhaps this should be a SEC function but it's only used for certs.
-*/
-extern char *CERT_Hexify (SECItem *i, int do_colon);
-
-/******************************************************************************
- *
- * Certificate handling operations
- *
- *****************************************************************************/
-
-/*
-** Create a new validity object given two unix time values.
-** "notBefore" the time before which the validity is not valid
-** "notAfter" the time after which the validity is not valid
-*/
-extern CERTValidity *CERT_CreateValidity(int64 notBefore, int64 notAfter);
-
-/*
-** Destroy a validity object.
-** "v" the validity to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyValidity(CERTValidity *v);
-
-/*
-** Copy the "src" object to "dest". Memory is allocated in "dest" for
-** each of the appropriate sub-objects. Memory in "dest" is not freed
-** before memory is allocated (use CERT_DestroyValidity(v, PR_FALSE) to do
-** that).
-*/
-extern SECStatus CERT_CopyValidity
- (PRArenaPool *arena, CERTValidity *dest, CERTValidity *src);
-
-/*
-** The cert lib considers a cert or CRL valid if the "notBefore" time is
-** in the not-too-distant future, e.g. within the next 24 hours. This
-** prevents freshly issued certificates from being considered invalid
-** because the local system's time zone is incorrectly set.
-** The amount of "pending slop time" is adjustable by the application.
-** Units of SlopTime are seconds. Default is 86400 (24 hours).
-** Negative SlopTime values are not allowed.
-*/
-PRInt32 CERT_GetSlopTime(void);
-
-SECStatus CERT_SetSlopTime(PRInt32 slop);
-
-/*
-** Create a new certificate object. The result must be wrapped with an
-** CERTSignedData to create a signed certificate.
-** "serialNumber" the serial number
-** "issuer" the name of the certificate issuer
-** "validity" the validity period of the certificate
-** "req" the certificate request that prompted the certificate issuance
-*/
-extern CERTCertificate *
-CERT_CreateCertificate (unsigned long serialNumber, CERTName *issuer,
- CERTValidity *validity, CERTCertificateRequest *req);
-
-/*
-** Destroy a certificate object
-** "cert" the certificate to destroy
-** NOTE: certificate's are reference counted. This call decrements the
-** reference count, and if the result is zero, then the object is destroyed
-** and optionally freed.
-*/
-extern void CERT_DestroyCertificate(CERTCertificate *cert);
-
-/*
-** Make a shallow copy of a certificate "c". Just increments the
-** reference count on "c".
-*/
-extern CERTCertificate *CERT_DupCertificate(CERTCertificate *c);
-
-/*
-** Create a new certificate request. This result must be wrapped with an
-** CERTSignedData to create a signed certificate request.
-** "name" the subject name (who the certificate request is from)
-** "spki" describes/defines the public key the certificate is for
-** "attributes" if non-zero, some optional attribute data
-*/
-extern CERTCertificateRequest *
-CERT_CreateCertificateRequest (CERTName *name, CERTSubjectPublicKeyInfo *spki,
- SECItem **attributes);
-
-/*
-** Destroy a certificate-request object
-** "r" the certificate-request to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void CERT_DestroyCertificateRequest(CERTCertificateRequest *r);
-
-/*
-** Extract a public key object from a SubjectPublicKeyInfo
-*/
-extern SECKEYPublicKey *CERT_ExtractPublicKey(CERTCertificate *cert);
-
-/*
- * used to get a public key with Key Material ID. Only used for fortezza V1
- * certificates.
- */
-extern SECKEYPublicKey *CERT_KMIDPublicKey(CERTCertificate *cert);
-
-
-/*
-** Retrieve the Key Type associated with the cert we're dealing with
-*/
-
-extern KeyType CERT_GetCertKeyType (CERTSubjectPublicKeyInfo *spki);
-
-/*
-** Initialize the certificate database. This is called to create
-** the initial list of certificates in the database.
-*/
-extern SECStatus CERT_InitCertDB(CERTCertDBHandle *handle);
-
-/*
-** Default certificate database routines
-*/
-extern void CERT_SetDefaultCertDB(CERTCertDBHandle *handle);
-
-extern CERTCertDBHandle *CERT_GetDefaultCertDB(void);
-
-extern CERTCertList *CERT_GetCertChainFromCert(CERTCertificate *cert,
- int64 time,
- SECCertUsage usage);
-extern CERTCertificate *
-CERT_NewTempCertificate (CERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PRBool isperm, PRBool copyDER);
-
-
-/******************************************************************************
- *
- * X.500 Name handling operations
- *
- *****************************************************************************/
-
-/*
-** Create an AVA (attribute-value-assertion)
-** "arena" the memory arena to alloc from
-** "kind" is one of SEC_OID_AVA_*
-** "valueType" is one of DER_PRINTABLE_STRING, DER_IA5_STRING, or
-** DER_T61_STRING
-** "value" is the null terminated string containing the value
-*/
-extern CERTAVA *CERT_CreateAVA
- (PRArenaPool *arena, SECOidTag kind, int valueType, char *value);
-
-/*
-** Extract the Distinguished Name from a DER encoded certificate
-** "derCert" is the DER encoded certificate
-** "derName" is the SECItem that the name is returned in
-*/
-extern SECStatus CERT_NameFromDERCert(SECItem *derCert, SECItem *derName);
-
-/*
-** Extract the Issuers Distinguished Name from a DER encoded certificate
-** "derCert" is the DER encoded certificate
-** "derName" is the SECItem that the name is returned in
-*/
-extern SECStatus CERT_IssuerNameFromDERCert(SECItem *derCert,
- SECItem *derName);
-
-
-
-/*
-** Generate a database search key for a certificate, based on the
-** issuer and serial number.
-** "arena" the memory arena to alloc from
-** "derCert" the DER encoded certificate
-** "key" the returned key
-*/
-extern SECStatus CERT_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key);
-
-extern SECStatus CERT_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer,
- SECItem *sn, SECItem *key);
-
-/*
-** Generate a database search key for a crl, based on the
-** issuer.
-** "arena" the memory arena to alloc from
-** "derCrl" the DER encoded crl
-** "key" the returned key
-*/
-extern SECStatus CERT_KeyFromDERCrl(PRArenaPool *arena, SECItem *derCrl, SECItem *key);
-
-/*
-** Open the certificate database. Use callback to get name of database.
-*/
-extern SECStatus CERT_OpenCertDB(CERTCertDBHandle *handle, PRBool readOnly,
- CERTDBNameFunc namecb, void *cbarg);
-
-/* Open the certificate database. Use given filename for database. */
-extern SECStatus CERT_OpenCertDBFilename(CERTCertDBHandle *handle,
- char *certdbname, PRBool readOnly);
-
-/*
-** Open and initialize a cert database that is entirely in memory. This
-** can be used when the permanent database can not be opened or created.
-*/
-extern SECStatus CERT_OpenVolatileCertDB(CERTCertDBHandle *handle);
-
-/*
-** Check the hostname to make sure that it matches the shexp that
-** is given in the common name of the certificate.
-*/
-extern SECStatus CERT_VerifyCertName(CERTCertificate *cert, const char *hostname);
-
-/*
-** Add a domain name to the list of names that the user has explicitly
-** allowed (despite cert name mismatches) for use with a server cert.
-*/
-extern SECStatus CERT_AddOKDomainName(CERTCertificate *cert, const char *hostname);
-
-/*
-** Decode a DER encoded certificate into an CERTCertificate structure
-** "derSignedCert" is the DER encoded signed certificate
-** "copyDER" is true if the DER should be copied, false if the
-** existing copy should be referenced
-** "nickname" is the nickname to use in the database. If it is NULL
-** then a temporary nickname is generated.
-*/
-extern CERTCertificate *
-CERT_DecodeDERCertificate (SECItem *derSignedCert, PRBool copyDER, char *nickname);
-/*
-** Decode a DER encoded CRL/KRL into an CERTSignedCrl structure
-** "derSignedCrl" is the DER encoded signed crl/krl.
-** "type" is this a CRL or KRL.
-*/
-#define SEC_CRL_TYPE 1
-#define SEC_KRL_TYPE 0
-
-extern CERTSignedCrl *
-CERT_DecodeDERCrl (PRArenaPool *arena, SECItem *derSignedCrl,int type);
-
-/* Validate CRL then import it to the dbase. If there is already a CRL with the
- * same CA in the dbase, it will be replaced if derCRL is more up to date.
- * If the process successes, a CRL will be returned. Otherwise, a NULL will
- * be returned. The caller should call PORT_GetError() for the exactly error
- * code.
- */
-extern CERTSignedCrl *
-CERT_ImportCRL (CERTCertDBHandle *handle, SECItem *derCRL, char *url,
- int type, void * wincx);
-
-extern void CERT_DestroyCrl (CERTSignedCrl *crl);
-
-/*
-** Decode a certificate and put it into the temporary certificate database
-*/
-extern CERTCertificate *
-CERT_DecodeCertificate (SECItem *derCert, char *nickname,PRBool copyDER);
-
-/*
-** Find a certificate in the database
-** "key" is the database key to look for
-*/
-extern CERTCertificate *CERT_FindCertByKey(CERTCertDBHandle *handle, SECItem *key);
-
-/*
-** Find a certificate in the database by name
-** "name" is the distinguished name to look up
-*/
-extern CERTCertificate *
-CERT_FindCertByName (CERTCertDBHandle *handle, SECItem *name);
-
-/*
-** Find a certificate in the database by name
-** "name" is the distinguished name to look up (in ascii)
-*/
-extern CERTCertificate *
-CERT_FindCertByNameString (CERTCertDBHandle *handle, char *name);
-
-/*
-** Find a certificate in the database by name and keyid
-** "name" is the distinguished name to look up
-** "keyID" is the value of the subjectKeyID to match
-*/
-extern CERTCertificate *
-CERT_FindCertByKeyID (CERTCertDBHandle *handle, SECItem *name, SECItem *keyID);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database. Return the cert if found.
-** "issuerAndSN" is the issuer and serial number to look for
-*/
-extern CERTCertificate *
-CERT_FindCertByIssuerAndSN (CERTCertDBHandle *handle, CERTIssuerAndSN *issuerAndSN);
-
-/*
-** Find a certificate in the database by a nickname
-** "nickname" is the ascii string nickname to look for
-*/
-extern CERTCertificate *
-CERT_FindCertByNickname (CERTCertDBHandle *handle, char *nickname);
-
-/*
-** Find a certificate in the database by a DER encoded certificate
-** "derCert" is the DER encoded certificate
-*/
-extern CERTCertificate *
-CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert);
-
-/*
-** Find a certificate in the database by a email address
-** "emailAddr" is the email address to look up
-*/
-CERTCertificate *
-CERT_FindCertByEmailAddr(CERTCertDBHandle *handle, char *emailAddr);
-
-/*
-** Find a certificate in the database by a email address or nickname
-** "name" is the email address or nickname to look up
-*/
-CERTCertificate *
-CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, char *name);
-
-/*
-** Find a certificate in the database by a digest of a subject public key
-** "spkDigest" is the digest to look up
-*/
-extern CERTCertificate *
-CERT_FindCertBySPKDigest(CERTCertDBHandle *handle, SECItem *spkDigest);
-
-/*
- * Find the issuer of a cert
- */
-CERTCertificate *
-CERT_FindCertIssuer(CERTCertificate *cert, int64 validTime, SECCertUsage usage);
-
-/*
-** Check the validity times of a certificate vs. time 't', allowing
-** some slop for broken clocks and stuff.
-** "cert" is the certificate to be checked
-** "t" is the time to check against
-** "allowOverride" if true then check to see if the invalidity has
-** been overridden by the user.
-*/
-extern SECCertTimeValidity CERT_CheckCertValidTimes(CERTCertificate *cert,
- PRTime t,
- PRBool allowOverride);
-
-/*
-** WARNING - this function is depricated, and will either go away or have
-** a new API in the near future.
-**
-** Check the validity times of a certificate vs. the current time, allowing
-** some slop for broken clocks and stuff.
-** "cert" is the certificate to be checked
-*/
-extern SECStatus CERT_CertTimesValid(CERTCertificate *cert);
-
-/*
-** Extract the validity times from a certificate
-** "c" is the certificate
-** "notBefore" is the start of the validity period
-** "notAfter" is the end of the validity period
-*/
-extern SECStatus
-CERT_GetCertTimes (CERTCertificate *c, PRTime *notBefore, PRTime *notAfter);
-
-/*
-** Extract the issuer and serial number from a certificate
-*/
-extern CERTIssuerAndSN *CERT_GetCertIssuerAndSN(PRArenaPool *,
- CERTCertificate *);
-
-/*
-** verify the signature of a signed data object with a given certificate
-** "sd" the signed data object to be verified
-** "cert" the certificate to use to check the signature
-*/
-extern SECStatus CERT_VerifySignedData(CERTSignedData *sd,
- CERTCertificate *cert,
- int64 t,
- void *wincx);
-
-/*
-** verify a certificate by checking validity times against a certain time,
-** that we trust the issuer, and that the signature on the certificate is
-** valid.
-** "cert" the certificate to verify
-** "checkSig" only check signatures if true
-*/
-extern SECStatus
-CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, int64 t,
- void *wincx, CERTVerifyLog *log);
-
-/* same as above, but uses current time */
-extern SECStatus
-CERT_VerifyCertNow(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, void *wincx);
-
-/*
-** This must only be called on a cert that is known to have an issuer
-** with an invalid time
-*/
-extern CERTCertificate *
-CERT_FindExpiredIssuer (CERTCertDBHandle *handle, CERTCertificate *cert);
-
-/*
-** Read a base64 ascii encoded DER certificate and convert it to our
-** internal format.
-** "certstr" is a null-terminated string containing the certificate
-*/
-extern CERTCertificate *CERT_ConvertAndDecodeCertificate(char *certstr);
-
-/*
-** Read a certificate in some foreign format, and convert it to our
-** internal format.
-** "certbuf" is the buffer containing the certificate
-** "certlen" is the length of the buffer
-** NOTE - currently supports netscape base64 ascii encoded raw certs
-** and netscape binary DER typed files.
-*/
-extern CERTCertificate *CERT_DecodeCertFromPackage(char *certbuf, int certlen);
-
-extern SECStatus
-CERT_ImportCAChain (SECItem *certs, int numcerts, SECCertUsage certUsage);
-
-/*
-** Read a certificate chain in some foreign format, and pass it to a
-** callback function.
-** "certbuf" is the buffer containing the certificate
-** "certlen" is the length of the buffer
-** "f" is the callback function
-** "arg" is the callback argument
-*/
-typedef SECStatus (PR_CALLBACK *CERTImportCertificateFunc)
- (void *arg, SECItem **certs, int numcerts);
-
-extern SECStatus
-CERT_DecodeCertPackage(char *certbuf, int certlen, CERTImportCertificateFunc f,
- void *arg);
-
-/*
-** Pretty print a certificate in HTML
-** "cert" is the certificate to print
-** "showImages" controls whether or not to use about:security URLs
-** for subject and issuer images. This should only be true
-** in the browser.
-*/
-extern char *CERT_HTMLCertInfo(CERTCertificate *cert, PRBool showImages,
- PRBool showIssuer);
-
-/*
-** Returns the value of an AVA. This was a formerly static
-** function that has been exposed due to the need to decode
-** and convert unicode strings to UTF8.
-**
-** XXX This function resides in certhtml.c, should it be
-** moved elsewhere?
-*/
-extern SECItem *CERT_DecodeAVAValue(SECItem *derAVAValue);
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-CERTCertificate *
-CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
- char *nickname);
-
-
-
-/*
-** extract various element strings from a distinguished name.
-** "name" the distinguished name
-*/
-extern char *CERT_GetCommonName(CERTName *name);
-
-extern char *CERT_GetCertificateEmailAddress(CERTCertificate *cert);
-
-extern char *CERT_GetCertEmailAddress(CERTName *name);
-
-extern char *CERT_GetCommonName(CERTName *name);
-
-extern char *CERT_GetCountryName(CERTName *name);
-
-extern char *CERT_GetLocalityName(CERTName *name);
-
-extern char *CERT_GetStateName(CERTName *name);
-
-extern char *CERT_GetOrgName(CERTName *name);
-
-extern char *CERT_GetOrgUnitName(CERTName *name);
-
-extern char *CERT_GetDomainComponentName(CERTName *name);
-
-extern char *CERT_GetCertUid(CERTName *name);
-
-/* manipulate the trust parameters of a certificate */
-
-extern SECStatus CERT_GetCertTrust(CERTCertificate *cert, CERTCertTrust *trust);
-
-extern SECStatus
-CERT_ChangeCertTrust (CERTCertDBHandle *handle, CERTCertificate *cert,
- CERTCertTrust *trust);
-
-extern SECStatus
-CERT_ChangeCertTrustByUsage(CERTCertDBHandle *certdb, CERTCertificate *cert,
- SECCertUsage usage);
-
-/*************************************************************************
- *
- * manipulate the extensions of a certificate
- *
- ************************************************************************/
-
-/*
-** Set up a cert for adding X509v3 extensions. Returns an opaque handle
-** used by the next two routines.
-** "cert" is the certificate we are adding extensions to
-*/
-extern void *CERT_StartCertExtensions(CERTCertificate *cert);
-
-/*
-** Add an extension to a certificate.
-** "exthandle" is the handle returned by the previous function
-** "idtag" is the integer tag for the OID that should ID this extension
-** "value" is the value of the extension
-** "critical" is the critical extension flag
-** "copyData" is a flag indicating whether the value data should be
-** copied.
-*/
-extern SECStatus CERT_AddExtension (void *exthandle, int idtag,
- SECItem *value, PRBool critical, PRBool copyData);
-
-extern SECStatus CERT_AddExtensionByOID (void *exthandle, SECItem *oid,
- SECItem *value, PRBool critical, PRBool copyData);
-
-extern SECStatus CERT_EncodeAndAddExtension
- (void *exthandle, int idtag, void *value, PRBool critical,
- const SEC_ASN1Template *atemplate);
-
-extern SECStatus CERT_EncodeAndAddBitStrExtension
- (void *exthandle, int idtag, SECItem *value, PRBool critical);
-
-/*
-** Finish adding cert extensions. Does final processing on extension
-** data, putting it in the right format, and freeing any temporary
-** storage.
-** "exthandle" is the handle used to add extensions to a certificate
-*/
-extern SECStatus CERT_FinishExtensions(void *exthandle);
-
-
-/* If the extension is found, return its criticality and value.
-** This allocate storage for the returning extension value.
-*/
-extern SECStatus CERT_GetExtenCriticality
- (CERTCertExtension **extensions, int tag, PRBool *isCritical);
-
-extern void
-CERT_DestroyOidSequence(CERTOidSequence *oidSeq);
-
-/****************************************************************************
- *
- * DER encode and decode extension values
- *
- ****************************************************************************/
-
-/* Encode the value of the basicConstraint extension.
-** arena - where to allocate memory for the encoded value.
-** value - extension value to encode
-** encodedValue - output encoded value
-*/
-extern SECStatus CERT_EncodeBasicConstraintValue
- (PRArenaPool *arena, CERTBasicConstraints *value, SECItem *encodedValue);
-
-/*
-** Encode the value of the authorityKeyIdentifier extension.
-*/
-extern SECStatus CERT_EncodeAuthKeyID
- (PRArenaPool *arena, CERTAuthKeyID *value, SECItem *encodedValue);
-
-/*
-** Encode the value of the crlDistributionPoints extension.
-*/
-extern SECStatus CERT_EncodeCRLDistributionPoints
- (PRArenaPool *arena, CERTCrlDistributionPoints *value,SECItem *derValue);
-
-/*
-** Decodes a DER encoded basicConstaint extension value into a readable format
-** value - decoded value
-** encodedValue - value to decoded
-*/
-extern SECStatus CERT_DecodeBasicConstraintValue
- (CERTBasicConstraints *value, SECItem *encodedValue);
-
-/* Decodes a DER encoded authorityKeyIdentifier extension value into a
-** readable format.
-** arena - where to allocate memory for the decoded value
-** encodedValue - value to be decoded
-** Returns a CERTAuthKeyID structure which contains the decoded value
-*/
-extern CERTAuthKeyID *CERT_DecodeAuthKeyID
- (PRArenaPool *arena, SECItem *encodedValue);
-
-
-/* Decodes a DER encoded crlDistributionPoints extension value into a
-** readable format.
-** arena - where to allocate memory for the decoded value
-** der - value to be decoded
-** Returns a CERTCrlDistributionPoints structure which contains the
-** decoded value
-*/
-extern CERTCrlDistributionPoints * CERT_DecodeCRLDistributionPoints
- (PRArenaPool *arena, SECItem *der);
-
-/* Extract certain name type from a generalName */
-extern void *CERT_GetGeneralNameByType
- (CERTGeneralName *genNames, CERTGeneralNameType type, PRBool derFormat);
-
-
-extern CERTOidSequence *
-CERT_DecodeOidSequence(SECItem *seqItem);
-
-
-
-
-/****************************************************************************
- *
- * Find extension values of a certificate
- *
- ***************************************************************************/
-
-extern SECStatus CERT_FindCertExtension
- (CERTCertificate *cert, int tag, SECItem *value);
-
-extern SECStatus CERT_FindNSCertTypeExtension
- (CERTCertificate *cert, SECItem *value);
-
-extern char * CERT_FindNSStringExtension (CERTCertificate *cert, int oidtag);
-
-extern SECStatus CERT_FindIssuerCertExtension
- (CERTCertificate *cert, int tag, SECItem *value);
-
-extern SECStatus CERT_FindCertExtensionByOID
- (CERTCertificate *cert, SECItem *oid, SECItem *value);
-
-extern char *CERT_FindCertURLExtension (CERTCertificate *cert, int tag,
- int catag);
-
-/* Returns the decoded value of the authKeyID extension.
-** Note that this uses passed in the arena to allocate storage for the result
-*/
-extern CERTAuthKeyID * CERT_FindAuthKeyIDExten (PRArenaPool *arena,CERTCertificate *cert);
-
-/* Returns the decoded value of the basicConstraint extension.
- */
-extern SECStatus CERT_FindBasicConstraintExten
- (CERTCertificate *cert, CERTBasicConstraints *value);
-
-/* Returns the decoded value of the crlDistributionPoints extension.
-** Note that the arena in cert is used to allocate storage for the result
-*/
-extern CERTCrlDistributionPoints * CERT_FindCRLDistributionPoints
- (CERTCertificate *cert);
-
-/* Returns value of the keyUsage extension. This uses PR_Alloc to allocate
-** buffer for the decoded value, The caller should free up the storage
-** allocated in value->data.
-*/
-extern SECStatus CERT_FindKeyUsageExtension (CERTCertificate *cert,
- SECItem *value);
-
-/* Return the decoded value of the subjectKeyID extension. The caller should
-** free up the storage allocated in retItem->data.
-*/
-extern SECStatus CERT_FindSubjectKeyIDExten (CERTCertificate *cert,
- SECItem *retItem);
-
-/*
-** If cert is a v3 certificate, and a critical keyUsage extension is included,
-** then check the usage against the extension value. If a non-critical
-** keyUsage extension is included, this will return SECSuccess without
-** checking, since the extension is an advisory field, not a restriction.
-** If cert is not a v3 certificate, this will return SECSuccess.
-** cert - certificate
-** usage - one of the x.509 v3 the Key Usage Extension flags
-*/
-extern SECStatus CERT_CheckCertUsage (CERTCertificate *cert,
- unsigned char usage);
-
-/****************************************************************************
- *
- * CRL v2 Extensions supported routines
- *
- ****************************************************************************/
-
-extern SECStatus CERT_FindCRLExtensionByOID
- (CERTCrl *crl, SECItem *oid, SECItem *value);
-
-extern SECStatus CERT_FindCRLExtension
- (CERTCrl *crl, int tag, SECItem *value);
-
-extern SECStatus
- CERT_FindInvalidDateExten (CERTCrl *crl, int64 *value);
-
-extern void *CERT_StartCRLExtensions (CERTCrl *crl);
-
-extern CERTCertNicknames *CERT_GetCertNicknames (CERTCertDBHandle *handle,
- int what, void *wincx);
-
-/*
-** Finds the crlNumber extension and decodes its value into 'value'
-*/
-extern SECStatus CERT_FindCRLNumberExten (CERTCrl *crl, CERTCrlNumber *value);
-
-extern void CERT_FreeNicknames(CERTCertNicknames *nicknames);
-
-extern PRBool CERT_CompareCerts(CERTCertificate *c1, CERTCertificate *c2);
-
-extern PRBool CERT_CompareCertsForRedirection(CERTCertificate *c1,
- CERTCertificate *c2);
-
-/*
-** Generate an array of the Distinguished Names that the given cert database
-** "trusts"
-*/
-extern CERTDistNames *CERT_GetSSLCACerts(CERTCertDBHandle *handle);
-
-extern void CERT_FreeDistNames(CERTDistNames *names);
-
-/*
-** Generate an array of Distinguished names from an array of nicknames
-*/
-extern CERTDistNames *CERT_DistNamesFromNicknames
- (CERTCertDBHandle *handle, char **nicknames, int nnames);
-
-/*
-** Generate a certificate chain from a certificate.
-*/
-extern CERTCertificateList *
-CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
- PRBool includeRoot);
-
-extern CERTCertificateList *
-CERT_CertListFromCert(CERTCertificate *cert);
-
-extern CERTCertificateList *
-CERT_DupCertList(CERTCertificateList * oldList);
-
-extern void CERT_DestroyCertificateList(CERTCertificateList *list);
-
-/* is cert a newer than cert b? */
-PRBool CERT_IsNewer(CERTCertificate *certa, CERTCertificate *certb);
-
-/* currently a stub for address book */
-PRBool
-CERT_IsCertRevoked(CERTCertificate *cert);
-
-void
-CERT_DestroyCertArray(CERTCertificate **certs, unsigned int ncerts);
-
-/* convert an email address to lower case */
-char *CERT_FixupEmailAddr(char *emailAddr);
-
-/* decode string representation of trust flags into trust struct */
-SECStatus
-CERT_DecodeTrustString(CERTCertTrust *trust, char *trusts);
-
-/* encode trust struct into string representation of trust flags */
-char *
-CERT_EncodeTrustString(CERTCertTrust *trust);
-
-/* find the next or prev cert in a subject list */
-CERTCertificate *
-CERT_PrevSubjectCert(CERTCertificate *cert);
-CERTCertificate *
-CERT_NextSubjectCert(CERTCertificate *cert);
-
-/*
- * import a collection of certs into the temporary or permanent cert
- * database
- */
-SECStatus
-CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage,
- unsigned int ncerts, SECItem **derCerts,
- CERTCertificate ***retCerts, PRBool keepCerts,
- PRBool caOnly, char *nickname);
-
-SECStatus
-CERT_SaveImportedCert(CERTCertificate *cert, SECCertUsage usage,
- PRBool caOnly, char *nickname);
-
-char *
-CERT_MakeCANickname(CERTCertificate *cert);
-
-PRBool
-CERT_IsCACert(CERTCertificate *cert, unsigned int *rettype);
-
-PRBool
-CERT_IsCADERCert(SECItem *derCert, unsigned int *rettype);
-
-SECStatus
-CERT_SaveSMimeProfile(CERTCertificate *cert, SECItem *emailProfile,
- SECItem *profileTime);
-
-/*
- * find the smime symmetric capabilities profile for a given cert
- */
-SECItem *
-CERT_FindSMimeProfile(CERTCertificate *cert);
-
-SECStatus
-CERT_AddNewCerts(CERTCertDBHandle *handle);
-
-CERTPackageType
-CERT_CertPackageType(SECItem *package, SECItem *certitem);
-
-CERTCertificatePolicies *
-CERT_DecodeCertificatePoliciesExtension(SECItem *extnValue);
-
-void
-CERT_DestroyCertificatePoliciesExtension(CERTCertificatePolicies *policies);
-
-CERTUserNotice *
-CERT_DecodeUserNotice(SECItem *noticeItem);
-
-void
-CERT_DestroyUserNotice(CERTUserNotice *userNotice);
-
-typedef char * (* CERTPolicyStringCallback)(char *org,
- unsigned long noticeNumber,
- void *arg);
-void
-CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg);
-
-char *
-CERT_GetCertCommentString(CERTCertificate *cert);
-
-PRBool
-CERT_GovtApprovedBitSet(CERTCertificate *cert);
-
-SECStatus
-CERT_AddPermNickname(CERTCertificate *cert, char *nickname);
-
-/*
- * Given a cert, find the cert with the same subject name that
- * has the given key usage. If the given cert has the correct keyUsage, then
- * return it, otherwise search the list in order.
- */
-CERTCertificate *
-CERT_FindCertByUsage(CERTCertificate *basecert, unsigned int requiredKeyUsage);
-
-
-CERTCertList *
-CERT_MatchUserCert(CERTCertDBHandle *handle,
- SECCertUsage usage,
- int nCANames, char **caNames,
- void *proto_win);
-
-CERTCertList *
-CERT_NewCertList(void);
-
-void
-CERT_DestroyCertList(CERTCertList *certs);
-
-/* remove the node and free the cert */
-void
-CERT_RemoveCertListNode(CERTCertListNode *node);
-
-SECStatus
-CERT_AddCertToListTail(CERTCertList *certs, CERTCertificate *cert);
-
-SECStatus
-CERT_AddCertToListHead(CERTCertList *certs, CERTCertificate *cert);
-
-SECStatus
-CERT_AddCertToListTailWithData(CERTCertList *certs, CERTCertificate *cert,
- void *appData);
-
-SECStatus
-CERT_AddCertToListHeadWithData(CERTCertList *certs, CERTCertificate *cert,
- void *appData);
-
-typedef PRBool (* CERTSortCallback)(CERTCertificate *certa,
- CERTCertificate *certb,
- void *arg);
-SECStatus
-CERT_AddCertToListSorted(CERTCertList *certs, CERTCertificate *cert,
- CERTSortCallback f, void *arg);
-
-/* callback for CERT_AddCertToListSorted that sorts based on validity
- * period and a given time.
- */
-PRBool
-CERT_SortCBValidity(CERTCertificate *certa,
- CERTCertificate *certb,
- void *arg);
-
-SECStatus
-CERT_CheckForEvilCert(CERTCertificate *cert);
-
-CERTGeneralName *
-CERT_GetCertificateNames(CERTCertificate *cert, PRArenaPool *arena);
-
-int
-CERT_GetNamesLength(CERTGeneralName *names);
-
-CERTCertificate *
-CERT_CompareNameSpace(CERTCertificate *cert,
- CERTGeneralName *namesList,
- SECItem *namesListIndex,
- PRArenaPool *arena,
- CERTCertDBHandle *handle);
-
-SECStatus
-CERT_EncodeSubjectKeyID(PRArenaPool *arena, char *value, int len, SECItem *encodedValue);
-
-char *
-CERT_GetNickName(CERTCertificate *cert, CERTCertDBHandle *handle, PRArenaPool *nicknameArena);
-
-/*
- * Creates or adds to a list of all certs with a give subject name, sorted by
- * validity time, newest first. Invalid certs are considered older than
- * valid certs. If validOnly is set, do not include invalid certs on list.
- */
-CERTCertList *
-CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle,
- SECItem *name, int64 sorttime, PRBool validOnly);
-
-/*
- * Creates or adds to a list of all certs with a give nickname, sorted by
- * validity time, newest first. Invalid certs are considered older than valid
- * certs. If validOnly is set, do not include invalid certs on list.
- */
-CERTCertList *
-CERT_CreateNicknameCertList(CERTCertList *certList, CERTCertDBHandle *handle,
- char *nickname, int64 sorttime, PRBool validOnly);
-
-/*
- * Creates or adds to a list of all certs with a give email addr, sorted by
- * validity time, newest first. Invalid certs are considered older than valid
- * certs. If validOnly is set, do not include invalid certs on list.
- */
-CERTCertList *
-CERT_CreateEmailAddrCertList(CERTCertList *certList, CERTCertDBHandle *handle,
- char *emailAddr, int64 sorttime, PRBool validOnly);
-
-/*
- * remove certs from a list that don't have keyUsage and certType
- * that match the given usage.
- */
-SECStatus
-CERT_FilterCertListByUsage(CERTCertList *certList, SECCertUsage usage,
- PRBool ca);
-
-/*
- * check the key usage of a cert against a set of required values
- */
-SECStatus
-CERT_CheckKeyUsage(CERTCertificate *cert, unsigned int requiredUsage);
-
-/*
- * return required key usage and cert type based on cert usage
- */
-SECStatus
-CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage,
- PRBool ca,
- unsigned int *retKeyUsage,
- unsigned int *retCertType);
-/*
- * return required trust flags for various cert usages for CAs
- */
-SECStatus
-CERT_TrustFlagsForCACertUsage(SECCertUsage usage,
- unsigned int *retFlags,
- SECTrustType *retTrustType);
-
-/*
- * Find all user certificates that match the given criteria.
- *
- * "handle" - database to search
- * "usage" - certificate usage to match
- * "oneCertPerName" - if set then only return the "best" cert per
- * name
- * "validOnly" - only return certs that are curently valid
- * "proto_win" - window handle passed to pkcs11
- */
-CERTCertList *
-CERT_FindUserCertsByUsage(CERTCertDBHandle *handle,
- SECCertUsage usage,
- PRBool oneCertPerName,
- PRBool validOnly,
- void *proto_win);
-
-/*
- * Find a user certificate that matchs the given criteria.
- *
- * "handle" - database to search
- * "nickname" - nickname to match
- * "usage" - certificate usage to match
- * "validOnly" - only return certs that are curently valid
- * "proto_win" - window handle passed to pkcs11
- */
-CERTCertificate *
-CERT_FindUserCertByUsage(CERTCertDBHandle *handle,
- char *nickname,
- SECCertUsage usage,
- PRBool validOnly,
- void *proto_win);
-
-/*
- * Filter a list of certificates, removing those certs that do not have
- * one of the named CA certs somewhere in their cert chain.
- *
- * "certList" - the list of certificates to filter
- * "nCANames" - number of CA names
- * "caNames" - array of CA names in string(rfc 1485) form
- * "usage" - what use the certs are for, this is used when
- * selecting CA certs
- */
-SECStatus
-CERT_FilterCertListByCANames(CERTCertList *certList, int nCANames,
- char **caNames, SECCertUsage usage);
-
-/*
- * Collect the nicknames from all certs in a CertList. If the cert is not
- * valid, append a string to that nickname.
- *
- * "certList" - the list of certificates
- * "expiredString" - the string to append to the nickname of any expired cert
- * "notYetGoodString" - the string to append to the nickname of any cert
- * that is not yet valid
- */
-CERTCertNicknames *
-CERT_NicknameStringsFromCertList(CERTCertList *certList, char *expiredString,
- char *notYetGoodString);
-
-/*
- * Extract the nickname from a nickmake string that may have either
- * expiredString or notYetGoodString appended.
- *
- * Args:
- * "namestring" - the string containing the nickname, and possibly
- * one of the validity label strings
- * "expiredString" - the expired validity label string
- * "notYetGoodString" - the not yet good validity label string
- *
- * Returns the raw nickname
- */
-char *
-CERT_ExtractNicknameString(char *namestring, char *expiredString,
- char *notYetGoodString);
-
-/*
- * Given a certificate, return a string containing the nickname, and possibly
- * one of the validity strings, based on the current validity state of the
- * certificate.
- *
- * "arena" - arena to allocate returned string from. If NULL, then heap
- * is used.
- * "cert" - the cert to get nickname from
- * "expiredString" - the string to append to the nickname if the cert is
- * expired.
- * "notYetGoodString" - the string to append to the nickname if the cert is
- * not yet good.
- */
-char *
-CERT_GetCertNicknameWithValidity(PRArenaPool *arena, CERTCertificate *cert,
- char *expiredString, char *notYetGoodString);
-
-/*
- * Return the string representation of a DER encoded distinguished name
- * "dername" - The DER encoded name to convert
- */
-char *
-CERT_DerNameToAscii(SECItem *dername);
-
-/*
- * Supported usage values and types:
- * certUsageSSLClient
- * certUsageSSLServer
- * certUsageSSLServerWithStepUp
- * certUsageEmailSigner
- * certUsageEmailRecipient
- * certUsageObjectSigner
- */
-
-CERTCertificate *
-CERT_FindMatchingCert(CERTCertDBHandle *handle, SECItem *derName,
- CERTCertOwner owner, SECCertUsage usage,
- PRBool preferTrusted, int64 validTime, PRBool validOnly);
-
-
-/*********************************************************************/
-/* A thread safe implementation of General Names */
-/*********************************************************************/
-
-/* Destroy a Single CERTGeneralName */
-void
-CERT_DestroyGeneralName(CERTGeneralName *name);
-
-/* Destroys a CERTGeneralNameList */
-void
-CERT_DestroyGeneralNameList(CERTGeneralNameList *list);
-
-/* Creates a CERTGeneralNameList */
-CERTGeneralNameList *
-CERT_CreateGeneralNameList(CERTGeneralName *name);
-
-/* Compares two CERTGeneralNameList */
-SECStatus
-CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b);
-
-/* returns a copy of the first name of the type requested */
-void *
-CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- PRArenaPool *arena);
-
-/* Adds a name to the tail of the list */
-void
-CERT_AddGeneralNameToList(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- void *data, SECItem *oid);
-
-/* returns a duplicate of the CERTGeneralNameList */
-CERTGeneralNameList *
-CERT_DupGeneralNameList(CERTGeneralNameList *list);
-
-/* returns the length of a CERTGeneralName */
-int
-CERT_GetNamesLength(CERTGeneralName *names);
-
-/*
- * Acquire the global lock on the cert database.
- * This lock is currently used for the following operations:
- * adding or deleting a cert to either the temp or perm databases
- * converting a temp to perm or perm to temp
- * changing(maybe just adding?) the trust of a cert
- * adjusting the reference count of a cert
- */
-void
-CERT_LockDB(CERTCertDBHandle *handle);
-
-/*
- * Free the global cert database lock.
- */
-void
-CERT_UnlockDB(CERTCertDBHandle *handle);
-
-/*
- * Get the certificate status checking configuratino data for
- * the certificate database
- */
-CERTStatusConfig *
-CERT_GetStatusConfig(CERTCertDBHandle *handle);
-
-/*
- * Set the certificate status checking information for the
- * database. The input structure becomes part of the certificate
- * database and will be freed by calling the 'Destroy' function in
- * the configuration object.
- */
-void
-CERT_SetStatusConfig(CERTCertDBHandle *handle, CERTStatusConfig *config);
-
-
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertRefCount(CERTCertificate *cert);
-
-/*
- * Free the cert reference count lock
- */
-void
-CERT_UnlockCertRefCount(CERTCertificate *cert);
-
-/*
- * Acquire the cert trust lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertTrust(CERTCertificate *cert);
-
-/*
- * Free the cert trust lock
- */
-void
-CERT_UnlockCertTrust(CERTCertificate *cert);
-
-/*
- * Digest the cert's subject public key using the specified algorithm.
- * The necessary storage for the digest data is allocated. If "fill" is
- * non-null, the data is put there, otherwise a SECItem is allocated.
- * Allocation from "arena" if it is non-null, heap otherwise. Any problem
- * results in a NULL being returned (and an appropriate error set).
- */
-extern SECItem *
-CERT_SPKDigestValueForCert(PRArenaPool *arena, CERTCertificate *cert,
- SECOidTag digestAlg, SECItem *fill);
-
-/*
- * fill in nsCertType field of the cert based on the cert extension
- */
-extern SECStatus CERT_GetCertType(CERTCertificate *cert);
-
-SEC_END_PROTOS
-
-#endif /* _CERT_H_ */
diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c
deleted file mode 100644
index f4c0701c2..000000000
--- a/security/nss/lib/certdb/certdb.c
+++ /dev/null
@@ -1,2367 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Certificate handling code
- *
- * $Id$
- */
-
-#include "nssilock.h"
-#include "prmon.h"
-#include "prtime.h"
-#include "cert.h"
-#include "secder.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "blapi.h" /* for SHA1_HashBuf */
-#include "genname.h"
-#include "keyhi.h"
-#include "secitem.h"
-#include "mcom_db.h"
-#include "certdb.h"
-#include "prprf.h"
-#include "sechash.h"
-#include "prlong.h"
-#include "certxutl.h"
-#include "portreg.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "nsslocks.h"
-#include "pk11func.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "pkit.h"
-
-/*
- * Certificate database handling code
- */
-
-
-const SEC_ASN1Template CERT_CertExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertExtension) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTCertExtension,id) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
- offsetof(CERTCertExtension,critical) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTCertExtension,value) },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_SequenceOfCertExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, CERT_CertExtensionTemplate }
-};
-
-const SEC_ASN1Template CERT_CertificateTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertificate) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0, /* XXX DER_DEFAULT */
- offsetof(CERTCertificate,version),
- SEC_IntegerTemplate },
- { SEC_ASN1_INTEGER,
- offsetof(CERTCertificate,serialNumber) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,signature),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCertificate,derIssuer) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,issuer),
- CERT_NameTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,validity),
- CERT_ValidityTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCertificate,derSubject) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,subject),
- CERT_NameTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCertificate,derPublicKey) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,subjectPublicKeyInfo),
- CERT_SubjectPublicKeyInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTCertificate,issuerID),
- SEC_ObjectIDTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(CERTCertificate,subjectID),
- SEC_ObjectIDTemplate },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 3,
- offsetof(CERTCertificate,extensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_SignedCertificateTemplate[] =
-{
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertificate) },
- { SEC_ASN1_SAVE,
- offsetof(CERTCertificate,signatureWrap.data) },
- { SEC_ASN1_INLINE,
- 0, CERT_CertificateTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificate,signatureWrap.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTCertificate,signatureWrap.signature) },
- { 0 }
-};
-
-/*
- * Find the subjectName in a DER encoded certificate
- */
-const SEC_ASN1Template SEC_CertSubjectTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECItem) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_SKIP }, /* serial number */
- { SEC_ASN1_SKIP }, /* signature algorithm */
- { SEC_ASN1_SKIP }, /* issuer */
- { SEC_ASN1_SKIP }, /* validity */
- { SEC_ASN1_ANY, 0, NULL }, /* subject */
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-/*
- * Find the issuerName in a DER encoded certificate
- */
-const SEC_ASN1Template SEC_CertIssuerTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECItem) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_SKIP }, /* serial number */
- { SEC_ASN1_SKIP }, /* signature algorithm */
- { SEC_ASN1_ANY, 0, NULL }, /* issuer */
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-/*
- * Find the subjectName in a DER encoded certificate
- */
-const SEC_ASN1Template SEC_CertSerialNumberTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECItem) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_ANY, 0, NULL }, /* serial number */
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-/*
- * Find the issuer and serialNumber in a DER encoded certificate.
- * This data is used as the database lookup key since its the unique
- * identifier of a certificate.
- */
-const SEC_ASN1Template CERT_CertKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertKey) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_INTEGER,
- offsetof(CERTCertKey,serialNumber) },
- { SEC_ASN1_SKIP }, /* signature algorithm */
- { SEC_ASN1_ANY,
- offsetof(CERTCertKey,derIssuer) },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SignedCertificateTemplate)
-
-SECStatus
-CERT_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer, SECItem *sn,
- SECItem *key)
-{
- key->len = sn->len + issuer->len;
-
- key->data = (unsigned char*)PORT_ArenaAlloc(arena, key->len);
- if ( !key->data ) {
- goto loser;
- }
-
- /* copy the serialNumber */
- PORT_Memcpy(key->data, sn->data, sn->len);
-
- /* copy the issuer */
- PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-
-/*
- * Extract the subject name from a DER certificate
- */
-SECStatus
-CERT_NameFromDERCert(SECItem *derCert, SECItem *derName)
-{
- int rv;
- PRArenaPool *arena;
- CERTSignedData sd;
- void *tmpptr;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- return(SECFailure);
- }
-
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- PORT_Memset(derName, 0, sizeof(SECItem));
- rv = SEC_ASN1DecodeItem(arena, derName, SEC_CertSubjectTemplate, &sd.data);
-
- if ( rv ) {
- goto loser;
- }
-
- tmpptr = derName->data;
- derName->data = (unsigned char*)PORT_Alloc(derName->len);
- if ( derName->data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(derName->data, tmpptr, derName->len);
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(SECFailure);
-}
-
-SECStatus
-CERT_IssuerNameFromDERCert(SECItem *derCert, SECItem *derName)
-{
- int rv;
- PRArenaPool *arena;
- CERTSignedData sd;
- void *tmpptr;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- return(SECFailure);
- }
-
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- PORT_Memset(derName, 0, sizeof(SECItem));
- rv = SEC_ASN1DecodeItem(arena, derName, SEC_CertIssuerTemplate, &sd.data);
-
- if ( rv ) {
- goto loser;
- }
-
- tmpptr = derName->data;
- derName->data = (unsigned char*)PORT_Alloc(derName->len);
- if ( derName->data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(derName->data, tmpptr, derName->len);
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(SECFailure);
-}
-
-SECStatus
-CERT_SerialNumberFromDERCert(SECItem *derCert, SECItem *derName)
-{
- int rv;
- PRArenaPool *arena;
- CERTSignedData sd;
- void *tmpptr;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- return(SECFailure);
- }
-
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- PORT_Memset(derName, 0, sizeof(SECItem));
- rv = SEC_ASN1DecodeItem(arena, derName, SEC_CertSerialNumberTemplate, &sd.data);
-
- if ( rv ) {
- goto loser;
- }
-
- tmpptr = derName->data;
- derName->data = (unsigned char*)PORT_Alloc(derName->len);
- if ( derName->data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(derName->data, tmpptr, derName->len);
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(SECFailure);
-}
-
-/*
- * Generate a database key, based on serial number and issuer, from a
- * DER certificate.
- */
-SECStatus
-CERT_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key)
-{
- int rv;
- CERTSignedData sd;
- CERTCertKey certkey;
-
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- PORT_Memset(&certkey, 0, sizeof(CERTCertKey));
-
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- PORT_Memset(&certkey, 0, sizeof(CERTCertKey));
- rv = SEC_ASN1DecodeItem(arena, &certkey, CERT_CertKeyTemplate, &sd.data);
-
- if ( rv ) {
- goto loser;
- }
-
- return(CERT_KeyFromIssuerAndSN(arena, &certkey.derIssuer,
- &certkey.serialNumber, key));
-loser:
- return(SECFailure);
-}
-
-/*
- * fill in keyUsage field of the cert based on the cert extension
- * if the extension is not critical, then we allow all uses
- */
-static SECStatus
-GetKeyUsage(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem tmpitem;
-
- rv = CERT_FindKeyUsageExtension(cert, &tmpitem);
- if ( rv == SECSuccess ) {
- /* remember the actual value of the extension */
- cert->rawKeyUsage = tmpitem.data[0];
- cert->keyUsagePresent = PR_TRUE;
- cert->keyUsage = tmpitem.data[0];
-
- PORT_Free(tmpitem.data);
- tmpitem.data = NULL;
-
- } else {
- /* if the extension is not present, then we allow all uses */
- cert->keyUsage = KU_ALL;
- cert->rawKeyUsage = KU_ALL;
- cert->keyUsagePresent = PR_FALSE;
- }
-
- if ( CERT_GovtApprovedBitSet(cert) ) {
- cert->keyUsage |= KU_NS_GOVT_APPROVED;
- cert->rawKeyUsage |= KU_NS_GOVT_APPROVED;
- }
-
- return(SECSuccess);
-}
-
-
-/*
- * determine if a fortezza V1 Cert is a CA or not.
- */
-static PRBool
-fortezzaIsCA( CERTCertificate *cert) {
- PRBool isCA = PR_FALSE;
- CERTSubjectPublicKeyInfo *spki = &cert->subjectPublicKeyInfo;
- int tag;
-
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
- if ((tag == SEC_OID_MISSI_KEA_DSS_OLD) ||
- (tag == SEC_OID_MISSI_KEA_DSS) ||
- (tag == SEC_OID_MISSI_DSS_OLD) ||
- (tag == SEC_OID_MISSI_DSS) ) {
- SECItem rawkey;
- unsigned char *rawptr;
- unsigned char *end;
- int len;
-
- rawkey = spki->subjectPublicKey;
- DER_ConvertBitString(&rawkey);
- rawptr = rawkey.data;
- end = rawkey.data + rawkey.len;
-
- /* version */
- rawptr += sizeof(((SECKEYPublicKey*)0)->u.fortezza.KMID)+2;
-
- /* clearance (the string up to the first byte with the hi-bit on */
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return PR_FALSE; }
-
- /* KEAPrivilege (the string up to the first byte with the hi-bit on */
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return PR_FALSE; }
-
- /* skip the key */
- len = (*rawptr << 8) | rawptr[1];
- rawptr += 2 + len;
-
- /* shared key */
- if (rawptr >= end) { return PR_FALSE; }
- /* DSS Version is next */
- rawptr += 2;
-
- /* DSSPrivilege (the string up to the first byte with the hi-bit on */
- if (*rawptr & 0x30) isCA = PR_TRUE;
-
- }
- return isCA;
-}
-
-static SECStatus
-findOIDinOIDSeqByTagNum(CERTOidSequence *seq, SECOidTag tagnum)
-{
- SECItem **oids;
- SECItem *oid;
- SECStatus rv = SECFailure;
-
- if (seq != NULL) {
- oids = seq->oids;
- while (oids != NULL && *oids != NULL) {
- oid = *oids;
- if (SECOID_FindOIDTag(oid) == tagnum) {
- rv = SECSuccess;
- break;
- }
- oids++;
- }
- }
- return rv;
-}
-
-/*
- * fill in nsCertType field of the cert based on the cert extension
- */
-SECStatus
-CERT_GetCertType(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem tmpitem;
- SECItem encodedExtKeyUsage;
- CERTOidSequence *extKeyUsage = NULL;
- PRBool basicConstraintPresent = PR_FALSE;
- CERTBasicConstraints basicConstraint;
-
- tmpitem.data = NULL;
- CERT_FindNSCertTypeExtension(cert, &tmpitem);
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE,
- &encodedExtKeyUsage);
- if (rv == SECSuccess) {
- extKeyUsage = CERT_DecodeOidSequence(&encodedExtKeyUsage);
- }
- rv = CERT_FindBasicConstraintExten(cert, &basicConstraint);
- if (rv == SECSuccess) {
- basicConstraintPresent = PR_TRUE;
- }
- if (tmpitem.data != NULL || extKeyUsage != NULL) {
- if (tmpitem.data == NULL) {
- cert->nsCertType = 0;
- } else {
- cert->nsCertType = tmpitem.data[0];
- }
-
- /* free tmpitem data pointer to avoid memory leak */
- PORT_Free(tmpitem.data);
- tmpitem.data = NULL;
-
- /*
- * for this release, we will allow SSL certs with an email address
- * to be used for email
- */
- if ( ( cert->nsCertType & NS_CERT_TYPE_SSL_CLIENT ) &&
- cert->emailAddr ) {
- cert->nsCertType |= NS_CERT_TYPE_EMAIL;
- }
- /*
- * for this release, we will allow SSL intermediate CAs to be
- * email intermediate CAs too.
- */
- if ( cert->nsCertType & NS_CERT_TYPE_SSL_CA ) {
- cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA;
- }
- /*
- * allow a cert with the extended key usage of EMail Protect
- * to be used for email or as an email CA, if basic constraints
- * indicates that it is a CA.
- */
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT) ==
- SECSuccess) {
- if (basicConstraintPresent == PR_TRUE &&
- (basicConstraint.isCA)) {
- cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA;
- } else {
- cert->nsCertType |= NS_CERT_TYPE_EMAIL;
- }
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_SERVER_AUTH) ==
- SECSuccess){
- if (basicConstraintPresent == PR_TRUE &&
- (basicConstraint.isCA)) {
- cert->nsCertType |= NS_CERT_TYPE_SSL_CA;
- } else {
- cert->nsCertType |= NS_CERT_TYPE_SSL_SERVER;
- }
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH) ==
- SECSuccess){
- if (basicConstraintPresent == PR_TRUE &&
- (basicConstraint.isCA)) {
- cert->nsCertType |= NS_CERT_TYPE_SSL_CA;
- } else {
- cert->nsCertType |= NS_CERT_TYPE_SSL_CLIENT;
- }
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_CODE_SIGN) ==
- SECSuccess) {
- if (basicConstraintPresent == PR_TRUE &&
- (basicConstraint.isCA)) {
- cert->nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
- } else {
- cert->nsCertType |= NS_CERT_TYPE_OBJECT_SIGNING;
- }
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_EXT_KEY_USAGE_TIME_STAMP) ==
- SECSuccess) {
- cert->nsCertType |= EXT_KEY_USAGE_TIME_STAMP;
- }
- if (findOIDinOIDSeqByTagNum(extKeyUsage,
- SEC_OID_OCSP_RESPONDER) ==
- SECSuccess) {
- cert->nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
- }
- } else {
- /* if no extension, then allow any ssl or email (no ca or object
- * signing)
- */
- cert->nsCertType = NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_SSL_SERVER |
- NS_CERT_TYPE_EMAIL;
-
- /* if the basic constraint extension says the cert is a CA, then
- allow SSL CA and EMAIL CA and Status Responder */
- if ((basicConstraintPresent == PR_TRUE)
- && (basicConstraint.isCA)) {
- cert->nsCertType |= NS_CERT_TYPE_SSL_CA;
- cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA;
- cert->nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
- } else if (CERT_IsCACert(cert, NULL) == PR_TRUE) {
- cert->nsCertType |= EXT_KEY_USAGE_STATUS_RESPONDER;
- }
-
- /* if the cert is a fortezza CA cert, then allow SSL CA and EMAIL CA */
- if (fortezzaIsCA(cert)) {
- cert->nsCertType |= NS_CERT_TYPE_SSL_CA;
- cert->nsCertType |= NS_CERT_TYPE_EMAIL_CA;
- }
- }
-
- if (extKeyUsage != NULL) {
- PORT_Free(encodedExtKeyUsage.data);
- CERT_DestroyOidSequence(extKeyUsage);
- }
- return(SECSuccess);
-}
-
-/*
- * cert_GetKeyID() - extract or generate the subjectKeyID from a certificate
- */
-SECStatus
-cert_GetKeyID(CERTCertificate *cert)
-{
- SECItem tmpitem;
- SECStatus rv;
- SECKEYPublicKey *key;
-
- cert->subjectKeyID.len = 0;
-
- /* see of the cert has a key identifier extension */
- rv = CERT_FindSubjectKeyIDExten(cert, &tmpitem);
- if ( rv == SECSuccess ) {
- cert->subjectKeyID.data = (unsigned char*) PORT_ArenaAlloc(cert->arena, tmpitem.len);
- if ( cert->subjectKeyID.data != NULL ) {
- PORT_Memcpy(cert->subjectKeyID.data, tmpitem.data, tmpitem.len);
- cert->subjectKeyID.len = tmpitem.len;
- cert->keyIDGenerated = PR_FALSE;
- }
-
- PORT_Free(tmpitem.data);
- }
-
- /* if the cert doesn't have a key identifier extension and the cert is
- * a V1 fortezza certificate, use the cert's 8 byte KMID as the
- * key identifier. */
- key = CERT_KMIDPublicKey(cert);
-
- if (key != NULL) {
-
- if (key->keyType == fortezzaKey) {
-
- cert->subjectKeyID.data = (unsigned char *)PORT_ArenaAlloc(cert->arena, 8);
- if ( cert->subjectKeyID.data != NULL ) {
- PORT_Memcpy(cert->subjectKeyID.data, key->u.fortezza.KMID, 8);
- cert->subjectKeyID.len = 8;
- cert->keyIDGenerated = PR_FALSE;
- }
- }
-
- SECKEY_DestroyPublicKey(key);
- }
-
- /* if the cert doesn't have a key identifier extension, then generate one*/
- if ( cert->subjectKeyID.len == 0 ) {
- /*
- * pkix says that if the subjectKeyID is not present, then we should
- * use the SHA-1 hash of the DER-encoded publicKeyInfo from the cert
- */
- cert->subjectKeyID.data = (unsigned char *)PORT_ArenaAlloc(cert->arena, SHA1_LENGTH);
- if ( cert->subjectKeyID.data != NULL ) {
- rv = PK11_HashBuf(SEC_OID_SHA1,cert->subjectKeyID.data,
- cert->derPublicKey.data,
- cert->derPublicKey.len);
- if ( rv == SECSuccess ) {
- cert->subjectKeyID.len = SHA1_LENGTH;
- }
- }
- }
-
- if ( cert->subjectKeyID.len == 0 ) {
- return(SECFailure);
- }
- return(SECSuccess);
-
-}
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-CERTCertificate *
-CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
- char *nickname)
-{
- CERTCertificate *cert;
- PRArenaPool *arena;
- void *data;
- int rv;
- int len;
- char *tmpname;
-
- /* make a new arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- return 0;
- }
-
- /* allocate the certificate structure */
- cert = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
-
- if ( !cert ) {
- goto loser;
- }
-
- cert->arena = arena;
-
- if ( copyDER ) {
- /* copy the DER data for the cert into this arena */
- data = (void *)PORT_ArenaAlloc(arena, derSignedCert->len);
- if ( !data ) {
- goto loser;
- }
- cert->derCert.data = (unsigned char *)data;
- cert->derCert.len = derSignedCert->len;
- PORT_Memcpy(data, derSignedCert->data, derSignedCert->len);
- } else {
- /* point to passed in DER data */
- cert->derCert = *derSignedCert;
- }
-
- /* decode the certificate info */
- rv = SEC_ASN1DecodeItem(arena, cert, SEC_SignedCertificateTemplate,
- &cert->derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- if (cert_HasUnknownCriticalExten (cert->extensions) == PR_TRUE) {
- PORT_SetError(SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
- goto loser;
- }
-
- /* generate and save the database key for the cert */
- rv = CERT_KeyFromDERCert(arena, &cert->derCert, &cert->certKey);
- if ( rv ) {
- goto loser;
- }
-
- /* set the nickname */
- if ( nickname == NULL ) {
- cert->nickname = NULL;
- } else {
- /* copy and install the nickname */
- len = PORT_Strlen(nickname) + 1;
- cert->nickname = (char*)PORT_ArenaAlloc(arena, len);
- if ( cert->nickname == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(cert->nickname, nickname, len);
- }
-
- /* set the email address */
- cert->emailAddr = CERT_GetCertificateEmailAddress(cert);
-
- /* initialize the subjectKeyID */
- rv = cert_GetKeyID(cert);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* initialize keyUsage */
- rv = GetKeyUsage(cert);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* initialize the certType */
- rv = CERT_GetCertType(cert);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- tmpname = CERT_NameToAscii(&cert->subject);
- if ( tmpname != NULL ) {
- cert->subjectName = PORT_ArenaStrdup(cert->arena, tmpname);
- PORT_Free(tmpname);
- }
-
- tmpname = CERT_NameToAscii(&cert->issuer);
- if ( tmpname != NULL ) {
- cert->issuerName = PORT_ArenaStrdup(cert->arena, tmpname);
- PORT_Free(tmpname);
- }
-
- cert->referenceCount = 1;
- cert->slot = NULL;
- cert->pkcs11ID = CK_INVALID_HANDLE;
- cert->dbnickname = NULL;
-
- return(cert);
-
-loser:
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(0);
-}
-
-CERTCertificate *
-__CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
- char *nickname)
-{
- return CERT_DecodeDERCertificate(derSignedCert, copyDER, nickname);
-}
-
-
-/*
-** Amount of time that a certifiate is allowed good before it is actually
-** good. This is used for pending certificates, ones that are about to be
-** valid. The slop is designed to allow for some variance in the clocks
-** of the machine checking the certificate.
-*/
-#define PENDING_SLOP (24L*60L*60L) /* seconds per day */
-static PRInt32 pendingSlop = PENDING_SLOP; /* seconds */
-
-PRInt32
-CERT_GetSlopTime(void)
-{
- return pendingSlop; /* seconds */
-}
-
-SECStatus
-CERT_SetSlopTime(PRInt32 slop) /* seconds */
-{
- if (slop < 0)
- return SECFailure;
- pendingSlop = slop;
- return SECSuccess;
-}
-
-SECStatus
-CERT_GetCertTimes(CERTCertificate *c, PRTime *notBefore, PRTime *notAfter)
-{
- int rv;
-
- /* convert DER not-before time */
- rv = DER_UTCTimeToTime(notBefore, &c->validity.notBefore);
- if (rv) {
- return(SECFailure);
- }
-
- /* convert DER not-after time */
- rv = DER_UTCTimeToTime(notAfter, &c->validity.notAfter);
- if (rv) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-/*
- * Check the validity times of a certificate
- */
-SECCertTimeValidity
-CERT_CheckCertValidTimes(CERTCertificate *c, PRTime t, PRBool allowOverride)
-{
- PRTime notBefore, notAfter, llPendingSlop, tmp1;
- SECStatus rv;
-
- /* if cert is already marked OK, then don't bother to check */
- if ( allowOverride && c->timeOK ) {
- return(secCertTimeValid);
- }
-
- rv = CERT_GetCertTimes(c, &notBefore, &notAfter);
-
- if (rv) {
- return(secCertTimeExpired); /*XXX is this the right thing to do here?*/
- }
-
- LL_I2L(llPendingSlop, pendingSlop);
- /* convert to micro seconds */
- LL_I2L(tmp1, PR_USEC_PER_SEC);
- LL_MUL(llPendingSlop, llPendingSlop, tmp1);
- LL_SUB(notBefore, notBefore, llPendingSlop);
- if ( LL_CMP( t, <, notBefore ) ) {
- PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
- return(secCertTimeNotValidYet);
- }
- if ( LL_CMP( t, >, notAfter) ) {
- PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
- return(secCertTimeExpired);
- }
-
- return(secCertTimeValid);
-}
-
-SECStatus
-SEC_GetCrlTimes(CERTCrl *date, PRTime *notBefore, PRTime *notAfter)
-{
- int rv;
-
- /* convert DER not-before time */
- rv = DER_UTCTimeToTime(notBefore, &date->lastUpdate);
- if (rv) {
- return(SECFailure);
- }
-
- /* convert DER not-after time */
- if (date->nextUpdate.data) {
- rv = DER_UTCTimeToTime(notAfter, &date->nextUpdate);
- if (rv) {
- return(SECFailure);
- }
- }
- else {
- LL_I2L(*notAfter, 0L);
- }
- return(SECSuccess);
-}
-
-/* These routines should probably be combined with the cert
- * routines using an common extraction routine.
- */
-SECCertTimeValidity
-SEC_CheckCrlTimes(CERTCrl *crl, PRTime t) {
- PRTime notBefore, notAfter, llPendingSlop, tmp1;
- SECStatus rv;
-
- rv = SEC_GetCrlTimes(crl, &notBefore, &notAfter);
-
- if (rv) {
- return(secCertTimeExpired);
- }
-
- LL_I2L(llPendingSlop, pendingSlop);
- /* convert to micro seconds */
- LL_I2L(tmp1, PR_USEC_PER_SEC);
- LL_MUL(llPendingSlop, llPendingSlop, tmp1);
- LL_SUB(notBefore, notBefore, llPendingSlop);
- if ( LL_CMP( t, <, notBefore ) ) {
- return(secCertTimeNotValidYet);
- }
-
- /* If next update is omitted and the test for notBefore passes, then
- we assume that the crl is up to date.
- */
- if ( LL_IS_ZERO(notAfter) ) {
- return(secCertTimeValid);
- }
-
- if ( LL_CMP( t, >, notAfter) ) {
- return(secCertTimeExpired);
- }
-
- return(secCertTimeValid);
-}
-
-PRBool
-SEC_CrlIsNewer(CERTCrl *inNew, CERTCrl *old) {
- PRTime newNotBefore, newNotAfter;
- PRTime oldNotBefore, oldNotAfter;
- SECStatus rv;
-
- /* problems with the new CRL? reject it */
- rv = SEC_GetCrlTimes(inNew, &newNotBefore, &newNotAfter);
- if (rv) return PR_FALSE;
-
- /* problems with the old CRL? replace it */
- rv = SEC_GetCrlTimes(old, &oldNotBefore, &oldNotAfter);
- if (rv) return PR_TRUE;
-
- /* Question: what about the notAfter's? */
- return ((PRBool)LL_CMP(oldNotBefore, <, newNotBefore));
-}
-
-/*
- * return required key usage and cert type based on cert usage
- */
-SECStatus
-CERT_KeyUsageAndTypeForCertUsage(SECCertUsage usage,
- PRBool ca,
- unsigned int *retKeyUsage,
- unsigned int *retCertType)
-{
- unsigned int requiredKeyUsage = 0;
- unsigned int requiredCertType = 0;
-
- if ( ca ) {
- switch ( usage ) {
- case certUsageSSLServerWithStepUp:
- requiredKeyUsage = KU_NS_GOVT_APPROVED | KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageSSLClient:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageSSLServer:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageSSLCA:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageEmailSigner:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_EMAIL_CA;
- break;
- case certUsageEmailRecipient:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_EMAIL_CA;
- break;
- case certUsageObjectSigner:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA;
- break;
- case certUsageAnyCA:
- case certUsageStatusResponder:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING_CA |
- NS_CERT_TYPE_EMAIL_CA |
- NS_CERT_TYPE_SSL_CA;
- break;
- default:
- PORT_Assert(0);
- goto loser;
- }
- } else {
- switch ( usage ) {
- case certUsageSSLClient:
- requiredKeyUsage = KU_DIGITAL_SIGNATURE;
- requiredCertType = NS_CERT_TYPE_SSL_CLIENT;
- break;
- case certUsageSSLServer:
- requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
- requiredCertType = NS_CERT_TYPE_SSL_SERVER;
- break;
- case certUsageSSLServerWithStepUp:
- requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT |
- KU_NS_GOVT_APPROVED;
- requiredCertType = NS_CERT_TYPE_SSL_SERVER;
- break;
- case certUsageSSLCA:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_SSL_CA;
- break;
- case certUsageEmailSigner:
- requiredKeyUsage = KU_DIGITAL_SIGNATURE;
- requiredCertType = NS_CERT_TYPE_EMAIL;
- break;
- case certUsageEmailRecipient:
- requiredKeyUsage = KU_KEY_AGREEMENT_OR_ENCIPHERMENT;
- requiredCertType = NS_CERT_TYPE_EMAIL;
- break;
- case certUsageObjectSigner:
- requiredKeyUsage = KU_DIGITAL_SIGNATURE;
- requiredCertType = NS_CERT_TYPE_OBJECT_SIGNING;
- break;
- case certUsageStatusResponder:
- requiredKeyUsage = KU_DIGITAL_SIGNATURE;
- requiredCertType = EXT_KEY_USAGE_STATUS_RESPONDER;
- break;
- default:
- PORT_Assert(0);
- goto loser;
- }
- }
-
- if ( retKeyUsage != NULL ) {
- *retKeyUsage = requiredKeyUsage;
- }
- if ( retCertType != NULL ) {
- *retCertType = requiredCertType;
- }
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-/*
- * check the key usage of a cert against a set of required values
- */
-SECStatus
-CERT_CheckKeyUsage(CERTCertificate *cert, unsigned int requiredUsage)
-{
- SECKEYPublicKey *key;
-
- /* choose between key agreement or key encipherment based on key
- * type in cert
- */
- if ( requiredUsage & KU_KEY_AGREEMENT_OR_ENCIPHERMENT ) {
- key = CERT_ExtractPublicKey(cert);
- if ( ( key->keyType == keaKey ) || ( key->keyType == fortezzaKey ) ||
- ( key->keyType == dhKey ) ) {
- requiredUsage |= KU_KEY_AGREEMENT;
- } else {
- requiredUsage |= KU_KEY_ENCIPHERMENT;
- }
-
- /* now turn off the special bit */
- requiredUsage &= (~KU_KEY_AGREEMENT_OR_ENCIPHERMENT);
-
- SECKEY_DestroyPublicKey(key);
- }
-
- if ( ( cert->keyUsage & requiredUsage ) != requiredUsage ) {
- return(SECFailure);
- }
- return(SECSuccess);
-}
-
-
-CERTCertificate *
-CERT_DupCertificate(CERTCertificate *c)
-{
- if (c) {
- CERT_LockCertRefCount(c);
- ++c->referenceCount;
- CERT_UnlockCertRefCount(c);
- }
- return c;
-}
-
-/*
- * Allow use of default cert database, so that apps(such as mozilla) don't
- * have to pass the handle all over the place.
- */
-static CERTCertDBHandle *default_cert_db_handle = 0;
-
-void
-CERT_SetDefaultCertDB(CERTCertDBHandle *handle)
-{
- default_cert_db_handle = handle;
-
- return;
-}
-
-CERTCertDBHandle *
-CERT_GetDefaultCertDB(void)
-{
- return(default_cert_db_handle);
-}
-
-/* XXX this would probably be okay/better as an xp routine? */
-static void
-sec_lower_string(char *s)
-{
- if ( s == NULL ) {
- return;
- }
-
- while ( *s ) {
- *s = PORT_Tolower(*s);
- s++;
- }
-
- return;
-}
-
-/*
-** Add a domain name to the list of names that the user has explicitly
-** allowed (despite cert name mismatches) for use with a server cert.
-*/
-SECStatus
-CERT_AddOKDomainName(CERTCertificate *cert, const char *hn)
-{
- CERTOKDomainName *domainOK;
- int newNameLen;
-
- if (!hn || !(newNameLen = strlen(hn))) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- domainOK = (CERTOKDomainName *)PORT_ArenaZAlloc(cert->arena,
- (sizeof *domainOK) + newNameLen);
- if (!domainOK)
- return SECFailure; /* error code is already set. */
-
- PORT_Strcpy(domainOK->name, hn);
- sec_lower_string(domainOK->name);
-
- /* put at head of list. */
- domainOK->next = cert->domainOK;
- cert->domainOK = domainOK;
- return SECSuccess;
-}
-
-/* Make sure that the name of the host we are connecting to matches the
- * name that is incoded in the common-name component of the certificate
- * that they are using.
- */
-SECStatus
-CERT_VerifyCertName(CERTCertificate *cert, const char *hn)
-{
- char * cn;
- char * domain;
- char * hndomain;
- char * hostname;
- int regvalid;
- int match;
- SECStatus rv;
- CERTOKDomainName *domainOK;
-
- if (!hn || !strlen(hn)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- hostname = PORT_Strdup(hn);
- if ( hostname == NULL ) {
- return(SECFailure);
- }
- sec_lower_string(hostname);
-
- /* if the name is one that the user has already approved, it's OK. */
- for (domainOK = cert->domainOK; domainOK; domainOK = domainOK->next) {
- if (0 == PORT_Strcmp(hostname, domainOK->name)) {
- PORT_Free(hostname);
- return SECSuccess;
- }
- }
-
- /* try the cert extension first, then the common name */
- cn = CERT_FindNSStringExtension(cert, SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
- if ( cn == NULL ) {
- cn = CERT_GetCommonName(&cert->subject);
- }
-
- sec_lower_string(cn);
-
- if ( cn ) {
- if ( ( hndomain = PORT_Strchr(hostname, '.') ) == NULL ) {
- /* No domain in server name */
- if ( ( domain = PORT_Strchr(cn, '.') ) != NULL ) {
- /* there is a domain in the cn string, so chop it off */
- *domain = '\0';
- }
- }
-
- regvalid = PORT_RegExpValid(cn);
-
- if ( regvalid == NON_SXP ) {
- /* compare entire hostname with cert name */
- if ( PORT_Strcmp(hostname, cn) == 0 ) {
- rv = SECSuccess;
- goto done;
- }
-
- if ( hndomain ) {
- /* compare just domain name with cert name */
- if ( PORT_Strcmp(hndomain+1, cn) == 0 ) {
- rv = SECSuccess;
- goto done;
- }
- }
-
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
- rv = SECFailure;
- goto done;
-
- } else {
- /* try to match the shexp */
- match = PORT_RegExpCaseSearch(hostname, cn);
-
- if ( match == 0 ) {
- rv = SECSuccess;
- } else {
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
- rv = SECFailure;
- }
- goto done;
- }
- }
-
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
-
-done:
- /* free the common name */
- if ( cn ) {
- PORT_Free(cn);
- }
-
- if ( hostname ) {
- PORT_Free(hostname);
- }
-
- return(rv);
-}
-
-PRBool
-CERT_CompareCerts(CERTCertificate *c1, CERTCertificate *c2)
-{
- SECComparison comp;
-
- comp = SECITEM_CompareItem(&c1->derCert, &c2->derCert);
- if ( comp == SECEqual ) { /* certs are the same */
- return(PR_TRUE);
- } else {
- return(PR_FALSE);
- }
-}
-
-static SECStatus
-StringsEqual(char *s1, char *s2) {
- if ( ( s1 == NULL ) || ( s2 == NULL ) ) {
- if ( s1 != s2 ) { /* only one is null */
- return(SECFailure);
- }
- return(SECSuccess); /* both are null */
- }
-
- if ( PORT_Strcmp( s1, s2 ) != 0 ) {
- return(SECFailure); /* not equal */
- }
-
- return(SECSuccess); /* strings are equal */
-}
-
-
-PRBool
-CERT_CompareCertsForRedirection(CERTCertificate *c1, CERTCertificate *c2)
-{
- SECComparison comp;
- char *c1str, *c2str;
- SECStatus eq;
-
- comp = SECITEM_CompareItem(&c1->derCert, &c2->derCert);
- if ( comp == SECEqual ) { /* certs are the same */
- return(PR_TRUE);
- }
-
- /* check if they are issued by the same CA */
- comp = SECITEM_CompareItem(&c1->derIssuer, &c2->derIssuer);
- if ( comp != SECEqual ) { /* different issuer */
- return(PR_FALSE);
- }
-
- /* check country name */
- c1str = CERT_GetCountryName(&c1->subject);
- c2str = CERT_GetCountryName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-
- /* check locality name */
- c1str = CERT_GetLocalityName(&c1->subject);
- c2str = CERT_GetLocalityName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-
- /* check state name */
- c1str = CERT_GetStateName(&c1->subject);
- c2str = CERT_GetStateName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-
- /* check org name */
- c1str = CERT_GetOrgName(&c1->subject);
- c2str = CERT_GetOrgName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-
-#ifdef NOTDEF
- /* check orgUnit name */
- /*
- * We need to revisit this and decide which fields should be allowed to be
- * different
- */
- c1str = CERT_GetOrgUnitName(&c1->subject);
- c2str = CERT_GetOrgUnitName(&c2->subject);
- eq = StringsEqual(c1str, c2str);
- PORT_Free(c1str);
- PORT_Free(c2str);
- if ( eq != SECSuccess ) {
- return(PR_FALSE);
- }
-#endif
-
- return(PR_TRUE); /* all fields but common name are the same */
-}
-
-
-/* CERT_CertChainFromCert and CERT_DestroyCertificateList moved
- to certhigh.c */
-
-
-CERTIssuerAndSN *
-CERT_GetCertIssuerAndSN(PRArenaPool *arena, CERTCertificate *cert)
-{
- CERTIssuerAndSN *result;
- SECStatus rv;
-
- if ( arena == NULL ) {
- arena = cert->arena;
- }
-
- result = (CERTIssuerAndSN*)PORT_ArenaZAlloc(arena, sizeof(*result));
- if (result == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- rv = SECITEM_CopyItem(arena, &result->derIssuer, &cert->derIssuer);
- if (rv != SECSuccess)
- return NULL;
-
- rv = CERT_CopyName(arena, &result->issuer, &cert->issuer);
- if (rv != SECSuccess)
- return NULL;
-
- rv = SECITEM_CopyItem(arena, &result->serialNumber, &cert->serialNumber);
- if (rv != SECSuccess)
- return NULL;
-
- return result;
-}
-
-char *
-CERT_MakeCANickname(CERTCertificate *cert)
-{
- char *firstname = NULL;
- char *org = NULL;
- char *nickname = NULL;
- int count;
- CERTCertificate *dummycert;
- CERTCertDBHandle *handle;
-
- handle = cert->dbhandle;
-
- nickname = CERT_GetNickName(cert, handle, cert->arena);
- if (nickname == NULL) {
- firstname = CERT_GetCommonName(&cert->subject);
- if ( firstname == NULL ) {
- firstname = CERT_GetOrgUnitName(&cert->subject);
- }
-
- org = CERT_GetOrgName(&cert->issuer);
- if (org == NULL) {
- org = CERT_GetDomainComponentName(&cert->issuer);
- if (org == NULL) {
- if (firstname) {
- org = firstname;
- firstname = NULL;
- } else {
- org = PORT_Strdup("Unknown CA");
- }
- }
- }
-
- /* can only fail if PORT_Strdup fails, in which case
- * we're having memory problems. */
- if (org == NULL) {
- goto loser;
- }
-
-
- count = 1;
- while ( 1 ) {
-
- if ( firstname ) {
- if ( count == 1 ) {
- nickname = PR_smprintf("%s - %s", firstname, org);
- } else {
- nickname = PR_smprintf("%s - %s #%d", firstname, org, count);
- }
- } else {
- if ( count == 1 ) {
- nickname = PR_smprintf("%s", org);
- } else {
- nickname = PR_smprintf("%s #%d", org, count);
- }
- }
- if ( nickname == NULL ) {
- goto loser;
- }
-
- /* look up the nickname to make sure it isn't in use already */
- dummycert = CERT_FindCertByNickname(handle, nickname);
-
- if ( dummycert == NULL ) {
- goto done;
- }
-
- /* found a cert, destroy it and loop */
- CERT_DestroyCertificate(dummycert);
-
- /* free the nickname */
- PORT_Free(nickname);
-
- count++;
- }
- }
-loser:
- if ( nickname ) {
- PORT_Free(nickname);
- }
-
- nickname = "";
-
-done:
- if ( firstname ) {
- PORT_Free(firstname);
- }
- if ( org ) {
- PORT_Free(org);
- }
-
- return(nickname);
-}
-
-/* CERT_Import_CAChain moved to certhigh.c */
-
-void
-CERT_DestroyCrl (CERTSignedCrl *crl)
-{
- SEC_DestroyCrl (crl);
-}
-
-
-
-/*
- * Does a cert belong to a CA? We decide based on perm database trust
- * flags, Netscape Cert Type Extension, and KeyUsage Extension.
- */
-PRBool
-CERT_IsCACert(CERTCertificate *cert, unsigned int *rettype)
-{
- CERTCertTrust *trust;
- SECStatus rv;
- unsigned int type;
- PRBool ret;
-
- ret = PR_FALSE;
- type = 0;
-
- if ( cert->trust ) {
- trust = cert->trust;
- if ( ( ( trust->sslFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
- ( ( trust->sslFlags & CERTDB_TRUSTED_CA ) == CERTDB_TRUSTED_CA ) ) {
- ret = PR_TRUE;
- type |= NS_CERT_TYPE_SSL_CA;
- }
-
- if ( ( ( trust->emailFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
- ( ( trust->emailFlags & CERTDB_TRUSTED_CA ) == CERTDB_TRUSTED_CA ) ) {
- ret = PR_TRUE;
- type |= NS_CERT_TYPE_EMAIL_CA;
- }
-
- if ( ( ( trust->objectSigningFlags & CERTDB_VALID_CA )
- == CERTDB_VALID_CA ) ||
- ( ( trust->objectSigningFlags & CERTDB_TRUSTED_CA )
- == CERTDB_TRUSTED_CA ) ) {
- ret = PR_TRUE;
- type |= NS_CERT_TYPE_OBJECT_SIGNING_CA;
- }
- } else {
- if ( cert->nsCertType &
- ( NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA |
- NS_CERT_TYPE_OBJECT_SIGNING_CA ) ) {
- ret = PR_TRUE;
- type = (cert->nsCertType & NS_CERT_TYPE_CA);
- } else {
- CERTBasicConstraints constraints;
- rv = CERT_FindBasicConstraintExten(cert, &constraints);
- if ( rv == SECSuccess ) {
- if ( constraints.isCA ) {
- ret = PR_TRUE;
- type = (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA);
- }
- }
- }
-
- /* finally check if it's a FORTEZZA V1 CA */
- if (ret == PR_FALSE) {
- if (fortezzaIsCA(cert)) {
- ret = PR_TRUE;
- type = (NS_CERT_TYPE_SSL_CA | NS_CERT_TYPE_EMAIL_CA);
- }
- }
- }
- if ( rettype != NULL ) {
- *rettype = type;
- }
-
- return(ret);
-}
-
-PRBool
-CERT_IsCADERCert(SECItem *derCert, unsigned int *type) {
- CERTCertificate *cert;
- PRBool isCA;
-
- cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if (cert == NULL) return PR_FALSE;
-
- isCA = CERT_IsCACert(cert,type);
- CERT_DestroyCertificate (cert);
- return isCA;
-}
-
-
-/*
- * is certa newer than certb? If one is expired, pick the other one.
- */
-PRBool
-CERT_IsNewer(CERTCertificate *certa, CERTCertificate *certb)
-{
- PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
- SECStatus rv;
- PRBool newerbefore, newerafter;
-
- rv = CERT_GetCertTimes(certa, &notBeforeA, &notAfterA);
- if ( rv != SECSuccess ) {
- return(PR_FALSE);
- }
-
- rv = CERT_GetCertTimes(certb, &notBeforeB, &notAfterB);
- if ( rv != SECSuccess ) {
- return(PR_TRUE);
- }
-
- newerbefore = PR_FALSE;
- if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
- newerbefore = PR_TRUE;
- }
-
- newerafter = PR_FALSE;
- if ( LL_CMP(notAfterA, >, notAfterB) ) {
- newerafter = PR_TRUE;
- }
-
- if ( newerbefore && newerafter ) {
- return(PR_TRUE);
- }
-
- if ( ( !newerbefore ) && ( !newerafter ) ) {
- return(PR_FALSE);
- }
-
- /* get current UTC time */
- now = PR_Now();
-
- if ( newerbefore ) {
- /* cert A was issued after cert B, but expires sooner */
- /* if A is expired, then pick B */
- if ( LL_CMP(notAfterA, <, now ) ) {
- return(PR_FALSE);
- }
- return(PR_TRUE);
- } else {
- /* cert B was issued after cert A, but expires sooner */
- /* if B is expired, then pick A */
- if ( LL_CMP(notAfterB, <, now ) ) {
- return(PR_TRUE);
- }
- return(PR_FALSE);
- }
-}
-
-void
-CERT_DestroyCertArray(CERTCertificate **certs, unsigned int ncerts)
-{
- unsigned int i;
-
- if ( certs ) {
- for ( i = 0; i < ncerts; i++ ) {
- if ( certs[i] ) {
- CERT_DestroyCertificate(certs[i]);
- }
- }
-
- PORT_Free(certs);
- }
-
- return;
-}
-
-char *
-CERT_FixupEmailAddr(char *emailAddr)
-{
- char *retaddr;
- char *str;
-
- if ( emailAddr == NULL ) {
- return(NULL);
- }
-
- /* copy the string */
- str = retaddr = PORT_Strdup(emailAddr);
- if ( str == NULL ) {
- return(NULL);
- }
-
- /* make it lower case */
- while ( *str ) {
- *str = tolower( *str );
- str++;
- }
-
- return(retaddr);
-}
-
-/*
- * NOTE - don't allow encode of govt-approved or invisible bits
- */
-SECStatus
-CERT_DecodeTrustString(CERTCertTrust *trust, char *trusts)
-{
- int i;
- unsigned int *pflags;
-
- trust->sslFlags = 0;
- trust->emailFlags = 0;
- trust->objectSigningFlags = 0;
-
- pflags = &trust->sslFlags;
-
- for (i=0; i < PORT_Strlen(trusts); i++) {
- switch (trusts[i]) {
- case 'p':
- *pflags = *pflags | CERTDB_VALID_PEER;
- break;
-
- case 'P':
- *pflags = *pflags | CERTDB_TRUSTED | CERTDB_VALID_PEER;
- break;
-
- case 'w':
- *pflags = *pflags | CERTDB_SEND_WARN;
- break;
-
- case 'c':
- *pflags = *pflags | CERTDB_VALID_CA;
- break;
-
- case 'T':
- *pflags = *pflags | CERTDB_TRUSTED_CLIENT_CA | CERTDB_VALID_CA;
- break;
-
- case 'C' :
- *pflags = *pflags | CERTDB_TRUSTED_CA | CERTDB_VALID_CA;
- break;
-
- case 'u':
- *pflags = *pflags | CERTDB_USER;
- break;
-
-#ifdef DEBUG_NSSTEAM_ONLY
- case 'i':
- *pflags = *pflags | CERTDB_INVISIBLE_CA;
- break;
- case 'g':
- *pflags = *pflags | CERTDB_GOVT_APPROVED_CA;
- break;
-#endif /* DEBUG_NSSTEAM_ONLY */
-
- case ',':
- if ( pflags == &trust->sslFlags ) {
- pflags = &trust->emailFlags;
- } else {
- pflags = &trust->objectSigningFlags;
- }
- break;
- default:
- return SECFailure;
- }
- }
-
- return SECSuccess;
-}
-
-static void
-EncodeFlags(char *trusts, unsigned int flags)
-{
- if (flags & CERTDB_VALID_CA)
- if (!(flags & CERTDB_TRUSTED_CA) &&
- !(flags & CERTDB_TRUSTED_CLIENT_CA))
- PORT_Strcat(trusts, "c");
- if (flags & CERTDB_VALID_PEER)
- if (!(flags & CERTDB_TRUSTED))
- PORT_Strcat(trusts, "p");
- if (flags & CERTDB_TRUSTED_CA)
- PORT_Strcat(trusts, "C");
- if (flags & CERTDB_TRUSTED_CLIENT_CA)
- PORT_Strcat(trusts, "T");
- if (flags & CERTDB_TRUSTED)
- PORT_Strcat(trusts, "P");
- if (flags & CERTDB_USER)
- PORT_Strcat(trusts, "u");
- if (flags & CERTDB_SEND_WARN)
- PORT_Strcat(trusts, "w");
- if (flags & CERTDB_INVISIBLE_CA)
- PORT_Strcat(trusts, "I");
- if (flags & CERTDB_GOVT_APPROVED_CA)
- PORT_Strcat(trusts, "G");
- return;
-}
-
-char *
-CERT_EncodeTrustString(CERTCertTrust *trust)
-{
- char tmpTrustSSL[32];
- char tmpTrustEmail[32];
- char tmpTrustSigning[32];
- char *retstr = NULL;
-
- if ( trust ) {
- tmpTrustSSL[0] = '\0';
- tmpTrustEmail[0] = '\0';
- tmpTrustSigning[0] = '\0';
-
- EncodeFlags(tmpTrustSSL, trust->sslFlags);
- EncodeFlags(tmpTrustEmail, trust->emailFlags);
- EncodeFlags(tmpTrustSigning, trust->objectSigningFlags);
-
- retstr = PR_smprintf("%s,%s,%s", tmpTrustSSL, tmpTrustEmail,
- tmpTrustSigning);
- }
-
- return(retstr);
-}
-
-SECStatus
-CERT_ImportCerts(CERTCertDBHandle *certdb, SECCertUsage usage,
- unsigned int ncerts, SECItem **derCerts,
- CERTCertificate ***retCerts, PRBool keepCerts,
- PRBool caOnly, char *nickname)
-{
- int i;
- CERTCertificate **certs = NULL;
- SECStatus rv;
- int fcerts = 0;
-
- if ( ncerts ) {
- certs = (CERTCertificate**)PORT_ZAlloc(sizeof(CERTCertificate *) * ncerts );
- if ( certs == NULL ) {
- return(SECFailure);
- }
-
- /* decode all of the certs into the temporary DB */
- for ( i = 0, fcerts= 0; i < ncerts; i++) {
- certs[fcerts] = CERT_DecodeDERCertificate(derCerts[i], PR_FALSE,
- NULL);
- if (certs[fcerts]) fcerts++;
- }
-
- if ( keepCerts ) {
- for ( i = 0; i < fcerts; i++ ) {
- SECKEY_UpdateCertPQG(certs[i]);
- if(CERT_IsCACert(certs[i], NULL) && (fcerts > 1)) {
- /* if we are importing only a single cert and specifying
- * a nickname, we want to use that nickname if it a CA,
- * otherwise if there are more than one cert, we don't
- * know which cert it belongs to.
- */
- rv = PK11_ImportCert(PK11_GetInternalKeySlot(),certs[i],
- CK_INVALID_HANDLE,NULL,PR_TRUE);
- } else {
- rv = PK11_ImportCert(PK11_GetInternalKeySlot(),certs[i],
- CK_INVALID_HANDLE,nickname,PR_TRUE);
- }
- /* don't care if it fails - keep going */
- }
- }
- }
-
- if ( retCerts ) {
- *retCerts = certs;
- } else {
- if (certs) {
- CERT_DestroyCertArray(certs, fcerts);
- }
- }
-
- return(SECSuccess);
-
-#if 0 /* dead code here - why ?? XXX */
-loser:
- if ( retCerts ) {
- *retCerts = NULL;
- }
- if ( certs ) {
- CERT_DestroyCertArray(certs, ncerts);
- }
- return(SECFailure);
-#endif
-}
-
-/*
- * a real list of certificates - need to convert CERTCertificateList
- * stuff and ASN 1 encoder/decoder over to using this...
- */
-CERTCertList *
-CERT_NewCertList(void)
-{
- PRArenaPool *arena = NULL;
- CERTCertList *ret = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- ret = (CERTCertList *)PORT_ArenaZAlloc(arena, sizeof(CERTCertList));
- if ( ret == NULL ) {
- goto loser;
- }
-
- ret->arena = arena;
-
- PR_INIT_CLIST(&ret->list);
-
- return(ret);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-CERT_DestroyCertList(CERTCertList *certs)
-{
- PRCList *node;
-
- while( !PR_CLIST_IS_EMPTY(&certs->list) ) {
- node = PR_LIST_HEAD(&certs->list);
- CERT_DestroyCertificate(((CERTCertListNode *)node)->cert);
- PR_REMOVE_LINK(node);
- }
-
- PORT_FreeArena(certs->arena, PR_FALSE);
-
- return;
-}
-
-void
-CERT_RemoveCertListNode(CERTCertListNode *node)
-{
- CERT_DestroyCertificate(node->cert);
- PR_REMOVE_LINK(&node->links);
- return;
-}
-
-
-SECStatus
-CERT_AddCertToListTailWithData(CERTCertList *certs,
- CERTCertificate *cert, void *appData)
-{
- CERTCertListNode *node;
-
- node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
- sizeof(CERTCertListNode));
- if ( node == NULL ) {
- goto loser;
- }
-
- PR_INSERT_BEFORE(&node->links, &certs->list);
- /* certs->count++; */
- node->cert = cert;
- node->appData = appData;
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-SECStatus
-CERT_AddCertToListTail(CERTCertList *certs, CERTCertificate *cert)
-{
- return CERT_AddCertToListTailWithData(certs, cert, NULL);
-}
-
-SECStatus
-CERT_AddCertToListHeadWithData(CERTCertList *certs,
- CERTCertificate *cert, void *appData)
-{
- CERTCertListNode *node;
- CERTCertListNode *head;
-
- head = CERT_LIST_HEAD(certs);
-
- if (head == NULL) return CERT_AddCertToListTail(certs,cert);
-
- node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
- sizeof(CERTCertListNode));
- if ( node == NULL ) {
- goto loser;
- }
-
- PR_INSERT_BEFORE(&node->links, &head->links);
- /* certs->count++; */
- node->cert = cert;
- node->appData = appData;
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-SECStatus
-CERT_AddCertToListHead(CERTCertList *certs, CERTCertificate *cert)
-{
- return CERT_AddCertToListHeadWithData(certs, cert, NULL);
-}
-
-/*
- * Sort callback function to determine if cert a is newer than cert b.
- * Not valid certs are considered older than valid certs.
- */
-PRBool
-CERT_SortCBValidity(CERTCertificate *certa,
- CERTCertificate *certb,
- void *arg)
-{
- PRTime sorttime;
- PRTime notBeforeA, notAfterA, notBeforeB, notAfterB;
- SECStatus rv;
- PRBool newerbefore, newerafter;
- PRBool aNotValid = PR_FALSE, bNotValid = PR_FALSE;
-
- sorttime = *(PRTime *)arg;
-
- rv = CERT_GetCertTimes(certa, &notBeforeA, &notAfterA);
- if ( rv != SECSuccess ) {
- return(PR_FALSE);
- }
-
- rv = CERT_GetCertTimes(certb, &notBeforeB, &notAfterB);
- if ( rv != SECSuccess ) {
- return(PR_TRUE);
- }
- newerbefore = PR_FALSE;
- if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
- newerbefore = PR_TRUE;
- }
- newerafter = PR_FALSE;
- if ( LL_CMP(notAfterA, >, notAfterB) ) {
- newerafter = PR_TRUE;
- }
-
- /* check if A is valid at sorttime */
- if ( CERT_CheckCertValidTimes(certa, sorttime, PR_FALSE)
- != secCertTimeValid ) {
- aNotValid = PR_TRUE;
- }
-
- /* check if B is valid at sorttime */
- if ( CERT_CheckCertValidTimes(certb, sorttime, PR_FALSE)
- != secCertTimeValid ) {
- bNotValid = PR_TRUE;
- }
-
- /* a is valid, b is not */
- if ( bNotValid && ( ! aNotValid ) ) {
- return(PR_TRUE);
- }
-
- /* b is valid, a is not */
- if ( aNotValid && ( ! bNotValid ) ) {
- return(PR_FALSE);
- }
-
- /* a and b are either valid or not valid */
- if ( newerbefore && newerafter ) {
- return(PR_TRUE);
- }
-
- if ( ( !newerbefore ) && ( !newerafter ) ) {
- return(PR_FALSE);
- }
-
- if ( newerbefore ) {
- /* cert A was issued after cert B, but expires sooner */
- return(PR_TRUE);
- } else {
- /* cert B was issued after cert A, but expires sooner */
- return(PR_FALSE);
- }
-}
-
-
-SECStatus
-CERT_AddCertToListSorted(CERTCertList *certs,
- CERTCertificate *cert,
- CERTSortCallback f,
- void *arg)
-{
- CERTCertListNode *node;
- CERTCertListNode *head;
- PRBool ret;
-
- node = (CERTCertListNode *)PORT_ArenaZAlloc(certs->arena,
- sizeof(CERTCertListNode));
- if ( node == NULL ) {
- goto loser;
- }
-
- head = CERT_LIST_HEAD(certs);
-
- while ( !CERT_LIST_END(head, certs) ) {
-
- /* if cert is already in the list, then don't add it again */
- if ( cert == head->cert ) {
- /*XXX*/
- /* don't keep a reference */
- CERT_DestroyCertificate(cert);
- goto done;
- }
-
- ret = (* f)(cert, head->cert, arg);
- /* if sort function succeeds, then insert before current node */
- if ( ret ) {
- PR_INSERT_BEFORE(&node->links, &head->links);
- goto done;
- }
-
- head = CERT_LIST_NEXT(head);
- }
- /* if we get to the end, then just insert it at the tail */
- PR_INSERT_BEFORE(&node->links, &certs->list);
-
-done:
- /* certs->count++; */
- node->cert = cert;
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/* This routine is here because pcertdb.c still has a call to it.
- * The SMIME profile code in pcertdb.c should be split into high (find
- * the email cert) and low (store the profile) code. At that point, we
- * can move this to certhigh.c where it belongs.
- *
- * remove certs from a list that don't have keyUsage and certType
- * that match the given usage.
- */
-SECStatus
-CERT_FilterCertListByUsage(CERTCertList *certList, SECCertUsage usage,
- PRBool ca)
-{
- unsigned int requiredKeyUsage;
- unsigned int requiredCertType;
- CERTCertListNode *node, *savenode;
- PRBool bad;
- SECStatus rv;
- unsigned int certType;
- PRBool dummyret;
-
- if (certList == NULL) goto loser;
-
- rv = CERT_KeyUsageAndTypeForCertUsage(usage, ca, &requiredKeyUsage,
- &requiredCertType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- node = CERT_LIST_HEAD(certList);
-
- while ( !CERT_LIST_END(node, certList) ) {
-
- bad = PR_FALSE;
-
- /* bad key usage */
- if ( CERT_CheckKeyUsage(node->cert, requiredKeyUsage )
- != SECSuccess ) {
- bad = PR_TRUE;
- }
- /* bad cert type */
- if ( ca ) {
- /* This function returns a more comprehensive cert type that
- * takes trust flags into consideration. Should probably
- * fix the cert decoding code to do this.
- */
- dummyret = CERT_IsCACert(node->cert, &certType);
- } else {
- certType = node->cert->nsCertType;
- }
-
- if ( ! ( certType & requiredCertType ) ) {
- bad = PR_TRUE;
- }
-
- if ( bad ) {
- /* remove the node if it is bad */
- savenode = CERT_LIST_NEXT(node);
- CERT_RemoveCertListNode(node);
- node = savenode;
- } else {
- node = CERT_LIST_NEXT(node);
- }
- }
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-static PZLock *certRefCountLock = NULL;
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertRefCount(CERTCertificate *cert)
-{
- if ( certRefCountLock == NULL ) {
- nss_InitLock(&certRefCountLock, nssILockRefLock);
- PORT_Assert(certRefCountLock != NULL);
- }
-
- PZ_Lock(certRefCountLock);
- return;
-}
-
-/*
- * Free the cert reference count lock
- */
-void
-CERT_UnlockCertRefCount(CERTCertificate *cert)
-{
- PRStatus prstat;
-
- PORT_Assert(certRefCountLock != NULL);
-
- prstat = PZ_Unlock(certRefCountLock);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-static PZLock *certTrustLock = NULL;
-
-/*
- * Acquire the cert trust lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-CERT_LockCertTrust(CERTCertificate *cert)
-{
- if ( certTrustLock == NULL ) {
- nss_InitLock(&certTrustLock, nssILockCertDB);
- PORT_Assert(certTrustLock != NULL);
- }
-
- PZ_Lock(certTrustLock);
- return;
-}
-
-/*
- * Free the cert trust lock
- */
-void
-CERT_UnlockCertTrust(CERTCertificate *cert)
-{
- PRStatus prstat;
-
- PORT_Assert(certTrustLock != NULL);
-
- prstat = PZ_Unlock(certTrustLock);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-
-/*
- * Get the StatusConfig data for this handle
- */
-CERTStatusConfig *
-CERT_GetStatusConfig(CERTCertDBHandle *handle)
-{
-#ifdef notdef
- return handle->statusConfig;
-#else
- /*PORT_Assert(0); */
- return NULL;
-#endif
-}
-
-/*
- * Set the StatusConfig data for this handle. There
- * should not be another configuration set.
- */
-void
-CERT_SetStatusConfig(CERTCertDBHandle *handle, CERTStatusConfig *statusConfig)
-{
-#ifdef notdef
- PORT_Assert(handle->statusConfig == NULL);
- handle->statusConfig = statusConfig;
-#else
- PORT_Assert(0);
-#endif
-}
diff --git a/security/nss/lib/certdb/certdb.h b/security/nss/lib/certdb/certdb.h
deleted file mode 100644
index 4222a615d..000000000
--- a/security/nss/lib/certdb/certdb.h
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CERTDB_H_
-#define _CERTDB_H_
-
-
-/* common flags for all types of certificates */
-#define CERTDB_VALID_PEER (1<<0)
-#define CERTDB_TRUSTED (1<<1)
-#define CERTDB_SEND_WARN (1<<2)
-#define CERTDB_VALID_CA (1<<3)
-#define CERTDB_TRUSTED_CA (1<<4) /* trusted for issuing server certs */
-#define CERTDB_NS_TRUSTED_CA (1<<5)
-#define CERTDB_USER (1<<6)
-#define CERTDB_TRUSTED_CLIENT_CA (1<<7) /* trusted for issuing client certs */
-#define CERTDB_INVISIBLE_CA (1<<8) /* don't show in UI */
-#define CERTDB_GOVT_APPROVED_CA (1<<9) /* can do strong crypto in export ver */
-
-
-SEC_BEGIN_PROTOS
-
-CERTSignedCrl *
-SEC_FindCrlByKey(CERTCertDBHandle *handle, SECItem *crlKey, int type);
-
-CERTSignedCrl *
-SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey, int type);
-
-CERTSignedCrl *
-SEC_FindCrlByDERCert(CERTCertDBHandle *handle, SECItem *derCrl, int type);
-
-PRBool
-SEC_CertNicknameConflict(char *nickname, SECItem *derSubject,
- CERTCertDBHandle *handle);
-CERTSignedCrl *
-SEC_NewCrl(CERTCertDBHandle *handle, char *url, SECItem *derCrl, int type);
-
-SECStatus
-SEC_DeletePermCRL(CERTSignedCrl *crl);
-
-
-SECStatus
-SEC_LookupCrls(CERTCertDBHandle *handle, CERTCrlHeadNode **nodes, int type);
-
-SECStatus
-SEC_DestroyCrl(CERTSignedCrl *crl);
-
-SECStatus
-CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
- CERTCertTrust *trust);
-
-SECStatus SEC_DeletePermCertificate(CERTCertificate *cert);
-
-#ifdef notdef
-/*
-** Add a DER encoded certificate to the permanent database.
-** "derCert" is the DER encoded certificate.
-** "nickname" is the nickname to use for the cert
-** "trust" is the trust parameters for the cert
-*/
-SECStatus SEC_AddPermCertificate(PCERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PCERTCertTrust *trust);
-
-certDBEntryCert *
-SEC_FindPermCertByKey(PCERTCertDBHandle *handle, SECItem *certKey);
-
-certDBEntryCert
-*SEC_FindPermCertByName(PCERTCertDBHandle *handle, SECItem *name);
-
-SECStatus SEC_OpenPermCertDB(PCERTCertDBHandle *handle,
- PRBool readOnly,
- PCERTDBNameFunc namecb,
- void *cbarg);
-
-
-typedef SECStatus (PR_CALLBACK * PermCertCallback)(PCERTCertificate *cert,
- SECItem *k, void *pdata);
-/*
-** Traverse the entire permanent database, and pass the certs off to a
-** user supplied function.
-** "certfunc" is the user function to call for each certificate
-** "udata" is the user's data, which is passed through to "certfunc"
-*/
-SECStatus
-PCERT_TraversePermCerts(PCERTCertDBHandle *handle,
- PermCertCallback certfunc,
- void *udata );
-
-SECStatus
-SEC_AddTempNickname(PCERTCertDBHandle *handle, char *nickname, SECItem *certKey);
-
-SECStatus
-SEC_DeleteTempNickname(PCERTCertDBHandle *handle, char *nickname);
-
-
-PRBool
-SEC_CertDBKeyConflict(SECItem *derCert, PCERTCertDBHandle *handle);
-
-SECStatus
-SEC_GetCrlTimes(PCERTCrl *dates, PRTime *notBefore, PRTime *notAfter);
-
-SECCertTimeValidity
-SEC_CheckCrlTimes(PCERTCrl *crl, PRTime t);
-
-PRBool
-SEC_CrlIsNewer(PCERTCrl *inNew, PCERTCrl *old);
-
-PCERTSignedCrl *
-SEC_AddPermCrlToTemp(PCERTCertDBHandle *handle, certDBEntryRevocation *entry);
-
-SECStatus
-SEC_DeleteTempCrl(PCERTSignedCrl *crl);
-
-
-SECStatus
-SEC_CheckKRL(PCERTCertDBHandle *handle,SECKEYLowPublicKey *key,
- PCERTCertificate *rootCert, int64 t, void *wincx);
-
-SECStatus
-SEC_CheckCRL(PCERTCertDBHandle *handle,PCERTCertificate *cert,
- PCERTCertificate *caCert, int64 t, void *wincx);
-
-SECStatus
-SEC_CrlReplaceUrl(PCERTSignedCrl *crl,char *url);
-#endif
-
-SEC_END_PROTOS
-
-#endif /* _CERTDB_H_ */
diff --git a/security/nss/lib/certdb/certt.h b/security/nss/lib/certdb/certt.h
deleted file mode 100644
index d921fae6e..000000000
--- a/security/nss/lib/certdb/certt.h
+++ /dev/null
@@ -1,832 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * certt.h - public data structures for the certificate library
- *
- * $Id$
- */
-#ifndef _CERTT_H_
-#define _CERTT_H_
-
-#include "prclist.h"
-#include "pkcs11t.h"
-#include "seccomon.h"
-#include "secmodt.h"
-#include "secoidt.h"
-#include "plarena.h"
-#include "prcvar.h"
-#include "nssilock.h"
-#include "prio.h"
-#include "prmon.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nsspkit.h"
-
-/* Non-opaque objects */
-typedef struct CERTAVAStr CERTAVA;
-typedef struct CERTAttributeStr CERTAttribute;
-typedef struct CERTAuthInfoAccessStr CERTAuthInfoAccess;
-typedef struct CERTAuthKeyIDStr CERTAuthKeyID;
-typedef struct CERTBasicConstraintsStr CERTBasicConstraints;
-#ifdef NSS_CLASSIC
-typedef struct CERTCertDBHandleStr CERTCertDBHandle;
-#else
-typedef NSSTrustDomain CERTCertDBHandle;
-#endif
-typedef struct CERTCertExtensionStr CERTCertExtension;
-typedef struct CERTCertKeyStr CERTCertKey;
-typedef struct CERTCertListStr CERTCertList;
-typedef struct CERTCertListNodeStr CERTCertListNode;
-typedef struct CERTCertNicknamesStr CERTCertNicknames;
-typedef struct CERTCertTrustStr CERTCertTrust;
-typedef struct CERTCertificateStr CERTCertificate;
-typedef struct CERTCertificateListStr CERTCertificateList;
-typedef struct CERTCertificateRequestStr CERTCertificateRequest;
-typedef struct CERTCrlStr CERTCrl;
-typedef struct CERTCrlDistributionPointsStr CERTCrlDistributionPoints;
-typedef struct CERTCrlEntryStr CERTCrlEntry;
-typedef struct CERTCrlHeadNodeStr CERTCrlHeadNode;
-typedef struct CERTCrlKeyStr CERTCrlKey;
-typedef struct CERTCrlNodeStr CERTCrlNode;
-typedef struct CERTDERCertsStr CERTDERCerts;
-typedef struct CERTDistNamesStr CERTDistNames;
-typedef struct CERTGeneralNameStr CERTGeneralName;
-typedef struct CERTGeneralNameListStr CERTGeneralNameList;
-typedef struct CERTIssuerAndSNStr CERTIssuerAndSN;
-typedef struct CERTNameStr CERTName;
-typedef struct CERTNameConstraintStr CERTNameConstraint;
-typedef struct CERTNameConstraintsStr CERTNameConstraints;
-typedef struct CERTOKDomainNameStr CERTOKDomainName;
-typedef struct CERTPublicKeyAndChallengeStr CERTPublicKeyAndChallenge;
-typedef struct CERTRDNStr CERTRDN;
-typedef struct CERTSignedCrlStr CERTSignedCrl;
-typedef struct CERTSignedDataStr CERTSignedData;
-typedef struct CERTStatusConfigStr CERTStatusConfig;
-typedef struct CERTSubjectListStr CERTSubjectList;
-typedef struct CERTSubjectNodeStr CERTSubjectNode;
-typedef struct CERTSubjectPublicKeyInfoStr CERTSubjectPublicKeyInfo;
-typedef struct CERTValidityStr CERTValidity;
-typedef struct CERTVerifyLogStr CERTVerifyLog;
-typedef struct CERTVerifyLogNodeStr CERTVerifyLogNode;
-typedef struct CRLDistributionPointStr CRLDistributionPoint;
-
-/* CRL extensions type */
-typedef unsigned long CERTCrlNumber;
-
-/*
-** An X.500 AVA object
-*/
-struct CERTAVAStr {
- SECItem type;
- SECItem value;
-};
-
-/*
-** An X.500 RDN object
-*/
-struct CERTRDNStr {
- CERTAVA **avas;
-};
-
-/*
-** An X.500 name object
-*/
-struct CERTNameStr {
- PRArenaPool *arena;
- CERTRDN **rdns;
-};
-
-/*
-** An X.509 validity object
-*/
-struct CERTValidityStr {
- PRArenaPool *arena;
- SECItem notBefore;
- SECItem notAfter;
-};
-
-/*
- * A serial number and issuer name, which is used as a database key
- */
-struct CERTCertKeyStr {
- SECItem serialNumber;
- SECItem derIssuer;
-};
-
-/*
-** A signed data object. Used to implement the "signed" macro used
-** in the X.500 specs.
-*/
-struct CERTSignedDataStr {
- SECItem data;
- SECAlgorithmID signatureAlgorithm;
- SECItem signature;
-};
-
-/*
-** An X.509 subject-public-key-info object
-*/
-struct CERTSubjectPublicKeyInfoStr {
- PRArenaPool *arena;
- SECAlgorithmID algorithm;
- SECItem subjectPublicKey;
-};
-
-struct CERTPublicKeyAndChallengeStr {
- SECItem spki;
- SECItem challenge;
-};
-
-struct CERTCertTrustStr {
- unsigned int sslFlags;
- unsigned int emailFlags;
- unsigned int objectSigningFlags;
-};
-
-/*
- * defined the types of trust that exist
- */
-typedef enum {
- trustSSL = 0,
- trustEmail = 1,
- trustObjectSigning = 2,
- trustTypeNone = 3
-} SECTrustType;
-
-#define SEC_GET_TRUST_FLAGS(trust,type) \
- (((type)==trustSSL)?((trust)->sslFlags): \
- (((type)==trustEmail)?((trust)->emailFlags): \
- (((type)==trustObjectSigning)?((trust)->objectSigningFlags):0)))
-
-/*
-** An X.509.3 certificate extension
-*/
-struct CERTCertExtensionStr {
- SECItem id;
- SECItem critical;
- SECItem value;
-};
-
-struct CERTSubjectNodeStr {
- struct CERTSubjectNodeStr *next;
- struct CERTSubjectNodeStr *prev;
- SECItem certKey;
- SECItem keyID;
-};
-
-struct CERTSubjectListStr {
- PRArenaPool *arena;
- int ncerts;
- char *emailAddr;
- CERTSubjectNode *head;
- CERTSubjectNode *tail; /* do we need tail? */
- void *entry;
-};
-
-/*
-** An X.509 certificate object (the unsigned form)
-*/
-struct CERTCertificateStr {
- /* the arena is used to allocate any data structures that have the same
- * lifetime as the cert. This is all stuff that hangs off of the cert
- * structure, and is all freed at the same time. I is used when the
- * cert is decoded, destroyed, and at some times when it changes
- * state
- */
- PRArenaPool *arena;
-
- /* The following fields are static after the cert has been decoded */
- char *subjectName;
- char *issuerName;
- CERTSignedData signatureWrap; /* XXX */
- SECItem derCert; /* original DER for the cert */
- SECItem derIssuer; /* DER for issuer name */
- SECItem derSubject; /* DER for subject name */
- SECItem derPublicKey; /* DER for the public key */
- SECItem certKey; /* database key for this cert */
- SECItem version;
- SECItem serialNumber;
- SECAlgorithmID signature;
- CERTName issuer;
- CERTValidity validity;
- CERTName subject;
- CERTSubjectPublicKeyInfo subjectPublicKeyInfo;
- SECItem issuerID;
- SECItem subjectID;
- CERTCertExtension **extensions;
- char *emailAddr;
- CERTCertDBHandle *dbhandle;
- SECItem subjectKeyID; /* x509v3 subject key identifier */
- PRBool keyIDGenerated; /* was the keyid generated? */
- unsigned int keyUsage; /* what uses are allowed for this cert */
- unsigned int rawKeyUsage; /* value of the key usage extension */
- PRBool keyUsagePresent; /* was the key usage extension present */
- unsigned int nsCertType; /* value of the ns cert type extension */
-
- /* these values can be set by the application to bypass certain checks
- * or to keep the cert in memory for an entire session.
- * XXX - need an api to set these
- */
- PRBool keepSession; /* keep this cert for entire session*/
- PRBool timeOK; /* is the bad validity time ok? */
- CERTOKDomainName *domainOK; /* these domain names are ok */
-
- /*
- * these values can change when the cert changes state. These state
- * changes include transitions from temp to perm or vice-versa, and
- * changes of trust flags
- */
- PRBool isperm;
- PRBool istemp;
- char *nickname;
- char *dbnickname;
- void *dbEntry; /* database entry struct */
- CERTCertTrust *trust;
-
- /* the reference count is modified whenever someone looks up, dups
- * or destroys a certificate
- */
- int referenceCount;
-
- /* The subject list is a list of all certs with the same subject name.
- * It can be modified any time a cert is added or deleted from either
- * the in-memory(temporary) or on-disk(permanent) database.
- */
- CERTSubjectList *subjectList;
-
- /* these fields are used by client GUI code to keep track of ssl sockets
- * that are blocked waiting on GUI feedback related to this cert.
- * XXX - these should be moved into some sort of application specific
- * data structure. They are only used by the browser right now.
- */
- struct SECSocketNode *socketlist;
- int socketcount;
- struct SECSocketNode *authsocketlist;
- int authsocketcount;
-
- /* This is PKCS #11 stuff. */
- PK11SlotInfo *slot; /*if this cert came of a token, which is it*/
- CK_OBJECT_HANDLE pkcs11ID; /*and which object on that token is it */
- PRBool ownSlot; /*true if the cert owns the slot reference */
-
- /* This is Stan stuff. */
- NSSCertificate *nssCertificate;
-};
-#define SEC_CERTIFICATE_VERSION_1 0 /* default created */
-#define SEC_CERTIFICATE_VERSION_2 1 /* v2 */
-#define SEC_CERTIFICATE_VERSION_3 2 /* v3 extensions */
-
-#define SEC_CRL_VERSION_1 0 /* default */
-#define SEC_CRL_VERSION_2 1 /* v2 extensions */
-
-/*
- * used to identify class of cert in mime stream code
- */
-#define SEC_CERT_CLASS_CA 1
-#define SEC_CERT_CLASS_SERVER 2
-#define SEC_CERT_CLASS_USER 3
-#define SEC_CERT_CLASS_EMAIL 4
-
-struct CERTDERCertsStr {
- PRArenaPool *arena;
- int numcerts;
- SECItem *rawCerts;
-};
-
-/*
-** A PKCS ? Attribute
-** XXX this is duplicated through out the code, it *should* be moved
-** to a central location. Where would be appropriate?
-*/
-struct CERTAttributeStr {
- SECItem attrType;
- SECItem **attrValue;
-};
-
-/*
-** A PKCS#10 certificate-request object (the unsigned form)
-*/
-struct CERTCertificateRequestStr {
- PRArenaPool *arena;
- SECItem version;
- CERTName subject;
- CERTSubjectPublicKeyInfo subjectPublicKeyInfo;
- SECItem **attributes;
-};
-#define SEC_CERTIFICATE_REQUEST_VERSION 0 /* what we *create* */
-
-
-/*
-** A certificate list object.
-*/
-struct CERTCertificateListStr {
- SECItem *certs;
- int len; /* number of certs */
- PRArenaPool *arena;
-};
-
-struct CERTCertListNodeStr {
- PRCList links;
- CERTCertificate *cert;
- void *appData;
-};
-
-struct CERTCertListStr {
- PRCList list;
- PRArenaPool *arena;
-};
-
-#define CERT_LIST_HEAD(l) ((CERTCertListNode *)PR_LIST_HEAD(&l->list))
-#define CERT_LIST_NEXT(n) ((CERTCertListNode *)n->links.next)
-#define CERT_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
-
-struct CERTCrlEntryStr {
- SECItem serialNumber;
- SECItem revocationDate;
- CERTCertExtension **extensions;
-};
-
-struct CERTCrlStr {
- PRArenaPool *arena;
- SECItem version;
- SECAlgorithmID signatureAlg;
- SECItem derName;
- CERTName name;
- SECItem lastUpdate;
- SECItem nextUpdate; /* optional for x.509 CRL */
- CERTCrlEntry **entries;
- CERTCertExtension **extensions;
-};
-
-struct CERTCrlKeyStr {
- SECItem derName;
- SECItem dummy; /* The decoder can not skip a primitive,
- this serves as a place holder for the
- decoder to finish its task only
- */
-};
-
-struct CERTSignedCrlStr {
- PRArenaPool *arena;
- CERTCrl crl;
- /*certDBEntryRevocation *dbEntry; database entry struct */
- PK11SlotInfo *slot;
- /* PRBool keep; keep this crl in the cache for the session*/
- CK_OBJECT_HANDLE pkcs11ID;
- PRBool isperm;
- PRBool istemp;
- int referenceCount;
- CERTCertDBHandle *dbhandle;
- CERTSignedData signatureWrap; /* XXX */
- char *url;
-};
-
-
-struct CERTCrlHeadNodeStr {
- PRArenaPool *arena;
- CERTCertDBHandle *dbhandle;
- CERTCrlNode *first;
- CERTCrlNode *last;
-};
-
-
-struct CERTCrlNodeStr {
- CERTCrlNode *next;
- int type;
- CERTSignedCrl *crl;
-};
-
-
-/*
- * Array of X.500 Distinguished Names
- */
-struct CERTDistNamesStr {
- PRArenaPool *arena;
- int nnames;
- SECItem *names;
- void *head; /* private */
-};
-
-
-#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */
-#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
-#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */
-#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */
-#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */
-#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
-#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
-#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
-
-#define EXT_KEY_USAGE_TIME_STAMP (0x8000)
-#define EXT_KEY_USAGE_STATUS_RESPONDER (0x4000)
-
-#define NS_CERT_TYPE_APP ( NS_CERT_TYPE_SSL_CLIENT | \
- NS_CERT_TYPE_SSL_SERVER | \
- NS_CERT_TYPE_EMAIL | \
- NS_CERT_TYPE_OBJECT_SIGNING )
-
-#define NS_CERT_TYPE_CA ( NS_CERT_TYPE_SSL_CA | \
- NS_CERT_TYPE_EMAIL_CA | \
- NS_CERT_TYPE_OBJECT_SIGNING_CA | \
- EXT_KEY_USAGE_STATUS_RESPONDER )
-typedef enum {
- certUsageSSLClient = 0,
- certUsageSSLServer = 1,
- certUsageSSLServerWithStepUp = 2,
- certUsageSSLCA = 3,
- certUsageEmailSigner = 4,
- certUsageEmailRecipient = 5,
- certUsageObjectSigner = 6,
- certUsageUserCertImport = 7,
- certUsageVerifyCA = 8,
- certUsageProtectedObjectSigner = 9,
- certUsageStatusResponder = 10,
- certUsageAnyCA = 11
-} SECCertUsage;
-
-/*
- * Does the cert belong to the user, a peer, or a CA.
- */
-typedef enum {
- certOwnerUser = 0,
- certOwnerPeer = 1,
- certOwnerCA = 2
-} CERTCertOwner;
-
-/*
- * This enum represents the state of validity times of a certificate
- */
-typedef enum {
- secCertTimeValid = 0,
- secCertTimeExpired = 1,
- secCertTimeNotValidYet = 2
-} SECCertTimeValidity;
-
-/*
- * Interface for getting certificate nickname strings out of the database
- */
-
-/* these are values for the what argument below */
-#define SEC_CERT_NICKNAMES_ALL 1
-#define SEC_CERT_NICKNAMES_USER 2
-#define SEC_CERT_NICKNAMES_SERVER 3
-#define SEC_CERT_NICKNAMES_CA 4
-
-struct CERTCertNicknamesStr {
- PRArenaPool *arena;
- void *head;
- int numnicknames;
- char **nicknames;
- int what;
- int totallen;
-};
-
-struct CERTIssuerAndSNStr {
- SECItem derIssuer;
- CERTName issuer;
- SECItem serialNumber;
-};
-
-
-/* X.509 v3 Key Usage Extension flags */
-#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
-#define KU_NON_REPUDIATION (0x40) /* bit 1 */
-#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
-#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
-#define KU_KEY_AGREEMENT (0x08) /* bit 4 */
-#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */
-#define KU_CRL_SIGN (0x02) /* bit 6 */
-#define KU_ALL (KU_DIGITAL_SIGNATURE | \
- KU_NON_REPUDIATION | \
- KU_KEY_ENCIPHERMENT | \
- KU_DATA_ENCIPHERMENT | \
- KU_KEY_AGREEMENT | \
- KU_KEY_CERT_SIGN | \
- KU_CRL_SIGN)
-
-/* This value will not occur in certs. It is used internally for the case
- * when the key type is not know ahead of time and either key agreement or
- * key encipherment are the correct value based on key type
- */
-#define KU_KEY_AGREEMENT_OR_ENCIPHERMENT (0x4000)
-
-/* internal bits that do not match bits in the x509v3 spec, but are used
- * for similar purposes
- */
-#define KU_NS_GOVT_APPROVED (0x8000) /*don't make part of KU_ALL!*/
-/*
- * x.509 v3 Basic Constraints Extension
- * If isCA is false, the pathLenConstraint is ignored.
- * Otherwise, the following pathLenConstraint values will apply:
- * < 0 - there is no limit to the certificate path
- * 0 - CA can issues end-entity certificates only
- * > 0 - the number of certificates in the certificate path is
- * limited to this number
- */
-#define CERT_UNLIMITED_PATH_CONSTRAINT -2
-
-struct CERTBasicConstraintsStr {
- PRBool isCA; /* on if is CA */
- int pathLenConstraint; /* maximum number of certificates that can be
- in the cert path. Only applies to a CA
- certificate; otherwise, it's ignored.
- */
-};
-
-/* Maximum length of a certificate chain */
-#define CERT_MAX_CERT_CHAIN 20
-
-/* x.509 v3 Reason Falgs, used in CRLDistributionPoint Extension */
-#define RF_UNUSED (0x80) /* bit 0 */
-#define RF_KEY_COMPROMISE (0x40) /* bit 1 */
-#define RF_CA_COMPROMISE (0x20) /* bit 2 */
-#define RF_AFFILIATION_CHANGED (0x10) /* bit 3 */
-#define RF_SUPERSEDED (0x08) /* bit 4 */
-#define RF_CESSATION_OF_OPERATION (0x04) /* bit 5 */
-#define RF_CERTIFICATE_HOLD (0x02) /* bit 6 */
-
-/* If we needed to extract the general name field, use this */
-/* General Name types */
-typedef enum {
- certOtherName = 1,
- certRFC822Name = 2,
- certDNSName = 3,
- certX400Address = 4,
- certDirectoryName = 5,
- certEDIPartyName = 6,
- certURI = 7,
- certIPAddress = 8,
- certRegisterID = 9
-} CERTGeneralNameType;
-
-
-typedef struct OtherNameStr {
- SECItem name;
- SECItem oid;
-}OtherName;
-
-
-
-struct CERTGeneralNameStr {
- CERTGeneralNameType type; /* name type */
- union {
- CERTName directoryName; /* distinguish name */
- OtherName OthName; /* Other Name */
- SECItem other; /* the rest of the name forms */
- }name;
- SECItem derDirectoryName; /* this is saved to simplify directory name
- comparison */
- PRCList l;
-};
-
-struct CERTGeneralNameListStr {
- PRArenaPool *arena;
- CERTGeneralName *name;
- int refCount;
- int len;
- PZLock *lock;
-};
-
-struct CERTNameConstraintStr {
- CERTGeneralName name;
- SECItem DERName;
- SECItem min;
- SECItem max;
- PRCList l;
-};
-
-
-struct CERTNameConstraintsStr {
- CERTNameConstraint *permited;
- CERTNameConstraint *excluded;
- SECItem **DERPermited;
- SECItem **DERExcluded;
-};
-
-
-/* X.509 v3 Authority Key Identifier extension. For the authority certificate
- issuer field, we only support URI now.
- */
-struct CERTAuthKeyIDStr {
- SECItem keyID; /* unique key identifier */
- CERTGeneralName *authCertIssuer; /* CA's issuer name. End with a NULL */
- SECItem authCertSerialNumber; /* CA's certificate serial number */
- SECItem **DERAuthCertIssuer; /* This holds the DER encoded format of
- the authCertIssuer field. It is used
- by the encoding engine. It should be
- used as a read only field by the caller.
- */
-};
-
-/* x.509 v3 CRL Distributeion Point */
-
-/*
- * defined the types of CRL Distribution points
- */
-typedef enum {
- generalName = 1, /* only support this for now */
- relativeDistinguishedName = 2
-} DistributionPointTypes;
-
-struct CRLDistributionPointStr {
- DistributionPointTypes distPointType;
- union {
- CERTGeneralName *fullName;
- CERTRDN relativeName;
- } distPoint;
- SECItem reasons;
- CERTGeneralName *crlIssuer;
-
- /* Reserved for internal use only*/
- SECItem derDistPoint;
- SECItem derRelativeName;
- SECItem **derCrlIssuer;
- SECItem **derFullName;
- SECItem bitsmap;
-};
-
-struct CERTCrlDistributionPointsStr {
- CRLDistributionPoint **distPoints;
-};
-
-/*
- * This structure is used to keep a log of errors when verifying
- * a cert chain. This allows multiple errors to be reported all at
- * once.
- */
-struct CERTVerifyLogNodeStr {
- CERTCertificate *cert; /* what cert had the error */
- long error; /* what error was it? */
- unsigned int depth; /* how far up the chain are we */
- void *arg; /* error specific argument */
- struct CERTVerifyLogNodeStr *next; /* next in the list */
- struct CERTVerifyLogNodeStr *prev; /* next in the list */
-};
-
-
-struct CERTVerifyLogStr {
- PRArenaPool *arena;
- unsigned int count;
- struct CERTVerifyLogNodeStr *head;
- struct CERTVerifyLogNodeStr *tail;
-};
-
-
-struct CERTOKDomainNameStr {
- CERTOKDomainName *next;
- char name[1]; /* actual length may be longer. */
-};
-
-
-typedef SECStatus (PR_CALLBACK *CERTStatusChecker) (CERTCertDBHandle *handle,
- CERTCertificate *cert,
- int64 time,
- void *pwArg);
-
-typedef SECStatus (PR_CALLBACK *CERTStatusDestroy) (CERTStatusConfig *handle);
-
-struct CERTStatusConfigStr {
- CERTStatusChecker statusChecker; /* NULL means no checking enabled */
- CERTStatusDestroy statusDestroy; /* enabled or no, will clean up */
- void *statusContext; /* cx specific to checking protocol */
-};
-
-struct CERTAuthInfoAccessStr {
- SECItem method;
- SECItem derLocation;
- CERTGeneralName *location; /* decoded location */
-};
-
-
-/* This is the typedef for the callback passed to CERT_OpenCertDB() */
-/* callback to return database name based on version number */
-typedef char * (*CERTDBNameFunc)(void *arg, int dbVersion);
-
-/*
- * types of cert packages that we can decode
- */
-typedef enum {
- certPackageNone = 0,
- certPackageCert = 1,
- certPackagePKCS7 = 2,
- certPackageNSCertSeq = 3,
- certPackageNSCertWrap = 4
-} CERTPackageType;
-
-/*
- * these types are for the PKIX Certificate Policies extension
- */
-typedef struct {
- SECOidTag oid;
- SECItem qualifierID;
- SECItem qualifierValue;
-} CERTPolicyQualifier;
-
-typedef struct {
- SECOidTag oid;
- SECItem policyID;
- CERTPolicyQualifier **policyQualifiers;
-} CERTPolicyInfo;
-
-typedef struct {
- PRArenaPool *arena;
- CERTPolicyInfo **policyInfos;
-} CERTCertificatePolicies;
-
-typedef struct {
- SECItem organization;
- SECItem **noticeNumbers;
-} CERTNoticeReference;
-
-typedef struct {
- PRArenaPool *arena;
- CERTNoticeReference noticeReference;
- SECItem derNoticeReference;
- SECItem displayText;
-} CERTUserNotice;
-
-typedef struct {
- PRArenaPool *arena;
- SECItem **oids;
-} CERTOidSequence;
-
-
-/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
-
-#include "secasn1t.h" /* way down here because I expect template stuff to
- * move out of here anyway */
-
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template CERT_CertificateRequestTemplate[];
-extern const SEC_ASN1Template CERT_CertificateTemplate[];
-extern const SEC_ASN1Template SEC_SignedCertificateTemplate[];
-extern const SEC_ASN1Template CERT_CertExtensionTemplate[];
-extern const SEC_ASN1Template CERT_SequenceOfCertExtensionTemplate[];
-extern const SEC_ASN1Template SECKEY_PublicKeyTemplate[];
-extern const SEC_ASN1Template CERT_SubjectPublicKeyInfoTemplate[];
-extern const SEC_ASN1Template CERT_ValidityTemplate[];
-extern const SEC_ASN1Template CERT_PublicKeyAndChallengeTemplate[];
-extern const SEC_ASN1Template SEC_CertSequenceTemplate[];
-
-extern const SEC_ASN1Template CERT_IssuerAndSNTemplate[];
-extern const SEC_ASN1Template CERT_NameTemplate[];
-extern const SEC_ASN1Template CERT_SetOfSignedCrlTemplate[];
-extern const SEC_ASN1Template CERT_RDNTemplate[];
-extern const SEC_ASN1Template CERT_SignedDataTemplate[];
-extern const SEC_ASN1Template CERT_CrlTemplate[];
-
-/*
-** XXX should the attribute stuff be centralized for all of ns/security?
-*/
-extern const SEC_ASN1Template CERT_AttributeTemplate[];
-extern const SEC_ASN1Template CERT_SetOfAttributeTemplate[];
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs. Sigh.
-*/
-SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateRequestTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_CertificateTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_CrlTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_IssuerAndSNTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_NameTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_SetOfSignedCrlTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_SignedDataTemplate)
-SEC_ASN1_CHOOSER_DECLARE(CERT_SubjectPublicKeyInfoTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_SignedCertificateTemplate)
-
-SEC_END_PROTOS
-
-#endif /* _CERTT_H_ */
diff --git a/security/nss/lib/certdb/certv3.c b/security/nss/lib/certdb/certv3.c
deleted file mode 100644
index ea1016234..000000000
--- a/security/nss/lib/certdb/certv3.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Code for dealing with X509.V3 extensions.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-#include "secerr.h"
-
-SECStatus
-CERT_FindCertExtensionByOID(CERTCertificate *cert, SECItem *oid,
- SECItem *value)
-{
- return (cert_FindExtensionByOID (cert->extensions, oid, value));
-}
-
-
-SECStatus
-CERT_FindCertExtension(CERTCertificate *cert, int tag, SECItem *value)
-{
- return (cert_FindExtension (cert->extensions, tag, value));
-}
-
-static void
-SetExts(void *object, CERTCertExtension **exts)
-{
- CERTCertificate *cert = (CERTCertificate *)object;
-
- cert->extensions = exts;
- DER_SetUInteger (cert->arena, &(cert->version), SEC_CERTIFICATE_VERSION_3);
-}
-
-void *
-CERT_StartCertExtensions(CERTCertificate *cert)
-{
- return (cert_StartExtensions ((void *)cert, cert->arena, SetExts));
-}
-
-/* find the given extension in the certificate of the Issuer of 'cert' */
-SECStatus
-CERT_FindIssuerCertExtension(CERTCertificate *cert, int tag, SECItem *value)
-{
- CERTCertificate *issuercert;
- SECStatus rv;
-
- issuercert = CERT_FindCertByName(cert->dbhandle, &cert->derIssuer);
- if ( issuercert ) {
- rv = cert_FindExtension(issuercert->extensions, tag, value);
- CERT_DestroyCertificate(issuercert);
- } else {
- rv = SECFailure;
- }
-
- return(rv);
-}
-
-/* find a URL extension in the cert or its CA
- * apply the base URL string if it exists
- */
-char *
-CERT_FindCertURLExtension(CERTCertificate *cert, int tag, int catag)
-{
- SECStatus rv;
- SECItem urlitem;
- SECItem baseitem;
- SECItem urlstringitem = {siBuffer,0};
- SECItem basestringitem = {siBuffer,0};
- PRArenaPool *arena = NULL;
- PRBool hasbase;
- char *urlstring;
- char *str;
- int len;
- int i;
-
- urlstring = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( ! arena ) {
- goto loser;
- }
-
- hasbase = PR_FALSE;
- urlitem.data = NULL;
- baseitem.data = NULL;
-
- rv = cert_FindExtension(cert->extensions, tag, &urlitem);
- if ( rv == SECSuccess ) {
- rv = cert_FindExtension(cert->extensions, SEC_OID_NS_CERT_EXT_BASE_URL,
- &baseitem);
- if ( rv == SECSuccess ) {
- hasbase = PR_TRUE;
- }
-
- } else if ( catag ) {
- /* if the cert doesn't have the extensions, see if the issuer does */
- rv = CERT_FindIssuerCertExtension(cert, catag, &urlitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- rv = CERT_FindIssuerCertExtension(cert, SEC_OID_NS_CERT_EXT_BASE_URL,
- &baseitem);
- if ( rv == SECSuccess ) {
- hasbase = PR_TRUE;
- }
- } else {
- goto loser;
- }
-
- rv = SEC_ASN1DecodeItem(arena, &urlstringitem, SEC_IA5StringTemplate,
- &urlitem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
- if ( hasbase ) {
- rv = SEC_ASN1DecodeItem(arena, &basestringitem, SEC_IA5StringTemplate,
- &baseitem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- len = urlstringitem.len + ( hasbase ? basestringitem.len : 0 ) + 1;
-
- str = urlstring = (char *)PORT_Alloc(len);
- if ( urlstring == NULL ) {
- goto loser;
- }
-
- /* copy the URL base first */
- if ( hasbase ) {
-
- /* if the urlstring has a : in it, then we assume it is an absolute
- * URL, and will not get the base string pre-pended
- */
- for ( i = 0; i < urlstringitem.len; i++ ) {
- if ( urlstringitem.data[i] == ':' ) {
- goto nobase;
- }
- }
-
- PORT_Memcpy(str, basestringitem.data, basestringitem.len);
- str += basestringitem.len;
-
- }
-
-nobase:
- /* copy the rest (or all) of the URL */
- PORT_Memcpy(str, urlstringitem.data, urlstringitem.len);
- str += urlstringitem.len;
-
- *str = '\0';
- goto done;
-
-loser:
- if ( urlstring ) {
- PORT_Free(urlstring);
- }
-
- urlstring = NULL;
-done:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if ( baseitem.data ) {
- PORT_Free(baseitem.data);
- }
- if ( urlitem.data ) {
- PORT_Free(urlitem.data);
- }
-
- return(urlstring);
-}
-
-/*
- * get the value of the Netscape Certificate Type Extension
- */
-SECStatus
-CERT_FindNSCertTypeExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
- return (CERT_FindBitStringExtension
- (cert->extensions, SEC_OID_NS_CERT_EXT_CERT_TYPE, retItem));
-}
-
-
-/*
- * get the value of a string type extension
- */
-char *
-CERT_FindNSStringExtension(CERTCertificate *cert, int oidtag)
-{
- SECItem wrapperItem, tmpItem = {siBuffer,0};
- SECStatus rv;
- PRArenaPool *arena = NULL;
- char *retstring = NULL;
-
- wrapperItem.data = NULL;
- tmpItem.data = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- goto loser;
- }
-
- rv = cert_FindExtension(cert->extensions, oidtag,
- &wrapperItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = SEC_ASN1DecodeItem(arena, &tmpItem, SEC_IA5StringTemplate,
- &wrapperItem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- retstring = (char *)PORT_Alloc(tmpItem.len + 1 );
- if ( retstring == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(retstring, tmpItem.data, tmpItem.len);
- retstring[tmpItem.len] = '\0';
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if ( wrapperItem.data ) {
- PORT_Free(wrapperItem.data);
- }
-
- return(retstring);
-}
-
-/*
- * get the value of the X.509 v3 Key Usage Extension
- */
-SECStatus
-CERT_FindKeyUsageExtension(CERTCertificate *cert, SECItem *retItem)
-{
-
- return (CERT_FindBitStringExtension(cert->extensions,
- SEC_OID_X509_KEY_USAGE, retItem));
-}
-
-/*
- * get the value of the X.509 v3 Key Usage Extension
- */
-SECStatus
-CERT_FindSubjectKeyIDExten(CERTCertificate *cert, SECItem *retItem)
-{
-
- SECItem encodedValue;
- SECStatus rv;
-
- encodedValue.data = NULL;
- rv = cert_FindExtension
- (cert->extensions, SEC_OID_X509_SUBJECT_KEY_ID, &encodedValue);
- if (rv != SECSuccess)
- return (rv);
- rv = SEC_ASN1DecodeItem (NULL, retItem, SEC_OctetStringTemplate,
- &encodedValue);
- PORT_Free (encodedValue.data);
-
- return (rv);
-}
-
-SECStatus
-CERT_FindBasicConstraintExten(CERTCertificate *cert,
- CERTBasicConstraints *value)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension(cert->extensions, SEC_OID_X509_BASIC_CONSTRAINTS,
- &encodedExtenValue);
- if ( rv != SECSuccess ) {
- return (rv);
- }
-
- rv = CERT_DecodeBasicConstraintValue (value, &encodedExtenValue);
-
- /* free the raw extension data */
- PORT_Free(encodedExtenValue.data);
- encodedExtenValue.data = NULL;
-
- return(rv);
-}
-
-CERTAuthKeyID *
-CERT_FindAuthKeyIDExten (PRArenaPool *arena, CERTCertificate *cert)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
- CERTAuthKeyID *ret;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension(cert->extensions, SEC_OID_X509_AUTH_KEY_ID,
- &encodedExtenValue);
- if ( rv != SECSuccess ) {
- return (NULL);
- }
-
- ret = CERT_DecodeAuthKeyID (arena, &encodedExtenValue);
-
- PORT_Free(encodedExtenValue.data);
- encodedExtenValue.data = NULL;
-
- return(ret);
-}
-
-SECStatus
-CERT_CheckCertUsage(CERTCertificate *cert, unsigned char usage)
-{
- PRBool critical;
- SECItem keyUsage;
- SECStatus rv;
-
- /* There is no extension, v1 or v2 certificate */
- if (cert->extensions == NULL) {
- return (SECSuccess);
- }
-
- keyUsage.data = NULL;
-
- do {
- /* if the keyUsage extension exists and is critical, make sure that the
- CA certificate is used for certificate signing purpose only. If the
- extension does not exist, we will assum that it can be used for
- certificate signing purpose.
- */
- rv = CERT_GetExtenCriticality(cert->extensions,
- SEC_OID_X509_KEY_USAGE,
- &critical);
- if (rv == SECFailure) {
- rv = (PORT_GetError () == SEC_ERROR_EXTENSION_NOT_FOUND) ?
- SECSuccess : SECFailure;
- break;
- }
-
- if (critical == PR_FALSE) {
- rv = SECSuccess;
- break;
- }
-
- rv = CERT_FindKeyUsageExtension(cert, &keyUsage);
- if (rv != SECSuccess) {
- break;
- }
- if (!(keyUsage.data[0] & usage)) {
- PORT_SetError (SEC_ERROR_CERT_USAGES_INVALID);
- rv = SECFailure;
- }
- }while (0);
- PORT_Free (keyUsage.data);
- return (rv);
-}
diff --git a/security/nss/lib/certdb/certxutl.c b/security/nss/lib/certdb/certxutl.c
deleted file mode 100644
index 619f576b2..000000000
--- a/security/nss/lib/certdb/certxutl.c
+++ /dev/null
@@ -1,482 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Certificate Extensions handling code
- *
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-#include "secerr.h"
-
-#ifdef OLD
-#include "ocspti.h" /* XXX a better extensions interface would not
- * require knowledge of data structures of callers */
-#endif
-
-static CERTCertExtension *
-GetExtension (CERTCertExtension **extensions, SECItem *oid)
-{
- CERTCertExtension **exts;
- CERTCertExtension *ext = NULL;
- SECComparison comp;
-
- exts = extensions;
-
- if (exts) {
- while ( *exts ) {
- ext = *exts;
- comp = SECITEM_CompareItem(oid, &ext->id);
- if ( comp == SECEqual )
- break;
-
- exts++;
- }
- return (*exts ? ext : NULL);
- }
- return (NULL);
-}
-
-SECStatus
-cert_FindExtensionByOID (CERTCertExtension **extensions, SECItem *oid, SECItem *value)
-{
- CERTCertExtension *ext;
- SECStatus rv = SECSuccess;
-
- ext = GetExtension (extensions, oid);
- if (ext == NULL) {
- PORT_SetError (SEC_ERROR_EXTENSION_NOT_FOUND);
- return (SECFailure);
- }
- if (value)
- rv = SECITEM_CopyItem(NULL, value, &ext->value);
- return (rv);
-}
-
-
-SECStatus
-CERT_GetExtenCriticality (CERTCertExtension **extensions, int tag, PRBool *isCritical)
-{
- CERTCertExtension *ext;
- SECOidData *oid;
-
- if (!isCritical)
- return (SECSuccess);
-
- /* find the extension in the extensions list */
- oid = SECOID_FindOIDByTag((SECOidTag)tag);
- if ( !oid ) {
- return(SECFailure);
- }
- ext = GetExtension (extensions, &oid->oid);
- if (ext == NULL) {
- PORT_SetError (SEC_ERROR_EXTENSION_NOT_FOUND);
- return (SECFailure);
- }
-
- /* If the criticality is omitted, then it is false by default.
- ex->critical.data is NULL */
- if (ext->critical.data == NULL)
- *isCritical = PR_FALSE;
- else
- *isCritical = (ext->critical.data[0] == 0xff) ? PR_TRUE : PR_FALSE;
- return (SECSuccess);
-}
-
-SECStatus
-cert_FindExtension(CERTCertExtension **extensions, int tag, SECItem *value)
-{
- SECOidData *oid;
-
- oid = SECOID_FindOIDByTag((SECOidTag)tag);
- if ( !oid ) {
- return(SECFailure);
- }
-
- return(cert_FindExtensionByOID(extensions, &oid->oid, value));
-}
-
-
-typedef struct _extNode {
- struct _extNode *next;
- CERTCertExtension *ext;
-} extNode;
-
-typedef struct {
- void (*setExts)(void *object, CERTCertExtension **exts);
- void *object;
- PRArenaPool *ownerArena;
- PRArenaPool *arena;
- extNode *head;
- int count;
-}extRec;
-
-/*
- * cert_StartExtensions
- *
- * NOTE: This interface changed significantly to remove knowledge
- * about callers data structures (owner objects)
- */
-void *
-cert_StartExtensions(void *owner, PRArenaPool *ownerArena,
- void (*setExts)(void *object, CERTCertExtension **exts))
-{
- PRArenaPool *arena;
- extRec *handle;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- return(0);
- }
-
- handle = (extRec *)PORT_ArenaAlloc(arena, sizeof(extRec));
- if ( !handle ) {
- PORT_FreeArena(arena, PR_FALSE);
- return(0);
- }
-
- handle->object = owner;
- handle->ownerArena = ownerArena;
- handle->setExts = setExts;
-
- handle->arena = arena;
- handle->head = 0;
- handle->count = 0;
-
- return(handle);
-}
-
-static unsigned char hextrue = 0xff;
-
-/*
- * Note - assumes that data pointed to by oid->data will not move
- */
-SECStatus
-CERT_AddExtensionByOID (void *exthandle, SECItem *oid, SECItem *value,
- PRBool critical, PRBool copyData)
-{
- CERTCertExtension *ext;
- SECStatus rv;
- extNode *node;
- extRec *handle;
-
- handle = (extRec *)exthandle;
-
- /* allocate space for extension and list node */
- ext = (CERTCertExtension*)PORT_ArenaZAlloc(handle->ownerArena,
- sizeof(CERTCertExtension));
- if ( !ext ) {
- return(SECFailure);
- }
-
- node = (extNode*)PORT_ArenaAlloc(handle->arena, sizeof(extNode));
- if ( !node ) {
- return(SECFailure);
- }
-
- /* add to list */
- node->next = handle->head;
- handle->head = node;
-
- /* point to ext struct */
- node->ext = ext;
-
- /* the object ID of the extension */
- ext->id = *oid;
-
- /* set critical field */
- if ( critical ) {
- ext->critical.data = (unsigned char*)&hextrue;
- ext->critical.len = 1;
- }
-
- /* set the value */
- if ( copyData ) {
- rv = SECITEM_CopyItem(handle->ownerArena, &ext->value, value);
- if ( rv ) {
- return(SECFailure);
- }
- } else {
- ext->value = *value;
- }
-
- handle->count++;
-
- return(SECSuccess);
-
-}
-
-SECStatus
-CERT_AddExtension(void *exthandle, int idtag, SECItem *value,
- PRBool critical, PRBool copyData)
-{
- SECOidData *oid;
-
- oid = SECOID_FindOIDByTag((SECOidTag)idtag);
- if ( !oid ) {
- return(SECFailure);
- }
-
- return(CERT_AddExtensionByOID(exthandle, &oid->oid, value, critical, copyData));
-}
-
-SECStatus
-CERT_EncodeAndAddExtension(void *exthandle, int idtag, void *value,
- PRBool critical, const SEC_ASN1Template *atemplate)
-{
- extRec *handle;
- SECItem *encitem;
-
- handle = (extRec *)exthandle;
-
- encitem = SEC_ASN1EncodeItem(handle->ownerArena, NULL, value, atemplate);
- if ( encitem == NULL ) {
- return(SECFailure);
- }
-
- return CERT_AddExtension(exthandle, idtag, encitem, critical, PR_FALSE);
-}
-
-void
-PrepareBitStringForEncoding (SECItem *bitsmap, SECItem *value)
-{
- unsigned char onebyte;
- unsigned int i, len = 0;
-
- /* to prevent warning on some platform at compile time */
- onebyte = '\0';
- /* Get the position of the right-most turn-on bit */
- for (i = 0; i < (value->len ) * 8; ++i) {
- if (i % 8 == 0)
- onebyte = value->data[i/8];
- if (onebyte & 0x80)
- len = i;
- onebyte <<= 1;
-
- }
- bitsmap->data = value->data;
- /* Add one here since we work with base 1 */
- bitsmap->len = len + 1;
-}
-
-SECStatus
-CERT_EncodeAndAddBitStrExtension (void *exthandle, int idtag,
- SECItem *value, PRBool critical)
-{
- SECItem bitsmap;
-
- PrepareBitStringForEncoding (&bitsmap, value);
- return (CERT_EncodeAndAddExtension
- (exthandle, idtag, &bitsmap, critical, SEC_BitStringTemplate));
-}
-
-SECStatus
-CERT_FinishExtensions(void *exthandle)
-{
- extRec *handle;
- extNode *node;
- CERTCertExtension **exts;
- SECStatus rv = SECFailure;
-
- handle = (extRec *)exthandle;
-
- /* allocate space for extensions array */
- exts = PORT_ArenaNewArray(handle->ownerArena, CERTCertExtension *,
- handle->count + 1);
- if (exts == NULL) {
- goto loser;
- }
-
- /* put extensions in owner object and update its version number */
-
-#ifdef OLD
- switch (handle->type) {
- case CertificateExtensions:
- handle->owner.cert->extensions = exts;
- DER_SetUInteger (ownerArena, &(handle->owner.cert->version),
- SEC_CERTIFICATE_VERSION_3);
- break;
- case CrlExtensions:
- handle->owner.crl->extensions = exts;
- DER_SetUInteger (ownerArena, &(handle->owner.crl->version),
- SEC_CRL_VERSION_2);
- break;
- case OCSPRequestExtensions:
- handle->owner.request->tbsRequest->requestExtensions = exts;
- break;
- case OCSPSingleRequestExtensions:
- handle->owner.singleRequest->singleRequestExtensions = exts;
- break;
- case OCSPResponseSingleExtensions:
- handle->owner.singleResponse->singleExtensions = exts;
- break;
- }
-#endif
-
- handle->setExts(handle->object, exts);
-
- /* update the version number */
-
- /* copy each extension pointer */
- node = handle->head;
- while ( node ) {
- *exts = node->ext;
-
- node = node->next;
- exts++;
- }
-
- /* terminate the array of extensions */
- *exts = 0;
-
- rv = SECSuccess;
-
-loser:
- /* free working arena */
- PORT_FreeArena(handle->arena, PR_FALSE);
- return rv;
-}
-
-/*
- * get the value of the Netscape Certificate Type Extension
- */
-SECStatus
-CERT_FindBitStringExtension (CERTCertExtension **extensions, int tag,
- SECItem *retItem)
-{
- SECItem wrapperItem, tmpItem = {siBuffer,0};
- SECStatus rv;
- PRArenaPool *arena = NULL;
-
- wrapperItem.data = NULL;
- tmpItem.data = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( ! arena ) {
- return(SECFailure);
- }
-
- rv = cert_FindExtension(extensions, tag, &wrapperItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = SEC_ASN1DecodeItem(arena, &tmpItem, SEC_BitStringTemplate,
- &wrapperItem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- retItem->data = (unsigned char *)PORT_Alloc( ( tmpItem.len + 7 ) >> 3 );
- if ( retItem->data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(retItem->data, tmpItem.data, ( tmpItem.len + 7 ) >> 3);
- retItem->len = tmpItem.len;
-
- rv = SECSuccess;
- goto done;
-
-loser:
- rv = SECFailure;
-
-done:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if ( wrapperItem.data ) {
- PORT_Free(wrapperItem.data);
- }
-
- return(rv);
-}
-
-PRBool
-cert_HasCriticalExtension (CERTCertExtension **extensions)
-{
- CERTCertExtension **exts;
- CERTCertExtension *ext = NULL;
- PRBool hasCriticalExten = PR_FALSE;
-
- exts = extensions;
-
- if (exts) {
- while ( *exts ) {
- ext = *exts;
- /* If the criticality is omitted, it's non-critical */
- if (ext->critical.data && ext->critical.data[0] == 0xff) {
- hasCriticalExten = PR_TRUE;
- break;
- }
- exts++;
- }
- }
- return (hasCriticalExten);
-}
-
-PRBool
-cert_HasUnknownCriticalExten (CERTCertExtension **extensions)
-{
- CERTCertExtension **exts;
- CERTCertExtension *ext = NULL;
- PRBool hasUnknownCriticalExten = PR_FALSE;
-
- exts = extensions;
-
- if (exts) {
- while ( *exts ) {
- ext = *exts;
- /* If the criticality is omitted, it's non-critical.
- If an extension is critical, make sure that we know
- how to process the extension.
- */
- if (ext->critical.data && ext->critical.data[0] == 0xff) {
- if (SECOID_KnownCertExtenOID (&ext->id) == PR_FALSE) {
- hasUnknownCriticalExten = PR_TRUE;
- break;
- }
- }
- exts++;
- }
- }
- return (hasUnknownCriticalExten);
-}
diff --git a/security/nss/lib/certdb/certxutl.h b/security/nss/lib/certdb/certxutl.h
deleted file mode 100644
index 381226a43..000000000
--- a/security/nss/lib/certdb/certxutl.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * x.509 v3 certificate extension helper routines
- *
- */
-
-
-#ifndef _CERTXUTL_H_
-#define _CERTXUTL_H_
-
-#include "nspr.h"
-
-#ifdef OLD
-typedef enum {
- CertificateExtensions,
- CrlExtensions,
- OCSPRequestExtensions,
- OCSPSingleRequestExtensions,
- OCSPResponseSingleExtensions
-} ExtensionsType;
-#endif
-
-extern PRBool
-cert_HasCriticalExtension (CERTCertExtension **extensions);
-
-extern SECStatus
-CERT_FindBitStringExtension (CERTCertExtension **extensions,
- int tag, SECItem *retItem);
-extern void *
-cert_StartExtensions (void *owner, PLArenaPool *arena,
- void (*setExts)(void *object, CERTCertExtension **exts));
-
-extern SECStatus
-cert_FindExtension (CERTCertExtension **extensions, int tag, SECItem *value);
-
-extern SECStatus
-cert_FindExtensionByOID (CERTCertExtension **extensions,
- SECItem *oid, SECItem *value);
-
-extern SECStatus
-cert_GetExtenCriticality (CERTCertExtension **extensions,
- int tag, PRBool *isCritical);
-
-extern PRBool
-cert_HasUnknownCriticalExten (CERTCertExtension **extensions);
-
-#endif
diff --git a/security/nss/lib/certdb/config.mk b/security/nss/lib/certdb/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/certdb/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c
deleted file mode 100644
index d6c232ec7..000000000
--- a/security/nss/lib/certdb/crl.c
+++ /dev/null
@@ -1,616 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Moved from secpkcs7.c
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "certdb.h"
-#include "certxutl.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "pk11func.h"
-
-const SEC_ASN1Template SEC_CERTExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertExtension) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTCertExtension,id) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
- offsetof(CERTCertExtension,critical), },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTCertExtension,value) },
- { 0, }
-};
-
-static const SEC_ASN1Template SEC_CERTExtensionsTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_CERTExtensionTemplate}
-};
-
-/*
- * XXX Also, these templates, especially the Krl/FORTEZZA ones, need to
- * be tested; Lisa did the obvious translation but they still should be
- * verified.
- */
-
-const SEC_ASN1Template CERT_IssuerAndSNTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTIssuerAndSN) },
- { SEC_ASN1_SAVE,
- offsetof(CERTIssuerAndSN,derIssuer) },
- { SEC_ASN1_INLINE,
- offsetof(CERTIssuerAndSN,issuer),
- CERT_NameTemplate },
- { SEC_ASN1_INTEGER,
- offsetof(CERTIssuerAndSN,serialNumber) },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_KrlEntryTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrlEntry) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTCrlEntry,serialNumber) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrlEntry,revocationDate) },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_KrlTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrl) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,signatureAlg),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCrl,derName) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,name),
- CERT_NameTemplate },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,lastUpdate) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,nextUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCrl,entries),
- cert_KrlEntryTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_SignedKrlTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTSignedCrl) },
- { SEC_ASN1_SAVE,
- offsetof(CERTSignedCrl,signatureWrap.data) },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,crl),
- cert_KrlTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,signatureWrap.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTSignedCrl,signatureWrap.signature) },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_CrlKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrlKey) },
- { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof(CERTCrlKey,dummy) },
- { SEC_ASN1_SKIP },
- { SEC_ASN1_ANY, offsetof(CERTCrlKey,derName) },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-static const SEC_ASN1Template cert_CrlEntryTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrlEntry) },
- { SEC_ASN1_INTEGER,
- offsetof(CERTCrlEntry,serialNumber) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrlEntry,revocationDate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCrlEntry, extensions),
- SEC_CERTExtensionTemplate},
- { 0 }
-};
-
-const SEC_ASN1Template CERT_CrlTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCrl) },
- { SEC_ASN1_INTEGER | SEC_ASN1_OPTIONAL, offsetof (CERTCrl, version) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,signatureAlg),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_SAVE,
- offsetof(CERTCrl,derName) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCrl,name),
- CERT_NameTemplate },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,lastUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_UTC_TIME,
- offsetof(CERTCrl,nextUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCrl,entries),
- cert_CrlEntryTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_EXPLICIT | 0,
- offsetof(CERTCrl,extensions),
- SEC_CERTExtensionsTemplate},
- { 0 }
-};
-
-static const SEC_ASN1Template cert_SignedCrlTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTSignedCrl) },
- { SEC_ASN1_SAVE,
- offsetof(CERTSignedCrl,signatureWrap.data) },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,crl),
- CERT_CrlTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedCrl,signatureWrap.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTSignedCrl,signatureWrap.signature) },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_SetOfSignedCrlTemplate[] = {
- { SEC_ASN1_SET_OF, 0, cert_SignedCrlTemplate },
-};
-
-/* Check the version of the CRL. If there is a critical extension in the crl
- or crl entry, then the version must be v2. Otherwise, it should be v1. If
- the crl contains critical extension(s), then we must recognized the extension's
- OID.
- */
-SECStatus cert_check_crl_version (CERTCrl *crl)
-{
- CERTCrlEntry **entries;
- CERTCrlEntry *entry;
- PRBool hasCriticalExten = PR_FALSE;
- SECStatus rv = SECSuccess;
- int version;
-
- /* CRL version is defaulted to v1 */
- version = SEC_CRL_VERSION_1;
- if (crl->version.data != 0)
- version = (int)DER_GetUInteger (&crl->version);
-
- if (version > SEC_CRL_VERSION_2) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- return (SECFailure);
- }
-
- /* Check the crl extensions for a critial extension. If one is found,
- and the version is not v2, then we are done.
- */
- if (crl->extensions) {
- hasCriticalExten = cert_HasCriticalExtension (crl->extensions);
- if (hasCriticalExten) {
- if (version != SEC_CRL_VERSION_2)
- return (SECFailure);
- /* make sure that there is no unknown critical extension */
- if (cert_HasUnknownCriticalExten (crl->extensions) == PR_TRUE) {
- PORT_SetError (SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
- return (SECFailure);
- }
- }
- }
-
-
- if (crl->entries == NULL) {
- if (hasCriticalExten == PR_FALSE && version == SEC_CRL_VERSION_2) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- return (SECFailure);
- }
- return (SECSuccess);
- }
- /* Look in the crl entry extensions. If there is a critical extension,
- then the crl version must be v2; otherwise, it should be v1.
- */
- entries = crl->entries;
- while (*entries) {
- entry = *entries;
- if (entry->extensions) {
- /* If there is a critical extension in the entries, then the
- CRL must be of version 2. If we already saw a critical extension,
- there is no need to check the version again.
- */
- if (hasCriticalExten == PR_FALSE) {
- hasCriticalExten = cert_HasCriticalExtension (entry->extensions);
- if (hasCriticalExten && version != SEC_CRL_VERSION_2) {
- rv = SECFailure;
- break;
- }
- }
-
- /* For each entry, make sure that it does not contain an unknown
- critical extension. If it does, we must reject the CRL since
- we don't know how to process the extension.
- */
- if (cert_HasUnknownCriticalExten (entry->extensions) == PR_TRUE) {
- PORT_SetError (SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION);
- rv = SECFailure;
- break;
- }
- }
- ++entries;
- }
- if (rv == SECFailure)
- return (rv);
-
- /* There is no critical extension, but the version is set to v2 */
- if (version != SEC_CRL_VERSION_1 && hasCriticalExten == PR_FALSE) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- return (SECFailure);
- }
- return (SECSuccess);
-}
-
-/*
- * Generate a database key, based on the issuer name from a
- * DER crl.
- */
-SECStatus
-CERT_KeyFromDERCrl(PRArenaPool *arena, SECItem *derCrl, SECItem *key)
-{
- SECStatus rv;
- CERTSignedData sd;
- CERTCrlKey crlkey;
-
- PORT_Memset (&sd, 0, sizeof (sd));
- rv = SEC_ASN1DecodeItem (arena, &sd, CERT_SignedDataTemplate, derCrl);
- if (rv != SECSuccess) {
- return rv;
- }
-
- PORT_Memset (&crlkey, 0, sizeof (crlkey));
- rv = SEC_ASN1DecodeItem(arena, &crlkey, cert_CrlKeyTemplate, &sd.data);
- if (rv != SECSuccess) {
- return rv;
- }
-
- key->len = crlkey.derName.len;
- key->data = crlkey.derName.data;
-
- return(SECSuccess);
-}
-
-/*
- * take a DER CRL or KRL and decode it into a CRL structure
- */
-CERTSignedCrl *
-CERT_DecodeDERCrl(PRArenaPool *narena, SECItem *derSignedCrl, int type)
-{
- PRArenaPool *arena;
- CERTSignedCrl *crl;
- SECStatus rv;
-
- /* make a new arena */
- if (narena == NULL) {
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- return NULL;
- }
- } else {
- arena = narena;
- }
-
- /* allocate the CRL structure */
- crl = (CERTSignedCrl *)PORT_ArenaZAlloc(arena, sizeof(CERTSignedCrl));
- if ( !crl ) {
- goto loser;
- }
-
- crl->arena = arena;
-
- /* Save the arena in the inner crl for CRL extensions support */
- crl->crl.arena = arena;
-
- /* decode the CRL info */
- switch (type) {
- case SEC_CRL_TYPE:
- rv = SEC_ASN1DecodeItem
- (arena, crl, cert_SignedCrlTemplate, derSignedCrl);
- if (rv != SECSuccess)
- break;
-
-#ifdef notdef
- /*this is a bogus check. all these fields are optional in a V2 cert.*/
- /* If the version is set to v2, make sure that it contains at
- least 1 critical extension either the crl extensions or
- crl entry extensions. */
- rv = cert_check_crl_version (&crl->crl);
-#endif
- break;
-
- case SEC_KRL_TYPE:
- rv = SEC_ASN1DecodeItem
- (arena, crl, cert_SignedKrlTemplate, derSignedCrl);
- break;
- default:
- rv = SECFailure;
- break;
- }
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- crl->referenceCount = 1;
-
- return(crl);
-
-loser:
-
- if ((narena == NULL) && arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(0);
-}
-
-/*
- * Lookup a CRL in the databases. We mirror the same fast caching data base
- * caching stuff used by certificates....?
- */
-CERTSignedCrl *
-SEC_FindCrlByKeyOnSlot(PK11SlotInfo *slot, SECItem *crlKey, int type)
-{
- CERTSignedCrl *crl = NULL;
- SECItem *derCrl;
- CK_OBJECT_HANDLE crlHandle;
-
- if (slot) {
- PK11_ReferenceSlot(slot);
- }
-
- derCrl = PK11_FindCrlByName(&slot, &crlHandle, crlKey,type);
- if (derCrl == NULL) {
- goto loser;
- }
-
- crl = CERT_DecodeDERCrl(NULL, derCrl, type);
- if (crl) {
- crl->slot = slot;
- slot = NULL; /* adopt it */
- }
-
-loser:
- if (slot) {
- PK11_FreeSlot(slot);
- }
- return(crl);
-}
-
-SECStatus SEC_DestroyCrl(CERTSignedCrl *crl);
-
-CERTSignedCrl *
-crl_storeCRL (PK11SlotInfo *slot,char *url,
- CERTSignedCrl *newCrl, SECItem *derCrl, int type)
-{
- CERTSignedCrl *oldCrl = NULL, *crl = NULL;
- CK_OBJECT_HANDLE crlHandle;
-
- oldCrl = SEC_FindCrlByKeyOnSlot(slot, &newCrl->crl.derName, type);
-
- /* if there is an old crl, make sure the one we are installing
- * is newer. If not, exit out, otherwise delete the old crl.
- */
- if (oldCrl != NULL) {
- if (!SEC_CrlIsNewer(&newCrl->crl,&oldCrl->crl)) {
-
- if (type == SEC_CRL_TYPE) {
- PORT_SetError(SEC_ERROR_OLD_CRL);
- } else {
- PORT_SetError(SEC_ERROR_OLD_KRL);
- }
-
- goto done;
- }
-
- if ((SECITEM_CompareItem(&newCrl->crl.derName,
- &oldCrl->crl.derName) != SECEqual) &&
- (type == SEC_KRL_TYPE) ) {
-
- PORT_SetError(SEC_ERROR_CKL_CONFLICT);
- goto done;
- }
-
- /* if we have a url in the database, use that one */
- if (oldCrl->url) {
- url = oldCrl->url;
- }
-
-
- /* really destroy this crl */
- /* first drum it out of the permanment Data base */
- SEC_DeletePermCRL(oldCrl);
- }
-
- /* Write the new entry into the data base */
- crlHandle = PK11_PutCrl(slot, derCrl, &newCrl->crl.derName, url, type);
- if (crlHandle != CK_INVALID_HANDLE) {
- crl = newCrl;
- crl->slot = PK11_ReferenceSlot(slot);
- crl->pkcs11ID = crlHandle;
- }
-
-done:
- if (oldCrl) SEC_DestroyCrl(oldCrl);
-
- return crl;
-}
-
-CERTSignedCrl *
-SEC_FindCrlByName(CERTCertDBHandle *handle, SECItem *crlKey, int type)
-{
- return SEC_FindCrlByKeyOnSlot(NULL,crlKey,type);
-}
-
-/*
- *
- * create a new CRL from DER material.
- *
- * The signature on this CRL must be checked before you
- * load it. ???
- */
-CERTSignedCrl *
-SEC_NewCrl(CERTCertDBHandle *handle, char *url, SECItem *derCrl, int type)
-{
- CERTSignedCrl *newCrl = NULL, *crl = NULL;
- PK11SlotInfo *slot;
-
- /* make this decode dates! */
- newCrl = CERT_DecodeDERCrl(NULL, derCrl, type);
- if (newCrl == NULL) {
- if (type == SEC_CRL_TYPE) {
- PORT_SetError(SEC_ERROR_CRL_INVALID);
- } else {
- PORT_SetError(SEC_ERROR_KRL_INVALID);
- }
- goto done;
- }
-
- slot = PK11_GetInternalKeySlot();
- crl = crl_storeCRL(slot, url, newCrl, derCrl, type);
- PK11_FreeSlot(slot);
-
-
-done:
- if (crl == NULL) {
- if (newCrl) {
- PORT_FreeArena(newCrl->arena, PR_FALSE);
- }
- }
-
- return crl;
-}
-
-
-CERTSignedCrl *
-SEC_FindCrlByDERCert(CERTCertDBHandle *handle, SECItem *derCrl, int type)
-{
- PRArenaPool *arena;
- SECItem crlKey;
- SECStatus rv;
- CERTSignedCrl *crl = NULL;
-
- /* create a scratch arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return(NULL);
- }
-
- /* extract the database key from the cert */
- rv = CERT_KeyFromDERCrl(arena, derCrl, &crlKey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* find the crl */
- crl = SEC_FindCrlByName(handle, &crlKey, type);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(crl);
-}
-
-
-SECStatus
-SEC_DestroyCrl(CERTSignedCrl *crl)
-{
- if (crl) {
- if (crl->referenceCount-- <= 1) {
- if (crl->slot) {
- PK11_FreeSlot(crl->slot);
- }
- PORT_FreeArena(crl->arena, PR_FALSE);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-SEC_LookupCrls(CERTCertDBHandle *handle, CERTCrlHeadNode **nodes, int type)
-{
- CERTCrlHeadNode *head;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- *nodes = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return SECFailure;
- }
-
- /* build a head structure */
- head = (CERTCrlHeadNode *)PORT_ArenaAlloc(arena, sizeof(CERTCrlHeadNode));
- head->arena = arena;
- head->first = NULL;
- head->last = NULL;
- head->dbhandle = handle;
-
- /* Look up the proper crl types */
- *nodes = head;
-
- rv = PK11_LookupCrls(nodes, type, NULL);
-
- if (rv != SECSuccess) {
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- *nodes = NULL;
- }
- }
-
- return rv;
-}
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs. Sigh.
-*/
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_IssuerAndSNTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CrlTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SetOfSignedCrlTemplate)
-
diff --git a/security/nss/lib/certdb/genname.c b/security/nss/lib/certdb/genname.c
deleted file mode 100644
index bb2402a90..000000000
--- a/security/nss/lib/certdb/genname.c
+++ /dev/null
@@ -1,1611 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-#include "seccomon.h"
-#include "secitem.h"
-#include "secoidt.h"
-#include "mcom_db.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "certt.h"
-#include "cert.h"
-#include "xconst.h"
-#include "secerr.h"
-#include "secoid.h"
-#include "prprf.h"
-#include "genname.h"
-
-
-
-static const SEC_ASN1Template CERTNameConstraintTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNameConstraint) },
- { SEC_ASN1_ANY, offsetof(CERTNameConstraint, DERName) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTNameConstraint, min), SEC_IntegerTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTNameConstraint, max), SEC_IntegerTemplate },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_NameConstraintSubtreeSubTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-
-
-const SEC_ASN1Template CERT_NameConstraintSubtreePermitedTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 0, 0, CERT_NameConstraintSubtreeSubTemplate }
-};
-
-const SEC_ASN1Template CERT_NameConstraintSubtreeExcludedTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 1, 0, CERT_NameConstraintSubtreeSubTemplate }
-};
-
-
-static const SEC_ASN1Template CERTNameConstraintsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTNameConstraints) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTNameConstraints, DERPermited), CERT_NameConstraintSubtreeSubTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTNameConstraints, DERExcluded), CERT_NameConstraintSubtreeSubTemplate},
- { 0, }
-};
-
-
-static const SEC_ASN1Template CERTOthNameTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(OtherName) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(OtherName, oid) },
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | 0,
- offsetof(OtherName, name), SEC_AnyTemplate },
- { 0, }
-};
-
-static const SEC_ASN1Template CERTOtherNameTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 0 ,
- offsetof(CERTGeneralName, name.OthName), CERTOthNameTemplate,
- sizeof(CERTGeneralName) }
-};
-
-static const SEC_ASN1Template CERTOtherName2Template[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_CONTEXT_SPECIFIC | 0 ,
- 0, NULL, sizeof(CERTGeneralName) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTGeneralName, name.OthName) + offsetof(OtherName, oid) },
- { SEC_ASN1_ANY,
- offsetof(CERTGeneralName, name.OthName) + offsetof(OtherName, name) },
- { 0, }
-};
-
-static const SEC_ASN1Template CERT_RFC822NameTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 1 ,
- offsetof(CERTGeneralName, name.other), SEC_IA5StringTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_DNSNameTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 2 ,
- offsetof(CERTGeneralName, name.other), SEC_IA5StringTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_X400AddressTemplate[] = {
- { SEC_ASN1_ANY | SEC_ASN1_CONTEXT_SPECIFIC | 3,
- offsetof(CERTGeneralName, name.other), SEC_AnyTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_DirectoryNameTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | 4,
- offsetof(CERTGeneralName, derDirectoryName), SEC_AnyTemplate,
- sizeof (CERTGeneralName)}
-};
-
-
-static const SEC_ASN1Template CERT_EDIPartyNameTemplate[] = {
- { SEC_ASN1_ANY | SEC_ASN1_CONTEXT_SPECIFIC | 5,
- offsetof(CERTGeneralName, name.other), SEC_AnyTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_URITemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 6 ,
- offsetof(CERTGeneralName, name.other), SEC_IA5StringTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_IPAddressTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 7 ,
- offsetof(CERTGeneralName, name.other), SEC_OctetStringTemplate,
- sizeof (CERTGeneralName)}
-};
-
-static const SEC_ASN1Template CERT_RegisteredIDTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 8 ,
- offsetof(CERTGeneralName, name.other), SEC_ObjectIDTemplate,
- sizeof (CERTGeneralName)}
-};
-
-
-const SEC_ASN1Template CERT_GeneralNamesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-
-
-
-void
-CERT_DestroyGeneralNameList(CERTGeneralNameList *list)
-{
- PZLock *lock;
-
- if (list != NULL) {
- lock = list->lock;
- PZ_Lock(lock);
- if (--list->refCount <= 0 && list->arena != NULL) {
- PORT_FreeArena(list->arena, PR_FALSE);
- PZ_Unlock(lock);
- PZ_DestroyLock(lock);
- } else {
- PZ_Unlock(lock);
- }
- }
- return;
-}
-
-CERTGeneralNameList *
-CERT_CreateGeneralNameList(CERTGeneralName *name) {
- PRArenaPool *arena;
- CERTGeneralNameList *list = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto done;
- }
- list = (CERTGeneralNameList *)
- PORT_ArenaZAlloc(arena, sizeof(CERTGeneralNameList));
- if (name != NULL) {
- list->name = (CERTGeneralName *)
- PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
- list->name->l.next = list->name->l.prev = &list->name->l;
- CERT_CopyGeneralName(arena, list->name, name);
- }
- list->lock = PZ_NewLock(nssILockList);
- list->arena = arena;
- list->refCount = 1;
-done:
- return list;
-}
-
-CERTGeneralName *
-cert_get_next_general_name(CERTGeneralName *current)
-{
- PRCList *next;
-
- next = current->l.next;
- return (CERTGeneralName *) (((char *) next) - offsetof(CERTGeneralName, l));
-}
-
-CERTGeneralName *
-cert_get_prev_general_name(CERTGeneralName *current)
-{
- PRCList *prev;
- prev = current->l.prev;
- return (CERTGeneralName *) (((char *) prev) - offsetof(CERTGeneralName, l));
-}
-
-CERTNameConstraint *
-cert_get_next_name_constraint(CERTNameConstraint *current)
-{
- PRCList *next;
-
- next = current->l.next;
- return (CERTNameConstraint *) (((char *) next) - offsetof(CERTNameConstraint, l));
-}
-
-CERTNameConstraint *
-cert_get_prev_name_constraint(CERTNameConstraint *current)
-{
- PRCList *prev;
- prev = current->l.prev;
- return (CERTNameConstraint *) (((char *) prev) - offsetof(CERTNameConstraint, l));
-}
-
-SECItem *
-cert_EncodeGeneralName(CERTGeneralName *genName, SECItem *dest, PRArenaPool *arena)
-{
-
-
- PORT_Assert(arena);
- if (arena == NULL) {
- goto loser;
- }
- if (dest == NULL) {
- dest = (SECItem *) PORT_ArenaZAlloc(arena, sizeof(SECItem));
- }
- switch (genName->type) {
- case certURI:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_URITemplate);
- break;
- case certRFC822Name:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_RFC822NameTemplate);
- break;
- case certDNSName:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_DNSNameTemplate);
- break;
- case certIPAddress:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_IPAddressTemplate);
- break;
- case certOtherName:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERTOtherNameTemplate);
- break;
- case certRegisterID:
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_RegisteredIDTemplate);
- break;
- case certEDIPartyName:
- /* for this type, we expect the value is already encoded */
- dest = SEC_ASN1EncodeItem (arena, dest, genName,
- CERT_EDIPartyNameTemplate);
- break;
- case certX400Address:
- /* for this type, we expect the value is already encoded */
- dest = SEC_ASN1EncodeItem (arena, dest, genName,
- CERT_X400AddressTemplate);
- break;
- case certDirectoryName:
- if (genName->derDirectoryName.data == NULL) {
- /* The field hasn't been encoded yet. */
- SEC_ASN1EncodeItem (arena, &(genName->derDirectoryName),
- &(genName->name.directoryName),
- CERT_NameTemplate);
- }
- if (genName->derDirectoryName.data == NULL) {
- goto loser;
- }
- dest = SEC_ASN1EncodeItem(arena, dest, genName,
- CERT_DirectoryNameTemplate);
- break;
- }
- if (!dest) {
- goto loser;
- }
- return dest;
-loser:
- return NULL;
-}
-
-
-
-SECItem **
-cert_EncodeGeneralNames(PRArenaPool *arena, CERTGeneralName *names)
-{
- CERTGeneralName *current_name;
- SECItem **items = NULL;
- int count = 0;
- int i;
- PRCList *head;
-
- PORT_Assert(arena);
- current_name = names;
- if (names != NULL) {
- count = 1;
- }
- head = &(names->l);
- while (current_name->l.next != head) {
- current_name = cert_get_next_general_name(current_name);
- ++count;
- }
- current_name = cert_get_next_general_name(current_name);
- items = (SECItem **) PORT_ArenaAlloc(arena, sizeof(SECItem *) * (count + 1));
-
- if (items == NULL) {
- goto loser;
- }
- for (i = 0; i < count; i++) {
- items[i] = cert_EncodeGeneralName(current_name, (SECItem *) NULL, arena);
- if (items[i] == NULL) {
- goto loser;
- }
- current_name = cert_get_next_general_name(current_name);
- }
- items[i] = NULL;
- return items;
-loser:
- return NULL;
-}
-
-CERTGeneralName *
-cert_DecodeGeneralName(PRArenaPool *arena,
- SECItem *encodedName,
- CERTGeneralName *genName)
-{
- CERTGeneralNameType genNameType;
- SECStatus rv = SECSuccess;
-
- PORT_Assert(arena);
- if (genName == NULL) {
- genName = (CERTGeneralName *) PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
- }
- genNameType = (CERTGeneralNameType)((*(encodedName->data) & 0x0f) + 1);
- switch (genNameType) {
- case certURI:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_URITemplate, encodedName);
- break;
- case certRFC822Name:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_RFC822NameTemplate, encodedName);
- break;
- case certDNSName:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_DNSNameTemplate, encodedName);
- break;
- case certIPAddress:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_IPAddressTemplate, encodedName);
- break;
- case certOtherName:
- rv = SEC_ASN1DecodeItem(arena, genName, CERTOtherNameTemplate, encodedName);
- break;
- case certRegisterID:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_RegisteredIDTemplate, encodedName);
- break;
- case certEDIPartyName:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_EDIPartyNameTemplate, encodedName);
- break;
- case certX400Address:
- rv = SEC_ASN1DecodeItem(arena, genName, CERT_X400AddressTemplate, encodedName);
- break;
- case certDirectoryName:
- rv = SEC_ASN1DecodeItem
- (arena, genName, CERT_DirectoryNameTemplate, encodedName);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SEC_ASN1DecodeItem
- (arena, &(genName->name.directoryName), CERT_NameTemplate,
- &(genName->derDirectoryName));
- break;
- }
-
- if (rv != SECSuccess) {
- goto loser;
- }
- genName->type = genNameType;
- genName->l.next = (PRCList *) ((char *) genName) + offsetof(CERTGeneralName, l);
- genName->l.prev = genName->l.next;
- return genName;
-loser:
- return NULL;
-}
-
-CERTGeneralName *
-cert_DecodeGeneralNames (PRArenaPool *arena,
- SECItem **encodedGenName)
-{
- PRCList *head = NULL;
- PRCList *tail = NULL;
- CERTGeneralName *currentName = NULL;
-
- PORT_Assert(arena);
- if (!encodedGenName) {
- goto loser;
- }
- while (*encodedGenName != NULL) {
- currentName = cert_DecodeGeneralName(arena, *encodedGenName, NULL);
- if (currentName == NULL) {
- goto loser;
- }
- if (head == NULL) {
- head = &(currentName->l);
- tail = head;
- }
- currentName->l.next = head;
- currentName->l.prev = tail;
- tail = &(currentName->l);
- (cert_get_prev_general_name(currentName))->l.next = tail;
- encodedGenName++;
- }
- (cert_get_next_general_name(currentName))->l.prev = tail;
- return cert_get_next_general_name(currentName);
-loser:
- return NULL;
-}
-
-void
-CERT_DestroyGeneralName(CERTGeneralName *name)
-{
- cert_DestroyGeneralNames(name);
-}
-
-SECStatus
-cert_DestroyGeneralNames(CERTGeneralName *name)
-{
- CERTGeneralName *first;
- CERTGeneralName *next = NULL;
-
-
- first = name;
- do {
- next = cert_get_next_general_name(name);
- PORT_Free(name);
- name = next;
- } while (name != first);
- return SECSuccess;
-}
-
-SECItem *
-cert_EncodeNameConstraint(CERTNameConstraint *constraint,
- SECItem *dest,
- PRArenaPool *arena)
-{
- PORT_Assert(arena);
- if (dest == NULL) {
- dest = (SECItem *) PORT_ArenaZAlloc(arena, sizeof(SECItem));
- if (dest == NULL) {
- return NULL;
- }
- }
- cert_EncodeGeneralName(&(constraint->name), &(constraint->DERName),
- arena);
-
- dest = SEC_ASN1EncodeItem (arena, dest, constraint,
- CERTNameConstraintTemplate);
- return dest;
-}
-
-SECStatus
-cert_EncodeNameConstraintSubTree(CERTNameConstraint *constraints,
- PRArenaPool *arena,
- SECItem ***dest,
- PRBool permited)
-{
- CERTNameConstraint *current_constraint = constraints;
- SECItem **items = NULL;
- int count = 0;
- int i;
- PRCList *head;
-
- PORT_Assert(arena);
- if (constraints != NULL) {
- count = 1;
- }
- head = (PRCList *) (((char *) constraints) + offsetof(CERTNameConstraint, l));
- while (current_constraint->l.next != head) {
- current_constraint = cert_get_next_name_constraint(current_constraint);
- ++count;
- }
- current_constraint = cert_get_next_name_constraint(current_constraint);
- items = (SECItem **) PORT_ArenaZAlloc(arena, sizeof(SECItem *) * (count + 1));
-
- if (items == NULL) {
- goto loser;
- }
- for (i = 0; i < count; i++) {
- items[i] = cert_EncodeNameConstraint(current_constraint,
- (SECItem *) NULL, arena);
- if (items[i] == NULL) {
- goto loser;
- }
- current_constraint = cert_get_next_name_constraint(current_constraint);
- }
- *dest = items;
- if (*dest == NULL) {
- goto loser;
- }
- return SECSuccess;
-loser:
- return SECFailure;
-}
-
-SECStatus
-cert_EncodeNameConstraints(CERTNameConstraints *constraints,
- PRArenaPool *arena,
- SECItem *dest)
-{
- SECStatus rv = SECSuccess;
-
- PORT_Assert(arena);
- if (constraints->permited != NULL) {
- rv = cert_EncodeNameConstraintSubTree(constraints->permited, arena,
- &constraints->DERPermited, PR_TRUE);
- if (rv == SECFailure) {
- goto loser;
- }
- }
- if (constraints->excluded != NULL) {
- rv = cert_EncodeNameConstraintSubTree(constraints->excluded, arena,
- &constraints->DERExcluded, PR_FALSE);
- if (rv == SECFailure) {
- goto loser;
- }
- }
- dest = SEC_ASN1EncodeItem(arena, dest, constraints,
- CERTNameConstraintsTemplate);
- if (dest == NULL) {
- goto loser;
- }
- return SECSuccess;
-loser:
- return SECFailure;
-}
-
-
-CERTNameConstraint *
-cert_DecodeNameConstraint(PRArenaPool *arena,
- SECItem *encodedConstraint)
-{
- CERTNameConstraint *constraint;
- SECStatus rv = SECSuccess;
- CERTGeneralName *temp;
-
-
-
- PORT_Assert(arena);
- constraint = (CERTNameConstraint *) PORT_ArenaZAlloc(arena, sizeof(CERTNameConstraint));
- rv = SEC_ASN1DecodeItem(arena, constraint, CERTNameConstraintTemplate, encodedConstraint);
- if (rv != SECSuccess) {
- goto loser;
- }
- temp = cert_DecodeGeneralName(arena, &(constraint->DERName), &(constraint->name));
- if (temp != &(constraint->name)) {
- goto loser;
- }
-
- /* ### sjlee: since the name constraint contains only one
- * CERTGeneralName, the list within CERTGeneralName shouldn't
- * point anywhere else. Otherwise, bad things will happen.
- */
- constraint->name.l.prev = constraint->name.l.next = &(constraint->name.l);
- return constraint;
-loser:
- return NULL;
-}
-
-
-CERTNameConstraint *
-cert_DecodeNameConstraintSubTree(PRArenaPool *arena,
- SECItem **subTree,
- PRBool permited)
-{
- CERTNameConstraint *current = NULL;
- CERTNameConstraint *first = NULL;
- CERTNameConstraint *last = NULL;
- CERTNameConstraint *next = NULL;
- int i = 0;
-
- while (subTree[i] != NULL) {
- current = cert_DecodeNameConstraint(arena, subTree[i]);
- if (current == NULL) {
- goto loser;
- }
- if (last == NULL) {
- first = last = current;
- }
- current->l.prev = &(last->l);
- current->l.next = last->l.next;
- last->l.next = &(current->l);
- i++;
- }
- first->l.prev = &(current->l);
- return first;
-loser:
- if (first) {
- current = first;
- do {
- next = cert_get_next_name_constraint(current);
- PORT_Free(current);
- current = next;
- }while (current != first);
- }
- return NULL;
-}
-
-CERTNameConstraints *
-cert_DecodeNameConstraints(PRArenaPool *arena,
- SECItem *encodedConstraints)
-{
- CERTNameConstraints *constraints;
- SECStatus rv;
-
- PORT_Assert(arena);
- PORT_Assert(encodedConstraints);
- constraints = (CERTNameConstraints *) PORT_ArenaZAlloc(arena,
- sizeof(CERTNameConstraints));
- if (constraints == NULL) {
- goto loser;
- }
- rv = SEC_ASN1DecodeItem(arena, constraints, CERTNameConstraintsTemplate,
- encodedConstraints);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (constraints->DERPermited != NULL && constraints->DERPermited[0] != NULL) {
- constraints->permited = cert_DecodeNameConstraintSubTree(arena,
- constraints->DERPermited,
- PR_TRUE);
- if (constraints->permited == NULL) {
- goto loser;
- }
- }
- if (constraints->DERExcluded != NULL && constraints->DERExcluded[0] != NULL) {
- constraints->excluded = cert_DecodeNameConstraintSubTree(arena,
- constraints->DERExcluded,
- PR_FALSE);
- if (constraints->excluded == NULL) {
- goto loser;
- }
- }
- return constraints;
-loser:
- return NULL;
-}
-
-
-SECStatus
-CERT_CopyGeneralName(PRArenaPool *arena,
- CERTGeneralName *dest,
- CERTGeneralName *src)
-{
- SECStatus rv;
- CERTGeneralName *destHead = dest;
- CERTGeneralName *srcHead = src;
- CERTGeneralName *temp;
-
- PORT_Assert(dest != NULL);
- dest->type = src->type;
- do {
- switch (src->type) {
- case certDirectoryName: {
- rv = SECITEM_CopyItem(arena, &dest->derDirectoryName, &src->derDirectoryName);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = CERT_CopyName(arena, &dest->name.directoryName, &src->name.directoryName);
- break;
- }
- case certOtherName: {
- rv = SECITEM_CopyItem(arena, &dest->name.OthName.name, &src->name.OthName.name);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = SECITEM_CopyItem(arena, &dest->name.OthName.oid, &src->name.OthName.oid);
- break;
- }
- default: {
- rv = SECITEM_CopyItem(arena, &dest->name.other, &src->name.other);
- }
- }
- src = cert_get_next_general_name(src);
- /* if there is only one general name, we shouldn't do this */
- if (src != srcHead) {
- if (dest->l.next == &destHead->l) {
- if (arena) {
- temp = (CERTGeneralName *)
- PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
- } else {
- temp = (CERTGeneralName *)
- PORT_ZAlloc(sizeof(CERTGeneralName));
- }
- temp->l.next = &destHead->l;
- temp->l.prev = &dest->l;
- destHead->l.prev = &temp->l;
- dest->l.next = &temp->l;
- dest = temp;
- } else {
- dest = cert_get_next_general_name(dest);
- }
- }
- } while (src != srcHead && rv == SECSuccess);
- return rv;
-}
-
-
-CERTGeneralNameList *
-CERT_DupGeneralNameList(CERTGeneralNameList *list)
-{
- if (list != NULL) {
- PZ_Lock(list->lock);
- list->refCount++;
- PZ_Unlock(list->lock);
- }
- return list;
-}
-
-CERTNameConstraint *
-CERT_CopyNameConstraint(PRArenaPool *arena,
- CERTNameConstraint *dest,
- CERTNameConstraint *src)
-{
- SECStatus rv;
-
- if (dest == NULL) {
- dest = (CERTNameConstraint *) PORT_ArenaZAlloc(arena, sizeof(CERTNameConstraint));
- /* mark that it is not linked */
- dest->name.l.prev = dest->name.l.next = &(dest->name.l);
- }
- rv = CERT_CopyGeneralName(arena, &dest->name, &src->name);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &dest->DERName, &src->DERName);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &dest->min, &src->min);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &dest->max, &src->max);
- if (rv != SECSuccess) {
- goto loser;
- }
- dest->l.prev = dest->l.next = &dest->l;
- return dest;
-loser:
- return NULL;
-}
-
-
-CERTGeneralName *
-cert_CombineNamesLists(CERTGeneralName *list1, CERTGeneralName *list2)
-{
- PRCList *begin1;
- PRCList *begin2;
- PRCList *end1;
- PRCList *end2;
-
- if (list1 == NULL){
- return list2;
- } else if (list2 == NULL) {
- return list1;
- } else {
- begin1 = &list1->l;
- begin2 = &list2->l;
- end1 = list1->l.prev;
- end2 = list2->l.prev;
- end1->next = begin2;
- end2->next = begin1;
- begin1->prev = end2;
- begin2->prev = end1;
- return list1;
- }
-}
-
-
-CERTNameConstraint *
-cert_CombineConstraintsLists(CERTNameConstraint *list1, CERTNameConstraint *list2)
-{
- PRCList *begin1;
- PRCList *begin2;
- PRCList *end1;
- PRCList *end2;
-
- if (list1 == NULL){
- return list2;
- } else if (list2 == NULL) {
- return list1;
- } else {
- begin1 = &list1->l;
- begin2 = &list2->l;
- end1 = list1->l.prev;
- end2 = list2->l.prev;
- end1->next = begin2;
- end2->next = begin1;
- begin1->prev = end2;
- begin2->prev = end1;
- return list1;
- }
-}
-
-
-CERTNameConstraint *
-CERT_AddNameConstraint(CERTNameConstraint *list,
- CERTNameConstraint *constraint)
-{
- PORT_Assert(constraint != NULL);
- constraint->l.next = constraint->l.prev = &constraint->l;
- list = cert_CombineConstraintsLists(list, constraint);
- return list;
-}
-
-
-SECStatus
-CERT_GetNameConstriantByType (CERTNameConstraint *constraints,
- CERTGeneralNameType type,
- CERTNameConstraint **returnList,
- PRArenaPool *arena)
-{
- CERTNameConstraint *current;
- CERTNameConstraint *temp;
-
- *returnList = NULL;
- if (!constraints)
- return SECSuccess;
- current = constraints;
-
- do {
- if (current->name.type == type ||
- (type == certDirectoryName && current->name.type == certRFC822Name)) {
- temp = NULL;
- temp = CERT_CopyNameConstraint(arena, temp, current);
- if (temp == NULL) {
- goto loser;
- }
- *returnList = CERT_AddNameConstraint(*returnList, temp);
- }
- current = cert_get_next_name_constraint(current);
- } while (current != constraints);
- return SECSuccess;
-loser:
- return SECFailure;
-}
-
-
-void *
-CERT_GetGeneralNameByType (CERTGeneralName *genNames,
- CERTGeneralNameType type, PRBool derFormat)
-{
- CERTGeneralName *current;
-
- if (!genNames)
- return (NULL);
- current = genNames;
-
- do {
- if (current->type == type) {
- switch (type) {
- case certDNSName:
- case certEDIPartyName:
- case certIPAddress:
- case certRegisterID:
- case certRFC822Name:
- case certX400Address:
- case certURI: {
- return &(current->name.other);
- }
- case certOtherName: {
- return &(current->name.OthName);
- break;
- }
- case certDirectoryName: {
- if (derFormat) {
- return &(current->derDirectoryName);
- } else{
- return &(current->name.directoryName);
- }
- break;
- }
- }
- }
- current = cert_get_next_general_name(current);
- } while (current != genNames);
- return (NULL);
-}
-
-int
-CERT_GetNamesLength(CERTGeneralName *names)
-{
- int length = 0;
- CERTGeneralName *first;
-
- first = names;
- if (names != NULL) {
- do {
- length++;
- names = cert_get_next_general_name(names);
- } while (names != first);
- }
- return length;
-}
-
-CERTGeneralName *
-CERT_GetCertificateNames(CERTCertificate *cert, PRArenaPool *arena)
-{
- CERTGeneralName *DN;
- CERTGeneralName *altName;
- SECItem altNameExtension;
- SECStatus rv;
-
-
- DN = (CERTGeneralName *) PORT_ArenaZAlloc(arena, sizeof(CERTGeneralName));
- if (DN == NULL) {
- goto loser;
- }
- rv = CERT_CopyName(arena, &DN->name.directoryName, &cert->subject);
- DN->type = certDirectoryName;
- DN->l.next = DN->l.prev = &DN->l;
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &DN->derDirectoryName, &cert->derSubject);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME,
- &altNameExtension);
- if (rv != SECSuccess) {
- return DN;
- }
- altName = CERT_DecodeAltNameExtension(arena, &altNameExtension);
- if (altName == NULL) {
- goto loser;
- }
- DN = cert_CombineNamesLists(DN, altName);
- return DN;
-loser:
- return NULL;
-}
-
-static SECStatus
-compareNameToConstraint(char *name, char *constraint, PRBool substring)
-{
- SECStatus rv;
-
- if (*constraint == '\0' && *name == '\0') {
- return SECSuccess;
- }
- if (*constraint == '*') {
- return compareNameToConstraint(name, constraint + 1, PR_TRUE);
- }
- if (substring) {
- if (*constraint == '\0') {
- return SECSuccess;
- }
- while (*name != *constraint) {
- if (*name == '\0') {
- return SECFailure;
- }
- name++;
- }
- rv = compareNameToConstraint(name + 1, constraint + 1, PR_FALSE);
- if (rv == SECSuccess) {
- return rv;
- }
- name++;
- } else {
- if (*name == *constraint) {
- name++;
- constraint++;
- } else {
- return SECFailure;
- }
- }
- return compareNameToConstraint(name, constraint, substring);
-}
-
-SECStatus
-cert_CompareNameWithConstraints(CERTGeneralName *name,
- CERTNameConstraint *constraints,
- PRBool excluded)
-{
- SECStatus rv = SECSuccess;
- char *nameString = NULL;
- char *constraintString = NULL;
- int start;
- int end;
- int tag;
- CERTRDN **nameRDNS, *nameRDN;
- CERTRDN **constraintRDNS, *constraintRDN;
- CERTAVA **nameAVAS, *nameAVA;
- CERTAVA **constraintAVAS, *constraintAVA;
- CERTNameConstraint *current;
- SECItem *avaValue;
- CERTName constraintName;
- CERTName certName;
- SECComparison status = SECEqual;
- PRArenaPool *certNameArena;
- PRArenaPool *constraintNameArena;
-
- certName.arena = NULL;
- certName.rdns = NULL;
- constraintName.arena = NULL;
- constraintName.rdns = NULL;
- if (constraints != NULL) {
- current = constraints;
- if (name->type == certDirectoryName) {
- certNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERT_CopyName(certNameArena, &certName, &name->name.directoryName);
- nameRDNS = certName.rdns;
- for (;;) {
- nameRDN = *nameRDNS++;
- nameAVAS = nameRDN->avas;
- for(;;) {
- nameAVA = *nameAVAS++;
- tag = CERT_GetAVATag(nameAVA);
- if ( tag == SEC_OID_PKCS9_EMAIL_ADDRESS ||
- tag == SEC_OID_RFC1274_MAIL) {
- avaValue = CERT_DecodeAVAValue(&nameAVA->value);
- nameString = (char*)PORT_ZAlloc(avaValue->len + 1);
- nameString = PORT_Strncpy(nameString, (char *) avaValue->data, avaValue->len);
- start = 0;
- while(nameString[start] != '@' && nameString[start + 1] != '\0') {
- start++;
- }
- start++;
- do{
- if (current->name.type == certRFC822Name) {
- constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
- constraintString = PORT_Strncpy(constraintString,
- (char *) current->name.name.other.data,
- current->name.name.other.len);
- rv = compareNameToConstraint(nameString + start, constraintString,
- PR_FALSE);
-
- if (constraintString != NULL) {
- PORT_Free(constraintString);
- constraintString = NULL;
- }
- if (nameString != NULL) {
- PORT_Free(nameString);
- nameString = NULL;
- }
- if (rv == SECSuccess && excluded == PR_TRUE) {
- goto found;
- }
- if (rv == SECSuccess && excluded == PR_FALSE) {
- break;
- }
- }
- current = cert_get_next_name_constraint(current);
- } while (current != constraints);
- }
- if (rv != SECSuccess && excluded == PR_FALSE) {
- goto loser;
- }
- if (*nameAVAS == NULL) {
- break;
- }
- }
- if (*nameRDNS == NULL) {
- break;
- }
- }
- }
- current = constraints;
- do {
- switch (name->type) {
- case certDNSName:
- nameString = (char*)PORT_ZAlloc(name->name.other.len + 1);
- nameString = PORT_Strncpy(nameString, (char *) name->name.other.data,
- name->name.other.len);
- constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
- constraintString = PORT_Strncpy(constraintString,
- (char *) current->name.name.other.data,
- current->name.name.other.len);
- rv = compareNameToConstraint(nameString, constraintString, PR_FALSE);
- if (nameString != NULL) {
- PORT_Free(nameString);
- }
- if (constraintString != NULL) {
- PORT_Free(constraintString);
- }
- break;
- case certRFC822Name:
- nameString = (char*)PORT_ZAlloc(name->name.other.len + 1);
- nameString = PORT_Strncpy(nameString, (char *) name->name.other.data,
- name->name.other.len);
- start = 0;
- while(nameString[start] != '@' && nameString[start + 1] != '\0') {
- start++;
- }
- start++;
- constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
- constraintString = PORT_Strncpy(constraintString,
- (char *) current->name.name.other.data,
- current->name.name.other.len);
- rv = compareNameToConstraint(nameString + start, constraintString, PR_FALSE);
- if (nameString != NULL) {
- PORT_Free(nameString);
- }
- if (constraintString != NULL) {
- PORT_Free(constraintString);
- }
- break;
- case certURI:
- nameString = (char*)PORT_ZAlloc(name->name.other.len + 1);
- nameString = PORT_Strncpy(nameString, (char *) name->name.other.data,
- name->name.other.len);
- start = 0;
- while(PORT_Strncmp(nameString + start, "://", 3) != 0 &&
- nameString[start + 3] != '\0') {
- start++;
- }
- start +=3;
- end = 0;
- while(nameString[start + end] != '/' &&
- nameString[start + end] != '\0') {
- end++;
- }
- nameString[start + end] = '\0';
- constraintString = (char*)PORT_ZAlloc(current->name.name.other.len + 1);
- constraintString = PORT_Strncpy(constraintString,
- (char *) current->name.name.other.data,
- current->name.name.other.len);
- rv = compareNameToConstraint(nameString + start, constraintString, PR_FALSE);
- if (nameString != NULL) {
- PORT_Free(nameString);
- }
- if (constraintString != NULL) {
- PORT_Free(constraintString);
- }
- break;
- case certDirectoryName:
- if (current->name.type == certDirectoryName) {
- constraintNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERT_CopyName(constraintNameArena, &constraintName, &current->name.name.directoryName);
- constraintRDNS = constraintName.rdns;
- for (;;) {
- constraintRDN = *constraintRDNS++;
- constraintAVAS = constraintRDN->avas;
- for(;;) {
- constraintAVA = *constraintAVAS++;
- certNameArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- CERT_CopyName(certNameArena, &certName, &name->name.directoryName);
- nameRDNS = certName.rdns;
- for (;;) {
- nameRDN = *nameRDNS++;
- nameAVAS = nameRDN->avas++;
- for(;;) {
- nameAVA = *nameAVAS++;
- status = CERT_CompareAVA(constraintAVA, nameAVA);
- if (status == SECEqual || *nameAVAS == NULL) {
- break;
- }
- }
- if (status == SECEqual || *nameRDNS == NULL) {
- break;
- }
- }
- if (status != SECEqual || *constraintAVAS == NULL) {
- break;
- }
- }
- if (status != SECEqual || *constraintRDNS == NULL) {
- break;
- }
- }
- if (status == SECEqual) {
- if (excluded == PR_FALSE) {
- goto found;
- } else {
- goto loser;
- }
- }
- break;
- } else if (current->name.type == certRFC822Name) {
- current = cert_get_next_name_constraint(current);
- continue;
- }
- default:
- /* other types are not supported */
- if (excluded) {
- goto found;
- } else {
- goto loser;
- }
- }
- if (rv == SECSuccess && status == SECEqual) {
- goto found;
- }
- current = cert_get_next_name_constraint(current);
- } while (current !=constraints);
- } else {
- goto found;
- }
-loser:
- if (certName.arena) {
- CERT_DestroyName(&certName);
- }
- if (constraintName.arena) {
- CERT_DestroyName(&constraintName);
- }
- return SECFailure;
-found:
- if (certName.arena) {
- CERT_DestroyName(&certName);
- }
- if (constraintName.arena) {
- CERT_DestroyName(&constraintName);
- }
- return SECSuccess;
-}
-
-
-CERTCertificate *
-CERT_CompareNameSpace(CERTCertificate *cert,
- CERTGeneralName *namesList,
- SECItem *namesListIndex,
- PRArenaPool *arena,
- CERTCertDBHandle *handle)
-{
- SECStatus rv;
- SECItem constraintsExtension;
- CERTNameConstraints *constraints;
- CERTGeneralName *currentName;
- int count = 0;
- CERTNameConstraint *matchingConstraints;
- CERTCertificate *badCert = NULL;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_NAME_CONSTRAINTS, &constraintsExtension);
- if (rv != SECSuccess) {
- return NULL;
- }
- constraints = cert_DecodeNameConstraints(arena, &constraintsExtension);
- currentName = namesList;
- if (constraints == NULL) {
- goto loser;
- }
- do {
- if (constraints->excluded != NULL) {
- rv = CERT_GetNameConstriantByType(constraints->excluded, currentName->type,
- &matchingConstraints, arena);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (matchingConstraints != NULL) {
- rv = cert_CompareNameWithConstraints(currentName, matchingConstraints,
- PR_TRUE);
- if (rv != SECFailure) {
- goto loser;
- }
- }
- }
- if (constraints->permited != NULL) {
- rv = CERT_GetNameConstriantByType(constraints->permited, currentName->type,
- &matchingConstraints, arena);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (matchingConstraints != NULL) {
- rv = cert_CompareNameWithConstraints(currentName, matchingConstraints,
- PR_FALSE);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- goto loser;
- }
- }
- currentName = cert_get_next_general_name(currentName);
- count ++;
- } while (currentName != namesList);
- return NULL;
-loser:
- badCert = CERT_FindCertByName (handle, &namesListIndex[count]);
- return badCert;
-}
-
-
-
-/* Search the cert for an X509_SUBJECT_ALT_NAME extension.
-** ASN1 Decode it into a list of alternate names.
-** Search the list of alternate names for one with the NETSCAPE_NICKNAME OID.
-** ASN1 Decode that name. Turn the result into a zString.
-** Look for duplicate nickname already in the certdb.
-** If one is found, create a nickname string that is not a duplicate.
-*/
-char *
-CERT_GetNickName(CERTCertificate *cert,
- CERTCertDBHandle *handle,
- PRArenaPool *nicknameArena)
-{
- CERTGeneralName *current;
- CERTGeneralName *names;
- char *nickname = NULL;
- char *returnName = NULL;
- char *basename = NULL;
- PRArenaPool *arena = NULL;
- CERTCertificate *tmpcert;
- SECStatus rv;
- int count;
- int found = 0;
- SECItem altNameExtension;
- SECItem nick;
-
- if (handle == NULL) {
- handle = CERT_GetDefaultCertDB();
- }
- altNameExtension.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_SUBJECT_ALT_NAME,
- &altNameExtension);
- if (rv != SECSuccess) {
- goto loser;
- }
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
- names = CERT_DecodeAltNameExtension(arena, &altNameExtension);
- if (names == NULL) {
- goto loser;
- }
- current = names;
- do {
- if (current->type == certOtherName &&
- SECOID_FindOIDTag(&current->name.OthName.oid) ==
- SEC_OID_NETSCAPE_NICKNAME) {
- found = 1;
- break;
- }
- current = cert_get_next_general_name(current);
- } while (current != names);
- if (!found)
- goto loser;
-
- rv = SEC_ASN1DecodeItem(arena, &nick, SEC_IA5StringTemplate,
- &current->name.OthName.name);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* make a null terminated string out of nick, with room enough at
- ** the end to add on a number of up to 21 digits in length, (a signed
- ** 64-bit number in decimal) plus a space and a "#".
- */
- nickname = (char*)PORT_ZAlloc(nick.len + 24);
- if (!nickname)
- goto loser;
- PORT_Strncpy(nickname, (char *)nick.data, nick.len);
-
- /* Don't let this cert's nickname duplicate one already in the DB.
- ** If it does, create a variant of the nickname that doesn't.
- */
- count = 0;
- while ((tmpcert = CERT_FindCertByNickname(handle, nickname)) != NULL) {
- CERT_DestroyCertificate(tmpcert);
- if (!basename) {
- basename = PORT_Strdup(nickname);
- if (!basename)
- goto loser;
- }
- count++;
- sprintf(nickname, "%s #%d", basename, count);
- }
-
- /* success */
- if (nicknameArena) {
- returnName = PORT_ArenaStrdup(nicknameArena, nickname);
- } else {
- returnName = nickname;
- nickname = NULL;
- }
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- if (nickname)
- PORT_Free(nickname);
- if (basename)
- PORT_Free(basename);
- if (altNameExtension.data)
- PORT_Free(altNameExtension.data);
- return returnName;
-}
-
-
-SECStatus
-CERT_CompareGeneralName(CERTGeneralName *a, CERTGeneralName *b)
-{
- CERTGeneralName *currentA;
- CERTGeneralName *currentB;
- PRBool found;
-
- currentA = a;
- currentB = b;
- if (a != NULL) {
- do {
- if (currentB == NULL) {
- return SECFailure;
- }
- currentB = cert_get_next_general_name(currentB);
- currentA = cert_get_next_general_name(currentA);
- } while (currentA != a);
- }
- if (currentB != b) {
- return SECFailure;
- }
- currentA = a;
- do {
- currentB = b;
- found = PR_FALSE;
- do {
- if (currentB->type == currentA->type) {
- switch (currentB->type) {
- case certDNSName:
- case certEDIPartyName:
- case certIPAddress:
- case certRegisterID:
- case certRFC822Name:
- case certX400Address:
- case certURI:
- if (SECITEM_CompareItem(&currentA->name.other,
- &currentB->name.other)
- == SECEqual) {
- found = PR_TRUE;
- }
- break;
- case certOtherName:
- if (SECITEM_CompareItem(&currentA->name.OthName.oid,
- &currentB->name.OthName.oid)
- == SECEqual &&
- SECITEM_CompareItem(&currentA->name.OthName.name,
- &currentB->name.OthName.name)
- == SECEqual) {
- found = PR_TRUE;
- }
- break;
- case certDirectoryName:
- if (CERT_CompareName(&currentA->name.directoryName,
- &currentB->name.directoryName)
- == SECEqual) {
- found = PR_TRUE;
- }
- }
-
- }
- currentB = cert_get_next_general_name(currentB);
- } while (currentB != b && found != PR_TRUE);
- if (found != PR_TRUE) {
- return SECFailure;
- }
- currentA = cert_get_next_general_name(currentA);
- } while (currentA != a);
- return SECSuccess;
-}
-
-SECStatus
-CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b)
-{
- SECStatus rv;
-
- if (a == b) {
- return SECSuccess;
- }
- if (a != NULL && b != NULL) {
- PZ_Lock(a->lock);
- PZ_Lock(b->lock);
- rv = CERT_CompareGeneralName(a->name, b->name);
- PZ_Unlock(a->lock);
- PZ_Unlock(b->lock);
- } else {
- rv = SECFailure;
- }
- return rv;
-}
-
-void *
-CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- PRArenaPool *arena)
-{
- CERTName *name = NULL;
- SECItem *item = NULL;
- OtherName *other = NULL;
- OtherName *tmpOther = NULL;
- void *data;
-
- PZ_Lock(list->lock);
- data = CERT_GetGeneralNameByType(list->name, type, PR_FALSE);
- if (data != NULL) {
- switch (type) {
- case certDNSName:
- case certEDIPartyName:
- case certIPAddress:
- case certRegisterID:
- case certRFC822Name:
- case certX400Address:
- case certURI:
- if (arena != NULL) {
- item = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
- if (item != NULL) {
- SECITEM_CopyItem(arena, item, (SECItem *) data);
- }
- } else {
- item = SECITEM_DupItem((SECItem *) data);
- }
- PZ_Unlock(list->lock);
- return item;
- case certOtherName:
- other = (OtherName *) data;
- if (arena != NULL) {
- tmpOther = (OtherName *)PORT_ArenaAlloc(arena,
- sizeof(OtherName));
- } else {
- tmpOther = (OtherName *) PORT_Alloc(sizeof(OtherName));
- }
- if (tmpOther != NULL) {
- SECITEM_CopyItem(arena, &tmpOther->oid, &other->oid);
- SECITEM_CopyItem(arena, &tmpOther->name, &other->name);
- }
- PZ_Unlock(list->lock);
- return tmpOther;
- case certDirectoryName:
- if (arena == NULL) {
- PZ_Unlock(list->lock);
- return NULL;
- } else {
- name = (CERTName *) PORT_ArenaZAlloc(list->arena,
- sizeof(CERTName));
- if (name != NULL) {
- CERT_CopyName(arena, name, (CERTName *) data);
- }
- PZ_Unlock(list->lock);
- return name;
- }
- }
- }
- PZ_Unlock(list->lock);
- return NULL;
-}
-
-void
-CERT_AddGeneralNameToList(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- void *data, SECItem *oid)
-{
- CERTGeneralName *name;
-
- if (list != NULL && data != NULL) {
- PZ_Lock(list->lock);
- name = (CERTGeneralName *)
- PORT_ArenaZAlloc(list->arena, sizeof(CERTGeneralName));
- name->type = type;
- switch (type) {
- case certDNSName:
- case certEDIPartyName:
- case certIPAddress:
- case certRegisterID:
- case certRFC822Name:
- case certX400Address:
- case certURI:
- SECITEM_CopyItem(list->arena, &name->name.other, (SECItem *)data);
- break;
- case certOtherName:
- SECITEM_CopyItem(list->arena, &name->name.OthName.name,
- (SECItem *) data);
- SECITEM_CopyItem(list->arena, &name->name.OthName.oid,
- oid);
- break;
- case certDirectoryName:
- CERT_CopyName(list->arena, &name->name.directoryName,
- (CERTName *) data);
- break;
- }
- name->l.prev = name->l.next = &name->l;
- list->name = cert_CombineNamesLists(list->name, name);
- list->len++;
- PZ_Unlock(list->lock);
- }
- return;
-}
diff --git a/security/nss/lib/certdb/genname.h b/security/nss/lib/certdb/genname.h
deleted file mode 100644
index 0e33b8eaf..000000000
--- a/security/nss/lib/certdb/genname.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _GENAME_H_
-#define _GENAME_H_
-
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "certt.h"
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template CERT_GeneralNamesTemplate[];
-
-extern CERTGeneralName *
-cert_get_next_general_name(CERTGeneralName *current);
-
-extern CERTGeneralName *
-cert_get_prev_general_name(CERTGeneralName *current);
-
-extern SECItem *
-cert_EncodeGeneralName(CERTGeneralName *genName, SECItem *dest,
- PRArenaPool *arena);
-
-extern SECItem **
-cert_EncodeGeneralNames(PRArenaPool *arena, CERTGeneralName *names);
-
-extern CERTGeneralName *
-cert_DecodeGeneralName(PRArenaPool *arena, SECItem *encodedName,
- CERTGeneralName *genName);
-
-extern CERTGeneralName *
-cert_DecodeGeneralNames(PRArenaPool *arena, SECItem **encodedGenName);
-
-extern SECStatus
-cert_DestroyGeneralNames(CERTGeneralName *name);
-
-extern SECStatus
-cert_EncodeNameConstraints(CERTNameConstraints *constraints, PRArenaPool *arena,
- SECItem *dest);
-
-extern CERTNameConstraints *
-cert_DecodeNameConstraints(PRArenaPool *arena, SECItem *encodedConstraints);
-
-extern CERTGeneralName *
-cert_CombineNamesLists(CERTGeneralName *list1, CERTGeneralName *list2);
-
-extern CERTNameConstraint *
-cert_CombineConstraintsLists(CERTNameConstraint *list1, CERTNameConstraint *list2);
-
-SECStatus
-CERT_CompareGeneralName(CERTGeneralName *a, CERTGeneralName *b);
-
-SECStatus
-CERT_CopyGeneralName(PRArenaPool *arena,
- CERTGeneralName *dest,
- CERTGeneralName *src);
-
-/* General Name Lists are a thread safe, reference counting layer to
- * general names */
-
-void
-CERT_DestroyGeneralNameList(CERTGeneralNameList *list);
-
-CERTGeneralNameList *
-CERT_CreateGeneralNameList(CERTGeneralName *name);
-
-SECStatus
-CERT_CompareGeneralNameLists(CERTGeneralNameList *a, CERTGeneralNameList *b);
-
-void *
-CERT_GetGeneralNameFromListByType(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- PRArenaPool *arena);
-
-void
-CERT_AddGeneralNameToList(CERTGeneralNameList *list,
- CERTGeneralNameType type,
- void *data, SECItem *oid);
-
-
-CERTGeneralNameList *
-CERT_DupGeneralNameList(CERTGeneralNameList *list);
-
-
-int
-CERT_GetNamesLength(CERTGeneralName *names);
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/certdb/manifest.mn b/security/nss/lib/certdb/manifest.mn
deleted file mode 100644
index 33b3fb612..000000000
--- a/security/nss/lib/certdb/manifest.mn
+++ /dev/null
@@ -1,67 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- cert.h \
- certt.h \
- certdb.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- genname.h \
- xconst.h \
- certxutl.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- alg1485.c \
- certdb.c \
- certv3.c \
- certxutl.c \
- crl.c \
- genname.c \
- stanpcertdb.c \
- polcyxtn.c \
- secname.c \
- xauthkid.c \
- xbsconst.c \
- xconst.c \
- $(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = certdb
-
diff --git a/security/nss/lib/certdb/polcyxtn.c b/security/nss/lib/certdb/polcyxtn.c
deleted file mode 100644
index 7f3dd3a78..000000000
--- a/security/nss/lib/certdb/polcyxtn.c
+++ /dev/null
@@ -1,541 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for various policy related extensions
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secport.h"
-#include "secder.h"
-#include "cert.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "nspr.h"
-
-const SEC_ASN1Template CERT_NoticeReferenceTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTNoticeReference) },
-/* NOTE: this should be a choice */
- { SEC_ASN1_IA5_STRING,
- offsetof(CERTNoticeReference, organization) },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTNoticeReference, noticeNumbers),
- SEC_IntegerTemplate },
- { 0 }
-};
-
-/* this template can not be encoded because of the option inline */
-const SEC_ASN1Template CERT_UserNoticeTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTUserNotice) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED,
- offsetof(CERTUserNotice, derNoticeReference) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(CERTUserNotice, displayText) },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_PolicyQualifierTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTPolicyQualifier) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTPolicyQualifier, qualifierID) },
- { SEC_ASN1_ANY,
- offsetof(CERTPolicyQualifier, qualifierValue) },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_PolicyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTPolicyInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTPolicyInfo, policyID) },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTPolicyInfo, policyQualifiers),
- CERT_PolicyQualifierTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_CertificatePoliciesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTCertificatePolicies, policyInfos),
- CERT_PolicyInfoTemplate, sizeof(CERTCertificatePolicies) }
-};
-
-static void
-breakLines(char *string)
-{
- char *tmpstr;
- char *lastspace = NULL;
- int curlen = 0;
- int c;
-
- tmpstr = string;
-
- while ( ( c = *tmpstr ) != '\0' ) {
- switch ( c ) {
- case ' ':
- lastspace = tmpstr;
- break;
- case '\n':
- lastspace = NULL;
- curlen = 0;
- break;
- }
-
- if ( ( curlen >= 55 ) && ( lastspace != NULL ) ) {
- *lastspace = '\n';
- curlen = ( tmpstr - lastspace );
- lastspace = NULL;
- }
-
- curlen++;
- tmpstr++;
- }
-
- return;
-}
-
-CERTCertificatePolicies *
-CERT_DecodeCertificatePoliciesExtension(SECItem *extnValue)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- CERTCertificatePolicies *policies;
- CERTPolicyInfo **policyInfos, *policyInfo;
- CERTPolicyQualifier **policyQualifiers, *policyQualifier;
-
- /* make a new arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- goto loser;
- }
-
- /* allocate the certifiate policies structure */
- policies = (CERTCertificatePolicies *)
- PORT_ArenaZAlloc(arena, sizeof(CERTCertificatePolicies));
-
- if ( policies == NULL ) {
- goto loser;
- }
-
- policies->arena = arena;
-
- /* decode the policy info */
- rv = SEC_ASN1DecodeItem(arena, policies, CERT_CertificatePoliciesTemplate,
- extnValue);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* initialize the oid tags */
- policyInfos = policies->policyInfos;
- while (*policyInfos != NULL ) {
- policyInfo = *policyInfos;
- policyInfo->oid = SECOID_FindOIDTag(&policyInfo->policyID);
- policyQualifiers = policyInfo->policyQualifiers;
- while ( *policyQualifiers != NULL ) {
- policyQualifier = *policyQualifiers;
- policyQualifier->oid =
- SECOID_FindOIDTag(&policyQualifier->qualifierID);
- policyQualifiers++;
- }
- policyInfos++;
- }
-
- return(policies);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-CERT_DestroyCertificatePoliciesExtension(CERTCertificatePolicies *policies)
-{
- if ( policies != NULL ) {
- PORT_FreeArena(policies->arena, PR_FALSE);
- }
- return;
-}
-
-
-CERTUserNotice *
-CERT_DecodeUserNotice(SECItem *noticeItem)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- CERTUserNotice *userNotice;
-
- /* make a new arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- goto loser;
- }
-
- /* allocate the userNotice structure */
- userNotice = (CERTUserNotice *)PORT_ArenaZAlloc(arena,
- sizeof(CERTUserNotice));
-
- if ( userNotice == NULL ) {
- goto loser;
- }
-
- userNotice->arena = arena;
-
- /* decode the user notice */
- rv = SEC_ASN1DecodeItem(arena, userNotice, CERT_UserNoticeTemplate,
- noticeItem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- if (userNotice->derNoticeReference.data != NULL) {
- /* sigh, the asn1 parser stripped the sequence encoding, re add it
- * before we decode.
- */
- SECItem tmpbuf;
- int newBytes;
-
- newBytes = SEC_ASN1LengthLength(userNotice->derNoticeReference.len)+1;
- tmpbuf.len = newBytes + userNotice->derNoticeReference.len;
- tmpbuf.data = PORT_ZAlloc(tmpbuf.len);
- if (tmpbuf.data == NULL) {
- goto loser;
- }
- tmpbuf.data[0] = SEC_ASN1_SEQUENCE | SEC_ASN1_CONSTRUCTED;
- SEC_ASN1EncodeLength(&tmpbuf.data[1],userNotice->derNoticeReference.len);
- PORT_Memcpy(&tmpbuf.data[newBytes],userNotice->derNoticeReference.data,
- userNotice->derNoticeReference.len);
-
- /* OK, no decode it */
- rv = SEC_ASN1DecodeItem(arena, &userNotice->noticeReference,
- CERT_NoticeReferenceTemplate, &tmpbuf);
-
- PORT_Free(tmpbuf.data); tmpbuf.data = NULL;
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- return(userNotice);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-CERT_DestroyUserNotice(CERTUserNotice *userNotice)
-{
- if ( userNotice != NULL ) {
- PORT_FreeArena(userNotice->arena, PR_FALSE);
- }
- return;
-}
-
-static CERTPolicyStringCallback policyStringCB = NULL;
-static void *policyStringCBArg = NULL;
-
-void
-CERT_SetCAPolicyStringCallback(CERTPolicyStringCallback cb, void *cbarg)
-{
- policyStringCB = cb;
- policyStringCBArg = cbarg;
- return;
-}
-
-char *
-stringFromUserNotice(SECItem *noticeItem)
-{
- SECItem *org;
- unsigned int len, headerlen;
- char *stringbuf;
- CERTUserNotice *userNotice;
- char *policystr;
- char *retstr = NULL;
- SECItem *displayText;
- SECItem **noticeNumbers;
- unsigned int strnum;
-
- /* decode the user notice */
- userNotice = CERT_DecodeUserNotice(noticeItem);
- if ( userNotice == NULL ) {
- return(NULL);
- }
-
- org = &userNotice->noticeReference.organization;
- if ( (org->len != 0 ) && ( policyStringCB != NULL ) ) {
- /* has a noticeReference */
-
- /* extract the org string */
- len = org->len;
- stringbuf = (char*)PORT_Alloc(len + 1);
- if ( stringbuf != NULL ) {
- PORT_Memcpy(stringbuf, org->data, len);
- stringbuf[len] = '\0';
-
- noticeNumbers = userNotice->noticeReference.noticeNumbers;
- while ( *noticeNumbers != NULL ) {
- /* XXX - only one byte integers right now*/
- strnum = (*noticeNumbers)->data[0];
- policystr = (* policyStringCB)(stringbuf,
- strnum,
- policyStringCBArg);
- if ( policystr != NULL ) {
- if ( retstr != NULL ) {
- retstr = PR_sprintf_append(retstr, "\n%s", policystr);
- } else {
- retstr = PR_sprintf_append(retstr, "%s", policystr);
- }
-
- PORT_Free(policystr);
- }
-
- noticeNumbers++;
- }
-
- PORT_Free(stringbuf);
- }
- }
-
- if ( retstr == NULL ) {
- if ( userNotice->displayText.len != 0 ) {
- displayText = &userNotice->displayText;
-
- if ( displayText->len > 2 ) {
- if ( displayText->data[0] == SEC_ASN1_VISIBLE_STRING ) {
- headerlen = 2;
- if ( displayText->data[1] & 0x80 ) {
- /* multibyte length */
- headerlen += ( displayText->data[1] & 0x7f );
- }
-
- len = displayText->len - headerlen;
- retstr = (char*)PORT_Alloc(len + 1);
- if ( retstr != NULL ) {
- PORT_Memcpy(retstr, &displayText->data[headerlen],len);
- retstr[len] = '\0';
- }
- }
- }
- }
- }
-
- CERT_DestroyUserNotice(userNotice);
-
- return(retstr);
-}
-
-char *
-CERT_GetCertCommentString(CERTCertificate *cert)
-{
- char *retstring = NULL;
- SECStatus rv;
- SECItem policyItem;
- CERTCertificatePolicies *policies = NULL;
- CERTPolicyInfo **policyInfos;
- CERTPolicyQualifier **policyQualifiers, *qualifier;
-
- policyItem.data = NULL;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_CERTIFICATE_POLICIES,
- &policyItem);
- if ( rv != SECSuccess ) {
- goto nopolicy;
- }
-
- policies = CERT_DecodeCertificatePoliciesExtension(&policyItem);
- if ( policies == NULL ) {
- goto nopolicy;
- }
-
- policyInfos = policies->policyInfos;
- /* search through policyInfos looking for the verisign policy */
- while (*policyInfos != NULL ) {
- if ( (*policyInfos)->oid == SEC_OID_VERISIGN_USER_NOTICES ) {
- policyQualifiers = (*policyInfos)->policyQualifiers;
- /* search through the policy qualifiers looking for user notice */
- while ( *policyQualifiers != NULL ) {
- qualifier = *policyQualifiers;
- if ( qualifier->oid == SEC_OID_PKIX_USER_NOTICE_QUALIFIER ) {
- retstring =
- stringFromUserNotice(&qualifier->qualifierValue);
- break;
- }
-
- policyQualifiers++;
- }
- break;
- }
- policyInfos++;
- }
-
-nopolicy:
- if ( policyItem.data != NULL ) {
- PORT_Free(policyItem.data);
- }
-
- if ( policies != NULL ) {
- CERT_DestroyCertificatePoliciesExtension(policies);
- }
-
- if ( retstring == NULL ) {
- retstring = CERT_FindNSStringExtension(cert,
- SEC_OID_NS_CERT_EXT_COMMENT);
- }
-
- if ( retstring != NULL ) {
- breakLines(retstring);
- }
-
- return(retstring);
-}
-
-
-const SEC_ASN1Template CERT_OidSeqTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTOidSequence, oids),
- SEC_ObjectIDTemplate }
-};
-
-CERTOidSequence *
-CERT_DecodeOidSequence(SECItem *seqItem)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- CERTOidSequence *oidSeq;
-
- /* make a new arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- goto loser;
- }
-
- /* allocate the userNotice structure */
- oidSeq = (CERTOidSequence *)PORT_ArenaZAlloc(arena,
- sizeof(CERTOidSequence));
-
- if ( oidSeq == NULL ) {
- goto loser;
- }
-
- oidSeq->arena = arena;
-
- /* decode the user notice */
- rv = SEC_ASN1DecodeItem(arena, oidSeq, CERT_OidSeqTemplate, seqItem);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- return(oidSeq);
-
-loser:
- return(NULL);
-}
-
-
-void
-CERT_DestroyOidSequence(CERTOidSequence *oidSeq)
-{
- if ( oidSeq != NULL ) {
- PORT_FreeArena(oidSeq->arena, PR_FALSE);
- }
- return;
-}
-
-PRBool
-CERT_GovtApprovedBitSet(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem extItem;
- CERTOidSequence *oidSeq = NULL;
- PRBool ret;
- SECItem **oids;
- SECItem *oid;
- SECOidTag oidTag;
-
- extItem.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- oidSeq = CERT_DecodeOidSequence(&extItem);
- if ( oidSeq == NULL ) {
- goto loser;
- }
-
- oids = oidSeq->oids;
- while ( oids != NULL && *oids != NULL ) {
- oid = *oids;
-
- oidTag = SECOID_FindOIDTag(oid);
-
- if ( oidTag == SEC_OID_NS_KEY_USAGE_GOVT_APPROVED ) {
- goto success;
- }
-
- oids++;
- }
-
-loser:
- ret = PR_FALSE;
- goto done;
-success:
- ret = PR_TRUE;
-done:
- if ( oidSeq != NULL ) {
- CERT_DestroyOidSequence(oidSeq);
- }
- if (extItem.data != NULL) {
- PORT_Free(extItem.data);
- }
- return(ret);
-}
diff --git a/security/nss/lib/certdb/secname.c b/security/nss/lib/certdb/secname.c
deleted file mode 100644
index 9296fd86d..000000000
--- a/security/nss/lib/certdb/secname.c
+++ /dev/null
@@ -1,641 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cert.h"
-#include "secoid.h"
-#include "secder.h" /* XXX remove this when remove the DERTemplates */
-#include "secasn1.h"
-#include "secitem.h"
-#include <stdarg.h>
-#include "secerr.h"
-
-static const SEC_ASN1Template cert_AVATemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTAVA) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTAVA,type), },
- { SEC_ASN1_ANY,
- offsetof(CERTAVA,value), },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_RDNTemplate[] = {
- { SEC_ASN1_SET_OF,
- offsetof(CERTRDN,avas), cert_AVATemplate, sizeof(CERTRDN) }
-};
-
-
-static int
-CountArray(void **array)
-{
- int count = 0;
- if (array) {
- while (*array++) {
- count++;
- }
- }
- return count;
-}
-
-static void
-**AddToArray(PRArenaPool *arena, void **array, void *element)
-{
- unsigned count;
- void **ap;
-
- /* Count up number of slots already in use in the array */
- count = 0;
- ap = array;
- if (ap) {
- while (*ap++) {
- count++;
- }
- }
-
- if (array) {
- array = (void**) PORT_ArenaGrow(arena, array,
- (count + 1) * sizeof(void *),
- (count + 2) * sizeof(void *));
- } else {
- array = (void**) PORT_ArenaAlloc(arena, (count + 2) * sizeof(void *));
- }
- if (array) {
- array[count] = element;
- array[count+1] = 0;
- }
- return array;
-}
-
-#if 0
-static void
-**RemoveFromArray(void **array, void *element)
-{
- unsigned count;
- void **ap;
- int slot;
-
- /* Look for element */
- ap = array;
- if (ap) {
- count = 1; /* count the null at the end */
- slot = -1;
- for (; *ap; ap++, count++) {
- if (*ap == element) {
- /* Found it */
- slot = ap - array;
- }
- }
- if (slot >= 0) {
- /* Found it. Squish array down */
- PORT_Memmove((void*) (array + slot), (void*) (array + slot + 1),
- (count - slot - 1) * sizeof(void*));
- /* Don't bother reallocing the memory */
- }
- }
- return array;
-}
-#endif /* 0 */
-
-SECOidTag
-CERT_GetAVATag(CERTAVA *ava)
-{
- SECOidData *oid;
- if (!ava->type.data) return (SECOidTag)-1;
-
- oid = SECOID_FindOID(&ava->type);
-
- if ( oid ) {
- return(oid->offset);
- }
- return (SECOidTag)-1;
-}
-
-static SECStatus
-SetupAVAType(PRArenaPool *arena, SECOidTag type, SECItem *it, unsigned *maxLenp)
-{
- unsigned char *oid;
- unsigned oidLen;
- unsigned char *cp;
- unsigned maxLen;
- SECOidData *oidrec;
-
- oidrec = SECOID_FindOIDByTag(type);
- if (oidrec == NULL)
- return SECFailure;
-
- oid = oidrec->oid.data;
- oidLen = oidrec->oid.len;
-
- switch (type) {
- case SEC_OID_AVA_COUNTRY_NAME:
- maxLen = 2;
- break;
- case SEC_OID_AVA_ORGANIZATION_NAME:
- maxLen = 64;
- break;
- case SEC_OID_AVA_COMMON_NAME:
- maxLen = 64;
- break;
- case SEC_OID_AVA_LOCALITY:
- maxLen = 128;
- break;
- case SEC_OID_AVA_STATE_OR_PROVINCE:
- maxLen = 128;
- break;
- case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
- maxLen = 64;
- break;
- case SEC_OID_AVA_DC:
- maxLen = 128;
- break;
- case SEC_OID_AVA_DN_QUALIFIER:
- maxLen = 0x7fff;
- break;
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- maxLen = 128;
- break;
- case SEC_OID_RFC1274_UID:
- maxLen = 256; /* RFC 1274 specifies 256 */
- break;
- case SEC_OID_RFC1274_MAIL:
- maxLen = 256; /* RFC 1274 specifies 256 */
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- it->data = cp = (unsigned char*) PORT_ArenaAlloc(arena, oidLen);
- if (cp == NULL) {
- return SECFailure;
- }
- it->len = oidLen;
- PORT_Memcpy(cp, oid, oidLen);
- *maxLenp = maxLen;
- return SECSuccess;
-}
-
-static SECStatus
-SetupAVAValue(PRArenaPool *arena, int valueType, char *value, SECItem *it,
- unsigned maxLen)
-{
- unsigned valueLen, valueLenLen, total;
- unsigned ucs4Len = 0, ucs4MaxLen;
- unsigned char *cp, *ucs4Val;
-
- switch (valueType) {
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_T61_STRING:
- valueLen = PORT_Strlen(value);
- break;
- case SEC_ASN1_UNIVERSAL_STRING:
- valueLen = PORT_Strlen(value);
- ucs4Val = (unsigned char *)PORT_ArenaZAlloc(arena,
- PORT_Strlen(value) * 6);
- ucs4MaxLen = PORT_Strlen(value) * 6;
- if(!ucs4Val || !PORT_UCS4_UTF8Conversion(PR_TRUE, (unsigned char *)value, valueLen,
- ucs4Val, ucs4MaxLen, &ucs4Len)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- value = (char *)ucs4Val;
- valueLen = ucs4Len;
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (((valueType != SEC_ASN1_UNIVERSAL_STRING) && (valueLen > maxLen)) ||
- ((valueType == SEC_ASN1_UNIVERSAL_STRING) && (valueLen > (maxLen * 4)))) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- valueLenLen = DER_LengthLength(valueLen);
- total = 1 + valueLenLen + valueLen;
- it->data = cp = (unsigned char*) PORT_ArenaAlloc(arena, total);
- if (!cp) {
- return SECFailure;
- }
- it->len = total;
- cp = (unsigned char*) DER_StoreHeader(cp, valueType, valueLen);
- PORT_Memcpy(cp, value, valueLen);
- return SECSuccess;
-}
-
-CERTAVA *
-CERT_CreateAVA(PRArenaPool *arena, SECOidTag kind, int valueType, char *value)
-{
- CERTAVA *ava;
- int rv;
- unsigned maxLen;
-
- ava = (CERTAVA*) PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
- if (ava) {
- rv = SetupAVAType(arena, kind, &ava->type, &maxLen);
- if (rv) {
- /* Illegal AVA type */
- return 0;
- }
- rv = SetupAVAValue(arena, valueType, value, &ava->value, maxLen);
- if (rv) {
- /* Illegal value type */
- return 0;
- }
- }
- return ava;
-}
-
-CERTAVA *
-CERT_CopyAVA(PRArenaPool *arena, CERTAVA *from)
-{
- CERTAVA *ava;
- int rv;
-
- ava = (CERTAVA*) PORT_ArenaZAlloc(arena, sizeof(CERTAVA));
- if (ava) {
- rv = SECITEM_CopyItem(arena, &ava->type, &from->type);
- if (rv) goto loser;
- rv = SECITEM_CopyItem(arena, &ava->value, &from->value);
- if (rv) goto loser;
- }
- return ava;
-
- loser:
- return 0;
-}
-
-/************************************************************************/
-/* XXX This template needs to go away in favor of the new SEC_ASN1 version. */
-static const SEC_ASN1Template cert_RDNTemplate[] = {
- { SEC_ASN1_SET_OF,
- offsetof(CERTRDN,avas), cert_AVATemplate, sizeof(CERTRDN) }
-};
-
-
-CERTRDN *
-CERT_CreateRDN(PRArenaPool *arena, CERTAVA *ava0, ...)
-{
- CERTAVA *ava;
- CERTRDN *rdn;
- va_list ap;
- unsigned count;
- CERTAVA **avap;
-
- rdn = (CERTRDN*) PORT_ArenaAlloc(arena, sizeof(CERTRDN));
- if (rdn) {
- /* Count number of avas going into the rdn */
- count = 1;
- va_start(ap, ava0);
- while ((ava = va_arg(ap, CERTAVA*)) != 0) {
- count++;
- }
- va_end(ap);
-
- /* Now fill in the pointers */
- rdn->avas = avap =
- (CERTAVA**) PORT_ArenaAlloc( arena, (count + 1)*sizeof(CERTAVA*));
- if (!avap) {
- return 0;
- }
- *avap++ = ava0;
- va_start(ap, ava0);
- while ((ava = va_arg(ap, CERTAVA*)) != 0) {
- *avap++ = ava;
- }
- va_end(ap);
- *avap++ = 0;
- }
- return rdn;
-}
-
-SECStatus
-CERT_AddAVA(PRArenaPool *arena, CERTRDN *rdn, CERTAVA *ava)
-{
- rdn->avas = (CERTAVA**) AddToArray(arena, (void**) rdn->avas, ava);
- return rdn->avas ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_CopyRDN(PRArenaPool *arena, CERTRDN *to, CERTRDN *from)
-{
- CERTAVA **avas, *fava, *tava;
- SECStatus rv;
-
- /* Copy each ava from from */
- avas = from->avas;
- while ((fava = *avas++) != 0) {
- tava = CERT_CopyAVA(arena, fava);
- if (!tava) return SECFailure;
- rv = CERT_AddAVA(arena, to, tava);
- if (rv) return rv;
- }
- return SECSuccess;
-}
-
-/************************************************************************/
-
-const SEC_ASN1Template CERT_NameTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(CERTName,rdns), CERT_RDNTemplate, sizeof(CERTName) }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_NameTemplate)
-
-CERTName *
-CERT_CreateName(CERTRDN *rdn0, ...)
-{
- CERTRDN *rdn;
- CERTName *name;
- va_list ap;
- unsigned count;
- CERTRDN **rdnp;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- return(0);
- }
-
- name = (CERTName*) PORT_ArenaAlloc(arena, sizeof(CERTName));
- if (name) {
- name->arena = arena;
-
- /* Count number of RDNs going into the Name */
- if (!rdn0) {
- count = 0;
- } else {
- count = 1;
- va_start(ap, rdn0);
- while ((rdn = va_arg(ap, CERTRDN*)) != 0) {
- count++;
- }
- va_end(ap);
- }
-
- /* Allocate space (including space for terminal null ptr) */
- name->rdns = rdnp =
- (CERTRDN**) PORT_ArenaAlloc(arena, (count + 1) * sizeof(CERTRDN*));
- if (!name->rdns) {
- goto loser;
- }
-
- /* Now fill in the pointers */
- if (count > 0) {
- *rdnp++ = rdn0;
- va_start(ap, rdn0);
- while ((rdn = va_arg(ap, CERTRDN*)) != 0) {
- *rdnp++ = rdn;
- }
- va_end(ap);
- }
-
- /* null terminate the list */
- *rdnp++ = 0;
- }
- return name;
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(0);
-}
-
-void
-CERT_DestroyName(CERTName *name)
-{
- if (name)
- {
- PRArenaPool *arena = name->arena;
- name->rdns = NULL;
- name->arena = NULL;
- if (arena) PORT_FreeArena(arena, PR_FALSE);
- }
-}
-
-SECStatus
-CERT_AddRDN(CERTName *name, CERTRDN *rdn)
-{
- name->rdns = (CERTRDN**) AddToArray(name->arena, (void**) name->rdns, rdn);
- return name->rdns ? SECSuccess : SECFailure;
-}
-
-SECStatus
-CERT_CopyName(PRArenaPool *arena, CERTName *to, CERTName *from)
-{
- CERTRDN **rdns, *frdn, *trdn;
- SECStatus rv;
-
- CERT_DestroyName(to);
- to->arena = arena;
-
- /* Copy each rdn from from */
- rdns = from->rdns;
- while ((frdn = *rdns++) != 0) {
- trdn = CERT_CreateRDN(arena, 0);
- if ( trdn == NULL ) {
- return(SECFailure);
- }
- rv = CERT_CopyRDN(arena, trdn, frdn);
- if (rv) return rv;
- rv = CERT_AddRDN(to, trdn);
- if (rv) return rv;
- }
- return SECSuccess;
-}
-
-/************************************************************************/
-
-SECComparison
-CERT_CompareAVA(CERTAVA *a, CERTAVA *b)
-{
- SECComparison rv;
-
- rv = SECITEM_CompareItem(&a->type, &b->type);
- if (rv) {
- /*
- ** XXX for now we are going to just assume that a bitwise
- ** comparison of the value codes will do the trick.
- */
- }
- rv = SECITEM_CompareItem(&a->value, &b->value);
- return rv;
-}
-
-SECComparison
-CERT_CompareRDN(CERTRDN *a, CERTRDN *b)
-{
- CERTAVA **aavas, *aava;
- CERTAVA **bavas, *bava;
- int ac, bc;
- SECComparison rv = SECEqual;
-
- aavas = a->avas;
- bavas = b->avas;
-
- /*
- ** Make sure array of ava's are the same length. If not, then we are
- ** not equal
- */
- ac = CountArray((void**) aavas);
- bc = CountArray((void**) bavas);
- if (ac < bc) return SECLessThan;
- if (ac > bc) return SECGreaterThan;
-
- for (;;) {
- aava = *aavas++;
- bava = *bavas++;
- if (!aava) {
- break;
- }
- rv = CERT_CompareAVA(aava, bava);
- if (rv) return rv;
- }
- return rv;
-}
-
-SECComparison
-CERT_CompareName(CERTName *a, CERTName *b)
-{
- CERTRDN **ardns, *ardn;
- CERTRDN **brdns, *brdn;
- int ac, bc;
- SECComparison rv = SECEqual;
-
- ardns = a->rdns;
- brdns = b->rdns;
-
- /*
- ** Make sure array of rdn's are the same length. If not, then we are
- ** not equal
- */
- ac = CountArray((void**) ardns);
- bc = CountArray((void**) brdns);
- if (ac < bc) return SECLessThan;
- if (ac > bc) return SECGreaterThan;
-
- for (;;) {
- ardn = *ardns++;
- brdn = *brdns++;
- if (!ardn) {
- break;
- }
- rv = CERT_CompareRDN(ardn, brdn);
- if (rv) return rv;
- }
- return rv;
-}
-
-/* Moved from certhtml.c */
-SECItem *
-CERT_DecodeAVAValue(SECItem *derAVAValue)
-{
- SECItem *retItem;
- const SEC_ASN1Template *theTemplate = NULL;
- PRBool convertUCS4toUTF8 = PR_FALSE;
- PRBool convertUCS2toUTF8 = PR_FALSE;
- SECItem avaValue = {siBuffer, 0};
-
- if(!derAVAValue) {
- return NULL;
- }
-
- switch(derAVAValue->data[0]) {
- case SEC_ASN1_UNIVERSAL_STRING:
- convertUCS4toUTF8 = PR_TRUE;
- theTemplate = SEC_UniversalStringTemplate;
- break;
- case SEC_ASN1_IA5_STRING:
- theTemplate = SEC_IA5StringTemplate;
- break;
- case SEC_ASN1_PRINTABLE_STRING:
- theTemplate = SEC_PrintableStringTemplate;
- break;
- case SEC_ASN1_T61_STRING:
- theTemplate = SEC_T61StringTemplate;
- break;
- case SEC_ASN1_BMP_STRING:
- convertUCS2toUTF8 = PR_TRUE;
- theTemplate = SEC_BMPStringTemplate;
- break;
- case SEC_ASN1_UTF8_STRING:
- /* No conversion needed ! */
- theTemplate = SEC_UTF8StringTemplate;
- break;
- default:
- return NULL;
- }
-
- PORT_Memset(&avaValue, 0, sizeof(SECItem));
- if(SEC_ASN1DecodeItem(NULL, &avaValue, theTemplate, derAVAValue)
- != SECSuccess) {
- return NULL;
- }
-
- if (convertUCS4toUTF8) {
- unsigned int utf8ValLen = avaValue.len * 3;
- unsigned char *utf8Val = (unsigned char*)PORT_ZAlloc(utf8ValLen);
-
- if(!PORT_UCS4_UTF8Conversion(PR_FALSE, avaValue.data, avaValue.len,
- utf8Val, utf8ValLen, &utf8ValLen)) {
- PORT_Free(utf8Val);
- PORT_Free(avaValue.data);
- return NULL;
- }
-
- PORT_Free(avaValue.data);
- avaValue.data = utf8Val;
- avaValue.len = utf8ValLen;
-
- } else if (convertUCS2toUTF8) {
-
- unsigned int utf8ValLen = avaValue.len * 3;
- unsigned char *utf8Val = (unsigned char*)PORT_ZAlloc(utf8ValLen);
-
- if(!PORT_UCS2_UTF8Conversion(PR_FALSE, avaValue.data, avaValue.len,
- utf8Val, utf8ValLen, &utf8ValLen)) {
- PORT_Free(utf8Val);
- PORT_Free(avaValue.data);
- return NULL;
- }
-
- PORT_Free(avaValue.data);
- avaValue.data = utf8Val;
- avaValue.len = utf8ValLen;
- }
-
- retItem = SECITEM_DupItem(&avaValue);
- PORT_Free(avaValue.data);
- return retItem;
-}
diff --git a/security/nss/lib/certdb/stanpcertdb.c b/security/nss/lib/certdb/stanpcertdb.c
deleted file mode 100644
index c2986e323..000000000
--- a/security/nss/lib/certdb/stanpcertdb.c
+++ /dev/null
@@ -1,635 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prtime.h"
-
-#include "cert.h"
-#include "mcom_db.h"
-#include "certdb.h"
-#include "secitem.h"
-#include "secder.h"
-
-/* Call to PK11_FreeSlot below */
-
-#include "secasn1.h"
-#include "secerr.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "nsslocks.h"
-#include "base64.h"
-#include "sechash.h"
-#include "plhash.h"
-#include "pk11func.h" /* sigh */
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nsspki.h"
-#include "pkit.h"
-#include "pkim.h"
-#include "pki3hack.h"
-#include "ckhelper.h"
-#include "base.h"
-
-PRBool
-SEC_CertNicknameConflict(char *nickname, SECItem *derSubject,
- CERTCertDBHandle *handle)
-{
- /* XXX still an issue? */
- return PR_FALSE;
-}
-
-SECStatus
-SEC_DeletePermCertificate(CERTCertificate *cert)
-{
- PRStatus nssrv;
- NSSCertificate *c = STAN_GetNSSCertificate(cert);
- nssrv = NSSCertificate_DeleteStoredObject(c, NULL);
- return SECFailure;
-}
-
-SECStatus
-CERT_GetCertTrust(CERTCertificate *cert, CERTCertTrust *trust)
-{
- SECStatus rv;
- CERT_LockCertTrust(cert);
- if ( cert->trust == NULL ) {
- rv = SECFailure;
- } else {
- *trust = *cert->trust;
- rv = SECSuccess;
- }
- CERT_UnlockCertTrust(cert);
- return(rv);
-}
-
-static char *
-cert_parseNickname(char *nickname)
-{
- char *cp;
- for (cp=nickname; *cp && *cp != ':'; cp++);
- if (*cp == ':') return cp+1;
- return nickname;
-}
-
-/* XXX needs work */
-SECStatus
-CERT_ChangeCertTrust(CERTCertDBHandle *handle, CERTCertificate *cert,
- CERTCertTrust *trust)
-{
- SECStatus rv = SECFailure;
- PRStatus ret;
-
- CERT_LockCertTrust(cert);
- if (PK11_IsReadOnly(cert->slot)) {
- char *nickname = cert_parseNickname(cert->nickname);
- /* XXX store it on a writeable token */
- goto done;
- } else {
- ret = STAN_ChangeCertTrust(cert, trust);
- rv = (ret == PR_SUCCESS) ? SECSuccess : SECFailure;
- }
-done:
- CERT_UnlockCertTrust(cert);
- return rv;
-}
-
-SECStatus
-__CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
- CERTCertTrust *trust)
-{
- NSSCertificate *c = STAN_GetNSSCertificate(cert);
-#ifdef notdef
- /* might as well keep these */
- /* actually we shouldn't keep these! rjr */
- PORT_Assert(cert->istemp);
- PORT_Assert(!cert->isperm);
-#endif
- if (SEC_CertNicknameConflict(nickname, &cert->derSubject, cert->dbhandle)){
- return SECFailure;
- }
- if (c->nickname && strcmp(nickname, c->nickname) != 0) {
- nss_ZFreeIf(c->nickname);
- c->nickname = nssUTF8_Duplicate((NSSUTF8 *)nickname, c->object.arena);
- PORT_Free(cert->nickname);
- cert->nickname = PORT_Strdup(nickname);
- }
- /*
- nssTrustDomain_AddTempCertToPerm(c);
- if (memcmp(cert->trust, trust, sizeof (*trust)) != 0) {
- */
- return STAN_ChangeCertTrust(c, trust);
- /*
- }
- */
- return SECFailure;
-}
-
-SECStatus
-CERT_AddTempCertToPerm(CERTCertificate *cert, char *nickname,
- CERTCertTrust *trust)
-{
- return __CERT_AddTempCertToPerm(cert, nickname, trust);
-}
-
-CERTCertificate *
-__CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PRBool isperm, PRBool copyDER)
-{
- NSSCertificate *c;
- NSSCryptoContext *context;
- nssDecodedCert *dc;
- NSSArena *arena;
- CERTCertificate *cc;
- arena = NSSArena_Create();
- if (!arena) {
- return NULL;
- }
- c = nss_ZNEW(arena, NSSCertificate);
- if (!c) {
- goto loser;
- }
- NSSITEM_FROM_SECITEM(&c->encoding, derCert);
- c->object.arena = arena;
- c->object.refCount = 1;
- c->object.instanceList = nssList_Create(arena, PR_TRUE);
- c->object.instances = nssList_CreateIterator(c->object.instanceList);
- /* Forces a decoding of the cert in order to obtain the parts used
- * below
- */
- cc = STAN_GetCERTCertificate(c);
- nssItem_Create(arena,
- &c->issuer, cc->derIssuer.len, cc->derIssuer.data);
- nssItem_Create(arena,
- &c->subject, cc->derSubject.len, cc->derSubject.data);
- nssItem_Create(arena,
- &c->serial, cc->serialNumber.len, cc->serialNumber.data);
- if (nickname) {
- c->nickname = nssUTF8_Create(arena,
- nssStringType_UTF8String,
- (NSSUTF8 *)nickname,
- PORT_Strlen(nickname));
- }
- if (cc->emailAddr) {
- c->email = nssUTF8_Create(arena,
- nssStringType_PrintableString,
- (NSSUTF8 *)cc->emailAddr,
- PORT_Strlen(cc->emailAddr));
- }
- context = STAN_GetDefaultCryptoContext();
- NSSCryptoContext_ImportCertificate(context, c);
- /* This is a hack to work around the fact that an instance of the cert
- * doesn't really exist until the import
- */
- cc->nssCertificate = NULL;
- cc = STAN_GetCERTCertificate(c);
- return cc;
-loser:
- nssArena_Destroy(arena);
- return NULL;
-}
-
-CERTCertificate *
-CERT_NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PRBool isperm, PRBool copyDER)
-{
- return( __CERT_NewTempCertificate(handle, derCert, nickname,
- isperm, copyDER) );
-}
-
-/* maybe all the wincx's should be some const for internal token login? */
-CERTCertificate *
-CERT_FindCertByIssuerAndSN(CERTCertDBHandle *handle, CERTIssuerAndSN *issuerAndSN)
-{
- PK11SlotInfo *slot;
- CERTCertificate *cert;
-
- cert = PK11_FindCertByIssuerAndSN(&slot,issuerAndSN,NULL);
- if (slot) {
- PK11_FreeSlot(slot);
- }
-
- return cert;
-}
-
-CERTCertificate *
-CERT_FindCertByName(CERTCertDBHandle *handle, SECItem *name)
-{
- NSSCertificate *c;
- NSSDER subject;
- NSSUsage usage;
- NSSITEM_FROM_SECITEM(&subject, name);
- usage.anyUsage = PR_TRUE;
- c = NSSTrustDomain_FindBestCertificateBySubject(handle, &subject,
- NULL, &usage, NULL);
- if (!c) return NULL;
- return STAN_GetCERTCertificate(c);
-}
-
-CERTCertificate *
-CERT_FindCertByKeyID(CERTCertDBHandle *handle, SECItem *name, SECItem *keyID)
-{
- CERTCertList *list =
- CERT_CreateSubjectCertList(NULL,handle,name,0,PR_FALSE);
- CERTCertificate *cert = NULL;
- CERTCertListNode *node = CERT_LIST_HEAD(list);
-
- if (list == NULL) return NULL;
-
- for (node = CERT_LIST_HEAD(list); node ; node = CERT_LIST_NEXT(node)) {
- if (SECITEM_ItemsAreEqual(&cert->subjectKeyID, keyID) ) {
- cert = CERT_DupCertificate(node->cert);
- break;
- }
- }
- return cert;
-}
-
-CERTCertificate *
-CERT_FindCertByNickname(CERTCertDBHandle *handle, char *nickname)
-{
- return PK11_FindCertFromNickname(nickname, NULL);
-}
-
-CERTCertificate *
-CERT_FindCertByDERCert(CERTCertDBHandle *handle, SECItem *derCert)
-{
- NSSCertificate *c;
- NSSDER encoding;
- NSSITEM_FROM_SECITEM(&encoding, derCert);
- c = NSSTrustDomain_FindCertificateByEncodedCertificate(handle, &encoding);
- if (!c) {
- return NULL;
- }
- return STAN_GetCERTCertificate(c);
-}
-
-CERTCertificate *
-CERT_FindCertByNicknameOrEmailAddr(CERTCertDBHandle *handle, char *name)
-{
- CERTCertificate *cc = PK11_FindCertFromNickname(name, NULL);
- if (!cc) {
- NSSCertificate *c;
- NSSUsage usage;
- usage.anyUsage = PR_TRUE;
- c = NSSTrustDomain_FindCertificateByEmail(handle, name,
- NULL, &usage, NULL);
- if (c) {
- cc = STAN_GetCERTCertificate(c);
- }
- }
- return cc;
-}
-
-CERTCertList *
-CERT_CreateSubjectCertList(CERTCertList *certList, CERTCertDBHandle *handle,
- SECItem *name, int64 sorttime, PRBool validOnly)
-{
- NSSCertificate **subjectCerts;
- NSSCertificate *c;
- NSSDER subject;
- PRUint32 i;
- SECStatus secrv;
- NSSITEM_FROM_SECITEM(&subject, name);
- subjectCerts = NSSTrustDomain_FindCertificatesBySubject(handle,
- &subject,
- NULL,
- 0,
- NULL);
- i = 0;
- if (certList == NULL && subjectCerts) {
- certList = CERT_NewCertList();
- if (!certList) goto loser;
- }
- while ((c = subjectCerts[i++])) {
- CERTCertificate *cc = STAN_GetCERTCertificate(c);
- if (!validOnly ||
- CERT_CheckCertValidTimes(cc, sorttime, PR_FALSE)
- == secCertTimeValid) {
- secrv = CERT_AddCertToListSorted(certList, cc,
- CERT_SortCBValidity,
- (void *)&sorttime);
- if (secrv != SECSuccess) {
- CERT_DestroyCertificate(cc);
- goto loser;
- }
- } else {
- CERT_DestroyCertificate(cc);
- }
- }
- nss_ZFreeIf(subjectCerts);
- return certList;
-loser:
- nss_ZFreeIf(subjectCerts);
- if (certList != NULL) {
- CERT_DestroyCertList(certList);
- }
- return NULL;
-}
-
-void
-CERT_DestroyCertificate(CERTCertificate *cert)
-{
- int refCount;
- CERTCertDBHandle *handle;
- if ( cert ) {
- handle = cert->dbhandle;
- CERT_LockCertRefCount(cert);
- PORT_Assert(cert->referenceCount > 0);
- refCount = --cert->referenceCount;
- CERT_UnlockCertRefCount(cert);
- if ( ( refCount == 0 ) && !cert->keepSession ) {
- PRArenaPool *arena = cert->arena;
- /* delete the NSSCertificate */
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
- NSSCertificate *tmp = STAN_GetNSSCertificate(cert);
- if (tmp) {
- nssTrustDomain_RemoveCertFromCache(td, tmp);
- NSSCertificate_Destroy(tmp);
- }
- /* zero cert before freeing. Any stale references to this cert
- * after this point will probably cause an exception. */
- PORT_Memset(cert, 0, sizeof *cert);
- cert = NULL;
- /* free the arena that contains the cert. */
- PORT_FreeArena(arena, PR_FALSE);
- }
- }
- return;
-}
-
-#ifdef notdef
-SECStatus
-CERT_ChangeCertTrustByUsage(CERTCertDBHandle *certdb,
- CERTCertificate *cert, SECCertUsage usage)
-{
- SECStatus rv;
- CERTCertTrust trust;
- CERTCertTrust tmptrust;
- unsigned int certtype;
- PRBool saveit;
-
- saveit = PR_TRUE;
-
- PORT_Memset((void *)&trust, 0, sizeof(trust));
-
- certtype = cert->nsCertType;
-
- /* if no app bits in cert type, then set all app bits */
- if ( ! ( certtype & NS_CERT_TYPE_APP ) ) {
- certtype |= NS_CERT_TYPE_APP;
- }
-
- switch ( usage ) {
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- if ( certtype & NS_CERT_TYPE_EMAIL ) {
- trust.emailFlags = CERTDB_VALID_PEER;
- if ( ! ( cert->rawKeyUsage & KU_KEY_ENCIPHERMENT ) ) {
- /* don't save it if KeyEncipherment is not allowed */
- saveit = PR_FALSE;
- }
- }
- break;
- case certUsageUserCertImport:
- if ( certtype & NS_CERT_TYPE_EMAIL ) {
- trust.emailFlags = CERTDB_VALID_PEER;
- }
- /* VALID_USER is already set if the cert was imported,
- * in the case that the cert was already in the database
- * through SMIME or other means, we should set the USER
- * flags, if they are not already set.
- */
- if( cert->isperm ) {
- if ( certtype & NS_CERT_TYPE_SSL_CLIENT ) {
- if( !(cert->trust->sslFlags & CERTDB_USER) ) {
- trust.sslFlags |= CERTDB_USER;
- }
- }
-
- if ( certtype & NS_CERT_TYPE_EMAIL ) {
- if( !(cert->trust->emailFlags & CERTDB_USER) ) {
- trust.emailFlags |= CERTDB_USER;
- }
- }
-
- if ( certtype & NS_CERT_TYPE_OBJECT_SIGNING ) {
- if( !(cert->trust->objectSigningFlags & CERTDB_USER) ) {
- trust.objectSigningFlags |= CERTDB_USER;
- }
- }
- }
- break;
- default: /* XXX added to quiet warnings; no other cases needed? */
- break;
- }
-
- if ( (trust.sslFlags | trust.emailFlags | trust.objectSigningFlags) == 0 ){
- saveit = PR_FALSE;
- }
-
- if ( saveit && cert->isperm ) {
- /* Cert already in the DB. Just adjust flags */
- tmptrust = *cert->trust;
- tmptrust.sslFlags |= trust.sslFlags;
- tmptrust.emailFlags |= trust.emailFlags;
- tmptrust.objectSigningFlags |= trust.objectSigningFlags;
-
- rv = CERT_ChangeCertTrust(cert->dbhandle, cert,
- &tmptrust);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- rv = SECSuccess;
- goto done;
-
-loser:
- rv = SECFailure;
-done:
-
- return(rv);
-}
-#endif
-
-int
-CERT_GetDBContentVersion(CERTCertDBHandle *handle)
-{
- /* should read the DB content version from the pkcs #11 device */
- return 0;
-}
-
-/*
- *
- * Manage S/MIME profiles
- *
- */
-
-SECStatus
-CERT_SaveSMimeProfile(CERTCertificate *cert, SECItem *emailProfile,
- SECItem *profileTime)
-{
- int64 oldtime;
- int64 newtime;
- SECStatus rv = SECFailure;
- PRBool saveit;
- char *emailAddr;
- SECItem *oldProfile = NULL;
- SECItem *oldProfileTime = NULL;
- PK11SlotInfo *slot = NULL;
-
- emailAddr = cert->emailAddr;
-
- PORT_Assert(emailAddr);
- if ( emailAddr == NULL ) {
- goto loser;
- }
-
- saveit = PR_FALSE;
-
- oldProfile = PK11_FindSMimeProfile(&slot, emailAddr, &cert->derSubject,
- &oldProfileTime);
-
- /* both profileTime and emailProfile have to exist or not exist */
- if ( emailProfile == NULL ) {
- profileTime = NULL;
- } else if ( profileTime == NULL ) {
- emailProfile = NULL;
- }
-
- if ( oldProfileTime == NULL ) {
- saveit = PR_TRUE;
- } else {
- /* there was already a profile for this email addr */
- if ( profileTime ) {
- /* we have an old and new profile - save whichever is more recent*/
- if ( oldProfileTime->len == 0 ) {
- /* always replace if old entry doesn't have a time */
- oldtime = LL_MININT;
- } else {
- rv = DER_UTCTimeToTime(&oldtime, oldProfileTime);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- rv = DER_UTCTimeToTime(&newtime, profileTime);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- if ( LL_CMP(newtime, >, oldtime ) ) {
- /* this is a newer profile, save it and cert */
- saveit = PR_TRUE;
- }
- } else {
- saveit = PR_TRUE;
- }
- }
-
-
- if (saveit) {
- rv = PK11_SaveSMimeProfile(slot, emailAddr, &cert->derSubject,
- emailProfile, profileTime);
- } else {
- rv = SECSuccess;
- }
-
-loser:
- if (oldProfile) {
- SECITEM_FreeItem(oldProfile,PR_TRUE);
- }
- if (oldProfileTime) {
- SECITEM_FreeItem(oldProfileTime,PR_TRUE);
- }
-
- return(rv);
-}
-
-SECItem *
-CERT_FindSMimeProfile(CERTCertificate *cert)
-{
- PK11SlotInfo *slot = NULL;
- return
- PK11_FindSMimeProfile(&slot, cert->emailAddr, &cert->derSubject, NULL);
-}
-
-/*
- * depricated functions that are now just stubs.
- */
-/*
- * Close the database
- */
-void
-__CERT_ClosePermCertDB(CERTCertDBHandle *handle)
-{
- PORT_Assert("CERT_ClosePermCertDB is Depricated" == NULL);
- return;
-}
-
-SECStatus
-CERT_OpenCertDBFilename(CERTCertDBHandle *handle, char *certdbname,
- PRBool readOnly)
-{
- PORT_Assert("CERT_OpenCertDBFilename is Depricated" == NULL);
- return SECFailure;
-}
-
-SECItem *
-SECKEY_HashPassword(char *pw, SECItem *salt)
-{
- PORT_Assert("SECKEY_HashPassword is Depricated" == NULL);
- return NULL;
-}
-
-SECStatus
-__CERT_TraversePermCertsForSubject(CERTCertDBHandle *handle,
- SECItem *derSubject,
- void *cb, void *cbarg)
-{
- PORT_Assert("CERT_TraversePermCertsForSubject is Depricated" == NULL);
- return SECFailure;
-}
-
-
-SECStatus
-__CERT_TraversePermCertsForNickname(CERTCertDBHandle *handle, char *nickname,
- void *cb, void *cbarg)
-{
- PORT_Assert("CERT_TraversePermCertsForNickname is Depricated" == NULL);
- return SECFailure;
-}
-
-
-
diff --git a/security/nss/lib/certdb/xauthkid.c b/security/nss/lib/certdb/xauthkid.c
deleted file mode 100644
index 8b7ac4a92..000000000
--- a/security/nss/lib/certdb/xauthkid.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * X.509 v3 Subject Key Usage Extension
- *
- */
-
-#include "prtypes.h"
-#include "mcom_db.h"
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "secport.h"
-#include "certt.h"
-#include "genname.h"
-#include "secerr.h"
-
-
-const SEC_ASN1Template CERTAuthKeyIDTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTAuthKeyID) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTAuthKeyID,keyID), SEC_OctetStringTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTAuthKeyID, DERAuthCertIssuer), CERT_GeneralNamesTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(CERTAuthKeyID,authCertSerialNumber), SEC_IntegerTemplate},
- { 0 }
-};
-
-
-
-SECStatus CERT_EncodeAuthKeyID (PRArenaPool *arena, CERTAuthKeyID *value, SECItem *encodedValue)
-{
- SECStatus rv = SECFailure;
-
- PORT_Assert (value);
- PORT_Assert (arena);
- PORT_Assert (value->DERAuthCertIssuer == NULL);
- PORT_Assert (encodedValue);
-
- do {
-
- /* If both of the authCertIssuer and the serial number exist, encode
- the name first. Otherwise, it is an error if one exist and the other
- is not.
- */
- if (value->authCertIssuer) {
- if (!value->authCertSerialNumber.data) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
-
- value->DERAuthCertIssuer = cert_EncodeGeneralNames
- (arena, value->authCertIssuer);
- if (!value->DERAuthCertIssuer) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
- }
- else if (value->authCertSerialNumber.data) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
-
- if (SEC_ASN1EncodeItem (arena, encodedValue, value,
- CERTAuthKeyIDTemplate) == NULL)
- break;
- rv = SECSuccess;
-
- } while (0);
- return(rv);
-}
-
-CERTAuthKeyID *
-CERT_DecodeAuthKeyID (PRArenaPool *arena, SECItem *encodedValue)
-{
- CERTAuthKeyID * value = NULL;
- SECStatus rv = SECFailure;
- void * mark;
-
- PORT_Assert (arena);
-
- do {
- mark = PORT_ArenaMark (arena);
- value = (CERTAuthKeyID*)PORT_ArenaZAlloc (arena, sizeof (*value));
- value->DERAuthCertIssuer = NULL;
- if (value == NULL)
- break;
- rv = SEC_ASN1DecodeItem
- (arena, value, CERTAuthKeyIDTemplate, encodedValue);
- if (rv != SECSuccess)
- break;
-
- value->authCertIssuer = cert_DecodeGeneralNames (arena, value->DERAuthCertIssuer);
- if (value->authCertIssuer == NULL)
- break;
-
- /* what if the general name contains other format but not URI ?
- hl
- */
- if ((value->authCertSerialNumber.data && !value->authCertIssuer) ||
- (!value->authCertSerialNumber.data && value->authCertIssuer)){
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
- } while (0);
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease (arena, mark);
- return ((CERTAuthKeyID *)NULL);
- }
- PORT_ArenaUnmark(arena, mark);
- return (value);
-}
diff --git a/security/nss/lib/certdb/xbsconst.c b/security/nss/lib/certdb/xbsconst.c
deleted file mode 100644
index 5c16b651c..000000000
--- a/security/nss/lib/certdb/xbsconst.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * X.509 v3 Basic Constraints Extension
- */
-
-#include "prtypes.h"
-#include "mcom_db.h"
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "certt.h"
-#include "secder.h"
-#include "prprf.h"
-#include "secerr.h"
-
-typedef struct EncodedContext{
- SECItem isCA;
- SECItem pathLenConstraint;
- SECItem encodedValue;
- PRArenaPool *arena;
-}EncodedContext;
-
-static const SEC_ASN1Template CERTBasicConstraintsTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(EncodedContext) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN, /* XXX DER_DEFAULT */
- offsetof(EncodedContext,isCA)},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(EncodedContext,pathLenConstraint) },
- { 0, }
-};
-
-static unsigned char hexTrue = 0xff;
-static unsigned char hexFalse = 0x00;
-
-#define GEN_BREAK(status) rv = status; break;
-
-SECStatus CERT_EncodeBasicConstraintValue
- (PRArenaPool *arena, CERTBasicConstraints *value, SECItem *encodedValue)
-{
- EncodedContext encodeContext;
- PRArenaPool *our_pool = NULL;
- SECStatus rv = SECSuccess;
-
- do {
- PORT_Memset (&encodeContext, 0, sizeof (encodeContext));
- if (!value->isCA && value->pathLenConstraint >= 0) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- GEN_BREAK (SECFailure);
- }
-
- encodeContext.arena = arena;
- if (value->isCA == PR_TRUE) {
- encodeContext.isCA.data = &hexTrue ;
- encodeContext.isCA.len = 1;
- }
-
- /* If the pathLenConstraint is less than 0, then it should be
- * omitted from the encoding.
- */
- if (value->isCA && value->pathLenConstraint >= 0) {
- our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- GEN_BREAK (SECFailure);
- }
- if (SEC_ASN1EncodeUnsignedInteger
- (our_pool, &encodeContext.pathLenConstraint,
- (unsigned long)value->pathLenConstraint) == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- GEN_BREAK (SECFailure);
- }
- }
- if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext,
- CERTBasicConstraintsTemplate) == NULL) {
- GEN_BREAK (SECFailure);
- }
- } while (0);
- if (our_pool)
- PORT_FreeArena (our_pool, PR_FALSE);
- return(rv);
-
-}
-
-SECStatus CERT_DecodeBasicConstraintValue
- (CERTBasicConstraints *value, SECItem *encodedValue)
-{
- EncodedContext decodeContext;
- PRArenaPool *our_pool;
- SECStatus rv = SECSuccess;
-
- do {
- PORT_Memset (&decodeContext, 0, sizeof (decodeContext));
- /* initialize the value just in case we got "0x30 00", or when the
- pathLenConstraint is omitted.
- */
- decodeContext.isCA.data =&hexFalse;
- decodeContext.isCA.len = 1;
-
- our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- GEN_BREAK (SECFailure);
- }
-
- rv = SEC_ASN1DecodeItem
- (our_pool, &decodeContext, CERTBasicConstraintsTemplate, encodedValue);
- if (rv == SECFailure)
- break;
-
- value->isCA = (PRBool)(*decodeContext.isCA.data);
- if (decodeContext.pathLenConstraint.data == NULL) {
- /* if the pathLenConstraint is not encoded, and the current setting
- is CA, then the pathLenConstraint should be set to a negative number
- for unlimited certificate path.
- */
- if (value->isCA)
- value->pathLenConstraint = CERT_UNLIMITED_PATH_CONSTRAINT;
- }
- else if (value->isCA)
- value->pathLenConstraint = DER_GetUInteger (&decodeContext.pathLenConstraint);
- else {
- /* here we get an error where the subject is not a CA, but
- the pathLenConstraint is set */
- PORT_SetError (SEC_ERROR_BAD_DER);
- GEN_BREAK (SECFailure);
- break;
- }
-
- } while (0);
- PORT_FreeArena (our_pool, PR_FALSE);
- return (rv);
-
-}
diff --git a/security/nss/lib/certdb/xconst.c b/security/nss/lib/certdb/xconst.c
deleted file mode 100644
index 0f404f958..000000000
--- a/security/nss/lib/certdb/xconst.c
+++ /dev/null
@@ -1,253 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * X.509 Extension Encoding
- */
-
-#include "prtypes.h"
-#include "mcom_db.h"
-#include "seccomon.h"
-#include "secdert.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-#include "secasn1.h"
-#include "certt.h"
-#include "secder.h"
-#include "prprf.h"
-#include "xconst.h"
-#include "genname.h"
-#include "secasn1.h"
-
-
-
-static const SEC_ASN1Template CERTSubjectKeyIDTemplate[] = {
-{ SEC_ASN1_OCTET_STRING }
-};
-
-
-static const SEC_ASN1Template CERTIA5TypeTemplate[] = {
-{ SEC_ASN1_IA5_STRING }
-};
-
-
-static const SEC_ASN1Template CERTPrivateKeyUsagePeriodTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(PKUPEncodedContext) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(PKUPEncodedContext, notBefore), SEC_GeneralizedTimeTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(PKUPEncodedContext, notAfter), SEC_GeneralizedTimeTemplate},
- { 0, }
-};
-
-
-const SEC_ASN1Template CERTAltNameTemplate[] = {
- { SEC_ASN1_CONSTRUCTED, offsetof(AltNameEncodedContext, encodedGenName),
- CERT_GeneralNamesTemplate}
-};
-
-const SEC_ASN1Template CERTAuthInfoAccessItemTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTAuthInfoAccess) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CERTAuthInfoAccess, method) },
- { SEC_ASN1_ANY,
- offsetof(CERTAuthInfoAccess, derLocation) },
- { 0, }
-};
-
-const SEC_ASN1Template CERTAuthInfoAccessTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, CERTAuthInfoAccessItemTemplate }
-};
-
-
-SECStatus
-CERT_EncodeSubjectKeyID(PRArenaPool *arena, char *value, int len, SECItem *encodedValue)
-{
- SECItem encodeContext;
- SECStatus rv = SECSuccess;
-
-
- PORT_Memset (&encodeContext, 0, sizeof (encodeContext));
-
- if (value != NULL) {
- encodeContext.data = (unsigned char *)value;
- encodeContext.len = len;
- }
- if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext,
- CERTSubjectKeyIDTemplate) == NULL) {
- rv = SECFailure;
- }
-
- return(rv);
-}
-
-
-SECStatus
-CERT_EncodePublicKeyUsagePeriod(PRArenaPool *arena, PKUPEncodedContext *pkup, SECItem *encodedValue)
-{
- SECStatus rv = SECSuccess;
-
- if (SEC_ASN1EncodeItem (arena, encodedValue, pkup,
- CERTPrivateKeyUsagePeriodTemplate) == NULL) {
- rv = SECFailure;
- }
- return(rv);
-}
-
-
-SECStatus
-CERT_EncodeIA5TypeExtension(PRArenaPool *arena, char *value, SECItem *encodedValue)
-{
- SECItem encodeContext;
- SECStatus rv = SECSuccess;
-
-
- PORT_Memset (&encodeContext, 0, sizeof (encodeContext));
-
- if (value != NULL) {
- encodeContext.data = (unsigned char *)value;
- encodeContext.len = strlen(value);
- }
- if (SEC_ASN1EncodeItem (arena, encodedValue, &encodeContext,
- CERTIA5TypeTemplate) == NULL) {
- rv = SECFailure;
- }
-
- return(rv);
-}
-
-SECStatus
-CERT_EncodeAltNameExtension(PRArenaPool *arena, CERTGeneralName *value, SECItem *encodedValue)
-{
- SECItem **encodedGenName;
- SECStatus rv = SECSuccess;
-
- encodedGenName = cert_EncodeGeneralNames(arena, value);
- if (SEC_ASN1EncodeItem (arena, encodedValue, &encodedGenName,
- CERT_GeneralNamesTemplate) == NULL) {
- rv = SECFailure;
- }
-
- return rv;
-}
-
-CERTGeneralName *
-CERT_DecodeAltNameExtension(PRArenaPool *arena, SECItem *EncodedAltName)
-{
- SECStatus rv = SECSuccess;
- AltNameEncodedContext encodedContext;
-
- encodedContext.encodedGenName = NULL;
- PORT_Memset(&encodedContext, 0, sizeof(AltNameEncodedContext));
- rv = SEC_ASN1DecodeItem (arena, &encodedContext, CERT_GeneralNamesTemplate,
- EncodedAltName);
- if (rv == SECFailure) {
- goto loser;
- }
- return cert_DecodeGeneralNames(arena, encodedContext.encodedGenName);
-loser:
- return NULL;
-}
-
-
-SECStatus
-CERT_EncodeNameConstraintsExtension(PRArenaPool *arena,
- CERTNameConstraints *value,
- SECItem *encodedValue)
-{
- SECStatus rv = SECSuccess;
-
- rv = cert_EncodeNameConstraints(value, arena, encodedValue);
- return rv;
-}
-
-
-CERTNameConstraints *
-CERT_DecodeNameConstraintsExtension(PRArenaPool *arena,
- SECItem *encodedConstraints)
-{
- return cert_DecodeNameConstraints(arena, encodedConstraints);
-}
-
-
-CERTAuthInfoAccess **
-cert_DecodeAuthInfoAccessExtension(PRArenaPool *arena,
- SECItem *encodedExtension)
-{
- CERTAuthInfoAccess **info = NULL;
- SECStatus rv;
- int i;
-
- rv = SEC_ASN1DecodeItem(arena, &info, CERTAuthInfoAccessTemplate,
- encodedExtension);
- if (rv != SECSuccess || info == NULL) {
- return NULL;
- }
-
- for (i = 0; info[i] != NULL; i++) {
- info[i]->location = cert_DecodeGeneralName(arena,
- &(info[i]->derLocation),
- NULL);
- }
- return info;
-}
-
-SECStatus
-cert_EncodeAuthInfoAccessExtension(PRArenaPool *arena,
- CERTAuthInfoAccess **info,
- SECItem *dest)
-{
- SECItem *dummy;
- int i;
-
- PORT_Assert(info != NULL);
- PORT_Assert(dest != NULL);
- if (info == NULL || dest == NULL) {
- return SECFailure;
- }
-
- for (i = 0; info[i] != NULL; i++) {
- if (cert_EncodeGeneralName(info[i]->location, &(info[i]->derLocation),
- arena) == NULL)
- /* Note that this may leave some of the locations filled in. */
- return SECFailure;
- }
- dummy = SEC_ASN1EncodeItem(arena, dest, &info,
- CERTAuthInfoAccessTemplate);
- if (dummy == NULL) {
- return SECFailure;
- }
- return SECSuccess;
-}
diff --git a/security/nss/lib/certdb/xconst.h b/security/nss/lib/certdb/xconst.h
deleted file mode 100644
index 42c49f2e4..000000000
--- a/security/nss/lib/certdb/xconst.h
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "certt.h"
-
-typedef struct PKUPEncodedContext{
- SECItem notBefore;
- SECItem notAfter;
- /* SECItem encodedValue; */
- PRArenaPool *arena;
-}PKUPEncodedContext;
-
-typedef struct AltNameEncodedContext{
- SECItem **encodedGenName;
-}AltNameEncodedContext;
-
-
-typedef struct NameConstraint{
- CERTGeneralName generalName;
- int min;
- int max;
-}NameConstraint;
-
-
-
-extern SECStatus
-CERT_EncodePublicKeyUsagePeriod(PRArenaPool *arena, PKUPEncodedContext *pkup,
- SECItem *encodedValue);
-
-extern SECStatus
-CERT_EncodeAltNameExtension(PRArenaPool *arena, CERTGeneralName *value, SECItem *encodedValue);
-
-extern SECStatus
-CERT_EncodeNameConstraintsExtension(PRArenaPool *arena, CERTNameConstraints *value,
- SECItem *encodedValue);
-extern CERTGeneralName *
-CERT_DecodeAltNameExtension(PRArenaPool *arena, SECItem *EncodedAltName);
-
-extern CERTNameConstraints *
-CERT_DecodeNameConstraintsExtension(PRArenaPool *arena, SECItem *encodedConstraints);
-
-extern SECStatus
-CERT_EncodeSubjectKeyID(PRArenaPool *arena, char *value, int len, SECItem *encodedValue);
-
-extern SECStatus
-CERT_EncodeIA5TypeExtension(PRArenaPool *arena, char *value, SECItem *encodedValue);
-
-CERTAuthInfoAccess **
-cert_DecodeAuthInfoAccessExtension(PRArenaPool *arena,
- SECItem *encodedExtension);
-
-SECStatus
-cert_EncodeAuthInfoAccessExtension(PRArenaPool *arena,
- CERTAuthInfoAccess **info,
- SECItem *dest);
diff --git a/security/nss/lib/certhigh/Makefile b/security/nss/lib/certhigh/Makefile
deleted file mode 100644
index 08b7137d5..000000000
--- a/security/nss/lib/certhigh/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
--include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/certhigh/certhigh.c b/security/nss/lib/certhigh/certhigh.c
deleted file mode 100644
index cce2b0115..000000000
--- a/security/nss/lib/certhigh/certhigh.c
+++ /dev/null
@@ -1,1156 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "nspr.h"
-#include "secerr.h"
-#include "secasn1.h"
-#include "seccomon.h"
-#include "pk11func.h"
-#include "certdb.h"
-#include "certt.h"
-#include "cert.h"
-#include "certxutl.h"
-
-#define NSS_3_4_CODE
-#include "nsspki.h"
-#include "pkit.h"
-#include "pkitm.h"
-#include "pki3hack.h"
-
-/*
- * Find all user certificates that match the given criteria.
- *
- * "handle" - database to search
- * "usage" - certificate usage to match
- * "oneCertPerName" - if set then only return the "best" cert per
- * name
- * "validOnly" - only return certs that are curently valid
- * "proto_win" - window handle passed to pkcs11
- */
-CERTCertList *
-CERT_FindUserCertsByUsage(CERTCertDBHandle *handle,
- SECCertUsage usage,
- PRBool oneCertPerName,
- PRBool validOnly,
- void *proto_win)
-{
- CERTCertNicknames *nicknames = NULL;
- char **nnptr;
- int nn;
- CERTCertificate *cert = NULL;
- CERTCertList *certList = NULL;
- SECStatus rv;
- int64 time;
- CERTCertListNode *node = NULL;
- CERTCertListNode *freenode = NULL;
- int n;
-
- time = PR_Now();
-
- nicknames = CERT_GetCertNicknames(handle, SEC_CERT_NICKNAMES_USER,
- proto_win);
-
- if ( ( nicknames == NULL ) || ( nicknames->numnicknames == 0 ) ) {
- goto loser;
- }
-
- nnptr = nicknames->nicknames;
- nn = nicknames->numnicknames;
-
- while ( nn > 0 ) {
- cert = NULL;
- /* use the pk11 call so that we pick up any certs on tokens,
- * which may require login
- */
- if ( proto_win != NULL ) {
- cert = PK11_FindCertFromNickname(*nnptr,proto_win);
- }
-
- /* Sigh, It turns out if the cert is already in the temp db, because
- * it's in the perm db, then the nickname lookup doesn't work.
- * since we already have the cert here, though, than we can just call
- * CERT_CreateSubjectCertList directly. For those cases where we didn't
- * find the cert in pkcs #11 (because we didn't have a password arg,
- * or because the nickname is for a peer, server, or CA cert, then we
- * go look the cert up.
- */
- if (cert == NULL) {
- cert = CERT_FindCertByNickname(handle,*nnptr);
- }
-
- if ( cert != NULL ) {
- /* collect certs for this nickname, sorting them into the list */
- certList = CERT_CreateSubjectCertList(certList, handle,
- &cert->derSubject, time, validOnly);
-
- /* drop the extra reference */
- CERT_DestroyCertificate(cert);
- }
-
- nnptr++;
- nn--;
- }
-
- /* remove certs with incorrect usage */
- rv = CERT_FilterCertListByUsage(certList, usage, PR_FALSE);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* remove any extra certs for each name */
- if ( oneCertPerName ) {
- PRBool *flags;
-
- nn = nicknames->numnicknames;
- nnptr = nicknames->nicknames;
-
- flags = (PRBool *)PORT_ZAlloc(sizeof(PRBool) * nn);
- if ( flags == NULL ) {
- goto loser;
- }
-
- node = CERT_LIST_HEAD(certList);
-
- /* treverse all certs in the list */
- while ( !CERT_LIST_END(node, certList) ) {
-
- /* find matching nickname index */
- for ( n = 0; n < nn; n++ ) {
- if ( PORT_Strcmp(nnptr[n], node->cert->nickname) == 0 ) {
- /* We found a match. If this is the first one, then
- * set the flag and move on to the next cert. If this
- * is not the first one then delete it from the list.
- */
- if ( flags[n] ) {
- /* We have already seen a cert with this nickname,
- * so delete this one.
- */
- freenode = node;
- node = CERT_LIST_NEXT(node);
- CERT_RemoveCertListNode(freenode);
- } else {
- /* keep the first cert for each nickname, but set the
- * flag so we know to delete any others with the same
- * nickname.
- */
- flags[n] = PR_TRUE;
- node = CERT_LIST_NEXT(node);
- }
- break;
- }
- }
- if ( n == nn ) {
- /* if we get here it means that we didn't find a matching
- * nickname, which should not happen.
- */
- PORT_Assert(0);
- node = CERT_LIST_NEXT(node);
- }
- }
- PORT_Free(flags);
- }
-
- goto done;
-
-loser:
- if ( certList != NULL ) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
-
-done:
- if ( nicknames != NULL ) {
- CERT_FreeNicknames(nicknames);
- }
-
- return(certList);
-}
-
-/*
- * Find a user certificate that matchs the given criteria.
- *
- * "handle" - database to search
- * "nickname" - nickname to match
- * "usage" - certificate usage to match
- * "validOnly" - only return certs that are curently valid
- * "proto_win" - window handle passed to pkcs11
- */
-CERTCertificate *
-CERT_FindUserCertByUsage(CERTCertDBHandle *handle,
- char *nickname,
- SECCertUsage usage,
- PRBool validOnly,
- void *proto_win)
-{
- CERTCertificate *cert = NULL;
- CERTCertList *certList = NULL;
- SECStatus rv;
- int64 time;
-
- time = PR_Now();
-
- /* use the pk11 call so that we pick up any certs on tokens,
- * which may require login
- */
- /* XXX - why is this restricted? */
- if ( proto_win != NULL ) {
- cert = PK11_FindCertFromNickname(nickname,proto_win);
- }
-
-
- /* sigh, There are still problems find smart cards from the temp
- * db. This will get smart cards working again. The real fix
- * is to make sure we can search the temp db by their token nickname.
- */
- if (cert == NULL) {
- cert = CERT_FindCertByNickname(handle,nickname);
- }
-
- if ( cert != NULL ) {
- /* collect certs for this nickname, sorting them into the list */
- certList = CERT_CreateSubjectCertList(certList, handle,
- &cert->derSubject, time, validOnly);
-
- /* drop the extra reference */
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
-
- if ( certList == NULL ) {
- goto loser;
- }
-
- /* remove certs with incorrect usage */
- rv = CERT_FilterCertListByUsage(certList, usage, PR_FALSE);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- if ( ! CERT_LIST_END(CERT_LIST_HEAD(certList), certList) ) {
- cert = CERT_DupCertificate(CERT_LIST_HEAD(certList)->cert);
- }
-
-loser:
- if ( certList != NULL ) {
- CERT_DestroyCertList(certList);
- }
-
- return(cert);
-}
-
-CERTCertList *
-CERT_MatchUserCert(CERTCertDBHandle *handle,
- SECCertUsage usage,
- int nCANames, char **caNames,
- void *proto_win)
-{
- CERTCertList *certList = NULL;
- SECStatus rv;
-
- certList = CERT_FindUserCertsByUsage(handle, usage, PR_TRUE, PR_TRUE,
- proto_win);
- if ( certList == NULL ) {
- goto loser;
- }
-
- rv = CERT_FilterCertListByCANames(certList, nCANames, caNames, usage);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- goto done;
-
-loser:
- if ( certList != NULL ) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
-
-done:
-
- return(certList);
-}
-
-
-typedef struct stringNode {
- struct stringNode *next;
- char *string;
-} stringNode;
-
-static SECStatus
-CollectNicknames( CERTCertificate *cert, SECItem *k, void *data)
-{
- CERTCertNicknames *names;
- PRBool saveit = PR_FALSE;
- CERTCertTrust *trust;
- stringNode *node;
- int len;
-
- names = (CERTCertNicknames *)data;
-
- if ( cert->nickname ) {
- trust = cert->trust;
-
- switch(names->what) {
- case SEC_CERT_NICKNAMES_ALL:
- if ( ( trust->sslFlags & (CERTDB_VALID_CA|CERTDB_VALID_PEER) ) ||
- ( trust->emailFlags & (CERTDB_VALID_CA|CERTDB_VALID_PEER) ) ||
- ( trust->objectSigningFlags & (CERTDB_VALID_CA|CERTDB_VALID_PEER) ) ) {
- saveit = PR_TRUE;
- }
-
- break;
- case SEC_CERT_NICKNAMES_USER:
- if ( ( trust->sslFlags & CERTDB_USER ) ||
- ( trust->emailFlags & CERTDB_USER ) ||
- ( trust->objectSigningFlags & CERTDB_USER ) ) {
- saveit = PR_TRUE;
- }
-
- break;
- case SEC_CERT_NICKNAMES_SERVER:
- if ( trust->sslFlags & CERTDB_VALID_PEER ) {
- saveit = PR_TRUE;
- }
-
- break;
- case SEC_CERT_NICKNAMES_CA:
- if ( ( ( trust->sslFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
- ( ( trust->emailFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ||
- ( ( trust->objectSigningFlags & CERTDB_VALID_CA ) == CERTDB_VALID_CA ) ) {
- saveit = PR_TRUE;
- }
- break;
- }
- }
-
- /* traverse the list of collected nicknames and make sure we don't make
- * a duplicate
- */
- if ( saveit ) {
- node = (stringNode *)names->head;
- while ( node != NULL ) {
- if ( PORT_Strcmp(cert->nickname, node->string) == 0 ) {
- /* if the string matches, then don't save this one */
- saveit = PR_FALSE;
- break;
- }
- node = node->next;
- }
- }
-
- if ( saveit ) {
-
- /* allocate the node */
- node = (stringNode*)PORT_ArenaAlloc(names->arena, sizeof(stringNode));
- if ( node == NULL ) {
- return(SECFailure);
- }
-
- /* copy the string */
- len = PORT_Strlen(cert->nickname) + 1;
- node->string = (char*)PORT_ArenaAlloc(names->arena, len);
- if ( node->string == NULL ) {
- return(SECFailure);
- }
- PORT_Memcpy(node->string, cert->nickname, len);
-
- /* link it into the list */
- node->next = (stringNode *)names->head;
- names->head = (void *)node;
-
- /* bump the count */
- names->numnicknames++;
- }
-
- return(SECSuccess);
-}
-
-CERTCertNicknames *
-CERT_GetCertNicknames(CERTCertDBHandle *handle, int what, void *wincx)
-{
- PRArenaPool *arena;
- CERTCertNicknames *names;
- int i;
- SECStatus rv;
- stringNode *node;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(NULL);
- }
-
- names = (CERTCertNicknames *)PORT_ArenaAlloc(arena, sizeof(CERTCertNicknames));
- if ( names == NULL ) {
- goto loser;
- }
-
- names->arena = arena;
- names->head = NULL;
- names->numnicknames = 0;
- names->nicknames = NULL;
- names->what = what;
- names->totallen = 0;
-
- rv = PK11_TraverseSlotCerts(CollectNicknames, (void *)names, wincx);
- if ( rv ) {
- goto loser;
- }
-
- if ( names->numnicknames ) {
- names->nicknames = (char**)PORT_ArenaAlloc(arena,
- names->numnicknames * sizeof(char *));
-
- if ( names->nicknames == NULL ) {
- goto loser;
- }
-
- node = (stringNode *)names->head;
-
- for ( i = 0; i < names->numnicknames; i++ ) {
- PORT_Assert(node != NULL);
-
- names->nicknames[i] = node->string;
- names->totallen += PORT_Strlen(node->string);
- node = node->next;
- }
-
- PORT_Assert(node == NULL);
- }
-
- return(names);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(NULL);
-}
-
-void
-CERT_FreeNicknames(CERTCertNicknames *nicknames)
-{
- PORT_FreeArena(nicknames->arena, PR_FALSE);
-
- return;
-}
-
-/* [ FROM pcertdb.c ] */
-
-typedef struct dnameNode {
- struct dnameNode *next;
- SECItem name;
-} dnameNode;
-
-void
-CERT_FreeDistNames(CERTDistNames *names)
-{
- PORT_FreeArena(names->arena, PR_FALSE);
-
- return;
-}
-
-static SECStatus
-CollectDistNames( CERTCertificate *cert, SECItem *k, void *data)
-{
- CERTDistNames *names;
- PRBool saveit = PR_FALSE;
- CERTCertTrust *trust;
- dnameNode *node;
- int len;
-
- names = (CERTDistNames *)data;
-
- if ( cert->trust ) {
- trust = cert->trust;
-
- /* only collect names of CAs trusted for issuing SSL clients */
- if ( trust->sslFlags & CERTDB_TRUSTED_CLIENT_CA ) {
- saveit = PR_TRUE;
- }
- }
-
- if ( saveit ) {
- /* allocate the node */
- node = (dnameNode*)PORT_ArenaAlloc(names->arena, sizeof(dnameNode));
- if ( node == NULL ) {
- return(SECFailure);
- }
-
- /* copy the name */
- node->name.len = len = cert->derSubject.len;
- node->name.type = siBuffer;
- node->name.data = (unsigned char*)PORT_ArenaAlloc(names->arena, len);
- if ( node->name.data == NULL ) {
- return(SECFailure);
- }
- PORT_Memcpy(node->name.data, cert->derSubject.data, len);
-
- /* link it into the list */
- node->next = (dnameNode *)names->head;
- names->head = (void *)node;
-
- /* bump the count */
- names->nnames++;
- }
-
- return(SECSuccess);
-}
-
-/*
- * Return all of the CAs that are "trusted" for SSL.
- */
-CERTDistNames *
-CERT_GetSSLCACerts(CERTCertDBHandle *handle)
-{
- PRArenaPool *arena;
- CERTDistNames *names;
- int i;
- SECStatus rv;
- dnameNode *node;
-
- /* allocate an arena to use */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(NULL);
- }
-
- /* allocate the header structure */
- names = (CERTDistNames *)PORT_ArenaAlloc(arena, sizeof(CERTDistNames));
- if ( names == NULL ) {
- goto loser;
- }
-
- /* initialize the header struct */
- names->arena = arena;
- names->head = NULL;
- names->nnames = 0;
- names->names = NULL;
-
- /* collect the names from the database */
- rv = PK11_TraverseSlotCerts(CollectDistNames, (void *)names, NULL);
- if ( rv ) {
- goto loser;
- }
-
- /* construct the array from the list */
- if ( names->nnames ) {
- names->names = (SECItem*)PORT_ArenaAlloc(arena, names->nnames * sizeof(SECItem));
-
- if ( names->names == NULL ) {
- goto loser;
- }
-
- node = (dnameNode *)names->head;
-
- for ( i = 0; i < names->nnames; i++ ) {
- PORT_Assert(node != NULL);
-
- names->names[i] = node->name;
- node = node->next;
- }
-
- PORT_Assert(node == NULL);
- }
-
- return(names);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(NULL);
-}
-
-CERTDistNames *
-CERT_DistNamesFromNicknames(CERTCertDBHandle *handle, char **nicknames,
- int nnames)
-{
- CERTDistNames *dnames = NULL;
- PRArenaPool *arena;
- int i, rv;
- SECItem *names = NULL;
- CERTCertificate *cert = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) goto loser;
- dnames = (CERTDistNames*)PORT_Alloc(sizeof(CERTDistNames));
- if (dnames == NULL) goto loser;
-
- dnames->arena = arena;
- dnames->nnames = nnames;
- dnames->names = names = (SECItem*)PORT_Alloc(nnames * sizeof(SECItem));
- if (names == NULL) goto loser;
-
- for (i = 0; i < nnames; i++) {
- cert = CERT_FindCertByNicknameOrEmailAddr(handle, nicknames[i]);
- if (cert == NULL) goto loser;
- rv = SECITEM_CopyItem(arena, &names[i], &cert->derSubject);
- if (rv == SECFailure) goto loser;
- CERT_DestroyCertificate(cert);
- }
- return dnames;
-
-loser:
- if (cert != NULL)
- CERT_DestroyCertificate(cert);
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-/* [ from pcertdb.c - calls Ascii to Name ] */
-/*
- * Lookup a certificate in the database by name
- */
-CERTCertificate *
-CERT_FindCertByNameString(CERTCertDBHandle *handle, char *nameStr)
-{
- CERTName *name;
- SECItem *nameItem;
- CERTCertificate *cert = NULL;
- PRArenaPool *arena = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( arena == NULL ) {
- goto loser;
- }
-
- name = CERT_AsciiToName(nameStr);
-
- if ( name ) {
- nameItem = SEC_ASN1EncodeItem (arena, NULL, (void *)name,
- CERT_NameTemplate);
- if ( nameItem == NULL ) {
- goto loser;
- }
-
- cert = CERT_FindCertByName(handle, nameItem);
- CERT_DestroyName(name);
- }
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(cert);
-}
-
-/* From certv3.c */
-
-CERTCrlDistributionPoints *
-CERT_FindCRLDistributionPoints (CERTCertificate *cert)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension(cert->extensions, SEC_OID_X509_CRL_DIST_POINTS,
- &encodedExtenValue);
- if ( rv != SECSuccess ) {
- return (NULL);
- }
-
- return (CERT_DecodeCRLDistributionPoints (cert->arena,
- &encodedExtenValue));
-}
-
-/* From crl.c */
-CERTSignedCrl * CERT_ImportCRL
- (CERTCertDBHandle *handle, SECItem *derCRL, char *url, int type, void *wincx)
-{
- CERTCertificate *caCert;
- CERTSignedCrl *newCrl, *crl;
- SECStatus rv;
-
- newCrl = crl = NULL;
-
- PORT_Assert (handle != NULL);
- do {
-
- newCrl = CERT_DecodeDERCrl(NULL, derCRL, type);
- if (newCrl == NULL) {
- if (type == SEC_CRL_TYPE) {
- /* only promote error when the error code is too generic */
- if (PORT_GetError () == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_CRL_INVALID);
- } else {
- PORT_SetError(SEC_ERROR_KRL_INVALID);
- }
- break;
- }
-
- caCert = CERT_FindCertByName (handle, &newCrl->crl.derName);
- if (caCert == NULL) {
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- break;
- }
-
- /* If caCert is a v3 certificate, make sure that it can be used for
- crl signing purpose */
- rv = CERT_CheckCertUsage (caCert, KU_CRL_SIGN);
- if (rv != SECSuccess) {
- break;
- }
-
- rv = CERT_VerifySignedData(&newCrl->signatureWrap, caCert,
- PR_Now(), wincx);
- if (rv != SECSuccess) {
- if (type == SEC_CRL_TYPE) {
- PORT_SetError(SEC_ERROR_CRL_BAD_SIGNATURE);
- } else {
- PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
- }
- break;
- }
-
-#ifdef FIXME
- /* Do CRL validation and add to the dbase if this crl is more present then the one
- in the dbase, if one exists.
- */
- crl = cert_DBInsertCRL (handle, url, newCrl, derCRL, type);
-#endif
-
- } while (0);
-
- SEC_DestroyCrl (newCrl);
- return (crl);
-}
-
-/* From certdb.c */
-static SECStatus
-cert_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage, PRBool trusted)
-{
- SECStatus rv;
- SECItem *derCert;
- PRArenaPool *arena;
- CERTCertificate *cert = NULL;
- CERTCertificate *newcert = NULL;
- CERTCertDBHandle *handle;
- CERTCertTrust trust;
- PRBool isca;
- char *nickname;
- unsigned int certtype;
-
- handle = CERT_GetDefaultCertDB();
-
- arena = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( ! arena ) {
- goto loser;
- }
-
- while (numcerts--) {
- derCert = certs;
- certs++;
-
- /* decode my certificate */
- newcert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if ( newcert == NULL ) {
- goto loser;
- }
-
- if (!trusted) {
- /* make sure that cert is valid */
- rv = CERT_CertTimesValid(newcert);
- if ( rv == SECFailure ) {
- goto endloop;
- }
- }
-
- /* does it have the CA extension */
-
- /*
- * Make sure that if this is an intermediate CA in the chain that
- * it was given permission by its signer to be a CA.
- */
- isca = CERT_IsCACert(newcert, &certtype);
-
- if ( !isca ) {
- if (!trusted) {
- goto endloop;
- }
- trust.sslFlags = CERTDB_VALID_CA;
- trust.emailFlags = CERTDB_VALID_CA;
- trust.objectSigningFlags = CERTDB_VALID_CA;
- } else {
- /* SSL ca's must have the ssl bit set */
- if ( ( certUsage == certUsageSSLCA ) &&
- (( certtype & NS_CERT_TYPE_SSL_CA ) != NS_CERT_TYPE_SSL_CA )) {
- goto endloop;
- }
-
- /* it passed all of the tests, so lets add it to the database */
- /* mark it as a CA */
- PORT_Memset((void *)&trust, 0, sizeof(trust));
- switch ( certUsage ) {
- case certUsageSSLCA:
- trust.sslFlags = CERTDB_VALID_CA;
- break;
- case certUsageUserCertImport:
- if ((certtype & NS_CERT_TYPE_SSL_CA) == NS_CERT_TYPE_SSL_CA) {
- trust.sslFlags = CERTDB_VALID_CA;
- }
- if ((certtype & NS_CERT_TYPE_EMAIL_CA)
- == NS_CERT_TYPE_EMAIL_CA ) {
- trust.emailFlags = CERTDB_VALID_CA;
- }
- if ( ( certtype & NS_CERT_TYPE_OBJECT_SIGNING_CA ) ==
- NS_CERT_TYPE_OBJECT_SIGNING_CA ) {
- trust.objectSigningFlags = CERTDB_VALID_CA;
- }
- break;
- default:
- PORT_Assert(0);
- break;
- }
- }
-
- cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if ( cert == NULL ) {
- goto loser;
- }
-
- /* get a default nickname for it */
- nickname = CERT_MakeCANickname(cert);
-
- cert->trust = &trust;
- rv = PK11_ImportCert(PK11_GetInternalKeySlot(), cert,
- CK_INVALID_HANDLE, nickname, PR_TRUE);
-
- /* free the nickname */
- if ( nickname ) {
- PORT_Free(nickname);
- }
-
- CERT_DestroyCertificate(cert);
- cert = NULL;
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
-endloop:
- if ( newcert ) {
- CERT_DestroyCertificate(newcert);
- newcert = NULL;
- }
-
- }
-
- rv = SECSuccess;
- goto done;
-loser:
- rv = SECFailure;
-done:
-
- if ( newcert ) {
- CERT_DestroyCertificate(newcert);
- newcert = NULL;
- }
-
- if ( cert ) {
- CERT_DestroyCertificate(cert);
- cert = NULL;
- }
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(rv);
-}
-
-SECStatus
-CERT_ImportCAChain(SECItem *certs, int numcerts, SECCertUsage certUsage)
-{
- return cert_ImportCAChain(certs, numcerts, certUsage, PR_FALSE);
-}
-
-SECStatus
-CERT_ImportCAChainTrusted(SECItem *certs, int numcerts, SECCertUsage certUsage) {
- return cert_ImportCAChain(certs, numcerts, certUsage, PR_TRUE);
-}
-
-/* Moved from certdb.c */
-/*
-** CERT_CertChainFromCert
-**
-** Construct a CERTCertificateList consisting of the given certificate and all
-** of the issuer certs until we either get to a self-signed cert or can't find
-** an issuer. Since we don't know how many certs are in the chain we have to
-** build a linked list first as we count them.
-*/
-
-typedef struct certNode {
- struct certNode *next;
- CERTCertificate *cert;
-} certNode;
-
-CERTCertificateList *
-CERT_CertChainFromCert(CERTCertificate *cert, SECCertUsage usage,
- PRBool includeRoot)
-{
-#ifdef NSS_CLASSIC
- CERTCertificateList *chain = NULL;
- CERTCertificate *c;
- SECItem *p;
- int rv, len = 0;
- PRArenaPool *tmpArena, *arena;
- certNode *head, *tail, *node;
-
- /*
- * Initialize stuff so we can goto loser.
- */
- head = NULL;
- arena = NULL;
-
- /* arena for linked list */
- tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (tmpArena == NULL) goto no_memory;
-
- /* arena for SecCertificateList */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) goto no_memory;
-
- head = tail = (certNode*)PORT_ArenaZAlloc(tmpArena, sizeof(certNode));
- if (head == NULL) goto no_memory;
-
- /* put primary cert first in the linked list */
- head->cert = c = CERT_DupCertificate(cert);
- if (head->cert == NULL) goto loser;
- len++;
-
- /* add certs until we come to a self-signed one */
- while(SECITEM_CompareItem(&c->derIssuer, &c->derSubject) != SECEqual) {
- c = CERT_FindCertIssuer(tail->cert, PR_Now(), usage);
- if (c == NULL) {
- /* no root is found, so make sure we don't attempt to delete one
- * below
- */
- includeRoot = PR_TRUE;
- break;
- }
-
- tail->next = (certNode*)PORT_ArenaZAlloc(tmpArena, sizeof(certNode));
- tail = tail->next;
- if (tail == NULL) goto no_memory;
-
- tail->cert = c;
- len++;
- }
-
- /* now build the CERTCertificateList */
- chain = (CERTCertificateList *)PORT_ArenaAlloc(arena, sizeof(CERTCertificateList));
- if (chain == NULL) goto no_memory;
- chain->certs = (SECItem*)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
- if (chain->certs == NULL) goto no_memory;
-
- for(node = head, p = chain->certs; node; node = node->next, p++) {
- rv = SECITEM_CopyItem(arena, p, &node->cert->derCert);
- CERT_DestroyCertificate(node->cert);
- node->cert = NULL;
- if (rv < 0) goto loser;
- }
- if ( !includeRoot && len > 1) {
- chain->len = len - 1;
- } else {
- chain->len = len;
- }
-
- chain->arena = arena;
-
- PORT_FreeArena(tmpArena, PR_FALSE);
-
- return chain;
-
-no_memory:
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-loser:
- if (head != NULL) {
- for (node = head; node; node = node->next) {
- if (node->cert != NULL)
- CERT_DestroyCertificate(node->cert);
- }
- }
-
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- if (tmpArena != NULL) {
- PORT_FreeArena(tmpArena, PR_FALSE);
- }
-
- return NULL;
-#else
- CERTCertificateList *chain = NULL;
- NSSCertificate **stanChain;
- NSSCertificate *stanCert;
- PRArenaPool *arena;
- NSSUsage nssUsage;
- int i, len;
-
- stanCert = STAN_GetNSSCertificate(cert);
- nssUsage.anyUsage = PR_FALSE;
- nssUsage.nss3usage = usage;
- stanChain = NSSCertificate_BuildChain(stanCert, NULL, &nssUsage, NULL,
- NULL, 0, NULL, NULL);
- if (!stanChain) {
- return NULL;
- }
-
- len = 0;
- stanCert = stanChain[0];
- while (stanCert) {
- stanCert = stanChain[++len];
- }
-
- arena = PORT_NewArena(4096);
- if (arena == NULL) {
- /* XXX destroy certs in chain */
- nss_ZFreeIf(stanChain);
- }
-
- chain = (CERTCertificateList *)PORT_ArenaAlloc(arena,
- sizeof(CERTCertificateList));
- chain->certs = (SECItem*)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
- i = 0;
- stanCert = stanChain[i];
- while (stanCert) {
- SECItem derCert;
- derCert.len = (unsigned int)stanCert->encoding.size;
- derCert.data = (unsigned char *)stanCert->encoding.data;
- SECITEM_CopyItem(arena, &chain->certs[i], &derCert);
- /* XXX CERT_DestroyCertificate(node->cert); */
- stanCert = stanChain[++i];
- }
- if ( !includeRoot && len > 1) {
- chain->len = len - 1;
- } else {
- chain->len = len;
- }
-
- chain->arena = arena;
- nss_ZFreeIf(stanChain);
- return chain;
-#endif
-}
-
-/* Builds a CERTCertificateList holding just one DER-encoded cert, namely
-** the one for the cert passed as an argument.
-*/
-CERTCertificateList *
-CERT_CertListFromCert(CERTCertificate *cert)
-{
- CERTCertificateList *chain = NULL;
- int rv;
- PRArenaPool *arena;
-
- /* arena for SecCertificateList */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) goto no_memory;
-
- /* build the CERTCertificateList */
- chain = (CERTCertificateList *)PORT_ArenaAlloc(arena, sizeof(CERTCertificateList));
- if (chain == NULL) goto no_memory;
- chain->certs = (SECItem*)PORT_ArenaAlloc(arena, 1 * sizeof(SECItem));
- if (chain->certs == NULL) goto no_memory;
- rv = SECITEM_CopyItem(arena, chain->certs, &(cert->derCert));
- if (rv < 0) goto loser;
- chain->len = 1;
- chain->arena = arena;
-
- return chain;
-
-no_memory:
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-CERTCertificateList *
-CERT_DupCertList(CERTCertificateList * oldList)
-{
- CERTCertificateList *newList = NULL;
- PRArenaPool *arena = NULL;
- SECItem *newItem;
- SECItem *oldItem;
- int len = oldList->len;
- int rv;
-
- /* arena for SecCertificateList */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto no_memory;
-
- /* now build the CERTCertificateList */
- newList = PORT_ArenaNew(arena, CERTCertificateList);
- if (newList == NULL)
- goto no_memory;
- newList->arena = arena;
- newItem = (SECItem*)PORT_ArenaAlloc(arena, len * sizeof(SECItem));
- if (newItem == NULL)
- goto no_memory;
- newList->certs = newItem;
- newList->len = len;
-
- for (oldItem = oldList->certs; len > 0; --len, ++newItem, ++oldItem) {
- rv = SECITEM_CopyItem(arena, newItem, oldItem);
- if (rv < 0)
- goto loser;
- }
- return newList;
-
-no_memory:
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-void
-CERT_DestroyCertificateList(CERTCertificateList *list)
-{
- PORT_FreeArena(list->arena, PR_FALSE);
-}
-
diff --git a/security/nss/lib/certhigh/certhtml.c b/security/nss/lib/certhigh/certhtml.c
deleted file mode 100644
index ff5f3c82d..000000000
--- a/security/nss/lib/certhigh/certhtml.c
+++ /dev/null
@@ -1,605 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * certhtml.c --- convert a cert to html
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "sechash.h"
-#include "cert.h"
-#include "keyhi.h"
-#include "secder.h"
-#include "prprf.h"
-#include "secport.h"
-#include "secasn1.h"
-#include "pk11func.h"
-
-static char *hex = "0123456789ABCDEF";
-
-/*
-** Convert a der-encoded integer to a hex printable string form
-*/
-char *CERT_Hexify (SECItem *i, int do_colon)
-{
- unsigned char *cp, *end;
- char *rv, *o;
-
- if (!i->len) {
- return PORT_Strdup("00");
- }
-
- rv = o = (char*) PORT_Alloc(i->len * 3);
- if (!rv) return rv;
-
- cp = i->data;
- end = cp + i->len;
- while (cp < end) {
- unsigned char ch = *cp++;
- *o++ = hex[(ch >> 4) & 0xf];
- *o++ = hex[ch & 0xf];
- if (cp != end) {
- if (do_colon) {
- *o++ = ':';
- }
- }
- }
- *o = 0; /* Null terminate the string */
- return rv;
-}
-
-static char *
-gatherStrings(char **strings)
-{
- char **strs;
- int len;
- char *ret;
- char *s;
-
- /* find total length of all strings */
- strs = strings;
- len = 0;
- while ( *strs ) {
- len += PORT_Strlen(*strs);
- strs++;
- }
-
- /* alloc enough memory for it */
- ret = (char*)PORT_Alloc(len + 1);
- if ( !ret ) {
- return(ret);
- }
-
- s = ret;
-
- /* copy the strings */
- strs = strings;
- while ( *strs ) {
- PORT_Strcpy(s, *strs);
- s += PORT_Strlen(*strs);
- strs++;
- }
-
- return( ret );
-}
-
-#define BREAK "<br>"
-#define BREAKLEN 4
-#define COMMA ", "
-#define COMMALEN 2
-
-#define MAX_OUS 20
-#define MAX_DC MAX_OUS
-
-
-char *CERT_FormatName (CERTName *name)
-{
- CERTRDN** rdns;
- CERTRDN * rdn;
- CERTAVA** avas;
- CERTAVA* ava;
- char * buf = 0;
- char * tmpbuf = 0;
- SECItem * cn = 0;
- SECItem * email = 0;
- SECItem * org = 0;
- SECItem * loc = 0;
- SECItem * state = 0;
- SECItem * country = 0;
- SECItem * dq = 0;
-
- unsigned len = 0;
- int tag;
- int i;
- int ou_count = 0;
- int dc_count = 0;
- PRBool first;
- SECItem * orgunit[MAX_OUS];
- SECItem * dc[MAX_DC];
-
- /* Loop over name components and gather the interesting ones */
- rdns = name->rdns;
- while ((rdn = *rdns++) != 0) {
- avas = rdn->avas;
- while ((ava = *avas++) != 0) {
- tag = CERT_GetAVATag(ava);
- switch(tag) {
- case SEC_OID_AVA_COMMON_NAME:
- cn = CERT_DecodeAVAValue(&ava->value);
- len += cn->len;
- break;
- case SEC_OID_AVA_COUNTRY_NAME:
- country = CERT_DecodeAVAValue(&ava->value);
- len += country->len;
- break;
- case SEC_OID_AVA_LOCALITY:
- loc = CERT_DecodeAVAValue(&ava->value);
- len += loc->len;
- break;
- case SEC_OID_AVA_STATE_OR_PROVINCE:
- state = CERT_DecodeAVAValue(&ava->value);
- len += state->len;
- break;
- case SEC_OID_AVA_ORGANIZATION_NAME:
- org = CERT_DecodeAVAValue(&ava->value);
- len += org->len;
- break;
- case SEC_OID_AVA_DN_QUALIFIER:
- dq = CERT_DecodeAVAValue(&ava->value);
- len += dq->len;
- break;
- case SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME:
- if (ou_count < MAX_OUS) {
- orgunit[ou_count] = CERT_DecodeAVAValue(&ava->value);
- len += orgunit[ou_count++]->len;
- }
- break;
- case SEC_OID_AVA_DC:
- if (dc_count < MAX_DC) {
- dc[dc_count] = CERT_DecodeAVAValue(&ava->value);
- len += dc[dc_count++]->len;
- }
- break;
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- case SEC_OID_RFC1274_MAIL:
- email = CERT_DecodeAVAValue(&ava->value);
- len += email->len;
- break;
- default:
- break;
- }
- }
- }
-
- /* XXX - add some for formatting */
- len += 128;
-
- /* allocate buffer */
- buf = (char *)PORT_Alloc(len);
- if ( !buf ) {
- return(0);
- }
-
- tmpbuf = buf;
-
- if ( cn ) {
- PORT_Memcpy(tmpbuf, cn->data, cn->len);
- tmpbuf += cn->len;
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(cn, PR_TRUE);
- }
- if ( email ) {
- PORT_Memcpy(tmpbuf, email->data, email->len);
- tmpbuf += ( email->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(email, PR_TRUE);
- }
- for (i=ou_count-1; i >= 0; i--) {
- PORT_Memcpy(tmpbuf, orgunit[i]->data, orgunit[i]->len);
- tmpbuf += ( orgunit[i]->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(orgunit[i], PR_TRUE);
- }
- if ( dq ) {
- PORT_Memcpy(tmpbuf, dq->data, dq->len);
- tmpbuf += ( dq->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(dq, PR_TRUE);
- }
- if ( org ) {
- PORT_Memcpy(tmpbuf, org->data, org->len);
- tmpbuf += ( org->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(org, PR_TRUE);
- }
- for (i=dc_count-1; i >= 0; i--) {
- PORT_Memcpy(tmpbuf, dc[i]->data, dc[i]->len);
- tmpbuf += ( dc[i]->len );
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- SECITEM_FreeItem(dc[i], PR_TRUE);
- }
- first = PR_TRUE;
- if ( loc ) {
- PORT_Memcpy(tmpbuf, loc->data, loc->len);
- tmpbuf += ( loc->len );
- first = PR_FALSE;
- SECITEM_FreeItem(loc, PR_TRUE);
- }
- if ( state ) {
- if ( !first ) {
- PORT_Memcpy(tmpbuf, COMMA, COMMALEN);
- tmpbuf += COMMALEN;
- }
- PORT_Memcpy(tmpbuf, state->data, state->len);
- tmpbuf += ( state->len );
- first = PR_FALSE;
- SECITEM_FreeItem(state, PR_TRUE);
- }
- if ( country ) {
- if ( !first ) {
- PORT_Memcpy(tmpbuf, COMMA, COMMALEN);
- tmpbuf += COMMALEN;
- }
- PORT_Memcpy(tmpbuf, country->data, country->len);
- tmpbuf += ( country->len );
- first = PR_FALSE;
- SECITEM_FreeItem(country, PR_TRUE);
- }
- if ( !first ) {
- PORT_Memcpy(tmpbuf, BREAK, BREAKLEN);
- tmpbuf += BREAKLEN;
- }
-
- *tmpbuf = 0;
-
- return(buf);
-}
-
-static char *sec_FortezzaClearance(SECItem *clearance) {
- unsigned char clr = 0;
-
- if (clearance->len > 0) { clr = clearance->data[0]; }
-
- if (clr & 0x4) return "Top Secret";
- if (clr & 0x8) return "Secret";
- if (clr & 0x10) return "Confidential";
- if (clr & 0x20) return "Sensitive";
- if (clr & 0x40) return "Unclassified";
- return "None";
-}
-
-static char *sec_FortezzaMessagePrivilege(SECItem *priv) {
- unsigned char clr = 0;
-
- if (priv->len > 0) { clr = (priv->data[0]) & 0x78; }
-
- if (clr == 0x00) {
- return "None";
- } else {
-
- return PR_smprintf("%s%s%s%s%s%s%s",
-
- clr&0x40?"Critical/Flash":"",
- (clr&0x40) && (clr&0x38) ? ", " : "" ,
-
- clr&0x20?"Immediate/Priority":"",
- (clr&0x20) && (clr&0x18) ? ", " : "" ,
-
- clr&0x10?"Routine/Deferred":"",
- (clr&0x10) && (clr&0x08) ? ", " : "" ,
-
- clr&0x08?"Rekey Agent":"");
- }
-
-}
-
-static char *sec_FortezzaCertPrivilege(SECItem *priv) {
- unsigned char clr = 0;
-
- if (priv->len > 0) { clr = priv->data[0]; }
-
- return PR_smprintf("%s%s%s%s%s%s%s%s%s%s%s%s",
- clr&0x40?"Organizational Releaser":"",
- (clr&0x40) && (clr&0x3e) ? "," : "" ,
- clr&0x20?"Policy Creation Authority":"",
- (clr&0x20) && (clr&0x1e) ? "," : "" ,
- clr&0x10?"Certificate Authority":"",
- (clr&0x10) && (clr&0x0e) ? "," : "" ,
- clr&0x08?"Local Managment Authority":"",
- (clr&0x08) && (clr&0x06) ? "," : "" ,
- clr&0x04?"Configuration Vector Authority":"",
- (clr&0x04) && (clr&0x02) ? "," : "" ,
- clr&0x02?"No Signature Capability":"",
- clr&0x7e?"":"Signing Only"
- );
-}
-
-static char *htmlcertstrings[] = {
- "<table border=0 cellspacing=0 cellpadding=0><tr><td valign=top>"
- "<font size=2><b>This Certificate belongs to:</b><br>"
- "<table border=0 cellspacing=0 cellpadding=0><tr><td>",
- 0, /* image goes here */
- 0,
- 0,
- "</td><td width=10> </td><td><font size=2>",
- 0, /* subject name goes here */
- "</td></tr></table></font></td><td width=20> </td><td valign=top>"
- "<font size=2><b>This Certificate was issued by:</b><br>"
- "<table border=0 cellspacing=0 cellpadding=0><tr><td>",
- 0, /* image goes here */
- 0,
- 0,
- "</td><td width=10> </td><td><font size=2>",
- 0, /* issuer name goes here */
- "</td></tr></table></font></td></tr></table>"
- "<b>Serial Number:</b> ",
- 0,
- "<br><b>This Certificate is valid from ",
- 0, /* notBefore goes here */
- " to ",
- 0, /* notAfter does here */
- "</b><br><b>Clearance:</b>",
- 0,
- "<br><b>DSS Privileges:</b>",
- 0,
- "<br><b>KEA Privileges:</b>",
- 0,
- "<br><b>KMID:</b>",
- 0,
- "<br><b>Certificate Fingerprint:</b>"
- "<table border=0 cellspacing=0 cellpadding=0><tr>"
- "<td width=10> </td><td><font size=2>",
- 0, /* fingerprint goes here */
- "</td></tr></table>",
- 0, /* comment header goes here */
- 0, /* comment goes here */
- 0, /* comment trailer goes here */
- 0
-};
-
-char *
-CERT_HTMLCertInfo(CERTCertificate *cert, PRBool showImages, PRBool showIssuer)
-{
- SECStatus rv;
- char *issuer, *subject, *serialNumber, *version;
- char *notBefore, *notAfter;
- char *ret;
- char *nickname;
- SECItem dummyitem;
- unsigned char fingerprint[16]; /* result of MD5, always 16 bytes */
- char *fpstr;
- SECItem fpitem;
- char *commentstring = NULL;
- SECKEYPublicKey *pubk;
- char *DSSPriv;
- char *KMID = NULL;
- char *servername;
-
- if (!cert) {
- return(0);
- }
-
- issuer = CERT_FormatName (&cert->issuer);
- subject = CERT_FormatName (&cert->subject);
- version = CERT_Hexify (&cert->version,1);
- serialNumber = CERT_Hexify (&cert->serialNumber,1);
- notBefore = DER_UTCDayToAscii(&cert->validity.notBefore);
- notAfter = DER_UTCDayToAscii(&cert->validity.notAfter);
- servername = CERT_FindNSStringExtension(cert,
- SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME);
-
- nickname = cert->nickname;
- if ( nickname == NULL ) {
- showImages = PR_FALSE;
- }
-
- dummyitem.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_NS_CERT_EXT_SUBJECT_LOGO,
- &dummyitem);
- if ( dummyitem.data ) {
- PORT_Free(dummyitem.data);
- }
-
- if ( rv || !showImages ) {
- htmlcertstrings[1] = "";
- htmlcertstrings[2] = "";
- htmlcertstrings[3] = "";
- } else {
- htmlcertstrings[1] = "<img src=\"about:security?subject-logo=";
- htmlcertstrings[2] = nickname;
- htmlcertstrings[3] = "\">";
- }
-
- if ( servername ) {
- char *tmpstr;
- tmpstr = (char *)PORT_Alloc(PORT_Strlen(subject) +
- PORT_Strlen(servername) +
- sizeof("<br>") + 1);
- if ( tmpstr ) {
- PORT_Strcpy(tmpstr, servername);
- PORT_Strcat(tmpstr, "<br>");
- PORT_Strcat(tmpstr, subject);
- PORT_Free(subject);
- subject = tmpstr;
- }
- }
-
- htmlcertstrings[5] = subject;
-
- dummyitem.data = NULL;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_NS_CERT_EXT_ISSUER_LOGO,
- &dummyitem);
- if ( dummyitem.data ) {
- PORT_Free(dummyitem.data);
- }
-
- if ( rv || !showImages ) {
- htmlcertstrings[7] = "";
- htmlcertstrings[8] = "";
- htmlcertstrings[9] = "";
- } else {
- htmlcertstrings[7] = "<img src=\"about:security?issuer-logo=";
- htmlcertstrings[8] = nickname;
- htmlcertstrings[9] = "\">";
- }
-
-
- if (showIssuer == PR_TRUE) {
- htmlcertstrings[11] = issuer;
- } else {
- htmlcertstrings[11] = "";
- }
-
- htmlcertstrings[13] = serialNumber;
- htmlcertstrings[15] = notBefore;
- htmlcertstrings[17] = notAfter;
-
- pubk = CERT_ExtractPublicKey(cert);
- DSSPriv = NULL;
- if (pubk && (pubk->keyType == fortezzaKey)) {
- htmlcertstrings[18] = "</b><br><b>Clearance:</b>";
- htmlcertstrings[19] = sec_FortezzaClearance(
- &pubk->u.fortezza.clearance);
- htmlcertstrings[20] = "<br><b>DSS Privileges:</b>";
- DSSPriv = sec_FortezzaCertPrivilege(
- &pubk->u.fortezza.DSSpriviledge);
- htmlcertstrings[21] = DSSPriv;
- htmlcertstrings[22] = "<br><b>KEA Privileges:</b>";
- htmlcertstrings[23] = sec_FortezzaMessagePrivilege(
- &pubk->u.fortezza.KEApriviledge);
- htmlcertstrings[24] = "<br><b>KMID:</b>";
- dummyitem.data = &pubk->u.fortezza.KMID[0];
- dummyitem.len = sizeof(pubk->u.fortezza.KMID);
- KMID = CERT_Hexify (&dummyitem,0);
- htmlcertstrings[25] = KMID;
- } else {
- /* clear out the headers in the non-fortezza cases */
- htmlcertstrings[18] = "";
- htmlcertstrings[19] = "";
- htmlcertstrings[20] = "";
- htmlcertstrings[21] = "";
- htmlcertstrings[22] = "";
- htmlcertstrings[23] = "";
- htmlcertstrings[24] = "";
- htmlcertstrings[25] = "</b>";
- }
-
- if (pubk) {
- SECKEY_DestroyPublicKey(pubk);
- }
-
-#define HTML_OFF 27
- rv = PK11_HashBuf(SEC_OID_MD5, fingerprint,
- cert->derCert.data, cert->derCert.len);
-
- fpitem.data = fingerprint;
- fpitem.len = sizeof(fingerprint);
-
- fpstr = CERT_Hexify (&fpitem,1);
-
- htmlcertstrings[HTML_OFF] = fpstr;
-
- commentstring = CERT_GetCertCommentString(cert);
-
- if (commentstring == NULL) {
- htmlcertstrings[HTML_OFF+2] = "";
- htmlcertstrings[HTML_OFF+3] = "";
- htmlcertstrings[HTML_OFF+4] = "";
- } else {
- htmlcertstrings[HTML_OFF+2] =
- "<b>Comment:</b>"
- "<table border=0 cellspacing=0 cellpadding=0><tr>"
- "<td width=10> </td><td><font size=3>"
- "<textarea name=foobar rows=4 cols=55 onfocus=\"this.blur()\">";
- htmlcertstrings[HTML_OFF+3] = commentstring;
- htmlcertstrings[HTML_OFF+4] = "</textarea></font></td></tr></table>";
- }
-
- ret = gatherStrings(htmlcertstrings);
-
- if ( issuer ) {
- PORT_Free(issuer);
- }
-
- if ( subject ) {
- PORT_Free(subject);
- }
-
- if ( version ) {
- PORT_Free(version);
- }
-
- if ( serialNumber ) {
- PORT_Free(serialNumber);
- }
-
- if ( notBefore ) {
- PORT_Free(notBefore);
- }
-
- if ( notAfter ) {
- PORT_Free(notAfter);
- }
-
- if ( fpstr ) {
- PORT_Free(fpstr);
- }
- if (DSSPriv) {
- PORT_Free(DSSPriv);
- }
-
- if (KMID) {
- PORT_Free(KMID);
- }
-
- if ( commentstring ) {
- PORT_Free(commentstring);
- }
-
- if ( servername ) {
- PORT_Free(servername);
- }
-
- return(ret);
-}
-
diff --git a/security/nss/lib/certhigh/certreq.c b/security/nss/lib/certhigh/certreq.c
deleted file mode 100644
index 1588c1896..000000000
--- a/security/nss/lib/certhigh/certreq.c
+++ /dev/null
@@ -1,230 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cert.h"
-#include "secder.h"
-#include "key.h"
-#include "secitem.h"
-#include "secasn1.h"
-
-const SEC_ASN1Template CERT_AttributeTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTAttribute) },
- { SEC_ASN1_OBJECT_ID, offsetof(CERTAttribute, attrType) },
- { SEC_ASN1_SET_OF, offsetof(CERTAttribute, attrValue),
- SEC_AnyTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template CERT_SetOfAttributeTemplate[] = {
- { SEC_ASN1_SET_OF, 0, CERT_AttributeTemplate },
-};
-
-const SEC_ASN1Template CERT_CertificateRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTCertificateRequest) },
- { SEC_ASN1_INTEGER,
- offsetof(CERTCertificateRequest,version) },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificateRequest,subject),
- CERT_NameTemplate },
- { SEC_ASN1_INLINE,
- offsetof(CERTCertificateRequest,subjectPublicKeyInfo),
- CERT_SubjectPublicKeyInfoTemplate },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTCertificateRequest,attributes),
- CERT_SetOfAttributeTemplate },
- { 0 }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_CertificateRequestTemplate)
-
-CERTCertificate *
-CERT_CreateCertificate(unsigned long serialNumber,
- CERTName *issuer,
- CERTValidity *validity,
- CERTCertificateRequest *req)
-{
- CERTCertificate *c;
- int rv;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- return(0);
- }
-
- c = (CERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(CERTCertificate));
-
- if (c) {
- c->referenceCount = 1;
- c->arena = arena;
-
- /*
- * Default is a plain version 1.
- * If extensions are added, it will get changed as appropriate.
- */
- rv = DER_SetUInteger(arena, &c->version, SEC_CERTIFICATE_VERSION_1);
- if (rv) goto loser;
-
- rv = DER_SetUInteger(arena, &c->serialNumber, serialNumber);
- if (rv) goto loser;
-
- rv = CERT_CopyName(arena, &c->issuer, issuer);
- if (rv) goto loser;
-
- rv = CERT_CopyValidity(arena, &c->validity, validity);
- if (rv) goto loser;
-
- rv = CERT_CopyName(arena, &c->subject, &req->subject);
- if (rv) goto loser;
- rv = SECKEY_CopySubjectPublicKeyInfo(arena, &c->subjectPublicKeyInfo,
- &req->subjectPublicKeyInfo);
- if (rv) goto loser;
- }
- return c;
-
- loser:
- CERT_DestroyCertificate(c);
- return 0;
-}
-
-/************************************************************************/
-
-CERTCertificateRequest *
-CERT_CreateCertificateRequest(CERTName *subject,
- CERTSubjectPublicKeyInfo *spki,
- SECItem **attributes)
-{
- CERTCertificateRequest *certreq;
- PRArenaPool *arena;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return NULL;
- }
-
- certreq = (CERTCertificateRequest *)
- PORT_ArenaZAlloc(arena, sizeof(CERTCertificateRequest));
-
- if (certreq != NULL) {
- certreq->arena = arena;
-
- rv = DER_SetUInteger(arena, &certreq->version,
- SEC_CERTIFICATE_REQUEST_VERSION);
- if (rv != SECSuccess)
- goto loser;
-
- rv = CERT_CopyName(arena, &certreq->subject, subject);
- if (rv != SECSuccess)
- goto loser;
-
- rv = SECKEY_CopySubjectPublicKeyInfo(arena,
- &certreq->subjectPublicKeyInfo,
- spki);
- if (rv != SECSuccess)
- goto loser;
-
- /* Copy over attribute information */
- if (attributes) {
- int i = 0;
-
- /* allocate space for attributes */
- while(attributes[i] != NULL) i++;
- certreq->attributes = (SECItem**)PORT_ArenaZAlloc(arena,
- sizeof(SECItem *) * (i + 1));
- if(!certreq->attributes) {
- goto loser;
- }
-
- /* copy attributes */
- i = 0;
- while(attributes[i]) {
- /*
- ** Attributes are a SetOf Attribute which implies
- ** lexigraphical ordering. It is assumes that the
- ** attributes are passed in sorted. If we need to
- ** add functionality to sort them, there is an
- ** example in the PKCS 7 code.
- */
- certreq->attributes[i] = (SECItem*)PORT_ArenaZAlloc(arena,
- sizeof(SECItem));
- if(!certreq->attributes[i]) {
- goto loser;
- };
- rv = SECITEM_CopyItem(arena, certreq->attributes[i],
- attributes[i]);
- if (rv != SECSuccess) {
- goto loser;
- }
- i++;
- }
- certreq->attributes[i] = NULL;
- } else {
- /*
- ** Invent empty attribute information. According to the
- ** pkcs#10 spec, attributes has this ASN.1 type:
- **
- ** attributes [0] IMPLICIT Attributes
- **
- ** Which means, we should create a NULL terminated list
- ** with the first entry being NULL;
- */
- certreq->attributes = (SECItem**)PORT_ArenaZAlloc(arena, sizeof(SECItem *));
- if(!certreq->attributes) {
- goto loser;
- }
- certreq->attributes[0] = NULL;
- }
- } else {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return certreq;
-
-loser:
- CERT_DestroyCertificateRequest(certreq);
- return NULL;
-}
-
-void
-CERT_DestroyCertificateRequest(CERTCertificateRequest *req)
-{
- if (req && req->arena) {
- PORT_FreeArena(req->arena, PR_FALSE);
- }
- return;
-}
-
diff --git a/security/nss/lib/certhigh/certvfy.c b/security/nss/lib/certhigh/certvfy.c
deleted file mode 100644
index bd43be1b4..000000000
--- a/security/nss/lib/certhigh/certvfy.c
+++ /dev/null
@@ -1,1635 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "nspr.h"
-#include "secerr.h"
-#include "secport.h"
-#include "seccomon.h"
-#include "secoid.h"
-#include "sslerr.h"
-#include "genname.h"
-#include "keyhi.h"
-#include "cert.h"
-#include "certdb.h"
-#include "cryptohi.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nsspki.h"
-#include "pkitm.h"
-#include "pkim.h"
-#include "pki3hack.h"
-#include "base.h"
-
-#define PENDING_SLOP (24L*60L*60L)
-
-/*
- * WARNING - this function is depricated, and will go away in the near future.
- * It has been superseded by CERT_CheckCertValidTimes().
- *
- * Check the validity times of a certificate
- */
-SECStatus
-CERT_CertTimesValid(CERTCertificate *c)
-{
- int64 now, notBefore, notAfter, pendingSlop;
- SECStatus rv;
-
- /* if cert is already marked OK, then don't bother to check */
- if ( c->timeOK ) {
- return(SECSuccess);
- }
-
- /* get current UTC time */
- now = PR_Now();
- rv = CERT_GetCertTimes(c, &notBefore, &notAfter);
-
- if (rv) {
- return(SECFailure);
- }
-
- LL_I2L(pendingSlop, PENDING_SLOP);
- LL_SUB(notBefore, notBefore, pendingSlop);
-
- if (LL_CMP(now, <, notBefore) || LL_CMP(now, >, notAfter)) {
- PORT_SetError(SEC_ERROR_EXPIRED_CERTIFICATE);
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-/*
- * verify the signature of a signed data object with the given certificate
- */
-SECStatus
-CERT_VerifySignedData(CERTSignedData *sd, CERTCertificate *cert,
- int64 t, void *wincx)
-{
- SECItem sig;
- SECKEYPublicKey *pubKey = 0;
- SECStatus rv;
- SECCertTimeValidity validity;
- SECOidTag algid;
-
- /* check the certificate's validity */
- validity = CERT_CheckCertValidTimes(cert, t, PR_FALSE);
- if ( validity != secCertTimeValid ) {
- return(SECFailure);
- }
-
- /* get cert's public key */
- pubKey = CERT_ExtractPublicKey(cert);
- if ( !pubKey ) {
- return(SECFailure);
- }
-
- /* check the signature */
- sig = sd->signature;
- DER_ConvertBitString(&sig);
-
- algid = SECOID_GetAlgorithmTag(&sd->signatureAlgorithm);
- rv = VFY_VerifyData(sd->data.data, sd->data.len, pubKey, &sig,
- algid, wincx);
-
- SECKEY_DestroyPublicKey(pubKey);
-
- if ( rv ) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-
-/*
- * This must only be called on a cert that is known to have an issuer
- * with an invalid time
- */
-CERTCertificate *
-CERT_FindExpiredIssuer(CERTCertDBHandle *handle, CERTCertificate *cert)
-{
- CERTCertificate *issuerCert = NULL;
- CERTCertificate *subjectCert;
- int count;
- SECStatus rv;
- SECComparison rvCompare;
-
- subjectCert = CERT_DupCertificate(cert);
- if ( subjectCert == NULL ) {
- goto loser;
- }
-
- for ( count = 0; count < CERT_MAX_CERT_CHAIN; count++ ) {
- /* find the certificate of the issuer */
- issuerCert = CERT_FindCertByName(handle, &subjectCert->derIssuer);
-
- if ( ! issuerCert ) {
- goto loser;
- }
-
- rv = CERT_CertTimesValid(issuerCert);
- if ( rv == SECFailure ) {
- /* this is the invalid issuer */
- CERT_DestroyCertificate(subjectCert);
- return(issuerCert);
- }
-
- /* make sure that the issuer is not self signed. If it is, then
- * stop here to prevent looping.
- */
- rvCompare = SECITEM_CompareItem(&issuerCert->derSubject,
- &issuerCert->derIssuer);
- if (rvCompare == SECEqual) {
- PORT_Assert(0); /* No expired issuer! */
- goto loser;
- }
- CERT_DestroyCertificate(subjectCert);
- subjectCert = issuerCert;
- }
-
-loser:
- if ( issuerCert ) {
- CERT_DestroyCertificate(issuerCert);
- }
-
- if ( subjectCert ) {
- CERT_DestroyCertificate(subjectCert);
- }
-
- return(NULL);
-}
-
-/* Software FORTEZZA installation hack. The software fortezza installer does
- * not have access to the krl and cert.db file. Accept FORTEZZA Certs without
- * KRL's in this case.
- */
-static int dont_use_krl = 0;
-/* not a public exposed function... */
-void sec_SetCheckKRLState(int value) { dont_use_krl = value; }
-
-SECStatus
-SEC_CheckKRL(CERTCertDBHandle *handle,SECKEYPublicKey *key,
- CERTCertificate *rootCert, int64 t, void * wincx)
-{
- CERTSignedCrl *crl = NULL;
- SECStatus rv = SECFailure;
- SECStatus rv2;
- CERTCrlEntry **crlEntry;
- SECCertTimeValidity validity;
- CERTCertificate *issuerCert = NULL;
-
- if (dont_use_krl) return SECSuccess;
-
- /* first look up the KRL */
- crl = SEC_FindCrlByName(handle,&rootCert->derSubject, SEC_KRL_TYPE);
- if (crl == NULL) {
- PORT_SetError(SEC_ERROR_NO_KRL);
- goto done;
- }
-
- /* get the issuing certificate */
- issuerCert = CERT_FindCertByName(handle, &crl->crl.derName);
- if (issuerCert == NULL) {
- PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
- goto done;
- }
-
-
- /* now verify the KRL signature */
- rv2 = CERT_VerifySignedData(&crl->signatureWrap, issuerCert, t, wincx);
- if (rv2 != SECSuccess) {
- PORT_SetError(SEC_ERROR_KRL_BAD_SIGNATURE);
- goto done;
- }
-
- /* Verify the date validity of the KRL */
- validity = SEC_CheckCrlTimes(&crl->crl, t);
- if (validity == secCertTimeExpired) {
- PORT_SetError(SEC_ERROR_KRL_EXPIRED);
- goto done;
- }
-
- /* now make sure the key in this cert is still valid */
- if (key->keyType != fortezzaKey) {
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
- goto done; /* This should be an assert? */
- }
-
- /* now make sure the key is not on the revocation list */
- for (crlEntry = crl->crl.entries; crlEntry && *crlEntry; crlEntry++) {
- if (PORT_Memcmp((*crlEntry)->serialNumber.data,
- key->u.fortezza.KMID,
- (*crlEntry)->serialNumber.len) == 0) {
- PORT_SetError(SEC_ERROR_REVOKED_KEY);
- goto done;
- }
- }
- rv = SECSuccess;
-
-done:
- if (issuerCert) CERT_DestroyCertificate(issuerCert);
- if (crl) SEC_DestroyCrl(crl);
- return rv;
-}
-
-SECStatus
-SEC_CheckCRL(CERTCertDBHandle *handle,CERTCertificate *cert,
- CERTCertificate *caCert, int64 t, void * wincx)
-{
- CERTSignedCrl *crl = NULL;
- SECStatus rv = SECSuccess;
- CERTCrlEntry **crlEntry;
- SECCertTimeValidity validity;
-
- /* first look up the CRL */
- crl = SEC_FindCrlByName(handle,&caCert->derSubject, SEC_CRL_TYPE);
- if (crl == NULL) {
- /* XXX for now no CRL is ok */
- goto done;
- }
-
- /* now verify the CRL signature */
- rv = CERT_VerifySignedData(&crl->signatureWrap, caCert, t, wincx);
- if (rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_CRL_BAD_SIGNATURE);
- rv = SECWouldBlock; /* Soft error, ask the user */
- goto done;
- }
-
- /* Verify the date validity of the KRL */
- validity = SEC_CheckCrlTimes(&crl->crl,t);
- if (validity == secCertTimeExpired) {
- PORT_SetError(SEC_ERROR_CRL_EXPIRED);
- rv = SECWouldBlock; /* Soft error, ask the user */
- } else if (validity == secCertTimeNotValidYet) {
- PORT_SetError(SEC_ERROR_CRL_NOT_YET_VALID);
- rv = SECWouldBlock; /* Soft error, ask the user */
- }
-
- /* now make sure the key is not on the revocation list */
- for (crlEntry = crl->crl.entries; crlEntry && *crlEntry; crlEntry++) {
- if (SECITEM_CompareItem(&(*crlEntry)->serialNumber,&cert->serialNumber) == SECEqual) {
- PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
- rv = SECFailure; /* cert is revoked */
- goto done;
- }
- }
-
-done:
- if (crl) SEC_DestroyCrl(crl);
- return rv;
-}
-
-/*
- * Find the issuer of a cert. Use the authorityKeyID if it exists.
- */
-CERTCertificate *
-CERT_FindCertIssuer(CERTCertificate *cert, int64 validTime, SECCertUsage usage)
-{
-#ifdef NSS_CLASSIC
- CERTAuthKeyID * authorityKeyID = NULL;
- CERTCertificate * issuerCert = NULL;
- SECItem * caName;
- PRArenaPool *tmpArena = NULL;
-
- tmpArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !tmpArena ) {
- goto loser;
- }
- authorityKeyID = CERT_FindAuthKeyIDExten(tmpArena,cert);
-
- if ( authorityKeyID != NULL ) {
- /* has the authority key ID extension */
- if ( authorityKeyID->keyID.data != NULL ) {
- /* extension contains a key ID, so lookup based on it */
- issuerCert = CERT_FindCertByKeyID(cert->dbhandle, &cert->derIssuer,
- &authorityKeyID->keyID);
- if ( issuerCert == NULL ) {
- PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
- goto loser;
- }
-
- } else if ( authorityKeyID->authCertIssuer != NULL ) {
- /* no key ID, so try issuer and serial number */
- caName = (SECItem*)CERT_GetGeneralNameByType(authorityKeyID->authCertIssuer,
- certDirectoryName, PR_TRUE);
-
- /*
- * caName is NULL when the authCertIssuer field is not
- * being used, or other name form is used instead.
- * If the directoryName format and serialNumber fields are
- * used, we use them to find the CA cert.
- * Note:
- * By the time it gets here, we known for sure that if the
- * authCertIssuer exists, then the authCertSerialNumber
- * must also exists (CERT_DecodeAuthKeyID() ensures this).
- * We don't need to check again.
- */
-
- if (caName != NULL) {
- CERTIssuerAndSN issuerSN;
-
- issuerSN.derIssuer.data = caName->data;
- issuerSN.derIssuer.len = caName->len;
- issuerSN.serialNumber.data =
- authorityKeyID->authCertSerialNumber.data;
- issuerSN.serialNumber.len =
- authorityKeyID->authCertSerialNumber.len;
- issuerCert = CERT_FindCertByIssuerAndSN(cert->dbhandle,
- &issuerSN);
- if ( issuerCert == NULL ) {
- PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
- goto loser;
- }
- }
- }
- }
- if ( issuerCert == NULL ) {
- /* if there is not authorityKeyID, then try to find the issuer */
- /* find a valid CA cert with correct usage */
- issuerCert = CERT_FindMatchingCert(cert->dbhandle,
- &cert->derIssuer,
- certOwnerCA, usage, PR_TRUE,
- validTime, PR_TRUE);
-
- /* if that fails, then fall back to grabbing any cert with right name*/
- if ( issuerCert == NULL ) {
- issuerCert = CERT_FindCertByName(cert->dbhandle, &cert->derIssuer);
- if ( issuerCert == NULL ) {
- PORT_SetError (SEC_ERROR_UNKNOWN_ISSUER);
- }
- }
- }
-
-loser:
- if (tmpArena != NULL) {
- PORT_FreeArena(tmpArena, PR_FALSE);
- tmpArena = NULL;
- }
-
- return(issuerCert);
-#else
- NSSCertificate *me;
- NSSTime *nssTime;
- NSSUsage nssUsage;
- NSSCertificate *chain[3];
- PRStatus status;
- me = STAN_GetNSSCertificate(cert);
- nssTime = NSSTime_SetPRTime(NULL, validTime);
- nssUsage.anyUsage = PR_FALSE;
- nssUsage.nss3usage = usage;
- nssUsage.nss3lookingForCA = PR_TRUE;
- memset(chain, 0, 3*sizeof(NSSCertificate *));
- (void)NSSCertificate_BuildChain(me, nssTime, &nssUsage, NULL,
- chain, 2, NULL, &status);
- nss_ZFreeIf(nssTime);
- if (status == PR_SUCCESS) {
- /* if it's a root, the chain will only have one cert */
- if (!chain[1]) {
- /* need to dupe since caller expects new cert */
- return CERT_DupCertificate(cert);
- } else {
- /* this is the only instance */
- return STAN_GetCERTCertificate(chain[1]);
- }
- }
- return NULL;
-#endif
-}
-
-/*
- * return required trust flags for various cert usages for CAs
- */
-SECStatus
-CERT_TrustFlagsForCACertUsage(SECCertUsage usage,
- unsigned int *retFlags,
- SECTrustType *retTrustType)
-{
- unsigned int requiredFlags;
- SECTrustType trustType;
-
- switch ( usage ) {
- case certUsageSSLClient:
- requiredFlags = CERTDB_TRUSTED_CLIENT_CA;
- trustType = trustSSL;
- break;
- case certUsageSSLServer:
- case certUsageSSLCA:
- requiredFlags = CERTDB_TRUSTED_CA;
- trustType = trustSSL;
- break;
- case certUsageSSLServerWithStepUp:
- requiredFlags = CERTDB_TRUSTED_CA | CERTDB_GOVT_APPROVED_CA;
- trustType = trustSSL;
- break;
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- requiredFlags = CERTDB_TRUSTED_CA;
- trustType = trustEmail;
- break;
- case certUsageObjectSigner:
- requiredFlags = CERTDB_TRUSTED_CA;
- trustType = trustObjectSigning;
- break;
- case certUsageVerifyCA:
- case certUsageAnyCA:
- case certUsageStatusResponder:
- requiredFlags = CERTDB_TRUSTED_CA;
- trustType = trustTypeNone;
- break;
- default:
- PORT_Assert(0);
- goto loser;
- }
- if ( retFlags != NULL ) {
- *retFlags = requiredFlags;
- }
- if ( retTrustType != NULL ) {
- *retTrustType = trustType;
- }
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-
-
-
-
-static void
-AddToVerifyLog(CERTVerifyLog *log, CERTCertificate *cert, unsigned long error,
- unsigned int depth, void *arg)
-{
- CERTVerifyLogNode *node, *tnode;
-
- PORT_Assert(log != NULL);
-
- node = (CERTVerifyLogNode *)PORT_ArenaAlloc(log->arena,
- sizeof(CERTVerifyLogNode));
- if ( node != NULL ) {
- node->cert = CERT_DupCertificate(cert);
- node->error = error;
- node->depth = depth;
- node->arg = arg;
-
- if ( log->tail == NULL ) {
- /* empty list */
- log->head = log->tail = node;
- node->prev = NULL;
- node->next = NULL;
- } else if ( depth >= log->tail->depth ) {
- /* add to tail */
- node->prev = log->tail;
- log->tail->next = node;
- log->tail = node;
- node->next = NULL;
- } else if ( depth < log->head->depth ) {
- /* add at head */
- node->prev = NULL;
- node->next = log->head;
- log->head->prev = node;
- log->head = node;
- } else {
- /* add in middle */
- tnode = log->tail;
- while ( tnode != NULL ) {
- if ( depth >= tnode->depth ) {
- /* insert after tnode */
- node->prev = tnode;
- node->next = tnode->next;
- tnode->next->prev = node;
- tnode->next = node;
- break;
- }
-
- tnode = tnode->prev;
- }
- }
-
- log->count++;
- }
- return;
-}
-
-#define EXIT_IF_NOT_LOGGING(log) \
- if ( log == NULL ) { \
- goto loser; \
- }
-
-#define LOG_ERROR_OR_EXIT(log,cert,depth,arg) \
- if ( log != NULL ) { \
- AddToVerifyLog(log, cert, PORT_GetError(), depth, (void *)arg); \
- } else { \
- goto loser; \
- }
-
-#define LOG_ERROR(log,cert,depth,arg) \
- if ( log != NULL ) { \
- AddToVerifyLog(log, cert, PORT_GetError(), depth, (void *)arg); \
- }
-
-
-
-
-SECStatus
-CERT_VerifyCertChain(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, int64 t,
- void *wincx, CERTVerifyLog *log)
-{
- SECTrustType trustType;
- CERTBasicConstraints basicConstraint;
- CERTCertificate *issuerCert = NULL;
- CERTCertificate *subjectCert = NULL;
- CERTCertificate *badCert = NULL;
- PRBool isca;
- PRBool isFortezzaV1 = PR_FALSE;
- SECStatus rv;
- SECComparison rvCompare;
- SECStatus rvFinal = SECSuccess;
- int count;
- int currentPathLen = -1;
- int flags;
- unsigned int caCertType;
- unsigned int requiredCAKeyUsage;
- unsigned int requiredFlags;
- PRArenaPool *arena = NULL;
- CERTGeneralName *namesList = NULL;
- CERTGeneralName *subjectNameList = NULL;
- SECItem *namesIndex = NULL;
- int namesIndexLen = 10;
- int namesCount = 0;
-
- enum { cbd_None, cbd_User, cbd_CA } last_type = cbd_None;
- SECKEYPublicKey *key;
-
- if (CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_TRUE,
- &requiredCAKeyUsage,
- &caCertType)
- != SECSuccess ) {
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredCAKeyUsage = 0;
- caCertType = 0;
- }
-
- switch ( certUsage ) {
- case certUsageSSLClient:
- case certUsageSSLServer:
- case certUsageSSLCA:
- case certUsageSSLServerWithStepUp:
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- case certUsageObjectSigner:
- case certUsageVerifyCA:
- case certUsageStatusResponder:
- if ( CERT_TrustFlagsForCACertUsage(certUsage, &requiredFlags,
- &trustType) != SECSuccess ) {
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredFlags = 0;
- trustType = trustSSL;
- }
- break;
- default:
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredFlags = 0;
- trustType = trustSSL;/* This used to be 0, but we need something
- * that matches the enumeration type.
- */
- caCertType = 0;
- }
-
- subjectCert = CERT_DupCertificate(cert);
- if ( subjectCert == NULL ) {
- goto loser;
- }
-
- /* determine if the cert is fortezza. Getting the key is an easy
- * way to determine it, especially since we need to get the privillege
- * from the key anyway.
- */
- key = CERT_ExtractPublicKey(cert);
-
- if (key != NULL) {
- isFortezzaV1 = (PRBool)(key->keyType == fortezzaKey);
-
- /* find out what type of cert we are starting with */
- if (isFortezzaV1) {
- unsigned char priv = 0;;
-
- rv = SEC_CheckKRL(handle, key, NULL, t, wincx);
- if (rv == SECFailure) {
- /**** PORT_SetError is already set by SEC_CheckKRL **/
- SECKEY_DestroyPublicKey(key);
- /**** Bob - should we log and continue when logging? **/
- LOG_ERROR(log,subjectCert,0,0);
- goto loser;
- }
-
- if (key->u.fortezza.DSSpriviledge.len > 0) {
- priv = key->u.fortezza.DSSpriviledge.data[0];
- }
-
- last_type = (priv & 0x30) ? cbd_CA : cbd_User;
- }
-
- SECKEY_DestroyPublicKey(key);
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
-
- namesIndex = (SECItem *) PORT_ZAlloc(sizeof(SECItem) * namesIndexLen);
- if (namesIndex == NULL) {
- goto loser;
- }
-
- for ( count = 0; count < CERT_MAX_CERT_CHAIN; count++ ) {
- int subjectNameListLen;
- int i;
-
- /* Construct a list of names for the current and all previous certifcates
- to be verified against the name constraints extension of the issuer
- certificate. */
- subjectNameList = CERT_GetCertificateNames(subjectCert, arena);
- subjectNameListLen = CERT_GetNamesLength(subjectNameList);
- for (i = 0; i < subjectNameListLen; i++) {
- if (namesIndexLen < namesCount + i) {
- namesIndexLen = namesIndexLen * 2;
- namesIndex = (SECItem *) PORT_Realloc(namesIndex, namesIndexLen *
- sizeof(SECItem));
- if (namesIndex == NULL) {
- goto loser;
- }
- }
- rv = SECITEM_CopyItem(arena, &(namesIndex[namesCount + i]), &(subjectCert->derSubject));
- }
- namesCount += subjectNameListLen;
- namesList = cert_CombineNamesLists(namesList, subjectNameList);
-
- /* find the certificate of the issuer */
- issuerCert = CERT_FindCertIssuer(subjectCert, t, certUsage);
- if ( ! issuerCert ) {
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- LOG_ERROR(log,subjectCert,count,0);
- goto loser;
- }
-
- /* verify the signature on the cert */
- if ( checkSig ) {
- rv = CERT_VerifySignedData(&subjectCert->signatureWrap,
- issuerCert, t, wincx);
-
- if ( rv != SECSuccess ) {
- if ( PORT_GetError() == SEC_ERROR_EXPIRED_CERTIFICATE ) {
- PORT_SetError(SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- } else {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- LOG_ERROR_OR_EXIT(log,subjectCert,count,0);
- }
- }
- }
-
- /*
- * XXX - fortezza may need error logging stuff added
- */
- if (isFortezzaV1) {
- unsigned char priv = 0;
-
- /* read the key */
- key = CERT_ExtractPublicKey(issuerCert);
-
- /* Cant' get Key? fail. */
- if (key == NULL) {
- PORT_SetError(SEC_ERROR_BAD_KEY);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- goto fortezzaDone;
- }
-
-
- /* if the issuer is not an old fortezza cert, we bail */
- if (key->keyType != fortezzaKey) {
- SECKEY_DestroyPublicKey(key);
- /* CA Cert not fortezza */
- PORT_SetError(SEC_ERROR_NOT_FORTEZZA_ISSUER);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- goto fortezzaDone;
- }
-
- /* get the privilege mask */
- if (key->u.fortezza.DSSpriviledge.len > 0) {
- priv = key->u.fortezza.DSSpriviledge.data[0];
- }
-
- /*
- * make sure the CA's keys are OK
- */
-
- rv = SEC_CheckKRL(handle, key, NULL, t, wincx);
- if (rv != SECSuccess) {
- SECKEY_DestroyPublicKey(key);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- goto fortezzaDone;
- /** fall through looking for more stuff **/
- } else {
- SECKEY_DestroyPublicKey(key);
- }
-
- switch (last_type) {
- case cbd_User:
- /* first check for subordination */
- /*rv = FortezzaSubordinateCheck(cert,issuerCert);*/
- rv = SECSuccess;
-
- /* now check for issuer privilege */
- if ((rv != SECSuccess) || ((priv & 0x10) == 0)) {
- /* bail */
- PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- }
- break;
- case cbd_CA:
- case cbd_None:
- if ((priv & 0x20) == 0) {
- /* bail */
- PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- }
- break;
- default:
- /* bail */ /* shouldn't ever happen */
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- }
-
-fortezzaDone:
- last_type = cbd_CA;
- }
-
- /* If the basicConstraint extension is included in an immediate CA
- * certificate, make sure that the isCA flag is on. If the
- * pathLenConstraint component exists, it must be greater than the
- * number of CA certificates we have seen so far. If the extension
- * is omitted, we will assume that this is a CA certificate with
- * an unlimited pathLenConstraint (since it already passes the
- * netscape-cert-type extension checking).
- *
- * In the fortezza (V1) case, we've already checked the CA bits
- * in the key, so we're presumed to be a CA; however we really don't
- * want to bypass Basic constraint or netscape extension parsing.
- *
- * In Fortezza V2, basicConstraint will be set for every CA,PCA,PAA
- */
-
- rv = CERT_FindBasicConstraintExten(issuerCert, &basicConstraint);
- if ( rv != SECSuccess ) {
- if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND) {
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- } else {
- currentPathLen = CERT_UNLIMITED_PATH_CONSTRAINT;
- }
- /* no basic constraints found, if we're fortezza, CA bit is already
- * verified (isca = PR_TRUE). otherwise, we aren't (yet) a ca
- * isca = PR_FALSE */
- isca = isFortezzaV1;
- } else {
- if ( basicConstraint.isCA == PR_FALSE ) {
- PORT_SetError (SEC_ERROR_CA_CERT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- }
-
- /* make sure that the path len constraint is properly set.
- */
- if ( basicConstraint.pathLenConstraint ==
- CERT_UNLIMITED_PATH_CONSTRAINT ) {
- currentPathLen = CERT_UNLIMITED_PATH_CONSTRAINT;
- } else if ( currentPathLen == CERT_UNLIMITED_PATH_CONSTRAINT ) {
- /* error if the previous CA's path length constraint is
- * unlimited but its CA's path is not.
- */
- PORT_SetError (SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,basicConstraint.pathLenConstraint);
- } else if (basicConstraint.pathLenConstraint > currentPathLen) {
- currentPathLen = basicConstraint.pathLenConstraint;
- } else {
- PORT_SetError (SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,basicConstraint.pathLenConstraint);
- }
-
- isca = PR_TRUE;
- }
-
- /* XXX - the error logging may need to go down into CRL stuff at some
- * point
- */
- /* check revoked list (issuer) */
- rv = SEC_CheckCRL(handle, subjectCert, issuerCert, t, wincx);
- if (rv == SECFailure) {
- LOG_ERROR_OR_EXIT(log,subjectCert,count,0);
- } else if (rv == SECWouldBlock) {
- /* We found something fishy, so we intend to issue an
- * error to the user, but the user may wish to continue
- * processing, in which case we better make sure nothing
- * worse has happened... so keep cranking the loop */
- rvFinal = SECFailure;
- LOG_ERROR(log,subjectCert,count,0);
- }
-
-
- if ( issuerCert->trust ) {
- /*
- * check the trust parms of the issuer
- */
- if ( certUsage == certUsageVerifyCA ) {
- if ( subjectCert->nsCertType & NS_CERT_TYPE_EMAIL_CA ) {
- trustType = trustEmail;
- } else if ( subjectCert->nsCertType & NS_CERT_TYPE_SSL_CA ) {
- trustType = trustSSL;
- } else {
- trustType = trustObjectSigning;
- }
- }
-
- flags = SEC_GET_TRUST_FLAGS(issuerCert->trust, trustType);
-
- if ( (flags & CERTDB_VALID_CA) ||
- (certUsage == certUsageStatusResponder)) {
- if ( ( flags & requiredFlags ) == requiredFlags ||
- certUsage == certUsageStatusResponder ) {
- /* we found a trusted one, so return */
- rv = rvFinal;
- goto done;
- }
- }
- }
-
- /*
- * Make sure that if this is an intermediate CA in the chain that
- * it was given permission by its signer to be a CA.
- */
- if ( isca ) {
- /*
- * if basicConstraints says it is a ca, then we check the
- * nsCertType. If the nsCertType has any CA bits set, then
- * it must have the right one.
- */
- if ( issuerCert->nsCertType & NS_CERT_TYPE_CA ) {
- if ( issuerCert->nsCertType & caCertType ) {
- isca = PR_TRUE;
- } else {
- isca = PR_FALSE;
- }
- }
- } else {
- if ( issuerCert->nsCertType & caCertType ) {
- isca = PR_TRUE;
- } else {
- isca = PR_FALSE;
- }
- }
-
- if ( !isca ) {
- PORT_SetError(SEC_ERROR_CA_CERT_INVALID);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,0);
- }
-
- /* make sure key usage allows cert signing */
- if (CERT_CheckKeyUsage(issuerCert, requiredCAKeyUsage) != SECSuccess) {
- PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
- LOG_ERROR_OR_EXIT(log,issuerCert,count+1,requiredCAKeyUsage);
- }
- /* make sure that the entire chain is within the name space of the current issuer
- * certificate.
- */
-
- badCert = CERT_CompareNameSpace(issuerCert, namesList, namesIndex, arena, handle);
- if (badCert != NULL) {
- PORT_SetError(SEC_ERROR_CERT_NOT_IN_NAME_SPACE);
- LOG_ERROR_OR_EXIT(log, badCert, count + 1, 0);
- goto loser;
- }
- /* make sure that the issuer is not self signed. If it is, then
- * stop here to prevent looping.
- */
- rvCompare = SECITEM_CompareItem(&issuerCert->derSubject,
- &issuerCert->derIssuer);
- if (rvCompare == SECEqual) {
- PORT_SetError(SEC_ERROR_UNTRUSTED_ISSUER);
- LOG_ERROR(log, issuerCert, count+1, 0);
- goto loser;
- }
-
- CERT_DestroyCertificate(subjectCert);
- subjectCert = issuerCert;
- }
-
- subjectCert = NULL;
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- LOG_ERROR(log,issuerCert,count,0);
-loser:
- rv = SECFailure;
-done:
- if (namesIndex != NULL) {
- PORT_Free(namesIndex);
- }
- if ( issuerCert ) {
- CERT_DestroyCertificate(issuerCert);
- }
-
- if ( subjectCert ) {
- CERT_DestroyCertificate(subjectCert);
- }
-
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return rv;
-}
-
-/*
- * verify a certificate by checking if its valid and that we
- * trust the issuer.
- * Note that this routine does not verify the signature of the certificate.
- */
-SECStatus
-CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, int64 t,
- void *wincx, CERTVerifyLog *log)
-{
- SECStatus rv;
- unsigned int requiredKeyUsage;
- unsigned int requiredCertType;
- unsigned int flags;
- unsigned int certType;
- PRBool allowOverride;
- SECCertTimeValidity validity;
- CERTStatusConfig *statusConfig;
-
-#ifdef notdef
- /* check if this cert is in the Evil list */
- rv = CERT_CheckForEvilCert(cert);
- if ( rv != SECSuccess ) {
- PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
- LOG_ERROR_OR_EXIT(log,cert,0,0);
- }
-#endif
-
- /* make sure that the cert is valid at time t */
- allowOverride = (PRBool)((certUsage == certUsageSSLServer) ||
- (certUsage == certUsageSSLServerWithStepUp));
- validity = CERT_CheckCertValidTimes(cert, t, allowOverride);
- if ( validity != secCertTimeValid ) {
- LOG_ERROR_OR_EXIT(log,cert,0,validity);
- }
-
- /* check key usage and netscape cert type */
- CERT_GetCertType(cert);
- certType = cert->nsCertType;
- switch ( certUsage ) {
- case certUsageSSLClient:
- case certUsageSSLServer:
- case certUsageSSLServerWithStepUp:
- case certUsageSSLCA:
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- case certUsageObjectSigner:
- case certUsageStatusResponder:
- rv = CERT_KeyUsageAndTypeForCertUsage(certUsage, PR_FALSE,
- &requiredKeyUsage,
- &requiredCertType);
- if ( rv != SECSuccess ) {
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredKeyUsage = 0;
- requiredCertType = 0;
- }
- break;
- case certUsageVerifyCA:
- requiredKeyUsage = KU_KEY_CERT_SIGN;
- requiredCertType = NS_CERT_TYPE_CA;
- if ( ! ( certType & NS_CERT_TYPE_CA ) ) {
- certType |= NS_CERT_TYPE_CA;
- }
- break;
- default:
- PORT_Assert(0);
- EXIT_IF_NOT_LOGGING(log);
- requiredKeyUsage = 0;
- requiredCertType = 0;
- }
- if ( CERT_CheckKeyUsage(cert, requiredKeyUsage) != SECSuccess ) {
- PORT_SetError(SEC_ERROR_INADEQUATE_KEY_USAGE);
- LOG_ERROR_OR_EXIT(log,cert,0,requiredKeyUsage);
- }
- if ( !( certType & requiredCertType ) ) {
- PORT_SetError(SEC_ERROR_INADEQUATE_CERT_TYPE);
- LOG_ERROR_OR_EXIT(log,cert,0,requiredCertType);
- }
-
- /* check trust flags to see if this cert is directly trusted */
- if ( cert->trust ) { /* the cert is in the DB */
- switch ( certUsage ) {
- case certUsageSSLClient:
- case certUsageSSLServer:
- flags = cert->trust->sslFlags;
-
- /* is the cert directly trusted or not trusted ? */
- if ( flags & CERTDB_VALID_PEER ) {/*the trust record is valid*/
- if ( flags & CERTDB_TRUSTED ) { /* trust this cert */
- goto winner;
- } else { /* don't trust this cert */
- PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
- LOG_ERROR_OR_EXIT(log,cert,0,flags);
- }
- }
- break;
- case certUsageSSLServerWithStepUp:
- /* XXX - step up certs can't be directly trusted */
- break;
- case certUsageSSLCA:
- break;
- case certUsageEmailSigner:
- case certUsageEmailRecipient:
- flags = cert->trust->emailFlags;
-
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_PEER | CERTDB_TRUSTED ) ) ==
- ( CERTDB_VALID_PEER | CERTDB_TRUSTED ) ) {
- goto winner;
- }
- break;
- case certUsageObjectSigner:
- flags = cert->trust->objectSigningFlags;
-
- /* is the cert directly trusted or not trusted ? */
- if ( flags & CERTDB_VALID_PEER ) {/*the trust record is valid*/
- if ( flags & CERTDB_TRUSTED ) { /* trust this cert */
- goto winner;
- } else { /* don't trust this cert */
- PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
- LOG_ERROR_OR_EXIT(log,cert,0,flags);
- }
- }
- break;
- case certUsageVerifyCA:
- case certUsageStatusResponder:
- flags = cert->trust->sslFlags;
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
- ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
- goto winner;
- }
- flags = cert->trust->emailFlags;
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
- ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
- goto winner;
- }
- flags = cert->trust->objectSigningFlags;
- /* is the cert directly trusted or not trusted ? */
- if ( ( flags & ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) ==
- ( CERTDB_VALID_CA | CERTDB_TRUSTED_CA ) ) {
- goto winner;
- }
- break;
- case certUsageAnyCA:
- case certUsageProtectedObjectSigner:
- case certUsageUserCertImport:
- /* XXX to make the compiler happy. Should these be
- * explicitly handled?
- */
- break;
- }
- }
-
- rv = CERT_VerifyCertChain(handle, cert, checkSig, certUsage,
- t, wincx, log);
- if (rv != SECSuccess) {
- EXIT_IF_NOT_LOGGING(log);
- }
-
- /*
- * Check revocation status, but only if the cert we are checking
- * is not a status reponder itself. We only do this in the case
- * where we checked the cert chain (above); explicit trust "wins"
- * (avoids status checking, just as it avoids CRL checking, which
- * is all done inside VerifyCertChain) by bypassing this code.
- */
- statusConfig = CERT_GetStatusConfig(handle);
- if (certUsage != certUsageStatusResponder && statusConfig != NULL) {
- if (statusConfig->statusChecker != NULL) {
- rv = (* statusConfig->statusChecker)(handle, cert,
- t, wincx);
- if (rv != SECSuccess) {
- LOG_ERROR_OR_EXIT(log,cert,0,0);
- }
- }
- }
-
-winner:
- return(SECSuccess);
-
-loser:
- rv = SECFailure;
-
- return(rv);
-}
-
-/*
- * verify a certificate by checking if its valid and that we
- * trust the issuer. Verify time against now.
- */
-SECStatus
-CERT_VerifyCertNow(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool checkSig, SECCertUsage certUsage, void *wincx)
-{
- return(CERT_VerifyCert(handle, cert, checkSig,
- certUsage, PR_Now(), wincx, NULL));
-}
-
-/* [ FROM pcertdb.c ] */
-/*
- * Supported usage values and types:
- * certUsageSSLClient
- * certUsageSSLServer
- * certUsageSSLServerWithStepUp
- * certUsageEmailSigner
- * certUsageEmailRecipient
- * certUsageObjectSigner
- */
-
-CERTCertificate *
-CERT_FindMatchingCert(CERTCertDBHandle *handle, SECItem *derName,
- CERTCertOwner owner, SECCertUsage usage,
- PRBool preferTrusted, int64 validTime, PRBool validOnly)
-{
- CERTCertList *certList = NULL;
- CERTCertificate *cert = NULL;
- unsigned int requiredTrustFlags;
- SECTrustType requiredTrustType;
- unsigned int flags;
-
- PRBool lookingForCA = PR_FALSE;
- SECStatus rv;
- CERTCertListNode *node;
- CERTCertificate *saveUntrustedCA = NULL;
-
- /* if preferTrusted is set, must be a CA cert */
- PORT_Assert( ! ( preferTrusted && ( owner != certOwnerCA ) ) );
-
- if ( owner == certOwnerCA ) {
- lookingForCA = PR_TRUE;
- if ( preferTrusted ) {
- rv = CERT_TrustFlagsForCACertUsage(usage, &requiredTrustFlags,
- &requiredTrustType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- requiredTrustFlags |= CERTDB_VALID_CA;
- }
- }
-
- certList = CERT_CreateSubjectCertList(NULL, handle, derName, validTime,
- validOnly);
- if ( certList != NULL ) {
- rv = CERT_FilterCertListByUsage(certList, usage, lookingForCA);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- node = CERT_LIST_HEAD(certList);
-
- while ( !CERT_LIST_END(node, certList) ) {
- cert = node->cert;
-
- /* looking for a trusted CA cert */
- if ( ( owner == certOwnerCA ) && preferTrusted &&
- ( requiredTrustType != trustTypeNone ) ) {
-
- if ( cert->trust == NULL ) {
- flags = 0;
- } else {
- flags = SEC_GET_TRUST_FLAGS(cert->trust, requiredTrustType);
- }
-
- if ( ( flags & requiredTrustFlags ) != requiredTrustFlags ) {
- /* cert is not trusted */
- /* if this is the first cert to get this far, then save
- * it, so we can use it if we can't find a trusted one
- */
- if ( saveUntrustedCA == NULL ) {
- saveUntrustedCA = cert;
- }
- goto endloop;
- }
- }
- /* if we got this far, then this cert meets all criteria */
- break;
-
-endloop:
- node = CERT_LIST_NEXT(node);
- cert = NULL;
- }
-
- /* use the saved one if we have it */
- if ( cert == NULL ) {
- cert = saveUntrustedCA;
- }
-
- /* if we found one then bump the ref count before freeing the list */
- if ( cert != NULL ) {
- /* bump the ref count */
- cert = CERT_DupCertificate(cert);
- }
-
- CERT_DestroyCertList(certList);
- }
-
- return(cert);
-
-loser:
- if ( certList != NULL ) {
- CERT_DestroyCertList(certList);
- }
-
- return(NULL);
-}
-
-
-/* [ From certdb.c ] */
-/*
- * Filter a list of certificates, removing those certs that do not have
- * one of the named CA certs somewhere in their cert chain.
- *
- * "certList" - the list of certificates to filter
- * "nCANames" - number of CA names
- * "caNames" - array of CA names in string(rfc 1485) form
- * "usage" - what use the certs are for, this is used when
- * selecting CA certs
- */
-SECStatus
-CERT_FilterCertListByCANames(CERTCertList *certList, int nCANames,
- char **caNames, SECCertUsage usage)
-{
- CERTCertificate *issuerCert = NULL;
- CERTCertificate *subjectCert;
- CERTCertListNode *node, *freenode;
- CERTCertificate *cert;
- int n;
- char **names;
- PRBool found;
- int64 time;
-
- if ( nCANames <= 0 ) {
- return(SECSuccess);
- }
-
- time = PR_Now();
-
- node = CERT_LIST_HEAD(certList);
-
- while ( ! CERT_LIST_END(node, certList) ) {
- cert = node->cert;
-
- subjectCert = CERT_DupCertificate(cert);
-
- /* traverse the CA certs for this cert */
- found = PR_FALSE;
- while ( subjectCert != NULL ) {
- n = nCANames;
- names = caNames;
-
- if (subjectCert->issuerName != NULL) {
- while ( n > 0 ) {
- if ( PORT_Strcmp(*names, subjectCert->issuerName) == 0 ) {
- found = PR_TRUE;
- break;
- }
-
- n--;
- names++;
- }
- }
-
- if ( found ) {
- break;
- }
-
- issuerCert = CERT_FindCertIssuer(subjectCert, time, usage);
- if ( issuerCert == subjectCert ) {
- CERT_DestroyCertificate(issuerCert);
- issuerCert = NULL;
- break;
- }
- CERT_DestroyCertificate(subjectCert);
- subjectCert = issuerCert;
-
- }
- CERT_DestroyCertificate(subjectCert);
- if ( !found ) {
- /* CA was not found, so remove this cert from the list */
- freenode = node;
- node = CERT_LIST_NEXT(node);
- CERT_RemoveCertListNode(freenode);
- } else {
- /* CA was found, so leave it in the list */
- node = CERT_LIST_NEXT(node);
- }
- }
-
- return(SECSuccess);
-}
-
-/*
- * Given a certificate, return a string containing the nickname, and possibly
- * one of the validity strings, based on the current validity state of the
- * certificate.
- *
- * "arena" - arena to allocate returned string from. If NULL, then heap
- * is used.
- * "cert" - the cert to get nickname from
- * "expiredString" - the string to append to the nickname if the cert is
- * expired.
- * "notYetGoodString" - the string to append to the nickname if the cert is
- * not yet good.
- */
-char *
-CERT_GetCertNicknameWithValidity(PRArenaPool *arena, CERTCertificate *cert,
- char *expiredString, char *notYetGoodString)
-{
- SECCertTimeValidity validity;
- char *nickname, *tmpstr;
-
- validity = CERT_CheckCertValidTimes(cert, PR_Now(), PR_FALSE);
-
- /* if the cert is good, then just use the nickname directly */
- if ( validity == secCertTimeValid ) {
- if ( arena == NULL ) {
- nickname = PORT_Strdup(cert->nickname);
- } else {
- nickname = PORT_ArenaStrdup(arena, cert->nickname);
- }
-
- if ( nickname == NULL ) {
- goto loser;
- }
- } else {
-
- /* if the cert is not valid, then tack one of the strings on the
- * end
- */
- if ( validity == secCertTimeExpired ) {
- tmpstr = PR_smprintf("%s%s", cert->nickname,
- expiredString);
- } else {
- /* not yet valid */
- tmpstr = PR_smprintf("%s%s", cert->nickname,
- notYetGoodString);
- }
- if ( tmpstr == NULL ) {
- goto loser;
- }
-
- if ( arena ) {
- /* copy the string into the arena and free the malloc'd one */
- nickname = PORT_ArenaStrdup(arena, tmpstr);
- PORT_Free(tmpstr);
- } else {
- nickname = tmpstr;
- }
- if ( nickname == NULL ) {
- goto loser;
- }
- }
- return(nickname);
-
-loser:
- return(NULL);
-}
-
-/*
- * Collect the nicknames from all certs in a CertList. If the cert is not
- * valid, append a string to that nickname.
- *
- * "certList" - the list of certificates
- * "expiredString" - the string to append to the nickname of any expired cert
- * "notYetGoodString" - the string to append to the nickname of any cert
- * that is not yet valid
- */
-CERTCertNicknames *
-CERT_NicknameStringsFromCertList(CERTCertList *certList, char *expiredString,
- char *notYetGoodString)
-{
- CERTCertNicknames *names;
- PRArenaPool *arena;
- CERTCertListNode *node;
- char **nn;
-
- /* allocate an arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return(NULL);
- }
-
- /* allocate the structure */
- names = PORT_ArenaAlloc(arena, sizeof(CERTCertNicknames));
- if ( names == NULL ) {
- goto loser;
- }
-
- /* init the structure */
- names->arena = arena;
- names->head = NULL;
- names->numnicknames = 0;
- names->nicknames = NULL;
- names->totallen = 0;
-
- /* count the certs in the list */
- node = CERT_LIST_HEAD(certList);
- while ( ! CERT_LIST_END(node, certList) ) {
- names->numnicknames++;
- node = CERT_LIST_NEXT(node);
- }
-
- /* allocate nicknames array */
- names->nicknames = PORT_ArenaAlloc(arena,
- sizeof(char *) * names->numnicknames);
- if ( names->nicknames == NULL ) {
- goto loser;
- }
-
- /* just in case printf can't deal with null strings */
- if (expiredString == NULL ) {
- expiredString = "";
- }
-
- if ( notYetGoodString == NULL ) {
- notYetGoodString = "";
- }
-
- /* traverse the list of certs and collect the nicknames */
- nn = names->nicknames;
- node = CERT_LIST_HEAD(certList);
- while ( ! CERT_LIST_END(node, certList) ) {
- *nn = CERT_GetCertNicknameWithValidity(arena, node->cert,
- expiredString,
- notYetGoodString);
- if ( *nn == NULL ) {
- goto loser;
- }
-
- names->totallen += PORT_Strlen(*nn);
-
- nn++;
- node = CERT_LIST_NEXT(node);
- }
-
- return(names);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(NULL);
-}
-
-/*
- * Extract the nickname from a nickmake string that may have either
- * expiredString or notYetGoodString appended.
- *
- * Args:
- * "namestring" - the string containing the nickname, and possibly
- * one of the validity label strings
- * "expiredString" - the expired validity label string
- * "notYetGoodString" - the not yet good validity label string
- *
- * Returns the raw nickname
- */
-char *
-CERT_ExtractNicknameString(char *namestring, char *expiredString,
- char *notYetGoodString)
-{
- int explen, nyglen, namelen;
- int retlen;
- char *retstr;
-
- namelen = PORT_Strlen(namestring);
- explen = PORT_Strlen(expiredString);
- nyglen = PORT_Strlen(notYetGoodString);
-
- if ( namelen > explen ) {
- if ( PORT_Strcmp(expiredString, &namestring[namelen-explen]) == 0 ) {
- retlen = namelen - explen;
- retstr = (char *)PORT_Alloc(retlen+1);
- if ( retstr == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(retstr, namestring, retlen);
- retstr[retlen] = '\0';
- goto done;
- }
- }
-
- if ( namelen > nyglen ) {
- if ( PORT_Strcmp(notYetGoodString, &namestring[namelen-nyglen]) == 0) {
- retlen = namelen - nyglen;
- retstr = (char *)PORT_Alloc(retlen+1);
- if ( retstr == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(retstr, namestring, retlen);
- retstr[retlen] = '\0';
- goto done;
- }
- }
-
- /* if name string is shorter than either invalid string, then it must
- * be a raw nickname
- */
- retstr = PORT_Strdup(namestring);
-
-done:
- return(retstr);
-
-loser:
- return(NULL);
-}
-
-CERTCertList *
-CERT_GetCertChainFromCert(CERTCertificate *cert, int64 time, SECCertUsage usage)
-{
- CERTCertList *chain = NULL;
-
- if (NULL == cert) {
- return NULL;
- }
-
- cert = CERT_DupCertificate(cert);
- if (NULL == cert) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- chain = CERT_NewCertList();
- if (NULL == chain) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- while (cert != NULL) {
- if (SECSuccess != CERT_AddCertToListTail(chain, cert)) {
- /* return partial chain */
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return chain;
- }
-
- if (SECITEM_CompareItem(&cert->derIssuer, &cert->derSubject)
- == SECEqual) {
- /* return complete chain */
- return chain;
- }
-
- cert = CERT_FindCertIssuer(cert, time, usage);
- }
-
- /* return partial chain */
- PORT_SetError(SEC_ERROR_UNKNOWN_ISSUER);
- return chain;
-}
diff --git a/security/nss/lib/certhigh/config.mk b/security/nss/lib/certhigh/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/certhigh/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/certhigh/crlv2.c b/security/nss/lib/certhigh/crlv2.c
deleted file mode 100644
index 2600d9878..000000000
--- a/security/nss/lib/certhigh/crlv2.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Code for dealing with x.509 v3 crl and crl entries extensions.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secoidt.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "certxutl.h"
-
-SECStatus
-CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value)
-{
- return (cert_FindExtensionByOID (crl->extensions, oid, value));
-}
-
-
-SECStatus
-CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value)
-{
- return (cert_FindExtension (crl->extensions, tag, value));
-}
-
-
-/* Callback to set extensions and adjust verison */
-static void
-SetCrlExts(void *object, CERTCertExtension **exts)
-{
- CERTCrl *crl = (CERTCrl *)object;
-
- crl->extensions = exts;
- DER_SetUInteger (crl->arena, &crl->version, SEC_CRL_VERSION_2);
-}
-
-void *
-CERT_StartCRLExtensions(CERTCrl *crl)
-{
- return (cert_StartExtensions ((void *)crl, crl->arena, SetCrlExts));
-}
-
-
-SECStatus CERT_FindCRLNumberExten (CERTCrl *crl, CERTCrlNumber *value)
-{
- SECItem encodedExtenValue;
- SECStatus rv;
-
- encodedExtenValue.data = NULL;
- encodedExtenValue.len = 0;
-
- rv = cert_FindExtension
- (crl->extensions, SEC_OID_X509_CRL_NUMBER, &encodedExtenValue);
- if ( rv != SECSuccess )
- return (rv);
-
- rv = SEC_ASN1DecodeItem (NULL, value, SEC_IntegerTemplate,
- &encodedExtenValue);
- PORT_Free (encodedExtenValue.data);
- return (rv);
-}
-
-SECStatus CERT_FindCRLReasonExten (CERTCrl *crl, SECItem *value)
-{
- return (CERT_FindBitStringExtension
- (crl->extensions, SEC_OID_X509_REASON_CODE, value));
-}
-
-SECStatus CERT_FindInvalidDateExten (CERTCrl *crl, int64 *value)
-{
- SECItem encodedExtenValue;
- SECItem decodedExtenValue = {siBuffer,0};
- SECStatus rv;
-
- encodedExtenValue.data = decodedExtenValue.data = NULL;
- encodedExtenValue.len = decodedExtenValue.len = 0;
-
- rv = cert_FindExtension
- (crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue);
- if ( rv != SECSuccess )
- return (rv);
-
- rv = SEC_ASN1DecodeItem (NULL, &decodedExtenValue,
- SEC_GeneralizedTimeTemplate, &encodedExtenValue);
- if (rv != SECSuccess)
- return (rv);
- rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue);
- PORT_Free (decodedExtenValue.data);
- PORT_Free (encodedExtenValue.data);
- return (rv);
-}
diff --git a/security/nss/lib/certhigh/manifest.mn b/security/nss/lib/certhigh/manifest.mn
deleted file mode 100644
index d7d0a2247..000000000
--- a/security/nss/lib/certhigh/manifest.mn
+++ /dev/null
@@ -1,59 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- ocsp.h \
- ocspt.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- ocspti.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- certhtml.c \
- certreq.c \
- crlv2.c \
- ocsp.c \
- certhigh.c \
- certvfy.c \
- xcrldist.c \
- $(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = certhi
-
diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c
deleted file mode 100644
index 2dc75e474..000000000
--- a/security/nss/lib/certhigh/ocsp.c
+++ /dev/null
@@ -1,4075 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Implementation of OCSP services, for both client and server.
- * (XXX, really, mostly just for client right now, but intended to do both.)
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "prprf.h"
-#include "plarena.h"
-#include "prnetdb.h"
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "secoidt.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "cert.h"
-#include "xconst.h"
-#include "secerr.h"
-#include "secoid.h"
-#include "hasht.h"
-#include "sechash.h"
-#include "secasn1.h"
-#include "keyhi.h"
-#include "cryptohi.h"
-#include "ocsp.h"
-#include "ocspti.h"
-#include "genname.h"
-#include "certxutl.h"
-#include "pk11func.h" /* for PK11_HashBuf */
-#include <stdarg.h>
-
-
-/*
- * The following structure is only used internally. It is allocated when
- * someone turns on OCSP checking, and hangs off of the status-configuration
- * structure in the certdb structure. We use it to keep configuration
- * information specific to OCSP checking.
- */
-typedef struct ocspCheckingContextStr {
- PRBool useDefaultResponder;
- char *defaultResponderURI;
- char *defaultResponderNickname;
- CERTCertificate *defaultResponderCert;
-} ocspCheckingContext;
-
-
-/*
- * Forward declarations of sub-types, so I can lay out the types in the
- * same order as the ASN.1 is laid out in the OCSP spec itself.
- *
- * These are in alphabetical order (case-insensitive); please keep it that way!
- */
-extern const SEC_ASN1Template ocsp_CertIDTemplate[];
-extern const SEC_ASN1Template ocsp_PointerToSignatureTemplate[];
-extern const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[];
-extern const SEC_ASN1Template ocsp_ResponseDataTemplate[];
-extern const SEC_ASN1Template ocsp_RevokedInfoTemplate[];
-extern const SEC_ASN1Template ocsp_SingleRequestTemplate[];
-extern const SEC_ASN1Template ocsp_SingleResponseTemplate[];
-extern const SEC_ASN1Template ocsp_TBSRequestTemplate[];
-
-
-/*
- * Request-related templates...
- */
-
-/*
- * OCSPRequest ::= SEQUENCE {
- * tbsRequest TBSRequest,
- * optionalSignature [0] EXPLICIT Signature OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_OCSPRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTOCSPRequest) },
- { SEC_ASN1_POINTER,
- offsetof(CERTOCSPRequest, tbsRequest),
- ocsp_TBSRequestTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTOCSPRequest, optionalSignature),
- ocsp_PointerToSignatureTemplate },
- { 0 }
-};
-
-/*
- * TBSRequest ::= SEQUENCE {
- * version [0] EXPLICIT Version DEFAULT v1,
- * requestorName [1] EXPLICIT GeneralName OPTIONAL,
- * requestList SEQUENCE OF Request,
- * requestExtensions [2] EXPLICIT Extensions OPTIONAL }
- *
- * Version ::= INTEGER { v1(0) }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_TBSRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspTBSRequest) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | /* XXX DER_DEFAULT */
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspTBSRequest, version),
- SEC_IntegerTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(ocspTBSRequest, derRequestorName),
- SEC_PointerToAnyTemplate },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(ocspTBSRequest, requestList),
- ocsp_SingleRequestTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(ocspTBSRequest, requestExtensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-/*
- * Signature ::= SEQUENCE {
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING,
- * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_SignatureTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspSignature) },
- { SEC_ASN1_INLINE,
- offsetof(ocspSignature, signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(ocspSignature, signature) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspSignature, derCerts),
- SEC_SequenceOfAnyTemplate },
- { 0 }
-};
-
-/*
- * This template is just an extra level to use in an explicitly-tagged
- * reference to a Signature.
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_PointerToSignatureTemplate[] = {
- { SEC_ASN1_POINTER, 0, ocsp_SignatureTemplate }
-};
-
-/*
- * Request ::= SEQUENCE {
- * reqCert CertID,
- * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_SingleRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspSingleRequest) },
- { SEC_ASN1_POINTER,
- offsetof(ocspSingleRequest, reqCert),
- ocsp_CertIDTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspSingleRequest, singleRequestExtensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-
-/*
- * This data structure and template (CertID) is used by both OCSP
- * requests and responses. It is the only one that is shared.
- *
- * CertID ::= SEQUENCE {
- * hashAlgorithm AlgorithmIdentifier,
- * issuerNameHash OCTET STRING, -- Hash of Issuer DN
- * issuerKeyHash OCTET STRING, -- Hash of Issuer public key
- * serialNumber CertificateSerialNumber }
- *
- * CertificateSerialNumber ::= INTEGER
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_CertIDTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTOCSPCertID) },
- { SEC_ASN1_INLINE,
- offsetof(CERTOCSPCertID, hashAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTOCSPCertID, issuerNameHash) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CERTOCSPCertID, issuerKeyHash) },
- { SEC_ASN1_INTEGER,
- offsetof(CERTOCSPCertID, serialNumber) },
- { 0 }
-};
-
-
-/*
- * Response-related templates...
- */
-
-/*
- * OCSPResponse ::= SEQUENCE {
- * responseStatus OCSPResponseStatus,
- * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_OCSPResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTOCSPResponse) },
- { SEC_ASN1_ENUMERATED,
- offsetof(CERTOCSPResponse, responseStatus) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTOCSPResponse, responseBytes),
- ocsp_PointerToResponseBytesTemplate },
- { 0 }
-};
-
-/*
- * ResponseBytes ::= SEQUENCE {
- * responseType OBJECT IDENTIFIER,
- * response OCTET STRING }
- */
-static const SEC_ASN1Template ocsp_ResponseBytesTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspResponseBytes) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(ocspResponseBytes, responseType) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(ocspResponseBytes, response) },
- { 0 }
-};
-
-/*
- * This template is just an extra level to use in an explicitly-tagged
- * reference to a ResponseBytes.
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[] = {
- { SEC_ASN1_POINTER, 0, ocsp_ResponseBytesTemplate }
-};
-
-/*
- * BasicOCSPResponse ::= SEQUENCE {
- * tbsResponseData ResponseData,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING,
- * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_BasicOCSPResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspBasicOCSPResponse) },
- { SEC_ASN1_POINTER,
- offsetof(ocspBasicOCSPResponse, tbsResponseData),
- ocsp_ResponseDataTemplate },
- { SEC_ASN1_INLINE,
- offsetof(ocspBasicOCSPResponse, responseSignature.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(ocspBasicOCSPResponse, responseSignature.signature) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspBasicOCSPResponse, responseSignature.derCerts),
- SEC_SequenceOfAnyTemplate },
- { 0 }
-};
-
-/*
- * ResponseData ::= SEQUENCE {
- * version [0] EXPLICIT Version DEFAULT v1,
- * responderID ResponderID,
- * producedAt GeneralizedTime,
- * responses SEQUENCE OF SingleResponse,
- * responseExtensions [1] EXPLICIT Extensions OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_ResponseDataTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspResponseData) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | /* XXX DER_DEFAULT */
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspResponseData, version),
- SEC_IntegerTemplate },
- { SEC_ASN1_ANY,
- offsetof(ocspResponseData, derResponderID) },
- { SEC_ASN1_GENERALIZED_TIME,
- offsetof(ocspResponseData, producedAt) },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(ocspResponseData, responses),
- ocsp_SingleResponseTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(ocspResponseData, responseExtensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-/*
- * ResponderID ::= CHOICE {
- * byName [1] EXPLICIT Name,
- * byKey [2] EXPLICIT KeyHash }
- *
- * KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
- * (excluding the tag and length fields)
- *
- * XXX Because the ASN.1 encoder and decoder currently do not provide
- * a way to automatically handle a CHOICE, we need to do it in two
- * steps, looking at the type tag and feeding the exact choice back
- * to the ASN.1 code. Hopefully that will change someday and this
- * can all be simplified down into a single template. Anyway, for
- * now we list each choice as its own template:
- */
-static const SEC_ASN1Template ocsp_ResponderIDByNameTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(ocspResponderID, responderIDValue.name),
- CERT_NameTemplate }
-};
-static const SEC_ASN1Template ocsp_ResponderIDByKeyTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(ocspResponderID, responderIDValue.keyHash),
- SEC_OctetStringTemplate }
-};
-static const SEC_ASN1Template ocsp_ResponderIDOtherTemplate[] = {
- { SEC_ASN1_ANY,
- offsetof(ocspResponderID, responderIDValue.other) }
-};
-
-/*
- * SingleResponse ::= SEQUENCE {
- * certID CertID,
- * certStatus CertStatus,
- * thisUpdate GeneralizedTime,
- * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
- * singleExtensions [1] EXPLICIT Extensions OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_SingleResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTOCSPSingleResponse) },
- { SEC_ASN1_POINTER,
- offsetof(CERTOCSPSingleResponse, certID),
- ocsp_CertIDTemplate },
- { SEC_ASN1_ANY,
- offsetof(CERTOCSPSingleResponse, derCertStatus) },
- { SEC_ASN1_GENERALIZED_TIME,
- offsetof(CERTOCSPSingleResponse, thisUpdate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CERTOCSPSingleResponse, nextUpdate),
- SEC_PointerToGeneralizedTimeTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CERTOCSPSingleResponse, singleExtensions),
- CERT_SequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-/*
- * CertStatus ::= CHOICE {
- * good [0] IMPLICIT NULL,
- * revoked [1] IMPLICIT RevokedInfo,
- * unknown [2] IMPLICIT UnknownInfo }
- *
- * Because the ASN.1 encoder and decoder currently do not provide
- * a way to automatically handle a CHOICE, we need to do it in two
- * steps, looking at the type tag and feeding the exact choice back
- * to the ASN.1 code. Hopefully that will change someday and this
- * can all be simplified down into a single template. Anyway, for
- * now we list each choice as its own template:
- */
-static const SEC_ASN1Template ocsp_CertStatusGoodTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspCertStatus, certStatusInfo.goodInfo),
- SEC_NullTemplate }
-};
-static const SEC_ASN1Template ocsp_CertStatusRevokedTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(ocspCertStatus, certStatusInfo.revokedInfo),
- ocsp_RevokedInfoTemplate }
-};
-static const SEC_ASN1Template ocsp_CertStatusUnknownTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(ocspCertStatus, certStatusInfo.unknownInfo),
- SEC_NullTemplate }
-};
-static const SEC_ASN1Template ocsp_CertStatusOtherTemplate[] = {
- { SEC_ASN1_POINTER,
- offsetof(ocspCertStatus, certStatusInfo.otherInfo),
- SEC_AnyTemplate }
-};
-
-/*
- * RevokedInfo ::= SEQUENCE {
- * revocationTime GeneralizedTime,
- * revocationReason [0] EXPLICIT CRLReason OPTIONAL }
- *
- * Note: this should be static but the AIX compiler doesn't like it (because it
- * was forward-declared above); it is not meant to be exported, but this
- * is the only way it will compile.
- */
-const SEC_ASN1Template ocsp_RevokedInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspRevokedInfo) },
- { SEC_ASN1_GENERALIZED_TIME,
- offsetof(ocspRevokedInfo, revocationTime) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(ocspRevokedInfo, revocationReason),
- SEC_PointerToEnumeratedTemplate },
- { 0 }
-};
-
-
-/*
- * OCSP-specific extension templates:
- */
-
-/*
- * ServiceLocator ::= SEQUENCE {
- * issuer Name,
- * locator AuthorityInfoAccessSyntax OPTIONAL }
- */
-static const SEC_ASN1Template ocsp_ServiceLocatorTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(ocspServiceLocator) },
- { SEC_ASN1_POINTER,
- offsetof(ocspServiceLocator, issuer),
- CERT_NameTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(ocspServiceLocator, locator) },
- { 0 }
-};
-
-
-/*
- * REQUEST SUPPORT FUNCTIONS (encode/create/decode/destroy):
- */
-
-/*
- * FUNCTION: CERT_EncodeOCSPRequest
- * DER encodes an OCSP Request, possibly adding a signature as well.
- * XXX Signing is not yet supported, however; see comments in code.
- * INPUTS:
- * PRArenaPool *arena
- * The return value is allocated from here.
- * If a NULL is passed in, allocation is done from the heap instead.
- * CERTOCSPRequest *request
- * The request to be encoded.
- * void *pwArg
- * Pointer to argument for password prompting, if needed. (Definitely
- * not needed if not signing.)
- * RETURN:
- * Returns a NULL on error and a pointer to the SECItem with the
- * encoded value otherwise. Any error is likely to be low-level
- * (e.g. no memory).
- */
-SECItem *
-CERT_EncodeOCSPRequest(PRArenaPool *arena, CERTOCSPRequest *request,
- void *pwArg)
-{
- ocspTBSRequest *tbsRequest;
- SECStatus rv;
-
- /* XXX All of these should generate errors if they fail. */
- PORT_Assert(request);
- PORT_Assert(request->tbsRequest);
-
- tbsRequest = request->tbsRequest;
-
- if (request->tbsRequest->extensionHandle != NULL) {
- rv = CERT_FinishExtensions(request->tbsRequest->extensionHandle);
- request->tbsRequest->extensionHandle = NULL;
- if (rv != SECSuccess)
- return NULL;
- }
-
- /*
- * XXX When signed requests are supported and request->optionalSignature
- * is not NULL:
- * - need to encode tbsRequest->requestorName
- * - need to encode tbsRequest
- * - need to sign that encoded result (using cert in sig), filling in the
- * request->optionalSignature structure with the result, the signing
- * algorithm and (perhaps?) the cert (and its chain?) in derCerts
- */
-
- return SEC_ASN1EncodeItem(arena, NULL, request, ocsp_OCSPRequestTemplate);
-}
-
-
-/*
- * FUNCTION: CERT_DecodeOCSPRequest
- * Decode a DER encoded OCSP Request.
- * INPUTS:
- * SECItem *src
- * Pointer to a SECItem holding DER encoded OCSP Request.
- * RETURN:
- * Returns a pointer to a CERTOCSPRequest containing the decoded request.
- * On error, returns NULL. Most likely error is trouble decoding
- * (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
- */
-CERTOCSPRequest *
-CERT_DecodeOCSPRequest(SECItem *src)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv = SECFailure;
- CERTOCSPRequest *dest = NULL;
- int i;
-
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
- dest = (CERTOCSPRequest *) PORT_ArenaZAlloc(arena,
- sizeof(CERTOCSPRequest));
- if (dest == NULL) {
- goto loser;
- }
- dest->arena = arena;
-
- rv = SEC_ASN1DecodeItem(arena, dest, ocsp_OCSPRequestTemplate, src);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
- goto loser;
- }
-
- /*
- * XXX I would like to find a way to get rid of the necessity
- * of doing this copying of the arena pointer.
- */
- for (i = 0; dest->tbsRequest->requestList[i] != NULL; i++) {
- dest->tbsRequest->requestList[i]->arena = arena;
- }
-
- return dest;
-
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-
-/*
- * Create and fill-in a CertID. This function fills in the hash values
- * (issuerNameHash and issuerKeyHash), and is hardwired to use SHA1.
- * Someday it might need to be more flexible about hash algorithm, but
- * for now we have no intention/need to create anything else, and until
- * we have more flexible underlying interfaces, it's just not as easy
- * as it should be to just take an algorithm id and call some helper
- * functions to do all the work (no algid->length translation, no function
- * to hash from and into a SECItem, etc.).
- *
- * Error causes a null to be returned; most likely cause is trouble
- * finding the certificate issuer (SEC_ERROR_UNKNOWN_ISSUER).
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-static CERTOCSPCertID *
-ocsp_CreateCertID(PRArenaPool *arena, CERTCertificate *cert, int64 time)
-{
- CERTOCSPCertID *certID;
- CERTCertificate *issuerCert = NULL;
- SECItem *tempItem = NULL;
- void *mark = PORT_ArenaMark(arena);
- SECStatus rv;
-
- PORT_Assert(arena != NULL);
-
- certID = PORT_ArenaZNew(arena, CERTOCSPCertID);
- if (certID == NULL) {
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &certID->hashAlgorithm, SEC_OID_SHA1,
- NULL);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
- if (issuerCert == NULL) {
- goto loser;
- }
-
- tempItem = SEC_ASN1EncodeItem(NULL, NULL, &issuerCert->subject,
- CERT_NameTemplate);
- if (tempItem == NULL) {
- goto loser;
- }
-
- if (SECITEM_AllocItem(arena, &(certID->issuerNameHash),
- SHA1_LENGTH) == NULL) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_SHA1, certID->issuerNameHash.data,
- tempItem->data, tempItem->len);
- if (rv != SECSuccess) {
- goto loser;
- }
- certID->issuerSHA1NameHash.data = certID->issuerNameHash.data;
- certID->issuerSHA1NameHash.len = certID->issuerNameHash.len;
- /* cache the other two hash algorithms as well */
- if (SECITEM_AllocItem(arena, &(certID->issuerMD5NameHash),
- MD5_LENGTH) == NULL) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_MD5, certID->issuerMD5NameHash.data,
- tempItem->data, tempItem->len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (SECITEM_AllocItem(arena, &(certID->issuerMD2NameHash),
- MD2_LENGTH) == NULL) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_MD2, certID->issuerMD2NameHash.data,
- tempItem->data, tempItem->len);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- SECITEM_FreeItem(tempItem, PR_TRUE);
- tempItem = NULL;
-
- if (CERT_SPKDigestValueForCert(arena, issuerCert, SEC_OID_SHA1,
- &(certID->issuerKeyHash)) == NULL) {
- goto loser;
- }
- certID->issuerSHA1KeyHash.data = certID->issuerKeyHash.data;
- certID->issuerSHA1KeyHash.len = certID->issuerKeyHash.len;
- /* cache the other two hash algorithms as well */
- if (CERT_SPKDigestValueForCert(arena, issuerCert, SEC_OID_MD5,
- &(certID->issuerMD5KeyHash)) == NULL) {
- goto loser;
- }
- if (CERT_SPKDigestValueForCert(arena, issuerCert, SEC_OID_MD2,
- &(certID->issuerMD2KeyHash)) == NULL) {
- goto loser;
- }
-
-
- /* now we are done with issuerCert */
- CERT_DestroyCertificate(issuerCert);
- issuerCert = NULL;
-
- rv = SECITEM_CopyItem(arena, &certID->serialNumber, &cert->serialNumber);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(arena, mark);
- return certID;
-
-loser:
- if (issuerCert != NULL) {
- CERT_DestroyCertificate(issuerCert);
- }
- if (tempItem != NULL) {
- SECITEM_FreeItem(tempItem, PR_TRUE);
- }
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-
-/*
- * Callback to set Extensions in request object
- */
-void SetSingleReqExts(void *object, CERTCertExtension **exts)
-{
- ocspSingleRequest *singleRequest =
- (ocspSingleRequest *)object;
-
- singleRequest->singleRequestExtensions = exts;
-}
-
-/*
- * Add the Service Locator extension to the singleRequestExtensions
- * for the given singleRequest.
- *
- * All errors are internal or low-level problems (e.g. no memory).
- */
-static SECStatus
-ocsp_AddServiceLocatorExtension(ocspSingleRequest *singleRequest,
- CERTCertificate *cert)
-{
- ocspServiceLocator *serviceLocator = NULL;
- void *extensionHandle = NULL;
- SECStatus rv = SECFailure;
-
- serviceLocator = PORT_ZNew(ocspServiceLocator);
- if (serviceLocator == NULL)
- goto loser;
-
- /*
- * Normally it would be a bad idea to do a direct reference like
- * this rather than allocate and copy the name *or* at least dup
- * a reference of the cert. But all we need is to be able to read
- * the issuer name during the encoding we are about to do, so a
- * copy is just a waste of time.
- */
- serviceLocator->issuer = &cert->issuer;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
- &serviceLocator->locator);
- if (rv != SECSuccess) {
- if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
- goto loser;
- }
-
- /* prepare for following loser gotos */
- rv = SECFailure;
-
- extensionHandle = cert_StartExtensions(singleRequest,
- singleRequest->arena, SetSingleReqExts);
- if (extensionHandle == NULL)
- goto loser;
-
- rv = CERT_EncodeAndAddExtension(extensionHandle,
- SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
- serviceLocator, PR_FALSE,
- ocsp_ServiceLocatorTemplate);
-
-loser:
- if (extensionHandle != NULL) {
- /*
- * Either way we have to finish out the extension context (so it gets
- * freed). But careful not to override any already-set bad status.
- */
- SECStatus tmprv = CERT_FinishExtensions(extensionHandle);
- if (rv == SECSuccess)
- rv = tmprv;
- }
-
- /*
- * Finally, free the serviceLocator structure itself and we are done.
- */
- if (serviceLocator != NULL) {
- if (serviceLocator->locator.data != NULL)
- SECITEM_FreeItem(&serviceLocator->locator, PR_FALSE);
- PORT_Free(serviceLocator);
- }
-
- return rv;
-}
-
-/*
- * Creates an array of ocspSingleRequest based on a list of certs.
- * Note that the code which later compares the request list with the
- * response expects this array to be in the exact same order as the
- * certs are found in the list. It would be harder to change that
- * order than preserve it, but since the requirement is not obvious,
- * it deserves to be mentioned.
- *
- * Any problem causes a null return and error set:
- * SEC_ERROR_UNKNOWN_ISSUER
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-static ocspSingleRequest **
-ocsp_CreateSingleRequestList(PRArenaPool *arena, CERTCertList *certList,
- int64 time, PRBool includeLocator)
-{
- ocspSingleRequest **requestList = NULL;
- CERTCertListNode *node;
- int i, count;
- void *mark = PORT_ArenaMark(arena);
-
- node = CERT_LIST_HEAD(certList);
- for (count = 0; !CERT_LIST_END(node, certList); count++) {
- node = CERT_LIST_NEXT(node);
- }
-
- if (count == 0)
- goto loser;
-
- requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, count + 1);
- if (requestList == NULL)
- goto loser;
-
- node = CERT_LIST_HEAD(certList);
- for (i = 0; !CERT_LIST_END(node, certList); i++) {
- requestList[i] = PORT_ArenaZNew(arena, ocspSingleRequest);
- if (requestList[i] == NULL)
- goto loser;
-
- requestList[i]->arena = arena;
- requestList[i]->reqCert = ocsp_CreateCertID(arena, node->cert, time);
- if (requestList[i]->reqCert == NULL)
- goto loser;
-
- if (includeLocator == PR_TRUE) {
- SECStatus rv;
-
- rv = ocsp_AddServiceLocatorExtension(requestList[i], node->cert);
- if (rv != SECSuccess)
- goto loser;
- }
-
- node = CERT_LIST_NEXT(node);
- }
-
- PORT_Assert(i == count);
-
- PORT_ArenaUnmark(arena, mark);
- requestList[i] = NULL;
- return requestList;
-
-loser:
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-
-/*
- * FUNCTION: CERT_CreateOCSPRequest
- * Creates a CERTOCSPRequest, requesting the status of the certs in
- * the given list.
- * INPUTS:
- * CERTCertList *certList
- * A list of certs for which status will be requested.
- * Note that all of these certificates should have the same issuer,
- * or it's expected the response will be signed by a trusted responder.
- * If the certs need to be broken up into multiple requests, that
- * must be handled by the caller (and thus by having multiple calls
- * to this routine), who knows about where the request(s) are being
- * sent and whether there are any trusted responders in place.
- * int64 time
- * Indicates the time for which the certificate status is to be
- * determined -- this may be used in the search for the cert's issuer
- * but has no effect on the request itself.
- * PRBool addServiceLocator
- * If true, the Service Locator extension should be added to the
- * single request(s) for each cert.
- * CERTCertificate *signerCert
- * If non-NULL, means sign the request using this cert. Otherwise,
- * do not sign.
- * XXX note that request signing is not yet supported; see comment in code
- * RETURN:
- * A pointer to a CERTOCSPRequest structure containing an OCSP request
- * for the cert list. On error, null is returned, with an error set
- * indicating the reason. This is likely SEC_ERROR_UNKNOWN_ISSUER.
- * (The issuer is needed to create a request for the certificate.)
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-CERTOCSPRequest *
-CERT_CreateOCSPRequest(CERTCertList *certList, int64 time,
- PRBool addServiceLocator,
- CERTCertificate *signerCert)
-{
- PRArenaPool *arena = NULL;
- CERTOCSPRequest *request = NULL;
- ocspTBSRequest *tbsRequest = NULL;
-
- /*
- * XXX This should set an error, but since it is only temporary and
- * since PSM will not initially provide a way to turn on signing of
- * requests anyway, I figure we can just skip defining an error that
- * will be obsolete in the next release. When we are prepared to
- * put signing of requests back in, this entire check will go away,
- * and later in this function we will need to allocate a signature
- * structure for the request, fill in the "derCerts" field in it,
- * save the signerCert there, as well as fill in the "requestorName"
- * field of the tbsRequest.
- */
- if (signerCert != NULL) {
- return NULL;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
-
- request = PORT_ArenaZNew(arena, CERTOCSPRequest);
- if (request == NULL) {
- goto loser;
- }
- request->arena = arena;
-
- tbsRequest = PORT_ArenaZNew(arena, ocspTBSRequest);
- if (tbsRequest == NULL) {
- goto loser;
- }
- request->tbsRequest = tbsRequest;
-
- /* version 1 is the default, so we need not fill in a version number */
-
- /*
- * Now create the list of single requests, one for each cert.
- */
- tbsRequest->requestList = ocsp_CreateSingleRequestList(arena, certList,
- time,
- addServiceLocator);
- if (tbsRequest->requestList == NULL) {
- goto loser;
- }
- return request;
-
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-
-/*
- * FUNCTION: CERT_AddOCSPAcceptableResponses
- * Add the AcceptableResponses extension to an OCSP Request.
- * INPUTS:
- * CERTOCSPRequest *request
- * The request to which the extension should be added.
- * ...
- * A list (of one or more) of SECOidTag -- each of the response types
- * to be added. The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
- * (This marks the end of the list, and it must be specified because a
- * client conforming to the OCSP standard is required to handle the basic
- * response type.) The OIDs are not checked in any way.
- * RETURN:
- * SECSuccess if the extension is added; SECFailure if anything goes wrong.
- * All errors are internal or low-level problems (e.g. no memory).
- */
-
-void SetRequestExts(void *object, CERTCertExtension **exts)
-{
- CERTOCSPRequest *request = (CERTOCSPRequest *)object;
-
- request->tbsRequest->requestExtensions = exts;
-}
-
-SECStatus
-CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request, ...)
-{
- void *extHandle;
- va_list ap;
- int i, count;
- SECOidTag responseType;
- SECOidData *responseOid;
- SECItem **acceptableResponses = NULL;
- SECStatus rv = SECFailure;
-
- extHandle = request->tbsRequest->extensionHandle;
- if (extHandle == NULL) {
- extHandle = cert_StartExtensions(request, request->arena, SetRequestExts);
- if (extHandle == NULL)
- goto loser;
- }
-
- /* Count number of OIDS going into the extension value. */
- count = 0;
- va_start(ap, request);
- do {
- count++;
- responseType = va_arg(ap, SECOidTag);
- } while (responseType != SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
- va_end(ap);
-
- acceptableResponses = PORT_NewArray(SECItem *, count + 1);
- if (acceptableResponses == NULL)
- goto loser;
-
- va_start(ap, request);
- for (i = 0; i < count; i++) {
- responseType = va_arg(ap, SECOidTag);
- responseOid = SECOID_FindOIDByTag(responseType);
- acceptableResponses[i] = &(responseOid->oid);
- }
- va_end(ap);
- acceptableResponses[i] = NULL;
-
- rv = CERT_EncodeAndAddExtension(extHandle, SEC_OID_PKIX_OCSP_RESPONSE,
- &acceptableResponses, PR_FALSE,
- SEC_SequenceOfObjectIDTemplate);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_Free(acceptableResponses);
- if (request->tbsRequest->extensionHandle == NULL)
- request->tbsRequest->extensionHandle = extHandle;
- return SECSuccess;
-
-loser:
- if (acceptableResponses != NULL)
- PORT_Free(acceptableResponses);
- if (extHandle != NULL)
- (void) CERT_FinishExtensions(extHandle);
- return rv;
-}
-
-
-/*
- * FUNCTION: CERT_DestroyOCSPRequest
- * Frees an OCSP Request structure.
- * INPUTS:
- * CERTOCSPRequest *request
- * Pointer to CERTOCSPRequest to be freed.
- * RETURN:
- * No return value; no errors.
- */
-void
-CERT_DestroyOCSPRequest(CERTOCSPRequest *request)
-{
- if (request == NULL)
- return;
-
- if (request->tbsRequest != NULL) {
- if (request->tbsRequest->requestorName != NULL)
- CERT_DestroyGeneralNameList(request->tbsRequest->requestorName);
- if (request->tbsRequest->extensionHandle != NULL)
- (void) CERT_FinishExtensions(request->tbsRequest->extensionHandle);
- }
-
- if (request->optionalSignature != NULL) {
- if (request->optionalSignature->cert != NULL)
- CERT_DestroyCertificate(request->optionalSignature->cert);
-
- /*
- * XXX Need to free derCerts? Or do they come out of arena?
- * (Currently we never fill in derCerts, which is why the
- * answer is not obvious. Once we do, add any necessary code
- * here and remove this comment.)
- */
- }
-
- /*
- * We should actually never have a request without an arena,
- * but check just in case. (If there isn't one, there is not
- * much we can do about it...)
- */
- PORT_Assert(request->arena != NULL);
- if (request->arena != NULL)
- PORT_FreeArena(request->arena, PR_FALSE);
-}
-
-
-/*
- * RESPONSE SUPPORT FUNCTIONS (encode/create/decode/destroy):
- */
-
-/*
- * Helper function for encoding or decoding a ResponderID -- based on the
- * given type, return the associated template for that choice.
- */
-static const SEC_ASN1Template *
-ocsp_ResponderIDTemplateByType(ocspResponderIDType responderIDType)
-{
- const SEC_ASN1Template *responderIDTemplate;
-
- switch (responderIDType) {
- case ocspResponderID_byName:
- responderIDTemplate = ocsp_ResponderIDByNameTemplate;
- break;
- case ocspResponderID_byKey:
- responderIDTemplate = ocsp_ResponderIDByKeyTemplate;
- break;
- case ocspResponderID_other:
- default:
- PORT_Assert(responderIDType == ocspResponderID_other);
- responderIDTemplate = ocsp_ResponderIDOtherTemplate;
- break;
- }
-
- return responderIDTemplate;
-}
-
-/*
- * Helper function for encoding or decoding a CertStatus -- based on the
- * given type, return the associated template for that choice.
- */
-static const SEC_ASN1Template *
-ocsp_CertStatusTemplateByType(ocspCertStatusType certStatusType)
-{
- const SEC_ASN1Template *certStatusTemplate;
-
- switch (certStatusType) {
- case ocspCertStatus_good:
- certStatusTemplate = ocsp_CertStatusGoodTemplate;
- break;
- case ocspCertStatus_revoked:
- certStatusTemplate = ocsp_CertStatusRevokedTemplate;
- break;
- case ocspCertStatus_unknown:
- certStatusTemplate = ocsp_CertStatusUnknownTemplate;
- break;
- case ocspCertStatus_other:
- default:
- PORT_Assert(certStatusType == ocspCertStatus_other);
- certStatusTemplate = ocsp_CertStatusOtherTemplate;
- break;
- }
-
- return certStatusTemplate;
-}
-
-/*
- * Helper function for decoding a certStatus -- turn the actual DER tag
- * into our local translation.
- */
-static ocspCertStatusType
-ocsp_CertStatusTypeByTag(int derTag)
-{
- ocspCertStatusType certStatusType;
-
- switch (derTag) {
- case 0:
- certStatusType = ocspCertStatus_good;
- break;
- case 1:
- certStatusType = ocspCertStatus_revoked;
- break;
- case 2:
- certStatusType = ocspCertStatus_unknown;
- break;
- default:
- certStatusType = ocspCertStatus_other;
- break;
- }
-
- return certStatusType;
-}
-
-/*
- * Helper function for decoding SingleResponses -- they each contain
- * a status which is encoded as CHOICE, which needs to be decoded "by hand".
- *
- * Note -- on error, this routine does not release the memory it may
- * have allocated; it expects its caller to do that.
- */
-static SECStatus
-ocsp_FinishDecodingSingleResponses(PRArenaPool *arena,
- CERTOCSPSingleResponse **responses)
-{
- ocspCertStatus *certStatus;
- ocspCertStatusType certStatusType;
- const SEC_ASN1Template *certStatusTemplate;
- int derTag;
- int i;
- SECStatus rv = SECFailure;
-
- if (responses == NULL) /* nothing to do */
- return SECSuccess;
-
- for (i = 0; responses[i] != NULL; i++) {
- /*
- * The following assert points out internal errors (problems in
- * the template definitions or in the ASN.1 decoder itself, etc.).
- */
- PORT_Assert(responses[i]->derCertStatus.data != NULL);
-
- derTag = responses[i]->derCertStatus.data[0] & SEC_ASN1_TAGNUM_MASK;
- certStatusType = ocsp_CertStatusTypeByTag(derTag);
- certStatusTemplate = ocsp_CertStatusTemplateByType(certStatusType);
-
- certStatus = PORT_ArenaZAlloc(arena, sizeof(ocspCertStatus));
- if (certStatus == NULL) {
- goto loser;
- }
- rv = SEC_ASN1DecodeItem(arena, certStatus, certStatusTemplate,
- &responses[i]->derCertStatus);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- goto loser;
- }
-
- certStatus->certStatusType = certStatusType;
- responses[i]->certStatus = certStatus;
- }
-
- return SECSuccess;
-
-loser:
- return rv;
-}
-
-/*
- * Helper function for decoding a responderID -- turn the actual DER tag
- * into our local translation.
- */
-static ocspResponderIDType
-ocsp_ResponderIDTypeByTag(int derTag)
-{
- ocspResponderIDType responderIDType;
-
- switch (derTag) {
- case 1:
- responderIDType = ocspResponderID_byName;
- break;
- case 2:
- responderIDType = ocspResponderID_byKey;
- break;
- default:
- responderIDType = ocspResponderID_other;
- break;
- }
-
- return responderIDType;
-}
-
-/*
- * Decode "src" as a BasicOCSPResponse, returning the result.
- */
-static ocspBasicOCSPResponse *
-ocsp_DecodeBasicOCSPResponse(PRArenaPool *arena, SECItem *src)
-{
- void *mark;
- ocspBasicOCSPResponse *basicResponse;
- ocspResponseData *responseData;
- ocspResponderID *responderID;
- ocspResponderIDType responderIDType;
- const SEC_ASN1Template *responderIDTemplate;
- int derTag;
- SECStatus rv;
-
- mark = PORT_ArenaMark(arena);
-
- basicResponse = PORT_ArenaZAlloc(arena, sizeof(ocspBasicOCSPResponse));
- if (basicResponse == NULL) {
- goto loser;
- }
-
- rv = SEC_ASN1DecodeItem(arena, basicResponse,
- ocsp_BasicOCSPResponseTemplate, src);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- goto loser;
- }
-
- responseData = basicResponse->tbsResponseData;
-
- /*
- * The following asserts point out internal errors (problems in
- * the template definitions or in the ASN.1 decoder itself, etc.).
- */
- PORT_Assert(responseData != NULL);
- PORT_Assert(responseData->derResponderID.data != NULL);
-
- /*
- * XXX Because responderID is a CHOICE, which is not currently handled
- * by our ASN.1 decoder, we have to decode it "by hand".
- */
- derTag = responseData->derResponderID.data[0] & SEC_ASN1_TAGNUM_MASK;
- responderIDType = ocsp_ResponderIDTypeByTag(derTag);
- responderIDTemplate = ocsp_ResponderIDTemplateByType(responderIDType);
-
- responderID = PORT_ArenaZAlloc(arena, sizeof(ocspResponderID));
- if (responderID == NULL) {
- goto loser;
- }
- rv = SEC_ASN1DecodeItem(arena, responderID, responderIDTemplate,
- &responseData->derResponderID);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- goto loser;
- }
-
- responderID->responderIDType = responderIDType;
- responseData->responderID = responderID;
-
- /*
- * XXX Each SingleResponse also contains a CHOICE, which has to be
- * fixed up by hand.
- */
- rv = ocsp_FinishDecodingSingleResponses(arena, responseData->responses);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(arena, mark);
- return basicResponse;
-
-loser:
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-
-/*
- * Decode the responseBytes based on the responseType found in "rbytes",
- * leaving the resulting translated/decoded information in there as well.
- */
-static SECStatus
-ocsp_DecodeResponseBytes(PRArenaPool *arena, ocspResponseBytes *rbytes)
-{
- PORT_Assert(rbytes != NULL); /* internal error, really */
- if (rbytes == NULL)
- PORT_SetError(SEC_ERROR_INVALID_ARGS); /* XXX set better error? */
-
- rbytes->responseTypeTag = SECOID_FindOIDTag(&rbytes->responseType);
- switch (rbytes->responseTypeTag) {
- case SEC_OID_PKIX_OCSP_BASIC_RESPONSE:
- {
- ocspBasicOCSPResponse *basicResponse;
-
- basicResponse = ocsp_DecodeBasicOCSPResponse(arena,
- &rbytes->response);
- if (basicResponse == NULL)
- return SECFailure;
-
- rbytes->decodedResponse.basic = basicResponse;
- }
- break;
-
- /*
- * Add new/future response types here.
- */
-
- default:
- PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_DecodeOCSPResponse
- * Decode a DER encoded OCSP Response.
- * INPUTS:
- * SECItem *src
- * Pointer to a SECItem holding DER encoded OCSP Response.
- * RETURN:
- * Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
- * the caller is responsible for destroying it. Or NULL if error (either
- * response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
- * it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
- * or a low-level or internal error occurred).
- */
-CERTOCSPResponse *
-CERT_DecodeOCSPResponse(SECItem *src)
-{
- PRArenaPool *arena = NULL;
- CERTOCSPResponse *response = NULL;
- SECStatus rv = SECFailure;
- ocspResponseStatus sv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
- response = (CERTOCSPResponse *) PORT_ArenaZAlloc(arena,
- sizeof(CERTOCSPResponse));
- if (response == NULL) {
- goto loser;
- }
- response->arena = arena;
-
- rv = SEC_ASN1DecodeItem(arena, response, ocsp_OCSPResponseTemplate, src);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SEC_ERROR_BAD_DER)
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- goto loser;
- }
-
- sv = (ocspResponseStatus) DER_GetInteger(&response->responseStatus);
- response->statusValue = sv;
- if (sv != ocspResponse_successful) {
- /*
- * If the response status is anything but successful, then we
- * are all done with decoding; the status is all there is.
- */
- return response;
- }
-
- /*
- * A successful response contains much more information, still encoded.
- * Now we need to decode that.
- */
- rv = ocsp_DecodeResponseBytes(arena, response->responseBytes);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- return response;
-
-loser:
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return NULL;
-}
-
-/*
- * The way an OCSPResponse is defined, there are many levels to descend
- * before getting to the actual response information. And along the way
- * we need to check that the response *type* is recognizable, which for
- * now means that it is a BasicOCSPResponse, because that is the only
- * type currently defined. Rather than force all routines to perform
- * a bunch of sanity checking every time they want to work on a response,
- * this function isolates that and gives back the interesting part.
- * Note that no copying is done, this just returns a pointer into the
- * substructure of the response which is passed in.
- *
- * XXX This routine only works when a valid response structure is passed
- * into it; this is checked with many assertions. Assuming the response
- * was creating by decoding, it wouldn't make it this far without being
- * okay. That is a sufficient assumption since the entire OCSP interface
- * is only used internally. When this interface is officially exported,
- * each assertion below will need to be followed-up with setting an error
- * and returning (null).
- */
-static ocspResponseData *
-ocsp_GetResponseData(CERTOCSPResponse *response)
-{
- ocspBasicOCSPResponse *basic;
- ocspResponseData *responseData;
-
- PORT_Assert(response != NULL);
-
- PORT_Assert(response->responseBytes != NULL);
-
- PORT_Assert(response->responseBytes->responseTypeTag
- == SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-
- basic = response->responseBytes->decodedResponse.basic;
- PORT_Assert(basic != NULL);
-
- responseData = basic->tbsResponseData;
- PORT_Assert(responseData != NULL);
-
- return responseData;
-}
-
-/*
- * Much like the routine above, except it returns the response signature.
- * Again, no copy is done.
- */
-static ocspSignature *
-ocsp_GetResponseSignature(CERTOCSPResponse *response)
-{
- ocspBasicOCSPResponse *basic;
-
- PORT_Assert(response != NULL);
- PORT_Assert(response->responseBytes != NULL);
- PORT_Assert(response->responseBytes->responseTypeTag
- == SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
-
- basic = response->responseBytes->decodedResponse.basic;
- PORT_Assert(basic != NULL);
-
- return &(basic->responseSignature);
-}
-
-
-/*
- * FUNCTION: CERT_DestroyOCSPResponse
- * Frees an OCSP Response structure.
- * INPUTS:
- * CERTOCSPResponse *request
- * Pointer to CERTOCSPResponse to be freed.
- * RETURN:
- * No return value; no errors.
- */
-void
-CERT_DestroyOCSPResponse(CERTOCSPResponse *response)
-{
- if (response != NULL) {
- ocspSignature *signature = ocsp_GetResponseSignature(response);
- if (signature->cert != NULL)
- CERT_DestroyCertificate(signature->cert);
-
- /*
- * We should actually never have a response without an arena,
- * but check just in case. (If there isn't one, there is not
- * much we can do about it...)
- */
- PORT_Assert(response->arena != NULL);
- if (response->arena != NULL) {
- PORT_FreeArena(response->arena, PR_FALSE);
- }
- }
-}
-
-
-/*
- * OVERALL OCSP CLIENT SUPPORT (make and send a request, verify a response):
- */
-
-
-/*
- * Pick apart a URL, saving the important things in the passed-in pointers.
- *
- * We expect to find "http://<hostname>[:<port>]/[path]", though we will
- * tolerate that final slash character missing, as well as beginning and
- * trailing whitespace, and any-case-characters for "http". All of that
- * tolerance is what complicates this routine. What we want is just to
- * pick out the hostname, the port, and the path.
- *
- * On a successful return, the caller will need to free the output pieces
- * of hostname and path, which are copies of the values found in the url.
- */
-static SECStatus
-ocsp_ParseURL(char *url, char **pHostname, PRUint16 *pPort, char **pPath)
-{
- unsigned short port = 80; /* default, in case not in url */
- char *hostname = NULL;
- char *path = NULL;
- char *save;
- char c;
- int len;
-
- if (url == NULL)
- goto loser;
-
- /*
- * Skip beginning whitespace.
- */
- c = *url;
- while ((c == ' ' || c == '\t') && c != '\0') {
- url++;
- c = *url;
- }
- if (c == '\0')
- goto loser;
-
- /*
- * Confirm, then skip, protocol. (Since we only know how to do http,
- * that is all we will accept).
- */
- if (PORT_Strncasecmp(url, "http://", 7) != 0)
- goto loser;
- url += 7;
-
- /*
- * Whatever comes next is the hostname (or host IP address). We just
- * save it aside and then search for its end so we can determine its
- * length and copy it.
- *
- * XXX Note that because we treat a ':' as a terminator character
- * (and below, we expect that to mean there is a port specification
- * immediately following), we will not handle IPv6 addresses. That is
- * apparently an acceptable limitation, for the time being. Some day,
- * when there is a clear way to specify a URL with an IPv6 address that
- * can be parsed unambiguously, this code should be made to do that.
- */
- save = url;
- c = *url;
- while (c != '/' && c != ':' && c != '\0' && c != ' ' && c != '\t') {
- url++;
- c = *url;
- }
- len = url - save;
- hostname = PORT_Alloc(len + 1);
- if (hostname == NULL)
- goto loser;
- PORT_Memcpy(hostname, save, len);
- hostname[len] = '\0';
-
- /*
- * Now we figure out if there was a port specified or not.
- * If so, we need to parse it (as a number) and skip it.
- */
- if (c == ':') {
- url++;
- port = (unsigned short) PORT_Atoi(url);
- c = *url;
- while (c != '/' && c != '\0' && c != ' ' && c != '\t') {
- if (c < '0' || c > '9')
- goto loser;
- url++;
- c = *url;
- }
- }
-
- /*
- * Last thing to find is a path. There *should* be a slash,
- * if nothing else -- but if there is not we provide one.
- */
- if (c == '/') {
- save = url;
- while (c != '\0' && c != ' ' && c != '\t') {
- url++;
- c = *url;
- }
- len = url - save;
- path = PORT_Alloc(len + 1);
- if (path == NULL)
- goto loser;
- PORT_Memcpy(path, save, len);
- path[len] = '\0';
- } else {
- path = PORT_Strdup("/");
- }
-
- *pHostname = hostname;
- *pPort = port;
- *pPath = path;
- return SECSuccess;
-
-loser:
- if (hostname != NULL)
- PORT_Free(hostname);
- if (path != NULL)
- PORT_Free(path);
- PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
- return SECFailure;
-}
-
-/*
- * Open a socket to the specified host on the specified port, and return it.
- * The host is either a hostname or an IP address.
- */
-static PRFileDesc *
-ocsp_ConnectToHost(const char *host, PRUint16 port)
-{
- PRFileDesc *sock = NULL;
- PRIntervalTime timeout;
- PRNetAddr addr;
- char *netdbbuf = NULL;
-
- sock = PR_NewTCPSocket();
- if (sock == NULL)
- goto loser;
-
- /* XXX Some day need a way to set (and get?) the following value */
- timeout = PR_SecondsToInterval(30);
-
- /*
- * If the following converts an IP address string in "dot notation"
- * into a PRNetAddr. If it fails, we assume that is because we do not
- * have such an address, but instead a host *name*. In that case we
- * then lookup the host by name. Using the NSPR function this way
- * means we do not have to have our own logic for distinguishing a
- * valid numerical IP address from a hostname.
- */
- if (PR_StringToNetAddr(host, &addr) != PR_SUCCESS) {
- PRIntn hostIndex;
- PRHostEnt hostEntry;
-
- netdbbuf = PORT_Alloc(PR_NETDB_BUF_SIZE);
- if (netdbbuf == NULL)
- goto loser;
-
- if (PR_GetHostByName(host, netdbbuf, PR_NETDB_BUF_SIZE,
- &hostEntry) != PR_SUCCESS)
- goto loser;
-
- hostIndex = 0;
- do {
- hostIndex = PR_EnumerateHostEnt(hostIndex, &hostEntry, port, &addr);
- if (hostIndex < 0)
- goto loser;
- } while (PR_Connect(sock, &addr, timeout) != PR_SUCCESS
- && hostIndex > 0);
-
- if (hostIndex == 0)
- goto loser;
-
- PORT_Free(netdbbuf);
- } else {
- /*
- * First put the port into the address, then connect.
- */
- if (PR_InitializeNetAddr(PR_IpAddrNull, port, &addr) != PR_SUCCESS)
- goto loser;
- if (PR_Connect(sock, &addr, timeout) != PR_SUCCESS)
- goto loser;
- }
-
- return sock;
-
-loser:
- if (sock != NULL)
- PR_Close(sock);
- if (netdbbuf != NULL)
- PORT_Free(netdbbuf);
- return NULL;
-}
-
-/*
- * Sends an encoded OCSP request to the server identified by "location",
- * and returns the socket on which it was sent (so can listen for the reply).
- * "location" is expected to be a valid URL -- an error parsing it produces
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION. Other errors are likely problems
- * connecting to it, or writing to it, or allocating memory, and the low-level
- * errors appropriate to the problem will be set.
- */
-static PRFileDesc *
-ocsp_SendEncodedRequest(char *location, SECItem *encodedRequest)
-{
- char *hostname = NULL;
- char *path = NULL;
- PRUint16 port;
- SECStatus rv;
- PRFileDesc *sock = NULL;
- PRFileDesc *returnSock = NULL;
- char *header = NULL;
-
- /*
- * Take apart the location, getting the hostname, port, and path.
- */
- rv = ocsp_ParseURL(location, &hostname, &port, &path);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_Assert(hostname != NULL);
- PORT_Assert(path != NULL);
-
- sock = ocsp_ConnectToHost(hostname, port);
- if (sock == NULL)
- goto loser;
-
- header = PR_smprintf("POST %s HTTP/1.0\r\n"
- "Host: %s:%d\r\n"
- "Content-Type: application/ocsp-request\r\n"
- "Content-Length: %u\r\n\r\n",
- path, hostname, port, encodedRequest->len);
- if (header == NULL)
- goto loser;
-
- /*
- * The NSPR documentation promises that if it can, it will write the full
- * amount; this will not return a partial value expecting us to loop.
- */
- if (PR_Write(sock, header, (PRInt32) PORT_Strlen(header)) < 0)
- goto loser;
-
- if (PR_Write(sock, encodedRequest->data,
- (PRInt32) encodedRequest->len) < 0)
- goto loser;
-
- returnSock = sock;
- sock = NULL;
-
-loser:
- if (header != NULL)
- PORT_Free(header);
- if (sock != NULL)
- PR_Close(sock);
- if (path != NULL)
- PORT_Free(path);
- if (hostname != NULL)
- PORT_Free(hostname);
-
- return returnSock;
-}
-
-/*
- * Read from "fd" into "buf" -- expect/attempt to read a "minimum" number
- * of bytes, but do not exceed "maximum". (Obviously, stop at less than
- * "minimum" if hit end-of-stream.) Only problems are low-level i/o errors.
- */
-static int
-ocsp_MinMaxRead(PRFileDesc *fd, unsigned char *buf, int minimum, int maximum)
-{
- int total = 0;
-
- while (total < minimum) {
- PRInt32 got;
-
- got = PR_Read(fd, buf + total, (PRInt32) (maximum - total));
- if (got < 0) {
- if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
- break;
- }
- continue;
- } else if (got == 0) { /* EOS */
- break;
- }
-
- total += got;
- }
-
- return total;
-}
-
-#ifdef BUFSIZ
-#define OCSP_BUFSIZE BUFSIZ
-#else
-#define OCSP_BUFSIZE 1024
-#endif
-
-/*
- * Listens on the given socket and returns an encoded response when received.
- * Properly formatted HTTP response headers are expected to be read from the
- * socket, preceding a binary-encoded OCSP response. Problems with parsing
- * cause the error SEC_ERROR_OCSP_BAD_HTTP_RESPONSE to be set; any other
- * problems are likely low-level i/o or memory allocation errors.
- */
-static SECItem *
-ocsp_GetEncodedResponse(PRArenaPool *arena, PRFileDesc *sock)
-{
- unsigned char *buf = NULL;
- int bufsize, bytesRead, len;
- const unsigned char *bufEnd;
- const char *s;
- const char *newline = NULL;
- PRBool headersDone = PR_FALSE;
- PRBool pendingCR = PR_FALSE;
- PRBool contentTypeOK = PR_FALSE;
- unsigned int contentLength = 0;
- void *mark = NULL;
- SECItem *result = NULL;
-
-
- bufsize = OCSP_BUFSIZE;
- buf = PORT_Alloc(bufsize);
- if (buf == NULL) {
- goto loser;
- }
- /*
- * I picked 128 because:
- * - It is a nice "round" number. ;-)
- * - I am sure it should cover at least the first line of the http
- * response (on the order of 20 should be enough but I am allowing
- * for excessive leading whitespace) so that I don't have to keep
- * checking for going past the end of the buffer until after that.
- * - I am sure that any interesting response will be bigger than that;
- * the exception is one that is status-only, like "tryLater".
- * - Given a trim response (no extra whitespace), it should cover
- * all of the http headers, and just a bit of the content.
- * This is what I was aiming for, to minimize data copying.
- */
- bytesRead = ocsp_MinMaxRead(sock, buf, 128, bufsize);
- if (bytesRead <= 0) {
- if (bytesRead == 0)
- PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- goto loser;
- }
- bufEnd = buf + bytesRead;
- /*
- * Skip leading whitespace.
- */
- for (s = (char *)buf; s < (char *)bufEnd; s++) {
- if (*s != ' ' && *s != '\t') {
- break;
- }
- }
- /*
- * Here we expect to find something like "HTTP/1.x 200 OK\r\n".
- * (The status code may be anything, but should be 3 digits.
- * The comment (e.g. "OK") may be anything as well.) I figure that
- * the minimal line would be "HTTP/x.y zzz\n", which is 13 chars.
- * That may not even meet the spec, but we will accept it -- anything
- * less than that, though, we will not.
- */
- if (((char *)bufEnd - s) < 13 || PORT_Strncasecmp(s, "http/", 5) != 0) {
- PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- goto loser;
- }
- s += 5; /* skip "http/" */
- /*
- * I don't see a reason to look at the version number. Assuming that
- * whatever version it is, it supports the one or two headers we are
- * looking for, and doesn't completely change the interpretation of
- * status values, it shouldn't matter. We shouldn't reject something
- * that would otherwise work just because the code was picky about
- * version number. So we just skip it, hoping real incompatibility
- * will manifest itself in the parsing.
- */
- while (*s++ != ' ') { /* skip "x.y ", without interpretation */
- /*
- * We expect the version number to be only a few characters,
- * and that we should easily have enough in the buffer to cover.
- * So, if we go past the end, just bail.
- */
- if (s >= (char *)bufEnd) {
- PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- goto loser;
- }
- }
- /*
- * Now get, and check, the status. Accept 200-299; reject all else.
- * There are some 200s that basically have no content, but that will
- * fall out as bad below, and it's just easier to handle it that way
- * than to try to know all the different status values.
- */
- {
- int statusCode = PORT_Atoi(s);
-
- if (statusCode < 200 || statusCode >= 300) {
- PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- goto loser;
- }
- }
- s += 3; /* skip 3-digit status code */
- /*
- * The rest of the line is a comment, which we just want to skip.
- * The next thing to do is continue through all of the HTTP headers,
- * watching for the couple we are interested in. The end of the
- * headers (and thus the beginning of the content) is marked by
- * two consecutive newlines. (According to spec that should be
- * CRLF followed by CRLF, but we are being generous and allowing
- * for people who send only CRs or only LFs, too.)
- *
- * XXX Explain better about how the following code works.
- * Especially what the potential values of "newline" are and what
- * each one means.
- */
- while (1) {
- /*
- * Move forward to the next line, stopping when we find a CRLF,
- * CR, or LF, or the end of the buffer. We have to be careful
- * when we find a lone CR at the end of the buffer, because if
- * the next character read is an LF we want to treat it as one
- * newline altogether.
- *
- * We also need to detect two newlines in a row, which is what
- * marks the end of the headers and time for us to quit out of
- * the outer loop.
- */
- for (; s < (char *)bufEnd; s++) {
- if (*s == '\r' || *s == '\n') {
- if (s == newline) {
- headersDone = PR_TRUE; /* 2nd consecutive newline */
- }
- newline = s;
- if (newline[0] == '\r') {
- if (s == (char *)bufEnd - 1) {
- /* CR at end - wait for the next character */
- newline = NULL;
- pendingCR = PR_TRUE;
- break;
- } else if (newline[1] == '\n') {
- /* CRLF seen; swallow both */
- newline++;
- }
- }
- newline++;
- break;
- }
- /*
- * After the first time through, we no longer need to remember
- * where the previous line started. We needed it for checking
- * for consecutive newlines, but now we need it to be clear in
- * case we finish the loop by finishing off the buffer.
- */
- newline = NULL;
- }
- if (headersDone) {
- s = newline;
- break;
- }
- /*
- * When we are here, either:
- * - newline is NULL, meaning we're at the end of the buffer
- * and we need to refill it, or
- * - newline points to the first character on the new line
- */
- if (newline == NULL) {
- /* So, we need to refill the buffer. */
- len = pendingCR ? 1 : 0;
- bytesRead = ocsp_MinMaxRead(sock, buf + len, 64 - len,
- bufsize - len);
- if (bytesRead <= 0) {
- if (bytesRead == 0)
- PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- goto loser;
- }
- s = (char *)buf;
- bufEnd = buf + len + bytesRead;
- if (pendingCR) {
- buf[0] = '\r';
- pendingCR = PR_FALSE;
- }
- continue;
- }
- /*
- * So, we have a good newline pointer (just past a CR, LF or CRLF),
- * but now we want to make sure that what it points to is long
- * enough to be something we are looking for. If it isn't, add
- * more to the buffer after first copying what's left to the
- * beginning.
- */
- if (((char *)bufEnd - newline) < 40) {
- len = (char *)bufEnd - newline;
- PORT_Memmove(buf, newline, len);
- bytesRead = ocsp_MinMaxRead(sock, buf + len, 40 - len,
- bufsize - len);
- if (bytesRead <= 0) {
- if (bytesRead == 0)
- PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- goto loser;
- }
- newline = (char *)buf;
- bufEnd = buf + len + bytesRead;
- }
- /*
- * Okay, now we know that we are looking at an HTTP header line
- * with enough length to be safe for our comparisons. See if it is
- * one of the ones we are interested in. (That is, "Content-Length"
- * or "Content-Type".)
- */
- if (PORT_Strncasecmp(newline, "content-", 8) == 0) {
- s = newline + 8;
- if (PORT_Strncasecmp(s, "type: ", 6) == 0) {
- s += 6;
- if (PORT_Strncasecmp(s, "application/ocsp-response",
- 25) != 0) {
- break;
- }
- contentTypeOK = PR_TRUE;
- s += 25;
- } else if (PORT_Strncasecmp(s, "length: ", 8) == 0) {
- s += 8;
- contentLength = PORT_Atoi(s);
- }
- newline = NULL;
- } else {
- /*
- * Not an interesting header. We will go around the loop
- * again to find the next line.
- */
- s = newline;
- }
- }
-
- /*
- * Check that we got the correct content type. (If !contentTypeOK,
- * the content-type header was either bad or missing.)
- */
- if (!contentTypeOK) {
- PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- goto loser;
- }
-
- /*
- * Now we need to handle the actual content. We may not have a
- * good content-length; things are harder if we do not -- in that
- * case we will just read until we get EOS.
- */
-
- /*
- * We are finally about the allocate the return area; before that
- * mark the arena so we can release-back on error.
- */
- if (arena != NULL) {
- mark = PORT_ArenaMark(arena);
- }
- /*
- * How much of the content is already in the buffer?
- */
- if (s == NULL) {
- len = 0;
- } else {
- len = (char *)bufEnd - s;
- if (contentLength && len > contentLength) {
- len = contentLength;
- }
- }
- /*
- * Now allocate the item to hold the data.
- */
- result = SECITEM_AllocItem(arena, NULL,
- contentLength ? contentLength : len);
- if (result == NULL) {
- goto loser;
- }
- /*
- * And copy the data left in the buffer.
- */
- if (len) {
- PORT_Memcpy(result->data, s, len);
- }
-
- /*
- * Now we need to read all of the (rest of the) content. If we know
- * the length, it's easy, just one big read. If not, we need to loop,
- * reading until there is nothing left to read.
- */
- if (contentLength) {
- int remaining;
-
- /*
- * It may be the case that our last buffer ended exactly on the
- * second CR of the CRLF pair which denotes the end of the headers.
- * If so, we have to be prepared to read, and skip over, an LF.
- * Since we want to read the rest of the content directly into
- * the buffer we are returning, we read one byte specifically and
- * see if it is an LF. If not, we just copy that byte into the
- * first byte of our return value.
- */
- if (pendingCR) {
- PORT_Assert(len == 0);
- bytesRead = ocsp_MinMaxRead(sock, buf, 1, 1);
- if (bytesRead < 1) {
- goto loser;
- }
- if (buf[0] != '\n') {
- result->data[0] = buf[0];
- len = 1;
- }
- }
- remaining = contentLength - len;
- if (remaining) {
- bytesRead = ocsp_MinMaxRead(sock, result->data + len,
- remaining, remaining);
- if (bytesRead < remaining) {
- if (bytesRead > 0) {
- PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
- }
- goto loser;
- }
- }
- } else while (1) {
- /*
- * Read as much as we can. There is no real minimum here,
- * we will just take whatever we can get and copy it over
- * into our result area.
- */
- bytesRead = ocsp_MinMaxRead(sock, buf, 1, bufsize);
- if (bytesRead < 0) {
- goto loser;
- }
- if (bytesRead == 0) { /* EOS: all done reading */
- break;
- }
- /*
- * Now make room for that many more bytes in our result area.
- */
- if (SECITEM_ReallocItem(arena, result, len,
- len + bytesRead) != SECSuccess) {
- goto loser;
- }
- /*
- * The first time through this loop, it may be the case that
- * we have the final LF of our CRLF pair that ended the headers.
- * If so, we need to skip over it.
- */
- if (pendingCR && buf[0] == '\n') {
- PORT_Memcpy(result->data + len, buf + 1, bytesRead - 1);
- len += bytesRead - 1;
- } else {
- PORT_Memcpy(result->data + len, buf, bytesRead);
- len += bytesRead;
- }
- /*
- * In any case, after the first time through, we are done
- * looking for that LF.
- */
- pendingCR = PR_FALSE;
- /*
- * If we are reading "slowly", get ourselves a bigger buffer.
- */
- if (bytesRead == bufsize) {
- bufsize *= 2;
- PORT_Free(buf);
- buf = PORT_Alloc(bufsize);
- if (buf == NULL) {
- goto loser;
- }
- }
- }
-
- /*
- * Finally, we are done! The encoded response (the content of the
- * HTTP response) is now in "result". We just have a little cleaning
- * up to do before we return.
- */
- if (mark != NULL) {
- PORT_ArenaUnmark(arena, mark);
- }
- PORT_Free(buf);
- return result;
-
-loser:
- if (mark != NULL) {
- PORT_ArenaRelease(arena, mark);
- } else if (result != NULL) {
- SECITEM_FreeItem(result, PR_TRUE);
- }
- if (buf != NULL) {
- PORT_Free(buf);
- }
- return NULL;
-}
-
-
-/*
- * FUNCTION: CERT_GetEncodedOCSPResponse
- * Creates and sends a request to an OCSP responder, then reads and
- * returns the (encoded) response.
- * INPUTS:
- * PRArenaPool *arena
- * Pointer to arena from which return value will be allocated.
- * If NULL, result will be allocated from the heap (and thus should
- * be freed via SECITEM_FreeItem).
- * CERTCertList *certList
- * A list of certs for which status will be requested.
- * Note that all of these certificates should have the same issuer,
- * or it's expected the response will be signed by a trusted responder.
- * If the certs need to be broken up into multiple requests, that
- * must be handled by the caller (and thus by having multiple calls
- * to this routine), who knows about where the request(s) are being
- * sent and whether there are any trusted responders in place.
- * char *location
- * The location of the OCSP responder (a URL).
- * int64 time
- * Indicates the time for which the certificate status is to be
- * determined -- this may be used in the search for the cert's issuer
- * but has no other bearing on the operation.
- * PRBool addServiceLocator
- * If true, the Service Locator extension should be added to the
- * single request(s) for each cert.
- * CERTCertificate *signerCert
- * If non-NULL, means sign the request using this cert. Otherwise,
- * do not sign.
- * void *pwArg
- * Pointer to argument for password prompting, if needed. (Definitely
- * not needed if not signing.)
- * OUTPUTS:
- * CERTOCSPRequest **pRequest
- * Pointer in which to store the OCSP request created for the given
- * list of certificates. It is only filled in if the entire operation
- * is successful and the pointer is not null -- and in that case the
- * caller is then reponsible for destroying it.
- * RETURN:
- * Returns a pointer to the SECItem holding the response.
- * On error, returns null with error set describing the reason:
- * SEC_ERROR_UNKNOWN_ISSUER
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-SECItem *
-CERT_GetEncodedOCSPResponse(PRArenaPool *arena, CERTCertList *certList,
- char *location, int64 time,
- PRBool addServiceLocator,
- CERTCertificate *signerCert, void *pwArg,
- CERTOCSPRequest **pRequest)
-{
- CERTOCSPRequest *request = NULL;
- SECItem *encodedRequest = NULL;
- SECItem *encodedResponse = NULL;
- PRFileDesc *sock = NULL;
- SECStatus rv;
-
- request = CERT_CreateOCSPRequest(certList, time, addServiceLocator,
- signerCert);
- if (request == NULL)
- goto loser;
-
- rv = CERT_AddOCSPAcceptableResponses(request,
- SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
- if (rv != SECSuccess)
- goto loser;
-
- encodedRequest = CERT_EncodeOCSPRequest(NULL, request, pwArg);
- if (encodedRequest == NULL)
- goto loser;
-
- sock = ocsp_SendEncodedRequest(location, encodedRequest);
- if (sock == NULL)
- goto loser;
-
- encodedResponse = ocsp_GetEncodedResponse(arena, sock);
- if (encodedResponse != NULL && pRequest != NULL) {
- *pRequest = request;
- request = NULL; /* avoid destroying below */
- }
-
-loser:
- if (request != NULL)
- CERT_DestroyOCSPRequest(request);
- if (encodedRequest != NULL)
- SECITEM_FreeItem(encodedRequest, PR_TRUE);
- if (sock != NULL)
- PR_Close(sock);
-
- return encodedResponse;
-}
-
-
-/* Checks a certificate for the key usage extension of OCSP signer. */
-static PRBool
-ocsp_CertIsOCSPSigner(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem extItem;
- SECItem **oids;
- SECItem *oid;
- SECOidTag oidTag;
- PRBool retval;
- CERTOidSequence *oidSeq = NULL;
-
-
- extItem.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- oidSeq = CERT_DecodeOidSequence(&extItem);
- if ( oidSeq == NULL ) {
- goto loser;
- }
-
- oids = oidSeq->oids;
- while ( *oids != NULL ) {
- oid = *oids;
-
- oidTag = SECOID_FindOIDTag(oid);
-
- if ( oidTag == SEC_OID_OCSP_RESPONDER ) {
- goto success;
- }
-
- oids++;
- }
-
-loser:
- retval = PR_FALSE;
- goto done;
-success:
- retval = PR_TRUE;
-done:
- if ( extItem.data != NULL ) {
- PORT_Free(extItem.data);
- }
- if ( oidSeq != NULL ) {
- CERT_DestroyOidSequence(oidSeq);
- }
-
- return(retval);
-}
-
-
-#ifdef LATER /*
- * XXX This function is not currently used, but will
- * be needed later when we do revocation checking of
- * the responder certificate. Of course, it may need
- * revising then, if the cert extension interface has
- * changed. (Hopefully it will!)
- */
-
-/* Checks a certificate to see if it has the OCSP no check extension. */
-static PRBool
-ocsp_CertHasNoCheckExtension(CERTCertificate *cert)
-{
- SECStatus rv;
- SECItem extItem;
-
- extItem.data = NULL;
- rv = CERT_FindCertExtension(cert, SEC_OID_PKIX_OCSP_NO_CHECK,
- &extItem);
- if (extItem.data != NULL) {
- PORT_Free(extItem.data);
- }
- if (rv == SECSuccess) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-#endif /* LATER */
-
-static PRBool
-ocsp_matchcert(SECItem *certIndex,CERTCertificate *testCert)
-{
- SECItem item;
- unsigned char buf[SHA1_LENGTH]; /* MAX Hash Len */
-
- item.data = buf;
- item.len = SHA1_LENGTH;
-
- if (CERT_SPKDigestValueForCert(NULL,testCert,SEC_OID_SHA1, &item) == NULL) {
- return PR_FALSE;
- }
- if (SECITEM_ItemsAreEqual(certIndex,&item)) {
- return PR_TRUE;
- }
- if (CERT_SPKDigestValueForCert(NULL,testCert,SEC_OID_MD5, &item) == NULL) {
- return PR_FALSE;
- }
- if (SECITEM_ItemsAreEqual(certIndex,&item)) {
- return PR_TRUE;
- }
- if (CERT_SPKDigestValueForCert(NULL,testCert,SEC_OID_MD2, &item) == NULL) {
- return PR_FALSE;
- }
- if (SECITEM_ItemsAreEqual(certIndex,&item)) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
-
-static CERTCertificate *
-ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle,CERTOCSPCertID *certID);
-
-/*
- * Check the signature on some OCSP data. This is a helper function that
- * can be used to check either a request or a response. The result is
- * saved in the signature structure itself for future reference (to avoid
- * repeating the expensive verification operation), as well as returned.
- * In addition to checking the signature, the certificate (and its chain)
- * are also checked for validity (at the specified time) and usage.
- *
- * The type of cert lookup to be performed is specified by "lookupByName":
- * if true, then "certIndex" is actually a CERTName; otherwise it is a
- * SECItem which contains a key hash.
- *
- * If the signature verifies okay, and the argument "pSignerCert" is not
- * null, that parameter will be filled-in with a pointer to the signer's
- * certificate. The caller is then responsible for destroying the cert.
- *
- * A return of SECSuccess means the verification succeeded. If not,
- * an error will be set with the reason. Most likely are:
- * SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
- * SEC_ERROR_BAD_SIGNATURE - the signature did not verify
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (no memory, etc.)
- */
-static SECStatus
-ocsp_CheckSignature(ocspSignature *signature, void *tbs,
- const SEC_ASN1Template *encodeTemplate,
- CERTCertDBHandle *handle, SECCertUsage certUsage,
- int64 checkTime, PRBool lookupByName, void *certIndex,
- void *pwArg, CERTCertificate **pSignerCert,
- CERTCertificate *issuer)
-{
- SECItem rawSignature;
- SECItem *encodedTBS = NULL;
- CERTCertificate *responder = NULL;
- CERTCertificate *signerCert = NULL;
- SECKEYPublicKey *signerKey = NULL;
- CERTCertificate **certs = NULL;
- SECStatus rv = SECFailure;
- int certCount;
- int i;
-
- /*
- * If this signature has already gone through verification, just
- * return the cached result.
- */
- if (signature->wasChecked) {
- if (signature->status == SECSuccess) {
- if (pSignerCert != NULL)
- *pSignerCert = CERT_DupCertificate(signature->cert);
- } else {
- PORT_SetError(signature->failureReason);
- }
- return signature->status;
- }
-
- /*
- * If the signature contains some certificates as well, temporarily
- * import them in case they are needed for verification.
- *
- * Note that the result of this is that each cert in "certs" needs
- * to be destroyed.
- */
- certCount = 0;
- if (signature->derCerts != NULL) {
- for (; signature->derCerts[certCount] != NULL; certCount++) {
- /* just counting */
- /*IMPORT CERT TO SPKI TABLE */
- }
- }
- rv = CERT_ImportCerts(handle, certUsage, certCount,
- signature->derCerts, &certs,
- PR_FALSE, PR_FALSE, NULL);
- if (rv != SECSuccess)
- goto finish;
-
- /*
- * Now look up the certificate that did the signing.
- * The signer can be specified either by name or by key hash.
- */
- if (lookupByName) {
- SECItem *encodedName;
-
- encodedName = SEC_ASN1EncodeItem(NULL, NULL, certIndex,
- CERT_NameTemplate);
- if (encodedName == NULL)
- goto finish;
-
- signerCert = CERT_FindCertByName(handle, encodedName);
- SECITEM_FreeItem(encodedName, PR_TRUE);
- } else {
- /*
- * The signer is either 1) a known issuer CA we passed in,
- * 2) the default OCSP responder, or 3) and intermediate CA
- * passed in the cert list to use. Figure out which it is.
- */
- responder = ocsp_CertGetDefaultResponder(handle,NULL);
- if (responder && ocsp_matchcert(certIndex,responder)) {
- signerCert = CERT_DupCertificate(responder);
- } else if (issuer && ocsp_matchcert(certIndex,issuer)) {
- signerCert = CERT_DupCertificate(issuer);
- }
- for (i=0; (signerCert == NULL) && (i < certCount); i++) {
- if (ocsp_matchcert(certIndex,certs[i])) {
- signerCert = CERT_DupCertificate(certs[i]);
- }
- }
- }
-
- if (signerCert == NULL) {
- rv = SECFailure;
- if (PORT_GetError() == SEC_ERROR_UNKNOWN_CERT) {
- /* Make the error a little more specific. */
- PORT_SetError(SEC_ERROR_UNKNOWN_SIGNER);
- }
- goto finish;
- }
-
- /*
- * We could mark this true at the top of this function, or always
- * below at "finish", but if the problem was just that we could not
- * find the signer's cert, leave that as if the signature hasn't
- * been checked in case a subsequent call might have better luck.
- */
- signature->wasChecked = PR_TRUE;
-
- /*
- * Just because we have a cert does not mean it is any good; check
- * it for validity, trust and usage.
- */
- rv = CERT_VerifyCert(handle, signerCert, PR_TRUE, certUsage, checkTime,
- pwArg, NULL);
- if (rv != SECSuccess)
- goto finish;
-
- /*
- * Now get the public key from the signer's certificate; we need
- * it to perform the verification.
- */
- signerKey = CERT_ExtractPublicKey(signerCert);
- if (signerKey == NULL)
- goto finish;
-
- /*
- * Prepare the data to be verified; it needs to be DER encoded first.
- */
- encodedTBS = SEC_ASN1EncodeItem(NULL, NULL, tbs, encodeTemplate);
- if (encodedTBS == NULL)
- goto finish;
-
- /*
- * We copy the signature data *pointer* and length, so that we can
- * modify the length without damaging the original copy. This is a
- * simple copy, not a dup, so no destroy/free is necessary.
- */
- rawSignature = signature->signature;
- /*
- * The raw signature is a bit string, but we need to represent its
- * length in bytes, because that is what the verify function expects.
- */
- DER_ConvertBitString(&rawSignature);
-
- rv = VFY_VerifyData(encodedTBS->data, encodedTBS->len, signerKey,
- &rawSignature,
- SECOID_GetAlgorithmTag(&signature->signatureAlgorithm),
- pwArg);
-
-finish:
- if (signature->wasChecked)
- signature->status = rv;
-
- if (rv != SECSuccess) {
- signature->failureReason = PORT_GetError();
- if (signerCert != NULL)
- CERT_DestroyCertificate(signerCert);
- } else {
- /*
- * Save signer's certificate in signature.
- */
- signature->cert = signerCert;
- if (pSignerCert != NULL) {
- /*
- * Pass pointer to signer's certificate back to our caller,
- * who is also now responsible for destroying it.
- */
- *pSignerCert = CERT_DupCertificate(signerCert);
- }
- }
-
- if (encodedTBS != NULL)
- SECITEM_FreeItem(encodedTBS, PR_TRUE);
-
- if (signerKey != NULL)
- SECKEY_DestroyPublicKey(signerKey);
-
- if (certs != NULL)
- CERT_DestroyCertArray(certs, certCount);
- /* Free CERTS from SPKDigest Table */
-
- return rv;
-}
-
-
-/*
- * FUNCTION: CERT_VerifyOCSPResponseSignature
- * Check the signature on an OCSP Response. Will also perform a
- * verification of the signer's certificate. Note, however, that a
- * successful verification does not make any statement about the
- * signer's *authority* to provide status for the certificate(s),
- * that must be checked individually for each certificate.
- * INPUTS:
- * CERTOCSPResponse *response
- * Pointer to response structure with signature to be checked.
- * CERTCertDBHandle *handle
- * Pointer to CERTCertDBHandle for certificate DB to use for verification.
- * void *pwArg
- * Pointer to argument for password prompting, if needed.
- * OUTPUTS:
- * CERTCertificate **pSignerCert
- * Pointer in which to store signer's certificate; only filled-in if
- * non-null.
- * RETURN:
- * Returns SECSuccess when signature is valid, anything else means invalid.
- * Possible errors set:
- * SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
- * SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
- * SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
- * SEC_ERROR_BAD_SIGNATURE - the signature did not verify
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (no memory, etc.)
- */
-SECStatus
-CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
- CERTCertDBHandle *handle, void *pwArg,
- CERTCertificate **pSignerCert,
- CERTCertificate *issuer)
-{
- ocspResponseData *tbsData; /* this is what is signed */
- PRBool byName;
- void *certIndex;
- int64 producedAt;
- SECStatus rv;
-
- tbsData = ocsp_GetResponseData(response);
-
- PORT_Assert(tbsData->responderID != NULL);
- switch (tbsData->responderID->responderIDType) {
- case ocspResponderID_byName:
- byName = PR_TRUE;
- certIndex = &tbsData->responderID->responderIDValue.name;
- break;
- case ocspResponderID_byKey:
- byName = PR_FALSE;
- certIndex = &tbsData->responderID->responderIDValue.keyHash;
- break;
- case ocspResponderID_other:
- default:
- PORT_Assert(0);
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- return SECFailure;
- }
-
- /*
- * ocsp_CheckSignature will also verify the signer certificate; we
- * need to tell it *when* that certificate must be valid -- for our
- * purposes we expect it to be valid when the response was signed.
- * The value of "producedAt" is the signing time.
- */
- rv = DER_GeneralizedTimeToTime(&producedAt, &tbsData->producedAt);
- if (rv != SECSuccess)
- return rv;
-
- return ocsp_CheckSignature(ocsp_GetResponseSignature(response),
- tbsData, ocsp_ResponseDataTemplate,
- handle, certUsageStatusResponder, producedAt,
- byName, certIndex, pwArg, pSignerCert, issuer);
-}
-
-/*
- * See if two certIDs match. This can be easy or difficult, depending
- * on whether the same hash algorithm was used.
- */
-static PRBool
-ocsp_CertIDsMatch(CERTCertDBHandle *handle,
- CERTOCSPCertID *certID1, CERTOCSPCertID *certID2)
-{
- PRBool match = PR_FALSE;
- SECItem *foundHash = NULL;
- SECOidTag hashAlg;
- SECItem *keyHash;
- SECItem *nameHash;
-
- /*
- * In order to match, they must have the same issuer and the same
- * serial number.
- *
- * We just compare the easier things first.
- */
- if (SECITEM_CompareItem(&certID1->serialNumber,
- &certID2->serialNumber) != SECEqual) {
- goto done;
- }
-
- if (SECOID_CompareAlgorithmID(&certID1->hashAlgorithm,
- &certID2->hashAlgorithm) == SECEqual) {
- /*
- * If the hash algorithms match then we can do a simple compare
- * of the hash values themselves.
- */
- if ((SECITEM_CompareItem(&certID1->issuerNameHash,
- &certID2->issuerNameHash) == SECEqual)
- && (SECITEM_CompareItem(&certID1->issuerKeyHash,
- &certID2->issuerKeyHash) == SECEqual)) {
- match = PR_TRUE;
- }
- goto done;
- }
-
- hashAlg = SECOID_FindOIDTag(&certID2->hashAlgorithm.algorithm);
- switch (hashAlg) {
- case SEC_OID_SHA1:
- keyHash = &certID1->issuerSHA1KeyHash;
- nameHash = &certID1->issuerSHA1NameHash;
- break;
- case SEC_OID_MD5:
- keyHash = &certID1->issuerMD5KeyHash;
- nameHash = &certID1->issuerMD5NameHash;
- break;
- case SEC_OID_MD2:
- keyHash = &certID1->issuerMD2KeyHash;
- nameHash = &certID1->issuerMD2NameHash;
- break;
- default:
- foundHash == NULL;
- }
-
- if (foundHash == NULL) {
- goto done;
- }
-
- if ((SECITEM_CompareItem(nameHash, &certID2->issuerNameHash) == SECEqual)
- && (SECITEM_CompareItem(keyHash, &certID2->issuerKeyHash) == SECEqual)) {
- match = PR_TRUE;
- }
-
-done:
- return match;
-}
-
-/*
- * Find the single response for the cert specified by certID.
- * No copying is done; this just returns a pointer to the appropriate
- * response within responses, if it is found (and null otherwise).
- * This is fine, of course, since this function is internal-use only.
- */
-static CERTOCSPSingleResponse *
-ocsp_GetSingleResponseForCertID(CERTOCSPSingleResponse **responses,
- CERTCertDBHandle *handle,
- CERTOCSPCertID *certID)
-{
- CERTOCSPSingleResponse *single;
- int i;
-
- if (responses == NULL)
- return NULL;
-
- for (i = 0; responses[i] != NULL; i++) {
- single = responses[i];
- if (ocsp_CertIDsMatch(handle, certID, single->certID) == PR_TRUE) {
- return single;
- }
- }
-
- /*
- * The OCSP server should have included a response even if it knew
- * nothing about the certificate in question. Since it did not,
- * this will make it look as if it had.
- *
- * XXX Should we make this a separate error to notice the server's
- * bad behavior?
- */
- PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
- return NULL;
-}
-
-static ocspCheckingContext *
-ocsp_GetCheckingContext(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig;
- ocspCheckingContext *ocspcx = NULL;
-
- statusConfig = CERT_GetStatusConfig(handle);
- if (statusConfig != NULL) {
- ocspcx = statusConfig->statusContext;
-
- /*
- * This is actually an internal error, because we should never
- * have a good statusConfig without a good statusContext, too.
- * For lack of anything better, though, we just assert and use
- * the same error as if there were no statusConfig (set below).
- */
- PORT_Assert(ocspcx != NULL);
- }
-
- if (ocspcx == NULL)
- PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
-
- return ocspcx;
-}
-/*
- * Return true if the given signerCert is the default responder for
- * the given certID. If not, or if any error, return false.
- */
-static CERTCertificate *
-ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle,CERTOCSPCertID *certID)
-{
- ocspCheckingContext *ocspcx;
-
- ocspcx = ocsp_GetCheckingContext(handle);
- if (ocspcx == NULL)
- goto loser;
-
- /*
- * Right now we have only one default responder. It applies to
- * all certs when it is used, so the check is simple and certID
- * has no bearing on the answer. Someday in the future we may
- * allow configuration of different responders for different
- * issuers, and then we would have to use the issuer specified
- * in certID to determine if signerCert is the right one.
- */
- if (ocspcx->useDefaultResponder) {
- PORT_Assert(ocspcx->defaultResponderCert != NULL);
- return ocspcx->defaultResponderCert;
- }
-
-loser:
- return NULL;
-}
-
-/*
- * Return true if the given signerCert is the default responder for
- * the given certID. If not, or if any error, return false.
- */
-static PRBool
-ocsp_CertIsDefaultResponderForCertID(CERTCertDBHandle *handle,
- CERTCertificate *signerCert,
- CERTOCSPCertID *certID)
-{
- CERTCertificate *defaultResponderCert;
-
- defaultResponderCert = ocsp_CertGetDefaultResponder(handle, certID);
- return (PRBool) (defaultResponderCert == signerCert);
-}
-
-/*
- * Check that the given signer certificate is authorized to sign status
- * information for the given certID. Return true if it is, false if not
- * (or if there is any error along the way). If false is returned because
- * the signer is not authorized, the following error will be set:
- * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- *
- * There are three ways to be authorized. In the order in which we check,
- * using the terms used in the OCSP spec, the signer must be one of:
- * 1. A "trusted responder" -- it matches a local configuration
- * of OCSP signing authority for the certificate in question.
- * 2. The CA who issued the certificate in question.
- * 3. A "CA designated responder", aka an "authorized responder" -- it
- * must be represented by a special cert issued by the CA who issued
- * the certificate in question.
- */
-static PRBool
-ocsp_AuthorizedResponderForCertID(CERTCertDBHandle *handle,
- CERTCertificate *signerCert,
- CERTOCSPCertID *certID,
- int64 thisUpdate)
-{
- CERTCertificate *issuerCert = NULL;
- SECItem *issuerKeyHash = NULL;
- SECOidTag hashAlg;
- PRBool okay = PR_FALSE;
-
- /*
- * Check first for a trusted responder, which overrides everything else.
- */
- if (ocsp_CertIsDefaultResponderForCertID(handle, signerCert, certID))
- return PR_TRUE;
-
- /*
- * In the other two cases, we need to do an issuer comparison.
- * How we do it depends on whether the signer certificate has the
- * special extension (for a designated responder) or not.
- */
-
- if (ocsp_CertIsOCSPSigner(signerCert)) {
- /*
- * The signer is a designated responder. Its issuer must match
- * the issuer of the cert being checked.
- */
- issuerCert = CERT_FindCertIssuer(signerCert, thisUpdate,
- certUsageAnyCA);
- if (issuerCert == NULL) {
- /*
- * We could leave the SEC_ERROR_UNKNOWN_ISSUER error alone,
- * but the following will give slightly more information.
- * Once we have an error stack, things will be much better.
- */
- PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
- goto loser;
- }
- } else {
- /*
- * The signer must *be* the issuer of the cert being checked.
- */
- issuerCert = signerCert;
- }
-
- hashAlg = SECOID_FindOIDTag(&certID->hashAlgorithm.algorithm);
- issuerKeyHash = CERT_SPKDigestValueForCert(NULL, issuerCert, hashAlg, NULL);
- if (issuerKeyHash == NULL)
- goto loser;
-
- if (SECITEM_CompareItem(issuerKeyHash,
- &certID->issuerKeyHash) != SECEqual) {
- PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
- goto loser;
- }
-
- okay = PR_TRUE;
-
-loser:
- if (issuerKeyHash != NULL)
- SECITEM_FreeItem(issuerKeyHash, PR_TRUE);
-
- if (issuerCert != NULL && issuerCert != signerCert)
- CERT_DestroyCertificate(issuerCert);
-
- return okay;
-}
-
-/*
- * We need to check that a responder gives us "recent" information.
- * Since a responder can pre-package responses, we need to pick an amount
- * of time that is acceptable to us, and reject any response that is
- * older than that.
- *
- * XXX This *should* be based on some configuration parameter, so that
- * different usages could specify exactly what constitutes "sufficiently
- * recent". But that is not going to happen right away. For now, we
- * want something from within the last 24 hours. This macro defines that
- * number in seconds.
- */
-#define OCSP_ALLOWABLE_LAPSE_SECONDS (24L * 60L * 60L)
-
-static PRBool
-ocsp_TimeIsRecent(int64 checkTime)
-{
- int64 now = PR_Now();
- int64 lapse, tmp;
-
- LL_I2L(lapse, OCSP_ALLOWABLE_LAPSE_SECONDS);
- LL_I2L(tmp, PR_USEC_PER_SEC);
- LL_MUL(lapse, lapse, tmp); /* allowable lapse in microseconds */
-
- LL_ADD(checkTime, checkTime, lapse);
- if (LL_CMP(now, >, checkTime))
- return PR_FALSE;
-
- return PR_TRUE;
-}
-
-/*
- * Check that this single response is okay. A return of SECSuccess means:
- * 1. The signer (represented by "signerCert") is authorized to give status
- * for the cert represented by the individual response in "single".
- * 2. The value of thisUpdate is earlier than now.
- * 3. The value of producedAt is later than or the same as thisUpdate.
- * 4. If nextUpdate is given:
- * - The value of nextUpdate is later than now.
- * - The value of producedAt is earlier than nextUpdate.
- * Else if no nextUpdate:
- * - The value of thisUpdate is fairly recent.
- * - The value of producedAt is fairly recent.
- * However we do not need to perform an explicit check for this last
- * constraint because it is already guaranteed by checking that
- * producedAt is later than thisUpdate and thisUpdate is recent.
- * Oh, and any responder is "authorized" to say that a cert is unknown to it.
- *
- * If any of those checks fail, SECFailure is returned and an error is set:
- * SEC_ERROR_OCSP_FUTURE_RESPONSE
- * SEC_ERROR_OCSP_OLD_RESPONSE
- * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-static SECStatus
-ocsp_VerifySingleResponse(CERTOCSPSingleResponse *single,
- CERTCertDBHandle *handle,
- CERTCertificate *signerCert,
- int64 producedAt)
-{
- CERTOCSPCertID *certID = single->certID;
- int64 now, thisUpdate, nextUpdate;
- SECStatus rv;
-
- /*
- * If all the responder said was that the given cert was unknown to it,
- * that is a valid response. Not very interesting to us, of course,
- * but all this function is concerned with is validity of the response,
- * not the status of the cert.
- */
- PORT_Assert(single->certStatus != NULL);
- if (single->certStatus->certStatusType == ocspCertStatus_unknown)
- return SECSuccess;
-
- /*
- * We need to extract "thisUpdate" for use below and to pass along
- * to AuthorizedResponderForCertID in case it needs it for doing an
- * issuer look-up.
- */
- rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * First confirm that signerCert is authorized to give this status.
- */
- if (ocsp_AuthorizedResponderForCertID(handle, signerCert, certID,
- thisUpdate) != PR_TRUE)
- return SECFailure;
-
- /*
- * Now check the time stuff, as described above.
- */
- now = PR_Now();
- if (LL_CMP(thisUpdate, >, now) || LL_CMP(producedAt, <, thisUpdate)) {
- PORT_SetError(SEC_ERROR_OCSP_FUTURE_RESPONSE);
- return SECFailure;
- }
- if (single->nextUpdate != NULL) {
- rv = DER_GeneralizedTimeToTime(&nextUpdate, single->nextUpdate);
- if (rv != SECSuccess)
- return rv;
-
- if (LL_CMP(nextUpdate, <, now) || LL_CMP(producedAt, >, nextUpdate)) {
- PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
- return SECFailure;
- }
- } else if (ocsp_TimeIsRecent(thisUpdate) != PR_TRUE) {
- PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
- * Get the value of the URI of the OCSP responder for the given cert.
- * This is found in the (optional) Authority Information Access extension
- * in the cert.
- * INPUTS:
- * CERTCertificate *cert
- * The certificate being examined.
- * RETURN:
- * char *
- * A copy of the URI for the OCSP method, if found. If either the
- * extension is not present or it does not contain an entry for OCSP,
- * SEC_ERROR_EXTENSION_NOT_FOUND will be set and a NULL returned.
- * Any other error will also result in a NULL being returned.
- *
- * This result should be freed (via PORT_Free) when no longer in use.
- */
-char *
-CERT_GetOCSPAuthorityInfoAccessLocation(CERTCertificate *cert)
-{
- CERTGeneralName *locname = NULL;
- SECItem *location = NULL;
- SECItem *encodedAuthInfoAccess = NULL;
- CERTAuthInfoAccess **authInfoAccess = NULL;
- char *locURI = NULL;
- PRArenaPool *arena = NULL;
- SECStatus rv;
- int i;
-
- /*
- * Allocate this one from the heap because it will get filled in
- * by CERT_FindCertExtension which will also allocate from the heap,
- * and we can free the entire thing on our way out.
- */
- encodedAuthInfoAccess = SECITEM_AllocItem(NULL, NULL, 0);
- if (encodedAuthInfoAccess == NULL)
- goto loser;
-
- rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
- encodedAuthInfoAccess);
- if (rv == SECFailure)
- goto loser;
-
- /*
- * The rest of the things allocated in the routine will come out of
- * this arena, which is temporary just for us to decode and get at the
- * AIA extension. The whole thing will be destroyed on our way out,
- * after we have copied the location string (url) itself (if found).
- */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto loser;
-
- authInfoAccess = cert_DecodeAuthInfoAccessExtension(arena,
- encodedAuthInfoAccess);
- if (authInfoAccess == NULL)
- goto loser;
-
- for (i = 0; authInfoAccess[i] != NULL; i++) {
- if (SECOID_FindOIDTag(&authInfoAccess[i]->method) == SEC_OID_PKIX_OCSP)
- locname = authInfoAccess[i]->location;
- }
-
- /*
- * If we found an AIA extension, but it did not include an OCSP method,
- * that should look to our caller as if we did not find the extension
- * at all, because it is only an OCSP method that we care about.
- * So set the same error that would be set if the AIA extension was
- * not there at all.
- */
- if (locname == NULL) {
- PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
- goto loser;
- }
-
- /*
- * The following is just a pointer back into locname (i.e. not a copy);
- * thus it should not be freed.
- */
- location = CERT_GetGeneralNameByType(locname, certURI, PR_FALSE);
- if (location == NULL) {
- /*
- * XXX Appears that CERT_GetGeneralNameByType does not set an
- * error if there is no name by that type. For lack of anything
- * better, act as if the extension was not found. In the future
- * this should probably be something more like the extension was
- * badly formed.
- */
- PORT_SetError(SEC_ERROR_EXTENSION_NOT_FOUND);
- goto loser;
- }
-
- /*
- * That location is really a string, but it has a specified length
- * without a null-terminator. We need a real string that does have
- * a null-terminator, and we need a copy of it anyway to return to
- * our caller -- so allocate and copy.
- */
- locURI = PORT_Alloc(location->len + 1);
- if (locURI == NULL) {
- goto loser;
- }
- PORT_Memcpy(locURI, location->data, location->len);
- locURI[location->len] = '\0';
-
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
-
- if (encodedAuthInfoAccess != NULL)
- SECITEM_FreeItem(encodedAuthInfoAccess, PR_TRUE);
-
- return locURI;
-}
-
-
-/*
- * Figure out where we should go to find out the status of the given cert
- * via OCSP. If a default responder is set up, that is our answer.
- * If not, see if the certificate has an Authority Information Access (AIA)
- * extension for OCSP, and return the value of that. Otherwise return NULL.
- * We also let our caller know whether or not the responder chosen was
- * a default responder or not through the output variable isDefault;
- * its value has no meaning unless a good (non-null) value is returned
- * for the location.
- *
- * The result needs to be freed (PORT_Free) when no longer in use.
- */
-static char *
-ocsp_GetResponderLocation(CERTCertDBHandle *handle, CERTCertificate *cert,
- PRBool *isDefault)
-{
- ocspCheckingContext *ocspcx;
-
- ocspcx = ocsp_GetCheckingContext(handle);
- if (ocspcx != NULL && ocspcx->useDefaultResponder) {
- /*
- * A default responder wins out, if specified.
- * XXX Someday this may be a more complicated determination based
- * on the cert's issuer. (That is, we could have different default
- * responders configured for different issuers.)
- */
- PORT_Assert(ocspcx->defaultResponderURI != NULL);
- *isDefault = PR_TRUE;
- return (PORT_Strdup(ocspcx->defaultResponderURI));
- }
-
- /*
- * No default responder set up, so go see if we can find an AIA
- * extension that has a value for OCSP, and get the url from that.
- */
- *isDefault = PR_FALSE;
- return CERT_GetOCSPAuthorityInfoAccessLocation(cert);
-}
-
-/*
- * Return SECSuccess if the cert was revoked *after* "time",
- * SECFailure otherwise.
- */
-static SECStatus
-ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, int64 time)
-{
- int64 revokedTime;
- SECStatus rv;
-
- rv = DER_GeneralizedTimeToTime(&revokedTime, &revokedInfo->revocationTime);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * Set the error even if we will return success; someone might care.
- */
- PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
-
- if (LL_CMP(revokedTime, >, time))
- return SECSuccess;
-
- return SECFailure;
-}
-
-/*
- * See if the cert represented in the single response had a good status
- * at the specified time.
- */
-static SECStatus
-ocsp_CertHasGoodStatus(CERTOCSPSingleResponse *single, int64 time)
-{
- ocspCertStatus *status;
- SECStatus rv;
-
- status = single->certStatus;
-
- switch (status->certStatusType) {
- case ocspCertStatus_good:
- rv = SECSuccess;
- break;
- case ocspCertStatus_revoked:
- rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
- break;
- case ocspCertStatus_unknown:
- PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
- rv = SECFailure;
- break;
- case ocspCertStatus_other:
- default:
- PORT_Assert(0);
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
- rv = SECFailure;
- break;
- }
-
- return rv;
-}
-
-
-/*
- * FUNCTION: CERT_CheckOCSPStatus
- * Checks the status of a certificate via OCSP. Will only check status for
- * a certificate that has an AIA (Authority Information Access) extension
- * for OCSP *or* when a "default responder" is specified and enabled.
- * (If no AIA extension for OCSP and no default responder in place, the
- * cert is considered to have a good status and SECSuccess is returned.)
- * INPUTS:
- * CERTCertDBHandle *handle
- * certificate DB of the cert that is being checked
- * CERTCertificate *cert
- * the certificate being checked
- * XXX in the long term also need a boolean parameter that specifies
- * whether to check the cert chain, as well; for now we check only
- * the leaf (the specified certificate)
- * int64 time
- * time for which status is to be determined
- * void *pwArg
- * argument for password prompting, if needed
- * RETURN:
- * Returns SECSuccess if an approved OCSP responder "knows" the cert
- * *and* returns a non-revoked status for it; SECFailure otherwise,
- * with an error set describing the reason:
- *
- * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- * SEC_ERROR_OCSP_FUTURE_RESPONSE
- * SEC_ERROR_OCSP_MALFORMED_REQUEST
- * SEC_ERROR_OCSP_MALFORMED_RESPONSE
- * SEC_ERROR_OCSP_OLD_RESPONSE
- * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
- * SEC_ERROR_OCSP_SERVER_ERROR
- * SEC_ERROR_OCSP_TRY_SERVER_LATER
- * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
- * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * SEC_ERROR_OCSP_UNKNOWN_CERT
- * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
- * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
- *
- * SEC_ERROR_BAD_SIGNATURE
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- * SEC_ERROR_INVALID_TIME
- * SEC_ERROR_REVOKED_CERTIFICATE
- * SEC_ERROR_UNKNOWN_ISSUER
- * SEC_ERROR_UNKNOWN_SIGNER
- *
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (error allocating
- * memory, error performing ASN.1 decoding, etc.).
- */
-SECStatus
-CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
- int64 time, void *pwArg)
-{
- char *location = NULL;
- PRBool locationIsDefault;
- CERTCertList *certList = NULL;
- SECItem *encodedResponse = NULL;
- CERTOCSPRequest *request = NULL;
- CERTOCSPResponse *response = NULL;
- CERTCertificate *signerCert = NULL;
- CERTCertificate *issuerCert = NULL;
- ocspResponseData *responseData;
- int64 producedAt;
- CERTOCSPCertID *certID;
- CERTOCSPSingleResponse *single;
- SECStatus rv = SECFailure;
-
-
- /*
- * The first thing we need to do is find the location of the responder.
- * This will be the value of the default responder (if enabled), else
- * it will come out of the AIA extension in the cert (if present).
- * If we have no such location, then this cert does not "deserve" to
- * be checked -- that is, we consider it a success and just return.
- * The way we tell that is by looking at the error number to see if
- * the problem was no AIA extension was found; any other error was
- * a true failure that we unfortunately have to treat as an overall
- * failure here.
- */
- location = ocsp_GetResponderLocation(handle, cert, &locationIsDefault);
- if (location == NULL) {
- if (PORT_GetError() == SEC_ERROR_EXTENSION_NOT_FOUND)
- return SECSuccess;
- else
- return SECFailure;
- }
-
- /*
- * For now, create a cert-list of one.
- * XXX In the fullness of time, we will want/need to handle a
- * certificate chain. This will be done either when a new parameter
- * tells us to, or some configuration variable tells us to. In any
- * case, handling it is complicated because we may need to send as
- * many requests (and receive as many responses) as we have certs
- * in the chain. If we are going to talk to a default responder,
- * and we only support one default responder, we can put all of the
- * certs together into one request. Otherwise, we must break them up
- * into multiple requests. (Even if all of the requests will go to
- * the same location, the signature on each response will be different,
- * because each issuer is different. Carefully read the OCSP spec
- * if you do not understand this.)
- */
-
- certList = CERT_NewCertList();
- if (certList == NULL)
- goto loser;
-
- /* dup it because freeing the list will destroy the cert, too */
- cert = CERT_DupCertificate(cert);
- if (cert == NULL)
- goto loser;
-
- if (CERT_AddCertToListTail(certList, cert) != SECSuccess) {
- CERT_DestroyCertificate(cert);
- goto loser;
- }
-
- /*
- * XXX If/when signing of requests is supported, that second NULL
- * should be changed to be the signer certificate. Not sure if that
- * should be passed into this function or retrieved via some operation
- * on the handle/context.
- */
- encodedResponse = CERT_GetEncodedOCSPResponse(NULL, certList, location,
- time, locationIsDefault,
- NULL, pwArg, &request);
- if (encodedResponse == NULL) {
- goto loser;
- }
-
- response = CERT_DecodeOCSPResponse(encodedResponse);
- if (response == NULL) {
- goto loser;
- }
-
- /*
- * Okay, we at least have a response that *looks* like a response!
- * Now see if the overall response status value is good or not.
- * If not, we set an error and give up. (It means that either the
- * server had a problem, or it didn't like something about our
- * request. Either way there is nothing to do but give up.)
- * Otherwise, we continue to find the actual per-cert status
- * in the response.
- */
- switch (response->statusValue) {
- case ocspResponse_successful:
- break;
- case ocspResponse_malformedRequest:
- PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
- goto loser;
- case ocspResponse_internalError:
- PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
- goto loser;
- case ocspResponse_tryLater:
- PORT_SetError(SEC_ERROR_OCSP_TRY_SERVER_LATER);
- goto loser;
- case ocspResponse_sigRequired:
- /* XXX We *should* retry with a signature, if possible. */
- PORT_SetError(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG);
- goto loser;
- case ocspResponse_unauthorized:
- PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST);
- goto loser;
- case ocspResponse_other:
- case ocspResponse_unused:
- default:
- PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS);
- goto loser;
- }
-
- /*
- * If we've made it this far, we expect a response with a good signature.
- * So, check for that.
- */
- issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
- rv = CERT_VerifyOCSPResponseSignature(response, handle, pwArg, &signerCert,
- issuerCert);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_Assert(signerCert != NULL); /* internal consistency check */
- /* XXX probably should set error, return failure if signerCert is null */
-
- /*
- * The ResponseData part is the real guts of the response.
- */
- responseData = ocsp_GetResponseData(response);
- if (responseData == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- /*
- * There is one producedAt time for the entire response (and a separate
- * thisUpdate time for each individual single response). We need to
- * compare them, so get the overall time to pass into the check of each
- * single response.
- */
- rv = DER_GeneralizedTimeToTime(&producedAt, &responseData->producedAt);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * Again, we are only doing one request for one cert.
- * XXX When we handle cert chains, the following code will obviously
- * have to be modified, in coordation with the code above that will
- * have to determine how to make multiple requests, etc. It will need
- * to loop, and for each certID in the request, find the matching
- * single response and check the status specified by it.
- *
- * We are helped here in that we know that the requests are made with
- * the request list in the same order as the order of the certs we hand
- * to it. This is why I can directly access the first member of the
- * single request array for the one cert I care about.
- */
-
- certID = request->tbsRequest->requestList[0]->reqCert;
- single = ocsp_GetSingleResponseForCertID(responseData->responses,
- handle, certID);
- if (single == NULL)
- goto loser;
-
- rv = ocsp_VerifySingleResponse(single, handle, signerCert, producedAt);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * Okay, the last step is to check whether the status says revoked,
- * and if so how that compares to the time value passed into this routine.
- */
-
- rv = ocsp_CertHasGoodStatus(single, time);
-
-loser:
- if (issuerCert != NULL)
- CERT_DestroyCertificate(issuerCert);
- if (signerCert != NULL)
- CERT_DestroyCertificate(signerCert);
- if (response != NULL)
- CERT_DestroyOCSPResponse(response);
- if (request != NULL)
- CERT_DestroyOCSPRequest(request);
- if (encodedResponse != NULL)
- SECITEM_FreeItem(encodedResponse, PR_TRUE);
- if (certList != NULL)
- CERT_DestroyCertList(certList);
- if (location != NULL)
- PORT_Free(location);
-
- return rv;
-}
-
-
-/*
- * Disable status checking and destroy related structures/data.
- */
-static SECStatus
-ocsp_DestroyStatusChecking(CERTStatusConfig *statusConfig)
-{
- ocspCheckingContext *statusContext;
-
- /*
- * Disable OCSP checking
- */
- statusConfig->statusChecker = NULL;
-
- statusContext = statusConfig->statusContext;
- PORT_Assert(statusContext != NULL);
- if (statusContext == NULL)
- return SECFailure;
-
- if (statusContext->defaultResponderURI != NULL)
- PORT_Free(statusContext->defaultResponderURI);
- if (statusContext->defaultResponderNickname != NULL)
- PORT_Free(statusContext->defaultResponderNickname);
-
- PORT_Free(statusContext);
- statusConfig->statusContext = NULL;
-
- PORT_Free(statusConfig);
-
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_DisableOCSPChecking
- * Turns off OCSP checking for the given certificate database.
- * This routine disables OCSP checking. Though it will return
- * SECFailure if OCSP checking is not enabled, it is "safe" to
- * call it that way and just ignore the return value, if it is
- * easier to just call it than to "remember" whether it is enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Certificate database for which OCSP checking will be disabled.
- * RETURN:
- * Returns SECFailure if an error occurred (usually means that OCSP
- * checking was not enabled or status contexts were not initialized --
- * error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
- */
-SECStatus
-CERT_DisableOCSPChecking(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig;
- ocspCheckingContext *statusContext;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- statusConfig = CERT_GetStatusConfig(handle);
- statusContext = ocsp_GetCheckingContext(handle);
- if (statusContext == NULL)
- return SECFailure;
-
- if (statusConfig->statusChecker != CERT_CheckOCSPStatus) {
- /*
- * Status configuration is present, but either not currently
- * enabled or not for OCSP.
- */
- PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
- return SECFailure;
- }
-
- /*
- * This is how we disable status checking. Everything else remains
- * in place in case we are enabled again.
- */
- statusConfig->statusChecker = NULL;
-
- return SECSuccess;
-}
-
-/*
- * Allocate and initialize the informational structures for status checking.
- * This is done when some configuration of OCSP is being done or when OCSP
- * checking is being turned on, whichever comes first.
- */
-static SECStatus
-ocsp_InitStatusChecking(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig = NULL;
- ocspCheckingContext *statusContext = NULL;
-
- PORT_Assert(CERT_GetStatusConfig(handle) == NULL);
- if (CERT_GetStatusConfig(handle) != NULL) {
- /* XXX or call statusConfig->statusDestroy and continue? */
- return SECFailure;
- }
-
- statusConfig = PORT_ZNew(CERTStatusConfig);
- if (statusConfig == NULL)
- goto loser;
-
- statusContext = PORT_ZNew(ocspCheckingContext);
- if (statusContext == NULL)
- goto loser;
-
- statusConfig->statusDestroy = ocsp_DestroyStatusChecking;
- statusConfig->statusContext = statusContext;
-
- CERT_SetStatusConfig(handle, statusConfig);
-
- return SECSuccess;
-
-loser:
- if (statusContext != NULL)
- PORT_Free(statusContext);
- if (statusConfig != NULL)
- PORT_Free(statusConfig);
- return SECFailure;
-}
-
-
-/*
- * FUNCTION: CERT_EnableOCSPChecking
- * Turns on OCSP checking for the given certificate database.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Certificate database for which OCSP checking will be enabled.
- * RETURN:
- * Returns SECFailure if an error occurred (likely only problem
- * allocating memory); SECSuccess otherwise.
- */
-SECStatus
-CERT_EnableOCSPChecking(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig;
-
- SECStatus rv;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- statusConfig = CERT_GetStatusConfig(handle);
- if (statusConfig == NULL) {
- rv = ocsp_InitStatusChecking(handle);
- if (rv != SECSuccess)
- return rv;
-
- /* Get newly established value */
- statusConfig = CERT_GetStatusConfig(handle);
- PORT_Assert(statusConfig != NULL);
- }
-
- /*
- * Setting the checker function is what really enables the checking
- * when each cert verification is done.
- */
- statusConfig->statusChecker = CERT_CheckOCSPStatus;
-
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_SetOCSPDefaultResponder
- * Specify the location and cert of the default responder.
- * If OCSP checking is already enabled *and* use of a default responder
- * is also already enabled, all OCSP checking from now on will go directly
- * to the specified responder. If OCSP checking is not enabled, or if
- * it is but use of a default responder is not enabled, the information
- * will be recorded and take effect whenever both are enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should use the default responder.
- * char *url
- * The location of the default responder (e.g. "http://foo.com:80/ocsp")
- * Note that the location will not be tested until the first attempt
- * to send a request there.
- * char *name
- * The nickname of the cert to trust (expected) to sign the OCSP responses.
- * If the corresponding cert cannot be found, SECFailure is returned.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * The most likely error is that the cert for "name" could not be found
- * (probably SEC_ERROR_UNKNOWN_CERT). Other errors are low-level (no memory,
- * bad database, etc.).
- */
-SECStatus
-CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
- const char *url, const char *name)
-{
- CERTCertificate *cert;
- ocspCheckingContext *statusContext;
- char *url_copy = NULL;
- char *name_copy = NULL;
- SECStatus rv;
-
- if (handle == NULL || url == NULL || name == NULL) {
- /*
- * XXX When interface is exported, probably want better errors;
- * perhaps different one for each parameter.
- */
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /*
- * Find the certificate for the specified nickname. Do this first
- * because it seems the most likely to fail.
- *
- * XXX Shouldn't need that cast if the FindCertByNickname interface
- * used const to convey that it does not modify the name. Maybe someday.
- */
- cert = CERT_FindCertByNickname(handle, (char *) name);
- if (cert == NULL) {
- /*
- * look for the cert on an external token.
- */
- cert = PK11_FindCertFromNickname((char *)name, NULL);
- }
- if (cert == NULL)
- return SECFailure;
-
- /*
- * Make a copy of the url and nickname.
- */
- url_copy = PORT_Strdup(url);
- name_copy = PORT_Strdup(name);
- if (url_copy == NULL || name_copy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- statusContext = ocsp_GetCheckingContext(handle);
-
- /*
- * Allocate and init the context if it doesn't already exist.
- */
- if (statusContext == NULL) {
- rv = ocsp_InitStatusChecking(handle);
- if (rv != SECSuccess)
- goto loser;
-
- statusContext = ocsp_GetCheckingContext(handle);
- PORT_Assert(statusContext != NULL); /* extreme paranoia */
- }
-
- /*
- * Note -- we do not touch the status context until after all of
- * the steps which could cause errors. If something goes wrong,
- * we want to leave things as they were.
- */
-
- /*
- * Get rid of old url and name if there.
- */
- if (statusContext->defaultResponderNickname != NULL)
- PORT_Free(statusContext->defaultResponderNickname);
- if (statusContext->defaultResponderURI != NULL)
- PORT_Free(statusContext->defaultResponderURI);
-
- /*
- * And replace them with the new ones.
- */
- statusContext->defaultResponderURI = url_copy;
- statusContext->defaultResponderNickname = name_copy;
-
- /*
- * If there was already a cert in place, get rid of it and replace it.
- * Otherwise, we are not currently enabled, so we don't want to save it;
- * it will get re-found and set whenever use of a default responder is
- * enabled.
- */
- if (statusContext->defaultResponderCert != NULL) {
- CERT_DestroyCertificate(statusContext->defaultResponderCert);
- statusContext->defaultResponderCert = cert;
- } else {
- PORT_Assert(statusContext->useDefaultResponder == PR_FALSE);
- CERT_DestroyCertificate(cert);
- }
-
- return SECSuccess;
-
-loser:
- CERT_DestroyCertificate(cert);
- if (url_copy != NULL)
- PORT_Free(url_copy);
- if (name_copy != NULL)
- PORT_Free(name_copy);
- return rv;
-}
-
-
-/*
- * FUNCTION: CERT_EnableOCSPDefaultResponder
- * Turns on use of a default responder when OCSP checking.
- * If OCSP checking is already enabled, this will make subsequent checks
- * go directly to the default responder. (The location of the responder
- * and the nickname of the responder cert must already be specified.)
- * If OCSP checking is not enabled, this will be recorded and take effect
- * whenever it is enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should use the default responder.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * No errors are especially likely unless the caller did not previously
- * perform a successful call to SetOCSPDefaultResponder (in which case
- * the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
- */
-SECStatus
-CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle)
-{
- ocspCheckingContext *statusContext;
- CERTCertificate *cert;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- statusContext = ocsp_GetCheckingContext(handle);
-
- if (statusContext == NULL) {
- /*
- * Strictly speaking, the error already set is "correct",
- * but cover over it with one more helpful in this context.
- */
- PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
- return SECFailure;
- }
-
- if (statusContext->defaultResponderURI == NULL) {
- PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
- return SECFailure;
- }
-
- if (statusContext->defaultResponderNickname == NULL) {
- PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
- return SECFailure;
- }
-
- /*
- * Find the cert for the nickname.
- */
- cert = CERT_FindCertByNickname(handle,
- statusContext->defaultResponderNickname);
- if (cert == NULL) {
- cert = PK11_FindCertFromNickname(statusContext->defaultResponderNickname,
- NULL);
- }
- /*
- * We should never have trouble finding the cert, because its
- * existence should have been proven by SetOCSPDefaultResponder.
- */
- PORT_Assert(cert != NULL);
- if (cert == NULL)
- return SECFailure;
-
- /*
- * And hang onto it.
- */
- statusContext->defaultResponderCert = cert;
-
- /*
- * Finally, record the fact that we now have a default responder enabled.
- */
- statusContext->useDefaultResponder = PR_TRUE;
- return SECSuccess;
-}
-
-
-/*
- * FUNCTION: CERT_DisableOCSPDefaultResponder
- * Turns off use of a default responder when OCSP checking.
- * (Does nothing if use of a default responder is not enabled.)
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should stop using a default
- * responder.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * Errors very unlikely (like random memory corruption...).
- */
-SECStatus
-CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle)
-{
- CERTStatusConfig *statusConfig;
- ocspCheckingContext *statusContext;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- statusConfig = CERT_GetStatusConfig(handle);
- if (statusConfig == NULL)
- return SECSuccess;
-
- statusContext = ocsp_GetCheckingContext(handle);
- PORT_Assert(statusContext != NULL);
- if (statusContext == NULL)
- return SECFailure;
-
- if (statusContext->defaultResponderCert != NULL) {
- CERT_DestroyCertificate(statusContext->defaultResponderCert);
- statusContext->defaultResponderCert = NULL;
- }
-
- /*
- * Finally, record the fact.
- */
- statusContext->useDefaultResponder = PR_FALSE;
- return SECSuccess;
-}
-static const SECHashObject *
-OidTagToDigestObject(SECOidTag digestAlg)
-{
- const SECHashObject *rawDigestObject;
-
- switch (digestAlg) {
- case SEC_OID_MD2:
- rawDigestObject = &SECHashObjects[HASH_AlgMD2];
- break;
- case SEC_OID_MD5:
- rawDigestObject = &SECHashObjects[HASH_AlgMD5];
- break;
- case SEC_OID_SHA1:
- rawDigestObject = &SECHashObjects[HASH_AlgSHA1];
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- rawDigestObject = NULL;
- break;
- }
- return(rawDigestObject);
-}
-
-/*
- * Digest the cert's subject public key using the specified algorithm.
- * The necessary storage for the digest data is allocated. If "fill" is
- * non-null, the data is put there, otherwise a SECItem is allocated.
- * Allocation from "arena" if it is non-null, heap otherwise. Any problem
- * results in a NULL being returned (and an appropriate error set).
- */
-SECItem *
-CERT_SPKDigestValueForCert(PRArenaPool *arena, CERTCertificate *cert,
- SECOidTag digestAlg, SECItem *fill)
-{
- const SECHashObject *digestObject;
- void *digestContext;
- SECItem *result = NULL;
- void *mark = NULL;
- SECItem spk;
-
- if ( arena != NULL ) {
- mark = PORT_ArenaMark(arena);
- }
-
- digestObject = OidTagToDigestObject(digestAlg);
- if ( digestObject == NULL ) {
- goto loser;
- }
-
- if ((fill == NULL) || (fill->data == NULL)) {
- result = SECITEM_AllocItem(arena, fill, digestObject->length);
- if ( result == NULL ) {
- goto loser;
- }
- fill = result;
- }
-
- /*
- * Copy just the length and data pointer (nothing needs to be freed)
- * of the subject public key so we can convert the length from bits
- * to bytes, which is what the digest function expects.
- */
- spk = cert->subjectPublicKeyInfo.subjectPublicKey;
- DER_ConvertBitString(&spk);
-
- /*
- * Now digest the value, using the specified algorithm.
- */
- digestContext = digestObject->create();
- if ( digestContext == NULL ) {
- goto loser;
- }
- digestObject->begin(digestContext);
- digestObject->update(digestContext, spk.data, spk.len);
- digestObject->end(digestContext, fill->data, &(fill->len), fill->len);
- digestObject->destroy(digestContext, PR_TRUE);
-
- if ( arena != NULL ) {
- PORT_ArenaUnmark(arena, mark);
- }
- return(fill);
-
-loser:
- if ( arena != NULL ) {
- PORT_ArenaRelease(arena, mark);
- } else {
- if ( result != NULL ) {
- SECITEM_FreeItem(result, (fill == NULL) ? PR_TRUE : PR_FALSE);
- }
- }
- return(NULL);
-}
-
-
diff --git a/security/nss/lib/certhigh/ocsp.h b/security/nss/lib/certhigh/ocsp.h
deleted file mode 100644
index e4bd7dbdd..000000000
--- a/security/nss/lib/certhigh/ocsp.h
+++ /dev/null
@@ -1,455 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Interface to the OCSP implementation.
- *
- * $Id$
- */
-
-#ifndef _OCSP_H_
-#define _OCSP_H_
-
-
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "keyt.h"
-#include "certt.h"
-#include "ocspt.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * FUNCTION: CERT_EnableOCSPChecking
- * Turns on OCSP checking for the given certificate database.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Certificate database for which OCSP checking will be enabled.
- * RETURN:
- * Returns SECFailure if an error occurred (likely only problem
- * allocating memory); SECSuccess otherwise.
- */
-extern SECStatus
-CERT_EnableOCSPChecking(CERTCertDBHandle *handle);
-
-/*
- * FUNCTION: CERT_DisableOCSPChecking
- * Turns off OCSP checking for the given certificate database.
- * This routine disables OCSP checking. Though it will return
- * SECFailure if OCSP checking is not enabled, it is "safe" to
- * call it that way and just ignore the return value, if it is
- * easier to just call it than to "remember" whether it is enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Certificate database for which OCSP checking will be disabled.
- * RETURN:
- * Returns SECFailure if an error occurred (usually means that OCSP
- * checking was not enabled or status contexts were not initialized --
- * error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
- */
-extern SECStatus
-CERT_DisableOCSPChecking(CERTCertDBHandle *handle);
-
-/*
- * FUNCTION: CERT_SetOCSPDefaultResponder
- * Specify the location and cert of the default responder.
- * If OCSP checking is already enabled *and* use of a default responder
- * is also already enabled, all OCSP checking from now on will go directly
- * to the specified responder. If OCSP checking is not enabled, or if
- * it is but use of a default responder is not enabled, the information
- * will be recorded and take effect whenever both are enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should use the default responder.
- * char *url
- * The location of the default responder (e.g. "http://foo.com:80/ocsp")
- * Note that the location will not be tested until the first attempt
- * to send a request there.
- * char *name
- * The nickname of the cert to trust (expected) to sign the OCSP responses.
- * If the corresponding cert cannot be found, SECFailure is returned.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * The most likely error is that the cert for "name" could not be found
- * (probably SEC_ERROR_UNKNOWN_CERT). Other errors are low-level (no memory,
- * bad database, etc.).
- */
-extern SECStatus
-CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
- const char *url, const char *name);
-
-/*
- * FUNCTION: CERT_EnableOCSPDefaultResponder
- * Turns on use of a default responder when OCSP checking.
- * If OCSP checking is already enabled, this will make subsequent checks
- * go directly to the default responder. (The location of the responder
- * and the nickname of the responder cert must already be specified.)
- * If OCSP checking is not enabled, this will be recorded and take effect
- * whenever it is enabled.
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should use the default responder.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * No errors are especially likely unless the caller did not previously
- * perform a successful call to SetOCSPDefaultResponder (in which case
- * the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
- */
-extern SECStatus
-CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle);
-
-/*
- * FUNCTION: CERT_DisableOCSPDefaultResponder
- * Turns off use of a default responder when OCSP checking.
- * (Does nothing if use of a default responder is not enabled.)
- * INPUTS:
- * CERTCertDBHandle *handle
- * Cert database on which OCSP checking should stop using a default
- * responder.
- * RETURN:
- * Returns SECFailure if an error occurred; SECSuccess otherwise.
- * Errors very unlikely (like random memory corruption...).
- */
-extern SECStatus
-CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle);
-
-/*
- * -------------------------------------------------------
- * The Functions above are those expected to be used by a client
- * providing OCSP status checking along with every cert verification.
- * The functions below are for OCSP testing, debugging, or clients
- * or servers performing more specialized OCSP tasks.
- * -------------------------------------------------------
- */
-
-/*
- * FUNCTION: CERT_CreateOCSPRequest
- * Creates a CERTOCSPRequest, requesting the status of the certs in
- * the given list.
- * INPUTS:
- * CERTCertList *certList
- * A list of certs for which status will be requested.
- * Note that all of these certificates should have the same issuer,
- * or it's expected the response will be signed by a trusted responder.
- * If the certs need to be broken up into multiple requests, that
- * must be handled by the caller (and thus by having multiple calls
- * to this routine), who knows about where the request(s) are being
- * sent and whether there are any trusted responders in place.
- * int64 time
- * Indicates the time for which the certificate status is to be
- * determined -- this may be used in the search for the cert's issuer
- * but has no effect on the request itself.
- * PRBool addServiceLocator
- * If true, the Service Locator extension should be added to the
- * single request(s) for each cert.
- * CERTCertificate *signerCert
- * If non-NULL, means sign the request using this cert. Otherwise,
- * do not sign.
- * XXX note that request signing is not yet supported; see comment in code
- * RETURN:
- * A pointer to a CERTOCSPRequest structure containing an OCSP request
- * for the cert list. On error, null is returned, with an error set
- * indicating the reason. This is likely SEC_ERROR_UNKNOWN_ISSUER.
- * (The issuer is needed to create a request for the certificate.)
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-extern CERTOCSPRequest *
-CERT_CreateOCSPRequest(CERTCertList *certList, int64 time,
- PRBool addServiceLocator,
- CERTCertificate *signerCert);
-
-/*
- * FUNCTION: CERT_AddOCSPAcceptableResponses
- * Add the AcceptableResponses extension to an OCSP Request.
- * INPUTS:
- * CERTOCSPRequest *request
- * The request to which the extension should be added.
- * ...
- * A list (of one or more) of SECOidTag -- each of the response types
- * to be added. The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
- * (This marks the end of the list, and it must be specified because a
- * client conforming to the OCSP standard is required to handle the basic
- * response type.) The OIDs are not checked in any way.
- * RETURN:
- * SECSuccess if the extension is added; SECFailure if anything goes wrong.
- * All errors are internal or low-level problems (e.g. no memory).
- */
-extern SECStatus
-CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request, ...);
-
-/*
- * FUNCTION: CERT_EncodeOCSPRequest
- * DER encodes an OCSP Request, possibly adding a signature as well.
- * XXX Signing is not yet supported, however; see comments in code.
- * INPUTS:
- * PRArenaPool *arena
- * The return value is allocated from here.
- * If a NULL is passed in, allocation is done from the heap instead.
- * CERTOCSPRequest *request
- * The request to be encoded.
- * void *pwArg
- * Pointer to argument for password prompting, if needed. (Definitely
- * not needed if not signing.)
- * RETURN:
- * Returns a NULL on error and a pointer to the SECItem with the
- * encoded value otherwise. Any error is likely to be low-level
- * (e.g. no memory).
- */
-extern SECItem *
-CERT_EncodeOCSPRequest(PRArenaPool *arena, CERTOCSPRequest *request,
- void *pwArg);
-
-/*
- * FUNCTION: CERT_DecodeOCSPRequest
- * Decode a DER encoded OCSP Request.
- * INPUTS:
- * SECItem *src
- * Pointer to a SECItem holding DER encoded OCSP Request.
- * RETURN:
- * Returns a pointer to a CERTOCSPRequest containing the decoded request.
- * On error, returns NULL. Most likely error is trouble decoding
- * (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
- */
-extern CERTOCSPRequest *
-CERT_DecodeOCSPRequest(SECItem *src);
-
-/*
- * FUNCTION: CERT_DestroyOCSPRequest
- * Frees an OCSP Request structure.
- * INPUTS:
- * CERTOCSPRequest *request
- * Pointer to CERTOCSPRequest to be freed.
- * RETURN:
- * No return value; no errors.
- */
-extern void
-CERT_DestroyOCSPRequest(CERTOCSPRequest *request);
-
-/*
- * FUNCTION: CERT_DecodeOCSPResponse
- * Decode a DER encoded OCSP Response.
- * INPUTS:
- * SECItem *src
- * Pointer to a SECItem holding DER encoded OCSP Response.
- * RETURN:
- * Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
- * the caller is responsible for destroying it. Or NULL if error (either
- * response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
- * it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
- * or a low-level or internal error occurred).
- */
-extern CERTOCSPResponse *
-CERT_DecodeOCSPResponse(SECItem *src);
-
-/*
- * FUNCTION: CERT_DestroyOCSPResponse
- * Frees an OCSP Response structure.
- * INPUTS:
- * CERTOCSPResponse *request
- * Pointer to CERTOCSPResponse to be freed.
- * RETURN:
- * No return value; no errors.
- */
-extern void
-CERT_DestroyOCSPResponse(CERTOCSPResponse *response);
-
-/*
- * FUNCTION: CERT_GetEncodedOCSPResponse
- * Creates and sends a request to an OCSP responder, then reads and
- * returns the (encoded) response.
- * INPUTS:
- * PRArenaPool *arena
- * Pointer to arena from which return value will be allocated.
- * If NULL, result will be allocated from the heap (and thus should
- * be freed via SECITEM_FreeItem).
- * CERTCertList *certList
- * A list of certs for which status will be requested.
- * Note that all of these certificates should have the same issuer,
- * or it's expected the response will be signed by a trusted responder.
- * If the certs need to be broken up into multiple requests, that
- * must be handled by the caller (and thus by having multiple calls
- * to this routine), who knows about where the request(s) are being
- * sent and whether there are any trusted responders in place.
- * char *location
- * The location of the OCSP responder (a URL).
- * int64 time
- * Indicates the time for which the certificate status is to be
- * determined -- this may be used in the search for the cert's issuer
- * but has no other bearing on the operation.
- * PRBool addServiceLocator
- * If true, the Service Locator extension should be added to the
- * single request(s) for each cert.
- * CERTCertificate *signerCert
- * If non-NULL, means sign the request using this cert. Otherwise,
- * do not sign.
- * void *pwArg
- * Pointer to argument for password prompting, if needed. (Definitely
- * not needed if not signing.)
- * OUTPUTS:
- * CERTOCSPRequest **pRequest
- * Pointer in which to store the OCSP request created for the given
- * list of certificates. It is only filled in if the entire operation
- * is successful and the pointer is not null -- and in that case the
- * caller is then reponsible for destroying it.
- * RETURN:
- * Returns a pointer to the SECItem holding the response.
- * On error, returns null with error set describing the reason:
- * SEC_ERROR_UNKNOWN_ISSUER
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- * Other errors are low-level problems (no memory, bad database, etc.).
- */
-extern SECItem *
-CERT_GetEncodedOCSPResponse(PRArenaPool *arena, CERTCertList *certList,
- char *location, int64 time,
- PRBool addServiceLocator,
- CERTCertificate *signerCert, void *pwArg,
- CERTOCSPRequest **pRequest);
-
-/*
- * FUNCTION: CERT_VerifyOCSPResponseSignature
- * Check the signature on an OCSP Response. Will also perform a
- * verification of the signer's certificate. Note, however, that a
- * successful verification does not make any statement about the
- * signer's *authority* to provide status for the certificate(s),
- * that must be checked individually for each certificate.
- * INPUTS:
- * CERTOCSPResponse *response
- * Pointer to response structure with signature to be checked.
- * CERTCertDBHandle *handle
- * Pointer to CERTCertDBHandle for certificate DB to use for verification.
- * void *pwArg
- * Pointer to argument for password prompting, if needed.
- * CERTCertificate *issuerCert
- * Issuer of the certificate that generated the OCSP request.
- * OUTPUTS:
- * CERTCertificate **pSignerCert
- * Pointer in which to store signer's certificate; only filled-in if
- * non-null.
- * RETURN:
- * Returns SECSuccess when signature is valid, anything else means invalid.
- * Possible errors set:
- * SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
- * SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
- * SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
- * SEC_ERROR_BAD_SIGNATURE - the signature did not verify
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (no memory, etc.)
- */
-extern SECStatus
-CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
- CERTCertDBHandle *handle, void *pwArg,
- CERTCertificate **pSignerCert,
- CERTCertificate *issuerCert);
-
-/*
- * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
- * Get the value of the URI of the OCSP responder for the given cert.
- * This is found in the (optional) Authority Information Access extension
- * in the cert.
- * INPUTS:
- * CERTCertificate *cert
- * The certificate being examined.
- * RETURN:
- * char *
- * A copy of the URI for the OCSP method, if found. If either the
- * extension is not present or it does not contain an entry for OCSP,
- * SEC_ERROR_EXTENSION_NOT_FOUND will be set and a NULL returned.
- * Any other error will also result in a NULL being returned.
- *
- * This result should be freed (via PORT_Free) when no longer in use.
- */
-extern char *
-CERT_GetOCSPAuthorityInfoAccessLocation(CERTCertificate *cert);
-
-/*
- * FUNCTION: CERT_CheckOCSPStatus
- * Checks the status of a certificate via OCSP. Will only check status for
- * a certificate that has an AIA (Authority Information Access) extension
- * for OCSP *or* when a "default responder" is specified and enabled.
- * (If no AIA extension for OCSP and no default responder in place, the
- * cert is considered to have a good status and SECSuccess is returned.)
- * INPUTS:
- * CERTCertDBHandle *handle
- * certificate DB of the cert that is being checked
- * CERTCertificate *cert
- * the certificate being checked
- * XXX in the long term also need a boolean parameter that specifies
- * whether to check the cert chain, as well; for now we check only
- * the leaf (the specified certificate)
- * int64 time
- * time for which status is to be determined
- * void *pwArg
- * argument for password prompting, if needed
- * RETURN:
- * Returns SECSuccess if an approved OCSP responder "knows" the cert
- * *and* returns a non-revoked status for it; SECFailure otherwise,
- * with an error set describing the reason:
- *
- * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
- * SEC_ERROR_OCSP_FUTURE_RESPONSE
- * SEC_ERROR_OCSP_MALFORMED_REQUEST
- * SEC_ERROR_OCSP_MALFORMED_RESPONSE
- * SEC_ERROR_OCSP_OLD_RESPONSE
- * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
- * SEC_ERROR_OCSP_SERVER_ERROR
- * SEC_ERROR_OCSP_TRY_SERVER_LATER
- * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
- * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
- * SEC_ERROR_OCSP_UNKNOWN_CERT
- * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
- * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
- *
- * SEC_ERROR_BAD_SIGNATURE
- * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
- * SEC_ERROR_INVALID_TIME
- * SEC_ERROR_REVOKED_CERTIFICATE
- * SEC_ERROR_UNKNOWN_ISSUER
- * SEC_ERROR_UNKNOWN_SIGNER
- *
- * Other errors are any of the many possible failures in cert verification
- * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
- * verifying the signer's cert, or low-level problems (error allocating
- * memory, error performing ASN.1 decoding, etc.).
- */
-extern SECStatus
-CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
- int64 time, void *pwArg);
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _OCSP_H_ */
diff --git a/security/nss/lib/certhigh/ocspt.h b/security/nss/lib/certhigh/ocspt.h
deleted file mode 100644
index 3f1563855..000000000
--- a/security/nss/lib/certhigh/ocspt.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Public header for exported OCSP types.
- *
- * $Id$
- */
-
-#ifndef _OCSPT_H_
-#define _OCSPT_H_
-
-/*
- * The following are all opaque types. If someone needs to get at
- * a field within, then we need to fix the API. Try very hard not
- * make the type available to them.
- */
-typedef struct CERTOCSPRequestStr CERTOCSPRequest;
-typedef struct CERTOCSPResponseStr CERTOCSPResponse;
-
-/*
- * XXX I think only those first two above should need to be exported,
- * but until I know for certain I am leaving the rest of these here, too.
- */
-typedef struct CERTOCSPCertIDStr CERTOCSPCertID;
-typedef struct CERTOCSPCertStatusStr CERTOCSPCertStatus;
-typedef struct CERTOCSPSingleResponseStr CERTOCSPSingleResponse;
-
-#endif /* _OCSPT_H_ */
diff --git a/security/nss/lib/certhigh/ocspti.h b/security/nss/lib/certhigh/ocspti.h
deleted file mode 100644
index 9c739bef4..000000000
--- a/security/nss/lib/certhigh/ocspti.h
+++ /dev/null
@@ -1,404 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Private header defining OCSP types.
- *
- * $Id$
- */
-
-#ifndef _OCSPTI_H_
-#define _OCSPTI_H_
-
-#include "ocspt.h"
-
-#include "certt.h"
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-
-
-/*
- * Some notes about naming conventions...
- *
- * The public data types all start with "CERTOCSP" (e.g. CERTOCSPRequest).
- * (Even the public types are opaque, however. Only their names are
- * "exported".)
- *
- * Internal-only data types drop the "CERT" prefix and use only the
- * lower-case "ocsp" (e.g. ocspTBSRequest), for brevity sake.
- *
- * In either case, the base/suffix of the type name usually matches the
- * name as defined in the OCSP specification. The exceptions to this are:
- * - When there is overlap between the "OCSP" or "ocsp" prefix and
- * the name used in the standard. That is, you cannot strip off the
- * "CERTOCSP" or "ocsp" prefix and necessarily get the name of the
- * type as it is defined in the standard; the "real" name will be
- * *either* "OCSPSuffix" or just "Suffix".
- * - When the name in the standard was a little too generic. (e.g. The
- * standard defines "Request" but we call it a "SingleRequest".)
- * In this case a comment above the type definition calls attention
- * to the difference.
- *
- * The definitions laid out in this header file are intended to follow
- * the same order as the definitions in the OCSP specification itself.
- * With the OCSP standard in hand, you should be able to move through
- * this file and follow along. To future modifiers of this file: please
- * try to keep it that way. The only exceptions are the few cases where
- * we need to define a type before it is referenced (e.g. enumerations),
- * whereas in the OCSP specification these are usually defined the other
- * way around (reference before definition).
- */
-
-
-/*
- * Forward-declarations of internal-only data structures.
- *
- * These are in alphabetical order (case-insensitive); please keep it that way!
- */
-typedef struct ocspBasicOCSPResponseStr ocspBasicOCSPResponse;
-typedef struct ocspCertStatusStr ocspCertStatus;
-typedef struct ocspResponderIDStr ocspResponderID;
-typedef struct ocspResponseBytesStr ocspResponseBytes;
-typedef struct ocspResponseDataStr ocspResponseData;
-typedef struct ocspRevokedInfoStr ocspRevokedInfo;
-typedef struct ocspServiceLocatorStr ocspServiceLocator;
-typedef struct ocspSignatureStr ocspSignature;
-typedef struct ocspSingleRequestStr ocspSingleRequest;
-typedef struct ocspSingleResponseStr ocspSingleResponse;
-typedef struct ocspTBSRequestStr ocspTBSRequest;
-
-
-/*
- * An OCSPRequest; this is what is sent (encoded) to an OCSP responder.
- */
-struct CERTOCSPRequestStr {
- PRArenaPool *arena; /* local; not part of encoding */
- ocspTBSRequest *tbsRequest;
- ocspSignature *optionalSignature;
-};
-
-/*
- * A TBSRequest; when an OCSPRequest is signed, the encoding of this
- * is what the signature is actually applied to. ("TBS" == To Be Signed)
- * Whether signed or not, however, this structure will be present, and
- * is the "meat" of the OCSPRequest.
- *
- * Note that the "requestorName" field cannot be encoded/decoded in the
- * same pass as the entire request -- it needs to be handled with a special
- * call to convert to/from our internal form of a GeneralName. Thus the
- * "derRequestorName" field, which is the actual DER-encoded bytes.
- *
- * The "extensionHandle" field is used on creation only; it holds
- * in-progress extensions as they are optionally added to the request.
- */
-struct ocspTBSRequestStr {
- SECItem version; /* an INTEGER */
- SECItem *derRequestorName; /* encoded GeneralName; see above */
- CERTGeneralNameList *requestorName; /* local; not part of encoding */
- ocspSingleRequest **requestList;
- CERTCertExtension **requestExtensions;
- void *extensionHandle; /* local; not part of encoding */
-};
-
-/*
- * This is the actual signature information for an OCSPRequest (applied to
- * the TBSRequest structure) or for a BasicOCSPResponse (applied to a
- * ResponseData structure).
- *
- * Note that the "signature" field itself is a BIT STRING; operations on
- * it need to keep that in mind, converting the length to bytes as needed
- * and back again afterward (so that the length is usually expressing bits).
- *
- * The "cert" field is the signer's certificate. In the case of a received
- * signature, it will be filled in when the signature is verified. In the
- * case of a created signature, it is filled in on creation and will be the
- * cert used to create the signature when the signing-and-encoding occurs,
- * as well as the cert (and its chain) to fill in derCerts if requested.
- *
- * The extra fields cache information about the signature after we have
- * attempted a verification. "wasChecked", if true, means the signature
- * has been checked against the appropriate data and thus that "status"
- * contains the result of that verification. If "status" is not SECSuccess,
- * "failureReason" is a copy of the error code that was set at the time;
- * presumably it tells why the signature verification failed.
- */
-struct ocspSignatureStr {
- SECAlgorithmID signatureAlgorithm;
- SECItem signature; /* a BIT STRING */
- SECItem **derCerts; /* a SEQUENCE OF Certificate */
- CERTCertificate *cert; /* local; not part of encoding */
- PRBool wasChecked; /* local; not part of encoding */
- SECStatus status; /* local; not part of encoding */
- int failureReason; /* local; not part of encoding */
-};
-
-/*
- * An OCSPRequest contains a SEQUENCE OF these, one for each certificate
- * whose status is being checked.
- *
- * Note that in the OCSP specification this is just called "Request",
- * but since that seemed confusing (vs. an OCSPRequest) and to be more
- * consistent with the parallel type "SingleResponse", I called it a
- * "SingleRequest".
- *
- * XXX figure out how to get rid of that arena -- there must be a way
- */
-struct ocspSingleRequestStr {
- PRArenaPool *arena; /* just a copy of the response arena,
- * needed here for extension handling
- * routines, on creation only */
- CERTOCSPCertID *reqCert;
- CERTCertExtension **singleRequestExtensions;
-};
-
-/*
- * A CertID is the means of identifying a certificate, used both in requests
- * and in responses.
- *
- * When in a SingleRequest it specifies the certificate to be checked.
- * When in a SingleResponse it is the cert whose status is being given.
- */
-struct CERTOCSPCertIDStr {
- SECAlgorithmID hashAlgorithm;
- SECItem issuerNameHash; /* an OCTET STRING */
- SECItem issuerKeyHash; /* an OCTET STRING */
- SECItem serialNumber; /* an INTEGER */
- SECItem issuerSHA1NameHash; /* keep other hashes around when */
- SECItem issuerMD5NameHash; /* we have them */
- SECItem issuerMD2NameHash;
- SECItem issuerSHA1KeyHash; /* keep other hashes around when */
- SECItem issuerMD5KeyHash; /* we have them */
- SECItem issuerMD2KeyHash;
-};
-
-/*
- * This describes the value of the responseStatus field in an OCSPResponse.
- * The corresponding ASN.1 definition is:
- *
- * OCSPResponseStatus ::= ENUMERATED {
- * successful (0), --Response has valid confirmations
- * malformedRequest (1), --Illegal confirmation request
- * internalError (2), --Internal error in issuer
- * tryLater (3), --Try again later
- * --(4) is not used
- * sigRequired (5), --Must sign the request
- * unauthorized (6), --Request unauthorized
- * }
- */
-typedef enum {
- ocspResponse_successful = 0,
- ocspResponse_malformedRequest = 1,
- ocspResponse_internalError = 2,
- ocspResponse_tryLater = 3,
- ocspResponse_unused = 4,
- ocspResponse_sigRequired = 5,
- ocspResponse_unauthorized = 6,
- ocspResponse_other /* unknown/unrecognized value */
-} ocspResponseStatus;
-
-/*
- * An OCSPResponse is what is sent (encoded) by an OCSP responder.
- *
- * The field "responseStatus" is the ASN.1 encoded value; the field
- * "statusValue" is simply that same value translated into our local
- * type ocspResponseStatus.
- */
-struct CERTOCSPResponseStr {
- PRArenaPool *arena; /* local; not part of encoding */
- SECItem responseStatus; /* an ENUMERATED, see above */
- ocspResponseStatus statusValue; /* local; not part of encoding */
- ocspResponseBytes *responseBytes; /* only when status is successful */
-};
-
-/*
- * A ResponseBytes (despite appearances) is what contains the meat
- * of a successful response -- but still in encoded form. The type
- * given as "responseType" tells you how to decode the string.
- *
- * We look at the OID and translate it into our local OID representation
- * "responseTypeTag", and use that value to tell us how to decode the
- * actual response itself. For now the only kind of OCSP response we
- * know about is a BasicOCSPResponse. However, the intention in the
- * OCSP specification is to allow for other response types, so we are
- * building in that flexibility from the start and thus put a pointer
- * to that data structure inside of a union. Whenever OCSP adds more
- * response types, just add them to the union.
- */
-struct ocspResponseBytesStr {
- SECItem responseType; /* an OBJECT IDENTIFIER */
- SECOidTag responseTypeTag; /* local; not part of encoding */
- SECItem response; /* an OCTET STRING */
- union {
- ocspBasicOCSPResponse *basic; /* when type is id-pkix-ocsp-basic */
- } decodedResponse; /* local; not part of encoding */
-};
-
-/*
- * A BasicOCSPResponse -- when the responseType in a ResponseBytes is
- * id-pkix-ocsp-basic, the "response" OCTET STRING above is the DER
- * encoding of one of these.
- *
- * Note that in the OCSP specification, the signature fields are not
- * part of a separate sub-structure. But since they are the same fields
- * as we define for the signature in a request, it made sense to share
- * the C data structure here and in some shared code to operate on them.
- */
-struct ocspBasicOCSPResponseStr {
- ocspResponseData *tbsResponseData; /* "tbs" == To Be Signed */
- ocspSignature responseSignature;
-};
-
-/*
- * A ResponseData is the part of a BasicOCSPResponse that is signed
- * (after it is DER encoded). It contains the real details of the response
- * (a per-certificate status).
- */
-struct ocspResponseDataStr {
- SECItem version; /* an INTEGER */
- SECItem derResponderID;
- ocspResponderID *responderID; /* local; not part of encoding */
- SECItem producedAt; /* a GeneralizedTime */
- CERTOCSPSingleResponse **responses;
- CERTCertExtension **responseExtensions;
-};
-
-/*
- * A ResponderID identifies the responder -- or more correctly, the
- * signer of the response. The ASN.1 definition of a ResponderID is:
- *
- * ResponderID ::= CHOICE {
- * byName [1] EXPLICIT Name,
- * byKey [2] EXPLICIT KeyHash }
- *
- * Because it is CHOICE, the type of identification used and the
- * identification itself are actually encoded together. To represent
- * this same information internally, we explicitly define a type and
- * save it, along with the value, into a data structure.
- */
-
-typedef enum {
- ocspResponderID_byName,
- ocspResponderID_byKey,
- ocspResponderID_other /* unknown kind of responderID */
-} ocspResponderIDType;
-
-struct ocspResponderIDStr {
- ocspResponderIDType responderIDType;/* local; not part of encoding */
- union {
- CERTName name; /* when ocspResponderID_byName */
- SECItem keyHash; /* when ocspResponderID_byKey */
- SECItem other; /* when ocspResponderID_other */
- } responderIDValue;
-};
-
-/*
- * The ResponseData in a BasicOCSPResponse contains a SEQUENCE OF
- * SingleResponse -- one for each certificate whose status is being supplied.
- *
- * XXX figure out how to get rid of that arena -- there must be a way
- */
-struct CERTOCSPSingleResponseStr {
- PRArenaPool *arena; /* just a copy of the response arena,
- * needed here for extension handling
- * routines, on creation only */
- CERTOCSPCertID *certID;
- SECItem derCertStatus;
- ocspCertStatus *certStatus; /* local; not part of encoding */
- SECItem thisUpdate; /* a GeneralizedTime */
- SECItem *nextUpdate; /* a GeneralizedTime */
- CERTCertExtension **singleExtensions;
-};
-
-/*
- * A CertStatus is the actual per-certificate status. Its ASN.1 definition:
- *
- * CertStatus ::= CHOICE {
- * good [0] IMPLICIT NULL,
- * revoked [1] IMPLICIT RevokedInfo,
- * unknown [2] IMPLICIT UnknownInfo }
- *
- * (where for now UnknownInfo is defined to be NULL but in the
- * future may be replaced with an enumeration).
- *
- * Because it is CHOICE, the status value and its associated information
- * (if any) are actually encoded together. To represent this same
- * information internally, we explicitly define a type and save it,
- * along with the value, into a data structure.
- */
-
-typedef enum {
- ocspCertStatus_good, /* cert is not revoked */
- ocspCertStatus_revoked, /* cert is revoked */
- ocspCertStatus_unknown, /* cert was unknown to the responder */
- ocspCertStatus_other /* status was not an expected value */
-} ocspCertStatusType;
-
-/*
- * This is the actual per-certificate status.
- *
- * The "goodInfo" and "unknownInfo" items are only place-holders for a NULL.
- * (Though someday OCSP may replace UnknownInfo with an enumeration that
- * gives more detailed information.)
- */
-struct ocspCertStatusStr {
- ocspCertStatusType certStatusType; /* local; not part of encoding */
- union {
- SECItem *goodInfo; /* when ocspCertStatus_good */
- ocspRevokedInfo *revokedInfo; /* when ocspCertStatus_revoked */
- SECItem *unknownInfo; /* when ocspCertStatus_unknown */
- SECItem *otherInfo; /* when ocspCertStatus_other */
- } certStatusInfo;
-};
-
-/*
- * A RevokedInfo gives information about a revoked certificate -- when it
- * was revoked and why.
- */
-struct ocspRevokedInfoStr {
- SECItem revocationTime; /* a GeneralizedTime */
- SECItem *revocationReason; /* a CRLReason; ignored for now */
-};
-
-/*
- * ServiceLocator can be included as one of the singleRequestExtensions.
- * When added, it specifies the (name of the) issuer of the cert being
- * checked, and optionally the value of the AuthorityInfoAccess extension
- * if the cert has one.
- */
-struct ocspServiceLocatorStr {
- CERTName *issuer;
- SECItem locator; /* DER encoded authInfoAccess extension from cert */
-};
-
-#endif /* _OCSPTI_H_ */
diff --git a/security/nss/lib/certhigh/xcrldist.c b/security/nss/lib/certhigh/xcrldist.c
deleted file mode 100644
index d560cfd23..000000000
--- a/security/nss/lib/certhigh/xcrldist.c
+++ /dev/null
@@ -1,222 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Code for dealing with x.509 v3 CRL Distribution Point extension.
- */
-#include "genname.h"
-#include "certt.h"
-#include "secerr.h"
-
-extern void PrepareBitStringForEncoding (SECItem *bitMap, SECItem *value);
-
-static const SEC_ASN1Template FullNameTemplate[] = {
- {SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
- offsetof (CRLDistributionPoint,derFullName), CERT_GeneralNamesTemplate}
-};
-
-static const SEC_ASN1Template RelativeNameTemplate[] = {
- {SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 1,
- offsetof (CRLDistributionPoint,distPoint.relativeName), CERT_RDNTemplate}
-};
-
-static const SEC_ASN1Template CRLDistributionPointTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRLDistributionPoint) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | 0,
- offsetof(CRLDistributionPoint,derDistPoint), SEC_AnyTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CRLDistributionPoint,bitsmap), SEC_BitStringTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_CONSTRUCTED | 2,
- offsetof(CRLDistributionPoint, derCrlIssuer), CERT_GeneralNamesTemplate},
- { 0 }
-};
-
-const SEC_ASN1Template CERTCRLDistributionPointsTemplate[] = {
- {SEC_ASN1_SEQUENCE_OF, 0, CRLDistributionPointTemplate}
-};
-
-SECStatus
-CERT_EncodeCRLDistributionPoints (PRArenaPool *arena, CERTCrlDistributionPoints *value,
- SECItem *derValue)
-{
- CRLDistributionPoint **pointList, *point;
- PRArenaPool *ourPool = NULL;
- SECStatus rv = SECSuccess;
-
- PORT_Assert (derValue);
- PORT_Assert (value && value->distPoints);
-
- do {
- ourPool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (ourPool == NULL) {
- rv = SECFailure;
- break;
- }
-
- pointList = value->distPoints;
- while (*pointList) {
- point = *pointList;
- point->derFullName = NULL;
- point->derDistPoint.data = NULL;
-
- if (point->distPointType == generalName) {
- point->derFullName = cert_EncodeGeneralNames
- (ourPool, point->distPoint.fullName);
-
- if (point->derFullName) {
- rv = (SEC_ASN1EncodeItem (ourPool, &point->derDistPoint,
- point, FullNameTemplate) == NULL) ? SECFailure : SECSuccess;
- } else {
- rv = SECFailure;
- }
- }
- else if (point->distPointType == relativeDistinguishedName) {
- if (SEC_ASN1EncodeItem
- (ourPool, &point->derDistPoint,
- point, RelativeNameTemplate) == NULL)
- rv = SECFailure;
- }
- /* distributionPointName is omitted */
- else if (point->distPointType != 0) {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- rv = SECFailure;
- }
- if (rv != SECSuccess)
- break;
-
- if (point->reasons.data)
- PrepareBitStringForEncoding (&point->bitsmap, &point->reasons);
-
- if (point->crlIssuer) {
- point->derCrlIssuer = cert_EncodeGeneralNames
- (ourPool, point->crlIssuer);
- if (!point->crlIssuer)
- break;
- }
-
- ++pointList;
- }
- if (rv != SECSuccess)
- break;
- if (SEC_ASN1EncodeItem
- (arena, derValue, value, CERTCRLDistributionPointsTemplate) == NULL) {
- rv = SECFailure;
- break;
- }
- } while (0);
- PORT_FreeArena (ourPool, PR_FALSE);
- return (rv);
-}
-
-CERTCrlDistributionPoints *
-CERT_DecodeCRLDistributionPoints (PRArenaPool *arena, SECItem *encodedValue)
-{
- CERTCrlDistributionPoints *value = NULL;
- CRLDistributionPoint **pointList, *point;
- SECStatus rv;
-
- PORT_Assert (arena);
- do {
- value = (CERTCrlDistributionPoints*)PORT_ArenaZAlloc (arena, sizeof (*value));
- if (value == NULL) {
- rv = SECFailure;
- break;
- }
-
- rv = SEC_ASN1DecodeItem
- (arena, &value->distPoints, CERTCRLDistributionPointsTemplate,
- encodedValue);
- if (rv != SECSuccess)
- break;
-
- pointList = value->distPoints;
- while (*pointList) {
- point = *pointList;
-
- /* get the data if the distributionPointName is not omitted */
- if (point->derDistPoint.data != NULL) {
- point->distPointType = (DistributionPointTypes)
- ((point->derDistPoint.data[0] & 0x1f) +1);
- if (point->distPointType == generalName) {
- SECItem innerDER;
-
- innerDER.data = NULL;
- rv = SEC_ASN1DecodeItem
- (arena, point, FullNameTemplate, &(point->derDistPoint));
- if (rv != SECSuccess)
- break;
- point->distPoint.fullName = cert_DecodeGeneralNames
- (arena, point->derFullName);
-
- if (!point->distPoint.fullName)
- break;
- }
- else if ( relativeDistinguishedName) {
- rv = SEC_ASN1DecodeItem
- (arena, point, RelativeNameTemplate, &(point->derDistPoint));
- if (rv != SECSuccess)
- break;
- }
- else {
- PORT_SetError (SEC_ERROR_EXTENSION_VALUE_INVALID);
- break;
- }
- }
-
- /* Get the reason code if it's not omitted in the encoding */
- if (point->bitsmap.data != NULL) {
- point->reasons.data = (unsigned char*) PORT_ArenaAlloc
- (arena, (point->bitsmap.len + 7) >> 3);
- if (!point->reasons.data) {
- rv = SECFailure;
- break;
- }
- PORT_Memcpy (point->reasons.data, point->bitsmap.data,
- point->reasons.len = ((point->bitsmap.len + 7) >> 3));
- }
-
- /* Get the crl issuer name if it's not omitted in the encoding */
- if (point->derCrlIssuer != NULL) {
- point->crlIssuer = cert_DecodeGeneralNames
- (arena, point->derCrlIssuer);
-
- if (!point->crlIssuer)
- break;
- }
- ++pointList;
- }
- } while (0);
- return (rv == SECSuccess ? value : NULL);
-}
diff --git a/security/nss/lib/ckfw/.cvsignore b/security/nss/lib/ckfw/.cvsignore
deleted file mode 100644
index 988228d5a..000000000
--- a/security/nss/lib/ckfw/.cvsignore
+++ /dev/null
@@ -1,4 +0,0 @@
-nssckepv.h
-nssckg.h
-nssckft.h
-nssck.api
diff --git a/security/nss/lib/ckfw/Makefile b/security/nss/lib/ckfw/Makefile
deleted file mode 100644
index 34b225db3..000000000
--- a/security/nss/lib/ckfw/Makefile
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# This'll need some help from a build person.
-
-nssckepv.h: ck.api ckapi.perl
-nssckft.h: ck.api ckapi.perl
-nssckg.h: ck.api ckapi.perl
-nssck.api: ck.api ckapi.perl
- perl ckapi.perl ck.api
-
-export:: private_export
-
diff --git a/security/nss/lib/ckfw/builtins/.cvsignore b/security/nss/lib/ckfw/builtins/.cvsignore
deleted file mode 100644
index ccbbcce86..000000000
--- a/security/nss/lib/ckfw/builtins/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-certdata.c
diff --git a/security/nss/lib/ckfw/builtins/Makefile b/security/nss/lib/ckfw/builtins/Makefile
deleted file mode 100644
index ac3282c4a..000000000
--- a/security/nss/lib/ckfw/builtins/Makefile
+++ /dev/null
@@ -1,97 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-EXTRA_LIBS = \
- $(DIST)/lib/nssckfw.lib \
- $(DIST)/lib/nssb.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4_s.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4_s.lib \
- wsock32.lib \
- winmm.lib \
- $(NULL)
-
-else
-
-ifeq ($(OS_ARCH), OS2)
-PLC_STATIC_LIB = $(DIST)/lib/plc4.$(LIB_SUFFIX)
-PLDS_STATIC_LIB = $(DIST)/lib/plds4.$(LIB_SUFFIX)
-else
-PLC_STATIC_LIB = $(DIST)/lib/libplc4.$(LIB_SUFFIX)
-PLDS_STATIC_LIB = $(DIST)/lib/libplds4.$(LIB_SUFFIX)
-endif
-
-EXTRA_LIBS += \
- $(DIST)/lib/libnssckfw.$(LIB_SUFFIX) \
- $(DIST)/lib/libnssb.$(LIB_SUFFIX) \
- $(PLC_STATIC_LIB) \
- $(PLDS_STATIC_LIB) \
- $(NULL)
-
-endif
-
-
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# Generate certdata.c.
-generate:
- perl certdata.perl < certdata.txt
-
-# This'll need some help from a build person.
-
-
-ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.1)
-DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry
-EXTRA_DSO_LDOPTS = -lc
-MKSHLIB = xlC $(DSO_LDOPTS)
-
-$(SHARED_LIBRARY): $(OBJS)
- @$(MAKE_OBJDIR)
- rm -f $@
- $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
- chmod +x $@
-
-endif
-
-ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.2)
-LD += -G
-endif
-
-
diff --git a/security/nss/lib/ckfw/builtins/anchor.c b/security/nss/lib/ckfw/builtins/anchor.c
deleted file mode 100644
index 12c77a75c..000000000
--- a/security/nss/lib/ckfw/builtins/anchor.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * builtins/anchor.c
- *
- * This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading. See the
- * comments in nssck.api for more information.
- */
-
-#include "builtins.h"
-
-#define MODULE_NAME builtins
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_builtins_mdInstance
-#include "nssck.api"
diff --git a/security/nss/lib/ckfw/builtins/builtins.h b/security/nss/lib/ckfw/builtins/builtins.h
deleted file mode 100644
index 287db360d..000000000
--- a/security/nss/lib/ckfw/builtins/builtins.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char BUILTINS_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "nssckmdt.h"
-#include "nssckfw.h"
-
-/*
- * I'm including this for access to the arena functions.
- * Looks like we should publish that API.
- */
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * This is where the Netscape extensions live, at least for now.
- */
-#ifndef CKT_H
-#include "ckt.h"
-#endif /* CKT_H */
-
-struct builtinsInternalObjectStr {
- CK_ULONG n;
- const CK_ATTRIBUTE_TYPE *types;
- const NSSItem *items;
-};
-typedef struct builtinsInternalObjectStr builtinsInternalObject;
-
-NSS_EXTERN_DATA const builtinsInternalObject nss_builtins_data[];
-NSS_EXTERN_DATA const PRUint32 nss_builtins_nObjects;
-
-NSS_EXTERN_DATA const CK_VERSION nss_builtins_CryptokiVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_ManufacturerID;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_LibraryDescription;
-NSS_EXTERN_DATA const CK_VERSION nss_builtins_LibraryVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_SlotDescription;
-NSS_EXTERN_DATA const CK_VERSION nss_builtins_HardwareVersion;
-NSS_EXTERN_DATA const CK_VERSION nss_builtins_FirmwareVersion;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_TokenLabel;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_TokenModel;
-NSS_EXTERN_DATA const NSSUTF8 * nss_builtins_TokenSerialNumber;
-
-NSS_EXTERN_DATA const NSSCKMDInstance nss_builtins_mdInstance;
-NSS_EXTERN_DATA const NSSCKMDSlot nss_builtins_mdSlot;
-NSS_EXTERN_DATA const NSSCKMDToken nss_builtins_mdToken;
-
-NSS_EXTERN NSSCKMDSession *
-nss_builtins_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDFindObjects *
-nss_builtins_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDObject *
-nss_builtins_CreateMDObject
-(
- NSSArena *arena,
- builtinsInternalObject *io,
- CK_RV *pError
-);
diff --git a/security/nss/lib/ckfw/builtins/certdata.c b/security/nss/lib/ckfw/builtins/certdata.c
deleted file mode 100644
index 0acf7ca9c..000000000
--- a/security/nss/lib/ckfw/builtins/certdata.c
+++ /dev/null
@@ -1,11517 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BUILTINS_H
-#include "builtins.h"
-#endif /* BUILTINS_H */
-
-static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST;
-static const CK_TRUST ckt_netscape_valid = CKT_NETSCAPE_VALID;
-static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
-static const CK_TRUST ckt_netscape_trusted_delegator = CKT_NETSCAPE_TRUSTED_DELEGATOR;
-static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509;
-static const CK_OBJECT_CLASS cko_data = CKO_DATA;
-static const CK_BBOOL ck_false = CK_FALSE;
-static const CK_BBOOL ck_true = CK_TRUE;
-static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE;
-#ifdef DEBUG
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_0 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_APPLICATION, CKA_VALUE
-};
-#endif /* DEBUG */
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_1 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_2 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_3 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_4 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_5 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_6 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_7 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_8 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_9 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_10 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_11 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_12 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_13 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_14 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_15 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_16 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_17 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_18 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_19 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_20 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_21 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_22 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_23 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_24 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_25 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_26 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_27 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_28 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_29 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_30 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_31 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_32 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_33 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_34 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_35 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_36 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_37 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_38 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_39 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_40 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_41 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_42 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_43 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_44 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_45 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_46 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_47 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_48 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_49 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_50 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_51 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_52 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_53 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_54 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_55 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_56 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_57 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_58 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_59 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_60 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_61 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_62 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_63 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_64 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_65 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_66 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_67 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_68 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_69 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_70 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_71 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_72 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_73 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_74 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_75 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_76 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_77 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_78 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_79 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_80 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_81 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_82 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_83 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_84 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_85 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_86 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_87 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_88 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_89 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_90 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_91 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_92 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_93 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_94 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_95 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_96 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_97 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_98 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_99 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_100 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_101 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_102 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_103 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_104 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_105 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_106 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_107 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_108 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_109 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_110 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_111 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_112 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_113 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_114 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_115 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_116 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_117 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_118 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_119 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_120 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_121 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_122 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_123 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_124 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_125 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_126 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_127 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_128 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_129 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_130 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_131 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_132 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_133 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_134 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_135 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_136 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_137 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_138 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_139 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_140 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_141 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_142 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_143 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_144 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_145 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_146 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_147 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_148 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_149 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_150 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_151 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_152 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_153 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_154 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_155 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_156 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_157 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_158 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_159 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_160 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_161 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_162 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_163 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_164 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_165 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_166 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_167 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_168 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_169 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_170 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_171 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_172 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_173 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_174 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_175 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_176 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_177 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_178 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_179 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_CERT_MD5_HASH, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_180 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_181 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_182 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERTIFICATE_TYPE, CKA_SUBJECT, CKA_ID, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_VALUE
-};
-static const CK_ATTRIBUTE_TYPE nss_builtins_types_183 [] = {
- CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, CKA_ISSUER, CKA_SERIAL_NUMBER, CKA_TRUST_SERVER_AUTH, CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_CODE_SIGNING
-};
-#ifdef DEBUG
-static const NSSItem nss_builtins_items_0 [] = {
- { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"CVS ID", (PRUint32)7 },
- { (void *)"NSS", (PRUint32)4 },
- { (void *)"@(#) $RCSfile$ $Revision$ $Date$ $Name$""; @(#) $RCSfile$ $Revision$ $Date$ $Name$", (PRUint32)179 }
-};
-#endif /* DEBUG */
-static const NSSItem nss_builtins_items_1 [] = {
- { (void *)&cko_netscape_builtin_root_list, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Mozilla Builtin Roots", (PRUint32)22 }
-};
-static const NSSItem nss_builtins_items_2 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign/RSA Secure Server CA", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\255\146\176\116\105\376\136\127\157\074\230\031\136\335\300"
-, (PRUint32)16 },
- { (void *)"\060\202\002\064\060\202\001\241\002\020\002\255\146\176\116\105"
-"\376\136\127\157\074\230\031\136\335\300\060\015\006\011\052\206"
-"\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125\004"
-"\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143\165"
-"\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006\003"
-"\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162\166"
-"\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\064"
-"\061\061\060\071\060\060\060\060\060\060\132\027\015\061\060\060"
-"\061\060\067\062\063\065\071\065\071\132\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125"
-"\004\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143"
-"\165\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006"
-"\003\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162"
-"\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\201\233\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\211"
-"\000\060\201\205\002\176\000\222\316\172\301\256\203\076\132\252"
-"\211\203\127\254\045\001\166\014\255\256\216\054\067\316\353\065"
-"\170\144\124\003\345\204\100\121\311\277\217\010\342\212\202\010"
-"\322\026\206\067\125\351\261\041\002\255\166\150\201\232\005\242"
-"\113\311\113\045\146\042\126\154\210\007\217\367\201\131\155\204"
-"\007\145\160\023\161\166\076\233\167\114\343\120\211\126\230\110"
-"\271\035\247\051\032\023\056\112\021\131\234\036\025\325\111\124"
-"\054\163\072\151\202\261\227\071\234\155\160\147\110\345\335\055"
-"\326\310\036\173\002\003\001\000\001\060\015\006\011\052\206\110"
-"\206\367\015\001\001\002\005\000\003\176\000\145\335\176\341\262"
-"\354\260\342\072\340\354\161\106\232\031\021\270\323\307\240\264"
-"\003\100\046\002\076\011\234\341\022\263\321\132\366\067\245\267"
-"\141\003\266\133\026\151\073\306\104\010\014\210\123\014\153\227"
-"\111\307\076\065\334\154\271\273\252\337\134\273\072\057\223\140"
-"\266\251\113\115\362\040\367\315\137\177\144\173\216\334\000\134"
-"\327\372\167\312\071\026\131\157\016\352\323\265\203\177\115\115"
-"\102\126\166\264\311\137\004\370\070\370\353\322\137\165\137\315"
-"\173\374\345\216\200\174\374\120"
-, (PRUint32)568 }
-};
-static const NSSItem nss_builtins_items_3 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign/RSA Secure Server CA", (PRUint32)30 },
- { (void *)"\104\143\305\061\327\314\301\000\147\224\141\053\266\126\323\277"
-"\202\127\204\157"
-, (PRUint32)20 },
- { (void *)"\164\173\202\003\103\360\000\236\153\263\354\107\277\205\245\223"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\255\146\176\116\105\376\136\127\157\074\230\031\136\335\300"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_4 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"VeriSign Class 4 Primary CA", (PRUint32)28 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\064\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\064\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\246\000\000\001"
-, (PRUint32)5 },
- { (void *)"\060\202\002\061\060\202\001\232\002\005\002\246\000\000\001\060"
-"\015\006\011\052\206\110\206\367\015\001\001\002\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\071\066\060\061\062\071\060\060\060\060\060\060\132"
-"\027\015\071\071\061\062\063\061\062\063\065\071\065\071\132\060"
-"\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013"
-"\023\056\103\154\141\163\163\040\064\040\120\165\142\154\151\143"
-"\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001"
-"\005\000\003\201\215\000\060\201\211\002\201\201\000\320\262\165"
-"\366\170\320\256\132\120\364\351\120\251\237\214\327\357\221\224"
-"\160\350\322\044\220\166\211\205\326\337\254\346\001\027\062\200"
-"\360\235\223\107\274\232\145\235\037\227\256\277\351\206\165\143"
-"\040\211\275\200\130\235\004\014\235\250\301\044\351\013\345\061"
-"\170\275\374\055\014\067\152\236\170\200\351\106\165\371\355\243"
-"\373\023\173\310\301\114\322\243\357\365\074\260\142\217\112\135"
-"\073\335\225\147\217\023\271\301\074\326\247\046\233\354\303\073"
-"\172\331\115\274\155\233\350\025\001\343\360\107\251\002\003\001"
-"\000\001\060\015\006\011\052\206\110\206\367\015\001\001\002\005"
-"\000\003\201\201\000\123\335\323\360\234\044\176\100\252\342\374"
-"\000\032\327\332\014\374\062\141\270\025\015\226\363\372\127\033"
-"\177\063\174\257\351\230\232\141\310\172\263\267\377\261\334\231"
-"\203\334\254\022\374\160\311\037\070\102\355\104\366\200\056\133"
-"\153\063\151\254\234\323\134\347\137\132\030\307\261\055\171\004"
-"\226\101\221\231\101\261\074\015\272\204\071\306\073\227\360\046"
-"\311\216\356\275\314\102\225\377\036\307\002\077\124\014\170\365"
-"\274\252\140\174\002\151\350\334\254\342\002\166\141\304\076\003"
-"\352\322\212\044\321"
-, (PRUint32)565 }
-};
-static const NSSItem nss_builtins_items_5 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"VeriSign Class 4 Primary CA", (PRUint32)28 },
- { (void *)"\116\375\137\146\357\164\326\266\237\211\164\113\045\326\173\311"
-"\216\245\172\171"
-, (PRUint32)20 },
- { (void *)"\033\321\255\027\213\177\042\023\044\365\046\342\135\116\271\020"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\064\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\002\246\000\000\001"
-, (PRUint32)5 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_6 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Root CA", (PRUint32)23 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
- { (void *)"\001\243"
-, (PRUint32)2 },
- { (void *)"\060\202\001\372\060\202\001\143\002\002\001\243\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\060\105\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003"
-"\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141"
-"\164\151\157\156\061\034\060\032\006\003\125\004\003\023\023\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\122\157"
-"\157\164\060\036\027\015\071\066\060\062\062\063\062\063\060\061"
-"\060\060\132\027\015\060\066\060\062\062\063\062\063\065\071\060"
-"\060\132\060\105\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040"
-"\103\157\162\160\157\162\141\164\151\157\156\061\034\060\032\006"
-"\003\125\004\003\023\023\107\124\105\040\103\171\142\145\162\124"
-"\162\165\163\164\040\122\157\157\164\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\270\346\117\272\333\230\174\161\174\257"
-"\104\267\323\017\106\331\144\345\223\301\102\216\307\272\111\215"
-"\065\055\172\347\213\275\345\005\061\131\306\261\057\012\014\373"
-"\237\247\077\242\011\146\204\126\036\067\051\033\207\351\176\014"
-"\312\232\237\245\177\365\025\224\243\325\242\106\202\330\150\114"
-"\321\067\025\006\150\257\275\370\260\263\360\051\365\225\132\011"
-"\026\141\167\012\042\045\324\117\105\252\307\275\345\226\337\371"
-"\324\250\216\102\314\044\300\036\221\047\112\265\155\006\200\143"
-"\071\304\242\136\070\003\002\003\001\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\004\005\000\003\201\201\000\022\263"
-"\165\306\137\035\341\141\125\200\000\324\201\113\173\061\017\043"
-"\143\347\075\363\003\371\364\066\250\273\331\343\245\227\115\352"
-"\053\051\340\326\152\163\201\346\300\211\243\323\361\340\245\245"
-"\042\067\232\143\302\110\040\264\333\162\343\310\366\331\174\276"
-"\261\257\123\332\024\264\041\270\326\325\226\343\376\116\014\131"
-"\142\266\232\112\371\102\335\214\157\201\251\161\377\364\012\162"
-"\155\155\104\016\235\363\164\164\250\325\064\111\351\136\236\351"
-"\264\172\341\345\132\037\204\060\234\323\237\245\045\330"
-, (PRUint32)510 }
-};
-static const NSSItem nss_builtins_items_7 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Root CA", (PRUint32)23 },
- { (void *)"\220\336\336\236\114\116\237\157\330\206\027\127\235\323\221\274"
-"\145\246\211\144"
-, (PRUint32)20 },
- { (void *)"\304\327\360\262\243\305\175\141\147\360\004\315\103\323\272\130"
-, (PRUint32)16 },
- { (void *)"\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125"
-"\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\122\157\157\164"
-, (PRUint32)71 },
- { (void *)"\001\243"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_8 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Global Root", (PRUint32)27 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\122\157\157\164"
-, (PRUint32)119 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\122\157\157\164"
-, (PRUint32)119 },
- { (void *)"\001\245"
-, (PRUint32)2 },
- { (void *)"\060\202\002\132\060\202\001\303\002\002\001\245\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\060\165\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003"
-"\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141"
-"\164\151\157\156\061\047\060\045\006\003\125\004\013\023\036\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\123\157"
-"\154\165\164\151\157\156\163\054\040\111\156\143\056\061\043\060"
-"\041\006\003\125\004\003\023\032\107\124\105\040\103\171\142\145"
-"\162\124\162\165\163\164\040\107\154\157\142\141\154\040\122\157"
-"\157\164\060\036\027\015\071\070\060\070\061\063\060\060\062\071"
-"\060\060\132\027\015\061\070\060\070\061\063\062\063\065\071\060"
-"\060\132\060\165\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040"
-"\103\157\162\160\157\162\141\164\151\157\156\061\047\060\045\006"
-"\003\125\004\013\023\036\107\124\105\040\103\171\142\145\162\124"
-"\162\165\163\164\040\123\157\154\165\164\151\157\156\163\054\040"
-"\111\156\143\056\061\043\060\041\006\003\125\004\003\023\032\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\107\154"
-"\157\142\141\154\040\122\157\157\164\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\225\017\240\266\360\120\234\350\172\307"
-"\210\315\335\027\016\056\260\224\320\033\075\016\366\224\300\212"
-"\224\307\006\310\220\227\310\270\144\032\172\176\154\074\123\341"
-"\067\050\163\140\177\262\227\123\007\237\123\371\155\130\224\322"
-"\257\215\155\210\147\200\346\355\262\225\317\162\061\312\245\034"
-"\162\272\134\002\347\144\102\347\371\251\054\326\072\015\254\215"
-"\102\252\044\001\071\346\234\077\001\205\127\015\130\207\105\370"
-"\323\205\252\223\151\046\205\160\110\200\077\022\025\307\171\264"
-"\037\005\057\073\142\231\002\003\001\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\004\005\000\003\201\201\000\155\353"
-"\033\011\351\136\331\121\333\147\042\141\244\052\074\110\167\343"
-"\240\174\246\336\163\242\024\003\205\075\373\253\016\060\305\203"
-"\026\063\201\023\010\236\173\064\116\337\100\310\164\327\271\175"
-"\334\364\166\125\175\233\143\124\030\351\360\352\363\134\261\331"
-"\213\102\036\271\300\225\116\272\372\325\342\174\365\150\141\277"
-"\216\354\005\227\137\133\260\327\243\205\064\304\044\247\015\017"
-"\225\223\357\313\224\330\236\037\235\134\205\155\307\252\256\117"
-"\037\042\265\315\225\255\272\247\314\371\253\013\172\177"
-, (PRUint32)606 }
-};
-static const NSSItem nss_builtins_items_9 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Global Root", (PRUint32)27 },
- { (void *)"\227\201\171\120\330\034\226\160\314\064\330\011\317\171\104\061"
-"\066\176\364\164"
-, (PRUint32)20 },
- { (void *)"\312\075\323\150\361\003\134\320\062\372\270\053\131\350\132\333"
-, (PRUint32)16 },
- { (void *)"\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142"
-"\141\154\040\122\157\157\164"
-, (PRUint32)119 },
- { (void *)"\001\245"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_10 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Root 5", (PRUint32)22 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\160\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\036\060\034\006\003\125\004\003\023\025\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\122\157\157\164"
-"\040\065"
-, (PRUint32)114 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\160\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\036\060\034\006\003\125\004\003\023\025\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\122\157\157\164"
-"\040\065"
-, (PRUint32)114 },
- { (void *)"\001\266"
-, (PRUint32)2 },
- { (void *)"\060\202\003\266\060\202\002\236\240\003\002\001\002\002\002\001"
-"\266\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\160\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\036\060\034\006\003\125\004\003\023\025\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\122\157\157\164"
-"\040\065\060\036\027\015\071\070\060\070\061\064\061\064\065\060"
-"\060\060\132\027\015\061\063\060\070\061\064\062\063\065\071\060"
-"\060\132\060\160\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040"
-"\103\157\162\160\157\162\141\164\151\157\156\061\047\060\045\006"
-"\003\125\004\013\023\036\107\124\105\040\103\171\142\145\162\124"
-"\162\165\163\164\040\123\157\154\165\164\151\157\156\163\054\040"
-"\111\156\143\056\061\036\060\034\006\003\125\004\003\023\025\107"
-"\124\105\040\103\171\142\145\162\124\162\165\163\164\040\122\157"
-"\157\164\040\065\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\274\022\156\077\212\174\172\227\001\354\036"
-"\273\071\132\002\364\170\104\242\110\033\216\173\111\122\172\270"
-"\173\107\263\257\224\233\157\273\226\372\053\152\145\134\270\034"
-"\224\163\276\277\211\012\042\200\356\127\374\214\005\273\160\237"
-"\227\071\004\332\243\207\134\250\345\312\257\300\063\232\325\067"
-"\134\113\254\344\200\320\246\043\140\373\375\162\056\224\235\307"
-"\316\302\004\062\357\170\140\135\355\255\207\017\105\145\036\074"
-"\232\012\232\276\135\035\231\354\347\362\321\306\172\027\331\255"
-"\233\124\226\177\304\174\140\277\205\252\025\065\035\100\332\021"
-"\274\354\124\041\050\055\043\241\250\360\317\055\315\335\374\176"
-"\017\136\341\145\007\126\313\007\264\322\126\350\136\061\314\030"
-"\143\304\206\322\055\205\317\223\222\253\155\376\150\071\373\336"
-"\163\275\206\370\344\106\172\352\237\014\313\364\031\376\143\274"
-"\321\054\173\210\063\066\366\344\341\234\014\123\201\140\034\332"
-"\056\253\226\251\026\210\023\120\231\262\275\125\337\025\060\176"
-"\350\345\230\373\160\176\154\265\007\374\374\106\267\320\355\067"
-"\226\176\062\376\041\002\003\001\000\001\243\132\060\130\060\022"
-"\006\003\125\035\023\001\001\377\004\010\060\006\001\001\377\002"
-"\001\005\060\016\006\003\125\035\017\001\001\377\004\004\003\002"
-"\001\006\060\027\006\003\125\035\040\004\020\060\016\060\014\006"
-"\012\052\206\110\206\370\143\001\002\001\003\060\031\006\003\125"
-"\035\016\004\022\004\020\166\012\111\041\070\114\237\336\370\304"
-"\111\307\161\161\221\235\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\001\001\000\101\072\324\030\133\332"
-"\270\336\041\034\341\216\011\345\361\150\064\377\336\226\364\007"
-"\365\247\074\363\254\112\261\233\372\222\372\233\355\346\062\041"
-"\252\112\166\305\334\117\070\345\337\325\206\344\325\310\166\175"
-"\230\327\261\315\217\115\265\221\043\154\213\212\353\352\174\357"
-"\024\224\304\306\360\037\112\055\062\161\143\053\143\221\046\002"
-"\011\266\200\035\355\342\314\270\177\333\207\143\310\341\320\154"
-"\046\261\065\035\100\146\020\033\315\225\124\030\063\141\354\023"
-"\117\332\023\367\231\257\076\320\317\216\246\162\242\263\303\005"
-"\232\311\047\175\222\314\176\122\215\263\253\160\155\236\211\237"
-"\115\353\032\165\302\230\252\325\002\026\327\014\212\277\045\344"
-"\353\055\274\230\351\130\070\031\174\271\067\376\333\342\231\010"
-"\163\006\307\227\203\152\175\020\001\057\062\271\027\005\112\145"
-"\346\057\316\276\136\123\246\202\351\232\123\012\204\164\055\203"
-"\312\310\224\026\166\137\224\141\050\360\205\247\071\273\327\213"
-"\331\250\262\023\035\124\011\064\044\175\040\201\175\146\176\242"
-"\220\164\134\020\306\275\354\253\033\302"
-, (PRUint32)954 }
-};
-static const NSSItem nss_builtins_items_11 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Root 5", (PRUint32)22 },
- { (void *)"\107\305\114\274\332\135\166\316\142\210\070\021\254\021\146\135"
-"\125\364\054\000"
-, (PRUint32)20 },
- { (void *)"\175\154\206\344\374\115\321\013\000\272\042\273\116\174\152\216"
-, (PRUint32)16 },
- { (void *)"\060\160\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157"
-"\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125"
-"\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165"
-"\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156"
-"\143\056\061\036\060\034\006\003\125\004\003\023\025\107\124\105"
-"\040\103\171\142\145\162\124\162\165\163\164\040\122\157\157\164"
-"\040\065"
-, (PRUint32)114 },
- { (void *)"\001\266"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_12 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Japan Root CA", (PRUint32)29 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\121\061\013\060\011\006\003\125\004\006\023\002\112\120\061"
-"\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124"
-"\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056"
-"\061\041\060\037\006\003\125\004\003\023\030\103\171\142\145\162"
-"\124\162\165\163\164\040\112\101\120\101\116\040\122\157\157\164"
-"\040\103\101"
-, (PRUint32)83 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\121\061\013\060\011\006\003\125\004\006\023\002\112\120\061"
-"\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124"
-"\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056"
-"\061\041\060\037\006\003\125\004\003\023\030\103\171\142\145\162"
-"\124\162\165\163\164\040\112\101\120\101\116\040\122\157\157\164"
-"\040\103\101"
-, (PRUint32)83 },
- { (void *)"\116"
-, (PRUint32)1 },
- { (void *)"\060\202\002\021\060\202\001\172\002\001\116\060\015\006\011\052"
-"\206\110\206\367\015\001\001\004\005\000\060\121\061\013\060\011"
-"\006\003\125\004\006\023\002\112\120\061\037\060\035\006\003\125"
-"\004\012\023\026\103\171\142\145\162\124\162\165\163\164\040\112"
-"\141\160\141\156\054\040\111\156\143\056\061\041\060\037\006\003"
-"\125\004\003\023\030\103\171\142\145\162\124\162\165\163\164\040"
-"\112\101\120\101\116\040\122\157\157\164\040\103\101\060\036\027"
-"\015\071\070\060\070\060\064\060\067\065\067\060\060\132\027\015"
-"\060\063\060\070\060\064\062\063\065\071\060\060\132\060\121\061"
-"\013\060\011\006\003\125\004\006\023\002\112\120\061\037\060\035"
-"\006\003\125\004\012\023\026\103\171\142\145\162\124\162\165\163"
-"\164\040\112\141\160\141\156\054\040\111\156\143\056\061\041\060"
-"\037\006\003\125\004\003\023\030\103\171\142\145\162\124\162\165"
-"\163\164\040\112\101\120\101\116\040\122\157\157\164\040\103\101"
-"\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001"
-"\005\000\003\201\215\000\060\201\211\002\201\201\000\267\255\374"
-"\312\107\020\166\211\375\147\254\344\163\006\174\201\113\035\326"
-"\265\174\016\107\257\354\246\124\165\250\304\375\145\257\347\310"
-"\261\261\154\064\065\215\367\271\144\127\050\013\041\132\336\164"
-"\376\334\170\056\206\106\022\114\177\021\037\334\223\275\137\276"
-"\146\230\206\270\267\354\155\111\323\220\331\341\171\000\126\150"
-"\272\255\154\037\054\073\037\311\054\214\103\260\004\102\352\201"
-"\163\246\316\063\165\105\015\212\105\162\057\252\127\125\344\007"
-"\303\103\342\165\072\017\274\074\320\204\316\272\357\002\003\001"
-"\000\001\060\015\006\011\052\206\110\206\367\015\001\001\004\005"
-"\000\003\201\201\000\267\246\144\243\014\200\074\034\304\330\356"
-"\101\073\345\206\244\236\140\135\326\001\062\250\152\144\055\040"
-"\160\100\272\162\116\146\372\007\145\116\003\216\013\375\126\340"
-"\255\073\040\247\062\372\262\022\036\200\337\036\343\172\030\314"
-"\127\333\346\311\064\140\357\165\353\020\026\320\244\056\160\330"
-"\044\043\270\245\167\163\102\371\007\072\335\001\154\010\223\007"
-"\065\046\020\045\140\051\377\011\345\144\237\151\271\026\111\363"
-"\134\335\044\143\106\223\015\260\123\066\165\274\110\040\273\031"
-"\266\217\320\042\375"
-, (PRUint32)533 }
-};
-static const NSSItem nss_builtins_items_13 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Japan Root CA", (PRUint32)29 },
- { (void *)"\327\237\165\115\072\165\304\327\022\276\200\056\155\367\251\056"
-"\135\022\021\045"
-, (PRUint32)20 },
- { (void *)"\336\253\377\103\052\145\067\006\233\050\265\172\350\204\323\216"
-, (PRUint32)16 },
- { (void *)"\060\121\061\013\060\011\006\003\125\004\006\023\002\112\120\061"
-"\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124"
-"\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056"
-"\061\041\060\037\006\003\125\004\003\023\030\103\171\142\145\162"
-"\124\162\165\163\164\040\112\101\120\101\116\040\122\157\157\164"
-"\040\103\101"
-, (PRUint32)83 },
- { (void *)"\116"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_14 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Japan Secure Server CA", (PRUint32)38 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\112\120\061"
-"\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124"
-"\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056"
-"\061\052\060\050\006\003\125\004\003\023\041\103\171\142\145\162"
-"\124\162\165\163\164\040\112\101\120\101\116\040\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\101"
-, (PRUint32)92 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\112\120\061"
-"\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124"
-"\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056"
-"\061\052\060\050\006\003\125\004\003\023\041\103\171\142\145\162"
-"\124\162\165\163\164\040\112\101\120\101\116\040\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\101"
-, (PRUint32)92 },
- { (void *)"\117"
-, (PRUint32)1 },
- { (void *)"\060\202\002\043\060\202\001\214\002\001\117\060\015\006\011\052"
-"\206\110\206\367\015\001\001\004\005\000\060\132\061\013\060\011"
-"\006\003\125\004\006\023\002\112\120\061\037\060\035\006\003\125"
-"\004\012\023\026\103\171\142\145\162\124\162\165\163\164\040\112"
-"\141\160\141\156\054\040\111\156\143\056\061\052\060\050\006\003"
-"\125\004\003\023\041\103\171\142\145\162\124\162\165\163\164\040"
-"\112\101\120\101\116\040\123\145\143\165\162\145\040\123\145\162"
-"\166\145\162\040\103\101\060\036\027\015\071\070\060\070\060\064"
-"\060\070\060\066\063\062\132\027\015\060\063\060\070\060\064\062"
-"\063\065\071\060\060\132\060\132\061\013\060\011\006\003\125\004"
-"\006\023\002\112\120\061\037\060\035\006\003\125\004\012\023\026"
-"\103\171\142\145\162\124\162\165\163\164\040\112\141\160\141\156"
-"\054\040\111\156\143\056\061\052\060\050\006\003\125\004\003\023"
-"\041\103\171\142\145\162\124\162\165\163\164\040\112\101\120\101"
-"\116\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040"
-"\103\101\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\254"
-"\046\243\241\270\157\152\300\054\022\371\333\061\005\222\347\375"
-"\372\324\201\264\270\325\052\325\220\372\360\103\145\374\022\025"
-"\312\354\333\271\141\336\063\143\067\117\257\000\074\177\222\067"
-"\033\030\163\345\237\074\210\361\032\023\104\376\171\362\303\046"
-"\225\017\013\360\236\024\007\041\154\127\302\135\303\342\121\260"
-"\315\213\137\315\137\206\070\370\171\227\071\354\350\277\122\056"
-"\261\136\252\251\256\214\355\356\327\310\267\056\061\213\264\071"
-"\222\073\174\201\047\007\032\001\104\057\111\163\040\266\311\002"
-"\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001"
-"\004\005\000\003\201\201\000\150\035\173\022\356\132\171\051\061"
-"\312\001\254\213\120\251\047\231\054\000\374\070\032\034\377\302"
-"\325\360\023\376\033\247\071\365\200\024\353\121\372\300\215\173"
-"\204\033\131\256\261\065\121\156\241\076\327\033\354\240\236\337"
-"\340\245\202\226\343\261\077\330\250\361\313\171\200\216\367\360"
-"\104\231\176\024\365\043\243\021\343\150\113\005\066\156\210\343"
-"\253\206\252\070\123\003\102\073\323\271\371\340\277\005\351\323"
-"\137\303\112\247\266\375\267\135\220\111\370\232\262\255\146\246"
-"\202\000\223\256\140\377\040"
-, (PRUint32)551 }
-};
-static const NSSItem nss_builtins_items_15 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GTE CyberTrust Japan Secure Server CA", (PRUint32)38 },
- { (void *)"\326\371\221\145\061\321\304\017\030\247\073\051\236\031\267\157"
-"\246\302\111\063"
-, (PRUint32)20 },
- { (void *)"\335\015\015\264\170\113\175\316\060\012\246\065\306\253\114\210"
-, (PRUint32)16 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\112\120\061"
-"\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124"
-"\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056"
-"\061\052\060\050\006\003\125\004\003\023\041\103\171\142\145\162"
-"\124\162\165\163\164\040\112\101\120\101\116\040\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\101"
-, (PRUint32)92 },
- { (void *)"\117"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_16 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Basic CA", (PRUint32)25 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151"
-"\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015"
-"\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141"
-"\163\151\143\100\164\150\141\167\164\145\056\143\157\155"
-, (PRUint32)206 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151"
-"\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015"
-"\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141"
-"\163\151\143\100\164\150\141\167\164\145\056\143\157\155"
-, (PRUint32)206 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\003\041\060\202\002\212\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003"
-"\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023"
-"\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123"
-"\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156"
-"\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167\164"
-"\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151\143"
-"\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015\001"
-"\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141\163"
-"\151\143\100\164\150\141\167\164\145\056\143\157\155\060\036\027"
-"\015\071\066\060\061\060\061\060\060\060\060\060\060\132\027\015"
-"\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\313"
-"\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060"
-"\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040"
-"\103\141\160\145\061\022\060\020\006\003\125\004\007\023\011\103"
-"\141\160\145\040\124\157\167\156\061\032\060\030\006\003\125\004"
-"\012\023\021\124\150\141\167\164\145\040\103\157\156\163\165\154"
-"\164\151\156\147\061\050\060\046\006\003\125\004\013\023\037\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162"
-"\166\151\143\145\163\040\104\151\166\151\163\151\157\156\061\041"
-"\060\037\006\003\125\004\003\023\030\124\150\141\167\164\145\040"
-"\120\145\162\163\157\156\141\154\040\102\141\163\151\143\040\103"
-"\101\061\050\060\046\006\011\052\206\110\206\367\015\001\011\001"
-"\026\031\160\145\162\163\157\156\141\154\055\142\141\163\151\143"
-"\100\164\150\141\167\164\145\056\143\157\155\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\274\274\223\123\155\300\120\117"
-"\202\025\346\110\224\065\246\132\276\157\102\372\017\107\356\167"
-"\165\162\335\215\111\233\226\127\240\170\324\312\077\121\263\151"
-"\013\221\166\027\042\007\227\152\304\121\223\113\340\215\357\067"
-"\225\241\014\115\332\064\220\035\027\211\227\340\065\070\127\112"
-"\300\364\010\160\351\074\104\173\120\176\141\232\220\343\043\323"
-"\210\021\106\047\365\013\007\016\273\335\321\177\040\012\210\271"
-"\126\013\056\034\200\332\361\343\236\051\357\024\275\012\104\373"
-"\033\133\030\321\277\043\223\041\002\003\001\000\001\243\023\060"
-"\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001"
-"\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005"
-"\000\003\201\201\000\055\342\231\153\260\075\172\211\327\131\242"
-"\224\001\037\053\335\022\113\123\302\255\177\252\247\000\134\221"
-"\100\127\045\112\070\252\204\160\271\331\200\017\245\173\134\373"
-"\163\306\275\327\212\141\134\003\343\055\047\250\027\340\204\205"
-"\102\334\136\233\306\267\262\155\273\164\257\344\077\313\247\267"
-"\260\340\135\276\170\203\045\224\322\333\201\017\171\007\155\117"
-"\364\071\025\132\122\001\173\336\062\326\115\070\366\022\134\006"
-"\120\337\005\133\275\024\113\241\337\051\272\073\101\215\367\143"
-"\126\241\337\042\261"
-, (PRUint32)805 }
-};
-static const NSSItem nss_builtins_items_17 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Basic CA", (PRUint32)25 },
- { (void *)"\100\347\214\035\122\075\034\331\225\117\254\032\032\263\275\074"
-"\272\241\133\374"
-, (PRUint32)20 },
- { (void *)"\346\013\322\311\312\055\210\333\032\161\016\113\170\353\002\101"
-, (PRUint32)16 },
- { (void *)"\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151"
-"\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015"
-"\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141"
-"\163\151\143\100\164\150\141\167\164\145\056\143\157\155"
-, (PRUint32)206 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_18 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Premium CA", (PRUint32)27 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155"
-"\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206"
-"\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055"
-"\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143"
-"\157\155"
-, (PRUint32)210 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155"
-"\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206"
-"\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055"
-"\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143"
-"\157\155"
-, (PRUint32)210 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\003\051\060\202\002\222\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003"
-"\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023"
-"\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123"
-"\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156"
-"\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167\164"
-"\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155\151"
-"\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206\367"
-"\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055\160"
-"\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143\157"
-"\155\060\036\027\015\071\066\060\061\060\061\060\060\060\060\060"
-"\060\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071"
-"\132\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132"
-"\101\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164"
-"\145\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004"
-"\007\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030"
-"\006\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157"
-"\156\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004"
-"\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151"
-"\157\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141"
-"\167\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145"
-"\155\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110"
-"\206\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154"
-"\055\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056"
-"\143\157\155\060\201\237\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000"
-"\311\146\331\370\007\104\317\271\214\056\360\241\357\023\105\154"
-"\005\337\336\047\026\121\066\101\021\154\154\073\355\376\020\175"
-"\022\236\345\233\102\232\376\140\061\303\146\267\163\072\110\256"
-"\116\320\062\067\224\210\265\015\266\331\363\362\104\331\325\210"
-"\022\335\166\115\362\032\374\157\043\036\172\361\330\230\105\116"
-"\007\020\357\026\102\320\103\165\155\112\336\342\252\311\061\377"
-"\037\000\160\174\146\317\020\045\010\272\372\356\000\351\106\003"
-"\146\047\021\025\073\252\133\362\230\335\066\102\262\332\210\165"
-"\002\003\001\000\001\243\023\060\021\060\017\006\003\125\035\023"
-"\001\001\377\004\005\060\003\001\001\377\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\003\201\201\000\151\066\211"
-"\367\064\052\063\162\057\155\073\324\042\262\270\157\232\305\066"
-"\146\016\033\074\241\261\165\132\346\375\065\323\370\250\362\007"
-"\157\205\147\216\336\053\271\342\027\260\072\240\360\016\242\000"
-"\232\337\363\024\025\156\273\310\205\132\230\200\371\377\276\164"
-"\035\075\363\376\060\045\321\067\064\147\372\245\161\171\060\141"
-"\051\162\300\340\054\114\373\126\344\072\250\157\345\062\131\122"
-"\333\165\050\120\131\014\370\013\031\344\254\331\257\226\215\057"
-"\120\333\007\303\352\037\253\063\340\365\053\061\211"
-, (PRUint32)813 }
-};
-static const NSSItem nss_builtins_items_19 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Premium CA", (PRUint32)27 },
- { (void *)"\066\206\065\143\375\121\050\307\276\246\360\005\317\351\264\066"
-"\150\010\154\316"
-, (PRUint32)20 },
- { (void *)"\072\262\336\042\232\040\223\111\371\355\310\322\212\347\150\015"
-, (PRUint32)16 },
- { (void *)"\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155"
-"\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206"
-"\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055"
-"\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143"
-"\157\155"
-, (PRUint32)210 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_20 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Freemail CA", (PRUint32)28 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145"
-"\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110"
-"\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154"
-"\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145"
-"\056\143\157\155"
-, (PRUint32)212 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145"
-"\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110"
-"\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154"
-"\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145"
-"\056\143\157\155"
-, (PRUint32)212 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\003\055\060\202\002\226\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003"
-"\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023"
-"\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123"
-"\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156"
-"\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167\164"
-"\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145\155"
-"\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110\206"
-"\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154\055"
-"\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145\056"
-"\143\157\155\060\036\027\015\071\066\060\061\060\061\060\060\060"
-"\060\060\060\132\027\015\062\060\061\062\063\061\062\063\065\071"
-"\065\071\132\060\201\321\061\013\060\011\006\003\125\004\006\023"
-"\002\132\101\061\025\060\023\006\003\125\004\010\023\014\127\145"
-"\163\164\145\162\156\040\103\141\160\145\061\022\060\020\006\003"
-"\125\004\007\023\011\103\141\160\145\040\124\157\167\156\061\032"
-"\060\030\006\003\125\004\012\023\021\124\150\141\167\164\145\040"
-"\103\157\156\163\165\154\164\151\156\147\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\044\060\042\006\003\125\004\003\023\033\124"
-"\150\141\167\164\145\040\120\145\162\163\157\156\141\154\040\106"
-"\162\145\145\155\141\151\154\040\103\101\061\053\060\051\006\011"
-"\052\206\110\206\367\015\001\011\001\026\034\160\145\162\163\157"
-"\156\141\154\055\146\162\145\145\155\141\151\154\100\164\150\141"
-"\167\164\145\056\143\157\155\060\201\237\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211"
-"\002\201\201\000\324\151\327\324\260\224\144\133\161\351\107\330"
-"\014\121\266\352\162\221\260\204\136\175\055\015\217\173\022\337"
-"\205\045\165\050\164\072\102\054\143\047\237\225\173\113\357\176"
-"\031\207\035\206\352\243\335\271\316\226\144\032\302\024\156\104"
-"\254\174\346\217\350\115\017\161\037\100\070\246\000\243\207\170"
-"\366\371\224\206\136\255\352\300\136\166\353\331\024\243\135\156"
-"\172\174\014\245\113\125\177\006\031\051\177\236\232\046\325\152"
-"\273\070\044\010\152\230\307\261\332\243\230\221\375\171\333\345"
-"\132\304\034\271\002\003\001\000\001\243\023\060\021\060\017\006"
-"\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015"
-"\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201"
-"\000\307\354\222\176\116\370\365\226\245\147\142\052\244\360\115"
-"\021\140\320\157\215\140\130\141\254\046\273\122\065\134\010\317"
-"\060\373\250\112\226\212\037\142\102\043\214\027\017\364\272\144"
-"\234\027\254\107\051\337\235\230\136\322\154\140\161\134\242\254"
-"\334\171\343\347\156\000\107\037\265\015\050\350\002\235\344\232"
-"\375\023\364\246\331\174\261\370\334\137\043\046\011\221\200\163"
-"\320\024\033\336\103\251\203\045\362\346\234\057\025\312\376\246"
-"\253\212\007\165\213\014\335\121\204\153\344\370\321\316\167\242"
-"\201"
-, (PRUint32)817 }
-};
-static const NSSItem nss_builtins_items_21 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Personal Freemail CA", (PRUint32)28 },
- { (void *)"\040\231\000\266\075\225\127\050\024\014\321\066\042\330\306\207"
-"\244\353\000\205"
-, (PRUint32)20 },
- { (void *)"\036\164\303\206\074\014\065\305\076\302\177\357\074\252\074\331"
-, (PRUint32)16 },
- { (void *)"\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006"
-"\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013"
-"\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157"
-"\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167"
-"\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145"
-"\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110"
-"\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154"
-"\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145"
-"\056\143\157\155"
-, (PRUint32)212 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_22 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Server CA", (PRUint32)17 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124"
-"\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061"
-"\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027"
-"\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141"
-"\167\164\145\056\143\157\155"
-, (PRUint32)199 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124"
-"\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061"
-"\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027"
-"\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141"
-"\167\164\145\056\143\157\155"
-, (PRUint32)199 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\003\023\060\202\002\174\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003"
-"\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125"
-"\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163"
-"\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124\150"
-"\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061\046"
-"\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027\163"
-"\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141\167"
-"\164\145\056\143\157\155\060\036\027\015\071\066\060\070\060\061"
-"\060\060\060\060\060\060\132\027\015\062\060\061\062\063\061\062"
-"\063\065\071\065\071\132\060\201\304\061\013\060\011\006\003\125"
-"\004\006\023\002\132\101\061\025\060\023\006\003\125\004\010\023"
-"\014\127\145\163\164\145\162\156\040\103\141\160\145\061\022\060"
-"\020\006\003\125\004\007\023\011\103\141\160\145\040\124\157\167"
-"\156\061\035\060\033\006\003\125\004\012\023\024\124\150\141\167"
-"\164\145\040\103\157\156\163\165\154\164\151\156\147\040\143\143"
-"\061\050\060\046\006\003\125\004\013\023\037\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143\145"
-"\163\040\104\151\166\151\163\151\157\156\061\031\060\027\006\003"
-"\125\004\003\023\020\124\150\141\167\164\145\040\123\145\162\166"
-"\145\162\040\103\101\061\046\060\044\006\011\052\206\110\206\367"
-"\015\001\011\001\026\027\163\145\162\166\145\162\055\143\145\162"
-"\164\163\100\164\150\141\167\164\145\056\143\157\155\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\323\244\120\156\310\377"
-"\126\153\346\317\135\266\352\014\150\165\107\242\252\302\332\204"
-"\045\374\250\364\107\121\332\205\265\040\164\224\206\036\017\165"
-"\311\351\010\141\365\006\155\060\156\025\031\002\351\122\300\142"
-"\333\115\231\236\342\152\014\104\070\315\376\276\343\144\011\160"
-"\305\376\261\153\051\266\057\111\310\073\324\047\004\045\020\227"
-"\057\347\220\155\300\050\102\231\327\114\103\336\303\365\041\155"
-"\124\237\135\303\130\341\300\344\331\133\260\270\334\264\173\337"
-"\066\072\302\265\146\042\022\326\207\015\002\003\001\000\001\243"
-"\023\060\021\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001"
-"\004\005\000\003\201\201\000\007\372\114\151\134\373\225\314\106"
-"\356\205\203\115\041\060\216\312\331\250\157\111\032\346\332\121"
-"\343\140\160\154\204\141\021\241\032\310\110\076\131\103\175\117"
-"\225\075\241\213\267\013\142\230\172\165\212\335\210\116\116\236"
-"\100\333\250\314\062\164\271\157\015\306\343\263\104\013\331\212"
-"\157\232\051\233\231\030\050\073\321\343\100\050\232\132\074\325"
-"\265\347\040\033\213\312\244\253\215\351\121\331\342\114\054\131"
-"\251\332\271\262\165\033\366\102\362\357\307\362\030\371\211\274"
-"\243\377\212\043\056\160\107"
-, (PRUint32)791 }
-};
-static const NSSItem nss_builtins_items_23 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Server CA", (PRUint32)17 },
- { (void *)"\043\345\224\224\121\225\362\101\110\003\264\325\144\322\243\243"
-"\365\330\213\214"
-, (PRUint32)20 },
- { (void *)"\305\160\304\242\355\123\170\014\310\020\123\201\144\313\320\035"
-, (PRUint32)16 },
- { (void *)"\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124"
-"\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061"
-"\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027"
-"\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141"
-"\167\164\145\056\143\157\155"
-, (PRUint32)199 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_24 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Premium Server CA", (PRUint32)25 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155"
-, (PRUint32)209 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155"
-, (PRUint32)209 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\003\047\060\202\002\220\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023"
-"\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003"
-"\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163"
-"\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125"
-"\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163"
-"\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124\150"
-"\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145\162"
-"\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110\206"
-"\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055\163"
-"\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157\155"
-"\060\036\027\015\071\066\060\070\060\061\060\060\060\060\060\060"
-"\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071\132"
-"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\322\066"
-"\066\152\213\327\302\133\236\332\201\101\142\217\070\356\111\004"
-"\125\326\320\357\034\033\225\026\107\357\030\110\065\072\122\364"
-"\053\152\006\217\073\057\352\126\343\257\206\215\236\027\367\236"
-"\264\145\165\002\115\357\313\011\242\041\121\330\233\320\147\320"
-"\272\015\222\006\024\163\324\223\313\227\052\000\234\134\116\014"
-"\274\372\025\122\374\362\104\156\332\021\112\156\010\237\057\055"
-"\343\371\252\072\206\163\266\106\123\130\310\211\005\275\203\021"
-"\270\163\077\252\007\215\364\102\115\347\100\235\034\067\002\003"
-"\001\000\001\243\023\060\021\060\017\006\003\125\035\023\001\001"
-"\377\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206"
-"\367\015\001\001\004\005\000\003\201\201\000\046\110\054\026\302"
-"\130\372\350\026\164\014\252\252\137\124\077\362\327\311\170\140"
-"\136\136\156\067\143\042\167\066\176\262\027\304\064\271\365\010"
-"\205\374\311\001\070\377\115\276\362\026\102\103\347\273\132\106"
-"\373\301\306\021\037\361\112\260\050\106\311\303\304\102\175\274"
-"\372\253\131\156\325\267\121\210\021\343\244\205\031\153\202\114"
-"\244\014\022\255\351\244\256\077\361\303\111\145\232\214\305\310"
-"\076\045\267\224\231\273\222\062\161\007\360\206\136\355\120\047"
-"\246\015\246\043\371\273\313\246\007\024\102"
-, (PRUint32)811 }
-};
-static const NSSItem nss_builtins_items_25 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Premium Server CA", (PRUint32)25 },
- { (void *)"\142\177\215\170\047\145\143\231\322\175\177\220\104\311\376\263"
-"\363\076\372\232"
-, (PRUint32)20 },
- { (void *)"\006\237\151\171\026\146\220\002\033\214\214\242\303\007\157\072"
-, (PRUint32)16 },
- { (void *)"\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007"
-"\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006"
-"\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156"
-"\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003"
-"\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151"
-"\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124"
-"\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145"
-"\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110"
-"\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055"
-"\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157"
-"\155"
-, (PRUint32)209 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_26 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"American Express CA", (PRUint32)20 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151"
-"\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160"
-"\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125"
-"\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160"
-"\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145"
-"\163\061\057\060\055\006\003\125\004\003\023\046\101\155\145\162"
-"\151\143\141\156\040\105\170\160\162\145\163\163\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171"
-, (PRUint32)146 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151"
-"\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160"
-"\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125"
-"\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160"
-"\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145"
-"\163\061\057\060\055\006\003\125\004\003\023\046\101\155\145\162"
-"\151\143\141\156\040\105\170\160\162\145\163\163\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171"
-, (PRUint32)146 },
- { (void *)"\000\215"
-, (PRUint32)2 },
- { (void *)"\060\202\002\220\060\202\001\371\002\002\000\215\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\060\201\217\061\013"
-"\060\011\006\003\125\004\006\023\002\125\123\061\047\060\045\006"
-"\003\125\004\012\023\036\101\155\145\162\151\143\141\156\040\105"
-"\170\160\162\145\163\163\040\103\157\155\160\141\156\171\054\040"
-"\111\156\143\056\061\046\060\044\006\003\125\004\013\023\035\101"
-"\155\145\162\151\143\141\156\040\105\170\160\162\145\163\163\040"
-"\124\145\143\150\156\157\154\157\147\151\145\163\061\057\060\055"
-"\006\003\125\004\003\023\046\101\155\145\162\151\143\141\156\040"
-"\105\170\160\162\145\163\163\040\103\145\162\164\151\146\151\143"
-"\141\164\145\040\101\165\164\150\157\162\151\164\171\060\036\027"
-"\015\071\070\060\070\061\064\062\062\060\061\060\060\132\027\015"
-"\060\066\060\070\061\064\062\063\065\071\060\060\132\060\201\217"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\047\060"
-"\045\006\003\125\004\012\023\036\101\155\145\162\151\143\141\156"
-"\040\105\170\160\162\145\163\163\040\103\157\155\160\141\156\171"
-"\054\040\111\156\143\056\061\046\060\044\006\003\125\004\013\023"
-"\035\101\155\145\162\151\143\141\156\040\105\170\160\162\145\163"
-"\163\040\124\145\143\150\156\157\154\157\147\151\145\163\061\057"
-"\060\055\006\003\125\004\003\023\046\101\155\145\162\151\143\141"
-"\156\040\105\170\160\162\145\163\163\040\103\145\162\164\151\146"
-"\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\060"
-"\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005"
-"\000\003\201\215\000\060\201\211\002\201\201\000\311\362\111\222"
-"\205\312\375\025\051\265\006\266\104\354\374\210\243\362\206\316"
-"\377\024\117\044\034\222\371\302\043\301\316\103\337\135\064\310"
-"\270\024\354\325\052\160\221\111\225\327\126\315\224\361\251\223"
-"\320\150\042\334\115\175\240\012\162\052\107\352\045\360\205\000"
-"\137\066\124\141\317\013\371\067\132\147\235\351\037\351\144\077"
-"\160\225\141\247\320\060\002\336\046\050\244\146\003\004\351\060"
-"\373\217\063\007\371\157\141\207\242\162\333\363\150\170\143\146"
-"\131\251\311\267\146\341\025\262\110\066\054\371\002\003\001\000"
-"\001\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000"
-"\003\201\201\000\150\027\142\270\163\213\114\154\353\112\245\076"
-"\253\345\235\056\322\315\212\007\127\363\306\131\227\166\027\027"
-"\370\122\216\047\223\330\130\330\050\154\364\242\004\172\212\302"
-"\166\044\261\002\264\337\050\362\367\363\250\247\176\043\110\141"
-"\210\364\021\150\256\046\135\366\241\113\123\045\152\330\052\024"
-"\002\016\340\207\040\156\236\031\134\163\220\013\043\342\061\227"
-"\043\077\325\042\242\323\006\173\332\067\365\327\265\101\104\027"
-"\172\105\002\331\205\105\146\326\216\307\360\172\014\231\142\042"
-"\151\133\355\322"
-, (PRUint32)660 }
-};
-static const NSSItem nss_builtins_items_27 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"American Express CA", (PRUint32)20 },
- { (void *)"\254\231\217\200\304\240\005\370\156\362\240\256\110\030\344\117"
-"\110\237\370\177"
-, (PRUint32)20 },
- { (void *)"\034\325\216\202\276\160\125\216\071\141\337\255\121\333\153\240"
-, (PRUint32)16 },
- { (void *)"\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151"
-"\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160"
-"\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125"
-"\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160"
-"\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145"
-"\163\061\057\060\055\006\003\125\004\003\023\046\101\155\145\162"
-"\151\143\141\156\040\105\170\160\162\145\163\163\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171"
-, (PRUint32)146 },
- { (void *)"\000\215"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_28 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"American Express Global CA", (PRUint32)27 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\226\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151"
-"\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160"
-"\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125"
-"\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160"
-"\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145"
-"\163\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162"
-"\151\143\141\156\040\105\170\160\162\145\163\163\040\107\154\157"
-"\142\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040"
-"\101\165\164\150\157\162\151\164\171"
-, (PRUint32)153 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\226\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151"
-"\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160"
-"\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125"
-"\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160"
-"\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145"
-"\163\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162"
-"\151\143\141\156\040\105\170\160\162\145\163\163\040\107\154\157"
-"\142\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040"
-"\101\165\164\150\157\162\151\164\171"
-, (PRUint32)153 },
- { (void *)"\000\205"
-, (PRUint32)2 },
- { (void *)"\060\202\004\004\060\202\002\354\240\003\002\001\002\002\002\000"
-"\205\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\201\226\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151"
-"\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160"
-"\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125"
-"\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160"
-"\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145"
-"\163\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162"
-"\151\143\141\156\040\105\170\160\162\145\163\163\040\107\154\157"
-"\142\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040"
-"\101\165\164\150\157\162\151\164\171\060\036\027\015\071\070\060"
-"\070\061\064\061\071\060\066\060\060\132\027\015\061\063\060\070"
-"\061\064\062\063\065\071\060\060\132\060\201\226\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\047\060\045\006\003\125"
-"\004\012\023\036\101\155\145\162\151\143\141\156\040\105\170\160"
-"\162\145\163\163\040\103\157\155\160\141\156\171\054\040\111\156"
-"\143\056\061\046\060\044\006\003\125\004\013\023\035\101\155\145"
-"\162\151\143\141\156\040\105\170\160\162\145\163\163\040\124\145"
-"\143\150\156\157\154\157\147\151\145\163\061\066\060\064\006\003"
-"\125\004\003\023\055\101\155\145\162\151\143\141\156\040\105\170"
-"\160\162\145\163\163\040\107\154\157\142\141\154\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\360\044\046\146\056\373\353\112\163\161\123\211\107"
-"\313\046\074\123\222\224\114\312\302\205\265\015\370\303\127\275"
-"\057\052\037\152\030\267\127\257\014\000\026\372\240\266\220\246"
-"\367\032\241\056\146\046\307\150\243\212\223\151\146\265\106\126"
-"\055\035\202\352\220\014\012\042\302\211\120\215\005\363\324\253"
-"\163\101\360\317\022\254\050\264\157\024\224\226\131\113\236\220"
-"\165\206\337\342\107\353\341\351\117\103\176\207\312\047\030\146"
-"\236\265\301\100\145\175\374\141\157\255\233\162\317\251\136\330"
-"\363\371\332\156\221\020\372\114\265\352\176\040\336\251\071\057"
-"\365\210\344\212\157\065\306\040\234\053\206\106\063\012\374\061"
-"\125\245\153\254\026\100\351\315\065\131\157\062\004\303\173\265"
-"\017\173\167\160\363\110\273\052\122\202\316\257\051\155\361\021"
-"\157\155\346\007\000\001\357\232\363\046\015\246\171\023\147\257"
-"\370\253\034\165\254\221\265\153\276\100\260\336\234\014\261\151"
-"\205\031\161\221\023\105\312\337\321\375\346\262\312\226\203\171"
-"\333\305\270\252\133\172\220\013\170\126\076\306\327\237\224\110"
-"\021\365\255\002\003\001\000\001\243\132\060\130\060\022\006\003"
-"\125\035\023\001\001\377\004\010\060\006\001\001\377\002\001\005"
-"\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006"
-"\060\027\006\003\125\035\040\004\020\060\016\060\014\006\012\052"
-"\206\110\206\371\017\012\001\005\001\060\031\006\003\125\035\016"
-"\004\022\004\020\127\107\065\173\066\047\021\250\010\374\057\106"
-"\045\353\044\151\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\202\001\001\000\307\141\105\250\212\161\271\276"
-"\064\351\041\173\041\315\126\023\230\325\060\143\351\030\252\113"
-"\222\025\277\013\035\273\354\222\151\305\056\303\141\213\350\060"
-"\105\313\020\106\301\163\070\134\213\031\322\053\363\100\353\174"
-"\162\263\056\036\047\343\165\225\212\034\233\056\304\225\005\206"
-"\162\320\125\364\241\222\122\171\134\333\364\370\334\345\327\022"
-"\261\100\307\074\206\344\061\145\112\312\067\306\336\166\127\031"
-"\151\114\106\151\374\052\255\026\067\172\223\254\367\041\113\055"
-"\373\353\251\120\313\301\321\100\010\332\003\151\207\247\067\136"
-"\125\301\305\355\304\343\216\014\046\227\233\134\127\113\162\343"
-"\362\003\005\320\002\073\046\003\100\220\236\276\013\133\111\014"
-"\170\361\325\114\125\051\340\366\375\114\003\251\124\002\062\321"
-"\127\132\205\254\103\355\133\073\026\137\240\277\065\333\113\236"
-"\173\350\377\347\015\074\073\250\233\111\101\106\365\163\116\377"
-"\222\145\041\203\023\125\161\353\111\074\177\210\032\302\022\050"
-"\045\241\106\113\101\067\227\177\354\216\361\324\241\226\302\040"
-"\266\136\255\251\034\036\021\240"
-, (PRUint32)1032 }
-};
-static const NSSItem nss_builtins_items_29 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"American Express Global CA", (PRUint32)27 },
- { (void *)"\005\025\203\065\174\267\267\276\344\016\273\221\377\153\073\274"
-"\361\124\335\126"
-, (PRUint32)20 },
- { (void *)"\143\033\146\223\214\363\146\313\074\171\127\334\005\111\352\333"
-, (PRUint32)16 },
- { (void *)"\060\201\226\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151"
-"\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160"
-"\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125"
-"\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160"
-"\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145"
-"\163\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162"
-"\151\143\141\156\040\105\170\160\162\145\163\163\040\107\154\157"
-"\142\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040"
-"\101\165\164\150\157\162\151\164\171"
-, (PRUint32)153 },
- { (void *)"\000\205"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_30 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Premium CA", (PRUint32)19 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\056\060\054\006\003\125\004\013\023\045\105\161\165\151"
-"\146\141\170\040\120\162\145\155\151\165\155\040\103\145\162\164"
-"\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)81 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\056\060\054\006\003\125\004\013\023\045\105\161\165\151"
-"\146\141\170\040\120\162\145\155\151\165\155\040\103\145\162\164"
-"\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)81 },
- { (void *)"\065\341\357\036"
-, (PRUint32)4 },
- { (void *)"\060\202\003\043\060\202\002\214\240\003\002\001\002\002\004\065"
-"\341\357\036\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\117\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151"
-"\146\141\170\061\056\060\054\006\003\125\004\013\023\045\105\161"
-"\165\151\146\141\170\040\120\162\145\155\151\165\155\040\103\145"
-"\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162"
-"\151\164\171\060\036\027\015\071\070\060\070\062\064\062\062\065"
-"\064\062\063\132\027\015\061\070\060\070\062\064\062\062\065\064"
-"\062\063\132\060\117\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165"
-"\151\146\141\170\061\056\060\054\006\003\125\004\013\023\045\105"
-"\161\165\151\146\141\170\040\120\162\145\155\151\165\155\040\103"
-"\145\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157"
-"\162\151\164\171\060\201\237\060\015\006\011\052\206\110\206\367"
-"\015\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201"
-"\000\316\241\006\216\006\314\010\013\301\206\250\336\040\325\015"
-"\016\321\015\304\237\352\152\331\263\302\062\107\100\157\212\210"
-"\244\011\275\070\054\035\346\313\346\244\363\066\353\332\353\274"
-"\374\144\263\007\366\055\274\252\316\237\031\110\150\112\374\365"
-"\242\105\176\011\020\365\217\263\111\134\043\006\071\352\023\213"
-"\270\013\315\221\035\166\137\331\067\241\104\373\137\220\362\147"
-"\263\315\030\231\103\037\166\022\153\002\362\225\203\070\103\302"
-"\366\142\064\312\311\170\135\137\322\330\272\232\377\276\020\140"
-"\133\002\003\001\000\001\243\202\001\012\060\202\001\006\060\161"
-"\006\003\125\035\037\004\152\060\150\060\146\240\144\240\142\244"
-"\140\060\136\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146"
-"\141\170\061\056\060\054\006\003\125\004\013\023\045\105\161\165"
-"\151\146\141\170\040\120\162\145\155\151\165\155\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\061\015\060\013\006\003\125\004\003\023\004\103\122\114"
-"\061\060\032\006\003\125\035\020\004\023\060\021\201\017\062\060"
-"\061\070\060\070\062\064\062\062\065\064\062\063\132\060\013\006"
-"\003\125\035\017\004\004\003\002\001\006\060\037\006\003\125\035"
-"\043\004\030\060\026\200\024\025\356\262\050\131\253\156\345\370"
-"\317\213\201\364\044\341\256\077\165\033\230\060\035\006\003\125"
-"\035\016\004\026\004\024\025\356\262\050\131\253\156\345\370\317"
-"\213\201\364\044\341\256\077\165\033\230\060\014\006\003\125\035"
-"\023\004\005\060\003\001\001\377\060\032\006\011\052\206\110\206"
-"\366\175\007\101\000\004\015\060\013\033\005\126\063\056\060\143"
-"\003\002\006\300\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\201\201\000\275\013\234\047\251\003\333\050\334"
-"\230\251\113\320\321\216\247\250\032\132\221\340\234\361\367\030"
-"\174\056\042\236\066\037\311\250\265\315\106\112\156\372\065\007"
-"\033\206\010\353\237\342\250\371\235\101\055\072\256\134\134\266"
-"\137\064\004\353\374\052\140\260\373\164\344\205\351\145\070\226"
-"\356\025\307\306\167\143\022\275\212\150\037\253\154\175\332\312"
-"\134\023\316\352\311\353\011\134\305\163\347\022\001\325\331\123"
-"\007\236\340\017\226\360\213\264\273\105\110\237\206\305\031\125"
-"\240\313\226\305\003\374\110"
-, (PRUint32)807 }
-};
-static const NSSItem nss_builtins_items_31 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Premium CA", (PRUint32)19 },
- { (void *)"\235\021\167\273\103\333\275\240\007\310\252\321\253\220\127\020"
-"\256\170\244\135"
-, (PRUint32)20 },
- { (void *)"\251\351\250\235\016\163\343\261\057\067\015\350\110\077\206\355"
-, (PRUint32)16 },
- { (void *)"\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\056\060\054\006\003\125\004\013\023\045\105\161\165\151"
-"\146\141\170\040\120\162\145\155\151\165\155\040\103\145\162\164"
-"\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)81 },
- { (void *)"\065\341\357\036"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_32 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure CA", (PRUint32)18 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)80 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)80 },
- { (void *)"\065\336\364\317"
-, (PRUint32)4 },
- { (void *)"\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\065"
-"\336\364\317\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151"
-"\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161"
-"\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\060\036\027\015\071\070\060\070\062\062\061\066\064\061"
-"\065\061\132\027\015\061\070\060\070\062\062\061\066\064\061\065"
-"\061\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151"
-"\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161"
-"\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\301"
-"\135\261\130\147\010\142\356\240\232\055\037\010\155\221\024\150"
-"\230\012\036\376\332\004\157\023\204\142\041\303\321\174\316\237"
-"\005\340\270\001\360\116\064\354\342\212\225\004\144\254\361\153"
-"\123\137\005\263\313\147\200\277\102\002\216\376\335\001\011\354"
-"\341\000\024\117\374\373\360\014\335\103\272\133\053\341\037\200"
-"\160\231\025\127\223\026\361\017\227\152\267\302\150\043\034\314"
-"\115\131\060\254\121\036\073\257\053\326\356\143\105\173\305\331"
-"\137\120\322\343\120\017\072\210\347\277\024\375\340\307\271\002"
-"\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003"
-"\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060"
-"\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\020"
-"\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141\170"
-"\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151\146"
-"\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151\146"
-"\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061"
-"\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032"
-"\006\003\125\035\020\004\023\060\021\201\017\062\060\061\070\060"
-"\070\062\062\061\066\064\061\065\061\132\060\013\006\003\125\035"
-"\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\110\346\150\371\053\322\262\225\327\107\330\043"
-"\040\020\117\063\230\220\237\324\060\035\006\003\125\035\016\004"
-"\026\004\024\110\346\150\371\053\322\262\225\327\107\330\043\040"
-"\020\117\063\230\220\237\324\060\014\006\003\125\035\023\004\005"
-"\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007"
-"\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006"
-"\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\201\201\000\130\316\051\352\374\367\336\265\316\002\271\027"
-"\265\205\321\271\343\340\225\314\045\061\015\000\246\222\156\177"
-"\266\222\143\236\120\225\321\232\157\344\021\336\143\205\156\230"
-"\356\250\377\132\310\323\125\262\146\161\127\336\300\041\353\075"
-"\052\247\043\111\001\004\206\102\173\374\356\177\242\026\122\265"
-"\147\147\323\100\333\073\046\130\262\050\167\075\256\024\167\141"
-"\326\372\052\146\047\240\015\372\247\163\134\352\160\361\224\041"
-"\145\104\137\372\374\357\051\150\251\242\207\171\357\171\357\117"
-"\254\007\167\070"
-, (PRUint32)804 }
-};
-static const NSSItem nss_builtins_items_33 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure CA", (PRUint32)18 },
- { (void *)"\322\062\011\255\043\323\024\043\041\164\344\015\177\235\142\023"
-"\227\206\143\072"
-, (PRUint32)20 },
- { (void *)"\147\313\235\300\023\044\212\202\233\262\027\036\321\033\354\324"
-, (PRUint32)16 },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141"
-"\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151"
-"\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)80 },
- { (void *)"\065\336\364\317"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_34 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"BelSign Object Publishing CA", (PRUint32)29 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\273\061\013\060\011\006\003\125\004\006\023\002\102\105"
-"\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163"
-"\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145"
-"\154\123\151\147\156\040\116\126\061\070\060\066\006\003\125\004"
-"\013\023\057\102\145\154\123\151\147\156\040\117\142\152\145\143"
-"\164\040\120\165\142\154\151\163\150\151\156\147\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\061\045\060\043\006\003\125\004\003\023\034\102\145\154"
-"\123\151\147\156\040\117\142\152\145\143\164\040\120\165\142\154"
-"\151\163\150\151\156\147\040\103\101\061\043\060\041\006\011\052"
-"\206\110\206\367\015\001\011\001\026\024\167\145\142\155\141\163"
-"\164\145\162\100\142\145\154\163\151\147\156\056\142\145"
-, (PRUint32)190 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\273\061\013\060\011\006\003\125\004\006\023\002\102\105"
-"\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163"
-"\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145"
-"\154\123\151\147\156\040\116\126\061\070\060\066\006\003\125\004"
-"\013\023\057\102\145\154\123\151\147\156\040\117\142\152\145\143"
-"\164\040\120\165\142\154\151\163\150\151\156\147\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\061\045\060\043\006\003\125\004\003\023\034\102\145\154"
-"\123\151\147\156\040\117\142\152\145\143\164\040\120\165\142\154"
-"\151\163\150\151\156\147\040\103\101\061\043\060\041\006\011\052"
-"\206\110\206\367\015\001\011\001\026\024\167\145\142\155\141\163"
-"\164\145\162\100\142\145\154\163\151\147\156\056\142\145"
-, (PRUint32)190 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\003\003\060\202\002\154\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\273\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163\145"
-"\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145\154"
-"\123\151\147\156\040\116\126\061\070\060\066\006\003\125\004\013"
-"\023\057\102\145\154\123\151\147\156\040\117\142\152\145\143\164"
-"\040\120\165\142\154\151\163\150\151\156\147\040\103\145\162\164"
-"\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164"
-"\171\061\045\060\043\006\003\125\004\003\023\034\102\145\154\123"
-"\151\147\156\040\117\142\152\145\143\164\040\120\165\142\154\151"
-"\163\150\151\156\147\040\103\101\061\043\060\041\006\011\052\206"
-"\110\206\367\015\001\011\001\026\024\167\145\142\155\141\163\164"
-"\145\162\100\142\145\154\163\151\147\156\056\142\145\060\036\027"
-"\015\071\067\060\071\061\071\062\062\060\063\060\060\132\027\015"
-"\060\067\060\071\061\071\062\062\060\063\060\060\132\060\201\273"
-"\061\013\060\011\006\003\125\004\006\023\002\102\105\061\021\060"
-"\017\006\003\125\004\007\023\010\102\162\165\163\163\145\154\163"
-"\061\023\060\021\006\003\125\004\012\023\012\102\145\154\123\151"
-"\147\156\040\116\126\061\070\060\066\006\003\125\004\013\023\057"
-"\102\145\154\123\151\147\156\040\117\142\152\145\143\164\040\120"
-"\165\142\154\151\163\150\151\156\147\040\103\145\162\164\151\146"
-"\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061"
-"\045\060\043\006\003\125\004\003\023\034\102\145\154\123\151\147"
-"\156\040\117\142\152\145\143\164\040\120\165\142\154\151\163\150"
-"\151\156\147\040\103\101\061\043\060\041\006\011\052\206\110\206"
-"\367\015\001\011\001\026\024\167\145\142\155\141\163\164\145\162"
-"\100\142\145\154\163\151\147\156\056\142\145\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\304\056\037\266\277\356\202\100"
-"\335\371\267\056\101\325\236\005\261\132\320\046\174\142\125\003"
-"\233\374\313\141\336\113\357\376\350\231\376\207\271\210\317\220"
-"\332\017\011\074\166\337\027\227\266\313\077\045\105\375\264\274"
-"\130\000\276\260\132\266\024\207\217\356\147\144\255\035\210\203"
-"\273\147\237\145\141\000\130\010\200\120\237\200\311\061\366\052"
-"\220\034\055\367\112\154\020\366\043\103\135\070\011\140\210\127"
-"\002\315\026\154\030\374\315\373\222\052\167\320\236\223\243\135"
-"\210\144\320\310\370\135\124\121\002\003\001\000\001\243\025\060"
-"\023\060\021\006\011\140\206\110\001\206\370\102\001\001\004\004"
-"\003\002\000\007\060\015\006\011\052\206\110\206\367\015\001\001"
-"\004\005\000\003\201\201\000\143\166\027\174\226\360\123\245\135"
-"\001\034\123\316\051\302\176\165\254\114\015\242\010\163\264\152"
-"\061\375\002\006\024\231\334\124\004\244\277\310\226\206\237\061"
-"\103\062\045\127\366\205\366\045\273\067\276\241\171\043\311\127"
-"\006\045\161\153\105\117\370\364\002\100\026\202\042\257\124\352"
-"\062\050\366\015\356\231\272\113\010\121\017\156\206\043\041\114"
-"\055\045\210\201\304\056\016\361\023\054\070\212\225\002\044\303"
-"\072\225\143\344\223\216\110\273\010\107\162\137\256\346\072\132"
-"\107\326\161\306\236\232\122"
-, (PRUint32)775 }
-};
-static const NSSItem nss_builtins_items_35 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"BelSign Object Publishing CA", (PRUint32)29 },
- { (void *)"\373\224\125\030\075\227\133\343\150\140\204\227\152\247\052\201"
-"\125\173\201\051"
-, (PRUint32)20 },
- { (void *)"\212\002\370\337\270\341\204\237\132\302\140\044\145\321\163\373"
-, (PRUint32)16 },
- { (void *)"\060\201\273\061\013\060\011\006\003\125\004\006\023\002\102\105"
-"\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163"
-"\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145"
-"\154\123\151\147\156\040\116\126\061\070\060\066\006\003\125\004"
-"\013\023\057\102\145\154\123\151\147\156\040\117\142\152\145\143"
-"\164\040\120\165\142\154\151\163\150\151\156\147\040\103\145\162"
-"\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151"
-"\164\171\061\045\060\043\006\003\125\004\003\023\034\102\145\154"
-"\123\151\147\156\040\117\142\152\145\143\164\040\120\165\142\154"
-"\151\163\150\151\156\147\040\103\101\061\043\060\041\006\011\052"
-"\206\110\206\367\015\001\011\001\026\024\167\145\142\155\141\163"
-"\164\145\162\100\142\145\154\163\151\147\156\056\142\145"
-, (PRUint32)190 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_36 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"BelSign Secure Server CA", (PRUint32)25 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\263\061\013\060\011\006\003\125\004\006\023\002\102\105"
-"\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163"
-"\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145"
-"\154\123\151\147\156\040\116\126\061\064\060\062\006\003\125\004"
-"\013\023\053\102\145\154\123\151\147\156\040\123\145\143\165\162"
-"\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151"
-"\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061\041"
-"\060\037\006\003\125\004\003\023\030\102\145\154\123\151\147\156"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\101\061\043\060\041\006\011\052\206\110\206\367\015\001\011\001"
-"\026\024\167\145\142\155\141\163\164\145\162\100\142\145\154\163"
-"\151\147\156\056\142\145"
-, (PRUint32)182 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\263\061\013\060\011\006\003\125\004\006\023\002\102\105"
-"\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163"
-"\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145"
-"\154\123\151\147\156\040\116\126\061\064\060\062\006\003\125\004"
-"\013\023\053\102\145\154\123\151\147\156\040\123\145\143\165\162"
-"\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151"
-"\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061\041"
-"\060\037\006\003\125\004\003\023\030\102\145\154\123\151\147\156"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\101\061\043\060\041\006\011\052\206\110\206\367\015\001\011\001"
-"\026\024\167\145\142\155\141\163\164\145\162\100\142\145\154\163"
-"\151\147\156\056\142\145"
-, (PRUint32)182 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\002\363\060\202\002\134\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\263\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163\145"
-"\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145\154"
-"\123\151\147\156\040\116\126\061\064\060\062\006\003\125\004\013"
-"\023\053\102\145\154\123\151\147\156\040\123\145\143\165\162\145"
-"\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143"
-"\141\164\145\040\101\165\164\150\157\162\151\164\171\061\041\060"
-"\037\006\003\125\004\003\023\030\102\145\154\123\151\147\156\040"
-"\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103\101"
-"\061\043\060\041\006\011\052\206\110\206\367\015\001\011\001\026"
-"\024\167\145\142\155\141\163\164\145\162\100\142\145\154\163\151"
-"\147\156\056\142\145\060\036\027\015\071\067\060\067\061\066\062"
-"\062\060\060\065\064\132\027\015\060\067\060\067\061\066\062\062"
-"\060\060\065\064\132\060\201\263\061\013\060\011\006\003\125\004"
-"\006\023\002\102\105\061\021\060\017\006\003\125\004\007\023\010"
-"\102\162\165\163\163\145\154\163\061\023\060\021\006\003\125\004"
-"\012\023\012\102\145\154\123\151\147\156\040\116\126\061\064\060"
-"\062\006\003\125\004\013\023\053\102\145\154\123\151\147\156\040"
-"\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103\145"
-"\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\102\145"
-"\154\123\151\147\156\040\123\145\143\165\162\145\040\123\145\162"
-"\166\145\162\040\103\101\061\043\060\041\006\011\052\206\110\206"
-"\367\015\001\011\001\026\024\167\145\142\155\141\163\164\145\162"
-"\100\142\145\154\163\151\147\156\056\142\145\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\326\001\022\170\222\370\004\102"
-"\177\311\307\042\203\374\174\107\160\060\053\111\013\076\066\100"
-"\220\050\332\041\163\203\123\362\304\321\026\100\300\123\377\256"
-"\246\306\044\263\047\155\245\263\075\071\167\135\250\006\366\346"
-"\351\274\143\021\116\006\145\160\012\235\223\371\242\100\213\177"
-"\112\204\016\215\026\261\326\314\010\144\022\014\340\050\113\310"
-"\245\204\220\027\373\021\106\056\326\247\205\030\313\030\256\143"
-"\232\260\130\006\364\000\317\370\304\011\032\065\014\241\371\356"
-"\112\375\155\336\376\046\245\073\002\003\001\000\001\243\025\060"
-"\023\060\021\006\011\140\206\110\001\206\370\102\001\001\004\004"
-"\003\002\000\240\060\015\006\011\052\206\110\206\367\015\001\001"
-"\004\005\000\003\201\201\000\154\075\231\303\005\342\035\312\345"
-"\055\252\150\205\213\100\061\040\146\023\150\346\130\072\211\320"
-"\215\165\262\305\142\330\175\202\217\367\331\062\201\167\366\065"
-"\133\205\051\316\147\262\271\274\053\031\170\317\363\207\375\106"
-"\361\225\165\262\011\127\003\060\301\172\315\162\107\161\200\312"
-"\175\235\311\145\074\107\021\042\175\372\007\013\050\170\241\223"
-"\350\005\105\110\342\062\062\112\075\350\123\034\020\267\307\163"
-"\214\007\120\341\371\311\053\123\101\365\203\215\345\011\071\112"
-"\216\003\142\252\100\143\213"
-, (PRUint32)759 }
-};
-static const NSSItem nss_builtins_items_37 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"BelSign Secure Server CA", (PRUint32)25 },
- { (void *)"\302\305\265\376\203\144\370\243\156\170\035\174\025\010\174\350"
-"\205\241\206\230"
-, (PRUint32)20 },
- { (void *)"\075\136\202\306\331\255\331\213\223\153\014\020\271\111\012\261"
-, (PRUint32)16 },
- { (void *)"\060\201\263\061\013\060\011\006\003\125\004\006\023\002\102\105"
-"\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163"
-"\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145"
-"\154\123\151\147\156\040\116\126\061\064\060\062\006\003\125\004"
-"\013\023\053\102\145\154\123\151\147\156\040\123\145\143\165\162"
-"\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151"
-"\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061\041"
-"\060\037\006\003\125\004\003\023\030\102\145\154\123\151\147\156"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\101\061\043\060\041\006\011\052\206\110\206\367\015\001\011\001"
-"\026\024\167\145\142\155\141\163\164\145\162\100\142\145\154\163"
-"\151\147\156\056\142\145"
-, (PRUint32)182 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_38 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 0 CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\060\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\060\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162"
-"\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142"
-"\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103"
-"\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162"
-"\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164"
-"\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061"
-"\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\060"
-"\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001"
-"\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100"
-"\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036"
-"\027\015\071\070\060\063\060\071\061\063\065\064\064\070\132\027"
-"\015\060\065\061\062\063\061\061\063\065\064\064\070\132\060\201"
-"\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020"
-"\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147"
-"\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165"
-"\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040"
-"\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040"
-"\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141"
-"\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042"
-"\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163"
-"\164\103\145\156\164\145\162\040\103\154\141\163\163\040\060\040"
-"\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011"
-"\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164"
-"\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\337\175\346\276\277\325"
-"\360\057\155\116\016\321\340\215\013\177\073\124\350\212\342\260"
-"\237\050\305\212\306\271\263\063\047\365\047\312\032\114\124\022"
-"\153\264\262\106\263\035\113\263\364\041\013\113\002\056\241\302"
-"\064\234\205\240\304\170\021\333\333\153\047\053\011\052\030\116"
-"\100\314\237\161\031\147\231\164\242\174\077\301\330\213\043\310"
-"\143\073\212\041\253\134\336\036\364\215\334\264\030\303\005\163"
-"\364\152\264\241\372\001\010\053\001\017\155\067\133\252\070\206"
-"\147\071\327\345\137\372\344\176\314\243\002\003\001\000\001\243"
-"\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206"
-"\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057"
-"\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056"
-"\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153"
-"\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110"
-"\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072"
-"\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145"
-"\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145"
-"\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140"
-"\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160"
-"\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156"
-"\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122"
-"\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110"
-"\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057"
-"\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162"
-"\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151"
-"\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110"
-"\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\060"
-"\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001"
-"\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\115\007\177\137\011\060\031"
-"\222\252\005\107\172\224\165\124\052\256\317\374\330\014\102\341"
-"\105\070\053\044\225\262\312\207\312\171\304\303\227\220\136\142"
-"\030\306\311\070\141\114\150\065\323\114\024\021\353\304\315\241"
-"\251\330\305\236\150\047\062\007\065\105\004\370\137\041\240\140"
-"\036\034\000\110\004\130\322\305\313\256\155\062\156\075\167\225"
-"\214\205\307\345\256\120\235\165\112\173\377\013\047\171\352\115"
-"\244\131\377\354\132\352\046\245\071\203\244\321\170\316\247\251"
-"\176\274\335\053\312\022\223\003\112"
-, (PRUint32)1081 }
-};
-static const NSSItem nss_builtins_items_39 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 0 CA", (PRUint32)36 },
- { (void *)"\104\201\247\326\311\104\165\204\317\355\212\107\311\256\152\360"
-"\036\071\165\030"
-, (PRUint32)20 },
- { (void *)"\065\205\111\216\156\127\376\275\227\361\311\106\043\072\266\175"
-, (PRUint32)16 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\060\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_40 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 1 CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\002"
-, (PRUint32)1 },
- { (void *)"\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\002"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162"
-"\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142"
-"\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103"
-"\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162"
-"\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164"
-"\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061"
-"\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\061"
-"\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001"
-"\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100"
-"\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036"
-"\027\015\071\070\060\063\060\071\061\063\065\066\063\063\132\027"
-"\015\060\065\061\062\063\061\061\063\065\066\063\063\132\060\201"
-"\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020"
-"\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147"
-"\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165"
-"\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040"
-"\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040"
-"\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141"
-"\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042"
-"\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163"
-"\164\103\145\156\164\145\162\040\103\154\141\163\163\040\061\040"
-"\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011"
-"\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164"
-"\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\260\051\353\264\166\263"
-"\256\327\266\133\264\136\347\275\343\261\234\111\004\127\133\241"
-"\253\331\177\023\033\375\272\141\253\330\347\161\337\055\000\224"
-"\135\121\110\175\043\357\165\142\204\220\074\012\037\131\021\164"
-"\057\216\200\245\375\060\002\075\051\122\315\162\032\111\041\234"
-"\274\313\122\216\110\241\143\226\310\020\205\060\151\127\164\105"
-"\300\132\206\306\325\075\340\150\127\175\061\152\044\215\105\227"
-"\076\061\176\150\146\062\156\044\155\354\062\066\311\101\312\360"
-"\061\104\310\243\141\312\033\240\066\037\002\003\001\000\001\243"
-"\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206"
-"\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057"
-"\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056"
-"\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153"
-"\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110"
-"\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072"
-"\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145"
-"\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145"
-"\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140"
-"\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160"
-"\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156"
-"\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122"
-"\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110"
-"\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057"
-"\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162"
-"\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151"
-"\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110"
-"\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\061"
-"\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001"
-"\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\005\102\122\046\244\014\047"
-"\001\104\254\134\045\050\302\104\102\124\010\271\035\305\076\154"
-"\131\146\304\263\116\120\247\370\370\226\165\241\226\165\350\026"
-"\070\240\315\135\156\372\171\247\033\173\035\036\303\000\271\146"
-"\276\132\326\142\017\347\362\173\270\357\114\340\300\077\131\256"
-"\071\267\204\011\236\253\361\251\056\153\151\342\255\314\362\352"
-"\170\011\005\040\070\102\161\030\176\307\262\227\346\325\002\005"
-"\006\126\243\137\361\252\302\304\117\376\367\357\026\017\235\354"
-"\252\205\317\075\051\044\361\004\315"
-, (PRUint32)1081 }
-};
-static const NSSItem nss_builtins_items_41 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 1 CA", (PRUint32)36 },
- { (void *)"\332\300\131\013\015\224\374\025\327\025\056\266\171\160\003\133"
-"\215\271\365\053"
-, (PRUint32)20 },
- { (void *)"\144\077\370\076\122\024\112\131\272\223\126\004\013\043\002\321"
-, (PRUint32)16 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\002"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_42 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 2 CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\003"
-, (PRUint32)1 },
- { (void *)"\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\003"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162"
-"\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142"
-"\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103"
-"\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162"
-"\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164"
-"\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061"
-"\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062"
-"\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001"
-"\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100"
-"\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036"
-"\027\015\071\070\060\063\060\071\061\063\065\067\064\064\132\027"
-"\015\060\065\061\062\063\061\061\063\065\067\064\064\132\060\201"
-"\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020"
-"\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147"
-"\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165"
-"\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040"
-"\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040"
-"\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141"
-"\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042"
-"\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163"
-"\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062\040"
-"\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011"
-"\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164"
-"\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\332\070\350\355\062\000"
-"\051\161\203\001\015\277\214\001\334\332\306\255\071\244\251\212"
-"\057\325\213\134\150\137\120\306\142\365\146\275\312\221\042\354"
-"\252\035\121\327\075\263\121\262\203\116\135\313\111\260\360\114"
-"\125\345\153\055\307\205\013\060\034\222\116\202\324\312\002\355"
-"\367\157\276\334\340\343\024\270\005\123\362\232\364\126\213\132"
-"\236\205\223\321\264\202\126\256\115\273\250\113\127\026\274\376"
-"\370\130\236\370\051\215\260\173\315\170\311\117\254\213\147\014"
-"\361\234\373\374\127\233\127\134\117\015\002\003\001\000\001\243"
-"\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206"
-"\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057"
-"\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056"
-"\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153"
-"\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110"
-"\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072"
-"\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145"
-"\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145"
-"\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140"
-"\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160"
-"\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156"
-"\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122"
-"\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110"
-"\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057"
-"\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162"
-"\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151"
-"\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110"
-"\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062"
-"\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001"
-"\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\211\033\364\357\351\070\342"
-"\154\014\366\315\157\111\316\051\314\373\246\017\371\215\076\225"
-"\106\326\374\107\062\211\262\310\006\141\172\322\347\015\023\002"
-"\224\013\331\213\126\107\364\273\347\305\137\173\364\143\114\256"
-"\174\064\352\015\242\251\263\054\205\363\343\376\047\124\020\222"
-"\260\217\222\301\230\102\030\160\110\333\116\054\353\015\044\150"
-"\344\321\367\276\011\251\051\207\273\350\332\334\076\243\210\102"
-"\061\365\321\343\177\256\330\216\000\132\164\230\260\117\306\377"
-"\043\173\134\163\000\170\311\333\116"
-, (PRUint32)1081 }
-};
-static const NSSItem nss_builtins_items_43 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 2 CA", (PRUint32)36 },
- { (void *)"\312\135\207\155\025\113\162\350\014\357\331\346\353\234\366\215"
-"\002\037\253\354"
-, (PRUint32)20 },
- { (void *)"\341\351\226\123\167\341\360\070\240\002\253\224\306\225\173\374"
-, (PRUint32)16 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\002"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_44 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 3 CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\004"
-, (PRUint32)1 },
- { (void *)"\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\004"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162"
-"\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142"
-"\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103"
-"\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162"
-"\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164"
-"\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061"
-"\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063"
-"\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001"
-"\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100"
-"\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036"
-"\027\015\071\070\060\063\060\071\061\063\065\070\064\071\132\027"
-"\015\060\065\061\062\063\061\061\063\065\070\064\071\132\060\201"
-"\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020"
-"\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147"
-"\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165"
-"\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040"
-"\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040"
-"\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141"
-"\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042"
-"\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163"
-"\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040"
-"\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011"
-"\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164"
-"\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\266\264\301\065\005\056"
-"\015\215\354\240\100\152\034\016\047\246\120\222\153\120\033\007"
-"\336\056\347\166\314\340\332\374\204\250\136\214\143\152\053\115"
-"\331\116\002\166\021\301\013\362\215\171\312\000\266\361\260\016"
-"\327\373\244\027\075\257\253\151\172\226\047\277\257\063\241\232"
-"\052\131\252\304\265\067\010\362\022\245\061\266\103\365\062\226"
-"\161\050\050\253\215\050\206\337\273\356\343\014\175\060\326\303"
-"\122\253\217\135\047\234\153\300\243\347\005\153\127\111\104\263"
-"\156\352\144\317\322\216\172\120\167\167\002\003\001\000\001\243"
-"\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206"
-"\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057"
-"\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056"
-"\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153"
-"\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110"
-"\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072"
-"\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145"
-"\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145"
-"\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140"
-"\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160"
-"\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156"
-"\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122"
-"\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110"
-"\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057"
-"\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162"
-"\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151"
-"\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110"
-"\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063"
-"\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001"
-"\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\204\206\120\142\171\240\047"
-"\341\045\272\011\261\064\017\023\011\355\055\312\243\346\225\371"
-"\060\254\315\027\245\316\075\227\235\354\174\217\046\177\300\141"
-"\312\042\367\221\335\074\066\131\232\233\165\367\274\344\310\355"
-"\354\002\266\042\247\363\054\361\310\222\170\155\266\356\305\050"
-"\354\200\040\117\271\153\010\347\057\247\206\036\175\261\010\237"
-"\124\271\000\067\074\240\330\032\310\226\034\364\062\024\234\071"
-"\225\267\356\360\103\111\302\136\350\313\171\157\123\277\373\111"
-"\212\054\330\113\331\125\362\022\160"
-, (PRUint32)1081 }
-};
-static const NSSItem nss_builtins_items_45 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 3 CA", (PRUint32)36 },
- { (void *)"\227\057\340\037\171\136\221\210\026\371\201\161\176\162\355\040"
-"\241\377\020\143"
-, (PRUint32)20 },
- { (void *)"\142\253\266\025\112\264\260\026\167\377\256\317\026\026\053\214"
-, (PRUint32)16 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\004"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_46 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 4 CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\064\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\064\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\005"
-, (PRUint32)1 },
- { (void *)"\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\005"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162"
-"\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142"
-"\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103"
-"\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162"
-"\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164"
-"\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061"
-"\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\064"
-"\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001"
-"\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100"
-"\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036"
-"\027\015\071\070\060\063\060\071\061\064\060\060\062\060\132\027"
-"\015\060\065\061\062\063\061\061\064\060\060\062\060\132\060\201"
-"\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020"
-"\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147"
-"\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165"
-"\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040"
-"\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040"
-"\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141"
-"\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042"
-"\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163"
-"\164\103\145\156\164\145\162\040\103\154\141\163\163\040\064\040"
-"\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011"
-"\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164"
-"\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\277\057\143\326\066\173"
-"\262\015\323\125\365\144\154\346\045\135\306\264\310\024\272\045"
-"\070\203\353\126\142\245\125\251\145\243\364\043\231\302\113\271"
-"\320\315\124\147\246\243\240\243\251\063\053\166\344\275\255\167"
-"\262\355\134\022\164\303\305\266\017\122\232\162\223\103\220\142"
-"\146\025\017\105\245\335\340\335\270\157\100\156\127\301\171\162"
-"\243\140\252\272\166\035\022\211\123\132\374\002\276\341\011\023"
-"\305\112\057\334\075\213\031\255\327\213\044\105\373\114\364\315"
-"\134\065\035\051\114\121\363\362\154\125\002\003\001\000\001\243"
-"\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206"
-"\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057"
-"\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056"
-"\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153"
-"\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110"
-"\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072"
-"\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145"
-"\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145"
-"\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140"
-"\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160"
-"\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156"
-"\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122"
-"\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110"
-"\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057"
-"\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162"
-"\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151"
-"\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110"
-"\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165"
-"\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\064"
-"\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001"
-"\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\224\150\024\033\045\236\051"
-"\231\261\262\043\322\104\263\225\237\321\236\125\004\335\343\057"
-"\202\063\125\226\167\031\235\053\236\145\034\372\212\343\307\217"
-"\045\374\261\036\125\106\017\217\377\117\067\057\244\166\131\246"
-"\144\353\325\026\160\275\335\225\063\014\244\015\044\353\144\120"
-"\264\103\021\362\103\276\015\161\230\042\354\001\257\354\367\307"
-"\134\161\303\165\221\130\031\350\335\240\364\264\361\274\020\112"
-"\363\223\264\006\111\273\037\146\322\275\164\107\341\232\371\353"
-"\327\253\155\037\272\341\035\054\332"
-, (PRUint32)1081 }
-};
-static const NSSItem nss_builtins_items_47 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TC TrustCenter, Germany, Class 4 CA", (PRUint32)36 },
- { (void *)"\161\162\311\174\001\016\161\014\375\350\321\363\171\263\300\074"
-"\253\116\274\235"
-, (PRUint32)20 },
- { (void *)"\277\257\354\304\332\371\060\371\312\065\312\045\344\077\215\211"
-, (PRUint32)16 },
- { (void *)"\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105"
-"\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165"
-"\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155"
-"\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124"
-"\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157"
-"\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141"
-"\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110"
-"\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162"
-"\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040"
-"\064\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015"
-"\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145"
-"\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145"
-, (PRUint32)191 },
- { (void *)"\005"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_48 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ABAecom (sub., Am. Bankers Assn.) Root CA", (PRUint32)42 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060"
-"\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164"
-"\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101"
-"\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006"
-"\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122"
-"\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206"
-"\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)140 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060"
-"\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164"
-"\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101"
-"\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006"
-"\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122"
-"\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206"
-"\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)140 },
- { (void *)"\000\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
- { (void *)"\060\202\003\265\060\202\002\235\240\003\002\001\002\002\021\000"
-"\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000\004"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060\021"
-"\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164\157"
-"\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101\056"
-"\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006\003"
-"\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122\157"
-"\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206\367"
-"\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147\163"
-"\151\147\164\162\165\163\164\056\143\157\155\060\036\027\015\071"
-"\071\060\067\061\062\061\067\063\063\065\063\132\027\015\060\071"
-"\060\067\060\071\061\067\063\063\065\063\132\060\201\211\061\013"
-"\060\011\006\003\125\004\006\023\002\125\123\061\013\060\011\006"
-"\003\125\004\010\023\002\104\103\061\023\060\021\006\003\125\004"
-"\007\023\012\127\141\163\150\151\156\147\164\157\156\061\027\060"
-"\025\006\003\125\004\012\023\016\101\102\101\056\105\103\117\115"
-"\054\040\111\116\103\056\061\031\060\027\006\003\125\004\003\023"
-"\020\101\102\101\056\105\103\117\115\040\122\157\157\164\040\103"
-"\101\061\044\060\042\006\011\052\206\110\206\367\015\001\011\001"
-"\026\025\141\144\155\151\156\100\144\151\147\163\151\147\164\162"
-"\165\163\164\056\143\157\155\060\202\001\042\060\015\006\011\052"
-"\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060"
-"\202\001\012\002\202\001\001\000\261\323\021\340\171\125\103\007"
-"\010\114\313\005\102\000\342\015\203\106\075\344\223\272\266\006"
-"\323\015\131\275\076\301\316\103\147\001\212\041\250\357\274\314"
-"\320\242\314\260\125\226\123\204\146\005\000\332\104\111\200\330"
-"\124\012\245\045\206\224\355\143\126\377\160\154\243\241\031\322"
-"\170\276\150\052\104\136\057\317\314\030\136\107\274\072\261\106"
-"\075\036\360\271\054\064\137\214\174\114\010\051\235\100\125\353"
-"\074\175\203\336\265\360\367\212\203\016\241\114\264\072\245\263"
-"\137\132\042\227\354\031\233\301\005\150\375\346\267\251\221\224"
-"\054\344\170\110\044\032\045\031\072\353\225\234\071\012\212\317"
-"\102\262\360\034\325\137\373\153\355\150\126\173\071\054\162\070"
-"\260\356\223\251\323\173\167\074\353\161\003\251\070\112\026\154"
-"\211\052\312\332\063\023\171\302\125\214\355\234\273\362\313\133"
-"\020\370\056\141\065\306\051\114\052\320\052\143\321\145\131\264"
-"\370\315\371\364\000\204\266\127\102\205\235\062\250\371\052\124"
-"\373\377\170\101\274\275\161\050\364\273\220\274\377\226\064\004"
-"\343\105\236\241\106\050\100\201\002\003\001\000\001\243\026\060"
-"\024\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001"
-"\001\377\002\001\010\060\015\006\011\052\206\110\206\367\015\001"
-"\001\005\005\000\003\202\001\001\000\004\157\045\206\344\346\226"
-"\047\264\331\102\300\320\311\000\261\177\124\076\207\262\155\044"
-"\251\057\012\176\375\244\104\260\370\124\007\275\033\235\235\312"
-"\173\120\044\173\021\133\111\243\246\277\022\164\325\211\267\267"
-"\057\230\144\045\024\267\141\351\177\140\200\153\323\144\350\253"
-"\275\032\326\121\372\300\264\135\167\032\177\144\010\136\171\306"
-"\005\114\361\172\335\115\175\316\346\110\173\124\322\141\222\201"
-"\326\033\326\000\360\016\236\050\167\240\115\210\307\042\166\031"
-"\303\307\236\033\246\167\170\370\137\233\126\321\360\362\027\254"
-"\216\235\131\346\037\376\127\266\331\136\341\135\237\105\354\141"
-"\150\031\101\341\262\040\046\376\132\060\166\044\377\100\162\074"
-"\171\237\174\042\110\253\106\315\333\263\206\054\217\277\005\101"
-"\323\301\343\024\343\101\027\046\320\174\247\161\114\031\350\112"
-"\017\162\130\061\175\354\140\172\243\042\050\275\031\044\140\077"
-"\073\207\163\300\153\344\313\256\267\253\045\103\262\125\055\173"
-"\253\006\016\165\135\064\345\135\163\155\236\262\165\100\245\131"
-"\311\117\061\161\210\331\210\177\124"
-, (PRUint32)953 }
-};
-static const NSSItem nss_builtins_items_49 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ABAecom (sub., Am. Bankers Assn.) Root CA", (PRUint32)42 },
- { (void *)"\172\164\101\017\260\315\134\227\052\066\113\161\277\003\035\210"
-"\246\121\016\236"
-, (PRUint32)20 },
- { (void *)"\101\270\007\367\250\321\011\356\264\232\216\160\115\374\033\170"
-, (PRUint32)16 },
- { (void *)"\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060"
-"\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164"
-"\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101"
-"\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006"
-"\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122"
-"\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206"
-"\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)140 },
- { (void *)"\000\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_50 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 1", (PRUint32)40 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061"
-, (PRUint32)72 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061"
-, (PRUint32)72 },
- { (void *)"\066\160\025\226"
-, (PRUint32)4 },
- { (void *)"\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066"
-"\160\025\226\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151"
-"\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162"
-"\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013"
-"\023\010\104\123\124\103\101\040\105\061\060\036\027\015\071\070"
-"\061\062\061\060\061\070\061\060\062\063\132\027\015\061\070\061"
-"\062\061\060\061\070\064\060\062\063\132\060\106\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125"
-"\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156"
-"\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061"
-"\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040"
-"\105\061\060\201\235\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\240"
-"\154\201\251\317\064\036\044\335\376\206\050\314\336\203\057\371"
-"\136\324\102\322\350\164\140\146\023\230\006\034\251\121\022\151"
-"\157\061\125\271\111\162\000\010\176\323\245\142\104\067\044\231"
-"\217\331\203\110\217\231\155\225\023\273\103\073\056\111\116\210"
-"\067\301\273\130\177\376\341\275\370\273\141\315\363\107\300\231"
-"\246\361\363\221\350\170\174\000\313\141\311\104\047\161\151\125"
-"\112\176\111\115\355\242\243\276\002\114\000\312\002\250\356\001"
-"\002\061\144\017\122\055\023\164\166\066\265\172\264\055\161\002"
-"\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006"
-"\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127"
-"\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061\061\015\060\013\006\003\125\004"
-"\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044"
-"\060\042\200\017\061\071\071\070\061\062\061\060\061\070\061\060"
-"\062\063\132\201\017\062\060\061\070\061\062\061\060\061\070\061"
-"\060\062\063\132\060\013\006\003\125\035\017\004\004\003\002\001"
-"\006\060\037\006\003\125\035\043\004\030\060\026\200\024\152\171"
-"\176\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016"
-"\242\370\060\035\006\003\125\035\016\004\026\004\024\152\171\176"
-"\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016\242"
-"\370\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060"
-"\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012"
-"\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\201\201\000\042\022\330"
-"\172\035\334\201\006\266\011\145\262\207\310\037\136\264\057\351"
-"\304\036\362\074\301\273\004\220\021\112\203\116\176\223\271\115"
-"\102\307\222\046\240\134\064\232\070\162\370\375\153\026\076\040"
-"\356\202\213\061\052\223\066\205\043\210\212\074\003\150\323\311"
-"\011\017\115\374\154\244\332\050\162\223\016\211\200\260\175\376"
-"\200\157\145\155\030\063\227\213\302\153\211\356\140\075\310\233"
-"\357\177\053\062\142\163\223\313\074\343\173\342\166\170\105\274"
-"\241\223\004\273\206\237\072\133\103\172\303\212\145"
-, (PRUint32)813 }
-};
-static const NSSItem nss_builtins_items_51 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 1", (PRUint32)40 },
- { (void *)"\201\226\213\072\357\034\334\160\365\372\062\151\302\222\243\143"
-"\133\321\043\323"
-, (PRUint32)20 },
- { (void *)"\045\172\272\203\056\266\242\013\332\376\365\002\017\010\327\255"
-, (PRUint32)16 },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\061"
-, (PRUint32)72 },
- { (void *)"\066\160\025\226"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_52 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 3", (PRUint32)40 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062"
-, (PRUint32)72 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062"
-, (PRUint32)72 },
- { (void *)"\066\156\323\316"
-, (PRUint32)4 },
- { (void *)"\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066"
-"\156\323\316\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151"
-"\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162"
-"\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013"
-"\023\010\104\123\124\103\101\040\105\062\060\036\027\015\071\070"
-"\061\062\060\071\061\071\061\067\062\066\132\027\015\061\070\061"
-"\062\060\071\061\071\064\067\062\066\132\060\106\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125"
-"\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156"
-"\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061"
-"\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040"
-"\105\062\060\201\235\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\277"
-"\223\217\027\222\357\063\023\030\353\020\177\116\026\277\377\006"
-"\217\052\205\274\136\371\044\246\044\210\266\003\267\301\303\137"
-"\003\133\321\157\256\176\102\352\146\043\270\143\203\126\373\050"
-"\055\341\070\213\264\356\250\001\341\316\034\266\210\052\042\106"
-"\205\373\237\247\160\251\107\024\077\316\336\145\360\250\161\367"
-"\117\046\154\214\274\306\265\357\336\111\047\377\110\052\175\350"
-"\115\003\314\307\262\122\306\027\061\023\073\265\115\333\310\304"
-"\366\303\017\044\052\332\014\235\347\221\133\200\315\224\235\002"
-"\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006"
-"\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127"
-"\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062\061\015\060\013\006\003\125\004"
-"\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044"
-"\060\042\200\017\061\071\071\070\061\062\060\071\061\071\061\067"
-"\062\066\132\201\017\062\060\061\070\061\062\060\071\061\071\061"
-"\067\062\066\132\060\013\006\003\125\035\017\004\004\003\002\001"
-"\006\060\037\006\003\125\035\043\004\030\060\026\200\024\036\202"
-"\115\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370"
-"\071\133\060\035\006\003\125\035\016\004\026\004\024\036\202\115"
-"\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370\071"
-"\133\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060"
-"\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012"
-"\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\201\201\000\107\215\203"
-"\255\142\362\333\260\236\105\042\005\271\242\326\003\016\070\162"
-"\347\236\374\173\346\223\266\232\245\242\224\310\064\035\221\321"
-"\305\327\364\012\045\017\075\170\201\236\017\261\147\304\220\114"
-"\143\335\136\247\342\272\237\365\367\115\245\061\173\234\051\055"
-"\114\376\144\076\354\266\123\376\352\233\355\202\333\164\165\113"
-"\007\171\156\036\330\031\203\163\336\365\076\320\265\336\347\113"
-"\150\175\103\056\052\040\341\176\240\170\104\236\010\365\230\371"
-"\307\177\033\033\326\006\040\002\130\241\303\242\003"
-, (PRUint32)813 }
-};
-static const NSSItem nss_builtins_items_53 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 3", (PRUint32)40 },
- { (void *)"\253\110\363\063\333\004\253\271\300\162\332\133\014\301\320\127"
-"\360\066\233\106"
-, (PRUint32)20 },
- { (void *)"\223\302\216\021\173\324\363\003\031\275\050\165\023\112\105\112"
-, (PRUint32)16 },
- { (void *)"\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141"
-"\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163"
-"\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010"
-"\104\123\124\103\101\040\105\062"
-, (PRUint32)72 },
- { (void *)"\066\156\323\316"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_54 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 2", (PRUint32)40 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"\000\320\036\100\213\000\000\002\174\000\000\000\002\000\000\000"
-"\001"
-, (PRUint32)17 },
- { (void *)"\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000"
-"\000\002\174\000\000\000\002\000\000\000\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060"
-"\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003"
-"\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125"
-"\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151"
-"\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147"
-"\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124"
-"\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004"
-"\013\023\010\104\123\124\103\101\040\130\061\061\026\060\024\006"
-"\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101"
-"\040\130\061\061\041\060\037\006\011\052\206\110\206\367\015\001"
-"\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165"
-"\163\164\056\143\157\155\060\036\027\015\071\070\061\062\060\061"
-"\061\070\061\070\065\065\132\027\015\060\070\061\061\062\070\061"
-"\070\061\070\065\065\132\060\201\251\061\013\060\011\006\003\125"
-"\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023"
-"\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016"
-"\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044"
-"\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154"
-"\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164"
-"\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104"
-"\123\124\103\101\040\130\061\061\026\060\024\006\003\125\004\003"
-"\023\015\104\123\124\040\122\157\157\164\103\101\040\130\061\061"
-"\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022"
-"\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143"
-"\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\322\306\046\266\347\245\075\301\304\150\325\120\157"
-"\123\305\157\111\023\011\270\257\054\110\215\024\152\243\027\137"
-"\132\371\323\056\165\057\330\050\142\321\223\057\374\115\324\253"
-"\207\345\010\307\231\347\222\077\165\275\353\045\264\025\301\233"
-"\031\075\322\104\215\327\164\040\155\067\002\217\151\223\133\212"
-"\304\031\235\364\262\016\374\026\154\271\261\005\222\203\321\205"
-"\054\140\224\076\105\125\240\331\253\010\041\346\140\350\073\164"
-"\362\231\120\121\150\320\003\055\261\200\276\243\330\122\260\104"
-"\315\103\112\160\216\130\205\225\341\116\054\326\055\101\157\326"
-"\204\347\310\230\104\312\107\333\054\044\245\151\046\317\153\270"
-"\047\142\303\364\311\172\222\043\355\023\147\202\256\105\056\105"
-"\345\176\162\077\205\235\224\142\020\346\074\221\241\255\167\000"
-"\340\025\354\363\204\200\162\172\216\156\140\227\307\044\131\020"
-"\064\203\133\341\245\244\151\266\127\065\034\170\131\306\323\057"
-"\072\163\147\356\224\312\004\023\005\142\006\160\043\263\364\174"
-"\356\105\331\144\013\133\111\252\244\103\316\046\304\104\022\154"
-"\270\335\171\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\242\067\262\077"
-"\151\373\327\206\171\124\111\061\225\063\053\363\321\011\024\111"
-"\142\140\206\245\260\021\342\120\302\035\006\127\076\055\350\063"
-"\144\276\233\252\255\137\033\115\324\231\225\242\213\232\311\142"
-"\162\265\151\352\331\130\253\065\355\025\242\103\326\266\274\007"
-"\171\145\144\163\175\327\171\312\173\325\132\121\306\341\123\004"
-"\226\215\070\317\243\027\254\071\161\153\001\303\213\123\074\143"
-"\351\356\171\300\344\276\222\062\144\172\263\037\227\224\142\275"
-"\352\262\040\025\225\373\227\362\170\057\143\066\100\070\343\106"
-"\017\035\335\254\225\312\347\113\220\173\261\113\251\324\305\353"
-"\232\332\252\325\243\224\024\106\215\055\037\363\072\326\223\072"
-"\366\076\171\374\350\346\260\165\355\356\075\311\160\307\135\252"
-"\201\113\106\045\034\307\154\025\343\225\116\017\252\062\067\224"
-"\012\027\044\222\023\204\130\322\143\157\053\367\346\133\142\013"
-"\023\027\260\015\122\114\376\376\157\134\342\221\156\035\375\244"
-"\142\327\150\372\216\172\117\322\010\332\223\334\360\222\021\172"
-"\320\334\162\223\014\163\223\142\205\150\320\364"
-, (PRUint32)988 }
-};
-static const NSSItem nss_builtins_items_55 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 2", (PRUint32)40 },
- { (void *)"\267\057\377\222\322\316\103\336\012\215\114\124\214\120\067\046"
-"\250\036\053\223"
-, (PRUint32)20 },
- { (void *)"\154\311\247\156\107\361\014\343\123\073\170\114\115\302\152\305"
-, (PRUint32)16 },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"\000\320\036\100\213\000\000\002\174\000\000\000\002\000\000\000"
-"\001"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_56 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 4", (PRUint32)40 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"\000\320\036\100\213\000\000\167\155\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
- { (void *)"\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000"
-"\000\167\155\000\000\000\001\000\000\000\004\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060"
-"\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003"
-"\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125"
-"\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151"
-"\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147"
-"\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124"
-"\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004"
-"\013\023\010\104\123\124\103\101\040\130\062\061\026\060\024\006"
-"\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101"
-"\040\130\062\061\041\060\037\006\011\052\206\110\206\367\015\001"
-"\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165"
-"\163\164\056\143\157\155\060\036\027\015\071\070\061\061\063\060"
-"\062\062\064\066\061\066\132\027\015\060\070\061\061\062\067\062"
-"\062\064\066\061\066\132\060\201\251\061\013\060\011\006\003\125"
-"\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023"
-"\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016"
-"\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044"
-"\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154"
-"\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164"
-"\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104"
-"\123\124\103\101\040\130\062\061\026\060\024\006\003\125\004\003"
-"\023\015\104\123\124\040\122\157\157\164\103\101\040\130\062\061"
-"\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022"
-"\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143"
-"\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202"
-"\001\001\000\334\165\360\214\300\165\226\232\300\142\037\046\367"
-"\304\341\232\352\340\126\163\133\231\315\001\104\250\010\266\325"
-"\247\332\032\004\030\071\222\112\170\243\201\302\365\167\172\120"
-"\264\160\377\232\253\306\307\312\156\203\117\102\230\373\046\013"
-"\332\334\155\326\251\231\125\122\147\351\050\003\222\334\345\260"
-"\005\232\017\025\371\153\131\162\126\362\372\071\374\252\150\356"
-"\017\037\020\203\057\374\235\372\027\226\335\202\343\346\105\175"
-"\300\113\200\104\037\355\054\340\204\375\221\134\222\124\151\045"
-"\345\142\151\334\345\356\000\122\275\063\013\255\165\002\205\247"
-"\144\120\055\305\031\031\060\300\046\333\311\323\375\056\231\255"
-"\131\265\013\115\324\101\256\205\110\103\131\334\267\250\342\242"
-"\336\303\217\327\270\241\142\246\150\120\122\344\317\061\247\224"
-"\205\332\237\106\062\027\126\345\362\353\146\075\022\377\103\333"
-"\230\357\167\317\313\201\215\064\261\306\120\112\046\321\344\076"
-"\101\120\257\154\256\042\064\056\325\153\156\203\272\171\270\166"
-"\145\110\332\011\051\144\143\042\271\373\107\166\205\214\206\104"
-"\313\011\333\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\265\066\016\135"
-"\341\141\050\132\021\145\300\077\203\003\171\115\276\050\246\013"
-"\007\002\122\205\315\370\221\320\020\154\265\152\040\133\034\220"
-"\331\060\074\306\110\236\212\136\144\371\241\161\167\357\004\047"
-"\037\007\353\344\046\367\163\164\311\104\030\032\146\323\340\103"
-"\257\221\073\321\313\054\330\164\124\072\034\115\312\324\150\315"
-"\043\174\035\020\236\105\351\366\000\156\246\315\031\377\117\054"
-"\051\217\127\115\304\167\222\276\340\114\011\373\135\104\206\146"
-"\041\250\271\062\242\126\325\351\214\203\174\131\077\304\361\013"
-"\347\235\354\236\275\234\030\016\076\302\071\171\050\267\003\015"
-"\010\313\306\347\331\001\067\120\020\354\314\141\026\100\324\257"
-"\061\164\173\374\077\061\247\320\107\163\063\071\033\314\116\152"
-"\327\111\203\021\006\376\353\202\130\063\062\114\360\126\254\036"
-"\234\057\126\232\173\301\112\034\245\375\125\066\316\374\226\115"
-"\364\260\360\354\267\154\202\355\057\061\231\102\114\251\262\015"
-"\270\025\135\361\337\272\311\265\112\324\144\230\263\046\251\060"
-"\310\375\246\354\253\226\041\255\177\302\170\266"
-, (PRUint32)988 }
-};
-static const NSSItem nss_builtins_items_57 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Digital Signature Trust Co. Global CA 4", (PRUint32)40 },
- { (void *)"\147\353\063\173\150\114\353\016\302\260\166\012\264\210\047\214"
-"\335\225\227\335"
-, (PRUint32)20 },
- { (void *)"\315\073\075\142\133\011\270\011\066\207\236\022\057\161\144\272"
-, (PRUint32)16 },
- { (void *)"\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004"
-"\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141"
-"\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021"
-"\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130"
-"\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040"
-"\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052"
-"\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147"
-"\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)172 },
- { (void *)"\000\320\036\100\213\000\000\167\155\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_58 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Deutsche Telekom AG Root CA", (PRUint32)28 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\155\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\034\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143"
-"\150\145\040\124\145\154\145\153\157\155\040\101\107\061\035\060"
-"\033\006\003\125\004\013\023\024\124\145\154\145\123\145\143\040"
-"\124\162\165\163\164\040\103\145\156\164\145\162\061\041\060\037"
-"\006\003\125\004\003\023\030\104\145\165\164\163\143\150\145\040"
-"\124\145\154\145\153\157\155\040\122\157\157\164\040\103\101"
-, (PRUint32)111 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\155\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\034\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143"
-"\150\145\040\124\145\154\145\153\157\155\040\101\107\061\035\060"
-"\033\006\003\125\004\013\023\024\124\145\154\145\123\145\143\040"
-"\124\162\165\163\164\040\103\145\156\164\145\162\061\041\060\037"
-"\006\003\125\004\003\023\030\104\145\165\164\163\143\150\145\040"
-"\124\145\154\145\153\157\155\040\122\157\157\164\040\103\101"
-, (PRUint32)111 },
- { (void *)"\006"
-, (PRUint32)1 },
- { (void *)"\060\202\002\216\060\202\001\367\240\003\002\001\002\002\001\006"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\155\061\013\060\011\006\003\125\004\006\023\002\104\105\061\034"
-"\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143\150"
-"\145\040\124\145\154\145\153\157\155\040\101\107\061\035\060\033"
-"\006\003\125\004\013\023\024\124\145\154\145\123\145\143\040\124"
-"\162\165\163\164\040\103\145\156\164\145\162\061\041\060\037\006"
-"\003\125\004\003\023\030\104\145\165\164\163\143\150\145\040\124"
-"\145\154\145\153\157\155\040\122\157\157\164\040\103\101\060\036"
-"\027\015\071\070\061\062\060\071\060\071\061\061\060\060\132\027"
-"\015\060\064\061\062\060\071\062\063\065\071\060\060\132\060\155"
-"\061\013\060\011\006\003\125\004\006\023\002\104\105\061\034\060"
-"\032\006\003\125\004\012\023\023\104\145\165\164\163\143\150\145"
-"\040\124\145\154\145\153\157\155\040\101\107\061\035\060\033\006"
-"\003\125\004\013\023\024\124\145\154\145\123\145\143\040\124\162"
-"\165\163\164\040\103\145\156\164\145\162\061\041\060\037\006\003"
-"\125\004\003\023\030\104\145\165\164\163\143\150\145\040\124\145"
-"\154\145\153\157\155\040\122\157\157\164\040\103\101\060\201\237"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\201\215\000\060\201\211\002\201\201\000\335\005\054\371\005\263"
-"\271\022\327\151\161\367\352\126\060\010\127\024\103\173\273\032"
-"\234\155\057\127\141\327\342\365\104\153\356\066\101\226\366\144"
-"\316\341\301\262\271\244\024\004\230\120\350\160\370\216\065\232"
-"\175\111\301\141\035\131\256\332\006\030\225\175\255\316\354\251"
-"\276\321\030\017\100\221\166\052\243\345\375\376\211\025\364\127"
-"\367\340\125\332\165\255\000\364\054\301\065\314\264\103\046\125"
-"\142\104\056\001\045\234\212\133\360\301\320\000\065\170\376\065"
-"\336\224\100\144\170\203\241\314\071\211\002\003\001\000\001\243"
-"\076\060\074\060\017\006\003\125\035\023\004\010\060\006\001\001"
-"\377\002\001\005\060\016\006\003\125\035\017\001\001\377\004\004"
-"\003\002\001\006\060\031\006\003\125\035\016\004\022\004\020\054"
-"\207\131\037\213\023\200\262\371\206\235\076\022\176\130\226\060"
-"\015\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201"
-"\201\000\017\376\163\265\007\210\157\240\013\211\352\312\120\037"
-"\224\336\224\053\013\047\136\117\365\034\225\046\332\214\226\124"
-"\255\031\221\067\103\135\253\311\213\263\315\157\230\071\075\355"
-"\335\065\343\161\267\355\023\223\203\350\206\345\051\063\023\023"
-"\274\065\173\375\050\057\160\131\325\323\264\215\050\023\131\073"
-"\310\325\164\371\105\302\007\140\252\270\030\124\371\245\150\377"
-"\327\005\325\217\266\005\061\056\101\112\364\020\037\140\107\032"
-"\013\213\031\115\222\127\040\322\357\120\031\350\315\320\160\274"
-"\274\066"
-, (PRUint32)658 }
-};
-static const NSSItem nss_builtins_items_59 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Deutsche Telekom AG Root CA", (PRUint32)28 },
- { (void *)"\342\023\044\000\203\106\103\235\143\067\021\170\043\310\065\246"
-"\354\113\316\102"
-, (PRUint32)20 },
- { (void *)"\167\336\004\224\167\320\014\137\247\261\364\060\030\207\373\125"
-, (PRUint32)16 },
- { (void *)"\060\155\061\013\060\011\006\003\125\004\006\023\002\104\105\061"
-"\034\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143"
-"\150\145\040\124\145\154\145\153\157\155\040\101\107\061\035\060"
-"\033\006\003\125\004\013\023\024\124\145\154\145\123\145\143\040"
-"\124\162\165\163\164\040\103\145\156\164\145\162\061\041\060\037"
-"\006\003\125\004\003\023\030\104\145\165\164\163\143\150\145\040"
-"\124\145\154\145\153\157\155\040\122\157\157\164\040\103\101"
-, (PRUint32)111 },
- { (void *)"\006"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_60 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\000\315\272\177\126\360\337\344\274\124\376\042\254\263\162\252"
-"\125"
-, (PRUint32)17 },
- { (void *)"\060\202\002\075\060\202\001\246\002\021\000\315\272\177\126\360"
-"\337\344\274\124\376\042\254\263\162\252\125\060\015\006\011\052"
-"\206\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141"
-"\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071"
-"\066\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070"
-"\060\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154"
-"\141\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151"
-"\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201"
-"\215\000\060\201\211\002\201\201\000\345\031\277\155\243\126\141"
-"\055\231\110\161\366\147\336\271\215\353\267\236\206\200\012\221"
-"\016\372\070\045\257\106\210\202\345\163\250\240\233\044\135\015"
-"\037\314\145\156\014\260\320\126\204\030\207\232\006\233\020\241"
-"\163\337\264\130\071\153\156\301\366\025\325\250\250\077\252\022"
-"\006\215\061\254\177\260\064\327\217\064\147\210\011\315\024\021"
-"\342\116\105\126\151\037\170\002\200\332\334\107\221\051\273\066"
-"\311\143\134\305\340\327\055\207\173\241\267\062\260\173\060\272"
-"\052\057\061\252\356\243\147\332\333\002\003\001\000\001\060\015"
-"\006\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201"
-"\000\114\077\270\213\306\150\337\356\103\063\016\135\351\246\313"
-"\007\204\115\172\063\377\222\033\364\066\255\330\225\042\066\150"
-"\021\154\174\102\314\363\234\056\304\007\077\024\260\017\117\377"
-"\220\222\166\371\342\274\112\351\217\315\240\200\012\367\305\051"
-"\361\202\042\135\270\261\335\201\043\243\173\045\025\106\060\171"
-"\026\370\352\005\113\224\177\035\302\034\310\343\267\364\020\100"
-"\074\023\303\137\037\123\350\110\344\206\264\173\241\065\260\173"
-"\045\272\270\323\216\253\077\070\235\000\064\000\230\363\321\161"
-"\224"
-, (PRUint32)577 }
-};
-static const NSSItem nss_builtins_items_61 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)"\220\256\242\151\205\377\024\200\114\103\111\122\354\351\140\204"
-"\167\257\125\157"
-, (PRUint32)20 },
- { (void *)"\227\140\350\127\137\323\120\107\345\103\014\224\066\212\260\142"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\000\315\272\177\126\360\337\344\274\124\376\042\254\263\162\252"
-"\125"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_62 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\055\033\374\112\027\215\243\221\353\347\377\365\213\105\276\013"
-, (PRUint32)16 },
- { (void *)"\060\202\002\074\060\202\001\245\002\020\055\033\374\112\027\215"
-"\243\221\353\347\377\365\213\105\276\013\060\015\006\011\052\206"
-"\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004"
-"\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143"
-"\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163"
-"\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155\141"
-"\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066"
-"\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060"
-"\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141"
-"\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\266\132\213\243\015\152\043\203"
-"\200\153\317\071\207\364\041\023\063\006\114\045\242\355\125\022"
-"\227\305\247\200\271\372\203\301\040\240\372\057\025\015\174\241"
-"\140\153\176\171\054\372\006\017\072\256\366\033\157\261\322\377"
-"\057\050\122\137\203\175\113\304\172\267\370\146\037\200\124\374"
-"\267\302\216\131\112\024\127\106\321\232\223\276\101\221\003\273"
-"\025\200\223\134\353\347\314\010\154\077\076\263\112\374\377\113"
-"\154\043\325\120\202\046\104\031\216\043\303\161\352\031\044\107"
-"\004\236\165\277\310\246\000\037\002\003\001\000\001\060\015\006"
-"\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000"
-"\212\033\053\372\071\301\164\327\136\330\031\144\242\130\112\055"
-"\067\340\063\107\017\254\355\367\252\333\036\344\213\006\134\140"
-"\047\312\105\122\316\026\357\077\006\144\347\224\150\174\140\063"
-"\025\021\151\257\235\142\215\243\003\124\153\246\276\345\356\005"
-"\030\140\004\277\102\200\375\320\250\250\036\001\073\367\243\134"
-"\257\243\334\346\046\200\043\074\270\104\164\367\012\256\111\213"
-"\141\170\314\044\277\210\212\247\016\352\163\031\101\375\115\003"
-"\360\210\321\345\170\215\245\052\117\366\227\015\027\167\312\330"
-, (PRUint32)576 }
-};
-static const NSSItem nss_builtins_items_63 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)"\147\202\252\340\355\356\342\032\130\071\323\300\315\024\150\012"
-"\117\140\024\052"
-, (PRUint32)20 },
- { (void *)"\263\234\045\261\303\056\062\123\200\025\060\235\115\002\167\076"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\055\033\374\112\027\215\243\221\353\347\377\365\213\105\276\013"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_64 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\160\272\344\035\020\331\051\064\266\070\312\173\003\314\272\277"
-, (PRUint32)16 },
- { (void *)"\060\202\002\074\060\202\001\245\002\020\160\272\344\035\020\331"
-"\051\064\266\070\312\173\003\314\272\277\060\015\006\011\052\206"
-"\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004"
-"\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143"
-"\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163"
-"\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155\141"
-"\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066"
-"\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060"
-"\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141"
-"\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\311\134\131\236\362\033\212\001"
-"\024\264\020\337\004\100\333\343\127\257\152\105\100\217\204\014"
-"\013\321\063\331\331\021\317\356\002\130\037\045\367\052\250\104"
-"\005\252\354\003\037\170\177\236\223\271\232\000\252\043\175\326"
-"\254\205\242\143\105\307\162\047\314\364\114\306\165\161\322\071"
-"\357\117\102\360\165\337\012\220\306\216\040\157\230\017\370\254"
-"\043\137\160\051\066\244\311\206\347\261\232\040\313\123\245\205"
-"\347\075\276\175\232\376\044\105\063\334\166\025\355\017\242\161"
-"\144\114\145\056\201\150\105\247\002\003\001\000\001\060\015\006"
-"\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000"
-"\273\114\022\053\317\054\046\000\117\024\023\335\246\373\374\012"
-"\021\204\214\363\050\034\147\222\057\174\266\305\372\337\360\350"
-"\225\274\035\217\154\054\250\121\314\163\330\244\300\123\360\116"
-"\326\046\300\166\001\127\201\222\136\041\361\321\261\377\347\320"
-"\041\130\315\151\027\343\104\034\234\031\104\071\211\134\334\234"
-"\000\017\126\215\002\231\355\242\220\105\114\344\273\020\244\075"
-"\360\062\003\016\361\316\370\350\311\121\214\346\142\237\346\237"
-"\300\175\267\162\234\311\066\072\153\237\116\250\377\144\015\144"
-, (PRUint32)576 }
-};
-static const NSSItem nss_builtins_items_65 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority", (PRUint32)56 },
- { (void *)"\164\054\061\222\346\007\344\044\353\105\111\124\053\341\273\305"
-"\076\141\164\342"
-, (PRUint32)20 },
- { (void *)"\020\374\143\135\366\046\076\015\363\045\276\137\171\315\147\147"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\160\272\344\035\020\331\051\064\266\070\312\173\003\314\272\277"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_66 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\114\307\352\252\230\076\161\323\223\020\370\075\072\211\221\222"
-, (PRUint32)16 },
- { (void *)"\060\202\003\002\060\202\002\153\002\020\114\307\352\252\230\076"
-"\161\323\223\020\370\075\072\211\221\222\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141"
-"\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027"
-"\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015"
-"\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023"
-"\063\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\252\320"
-"\272\276\026\055\270\203\324\312\322\017\274\166\061\312\224\330"
-"\035\223\214\126\002\274\331\157\032\157\122\066\156\165\126\012"
-"\125\323\337\103\207\041\021\145\212\176\217\275\041\336\153\062"
-"\077\033\204\064\225\005\235\101\065\353\222\353\226\335\252\131"
-"\077\001\123\155\231\117\355\345\342\052\132\220\301\271\304\246"
-"\025\317\310\105\353\246\135\216\234\076\360\144\044\166\245\315"
-"\253\032\157\266\330\173\121\141\156\246\177\207\310\342\267\345"
-"\064\334\101\210\352\011\100\276\163\222\075\153\347\165\002\003"
-"\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\251\117\303\015\307\147\276\054\313\331"
-"\250\315\055\165\347\176\025\236\073\162\353\176\353\134\055\011"
-"\207\326\153\155\140\174\345\256\305\220\043\014\134\112\320\257"
-"\261\135\363\307\266\012\333\340\025\223\015\335\003\274\307\166"
-"\212\265\335\117\303\233\023\165\270\001\300\346\311\133\153\245"
-"\270\211\334\254\244\335\162\355\116\241\367\117\274\006\323\352"
-"\310\144\164\173\302\225\101\234\145\163\130\361\220\232\074\152"
-"\261\230\311\304\207\274\317\105\155\105\342\156\042\077\376\274"
-"\017\061\134\350\362\331"
-, (PRUint32)774 }
-};
-static const NSSItem nss_builtins_items_67 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)"\047\076\341\044\127\375\304\371\014\125\350\053\126\026\177\142"
-"\365\062\345\107"
-, (PRUint32)20 },
- { (void *)"\333\043\075\371\151\372\113\271\225\200\104\163\136\175\101\203"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\114\307\352\252\230\076\161\323\223\020\370\075\072\211\221\222"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_68 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\000\271\057\140\314\210\237\241\172\106\011\270\133\160\154\212"
-"\257"
-, (PRUint32)17 },
- { (void *)"\060\202\003\003\060\202\002\154\002\021\000\271\057\140\314\210"
-"\237\241\172\106\011\270\133\160\154\212\257\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154"
-"\141\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151"
-"\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107"
-"\062\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060"
-"\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156"
-"\040\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036"
-"\027\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027"
-"\015\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201"
-"\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013"
-"\023\063\103\154\141\163\163\040\062\040\120\165\142\154\151\143"
-"\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061"
-"\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165"
-"\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154"
-"\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151"
-"\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157"
-"\162\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\247"
-"\210\001\041\164\054\347\032\003\360\230\341\227\074\017\041\010"
-"\361\234\333\227\351\232\374\302\004\006\023\276\137\122\310\314"
-"\036\054\022\126\054\270\001\151\054\314\231\037\255\260\226\256"
-"\171\004\362\023\071\301\173\230\272\010\054\350\302\204\023\054"
-"\252\151\351\011\364\307\251\002\244\102\302\043\117\112\330\360"
-"\016\242\373\061\154\311\346\157\231\047\007\365\346\364\114\170"
-"\236\155\353\106\206\372\271\206\311\124\362\262\304\257\324\106"
-"\034\132\311\025\060\377\015\154\365\055\016\155\316\177\167\002"
-"\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\201\201\000\162\056\371\177\321\361\161\373\304"
-"\236\366\305\136\121\212\100\230\270\150\370\233\034\203\330\342"
-"\235\275\377\355\241\346\146\352\057\011\364\312\327\352\245\053"
-"\225\366\044\140\206\115\104\056\203\245\304\055\240\323\256\170"
-"\151\157\162\332\154\256\010\360\143\222\067\346\273\304\060\027"
-"\255\167\314\111\065\252\317\330\217\321\276\267\030\226\107\163"
-"\152\124\042\064\144\055\266\026\233\131\133\264\121\131\072\263"
-"\013\024\364\022\337\147\240\364\255\062\144\136\261\106\162\047"
-"\214\022\173\305\104\264\256"
-, (PRUint32)775 }
-};
-static const NSSItem nss_builtins_items_69 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)"\263\352\304\107\166\311\310\034\352\362\235\225\266\314\240\010"
-"\033\147\354\235"
-, (PRUint32)20 },
- { (void *)"\055\273\345\045\323\321\145\202\072\267\016\372\346\353\342\341"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\000\271\057\140\314\210\237\241\172\106\011\270\133\160\154\212"
-"\257"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_70 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\175\331\376\007\317\250\036\267\020\171\147\373\247\211\064\306"
-, (PRUint32)16 },
- { (void *)"\060\202\003\002\060\202\002\153\002\020\175\331\376\007\317\250"
-"\036\267\020\171\147\373\247\211\064\306\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141"
-"\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027"
-"\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015"
-"\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023"
-"\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\314\136"
-"\321\021\135\134\151\320\253\323\271\152\114\231\037\131\230\060"
-"\216\026\205\040\106\155\107\077\324\205\040\204\341\155\263\370"
-"\244\355\014\361\027\017\073\371\247\371\045\327\301\317\204\143"
-"\362\174\143\317\242\107\362\306\133\063\216\144\100\004\150\301"
-"\200\271\144\034\105\167\307\330\156\365\225\051\074\120\350\064"
-"\327\170\037\250\272\155\103\221\225\217\105\127\136\176\305\373"
-"\312\244\004\353\352\227\067\124\060\157\273\001\107\062\063\315"
-"\334\127\233\144\151\141\370\233\035\034\211\117\134\147\002\003"
-"\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\121\115\315\276\134\313\230\031\234\025"
-"\262\001\071\170\056\115\017\147\160\160\231\306\020\132\224\244"
-"\123\115\124\155\053\257\015\135\100\213\144\323\327\356\336\126"
-"\141\222\137\246\304\035\020\141\066\323\054\047\074\350\051\011"
-"\271\021\144\164\314\265\163\237\034\110\251\274\141\001\356\342"
-"\027\246\014\343\100\010\073\016\347\353\104\163\052\232\361\151"
-"\222\357\161\024\303\071\254\161\247\221\011\157\344\161\006\263"
-"\272\131\127\046\171\000\366\370\015\242\063\060\050\324\252\130"
-"\240\235\235\151\221\375"
-, (PRUint32)774 }
-};
-static const NSSItem nss_builtins_items_71 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)"\205\067\034\246\345\120\024\075\316\050\003\107\033\336\072\011"
-"\350\370\167\017"
-, (PRUint32)20 },
- { (void *)"\242\063\233\114\164\170\163\324\154\347\301\363\215\313\134\351"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\175\331\376\007\317\250\036\267\020\171\147\373\247\211\064\306"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_72 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 4 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\062\210\216\232\322\365\353\023\107\370\177\304\040\067\045\370"
-, (PRUint32)16 },
- { (void *)"\060\202\003\002\060\202\002\153\002\020\062\210\216\232\322\365"
-"\353\023\107\370\177\304\040\067\045\370\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141"
-"\163\163\040\064\040\120\165\142\154\151\143\040\120\162\151\155"
-"\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027"
-"\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015"
-"\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023"
-"\063\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\272\360"
-"\344\317\371\304\256\205\124\271\007\127\371\217\305\177\150\021"
-"\370\304\027\260\104\334\343\060\163\325\052\142\052\270\320\314"
-"\034\355\050\133\176\275\152\334\263\221\044\312\101\142\074\374"
-"\002\001\277\034\026\061\224\005\227\166\156\242\255\275\141\027"
-"\154\116\060\206\360\121\067\052\120\307\250\142\201\334\133\112"
-"\252\301\240\264\156\353\057\345\127\305\261\053\100\160\333\132"
-"\115\241\216\037\275\003\037\330\003\324\217\114\231\161\274\342"
-"\202\314\130\350\230\072\206\323\206\070\363\000\051\037\002\003"
-"\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\205\214\022\301\247\271\120\025\172\313"
-"\076\254\270\103\212\334\252\335\024\272\211\201\176\001\074\043"
-"\161\041\210\057\202\334\143\372\002\105\254\105\131\327\052\130"
-"\104\133\267\237\201\073\222\150\075\342\067\044\365\173\154\217"
-"\166\065\226\011\250\131\235\271\316\043\253\164\326\203\375\062"
-"\163\047\330\151\076\103\164\366\256\305\211\232\347\123\174\351"
-"\173\366\113\363\301\145\203\336\215\212\234\074\210\215\071\131"
-"\374\252\077\042\215\241\301\146\120\201\162\114\355\042\144\117"
-"\117\312\200\221\266\051"
-, (PRUint32)774 }
-};
-static const NSSItem nss_builtins_items_73 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 4 Public Primary Certification Authority - G2", (PRUint32)61 },
- { (void *)"\013\167\276\273\313\172\242\107\005\336\314\017\275\152\002\374"
-"\172\275\233\122"
-, (PRUint32)20 },
- { (void *)"\046\155\054\031\230\266\160\150\070\120\124\031\354\220\064\140"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\062\210\216\232\322\365\353\023\107\370\177\304\040\067\045\370"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_74 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Root CA", (PRUint32)19 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\267\224\005"
-, (PRUint32)11 },
- { (void *)"\060\202\003\165\060\202\002\135\240\003\002\001\002\002\013\002"
-"\000\000\000\000\000\326\170\267\224\005\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006"
-"\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004"
-"\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166"
-"\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157"
-"\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022"
-"\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040"
-"\103\101\060\036\027\015\071\070\060\071\060\061\061\062\060\060"
-"\060\060\132\027\015\061\064\060\061\062\070\061\062\060\060\060"
-"\060\132\060\127\061\013\060\011\006\003\125\004\006\023\002\102"
-"\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142"
-"\141\154\123\151\147\156\040\156\166\055\163\141\061\020\060\016"
-"\006\003\125\004\013\023\007\122\157\157\164\040\103\101\061\033"
-"\060\031\006\003\125\004\003\023\022\107\154\157\142\141\154\123"
-"\151\147\156\040\122\157\157\164\040\103\101\060\202\001\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\001\017\000\060\202\001\012\002\202\001\001\000\332\016\346\231"
-"\215\316\243\343\117\212\176\373\361\213\203\045\153\352\110\037"
-"\361\052\260\271\225\021\004\275\360\143\321\342\147\146\317\034"
-"\335\317\033\110\053\356\215\211\216\232\257\051\200\145\253\351"
-"\307\055\022\313\253\034\114\160\007\241\075\012\060\315\025\215"
-"\117\370\335\324\214\120\025\034\357\120\356\304\056\367\374\351"
-"\122\362\221\175\340\155\325\065\060\216\136\103\163\362\101\351"
-"\325\152\343\262\211\072\126\071\070\157\006\074\210\151\133\052"
-"\115\305\247\124\270\154\211\314\233\371\074\312\345\375\211\365"
-"\022\074\222\170\226\326\334\164\156\223\104\141\321\215\307\106"
-"\262\165\016\206\350\031\212\325\155\154\325\170\026\225\242\351"
-"\310\012\070\353\362\044\023\117\163\124\223\023\205\072\033\274"
-"\036\064\265\213\005\214\271\167\213\261\333\037\040\221\253\011"
-"\123\156\220\316\173\067\164\271\160\107\221\042\121\143\026\171"
-"\256\261\256\101\046\010\310\031\053\321\106\252\110\326\144\052"
-"\327\203\064\377\054\052\301\154\031\103\112\007\205\347\323\174"
-"\366\041\150\357\352\362\122\237\177\223\220\317\002\003\001\000"
-"\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004"
-"\004\003\002\000\006\060\035\006\003\125\035\016\004\026\004\024"
-"\140\173\146\032\105\015\227\312\211\120\057\175\004\315\064\250"
-"\377\374\375\113\060\017\006\003\125\035\023\001\001\377\004\005"
-"\060\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001"
-"\001\004\005\000\003\202\001\001\000\256\252\237\374\267\322\313"
-"\037\137\071\051\050\030\236\064\311\154\117\157\032\360\144\242"
-"\160\112\117\023\206\233\140\050\236\350\201\111\230\175\012\273"
-"\345\260\235\075\066\333\217\005\121\377\011\061\052\037\335\211"
-"\167\236\017\056\154\225\004\355\206\313\264\000\077\204\002\115"
-"\200\152\052\055\170\013\256\157\053\242\203\104\203\037\315\120"
-"\202\114\044\257\275\367\245\264\310\132\017\364\347\107\136\111"
-"\216\067\226\376\232\210\005\072\331\300\333\051\207\346\031\226"
-"\107\247\072\246\214\213\074\167\376\106\143\247\123\332\041\321"
-"\254\176\111\242\113\346\303\147\131\057\263\212\016\273\054\275"
-"\251\252\102\174\065\301\330\177\325\247\061\072\116\143\103\071"
-"\257\010\260\141\064\214\323\230\251\103\064\366\017\207\051\073"
-"\235\302\126\130\230\167\303\367\033\254\366\235\370\076\252\247"
-"\124\105\360\365\371\325\061\145\376\153\130\234\161\263\036\327"
-"\122\352\062\027\374\100\140\035\311\171\044\262\366\154\375\250"
-"\146\016\202\335\230\313\332\302\104\117\056\240\173\362\367\153"
-"\054\166\021\204\106\212\170\243\343"
-, (PRUint32)889 }
-};
-static const NSSItem nss_builtins_items_75 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Root CA", (PRUint32)19 },
- { (void *)"\057\027\077\175\351\226\147\257\245\172\370\012\242\321\261\057"
-"\254\203\003\070"
-, (PRUint32)20 },
- { (void *)"\253\277\352\343\153\051\246\314\246\170\065\231\357\255\053\200"
-, (PRUint32)16 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\267\224\005"
-, (PRUint32)11 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_76 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Partners CA", (PRUint32)23 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\024\060\022\006\003"
-"\125\004\013\023\013\120\141\162\164\156\145\162\163\040\103\101"
-"\061\037\060\035\006\003\125\004\003\023\026\107\154\157\142\141"
-"\154\123\151\147\156\040\120\141\162\164\156\145\162\163\040\103"
-"\101"
-, (PRUint32)97 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\271\321\257"
-, (PRUint32)11 },
- { (void *)"\060\202\003\236\060\202\002\206\240\003\002\001\002\002\013\002"
-"\000\000\000\000\000\326\170\271\321\257\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006"
-"\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004"
-"\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166"
-"\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157"
-"\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022"
-"\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040"
-"\103\101\060\036\027\015\071\071\060\061\062\070\061\062\060\060"
-"\060\060\132\027\015\060\071\060\061\062\070\061\062\060\060\060"
-"\060\132\060\137\061\013\060\011\006\003\125\004\006\023\002\102"
-"\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142"
-"\141\154\123\151\147\156\040\156\166\055\163\141\061\024\060\022"
-"\006\003\125\004\013\023\013\120\141\162\164\156\145\162\163\040"
-"\103\101\061\037\060\035\006\003\125\004\003\023\026\107\154\157"
-"\142\141\154\123\151\147\156\040\120\141\162\164\156\145\162\163"
-"\040\103\101\060\202\001\042\060\015\006\011\052\206\110\206\367"
-"\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002"
-"\202\001\001\000\322\054\370\062\254\112\022\172\067\310\051\221"
-"\245\256\214\156\036\016\300\064\063\210\345\063\161\026\034\170"
-"\204\150\303\030\064\120\056\026\076\261\224\202\117\261\232\237"
-"\000\370\306\021\065\306\151\173\230\002\255\000\006\210\154\347"
-"\114\063\050\000\210\047\106\037\207\263\161\165\143\274\062\273"
-"\210\336\146\030\016\120\006\223\264\366\274\024\067\060\075\042"
-"\337\075\377\165\176\331\012\032\305\237\263\374\320\254\263\010"
-"\172\211\323\001\350\000\134\347\112\013\075\115\173\046\242\267"
-"\142\006\213\332\106\335\223\027\077\077\133\002\113\013\266\210"
-"\040\021\222\000\255\273\307\056\324\343\105\256\365\211\132\174"
-"\215\244\255\205\144\062\300\047\214\306\362\212\200\222\206\044"
-"\126\131\215\164\150\242\203\102\263\236\075\120\101\206\157\040"
-"\156\366\375\316\323\031\343\062\314\217\355\232\136\155\037\050"
-"\365\122\254\156\030\136\370\075\321\222\345\272\154\001\210\113"
-"\012\362\055\336\145\063\005\102\240\114\252\061\166\276\375\277"
-"\201\170\371\161\034\106\136\055\025\225\055\060\131\216\114\101"
-"\321\142\253\075\002\003\001\000\001\243\143\060\141\060\016\006"
-"\003\125\035\017\001\001\377\004\004\003\002\000\006\060\035\006"
-"\003\125\035\016\004\026\004\024\103\044\215\160\025\010\142\125"
-"\234\117\014\100\027\135\206\136\017\242\114\373\060\037\006\003"
-"\125\035\043\004\030\060\026\200\024\140\173\146\032\105\015\227"
-"\312\211\120\057\175\004\315\064\250\377\374\375\113\060\017\006"
-"\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015"
-"\006\011\052\206\110\206\367\015\001\001\004\005\000\003\202\001"
-"\001\000\146\355\264\210\151\021\231\202\041\203\254\241\155\213"
-"\233\204\255\017\055\310\036\214\312\173\176\255\252\324\216\336"
-"\007\326\236\105\307\245\270\234\007\071\140\045\125\032\300\117"
-"\031\345\317\027\051\111\211\030\065\146\345\353\050\100\116\127"
-"\311\257\263\344\270\040\005\243\073\225\120\221\111\224\051\175"
-"\054\345\210\101\245\105\210\136\235\202\047\367\322\357\133\265"
-"\117\237\276\376\065\145\054\125\144\237\341\121\332\042\141\167"
-"\272\130\116\217\306\171\131\131\156\060\200\242\117\220\156\041"
-"\013\255\320\150\071\220\020\233\355\042\145\157\036\021\070\346"
-"\177\214\322\363\071\155\107\325\041\350\352\165\072\101\321\255"
-"\366\026\235\135\013\041\275\363\037\143\006\045\035\301\037\065"
-"\161\054\353\040\031\325\301\260\354\075\345\157\355\002\007\077"
-"\023\173\146\222\326\104\301\230\367\137\120\213\172\133\302\157"
-"\155\260\321\370\345\164\240\100\067\243\045\017\344\075\312\144"
-"\061\223\220\134\060\173\271\071\061\232\136\114\315\271\101\117"
-"\120\344\075\070\256\310\146\331\307\073\135\121\107\254\233\253"
-"\362\255"
-, (PRUint32)930 }
-};
-static const NSSItem nss_builtins_items_77 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Partners CA", (PRUint32)23 },
- { (void *)"\204\304\217\000\351\221\354\336\333\264\030\251\213\357\241\172"
-"\107\355\162\230"
-, (PRUint32)20 },
- { (void *)"\074\165\315\114\275\251\320\212\171\117\120\026\067\204\364\053"
-, (PRUint32)16 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\271\321\257"
-, (PRUint32)11 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_78 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Primary Class 1 CA", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\155\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\033\060\031\006\003"
-"\125\004\013\023\022\120\162\151\155\141\162\171\040\103\154\141"
-"\163\163\040\061\040\103\101\061\046\060\044\006\003\125\004\003"
-"\023\035\107\154\157\142\141\154\123\151\147\156\040\120\162\151"
-"\155\141\162\171\040\103\154\141\163\163\040\061\040\103\101"
-, (PRUint32)111 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\270\067\317"
-, (PRUint32)11 },
- { (void *)"\060\202\003\254\060\202\002\224\240\003\002\001\002\002\013\002"
-"\000\000\000\000\000\326\170\270\067\317\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006"
-"\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004"
-"\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166"
-"\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157"
-"\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022"
-"\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040"
-"\103\101\060\036\027\015\071\070\060\071\061\065\061\062\060\060"
-"\060\060\132\027\015\060\071\060\061\062\070\061\062\060\060\060"
-"\060\132\060\155\061\013\060\011\006\003\125\004\006\023\002\102"
-"\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142"
-"\141\154\123\151\147\156\040\156\166\055\163\141\061\033\060\031"
-"\006\003\125\004\013\023\022\120\162\151\155\141\162\171\040\103"
-"\154\141\163\163\040\061\040\103\101\061\046\060\044\006\003\125"
-"\004\003\023\035\107\154\157\142\141\154\123\151\147\156\040\120"
-"\162\151\155\141\162\171\040\103\154\141\163\163\040\061\040\103"
-"\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\275\040\065\107\321\050\326\010\243\022\071\043\107\015"
-"\275\160\041\122\016\127\061\225\246\064\127\153\354\176\103\171"
-"\303\006\122\110\315\274\265\241\231\275\330\037\062\274\317\327"
-"\156\162\155\056\167\042\220\202\116\113\217\232\014\001\102\232"
-"\331\160\131\266\235\037\346\143\321\014\255\035\116\370\205\201"
-"\371\256\357\237\246\122\141\104\171\032\165\105\340\141\126\105"
-"\155\102\214\075\162\313\246\244\022\267\232\365\326\140\320\140"
-"\120\263\216\246\246\354\264\364\022\315\177\250\316\357\263\341"
-"\205\060\376\162\304\346\347\167\263\236\130\101\326\121\203\210"
-"\007\306\266\151\117\066\336\321\013\110\077\275\326\237\041\164"
-"\144\157\047\006\076\113\375\016\246\233\277\244\110\127\214\220"
-"\356\211\030\013\002\201\030\276\147\376\123\140\210\047\272\243"
-"\163\064\113\132\126\264\336\163\005\355\230\226\135\354\112\347"
-"\100\374\113\011\142\353\320\343\061\117\205\321\172\253\131\147"
-"\053\373\210\017\353\252\203\275\065\375\141\047\354\146\016\102"
-"\127\367\151\302\014\357\374\152\302\156\111\332\217\101\070\256"
-"\110\251\002\003\001\000\001\243\143\060\141\060\016\006\003\125"
-"\035\017\001\001\377\004\004\003\002\000\006\060\035\006\003\125"
-"\035\016\004\026\004\024\374\340\146\366\132\065\231\353\100\036"
-"\322\270\036\103\274\230\216\037\212\303\060\037\006\003\125\035"
-"\043\004\030\060\026\200\024\140\173\146\032\105\015\227\312\211"
-"\120\057\175\004\315\064\250\377\374\375\113\060\017\006\003\125"
-"\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\003\202\001\001\000"
-"\233\243\010\104\316\362\220\235\161\363\062\263\005\152\265\352"
-"\317\051\230\336\125\076\240\026\175\006\172\104\326\257\322\372"
-"\023\130\214\370\034\307\253\035\264\033\357\151\150\230\134\010"
-"\071\217\340\367\373\110\314\041\347\270\063\333\005\252\064\044"
-"\154\112\345\351\173\140\336\203\263\037\012\276\101\165\374\314"
-"\060\110\267\301\046\035\004\063\252\266\170\355\052\313\272\126"
-"\227\062\156\367\061\225\056\106\362\024\356\047\307\367\142\211"
-"\271\134\132\323\070\212\144\365\067\264\361\263\064\162\325\325"
-"\041\075\113\327\170\223\327\061\146\065\036\243\330\107\111\157"
-"\034\255\341\200\177\370\230\044\154\163\254\016\302\032\167\002"
-"\243\046\007\267\307\153\135\274\202\325\052\110\035\143\317\120"
-"\062\246\373\034\030\107\025\012\133\014\134\070\044\232\004\230"
-"\250\010\110\137\174\064\207\143\253\055\215\114\000\167\224\033"
-"\166\272\365\026\030\243\025\257\057\224\366\051\000\166\301\025"
-"\027\323\351\067\115\166\324\313\113\051\131\044\254\332\112\240"
-"\352\143\336\137\124\261\372\363\321\105\313\305\144\264\163\041"
-, (PRUint32)944 }
-};
-static const NSSItem nss_builtins_items_79 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Primary Class 1 CA", (PRUint32)30 },
- { (void *)"\353\061\124\315\041\226\363\125\022\053\211\147\267\163\002\102"
-"\355\321\336\113"
-, (PRUint32)20 },
- { (void *)"\134\254\131\001\244\206\123\313\020\146\265\326\326\161\377\001"
-, (PRUint32)16 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\270\067\317"
-, (PRUint32)11 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_80 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Primary Class 2 CA", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\155\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\033\060\031\006\003"
-"\125\004\013\023\022\120\162\151\155\141\162\171\040\103\154\141"
-"\163\163\040\062\040\103\101\061\046\060\044\006\003\125\004\003"
-"\023\035\107\154\157\142\141\154\123\151\147\156\040\120\162\151"
-"\155\141\162\171\040\103\154\141\163\163\040\062\040\103\101"
-, (PRUint32)111 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\270\215\215"
-, (PRUint32)11 },
- { (void *)"\060\202\003\254\060\202\002\224\240\003\002\001\002\002\013\002"
-"\000\000\000\000\000\326\170\270\215\215\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006"
-"\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004"
-"\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166"
-"\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157"
-"\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022"
-"\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040"
-"\103\101\060\036\027\015\071\071\060\061\062\070\061\062\060\060"
-"\060\060\132\027\015\060\071\060\061\062\070\061\062\060\060\060"
-"\060\132\060\155\061\013\060\011\006\003\125\004\006\023\002\102"
-"\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142"
-"\141\154\123\151\147\156\040\156\166\055\163\141\061\033\060\031"
-"\006\003\125\004\013\023\022\120\162\151\155\141\162\171\040\103"
-"\154\141\163\163\040\062\040\103\101\061\046\060\044\006\003\125"
-"\004\003\023\035\107\154\157\142\141\154\123\151\147\156\040\120"
-"\162\151\155\141\162\171\040\103\154\141\163\163\040\062\040\103"
-"\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\222\214\376\357\364\105\216\027\101\156\374\330\277\041"
-"\157\253\006\235\122\301\054\000\235\077\216\205\270\177\112\217"
-"\275\240\143\052\312\111\047\256\132\202\364\164\342\125\222\377"
-"\302\321\252\171\242\266\372\325\235\202\004\117\306\262\306\136"
-"\143\247\072\272\330\356\353\212\157\237\266\273\050\101\300\042"
-"\373\116\110\032\006\222\327\277\327\317\271\331\275\070\117\073"
-"\015\104\156\125\101\376\374\011\333\330\277\363\216\041\361\350"
-"\022\265\366\023\245\323\306\114\223\042\260\002\377\356\035\014"
-"\304\250\153\117\165\150\126\350\334\050\022\120\367\250\044\235"
-"\056\044\071\373\011\005\336\345\243\144\111\041\320\150\176\161"
-"\060\221\261\140\340\071\364\120\370\172\115\230\000\153\174\171"
-"\272\116\316\112\342\272\066\035\267\305\066\025\225\234\144\102"
-"\352\137\304\272\365\100\005\276\341\072\131\275\204\247\031\270"
-"\336\115\123\120\316\007\321\322\121\323\357\015\201\154\346\347"
-"\155\313\135\174\077\174\314\354\117\203\047\045\377\160\120\366"
-"\203\131\165\204\006\146\130\054\336\211\215\000\246\111\371\245"
-"\103\167\002\003\001\000\001\243\143\060\141\060\016\006\003\125"
-"\035\017\001\001\377\004\004\003\002\000\006\060\035\006\003\125"
-"\035\016\004\026\004\024\174\347\262\261\054\336\261\247\153\351"
-"\166\014\341\243\375\116\154\307\271\366\060\037\006\003\125\035"
-"\043\004\030\060\026\200\024\140\173\146\032\105\015\227\312\211"
-"\120\057\175\004\315\064\250\377\374\375\113\060\017\006\003\125"
-"\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\003\202\001\001\000"
-"\143\335\131\316\212\171\252\230\235\116\305\211\144\067\176\212"
-"\223\147\057\020\352\157\047\303\215\167\155\362\134\126\224\031"
-"\032\151\140\060\106\135\217\362\155\105\074\216\065\227\174\057"
-"\270\121\342\350\211\275\210\317\047\034\010\064\134\210\301\150"
-"\044\333\221\205\344\317\373\373\103\215\350\045\001\033\304\016"
-"\367\000\102\110\206\037\044\010\130\132\214\215\362\153\107\054"
-"\150\221\261\151\102\375\015\215\311\046\346\222\206\246\144\156"
-"\222\305\316\076\074\175\161\343\043\244\253\307\325\250\251\337"
-"\202\247\073\350\206\325\303\117\030\343\104\320\340\334\363\305"
-"\150\056\376\245\057\005\204\310\176\107\102\123\153\207\112\376"
-"\062\377\136\076\160\214\267\250\025\314\027\302\377\106\354\320"
-"\354\055\264\156\022\050\251\371\100\351\353\324\146\227\123\251"
-"\151\125\300\251\252\262\056\315\321\151\364\276\370\273\174\151"
-"\356\124\246\333\236\373\132\246\076\376\232\357\224\121\113\165"
-"\356\330\324\341\232\361\002\126\023\211\016\247\102\213\226\213"
-"\205\014\033\205\276\046\256\253\246\231\274\042\361\163\337\102"
-, (PRUint32)944 }
-};
-static const NSSItem nss_builtins_items_81 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Primary Class 2 CA", (PRUint32)30 },
- { (void *)"\203\376\336\325\161\343\226\317\307\144\367\073\337\026\166\207"
-"\162\305\037\314"
-, (PRUint32)20 },
- { (void *)"\251\251\102\131\176\276\132\224\344\054\306\213\034\052\104\266"
-, (PRUint32)16 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\270\215\215"
-, (PRUint32)11 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_82 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Primary Class 3 CA", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\155\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\033\060\031\006\003"
-"\125\004\013\023\022\120\162\151\155\141\162\171\040\103\154\141"
-"\163\163\040\063\040\103\101\061\046\060\044\006\003\125\004\003"
-"\023\035\107\154\157\142\141\154\123\151\147\156\040\120\162\151"
-"\155\141\162\171\040\103\154\141\163\163\040\063\040\103\101"
-, (PRUint32)111 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\270\326\303"
-, (PRUint32)11 },
- { (void *)"\060\202\003\254\060\202\002\224\240\003\002\001\002\002\013\002"
-"\000\000\000\000\000\326\170\270\326\303\060\015\006\011\052\206"
-"\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006"
-"\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004"
-"\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166"
-"\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157"
-"\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022"
-"\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040"
-"\103\101\060\036\027\015\071\071\060\061\062\070\061\062\060\060"
-"\060\060\132\027\015\060\071\060\061\062\070\061\062\060\060\060"
-"\060\132\060\155\061\013\060\011\006\003\125\004\006\023\002\102"
-"\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142"
-"\141\154\123\151\147\156\040\156\166\055\163\141\061\033\060\031"
-"\006\003\125\004\013\023\022\120\162\151\155\141\162\171\040\103"
-"\154\141\163\163\040\063\040\103\101\061\046\060\044\006\003\125"
-"\004\003\023\035\107\154\157\142\141\154\123\151\147\156\040\120"
-"\162\151\155\141\162\171\040\103\154\141\163\163\040\063\040\103"
-"\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\221\136\126\145\326\300\300\004\234\277\107\304\134\173"
-"\172\061\001\371\130\226\231\343\034\204\057\334\126\217\255\365"
-"\131\201\325\103\146\135\132\223\214\165\312\251\347\021\301\121"
-"\020\024\140\311\054\324\173\257\306\167\206\253\172\047\256\157"
-"\225\271\013\312\266\106\373\176\032\364\015\024\155\322\311\116"
-"\262\256\360\124\366\134\100\114\066\110\164\350\124\214\145\146"
-"\020\247\275\053\267\040\215\005\111\255\170\175\322\044\043\120"
-"\343\360\264\171\233\001\071\377\257\073\323\055\356\341\111\215"
-"\215\057\074\152\101\105\057\233\343\075\341\022\344\221\165\236"
-"\317\240\076\074\222\201\157\212\056\030\334\340\362\214\214\375"
-"\207\331\007\364\100\224\311\116\117\103\337\147\126\157\275\003"
-"\120\174\231\147\244\271\074\221\154\002\156\204\326\374\106\367"
-"\314\157\030\076\027\360\357\013\144\026\127\346\254\206\361\110"
-"\252\103\301\311\047\170\163\104\105\342\205\175\272\377\263\341"
-"\373\033\005\244\113\073\231\022\045\001\120\024\152\257\135\352"
-"\310\014\356\344\332\354\113\213\134\150\023\225\334\303\265\060"
-"\072\327\002\003\001\000\001\243\143\060\141\060\016\006\003\125"
-"\035\017\001\001\377\004\004\003\002\000\006\060\035\006\003\125"
-"\035\016\004\026\004\024\314\066\314\027\264\105\221\057\355\317"
-"\073\060\110\167\373\265\024\231\276\343\060\037\006\003\125\035"
-"\043\004\030\060\026\200\024\140\173\146\032\105\015\227\312\211"
-"\120\057\175\004\315\064\250\377\374\375\113\060\017\006\003\125"
-"\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011"
-"\052\206\110\206\367\015\001\001\004\005\000\003\202\001\001\000"
-"\127\262\124\314\275\225\027\144\140\211\266\123\221\014\105\222"
-"\303\075\250\154\303\314\262\030\365\170\101\164\330\175\243\047"
-"\257\167\015\131\076\224\035\151\372\211\323\014\275\032\001\364"
-"\077\350\340\167\032\202\050\132\346\142\327\267\343\066\311\016"
-"\237\172\343\302\323\314\131\211\014\357\026\213\360\066\167\042"
-"\312\244\266\267\301\102\147\001\100\143\314\347\070\144\207\133"
-"\024\226\146\173\055\024\356\275\111\155\377\167\320\342\116\133"
-"\323\200\302\115\017\312\270\235\201\227\247\064\156\307\343\234"
-"\110\345\264\252\105\365\366\145\114\110\362\022\302\322\223\214"
-"\302\025\044\363\053\122\377\343\010\256\270\156\326\054\022\317"
-"\071\313\022\052\347\251\173\137\230\075\243\341\314\246\143\211"
-"\134\175\061\165\371\325\326\135\362\320\324\075\337\236\161\250"
-"\016\334\344\040\227\170\346\177\123\244\015\121\117\216\073\003"
-"\256\243\015\132\115\303\171\347\065\130\160\102\311\136\241\136"
-"\264\331\042\243\104\123\065\244\320\317\163\200\305\317\237\126"
-"\230\166\371\024\114\167\207\202\311\334\176\135\064\325\066\165"
-, (PRUint32)944 }
-};
-static const NSSItem nss_builtins_items_83 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"GlobalSign Primary Class 3 CA", (PRUint32)30 },
- { (void *)"\164\003\311\063\110\252\304\367\016\051\364\320\025\022\364\106"
-"\111\017\165\214"
-, (PRUint32)20 },
- { (void *)"\230\022\243\113\225\251\226\144\224\347\120\214\076\341\203\132"
-, (PRUint32)16 },
- { (void *)"\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061"
-"\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154"
-"\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003"
-"\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031"
-"\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147"
-"\156\040\122\157\157\164\040\103\101"
-, (PRUint32)89 },
- { (void *)"\002\000\000\000\000\000\326\170\270\326\303"
-, (PRUint32)11 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_84 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 1 VA", (PRUint32)20 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060"
-"\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164"
-"\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167"
-"\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141"
-"\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063"
-"\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040"
-"\103\154\141\163\163\040\061\040\120\157\154\151\143\171\040\126"
-"\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164"
-"\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162"
-"\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206"
-"\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151"
-"\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066"
-"\062\065\062\062\062\063\064\070\132\027\015\061\071\060\066\062"
-"\065\062\062\062\063\064\070\132\060\201\273\061\044\060\042\006"
-"\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126"
-"\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162"
-"\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151"
-"\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003"
-"\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154"
-"\141\163\163\040\061\040\120\157\154\151\143\171\040\126\141\154"
-"\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160"
-"\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056"
-"\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015"
-"\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145"
-"\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\330\131\202\172\211\270\226\272\246\057\150\157\130"
-"\056\247\124\034\006\156\364\352\215\110\274\061\224\027\360\363"
-"\116\274\262\270\065\222\166\260\320\245\245\001\327\000\003\022"
-"\042\031\010\370\377\021\043\233\316\007\365\277\151\032\046\376"
-"\116\351\321\177\235\054\100\035\131\150\156\246\370\130\260\235"
-"\032\217\323\077\361\334\031\006\201\250\016\340\072\335\310\123"
-"\105\011\006\346\017\160\303\372\100\246\016\342\126\005\017\030"
-"\115\374\040\202\321\163\125\164\215\166\162\240\035\235\035\300"
-"\335\077\161\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\201\201\000\120\150\075\111\364"
-"\054\034\006\224\337\225\140\177\226\173\027\376\117\161\255\144"
-"\310\335\167\322\357\131\125\350\077\350\216\005\052\041\362\007"
-"\322\265\247\122\376\234\261\266\342\133\167\027\100\352\162\326"
-"\043\313\050\201\062\303\000\171\030\354\131\027\211\311\306\152"
-"\036\161\311\375\267\164\245\045\105\151\305\110\253\031\341\105"
-"\212\045\153\031\356\345\273\022\365\177\367\246\215\121\303\360"
-"\235\164\267\251\076\240\245\377\266\111\003\023\332\042\314\355"
-"\161\202\053\231\317\072\267\365\055\162\310"
-, (PRUint32)747 }
-};
-static const NSSItem nss_builtins_items_85 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 1 VA", (PRUint32)20 },
- { (void *)"\345\337\164\074\266\001\304\233\230\103\334\253\214\350\152\201"
-"\020\237\344\216"
-, (PRUint32)20 },
- { (void *)"\145\130\253\025\255\127\154\036\250\247\265\151\254\277\377\353"
-, (PRUint32)16 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_86 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 2 VA", (PRUint32)20 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060"
-"\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164"
-"\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167"
-"\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141"
-"\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063"
-"\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040"
-"\103\154\141\163\163\040\062\040\120\157\154\151\143\171\040\126"
-"\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164"
-"\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162"
-"\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206"
-"\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151"
-"\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066"
-"\062\066\060\060\061\071\065\064\132\027\015\061\071\060\066\062"
-"\066\060\060\061\071\065\064\132\060\201\273\061\044\060\042\006"
-"\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126"
-"\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162"
-"\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151"
-"\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003"
-"\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154"
-"\141\163\163\040\062\040\120\157\154\151\143\171\040\126\141\154"
-"\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160"
-"\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056"
-"\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015"
-"\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145"
-"\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\316\072\161\312\345\253\310\131\222\125\327\253\330"
-"\164\016\371\356\331\366\125\107\131\145\107\016\005\125\334\353"
-"\230\066\074\134\123\135\323\060\317\070\354\275\101\211\355\045"
-"\102\011\044\153\012\136\263\174\335\122\055\114\346\324\326\175"
-"\132\131\251\145\324\111\023\055\044\115\034\120\157\265\301\205"
-"\124\073\376\161\344\323\134\102\371\200\340\221\032\012\133\071"
-"\066\147\363\077\125\174\033\077\264\137\144\163\064\343\264\022"
-"\277\207\144\370\332\022\377\067\047\301\263\103\273\357\173\156"
-"\056\151\367\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\201\201\000\073\177\120\157\157"
-"\120\224\231\111\142\070\070\037\113\370\245\310\076\247\202\201"
-"\366\053\307\350\305\316\350\072\020\202\313\030\000\216\115\275"
-"\250\130\177\241\171\000\265\273\351\215\257\101\331\017\064\356"
-"\041\201\031\240\062\111\050\364\304\216\126\325\122\063\375\120"
-"\325\176\231\154\003\344\311\114\374\313\154\253\146\263\112\041"
-"\214\345\265\014\062\076\020\262\314\154\241\334\232\230\114\002"
-"\133\363\316\271\236\245\162\016\112\267\077\074\346\026\150\370"
-"\276\355\164\114\274\133\325\142\037\103\335"
-, (PRUint32)747 }
-};
-static const NSSItem nss_builtins_items_87 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 2 VA", (PRUint32)20 },
- { (void *)"\061\172\052\320\177\053\063\136\365\241\303\116\113\127\350\267"
-"\330\361\374\246"
-, (PRUint32)20 },
- { (void *)"\251\043\165\233\272\111\066\156\061\302\333\362\347\146\272\207"
-, (PRUint32)16 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_88 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 3 VA", (PRUint32)20 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060"
-"\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164"
-"\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167"
-"\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141"
-"\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063"
-"\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040"
-"\103\154\141\163\163\040\063\040\120\157\154\151\143\171\040\126"
-"\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162"
-"\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164"
-"\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162"
-"\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206"
-"\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151"
-"\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066"
-"\062\066\060\060\062\062\063\063\132\027\015\061\071\060\066\062"
-"\066\060\060\062\062\063\063\132\060\201\273\061\044\060\042\006"
-"\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126"
-"\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162"
-"\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151"
-"\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003"
-"\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154"
-"\141\163\163\040\063\040\120\157\154\151\143\171\040\126\141\154"
-"\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160"
-"\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056"
-"\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015"
-"\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145"
-"\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\343\230\121\226\034\350\325\261\006\201\152\127\303"
-"\162\165\223\253\317\236\246\374\363\026\122\326\055\115\237\065"
-"\104\250\056\004\115\007\111\212\070\051\365\167\067\347\267\253"
-"\135\337\066\161\024\231\217\334\302\222\361\347\140\222\227\354"
-"\330\110\334\277\301\002\040\306\044\244\050\114\060\132\166\155"
-"\261\134\363\335\336\236\020\161\241\210\307\133\233\101\155\312"
-"\260\270\216\025\356\255\063\053\317\107\004\134\165\161\012\230"
-"\044\230\051\247\111\131\245\335\370\267\103\142\141\363\323\342"
-"\320\125\077\002\003\001\000\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\201\201\000\126\273\002\130\204"
-"\147\010\054\337\037\333\173\111\063\365\323\147\235\364\264\012"
-"\020\263\311\305\054\342\222\152\161\170\047\362\160\203\102\323"
-"\076\317\251\124\364\361\330\222\026\214\321\004\313\113\253\311"
-"\237\105\256\074\212\251\260\161\063\135\310\305\127\337\257\250"
-"\065\263\177\211\207\351\350\045\222\270\177\205\172\256\326\274"
-"\036\067\130\052\147\311\221\317\052\201\076\355\306\071\337\300"
-"\076\031\234\031\314\023\115\202\101\265\214\336\340\075\140\010"
-"\040\017\105\176\153\242\177\243\214\025\356"
-, (PRUint32)747 }
-};
-static const NSSItem nss_builtins_items_89 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert Class 3 VA", (PRUint32)20 },
- { (void *)"\151\275\214\364\234\323\000\373\131\056\027\223\312\125\152\363"
-"\354\252\065\373"
-, (PRUint32)20 },
- { (void *)"\242\157\123\267\356\100\333\112\150\347\372\030\331\020\113\162"
-, (PRUint32)16 },
- { (void *)"\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154"
-"\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157"
-"\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125"
-"\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166"
-"\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036"
-"\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146"
-"\157\100\166\141\154\151\143\145\162\164\056\143\157\155"
-, (PRUint32)190 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_90 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Universal CA Root", (PRUint32)25 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\127\061\017\060\015\006\003\125\004\012\023\006\124\150\141"
-"\167\164\145\061\041\060\037\006\003\125\004\013\023\030\124\150"
-"\141\167\164\145\040\125\156\151\166\145\162\163\141\154\040\103"
-"\101\040\122\157\157\164\061\041\060\037\006\003\125\004\003\023"
-"\030\124\150\141\167\164\145\040\125\156\151\166\145\162\163\141"
-"\154\040\103\101\040\122\157\157\164"
-, (PRUint32)89 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\127\061\017\060\015\006\003\125\004\012\023\006\124\150\141"
-"\167\164\145\061\041\060\037\006\003\125\004\013\023\030\124\150"
-"\141\167\164\145\040\125\156\151\166\145\162\163\141\154\040\103"
-"\101\040\122\157\157\164\061\041\060\037\006\003\125\004\003\023"
-"\030\124\150\141\167\164\145\040\125\156\151\166\145\162\163\141"
-"\154\040\103\101\040\122\157\157\164"
-, (PRUint32)89 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\021\042\060\202\011\012\002\001\000\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\127\061\017\060\015"
-"\006\003\125\004\012\023\006\124\150\141\167\164\145\061\041\060"
-"\037\006\003\125\004\013\023\030\124\150\141\167\164\145\040\125"
-"\156\151\166\145\162\163\141\154\040\103\101\040\122\157\157\164"
-"\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167\164"
-"\145\040\125\156\151\166\145\162\163\141\154\040\103\101\040\122"
-"\157\157\164\060\036\027\015\071\071\061\062\060\065\061\063\065"
-"\066\060\065\132\027\015\063\067\060\064\060\063\061\063\065\066"
-"\060\065\132\060\127\061\017\060\015\006\003\125\004\012\023\006"
-"\124\150\141\167\164\145\061\041\060\037\006\003\125\004\013\023"
-"\030\124\150\141\167\164\145\040\125\156\151\166\145\162\163\141"
-"\154\040\103\101\040\122\157\157\164\061\041\060\037\006\003\125"
-"\004\003\023\030\124\150\141\167\164\145\040\125\156\151\166\145"
-"\162\163\141\154\040\103\101\040\122\157\157\164\060\202\010\042"
-"\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003"
-"\202\010\017\000\060\202\010\012\002\202\010\001\000\342\211\005"
-"\155\303\177\255\246\211\072\377\273\307\315\235\067\261\341\322"
-"\041\036\233\141\052\025\347\173\127\117\125\074\320\273\371\331"
-"\075\076\246\274\354\264\255\123\232\026\002\353\013\162\375\212"
-"\362\217\104\005\305\353\323\345\275\266\104\071\346\373\107\277"
-"\152\236\012\225\030\342\150\342\326\226\326\041\255\210\375\365"
-"\027\365\323\332\102\245\220\355\051\225\226\165\072\332\207\241"
-"\324\365\323\207\336\005\142\246\343\146\164\222\317\245\274\273"
-"\337\150\377\161\165\126\101\131\065\353\063\132\146\121\362\322"
-"\243\012\301\214\316\163\134\021\157\055\214\225\214\221\261\375"
-"\317\345\255\126\225\314\205\222\203\220\125\101\311\302\167\355"
-"\371\243\164\102\012\150\010\363\320\321\145\375\147\054\064\377"
-"\044\177\347\171\310\007\073\045\127\335\244\014\230\075\276\340"
-"\314\031\145\333\362\124\242\257\102\324\235\342\256\204\043\045"
-"\011\063\022\265\152\036\166\304\213\331\111\000\154\136\272\037"
-"\362\033\332\147\312\047\252\243\104\043\033\203\202\316\362\253"
-"\063\355\124\244\334\311\253\131\145\321\070\016\301\076\033\147"
-"\217\326\165\001\340\125\042\335\166\167\354\216\335\364\317\171"
-"\042\155\271\127\003\365\231\010\247\074\076\064\373\304\027\256"
-"\043\130\315\044\363\043\312\152\002\050\224\001\201\064\264\154"
-"\153\256\213\032\303\243\322\011\074\026\124\365\066\137\044\343"
-"\237\112\241\342\144\306\026\303\246\201\172\044\066\107\216\301"
-"\136\016\373\371\025\170\004\326\016\131\331\235\130\146\142\322"
-"\224\051\062\062\310\170\271\146\366\265\126\341\154\306\024\113"
-"\226\122\131\221\002\044\152\125\107\327\077\266\043\032\140\167"
-"\227\056\342\100\257\236\004\127\236\255\021\305\311\103\160\357"
-"\110\264\136\254\034\151\056\056\202\325\133\213\276\202\276\031"
-"\024\136\347\015\042\307\121\033\377\036\233\361\060\217\161\061"
-"\006\263\064\047\217\137\172\146\202\117\212\055\023\253\102\317"
-"\041\126\236\227\216\146\066\017\226\233\345\053\364\002\251\052"
-"\152\214\054\304\303\270\160\054\055\051\036\077\120\167\036\155"
-"\052\124\344\125\012\221\070\241\305\265\146\242\166\132\356\017"
-"\277\264\147\341\050\156\017\341\066\241\202\321\277\324\167\341"
-"\304\147\062\223\170\310\347\124\123\376\043\171\346\150\314\046"
-"\220\366\020\143\135\052\157\221\055\244\163\062\121\041\362\273"
-"\025\337\252\044\010\110\006\336\241\236\046\277\272\203\277\174"
-"\244\310\240\214\275\322\377\274\204\151\047\023\044\030\304\105"
-"\030\043\046\136\030\024\312\056\210\207\142\243\123\346\041\267"
-"\270\205\173\232\205\273\025\046\162\370\271\367\152\164\017\111"
-"\077\222\276\251\005\267\231\047\277\277\011\027\113\231\114\255"
-"\021\020\174\337\164\061\366\217\046\137\252\210\256\070\127\310"
-"\125\055\323\373\330\033\121\231\276\045\033\072\272\300\175\033"
-"\355\316\322\111\271\317\363\305\175\211\220\201\330\151\110\040"
-"\020\243\370\357\222\121\030\062\213\021\030\300\077\033\205\126"
-"\316\127\311\362\202\144\306\337\002\011\056\112\021\057\261\047"
-"\155\067\122\360\360\026\141\361\147\215\337\207\162\257\207\332"
-"\317\373\120\224\156\324\224\205\353\212\054\352\041\365\226\112"
-"\104\325\340\316\152\164\104\115\320\005\323\207\025\355\066\320"
-"\244\213\146\125\160\223\356\107\006\301\176\056\245\030\171\147"
-"\363\050\205\361\160\367\016\203\244\176\124\236\132\166\062\313"
-"\145\033\270\315\373\310\050\003\322\124\221\321\247\305\205\103"
-"\010\027\166\245\346\057\147\010\330\241\242\202\055\014\370\301"
-"\257\143\324\120\167\155\153\106\112\101\205\325\220\137\171\055"
-"\304\354\327\021\207\100\212\341\150\342\144\370\125\062\373\157"
-"\223\054\332\167\331\041\301\027\345\066\054\116\176\220\177\254"
-"\224\053\062\147\276\070\120\166\270\256\101\271\327\041\305\011"
-"\114\140\310\243\121\304\064\233\127\067\337\313\311\063\127\213"
-"\353\373\166\237\031\115\305\152\037\052\105\256\053\355\057\215"
-"\247\245\000\313\004\372\045\142\056\164\110\033\312\052\214\272"
-"\333\266\176\366\273\002\174\251\303\333\130\170\241\277\360\376"
-"\032\020\125\021\316\350\151\116\226\145\306\027\003\326\007\150"
-"\214\124\202\256\034\042\125\077\361\364\011\227\050\300\106\367"
-"\116\013\045\035\367\007\327\011\035\072\030\127\070\073\350\063"
-"\006\347\217\170\106\036\133\365\006\266\354\270\246\015\361\272"
-"\023\113\326\030\040\335\151\063\112\063\025\256\270\310\230\212"
-"\047\054\223\274\055\373\356\063\277\146\346\115\272\266\233\006"
-"\125\140\227\113\274\104\315\176\364\241\330\252\057\300\002\050"
-"\041\026\142\170\333\010\124\362\374\364\064\343\306\217\034\103"
-"\127\316\220\032\113\334\056\073\050\221\211\077\172\332\065\035"
-"\216\054\356\111\354\364\063\255\311\123\250\214\237\004\123\076"
-"\044\034\122\311\022\371\142\127\243\274\356\054\353\100\174\040"
-"\043\160\053\225\371\163\027\212\321\301\034\151\246\267\070\232"
-"\147\367\160\035\172\132\014\100\317\142\017\205\074\302\002\116"
-"\176\265\366\305\052\051\204\263\037\067\052\341\252\162\102\304"
-"\355\153\032\217\222\034\135\276\321\362\133\362\253\252\251\322"
-"\365\270\244\101\053\053\221\156\022\110\312\230\330\067\215\310"
-"\355\000\060\265\266\004\116\176\234\332\204\354\300\372\173\345"
-"\035\210\244\123\106\260\224\344\134\033\241\045\054\017\110\122"
-"\167\227\011\154\354\133\030\063\203\002\345\202\176\315\205\041"
-"\060\021\375\047\117\317\344\036\354\077\245\127\154\351\052\060"
-"\031\052\210\345\303\151\070\253\157\071\161\177\204\341\101\303"
-"\341\314\052\211\040\122\056\203\017\154\071\077\113\055\026\254"
-"\055\360\044\254\000\163\364\233\263\006\077\005\270\024\205\037"
-"\253\236\134\074\236\142\235\016\155\073\200\011\374\002\352\242"
-"\227\164\312\307\371\343\126\341\303\312\245\246\232\300\220\340"
-"\044\022\123\322\302\213\332\276\355\002\103\136\147\341\211\230"
-"\171\356\313\252\312\303\033\334\347\245\106\245\174\153\026\207"
-"\266\132\050\327\333\047\074\136\245\275\266\121\335\037\103\317"
-"\073\046\310\072\215\045\141\301\111\364\074\033\311\104\352\257"
-"\034\302\053\224\001\052\016\060\321\133\213\053\107\345\303\321"
-"\004\003\233\016\071\054\326\047\324\346\160\132\331\165\317\052"
-"\330\311\000\005\344\023\210\354\303\071\373\207\141\060\066\103"
-"\003\310\236\234\242\006\302\057\305\374\360\200\143\261\124\004"
-"\240\114\251\056\306\365\166\172\330\320\344\324\224\021\345\025"
-"\265\170\006\334\270\200\217\231\251\040\063\075\020\205\114\145"
-"\011\312\076\130\136\140\223\232\252\142\135\300\121\006\034\135"
-"\140\240\015\234\113\103\366\247\026\041\244\207\252\362\301\056"
-"\356\222\060\270\236\337\337\020\001\213\206\011\160\330\154\250"
-"\267\120\036\026\226\264\367\147\375\065\072\041\220\052\062\307"
-"\000\173\115\007\020\011\271\057\163\330\030\176\147\231\004\117"
-"\006\374\120\307\205\233\235\100\235\263\226\067\372\245\334\262"
-"\162\116\357\116\011\054\375\221\375\115\367\273\246\241\076\253"
-"\173\242\003\100\246\251\125\047\342\372\371\031\316\207\165\252"
-"\361\165\066\363\363\270\221\370\221\303\213\165\023\216\114\145"
-"\232\026\071\152\345\064\350\172\226\131\177\065\260\000\375\133"
-"\151\374\103\046\372\365\050\156\376\207\331\176\044\373\264\240"
-"\202\156\124\242\377\256\277\142\264\364\162\001\302\313\230\107"
-"\230\341\114\265\027\200\200\316\217\246\050\356\036\105\152\373"
-"\337\361\035\374\132\073\326\352\364\154\035\142\111\127\073\212"
-"\217\206\352\360\123\004\316\234\026\150\377\272\271\374\210\017"
-"\107\367\002\104\162\100\270\312\073\055\123\235\334\074\126\214"
-"\131\173\150\032\054\215\161\273\154\000\307\032\316\157\100\222"
-"\261\243\057\017\331\104\362\243\160\056\236\356\016\256\062\320"
-"\073\076\213\007\352\346\171\263\134\051\342\175\153\250\136\371"
-"\132\061\350\010\226\242\214\003\230\106\361\270\175\220\124\046"
-"\355\166\142\376\236\351\232\156\136\311\111\307\134\064\123\051"
-"\124\331\354\344\106\341\200\073\165\331\337\373\171\325\207\361"
-"\272\236\353\031\316\114\122\163\346\133\207\256\045\117\071\171"
-"\314\306\270\371\020\173\354\360\233\161\244\005\240\323\051\323"
-"\116\177\037\364\055\050\170\314\125\225\173\036\221\057\314\126"
-"\030\163\213\262\333\274\151\007\346\320\330\117\355\242\377\130"
-"\205\243\155\340\112\123\267\147\175\215\014\134\133\173\167\050"
-"\002\065\104\172\004\323\050\103\310\153\060\027\135\062\270\051"
-"\065\272\166\332\073\024\112\166\030\130\244\370\222\074\236\115"
-"\063\157\106\153\010\331\061\110\150\335\364\373\044\126\064\262"
-"\317\151\146\276\110\322\212\146\042\315\362\151\315\302\123\023"
-"\105\051\101\042\326\135\230\037\266\244\262\243\302\356\002\057"
-"\121\033\334\203\244\354\160\045\250\324\010\141\062\157\344\241"
-"\201\056\174\143\162\372\051\145\274\160\104\317\135\002\003\001"
-"\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005\005"
-"\000\003\202\010\001\000\125\232\064\152\042\006\151\011\105\063"
-"\307\256\251\134\307\011\116\233\206\274\101\220\324\224\122\366"
-"\315\043\051\224\113\042\315\350\275\376\235\315\122\362\275\355"
-"\253\207\311\253\253\106\004\264\275\242\077\042\060\107\120\300"
-"\113\214\166\017\003\365\222\322\261\055\304\172\065\234\311\163"
-"\207\353\246\237\336\017\163\215\323\177\231\330\272\217\157\304"
-"\363\276\032\256\213\242\224\066\220\342\345\353\215\005\364\374"
-"\145\337\225\361\304\224\115\027\126\327\237\074\217\120\074\347"
-"\167\277\225\206\046\144\373\152\377\306\332\351\214\256\102\273"
-"\151\345\063\306\330\351\015\306\125\041\111\301\014\264\243\371"
-"\233\113\134\336\203\117\101\003\316\052\171\150\070\175\360\124"
-"\111\040\365\266\020\377\010\334\063\146\226\233\377\006\336\000"
-"\236\327\316\126\103\232\121\374\160\315\366\360\121\243\267\315"
-"\264\134\205\142\315\161\267\306\053\043\053\335\303\156\100\102"
-"\372\067\377\067\034\366\172\127\224\207\205\043\327\324\311\307"
-"\137\301\115\057\311\015\327\134\354\234\045\356\236\060\202\221"
-"\226\162\270\165\035\370\011\150\127\227\262\055\113\356\045\354"
-"\172\044\051\356\162\324\234\023\333\253\334\003\012\330\112\024"
-"\311\010\127\104\135\241\265\123\200\064\362\024\227\317\122\336"
-"\242\016\212\020\351\024\357\320\140\276\141\241\361\045\135\325"
-"\030\163\077\223\020\312\226\356\263\100\322\333\243\125\317\127"
-"\132\245\016\117\165\107\337\352\367\220\232\155\365\160\056\035"
-"\024\034\067\144\004\131\120\260\334\162\206\157\234\067\075\135"
-"\050\257\163\125\357\322\356\044\164\164\023\357\334\333\061\111"
-"\373\077\143\365\323\010\076\063\245\347\235\012\336\123\054\121"
-"\216\147\333\233\101\145\101\120\275\324\244\226\154\207\274\022"
-"\340\224\307\323\300\344\313\163\130\000\203\341\254\047\205\326"
-"\235\123\235\134\275\012\076\003\103\234\014\221\365\155\173\370"
-"\100\162\165\253\021\166\221\053\341\306\252\037\160\151\166\160"
-"\025\011\376\223\320\326\055\267\025\152\233\147\134\264\151\237"
-"\045\246\175\212\373\175\042\251\161\362\316\116\214\270\041\055"
-"\336\376\101\161\015\377\235\354\163\246\273\007\117\210\016\130"
-"\107\056\176\251\302\307\170\335\272\172\236\116\340\060\116\143"
-"\157\205\324\040\101\351\372\376\103\105\347\373\257\172\262\316"
-"\244\005\035\042\232\130\206\337\344\316\114\251\376\330\026\245"
-"\157\373\330\316\126\173\365\326\040\357\344\107\315\143\044\377"
-"\271\276\361\110\243\301\001\162\346\275\300\255\355\046\015\312"
-"\064\237\374\002\055\040\117\005\040\256\041\075\014\302\040\074"
-"\077\360\004\204\334\317\211\375\271\045\221\216\320\103\346\263"
-"\040\253\134\055\325\100\236\240\113\330\364\262\314\175\361\130"
-"\012\216\207\355\210\254\066\226\344\126\240\021\212\362\232\320"
-"\263\127\243\064\273\031\253\070\341\164\153\042\304\061\316\001"
-"\325\033\066\343\036\070\114\063\223\337\100\343\131\127\116\254"
-"\156\173\036\132\075\305\035\133\254\310\020\202\065\002\042\262"
-"\374\165\350\020\221\215\304\175\170\223\107\236\034\235\254\153"
-"\142\002\130\214\326\034\043\326\257\170\302\200\234\244\252\044"
-"\124\024\265\024\230\306\370\053\032\044\313\161\062\012\342\233"
-"\016\151\153\335\176\214\144\321\056\143\357\016\177\261\076\210"
-"\114\235\125\345\311\156\027\004\267\101\377\275\212\101\313\045"
-"\061\157\104\167\077\107\261\374\201\210\007\216\005\111\040\267"
-"\021\331\151\003\052\003\235\271\063\204\232\337\337\172\343\106"
-"\163\243\330\242\214\123\031\210\125\114\164\270\366\104\204\053"
-"\321\024\055\116\071\056\222\150\377\151\374\205\142\033\353\125"
-"\117\357\045\204\142\105\231\326\330\116\157\077\123\010\175\035"
-"\006\225\201\200\177\117\116\164\066\230\265\342\207\160\230\334"
-"\327\365\334\122\025\346\306\326\171\226\071\177\217\225\317\253"
-"\200\123\255\033\013\105\100\016\324\030\275\054\336\212\167\166"
-"\375\362\104\107\306\041\320\344\164\360\330\030\005\310\174\060"
-"\162\307\337\361\273\374\002\060\251\364\102\046\131\015\223\005"
-"\202\241\163\355\064\345\070\135\315\120\220\376\224\374\023\274"
-"\275\374\250\242\210\247\163\304\262\250\321\135\210\304\002\242"
-"\172\361\004\311\376\214\164\311\357\035\144\101\237\254\036\226"
-"\147\144\254\253\050\101\307\235\367\300\230\033\156\007\302\144"
-"\175\132\203\146\126\050\066\234\347\373\034\167\016\050\240\304"
-"\367\153\171\071\004\040\204\307\127\223\274\033\240\352\274\353"
-"\102\345\250\021\376\374\254\145\314\375\370\050\210\364\245\232"
-"\345\163\121\340\250\233\015\003\167\116\345\340\230\263\210\332"
-"\175\346\306\236\174\024\146\301\056\123\112\222\007\067\240\176"
-"\351\075\011\344\025\174\317\375\270\101\245\357\236\146\235\304"
-"\136\007\035\207\370\101\255\352\347\057\322\101\143\030\067\371"
-"\024\343\115\320\345\367\103\375\025\343\371\066\163\006\046\337"
-"\001\117\251\303\116\336\040\106\167\230\264\172\044\053\073\165"
-"\053\116\130\215\233\135\244\307\026\240\274\062\210\077\241\203"
-"\363\000\310\370\330\130\351\143\135\114\053\265\360\162\101\330"
-"\253\167\067\326\162\164\256\266\066\234\310\246\203\111\113\340"
-"\311\126\013\051\276\000\060\313\335\326\310\102\212\000\331\354"
-"\025\321\064\161\362\133\144\207\366\047\322\267\353\206\260\220"
-"\277\051\333\041\236\066\214\343\040\057\225\043\121\154\033\302"
-"\244\325\346\330\002\103\147\240\376\233\120\003\104\177\273\344"
-"\162\325\321\344\332\217\222\024\144\373\135\024\020\022\112\225"
-"\006\311\145\010\051\312\041\243\046\070\021\311\047\337\160\147"
-"\004\375\312\110\062\177\143\262\105\164\061\120\117\207\331\040"
-"\160\322\041\160\261\326\020\235\063\135\170\203\221\155\125\202"
-"\354\332\344\142\143\307\201\106\327\031\145\162\052\103\031\220"
-"\270\327\043\115\114\034\340\104\251\146\147\254\356\161\171\047"
-"\046\170\155\162\016\365\135\113\043\265\174\174\145\351\027\306"
-"\072\013\015\335\136\036\121\303\206\270\354\177\307\047\112\245"
-"\106\350\152\055\031\301\207\243\313\231\223\207\144\242\125\024"
-"\114\267\103\245\223\327\347\322\116\171\100\312\145\231\106\075"
-"\077\172\200\172\210\152\314\036\345\153\063\106\364\120\300\325"
-"\037\011\270\315\212\056\241\047\353\135\163\247\350\153\012\345"
-"\127\202\052\260\374\342\124\122\126\360\253\251\022\306\043\226"
-"\007\044\234\340\274\106\245\264\040\004\332\011\223\143\345\324"
-"\056\302\176\305\061\355\265\025\164\206\027\271\263\363\046\212"
-"\035\002\152\332\032\077\350\272\361\004\155\224\121\124\342\132"
-"\264\131\203\035\140\320\055\163\314\007\265\046\214\371\327\306"
-"\210\221\357\200\317\135\017\241\140\313\105\324\102\042\321\261"
-"\160\035\375\320\267\060\220\072\306\110\155\147\345\062\332\217"
-"\333\343\250\343\035\040\045\242\034\341\114\271\244\366\306\077"
-"\134\130\015\273\306\262\167\001\026\221\237\027\006\015\267\100"
-"\076\314\217\216\234\113\340\235\176\233\036\005\253\210\042\372"
-"\323\050\033\127\024\144\112\076\044\054\070\115\041\151\000\163"
-"\056\320\125\055\164\362\025\350\224\103\076\100\052\306\306\271"
-"\152\133\336\242\314\030\120\124\135\116\052\205\154\366\222\213"
-"\051\031\176\347\352\112\340\042\053\045\274\367\146\317\167\232"
-"\101\164\362\074\024\015\164\151\365\120\203\315\315\057\041\333"
-"\042\106\212\320\367\121\032\225\127\362\005\213\032\031\355\073"
-"\105\350\066\302\156\176\373\127\042\000\037\006\123\251\256\223"
-"\306\217\161\052\061\105\222\347\216\155\346\231\042\300\203\374"
-"\357\334\127\146\167\117\242\066\061\373\241\023\215\345\312\243"
-"\225\175\001\014\144\160\073\123\102\150\200\307\273\235\250\000"
-"\065\151\230\014\250\147\330\103\345\252\317\225\340\121\225\244"
-"\027\077\102\235\270\004\316\323\171\171\310\323\212\026\062\222"
-"\340\327\242\356\327\067\114\057\254\270\173\276\105\366\361\030"
-"\063\234\173\067\246\044\331\274\100\253\000\351\303\067\213\253"
-"\330\266\363\136\201\116\260\024\153\007\076\037\354\302\366\104"
-"\042\225\273\263\346\157\326\371\160\145\272\012\203\145\252\016"
-"\023\057\203\023\043\123\213\100\026\372\316\057\374\115\004\370"
-"\353\330\254\305\066\302\025\127\110\070\354\125\263\264\036\272"
-"\255\322\102\006\027\015\163\310\127\246\276\226\115\251\362\300"
-"\373\172\041\034\365\311\160\251\202\220\265\361\014\324\171\020"
-"\276\201\246\351\134\141\234\167\171\232\244\303\067\046\127\067"
-"\311\122\054\372\010\377\320\137\306\141\300\364\166\276\374\336"
-"\116\317\253\121\231\161\307\337\176\364\326\317\006\126\031\023"
-"\123\013\155\164\131\110\031\233\123\005\055\235\062\124\323\345"
-"\054\123\213\144\076\324\144\173\343\200\011\024\314\376\026\106"
-"\143\153\161\151\370\371\313\047\366\210\124\274\105\263\316\002"
-"\310\224\356\100\133\371\102\002\302\377\260\330\054\353\050\177"
-"\136\311\046\001\231\247"
-, (PRUint32)4390 }
-};
-static const NSSItem nss_builtins_items_91 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Universal CA Root", (PRUint32)25 },
- { (void *)"\213\302\212\044\257\373\126\135\350\120\025\173\172\153\157\024"
-"\170\114\220\343"
-, (PRUint32)20 },
- { (void *)"\027\257\161\026\122\173\163\145\042\005\051\050\204\161\235\023"
-, (PRUint32)16 },
- { (void *)"\060\127\061\017\060\015\006\003\125\004\012\023\006\124\150\141"
-"\167\164\145\061\041\060\037\006\003\125\004\013\023\030\124\150"
-"\141\167\164\145\040\125\156\151\166\145\162\163\141\154\040\103"
-"\101\040\122\157\157\164\061\041\060\037\006\003\125\004\003\023"
-"\030\124\150\141\167\164\145\040\125\156\151\166\145\162\163\141"
-"\154\040\103\101\040\122\157\157\164"
-, (PRUint32)89 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_92 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\000\213\133\165\126\204\124\205\013\000\317\257\070\110\316\261"
-"\244"
-, (PRUint32)17 },
- { (void *)"\060\202\004\032\060\202\003\002\002\021\000\213\133\165\126\204"
-"\124\205\013\000\317\257\070\110\316\261\244\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123"
-"\151\147\156\040\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060"
-"\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066"
-"\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012"
-"\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060"
-"\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156"
-"\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\335\204\324\271\264\371\247\330\363\004\170"
-"\234\336\075\334\154\023\026\331\172\335\044\121\146\300\307\046"
-"\131\015\254\006\010\302\224\321\063\037\360\203\065\037\156\033"
-"\310\336\252\156\025\116\124\047\357\304\155\032\354\013\343\016"
-"\360\104\245\127\307\100\130\036\243\107\037\161\354\140\366\155"
-"\224\310\030\071\355\376\102\030\126\337\344\114\111\020\170\116"
-"\001\166\065\143\022\066\335\146\274\001\004\066\243\125\150\325"
-"\242\066\011\254\253\041\046\124\006\255\077\312\024\340\254\312"
-"\255\006\035\225\342\370\235\361\340\140\377\302\177\165\053\114"
-"\314\332\376\207\231\041\352\272\376\076\124\327\322\131\170\333"
-"\074\156\317\240\023\000\032\270\047\241\344\276\147\226\312\240"
-"\305\263\234\335\311\165\236\353\060\232\137\243\315\331\256\170"
-"\031\077\043\351\134\333\051\275\255\125\310\033\124\214\143\366"
-"\350\246\352\307\067\022\134\243\051\036\002\331\333\037\073\264"
-"\327\017\126\107\201\025\004\112\257\203\047\321\305\130\210\301"
-"\335\366\252\247\243\030\332\150\252\155\021\121\341\277\145\153"
-"\237\226\166\321\075\002\003\001\000\001\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\253\146"
-"\215\327\263\272\307\232\266\346\125\320\005\361\237\061\215\132"
-"\252\331\252\106\046\017\161\355\245\255\123\126\142\001\107\052"
-"\104\351\376\077\164\013\023\233\271\364\115\033\262\321\137\262"
-"\266\322\210\134\263\237\315\313\324\247\331\140\225\204\072\370"
-"\301\067\035\141\312\347\260\305\345\221\332\124\246\254\061\201"
-"\256\227\336\315\010\254\270\300\227\200\177\156\162\244\347\151"
-"\023\225\145\037\304\223\074\375\171\217\004\324\076\117\352\367"
-"\236\316\315\147\174\117\145\002\377\221\205\124\163\307\377\066"
-"\367\206\055\354\320\136\117\377\021\237\162\006\326\270\032\361"
-"\114\015\046\145\342\104\200\036\307\237\343\335\350\012\332\354"
-"\245\040\200\151\150\241\117\176\341\153\317\007\101\372\203\216"
-"\274\070\335\260\056\021\261\153\262\102\314\232\274\371\110\042"
-"\171\112\031\017\262\034\076\040\164\331\152\303\276\362\050\170"
-"\023\126\171\117\155\120\352\033\260\265\127\261\067\146\130\043"
-"\363\334\017\337\012\207\304\357\206\005\325\070\024\140\231\243"
-"\113\336\006\226\161\054\362\333\266\037\244\357\077\356"
-, (PRUint32)1054 }
-};
-static const NSSItem nss_builtins_items_93 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)"\040\102\205\334\367\353\166\101\225\127\216\023\153\324\267\321"
-"\351\216\106\245"
-, (PRUint32)20 },
- { (void *)"\261\107\274\030\127\321\030\240\170\055\354\161\350\052\225\163"
-, (PRUint32)16 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\000\213\133\165\126\204\124\205\013\000\317\257\070\110\316\261"
-"\244"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_94 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\141\160\313\111\214\137\230\105\051\347\260\246\331\120\133\172"
-, (PRUint32)16 },
- { (void *)"\060\202\004\031\060\202\003\001\002\020\141\160\313\111\214\137"
-"\230\105\051\347\260\246\331\120\133\172\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060\011"
-"\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125"
-"\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145\162"
-"\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167"
-"\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050\143"
-"\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156\054"
-"\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164\150"
-"\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061"
-"\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123\151"
-"\147\156\040\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060\061"
-"\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066\062"
-"\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003\125"
-"\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012\023"
-"\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061"
-"\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151"
-"\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153"
-"\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061"
-"\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111\156"
-"\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151"
-"\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060\103"
-"\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156\040"
-"\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120"
-"\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055"
-"\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206\367"
-"\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002"
-"\202\001\001\000\257\012\015\302\325\054\333\147\271\055\345\224"
-"\047\335\245\276\340\260\115\217\263\141\126\074\326\174\303\364"
-"\315\076\206\313\242\210\342\341\330\244\151\305\265\342\277\301"
-"\246\107\120\136\106\071\213\325\226\272\265\157\024\277\020\316"
-"\047\023\236\005\107\233\061\172\023\330\037\331\323\002\067\213"
-"\255\054\107\360\216\201\006\247\015\060\014\353\367\074\017\040"
-"\035\334\162\106\356\245\002\310\133\303\311\126\151\114\305\030"
-"\301\221\173\013\325\023\000\233\274\357\303\110\076\106\140\040"
-"\205\052\325\220\266\315\213\240\314\062\335\267\375\100\125\262"
-"\120\034\126\256\314\215\167\115\307\040\115\247\061\166\357\150"
-"\222\212\220\036\010\201\126\262\255\151\243\122\320\313\034\304"
-"\043\075\037\231\376\114\350\026\143\216\306\010\216\366\061\366"
-"\322\372\345\166\335\265\034\222\243\111\315\315\001\315\150\315"
-"\251\151\272\243\353\035\015\234\244\040\246\301\240\305\321\106"
-"\114\027\155\322\254\146\077\226\214\340\204\324\066\377\042\131"
-"\305\371\021\140\250\137\004\175\362\032\366\045\102\141\017\304"
-"\112\270\076\211\002\003\001\000\001\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\202\001\001\000\064\046\025"
-"\074\300\215\115\103\111\035\275\351\041\222\327\146\234\267\336"
-"\305\270\320\344\135\137\166\042\300\046\371\204\072\072\371\214"
-"\265\373\354\140\361\350\316\004\260\310\335\247\003\217\060\363"
-"\230\337\244\346\244\061\337\323\034\013\106\334\162\040\077\256"
-"\356\005\074\244\063\077\013\071\254\160\170\163\113\231\053\337"
-"\060\302\124\260\250\073\125\241\376\026\050\315\102\275\164\156"
-"\200\333\047\104\247\316\104\135\324\033\220\230\015\036\102\224"
-"\261\000\054\004\320\164\243\002\005\042\143\143\315\203\265\373"
-"\301\155\142\153\151\165\375\135\160\101\271\365\277\174\337\276"
-"\301\062\163\042\041\213\130\201\173\025\221\172\272\343\144\110"
-"\260\177\373\066\045\332\225\320\361\044\024\027\335\030\200\153"
-"\106\043\071\124\365\216\142\011\004\035\224\220\246\233\346\045"
-"\342\102\105\252\270\220\255\276\010\217\251\013\102\030\224\317"
-"\162\071\341\261\103\340\050\317\267\347\132\154\023\153\111\263"
-"\377\343\030\174\211\213\063\135\254\063\327\247\371\332\072\125"
-"\311\130\020\371\252\357\132\266\317\113\113\337\052"
-, (PRUint32)1053 }
-};
-static const NSSItem nss_builtins_items_95 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)"\141\357\103\327\177\312\324\141\121\274\230\340\303\131\022\257"
-"\237\353\143\021"
-, (PRUint32)20 },
- { (void *)"\370\276\304\143\042\311\250\106\164\213\270\035\036\112\053\366"
-, (PRUint32)16 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\141\160\313\111\214\137\230\105\051\347\260\246\331\120\133\172"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_96 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\000\233\176\006\111\243\076\142\271\325\356\220\110\161\051\357"
-"\127"
-, (PRUint32)17 },
- { (void *)"\060\202\004\032\060\202\003\002\002\021\000\233\176\006\111\243"
-"\076\142\271\325\356\220\110\161\051\357\127\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123"
-"\151\147\156\040\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060"
-"\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066"
-"\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012"
-"\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060"
-"\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156"
-"\040\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\313\272\234\122\374\170\037\032\036\157\033"
-"\067\163\275\370\311\153\224\022\060\117\360\066\107\365\320\221"
-"\012\365\027\310\245\141\301\026\100\115\373\212\141\220\345\166"
-"\040\301\021\006\175\253\054\156\246\365\021\101\216\372\055\255"
-"\052\141\131\244\147\046\114\320\350\274\122\133\160\040\004\130"
-"\321\172\311\244\151\274\203\027\144\255\005\213\274\320\130\316"
-"\215\214\365\353\360\102\111\013\235\227\047\147\062\156\341\256"
-"\223\025\034\160\274\040\115\057\030\336\222\210\350\154\205\127"
-"\021\032\351\176\343\046\021\124\242\105\226\125\203\312\060\211"
-"\350\334\330\243\355\052\200\077\177\171\145\127\076\025\040\146"
-"\010\057\225\223\277\252\107\057\250\106\227\360\022\342\376\302"
-"\012\053\121\346\166\346\267\106\267\342\015\246\314\250\303\114"
-"\131\125\211\346\350\123\134\034\352\235\360\142\026\013\247\311"
-"\137\014\360\336\302\166\316\257\367\152\362\372\101\246\242\063"
-"\024\311\345\172\143\323\236\142\067\325\205\145\236\016\346\123"
-"\044\164\033\136\035\022\123\133\307\054\347\203\111\073\025\256"
-"\212\150\271\127\227\002\003\001\000\001\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\021\024"
-"\226\301\253\222\010\367\077\057\311\262\376\344\132\237\144\336"
-"\333\041\117\206\231\064\166\066\127\335\320\025\057\305\255\177"
-"\025\037\067\142\163\076\324\347\137\316\027\003\333\065\372\053"
-"\333\256\140\011\137\036\137\217\156\273\013\075\352\132\023\036"
-"\014\140\157\265\300\265\043\042\056\007\013\313\251\164\313\107"
-"\273\035\301\327\245\153\314\057\322\102\375\111\335\247\211\317"
-"\123\272\332\000\132\050\277\202\337\370\272\023\035\120\206\202"
-"\375\216\060\217\051\106\260\036\075\065\332\070\142\026\030\112"
-"\255\346\266\121\154\336\257\142\353\001\320\036\044\376\172\217"
-"\022\032\022\150\270\373\146\231\024\024\105\134\256\347\256\151"
-"\027\201\053\132\067\311\136\052\364\306\342\241\134\124\233\246"
-"\124\000\317\360\361\301\307\230\060\032\073\066\026\333\243\156"
-"\352\375\255\262\302\332\357\002\107\023\212\300\361\263\061\255"
-"\117\034\341\117\234\257\017\014\235\367\170\015\330\364\065\126"
-"\200\332\267\155\027\217\235\036\201\144\341\376\305\105\272\255"
-"\153\271\012\172\116\117\113\204\356\113\361\175\335\021"
-, (PRUint32)1054 }
-};
-static const NSSItem nss_builtins_items_97 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)"\023\055\015\105\123\113\151\227\315\262\325\303\071\342\125\166"
-"\140\233\134\306"
-, (PRUint32)20 },
- { (void *)"\315\150\266\247\307\304\316\165\340\035\117\127\104\141\222\011"
-, (PRUint32)16 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\000\233\176\006\111\243\076\142\271\325\356\220\110\161\051\357"
-"\127"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_98 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 4 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\000\354\240\247\213\156\165\152\001\317\304\174\314\057\224\136"
-"\327"
-, (PRUint32)17 },
- { (void *)"\060\202\004\032\060\202\003\002\002\021\000\354\240\247\213\156"
-"\165\152\001\317\304\174\314\057\224\136\327\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003"
-"\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050"
-"\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164"
-"\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171"
-"\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123"
-"\151\147\156\040\103\154\141\163\163\040\064\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060"
-"\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066"
-"\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012"
-"\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056"
-"\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123"
-"\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162"
-"\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040"
-"\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111"
-"\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162"
-"\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060"
-"\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156"
-"\040\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040"
-"\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\255\313\245\021\151\306\131\253\361\217\265"
-"\031\017\126\316\314\265\037\040\344\236\046\045\113\340\163\145"
-"\211\131\336\320\203\344\365\017\265\273\255\361\174\350\041\374"
-"\344\350\014\356\174\105\042\031\166\222\264\023\267\040\133\011"
-"\372\141\256\250\362\245\215\205\302\052\326\336\146\066\322\233"
-"\002\364\250\222\140\174\234\151\264\217\044\036\320\206\122\366"
-"\062\234\101\130\036\042\275\315\105\142\225\010\156\320\146\335"
-"\123\242\314\360\020\334\124\163\213\004\241\106\063\063\134\027"
-"\100\271\236\115\323\363\276\125\203\350\261\211\216\132\174\232"
-"\226\042\220\073\210\045\362\322\123\210\002\014\013\170\362\346"
-"\067\027\113\060\106\007\344\200\155\246\330\226\056\350\054\370"
-"\021\263\070\015\146\246\233\352\311\043\133\333\216\342\363\023"
-"\216\032\131\055\252\002\360\354\244\207\146\334\301\077\365\330"
-"\271\364\354\202\306\322\075\225\035\345\300\117\204\311\331\243"
-"\104\050\006\152\327\105\254\360\153\152\357\116\137\370\021\202"
-"\036\070\143\064\146\120\324\076\223\163\372\060\303\146\255\377"
-"\223\055\227\357\003\002\003\001\000\001\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\003\202\001\001\000\217\372"
-"\045\153\117\133\344\244\116\047\125\253\042\025\131\074\312\265"
-"\012\324\112\333\253\335\241\137\123\305\240\127\071\302\316\107"
-"\053\276\072\310\126\277\302\331\047\020\072\261\005\074\300\167"
-"\061\273\072\323\005\173\155\232\034\060\214\200\313\223\223\052"
-"\203\253\005\121\202\002\000\021\147\153\363\210\141\107\137\003"
-"\223\325\133\015\340\361\324\241\062\065\205\262\072\333\260\202"
-"\253\321\313\012\274\117\214\133\305\113\000\073\037\052\202\246"
-"\176\066\205\334\176\074\147\000\265\344\073\122\340\250\353\135"
-"\025\371\306\155\360\255\035\016\205\267\251\232\163\024\132\133"
-"\217\101\050\300\325\350\055\115\244\136\315\252\331\355\316\334"
-"\330\325\074\102\035\027\301\022\135\105\070\303\070\363\374\205"
-"\056\203\106\110\262\327\040\137\222\066\217\347\171\017\230\136"
-"\231\350\360\320\244\273\365\123\275\052\316\131\260\257\156\177"
-"\154\273\322\036\000\260\041\355\370\101\142\202\271\330\262\304"
-"\273\106\120\363\061\305\217\001\250\164\353\365\170\047\332\347"
-"\367\146\103\363\236\203\076\040\252\303\065\140\221\316"
-, (PRUint32)1054 }
-};
-static const NSSItem nss_builtins_items_99 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 4 Public Primary Certification Authority - G3", (PRUint32)61 },
- { (void *)"\310\354\214\207\222\151\313\113\253\071\351\215\176\127\147\363"
-"\024\225\163\235"
-, (PRUint32)20 },
- { (void *)"\333\310\362\047\056\261\352\152\051\043\135\376\126\076\063\337"
-, (PRUint32)16 },
- { (void *)"\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125"
-"\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165"
-"\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003"
-"\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106"
-"\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163"
-"\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023"
-"\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040"
-"\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\107\063"
-, (PRUint32)205 },
- { (void *)"\000\354\240\247\213\156\165\152\001\317\304\174\314\057\224\136"
-"\327"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_100 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Secure Server CA", (PRUint32)29 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023"
-"\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040"
-"\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141"
-"\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143"
-"\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156"
-"\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003"
-"\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164"
-"\150\157\162\151\164\171"
-, (PRUint32)198 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023"
-"\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040"
-"\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141"
-"\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143"
-"\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156"
-"\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003"
-"\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164"
-"\150\157\162\151\164\171"
-, (PRUint32)198 },
- { (void *)"\067\112\322\103"
-, (PRUint32)4 },
- { (void *)"\060\202\004\330\060\202\004\101\240\003\002\001\002\002\004\067"
-"\112\322\103\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\201\303\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\073\060\071\006\003\125\004"
-"\013\023\062\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\103\120\123\040\151\156\143\157\162\160\056\040\142"
-"\171\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154"
-"\151\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034"
-"\050\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164"
-"\056\156\145\164\040\114\151\155\151\164\145\144\061\072\060\070"
-"\006\003\125\004\003\023\061\105\156\164\162\165\163\164\056\156"
-"\145\164\040\123\145\143\165\162\145\040\123\145\162\166\145\162"
-"\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\060\036\027\015\071\071\060\065"
-"\062\065\061\066\060\071\064\060\132\027\015\061\071\060\065\062"
-"\065\061\066\063\071\064\060\132\060\201\303\061\013\060\011\006"
-"\003\125\004\006\023\002\125\123\061\024\060\022\006\003\125\004"
-"\012\023\013\105\156\164\162\165\163\164\056\156\145\164\061\073"
-"\060\071\006\003\125\004\013\023\062\167\167\167\056\145\156\164"
-"\162\165\163\164\056\156\145\164\057\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164"
-"\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040"
-"\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\201"
-"\235\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000"
-"\003\201\213\000\060\201\207\002\201\201\000\315\050\203\064\124"
-"\033\211\363\017\257\067\221\061\377\257\061\140\311\250\350\262"
-"\020\150\355\237\347\223\066\361\012\144\273\107\365\004\027\077"
-"\043\107\115\305\047\031\201\046\014\124\162\015\210\055\331\037"
-"\232\022\237\274\263\161\323\200\031\077\107\146\173\214\065\050"
-"\322\271\012\337\044\332\234\326\120\171\201\172\132\323\067\367"
-"\302\112\330\051\222\046\144\321\344\230\154\072\000\212\365\064"
-"\233\145\370\355\343\020\377\375\270\111\130\334\240\336\202\071"
-"\153\201\261\026\031\141\271\124\266\346\103\002\001\003\243\202"
-"\001\327\060\202\001\323\060\021\006\011\140\206\110\001\206\370"
-"\102\001\001\004\004\003\002\000\007\060\202\001\031\006\003\125"
-"\035\037\004\202\001\020\060\202\001\014\060\201\336\240\201\333"
-"\240\201\330\244\201\325\060\201\322\061\013\060\011\006\003\125"
-"\004\006\023\002\125\123\061\024\060\022\006\003\125\004\012\023"
-"\013\105\156\164\162\165\163\164\056\156\145\164\061\073\060\071"
-"\006\003\125\004\013\023\062\167\167\167\056\145\156\164\162\165"
-"\163\164\056\156\145\164\057\103\120\123\040\151\156\143\157\162"
-"\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151"
-"\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125"
-"\004\013\023\034\050\143\051\040\061\071\071\071\040\105\156\164"
-"\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144"
-"\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165"
-"\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145"
-"\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\061\015\060\013"
-"\006\003\125\004\003\023\004\103\122\114\061\060\051\240\047\240"
-"\045\206\043\150\164\164\160\072\057\057\167\167\167\056\145\156"
-"\164\162\165\163\164\056\156\145\164\057\103\122\114\057\156\145"
-"\164\061\056\143\162\154\060\053\006\003\125\035\020\004\044\060"
-"\042\200\017\061\071\071\071\060\065\062\065\061\066\060\071\064"
-"\060\132\201\017\062\060\061\071\060\065\062\065\061\066\060\071"
-"\064\060\132\060\013\006\003\125\035\017\004\004\003\002\001\006"
-"\060\037\006\003\125\035\043\004\030\060\026\200\024\360\027\142"
-"\023\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320"
-"\032\060\035\006\003\125\035\016\004\026\004\024\360\027\142\023"
-"\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320\032"
-"\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060\031"
-"\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012\033"
-"\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\201\201\000\220\334\060\002"
-"\372\144\164\302\247\012\245\174\041\215\064\027\250\373\107\016"
-"\377\045\174\215\023\012\373\344\230\265\357\214\370\305\020\015"
-"\367\222\276\361\303\325\325\225\152\004\273\054\316\046\066\145"
-"\310\061\306\347\356\077\343\127\165\204\172\021\357\106\117\030"
-"\364\323\230\273\250\207\062\272\162\366\074\342\075\237\327\035"
-"\331\303\140\103\214\130\016\042\226\057\142\243\054\037\272\255"
-"\005\357\253\062\170\207\240\124\163\031\265\134\005\371\122\076"
-"\155\055\105\013\367\012\223\352\355\006\371\262"
-, (PRUint32)1244 }
-};
-static const NSSItem nss_builtins_items_101 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Secure Server CA", (PRUint32)29 },
- { (void *)"\231\246\233\346\032\376\210\153\115\053\202\000\174\270\124\374"
-"\061\176\025\071"
-, (PRUint32)20 },
- { (void *)"\337\362\200\163\314\361\346\141\163\374\365\102\351\305\174\356"
-, (PRUint32)16 },
- { (void *)"\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023"
-"\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040"
-"\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141"
-"\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143"
-"\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156"
-"\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003"
-"\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164"
-"\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164"
-"\150\157\162\151\164\171"
-, (PRUint32)198 },
- { (void *)"\067\112\322\103"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_102 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Secure Personal CA", (PRUint32)31 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024"
-"\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056"
-"\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061"
-"\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040"
-"\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003"
-"\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154"
-"\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)204 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024"
-"\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056"
-"\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061"
-"\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040"
-"\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003"
-"\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154"
-"\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)204 },
- { (void *)"\070\003\221\356"
-, (PRUint32)4 },
- { (void *)"\060\202\004\355\060\202\004\126\240\003\002\001\002\002\004\070"
-"\003\221\356\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\060\201\311\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004"
-"\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146"
-"\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141"
-"\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051"
-"\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145"
-"\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125"
-"\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040"
-"\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036"
-"\027\015\071\071\061\060\061\062\061\071\062\064\063\060\132\027"
-"\015\061\071\061\060\061\062\061\071\065\064\063\060\132\060\201"
-"\311\061\013\060\011\006\003\125\004\006\023\002\125\123\061\024"
-"\060\022\006\003\125\004\012\023\013\105\156\164\162\165\163\164"
-"\056\156\145\164\061\110\060\106\006\003\125\004\013\024\077\167"
-"\167\167\056\145\156\164\162\165\163\164\056\156\145\164\057\103"
-"\154\151\145\156\164\137\103\101\137\111\156\146\157\057\103\120"
-"\123\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146"
-"\056\040\154\151\155\151\164\163\040\154\151\141\142\056\061\045"
-"\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071"
-"\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151"
-"\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052"
-"\105\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145"
-"\156\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\060\201\235\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\201\213\000"
-"\060\201\207\002\201\201\000\310\072\231\136\061\027\337\254\047"
-"\157\220\173\344\031\377\105\243\064\302\333\301\250\117\360\150"
-"\352\204\375\237\165\171\317\301\212\121\224\257\307\127\003\107"
-"\144\236\255\202\033\132\332\177\067\170\107\273\067\230\022\226"
-"\316\306\023\175\357\322\014\060\121\251\071\236\125\370\373\261"
-"\347\060\336\203\262\272\076\361\325\211\073\073\205\272\252\164"
-"\054\376\077\061\156\257\221\225\156\006\324\007\115\113\054\126"
-"\107\030\004\122\332\016\020\223\277\143\220\233\341\337\214\346"
-"\002\244\346\117\136\367\213\002\001\003\243\202\001\340\060\202"
-"\001\334\060\021\006\011\140\206\110\001\206\370\102\001\001\004"
-"\004\003\002\000\007\060\202\001\042\006\003\125\035\037\004\202"
-"\001\031\060\202\001\025\060\201\344\240\201\341\240\201\336\244"
-"\201\333\060\201\330\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004"
-"\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146"
-"\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141"
-"\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051"
-"\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145"
-"\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125"
-"\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040"
-"\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015"
-"\060\013\006\003\125\004\003\023\004\103\122\114\061\060\054\240"
-"\052\240\050\206\046\150\164\164\160\072\057\057\167\167\167\056"
-"\145\156\164\162\165\163\164\056\156\145\164\057\103\122\114\057"
-"\103\154\151\145\156\164\061\056\143\162\154\060\053\006\003\125"
-"\035\020\004\044\060\042\200\017\061\071\071\071\061\060\061\062"
-"\061\071\062\064\063\060\132\201\017\062\060\061\071\061\060\061"
-"\062\061\071\062\064\063\060\132\060\013\006\003\125\035\017\004"
-"\004\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026"
-"\200\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312"
-"\231\164\213\225\352\114\060\035\006\003\125\035\016\004\026\004"
-"\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312\231"
-"\164\213\225\352\114\060\014\006\003\125\035\023\004\005\060\003"
-"\001\001\377\060\031\006\011\052\206\110\206\366\175\007\101\000"
-"\004\014\060\012\033\004\126\064\056\060\003\002\004\220\060\015"
-"\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201"
-"\000\077\256\212\361\327\146\003\005\236\076\372\352\034\106\273"
-"\244\133\217\170\232\022\110\231\371\364\065\336\014\066\007\002"
-"\153\020\072\211\024\201\234\061\246\174\262\101\262\152\347\007"
-"\001\241\113\371\237\045\073\226\312\231\303\076\241\121\034\363"
-"\303\056\104\367\260\147\106\252\222\345\073\332\034\031\024\070"
-"\060\325\342\242\061\045\056\361\354\105\070\355\370\006\130\003"
-"\163\142\260\020\061\217\100\277\144\340\134\076\305\117\037\332"
-"\022\103\377\114\346\006\046\250\233\031\252\104\074\166\262\134"
-"\354"
-, (PRUint32)1265 }
-};
-static const NSSItem nss_builtins_items_103 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Secure Personal CA", (PRUint32)31 },
- { (void *)"\332\171\301\161\021\120\302\064\071\252\053\013\014\142\375\125"
-"\262\371\365\200"
-, (PRUint32)20 },
- { (void *)"\014\101\057\023\133\240\124\365\226\146\055\176\315\016\003\364"
-, (PRUint32)16 },
- { (void *)"\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165"
-"\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024"
-"\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164"
-"\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056"
-"\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061"
-"\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040"
-"\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003"
-"\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154"
-"\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)204 },
- { (void *)"\070\003\221\356"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_104 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Premium 2048 Secure Server CA", (PRUint32)42 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\050\062\060\064\070\051"
-, (PRUint32)183 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\050\062\060\064\070\051"
-, (PRUint32)183 },
- { (void *)"\070\143\271\146"
-, (PRUint32)4 },
- { (void *)"\060\202\004\134\060\202\003\104\240\003\002\001\002\002\004\070"
-"\143\271\146\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013"
-"\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006"
-"\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163"
-"\164\056\156\145\164\057\103\120\123\137\062\060\064\070\040\151"
-"\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050"
-"\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060"
-"\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071\071"
-"\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155"
-"\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105"
-"\156\164\162\165\163\164\056\156\145\164\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\050\062\060\064\070\051\060\036\027\015\071\071\061"
-"\062\062\064\061\067\065\060\065\061\132\027\015\061\071\061\062"
-"\062\064\061\070\062\060\065\061\132\060\201\264\061\024\060\022"
-"\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156"
-"\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167"
-"\056\145\156\164\162\165\163\164\056\156\145\164\057\103\120\123"
-"\137\062\060\064\070\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151"
-"\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050"
-"\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056"
-"\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006"
-"\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\050\062\060\064\070\051"
-"\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001"
-"\000\255\115\113\251\022\206\262\352\243\040\007\025\026\144\052"
-"\053\113\321\277\013\112\115\216\355\200\166\245\147\267\170\100"
-"\300\163\102\310\150\300\333\123\053\335\136\270\166\230\065\223"
-"\213\032\235\174\023\072\016\037\133\267\036\317\345\044\024\036"
-"\261\201\251\215\175\270\314\153\113\003\361\002\014\334\253\245"
-"\100\044\000\177\164\224\241\235\010\051\263\210\013\365\207\167"
-"\235\125\315\344\303\176\327\152\144\253\205\024\206\225\133\227"
-"\062\120\157\075\310\272\146\014\343\374\275\270\111\301\166\211"
-"\111\031\375\300\250\275\211\243\147\057\306\237\274\161\031\140"
-"\270\055\351\054\311\220\166\146\173\224\342\257\170\326\145\123"
-"\135\074\326\234\262\317\051\003\371\057\244\120\262\324\110\316"
-"\005\062\125\212\375\262\144\114\016\344\230\007\165\333\177\337"
-"\271\010\125\140\205\060\051\371\173\110\244\151\206\343\065\077"
-"\036\206\135\172\172\025\275\357\000\216\025\042\124\027\000\220"
-"\046\223\274\016\111\150\221\277\370\107\323\235\225\102\301\016"
-"\115\337\157\046\317\303\030\041\142\146\103\160\326\325\300\007"
-"\341\002\003\001\000\001\243\164\060\162\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\037\006"
-"\003\125\035\043\004\030\060\026\200\024\125\344\201\321\021\200"
-"\276\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035"
-"\006\003\125\035\016\004\026\004\024\125\344\201\321\021\200\276"
-"\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035\006"
-"\011\052\206\110\206\366\175\007\101\000\004\020\060\016\033\010"
-"\126\065\056\060\072\064\056\060\003\002\004\220\060\015\006\011"
-"\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000"
-"\131\107\254\041\204\212\027\311\234\211\123\036\272\200\205\032"
-"\306\074\116\076\261\234\266\174\306\222\135\030\144\002\343\323"
-"\006\010\021\141\174\143\343\053\235\061\003\160\166\322\243\050"
-"\240\364\273\232\143\163\355\155\345\052\333\355\024\251\053\306"
-"\066\021\320\053\353\007\213\245\332\236\134\031\235\126\022\365"
-"\124\051\310\005\355\262\022\052\215\364\003\033\377\347\222\020"
-"\207\260\072\265\303\235\005\067\022\243\307\364\025\271\325\244"
-"\071\026\233\123\072\043\221\361\250\202\242\152\210\150\301\171"
-"\002\042\274\252\246\326\256\337\260\024\137\270\207\320\335\174"
-"\177\173\377\257\034\317\346\333\007\255\136\333\205\235\320\053"
-"\015\063\333\004\321\346\111\100\023\053\166\373\076\351\234\211"
-"\017\025\316\030\260\205\170\041\117\153\117\016\372\066\147\315"
-"\007\362\377\010\320\342\336\331\277\052\257\270\207\206\041\074"
-"\004\312\267\224\150\177\317\074\351\230\327\070\377\354\300\331"
-"\120\360\056\113\130\256\106\157\320\056\303\140\332\162\125\162"
-"\275\114\105\236\141\272\277\204\201\222\003\321\322\151\174\305"
-, (PRUint32)1120 }
-};
-static const NSSItem nss_builtins_items_105 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Premium 2048 Secure Server CA", (PRUint32)42 },
- { (void *)"\200\035\142\320\173\104\235\134\134\003\134\230\352\141\372\104"
-"\074\052\130\376"
-, (PRUint32)20 },
- { (void *)"\272\041\352\040\326\335\333\217\301\127\213\100\255\241\374\374"
-, (PRUint32)16 },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\050\062\060\064\070\051"
-, (PRUint32)183 },
- { (void *)"\070\143\271\146"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_106 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert OCSP Responder", (PRUint32)24 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141"
-"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120"
-"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072"
-"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156"
-"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162"
-"\164\056\143\157\155"
-, (PRUint32)181 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141"
-"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120"
-"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072"
-"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156"
-"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162"
-"\164\056\143\157\155"
-, (PRUint32)181 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\003\110\060\202\002\261\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141\154"
-"\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157\156"
-"\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125\004"
-"\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156\143"
-"\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141\163"
-"\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040\101"
-"\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120\061"
-"\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072\057"
-"\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156\145"
-"\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001\011"
-"\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162\164"
-"\056\143\157\155\060\036\027\015\060\060\060\062\061\062\061\061"
-"\065\060\060\065\132\027\015\060\065\060\062\061\060\061\061\065"
-"\060\060\065\132\060\201\262\061\044\060\042\006\003\125\004\007"
-"\023\033\126\141\154\151\103\145\162\164\040\126\141\154\151\144"
-"\141\164\151\157\156\040\116\145\164\167\157\162\153\061\027\060"
-"\025\006\003\125\004\012\023\016\126\141\154\151\103\145\162\164"
-"\054\040\111\156\143\056\061\054\060\052\006\003\125\004\013\023"
-"\043\103\154\141\163\163\040\061\040\126\141\154\151\144\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040"
-"\117\103\123\120\061\041\060\037\006\003\125\004\003\023\030\150"
-"\164\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145"
-"\162\164\056\156\145\164\057\061\040\060\036\006\011\052\206\110"
-"\206\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154"
-"\151\143\145\162\164\056\143\157\155\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\307\214\057\247\303\100\207\073\075\327"
-"\304\232\130\024\144\012\303\010\071\142\032\317\322\353\251\361"
-"\151\164\212\312\016\132\166\314\242\122\116\320\363\304\172\265"
-"\370\246\034\273\243\247\244\123\207\133\215\300\000\273\325\146"
-"\044\347\164\306\026\310\257\310\003\142\325\062\207\242\122\221"
-"\104\224\225\250\107\103\155\245\110\234\366\114\165\325\117\142"
-"\347\311\377\173\364\044\214\247\274\050\166\265\062\240\045\163"
-"\267\107\057\170\370\106\371\207\024\360\167\374\012\167\350\117"
-"\375\214\037\372\142\331\002\003\001\000\001\243\154\060\152\060"
-"\017\006\011\053\006\001\005\005\007\060\001\005\004\002\005\000"
-"\060\023\006\003\125\035\045\004\014\060\012\006\010\053\006\001"
-"\005\005\007\003\011\060\013\006\003\125\035\017\004\004\003\002"
-"\001\206\060\065\006\010\053\006\001\005\005\007\001\001\004\051"
-"\060\047\060\045\006\010\053\006\001\005\005\007\060\001\206\031"
-"\150\164\164\160\072\057\057\157\143\163\160\062\056\166\141\154"
-"\151\143\145\162\164\056\156\145\164\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\201\201\000\025\305\340\270"
-"\064\162\022\006\040\250\142\225\223\321\274\223\272\220\253\334"
-"\116\215\216\215\230\114\343\062\365\053\077\263\227\373\252\242"
-"\255\100\227\255\150\275\134\255\123\016\320\246\263\015\254\032"
-"\231\215\252\060\036\317\016\160\377\002\260\167\145\203\315\332"
-"\007\134\122\315\131\273\242\310\342\264\026\203\217\324\225\171"
-"\223\055\350\277\104\223\061\222\060\323\064\064\361\020\373\041"
-"\254\056\364\303\135\144\143\172\231\341\232\253\102\035\110\146"
-"\246\167\067\270\125\074\255\376\145\260\142\351"
-, (PRUint32)844 }
-};
-static const NSSItem nss_builtins_items_107 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"ValiCert OCSP Responder", (PRUint32)24 },
- { (void *)"\133\166\261\274\342\212\360\366\161\221\205\147\046\215\021\151"
-"\017\027\077\163"
-, (PRUint32)20 },
- { (void *)"\325\036\040\137\321\365\035\202\127\010\122\071\035\372\212\255"
-, (PRUint32)16 },
- { (void *)"\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141"
-"\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157"
-"\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125"
-"\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156"
-"\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141"
-"\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120"
-"\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072"
-"\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156"
-"\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162"
-"\164\056\143\157\155"
-, (PRUint32)181 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_108 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Code Signing Root", (PRUint32)39 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004"
-"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147"
-"\156\151\156\147\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004"
-"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147"
-"\156\151\156\147\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"\002\000\000\277"
-, (PRUint32)4 },
- { (void *)"\060\202\003\246\060\202\002\216\240\003\002\001\002\002\004\002"
-"\000\000\277\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\147\061\013\060\011\006\003\125\004\006\023\002\111"
-"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164"
-"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012"
-"\103\171\142\145\162\124\162\165\163\164\061\057\060\055\006\003"
-"\125\004\003\023\046\102\141\154\164\151\155\157\162\145\040\103"
-"\171\142\145\162\124\162\165\163\164\040\103\157\144\145\040\123"
-"\151\147\156\151\156\147\040\122\157\157\164\060\036\027\015\060"
-"\060\060\065\061\067\061\064\060\061\060\060\132\027\015\062\065"
-"\060\065\061\067\062\063\065\071\060\060\132\060\147\061\013\060"
-"\011\006\003\125\004\006\023\002\111\105\061\022\060\020\006\003"
-"\125\004\012\023\011\102\141\154\164\151\155\157\162\145\061\023"
-"\060\021\006\003\125\004\013\023\012\103\171\142\145\162\124\162"
-"\165\163\164\061\057\060\055\006\003\125\004\003\023\046\102\141"
-"\154\164\151\155\157\162\145\040\103\171\142\145\162\124\162\165"
-"\163\164\040\103\157\144\145\040\123\151\147\156\151\156\147\040"
-"\122\157\157\164\060\202\001\042\060\015\006\011\052\206\110\206"
-"\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012"
-"\002\202\001\001\000\310\161\232\030\022\216\172\333\371\232\374"
-"\101\257\330\362\364\011\216\255\077\376\147\067\074\332\311\046"
-"\120\261\261\076\313\350\116\163\000\362\262\334\363\305\106\373"
-"\011\357\030\226\316\247\340\234\204\135\040\016\172\240\252\066"
-"\213\372\050\266\170\056\263\354\350\107\363\004\360\220\043\264"
-"\352\257\345\123\270\005\367\107\135\053\206\361\247\244\306\073"
-"\065\266\322\015\122\101\327\364\222\165\341\242\012\120\126\207"
-"\276\227\013\173\063\205\020\271\050\030\356\063\352\110\021\327"
-"\133\221\107\166\042\324\356\317\135\347\250\116\034\235\226\221"
-"\335\234\275\164\011\250\162\141\252\260\041\072\361\075\054\003"
-"\126\011\322\301\334\303\265\307\124\067\253\346\046\242\262\106"
-"\161\163\312\021\210\356\274\347\144\367\320\021\032\163\100\132"
-"\310\111\054\017\267\357\220\177\150\200\004\070\013\033\017\073"
-"\324\365\240\263\302\216\341\064\264\200\231\155\236\166\324\222"
-"\051\100\261\225\322\067\244\147\022\177\340\142\273\256\065\305"
-"\231\066\202\104\270\346\170\030\063\141\161\223\133\055\215\237"
-"\170\225\202\353\155\002\003\001\000\001\243\132\060\130\060\023"
-"\006\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005"
-"\007\003\003\060\035\006\003\125\035\016\004\026\004\024\310\101"
-"\064\134\025\025\004\345\100\362\321\253\232\157\044\222\172\207"
-"\102\132\060\022\006\003\125\035\023\001\001\377\004\010\060\006"
-"\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001\377"
-"\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\001\001\000\122\164\252\225\113\042"
-"\214\307\075\226\244\376\135\372\057\265\274\353\360\013\351\126"
-"\070\035\321\155\015\241\274\150\213\360\305\200\245\044\064\375"
-"\362\226\030\021\206\241\066\365\067\347\124\100\325\144\037\303"
-"\137\160\102\153\055\071\307\236\122\005\316\347\152\162\322\215"
-"\162\077\107\120\203\253\307\215\045\311\260\343\247\123\026\225"
-"\246\152\123\352\030\235\217\170\251\167\167\032\371\264\227\107"
-"\131\210\047\050\265\312\341\056\327\076\016\242\015\270\042\104"
-"\003\343\321\143\260\101\072\241\365\244\055\367\166\036\004\124"
-"\231\170\062\100\327\053\174\115\272\246\234\260\171\156\007\276"
-"\214\354\356\327\070\151\133\301\014\126\150\237\376\353\321\341"
-"\310\210\371\362\315\177\276\205\264\104\147\000\120\076\364\046"
-"\003\144\352\167\175\350\136\076\034\067\107\310\326\352\244\363"
-"\066\074\227\302\071\162\005\224\031\045\303\327\067\101\017\301"
-"\037\207\212\375\252\276\351\261\144\127\344\333\222\241\317\341"
-"\111\350\073\037\221\023\132\303\217\331\045\130\111\200\107\017"
-"\306\003\256\254\343\277\267\300\252\052"
-, (PRUint32)938 }
-};
-static const NSSItem nss_builtins_items_109 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Code Signing Root", (PRUint32)39 },
- { (void *)"\060\106\330\310\210\377\151\060\303\112\374\315\111\047\010\174"
-"\140\126\173\015"
-, (PRUint32)20 },
- { (void *)"\220\365\050\111\126\321\135\054\260\123\324\113\357\157\220\042"
-, (PRUint32)16 },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004"
-"\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147"
-"\156\151\156\147\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"\002\000\000\277"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_110 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Root", (PRUint32)26 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004"
-"\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\122\157\157\164"
-, (PRUint32)92 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004"
-"\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\122\157\157\164"
-, (PRUint32)92 },
- { (void *)"\002\000\000\271"
-, (PRUint32)4 },
- { (void *)"\060\202\003\167\060\202\002\137\240\003\002\001\002\002\004\002"
-"\000\000\271\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\111"
-"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164"
-"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012"
-"\103\171\142\145\162\124\162\165\163\164\061\042\060\040\006\003"
-"\125\004\003\023\031\102\141\154\164\151\155\157\162\145\040\103"
-"\171\142\145\162\124\162\165\163\164\040\122\157\157\164\060\036"
-"\027\015\060\060\060\065\061\062\061\070\064\066\060\060\132\027"
-"\015\062\065\060\065\061\062\062\063\065\071\060\060\132\060\132"
-"\061\013\060\011\006\003\125\004\006\023\002\111\105\061\022\060"
-"\020\006\003\125\004\012\023\011\102\141\154\164\151\155\157\162"
-"\145\061\023\060\021\006\003\125\004\013\023\012\103\171\142\145"
-"\162\124\162\165\163\164\061\042\060\040\006\003\125\004\003\023"
-"\031\102\141\154\164\151\155\157\162\145\040\103\171\142\145\162"
-"\124\162\165\163\164\040\122\157\157\164\060\202\001\042\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001"
-"\017\000\060\202\001\012\002\202\001\001\000\243\004\273\042\253"
-"\230\075\127\350\046\162\232\265\171\324\051\342\341\350\225\200"
-"\261\260\343\133\216\053\051\232\144\337\241\135\355\260\011\005"
-"\155\333\050\056\316\142\242\142\376\264\210\332\022\353\070\353"
-"\041\235\300\101\053\001\122\173\210\167\323\034\217\307\272\271"
-"\210\265\152\011\347\163\350\021\100\247\321\314\312\142\215\055"
-"\345\217\013\246\120\322\250\120\303\050\352\365\253\045\207\212"
-"\232\226\034\251\147\270\077\014\325\367\371\122\023\057\302\033"
-"\325\160\160\360\217\300\022\312\006\313\232\341\331\312\063\172"
-"\167\326\370\354\271\361\150\104\102\110\023\322\300\302\244\256"
-"\136\140\376\266\246\005\374\264\335\007\131\002\324\131\030\230"
-"\143\365\245\143\340\220\014\175\135\262\006\172\363\205\352\353"
-"\324\003\256\136\204\076\137\377\025\355\151\274\371\071\066\162"
-"\165\317\167\122\115\363\311\220\054\271\075\345\311\043\123\077"
-"\037\044\230\041\134\007\231\051\275\306\072\354\347\156\206\072"
-"\153\227\164\143\063\275\150\030\061\360\170\215\166\277\374\236"
-"\216\135\052\206\247\115\220\334\047\032\071\002\003\001\000\001"
-"\243\105\060\103\060\035\006\003\125\035\016\004\026\004\024\345"
-"\235\131\060\202\107\130\314\254\372\010\124\066\206\173\072\265"
-"\004\115\360\060\022\006\003\125\035\023\001\001\377\004\010\060"
-"\006\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001"
-"\377\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367"
-"\015\001\001\005\005\000\003\202\001\001\000\205\014\135\216\344"
-"\157\121\150\102\005\240\335\273\117\047\045\204\003\275\367\144"
-"\375\055\327\060\343\244\020\027\353\332\051\051\266\171\077\166"
-"\366\031\023\043\270\020\012\371\130\244\324\141\160\275\004\141"
-"\152\022\212\027\325\012\275\305\274\060\174\326\351\014\045\215"
-"\206\100\117\354\314\243\176\070\306\067\021\117\355\335\150\061"
-"\216\114\322\263\001\164\356\276\165\136\007\110\032\177\160\377"
-"\026\134\204\300\171\205\270\005\375\177\276\145\021\243\017\300"
-"\002\264\370\122\067\071\004\325\251\061\172\030\277\240\052\364"
-"\022\231\367\243\105\202\343\074\136\365\235\236\265\310\236\174"
-"\056\310\244\236\116\010\024\113\155\375\160\155\153\032\143\275"
-"\144\346\037\267\316\360\362\237\056\273\033\267\362\120\210\163"
-"\222\302\342\343\026\215\232\062\002\253\216\030\335\351\020\021"
-"\356\176\065\253\220\257\076\060\224\172\320\063\075\247\145\017"
-"\365\374\216\236\142\317\107\104\054\001\135\273\035\265\062\322"
-"\107\322\070\056\320\376\201\334\062\152\036\265\356\074\325\374"
-"\347\201\035\031\303\044\102\352\143\071\251"
-, (PRUint32)891 }
-};
-static const NSSItem nss_builtins_items_111 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Root", (PRUint32)26 },
- { (void *)"\324\336\040\320\136\146\374\123\376\032\120\210\054\170\333\050"
-"\122\312\344\164"
-, (PRUint32)20 },
- { (void *)"\254\266\224\245\234\027\340\327\221\122\233\261\227\006\246\344"
-, (PRUint32)16 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004"
-"\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\122\157\157\164"
-, (PRUint32)92 },
- { (void *)"\002\000\000\271"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_112 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Mobile Commerce Root", (PRUint32)42 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004"
-"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122"
-"\157\157\164"
-, (PRUint32)99 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004"
-"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122"
-"\157\157\164"
-, (PRUint32)99 },
- { (void *)"\002\000\000\270"
-, (PRUint32)4 },
- { (void *)"\060\202\002\175\060\202\001\346\240\003\002\001\002\002\004\002"
-"\000\000\270\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\141\061\013\060\011\006\003\125\004\006\023\002\111"
-"\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164"
-"\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012"
-"\103\171\142\145\162\124\162\165\163\164\061\051\060\047\006\003"
-"\125\004\003\023\040\102\141\154\164\151\155\157\162\145\040\103"
-"\171\142\145\162\124\162\165\163\164\040\115\157\142\151\154\145"
-"\040\122\157\157\164\060\036\027\015\060\060\060\065\061\062\061"
-"\070\062\060\060\060\132\027\015\062\060\060\065\061\062\062\063"
-"\065\071\060\060\132\060\141\061\013\060\011\006\003\125\004\006"
-"\023\002\111\105\061\022\060\020\006\003\125\004\012\023\011\102"
-"\141\154\164\151\155\157\162\145\061\023\060\021\006\003\125\004"
-"\013\023\012\103\171\142\145\162\124\162\165\163\164\061\051\060"
-"\047\006\003\125\004\003\023\040\102\141\154\164\151\155\157\162"
-"\145\040\103\171\142\145\162\124\162\165\163\164\040\115\157\142"
-"\151\154\145\040\122\157\157\164\060\201\237\060\015\006\011\052"
-"\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201"
-"\211\002\201\201\000\243\155\261\070\126\254\374\265\126\041\336"
-"\300\220\135\046\107\202\306\175\217\037\240\205\217\057\273\324"
-"\341\034\035\362\044\037\050\260\057\271\244\245\157\242\042\040"
-"\144\376\204\107\074\176\053\154\151\152\270\324\300\226\216\214"
-"\122\015\315\157\101\324\277\004\256\247\201\057\055\230\110\322"
-"\301\224\243\265\031\135\135\121\144\364\216\101\260\233\300\055"
-"\042\240\136\306\330\132\022\143\274\021\112\136\046\022\035\342"
-"\046\005\346\017\137\042\037\172\137\166\224\256\317\132\050\016"
-"\253\105\332\042\061\002\003\001\000\001\243\102\060\100\060\035"
-"\006\003\125\035\016\004\026\004\024\311\342\217\300\002\046\132"
-"\266\300\007\343\177\224\007\030\333\056\245\232\160\060\017\006"
-"\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016"
-"\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015"
-"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201"
-"\000\123\010\013\046\011\170\102\163\324\354\172\167\107\015\343"
-"\013\063\161\357\256\063\024\115\373\372\375\032\267\121\365\344"
-"\231\034\006\161\327\051\031\327\346\025\040\121\121\106\155\117"
-"\336\030\111\230\320\370\170\273\161\350\215\001\006\325\327\144"
-"\217\224\337\107\376\240\205\151\066\251\057\102\172\150\112\022"
-"\326\213\013\160\104\012\244\004\357\046\210\301\065\161\070\135"
-"\033\133\110\102\360\347\224\034\160\225\064\250\253\365\253\342"
-"\170\255\365\360\122\375\233\352\102\014\350\330\124\276\123\146"
-"\365"
-, (PRUint32)641 }
-};
-static const NSSItem nss_builtins_items_113 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Baltimore CyberTrust Mobile Commerce Root", (PRUint32)42 },
- { (void *)"\264\343\013\234\301\325\356\275\240\040\030\370\271\212\321\377"
-"\151\267\072\161"
-, (PRUint32)20 },
- { (void *)"\353\264\040\035\017\266\161\003\367\304\367\307\244\162\206\350"
-, (PRUint32)16 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061"
-"\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155"
-"\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171"
-"\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004"
-"\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142"
-"\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122"
-"\157\157\164"
-, (PRUint32)99 },
- { (void *)"\002\000\000\270"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_114 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure Global eBusiness CA", (PRUint32)35 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060"
-"\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102"
-"\165\163\151\156\145\163\163\040\103\101\055\061"
-, (PRUint32)92 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060"
-"\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102"
-"\165\163\151\156\145\163\163\040\103\101\055\061"
-, (PRUint32)92 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\002\220\060\202\001\371\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034"
-"\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170"
-"\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060\053"
-"\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040\123"
-"\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102\165"
-"\163\151\156\145\163\163\040\103\101\055\061\060\036\027\015\071"
-"\071\060\066\062\061\060\064\060\060\060\060\132\027\015\062\060"
-"\060\066\062\061\060\064\060\060\060\060\132\060\132\061\013\060"
-"\011\006\003\125\004\006\023\002\125\123\061\034\060\032\006\003"
-"\125\004\012\023\023\105\161\165\151\146\141\170\040\123\145\143"
-"\165\162\145\040\111\156\143\056\061\055\060\053\006\003\125\004"
-"\003\023\044\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\107\154\157\142\141\154\040\145\102\165\163\151\156\145"
-"\163\163\040\103\101\055\061\060\201\237\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211"
-"\002\201\201\000\272\347\027\220\002\145\261\064\125\074\111\302"
-"\121\325\337\247\321\067\217\321\347\201\163\101\122\140\233\235"
-"\241\027\046\170\255\307\261\350\046\224\062\265\336\063\215\072"
-"\057\333\362\232\172\132\163\230\243\134\351\373\212\163\033\134"
-"\347\303\277\200\154\315\251\364\326\053\300\367\371\231\252\143"
-"\242\261\107\002\017\324\344\121\072\022\074\154\212\132\124\204"
-"\160\333\301\305\220\317\162\105\313\250\131\300\315\063\235\077"
-"\243\226\353\205\063\041\034\076\036\076\140\156\166\234\147\205"
-"\305\310\303\141\002\003\001\000\001\243\146\060\144\060\021\006"
-"\011\140\206\110\001\206\370\102\001\001\004\004\003\002\000\007"
-"\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001"
-"\377\060\037\006\003\125\035\043\004\030\060\026\200\024\276\250"
-"\240\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153"
-"\150\154\060\035\006\003\125\035\016\004\026\004\024\276\250\240"
-"\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153\150"
-"\154\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000"
-"\003\201\201\000\060\342\001\121\252\307\352\137\332\271\320\145"
-"\017\060\326\076\332\015\024\111\156\221\223\047\024\061\357\304"
-"\367\055\105\370\354\307\277\242\101\015\043\264\222\371\031\000"
-"\147\275\001\257\315\340\161\374\132\317\144\304\340\226\230\320"
-"\243\100\342\001\212\357\047\007\361\145\001\212\104\055\006\145"
-"\165\122\300\206\020\040\041\137\154\153\017\154\256\011\034\257"
-"\362\242\030\064\304\165\244\163\034\361\215\334\357\255\371\263"
-"\166\264\222\277\334\225\020\036\276\313\310\073\132\204\140\031"
-"\126\224\251\125"
-, (PRUint32)660 }
-};
-static const NSSItem nss_builtins_items_115 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure Global eBusiness CA", (PRUint32)35 },
- { (void *)"\176\170\112\020\034\202\145\314\055\341\361\155\107\264\100\312"
-"\331\012\031\105"
-, (PRUint32)20 },
- { (void *)"\217\135\167\006\047\304\230\074\133\223\170\347\327\175\233\314"
-, (PRUint32)16 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060"
-"\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102"
-"\165\163\151\156\145\163\163\040\103\101\055\061"
-, (PRUint32)92 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_116 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure eBusiness CA 1", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060"
-"\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163"
-"\040\103\101\055\061"
-, (PRUint32)85 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060"
-"\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163"
-"\040\103\101\055\061"
-, (PRUint32)85 },
- { (void *)"\004"
-, (PRUint32)1 },
- { (void *)"\060\202\002\202\060\202\001\353\240\003\002\001\002\002\001\004"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034"
-"\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170"
-"\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060\044"
-"\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040\123"
-"\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163\040"
-"\103\101\055\061\060\036\027\015\071\071\060\066\062\061\060\064"
-"\060\060\060\060\132\027\015\062\060\060\066\062\061\060\064\060"
-"\060\060\060\132\060\123\061\013\060\011\006\003\125\004\006\023"
-"\002\125\123\061\034\060\032\006\003\125\004\012\023\023\105\161"
-"\165\151\146\141\170\040\123\145\143\165\162\145\040\111\156\143"
-"\056\061\046\060\044\006\003\125\004\003\023\035\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\040\145\102\165\163\151"
-"\156\145\163\163\040\103\101\055\061\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\316\057\031\274\027\267\167\336\223\251"
-"\137\132\015\027\117\064\032\014\230\364\042\331\131\324\304\150"
-"\106\360\264\065\305\205\003\040\306\257\105\245\041\121\105\101"
-"\353\026\130\066\062\157\342\120\142\144\371\375\121\234\252\044"
-"\331\364\235\203\052\207\012\041\323\022\070\064\154\215\000\156"
-"\132\240\331\102\356\032\041\225\371\122\114\125\132\305\017\070"
-"\117\106\372\155\370\056\065\326\035\174\353\342\360\260\165\200"
-"\310\251\023\254\276\210\357\072\156\253\137\052\070\142\002\260"
-"\022\173\376\217\246\003\002\003\001\000\001\243\146\060\144\060"
-"\021\006\011\140\206\110\001\206\370\102\001\001\004\004\003\002"
-"\000\007\060\017\006\003\125\035\023\001\001\377\004\005\060\003"
-"\001\001\377\060\037\006\003\125\035\043\004\030\060\026\200\024"
-"\112\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152"
-"\107\174\114\241\060\035\006\003\125\035\016\004\026\004\024\112"
-"\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152\107"
-"\174\114\241\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\003\201\201\000\165\133\250\233\003\021\346\351\126\114"
-"\315\371\251\114\300\015\232\363\314\145\151\346\045\166\314\131"
-"\267\326\124\303\035\315\231\254\031\335\264\205\325\340\075\374"
-"\142\040\247\204\113\130\145\361\342\371\225\041\077\365\324\176"
-"\130\036\107\207\124\076\130\241\265\265\370\052\357\161\347\274"
-"\303\366\261\111\106\342\327\240\153\345\126\172\232\047\230\174"
-"\106\142\024\347\311\374\156\003\022\171\200\070\035\110\202\215"
-"\374\027\376\052\226\053\265\142\246\246\075\275\177\222\131\315"
-"\132\052\202\262\067\171"
-, (PRUint32)646 }
-};
-static const NSSItem nss_builtins_items_117 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure eBusiness CA 1", (PRUint32)30 },
- { (void *)"\332\100\030\213\221\211\243\355\356\256\332\227\376\057\235\365"
-"\267\321\212\101"
-, (PRUint32)20 },
- { (void *)"\144\234\357\056\104\374\306\217\122\007\320\121\163\217\313\075"
-, (PRUint32)16 },
- { (void *)"\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060"
-"\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040"
-"\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163"
-"\040\103\101\055\061"
-, (PRUint32)85 },
- { (void *)"\004"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_118 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure eBusiness CA 2", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004"
-"\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062"
-, (PRUint32)80 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004"
-"\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062"
-, (PRUint32)80 },
- { (void *)"\067\160\317\265"
-, (PRUint32)4 },
- { (void *)"\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\067"
-"\160\317\265\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003"
-"\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143"
-"\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101"
-"\055\062\060\036\027\015\071\071\060\066\062\063\061\062\061\064"
-"\064\065\132\027\015\061\071\060\066\062\063\061\062\061\064\064"
-"\065\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125"
-"\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151"
-"\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003"
-"\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143"
-"\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101"
-"\055\062\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\344"
-"\071\071\223\036\122\006\033\050\066\370\262\243\051\305\355\216"
-"\262\021\275\376\353\347\264\164\302\217\377\005\347\331\235\006"
-"\277\022\310\077\016\362\326\321\044\262\021\336\321\163\011\212"
-"\324\261\054\230\011\015\036\120\106\262\203\246\105\215\142\150"
-"\273\205\033\040\160\062\252\100\315\246\226\137\304\161\067\077"
-"\004\363\267\101\044\071\007\032\036\056\141\130\240\022\013\345"
-"\245\337\305\253\352\067\161\314\034\310\067\072\271\227\122\247"
-"\254\305\152\044\224\116\234\173\317\300\152\326\337\041\275\002"
-"\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003"
-"\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060"
-"\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141\170"
-"\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004\013"
-"\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162\145"
-"\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062\061"
-"\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032"
-"\006\003\125\035\020\004\023\060\021\201\017\062\060\061\071\060"
-"\066\062\063\061\062\061\064\064\065\132\060\013\006\003\125\035"
-"\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\120\236\013\352\257\136\271\040\110\246\120\152"
-"\313\375\330\040\172\247\202\166\060\035\006\003\125\035\016\004"
-"\026\004\024\120\236\013\352\257\136\271\040\110\246\120\152\313"
-"\375\330\040\172\247\202\166\060\014\006\003\125\035\023\004\005"
-"\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007"
-"\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006"
-"\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\003\201\201\000\014\206\202\255\350\116\032\365\216\211\047\342"
-"\065\130\075\051\264\007\217\066\120\225\277\156\301\236\353\304"
-"\220\262\205\250\273\267\102\340\017\007\071\337\373\236\220\262"
-"\321\301\076\123\237\003\104\260\176\113\364\157\344\174\037\347"
-"\342\261\344\270\232\357\303\275\316\336\013\062\064\331\336\050"
-"\355\063\153\304\324\327\075\022\130\253\175\011\055\313\160\365"
-"\023\212\224\241\047\244\326\160\305\155\224\265\311\175\235\240"
-"\322\306\010\111\331\146\233\246\323\364\013\334\305\046\127\341"
-"\221\060\352\315"
-, (PRUint32)804 }
-};
-static const NSSItem nss_builtins_items_119 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Equifax Secure eBusiness CA 2", (PRUint32)30 },
- { (void *)"\071\117\366\205\013\006\276\122\345\030\126\314\020\341\200\350"
-"\202\263\205\314"
-, (PRUint32)20 },
- { (void *)"\252\277\277\144\227\332\230\035\157\306\010\072\225\160\063\312"
-, (PRUint32)16 },
- { (void *)"\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141"
-"\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004"
-"\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162"
-"\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062"
-, (PRUint32)80 },
- { (void *)"\067\160\317\265"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_120 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 1", (PRUint32)33 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156"
-, (PRUint32)79 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156"
-, (PRUint32)79 },
- { (void *)"\003\035"
-, (PRUint32)2 },
- { (void *)"\060\202\003\130\060\202\002\100\240\003\002\001\002\002\002\003"
-"\035\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\060"
-"\036\027\015\060\060\060\070\061\066\062\061\065\062\060\060\132"
-"\027\015\062\060\060\070\061\065\062\063\065\071\060\060\132\060"
-"\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061\015"
-"\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057\060"
-"\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156\164"
-"\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166\151"
-"\143\145\040\101\163\163\157\143\151\141\164\151\157\156\060\202"
-"\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005"
-"\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\305"
-"\035\115\163\101\225\341\040\264\154\154\316\147\352\165\006\254"
-"\304\004\302\140\057\010\222\317\040\355\156\251\311\161\046\126"
-"\242\375\332\273\014\370\225\011\311\371\362\035\317\104\225\355"
-"\061\112\332\155\340\275\374\165\026\226\302\357\012\172\014\307"
-"\270\264\220\106\056\251\027\012\340\107\104\204\174\034\075\040"
-"\106\006\103\103\205\162\353\135\341\003\274\062\232\313\356\011"
-"\306\127\025\263\056\332\062\140\247\022\230\222\233\323\312\043"
-"\102\260\043\367\120\151\116\214\233\150\241\067\060\222\311\041"
-"\057\150\212\240\326\204\251\130\115\014\353\125\075\272\012\106"
-"\110\372\302\276\271\007\300\354\275\223\064\171\071\075\267\232"
-"\064\240\014\075\243\377\232\204\346\372\340\077\252\124\204\001"
-"\063\112\205\306\250\024\136\025\301\327\140\325\360\151\170\151"
-"\144\170\327\024\356\023\330\243\362\377\165\141\070\154\324\046"
-"\262\327\150\210\031\147\016\353\341\277\274\216\232\352\310\224"
-"\351\266\314\370\025\205\223\155\146\167\053\261\027\013\210\046"
-"\154\106\242\337\316\103\245\156\367\375\033\107\156\130\367\002"
-"\003\001\000\001\243\102\060\100\060\016\006\003\125\035\017\001"
-"\001\377\004\004\003\002\001\006\060\017\006\003\125\035\023\001"
-"\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035\016"
-"\004\026\004\024\313\303\306\143\312\336\161\177\333\247\327\377"
-"\102\164\366\313\314\266\120\062\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\266\030\204\244"
-"\276\346\177\315\373\106\221\024\175\000\100\167\167\206\271\215"
-"\161\035\234\376\361\330\345\001\077\331\242\140\033\315\272\163"
-"\064\054\356\136\004\222\304\042\104\126\354\352\373\367\311\001"
-"\026\375\350\050\355\370\336\375\074\076\056\230\214\215\343\170"
-"\342\317\216\213\340\257\301\215\140\024\202\202\126\261\207\056"
-"\360\351\022\025\035\076\151\012\255\216\246\130\364\231\374\021"
-"\106\356\367\311\355\306\257\054\271\206\045\322\227\376\117\235"
-"\330\062\341\302\146\121\163\206\015\335\165\343\212\372\364\212"
-"\065\146\335\210\147\255\171\250\374\151\365\333\372\257\225\264"
-"\234\220\037\137\301\026\311\310\010\200\032\327\003\362\136\161"
-"\243\126\143\036\105\066\175\161\276\061\147\164\206\057\331\354"
-"\210\302\040\275\231\115\075\125\005\320\242\132\114\125\042\230"
-"\320\361\165\364\027\372\330\343\376\342\024\340\017\145\372\262"
-"\326\151\054\063\120\311\047\240\254\220\061\113\024\345\353\143"
-"\144\340\075\343\374\022\112\305\226\202\055\332\045\071\376\324"
-"\177\056\101\307\142\110\327\161\105\073\170\222"
-, (PRUint32)860 }
-};
-static const NSSItem nss_builtins_items_121 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 1", (PRUint32)33 },
- { (void *)"\106\260\324\152\346\120\054\267\223\205\000\010\220\373\363\120"
-"\251\310\140\157"
-, (PRUint32)20 },
- { (void *)"\031\152\006\154\335\311\017\266\024\321\311\373\163\077\005\317"
-, (PRUint32)16 },
- { (void *)"\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156"
-, (PRUint32)79 },
- { (void *)"\003\035"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_122 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 2", (PRUint32)33 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062"
-, (PRUint32)99 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062"
-, (PRUint32)99 },
- { (void *)"\003\036"
-, (PRUint32)2 },
- { (void *)"\060\202\003\200\060\202\002\150\240\003\002\001\002\002\002\003"
-"\036\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062\060\036\027\015\060\060\060\070\061\066\062\062\065"
-"\061\060\060\132\027\015\062\060\060\070\061\065\062\063\065\071"
-"\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123"
-"\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141"
-"\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123"
-"\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151"
-"\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040"
-"\122\157\157\164\040\062\060\202\001\042\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202"
-"\001\012\002\202\001\001\000\251\001\160\265\252\304\100\360\253"
-"\152\046\141\171\031\000\374\277\233\067\131\014\257\157\144\033"
-"\370\332\225\224\044\151\063\021\160\312\343\126\164\242\027\127"
-"\144\134\040\006\341\326\357\161\267\073\367\253\301\151\320\111"
-"\244\261\004\327\364\127\142\211\134\260\165\055\027\044\151\343"
-"\102\140\344\356\164\326\253\200\126\330\210\050\341\373\155\042"
-"\375\043\174\106\163\117\176\124\163\036\250\054\125\130\165\267"
-"\114\363\132\105\245\002\032\372\332\235\303\105\303\042\136\363"
-"\213\361\140\051\322\307\137\264\014\072\121\203\357\060\370\324"
-"\347\307\362\372\231\243\042\120\276\371\005\067\243\255\355\232"
-"\303\346\354\210\033\266\031\047\033\070\213\200\115\354\271\307"
-"\305\211\313\374\032\062\355\043\360\265\001\130\371\366\217\340"
-"\205\251\114\011\162\071\022\333\263\365\317\116\142\144\332\306"
-"\031\025\072\143\035\351\027\125\241\114\042\074\064\062\106\370"
-"\145\127\272\053\357\066\214\152\372\331\331\104\364\252\335\204"
-"\327\015\034\262\124\254\062\205\264\144\015\336\101\273\261\064"
-"\306\001\206\062\144\325\237\002\003\001\000\001\243\102\060\100"
-"\060\035\006\003\125\035\016\004\026\004\024\236\175\113\064\277"
-"\161\255\302\005\366\003\165\200\316\251\117\032\304\044\114\060"
-"\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377"
-"\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003"
-"\202\001\001\000\041\245\166\024\125\371\255\047\160\217\074\364"
-"\325\154\310\314\012\253\243\230\013\212\006\043\305\311\141\333"
-"\231\007\151\065\046\061\376\307\056\204\302\231\141\324\015\351"
-"\175\056\023\053\174\216\205\266\205\307\113\317\065\266\054\107"
-"\075\316\051\057\330\157\237\211\034\144\223\277\010\275\166\320"
-"\220\212\224\263\177\050\133\156\254\115\063\054\355\145\334\026"
-"\314\342\315\256\244\075\142\222\006\225\046\277\337\271\344\040"
-"\246\163\152\301\276\367\224\104\326\115\157\052\013\153\030\115"
-"\164\020\066\150\152\132\301\152\247\335\066\051\214\270\060\213"
-"\117\041\077\000\056\124\060\007\072\272\212\344\303\236\312\330"
-"\265\330\173\316\165\105\146\007\364\155\055\330\172\312\351\211"
-"\212\362\043\330\057\313\156\000\066\117\373\360\057\001\314\017"
-"\300\042\145\364\253\342\116\141\055\003\202\175\221\026\265\060"
-"\325\024\336\136\307\220\374\241\374\253\020\257\134\153\160\247"
-"\007\357\051\206\350\262\045\307\040\377\046\335\167\357\171\104"
-"\024\304\275\335\073\305\003\233\167\043\354\240\354\273\132\071"
-"\265\314\255\006"
-, (PRUint32)900 }
-};
-static const NSSItem nss_builtins_items_123 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 2", (PRUint32)33 },
- { (void *)"\311\015\033\352\210\075\247\321\027\276\073\171\364\041\016\032"
-"\130\224\247\055"
-, (PRUint32)20 },
- { (void *)"\065\110\225\066\112\124\132\162\226\216\340\144\314\357\054\214"
-, (PRUint32)16 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\062"
-, (PRUint32)99 },
- { (void *)"\003\036"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_124 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 3", (PRUint32)33 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\063"
-, (PRUint32)99 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\063"
-, (PRUint32)99 },
- { (void *)"\003\037"
-, (PRUint32)2 },
- { (void *)"\060\202\003\200\060\202\002\150\240\003\002\001\002\002\002\003"
-"\037\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\063\060\036\027\015\060\060\060\070\061\066\062\063\063"
-"\064\060\060\132\027\015\062\060\060\070\061\065\062\063\065\071"
-"\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123"
-"\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141"
-"\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123"
-"\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151"
-"\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040"
-"\122\157\157\164\040\063\060\202\001\042\060\015\006\011\052\206"
-"\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202"
-"\001\012\002\202\001\001\000\272\354\103\270\064\352\243\147\337"
-"\167\011\037\032\020\242\036\251\116\225\114\164\347\014\334\154"
-"\306\230\320\253\372\027\044\232\147\243\111\024\144\211\217\223"
-"\022\057\357\217\330\316\020\004\213\205\300\334\057\274\051\230"
-"\257\234\102\305\313\322\226\317\364\245\305\055\156\115\214\070"
-"\216\262\152\010\231\325\221\033\250\355\063\223\111\135\313\347"
-"\025\103\155\122\361\310\350\327\332\060\340\230\052\251\133\243"
-"\303\321\001\003\201\135\176\266\011\225\350\333\062\156\375\072"
-"\303\265\236\233\375\131\031\040\263\043\300\342\152\356\104\226"
-"\200\357\150\011\100\224\302\267\063\111\203\345\311\256\055\040"
-"\067\220\030\075\040\066\332\171\071\257\270\127\237\172\357\140"
-"\052\041\204\370\377\240\071\041\323\330\155\124\307\303\152\074"
-"\310\134\037\056\107\162\024\154\125\113\011\006\315\216\305\153"
-"\013\347\007\107\072\175\222\137\175\017\260\134\063\127\203\203"
-"\077\036\204\250\171\220\237\227\116\042\334\165\042\310\156\057"
-"\326\320\313\166\341\014\127\227\341\046\217\051\204\123\362\345"
-"\216\223\312\113\212\114\065\002\003\001\000\001\243\102\060\100"
-"\060\035\006\003\125\035\016\004\026\004\024\242\134\156\015\145"
-"\010\301\367\116\133\311\155\360\320\126\033\071\202\103\273\060"
-"\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377"
-"\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003"
-"\202\001\001\000\003\215\126\010\263\241\255\375\163\102\331\147"
-"\054\156\232\317\277\036\310\115\362\115\322\331\067\311\070\104"
-"\215\256\211\014\357\214\231\053\112\223\365\155\254\146\112\077"
-"\127\152\020\245\242\032\023\246\054\352\142\347\200\371\275\375"
-"\344\377\332\021\237\071\130\155\365\103\362\364\375\246\277\235"
-"\261\253\232\106\007\337\341\360\133\077\376\135\131\100\006\254"
-"\030\010\107\114\074\114\110\106\316\210\341\250\266\236\165\246"
-"\240\367\176\033\266\304\215\355\360\052\123\025\112\333\051\117"
-"\071\123\347\122\130\243\276\334\344\220\055\265\311\316\230\377"
-"\054\206\241\010\240\310\316\367\202\071\011\014\301\302\324\251"
-"\244\052\016\063\201\307\074\160\313\060\155\244\126\267\233\134"
-"\174\002\042\276\345\007\175\155\044\321\047\261\326\035\036\134"
-"\107\074\277\056\156\370\034\204\110\354\365\341\240\225\021\315"
-"\347\060\353\134\360\051\173\165\202\002\006\262\363\223\071\322"
-"\016\254\337\137\044\023\025\060\103\365\120\324\307\203\240\103"
-"\071\117\145\064\275\246\351\316\341\164\276\040\337\322\162\026"
-"\113\211\106\166"
-, (PRUint32)900 }
-};
-static const NSSItem nss_builtins_items_125 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 3", (PRUint32)33 },
- { (void *)"\000\263\327\076\235\205\161\066\073\147\325\056\136\156\371\022"
-"\242\205\067\122"
-, (PRUint32)20 },
- { (void *)"\327\276\275\236\373\162\170\072\347\212\275\201\276\013\075\030"
-, (PRUint32)16 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\063"
-, (PRUint32)99 },
- { (void *)"\003\037"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_126 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 4", (PRUint32)33 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\064"
-, (PRUint32)99 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\064"
-, (PRUint32)99 },
- { (void *)"\003\040"
-, (PRUint32)2 },
- { (void *)"\060\202\002\173\060\202\001\344\240\003\002\001\002\002\002\003"
-"\040\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\064\060\036\027\015\060\060\060\070\061\067\060\060\061"
-"\071\060\060\132\027\015\062\060\060\070\061\066\062\063\065\071"
-"\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123"
-"\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141"
-"\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123"
-"\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151"
-"\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040"
-"\122\157\157\164\040\064\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\270\353\360\217\240\346\361\343\000\077\136\162\236"
-"\256\004\017\364\117\316\312\332\142\063\352\356\132\302\301\366"
-"\056\070\211\264\015\317\241\256\271\061\263\375\246\307\266\304"
-"\154\203\014\200\141\070\072\012\276\034\001\240\031\033\347\373"
-"\162\155\222\143\233\246\257\063\364\264\133\032\350\050\336\114"
-"\347\067\361\024\361\340\027\340\024\110\354\104\035\171\245\116"
-"\252\341\244\204\167\275\313\115\266\352\160\176\137\252\027\054"
-"\113\133\260\352\205\324\151\250\021\351\053\067\035\273\246\004"
-"\356\233\101\002\003\001\000\001\243\102\060\100\060\035\006\003"
-"\125\035\016\004\026\004\024\103\306\110\100\300\017\306\030\132"
-"\111\111\345\201\200\006\115\137\335\324\205\060\017\006\003\125"
-"\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003"
-"\125\035\017\001\001\377\004\004\003\002\001\006\060\015\006\011"
-"\052\206\110\206\367\015\001\001\005\005\000\003\201\201\000\244"
-"\031\075\163\316\207\321\237\126\022\134\310\070\345\356\371\022"
-"\310\331\001\352\235\203\064\306\242\153\213\167\172\222\176\207"
-"\307\125\043\024\215\302\150\115\031\362\151\264\352\107\024\221"
-"\073\121\207\030\372\166\233\342\173\034\023\323\346\146\036\012"
-"\022\271\135\220\306\073\023\024\042\315\065\214\055\105\140\000"
-"\004\310\357\130\002\305\135\231\264\220\155\336\124\327\043\342"
-"\071\204\045\303\150\243\142\243\171\330\230\241\132\322\134\211"
-"\375\345\026\014\364\253\027\110\176\255\353\200\300\125\201"
-, (PRUint32)639 }
-};
-static const NSSItem nss_builtins_items_127 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 4", (PRUint32)33 },
- { (void *)"\231\001\027\355\035\374\376\140\054\136\120\175\140\223\051\223"
-"\214\100\014\146"
-, (PRUint32)20 },
- { (void *)"\010\107\110\253\040\057\157\302\163\013\262\025\005\041\036\312"
-, (PRUint32)16 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\064"
-, (PRUint32)99 },
- { (void *)"\003\040"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_128 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 5", (PRUint32)33 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\065"
-, (PRUint32)99 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\065"
-, (PRUint32)99 },
- { (void *)"\003\041"
-, (PRUint32)2 },
- { (void *)"\060\202\002\173\060\202\001\344\240\003\002\001\002\002\002\003"
-"\041\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\065\060\036\027\015\060\060\060\070\061\067\060\060\062"
-"\070\060\060\132\027\015\062\060\060\070\061\066\062\063\065\071"
-"\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002"
-"\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123"
-"\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141"
-"\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123"
-"\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151"
-"\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040"
-"\122\157\157\164\040\065\060\201\237\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002"
-"\201\201\000\255\000\156\362\240\174\061\021\034\101\260\067\217"
-"\203\242\103\313\227\137\002\040\211\015\156\274\052\261\361\245"
-"\144\357\330\216\112\326\162\235\236\156\037\232\250\371\205\003"
-"\254\301\047\152\204\345\146\110\161\232\136\102\017\212\342\237"
-"\366\200\017\043\254\123\303\301\237\002\304\370\130\106\352\364"
-"\251\202\257\155\007\106\206\361\055\374\006\270\036\125\325\071"
-"\141\222\204\213\361\330\212\063\116\074\023\265\326\161\374\153"
-"\076\264\034\172\013\207\325\065\146\064\303\163\062\143\130\337"
-"\022\153\043\002\003\001\000\001\243\102\060\100\060\035\006\003"
-"\125\035\016\004\026\004\024\043\116\363\002\004\004\327\322\247"
-"\000\126\301\316\111\054\214\025\226\063\057\060\017\006\003\125"
-"\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003"
-"\125\035\017\001\001\377\004\004\003\002\001\006\060\015\006\011"
-"\052\206\110\206\367\015\001\001\005\005\000\003\201\201\000\074"
-"\224\001\207\362\310\317\341\217\256\271\013\342\034\175\361\031"
-"\255\321\355\366\001\133\066\123\012\200\076\256\064\126\147\160"
-"\156\103\124\116\171\315\213\325\120\031\062\330\111\070\064\375"
-"\266\163\111\353\016\111\172\277\032\367\352\007\050\045\273\025"
-"\111\034\121\112\125\232\070\057\055\017\130\371\171\321\002\145"
-"\023\214\131\237\020\177\135\027\074\164\362\265\352\167\201\066"
-"\206\157\062\133\005\264\015\243\046\147\360\344\065\016\107\275"
-"\153\301\221\235\013\364\077\232\021\174\224\026\147\266\230"
-, (PRUint32)639 }
-};
-static const NSSItem nss_builtins_items_129 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Visa International Global Root 5", (PRUint32)33 },
- { (void *)"\367\027\230\102\276\276\302\037\113\055\235\013\234\067\036\064"
-"\206\325\251\317"
-, (PRUint32)20 },
- { (void *)"\317\200\157\240\170\121\321\126\233\253\310\135\243\157\220\012"
-, (PRUint32)16 },
- { (void *)"\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057"
-"\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166"
-"\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061"
-"\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157"
-"\164\040\065"
-, (PRUint32)99 },
- { (void *)"\003\041"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_130 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA", (PRUint32)18 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
- { (void *)"\071\117\175\207"
-, (PRUint32)4 },
- { (void *)"\060\202\005\054\060\202\004\024\240\003\002\001\002\002\004\071"
-"\117\175\207\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\127"
-"\127\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122"
-"\125\123\124\145\144\061\033\060\031\006\003\125\004\003\023\022"
-"\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103"
-"\101\163\061\032\060\030\006\003\125\004\003\023\021\142\145\124"
-"\122\125\123\124\145\144\040\122\157\157\164\040\103\101\060\036"
-"\027\015\060\060\060\066\062\060\061\064\062\061\060\064\132\027"
-"\015\061\060\060\066\062\060\061\063\062\061\060\064\132\060\132"
-"\061\013\060\011\006\003\125\004\006\023\002\127\127\061\022\060"
-"\020\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145"
-"\144\061\033\060\031\006\003\125\004\003\023\022\142\145\124\122"
-"\125\123\124\145\144\040\122\157\157\164\040\103\101\163\061\032"
-"\060\030\006\003\125\004\003\023\021\142\145\124\122\125\123\124"
-"\145\144\040\122\157\157\164\040\103\101\060\202\001\042\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001"
-"\017\000\060\202\001\012\002\202\001\001\000\324\264\163\172\023"
-"\012\070\125\001\276\211\126\341\224\236\324\276\132\353\112\064"
-"\165\033\141\051\304\341\255\010\140\041\170\110\377\264\320\372"
-"\136\101\215\141\104\207\350\355\311\130\372\374\223\232\337\117"
-"\352\076\065\175\370\063\172\346\361\327\315\157\111\113\075\117"
-"\055\156\016\203\072\030\170\167\243\317\347\364\115\163\330\232"
-"\073\032\035\276\225\123\317\040\227\302\317\076\044\122\154\014"
-"\216\145\131\305\161\377\142\011\217\252\305\217\314\140\240\163"
-"\112\327\070\077\025\162\277\242\227\267\160\350\257\342\176\026"
-"\006\114\365\252\144\046\162\007\045\255\065\374\030\261\046\327"
-"\330\377\031\016\203\033\214\334\170\105\147\064\075\364\257\034"
-"\215\344\155\153\355\040\263\147\232\264\141\313\027\157\211\065"
-"\377\347\116\300\062\022\347\356\354\337\377\227\060\164\355\215"
-"\107\216\353\264\303\104\346\247\114\177\126\103\350\270\274\266"
-"\276\372\203\227\346\273\373\304\266\223\276\031\030\076\214\201"
-"\271\163\210\026\364\226\103\234\147\163\027\220\330\011\156\143"
-"\254\112\266\043\304\001\241\255\244\344\305\002\003\001\000\001"
-"\243\202\001\370\060\202\001\364\060\017\006\003\125\035\023\001"
-"\001\377\004\005\060\003\001\001\377\060\202\001\131\006\003\125"
-"\035\040\004\202\001\120\060\202\001\114\060\202\001\110\006\012"
-"\053\006\001\004\001\261\076\001\000\000\060\202\001\070\060\202"
-"\001\001\006\010\053\006\001\005\005\007\002\002\060\201\364\032"
-"\201\361\122\145\154\151\141\156\143\145\040\157\156\040\164\150"
-"\151\163\040\143\145\162\164\151\146\151\143\141\164\145\040\142"
-"\171\040\141\156\171\040\160\141\162\164\171\040\141\163\163\165"
-"\155\145\163\040\141\143\143\145\160\164\141\156\143\145\040\157"
-"\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154\151"
-"\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040\164"
-"\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164\151"
-"\157\156\163\040\157\146\040\165\163\145\054\040\141\156\144\040"
-"\143\145\162\164\151\146\151\143\141\164\151\157\156\040\160\162"
-"\141\143\164\151\143\145\040\163\164\141\164\145\155\145\156\164"
-"\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040\146"
-"\157\165\156\144\040\141\164\040\142\145\124\122\125\123\124\145"
-"\144\047\163\040\167\145\142\040\163\151\164\145\054\040\150\164"
-"\164\160\163\072\057\057\167\167\167\056\142\145\124\122\125\123"
-"\124\145\144\056\143\157\155\057\166\141\165\154\164\057\164\145"
-"\162\155\163\060\061\006\010\053\006\001\005\005\007\002\001\026"
-"\045\150\164\164\160\163\072\057\057\167\167\167\056\142\145\124"
-"\122\125\123\124\145\144\056\143\157\155\057\166\141\165\154\164"
-"\057\164\145\162\155\163\060\064\006\003\125\035\037\004\055\060"
-"\053\060\051\240\047\240\045\244\043\060\041\061\022\060\020\006"
-"\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144\061"
-"\013\060\011\006\003\125\004\006\023\002\127\127\060\035\006\003"
-"\125\035\016\004\026\004\024\052\271\233\151\056\073\233\330\315"
-"\336\052\061\004\064\153\312\007\030\253\147\060\037\006\003\125"
-"\035\043\004\030\060\026\200\024\052\271\233\151\056\073\233\330"
-"\315\336\052\061\004\064\153\312\007\030\253\147\060\016\006\003"
-"\125\035\017\001\001\377\004\004\003\002\001\376\060\015\006\011"
-"\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000"
-"\171\141\333\243\136\156\026\261\352\166\121\371\313\025\233\313"
-"\151\276\346\201\153\237\050\037\145\076\335\021\205\222\324\350"
-"\101\277\176\063\275\043\347\361\040\277\244\264\246\031\001\306"
-"\214\215\065\174\145\244\117\011\244\326\330\043\025\005\023\247"
-"\103\171\257\333\243\016\233\173\170\032\363\004\206\132\306\366"
-"\214\040\107\070\111\120\006\235\162\147\072\360\230\003\255\226"
-"\147\104\374\077\020\015\206\115\344\000\073\051\173\316\073\073"
-"\231\206\141\045\100\204\334\023\142\267\372\312\131\326\003\036"
-"\326\123\001\315\155\114\150\125\100\341\356\153\307\052\000\000"
-"\110\202\263\012\001\303\140\052\014\367\202\065\356\110\206\226"
-"\344\164\324\075\352\001\161\272\004\165\100\247\251\177\071\071"
-"\232\125\227\051\145\256\031\125\045\005\162\107\323\350\030\334"
-"\270\351\257\103\163\001\022\164\243\341\134\137\025\135\044\363"
-"\371\344\364\266\147\147\022\347\144\042\212\366\245\101\246\034"
-"\266\140\143\105\212\020\264\272\106\020\256\101\127\145\154\077"
-"\043\020\077\041\020\131\267\344\100\335\046\014\043\366\252\256"
-, (PRUint32)1328 }
-};
-static const NSSItem nss_builtins_items_131 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"beTRUSTed Root CA", (PRUint32)18 },
- { (void *)"\133\315\315\314\146\366\334\344\104\037\343\175\134\303\023\114"
-"\106\364\160\070"
-, (PRUint32)20 },
- { (void *)"\205\312\166\132\033\321\150\042\334\242\043\022\312\306\200\064"
-, (PRUint32)16 },
- { (void *)"\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061"
-"\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123"
-"\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145"
-"\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163"
-"\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125"
-"\123\124\145\144\040\122\157\157\164\040\103\101"
-, (PRUint32)92 },
- { (void *)"\071\117\175\207"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_132 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert Root CA", (PRUint32)14 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\073\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\026\060\024\006\003\125\004\013\023\015"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101"
-, (PRUint32)61 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\073\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\026\060\024\006\003\125\004\013\023\015"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101"
-, (PRUint32)61 },
- { (void *)"\012\001\001\001\000\000\002\174\000\000\000\002\000\000\000\002"
-, (PRUint32)16 },
- { (void *)"\060\202\003\143\060\202\002\113\240\003\002\001\002\002\020\012"
-"\001\001\001\000\000\002\174\000\000\000\002\000\000\000\002\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\073"
-"\061\041\060\037\006\003\125\004\012\023\030\130\143\145\162\164"
-"\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\111"
-"\156\143\056\061\026\060\024\006\003\125\004\013\023\015\130\143"
-"\145\162\164\040\122\157\157\164\040\103\101\060\036\027\015\060"
-"\060\060\070\061\070\061\070\061\070\061\067\132\027\015\062\065"
-"\060\070\061\065\061\071\060\063\061\067\132\060\073\061\041\060"
-"\037\006\003\125\004\012\023\030\130\143\145\162\164\040\111\156"
-"\164\145\162\156\141\164\151\157\156\141\154\040\111\156\143\056"
-"\061\026\060\024\006\003\125\004\013\023\015\130\143\145\162\164"
-"\040\122\157\157\164\040\103\101\060\202\001\042\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000"
-"\060\202\001\012\002\202\001\001\000\250\264\141\213\035\034\076"
-"\220\173\160\062\100\155\215\026\312\065\141\141\265\342\373\025"
-"\311\364\041\136\201\033\317\042\234\254\253\273\140\320\240\063"
-"\336\021\123\032\011\017\073\032\023\251\324\207\314\130\367\055"
-"\122\251\242\302\251\072\355\317\064\235\241\002\357\270\362\270"
-"\053\127\210\020\223\265\251\065\143\273\005\102\103\042\177\277"
-"\160\136\323\050\245\125\050\040\113\223\111\217\247\277\075\100"
-"\050\015\021\257\162\046\011\005\064\011\305\253\001\223\127\241"
-"\254\146\124\230\042\234\043\353\272\014\144\234\266\075\373\342"
-"\306\226\302\317\013\117\352\310\060\372\212\053\312\034\021\226"
-"\032\051\000\214\353\162\324\121\105\251\235\167\040\325\022\273"
-"\265\362\177\006\070\202\115\175\222\036\350\325\372\310\051\107"
-"\151\032\025\021\214\257\246\054\301\050\364\151\133\151\236\344"
-"\074\023\356\300\241\140\352\101\277\302\142\113\155\242\067\204"
-"\072\076\363\260\062\256\212\153\154\023\363\072\041\012\173\226"
-"\130\063\051\136\156\250\312\151\242\276\216\006\105\135\361\146"
-"\071\125\112\034\132\044\261\113\321\002\003\001\000\001\243\143"
-"\060\141\060\017\006\003\125\035\023\001\001\377\004\005\060\003"
-"\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003"
-"\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200\024"
-"\104\250\111\070\165\061\154\253\050\347\161\362\330\324\310\257"
-"\101\017\107\221\060\035\006\003\125\035\016\004\026\004\024\104"
-"\250\111\070\165\061\154\253\050\347\161\362\330\324\310\257\101"
-"\017\107\221\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\202\001\001\000\075\163\136\245\012\273\265\021\303"
-"\361\147\321\022\032\242\107\051\021\114\116\131\067\040\206\011"
-"\100\362\105\361\111\171\071\032\075\045\327\057\051\320\010\005"
-"\025\024\373\344\104\154\077\176\136\265\122\330\221\130\074\226"
-"\373\324\112\357\361\056\301\126\036\114\151\014\331\140\035\112"
-"\107\047\265\003\063\333\030\273\333\123\236\241\173\121\152\220"
-"\323\245\025\310\202\013\300\267\067\062\165\205\124\136\125\020"
-"\174\221\073\251\053\140\306\061\166\254\304\060\111\003\304\266"
-"\126\100\245\360\143\257\151\112\210\257\327\253\013\356\072\333"
-"\275\023\203\250\073\242\351\271\105\365\121\115\224\360\131\251"
-"\333\241\067\147\322\024\236\247\173\327\031\252\025\043\153\151"
-"\165\321\023\076\130\364\363\001\350\210\304\224\126\311\300\376"
-"\337\117\107\125\037\153\201\116\124\355\023\137\162\374\046\206"
-"\004\066\217\117\022\115\234\120\342\116\132\126\254\271\375\054"
-"\037\130\173\005\022\007\143\070\357\031\343\364\074\221\132\242"
-"\045\142\127\274\306\224\240\167\234\317\064\142\340\277\373\165"
-"\074\351\033\046\033\234\144"
-, (PRUint32)871 }
-};
-static const NSSItem nss_builtins_items_133 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert Root CA", (PRUint32)14 },
- { (void *)"\041\021\164\054\135\202\325\257\325\231\114\122\004\123\125\050"
-"\104\361\154\261"
-, (PRUint32)20 },
- { (void *)"\226\201\231\014\155\262\211\205\303\331\200\234\063\273\076\031"
-, (PRUint32)16 },
- { (void *)"\060\073\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\026\060\024\006\003\125\004\013\023\015"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101"
-, (PRUint32)61 },
- { (void *)"\012\001\001\001\000\000\002\174\000\000\000\002\000\000\000\002"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_134 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert Root CA 1024", (PRUint32)19 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\100\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\033\060\031\006\003\125\004\013\023\022"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\061\060"
-"\062\064"
-, (PRUint32)66 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\100\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\033\060\031\006\003\125\004\013\023\022"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\061\060"
-"\062\064"
-, (PRUint32)66 },
- { (void *)"\012\001\001\001\000\000\002\174\000\000\000\003\000\000\000\002"
-, (PRUint32)16 },
- { (void *)"\060\202\002\150\060\202\001\321\240\003\002\001\002\002\020\012"
-"\001\001\001\000\000\002\174\000\000\000\003\000\000\000\002\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\100"
-"\061\041\060\037\006\003\125\004\012\023\030\130\143\145\162\164"
-"\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\111"
-"\156\143\056\061\033\060\031\006\003\125\004\013\023\022\130\143"
-"\145\162\164\040\122\157\157\164\040\103\101\040\061\060\062\064"
-"\060\036\027\015\060\060\060\070\061\070\061\070\063\061\063\062"
-"\132\027\015\062\065\060\070\061\065\061\071\060\060\065\066\132"
-"\060\100\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\033\060\031\006\003\125\004\013\023\022"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\061\060"
-"\062\064\060\201\237\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\326"
-"\276\067\211\021\251\242\367\107\054\052\317\152\000\046\145\050"
-"\104\244\212\344\336\240\103\125\231\104\153\274\156\270\307\316"
-"\306\143\266\323\350\157\305\230\053\044\221\270\236\242\272\161"
-"\110\336\064\040\041\172\326\322\305\211\062\245\211\306\334\205"
-"\204\124\362\236\110\355\314\104\266\006\377\216\304\316\131\255"
-"\237\154\351\042\130\301\077\024\012\103\200\207\031\122\120\343"
-"\050\007\310\254\030\342\261\032\252\243\342\140\267\166\121\007"
-"\051\071\136\110\351\146\160\201\056\070\232\275\031\175\353\002"
-"\003\001\000\001\243\143\060\141\060\017\006\003\125\035\023\001"
-"\001\377\004\005\060\003\001\001\377\060\016\006\003\125\035\017"
-"\001\001\377\004\004\003\002\001\006\060\037\006\003\125\035\043"
-"\004\030\060\026\200\024\204\171\307\117\007\131\261\153\301\072"
-"\065\272\270\364\325\231\047\310\272\016\060\035\006\003\125\035"
-"\016\004\026\004\024\204\171\307\117\007\131\261\153\301\072\065"
-"\272\270\364\325\231\047\310\272\016\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\201\201\000\163\260\341\000"
-"\355\256\150\322\140\003\106\353\371\034\361\245\246\174\134\062"
-"\174\354\002\141\323\034\035\163\061\054\272\216\275\111\115\310"
-"\335\331\167\165\101\347\222\041\232\154\051\333\247\154\160\206"
-"\240\134\303\344\363\062\314\001\204\131\327\210\071\070\363\250"
-"\342\342\032\260\227\315\053\027\334\144\004\017\252\152\163\224"
-"\326\353\010\306\200\151\115\336\172\325\305\067\361\222\027\074"
-"\155\323\212\041\314\144\020\252\336\142\207\037\217\270\370\252"
-"\165\112\364\010\054\365\334\146\317\303\070\176"
-, (PRUint32)620 }
-};
-static const NSSItem nss_builtins_items_135 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert Root CA 1024", (PRUint32)19 },
- { (void *)"\054\245\040\131\044\213\336\160\224\354\326\313\143\116\176\051"
-"\207\004\113\220"
-, (PRUint32)20 },
- { (void *)"\304\040\322\322\017\140\113\244\062\340\221\324\040\113\111\270"
-, (PRUint32)16 },
- { (void *)"\060\100\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\033\060\031\006\003\125\004\013\023\022"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\061\060"
-"\062\064"
-, (PRUint32)66 },
- { (void *)"\012\001\001\001\000\000\002\174\000\000\000\003\000\000\000\002"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_136 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert Root CA v1", (PRUint32)17 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\076\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\031\060\027\006\003\125\004\013\023\020"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061"
-, (PRUint32)64 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\076\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\031\060\027\006\003\125\004\013\023\020"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061"
-, (PRUint32)64 },
- { (void *)"\012\001\001\001\000\000\002\174\000\000\000\004\000\000\000\002"
-, (PRUint32)16 },
- { (void *)"\060\202\002\377\060\202\001\347\002\020\012\001\001\001\000\000"
-"\002\174\000\000\000\004\000\000\000\002\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\076\061\041\060\037\006"
-"\003\125\004\012\023\030\130\143\145\162\164\040\111\156\164\145"
-"\162\156\141\164\151\157\156\141\154\040\111\156\143\056\061\031"
-"\060\027\006\003\125\004\013\023\020\130\143\145\162\164\040\122"
-"\157\157\164\040\103\101\040\166\061\060\036\027\015\060\060\060"
-"\070\061\070\061\070\064\060\065\060\132\027\015\062\065\060\070"
-"\061\065\061\071\060\060\063\070\132\060\076\061\041\060\037\006"
-"\003\125\004\012\023\030\130\143\145\162\164\040\111\156\164\145"
-"\162\156\141\164\151\157\156\141\154\040\111\156\143\056\061\031"
-"\060\027\006\003\125\004\013\023\020\130\143\145\162\164\040\122"
-"\157\157\164\040\103\101\040\166\061\060\202\001\042\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017"
-"\000\060\202\001\012\002\202\001\001\000\301\222\253\362\266\065"
-"\066\002\110\017\205\364\116\057\202\145\315\110\276\261\267\075"
-"\263\173\256\272\062\064\206\074\230\277\370\260\275\373\302\314"
-"\366\011\227\070\134\215\245\043\116\341\310\204\346\220\147\164"
-"\073\243\366\156\231\053\217\303\007\322\227\121\007\117\004\313"
-"\236\262\370\074\367\070\346\226\112\072\353\025\157\347\142\346"
-"\103\063\007\262\015\132\317\225\051\071\147\210\023\043\324\214"
-"\155\137\216\041\340\061\363\265\334\231\305\304\355\205\020\176"
-"\222\324\242\035\074\037\013\263\043\346\300\313\044\233\154\020"
-"\246\315\024\326\243\235\123\217\367\036\101\232\266\033\035\010"
-"\134\367\071\101\303\036\336\114\046\243\140\174\056\023\207\221"
-"\154\327\302\043\057\347\175\031\037\315\133\352\230\305\271\106"
-"\175\065\106\344\173\213\112\331\223\340\006\253\300\314\112\375"
-"\333\332\013\060\077\270\134\340\007\023\250\305\060\374\274\206"
-"\366\252\277\016\143\057\217\111\162\020\321\236\205\371\101\355"
-"\110\074\170\014\375\240\052\006\033\257\323\335\147\057\354\110"
-"\057\121\111\066\042\267\110\315\111\357\002\003\001\000\001\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202"
-"\001\001\000\250\334\263\040\056\375\127\110\020\017\346\215\140"
-"\122\033\166\035\234\146\240\157\372\150\006\330\247\234\313\241"
-"\014\216\045\350\256\307\337\072\160\255\251\370\052\044\274\274"
-"\307\252\307\011\267\273\020\351\037\132\325\242\001\106\213\005"
-"\304\243\165\111\013\100\307\261\153\237\333\130\026\143\062\204"
-"\132\020\215\142\226\253\230\146\233\272\372\126\010\033\272\142"
-"\363\357\071\153\374\144\261\311\256\357\136\224\341\242\200\371"
-"\010\203\026\022\066\226\331\011\220\331\230\072\257\075\205\330"
-"\221\052\222\034\134\271\314\325\134\163\070\216\173\163\122\014"
-"\272\237\362\216\277\310\174\012\023\272\162\221\240\073\040\357"
-"\211\052\303\014\200\151\126\163\020\364\140\031\340\036\026\112"
-"\144\253\374\106\072\320\013\323\227\261\134\331\234\254\030\072"
-"\040\007\172\042\371\267\020\145\272\354\346\123\324\252\344\303"
-"\101\274\233\337\302\335\232\001\106\324\216\105\355\311\312\026"
-"\064\204\215\062\124\074\124\142\220\215\032\146\122\315\372\034"
-"\314\014\374\261\343\223\310\247\331\353\150\143\217\320\176\056"
-"\055\335\051"
-, (PRUint32)771 }
-};
-static const NSSItem nss_builtins_items_137 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert Root CA v1", (PRUint32)17 },
- { (void *)"\252\070\226\073\042\304\350\333\032\031\107\202\076\257\220\003"
-"\207\102\254\345"
-, (PRUint32)20 },
- { (void *)"\111\216\265\061\147\112\303\226\274\213\257\160\026\303\005\111"
-, (PRUint32)16 },
- { (void *)"\060\076\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\031\060\027\006\003\125\004\013\023\020"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061"
-, (PRUint32)64 },
- { (void *)"\012\001\001\001\000\000\002\174\000\000\000\004\000\000\000\002"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_138 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert Root CA v1 1024", (PRUint32)22 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\103\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\036\060\034\006\003\125\004\013\023\025"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061"
-"\040\061\060\062\064"
-, (PRUint32)69 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\103\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\036\060\034\006\003\125\004\013\023\025"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061"
-"\040\061\060\062\064"
-, (PRUint32)69 },
- { (void *)"\012\001\001\001\000\000\002\174\000\000\000\005\000\000\000\002"
-, (PRUint32)16 },
- { (void *)"\060\202\002\004\060\202\001\155\002\020\012\001\001\001\000\000"
-"\002\174\000\000\000\005\000\000\000\002\060\015\006\011\052\206"
-"\110\206\367\015\001\001\005\005\000\060\103\061\041\060\037\006"
-"\003\125\004\012\023\030\130\143\145\162\164\040\111\156\164\145"
-"\162\156\141\164\151\157\156\141\154\040\111\156\143\056\061\036"
-"\060\034\006\003\125\004\013\023\025\130\143\145\162\164\040\122"
-"\157\157\164\040\103\101\040\166\061\040\061\060\062\064\060\036"
-"\027\015\060\060\060\070\061\070\061\070\065\060\065\066\132\027"
-"\015\062\065\060\070\061\065\061\071\060\061\060\070\132\060\103"
-"\061\041\060\037\006\003\125\004\012\023\030\130\143\145\162\164"
-"\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\111"
-"\156\143\056\061\036\060\034\006\003\125\004\013\023\025\130\143"
-"\145\162\164\040\122\157\157\164\040\103\101\040\166\061\040\061"
-"\060\062\064\060\201\237\060\015\006\011\052\206\110\206\367\015"
-"\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000"
-"\247\011\303\322\251\246\031\160\354\051\351\105\173\066\340\352"
-"\076\311\231\160\100\321\266\140\364\335\043\307\131\171\235\036"
-"\245\276\065\143\000\346\300\056\154\100\123\346\321\166\106\361"
-"\240\313\203\105\124\230\031\317\173\232\070\370\164\063\063\077"
-"\251\045\040\050\046\135\050\161\106\206\040\075\060\053\253\346"
-"\115\372\077\352\104\100\114\373\163\324\334\226\164\364\116\344"
-"\152\035\033\227\240\174\060\341\300\163\266\015\242\167\172\361"
-"\030\370\112\161\161\236\370\250\165\376\142\370\252\075\317\175"
-"\002\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001"
-"\001\005\005\000\003\201\201\000\173\323\325\114\177\114\242\176"
-"\174\327\126\141\331\225\230\205\212\327\111\334\214\107\252\007"
-"\354\270\333\171\044\236\347\245\222\127\146\011\217\024\260\376"
-"\004\362\275\121\020\270\070\303\241\022\333\220\203\176\265\143"
-"\130\253\063\255\227\036\106\120\102\020\254\310\253\055\035\065"
-"\154\306\346\103\120\050\003\241\254\373\021\225\377\351\325\112"
-"\017\221\345\003\344\210\060\074\034\166\321\227\360\012\324\207"
-"\240\014\232\217\141\316\332\176\162\263\073\120\300\200\204\017"
-"\041\040\224\150\052\332\214\276"
-, (PRUint32)520 }
-};
-static const NSSItem nss_builtins_items_139 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert Root CA v1 1024", (PRUint32)22 },
- { (void *)"\042\072\107\064\216\347\211\332\165\206\073\031\062\260\146\340"
-"\264\121\247\064"
-, (PRUint32)20 },
- { (void *)"\100\212\076\322\066\036\040\237\374\055\066\253\350\371\202\062"
-, (PRUint32)16 },
- { (void *)"\060\103\061\041\060\037\006\003\125\004\012\023\030\130\143\145"
-"\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154"
-"\040\111\156\143\056\061\036\060\034\006\003\125\004\013\023\025"
-"\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061"
-"\040\061\060\062\064"
-, (PRUint32)69 },
- { (void *)"\012\001\001\001\000\000\002\174\000\000\000\005\000\000\000\002"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_140 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert EZ", (PRUint32)9 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\214\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\030\060\026\006\003\125\004"
-"\012\023\017\130\143\145\162\164\040\105\132\040\142\171\040\104"
-"\123\124\061\030\060\026\006\003\125\004\003\023\017\130\143\145"
-"\162\164\040\105\132\040\142\171\040\104\123\124\061\041\060\037"
-"\006\011\052\206\110\206\367\015\001\011\001\026\022\143\141\100"
-"\144\151\147\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)143 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\214\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\030\060\026\006\003\125\004"
-"\012\023\017\130\143\145\162\164\040\105\132\040\142\171\040\104"
-"\123\124\061\030\060\026\006\003\125\004\003\023\017\130\143\145"
-"\162\164\040\105\132\040\142\171\040\104\123\124\061\041\060\037"
-"\006\011\052\206\110\206\367\015\001\011\001\026\022\143\141\100"
-"\144\151\147\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)143 },
- { (void *)"\000\320\036\100\220\000\000\047\113\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
- { (void *)"\060\202\003\370\060\202\002\340\240\003\002\001\002\002\021\000"
-"\320\036\100\220\000\000\047\113\000\000\000\001\000\000\000\004"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\214\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061\027"
-"\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141"
-"\153\145\040\103\151\164\171\061\030\060\026\006\003\125\004\012"
-"\023\017\130\143\145\162\164\040\105\132\040\142\171\040\104\123"
-"\124\061\030\060\026\006\003\125\004\003\023\017\130\143\145\162"
-"\164\040\105\132\040\142\171\040\104\123\124\061\041\060\037\006"
-"\011\052\206\110\206\367\015\001\011\001\026\022\143\141\100\144"
-"\151\147\163\151\147\164\162\165\163\164\056\143\157\155\060\036"
-"\027\015\071\071\060\067\061\064\061\066\061\064\061\070\132\027"
-"\015\060\071\060\067\061\061\061\066\061\064\061\070\132\060\201"
-"\214\061\013\060\011\006\003\125\004\006\023\002\125\123\061\015"
-"\060\013\006\003\125\004\010\023\004\125\164\141\150\061\027\060"
-"\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153"
-"\145\040\103\151\164\171\061\030\060\026\006\003\125\004\012\023"
-"\017\130\143\145\162\164\040\105\132\040\142\171\040\104\123\124"
-"\061\030\060\026\006\003\125\004\003\023\017\130\143\145\162\164"
-"\040\105\132\040\142\171\040\104\123\124\061\041\060\037\006\011"
-"\052\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151"
-"\147\163\151\147\164\162\165\163\164\056\143\157\155\060\202\001"
-"\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000"
-"\003\202\001\017\000\060\202\001\012\002\202\001\001\000\255\124"
-"\030\336\264\277\367\255\350\164\252\355\213\174\217\302\324\165"
-"\032\325\204\271\266\142\374\211\357\344\227\141\222\373\035\270"
-"\341\132\107\064\236\236\006\042\373\323\352\070\313\270\213\007"
-"\367\032\240\027\167\007\132\060\034\324\051\070\040\327\047\100"
-"\330\120\223\103\277\322\030\242\051\166\005\162\252\153\266\151"
-"\230\253\171\036\034\145\365\152\213\374\305\026\252\242\162\332"
-"\140\355\116\156\031\045\172\012\035\060\343\120\233\102\074\104"
-"\353\241\260\040\036\333\002\176\376\075\037\277\320\000\212\333"
-"\100\166\246\030\245\025\247\127\266\122\302\001\027\230\167\217"
-"\212\201\306\032\264\152\052\346\257\251\326\000\254\317\330\025"
-"\111\174\333\033\241\376\201\372\207\371\323\220\301\002\300\371"
-"\320\102\351\221\150\045\137\306\277\207\071\351\225\000\140\050"
-"\277\203\054\300\347\136\266\327\066\026\347\140\207\166\350\347"
-"\047\262\045\015\213\172\345\252\035\345\131\315\316\013\016\157"
-"\306\310\234\343\020\331\205\071\323\267\233\372\306\272\174\164"
-"\322\135\165\126\253\164\244\242\121\277\122\174\356\161\002\003"
-"\001\000\001\243\123\060\121\060\017\006\003\125\035\023\001\001"
-"\377\004\005\060\003\001\001\377\060\037\006\003\125\035\043\004"
-"\030\060\026\200\024\010\040\154\146\353\201\012\154\134\325\265"
-"\246\074\101\335\034\226\221\047\167\060\035\006\003\125\035\016"
-"\004\026\004\024\010\040\154\146\353\201\012\154\134\325\265\246"
-"\074\101\335\034\226\221\047\167\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\132\207\130\217"
-"\055\253\166\041\153\124\014\331\361\101\366\116\315\053\236\343"
-"\037\233\243\055\177\331\053\175\130\310\147\244\051\365\351\354"
-"\325\275\226\077\243\163\370\304\133\066\174\320\143\054\064\071"
-"\233\110\270\075\157\366\024\305\236\143\346\247\064\156\323\350"
-"\063\263\307\074\030\156\043\256\103\222\231\077\230\305\151\060"
-"\361\066\073\255\271\060\202\326\266\131\026\226\002\013\051\022"
-"\141\264\021\211\367\014\057\224\220\205\230\050\234\123\154\176"
-"\143\335\163\364\031\377\112\201\321\262\122\043\375\074\112\064"
-"\316\132\033\340\120\212\355\117\201\225\330\140\347\344\304\015"
-"\273\130\076\130\367\116\150\157\076\147\311\313\172\227\026\047"
-"\354\102\141\024\166\273\000\305\353\010\075\025\177\113\266\042"
-"\135\207\073\220\364\363\300\376\067\263\351\331\142\014\300\303"
-"\131\257\140\275\037\015\333\241\064\037\060\304\075\213\255\260"
-"\035\004\223\355\137\325\344\277\040\060\004\364\110\351\063\001"
-"\321\056\220\047\122\263\233\336\072\034\253\251\227\177\233\353"
-"\302\215\302\155\354\334\023\323\106\305\171\174"
-, (PRUint32)1020 }
-};
-static const NSSItem nss_builtins_items_141 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Xcert EZ", (PRUint32)9 },
- { (void *)"\150\355\030\263\011\315\122\221\300\323\065\174\035\021\101\277"
-"\210\070\146\261"
-, (PRUint32)20 },
- { (void *)"\202\022\367\211\341\013\221\140\244\266\042\237\224\150\021\222"
-, (PRUint32)16 },
- { (void *)"\060\201\214\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061"
-"\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114"
-"\141\153\145\040\103\151\164\171\061\030\060\026\006\003\125\004"
-"\012\023\017\130\143\145\162\164\040\105\132\040\142\171\040\104"
-"\123\124\061\030\060\026\006\003\125\004\003\023\017\130\143\145"
-"\162\164\040\105\132\040\142\171\040\104\123\124\061\041\060\037"
-"\006\011\052\206\110\206\367\015\001\011\001\026\022\143\141\100"
-"\144\151\147\163\151\147\164\162\165\163\164\056\143\157\155"
-, (PRUint32)143 },
- { (void *)"\000\320\036\100\220\000\000\047\113\000\000\000\001\000\000\000"
-"\004"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_142 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"CertEngine CA", (PRUint32)14 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\103\145\162\164\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\143"
-"\145\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\143\145\162"
-"\164\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\103\145\162\164\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\143"
-"\145\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\143\145\162"
-"\164\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\003\335\060\202\002\305\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101\061"
-"\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016"
-"\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\030"
-"\060\026\006\003\125\004\012\023\017\103\145\162\164\105\156\147"
-"\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125\004"
-"\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151\163"
-"\151\157\156\061\023\060\021\006\003\125\004\003\023\012\143\145"
-"\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052\206"
-"\110\206\367\015\001\011\001\026\021\143\141\100\143\145\162\164"
-"\145\156\147\151\156\145\056\143\157\155\060\036\027\015\071\070"
-"\060\061\060\061\060\060\060\060\060\060\132\027\015\063\070\060"
-"\061\061\067\060\060\060\060\060\060\132\060\201\250\061\013\060"
-"\011\006\003\125\004\006\023\002\103\101\061\013\060\011\006\003"
-"\125\004\010\023\002\117\116\061\020\060\016\006\003\125\004\007"
-"\023\007\124\157\162\157\156\164\157\061\030\060\026\006\003\125"
-"\004\012\023\017\103\145\162\164\105\156\147\151\156\145\040\111"
-"\156\143\056\061\051\060\047\006\003\125\004\013\023\040\103\145"
-"\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150"
-"\157\162\151\164\171\040\104\151\166\151\163\151\157\156\061\023"
-"\060\021\006\003\125\004\003\023\012\143\145\162\164\145\156\147"
-"\151\156\145\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\143\141\100\143\145\162\164\145\156\147\151\156"
-"\145\056\143\157\155\060\202\001\042\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001"
-"\012\002\202\001\001\000\355\244\327\121\024\241\151\345\155\366"
-"\357\335\077\164\066\165\130\233\336\064\302\146\361\062\163\254"
-"\237\244\150\032\141\147\260\135\153\217\340\163\222\174\216\041"
-"\031\226\345\156\231\176\167\062\134\351\030\341\107\352\140\270"
-"\204\155\155\076\105\044\037\022\044\150\321\252\213\243\004\103"
-"\220\073\033\125\265\315\237\214\317\103\252\035\042\072\363\026"
-"\131\056\233\273\021\306\347\221\225\254\160\020\150\356\107\134"
-"\104\234\051\000\132\365\234\215\232\224\227\075\061\001\254\063"
-"\036\217\123\200\030\351\034\347\156\077\115\232\340\024\361\170"
-"\002\042\113\056\114\102\160\377\015\273\065\012\225\155\326\314"
-"\323\022\112\200\255\216\105\012\313\214\043\110\271\100\130\041"
-"\114\321\077\103\177\257\376\147\306\124\101\074\307\240\240\203"
-"\235\301\371\102\174\247\167\260\345\073\002\220\330\234\060\305"
-"\030\130\032\041\225\115\103\164\031\112\273\250\015\165\221\155"
-"\376\276\166\305\172\302\220\136\201\172\243\143\325\307\333\066"
-"\141\173\342\043\143\127\135\110\331\322\225\147\262\161\102\163"
-"\216\117\233\305\350\217\002\003\001\000\001\243\020\060\016\060"
-"\014\006\003\125\035\023\004\005\060\003\001\001\377\060\015\006"
-"\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001"
-"\000\117\375\241\316\050\235\064\002\114\334\364\165\214\325\175"
-"\364\206\125\231\024\026\220\213\212\152\017\205\041\223\317\251"
-"\053\074\360\024\376\103\104\260\116\317\304\330\005\273\135\136"
-"\264\272\207\025\114\257\153\052\132\150\125\222\354\236\245\150"
-"\107\145\254\312\033\041\330\377\055\005\154\345\354\173\000\025"
-"\325\014\161\113\054\173\275\357\075\244\042\257\343\374\064\255"
-"\007\017\367\136\242\035\317\030\375\060\251\233\076\336\041\066"
-"\267\030\207\176\360\177\327\115\240\142\360\140\151\365\177\116"
-"\303\311\266\344\131\204\007\123\123\371\342\160\171\373\337\164"
-"\252\060\217\056\055\112\212\312\165\157\336\046\312\161\066\344"
-"\322\104\151\224\313\301\273\325\156\135\142\370\051\002\134\172"
-"\231\331\307\313\074\104\032\364\130\064\322\066\155\055\042\175"
-"\170\033\020\123\126\251\046\254\366\255\370\171\256\112\072\231"
-"\011\273\304\377\053\045\337\111\276\253\074\353\001\111\275\055"
-"\300\312\060\300\153\102\124\175\202\340\274\077\363\072\064\022"
-"\070\114\245\063\254\075\253\233\343\117\017\255\237\215\103\146"
-"\345"
-, (PRUint32)993 }
-};
-static const NSSItem nss_builtins_items_143 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"CertEngine CA", (PRUint32)14 },
- { (void *)"\301\202\340\336\254\032\145\113\262\022\013\204\012\205\326\300"
-"\267\077\264\154"
-, (PRUint32)20 },
- { (void *)"\072\276\220\341\242\032\164\211\157\217\240\057\040\204\350\123"
-, (PRUint32)16 },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\103\145\162\164\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\143"
-"\145\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\143\145\162"
-"\164\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_144 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"BankEngine CA", (PRUint32)14 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\102\141\156\153\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\142"
-"\141\156\153\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\142\141\156"
-"\153\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\102\141\156\153\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\142"
-"\141\156\153\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\142\141\156"
-"\153\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\003\335\060\202\002\305\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101\061"
-"\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016"
-"\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\030"
-"\060\026\006\003\125\004\012\023\017\102\141\156\153\105\156\147"
-"\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125\004"
-"\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151\163"
-"\151\157\156\061\023\060\021\006\003\125\004\003\023\012\142\141"
-"\156\153\145\156\147\151\156\145\061\040\060\036\006\011\052\206"
-"\110\206\367\015\001\011\001\026\021\143\141\100\142\141\156\153"
-"\145\156\147\151\156\145\056\143\157\155\060\036\027\015\071\070"
-"\060\061\060\061\060\060\060\060\060\060\132\027\015\063\070\060"
-"\061\061\067\060\060\060\060\060\060\132\060\201\250\061\013\060"
-"\011\006\003\125\004\006\023\002\103\101\061\013\060\011\006\003"
-"\125\004\010\023\002\117\116\061\020\060\016\006\003\125\004\007"
-"\023\007\124\157\162\157\156\164\157\061\030\060\026\006\003\125"
-"\004\012\023\017\102\141\156\153\105\156\147\151\156\145\040\111"
-"\156\143\056\061\051\060\047\006\003\125\004\013\023\040\103\145"
-"\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150"
-"\157\162\151\164\171\040\104\151\166\151\163\151\157\156\061\023"
-"\060\021\006\003\125\004\003\023\012\142\141\156\153\145\156\147"
-"\151\156\145\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\143\141\100\142\141\156\153\145\156\147\151\156"
-"\145\056\143\157\155\060\202\001\042\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001"
-"\012\002\202\001\001\000\327\202\350\115\100\045\327\370\104\313"
-"\342\241\326\102\307\210\027\126\333\060\367\127\202\041\063\274"
-"\161\115\122\254\142\302\007\347\251\353\353\320\023\114\214\124"
-"\077\176\236\107\067\231\327\176\352\267\120\061\034\130\303\012"
-"\047\144\336\155\124\227\251\171\364\372\350\075\354\135\262\122"
-"\313\063\151\351\063\167\366\162\327\240\372\332\062\211\210\222"
-"\020\222\243\313\062\056\327\021\165\217\332\263\032\114\246\111"
-"\217\370\016\305\313\144\331\075\025\247\063\304\311\077\072\207"
-"\072\072\315\114\334\013\336\254\276\025\033\212\330\041\276\237"
-"\171\035\366\160\202\211\365\015\137\032\354\212\223\270\251\253"
-"\125\320\174\365\274\153\304\340\145\326\307\155\356\324\364\151"
-"\067\211\253\006\060\161\357\245\037\104\247\171\206\156\007\123"
-"\271\017\174\110\021\056\043\007\265\005\100\206\203\363\027\245"
-"\134\270\360\303\127\174\003\050\264\030\006\303\212\145\367\052"
-"\222\214\311\342\330\120\176\023\324\075\014\161\154\331\030\027"
-"\062\254\312\272\217\063\160\374\112\307\151\031\350\012\343\363"
-"\355\273\167\015\234\225\002\003\001\000\001\243\020\060\016\060"
-"\014\006\003\125\035\023\004\005\060\003\001\001\377\060\015\006"
-"\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001"
-"\000\132\272\352\107\137\321\041\244\057\353\347\267\172\157\231"
-"\044\171\153\350\202\174\110\077\337\377\114\356\042\303\172\233"
-"\314\205\304\220\365\346\046\154\025\316\134\350\050\225\252\213"
-"\046\276\153\015\175\110\375\076\033\240\263\260\123\201\243\377"
-"\136\206\154\376\205\237\033\205\205\370\062\071\126\315\176\156"
-"\116\171\041\317\136\366\217\327\316\005\111\253\115\123\344\161"
-"\022\054\353\070\302\017\223\320\000\152\001\074\375\177\145\334"
-"\266\067\176\245\147\105\073\226\015\073\072\230\253\217\374\211"
-"\075\042\136\063\150\364\177\002\005\002\272\042\125\311\057\165"
-"\075\001\127\000\172\113\367\017\150\004\006\076\010\133\156\275"
-"\130\031\051\230\254\312\342\112\377\066\344\202\311\121\374\163"
-"\254\226\056\234\144\175\026\046\075\071\276\376\217\002\160\211"
-"\223\022\340\054\122\076\113\156\267\032\377\336\023\257\257\137"
-"\200\055\056\310\161\126\244\206\020\067\076\346\100\045\267\107"
-"\025\027\045\107\332\214\063\306\201\234\026\146\177\345\057\334"
-"\255\356\205\077\224\007\074\330\353\236\024\365\210\265\045\211"
-"\300"
-, (PRUint32)993 }
-};
-static const NSSItem nss_builtins_items_145 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"BankEngine CA", (PRUint32)14 },
- { (void *)"\174\366\047\174\203\221\226\137\011\161\303\227\066\111\273\003"
-"\233\175\076\211"
-, (PRUint32)20 },
- { (void *)"\077\126\162\302\341\064\321\166\123\063\106\341\215\272\223\166"
-, (PRUint32)16 },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\102\141\156\153\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\142"
-"\141\156\153\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\142\141\156"
-"\153\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_146 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"FortEngine CA", (PRUint32)14 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\106\157\162\164\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\146"
-"\157\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\146\157\162"
-"\164\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\106\157\162\164\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\146"
-"\157\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\146\157\162"
-"\164\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\005\335\060\202\003\305\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101\061"
-"\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016"
-"\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\030"
-"\060\026\006\003\125\004\012\023\017\106\157\162\164\105\156\147"
-"\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125\004"
-"\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151\163"
-"\151\157\156\061\023\060\021\006\003\125\004\003\023\012\146\157"
-"\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052\206"
-"\110\206\367\015\001\011\001\026\021\143\141\100\146\157\162\164"
-"\145\156\147\151\156\145\056\143\157\155\060\036\027\015\071\070"
-"\060\061\060\061\060\060\060\060\060\060\132\027\015\063\070\060"
-"\061\061\067\060\060\060\060\060\060\132\060\201\250\061\013\060"
-"\011\006\003\125\004\006\023\002\103\101\061\013\060\011\006\003"
-"\125\004\010\023\002\117\116\061\020\060\016\006\003\125\004\007"
-"\023\007\124\157\162\157\156\164\157\061\030\060\026\006\003\125"
-"\004\012\023\017\106\157\162\164\105\156\147\151\156\145\040\111"
-"\156\143\056\061\051\060\047\006\003\125\004\013\023\040\103\145"
-"\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150"
-"\157\162\151\164\171\040\104\151\166\151\163\151\157\156\061\023"
-"\060\021\006\003\125\004\003\023\012\146\157\162\164\145\156\147"
-"\151\156\145\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\143\141\100\146\157\162\164\145\156\147\151\156"
-"\145\056\143\157\155\060\202\002\042\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002"
-"\012\002\202\002\001\000\312\276\306\156\234\003\307\035\157\334"
-"\106\033\243\110\034\073\351\142\200\110\145\016\241\266\173\273"
-"\277\001\265\206\241\120\052\163\317\252\351\253\224\045\113\163"
-"\342\056\350\207\114\215\151\333\265\243\331\051\135\157\263\236"
-"\110\016\323\071\153\202\061\254\222\252\214\073\132\050\246\234"
-"\323\045\321\162\374\377\040\107\254\165\042\353\367\221\153\127"
-"\072\354\360\074\361\043\277\117\113\132\130\162\046\303\176\241"
-"\116\063\265\065\137\323\262\064\103\334\330\272\227\050\015\016"
-"\174\134\244\141\170\217\112\164\060\166\015\204\246\307\054\000"
-"\131\042\320\300\207\206\321\006\273\202\372\044\171\011\151\222"
-"\011\004\013\273\342\021\347\011\337\276\166\051\160\111\036\170"
-"\173\002\316\165\233\031\345\246\141\272\260\074\272\354\111\142"
-"\034\074\071\264\161\023\106\246\355\236\307\006\006\073\044\031"
-"\000\152\107\234\155\357\344\047\236\330\131\254\337\007\044\160"
-"\350\153\334\340\031\352\141\302\054\341\220\276\070\225\162\305"
-"\140\257\126\345\170\105\155\271\160\331\317\246\001\301\344\242"
-"\104\142\300\076\302\075\342\050\310\075\232\374\227\060\336\176"
-"\141\172\002\223\224\330\135\340\021\106\124\136\211\107\270\005"
-"\070\131\066\101\361\327\212\336\156\266\033\042\217\325\341\227"
-"\265\200\201\005\052\056\010\040\017\323\051\206\243\337\342\166"
-"\072\350\346\124\045\137\131\262\140\176\101\372\174\122\054\301"
-"\321\140\016\172\006\234\264\245\162\106\241\355\105\257\212\040"
-"\105\320\134\333\131\202\067\046\062\117\102\142\103\364\234\206"
-"\312\266\002\227\150\176\276\365\123\007\064\352\362\012\161\104"
-"\356\224\254\270\365\044\312\231\334\025\140\207\031\047\242\024"
-"\355\360\343\016\011\341\313\045\267\020\100\015\014\361\175\033"
-"\271\051\231\345\116\204\015\355\265\151\043\364\067\326\325\127"
-"\023\226\343\254\227\052\350\350\377\071\072\231\334\200\376\072"
-"\246\344\121\320\040\322\010\043\104\247\023\203\031\313\035\337"
-"\300\154\314\311\350\373\034\224\060\337\355\302\354\321\144\245"
-"\304\314\120\107\374\371\154\324\223\326\263\155\117\332\354\212"
-"\375\223\072\027\357\010\034\116\364\003\243\006\052\016\360\362"
-"\316\323\175\207\114\321\002\003\001\000\001\243\020\060\016\060"
-"\014\006\003\125\035\023\004\005\060\003\001\001\377\060\015\006"
-"\011\052\206\110\206\367\015\001\001\005\005\000\003\202\002\001"
-"\000\127\040\151\075\147\323\331\123\262\275\132\154\224\142\261"
-"\362\035\076\011\143\374\162\051\162\200\144\155\144\236\135\000"
-"\234\334\377\375\121\020\001\335\274\257\223\201\236\005\243\075"
-"\335\250\170\127\043\344\115\067\101\151\316\345\232\140\310\326"
-"\145\064\264\220\011\234\071\013\206\143\123\250\340\361\245\074"
-"\162\066\326\223\163\333\332\005\015\062\153\321\231\213\004\236"
-"\011\051\133\004\332\312\011\203\236\143\166\117\114\144\160\073"
-"\053\377\373\034\177\121\262\152\326\144\341\071\015\220\345\257"
-"\032\172\372\166\242\306\023\060\236\123\312\052\053\010\313\321"
-"\215\145\103\352\031\325\026\000\023\035\007\360\124\125\123\145"
-"\065\116\123\265\152\110\135\100\245\061\337\032\371\352\012\160"
-"\213\101\171\205\350\302\101\316\006\230\247\076\100\327\335\311"
-"\105\014\205\037\132\054\064\106\215\074\263\304\253\254\132\221"
-"\361\054\360\156\270\371\331\173\365\104\316\172\240\152\202\216"
-"\171\057\045\313\161\212\023\203\127\263\134\247\032\000\026\062"
-"\031\242\100\350\233\112\272\314\372\353\115\113\013\025\012\057"
-"\076\132\057\163\174\071\206\140\013\210\063\054\205\244\357\023"
-"\131\346\334\373\047\343\044\076\026\124\104\361\352\123\146\264"
-"\042\040\154\251\146\106\102\352\127\063\322\146\032\302\347\226"
-"\161\070\130\130\141\141\124\156\044\265\014\316\216\063\121\260"
-"\334\150\245\157\226\355\301\165\315\004\361\211\145\003\237\022"
-"\012\112\076\340\265\324\066\216\053\233\304\101\041\175\126\240"
-"\257\300\314\264\007\034\065\124\331\125\104\151\032\056\172\116"
-"\233\116\072\352\055\255\072\252\013\355\206\276\045\270\206\134"
-"\157\166\371\256\100\335\016\225\171\124\303\074\366\116\274\134"
-"\025\251\215\236\340\071\342\126\160\377\306\253\056\334\154\026"
-"\141\353\162\163\360\347\177\265\262\233\246\054\075\022\345\111"
-"\061\034\333\270\322\036\213\041\132\131\317\161\376\322\262\363"
-"\270\132\037\115\370\262\062\067\037\053\140\062\035\004\340\120"
-"\046\354\256\370\015\270\260\320\121\274\205\031\127\041\164\125"
-"\044\207\073\127\334\070\104\126\174\147\236\272\130\340\025\143"
-"\101\324\352\130\213\360\356\121\245\112\340\302\217\021\020\000"
-"\347"
-, (PRUint32)1505 }
-};
-static const NSSItem nss_builtins_items_147 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"FortEngine CA", (PRUint32)14 },
- { (void *)"\101\101\246\125\070\252\007\017\342\231\174\272\223\237\274\221"
-"\355\012\034\116"
-, (PRUint32)20 },
- { (void *)"\225\015\273\365\336\111\267\072\266\302\311\233\100\106\036\155"
-, (PRUint32)16 },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\106\157\162\164\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\146"
-"\157\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\146\157\162"
-"\164\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_148 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"MailEngine CA", (PRUint32)14 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\115\141\151\154\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\155"
-"\141\151\154\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\155\141\151"
-"\154\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\115\141\151\154\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\155"
-"\141\151\154\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\155\141\151"
-"\154\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\003\335\060\202\002\305\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101\061"
-"\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016"
-"\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\030"
-"\060\026\006\003\125\004\012\023\017\115\141\151\154\105\156\147"
-"\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125\004"
-"\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157\156"
-"\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151\163"
-"\151\157\156\061\023\060\021\006\003\125\004\003\023\012\155\141"
-"\151\154\145\156\147\151\156\145\061\040\060\036\006\011\052\206"
-"\110\206\367\015\001\011\001\026\021\143\141\100\155\141\151\154"
-"\145\156\147\151\156\145\056\143\157\155\060\036\027\015\071\070"
-"\060\061\060\061\060\060\060\060\060\060\132\027\015\063\070\060"
-"\061\061\067\060\060\060\060\060\060\132\060\201\250\061\013\060"
-"\011\006\003\125\004\006\023\002\103\101\061\013\060\011\006\003"
-"\125\004\010\023\002\117\116\061\020\060\016\006\003\125\004\007"
-"\023\007\124\157\162\157\156\164\157\061\030\060\026\006\003\125"
-"\004\012\023\017\115\141\151\154\105\156\147\151\156\145\040\111"
-"\156\143\056\061\051\060\047\006\003\125\004\013\023\040\103\145"
-"\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150"
-"\157\162\151\164\171\040\104\151\166\151\163\151\157\156\061\023"
-"\060\021\006\003\125\004\003\023\012\155\141\151\154\145\156\147"
-"\151\156\145\061\040\060\036\006\011\052\206\110\206\367\015\001"
-"\011\001\026\021\143\141\100\155\141\151\154\145\156\147\151\156"
-"\145\056\143\157\155\060\202\001\042\060\015\006\011\052\206\110"
-"\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001"
-"\012\002\202\001\001\000\251\171\237\261\117\245\307\343\105\232"
-"\176\255\067\136\321\114\354\232\165\321\352\056\172\377\336\274"
-"\304\014\214\223\365\063\176\264\137\123\033\270\346\053\271\111"
-"\046\270\371\152\264\067\235\061\132\054\137\011\270\320\366\123"
-"\134\377\160\263\360\353\364\327\373\133\104\336\375\302\065\100"
-"\322\215\250\254\311\100\342\123\052\167\114\117\041\060\303\063"
-"\315\366\120\237\102\154\032\003\141\205\154\152\313\070\341\105"
-"\001\255\050\276\076\306\331\374\126\301\177\363\061\240\145\211"
-"\036\356\171\146\124\254\377\026\311\103\025\071\315\242\207\113"
-"\004\001\006\212\357\111\101\057\152\252\226\322\263\155\015\165"
-"\236\213\134\362\366\003\210\223\216\173\015\024\025\267\214\203"
-"\025\042\177\311\125\134\232\311\305\073\271\355\250\026\370\203"
-"\274\263\151\221\126\134\107\260\076\216\062\035\042\351\216\163"
-"\225\122\027\114\273\313\276\034\100\056\130\302\104\166\230\262"
-"\273\120\026\003\053\243\102\143\173\132\374\056\014\360\333\014"
-"\320\132\146\275\031\164\370\015\142\275\233\125\302\242\075\361"
-"\334\103\266\236\307\171\002\003\001\000\001\243\020\060\016\060"
-"\014\006\003\125\035\023\004\005\060\003\001\001\377\060\015\006"
-"\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001"
-"\000\043\174\331\371\004\054\361\312\120\103\152\101\120\031\142"
-"\204\374\376\067\075\030\233\060\341\063\175\336\376\017\066\330"
-"\130\207\244\243\075\342\323\100\360\240\175\333\352\076\040\302"
-"\120\311\104\003\252\341\321\172\374\373\177\270\023\207\016\217"
-"\350\247\347\237\373\321\053\230\243\335\371\350\127\067\330\167"
-"\355\006\334\161\070\063\354\073\125\300\016\042\106\120\321\056"
-"\273\276\046\345\363\117\343\254\010\173\205\144\303\213\047\342"
-"\203\330\220\006\207\165\272\360\230\335\160\271\053\225\312\155"
-"\001\115\060\163\226\216\034\363\337\020\027\110\152\037\062\361"
-"\013\115\315\164\125\316\200\155\363\074\357\200\040\021\221\174"
-"\123\113\153\277\365\006\227\107\130\114\057\102\155\016\004\022"
-"\111\326\172\051\337\022\067\254\263\253\020\376\156\346\003\346"
-"\303\237\046\150\301\027\371\367\226\241\107\064\301\347\234\145"
-"\362\331\060\027\146\322\000\133\067\337\123\160\064\160\143\301"
-"\067\241\131\323\156\232\363\241\333\027\125\370\223\354\154\316"
-"\026\311\273\370\244\163\074\256\132\160\211\042\015\337\115\204"
-"\203"
-, (PRUint32)993 }
-};
-static const NSSItem nss_builtins_items_149 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"MailEngine CA", (PRUint32)14 },
- { (void *)"\052\175\170\152\226\012\241\132\305\231\364\361\115\344\004\057"
-"\271\134\173\220"
-, (PRUint32)20 },
- { (void *)"\257\331\256\074\245\337\007\060\040\273\005\006\306\111\161\123"
-, (PRUint32)16 },
- { (void *)"\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\030\060\026\006\003\125\004\012\023\017\115\141\151\154\105\156"
-"\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125"
-"\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157"
-"\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151"
-"\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\155"
-"\141\151\154\145\156\147\151\156\145\061\040\060\036\006\011\052"
-"\206\110\206\367\015\001\011\001\026\021\143\141\100\155\141\151"
-"\154\145\156\147\151\156\145\056\143\157\155"
-, (PRUint32)171 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_150 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TraderEngine CA", (PRUint32)16 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\032\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162"
-"\105\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006"
-"\003\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151"
-"\166\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023"
-"\014\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060"
-"\040\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141"
-"\100\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157"
-"\155"
-, (PRUint32)177 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\032\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162"
-"\105\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006"
-"\003\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151"
-"\166\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023"
-"\014\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060"
-"\040\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141"
-"\100\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157"
-"\155"
-, (PRUint32)177 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\003\351\060\202\002\321\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101\061"
-"\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016"
-"\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\032"
-"\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162\105"
-"\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003"
-"\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166"
-"\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023\014"
-"\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060\040"
-"\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141\100"
-"\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157\155"
-"\060\036\027\015\071\070\060\061\060\061\060\060\060\060\060\060"
-"\132\027\015\063\070\060\061\061\067\060\060\060\060\060\060\132"
-"\060\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\032\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162"
-"\105\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006"
-"\003\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151"
-"\166\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023"
-"\014\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060"
-"\040\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141"
-"\100\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157"
-"\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\317\045\371\100\117\271\110\337\263\200\331\365\277\174"
-"\351\364\171\217\342\024\016\131\157\026\270\105\110\265\225\117"
-"\365\273\177\306\076\115\170\227\165\223\043\313\375\052\247\027"
-"\152\207\160\275\350\377\276\053\320\146\271\345\242\207\236\054"
-"\012\142\004\023\226\236\104\054\147\320\347\257\020\101\343\175"
-"\304\322\007\265\105\336\112\322\075\314\043\131\311\220\276\341"
-"\212\216\155\323\021\376\053\312\003\365\254\055\365\025\062\135"
-"\245\127\222\163\044\234\365\004\341\064\200\241\030\210\114\263"
-"\200\212\271\240\274\344\077\371\216\136\201\321\275\144\231\017"
-"\140\364\170\166\010\073\272\057\127\147\251\124\122\273\203\272"
-"\176\164\056\020\241\342\024\022\130\276\030\137\314\312\017\074"
-"\165\137\352\232\057\222\311\267\044\331\022\317\135\257\015\207"
-"\156\377\021\065\120\356\101\065\021\247\346\307\261\062\012\242"
-"\041\033\356\145\300\220\062\334\174\007\120\034\000\142\354\343"
-"\212\346\163\346\120\374\151\011\253\361\042\256\277\055\336\070"
-"\177\122\124\336\160\207\166\001\226\263\106\301\064\255\220\104"
-"\225\057\002\003\001\000\001\243\020\060\016\060\014\006\003\125"
-"\035\023\004\005\060\003\001\001\377\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\202\001\001\000\026\070\360"
-"\024\205\227\167\307\321\020\210\122\134\273\021\123\061\337\152"
-"\153\030\034\256\040\263\046\303\072\017\336\254\140\151\050\367"
-"\024\336\056\025\377\226\275\133\226\045\130\043\220\045\272\232"
-"\013\134\007\114\314\141\311\220\350\032\116\052\312\215\005\353"
-"\027\331\362\230\067\124\130\247\267\116\154\006\241\276\164\327"
-"\251\320\224\176\352\104\253\306\073\170\144\153\112\316\031\022"
-"\266\123\375\211\117\376\020\247\310\207\374\061\142\351\314\214"
-"\270\375\052\362\176\270\110\011\061\145\162\363\122\341\120\136"
-"\247\373\123\364\215\217\066\375\134\224\004\040\007\143\247\267"
-"\230\167\164\033\342\060\354\015\305\364\026\262\214\027\126\225"
-"\257\107\102\016\164\273\152\156\326\115\163\330\010\061\235\112"
-"\103\340\020\161\055\055\202\030\037\171\131\247\233\012\165\126"
-"\175\302\136\005\321\143\105\221\025\221\122\276\300\134\370\360"
-"\347\113\213\231\103\146\050\047\174\045\222\314\030\015\123\104"
-"\324\223\213\265\075\021\312\326\267\103\244\061\151\273\341\075"
-"\226\126\160\040\066\300\357\331\152\326\260\147\343"
-, (PRUint32)1005 }
-};
-static const NSSItem nss_builtins_items_151 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"TraderEngine CA", (PRUint32)16 },
- { (void *)"\226\137\006\006\205\177\333\000\352\163\325\301\271\274\232\264"
-"\350\273\231\263"
-, (PRUint32)20 },
- { (void *)"\165\061\224\331\224\242\361\006\237\230\167\323\037\336\157\372"
-, (PRUint32)16 },
- { (void *)"\060\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101"
-"\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060"
-"\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061"
-"\032\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162"
-"\105\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006"
-"\003\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151"
-"\166\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023"
-"\014\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060"
-"\040\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141"
-"\100\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157"
-"\155"
-, (PRUint32)177 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_152 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"USPS Root", (PRUint32)10 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144"
-"\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123"
-"\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023"
-"\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120"
-"\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123"
-"\040\122\157\157\164\040\103\101"
-, (PRUint32)104 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144"
-"\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123"
-"\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023"
-"\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120"
-"\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123"
-"\040\122\157\157\164\040\103\101"
-, (PRUint32)104 },
- { (void *)"\047\204"
-, (PRUint32)2 },
- { (void *)"\060\202\003\132\060\202\002\303\240\003\002\001\002\002\002\047"
-"\204\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144"
-"\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123"
-"\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023"
-"\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120"
-"\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123"
-"\040\122\157\157\164\040\103\101\060\036\027\015\060\061\060\064"
-"\061\063\061\066\063\070\065\060\132\027\015\062\060\060\070\061"
-"\064\061\071\060\060\060\060\132\060\146\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\045\060\043\006\003\125\004\012"
-"\023\034\125\156\151\164\145\144\040\123\164\141\164\145\163\040"
-"\120\157\163\164\141\154\040\123\145\162\166\151\143\145\061\031"
-"\060\027\006\003\125\004\013\023\020\167\167\167\056\165\163\160"
-"\163\056\143\157\155\057\103\120\123\061\025\060\023\006\003\125"
-"\004\003\023\014\125\123\120\123\040\122\157\157\164\040\103\101"
-"\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001"
-"\005\000\003\201\215\000\060\201\211\002\201\201\000\267\251\045"
-"\254\143\332\260\222\317\224\066\260\004\377\026\156\166\004\133"
-"\365\306\074\237\306\271\102\046\125\373\223\161\205\021\145\311"
-"\141\047\210\304\136\233\376\052\170\112\122\152\105\237\250\373"
-"\221\264\343\046\135\365\103\024\046\271\336\074\155\054\146\365"
-"\123\175\336\344\126\127\262\242\171\365\341\264\332\152\367\044"
-"\345\263\050\376\236\167\226\342\016\307\005\003\314\351\121\366"
-"\226\374\021\300\226\055\163\065\377\130\163\137\362\110\065\345"
-"\104\113\320\176\325\000\036\204\155\330\045\330\321\002\003\001"
-"\000\001\243\202\001\025\060\202\001\021\060\154\006\003\125\035"
-"\040\004\145\060\143\060\013\006\011\140\206\110\001\206\371\155"
-"\146\001\060\013\006\011\140\206\110\001\206\371\155\146\002\060"
-"\013\006\011\140\206\110\001\206\371\155\146\003\060\013\006\011"
-"\140\206\110\001\206\371\155\146\004\060\013\006\011\140\206\110"
-"\001\206\371\155\146\005\060\013\006\011\140\206\110\001\206\371"
-"\155\146\006\060\013\006\011\140\206\110\001\206\371\155\146\007"
-"\060\006\006\004\125\035\040\000\060\035\006\003\125\035\016\004"
-"\026\004\024\323\316\202\164\363\057\113\211\140\162\244\136\021"
-"\277\137\165\003\242\002\253\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\323\316\202\164\363\057\113\211\140\162\244\136"
-"\021\277\137\165\003\242\002\253\060\035\006\003\125\035\022\004"
-"\026\060\024\201\022\162\157\157\164\061\060\060\060\061\100\165"
-"\163\160\163\056\143\157\155\060\041\006\003\125\035\021\004\032"
-"\060\030\201\026\143\141\141\144\155\151\156\100\145\155\141\151"
-"\154\056\165\163\160\163\056\143\157\155\060\016\006\003\125\035"
-"\017\001\001\377\004\004\003\002\001\306\060\017\006\003\125\035"
-"\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011\052"
-"\206\110\206\367\015\001\001\005\005\000\003\201\201\000\065\061"
-"\212\231\336\052\270\273\344\157\330\351\320\215\337\101\136\110"
-"\047\217\146\205\026\022\263\107\023\353\001\011\176\076\370\125"
-"\065\065\205\012\117\263\350\202\247\257\255\227\135\206\116\327"
-"\267\255\254\217\240\240\124\113\245\117\364\165\007\273\057\056"
-"\031\033\036\216\355\155\113\325\115\203\310\166\227\127\206\366"
-"\044\102\005\365\262\354\026\357\274\354\275\346\220\154\217\222"
-"\263\033\031\147\046\072\257\245\307\036\362\364\165\116\151\331"
-"\273\373\017\154\134\072\310\335\255\216\012\227\035\217"
-, (PRUint32)862 }
-};
-static const NSSItem nss_builtins_items_153 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"USPS Root", (PRUint32)10 },
- { (void *)"\154\041\132\224\112\235\120\245\027\015\202\313\324\371\325\072"
-"\341\237\030\145"
-, (PRUint32)20 },
- { (void *)"\274\055\035\316\370\036\035\175\021\044\152\231\160\130\175\031"
-, (PRUint32)16 },
- { (void *)"\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144"
-"\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123"
-"\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023"
-"\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120"
-"\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123"
-"\040\122\157\157\164\040\103\101"
-, (PRUint32)104 },
- { (void *)"\047\204"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_154 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"USPS Production 1", (PRUint32)18 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\156\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144"
-"\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123"
-"\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023"
-"\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120"
-"\123\061\035\060\033\006\003\125\004\003\023\024\125\123\120\123"
-"\040\120\162\157\144\165\143\164\151\157\156\040\103\101\040\061"
-, (PRUint32)112 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144"
-"\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123"
-"\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023"
-"\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120"
-"\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123"
-"\040\122\157\157\164\040\103\101"
-, (PRUint32)104 },
- { (void *)"\047\205"
-, (PRUint32)2 },
- { (void *)"\060\202\010\157\060\202\007\330\240\003\002\001\002\002\002\047"
-"\205\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000"
-"\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144"
-"\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123"
-"\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023"
-"\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120"
-"\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123"
-"\040\122\157\157\164\040\103\101\060\036\027\015\060\061\060\064"
-"\061\063\061\066\065\066\065\064\132\027\015\062\060\060\070\061"
-"\064\061\067\060\060\064\060\132\060\156\061\013\060\011\006\003"
-"\125\004\006\023\002\125\123\061\045\060\043\006\003\125\004\012"
-"\023\034\125\156\151\164\145\144\040\123\164\141\164\145\163\040"
-"\120\157\163\164\141\154\040\123\145\162\166\151\143\145\061\031"
-"\060\027\006\003\125\004\013\023\020\167\167\167\056\165\163\160"
-"\163\056\143\157\155\057\103\120\123\061\035\060\033\006\003\125"
-"\004\003\023\024\125\123\120\123\040\120\162\157\144\165\143\164"
-"\151\157\156\040\103\101\040\061\060\201\237\060\015\006\011\052"
-"\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201"
-"\211\002\201\201\000\306\326\271\357\262\123\070\312\322\167\014"
-"\154\066\050\060\302\320\050\002\170\161\116\015\211\102\307\131"
-"\047\263\220\010\047\324\227\132\036\266\170\104\100\153\164\306"
-"\215\253\121\213\350\246\355\121\246\326\165\027\354\172\124\136"
-"\126\203\347\360\155\304\111\364\027\275\006\013\022\306\125\357"
-"\351\250\341\050\057\240\103\217\165\364\377\331\334\175\376\252"
-"\324\170\363\234\223\305\231\332\142\106\233\365\166\044\124\011"
-"\012\051\353\024\105\102\013\377\015\166\003\037\247\145\210\242"
-"\244\177\157\320\117\002\003\001\000\001\243\202\006\042\060\202"
-"\006\036\060\202\005\167\006\003\125\035\040\004\202\005\156\060"
-"\202\005\152\060\201\303\006\011\140\206\110\001\206\371\155\146"
-"\001\060\201\265\060\043\006\010\053\006\001\005\005\007\002\001"
-"\026\027\150\164\164\160\072\057\057\167\167\167\056\165\163\160"
-"\163\056\143\157\155\057\103\120\123\060\201\215\006\010\053\006"
-"\001\005\005\007\002\002\060\201\200\032\176\123\145\145\040\125"
-"\123\120\123\040\103\120\123\040\141\164\040\150\164\164\160\072"
-"\057\057\167\167\167\056\165\163\160\163\056\143\157\155\057\103"
-"\120\123\056\040\124\150\151\163\040\143\145\162\164\151\146\151"
-"\143\141\164\145\040\151\163\040\164\157\040\142\145\040\165\163"
-"\145\144\040\157\156\154\171\040\151\156\040\141\143\143\157\162"
-"\144\141\156\143\145\040\167\151\164\150\040\125\123\120\123\040"
-"\162\145\147\165\154\141\164\151\157\156\163\040\141\156\144\040"
-"\160\157\154\151\143\151\145\163\056\060\201\303\006\011\140\206"
-"\110\001\206\371\155\146\002\060\201\265\060\043\006\010\053\006"
-"\001\005\005\007\002\001\026\027\150\164\164\160\072\057\057\167"
-"\167\167\056\165\163\160\163\056\143\157\155\057\103\120\123\060"
-"\201\215\006\010\053\006\001\005\005\007\002\002\060\201\200\032"
-"\176\123\145\145\040\125\123\120\123\040\103\120\123\040\141\164"
-"\040\150\164\164\160\072\057\057\167\167\167\056\165\163\160\163"
-"\056\143\157\155\057\103\120\123\056\040\124\150\151\163\040\143"
-"\145\162\164\151\146\151\143\141\164\145\040\151\163\040\164\157"
-"\040\142\145\040\165\163\145\144\040\157\156\154\171\040\151\156"
-"\040\141\143\143\157\162\144\141\156\143\145\040\167\151\164\150"
-"\040\125\123\120\123\040\162\145\147\165\154\141\164\151\157\156"
-"\163\040\141\156\144\040\160\157\154\151\143\151\145\163\056\060"
-"\201\303\006\011\140\206\110\001\206\371\155\146\003\060\201\265"
-"\060\043\006\010\053\006\001\005\005\007\002\001\026\027\150\164"
-"\164\160\072\057\057\167\167\167\056\165\163\160\163\056\143\157"
-"\155\057\103\120\123\060\201\215\006\010\053\006\001\005\005\007"
-"\002\002\060\201\200\032\176\123\145\145\040\125\123\120\123\040"
-"\103\120\123\040\141\164\040\150\164\164\160\072\057\057\167\167"
-"\167\056\165\163\160\163\056\143\157\155\057\103\120\123\056\040"
-"\124\150\151\163\040\143\145\162\164\151\146\151\143\141\164\145"
-"\040\151\163\040\164\157\040\142\145\040\165\163\145\144\040\157"
-"\156\154\171\040\151\156\040\141\143\143\157\162\144\141\156\143"
-"\145\040\167\151\164\150\040\125\123\120\123\040\162\145\147\165"
-"\154\141\164\151\157\156\163\040\141\156\144\040\160\157\154\151"
-"\143\151\145\163\056\060\201\303\006\011\140\206\110\001\206\371"
-"\155\146\004\060\201\265\060\043\006\010\053\006\001\005\005\007"
-"\002\001\026\027\150\164\164\160\072\057\057\167\167\167\056\165"
-"\163\160\163\056\143\157\155\057\103\120\123\060\201\215\006\010"
-"\053\006\001\005\005\007\002\002\060\201\200\032\176\123\145\145"
-"\040\125\123\120\123\040\103\120\123\040\141\164\040\150\164\164"
-"\160\072\057\057\167\167\167\056\165\163\160\163\056\143\157\155"
-"\057\103\120\123\056\040\124\150\151\163\040\143\145\162\164\151"
-"\146\151\143\141\164\145\040\151\163\040\164\157\040\142\145\040"
-"\165\163\145\144\040\157\156\154\171\040\151\156\040\141\143\143"
-"\157\162\144\141\156\143\145\040\167\151\164\150\040\125\123\120"
-"\123\040\162\145\147\165\154\141\164\151\157\156\163\040\141\156"
-"\144\040\160\157\154\151\143\151\145\163\056\060\201\303\006\011"
-"\140\206\110\001\206\371\155\146\005\060\201\265\060\043\006\010"
-"\053\006\001\005\005\007\002\001\026\027\150\164\164\160\072\057"
-"\057\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120"
-"\123\060\201\215\006\010\053\006\001\005\005\007\002\002\060\201"
-"\200\032\176\123\145\145\040\125\123\120\123\040\103\120\123\040"
-"\141\164\040\150\164\164\160\072\057\057\167\167\167\056\165\163"
-"\160\163\056\143\157\155\057\103\120\123\056\040\124\150\151\163"
-"\040\143\145\162\164\151\146\151\143\141\164\145\040\151\163\040"
-"\164\157\040\142\145\040\165\163\145\144\040\157\156\154\171\040"
-"\151\156\040\141\143\143\157\162\144\141\156\143\145\040\167\151"
-"\164\150\040\125\123\120\123\040\162\145\147\165\154\141\164\151"
-"\157\156\163\040\141\156\144\040\160\157\154\151\143\151\145\163"
-"\056\060\201\303\006\011\140\206\110\001\206\371\155\146\006\060"
-"\201\265\060\043\006\010\053\006\001\005\005\007\002\001\026\027"
-"\150\164\164\160\072\057\057\167\167\167\056\165\163\160\163\056"
-"\143\157\155\057\103\120\123\060\201\215\006\010\053\006\001\005"
-"\005\007\002\002\060\201\200\032\176\123\145\145\040\125\123\120"
-"\123\040\103\120\123\040\141\164\040\150\164\164\160\072\057\057"
-"\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120\123"
-"\056\040\124\150\151\163\040\143\145\162\164\151\146\151\143\141"
-"\164\145\040\151\163\040\164\157\040\142\145\040\165\163\145\144"
-"\040\157\156\154\171\040\151\156\040\141\143\143\157\162\144\141"
-"\156\143\145\040\167\151\164\150\040\125\123\120\123\040\162\145"
-"\147\165\154\141\164\151\157\156\163\040\141\156\144\040\160\157"
-"\154\151\143\151\145\163\056\060\201\303\006\011\140\206\110\001"
-"\206\371\155\146\007\060\201\265\060\043\006\010\053\006\001\005"
-"\005\007\002\001\026\027\150\164\164\160\072\057\057\167\167\167"
-"\056\165\163\160\163\056\143\157\155\057\103\120\123\060\201\215"
-"\006\010\053\006\001\005\005\007\002\002\060\201\200\032\176\123"
-"\145\145\040\125\123\120\123\040\103\120\123\040\141\164\040\150"
-"\164\164\160\072\057\057\167\167\167\056\165\163\160\163\056\143"
-"\157\155\057\103\120\123\056\040\124\150\151\163\040\143\145\162"
-"\164\151\146\151\143\141\164\145\040\151\163\040\164\157\040\142"
-"\145\040\165\163\145\144\040\157\156\154\171\040\151\156\040\141"
-"\143\143\157\162\144\141\156\143\145\040\167\151\164\150\040\125"
-"\123\120\123\040\162\145\147\165\154\141\164\151\157\156\163\040"
-"\141\156\144\040\160\157\154\151\143\151\145\163\056\060\035\006"
-"\003\125\035\016\004\026\004\024\045\345\240\357\055\162\117\155"
-"\225\037\067\037\040\326\303\001\104\003\307\320\060\037\006\003"
-"\125\035\043\004\030\060\026\200\024\323\316\202\164\363\057\113"
-"\211\140\162\244\136\021\277\137\165\003\242\002\253\060\035\006"
-"\003\125\035\022\004\026\060\024\201\022\162\157\157\164\061\060"
-"\060\060\061\100\165\163\160\163\056\143\157\155\060\041\006\003"
-"\125\035\021\004\032\060\030\201\026\143\141\141\144\155\151\156"
-"\100\145\155\141\151\154\056\165\163\160\163\056\143\157\155\060"
-"\016\006\003\125\035\017\001\001\377\004\004\003\002\001\306\060"
-"\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003"
-"\201\201\000\140\277\111\155\062\312\204\333\360\226\100\310\254"
-"\130\351\111\351\233\034\162\136\305\006\243\075\064\303\034\256"
-"\015\325\164\031\336\230\327\175\001\075\345\110\230\100\177\275"
-"\042\257\134\172\366\353\142\076\253\274\275\217\142\130\313\202"
-"\072\324\304\100\347\213\270\017\020\120\017\054\070\043\071\224"
-"\345\040\307\324\270\371\341\121\102\104\224\154\143\136\343\176"
-"\136\142\336\357\075\106\264\074\133\250\233\016\172\236\035\126"
-"\355\274\005\264\305\361\131\011\257\157\111\205\131\333\072\021"
-"\145\315\351"
-, (PRUint32)2163 }
-};
-static const NSSItem nss_builtins_items_155 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"USPS Production 1", (PRUint32)18 },
- { (void *)"\246\153\351\054\171\064\177\363\201\000\013\373\142\054\337\247"
-"\121\331\153\123"
-, (PRUint32)20 },
- { (void *)"\076\000\040\236\051\317\232\170\303\150\117\206\366\173\341\106"
-, (PRUint32)16 },
- { (void *)"\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144"
-"\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123"
-"\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023"
-"\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120"
-"\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123"
-"\040\122\157\157\164\040\103\101"
-, (PRUint32)104 },
- { (void *)"\047\205"
-, (PRUint32)2 },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_156 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Non-Validated Services Root", (PRUint32)37 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101"
-"\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040"
-"\103\101\040\122\157\157\164"
-, (PRUint32)103 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101"
-"\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040"
-"\103\101\040\122\157\157\164"
-, (PRUint32)103 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\004\030\060\202\003\000\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
-"\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
-"\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144"
-"\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103"
-"\101\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060"
-"\061\060\063\070\063\061\132\027\015\062\060\060\065\063\060\061"
-"\060\063\070\063\061\132\060\145\061\013\060\011\006\003\125\004"
-"\006\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013"
-"\101\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006"
-"\003\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124"
-"\124\120\040\116\145\164\167\157\162\153\061\041\060\037\006\003"
-"\125\004\003\023\030\101\144\144\124\162\165\163\164\040\103\154"
-"\141\163\163\040\061\040\103\101\040\122\157\157\164\060\202\001"
-"\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000"
-"\003\202\001\017\000\060\202\001\012\002\202\001\001\000\226\226"
-"\324\041\111\140\342\153\350\101\007\014\336\304\340\334\023\043"
-"\315\301\065\307\373\326\116\021\012\147\136\365\006\133\153\245"
-"\010\073\133\051\026\072\347\207\262\064\006\305\274\005\245\003"
-"\174\202\313\051\020\256\341\210\201\275\326\236\323\376\055\126"
-"\301\025\316\343\046\235\025\056\020\373\006\217\060\004\336\247"
-"\264\143\264\377\261\234\256\074\257\167\266\126\305\265\253\242"
-"\351\151\072\075\016\063\171\062\077\160\202\222\231\141\155\215"
-"\060\010\217\161\077\246\110\127\031\370\045\334\113\146\134\245"
-"\164\217\230\256\310\371\300\006\042\347\254\163\337\245\056\373"
-"\122\334\261\025\145\040\372\065\146\151\336\337\054\361\156\274"
-"\060\333\054\044\022\333\353\065\065\150\220\313\000\260\227\041"
-"\075\164\041\043\145\064\053\273\170\131\243\326\341\166\071\232"
-"\244\111\216\214\164\257\156\244\232\243\331\233\322\070\134\233"
-"\242\030\314\165\043\204\276\353\342\115\063\161\216\032\360\302"
-"\370\307\035\242\255\003\227\054\370\317\045\306\366\270\044\061"
-"\261\143\135\222\177\143\360\045\311\123\056\037\277\115\002\003"
-"\001\000\001\243\201\322\060\201\317\060\035\006\003\125\035\016"
-"\004\026\004\024\225\261\264\360\224\266\275\307\332\321\021\011"
-"\041\276\301\257\111\375\020\173\060\013\006\003\125\035\017\004"
-"\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004"
-"\005\060\003\001\001\377\060\201\217\006\003\125\035\043\004\201"
-"\207\060\201\204\200\024\225\261\264\360\224\266\275\307\332\321"
-"\021\011\041\276\301\257\111\375\020\173\241\151\244\147\060\145"
-"\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024\060"
-"\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163\164"
-"\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101\144"
-"\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167\157"
-"\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144\144"
-"\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103\101"
-"\040\122\157\157\164\202\001\001\060\015\006\011\052\206\110\206"
-"\367\015\001\001\005\005\000\003\202\001\001\000\054\155\144\033"
-"\037\315\015\335\271\001\372\226\143\064\062\110\107\231\256\227"
-"\355\375\162\026\246\163\107\132\364\353\335\351\365\326\373\105"
-"\314\051\211\104\135\277\106\071\075\350\356\274\115\124\206\036"
-"\035\154\343\027\047\103\341\211\126\053\251\157\162\116\111\063"
-"\343\162\174\052\043\232\274\076\377\050\052\355\243\377\034\043"
-"\272\103\127\011\147\115\113\142\006\055\370\377\154\235\140\036"
-"\330\034\113\175\265\061\057\331\320\174\135\370\336\153\203\030"
-"\170\067\127\057\350\063\007\147\337\036\307\153\052\225\166\256"
-"\217\127\243\360\364\122\264\251\123\010\317\340\117\323\172\123"
-"\213\375\273\034\126\066\362\376\262\266\345\166\273\325\042\145"
-"\247\077\376\321\146\255\013\274\153\231\206\357\077\175\363\030"
-"\062\312\173\306\343\253\144\106\225\370\046\151\331\125\203\173"
-"\054\226\007\377\131\054\104\243\306\345\351\251\334\241\143\200"
-"\132\041\136\041\317\123\124\360\272\157\211\333\250\252\225\317"
-"\213\343\161\314\036\033\040\104\010\300\172\266\100\375\304\344"
-"\065\341\035\026\034\320\274\053\216\326\161\331"
-, (PRUint32)1052 }
-};
-static const NSSItem nss_builtins_items_157 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Non-Validated Services Root", (PRUint32)37 },
- { (void *)"\314\253\016\240\114\043\001\326\151\173\335\067\237\315\022\353"
-"\044\343\224\235"
-, (PRUint32)20 },
- { (void *)"\036\102\225\002\063\222\153\271\137\300\177\332\326\262\113\374"
-, (PRUint32)16 },
- { (void *)"\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101"
-"\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040"
-"\103\101\040\122\157\157\164"
-, (PRUint32)103 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_valid, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_158 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust External Root", (PRUint32)23 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\004\066\060\202\003\036\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035\101"
-"\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141\154"
-"\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060\040"
-"\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164\040"
-"\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157\164"
-"\060\036\027\015\060\060\060\065\063\060\061\060\064\070\063\070"
-"\132\027\015\062\060\060\065\063\060\061\060\064\070\063\070\132"
-"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\267\367\032\063\346\362\000\004\055\071\340\116\133\355"
-"\037\274\154\017\315\265\372\043\266\316\336\233\021\063\227\244"
-"\051\114\175\223\237\275\112\274\223\355\003\032\343\217\317\345"
-"\155\120\132\326\227\051\224\132\200\260\111\172\333\056\225\375"
-"\270\312\277\067\070\055\036\076\221\101\255\160\126\307\360\117"
-"\077\350\062\236\164\312\310\220\124\351\306\137\017\170\235\232"
-"\100\074\016\254\141\252\136\024\217\236\207\241\152\120\334\327"
-"\232\116\257\005\263\246\161\224\234\161\263\120\140\012\307\023"
-"\235\070\007\206\002\250\351\250\151\046\030\220\253\114\260\117"
-"\043\253\072\117\204\330\337\316\237\341\151\157\273\327\102\327"
-"\153\104\344\307\255\356\155\101\137\162\132\161\010\067\263\171"
-"\145\244\131\240\224\067\367\000\057\015\302\222\162\332\320\070"
-"\162\333\024\250\105\304\135\052\175\267\264\326\304\356\254\315"
-"\023\104\267\311\053\335\103\000\045\372\141\271\151\152\130\043"
-"\021\267\247\063\217\126\165\131\365\315\051\327\106\267\012\053"
-"\145\266\323\102\157\025\262\270\173\373\357\351\135\123\325\064"
-"\132\047\002\003\001\000\001\243\201\334\060\201\331\060\035\006"
-"\003\125\035\016\004\026\004\024\255\275\230\172\064\264\046\367"
-"\372\304\046\124\357\003\275\340\044\313\124\032\060\013\006\003"
-"\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023"
-"\001\001\377\004\005\060\003\001\001\377\060\201\231\006\003\125"
-"\035\043\004\201\221\060\201\216\200\024\255\275\230\172\064\264"
-"\046\367\372\304\046\124\357\003\275\340\044\313\124\032\241\163"
-"\244\161\060\157\061\013\060\011\006\003\125\004\006\023\002\123"
-"\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124"
-"\162\165\163\164\040\101\102\061\046\060\044\006\003\125\004\013"
-"\023\035\101\144\144\124\162\165\163\164\040\105\170\164\145\162"
-"\156\141\154\040\124\124\120\040\116\145\164\167\157\162\153\061"
-"\042\060\040\006\003\125\004\003\023\031\101\144\144\124\162\165"
-"\163\164\040\105\170\164\145\162\156\141\154\040\103\101\040\122"
-"\157\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015"
-"\001\001\005\005\000\003\202\001\001\000\260\233\340\205\045\302"
-"\326\043\342\017\226\006\222\235\101\230\234\331\204\171\201\331"
-"\036\133\024\007\043\066\145\217\260\330\167\273\254\101\154\107"
-"\140\203\121\260\371\062\075\347\374\366\046\023\307\200\026\245"
-"\277\132\374\207\317\170\171\211\041\232\342\114\007\012\206\065"
-"\274\362\336\121\304\322\226\267\334\176\116\356\160\375\034\071"
-"\353\014\002\121\024\055\216\275\026\340\301\337\106\165\347\044"
-"\255\354\364\102\264\205\223\160\020\147\272\235\006\065\112\030"
-"\323\053\172\314\121\102\241\172\143\321\346\273\241\305\053\302"
-"\066\276\023\015\346\275\143\176\171\173\247\011\015\100\253\152"
-"\335\217\212\303\366\366\214\032\102\005\121\324\105\365\237\247"
-"\142\041\150\025\040\103\074\231\347\174\275\044\330\251\221\027"
-"\163\210\077\126\033\061\070\030\264\161\017\232\315\310\016\236"
-"\216\056\033\341\214\230\203\313\037\061\361\104\114\306\004\163"
-"\111\166\140\017\307\370\275\027\200\153\056\351\314\114\016\132"
-"\232\171\017\040\012\056\325\236\143\046\036\125\222\224\330\202"
-"\027\132\173\320\274\307\217\116\206\004"
-, (PRUint32)1082 }
-};
-static const NSSItem nss_builtins_items_159 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust External Root", (PRUint32)23 },
- { (void *)"\002\372\363\342\221\103\124\150\140\170\127\151\115\365\344\133"
-"\150\205\030\150"
-, (PRUint32)20 },
- { (void *)"\035\065\124\004\205\170\260\077\102\102\115\277\040\163\012\077"
-, (PRUint32)16 },
- { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_160 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Public Services Root", (PRUint32)30 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101"
-"\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103"
-"\101\040\122\157\157\164"
-, (PRUint32)102 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101"
-"\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103"
-"\101\040\122\157\157\164"
-, (PRUint32)102 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\004\025\060\202\002\375\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
-"\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
-"\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101\144"
-"\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103\101"
-"\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060\061"
-"\060\064\061\065\060\132\027\015\062\060\060\065\063\060\061\060"
-"\064\061\065\060\132\060\144\061\013\060\011\006\003\125\004\006"
-"\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013\101"
-"\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006\003"
-"\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124\124"
-"\120\040\116\145\164\167\157\162\153\061\040\060\036\006\003\125"
-"\004\003\023\027\101\144\144\124\162\165\163\164\040\120\165\142"
-"\154\151\143\040\103\101\040\122\157\157\164\060\202\001\042\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202"
-"\001\017\000\060\202\001\012\002\202\001\001\000\351\032\060\217"
-"\203\210\024\301\040\330\074\233\217\033\176\003\164\273\332\151"
-"\323\106\245\370\216\302\014\021\220\121\245\057\146\124\100\125"
-"\352\333\037\112\126\356\237\043\156\364\071\313\241\271\157\362"
-"\176\371\135\207\046\141\236\034\370\342\354\246\201\370\041\305"
-"\044\314\021\014\077\333\046\162\172\307\001\227\007\027\371\327"
-"\030\054\060\175\016\172\036\142\036\306\113\300\375\175\142\167"
-"\323\104\036\047\366\077\113\104\263\267\070\331\071\037\140\325"
-"\121\222\163\003\264\000\151\343\363\024\116\356\321\334\011\317"
-"\167\064\106\120\260\370\021\362\376\070\171\367\007\071\376\121"
-"\222\227\013\133\010\137\064\206\001\255\210\227\353\146\315\136"
-"\321\377\334\175\362\204\332\272\167\255\334\200\010\307\247\207"
-"\326\125\237\227\152\350\310\021\144\272\347\031\051\077\021\263"
-"\170\220\204\040\122\133\021\357\170\320\203\366\325\110\220\320"
-"\060\034\317\200\371\140\376\171\344\210\362\335\000\353\224\105"
-"\353\145\224\151\100\272\300\325\264\270\272\175\004\021\250\353"
-"\061\005\226\224\116\130\041\216\237\320\140\375\002\003\001\000"
-"\001\243\201\321\060\201\316\060\035\006\003\125\035\016\004\026"
-"\004\024\201\076\067\330\222\260\037\167\237\134\264\253\163\252"
-"\347\366\064\140\057\372\060\013\006\003\125\035\017\004\004\003"
-"\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060"
-"\003\001\001\377\060\201\216\006\003\125\035\043\004\201\206\060"
-"\201\203\200\024\201\076\067\330\222\260\037\167\237\134\264\253"
-"\163\252\347\366\064\140\057\372\241\150\244\146\060\144\061\013"
-"\060\011\006\003\125\004\006\023\002\123\105\061\024\060\022\006"
-"\003\125\004\012\023\013\101\144\144\124\162\165\163\164\040\101"
-"\102\061\035\060\033\006\003\125\004\013\023\024\101\144\144\124"
-"\162\165\163\164\040\124\124\120\040\116\145\164\167\157\162\153"
-"\061\040\060\036\006\003\125\004\003\023\027\101\144\144\124\162"
-"\165\163\164\040\120\165\142\154\151\143\040\103\101\040\122\157"
-"\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015\001"
-"\001\005\005\000\003\202\001\001\000\003\367\025\112\370\044\332"
-"\043\126\026\223\166\335\066\050\271\256\033\270\303\361\144\272"
-"\040\030\170\225\051\047\127\005\274\174\052\364\271\121\125\332"
-"\207\002\336\017\026\027\061\370\252\171\056\011\023\273\257\262"
-"\040\031\022\345\223\371\113\371\203\350\104\325\262\101\045\277"
-"\210\165\157\377\020\374\112\124\320\137\360\372\357\066\163\175"
-"\033\066\105\306\041\155\264\025\270\116\317\234\134\245\075\132"
-"\000\216\006\343\074\153\062\173\362\237\360\266\375\337\360\050"
-"\030\110\360\306\274\320\277\064\200\226\302\112\261\155\216\307"
-"\220\105\336\057\147\254\105\004\243\172\334\125\222\311\107\146"
-"\330\032\214\307\355\234\116\232\340\022\273\265\152\114\204\341"
-"\341\042\015\207\000\144\376\214\175\142\071\145\246\357\102\266"
-"\200\045\022\141\001\250\044\023\160\000\021\046\137\372\065\120"
-"\305\110\314\006\107\350\047\330\160\215\137\144\346\241\104\046"
-"\136\042\354\222\315\377\102\232\104\041\155\134\305\343\042\035"
-"\137\107\022\347\316\137\135\372\330\252\261\063\055\331\166\362"
-"\116\072\063\014\053\263\055\220\006"
-, (PRUint32)1049 }
-};
-static const NSSItem nss_builtins_items_161 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Public Services Root", (PRUint32)30 },
- { (void *)"\052\266\050\110\136\170\373\363\255\236\171\020\335\153\337\231"
-"\162\054\226\345"
-, (PRUint32)20 },
- { (void *)"\301\142\076\043\305\202\163\234\003\131\113\053\351\167\111\177"
-, (PRUint32)16 },
- { (void *)"\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035"
-"\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141"
-"\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060"
-"\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164"
-"\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157"
-"\164"
-, (PRUint32)113 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_162 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Qualified Certificates Root", (PRUint32)37 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
-"\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
-"\144\040\103\101\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
-"\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
-"\144\040\103\101\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)"\060\202\004\036\060\202\003\006\240\003\002\001\002\002\001\001"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024"
-"\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163"
-"\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101"
-"\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167"
-"\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101\144"
-"\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145\144"
-"\040\103\101\040\122\157\157\164\060\036\027\015\060\060\060\065"
-"\063\060\061\060\064\064\065\060\132\027\015\062\060\060\065\063"
-"\060\061\060\064\064\065\060\132\060\147\061\013\060\011\006\003"
-"\125\004\006\023\002\123\105\061\024\060\022\006\003\125\004\012"
-"\023\013\101\144\144\124\162\165\163\164\040\101\102\061\035\060"
-"\033\006\003\125\004\013\023\024\101\144\144\124\162\165\163\164"
-"\040\124\124\120\040\116\145\164\167\157\162\153\061\043\060\041"
-"\006\003\125\004\003\023\032\101\144\144\124\162\165\163\164\040"
-"\121\165\141\154\151\146\151\145\144\040\103\101\040\122\157\157"
-"\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001"
-"\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001"
-"\001\000\344\036\232\376\334\011\132\207\244\237\107\276\021\137"
-"\257\204\064\333\142\074\171\170\267\351\060\265\354\014\034\052"
-"\304\026\377\340\354\161\353\212\365\021\156\355\117\015\221\322"
-"\022\030\055\111\025\001\302\244\042\023\307\021\144\377\042\022"
-"\232\271\216\134\057\010\317\161\152\263\147\001\131\361\135\106"
-"\363\260\170\245\366\016\102\172\343\177\033\314\320\360\267\050"
-"\375\052\352\236\263\260\271\004\252\375\366\307\264\261\270\052"
-"\240\373\130\361\031\240\157\160\045\176\076\151\112\177\017\042"
-"\330\357\255\010\021\232\051\231\341\252\104\105\232\022\136\076"
-"\235\155\122\374\347\240\075\150\057\360\113\160\174\023\070\255"
-"\274\025\045\361\326\316\253\242\300\061\326\057\237\340\377\024"
-"\131\374\204\223\331\207\174\114\124\023\353\237\321\055\021\370"
-"\030\072\072\336\045\331\367\323\100\355\244\006\022\304\073\341"
-"\221\301\126\065\360\024\334\145\066\011\156\253\244\007\307\065"
-"\321\302\003\063\066\133\165\046\155\102\361\022\153\103\157\113"
-"\161\224\372\064\035\355\023\156\312\200\177\230\057\154\271\145"
-"\330\351\002\003\001\000\001\243\201\324\060\201\321\060\035\006"
-"\003\125\035\016\004\026\004\024\071\225\213\142\213\134\311\324"
-"\200\272\130\017\227\077\025\010\103\314\230\247\060\013\006\003"
-"\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023"
-"\001\001\377\004\005\060\003\001\001\377\060\201\221\006\003\125"
-"\035\043\004\201\211\060\201\206\200\024\071\225\213\142\213\134"
-"\311\324\200\272\130\017\227\077\025\010\103\314\230\247\241\153"
-"\244\151\060\147\061\013\060\011\006\003\125\004\006\023\002\123"
-"\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124"
-"\162\165\163\164\040\101\102\061\035\060\033\006\003\125\004\013"
-"\023\024\101\144\144\124\162\165\163\164\040\124\124\120\040\116"
-"\145\164\167\157\162\153\061\043\060\041\006\003\125\004\003\023"
-"\032\101\144\144\124\162\165\163\164\040\121\165\141\154\151\146"
-"\151\145\144\040\103\101\040\122\157\157\164\202\001\001\060\015"
-"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001"
-"\001\000\031\253\165\352\370\213\145\141\225\023\272\151\004\357"
-"\206\312\023\240\307\252\117\144\033\077\030\366\250\055\054\125"
-"\217\005\267\060\352\102\152\035\300\045\121\055\247\277\014\263"
-"\355\357\010\177\154\074\106\032\352\030\103\337\166\314\371\146"
-"\206\234\054\150\365\351\027\370\061\263\030\304\326\110\175\043"
-"\114\150\301\176\273\001\024\157\305\331\156\336\273\004\102\152"
-"\370\366\134\175\345\332\372\207\353\015\065\122\147\320\236\227"
-"\166\005\223\077\225\307\001\346\151\125\070\177\020\141\231\311"
-"\343\137\246\312\076\202\143\110\252\342\010\110\076\252\362\262"
-"\205\142\246\264\247\331\275\067\234\150\265\055\126\175\260\267"
-"\077\240\261\007\326\351\117\334\336\105\161\060\062\177\033\056"
-"\011\371\277\122\241\356\302\200\076\006\134\056\125\100\301\033"
-"\365\160\105\260\334\135\372\366\162\132\167\322\143\315\317\130"
-"\211\000\102\143\077\171\071\320\104\260\202\156\101\031\350\335"
-"\340\301\210\132\321\036\161\223\037\044\060\164\345\036\250\336"
-"\074\047\067\177\203\256\236\167\317\360\060\261\377\113\231\350"
-"\306\241"
-, (PRUint32)1058 }
-};
-static const NSSItem nss_builtins_items_163 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"AddTrust Qualified Certificates Root", (PRUint32)37 },
- { (void *)"\115\043\170\354\221\225\071\265\000\177\165\217\003\073\041\036"
-"\305\115\213\317"
-, (PRUint32)20 },
- { (void *)"\047\354\071\107\315\332\132\257\342\232\001\145\041\251\114\273"
-, (PRUint32)16 },
- { (void *)"\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061"
-"\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165"
-"\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024"
-"\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164"
-"\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101"
-"\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145"
-"\144\040\103\101\040\122\157\157\164"
-, (PRUint32)105 },
- { (void *)"\001"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_164 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003"
-"\125\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142"
-"\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120"
-"\040\122\145\163\160\157\156\144\145\162"
-, (PRUint32)170 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\053\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040"
-, (PRUint32)16 },
- { (void *)"\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\053"
-"\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132"
-"\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060"
-"\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162"
-"\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006"
-"\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124"
-"\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071"
-"\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040"
-"\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167"
-"\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125"
-"\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040"
-"\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\271\355\136\172\072\167\137\316\137\072"
-"\122\374\315\144\367\161\265\157\152\226\306\131\222\125\224\135"
-"\057\133\056\301\021\352\046\212\313\247\201\074\366\132\104\336"
-"\172\023\057\375\132\121\331\173\067\046\112\300\047\077\004\003"
-"\152\126\301\203\054\341\157\133\251\124\120\044\112\306\056\172"
-"\114\241\133\067\124\044\041\061\037\241\170\030\166\247\261\160"
-"\332\042\320\152\376\007\142\100\306\367\366\233\175\014\006\270"
-"\113\307\050\344\146\043\204\121\357\106\267\223\330\201\063\313"
-"\345\066\254\306\350\005\002\003\001\000\001\243\202\001\020\060"
-"\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025"
-"\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123"
-"\120\040\061\055\061\060\061\006\003\125\035\037\004\052\060\050"
-"\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143"
-"\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\160\143\141\061\056\143\162\154\060\023\006\003\125\035\045\004"
-"\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006"
-"\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006"
-"\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164"
-"\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147"
-"\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165"
-"\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013"
-"\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006"
-"\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163"
-"\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056"
-"\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002"
-"\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201"
-"\201\000\160\220\335\270\344\276\123\027\174\177\002\351\325\367"
-"\213\231\223\061\140\215\176\346\140\153\044\357\140\254\322\316"
-"\221\336\200\155\011\244\323\270\070\345\104\312\162\136\015\055"
-"\301\167\234\275\054\003\170\051\215\244\245\167\207\365\361\053"
-"\046\255\314\007\154\072\124\132\050\340\011\363\115\012\004\312"
-"\324\130\151\013\247\263\365\335\001\245\347\334\360\037\272\301"
-"\135\220\215\263\352\117\301\021\131\227\152\262\053\023\261\332"
-"\255\227\241\263\261\240\040\133\312\062\253\215\317\023\360\037"
-"\051\303"
-, (PRUint32)930 }
-};
-static const NSSItem nss_builtins_items_165 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 1 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)"\004\226\110\344\112\311\314\255\105\203\230\331\074\175\221\365"
-"\042\104\033\212"
-, (PRUint32)20 },
- { (void *)"\176\157\072\123\033\174\276\260\060\333\103\036\036\224\211\262"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\053\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_166 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003"
-"\125\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142"
-"\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120"
-"\040\122\145\163\160\157\156\144\145\162"
-, (PRUint32)170 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\011\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247"
-, (PRUint32)16 },
- { (void *)"\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\011"
-"\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\070\060\061\060\060\060\060\060\060\132"
-"\027\015\060\064\060\067\063\061\062\063\065\071\065\071\132\060"
-"\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162"
-"\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006"
-"\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124"
-"\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071"
-"\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040"
-"\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167"
-"\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125"
-"\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040"
-"\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\320\312\143\061\141\177\104\064\174\005"
-"\175\013\075\152\220\313\171\113\167\012\077\113\307\043\345\300"
-"\142\055\176\234\176\076\210\207\221\320\254\350\115\111\207\242"
-"\226\220\212\335\004\245\002\077\214\233\351\211\376\142\240\342"
-"\132\275\310\335\264\170\346\245\102\223\010\147\001\300\040\115"
-"\327\134\364\135\332\263\343\067\246\122\032\054\114\145\115\212"
-"\207\331\250\243\361\111\124\273\074\134\200\121\150\306\373\111"
-"\377\013\125\253\025\335\373\232\301\271\035\164\015\262\214\104"
-"\135\211\374\237\371\203\002\003\001\000\001\243\202\001\020\060"
-"\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025"
-"\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123"
-"\120\040\061\055\062\060\061\006\003\125\035\037\004\052\060\050"
-"\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143"
-"\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\160\143\141\062\056\143\162\154\060\023\006\003\125\035\045\004"
-"\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006"
-"\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006"
-"\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164"
-"\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147"
-"\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165"
-"\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013"
-"\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006"
-"\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163"
-"\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056"
-"\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002"
-"\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201"
-"\201\000\037\175\011\156\044\106\165\004\234\363\046\233\343\071"
-"\156\027\357\274\275\242\033\322\002\204\206\253\320\100\227\054"
-"\304\103\210\067\031\153\042\250\003\161\120\235\040\334\066\140"
-"\040\232\163\055\163\125\154\130\233\054\302\264\064\054\172\063"
-"\102\312\221\331\351\103\257\317\036\340\365\304\172\253\077\162"
-"\143\036\251\067\341\133\073\210\263\023\206\202\220\127\313\127"
-"\377\364\126\276\042\335\343\227\250\341\274\042\103\302\335\115"
-"\333\366\201\236\222\024\236\071\017\023\124\336\202\330\300\136"
-"\064\215"
-, (PRUint32)930 }
-};
-static const NSSItem nss_builtins_items_167 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 2 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)"\042\171\151\276\320\122\116\115\035\066\262\361\162\041\167\361"
-"\124\123\110\167"
-, (PRUint32)20 },
- { (void *)"\363\105\275\020\226\015\205\113\357\237\021\142\064\247\136\265"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\011\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_168 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003"
-"\125\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142"
-"\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120"
-"\040\122\145\163\160\157\156\144\145\162"
-, (PRUint32)170 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\056\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204"
-, (PRUint32)16 },
- { (void *)"\060\202\003\242\060\202\003\013\240\003\002\001\002\002\020\056"
-"\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137"
-"\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060"
-"\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156"
-"\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023"
-"\056\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040"
-"\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132"
-"\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060"
-"\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162"
-"\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006"
-"\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124"
-"\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071"
-"\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040"
-"\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167"
-"\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125"
-"\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040"
-"\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011"
-"\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060"
-"\201\211\002\201\201\000\361\344\010\016\203\273\165\343\110\345"
-"\270\333\246\360\271\253\351\074\142\307\136\065\133\320\002\124"
-"\021\330\311\321\126\271\166\113\271\253\172\346\315\272\366\014"
-"\004\326\176\326\260\012\145\254\116\071\343\361\367\055\243\045"
-"\071\357\260\213\317\276\333\014\135\156\160\364\007\315\160\367"
-"\072\300\076\065\026\355\170\214\103\317\302\046\056\107\326\206"
-"\175\234\361\276\326\147\014\042\045\244\312\145\346\037\172\170"
-"\050\057\077\005\333\004\041\277\341\105\146\376\074\267\202\355"
-"\132\270\026\025\271\125\002\003\001\000\001\243\202\001\024\060"
-"\202\001\020\060\040\006\003\125\035\021\004\031\060\027\244\025"
-"\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123"
-"\120\040\061\055\063\060\065\006\003\125\035\037\004\056\060\054"
-"\060\052\240\050\240\046\206\044\150\164\164\160\072\057\057\143"
-"\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057"
-"\160\143\141\063\056\061\056\061\056\143\162\154\060\023\006\003"
-"\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007\003"
-"\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066\060"
-"\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046\026"
-"\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145\162"
-"\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057\163"
-"\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060\073"
-"\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001\060"
-"\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150"
-"\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163"
-"\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003\125"
-"\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004\003"
-"\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\003\201\201\000\002\366\123\143\300\251\036\362\320\213"
-"\063\060\217\110\233\114\260\126\264\203\161\112\276\334\120\330"
-"\365\266\340\013\333\275\170\117\351\317\011\064\332\051\111\235"
-"\001\163\132\221\221\202\124\054\023\012\323\167\043\317\067\374"
-"\143\336\247\343\366\267\265\151\105\050\111\303\221\334\252\107"
-"\034\251\210\231\054\005\052\215\215\212\372\142\342\132\267\000"
-"\040\135\071\304\050\302\313\374\236\250\211\256\133\075\216\022"
-"\352\062\262\374\353\024\327\011\025\032\300\315\033\325\265\025"
-"\116\101\325\226\343\116"
-, (PRUint32)934 }
-};
-static const NSSItem nss_builtins_items_169 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Class 3 Public Primary OCSP Responder", (PRUint32)47 },
- { (void *)"\265\355\267\332\046\072\126\164\322\042\105\060\324\307\217\172"
-"\007\365\345\137"
-, (PRUint32)20 },
- { (void *)"\175\121\222\311\166\203\230\026\336\214\263\206\304\175\146\373"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151"
-"\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004"
-"\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151"
-"\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\056\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_170 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Secure Server OCSP Responder", (PRUint32)38 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003"
-"\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166"
-"\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145"
-"\162"
-, (PRUint32)161 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\000\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117"
-"\336"
-, (PRUint32)17 },
- { (void *)"\060\202\003\237\060\202\003\014\240\003\002\001\002\002\021\000"
-"\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117\336"
-"\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060"
-"\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061\040"
-"\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141\164"
-"\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143\056"
-"\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165\162"
-"\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\060\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060"
-"\132\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132"
-"\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003"
-"\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166"
-"\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145"
-"\162\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001"
-"\001\005\000\003\201\215\000\060\201\211\002\201\201\000\270\121"
-"\231\144\205\016\356\263\012\150\360\277\143\166\035\123\365\374"
-"\241\170\214\063\356\237\364\276\071\332\233\017\115\107\251\217"
-"\040\350\113\104\275\316\315\173\220\321\060\350\220\304\045\173"
-"\211\050\336\275\366\223\035\377\271\377\222\265\251\215\344\256"
-"\314\342\303\007\203\152\243\162\020\001\047\142\042\246\065\046"
-"\071\055\236\317\140\014\374\107\244\327\320\102\170\247\035\154"
-"\320\313\117\025\247\051\012\264\225\105\304\261\347\132\011\327"
-"\071\225\330\035\065\236\302\275\263\135\301\014\113\037\002\003"
-"\001\000\001\243\202\001\035\060\202\001\031\060\040\006\003\125"
-"\035\021\004\031\060\027\244\025\060\023\061\021\060\017\006\003"
-"\125\004\003\023\010\117\103\123\120\040\061\055\064\060\076\006"
-"\003\125\035\037\004\067\060\065\060\063\240\061\240\057\206\055"
-"\150\164\164\160\072\057\057\143\162\154\056\166\145\162\151\163"
-"\151\147\156\056\143\157\155\057\122\123\101\123\145\143\165\162"
-"\145\123\145\162\166\145\162\055\160\056\143\162\154\060\023\006"
-"\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007"
-"\003\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066"
-"\060\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046"
-"\026\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145"
-"\162\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057"
-"\163\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060"
-"\073\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001"
-"\060\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034"
-"\150\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151"
-"\163\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003"
-"\125\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004"
-"\003\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001"
-"\005\005\000\003\176\000\000\263\020\123\146\234\111\223\056\061"
-"\240\002\102\322\130\127\176\146\241\376\033\212\141\030\120\100"
-"\054\036\053\101\245\326\333\377\254\010\034\132\005\155\002\134"
-"\052\266\226\117\107\333\276\116\333\316\314\272\206\270\030\316"
-"\261\022\221\137\143\367\363\110\076\314\361\115\023\344\155\011"
-"\224\170\000\222\313\243\040\235\006\013\152\240\103\007\316\321"
-"\031\154\217\030\165\232\237\027\063\375\251\046\270\343\342\336"
-"\302\250\304\132\212\177\230\326\007\006\153\314\126\236\206\160"
-"\316\324\357"
-, (PRUint32)931 }
-};
-static const NSSItem nss_builtins_items_171 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Secure Server OCSP Responder", (PRUint32)38 },
- { (void *)"\161\236\140\141\327\175\054\203\361\242\135\074\366\215\002\274"
-"\224\070\305\056"
-, (PRUint32)20 },
- { (void *)"\054\142\303\330\200\001\026\011\352\131\352\170\253\020\103\366"
-, (PRUint32)16 },
- { (void *)"\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061"
-"\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141"
-"\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143"
-"\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165"
-"\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146"
-"\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164"
-"\171"
-, (PRUint32)97 },
- { (void *)"\000\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117"
-"\336"
-, (PRUint32)17 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_172 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Time Stamping Authority CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\245\061\027\060\025\006\003\125\004\012\023\016\126\145"
-"\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035"
-"\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040"
-"\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060"
-"\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146"
-"\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057"
-"\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155"
-"\057\162\160\141\040\050\143\051\060\060\061\054\060\052\006\003"
-"\125\004\003\023\043\126\145\162\151\123\151\147\156\040\124\151"
-"\155\145\040\123\164\141\155\160\151\156\147\040\101\165\164\150"
-"\157\162\151\164\171\040\103\101"
-, (PRUint32)168 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\123\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011"
-, (PRUint32)16 },
- { (void *)"\060\202\003\315\060\202\003\066\240\003\002\001\002\002\020\123"
-"\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011\060"
-"\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201"
-"\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027"
-"\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013"
-"\023\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143"
-"\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061"
-"\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147"
-"\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165"
-"\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154"
-"\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151"
-"\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157"
-"\162\153\060\036\027\015\060\060\060\071\062\066\060\060\060\060"
-"\060\060\132\027\015\061\060\060\071\062\065\062\063\065\071\065"
-"\071\132\060\201\245\061\027\060\025\006\003\125\004\012\023\016"
-"\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061\037"
-"\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147"
-"\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061"
-"\073\060\071\006\003\125\004\013\023\062\124\145\162\155\163\040"
-"\157\146\040\165\163\145\040\141\164\040\150\164\164\160\163\072"
-"\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056\143"
-"\157\155\057\162\160\141\040\050\143\051\060\060\061\054\060\052"
-"\006\003\125\004\003\023\043\126\145\162\151\123\151\147\156\040"
-"\124\151\155\145\040\123\164\141\155\160\151\156\147\040\101\165"
-"\164\150\157\162\151\164\171\040\103\101\060\201\237\060\015\006"
-"\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000"
-"\060\201\211\002\201\201\000\322\031\235\147\302\000\041\131\142"
-"\316\264\011\042\104\151\212\370\045\132\333\355\015\267\066\176"
-"\116\340\273\224\076\220\045\207\302\141\107\051\331\275\124\270"
-"\143\314\054\175\151\264\063\066\364\067\007\232\301\335\100\124"
-"\374\340\170\235\240\223\271\011\075\043\121\177\104\302\024\164"
-"\333\012\276\313\311\060\064\100\230\076\320\327\045\020\201\224"
-"\275\007\117\234\326\124\047\337\056\250\277\313\220\214\215\165"
-"\113\274\342\350\104\207\315\346\101\012\045\156\350\364\044\002"
-"\305\122\017\156\354\230\165\002\003\001\000\001\243\201\337\060"
-"\201\334\060\017\006\003\125\035\023\004\010\060\006\001\001\377"
-"\002\001\000\060\105\006\003\125\035\040\004\076\060\074\060\072"
-"\006\014\140\206\110\001\206\370\105\001\007\027\001\003\060\052"
-"\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150\164"
-"\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163\151"
-"\147\156\056\143\157\155\057\162\160\141\060\061\006\003\125\035"
-"\037\004\052\060\050\060\046\240\044\240\042\206\040\150\164\164"
-"\160\072\057\057\143\162\154\056\166\145\162\151\163\151\147\156"
-"\056\143\157\155\057\160\143\141\063\056\143\162\154\060\013\006"
-"\003\125\035\017\004\004\003\002\001\006\060\102\006\010\053\006"
-"\001\005\005\007\001\001\004\066\060\064\060\062\006\010\053\006"
-"\001\005\005\007\060\001\246\046\026\044\150\164\164\160\072\057"
-"\057\157\143\163\160\056\166\145\162\151\163\151\147\156\056\143"
-"\157\155\057\157\143\163\160\057\163\164\141\164\165\163\060\015"
-"\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201"
-"\000\202\160\150\225\337\266\015\302\001\160\031\112\322\124\126"
-"\036\254\362\105\114\207\270\365\065\353\170\113\005\251\310\235"
-"\073\031\041\056\160\064\112\242\365\211\340\025\165\105\347\050"
-"\067\000\064\047\051\350\067\113\362\357\104\227\153\027\121\032"
-"\303\126\235\074\032\212\366\112\106\106\067\214\372\313\365\144"
-"\132\070\150\056\034\303\357\160\316\270\106\006\026\277\367\176"
-"\347\265\250\076\105\254\251\045\165\042\173\157\077\260\234\224"
-"\347\307\163\253\254\037\356\045\233\300\026\355\267\312\133\360"
-"\024"
-, (PRUint32)977 }
-};
-static const NSSItem nss_builtins_items_173 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Verisign Time Stamping Authority CA", (PRUint32)36 },
- { (void *)"\246\017\064\310\142\154\201\366\213\367\175\251\366\147\130\212"
-"\220\077\175\066"
-, (PRUint32)20 },
- { (void *)"\211\111\124\214\310\150\232\203\051\354\334\006\163\041\253\227"
-, (PRUint32)16 },
- { (void *)"\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123"
-"\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125"
-"\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154"
-"\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151"
-"\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151"
-"\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013"
-"\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123"
-"\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040"
-"\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157"
-"\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145"
-"\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164"
-"\167\157\162\153"
-, (PRUint32)196 },
- { (void *)"\123\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_174 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Time Stamping CA", (PRUint32)24 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007"
-"\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060"
-"\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035"
-"\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060"
-"\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124"
-"\151\155\145\163\164\141\155\160\151\156\147\040\103\101"
-, (PRUint32)142 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007"
-"\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060"
-"\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035"
-"\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060"
-"\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124"
-"\151\155\145\163\164\141\155\160\151\156\147\040\103\101"
-, (PRUint32)142 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)"\060\202\002\241\060\202\002\012\240\003\002\001\002\002\001\000"
-"\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060"
-"\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101\061"
-"\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162"
-"\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007\023"
-"\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060\015"
-"\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035\060"
-"\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040\103"
-"\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060\035"
-"\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124\151"
-"\155\145\163\164\141\155\160\151\156\147\040\103\101\060\036\027"
-"\015\071\067\060\061\060\061\060\060\060\060\060\060\132\027\015"
-"\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\213"
-"\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060"
-"\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040"
-"\103\141\160\145\061\024\060\022\006\003\125\004\007\023\013\104"
-"\165\162\142\141\156\166\151\154\154\145\061\017\060\015\006\003"
-"\125\004\012\023\006\124\150\141\167\164\145\061\035\060\033\006"
-"\003\125\004\013\023\024\124\150\141\167\164\145\040\103\145\162"
-"\164\151\146\151\143\141\164\151\157\156\061\037\060\035\006\003"
-"\125\004\003\023\026\124\150\141\167\164\145\040\124\151\155\145"
-"\163\164\141\155\160\151\156\147\040\103\101\060\201\237\060\015"
-"\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215"
-"\000\060\201\211\002\201\201\000\326\053\130\170\141\105\206\123"
-"\352\064\173\121\234\355\260\346\056\030\016\376\340\137\250\047"
-"\323\264\311\340\174\131\116\026\016\163\124\140\301\177\366\237"
-"\056\351\072\205\044\025\074\333\107\004\143\303\236\304\224\032"
-"\132\337\114\172\363\331\103\035\074\020\172\171\045\333\220\376"
-"\360\121\347\060\326\101\000\375\237\050\337\171\276\224\273\235"
-"\266\024\343\043\205\327\251\101\340\114\244\171\260\053\032\213"
-"\362\370\073\212\076\105\254\161\222\000\264\220\101\230\373\137"
-"\355\372\267\056\212\370\210\067\002\003\001\000\001\243\023\060"
-"\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001"
-"\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005"
-"\000\003\201\201\000\147\333\342\302\346\207\075\100\203\206\067"
-"\065\175\037\316\232\303\014\146\040\250\272\252\004\211\206\302"
-"\365\020\010\015\277\313\242\005\212\320\115\066\076\364\327\357"
-"\151\306\136\344\260\224\157\112\271\347\336\133\210\266\173\333"
-"\343\047\345\166\303\360\065\301\313\265\047\233\063\171\334\220"
-"\246\000\236\167\372\374\315\047\224\102\026\234\323\034\150\354"
-"\277\134\335\345\251\173\020\012\062\164\124\023\061\213\205\003"
-"\204\221\267\130\001\060\024\070\257\050\312\374\261\120\031\031"
-"\011\254\211\111\323"
-, (PRUint32)677 }
-};
-static const NSSItem nss_builtins_items_175 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Thawte Time Stamping CA", (PRUint32)24 },
- { (void *)"\276\066\244\126\057\262\356\005\333\263\323\043\043\255\364\105"
-"\010\116\326\126"
-, (PRUint32)20 },
- { (void *)"\177\146\172\161\323\353\151\170\040\232\121\024\235\203\332\040"
-, (PRUint32)16 },
- { (void *)"\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101"
-"\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145"
-"\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007"
-"\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060"
-"\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035"
-"\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060"
-"\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124"
-"\151\155\145\163\164\141\155\160\151\156\147\040\103\101"
-, (PRUint32)142 },
- { (void *)"\000"
-, (PRUint32)1 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_176 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"E-Certify CA", (PRUint32)13 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061"
-"\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164"
-"\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104"
-"\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003"
-"\023\014\105\055\103\145\162\164\151\146\171\040\103\101"
-, (PRUint32)78 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061"
-"\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164"
-"\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104"
-"\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003"
-"\023\014\105\055\103\145\162\164\151\146\171\040\103\101"
-, (PRUint32)78 },
- { (void *)"\001\115\105\234"
-, (PRUint32)4 },
- { (void *)"\060\202\003\071\060\202\002\041\240\003\002\001\002\002\004\001"
-"\115\105\234\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\114\061\013\060\011\006\003\125\004\006\023\002\143"
-"\141\061\022\060\020\006\003\125\004\012\023\011\105\055\103\145"
-"\162\164\151\146\171\061\022\060\020\006\003\125\004\013\023\011"
-"\111\104\040\103\145\156\164\145\162\061\025\060\023\006\003\125"
-"\004\003\023\014\105\055\103\145\162\164\151\146\171\040\103\101"
-"\060\036\027\015\071\071\060\071\062\070\061\066\064\070\062\071"
-"\132\027\015\060\064\060\071\062\070\061\066\064\070\062\071\132"
-"\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061"
-"\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164"
-"\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104"
-"\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003"
-"\023\014\105\055\103\145\162\164\151\146\171\040\103\101\060\202"
-"\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005"
-"\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\272"
-"\233\246\161\200\125\164\111\051\125\166\033\307\066\225\060\054"
-"\062\011\121\356\060\244\153\150\207\107\330\050\012\027\177\157"
-"\250\232\040\266\253\001\322\256\240\105\106\065\002\002\374\332"
-"\340\040\162\012\063\015\223\160\270\004\220\111\371\150\070\273"
-"\015\021\156\071\135\130\172\306\043\146\351\273\027\062\046\350"
-"\354\022\150\207\051\314\271\345\117\314\210\033\355\225\161\241"
-"\123\042\056\355\203\134\376\062\127\114\122\123\070\341\025\155"
-"\000\125\111\207\044\313\344\026\110\270\231\345\332\172\337\243"
-"\205\230\164\302\371\253\153\111\315\377\102\315\270\055\264\200"
-"\313\114\172\065\374\220\277\115\323\000\355\317\214\377\117\071"
-"\373\172\170\360\016\015\111\177\123\076\024\233\046\250\252\311"
-"\273\341\321\033\335\034\060\257\001\346\233\046\006\144\274\357"
-"\130\114\132\105\225\120\304\054\076\164\130\351\074\257\373\303"
-"\253\122\004\332\044\362\261\304\366\133\323\110\340\301\204\060"
-"\174\321\165\077\344\123\163\135\211\330\356\100\117\011\227\227"
-"\205\143\215\325\240\256\206\203\153\333\124\150\136\350\113\002"
-"\003\001\000\001\243\043\060\041\060\014\006\003\125\035\023\004"
-"\005\060\003\001\001\377\060\021\006\011\140\206\110\001\206\370"
-"\102\001\001\004\004\003\002\000\007\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\202\001\001\000\163\076\031"
-"\174\330\126\321\305\377\012\235\347\266\315\227\363\247\341\101"
-"\310\176\202\065\377\233\226\322\013\357\161\362\020\345\104\313"
-"\222\350\016\132\346\076\304\364\225\151\002\274\013\126\200\271"
-"\161\027\143\036\101\111\052\065\352\034\325\144\253\111\355\013"
-"\076\213\124\241\115\050\150\352\275\267\201\077\065\171\202\367"
-"\064\274\171\210\045\236\200\347\317\250\025\257\362\341\025\053"
-"\007\121\340\324\215\112\112\003\300\042\053\271\150\112\200\303"
-"\250\205\010\325\247\052\275\313\247\143\175\243\260\312\126\140"
-"\154\105\341\312\277\024\122\012\302\305\145\354\241\075\037\100"
-"\371\120\132\344\064\012\157\302\164\254\174\314\047\352\343\207"
-"\245\123\310\336\174\076\135\102\122\132\353\005\150\246\030\062"
-"\140\040\170\153\160\024\140\041\202\011\075\036\126\300\025\141"
-"\000\121\145\262\061\022\371\306\112\006\274\137\364\071\037\166"
-"\232\211\170\351\066\202\332\265\157\213\177\211\265\114\367\145"
-"\030\134\201\363\356\120\326\335\354\151\110\237\053\265\336\076"
-"\275\372\274\154\153\147\123\233\261\223\271\221\106"
-, (PRUint32)829 }
-};
-static const NSSItem nss_builtins_items_177 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"E-Certify CA", (PRUint32)13 },
- { (void *)"\133\330\153\206\375\275\330\206\371\233\310\120\106\350\052\112"
-"\211\152\317\357"
-, (PRUint32)20 },
- { (void *)"\256\065\177\222\227\106\174\217\023\051\341\333\236\102\145\152"
-, (PRUint32)16 },
- { (void *)"\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061"
-"\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164"
-"\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104"
-"\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003"
-"\023\014\105\055\103\145\162\164\151\146\171\040\103\101"
-, (PRUint32)78 },
- { (void *)"\001\115\105\234"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_178 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"E-Certify RA", (PRUint32)13 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061"
-"\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164"
-"\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104"
-"\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003"
-"\023\014\105\055\103\145\162\164\151\146\171\040\122\101"
-, (PRUint32)78 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061"
-"\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164"
-"\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104"
-"\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003"
-"\023\014\105\055\103\145\162\164\151\146\171\040\103\101"
-, (PRUint32)78 },
- { (void *)"\001\117\353\020"
-, (PRUint32)4 },
- { (void *)"\060\202\003\071\060\202\002\041\240\003\002\001\002\002\004\001"
-"\117\353\020\060\015\006\011\052\206\110\206\367\015\001\001\005"
-"\005\000\060\114\061\013\060\011\006\003\125\004\006\023\002\143"
-"\141\061\022\060\020\006\003\125\004\012\023\011\105\055\103\145"
-"\162\164\151\146\171\061\022\060\020\006\003\125\004\013\023\011"
-"\111\104\040\103\145\156\164\145\162\061\025\060\023\006\003\125"
-"\004\003\023\014\105\055\103\145\162\164\151\146\171\040\103\101"
-"\060\036\027\015\071\071\060\071\063\060\061\066\065\070\065\067"
-"\132\027\015\060\064\060\071\062\067\061\066\065\070\065\067\132"
-"\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061"
-"\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164"
-"\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104"
-"\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003"
-"\023\014\105\055\103\145\162\164\151\146\171\040\122\101\060\202"
-"\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005"
-"\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\334"
-"\260\267\045\373\356\014\272\330\243\162\104\017\052\243\343\110"
-"\004\321\364\060\164\006\010\016\137\067\307\066\267\202\232\045"
-"\113\254\153\111\231\000\033\027\362\360\337\027\027\351\355\040"
-"\152\024\153\375\311\314\017\346\014\153\206\345\365\244\372\333"
-"\005\052\000\310\015\352\252\145\100\066\312\363\345\165\071\216"
-"\334\146\333\104\034\236\303\213\103\070\313\274\360\232\311\331"
-"\312\067\023\312\122\301\055\351\107\040\345\314\044\170\340\346"
-"\033\114\270\322\124\202\155\016\271\041\140\357\174\264\000\373"
-"\122\304\057\012\367\004\116\204\057\337\030\254\143\006\040\335"
-"\332\261\201\301\341\255\177\030\210\167\363\353\370\255\317\172"
-"\020\120\126\171\236\124\317\336\034\233\327\102\224\341\317\325"
-"\154\365\136\075\315\345\147\023\073\232\315\072\142\204\371\141"
-"\036\155\325\130\216\331\371\255\052\076\226\361\355\252\177\020"
-"\356\366\000\205\074\261\005\013\064\321\134\142\340\215\022\256"
-"\275\114\124\300\342\274\144\161\140\145\206\306\331\204\253\130"
-"\140\152\061\156\175\117\261\210\242\376\024\114\072\214\373\002"
-"\003\001\000\001\243\043\060\041\060\014\006\003\125\035\023\004"
-"\005\060\003\001\001\377\060\021\006\011\140\206\110\001\206\370"
-"\102\001\001\004\004\003\002\000\007\060\015\006\011\052\206\110"
-"\206\367\015\001\001\005\005\000\003\202\001\001\000\255\030\200"
-"\317\060\274\073\350\362\002\025\127\075\350\114\143\346\356\062"
-"\243\177\345\001\360\047\271\052\331\301\250\236\043\036\107\231"
-"\327\056\104\113\024\313\320\275\046\144\003\362\006\217\237\327"
-"\110\250\161\153\026\064\305\076\265\171\230\263\346\340\320\070"
-"\021\231\244\021\173\343\071\245\015\077\235\325\322\305\172\057"
-"\352\104\024\315\020\116\240\064\263\153\211\137\360\256\237\315"
-"\123\325\176\172\120\045\000\041\244\155\351\310\161\000\373\255"
-"\064\027\110\042\356\247\050\154\206\162\333\371\233\206\104\170"
-"\136\005\351\150\064\060\241\025\145\301\251\332\236\135\236\043"
-"\106\116\052\346\116\263\114\237\314\106\010\230\034\074\103\237"
-"\264\316\240\140\357\044\316\116\037\350\302\251\162\273\057\332"
-"\102\006\041\360\232\345\170\107\054\010\164\120\150\140\375\205"
-"\302\373\257\112\222\361\204\235\000\152\310\126\041\216\157\301"
-"\061\313\121\354\166\165\172\337\001\016\162\150\241\362\046\216"
-"\331\270\306\243\144\122\372\155\373\112\075\132\135\270\124\224"
-"\355\125\150\145\235\077\122\114\106\222\026\013\276"
-, (PRUint32)829 }
-};
-static const NSSItem nss_builtins_items_179 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"E-Certify RA", (PRUint32)13 },
- { (void *)"\217\051\011\013\006\302\070\314\160\305\251\355\227\147\210\315"
-"\066\332\335\131"
-, (PRUint32)20 },
- { (void *)"\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061"
-"\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164"
-"\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104"
-"\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003"
-"\023\014\105\055\103\145\162\164\151\146\171\040\103\101"
-, (PRUint32)78 },
- { (void *)"\001\117\353\020"
-, (PRUint32)4 },
- { (void *)"\245\273\012\243\320\307\124\025\130\336\153\122\020\121\272\050"
-, (PRUint32)16 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_180 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Global Secure Server CA", (PRUint32)36 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
-"\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157"
-"\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155"
-"\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003"
-"\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156"
-"\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145"
-"\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162"
-"\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123"
-"\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)189 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
-"\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157"
-"\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155"
-"\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003"
-"\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156"
-"\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145"
-"\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162"
-"\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123"
-"\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)189 },
- { (void *)"\070\233\021\074"
-, (PRUint32)4 },
- { (void *)"\060\202\004\225\060\202\003\376\240\003\002\001\002\002\004\070"
-"\233\021\074\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\060\201\272\061\024\060\022\006\003\125\004\012\023\013"
-"\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075\006"
-"\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165\163"
-"\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151\156"
-"\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154"
-"\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043"
-"\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040"
-"\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151"
-"\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156"
-"\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145"
-"\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143"
-"\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060"
-"\036\027\015\060\060\060\062\060\064\061\067\062\060\060\060\132"
-"\027\015\062\060\060\062\060\064\061\067\065\060\060\060\132\060"
-"\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156\164"
-"\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125\004"
-"\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056\156"
-"\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157\162"
-"\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151"
-"\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125"
-"\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156\164"
-"\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144"
-"\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165"
-"\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145"
-"\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151"
-"\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060"
-"\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201"
-"\215\000\060\201\211\002\201\201\000\307\301\137\116\161\361\316"
-"\360\140\206\017\322\130\177\323\063\227\055\027\242\165\060\265"
-"\226\144\046\057\150\303\104\253\250\165\346\000\147\064\127\236"
-"\145\307\042\233\163\346\323\335\010\016\067\125\252\045\106\201"
-"\154\275\376\250\366\165\127\127\214\220\154\112\303\076\213\113"
-"\103\012\311\021\126\232\232\047\042\231\317\125\236\141\331\002"
-"\342\174\266\174\070\007\334\343\177\117\232\271\003\101\200\266"
-"\165\147\023\013\237\350\127\066\310\135\000\066\336\146\024\332"
-"\156\166\037\117\067\214\202\023\211\002\003\001\000\001\243\202"
-"\001\244\060\202\001\240\060\021\006\011\140\206\110\001\206\370"
-"\102\001\001\004\004\003\002\000\007\060\201\343\006\003\125\035"
-"\037\004\201\333\060\201\330\060\201\325\240\201\322\240\201\317"
-"\244\201\314\060\201\311\061\024\060\022\006\003\125\004\012\023"
-"\013\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075"
-"\006\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165"
-"\163\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151"
-"\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050"
-"\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060"
-"\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060"
-"\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155"
-"\151\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105"
-"\156\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162"
-"\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\061\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060"
-"\053\006\003\125\035\020\004\044\060\042\200\017\062\060\060\060"
-"\060\062\060\064\061\067\062\060\060\060\132\201\017\062\060\062"
-"\060\060\062\060\064\061\067\065\060\060\060\132\060\013\006\003"
-"\125\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043"
-"\004\030\060\026\200\024\313\154\300\153\343\273\076\313\374\042"
-"\234\376\373\213\222\234\260\362\156\042\060\035\006\003\125\035"
-"\016\004\026\004\024\313\154\300\153\343\273\076\313\374\042\234"
-"\376\373\213\222\234\260\362\156\042\060\014\006\003\125\035\023"
-"\004\005\060\003\001\001\377\060\035\006\011\052\206\110\206\366"
-"\175\007\101\000\004\020\060\016\033\010\126\065\056\060\072\064"
-"\056\060\003\002\004\220\060\015\006\011\052\206\110\206\367\015"
-"\001\001\004\005\000\003\201\201\000\142\333\201\221\316\310\232"
-"\167\102\057\354\275\047\243\123\017\120\033\352\116\222\360\251"
-"\257\251\240\272\110\141\313\357\311\006\357\037\325\364\356\337"
-"\126\055\346\312\152\031\163\252\123\276\222\263\120\002\266\205"
-"\046\162\143\330\165\120\142\165\024\267\263\120\032\077\312\021"
-"\000\013\205\105\151\155\266\245\256\121\341\112\334\202\077\154"
-"\214\064\262\167\153\331\002\366\177\016\352\145\004\361\315\124"
-"\312\272\311\314\340\204\367\310\076\021\227\323\140\011\030\274"
-"\005\377\154\211\063\360\354\025\017"
-, (PRUint32)1177 }
-};
-static const NSSItem nss_builtins_items_181 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Global Secure Server CA", (PRUint32)36 },
- { (void *)"\211\071\127\156\027\215\367\005\170\017\314\136\310\117\204\366"
-"\045\072\110\223"
-, (PRUint32)20 },
- { (void *)"\235\146\152\314\377\325\365\103\264\277\214\026\321\053\250\231"
-, (PRUint32)16 },
- { (void *)"\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125"
-"\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157"
-"\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155"
-"\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003"
-"\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156"
-"\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145"
-"\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162"
-"\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123"
-"\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164"
-"\151\157\156\040\101\165\164\150\157\162\151\164\171"
-, (PRUint32)189 },
- { (void *)"\070\233\021\074"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-static const NSSItem nss_builtins_items_182 [] = {
- { (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Global Secure Personal CA", (PRUint32)38 },
- { (void *)&ckc_x_509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171"
-, (PRUint32)183 },
- { (void *)"0", (PRUint32)2 },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171"
-, (PRUint32)183 },
- { (void *)"\070\236\366\344"
-, (PRUint32)4 },
- { (void *)"\060\202\004\203\060\202\003\354\240\003\002\001\002\002\004\070"
-"\236\366\344\060\015\006\011\052\206\110\206\367\015\001\001\004"
-"\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013"
-"\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006"
-"\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163"
-"\164\056\156\145\164\057\107\103\103\101\137\103\120\123\040\151"
-"\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050"
-"\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060"
-"\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060"
-"\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155"
-"\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105"
-"\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145\156"
-"\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040"
-"\101\165\164\150\157\162\151\164\171\060\036\027\015\060\060\060"
-"\062\060\067\061\066\061\066\064\060\132\027\015\062\060\060\062"
-"\060\067\061\066\064\066\064\060\132\060\201\264\061\024\060\022"
-"\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156"
-"\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167"
-"\056\145\156\164\162\165\163\164\056\156\145\164\057\107\103\103"
-"\101\137\103\120\123\040\151\156\143\157\162\160\056\040\142\171"
-"\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151"
-"\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050"
-"\143\051\040\062\060\060\060\040\105\156\164\162\165\163\164\056"
-"\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006"
-"\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145"
-"\164\040\103\154\151\145\156\164\040\103\145\162\164\151\146\151"
-"\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171"
-"\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001"
-"\005\000\003\201\215\000\060\201\211\002\201\201\000\223\164\264"
-"\266\344\305\113\326\241\150\177\142\325\354\367\121\127\263\162"
-"\112\230\365\320\211\311\255\143\315\115\065\121\152\204\324\255"
-"\311\150\171\157\270\353\021\333\207\256\134\044\121\023\361\124"
-"\045\204\257\051\053\237\343\200\342\331\313\335\306\105\111\064"
-"\210\220\136\001\227\357\352\123\246\335\374\301\336\113\052\045"
-"\344\351\065\372\125\005\006\345\211\172\352\244\021\127\073\374"
-"\174\075\066\315\147\065\155\244\251\045\131\275\146\365\371\047"
-"\344\225\147\326\077\222\200\136\362\064\175\053\205\002\003\001"
-"\000\001\243\202\001\236\060\202\001\232\060\021\006\011\140\206"
-"\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201\335"
-"\006\003\125\035\037\004\201\325\060\201\322\060\201\317\240\201"
-"\314\240\201\311\244\201\306\060\201\303\061\024\060\022\006\003"
-"\125\004\012\023\013\105\156\164\162\165\163\164\056\156\145\164"
-"\061\100\060\076\006\003\125\004\013\024\067\167\167\167\056\145"
-"\156\164\162\165\163\164\056\156\145\164\057\107\103\103\101\137"
-"\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162"
-"\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141\142"
-"\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143\051"
-"\040\062\060\060\060\040\105\156\164\162\165\163\164\056\156\145"
-"\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125"
-"\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040"
-"\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141"
-"\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015"
-"\060\013\006\003\125\004\003\023\004\103\122\114\061\060\053\006"
-"\003\125\035\020\004\044\060\042\200\017\062\060\060\060\060\062"
-"\060\067\061\066\061\066\064\060\132\201\017\062\060\062\060\060"
-"\062\060\067\061\066\064\066\064\060\132\060\013\006\003\125\035"
-"\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030"
-"\060\026\200\024\204\213\164\375\305\215\300\377\047\155\040\067"
-"\105\174\376\055\316\272\323\175\060\035\006\003\125\035\016\004"
-"\026\004\024\204\213\164\375\305\215\300\377\047\155\040\067\105"
-"\174\376\055\316\272\323\175\060\014\006\003\125\035\023\004\005"
-"\060\003\001\001\377\060\035\006\011\052\206\110\206\366\175\007"
-"\101\000\004\020\060\016\033\010\126\065\056\060\072\064\056\060"
-"\003\002\004\220\060\015\006\011\052\206\110\206\367\015\001\001"
-"\004\005\000\003\201\201\000\116\157\065\200\073\321\212\365\016"
-"\247\040\313\055\145\125\320\222\364\347\204\265\006\046\203\022"
-"\204\013\254\073\262\104\356\275\317\100\333\040\016\272\156\024"
-"\352\060\340\073\142\174\177\213\153\174\112\247\325\065\074\276"
-"\250\134\352\113\273\223\216\200\146\253\017\051\375\115\055\277"
-"\032\233\012\220\305\253\332\321\263\206\324\057\044\122\134\172"
-"\155\306\362\376\345\115\032\060\214\220\362\272\327\112\076\103"
-"\176\324\310\120\032\207\370\117\201\307\166\013\204\072\162\235"
-"\316\145\146\227\256\046\136"
-, (PRUint32)1159 }
-};
-static const NSSItem nss_builtins_items_183 [] = {
- { (void *)&cko_netscape_trust, (PRUint32)sizeof(CK_OBJECT_CLASS) },
- { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) },
- { (void *)"Entrust.net Global Secure Personal CA", (PRUint32)38 },
- { (void *)"\317\164\277\377\233\206\201\133\010\063\124\100\066\076\207\266"
-"\266\360\277\163"
-, (PRUint32)20 },
- { (void *)"\232\167\031\030\355\226\317\337\033\267\016\365\215\271\210\056"
-, (PRUint32)16 },
- { (void *)"\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156"
-"\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125"
-"\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056"
-"\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143"
-"\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151"
-"\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006"
-"\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105"
-"\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164"
-"\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164"
-"\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040"
-"\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165"
-"\164\150\157\162\151\164\171"
-, (PRUint32)183 },
- { (void *)"\070\236\366\344"
-, (PRUint32)4 },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) },
- { (void *)&ckt_netscape_trusted_delegator, (PRUint32)sizeof(CK_TRUST) }
-};
-
-PR_IMPLEMENT_DATA(const builtinsInternalObject)
-nss_builtins_data[] = {
-#ifdef DEBUG
- { 7, nss_builtins_types_0, nss_builtins_items_0 },
-#endif /* DEBUG */
- { 5, nss_builtins_types_1, nss_builtins_items_1 },
- { 11, nss_builtins_types_2, nss_builtins_items_2 },
- { 12, nss_builtins_types_3, nss_builtins_items_3 },
- { 11, nss_builtins_types_4, nss_builtins_items_4 },
- { 12, nss_builtins_types_5, nss_builtins_items_5 },
- { 11, nss_builtins_types_6, nss_builtins_items_6 },
- { 12, nss_builtins_types_7, nss_builtins_items_7 },
- { 11, nss_builtins_types_8, nss_builtins_items_8 },
- { 12, nss_builtins_types_9, nss_builtins_items_9 },
- { 11, nss_builtins_types_10, nss_builtins_items_10 },
- { 12, nss_builtins_types_11, nss_builtins_items_11 },
- { 11, nss_builtins_types_12, nss_builtins_items_12 },
- { 12, nss_builtins_types_13, nss_builtins_items_13 },
- { 11, nss_builtins_types_14, nss_builtins_items_14 },
- { 12, nss_builtins_types_15, nss_builtins_items_15 },
- { 11, nss_builtins_types_16, nss_builtins_items_16 },
- { 12, nss_builtins_types_17, nss_builtins_items_17 },
- { 11, nss_builtins_types_18, nss_builtins_items_18 },
- { 12, nss_builtins_types_19, nss_builtins_items_19 },
- { 11, nss_builtins_types_20, nss_builtins_items_20 },
- { 12, nss_builtins_types_21, nss_builtins_items_21 },
- { 11, nss_builtins_types_22, nss_builtins_items_22 },
- { 12, nss_builtins_types_23, nss_builtins_items_23 },
- { 11, nss_builtins_types_24, nss_builtins_items_24 },
- { 12, nss_builtins_types_25, nss_builtins_items_25 },
- { 11, nss_builtins_types_26, nss_builtins_items_26 },
- { 12, nss_builtins_types_27, nss_builtins_items_27 },
- { 11, nss_builtins_types_28, nss_builtins_items_28 },
- { 12, nss_builtins_types_29, nss_builtins_items_29 },
- { 11, nss_builtins_types_30, nss_builtins_items_30 },
- { 12, nss_builtins_types_31, nss_builtins_items_31 },
- { 11, nss_builtins_types_32, nss_builtins_items_32 },
- { 12, nss_builtins_types_33, nss_builtins_items_33 },
- { 11, nss_builtins_types_34, nss_builtins_items_34 },
- { 12, nss_builtins_types_35, nss_builtins_items_35 },
- { 11, nss_builtins_types_36, nss_builtins_items_36 },
- { 12, nss_builtins_types_37, nss_builtins_items_37 },
- { 11, nss_builtins_types_38, nss_builtins_items_38 },
- { 12, nss_builtins_types_39, nss_builtins_items_39 },
- { 11, nss_builtins_types_40, nss_builtins_items_40 },
- { 12, nss_builtins_types_41, nss_builtins_items_41 },
- { 11, nss_builtins_types_42, nss_builtins_items_42 },
- { 12, nss_builtins_types_43, nss_builtins_items_43 },
- { 11, nss_builtins_types_44, nss_builtins_items_44 },
- { 12, nss_builtins_types_45, nss_builtins_items_45 },
- { 11, nss_builtins_types_46, nss_builtins_items_46 },
- { 12, nss_builtins_types_47, nss_builtins_items_47 },
- { 11, nss_builtins_types_48, nss_builtins_items_48 },
- { 12, nss_builtins_types_49, nss_builtins_items_49 },
- { 11, nss_builtins_types_50, nss_builtins_items_50 },
- { 12, nss_builtins_types_51, nss_builtins_items_51 },
- { 11, nss_builtins_types_52, nss_builtins_items_52 },
- { 12, nss_builtins_types_53, nss_builtins_items_53 },
- { 11, nss_builtins_types_54, nss_builtins_items_54 },
- { 12, nss_builtins_types_55, nss_builtins_items_55 },
- { 11, nss_builtins_types_56, nss_builtins_items_56 },
- { 12, nss_builtins_types_57, nss_builtins_items_57 },
- { 11, nss_builtins_types_58, nss_builtins_items_58 },
- { 12, nss_builtins_types_59, nss_builtins_items_59 },
- { 11, nss_builtins_types_60, nss_builtins_items_60 },
- { 12, nss_builtins_types_61, nss_builtins_items_61 },
- { 11, nss_builtins_types_62, nss_builtins_items_62 },
- { 12, nss_builtins_types_63, nss_builtins_items_63 },
- { 11, nss_builtins_types_64, nss_builtins_items_64 },
- { 12, nss_builtins_types_65, nss_builtins_items_65 },
- { 11, nss_builtins_types_66, nss_builtins_items_66 },
- { 12, nss_builtins_types_67, nss_builtins_items_67 },
- { 11, nss_builtins_types_68, nss_builtins_items_68 },
- { 12, nss_builtins_types_69, nss_builtins_items_69 },
- { 11, nss_builtins_types_70, nss_builtins_items_70 },
- { 12, nss_builtins_types_71, nss_builtins_items_71 },
- { 11, nss_builtins_types_72, nss_builtins_items_72 },
- { 12, nss_builtins_types_73, nss_builtins_items_73 },
- { 11, nss_builtins_types_74, nss_builtins_items_74 },
- { 12, nss_builtins_types_75, nss_builtins_items_75 },
- { 11, nss_builtins_types_76, nss_builtins_items_76 },
- { 12, nss_builtins_types_77, nss_builtins_items_77 },
- { 11, nss_builtins_types_78, nss_builtins_items_78 },
- { 12, nss_builtins_types_79, nss_builtins_items_79 },
- { 11, nss_builtins_types_80, nss_builtins_items_80 },
- { 12, nss_builtins_types_81, nss_builtins_items_81 },
- { 11, nss_builtins_types_82, nss_builtins_items_82 },
- { 12, nss_builtins_types_83, nss_builtins_items_83 },
- { 11, nss_builtins_types_84, nss_builtins_items_84 },
- { 12, nss_builtins_types_85, nss_builtins_items_85 },
- { 11, nss_builtins_types_86, nss_builtins_items_86 },
- { 12, nss_builtins_types_87, nss_builtins_items_87 },
- { 11, nss_builtins_types_88, nss_builtins_items_88 },
- { 12, nss_builtins_types_89, nss_builtins_items_89 },
- { 11, nss_builtins_types_90, nss_builtins_items_90 },
- { 12, nss_builtins_types_91, nss_builtins_items_91 },
- { 11, nss_builtins_types_92, nss_builtins_items_92 },
- { 12, nss_builtins_types_93, nss_builtins_items_93 },
- { 11, nss_builtins_types_94, nss_builtins_items_94 },
- { 12, nss_builtins_types_95, nss_builtins_items_95 },
- { 11, nss_builtins_types_96, nss_builtins_items_96 },
- { 12, nss_builtins_types_97, nss_builtins_items_97 },
- { 11, nss_builtins_types_98, nss_builtins_items_98 },
- { 12, nss_builtins_types_99, nss_builtins_items_99 },
- { 11, nss_builtins_types_100, nss_builtins_items_100 },
- { 12, nss_builtins_types_101, nss_builtins_items_101 },
- { 11, nss_builtins_types_102, nss_builtins_items_102 },
- { 12, nss_builtins_types_103, nss_builtins_items_103 },
- { 11, nss_builtins_types_104, nss_builtins_items_104 },
- { 12, nss_builtins_types_105, nss_builtins_items_105 },
- { 11, nss_builtins_types_106, nss_builtins_items_106 },
- { 12, nss_builtins_types_107, nss_builtins_items_107 },
- { 11, nss_builtins_types_108, nss_builtins_items_108 },
- { 12, nss_builtins_types_109, nss_builtins_items_109 },
- { 11, nss_builtins_types_110, nss_builtins_items_110 },
- { 12, nss_builtins_types_111, nss_builtins_items_111 },
- { 11, nss_builtins_types_112, nss_builtins_items_112 },
- { 12, nss_builtins_types_113, nss_builtins_items_113 },
- { 11, nss_builtins_types_114, nss_builtins_items_114 },
- { 12, nss_builtins_types_115, nss_builtins_items_115 },
- { 11, nss_builtins_types_116, nss_builtins_items_116 },
- { 12, nss_builtins_types_117, nss_builtins_items_117 },
- { 11, nss_builtins_types_118, nss_builtins_items_118 },
- { 12, nss_builtins_types_119, nss_builtins_items_119 },
- { 11, nss_builtins_types_120, nss_builtins_items_120 },
- { 12, nss_builtins_types_121, nss_builtins_items_121 },
- { 11, nss_builtins_types_122, nss_builtins_items_122 },
- { 12, nss_builtins_types_123, nss_builtins_items_123 },
- { 11, nss_builtins_types_124, nss_builtins_items_124 },
- { 12, nss_builtins_types_125, nss_builtins_items_125 },
- { 11, nss_builtins_types_126, nss_builtins_items_126 },
- { 12, nss_builtins_types_127, nss_builtins_items_127 },
- { 11, nss_builtins_types_128, nss_builtins_items_128 },
- { 12, nss_builtins_types_129, nss_builtins_items_129 },
- { 11, nss_builtins_types_130, nss_builtins_items_130 },
- { 12, nss_builtins_types_131, nss_builtins_items_131 },
- { 11, nss_builtins_types_132, nss_builtins_items_132 },
- { 12, nss_builtins_types_133, nss_builtins_items_133 },
- { 11, nss_builtins_types_134, nss_builtins_items_134 },
- { 12, nss_builtins_types_135, nss_builtins_items_135 },
- { 11, nss_builtins_types_136, nss_builtins_items_136 },
- { 12, nss_builtins_types_137, nss_builtins_items_137 },
- { 11, nss_builtins_types_138, nss_builtins_items_138 },
- { 12, nss_builtins_types_139, nss_builtins_items_139 },
- { 11, nss_builtins_types_140, nss_builtins_items_140 },
- { 12, nss_builtins_types_141, nss_builtins_items_141 },
- { 11, nss_builtins_types_142, nss_builtins_items_142 },
- { 12, nss_builtins_types_143, nss_builtins_items_143 },
- { 11, nss_builtins_types_144, nss_builtins_items_144 },
- { 12, nss_builtins_types_145, nss_builtins_items_145 },
- { 11, nss_builtins_types_146, nss_builtins_items_146 },
- { 12, nss_builtins_types_147, nss_builtins_items_147 },
- { 11, nss_builtins_types_148, nss_builtins_items_148 },
- { 12, nss_builtins_types_149, nss_builtins_items_149 },
- { 11, nss_builtins_types_150, nss_builtins_items_150 },
- { 12, nss_builtins_types_151, nss_builtins_items_151 },
- { 11, nss_builtins_types_152, nss_builtins_items_152 },
- { 12, nss_builtins_types_153, nss_builtins_items_153 },
- { 11, nss_builtins_types_154, nss_builtins_items_154 },
- { 12, nss_builtins_types_155, nss_builtins_items_155 },
- { 11, nss_builtins_types_156, nss_builtins_items_156 },
- { 12, nss_builtins_types_157, nss_builtins_items_157 },
- { 11, nss_builtins_types_158, nss_builtins_items_158 },
- { 12, nss_builtins_types_159, nss_builtins_items_159 },
- { 11, nss_builtins_types_160, nss_builtins_items_160 },
- { 12, nss_builtins_types_161, nss_builtins_items_161 },
- { 11, nss_builtins_types_162, nss_builtins_items_162 },
- { 12, nss_builtins_types_163, nss_builtins_items_163 },
- { 11, nss_builtins_types_164, nss_builtins_items_164 },
- { 12, nss_builtins_types_165, nss_builtins_items_165 },
- { 11, nss_builtins_types_166, nss_builtins_items_166 },
- { 12, nss_builtins_types_167, nss_builtins_items_167 },
- { 11, nss_builtins_types_168, nss_builtins_items_168 },
- { 12, nss_builtins_types_169, nss_builtins_items_169 },
- { 11, nss_builtins_types_170, nss_builtins_items_170 },
- { 12, nss_builtins_types_171, nss_builtins_items_171 },
- { 11, nss_builtins_types_172, nss_builtins_items_172 },
- { 12, nss_builtins_types_173, nss_builtins_items_173 },
- { 11, nss_builtins_types_174, nss_builtins_items_174 },
- { 12, nss_builtins_types_175, nss_builtins_items_175 },
- { 11, nss_builtins_types_176, nss_builtins_items_176 },
- { 12, nss_builtins_types_177, nss_builtins_items_177 },
- { 11, nss_builtins_types_178, nss_builtins_items_178 },
- { 12, nss_builtins_types_179, nss_builtins_items_179 },
- { 11, nss_builtins_types_180, nss_builtins_items_180 },
- { 12, nss_builtins_types_181, nss_builtins_items_181 },
- { 11, nss_builtins_types_182, nss_builtins_items_182 },
- { 12, nss_builtins_types_183, nss_builtins_items_183 }
-};
-PR_IMPLEMENT_DATA(const PRUint32)
-#ifdef DEBUG
- nss_builtins_nObjects = 183+1;
-#else
- nss_builtins_nObjects = 183;
-#endif /* DEBUG */
diff --git a/security/nss/lib/ckfw/builtins/certdata.perl b/security/nss/lib/ckfw/builtins/certdata.perl
deleted file mode 100644
index 3d070e9bd..000000000
--- a/security/nss/lib/ckfw/builtins/certdata.perl
+++ /dev/null
@@ -1,292 +0,0 @@
-#!perl -w
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-my $cvs_id = '@(#) $RCSfile$ $Revision$ $Date$ $Name$';
-use strict;
-
-my %constants;
-my $count = 0;
-my $o;
-my @objects = ();
-my @objsize;
-my $cvsid;
-
-$constants{CKO_DATA} = "static const CK_OBJECT_CLASS cko_data = CKO_DATA;\n";
-$constants{CK_TRUE} = "static const CK_BBOOL ck_true = CK_TRUE;\n";
-$constants{CK_FALSE} = "static const CK_BBOOL ck_false = CK_FALSE;\n";
-
-while(<>) {
- my @fields = ();
- my $size;
-
- s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
- next if (/^\s*$/);
-
- if( /(^CVS_ID\s+)(.*)/ ) {
-# print "The CVS ID is $2\n";
- $cvsid = $2 . "\"; $cvs_id\"";
- my $scratch = $cvsid;
- $size = 1 + $scratch =~ s/[^"\n]//g;
- @{$objects[0][0]} = ( "CKA_CLASS", "&cko_data", "sizeof(CK_OBJECT_CLASS)" );
- @{$objects[0][1]} = ( "CKA_TOKEN", "&ck_true", "sizeof(CK_BBOOL)" );
- @{$objects[0][2]} = ( "CKA_PRIVATE", "&ck_false", "sizeof(CK_BBOOL)" );
- @{$objects[0][3]} = ( "CKA_MODIFIABLE", "&ck_false", "sizeof(CK_BBOOL)" );
- @{$objects[0][4]} = ( "CKA_LABEL", "\"CVS ID\"", "7" );
- @{$objects[0][5]} = ( "CKA_APPLICATION", "\"NSS\"", "4" );
- @{$objects[0][6]} = ( "CKA_VALUE", $cvsid, "$size" );
- $objsize[0] = 7;
- next;
- }
-
- # This was taken from the perl faq #4.
- my $text = $_;
- push(@fields, $+) while $text =~ m{
- "([^\"\\]*(?:\\.[^\"\\]*)*)"\s? # groups the phrase inside the quotes
- | ([^\s]+)\s?
- | \s
- }gx;
- push(@fields, undef) if substr($text,-1,1) eq '\s';
-
- if( $fields[0] =~ /BEGINDATA/ ) {
- next;
- }
-
- if( $fields[1] =~ /MULTILINE/ ) {
- $fields[2] = "";
- while(<>) {
- last if /END/;
- chomp;
- $fields[2] .= "\"$_\"\n";
- }
- }
-
- if( $fields[1] =~ /UTF8/ ) {
- if( $fields[2] =~ /^"/ ) {
- ;
- } else {
- $fields[2] = "\"" . $fields[2] . "\"";
- }
-
- my $scratch = $fields[2];
- $size = $scratch =~ s/[^"\n]//g; # should supposedly handle multilines, too..
- $size += 1; # null terminate
- }
-
- if( $fields[1] =~ /OCTAL/ ) {
- if( $fields[2] =~ /^"/ ) {
- ;
- } else {
- $fields[2] = "\"" . $fields[2] . "\"";
- }
-
- my $scratch = $fields[2];
- $size = $scratch =~ tr/\\//;
- # no null termination
- }
-
- if( $fields[1] =~ /^CK_/ ) {
- my $lcv = $fields[2];
- $lcv =~ tr/A-Z/a-z/;
- if( !defined($constants{$fields[2]}) ) {
- $constants{$fields[2]} = "static const $fields[1] $lcv = $fields[2];\n";
- }
-
- $size = "sizeof($fields[1])";
- $fields[2] = "&$lcv";
- }
-
- if( $fields[0] =~ /CKA_CLASS/ ) {
- $count++;
- $objsize[$count] = 0;
- }
-
- @{$objects[$count][$objsize[$count]++]} = ( "$fields[0]", $fields[2], "$size" );
-
- # print "$fields[0] | $fields[1] | $size | $fields[2]\n";
-}
-
-doprint();
-
-sub dudump {
-my $i;
-for( $i = 0; $i <= $count; $i++ ) {
- print "\n";
- $o = $objects[$i];
- my @ob = @{$o};
- my $l;
- my $j;
- for( $j = 0; $j < @ob; $j++ ) {
- $l = $ob[$j];
- my @a = @{$l};
- print "$a[0] ! $a[1] ! $a[2]\n";
- }
-}
-
-}
-
-sub doprint {
-my $i;
-
-open(CFILE, ">certdata.c") || die "Can't open certdata.c: $!";
-
-print CFILE <<EOD
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = $cvsid;
-#endif /* DEBUG */
-
-#ifndef BUILTINS_H
-#include "builtins.h"
-#endif /* BUILTINS_H */
-
-EOD
- ;
-
-while(($a,$b) = each(%constants)) {
- print CFILE $b;
-}
-
-for( $i = 0; $i <= $count; $i++ ) {
- if( 0 == $i ) {
- print CFILE "#ifdef DEBUG\n";
- }
-
- print CFILE "static const CK_ATTRIBUTE_TYPE nss_builtins_types_$i [] = {\n";
- $o = $objects[$i];
- # print STDOUT "type $i object $o \n";
- my @ob = @{$o};
- my $j;
- for( $j = 0; $j < @ob; $j++ ) {
- my $l = $ob[$j];
- my @a = @{$l};
- print CFILE " $a[0]";
- if( $j+1 != @ob ) {
- print CFILE ", ";
- }
- }
- print CFILE "\n};\n";
-
- if( 0 == $i ) {
- print CFILE "#endif /* DEBUG */\n";
- }
-}
-
-for( $i = 0; $i <= $count; $i++ ) {
- if( 0 == $i ) {
- print CFILE "#ifdef DEBUG\n";
- }
-
- print CFILE "static const NSSItem nss_builtins_items_$i [] = {\n";
- $o = $objects[$i];
- my @ob = @{$o};
- my $j;
- for( $j = 0; $j < @ob; $j++ ) {
- my $l = $ob[$j];
- my @a = @{$l};
- print CFILE " { (void *)$a[1], (PRUint32)$a[2] }";
- if( $j+1 != @ob ) {
- print CFILE ",\n";
- } else {
- print CFILE "\n";
- }
- }
- print CFILE "};\n";
-
- if( 0 == $i ) {
- print CFILE "#endif /* DEBUG */\n";
- }
-}
-
-print CFILE "\nPR_IMPLEMENT_DATA(const builtinsInternalObject)\n";
-print CFILE "nss_builtins_data[] = {\n";
-
-for( $i = 0; $i <= $count; $i++ ) {
-
- if( 0 == $i ) {
- print CFILE "#ifdef DEBUG\n";
- }
-
- print CFILE " { $objsize[$i], nss_builtins_types_$i, nss_builtins_items_$i }";
-
- if( $i == $count ) {
- print CFILE "\n";
- } else {
- print CFILE ",\n";
- }
-
- if( 0 == $i ) {
- print CFILE "#endif /* DEBUG */\n";
- }
-}
-
-print CFILE "};\n";
-
-print CFILE "PR_IMPLEMENT_DATA(const PRUint32)\n";
-print CFILE "#ifdef DEBUG\n";
-print CFILE " nss_builtins_nObjects = $count+1;\n";
-print CFILE "#else\n";
-print CFILE " nss_builtins_nObjects = $count;\n";
-print CFILE "#endif /* DEBUG */\n";
-}
diff --git a/security/nss/lib/ckfw/builtins/certdata.txt b/security/nss/lib/ckfw/builtins/certdata.txt
deleted file mode 100644
index 123eed0b0..000000000
--- a/security/nss/lib/ckfw/builtins/certdata.txt
+++ /dev/null
@@ -1,11707 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-#
-# certdata.txt
-#
-# This file contains the object definitions for the certs and other
-# information "built into" NSS.
-#
-# Object definitions:
-#
-# Certificates
-#
-# -- Attribute -- -- type -- -- value --
-# CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-# CKA_TOKEN CK_BBOOL CK_TRUE
-# CKA_PRIVATE CK_BBOOL CK_FALSE
-# CKA_MODIFIABLE CK_BBOOL CK_FALSE
-# CKA_LABEL UTF8 (varies)
-# CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-# CKA_SUBJECT DER+base64 (varies)
-# CKA_ID byte array (varies)
-# CKA_ISSUER DER+base64 (varies)
-# CKA_SERIAL_NUMBER DER+base64 (varies)
-# CKA_VALUE DER+base64 (varies)
-# CKA_NETSCAPE_EMAIL ASCII7 (unused here)
-#
-# Trust
-#
-# -- Attribute -- -- type -- -- value --
-# CKA_CLASS CK_OBJECT_CLASS CKO_TRUST
-# CKA_TOKEN CK_BBOOL CK_TRUE
-# CKA_PRIVATE CK_BBOOL CK_FALSE
-# CKA_MODIFIABLE CK_BBOOL CK_FALSE
-# CKA_LABEL UTF8 (varies)
-# CKA_ISSUER DER+base64 (varies)
-# CKA_SERIAL_NUMBER DER+base64 (varies)
-# CKA_CERT_HASH binary+base64 (varies)
-# CKA_EXPIRES CK_DATE (not used here)
-# CKA_TRUST_DIGITAL_SIGNATURE CK_TRUST (varies)
-# CKA_TRUST_NON_REPUDIATION CK_TRUST (varies)
-# CKA_TRUST_KEY_ENCIPHERMENT CK_TRUST (varies)
-# CKA_TRUST_DATA_ENCIPHERMENT CK_TRUST (varies)
-# CKA_TRUST_KEY_AGREEMENT CK_TRUST (varies)
-# CKA_TRUST_KEY_CERT_SIGN CK_TRUST (varies)
-# CKA_TRUST_CRL_SIGN CK_TRUST (varies)
-# CKA_TRUST_SERVER_AUTH CK_TRUST (varies)
-# CKA_TRUST_CLIENT_AUTH CK_TRUST (varies)
-# CKA_TRUST_CODE_SIGNING CK_TRUST (varies)
-# CKA_TRUST_EMAIL_PROTECTION CK_TRUST (varies)
-# CKA_TRUST_IPSEC_END_SYSTEM CK_TRUST (varies)
-# CKA_TRUST_IPSEC_TUNNEL CK_TRUST (varies)
-# CKA_TRUST_IPSEC_USER CK_TRUST (varies)
-# CKA_TRUST_TIME_STAMPING CK_TRUST (varies)
-# (other trust attributes can be defined)
-#
-
-#
-# The object to tell NSS that this is a root list and we don't
-# have to go looking for others.
-#
-BEGINDATA
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_BUILTIN_ROOT_LIST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Mozilla Builtin Roots"
-
-#
-# Certificate "Verisign/RSA Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign/RSA Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\255\146\176\116\105\376\136\127\157\074\230\031\136\335\300
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\064\060\202\001\241\002\020\002\255\146\176\116\105
-\376\136\127\157\074\230\031\136\335\300\060\015\006\011\052\206
-\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125\004
-\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143\165
-\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006\003
-\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162\166
-\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\064
-\061\061\060\071\060\060\060\060\060\060\132\027\015\061\060\060
-\061\060\067\062\063\065\071\065\071\132\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\040\060\036\006\003\125
-\004\012\023\027\122\123\101\040\104\141\164\141\040\123\145\143
-\165\162\151\164\171\054\040\111\156\143\056\061\056\060\054\006
-\003\125\004\013\023\045\123\145\143\165\162\145\040\123\145\162
-\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\201\233\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\211
-\000\060\201\205\002\176\000\222\316\172\301\256\203\076\132\252
-\211\203\127\254\045\001\166\014\255\256\216\054\067\316\353\065
-\170\144\124\003\345\204\100\121\311\277\217\010\342\212\202\010
-\322\026\206\067\125\351\261\041\002\255\166\150\201\232\005\242
-\113\311\113\045\146\042\126\154\210\007\217\367\201\131\155\204
-\007\145\160\023\161\166\076\233\167\114\343\120\211\126\230\110
-\271\035\247\051\032\023\056\112\021\131\234\036\025\325\111\124
-\054\163\072\151\202\261\227\071\234\155\160\147\110\345\335\055
-\326\310\036\173\002\003\001\000\001\060\015\006\011\052\206\110
-\206\367\015\001\001\002\005\000\003\176\000\145\335\176\341\262
-\354\260\342\072\340\354\161\106\232\031\021\270\323\307\240\264
-\003\100\046\002\076\011\234\341\022\263\321\132\366\067\245\267
-\141\003\266\133\026\151\073\306\104\010\014\210\123\014\153\227
-\111\307\076\065\334\154\271\273\252\337\134\273\072\057\223\140
-\266\251\113\115\362\040\367\315\137\177\144\173\216\334\000\134
-\327\372\167\312\071\026\131\157\016\352\323\265\203\177\115\115
-\102\126\166\264\311\137\004\370\070\370\353\322\137\165\137\315
-\173\374\345\216\200\174\374\120
-END
-
-# Trust for Certificate "Verisign/RSA Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign/RSA Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\104\143\305\061\327\314\301\000\147\224\141\053\266\126\323\277
-\202\127\204\157
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\164\173\202\003\103\360\000\236\153\263\354\107\277\205\245\223
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\255\146\176\116\105\376\136\127\157\074\230\031\136\335\300
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "VeriSign Class 4 Primary CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "VeriSign Class 4 Primary CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\064\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\064\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\246\000\000\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\061\060\202\001\232\002\005\002\246\000\000\001\060
-\015\006\011\052\206\110\206\367\015\001\001\002\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\071\066\060\061\062\071\060\060\060\060\060\060\132
-\027\015\071\071\061\062\063\061\062\063\065\071\065\071\132\060
-\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013
-\023\056\103\154\141\163\163\040\064\040\120\165\142\154\151\143
-\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001
-\005\000\003\201\215\000\060\201\211\002\201\201\000\320\262\165
-\366\170\320\256\132\120\364\351\120\251\237\214\327\357\221\224
-\160\350\322\044\220\166\211\205\326\337\254\346\001\027\062\200
-\360\235\223\107\274\232\145\235\037\227\256\277\351\206\165\143
-\040\211\275\200\130\235\004\014\235\250\301\044\351\013\345\061
-\170\275\374\055\014\067\152\236\170\200\351\106\165\371\355\243
-\373\023\173\310\301\114\322\243\357\365\074\260\142\217\112\135
-\073\335\225\147\217\023\271\301\074\326\247\046\233\354\303\073
-\172\331\115\274\155\233\350\025\001\343\360\107\251\002\003\001
-\000\001\060\015\006\011\052\206\110\206\367\015\001\001\002\005
-\000\003\201\201\000\123\335\323\360\234\044\176\100\252\342\374
-\000\032\327\332\014\374\062\141\270\025\015\226\363\372\127\033
-\177\063\174\257\351\230\232\141\310\172\263\267\377\261\334\231
-\203\334\254\022\374\160\311\037\070\102\355\104\366\200\056\133
-\153\063\151\254\234\323\134\347\137\132\030\307\261\055\171\004
-\226\101\221\231\101\261\074\015\272\204\071\306\073\227\360\046
-\311\216\356\275\314\102\225\377\036\307\002\077\124\014\170\365
-\274\252\140\174\002\151\350\334\254\342\002\166\141\304\076\003
-\352\322\212\044\321
-END
-
-# Trust for Certificate "VeriSign Class 4 Primary CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "VeriSign Class 4 Primary CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\116\375\137\146\357\164\326\266\237\211\164\113\045\326\173\311
-\216\245\172\171
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\033\321\255\027\213\177\042\023\044\365\046\342\135\116\271\020
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\064\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\246\000\000\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GTE CyberTrust Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125
-\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125
-\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\243
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\001\372\060\202\001\143\002\002\001\243\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\060\105\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003
-\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141
-\164\151\157\156\061\034\060\032\006\003\125\004\003\023\023\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\122\157
-\157\164\060\036\027\015\071\066\060\062\062\063\062\063\060\061
-\060\060\132\027\015\060\066\060\062\062\063\062\063\065\071\060
-\060\132\060\105\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040
-\103\157\162\160\157\162\141\164\151\157\156\061\034\060\032\006
-\003\125\004\003\023\023\107\124\105\040\103\171\142\145\162\124
-\162\165\163\164\040\122\157\157\164\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\270\346\117\272\333\230\174\161\174\257
-\104\267\323\017\106\331\144\345\223\301\102\216\307\272\111\215
-\065\055\172\347\213\275\345\005\061\131\306\261\057\012\014\373
-\237\247\077\242\011\146\204\126\036\067\051\033\207\351\176\014
-\312\232\237\245\177\365\025\224\243\325\242\106\202\330\150\114
-\321\067\025\006\150\257\275\370\260\263\360\051\365\225\132\011
-\026\141\167\012\042\045\324\117\105\252\307\275\345\226\337\371
-\324\250\216\102\314\044\300\036\221\047\112\265\155\006\200\143
-\071\304\242\136\070\003\002\003\001\000\001\060\015\006\011\052
-\206\110\206\367\015\001\001\004\005\000\003\201\201\000\022\263
-\165\306\137\035\341\141\125\200\000\324\201\113\173\061\017\043
-\143\347\075\363\003\371\364\066\250\273\331\343\245\227\115\352
-\053\051\340\326\152\163\201\346\300\211\243\323\361\340\245\245
-\042\067\232\143\302\110\040\264\333\162\343\310\366\331\174\276
-\261\257\123\332\024\264\041\270\326\325\226\343\376\116\014\131
-\142\266\232\112\371\102\335\214\157\201\251\161\377\364\012\162
-\155\155\104\016\235\363\164\164\250\325\064\111\351\136\236\351
-\264\172\341\345\132\037\204\060\234\323\237\245\045\330
-END
-
-# Trust for Certificate "GTE CyberTrust Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\220\336\336\236\114\116\237\157\330\206\027\127\235\323\221\274
-\145\246\211\144
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\304\327\360\262\243\305\175\141\147\360\004\315\103\323\272\130
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\105\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\034\060\032\006\003\125
-\004\003\023\023\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\243
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GTE CyberTrust Global Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Global Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
-\141\154\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
-\141\154\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\245
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\132\060\202\001\303\002\002\001\245\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\060\165\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\030\060\026\006\003
-\125\004\012\023\017\107\124\105\040\103\157\162\160\157\162\141
-\164\151\157\156\061\047\060\045\006\003\125\004\013\023\036\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\123\157
-\154\165\164\151\157\156\163\054\040\111\156\143\056\061\043\060
-\041\006\003\125\004\003\023\032\107\124\105\040\103\171\142\145
-\162\124\162\165\163\164\040\107\154\157\142\141\154\040\122\157
-\157\164\060\036\027\015\071\070\060\070\061\063\060\060\062\071
-\060\060\132\027\015\061\070\060\070\061\063\062\063\065\071\060
-\060\132\060\165\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040
-\103\157\162\160\157\162\141\164\151\157\156\061\047\060\045\006
-\003\125\004\013\023\036\107\124\105\040\103\171\142\145\162\124
-\162\165\163\164\040\123\157\154\165\164\151\157\156\163\054\040
-\111\156\143\056\061\043\060\041\006\003\125\004\003\023\032\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\107\154
-\157\142\141\154\040\122\157\157\164\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\225\017\240\266\360\120\234\350\172\307
-\210\315\335\027\016\056\260\224\320\033\075\016\366\224\300\212
-\224\307\006\310\220\227\310\270\144\032\172\176\154\074\123\341
-\067\050\163\140\177\262\227\123\007\237\123\371\155\130\224\322
-\257\215\155\210\147\200\346\355\262\225\317\162\061\312\245\034
-\162\272\134\002\347\144\102\347\371\251\054\326\072\015\254\215
-\102\252\044\001\071\346\234\077\001\205\127\015\130\207\105\370
-\323\205\252\223\151\046\205\160\110\200\077\022\025\307\171\264
-\037\005\057\073\142\231\002\003\001\000\001\060\015\006\011\052
-\206\110\206\367\015\001\001\004\005\000\003\201\201\000\155\353
-\033\011\351\136\331\121\333\147\042\141\244\052\074\110\167\343
-\240\174\246\336\163\242\024\003\205\075\373\253\016\060\305\203
-\026\063\201\023\010\236\173\064\116\337\100\310\164\327\271\175
-\334\364\166\125\175\233\143\124\030\351\360\352\363\134\261\331
-\213\102\036\271\300\225\116\272\372\325\342\174\365\150\141\277
-\216\354\005\227\137\133\260\327\243\205\064\304\044\247\015\017
-\225\223\357\313\224\330\236\037\235\134\205\155\307\252\256\117
-\037\042\265\315\225\255\272\247\314\371\253\013\172\177
-END
-
-# Trust for Certificate "GTE CyberTrust Global Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Global Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\227\201\171\120\330\034\226\160\314\064\330\011\317\171\104\061
-\066\176\364\164
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\312\075\323\150\361\003\134\320\062\372\270\053\131\350\132\333
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\165\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\043\060\041\006\003\125\004\003\023\032\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\107\154\157\142
-\141\154\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\245
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GTE CyberTrust Root 5"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Root 5"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\160\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\036\060\034\006\003\125\004\003\023\025\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\122\157\157\164
-\040\065
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\160\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\036\060\034\006\003\125\004\003\023\025\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\122\157\157\164
-\040\065
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\266
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\266\060\202\002\236\240\003\002\001\002\002\002\001
-\266\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\160\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\036\060\034\006\003\125\004\003\023\025\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\122\157\157\164
-\040\065\060\036\027\015\071\070\060\070\061\064\061\064\065\060
-\060\060\132\027\015\061\063\060\070\061\064\062\063\065\071\060
-\060\132\060\160\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\030\060\026\006\003\125\004\012\023\017\107\124\105\040
-\103\157\162\160\157\162\141\164\151\157\156\061\047\060\045\006
-\003\125\004\013\023\036\107\124\105\040\103\171\142\145\162\124
-\162\165\163\164\040\123\157\154\165\164\151\157\156\163\054\040
-\111\156\143\056\061\036\060\034\006\003\125\004\003\023\025\107
-\124\105\040\103\171\142\145\162\124\162\165\163\164\040\122\157
-\157\164\040\065\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\274\022\156\077\212\174\172\227\001\354\036
-\273\071\132\002\364\170\104\242\110\033\216\173\111\122\172\270
-\173\107\263\257\224\233\157\273\226\372\053\152\145\134\270\034
-\224\163\276\277\211\012\042\200\356\127\374\214\005\273\160\237
-\227\071\004\332\243\207\134\250\345\312\257\300\063\232\325\067
-\134\113\254\344\200\320\246\043\140\373\375\162\056\224\235\307
-\316\302\004\062\357\170\140\135\355\255\207\017\105\145\036\074
-\232\012\232\276\135\035\231\354\347\362\321\306\172\027\331\255
-\233\124\226\177\304\174\140\277\205\252\025\065\035\100\332\021
-\274\354\124\041\050\055\043\241\250\360\317\055\315\335\374\176
-\017\136\341\145\007\126\313\007\264\322\126\350\136\061\314\030
-\143\304\206\322\055\205\317\223\222\253\155\376\150\071\373\336
-\163\275\206\370\344\106\172\352\237\014\313\364\031\376\143\274
-\321\054\173\210\063\066\366\344\341\234\014\123\201\140\034\332
-\056\253\226\251\026\210\023\120\231\262\275\125\337\025\060\176
-\350\345\230\373\160\176\154\265\007\374\374\106\267\320\355\067
-\226\176\062\376\041\002\003\001\000\001\243\132\060\130\060\022
-\006\003\125\035\023\001\001\377\004\010\060\006\001\001\377\002
-\001\005\060\016\006\003\125\035\017\001\001\377\004\004\003\002
-\001\006\060\027\006\003\125\035\040\004\020\060\016\060\014\006
-\012\052\206\110\206\370\143\001\002\001\003\060\031\006\003\125
-\035\016\004\022\004\020\166\012\111\041\070\114\237\336\370\304
-\111\307\161\161\221\235\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\001\001\000\101\072\324\030\133\332
-\270\336\041\034\341\216\011\345\361\150\064\377\336\226\364\007
-\365\247\074\363\254\112\261\233\372\222\372\233\355\346\062\041
-\252\112\166\305\334\117\070\345\337\325\206\344\325\310\166\175
-\230\327\261\315\217\115\265\221\043\154\213\212\353\352\174\357
-\024\224\304\306\360\037\112\055\062\161\143\053\143\221\046\002
-\011\266\200\035\355\342\314\270\177\333\207\143\310\341\320\154
-\046\261\065\035\100\146\020\033\315\225\124\030\063\141\354\023
-\117\332\023\367\231\257\076\320\317\216\246\162\242\263\303\005
-\232\311\047\175\222\314\176\122\215\263\253\160\155\236\211\237
-\115\353\032\165\302\230\252\325\002\026\327\014\212\277\045\344
-\353\055\274\230\351\130\070\031\174\271\067\376\333\342\231\010
-\163\006\307\227\203\152\175\020\001\057\062\271\027\005\112\145
-\346\057\316\276\136\123\246\202\351\232\123\012\204\164\055\203
-\312\310\224\026\166\137\224\141\050\360\205\247\071\273\327\213
-\331\250\262\023\035\124\011\064\044\175\040\201\175\146\176\242
-\220\164\134\020\306\275\354\253\033\302
-END
-
-# Trust for Certificate "GTE CyberTrust Root 5"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Root 5"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\107\305\114\274\332\135\166\316\142\210\070\021\254\021\146\135
-\125\364\054\000
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\175\154\206\344\374\115\321\013\000\272\042\273\116\174\152\216
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\160\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\030\060\026\006\003\125\004\012\023\017\107\124\105\040\103\157
-\162\160\157\162\141\164\151\157\156\061\047\060\045\006\003\125
-\004\013\023\036\107\124\105\040\103\171\142\145\162\124\162\165
-\163\164\040\123\157\154\165\164\151\157\156\163\054\040\111\156
-\143\056\061\036\060\034\006\003\125\004\003\023\025\107\124\105
-\040\103\171\142\145\162\124\162\165\163\164\040\122\157\157\164
-\040\065
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\266
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GTE CyberTrust Japan Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Japan Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\121\061\013\060\011\006\003\125\004\006\023\002\112\120\061
-\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124
-\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056
-\061\041\060\037\006\003\125\004\003\023\030\103\171\142\145\162
-\124\162\165\163\164\040\112\101\120\101\116\040\122\157\157\164
-\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\121\061\013\060\011\006\003\125\004\006\023\002\112\120\061
-\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124
-\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056
-\061\041\060\037\006\003\125\004\003\023\030\103\171\142\145\162
-\124\162\165\163\164\040\112\101\120\101\116\040\122\157\157\164
-\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\116
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\021\060\202\001\172\002\001\116\060\015\006\011\052
-\206\110\206\367\015\001\001\004\005\000\060\121\061\013\060\011
-\006\003\125\004\006\023\002\112\120\061\037\060\035\006\003\125
-\004\012\023\026\103\171\142\145\162\124\162\165\163\164\040\112
-\141\160\141\156\054\040\111\156\143\056\061\041\060\037\006\003
-\125\004\003\023\030\103\171\142\145\162\124\162\165\163\164\040
-\112\101\120\101\116\040\122\157\157\164\040\103\101\060\036\027
-\015\071\070\060\070\060\064\060\067\065\067\060\060\132\027\015
-\060\063\060\070\060\064\062\063\065\071\060\060\132\060\121\061
-\013\060\011\006\003\125\004\006\023\002\112\120\061\037\060\035
-\006\003\125\004\012\023\026\103\171\142\145\162\124\162\165\163
-\164\040\112\141\160\141\156\054\040\111\156\143\056\061\041\060
-\037\006\003\125\004\003\023\030\103\171\142\145\162\124\162\165
-\163\164\040\112\101\120\101\116\040\122\157\157\164\040\103\101
-\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001
-\005\000\003\201\215\000\060\201\211\002\201\201\000\267\255\374
-\312\107\020\166\211\375\147\254\344\163\006\174\201\113\035\326
-\265\174\016\107\257\354\246\124\165\250\304\375\145\257\347\310
-\261\261\154\064\065\215\367\271\144\127\050\013\041\132\336\164
-\376\334\170\056\206\106\022\114\177\021\037\334\223\275\137\276
-\146\230\206\270\267\354\155\111\323\220\331\341\171\000\126\150
-\272\255\154\037\054\073\037\311\054\214\103\260\004\102\352\201
-\163\246\316\063\165\105\015\212\105\162\057\252\127\125\344\007
-\303\103\342\165\072\017\274\074\320\204\316\272\357\002\003\001
-\000\001\060\015\006\011\052\206\110\206\367\015\001\001\004\005
-\000\003\201\201\000\267\246\144\243\014\200\074\034\304\330\356
-\101\073\345\206\244\236\140\135\326\001\062\250\152\144\055\040
-\160\100\272\162\116\146\372\007\145\116\003\216\013\375\126\340
-\255\073\040\247\062\372\262\022\036\200\337\036\343\172\030\314
-\127\333\346\311\064\140\357\165\353\020\026\320\244\056\160\330
-\044\043\270\245\167\163\102\371\007\072\335\001\154\010\223\007
-\065\046\020\045\140\051\377\011\345\144\237\151\271\026\111\363
-\134\335\044\143\106\223\015\260\123\066\165\274\110\040\273\031
-\266\217\320\042\375
-END
-
-# Trust for Certificate "GTE CyberTrust Japan Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Japan Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\327\237\165\115\072\165\304\327\022\276\200\056\155\367\251\056
-\135\022\021\045
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\336\253\377\103\052\145\067\006\233\050\265\172\350\204\323\216
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\121\061\013\060\011\006\003\125\004\006\023\002\112\120\061
-\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124
-\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056
-\061\041\060\037\006\003\125\004\003\023\030\103\171\142\145\162
-\124\162\165\163\164\040\112\101\120\101\116\040\122\157\157\164
-\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\116
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GTE CyberTrust Japan Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Japan Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\112\120\061
-\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124
-\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056
-\061\052\060\050\006\003\125\004\003\023\041\103\171\142\145\162
-\124\162\165\163\164\040\112\101\120\101\116\040\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\112\120\061
-\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124
-\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056
-\061\052\060\050\006\003\125\004\003\023\041\103\171\142\145\162
-\124\162\165\163\164\040\112\101\120\101\116\040\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\117
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\043\060\202\001\214\002\001\117\060\015\006\011\052
-\206\110\206\367\015\001\001\004\005\000\060\132\061\013\060\011
-\006\003\125\004\006\023\002\112\120\061\037\060\035\006\003\125
-\004\012\023\026\103\171\142\145\162\124\162\165\163\164\040\112
-\141\160\141\156\054\040\111\156\143\056\061\052\060\050\006\003
-\125\004\003\023\041\103\171\142\145\162\124\162\165\163\164\040
-\112\101\120\101\116\040\123\145\143\165\162\145\040\123\145\162
-\166\145\162\040\103\101\060\036\027\015\071\070\060\070\060\064
-\060\070\060\066\063\062\132\027\015\060\063\060\070\060\064\062
-\063\065\071\060\060\132\060\132\061\013\060\011\006\003\125\004
-\006\023\002\112\120\061\037\060\035\006\003\125\004\012\023\026
-\103\171\142\145\162\124\162\165\163\164\040\112\141\160\141\156
-\054\040\111\156\143\056\061\052\060\050\006\003\125\004\003\023
-\041\103\171\142\145\162\124\162\165\163\164\040\112\101\120\101
-\116\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040
-\103\101\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\254
-\046\243\241\270\157\152\300\054\022\371\333\061\005\222\347\375
-\372\324\201\264\270\325\052\325\220\372\360\103\145\374\022\025
-\312\354\333\271\141\336\063\143\067\117\257\000\074\177\222\067
-\033\030\163\345\237\074\210\361\032\023\104\376\171\362\303\046
-\225\017\013\360\236\024\007\041\154\127\302\135\303\342\121\260
-\315\213\137\315\137\206\070\370\171\227\071\354\350\277\122\056
-\261\136\252\251\256\214\355\356\327\310\267\056\061\213\264\071
-\222\073\174\201\047\007\032\001\104\057\111\163\040\266\311\002
-\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001
-\004\005\000\003\201\201\000\150\035\173\022\356\132\171\051\061
-\312\001\254\213\120\251\047\231\054\000\374\070\032\034\377\302
-\325\360\023\376\033\247\071\365\200\024\353\121\372\300\215\173
-\204\033\131\256\261\065\121\156\241\076\327\033\354\240\236\337
-\340\245\202\226\343\261\077\330\250\361\313\171\200\216\367\360
-\104\231\176\024\365\043\243\021\343\150\113\005\066\156\210\343
-\253\206\252\070\123\003\102\073\323\271\371\340\277\005\351\323
-\137\303\112\247\266\375\267\135\220\111\370\232\262\255\146\246
-\202\000\223\256\140\377\040
-END
-
-# Trust for Certificate "GTE CyberTrust Japan Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GTE CyberTrust Japan Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\326\371\221\145\061\321\304\017\030\247\073\051\236\031\267\157
-\246\302\111\063
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\335\015\015\264\170\113\175\316\060\012\246\065\306\253\114\210
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\112\120\061
-\037\060\035\006\003\125\004\012\023\026\103\171\142\145\162\124
-\162\165\163\164\040\112\141\160\141\156\054\040\111\156\143\056
-\061\052\060\050\006\003\125\004\003\023\041\103\171\142\145\162
-\124\162\165\163\164\040\112\101\120\101\116\040\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\117
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Personal Basic CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Basic CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151
-\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015
-\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141
-\163\151\143\100\164\150\141\167\164\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151
-\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015
-\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141
-\163\151\143\100\164\150\141\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\041\060\202\002\212\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003
-\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023
-\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
-\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
-\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167\164
-\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151\143
-\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015\001
-\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141\163
-\151\143\100\164\150\141\167\164\145\056\143\157\155\060\036\027
-\015\071\066\060\061\060\061\060\060\060\060\060\060\132\027\015
-\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\313
-\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060
-\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040
-\103\141\160\145\061\022\060\020\006\003\125\004\007\023\011\103
-\141\160\145\040\124\157\167\156\061\032\060\030\006\003\125\004
-\012\023\021\124\150\141\167\164\145\040\103\157\156\163\165\154
-\164\151\156\147\061\050\060\046\006\003\125\004\013\023\037\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162
-\166\151\143\145\163\040\104\151\166\151\163\151\157\156\061\041
-\060\037\006\003\125\004\003\023\030\124\150\141\167\164\145\040
-\120\145\162\163\157\156\141\154\040\102\141\163\151\143\040\103
-\101\061\050\060\046\006\011\052\206\110\206\367\015\001\011\001
-\026\031\160\145\162\163\157\156\141\154\055\142\141\163\151\143
-\100\164\150\141\167\164\145\056\143\157\155\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\274\274\223\123\155\300\120\117
-\202\025\346\110\224\065\246\132\276\157\102\372\017\107\356\167
-\165\162\335\215\111\233\226\127\240\170\324\312\077\121\263\151
-\013\221\166\027\042\007\227\152\304\121\223\113\340\215\357\067
-\225\241\014\115\332\064\220\035\027\211\227\340\065\070\127\112
-\300\364\010\160\351\074\104\173\120\176\141\232\220\343\043\323
-\210\021\106\047\365\013\007\016\273\335\321\177\040\012\210\271
-\126\013\056\034\200\332\361\343\236\051\357\024\275\012\104\373
-\033\133\030\321\277\043\223\041\002\003\001\000\001\243\023\060
-\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
-\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005
-\000\003\201\201\000\055\342\231\153\260\075\172\211\327\131\242
-\224\001\037\053\335\022\113\123\302\255\177\252\247\000\134\221
-\100\127\045\112\070\252\204\160\271\331\200\017\245\173\134\373
-\163\306\275\327\212\141\134\003\343\055\047\250\027\340\204\205
-\102\334\136\233\306\267\262\155\273\164\257\344\077\313\247\267
-\260\340\135\276\170\203\045\224\322\333\201\017\171\007\155\117
-\364\071\025\132\122\001\173\336\062\326\115\070\366\022\134\006
-\120\337\005\133\275\024\113\241\337\051\272\073\101\215\367\143
-\126\241\337\042\261
-END
-
-# Trust for Certificate "Thawte Personal Basic CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Basic CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\100\347\214\035\122\075\034\331\225\117\254\032\032\263\275\074
-\272\241\133\374
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\346\013\322\311\312\055\210\333\032\161\016\113\170\353\002\101
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\313\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\102\141\163\151
-\143\040\103\101\061\050\060\046\006\011\052\206\110\206\367\015
-\001\011\001\026\031\160\145\162\163\157\156\141\154\055\142\141
-\163\151\143\100\164\150\141\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Personal Premium CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Premium CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155
-\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206
-\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055
-\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143
-\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155
-\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206
-\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055
-\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143
-\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\051\060\202\002\222\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003
-\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023
-\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
-\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
-\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167\164
-\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155\151
-\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206\367
-\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055\160
-\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143\157
-\155\060\036\027\015\071\066\060\061\060\061\060\060\060\060\060
-\060\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071
-\132\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132
-\101\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164
-\145\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004
-\007\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030
-\006\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157
-\156\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004
-\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151
-\157\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141
-\167\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145
-\155\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110
-\206\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154
-\055\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056
-\143\157\155\060\201\237\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000
-\311\146\331\370\007\104\317\271\214\056\360\241\357\023\105\154
-\005\337\336\047\026\121\066\101\021\154\154\073\355\376\020\175
-\022\236\345\233\102\232\376\140\061\303\146\267\163\072\110\256
-\116\320\062\067\224\210\265\015\266\331\363\362\104\331\325\210
-\022\335\166\115\362\032\374\157\043\036\172\361\330\230\105\116
-\007\020\357\026\102\320\103\165\155\112\336\342\252\311\061\377
-\037\000\160\174\146\317\020\045\010\272\372\356\000\351\106\003
-\146\047\021\025\073\252\133\362\230\335\066\102\262\332\210\165
-\002\003\001\000\001\243\023\060\021\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\003\201\201\000\151\066\211
-\367\064\052\063\162\057\155\073\324\042\262\270\157\232\305\066
-\146\016\033\074\241\261\165\132\346\375\065\323\370\250\362\007
-\157\205\147\216\336\053\271\342\027\260\072\240\360\016\242\000
-\232\337\363\024\025\156\273\310\205\132\230\200\371\377\276\164
-\035\075\363\376\060\045\321\067\064\147\372\245\161\171\060\141
-\051\162\300\340\054\114\373\126\344\072\250\157\345\062\131\122
-\333\165\050\120\131\014\370\013\031\344\254\331\257\226\215\057
-\120\333\007\303\352\037\253\063\340\365\053\061\211
-END
-
-# Trust for Certificate "Thawte Personal Premium CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Premium CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\066\206\065\143\375\121\050\307\276\246\360\005\317\351\264\066
-\150\010\154\316
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\072\262\336\042\232\040\223\111\371\355\310\322\212\347\150\015
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\317\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\043\060\041\006\003\125\004\003\023\032\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\120\162\145\155
-\151\165\155\040\103\101\061\052\060\050\006\011\052\206\110\206
-\367\015\001\011\001\026\033\160\145\162\163\157\156\141\154\055
-\160\162\145\155\151\165\155\100\164\150\141\167\164\145\056\143
-\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Personal Freemail CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Freemail CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145
-\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110
-\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154
-\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145
-\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145
-\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110
-\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154
-\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145
-\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\055\060\202\002\226\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006\003
-\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013\023
-\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040\123
-\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157\156
-\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167\164
-\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145\155
-\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110\206
-\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154\055
-\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145\056
-\143\157\155\060\036\027\015\071\066\060\061\060\061\060\060\060
-\060\060\060\132\027\015\062\060\061\062\063\061\062\063\065\071
-\065\071\132\060\201\321\061\013\060\011\006\003\125\004\006\023
-\002\132\101\061\025\060\023\006\003\125\004\010\023\014\127\145
-\163\164\145\162\156\040\103\141\160\145\061\022\060\020\006\003
-\125\004\007\023\011\103\141\160\145\040\124\157\167\156\061\032
-\060\030\006\003\125\004\012\023\021\124\150\141\167\164\145\040
-\103\157\156\163\165\154\164\151\156\147\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\044\060\042\006\003\125\004\003\023\033\124
-\150\141\167\164\145\040\120\145\162\163\157\156\141\154\040\106
-\162\145\145\155\141\151\154\040\103\101\061\053\060\051\006\011
-\052\206\110\206\367\015\001\011\001\026\034\160\145\162\163\157
-\156\141\154\055\146\162\145\145\155\141\151\154\100\164\150\141
-\167\164\145\056\143\157\155\060\201\237\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211
-\002\201\201\000\324\151\327\324\260\224\144\133\161\351\107\330
-\014\121\266\352\162\221\260\204\136\175\055\015\217\173\022\337
-\205\045\165\050\164\072\102\054\143\047\237\225\173\113\357\176
-\031\207\035\206\352\243\335\271\316\226\144\032\302\024\156\104
-\254\174\346\217\350\115\017\161\037\100\070\246\000\243\207\170
-\366\371\224\206\136\255\352\300\136\166\353\331\024\243\135\156
-\172\174\014\245\113\125\177\006\031\051\177\236\232\046\325\152
-\273\070\044\010\152\230\307\261\332\243\230\221\375\171\333\345
-\132\304\034\271\002\003\001\000\001\243\023\060\021\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015
-\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201
-\000\307\354\222\176\116\370\365\226\245\147\142\052\244\360\115
-\021\140\320\157\215\140\130\141\254\046\273\122\065\134\010\317
-\060\373\250\112\226\212\037\142\102\043\214\027\017\364\272\144
-\234\027\254\107\051\337\235\230\136\322\154\140\161\134\242\254
-\334\171\343\347\156\000\107\037\265\015\050\350\002\235\344\232
-\375\023\364\246\331\174\261\370\334\137\043\046\011\221\200\163
-\320\024\033\336\103\251\203\045\362\346\234\057\025\312\376\246
-\253\212\007\165\213\014\335\121\204\153\344\370\321\316\167\242
-\201
-END
-
-# Trust for Certificate "Thawte Personal Freemail CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Personal Freemail CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\040\231\000\266\075\225\127\050\024\014\321\066\042\330\306\207
-\244\353\000\205
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\036\164\303\206\074\014\065\305\076\302\177\357\074\252\074\331
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\321\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\032\060\030\006
-\003\125\004\012\023\021\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\061\050\060\046\006\003\125\004\013
-\023\037\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\123\145\162\166\151\143\145\163\040\104\151\166\151\163\151\157
-\156\061\044\060\042\006\003\125\004\003\023\033\124\150\141\167
-\164\145\040\120\145\162\163\157\156\141\154\040\106\162\145\145
-\155\141\151\154\040\103\101\061\053\060\051\006\011\052\206\110
-\206\367\015\001\011\001\026\034\160\145\162\163\157\156\141\154
-\055\146\162\145\145\155\141\151\154\100\164\150\141\167\164\145
-\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Thawte Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124
-\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061
-\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027
-\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141
-\167\164\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124
-\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061
-\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027
-\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141
-\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\023\060\202\002\174\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003
-\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125
-\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163
-\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124\150
-\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061\046
-\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027\163
-\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141\167
-\164\145\056\143\157\155\060\036\027\015\071\066\060\070\060\061
-\060\060\060\060\060\060\132\027\015\062\060\061\062\063\061\062
-\063\065\071\065\071\132\060\201\304\061\013\060\011\006\003\125
-\004\006\023\002\132\101\061\025\060\023\006\003\125\004\010\023
-\014\127\145\163\164\145\162\156\040\103\141\160\145\061\022\060
-\020\006\003\125\004\007\023\011\103\141\160\145\040\124\157\167
-\156\061\035\060\033\006\003\125\004\012\023\024\124\150\141\167
-\164\145\040\103\157\156\163\165\154\164\151\156\147\040\143\143
-\061\050\060\046\006\003\125\004\013\023\037\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143\145
-\163\040\104\151\166\151\163\151\157\156\061\031\060\027\006\003
-\125\004\003\023\020\124\150\141\167\164\145\040\123\145\162\166
-\145\162\040\103\101\061\046\060\044\006\011\052\206\110\206\367
-\015\001\011\001\026\027\163\145\162\166\145\162\055\143\145\162
-\164\163\100\164\150\141\167\164\145\056\143\157\155\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\323\244\120\156\310\377
-\126\153\346\317\135\266\352\014\150\165\107\242\252\302\332\204
-\045\374\250\364\107\121\332\205\265\040\164\224\206\036\017\165
-\311\351\010\141\365\006\155\060\156\025\031\002\351\122\300\142
-\333\115\231\236\342\152\014\104\070\315\376\276\343\144\011\160
-\305\376\261\153\051\266\057\111\310\073\324\047\004\045\020\227
-\057\347\220\155\300\050\102\231\327\114\103\336\303\365\041\155
-\124\237\135\303\130\341\300\344\331\133\260\270\334\264\173\337
-\066\072\302\265\146\042\022\326\207\015\002\003\001\000\001\243
-\023\060\021\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001\001
-\004\005\000\003\201\201\000\007\372\114\151\134\373\225\314\106
-\356\205\203\115\041\060\216\312\331\250\157\111\032\346\332\121
-\343\140\160\154\204\141\021\241\032\310\110\076\131\103\175\117
-\225\075\241\213\267\013\142\230\172\165\212\335\210\116\116\236
-\100\333\250\314\062\164\271\157\015\306\343\263\104\013\331\212
-\157\232\051\233\231\030\050\073\321\343\100\050\232\132\074\325
-\265\347\040\033\213\312\244\253\215\351\121\331\342\114\054\131
-\251\332\271\262\165\033\366\102\362\357\307\362\030\371\211\274
-\243\377\212\043\056\160\107
-END
-
-# Trust for Certificate "Thawte Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\043\345\224\224\121\225\362\101\110\003\264\325\144\322\243\243
-\365\330\213\214
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\305\160\304\242\355\123\170\014\310\020\123\201\144\313\320\035
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\304\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\031\060\027\006\003\125\004\003\023\020\124
-\150\141\167\164\145\040\123\145\162\166\145\162\040\103\101\061
-\046\060\044\006\011\052\206\110\206\367\015\001\011\001\026\027
-\163\145\162\166\145\162\055\143\145\162\164\163\100\164\150\141
-\167\164\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Premium Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Premium Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\047\060\202\002\220\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007\023
-\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006\003
-\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156\163
-\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003\125
-\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151\163
-\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124\150
-\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145\162
-\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110\206
-\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055\163
-\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157\155
-\060\036\027\015\071\066\060\070\060\061\060\060\060\060\060\060
-\132\027\015\062\060\061\062\063\061\062\063\065\071\065\071\132
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\322\066
-\066\152\213\327\302\133\236\332\201\101\142\217\070\356\111\004
-\125\326\320\357\034\033\225\026\107\357\030\110\065\072\122\364
-\053\152\006\217\073\057\352\126\343\257\206\215\236\027\367\236
-\264\145\165\002\115\357\313\011\242\041\121\330\233\320\147\320
-\272\015\222\006\024\163\324\223\313\227\052\000\234\134\116\014
-\274\372\025\122\374\362\104\156\332\021\112\156\010\237\057\055
-\343\371\252\072\206\163\266\106\123\130\310\211\005\275\203\021
-\270\163\077\252\007\215\364\102\115\347\100\235\034\067\002\003
-\001\000\001\243\023\060\021\060\017\006\003\125\035\023\001\001
-\377\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206
-\367\015\001\001\004\005\000\003\201\201\000\046\110\054\026\302
-\130\372\350\026\164\014\252\252\137\124\077\362\327\311\170\140
-\136\136\156\067\143\042\167\066\176\262\027\304\064\271\365\010
-\205\374\311\001\070\377\115\276\362\026\102\103\347\273\132\106
-\373\301\306\021\037\361\112\260\050\106\311\303\304\102\175\274
-\372\253\131\156\325\267\121\210\021\343\244\205\031\153\202\114
-\244\014\022\255\351\244\256\077\361\303\111\145\232\214\305\310
-\076\045\267\224\231\273\222\062\161\007\360\206\136\355\120\047
-\246\015\246\043\371\273\313\246\007\024\102
-END
-
-# Trust for Certificate "Thawte Premium Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Premium Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\142\177\215\170\047\145\143\231\322\175\177\220\104\311\376\263
-\363\076\372\232
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\006\237\151\171\026\146\220\002\033\214\214\242\303\007\157\072
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\316\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\022\060\020\006\003\125\004\007
-\023\011\103\141\160\145\040\124\157\167\156\061\035\060\033\006
-\003\125\004\012\023\024\124\150\141\167\164\145\040\103\157\156
-\163\165\154\164\151\156\147\040\143\143\061\050\060\046\006\003
-\125\004\013\023\037\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\123\145\162\166\151\143\145\163\040\104\151\166\151
-\163\151\157\156\061\041\060\037\006\003\125\004\003\023\030\124
-\150\141\167\164\145\040\120\162\145\155\151\165\155\040\123\145
-\162\166\145\162\040\103\101\061\050\060\046\006\011\052\206\110
-\206\367\015\001\011\001\026\031\160\162\145\155\151\165\155\055
-\163\145\162\166\145\162\100\164\150\141\167\164\145\056\143\157
-\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "American Express CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "American Express CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151
-\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160
-\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125
-\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160
-\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145
-\163\061\057\060\055\006\003\125\004\003\023\046\101\155\145\162
-\151\143\141\156\040\105\170\160\162\145\163\163\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151
-\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160
-\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125
-\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160
-\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145
-\163\061\057\060\055\006\003\125\004\003\023\046\101\155\145\162
-\151\143\141\156\040\105\170\160\162\145\163\163\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\215
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\220\060\202\001\371\002\002\000\215\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\060\201\217\061\013
-\060\011\006\003\125\004\006\023\002\125\123\061\047\060\045\006
-\003\125\004\012\023\036\101\155\145\162\151\143\141\156\040\105
-\170\160\162\145\163\163\040\103\157\155\160\141\156\171\054\040
-\111\156\143\056\061\046\060\044\006\003\125\004\013\023\035\101
-\155\145\162\151\143\141\156\040\105\170\160\162\145\163\163\040
-\124\145\143\150\156\157\154\157\147\151\145\163\061\057\060\055
-\006\003\125\004\003\023\046\101\155\145\162\151\143\141\156\040
-\105\170\160\162\145\163\163\040\103\145\162\164\151\146\151\143
-\141\164\145\040\101\165\164\150\157\162\151\164\171\060\036\027
-\015\071\070\060\070\061\064\062\062\060\061\060\060\132\027\015
-\060\066\060\070\061\064\062\063\065\071\060\060\132\060\201\217
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\047\060
-\045\006\003\125\004\012\023\036\101\155\145\162\151\143\141\156
-\040\105\170\160\162\145\163\163\040\103\157\155\160\141\156\171
-\054\040\111\156\143\056\061\046\060\044\006\003\125\004\013\023
-\035\101\155\145\162\151\143\141\156\040\105\170\160\162\145\163
-\163\040\124\145\143\150\156\157\154\157\147\151\145\163\061\057
-\060\055\006\003\125\004\003\023\046\101\155\145\162\151\143\141
-\156\040\105\170\160\162\145\163\163\040\103\145\162\164\151\146
-\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\060
-\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001\005
-\000\003\201\215\000\060\201\211\002\201\201\000\311\362\111\222
-\205\312\375\025\051\265\006\266\104\354\374\210\243\362\206\316
-\377\024\117\044\034\222\371\302\043\301\316\103\337\135\064\310
-\270\024\354\325\052\160\221\111\225\327\126\315\224\361\251\223
-\320\150\042\334\115\175\240\012\162\052\107\352\045\360\205\000
-\137\066\124\141\317\013\371\067\132\147\235\351\037\351\144\077
-\160\225\141\247\320\060\002\336\046\050\244\146\003\004\351\060
-\373\217\063\007\371\157\141\207\242\162\333\363\150\170\143\146
-\131\251\311\267\146\341\025\262\110\066\054\371\002\003\001\000
-\001\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000
-\003\201\201\000\150\027\142\270\163\213\114\154\353\112\245\076
-\253\345\235\056\322\315\212\007\127\363\306\131\227\166\027\027
-\370\122\216\047\223\330\130\330\050\154\364\242\004\172\212\302
-\166\044\261\002\264\337\050\362\367\363\250\247\176\043\110\141
-\210\364\021\150\256\046\135\366\241\113\123\045\152\330\052\024
-\002\016\340\207\040\156\236\031\134\163\220\013\043\342\061\227
-\043\077\325\042\242\323\006\173\332\067\365\327\265\101\104\027
-\172\105\002\331\205\105\146\326\216\307\360\172\014\231\142\042
-\151\133\355\322
-END
-
-# Trust for Certificate "American Express CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "American Express CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\254\231\217\200\304\240\005\370\156\362\240\256\110\030\344\117
-\110\237\370\177
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\034\325\216\202\276\160\125\216\071\141\337\255\121\333\153\240
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\217\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151
-\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160
-\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125
-\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160
-\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145
-\163\061\057\060\055\006\003\125\004\003\023\046\101\155\145\162
-\151\143\141\156\040\105\170\160\162\145\163\163\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\215
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "American Express Global CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "American Express Global CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\226\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151
-\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160
-\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125
-\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160
-\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145
-\163\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162
-\151\143\141\156\040\105\170\160\162\145\163\163\040\107\154\157
-\142\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040
-\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\226\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151
-\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160
-\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125
-\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160
-\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145
-\163\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162
-\151\143\141\156\040\105\170\160\162\145\163\163\040\107\154\157
-\142\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040
-\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\205
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\004\060\202\002\354\240\003\002\001\002\002\002\000
-\205\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\201\226\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151
-\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160
-\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125
-\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160
-\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145
-\163\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162
-\151\143\141\156\040\105\170\160\162\145\163\163\040\107\154\157
-\142\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040
-\101\165\164\150\157\162\151\164\171\060\036\027\015\071\070\060
-\070\061\064\061\071\060\066\060\060\132\027\015\061\063\060\070
-\061\064\062\063\065\071\060\060\132\060\201\226\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\047\060\045\006\003\125
-\004\012\023\036\101\155\145\162\151\143\141\156\040\105\170\160
-\162\145\163\163\040\103\157\155\160\141\156\171\054\040\111\156
-\143\056\061\046\060\044\006\003\125\004\013\023\035\101\155\145
-\162\151\143\141\156\040\105\170\160\162\145\163\163\040\124\145
-\143\150\156\157\154\157\147\151\145\163\061\066\060\064\006\003
-\125\004\003\023\055\101\155\145\162\151\143\141\156\040\105\170
-\160\162\145\163\163\040\107\154\157\142\141\154\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\360\044\046\146\056\373\353\112\163\161\123\211\107
-\313\046\074\123\222\224\114\312\302\205\265\015\370\303\127\275
-\057\052\037\152\030\267\127\257\014\000\026\372\240\266\220\246
-\367\032\241\056\146\046\307\150\243\212\223\151\146\265\106\126
-\055\035\202\352\220\014\012\042\302\211\120\215\005\363\324\253
-\163\101\360\317\022\254\050\264\157\024\224\226\131\113\236\220
-\165\206\337\342\107\353\341\351\117\103\176\207\312\047\030\146
-\236\265\301\100\145\175\374\141\157\255\233\162\317\251\136\330
-\363\371\332\156\221\020\372\114\265\352\176\040\336\251\071\057
-\365\210\344\212\157\065\306\040\234\053\206\106\063\012\374\061
-\125\245\153\254\026\100\351\315\065\131\157\062\004\303\173\265
-\017\173\167\160\363\110\273\052\122\202\316\257\051\155\361\021
-\157\155\346\007\000\001\357\232\363\046\015\246\171\023\147\257
-\370\253\034\165\254\221\265\153\276\100\260\336\234\014\261\151
-\205\031\161\221\023\105\312\337\321\375\346\262\312\226\203\171
-\333\305\270\252\133\172\220\013\170\126\076\306\327\237\224\110
-\021\365\255\002\003\001\000\001\243\132\060\130\060\022\006\003
-\125\035\023\001\001\377\004\010\060\006\001\001\377\002\001\005
-\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
-\060\027\006\003\125\035\040\004\020\060\016\060\014\006\012\052
-\206\110\206\371\017\012\001\005\001\060\031\006\003\125\035\016
-\004\022\004\020\127\107\065\173\066\047\021\250\010\374\057\106
-\045\353\044\151\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\202\001\001\000\307\141\105\250\212\161\271\276
-\064\351\041\173\041\315\126\023\230\325\060\143\351\030\252\113
-\222\025\277\013\035\273\354\222\151\305\056\303\141\213\350\060
-\105\313\020\106\301\163\070\134\213\031\322\053\363\100\353\174
-\162\263\056\036\047\343\165\225\212\034\233\056\304\225\005\206
-\162\320\125\364\241\222\122\171\134\333\364\370\334\345\327\022
-\261\100\307\074\206\344\061\145\112\312\067\306\336\166\127\031
-\151\114\106\151\374\052\255\026\067\172\223\254\367\041\113\055
-\373\353\251\120\313\301\321\100\010\332\003\151\207\247\067\136
-\125\301\305\355\304\343\216\014\046\227\233\134\127\113\162\343
-\362\003\005\320\002\073\046\003\100\220\236\276\013\133\111\014
-\170\361\325\114\125\051\340\366\375\114\003\251\124\002\062\321
-\127\132\205\254\103\355\133\073\026\137\240\277\065\333\113\236
-\173\350\377\347\015\074\073\250\233\111\101\106\365\163\116\377
-\222\145\041\203\023\125\161\353\111\074\177\210\032\302\022\050
-\045\241\106\113\101\067\227\177\354\216\361\324\241\226\302\040
-\266\136\255\251\034\036\021\240
-END
-
-# Trust for Certificate "American Express Global CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "American Express Global CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\005\025\203\065\174\267\267\276\344\016\273\221\377\153\073\274
-\361\124\335\126
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\143\033\146\223\214\363\146\313\074\171\127\334\005\111\352\333
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\226\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\047\060\045\006\003\125\004\012\023\036\101\155\145\162\151
-\143\141\156\040\105\170\160\162\145\163\163\040\103\157\155\160
-\141\156\171\054\040\111\156\143\056\061\046\060\044\006\003\125
-\004\013\023\035\101\155\145\162\151\143\141\156\040\105\170\160
-\162\145\163\163\040\124\145\143\150\156\157\154\157\147\151\145
-\163\061\066\060\064\006\003\125\004\003\023\055\101\155\145\162
-\151\143\141\156\040\105\170\160\162\145\163\163\040\107\154\157
-\142\141\154\040\103\145\162\164\151\146\151\143\141\164\145\040
-\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\205
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Equifax Premium CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Premium CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\056\060\054\006\003\125\004\013\023\045\105\161\165\151
-\146\141\170\040\120\162\145\155\151\165\155\040\103\145\162\164
-\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\056\060\054\006\003\125\004\013\023\045\105\161\165\151
-\146\141\170\040\120\162\145\155\151\165\155\040\103\145\162\164
-\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\065\341\357\036
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\043\060\202\002\214\240\003\002\001\002\002\004\065
-\341\357\036\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\117\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151
-\146\141\170\061\056\060\054\006\003\125\004\013\023\045\105\161
-\165\151\146\141\170\040\120\162\145\155\151\165\155\040\103\145
-\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162
-\151\164\171\060\036\027\015\071\070\060\070\062\064\062\062\065
-\064\062\063\132\027\015\061\070\060\070\062\064\062\062\065\064
-\062\063\132\060\117\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165
-\151\146\141\170\061\056\060\054\006\003\125\004\013\023\045\105
-\161\165\151\146\141\170\040\120\162\145\155\151\165\155\040\103
-\145\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157
-\162\151\164\171\060\201\237\060\015\006\011\052\206\110\206\367
-\015\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201
-\000\316\241\006\216\006\314\010\013\301\206\250\336\040\325\015
-\016\321\015\304\237\352\152\331\263\302\062\107\100\157\212\210
-\244\011\275\070\054\035\346\313\346\244\363\066\353\332\353\274
-\374\144\263\007\366\055\274\252\316\237\031\110\150\112\374\365
-\242\105\176\011\020\365\217\263\111\134\043\006\071\352\023\213
-\270\013\315\221\035\166\137\331\067\241\104\373\137\220\362\147
-\263\315\030\231\103\037\166\022\153\002\362\225\203\070\103\302
-\366\142\064\312\311\170\135\137\322\330\272\232\377\276\020\140
-\133\002\003\001\000\001\243\202\001\012\060\202\001\006\060\161
-\006\003\125\035\037\004\152\060\150\060\146\240\144\240\142\244
-\140\060\136\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146
-\141\170\061\056\060\054\006\003\125\004\013\023\045\105\161\165
-\151\146\141\170\040\120\162\145\155\151\165\155\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\061\015\060\013\006\003\125\004\003\023\004\103\122\114
-\061\060\032\006\003\125\035\020\004\023\060\021\201\017\062\060
-\061\070\060\070\062\064\062\062\065\064\062\063\132\060\013\006
-\003\125\035\017\004\004\003\002\001\006\060\037\006\003\125\035
-\043\004\030\060\026\200\024\025\356\262\050\131\253\156\345\370
-\317\213\201\364\044\341\256\077\165\033\230\060\035\006\003\125
-\035\016\004\026\004\024\025\356\262\050\131\253\156\345\370\317
-\213\201\364\044\341\256\077\165\033\230\060\014\006\003\125\035
-\023\004\005\060\003\001\001\377\060\032\006\011\052\206\110\206
-\366\175\007\101\000\004\015\060\013\033\005\126\063\056\060\143
-\003\002\006\300\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\201\201\000\275\013\234\047\251\003\333\050\334
-\230\251\113\320\321\216\247\250\032\132\221\340\234\361\367\030
-\174\056\042\236\066\037\311\250\265\315\106\112\156\372\065\007
-\033\206\010\353\237\342\250\371\235\101\055\072\256\134\134\266
-\137\064\004\353\374\052\140\260\373\164\344\205\351\145\070\226
-\356\025\307\306\167\143\022\275\212\150\037\253\154\175\332\312
-\134\023\316\352\311\353\011\134\305\163\347\022\001\325\331\123
-\007\236\340\017\226\360\213\264\273\105\110\237\206\305\031\125
-\240\313\226\305\003\374\110
-END
-
-# Trust for Certificate "Equifax Premium CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Premium CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\235\021\167\273\103\333\275\240\007\310\252\321\253\220\127\020
-\256\170\244\135
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\251\351\250\235\016\163\343\261\057\067\015\350\110\077\206\355
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\117\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\056\060\054\006\003\125\004\013\023\045\105\161\165\151
-\146\141\170\040\120\162\145\155\151\165\155\040\103\145\162\164
-\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\065\341\357\036
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Equifax Secure CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
-\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
-\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\065\336\364\317
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\065
-\336\364\317\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151
-\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161
-\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\060\036\027\015\071\070\060\070\062\062\061\066\064\061
-\065\061\132\027\015\061\070\060\070\062\062\061\066\064\061\065
-\061\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\020\060\016\006\003\125\004\012\023\007\105\161\165\151
-\146\141\170\061\055\060\053\006\003\125\004\013\023\044\105\161
-\165\151\146\141\170\040\123\145\143\165\162\145\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\301
-\135\261\130\147\010\142\356\240\232\055\037\010\155\221\024\150
-\230\012\036\376\332\004\157\023\204\142\041\303\321\174\316\237
-\005\340\270\001\360\116\064\354\342\212\225\004\144\254\361\153
-\123\137\005\263\313\147\200\277\102\002\216\376\335\001\011\354
-\341\000\024\117\374\373\360\014\335\103\272\133\053\341\037\200
-\160\231\025\127\223\026\361\017\227\152\267\302\150\043\034\314
-\115\131\060\254\121\036\073\257\053\326\356\143\105\173\305\331
-\137\120\322\343\120\017\072\210\347\277\024\375\340\307\271\002
-\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003
-\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060
-\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\020
-\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141\170
-\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151\146
-\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151\146
-\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061
-\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032
-\006\003\125\035\020\004\023\060\021\201\017\062\060\061\070\060
-\070\062\062\061\066\064\061\065\061\132\060\013\006\003\125\035
-\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030
-\060\026\200\024\110\346\150\371\053\322\262\225\327\107\330\043
-\040\020\117\063\230\220\237\324\060\035\006\003\125\035\016\004
-\026\004\024\110\346\150\371\053\322\262\225\327\107\330\043\040
-\020\117\063\230\220\237\324\060\014\006\003\125\035\023\004\005
-\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007
-\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006
-\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\201\201\000\130\316\051\352\374\367\336\265\316\002\271\027
-\265\205\321\271\343\340\225\314\045\061\015\000\246\222\156\177
-\266\222\143\236\120\225\321\232\157\344\021\336\143\205\156\230
-\356\250\377\132\310\323\125\262\146\161\127\336\300\041\353\075
-\052\247\043\111\001\004\206\102\173\374\356\177\242\026\122\265
-\147\147\323\100\333\073\046\130\262\050\167\075\256\024\167\141
-\326\372\052\146\047\240\015\372\247\163\134\352\160\361\224\041
-\145\104\137\372\374\357\051\150\251\242\207\171\357\171\357\117
-\254\007\167\070
-END
-
-# Trust for Certificate "Equifax Secure CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\322\062\011\255\043\323\024\043\041\164\344\015\177\235\142\023
-\227\206\143\072
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\147\313\235\300\023\044\212\202\233\262\027\036\321\033\354\324
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\020\060\016\006\003\125\004\012\023\007\105\161\165\151\146\141
-\170\061\055\060\053\006\003\125\004\013\023\044\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\103\145\162\164\151
-\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\065\336\364\317
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "BelSign Object Publishing CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "BelSign Object Publishing CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\013\060\011\006\003\125\004\006\023\002\102\105
-\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163
-\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145
-\154\123\151\147\156\040\116\126\061\070\060\066\006\003\125\004
-\013\023\057\102\145\154\123\151\147\156\040\117\142\152\145\143
-\164\040\120\165\142\154\151\163\150\151\156\147\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\061\045\060\043\006\003\125\004\003\023\034\102\145\154
-\123\151\147\156\040\117\142\152\145\143\164\040\120\165\142\154
-\151\163\150\151\156\147\040\103\101\061\043\060\041\006\011\052
-\206\110\206\367\015\001\011\001\026\024\167\145\142\155\141\163
-\164\145\162\100\142\145\154\163\151\147\156\056\142\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\013\060\011\006\003\125\004\006\023\002\102\105
-\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163
-\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145
-\154\123\151\147\156\040\116\126\061\070\060\066\006\003\125\004
-\013\023\057\102\145\154\123\151\147\156\040\117\142\152\145\143
-\164\040\120\165\142\154\151\163\150\151\156\147\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\061\045\060\043\006\003\125\004\003\023\034\102\145\154
-\123\151\147\156\040\117\142\152\145\143\164\040\120\165\142\154
-\151\163\150\151\156\147\040\103\101\061\043\060\041\006\011\052
-\206\110\206\367\015\001\011\001\026\024\167\145\142\155\141\163
-\164\145\162\100\142\145\154\163\151\147\156\056\142\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\003\060\202\002\154\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\273\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163\145
-\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145\154
-\123\151\147\156\040\116\126\061\070\060\066\006\003\125\004\013
-\023\057\102\145\154\123\151\147\156\040\117\142\152\145\143\164
-\040\120\165\142\154\151\163\150\151\156\147\040\103\145\162\164
-\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151\164
-\171\061\045\060\043\006\003\125\004\003\023\034\102\145\154\123
-\151\147\156\040\117\142\152\145\143\164\040\120\165\142\154\151
-\163\150\151\156\147\040\103\101\061\043\060\041\006\011\052\206
-\110\206\367\015\001\011\001\026\024\167\145\142\155\141\163\164
-\145\162\100\142\145\154\163\151\147\156\056\142\145\060\036\027
-\015\071\067\060\071\061\071\062\062\060\063\060\060\132\027\015
-\060\067\060\071\061\071\062\062\060\063\060\060\132\060\201\273
-\061\013\060\011\006\003\125\004\006\023\002\102\105\061\021\060
-\017\006\003\125\004\007\023\010\102\162\165\163\163\145\154\163
-\061\023\060\021\006\003\125\004\012\023\012\102\145\154\123\151
-\147\156\040\116\126\061\070\060\066\006\003\125\004\013\023\057
-\102\145\154\123\151\147\156\040\117\142\152\145\143\164\040\120
-\165\142\154\151\163\150\151\156\147\040\103\145\162\164\151\146
-\151\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061
-\045\060\043\006\003\125\004\003\023\034\102\145\154\123\151\147
-\156\040\117\142\152\145\143\164\040\120\165\142\154\151\163\150
-\151\156\147\040\103\101\061\043\060\041\006\011\052\206\110\206
-\367\015\001\011\001\026\024\167\145\142\155\141\163\164\145\162
-\100\142\145\154\163\151\147\156\056\142\145\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\304\056\037\266\277\356\202\100
-\335\371\267\056\101\325\236\005\261\132\320\046\174\142\125\003
-\233\374\313\141\336\113\357\376\350\231\376\207\271\210\317\220
-\332\017\011\074\166\337\027\227\266\313\077\045\105\375\264\274
-\130\000\276\260\132\266\024\207\217\356\147\144\255\035\210\203
-\273\147\237\145\141\000\130\010\200\120\237\200\311\061\366\052
-\220\034\055\367\112\154\020\366\043\103\135\070\011\140\210\127
-\002\315\026\154\030\374\315\373\222\052\167\320\236\223\243\135
-\210\144\320\310\370\135\124\121\002\003\001\000\001\243\025\060
-\023\060\021\006\011\140\206\110\001\206\370\102\001\001\004\004
-\003\002\000\007\060\015\006\011\052\206\110\206\367\015\001\001
-\004\005\000\003\201\201\000\143\166\027\174\226\360\123\245\135
-\001\034\123\316\051\302\176\165\254\114\015\242\010\163\264\152
-\061\375\002\006\024\231\334\124\004\244\277\310\226\206\237\061
-\103\062\045\127\366\205\366\045\273\067\276\241\171\043\311\127
-\006\045\161\153\105\117\370\364\002\100\026\202\042\257\124\352
-\062\050\366\015\356\231\272\113\010\121\017\156\206\043\041\114
-\055\045\210\201\304\056\016\361\023\054\070\212\225\002\044\303
-\072\225\143\344\223\216\110\273\010\107\162\137\256\346\072\132
-\107\326\161\306\236\232\122
-END
-
-# Trust for Certificate "BelSign Object Publishing CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "BelSign Object Publishing CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\373\224\125\030\075\227\133\343\150\140\204\227\152\247\052\201
-\125\173\201\051
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\212\002\370\337\270\341\204\237\132\302\140\044\145\321\163\373
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\013\060\011\006\003\125\004\006\023\002\102\105
-\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163
-\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145
-\154\123\151\147\156\040\116\126\061\070\060\066\006\003\125\004
-\013\023\057\102\145\154\123\151\147\156\040\117\142\152\145\143
-\164\040\120\165\142\154\151\163\150\151\156\147\040\103\145\162
-\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162\151
-\164\171\061\045\060\043\006\003\125\004\003\023\034\102\145\154
-\123\151\147\156\040\117\142\152\145\143\164\040\120\165\142\154
-\151\163\150\151\156\147\040\103\101\061\043\060\041\006\011\052
-\206\110\206\367\015\001\011\001\026\024\167\145\142\155\141\163
-\164\145\162\100\142\145\154\163\151\147\156\056\142\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "BelSign Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "BelSign Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\263\061\013\060\011\006\003\125\004\006\023\002\102\105
-\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163
-\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145
-\154\123\151\147\156\040\116\126\061\064\060\062\006\003\125\004
-\013\023\053\102\145\154\123\151\147\156\040\123\145\143\165\162
-\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151
-\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061\041
-\060\037\006\003\125\004\003\023\030\102\145\154\123\151\147\156
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\101\061\043\060\041\006\011\052\206\110\206\367\015\001\011\001
-\026\024\167\145\142\155\141\163\164\145\162\100\142\145\154\163
-\151\147\156\056\142\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\263\061\013\060\011\006\003\125\004\006\023\002\102\105
-\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163
-\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145
-\154\123\151\147\156\040\116\126\061\064\060\062\006\003\125\004
-\013\023\053\102\145\154\123\151\147\156\040\123\145\143\165\162
-\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151
-\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061\041
-\060\037\006\003\125\004\003\023\030\102\145\154\123\151\147\156
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\101\061\043\060\041\006\011\052\206\110\206\367\015\001\011\001
-\026\024\167\145\142\155\141\163\164\145\162\100\142\145\154\163
-\151\147\156\056\142\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\363\060\202\002\134\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\263\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163\145
-\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145\154
-\123\151\147\156\040\116\126\061\064\060\062\006\003\125\004\013
-\023\053\102\145\154\123\151\147\156\040\123\145\143\165\162\145
-\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143
-\141\164\145\040\101\165\164\150\157\162\151\164\171\061\041\060
-\037\006\003\125\004\003\023\030\102\145\154\123\151\147\156\040
-\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103\101
-\061\043\060\041\006\011\052\206\110\206\367\015\001\011\001\026
-\024\167\145\142\155\141\163\164\145\162\100\142\145\154\163\151
-\147\156\056\142\145\060\036\027\015\071\067\060\067\061\066\062
-\062\060\060\065\064\132\027\015\060\067\060\067\061\066\062\062
-\060\060\065\064\132\060\201\263\061\013\060\011\006\003\125\004
-\006\023\002\102\105\061\021\060\017\006\003\125\004\007\023\010
-\102\162\165\163\163\145\154\163\061\023\060\021\006\003\125\004
-\012\023\012\102\145\154\123\151\147\156\040\116\126\061\064\060
-\062\006\003\125\004\013\023\053\102\145\154\123\151\147\156\040
-\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103\145
-\162\164\151\146\151\143\141\164\145\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\102\145
-\154\123\151\147\156\040\123\145\143\165\162\145\040\123\145\162
-\166\145\162\040\103\101\061\043\060\041\006\011\052\206\110\206
-\367\015\001\011\001\026\024\167\145\142\155\141\163\164\145\162
-\100\142\145\154\163\151\147\156\056\142\145\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\326\001\022\170\222\370\004\102
-\177\311\307\042\203\374\174\107\160\060\053\111\013\076\066\100
-\220\050\332\041\163\203\123\362\304\321\026\100\300\123\377\256
-\246\306\044\263\047\155\245\263\075\071\167\135\250\006\366\346
-\351\274\143\021\116\006\145\160\012\235\223\371\242\100\213\177
-\112\204\016\215\026\261\326\314\010\144\022\014\340\050\113\310
-\245\204\220\027\373\021\106\056\326\247\205\030\313\030\256\143
-\232\260\130\006\364\000\317\370\304\011\032\065\014\241\371\356
-\112\375\155\336\376\046\245\073\002\003\001\000\001\243\025\060
-\023\060\021\006\011\140\206\110\001\206\370\102\001\001\004\004
-\003\002\000\240\060\015\006\011\052\206\110\206\367\015\001\001
-\004\005\000\003\201\201\000\154\075\231\303\005\342\035\312\345
-\055\252\150\205\213\100\061\040\146\023\150\346\130\072\211\320
-\215\165\262\305\142\330\175\202\217\367\331\062\201\167\366\065
-\133\205\051\316\147\262\271\274\053\031\170\317\363\207\375\106
-\361\225\165\262\011\127\003\060\301\172\315\162\107\161\200\312
-\175\235\311\145\074\107\021\042\175\372\007\013\050\170\241\223
-\350\005\105\110\342\062\062\112\075\350\123\034\020\267\307\163
-\214\007\120\341\371\311\053\123\101\365\203\215\345\011\071\112
-\216\003\142\252\100\143\213
-END
-
-# Trust for Certificate "BelSign Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "BelSign Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\302\305\265\376\203\144\370\243\156\170\035\174\025\010\174\350
-\205\241\206\230
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\075\136\202\306\331\255\331\213\223\153\014\020\271\111\012\261
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\263\061\013\060\011\006\003\125\004\006\023\002\102\105
-\061\021\060\017\006\003\125\004\007\023\010\102\162\165\163\163
-\145\154\163\061\023\060\021\006\003\125\004\012\023\012\102\145
-\154\123\151\147\156\040\116\126\061\064\060\062\006\003\125\004
-\013\023\053\102\145\154\123\151\147\156\040\123\145\143\165\162
-\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151
-\143\141\164\145\040\101\165\164\150\157\162\151\164\171\061\041
-\060\037\006\003\125\004\003\023\030\102\145\154\123\151\147\156
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\101\061\043\060\041\006\011\052\206\110\206\367\015\001\011\001
-\026\024\167\145\142\155\141\163\164\145\162\100\142\145\154\163
-\151\147\156\056\142\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "TC TrustCenter, Germany, Class 0 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 0 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\060\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\060\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162
-\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142
-\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103
-\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162
-\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164
-\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061
-\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\060
-\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001
-\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100
-\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036
-\027\015\071\070\060\063\060\071\061\063\065\064\064\070\132\027
-\015\060\065\061\062\063\061\061\063\065\064\064\070\132\060\201
-\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020
-\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147
-\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165
-\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040
-\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040
-\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141
-\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042
-\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163
-\164\103\145\156\164\145\162\040\103\154\141\163\163\040\060\040
-\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011
-\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164
-\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\337\175\346\276\277\325
-\360\057\155\116\016\321\340\215\013\177\073\124\350\212\342\260
-\237\050\305\212\306\271\263\063\047\365\047\312\032\114\124\022
-\153\264\262\106\263\035\113\263\364\041\013\113\002\056\241\302
-\064\234\205\240\304\170\021\333\333\153\047\053\011\052\030\116
-\100\314\237\161\031\147\231\164\242\174\077\301\330\213\043\310
-\143\073\212\041\253\134\336\036\364\215\334\264\030\303\005\163
-\364\152\264\241\372\001\010\053\001\017\155\067\133\252\070\206
-\147\071\327\345\137\372\344\176\314\243\002\003\001\000\001\243
-\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206
-\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057
-\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056
-\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153
-\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110
-\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072
-\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145
-\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145
-\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140
-\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160
-\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156
-\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122
-\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110
-\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057
-\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162
-\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151
-\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110
-\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\060
-\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001
-\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\115\007\177\137\011\060\031
-\222\252\005\107\172\224\165\124\052\256\317\374\330\014\102\341
-\105\070\053\044\225\262\312\207\312\171\304\303\227\220\136\142
-\030\306\311\070\141\114\150\065\323\114\024\021\353\304\315\241
-\251\330\305\236\150\047\062\007\065\105\004\370\137\041\240\140
-\036\034\000\110\004\130\322\305\313\256\155\062\156\075\167\225
-\214\205\307\345\256\120\235\165\112\173\377\013\047\171\352\115
-\244\131\377\354\132\352\046\245\071\203\244\321\170\316\247\251
-\176\274\335\053\312\022\223\003\112
-END
-
-# Trust for Certificate "TC TrustCenter, Germany, Class 0 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 0 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\104\201\247\326\311\104\165\204\317\355\212\107\311\256\152\360
-\036\071\165\030
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\065\205\111\216\156\127\376\275\227\361\311\106\043\072\266\175
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\060\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "TC TrustCenter, Germany, Class 1 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 1 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\002
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162
-\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142
-\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103
-\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162
-\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164
-\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061
-\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\061
-\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001
-\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100
-\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036
-\027\015\071\070\060\063\060\071\061\063\065\066\063\063\132\027
-\015\060\065\061\062\063\061\061\063\065\066\063\063\132\060\201
-\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020
-\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147
-\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165
-\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040
-\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040
-\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141
-\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042
-\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163
-\164\103\145\156\164\145\162\040\103\154\141\163\163\040\061\040
-\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011
-\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164
-\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\260\051\353\264\166\263
-\256\327\266\133\264\136\347\275\343\261\234\111\004\127\133\241
-\253\331\177\023\033\375\272\141\253\330\347\161\337\055\000\224
-\135\121\110\175\043\357\165\142\204\220\074\012\037\131\021\164
-\057\216\200\245\375\060\002\075\051\122\315\162\032\111\041\234
-\274\313\122\216\110\241\143\226\310\020\205\060\151\127\164\105
-\300\132\206\306\325\075\340\150\127\175\061\152\044\215\105\227
-\076\061\176\150\146\062\156\044\155\354\062\066\311\101\312\360
-\061\104\310\243\141\312\033\240\066\037\002\003\001\000\001\243
-\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206
-\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057
-\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056
-\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153
-\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110
-\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072
-\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145
-\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145
-\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140
-\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160
-\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156
-\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122
-\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110
-\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057
-\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162
-\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151
-\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110
-\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\061
-\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001
-\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\005\102\122\046\244\014\047
-\001\104\254\134\045\050\302\104\102\124\010\271\035\305\076\154
-\131\146\304\263\116\120\247\370\370\226\165\241\226\165\350\026
-\070\240\315\135\156\372\171\247\033\173\035\036\303\000\271\146
-\276\132\326\142\017\347\362\173\270\357\114\340\300\077\131\256
-\071\267\204\011\236\253\361\251\056\153\151\342\255\314\362\352
-\170\011\005\040\070\102\161\030\176\307\262\227\346\325\002\005
-\006\126\243\137\361\252\302\304\117\376\367\357\026\017\235\354
-\252\205\317\075\051\044\361\004\315
-END
-
-# Trust for Certificate "TC TrustCenter, Germany, Class 1 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 1 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\332\300\131\013\015\224\374\025\327\025\056\266\171\160\003\133
-\215\271\365\053
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\144\077\370\076\122\024\112\131\272\223\126\004\013\043\002\321
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "TC TrustCenter, Germany, Class 2 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 2 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\062\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\003
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162
-\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142
-\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103
-\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162
-\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164
-\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061
-\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062
-\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001
-\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100
-\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036
-\027\015\071\070\060\063\060\071\061\063\065\067\064\064\132\027
-\015\060\065\061\062\063\061\061\063\065\067\064\064\132\060\201
-\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020
-\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147
-\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165
-\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040
-\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040
-\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141
-\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042
-\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163
-\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062\040
-\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011
-\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164
-\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\332\070\350\355\062\000
-\051\161\203\001\015\277\214\001\334\332\306\255\071\244\251\212
-\057\325\213\134\150\137\120\306\142\365\146\275\312\221\042\354
-\252\035\121\327\075\263\121\262\203\116\135\313\111\260\360\114
-\125\345\153\055\307\205\013\060\034\222\116\202\324\312\002\355
-\367\157\276\334\340\343\024\270\005\123\362\232\364\126\213\132
-\236\205\223\321\264\202\126\256\115\273\250\113\127\026\274\376
-\370\130\236\370\051\215\260\173\315\170\311\117\254\213\147\014
-\361\234\373\374\127\233\127\134\117\015\002\003\001\000\001\243
-\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206
-\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057
-\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056
-\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153
-\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110
-\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072
-\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145
-\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145
-\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140
-\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160
-\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156
-\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122
-\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110
-\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057
-\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162
-\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151
-\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110
-\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\062
-\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001
-\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\211\033\364\357\351\070\342
-\154\014\366\315\157\111\316\051\314\373\246\017\371\215\076\225
-\106\326\374\107\062\211\262\310\006\141\172\322\347\015\023\002
-\224\013\331\213\126\107\364\273\347\305\137\173\364\143\114\256
-\174\064\352\015\242\251\263\054\205\363\343\376\047\124\020\222
-\260\217\222\301\230\102\030\160\110\333\116\054\353\015\044\150
-\344\321\367\276\011\251\051\207\273\350\332\334\076\243\210\102
-\061\365\321\343\177\256\330\216\000\132\164\230\260\117\306\377
-\043\173\134\163\000\170\311\333\116
-END
-
-# Trust for Certificate "TC TrustCenter, Germany, Class 2 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 2 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\312\135\207\155\025\113\162\350\014\357\331\346\353\234\366\215
-\002\037\253\354
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\341\351\226\123\167\341\360\070\240\002\253\224\306\225\173\374
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\061\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "TC TrustCenter, Germany, Class 3 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 3 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\004
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162
-\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142
-\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103
-\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162
-\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164
-\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061
-\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063
-\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001
-\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100
-\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036
-\027\015\071\070\060\063\060\071\061\063\065\070\064\071\132\027
-\015\060\065\061\062\063\061\061\063\065\070\064\071\132\060\201
-\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020
-\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147
-\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165
-\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040
-\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040
-\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141
-\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042
-\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163
-\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040
-\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011
-\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164
-\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\266\264\301\065\005\056
-\015\215\354\240\100\152\034\016\047\246\120\222\153\120\033\007
-\336\056\347\166\314\340\332\374\204\250\136\214\143\152\053\115
-\331\116\002\166\021\301\013\362\215\171\312\000\266\361\260\016
-\327\373\244\027\075\257\253\151\172\226\047\277\257\063\241\232
-\052\131\252\304\265\067\010\362\022\245\061\266\103\365\062\226
-\161\050\050\253\215\050\206\337\273\356\343\014\175\060\326\303
-\122\253\217\135\047\234\153\300\243\347\005\153\127\111\104\263
-\156\352\144\317\322\216\172\120\167\167\002\003\001\000\001\243
-\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206
-\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057
-\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056
-\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153
-\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110
-\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072
-\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145
-\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145
-\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140
-\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160
-\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156
-\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122
-\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110
-\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057
-\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162
-\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151
-\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110
-\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\063
-\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001
-\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\204\206\120\142\171\240\047
-\341\045\272\011\261\064\017\023\011\355\055\312\243\346\225\371
-\060\254\315\027\245\316\075\227\235\354\174\217\046\177\300\141
-\312\042\367\221\335\074\066\131\232\233\165\367\274\344\310\355
-\354\002\266\042\247\363\054\361\310\222\170\155\266\356\305\050
-\354\200\040\117\271\153\010\347\057\247\206\036\175\261\010\237
-\124\271\000\067\074\240\330\032\310\226\034\364\062\024\234\071
-\225\267\356\360\103\111\302\136\350\313\171\157\123\277\373\111
-\212\054\330\113\331\125\362\022\160
-END
-
-# Trust for Certificate "TC TrustCenter, Germany, Class 3 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 3 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\227\057\340\037\171\136\221\210\026\371\201\161\176\162\355\040
-\241\377\020\143
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\142\253\266\025\112\264\260\026\167\377\256\317\026\026\053\214
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\063\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "TC TrustCenter, Germany, Class 4 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 4 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\064\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\064\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\005
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\065\060\202\003\236\240\003\002\001\002\002\001\005
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162
-\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142
-\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103
-\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162
-\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164
-\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061
-\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\064
-\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001
-\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100
-\164\162\165\163\164\143\145\156\164\145\162\056\144\145\060\036
-\027\015\071\070\060\063\060\071\061\064\060\060\062\060\132\027
-\015\060\065\061\062\063\061\061\064\060\060\062\060\132\060\201
-\274\061\013\060\011\006\003\125\004\006\023\002\104\105\061\020
-\060\016\006\003\125\004\010\023\007\110\141\155\142\165\162\147
-\061\020\060\016\006\003\125\004\007\023\007\110\141\155\142\165
-\162\147\061\072\060\070\006\003\125\004\012\023\061\124\103\040
-\124\162\165\163\164\103\145\156\164\145\162\040\146\157\162\040
-\123\145\143\165\162\151\164\171\040\151\156\040\104\141\164\141
-\040\116\145\164\167\157\162\153\163\040\107\155\142\110\061\042
-\060\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163
-\164\103\145\156\164\145\162\040\103\154\141\163\163\040\064\040
-\103\101\061\051\060\047\006\011\052\206\110\206\367\015\001\011
-\001\026\032\143\145\162\164\151\146\151\143\141\164\145\100\164
-\162\165\163\164\143\145\156\164\145\162\056\144\145\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\277\057\143\326\066\173
-\262\015\323\125\365\144\154\346\045\135\306\264\310\024\272\045
-\070\203\353\126\142\245\125\251\145\243\364\043\231\302\113\271
-\320\315\124\147\246\243\240\243\251\063\053\166\344\275\255\167
-\262\355\134\022\164\303\305\266\017\122\232\162\223\103\220\142
-\146\025\017\105\245\335\340\335\270\157\100\156\127\301\171\162
-\243\140\252\272\166\035\022\211\123\132\374\002\276\341\011\023
-\305\112\057\334\075\213\031\255\327\213\044\105\373\114\364\315
-\134\065\035\051\114\121\363\362\154\125\002\003\001\000\001\243
-\202\001\103\060\202\001\077\060\100\006\011\140\206\110\001\206
-\370\102\001\003\004\063\026\061\150\164\164\160\163\072\057\057
-\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162\056
-\144\145\057\143\147\151\055\142\151\156\057\143\150\145\143\153
-\055\162\145\166\056\143\147\151\077\060\100\006\011\140\206\110
-\001\206\370\102\001\004\004\063\026\061\150\164\164\160\163\072
-\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145
-\162\056\144\145\057\143\147\151\055\142\151\156\057\143\150\145
-\143\153\055\162\145\166\056\143\147\151\077\060\074\006\011\140
-\206\110\001\206\370\102\001\007\004\057\026\055\150\164\164\160
-\163\072\057\057\167\167\167\056\164\162\165\163\164\143\145\156
-\164\145\162\056\144\145\057\143\147\151\055\142\151\156\057\122
-\145\156\145\167\056\143\147\151\077\060\076\006\011\140\206\110
-\001\206\370\102\001\010\004\061\026\057\150\164\164\160\072\057
-\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145\162
-\056\144\145\057\147\165\151\144\145\154\151\156\145\163\057\151
-\156\144\145\170\056\150\164\155\154\060\050\006\011\140\206\110
-\001\206\370\102\001\015\004\033\026\031\124\103\040\124\162\165
-\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040\064
-\040\103\101\060\021\006\011\140\206\110\001\206\370\102\001\001
-\004\004\003\002\000\007\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\224\150\024\033\045\236\051
-\231\261\262\043\322\104\263\225\237\321\236\125\004\335\343\057
-\202\063\125\226\167\031\235\053\236\145\034\372\212\343\307\217
-\045\374\261\036\125\106\017\217\377\117\067\057\244\166\131\246
-\144\353\325\026\160\275\335\225\063\014\244\015\044\353\144\120
-\264\103\021\362\103\276\015\161\230\042\354\001\257\354\367\307
-\134\161\303\165\221\130\031\350\335\240\364\264\361\274\020\112
-\363\223\264\006\111\273\037\146\322\275\164\107\341\232\371\353
-\327\253\155\037\272\341\035\054\332
-END
-
-# Trust for Certificate "TC TrustCenter, Germany, Class 4 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TC TrustCenter, Germany, Class 4 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\161\162\311\174\001\016\161\014\375\350\321\363\171\263\300\074
-\253\116\274\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\277\257\354\304\332\371\060\371\312\065\312\045\344\077\215\211
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\274\061\013\060\011\006\003\125\004\006\023\002\104\105
-\061\020\060\016\006\003\125\004\010\023\007\110\141\155\142\165
-\162\147\061\020\060\016\006\003\125\004\007\023\007\110\141\155
-\142\165\162\147\061\072\060\070\006\003\125\004\012\023\061\124
-\103\040\124\162\165\163\164\103\145\156\164\145\162\040\146\157
-\162\040\123\145\143\165\162\151\164\171\040\151\156\040\104\141
-\164\141\040\116\145\164\167\157\162\153\163\040\107\155\142\110
-\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124\162
-\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163\040
-\064\040\103\101\061\051\060\047\006\011\052\206\110\206\367\015
-\001\011\001\026\032\143\145\162\164\151\146\151\143\141\164\145
-\100\164\162\165\163\164\143\145\156\164\145\162\056\144\145
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\005
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ABAecom (sub., Am. Bankers Assn.) Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ABAecom (sub., Am. Bankers Assn.) Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060
-\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164
-\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101
-\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006
-\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122
-\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206
-\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060
-\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164
-\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101
-\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006
-\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122
-\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206
-\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000
-\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\265\060\202\002\235\240\003\002\001\002\002\021\000
-\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000\004
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060\021
-\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164\157
-\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101\056
-\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006\003
-\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122\157
-\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206\367
-\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147\163
-\151\147\164\162\165\163\164\056\143\157\155\060\036\027\015\071
-\071\060\067\061\062\061\067\063\063\065\063\132\027\015\060\071
-\060\067\060\071\061\067\063\063\065\063\132\060\201\211\061\013
-\060\011\006\003\125\004\006\023\002\125\123\061\013\060\011\006
-\003\125\004\010\023\002\104\103\061\023\060\021\006\003\125\004
-\007\023\012\127\141\163\150\151\156\147\164\157\156\061\027\060
-\025\006\003\125\004\012\023\016\101\102\101\056\105\103\117\115
-\054\040\111\116\103\056\061\031\060\027\006\003\125\004\003\023
-\020\101\102\101\056\105\103\117\115\040\122\157\157\164\040\103
-\101\061\044\060\042\006\011\052\206\110\206\367\015\001\011\001
-\026\025\141\144\155\151\156\100\144\151\147\163\151\147\164\162
-\165\163\164\056\143\157\155\060\202\001\042\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060
-\202\001\012\002\202\001\001\000\261\323\021\340\171\125\103\007
-\010\114\313\005\102\000\342\015\203\106\075\344\223\272\266\006
-\323\015\131\275\076\301\316\103\147\001\212\041\250\357\274\314
-\320\242\314\260\125\226\123\204\146\005\000\332\104\111\200\330
-\124\012\245\045\206\224\355\143\126\377\160\154\243\241\031\322
-\170\276\150\052\104\136\057\317\314\030\136\107\274\072\261\106
-\075\036\360\271\054\064\137\214\174\114\010\051\235\100\125\353
-\074\175\203\336\265\360\367\212\203\016\241\114\264\072\245\263
-\137\132\042\227\354\031\233\301\005\150\375\346\267\251\221\224
-\054\344\170\110\044\032\045\031\072\353\225\234\071\012\212\317
-\102\262\360\034\325\137\373\153\355\150\126\173\071\054\162\070
-\260\356\223\251\323\173\167\074\353\161\003\251\070\112\026\154
-\211\052\312\332\063\023\171\302\125\214\355\234\273\362\313\133
-\020\370\056\141\065\306\051\114\052\320\052\143\321\145\131\264
-\370\315\371\364\000\204\266\127\102\205\235\062\250\371\052\124
-\373\377\170\101\274\275\161\050\364\273\220\274\377\226\064\004
-\343\105\236\241\106\050\100\201\002\003\001\000\001\243\026\060
-\024\060\022\006\003\125\035\023\001\001\377\004\010\060\006\001
-\001\377\002\001\010\060\015\006\011\052\206\110\206\367\015\001
-\001\005\005\000\003\202\001\001\000\004\157\045\206\344\346\226
-\047\264\331\102\300\320\311\000\261\177\124\076\207\262\155\044
-\251\057\012\176\375\244\104\260\370\124\007\275\033\235\235\312
-\173\120\044\173\021\133\111\243\246\277\022\164\325\211\267\267
-\057\230\144\045\024\267\141\351\177\140\200\153\323\144\350\253
-\275\032\326\121\372\300\264\135\167\032\177\144\010\136\171\306
-\005\114\361\172\335\115\175\316\346\110\173\124\322\141\222\201
-\326\033\326\000\360\016\236\050\167\240\115\210\307\042\166\031
-\303\307\236\033\246\167\170\370\137\233\126\321\360\362\027\254
-\216\235\131\346\037\376\127\266\331\136\341\135\237\105\354\141
-\150\031\101\341\262\040\046\376\132\060\166\044\377\100\162\074
-\171\237\174\042\110\253\106\315\333\263\206\054\217\277\005\101
-\323\301\343\024\343\101\027\046\320\174\247\161\114\031\350\112
-\017\162\130\061\175\354\140\172\243\042\050\275\031\044\140\077
-\073\207\163\300\153\344\313\256\267\253\045\103\262\125\055\173
-\253\006\016\165\135\064\345\135\163\155\236\262\165\100\245\131
-\311\117\061\161\210\331\210\177\124
-END
-
-# Trust for Certificate "ABAecom (sub., Am. Bankers Assn.) Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ABAecom (sub., Am. Bankers Assn.) Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\172\164\101\017\260\315\134\227\052\066\113\161\277\003\035\210
-\246\121\016\236
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\101\270\007\367\250\321\011\356\264\232\216\160\115\374\033\170
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\211\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\013\060\011\006\003\125\004\010\023\002\104\103\061\023\060
-\021\006\003\125\004\007\023\012\127\141\163\150\151\156\147\164
-\157\156\061\027\060\025\006\003\125\004\012\023\016\101\102\101
-\056\105\103\117\115\054\040\111\116\103\056\061\031\060\027\006
-\003\125\004\003\023\020\101\102\101\056\105\103\117\115\040\122
-\157\157\164\040\103\101\061\044\060\042\006\011\052\206\110\206
-\367\015\001\011\001\026\025\141\144\155\151\156\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\220\000\000\106\122\000\000\000\001\000\000\000
-\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\066\160\025\226
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066
-\160\025\226\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151
-\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162
-\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013
-\023\010\104\123\124\103\101\040\105\061\060\036\027\015\071\070
-\061\062\061\060\061\070\061\060\062\063\132\027\015\061\070\061
-\062\061\060\061\070\064\060\062\063\132\060\106\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125
-\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156
-\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061
-\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040
-\105\061\060\201\235\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\240
-\154\201\251\317\064\036\044\335\376\206\050\314\336\203\057\371
-\136\324\102\322\350\164\140\146\023\230\006\034\251\121\022\151
-\157\061\125\271\111\162\000\010\176\323\245\142\104\067\044\231
-\217\331\203\110\217\231\155\225\023\273\103\073\056\111\116\210
-\067\301\273\130\177\376\341\275\370\273\141\315\363\107\300\231
-\246\361\363\221\350\170\174\000\313\141\311\104\047\161\151\125
-\112\176\111\115\355\242\243\276\002\114\000\312\002\250\356\001
-\002\061\144\017\122\055\023\164\166\066\265\172\264\055\161\002
-\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006
-\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127
-\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061\061\015\060\013\006\003\125\004
-\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044
-\060\042\200\017\061\071\071\070\061\062\061\060\061\070\061\060
-\062\063\132\201\017\062\060\061\070\061\062\061\060\061\070\061
-\060\062\063\132\060\013\006\003\125\035\017\004\004\003\002\001
-\006\060\037\006\003\125\035\043\004\030\060\026\200\024\152\171
-\176\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016
-\242\370\060\035\006\003\125\035\016\004\026\004\024\152\171\176
-\221\151\106\030\023\012\002\167\245\131\133\140\230\045\016\242
-\370\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060
-\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012
-\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\201\201\000\042\022\330
-\172\035\334\201\006\266\011\145\262\207\310\037\136\264\057\351
-\304\036\362\074\301\273\004\220\021\112\203\116\176\223\271\115
-\102\307\222\046\240\134\064\232\070\162\370\375\153\026\076\040
-\356\202\213\061\052\223\066\205\043\210\212\074\003\150\323\311
-\011\017\115\374\154\244\332\050\162\223\016\211\200\260\175\376
-\200\157\145\155\030\063\227\213\302\153\211\356\140\075\310\233
-\357\177\053\062\142\163\223\313\074\343\173\342\166\170\105\274
-\241\223\004\273\206\237\072\133\103\172\303\212\145
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\201\226\213\072\357\034\334\160\365\372\062\151\302\222\243\143
-\133\321\043\323
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\045\172\272\203\056\266\242\013\332\376\365\002\017\010\327\255
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\066\160\025\226
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\066\156\323\316
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\051\060\202\002\222\240\003\002\001\002\002\004\066
-\156\323\316\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\106\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\044\060\042\006\003\125\004\012\023\033\104\151\147\151
-\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124\162
-\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004\013
-\023\010\104\123\124\103\101\040\105\062\060\036\027\015\071\070
-\061\062\060\071\061\071\061\067\062\066\132\027\015\061\070\061
-\062\060\071\061\071\064\067\062\066\132\060\106\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\044\060\042\006\003\125
-\004\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156
-\141\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061
-\021\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040
-\105\062\060\201\235\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\213\000\060\201\207\002\201\201\000\277
-\223\217\027\222\357\063\023\030\353\020\177\116\026\277\377\006
-\217\052\205\274\136\371\044\246\044\210\266\003\267\301\303\137
-\003\133\321\157\256\176\102\352\146\043\270\143\203\126\373\050
-\055\341\070\213\264\356\250\001\341\316\034\266\210\052\042\106
-\205\373\237\247\160\251\107\024\077\316\336\145\360\250\161\367
-\117\046\154\214\274\306\265\357\336\111\047\377\110\052\175\350
-\115\003\314\307\262\122\306\027\061\023\073\265\115\333\310\304
-\366\303\017\044\052\332\014\235\347\221\133\200\315\224\235\002
-\001\003\243\202\001\044\060\202\001\040\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\150\006
-\003\125\035\037\004\141\060\137\060\135\240\133\240\131\244\127
-\060\125\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062\061\015\060\013\006\003\125\004
-\003\023\004\103\122\114\061\060\053\006\003\125\035\020\004\044
-\060\042\200\017\061\071\071\070\061\062\060\071\061\071\061\067
-\062\066\132\201\017\062\060\061\070\061\062\060\071\061\071\061
-\067\062\066\132\060\013\006\003\125\035\017\004\004\003\002\001
-\006\060\037\006\003\125\035\043\004\030\060\026\200\024\036\202
-\115\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370
-\071\133\060\035\006\003\125\035\016\004\026\004\024\036\202\115
-\050\145\200\074\311\101\156\254\065\056\132\313\336\356\370\071
-\133\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060
-\031\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012
-\033\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\201\201\000\107\215\203
-\255\142\362\333\260\236\105\042\005\271\242\326\003\016\070\162
-\347\236\374\173\346\223\266\232\245\242\224\310\064\035\221\321
-\305\327\364\012\045\017\075\170\201\236\017\261\147\304\220\114
-\143\335\136\247\342\272\237\365\367\115\245\061\173\234\051\055
-\114\376\144\076\354\266\123\376\352\233\355\202\333\164\165\113
-\007\171\156\036\330\031\203\163\336\365\076\320\265\336\347\113
-\150\175\103\056\052\040\341\176\240\170\104\236\010\365\230\371
-\307\177\033\033\326\006\040\002\130\241\303\242\003
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\253\110\363\063\333\004\253\271\300\162\332\133\014\301\320\127
-\360\066\233\106
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\223\302\216\021\173\324\363\003\031\275\050\165\023\112\105\112
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\106\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\044\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141
-\154\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163
-\164\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010
-\104\123\124\103\101\040\105\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\066\156\323\316
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\213\000\000\002\174\000\000\000\002\000\000\000
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000
-\000\002\174\000\000\000\002\000\000\000\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060
-\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003
-\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125
-\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151
-\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147
-\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124
-\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004
-\013\023\010\104\123\124\103\101\040\130\061\061\026\060\024\006
-\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101
-\040\130\061\061\041\060\037\006\011\052\206\110\206\367\015\001
-\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165
-\163\164\056\143\157\155\060\036\027\015\071\070\061\062\060\061
-\061\070\061\070\065\065\132\027\015\060\070\061\061\062\070\061
-\070\061\070\065\065\132\060\201\251\061\013\060\011\006\003\125
-\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023
-\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016
-\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044
-\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154
-\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164
-\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104
-\123\124\103\101\040\130\061\061\026\060\024\006\003\125\004\003
-\023\015\104\123\124\040\122\157\157\164\103\101\040\130\061\061
-\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022
-\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143
-\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\322\306\046\266\347\245\075\301\304\150\325\120\157
-\123\305\157\111\023\011\270\257\054\110\215\024\152\243\027\137
-\132\371\323\056\165\057\330\050\142\321\223\057\374\115\324\253
-\207\345\010\307\231\347\222\077\165\275\353\045\264\025\301\233
-\031\075\322\104\215\327\164\040\155\067\002\217\151\223\133\212
-\304\031\235\364\262\016\374\026\154\271\261\005\222\203\321\205
-\054\140\224\076\105\125\240\331\253\010\041\346\140\350\073\164
-\362\231\120\121\150\320\003\055\261\200\276\243\330\122\260\104
-\315\103\112\160\216\130\205\225\341\116\054\326\055\101\157\326
-\204\347\310\230\104\312\107\333\054\044\245\151\046\317\153\270
-\047\142\303\364\311\172\222\043\355\023\147\202\256\105\056\105
-\345\176\162\077\205\235\224\142\020\346\074\221\241\255\167\000
-\340\025\354\363\204\200\162\172\216\156\140\227\307\044\131\020
-\064\203\133\341\245\244\151\266\127\065\034\170\131\306\323\057
-\072\163\147\356\224\312\004\023\005\142\006\160\043\263\364\174
-\356\105\331\144\013\133\111\252\244\103\316\046\304\104\022\154
-\270\335\171\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\242\067\262\077
-\151\373\327\206\171\124\111\061\225\063\053\363\321\011\024\111
-\142\140\206\245\260\021\342\120\302\035\006\127\076\055\350\063
-\144\276\233\252\255\137\033\115\324\231\225\242\213\232\311\142
-\162\265\151\352\331\130\253\065\355\025\242\103\326\266\274\007
-\171\145\144\163\175\327\171\312\173\325\132\121\306\341\123\004
-\226\215\070\317\243\027\254\071\161\153\001\303\213\123\074\143
-\351\356\171\300\344\276\222\062\144\172\263\037\227\224\142\275
-\352\262\040\025\225\373\227\362\170\057\143\066\100\070\343\106
-\017\035\335\254\225\312\347\113\220\173\261\113\251\324\305\353
-\232\332\252\325\243\224\024\106\215\055\037\363\072\326\223\072
-\366\076\171\374\350\346\260\165\355\356\075\311\160\307\135\252
-\201\113\106\045\034\307\154\025\343\225\116\017\252\062\067\224
-\012\027\044\222\023\204\130\322\143\157\053\367\346\133\142\013
-\023\027\260\015\122\114\376\376\157\134\342\221\156\035\375\244
-\142\327\150\372\216\172\117\322\010\332\223\334\360\222\021\172
-\320\334\162\223\014\163\223\142\205\150\320\364
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\267\057\377\222\322\316\103\336\012\215\114\124\214\120\067\046
-\250\036\053\223
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\154\311\247\156\107\361\014\343\123\073\170\114\115\302\152\305
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\061\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\061\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\213\000\000\002\174\000\000\000\002\000\000\000
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Digital Signature Trust Co. Global CA 4"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 4"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\213\000\000\167\155\000\000\000\001\000\000\000
-\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\330\060\202\002\300\002\021\000\320\036\100\213\000
-\000\167\155\000\000\000\001\000\000\000\004\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\251\061\013\060
-\011\006\003\125\004\006\023\002\165\163\061\015\060\013\006\003
-\125\004\010\023\004\125\164\141\150\061\027\060\025\006\003\125
-\004\007\023\016\123\141\154\164\040\114\141\153\145\040\103\151
-\164\171\061\044\060\042\006\003\125\004\012\023\033\104\151\147
-\151\164\141\154\040\123\151\147\156\141\164\165\162\145\040\124
-\162\165\163\164\040\103\157\056\061\021\060\017\006\003\125\004
-\013\023\010\104\123\124\103\101\040\130\062\061\026\060\024\006
-\003\125\004\003\023\015\104\123\124\040\122\157\157\164\103\101
-\040\130\062\061\041\060\037\006\011\052\206\110\206\367\015\001
-\011\001\026\022\143\141\100\144\151\147\163\151\147\164\162\165
-\163\164\056\143\157\155\060\036\027\015\071\070\061\061\063\060
-\062\062\064\066\061\066\132\027\015\060\070\061\061\062\067\062
-\062\064\066\061\066\132\060\201\251\061\013\060\011\006\003\125
-\004\006\023\002\165\163\061\015\060\013\006\003\125\004\010\023
-\004\125\164\141\150\061\027\060\025\006\003\125\004\007\023\016
-\123\141\154\164\040\114\141\153\145\040\103\151\164\171\061\044
-\060\042\006\003\125\004\012\023\033\104\151\147\151\164\141\154
-\040\123\151\147\156\141\164\165\162\145\040\124\162\165\163\164
-\040\103\157\056\061\021\060\017\006\003\125\004\013\023\010\104
-\123\124\103\101\040\130\062\061\026\060\024\006\003\125\004\003
-\023\015\104\123\124\040\122\157\157\164\103\101\040\130\062\061
-\041\060\037\006\011\052\206\110\206\367\015\001\011\001\026\022
-\143\141\100\144\151\147\163\151\147\164\162\165\163\164\056\143
-\157\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202
-\001\001\000\334\165\360\214\300\165\226\232\300\142\037\046\367
-\304\341\232\352\340\126\163\133\231\315\001\104\250\010\266\325
-\247\332\032\004\030\071\222\112\170\243\201\302\365\167\172\120
-\264\160\377\232\253\306\307\312\156\203\117\102\230\373\046\013
-\332\334\155\326\251\231\125\122\147\351\050\003\222\334\345\260
-\005\232\017\025\371\153\131\162\126\362\372\071\374\252\150\356
-\017\037\020\203\057\374\235\372\027\226\335\202\343\346\105\175
-\300\113\200\104\037\355\054\340\204\375\221\134\222\124\151\045
-\345\142\151\334\345\356\000\122\275\063\013\255\165\002\205\247
-\144\120\055\305\031\031\060\300\046\333\311\323\375\056\231\255
-\131\265\013\115\324\101\256\205\110\103\131\334\267\250\342\242
-\336\303\217\327\270\241\142\246\150\120\122\344\317\061\247\224
-\205\332\237\106\062\027\126\345\362\353\146\075\022\377\103\333
-\230\357\167\317\313\201\215\064\261\306\120\112\046\321\344\076
-\101\120\257\154\256\042\064\056\325\153\156\203\272\171\270\166
-\145\110\332\011\051\144\143\042\271\373\107\166\205\214\206\104
-\313\011\333\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\265\066\016\135
-\341\141\050\132\021\145\300\077\203\003\171\115\276\050\246\013
-\007\002\122\205\315\370\221\320\020\154\265\152\040\133\034\220
-\331\060\074\306\110\236\212\136\144\371\241\161\167\357\004\047
-\037\007\353\344\046\367\163\164\311\104\030\032\146\323\340\103
-\257\221\073\321\313\054\330\164\124\072\034\115\312\324\150\315
-\043\174\035\020\236\105\351\366\000\156\246\315\031\377\117\054
-\051\217\127\115\304\167\222\276\340\114\011\373\135\104\206\146
-\041\250\271\062\242\126\325\351\214\203\174\131\077\304\361\013
-\347\235\354\236\275\234\030\016\076\302\071\171\050\267\003\015
-\010\313\306\347\331\001\067\120\020\354\314\141\026\100\324\257
-\061\164\173\374\077\061\247\320\107\163\063\071\033\314\116\152
-\327\111\203\021\006\376\353\202\130\063\062\114\360\126\254\036
-\234\057\126\232\173\301\112\034\245\375\125\066\316\374\226\115
-\364\260\360\354\267\154\202\355\057\061\231\102\114\251\262\015
-\270\025\135\361\337\272\311\265\112\324\144\230\263\046\251\060
-\310\375\246\354\253\226\041\255\177\302\170\266
-END
-
-# Trust for Certificate "Digital Signature Trust Co. Global CA 4"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Digital Signature Trust Co. Global CA 4"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\147\353\063\173\150\114\353\016\302\260\166\012\264\210\047\214
-\335\225\227\335
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\315\073\075\142\133\011\270\011\066\207\236\022\057\161\144\272
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\251\061\013\060\011\006\003\125\004\006\023\002\165\163
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\044\060\042\006\003\125\004
-\012\023\033\104\151\147\151\164\141\154\040\123\151\147\156\141
-\164\165\162\145\040\124\162\165\163\164\040\103\157\056\061\021
-\060\017\006\003\125\004\013\023\010\104\123\124\103\101\040\130
-\062\061\026\060\024\006\003\125\004\003\023\015\104\123\124\040
-\122\157\157\164\103\101\040\130\062\061\041\060\037\006\011\052
-\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151\147
-\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\213\000\000\167\155\000\000\000\001\000\000\000
-\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Deutsche Telekom AG Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Deutsche Telekom AG Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\155\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\034\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143
-\150\145\040\124\145\154\145\153\157\155\040\101\107\061\035\060
-\033\006\003\125\004\013\023\024\124\145\154\145\123\145\143\040
-\124\162\165\163\164\040\103\145\156\164\145\162\061\041\060\037
-\006\003\125\004\003\023\030\104\145\165\164\163\143\150\145\040
-\124\145\154\145\153\157\155\040\122\157\157\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\155\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\034\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143
-\150\145\040\124\145\154\145\153\157\155\040\101\107\061\035\060
-\033\006\003\125\004\013\023\024\124\145\154\145\123\145\143\040
-\124\162\165\163\164\040\103\145\156\164\145\162\061\041\060\037
-\006\003\125\004\003\023\030\104\145\165\164\163\143\150\145\040
-\124\145\154\145\153\157\155\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\006
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\216\060\202\001\367\240\003\002\001\002\002\001\006
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\155\061\013\060\011\006\003\125\004\006\023\002\104\105\061\034
-\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143\150
-\145\040\124\145\154\145\153\157\155\040\101\107\061\035\060\033
-\006\003\125\004\013\023\024\124\145\154\145\123\145\143\040\124
-\162\165\163\164\040\103\145\156\164\145\162\061\041\060\037\006
-\003\125\004\003\023\030\104\145\165\164\163\143\150\145\040\124
-\145\154\145\153\157\155\040\122\157\157\164\040\103\101\060\036
-\027\015\071\070\061\062\060\071\060\071\061\061\060\060\132\027
-\015\060\064\061\062\060\071\062\063\065\071\060\060\132\060\155
-\061\013\060\011\006\003\125\004\006\023\002\104\105\061\034\060
-\032\006\003\125\004\012\023\023\104\145\165\164\163\143\150\145
-\040\124\145\154\145\153\157\155\040\101\107\061\035\060\033\006
-\003\125\004\013\023\024\124\145\154\145\123\145\143\040\124\162
-\165\163\164\040\103\145\156\164\145\162\061\041\060\037\006\003
-\125\004\003\023\030\104\145\165\164\163\143\150\145\040\124\145
-\154\145\153\157\155\040\122\157\157\164\040\103\101\060\201\237
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\201\215\000\060\201\211\002\201\201\000\335\005\054\371\005\263
-\271\022\327\151\161\367\352\126\060\010\127\024\103\173\273\032
-\234\155\057\127\141\327\342\365\104\153\356\066\101\226\366\144
-\316\341\301\262\271\244\024\004\230\120\350\160\370\216\065\232
-\175\111\301\141\035\131\256\332\006\030\225\175\255\316\354\251
-\276\321\030\017\100\221\166\052\243\345\375\376\211\025\364\127
-\367\340\125\332\165\255\000\364\054\301\065\314\264\103\046\125
-\142\104\056\001\045\234\212\133\360\301\320\000\065\170\376\065
-\336\224\100\144\170\203\241\314\071\211\002\003\001\000\001\243
-\076\060\074\060\017\006\003\125\035\023\004\010\060\006\001\001
-\377\002\001\005\060\016\006\003\125\035\017\001\001\377\004\004
-\003\002\001\006\060\031\006\003\125\035\016\004\022\004\020\054
-\207\131\037\213\023\200\262\371\206\235\076\022\176\130\226\060
-\015\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201
-\201\000\017\376\163\265\007\210\157\240\013\211\352\312\120\037
-\224\336\224\053\013\047\136\117\365\034\225\046\332\214\226\124
-\255\031\221\067\103\135\253\311\213\263\315\157\230\071\075\355
-\335\065\343\161\267\355\023\223\203\350\206\345\051\063\023\023
-\274\065\173\375\050\057\160\131\325\323\264\215\050\023\131\073
-\310\325\164\371\105\302\007\140\252\270\030\124\371\245\150\377
-\327\005\325\217\266\005\061\056\101\112\364\020\037\140\107\032
-\013\213\031\115\222\127\040\322\357\120\031\350\315\320\160\274
-\274\066
-END
-
-# Trust for Certificate "Deutsche Telekom AG Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Deutsche Telekom AG Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\342\023\044\000\203\106\103\235\143\067\021\170\043\310\065\246
-\354\113\316\102
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\167\336\004\224\167\320\014\137\247\261\364\060\030\207\373\125
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\155\061\013\060\011\006\003\125\004\006\023\002\104\105\061
-\034\060\032\006\003\125\004\012\023\023\104\145\165\164\163\143
-\150\145\040\124\145\154\145\153\157\155\040\101\107\061\035\060
-\033\006\003\125\004\013\023\024\124\145\154\145\123\145\143\040
-\124\162\165\163\164\040\103\145\156\164\145\162\061\041\060\037
-\006\003\125\004\003\023\030\104\145\165\164\163\143\150\145\040
-\124\145\154\145\153\157\155\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\006
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary Certification Authority"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\315\272\177\126\360\337\344\274\124\376\042\254\263\162\252
-\125
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\075\060\202\001\246\002\021\000\315\272\177\126\360
-\337\344\274\124\376\042\254\263\162\252\125\060\015\006\011\052
-\206\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141
-\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071
-\066\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070
-\060\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154
-\141\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151
-\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201
-\215\000\060\201\211\002\201\201\000\345\031\277\155\243\126\141
-\055\231\110\161\366\147\336\271\215\353\267\236\206\200\012\221
-\016\372\070\045\257\106\210\202\345\163\250\240\233\044\135\015
-\037\314\145\156\014\260\320\126\204\030\207\232\006\233\020\241
-\163\337\264\130\071\153\156\301\366\025\325\250\250\077\252\022
-\006\215\061\254\177\260\064\327\217\064\147\210\011\315\024\021
-\342\116\105\126\151\037\170\002\200\332\334\107\221\051\273\066
-\311\143\134\305\340\327\055\207\173\241\267\062\260\173\060\272
-\052\057\061\252\356\243\147\332\333\002\003\001\000\001\060\015
-\006\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201
-\000\114\077\270\213\306\150\337\356\103\063\016\135\351\246\313
-\007\204\115\172\063\377\222\033\364\066\255\330\225\042\066\150
-\021\154\174\102\314\363\234\056\304\007\077\024\260\017\117\377
-\220\222\166\371\342\274\112\351\217\315\240\200\012\367\305\051
-\361\202\042\135\270\261\335\201\043\243\173\045\025\106\060\171
-\026\370\352\005\113\224\177\035\302\034\310\343\267\364\020\100
-\074\023\303\137\037\123\350\110\344\206\264\173\241\065\260\173
-\045\272\270\323\216\253\077\070\235\000\064\000\230\363\321\161
-\224
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\220\256\242\151\205\377\024\200\114\103\111\122\354\351\140\204
-\167\257\125\157
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\227\140\350\127\137\323\120\107\345\103\014\224\066\212\260\142
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\315\272\177\126\360\337\344\274\124\376\042\254\263\162\252
-\125
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Verisign Class 2 Public Primary Certification Authority"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\055\033\374\112\027\215\243\221\353\347\377\365\213\105\276\013
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\074\060\202\001\245\002\020\055\033\374\112\027\215
-\243\221\353\347\377\365\213\105\276\013\060\015\006\011\052\206
-\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004
-\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143
-\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163
-\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155\141
-\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066
-\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060
-\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141
-\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\266\132\213\243\015\152\043\203
-\200\153\317\071\207\364\041\023\063\006\114\045\242\355\125\022
-\227\305\247\200\271\372\203\301\040\240\372\057\025\015\174\241
-\140\153\176\171\054\372\006\017\072\256\366\033\157\261\322\377
-\057\050\122\137\203\175\113\304\172\267\370\146\037\200\124\374
-\267\302\216\131\112\024\127\106\321\232\223\276\101\221\003\273
-\025\200\223\134\353\347\314\010\154\077\076\263\112\374\377\113
-\154\043\325\120\202\046\104\031\216\043\303\161\352\031\044\107
-\004\236\165\277\310\246\000\037\002\003\001\000\001\060\015\006
-\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000
-\212\033\053\372\071\301\164\327\136\330\031\144\242\130\112\055
-\067\340\063\107\017\254\355\367\252\333\036\344\213\006\134\140
-\047\312\105\122\316\026\357\077\006\144\347\224\150\174\140\063
-\025\021\151\257\235\142\215\243\003\124\153\246\276\345\356\005
-\030\140\004\277\102\200\375\320\250\250\036\001\073\367\243\134
-\257\243\334\346\046\200\043\074\270\104\164\367\012\256\111\213
-\141\170\314\044\277\210\212\247\016\352\163\031\101\375\115\003
-\360\210\321\345\170\215\245\052\117\366\227\015\027\167\312\330
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\147\202\252\340\355\356\342\032\130\071\323\300\315\024\150\012
-\117\140\024\052
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\263\234\045\261\303\056\062\123\200\025\060\235\115\002\167\076
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\055\033\374\112\027\215\243\221\353\347\377\365\213\105\276\013
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary Certification Authority"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\160\272\344\035\020\331\051\064\266\070\312\173\003\314\272\277
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\074\060\202\001\245\002\020\160\272\344\035\020\331
-\051\064\266\070\312\173\003\314\272\277\060\015\006\011\052\206
-\110\206\367\015\001\001\002\005\000\060\137\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004
-\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143
-\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141\163
-\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155\141
-\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\036\027\015\071\066
-\060\061\062\071\060\060\060\060\060\060\132\027\015\062\070\060
-\070\060\061\062\063\065\071\065\071\132\060\137\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\067\060\065\006\003\125\004\013\023\056\103\154\141
-\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\311\134\131\236\362\033\212\001
-\024\264\020\337\004\100\333\343\127\257\152\105\100\217\204\014
-\013\321\063\331\331\021\317\356\002\130\037\045\367\052\250\104
-\005\252\354\003\037\170\177\236\223\271\232\000\252\043\175\326
-\254\205\242\143\105\307\162\047\314\364\114\306\165\161\322\071
-\357\117\102\360\165\337\012\220\306\216\040\157\230\017\370\254
-\043\137\160\051\066\244\311\206\347\261\232\040\313\123\245\205
-\347\075\276\175\232\376\044\105\063\334\166\025\355\017\242\161
-\144\114\145\056\201\150\105\247\002\003\001\000\001\060\015\006
-\011\052\206\110\206\367\015\001\001\002\005\000\003\201\201\000
-\273\114\022\053\317\054\046\000\117\024\023\335\246\373\374\012
-\021\204\214\363\050\034\147\222\057\174\266\305\372\337\360\350
-\225\274\035\217\154\054\250\121\314\163\330\244\300\123\360\116
-\326\046\300\166\001\127\201\222\136\041\361\321\261\377\347\320
-\041\130\315\151\027\343\104\034\234\031\104\071\211\134\334\234
-\000\017\126\215\002\231\355\242\220\105\114\344\273\020\244\075
-\360\062\003\016\361\316\370\350\311\121\214\346\142\237\346\237
-\300\175\267\162\234\311\066\072\153\237\116\250\377\144\015\144
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\164\054\061\222\346\007\344\044\353\105\111\124\053\341\273\305
-\076\141\164\342
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\020\374\143\135\366\046\076\015\363\045\276\137\171\315\147\147
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\160\272\344\035\020\331\051\064\266\070\312\173\003\314\272\277
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\114\307\352\252\230\076\161\323\223\020\370\075\072\211\221\222
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\002\060\202\002\153\002\020\114\307\352\252\230\076
-\161\323\223\020\370\075\072\211\221\222\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141
-\163\163\040\061\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027
-\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015
-\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023
-\063\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\252\320
-\272\276\026\055\270\203\324\312\322\017\274\166\061\312\224\330
-\035\223\214\126\002\274\331\157\032\157\122\066\156\165\126\012
-\125\323\337\103\207\041\021\145\212\176\217\275\041\336\153\062
-\077\033\204\064\225\005\235\101\065\353\222\353\226\335\252\131
-\077\001\123\155\231\117\355\345\342\052\132\220\301\271\304\246
-\025\317\310\105\353\246\135\216\234\076\360\144\044\166\245\315
-\253\032\157\266\330\173\121\141\156\246\177\207\310\342\267\345
-\064\334\101\210\352\011\100\276\163\222\075\153\347\165\002\003
-\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\251\117\303\015\307\147\276\054\313\331
-\250\315\055\165\347\176\025\236\073\162\353\176\353\134\055\011
-\207\326\153\155\140\174\345\256\305\220\043\014\134\112\320\257
-\261\135\363\307\266\012\333\340\025\223\015\335\003\274\307\166
-\212\265\335\117\303\233\023\165\270\001\300\346\311\133\153\245
-\270\211\334\254\244\335\162\355\116\241\367\117\274\006\323\352
-\310\144\164\173\302\225\101\234\145\163\130\361\220\232\074\152
-\261\230\311\304\207\274\317\105\155\105\342\156\042\077\376\274
-\017\061\134\350\362\331
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\047\076\341\044\127\375\304\371\014\125\350\053\126\026\177\142
-\365\062\345\107
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\333\043\075\371\151\372\113\271\225\200\104\163\136\175\101\203
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\114\307\352\252\230\076\161\323\223\020\370\075\072\211\221\222
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Verisign Class 2 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\271\057\140\314\210\237\241\172\106\011\270\133\160\154\212
-\257
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\003\060\202\002\154\002\021\000\271\057\140\314\210
-\237\241\172\106\011\270\133\160\154\212\257\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154
-\141\163\163\040\062\040\120\165\142\154\151\143\040\120\162\151
-\155\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107
-\062\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060
-\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156
-\040\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036
-\027\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027
-\015\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201
-\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013
-\023\063\103\154\141\163\163\040\062\040\120\165\142\154\151\143
-\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061
-\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
-\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
-\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151
-\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157
-\162\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\247
-\210\001\041\164\054\347\032\003\360\230\341\227\074\017\041\010
-\361\234\333\227\351\232\374\302\004\006\023\276\137\122\310\314
-\036\054\022\126\054\270\001\151\054\314\231\037\255\260\226\256
-\171\004\362\023\071\301\173\230\272\010\054\350\302\204\023\054
-\252\151\351\011\364\307\251\002\244\102\302\043\117\112\330\360
-\016\242\373\061\154\311\346\157\231\047\007\365\346\364\114\170
-\236\155\353\106\206\372\271\206\311\124\362\262\304\257\324\106
-\034\132\311\025\060\377\015\154\365\055\016\155\316\177\167\002
-\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\201\201\000\162\056\371\177\321\361\161\373\304
-\236\366\305\136\121\212\100\230\270\150\370\233\034\203\330\342
-\235\275\377\355\241\346\146\352\057\011\364\312\327\352\245\053
-\225\366\044\140\206\115\104\056\203\245\304\055\240\323\256\170
-\151\157\162\332\154\256\010\360\143\222\067\346\273\304\060\027
-\255\167\314\111\065\252\317\330\217\321\276\267\030\226\107\163
-\152\124\042\064\144\055\266\026\233\131\133\264\121\131\072\263
-\013\024\364\022\337\147\240\364\255\062\144\136\261\106\162\047
-\214\022\173\305\104\264\256
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\263\352\304\107\166\311\310\034\352\362\235\225\266\314\240\010
-\033\147\354\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\055\273\345\045\323\321\145\202\072\267\016\372\346\353\342\341
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\271\057\140\314\210\237\241\172\106\011\270\133\160\154\212
-\257
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\175\331\376\007\317\250\036\267\020\171\147\373\247\211\064\306
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\002\060\202\002\153\002\020\175\331\376\007\317\250
-\036\267\020\171\147\373\247\211\064\306\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141
-\163\163\040\063\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027
-\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015
-\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023
-\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\314\136
-\321\021\135\134\151\320\253\323\271\152\114\231\037\131\230\060
-\216\026\205\040\106\155\107\077\324\205\040\204\341\155\263\370
-\244\355\014\361\027\017\073\371\247\371\045\327\301\317\204\143
-\362\174\143\317\242\107\362\306\133\063\216\144\100\004\150\301
-\200\271\144\034\105\167\307\330\156\365\225\051\074\120\350\064
-\327\170\037\250\272\155\103\221\225\217\105\127\136\176\305\373
-\312\244\004\353\352\227\067\124\060\157\273\001\107\062\063\315
-\334\127\233\144\151\141\370\233\035\034\211\117\134\147\002\003
-\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\121\115\315\276\134\313\230\031\234\025
-\262\001\071\170\056\115\017\147\160\160\231\306\020\132\224\244
-\123\115\124\155\053\257\015\135\100\213\144\323\327\356\336\126
-\141\222\137\246\304\035\020\141\066\323\054\047\074\350\051\011
-\271\021\144\164\314\265\163\237\034\110\251\274\141\001\356\342
-\027\246\014\343\100\010\073\016\347\353\104\163\052\232\361\151
-\222\357\161\024\303\071\254\161\247\221\011\157\344\161\006\263
-\272\131\127\046\171\000\366\370\015\242\063\060\050\324\252\130
-\240\235\235\151\221\375
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\205\067\034\246\345\120\024\075\316\050\003\107\033\336\072\011
-\350\370\167\017
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\242\063\233\114\164\170\163\324\154\347\301\363\215\313\134\351
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\175\331\376\007\317\250\036\267\020\171\147\373\247\211\064\306
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 4 Public Primary Certification Authority - G2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\062\210\216\232\322\365\353\023\107\370\177\304\040\067\045\370
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\002\060\202\002\153\002\020\062\210\216\232\322\365
-\353\023\107\370\177\304\040\067\045\370\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\301\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\074\060\072\006\003\125\004\013\023\063\103\154\141
-\163\163\040\064\040\120\165\142\154\151\143\040\120\162\151\155
-\141\162\171\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\055\040\107\062
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\070\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\060\036\027
-\015\071\070\060\065\061\070\060\060\060\060\060\060\132\027\015
-\062\070\060\070\060\061\062\063\065\071\065\071\132\060\201\301
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013\023
-\063\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\272\360
-\344\317\371\304\256\205\124\271\007\127\371\217\305\177\150\021
-\370\304\027\260\104\334\343\060\163\325\052\142\052\270\320\314
-\034\355\050\133\176\275\152\334\263\221\044\312\101\142\074\374
-\002\001\277\034\026\061\224\005\227\166\156\242\255\275\141\027
-\154\116\060\206\360\121\067\052\120\307\250\142\201\334\133\112
-\252\301\240\264\156\353\057\345\127\305\261\053\100\160\333\132
-\115\241\216\037\275\003\037\330\003\324\217\114\231\161\274\342
-\202\314\130\350\230\072\206\323\206\070\363\000\051\037\002\003
-\001\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\205\214\022\301\247\271\120\025\172\313
-\076\254\270\103\212\334\252\335\024\272\211\201\176\001\074\043
-\161\041\210\057\202\334\143\372\002\105\254\105\131\327\052\130
-\104\133\267\237\201\073\222\150\075\342\067\044\365\173\154\217
-\166\065\226\011\250\131\235\271\316\043\253\164\326\203\375\062
-\163\047\330\151\076\103\164\366\256\305\211\232\347\123\174\351
-\173\366\113\363\301\145\203\336\215\212\234\074\210\215\071\131
-\374\252\077\042\215\241\301\146\120\201\162\114\355\042\144\117
-\117\312\200\221\266\051
-END
-
-# Trust for Certificate "Verisign Class 4 Public Primary Certification Authority - G2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\013\167\276\273\313\172\242\107\005\336\314\017\275\152\002\374
-\172\275\233\122
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\046\155\054\031\230\266\160\150\070\120\124\031\354\220\064\140
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\062\210\216\232\322\365\353\023\107\370\177\304\040\067\045\370
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GlobalSign Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\267\224\005
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\165\060\202\002\135\240\003\002\001\002\002\013\002
-\000\000\000\000\000\326\170\267\224\005\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006
-\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004
-\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166
-\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157
-\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022
-\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040
-\103\101\060\036\027\015\071\070\060\071\060\061\061\062\060\060
-\060\060\132\027\015\061\064\060\061\062\070\061\062\060\060\060
-\060\132\060\127\061\013\060\011\006\003\125\004\006\023\002\102
-\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142
-\141\154\123\151\147\156\040\156\166\055\163\141\061\020\060\016
-\006\003\125\004\013\023\007\122\157\157\164\040\103\101\061\033
-\060\031\006\003\125\004\003\023\022\107\154\157\142\141\154\123
-\151\147\156\040\122\157\157\164\040\103\101\060\202\001\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\001\017\000\060\202\001\012\002\202\001\001\000\332\016\346\231
-\215\316\243\343\117\212\176\373\361\213\203\045\153\352\110\037
-\361\052\260\271\225\021\004\275\360\143\321\342\147\146\317\034
-\335\317\033\110\053\356\215\211\216\232\257\051\200\145\253\351
-\307\055\022\313\253\034\114\160\007\241\075\012\060\315\025\215
-\117\370\335\324\214\120\025\034\357\120\356\304\056\367\374\351
-\122\362\221\175\340\155\325\065\060\216\136\103\163\362\101\351
-\325\152\343\262\211\072\126\071\070\157\006\074\210\151\133\052
-\115\305\247\124\270\154\211\314\233\371\074\312\345\375\211\365
-\022\074\222\170\226\326\334\164\156\223\104\141\321\215\307\106
-\262\165\016\206\350\031\212\325\155\154\325\170\026\225\242\351
-\310\012\070\353\362\044\023\117\163\124\223\023\205\072\033\274
-\036\064\265\213\005\214\271\167\213\261\333\037\040\221\253\011
-\123\156\220\316\173\067\164\271\160\107\221\042\121\143\026\171
-\256\261\256\101\046\010\310\031\053\321\106\252\110\326\144\052
-\327\203\064\377\054\052\301\154\031\103\112\007\205\347\323\174
-\366\041\150\357\352\362\122\237\177\223\220\317\002\003\001\000
-\001\243\102\060\100\060\016\006\003\125\035\017\001\001\377\004
-\004\003\002\000\006\060\035\006\003\125\035\016\004\026\004\024
-\140\173\146\032\105\015\227\312\211\120\057\175\004\315\064\250
-\377\374\375\113\060\017\006\003\125\035\023\001\001\377\004\005
-\060\003\001\001\377\060\015\006\011\052\206\110\206\367\015\001
-\001\004\005\000\003\202\001\001\000\256\252\237\374\267\322\313
-\037\137\071\051\050\030\236\064\311\154\117\157\032\360\144\242
-\160\112\117\023\206\233\140\050\236\350\201\111\230\175\012\273
-\345\260\235\075\066\333\217\005\121\377\011\061\052\037\335\211
-\167\236\017\056\154\225\004\355\206\313\264\000\077\204\002\115
-\200\152\052\055\170\013\256\157\053\242\203\104\203\037\315\120
-\202\114\044\257\275\367\245\264\310\132\017\364\347\107\136\111
-\216\067\226\376\232\210\005\072\331\300\333\051\207\346\031\226
-\107\247\072\246\214\213\074\167\376\106\143\247\123\332\041\321
-\254\176\111\242\113\346\303\147\131\057\263\212\016\273\054\275
-\251\252\102\174\065\301\330\177\325\247\061\072\116\143\103\071
-\257\010\260\141\064\214\323\230\251\103\064\366\017\207\051\073
-\235\302\126\130\230\167\303\367\033\254\366\235\370\076\252\247
-\124\105\360\365\371\325\061\145\376\153\130\234\161\263\036\327
-\122\352\062\027\374\100\140\035\311\171\044\262\366\154\375\250
-\146\016\202\335\230\313\332\302\104\117\056\240\173\362\367\153
-\054\166\021\204\106\212\170\243\343
-END
-
-# Trust for Certificate "GlobalSign Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\057\027\077\175\351\226\147\257\245\172\370\012\242\321\261\057
-\254\203\003\070
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\253\277\352\343\153\051\246\314\246\170\065\231\357\255\053\200
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\267\224\005
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GlobalSign Partners CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Partners CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\024\060\022\006\003
-\125\004\013\023\013\120\141\162\164\156\145\162\163\040\103\101
-\061\037\060\035\006\003\125\004\003\023\026\107\154\157\142\141
-\154\123\151\147\156\040\120\141\162\164\156\145\162\163\040\103
-\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\271\321\257
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\236\060\202\002\206\240\003\002\001\002\002\013\002
-\000\000\000\000\000\326\170\271\321\257\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006
-\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004
-\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166
-\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157
-\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022
-\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040
-\103\101\060\036\027\015\071\071\060\061\062\070\061\062\060\060
-\060\060\132\027\015\060\071\060\061\062\070\061\062\060\060\060
-\060\132\060\137\061\013\060\011\006\003\125\004\006\023\002\102
-\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142
-\141\154\123\151\147\156\040\156\166\055\163\141\061\024\060\022
-\006\003\125\004\013\023\013\120\141\162\164\156\145\162\163\040
-\103\101\061\037\060\035\006\003\125\004\003\023\026\107\154\157
-\142\141\154\123\151\147\156\040\120\141\162\164\156\145\162\163
-\040\103\101\060\202\001\042\060\015\006\011\052\206\110\206\367
-\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
-\202\001\001\000\322\054\370\062\254\112\022\172\067\310\051\221
-\245\256\214\156\036\016\300\064\063\210\345\063\161\026\034\170
-\204\150\303\030\064\120\056\026\076\261\224\202\117\261\232\237
-\000\370\306\021\065\306\151\173\230\002\255\000\006\210\154\347
-\114\063\050\000\210\047\106\037\207\263\161\165\143\274\062\273
-\210\336\146\030\016\120\006\223\264\366\274\024\067\060\075\042
-\337\075\377\165\176\331\012\032\305\237\263\374\320\254\263\010
-\172\211\323\001\350\000\134\347\112\013\075\115\173\046\242\267
-\142\006\213\332\106\335\223\027\077\077\133\002\113\013\266\210
-\040\021\222\000\255\273\307\056\324\343\105\256\365\211\132\174
-\215\244\255\205\144\062\300\047\214\306\362\212\200\222\206\044
-\126\131\215\164\150\242\203\102\263\236\075\120\101\206\157\040
-\156\366\375\316\323\031\343\062\314\217\355\232\136\155\037\050
-\365\122\254\156\030\136\370\075\321\222\345\272\154\001\210\113
-\012\362\055\336\145\063\005\102\240\114\252\061\166\276\375\277
-\201\170\371\161\034\106\136\055\025\225\055\060\131\216\114\101
-\321\142\253\075\002\003\001\000\001\243\143\060\141\060\016\006
-\003\125\035\017\001\001\377\004\004\003\002\000\006\060\035\006
-\003\125\035\016\004\026\004\024\103\044\215\160\025\010\142\125
-\234\117\014\100\027\135\206\136\017\242\114\373\060\037\006\003
-\125\035\043\004\030\060\026\200\024\140\173\146\032\105\015\227
-\312\211\120\057\175\004\315\064\250\377\374\375\113\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\015
-\006\011\052\206\110\206\367\015\001\001\004\005\000\003\202\001
-\001\000\146\355\264\210\151\021\231\202\041\203\254\241\155\213
-\233\204\255\017\055\310\036\214\312\173\176\255\252\324\216\336
-\007\326\236\105\307\245\270\234\007\071\140\045\125\032\300\117
-\031\345\317\027\051\111\211\030\065\146\345\353\050\100\116\127
-\311\257\263\344\270\040\005\243\073\225\120\221\111\224\051\175
-\054\345\210\101\245\105\210\136\235\202\047\367\322\357\133\265
-\117\237\276\376\065\145\054\125\144\237\341\121\332\042\141\167
-\272\130\116\217\306\171\131\131\156\060\200\242\117\220\156\041
-\013\255\320\150\071\220\020\233\355\042\145\157\036\021\070\346
-\177\214\322\363\071\155\107\325\041\350\352\165\072\101\321\255
-\366\026\235\135\013\041\275\363\037\143\006\045\035\301\037\065
-\161\054\353\040\031\325\301\260\354\075\345\157\355\002\007\077
-\023\173\146\222\326\104\301\230\367\137\120\213\172\133\302\157
-\155\260\321\370\345\164\240\100\067\243\045\017\344\075\312\144
-\061\223\220\134\060\173\271\071\061\232\136\114\315\271\101\117
-\120\344\075\070\256\310\146\331\307\073\135\121\107\254\233\253
-\362\255
-END
-
-# Trust for Certificate "GlobalSign Partners CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Partners CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\204\304\217\000\351\221\354\336\333\264\030\251\213\357\241\172
-\107\355\162\230
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\074\165\315\114\275\251\320\212\171\117\120\026\067\204\364\053
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\271\321\257
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GlobalSign Primary Class 1 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Primary Class 1 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\155\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\033\060\031\006\003
-\125\004\013\023\022\120\162\151\155\141\162\171\040\103\154\141
-\163\163\040\061\040\103\101\061\046\060\044\006\003\125\004\003
-\023\035\107\154\157\142\141\154\123\151\147\156\040\120\162\151
-\155\141\162\171\040\103\154\141\163\163\040\061\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\270\067\317
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\254\060\202\002\224\240\003\002\001\002\002\013\002
-\000\000\000\000\000\326\170\270\067\317\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006
-\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004
-\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166
-\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157
-\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022
-\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040
-\103\101\060\036\027\015\071\070\060\071\061\065\061\062\060\060
-\060\060\132\027\015\060\071\060\061\062\070\061\062\060\060\060
-\060\132\060\155\061\013\060\011\006\003\125\004\006\023\002\102
-\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142
-\141\154\123\151\147\156\040\156\166\055\163\141\061\033\060\031
-\006\003\125\004\013\023\022\120\162\151\155\141\162\171\040\103
-\154\141\163\163\040\061\040\103\101\061\046\060\044\006\003\125
-\004\003\023\035\107\154\157\142\141\154\123\151\147\156\040\120
-\162\151\155\141\162\171\040\103\154\141\163\163\040\061\040\103
-\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\275\040\065\107\321\050\326\010\243\022\071\043\107\015
-\275\160\041\122\016\127\061\225\246\064\127\153\354\176\103\171
-\303\006\122\110\315\274\265\241\231\275\330\037\062\274\317\327
-\156\162\155\056\167\042\220\202\116\113\217\232\014\001\102\232
-\331\160\131\266\235\037\346\143\321\014\255\035\116\370\205\201
-\371\256\357\237\246\122\141\104\171\032\165\105\340\141\126\105
-\155\102\214\075\162\313\246\244\022\267\232\365\326\140\320\140
-\120\263\216\246\246\354\264\364\022\315\177\250\316\357\263\341
-\205\060\376\162\304\346\347\167\263\236\130\101\326\121\203\210
-\007\306\266\151\117\066\336\321\013\110\077\275\326\237\041\164
-\144\157\047\006\076\113\375\016\246\233\277\244\110\127\214\220
-\356\211\030\013\002\201\030\276\147\376\123\140\210\047\272\243
-\163\064\113\132\126\264\336\163\005\355\230\226\135\354\112\347
-\100\374\113\011\142\353\320\343\061\117\205\321\172\253\131\147
-\053\373\210\017\353\252\203\275\065\375\141\047\354\146\016\102
-\127\367\151\302\014\357\374\152\302\156\111\332\217\101\070\256
-\110\251\002\003\001\000\001\243\143\060\141\060\016\006\003\125
-\035\017\001\001\377\004\004\003\002\000\006\060\035\006\003\125
-\035\016\004\026\004\024\374\340\146\366\132\065\231\353\100\036
-\322\270\036\103\274\230\216\037\212\303\060\037\006\003\125\035
-\043\004\030\060\026\200\024\140\173\146\032\105\015\227\312\211
-\120\057\175\004\315\064\250\377\374\375\113\060\017\006\003\125
-\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\003\202\001\001\000
-\233\243\010\104\316\362\220\235\161\363\062\263\005\152\265\352
-\317\051\230\336\125\076\240\026\175\006\172\104\326\257\322\372
-\023\130\214\370\034\307\253\035\264\033\357\151\150\230\134\010
-\071\217\340\367\373\110\314\041\347\270\063\333\005\252\064\044
-\154\112\345\351\173\140\336\203\263\037\012\276\101\165\374\314
-\060\110\267\301\046\035\004\063\252\266\170\355\052\313\272\126
-\227\062\156\367\061\225\056\106\362\024\356\047\307\367\142\211
-\271\134\132\323\070\212\144\365\067\264\361\263\064\162\325\325
-\041\075\113\327\170\223\327\061\146\065\036\243\330\107\111\157
-\034\255\341\200\177\370\230\044\154\163\254\016\302\032\167\002
-\243\046\007\267\307\153\135\274\202\325\052\110\035\143\317\120
-\062\246\373\034\030\107\025\012\133\014\134\070\044\232\004\230
-\250\010\110\137\174\064\207\143\253\055\215\114\000\167\224\033
-\166\272\365\026\030\243\025\257\057\224\366\051\000\166\301\025
-\027\323\351\067\115\166\324\313\113\051\131\044\254\332\112\240
-\352\143\336\137\124\261\372\363\321\105\313\305\144\264\163\041
-END
-
-# Trust for Certificate "GlobalSign Primary Class 1 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Primary Class 1 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\353\061\124\315\041\226\363\125\022\053\211\147\267\163\002\102
-\355\321\336\113
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\134\254\131\001\244\206\123\313\020\146\265\326\326\161\377\001
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\270\067\317
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "GlobalSign Primary Class 2 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Primary Class 2 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\155\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\033\060\031\006\003
-\125\004\013\023\022\120\162\151\155\141\162\171\040\103\154\141
-\163\163\040\062\040\103\101\061\046\060\044\006\003\125\004\003
-\023\035\107\154\157\142\141\154\123\151\147\156\040\120\162\151
-\155\141\162\171\040\103\154\141\163\163\040\062\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\270\215\215
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\254\060\202\002\224\240\003\002\001\002\002\013\002
-\000\000\000\000\000\326\170\270\215\215\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006
-\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004
-\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166
-\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157
-\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022
-\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040
-\103\101\060\036\027\015\071\071\060\061\062\070\061\062\060\060
-\060\060\132\027\015\060\071\060\061\062\070\061\062\060\060\060
-\060\132\060\155\061\013\060\011\006\003\125\004\006\023\002\102
-\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142
-\141\154\123\151\147\156\040\156\166\055\163\141\061\033\060\031
-\006\003\125\004\013\023\022\120\162\151\155\141\162\171\040\103
-\154\141\163\163\040\062\040\103\101\061\046\060\044\006\003\125
-\004\003\023\035\107\154\157\142\141\154\123\151\147\156\040\120
-\162\151\155\141\162\171\040\103\154\141\163\163\040\062\040\103
-\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\222\214\376\357\364\105\216\027\101\156\374\330\277\041
-\157\253\006\235\122\301\054\000\235\077\216\205\270\177\112\217
-\275\240\143\052\312\111\047\256\132\202\364\164\342\125\222\377
-\302\321\252\171\242\266\372\325\235\202\004\117\306\262\306\136
-\143\247\072\272\330\356\353\212\157\237\266\273\050\101\300\042
-\373\116\110\032\006\222\327\277\327\317\271\331\275\070\117\073
-\015\104\156\125\101\376\374\011\333\330\277\363\216\041\361\350
-\022\265\366\023\245\323\306\114\223\042\260\002\377\356\035\014
-\304\250\153\117\165\150\126\350\334\050\022\120\367\250\044\235
-\056\044\071\373\011\005\336\345\243\144\111\041\320\150\176\161
-\060\221\261\140\340\071\364\120\370\172\115\230\000\153\174\171
-\272\116\316\112\342\272\066\035\267\305\066\025\225\234\144\102
-\352\137\304\272\365\100\005\276\341\072\131\275\204\247\031\270
-\336\115\123\120\316\007\321\322\121\323\357\015\201\154\346\347
-\155\313\135\174\077\174\314\354\117\203\047\045\377\160\120\366
-\203\131\165\204\006\146\130\054\336\211\215\000\246\111\371\245
-\103\167\002\003\001\000\001\243\143\060\141\060\016\006\003\125
-\035\017\001\001\377\004\004\003\002\000\006\060\035\006\003\125
-\035\016\004\026\004\024\174\347\262\261\054\336\261\247\153\351
-\166\014\341\243\375\116\154\307\271\366\060\037\006\003\125\035
-\043\004\030\060\026\200\024\140\173\146\032\105\015\227\312\211
-\120\057\175\004\315\064\250\377\374\375\113\060\017\006\003\125
-\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\003\202\001\001\000
-\143\335\131\316\212\171\252\230\235\116\305\211\144\067\176\212
-\223\147\057\020\352\157\047\303\215\167\155\362\134\126\224\031
-\032\151\140\060\106\135\217\362\155\105\074\216\065\227\174\057
-\270\121\342\350\211\275\210\317\047\034\010\064\134\210\301\150
-\044\333\221\205\344\317\373\373\103\215\350\045\001\033\304\016
-\367\000\102\110\206\037\044\010\130\132\214\215\362\153\107\054
-\150\221\261\151\102\375\015\215\311\046\346\222\206\246\144\156
-\222\305\316\076\074\175\161\343\043\244\253\307\325\250\251\337
-\202\247\073\350\206\325\303\117\030\343\104\320\340\334\363\305
-\150\056\376\245\057\005\204\310\176\107\102\123\153\207\112\376
-\062\377\136\076\160\214\267\250\025\314\027\302\377\106\354\320
-\354\055\264\156\022\050\251\371\100\351\353\324\146\227\123\251
-\151\125\300\251\252\262\056\315\321\151\364\276\370\273\174\151
-\356\124\246\333\236\373\132\246\076\376\232\357\224\121\113\165
-\356\330\324\341\232\361\002\126\023\211\016\247\102\213\226\213
-\205\014\033\205\276\046\256\253\246\231\274\042\361\163\337\102
-END
-
-# Trust for Certificate "GlobalSign Primary Class 2 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Primary Class 2 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\203\376\336\325\161\343\226\317\307\144\367\073\337\026\166\207
-\162\305\037\314
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\251\251\102\131\176\276\132\224\344\054\306\213\034\052\104\266
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\270\215\215
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "GlobalSign Primary Class 3 CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Primary Class 3 CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\155\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\033\060\031\006\003
-\125\004\013\023\022\120\162\151\155\141\162\171\040\103\154\141
-\163\163\040\063\040\103\101\061\046\060\044\006\003\125\004\003
-\023\035\107\154\157\142\141\154\123\151\147\156\040\120\162\151
-\155\141\162\171\040\103\154\141\163\163\040\063\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\270\326\303
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\254\060\202\002\224\240\003\002\001\002\002\013\002
-\000\000\000\000\000\326\170\270\326\303\060\015\006\011\052\206
-\110\206\367\015\001\001\004\005\000\060\127\061\013\060\011\006
-\003\125\004\006\023\002\102\105\061\031\060\027\006\003\125\004
-\012\023\020\107\154\157\142\141\154\123\151\147\156\040\156\166
-\055\163\141\061\020\060\016\006\003\125\004\013\023\007\122\157
-\157\164\040\103\101\061\033\060\031\006\003\125\004\003\023\022
-\107\154\157\142\141\154\123\151\147\156\040\122\157\157\164\040
-\103\101\060\036\027\015\071\071\060\061\062\070\061\062\060\060
-\060\060\132\027\015\060\071\060\061\062\070\061\062\060\060\060
-\060\132\060\155\061\013\060\011\006\003\125\004\006\023\002\102
-\105\061\031\060\027\006\003\125\004\012\023\020\107\154\157\142
-\141\154\123\151\147\156\040\156\166\055\163\141\061\033\060\031
-\006\003\125\004\013\023\022\120\162\151\155\141\162\171\040\103
-\154\141\163\163\040\063\040\103\101\061\046\060\044\006\003\125
-\004\003\023\035\107\154\157\142\141\154\123\151\147\156\040\120
-\162\151\155\141\162\171\040\103\154\141\163\163\040\063\040\103
-\101\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\221\136\126\145\326\300\300\004\234\277\107\304\134\173
-\172\061\001\371\130\226\231\343\034\204\057\334\126\217\255\365
-\131\201\325\103\146\135\132\223\214\165\312\251\347\021\301\121
-\020\024\140\311\054\324\173\257\306\167\206\253\172\047\256\157
-\225\271\013\312\266\106\373\176\032\364\015\024\155\322\311\116
-\262\256\360\124\366\134\100\114\066\110\164\350\124\214\145\146
-\020\247\275\053\267\040\215\005\111\255\170\175\322\044\043\120
-\343\360\264\171\233\001\071\377\257\073\323\055\356\341\111\215
-\215\057\074\152\101\105\057\233\343\075\341\022\344\221\165\236
-\317\240\076\074\222\201\157\212\056\030\334\340\362\214\214\375
-\207\331\007\364\100\224\311\116\117\103\337\147\126\157\275\003
-\120\174\231\147\244\271\074\221\154\002\156\204\326\374\106\367
-\314\157\030\076\027\360\357\013\144\026\127\346\254\206\361\110
-\252\103\301\311\047\170\163\104\105\342\205\175\272\377\263\341
-\373\033\005\244\113\073\231\022\045\001\120\024\152\257\135\352
-\310\014\356\344\332\354\113\213\134\150\023\225\334\303\265\060
-\072\327\002\003\001\000\001\243\143\060\141\060\016\006\003\125
-\035\017\001\001\377\004\004\003\002\000\006\060\035\006\003\125
-\035\016\004\026\004\024\314\066\314\027\264\105\221\057\355\317
-\073\060\110\167\373\265\024\231\276\343\060\037\006\003\125\035
-\043\004\030\060\026\200\024\140\173\146\032\105\015\227\312\211
-\120\057\175\004\315\064\250\377\374\375\113\060\017\006\003\125
-\035\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011
-\052\206\110\206\367\015\001\001\004\005\000\003\202\001\001\000
-\127\262\124\314\275\225\027\144\140\211\266\123\221\014\105\222
-\303\075\250\154\303\314\262\030\365\170\101\164\330\175\243\047
-\257\167\015\131\076\224\035\151\372\211\323\014\275\032\001\364
-\077\350\340\167\032\202\050\132\346\142\327\267\343\066\311\016
-\237\172\343\302\323\314\131\211\014\357\026\213\360\066\167\042
-\312\244\266\267\301\102\147\001\100\143\314\347\070\144\207\133
-\024\226\146\173\055\024\356\275\111\155\377\167\320\342\116\133
-\323\200\302\115\017\312\270\235\201\227\247\064\156\307\343\234
-\110\345\264\252\105\365\366\145\114\110\362\022\302\322\223\214
-\302\025\044\363\053\122\377\343\010\256\270\156\326\054\022\317
-\071\313\022\052\347\251\173\137\230\075\243\341\314\246\143\211
-\134\175\061\165\371\325\326\135\362\320\324\075\337\236\161\250
-\016\334\344\040\227\170\346\177\123\244\015\121\117\216\073\003
-\256\243\015\132\115\303\171\347\065\130\160\102\311\136\241\136
-\264\331\042\243\104\123\065\244\320\317\163\200\305\317\237\126
-\230\166\371\024\114\167\207\202\311\334\176\135\064\325\066\165
-END
-
-# Trust for Certificate "GlobalSign Primary Class 3 CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "GlobalSign Primary Class 3 CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\164\003\311\063\110\252\304\367\016\051\364\320\025\022\364\106
-\111\017\165\214
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\230\022\243\113\225\251\226\144\224\347\120\214\076\341\203\132
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\013\060\011\006\003\125\004\006\023\002\102\105\061
-\031\060\027\006\003\125\004\012\023\020\107\154\157\142\141\154
-\123\151\147\156\040\156\166\055\163\141\061\020\060\016\006\003
-\125\004\013\023\007\122\157\157\164\040\103\101\061\033\060\031
-\006\003\125\004\003\023\022\107\154\157\142\141\154\123\151\147
-\156\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\000\000\000\326\170\270\326\303
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "ValiCert Class 1 VA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 1 VA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060
-\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164
-\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167
-\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141
-\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063
-\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040
-\103\154\141\163\163\040\061\040\120\157\154\151\143\171\040\126
-\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164
-\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162
-\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206
-\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151
-\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066
-\062\065\062\062\062\063\064\070\132\027\015\061\071\060\066\062
-\065\062\062\062\063\064\070\132\060\201\273\061\044\060\042\006
-\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126
-\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162
-\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151
-\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003
-\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154
-\141\163\163\040\061\040\120\157\154\151\143\171\040\126\141\154
-\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160
-\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056
-\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015
-\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145
-\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\330\131\202\172\211\270\226\272\246\057\150\157\130
-\056\247\124\034\006\156\364\352\215\110\274\061\224\027\360\363
-\116\274\262\270\065\222\166\260\320\245\245\001\327\000\003\022
-\042\031\010\370\377\021\043\233\316\007\365\277\151\032\046\376
-\116\351\321\177\235\054\100\035\131\150\156\246\370\130\260\235
-\032\217\323\077\361\334\031\006\201\250\016\340\072\335\310\123
-\105\011\006\346\017\160\303\372\100\246\016\342\126\005\017\030
-\115\374\040\202\321\163\125\164\215\166\162\240\035\235\035\300
-\335\077\161\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\201\201\000\120\150\075\111\364
-\054\034\006\224\337\225\140\177\226\173\027\376\117\161\255\144
-\310\335\167\322\357\131\125\350\077\350\216\005\052\041\362\007
-\322\265\247\122\376\234\261\266\342\133\167\027\100\352\162\326
-\043\313\050\201\062\303\000\171\030\354\131\027\211\311\306\152
-\036\161\311\375\267\164\245\045\105\151\305\110\253\031\341\105
-\212\045\153\031\356\345\273\022\365\177\367\246\215\121\303\360
-\235\164\267\251\076\240\245\377\266\111\003\023\332\042\314\355
-\161\202\053\231\317\072\267\365\055\162\310
-END
-
-# Trust for Certificate "ValiCert Class 1 VA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 1 VA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\345\337\164\074\266\001\304\233\230\103\334\253\214\350\152\201
-\020\237\344\216
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\145\130\253\025\255\127\154\036\250\247\265\151\254\277\377\353
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\061\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ValiCert Class 2 VA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 2 VA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060
-\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164
-\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167
-\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141
-\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063
-\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040
-\103\154\141\163\163\040\062\040\120\157\154\151\143\171\040\126
-\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164
-\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162
-\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206
-\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151
-\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066
-\062\066\060\060\061\071\065\064\132\027\015\061\071\060\066\062
-\066\060\060\061\071\065\064\132\060\201\273\061\044\060\042\006
-\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126
-\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162
-\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151
-\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003
-\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154
-\141\163\163\040\062\040\120\157\154\151\143\171\040\126\141\154
-\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160
-\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056
-\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015
-\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145
-\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\316\072\161\312\345\253\310\131\222\125\327\253\330
-\164\016\371\356\331\366\125\107\131\145\107\016\005\125\334\353
-\230\066\074\134\123\135\323\060\317\070\354\275\101\211\355\045
-\102\011\044\153\012\136\263\174\335\122\055\114\346\324\326\175
-\132\131\251\145\324\111\023\055\044\115\034\120\157\265\301\205
-\124\073\376\161\344\323\134\102\371\200\340\221\032\012\133\071
-\066\147\363\077\125\174\033\077\264\137\144\163\064\343\264\022
-\277\207\144\370\332\022\377\067\047\301\263\103\273\357\173\156
-\056\151\367\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\201\201\000\073\177\120\157\157
-\120\224\231\111\142\070\070\037\113\370\245\310\076\247\202\201
-\366\053\307\350\305\316\350\072\020\202\313\030\000\216\115\275
-\250\130\177\241\171\000\265\273\351\215\257\101\331\017\064\356
-\041\201\031\240\062\111\050\364\304\216\126\325\122\063\375\120
-\325\176\231\154\003\344\311\114\374\313\154\253\146\263\112\041
-\214\345\265\014\062\076\020\262\314\154\241\334\232\230\114\002
-\133\363\316\271\236\245\162\016\112\267\077\074\346\026\150\370
-\276\355\164\114\274\133\325\142\037\103\335
-END
-
-# Trust for Certificate "ValiCert Class 2 VA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 2 VA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\061\172\052\320\177\053\063\136\365\241\303\116\113\127\350\267
-\330\361\374\246
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\251\043\165\233\272\111\066\156\061\302\333\362\347\146\272\207
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\062\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ValiCert Class 3 VA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 3 VA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\347\060\202\002\120\002\001\001\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\273\061\044\060
-\042\006\003\125\004\007\023\033\126\141\154\151\103\145\162\164
-\040\126\141\154\151\144\141\164\151\157\156\040\116\145\164\167
-\157\162\153\061\027\060\025\006\003\125\004\012\023\016\126\141
-\154\151\103\145\162\164\054\040\111\156\143\056\061\065\060\063
-\006\003\125\004\013\023\054\126\141\154\151\103\145\162\164\040
-\103\154\141\163\163\040\063\040\120\157\154\151\143\171\040\126
-\141\154\151\144\141\164\151\157\156\040\101\165\164\150\157\162
-\151\164\171\061\041\060\037\006\003\125\004\003\023\030\150\164
-\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145\162
-\164\056\143\157\155\057\061\040\060\036\006\011\052\206\110\206
-\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154\151
-\143\145\162\164\056\143\157\155\060\036\027\015\071\071\060\066
-\062\066\060\060\062\062\063\063\132\027\015\061\071\060\066\062
-\066\060\060\062\062\063\063\132\060\201\273\061\044\060\042\006
-\003\125\004\007\023\033\126\141\154\151\103\145\162\164\040\126
-\141\154\151\144\141\164\151\157\156\040\116\145\164\167\157\162
-\153\061\027\060\025\006\003\125\004\012\023\016\126\141\154\151
-\103\145\162\164\054\040\111\156\143\056\061\065\060\063\006\003
-\125\004\013\023\054\126\141\154\151\103\145\162\164\040\103\154
-\141\163\163\040\063\040\120\157\154\151\143\171\040\126\141\154
-\151\144\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160
-\072\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056
-\143\157\155\057\061\040\060\036\006\011\052\206\110\206\367\015
-\001\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145
-\162\164\056\143\157\155\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\343\230\121\226\034\350\325\261\006\201\152\127\303
-\162\165\223\253\317\236\246\374\363\026\122\326\055\115\237\065
-\104\250\056\004\115\007\111\212\070\051\365\167\067\347\267\253
-\135\337\066\161\024\231\217\334\302\222\361\347\140\222\227\354
-\330\110\334\277\301\002\040\306\044\244\050\114\060\132\166\155
-\261\134\363\335\336\236\020\161\241\210\307\133\233\101\155\312
-\260\270\216\025\356\255\063\053\317\107\004\134\165\161\012\230
-\044\230\051\247\111\131\245\335\370\267\103\142\141\363\323\342
-\320\125\077\002\003\001\000\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\201\201\000\126\273\002\130\204
-\147\010\054\337\037\333\173\111\063\365\323\147\235\364\264\012
-\020\263\311\305\054\342\222\152\161\170\047\362\160\203\102\323
-\076\317\251\124\364\361\330\222\026\214\321\004\313\113\253\311
-\237\105\256\074\212\251\260\161\063\135\310\305\127\337\257\250
-\065\263\177\211\207\351\350\045\222\270\177\205\172\256\326\274
-\036\067\130\052\147\311\221\317\052\201\076\355\306\071\337\300
-\076\031\234\031\314\023\115\202\101\265\214\336\340\075\140\010
-\040\017\105\176\153\242\177\243\214\025\356
-END
-
-# Trust for Certificate "ValiCert Class 3 VA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert Class 3 VA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\151\275\214\364\234\323\000\373\131\056\027\223\312\125\152\363
-\354\252\065\373
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\242\157\123\267\356\100\333\112\150\347\372\030\331\020\113\162
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\273\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\065\060\063\006\003\125\004\013\023\054\126\141\154
-\151\103\145\162\164\040\103\154\141\163\163\040\063\040\120\157
-\154\151\143\171\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\061\041\060\037\006\003\125
-\004\003\023\030\150\164\164\160\072\057\057\167\167\167\056\166
-\141\154\151\143\145\162\164\056\143\157\155\057\061\040\060\036
-\006\011\052\206\110\206\367\015\001\011\001\026\021\151\156\146
-\157\100\166\141\154\151\143\145\162\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Universal CA Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Universal CA Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\127\061\017\060\015\006\003\125\004\012\023\006\124\150\141
-\167\164\145\061\041\060\037\006\003\125\004\013\023\030\124\150
-\141\167\164\145\040\125\156\151\166\145\162\163\141\154\040\103
-\101\040\122\157\157\164\061\041\060\037\006\003\125\004\003\023
-\030\124\150\141\167\164\145\040\125\156\151\166\145\162\163\141
-\154\040\103\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\017\060\015\006\003\125\004\012\023\006\124\150\141
-\167\164\145\061\041\060\037\006\003\125\004\013\023\030\124\150
-\141\167\164\145\040\125\156\151\166\145\162\163\141\154\040\103
-\101\040\122\157\157\164\061\041\060\037\006\003\125\004\003\023
-\030\124\150\141\167\164\145\040\125\156\151\166\145\162\163\141
-\154\040\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\021\042\060\202\011\012\002\001\000\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\127\061\017\060\015
-\006\003\125\004\012\023\006\124\150\141\167\164\145\061\041\060
-\037\006\003\125\004\013\023\030\124\150\141\167\164\145\040\125
-\156\151\166\145\162\163\141\154\040\103\101\040\122\157\157\164
-\061\041\060\037\006\003\125\004\003\023\030\124\150\141\167\164
-\145\040\125\156\151\166\145\162\163\141\154\040\103\101\040\122
-\157\157\164\060\036\027\015\071\071\061\062\060\065\061\063\065
-\066\060\065\132\027\015\063\067\060\064\060\063\061\063\065\066
-\060\065\132\060\127\061\017\060\015\006\003\125\004\012\023\006
-\124\150\141\167\164\145\061\041\060\037\006\003\125\004\013\023
-\030\124\150\141\167\164\145\040\125\156\151\166\145\162\163\141
-\154\040\103\101\040\122\157\157\164\061\041\060\037\006\003\125
-\004\003\023\030\124\150\141\167\164\145\040\125\156\151\166\145
-\162\163\141\154\040\103\101\040\122\157\157\164\060\202\010\042
-\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003
-\202\010\017\000\060\202\010\012\002\202\010\001\000\342\211\005
-\155\303\177\255\246\211\072\377\273\307\315\235\067\261\341\322
-\041\036\233\141\052\025\347\173\127\117\125\074\320\273\371\331
-\075\076\246\274\354\264\255\123\232\026\002\353\013\162\375\212
-\362\217\104\005\305\353\323\345\275\266\104\071\346\373\107\277
-\152\236\012\225\030\342\150\342\326\226\326\041\255\210\375\365
-\027\365\323\332\102\245\220\355\051\225\226\165\072\332\207\241
-\324\365\323\207\336\005\142\246\343\146\164\222\317\245\274\273
-\337\150\377\161\165\126\101\131\065\353\063\132\146\121\362\322
-\243\012\301\214\316\163\134\021\157\055\214\225\214\221\261\375
-\317\345\255\126\225\314\205\222\203\220\125\101\311\302\167\355
-\371\243\164\102\012\150\010\363\320\321\145\375\147\054\064\377
-\044\177\347\171\310\007\073\045\127\335\244\014\230\075\276\340
-\314\031\145\333\362\124\242\257\102\324\235\342\256\204\043\045
-\011\063\022\265\152\036\166\304\213\331\111\000\154\136\272\037
-\362\033\332\147\312\047\252\243\104\043\033\203\202\316\362\253
-\063\355\124\244\334\311\253\131\145\321\070\016\301\076\033\147
-\217\326\165\001\340\125\042\335\166\167\354\216\335\364\317\171
-\042\155\271\127\003\365\231\010\247\074\076\064\373\304\027\256
-\043\130\315\044\363\043\312\152\002\050\224\001\201\064\264\154
-\153\256\213\032\303\243\322\011\074\026\124\365\066\137\044\343
-\237\112\241\342\144\306\026\303\246\201\172\044\066\107\216\301
-\136\016\373\371\025\170\004\326\016\131\331\235\130\146\142\322
-\224\051\062\062\310\170\271\146\366\265\126\341\154\306\024\113
-\226\122\131\221\002\044\152\125\107\327\077\266\043\032\140\167
-\227\056\342\100\257\236\004\127\236\255\021\305\311\103\160\357
-\110\264\136\254\034\151\056\056\202\325\133\213\276\202\276\031
-\024\136\347\015\042\307\121\033\377\036\233\361\060\217\161\061
-\006\263\064\047\217\137\172\146\202\117\212\055\023\253\102\317
-\041\126\236\227\216\146\066\017\226\233\345\053\364\002\251\052
-\152\214\054\304\303\270\160\054\055\051\036\077\120\167\036\155
-\052\124\344\125\012\221\070\241\305\265\146\242\166\132\356\017
-\277\264\147\341\050\156\017\341\066\241\202\321\277\324\167\341
-\304\147\062\223\170\310\347\124\123\376\043\171\346\150\314\046
-\220\366\020\143\135\052\157\221\055\244\163\062\121\041\362\273
-\025\337\252\044\010\110\006\336\241\236\046\277\272\203\277\174
-\244\310\240\214\275\322\377\274\204\151\047\023\044\030\304\105
-\030\043\046\136\030\024\312\056\210\207\142\243\123\346\041\267
-\270\205\173\232\205\273\025\046\162\370\271\367\152\164\017\111
-\077\222\276\251\005\267\231\047\277\277\011\027\113\231\114\255
-\021\020\174\337\164\061\366\217\046\137\252\210\256\070\127\310
-\125\055\323\373\330\033\121\231\276\045\033\072\272\300\175\033
-\355\316\322\111\271\317\363\305\175\211\220\201\330\151\110\040
-\020\243\370\357\222\121\030\062\213\021\030\300\077\033\205\126
-\316\127\311\362\202\144\306\337\002\011\056\112\021\057\261\047
-\155\067\122\360\360\026\141\361\147\215\337\207\162\257\207\332
-\317\373\120\224\156\324\224\205\353\212\054\352\041\365\226\112
-\104\325\340\316\152\164\104\115\320\005\323\207\025\355\066\320
-\244\213\146\125\160\223\356\107\006\301\176\056\245\030\171\147
-\363\050\205\361\160\367\016\203\244\176\124\236\132\166\062\313
-\145\033\270\315\373\310\050\003\322\124\221\321\247\305\205\103
-\010\027\166\245\346\057\147\010\330\241\242\202\055\014\370\301
-\257\143\324\120\167\155\153\106\112\101\205\325\220\137\171\055
-\304\354\327\021\207\100\212\341\150\342\144\370\125\062\373\157
-\223\054\332\167\331\041\301\027\345\066\054\116\176\220\177\254
-\224\053\062\147\276\070\120\166\270\256\101\271\327\041\305\011
-\114\140\310\243\121\304\064\233\127\067\337\313\311\063\127\213
-\353\373\166\237\031\115\305\152\037\052\105\256\053\355\057\215
-\247\245\000\313\004\372\045\142\056\164\110\033\312\052\214\272
-\333\266\176\366\273\002\174\251\303\333\130\170\241\277\360\376
-\032\020\125\021\316\350\151\116\226\145\306\027\003\326\007\150
-\214\124\202\256\034\042\125\077\361\364\011\227\050\300\106\367
-\116\013\045\035\367\007\327\011\035\072\030\127\070\073\350\063
-\006\347\217\170\106\036\133\365\006\266\354\270\246\015\361\272
-\023\113\326\030\040\335\151\063\112\063\025\256\270\310\230\212
-\047\054\223\274\055\373\356\063\277\146\346\115\272\266\233\006
-\125\140\227\113\274\104\315\176\364\241\330\252\057\300\002\050
-\041\026\142\170\333\010\124\362\374\364\064\343\306\217\034\103
-\127\316\220\032\113\334\056\073\050\221\211\077\172\332\065\035
-\216\054\356\111\354\364\063\255\311\123\250\214\237\004\123\076
-\044\034\122\311\022\371\142\127\243\274\356\054\353\100\174\040
-\043\160\053\225\371\163\027\212\321\301\034\151\246\267\070\232
-\147\367\160\035\172\132\014\100\317\142\017\205\074\302\002\116
-\176\265\366\305\052\051\204\263\037\067\052\341\252\162\102\304
-\355\153\032\217\222\034\135\276\321\362\133\362\253\252\251\322
-\365\270\244\101\053\053\221\156\022\110\312\230\330\067\215\310
-\355\000\060\265\266\004\116\176\234\332\204\354\300\372\173\345
-\035\210\244\123\106\260\224\344\134\033\241\045\054\017\110\122
-\167\227\011\154\354\133\030\063\203\002\345\202\176\315\205\041
-\060\021\375\047\117\317\344\036\354\077\245\127\154\351\052\060
-\031\052\210\345\303\151\070\253\157\071\161\177\204\341\101\303
-\341\314\052\211\040\122\056\203\017\154\071\077\113\055\026\254
-\055\360\044\254\000\163\364\233\263\006\077\005\270\024\205\037
-\253\236\134\074\236\142\235\016\155\073\200\011\374\002\352\242
-\227\164\312\307\371\343\126\341\303\312\245\246\232\300\220\340
-\044\022\123\322\302\213\332\276\355\002\103\136\147\341\211\230
-\171\356\313\252\312\303\033\334\347\245\106\245\174\153\026\207
-\266\132\050\327\333\047\074\136\245\275\266\121\335\037\103\317
-\073\046\310\072\215\045\141\301\111\364\074\033\311\104\352\257
-\034\302\053\224\001\052\016\060\321\133\213\053\107\345\303\321
-\004\003\233\016\071\054\326\047\324\346\160\132\331\165\317\052
-\330\311\000\005\344\023\210\354\303\071\373\207\141\060\066\103
-\003\310\236\234\242\006\302\057\305\374\360\200\143\261\124\004
-\240\114\251\056\306\365\166\172\330\320\344\324\224\021\345\025
-\265\170\006\334\270\200\217\231\251\040\063\075\020\205\114\145
-\011\312\076\130\136\140\223\232\252\142\135\300\121\006\034\135
-\140\240\015\234\113\103\366\247\026\041\244\207\252\362\301\056
-\356\222\060\270\236\337\337\020\001\213\206\011\160\330\154\250
-\267\120\036\026\226\264\367\147\375\065\072\041\220\052\062\307
-\000\173\115\007\020\011\271\057\163\330\030\176\147\231\004\117
-\006\374\120\307\205\233\235\100\235\263\226\067\372\245\334\262
-\162\116\357\116\011\054\375\221\375\115\367\273\246\241\076\253
-\173\242\003\100\246\251\125\047\342\372\371\031\316\207\165\252
-\361\165\066\363\363\270\221\370\221\303\213\165\023\216\114\145
-\232\026\071\152\345\064\350\172\226\131\177\065\260\000\375\133
-\151\374\103\046\372\365\050\156\376\207\331\176\044\373\264\240
-\202\156\124\242\377\256\277\142\264\364\162\001\302\313\230\107
-\230\341\114\265\027\200\200\316\217\246\050\356\036\105\152\373
-\337\361\035\374\132\073\326\352\364\154\035\142\111\127\073\212
-\217\206\352\360\123\004\316\234\026\150\377\272\271\374\210\017
-\107\367\002\104\162\100\270\312\073\055\123\235\334\074\126\214
-\131\173\150\032\054\215\161\273\154\000\307\032\316\157\100\222
-\261\243\057\017\331\104\362\243\160\056\236\356\016\256\062\320
-\073\076\213\007\352\346\171\263\134\051\342\175\153\250\136\371
-\132\061\350\010\226\242\214\003\230\106\361\270\175\220\124\046
-\355\166\142\376\236\351\232\156\136\311\111\307\134\064\123\051
-\124\331\354\344\106\341\200\073\165\331\337\373\171\325\207\361
-\272\236\353\031\316\114\122\163\346\133\207\256\045\117\071\171
-\314\306\270\371\020\173\354\360\233\161\244\005\240\323\051\323
-\116\177\037\364\055\050\170\314\125\225\173\036\221\057\314\126
-\030\163\213\262\333\274\151\007\346\320\330\117\355\242\377\130
-\205\243\155\340\112\123\267\147\175\215\014\134\133\173\167\050
-\002\065\104\172\004\323\050\103\310\153\060\027\135\062\270\051
-\065\272\166\332\073\024\112\166\030\130\244\370\222\074\236\115
-\063\157\106\153\010\331\061\110\150\335\364\373\044\126\064\262
-\317\151\146\276\110\322\212\146\042\315\362\151\315\302\123\023
-\105\051\101\042\326\135\230\037\266\244\262\243\302\356\002\057
-\121\033\334\203\244\354\160\045\250\324\010\141\062\157\344\241
-\201\056\174\143\162\372\051\145\274\160\104\317\135\002\003\001
-\000\001\060\015\006\011\052\206\110\206\367\015\001\001\005\005
-\000\003\202\010\001\000\125\232\064\152\042\006\151\011\105\063
-\307\256\251\134\307\011\116\233\206\274\101\220\324\224\122\366
-\315\043\051\224\113\042\315\350\275\376\235\315\122\362\275\355
-\253\207\311\253\253\106\004\264\275\242\077\042\060\107\120\300
-\113\214\166\017\003\365\222\322\261\055\304\172\065\234\311\163
-\207\353\246\237\336\017\163\215\323\177\231\330\272\217\157\304
-\363\276\032\256\213\242\224\066\220\342\345\353\215\005\364\374
-\145\337\225\361\304\224\115\027\126\327\237\074\217\120\074\347
-\167\277\225\206\046\144\373\152\377\306\332\351\214\256\102\273
-\151\345\063\306\330\351\015\306\125\041\111\301\014\264\243\371
-\233\113\134\336\203\117\101\003\316\052\171\150\070\175\360\124
-\111\040\365\266\020\377\010\334\063\146\226\233\377\006\336\000
-\236\327\316\126\103\232\121\374\160\315\366\360\121\243\267\315
-\264\134\205\142\315\161\267\306\053\043\053\335\303\156\100\102
-\372\067\377\067\034\366\172\127\224\207\205\043\327\324\311\307
-\137\301\115\057\311\015\327\134\354\234\045\356\236\060\202\221
-\226\162\270\165\035\370\011\150\127\227\262\055\113\356\045\354
-\172\044\051\356\162\324\234\023\333\253\334\003\012\330\112\024
-\311\010\127\104\135\241\265\123\200\064\362\024\227\317\122\336
-\242\016\212\020\351\024\357\320\140\276\141\241\361\045\135\325
-\030\163\077\223\020\312\226\356\263\100\322\333\243\125\317\127
-\132\245\016\117\165\107\337\352\367\220\232\155\365\160\056\035
-\024\034\067\144\004\131\120\260\334\162\206\157\234\067\075\135
-\050\257\163\125\357\322\356\044\164\164\023\357\334\333\061\111
-\373\077\143\365\323\010\076\063\245\347\235\012\336\123\054\121
-\216\147\333\233\101\145\101\120\275\324\244\226\154\207\274\022
-\340\224\307\323\300\344\313\163\130\000\203\341\254\047\205\326
-\235\123\235\134\275\012\076\003\103\234\014\221\365\155\173\370
-\100\162\165\253\021\166\221\053\341\306\252\037\160\151\166\160
-\025\011\376\223\320\326\055\267\025\152\233\147\134\264\151\237
-\045\246\175\212\373\175\042\251\161\362\316\116\214\270\041\055
-\336\376\101\161\015\377\235\354\163\246\273\007\117\210\016\130
-\107\056\176\251\302\307\170\335\272\172\236\116\340\060\116\143
-\157\205\324\040\101\351\372\376\103\105\347\373\257\172\262\316
-\244\005\035\042\232\130\206\337\344\316\114\251\376\330\026\245
-\157\373\330\316\126\173\365\326\040\357\344\107\315\143\044\377
-\271\276\361\110\243\301\001\162\346\275\300\255\355\046\015\312
-\064\237\374\002\055\040\117\005\040\256\041\075\014\302\040\074
-\077\360\004\204\334\317\211\375\271\045\221\216\320\103\346\263
-\040\253\134\055\325\100\236\240\113\330\364\262\314\175\361\130
-\012\216\207\355\210\254\066\226\344\126\240\021\212\362\232\320
-\263\127\243\064\273\031\253\070\341\164\153\042\304\061\316\001
-\325\033\066\343\036\070\114\063\223\337\100\343\131\127\116\254
-\156\173\036\132\075\305\035\133\254\310\020\202\065\002\042\262
-\374\165\350\020\221\215\304\175\170\223\107\236\034\235\254\153
-\142\002\130\214\326\034\043\326\257\170\302\200\234\244\252\044
-\124\024\265\024\230\306\370\053\032\044\313\161\062\012\342\233
-\016\151\153\335\176\214\144\321\056\143\357\016\177\261\076\210
-\114\235\125\345\311\156\027\004\267\101\377\275\212\101\313\045
-\061\157\104\167\077\107\261\374\201\210\007\216\005\111\040\267
-\021\331\151\003\052\003\235\271\063\204\232\337\337\172\343\106
-\163\243\330\242\214\123\031\210\125\114\164\270\366\104\204\053
-\321\024\055\116\071\056\222\150\377\151\374\205\142\033\353\125
-\117\357\045\204\142\105\231\326\330\116\157\077\123\010\175\035
-\006\225\201\200\177\117\116\164\066\230\265\342\207\160\230\334
-\327\365\334\122\025\346\306\326\171\226\071\177\217\225\317\253
-\200\123\255\033\013\105\100\016\324\030\275\054\336\212\167\166
-\375\362\104\107\306\041\320\344\164\360\330\030\005\310\174\060
-\162\307\337\361\273\374\002\060\251\364\102\046\131\015\223\005
-\202\241\163\355\064\345\070\135\315\120\220\376\224\374\023\274
-\275\374\250\242\210\247\163\304\262\250\321\135\210\304\002\242
-\172\361\004\311\376\214\164\311\357\035\144\101\237\254\036\226
-\147\144\254\253\050\101\307\235\367\300\230\033\156\007\302\144
-\175\132\203\146\126\050\066\234\347\373\034\167\016\050\240\304
-\367\153\171\071\004\040\204\307\127\223\274\033\240\352\274\353
-\102\345\250\021\376\374\254\145\314\375\370\050\210\364\245\232
-\345\163\121\340\250\233\015\003\167\116\345\340\230\263\210\332
-\175\346\306\236\174\024\146\301\056\123\112\222\007\067\240\176
-\351\075\011\344\025\174\317\375\270\101\245\357\236\146\235\304
-\136\007\035\207\370\101\255\352\347\057\322\101\143\030\067\371
-\024\343\115\320\345\367\103\375\025\343\371\066\163\006\046\337
-\001\117\251\303\116\336\040\106\167\230\264\172\044\053\073\165
-\053\116\130\215\233\135\244\307\026\240\274\062\210\077\241\203
-\363\000\310\370\330\130\351\143\135\114\053\265\360\162\101\330
-\253\167\067\326\162\164\256\266\066\234\310\246\203\111\113\340
-\311\126\013\051\276\000\060\313\335\326\310\102\212\000\331\354
-\025\321\064\161\362\133\144\207\366\047\322\267\353\206\260\220
-\277\051\333\041\236\066\214\343\040\057\225\043\121\154\033\302
-\244\325\346\330\002\103\147\240\376\233\120\003\104\177\273\344
-\162\325\321\344\332\217\222\024\144\373\135\024\020\022\112\225
-\006\311\145\010\051\312\041\243\046\070\021\311\047\337\160\147
-\004\375\312\110\062\177\143\262\105\164\061\120\117\207\331\040
-\160\322\041\160\261\326\020\235\063\135\170\203\221\155\125\202
-\354\332\344\142\143\307\201\106\327\031\145\162\052\103\031\220
-\270\327\043\115\114\034\340\104\251\146\147\254\356\161\171\047
-\046\170\155\162\016\365\135\113\043\265\174\174\145\351\027\306
-\072\013\015\335\136\036\121\303\206\270\354\177\307\047\112\245
-\106\350\152\055\031\301\207\243\313\231\223\207\144\242\125\024
-\114\267\103\245\223\327\347\322\116\171\100\312\145\231\106\075
-\077\172\200\172\210\152\314\036\345\153\063\106\364\120\300\325
-\037\011\270\315\212\056\241\047\353\135\163\247\350\153\012\345
-\127\202\052\260\374\342\124\122\126\360\253\251\022\306\043\226
-\007\044\234\340\274\106\245\264\040\004\332\011\223\143\345\324
-\056\302\176\305\061\355\265\025\164\206\027\271\263\363\046\212
-\035\002\152\332\032\077\350\272\361\004\155\224\121\124\342\132
-\264\131\203\035\140\320\055\163\314\007\265\046\214\371\327\306
-\210\221\357\200\317\135\017\241\140\313\105\324\102\042\321\261
-\160\035\375\320\267\060\220\072\306\110\155\147\345\062\332\217
-\333\343\250\343\035\040\045\242\034\341\114\271\244\366\306\077
-\134\130\015\273\306\262\167\001\026\221\237\027\006\015\267\100
-\076\314\217\216\234\113\340\235\176\233\036\005\253\210\042\372
-\323\050\033\127\024\144\112\076\044\054\070\115\041\151\000\163
-\056\320\125\055\164\362\025\350\224\103\076\100\052\306\306\271
-\152\133\336\242\314\030\120\124\135\116\052\205\154\366\222\213
-\051\031\176\347\352\112\340\042\053\045\274\367\146\317\167\232
-\101\164\362\074\024\015\164\151\365\120\203\315\315\057\041\333
-\042\106\212\320\367\121\032\225\127\362\005\213\032\031\355\073
-\105\350\066\302\156\176\373\127\042\000\037\006\123\251\256\223
-\306\217\161\052\061\105\222\347\216\155\346\231\042\300\203\374
-\357\334\127\146\167\117\242\066\061\373\241\023\215\345\312\243
-\225\175\001\014\144\160\073\123\102\150\200\307\273\235\250\000
-\065\151\230\014\250\147\330\103\345\252\317\225\340\121\225\244
-\027\077\102\235\270\004\316\323\171\171\310\323\212\026\062\222
-\340\327\242\356\327\067\114\057\254\270\173\276\105\366\361\030
-\063\234\173\067\246\044\331\274\100\253\000\351\303\067\213\253
-\330\266\363\136\201\116\260\024\153\007\076\037\354\302\366\104
-\042\225\273\263\346\157\326\371\160\145\272\012\203\145\252\016
-\023\057\203\023\043\123\213\100\026\372\316\057\374\115\004\370
-\353\330\254\305\066\302\025\127\110\070\354\125\263\264\036\272
-\255\322\102\006\027\015\163\310\127\246\276\226\115\251\362\300
-\373\172\041\034\365\311\160\251\202\220\265\361\014\324\171\020
-\276\201\246\351\134\141\234\167\171\232\244\303\067\046\127\067
-\311\122\054\372\010\377\320\137\306\141\300\364\166\276\374\336
-\116\317\253\121\231\161\307\337\176\364\326\317\006\126\031\023
-\123\013\155\164\131\110\031\233\123\005\055\235\062\124\323\345
-\054\123\213\144\076\324\144\173\343\200\011\024\314\376\026\106
-\143\153\161\151\370\371\313\047\366\210\124\274\105\263\316\002
-\310\224\356\100\133\371\102\002\302\377\260\330\054\353\050\177
-\136\311\046\001\231\247
-END
-
-# Trust for Certificate "Thawte Universal CA Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Universal CA Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\213\302\212\044\257\373\126\135\350\120\025\173\172\153\157\024
-\170\114\220\343
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\027\257\161\026\122\173\163\145\042\005\051\050\204\161\235\023
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\127\061\017\060\015\006\003\125\004\012\023\006\124\150\141
-\167\164\145\061\041\060\037\006\003\125\004\013\023\030\124\150
-\141\167\164\145\040\125\156\151\166\145\162\163\141\154\040\103
-\101\040\122\157\157\164\061\041\060\037\006\003\125\004\003\023
-\030\124\150\141\167\164\145\040\125\156\151\166\145\162\163\141
-\154\040\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\213\133\165\126\204\124\205\013\000\317\257\070\110\316\261
-\244
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\032\060\202\003\002\002\021\000\213\133\165\126\204
-\124\205\013\000\317\257\070\110\316\261\244\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
-\151\147\156\040\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
-\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
-\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
-\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
-\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
-\040\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\335\204\324\271\264\371\247\330\363\004\170
-\234\336\075\334\154\023\026\331\172\335\044\121\146\300\307\046
-\131\015\254\006\010\302\224\321\063\037\360\203\065\037\156\033
-\310\336\252\156\025\116\124\047\357\304\155\032\354\013\343\016
-\360\104\245\127\307\100\130\036\243\107\037\161\354\140\366\155
-\224\310\030\071\355\376\102\030\126\337\344\114\111\020\170\116
-\001\166\065\143\022\066\335\146\274\001\004\066\243\125\150\325
-\242\066\011\254\253\041\046\124\006\255\077\312\024\340\254\312
-\255\006\035\225\342\370\235\361\340\140\377\302\177\165\053\114
-\314\332\376\207\231\041\352\272\376\076\124\327\322\131\170\333
-\074\156\317\240\023\000\032\270\047\241\344\276\147\226\312\240
-\305\263\234\335\311\165\236\353\060\232\137\243\315\331\256\170
-\031\077\043\351\134\333\051\275\255\125\310\033\124\214\143\366
-\350\246\352\307\067\022\134\243\051\036\002\331\333\037\073\264
-\327\017\126\107\201\025\004\112\257\203\047\321\305\130\210\301
-\335\366\252\247\243\030\332\150\252\155\021\121\341\277\145\153
-\237\226\166\321\075\002\003\001\000\001\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\253\146
-\215\327\263\272\307\232\266\346\125\320\005\361\237\061\215\132
-\252\331\252\106\046\017\161\355\245\255\123\126\142\001\107\052
-\104\351\376\077\164\013\023\233\271\364\115\033\262\321\137\262
-\266\322\210\134\263\237\315\313\324\247\331\140\225\204\072\370
-\301\067\035\141\312\347\260\305\345\221\332\124\246\254\061\201
-\256\227\336\315\010\254\270\300\227\200\177\156\162\244\347\151
-\023\225\145\037\304\223\074\375\171\217\004\324\076\117\352\367
-\236\316\315\147\174\117\145\002\377\221\205\124\163\307\377\066
-\367\206\055\354\320\136\117\377\021\237\162\006\326\270\032\361
-\114\015\046\145\342\104\200\036\307\237\343\335\350\012\332\354
-\245\040\200\151\150\241\117\176\341\153\317\007\101\372\203\216
-\274\070\335\260\056\021\261\153\262\102\314\232\274\371\110\042
-\171\112\031\017\262\034\076\040\164\331\152\303\276\362\050\170
-\023\126\171\117\155\120\352\033\260\265\127\261\067\146\130\043
-\363\334\017\337\012\207\304\357\206\005\325\070\024\140\231\243
-\113\336\006\226\161\054\362\333\266\037\244\357\077\356
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\040\102\205\334\367\353\166\101\225\127\216\023\153\324\267\321
-\351\216\106\245
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\261\107\274\030\127\321\030\240\170\055\354\161\350\052\225\163
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\061\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\213\133\165\126\204\124\205\013\000\317\257\070\110\316\261
-\244
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\141\160\313\111\214\137\230\105\051\347\260\246\331\120\133\172
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\031\060\202\003\001\002\020\141\160\313\111\214\137
-\230\105\051\347\260\246\331\120\133\172\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060\011
-\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003\125
-\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145\162
-\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167
-\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050\143
-\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156\054
-\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164\150
-\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171\061
-\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123\151
-\147\156\040\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060\061
-\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066\062
-\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003\125
-\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012\023
-\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061
-\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151
-\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153
-\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040\061
-\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111\156
-\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162\151
-\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060\103
-\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156\040
-\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040\120
-\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055
-\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206\367
-\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012\002
-\202\001\001\000\257\012\015\302\325\054\333\147\271\055\345\224
-\047\335\245\276\340\260\115\217\263\141\126\074\326\174\303\364
-\315\076\206\313\242\210\342\341\330\244\151\305\265\342\277\301
-\246\107\120\136\106\071\213\325\226\272\265\157\024\277\020\316
-\047\023\236\005\107\233\061\172\023\330\037\331\323\002\067\213
-\255\054\107\360\216\201\006\247\015\060\014\353\367\074\017\040
-\035\334\162\106\356\245\002\310\133\303\311\126\151\114\305\030
-\301\221\173\013\325\023\000\233\274\357\303\110\076\106\140\040
-\205\052\325\220\266\315\213\240\314\062\335\267\375\100\125\262
-\120\034\126\256\314\215\167\115\307\040\115\247\061\166\357\150
-\222\212\220\036\010\201\126\262\255\151\243\122\320\313\034\304
-\043\075\037\231\376\114\350\026\143\216\306\010\216\366\061\366
-\322\372\345\166\335\265\034\222\243\111\315\315\001\315\150\315
-\251\151\272\243\353\035\015\234\244\040\246\301\240\305\321\106
-\114\027\155\322\254\146\077\226\214\340\204\324\066\377\042\131
-\305\371\021\140\250\137\004\175\362\032\366\045\102\141\017\304
-\112\270\076\211\002\003\001\000\001\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\202\001\001\000\064\046\025
-\074\300\215\115\103\111\035\275\351\041\222\327\146\234\267\336
-\305\270\320\344\135\137\166\042\300\046\371\204\072\072\371\214
-\265\373\354\140\361\350\316\004\260\310\335\247\003\217\060\363
-\230\337\244\346\244\061\337\323\034\013\106\334\162\040\077\256
-\356\005\074\244\063\077\013\071\254\160\170\163\113\231\053\337
-\060\302\124\260\250\073\125\241\376\026\050\315\102\275\164\156
-\200\333\047\104\247\316\104\135\324\033\220\230\015\036\102\224
-\261\000\054\004\320\164\243\002\005\042\143\143\315\203\265\373
-\301\155\142\153\151\165\375\135\160\101\271\365\277\174\337\276
-\301\062\163\042\041\213\130\201\173\025\221\172\272\343\144\110
-\260\177\373\066\045\332\225\320\361\044\024\027\335\030\200\153
-\106\043\071\124\365\216\142\011\004\035\224\220\246\233\346\045
-\342\102\105\252\270\220\255\276\010\217\251\013\102\030\224\317
-\162\071\341\261\103\340\050\317\267\347\132\154\023\153\111\263
-\377\343\030\174\211\213\063\135\254\063\327\247\371\332\072\125
-\311\130\020\371\252\357\132\266\317\113\113\337\052
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\141\357\103\327\177\312\324\141\121\274\230\340\303\131\022\257
-\237\353\143\021
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\370\276\304\143\042\311\250\106\164\213\270\035\036\112\053\366
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\062\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\141\160\313\111\214\137\230\105\051\347\260\246\331\120\133\172
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\233\176\006\111\243\076\142\271\325\356\220\110\161\051\357
-\127
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\032\060\202\003\002\002\021\000\233\176\006\111\243
-\076\142\271\325\356\220\110\161\051\357\127\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
-\151\147\156\040\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
-\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
-\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
-\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
-\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
-\040\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\313\272\234\122\374\170\037\032\036\157\033
-\067\163\275\370\311\153\224\022\060\117\360\066\107\365\320\221
-\012\365\027\310\245\141\301\026\100\115\373\212\141\220\345\166
-\040\301\021\006\175\253\054\156\246\365\021\101\216\372\055\255
-\052\141\131\244\147\046\114\320\350\274\122\133\160\040\004\130
-\321\172\311\244\151\274\203\027\144\255\005\213\274\320\130\316
-\215\214\365\353\360\102\111\013\235\227\047\147\062\156\341\256
-\223\025\034\160\274\040\115\057\030\336\222\210\350\154\205\127
-\021\032\351\176\343\046\021\124\242\105\226\125\203\312\060\211
-\350\334\330\243\355\052\200\077\177\171\145\127\076\025\040\146
-\010\057\225\223\277\252\107\057\250\106\227\360\022\342\376\302
-\012\053\121\346\166\346\267\106\267\342\015\246\314\250\303\114
-\131\125\211\346\350\123\134\034\352\235\360\142\026\013\247\311
-\137\014\360\336\302\166\316\257\367\152\362\372\101\246\242\063
-\024\311\345\172\143\323\236\142\067\325\205\145\236\016\346\123
-\044\164\033\136\035\022\123\133\307\054\347\203\111\073\025\256
-\212\150\271\127\227\002\003\001\000\001\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\021\024
-\226\301\253\222\010\367\077\057\311\262\376\344\132\237\144\336
-\333\041\117\206\231\064\166\066\127\335\320\025\057\305\255\177
-\025\037\067\142\163\076\324\347\137\316\027\003\333\065\372\053
-\333\256\140\011\137\036\137\217\156\273\013\075\352\132\023\036
-\014\140\157\265\300\265\043\042\056\007\013\313\251\164\313\107
-\273\035\301\327\245\153\314\057\322\102\375\111\335\247\211\317
-\123\272\332\000\132\050\277\202\337\370\272\023\035\120\206\202
-\375\216\060\217\051\106\260\036\075\065\332\070\142\026\030\112
-\255\346\266\121\154\336\257\142\353\001\320\036\044\376\172\217
-\022\032\022\150\270\373\146\231\024\024\105\134\256\347\256\151
-\027\201\053\132\067\311\136\052\364\306\342\241\134\124\233\246
-\124\000\317\360\361\301\307\230\060\032\073\066\026\333\243\156
-\352\375\255\262\302\332\357\002\107\023\212\300\361\263\061\255
-\117\034\341\117\234\257\017\014\235\367\170\015\330\364\065\126
-\200\332\267\155\027\217\235\036\201\144\341\376\305\105\272\255
-\153\271\012\172\116\117\113\204\356\113\361\175\335\021
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\023\055\015\105\123\113\151\227\315\262\325\303\071\342\125\166
-\140\233\134\306
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\315\150\266\247\307\304\316\165\340\035\117\127\104\141\222\011
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\063\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\233\176\006\111\243\076\142\271\325\356\220\110\161\051\357
-\127
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 4 Public Primary Certification Authority - G3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\354\240\247\213\156\165\152\001\317\304\174\314\057\224\136
-\327
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\032\060\202\003\002\002\021\000\354\240\247\213\156
-\165\152\001\317\304\174\314\057\224\136\327\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\060\201\312\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\027\060\025\006\003
-\125\004\012\023\016\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153\061\072\060\070\006\003\125\004\013\023\061\050
-\143\051\040\061\071\071\071\040\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165\164
-\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154\171
-\061\105\060\103\006\003\125\004\003\023\074\126\145\162\151\123
-\151\147\156\040\103\154\141\163\163\040\064\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\063\060\036\027\015\071\071\061\060\060
-\061\060\060\060\060\060\060\132\027\015\063\066\060\067\061\066
-\062\063\065\071\065\071\132\060\201\312\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\027\060\025\006\003\125\004\012
-\023\016\126\145\162\151\123\151\147\156\054\040\111\156\143\056
-\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151\123
-\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157\162
-\153\061\072\060\070\006\003\125\004\013\023\061\050\143\051\040
-\061\071\071\071\040\126\145\162\151\123\151\147\156\054\040\111
-\156\143\056\040\055\040\106\157\162\040\141\165\164\150\157\162
-\151\172\145\144\040\165\163\145\040\157\156\154\171\061\105\060
-\103\006\003\125\004\003\023\074\126\145\162\151\123\151\147\156
-\040\103\154\141\163\163\040\064\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\040
-\055\040\107\063\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\255\313\245\021\151\306\131\253\361\217\265
-\031\017\126\316\314\265\037\040\344\236\046\045\113\340\163\145
-\211\131\336\320\203\344\365\017\265\273\255\361\174\350\041\374
-\344\350\014\356\174\105\042\031\166\222\264\023\267\040\133\011
-\372\141\256\250\362\245\215\205\302\052\326\336\146\066\322\233
-\002\364\250\222\140\174\234\151\264\217\044\036\320\206\122\366
-\062\234\101\130\036\042\275\315\105\142\225\010\156\320\146\335
-\123\242\314\360\020\334\124\163\213\004\241\106\063\063\134\027
-\100\271\236\115\323\363\276\125\203\350\261\211\216\132\174\232
-\226\042\220\073\210\045\362\322\123\210\002\014\013\170\362\346
-\067\027\113\060\106\007\344\200\155\246\330\226\056\350\054\370
-\021\263\070\015\146\246\233\352\311\043\133\333\216\342\363\023
-\216\032\131\055\252\002\360\354\244\207\146\334\301\077\365\330
-\271\364\354\202\306\322\075\225\035\345\300\117\204\311\331\243
-\104\050\006\152\327\105\254\360\153\152\357\116\137\370\021\202
-\036\070\143\064\146\120\324\076\223\163\372\060\303\146\255\377
-\223\055\227\357\003\002\003\001\000\001\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\003\202\001\001\000\217\372
-\045\153\117\133\344\244\116\047\125\253\042\025\131\074\312\265
-\012\324\112\333\253\335\241\137\123\305\240\127\071\302\316\107
-\053\276\072\310\126\277\302\331\047\020\072\261\005\074\300\167
-\061\273\072\323\005\173\155\232\034\060\214\200\313\223\223\052
-\203\253\005\121\202\002\000\021\147\153\363\210\141\107\137\003
-\223\325\133\015\340\361\324\241\062\065\205\262\072\333\260\202
-\253\321\313\012\274\117\214\133\305\113\000\073\037\052\202\246
-\176\066\205\334\176\074\147\000\265\344\073\122\340\250\353\135
-\025\371\306\155\360\255\035\016\205\267\251\232\163\024\132\133
-\217\101\050\300\325\350\055\115\244\136\315\252\331\355\316\334
-\330\325\074\102\035\027\301\022\135\105\070\303\070\363\374\205
-\056\203\106\110\262\327\040\137\222\066\217\347\171\017\230\136
-\231\350\360\320\244\273\365\123\275\052\316\131\260\257\156\177
-\154\273\322\036\000\260\041\355\370\101\142\202\271\330\262\304
-\273\106\120\363\061\305\217\001\250\164\353\365\170\047\332\347
-\367\146\103\363\236\203\076\040\252\303\065\140\221\316
-END
-
-# Trust for Certificate "Verisign Class 4 Public Primary Certification Authority - G3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 4 Public Primary Certification Authority - G3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\310\354\214\207\222\151\313\113\253\071\351\215\176\127\147\363
-\024\225\163\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\333\310\362\047\056\261\352\152\051\043\135\376\126\076\063\337
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\312\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\037\060\035\006\003\125
-\004\013\023\026\126\145\162\151\123\151\147\156\040\124\162\165
-\163\164\040\116\145\164\167\157\162\153\061\072\060\070\006\003
-\125\004\013\023\061\050\143\051\040\061\071\071\071\040\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\040\055\040\106
-\157\162\040\141\165\164\150\157\162\151\172\145\144\040\165\163
-\145\040\157\156\154\171\061\105\060\103\006\003\125\004\003\023
-\074\126\145\162\151\123\151\147\156\040\103\154\141\163\163\040
-\064\040\120\165\142\154\151\143\040\120\162\151\155\141\162\171
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\107\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\354\240\247\213\156\165\152\001\317\304\174\314\057\224\136
-\327
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023
-\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040
-\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141
-\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143
-\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156
-\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003
-\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
-\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023
-\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040
-\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141
-\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143
-\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156
-\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003
-\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
-\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\067\112\322\103
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\330\060\202\004\101\240\003\002\001\002\002\004\067
-\112\322\103\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\201\303\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\073\060\071\006\003\125\004
-\013\023\062\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\103\120\123\040\151\156\143\157\162\160\056\040\142
-\171\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154
-\151\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034
-\050\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164
-\056\156\145\164\040\114\151\155\151\164\145\144\061\072\060\070
-\006\003\125\004\003\023\061\105\156\164\162\165\163\164\056\156
-\145\164\040\123\145\143\165\162\145\040\123\145\162\166\145\162
-\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\060\036\027\015\071\071\060\065
-\062\065\061\066\060\071\064\060\132\027\015\061\071\060\065\062
-\065\061\066\063\071\064\060\132\060\201\303\061\013\060\011\006
-\003\125\004\006\023\002\125\123\061\024\060\022\006\003\125\004
-\012\023\013\105\156\164\162\165\163\164\056\156\145\164\061\073
-\060\071\006\003\125\004\013\023\062\167\167\167\056\145\156\164
-\162\165\163\164\056\156\145\164\057\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164
-\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040
-\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\201
-\235\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
-\003\201\213\000\060\201\207\002\201\201\000\315\050\203\064\124
-\033\211\363\017\257\067\221\061\377\257\061\140\311\250\350\262
-\020\150\355\237\347\223\066\361\012\144\273\107\365\004\027\077
-\043\107\115\305\047\031\201\046\014\124\162\015\210\055\331\037
-\232\022\237\274\263\161\323\200\031\077\107\146\173\214\065\050
-\322\271\012\337\044\332\234\326\120\171\201\172\132\323\067\367
-\302\112\330\051\222\046\144\321\344\230\154\072\000\212\365\064
-\233\145\370\355\343\020\377\375\270\111\130\334\240\336\202\071
-\153\201\261\026\031\141\271\124\266\346\103\002\001\003\243\202
-\001\327\060\202\001\323\060\021\006\011\140\206\110\001\206\370
-\102\001\001\004\004\003\002\000\007\060\202\001\031\006\003\125
-\035\037\004\202\001\020\060\202\001\014\060\201\336\240\201\333
-\240\201\330\244\201\325\060\201\322\061\013\060\011\006\003\125
-\004\006\023\002\125\123\061\024\060\022\006\003\125\004\012\023
-\013\105\156\164\162\165\163\164\056\156\145\164\061\073\060\071
-\006\003\125\004\013\023\062\167\167\167\056\145\156\164\162\165
-\163\164\056\156\145\164\057\103\120\123\040\151\156\143\157\162
-\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151
-\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125
-\004\013\023\034\050\143\051\040\061\071\071\071\040\105\156\164
-\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144
-\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165
-\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145
-\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\061\015\060\013
-\006\003\125\004\003\023\004\103\122\114\061\060\051\240\047\240
-\045\206\043\150\164\164\160\072\057\057\167\167\167\056\145\156
-\164\162\165\163\164\056\156\145\164\057\103\122\114\057\156\145
-\164\061\056\143\162\154\060\053\006\003\125\035\020\004\044\060
-\042\200\017\061\071\071\071\060\065\062\065\061\066\060\071\064
-\060\132\201\017\062\060\061\071\060\065\062\065\061\066\060\071
-\064\060\132\060\013\006\003\125\035\017\004\004\003\002\001\006
-\060\037\006\003\125\035\043\004\030\060\026\200\024\360\027\142
-\023\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320
-\032\060\035\006\003\125\035\016\004\026\004\024\360\027\142\023
-\125\075\263\377\012\000\153\373\120\204\227\363\355\142\320\032
-\060\014\006\003\125\035\023\004\005\060\003\001\001\377\060\031
-\006\011\052\206\110\206\366\175\007\101\000\004\014\060\012\033
-\004\126\064\056\060\003\002\004\220\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\201\201\000\220\334\060\002
-\372\144\164\302\247\012\245\174\041\215\064\027\250\373\107\016
-\377\045\174\215\023\012\373\344\230\265\357\214\370\305\020\015
-\367\222\276\361\303\325\325\225\152\004\273\054\316\046\066\145
-\310\061\306\347\356\077\343\127\165\204\172\021\357\106\117\030
-\364\323\230\273\250\207\062\272\162\366\074\342\075\237\327\035
-\331\303\140\103\214\130\016\042\226\057\142\243\054\037\272\255
-\005\357\253\062\170\207\240\124\163\031\265\134\005\371\122\076
-\155\055\105\013\367\012\223\352\355\006\371\262
-END
-
-# Trust for Certificate "Entrust.net Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\231\246\233\346\032\376\210\153\115\053\202\000\174\270\124\374
-\061\176\025\071
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\337\362\200\163\314\361\346\141\163\374\365\102\351\305\174\356
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\303\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\073\060\071\006\003\125\004\013\023
-\062\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040
-\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141
-\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143
-\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156
-\145\164\040\114\151\155\151\164\145\144\061\072\060\070\006\003
-\125\004\003\023\061\105\156\164\162\165\163\164\056\156\145\164
-\040\123\145\143\165\162\145\040\123\145\162\166\145\162\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164
-\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\067\112\322\103
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Secure Personal CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Personal CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024
-\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056
-\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061
-\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040
-\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003
-\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154
-\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024
-\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056
-\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061
-\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040
-\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003
-\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154
-\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\003\221\356
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\355\060\202\004\126\240\003\002\001\002\002\004\070
-\003\221\356\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\060\201\311\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004
-\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146
-\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141
-\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051
-\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145
-\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125
-\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040
-\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060\036
-\027\015\071\071\061\060\061\062\061\071\062\064\063\060\132\027
-\015\061\071\061\060\061\062\061\071\065\064\063\060\132\060\201
-\311\061\013\060\011\006\003\125\004\006\023\002\125\123\061\024
-\060\022\006\003\125\004\012\023\013\105\156\164\162\165\163\164
-\056\156\145\164\061\110\060\106\006\003\125\004\013\024\077\167
-\167\167\056\145\156\164\162\165\163\164\056\156\145\164\057\103
-\154\151\145\156\164\137\103\101\137\111\156\146\157\057\103\120
-\123\040\151\156\143\157\162\160\056\040\142\171\040\162\145\146
-\056\040\154\151\155\151\164\163\040\154\151\141\142\056\061\045
-\060\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071
-\071\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151
-\155\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052
-\105\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145
-\156\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\060\201\235\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\201\213\000
-\060\201\207\002\201\201\000\310\072\231\136\061\027\337\254\047
-\157\220\173\344\031\377\105\243\064\302\333\301\250\117\360\150
-\352\204\375\237\165\171\317\301\212\121\224\257\307\127\003\107
-\144\236\255\202\033\132\332\177\067\170\107\273\067\230\022\226
-\316\306\023\175\357\322\014\060\121\251\071\236\125\370\373\261
-\347\060\336\203\262\272\076\361\325\211\073\073\205\272\252\164
-\054\376\077\061\156\257\221\225\156\006\324\007\115\113\054\126
-\107\030\004\122\332\016\020\223\277\143\220\233\341\337\214\346
-\002\244\346\117\136\367\213\002\001\003\243\202\001\340\060\202
-\001\334\060\021\006\011\140\206\110\001\206\370\102\001\001\004
-\004\003\002\000\007\060\202\001\042\006\003\125\035\037\004\202
-\001\031\060\202\001\025\060\201\344\240\201\341\240\201\336\244
-\201\333\060\201\330\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\110\060\106\006\003\125\004
-\013\024\077\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\103\154\151\145\156\164\137\103\101\137\111\156\146
-\157\057\103\120\123\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\154\151\155\151\164\163\040\154\151\141
-\142\056\061\045\060\043\006\003\125\004\013\023\034\050\143\051
-\040\061\071\071\071\040\105\156\164\162\165\163\164\056\156\145
-\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125
-\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040
-\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015
-\060\013\006\003\125\004\003\023\004\103\122\114\061\060\054\240
-\052\240\050\206\046\150\164\164\160\072\057\057\167\167\167\056
-\145\156\164\162\165\163\164\056\156\145\164\057\103\122\114\057
-\103\154\151\145\156\164\061\056\143\162\154\060\053\006\003\125
-\035\020\004\044\060\042\200\017\061\071\071\071\061\060\061\062
-\061\071\062\064\063\060\132\201\017\062\060\061\071\061\060\061
-\062\061\071\062\064\063\060\132\060\013\006\003\125\035\017\004
-\004\003\002\001\006\060\037\006\003\125\035\043\004\030\060\026
-\200\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312
-\231\164\213\225\352\114\060\035\006\003\125\035\016\004\026\004
-\024\304\373\234\051\173\227\315\114\226\374\356\133\263\312\231
-\164\213\225\352\114\060\014\006\003\125\035\023\004\005\060\003
-\001\001\377\060\031\006\011\052\206\110\206\366\175\007\101\000
-\004\014\060\012\033\004\126\064\056\060\003\002\004\220\060\015
-\006\011\052\206\110\206\367\015\001\001\004\005\000\003\201\201
-\000\077\256\212\361\327\146\003\005\236\076\372\352\034\106\273
-\244\133\217\170\232\022\110\231\371\364\065\336\014\066\007\002
-\153\020\072\211\024\201\234\061\246\174\262\101\262\152\347\007
-\001\241\113\371\237\045\073\226\312\231\303\076\241\121\034\363
-\303\056\104\367\260\147\106\252\222\345\073\332\034\031\024\070
-\060\325\342\242\061\045\056\361\354\105\070\355\370\006\130\003
-\163\142\260\020\061\217\100\277\144\340\134\076\305\117\037\332
-\022\103\377\114\346\006\046\250\233\031\252\104\074\166\262\134
-\354
-END
-
-# Trust for Certificate "Entrust.net Secure Personal CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Secure Personal CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\332\171\301\161\021\120\302\064\071\252\053\013\014\142\375\125
-\262\371\365\200
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\014\101\057\023\133\240\124\365\226\146\055\176\315\016\003\364
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\311\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\024\060\022\006\003\125\004\012\023\013\105\156\164\162\165
-\163\164\056\156\145\164\061\110\060\106\006\003\125\004\013\024
-\077\167\167\167\056\145\156\164\162\165\163\164\056\156\145\164
-\057\103\154\151\145\156\164\137\103\101\137\111\156\146\157\057
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\154\151\155\151\164\163\040\154\151\141\142\056
-\061\045\060\043\006\003\125\004\013\023\034\050\143\051\040\061
-\071\071\071\040\105\156\164\162\165\163\164\056\156\145\164\040
-\114\151\155\151\164\145\144\061\063\060\061\006\003\125\004\003
-\023\052\105\156\164\162\165\163\164\056\156\145\164\040\103\154
-\151\145\156\164\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\003\221\356
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Premium 2048 Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Premium 2048 Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\050\062\060\064\070\051
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\050\062\060\064\070\051
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\143\271\146
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\134\060\202\003\104\240\003\002\001\002\002\004\070
-\143\271\146\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013
-\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006
-\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163
-\164\056\156\145\164\057\103\120\123\137\062\060\064\070\040\151
-\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
-\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
-\043\006\003\125\004\013\023\034\050\143\051\040\061\071\071\071
-\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
-\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105
-\156\164\162\165\163\164\056\156\145\164\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\050\062\060\064\070\051\060\036\027\015\071\071\061
-\062\062\064\061\067\065\060\065\061\132\027\015\061\071\061\062
-\062\064\061\070\062\060\065\061\132\060\201\264\061\024\060\022
-\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156
-\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167
-\056\145\156\164\162\165\163\164\056\156\145\164\057\103\120\123
-\137\062\060\064\070\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151
-\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050
-\143\051\040\061\071\071\071\040\105\156\164\162\165\163\164\056
-\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006
-\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\050\062\060\064\070\051
-\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001\001
-\000\255\115\113\251\022\206\262\352\243\040\007\025\026\144\052
-\053\113\321\277\013\112\115\216\355\200\166\245\147\267\170\100
-\300\163\102\310\150\300\333\123\053\335\136\270\166\230\065\223
-\213\032\235\174\023\072\016\037\133\267\036\317\345\044\024\036
-\261\201\251\215\175\270\314\153\113\003\361\002\014\334\253\245
-\100\044\000\177\164\224\241\235\010\051\263\210\013\365\207\167
-\235\125\315\344\303\176\327\152\144\253\205\024\206\225\133\227
-\062\120\157\075\310\272\146\014\343\374\275\270\111\301\166\211
-\111\031\375\300\250\275\211\243\147\057\306\237\274\161\031\140
-\270\055\351\054\311\220\166\146\173\224\342\257\170\326\145\123
-\135\074\326\234\262\317\051\003\371\057\244\120\262\324\110\316
-\005\062\125\212\375\262\144\114\016\344\230\007\165\333\177\337
-\271\010\125\140\205\060\051\371\173\110\244\151\206\343\065\077
-\036\206\135\172\172\025\275\357\000\216\025\042\124\027\000\220
-\046\223\274\016\111\150\221\277\370\107\323\235\225\102\301\016
-\115\337\157\046\317\303\030\041\142\146\103\160\326\325\300\007
-\341\002\003\001\000\001\243\164\060\162\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\037\006
-\003\125\035\043\004\030\060\026\200\024\125\344\201\321\021\200
-\276\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035
-\006\003\125\035\016\004\026\004\024\125\344\201\321\021\200\276
-\330\211\271\010\243\061\371\241\044\011\026\271\160\060\035\006
-\011\052\206\110\206\366\175\007\101\000\004\020\060\016\033\010
-\126\065\056\060\072\064\056\060\003\002\004\220\060\015\006\011
-\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
-\131\107\254\041\204\212\027\311\234\211\123\036\272\200\205\032
-\306\074\116\076\261\234\266\174\306\222\135\030\144\002\343\323
-\006\010\021\141\174\143\343\053\235\061\003\160\166\322\243\050
-\240\364\273\232\143\163\355\155\345\052\333\355\024\251\053\306
-\066\021\320\053\353\007\213\245\332\236\134\031\235\126\022\365
-\124\051\310\005\355\262\022\052\215\364\003\033\377\347\222\020
-\207\260\072\265\303\235\005\067\022\243\307\364\025\271\325\244
-\071\026\233\123\072\043\221\361\250\202\242\152\210\150\301\171
-\002\042\274\252\246\326\256\337\260\024\137\270\207\320\335\174
-\177\173\377\257\034\317\346\333\007\255\136\333\205\235\320\053
-\015\063\333\004\321\346\111\100\023\053\166\373\076\351\234\211
-\017\025\316\030\260\205\170\041\117\153\117\016\372\066\147\315
-\007\362\377\010\320\342\336\331\277\052\257\270\207\206\041\074
-\004\312\267\224\150\177\317\074\351\230\327\070\377\354\300\331
-\120\360\056\113\130\256\106\157\320\056\303\140\332\162\125\162
-\275\114\105\236\141\272\277\204\201\222\003\321\322\151\174\305
-END
-
-# Trust for Certificate "Entrust.net Premium 2048 Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Premium 2048 Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\200\035\142\320\173\104\235\134\134\003\134\230\352\141\372\104
-\074\052\130\376
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\272\041\352\040\326\335\333\217\301\127\213\100\255\241\374\374
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\103\120\123\137\062\060\064\070\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\061\071\071\071\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\050\062\060\064\070\051
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\143\271\146
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "ValiCert OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141
-\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120
-\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072
-\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156
-\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162
-\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141
-\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120
-\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072
-\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156
-\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162
-\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\110\060\202\002\261\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141\154
-\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157\156
-\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125\004
-\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156\143
-\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141\163
-\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040\101
-\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120\061
-\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072\057
-\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156\145
-\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001\011
-\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162\164
-\056\143\157\155\060\036\027\015\060\060\060\062\061\062\061\061
-\065\060\060\065\132\027\015\060\065\060\062\061\060\061\061\065
-\060\060\065\132\060\201\262\061\044\060\042\006\003\125\004\007
-\023\033\126\141\154\151\103\145\162\164\040\126\141\154\151\144
-\141\164\151\157\156\040\116\145\164\167\157\162\153\061\027\060
-\025\006\003\125\004\012\023\016\126\141\154\151\103\145\162\164
-\054\040\111\156\143\056\061\054\060\052\006\003\125\004\013\023
-\043\103\154\141\163\163\040\061\040\126\141\154\151\144\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\055\040
-\117\103\123\120\061\041\060\037\006\003\125\004\003\023\030\150
-\164\164\160\072\057\057\167\167\167\056\166\141\154\151\143\145
-\162\164\056\156\145\164\057\061\040\060\036\006\011\052\206\110
-\206\367\015\001\011\001\026\021\151\156\146\157\100\166\141\154
-\151\143\145\162\164\056\143\157\155\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\307\214\057\247\303\100\207\073\075\327
-\304\232\130\024\144\012\303\010\071\142\032\317\322\353\251\361
-\151\164\212\312\016\132\166\314\242\122\116\320\363\304\172\265
-\370\246\034\273\243\247\244\123\207\133\215\300\000\273\325\146
-\044\347\164\306\026\310\257\310\003\142\325\062\207\242\122\221
-\104\224\225\250\107\103\155\245\110\234\366\114\165\325\117\142
-\347\311\377\173\364\044\214\247\274\050\166\265\062\240\045\163
-\267\107\057\170\370\106\371\207\024\360\167\374\012\167\350\117
-\375\214\037\372\142\331\002\003\001\000\001\243\154\060\152\060
-\017\006\011\053\006\001\005\005\007\060\001\005\004\002\005\000
-\060\023\006\003\125\035\045\004\014\060\012\006\010\053\006\001
-\005\005\007\003\011\060\013\006\003\125\035\017\004\004\003\002
-\001\206\060\065\006\010\053\006\001\005\005\007\001\001\004\051
-\060\047\060\045\006\010\053\006\001\005\005\007\060\001\206\031
-\150\164\164\160\072\057\057\157\143\163\160\062\056\166\141\154
-\151\143\145\162\164\056\156\145\164\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\201\201\000\025\305\340\270
-\064\162\022\006\040\250\142\225\223\321\274\223\272\220\253\334
-\116\215\216\215\230\114\343\062\365\053\077\263\227\373\252\242
-\255\100\227\255\150\275\134\255\123\016\320\246\263\015\254\032
-\231\215\252\060\036\317\016\160\377\002\260\167\145\203\315\332
-\007\134\122\315\131\273\242\310\342\264\026\203\217\324\225\171
-\223\055\350\277\104\223\061\222\060\323\064\064\361\020\373\041
-\254\056\364\303\135\144\143\172\231\341\232\253\102\035\110\146
-\246\167\067\270\125\074\255\376\145\260\142\351
-END
-
-# Trust for Certificate "ValiCert OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "ValiCert OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\133\166\261\274\342\212\360\366\161\221\205\147\046\215\021\151
-\017\027\077\163
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\325\036\040\137\321\365\035\202\127\010\122\071\035\372\212\255
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\262\061\044\060\042\006\003\125\004\007\023\033\126\141
-\154\151\103\145\162\164\040\126\141\154\151\144\141\164\151\157
-\156\040\116\145\164\167\157\162\153\061\027\060\025\006\003\125
-\004\012\023\016\126\141\154\151\103\145\162\164\054\040\111\156
-\143\056\061\054\060\052\006\003\125\004\013\023\043\103\154\141
-\163\163\040\061\040\126\141\154\151\144\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\040\055\040\117\103\123\120
-\061\041\060\037\006\003\125\004\003\023\030\150\164\164\160\072
-\057\057\167\167\167\056\166\141\154\151\143\145\162\164\056\156
-\145\164\057\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\151\156\146\157\100\166\141\154\151\143\145\162
-\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Baltimore CyberTrust Code Signing Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Code Signing Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004
-\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147
-\156\151\156\147\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004
-\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147
-\156\151\156\147\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\277
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\246\060\202\002\216\240\003\002\001\002\002\004\002
-\000\000\277\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\147\061\013\060\011\006\003\125\004\006\023\002\111
-\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
-\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
-\103\171\142\145\162\124\162\165\163\164\061\057\060\055\006\003
-\125\004\003\023\046\102\141\154\164\151\155\157\162\145\040\103
-\171\142\145\162\124\162\165\163\164\040\103\157\144\145\040\123
-\151\147\156\151\156\147\040\122\157\157\164\060\036\027\015\060
-\060\060\065\061\067\061\064\060\061\060\060\132\027\015\062\065
-\060\065\061\067\062\063\065\071\060\060\132\060\147\061\013\060
-\011\006\003\125\004\006\023\002\111\105\061\022\060\020\006\003
-\125\004\012\023\011\102\141\154\164\151\155\157\162\145\061\023
-\060\021\006\003\125\004\013\023\012\103\171\142\145\162\124\162
-\165\163\164\061\057\060\055\006\003\125\004\003\023\046\102\141
-\154\164\151\155\157\162\145\040\103\171\142\145\162\124\162\165
-\163\164\040\103\157\144\145\040\123\151\147\156\151\156\147\040
-\122\157\157\164\060\202\001\042\060\015\006\011\052\206\110\206
-\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001\012
-\002\202\001\001\000\310\161\232\030\022\216\172\333\371\232\374
-\101\257\330\362\364\011\216\255\077\376\147\067\074\332\311\046
-\120\261\261\076\313\350\116\163\000\362\262\334\363\305\106\373
-\011\357\030\226\316\247\340\234\204\135\040\016\172\240\252\066
-\213\372\050\266\170\056\263\354\350\107\363\004\360\220\043\264
-\352\257\345\123\270\005\367\107\135\053\206\361\247\244\306\073
-\065\266\322\015\122\101\327\364\222\165\341\242\012\120\126\207
-\276\227\013\173\063\205\020\271\050\030\356\063\352\110\021\327
-\133\221\107\166\042\324\356\317\135\347\250\116\034\235\226\221
-\335\234\275\164\011\250\162\141\252\260\041\072\361\075\054\003
-\126\011\322\301\334\303\265\307\124\067\253\346\046\242\262\106
-\161\163\312\021\210\356\274\347\144\367\320\021\032\163\100\132
-\310\111\054\017\267\357\220\177\150\200\004\070\013\033\017\073
-\324\365\240\263\302\216\341\064\264\200\231\155\236\166\324\222
-\051\100\261\225\322\067\244\147\022\177\340\142\273\256\065\305
-\231\066\202\104\270\346\170\030\063\141\161\223\133\055\215\237
-\170\225\202\353\155\002\003\001\000\001\243\132\060\130\060\023
-\006\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005
-\007\003\003\060\035\006\003\125\035\016\004\026\004\024\310\101
-\064\134\025\025\004\345\100\362\321\253\232\157\044\222\172\207
-\102\132\060\022\006\003\125\035\023\001\001\377\004\010\060\006
-\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001\377
-\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\001\001\000\122\164\252\225\113\042
-\214\307\075\226\244\376\135\372\057\265\274\353\360\013\351\126
-\070\035\321\155\015\241\274\150\213\360\305\200\245\044\064\375
-\362\226\030\021\206\241\066\365\067\347\124\100\325\144\037\303
-\137\160\102\153\055\071\307\236\122\005\316\347\152\162\322\215
-\162\077\107\120\203\253\307\215\045\311\260\343\247\123\026\225
-\246\152\123\352\030\235\217\170\251\167\167\032\371\264\227\107
-\131\210\047\050\265\312\341\056\327\076\016\242\015\270\042\104
-\003\343\321\143\260\101\072\241\365\244\055\367\166\036\004\124
-\231\170\062\100\327\053\174\115\272\246\234\260\171\156\007\276
-\214\354\356\327\070\151\133\301\014\126\150\237\376\353\321\341
-\310\210\371\362\315\177\276\205\264\104\147\000\120\076\364\046
-\003\144\352\167\175\350\136\076\034\067\107\310\326\352\244\363
-\066\074\227\302\071\162\005\224\031\045\303\327\067\101\017\301
-\037\207\212\375\252\276\351\261\144\127\344\333\222\241\317\341
-\111\350\073\037\221\023\132\303\217\331\045\130\111\200\107\017
-\306\003\256\254\343\277\267\300\252\052
-END
-
-# Trust for Certificate "Baltimore CyberTrust Code Signing Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Code Signing Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\060\106\330\310\210\377\151\060\303\112\374\315\111\047\010\174
-\140\126\173\015
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\220\365\050\111\126\321\135\054\260\123\324\113\357\157\220\042
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\057\060\055\006\003\125\004
-\003\023\046\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\103\157\144\145\040\123\151\147
-\156\151\156\147\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\277
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Baltimore CyberTrust Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
-\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
-\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\271
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\167\060\202\002\137\240\003\002\001\002\002\004\002
-\000\000\271\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\111
-\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
-\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
-\103\171\142\145\162\124\162\165\163\164\061\042\060\040\006\003
-\125\004\003\023\031\102\141\154\164\151\155\157\162\145\040\103
-\171\142\145\162\124\162\165\163\164\040\122\157\157\164\060\036
-\027\015\060\060\060\065\061\062\061\070\064\066\060\060\132\027
-\015\062\065\060\065\061\062\062\063\065\071\060\060\132\060\132
-\061\013\060\011\006\003\125\004\006\023\002\111\105\061\022\060
-\020\006\003\125\004\012\023\011\102\141\154\164\151\155\157\162
-\145\061\023\060\021\006\003\125\004\013\023\012\103\171\142\145
-\162\124\162\165\163\164\061\042\060\040\006\003\125\004\003\023
-\031\102\141\154\164\151\155\157\162\145\040\103\171\142\145\162
-\124\162\165\163\164\040\122\157\157\164\060\202\001\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
-\017\000\060\202\001\012\002\202\001\001\000\243\004\273\042\253
-\230\075\127\350\046\162\232\265\171\324\051\342\341\350\225\200
-\261\260\343\133\216\053\051\232\144\337\241\135\355\260\011\005
-\155\333\050\056\316\142\242\142\376\264\210\332\022\353\070\353
-\041\235\300\101\053\001\122\173\210\167\323\034\217\307\272\271
-\210\265\152\011\347\163\350\021\100\247\321\314\312\142\215\055
-\345\217\013\246\120\322\250\120\303\050\352\365\253\045\207\212
-\232\226\034\251\147\270\077\014\325\367\371\122\023\057\302\033
-\325\160\160\360\217\300\022\312\006\313\232\341\331\312\063\172
-\167\326\370\354\271\361\150\104\102\110\023\322\300\302\244\256
-\136\140\376\266\246\005\374\264\335\007\131\002\324\131\030\230
-\143\365\245\143\340\220\014\175\135\262\006\172\363\205\352\353
-\324\003\256\136\204\076\137\377\025\355\151\274\371\071\066\162
-\165\317\167\122\115\363\311\220\054\271\075\345\311\043\123\077
-\037\044\230\041\134\007\231\051\275\306\072\354\347\156\206\072
-\153\227\164\143\063\275\150\030\061\360\170\215\166\277\374\236
-\216\135\052\206\247\115\220\334\047\032\071\002\003\001\000\001
-\243\105\060\103\060\035\006\003\125\035\016\004\026\004\024\345
-\235\131\060\202\107\130\314\254\372\010\124\066\206\173\072\265
-\004\115\360\060\022\006\003\125\035\023\001\001\377\004\010\060
-\006\001\001\377\002\001\003\060\016\006\003\125\035\017\001\001
-\377\004\004\003\002\001\006\060\015\006\011\052\206\110\206\367
-\015\001\001\005\005\000\003\202\001\001\000\205\014\135\216\344
-\157\121\150\102\005\240\335\273\117\047\045\204\003\275\367\144
-\375\055\327\060\343\244\020\027\353\332\051\051\266\171\077\166
-\366\031\023\043\270\020\012\371\130\244\324\141\160\275\004\141
-\152\022\212\027\325\012\275\305\274\060\174\326\351\014\045\215
-\206\100\117\354\314\243\176\070\306\067\021\117\355\335\150\061
-\216\114\322\263\001\164\356\276\165\136\007\110\032\177\160\377
-\026\134\204\300\171\205\270\005\375\177\276\145\021\243\017\300
-\002\264\370\122\067\071\004\325\251\061\172\030\277\240\052\364
-\022\231\367\243\105\202\343\074\136\365\235\236\265\310\236\174
-\056\310\244\236\116\010\024\113\155\375\160\155\153\032\143\275
-\144\346\037\267\316\360\362\237\056\273\033\267\362\120\210\163
-\222\302\342\343\026\215\232\062\002\253\216\030\335\351\020\021
-\356\176\065\253\220\257\076\060\224\172\320\063\075\247\145\017
-\365\374\216\236\142\317\107\104\054\001\135\273\035\265\062\322
-\107\322\070\056\320\376\201\334\062\152\036\265\356\074\325\374
-\347\201\035\031\303\044\102\352\143\071\251
-END
-
-# Trust for Certificate "Baltimore CyberTrust Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\324\336\040\320\136\146\374\123\376\032\120\210\054\170\333\050
-\122\312\344\164
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\254\266\224\245\234\027\340\327\221\122\233\261\227\006\246\344
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\042\060\040\006\003\125\004
-\003\023\031\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\271
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Baltimore CyberTrust Mobile Commerce Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Mobile Commerce Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004
-\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122
-\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004
-\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122
-\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\270
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\175\060\202\001\346\240\003\002\001\002\002\004\002
-\000\000\270\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\141\061\013\060\011\006\003\125\004\006\023\002\111
-\105\061\022\060\020\006\003\125\004\012\023\011\102\141\154\164
-\151\155\157\162\145\061\023\060\021\006\003\125\004\013\023\012
-\103\171\142\145\162\124\162\165\163\164\061\051\060\047\006\003
-\125\004\003\023\040\102\141\154\164\151\155\157\162\145\040\103
-\171\142\145\162\124\162\165\163\164\040\115\157\142\151\154\145
-\040\122\157\157\164\060\036\027\015\060\060\060\065\061\062\061
-\070\062\060\060\060\132\027\015\062\060\060\065\061\062\062\063
-\065\071\060\060\132\060\141\061\013\060\011\006\003\125\004\006
-\023\002\111\105\061\022\060\020\006\003\125\004\012\023\011\102
-\141\154\164\151\155\157\162\145\061\023\060\021\006\003\125\004
-\013\023\012\103\171\142\145\162\124\162\165\163\164\061\051\060
-\047\006\003\125\004\003\023\040\102\141\154\164\151\155\157\162
-\145\040\103\171\142\145\162\124\162\165\163\164\040\115\157\142
-\151\154\145\040\122\157\157\164\060\201\237\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201
-\211\002\201\201\000\243\155\261\070\126\254\374\265\126\041\336
-\300\220\135\046\107\202\306\175\217\037\240\205\217\057\273\324
-\341\034\035\362\044\037\050\260\057\271\244\245\157\242\042\040
-\144\376\204\107\074\176\053\154\151\152\270\324\300\226\216\214
-\122\015\315\157\101\324\277\004\256\247\201\057\055\230\110\322
-\301\224\243\265\031\135\135\121\144\364\216\101\260\233\300\055
-\042\240\136\306\330\132\022\143\274\021\112\136\046\022\035\342
-\046\005\346\017\137\042\037\172\137\166\224\256\317\132\050\016
-\253\105\332\042\061\002\003\001\000\001\243\102\060\100\060\035
-\006\003\125\035\016\004\026\004\024\311\342\217\300\002\046\132
-\266\300\007\343\177\224\007\030\333\056\245\232\160\060\017\006
-\003\125\035\023\001\001\377\004\005\060\003\001\001\377\060\016
-\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201
-\000\123\010\013\046\011\170\102\163\324\354\172\167\107\015\343
-\013\063\161\357\256\063\024\115\373\372\375\032\267\121\365\344
-\231\034\006\161\327\051\031\327\346\025\040\121\121\106\155\117
-\336\030\111\230\320\370\170\273\161\350\215\001\006\325\327\144
-\217\224\337\107\376\240\205\151\066\251\057\102\172\150\112\022
-\326\213\013\160\104\012\244\004\357\046\210\301\065\161\070\135
-\033\133\110\102\360\347\224\034\160\225\064\250\253\365\253\342
-\170\255\365\360\122\375\233\352\102\014\350\330\124\276\123\146
-\365
-END
-
-# Trust for Certificate "Baltimore CyberTrust Mobile Commerce Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Baltimore CyberTrust Mobile Commerce Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\264\343\013\234\301\325\356\275\240\040\030\370\271\212\321\377
-\151\267\072\161
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\353\264\040\035\017\266\161\003\367\304\367\307\244\162\206\350
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\111\105\061
-\022\060\020\006\003\125\004\012\023\011\102\141\154\164\151\155
-\157\162\145\061\023\060\021\006\003\125\004\013\023\012\103\171
-\142\145\162\124\162\165\163\164\061\051\060\047\006\003\125\004
-\003\023\040\102\141\154\164\151\155\157\162\145\040\103\171\142
-\145\162\124\162\165\163\164\040\115\157\142\151\154\145\040\122
-\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\002\000\000\270
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Equifax Secure Global eBusiness CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure Global eBusiness CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
-\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
-\165\163\151\156\145\163\163\040\103\101\055\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
-\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
-\165\163\151\156\145\163\163\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\220\060\202\001\371\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034
-\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170
-\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060\053
-\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040\123
-\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102\165
-\163\151\156\145\163\163\040\103\101\055\061\060\036\027\015\071
-\071\060\066\062\061\060\064\060\060\060\060\132\027\015\062\060
-\060\066\062\061\060\064\060\060\060\060\132\060\132\061\013\060
-\011\006\003\125\004\006\023\002\125\123\061\034\060\032\006\003
-\125\004\012\023\023\105\161\165\151\146\141\170\040\123\145\143
-\165\162\145\040\111\156\143\056\061\055\060\053\006\003\125\004
-\003\023\044\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\107\154\157\142\141\154\040\145\102\165\163\151\156\145
-\163\163\040\103\101\055\061\060\201\237\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211
-\002\201\201\000\272\347\027\220\002\145\261\064\125\074\111\302
-\121\325\337\247\321\067\217\321\347\201\163\101\122\140\233\235
-\241\027\046\170\255\307\261\350\046\224\062\265\336\063\215\072
-\057\333\362\232\172\132\163\230\243\134\351\373\212\163\033\134
-\347\303\277\200\154\315\251\364\326\053\300\367\371\231\252\143
-\242\261\107\002\017\324\344\121\072\022\074\154\212\132\124\204
-\160\333\301\305\220\317\162\105\313\250\131\300\315\063\235\077
-\243\226\353\205\063\041\034\076\036\076\140\156\166\234\147\205
-\305\310\303\141\002\003\001\000\001\243\146\060\144\060\021\006
-\011\140\206\110\001\206\370\102\001\001\004\004\003\002\000\007
-\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001
-\377\060\037\006\003\125\035\043\004\030\060\026\200\024\276\250
-\240\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153
-\150\154\060\035\006\003\125\035\016\004\026\004\024\276\250\240
-\164\162\120\153\104\267\311\043\330\373\250\377\263\127\153\150
-\154\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000
-\003\201\201\000\060\342\001\121\252\307\352\137\332\271\320\145
-\017\060\326\076\332\015\024\111\156\221\223\047\024\061\357\304
-\367\055\105\370\354\307\277\242\101\015\043\264\222\371\031\000
-\147\275\001\257\315\340\161\374\132\317\144\304\340\226\230\320
-\243\100\342\001\212\357\047\007\361\145\001\212\104\055\006\145
-\165\122\300\206\020\040\041\137\154\153\017\154\256\011\034\257
-\362\242\030\064\304\165\244\163\034\361\215\334\357\255\371\263
-\166\264\222\277\334\225\020\036\276\313\310\073\132\204\140\031
-\126\224\251\125
-END
-
-# Trust for Certificate "Equifax Secure Global eBusiness CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure Global eBusiness CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\176\170\112\020\034\202\145\314\055\341\361\155\107\264\100\312
-\331\012\031\105
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\217\135\167\006\047\304\230\074\133\223\170\347\327\175\233\314
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\055\060
-\053\006\003\125\004\003\023\044\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\107\154\157\142\141\154\040\145\102
-\165\163\151\156\145\163\163\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Equifax Secure eBusiness CA 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060
-\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163
-\040\103\101\055\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060
-\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163
-\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\202\060\202\001\353\240\003\002\001\002\002\001\004
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061\034
-\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141\170
-\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060\044
-\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040\123
-\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163\040
-\103\101\055\061\060\036\027\015\071\071\060\066\062\061\060\064
-\060\060\060\060\132\027\015\062\060\060\066\062\061\060\064\060
-\060\060\060\132\060\123\061\013\060\011\006\003\125\004\006\023
-\002\125\123\061\034\060\032\006\003\125\004\012\023\023\105\161
-\165\151\146\141\170\040\123\145\143\165\162\145\040\111\156\143
-\056\061\046\060\044\006\003\125\004\003\023\035\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\040\145\102\165\163\151
-\156\145\163\163\040\103\101\055\061\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\316\057\031\274\027\267\167\336\223\251
-\137\132\015\027\117\064\032\014\230\364\042\331\131\324\304\150
-\106\360\264\065\305\205\003\040\306\257\105\245\041\121\105\101
-\353\026\130\066\062\157\342\120\142\144\371\375\121\234\252\044
-\331\364\235\203\052\207\012\041\323\022\070\064\154\215\000\156
-\132\240\331\102\356\032\041\225\371\122\114\125\132\305\017\070
-\117\106\372\155\370\056\065\326\035\174\353\342\360\260\165\200
-\310\251\023\254\276\210\357\072\156\253\137\052\070\142\002\260
-\022\173\376\217\246\003\002\003\001\000\001\243\146\060\144\060
-\021\006\011\140\206\110\001\206\370\102\001\001\004\004\003\002
-\000\007\060\017\006\003\125\035\023\001\001\377\004\005\060\003
-\001\001\377\060\037\006\003\125\035\043\004\030\060\026\200\024
-\112\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152
-\107\174\114\241\060\035\006\003\125\035\016\004\026\004\024\112
-\170\062\122\021\333\131\026\066\136\337\301\024\066\100\152\107
-\174\114\241\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\003\201\201\000\165\133\250\233\003\021\346\351\126\114
-\315\371\251\114\300\015\232\363\314\145\151\346\045\166\314\131
-\267\326\124\303\035\315\231\254\031\335\264\205\325\340\075\374
-\142\040\247\204\113\130\145\361\342\371\225\041\077\365\324\176
-\130\036\107\207\124\076\130\241\265\265\370\052\357\161\347\274
-\303\366\261\111\106\342\327\240\153\345\126\172\232\047\230\174
-\106\142\024\347\311\374\156\003\022\171\200\070\035\110\202\215
-\374\027\376\052\226\053\265\142\246\246\075\275\177\222\131\315
-\132\052\202\262\067\171
-END
-
-# Trust for Certificate "Equifax Secure eBusiness CA 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\332\100\030\213\221\211\243\355\356\256\332\227\376\057\235\365
-\267\321\212\101
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\144\234\357\056\104\374\306\217\122\007\320\121\163\217\313\075
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\123\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\034\060\032\006\003\125\004\012\023\023\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\040\111\156\143\056\061\046\060
-\044\006\003\125\004\003\023\035\105\161\165\151\146\141\170\040
-\123\145\143\165\162\145\040\145\102\165\163\151\156\145\163\163
-\040\103\101\055\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Equifax Secure eBusiness CA 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004
-\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004
-\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\067\160\317\265
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\040\060\202\002\211\240\003\002\001\002\002\004\067
-\160\317\265\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003
-\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143
-\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101
-\055\062\060\036\027\015\071\071\060\066\062\063\061\062\061\064
-\064\065\132\027\015\061\071\060\066\062\063\061\062\061\064\064
-\065\132\060\116\061\013\060\011\006\003\125\004\006\023\002\125
-\123\061\027\060\025\006\003\125\004\012\023\016\105\161\165\151
-\146\141\170\040\123\145\143\165\162\145\061\046\060\044\006\003
-\125\004\013\023\035\105\161\165\151\146\141\170\040\123\145\143
-\165\162\145\040\145\102\165\163\151\156\145\163\163\040\103\101
-\055\062\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\344
-\071\071\223\036\122\006\033\050\066\370\262\243\051\305\355\216
-\262\021\275\376\353\347\264\164\302\217\377\005\347\331\235\006
-\277\022\310\077\016\362\326\321\044\262\021\336\321\163\011\212
-\324\261\054\230\011\015\036\120\106\262\203\246\105\215\142\150
-\273\205\033\040\160\062\252\100\315\246\226\137\304\161\067\077
-\004\363\267\101\044\071\007\032\036\056\141\130\240\022\013\345
-\245\337\305\253\352\067\161\314\034\310\067\072\271\227\122\247
-\254\305\152\044\224\116\234\173\317\300\152\326\337\041\275\002
-\003\001\000\001\243\202\001\011\060\202\001\005\060\160\006\003
-\125\035\037\004\151\060\147\060\145\240\143\240\141\244\137\060
-\135\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141\170
-\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004\013
-\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162\145
-\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062\061
-\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060\032
-\006\003\125\035\020\004\023\060\021\201\017\062\060\061\071\060
-\066\062\063\061\062\061\064\064\065\132\060\013\006\003\125\035
-\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030
-\060\026\200\024\120\236\013\352\257\136\271\040\110\246\120\152
-\313\375\330\040\172\247\202\166\060\035\006\003\125\035\016\004
-\026\004\024\120\236\013\352\257\136\271\040\110\246\120\152\313
-\375\330\040\172\247\202\166\060\014\006\003\125\035\023\004\005
-\060\003\001\001\377\060\032\006\011\052\206\110\206\366\175\007
-\101\000\004\015\060\013\033\005\126\063\056\060\143\003\002\006
-\300\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\003\201\201\000\014\206\202\255\350\116\032\365\216\211\047\342
-\065\130\075\051\264\007\217\066\120\225\277\156\301\236\353\304
-\220\262\205\250\273\267\102\340\017\007\071\337\373\236\220\262
-\321\301\076\123\237\003\104\260\176\113\364\157\344\174\037\347
-\342\261\344\270\232\357\303\275\316\336\013\062\064\331\336\050
-\355\063\153\304\324\327\075\022\130\253\175\011\055\313\160\365
-\023\212\224\241\047\244\326\160\305\155\224\265\311\175\235\240
-\322\306\010\111\331\146\233\246\323\364\013\334\305\046\127\341
-\221\060\352\315
-END
-
-# Trust for Certificate "Equifax Secure eBusiness CA 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Equifax Secure eBusiness CA 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\071\117\366\205\013\006\276\122\345\030\126\314\020\341\200\350
-\202\263\205\314
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\252\277\277\144\227\332\230\035\157\306\010\072\225\160\063\312
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\116\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\105\161\165\151\146\141
-\170\040\123\145\143\165\162\145\061\046\060\044\006\003\125\004
-\013\023\035\105\161\165\151\146\141\170\040\123\145\143\165\162
-\145\040\145\102\165\163\151\156\145\163\163\040\103\101\055\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\067\160\317\265
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Visa International Global Root 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\035
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\130\060\202\002\100\240\003\002\001\002\002\002\003
-\035\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\060
-\036\027\015\060\060\060\070\061\066\062\061\065\062\060\060\132
-\027\015\062\060\060\070\061\065\062\063\065\071\060\060\132\060
-\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061\015
-\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057\060
-\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156\164
-\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166\151
-\143\145\040\101\163\163\157\143\151\141\164\151\157\156\060\202
-\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
-\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\305
-\035\115\163\101\225\341\040\264\154\154\316\147\352\165\006\254
-\304\004\302\140\057\010\222\317\040\355\156\251\311\161\046\126
-\242\375\332\273\014\370\225\011\311\371\362\035\317\104\225\355
-\061\112\332\155\340\275\374\165\026\226\302\357\012\172\014\307
-\270\264\220\106\056\251\027\012\340\107\104\204\174\034\075\040
-\106\006\103\103\205\162\353\135\341\003\274\062\232\313\356\011
-\306\127\025\263\056\332\062\140\247\022\230\222\233\323\312\043
-\102\260\043\367\120\151\116\214\233\150\241\067\060\222\311\041
-\057\150\212\240\326\204\251\130\115\014\353\125\075\272\012\106
-\110\372\302\276\271\007\300\354\275\223\064\171\071\075\267\232
-\064\240\014\075\243\377\232\204\346\372\340\077\252\124\204\001
-\063\112\205\306\250\024\136\025\301\327\140\325\360\151\170\151
-\144\170\327\024\356\023\330\243\362\377\165\141\070\154\324\046
-\262\327\150\210\031\147\016\353\341\277\274\216\232\352\310\224
-\351\266\314\370\025\205\223\155\146\167\053\261\027\013\210\046
-\154\106\242\337\316\103\245\156\367\375\033\107\156\130\367\002
-\003\001\000\001\243\102\060\100\060\016\006\003\125\035\017\001
-\001\377\004\004\003\002\001\006\060\017\006\003\125\035\023\001
-\001\377\004\005\060\003\001\001\377\060\035\006\003\125\035\016
-\004\026\004\024\313\303\306\143\312\336\161\177\333\247\327\377
-\102\164\366\313\314\266\120\062\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\266\030\204\244
-\276\346\177\315\373\106\221\024\175\000\100\167\167\206\271\215
-\161\035\234\376\361\330\345\001\077\331\242\140\033\315\272\163
-\064\054\356\136\004\222\304\042\104\126\354\352\373\367\311\001
-\026\375\350\050\355\370\336\375\074\076\056\230\214\215\343\170
-\342\317\216\213\340\257\301\215\140\024\202\202\126\261\207\056
-\360\351\022\025\035\076\151\012\255\216\246\130\364\231\374\021
-\106\356\367\311\355\306\257\054\271\206\045\322\227\376\117\235
-\330\062\341\302\146\121\163\206\015\335\165\343\212\372\364\212
-\065\146\335\210\147\255\171\250\374\151\365\333\372\257\225\264
-\234\220\037\137\301\026\311\310\010\200\032\327\003\362\136\161
-\243\126\143\036\105\066\175\161\276\061\147\164\206\057\331\354
-\210\302\040\275\231\115\075\125\005\320\242\132\114\125\042\230
-\320\361\165\364\027\372\330\343\376\342\024\340\017\145\372\262
-\326\151\054\063\120\311\047\240\254\220\061\113\024\345\353\143
-\144\340\075\343\374\022\112\305\226\202\055\332\045\071\376\324
-\177\056\101\307\142\110\327\161\105\073\170\222
-END
-
-# Trust for Certificate "Visa International Global Root 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\106\260\324\152\346\120\054\267\223\205\000\010\220\373\363\120
-\251\310\140\157
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\031\152\006\154\335\311\017\266\024\321\311\373\163\077\005\317
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\115\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\035
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Visa International Global Root 2"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 2"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\036
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\200\060\202\002\150\240\003\002\001\002\002\002\003
-\036\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062\060\036\027\015\060\060\060\070\061\066\062\062\065
-\061\060\060\132\027\015\062\060\060\070\061\065\062\063\065\071
-\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123
-\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141
-\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123
-\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151
-\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040
-\122\157\157\164\040\062\060\202\001\042\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
-\001\012\002\202\001\001\000\251\001\160\265\252\304\100\360\253
-\152\046\141\171\031\000\374\277\233\067\131\014\257\157\144\033
-\370\332\225\224\044\151\063\021\160\312\343\126\164\242\027\127
-\144\134\040\006\341\326\357\161\267\073\367\253\301\151\320\111
-\244\261\004\327\364\127\142\211\134\260\165\055\027\044\151\343
-\102\140\344\356\164\326\253\200\126\330\210\050\341\373\155\042
-\375\043\174\106\163\117\176\124\163\036\250\054\125\130\165\267
-\114\363\132\105\245\002\032\372\332\235\303\105\303\042\136\363
-\213\361\140\051\322\307\137\264\014\072\121\203\357\060\370\324
-\347\307\362\372\231\243\042\120\276\371\005\067\243\255\355\232
-\303\346\354\210\033\266\031\047\033\070\213\200\115\354\271\307
-\305\211\313\374\032\062\355\043\360\265\001\130\371\366\217\340
-\205\251\114\011\162\071\022\333\263\365\317\116\142\144\332\306
-\031\025\072\143\035\351\027\125\241\114\042\074\064\062\106\370
-\145\127\272\053\357\066\214\152\372\331\331\104\364\252\335\204
-\327\015\034\262\124\254\062\205\264\144\015\336\101\273\261\064
-\306\001\206\062\144\325\237\002\003\001\000\001\243\102\060\100
-\060\035\006\003\125\035\016\004\026\004\024\236\175\113\064\277
-\161\255\302\005\366\003\165\200\316\251\117\032\304\044\114\060
-\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
-\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
-\202\001\001\000\041\245\166\024\125\371\255\047\160\217\074\364
-\325\154\310\314\012\253\243\230\013\212\006\043\305\311\141\333
-\231\007\151\065\046\061\376\307\056\204\302\231\141\324\015\351
-\175\056\023\053\174\216\205\266\205\307\113\317\065\266\054\107
-\075\316\051\057\330\157\237\211\034\144\223\277\010\275\166\320
-\220\212\224\263\177\050\133\156\254\115\063\054\355\145\334\026
-\314\342\315\256\244\075\142\222\006\225\046\277\337\271\344\040
-\246\163\152\301\276\367\224\104\326\115\157\052\013\153\030\115
-\164\020\066\150\152\132\301\152\247\335\066\051\214\270\060\213
-\117\041\077\000\056\124\060\007\072\272\212\344\303\236\312\330
-\265\330\173\316\165\105\146\007\364\155\055\330\172\312\351\211
-\212\362\043\330\057\313\156\000\066\117\373\360\057\001\314\017
-\300\042\145\364\253\342\116\141\055\003\202\175\221\026\265\060
-\325\024\336\136\307\220\374\241\374\253\020\257\134\153\160\247
-\007\357\051\206\350\262\045\307\040\377\046\335\167\357\171\104
-\024\304\275\335\073\305\003\233\167\043\354\240\354\273\132\071
-\265\314\255\006
-END
-
-# Trust for Certificate "Visa International Global Root 2"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 2"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\311\015\033\352\210\075\247\321\027\276\073\171\364\041\016\032
-\130\224\247\055
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\065\110\225\066\112\124\132\162\226\216\340\144\314\357\054\214
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\062
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\036
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Visa International Global Root 3"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 3"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\063
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\037
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\200\060\202\002\150\240\003\002\001\002\002\002\003
-\037\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\063\060\036\027\015\060\060\060\070\061\066\062\063\063
-\064\060\060\132\027\015\062\060\060\070\061\065\062\063\065\071
-\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123
-\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141
-\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123
-\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151
-\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040
-\122\157\157\164\040\063\060\202\001\042\060\015\006\011\052\206
-\110\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202
-\001\012\002\202\001\001\000\272\354\103\270\064\352\243\147\337
-\167\011\037\032\020\242\036\251\116\225\114\164\347\014\334\154
-\306\230\320\253\372\027\044\232\147\243\111\024\144\211\217\223
-\022\057\357\217\330\316\020\004\213\205\300\334\057\274\051\230
-\257\234\102\305\313\322\226\317\364\245\305\055\156\115\214\070
-\216\262\152\010\231\325\221\033\250\355\063\223\111\135\313\347
-\025\103\155\122\361\310\350\327\332\060\340\230\052\251\133\243
-\303\321\001\003\201\135\176\266\011\225\350\333\062\156\375\072
-\303\265\236\233\375\131\031\040\263\043\300\342\152\356\104\226
-\200\357\150\011\100\224\302\267\063\111\203\345\311\256\055\040
-\067\220\030\075\040\066\332\171\071\257\270\127\237\172\357\140
-\052\041\204\370\377\240\071\041\323\330\155\124\307\303\152\074
-\310\134\037\056\107\162\024\154\125\113\011\006\315\216\305\153
-\013\347\007\107\072\175\222\137\175\017\260\134\063\127\203\203
-\077\036\204\250\171\220\237\227\116\042\334\165\042\310\156\057
-\326\320\313\166\341\014\127\227\341\046\217\051\204\123\362\345
-\216\223\312\113\212\114\065\002\003\001\000\001\243\102\060\100
-\060\035\006\003\125\035\016\004\026\004\024\242\134\156\015\145
-\010\301\367\116\133\311\155\360\320\126\033\071\202\103\273\060
-\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
-\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001\006
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
-\202\001\001\000\003\215\126\010\263\241\255\375\163\102\331\147
-\054\156\232\317\277\036\310\115\362\115\322\331\067\311\070\104
-\215\256\211\014\357\214\231\053\112\223\365\155\254\146\112\077
-\127\152\020\245\242\032\023\246\054\352\142\347\200\371\275\375
-\344\377\332\021\237\071\130\155\365\103\362\364\375\246\277\235
-\261\253\232\106\007\337\341\360\133\077\376\135\131\100\006\254
-\030\010\107\114\074\114\110\106\316\210\341\250\266\236\165\246
-\240\367\176\033\266\304\215\355\360\052\123\025\112\333\051\117
-\071\123\347\122\130\243\276\334\344\220\055\265\311\316\230\377
-\054\206\241\010\240\310\316\367\202\071\011\014\301\302\324\251
-\244\052\016\063\201\307\074\160\313\060\155\244\126\267\233\134
-\174\002\042\276\345\007\175\155\044\321\047\261\326\035\036\134
-\107\074\277\056\156\370\034\204\110\354\365\341\240\225\021\315
-\347\060\353\134\360\051\173\165\202\002\006\262\363\223\071\322
-\016\254\337\137\044\023\025\060\103\365\120\324\307\203\240\103
-\071\117\145\064\275\246\351\316\341\164\276\040\337\322\162\026
-\113\211\106\166
-END
-
-# Trust for Certificate "Visa International Global Root 3"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 3"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\000\263\327\076\235\205\161\066\073\147\325\056\136\156\371\022
-\242\205\067\122
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\327\276\275\236\373\162\170\072\347\212\275\201\276\013\075\030
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\063
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\037
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Visa International Global Root 4"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 4"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\064
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\064
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\040
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\173\060\202\001\344\240\003\002\001\002\002\002\003
-\040\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\064\060\036\027\015\060\060\060\070\061\067\060\060\061
-\071\060\060\132\027\015\062\060\060\070\061\066\062\063\065\071
-\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123
-\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141
-\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123
-\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151
-\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040
-\122\157\157\164\040\064\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\270\353\360\217\240\346\361\343\000\077\136\162\236
-\256\004\017\364\117\316\312\332\142\063\352\356\132\302\301\366
-\056\070\211\264\015\317\241\256\271\061\263\375\246\307\266\304
-\154\203\014\200\141\070\072\012\276\034\001\240\031\033\347\373
-\162\155\222\143\233\246\257\063\364\264\133\032\350\050\336\114
-\347\067\361\024\361\340\027\340\024\110\354\104\035\171\245\116
-\252\341\244\204\167\275\313\115\266\352\160\176\137\252\027\054
-\113\133\260\352\205\324\151\250\021\351\053\067\035\273\246\004
-\356\233\101\002\003\001\000\001\243\102\060\100\060\035\006\003
-\125\035\016\004\026\004\024\103\306\110\100\300\017\306\030\132
-\111\111\345\201\200\006\115\137\335\324\205\060\017\006\003\125
-\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003
-\125\035\017\001\001\377\004\004\003\002\001\006\060\015\006\011
-\052\206\110\206\367\015\001\001\005\005\000\003\201\201\000\244
-\031\075\163\316\207\321\237\126\022\134\310\070\345\356\371\022
-\310\331\001\352\235\203\064\306\242\153\213\167\172\222\176\207
-\307\125\043\024\215\302\150\115\031\362\151\264\352\107\024\221
-\073\121\207\030\372\166\233\342\173\034\023\323\346\146\036\012
-\022\271\135\220\306\073\023\024\042\315\065\214\055\105\140\000
-\004\310\357\130\002\305\135\231\264\220\155\336\124\327\043\342
-\071\204\045\303\150\243\142\243\171\330\230\241\132\322\134\211
-\375\345\026\014\364\253\027\110\176\255\353\200\300\125\201
-END
-
-# Trust for Certificate "Visa International Global Root 4"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 4"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\231\001\027\355\035\374\376\140\054\136\120\175\140\223\051\223
-\214\100\014\146
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\010\107\110\253\040\057\157\302\163\013\262\025\005\041\036\312
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\064
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\040
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "Visa International Global Root 5"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 5"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\065
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\065
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\041
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\173\060\202\001\344\240\003\002\001\002\002\002\003
-\041\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\065\060\036\027\015\060\060\060\070\061\067\060\060\062
-\070\060\060\132\027\015\062\060\060\070\061\066\062\063\065\071
-\060\060\132\060\141\061\013\060\011\006\003\125\004\006\023\002
-\125\123\061\015\060\013\006\003\125\004\012\023\004\126\111\123
-\101\061\057\060\055\006\003\125\004\013\023\046\126\151\163\141
-\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\123
-\145\162\166\151\143\145\040\101\163\163\157\143\151\141\164\151
-\157\156\061\022\060\020\006\003\125\004\003\023\011\107\120\040
-\122\157\157\164\040\065\060\201\237\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\201\215\000\060\201\211\002
-\201\201\000\255\000\156\362\240\174\061\021\034\101\260\067\217
-\203\242\103\313\227\137\002\040\211\015\156\274\052\261\361\245
-\144\357\330\216\112\326\162\235\236\156\037\232\250\371\205\003
-\254\301\047\152\204\345\146\110\161\232\136\102\017\212\342\237
-\366\200\017\043\254\123\303\301\237\002\304\370\130\106\352\364
-\251\202\257\155\007\106\206\361\055\374\006\270\036\125\325\071
-\141\222\204\213\361\330\212\063\116\074\023\265\326\161\374\153
-\076\264\034\172\013\207\325\065\146\064\303\163\062\143\130\337
-\022\153\043\002\003\001\000\001\243\102\060\100\060\035\006\003
-\125\035\016\004\026\004\024\043\116\363\002\004\004\327\322\247
-\000\126\301\316\111\054\214\025\226\063\057\060\017\006\003\125
-\035\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003
-\125\035\017\001\001\377\004\004\003\002\001\006\060\015\006\011
-\052\206\110\206\367\015\001\001\005\005\000\003\201\201\000\074
-\224\001\207\362\310\317\341\217\256\271\013\342\034\175\361\031
-\255\321\355\366\001\133\066\123\012\200\076\256\064\126\147\160
-\156\103\124\116\171\315\213\325\120\031\062\330\111\070\064\375
-\266\163\111\353\016\111\172\277\032\367\352\007\050\045\273\025
-\111\034\121\112\125\232\070\057\055\017\130\371\171\321\002\145
-\023\214\131\237\020\177\135\027\074\164\362\265\352\167\201\066
-\206\157\062\133\005\264\015\243\046\147\360\344\065\016\107\275
-\153\301\221\235\013\364\077\232\021\174\224\026\147\266\230
-END
-
-# Trust for Certificate "Visa International Global Root 5"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Visa International Global Root 5"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\367\027\230\102\276\276\302\037\113\055\235\013\234\067\036\064
-\206\325\251\317
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\317\200\157\240\170\121\321\126\233\253\310\135\243\157\220\012
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\141\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\012\023\004\126\111\123\101\061\057
-\060\055\006\003\125\004\013\023\046\126\151\163\141\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\123\145\162\166
-\151\143\145\040\101\163\163\157\143\151\141\164\151\157\156\061
-\022\060\020\006\003\125\004\003\023\011\107\120\040\122\157\157
-\164\040\065
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\003\041
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "beTRUSTed Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061
-\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123
-\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163
-\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061
-\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123
-\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163
-\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\071\117\175\207
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\054\060\202\004\024\240\003\002\001\002\002\004\071
-\117\175\207\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\132\061\013\060\011\006\003\125\004\006\023\002\127
-\127\061\022\060\020\006\003\125\004\012\023\011\142\145\124\122
-\125\123\124\145\144\061\033\060\031\006\003\125\004\003\023\022
-\142\145\124\122\125\123\124\145\144\040\122\157\157\164\040\103
-\101\163\061\032\060\030\006\003\125\004\003\023\021\142\145\124
-\122\125\123\124\145\144\040\122\157\157\164\040\103\101\060\036
-\027\015\060\060\060\066\062\060\061\064\062\061\060\064\132\027
-\015\061\060\060\066\062\060\061\063\062\061\060\064\132\060\132
-\061\013\060\011\006\003\125\004\006\023\002\127\127\061\022\060
-\020\006\003\125\004\012\023\011\142\145\124\122\125\123\124\145
-\144\061\033\060\031\006\003\125\004\003\023\022\142\145\124\122
-\125\123\124\145\144\040\122\157\157\164\040\103\101\163\061\032
-\060\030\006\003\125\004\003\023\021\142\145\124\122\125\123\124
-\145\144\040\122\157\157\164\040\103\101\060\202\001\042\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001
-\017\000\060\202\001\012\002\202\001\001\000\324\264\163\172\023
-\012\070\125\001\276\211\126\341\224\236\324\276\132\353\112\064
-\165\033\141\051\304\341\255\010\140\041\170\110\377\264\320\372
-\136\101\215\141\104\207\350\355\311\130\372\374\223\232\337\117
-\352\076\065\175\370\063\172\346\361\327\315\157\111\113\075\117
-\055\156\016\203\072\030\170\167\243\317\347\364\115\163\330\232
-\073\032\035\276\225\123\317\040\227\302\317\076\044\122\154\014
-\216\145\131\305\161\377\142\011\217\252\305\217\314\140\240\163
-\112\327\070\077\025\162\277\242\227\267\160\350\257\342\176\026
-\006\114\365\252\144\046\162\007\045\255\065\374\030\261\046\327
-\330\377\031\016\203\033\214\334\170\105\147\064\075\364\257\034
-\215\344\155\153\355\040\263\147\232\264\141\313\027\157\211\065
-\377\347\116\300\062\022\347\356\354\337\377\227\060\164\355\215
-\107\216\353\264\303\104\346\247\114\177\126\103\350\270\274\266
-\276\372\203\227\346\273\373\304\266\223\276\031\030\076\214\201
-\271\163\210\026\364\226\103\234\147\163\027\220\330\011\156\143
-\254\112\266\043\304\001\241\255\244\344\305\002\003\001\000\001
-\243\202\001\370\060\202\001\364\060\017\006\003\125\035\023\001
-\001\377\004\005\060\003\001\001\377\060\202\001\131\006\003\125
-\035\040\004\202\001\120\060\202\001\114\060\202\001\110\006\012
-\053\006\001\004\001\261\076\001\000\000\060\202\001\070\060\202
-\001\001\006\010\053\006\001\005\005\007\002\002\060\201\364\032
-\201\361\122\145\154\151\141\156\143\145\040\157\156\040\164\150
-\151\163\040\143\145\162\164\151\146\151\143\141\164\145\040\142
-\171\040\141\156\171\040\160\141\162\164\171\040\141\163\163\165
-\155\145\163\040\141\143\143\145\160\164\141\156\143\145\040\157
-\146\040\164\150\145\040\164\150\145\156\040\141\160\160\154\151
-\143\141\142\154\145\040\163\164\141\156\144\141\162\144\040\164
-\145\162\155\163\040\141\156\144\040\143\157\156\144\151\164\151
-\157\156\163\040\157\146\040\165\163\145\054\040\141\156\144\040
-\143\145\162\164\151\146\151\143\141\164\151\157\156\040\160\162
-\141\143\164\151\143\145\040\163\164\141\164\145\155\145\156\164
-\054\040\167\150\151\143\150\040\143\141\156\040\142\145\040\146
-\157\165\156\144\040\141\164\040\142\145\124\122\125\123\124\145
-\144\047\163\040\167\145\142\040\163\151\164\145\054\040\150\164
-\164\160\163\072\057\057\167\167\167\056\142\145\124\122\125\123
-\124\145\144\056\143\157\155\057\166\141\165\154\164\057\164\145
-\162\155\163\060\061\006\010\053\006\001\005\005\007\002\001\026
-\045\150\164\164\160\163\072\057\057\167\167\167\056\142\145\124
-\122\125\123\124\145\144\056\143\157\155\057\166\141\165\154\164
-\057\164\145\162\155\163\060\064\006\003\125\035\037\004\055\060
-\053\060\051\240\047\240\045\244\043\060\041\061\022\060\020\006
-\003\125\004\012\023\011\142\145\124\122\125\123\124\145\144\061
-\013\060\011\006\003\125\004\006\023\002\127\127\060\035\006\003
-\125\035\016\004\026\004\024\052\271\233\151\056\073\233\330\315
-\336\052\061\004\064\153\312\007\030\253\147\060\037\006\003\125
-\035\043\004\030\060\026\200\024\052\271\233\151\056\073\233\330
-\315\336\052\061\004\064\153\312\007\030\253\147\060\016\006\003
-\125\035\017\001\001\377\004\004\003\002\001\376\060\015\006\011
-\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001\000
-\171\141\333\243\136\156\026\261\352\166\121\371\313\025\233\313
-\151\276\346\201\153\237\050\037\145\076\335\021\205\222\324\350
-\101\277\176\063\275\043\347\361\040\277\244\264\246\031\001\306
-\214\215\065\174\145\244\117\011\244\326\330\043\025\005\023\247
-\103\171\257\333\243\016\233\173\170\032\363\004\206\132\306\366
-\214\040\107\070\111\120\006\235\162\147\072\360\230\003\255\226
-\147\104\374\077\020\015\206\115\344\000\073\051\173\316\073\073
-\231\206\141\045\100\204\334\023\142\267\372\312\131\326\003\036
-\326\123\001\315\155\114\150\125\100\341\356\153\307\052\000\000
-\110\202\263\012\001\303\140\052\014\367\202\065\356\110\206\226
-\344\164\324\075\352\001\161\272\004\165\100\247\251\177\071\071
-\232\125\227\051\145\256\031\125\045\005\162\107\323\350\030\334
-\270\351\257\103\163\001\022\164\243\341\134\137\025\135\044\363
-\371\344\364\266\147\147\022\347\144\042\212\366\245\101\246\034
-\266\140\143\105\212\020\264\272\106\020\256\101\127\145\154\077
-\043\020\077\041\020\131\267\344\100\335\046\014\043\366\252\256
-END
-
-# Trust for Certificate "beTRUSTed Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "beTRUSTed Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\133\315\315\314\146\366\334\344\104\037\343\175\134\303\023\114
-\106\364\160\070
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\205\312\166\132\033\321\150\042\334\242\043\022\312\306\200\064
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\132\061\013\060\011\006\003\125\004\006\023\002\127\127\061
-\022\060\020\006\003\125\004\012\023\011\142\145\124\122\125\123
-\124\145\144\061\033\060\031\006\003\125\004\003\023\022\142\145
-\124\122\125\123\124\145\144\040\122\157\157\164\040\103\101\163
-\061\032\060\030\006\003\125\004\003\023\021\142\145\124\122\125
-\123\124\145\144\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\071\117\175\207
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Xcert Root CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert Root CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\073\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\026\060\024\006\003\125\004\013\023\015
-\130\143\145\162\164\040\122\157\157\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\073\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\026\060\024\006\003\125\004\013\023\015
-\130\143\145\162\164\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\002\000\000\000\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\143\060\202\002\113\240\003\002\001\002\002\020\012
-\001\001\001\000\000\002\174\000\000\000\002\000\000\000\002\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\073
-\061\041\060\037\006\003\125\004\012\023\030\130\143\145\162\164
-\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\111
-\156\143\056\061\026\060\024\006\003\125\004\013\023\015\130\143
-\145\162\164\040\122\157\157\164\040\103\101\060\036\027\015\060
-\060\060\070\061\070\061\070\061\070\061\067\132\027\015\062\065
-\060\070\061\065\061\071\060\063\061\067\132\060\073\061\041\060
-\037\006\003\125\004\012\023\030\130\143\145\162\164\040\111\156
-\164\145\162\156\141\164\151\157\156\141\154\040\111\156\143\056
-\061\026\060\024\006\003\125\004\013\023\015\130\143\145\162\164
-\040\122\157\157\164\040\103\101\060\202\001\042\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017\000
-\060\202\001\012\002\202\001\001\000\250\264\141\213\035\034\076
-\220\173\160\062\100\155\215\026\312\065\141\141\265\342\373\025
-\311\364\041\136\201\033\317\042\234\254\253\273\140\320\240\063
-\336\021\123\032\011\017\073\032\023\251\324\207\314\130\367\055
-\122\251\242\302\251\072\355\317\064\235\241\002\357\270\362\270
-\053\127\210\020\223\265\251\065\143\273\005\102\103\042\177\277
-\160\136\323\050\245\125\050\040\113\223\111\217\247\277\075\100
-\050\015\021\257\162\046\011\005\064\011\305\253\001\223\127\241
-\254\146\124\230\042\234\043\353\272\014\144\234\266\075\373\342
-\306\226\302\317\013\117\352\310\060\372\212\053\312\034\021\226
-\032\051\000\214\353\162\324\121\105\251\235\167\040\325\022\273
-\265\362\177\006\070\202\115\175\222\036\350\325\372\310\051\107
-\151\032\025\021\214\257\246\054\301\050\364\151\133\151\236\344
-\074\023\356\300\241\140\352\101\277\302\142\113\155\242\067\204
-\072\076\363\260\062\256\212\153\154\023\363\072\041\012\173\226
-\130\063\051\136\156\250\312\151\242\276\216\006\105\135\361\146
-\071\125\112\034\132\044\261\113\321\002\003\001\000\001\243\143
-\060\141\060\017\006\003\125\035\023\001\001\377\004\005\060\003
-\001\001\377\060\016\006\003\125\035\017\001\001\377\004\004\003
-\002\001\006\060\037\006\003\125\035\043\004\030\060\026\200\024
-\104\250\111\070\165\061\154\253\050\347\161\362\330\324\310\257
-\101\017\107\221\060\035\006\003\125\035\016\004\026\004\024\104
-\250\111\070\165\061\154\253\050\347\161\362\330\324\310\257\101
-\017\107\221\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\202\001\001\000\075\163\136\245\012\273\265\021\303
-\361\147\321\022\032\242\107\051\021\114\116\131\067\040\206\011
-\100\362\105\361\111\171\071\032\075\045\327\057\051\320\010\005
-\025\024\373\344\104\154\077\176\136\265\122\330\221\130\074\226
-\373\324\112\357\361\056\301\126\036\114\151\014\331\140\035\112
-\107\047\265\003\063\333\030\273\333\123\236\241\173\121\152\220
-\323\245\025\310\202\013\300\267\067\062\165\205\124\136\125\020
-\174\221\073\251\053\140\306\061\166\254\304\060\111\003\304\266
-\126\100\245\360\143\257\151\112\210\257\327\253\013\356\072\333
-\275\023\203\250\073\242\351\271\105\365\121\115\224\360\131\251
-\333\241\067\147\322\024\236\247\173\327\031\252\025\043\153\151
-\165\321\023\076\130\364\363\001\350\210\304\224\126\311\300\376
-\337\117\107\125\037\153\201\116\124\355\023\137\162\374\046\206
-\004\066\217\117\022\115\234\120\342\116\132\126\254\271\375\054
-\037\130\173\005\022\007\143\070\357\031\343\364\074\221\132\242
-\045\142\127\274\306\224\240\167\234\317\064\142\340\277\373\165
-\074\351\033\046\033\234\144
-END
-
-# Trust for Certificate "Xcert Root CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert Root CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\041\021\164\054\135\202\325\257\325\231\114\122\004\123\125\050
-\104\361\154\261
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\226\201\231\014\155\262\211\205\303\331\200\234\063\273\076\031
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\073\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\026\060\024\006\003\125\004\013\023\015
-\130\143\145\162\164\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\002\000\000\000\002
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Xcert Root CA 1024"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert Root CA 1024"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\100\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\033\060\031\006\003\125\004\013\023\022
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\061\060
-\062\064
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\100\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\033\060\031\006\003\125\004\013\023\022
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\061\060
-\062\064
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\003\000\000\000\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\150\060\202\001\321\240\003\002\001\002\002\020\012
-\001\001\001\000\000\002\174\000\000\000\003\000\000\000\002\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\100
-\061\041\060\037\006\003\125\004\012\023\030\130\143\145\162\164
-\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\111
-\156\143\056\061\033\060\031\006\003\125\004\013\023\022\130\143
-\145\162\164\040\122\157\157\164\040\103\101\040\061\060\062\064
-\060\036\027\015\060\060\060\070\061\070\061\070\063\061\063\062
-\132\027\015\062\065\060\070\061\065\061\071\060\060\065\066\132
-\060\100\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\033\060\031\006\003\125\004\013\023\022
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\061\060
-\062\064\060\201\237\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000\326
-\276\067\211\021\251\242\367\107\054\052\317\152\000\046\145\050
-\104\244\212\344\336\240\103\125\231\104\153\274\156\270\307\316
-\306\143\266\323\350\157\305\230\053\044\221\270\236\242\272\161
-\110\336\064\040\041\172\326\322\305\211\062\245\211\306\334\205
-\204\124\362\236\110\355\314\104\266\006\377\216\304\316\131\255
-\237\154\351\042\130\301\077\024\012\103\200\207\031\122\120\343
-\050\007\310\254\030\342\261\032\252\243\342\140\267\166\121\007
-\051\071\136\110\351\146\160\201\056\070\232\275\031\175\353\002
-\003\001\000\001\243\143\060\141\060\017\006\003\125\035\023\001
-\001\377\004\005\060\003\001\001\377\060\016\006\003\125\035\017
-\001\001\377\004\004\003\002\001\006\060\037\006\003\125\035\043
-\004\030\060\026\200\024\204\171\307\117\007\131\261\153\301\072
-\065\272\270\364\325\231\047\310\272\016\060\035\006\003\125\035
-\016\004\026\004\024\204\171\307\117\007\131\261\153\301\072\065
-\272\270\364\325\231\047\310\272\016\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\201\201\000\163\260\341\000
-\355\256\150\322\140\003\106\353\371\034\361\245\246\174\134\062
-\174\354\002\141\323\034\035\163\061\054\272\216\275\111\115\310
-\335\331\167\165\101\347\222\041\232\154\051\333\247\154\160\206
-\240\134\303\344\363\062\314\001\204\131\327\210\071\070\363\250
-\342\342\032\260\227\315\053\027\334\144\004\017\252\152\163\224
-\326\353\010\306\200\151\115\336\172\325\305\067\361\222\027\074
-\155\323\212\041\314\144\020\252\336\142\207\037\217\270\370\252
-\165\112\364\010\054\365\334\146\317\303\070\176
-END
-
-# Trust for Certificate "Xcert Root CA 1024"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert Root CA 1024"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\054\245\040\131\044\213\336\160\224\354\326\313\143\116\176\051
-\207\004\113\220
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\304\040\322\322\017\140\113\244\062\340\221\324\040\113\111\270
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\100\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\033\060\031\006\003\125\004\013\023\022
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\061\060
-\062\064
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\003\000\000\000\002
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Xcert Root CA v1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert Root CA v1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\076\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\031\060\027\006\003\125\004\013\023\020
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\076\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\031\060\027\006\003\125\004\013\023\020
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\004\000\000\000\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\377\060\202\001\347\002\020\012\001\001\001\000\000
-\002\174\000\000\000\004\000\000\000\002\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\076\061\041\060\037\006
-\003\125\004\012\023\030\130\143\145\162\164\040\111\156\164\145
-\162\156\141\164\151\157\156\141\154\040\111\156\143\056\061\031
-\060\027\006\003\125\004\013\023\020\130\143\145\162\164\040\122
-\157\157\164\040\103\101\040\166\061\060\036\027\015\060\060\060
-\070\061\070\061\070\064\060\065\060\132\027\015\062\065\060\070
-\061\065\061\071\060\060\063\070\132\060\076\061\041\060\037\006
-\003\125\004\012\023\030\130\143\145\162\164\040\111\156\164\145
-\162\156\141\164\151\157\156\141\154\040\111\156\143\056\061\031
-\060\027\006\003\125\004\013\023\020\130\143\145\162\164\040\122
-\157\157\164\040\103\101\040\166\061\060\202\001\042\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\202\001\017
-\000\060\202\001\012\002\202\001\001\000\301\222\253\362\266\065
-\066\002\110\017\205\364\116\057\202\145\315\110\276\261\267\075
-\263\173\256\272\062\064\206\074\230\277\370\260\275\373\302\314
-\366\011\227\070\134\215\245\043\116\341\310\204\346\220\147\164
-\073\243\366\156\231\053\217\303\007\322\227\121\007\117\004\313
-\236\262\370\074\367\070\346\226\112\072\353\025\157\347\142\346
-\103\063\007\262\015\132\317\225\051\071\147\210\023\043\324\214
-\155\137\216\041\340\061\363\265\334\231\305\304\355\205\020\176
-\222\324\242\035\074\037\013\263\043\346\300\313\044\233\154\020
-\246\315\024\326\243\235\123\217\367\036\101\232\266\033\035\010
-\134\367\071\101\303\036\336\114\046\243\140\174\056\023\207\221
-\154\327\302\043\057\347\175\031\037\315\133\352\230\305\271\106
-\175\065\106\344\173\213\112\331\223\340\006\253\300\314\112\375
-\333\332\013\060\077\270\134\340\007\023\250\305\060\374\274\206
-\366\252\277\016\143\057\217\111\162\020\321\236\205\371\101\355
-\110\074\170\014\375\240\052\006\033\257\323\335\147\057\354\110
-\057\121\111\066\042\267\110\315\111\357\002\003\001\000\001\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202
-\001\001\000\250\334\263\040\056\375\127\110\020\017\346\215\140
-\122\033\166\035\234\146\240\157\372\150\006\330\247\234\313\241
-\014\216\045\350\256\307\337\072\160\255\251\370\052\044\274\274
-\307\252\307\011\267\273\020\351\037\132\325\242\001\106\213\005
-\304\243\165\111\013\100\307\261\153\237\333\130\026\143\062\204
-\132\020\215\142\226\253\230\146\233\272\372\126\010\033\272\142
-\363\357\071\153\374\144\261\311\256\357\136\224\341\242\200\371
-\010\203\026\022\066\226\331\011\220\331\230\072\257\075\205\330
-\221\052\222\034\134\271\314\325\134\163\070\216\173\163\122\014
-\272\237\362\216\277\310\174\012\023\272\162\221\240\073\040\357
-\211\052\303\014\200\151\126\163\020\364\140\031\340\036\026\112
-\144\253\374\106\072\320\013\323\227\261\134\331\234\254\030\072
-\040\007\172\042\371\267\020\145\272\354\346\123\324\252\344\303
-\101\274\233\337\302\335\232\001\106\324\216\105\355\311\312\026
-\064\204\215\062\124\074\124\142\220\215\032\146\122\315\372\034
-\314\014\374\261\343\223\310\247\331\353\150\143\217\320\176\056
-\055\335\051
-END
-
-# Trust for Certificate "Xcert Root CA v1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert Root CA v1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\252\070\226\073\042\304\350\333\032\031\107\202\076\257\220\003
-\207\102\254\345
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\111\216\265\061\147\112\303\226\274\213\257\160\026\303\005\111
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\076\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\031\060\027\006\003\125\004\013\023\020
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\004\000\000\000\002
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Xcert Root CA v1 1024"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert Root CA v1 1024"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\103\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\036\060\034\006\003\125\004\013\023\025
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061
-\040\061\060\062\064
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\103\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\036\060\034\006\003\125\004\013\023\025
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061
-\040\061\060\062\064
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\005\000\000\000\002
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\004\060\202\001\155\002\020\012\001\001\001\000\000
-\002\174\000\000\000\005\000\000\000\002\060\015\006\011\052\206
-\110\206\367\015\001\001\005\005\000\060\103\061\041\060\037\006
-\003\125\004\012\023\030\130\143\145\162\164\040\111\156\164\145
-\162\156\141\164\151\157\156\141\154\040\111\156\143\056\061\036
-\060\034\006\003\125\004\013\023\025\130\143\145\162\164\040\122
-\157\157\164\040\103\101\040\166\061\040\061\060\062\064\060\036
-\027\015\060\060\060\070\061\070\061\070\065\060\065\066\132\027
-\015\062\065\060\070\061\065\061\071\060\061\060\070\132\060\103
-\061\041\060\037\006\003\125\004\012\023\030\130\143\145\162\164
-\040\111\156\164\145\162\156\141\164\151\157\156\141\154\040\111
-\156\143\056\061\036\060\034\006\003\125\004\013\023\025\130\143
-\145\162\164\040\122\157\157\164\040\103\101\040\166\061\040\061
-\060\062\064\060\201\237\060\015\006\011\052\206\110\206\367\015
-\001\001\001\005\000\003\201\215\000\060\201\211\002\201\201\000
-\247\011\303\322\251\246\031\160\354\051\351\105\173\066\340\352
-\076\311\231\160\100\321\266\140\364\335\043\307\131\171\235\036
-\245\276\065\143\000\346\300\056\154\100\123\346\321\166\106\361
-\240\313\203\105\124\230\031\317\173\232\070\370\164\063\063\077
-\251\045\040\050\046\135\050\161\106\206\040\075\060\053\253\346
-\115\372\077\352\104\100\114\373\163\324\334\226\164\364\116\344
-\152\035\033\227\240\174\060\341\300\163\266\015\242\167\172\361
-\030\370\112\161\161\236\370\250\165\376\142\370\252\075\317\175
-\002\003\001\000\001\060\015\006\011\052\206\110\206\367\015\001
-\001\005\005\000\003\201\201\000\173\323\325\114\177\114\242\176
-\174\327\126\141\331\225\230\205\212\327\111\334\214\107\252\007
-\354\270\333\171\044\236\347\245\222\127\146\011\217\024\260\376
-\004\362\275\121\020\270\070\303\241\022\333\220\203\176\265\143
-\130\253\063\255\227\036\106\120\102\020\254\310\253\055\035\065
-\154\306\346\103\120\050\003\241\254\373\021\225\377\351\325\112
-\017\221\345\003\344\210\060\074\034\166\321\227\360\012\324\207
-\240\014\232\217\141\316\332\176\162\263\073\120\300\200\204\017
-\041\040\224\150\052\332\214\276
-END
-
-# Trust for Certificate "Xcert Root CA v1 1024"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert Root CA v1 1024"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\042\072\107\064\216\347\211\332\165\206\073\031\062\260\146\340
-\264\121\247\064
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\100\212\076\322\066\036\040\237\374\055\066\253\350\371\202\062
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\103\061\041\060\037\006\003\125\004\012\023\030\130\143\145
-\162\164\040\111\156\164\145\162\156\141\164\151\157\156\141\154
-\040\111\156\143\056\061\036\060\034\006\003\125\004\013\023\025
-\130\143\145\162\164\040\122\157\157\164\040\103\101\040\166\061
-\040\061\060\062\064
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\012\001\001\001\000\000\002\174\000\000\000\005\000\000\000\002
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Xcert EZ"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert EZ"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\214\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\030\060\026\006\003\125\004
-\012\023\017\130\143\145\162\164\040\105\132\040\142\171\040\104
-\123\124\061\030\060\026\006\003\125\004\003\023\017\130\143\145
-\162\164\040\105\132\040\142\171\040\104\123\124\061\041\060\037
-\006\011\052\206\110\206\367\015\001\011\001\026\022\143\141\100
-\144\151\147\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\214\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\030\060\026\006\003\125\004
-\012\023\017\130\143\145\162\164\040\105\132\040\142\171\040\104
-\123\124\061\030\060\026\006\003\125\004\003\023\017\130\143\145
-\162\164\040\105\132\040\142\171\040\104\123\124\061\041\060\037
-\006\011\052\206\110\206\367\015\001\011\001\026\022\143\141\100
-\144\151\147\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\220\000\000\047\113\000\000\000\001\000\000\000
-\004
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\370\060\202\002\340\240\003\002\001\002\002\021\000
-\320\036\100\220\000\000\047\113\000\000\000\001\000\000\000\004
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\214\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061\027
-\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141
-\153\145\040\103\151\164\171\061\030\060\026\006\003\125\004\012
-\023\017\130\143\145\162\164\040\105\132\040\142\171\040\104\123
-\124\061\030\060\026\006\003\125\004\003\023\017\130\143\145\162
-\164\040\105\132\040\142\171\040\104\123\124\061\041\060\037\006
-\011\052\206\110\206\367\015\001\011\001\026\022\143\141\100\144
-\151\147\163\151\147\164\162\165\163\164\056\143\157\155\060\036
-\027\015\071\071\060\067\061\064\061\066\061\064\061\070\132\027
-\015\060\071\060\067\061\061\061\066\061\064\061\070\132\060\201
-\214\061\013\060\011\006\003\125\004\006\023\002\125\123\061\015
-\060\013\006\003\125\004\010\023\004\125\164\141\150\061\027\060
-\025\006\003\125\004\007\023\016\123\141\154\164\040\114\141\153
-\145\040\103\151\164\171\061\030\060\026\006\003\125\004\012\023
-\017\130\143\145\162\164\040\105\132\040\142\171\040\104\123\124
-\061\030\060\026\006\003\125\004\003\023\017\130\143\145\162\164
-\040\105\132\040\142\171\040\104\123\124\061\041\060\037\006\011
-\052\206\110\206\367\015\001\011\001\026\022\143\141\100\144\151
-\147\163\151\147\164\162\165\163\164\056\143\157\155\060\202\001
-\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
-\003\202\001\017\000\060\202\001\012\002\202\001\001\000\255\124
-\030\336\264\277\367\255\350\164\252\355\213\174\217\302\324\165
-\032\325\204\271\266\142\374\211\357\344\227\141\222\373\035\270
-\341\132\107\064\236\236\006\042\373\323\352\070\313\270\213\007
-\367\032\240\027\167\007\132\060\034\324\051\070\040\327\047\100
-\330\120\223\103\277\322\030\242\051\166\005\162\252\153\266\151
-\230\253\171\036\034\145\365\152\213\374\305\026\252\242\162\332
-\140\355\116\156\031\045\172\012\035\060\343\120\233\102\074\104
-\353\241\260\040\036\333\002\176\376\075\037\277\320\000\212\333
-\100\166\246\030\245\025\247\127\266\122\302\001\027\230\167\217
-\212\201\306\032\264\152\052\346\257\251\326\000\254\317\330\025
-\111\174\333\033\241\376\201\372\207\371\323\220\301\002\300\371
-\320\102\351\221\150\045\137\306\277\207\071\351\225\000\140\050
-\277\203\054\300\347\136\266\327\066\026\347\140\207\166\350\347
-\047\262\045\015\213\172\345\252\035\345\131\315\316\013\016\157
-\306\310\234\343\020\331\205\071\323\267\233\372\306\272\174\164
-\322\135\165\126\253\164\244\242\121\277\122\174\356\161\002\003
-\001\000\001\243\123\060\121\060\017\006\003\125\035\023\001\001
-\377\004\005\060\003\001\001\377\060\037\006\003\125\035\043\004
-\030\060\026\200\024\010\040\154\146\353\201\012\154\134\325\265
-\246\074\101\335\034\226\221\047\167\060\035\006\003\125\035\016
-\004\026\004\024\010\040\154\146\353\201\012\154\134\325\265\246
-\074\101\335\034\226\221\047\167\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\132\207\130\217
-\055\253\166\041\153\124\014\331\361\101\366\116\315\053\236\343
-\037\233\243\055\177\331\053\175\130\310\147\244\051\365\351\354
-\325\275\226\077\243\163\370\304\133\066\174\320\143\054\064\071
-\233\110\270\075\157\366\024\305\236\143\346\247\064\156\323\350
-\063\263\307\074\030\156\043\256\103\222\231\077\230\305\151\060
-\361\066\073\255\271\060\202\326\266\131\026\226\002\013\051\022
-\141\264\021\211\367\014\057\224\220\205\230\050\234\123\154\176
-\143\335\163\364\031\377\112\201\321\262\122\043\375\074\112\064
-\316\132\033\340\120\212\355\117\201\225\330\140\347\344\304\015
-\273\130\076\130\367\116\150\157\076\147\311\313\172\227\026\047
-\354\102\141\024\166\273\000\305\353\010\075\025\177\113\266\042
-\135\207\073\220\364\363\300\376\067\263\351\331\142\014\300\303
-\131\257\140\275\037\015\333\241\064\037\060\304\075\213\255\260
-\035\004\223\355\137\325\344\277\040\060\004\364\110\351\063\001
-\321\056\220\047\122\263\233\336\072\034\253\251\227\177\233\353
-\302\215\302\155\354\334\023\323\106\305\171\174
-END
-
-# Trust for Certificate "Xcert EZ"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Xcert EZ"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\150\355\030\263\011\315\122\221\300\323\065\174\035\021\101\277
-\210\070\146\261
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\202\022\367\211\341\013\221\140\244\266\042\237\224\150\021\222
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\214\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\015\060\013\006\003\125\004\010\023\004\125\164\141\150\061
-\027\060\025\006\003\125\004\007\023\016\123\141\154\164\040\114
-\141\153\145\040\103\151\164\171\061\030\060\026\006\003\125\004
-\012\023\017\130\143\145\162\164\040\105\132\040\142\171\040\104
-\123\124\061\030\060\026\006\003\125\004\003\023\017\130\143\145
-\162\164\040\105\132\040\142\171\040\104\123\124\061\041\060\037
-\006\011\052\206\110\206\367\015\001\011\001\026\022\143\141\100
-\144\151\147\163\151\147\164\162\165\163\164\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\320\036\100\220\000\000\047\113\000\000\000\001\000\000\000
-\004
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "CertEngine CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "CertEngine CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\103\145\162\164\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\143
-\145\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\143\145\162
-\164\145\156\147\151\156\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\103\145\162\164\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\143
-\145\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\143\145\162
-\164\145\156\147\151\156\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\335\060\202\002\305\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101\061
-\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016
-\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\030
-\060\026\006\003\125\004\012\023\017\103\145\162\164\105\156\147
-\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125\004
-\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151\163
-\151\157\156\061\023\060\021\006\003\125\004\003\023\012\143\145
-\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052\206
-\110\206\367\015\001\011\001\026\021\143\141\100\143\145\162\164
-\145\156\147\151\156\145\056\143\157\155\060\036\027\015\071\070
-\060\061\060\061\060\060\060\060\060\060\132\027\015\063\070\060
-\061\061\067\060\060\060\060\060\060\132\060\201\250\061\013\060
-\011\006\003\125\004\006\023\002\103\101\061\013\060\011\006\003
-\125\004\010\023\002\117\116\061\020\060\016\006\003\125\004\007
-\023\007\124\157\162\157\156\164\157\061\030\060\026\006\003\125
-\004\012\023\017\103\145\162\164\105\156\147\151\156\145\040\111
-\156\143\056\061\051\060\047\006\003\125\004\013\023\040\103\145
-\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
-\157\162\151\164\171\040\104\151\166\151\163\151\157\156\061\023
-\060\021\006\003\125\004\003\023\012\143\145\162\164\145\156\147
-\151\156\145\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\143\141\100\143\145\162\164\145\156\147\151\156
-\145\056\143\157\155\060\202\001\042\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
-\012\002\202\001\001\000\355\244\327\121\024\241\151\345\155\366
-\357\335\077\164\066\165\130\233\336\064\302\146\361\062\163\254
-\237\244\150\032\141\147\260\135\153\217\340\163\222\174\216\041
-\031\226\345\156\231\176\167\062\134\351\030\341\107\352\140\270
-\204\155\155\076\105\044\037\022\044\150\321\252\213\243\004\103
-\220\073\033\125\265\315\237\214\317\103\252\035\042\072\363\026
-\131\056\233\273\021\306\347\221\225\254\160\020\150\356\107\134
-\104\234\051\000\132\365\234\215\232\224\227\075\061\001\254\063
-\036\217\123\200\030\351\034\347\156\077\115\232\340\024\361\170
-\002\042\113\056\114\102\160\377\015\273\065\012\225\155\326\314
-\323\022\112\200\255\216\105\012\313\214\043\110\271\100\130\041
-\114\321\077\103\177\257\376\147\306\124\101\074\307\240\240\203
-\235\301\371\102\174\247\167\260\345\073\002\220\330\234\060\305
-\030\130\032\041\225\115\103\164\031\112\273\250\015\165\221\155
-\376\276\166\305\172\302\220\136\201\172\243\143\325\307\333\066
-\141\173\342\043\143\127\135\110\331\322\225\147\262\161\102\163
-\216\117\233\305\350\217\002\003\001\000\001\243\020\060\016\060
-\014\006\003\125\035\023\004\005\060\003\001\001\377\060\015\006
-\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
-\000\117\375\241\316\050\235\064\002\114\334\364\165\214\325\175
-\364\206\125\231\024\026\220\213\212\152\017\205\041\223\317\251
-\053\074\360\024\376\103\104\260\116\317\304\330\005\273\135\136
-\264\272\207\025\114\257\153\052\132\150\125\222\354\236\245\150
-\107\145\254\312\033\041\330\377\055\005\154\345\354\173\000\025
-\325\014\161\113\054\173\275\357\075\244\042\257\343\374\064\255
-\007\017\367\136\242\035\317\030\375\060\251\233\076\336\041\066
-\267\030\207\176\360\177\327\115\240\142\360\140\151\365\177\116
-\303\311\266\344\131\204\007\123\123\371\342\160\171\373\337\164
-\252\060\217\056\055\112\212\312\165\157\336\046\312\161\066\344
-\322\104\151\224\313\301\273\325\156\135\142\370\051\002\134\172
-\231\331\307\313\074\104\032\364\130\064\322\066\155\055\042\175
-\170\033\020\123\126\251\046\254\366\255\370\171\256\112\072\231
-\011\273\304\377\053\045\337\111\276\253\074\353\001\111\275\055
-\300\312\060\300\153\102\124\175\202\340\274\077\363\072\064\022
-\070\114\245\063\254\075\253\233\343\117\017\255\237\215\103\146
-\345
-END
-
-# Trust for Certificate "CertEngine CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "CertEngine CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\301\202\340\336\254\032\145\113\262\022\013\204\012\205\326\300
-\267\077\264\154
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\072\276\220\341\242\032\164\211\157\217\240\057\040\204\350\123
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\103\145\162\164\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\143
-\145\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\143\145\162
-\164\145\156\147\151\156\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "BankEngine CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "BankEngine CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\102\141\156\153\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\142
-\141\156\153\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\142\141\156
-\153\145\156\147\151\156\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\102\141\156\153\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\142
-\141\156\153\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\142\141\156
-\153\145\156\147\151\156\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\335\060\202\002\305\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101\061
-\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016
-\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\030
-\060\026\006\003\125\004\012\023\017\102\141\156\153\105\156\147
-\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125\004
-\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151\163
-\151\157\156\061\023\060\021\006\003\125\004\003\023\012\142\141
-\156\153\145\156\147\151\156\145\061\040\060\036\006\011\052\206
-\110\206\367\015\001\011\001\026\021\143\141\100\142\141\156\153
-\145\156\147\151\156\145\056\143\157\155\060\036\027\015\071\070
-\060\061\060\061\060\060\060\060\060\060\132\027\015\063\070\060
-\061\061\067\060\060\060\060\060\060\132\060\201\250\061\013\060
-\011\006\003\125\004\006\023\002\103\101\061\013\060\011\006\003
-\125\004\010\023\002\117\116\061\020\060\016\006\003\125\004\007
-\023\007\124\157\162\157\156\164\157\061\030\060\026\006\003\125
-\004\012\023\017\102\141\156\153\105\156\147\151\156\145\040\111
-\156\143\056\061\051\060\047\006\003\125\004\013\023\040\103\145
-\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
-\157\162\151\164\171\040\104\151\166\151\163\151\157\156\061\023
-\060\021\006\003\125\004\003\023\012\142\141\156\153\145\156\147
-\151\156\145\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\143\141\100\142\141\156\153\145\156\147\151\156
-\145\056\143\157\155\060\202\001\042\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
-\012\002\202\001\001\000\327\202\350\115\100\045\327\370\104\313
-\342\241\326\102\307\210\027\126\333\060\367\127\202\041\063\274
-\161\115\122\254\142\302\007\347\251\353\353\320\023\114\214\124
-\077\176\236\107\067\231\327\176\352\267\120\061\034\130\303\012
-\047\144\336\155\124\227\251\171\364\372\350\075\354\135\262\122
-\313\063\151\351\063\167\366\162\327\240\372\332\062\211\210\222
-\020\222\243\313\062\056\327\021\165\217\332\263\032\114\246\111
-\217\370\016\305\313\144\331\075\025\247\063\304\311\077\072\207
-\072\072\315\114\334\013\336\254\276\025\033\212\330\041\276\237
-\171\035\366\160\202\211\365\015\137\032\354\212\223\270\251\253
-\125\320\174\365\274\153\304\340\145\326\307\155\356\324\364\151
-\067\211\253\006\060\161\357\245\037\104\247\171\206\156\007\123
-\271\017\174\110\021\056\043\007\265\005\100\206\203\363\027\245
-\134\270\360\303\127\174\003\050\264\030\006\303\212\145\367\052
-\222\214\311\342\330\120\176\023\324\075\014\161\154\331\030\027
-\062\254\312\272\217\063\160\374\112\307\151\031\350\012\343\363
-\355\273\167\015\234\225\002\003\001\000\001\243\020\060\016\060
-\014\006\003\125\035\023\004\005\060\003\001\001\377\060\015\006
-\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
-\000\132\272\352\107\137\321\041\244\057\353\347\267\172\157\231
-\044\171\153\350\202\174\110\077\337\377\114\356\042\303\172\233
-\314\205\304\220\365\346\046\154\025\316\134\350\050\225\252\213
-\046\276\153\015\175\110\375\076\033\240\263\260\123\201\243\377
-\136\206\154\376\205\237\033\205\205\370\062\071\126\315\176\156
-\116\171\041\317\136\366\217\327\316\005\111\253\115\123\344\161
-\022\054\353\070\302\017\223\320\000\152\001\074\375\177\145\334
-\266\067\176\245\147\105\073\226\015\073\072\230\253\217\374\211
-\075\042\136\063\150\364\177\002\005\002\272\042\125\311\057\165
-\075\001\127\000\172\113\367\017\150\004\006\076\010\133\156\275
-\130\031\051\230\254\312\342\112\377\066\344\202\311\121\374\163
-\254\226\056\234\144\175\026\046\075\071\276\376\217\002\160\211
-\223\022\340\054\122\076\113\156\267\032\377\336\023\257\257\137
-\200\055\056\310\161\126\244\206\020\067\076\346\100\045\267\107
-\025\027\045\107\332\214\063\306\201\234\026\146\177\345\057\334
-\255\356\205\077\224\007\074\330\353\236\024\365\210\265\045\211
-\300
-END
-
-# Trust for Certificate "BankEngine CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "BankEngine CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\174\366\047\174\203\221\226\137\011\161\303\227\066\111\273\003
-\233\175\076\211
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\077\126\162\302\341\064\321\166\123\063\106\341\215\272\223\166
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\102\141\156\153\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\142
-\141\156\153\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\142\141\156
-\153\145\156\147\151\156\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "FortEngine CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "FortEngine CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\106\157\162\164\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\146
-\157\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\146\157\162
-\164\145\156\147\151\156\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\106\157\162\164\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\146
-\157\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\146\157\162
-\164\145\156\147\151\156\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\005\335\060\202\003\305\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101\061
-\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016
-\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\030
-\060\026\006\003\125\004\012\023\017\106\157\162\164\105\156\147
-\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125\004
-\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151\163
-\151\157\156\061\023\060\021\006\003\125\004\003\023\012\146\157
-\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052\206
-\110\206\367\015\001\011\001\026\021\143\141\100\146\157\162\164
-\145\156\147\151\156\145\056\143\157\155\060\036\027\015\071\070
-\060\061\060\061\060\060\060\060\060\060\132\027\015\063\070\060
-\061\061\067\060\060\060\060\060\060\132\060\201\250\061\013\060
-\011\006\003\125\004\006\023\002\103\101\061\013\060\011\006\003
-\125\004\010\023\002\117\116\061\020\060\016\006\003\125\004\007
-\023\007\124\157\162\157\156\164\157\061\030\060\026\006\003\125
-\004\012\023\017\106\157\162\164\105\156\147\151\156\145\040\111
-\156\143\056\061\051\060\047\006\003\125\004\013\023\040\103\145
-\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
-\157\162\151\164\171\040\104\151\166\151\163\151\157\156\061\023
-\060\021\006\003\125\004\003\023\012\146\157\162\164\145\156\147
-\151\156\145\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\143\141\100\146\157\162\164\145\156\147\151\156
-\145\056\143\157\155\060\202\002\042\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\202\002\017\000\060\202\002
-\012\002\202\002\001\000\312\276\306\156\234\003\307\035\157\334
-\106\033\243\110\034\073\351\142\200\110\145\016\241\266\173\273
-\277\001\265\206\241\120\052\163\317\252\351\253\224\045\113\163
-\342\056\350\207\114\215\151\333\265\243\331\051\135\157\263\236
-\110\016\323\071\153\202\061\254\222\252\214\073\132\050\246\234
-\323\045\321\162\374\377\040\107\254\165\042\353\367\221\153\127
-\072\354\360\074\361\043\277\117\113\132\130\162\046\303\176\241
-\116\063\265\065\137\323\262\064\103\334\330\272\227\050\015\016
-\174\134\244\141\170\217\112\164\060\166\015\204\246\307\054\000
-\131\042\320\300\207\206\321\006\273\202\372\044\171\011\151\222
-\011\004\013\273\342\021\347\011\337\276\166\051\160\111\036\170
-\173\002\316\165\233\031\345\246\141\272\260\074\272\354\111\142
-\034\074\071\264\161\023\106\246\355\236\307\006\006\073\044\031
-\000\152\107\234\155\357\344\047\236\330\131\254\337\007\044\160
-\350\153\334\340\031\352\141\302\054\341\220\276\070\225\162\305
-\140\257\126\345\170\105\155\271\160\331\317\246\001\301\344\242
-\104\142\300\076\302\075\342\050\310\075\232\374\227\060\336\176
-\141\172\002\223\224\330\135\340\021\106\124\136\211\107\270\005
-\070\131\066\101\361\327\212\336\156\266\033\042\217\325\341\227
-\265\200\201\005\052\056\010\040\017\323\051\206\243\337\342\166
-\072\350\346\124\045\137\131\262\140\176\101\372\174\122\054\301
-\321\140\016\172\006\234\264\245\162\106\241\355\105\257\212\040
-\105\320\134\333\131\202\067\046\062\117\102\142\103\364\234\206
-\312\266\002\227\150\176\276\365\123\007\064\352\362\012\161\104
-\356\224\254\270\365\044\312\231\334\025\140\207\031\047\242\024
-\355\360\343\016\011\341\313\045\267\020\100\015\014\361\175\033
-\271\051\231\345\116\204\015\355\265\151\043\364\067\326\325\127
-\023\226\343\254\227\052\350\350\377\071\072\231\334\200\376\072
-\246\344\121\320\040\322\010\043\104\247\023\203\031\313\035\337
-\300\154\314\311\350\373\034\224\060\337\355\302\354\321\144\245
-\304\314\120\107\374\371\154\324\223\326\263\155\117\332\354\212
-\375\223\072\027\357\010\034\116\364\003\243\006\052\016\360\362
-\316\323\175\207\114\321\002\003\001\000\001\243\020\060\016\060
-\014\006\003\125\035\023\004\005\060\003\001\001\377\060\015\006
-\011\052\206\110\206\367\015\001\001\005\005\000\003\202\002\001
-\000\127\040\151\075\147\323\331\123\262\275\132\154\224\142\261
-\362\035\076\011\143\374\162\051\162\200\144\155\144\236\135\000
-\234\334\377\375\121\020\001\335\274\257\223\201\236\005\243\075
-\335\250\170\127\043\344\115\067\101\151\316\345\232\140\310\326
-\145\064\264\220\011\234\071\013\206\143\123\250\340\361\245\074
-\162\066\326\223\163\333\332\005\015\062\153\321\231\213\004\236
-\011\051\133\004\332\312\011\203\236\143\166\117\114\144\160\073
-\053\377\373\034\177\121\262\152\326\144\341\071\015\220\345\257
-\032\172\372\166\242\306\023\060\236\123\312\052\053\010\313\321
-\215\145\103\352\031\325\026\000\023\035\007\360\124\125\123\145
-\065\116\123\265\152\110\135\100\245\061\337\032\371\352\012\160
-\213\101\171\205\350\302\101\316\006\230\247\076\100\327\335\311
-\105\014\205\037\132\054\064\106\215\074\263\304\253\254\132\221
-\361\054\360\156\270\371\331\173\365\104\316\172\240\152\202\216
-\171\057\045\313\161\212\023\203\127\263\134\247\032\000\026\062
-\031\242\100\350\233\112\272\314\372\353\115\113\013\025\012\057
-\076\132\057\163\174\071\206\140\013\210\063\054\205\244\357\023
-\131\346\334\373\047\343\044\076\026\124\104\361\352\123\146\264
-\042\040\154\251\146\106\102\352\127\063\322\146\032\302\347\226
-\161\070\130\130\141\141\124\156\044\265\014\316\216\063\121\260
-\334\150\245\157\226\355\301\165\315\004\361\211\145\003\237\022
-\012\112\076\340\265\324\066\216\053\233\304\101\041\175\126\240
-\257\300\314\264\007\034\065\124\331\125\104\151\032\056\172\116
-\233\116\072\352\055\255\072\252\013\355\206\276\045\270\206\134
-\157\166\371\256\100\335\016\225\171\124\303\074\366\116\274\134
-\025\251\215\236\340\071\342\126\160\377\306\253\056\334\154\026
-\141\353\162\163\360\347\177\265\262\233\246\054\075\022\345\111
-\061\034\333\270\322\036\213\041\132\131\317\161\376\322\262\363
-\270\132\037\115\370\262\062\067\037\053\140\062\035\004\340\120
-\046\354\256\370\015\270\260\320\121\274\205\031\127\041\164\125
-\044\207\073\127\334\070\104\126\174\147\236\272\130\340\025\143
-\101\324\352\130\213\360\356\121\245\112\340\302\217\021\020\000
-\347
-END
-
-# Trust for Certificate "FortEngine CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "FortEngine CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\101\101\246\125\070\252\007\017\342\231\174\272\223\237\274\221
-\355\012\034\116
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\225\015\273\365\336\111\267\072\266\302\311\233\100\106\036\155
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\106\157\162\164\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\146
-\157\162\164\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\146\157\162
-\164\145\156\147\151\156\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "MailEngine CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "MailEngine CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\115\141\151\154\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\155
-\141\151\154\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\155\141\151
-\154\145\156\147\151\156\145\056\143\157\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\115\141\151\154\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\155
-\141\151\154\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\155\141\151
-\154\145\156\147\151\156\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\335\060\202\002\305\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101\061
-\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016
-\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\030
-\060\026\006\003\125\004\012\023\017\115\141\151\154\105\156\147
-\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125\004
-\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157\156
-\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151\163
-\151\157\156\061\023\060\021\006\003\125\004\003\023\012\155\141
-\151\154\145\156\147\151\156\145\061\040\060\036\006\011\052\206
-\110\206\367\015\001\011\001\026\021\143\141\100\155\141\151\154
-\145\156\147\151\156\145\056\143\157\155\060\036\027\015\071\070
-\060\061\060\061\060\060\060\060\060\060\132\027\015\063\070\060
-\061\061\067\060\060\060\060\060\060\132\060\201\250\061\013\060
-\011\006\003\125\004\006\023\002\103\101\061\013\060\011\006\003
-\125\004\010\023\002\117\116\061\020\060\016\006\003\125\004\007
-\023\007\124\157\162\157\156\164\157\061\030\060\026\006\003\125
-\004\012\023\017\115\141\151\154\105\156\147\151\156\145\040\111
-\156\143\056\061\051\060\047\006\003\125\004\013\023\040\103\145
-\162\164\151\146\151\143\141\164\151\157\156\040\101\165\164\150
-\157\162\151\164\171\040\104\151\166\151\163\151\157\156\061\023
-\060\021\006\003\125\004\003\023\012\155\141\151\154\145\156\147
-\151\156\145\061\040\060\036\006\011\052\206\110\206\367\015\001
-\011\001\026\021\143\141\100\155\141\151\154\145\156\147\151\156
-\145\056\143\157\155\060\202\001\042\060\015\006\011\052\206\110
-\206\367\015\001\001\001\005\000\003\202\001\017\000\060\202\001
-\012\002\202\001\001\000\251\171\237\261\117\245\307\343\105\232
-\176\255\067\136\321\114\354\232\165\321\352\056\172\377\336\274
-\304\014\214\223\365\063\176\264\137\123\033\270\346\053\271\111
-\046\270\371\152\264\067\235\061\132\054\137\011\270\320\366\123
-\134\377\160\263\360\353\364\327\373\133\104\336\375\302\065\100
-\322\215\250\254\311\100\342\123\052\167\114\117\041\060\303\063
-\315\366\120\237\102\154\032\003\141\205\154\152\313\070\341\105
-\001\255\050\276\076\306\331\374\126\301\177\363\061\240\145\211
-\036\356\171\146\124\254\377\026\311\103\025\071\315\242\207\113
-\004\001\006\212\357\111\101\057\152\252\226\322\263\155\015\165
-\236\213\134\362\366\003\210\223\216\173\015\024\025\267\214\203
-\025\042\177\311\125\134\232\311\305\073\271\355\250\026\370\203
-\274\263\151\221\126\134\107\260\076\216\062\035\042\351\216\163
-\225\122\027\114\273\313\276\034\100\056\130\302\104\166\230\262
-\273\120\026\003\053\243\102\143\173\132\374\056\014\360\333\014
-\320\132\146\275\031\164\370\015\142\275\233\125\302\242\075\361
-\334\103\266\236\307\171\002\003\001\000\001\243\020\060\016\060
-\014\006\003\125\035\023\004\005\060\003\001\001\377\060\015\006
-\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001\001
-\000\043\174\331\371\004\054\361\312\120\103\152\101\120\031\142
-\204\374\376\067\075\030\233\060\341\063\175\336\376\017\066\330
-\130\207\244\243\075\342\323\100\360\240\175\333\352\076\040\302
-\120\311\104\003\252\341\321\172\374\373\177\270\023\207\016\217
-\350\247\347\237\373\321\053\230\243\335\371\350\127\067\330\167
-\355\006\334\161\070\063\354\073\125\300\016\042\106\120\321\056
-\273\276\046\345\363\117\343\254\010\173\205\144\303\213\047\342
-\203\330\220\006\207\165\272\360\230\335\160\271\053\225\312\155
-\001\115\060\163\226\216\034\363\337\020\027\110\152\037\062\361
-\013\115\315\164\125\316\200\155\363\074\357\200\040\021\221\174
-\123\113\153\277\365\006\227\107\130\114\057\102\155\016\004\022
-\111\326\172\051\337\022\067\254\263\253\020\376\156\346\003\346
-\303\237\046\150\301\027\371\367\226\241\107\064\301\347\234\145
-\362\331\060\027\146\322\000\133\067\337\123\160\064\160\143\301
-\067\241\131\323\156\232\363\241\333\027\125\370\223\354\154\316
-\026\311\273\370\244\163\074\256\132\160\211\042\015\337\115\204
-\203
-END
-
-# Trust for Certificate "MailEngine CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "MailEngine CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\052\175\170\152\226\012\241\132\305\231\364\361\115\344\004\057
-\271\134\173\220
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\257\331\256\074\245\337\007\060\040\273\005\006\306\111\161\123
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\250\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\030\060\026\006\003\125\004\012\023\017\115\141\151\154\105\156
-\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003\125
-\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151\157
-\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166\151
-\163\151\157\156\061\023\060\021\006\003\125\004\003\023\012\155
-\141\151\154\145\156\147\151\156\145\061\040\060\036\006\011\052
-\206\110\206\367\015\001\011\001\026\021\143\141\100\155\141\151
-\154\145\156\147\151\156\145\056\143\157\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "TraderEngine CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TraderEngine CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\032\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162
-\105\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006
-\003\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151
-\166\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023
-\014\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060
-\040\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141
-\100\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157
-\155
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\032\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162
-\105\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006
-\003\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151
-\166\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023
-\014\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060
-\040\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141
-\100\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157
-\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\351\060\202\002\321\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101\061
-\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060\016
-\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061\032
-\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162\105
-\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006\003
-\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151\166
-\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023\014
-\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060\040
-\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141\100
-\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157\155
-\060\036\027\015\071\070\060\061\060\061\060\060\060\060\060\060
-\132\027\015\063\070\060\061\061\067\060\060\060\060\060\060\132
-\060\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\032\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162
-\105\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006
-\003\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151
-\166\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023
-\014\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060
-\040\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141
-\100\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157
-\155\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\317\045\371\100\117\271\110\337\263\200\331\365\277\174
-\351\364\171\217\342\024\016\131\157\026\270\105\110\265\225\117
-\365\273\177\306\076\115\170\227\165\223\043\313\375\052\247\027
-\152\207\160\275\350\377\276\053\320\146\271\345\242\207\236\054
-\012\142\004\023\226\236\104\054\147\320\347\257\020\101\343\175
-\304\322\007\265\105\336\112\322\075\314\043\131\311\220\276\341
-\212\216\155\323\021\376\053\312\003\365\254\055\365\025\062\135
-\245\127\222\163\044\234\365\004\341\064\200\241\030\210\114\263
-\200\212\271\240\274\344\077\371\216\136\201\321\275\144\231\017
-\140\364\170\166\010\073\272\057\127\147\251\124\122\273\203\272
-\176\164\056\020\241\342\024\022\130\276\030\137\314\312\017\074
-\165\137\352\232\057\222\311\267\044\331\022\317\135\257\015\207
-\156\377\021\065\120\356\101\065\021\247\346\307\261\062\012\242
-\041\033\356\145\300\220\062\334\174\007\120\034\000\142\354\343
-\212\346\163\346\120\374\151\011\253\361\042\256\277\055\336\070
-\177\122\124\336\160\207\166\001\226\263\106\301\064\255\220\104
-\225\057\002\003\001\000\001\243\020\060\016\060\014\006\003\125
-\035\023\004\005\060\003\001\001\377\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\202\001\001\000\026\070\360
-\024\205\227\167\307\321\020\210\122\134\273\021\123\061\337\152
-\153\030\034\256\040\263\046\303\072\017\336\254\140\151\050\367
-\024\336\056\025\377\226\275\133\226\045\130\043\220\045\272\232
-\013\134\007\114\314\141\311\220\350\032\116\052\312\215\005\353
-\027\331\362\230\067\124\130\247\267\116\154\006\241\276\164\327
-\251\320\224\176\352\104\253\306\073\170\144\153\112\316\031\022
-\266\123\375\211\117\376\020\247\310\207\374\061\142\351\314\214
-\270\375\052\362\176\270\110\011\061\145\162\363\122\341\120\136
-\247\373\123\364\215\217\066\375\134\224\004\040\007\143\247\267
-\230\167\164\033\342\060\354\015\305\364\026\262\214\027\126\225
-\257\107\102\016\164\273\152\156\326\115\163\330\010\061\235\112
-\103\340\020\161\055\055\202\030\037\171\131\247\233\012\165\126
-\175\302\136\005\321\143\105\221\025\221\122\276\300\134\370\360
-\347\113\213\231\103\146\050\047\174\045\222\314\030\015\123\104
-\324\223\213\265\075\021\312\326\267\103\244\061\151\273\341\075
-\226\126\160\040\066\300\357\331\152\326\260\147\343
-END
-
-# Trust for Certificate "TraderEngine CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "TraderEngine CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\226\137\006\006\205\177\333\000\352\163\325\301\271\274\232\264
-\350\273\231\263
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\165\061\224\331\224\242\361\006\237\230\167\323\037\336\157\372
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\256\061\013\060\011\006\003\125\004\006\023\002\103\101
-\061\013\060\011\006\003\125\004\010\023\002\117\116\061\020\060
-\016\006\003\125\004\007\023\007\124\157\162\157\156\164\157\061
-\032\060\030\006\003\125\004\012\023\021\124\162\141\144\145\162
-\105\156\147\151\156\145\040\111\156\143\056\061\051\060\047\006
-\003\125\004\013\023\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171\040\104\151
-\166\151\163\151\157\156\061\025\060\023\006\003\125\004\003\023
-\014\164\162\141\144\145\162\145\156\147\151\156\145\061\042\060
-\040\006\011\052\206\110\206\367\015\001\011\001\026\023\143\141
-\100\164\162\141\144\145\162\145\156\147\151\156\145\056\143\157
-\155
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "USPS Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "USPS Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144
-\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123
-\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023
-\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120
-\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123
-\040\122\157\157\164\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144
-\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123
-\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023
-\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120
-\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123
-\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\047\204
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\132\060\202\002\303\240\003\002\001\002\002\002\047
-\204\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144
-\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123
-\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023
-\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120
-\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123
-\040\122\157\157\164\040\103\101\060\036\027\015\060\061\060\064
-\061\063\061\066\063\070\065\060\132\027\015\062\060\060\070\061
-\064\061\071\060\060\060\060\132\060\146\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\045\060\043\006\003\125\004\012
-\023\034\125\156\151\164\145\144\040\123\164\141\164\145\163\040
-\120\157\163\164\141\154\040\123\145\162\166\151\143\145\061\031
-\060\027\006\003\125\004\013\023\020\167\167\167\056\165\163\160
-\163\056\143\157\155\057\103\120\123\061\025\060\023\006\003\125
-\004\003\023\014\125\123\120\123\040\122\157\157\164\040\103\101
-\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001
-\005\000\003\201\215\000\060\201\211\002\201\201\000\267\251\045
-\254\143\332\260\222\317\224\066\260\004\377\026\156\166\004\133
-\365\306\074\237\306\271\102\046\125\373\223\161\205\021\145\311
-\141\047\210\304\136\233\376\052\170\112\122\152\105\237\250\373
-\221\264\343\046\135\365\103\024\046\271\336\074\155\054\146\365
-\123\175\336\344\126\127\262\242\171\365\341\264\332\152\367\044
-\345\263\050\376\236\167\226\342\016\307\005\003\314\351\121\366
-\226\374\021\300\226\055\163\065\377\130\163\137\362\110\065\345
-\104\113\320\176\325\000\036\204\155\330\045\330\321\002\003\001
-\000\001\243\202\001\025\060\202\001\021\060\154\006\003\125\035
-\040\004\145\060\143\060\013\006\011\140\206\110\001\206\371\155
-\146\001\060\013\006\011\140\206\110\001\206\371\155\146\002\060
-\013\006\011\140\206\110\001\206\371\155\146\003\060\013\006\011
-\140\206\110\001\206\371\155\146\004\060\013\006\011\140\206\110
-\001\206\371\155\146\005\060\013\006\011\140\206\110\001\206\371
-\155\146\006\060\013\006\011\140\206\110\001\206\371\155\146\007
-\060\006\006\004\125\035\040\000\060\035\006\003\125\035\016\004
-\026\004\024\323\316\202\164\363\057\113\211\140\162\244\136\021
-\277\137\165\003\242\002\253\060\037\006\003\125\035\043\004\030
-\060\026\200\024\323\316\202\164\363\057\113\211\140\162\244\136
-\021\277\137\165\003\242\002\253\060\035\006\003\125\035\022\004
-\026\060\024\201\022\162\157\157\164\061\060\060\060\061\100\165
-\163\160\163\056\143\157\155\060\041\006\003\125\035\021\004\032
-\060\030\201\026\143\141\141\144\155\151\156\100\145\155\141\151
-\154\056\165\163\160\163\056\143\157\155\060\016\006\003\125\035
-\017\001\001\377\004\004\003\002\001\306\060\017\006\003\125\035
-\023\001\001\377\004\005\060\003\001\001\377\060\015\006\011\052
-\206\110\206\367\015\001\001\005\005\000\003\201\201\000\065\061
-\212\231\336\052\270\273\344\157\330\351\320\215\337\101\136\110
-\047\217\146\205\026\022\263\107\023\353\001\011\176\076\370\125
-\065\065\205\012\117\263\350\202\247\257\255\227\135\206\116\327
-\267\255\254\217\240\240\124\113\245\117\364\165\007\273\057\056
-\031\033\036\216\355\155\113\325\115\203\310\166\227\127\206\366
-\044\102\005\365\262\354\026\357\274\354\275\346\220\154\217\222
-\263\033\031\147\046\072\257\245\307\036\362\364\165\116\151\331
-\273\373\017\154\134\072\310\335\255\216\012\227\035\217
-END
-
-# Trust for Certificate "USPS Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "USPS Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\154\041\132\224\112\235\120\245\027\015\202\313\324\371\325\072
-\341\237\030\145
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\274\055\035\316\370\036\035\175\021\044\152\231\160\130\175\031
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144
-\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123
-\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023
-\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120
-\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123
-\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\047\204
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "USPS Production 1"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "USPS Production 1"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\156\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144
-\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123
-\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023
-\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120
-\123\061\035\060\033\006\003\125\004\003\023\024\125\123\120\123
-\040\120\162\157\144\165\143\164\151\157\156\040\103\101\040\061
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144
-\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123
-\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023
-\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120
-\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123
-\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\047\205
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\010\157\060\202\007\330\240\003\002\001\002\002\002\047
-\205\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000
-\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144
-\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123
-\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023
-\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120
-\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123
-\040\122\157\157\164\040\103\101\060\036\027\015\060\061\060\064
-\061\063\061\066\065\066\065\064\132\027\015\062\060\060\070\061
-\064\061\067\060\060\064\060\132\060\156\061\013\060\011\006\003
-\125\004\006\023\002\125\123\061\045\060\043\006\003\125\004\012
-\023\034\125\156\151\164\145\144\040\123\164\141\164\145\163\040
-\120\157\163\164\141\154\040\123\145\162\166\151\143\145\061\031
-\060\027\006\003\125\004\013\023\020\167\167\167\056\165\163\160
-\163\056\143\157\155\057\103\120\123\061\035\060\033\006\003\125
-\004\003\023\024\125\123\120\123\040\120\162\157\144\165\143\164
-\151\157\156\040\103\101\040\061\060\201\237\060\015\006\011\052
-\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060\201
-\211\002\201\201\000\306\326\271\357\262\123\070\312\322\167\014
-\154\066\050\060\302\320\050\002\170\161\116\015\211\102\307\131
-\047\263\220\010\047\324\227\132\036\266\170\104\100\153\164\306
-\215\253\121\213\350\246\355\121\246\326\165\027\354\172\124\136
-\126\203\347\360\155\304\111\364\027\275\006\013\022\306\125\357
-\351\250\341\050\057\240\103\217\165\364\377\331\334\175\376\252
-\324\170\363\234\223\305\231\332\142\106\233\365\166\044\124\011
-\012\051\353\024\105\102\013\377\015\166\003\037\247\145\210\242
-\244\177\157\320\117\002\003\001\000\001\243\202\006\042\060\202
-\006\036\060\202\005\167\006\003\125\035\040\004\202\005\156\060
-\202\005\152\060\201\303\006\011\140\206\110\001\206\371\155\146
-\001\060\201\265\060\043\006\010\053\006\001\005\005\007\002\001
-\026\027\150\164\164\160\072\057\057\167\167\167\056\165\163\160
-\163\056\143\157\155\057\103\120\123\060\201\215\006\010\053\006
-\001\005\005\007\002\002\060\201\200\032\176\123\145\145\040\125
-\123\120\123\040\103\120\123\040\141\164\040\150\164\164\160\072
-\057\057\167\167\167\056\165\163\160\163\056\143\157\155\057\103
-\120\123\056\040\124\150\151\163\040\143\145\162\164\151\146\151
-\143\141\164\145\040\151\163\040\164\157\040\142\145\040\165\163
-\145\144\040\157\156\154\171\040\151\156\040\141\143\143\157\162
-\144\141\156\143\145\040\167\151\164\150\040\125\123\120\123\040
-\162\145\147\165\154\141\164\151\157\156\163\040\141\156\144\040
-\160\157\154\151\143\151\145\163\056\060\201\303\006\011\140\206
-\110\001\206\371\155\146\002\060\201\265\060\043\006\010\053\006
-\001\005\005\007\002\001\026\027\150\164\164\160\072\057\057\167
-\167\167\056\165\163\160\163\056\143\157\155\057\103\120\123\060
-\201\215\006\010\053\006\001\005\005\007\002\002\060\201\200\032
-\176\123\145\145\040\125\123\120\123\040\103\120\123\040\141\164
-\040\150\164\164\160\072\057\057\167\167\167\056\165\163\160\163
-\056\143\157\155\057\103\120\123\056\040\124\150\151\163\040\143
-\145\162\164\151\146\151\143\141\164\145\040\151\163\040\164\157
-\040\142\145\040\165\163\145\144\040\157\156\154\171\040\151\156
-\040\141\143\143\157\162\144\141\156\143\145\040\167\151\164\150
-\040\125\123\120\123\040\162\145\147\165\154\141\164\151\157\156
-\163\040\141\156\144\040\160\157\154\151\143\151\145\163\056\060
-\201\303\006\011\140\206\110\001\206\371\155\146\003\060\201\265
-\060\043\006\010\053\006\001\005\005\007\002\001\026\027\150\164
-\164\160\072\057\057\167\167\167\056\165\163\160\163\056\143\157
-\155\057\103\120\123\060\201\215\006\010\053\006\001\005\005\007
-\002\002\060\201\200\032\176\123\145\145\040\125\123\120\123\040
-\103\120\123\040\141\164\040\150\164\164\160\072\057\057\167\167
-\167\056\165\163\160\163\056\143\157\155\057\103\120\123\056\040
-\124\150\151\163\040\143\145\162\164\151\146\151\143\141\164\145
-\040\151\163\040\164\157\040\142\145\040\165\163\145\144\040\157
-\156\154\171\040\151\156\040\141\143\143\157\162\144\141\156\143
-\145\040\167\151\164\150\040\125\123\120\123\040\162\145\147\165
-\154\141\164\151\157\156\163\040\141\156\144\040\160\157\154\151
-\143\151\145\163\056\060\201\303\006\011\140\206\110\001\206\371
-\155\146\004\060\201\265\060\043\006\010\053\006\001\005\005\007
-\002\001\026\027\150\164\164\160\072\057\057\167\167\167\056\165
-\163\160\163\056\143\157\155\057\103\120\123\060\201\215\006\010
-\053\006\001\005\005\007\002\002\060\201\200\032\176\123\145\145
-\040\125\123\120\123\040\103\120\123\040\141\164\040\150\164\164
-\160\072\057\057\167\167\167\056\165\163\160\163\056\143\157\155
-\057\103\120\123\056\040\124\150\151\163\040\143\145\162\164\151
-\146\151\143\141\164\145\040\151\163\040\164\157\040\142\145\040
-\165\163\145\144\040\157\156\154\171\040\151\156\040\141\143\143
-\157\162\144\141\156\143\145\040\167\151\164\150\040\125\123\120
-\123\040\162\145\147\165\154\141\164\151\157\156\163\040\141\156
-\144\040\160\157\154\151\143\151\145\163\056\060\201\303\006\011
-\140\206\110\001\206\371\155\146\005\060\201\265\060\043\006\010
-\053\006\001\005\005\007\002\001\026\027\150\164\164\160\072\057
-\057\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120
-\123\060\201\215\006\010\053\006\001\005\005\007\002\002\060\201
-\200\032\176\123\145\145\040\125\123\120\123\040\103\120\123\040
-\141\164\040\150\164\164\160\072\057\057\167\167\167\056\165\163
-\160\163\056\143\157\155\057\103\120\123\056\040\124\150\151\163
-\040\143\145\162\164\151\146\151\143\141\164\145\040\151\163\040
-\164\157\040\142\145\040\165\163\145\144\040\157\156\154\171\040
-\151\156\040\141\143\143\157\162\144\141\156\143\145\040\167\151
-\164\150\040\125\123\120\123\040\162\145\147\165\154\141\164\151
-\157\156\163\040\141\156\144\040\160\157\154\151\143\151\145\163
-\056\060\201\303\006\011\140\206\110\001\206\371\155\146\006\060
-\201\265\060\043\006\010\053\006\001\005\005\007\002\001\026\027
-\150\164\164\160\072\057\057\167\167\167\056\165\163\160\163\056
-\143\157\155\057\103\120\123\060\201\215\006\010\053\006\001\005
-\005\007\002\002\060\201\200\032\176\123\145\145\040\125\123\120
-\123\040\103\120\123\040\141\164\040\150\164\164\160\072\057\057
-\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120\123
-\056\040\124\150\151\163\040\143\145\162\164\151\146\151\143\141
-\164\145\040\151\163\040\164\157\040\142\145\040\165\163\145\144
-\040\157\156\154\171\040\151\156\040\141\143\143\157\162\144\141
-\156\143\145\040\167\151\164\150\040\125\123\120\123\040\162\145
-\147\165\154\141\164\151\157\156\163\040\141\156\144\040\160\157
-\154\151\143\151\145\163\056\060\201\303\006\011\140\206\110\001
-\206\371\155\146\007\060\201\265\060\043\006\010\053\006\001\005
-\005\007\002\001\026\027\150\164\164\160\072\057\057\167\167\167
-\056\165\163\160\163\056\143\157\155\057\103\120\123\060\201\215
-\006\010\053\006\001\005\005\007\002\002\060\201\200\032\176\123
-\145\145\040\125\123\120\123\040\103\120\123\040\141\164\040\150
-\164\164\160\072\057\057\167\167\167\056\165\163\160\163\056\143
-\157\155\057\103\120\123\056\040\124\150\151\163\040\143\145\162
-\164\151\146\151\143\141\164\145\040\151\163\040\164\157\040\142
-\145\040\165\163\145\144\040\157\156\154\171\040\151\156\040\141
-\143\143\157\162\144\141\156\143\145\040\167\151\164\150\040\125
-\123\120\123\040\162\145\147\165\154\141\164\151\157\156\163\040
-\141\156\144\040\160\157\154\151\143\151\145\163\056\060\035\006
-\003\125\035\016\004\026\004\024\045\345\240\357\055\162\117\155
-\225\037\067\037\040\326\303\001\104\003\307\320\060\037\006\003
-\125\035\043\004\030\060\026\200\024\323\316\202\164\363\057\113
-\211\140\162\244\136\021\277\137\165\003\242\002\253\060\035\006
-\003\125\035\022\004\026\060\024\201\022\162\157\157\164\061\060
-\060\060\061\100\165\163\160\163\056\143\157\155\060\041\006\003
-\125\035\021\004\032\060\030\201\026\143\141\141\144\155\151\156
-\100\145\155\141\151\154\056\165\163\160\163\056\143\157\155\060
-\016\006\003\125\035\017\001\001\377\004\004\003\002\001\306\060
-\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003
-\201\201\000\140\277\111\155\062\312\204\333\360\226\100\310\254
-\130\351\111\351\233\034\162\136\305\006\243\075\064\303\034\256
-\015\325\164\031\336\230\327\175\001\075\345\110\230\100\177\275
-\042\257\134\172\366\353\142\076\253\274\275\217\142\130\313\202
-\072\324\304\100\347\213\270\017\020\120\017\054\070\043\071\224
-\345\040\307\324\270\371\341\121\102\104\224\154\143\136\343\176
-\136\142\336\357\075\106\264\074\133\250\233\016\172\236\035\126
-\355\274\005\264\305\361\131\011\257\157\111\205\131\333\072\021
-\145\315\351
-END
-
-# Trust for Certificate "USPS Production 1"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "USPS Production 1"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\246\153\351\054\171\064\177\363\201\000\013\373\142\054\337\247
-\121\331\153\123
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\076\000\040\236\051\317\232\170\303\150\117\206\366\173\341\106
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\146\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\045\060\043\006\003\125\004\012\023\034\125\156\151\164\145\144
-\040\123\164\141\164\145\163\040\120\157\163\164\141\154\040\123
-\145\162\166\151\143\145\061\031\060\027\006\003\125\004\013\023
-\020\167\167\167\056\165\163\160\163\056\143\157\155\057\103\120
-\123\061\025\060\023\006\003\125\004\003\023\014\125\123\120\123
-\040\122\157\157\164\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\047\205
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_VALID
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "AddTrust Non-Validated Services Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Non-Validated Services Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
-\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
-\103\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
-\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
-\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\030\060\202\003\000\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
-\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
-\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144
-\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103
-\101\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060
-\061\060\063\070\063\061\132\027\015\062\060\060\065\063\060\061
-\060\063\070\063\061\132\060\145\061\013\060\011\006\003\125\004
-\006\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013
-\101\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006
-\003\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124
-\124\120\040\116\145\164\167\157\162\153\061\041\060\037\006\003
-\125\004\003\023\030\101\144\144\124\162\165\163\164\040\103\154
-\141\163\163\040\061\040\103\101\040\122\157\157\164\060\202\001
-\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000
-\003\202\001\017\000\060\202\001\012\002\202\001\001\000\226\226
-\324\041\111\140\342\153\350\101\007\014\336\304\340\334\023\043
-\315\301\065\307\373\326\116\021\012\147\136\365\006\133\153\245
-\010\073\133\051\026\072\347\207\262\064\006\305\274\005\245\003
-\174\202\313\051\020\256\341\210\201\275\326\236\323\376\055\126
-\301\025\316\343\046\235\025\056\020\373\006\217\060\004\336\247
-\264\143\264\377\261\234\256\074\257\167\266\126\305\265\253\242
-\351\151\072\075\016\063\171\062\077\160\202\222\231\141\155\215
-\060\010\217\161\077\246\110\127\031\370\045\334\113\146\134\245
-\164\217\230\256\310\371\300\006\042\347\254\163\337\245\056\373
-\122\334\261\025\145\040\372\065\146\151\336\337\054\361\156\274
-\060\333\054\044\022\333\353\065\065\150\220\313\000\260\227\041
-\075\164\041\043\145\064\053\273\170\131\243\326\341\166\071\232
-\244\111\216\214\164\257\156\244\232\243\331\233\322\070\134\233
-\242\030\314\165\043\204\276\353\342\115\063\161\216\032\360\302
-\370\307\035\242\255\003\227\054\370\317\045\306\366\270\044\061
-\261\143\135\222\177\143\360\045\311\123\056\037\277\115\002\003
-\001\000\001\243\201\322\060\201\317\060\035\006\003\125\035\016
-\004\026\004\024\225\261\264\360\224\266\275\307\332\321\021\011
-\041\276\301\257\111\375\020\173\060\013\006\003\125\035\017\004
-\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377\004
-\005\060\003\001\001\377\060\201\217\006\003\125\035\043\004\201
-\207\060\201\204\200\024\225\261\264\360\224\266\275\307\332\321
-\021\011\041\276\301\257\111\375\020\173\241\151\244\147\060\145
-\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024\060
-\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163\164
-\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101\144
-\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167\157
-\162\153\061\041\060\037\006\003\125\004\003\023\030\101\144\144
-\124\162\165\163\164\040\103\154\141\163\163\040\061\040\103\101
-\040\122\157\157\164\202\001\001\060\015\006\011\052\206\110\206
-\367\015\001\001\005\005\000\003\202\001\001\000\054\155\144\033
-\037\315\015\335\271\001\372\226\143\064\062\110\107\231\256\227
-\355\375\162\026\246\163\107\132\364\353\335\351\365\326\373\105
-\314\051\211\104\135\277\106\071\075\350\356\274\115\124\206\036
-\035\154\343\027\047\103\341\211\126\053\251\157\162\116\111\063
-\343\162\174\052\043\232\274\076\377\050\052\355\243\377\034\043
-\272\103\127\011\147\115\113\142\006\055\370\377\154\235\140\036
-\330\034\113\175\265\061\057\331\320\174\135\370\336\153\203\030
-\170\067\127\057\350\063\007\147\337\036\307\153\052\225\166\256
-\217\127\243\360\364\122\264\251\123\010\317\340\117\323\172\123
-\213\375\273\034\126\066\362\376\262\266\345\166\273\325\042\145
-\247\077\376\321\146\255\013\274\153\231\206\357\077\175\363\030
-\062\312\173\306\343\253\144\106\225\370\046\151\331\125\203\173
-\054\226\007\377\131\054\104\243\306\345\351\251\334\241\143\200
-\132\041\136\041\317\123\124\360\272\157\211\333\250\252\225\317
-\213\343\161\314\036\033\040\104\010\300\172\266\100\375\304\344
-\065\341\035\026\034\320\274\053\216\326\161\331
-END
-
-# Trust for Certificate "AddTrust Non-Validated Services Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Non-Validated Services Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\314\253\016\240\114\043\001\326\151\173\335\067\237\315\022\353
-\044\343\224\235
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\036\102\225\002\063\222\153\271\137\300\177\332\326\262\113\374
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\145\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\041\060\037\006\003\125\004\003\023\030\101
-\144\144\124\162\165\163\164\040\103\154\141\163\163\040\061\040
-\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_VALID
-
-#
-# Certificate "AddTrust External Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust External Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\066\060\202\003\036\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035\101
-\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141\154
-\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060\040
-\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164\040
-\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157\164
-\060\036\027\015\060\060\060\065\063\060\061\060\064\070\063\070
-\132\027\015\062\060\060\065\063\060\061\060\064\070\063\070\132
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\267\367\032\063\346\362\000\004\055\071\340\116\133\355
-\037\274\154\017\315\265\372\043\266\316\336\233\021\063\227\244
-\051\114\175\223\237\275\112\274\223\355\003\032\343\217\317\345
-\155\120\132\326\227\051\224\132\200\260\111\172\333\056\225\375
-\270\312\277\067\070\055\036\076\221\101\255\160\126\307\360\117
-\077\350\062\236\164\312\310\220\124\351\306\137\017\170\235\232
-\100\074\016\254\141\252\136\024\217\236\207\241\152\120\334\327
-\232\116\257\005\263\246\161\224\234\161\263\120\140\012\307\023
-\235\070\007\206\002\250\351\250\151\046\030\220\253\114\260\117
-\043\253\072\117\204\330\337\316\237\341\151\157\273\327\102\327
-\153\104\344\307\255\356\155\101\137\162\132\161\010\067\263\171
-\145\244\131\240\224\067\367\000\057\015\302\222\162\332\320\070
-\162\333\024\250\105\304\135\052\175\267\264\326\304\356\254\315
-\023\104\267\311\053\335\103\000\045\372\141\271\151\152\130\043
-\021\267\247\063\217\126\165\131\365\315\051\327\106\267\012\053
-\145\266\323\102\157\025\262\270\173\373\357\351\135\123\325\064
-\132\047\002\003\001\000\001\243\201\334\060\201\331\060\035\006
-\003\125\035\016\004\026\004\024\255\275\230\172\064\264\046\367
-\372\304\046\124\357\003\275\340\044\313\124\032\060\013\006\003
-\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\201\231\006\003\125
-\035\043\004\201\221\060\201\216\200\024\255\275\230\172\064\264
-\046\367\372\304\046\124\357\003\275\340\044\313\124\032\241\163
-\244\161\060\157\061\013\060\011\006\003\125\004\006\023\002\123
-\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124
-\162\165\163\164\040\101\102\061\046\060\044\006\003\125\004\013
-\023\035\101\144\144\124\162\165\163\164\040\105\170\164\145\162
-\156\141\154\040\124\124\120\040\116\145\164\167\157\162\153\061
-\042\060\040\006\003\125\004\003\023\031\101\144\144\124\162\165
-\163\164\040\105\170\164\145\162\156\141\154\040\103\101\040\122
-\157\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015
-\001\001\005\005\000\003\202\001\001\000\260\233\340\205\045\302
-\326\043\342\017\226\006\222\235\101\230\234\331\204\171\201\331
-\036\133\024\007\043\066\145\217\260\330\167\273\254\101\154\107
-\140\203\121\260\371\062\075\347\374\366\046\023\307\200\026\245
-\277\132\374\207\317\170\171\211\041\232\342\114\007\012\206\065
-\274\362\336\121\304\322\226\267\334\176\116\356\160\375\034\071
-\353\014\002\121\024\055\216\275\026\340\301\337\106\165\347\044
-\255\354\364\102\264\205\223\160\020\147\272\235\006\065\112\030
-\323\053\172\314\121\102\241\172\143\321\346\273\241\305\053\302
-\066\276\023\015\346\275\143\176\171\173\247\011\015\100\253\152
-\335\217\212\303\366\366\214\032\102\005\121\324\105\365\237\247
-\142\041\150\025\040\103\074\231\347\174\275\044\330\251\221\027
-\163\210\077\126\033\061\070\030\264\161\017\232\315\310\016\236
-\216\056\033\341\214\230\203\313\037\061\361\104\114\306\004\163
-\111\166\140\017\307\370\275\027\200\153\056\351\314\114\016\132
-\232\171\017\040\012\056\325\236\143\046\036\125\222\224\330\202
-\027\132\173\320\274\307\217\116\206\004
-END
-
-# Trust for Certificate "AddTrust External Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust External Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\002\372\363\342\221\103\124\150\140\170\127\151\115\365\344\133
-\150\205\030\150
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\035\065\124\004\205\170\260\077\102\102\115\277\040\163\012\077
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AddTrust Public Services Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Public Services Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101
-\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103
-\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101
-\144\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103
-\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\025\060\202\002\375\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\144\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
-\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
-\157\162\153\061\040\060\036\006\003\125\004\003\023\027\101\144
-\144\124\162\165\163\164\040\120\165\142\154\151\143\040\103\101
-\040\122\157\157\164\060\036\027\015\060\060\060\065\063\060\061
-\060\064\061\065\060\132\027\015\062\060\060\065\063\060\061\060
-\064\061\065\060\132\060\144\061\013\060\011\006\003\125\004\006
-\023\002\123\105\061\024\060\022\006\003\125\004\012\023\013\101
-\144\144\124\162\165\163\164\040\101\102\061\035\060\033\006\003
-\125\004\013\023\024\101\144\144\124\162\165\163\164\040\124\124
-\120\040\116\145\164\167\157\162\153\061\040\060\036\006\003\125
-\004\003\023\027\101\144\144\124\162\165\163\164\040\120\165\142
-\154\151\143\040\103\101\040\122\157\157\164\060\202\001\042\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\202
-\001\017\000\060\202\001\012\002\202\001\001\000\351\032\060\217
-\203\210\024\301\040\330\074\233\217\033\176\003\164\273\332\151
-\323\106\245\370\216\302\014\021\220\121\245\057\146\124\100\125
-\352\333\037\112\126\356\237\043\156\364\071\313\241\271\157\362
-\176\371\135\207\046\141\236\034\370\342\354\246\201\370\041\305
-\044\314\021\014\077\333\046\162\172\307\001\227\007\027\371\327
-\030\054\060\175\016\172\036\142\036\306\113\300\375\175\142\167
-\323\104\036\047\366\077\113\104\263\267\070\331\071\037\140\325
-\121\222\163\003\264\000\151\343\363\024\116\356\321\334\011\317
-\167\064\106\120\260\370\021\362\376\070\171\367\007\071\376\121
-\222\227\013\133\010\137\064\206\001\255\210\227\353\146\315\136
-\321\377\334\175\362\204\332\272\167\255\334\200\010\307\247\207
-\326\125\237\227\152\350\310\021\144\272\347\031\051\077\021\263
-\170\220\204\040\122\133\021\357\170\320\203\366\325\110\220\320
-\060\034\317\200\371\140\376\171\344\210\362\335\000\353\224\105
-\353\145\224\151\100\272\300\325\264\270\272\175\004\021\250\353
-\061\005\226\224\116\130\041\216\237\320\140\375\002\003\001\000
-\001\243\201\321\060\201\316\060\035\006\003\125\035\016\004\026
-\004\024\201\076\067\330\222\260\037\167\237\134\264\253\163\252
-\347\366\064\140\057\372\060\013\006\003\125\035\017\004\004\003
-\002\001\006\060\017\006\003\125\035\023\001\001\377\004\005\060
-\003\001\001\377\060\201\216\006\003\125\035\043\004\201\206\060
-\201\203\200\024\201\076\067\330\222\260\037\167\237\134\264\253
-\163\252\347\366\064\140\057\372\241\150\244\146\060\144\061\013
-\060\011\006\003\125\004\006\023\002\123\105\061\024\060\022\006
-\003\125\004\012\023\013\101\144\144\124\162\165\163\164\040\101
-\102\061\035\060\033\006\003\125\004\013\023\024\101\144\144\124
-\162\165\163\164\040\124\124\120\040\116\145\164\167\157\162\153
-\061\040\060\036\006\003\125\004\003\023\027\101\144\144\124\162
-\165\163\164\040\120\165\142\154\151\143\040\103\101\040\122\157
-\157\164\202\001\001\060\015\006\011\052\206\110\206\367\015\001
-\001\005\005\000\003\202\001\001\000\003\367\025\112\370\044\332
-\043\126\026\223\166\335\066\050\271\256\033\270\303\361\144\272
-\040\030\170\225\051\047\127\005\274\174\052\364\271\121\125\332
-\207\002\336\017\026\027\061\370\252\171\056\011\023\273\257\262
-\040\031\022\345\223\371\113\371\203\350\104\325\262\101\045\277
-\210\165\157\377\020\374\112\124\320\137\360\372\357\066\163\175
-\033\066\105\306\041\155\264\025\270\116\317\234\134\245\075\132
-\000\216\006\343\074\153\062\173\362\237\360\266\375\337\360\050
-\030\110\360\306\274\320\277\064\200\226\302\112\261\155\216\307
-\220\105\336\057\147\254\105\004\243\172\334\125\222\311\107\146
-\330\032\214\307\355\234\116\232\340\022\273\265\152\114\204\341
-\341\042\015\207\000\144\376\214\175\142\071\145\246\357\102\266
-\200\045\022\141\001\250\044\023\160\000\021\046\137\372\065\120
-\305\110\314\006\107\350\047\330\160\215\137\144\346\241\104\046
-\136\042\354\222\315\377\102\232\104\041\155\134\305\343\042\035
-\137\107\022\347\316\137\135\372\330\252\261\063\055\331\166\362
-\116\072\063\014\053\263\055\220\006
-END
-
-# Trust for Certificate "AddTrust Public Services Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Public Services Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\052\266\050\110\136\170\373\363\255\236\171\020\335\153\337\231
-\162\054\226\345
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\301\142\076\043\305\202\163\234\003\131\113\053\351\167\111\177
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\157\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\046\060\044\006\003\125\004\013\023\035
-\101\144\144\124\162\165\163\164\040\105\170\164\145\162\156\141
-\154\040\124\124\120\040\116\145\164\167\157\162\153\061\042\060
-\040\006\003\125\004\003\023\031\101\144\144\124\162\165\163\164
-\040\105\170\164\145\162\156\141\154\040\103\101\040\122\157\157
-\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "AddTrust Qualified Certificates Root"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Qualified Certificates Root"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
-\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
-\144\040\103\101\040\122\157\157\164
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
-\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
-\144\040\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\036\060\202\003\006\240\003\002\001\002\002\001\001
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061\024
-\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165\163
-\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024\101
-\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164\167
-\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101\144
-\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145\144
-\040\103\101\040\122\157\157\164\060\036\027\015\060\060\060\065
-\063\060\061\060\064\064\065\060\132\027\015\062\060\060\065\063
-\060\061\060\064\064\065\060\132\060\147\061\013\060\011\006\003
-\125\004\006\023\002\123\105\061\024\060\022\006\003\125\004\012
-\023\013\101\144\144\124\162\165\163\164\040\101\102\061\035\060
-\033\006\003\125\004\013\023\024\101\144\144\124\162\165\163\164
-\040\124\124\120\040\116\145\164\167\157\162\153\061\043\060\041
-\006\003\125\004\003\023\032\101\144\144\124\162\165\163\164\040
-\121\165\141\154\151\146\151\145\144\040\103\101\040\122\157\157
-\164\060\202\001\042\060\015\006\011\052\206\110\206\367\015\001
-\001\001\005\000\003\202\001\017\000\060\202\001\012\002\202\001
-\001\000\344\036\232\376\334\011\132\207\244\237\107\276\021\137
-\257\204\064\333\142\074\171\170\267\351\060\265\354\014\034\052
-\304\026\377\340\354\161\353\212\365\021\156\355\117\015\221\322
-\022\030\055\111\025\001\302\244\042\023\307\021\144\377\042\022
-\232\271\216\134\057\010\317\161\152\263\147\001\131\361\135\106
-\363\260\170\245\366\016\102\172\343\177\033\314\320\360\267\050
-\375\052\352\236\263\260\271\004\252\375\366\307\264\261\270\052
-\240\373\130\361\031\240\157\160\045\176\076\151\112\177\017\042
-\330\357\255\010\021\232\051\231\341\252\104\105\232\022\136\076
-\235\155\122\374\347\240\075\150\057\360\113\160\174\023\070\255
-\274\025\045\361\326\316\253\242\300\061\326\057\237\340\377\024
-\131\374\204\223\331\207\174\114\124\023\353\237\321\055\021\370
-\030\072\072\336\045\331\367\323\100\355\244\006\022\304\073\341
-\221\301\126\065\360\024\334\145\066\011\156\253\244\007\307\065
-\321\302\003\063\066\133\165\046\155\102\361\022\153\103\157\113
-\161\224\372\064\035\355\023\156\312\200\177\230\057\154\271\145
-\330\351\002\003\001\000\001\243\201\324\060\201\321\060\035\006
-\003\125\035\016\004\026\004\024\071\225\213\142\213\134\311\324
-\200\272\130\017\227\077\025\010\103\314\230\247\060\013\006\003
-\125\035\017\004\004\003\002\001\006\060\017\006\003\125\035\023
-\001\001\377\004\005\060\003\001\001\377\060\201\221\006\003\125
-\035\043\004\201\211\060\201\206\200\024\071\225\213\142\213\134
-\311\324\200\272\130\017\227\077\025\010\103\314\230\247\241\153
-\244\151\060\147\061\013\060\011\006\003\125\004\006\023\002\123
-\105\061\024\060\022\006\003\125\004\012\023\013\101\144\144\124
-\162\165\163\164\040\101\102\061\035\060\033\006\003\125\004\013
-\023\024\101\144\144\124\162\165\163\164\040\124\124\120\040\116
-\145\164\167\157\162\153\061\043\060\041\006\003\125\004\003\023
-\032\101\144\144\124\162\165\163\164\040\121\165\141\154\151\146
-\151\145\144\040\103\101\040\122\157\157\164\202\001\001\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\003\202\001
-\001\000\031\253\165\352\370\213\145\141\225\023\272\151\004\357
-\206\312\023\240\307\252\117\144\033\077\030\366\250\055\054\125
-\217\005\267\060\352\102\152\035\300\045\121\055\247\277\014\263
-\355\357\010\177\154\074\106\032\352\030\103\337\166\314\371\146
-\206\234\054\150\365\351\027\370\061\263\030\304\326\110\175\043
-\114\150\301\176\273\001\024\157\305\331\156\336\273\004\102\152
-\370\366\134\175\345\332\372\207\353\015\065\122\147\320\236\227
-\166\005\223\077\225\307\001\346\151\125\070\177\020\141\231\311
-\343\137\246\312\076\202\143\110\252\342\010\110\076\252\362\262
-\205\142\246\264\247\331\275\067\234\150\265\055\126\175\260\267
-\077\240\261\007\326\351\117\334\336\105\161\060\062\177\033\056
-\011\371\277\122\241\356\302\200\076\006\134\056\125\100\301\033
-\365\160\105\260\334\135\372\366\162\132\167\322\143\315\317\130
-\211\000\102\143\077\171\071\320\104\260\202\156\101\031\350\335
-\340\301\210\132\321\036\161\223\037\044\060\164\345\036\250\336
-\074\047\067\177\203\256\236\167\317\360\060\261\377\113\231\350
-\306\241
-END
-
-# Trust for Certificate "AddTrust Qualified Certificates Root"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "AddTrust Qualified Certificates Root"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\115\043\170\354\221\225\071\265\000\177\165\217\003\073\041\036
-\305\115\213\317
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\047\354\071\107\315\332\132\257\342\232\001\145\041\251\114\273
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\147\061\013\060\011\006\003\125\004\006\023\002\123\105\061
-\024\060\022\006\003\125\004\012\023\013\101\144\144\124\162\165
-\163\164\040\101\102\061\035\060\033\006\003\125\004\013\023\024
-\101\144\144\124\162\165\163\164\040\124\124\120\040\116\145\164
-\167\157\162\153\061\043\060\041\006\003\125\004\003\023\032\101
-\144\144\124\162\165\163\164\040\121\165\141\154\151\146\151\145
-\144\040\103\101\040\122\157\157\164
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 1 Public Primary OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003
-\125\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142
-\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120
-\040\122\145\163\160\157\156\144\145\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\053\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\053
-\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\061\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132
-\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060
-\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162
-\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006
-\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124
-\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071
-\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040
-\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167
-\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125
-\004\003\023\045\103\154\141\163\163\040\061\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040
-\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\271\355\136\172\072\167\137\316\137\072
-\122\374\315\144\367\161\265\157\152\226\306\131\222\125\224\135
-\057\133\056\301\021\352\046\212\313\247\201\074\366\132\104\336
-\172\023\057\375\132\121\331\173\067\046\112\300\047\077\004\003
-\152\126\301\203\054\341\157\133\251\124\120\044\112\306\056\172
-\114\241\133\067\124\044\041\061\037\241\170\030\166\247\261\160
-\332\042\320\152\376\007\142\100\306\367\366\233\175\014\006\270
-\113\307\050\344\146\043\204\121\357\106\267\223\330\201\063\313
-\345\066\254\306\350\005\002\003\001\000\001\243\202\001\020\060
-\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025
-\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123
-\120\040\061\055\061\060\061\006\003\125\035\037\004\052\060\050
-\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143
-\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\160\143\141\061\056\143\162\154\060\023\006\003\125\035\045\004
-\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006
-\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006
-\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164
-\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147
-\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165
-\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013
-\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006
-\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163
-\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056
-\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002
-\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201
-\201\000\160\220\335\270\344\276\123\027\174\177\002\351\325\367
-\213\231\223\061\140\215\176\346\140\153\044\357\140\254\322\316
-\221\336\200\155\011\244\323\270\070\345\104\312\162\136\015\055
-\301\167\234\275\054\003\170\051\215\244\245\167\207\365\361\053
-\046\255\314\007\154\072\124\132\050\340\011\363\115\012\004\312
-\324\130\151\013\247\263\365\335\001\245\347\334\360\037\272\301
-\135\220\215\263\352\117\301\021\131\227\152\262\053\023\261\332
-\255\227\241\263\261\240\040\133\312\062\253\215\317\023\360\037
-\051\303
-END
-
-# Trust for Certificate "Verisign Class 1 Public Primary OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 1 Public Primary OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\004\226\110\344\112\311\314\255\105\203\230\331\074\175\221\365
-\042\104\033\212
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\176\157\072\123\033\174\276\260\060\333\103\036\036\224\211\262
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\061\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\053\150\324\243\106\236\305\073\050\011\253\070\135\177\047\040
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 2 Public Primary OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003
-\125\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142
-\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120
-\040\122\145\163\160\157\156\144\145\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\011\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\236\060\202\003\007\240\003\002\001\002\002\020\011
-\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\062\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\070\060\061\060\060\060\060\060\060\132
-\027\015\060\064\060\067\063\061\062\063\065\071\065\071\132\060
-\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162
-\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006
-\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124
-\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071
-\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040
-\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167
-\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125
-\004\003\023\045\103\154\141\163\163\040\062\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040
-\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\320\312\143\061\141\177\104\064\174\005
-\175\013\075\152\220\313\171\113\167\012\077\113\307\043\345\300
-\142\055\176\234\176\076\210\207\221\320\254\350\115\111\207\242
-\226\220\212\335\004\245\002\077\214\233\351\211\376\142\240\342
-\132\275\310\335\264\170\346\245\102\223\010\147\001\300\040\115
-\327\134\364\135\332\263\343\067\246\122\032\054\114\145\115\212
-\207\331\250\243\361\111\124\273\074\134\200\121\150\306\373\111
-\377\013\125\253\025\335\373\232\301\271\035\164\015\262\214\104
-\135\211\374\237\371\203\002\003\001\000\001\243\202\001\020\060
-\202\001\014\060\040\006\003\125\035\021\004\031\060\027\244\025
-\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123
-\120\040\061\055\062\060\061\006\003\125\035\037\004\052\060\050
-\060\046\240\044\240\042\206\040\150\164\164\160\072\057\057\143
-\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\160\143\141\062\056\143\162\154\060\023\006\003\125\035\045\004
-\014\060\012\006\010\053\006\001\005\005\007\003\011\060\102\006
-\010\053\006\001\005\005\007\001\001\004\066\060\064\060\062\006
-\010\053\006\001\005\005\007\060\001\246\046\026\044\150\164\164
-\160\072\057\057\157\143\163\160\056\166\145\162\151\163\151\147
-\156\056\143\157\155\057\157\143\163\160\057\163\164\141\164\165
-\163\060\104\006\003\125\035\040\004\075\060\073\060\071\006\013
-\140\206\110\001\206\370\105\001\007\001\001\060\052\060\050\006
-\010\053\006\001\005\005\007\002\001\026\034\150\164\164\160\163
-\072\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056
-\143\157\155\057\122\120\101\060\011\006\003\125\035\023\004\002
-\060\000\060\013\006\003\125\035\017\004\004\003\002\007\200\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201
-\201\000\037\175\011\156\044\106\165\004\234\363\046\233\343\071
-\156\027\357\274\275\242\033\322\002\204\206\253\320\100\227\054
-\304\103\210\067\031\153\042\250\003\161\120\235\040\334\066\140
-\040\232\163\055\163\125\154\130\233\054\302\264\064\054\172\063
-\102\312\221\331\351\103\257\317\036\340\365\304\172\253\077\162
-\143\036\251\067\341\133\073\210\263\023\206\202\220\127\313\127
-\377\364\126\276\042\335\343\227\250\341\274\042\103\302\335\115
-\333\366\201\236\222\024\236\071\017\023\124\336\202\330\300\136
-\064\215
-END
-
-# Trust for Certificate "Verisign Class 2 Public Primary OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 2 Public Primary OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\042\171\151\276\320\122\116\115\035\066\262\361\162\041\167\361
-\124\123\110\167
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\363\105\275\020\226\015\205\113\357\237\021\142\064\247\136\265
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\062\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\011\106\027\346\035\330\324\034\240\014\240\142\350\171\212\247
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Class 3 Public Primary OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003
-\125\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142
-\154\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120
-\040\122\145\163\160\157\156\144\145\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\056\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\242\060\202\003\013\240\003\002\001\002\002\020\056
-\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\137
-\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027\060
-\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147\156
-\054\040\111\156\143\056\061\067\060\065\006\003\125\004\013\023
-\056\103\154\141\163\163\040\063\040\120\165\142\154\151\143\040
-\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060\132
-\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132\060
-\201\247\061\027\060\025\006\003\125\004\012\023\016\126\145\162
-\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035\006
-\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040\124
-\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060\071
-\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146\040
-\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057\167
-\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\122\120\101\040\050\143\051\060\060\061\056\060\054\006\003\125
-\004\003\023\045\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\117\103\123\120\040
-\122\145\163\160\157\156\144\145\162\060\201\237\060\015\006\011
-\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000\060
-\201\211\002\201\201\000\361\344\010\016\203\273\165\343\110\345
-\270\333\246\360\271\253\351\074\142\307\136\065\133\320\002\124
-\021\330\311\321\126\271\166\113\271\253\172\346\315\272\366\014
-\004\326\176\326\260\012\145\254\116\071\343\361\367\055\243\045
-\071\357\260\213\317\276\333\014\135\156\160\364\007\315\160\367
-\072\300\076\065\026\355\170\214\103\317\302\046\056\107\326\206
-\175\234\361\276\326\147\014\042\045\244\312\145\346\037\172\170
-\050\057\077\005\333\004\041\277\341\105\146\376\074\267\202\355
-\132\270\026\025\271\125\002\003\001\000\001\243\202\001\024\060
-\202\001\020\060\040\006\003\125\035\021\004\031\060\027\244\025
-\060\023\061\021\060\017\006\003\125\004\003\023\010\117\103\123
-\120\040\061\055\063\060\065\006\003\125\035\037\004\056\060\054
-\060\052\240\050\240\046\206\044\150\164\164\160\072\057\057\143
-\162\154\056\166\145\162\151\163\151\147\156\056\143\157\155\057
-\160\143\141\063\056\061\056\061\056\143\162\154\060\023\006\003
-\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007\003
-\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066\060
-\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046\026
-\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145\162
-\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057\163
-\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060\073
-\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001\060
-\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150
-\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163
-\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003\125
-\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004\003
-\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\003\201\201\000\002\366\123\143\300\251\036\362\320\213
-\063\060\217\110\233\114\260\126\264\203\161\112\276\334\120\330
-\365\266\340\013\333\275\170\117\351\317\011\064\332\051\111\235
-\001\163\132\221\221\202\124\054\023\012\323\167\043\317\067\374
-\143\336\247\343\366\267\265\151\105\050\111\303\221\334\252\107
-\034\251\210\231\054\005\052\215\215\212\372\142\342\132\267\000
-\040\135\071\304\050\302\313\374\236\250\211\256\133\075\216\022
-\352\062\262\374\353\024\327\011\025\032\300\315\033\325\265\025
-\116\101\325\226\343\116
-END
-
-# Trust for Certificate "Verisign Class 3 Public Primary OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Class 3 Public Primary OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\265\355\267\332\046\072\126\164\322\042\105\060\324\307\217\172
-\007\365\345\137
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\175\121\222\311\166\203\230\026\336\214\263\206\304\175\146\373
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151
-\147\156\054\040\111\156\143\056\061\067\060\065\006\003\125\004
-\013\023\056\103\154\141\163\163\040\063\040\120\165\142\154\151
-\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\056\226\236\277\266\142\154\354\173\351\163\314\343\154\301\204
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Secure Server OCSP Responder"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Secure Server OCSP Responder"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003
-\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166
-\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145
-\162
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117
-\336
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\237\060\202\003\014\240\003\002\001\002\002\021\000
-\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117\336
-\060\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060
-\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061\040
-\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141\164
-\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143\056
-\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165\162
-\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\060\036\027\015\060\060\060\070\060\064\060\060\060\060\060\060
-\132\027\015\060\064\060\070\060\063\062\063\065\071\065\071\132
-\060\201\236\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\122\120\101\040\050\143\051\060\060\061\045\060\043\006\003
-\125\004\003\023\034\123\145\143\165\162\145\040\123\145\162\166
-\145\162\040\117\103\123\120\040\122\145\163\160\157\156\144\145
-\162\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001
-\001\005\000\003\201\215\000\060\201\211\002\201\201\000\270\121
-\231\144\205\016\356\263\012\150\360\277\143\166\035\123\365\374
-\241\170\214\063\356\237\364\276\071\332\233\017\115\107\251\217
-\040\350\113\104\275\316\315\173\220\321\060\350\220\304\045\173
-\211\050\336\275\366\223\035\377\271\377\222\265\251\215\344\256
-\314\342\303\007\203\152\243\162\020\001\047\142\042\246\065\046
-\071\055\236\317\140\014\374\107\244\327\320\102\170\247\035\154
-\320\313\117\025\247\051\012\264\225\105\304\261\347\132\011\327
-\071\225\330\035\065\236\302\275\263\135\301\014\113\037\002\003
-\001\000\001\243\202\001\035\060\202\001\031\060\040\006\003\125
-\035\021\004\031\060\027\244\025\060\023\061\021\060\017\006\003
-\125\004\003\023\010\117\103\123\120\040\061\055\064\060\076\006
-\003\125\035\037\004\067\060\065\060\063\240\061\240\057\206\055
-\150\164\164\160\072\057\057\143\162\154\056\166\145\162\151\163
-\151\147\156\056\143\157\155\057\122\123\101\123\145\143\165\162
-\145\123\145\162\166\145\162\055\160\056\143\162\154\060\023\006
-\003\125\035\045\004\014\060\012\006\010\053\006\001\005\005\007
-\003\011\060\102\006\010\053\006\001\005\005\007\001\001\004\066
-\060\064\060\062\006\010\053\006\001\005\005\007\060\001\246\046
-\026\044\150\164\164\160\072\057\057\157\143\163\160\056\166\145
-\162\151\163\151\147\156\056\143\157\155\057\157\143\163\160\057
-\163\164\141\164\165\163\060\104\006\003\125\035\040\004\075\060
-\073\060\071\006\013\140\206\110\001\206\370\105\001\007\001\001
-\060\052\060\050\006\010\053\006\001\005\005\007\002\001\026\034
-\150\164\164\160\163\072\057\057\167\167\167\056\166\145\162\151
-\163\151\147\156\056\143\157\155\057\122\120\101\060\011\006\003
-\125\035\023\004\002\060\000\060\013\006\003\125\035\017\004\004
-\003\002\007\200\060\015\006\011\052\206\110\206\367\015\001\001
-\005\005\000\003\176\000\000\263\020\123\146\234\111\223\056\061
-\240\002\102\322\130\127\176\146\241\376\033\212\141\030\120\100
-\054\036\053\101\245\326\333\377\254\010\034\132\005\155\002\134
-\052\266\226\117\107\333\276\116\333\316\314\272\206\270\030\316
-\261\022\221\137\143\367\363\110\076\314\361\115\023\344\155\011
-\224\170\000\222\313\243\040\235\006\013\152\240\103\007\316\321
-\031\154\217\030\165\232\237\027\063\375\251\046\270\343\342\336
-\302\250\304\132\212\177\230\326\007\006\153\314\126\236\206\160
-\316\324\357
-END
-
-# Trust for Certificate "Verisign Secure Server OCSP Responder"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Secure Server OCSP Responder"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\161\236\140\141\327\175\054\203\361\242\135\074\366\215\002\274
-\224\070\305\056
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\054\142\303\330\200\001\026\011\352\131\352\170\253\020\103\366
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\137\061\013\060\011\006\003\125\004\006\023\002\125\123\061
-\040\060\036\006\003\125\004\012\023\027\122\123\101\040\104\141
-\164\141\040\123\145\143\165\162\151\164\171\054\040\111\156\143
-\056\061\056\060\054\006\003\125\004\013\023\045\123\145\143\165
-\162\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146
-\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164
-\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000\377\105\325\047\135\044\373\263\302\071\044\123\127\341\117
-\336
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Verisign Time Stamping Authority CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Time Stamping Authority CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\245\061\027\060\025\006\003\125\004\012\023\016\126\145
-\162\151\123\151\147\156\054\040\111\156\143\056\061\037\060\035
-\006\003\125\004\013\023\026\126\145\162\151\123\151\147\156\040
-\124\162\165\163\164\040\116\145\164\167\157\162\153\061\073\060
-\071\006\003\125\004\013\023\062\124\145\162\155\163\040\157\146
-\040\165\163\145\040\141\164\040\150\164\164\160\163\072\057\057
-\167\167\167\056\166\145\162\151\163\151\147\156\056\143\157\155
-\057\162\160\141\040\050\143\051\060\060\061\054\060\052\006\003
-\125\004\003\023\043\126\145\162\151\123\151\147\156\040\124\151
-\155\145\040\123\164\141\155\160\151\156\147\040\101\165\164\150
-\157\162\151\164\171\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\123\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\315\060\202\003\066\240\003\002\001\002\002\020\123
-\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011\060
-\015\006\011\052\206\110\206\367\015\001\001\005\005\000\060\201
-\301\061\013\060\011\006\003\125\004\006\023\002\125\123\061\027
-\060\025\006\003\125\004\012\023\016\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\061\074\060\072\006\003\125\004\013
-\023\063\103\154\141\163\163\040\063\040\120\165\142\154\151\143
-\040\120\162\151\155\141\162\171\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\040\055\040\107\062\061\072\060\070\006\003\125\004\013\023\061
-\050\143\051\040\061\071\071\070\040\126\145\162\151\123\151\147
-\156\054\040\111\156\143\056\040\055\040\106\157\162\040\141\165
-\164\150\157\162\151\172\145\144\040\165\163\145\040\157\156\154
-\171\061\037\060\035\006\003\125\004\013\023\026\126\145\162\151
-\123\151\147\156\040\124\162\165\163\164\040\116\145\164\167\157
-\162\153\060\036\027\015\060\060\060\071\062\066\060\060\060\060
-\060\060\132\027\015\061\060\060\071\062\065\062\063\065\071\065
-\071\132\060\201\245\061\027\060\025\006\003\125\004\012\023\016
-\126\145\162\151\123\151\147\156\054\040\111\156\143\056\061\037
-\060\035\006\003\125\004\013\023\026\126\145\162\151\123\151\147
-\156\040\124\162\165\163\164\040\116\145\164\167\157\162\153\061
-\073\060\071\006\003\125\004\013\023\062\124\145\162\155\163\040
-\157\146\040\165\163\145\040\141\164\040\150\164\164\160\163\072
-\057\057\167\167\167\056\166\145\162\151\163\151\147\156\056\143
-\157\155\057\162\160\141\040\050\143\051\060\060\061\054\060\052
-\006\003\125\004\003\023\043\126\145\162\151\123\151\147\156\040
-\124\151\155\145\040\123\164\141\155\160\151\156\147\040\101\165
-\164\150\157\162\151\164\171\040\103\101\060\201\237\060\015\006
-\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215\000
-\060\201\211\002\201\201\000\322\031\235\147\302\000\041\131\142
-\316\264\011\042\104\151\212\370\045\132\333\355\015\267\066\176
-\116\340\273\224\076\220\045\207\302\141\107\051\331\275\124\270
-\143\314\054\175\151\264\063\066\364\067\007\232\301\335\100\124
-\374\340\170\235\240\223\271\011\075\043\121\177\104\302\024\164
-\333\012\276\313\311\060\064\100\230\076\320\327\045\020\201\224
-\275\007\117\234\326\124\047\337\056\250\277\313\220\214\215\165
-\113\274\342\350\104\207\315\346\101\012\045\156\350\364\044\002
-\305\122\017\156\354\230\165\002\003\001\000\001\243\201\337\060
-\201\334\060\017\006\003\125\035\023\004\010\060\006\001\001\377
-\002\001\000\060\105\006\003\125\035\040\004\076\060\074\060\072
-\006\014\140\206\110\001\206\370\105\001\007\027\001\003\060\052
-\060\050\006\010\053\006\001\005\005\007\002\001\026\034\150\164
-\164\160\163\072\057\057\167\167\167\056\166\145\162\151\163\151
-\147\156\056\143\157\155\057\162\160\141\060\061\006\003\125\035
-\037\004\052\060\050\060\046\240\044\240\042\206\040\150\164\164
-\160\072\057\057\143\162\154\056\166\145\162\151\163\151\147\156
-\056\143\157\155\057\160\143\141\063\056\143\162\154\060\013\006
-\003\125\035\017\004\004\003\002\001\006\060\102\006\010\053\006
-\001\005\005\007\001\001\004\066\060\064\060\062\006\010\053\006
-\001\005\005\007\060\001\246\046\026\044\150\164\164\160\072\057
-\057\157\143\163\160\056\166\145\162\151\163\151\147\156\056\143
-\157\155\057\157\143\163\160\057\163\164\141\164\165\163\060\015
-\006\011\052\206\110\206\367\015\001\001\005\005\000\003\201\201
-\000\202\160\150\225\337\266\015\302\001\160\031\112\322\124\126
-\036\254\362\105\114\207\270\365\065\353\170\113\005\251\310\235
-\073\031\041\056\160\064\112\242\365\211\340\025\165\105\347\050
-\067\000\064\047\051\350\067\113\362\357\104\227\153\027\121\032
-\303\126\235\074\032\212\366\112\106\106\067\214\372\313\365\144
-\132\070\150\056\034\303\357\160\316\270\106\006\026\277\367\176
-\347\265\250\076\105\254\251\045\165\042\173\157\077\260\234\224
-\347\307\163\253\254\037\356\045\233\300\026\355\267\312\133\360
-\024
-END
-
-# Trust for Certificate "Verisign Time Stamping Authority CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Verisign Time Stamping Authority CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\246\017\064\310\142\154\201\366\213\367\175\251\366\147\130\212
-\220\077\175\066
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\211\111\124\214\310\150\232\203\051\354\334\006\163\041\253\227
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\301\061\013\060\011\006\003\125\004\006\023\002\125\123
-\061\027\060\025\006\003\125\004\012\023\016\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\061\074\060\072\006\003\125
-\004\013\023\063\103\154\141\163\163\040\063\040\120\165\142\154
-\151\143\040\120\162\151\155\141\162\171\040\103\145\162\164\151
-\146\151\143\141\164\151\157\156\040\101\165\164\150\157\162\151
-\164\171\040\055\040\107\062\061\072\060\070\006\003\125\004\013
-\023\061\050\143\051\040\061\071\071\070\040\126\145\162\151\123
-\151\147\156\054\040\111\156\143\056\040\055\040\106\157\162\040
-\141\165\164\150\157\162\151\172\145\144\040\165\163\145\040\157
-\156\154\171\061\037\060\035\006\003\125\004\013\023\026\126\145
-\162\151\123\151\147\156\040\124\162\165\163\164\040\116\145\164
-\167\157\162\153
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\123\141\262\140\256\333\161\216\247\224\263\023\063\364\007\011
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Thawte Time Stamping CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Time Stamping CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007
-\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060
-\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035
-\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060
-\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124
-\151\155\145\163\164\141\155\160\151\156\147\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007
-\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060
-\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035
-\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060
-\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124
-\151\155\145\163\164\141\155\160\151\156\147\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\002\241\060\202\002\012\240\003\002\001\002\002\001\000
-\060\015\006\011\052\206\110\206\367\015\001\001\004\005\000\060
-\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101\061
-\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145\162
-\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007\023
-\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060\015
-\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035\060
-\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040\103
-\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060\035
-\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124\151
-\155\145\163\164\141\155\160\151\156\147\040\103\101\060\036\027
-\015\071\067\060\061\060\061\060\060\060\060\060\060\132\027\015
-\062\060\061\062\063\061\062\063\065\071\065\071\132\060\201\213
-\061\013\060\011\006\003\125\004\006\023\002\132\101\061\025\060
-\023\006\003\125\004\010\023\014\127\145\163\164\145\162\156\040
-\103\141\160\145\061\024\060\022\006\003\125\004\007\023\013\104
-\165\162\142\141\156\166\151\154\154\145\061\017\060\015\006\003
-\125\004\012\023\006\124\150\141\167\164\145\061\035\060\033\006
-\003\125\004\013\023\024\124\150\141\167\164\145\040\103\145\162
-\164\151\146\151\143\141\164\151\157\156\061\037\060\035\006\003
-\125\004\003\023\026\124\150\141\167\164\145\040\124\151\155\145
-\163\164\141\155\160\151\156\147\040\103\101\060\201\237\060\015
-\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201\215
-\000\060\201\211\002\201\201\000\326\053\130\170\141\105\206\123
-\352\064\173\121\234\355\260\346\056\030\016\376\340\137\250\047
-\323\264\311\340\174\131\116\026\016\163\124\140\301\177\366\237
-\056\351\072\205\044\025\074\333\107\004\143\303\236\304\224\032
-\132\337\114\172\363\331\103\035\074\020\172\171\045\333\220\376
-\360\121\347\060\326\101\000\375\237\050\337\171\276\224\273\235
-\266\024\343\043\205\327\251\101\340\114\244\171\260\053\032\213
-\362\370\073\212\076\105\254\161\222\000\264\220\101\230\373\137
-\355\372\267\056\212\370\210\067\002\003\001\000\001\243\023\060
-\021\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
-\001\377\060\015\006\011\052\206\110\206\367\015\001\001\004\005
-\000\003\201\201\000\147\333\342\302\346\207\075\100\203\206\067
-\065\175\037\316\232\303\014\146\040\250\272\252\004\211\206\302
-\365\020\010\015\277\313\242\005\212\320\115\066\076\364\327\357
-\151\306\136\344\260\224\157\112\271\347\336\133\210\266\173\333
-\343\047\345\166\303\360\065\301\313\265\047\233\063\171\334\220
-\246\000\236\167\372\374\315\047\224\102\026\234\323\034\150\354
-\277\134\335\345\251\173\020\012\062\164\124\023\061\213\205\003
-\204\221\267\130\001\060\024\070\257\050\312\374\261\120\031\031
-\011\254\211\111\323
-END
-
-# Trust for Certificate "Thawte Time Stamping CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Thawte Time Stamping CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\276\066\244\126\057\262\356\005\333\263\323\043\043\255\364\105
-\010\116\326\126
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\177\146\172\161\323\353\151\170\040\232\121\024\235\203\332\040
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\213\061\013\060\011\006\003\125\004\006\023\002\132\101
-\061\025\060\023\006\003\125\004\010\023\014\127\145\163\164\145
-\162\156\040\103\141\160\145\061\024\060\022\006\003\125\004\007
-\023\013\104\165\162\142\141\156\166\151\154\154\145\061\017\060
-\015\006\003\125\004\012\023\006\124\150\141\167\164\145\061\035
-\060\033\006\003\125\004\013\023\024\124\150\141\167\164\145\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\061\037\060
-\035\006\003\125\004\003\023\026\124\150\141\167\164\145\040\124
-\151\155\145\163\164\141\155\160\151\156\147\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\000
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "E-Certify CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "E-Certify CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061
-\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164
-\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104
-\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003
-\023\014\105\055\103\145\162\164\151\146\171\040\103\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061
-\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164
-\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104
-\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003
-\023\014\105\055\103\145\162\164\151\146\171\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\115\105\234
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\071\060\202\002\041\240\003\002\001\002\002\004\001
-\115\105\234\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\114\061\013\060\011\006\003\125\004\006\023\002\143
-\141\061\022\060\020\006\003\125\004\012\023\011\105\055\103\145
-\162\164\151\146\171\061\022\060\020\006\003\125\004\013\023\011
-\111\104\040\103\145\156\164\145\162\061\025\060\023\006\003\125
-\004\003\023\014\105\055\103\145\162\164\151\146\171\040\103\101
-\060\036\027\015\071\071\060\071\062\070\061\066\064\070\062\071
-\132\027\015\060\064\060\071\062\070\061\066\064\070\062\071\132
-\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061
-\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164
-\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104
-\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003
-\023\014\105\055\103\145\162\164\151\146\171\040\103\101\060\202
-\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
-\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\272
-\233\246\161\200\125\164\111\051\125\166\033\307\066\225\060\054
-\062\011\121\356\060\244\153\150\207\107\330\050\012\027\177\157
-\250\232\040\266\253\001\322\256\240\105\106\065\002\002\374\332
-\340\040\162\012\063\015\223\160\270\004\220\111\371\150\070\273
-\015\021\156\071\135\130\172\306\043\146\351\273\027\062\046\350
-\354\022\150\207\051\314\271\345\117\314\210\033\355\225\161\241
-\123\042\056\355\203\134\376\062\127\114\122\123\070\341\025\155
-\000\125\111\207\044\313\344\026\110\270\231\345\332\172\337\243
-\205\230\164\302\371\253\153\111\315\377\102\315\270\055\264\200
-\313\114\172\065\374\220\277\115\323\000\355\317\214\377\117\071
-\373\172\170\360\016\015\111\177\123\076\024\233\046\250\252\311
-\273\341\321\033\335\034\060\257\001\346\233\046\006\144\274\357
-\130\114\132\105\225\120\304\054\076\164\130\351\074\257\373\303
-\253\122\004\332\044\362\261\304\366\133\323\110\340\301\204\060
-\174\321\165\077\344\123\163\135\211\330\356\100\117\011\227\227
-\205\143\215\325\240\256\206\203\153\333\124\150\136\350\113\002
-\003\001\000\001\243\043\060\041\060\014\006\003\125\035\023\004
-\005\060\003\001\001\377\060\021\006\011\140\206\110\001\206\370
-\102\001\001\004\004\003\002\000\007\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\202\001\001\000\163\076\031
-\174\330\126\321\305\377\012\235\347\266\315\227\363\247\341\101
-\310\176\202\065\377\233\226\322\013\357\161\362\020\345\104\313
-\222\350\016\132\346\076\304\364\225\151\002\274\013\126\200\271
-\161\027\143\036\101\111\052\065\352\034\325\144\253\111\355\013
-\076\213\124\241\115\050\150\352\275\267\201\077\065\171\202\367
-\064\274\171\210\045\236\200\347\317\250\025\257\362\341\025\053
-\007\121\340\324\215\112\112\003\300\042\053\271\150\112\200\303
-\250\205\010\325\247\052\275\313\247\143\175\243\260\312\126\140
-\154\105\341\312\277\024\122\012\302\305\145\354\241\075\037\100
-\371\120\132\344\064\012\157\302\164\254\174\314\047\352\343\207
-\245\123\310\336\174\076\135\102\122\132\353\005\150\246\030\062
-\140\040\170\153\160\024\140\041\202\011\075\036\126\300\025\141
-\000\121\145\262\061\022\371\306\112\006\274\137\364\071\037\166
-\232\211\170\351\066\202\332\265\157\213\177\211\265\114\367\145
-\030\134\201\363\356\120\326\335\354\151\110\237\053\265\336\076
-\275\372\274\154\153\147\123\233\261\223\271\221\106
-END
-
-# Trust for Certificate "E-Certify CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "E-Certify CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\133\330\153\206\375\275\330\206\371\233\310\120\106\350\052\112
-\211\152\317\357
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\256\065\177\222\227\106\174\217\023\051\341\333\236\102\145\152
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061
-\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164
-\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104
-\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003
-\023\014\105\055\103\145\162\164\151\146\171\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\115\105\234
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "E-Certify RA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "E-Certify RA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061
-\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164
-\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104
-\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003
-\023\014\105\055\103\145\162\164\151\146\171\040\122\101
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061
-\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164
-\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104
-\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003
-\023\014\105\055\103\145\162\164\151\146\171\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\117\353\020
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\003\071\060\202\002\041\240\003\002\001\002\002\004\001
-\117\353\020\060\015\006\011\052\206\110\206\367\015\001\001\005
-\005\000\060\114\061\013\060\011\006\003\125\004\006\023\002\143
-\141\061\022\060\020\006\003\125\004\012\023\011\105\055\103\145
-\162\164\151\146\171\061\022\060\020\006\003\125\004\013\023\011
-\111\104\040\103\145\156\164\145\162\061\025\060\023\006\003\125
-\004\003\023\014\105\055\103\145\162\164\151\146\171\040\103\101
-\060\036\027\015\071\071\060\071\063\060\061\066\065\070\065\067
-\132\027\015\060\064\060\071\062\067\061\066\065\070\065\067\132
-\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061
-\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164
-\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104
-\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003
-\023\014\105\055\103\145\162\164\151\146\171\040\122\101\060\202
-\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005
-\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\334
-\260\267\045\373\356\014\272\330\243\162\104\017\052\243\343\110
-\004\321\364\060\164\006\010\016\137\067\307\066\267\202\232\045
-\113\254\153\111\231\000\033\027\362\360\337\027\027\351\355\040
-\152\024\153\375\311\314\017\346\014\153\206\345\365\244\372\333
-\005\052\000\310\015\352\252\145\100\066\312\363\345\165\071\216
-\334\146\333\104\034\236\303\213\103\070\313\274\360\232\311\331
-\312\067\023\312\122\301\055\351\107\040\345\314\044\170\340\346
-\033\114\270\322\124\202\155\016\271\041\140\357\174\264\000\373
-\122\304\057\012\367\004\116\204\057\337\030\254\143\006\040\335
-\332\261\201\301\341\255\177\030\210\167\363\353\370\255\317\172
-\020\120\126\171\236\124\317\336\034\233\327\102\224\341\317\325
-\154\365\136\075\315\345\147\023\073\232\315\072\142\204\371\141
-\036\155\325\130\216\331\371\255\052\076\226\361\355\252\177\020
-\356\366\000\205\074\261\005\013\064\321\134\142\340\215\022\256
-\275\114\124\300\342\274\144\161\140\145\206\306\331\204\253\130
-\140\152\061\156\175\117\261\210\242\376\024\114\072\214\373\002
-\003\001\000\001\243\043\060\041\060\014\006\003\125\035\023\004
-\005\060\003\001\001\377\060\021\006\011\140\206\110\001\206\370
-\102\001\001\004\004\003\002\000\007\060\015\006\011\052\206\110
-\206\367\015\001\001\005\005\000\003\202\001\001\000\255\030\200
-\317\060\274\073\350\362\002\025\127\075\350\114\143\346\356\062
-\243\177\345\001\360\047\271\052\331\301\250\236\043\036\107\231
-\327\056\104\113\024\313\320\275\046\144\003\362\006\217\237\327
-\110\250\161\153\026\064\305\076\265\171\230\263\346\340\320\070
-\021\231\244\021\173\343\071\245\015\077\235\325\322\305\172\057
-\352\104\024\315\020\116\240\064\263\153\211\137\360\256\237\315
-\123\325\176\172\120\045\000\041\244\155\351\310\161\000\373\255
-\064\027\110\042\356\247\050\154\206\162\333\371\233\206\104\170
-\136\005\351\150\064\060\241\025\145\301\251\332\236\135\236\043
-\106\116\052\346\116\263\114\237\314\106\010\230\034\074\103\237
-\264\316\240\140\357\044\316\116\037\350\302\251\162\273\057\332
-\102\006\041\360\232\345\170\107\054\010\164\120\150\140\375\205
-\302\373\257\112\222\361\204\235\000\152\310\126\041\216\157\301
-\061\313\121\354\166\165\172\337\001\016\162\150\241\362\046\216
-\331\270\306\243\144\122\372\155\373\112\075\132\135\270\124\224
-\355\125\150\145\235\077\122\114\106\222\026\013\276
-END
-
-# Trust for Certificate "E-Certify RA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "E-Certify RA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\217\051\011\013\006\302\070\314\160\305\251\355\227\147\210\315
-\066\332\335\131
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\114\061\013\060\011\006\003\125\004\006\023\002\143\141\061
-\022\060\020\006\003\125\004\012\023\011\105\055\103\145\162\164
-\151\146\171\061\022\060\020\006\003\125\004\013\023\011\111\104
-\040\103\145\156\164\145\162\061\025\060\023\006\003\125\004\003
-\023\014\105\055\103\145\162\164\151\146\171\040\103\101
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\001\117\353\020
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\245\273\012\243\320\307\124\025\130\336\153\122\020\121\272\050
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Global Secure Server CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Server CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125
-\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157
-\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155
-\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003
-\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156
-\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145
-\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162
-\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123
-\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125
-\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157
-\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155
-\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003
-\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156
-\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145
-\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162
-\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123
-\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\233\021\074
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\225\060\202\003\376\240\003\002\001\002\002\004\070
-\233\021\074\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\060\201\272\061\024\060\022\006\003\125\004\012\023\013
-\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075\006
-\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165\163
-\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151\156
-\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154
-\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043
-\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040
-\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151
-\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105\156
-\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162\145
-\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151\143
-\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171\060
-\036\027\015\060\060\060\062\060\064\061\067\062\060\060\060\132
-\027\015\062\060\060\062\060\064\061\067\065\060\060\060\132\060
-\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156\164
-\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125\004
-\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056\156
-\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157\162
-\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155\151
-\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003\125
-\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156\164
-\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145\144
-\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162\165
-\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123\145
-\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164\151
-\157\156\040\101\165\164\150\157\162\151\164\171\060\201\237\060
-\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003\201
-\215\000\060\201\211\002\201\201\000\307\301\137\116\161\361\316
-\360\140\206\017\322\130\177\323\063\227\055\027\242\165\060\265
-\226\144\046\057\150\303\104\253\250\165\346\000\147\064\127\236
-\145\307\042\233\163\346\323\335\010\016\067\125\252\045\106\201
-\154\275\376\250\366\165\127\127\214\220\154\112\303\076\213\113
-\103\012\311\021\126\232\232\047\042\231\317\125\236\141\331\002
-\342\174\266\174\070\007\334\343\177\117\232\271\003\101\200\266
-\165\147\023\013\237\350\127\066\310\135\000\066\336\146\024\332
-\156\166\037\117\067\214\202\023\211\002\003\001\000\001\243\202
-\001\244\060\202\001\240\060\021\006\011\140\206\110\001\206\370
-\102\001\001\004\004\003\002\000\007\060\201\343\006\003\125\035
-\037\004\201\333\060\201\330\060\201\325\240\201\322\240\201\317
-\244\201\314\060\201\311\061\024\060\022\006\003\125\004\012\023
-\013\105\156\164\162\165\163\164\056\156\145\164\061\077\060\075
-\006\003\125\004\013\024\066\167\167\167\056\145\156\164\162\165
-\163\164\056\156\145\164\057\123\123\114\137\103\120\123\040\151
-\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
-\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
-\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060
-\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
-\151\164\145\144\061\072\060\070\006\003\125\004\003\023\061\105
-\156\164\162\165\163\164\056\156\145\164\040\123\145\143\165\162
-\145\040\123\145\162\166\145\162\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\061\015\060\013\006\003\125\004\003\023\004\103\122\114\061\060
-\053\006\003\125\035\020\004\044\060\042\200\017\062\060\060\060
-\060\062\060\064\061\067\062\060\060\060\132\201\017\062\060\062
-\060\060\062\060\064\061\067\065\060\060\060\132\060\013\006\003
-\125\035\017\004\004\003\002\001\006\060\037\006\003\125\035\043
-\004\030\060\026\200\024\313\154\300\153\343\273\076\313\374\042
-\234\376\373\213\222\234\260\362\156\042\060\035\006\003\125\035
-\016\004\026\004\024\313\154\300\153\343\273\076\313\374\042\234
-\376\373\213\222\234\260\362\156\042\060\014\006\003\125\035\023
-\004\005\060\003\001\001\377\060\035\006\011\052\206\110\206\366
-\175\007\101\000\004\020\060\016\033\010\126\065\056\060\072\064
-\056\060\003\002\004\220\060\015\006\011\052\206\110\206\367\015
-\001\001\004\005\000\003\201\201\000\142\333\201\221\316\310\232
-\167\102\057\354\275\047\243\123\017\120\033\352\116\222\360\251
-\257\251\240\272\110\141\313\357\311\006\357\037\325\364\356\337
-\126\055\346\312\152\031\163\252\123\276\222\263\120\002\266\205
-\046\162\143\330\165\120\142\165\024\267\263\120\032\077\312\021
-\000\013\205\105\151\155\266\245\256\121\341\112\334\202\077\154
-\214\064\262\167\153\331\002\366\177\016\352\145\004\361\315\124
-\312\272\311\314\340\204\367\310\076\021\227\323\140\011\030\274
-\005\377\154\211\063\360\354\025\017
-END
-
-# Trust for Certificate "Entrust.net Global Secure Server CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Server CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\211\071\127\156\027\215\367\005\170\017\314\136\310\117\204\366
-\045\072\110\223
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\235\146\152\314\377\325\365\103\264\277\214\026\321\053\250\231
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\272\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\077\060\075\006\003\125
-\004\013\024\066\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\123\123\114\137\103\120\123\040\151\156\143\157
-\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151\155
-\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006\003
-\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105\156
-\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164\145
-\144\061\072\060\070\006\003\125\004\003\023\061\105\156\164\162
-\165\163\164\056\156\145\164\040\123\145\143\165\162\145\040\123
-\145\162\166\145\162\040\103\145\162\164\151\146\151\143\141\164
-\151\157\156\040\101\165\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\233\021\074
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-
-#
-# Certificate "Entrust.net Global Secure Personal CA"
-#
-CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Personal CA"
-CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
-CKA_SUBJECT MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171
-END
-CKA_ID UTF8 "0"
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\236\366\344
-END
-CKA_VALUE MULTILINE_OCTAL
-\060\202\004\203\060\202\003\354\240\003\002\001\002\002\004\070
-\236\366\344\060\015\006\011\052\206\110\206\367\015\001\001\004
-\005\000\060\201\264\061\024\060\022\006\003\125\004\012\023\013
-\105\156\164\162\165\163\164\056\156\145\164\061\100\060\076\006
-\003\125\004\013\024\067\167\167\167\056\145\156\164\162\165\163
-\164\056\156\145\164\057\107\103\103\101\137\103\120\123\040\151
-\156\143\157\162\160\056\040\142\171\040\162\145\146\056\040\050
-\154\151\155\151\164\163\040\154\151\141\142\056\051\061\045\060
-\043\006\003\125\004\013\023\034\050\143\051\040\062\060\060\060
-\040\105\156\164\162\165\163\164\056\156\145\164\040\114\151\155
-\151\164\145\144\061\063\060\061\006\003\125\004\003\023\052\105
-\156\164\162\165\163\164\056\156\145\164\040\103\154\151\145\156
-\164\040\103\145\162\164\151\146\151\143\141\164\151\157\156\040
-\101\165\164\150\157\162\151\164\171\060\036\027\015\060\060\060
-\062\060\067\061\066\061\066\064\060\132\027\015\062\060\060\062
-\060\067\061\066\064\066\064\060\132\060\201\264\061\024\060\022
-\006\003\125\004\012\023\013\105\156\164\162\165\163\164\056\156
-\145\164\061\100\060\076\006\003\125\004\013\024\067\167\167\167
-\056\145\156\164\162\165\163\164\056\156\145\164\057\107\103\103
-\101\137\103\120\123\040\151\156\143\157\162\160\056\040\142\171
-\040\162\145\146\056\040\050\154\151\155\151\164\163\040\154\151
-\141\142\056\051\061\045\060\043\006\003\125\004\013\023\034\050
-\143\051\040\062\060\060\060\040\105\156\164\162\165\163\164\056
-\156\145\164\040\114\151\155\151\164\145\144\061\063\060\061\006
-\003\125\004\003\023\052\105\156\164\162\165\163\164\056\156\145
-\164\040\103\154\151\145\156\164\040\103\145\162\164\151\146\151
-\143\141\164\151\157\156\040\101\165\164\150\157\162\151\164\171
-\060\201\237\060\015\006\011\052\206\110\206\367\015\001\001\001
-\005\000\003\201\215\000\060\201\211\002\201\201\000\223\164\264
-\266\344\305\113\326\241\150\177\142\325\354\367\121\127\263\162
-\112\230\365\320\211\311\255\143\315\115\065\121\152\204\324\255
-\311\150\171\157\270\353\021\333\207\256\134\044\121\023\361\124
-\045\204\257\051\053\237\343\200\342\331\313\335\306\105\111\064
-\210\220\136\001\227\357\352\123\246\335\374\301\336\113\052\045
-\344\351\065\372\125\005\006\345\211\172\352\244\021\127\073\374
-\174\075\066\315\147\065\155\244\251\045\131\275\146\365\371\047
-\344\225\147\326\077\222\200\136\362\064\175\053\205\002\003\001
-\000\001\243\202\001\236\060\202\001\232\060\021\006\011\140\206
-\110\001\206\370\102\001\001\004\004\003\002\000\007\060\201\335
-\006\003\125\035\037\004\201\325\060\201\322\060\201\317\240\201
-\314\240\201\311\244\201\306\060\201\303\061\024\060\022\006\003
-\125\004\012\023\013\105\156\164\162\165\163\164\056\156\145\164
-\061\100\060\076\006\003\125\004\013\024\067\167\167\167\056\145
-\156\164\162\165\163\164\056\156\145\164\057\107\103\103\101\137
-\103\120\123\040\151\156\143\157\162\160\056\040\142\171\040\162
-\145\146\056\040\050\154\151\155\151\164\163\040\154\151\141\142
-\056\051\061\045\060\043\006\003\125\004\013\023\034\050\143\051
-\040\062\060\060\060\040\105\156\164\162\165\163\164\056\156\145
-\164\040\114\151\155\151\164\145\144\061\063\060\061\006\003\125
-\004\003\023\052\105\156\164\162\165\163\164\056\156\145\164\040
-\103\154\151\145\156\164\040\103\145\162\164\151\146\151\143\141
-\164\151\157\156\040\101\165\164\150\157\162\151\164\171\061\015
-\060\013\006\003\125\004\003\023\004\103\122\114\061\060\053\006
-\003\125\035\020\004\044\060\042\200\017\062\060\060\060\060\062
-\060\067\061\066\061\066\064\060\132\201\017\062\060\062\060\060
-\062\060\067\061\066\064\066\064\060\132\060\013\006\003\125\035
-\017\004\004\003\002\001\006\060\037\006\003\125\035\043\004\030
-\060\026\200\024\204\213\164\375\305\215\300\377\047\155\040\067
-\105\174\376\055\316\272\323\175\060\035\006\003\125\035\016\004
-\026\004\024\204\213\164\375\305\215\300\377\047\155\040\067\105
-\174\376\055\316\272\323\175\060\014\006\003\125\035\023\004\005
-\060\003\001\001\377\060\035\006\011\052\206\110\206\366\175\007
-\101\000\004\020\060\016\033\010\126\065\056\060\072\064\056\060
-\003\002\004\220\060\015\006\011\052\206\110\206\367\015\001\001
-\004\005\000\003\201\201\000\116\157\065\200\073\321\212\365\016
-\247\040\313\055\145\125\320\222\364\347\204\265\006\046\203\022
-\204\013\254\073\262\104\356\275\317\100\333\040\016\272\156\024
-\352\060\340\073\142\174\177\213\153\174\112\247\325\065\074\276
-\250\134\352\113\273\223\216\200\146\253\017\051\375\115\055\277
-\032\233\012\220\305\253\332\321\263\206\324\057\044\122\134\172
-\155\306\362\376\345\115\032\060\214\220\362\272\327\112\076\103
-\176\324\310\120\032\207\370\117\201\307\166\013\204\072\162\235
-\316\145\146\227\256\046\136
-END
-
-# Trust for Certificate "Entrust.net Global Secure Personal CA"
-CKA_CLASS CK_OBJECT_CLASS CKO_NETSCAPE_TRUST
-CKA_TOKEN CK_BBOOL CK_TRUE
-CKA_PRIVATE CK_BBOOL CK_FALSE
-CKA_MODIFIABLE CK_BBOOL CK_FALSE
-CKA_LABEL UTF8 "Entrust.net Global Secure Personal CA"
-CKA_CERT_SHA1_HASH MULTILINE_OCTAL
-\317\164\277\377\233\206\201\133\010\063\124\100\066\076\207\266
-\266\360\277\163
-END
-CKA_CERT_MD5_HASH MULTILINE_OCTAL
-\232\167\031\030\355\226\317\337\033\267\016\365\215\271\210\056
-END
-CKA_ISSUER MULTILINE_OCTAL
-\060\201\264\061\024\060\022\006\003\125\004\012\023\013\105\156
-\164\162\165\163\164\056\156\145\164\061\100\060\076\006\003\125
-\004\013\024\067\167\167\167\056\145\156\164\162\165\163\164\056
-\156\145\164\057\107\103\103\101\137\103\120\123\040\151\156\143
-\157\162\160\056\040\142\171\040\162\145\146\056\040\050\154\151
-\155\151\164\163\040\154\151\141\142\056\051\061\045\060\043\006
-\003\125\004\013\023\034\050\143\051\040\062\060\060\060\040\105
-\156\164\162\165\163\164\056\156\145\164\040\114\151\155\151\164
-\145\144\061\063\060\061\006\003\125\004\003\023\052\105\156\164
-\162\165\163\164\056\156\145\164\040\103\154\151\145\156\164\040
-\103\145\162\164\151\146\151\143\141\164\151\157\156\040\101\165
-\164\150\157\162\151\164\171
-END
-CKA_SERIAL_NUMBER MULTILINE_OCTAL
-\070\236\366\344
-END
-CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
-CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NETSCAPE_TRUSTED_DELEGATOR
diff --git a/security/nss/lib/ckfw/builtins/config.mk b/security/nss/lib/ckfw/builtins/config.mk
deleted file mode 100644
index 7d6df6c87..000000000
--- a/security/nss/lib/ckfw/builtins/config.mk
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-#
-# Override TARGETS variable so that only shared libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(SHARED_LIBRARY)
-LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
-ifeq (,$(filter-out OS2 WINNT,$(OS_ARCH)))
- SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-endif
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
diff --git a/security/nss/lib/ckfw/builtins/constants.c b/security/nss/lib/ckfw/builtins/constants.c
deleted file mode 100644
index 1491dc940..000000000
--- a/security/nss/lib/ckfw/builtins/constants.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * builtins/constants.c
- *
- * Identification and other constants, all collected here in one place.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_CryptokiVersion = { 2, 1 };
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_ManufacturerID = (NSSUTF8 *) "Netscape Communications Corp.";
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_LibraryDescription = (NSSUTF8 *) "NSS Builtin Object Cryptoki Module";
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_LibraryVersion = { 1, 0 };
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_SlotDescription = (NSSUTF8 *) "";
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_HardwareVersion = { 1, 0 };
-
-NSS_IMPLEMENT_DATA const CK_VERSION
-nss_builtins_FirmwareVersion = { 1, 0 };
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_TokenLabel = (NSSUTF8 *) "Builtin Object Token";
-
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_TokenModel = (NSSUTF8 *) "1";
-
-/* should this be e.g. the certdata.txt RCS revision number? */
-NSS_IMPLEMENT_DATA const NSSUTF8 *
-nss_builtins_TokenSerialNumber = (NSSUTF8 *) "1";
-
diff --git a/security/nss/lib/ckfw/builtins/find.c b/security/nss/lib/ckfw/builtins/find.c
deleted file mode 100644
index 17737fd22..000000000
--- a/security/nss/lib/ckfw/builtins/find.c
+++ /dev/null
@@ -1,237 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BUILTINS_H
-#include "builtins.h"
-#endif /* BUILTINS_H */
-
-/*
- * builtins/find.c
- *
- * This file implements the NSSCKMDFindObjects object for the
- * "builtin objects" cryptoki module.
- */
-
-struct builtinsFOStr {
- NSSArena *arena;
- CK_ULONG n;
- CK_ULONG i;
- builtinsInternalObject **objs;
-};
-
-static void
-builtins_mdFindObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
-
- nss_ZFreeIf(fo->objs);
- nss_ZFreeIf(fo);
-
- return;
-}
-
-static NSSCKMDObject *
-builtins_mdFindObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- struct builtinsFOStr *fo = (struct builtinsFOStr *)mdFindObjects->etc;
- builtinsInternalObject *io;
-
- if( fo->i == fo->n ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
-
- io = fo->objs[ fo->i ];
- fo->i++;
-
- return nss_builtins_CreateMDObject(arena, io, pError);
-}
-
-static CK_BBOOL
-builtins_attrmatch
-(
- CK_ATTRIBUTE_PTR a,
- const NSSItem *b
-)
-{
- PRBool prb;
-
- if( a->ulValueLen != b->size ) {
- return CK_FALSE;
- }
-
- prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL);
-
- if( PR_TRUE == prb ) {
- return CK_TRUE;
- } else {
- return CK_FALSE;
- }
-}
-
-
-static CK_BBOOL
-builtins_match
-(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- builtinsInternalObject *o
-)
-{
- CK_ULONG i;
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- CK_ULONG j;
-
- for( j = 0; j < o->n; j++ ) {
- if( o->types[j] == pTemplate[i].type ) {
- if( CK_FALSE == builtins_attrmatch(&pTemplate[i], &o->items[j]) ) {
- return CK_FALSE;
- } else {
- break;
- }
- }
- }
-
- if( j == o->n ) {
- /* Loop ran to the end: no matching attribute */
- return CK_FALSE;
- }
- }
-
- /* Every attribute passed */
- return CK_TRUE;
-}
-
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_builtins_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- /* This could be made more efficient. I'm rather rushed. */
- NSSArena *arena;
- NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL;
- struct builtinsFOStr *fo = (struct builtinsFOStr *)NULL;
- builtinsInternalObject **temp = (builtinsInternalObject **)NULL;
- PRUint32 i;
-
- arena = NSSCKFWSession_GetArena(fwSession, pError);
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDFindObjects);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo = nss_ZNEW(arena, struct builtinsFOStr);
- if( (struct builtinsFOStr *)NULL == fo ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fo->arena = arena;
- /* fo->n and fo->i are already zero */
-
- rv->etc = (void *)fo;
- rv->Final = builtins_mdFindObjects_Final;
- rv->Next = builtins_mdFindObjects_Next;
- rv->null = (void *)NULL;
-
- temp = nss_ZNEWARRAY((NSSArena *)NULL, builtinsInternalObject *,
- nss_builtins_nObjects);
- if( (builtinsInternalObject **)NULL == temp ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- for( i = 0; i < nss_builtins_nObjects; i++ ) {
- builtinsInternalObject *o = (builtinsInternalObject *)&nss_builtins_data[i];
-
- if( CK_TRUE == builtins_match(pTemplate, ulAttributeCount, o) ) {
- temp[ fo->n ] = o;
- fo->n++;
- }
- }
-
- fo->objs = nss_ZNEWARRAY(arena, builtinsInternalObject *, fo->n);
- if( (builtinsInternalObject **)NULL == temp ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- (void)nsslibc_memcpy(fo->objs, temp, sizeof(builtinsInternalObject *) * fo->n);
- nss_ZFreeIf(temp);
- temp = (builtinsInternalObject **)NULL;
-
- return rv;
-
- loser:
- nss_ZFreeIf(temp);
- nss_ZFreeIf(fo);
- nss_ZFreeIf(rv);
- return (NSSCKMDFindObjects *)NULL;
-}
-
diff --git a/security/nss/lib/ckfw/builtins/instance.c b/security/nss/lib/ckfw/builtins/instance.c
deleted file mode 100644
index e97c0d4bf..000000000
--- a/security/nss/lib/ckfw/builtins/instance.c
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/instance.c
- *
- * This file implements the NSSCKMDInstance object for the
- * "builtin objects" cryptoki module.
- */
-
-/*
- * NSSCKMDInstance methods
- */
-
-static CK_ULONG
-builtins_mdInstance_GetNSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (CK_ULONG)1;
-}
-
-static CK_VERSION
-builtins_mdInstance_GetCryptokiVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_CryptokiVersion;
-}
-
-static NSSUTF8 *
-builtins_mdInstance_GetManufacturerID
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_ManufacturerID;
-}
-
-static NSSUTF8 *
-builtins_mdInstance_GetLibraryDescription
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_LibraryDescription;
-}
-
-static CK_VERSION
-builtins_mdInstance_GetLibraryVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_LibraryVersion;
-}
-
-static CK_RV
-builtins_mdInstance_GetSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
-)
-{
- slots[0] = (NSSCKMDSlot *)&nss_builtins_mdSlot;
- return CKR_OK;
-}
-
-NSS_IMPLEMENT_DATA const NSSCKMDInstance
-nss_builtins_mdInstance = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Finalize */
- builtins_mdInstance_GetNSlots,
- builtins_mdInstance_GetCryptokiVersion,
- builtins_mdInstance_GetManufacturerID,
- builtins_mdInstance_GetLibraryDescription,
- builtins_mdInstance_GetLibraryVersion,
- NULL, /* ModuleHandlesSessionObjects -- defaults to false */
- builtins_mdInstance_GetSlots,
- NULL, /* WaitForSlotEvent */
- (void *)NULL /* null terminator */
-};
diff --git a/security/nss/lib/ckfw/builtins/manifest.mn b/security/nss/lib/ckfw/builtins/manifest.mn
deleted file mode 100644
index 43375f873..000000000
--- a/security/nss/lib/ckfw/builtins/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../../..
-
-MODULE = security
-
-CSRCS = \
- anchor.c \
- constants.c \
- find.c \
- instance.c \
- object.c \
- session.c \
- slot.c \
- token.c \
- certdata.c \
- $(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nssckbi
-
-#EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -lplc4 -lplds4
diff --git a/security/nss/lib/ckfw/builtins/object.c b/security/nss/lib/ckfw/builtins/object.c
deleted file mode 100644
index 030bc11a0..000000000
--- a/security/nss/lib/ckfw/builtins/object.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/object.c
- *
- * This file implements the NSSCKMDObject object for the
- * "builtin objects" cryptoki module.
- */
-
-/*
- * Finalize - unneeded
- * Destroy - CKR_SESSION_READ_ONLY
- * IsTokenObject - CK_TRUE
- * GetAttributeCount
- * GetAttributeTypes
- * GetAttributeSize
- * GetAttribute
- * SetAttribute - unneeded
- * GetObjectSize
- */
-
-static CK_RV
-builtins_mdObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CKR_SESSION_READ_ONLY;
-}
-
-static CK_BBOOL
-builtins_mdObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CK_TRUE;
-}
-
-static CK_ULONG
-builtins_mdObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- return io->n;
-}
-
-static CK_RV
-builtins_mdObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
-
- if( io->n != ulCount ) {
- return CKR_BUFFER_TOO_SMALL;
- }
-
- for( i = 0; i < io->n; i++ ) {
- typeArray[i] = io->types[i];
- }
-
- return CKR_OK;
-}
-
-static CK_ULONG
-builtins_mdObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
-
- for( i = 0; i < io->n; i++ ) {
- if( attribute == io->types[i] ) {
- return (CK_ULONG)(io->items[i].size);
- }
- }
-
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return 0;
-}
-
-static const NSSItem *
-builtins_mdObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
-
- for( i = 0; i < io->n; i++ ) {
- if( attribute == io->types[i] ) {
- return &io->items[i];
- }
- }
-
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return (NSSItem *)NULL;
-}
-
-static CK_ULONG
-builtins_mdObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- builtinsInternalObject *io = (builtinsInternalObject *)mdObject->etc;
- CK_ULONG i;
- CK_ULONG rv = sizeof(CK_ULONG);
-
- for( i = 0; i < io->n; i++ ) {
- rv += sizeof(CK_ATTRIBUTE_TYPE) + sizeof(NSSItem) + io->items[i].size;
- }
-
- return rv;
-}
-
-static NSSCKMDObject
-builtins_prototype_mdObject = {
- (void *)NULL, /* etc */
- NULL, /* Finalize */
- builtins_mdObject_Destroy,
- builtins_mdObject_IsTokenObject,
- builtins_mdObject_GetAttributeCount,
- builtins_mdObject_GetAttributeTypes,
- builtins_mdObject_GetAttributeSize,
- builtins_mdObject_GetAttribute,
- NULL, /* SetAttribute */
- builtins_mdObject_GetObjectSize,
- (void *)NULL /* null terminator */
-};
-
-NSS_IMPLEMENT NSSCKMDObject *
-nss_builtins_CreateMDObject
-(
- NSSArena *arena,
- builtinsInternalObject *io,
- CK_RV *pError
-)
-{
- NSSCKMDObject *rv;
-
- rv = nss_ZNEW(arena, NSSCKMDObject);
- if( (NSSCKMDObject *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- *rv = builtins_prototype_mdObject;
- rv->etc = (void *)io;
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/builtins/session.c b/security/nss/lib/ckfw/builtins/session.c
deleted file mode 100644
index e8d7f7522..000000000
--- a/security/nss/lib/ckfw/builtins/session.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/session.c
- *
- * This file implements the NSSCKMDSession object for the
- * "builtin objects" cryptoki module.
- */
-
-static NSSCKMDFindObjects *
-builtins_mdSession_FindObjectsInit
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- return nss_builtins_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError);
-}
-
-NSS_IMPLEMENT NSSCKMDSession *
-nss_builtins_CreateSession
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
- NSSArena *arena;
- NSSCKMDSession *rv;
-
- arena = NSSCKFWSession_GetArena(fwSession, pError);
- if( (NSSArena *)NULL == arena ) {
- return (NSSCKMDSession *)NULL;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDSession);
- if( (NSSCKMDSession *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
-
- /*
- * rv was zeroed when allocated, so we only
- * need to set the non-zero members.
- */
-
- rv->etc = (void *)fwSession;
- /* rv->Close */
- /* rv->GetDeviceError */
- /* rv->Login */
- /* rv->Logout */
- /* rv->InitPIN */
- /* rv->SetPIN */
- /* rv->GetOperationStateLen */
- /* rv->GetOperationState */
- /* rv->SetOperationState */
- /* rv->CreateObject */
- /* rv->CopyObject */
- rv->FindObjectsInit = builtins_mdSession_FindObjectsInit;
- /* rv->SeedRandom */
- /* rv->GetRandom */
- /* rv->null */
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/builtins/slot.c b/security/nss/lib/ckfw/builtins/slot.c
deleted file mode 100644
index 1a2df9e70..000000000
--- a/security/nss/lib/ckfw/builtins/slot.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/slot.c
- *
- * This file implements the NSSCKMDSlot object for the
- * "builtin objects" cryptoki module.
- */
-
-static NSSUTF8 *
-builtins_mdSlot_GetSlotDescription
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_SlotDescription;
-}
-
-static NSSUTF8 *
-builtins_mdSlot_GetManufacturerID
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_ManufacturerID;
-}
-
-static CK_VERSION
-builtins_mdSlot_GetHardwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_HardwareVersion;
-}
-
-static CK_VERSION
-builtins_mdSlot_GetFirmwareVersion
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_FirmwareVersion;
-}
-
-static NSSCKMDToken *
-builtins_mdSlot_GetToken
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSCKMDToken *)&nss_builtins_mdToken;
-}
-
-NSS_IMPLEMENT_DATA const NSSCKMDSlot
-nss_builtins_mdSlot = {
- (void *)NULL, /* etc */
- NULL, /* Initialize */
- NULL, /* Destroy */
- builtins_mdSlot_GetSlotDescription,
- builtins_mdSlot_GetManufacturerID,
- NULL, /* GetTokenPresent -- defaults to true */
- NULL, /* GetRemovableDevice -- defaults to false */
- NULL, /* GetHardwareSlot -- defaults to false */
- builtins_mdSlot_GetHardwareVersion,
- builtins_mdSlot_GetFirmwareVersion,
- builtins_mdSlot_GetToken,
- (void *)NULL /* null terminator */
-};
diff --git a/security/nss/lib/ckfw/builtins/token.c b/security/nss/lib/ckfw/builtins/token.c
deleted file mode 100644
index ddf068e8e..000000000
--- a/security/nss/lib/ckfw/builtins/token.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "builtins.h"
-
-/*
- * builtins/token.c
- *
- * This file implements the NSSCKMDToken object for the
- * "builtin objects" cryptoki module.
- */
-
-static NSSUTF8 *
-builtins_mdToken_GetLabel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_TokenLabel;
-}
-
-static NSSUTF8 *
-builtins_mdToken_GetManufacturerID
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_ManufacturerID;
-}
-
-static NSSUTF8 *
-builtins_mdToken_GetModel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_TokenModel;
-}
-
-static NSSUTF8 *
-builtins_mdToken_GetSerialNumber
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return (NSSUTF8 *)nss_builtins_TokenSerialNumber;
-}
-
-static CK_BBOOL
-builtins_mdToken_GetIsWriteProtected
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CK_TRUE;
-}
-
-static CK_VERSION
-builtins_mdToken_GetHardwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_HardwareVersion;
-}
-
-static CK_VERSION
-builtins_mdToken_GetFirmwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return nss_builtins_FirmwareVersion;
-}
-
-static NSSCKMDSession *
-builtins_mdToken_OpenSession
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
-)
-{
- return nss_builtins_CreateSession(fwSession, pError);
-}
-
-NSS_IMPLEMENT_DATA const NSSCKMDToken
-nss_builtins_mdToken = {
- (void *)NULL, /* etc */
- NULL, /* Setup */
- NULL, /* Invalidate */
- NULL, /* InitToken -- default errs */
- builtins_mdToken_GetLabel,
- builtins_mdToken_GetManufacturerID,
- builtins_mdToken_GetModel,
- builtins_mdToken_GetSerialNumber,
- NULL, /* GetHasRNG -- default is false */
- builtins_mdToken_GetIsWriteProtected,
- NULL, /* GetLoginRequired -- default is false */
- NULL, /* GetUserPinInitialized -- default is false */
- NULL, /* GetRestoreKeyNotNeeded -- irrelevant */
- NULL, /* GetHasClockOnToken -- default is false */
- NULL, /* GetHasProtectedAuthenticationPath -- default is false */
- NULL, /* GetSupportsDualCryptoOperations -- default is false */
- NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetMaxPinLen -- irrelevant */
- NULL, /* GetMinPinLen -- irrelevant */
- NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */
- builtins_mdToken_GetHardwareVersion,
- builtins_mdToken_GetFirmwareVersion,
- NULL, /* GetUTCTime -- no clock */
- builtins_mdToken_OpenSession,
- NULL, /* GetMechanismCount -- default is zero */
- NULL, /* GetMechanismTypes -- irrelevant */
- NULL, /* GetMechanism -- irrelevant */
- (void *)NULL /* null terminator */
-};
diff --git a/security/nss/lib/ckfw/ck.api b/security/nss/lib/ckfw/ck.api
deleted file mode 100644
index 6bae20fd3..000000000
--- a/security/nss/lib/ckfw/ck.api
+++ /dev/null
@@ -1,571 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# This file is in part derived from a file "pkcs11f.h" made available
-# by RSA Security at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/pkcs11f.h
-
-CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-# Fields
-# FUNCTION introduces a Cryptoki function
-# CK_type specifies and introduces an argument
-#
-
-# General-purpose
-
-# C_Initialize initializes the Cryptoki library.
-FUNCTION C_Initialize
-CK_VOID_PTR pInitArgs # if this is not NULL_PTR, it gets
- # cast to CK_C_INITIALIZE_ARGS_PTR
- # and dereferenced
-
-# C_Finalize indicates that an application is done with the
-# Cryptoki library.
-FUNCTION C_Finalize
-CK_VOID_PTR pReserved # reserved. Should be NULL_PTR
-
-# C_GetInfo returns general information about Cryptoki.
-FUNCTION C_GetInfo
-CK_INFO_PTR pInfo # location that receives information
-
-# C_GetFunctionList returns the function list.
-FUNCTION C_GetFunctionList
-CK_FUNCTION_LIST_PTR_PTR ppFunctionList # receives pointer to function
- # list
-
-
-# Slot and token management
-
-# C_GetSlotList obtains a list of slots in the system.
-FUNCTION C_GetSlotList
-CK_BBOOL tokenPresent # only slots with tokens?
-CK_SLOT_ID_PTR pSlotList # receives array of slot IDs
-CK_ULONG_PTR pulCount # receives number of slots
-
-# C_GetSlotInfo obtains information about a particular slot in the
-# system.
-FUNCTION C_GetSlotInfo
-CK_SLOT_ID slotID # the ID of the slot
-CK_SLOT_INFO_PTR pInfo # receives the slot information
-
-# C_GetTokenInfo obtains information about a particular token in the
-# system.
-FUNCTION C_GetTokenInfo
-CK_SLOT_ID slotID # ID of the token's slot
-CK_TOKEN_INFO_PTR pInfo # receives the token information
-
-# C_GetMechanismList obtains a list of mechanism types supported by a
-# token.
-FUNCTION C_GetMechanismList
-CK_SLOT_ID slotID # ID of token's slot
-CK_MECHANISM_TYPE_PTR pMechanismList # gets mech. array
-CK_ULONG_PTR pulCount # gets # of mechs.
-
-# C_GetMechanismInfo obtains information about a particular mechanism
-# possibly supported by a token.
-FUNCTION C_GetMechanismInfo
-CK_SLOT_ID slotID # ID of the token's slot
-CK_MECHANISM_TYPE type # type of mechanism
-CK_MECHANISM_INFO_PTR pInfo # receives mechanism info
-
-# C_InitToken initializes a token.
-FUNCTION C_InitToken
-CK_SLOT_ID slotID # ID of the token's slot
-CK_CHAR_PTR pPin # the SO's initial PIN
-CK_ULONG ulPinLen # length in bytes of the PIN
-CK_CHAR_PTR pLabel # 32-byte token label (blank padded)
-
-# C_InitPIN initializes the normal user's PIN.
-FUNCTION C_InitPIN
-CK_SESSION_HANDLE hSession # the session's handle
-CK_CHAR_PTR pPin # the normal user's PIN
-CK_ULONG ulPinLen # length in bytes of the PIN
-
-# C_SetPIN modifies the PIN of the user who is logged in.
-FUNCTION C_SetPIN
-CK_SESSION_HANDLE hSession # the session's handle
-CK_CHAR_PTR pOldPin # the old PIN
-CK_ULONG ulOldLen # length of the old PIN
-CK_CHAR_PTR pNewPin # the new PIN
-CK_ULONG ulNewLen # length of the new PIN
-
-
-# Session management
-
-# C_OpenSession opens a session between an application and a token.
-FUNCTION C_OpenSession
-CK_SLOT_ID slotID # the slot's ID
-CK_FLAGS flags # from CK_SESSION_INFO
-CK_VOID_PTR pApplication # passed to callback
-CK_NOTIFY Notify # callback function
-CK_SESSION_HANDLE_PTR phSession # gets session handle
-
-# C_CloseSession closes a session between an application and a token.
-FUNCTION C_CloseSession
-CK_SESSION_HANDLE hSession # the session's handle
-
-# C_CloseAllSessions closes all sessions with a token.
-FUNCTION C_CloseAllSessions
-CK_SLOT_ID slotID # the token's slot
-
-# C_GetSessionInfo obtains information about the session.
-FUNCTION C_GetSessionInfo
-CK_SESSION_HANDLE hSession # the session's handle
-CK_SESSION_INFO_PTR pInfo # receives session info
-
-# C_GetOperationState obtains the state of the cryptographic
-# operation in a session.
-FUNCTION C_GetOperationState
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pOperationState # gets state
-CK_ULONG_PTR pulOperationStateLen # gets state length
-
-# C_SetOperationState restores the state of the cryptographic
-# operation in a session.
-FUNCTION C_SetOperationState
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pOperationState # holds state
-CK_ULONG ulOperationStateLen # holds state length
-CK_OBJECT_HANDLE hEncryptionKey # en/decryption key
-CK_OBJECT_HANDLE hAuthenticationKey # sign/verify key
-
-# C_Login logs a user into a token.
-FUNCTION C_Login
-CK_SESSION_HANDLE hSession # the session's handle
-CK_USER_TYPE userType # the user type
-CK_CHAR_PTR pPin # the user's PIN
-CK_ULONG ulPinLen # the length of the PIN
-
-# C_Logout logs a user out from a token.
-FUNCTION C_Logout
-CK_SESSION_HANDLE hSession # the session's handle
-
-
-# Object management
-
-# C_CreateObject creates a new object.
-FUNCTION C_CreateObject
-CK_SESSION_HANDLE hSession # the session's handle
-CK_ATTRIBUTE_PTR pTemplate # the object's template
-CK_ULONG ulCount # attributes in template
-CK_OBJECT_HANDLE_PTR phObject # gets new object's handle.
-
-# C_CopyObject copies an object, creating a new object for the copy.
-FUNCTION C_CopyObject
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-CK_ATTRIBUTE_PTR pTemplate # template for new object
-CK_ULONG ulCount # attributes in template
-CK_OBJECT_HANDLE_PTR phNewObject # receives handle of copy
-
-# C_DestroyObject destroys an object.
-FUNCTION C_DestroyObject
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-
-# C_GetObjectSize gets the size of an object in bytes.
-FUNCTION C_GetObjectSize
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-CK_ULONG_PTR pulSize # receives size of object
-
-# C_GetAttributeValue obtains the value of one or more object
-# attributes.
-FUNCTION C_GetAttributeValue
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-CK_ATTRIBUTE_PTR pTemplate # specifies attrs; gets vals
-CK_ULONG ulCount # attributes in template
-
-# C_SetAttributeValue modifies the value of one or more object
-# attributes
-FUNCTION C_SetAttributeValue
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hObject # the object's handle
-CK_ATTRIBUTE_PTR pTemplate # specifies attrs and values
-CK_ULONG ulCount # attributes in template
-
-# C_FindObjectsInit initializes a search for token and session
-# objects that match a template.
-FUNCTION C_FindObjectsInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_ATTRIBUTE_PTR pTemplate # attribute values to match
-CK_ULONG ulCount # attrs in search template
-
-# C_FindObjects continues a search for token and session objects that
-# match a template, obtaining additional object handles.
-FUNCTION C_FindObjects
-CK_SESSION_HANDLE hSession # session's handle
-CK_OBJECT_HANDLE_PTR phObject # gets obj. handles
-CK_ULONG ulMaxObjectCount # max handles to get
-CK_ULONG_PTR pulObjectCount # actual # returned
-
-# C_FindObjectsFinal finishes a search for token and session objects.
-FUNCTION C_FindObjectsFinal
-CK_SESSION_HANDLE hSession # the session's handle
-
-
-# Encryption and decryption
-
-# C_EncryptInit initializes an encryption operation.
-FUNCTION C_EncryptInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the encryption mechanism
-CK_OBJECT_HANDLE hKey # handle of encryption key
-
-# C_Encrypt encrypts single-part data.
-FUNCTION C_Encrypt
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pData # the plaintext data
-CK_ULONG ulDataLen # bytes of plaintext
-CK_BYTE_PTR pEncryptedData # gets ciphertext
-CK_ULONG_PTR pulEncryptedDataLen # gets c-text size
-
-# C_EncryptUpdate continues a multiple-part encryption operation.
-FUNCTION C_EncryptUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pPart # the plaintext data
-CK_ULONG ulPartLen # plaintext data len
-CK_BYTE_PTR pEncryptedPart # gets ciphertext
-CK_ULONG_PTR pulEncryptedPartLen # gets c-text size
-
-# C_EncryptFinal finishes a multiple-part encryption operation.
-FUNCTION C_EncryptFinal
-CK_SESSION_HANDLE hSession # session handle
-CK_BYTE_PTR pLastEncryptedPart # last c-text
-CK_ULONG_PTR pulLastEncryptedPartLen # gets last size
-
-# C_DecryptInit initializes a decryption operation.
-FUNCTION C_DecryptInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the decryption mechanism
-CK_OBJECT_HANDLE hKey # handle of decryption key
-
-# C_Decrypt decrypts encrypted data in a single part.
-FUNCTION C_Decrypt
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pEncryptedData # ciphertext
-CK_ULONG ulEncryptedDataLen # ciphertext length
-CK_BYTE_PTR pData # gets plaintext
-CK_ULONG_PTR pulDataLen # gets p-text size
-
-# C_DecryptUpdate continues a multiple-part decryption operation.
-FUNCTION C_DecryptUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pEncryptedPart # encrypted data
-CK_ULONG ulEncryptedPartLen # input length
-CK_BYTE_PTR pPart # gets plaintext
-CK_ULONG_PTR pulPartLen # p-text size
-
-# C_DecryptFinal finishes a multiple-part decryption operation.
-FUNCTION C_DecryptFinal
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pLastPart # gets plaintext
-CK_ULONG_PTR pulLastPartLen # p-text size
-
-
-# Message digesting
-
-# C_DigestInit initializes a message-digesting operation.
-FUNCTION C_DigestInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the digesting mechanism
-
-# C_Digest digests data in a single part.
-FUNCTION C_Digest
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pData # data to be digested
-CK_ULONG ulDataLen # bytes of data to digest
-CK_BYTE_PTR pDigest # gets the message digest
-CK_ULONG_PTR pulDigestLen # gets digest length
-
-# C_DigestUpdate continues a multiple-part message-digesting operation.
-FUNCTION C_DigestUpdate
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pPart # data to be digested
-CK_ULONG ulPartLen # bytes of data to be digested
-
-# C_DigestKey continues a multi-part message-digesting operation, by
-# digesting the value of a secret key as part of the data already
-# digested.
-FUNCTION C_DigestKey
-CK_SESSION_HANDLE hSession # the session's handle
-CK_OBJECT_HANDLE hKey # secret key to digest
-
-# C_DigestFinal finishes a multiple-part message-digesting operation.
-FUNCTION C_DigestFinal
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pDigest # gets the message digest
-CK_ULONG_PTR pulDigestLen # gets byte count of digest
-
-
-# Signing and MACing
-
-# C_SignInit initializes a signature (private key encryption)
-# operation, where the signature is (will be) an appendix to the
-# data, and plaintext cannot be recovered from the signature.
-FUNCTION C_SignInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the signature mechanism
-CK_OBJECT_HANDLE hKey # handle of signature key
-
-# C_Sign signs (encrypts with private key) data in a single part,
-# where the signature is (will be) an appendix to the data, and
-# plaintext cannot be recovered from the signature.
-FUNCTION C_Sign
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pData # the data to sign
-CK_ULONG ulDataLen # count of bytes to sign
-CK_BYTE_PTR pSignature # gets the signature
-CK_ULONG_PTR pulSignatureLen # gets signature length
-
-# C_SignUpdate continues a multiple-part signature operation, where
-# the signature is (will be) an appendix to the data, and plaintext
-# cannot be recovered from the signature.
-FUNCTION C_SignUpdate
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pPart # the data to sign
-CK_ULONG ulPartLen # count of bytes to sign
-
-# C_SignFinal finishes a multiple-part signature operation, returning
-# the signature.
-FUNCTION C_SignFinal
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pSignature # gets the signature
-CK_ULONG_PTR pulSignatureLen # gets signature length
-
-# C_SignRecoverInit initializes a signature operation, where the data
-# can be recovered from the signature.
-FUNCTION C_SignRecoverInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the signature mechanism
-CK_OBJECT_HANDLE hKey # handle of the signature key
-
-# C_SignRecover signs data in a single operation, where the data can
-# be recovered from the signature.
-FUNCTION C_SignRecover
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pData # the data to sign
-CK_ULONG ulDataLen # count of bytes to sign
-CK_BYTE_PTR pSignature # gets the signature
-CK_ULONG_PTR pulSignatureLen # gets signature length
-
-
-# Verifying signatures and MACs
-
-# C_VerifyInit initializes a verification operation, where the
-# signature is an appendix to the data, and plaintext cannot cannot
-# be recovered from the signature (e.g. DSA).
-FUNCTION C_VerifyInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the verification mechanism
-CK_OBJECT_HANDLE hKey # verification key
-
-# C_Verify verifies a signature in a single-part operation, where the
-# signature is an appendix to the data, and plaintext cannot be
-# recovered from the signature.
-FUNCTION C_Verify
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pData # signed data
-CK_ULONG ulDataLen # length of signed data
-CK_BYTE_PTR pSignature # signature
-CK_ULONG ulSignatureLen # signature length
-
-# C_VerifyUpdate continues a multiple-part verification operation,
-# where the signature is an appendix to the data, and plaintext cannot be
-# recovered from the signature.
-FUNCTION C_VerifyUpdate
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pPart # signed data
-CK_ULONG ulPartLen # length of signed data
-
-# C_VerifyFinal finishes a multiple-part verification operation,
-# checking the signature.
-FUNCTION C_VerifyFinal
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pSignature # signature to verify
-CK_ULONG ulSignatureLen # signature length
-
-# C_VerifyRecoverInit initializes a signature verification operation,
-# where the data is recovered from the signature.
-FUNCTION C_VerifyRecoverInit
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the verification mechanism
-CK_OBJECT_HANDLE hKey # verification key
-
-# C_VerifyRecover verifies a signature in a single-part operation,
-# where the data is recovered from the signature.
-FUNCTION C_VerifyRecover
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pSignature # signature to verify
-CK_ULONG ulSignatureLen # signature length
-CK_BYTE_PTR pData # gets signed data
-CK_ULONG_PTR pulDataLen # gets signed data len
-
-
-# Dual-function cryptographic operations
-
-# C_DigestEncryptUpdate continues a multiple-part digesting and
-# encryption operation.
-FUNCTION C_DigestEncryptUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pPart # the plaintext data
-CK_ULONG ulPartLen # plaintext length
-CK_BYTE_PTR pEncryptedPart # gets ciphertext
-CK_ULONG_PTR pulEncryptedPartLen # gets c-text length
-
-# C_DecryptDigestUpdate continues a multiple-part decryption and
-# digesting operation.
-FUNCTION C_DecryptDigestUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pEncryptedPart # ciphertext
-CK_ULONG ulEncryptedPartLen # ciphertext length
-CK_BYTE_PTR pPart # gets plaintext
-CK_ULONG_PTR pulPartLen # gets plaintext len
-
-# C_SignEncryptUpdate continues a multiple-part signing and
-# encryption operation.
-FUNCTION C_SignEncryptUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pPart # the plaintext data
-CK_ULONG ulPartLen # plaintext length
-CK_BYTE_PTR pEncryptedPart # gets ciphertext
-CK_ULONG_PTR pulEncryptedPartLen # gets c-text length
-
-# C_DecryptVerifyUpdate continues a multiple-part decryption and
-# verify operation.
-FUNCTION C_DecryptVerifyUpdate
-CK_SESSION_HANDLE hSession # session's handle
-CK_BYTE_PTR pEncryptedPart # ciphertext
-CK_ULONG ulEncryptedPartLen # ciphertext length
-CK_BYTE_PTR pPart # gets plaintext
-CK_ULONG_PTR pulPartLen # gets p-text length
-
-
-# Key management
-
-# C_GenerateKey generates a secret key, creating a new key object.
-FUNCTION C_GenerateKey
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # key generation mech.
-CK_ATTRIBUTE_PTR pTemplate # template for new key
-CK_ULONG ulCount # # of attrs in template
-CK_OBJECT_HANDLE_PTR phKey # gets handle of new key
-
-# C_GenerateKeyPair generates a public-key/private-key pair, creating
-# new key objects.
-FUNCTION C_GenerateKeyPair
-CK_SESSION_HANDLE hSession # session handle
-CK_MECHANISM_PTR pMechanism # key-gen mech.
-CK_ATTRIBUTE_PTR pPublicKeyTemplate # template for pub. key
-CK_ULONG ulPublicKeyAttributeCount # # pub. attrs.
-CK_ATTRIBUTE_PTR pPrivateKeyTemplate # template for priv. key
-CK_ULONG ulPrivateKeyAttributeCount # # priv. attrs.
-CK_OBJECT_HANDLE_PTR phPublicKey # gets pub. key handle
-CK_OBJECT_HANDLE_PTR phPrivateKey # gets priv. key handle
-
-# C_WrapKey wraps (i.e., encrypts) a key.
-FUNCTION C_WrapKey
-CK_SESSION_HANDLE hSession # the session's handle
-CK_MECHANISM_PTR pMechanism # the wrapping mechanism
-CK_OBJECT_HANDLE hWrappingKey # wrapping key
-CK_OBJECT_HANDLE hKey # key to be wrapped
-CK_BYTE_PTR pWrappedKey # gets wrapped key
-CK_ULONG_PTR pulWrappedKeyLen # gets wrapped key size
-
-# C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key
-# object.
-FUNCTION C_UnwrapKey
-CK_SESSION_HANDLE hSession # session's handle
-CK_MECHANISM_PTR pMechanism # unwrapping mech.
-CK_OBJECT_HANDLE hUnwrappingKey # unwrapping key
-CK_BYTE_PTR pWrappedKey # the wrapped key
-CK_ULONG ulWrappedKeyLen # wrapped key len
-CK_ATTRIBUTE_PTR pTemplate # new key template
-CK_ULONG ulAttributeCount # template length
-CK_OBJECT_HANDLE_PTR phKey # gets new handle
-
-# C_DeriveKey derives a key from a base key, creating a new key object.
-FUNCTION C_DeriveKey
-CK_SESSION_HANDLE hSession # session's handle
-CK_MECHANISM_PTR pMechanism # key deriv. mech.
-CK_OBJECT_HANDLE hBaseKey # base key
-CK_ATTRIBUTE_PTR pTemplate # new key template
-CK_ULONG ulAttributeCount # template length
-CK_OBJECT_HANDLE_PTR phKey # gets new handle
-
-
-# Random number generation
-
-# C_SeedRandom mixes additional seed material into the token's random
-# number generator.
-FUNCTION C_SeedRandom
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR pSeed # the seed material
-CK_ULONG ulSeedLen # length of seed material
-
-# C_GenerateRandom generates random data.
-FUNCTION C_GenerateRandom
-CK_SESSION_HANDLE hSession # the session's handle
-CK_BYTE_PTR RandomData # receives the random data
-CK_ULONG ulRandomLen # # of bytes to generate
-
-
-# Parallel function management
-
-# C_GetFunctionStatus is a legacy function; it obtains an updated
-# status of a function running in parallel with an application.
-FUNCTION C_GetFunctionStatus
-CK_SESSION_HANDLE hSession # the session's handle
-
-# C_CancelFunction is a legacy function; it cancels a function running
-# in parallel.
-FUNCTION C_CancelFunction
-CK_SESSION_HANDLE hSession # the session's handle
-
-
-# Functions added in for Cryptoki Version 2.01 or later
-
-# C_WaitForSlotEvent waits for a slot event (token insertion, removal,
-# etc.) to occur.
-FUNCTION C_WaitForSlotEvent
-CK_FLAGS flags # blocking/nonblocking flag
-CK_SLOT_ID_PTR pSlot # location that receives the slot ID
-CK_VOID_PTR pRserved # reserved. Should be NULL_PTR
-
-## C_ConfigureSlot passes an installation-specified bytestring to a
-## slot.
-#FUNCTION C_ConfigureSlot
-#CK_SLOT_ID slotID # the slot to configure
-#CK_BYTE_PTR pConfig # the configuration string
-#CK_ULONG ulConfigLen # length of the config string
diff --git a/security/nss/lib/ckfw/ck.h b/security/nss/lib/ckfw/ck.h
deleted file mode 100644
index 04df10656..000000000
--- a/security/nss/lib/ckfw/ck.h
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CK_H
-#define CK_H
-
-#ifdef DEBUG
-static const char CK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ck.h
- *
- * This header file consolidates all header files needed by the source
- * files implementing the NSS Cryptoki Framework. This makes managing
- * the source files a bit easier.
- */
-
-/* Types */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFT_H
-#include "nssckft.h"
-#endif /* NSSCKFT_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKMDT_H
-#include "nssckmdt.h"
-#endif /* NSSCKMDT_H */
-
-#ifndef CKT_H
-#include "ckt.h"
-#endif /* CKT_H */
-
-#ifndef CKFWTM_H
-#include "ckfwtm.h"
-#endif /* CKFWTM_H */
-
-/* Prototypes */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef NSSCKG_H
-#include "nssckg.h"
-#endif /* NSSCKG_H */
-
-#ifndef NSSCKFW_H
-#include "nssckfw.h"
-#endif /* NSSCKFW_H */
-
-#ifndef NSSCKFWC_H
-#include "nssckfwc.h"
-#endif /* NSSCKFWC_H */
-
-#ifndef CKFW_H
-#include "ckfw.h"
-#endif /* CKFW_H */
-
-#ifndef CKFWM_H
-#include "ckfwm.h"
-#endif /* CKFWM_H */
-
-#ifndef CKMD_H
-#include "ckmd.h"
-#endif /* CKMD_H */
-
-/* NSS-private */
-
-/* nss_ZNEW and the like. We might want to publish the memory APIs.. */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#endif /* CK_H */
diff --git a/security/nss/lib/ckfw/ckapi.perl b/security/nss/lib/ckfw/ckapi.perl
deleted file mode 100644
index baad8c52f..000000000
--- a/security/nss/lib/ckfw/ckapi.perl
+++ /dev/null
@@ -1,510 +0,0 @@
-#!perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-$cvs_id = '@(#) $RCSfile$ $Revision$ $Date$ $Name$';
-
-$copyright = '/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-';
-
-$count = -1;
-$i = 0;
-
-open(INPUT, "<$ARGV[0]") || die "Can't open $ARGV[0]: $!";
-
-while(<INPUT>) {
- s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
- next if (/^\s*$/);
-
-# print;
-
- /^([\S]+)\s+([^"][\S]*|"[^"]*")/;
- $name = $1;
- $value = $2;
-
- if( ($name =~ "FUNCTION") && !($name =~ "CK_FUNCTION") ) {
- $count++;
- $x[$count]{name} = $value;
- $i = 0;
- } else {
- if( $count < 0 ) {
- $value =~ s/"//g;
- $g{$name} = $value;
- } else {
- $x[$count]{args}[$i]{type} = $name;
- $x[$count]{args}[$i]{name} = $value;
- $i++;
- $x[$count]{nargs} = $i; # rewritten each time, oh well
- }
- }
-}
-
-close INPUT;
-
-# dodump();
-doprint();
-
-sub dodump {
- for( $j = 0; $j <= $count; $j++ ) {
- print "CK_RV CK_ENTRY $x[$j]{name}\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- }
-}
-
-sub doprint {
-open(PROTOTYPE, ">nssckg.h") || die "Can't open nssckg.h: $!";
-open(TYPEDEF, ">nssckft.h") || die "Can't open nssckft.h: $!";
-open(EPV, ">nssckepv.h") || die "Can't open nssckepv.h: $!";
-open(API, ">nssck.api") || die "Can't open nssck.api: $!";
-
-select PROTOTYPE;
-
-print $copyright;
-print <<EOD
-#ifndef NSSCKG_H
-#define NSSCKG_H
-
-#ifdef DEBUG
-static const char NSSCKG_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssckg.h
- *
- * This automatically-generated header file prototypes the Cryptoki
- * functions specified by PKCS#11.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-EOD
- ;
-
-for( $j = 0; $j <= $count; $j++ ) {
- print "CK_RV CK_ENTRY $x[$j]{name}\n";
- print "(\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- print ");\n\n";
-}
-
-print <<EOD
-#endif /* NSSCKG_H */
-EOD
- ;
-
-select TYPEDEF;
-
-print $copyright;
-print <<EOD
-#ifndef NSSCKFT_H
-#define NSSCKFT_H
-
-#ifdef DEBUG
-static const char NSSCKFT_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssckft.h
- *
- * The automatically-generated header file declares a typedef
- * each of the Cryptoki functions specified by PKCS#11.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-EOD
- ;
-
-for( $j = 0; $j <= $count; $j++ ) {
-# print "typedef CK_RV (CK_ENTRY *CK_$x[$j]{name})(\n";
- print "typedef CK_CALLBACK_FUNCTION(CK_RV, CK_$x[$j]{name})(\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- print ");\n\n";
-}
-
-print <<EOD
-#endif /* NSSCKFT_H */
-EOD
- ;
-
-select EPV;
-
-print $copyright;
-print <<EOD
-#ifndef NSSCKEPV_H
-#define NSSCKEPV_H
-
-#ifdef DEBUG
-static const char NSSCKEPV_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssckepv.h
- *
- * This automatically-generated header file defines the type
- * CK_FUNCTION_LIST specified by PKCS#11.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFT_H
-#include "nssckft.h"
-#endif /* NSSCKFT_H */
-
-#include "nssckp.h"
-
-struct CK_FUNCTION_LIST {
- CK_VERSION version;
-EOD
- ;
-
-for( $j = 0; $j <= $count; $j++ ) {
- print " CK_$x[$j]{name} $x[$j]{name};\n";
-}
-
-print <<EOD
-};
-
-#include "nsscku.h"
-
-#endif /* NSSCKEPV_H */
-EOD
- ;
-
-select API;
-
-print $copyright;
-print <<EOD
-
-#ifdef DEBUG
-static const char NSSCKAPI_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-/*
- * nssck.api
- *
- * This automatically-generated file is used to generate a set of
- * Cryptoki entry points within the object space of a Module using
- * the NSS Cryptoki Framework.
- *
- * The Module should have a .c file with the following:
- *
- * #define MODULE_NAME name
- * #define INSTANCE_NAME instance
- * #include "nssck.api"
- *
- * where "name" is some module-specific name that can be used to
- * disambiguate various modules. This included file will then
- * define the actual Cryptoki routines which pass through to the
- * Framework calls. All routines, except C_GetFunctionList, will
- * be prefixed with the name; C_GetFunctionList will be generated
- * to return an entry-point vector with these routines. The
- * instance specified should be the basic instance of NSSCKMDInstance.
- *
- * If, prior to including nssck.api, the .c file also specifies
- *
- * #define DECLARE_STRICT_CRYTPOKI_NAMES
- *
- * Then a set of "stub" routines not prefixed with the name will
- * be included. This would allow the combined module and framework
- * to be used in applications which are hard-coded to use the
- * PKCS#11 names (instead of going through the EPV). Please note
- * that such applications should be careful resolving symbols when
- * more than one PKCS#11 module is loaded.
- */
-
-#ifndef MODULE_NAME
-#error "Error: MODULE_NAME must be defined."
-#endif /* MODULE_NAME */
-
-#ifndef INSTANCE_NAME
-#error "Error: INSTANCE_NAME must be defined."
-#endif /* INSTANCE_NAME */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKFWC_H
-#include "nssckfwc.h"
-#endif /* NSSCKFWC_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#define __ADJOIN(x,y) x##y
-
-/*
- * The anchor. This object is used to store an "anchor" pointer in
- * the Module's object space, so the wrapper functions can relate
- * back to this instance.
- */
-
-static NSSCKFWInstance *fwInstance = (NSSCKFWInstance *)0;
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Initialize)
-(
- CK_VOID_PTR pInitArgs
-)
-{
- return NSSCKFWC_Initialize(&fwInstance, INSTANCE_NAME, pInitArgs);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Initialize
-(
- CK_VOID_PTR pInitArgs
-)
-{
- return __ADJOIN(MODULE_NAME,C_Initialize)(pInitArgs);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Finalize)
-(
- CK_VOID_PTR pReserved
-)
-{
- return NSSCKFWC_Finalize(&fwInstance);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Finalize
-(
- CK_VOID_PTR pReserved
-)
-{
- return __ADJOIN(MODULE_NAME,C_Finalize)(pReserved);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetInfo)
-(
- CK_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetInfo(fwInstance, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetInfo
-(
- CK_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetInfo)(pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-/*
- * C_GetFunctionList is defined at the end.
- */
-
-EOD
- ;
-
-for( $j = 4; $j <= $count; $j++ ) {
- print "CK_RV CK_ENTRY\n";
- print "__ADJOIN(MODULE_NAME,$x[$j]{name})\n";
- print "(\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- print ")\n";
- print "{\n";
- print " return NSSCKFW$x[$j]{name}(fwInstance, ";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print "$x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print ");\n";
- } else {
- print ", ";
- }
- }
- print "}\n\n";
-
- print "#ifdef DECLARE_STRICT_CRYPTOKI_NAMES\n";
- print "CK_RV CK_ENTRY\n";
- print "$x[$j]{name}\n";
- print "(\n";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print " $x[$j]{args}[$i]{type} $x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print "\n";
- } else {
- print ",\n";
- }
- }
- print ")\n";
- print "{\n";
- print " return __ADJOIN(MODULE_NAME,$x[$j]{name})(";
- for( $i = 0; $i < $x[$j]{nargs}; $i++ ) {
- print "$x[$j]{args}[$i]{name}";
- if( $i == ($x[$j]{nargs} - 1) ) {
- print ");\n";
- } else {
- print ", ";
- }
- }
- print "}\n";
- print "#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */\n\n";
-}
-
-print <<EOD
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-);
-
-static CK_FUNCTION_LIST FunctionList = {
- { 2, 1 },
-EOD
- ;
-
-for( $j = 0; $j <= $count; $j++ ) {
- print "__ADJOIN(MODULE_NAME,$x[$j]{name})";
- if( $j < $count ) {
- print ",\n";
- } else {
- print "\n};\n\n";
- }
-}
-
-print <<EOD
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
- *ppFunctionList = &FunctionList;
- return CKR_OK;
-}
-
-/* This one is always present */
-#ifdef WIN32
-CK_RV _declspec(dllexport)
-#else
-CK_RV CK_ENTRY
-#endif
-C_GetFunctionList
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetFunctionList)(ppFunctionList);
-}
-
-#undef __ADJOIN
-
-EOD
- ;
-
-select STDOUT;
-
-}
diff --git a/security/nss/lib/ckfw/ckfw.h b/security/nss/lib/ckfw/ckfw.h
deleted file mode 100644
index 2e83f8c35..000000000
--- a/security/nss/lib/ckfw/ckfw.h
+++ /dev/null
@@ -1,1858 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKFW_H
-#define CKFW_H
-
-#ifdef DEBUG
-static const char CKFW_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckfw.h
- *
- * This file prototypes the private calls of the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKMDT_H
-#include "nssckmdt.h"
-#endif /* NSSCKMDT_H */
-
-/*
- * NSSCKFWInstance
- *
- * -- create/destroy --
- * nssCKFWInstance_Create
- * nssCKFWInstance_Destroy
- *
- * -- implement public accessors --
- * nssCKFWInstance_GetMDInstance
- * nssCKFWInstance_GetArena
- * nssCKFWInstance_MayCreatePthreads
- * nssCKFWInstance_CreateMutex
- * nssCKFWInstance_GetConfigurationData
- *
- * -- private accessors --
- * nssCKFWInstance_CreateSessionHandle
- * nssCKFWInstance_ResolveSessionHandle
- * nssCKFWInstance_DestroySessionHandle
- * nssCKFWInstance_FindSessionHandle
- * nssCKFWInstance_CreateObjectHandle
- * nssCKFWInstance_ResolveObjectHandle
- * nssCKFWInstance_DestroyObjectHandle
- * nssCKFWInstance_FindObjectHandle
- *
- * -- module fronts --
- * nssCKFWInstance_GetNSlots
- * nssCKFWInstance_GetCryptokiVersion
- * nssCKFWInstance_GetManufacturerID
- * nssCKFWInstance_GetFlags
- * nssCKFWInstance_GetLibraryDescription
- * nssCKFWInstance_GetLibraryVersion
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- * nssCKFWInstance_GetSlots
- * nssCKFWInstance_WaitForSlotEvent
- *
- * -- debugging versions only --
- * nssCKFWInstance_verifyPointer
- */
-
-/*
- * nssCKFWInstance_Create
- *
- */
-NSS_EXTERN NSSCKFWInstance *
-nssCKFWInstance_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- NSSCKMDInstance *mdInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_Destroy
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetMDInstance
- *
- */
-NSS_EXTERN NSSCKMDInstance *
-nssCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_MayCreatePthreads
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_CreateMutex
- *
- */
-NSS_EXTERN NSSCKFWMutex *
-nssCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_GetConfigurationData
- *
- */
-NSS_EXTERN NSSUTF8 *
-nssCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_CreateSessionHandle
- *
- */
-NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWInstance_CreateSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_ResolveSessionHandle
- *
- */
-NSS_EXTERN NSSCKFWSession *
-nssCKFWInstance_ResolveSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * nssCKFWInstance_DestroySessionHandle
- *
- */
-NSS_EXTERN void
-nssCKFWInstance_DestroySessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * nssCKFWInstance_FindSessionHandle
- *
- */
-NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWInstance_FindSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWInstance_CreateObjectHandle
- *
- */
-NSS_EXTERN CK_OBJECT_HANDLE
-nssCKFWInstance_CreateObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_FindObjectHandle
- *
- */
-NSS_EXTERN CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWInstance_ResolveObjectHandle
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWInstance_ResolveObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-);
-
-/*
- * nssCKFWInstance_ReassignObjectHandle
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_ReassignObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWInstance_DestroyObjectHandle
- *
- */
-NSS_EXTERN void
-nssCKFWInstance_DestroyObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-);
-
-/*
- * nssCKFWInstance_FindObjectHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWInstance_GetNSlots
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWInstance_GetNSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_GetCryptokiVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWInstance_GetCryptokiVersion
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetManufacturerID
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_GetManufacturerID
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR manufacturerID[32]
-);
-
-/*
- * nssCKFWInstance_GetFlags
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWInstance_GetFlags
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetLibraryDescription
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_GetLibraryDescription
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR libraryDescription[32]
-);
-
-/*
- * nssCKFWInstance_GetLibraryVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWInstance_GetLibraryVersion
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWInstance_GetModuleHandlesSessionObjects
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * nssCKFWInstance_GetSlots
- *
- */
-NSS_EXTERN NSSCKFWSlot **
-nssCKFWInstance_GetSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_WaitForSlotEvent
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWInstance_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL block,
- CK_RV *pError
-);
-
-/*
- * nssCKFWInstance_verifyPointer
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWInstance_verifyPointer
-(
- const NSSCKFWInstance *fwInstance
-);
-
-
-/*
- * NSSCKFWSlot
- *
- * -- create/destroy --
- * nssCKFWSlot_Create
- * nssCKFWSlot_Destroy
- *
- * -- implement public accessors --
- * nssCKFWSlot_GetMDSlot
- * nssCKFWSlot_GetFWInstance
- * nssCKFWSlot_GetMDInstance
- *
- * -- private accessors --
- * nssCKFWSlot_GetSlotID
- *
- * -- module fronts --
- * nssCKFWSlot_GetSlotDescription
- * nssCKFWSlot_GetManufacturerID
- * nssCKFWSlot_GetTokenPresent
- * nssCKFWSlot_GetRemovableDevice
- * nssCKFWSlot_GetHardwareSlot
- * nssCKFWSlot_GetHardwareVersion
- * nssCKFWSlot_GetFirmwareVersion
- * nssCKFWSlot_GetToken
- */
-
-/*
- * nssCKFWSlot_Create
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWSlot_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *mdSlot,
- CK_SLOT_ID slotID,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSlot_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSlot_Destroy
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetMDSlot
- *
- */
-NSS_EXTERN NSSCKMDSlot *
-nssCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetFWInstance
- *
- */
-
-NSS_EXTERN NSSCKFWInstance *
-nssCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetMDInstance
- *
- */
-
-NSS_EXTERN NSSCKMDInstance *
-nssCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetSlotID
- *
- */
-NSS_EXTERN CK_SLOT_ID
-nssCKFWSlot_GetSlotID
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetSlotDescription
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSlot_GetSlotDescription
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR slotDescription[64]
-);
-
-/*
- * nssCKFWSlot_GetManufacturerID
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSlot_GetManufacturerID
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR manufacturerID[32]
-);
-
-/*
- * nssCKFWSlot_GetTokenPresent
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetTokenPresent
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetRemovableDevice
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetRemovableDevice
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetHardwareSlot
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSlot_GetHardwareSlot
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetHardwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWSlot_GetHardwareVersion
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetFirmwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWSlot_GetFirmwareVersion
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * nssCKFWSlot_GetToken
- *
- */
-NSS_EXTERN NSSCKFWToken *
-nssCKFWSlot_GetToken
-(
- NSSCKFWSlot *fwSlot,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSlot_ClearToken
- *
- */
-NSS_EXTERN void
-nssCKFWSlot_ClearToken
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWToken
- *
- * -- create/destroy --
- * nssCKFWToken_Create
- * nssCKFWToken_Destroy
- *
- * -- implement public accessors --
- * nssCKFWToken_GetMDToken
- * nssCKFWToken_GetFWSlot
- * nssCKFWToken_GetMDSlot
- * nssCKFWToken_GetSessionState
- *
- * -- private accessors --
- * nssCKFWToken_SetSessionState
- * nssCKFWToken_RemoveSession
- * nssCKFWToken_CloseAllSessions
- * nssCKFWToken_GetSessionCount
- * nssCKFWToken_GetRwSessionCount
- * nssCKFWToken_GetRoSessionCount
- * nssCKFWToken_GetSessionObjectHash
- * nssCKFWToken_GetMDObjectHash
- * nssCKFWToken_GetObjectHandleHash
- *
- * -- module fronts --
- * nssCKFWToken_InitToken
- * nssCKFWToken_GetLabel
- * nssCKFWToken_GetManufacturerID
- * nssCKFWToken_GetModel
- * nssCKFWToken_GetSerialNumber
- * nssCKFWToken_GetHasRNG
- * nssCKFWToken_GetIsWriteProtected
- * nssCKFWToken_GetLoginRequired
- * nssCKFWToken_GetUserPinInitialized
- * nssCKFWToken_GetRestoreKeyNotNeeded
- * nssCKFWToken_GetHasClockOnToken
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- * nssCKFWToken_GetSupportsDualCryptoOperations
- * nssCKFWToken_GetMaxSessionCount
- * nssCKFWToken_GetMaxRwSessionCount
- * nssCKFWToken_GetMaxPinLen
- * nssCKFWToken_GetMinPinLen
- * nssCKFWToken_GetTotalPublicMemory
- * nssCKFWToken_GetFreePublicMemory
- * nssCKFWToken_GetTotalPrivateMemory
- * nssCKFWToken_GetFreePrivateMemory
- * nssCKFWToken_GetHardwareVersion
- * nssCKFWToken_GetFirmwareVersion
- * nssCKFWToken_GetUTCTime
- * nssCKFWToken_OpenSession
- * nssCKFWToken_GetMechanismCount
- * nssCKFWToken_GetMechanismTypes
- * nssCKFWToken_GetMechanism
- */
-
-/*
- * nssCKFWToken_Create
- *
- */
-NSS_EXTERN NSSCKFWToken *
-nssCKFWToken_Create
-(
- NSSCKFWSlot *fwSlot,
- NSSCKMDToken *mdToken,
- CK_RV *pError
-);
-
-/*
- * nssCKFWToken_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_Destroy
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMDToken
- *
- */
-NSS_EXTERN NSSCKMDToken *
-nssCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-);
-
-/*
- * nssCKFWToken_GetFWSlot
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMDSlot
- *
- */
-NSS_EXTERN NSSCKMDSlot *
-nssCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSessionState
- *
- */
-NSS_EXTERN CK_STATE
-nssCKFWToken_GetSessionState
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_InitToken
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_InitToken
-(
- NSSCKFWToken *fwToken,
- NSSItem *pin,
- NSSUTF8 *label
-);
-
-/*
- * nssCKFWToken_GetLabel
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetLabel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR label[32]
-);
-
-/*
- * nssCKFWToken_GetManufacturerID
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetManufacturerID
-(
- NSSCKFWToken *fwToken,
- CK_CHAR manufacturerID[32]
-);
-
-/*
- * nssCKFWToken_GetModel
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetModel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR model[16]
-);
-
-/*
- * nssCKFWToken_GetSerialNumber
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetSerialNumber
-(
- NSSCKFWToken *fwToken,
- CK_CHAR serialNumber[16]
-);
-
-/*
- * nssCKFWToken_GetHasRNG
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasRNG
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetIsWriteProtected
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetIsWriteProtected
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetLoginRequired
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetLoginRequired
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetUserPinInitialized
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetUserPinInitialized
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetRestoreKeyNotNeeded
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetRestoreKeyNotNeeded
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetHasClockOnToken
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasClockOnToken
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetHasProtectedAuthenticationPath
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSupportsDualCryptoOperations
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWToken_GetSupportsDualCryptoOperations
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMaxSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMaxRwSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxRwSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMaxPinLen
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMaxPinLen
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMinPinLen
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMinPinLen
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetTotalPublicMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetTotalPublicMemory
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetFreePublicMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetFreePublicMemory
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetTotalPrivateMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetTotalPrivateMemory
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetFreePrivateMemory
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetFreePrivateMemory
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetHardwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWToken_GetHardwareVersion
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetFirmwareVersion
- *
- */
-NSS_EXTERN CK_VERSION
-nssCKFWToken_GetFirmwareVersion
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetUTCTime
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetUTCTime
-(
- NSSCKFWToken *fwToken,
- CK_CHAR utcTime[16]
-);
-
-/*
- * nssCKFWToken_OpenSession
- *
- */
-NSS_EXTERN NSSCKFWSession *
-nssCKFWToken_OpenSession
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-);
-
-/*
- * nssCKFWToken_GetMechanismCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetMechanismCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMechanismTypes
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_GetMechanismTypes
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE types[]
-);
-
-/*
- * nssCKFWToken_GetMechanism
- *
- */
-NSS_EXTERN NSSCKFWMechanism *
-nssCKFWToken_GetMechanism
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE which,
- CK_RV *pError
-);
-
-/*
- * nssCKFWToken_SetSessionState
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_SetSessionState
-(
- NSSCKFWToken *fwToken,
- CK_STATE newState
-);
-
-/*
- * nssCKFWToken_RemoveSession
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_RemoveSession
-(
- NSSCKFWToken *fwToken,
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWToken_CloseAllSessions
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWToken_CloseAllSessions
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetRwSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetRwSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetRoSessionCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWToken_GetRoSessionCount
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetSessionObjectHash
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetSessionObjectHash
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetMDObjectHash
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetMDObjectHash
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * nssCKFWToken_GetObjectHandleHash
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWToken_GetObjectHandleHash
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWMechanism
- *
- * -- create/destroy --
- * nssCKFWMechanism_Create
- * nssCKFWMechanism_Destroy
- *
- * -- implement public accessors --
- * nssCKFWMechanism_GetMDMechanism
- * nssCKFWMechanism_GetParameter
- *
- * -- private accessors --
- *
- * -- module fronts --
- * nssCKFWMechanism_GetMinKeySize
- * nssCKFWMechanism_GetMaxKeySize
- * nssCKFWMechanism_GetInHardware
- */
-
-/*
- * nssCKFWMechanism_Create
- *
- */
-NSS_EXTERN NSSCKFWMechanism *
-nssCKFWMechanism_Create
-(
- void /* XXX fgmr */
-);
-
-/*
- * nssCKFWMechanism_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMechanism_Destroy
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetMDMechanism
- *
- */
-
-NSS_EXTERN NSSCKMDMechanism *
-nssCKFWMechanism_GetMDMechanism
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetParameter
- *
- * XXX fgmr-- or as an additional parameter to the crypto ops?
- */
-NSS_EXTERN NSSItem *
-nssCKFWMechanism_GetParameter
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetMinKeySize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetMinKeySize
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetMaxKeySize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWMechanism_GetMaxKeySize
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * nssCKFWMechanism_GetInHardware
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWMechanism_GetInHardware
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * NSSCKFWSession
- *
- * -- create/destroy --
- * nssCKFWSession_Create
- * nssCKFWSession_Destroy
- *
- * -- implement public accessors --
- * nssCKFWSession_GetMDSession
- * nssCKFWSession_GetArena
- * nssCKFWSession_CallNotification
- * nssCKFWSession_IsRWSession
- * nssCKFWSession_IsSO
- *
- * -- private accessors --
- * nssCKFWSession_GetFWSlot
- * nssCKFWSession_GetSessionState
- * nssCKFWSession_SetFWFindObjects
- * nssCKFWSession_GetFWFindObjects
- * nssCKFWSession_SetMDSession
- * nssCKFWSession_SetHandle
- * nssCKFWSession_GetHandle
- * nssCKFWSession_RegisterSessionObject
- * nssCKFWSession_DeregisterSessionObject
- *
- * -- module fronts --
- * nssCKFWSession_GetDeviceError
- * nssCKFWSession_Login
- * nssCKFWSession_Logout
- * nssCKFWSession_InitPIN
- * nssCKFWSession_SetPIN
- * nssCKFWSession_GetOperationStateLen
- * nssCKFWSession_GetOperationState
- * nssCKFWSession_SetOperationState
- * nssCKFWSession_CreateObject
- * nssCKFWSession_CopyObject
- * nssCKFWSession_FindObjectsInit
- * nssCKFWSession_SeedRandom
- * nssCKFWSession_GetRandom
- */
-
-/*
- * nssCKFWSession_Create
- *
- */
-NSS_EXTERN NSSCKFWSession *
-nssCKFWSession_Create
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_Destroy
-(
- NSSCKFWSession *fwSession,
- CK_BBOOL removeFromTokenHash
-);
-
-/*
- * nssCKFWSession_GetMDSession
- *
- */
-NSS_EXTERN NSSCKMDSession *
-nssCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_CallNotification
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-);
-
-/*
- * nssCKFWSession_IsRWSession
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_IsSO
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_GetFWSlot
- *
- */
-NSS_EXTERN NSSCKFWSlot *
-nssCKFWSession_GetFWSlot
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCFKWSession_GetSessionState
- *
- */
-NSS_EXTERN CK_STATE
-nssCKFWSession_GetSessionState
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_SetFWFindObjects
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetFWFindObjects
-(
- NSSCKFWSession *fwSession,
- NSSCKFWFindObjects *fwFindObjects
-);
-
-/*
- * nssCKFWSession_GetFWFindObjects
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWSession_GetFWFindObjects
-(
- NSSCKFWSession *fwSesssion,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_SetMDSession
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetMDSession
-(
- NSSCKFWSession *fwSession,
- NSSCKMDSession *mdSession
-);
-
-/*
- * nssCKFWSession_SetHandle
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetHandle
-(
- NSSCKFWSession *fwSession,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * nssCKFWSession_GetHandle
- *
- */
-NSS_EXTERN CK_SESSION_HANDLE
-nssCKFWSession_GetHandle
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_RegisterSessionObject
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_RegisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWSession_DeregisterSessionObject
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_DeregisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWSession_GetDeviceError
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWSession_GetDeviceError
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_Login
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_Login
-(
- NSSCKFWSession *fwSession,
- CK_USER_TYPE userType,
- NSSItem *pin
-);
-
-/*
- * nssCKFWSession_Logout
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_Logout
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * nssCKFWSession_InitPIN
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_InitPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *pin
-);
-
-/*
- * nssCKFWSession_SetPIN
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *newPin,
- NSSItem *oldPin
-);
-
-/*
- * nssCKFWSession_GetOperationStateLen
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWSession_GetOperationStateLen
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_GetOperationState
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_GetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-);
-
-/*
- * nssCKFWSession_SetOperationState
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *state,
- NSSCKFWObject *encryptionKey,
- NSSCKFWObject *authenticationKey
-);
-
-/*
- * nssCKFWSession_CreateObject
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWSession_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_CopyObject
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWSession_CopyObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *object,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_FindObjectsInit
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWSession_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-);
-
-/*
- * nssCKFWSession_SeedRandom
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_SeedRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *seed
-);
-
-/*
- * nssCKFWSession_GetRandom
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWSession_GetRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-);
-
-/*
- * NSSCKFWObject
- *
- * -- create/destroy --
- * nssCKFWObject_Create
- * nssCKFWObject_Finalize
- * nssCKFWObject_Destroy
- *
- * -- implement public accessors --
- * nssCKFWObject_GetMDObject
- * nssCKFWObject_GetArena
- *
- * -- private accessors --
- * nssCKFWObject_SetHandle
- * nssCKFWObject_GetHandle
- *
- * -- module fronts --
- * nssCKFWObject_IsTokenObject
- * nssCKFWObject_GetAttributeCount
- * nssCKFWObject_GetAttributeTypes
- * nssCKFWObject_GetAttributeSize
- * nssCKFWObject_GetAttribute
- * nssCKFWObject_SetAttribute
- * nssCKFWObject_GetObjectSize
- */
-
-/*
- * nssCKFWObject_Create
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWObject_Create
-(
- NSSArena *arena,
- NSSCKMDObject *mdObject,
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_Finalize
- *
- */
-NSS_EXTERN void
-nssCKFWObject_Finalize
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWObject_Destroy
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_GetMDObject
- *
- */
-NSS_EXTERN NSSCKMDObject *
-nssCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-nssCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_SetHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetHandle
-(
- NSSCKFWObject *fwObject,
- CK_OBJECT_HANDLE hObject
-);
-
-/*
- * nssCKFWObject_GetHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWObject_GetHandle
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_IsTokenObject
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * nssCKFWObject_GetAttributeCount
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_GetAttributeTypes
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-);
-
-/*
- * nssCKFWObject_GetAttributeSize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_GetAttribute
- *
- * Usual NSS allocation rules:
- * If itemOpt is not NULL, it will be returned; otherwise an NSSItem
- * will be allocated. If itemOpt is not NULL but itemOpt->data is,
- * the buffer will be allocated; otherwise, the buffer will be used.
- * Any allocations will come from the optional arena, if one is
- * specified.
- */
-NSS_EXTERN NSSItem *
-nssCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-);
-
-/*
- * nssCKFWObject_SetAttribute
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWObject_SetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-);
-
-/*
- * nssCKFWObject_GetObjectSize
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWFindObjects
- *
- * -- create/destroy --
- * nssCKFWFindObjects_Create
- * nssCKFWFindObjects_Destroy
- *
- * -- implement public accessors --
- * nssCKFWFindObjects_GetMDFindObjects
- *
- * -- private accessors --
- *
- * -- module fronts --
- * nssCKFWFindObjects_Next
- */
-
-/*
- * nssCKFWFindObjects_Create
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWFindObjects_Create
-(
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- NSSCKMDFindObjects *mdFindObjects1,
- NSSCKMDFindObjects *mdFindObjects2,
- CK_RV *pError
-);
-
-/*
- * nssCKFWFindObjects_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWFindObjects_Destroy
-(
- NSSCKFWFindObjects *fwFindObjects
-);
-
-/*
- * nssCKFWFindObjects_GetMDFindObjects
- *
- */
-NSS_EXTERN NSSCKMDFindObjects *
-nssCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *fwFindObjects
-);
-
-/*
- * nssCKFWFindObjects_Next
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWFindObjects_Next
-(
- NSSCKFWFindObjects *fwFindObjects,
- NSSArena *arenaOpt,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWMutex
- *
- * nssCKFWMutex_Create
- * nssCKFWMutex_Destroy
- * nssCKFWMutex_Lock
- * nssCKFWMutex_Unlock
- *
- */
-
-/*
- * nssCKFWMutex_Create
- *
- */
-NSS_EXTERN NSSCKFWMutex *
-nssCKFWMutex_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- NSSArena *arena,
- CK_RV *pError
-);
-
-/*
- * nssCKFWMutex_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-);
-
-/*
- * nssCKFWMutex_Lock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-);
-
-/*
- * nssCKFWMutex_Unlock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-);
-
-#endif /* CKFW_H */
diff --git a/security/nss/lib/ckfw/ckfwm.h b/security/nss/lib/ckfw/ckfwm.h
deleted file mode 100644
index 82fd74830..000000000
--- a/security/nss/lib/ckfw/ckfwm.h
+++ /dev/null
@@ -1,161 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKFWM_H
-#define CKFWM_H
-
-#ifdef DEBUG
-static const char CKFWM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckfwm.h
- *
- * This file prototypes the module-private calls of the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-/*
- * nssCKFWHash
- *
- * nssCKFWHash_Create
- * nssCKFWHash_Destroy
- * nssCKFWHash_Add
- * nssCKFWHash_Remove
- * nssCKFWHash_Count
- * nssCKFWHash_Exists
- * nssCKFWHash_Lookup
- * nssCKFWHash_Iterate
- */
-
-/*
- * nssCKFWHash_Create
- *
- */
-NSS_EXTERN nssCKFWHash *
-nssCKFWHash_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
-
-/*
- * nssCKFWHash_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWHash_Destroy
-(
- nssCKFWHash *hash
-);
-
-/*
- * nssCKFWHash_Add
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWHash_Add
-(
- nssCKFWHash *hash,
- const void *key,
- const void *value
-);
-
-/*
- * nssCKFWHash_Remove
- *
- */
-NSS_EXTERN void
-nssCKFWHash_Remove
-(
- nssCKFWHash *hash,
- const void *it
-);
-
-/*
- * nssCKFWHash_Count
- *
- */
-NSS_EXTERN CK_ULONG
-nssCKFWHash_Count
-(
- nssCKFWHash *hash
-);
-
-/*
- * nssCKFWHash_Exists
- *
- */
-NSS_EXTERN CK_BBOOL
-nssCKFWHash_Exists
-(
- nssCKFWHash *hash,
- const void *it
-);
-
-/*
- * nssCKFWHash_Lookup
- *
- */
-NSS_EXTERN void *
-nssCKFWHash_Lookup
-(
- nssCKFWHash *hash,
- const void *it
-);
-
-/*
- * nssCKFWHash_Iterate
- *
- */
-NSS_EXTERN void
-nssCKFWHash_Iterate
-(
- nssCKFWHash *hash,
- nssCKFWHashIterator fcn,
- void *closure
-);
-
-#endif /* CKFWM_H */
diff --git a/security/nss/lib/ckfw/ckfwtm.h b/security/nss/lib/ckfw/ckfwtm.h
deleted file mode 100644
index 0f631f02d..000000000
--- a/security/nss/lib/ckfw/ckfwtm.h
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKFWTM_H
-#define CKFWTM_H
-
-#ifdef DEBUG
-static const char CKFWTM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckfwtm.h
- *
- * This file declares the module-private types of the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-struct nssCKFWHashStr;
-typedef struct nssCKFWHashStr nssCKFWHash;
-
-typedef void (PR_CALLBACK *nssCKFWHashIterator)(const void *key, void *value, void *closure);
-
-#endif /* CKFWTM_H */
diff --git a/security/nss/lib/ckfw/ckmd.h b/security/nss/lib/ckfw/ckmd.h
deleted file mode 100644
index 5b7f394f5..000000000
--- a/security/nss/lib/ckfw/ckmd.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef CKMD_H
-#define CKMD_H
-
-#ifdef DEBUG
-static const char CKMD_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * ckmd.h
- *
- */
-
-NSS_EXTERN NSSCKMDObject *
-nssCKMDSessionObject_Create
-(
- NSSCKFWToken *fwToken,
- NSSArena *arena,
- CK_ATTRIBUTE_PTR attributes,
- CK_ULONG ulCount,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDFindObjects *
-nssCKMDFindSessionObjects_Create
-(
- NSSCKFWToken *fwToken,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_RV *pError
-);
-
-#endif /* CKMD_H */
diff --git a/security/nss/lib/ckfw/ckt.h b/security/nss/lib/ckfw/ckt.h
deleted file mode 100644
index bf114dbc0..000000000
--- a/security/nss/lib/ckfw/ckt.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* get back to just one set of PKCS #11 headers. Use the onese that
- * are easiest to maintain from the RSA website */
-/* this one is the one that defines NSS specific data */
-#include "pkcs11n.h"
diff --git a/security/nss/lib/ckfw/config.mk b/security/nss/lib/ckfw/config.mk
deleted file mode 100644
index 521c93d31..000000000
--- a/security/nss/lib/ckfw/config.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Hack to see if everything still builds
-#
-
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
-
diff --git a/security/nss/lib/ckfw/dbm/Makefile b/security/nss/lib/ckfw/dbm/Makefile
deleted file mode 100644
index 03e1fb4c6..000000000
--- a/security/nss/lib/ckfw/dbm/Makefile
+++ /dev/null
@@ -1,38 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include config.mk
-include $(CORE_DEPTH)/coreconf/config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
diff --git a/security/nss/lib/ckfw/dbm/anchor.c b/security/nss/lib/ckfw/dbm/anchor.c
deleted file mode 100644
index 588fd00e0..000000000
--- a/security/nss/lib/ckfw/dbm/anchor.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * dbm/anchor.c
- *
- * This file "anchors" the actual cryptoki entry points in this module's
- * shared library, which is required for dynamic loading. See the
- * comments in nssck.api for more information.
- */
-
-#include "ckdbm.h"
-
-#define MODULE_NAME dbm
-#define INSTANCE_NAME (NSSCKMDInstance *)&nss_dbm_mdInstance
-#include "nssck.api"
diff --git a/security/nss/lib/ckfw/dbm/ckdbm.h b/security/nss/lib/ckfw/dbm/ckdbm.h
deleted file mode 100644
index 7bab87ec7..000000000
--- a/security/nss/lib/ckfw/dbm/ckdbm.h
+++ /dev/null
@@ -1,281 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CKDBM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef CKDBM_H
-#define CKDBM_H
-
-#include "nssckmdt.h"
-#include "nssckfw.h"
-
-/*
- * I'm including this for access to the arena functions.
- * Looks like we should publish that API.
- */
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/*
- * This is where the Netscape extensions live, at least for now.
- */
-#ifndef CKT_H
-#include "ckt.h"
-#endif /* CKT_H */
-
-#include "mcom_db.h"
-
-NSS_EXTERN_DATA NSSCKMDInstance nss_dbm_mdInstance;
-
-typedef struct nss_dbm_db_struct nss_dbm_db_t;
-struct nss_dbm_db_struct {
- DB *db;
- NSSCKFWMutex *crustylock;
-};
-
-typedef struct nss_dbm_dbt_struct nss_dbm_dbt_t;
-struct nss_dbm_dbt_struct {
- DBT dbt;
- nss_dbm_db_t *my_db;
-};
-
-typedef struct nss_dbm_instance_struct nss_dbm_instance_t;
-struct nss_dbm_instance_struct {
- NSSArena *arena;
- CK_ULONG nSlots;
- char **filenames;
- int *flags; /* e.g. O_RDONLY, O_RDWR */
-};
-
-typedef struct nss_dbm_slot_struct nss_dbm_slot_t;
-struct nss_dbm_slot_struct {
- nss_dbm_instance_t *instance;
- char *filename;
- int flags;
- nss_dbm_db_t *token_db;
-};
-
-typedef struct nss_dbm_token_struct nss_dbm_token_t;
-struct nss_dbm_token_struct {
- NSSArena *arena;
- nss_dbm_slot_t *slot;
- nss_dbm_db_t *session_db;
- NSSUTF8 *label;
-};
-
-struct nss_dbm_dbt_node {
- struct nss_dbm_dbt_node *next;
- nss_dbm_dbt_t *dbt;
-};
-
-typedef struct nss_dbm_session_struct nss_dbm_session_t;
-struct nss_dbm_session_struct {
- NSSArena *arena;
- nss_dbm_token_t *token;
- CK_ULONG deviceError;
- struct nss_dbm_dbt_node *session_objects;
- NSSCKFWMutex *list_lock;
-};
-
-typedef struct nss_dbm_object_struct nss_dbm_object_t;
-struct nss_dbm_object_struct {
- NSSArena *arena; /* token or session */
- nss_dbm_dbt_t *handle;
-};
-
-typedef struct nss_dbm_find_struct nss_dbm_find_t;
-struct nss_dbm_find_struct {
- NSSArena *arena;
- struct nss_dbm_dbt_node *found;
- NSSCKFWMutex *list_lock;
-};
-
-NSS_EXTERN NSSCKMDSlot *
-nss_dbm_mdSlot_factory
-(
- nss_dbm_instance_t *instance,
- char *filename,
- int flags,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDToken *
-nss_dbm_mdToken_factory
-(
- nss_dbm_slot_t *slot,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDSession *
-nss_dbm_mdSession_factory
-(
- nss_dbm_token_t *token,
- NSSCKFWSession *fwSession,
- NSSCKFWInstance *fwInstance,
- CK_BBOOL rw,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDObject *
-nss_dbm_mdObject_factory
-(
- nss_dbm_object_t *object,
- CK_RV *pError
-);
-
-NSS_EXTERN NSSCKMDFindObjects *
-nss_dbm_mdFindObjects_factory
-(
- nss_dbm_find_t *find,
- CK_RV *pError
-);
-
-NSS_EXTERN nss_dbm_db_t *
-nss_dbm_db_open
-(
- NSSArena *arena,
- NSSCKFWInstance *fwInstance,
- char *filename,
- int flags,
- CK_RV *pError
-);
-
-NSS_EXTERN void
-nss_dbm_db_close
-(
- nss_dbm_db_t *db
-);
-
-NSS_EXTERN CK_VERSION
-nss_dbm_db_get_format_version
-(
- nss_dbm_db_t *db
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_set_label
-(
- nss_dbm_db_t *db,
- NSSUTF8 *label
-);
-
-NSS_EXTERN NSSUTF8 *
-nss_dbm_db_get_label
-(
- nss_dbm_db_t *db,
- NSSArena *arena,
- CK_RV *pError
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_delete_object
-(
- nss_dbm_dbt_t *dbt
-);
-
-NSS_EXTERN nss_dbm_dbt_t *
-nss_dbm_db_create_object
-(
- NSSArena *arena,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_find_objects
-(
- nss_dbm_find_t *find,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_BBOOL
-nss_dbm_db_object_still_exists
-(
- nss_dbm_dbt_t *dbt
-);
-
-NSS_EXTERN CK_ULONG
-nss_dbm_db_get_object_attribute_count
-(
- nss_dbm_dbt_t *dbt,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_get_object_attribute_types
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_ULONG
-nss_dbm_db_get_object_attribute_size
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN NSSItem *
-nss_dbm_db_get_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- NSSArena *arena,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-);
-
-NSS_EXTERN CK_RV
-nss_dbm_db_set_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- NSSItem *value,
- CK_ULONG *pdbrv
-);
-
-#endif /* CKDBM_H */
diff --git a/security/nss/lib/ckfw/dbm/config.mk b/security/nss/lib/ckfw/dbm/config.mk
deleted file mode 100644
index 80b3135f4..000000000
--- a/security/nss/lib/ckfw/dbm/config.mk
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
diff --git a/security/nss/lib/ckfw/dbm/db.c b/security/nss/lib/ckfw/dbm/db.c
deleted file mode 100644
index 307c7f21d..000000000
--- a/security/nss/lib/ckfw/dbm/db.c
+++ /dev/null
@@ -1,1065 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-#define PREFIX_METADATA "0000"
-#define PREFIX_OBJECT "0001"
-#define PREFIX_INDEX "0002"
-
-static CK_VERSION nss_dbm_db_format_version = { 1, 0 };
-struct handle {
- char prefix[4];
- CK_ULONG id;
-};
-
-NSS_IMPLEMENT nss_dbm_db_t *
-nss_dbm_db_open
-(
- NSSArena *arena,
- NSSCKFWInstance *fwInstance,
- char *filename,
- int flags,
- CK_RV *pError
-)
-{
- nss_dbm_db_t *rv;
- CK_VERSION db_version;
-
- rv = nss_ZNEW(arena, nss_dbm_db_t);
- if( (nss_dbm_db_t *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_db_t *)NULL;
- }
-
- rv->db = dbopen(filename, flags, 0600, DB_HASH, (const void *)NULL);
- if( (DB *)NULL == rv->db ) {
- *pError = CKR_TOKEN_NOT_PRESENT;
- return (nss_dbm_db_t *)NULL;
- }
-
- rv->crustylock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == rv->crustylock ) {
- return (nss_dbm_db_t *)NULL;
- }
-
- db_version = nss_dbm_db_get_format_version(rv);
- if( db_version.major != nss_dbm_db_format_version.major ) {
- nss_dbm_db_close(rv);
- *pError = CKR_TOKEN_NOT_RECOGNIZED;
- return (nss_dbm_db_t *)NULL;
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT void
-nss_dbm_db_close
-(
- nss_dbm_db_t *db
-)
-{
- if( (NSSCKFWMutex *)NULL != db->crustylock ) {
- (void)NSSCKFWMutex_Destroy(db->crustylock);
- }
-
- if( (DB *)NULL != db->db ) {
- (void)db->db->close(db->db);
- }
-
- nss_ZFreeIf(db);
-}
-
-NSS_IMPLEMENT CK_VERSION
-nss_dbm_db_get_format_version
-(
- nss_dbm_db_t *db
-)
-{
- CK_VERSION rv;
- DBT k, v;
- int dbrv;
- char buffer[64];
-
- rv.major = rv.minor = 0;
-
- k.data = PREFIX_METADATA "FormatVersion";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- (void)memset(&v, 0, sizeof(v));
-
- /* Locked region */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
- return rv;
- }
-
- dbrv = db->db->get(db->db, &k, &v, 0);
- if( dbrv == 0 ) {
- CK_ULONG major = 0, minor = 0;
- (void)PR_sscanf(v.data, "%ld.%ld", &major, &minor);
- rv.major = major;
- rv.minor = minor;
- } else if( dbrv > 0 ) {
- (void)PR_snprintf(buffer, sizeof(buffer), "%ld.%ld", nss_dbm_db_format_version.major,
- nss_dbm_db_format_version.minor);
- v.data = buffer;
- v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
- dbrv = db->db->put(db->db, &k, &v, 0);
- (void)db->db->sync(db->db, 0);
- rv = nss_dbm_db_format_version;
- } else {
- /* No error return.. */
- ;
- }
-
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_set_label
-(
- nss_dbm_db_t *db,
- NSSUTF8 *label
-)
-{
- CK_RV rv;
- DBT k, v;
- int dbrv;
-
- k.data = PREFIX_METADATA "Label";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- v.data = label;
- v.size = nssUTF8_Size((NSSUTF8 *)v.data, (PRStatus *)NULL);
-
- /* Locked region */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
- return rv;
- }
-
- dbrv = db->db->put(db->db, &k, &v, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- }
-
- dbrv = db->db->sync(db->db, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- }
-
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nss_dbm_db_get_label
-(
- nss_dbm_db_t *db,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- NSSUTF8 *rv = (NSSUTF8 *)NULL;
- DBT k, v;
- int dbrv;
-
- k.data = PREFIX_METADATA "Label";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
-
- /* Locked region */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(db->crustylock) ) {
- return rv;
- }
-
- dbrv = db->db->get(db->db, &k, &v, 0);
- if( 0 == dbrv ) {
- rv = nssUTF8_Duplicate((NSSUTF8 *)v.data, arena);
- if( (NSSUTF8 *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- }
- } else if( dbrv > 0 ) {
- /* Just return null */
- ;
- } else {
- *pError = CKR_DEVICE_ERROR;
- ;
- }
-
-
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_delete_object
-(
- nss_dbm_dbt_t *dbt
-)
-{
- CK_RV rv;
- int dbrv;
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
-
- dbrv = dbt->my_db->db->del(dbt->my_db->db, &dbt->dbt, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- dbrv = dbt->my_db->db->sync(dbt->my_db->db, 0);
- if( 0 != dbrv ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- return rv;
-}
-
-static CK_ULONG
-nss_dbm_db_new_handle
-(
- nss_dbm_db_t *db,
- DBT *dbt, /* pre-allocated */
- CK_RV *pError
-)
-{
- CK_ULONG rv;
- DBT k, v;
- CK_ULONG align = 0, id, myid;
- struct handle *hp;
-
- if( sizeof(struct handle) != dbt->size ) {
- return EINVAL;
- }
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != *pError ) {
- return EINVAL;
- }
-
- k.data = PREFIX_METADATA "LastID";
- k.size = nssUTF8_Size((NSSUTF8 *)k.data, (PRStatus *)NULL);
- (void)memset(&v, 0, sizeof(v));
-
- rv = db->db->get(db->db, &k, &v, 0);
- if( 0 == rv ) {
- (void)memcpy(&align, v.data, sizeof(CK_ULONG));
- id = ntohl(align);
- } else if( rv > 0 ) {
- id = 0;
- } else {
- goto done;
- }
-
- myid = id;
- id++;
- align = htonl(id);
- v.data = &align;
- v.size = sizeof(CK_ULONG);
-
- rv = db->db->put(db->db, &k, &v, 0);
- if( 0 != rv ) {
- goto done;
- }
-
- rv = db->db->sync(db->db, 0);
- if( 0 != rv ) {
- goto done;
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- if( 0 != rv ) {
- return rv;
- }
-
- hp = (struct handle *)dbt->data;
- (void)memcpy(&hp->prefix[0], PREFIX_OBJECT, 4);
- hp->id = myid;
-
- return 0;
-}
-
-/*
- * This attribute-type-dependent swapping should probably
- * be in the Framework, because it'll be a concern of just
- * about every Module. Of course any Framework implementation
- * will have to be augmentable or overridable by a Module.
- */
-
-enum swap_type { type_byte, type_short, type_long, type_opaque };
-
-static enum swap_type
-nss_dbm_db_swap_type
-(
- CK_ATTRIBUTE_TYPE type
-)
-{
- switch( type ) {
- case CKA_CLASS: return type_long;
- case CKA_TOKEN: return type_byte;
- case CKA_PRIVATE: return type_byte;
- case CKA_LABEL: return type_opaque;
- case CKA_APPLICATION: return type_opaque;
- case CKA_VALUE: return type_opaque;
- case CKA_CERTIFICATE_TYPE: return type_long;
- case CKA_ISSUER: return type_opaque;
- case CKA_SERIAL_NUMBER: return type_opaque;
- case CKA_KEY_TYPE: return type_long;
- case CKA_SUBJECT: return type_opaque;
- case CKA_ID: return type_opaque;
- case CKA_SENSITIVE: return type_byte;
- case CKA_ENCRYPT: return type_byte;
- case CKA_DECRYPT: return type_byte;
- case CKA_WRAP: return type_byte;
- case CKA_UNWRAP: return type_byte;
- case CKA_SIGN: return type_byte;
- case CKA_SIGN_RECOVER: return type_byte;
- case CKA_VERIFY: return type_byte;
- case CKA_VERIFY_RECOVER: return type_byte;
- case CKA_DERIVE: return type_byte;
- case CKA_START_DATE: return type_opaque;
- case CKA_END_DATE: return type_opaque;
- case CKA_MODULUS: return type_opaque;
- case CKA_MODULUS_BITS: return type_long;
- case CKA_PUBLIC_EXPONENT: return type_opaque;
- case CKA_PRIVATE_EXPONENT: return type_opaque;
- case CKA_PRIME_1: return type_opaque;
- case CKA_PRIME_2: return type_opaque;
- case CKA_EXPONENT_1: return type_opaque;
- case CKA_EXPONENT_2: return type_opaque;
- case CKA_COEFFICIENT: return type_opaque;
- case CKA_PRIME: return type_opaque;
- case CKA_SUBPRIME: return type_opaque;
- case CKA_BASE: return type_opaque;
- case CKA_VALUE_BITS: return type_long;
- case CKA_VALUE_LEN: return type_long;
- case CKA_EXTRACTABLE: return type_byte;
- case CKA_LOCAL: return type_byte;
- case CKA_NEVER_EXTRACTABLE: return type_byte;
- case CKA_ALWAYS_SENSITIVE: return type_byte;
- case CKA_MODIFIABLE: return type_byte;
- case CKA_NETSCAPE_URL: return type_opaque;
- case CKA_NETSCAPE_EMAIL: return type_opaque;
- case CKA_NETSCAPE_SMIME_INFO: return type_opaque;
- case CKA_NETSCAPE_SMIME_TIMESTAMP: return type_opaque;
- case CKA_NETSCAPE_PKCS8_SALT: return type_opaque;
- case CKA_NETSCAPE_PASSWORD_CHECK: return type_opaque;
- case CKA_NETSCAPE_EXPIRES: return type_opaque;
- case CKA_TRUST_DIGITAL_SIGNATURE: return type_long;
- case CKA_TRUST_NON_REPUDIATION: return type_long;
- case CKA_TRUST_KEY_ENCIPHERMENT: return type_long;
- case CKA_TRUST_DATA_ENCIPHERMENT: return type_long;
- case CKA_TRUST_KEY_AGREEMENT: return type_long;
- case CKA_TRUST_KEY_CERT_SIGN: return type_long;
- case CKA_TRUST_CRL_SIGN: return type_long;
- case CKA_TRUST_SERVER_AUTH: return type_long;
- case CKA_TRUST_CLIENT_AUTH: return type_long;
- case CKA_TRUST_CODE_SIGNING: return type_long;
- case CKA_TRUST_EMAIL_PROTECTION: return type_long;
- case CKA_TRUST_IPSEC_END_SYSTEM: return type_long;
- case CKA_TRUST_IPSEC_TUNNEL: return type_long;
- case CKA_TRUST_IPSEC_USER: return type_long;
- case CKA_TRUST_TIME_STAMPING: return type_long;
- case CKA_NETSCAPE_DB: return type_opaque;
- case CKA_NETSCAPE_TRUST: return type_opaque;
- default: return type_opaque;
- }
-}
-
-static void
-nss_dbm_db_swap_copy
-(
- CK_ATTRIBUTE_TYPE type,
- void *dest,
- void *src,
- CK_ULONG len
-)
-{
- switch( nss_dbm_db_swap_type(type) ) {
- case type_byte:
- case type_opaque:
- (void)memcpy(dest, src, len);
- break;
- case type_short:
- {
- CK_USHORT s, d;
- (void)memcpy(&s, src, sizeof(CK_USHORT));
- d = htons(s);
- (void)memcpy(dest, &d, sizeof(CK_USHORT));
- break;
- }
- case type_long:
- {
- CK_ULONG s, d;
- (void)memcpy(&s, src, sizeof(CK_ULONG));
- d = htonl(s);
- (void)memcpy(dest, &d, sizeof(CK_ULONG));
- break;
- }
- }
-}
-
-static CK_RV
-nss_dbm_db_wrap_object
-(
- NSSArena *arena,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- DBT *object
-)
-{
- CK_ULONG object_size;
- CK_ULONG i;
- CK_ULONG *pulData;
- char *pcData;
- CK_ULONG offset;
-
- object_size = (1 + ulAttributeCount*3) * sizeof(CK_ULONG);
- offset = object_size;
- for( i = 0; i < ulAttributeCount; i++ ) {
- object_size += pTemplate[i].ulValueLen;
- }
-
- object->size = object_size;
- object->data = nss_ZAlloc(arena, object_size);
- if( (void *)NULL == object->data ) {
- return CKR_HOST_MEMORY;
- }
-
- pulData = (CK_ULONG *)object->data;
- pcData = (char *)object->data;
-
- pulData[0] = htonl(ulAttributeCount);
- for( i = 0; i < ulAttributeCount; i++ ) {
- CK_ULONG len = pTemplate[i].ulValueLen;
- pulData[1 + i*3] = htonl(pTemplate[i].type);
- pulData[2 + i*3] = htonl(len);
- pulData[3 + i*3] = htonl(offset);
- nss_dbm_db_swap_copy(pTemplate[i].type, &pcData[offset], pTemplate[i].pValue, len);
- offset += len;
- }
-
- return CKR_OK;
-}
-
-static CK_RV
-nss_dbm_db_unwrap_object
-(
- NSSArena *arena,
- DBT *object,
- CK_ATTRIBUTE_PTR *ppTemplate,
- CK_ULONG *pulAttributeCount
-)
-{
- CK_ULONG *pulData;
- char *pcData;
- CK_ULONG n, i;
- CK_ATTRIBUTE_PTR pTemplate;
-
- pulData = (CK_ULONG *)object->data;
- pcData = (char *)object->data;
-
- n = ntohl(pulData[0]);
- *pulAttributeCount = n;
- pTemplate = nss_ZNEWARRAY(arena, CK_ATTRIBUTE, n);
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- return CKR_HOST_MEMORY;
- }
-
- for( i = 0; i < n; i++ ) {
- CK_ULONG len;
- CK_ULONG offset;
- void *p;
-
- pTemplate[i].type = ntohl(pulData[1 + i*3]);
- len = ntohl(pulData[2 + i*3]);
- offset = ntohl(pulData[3 + i*3]);
-
- p = nss_ZAlloc(arena, len);
- if( (void *)NULL == p ) {
- return CKR_HOST_MEMORY;
- }
-
- nss_dbm_db_swap_copy(pTemplate[i].type, p, &pcData[offset], len);
- pTemplate[i].ulValueLen = len;
- pTemplate[i].pValue = p;
- }
-
- *ppTemplate = pTemplate;
- return CKR_OK;
-}
-
-
-NSS_IMPLEMENT nss_dbm_dbt_t *
-nss_dbm_db_create_object
-(
- NSSArena *arena,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
-{
- NSSArena *tmparena = (NSSArena *)NULL;
- nss_dbm_dbt_t *rv = (nss_dbm_dbt_t *)NULL;
- DBT object;
-
- rv = nss_ZNEW(arena, nss_dbm_dbt_t);
- if( (nss_dbm_dbt_t *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_dbt_t *)NULL;
- }
-
- rv->my_db = db;
- rv->dbt.size = sizeof(struct handle);
- rv->dbt.data = nss_ZAlloc(arena, rv->dbt.size);
- if( (void *)NULL == rv->dbt.data ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_dbt_t *)NULL;
- }
-
- *pdbrv = nss_dbm_db_new_handle(db, &rv->dbt, pError);
- if( 0 != *pdbrv ) {
- return (nss_dbm_dbt_t *)NULL;
- }
-
- tmparena = NSSArena_Create();
- if( (NSSArena *)NULL == tmparena ) {
- *pError = CKR_HOST_MEMORY;
- return (nss_dbm_dbt_t *)NULL;
- }
-
- *pError = nss_dbm_db_wrap_object(tmparena, pTemplate, ulAttributeCount, &object);
- if( CKR_OK != *pError ) {
- return (nss_dbm_dbt_t *)NULL;
- }
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- *pdbrv = db->db->put(db->db, &rv->dbt, &object, 0);
- if( 0 != *pdbrv ) {
- *pError = CKR_DEVICE_ERROR;
- }
-
- (void)db->db->sync(db->db, 0);
-
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- loser:
- if( (NSSArena *)NULL != tmparena ) {
- (void)NSSArena_Destroy(tmparena);
- }
-
- return rv;
-}
-
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_find_objects
-(
- nss_dbm_find_t *find,
- nss_dbm_db_t *db,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_ULONG *pdbrv
-)
-{
- CK_RV rv = CKR_OK;
-
- if( (nss_dbm_db_t *)NULL != db ) {
- DBT k, v;
-
- rv = NSSCKFWMutex_Lock(db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
-
- *pdbrv = db->db->seq(db->db, &k, &v, R_FIRST);
- while( 0 == *pdbrv ) {
- CK_ULONG i, j;
- NSSArena *tmparena = (NSSArena *)NULL;
- CK_ULONG ulac;
- CK_ATTRIBUTE_PTR pt;
-
- if( (k.size < 4) || (0 != memcmp(k.data, PREFIX_OBJECT, 4)) ) {
- goto nomatch;
- }
-
- tmparena = NSSArena_Create();
-
- rv = nss_dbm_db_unwrap_object(tmparena, &v, &pt, &ulac);
- if( CKR_OK != rv ) {
- goto loser;
- }
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- for( j = 0; j < ulac; j++ ) {
- if( pTemplate[i].type == pt[j].type ) {
- if( pTemplate[i].ulValueLen != pt[j].ulValueLen ) {
- goto nomatch;
- }
- if( 0 != memcmp(pTemplate[i].pValue, pt[j].pValue, pt[j].ulValueLen) ) {
- goto nomatch;
- }
- break;
- }
- }
- if( j == ulac ) {
- goto nomatch;
- }
- }
-
- /* entire template matches */
- {
- struct nss_dbm_dbt_node *node;
-
- node = nss_ZNEW(find->arena, struct nss_dbm_dbt_node);
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- rv = CKR_HOST_MEMORY;
- goto loser;
- }
-
- node->dbt = nss_ZNEW(find->arena, nss_dbm_dbt_t);
- if( (nss_dbm_dbt_t *)NULL == node->dbt ) {
- rv = CKR_HOST_MEMORY;
- goto loser;
- }
-
- node->dbt->dbt.size = k.size;
- node->dbt->dbt.data = nss_ZAlloc(find->arena, k.size);
- if( (void *)NULL == node->dbt->dbt.data ) {
- rv = CKR_HOST_MEMORY;
- goto loser;
- }
-
- (void)memcpy(node->dbt->dbt.data, k.data, k.size);
-
- node->dbt->my_db = db;
-
- node->next = find->found;
- find->found = node;
- }
-
- nomatch:
- if( (NSSArena *)NULL != tmparena ) {
- (void)NSSArena_Destroy(tmparena);
- }
- *pdbrv = db->db->seq(db->db, &k, &v, R_NEXT);
- }
-
- if( *pdbrv < 0 ) {
- rv = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- rv = CKR_OK;
-
- loser:
- (void)NSSCKFWMutex_Unlock(db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_BBOOL
-nss_dbm_db_object_still_exists
-(
- nss_dbm_dbt_t *dbt
-)
-{
- CK_BBOOL rv;
- CK_RV ckrv;
- int dbrv;
- DBT object;
-
- ckrv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != ckrv ) {
- return CK_FALSE;
- }
-
- dbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == dbrv ) {
- rv = CK_TRUE;
- } else {
- rv = CK_FALSE;
- }
-
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_ULONG
-nss_dbm_db_get_object_attribute_count
-(
- nss_dbm_dbt_t *dbt,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
-{
- CK_ULONG rv = 0;
- DBT object;
- CK_ULONG *pulData;
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != *pError ) {
- return rv;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- *pError = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- *pError = CKR_DEVICE_ERROR;
- goto done;
- }
-
- pulData = (CK_ULONG *)object.data;
- rv = ntohl(pulData[0]);
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_get_object_attribute_types
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount,
- CK_ULONG *pdbrv
-)
-{
- CK_RV rv = CKR_OK;
- DBT object;
- CK_ULONG *pulData;
- CK_ULONG n, i;
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != rv ) {
- return rv;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- rv = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- pulData = (CK_ULONG *)object.data;
- n = ntohl(pulData[0]);
-
- if( ulCount < n ) {
- rv = CKR_BUFFER_TOO_SMALL;
- goto done;
- }
-
- for( i = 0; i < n; i++ ) {
- typeArray[i] = ntohl(pulData[1 + i*3]);
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_ULONG
-nss_dbm_db_get_object_attribute_size
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
-{
- CK_ULONG rv = 0;
- DBT object;
- CK_ULONG *pulData;
- CK_ULONG n, i;
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != *pError ) {
- return rv;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- *pError = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- *pError = CKR_DEVICE_ERROR;
- goto done;
- }
-
- pulData = (CK_ULONG *)object.data;
- n = ntohl(pulData[0]);
-
- for( i = 0; i < n; i++ ) {
- if( type == ntohl(pulData[1 + i*3]) ) {
- rv = ntohl(pulData[2 + i*3]);
- }
- }
-
- if( i == n ) {
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- goto done;
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT NSSItem *
-nss_dbm_db_get_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- NSSArena *arena,
- CK_ATTRIBUTE_TYPE type,
- CK_RV *pError,
- CK_ULONG *pdbrv
-)
-{
- NSSItem *rv = (NSSItem *)NULL;
- DBT object;
- CK_ULONG i;
- NSSArena *tmp = NSSArena_Create();
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulAttributeCount;
-
- /* Locked region */
- {
- *pError = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- *pError = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- *pError = CKR_DEVICE_ERROR;
- goto done;
- }
-
- *pError = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
- if( CKR_OK != *pError ) {
- goto done;
- }
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( type == pTemplate[i].type ) {
- rv = nss_ZNEW(arena, NSSItem);
- if( (NSSItem *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto done;
- }
- rv->size = pTemplate[i].ulValueLen;
- rv->data = nss_ZAlloc(arena, rv->size);
- if( (void *)NULL == rv->data ) {
- *pError = CKR_HOST_MEMORY;
- goto done;
- }
- (void)memcpy(rv->data, pTemplate[i].pValue, rv->size);
- break;
- }
- }
- if( ulAttributeCount == i ) {
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- goto done;
- }
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- loser:
- if( (NSSArena *)NULL != tmp ) {
- NSSArena_Destroy(tmp);
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT CK_RV
-nss_dbm_db_set_object_attribute
-(
- nss_dbm_dbt_t *dbt,
- CK_ATTRIBUTE_TYPE type,
- NSSItem *value,
- CK_ULONG *pdbrv
-)
-{
- CK_RV rv = CKR_OK;
- DBT object;
- CK_ULONG i;
- NSSArena *tmp = NSSArena_Create();
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulAttributeCount;
-
- /* Locked region */
- {
- rv = NSSCKFWMutex_Lock(dbt->my_db->crustylock);
- if( CKR_OK != rv ) {
- goto loser;
- }
-
- *pdbrv = dbt->my_db->db->get(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 == *pdbrv ) {
- ;
- } else if( *pdbrv > 0 ) {
- rv = CKR_OBJECT_HANDLE_INVALID;
- goto done;
- } else {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- rv = nss_dbm_db_unwrap_object(tmp, &object, &pTemplate, &ulAttributeCount);
- if( CKR_OK != rv ) {
- goto done;
- }
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( type == pTemplate[i].type ) {
- /* Replacing an existing attribute */
- pTemplate[i].ulValueLen = value->size;
- pTemplate[i].pValue = value->data;
- break;
- }
- }
-
- if( i == ulAttributeCount ) {
- /* Adding a new attribute */
- CK_ATTRIBUTE_PTR npt = nss_ZNEWARRAY(tmp, CK_ATTRIBUTE, ulAttributeCount+1);
- if( (CK_ATTRIBUTE_PTR)NULL == npt ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- npt[i] = pTemplate[i];
- }
-
- npt[ulAttributeCount].type = type;
- npt[ulAttributeCount].ulValueLen = value->size;
- npt[ulAttributeCount].pValue = value->data;
-
- pTemplate = npt;
- ulAttributeCount++;
- }
-
- rv = nss_dbm_db_wrap_object(tmp, pTemplate, ulAttributeCount, &object);
- if( CKR_OK != rv ) {
- goto done;
- }
-
- *pdbrv = dbt->my_db->db->put(dbt->my_db->db, &dbt->dbt, &object, 0);
- if( 0 != *pdbrv ) {
- rv = CKR_DEVICE_ERROR;
- goto done;
- }
-
- (void)dbt->my_db->db->sync(dbt->my_db->db, 0);
-
- done:
- (void)NSSCKFWMutex_Unlock(dbt->my_db->crustylock);
- }
-
- loser:
- if( (NSSArena *)NULL != tmp ) {
- NSSArena_Destroy(tmp);
- }
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/find.c b/security/nss/lib/ckfw/dbm/find.c
deleted file mode 100644
index 81fe5d8fb..000000000
--- a/security/nss/lib/ckfw/dbm/find.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static void
-nss_dbm_mdFindObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
-
- /* Locks might have system resources associated */
- (void)NSSCKFWMutex_Destroy(find->list_lock);
- (void)NSSArena_Destroy(find->arena);
-}
-
-
-static NSSCKMDObject *
-nss_dbm_mdFindObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- nss_dbm_find_t *find = (nss_dbm_find_t *)mdFindObjects->etc;
- struct nss_dbm_dbt_node *node;
- nss_dbm_object_t *object;
- NSSCKMDObject *rv;
-
- while(1) {
- /* Lock */
- {
- *pError = NSSCKFWMutex_Lock(find->list_lock);
- if( CKR_OK != *pError ) {
- return (NSSCKMDObject *)NULL;
- }
-
- node = find->found;
- if( (struct nss_dbm_dbt_node *)NULL != node ) {
- find->found = node->next;
- }
-
- *pError = NSSCKFWMutex_Unlock(find->list_lock);
- if( CKR_OK != *pError ) {
- /* screwed now */
- return (NSSCKMDObject *)NULL;
- }
- }
-
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- break;
- }
-
- if( nss_dbm_db_object_still_exists(node->dbt) ) {
- break;
- }
- }
-
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
-
- object = nss_ZNEW(arena, nss_dbm_object_t);
- if( (nss_dbm_object_t *)NULL == object ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- object->arena = arena;
- object->handle = nss_ZNEW(arena, nss_dbm_dbt_t);
- if( (nss_dbm_dbt_t *)NULL == object->handle ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- object->handle->my_db = node->dbt->my_db;
- object->handle->dbt.size = node->dbt->dbt.size;
- object->handle->dbt.data = nss_ZAlloc(arena, node->dbt->dbt.size);
- if( (void *)NULL == object->handle->dbt.data ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- (void)memcpy(object->handle->dbt.data, node->dbt->dbt.data, node->dbt->dbt.size);
-
- rv = nss_dbm_mdObject_factory(object, pError);
- if( (NSSCKMDObject *)NULL == rv ) {
- return (NSSCKMDObject *)NULL;
- }
-
- return rv;
-}
-
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nss_dbm_mdFindObjects_factory
-(
- nss_dbm_find_t *find,
- CK_RV *pError
-)
-{
- NSSCKMDFindObjects *rv;
-
- rv = nss_ZNEW(find->arena, NSSCKMDFindObjects);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- rv->etc = (void *)find;
- rv->Final = nss_dbm_mdFindObjects_Final;
- rv->Next = nss_dbm_mdFindObjects_Next;
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/instance.c b/security/nss/lib/ckfw/dbm/instance.c
deleted file mode 100644
index 70681803f..000000000
--- a/security/nss/lib/ckfw/dbm/instance.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static CK_RV
-nss_dbm_mdInstance_Initialize
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSUTF8 *configurationData
-)
-{
- CK_RV rv = CKR_OK;
- NSSArena *arena;
- nss_dbm_instance_t *instance;
-
- arena = NSSCKFWInstance_GetArena(fwInstance, &rv);
- if( ((NSSArena *)NULL == arena) && (CKR_OK != rv) ) {
- return rv;
- }
-
- instance = nss_ZNEW(arena, nss_dbm_instance_t);
- if( (nss_dbm_instance_t *)NULL == instance ) {
- return CKR_HOST_MEMORY;
- }
-
- instance->arena = arena;
-
- /*
- * This should parse the configuration data for information on
- * number and locations of databases, modes (e.g. readonly), etc.
- * But for now, we'll have one slot with a creatable read-write
- * database called "cert8.db."
- */
-
- instance->nSlots = 1;
- instance->filenames = nss_ZNEWARRAY(arena, char *, instance->nSlots);
- if( (char **)NULL == instance->filenames ) {
- return CKR_HOST_MEMORY;
- }
-
- instance->flags = nss_ZNEWARRAY(arena, int, instance->nSlots);
- if( (int *)NULL == instance->flags ) {
- return CKR_HOST_MEMORY;
- }
-
- instance->filenames[0] = "cert8.db";
- instance->flags[0] = O_RDWR|O_CREAT;
-
- mdInstance->etc = (void *)instance;
- return CKR_OK;
-}
-
-/* nss_dbm_mdInstance_Finalize is not required */
-
-static CK_ULONG
-nss_dbm_mdInstance_GetNSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- return instance->nSlots;
-}
-
-static CK_VERSION
-nss_dbm_mdInstance_GetCryptokiVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- static CK_VERSION rv = { 2, 1 };
- return rv;
-}
-
-static NSSUTF8 *
-nss_dbm_mdInstance_GetManufacturerID
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "Netscape Communications Corp.";
-}
-
-static NSSUTF8 *
-nss_dbm_mdInstance_GetLibraryDescription
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "Berkeley Database Module";
-}
-
-static CK_VERSION
-nss_dbm_mdInstance_GetLibraryVersion
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- static CK_VERSION rv = { 1, 0 }; /* My own version number */
- return rv;
-}
-
-static CK_BBOOL
-nss_dbm_mdInstance_ModuleHandlesSessionObjects
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CK_TRUE;
-}
-
-static CK_RV
-nss_dbm_mdInstance_GetSlots
-(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
-)
-{
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- CK_ULONG i;
- CK_RV rv = CKR_OK;
-
- for( i = 0; i < instance->nSlots; i++ ) {
- slots[i] = nss_dbm_mdSlot_factory(instance, instance->filenames[i],
- instance->flags[i], &rv);
- if( (NSSCKMDSlot *)NULL == slots[i] ) {
- return rv;
- }
- }
-
- return rv;
-}
-
-/* nss_dbm_mdInstance_WaitForSlotEvent is not relevant */
-
-NSS_IMPLEMENT_DATA NSSCKMDInstance
-nss_dbm_mdInstance = {
- NULL, /* etc; filled in later */
- nss_dbm_mdInstance_Initialize,
- NULL, /* nss_dbm_mdInstance_Finalize */
- nss_dbm_mdInstance_GetNSlots,
- nss_dbm_mdInstance_GetCryptokiVersion,
- nss_dbm_mdInstance_GetManufacturerID,
- nss_dbm_mdInstance_GetLibraryDescription,
- nss_dbm_mdInstance_GetLibraryVersion,
- nss_dbm_mdInstance_ModuleHandlesSessionObjects,
- nss_dbm_mdInstance_GetSlots,
- NULL, /* nss_dbm_mdInstance_WaitForSlotEvent */
- NULL /* terminator */
-};
diff --git a/security/nss/lib/ckfw/dbm/manifest.mn b/security/nss/lib/ckfw/dbm/manifest.mn
deleted file mode 100644
index 193e46bef..000000000
--- a/security/nss/lib/ckfw/dbm/manifest.mn
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../../..
-
-MODULE = security
-
-CSRCS = \
- anchor.c \
- instance.c \
- slot.c \
- token.c \
- session.c \
- object.c \
- find.c \
- db.c \
- $(NULL)
-
-REQUIRES = security dbm nspr
-
-LIBRARY_NAME = nssckdbm
-
-EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -ldbm -lnspr4 -lplc4 -lplds4
diff --git a/security/nss/lib/ckfw/dbm/object.c b/security/nss/lib/ckfw/dbm/object.c
deleted file mode 100644
index 2bd7578fd..000000000
--- a/security/nss/lib/ckfw/dbm/object.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static void
-nss_dbm_mdObject_Finalize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- ;
-}
-
-static CK_RV
-nss_dbm_mdObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- return nss_dbm_db_delete_object(object->handle);
-}
-
-static CK_ULONG
-nss_dbm_mdObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute_count(object->handle, pError,
- &session->deviceError);
-}
-
-static CK_RV
-nss_dbm_mdObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute_types(object->handle, typeArray,
- ulCount, &session->deviceError);
-}
-
-static CK_ULONG
-nss_dbm_mdObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute_size(object->handle, attribute, pError,
- &session->deviceError);
-}
-
-static NSSItem *
-nss_dbm_mdObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_get_object_attribute(object->handle, object->arena, attribute,
- pError, &session->deviceError);
-}
-
-static CK_RV
-nss_dbm_mdObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
-{
- nss_dbm_object_t *object = (nss_dbm_object_t *)mdObject->etc;
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return nss_dbm_db_set_object_attribute(object->handle, attribute, value,
- &session->deviceError);
-}
-
-NSS_IMPLEMENT NSSCKMDObject *
-nss_dbm_mdObject_factory
-(
- nss_dbm_object_t *object,
- CK_RV *pError
-)
-{
- NSSCKMDObject *rv;
-
- rv = nss_ZNEW(object->arena, NSSCKMDObject);
- if( (NSSCKMDObject *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- rv->etc = (void *)object;
- rv->Finalize = nss_dbm_mdObject_Finalize;
- rv->Destroy = nss_dbm_mdObject_Destroy;
- /* IsTokenObject can be deferred */
- rv->GetAttributeCount = nss_dbm_mdObject_GetAttributeCount;
- rv->GetAttributeTypes = nss_dbm_mdObject_GetAttributeTypes;
- rv->GetAttributeSize = nss_dbm_mdObject_GetAttributeSize;
- rv->GetAttribute = nss_dbm_mdObject_GetAttribute;
- rv->SetAttribute = nss_dbm_mdObject_SetAttribute;
- /* GetObjectSize can be deferred */
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/session.c b/security/nss/lib/ckfw/dbm/session.c
deleted file mode 100644
index c0969d948..000000000
--- a/security/nss/lib/ckfw/dbm/session.c
+++ /dev/null
@@ -1,298 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static void
-nss_dbm_mdSession_Close
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
-
- struct nss_dbm_dbt_node *w;
-
- /* Lock */
- {
- if( CKR_OK != NSSCKFWMutex_Lock(session->list_lock) ) {
- return;
- }
-
- w = session->session_objects;
- session->session_objects = (struct nss_dbm_dbt_node *)NULL; /* sanity */
-
- (void)NSSCKFWMutex_Unlock(session->list_lock);
- }
-
- for( ; (struct nss_dbm_dbt_node *)NULL != w; w = w->next ) {
- (void)nss_dbm_db_delete_object(w->dbt);
- }
-}
-
-static CK_ULONG
-nss_dbm_mdSession_GetDeviceError
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- return session->deviceError;
-}
-
-/* Login isn't needed */
-/* Logout isn't needed */
-/* InitPIN is irrelevant */
-/* SetPIN is irrelevant */
-/* GetOperationStateLen is irrelevant */
-/* GetOperationState is irrelevant */
-/* SetOperationState is irrelevant */
-
-static NSSCKMDObject *
-nss_dbm_mdSession_CreateObject
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *handyArenaPointer,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- CK_ULONG i;
- CK_BBOOL isToken = CK_FALSE; /* defaults to false */
- NSSCKMDObject *rv;
- struct nss_dbm_dbt_node *node = (struct nss_dbm_dbt_node *)NULL;
- nss_dbm_object_t *object;
- nss_dbm_db_t *which_db;
-
- /* This framework should really pass this to me */
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- isToken = *(CK_BBOOL *)pTemplate[i].pValue;
- break;
- }
- }
-
- object = nss_ZNEW(handyArenaPointer, nss_dbm_object_t);
- if( (nss_dbm_object_t *)NULL == object ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
-
- object->arena = handyArenaPointer;
- which_db = isToken ? token->slot->token_db : token->session_db;
-
- /* Do this before the actual database call; it's easier to recover from */
- rv = nss_dbm_mdObject_factory(object, pError);
- if( (NSSCKMDObject *)NULL == rv ) {
- return (NSSCKMDObject *)NULL;
- }
-
- if( CK_FALSE == isToken ) {
- node = nss_ZNEW(session->arena, struct nss_dbm_dbt_node);
- if( (struct nss_dbm_dbt_node *)NULL == node ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
- }
- }
-
- object->handle = nss_dbm_db_create_object(handyArenaPointer, which_db,
- pTemplate, ulAttributeCount,
- pError, &session->deviceError);
- if( (nss_dbm_dbt_t *)NULL == object->handle ) {
- return (NSSCKMDObject *)NULL;
- }
-
- if( CK_FALSE == isToken ) {
- node->dbt = object->handle;
- /* Lock */
- {
- *pError = NSSCKFWMutex_Lock(session->list_lock);
- if( CKR_OK != *pError ) {
- (void)nss_dbm_db_delete_object(object->handle);
- return (NSSCKMDObject *)NULL;
- }
-
- node->next = session->session_objects;
- session->session_objects = node;
-
- *pError = NSSCKFWMutex_Unlock(session->list_lock);
- }
- }
-
- return rv;
-}
-
-/* CopyObject isn't needed; the framework will use CreateObject */
-
-static NSSCKMDFindObjects *
-nss_dbm_mdSession_FindObjectsInit
-(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- nss_dbm_session_t *session = (nss_dbm_session_t *)mdSession->etc;
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- NSSArena *arena;
- nss_dbm_find_t *find;
- NSSCKMDFindObjects *rv;
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- find = nss_ZNEW(arena, nss_dbm_find_t);
- if( (nss_dbm_find_t *)NULL == find ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- find->arena = arena;
- find->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == find->list_lock ) {
- goto loser;
- }
-
- *pError = nss_dbm_db_find_objects(find, token->slot->token_db, pTemplate,
- ulAttributeCount, &session->deviceError);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- *pError = nss_dbm_db_find_objects(find, token->session_db, pTemplate,
- ulAttributeCount, &session->deviceError);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- rv = nss_dbm_mdFindObjects_factory(find, pError);
- if( (NSSCKMDFindObjects *)NULL == rv ) {
- goto loser;
- }
-
- return rv;
-
- loser:
- if( (NSSArena *)NULL != arena ) {
- (void)NSSArena_Destroy(arena);
- }
-
- return (NSSCKMDFindObjects *)NULL;
-}
-
-/* SeedRandom is irrelevant */
-/* GetRandom is irrelevant */
-
-NSS_IMPLEMENT NSSCKMDSession *
-nss_dbm_mdSession_factory
-(
- nss_dbm_token_t *token,
- NSSCKFWSession *fwSession,
- NSSCKFWInstance *fwInstance,
- CK_BBOOL rw,
- CK_RV *pError
-)
-{
- NSSArena *arena;
- nss_dbm_session_t *session;
- NSSCKMDSession *rv;
-
- arena = NSSCKFWSession_GetArena(fwSession, pError);
-
- session = nss_ZNEW(arena, nss_dbm_session_t);
- if( (nss_dbm_session_t *)NULL == session ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDSession);
- if( (NSSCKMDSession *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSession *)NULL;
- }
-
- session->arena = arena;
- session->token = token;
- session->list_lock = NSSCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == session->list_lock ) {
- return (NSSCKMDSession *)NULL;
- }
-
- rv->etc = (void *)session;
- rv->Close = nss_dbm_mdSession_Close;
- rv->GetDeviceError = nss_dbm_mdSession_GetDeviceError;
- /* Login isn't needed */
- /* Logout isn't needed */
- /* InitPIN is irrelevant */
- /* SetPIN is irrelevant */
- /* GetOperationStateLen is irrelevant */
- /* GetOperationState is irrelevant */
- /* SetOperationState is irrelevant */
- rv->CreateObject = nss_dbm_mdSession_CreateObject;
- /* CopyObject isn't needed; the framework will use CreateObject */
- rv->FindObjectsInit = nss_dbm_mdSession_FindObjectsInit;
- rv->null = NULL;
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/slot.c b/security/nss/lib/ckfw/dbm/slot.c
deleted file mode 100644
index 40898897a..000000000
--- a/security/nss/lib/ckfw/dbm/slot.c
+++ /dev/null
@@ -1,214 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static CK_RV
-nss_dbm_mdSlot_Initialize
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- CK_RV rv = CKR_OK;
-
- slot->token_db = nss_dbm_db_open(instance->arena, fwInstance, slot->filename,
- slot->flags, &rv);
- if( (nss_dbm_db_t *)NULL == slot->token_db ) {
- if( CKR_TOKEN_NOT_PRESENT == rv ) {
- /* This is not an error-- just means "the token isn't there" */
- rv = CKR_OK;
- }
- }
-
- return rv;
-}
-
-static void
-nss_dbm_mdSlot_Destroy
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
-
- if( (nss_dbm_db_t *)NULL != slot->token_db ) {
- nss_dbm_db_close(slot->token_db);
- slot->token_db = (nss_dbm_db_t *)NULL;
- }
-}
-
-static NSSUTF8 *
-nss_dbm_mdSlot_GetSlotDescription
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "Database";
-}
-
-static NSSUTF8 *
-nss_dbm_mdSlot_GetManufacturerID
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "Berkeley";
-}
-
-static CK_BBOOL
-nss_dbm_mdSlot_GetTokenPresent
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
-
- if( (nss_dbm_db_t *)NULL == slot->token_db ) {
- return CK_FALSE;
- } else {
- return CK_TRUE;
- }
-}
-
-static CK_BBOOL
-nss_dbm_mdSlot_GetRemovableDevice
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- /*
- * Well, this supports "tokens" (databases) that aren't there, so in
- * that sense they're removable. It'd be nice to handle databases
- * that suddenly disappear (NFS-mounted home directories and network
- * errors, for instance) but that's a harder problem. We'll say
- * we support removable devices, badly.
- */
-
- return CK_TRUE;
-}
-
-/* nss_dbm_mdSlot_GetHardwareSlot defaults to CK_FALSE */
-/*
- * nss_dbm_mdSlot_GetHardwareVersion
- * nss_dbm_mdSlot_GetFirmwareVersion
- *
- * These are kinda fuzzy concepts here. I suppose we could return the
- * Berkeley DB version for one of them, if we had an actual number we
- * were confident in. But mcom's "dbm" has been hacked enough that I
- * don't really know from what "real" version it stems..
- */
-
-static NSSCKMDToken *
-nss_dbm_mdSlot_GetToken
-(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nss_dbm_slot_t *slot = (nss_dbm_slot_t *)mdSlot->etc;
- return nss_dbm_mdToken_factory(slot, pError);
-}
-
-NSS_IMPLEMENT NSSCKMDSlot *
-nss_dbm_mdSlot_factory
-(
- nss_dbm_instance_t *instance,
- char *filename,
- int flags,
- CK_RV *pError
-)
-{
- nss_dbm_slot_t *slot;
- NSSCKMDSlot *rv;
-
- slot = nss_ZNEW(instance->arena, nss_dbm_slot_t);
- if( (nss_dbm_slot_t *)NULL == slot ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSlot *)NULL;
- }
-
- slot->instance = instance;
- slot->filename = filename;
- slot->flags = flags;
- slot->token_db = (nss_dbm_db_t *)NULL;
-
- rv = nss_ZNEW(instance->arena, NSSCKMDSlot);
- if( (NSSCKMDSlot *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDSlot *)NULL;
- }
-
- rv->etc = (void *)slot;
- rv->Initialize = nss_dbm_mdSlot_Initialize;
- rv->Destroy = nss_dbm_mdSlot_Destroy;
- rv->GetSlotDescription = nss_dbm_mdSlot_GetSlotDescription;
- rv->GetManufacturerID = nss_dbm_mdSlot_GetManufacturerID;
- rv->GetTokenPresent = nss_dbm_mdSlot_GetTokenPresent;
- rv->GetRemovableDevice = nss_dbm_mdSlot_GetRemovableDevice;
- /* GetHardwareSlot */
- /* GetHardwareVersion */
- /* GetFirmwareVersion */
- rv->GetToken = nss_dbm_mdSlot_GetToken;
- rv->null = (void *)NULL;
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/dbm/token.c b/security/nss/lib/ckfw/dbm/token.c
deleted file mode 100644
index 7c7fbf9e5..000000000
--- a/security/nss/lib/ckfw/dbm/token.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "ckdbm.h"
-
-static CK_RV
-nss_dbm_mdToken_Setup
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- CK_RV rv = CKR_OK;
-
- token->arena = NSSCKFWToken_GetArena(fwToken, &rv);
- token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
- O_RDWR|O_CREAT, &rv);
- if( (nss_dbm_db_t *)NULL == token->session_db ) {
- return rv;
- }
-
- /* Add a label record if there isn't one? */
-
- return CKR_OK;
-}
-
-static void
-nss_dbm_mdToken_Invalidate
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-
- if( (nss_dbm_db_t *)NULL != token->session_db ) {
- nss_dbm_db_close(token->session_db);
- token->session_db = (nss_dbm_db_t *)NULL;
- }
-}
-
-static CK_RV
-nss_dbm_mdToken_InitToken
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *pin,
- NSSUTF8 *label
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- nss_dbm_instance_t *instance = (nss_dbm_instance_t *)mdInstance->etc;
- CK_RV rv;
-
- /* Wipe the session object data */
-
- if( (nss_dbm_db_t *)NULL != token->session_db ) {
- nss_dbm_db_close(token->session_db);
- }
-
- token->session_db = nss_dbm_db_open(token->arena, fwInstance, (char *)NULL,
- O_RDWR|O_CREAT, &rv);
- if( (nss_dbm_db_t *)NULL == token->session_db ) {
- return rv;
- }
-
- /* Wipe the token object data */
-
- if( token->slot->flags & O_RDWR ) {
- if( (nss_dbm_db_t *)NULL != token->slot->token_db ) {
- nss_dbm_db_close(token->slot->token_db);
- }
-
- token->slot->token_db = nss_dbm_db_open(instance->arena, fwInstance,
- token->slot->filename,
- token->slot->flags | O_CREAT | O_TRUNC,
- &rv);
- if( (nss_dbm_db_t *)NULL == token->slot->token_db ) {
- return rv;
- }
-
- /* PIN is irrelevant */
-
- rv = nss_dbm_db_set_label(token->slot->token_db, label);
- if( CKR_OK != rv ) {
- return rv;
- }
- }
-
- return CKR_OK;
-}
-
-static NSSUTF8 *
-nss_dbm_mdToken_GetLabel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-
- if( (NSSUTF8 *)NULL == token->label ) {
- token->label = nss_dbm_db_get_label(token->slot->token_db, token->arena, pError);
- }
-
- /* If no label has been set, return *something* */
- if( (NSSUTF8 *)NULL == token->label ) {
- return token->slot->filename;
- }
-
- return token->label;
-}
-
-static NSSUTF8 *
-nss_dbm_mdToken_GetManufacturerID
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "mozilla.org NSS";
-}
-
-static NSSUTF8 *
-nss_dbm_mdToken_GetModel
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- return "dbm";
-}
-
-/* GetSerialNumber is irrelevant */
-/* GetHasRNG defaults to CK_FALSE */
-
-static CK_BBOOL
-nss_dbm_mdToken_GetIsWriteProtected
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
-
- if( token->slot->flags & O_RDWR ) {
- return CK_FALSE;
- } else {
- return CK_TRUE;
- }
-}
-
-/* GetLoginRequired defaults to CK_FALSE */
-/* GetUserPinInitialized defaults to CK_FALSE */
-/* GetRestoreKeyNotNeeded is irrelevant */
-/* GetHasClockOnToken defaults to CK_FALSE */
-/* GetHasProtectedAuthenticationPath defaults to CK_FALSE */
-/* GetSupportsDualCryptoOperations is irrelevant */
-
-static CK_ULONG
-nss_dbm_mdToken_effectively_infinite
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- return CK_EFFECTIVELY_INFINITE;
-}
-
-static CK_VERSION
-nss_dbm_mdToken_GetHardwareVersion
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- return nss_dbm_db_get_format_version(token->slot->token_db);
-}
-
-/* GetFirmwareVersion is irrelevant */
-/* GetUTCTime is irrelevant */
-
-static NSSCKMDSession *
-nss_dbm_mdToken_OpenSession
-(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
-)
-{
- nss_dbm_token_t *token = (nss_dbm_token_t *)mdToken->etc;
- return nss_dbm_mdSession_factory(token, fwSession, fwInstance, rw, pError);
-}
-
-/* GetMechanismCount defaults to zero */
-/* GetMechanismTypes is irrelevant */
-/* GetMechanism is irrelevant */
-
-NSS_IMPLEMENT NSSCKMDToken *
-nss_dbm_mdToken_factory
-(
- nss_dbm_slot_t *slot,
- CK_RV *pError
-)
-{
- nss_dbm_token_t *token;
- NSSCKMDToken *rv;
-
- token = nss_ZNEW(slot->instance->arena, nss_dbm_token_t);
- if( (nss_dbm_token_t *)NULL == token ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDToken *)NULL;
- }
-
- rv = nss_ZNEW(slot->instance->arena, NSSCKMDToken);
- if( (NSSCKMDToken *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDToken *)NULL;
- }
-
- token->slot = slot;
-
- rv->etc = (void *)token;
- rv->Setup = nss_dbm_mdToken_Setup;
- rv->Invalidate = nss_dbm_mdToken_Invalidate;
- rv->InitToken = nss_dbm_mdToken_InitToken;
- rv->GetLabel = nss_dbm_mdToken_GetLabel;
- rv->GetManufacturerID = nss_dbm_mdToken_GetManufacturerID;
- rv->GetModel = nss_dbm_mdToken_GetModel;
- /* GetSerialNumber is irrelevant */
- /* GetHasRNG defaults to CK_FALSE */
- rv->GetIsWriteProtected = nss_dbm_mdToken_GetIsWriteProtected;
- /* GetLoginRequired defaults to CK_FALSE */
- /* GetUserPinInitialized defaults to CK_FALSE */
- /* GetRestoreKeyNotNeeded is irrelevant */
- /* GetHasClockOnToken defaults to CK_FALSE */
- /* GetHasProtectedAuthenticationPath defaults to CK_FALSE */
- /* GetSupportsDualCryptoOperations is irrelevant */
- rv->GetMaxSessionCount = nss_dbm_mdToken_effectively_infinite;
- rv->GetMaxRwSessionCount = nss_dbm_mdToken_effectively_infinite;
- /* GetMaxPinLen is irrelevant */
- /* GetMinPinLen is irrelevant */
- /* GetTotalPublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
- /* GetFreePublicMemory defaults to CK_UNAVAILABLE_INFORMATION */
- /* GetTotalPrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
- /* GetFreePrivateMemory defaults to CK_UNAVAILABLE_INFORMATION */
- rv->GetHardwareVersion = nss_dbm_mdToken_GetHardwareVersion;
- /* GetFirmwareVersion is irrelevant */
- /* GetUTCTime is irrelevant */
- rv->OpenSession = nss_dbm_mdToken_OpenSession;
- rv->null = NULL;
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/find.c b/security/nss/lib/ckfw/find.c
deleted file mode 100644
index c87b717f3..000000000
--- a/security/nss/lib/ckfw/find.c
+++ /dev/null
@@ -1,408 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * find.c
- *
- * This file implements the nssCKFWFindObjects type and methods.
- */
-
-#ifndef CK_H
-#include "ck.h"
-#endif /* CK_H */
-
-/*
- * NSSCKFWFindObjects
- *
- * -- create/destroy --
- * nssCKFWFindObjects_Create
- * nssCKFWFindObjects_Destroy
- *
- * -- public accessors --
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- * -- implement public accessors --
- * nssCKFWFindObjects_GetMDFindObjects
- *
- * -- private accessors --
- *
- * -- module fronts --
- * nssCKFWFindObjects_Next
- */
-
-struct NSSCKFWFindObjectsStr {
- NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
- NSSCKMDFindObjects *mdfo1;
- NSSCKMDFindObjects *mdfo2;
- NSSCKFWSession *fwSession;
- NSSCKMDSession *mdSession;
- NSSCKFWToken *fwToken;
- NSSCKMDToken *mdToken;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
-
- NSSCKMDFindObjects *mdFindObjects; /* varies */
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do these routines as no-ops.
- */
-
-static CK_RV
-findObjects_add_pointer
-(
- const NSSCKFWFindObjects *fwFindObjects
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-findObjects_remove_pointer
-(
- const NSSCKFWFindObjects *fwFindObjects
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWFindObjects_verifyPointer
-(
- const NSSCKFWFindObjects *fwFindObjects
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWFindObjects_Create
- *
- */
-NSS_EXTERN NSSCKFWFindObjects *
-nssCKFWFindObjects_Create
-(
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- NSSCKMDFindObjects *mdFindObjects1,
- NSSCKMDFindObjects *mdFindObjects2,
- CK_RV *pError
-)
-{
- NSSCKFWFindObjects *fwFindObjects = NULL;
- NSSArena *arena;
- NSSCKMDSession *mdSession;
- NSSCKMDToken *mdToken;
- NSSCKMDInstance *mdInstance;
-
- mdSession = nssCKFWSession_GetMDSession(fwSession);
- mdToken = nssCKFWToken_GetMDToken(fwToken);
- mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
-
- arena = nssCKFWSession_GetArena(fwSession, pError);
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
-
- fwFindObjects = nss_ZNEW(arena, NSSCKFWFindObjects);
- if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwFindObjects->mdfo1 = mdFindObjects1;
- fwFindObjects->mdfo2 = mdFindObjects2;
- fwFindObjects->fwSession = fwSession;
- fwFindObjects->mdSession = mdSession;
- fwFindObjects->fwToken = fwToken;
- fwFindObjects->mdToken = mdToken;
- fwFindObjects->fwInstance = fwInstance;
- fwFindObjects->mdInstance = mdInstance;
-
- fwFindObjects->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == fwFindObjects->mutex ) {
- goto loser;
- }
-
-#ifdef DEBUG
- *pError = findObjects_add_pointer(fwFindObjects);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return fwFindObjects;
-
- loser:
- nss_ZFreeIf(fwFindObjects);
-
- if( (NSSCKMDFindObjects *)NULL != mdFindObjects1 ) {
- if( (void *)NULL != (void *)mdFindObjects1->Final ) {
- fwFindObjects->mdFindObjects = mdFindObjects1;
- mdFindObjects1->Final(mdFindObjects1, fwFindObjects, mdSession,
- fwSession, mdToken, fwToken, mdInstance, fwInstance);
- }
- }
-
- if( (NSSCKMDFindObjects *)NULL != mdFindObjects2 ) {
- if( (void *)NULL != (void *)mdFindObjects2->Final ) {
- fwFindObjects->mdFindObjects = mdFindObjects2;
- mdFindObjects2->Final(mdFindObjects2, fwFindObjects, mdSession,
- fwSession, mdToken, fwToken, mdInstance, fwInstance);
- }
- }
-
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- return (NSSCKFWFindObjects *)NULL;
-}
-
-
-/*
- * nssCKFWFindObjects_Destroy
- *
- */
-NSS_EXTERN void
-nssCKFWFindObjects_Destroy
-(
- NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- (void)nssCKFWMutex_Destroy(fwFindObjects->mutex);
-
- if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo1 ) {
- if( (void *)NULL != (void *)fwFindObjects->mdfo1->Final ) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
- fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- }
- }
-
- if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo2 ) {
- if( (void *)NULL != (void *)fwFindObjects->mdfo2->Final ) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
- fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- }
- }
-
- nss_ZFreeIf(fwFindObjects);
-
-#ifdef DEBUG
- (void)findObjects_remove_pointer(fwFindObjects);
-#endif /* DEBUG */
-
- return;
-}
-
-/*
- * nssCKFWFindObjects_GetMDFindObjects
- *
- */
-NSS_EXTERN NSSCKMDFindObjects *
-nssCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
- return (NSSCKMDFindObjects *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwFindObjects->mdFindObjects;
-}
-
-/*
- * nssCKFWFindObjects_Next
- *
- */
-NSS_EXTERN NSSCKFWObject *
-nssCKFWFindObjects_Next
-(
- NSSCKFWFindObjects *fwFindObjects,
- NSSArena *arenaOpt,
- CK_RV *pError
-)
-{
- NSSCKMDObject *mdObject;
- NSSCKFWObject *fwObject = (NSSCKFWObject *)NULL;
- NSSArena *objArena;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWFindObjects_verifyPointer(fwFindObjects);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwFindObjects->mutex);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo1 ) {
- if( (void *)NULL != (void *)fwFindObjects->mdfo1->Next ) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo1;
- mdObject = fwFindObjects->mdfo1->Next(fwFindObjects->mdfo1,
- fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance,
- arenaOpt, pError);
- if( (NSSCKMDObject *)NULL == mdObject ) {
- if( CKR_OK != *pError ) {
- goto done;
- }
-
- /* All done. */
- fwFindObjects->mdfo1->Final(fwFindObjects->mdfo1, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- fwFindObjects->mdfo1 = (NSSCKMDFindObjects *)NULL;
- } else {
- goto wrap;
- }
- }
- }
-
- if( (NSSCKMDFindObjects *)NULL != fwFindObjects->mdfo2 ) {
- if( (void *)NULL != (void *)fwFindObjects->mdfo2->Next ) {
- fwFindObjects->mdFindObjects = fwFindObjects->mdfo2;
- mdObject = fwFindObjects->mdfo2->Next(fwFindObjects->mdfo2,
- fwFindObjects, fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance,
- arenaOpt, pError);
- if( (NSSCKMDObject *)NULL == mdObject ) {
- if( CKR_OK != *pError ) {
- goto done;
- }
-
- /* All done. */
- fwFindObjects->mdfo2->Final(fwFindObjects->mdfo2, fwFindObjects,
- fwFindObjects->mdSession, fwFindObjects->fwSession,
- fwFindObjects->mdToken, fwFindObjects->fwToken,
- fwFindObjects->mdInstance, fwFindObjects->fwInstance);
- fwFindObjects->mdfo2 = (NSSCKMDFindObjects *)NULL;
- } else {
- goto wrap;
- }
- }
- }
-
- /* No more objects */
- *pError = CKR_OK;
- goto done;
-
- wrap:
- /*
- * This is less than ideal-- we should determine if it's a token
- * object or a session object, and use the appropriate arena.
- * But that duplicates logic in nssCKFWObject_IsTokenObject.
- * Worry about that later. For now, be conservative, and use
- * the token arena.
- */
- objArena = nssCKFWToken_GetArena(fwFindObjects->fwToken, pError);
- if( (NSSArena *)NULL == objArena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_HOST_MEMORY;
- }
- goto done;
- }
-
- fwObject = nssCKFWObject_Create(objArena, mdObject,
- fwFindObjects->fwSession, fwFindObjects->fwToken,
- fwFindObjects->fwInstance, pError);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwFindObjects->mutex);
- return fwObject;
-}
-
-/*
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- */
-
-NSS_EXTERN NSSCKMDFindObjects *
-NSSCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWFindObjects_verifyPointer(fwFindObjects) ) {
- return (NSSCKMDFindObjects *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWFindObjects_GetMDFindObjects(fwFindObjects);
-}
diff --git a/security/nss/lib/ckfw/hash.c b/security/nss/lib/ckfw/hash.c
deleted file mode 100644
index f9790493b..000000000
--- a/security/nss/lib/ckfw/hash.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * hash.c
- *
- * This is merely a couple wrappers around NSPR's PLHashTable, using
- * the identity hash and arena-aware allocators. The reason I did
- * this is that hash tables are used in a few places throughout the
- * NSS Cryptoki Framework in a fairly stereotyped way, and this allows
- * me to pull the commonalities into one place. Should we ever want
- * to change the implementation, it's all right here.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * nssCKFWHash
- *
- * nssCKFWHash_Create
- * nssCKFWHash_Destroy
- * nssCKFWHash_Add
- * nssCKFWHash_Remove
- * nssCKFWHash_Count
- * nssCKFWHash_Exists
- * nssCKFWHash_Lookup
- * nssCKFWHash_Iterate
- */
-
-struct nssCKFWHashStr {
- NSSCKFWMutex *mutex;
-
- /*
- * The invariant that mutex protects is:
- * The count accurately reflects the hashtable state.
- */
-
- PLHashTable *plHashTable;
- CK_ULONG count;
-};
-
-static PLHashNumber
-nss_ckfw_identity_hash
-(
- const void *key
-)
-{
- PRUint32 i = (PRUint32)key;
- PR_ASSERT(sizeof(PLHashNumber) == sizeof(PRUint32));
- return (PLHashNumber)i;
-}
-
-/*
- * nssCKFWHash_Create
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWHash_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- nssCKFWHash *rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (nssCKFWHash *)NULL;
- }
-
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (nssCKFWHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- rv = nss_ZNEW(arena, nssCKFWHash);
- if( (nssCKFWHash *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- return (nssCKFWHash *)NULL;
- }
-
- rv->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == rv->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (nssCKFWHash *)NULL;
- }
-
- rv->plHashTable = PL_NewHashTable(0, nss_ckfw_identity_hash,
- PL_CompareValues, PL_CompareValues, &nssArenaHashAllocOps, arena);
- if( (PLHashTable *)NULL == rv->plHashTable ) {
- (void)nssCKFWMutex_Destroy(rv->mutex);
- (void)nss_ZFreeIf(rv);
- *pError = CKR_HOST_MEMORY;
- return (nssCKFWHash *)NULL;
- }
-
- rv->count = 0;
-
- return rv;
-}
-
-/*
- * nssCKFWHash_Destroy
- *
- */
-NSS_IMPLEMENT void
-nssCKFWHash_Destroy
-(
- nssCKFWHash *hash
-)
-{
- (void)nssCKFWMutex_Destroy(hash->mutex);
- PL_HashTableDestroy(hash->plHashTable);
- (void)nss_ZFreeIf(hash);
-}
-
-/*
- * nssCKFWHash_Add
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWHash_Add
-(
- nssCKFWHash *hash,
- const void *key,
- const void *value
-)
-{
- CK_RV error = CKR_OK;
- PLHashEntry *he;
-
- error = nssCKFWMutex_Lock(hash->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- he = PL_HashTableAdd(hash->plHashTable, key, (void *)value);
- if( (PLHashEntry *)NULL == he ) {
- error = CKR_HOST_MEMORY;
- } else {
- hash->count++;
- }
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- return error;
-}
-
-/*
- * nssCKFWHash_Remove
- *
- */
-NSS_IMPLEMENT void
-nssCKFWHash_Remove
-(
- nssCKFWHash *hash,
- const void *it
-)
-{
- PRBool found;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return;
- }
-
- found = PL_HashTableRemove(hash->plHashTable, it);
- if( found ) {
- hash->count--;
- }
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
- return;
-}
-
-/*
- * nssCKFWHash_Count
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWHash_Count
-(
- nssCKFWHash *hash
-)
-{
- CK_ULONG count;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return (CK_ULONG)0;
- }
-
- count = hash->count;
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- return count;
-}
-
-/*
- * nssCKFWHash_Exists
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWHash_Exists
-(
- nssCKFWHash *hash,
- const void *it
-)
-{
- void *value;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return CK_FALSE;
- }
-
- value = PL_HashTableLookup(hash->plHashTable, it);
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- if( (void *)NULL == value ) {
- return CK_FALSE;
- } else {
- return CK_TRUE;
- }
-}
-
-/*
- * nssCKFWHash_Lookup
- *
- */
-NSS_IMPLEMENT void *
-nssCKFWHash_Lookup
-(
- nssCKFWHash *hash,
- const void *it
-)
-{
- void *rv;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return (void *)NULL;
- }
-
- rv = PL_HashTableLookup(hash->plHashTable, it);
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- return rv;
-}
-
-struct arg_str {
- nssCKFWHashIterator fcn;
- void *closure;
-};
-
-static PRIntn
-nss_ckfwhash_enumerator
-(
- PLHashEntry *he,
- PRIntn index,
- void *arg
-)
-{
- struct arg_str *as = (struct arg_str *)arg;
- as->fcn(he->key, he->value, as->closure);
- return HT_ENUMERATE_NEXT;
-}
-
-/*
- * nssCKFWHash_Iterate
- *
- * NOTE that the iteration function will be called with the hashtable locked.
- */
-NSS_IMPLEMENT void
-nssCKFWHash_Iterate
-(
- nssCKFWHash *hash,
- nssCKFWHashIterator fcn,
- void *closure
-)
-{
- struct arg_str as;
- as.fcn = fcn;
- as.closure = closure;
-
- if( CKR_OK != nssCKFWMutex_Lock(hash->mutex) ) {
- return;
- }
-
- PL_HashTableEnumerateEntries(hash->plHashTable, nss_ckfwhash_enumerator, &as);
-
- (void)nssCKFWMutex_Unlock(hash->mutex);
-
- return;
-}
diff --git a/security/nss/lib/ckfw/instance.c b/security/nss/lib/ckfw/instance.c
deleted file mode 100644
index 4d5769258..000000000
--- a/security/nss/lib/ckfw/instance.c
+++ /dev/null
@@ -1,1310 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * instance.c
- *
- * This file implements the NSSCKFWInstance type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWInstance
- *
- * -- create/destroy --
- * nssCKFWInstance_Create
- * nssCKFWInstance_Destroy
- *
- * -- public accessors --
- * NSSCKFWInstance_GetMDInstance
- * NSSCKFWInstance_GetArena
- * NSSCKFWInstance_MayCreatePthreads
- * NSSCKFWInstance_CreateMutex
- * NSSCKFWInstance_GetConfigurationData
- *
- * -- implement public accessors --
- * nssCKFWInstance_GetMDInstance
- * nssCKFWInstance_GetArena
- * nssCKFWInstance_MayCreatePthreads
- * nssCKFWInstance_CreateMutex
- * nssCKFWInstance_GetConfigurationData
- *
- * -- private accessors --
- * nssCKFWInstance_CreateSessionHandle
- * nssCKFWInstance_ResolveSessionHandle
- * nssCKFWInstance_DestroySessionHandle
- * nssCKFWInstance_FindSessionHandle
- * nssCKFWInstance_CreateObjectHandle
- * nssCKFWInstance_ResolveObjectHandle
- * nssCKFWInstance_DestroyObjectHandle
- *
- * -- module fronts --
- * nssCKFWInstance_GetNSlots
- * nssCKFWInstance_GetCryptokiVersion
- * nssCKFWInstance_GetManufacturerID
- * nssCKFWInstance_GetFlags
- * nssCKFWInstance_GetLibraryDescription
- * nssCKFWInstance_GetLibraryVersion
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- * nssCKFWInstance_GetSlots
- * nssCKFWInstance_WaitForSlotEvent
- *
- * -- debugging versions only --
- * nssCKFWInstance_verifyPointer
- */
-
-struct NSSCKFWInstanceStr {
- NSSCKFWMutex *mutex;
- NSSArena *arena;
- NSSCKMDInstance *mdInstance;
- CK_C_INITIALIZE_ARGS_PTR pInitArgs;
- CK_BBOOL mayCreatePthreads;
- NSSUTF8 *configurationData;
- CK_ULONG nSlots;
- NSSCKFWSlot **fwSlotList;
- NSSCKMDSlot **mdSlotList;
- CK_BBOOL moduleHandlesSessionObjects;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The invariants the mutex protects are:
- *
- * 1) Each of the cached descriptions (versions, etc.) are in an
- * internally consistant state.
- *
- * 2) The session handle hashes and count are consistant
- *
- * 3) The object handle hashes and count are consistant.
- *
- * I could use multiple locks, but let's wait to see if that's
- * really necessary.
- *
- * Note that the calls accessing the cached descriptions will
- * call the NSSCKMDInstance methods with the mutex locked. Those
- * methods may then call the public NSSCKFWInstance routines.
- * Those public routines only access the constant data above, so
- * there's no problem. But be careful if you add to this object;
- * mutexes are in general not reentrant, so don't create deadlock
- * situations.
- */
-
- CK_VERSION cryptokiVersion;
- NSSUTF8 *manufacturerID;
- NSSUTF8 *libraryDescription;
- CK_VERSION libraryVersion;
-
- CK_ULONG lastSessionHandle;
- nssCKFWHash *sessionHandleHash;
-
- CK_ULONG lastObjectHandle;
- nssCKFWHash *objectHandleHash;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-instance_add_pointer
-(
- const NSSCKFWInstance *fwInstance
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-instance_remove_pointer
-(
- const NSSCKFWInstance *fwInstance
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_verifyPointer
-(
- const NSSCKFWInstance *fwInstance
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWInstance_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWInstance *
-nssCKFWInstance_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- NSSCKMDInstance *mdInstance,
- CK_RV *pError
-)
-{
- NSSCKFWInstance *fwInstance;
- NSSArena *arena = (NSSArena *)NULL;
- CK_ULONG i;
- CK_BBOOL called_Initialize = CK_FALSE;
-
-#ifdef NSSDEBUG
- if( (CK_RV)NULL == pError ) {
- return (NSSCKFWInstance *)NULL;
- }
-
- if( (NSSCKMDInstance *)NULL == mdInstance ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWInstance *)NULL;
- }
-#endif /* NSSDEBUG */
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWInstance *)NULL;
- }
-
- fwInstance = nss_ZNEW(arena, NSSCKFWInstance);
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- goto nomem;
- }
-
- fwInstance->arena = arena;
- fwInstance->mdInstance = mdInstance;
- fwInstance->pInitArgs = pInitArgs;
-
- if( (CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs ) {
- if( pInitArgs->flags & CKF_LIBRARY_CANT_CREATE_OS_THREADS ) {
- fwInstance->mayCreatePthreads = CK_FALSE;
- } else {
- fwInstance->mayCreatePthreads = CK_TRUE;
- }
- fwInstance->configurationData = (NSSUTF8 *)(pInitArgs->pReserved);
- } else {
- fwInstance->mayCreatePthreads = CK_TRUE;
- }
-
- fwInstance->mutex = nssCKFWMutex_Create(pInitArgs, arena, pError);
- if( (NSSCKFWMutex *)NULL == fwInstance->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- if( (void *)NULL != (void *)mdInstance->Initialize ) {
- *pError = mdInstance->Initialize(mdInstance, fwInstance, fwInstance->configurationData);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- called_Initialize = CK_TRUE;
- }
-
- if( (void *)NULL != (void *)mdInstance->ModuleHandlesSessionObjects ) {
- fwInstance->moduleHandlesSessionObjects =
- mdInstance->ModuleHandlesSessionObjects(mdInstance, fwInstance);
- } else {
- fwInstance->moduleHandlesSessionObjects = CK_FALSE;
- }
-
- if( (void *)NULL == (void *)mdInstance->GetNSlots ) {
- /* That routine is required */
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- fwInstance->nSlots = mdInstance->GetNSlots(mdInstance, fwInstance, pError);
- if( (CK_ULONG)0 == fwInstance->nSlots ) {
- if( CKR_OK == *pError ) {
- /* Zero is not a legitimate answer */
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- fwInstance->fwSlotList = nss_ZNEWARRAY(arena, NSSCKFWSlot *, fwInstance->nSlots);
- if( (NSSCKFWSlot **)NULL == fwInstance->fwSlotList ) {
- goto nomem;
- }
-
- fwInstance->mdSlotList = nss_ZNEWARRAY(arena, NSSCKMDSlot *, fwInstance->nSlots);
- if( (NSSCKMDSlot **)NULL == fwInstance->mdSlotList ) {
- goto nomem;
- }
-
- fwInstance->sessionHandleHash = nssCKFWHash_Create(fwInstance,
- fwInstance->arena, pError);
- if( (nssCKFWHash *)NULL == fwInstance->sessionHandleHash ) {
- goto loser;
- }
-
- fwInstance->objectHandleHash = nssCKFWHash_Create(fwInstance,
- fwInstance->arena, pError);
- if( (nssCKFWHash *)NULL == fwInstance->objectHandleHash ) {
- goto loser;
- }
-
- if( (void *)NULL == (void *)mdInstance->GetSlots ) {
- /* That routine is required */
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- *pError = mdInstance->GetSlots(mdInstance, fwInstance, fwInstance->mdSlotList);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
- for( i = 0; i < fwInstance->nSlots; i++ ) {
- NSSCKMDSlot *mdSlot = fwInstance->mdSlotList[i];
-
- if( (NSSCKMDSlot *)NULL == mdSlot ) {
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- fwInstance->fwSlotList[i] = nssCKFWSlot_Create(fwInstance, mdSlot, i, pError);
- if( CKR_OK != *pError ) {
- CK_ULONG j;
-
- for( j = 0; j < i; j++ ) {
- (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[j]);
- }
-
- for( j = i; j < fwInstance->nSlots; j++ ) {
- NSSCKMDSlot *mds = fwInstance->mdSlotList[j];
- if( (void *)NULL != (void *)mds->Destroy ) {
- mds->Destroy(mds, (NSSCKFWSlot *)NULL, mdInstance, fwInstance);
- }
- }
-
- goto loser;
- }
- }
-
-#ifdef DEBUG
- *pError = instance_add_pointer(fwInstance);
- if( CKR_OK != *pError ) {
- for( i = 0; i < fwInstance->nSlots; i++ ) {
- (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
- }
-
- goto loser;
- }
-#endif /* DEBUG */
-
- *pError = CKR_OK;
- return fwInstance;
-
- nomem:
- *pError = CKR_HOST_MEMORY;
- /*FALLTHROUGH*/
- loser:
-
- if( CK_TRUE == called_Initialize ) {
- if( (void *)NULL != (void *)mdInstance->Finalize ) {
- mdInstance->Finalize(mdInstance, fwInstance);
- }
- }
-
- (void)NSSArena_Destroy(arena);
- return (NSSCKFWInstance *)NULL;
-}
-
-/*
- * nssCKFWInstance_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_Destroy
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
- CK_ULONG i;
-
-#ifdef NSSDEBUG
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- nssCKFWMutex_Destroy(fwInstance->mutex);
-
- for( i = 0; i < fwInstance->nSlots; i++ ) {
- (void)nssCKFWSlot_Destroy(fwInstance->fwSlotList[i]);
- }
-
- if( (void *)NULL != (void *)fwInstance->mdInstance->Finalize ) {
- fwInstance->mdInstance->Finalize(fwInstance->mdInstance, fwInstance);
- }
-
-#ifdef DEBUG
- (void)instance_remove_pointer(fwInstance);
-#endif /* DEBUG */
-
- (void)NSSArena_Destroy(fwInstance->arena);
- return CKR_OK;
-}
-
-/*
- * nssCKFWInstance_GetMDInstance
- *
- */
-NSS_IMPLEMENT NSSCKMDInstance *
-nssCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKMDInstance *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->mdInstance;
-}
-
-/*
- * nssCKFWInstance_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* NSSDEBUG */
-
- *pError = CKR_OK;
- return fwInstance->arena;
-}
-
-/*
- * nssCKFWInstance_MayCreatePthreads
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->mayCreatePthreads;
-}
-
-/*
- * nssCKFWInstance_CreateMutex
- *
- */
-NSS_IMPLEMENT NSSCKFWMutex *
-nssCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- NSSCKFWMutex *mutex;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWMutex *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWMutex *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arena ) {
- arena = fwInstance->arena;
- }
-
- mutex = nssCKFWMutex_Create(fwInstance->pInitArgs, arena, pError);
- if( (NSSCKFWMutex *)NULL == mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- return (NSSCKFWMutex *)NULL;
- }
-
- return mutex;
-}
-
-/*
- * nssCKFWInstance_GetConfigurationData
- *
- */
-NSS_IMPLEMENT NSSUTF8 *
-nssCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->configurationData;
-}
-
-/*
- * nssCKFWInstance_CreateSessionHandle
- *
- */
-NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWInstance_CreateSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
- CK_SESSION_HANDLE hSession;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_SESSION_HANDLE)0;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (CK_SESSION_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != *pError ) {
- return (CK_SESSION_HANDLE)0;
- }
-
- hSession = ++(fwInstance->lastSessionHandle);
-
- /* Alan would say I should unlock for this call. */
-
- *pError = nssCKFWSession_SetHandle(fwSession, hSession);
- if( CKR_OK != *pError ) {
- goto done;
- }
-
- *pError = nssCKFWHash_Add(fwInstance->sessionHandleHash,
- (const void *)hSession, (const void *)fwSession);
- if( CKR_OK != *pError ) {
- hSession = (CK_SESSION_HANDLE)0;
- goto done;
- }
-
- done:
- nssCKFWMutex_Unlock(fwInstance->mutex);
- return hSession;
-}
-
-/*
- * nssCKFWInstance_ResolveSessionHandle
- *
- */
-NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWInstance_ResolveSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- NSSCKFWSession *fwSession;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKFWSession *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return (NSSCKFWSession *)NULL;
- }
-
- fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
- fwInstance->sessionHandleHash, (const void *)hSession);
-
- /* Assert(hSession == nssCKFWSession_GetHandle(fwSession)) */
-
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-
- return fwSession;
-}
-
-/*
- * nssCKFWInstance_DestroySessionHandle
- *
- */
-NSS_IMPLEMENT void
-nssCKFWInstance_DestroySessionHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- NSSCKFWSession *fwSession;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return;
- }
-
- fwSession = (NSSCKFWSession *)nssCKFWHash_Lookup(
- fwInstance->sessionHandleHash, (const void *)hSession);
-
- nssCKFWHash_Remove(fwInstance->sessionHandleHash, (const void *)hSession);
- nssCKFWSession_SetHandle(fwSession, (CK_SESSION_HANDLE)0);
-
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
-
- return;
-}
-
-/*
- * nssCKFWInstance_FindSessionHandle
- *
- */
-NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWInstance_FindSessionHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_SESSION_HANDLE)0;
- }
-
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (CK_SESSION_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- return nssCKFWSession_GetHandle(fwSession);
- /* look it up and assert? */
-}
-
-/*
- * nssCKFWInstance_CreateObjectHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_CreateObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
- CK_OBJECT_HANDLE hObject;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_OBJECT_HANDLE)0;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (CK_OBJECT_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != *pError ) {
- return (CK_OBJECT_HANDLE)0;
- }
-
- hObject = ++(fwInstance->lastObjectHandle);
-
- *pError = nssCKFWObject_SetHandle(fwObject, hObject);
- if( CKR_OK != *pError ) {
- hObject = (CK_OBJECT_HANDLE)0;
- goto done;
- }
-
- *pError = nssCKFWHash_Add(fwInstance->objectHandleHash,
- (const void *)hObject, (const void *)fwObject);
- if( CKR_OK != *pError ) {
- hObject = (CK_OBJECT_HANDLE)0;
- goto done;
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return hObject;
-}
-
-/*
- * nssCKFWInstance_ResolveObjectHandle
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWInstance_ResolveObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-)
-{
- NSSCKFWObject *fwObject;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return (NSSCKFWObject *)NULL;
- }
-
- fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
- fwInstance->objectHandleHash, (const void *)hObject);
-
- /* Assert(hObject == nssCKFWObject_GetHandle(fwObject)) */
-
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return fwObject;
-}
-
-/*
- * nssCKFWInstance_ReassignObjectHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_ReassignObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject,
- NSSCKFWObject *fwObject
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWObject *oldObject;
-
-#ifdef NSSDEBUG
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- oldObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
- fwInstance->objectHandleHash, (const void *)hObject);
- /* Assert(hObject == nssCKFWObject_GetHandle(oldObject) */
- (void)nssCKFWObject_SetHandle(oldObject, (CK_SESSION_HANDLE)0);
- nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
-
- error = nssCKFWObject_SetHandle(fwObject, hObject);
- if( CKR_OK != error ) {
- goto done;
- }
- error = nssCKFWHash_Add(fwInstance->objectHandleHash,
- (const void *)hObject, (const void *)fwObject);
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return error;
-}
-
-/*
- * nssCKFWInstance_DestroyObjectHandle
- *
- */
-NSS_IMPLEMENT void
-nssCKFWInstance_DestroyObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- CK_OBJECT_HANDLE hObject
-)
-{
- NSSCKFWObject *fwObject;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- return;
- }
-
- fwObject = (NSSCKFWObject *)nssCKFWHash_Lookup(
- fwInstance->objectHandleHash, (const void *)hObject);
- /* Assert(hObject = nssCKFWObject_GetHandle(fwObject)) */
- nssCKFWHash_Remove(fwInstance->objectHandleHash, (const void *)hObject);
- (void)nssCKFWObject_SetHandle(fwObject, (CK_SESSION_HANDLE)0);
-
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return;
-}
-
-/*
- * nssCKFWInstance_FindObjectHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWInstance_FindObjectHandle
-(
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_OBJECT_HANDLE)0;
- }
-
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (CK_OBJECT_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- return nssCKFWObject_GetHandle(fwObject);
-}
-
-/*
- * nssCKFWInstance_GetNSlots
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWInstance_GetNSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- *pError = CKR_OK;
- return fwInstance->nSlots;
-}
-
-/*
- * nssCKFWInstance_GetCryptokiVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWInstance_GetCryptokiVersion
-(
- NSSCKFWInstance *fwInstance
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwInstance->cryptokiVersion.major) ||
- (0 != fwInstance->cryptokiVersion.minor) ) {
- rv = fwInstance->cryptokiVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwInstance->mdInstance->GetCryptokiVersion ) {
- fwInstance->cryptokiVersion = fwInstance->mdInstance->GetCryptokiVersion(
- fwInstance->mdInstance, fwInstance);
- } else {
- fwInstance->cryptokiVersion.major = 2;
- fwInstance->cryptokiVersion.minor = 1;
- }
-
- rv = fwInstance->cryptokiVersion;
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return rv;
-}
-
-/*
- * nssCKFWInstance_GetManufacturerID
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_GetManufacturerID
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR manufacturerID[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == manufacturerID ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwInstance->manufacturerID ) {
- if( (void *)NULL != (void *)fwInstance->mdInstance->GetManufacturerID ) {
- fwInstance->manufacturerID = fwInstance->mdInstance->GetManufacturerID(
- fwInstance->mdInstance, fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwInstance->manufacturerID) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwInstance->manufacturerID = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->manufacturerID, (char *)manufacturerID, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return error;
-}
-
-/*
- * nssCKFWInstance_GetFlags
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWInstance_GetFlags
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- /* No "instance flags" are yet defined by Cryptoki. */
- return (CK_ULONG)0;
-}
-
-/*
- * nssCKFWInstance_GetLibraryDescription
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWInstance_GetLibraryDescription
-(
- NSSCKFWInstance *fwInstance,
- CK_CHAR libraryDescription[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == libraryDescription ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwInstance->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwInstance->libraryDescription ) {
- if( (void *)NULL != (void *)fwInstance->mdInstance->GetLibraryDescription ) {
- fwInstance->libraryDescription = fwInstance->mdInstance->GetLibraryDescription(
- fwInstance->mdInstance, fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwInstance->libraryDescription) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwInstance->libraryDescription = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwInstance->libraryDescription, (char *)libraryDescription, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return error;
-}
-
-/*
- * nssCKFWInstance_GetLibraryVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWInstance_GetLibraryVersion
-(
- NSSCKFWInstance *fwInstance
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwInstance->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwInstance->libraryVersion.major) ||
- (0 != fwInstance->libraryVersion.minor) ) {
- rv = fwInstance->libraryVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwInstance->mdInstance->GetLibraryVersion ) {
- fwInstance->libraryVersion = fwInstance->mdInstance->GetLibraryVersion(
- fwInstance->mdInstance, fwInstance);
- } else {
- fwInstance->libraryVersion.major = 0;
- fwInstance->libraryVersion.minor = 1;
- }
-
- rv = fwInstance->libraryVersion;
- done:
- (void)nssCKFWMutex_Unlock(fwInstance->mutex);
- return rv;
-}
-
-/*
- * nssCKFWInstance_GetModuleHandlesSessionObjects
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWInstance_GetModuleHandlesSessionObjects
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->moduleHandlesSessionObjects;
-}
-
-/*
- * nssCKFWInstance_GetSlots
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot **
-nssCKFWInstance_GetSlots
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSlot **)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSlot **)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwInstance->fwSlotList;
-}
-
-/*
- * nssCKFWInstance_WaitForSlotEvent
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWInstance_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL block,
- CK_RV *pError
-)
-{
- NSSCKFWSlot *fwSlot = (NSSCKFWSlot *)NULL;
- NSSCKMDSlot *mdSlot;
- CK_ULONG i, n;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- switch( block ) {
- case CK_TRUE:
- case CK_FALSE:
- break;
- default:
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwInstance->mdInstance->WaitForSlotEvent ) {
- *pError = CKR_NO_EVENT;
- return (NSSCKFWSlot *)NULL;
- }
-
- mdSlot = fwInstance->mdInstance->WaitForSlotEvent(
- fwInstance->mdInstance,
- fwInstance,
- block,
- pError
- );
-
- if( (NSSCKMDSlot *)NULL == mdSlot ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- n = nssCKFWInstance_GetNSlots(fwInstance, pError);
- if( ((CK_ULONG)0 == n) && (CKR_OK != *pError) ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- for( i = 0; i < n; i++ ) {
- if( fwInstance->mdSlotList[i] == mdSlot ) {
- fwSlot = fwInstance->fwSlotList[i];
- break;
- }
- }
-
- if( (NSSCKFWSlot *)NULL == fwSlot ) {
- /* Internal error */
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWSlot *)NULL;
- }
-
- return fwSlot;
-}
-
-/*
- * NSSCKFWInstance_GetMDInstance
- *
- */
-NSS_IMPLEMENT NSSCKMDInstance *
-NSSCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSCKMDInstance *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_GetMDInstance(fwInstance);
-}
-
-/*
- * NSSCKFWInstance_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-NSSCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_GetArena(fwInstance, pError);
-}
-
-/*
- * NSSCKFWInstance_MayCreatePthreads
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return CK_FALSE;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_MayCreatePthreads(fwInstance);
-}
-
-/*
- * NSSCKFWInstance_CreateMutex
- *
- */
-NSS_IMPLEMENT NSSCKFWMutex *
-NSSCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWMutex *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWMutex *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
-}
-
-/*
- * NSSCKFWInstance_GetConfigurationData
- *
- */
-NSS_IMPLEMENT NSSUTF8 *
-NSSCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWInstance_verifyPointer(fwInstance) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWInstance_GetConfigurationData(fwInstance);
-}
diff --git a/security/nss/lib/ckfw/manifest.mn b/security/nss/lib/ckfw/manifest.mn
deleted file mode 100644
index 8a4f15086..000000000
--- a/security/nss/lib/ckfw/manifest.mn
+++ /dev/null
@@ -1,79 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-DIRS = builtins
-
-PRIVATE_EXPORTS = \
- ck.h \
- ckfw.h \
- ckfwm.h \
- ckfwtm.h \
- ckmd.h \
- ckt.h \
- $(NULL)
-
-EXPORTS = \
- nssck.api \
- nssckepv.h \
- nssckft.h \
- nssckfw.h \
- nssckfwc.h \
- nssckfwt.h \
- nssckg.h \
- nssckmdt.h \
- nssckt.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- find.c \
- hash.c \
- instance.c \
- mutex.c \
- nsprstub.c \
- object.c \
- session.c \
- sessobj.c \
- slot.c \
- token.c \
- wrap.c \
- mechanism.c \
- $(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nssckfw
diff --git a/security/nss/lib/ckfw/mechanism.c b/security/nss/lib/ckfw/mechanism.c
deleted file mode 100644
index 634c5ae8b..000000000
--- a/security/nss/lib/ckfw/mechanism.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * mechanism.c
- *
- * This file implements the NSSCKFWMechanism type and methods.
- * These functions are currently stubs.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWMechanism
- *
- * -- create/destroy --
- * nssCKFWMechanism_Create
- * nssCKFWMechanism_Destroy
- *
- * -- implement public accessors --
- * nssCKFWMechanism_GetMDMechanism
- * nssCKFWMechanism_GetParameter
- *
- * -- private accessors --
- *
- * -- module fronts --
- * nssCKFWMechanism_GetMinKeySize
- * nssCKFWMechanism_GetMaxKeySize
- * nssCKFWMechanism_GetInHardware
- */
-
-
-struct NSSCKFWMechanismStr {
- void * dummy;
-};
-
-/*
- * nssCKFWMechanism_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWMechanism *
-nssCKFWMechanism_Create
-(
- void /* XXX fgmr */
-)
-{
- return (NSSCKFWMechanism *)NULL;
-}
-
-/*
- * nssCKFWMechanism_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWMechanism_Destroy
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return CKR_OK;
-}
-
-/*
- * nssCKFWMechanism_GetMDMechanism
- *
- */
-
-NSS_IMPLEMENT NSSCKMDMechanism *
-nssCKFWMechanism_GetMDMechanism
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return NULL;
-}
-
-/*
- * nssCKFWMechanism_GetParameter
- *
- * XXX fgmr-- or as an additional parameter to the crypto ops?
- */
-NSS_IMPLEMENT NSSItem *
-nssCKFWMechanism_GetParameter
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return NULL;
-}
-
-/*
- * nssCKFWMechanism_GetMinKeySize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWMechanism_GetMinKeySize
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return 0;
-}
-
-/*
- * nssCKFWMechanism_GetMaxKeySize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWMechanism_GetMaxKeySize
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return 0;
-}
-
-/*
- * nssCKFWMechanism_GetInHardware
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWMechanism_GetInHardware
-(
- NSSCKFWMechanism *fwMechanism
-)
-{
- return PR_FALSE;
-}
-
diff --git a/security/nss/lib/ckfw/mutex.c b/security/nss/lib/ckfw/mutex.c
deleted file mode 100644
index 789616683..000000000
--- a/security/nss/lib/ckfw/mutex.c
+++ /dev/null
@@ -1,345 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * mutex.c
- *
- * This file implements a mutual-exclusion locking facility for Modules
- * using the NSS Cryptoki Framework.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWMutex
- *
- * NSSCKFWMutex_Destroy
- * NSSCKFWMutex_Lock
- * NSSCKFWMutex_Unlock
- *
- * nssCKFWMutex_Create
- * nssCKFWMutex_Destroy
- * nssCKFWMutex_Lock
- * nssCKFWMutex_Unlock
- *
- * -- debugging versions only --
- * nssCKFWMutex_verifyPointer
- *
- */
-
-struct NSSCKFWMutexStr {
- CK_VOID_PTR etc;
-
- CK_DESTROYMUTEX Destroy;
- CK_LOCKMUTEX Lock;
- CK_UNLOCKMUTEX Unlock;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-mutex_add_pointer
-(
- const NSSCKFWMutex *fwMutex
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-mutex_remove_pointer
-(
- const NSSCKFWMutex *fwMutex
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWMutex_verifyPointer
-(
- const NSSCKFWMutex *fwMutex
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-static CK_RV
-mutex_noop
-(
- CK_VOID_PTR pMutex
-)
-{
- return CKR_OK;
-}
-
-/*
- * nssCKFWMutex_Create
- *
- */
-NSS_EXTERN NSSCKFWMutex *
-nssCKFWMutex_Create
-(
- CK_C_INITIALIZE_ARGS_PTR pInitArgs,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- NSSCKFWMutex *mutex;
- CK_ULONG count = (CK_ULONG)0;
- CK_BBOOL os_ok = CK_FALSE;
-
- if( (CK_C_INITIALIZE_ARGS_PTR)NULL != pInitArgs ) {
- if( (CK_CREATEMUTEX )NULL != pInitArgs->CreateMutex ) count++;
- if( (CK_DESTROYMUTEX)NULL != pInitArgs->DestroyMutex ) count++;
- if( (CK_LOCKMUTEX )NULL != pInitArgs->LockMutex ) count++;
- if( (CK_UNLOCKMUTEX )NULL != pInitArgs->UnlockMutex ) count++;
- os_ok = (pInitArgs->flags & CKF_OS_LOCKING_OK) ? CK_TRUE : CK_FALSE;
-
- if( (0 != count) && (4 != count) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWMutex *)NULL;
- }
- }
-
- if( (0 == count) && (CK_TRUE == os_ok) ) {
- /*
- * This is case #2 in the description of C_Initialize:
- * The library will be called in a multithreaded way, but
- * no routines were specified: os locking calls should be
- * used. Unfortunately, this can be hard.. like, I think
- * I may have to dynamically look up the entry points in
- * the instance of NSPR already going in the application.
- *
- * I know that *we* always specify routines, so this only
- * comes up if someone is using NSS to create their own
- * PCKS#11 modules for other products. Oh, heck, I'll
- * worry about this then.
- */
- *pError = CKR_CANT_LOCK;
- return (NSSCKFWMutex *)NULL;
- }
-
- mutex = nss_ZNEW(arena, NSSCKFWMutex);
- if( (NSSCKFWMutex *)NULL == mutex ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWMutex *)NULL;
- }
-
- if( 0 == count ) {
- /*
- * With the above test out of the way, we know this is case
- * #1 in the description of C_Initialize: this library will
- * not be called in a multithreaded way. I'll just return
- * an object with noop calls.
- */
-
- mutex->Destroy = (CK_DESTROYMUTEX)mutex_noop;
- mutex->Lock = (CK_LOCKMUTEX )mutex_noop;
- mutex->Unlock = (CK_UNLOCKMUTEX )mutex_noop;
- } else {
- /*
- * We know that we're in either case #3 or #4 in the description
- * of C_Initialize. Case #3 says we should use the specified
- * functions, case #4 cays we can use either the specified ones
- * or the OS ones. I'll use the specified ones.
- */
-
- mutex->Destroy = pInitArgs->DestroyMutex;
- mutex->Lock = pInitArgs->LockMutex;
- mutex->Unlock = pInitArgs->UnlockMutex;
-
- *pError = pInitArgs->CreateMutex(&mutex->etc);
- if( CKR_OK != *pError ) {
- (void)nss_ZFreeIf(mutex);
- return (NSSCKFWMutex *)NULL;
- }
- }
-
-#ifdef DEBUG
- *pError = mutex_add_pointer(mutex);
- if( CKR_OK != *pError ) {
- (void)nss_ZFreeIf(mutex);
- return (NSSCKFWMutex *)NULL;
- }
-#endif /* DEBUG */
-
- return mutex;
-}
-
-/*
- * nssCKFWMutex_Destroy
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-)
-{
- CK_RV rv = CKR_OK;
-
-#ifdef NSSDEBUG
- rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* NSSDEBUG */
-
- rv = mutex->Destroy(mutex->etc);
-
-#ifdef DEBUG
- (void)mutex_remove_pointer(mutex);
-#endif /* DEBUG */
-
- (void)nss_ZFreeIf(mutex);
- return rv;
-}
-
-/*
- * nssCKFWMutex_Lock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef NSSDEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* NSSDEBUG */
-
- return mutex->Lock(mutex->etc);
-}
-
-/*
- * nssCKFWMutex_Unlock
- *
- */
-NSS_EXTERN CK_RV
-nssCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef NSSDEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* NSSDEBUG */
-
- return mutex->Unlock(mutex->etc);
-}
-
-/*
- * NSSCKFWMutex_Destroy
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef DEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* DEBUG */
-
- return nssCKFWMutex_Destroy(mutex);
-}
-
-/*
- * NSSCKFWMutex_Lock
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef DEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* DEBUG */
-
- return nssCKFWMutex_Lock(mutex);
-}
-
-/*
- * NSSCKFWMutex_Unlock
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-)
-{
-#ifdef DEBUG
- CK_RV rv = nssCKFWMutex_verifyPointer(mutex);
- if( CKR_OK != rv ) {
- return rv;
- }
-#endif /* DEBUG */
-
- return nssCKFWMutex_Unlock(mutex);
-}
diff --git a/security/nss/lib/ckfw/nsprstub.c b/security/nss/lib/ckfw/nsprstub.c
deleted file mode 100644
index e4c33cdbd..000000000
--- a/security/nss/lib/ckfw/nsprstub.c
+++ /dev/null
@@ -1,442 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * secport.c - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- *
- * NOTE - These are not public interfaces. These stubs are to allow the
- * SW FORTEZZA to link with some low level security functions without dragging
- * in NSPR.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "plarena.h"
-#include "secerr.h"
-#include "prmon.h"
-#include "prbit.h"
-#include "ck.h"
-
-#ifdef notdef
-unsigned long port_allocFailures;
-
-/* locations for registering Unicode conversion functions.
- * Is this the appropriate location? or should they be
- * moved to client/server specific locations?
- */
-PORTCharConversionFunc ucs4Utf8ConvertFunc;
-PORTCharConversionFunc ucs2Utf8ConvertFunc;
-PORTCharConversionWSwapFunc ucs2AsciiConvertFunc;
-
-void *
-PORT_Alloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)malloc(bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void *
-PORT_Realloc(void *oldptr, size_t bytes)
-{
- void *rv;
-
- rv = (void *)realloc(oldptr, bytes);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void *
-PORT_ZAlloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)calloc(1, bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void
-PORT_Free(void *ptr)
-{
- if (ptr) {
- free(ptr);
- }
-}
-
-void
-PORT_ZFree(void *ptr, size_t len)
-{
- if (ptr) {
- memset(ptr, 0, len);
- free(ptr);
- }
-}
-
-/********************* Arena code follows *****************************/
-
-
-PLArenaPool *
-PORT_NewArena(unsigned long chunksize)
-{
- PLArenaPool *arena;
-
- arena = (PLArenaPool*)PORT_ZAlloc(sizeof(PLArenaPool));
- if ( arena != NULL ) {
- PR_InitArenaPool(arena, "security", chunksize, sizeof(double));
- }
- return(arena);
-}
-
-void *
-PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PL_ARENA_ALLOCATE(p, arena, size);
- if (p == NULL) {
- ++port_allocFailures;
- }
-
- return(p);
-}
-
-void *
-PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PL_ARENA_ALLOCATE(p, arena, size);
- if (p == NULL) {
- ++port_allocFailures;
- } else {
- PORT_Memset(p, 0, size);
- }
-
- return(p);
-}
-
-/* need to zeroize!! */
-void
-PORT_FreeArena(PLArenaPool *arena, PRBool zero)
-{
- PR_FinishArenaPool(arena);
- PORT_Free(arena);
-}
-
-void *
-PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
-{
- PORT_Assert(newsize >= oldsize);
-
- PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
-
- return(ptr);
-}
-
-void *
-PORT_ArenaMark(PLArenaPool *arena)
-{
- void * result;
-
- result = PL_ARENA_MARK(arena);
- return result;
-}
-
-void
-PORT_ArenaRelease(PLArenaPool *arena, void *mark)
-{
- PL_ARENA_RELEASE(arena, mark);
-}
-
-void
-PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
-{
- /* do nothing */
-}
-
-char *
-PORT_ArenaStrdup(PLArenaPool *arena,char *str) {
- int len = PORT_Strlen(str)+1;
- char *newstr;
-
- newstr = (char*)PORT_ArenaAlloc(arena,len);
- if (newstr) {
- PORT_Memcpy(newstr,str,len);
- }
- return newstr;
-}
-#endif
-
-/*
- * replace the nice thread-safe Error stack code with something
- * that will work without all the NSPR features.
- */
-static PRInt32 stack[2] = {0, 0};
-
-PR_IMPLEMENT(void)
-nss_SetError(PRUint32 value)
-{
- stack[0] = value;
- return;
-}
-
-PR_IMPLEMENT(PRInt32)
-NSS_GetError(void)
-{
- return(stack[0]);
-}
-
-
-PR_IMPLEMENT(PRInt32 *)
-NSS_GetErrorStack(void)
-{
- return(&stack[0]);
-}
-
-PR_IMPLEMENT(void)
-nss_ClearErrorStack(void)
-{
- stack[0] = 0;
- return;
-}
-
-#ifdef DEBUG
-/*
- * replace the pointer tracking stuff for the same reasons.
- * If you want to turn pointer tracking on, simply ifdef out this code and
- * link with real NSPR.
- */
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_initialize(nssPointerTracker *tracker)
-{
- return PR_SUCCESS;
-}
-
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_finalize(nssPointerTracker *tracker)
-{
- return PR_SUCCESS;
-}
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_add(nssPointerTracker *tracker, const void *pointer)
-{
- return PR_SUCCESS;
-}
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_remove(nssPointerTracker *tracker, const void *pointer)
-{
- return PR_SUCCESS;
-}
-
-PR_IMPLEMENT(PRStatus)
-nssPointerTracker_verify(nssPointerTracker *tracker, const void *pointer)
-{
- return PR_SUCCESS;
-}
-#endif
-
-PR_IMPLEMENT(PRThread *)
-PR_GetCurrentThread(void)
-{
- return (PRThread *)1;
-}
-
-
-
-PR_IMPLEMENT(void)
-PR_Assert(const char *expr, const char *file, int line) {
- return;
-}
-
-PR_IMPLEMENT(void *)
-PR_Alloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Malloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Calloc(PRUint32 blocks, PRUint32 bytes) { return calloc(blocks,bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Realloc(void * blocks, PRUint32 bytes) { return realloc(blocks,bytes); }
-
-PR_IMPLEMENT(void)
-PR_Free(void *ptr) { free(ptr); }
-
-#ifdef notdef
-/* Old template; want to expunge it eventually. */
-#include "secasn1.h"
-#include "secoid.h"
-
-const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECAlgorithmID) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SECAlgorithmID,algorithm), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(SECAlgorithmID,parameters), },
- { 0, }
-};
-
-PR_IMPLEMENT(PRStatus) PR_Sleep(PRIntervalTime ticks) { return PR_SUCCESS; }
-
-/* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicDecrement(PRInt32 *val) { return --(*val); }
-
-PR_IMPLEMENT(PRInt32) PR_AtomicSet(PRInt32 *val) { return ++(*val); }
-
-#endif
-
-/* now make the RNG happy */ /* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicIncrement(PRInt32 *val) { return ++(*val); }
-
-CK_C_INITIALIZE_ARGS_PTR nssstub_initArgs = NULL;
-NSSArena *nssstub_arena = NULL;
-PR_IMPLEMENT(void)
-nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs)
-{
- if (nssstub_initArgs == NULL) {
- nssstub_initArgs = pInitArgs;
- /* nssstub_arena = NSSArena_Create(); */
- }
-}
-
-#include "prlock.h"
-PR_IMPLEMENT(PRLock *)
-PR_NewLock(void) {
- PRLock *lock = NULL;
- NSSCKFWMutex *mlock = NULL;
- CK_RV error;
-
- mlock = nssCKFWMutex_Create(nssstub_initArgs,nssstub_arena,&error);
- lock = (PRLock *)mlock;
-
- /* if we don't have a lock, nssCKFWMutex can deal with things */
- if (lock == NULL) lock=(PRLock *) 1;
- return lock;
-}
-
-PR_IMPLEMENT(void)
-PR_DestroyLock(PRLock *lock) {
- NSSCKFWMutex *mlock = (NSSCKFWMutex *)lock;
- if (lock == (PRLock *)1) return;
- nssCKFWMutex_Destroy(mlock);
-}
-
-PR_IMPLEMENT(void)
-PR_Lock(PRLock *lock) {
- NSSCKFWMutex *mlock = (NSSCKFWMutex *)lock;
- if (lock == (PRLock *)1) return;
- nssCKFWMutex_Lock(mlock);
-}
-
-PR_IMPLEMENT(PRStatus)
-PR_Unlock(PRLock *lock) {
- NSSCKFWMutex *mlock = (NSSCKFWMutex *)lock;
- if (lock == (PRLock *)1) return PR_SUCCESS;
- nssCKFWMutex_Unlock(mlock);
- return PR_SUCCESS;
-}
-
-#ifdef notdef
-#endif
-/* this implementation is here to satisfy the PRMonitor use in plarena.c.
-** It appears that it doesn't need re-entrant locks. It could have used
-** PRLock instead of PRMonitor. So, this implementation just uses
-** PRLock for a PRMonitor.
-*/
-PR_IMPLEMENT(PRMonitor*)
-PR_NewMonitor(void)
-{
- return (PRMonitor *) PR_NewLock();
-}
-
-
-PR_IMPLEMENT(void)
-PR_EnterMonitor(PRMonitor *mon)
-{
- PR_Lock( (PRLock *)mon );
-}
-
-PR_IMPLEMENT(PRStatus)
-PR_ExitMonitor(PRMonitor *mon)
-{
- return PR_Unlock( (PRLock *)mon );
-}
-
-#include "prinit.h"
-
-/* This is NOT threadsafe. It is merely a pseudo-functional stub.
-*/
-PR_IMPLEMENT(PRStatus) PR_CallOnce(
- PRCallOnceType *once,
- PRCallOnceFN func)
-{
- /* This is not really atomic! */
- if (1 == PR_AtomicIncrement(&once->initialized)) {
- once->status = (*func)();
- } else {
- /* Should wait to be sure that func has finished before returning. */
- }
- return once->status;
-}
-
-/*
-** Compute the log of the least power of 2 greater than or equal to n
-*/
-PRIntn PR_CeilingLog2(PRUint32 i) {
- PRIntn log2;
- PR_CEILING_LOG2(log2,i);
- return log2;
-}
-
-/********************** end of arena functions ***********************/
-
diff --git a/security/nss/lib/ckfw/nssck.api b/security/nss/lib/ckfw/nssck.api
deleted file mode 100644
index 9abc795c1..000000000
--- a/security/nss/lib/ckfw/nssck.api
+++ /dev/null
@@ -1,1889 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char NSSCKAPI_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$ ; @(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssck.api
- *
- * This automatically-generated file is used to generate a set of
- * Cryptoki entry points within the object space of a Module using
- * the NSS Cryptoki Framework.
- *
- * The Module should have a .c file with the following:
- *
- * #define MODULE_NAME name
- * #define INSTANCE_NAME instance
- * #include "nssck.api"
- *
- * where "name" is some module-specific name that can be used to
- * disambiguate various modules. This included file will then
- * define the actual Cryptoki routines which pass through to the
- * Framework calls. All routines, except C_GetFunctionList, will
- * be prefixed with the name; C_GetFunctionList will be generated
- * to return an entry-point vector with these routines. The
- * instance specified should be the basic instance of NSSCKMDInstance.
- *
- * If, prior to including nssck.api, the .c file also specifies
- *
- * #define DECLARE_STRICT_CRYTPOKI_NAMES
- *
- * Then a set of "stub" routines not prefixed with the name will
- * be included. This would allow the combined module and framework
- * to be used in applications which are hard-coded to use the
- * PKCS#11 names (instead of going through the EPV). Please note
- * that such applications should be careful resolving symbols when
- * more than one PKCS#11 module is loaded.
- */
-
-#ifndef MODULE_NAME
-#error "Error: MODULE_NAME must be defined."
-#endif /* MODULE_NAME */
-
-#ifndef INSTANCE_NAME
-#error "Error: INSTANCE_NAME must be defined."
-#endif /* INSTANCE_NAME */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKFWC_H
-#include "nssckfwc.h"
-#endif /* NSSCKFWC_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#define __ADJOIN(x,y) x##y
-
-/*
- * The anchor. This object is used to store an "anchor" pointer in
- * the Module's object space, so the wrapper functions can relate
- * back to this instance.
- */
-
-static NSSCKFWInstance *fwInstance = (NSSCKFWInstance *)0;
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Initialize)
-(
- CK_VOID_PTR pInitArgs
-)
-{
- return NSSCKFWC_Initialize(&fwInstance, INSTANCE_NAME, pInitArgs);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Initialize
-(
- CK_VOID_PTR pInitArgs
-)
-{
- return __ADJOIN(MODULE_NAME,C_Initialize)(pInitArgs);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Finalize)
-(
- CK_VOID_PTR pReserved
-)
-{
- return NSSCKFWC_Finalize(&fwInstance);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Finalize
-(
- CK_VOID_PTR pReserved
-)
-{
- return __ADJOIN(MODULE_NAME,C_Finalize)(pReserved);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetInfo)
-(
- CK_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetInfo(fwInstance, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetInfo
-(
- CK_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetInfo)(pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-/*
- * C_GetFunctionList is defined at the end.
- */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetSlotList)
-(
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-)
-{
- return NSSCKFWC_GetSlotList(fwInstance, tokenPresent, pSlotList, pulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetSlotList
-(
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetSlotList)(tokenPresent, pSlotList, pulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetSlotInfo)
-(
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetSlotInfo(fwInstance, slotID, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetSlotInfo
-(
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetSlotInfo)(slotID, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetTokenInfo)
-(
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetTokenInfo(fwInstance, slotID, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetTokenInfo
-(
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetTokenInfo)(slotID, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetMechanismList)
-(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-)
-{
- return NSSCKFWC_GetMechanismList(fwInstance, slotID, pMechanismList, pulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetMechanismList
-(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetMechanismList)(slotID, pMechanismList, pulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetMechanismInfo)
-(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetMechanismInfo(fwInstance, slotID, type, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetMechanismInfo
-(
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetMechanismInfo)(slotID, type, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_InitToken)
-(
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-)
-{
- return NSSCKFWC_InitToken(fwInstance, slotID, pPin, ulPinLen, pLabel);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_InitToken
-(
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-)
-{
- return __ADJOIN(MODULE_NAME,C_InitToken)(slotID, pPin, ulPinLen, pLabel);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_InitPIN)
-(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- return NSSCKFWC_InitPIN(fwInstance, hSession, pPin, ulPinLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_InitPIN
-(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_InitPIN)(hSession, pPin, ulPinLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SetPIN)
-(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-)
-{
- return NSSCKFWC_SetPIN(fwInstance, hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SetPIN
-(
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SetPIN)(hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_OpenSession)
-(
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-)
-{
- return NSSCKFWC_OpenSession(fwInstance, slotID, flags, pApplication, Notify, phSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_OpenSession
-(
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_OpenSession)(slotID, flags, pApplication, Notify, phSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CloseSession)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_CloseSession(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CloseSession
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_CloseSession)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CloseAllSessions)
-(
- CK_SLOT_ID slotID
-)
-{
- return NSSCKFWC_CloseAllSessions(fwInstance, slotID);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CloseAllSessions
-(
- CK_SLOT_ID slotID
-)
-{
- return __ADJOIN(MODULE_NAME,C_CloseAllSessions)(slotID);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetSessionInfo)
-(
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-)
-{
- return NSSCKFWC_GetSessionInfo(fwInstance, hSession, pInfo);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetSessionInfo
-(
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetSessionInfo)(hSession, pInfo);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetOperationState)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-)
-{
- return NSSCKFWC_GetOperationState(fwInstance, hSession, pOperationState, pulOperationStateLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetOperationState
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetOperationState)(hSession, pOperationState, pulOperationStateLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SetOperationState)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
- return NSSCKFWC_SetOperationState(fwInstance, hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SetOperationState
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_SetOperationState)(hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Login)
-(
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- return NSSCKFWC_Login(fwInstance, hSession, userType, pPin, ulPinLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Login
-(
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Login)(hSession, userType, pPin, ulPinLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Logout)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_Logout(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Logout
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_Logout)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CreateObject)
-(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-)
-{
- return NSSCKFWC_CreateObject(fwInstance, hSession, pTemplate, ulCount, phObject);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CreateObject
-(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-)
-{
- return __ADJOIN(MODULE_NAME,C_CreateObject)(hSession, pTemplate, ulCount, phObject);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CopyObject)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
- return NSSCKFWC_CopyObject(fwInstance, hSession, hObject, pTemplate, ulCount, phNewObject);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CopyObject
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
- return __ADJOIN(MODULE_NAME,C_CopyObject)(hSession, hObject, pTemplate, ulCount, phNewObject);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DestroyObject)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-)
-{
- return NSSCKFWC_DestroyObject(fwInstance, hSession, hObject);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DestroyObject
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-)
-{
- return __ADJOIN(MODULE_NAME,C_DestroyObject)(hSession, hObject);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetObjectSize)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-)
-{
- return NSSCKFWC_GetObjectSize(fwInstance, hSession, hObject, pulSize);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetObjectSize
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetObjectSize)(hSession, hObject, pulSize);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetAttributeValue)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return NSSCKFWC_GetAttributeValue(fwInstance, hSession, hObject, pTemplate, ulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetAttributeValue
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetAttributeValue)(hSession, hObject, pTemplate, ulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SetAttributeValue)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return NSSCKFWC_SetAttributeValue(fwInstance, hSession, hObject, pTemplate, ulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SetAttributeValue
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_SetAttributeValue)(hSession, hObject, pTemplate, ulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_FindObjectsInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return NSSCKFWC_FindObjectsInit(fwInstance, hSession, pTemplate, ulCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_FindObjectsInit
-(
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_FindObjectsInit)(hSession, pTemplate, ulCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_FindObjects)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-)
-{
- return NSSCKFWC_FindObjects(fwInstance, hSession, phObject, ulMaxObjectCount, pulObjectCount);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_FindObjects
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-)
-{
- return __ADJOIN(MODULE_NAME,C_FindObjects)(hSession, phObject, ulMaxObjectCount, pulObjectCount);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_FindObjectsFinal)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_FindObjectsFinal(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_FindObjectsFinal
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_FindObjectsFinal)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_EncryptInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_EncryptInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_EncryptInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_EncryptInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Encrypt)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-)
-{
- return NSSCKFWC_Encrypt(fwInstance, hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Encrypt
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Encrypt)(hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_EncryptUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return NSSCKFWC_EncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_EncryptUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_EncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_EncryptFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
- return NSSCKFWC_EncryptFinal(fwInstance, hSession, pLastEncryptedPart, pulLastEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_EncryptFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_EncryptFinal)(hSession, pLastEncryptedPart, pulLastEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_DecryptInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Decrypt)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return NSSCKFWC_Decrypt(fwInstance, hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Decrypt
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Decrypt)(hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return NSSCKFWC_DecryptUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-)
-{
- return NSSCKFWC_DecryptFinal(fwInstance, hSession, pLastPart, pulLastPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptFinal)(hSession, pLastPart, pulLastPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-)
-{
- return NSSCKFWC_DigestInit(fwInstance, hSession, pMechanism);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestInit)(hSession, pMechanism);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Digest)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return NSSCKFWC_Digest(fwInstance, hSession, pData, ulDataLen, pDigest, pulDigestLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Digest
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Digest)(hSession, pData, ulDataLen, pDigest, pulDigestLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return NSSCKFWC_DigestUpdate(fwInstance, hSession, pPart, ulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestUpdate)(hSession, pPart, ulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_DigestKey(fwInstance, hSession, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestKey
-(
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestKey)(hSession, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return NSSCKFWC_DigestFinal(fwInstance, hSession, pDigest, pulDigestLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestFinal)(hSession, pDigest, pulDigestLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_SignInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Sign)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return NSSCKFWC_Sign(fwInstance, hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Sign
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Sign)(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return NSSCKFWC_SignUpdate(fwInstance, hSession, pPart, ulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignUpdate)(hSession, pPart, ulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return NSSCKFWC_SignFinal(fwInstance, hSession, pSignature, pulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignFinal)(hSession, pSignature, pulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignRecoverInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_SignRecoverInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignRecoverInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignRecoverInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignRecover)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return NSSCKFWC_SignRecover(fwInstance, hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignRecover
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignRecover)(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_VerifyInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_Verify)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return NSSCKFWC_Verify(fwInstance, hSession, pData, ulDataLen, pSignature, ulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_Verify
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_Verify)(hSession, pData, ulDataLen, pSignature, ulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return NSSCKFWC_VerifyUpdate(fwInstance, hSession, pPart, ulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyUpdate)(hSession, pPart, ulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyFinal)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return NSSCKFWC_VerifyFinal(fwInstance, hSession, pSignature, ulSignatureLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyFinal
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyFinal)(hSession, pSignature, ulSignatureLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyRecoverInit)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return NSSCKFWC_VerifyRecoverInit(fwInstance, hSession, pMechanism, hKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyRecoverInit
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyRecoverInit)(hSession, pMechanism, hKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_VerifyRecover)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return NSSCKFWC_VerifyRecover(fwInstance, hSession, pSignature, ulSignatureLen, pData, pulDataLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_VerifyRecover
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_VerifyRecover)(hSession, pSignature, ulSignatureLen, pData, pulDataLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DigestEncryptUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return NSSCKFWC_DigestEncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DigestEncryptUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DigestEncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptDigestUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return NSSCKFWC_DecryptDigestUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptDigestUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptDigestUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SignEncryptUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return NSSCKFWC_SignEncryptUpdate(fwInstance, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SignEncryptUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SignEncryptUpdate)(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return NSSCKFWC_DecryptVerifyUpdate(fwInstance, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DecryptVerifyUpdate
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate)(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GenerateKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return NSSCKFWC_GenerateKey(fwInstance, hSession, pMechanism, pTemplate, ulCount, phKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GenerateKey
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_GenerateKey)(hSession, pMechanism, pTemplate, ulCount, phKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GenerateKeyPair)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
- return NSSCKFWC_GenerateKeyPair(fwInstance, hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GenerateKeyPair
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_GenerateKeyPair)(hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_WrapKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-)
-{
- return NSSCKFWC_WrapKey(fwInstance, hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_WrapKey
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_WrapKey)(hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_UnwrapKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return NSSCKFWC_UnwrapKey(fwInstance, hSession, pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_UnwrapKey
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_UnwrapKey)(hSession, pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_DeriveKey)
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return NSSCKFWC_DeriveKey(fwInstance, hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_DeriveKey
-(
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return __ADJOIN(MODULE_NAME,C_DeriveKey)(hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_SeedRandom)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-)
-{
- return NSSCKFWC_SeedRandom(fwInstance, hSession, pSeed, ulSeedLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_SeedRandom
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_SeedRandom)(hSession, pSeed, ulSeedLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GenerateRandom)
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR RandomData,
- CK_ULONG ulRandomLen
-)
-{
- return NSSCKFWC_GenerateRandom(fwInstance, hSession, RandomData, ulRandomLen);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GenerateRandom
-(
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR RandomData,
- CK_ULONG ulRandomLen
-)
-{
- return __ADJOIN(MODULE_NAME,C_GenerateRandom)(hSession, RandomData, ulRandomLen);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionStatus)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_GetFunctionStatus(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_GetFunctionStatus
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetFunctionStatus)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_CancelFunction)
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return NSSCKFWC_CancelFunction(fwInstance, hSession);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_CancelFunction
-(
- CK_SESSION_HANDLE hSession
-)
-{
- return __ADJOIN(MODULE_NAME,C_CancelFunction)(hSession);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_WaitForSlotEvent)
-(
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pRserved
-)
-{
- return NSSCKFWC_WaitForSlotEvent(fwInstance, flags, pSlot, pRserved);
-}
-
-#ifdef DECLARE_STRICT_CRYPTOKI_NAMES
-CK_RV CK_ENTRY
-C_WaitForSlotEvent
-(
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pRserved
-)
-{
- return __ADJOIN(MODULE_NAME,C_WaitForSlotEvent)(flags, pSlot, pRserved);
-}
-#endif /* DECLARE_STRICT_CRYPTOKI_NAMES */
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-);
-
-static CK_FUNCTION_LIST FunctionList = {
- { 2, 1 },
-__ADJOIN(MODULE_NAME,C_Initialize),
-__ADJOIN(MODULE_NAME,C_Finalize),
-__ADJOIN(MODULE_NAME,C_GetInfo),
-__ADJOIN(MODULE_NAME,C_GetFunctionList),
-__ADJOIN(MODULE_NAME,C_GetSlotList),
-__ADJOIN(MODULE_NAME,C_GetSlotInfo),
-__ADJOIN(MODULE_NAME,C_GetTokenInfo),
-__ADJOIN(MODULE_NAME,C_GetMechanismList),
-__ADJOIN(MODULE_NAME,C_GetMechanismInfo),
-__ADJOIN(MODULE_NAME,C_InitToken),
-__ADJOIN(MODULE_NAME,C_InitPIN),
-__ADJOIN(MODULE_NAME,C_SetPIN),
-__ADJOIN(MODULE_NAME,C_OpenSession),
-__ADJOIN(MODULE_NAME,C_CloseSession),
-__ADJOIN(MODULE_NAME,C_CloseAllSessions),
-__ADJOIN(MODULE_NAME,C_GetSessionInfo),
-__ADJOIN(MODULE_NAME,C_GetOperationState),
-__ADJOIN(MODULE_NAME,C_SetOperationState),
-__ADJOIN(MODULE_NAME,C_Login),
-__ADJOIN(MODULE_NAME,C_Logout),
-__ADJOIN(MODULE_NAME,C_CreateObject),
-__ADJOIN(MODULE_NAME,C_CopyObject),
-__ADJOIN(MODULE_NAME,C_DestroyObject),
-__ADJOIN(MODULE_NAME,C_GetObjectSize),
-__ADJOIN(MODULE_NAME,C_GetAttributeValue),
-__ADJOIN(MODULE_NAME,C_SetAttributeValue),
-__ADJOIN(MODULE_NAME,C_FindObjectsInit),
-__ADJOIN(MODULE_NAME,C_FindObjects),
-__ADJOIN(MODULE_NAME,C_FindObjectsFinal),
-__ADJOIN(MODULE_NAME,C_EncryptInit),
-__ADJOIN(MODULE_NAME,C_Encrypt),
-__ADJOIN(MODULE_NAME,C_EncryptUpdate),
-__ADJOIN(MODULE_NAME,C_EncryptFinal),
-__ADJOIN(MODULE_NAME,C_DecryptInit),
-__ADJOIN(MODULE_NAME,C_Decrypt),
-__ADJOIN(MODULE_NAME,C_DecryptUpdate),
-__ADJOIN(MODULE_NAME,C_DecryptFinal),
-__ADJOIN(MODULE_NAME,C_DigestInit),
-__ADJOIN(MODULE_NAME,C_Digest),
-__ADJOIN(MODULE_NAME,C_DigestUpdate),
-__ADJOIN(MODULE_NAME,C_DigestKey),
-__ADJOIN(MODULE_NAME,C_DigestFinal),
-__ADJOIN(MODULE_NAME,C_SignInit),
-__ADJOIN(MODULE_NAME,C_Sign),
-__ADJOIN(MODULE_NAME,C_SignUpdate),
-__ADJOIN(MODULE_NAME,C_SignFinal),
-__ADJOIN(MODULE_NAME,C_SignRecoverInit),
-__ADJOIN(MODULE_NAME,C_SignRecover),
-__ADJOIN(MODULE_NAME,C_VerifyInit),
-__ADJOIN(MODULE_NAME,C_Verify),
-__ADJOIN(MODULE_NAME,C_VerifyUpdate),
-__ADJOIN(MODULE_NAME,C_VerifyFinal),
-__ADJOIN(MODULE_NAME,C_VerifyRecoverInit),
-__ADJOIN(MODULE_NAME,C_VerifyRecover),
-__ADJOIN(MODULE_NAME,C_DigestEncryptUpdate),
-__ADJOIN(MODULE_NAME,C_DecryptDigestUpdate),
-__ADJOIN(MODULE_NAME,C_SignEncryptUpdate),
-__ADJOIN(MODULE_NAME,C_DecryptVerifyUpdate),
-__ADJOIN(MODULE_NAME,C_GenerateKey),
-__ADJOIN(MODULE_NAME,C_GenerateKeyPair),
-__ADJOIN(MODULE_NAME,C_WrapKey),
-__ADJOIN(MODULE_NAME,C_UnwrapKey),
-__ADJOIN(MODULE_NAME,C_DeriveKey),
-__ADJOIN(MODULE_NAME,C_SeedRandom),
-__ADJOIN(MODULE_NAME,C_GenerateRandom),
-__ADJOIN(MODULE_NAME,C_GetFunctionStatus),
-__ADJOIN(MODULE_NAME,C_CancelFunction),
-__ADJOIN(MODULE_NAME,C_WaitForSlotEvent)
-};
-
-CK_RV CK_ENTRY
-__ADJOIN(MODULE_NAME,C_GetFunctionList)
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
- *ppFunctionList = &FunctionList;
- return CKR_OK;
-}
-
-/* This one is always present */
-#ifdef WIN32
-CK_RV _declspec(dllexport)
-#else
-CK_RV CK_ENTRY
-#endif
-C_GetFunctionList
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList
-)
-{
- return __ADJOIN(MODULE_NAME,C_GetFunctionList)(ppFunctionList);
-}
-
-#undef __ADJOIN
-
diff --git a/security/nss/lib/ckfw/nssckepv.h b/security/nss/lib/ckfw/nssckepv.h
deleted file mode 100644
index bfa79ac78..000000000
--- a/security/nss/lib/ckfw/nssckepv.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "pkcs11.h"
diff --git a/security/nss/lib/ckfw/nssckft.h b/security/nss/lib/ckfw/nssckft.h
deleted file mode 100644
index ef3e897ce..000000000
--- a/security/nss/lib/ckfw/nssckft.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "pkcs11t.h"
diff --git a/security/nss/lib/ckfw/nssckfw.h b/security/nss/lib/ckfw/nssckfw.h
deleted file mode 100644
index ce16f2b7b..000000000
--- a/security/nss/lib/ckfw/nssckfw.h
+++ /dev/null
@@ -1,499 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKFW_H
-#define NSSCKFW_H
-
-#ifdef DEBUG
-static const char NSSCKFW_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckfw.h
- *
- * This file prototypes the publicly available calls of the
- * NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-/*
- * NSSCKFWInstance
- *
- * NSSCKFWInstance_GetMDInstance
- * NSSCKFWInstance_GetArena
- * NSSCKFWInstance_MayCreatePthreads
- * NSSCKFWInstance_CreateMutex
- * NSSCKFWInstance_GetConfigurationData
- */
-
-/*
- * NSSCKFWInstance_GetMDInstance
- *
- */
-
-NSS_EXTERN NSSCKMDInstance *
-NSSCKFWInstance_GetMDInstance
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWInstance_GetArena
- *
- */
-
-NSS_EXTERN NSSArena *
-NSSCKFWInstance_GetArena
-(
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWInstance_MayCreatePthreads
- *
- */
-
-NSS_EXTERN CK_BBOOL
-NSSCKFWInstance_MayCreatePthreads
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWInstance_CreateMutex
- *
- */
-
-NSS_EXTERN NSSCKFWMutex *
-NSSCKFWInstance_CreateMutex
-(
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWInstance_GetConfigurationData
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSCKFWInstance_GetConfigurationData
-(
- NSSCKFWInstance *fwInstance
-);
-
-/*
- * NSSCKFWSlot
- *
- * NSSCKFWSlot_GetMDSlot
- * NSSCKFWSlot_GetFWInstance
- * NSSCKFWSlot_GetMDInstance
- *
- */
-
-/*
- * NSSCKFWSlot_GetMDSlot
- *
- */
-
-NSS_EXTERN NSSCKMDSlot *
-NSSCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWSlot_GetFWInstance
- *
- */
-
-NSS_EXTERN NSSCKFWInstance *
-NSSCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWSlot_GetMDInstance
- *
- */
-
-NSS_EXTERN NSSCKMDInstance *
-NSSCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-);
-
-/*
- * NSSCKFWToken
- *
- * NSSCKFWToken_GetMDToken
- * NSSCKFWToken_GetFWSlot
- * NSSCKFWToken_GetMDSlot
- * NSSCKFWToken_GetSessionState
- *
- */
-
-/*
- * NSSCKFWToken_GetMDToken
- *
- */
-
-NSS_EXTERN NSSCKMDToken *
-NSSCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWToken_GetArena
- *
- */
-
-NSS_EXTERN NSSArena *
-NSSCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWToken_GetFWSlot
- *
- */
-
-NSS_EXTERN NSSCKFWSlot *
-NSSCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWToken_GetMDSlot
- *
- */
-
-NSS_EXTERN NSSCKMDSlot *
-NSSCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWToken_GetSessionState
- *
- */
-
-NSS_EXTERN CK_STATE
-NSSCKFWSession_GetSessionState
-(
- NSSCKFWToken *fwToken
-);
-
-/*
- * NSSCKFWMechanism
- *
- * NSSKCFWMechanism_GetMDMechanism
- * NSSCKFWMechanism_GetParameter
- *
- */
-
-/*
- * NSSKCFWMechanism_GetMDMechanism
- *
- */
-
-NSS_EXTERN NSSCKMDMechanism *
-NSSCKFWMechanism_GetMDMechanism
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * NSSCKFWMechanism_GetParameter
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCKFWMechanism_GetParameter
-(
- NSSCKFWMechanism *fwMechanism
-);
-
-/*
- * NSSCKFWSession
- *
- * NSSCKFWSession_GetMDSession
- * NSSCKFWSession_GetArena
- * NSSCKFWSession_CallNotification
- * NSSCKFWSession_IsRWSession
- * NSSCKFWSession_IsSO
- *
- */
-
-/*
- * NSSCKFWSession_GetMDSession
- *
- */
-
-NSS_EXTERN NSSCKMDSession *
-NSSCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * NSSCKFWSession_GetArena
- *
- */
-
-NSS_EXTERN NSSArena *
-NSSCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWSession_CallNotification
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-);
-
-/*
- * NSSCKFWSession_IsRWSession
- *
- */
-
-NSS_EXTERN CK_BBOOL
-NSSCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * NSSCKFWSession_IsSO
- *
- */
-
-NSS_EXTERN CK_BBOOL
-NSSCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-);
-
-/*
- * NSSCKFWObject
- *
- * NSSCKFWObject_GetMDObject
- * NSSCKFWObject_GetArena
- * NSSCKFWObject_IsTokenObject
- * NSSCKFWObject_GetAttributeCount
- * NSSCKFWObject_GetAttributeTypes
- * NSSCKFWObject_GetAttributeSize
- * NSSCKFWObject_GetAttribute
- * NSSCKFWObject_GetObjectSize
- */
-
-/*
- * NSSCKFWObject_GetMDObject
- *
- */
-NSS_EXTERN NSSCKMDObject *
-NSSCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * NSSCKFWObject_GetArena
- *
- */
-NSS_EXTERN NSSArena *
-NSSCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_IsTokenObject
- *
- */
-NSS_EXTERN CK_BBOOL
-NSSCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-);
-
-/*
- * NSSCKFWObject_GetAttributeCount
- *
- */
-NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_GetAttributeTypes
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWObject_GetAttributeSize
- *
- */
-NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_GetAttribute
- *
- */
-NSS_EXTERN NSSItem *
-NSSCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWObject_GetObjectSize
- *
- */
-NSS_EXTERN CK_ULONG
-NSSCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-);
-
-/*
- * NSSCKFWFindObjects
- *
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- */
-
-/*
- * NSSCKFWFindObjects_GetMDFindObjects
- *
- */
-
-NSS_EXTERN NSSCKMDFindObjects *
-NSSCKFWFindObjects_GetMDFindObjects
-(
- NSSCKFWFindObjects *
-);
-
-/*
- * NSSCKFWMutex
- *
- * NSSCKFWMutex_Destroy
- * NSSCKFWMutex_Lock
- * NSSCKFWMutex_Unlock
- *
- */
-
-/*
- * NSSCKFWMutex_Destroy
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Destroy
-(
- NSSCKFWMutex *mutex
-);
-
-/*
- * NSSCKFWMutex_Lock
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Lock
-(
- NSSCKFWMutex *mutex
-);
-
-/*
- * NSSCKFWMutex_Unlock
- *
- */
-
-NSS_EXTERN CK_RV
-NSSCKFWMutex_Unlock
-(
- NSSCKFWMutex *mutex
-);
-
-#endif /* NSSCKFW_H */
-
diff --git a/security/nss/lib/ckfw/nssckfwc.h b/security/nss/lib/ckfw/nssckfwc.h
deleted file mode 100644
index 02b15ec35..000000000
--- a/security/nss/lib/ckfw/nssckfwc.h
+++ /dev/null
@@ -1,1046 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKFWC_H
-#define NSSCKFWC_H
-
-#ifdef DEBUG
-static const char NSSCKFWC_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckfwc.h
- *
- * This file prototypes all of the NSS Cryptoki Framework "wrapper"
- * which implement the PKCS#11 API. Technically, these are public
- * routines (with capital "NSS" prefixes), since they are called
- * from (generated) code within a Module using the Framework.
- * However, they should not be called except from those generated
- * calls. Hence, the prototypes have been split out into this file.
- */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-#ifndef NSSCKMDT_H
-#include "nssckmdt.h"
-#endif /* NSSCKMDT_H */
-
-/*
- * NSSCKFWC_Initialize
- * NSSCKFWC_Finalize
- * NSSCKFWC_GetInfo
- * -- NSSCKFWC_GetFunctionList -- see the API insert file
- * NSSCKFWC_GetSlotList
- * NSSCKFWC_GetSlotInfo
- * NSSCKFWC_GetTokenInfo
- * NSSCKFWC_WaitForSlotEvent
- * NSSCKFWC_GetMechanismList
- * NSSCKFWC_GetMechanismInfo
- * NSSCKFWC_InitToken
- * NSSCKFWC_InitPIN
- * NSSCKFWC_SetPIN
- * NSSCKFWC_OpenSession
- * NSSCKFWC_CloseSession
- * NSSCKFWC_CloseAllSessions
- * NSSCKFWC_GetSessionInfo
- * NSSCKFWC_GetOperationState
- * NSSCKFWC_SetOperationState
- * NSSCKFWC_Login
- * NSSCKFWC_Logout
- * NSSCKFWC_CreateObject
- * NSSCKFWC_CopyObject
- * NSSCKFWC_DestroyObject
- * NSSCKFWC_GetObjectSize
- * NSSCKFWC_GetAttributeValue
- * NSSCKFWC_SetAttributeValue
- * NSSCKFWC_FindObjectsInit
- * NSSCKFWC_FindObjects
- * NSSCKFWC_FindObjectsFinal
- * NSSCKFWC_EncryptInit
- * NSSCKFWC_Encrypt
- * NSSCKFWC_EncryptUpdate
- * NSSCKFWC_EncryptFinal
- * NSSCKFWC_DecryptInit
- * NSSCKFWC_Decrypt
- * NSSCKFWC_DecryptUpdate
- * NSSCKFWC_DecryptFinal
- * NSSCKFWC_DigestInit
- * NSSCKFWC_Digest
- * NSSCKFWC_DigestUpdate
- * NSSCKFWC_DigestKey
- * NSSCKFWC_DigestFinal
- * NSSCKFWC_SignInit
- * NSSCKFWC_Sign
- * NSSCKFWC_SignUpdate
- * NSSCKFWC_SignFinal
- * NSSCKFWC_SignRecoverInit
- * NSSCKFWC_SignRecover
- * NSSCKFWC_VerifyInit
- * NSSCKFWC_Verify
- * NSSCKFWC_VerifyUpdate
- * NSSCKFWC_VerifyFinal
- * NSSCKFWC_VerifyRecoverInit
- * NSSCKFWC_VerifyRecover
- * NSSCKFWC_DigestEncryptUpdate
- * NSSCKFWC_DecryptDigestUpdate
- * NSSCKFWC_SignEncryptUpdate
- * NSSCKFWC_DecryptVerifyUpdate
- * NSSCKFWC_GenerateKey
- * NSSCKFWC_GenerateKeyPair
- * NSSCKFWC_WrapKey
- * NSSCKFWC_UnwrapKey
- * NSSCKFWC_DeriveKey
- * NSSCKFWC_SeedRandom
- * NSSCKFWC_GenerateRandom
- * NSSCKFWC_GetFunctionStatus
- * NSSCKFWC_CancelFunction
- */
-
-/*
- * NSSCKFWC_Initialize
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Initialize
-(
- NSSCKFWInstance **pFwInstance,
- NSSCKMDInstance *mdInstance,
- CK_VOID_PTR pInitArgs
-);
-
-/*
- * NSSCKFWC_Finalize
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Finalize
-(
- NSSCKFWInstance **pFwInstance
-);
-
-/*
- * NSSCKFWC_GetInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_INFO_PTR pInfo
-);
-
-/*
- * C_GetFunctionList is implemented entirely in the Module's file which
- * includes the Framework API insert file. It requires no "actual"
- * NSSCKFW routine.
- */
-
-/*
- * NSSCKFWC_GetSlotList
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetSlotList
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-);
-
-/*
- * NSSCKFWC_GetSlotInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetSlotInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_GetTokenInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetTokenInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_WaitForSlotEvent
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved
-);
-
-/*
- * NSSCKFWC_GetMechanismList
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetMechanismList
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-);
-
-/*
- * NSSCKFWC_GetMechanismInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetMechanismInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_InitToken
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_InitToken
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-);
-
-/*
- * NSSCKFWC_InitPIN
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_InitPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-);
-
-/*
- * NSSCKFWC_SetPIN
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SetPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-);
-
-/*
- * NSSCKFWC_OpenSession
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_OpenSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-);
-
-/*
- * NSSCKFWC_CloseSession
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CloseSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_CloseAllSessions
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CloseAllSessions
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID
-);
-
-/*
- * NSSCKFWC_GetSessionInfo
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetSessionInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-);
-
-/*
- * NSSCKFWC_GetOperationState
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-);
-
-/*
- * NSSCKFWC_SetOperationState
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-);
-
-/*
- * NSSCKFWC_Login
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Login
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-);
-
-/*
- * NSSCKFWC_Logout
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Logout
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_CreateObject
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CreateObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-);
-
-/*
- * NSSCKFWC_CopyObject
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CopyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-);
-
-/*
- * NSSCKFWC_DestroyObject
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DestroyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-);
-
-/*
- * NSSCKFWC_GetObjectSize
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetObjectSize
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-);
-
-/*
- * NSSCKFWC_GetAttributeValue
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWC_SetAttributeValue
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWC_FindObjectsInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_FindObjectsInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-);
-
-/*
- * NSSCKFWC_FindObjects
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_FindObjects
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-);
-
-/*
- * NSSCKFWC_FindObjectsFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_FindObjectsFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_EncryptInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_EncryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Encrypt
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Encrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-);
-
-/*
- * NSSCKFWC_EncryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_EncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_EncryptFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_EncryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_DecryptInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Decrypt
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Decrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-);
-
-/*
- * NSSCKFWC_DecryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-);
-
-/*
- * NSSCKFWC_DecryptFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-);
-
-/*
- * NSSCKFWC_DigestInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-);
-
-/*
- * NSSCKFWC_Digest
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Digest
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-);
-
-/*
- * NSSCKFWC_DigestUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen
-);
-
-/*
- * NSSCKFWC_DigestKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_DigestFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-);
-
-/*
- * NSSCKFWC_SignInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Sign
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Sign
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-);
-
-/*
- * NSSCKFWC_SignUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-);
-
-/*
- * NSSCKFWC_SignFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-);
-
-/*
- * NSSCKFWC_SignRecoverInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_SignRecover
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-);
-
-/*
- * NSSCKFWC_VerifyInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_Verify
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_Verify
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-);
-
-/*
- * NSSCKFWC_VerifyUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-);
-
-/*
- * NSSCKFWC_VerifyFinal
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-);
-
-/*
- * NSSCKFWC_VerifyRecoverInit
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-);
-
-/*
- * NSSCKFWC_VerifyRecover
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_VerifyRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-);
-
-/*
- * NSSCKFWC_DigestEncryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DigestEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_DecryptDigestUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptDigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-);
-
-/*
- * NSSCKFWC_SignEncryptUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SignEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-);
-
-/*
- * NSSCKFWC_DecryptVerifyUpdate
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DecryptVerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-);
-
-/*
- * NSSCKFWC_GenerateKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GenerateKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-);
-
-/*
- * NSSCKFWC_GenerateKeyPair
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GenerateKeyPair
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-);
-
-/*
- * NSSCKFWC_WrapKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_WrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-);
-
-/*
- * NSSCKFWC_UnwrapKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_UnwrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-);
-
-/*
- * NSSCKFWC_DeriveKey
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_DeriveKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-);
-
-/*
- * NSSCKFWC_SeedRandom
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_SeedRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-);
-
-/*
- * NSSCKFWC_GenerateRandom
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GenerateRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData,
- CK_ULONG ulRandomLen
-);
-
-/*
- * NSSCKFWC_GetFunctionStatus
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_GetFunctionStatus
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-/*
- * NSSCKFWC_CancelFunction
- *
- */
-NSS_EXTERN CK_RV
-NSSCKFWC_CancelFunction
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-);
-
-#endif /* NSSCKFWC_H */
diff --git a/security/nss/lib/ckfw/nssckfwt.h b/security/nss/lib/ckfw/nssckfwt.h
deleted file mode 100644
index 13be0f325..000000000
--- a/security/nss/lib/ckfw/nssckfwt.h
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKFWT_H
-#define NSSCKFWT_H
-
-#ifdef DEBUG
-static const char NSSCKFWT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckfwt.h
- *
- * This file declares the public types used by the NSS Cryptoki Framework.
- */
-
-/*
- * NSSCKFWInstance
- *
- */
-
-struct NSSCKFWInstanceStr;
-typedef struct NSSCKFWInstanceStr NSSCKFWInstance;
-
-/*
- * NSSCKFWSlot
- *
- */
-
-struct NSSCKFWSlotStr;
-typedef struct NSSCKFWSlotStr NSSCKFWSlot;
-
-/*
- * NSSCKFWToken
- *
- */
-
-struct NSSCKFWTokenStr;
-typedef struct NSSCKFWTokenStr NSSCKFWToken;
-
-/*
- * NSSCKFWMechanism
- *
- */
-
-struct NSSCKFWMechanismStr;
-typedef struct NSSCKFWMechanismStr NSSCKFWMechanism;
-
-/*
- * NSSCKFWSession
- *
- */
-
-struct NSSCKFWSessionStr;
-typedef struct NSSCKFWSessionStr NSSCKFWSession;
-
-/*
- * NSSCKFWObject
- *
- */
-
-struct NSSCKFWObjectStr;
-typedef struct NSSCKFWObjectStr NSSCKFWObject;
-
-/*
- * NSSCKFWFindObjects
- *
- */
-
-struct NSSCKFWFindObjectsStr;
-typedef struct NSSCKFWFindObjectsStr NSSCKFWFindObjects;
-
-/*
- * NSSCKFWMutex
- *
- */
-
-struct NSSCKFWMutexStr;
-typedef struct NSSCKFWMutexStr NSSCKFWMutex;
-
-#endif /* NSSCKFWT_H */
diff --git a/security/nss/lib/ckfw/nssckg.h b/security/nss/lib/ckfw/nssckg.h
deleted file mode 100644
index bfa79ac78..000000000
--- a/security/nss/lib/ckfw/nssckg.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "pkcs11.h"
diff --git a/security/nss/lib/ckfw/nssckmdt.h b/security/nss/lib/ckfw/nssckmdt.h
deleted file mode 100644
index 30e4fc33b..000000000
--- a/security/nss/lib/ckfw/nssckmdt.h
+++ /dev/null
@@ -1,2014 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSCKMDT_H
-#define NSSCKMDT_H
-
-#ifdef DEBUG
-static const char NSSCKMDT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssckmdt.h
- *
- * This file specifies the basic types that must be implemented by
- * any Module using the NSS Cryptoki Framework.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSCKFWT_H
-#include "nssckfwt.h"
-#endif /* NSSCKFWT_H */
-
-typedef struct NSSCKMDInstanceStr NSSCKMDInstance;
-typedef struct NSSCKMDSlotStr NSSCKMDSlot;
-typedef struct NSSCKMDTokenStr NSSCKMDToken;
-typedef struct NSSCKMDSessionStr NSSCKMDSession;
-typedef struct NSSCKMDFindObjectsStr NSSCKMDFindObjects;
-typedef struct NSSCKMDMechanismStr NSSCKMDMechanism;
-typedef struct NSSCKMDObjectStr NSSCKMDObject;
-
-/*
- * NSSCKMDInstance
- *
- * This is the basic handle for an instance of a PKCS#11 Module.
- * It is returned by the Module's CreateInstance routine, and
- * may be obtained from the corresponding NSSCKFWInstance object.
- * It contains a pointer for use by the Module, to store any
- * instance-related data, and it contains the EPV for a set of
- * routines which the Module may implement for use by the Framework.
- * Some of these routines are optional; others are mandatory.
- */
-
-struct NSSCKMDInstanceStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework to initialize
- * the Module. This routine is optional; if unimplemented,
- * it won't be called. If this routine returns an error,
- * then the initialization will fail.
- */
- CK_RV (PR_CALLBACK *Initialize)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSUTF8 *configurationData
- );
-
- /*
- * This routine is called when the Framework is finalizing
- * the PKCS#11 Module. It is the last thing called before
- * the NSSCKFWInstance's NSSArena is destroyed. This routine
- * is optional; if unimplemented, it merely won't be called.
- */
- void (PR_CALLBACK *Finalize)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine gets the number of slots. This value must
- * never change, once the instance is initialized. This
- * routine must be implemented. It may return zero on error.
- */
- CK_ULONG (PR_CALLBACK *GetNSlots)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns the version of the Cryptoki standard
- * to which this Module conforms. This routine is optional;
- * if unimplemented, the Framework uses the version to which
- * ~it~ was implemented.
- */
- CK_VERSION (PR_CALLBACK *GetCryptokiVersion)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing the manufacturer ID for this Module. Only
- * the characters completely encoded in the first thirty-
- * two bytes are significant. This routine is optional.
- * The string returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing a description of this Module library. Only
- * the characters completely encoded in the first thirty-
- * two bytes are significant. This routine is optional.
- * The string returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetLibraryDescription)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns the version of this Module library.
- * This routine is optional; if unimplemented, the Framework
- * will assume a Module library version of 0.1.
- */
- CK_VERSION (PR_CALLBACK *GetLibraryVersion)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the Module wishes to
- * handle session objects. This routine is optional.
- * If this routine is NULL, or if it exists but returns
- * CK_FALSE, the Framework will assume responsibility
- * for managing session objects.
- */
- CK_BBOOL (PR_CALLBACK *ModuleHandlesSessionObjects)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine stuffs pointers to NSSCKMDSlot objects into
- * the specified array; one for each slot supported by this
- * instance. The Framework will determine the size needed
- * for the array by calling GetNSlots. This routine is
- * required.
- */
- CK_RV (PR_CALLBACK *GetSlots)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *slots[]
- );
-
- /*
- * This call returns a pointer to the slot in which an event
- * has occurred. If the block argument is CK_TRUE, the call
- * should block until a slot event occurs; if CK_FALSE, it
- * should check to see if an event has occurred, occurred,
- * but return NULL (and set *pError to CK_NO_EVENT) if one
- * hasn't. This routine is optional; if unimplemented, the
- * Framework will assume that no event has happened. This
- * routine may return NULL upon error.
- */
- NSSCKMDSlot *(PR_CALLBACK *WaitForSlotEvent)(
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_BBOOL block,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-
-/*
- * NSSCKMDSlot
- *
- * This is the basic handle for a PKCS#11 Module Slot. It is
- * created by the NSSCKMDInstance->GetSlots call, and may be
- * obtained from the Framework's corresponding NSSCKFWSlot
- * object. It contains a pointer for use by the Module, to
- * store any slot-related data, and it contains the EPV for
- * a set of routines which the Module may implement for use
- * by the Framework. Some of these routines are optional.
- */
-
-struct NSSCKMDSlotStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called during the Framework initialization
- * step, after the Framework Instance has obtained the list
- * of slots (by calling NSSCKMDInstance->GetSlots). Any slot-
- * specific initialization can be done here. This routine is
- * optional; if unimplemented, it won't be called. Note that
- * if this routine returns an error, the entire Framework
- * initialization for this Module will fail.
- */
- CK_RV (PR_CALLBACK *Initialize)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is called when the Framework is finalizing
- * the PKCS#11 Module. This call (for each of the slots)
- * is the last thing called before NSSCKMDInstance->Finalize.
- * This routine is optional; if unimplemented, it merely
- * won't be called. Note: In the rare circumstance that
- * the Framework initialization cannot complete (due to,
- * for example, memory limitations), this can be called with
- * a NULL value for fwSlot.
- */
- void (PR_CALLBACK *Destroy)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing a description of this slot. Only the characters
- * completely encoded in the first sixty-four bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetSlotDescription)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing a description of the manufacturer of this slot.
- * Only the characters completely encoded in the first thirty-
- * two bytes are significant. This routine is optional.
- * The string returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns CK_TRUE if a token is present in this
- * slot. This routine is optional; if unimplemented, CK_TRUE
- * is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetTokenPresent)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the slot supports removable
- * tokens. This routine is optional; if unimplemented, CK_FALSE
- * is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetRemovableDevice)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if this slot is a hardware
- * device, or CK_FALSE if this slot is a software device. This
- * routine is optional; if unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHardwareSlot)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version of this slot's hardware.
- * This routine is optional; if unimplemented, the Framework
- * will assume a hardware version of 0.1.
- */
- CK_VERSION (PR_CALLBACK *GetHardwareVersion)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version of this slot's firmware.
- * This routine is optional; if unimplemented, the Framework
- * will assume a hardware version of 0.1.
- */
- CK_VERSION (PR_CALLBACK *GetFirmwareVersion)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine should return a pointer to an NSSCKMDToken
- * object corresponding to the token in the specified slot.
- * The NSSCKFWToken object passed in has an NSSArena
- * available which is dedicated for this token. This routine
- * must be implemented. This routine may return NULL upon
- * error.
- */
- NSSCKMDToken *(PR_CALLBACK *GetToken)(
- NSSCKMDSlot *mdSlot,
- NSSCKFWSlot *fwSlot,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDToken
- *
- * This is the basic handle for a PKCS#11 Token. It is created by
- * the NSSCKMDSlot->GetToken call, and may be obtained from the
- * Framework's corresponding NSSCKFWToken object. It contains a
- * pointer for use by the Module, to store any token-related
- * data, and it contains the EPV for a set of routines which the
- * Module may implement for use by the Framework. Some of these
- * routines are optional.
- */
-
-struct NSSCKMDTokenStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is used to prepare a Module token object for
- * use. It is called after the NSSCKMDToken object is obtained
- * from NSSCKMDSlot->GetToken. It is named "Setup" here because
- * Cryptoki already defines "InitToken" to do the process of
- * wiping out any existing state on a token and preparing it for
- * a new use. This routine is optional; if unimplemented, it
- * merely won't be called.
- */
- CK_RV (PR_CALLBACK *Setup)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is called by the Framework whenever it notices
- * that the token object is invalid. (Typically this is when a
- * routine indicates an error such as CKR_DEVICE_REMOVED). This
- * call is the last thing called before the NSSArena in the
- * corresponding NSSCKFWToken is destroyed. This routine is
- * optional; if unimplemented, it merely won't be called.
- */
- void (PR_CALLBACK *Invalidate)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine initialises the token in the specified slot.
- * This routine is optional; if unimplemented, the Framework
- * will fail this operation with an error of CKR_DEVICE_ERROR.
- */
-
- CK_RV (PR_CALLBACK *InitToken)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *pin,
- NSSUTF8 *label
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's label. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetLabel)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's manufacturer ID. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetManufacturerID)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's model name. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetModel)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns a pointer to a UTF8-encoded string
- * containing this token's serial number. Only the characters
- * completely encoded in the first thirty-two bytes are
- * significant. This routine is optional. The string
- * returned is never freed; if dynamically generated,
- * the space for it should be allocated from the NSSArena
- * that may be obtained from the NSSCKFWInstance. This
- * routine may return NULL upon error; however if *pError
- * is CKR_OK, the NULL will be considered the valid response.
- */
- NSSUTF8 *(PR_CALLBACK *GetSerialNumber)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns CK_TRUE if the token has its own
- * random number generator. This routine is optional; if
- * unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHasRNG)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if this token is write-protected.
- * This routine is optional; if unimplemented, CK_FALSE is
- * assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetIsWriteProtected)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if this token requires a login.
- * This routine is optional; if unimplemented, CK_FALSE is
- * assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetLoginRequired)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the normal user's PIN on this
- * token has been initialised. This routine is optional; if
- * unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetUserPinInitialized)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if a successful save of a
- * session's cryptographic operations state ~always~ contains
- * all keys needed to restore the state of the session. This
- * routine is optional; if unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetRestoreKeyNotNeeded)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the token has its own
- * hardware clock. This routine is optional; if unimplemented,
- * CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHasClockOnToken)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the token has a protected
- * authentication path. This routine is optional; if
- * unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetHasProtectedAuthenticationPath)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns CK_TRUE if the token supports dual
- * cryptographic operations within a single session. This
- * routine is optional; if unimplemented, CK_FALSE is assumed.
- */
- CK_BBOOL (PR_CALLBACK *GetSupportsDualCryptoOperations)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * XXX fgmr-- should we have a call to return all the flags
- * at once, for folks who already know about Cryptoki?
- */
-
- /*
- * This routine returns the maximum number of sessions that
- * may be opened on this token. This routine is optional;
- * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
- * is assumed. XXX fgmr-- or CK_EFFECTIVELY_INFINITE?
- */
- CK_ULONG (PR_CALLBACK *GetMaxSessionCount)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the maximum number of read/write
- * sesisons that may be opened on this token. This routine
- * is optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed. XXX fgmr-- or
- * CK_EFFECTIVELY_INFINITE?
- */
- CK_ULONG (PR_CALLBACK *GetMaxRwSessionCount)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the maximum PIN code length that is
- * supported on this token. This routine is optional;
- * if unimplemented, the special value CK_UNAVAILABLE_INFORMATION
- * is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetMaxPinLen)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the minimum PIN code length that is
- * supported on this token. This routine is optional; if
- * unimplemented, the special value CK_UNAVAILABLE_INFORMATION
- * is assumed. XXX fgmr-- or 0?
- */
- CK_ULONG (PR_CALLBACK *GetMinPinLen)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the total amount of memory on the token
- * in which public objects may be stored. This routine is
- * optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetTotalPublicMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the amount of unused memory on the
- * token in which public objects may be stored. This routine
- * is optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetFreePublicMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the total amount of memory on the token
- * in which private objects may be stored. This routine is
- * optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetTotalPrivateMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the amount of unused memory on the
- * token in which private objects may be stored. This routine
- * is optional; if unimplemented, the special value
- * CK_UNAVAILABLE_INFORMATION is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetFreePrivateMemory)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version number of this token's
- * hardware. This routine is optional; if unimplemented,
- * the value 0.1 is assumed.
- */
- CK_VERSION (PR_CALLBACK *GetHardwareVersion)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the version number of this token's
- * firmware. This routine is optional; if unimplemented,
- * the value 0.1 is assumed.
- */
- CK_VERSION (PR_CALLBACK *GetFirmwareVersion)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine stuffs the current UTC time, as obtained from
- * the token, into the sixteen-byte buffer in the form
- * YYYYMMDDhhmmss00. This routine need only be implemented
- * by token which indicate that they have a real-time clock.
- * XXX fgmr-- think about time formats.
- */
- CK_RV (PR_CALLBACK *GetUTCTime)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_CHAR utcTime[16]
- );
-
- /*
- * This routine creates a session on the token, and returns
- * the corresponding NSSCKMDSession object. The value of
- * rw will be CK_TRUE if the session is to be a read/write
- * session, or CK_FALSE otherwise. An NSSArena dedicated to
- * the new session is available from the specified NSSCKFWSession.
- * This routine may return NULL upon error.
- */
- NSSCKMDSession *(PR_CALLBACK *OpenSession)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWSession *fwSession,
- CK_BBOOL rw,
- CK_RV *pError
- );
-
- /*
- * This routine returns the number of PKCS#11 Mechanisms
- * supported by this token. This routine is optional; if
- * unimplemented, zero is assumed.
- */
- CK_ULONG (PR_CALLBACK *GetMechanismCount)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine stuffs into the specified array the types
- * of the mechanisms supported by this token. The Framework
- * determines the size of the array by calling GetMechanismCount.
- */
- CK_RV (PR_CALLBACK *GetMechanismTypes)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_MECHANISM_TYPE types[]
- );
-
- /*
- * This routine returns a pointer to a Module mechanism
- * object corresponding to a specified type. This routine
- * need only exist for tokens implementing at least one
- * mechanism.
- */
- NSSCKMDMechanism *(PR_CALLBACK *GetMechanism)(
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWMechanism *fwMechanism,
- CK_MECHANISM_TYPE which
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDSession
- *
- * This is the basic handle for a session on a PKCS#11 Token. It
- * is created by NSSCKMDToken->OpenSession, and may be obtained
- * from the Framework's corresponding NSSCKFWSession object. It
- * contains a pointer for use by the Module, to store any session-
- * realted data, and it contains the EPV for a set of routines
- * which the Module may implement for use by the Framework. Some
- * of these routines are optional.
- */
-
-struct NSSCKMDSessionStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework when a session is
- * closed. This call is the last thing called before the
- * NSSArena in the correspoinding NSSCKFWSession is destroyed.
- * This routine is optional; if unimplemented, it merely won't
- * be called.
- */
- void (PR_CALLBACK *Close)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to get any device-specific error.
- * This routine is optional.
- */
- CK_ULONG (PR_CALLBACK *GetDeviceError)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to log in a user to the token. This
- * routine is optional, since the Framework's NSSCKFWSession
- * object keeps track of the login state.
- */
- CK_RV (PR_CALLBACK *Login)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_USER_TYPE userType,
- NSSItem *pin,
- CK_STATE oldState,
- CK_STATE newState
- );
-
- /*
- * This routine is used to log out a user from the token. This
- * routine is optional, since the Framework's NSSCKFWSession
- * object keeps track of the login state.
- */
- CK_RV (PR_CALLBACK *Logout)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_STATE oldState,
- CK_STATE newState
- );
-
- /*
- * This routine is used to initialize the normal user's PIN or
- * password. This will only be called in the "read/write
- * security officer functions" state. If this token has a
- * protected authentication path, then the pin argument will
- * be NULL. This routine is optional; if unimplemented, the
- * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
- */
- CK_RV (PR_CALLBACK *InitPIN)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *pin
- );
-
- /*
- * This routine is used to modify a user's PIN or password. This
- * routine will only be called in the "read/write security officer
- * functions" or "read/write user functions" state. If this token
- * has a protected authentication path, then the pin arguments
- * will be NULL. This routine is optional; if unimplemented, the
- * Framework will return the error CKR_TOKEN_WRITE_PROTECTED.
- */
- CK_RV (PR_CALLBACK *SetPIN)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *oldPin,
- NSSItem *newPin
- );
-
- /*
- * This routine is used to find out how much space would be required
- * to save the current operational state. This routine is optional;
- * if unimplemented, the Framework will reject any attempts to save
- * the operational state with the error CKR_STATE_UNSAVEABLE. This
- * routine may return zero on error.
- */
- CK_ULONG (PR_CALLBACK *GetOperationStateLen)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine is used to store the current operational state. This
- * routine is only required if GetOperationStateLen is implemented
- * and can return a nonzero value. The buffer in the specified item
- * will be pre-allocated, and the length will specify the amount of
- * space available (which may be more than GetOperationStateLen
- * asked for, but which will not be smaller).
- */
- CK_RV (PR_CALLBACK *GetOperationState)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- * This routine is used to restore an operational state previously
- * obtained with GetOperationState. The Framework will take pains
- * to be sure that the state is (or was at one point) valid; if the
- * Module notices that the state is invalid, it should return an
- * error, but it is not required to be paranoid about the issue.
- * [XXX fgmr-- should (can?) the framework verify the keys match up?]
- * This routine is required only if GetOperationState is implemented.
- */
- CK_RV (PR_CALLBACK *SetOperationState)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *state,
- NSSCKMDObject *mdEncryptionKey,
- NSSCKFWObject *fwEncryptionKey,
- NSSCKMDObject *mdAuthenticationKey,
- NSSCKFWObject *fwAuthenticationKey
- );
-
- /*
- * This routine is used to create an object. The specified template
- * will only specify a session object if the Module has indicated
- * that it wishes to handle its own session objects. This routine
- * is optional; if unimplemented, the Framework will reject the
- * operation with the error CKR_TOKEN_WRITE_PROTECTED. Space for
- * token objects should come from the NSSArena available from the
- * NSSCKFWToken object; space for session objects (if supported)
- * should come from the NSSArena available from the NSSCKFWSession
- * object. The appropriate NSSArena pointer will, as a convenience,
- * be passed as the handyArenaPointer argument. This routine may
- * return NULL upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *CreateObject)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *handyArenaPointer,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine is used to make a copy of an object. It is entirely
- * optional; if unimplemented, the Framework will try to use
- * CreateObject instead. If the Module has indicated that it does
- * not wish to handle session objects, then this routine will only
- * be called to copy a token object to another token object.
- * Otherwise, either the original object or the new may be of
- * either the token or session variety. As with CreateObject, the
- * handyArenaPointer will point to the appropriate arena for the
- * new object. This routine may return NULL upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *CopyObject)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdOldObject,
- NSSCKFWObject *fwOldObject,
- NSSArena *handyArenaPointer,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine is used to begin an object search. This routine may
- * be unimplemented only if the Module does not handle session
- * objects, and if none of its tokens have token objects. The
- * NSSCKFWFindObjects pointer has an NSSArena that may be used for
- * storage for the life of this "find" operation. This routine may
- * return NULL upon error. If the Module can determine immediately
- * that the search will not find any matching objects, it may return
- * NULL, and specify CKR_OK as the error.
- */
- NSSCKMDFindObjects *(PR_CALLBACK *FindObjectsInit)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine seeds the random-number generator. It is
- * optional, even if GetRandom is implemented. If unimplemented,
- * the Framework will issue the error CKR_RANDOM_SEED_NOT_SUPPORTED.
- */
- CK_RV (PR_CALLBACK *SeedRandom)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *seed
- );
-
- /*
- * This routine gets random data. It is optional. If unimplemented,
- * the Framework will issue the error CKR_RANDOM_NO_RNG.
- */
- CK_RV (PR_CALLBACK *GetRandom)(
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDFindObjects
- *
- * This is the basic handle for an object search. It is
- * created by NSSCKMDSession->FindObjectsInit, and may be
- * obtained from the Framework's corresponding object.
- * It contains a pointer for use by the Module, to store
- * any search-related data, and it contains the EPV for a
- * set of routines which the Module may implement for use
- * by the Framework. Some of these routines are optional.
- */
-
-struct NSSCKMDFindObjectsStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework to finish a
- * search operation. Note that the Framework may finish
- * a search before it has completed. This routine is
- * optional; if unimplemented, it merely won't be called.
- */
- void (PR_CALLBACK *Final)(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to obtain another pointer to an
- * object matching the search criteria. This routine is
- * required. If no (more) objects match the search, it
- * should return NULL and set the error to CKR_OK.
- */
- NSSCKMDObject *(PR_CALLBACK *Next)(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDMechanism
- *
- */
-
-struct NSSCKMDMechanismStr {
- /*
- * The Module may use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine returns the minimum key size allowed for
- * this mechanism. This routine is optional; if unimplemented,
- * zero will be assumed. This routine may return zero on
- * error; if the error is CKR_OK, zero will be accepted as
- * a valid response.
- */
- CK_ULONG (PR_CALLBACK *GetMinKeySize)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine returns the maximum key size allowed for
- * this mechanism. This routine is optional; if unimplemented,
- * zero will be assumed. This routine may return zero on
- * error; if the error is CKR_OK, zero will be accepted as
- * a valid response.
- */
- CK_ULONG (PR_CALLBACK *GetMaxKeySize)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine is called to determine if the mechanism is
- * implemented in hardware or software. It returns CK_TRUE
- * if it is done in hardware.
- */
- CK_BBOOL (PR_CALLBACK *GetInHardware)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * The crypto routines themselves. Most crypto operations may
- * be performed in two ways, streaming and single-part. The
- * streaming operations involve the use of (typically) three
- * calls-- an Init method to set up the operation, an Update
- * method to feed data to the operation, and a Final method to
- * obtain the final result. Single-part operations involve
- * one method, to perform the crypto operation all at once.
- * The NSS Cryptoki Framework can implement the single-part
- * operations in terms of the streaming operations on behalf
- * of the Module. There are a few variances.
- *
- * For simplicity, the routines are listed in summary here:
- *
- * EncryptInit, EncryptUpdate, EncryptFinal; Encrypt
- * DecryptInit, DecryptUpdate, DecryptFinal; Decrypt
- * DigestInit, DigestUpdate, DigestKey, DigestFinal; Digest
- * SignInit, SignUpdate, SignFinal; Sign
- * SignRecoverInit; SignRecover
- * VerifyInit, VerifyUpdate, VerifyFinal; Verify
- * VerifyRecoverInit; VerifyRecover
- *
- * Also, there are some combined-operation calls:
- *
- * DigestEncryptUpdate
- * DecryptDigestUpdate
- * SignEncryptUpdate
- * DecryptVerifyUpdate
- *
- * The key-management routines are
- *
- * GenerateKey
- * GenerateKeyPair
- * WrapKey
- * UnwrapKey
- * DeriveKey
- *
- * All of these routines based directly on the Cryptoki API;
- * see PKCS#11 for further information.
- */
-
- /*
- */
- CK_RV (PR_CALLBACK *EncryptInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *EncryptUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *EncryptFinal)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Encrypt)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptFinal)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Decrypt)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestFinal)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Digest)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignFinal)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Sign)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *VerifyInit)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *key
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *VerifyUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *VerifyFinish)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *Verify)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKFWObject *key,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignRecover)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *VerifyRecover)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdKey,
- NSSCKFWObject *fwKey,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DigestEncryptUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptDigestUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *SignEncryptUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- */
- CK_RV (PR_CALLBACK *DecryptVerifyUpdate)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSItem *data,
- NSSItem *buffer
- );
-
- /*
- * Key management operations.
- */
-
- /*
- * This routine generates a key. This routine may return NULL
- * upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *GenerateKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine generates a key pair.
- */
- CK_RV (PR_CALLBACK *GenerateKeyPair)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- NSSCKMDObject **pPublicKey,
- NSSCKMDObject **pPrivateKey
- );
-
- /*
- * This routine wraps a key.
- */
- CK_RV (PR_CALLBACK *WrapKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdWrappingKey,
- NSSCKFWObject *fwWrappingKey,
- NSSCKMDObject *mdWrappedKey,
- NSSCKFWObject *fwWrappedKey,
- NSSItem *buffer
- );
-
- /*
- * This routine unwraps a key. This routine may return NULL
- * upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *UnwrapKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdWrappingKey,
- NSSCKFWObject *fwWrappingKey,
- NSSItem *wrappedKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This routine derives a key. This routine may return NULL
- * upon error.
- */
- NSSCKMDObject *(PR_CALLBACK *DeriveKey)(
- NSSCKMDMechanism *mdMechanism,
- NSSCKFWMechanism *fwMechanism,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSCKMDObject *mdBaseKey,
- NSSCKFWObject *fwBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-/*
- * NSSCKMDObject
- *
- * This is the basic handle for any object used by a PKCS#11 Module.
- * Modules must implement it if they support their own objects, and
- * the Framework supports it for Modules that do not handle session
- * objects. This type contains a pointer for use by the implementor,
- * to store any object-specific data, and it contains an EPV for a
- * set of routines used to access the object.
- */
-
-struct NSSCKMDObjectStr {
- /*
- * The implementation my use this pointer for its own purposes.
- */
- void *etc;
-
- /*
- * This routine is called by the Framework when it is letting
- * go of an object handle. It can be used by the Module to
- * free any resources tied up by an object "in use." It is
- * optional.
- */
- void (PR_CALLBACK *Finalize)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine is used to completely destroy an object.
- * It is optional. The parameter fwObject might be NULL
- * if the framework runs out of memory at the wrong moment.
- */
- CK_RV (PR_CALLBACK *Destroy)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This helper routine is used by the Framework, and is especially
- * useful when it is managing session objects on behalf of the
- * Module. This routine is optional; if unimplemented, the
- * Framework will actually look up the CKA_TOKEN attribute. In the
- * event of an error, just make something up-- the Framework will
- * find out soon enough anyway.
- */
- CK_BBOOL (PR_CALLBACK *IsTokenObject)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
- );
-
- /*
- * This routine returns the number of attributes of which this
- * object consists. It is mandatory. It can return zero on
- * error.
- */
- CK_ULONG (PR_CALLBACK *GetAttributeCount)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This routine stuffs the attribute types into the provided array.
- * The array size (as obtained from GetAttributeCount) is passed in
- * as a check; return CKR_BUFFER_TOO_SMALL if the count is wrong
- * (either too big or too small).
- */
- CK_RV (PR_CALLBACK *GetAttributeTypes)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
- );
-
- /*
- * This routine returns the size (in bytes) of the specified
- * attribute. It can return zero on error.
- */
- CK_ULONG (PR_CALLBACK *GetAttributeSize)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
- );
-
- /*
- * This routine returns the specified attribute. It can return
- * NULL upon error. The pointer in the item will not be freed;
- * any host memory required should come from the object's arena
- * (which is likely the Framework's token or session arena).
- * It may return NULL on error.
- */
- const NSSItem *(PR_CALLBACK *GetAttribute)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
- );
-
- /*
- * This routine changes the specified attribute. If unimplemented,
- * the object will be considered read-only.
- */
- CK_RV (PR_CALLBACK *SetAttribute)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
- );
-
- /*
- * This routine returns the storage requirements of this object,
- * in bytes. Cryptoki doesn't strictly define the definition,
- * but it should relate to the values returned by the "Get Memory"
- * routines of the NSSCKMDToken. This routine is optional; if
- * unimplemented, the Framework will consider this information
- * sensitive. This routine may return zero on error. If the
- * specified error is CKR_OK, zero will be accepted as a valid
- * response.
- */
- CK_ULONG (PR_CALLBACK *GetObjectSize)(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
- );
-
- /*
- * This object may be extended in future versions of the
- * NSS Cryptoki Framework. To allow for some flexibility
- * in the area of binary compatibility, this field should
- * be NULL.
- */
- void *null;
-};
-
-
-#endif /* NSSCKMDT_H */
diff --git a/security/nss/lib/ckfw/nssckt.h b/security/nss/lib/ckfw/nssckt.h
deleted file mode 100644
index f1b2ef1b5..000000000
--- a/security/nss/lib/ckfw/nssckt.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _NSSCKT_H_
-#define _NSSCKT_H_ 1
-
-#include "pkcs11t.h"
-
-typedef CK_ATTRIBUTE_TYPE CK_PTR CK_ATTRIBUTE_TYPE_PTR;
-#define CK_ENTRY
-
-#endif /* _NSSCKT_H_ */
-
diff --git a/security/nss/lib/ckfw/object.c b/security/nss/lib/ckfw/object.c
deleted file mode 100644
index de24fb633..000000000
--- a/security/nss/lib/ckfw/object.c
+++ /dev/null
@@ -1,1039 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * object.c
- *
- * This file implements the NSSCKFWObject type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWObject
- *
- * -- create/destroy --
- * nssCKFWObject_Create
- * nssCKFWObject_Finalize
- * nssCKFWObject_Destroy
- *
- * -- public accessors --
- * NSSCKFWObject_GetMDObject
- * NSSCKFWObject_GetArena
- * NSSCKFWObject_IsTokenObject
- * NSSCKFWObject_GetAttributeCount
- * NSSCKFWObject_GetAttributeTypes
- * NSSCKFWObject_GetAttributeSize
- * NSSCKFWObject_GetAttribute
- * NSSCKFWObject_SetAttribute
- * NSSCKFWObject_GetObjectSize
- *
- * -- implement public accessors --
- * nssCKFWObject_GetMDObject
- * nssCKFWObject_GetArena
- *
- * -- private accessors --
- * nssCKFWObject_SetHandle
- * nssCKFWObject_GetHandle
- *
- * -- module fronts --
- * nssCKFWObject_IsTokenObject
- * nssCKFWObject_GetAttributeCount
- * nssCKFWObject_GetAttributeTypes
- * nssCKFWObject_GetAttributeSize
- * nssCKFWObject_GetAttribute
- * nssCKFWObject_SetAttribute
- * nssCKFWObject_GetObjectSize
- */
-
-struct NSSCKFWObjectStr {
- NSSCKFWMutex *mutex; /* merely to serialise the MDObject calls */
- NSSArena *arena;
- NSSCKMDObject *mdObject;
- NSSCKMDSession *mdSession;
- NSSCKFWSession *fwSession;
- NSSCKMDToken *mdToken;
- NSSCKFWToken *fwToken;
- NSSCKMDInstance *mdInstance;
- NSSCKFWInstance *fwInstance;
- CK_OBJECT_HANDLE hObject;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-object_add_pointer
-(
- const NSSCKFWObject *fwObject
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-object_remove_pointer
-(
- const NSSCKFWObject *fwObject
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_verifyPointer
-(
- const NSSCKFWObject *fwObject
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-
-/*
- * nssCKFWObject_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWObject_Create
-(
- NSSArena *arena,
- NSSCKMDObject *mdObject,
- NSSCKFWSession *fwSession,
- NSSCKFWToken *fwToken,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- NSSCKFWObject *fwObject;
- nssCKFWHash *mdObjectHash;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( PR_SUCCESS != nssArena_verifyPointer(arena) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- mdObjectHash = nssCKFWToken_GetMDObjectHash(fwToken);
- if( (nssCKFWHash *)NULL == mdObjectHash ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-
- if( nssCKFWHash_Exists(mdObjectHash, mdObject) ) {
- fwObject = nssCKFWHash_Lookup(mdObjectHash, mdObject);
- return fwObject;
- }
-
- fwObject = nss_ZNEW(arena, NSSCKFWObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- fwObject->arena = arena;
- fwObject->mdObject = mdObject;
- fwObject->fwSession = fwSession;
-
- if( (NSSCKFWSession *)NULL != fwSession ) {
- fwObject->mdSession = nssCKFWSession_GetMDSession(fwSession);
- }
-
- fwObject->fwToken = fwToken;
-
- if( (NSSCKFWToken *)NULL != fwToken ) {
- fwObject->mdToken = nssCKFWToken_GetMDToken(fwToken);
- }
-
- fwObject->fwInstance = fwInstance;
- fwObject->mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
- fwObject->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == fwObject->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWHash_Add(mdObjectHash, mdObject, fwObject);
- if( CKR_OK != *pError ) {
- nss_ZFreeIf(fwObject);
- return (NSSCKFWObject *)NULL;
- }
-
-#ifdef DEBUG
- *pError = object_add_pointer(fwObject);
- if( CKR_OK != *pError ) {
- nssCKFWHash_Remove(mdObjectHash, mdObject);
- nss_ZFreeIf(fwObject);
- return (NSSCKFWObject *)NULL;
- }
-#endif /* DEBUG */
-
- *pError = CKR_OK;
- return fwObject;
-}
-
-/*
- * nssCKFWObject_Finalize
- *
- */
-NSS_IMPLEMENT void
-nssCKFWObject_Finalize
-(
- NSSCKFWObject *fwObject
-)
-{
- nssCKFWHash *mdObjectHash;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- (void)nssCKFWMutex_Destroy(fwObject->mutex);
-
- if( (void *)NULL != (void *)fwObject->mdObject->Finalize ) {
- fwObject->mdObject->Finalize(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
- }
-
- mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
- if( (nssCKFWHash *)NULL != mdObjectHash ) {
- nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
- }
-
- nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
- nss_ZFreeIf(fwObject);
-
-#ifdef DEBUG
- (void)object_remove_pointer(fwObject);
-#endif /* DEBUG */
-
- return;
-}
-
-/*
- * nssCKFWObject_Destroy
- *
- */
-NSS_IMPLEMENT void
-nssCKFWObject_Destroy
-(
- NSSCKFWObject *fwObject
-)
-{
- nssCKFWHash *mdObjectHash;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- (void)nssCKFWMutex_Destroy(fwObject->mutex);
-
- if( (void *)NULL != (void *)fwObject->mdObject->Destroy ) {
- fwObject->mdObject->Destroy(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
- }
-
- mdObjectHash = nssCKFWToken_GetMDObjectHash(fwObject->fwToken);
- if( (nssCKFWHash *)NULL != mdObjectHash ) {
- nssCKFWHash_Remove(mdObjectHash, fwObject->mdObject);
- }
-
- nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
- nss_ZFreeIf(fwObject);
-
-#ifdef DEBUG
- (void)object_remove_pointer(fwObject);
-#endif /* DEBUG */
-
- return;
-}
-
-/*
- * nssCKFWObject_GetMDObject
- *
- */
-NSS_IMPLEMENT NSSCKMDObject *
-nssCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (NSSCKMDObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwObject->mdObject;
-}
-
-/*
- * nssCKFWObject_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwObject->arena;
-}
-
-/*
- * nssCKFWObject_SetHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetHandle
-(
- NSSCKFWObject *fwObject,
- CK_OBJECT_HANDLE hObject
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( (CK_OBJECT_HANDLE)0 != fwObject->hObject ) {
- return CKR_GENERAL_ERROR;
- }
-
- fwObject->hObject = hObject;
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWObject_GetHandle
- *
- */
-NSS_IMPLEMENT CK_OBJECT_HANDLE
-nssCKFWObject_GetHandle
-(
- NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (CK_OBJECT_HANDLE)0;
- }
-#endif /* NSSDEBUG */
-
- return fwObject->hObject;
-}
-
-/*
- * nssCKFWObject_IsTokenObject
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-)
-{
- CK_BBOOL b = CK_FALSE;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->IsTokenObject ) {
- NSSItem item;
- NSSItem *pItem;
- CK_RV rv = CKR_OK;
-
- item.data = (void *)&b;
- item.size = sizeof(b);
-
- pItem = nssCKFWObject_GetAttribute(fwObject, CKA_TOKEN, &item,
- (NSSArena *)NULL, &rv);
- if( (NSSItem *)NULL == pItem ) {
- /* Error of some type */
- b = CK_FALSE;
- goto done;
- }
-
- goto done;
- }
-
- b = fwObject->mdObject->IsTokenObject(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance);
-
- done:
- return b;
-}
-
-/*
- * nssCKFWObject_GetAttributeCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeCount ) {
- *pError = CKR_GENERAL_ERROR;
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-
- rv = fwObject->mdObject->GetAttributeCount(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- pError);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
-}
-
-/*
- * nssCKFWObject_GetAttributeTypes
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeTypes ) {
- return CKR_GENERAL_ERROR;
- }
-
- error = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- error = fwObject->mdObject->GetAttributeTypes(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- typeArray, ulCount);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return error;
-}
-
-/*
- * nssCKFWObject_GetAttributeSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetAttributeSize ) {
- *pError = CKR_GENERAL_ERROR;
- return (CK_ULONG )0;
- }
-
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-
- rv = fwObject->mdObject->GetAttributeSize(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- attribute, pError);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
-}
-
-/*
- * nssCKFWObject_GetAttribute
- *
- * Usual NSS allocation rules:
- * If itemOpt is not NULL, it will be returned; otherwise an NSSItem
- * will be allocated. If itemOpt is not NULL but itemOpt->data is,
- * the buffer will be allocated; otherwise, the buffer will be used.
- * Any allocations will come from the optional arena, if one is
- * specified.
- */
-NSS_IMPLEMENT NSSItem *
-nssCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-)
-{
- NSSItem *rv = (NSSItem *)NULL;
- const NSSItem *mdItem;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSItem *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSItem *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetAttribute ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSItem *)NULL;
- }
-
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (NSSItem *)NULL;
- }
-
- mdItem = fwObject->mdObject->GetAttribute(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- attribute, pError);
-
- if( (NSSItem *)NULL == mdItem ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- goto done;
- }
-
- if( (NSSItem *)NULL == itemOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSItem);
- if( (NSSItem *)NULL == rv ) {
- *pError = CKR_HOST_MEMORY;
- goto done;
- }
- } else {
- rv = itemOpt;
- }
-
- if( (void *)NULL == rv->data ) {
- rv->size = mdItem->size;
- rv->data = nss_ZAlloc(arenaOpt, rv->size);
- if( (void *)NULL == rv->data ) {
- *pError = CKR_HOST_MEMORY;
- if( (NSSItem *)NULL == itemOpt ) {
- nss_ZFreeIf(rv);
- }
- rv = (NSSItem *)NULL;
- goto done;
- }
- } else {
- if( rv->size >= mdItem->size ) {
- rv->size = mdItem->size;
- } else {
- *pError = CKR_BUFFER_TOO_SMALL;
- /* Should we set rv->size to mdItem->size? */
- /* rv can't have been allocated */
- rv = (NSSItem *)NULL;
- goto done;
- }
- }
-
- (void)nsslibc_memcpy(rv->data, mdItem->data, rv->size);
-
- done:
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
-}
-
-/*
- * nssCKFWObject_SetAttribute
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWObject_SetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( CKA_TOKEN == attribute ) {
- /*
- * We're changing from a session object to a token object or
- * vice-versa.
- */
-
- CK_ATTRIBUTE a;
- NSSCKFWObject *newFwObject;
- NSSCKFWObject swab;
-
- a.type = CKA_TOKEN;
- a.pValue = value->data;
- a.ulValueLen = value->size;
-
- newFwObject = nssCKFWSession_CopyObject(fwObject->fwSession, fwObject,
- &a, 1, &error);
- if( (NSSCKFWObject *)NULL == newFwObject ) {
- if( CKR_OK == error ) {
- error = CKR_GENERAL_ERROR;
- }
- return error;
- }
-
- /*
- * Actually, I bet the locking is worse than this.. this part of
- * the code could probably use some scrutiny and reworking.
- */
- error = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != error ) {
- nssCKFWObject_Destroy(newFwObject);
- return error;
- }
-
- error = nssCKFWMutex_Lock(newFwObject->mutex);
- if( CKR_OK != error ) {
- nssCKFWMutex_Unlock(fwObject->mutex);
- nssCKFWObject_Destroy(newFwObject);
- return error;
- }
-
- /*
- * Now, we have our new object, but it has a new fwObject pointer,
- * while we have to keep the existing one. So quick swap the contents.
- */
- swab = *fwObject;
- *fwObject = *newFwObject;
- *newFwObject = swab;
-
- /* But keep the mutexes the same */
- swab.mutex = fwObject->mutex;
- fwObject->mutex = newFwObject->mutex;
- newFwObject->mutex = swab.mutex;
-
- (void)nssCKFWMutex_Unlock(newFwObject->mutex);
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
-
- /*
- * Either remove or add this to the list of session objects
- */
-
- if( CK_FALSE == *(CK_BBOOL *)value->data ) {
- /*
- * New one is a session object, except since we "stole" the fwObject, it's
- * not in the list. Add it.
- */
- nssCKFWSession_RegisterSessionObject(fwObject->fwSession, fwObject);
- } else {
- /*
- * New one is a token object, except since we "stole" the fwObject, it's
- * in the list. Remove it.
- */
- nssCKFWSession_DeregisterSessionObject(fwObject->fwSession, fwObject);
- }
-
- /*
- * Now delete the old object. Remember the names have changed.
- */
- nssCKFWObject_Destroy(newFwObject);
-
- return CKR_OK;
- } else {
- /*
- * An "ordinary" change.
- */
- if( (void *)NULL == (void *)fwObject->mdObject->SetAttribute ) {
- /* We could fake it with copying, like above.. later */
- return CKR_ATTRIBUTE_READ_ONLY;
- }
-
- error = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- error = fwObject->mdObject->SetAttribute(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- attribute, value);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
-
- return error;
- }
-}
-
-/*
- * nssCKFWObject_GetObjectSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwObject->mdObject->GetObjectSize ) {
- *pError = CKR_INFORMATION_SENSITIVE;
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWMutex_Lock(fwObject->mutex);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-
- rv = fwObject->mdObject->GetObjectSize(fwObject->mdObject, fwObject,
- fwObject->mdSession, fwObject->fwSession, fwObject->mdToken,
- fwObject->fwToken, fwObject->mdInstance, fwObject->fwInstance,
- pError);
-
- (void)nssCKFWMutex_Unlock(fwObject->mutex);
- return rv;
-}
-
-/*
- * NSSCKFWObject_GetMDObject
- *
- */
-NSS_IMPLEMENT NSSCKMDObject *
-NSSCKFWObject_GetMDObject
-(
- NSSCKFWObject *fwObject
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return (NSSCKMDObject *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetMDObject(fwObject);
-}
-
-/*
- * NSSCKFWObject_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-NSSCKFWObject_GetArena
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetArena(fwObject, pError);
-}
-
-/*
- * NSSCKFWObject_IsTokenObject
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWObject_IsTokenObject
-(
- NSSCKFWObject *fwObject
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWObject_verifyPointer(fwObject) ) {
- return CK_FALSE;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_IsTokenObject(fwObject);
-}
-
-/*
- * NSSCKFWObject_GetAttributeCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetAttributeCount
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetAttributeCount(fwObject, pError);
-}
-
-/*
- * NSSCKFWObject_GetAttributeTypes
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWObject_GetAttributeTypes
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
-#ifdef DEBUG
- CK_RV error = CKR_OK;
-
- error = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == typeArray ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetAttributeTypes(fwObject, typeArray, ulCount);
-}
-
-/*
- * NSSCKFWObject_GetAttributeSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetAttributeSize
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetAttributeSize(fwObject, attribute, pError);
-}
-
-/*
- * NSSCKFWObject_GetAttribute
- *
- */
-NSS_IMPLEMENT NSSItem *
-NSSCKFWObject_GetAttribute
-(
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *itemOpt,
- NSSArena *arenaOpt,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSItem *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSItem *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetAttribute(fwObject, attribute, itemOpt, arenaOpt, pError);
-}
-
-/*
- * NSSCKFWObject_GetObjectSize
- *
- */
-NSS_IMPLEMENT CK_ULONG
-NSSCKFWObject_GetObjectSize
-(
- NSSCKFWObject *fwObject,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-#endif /* DEBUG */
-
- return nssCKFWObject_GetObjectSize(fwObject, pError);
-}
diff --git a/security/nss/lib/ckfw/session.c b/security/nss/lib/ckfw/session.c
deleted file mode 100644
index 4e8fe2c18..000000000
--- a/security/nss/lib/ckfw/session.c
+++ /dev/null
@@ -1,1962 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * session.c
- *
- * This file implements the NSSCKFWSession type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWSession
- *
- * -- create/destroy --
- * nssCKFWSession_Create
- * nssCKFWSession_Destroy
- *
- * -- public accessors --
- * NSSCKFWSession_GetMDSession
- * NSSCKFWSession_GetArena
- * NSSCKFWSession_CallNotification
- * NSSCKFWSession_IsRWSession
- * NSSCKFWSession_IsSO
- *
- * -- implement public accessors --
- * nssCKFWSession_GetMDSession
- * nssCKFWSession_GetArena
- * nssCKFWSession_CallNotification
- * nssCKFWSession_IsRWSession
- * nssCKFWSession_IsSO
- *
- * -- private accessors --
- * nssCKFWSession_GetSlot
- * nssCKFWSession_GetSessionState
- * nssCKFWSession_SetFWFindObjects
- * nssCKFWSession_GetFWFindObjects
- * nssCKFWSession_SetMDSession
- * nssCKFWSession_SetHandle
- * nssCKFWSession_GetHandle
- * nssCKFWSession_RegisterSessionObject
- * nssCKFWSession_DeegisterSessionObject
- *
- * -- module fronts --
- * nssCKFWSession_GetDeviceError
- * nssCKFWSession_Login
- * nssCKFWSession_Logout
- * nssCKFWSession_InitPIN
- * nssCKFWSession_SetPIN
- * nssCKFWSession_GetOperationStateLen
- * nssCKFWSession_GetOperationState
- * nssCKFWSession_SetOperationState
- * nssCKFWSession_CreateObject
- * nssCKFWSession_CopyObject
- * nssCKFWSession_FindObjectsInit
- * nssCKFWSession_SeedRandom
- * nssCKFWSession_GetRandom
- */
-
-struct NSSCKFWSessionStr {
- NSSArena *arena;
- NSSCKMDSession *mdSession;
- NSSCKFWToken *fwToken;
- NSSCKMDToken *mdToken;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
- CK_VOID_PTR pApplication;
- CK_NOTIFY Notify;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The items below are atomic. No locking required. If we fear
- * about pointer-copies being nonatomic, we'll lock fwFindObjects.
- */
-
- CK_BBOOL rw;
- NSSCKFWFindObjects *fwFindObjects;
- nssCKFWHash *sessionObjectHash;
- CK_SESSION_HANDLE hSession;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-session_add_pointer
-(
- const NSSCKFWSession *fwSession
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-session_remove_pointer
-(
- const NSSCKFWSession *fwSession
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_verifyPointer
-(
- const NSSCKFWSession *fwSession
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWSession_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWSession_Create
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-)
-{
- NSSArena *arena = (NSSArena *)NULL;
- NSSCKFWSession *fwSession;
- NSSCKFWSlot *fwSlot;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSession *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSession *)NULL;
- }
-#endif /* NSSDEBUG */
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWSession *)NULL;
- }
-
- fwSession = nss_ZNEW(arena, NSSCKFWSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwSession->arena = arena;
- fwSession->mdSession = (NSSCKMDSession *)NULL; /* set later */
- fwSession->fwToken = fwToken;
- fwSession->mdToken = nssCKFWToken_GetMDToken(fwToken);
-
- fwSlot = nssCKFWToken_GetFWSlot(fwToken);
- fwSession->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
- fwSession->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
-
- fwSession->rw = rw;
- fwSession->pApplication = pApplication;
- fwSession->Notify = Notify;
-
- fwSession->fwFindObjects = (NSSCKFWFindObjects *)NULL;
-
- fwSession->sessionObjectHash = nssCKFWHash_Create(fwSession->fwInstance, arena, pError);
- if( (nssCKFWHash *)NULL == fwSession->sessionObjectHash ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
-#ifdef DEBUG
- *pError = session_add_pointer(fwSession);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return fwSession;
-
- loser:
- if( (NSSArena *)NULL != arena ) {
- if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
- (void)nssCKFWHash_Destroy(fwSession->sessionObjectHash);
- }
- NSSArena_Destroy(arena);
- }
-
- return (NSSCKFWSession *)NULL;
-}
-
-static void
-nss_ckfw_session_object_destroy_iterator
-(
- const void *key,
- void *value,
- void *closure
-)
-{
- NSSCKFWObject *fwObject = (NSSCKFWObject *)value;
- nssCKFWObject_Finalize(fwObject);
-}
-
-/*
- * nssCKFWSession_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_Destroy
-(
- NSSCKFWSession *fwSession,
- CK_BBOOL removeFromTokenHash
-)
-{
- CK_RV error = CKR_OK;
- nssCKFWHash *sessionObjectHash;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( removeFromTokenHash ) {
- error = nssCKFWToken_RemoveSession(fwSession->fwToken, fwSession);
- }
-
- /*
- * Invalidate session objects
- */
-
- sessionObjectHash = fwSession->sessionObjectHash;
- fwSession->sessionObjectHash = (nssCKFWHash *)NULL;
-
- nssCKFWHash_Iterate(sessionObjectHash,
- nss_ckfw_session_object_destroy_iterator,
- (void *)NULL);
-
-#ifdef DEBUG
- (void)session_remove_pointer(fwSession);
-#endif /* DEBUG */
- (void)nssCKFWHash_Destroy(sessionObjectHash);
- NSSArena_Destroy(fwSession->arena);
-
- return error;
-}
-
-/*
- * nssCKFWSession_GetMDSession
- *
- */
-NSS_IMPLEMENT NSSCKMDSession *
-nssCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (NSSCKMDSession *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSession->mdSession;
-}
-
-/*
- * nssCKFWSession_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSession->arena;
-}
-
-/*
- * nssCKFWSession_CallNotification
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-)
-{
- CK_RV error = CKR_OK;
- CK_SESSION_HANDLE handle;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( (CK_NOTIFY)NULL == fwSession->Notify ) {
- return CKR_OK;
- }
-
- handle = nssCKFWInstance_FindSessionHandle(fwSession->fwInstance, fwSession);
- if( (CK_SESSION_HANDLE)0 == handle ) {
- return CKR_GENERAL_ERROR;
- }
-
- error = fwSession->Notify(handle, event, fwSession->pApplication);
-
- return error;
-}
-
-/*
- * nssCKFWSession_IsRWSession
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- return fwSession->rw;
-}
-
-/*
- * nssCKFWSession_IsSO
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-)
-{
- CK_STATE state;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- state = nssCKFWToken_GetSessionState(fwSession->fwToken);
- switch( state ) {
- case CKS_RO_PUBLIC_SESSION:
- case CKS_RO_USER_FUNCTIONS:
- case CKS_RW_PUBLIC_SESSION:
- case CKS_RW_USER_FUNCTIONS:
- return CK_FALSE;
- case CKS_RW_SO_FUNCTIONS:
- return CK_TRUE;
- default:
- return CK_FALSE;
- }
-}
-
-/*
- * nssCKFWSession_GetFWSlot
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWSession_GetFWSlot
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return nssCKFWToken_GetFWSlot(fwSession->fwToken);
-}
-
-/*
- * nssCFKWSession_GetSessionState
- *
- */
-NSS_IMPLEMENT CK_STATE
-nssCKFWSession_GetSessionState
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CKS_RO_PUBLIC_SESSION; /* whatever */
- }
-#endif /* NSSDEBUG */
-
- return nssCKFWToken_GetSessionState(fwSession->fwToken);
-}
-
-/*
- * nssCKFWSession_SetFWFindObjects
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetFWFindObjects
-(
- NSSCKFWSession *fwSession,
- NSSCKFWFindObjects *fwFindObjects
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- /* fwFindObjects may be null */
-#endif /* NSSDEBUG */
-
- if( ((NSSCKFWFindObjects *)NULL != fwSession->fwFindObjects) &&
- ((NSSCKFWFindObjects *)NULL != fwFindObjects) ) {
- return CKR_OPERATION_ACTIVE;
- }
-
- fwSession->fwFindObjects = fwFindObjects;
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_GetFWFindObjects
- *
- */
-NSS_IMPLEMENT NSSCKFWFindObjects *
-nssCKFWSession_GetFWFindObjects
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSCKFWFindObjects *)NULL == fwSession->fwFindObjects ) {
- *pError = CKR_OPERATION_NOT_INITIALIZED;
- return (NSSCKFWFindObjects *)NULL;
- }
-
- return fwSession->fwFindObjects;
-}
-
-/*
- * nssCKFWSession_SetMDSession
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetMDSession
-(
- NSSCKFWSession *fwSession,
- NSSCKMDSession *mdSession
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSCKMDSession *)NULL == mdSession ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSCKMDSession *)NULL != fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-
- fwSession->mdSession = mdSession;
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_SetHandle
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetHandle
-(
- NSSCKFWSession *fwSession,
- CK_SESSION_HANDLE hSession
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- if( (CK_SESSION_HANDLE)0 != fwSession->hSession ) {
- return CKR_GENERAL_ERROR;
- }
-
- fwSession->hSession = hSession;
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_GetHandle
- *
- */
-NSS_IMPLEMENT CK_SESSION_HANDLE
-nssCKFWSession_GetHandle
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSession->hSession;
-}
-
-/*
- * nssCKFWSession_RegisterSessionObject
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_RegisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
-{
- CK_RV rv = CKR_OK;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
- rv = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
- }
-
- return rv;
-}
-
-/*
- * nssCKFWSession_DeregisterSessionObject
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_DeregisterSessionObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (nssCKFWHash *)NULL != fwSession->sessionObjectHash ) {
- nssCKFWHash_Remove(fwSession->sessionObjectHash, fwObject);
- }
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_GetDeviceError
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWSession_GetDeviceError
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (CK_ULONG)0;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->GetDeviceError ) {
- return (CK_ULONG)0;
- }
-
- return fwSession->mdSession->GetDeviceError(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance);
-}
-
-/*
- * nssCKFWSession_Login
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_Login
-(
- NSSCKFWSession *fwSession,
- CK_USER_TYPE userType,
- NSSItem *pin
-)
-{
- CK_RV error = CKR_OK;
- CK_STATE oldState;
- CK_STATE newState;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- switch( userType ) {
- case CKU_SO:
- case CKU_USER:
- break;
- default:
- return CKR_USER_TYPE_INVALID;
- }
-
- if( (NSSItem *)NULL == pin ) {
- if( CK_TRUE != nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken) ) {
- return CKR_ARGUMENTS_BAD;
- }
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
-
- /*
- * It's not clear what happens when you're already logged in.
- * I'll just fail; but if we decide to change, the logic is
- * all right here.
- */
-
- if( CKU_SO == userType ) {
- switch( oldState ) {
- case CKS_RO_PUBLIC_SESSION:
- /*
- * There's no such thing as a read-only security officer
- * session, so fail. The error should be CKR_SESSION_READ_ONLY,
- * except that C_Login isn't defined to return that. So we'll
- * do CKR_SESSION_READ_ONLY_EXISTS, which is what is documented.
- */
- return CKR_SESSION_READ_ONLY_EXISTS;
- case CKS_RO_USER_FUNCTIONS:
- return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
- case CKS_RW_PUBLIC_SESSION:
- newState = CKS_RW_SO_FUNCTIONS;
- break;
- case CKS_RW_USER_FUNCTIONS:
- return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
- case CKS_RW_SO_FUNCTIONS:
- return CKR_USER_ALREADY_LOGGED_IN;
- default:
- return CKR_GENERAL_ERROR;
- }
- } else /* CKU_USER == userType */ {
- switch( oldState ) {
- case CKS_RO_PUBLIC_SESSION:
- newState = CKS_RO_USER_FUNCTIONS;
- break;
- case CKS_RO_USER_FUNCTIONS:
- return CKR_USER_ALREADY_LOGGED_IN;
- case CKS_RW_PUBLIC_SESSION:
- newState = CKS_RW_USER_FUNCTIONS;
- break;
- case CKS_RW_USER_FUNCTIONS:
- return CKR_USER_ALREADY_LOGGED_IN;
- case CKS_RW_SO_FUNCTIONS:
- return CKR_USER_ANOTHER_ALREADY_LOGGED_IN;
- default:
- return CKR_GENERAL_ERROR;
- }
- }
-
- /*
- * So now we're in one of three cases:
- *
- * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_SO_FUNCTIONS;
- * Old == CKS_RW_PUBLIC_SESSION, New == CKS_RW_USER_FUNCTIONS;
- * Old == CKS_RO_PUBLIC_SESSION, New == CKS_RO_USER_FUNCTIONS;
- */
-
- if( (void *)NULL == (void *)fwSession->mdSession->Login ) {
- /*
- * The Module doesn't want to be informed (or check the pin)
- * it'll just rely on the Framework as needed.
- */
- ;
- } else {
- error = fwSession->mdSession->Login(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, userType, pin, oldState, newState);
- if( CKR_OK != error ) {
- return error;
- }
- }
-
- (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_Logout
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_Logout
-(
- NSSCKFWSession *fwSession
-)
-{
- CK_RV error = CKR_OK;
- CK_STATE oldState;
- CK_STATE newState;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- oldState = nssCKFWToken_GetSessionState(fwSession->fwToken);
-
- switch( oldState ) {
- case CKS_RO_PUBLIC_SESSION:
- return CKR_USER_NOT_LOGGED_IN;
- case CKS_RO_USER_FUNCTIONS:
- newState = CKS_RO_PUBLIC_SESSION;
- break;
- case CKS_RW_PUBLIC_SESSION:
- return CKR_USER_NOT_LOGGED_IN;
- case CKS_RW_USER_FUNCTIONS:
- newState = CKS_RW_PUBLIC_SESSION;
- break;
- case CKS_RW_SO_FUNCTIONS:
- newState = CKS_RW_PUBLIC_SESSION;
- break;
- default:
- return CKR_GENERAL_ERROR;
- }
-
- /*
- * So now we're in one of three cases:
- *
- * Old == CKS_RW_SO_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
- * Old == CKS_RW_USER_FUNCTIONS, New == CKS_RW_PUBLIC_SESSION;
- * Old == CKS_RO_USER_FUNCTIONS, New == CKS_RO_PUBLIC_SESSION;
- */
-
- if( (void *)NULL == (void *)fwSession->mdSession->Logout ) {
- /*
- * The Module doesn't want to be informed. Okay.
- */
- ;
- } else {
- error = fwSession->mdSession->Logout(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, oldState, newState);
- if( CKR_OK != error ) {
- /*
- * Now what?! A failure really should end up with the Framework
- * considering it logged out, right?
- */
- ;
- }
- }
-
- (void)nssCKFWToken_SetSessionState(fwSession->fwToken, newState);
- return error;
-}
-
-/*
- * nssCKFWSession_InitPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_InitPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *pin
-)
-{
- CK_RV error = CKR_OK;
- CK_STATE state;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- state = nssCKFWToken_GetSessionState(fwSession->fwToken);
- if( CKS_RW_SO_FUNCTIONS != state ) {
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- if( (NSSItem *)NULL == pin ) {
- CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
- if( CK_TRUE != has ) {
- return CKR_ARGUMENTS_BAD;
- }
- }
-
- if( (void *)NULL == (void *)fwSession->mdSession->InitPIN ) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- error = fwSession->mdSession->InitPIN(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, pin);
-
- return error;
-}
-
-/*
- * nssCKFWSession_SetPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetPIN
-(
- NSSCKFWSession *fwSession,
- NSSItem *newPin,
- NSSItem *oldPin
-)
-{
- CK_RV error = CKR_OK;
- CK_STATE state;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- state = nssCKFWToken_GetSessionState(fwSession->fwToken);
- if( (CKS_RW_SO_FUNCTIONS != state) &&
- (CKS_RW_USER_FUNCTIONS != state) ) {
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- if( (NSSItem *)NULL == newPin ) {
- CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
- if( CK_TRUE != has ) {
- return CKR_ARGUMENTS_BAD;
- }
- }
-
- if( (NSSItem *)NULL == oldPin ) {
- CK_BBOOL has = nssCKFWToken_GetHasProtectedAuthenticationPath(fwSession->fwToken);
- if( CK_TRUE != has ) {
- return CKR_ARGUMENTS_BAD;
- }
- }
-
- if( (void *)NULL == (void *)fwSession->mdSession->SetPIN ) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- error = fwSession->mdSession->SetPIN(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, newPin, oldPin);
-
- return error;
-}
-
-/*
- * nssCKFWSession_GetOperationStateLen
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWSession_GetOperationStateLen
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
- CK_ULONG mdAmt;
- CK_ULONG fwAmt;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (CK_ULONG)0;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (CK_ULONG)0;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- *pError = CKR_GENERAL_ERROR;
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->GetOperationStateLen ) {
- *pError = CKR_STATE_UNSAVEABLE;
- }
-
- /*
- * We could check that the session is actually in some state..
- */
-
- mdAmt = fwSession->mdSession->GetOperationStateLen(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, pError);
-
- if( ((CK_ULONG)0 == mdAmt) && (CKR_OK != *pError) ) {
- return (CK_ULONG)0;
- }
-
- /*
- * Add a bit of sanity-checking
- */
- fwAmt = mdAmt + 2*sizeof(CK_ULONG);
-
- return fwAmt;
-}
-
-/*
- * nssCKFWSession_GetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_GetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG fwAmt;
- CK_ULONG *ulBuffer;
- NSSItem i2;
- CK_ULONG n, i;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSItem *)NULL == buffer ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (void *)NULL == buffer->data ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->GetOperationState ) {
- return CKR_STATE_UNSAVEABLE;
- }
-
- /*
- * Sanity-check the caller's buffer.
- */
-
- error = CKR_OK;
- fwAmt = nssCKFWSession_GetOperationStateLen(fwSession, &error);
- if( ((CK_ULONG)0 == fwAmt) && (CKR_OK != error) ) {
- return error;
- }
-
- if( buffer->size < fwAmt ) {
- return CKR_BUFFER_TOO_SMALL;
- }
-
- ulBuffer = (CK_ULONG *)buffer->data;
-
- i2.size = buffer->size - 2*sizeof(CK_ULONG);
- i2.data = (void *)&ulBuffer[2];
-
- error = fwSession->mdSession->GetOperationState(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance, &i2);
-
- if( CKR_OK != error ) {
- return error;
- }
-
- /*
- * Add a little integrety/identity check.
- * NOTE: right now, it's pretty stupid.
- * A CRC or something would be better.
- */
-
- ulBuffer[0] = 0x434b4657; /* CKFW */
- ulBuffer[1] = 0;
- n = i2.size/sizeof(CK_ULONG);
- for( i = 0; i < n; i++ ) {
- ulBuffer[1] ^= ulBuffer[2+i];
- }
-
- return CKR_OK;
-}
-
-/*
- * nssCKFWSession_SetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SetOperationState
-(
- NSSCKFWSession *fwSession,
- NSSItem *state,
- NSSCKFWObject *encryptionKey,
- NSSCKFWObject *authenticationKey
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG *ulBuffer;
- CK_ULONG n, i;
- CK_ULONG x;
- NSSItem s;
- NSSCKMDObject *mdek;
- NSSCKMDObject *mdak;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSItem *)NULL == state ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (void *)NULL == state->data ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (NSSCKFWObject *)NULL != encryptionKey ) {
- error = nssCKFWObject_verifyPointer(encryptionKey);
- if( CKR_OK != error ) {
- return error;
- }
- }
-
- if( (NSSCKFWObject *)NULL != authenticationKey ) {
- error = nssCKFWObject_verifyPointer(authenticationKey);
- if( CKR_OK != error ) {
- return error;
- }
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- ulBuffer = (CK_ULONG *)state->data;
- if( 0x43b4657 != ulBuffer[0] ) {
- return CKR_SAVED_STATE_INVALID;
- }
- n = (state->size / sizeof(CK_ULONG)) - 2;
- x = (CK_ULONG)0;
- for( i = 0; i < n; i++ ) {
- x ^= ulBuffer[2+i];
- }
-
- if( x != ulBuffer[1] ) {
- return CKR_SAVED_STATE_INVALID;
- }
-
- if( (void *)NULL == (void *)fwSession->mdSession->SetOperationState ) {
- return CKR_GENERAL_ERROR;
- }
-
- s.size = state->size - 2*sizeof(CK_ULONG);
- s.data = (void *)&ulBuffer[2];
-
- if( (NSSCKFWObject *)NULL != encryptionKey ) {
- mdek = nssCKFWObject_GetMDObject(encryptionKey);
- } else {
- mdek = (NSSCKMDObject *)NULL;
- }
-
- if( (NSSCKFWObject *)NULL != authenticationKey ) {
- mdak = nssCKFWObject_GetMDObject(authenticationKey);
- } else {
- mdak = (NSSCKMDObject *)NULL;
- }
-
- error = fwSession->mdSession->SetOperationState(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, &s, mdek, encryptionKey, mdak, authenticationKey);
-
- if( CKR_OK != error ) {
- return error;
- }
-
- /*
- * Here'd we restore any session data
- */
-
- return CKR_OK;
-}
-
-static CK_BBOOL
-nss_attributes_form_token_object
-(
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount
-)
-{
- CK_ULONG i;
- CK_BBOOL rv;
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- /* If we sanity-check, we can remove this sizeof check */
- if( sizeof(CK_BBOOL) == pTemplate[i].ulValueLen ) {
- (void)nsslibc_memcpy(&rv, pTemplate[i].pValue, sizeof(CK_BBOOL));
- return rv;
- } else {
- return CK_FALSE;
- }
- }
- }
-
- return CK_FALSE;
-}
-
-/*
- * nssCKFWSession_CreateObject
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWSession_CreateObject
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- NSSArena *arena;
- NSSCKMDObject *mdObject;
- NSSCKFWObject *fwObject;
- CK_BBOOL isTokenObject;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWObject *)NULL;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /*
- * Here would be an excellent place to sanity-check the object.
- */
-
- isTokenObject = nss_attributes_form_token_object(pTemplate, ulAttributeCount);
- if( CK_TRUE == isTokenObject ) {
- /* === TOKEN OBJECT === */
-
- if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
- *pError = CKR_TOKEN_WRITE_PROTECTED;
- return (NSSCKFWObject *)NULL;
- }
-
- arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
- if( (NSSArena *)NULL == arena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- goto callmdcreateobject;
- } else {
- /* === SESSION OBJECT === */
-
- arena = nssCKFWSession_GetArena(fwSession, pError);
- if( (NSSArena *)NULL == arena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- if( CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwSession->fwInstance) ) {
- /* --- module handles the session object -- */
-
- if( (void *)NULL == (void *)fwSession->mdSession->CreateObject ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-
- goto callmdcreateobject;
- } else {
- /* --- framework handles the session object -- */
- mdObject = nssCKMDSessionObject_Create(fwSession->fwToken,
- arena, pTemplate, ulAttributeCount, pError);
- goto gotmdobject;
- }
- }
-
- callmdcreateobject:
- mdObject = fwSession->mdSession->CreateObject(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance, arena, pTemplate,
- ulAttributeCount, pError);
-
- gotmdobject:
- if( (NSSCKMDObject *)NULL == mdObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- fwObject = nssCKFWObject_Create(arena, mdObject, fwSession,
- fwSession->fwToken, fwSession->fwInstance, pError);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- if( (void *)NULL != (void *)mdObject->Destroy ) {
- (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
- fwSession->mdSession, fwSession, fwSession->mdToken,
- fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
- }
-
- return (NSSCKFWObject *)NULL;
- }
-
- if( CK_FALSE == isTokenObject ) {
- if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, fwObject) ) {
- *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, fwObject, fwObject);
- if( CKR_OK != *pError ) {
- nssCKFWObject_Finalize(fwObject);
- return (NSSCKFWObject *)NULL;
- }
- }
- }
-
- return fwObject;
-}
-
-/*
- * nssCKFWSession_CopyObject
- *
- */
-NSS_IMPLEMENT NSSCKFWObject *
-nssCKFWSession_CopyObject
-(
- NSSCKFWSession *fwSession,
- NSSCKFWObject *fwObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- CK_BBOOL oldIsToken;
- CK_BBOOL newIsToken;
- CK_ULONG i;
- NSSCKFWObject *rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWObject_verifyPointer(fwObject);
- if( CKR_OK != *pError ) {
- return (NSSCKFWObject *)NULL;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /*
- * Sanity-check object
- */
-
- oldIsToken = nssCKFWObject_IsTokenObject(fwObject);
-
- newIsToken = oldIsToken;
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- /* Since we sanity-checked the object, we know this is the right size. */
- (void)nsslibc_memcpy(&newIsToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
- break;
- }
- }
-
- /*
- * If the Module handles its session objects, or if both the new
- * and old object are token objects, use CopyObject if it exists.
- */
-
- if( ((void *)NULL != (void *)fwSession->mdSession->CopyObject) &&
- (((CK_TRUE == oldIsToken) && (CK_TRUE == newIsToken)) ||
- (CK_TRUE == nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwSession->fwInstance))) ) {
- /* use copy object */
- NSSArena *arena;
- NSSCKMDObject *mdOldObject;
- NSSCKMDObject *mdObject;
-
- mdOldObject = nssCKFWObject_GetMDObject(fwObject);
-
- if( CK_TRUE == newIsToken ) {
- arena = nssCKFWToken_GetArena(fwSession->fwToken, pError);
- } else {
- arena = nssCKFWSession_GetArena(fwSession, pError);
- }
- if( (NSSArena *)NULL == arena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- mdObject = fwSession->mdSession->CopyObject(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance, mdOldObject,
- fwObject, arena, pTemplate, ulAttributeCount, pError);
- if( (NSSCKMDObject *)NULL == mdObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWObject *)NULL;
- }
-
- rv = nssCKFWObject_Create(arena, mdObject, fwSession,
- fwSession->fwToken, fwSession->fwInstance, pError);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
-
- if( (void *)NULL != (void *)mdObject->Destroy ) {
- (void)mdObject->Destroy(mdObject, (NSSCKFWObject *)NULL,
- fwSession->mdSession, fwSession, fwSession->mdToken,
- fwSession->fwToken, fwSession->mdInstance, fwSession->fwInstance);
- }
-
- return (NSSCKFWObject *)NULL;
- }
-
- if( CK_FALSE == newIsToken ) {
- if( CK_FALSE == nssCKFWHash_Exists(fwSession->sessionObjectHash, rv) ) {
- *pError = nssCKFWHash_Add(fwSession->sessionObjectHash, rv, rv);
- if( CKR_OK != *pError ) {
- nssCKFWObject_Finalize(rv);
- return (NSSCKFWObject *)NULL;
- }
- }
- }
-
- return rv;
- } else {
- /* use create object */
- NSSArena *tmpArena;
- CK_ATTRIBUTE_PTR newTemplate;
- CK_ULONG i, j, n, newLength, k;
- CK_ATTRIBUTE_TYPE_PTR oldTypes;
- NSSCKFWObject *rv;
-
- tmpArena = NSSArena_Create();
- if( (NSSArena *)NULL == tmpArena ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- n = nssCKFWObject_GetAttributeCount(fwObject, pError);
- if( (0 == n) && (CKR_OK != *pError) ) {
- return (NSSCKFWObject *)NULL;
- }
-
- oldTypes = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE_TYPE, n);
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == oldTypes ) {
- NSSArena_Destroy(tmpArena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- *pError = nssCKFWObject_GetAttributeTypes(fwObject, oldTypes, n);
- if( CKR_OK != *pError ) {
- NSSArena_Destroy(tmpArena);
- return (NSSCKFWObject *)NULL;
- }
-
- newLength = n;
- for( i = 0; i < ulAttributeCount; i++ ) {
- for( j = 0; j < n; j++ ) {
- if( oldTypes[j] == pTemplate[i].type ) {
- if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
- /* Removing the attribute */
- newLength--;
- }
- break;
- }
- }
- if( j == n ) {
- /* Not found */
- newLength++;
- }
- }
-
- newTemplate = nss_ZNEWARRAY(tmpArena, CK_ATTRIBUTE, newLength);
- if( (CK_ATTRIBUTE_PTR)NULL == newTemplate ) {
- NSSArena_Destroy(tmpArena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWObject *)NULL;
- }
-
- k = 0;
- for( j = 0; j < n; j++ ) {
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( oldTypes[j] == pTemplate[i].type ) {
- if( (CK_VOID_PTR)NULL == pTemplate[i].pValue ) {
- /* This attribute is being deleted */
- ;
- } else {
- /* This attribute is being replaced */
- newTemplate[k].type = pTemplate[i].type;
- newTemplate[k].pValue = pTemplate[i].pValue;
- newTemplate[k].ulValueLen = pTemplate[i].ulValueLen;
- k++;
- }
- break;
- }
- }
- if( i == ulAttributeCount ) {
- /* This attribute is being copied over from the old object */
- NSSItem item, *it;
- item.size = 0;
- item.data = (void *)NULL;
- it = nssCKFWObject_GetAttribute(fwObject, oldTypes[j],
- &item, tmpArena, pError);
- if( (NSSItem *)NULL == it ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- NSSArena_Destroy(tmpArena);
- return (NSSCKFWObject *)NULL;
- }
- newTemplate[k].type = oldTypes[j];
- newTemplate[k].pValue = it->data;
- newTemplate[k].ulValueLen = it->size;
- k++;
- }
- }
- /* assert that k == newLength */
-
- rv = nssCKFWSession_CreateObject(fwSession, newTemplate, newLength, pError);
- if( (NSSCKFWObject *)NULL == rv ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- NSSArena_Destroy(tmpArena);
- return (NSSCKFWObject *)NULL;
- }
-
- NSSArena_Destroy(tmpArena);
- return rv;
- }
-}
-
-/*
- * nssCKFWSession_FindObjectsInit
- *
- */
-NSS_IMPLEMENT NSSCKFWFindObjects *
-nssCKFWSession_FindObjectsInit
-(
- NSSCKFWSession *fwSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_RV *pError
-)
-{
- NSSCKMDFindObjects *mdfo1 = (NSSCKMDFindObjects *)NULL;
- NSSCKMDFindObjects *mdfo2 = (NSSCKMDFindObjects *)NULL;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSCKFWFindObjects *)NULL;
- }
-
- if( ((CK_ATTRIBUTE_PTR)NULL == pTemplate) && (ulAttributeCount != 0) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWFindObjects *)NULL;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWFindObjects *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwSession->fwInstance) ) {
- CK_ULONG i;
-
- /*
- * Does the search criteria restrict us to token or session
- * objects?
- */
-
- for( i = 0; i < ulAttributeCount; i++ ) {
- if( CKA_TOKEN == pTemplate[i].type ) {
- /* Yes, it does. */
- CK_BBOOL isToken;
- if( sizeof(CK_BBOOL) != pTemplate[i].ulValueLen ) {
- *pError = CKR_ATTRIBUTE_VALUE_INVALID;
- return (NSSCKFWFindObjects *)NULL;
- }
- (void)nsslibc_memcpy(&isToken, pTemplate[i].pValue, sizeof(CK_BBOOL));
-
- if( CK_TRUE == isToken ) {
- /* Pass it on to the module's search routine */
- if( (void *)NULL == (void *)fwSession->mdSession->FindObjectsInit ) {
- goto wrap;
- }
-
- mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance,
- pTemplate, ulAttributeCount, pError);
- } else {
- /* Do the search ourselves */
- mdfo1 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
- pTemplate, ulAttributeCount, pError);
- }
-
- if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWFindObjects *)NULL;
- }
-
- goto wrap;
- }
- }
-
- if( i == ulAttributeCount ) {
- /* No, it doesn't. Do a hybrid search. */
- mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance,
- pTemplate, ulAttributeCount, pError);
-
- if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWFindObjects *)NULL;
- }
-
- mdfo2 = nssCKMDFindSessionObjects_Create(fwSession->fwToken,
- pTemplate, ulAttributeCount, pError);
- if( (NSSCKMDFindObjects *)NULL == mdfo2 ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- if( (void *)NULL != (void *)mdfo1->Final ) {
- mdfo1->Final(mdfo1, (NSSCKFWFindObjects *)NULL, fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance);
- }
- return (NSSCKFWFindObjects *)NULL;
- }
-
- goto wrap;
- }
- /*NOTREACHED*/
- } else {
- /* Module handles all its own objects. Pass on to module's search */
- mdfo1 = fwSession->mdSession->FindObjectsInit(fwSession->mdSession,
- fwSession, fwSession->mdToken, fwSession->fwToken,
- fwSession->mdInstance, fwSession->fwInstance,
- pTemplate, ulAttributeCount, pError);
-
- if( (NSSCKMDFindObjects *)NULL == mdfo1 ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWFindObjects *)NULL;
- }
-
- goto wrap;
- }
-
- wrap:
- return nssCKFWFindObjects_Create(fwSession, fwSession->fwToken,
- fwSession->fwInstance, mdfo1, mdfo2, pError);
-}
-
-/*
- * nssCKFWSession_SeedRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_SeedRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *seed
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSItem *)NULL == seed ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (void *)NULL == seed->data ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( 0 == seed->size ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->SeedRandom ) {
- return CKR_RANDOM_SEED_NOT_SUPPORTED;
- }
-
- error = fwSession->mdSession->SeedRandom(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, seed);
-
- return error;
-}
-
-/*
- * nssCKFWSession_GetRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSession_GetRandom
-(
- NSSCKFWSession *fwSession,
- NSSItem *buffer
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSItem *)NULL == buffer ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (void *)NULL == buffer->data ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (NSSCKMDSession *)NULL == fwSession->mdSession ) {
- return CKR_GENERAL_ERROR;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSession->mdSession->GetRandom ) {
- if( CK_TRUE == nssCKFWToken_GetHasRNG(fwSession->fwToken) ) {
- return CKR_GENERAL_ERROR;
- } else {
- return CKR_RANDOM_NO_RNG;
- }
- }
-
- if( 0 == buffer->size ) {
- return CKR_OK;
- }
-
- error = fwSession->mdSession->GetRandom(fwSession->mdSession, fwSession,
- fwSession->mdToken, fwSession->fwToken, fwSession->mdInstance,
- fwSession->fwInstance, buffer);
-
- return error;
-}
-
-/*
- * NSSCKFWSession_GetMDSession
- *
- */
-
-NSS_IMPLEMENT NSSCKMDSession *
-NSSCKFWSession_GetMDSession
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return (NSSCKMDSession *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_GetMDSession(fwSession);
-}
-
-/*
- * NSSCKFWSession_GetArena
- *
- */
-
-NSS_IMPLEMENT NSSArena *
-NSSCKFWSession_GetArena
-(
- NSSCKFWSession *fwSession,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_GetArena(fwSession, pError);
-}
-
-/*
- * NSSCKFWSession_CallNotification
- *
- */
-
-NSS_IMPLEMENT CK_RV
-NSSCKFWSession_CallNotification
-(
- NSSCKFWSession *fwSession,
- CK_NOTIFICATION event
-)
-{
-#ifdef DEBUG
- CK_RV error = CKR_OK;
-
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_CallNotification(fwSession, event);
-}
-
-/*
- * NSSCKFWSession_IsRWSession
- *
- */
-
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWSession_IsRWSession
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_IsRWSession(fwSession);
-}
-
-/*
- * NSSCKFWSession_IsSO
- *
- */
-
-NSS_IMPLEMENT CK_BBOOL
-NSSCKFWSession_IsSO
-(
- NSSCKFWSession *fwSession
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSession_verifyPointer(fwSession) ) {
- return CK_FALSE;
- }
-#endif /* DEBUG */
-
- return nssCKFWSession_IsSO(fwSession);
-}
diff --git a/security/nss/lib/ckfw/sessobj.c b/security/nss/lib/ckfw/sessobj.c
deleted file mode 100644
index 7e683fd96..000000000
--- a/security/nss/lib/ckfw/sessobj.c
+++ /dev/null
@@ -1,1091 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * sessobj.c
- *
- * This file contains an NSSCKMDObject implementation for session
- * objects. The framework uses this implementation to manage
- * session objects when a Module doesn't wish to be bothered.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * nssCKMDSessionObject
- *
- * -- create --
- * nssCKMDSessionObject_Create
- *
- * -- EPV calls --
- * nss_ckmdSessionObject_Finalize
- * nss_ckmdSessionObject_IsTokenObject
- * nss_ckmdSessionObject_GetAttributeCount
- * nss_ckmdSessionObject_GetAttributeTypes
- * nss_ckmdSessionObject_GetAttributeSize
- * nss_ckmdSessionObject_GetAttribute
- * nss_ckmdSessionObject_SetAttribute
- * nss_ckmdSessionObject_GetObjectSize
- */
-
-struct nssCKMDSessionObjectStr {
- CK_ULONG n;
- NSSArena *arena;
- NSSItem *attributes;
- CK_ATTRIBUTE_TYPE_PTR types;
- nssCKFWHash *hash;
-};
-typedef struct nssCKMDSessionObjectStr nssCKMDSessionObject;
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-nss_ckmdSessionObject_add_pointer
-(
- const NSSCKMDObject *mdObject
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-nss_ckmdSessionObject_remove_pointer
-(
- const NSSCKMDObject *mdObject
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-nss_ckmdSessionObject_verifyPointer
-(
- const NSSCKMDObject *mdObject
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * We must forward-declare these routines
- */
-static void
-nss_ckmdSessionObject_Finalize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
-
-static CK_RV
-nss_ckmdSessionObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
-
-static CK_BBOOL
-nss_ckmdSessionObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
-
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-static CK_RV
-nss_ckmdSessionObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-);
-
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
-
-static const NSSItem *
-nss_ckmdSessionObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-);
-
-static CK_RV
-nss_ckmdSessionObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-);
-
-static CK_ULONG
-nss_ckmdSessionObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-);
-
-/*
- * nssCKMDSessionObject_Create
- *
- */
-NSS_IMPLEMENT NSSCKMDObject *
-nssCKMDSessionObject_Create
-(
- NSSCKFWToken *fwToken,
- NSSArena *arena,
- CK_ATTRIBUTE_PTR attributes,
- CK_ULONG ulCount,
- CK_RV *pError
-)
-{
- NSSCKMDObject *mdObject = (NSSCKMDObject *)NULL;
- nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)NULL;
- CK_ULONG i;
- nssCKFWHash *hash;
-
- mdso = nss_ZNEW(arena, nssCKMDSessionObject);
- if( (nssCKMDSessionObject *)NULL == mdso ) {
- goto loser;
- }
-
- mdso->arena = arena;
- mdso->n = ulCount;
- mdso->attributes = nss_ZNEWARRAY(arena, NSSItem, ulCount);
- if( (NSSItem *)NULL == mdso->attributes ) {
- goto loser;
- }
-
- mdso->types = nss_ZNEWARRAY(arena, CK_ATTRIBUTE_TYPE, ulCount);
-
- for( i = 0; i < ulCount; i++ ) {
- mdso->types[i] = attributes[i].type;
- mdso->attributes[i].size = attributes[i].ulValueLen;
- mdso->attributes[i].data = nss_ZAlloc(arena, attributes[i].ulValueLen);
- if( (void *)NULL == mdso->attributes[i].data ) {
- goto loser;
- }
- (void)nsslibc_memcpy(mdso->attributes[i].data, attributes[i].pValue,
- attributes[i].ulValueLen);
- }
-
- mdObject = nss_ZNEW(arena, NSSCKMDObject);
- if( (NSSCKMDObject *)NULL == mdObject ) {
- goto loser;
- }
-
- mdObject->etc = (void *)mdso;
- mdObject->Finalize = nss_ckmdSessionObject_Finalize;
- mdObject->Destroy = nss_ckmdSessionObject_Destroy;
- mdObject->IsTokenObject = nss_ckmdSessionObject_IsTokenObject;
- mdObject->GetAttributeCount = nss_ckmdSessionObject_GetAttributeCount;
- mdObject->GetAttributeTypes = nss_ckmdSessionObject_GetAttributeTypes;
- mdObject->GetAttributeSize = nss_ckmdSessionObject_GetAttributeSize;
- mdObject->GetAttribute = nss_ckmdSessionObject_GetAttribute;
- mdObject->SetAttribute = nss_ckmdSessionObject_SetAttribute;
- mdObject->GetObjectSize = nss_ckmdSessionObject_GetObjectSize;
-
- hash = nssCKFWToken_GetSessionObjectHash(fwToken);
- if( (nssCKFWHash *)NULL == hash ) {
- *pError = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- mdso->hash = hash;
-
- *pError = nssCKFWHash_Add(hash, mdObject, mdObject);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-
-#ifdef DEBUG
- if( CKR_OK != nss_ckmdSessionObject_add_pointer(mdObject) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- *pError = CKR_OK;
- return mdObject;
-
- loser:
- if( (nssCKMDSessionObject *)NULL != mdso ) {
- if( (NSSItem *)NULL != mdso->attributes ) {
- for( i = 0; i < ulCount; i++ ) {
- nss_ZFreeIf(mdso->attributes[i].data);
- }
-
- nss_ZFreeIf(mdso->attributes);
- }
-
- nss_ZFreeIf(mdso->types);
- nss_ZFreeIf(mdso);
- }
-
- nss_ZFreeIf(mdObject);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDObject *)NULL;
-}
-
-/*
- * nss_ckmdSessionObject_Finalize
- *
- */
-static void
-nss_ckmdSessionObject_Finalize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- /* This shouldn't ever be called */
- return;
-}
-
-/*
- * nss_ckmdSessionObject_Destroy
- *
- */
-
-static CK_RV
-nss_ckmdSessionObject_Destroy
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
- nssCKMDSessionObject *mdso;
- CK_ULONG i;
-
-#ifdef NSSDEBUG
- error = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- mdso = (nssCKMDSessionObject *)mdObject->etc;
-
- nssCKFWHash_Remove(mdso->hash, mdObject);
-
- for( i = 0; i < mdso->n; i++ ) {
- nss_ZFreeIf(mdso->attributes[i].data);
- }
- nss_ZFreeIf(mdso->attributes);
- nss_ZFreeIf(mdso->types);
- nss_ZFreeIf(mdso);
- nss_ZFreeIf(mdObject);
-
-#ifdef DEBUG
- (void)nss_ckmdSessionObject_remove_pointer(mdObject);
-#endif /* DEBUG */
-
- return CKR_OK;
-}
-
-/*
- * nss_ckmdSessionObject_IsTokenObject
- *
- */
-
-static CK_BBOOL
-nss_ckmdSessionObject_IsTokenObject
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nss_ckmdSessionObject_verifyPointer(mdObject) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- /*
- * This implementation is only ever used for session objects.
- */
- return CK_FALSE;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttributeCount
- *
- */
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeCount
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nssCKMDSessionObject *obj;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return 0;
- }
-
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- return obj->n;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttributeTypes
- *
- */
-static CK_RV
-nss_ckmdSessionObject_GetAttributeTypes
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE_PTR typeArray,
- CK_ULONG ulCount
-)
-{
-#ifdef NSSDEBUG
- CK_RV error = CKR_OK;
-#endif /* NSSDEBUG */
- nssCKMDSessionObject *obj;
-
-#ifdef NSSDEBUG
- error = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != error ) {
- return error;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- if( ulCount < obj->n ) {
- return CKR_BUFFER_TOO_SMALL;
- }
-
- (void)nsslibc_memcpy(typeArray, obj->types,
- sizeof(CK_ATTRIBUTE_TYPE) * obj->n);
-
- return CKR_OK;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttributeSize
- *
- */
-static CK_ULONG
-nss_ckmdSessionObject_GetAttributeSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return 0;
- }
-
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- for( i = 0; i < obj->n; i++ ) {
- if( attribute == obj->types[i] ) {
- return (CK_ULONG)(obj->attributes[i].size);
- }
- }
-
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return 0;
-}
-
-/*
- * nss_ckmdSessionObject_GetAttribute
- *
- */
-static const NSSItem *
-nss_ckmdSessionObject_GetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- CK_RV *pError
-)
-{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return 0;
- }
-
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- for( i = 0; i < obj->n; i++ ) {
- if( attribute == obj->types[i] ) {
- return &obj->attributes[i];
- }
- }
-
- *pError = CKR_ATTRIBUTE_TYPE_INVALID;
- return 0;
-}
-
-/*
- * nss_ckmdSessionObject_SetAttribute
- *
- */
-
-/*
- * Okay, so this implementation sucks. It doesn't support removing
- * an attribute (if value == NULL), and could be more graceful about
- * memory. It should allow "blank" slots in the arrays, with some
- * invalid attribute type, and then it could support removal much
- * more easily. Do this later.
- */
-static CK_RV
-nss_ckmdSessionObject_SetAttribute
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_ATTRIBUTE_TYPE attribute,
- NSSItem *value
-)
-{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
- NSSItem n;
- NSSItem *ra;
- CK_ATTRIBUTE_TYPE_PTR rt;
-#ifdef NSSDEBUG
- CK_RV error;
-#endif /* NSSDEBUG */
-
-#ifdef NSSDEBUG
- error = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != error ) {
- return 0;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- n.size = value->size;
- n.data = nss_ZAlloc(obj->arena, n.size);
- if( (void *)NULL == n.data ) {
- return CKR_HOST_MEMORY;
- }
- (void)nsslibc_memcpy(n.data, value->data, n.size);
-
- for( i = 0; i < obj->n; i++ ) {
- if( attribute == obj->types[i] ) {
- nss_ZFreeIf(obj->attributes[i].data);
- obj->attributes[i] = n;
- return CKR_OK;
- }
- }
-
- /*
- * It's new.
- */
-
- ra = (NSSItem *)nss_ZRealloc(obj->attributes, sizeof(NSSItem) * (obj->n + 1));
- if( (NSSItem *)NULL == ra ) {
- nss_ZFreeIf(n.data);
- return CKR_HOST_MEMORY;
- }
-
- rt = (CK_ATTRIBUTE_TYPE_PTR)nss_ZRealloc(obj->types, (obj->n + 1));
- if( (CK_ATTRIBUTE_TYPE_PTR)NULL == rt ) {
- nss_ZFreeIf(n.data);
- obj->attributes = (NSSItem *)nss_ZRealloc(ra, sizeof(NSSItem) * obj->n);
- if( (NSSItem *)NULL == obj->attributes ) {
- return CKR_GENERAL_ERROR;
- }
- return CKR_HOST_MEMORY;
- }
-
- obj->attributes = ra;
- obj->types = rt;
- obj->attributes[obj->n] = n;
- obj->types[obj->n] = attribute;
- obj->n++;
-
- return CKR_OK;
-}
-
-/*
- * nss_ckmdSessionObject_GetObjectSize
- *
- */
-static CK_ULONG
-nss_ckmdSessionObject_GetObjectSize
-(
- NSSCKMDObject *mdObject,
- NSSCKFWObject *fwObject,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- CK_RV *pError
-)
-{
- nssCKMDSessionObject *obj;
- CK_ULONG i;
- CK_ULONG rv = (CK_ULONG)0;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return 0;
- }
-
- *pError = nss_ckmdSessionObject_verifyPointer(mdObject);
- if( CKR_OK != *pError ) {
- return 0;
- }
-
- /* We could even check all the other arguments, for sanity. */
-#endif /* NSSDEBUG */
-
- obj = (nssCKMDSessionObject *)mdObject->etc;
-
- for( i = 0; i < obj->n; i++ ) {
- rv += obj->attributes[i].size;
- }
-
- rv += sizeof(NSSItem) * obj->n;
- rv += sizeof(CK_ATTRIBUTE_TYPE) * obj->n;
- rv += sizeof(nssCKMDSessionObject);
-
- return rv;
-}
-
-/*
- * nssCKMDFindSessionObjects
- *
- * -- create --
- * nssCKMDFindSessionObjects_Create
- *
- * -- EPV calls --
- * nss_ckmdFindSessionObjects_Final
- * nss_ckmdFindSessionObjects_Next
- */
-
-struct nodeStr {
- struct nodeStr *next;
- NSSCKMDObject *mdObject;
-};
-
-struct nssCKMDFindSessionObjectsStr {
- NSSArena *arena;
- CK_RV error;
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG ulCount;
- struct nodeStr *list;
- nssCKFWHash *hash;
-
-};
-typedef struct nssCKMDFindSessionObjectsStr nssCKMDFindSessionObjects;
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-nss_ckmdFindSessionObjects_add_pointer
-(
- const NSSCKMDFindObjects *mdFindObjects
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-nss_ckmdFindSessionObjects_remove_pointer
-(
- const NSSCKMDFindObjects *mdFindObjects
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-nss_ckmdFindSessionObjects_verifyPointer
-(
- const NSSCKMDFindObjects *mdFindObjects
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * We must forward-declare these routines.
- */
-static void
-nss_ckmdFindSessionObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-);
-
-static NSSCKMDObject *
-nss_ckmdFindSessionObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-);
-
-static CK_BBOOL
-items_match
-(
- NSSItem *a,
- CK_VOID_PTR pValue,
- CK_ULONG ulValueLen
-)
-{
- if( a->size != ulValueLen ) {
- return CK_FALSE;
- }
-
- if( PR_TRUE == nsslibc_memequal(a->data, pValue, ulValueLen, (PRStatus *)NULL) ) {
- return CK_TRUE;
- } else {
- return CK_FALSE;
- }
-}
-
-/*
- * Our hashtable iterator
- */
-static void
-findfcn
-(
- const void *key,
- void *value,
- void *closure
-)
-{
- NSSCKMDObject *mdObject = (NSSCKMDObject *)value;
- nssCKMDSessionObject *mdso = (nssCKMDSessionObject *)mdObject->etc;
- nssCKMDFindSessionObjects *mdfso = (nssCKMDFindSessionObjects *)closure;
- CK_ULONG i, j;
- struct nodeStr *node;
-
- if( CKR_OK != mdfso->error ) {
- return;
- }
-
- for( i = 0; i < mdfso->ulCount; i++ ) {
- CK_ATTRIBUTE_PTR p = &mdfso->pTemplate[i];
-
- for( j = 0; j < mdso->n; j++ ) {
- if( mdso->types[j] == p->type ) {
- if( !items_match(&mdso->attributes[j], p->pValue, p->ulValueLen) ) {
- return;
- } else {
- break;
- }
- }
- }
-
- if( j == mdso->n ) {
- /* Attribute not found */
- return;
- }
- }
-
- /* Matches */
- node = nss_ZNEW(mdfso->arena, struct nodeStr);
- if( (struct nodeStr *)NULL == node ) {
- mdfso->error = CKR_HOST_MEMORY;
- return;
- }
-
- node->mdObject = mdObject;
- node->next = mdfso->list;
- mdfso->list = node;
-
- return;
-}
-
-/*
- * nssCKMDFindSessionObjects_Create
- *
- */
-NSS_IMPLEMENT NSSCKMDFindObjects *
-nssCKMDFindSessionObjects_Create
-(
- NSSCKFWToken *fwToken,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_RV *pError
-)
-{
- NSSArena *arena;
- nssCKMDFindSessionObjects *mdfso;
- nssCKFWHash *hash;
- NSSCKMDFindObjects *rv;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKMDFindObjects *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSCKMDFindObjects *)NULL;
- }
-
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKMDFindObjects *)NULL;
- }
-#endif /* NSSDEBUG */
-
- hash = nssCKFWToken_GetSessionObjectHash(fwToken);
- if( (nssCKFWHash *)NULL == hash ) {
- *pError= CKR_GENERAL_ERROR;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- mdfso = nss_ZNEW(arena, nssCKMDFindSessionObjects);
- if( (nssCKMDFindSessionObjects *)NULL == mdfso ) {
- NSSArena_Destroy(arena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- rv = nss_ZNEW(arena, NSSCKMDFindObjects);
-
- mdfso->error = CKR_OK;
- mdfso->pTemplate = pTemplate;
- mdfso->ulCount = ulCount;
- mdfso->hash = hash;
-
- nssCKFWHash_Iterate(hash, findfcn, mdfso);
-
- if( CKR_OK != mdfso->error ) {
- NSSArena_Destroy(arena);
- *pError = CKR_HOST_MEMORY;
- return (NSSCKMDFindObjects *)NULL;
- }
-
- rv->etc = (void *)mdfso;
- rv->Final = nss_ckmdFindSessionObjects_Final;
- rv->Next = nss_ckmdFindSessionObjects_Next;
-
-#ifdef DEBUG
- if( *pError != nss_ckmdFindSessionObjects_add_pointer(rv) ) {
- NSSArena_Destroy(arena);
- return (NSSCKMDFindObjects *)NULL;
- }
-#endif /* DEBUG */
- mdfso->arena = arena;
-
- return rv;
-}
-
-static void
-nss_ckmdFindSessionObjects_Final
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance
-)
-{
- nssCKMDFindSessionObjects *mdfso;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
- if (mdfso->arena) NSSArena_Destroy(mdfso->arena);
-
-#ifdef DEBUG
- (void)nss_ckmdFindSessionObjects_remove_pointer(mdFindObjects);
-#endif /* DEBUG */
-
- return;
-}
-
-static NSSCKMDObject *
-nss_ckmdFindSessionObjects_Next
-(
- NSSCKMDFindObjects *mdFindObjects,
- NSSCKFWFindObjects *fwFindObjects,
- NSSCKMDSession *mdSession,
- NSSCKFWSession *fwSession,
- NSSCKMDToken *mdToken,
- NSSCKFWToken *fwToken,
- NSSCKMDInstance *mdInstance,
- NSSCKFWInstance *fwInstance,
- NSSArena *arena,
- CK_RV *pError
-)
-{
- nssCKMDFindSessionObjects *mdfso;
- NSSCKMDObject *rv = (NSSCKMDObject *)NULL;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nss_ckmdFindSessionObjects_verifyPointer(mdFindObjects) ) {
- return (NSSCKMDObject *)NULL;
- }
-#endif /* NSSDEBUG */
-
- mdfso = (nssCKMDFindSessionObjects *)mdFindObjects->etc;
-
- while( (NSSCKMDObject *)NULL == rv ) {
- if( (struct nodeStr *)NULL == mdfso->list ) {
- *pError = CKR_OK;
- return (NSSCKMDObject *)NULL;
- }
-
- if( nssCKFWHash_Exists(mdfso->hash, mdfso->list->mdObject) ) {
- rv = mdfso->list->mdObject;
- }
-
- mdfso->list = mdfso->list->next;
- }
-
- return rv;
-}
diff --git a/security/nss/lib/ckfw/slot.c b/security/nss/lib/ckfw/slot.c
deleted file mode 100644
index 4e2b0831c..000000000
--- a/security/nss/lib/ckfw/slot.c
+++ /dev/null
@@ -1,753 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * slot.c
- *
- * This file implements the NSSCKFWSlot type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWSlot
- *
- * -- create/destroy --
- * nssCKFWSlot_Create
- * nssCKFWSlot_Destroy
- *
- * -- public accessors --
- * NSSCKFWSlot_GetMDSlot
- * NSSCKFWSlot_GetFWInstance
- * NSSCKFWSlot_GetMDInstance
- *
- * -- implement public accessors --
- * nssCKFWSlot_GetMDSlot
- * nssCKFWSlot_GetFWInstance
- * nssCKFWSlot_GetMDInstance
- *
- * -- private accessors --
- * nssCKFWSlot_GetSlotID
- * nssCKFWSlot_ClearToken
- *
- * -- module fronts --
- * nssCKFWSlot_GetSlotDescription
- * nssCKFWSlot_GetManufacturerID
- * nssCKFWSlot_GetTokenPresent
- * nssCKFWSlot_GetRemovableDevice
- * nssCKFWSlot_GetHardwareSlot
- * nssCKFWSlot_GetHardwareVersion
- * nssCKFWSlot_GetFirmwareVersion
- * nssCKFWSlot_InitToken
- * nssCKFWSlot_GetToken
- */
-
-struct NSSCKFWSlotStr {
- NSSCKFWMutex *mutex;
- NSSCKMDSlot *mdSlot;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
- CK_SLOT_ID slotID;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The invariants the mutex protects are:
- *
- * 1) Each of the cached descriptions (versions, etc.) are in an
- * internally consistant state.
- *
- * 2) The fwToken points to the token currently in the slot, and
- * it is in a consistant state.
- *
- * Note that the calls accessing the cached descriptions will
- * call the NSSCKMDSlot methods with the mutex locked. Those
- * methods may then call the public NSSCKFWSlot routines. Those
- * public routines only access the constant data above, so there's
- * no problem. But be careful if you add to this object; mutexes
- * are in general not reentrant, so don't create deadlock situations.
- */
-
- NSSUTF8 *slotDescription;
- NSSUTF8 *manufacturerID;
- CK_VERSION hardwareVersion;
- CK_VERSION firmwareVersion;
- NSSCKFWToken *fwToken;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-slot_add_pointer
-(
- const NSSCKFWSlot *fwSlot
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-slot_remove_pointer
-(
- const NSSCKFWSlot *fwSlot
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_verifyPointer
-(
- const NSSCKFWSlot *fwSlot
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWSlot_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWSlot_Create
-(
- NSSCKFWInstance *fwInstance,
- NSSCKMDSlot *mdSlot,
- CK_SLOT_ID slotID,
- CK_RV *pError
-)
-{
- NSSCKFWSlot *fwSlot;
- NSSCKMDInstance *mdInstance;
- NSSArena *arena;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-
- *pError = nssCKFWInstance_verifyPointer(fwInstance);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- mdInstance = nssCKFWInstance_GetMDInstance(fwInstance);
- if( (NSSCKMDInstance *)NULL == mdInstance ) {
- *pError = CKR_GENERAL_ERROR;
- return (NSSCKFWSlot *)NULL;
- }
-
- arena = nssCKFWInstance_GetArena(fwInstance, pError);
- if( (NSSArena *)NULL == arena ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- }
-
- fwSlot = nss_ZNEW(arena, NSSCKFWSlot);
- if( (NSSCKFWSlot *)NULL == fwSlot ) {
- *pError = CKR_HOST_MEMORY;
- return (NSSCKFWSlot *)NULL;
- }
-
- fwSlot->mdSlot = mdSlot;
- fwSlot->fwInstance = fwInstance;
- fwSlot->mdInstance = mdInstance;
- fwSlot->slotID = slotID;
-
- fwSlot->mutex = nssCKFWInstance_CreateMutex(fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == fwSlot->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- (void)nss_ZFreeIf(fwSlot);
- return (NSSCKFWSlot *)NULL;
- }
-
- if( (void *)NULL != (void *)mdSlot->Initialize ) {
- *pError = CKR_OK;
- *pError = mdSlot->Initialize(mdSlot, fwSlot, mdInstance, fwInstance);
- if( CKR_OK != *pError ) {
- (void)nssCKFWMutex_Destroy(fwSlot->mutex);
- (void)nss_ZFreeIf(fwSlot);
- return (NSSCKFWSlot *)NULL;
- }
- }
-
-#ifdef DEBUG
- *pError = slot_add_pointer(fwSlot);
- if( CKR_OK != *pError ) {
- if( (void *)NULL != (void *)mdSlot->Destroy ) {
- mdSlot->Destroy(mdSlot, fwSlot, mdInstance, fwInstance);
- }
-
- (void)nssCKFWMutex_Destroy(fwSlot->mutex);
- (void)nss_ZFreeIf(fwSlot);
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* DEBUG */
-
- return fwSlot;
-}
-
-/*
- * nssCKFWSlot_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_Destroy
-(
- NSSCKFWSlot *fwSlot
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- (void)nssCKFWMutex_Destroy(fwSlot->mutex);
-
- if( (void *)NULL != (void *)fwSlot->mdSlot->Destroy ) {
- fwSlot->mdSlot->Destroy(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
- }
-
-#ifdef DEBUG
- error = slot_remove_pointer(fwSlot);
-#endif /* DEBUG */
- (void)nss_ZFreeIf(fwSlot);
- return error;
-}
-
-/*
- * nssCKFWSlot_GetMDSlot
- *
- */
-NSS_IMPLEMENT NSSCKMDSlot *
-nssCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSlot->mdSlot;
-}
-
-/*
- * nssCKFWSlot_GetFWInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKFWInstance *
-nssCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKFWInstance *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSlot->fwInstance;
-}
-
-/*
- * nssCKFWSlot_GetMDInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKMDInstance *
-nssCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDInstance *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwSlot->mdInstance;
-}
-
-/*
- * nssCKFWSlot_GetSlotID
- *
- */
-NSS_IMPLEMENT CK_SLOT_ID
-nssCKFWSlot_GetSlotID
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (CK_SLOT_ID)0;
- }
-#endif /* NSSDEBUG */
-
- return fwSlot->slotID;
-}
-
-/*
- * nssCKFWSlot_GetSlotDescription
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_GetSlotDescription
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR slotDescription[64]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == slotDescription ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwSlot->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwSlot->slotDescription ) {
- if( (void *)NULL != (void *)fwSlot->mdSlot->GetSlotDescription ) {
- fwSlot->slotDescription = fwSlot->mdSlot->GetSlotDescription(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
- fwSlot->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwSlot->slotDescription) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwSlot->slotDescription = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->slotDescription, (char *)slotDescription, 64, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return error;
-}
-
-/*
- * nssCKFWSlot_GetManufacturerID
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWSlot_GetManufacturerID
-(
- NSSCKFWSlot *fwSlot,
- CK_CHAR manufacturerID[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == manufacturerID ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwSlot->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwSlot->manufacturerID ) {
- if( (void *)NULL != (void *)fwSlot->mdSlot->GetManufacturerID ) {
- fwSlot->manufacturerID = fwSlot->mdSlot->GetManufacturerID(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance,
- fwSlot->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwSlot->manufacturerID) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwSlot->manufacturerID = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwSlot->manufacturerID, (char *)manufacturerID, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return error;
-}
-
-/*
- * nssCKFWSlot_GetTokenPresent
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetTokenPresent
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSlot->mdSlot->GetTokenPresent ) {
- return CK_TRUE;
- }
-
- return fwSlot->mdSlot->GetTokenPresent(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
-}
-
-/*
- * nssCKFWSlot_GetRemovableDevice
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetRemovableDevice
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSlot->mdSlot->GetRemovableDevice ) {
- return CK_FALSE;
- }
-
- return fwSlot->mdSlot->GetRemovableDevice(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
-}
-
-/*
- * nssCKFWSlot_GetHardwareSlot
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWSlot_GetHardwareSlot
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwSlot->mdSlot->GetHardwareSlot ) {
- return CK_FALSE;
- }
-
- return fwSlot->mdSlot->GetHardwareSlot(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance);
-}
-
-/*
- * nssCKFWSlot_GetHardwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWSlot_GetHardwareVersion
-(
- NSSCKFWSlot *fwSlot
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwSlot->hardwareVersion.major) ||
- (0 != fwSlot->hardwareVersion.minor) ) {
- rv = fwSlot->hardwareVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwSlot->mdSlot->GetHardwareVersion ) {
- fwSlot->hardwareVersion = fwSlot->mdSlot->GetHardwareVersion(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
- } else {
- fwSlot->hardwareVersion.major = 0;
- fwSlot->hardwareVersion.minor = 1;
- }
-
- rv = fwSlot->hardwareVersion;
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return rv;
-}
-
-/*
- * nssCKFWSlot_GetFirmwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWSlot_GetFirmwareVersion
-(
- NSSCKFWSlot *fwSlot
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwSlot->firmwareVersion.major) ||
- (0 != fwSlot->firmwareVersion.minor) ) {
- rv = fwSlot->firmwareVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwSlot->mdSlot->GetFirmwareVersion ) {
- fwSlot->firmwareVersion = fwSlot->mdSlot->GetFirmwareVersion(
- fwSlot->mdSlot, fwSlot, fwSlot->mdInstance, fwSlot->fwInstance);
- } else {
- fwSlot->firmwareVersion.major = 0;
- fwSlot->firmwareVersion.minor = 1;
- }
-
- rv = fwSlot->firmwareVersion;
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return rv;
-}
-
-/*
- * nssCKFWSlot_GetToken
- *
- */
-NSS_IMPLEMENT NSSCKFWToken *
-nssCKFWSlot_GetToken
-(
- NSSCKFWSlot *fwSlot,
- CK_RV *pError
-)
-{
- NSSCKMDToken *mdToken;
- NSSCKFWToken *fwToken;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWToken *)NULL;
- }
-
- *pError = nssCKFWSlot_verifyPointer(fwSlot);
- if( CKR_OK != *pError ) {
- return (NSSCKFWToken *)NULL;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwSlot->mutex);
- if( CKR_OK != *pError ) {
- return (NSSCKFWToken *)NULL;
- }
-
- if( (NSSCKFWToken *)NULL == fwSlot->fwToken ) {
- if( (void *)NULL == (void *)fwSlot->mdSlot->GetToken ) {
- *pError = CKR_GENERAL_ERROR;
- fwToken = (NSSCKFWToken *)NULL;
- goto done;
- }
-
- mdToken = fwSlot->mdSlot->GetToken(fwSlot->mdSlot, fwSlot,
- fwSlot->mdInstance, fwSlot->fwInstance, pError);
- if( (NSSCKMDToken *)NULL == mdToken ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- return (NSSCKFWToken *)NULL;
- }
-
- fwToken = nssCKFWToken_Create(fwSlot, mdToken, pError);
- fwSlot->fwToken = fwToken;
- } else {
- fwToken = fwSlot->fwToken;
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return fwToken;
-}
-
-/*
- * nssCKFWSlot_ClearToken
- *
- */
-NSS_IMPLEMENT void
-nssCKFWSlot_ClearToken
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwSlot->mutex) ) {
- /* Now what? */
- return;
- }
-
- fwSlot->fwToken = (NSSCKFWToken *)NULL;
- (void)nssCKFWMutex_Unlock(fwSlot->mutex);
- return;
-}
-
-/*
- * NSSCKFWSlot_GetMDSlot
- *
- */
-
-NSS_IMPLEMENT NSSCKMDSlot *
-NSSCKFWSlot_GetMDSlot
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDSlot *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSlot_GetMDSlot(fwSlot);
-}
-
-/*
- * NSSCKFWSlot_GetFWInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKFWInstance *
-NSSCKFWSlot_GetFWInstance
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKFWInstance *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSlot_GetFWInstance(fwSlot);
-}
-
-/*
- * NSSCKFWSlot_GetMDInstance
- *
- */
-
-NSS_IMPLEMENT NSSCKMDInstance *
-NSSCKFWSlot_GetMDInstance
-(
- NSSCKFWSlot *fwSlot
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWSlot_verifyPointer(fwSlot) ) {
- return (NSSCKMDInstance *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWSlot_GetMDInstance(fwSlot);
-}
diff --git a/security/nss/lib/ckfw/token.c b/security/nss/lib/ckfw/token.c
deleted file mode 100644
index 6e4aa247b..000000000
--- a/security/nss/lib/ckfw/token.c
+++ /dev/null
@@ -1,1855 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * token.c
- *
- * This file implements the NSSCKFWToken type and methods.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWToken
- *
- * -- create/destroy --
- * nssCKFWToken_Create
- * nssCKFWToken_Destroy
- *
- * -- public accessors --
- * NSSCKFWToken_GetMDToken
- * NSSCKFWToken_GetFWSlot
- * NSSCKFWToken_GetMDSlot
- * NSSCKFWToken_GetSessionState
- *
- * -- implement public accessors --
- * nssCKFWToken_GetMDToken
- * nssCKFWToken_GetFWSlot
- * nssCKFWToken_GetMDSlot
- * nssCKFWToken_GetSessionState
- * nssCKFWToken_SetSessionState
- *
- * -- private accessors --
- * nssCKFWToken_SetSessionState
- * nssCKFWToken_RemoveSession
- * nssCKFWToken_CloseAllSessions
- * nssCKFWToken_GetSessionCount
- * nssCKFWToken_GetRwSessionCount
- * nssCKFWToken_GetRoSessionCount
- * nssCKFWToken_GetSessionObjectHash
- * nssCKFWToken_GetMDObjectHash
- * nssCKFWToken_GetObjectHandleHash
- *
- * -- module fronts --
- * nssCKFWToken_InitToken
- * nssCKFWToken_GetLabel
- * nssCKFWToken_GetManufacturerID
- * nssCKFWToken_GetModel
- * nssCKFWToken_GetSerialNumber
- * nssCKFWToken_GetHasRNG
- * nssCKFWToken_GetIsWriteProtected
- * nssCKFWToken_GetLoginRequired
- * nssCKFWToken_GetUserPinInitialized
- * nssCKFWToken_GetRestoreKeyNotNeeded
- * nssCKFWToken_GetHasClockOnToken
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- * nssCKFWToken_GetSupportsDualCryptoOperations
- * nssCKFWToken_GetMaxSessionCount
- * nssCKFWToken_GetMaxRwSessionCount
- * nssCKFWToken_GetMaxPinLen
- * nssCKFWToken_GetMinPinLen
- * nssCKFWToken_GetTotalPublicMemory
- * nssCKFWToken_GetFreePublicMemory
- * nssCKFWToken_GetTotalPrivateMemory
- * nssCKFWToken_GetFreePrivateMemory
- * nssCKFWToken_GetHardwareVersion
- * nssCKFWToken_GetFirmwareVersion
- * nssCKFWToken_GetUTCTime
- * nssCKFWToken_OpenSession
- * nssCKFWToken_GetMechanismCount
- * nssCKFWToken_GetMechanismTypes
- * nssCKFWToken_GetMechanism
- */
-
-struct NSSCKFWTokenStr {
- NSSCKFWMutex *mutex;
- NSSArena *arena;
- NSSCKMDToken *mdToken;
- NSSCKFWSlot *fwSlot;
- NSSCKMDSlot *mdSlot;
- NSSCKFWInstance *fwInstance;
- NSSCKMDInstance *mdInstance;
-
- /*
- * Everything above is set at creation time, and then not modified.
- * The invariants the mutex protects are:
- *
- * 1) Each of the cached descriptions (versions, etc.) are in an
- * internally consistant state.
- *
- * 2) The session counts and hashes are consistant.
- *
- * 3) The object hashes are consistant.
- *
- * Note that the calls accessing the cached descriptions will call
- * the NSSCKMDToken methods with the mutex locked. Those methods
- * may then call the public NSSCKFWToken routines. Those public
- * routines only access the constant data above and the atomic
- * CK_STATE session state variable below, so there's no problem.
- * But be careful if you add to this object; mutexes are in
- * general not reentrant, so don't create deadlock situations.
- */
-
- NSSUTF8 *label;
- NSSUTF8 *manufacturerID;
- NSSUTF8 *model;
- NSSUTF8 *serialNumber;
- CK_VERSION hardwareVersion;
- CK_VERSION firmwareVersion;
-
- CK_ULONG sessionCount;
- CK_ULONG rwSessionCount;
- nssCKFWHash *sessions;
- nssCKFWHash *sessionObjectHash;
- nssCKFWHash *mdObjectHash;
-
- CK_STATE state;
-};
-
-#ifdef DEBUG
-/*
- * But first, the pointer-tracking stuff.
- *
- * NOTE: the pointer-tracking support in NSS/base currently relies
- * upon NSPR's CallOnce support. That, however, relies upon NSPR's
- * locking, which is tied into the runtime. We need a pointer-tracker
- * implementation that uses the locks supplied through C_Initialize.
- * That support, however, can be filled in later. So for now, I'll
- * just do this routines as no-ops.
- */
-
-static CK_RV
-token_add_pointer
-(
- const NSSCKFWToken *fwToken
-)
-{
- return CKR_OK;
-}
-
-static CK_RV
-token_remove_pointer
-(
- const NSSCKFWToken *fwToken
-)
-{
- return CKR_OK;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_verifyPointer
-(
- const NSSCKFWToken *fwToken
-)
-{
- return CKR_OK;
-}
-
-#endif /* DEBUG */
-
-/*
- * nssCKFWToken_Create
- *
- */
-NSS_IMPLEMENT NSSCKFWToken *
-nssCKFWToken_Create
-(
- NSSCKFWSlot *fwSlot,
- NSSCKMDToken *mdToken,
- CK_RV *pError
-)
-{
- NSSArena *arena = (NSSArena *)NULL;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- CK_BBOOL called_setup = CK_FALSE;
-
- /*
- * We have already verified the arguments in nssCKFWSlot_GetToken.
- */
-
- arena = NSSArena_Create();
- if( (NSSArena *)NULL == arena ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwToken = nss_ZNEW(arena, NSSCKFWToken);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- *pError = CKR_HOST_MEMORY;
- goto loser;
- }
-
- fwToken->arena = arena;
- fwToken->mdToken = mdToken;
- fwToken->fwSlot = fwSlot;
- fwToken->fwInstance = nssCKFWSlot_GetFWInstance(fwSlot);
- fwToken->mdInstance = nssCKFWSlot_GetMDInstance(fwSlot);
- fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
- fwToken->sessionCount = 0;
- fwToken->rwSessionCount = 0;
-
- fwToken->mutex = nssCKFWInstance_CreateMutex(fwToken->fwInstance, arena, pError);
- if( (NSSCKFWMutex *)NULL == fwToken->mutex ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, arena, pError);
- if( (nssCKFWHash *)NULL == fwToken->sessions ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- if( CK_TRUE != nssCKFWInstance_GetModuleHandlesSessionObjects(
- fwToken->fwInstance) ) {
- fwToken->sessionObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
- arena, pError);
- if( (nssCKFWHash *)NULL == fwToken->sessionObjectHash ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
- }
-
- fwToken->mdObjectHash = nssCKFWHash_Create(fwToken->fwInstance,
- arena, pError);
- if( (nssCKFWHash *)NULL == fwToken->mdObjectHash ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto loser;
- }
-
- /* More here */
-
- if( (void *)NULL != (void *)mdToken->Setup ) {
- *pError = mdToken->Setup(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- if( CKR_OK != *pError ) {
- goto loser;
- }
- }
-
- called_setup = CK_TRUE;
-
-#ifdef DEBUG
- *pError = token_add_pointer(fwToken);
- if( CKR_OK != *pError ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- *pError = CKR_OK;
- return fwToken;
-
- loser:
-
- if( CK_TRUE == called_setup ) {
- if( (void *)NULL != (void *)mdToken->Invalidate ) {
- mdToken->Invalidate(mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- }
- }
-
- if( (NSSArena *)NULL != arena ) {
- (void)NSSArena_Destroy(arena);
- }
-
- return (NSSCKFWToken *)NULL;
-}
-
-/*
- * nssCKFWToken_Destroy
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_Destroy
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- (void)nssCKFWMutex_Destroy(fwToken->mutex);
-
- if( (void *)NULL != (void *)fwToken->mdToken->Invalidate ) {
- fwToken->mdToken->Invalidate(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
- }
-
- nssCKFWSlot_ClearToken(fwToken->fwSlot);
-
-#ifdef DEBUG
- error = token_remove_pointer(fwToken);
-#endif /* DEBUG */
-
- (void)NSSArena_Destroy(fwToken->arena);
- return error;
-}
-
-/*
- * nssCKFWToken_GetMDToken
- *
- */
-NSS_IMPLEMENT NSSCKMDToken *
-nssCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDToken *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->mdToken;
-}
-
-/*
- * nssCKFWToken_GetArena
- *
- */
-NSS_IMPLEMENT NSSArena *
-nssCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-)
-{
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSArena *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->arena;
-}
-
-/*
- * nssCKFWToken_GetFWSlot
- *
- */
-NSS_IMPLEMENT NSSCKFWSlot *
-nssCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->fwSlot;
-}
-
-/*
- * nssCKFWToken_GetMDSlot
- *
- */
-NSS_IMPLEMENT NSSCKMDSlot *
-nssCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDSlot *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->mdSlot;
-}
-
-/*
- * nssCKFWToken_GetSessionState
- *
- */
-NSS_IMPLEMENT CK_STATE
-nssCKFWToken_GetSessionState
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CKS_RO_PUBLIC_SESSION; /* whatever */
- }
-#endif /* NSSDEBUG */
-
- /*
- * BTW, do not lock the token in this method.
- */
-
- /*
- * Theoretically, there is no state if there aren't any
- * sessions open. But then we'd need to worry about
- * reporting an error, etc. What the heck-- let's just
- * revert to CKR_RO_PUBLIC_SESSION as the "default."
- */
-
- return fwToken->state;
-}
-
-/*
- * nssCKFWToken_InitToken
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_InitToken
-(
- NSSCKFWToken *fwToken,
- NSSItem *pin,
- NSSUTF8 *label
-)
-{
- CK_RV error;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( fwToken->sessionCount > 0 ) {
- error = CKR_SESSION_EXISTS;
- goto done;
- }
-
- if( (void *)NULL == (void *)fwToken->mdToken->InitToken ) {
- error = CKR_DEVICE_ERROR;
- goto done;
- }
-
- if( (NSSItem *)NULL == pin ) {
- if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
- ; /* okay */
- } else {
- error = CKR_PIN_INCORRECT;
- goto done;
- }
- }
-
- if( (NSSUTF8 *)NULL == label ) {
- label = (NSSUTF8 *) "";
- }
-
- error = fwToken->mdToken->InitToken(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, pin, label);
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetLabel
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetLabel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR label[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == label ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwToken->label ) {
- if( (void *)NULL != (void *)fwToken->mdToken->GetLabel ) {
- fwToken->label = fwToken->mdToken->GetLabel(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwToken->label) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwToken->label = (NSSUTF8 *) "";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->label, (char *)label, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetManufacturerID
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetManufacturerID
-(
- NSSCKFWToken *fwToken,
- CK_CHAR manufacturerID[32]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == manufacturerID ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwToken->manufacturerID ) {
- if( (void *)NULL != (void *)fwToken->mdToken->GetManufacturerID ) {
- fwToken->manufacturerID = fwToken->mdToken->GetManufacturerID(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwToken->manufacturerID) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwToken->manufacturerID = (NSSUTF8 *)"";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->manufacturerID, (char *)manufacturerID, 32, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetModel
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetModel
-(
- NSSCKFWToken *fwToken,
- CK_CHAR model[16]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == model ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwToken->model ) {
- if( (void *)NULL != (void *)fwToken->mdToken->GetModel ) {
- fwToken->model = fwToken->mdToken->GetModel(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwToken->model) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwToken->model = (NSSUTF8 *)"";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->model, (char *)model, 16, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetSerialNumber
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetSerialNumber
-(
- NSSCKFWToken *fwToken,
- CK_CHAR serialNumber[16]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- if( (CK_CHAR_PTR)NULL == serialNumber ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (NSSUTF8 *)NULL == fwToken->serialNumber ) {
- if( (void *)NULL != (void *)fwToken->mdToken->GetSerialNumber ) {
- fwToken->serialNumber = fwToken->mdToken->GetSerialNumber(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance, &error);
- if( ((NSSUTF8 *)NULL == fwToken->serialNumber) && (CKR_OK != error) ) {
- goto done;
- }
- } else {
- fwToken->serialNumber = (NSSUTF8 *)"";
- }
- }
-
- (void)nssUTF8_CopyIntoFixedBuffer(fwToken->serialNumber, (char *)serialNumber, 16, ' ');
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-
-/*
- * nssCKFWToken_GetHasRNG
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasRNG
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetHasRNG ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetHasRNG(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetIsWriteProtected
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetIsWriteProtected
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetIsWriteProtected ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetIsWriteProtected(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetLoginRequired
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetLoginRequired
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetLoginRequired ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetLoginRequired(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetUserPinInitialized
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetUserPinInitialized
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetUserPinInitialized ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetUserPinInitialized(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetRestoreKeyNotNeeded
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetRestoreKeyNotNeeded
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetRestoreKeyNotNeeded ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetRestoreKeyNotNeeded(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetHasClockOnToken
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasClockOnToken
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetHasClockOnToken ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetHasClockOnToken(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetHasProtectedAuthenticationPath
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetHasProtectedAuthenticationPath
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetHasProtectedAuthenticationPath ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetHasProtectedAuthenticationPath(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetSupportsDualCryptoOperations
- *
- */
-NSS_IMPLEMENT CK_BBOOL
-nssCKFWToken_GetSupportsDualCryptoOperations
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetSupportsDualCryptoOperations ) {
- return CK_FALSE;
- }
-
- return fwToken->mdToken->GetSupportsDualCryptoOperations(fwToken->mdToken,
- fwToken, fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMaxSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMaxSessionCount ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetMaxSessionCount(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMaxRwSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxRwSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMaxRwSessionCount ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetMaxRwSessionCount(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMaxPinLen
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMaxPinLen
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMaxPinLen ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetMaxPinLen(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMinPinLen
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMinPinLen
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMinPinLen ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetMinPinLen(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetTotalPublicMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetTotalPublicMemory
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetTotalPublicMemory ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetTotalPublicMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetFreePublicMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetFreePublicMemory
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetFreePublicMemory ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetFreePublicMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetTotalPrivateMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetTotalPrivateMemory
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetTotalPrivateMemory ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetTotalPrivateMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetFreePrivateMemory
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetFreePrivateMemory
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetFreePrivateMemory ) {
- return CK_UNAVAILABLE_INFORMATION;
- }
-
- return fwToken->mdToken->GetFreePrivateMemory(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetHardwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWToken_GetHardwareVersion
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwToken->hardwareVersion.major) ||
- (0 != fwToken->hardwareVersion.minor) ) {
- rv = fwToken->hardwareVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwToken->mdToken->GetHardwareVersion ) {
- fwToken->hardwareVersion = fwToken->mdToken->GetHardwareVersion(
- fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- } else {
- fwToken->hardwareVersion.major = 0;
- fwToken->hardwareVersion.minor = 1;
- }
-
- rv = fwToken->hardwareVersion;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetFirmwareVersion
- *
- */
-NSS_IMPLEMENT CK_VERSION
-nssCKFWToken_GetFirmwareVersion
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_VERSION rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- rv.major = rv.minor = 0;
- return rv;
- }
-
- if( (0 != fwToken->firmwareVersion.major) ||
- (0 != fwToken->firmwareVersion.minor) ) {
- rv = fwToken->firmwareVersion;
- goto done;
- }
-
- if( (void *)NULL != (void *)fwToken->mdToken->GetFirmwareVersion ) {
- fwToken->firmwareVersion = fwToken->mdToken->GetFirmwareVersion(
- fwToken->mdToken, fwToken, fwToken->mdInstance, fwToken->fwInstance);
- } else {
- fwToken->firmwareVersion.major = 0;
- fwToken->firmwareVersion.minor = 1;
- }
-
- rv = fwToken->firmwareVersion;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetUTCTime
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetUTCTime
-(
- NSSCKFWToken *fwToken,
- CK_CHAR utcTime[16]
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( (CK_CHAR_PTR)NULL == utcTime ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* DEBUG */
-
- if( CK_TRUE != nssCKFWToken_GetHasClockOnToken(fwToken) ) {
- /* return CKR_DEVICE_ERROR; */
- (void)nssUTF8_CopyIntoFixedBuffer((NSSUTF8 *)NULL, (char *)utcTime, 16, ' ');
- return CKR_OK;
- }
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetUTCTime ) {
- /* It said it had one! */
- return CKR_GENERAL_ERROR;
- }
-
- error = fwToken->mdToken->GetUTCTime(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, utcTime);
- if( CKR_OK != error ) {
- return error;
- }
-
- /* Sanity-check the data */
- {
- /* Format is YYYYMMDDhhmmss00 */
- int i;
- int Y, M, D, h, m, s, z;
- static int dims[] = { 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 };
-
- for( i = 0; i < 16; i++ ) {
- if( (utcTime[i] < '0') || (utcTime[i] > '9') ) {
- goto badtime;
- }
- }
-
- Y = ((utcTime[ 0] - '0') * 1000) + ((utcTime[1] - '0') * 100) +
- ((utcTime[ 2] - '0') * 10) + (utcTime[ 3] - '0');
- M = ((utcTime[ 4] - '0') * 10) + (utcTime[ 5] - '0');
- D = ((utcTime[ 6] - '0') * 10) + (utcTime[ 7] - '0');
- h = ((utcTime[ 8] - '0') * 10) + (utcTime[ 9] - '0');
- m = ((utcTime[10] - '0') * 10) + (utcTime[11] - '0');
- s = ((utcTime[12] - '0') * 10) + (utcTime[13] - '0');
- z = ((utcTime[14] - '0') * 10) + (utcTime[15] - '0');
-
- if( (Y < 1990) || (Y > 3000) ) goto badtime; /* Y3K problem. heh heh heh */
- if( (M < 1) || (M > 12) ) goto badtime;
- if( (D < 1) || (D > 31) ) goto badtime;
-
- if( D > dims[M-1] ) goto badtime; /* per-month check */
- if( (2 == M) && (((Y%4)||!(Y%100))&&(Y%400)) && (D > 28) ) goto badtime; /* leap years */
-
- if( (h < 0) || (h > 23) ) goto badtime;
- if( (m < 0) || (m > 60) ) goto badtime;
- if( (s < 0) || (s > 61) ) goto badtime;
-
- /* 60m and 60 or 61s is only allowed for leap seconds. */
- if( (60 == m) || (s >= 60) ) {
- if( (23 != h) || (60 != m) || (s < 60) ) goto badtime;
- /* leap seconds can only happen on June 30 or Dec 31.. I think */
- /* if( ((6 != M) || (30 != D)) && ((12 != M) || (31 != D)) ) goto badtime; */
- }
- }
-
- return CKR_OK;
-
- badtime:
- return CKR_GENERAL_ERROR;
-}
-
-/*
- * nssCKFWToken_OpenSession
- *
- */
-NSS_IMPLEMENT NSSCKFWSession *
-nssCKFWToken_OpenSession
-(
- NSSCKFWToken *fwToken,
- CK_BBOOL rw,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_RV *pError
-)
-{
- NSSCKFWSession *fwSession = (NSSCKFWSession *)NULL;
- NSSCKMDSession *mdSession;
-
-#ifdef NSSDEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSCKFWSession *)NULL;
- }
-
- *pError = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSession *)NULL;
- }
-
- switch( rw ) {
- case CK_TRUE:
- case CK_FALSE:
- break;
- default:
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSCKFWSession *)NULL;
- }
-#endif /* NSSDEBUG */
-
- *pError = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != *pError ) {
- return (NSSCKFWSession *)NULL;
- }
-
- if( CK_TRUE == rw ) {
- /* Read-write session desired */
- if( CK_TRUE == nssCKFWToken_GetIsWriteProtected(fwToken) ) {
- *pError = CKR_TOKEN_WRITE_PROTECTED;
- goto done;
- }
- } else {
- /* Read-only session desired */
- if( CKS_RW_SO_FUNCTIONS == nssCKFWToken_GetSessionState(fwToken) ) {
- *pError = CKR_SESSION_READ_WRITE_SO_EXISTS;
- goto done;
- }
- }
-
- /* We could compare sesion counts to any limits we know of, I guess.. */
-
- if( (void *)NULL == (void *)fwToken->mdToken->OpenSession ) {
- /*
- * I'm not sure that the Module actually needs to implement
- * mdSessions -- the Framework can keep track of everything
- * needed, really. But I'll sort out that detail later..
- */
- *pError = CKR_GENERAL_ERROR;
- goto done;
- }
-
- fwSession = nssCKFWSession_Create(fwToken, rw, pApplication, Notify, pError);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto done;
- }
-
- mdSession = fwToken->mdToken->OpenSession(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, fwSession,
- rw, pError);
- if( (NSSCKMDSession *)NULL == mdSession ) {
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- if( CKR_OK == *pError ) {
- *pError = CKR_GENERAL_ERROR;
- }
- goto done;
- }
-
- *pError = nssCKFWSession_SetMDSession(fwSession, mdSession);
- if( CKR_OK != *pError ) {
- if( (void *)NULL != (void *)mdSession->Close ) {
- mdSession->Close(mdSession, fwSession, fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
- }
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- goto done;
- }
-
- *pError = nssCKFWHash_Add(fwToken->sessions, fwSession, fwSession);
- if( CKR_OK != *pError ) {
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- fwSession = (NSSCKFWSession *)NULL;
- goto done;
- }
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return fwSession;
-}
-
-/*
- * nssCKFWToken_GetMechanismCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetMechanismCount
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return 0;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMechanismCount ) {
- return 0;
- }
-
- return fwToken->mdToken->GetMechanismCount(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance);
-}
-
-/*
- * nssCKFWToken_GetMechanismTypes
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_GetMechanismTypes
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE types[]
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CKR_ARGUMENTS_BAD;
- }
-
- if( (CK_MECHANISM_TYPE *)NULL == types ) {
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- if( (void *)NULL == (void *)fwToken->mdToken->GetMechanismTypes ) {
- /*
- * This should only be called with a sufficiently-large
- * "types" array, which can only be done if GetMechanismCount
- * is implemented. If that's implemented (and returns nonzero),
- * then this should be too. So return an error.
- */
- return CKR_GENERAL_ERROR;
- }
-
- return fwToken->mdToken->GetMechanismTypes(fwToken->mdToken, fwToken,
- fwToken->mdInstance, fwToken->fwInstance, types);
-}
-
-
-/*
- * nssCKFWToken_GetMechanism
- *
- */
-NSS_IMPLEMENT NSSCKFWMechanism *
-nssCKFWToken_GetMechanism
-(
- NSSCKFWToken *fwToken,
- CK_MECHANISM_TYPE which,
- CK_RV *pError
-)
-{
- /* XXX fgmr */
- return (NSSCKFWMechanism *)NULL;
-}
-
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_SetSessionState
-(
- NSSCKFWToken *fwToken,
- CK_STATE newState
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-
- switch( newState ) {
- case CKS_RO_PUBLIC_SESSION:
- case CKS_RO_USER_FUNCTIONS:
- case CKS_RW_PUBLIC_SESSION:
- case CKS_RW_USER_FUNCTIONS:
- case CKS_RW_SO_FUNCTIONS:
- break;
- default:
- return CKR_ARGUMENTS_BAD;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- fwToken->state = newState;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return CKR_OK;
-}
-
-/*
- * nssCKFWToken_RemoveSession
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_RemoveSession
-(
- NSSCKFWToken *fwToken,
- NSSCKFWSession *fwSession
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-
- error = nssCKFWSession_verifyPointer(fwSession);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- if( CK_TRUE != nssCKFWHash_Exists(fwToken->sessions, fwSession) ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto done;
- }
-
- nssCKFWHash_Remove(fwToken->sessions, fwSession);
- fwToken->sessionCount--;
-
- if( nssCKFWSession_IsRWSession(fwSession) ) {
- fwToken->rwSessionCount--;
- }
-
- if( 0 == fwToken->sessionCount ) {
- fwToken->rwSessionCount = 0; /* sanity */
- fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
- }
-
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-static void
-nss_ckfwtoken_session_iterator
-(
- const void *key,
- void *value,
- void *closure
-)
-{
- /*
- * Remember that the fwToken->mutex is locked
- */
- NSSCKFWSession *fwSession = (NSSCKFWSession *)value;
- (void)nssCKFWSession_Destroy(fwSession, CK_FALSE);
- return;
-}
-
-/*
- * nssCKFWToken_CloseAllSessions
- *
- */
-NSS_IMPLEMENT CK_RV
-nssCKFWToken_CloseAllSessions
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_RV error = CKR_OK;
-
-#ifdef NSSDEBUG
- error = nssCKFWToken_verifyPointer(fwToken);
- if( CKR_OK != error ) {
- return error;
- }
-#endif /* NSSDEBUG */
-
- error = nssCKFWMutex_Lock(fwToken->mutex);
- if( CKR_OK != error ) {
- return error;
- }
-
- nssCKFWHash_Iterate(fwToken->sessions, nss_ckfwtoken_session_iterator, (void *)NULL);
-
- nssCKFWHash_Destroy(fwToken->sessions);
-
- fwToken->sessions = nssCKFWHash_Create(fwToken->fwInstance, fwToken->arena, &error);
- if( (nssCKFWHash *)NULL == fwToken->sessions ) {
- if( CKR_OK == error ) {
- error = CKR_GENERAL_ERROR;
- }
- goto done;
- }
-
- fwToken->state = CKS_RO_PUBLIC_SESSION; /* some default */
- fwToken->sessionCount = 0;
- fwToken->rwSessionCount = 0;
-
- error = CKR_OK;
-
- done:
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return error;
-}
-
-/*
- * nssCKFWToken_GetSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- return (CK_ULONG)0;
- }
-
- rv = fwToken->sessionCount;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetRwSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetRwSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- return (CK_ULONG)0;
- }
-
- rv = fwToken->rwSessionCount;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetRoSessionCount
- *
- */
-NSS_IMPLEMENT CK_ULONG
-nssCKFWToken_GetRoSessionCount
-(
- NSSCKFWToken *fwToken
-)
-{
- CK_ULONG rv;
-
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (CK_ULONG)0;
- }
-#endif /* NSSDEBUG */
-
- if( CKR_OK != nssCKFWMutex_Lock(fwToken->mutex) ) {
- return (CK_ULONG)0;
- }
-
- rv = fwToken->sessionCount - fwToken->rwSessionCount;
- (void)nssCKFWMutex_Unlock(fwToken->mutex);
- return rv;
-}
-
-/*
- * nssCKFWToken_GetSessionObjectHash
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetSessionObjectHash
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (nssCKFWHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->sessionObjectHash;
-}
-
-/*
- * nssCKFWToken_GetMDObjectHash
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetMDObjectHash
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (nssCKFWHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->mdObjectHash;
-}
-
-/*
- * nssCKFWToken_GetObjectHandleHash
- *
- */
-NSS_IMPLEMENT nssCKFWHash *
-nssCKFWToken_GetObjectHandleHash
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef NSSDEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (nssCKFWHash *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return fwToken->mdObjectHash;
-}
-
-/*
- * NSSCKFWToken_GetMDToken
- *
- */
-
-NSS_IMPLEMENT NSSCKMDToken *
-NSSCKFWToken_GetMDToken
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDToken *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetMDToken(fwToken);
-}
-
-/*
- * NSSCKFWToken_GetArena
- *
- */
-
-NSS_IMPLEMENT NSSArena *
-NSSCKFWToken_GetArena
-(
- NSSCKFWToken *fwToken,
- CK_RV *pError
-)
-{
-#ifdef DEBUG
- if( (CK_RV *)NULL == pError ) {
- return (NSSArena *)NULL;
- }
-
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- *pError = CKR_ARGUMENTS_BAD;
- return (NSSArena *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetArena(fwToken, pError);
-}
-
-/*
- * NSSCKFWToken_GetFWSlot
- *
- */
-
-NSS_IMPLEMENT NSSCKFWSlot *
-NSSCKFWToken_GetFWSlot
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKFWSlot *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetFWSlot(fwToken);
-}
-
-/*
- * NSSCKFWToken_GetMDSlot
- *
- */
-
-NSS_IMPLEMENT NSSCKMDSlot *
-NSSCKFWToken_GetMDSlot
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return (NSSCKMDSlot *)NULL;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetMDSlot(fwToken);
-}
-
-/*
- * NSSCKFWToken_GetSessionState
- *
- */
-
-NSS_IMPLEMENT CK_STATE
-NSSCKFWSession_GetSessionState
-(
- NSSCKFWToken *fwToken
-)
-{
-#ifdef DEBUG
- if( CKR_OK != nssCKFWToken_verifyPointer(fwToken) ) {
- return CKS_RO_PUBLIC_SESSION;
- }
-#endif /* DEBUG */
-
- return nssCKFWToken_GetSessionState(fwToken);
-}
diff --git a/security/nss/lib/ckfw/wrap.c b/security/nss/lib/ckfw/wrap.c
deleted file mode 100644
index beb98e14d..000000000
--- a/security/nss/lib/ckfw/wrap.c
+++ /dev/null
@@ -1,3418 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * wrap.c
- *
- * This file contains the routines that actually implement the cryptoki
- * API, using the internal APIs of the NSS Cryptoki Framework. There is
- * one routine here for every cryptoki routine. For linking reasons
- * the actual entry points passed back with C_GetFunctionList have to
- * exist in one of the Module's source files; however, those are merely
- * simple wrappers that call these routines. The intelligence of the
- * implementations is here.
- */
-
-#ifndef CK_T
-#include "ck.h"
-#endif /* CK_T */
-
-/*
- * NSSCKFWC_Initialize
- * NSSCKFWC_Finalize
- * NSSCKFWC_GetInfo
- * -- NSSCKFWC_GetFunctionList -- see the API insert file
- * NSSCKFWC_GetSlotList
- * NSSCKFWC_GetSlotInfo
- * NSSCKFWC_GetTokenInfo
- * NSSCKFWC_WaitForSlotEvent
- * NSSCKFWC_GetMechanismList
- * NSSCKFWC_GetMechanismInfo
- * NSSCKFWC_InitToken
- * NSSCKFWC_InitPIN
- * NSSCKFWC_SetPIN
- * NSSCKFWC_OpenSession
- * NSSCKFWC_CloseSession
- * NSSCKFWC_CloseAllSessions
- * NSSCKFWC_GetSessionInfo
- * NSSCKFWC_GetOperationState
- * NSSCKFWC_SetOperationState
- * NSSCKFWC_Login
- * NSSCKFWC_Logout
- * NSSCKFWC_CreateObject
- * NSSCKFWC_CopyObject
- * NSSCKFWC_DestroyObject
- * NSSCKFWC_GetObjectSize
- * NSSCKFWC_GetAttributeValue
- * NSSCKFWC_SetAttributeValue
- * NSSCKFWC_FindObjectsInit
- * NSSCKFWC_FindObjects
- * NSSCKFWC_FindObjectsFinal
- * NSSCKFWC_EncryptInit
- * NSSCKFWC_Encrypt
- * NSSCKFWC_EncryptUpdate
- * NSSCKFWC_EncryptFinal
- * NSSCKFWC_DecryptInit
- * NSSCKFWC_Decrypt
- * NSSCKFWC_DecryptUpdate
- * NSSCKFWC_DecryptFinal
- * NSSCKFWC_DigestInit
- * NSSCKFWC_Digest
- * NSSCKFWC_DigestUpdate
- * NSSCKFWC_DigestKey
- * NSSCKFWC_DigestFinal
- * NSSCKFWC_SignInit
- * NSSCKFWC_Sign
- * NSSCKFWC_SignUpdate
- * NSSCKFWC_SignFinal
- * NSSCKFWC_SignRecoverInit
- * NSSCKFWC_SignRecover
- * NSSCKFWC_VerifyInit
- * NSSCKFWC_Verify
- * NSSCKFWC_VerifyUpdate
- * NSSCKFWC_VerifyFinal
- * NSSCKFWC_VerifyRecoverInit
- * NSSCKFWC_VerifyRecover
- * NSSCKFWC_DigestEncryptUpdate
- * NSSCKFWC_DecryptDigestUpdate
- * NSSCKFWC_SignEncryptUpdate
- * NSSCKFWC_DecryptVerifyUpdate
- * NSSCKFWC_GenerateKey
- * NSSCKFWC_GenerateKeyPair
- * NSSCKFWC_WrapKey
- * NSSCKFWC_UnwrapKey
- * NSSCKFWC_DeriveKey
- * NSSCKFWC_SeedRandom
- * NSSCKFWC_GenerateRandom
- * NSSCKFWC_GetFunctionStatus
- * NSSCKFWC_CancelFunction
- */
-
-/*
- * NSSCKFWC_Initialize
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Initialize
-(
- NSSCKFWInstance **pFwInstance,
- NSSCKMDInstance *mdInstance,
- CK_VOID_PTR pInitArgs
-)
-{
- CK_RV error = CKR_OK;
-
- if( (NSSCKFWInstance **)NULL == pFwInstance ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- if( (NSSCKFWInstance *)NULL != *pFwInstance ) {
- error = CKR_CRYPTOKI_ALREADY_INITIALIZED;
- goto loser;
- }
-
- if( (NSSCKMDInstance *)NULL == mdInstance ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- /* remember the locking args for those times we need to get a lock in code
- * outside the framework.
- */
- nssSetLockArgs(pInitArgs);
-
- *pFwInstance = nssCKFWInstance_Create(pInitArgs, mdInstance, &error);
- if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_ARGUMENTS_BAD:
- case CKR_CANT_LOCK:
- case CKR_CRYPTOKI_ALREADY_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_NEED_TO_CREATE_THREADS:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_Finalize
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Finalize
-(
- NSSCKFWInstance **pFwInstance
-)
-{
- CK_RV error = CKR_OK;
-
- if( (NSSCKFWInstance **)NULL == pFwInstance ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- if( (NSSCKFWInstance *)NULL == *pFwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- error = nssCKFWInstance_Destroy(*pFwInstance);
-
- /* In any case */
- *pFwInstance = (NSSCKFWInstance *)NULL;
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OK:
- break;
- default:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
-
- if( (CK_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here means a caller error
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_INFO));
-
- pInfo->cryptokiVersion = nssCKFWInstance_GetCryptokiVersion(fwInstance);
-
- error = nssCKFWInstance_GetManufacturerID(fwInstance, pInfo->manufacturerID);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- pInfo->flags = nssCKFWInstance_GetFlags(fwInstance);
-
- error = nssCKFWInstance_GetLibraryDescription(fwInstance, pInfo->libraryDescription);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- pInfo->libraryVersion = nssCKFWInstance_GetLibraryVersion(fwInstance);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- break;
- default:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * C_GetFunctionList is implemented entirely in the Module's file which
- * includes the Framework API insert file. It requires no "actual"
- * NSSCKFW routine.
- */
-
-/*
- * NSSCKFWC_GetSlotList
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSlotList
-(
- NSSCKFWInstance *fwInstance,
- CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- switch( tokenPresent ) {
- case CK_TRUE:
- case CK_FALSE:
- break;
- default:
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlotList ) {
- *pulCount = nSlots;
- return CKR_OK;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pSlotList, 0, *pulCount * sizeof(CK_SLOT_ID));
-
- if( *pulCount < nSlots ) {
- *pulCount = nSlots;
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- } else {
- CK_ULONG i;
- *pulCount = nSlots;
-
- /*
- * Our secret "mapping": CK_SLOT_IDs are integers [1,N], and we
- * just index one when we need it.
- */
-
- for( i = 0; i < nSlots; i++ ) {
- pSlotList[i] = i+1;
- }
-
- return CKR_OK;
- }
-
- loser:
- switch( error ) {
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetSlotInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSlotInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( (CK_SLOT_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_SLOT_INFO));
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- error = nssCKFWSlot_GetSlotDescription(fwSlot, pInfo->slotDescription);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWSlot_GetManufacturerID(fwSlot, pInfo->manufacturerID);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- if( nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- pInfo->flags |= CKF_TOKEN_PRESENT;
- }
-
- if( nssCKFWSlot_GetRemovableDevice(fwSlot) ) {
- pInfo->flags |= CKF_REMOVABLE_DEVICE;
- }
-
- if( nssCKFWSlot_GetHardwareSlot(fwSlot) ) {
- pInfo->flags |= CKF_HW_SLOT;
- }
-
- pInfo->hardwareVersion = nssCKFWSlot_GetHardwareVersion(fwSlot);
- pInfo->firmwareVersion = nssCKFWSlot_GetFirmwareVersion(fwSlot);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetTokenInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetTokenInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( (CK_TOKEN_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_TOKEN_INFO));
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetLabel(fwToken, pInfo->label);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetManufacturerID(fwToken, pInfo->manufacturerID);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetModel(fwToken, pInfo->model);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- error = nssCKFWToken_GetSerialNumber(fwToken, pInfo->serialNumber);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- if( nssCKFWToken_GetHasRNG(fwToken) ) {
- pInfo->flags |= CKF_RNG;
- }
-
- if( nssCKFWToken_GetIsWriteProtected(fwToken) ) {
- pInfo->flags |= CKF_WRITE_PROTECTED;
- }
-
- if( nssCKFWToken_GetLoginRequired(fwToken) ) {
- pInfo->flags |= CKF_LOGIN_REQUIRED;
- }
-
- if( nssCKFWToken_GetUserPinInitialized(fwToken) ) {
- pInfo->flags |= CKF_USER_PIN_INITIALIZED;
- }
-
- if( nssCKFWToken_GetRestoreKeyNotNeeded(fwToken) ) {
- pInfo->flags |= CKF_RESTORE_KEY_NOT_NEEDED;
- }
-
- if( nssCKFWToken_GetHasClockOnToken(fwToken) ) {
- pInfo->flags |= CKF_CLOCK_ON_TOKEN;
- }
-
- if( nssCKFWToken_GetHasProtectedAuthenticationPath(fwToken) ) {
- pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
- }
-
- if( nssCKFWToken_GetSupportsDualCryptoOperations(fwToken) ) {
- pInfo->flags |= CKF_DUAL_CRYPTO_OPERATIONS;
- }
-
- pInfo->ulMaxSessionCount = nssCKFWToken_GetMaxSessionCount(fwToken);
- pInfo->ulSessionCount = nssCKFWToken_GetSessionCount(fwToken);
- pInfo->ulMaxRwSessionCount = nssCKFWToken_GetMaxRwSessionCount(fwToken);
- pInfo->ulRwSessionCount= nssCKFWToken_GetRwSessionCount(fwToken);
- pInfo->ulMaxPinLen = nssCKFWToken_GetMaxPinLen(fwToken);
- pInfo->ulMinPinLen = nssCKFWToken_GetMinPinLen(fwToken);
- pInfo->ulTotalPublicMemory = nssCKFWToken_GetTotalPublicMemory(fwToken);
- pInfo->ulFreePublicMemory = nssCKFWToken_GetFreePublicMemory(fwToken);
- pInfo->ulTotalPrivateMemory = nssCKFWToken_GetTotalPrivateMemory(fwToken);
- pInfo->ulFreePrivateMemory = nssCKFWToken_GetFreePrivateMemory(fwToken);
- pInfo->hardwareVersion = nssCKFWToken_GetHardwareVersion(fwToken);
- pInfo->firmwareVersion = nssCKFWToken_GetFirmwareVersion(fwToken);
-
- error = nssCKFWToken_GetUTCTime(fwToken, pInfo->utcTime);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- (void)nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_WaitForSlotEvent
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_WaitForSlotEvent
-(
- NSSCKFWInstance *fwInstance,
- CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- CK_BBOOL block;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- CK_ULONG i;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- if( flags & ~CKF_DONT_BLOCK ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- block = (flags & CKF_DONT_BLOCK) ? CK_TRUE : CK_FALSE;
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (CK_SLOT_ID_PTR)CK_NULL_PTR == pSlot ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- if( (CK_VOID_PTR)CK_NULL_PTR != pReserved ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = nssCKFWInstance_WaitForSlotEvent(fwInstance, block, &error);
- if( (NSSCKFWSlot *)NULL == fwSlot ) {
- goto loser;
- }
-
- for( i = 0; i < nSlots; i++ ) {
- if( fwSlot == slots[i] ) {
- *pSlot = (CK_SLOT_ID)(CK_ULONG)(i+1);
- return CKR_OK;
- }
- }
-
- error = CKR_GENERAL_ERROR; /* returned something not in the slot list */
-
- loser:
- switch( error ) {
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_NO_EVENT:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetMechanismList
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetMechanismList
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- CK_ULONG count;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulCount ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- count = nssCKFWToken_GetMechanismCount(fwToken);
-
- if( (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR == pMechanismList ) {
- *pulCount = count;
- return CKR_OK;
- }
-
- if( *pulCount < count ) {
- *pulCount = count;
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pMechanismList, 0, *pulCount * sizeof(CK_MECHANISM_TYPE));
-
- *pulCount = count;
-
- if( 0 != count ) {
- error = nssCKFWToken_GetMechanismTypes(fwToken, pMechanismList);
- } else {
- error = CKR_OK;
- }
-
- if( CKR_OK == error ) {
- return CKR_OK;
- }
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- (void)nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetMechanismInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetMechanismInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- NSSCKFWMechanism *fwMechanism;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- if( (CK_MECHANISM_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_MECHANISM_INFO));
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- fwMechanism = nssCKFWToken_GetMechanism(fwToken, type, &error);
- if( (NSSCKFWMechanism *)NULL == fwMechanism ) {
- goto loser;
- }
-
- pInfo->ulMinKeySize = nssCKFWMechanism_GetMinKeySize(fwMechanism);
- pInfo->ulMaxKeySize = nssCKFWMechanism_GetMaxKeySize(fwMechanism);
-
- if( nssCKFWMechanism_GetInHardware(fwMechanism) ) {
- pInfo->flags |= CKF_HW;
- }
-
- /* More here... */
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- (void)nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_MECHANISM_INVALID:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_InitToken
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_InitToken
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- NSSItem pin;
- NSSUTF8 *label;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- pin.size = (PRUint32)ulPinLen;
- pin.data = (void *)pPin;
- label = (NSSUTF8 *)pLabel; /* identity conversion */
-
- error = nssCKFWToken_InitToken(fwToken, &pin, label);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- case CKR_TOKEN_NOT_PRESENT:
- (void)nssCKFWToken_Destroy(fwToken);
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_INCORRECT:
- case CKR_PIN_LOCKED:
- case CKR_SESSION_EXISTS:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_RECOGNIZED:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_InitPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_InitPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem pin, *arg;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
- arg = (NSSItem *)NULL;
- } else {
- arg = &pin;
- pin.size = (PRUint32)ulPinLen;
- pin.data = (void *)pPin;
- }
-
- error = nssCKFWSession_InitPIN(fwSession, arg);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_INVALID:
- case CKR_PIN_LEN_RANGE:
- case CKR_SESSION_READ_ONLY:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_SetPIN
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetPIN
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem oldPin, newPin, *oldArg, *newArg;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pOldPin ) {
- oldArg = (NSSItem *)NULL;
- } else {
- oldArg = &oldPin;
- oldPin.size = (PRUint32)ulOldLen;
- oldPin.data = (void *)pOldPin;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pNewPin ) {
- newArg = (NSSItem *)NULL;
- } else {
- newArg = &newPin;
- newPin.size = (PRUint32)ulNewLen;
- newPin.data = (void *)pNewPin;
- }
-
- error = nssCKFWSession_SetPIN(fwSession, oldArg, newArg);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_INCORRECT:
- case CKR_PIN_INVALID:
- case CKR_PIN_LEN_RANGE:
- case CKR_PIN_LOCKED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_OpenSession
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_OpenSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
- NSSCKFWSession *fwSession;
- CK_BBOOL rw;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- if( flags & CKF_RW_SESSION ) {
- rw = CK_TRUE;
- } else {
- rw = CK_FALSE;
- }
-
- if( flags & CKF_SERIAL_SESSION ) {
- ;
- } else {
- error = CKR_SESSION_PARALLEL_NOT_SUPPORTED;
- goto loser;
- }
-
- if( flags & ~(CKF_RW_SESSION|CKF_SERIAL_SESSION) ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- if( (CK_SESSION_HANDLE_PTR)CK_NULL_PTR == phSession ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *phSession = (CK_SESSION_HANDLE)0;
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- fwSession = nssCKFWToken_OpenSession(fwToken, rw, pApplication,
- Notify, &error);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- goto loser;
- }
-
- *phSession = nssCKFWInstance_CreateSessionHandle(fwInstance,
- fwSession, &error);
- if( (CK_SESSION_HANDLE)0 == *phSession ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_COUNT:
- case CKR_SESSION_EXISTS:
- case CKR_SESSION_PARALLEL_NOT_SUPPORTED:
- case CKR_SESSION_READ_WRITE_SO_EXISTS:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_PRESENT:
- case CKR_TOKEN_NOT_RECOGNIZED:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_CloseSession
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CloseSession
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- nssCKFWInstance_DestroySessionHandle(fwInstance, hSession);
- error = nssCKFWSession_Destroy(fwSession, CK_TRUE);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_CloseAllSessions
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CloseAllSessions
-(
- NSSCKFWInstance *fwInstance,
- CK_SLOT_ID slotID
-)
-{
- CK_RV error = CKR_OK;
- CK_ULONG nSlots;
- NSSCKFWSlot **slots;
- NSSCKFWSlot *fwSlot;
- NSSCKFWToken *fwToken = (NSSCKFWToken *)NULL;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- nSlots = nssCKFWInstance_GetNSlots(fwInstance, &error);
- if( (CK_ULONG)0 == nSlots ) {
- goto loser;
- }
-
- if( (slotID < 1) || (slotID > nSlots) ) {
- error = CKR_SLOT_ID_INVALID;
- goto loser;
- }
-
- slots = nssCKFWInstance_GetSlots(fwInstance, &error);
- if( (NSSCKFWSlot **)NULL == slots ) {
- goto loser;
- }
-
- fwSlot = slots[ slotID-1 ];
-
- if( CK_TRUE != nssCKFWSlot_GetTokenPresent(fwSlot) ) {
- error = CKR_TOKEN_NOT_PRESENT;
- goto loser;
- }
-
- fwToken = nssCKFWSlot_GetToken(fwSlot, &error);
- if( (NSSCKFWToken *)NULL == fwToken ) {
- goto loser;
- }
-
- error = nssCKFWToken_CloseAllSessions(fwToken);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SLOT_ID_INVALID:
- case CKR_TOKEN_NOT_PRESENT:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetSessionInfo
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetSessionInfo
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWSlot *fwSlot;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_SESSION_INFO_PTR)CK_NULL_PTR == pInfo ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pInfo, 0, sizeof(CK_SESSION_INFO));
-
- fwSlot = nssCKFWSession_GetFWSlot(fwSession);
- if( (NSSCKFWSlot *)NULL == fwSlot ) {
- error = CKR_GENERAL_ERROR;
- goto loser;
- }
-
- pInfo->slotID = nssCKFWSlot_GetSlotID(fwSlot);
- pInfo->state = nssCKFWSession_GetSessionState(fwSession);
-
- if( CK_TRUE == nssCKFWSession_IsRWSession(fwSession) ) {
- pInfo->flags |= CKF_RW_SESSION;
- }
-
- pInfo->flags |= CKF_SERIAL_SESSION; /* Always true */
-
- pInfo->ulDeviceError = nssCKFWSession_GetDeviceError(fwSession);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- CK_ULONG len;
- NSSItem buf;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulOperationStateLen ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- len = nssCKFWSession_GetOperationStateLen(fwSession, &error);
- if( ((CK_ULONG)0 == len) && (CKR_OK != error) ) {
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
- *pulOperationStateLen = len;
- return CKR_OK;
- }
-
- if( *pulOperationStateLen < len ) {
- *pulOperationStateLen = len;
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
-
- buf.size = (PRUint32)*pulOperationStateLen;
- buf.data = (void *)pOperationState;
- *pulOperationStateLen = len;
- error = nssCKFWSession_GetOperationState(fwSession, &buf);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_STATE_UNSAVEABLE:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_SetOperationState
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetOperationState
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *eKey;
- NSSCKFWObject *aKey;
- NSSItem state;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pOperationState ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * We could loop through the buffer, to catch any purify errors
- * in a place with a "user error" note.
- */
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE)0 == hEncryptionKey ) {
- eKey = (NSSCKFWObject *)NULL;
- } else {
- eKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hEncryptionKey);
- if( (NSSCKFWObject *)NULL == eKey ) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
- }
-
- if( (CK_OBJECT_HANDLE)0 == hAuthenticationKey ) {
- aKey = (NSSCKFWObject *)NULL;
- } else {
- aKey = nssCKFWInstance_ResolveObjectHandle(fwInstance, hAuthenticationKey);
- if( (NSSCKFWObject *)NULL == aKey ) {
- error = CKR_KEY_HANDLE_INVALID;
- goto loser;
- }
- }
-
- error = nssCKFWSession_SetOperationState(fwSession, &state, eKey, aKey);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_KEY_CHANGED:
- case CKR_KEY_NEEDED:
- case CKR_KEY_NOT_NEEDED:
- case CKR_SAVED_STATE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_Login
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Login
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem pin, *arg;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_CHAR_PTR)CK_NULL_PTR == pPin ) {
- arg = (NSSItem *)NULL;
- } else {
- arg = &pin;
- pin.size = (PRUint32)ulPinLen;
- pin.data = (void *)pPin;
- }
-
- error = nssCKFWSession_Login(fwSession, userType, arg);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_PIN_EXPIRED:
- case CKR_PIN_INCORRECT:
- case CKR_PIN_LOCKED:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY_EXISTS:
- case CKR_USER_ALREADY_LOGGED_IN:
- case CKR_USER_ANOTHER_ALREADY_LOGGED_IN:
- case CKR_USER_PIN_NOT_INITIALIZED:
- case CKR_USER_TOO_MANY_TYPES:
- case CKR_USER_TYPE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_Logout
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Logout
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- error = nssCKFWSession_Logout(fwSession);
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_CreateObject
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CreateObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *phObject = (CK_OBJECT_HANDLE)0;
-
- fwObject = nssCKFWSession_CreateObject(fwSession, pTemplate,
- ulCount, &error);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- goto loser;
- }
-
- *phObject = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
- if( (CK_OBJECT_HANDLE)0 == *phObject ) {
- nssCKFWObject_Destroy(fwObject);
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCOMPLETE:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_CopyObject
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CopyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWObject *fwNewObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phNewObject ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *phNewObject = (CK_OBJECT_HANDLE)0;
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- fwNewObject = nssCKFWSession_CopyObject(fwSession, fwObject,
- pTemplate, ulCount, &error);
- if( (NSSCKFWObject *)NULL == fwNewObject ) {
- goto loser;
- }
-
- *phNewObject = nssCKFWInstance_CreateObjectHandle(fwInstance,
- fwNewObject, &error);
- if( (CK_OBJECT_HANDLE)0 == *phNewObject ) {
- nssCKFWObject_Destroy(fwNewObject);
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_DestroyObject
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DestroyObject
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- nssCKFWObject_Destroy(fwObject);
- nssCKFWInstance_DestroyObjectHandle(fwInstance, hObject);
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetObjectSize
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetObjectSize
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ULONG_PTR)CK_NULL_PTR == pulSize ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- *pulSize = (CK_ULONG)0;
-
- *pulSize = nssCKFWObject_GetObjectSize(fwObject, &error);
- if( ((CK_ULONG)0 == *pulSize) && (CKR_OK != error) ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_INFORMATION_SENSITIVE:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetAttributeValue
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- CK_BBOOL sensitive = CK_FALSE;
- CK_BBOOL invalid = CK_FALSE;
- CK_BBOOL tooSmall = CK_FALSE;
- CK_ULONG i;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- for( i = 0; i < ulCount; i++ ) {
- CK_ULONG size = nssCKFWObject_GetAttributeSize(fwObject,
- pTemplate[i].type, &error);
- if( (CK_ULONG)0 == size ) {
- switch( error ) {
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_INFORMATION_SENSITIVE:
- sensitive = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- invalid = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- case CKR_OK:
- break;
- default:
- goto loser;
- }
- }
-
- if( (CK_VOID_PTR)CK_NULL_PTR == pTemplate[i].pValue ) {
- pTemplate[i].ulValueLen = size;
- } else {
- NSSItem it, *p;
-
- if( pTemplate[i].ulValueLen < size ) {
- tooSmall = CK_TRUE;
- continue;
- }
-
- it.size = (PRUint32)pTemplate[i].ulValueLen;
- it.data = (void *)pTemplate[i].pValue;
- p = nssCKFWObject_GetAttribute(fwObject, pTemplate[i].type, &it,
- (NSSArena *)NULL, &error);
- if( (NSSItem *)NULL == p ) {
- switch( error ) {
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_INFORMATION_SENSITIVE:
- sensitive = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- invalid = CK_TRUE;
- pTemplate[i].ulValueLen = (CK_ULONG)(-1);
- continue;
- default:
- goto loser;
- }
- }
-
- pTemplate[i].ulValueLen = size;
- }
- }
-
- if( sensitive ) {
- error = CKR_ATTRIBUTE_SENSITIVE;
- goto loser;
- } else if( invalid ) {
- error = CKR_ATTRIBUTE_TYPE_INVALID;
- goto loser;
- } else if( tooSmall ) {
- error = CKR_BUFFER_TOO_SMALL;
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_SetAttributeValue
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SetAttributeValue
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWObject *fwObject;
- NSSCKFWObject *newFwObject;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwObject = nssCKFWInstance_ResolveObjectHandle(fwInstance, hObject);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- error = CKR_OBJECT_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- newFwObject = nssCKFWSession_CopyObject(fwSession, fwObject, pTemplate,
- ulCount, &error);
- if( (NSSCKFWObject *)NULL == newFwObject ) {
- goto loser;
- }
-
- error = nssCKFWInstance_ReassignObjectHandle(fwInstance, hObject, newFwObject);
- nssCKFWObject_Destroy(fwObject);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_READ_ONLY:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OBJECT_HANDLE_INVALID:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_SESSION_READ_ONLY:
- case CKR_TEMPLATE_INCONSISTENT:
- case CKR_TOKEN_WRITE_PROTECTED:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_FindObjectsInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjectsInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWFindObjects *fwFindObjects;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( ((CK_ATTRIBUTE_PTR)CK_NULL_PTR == pTemplate) && (ulCount != 0) ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
- if( (NSSCKFWFindObjects *)NULL != fwFindObjects ) {
- error = CKR_OPERATION_ACTIVE;
- goto loser;
- }
-
- if( CKR_OPERATION_NOT_INITIALIZED != error ) {
- goto loser;
- }
-
- fwFindObjects = nssCKFWSession_FindObjectsInit(fwSession,
- pTemplate, ulCount, &error);
- if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
- goto loser;
- }
-
- error = nssCKFWSession_SetFWFindObjects(fwSession, fwFindObjects);
-
- if( CKR_OK != error ) {
- nssCKFWFindObjects_Destroy(fwFindObjects);
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_ATTRIBUTE_VALUE_INVALID:
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_ACTIVE:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_FindObjects
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjects
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWFindObjects *fwFindObjects;
- CK_ULONG i;
- NSSArena *arena;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- arena = nssCKFWSession_GetArena(fwSession, &error);
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
-
- if( (CK_OBJECT_HANDLE_PTR)CK_NULL_PTR == phObject ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(phObject, 0, sizeof(CK_OBJECT_HANDLE) * ulMaxObjectCount);
- *pulObjectCount = (CK_ULONG)0;
-
- fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
- if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
- goto loser;
- }
-
- for( i = 0; i < ulMaxObjectCount; i++ ) {
- NSSCKFWObject *fwObject = nssCKFWFindObjects_Next(fwFindObjects,
- arena, &error);
- if( (NSSCKFWObject *)NULL == fwObject ) {
- break;
- }
-
- phObject[i] = nssCKFWInstance_FindObjectHandle(fwInstance, fwObject);
- if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
- phObject[i] = nssCKFWInstance_CreateObjectHandle(fwInstance, fwObject, &error);
- }
- if( (CK_OBJECT_HANDLE)0 == phObject[i] ) {
- /* This isn't right either, is it? */
- nssCKFWObject_Destroy(fwObject);
- goto loser;
- }
- }
-
- *pulObjectCount = i;
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_FindObjectsFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_FindObjectsFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSCKFWFindObjects *fwFindObjects;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- fwFindObjects = nssCKFWSession_GetFWFindObjects(fwSession, &error);
- if( (NSSCKFWFindObjects *)NULL == fwFindObjects ) {
- error = CKR_OPERATION_NOT_INITIALIZED;
- goto loser;
- }
-
- nssCKFWFindObjects_Destroy(fwFindObjects);
- error = nssCKFWSession_SetFWFindObjects(fwSession, (NSSCKFWFindObjects *)NULL);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_NOT_INITIALIZED:
- case CKR_SESSION_HANDLE_INVALID:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_EncryptInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Encrypt
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Encrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_EncryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_EncryptFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_EncryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Decrypt
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Decrypt
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Digest
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Digest
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Sign
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Sign
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignRecoverInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignRecover
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_Verify
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_Verify
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyFinal
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyFinal
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyRecoverInit
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyRecoverInit
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_VerifyRecover
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_VerifyRecover
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DigestEncryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DigestEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptDigestUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptDigestUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SignEncryptUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SignEncryptUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DecryptVerifyUpdate
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DecryptVerifyUpdate
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_GenerateKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_GenerateKeyPair
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateKeyPair
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_WrapKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_WrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_UnwrapKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_UnwrapKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_DeriveKey
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_DeriveKey
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey
-)
-{
- return CKR_FUNCTION_FAILED;
-}
-
-/*
- * NSSCKFWC_SeedRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_SeedRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem seed;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pSeed ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /* We could read through the buffer in a Purify trap */
-
- seed.size = (PRUint32)ulSeedLen;
- seed.data = (void *)pSeed;
-
- error = nssCKFWSession_SeedRandom(fwSession, &seed);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_ACTIVE:
- case CKR_RANDOM_SEED_NOT_SUPPORTED:
- case CKR_RANDOM_NO_RNG:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GenerateRandom
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GenerateRandom
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData,
- CK_ULONG ulRandomLen
-)
-{
- CK_RV error = CKR_OK;
- NSSCKFWSession *fwSession;
- NSSItem buffer;
-
- if( (NSSCKFWInstance *)NULL == fwInstance ) {
- error = CKR_CRYPTOKI_NOT_INITIALIZED;
- goto loser;
- }
-
- fwSession = nssCKFWInstance_ResolveSessionHandle(fwInstance, hSession);
- if( (NSSCKFWSession *)NULL == fwSession ) {
- error = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- if( (CK_BYTE_PTR)CK_NULL_PTR == pRandomData ) {
- error = CKR_ARGUMENTS_BAD;
- goto loser;
- }
-
- /*
- * A purify error here indicates caller error.
- */
- (void)nsslibc_memset(pRandomData, 0, ulRandomLen);
-
- buffer.size = (PRUint32)ulRandomLen;
- buffer.data = (void *)pRandomData;
-
- error = nssCKFWSession_GetRandom(fwSession, &buffer);
-
- if( CKR_OK != error ) {
- goto loser;
- }
-
- return CKR_OK;
-
- loser:
- switch( error ) {
- case CKR_SESSION_CLOSED:
- /* destroy session? */
- break;
- case CKR_DEVICE_REMOVED:
- /* (void)nssCKFWToken_Destroy(fwToken); */
- break;
- case CKR_CRYPTOKI_NOT_INITIALIZED:
- case CKR_DEVICE_ERROR:
- case CKR_DEVICE_MEMORY:
- case CKR_FUNCTION_CANCELED:
- case CKR_FUNCTION_FAILED:
- case CKR_GENERAL_ERROR:
- case CKR_HOST_MEMORY:
- case CKR_OPERATION_ACTIVE:
- case CKR_RANDOM_NO_RNG:
- case CKR_SESSION_HANDLE_INVALID:
- case CKR_USER_NOT_LOGGED_IN:
- break;
- default:
- case CKR_OK:
- error = CKR_GENERAL_ERROR;
- break;
- }
-
- return error;
-}
-
-/*
- * NSSCKFWC_GetFunctionStatus
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_GetFunctionStatus
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- return CKR_FUNCTION_NOT_PARALLEL;
-}
-
-/*
- * NSSCKFWC_CancelFunction
- *
- */
-NSS_IMPLEMENT CK_RV
-NSSCKFWC_CancelFunction
-(
- NSSCKFWInstance *fwInstance,
- CK_SESSION_HANDLE hSession
-)
-{
- return CKR_FUNCTION_NOT_PARALLEL;
-}
diff --git a/security/nss/lib/crmf/Makefile b/security/nss/lib/crmf/Makefile
deleted file mode 100644
index a376529c7..000000000
--- a/security/nss/lib/crmf/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-export:: private_export
diff --git a/security/nss/lib/crmf/asn1cmn.c b/security/nss/lib/crmf/asn1cmn.c
deleted file mode 100644
index de7152e1c..000000000
--- a/security/nss/lib/crmf/asn1cmn.c
+++ /dev/null
@@ -1,246 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-SEC_ASN1_MKSUB(SEC_IntegerTemplate)
-SEC_ASN1_MKSUB(SEC_SignedCertificateTemplate)
-
-static const SEC_ASN1Template CMMFCertResponseTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertResponse)},
- { SEC_ASN1_INTEGER, offsetof(CMMFCertResponse, certReqId)},
- { SEC_ASN1_INLINE, offsetof(CMMFCertResponse, status),
- CMMFPKIStatusInfoTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER,
- offsetof(CMMFCertResponse, certifiedKeyPair),
- CMMFCertifiedKeyPairTemplate},
- { 0 }
-};
-
-static const SEC_ASN1Template CMMFCertOrEncCertTemplate[] = {
- { SEC_ASN1_ANY, offsetof(CMMFCertOrEncCert, derValue), NULL,
- sizeof(CMMFCertOrEncCert)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertifiedKeyPair)},
- { SEC_ASN1_INLINE, offsetof(CMMFCertifiedKeyPair, certOrEncCert),
- CMMFCertOrEncCertTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 0,
- offsetof(CMMFCertifiedKeyPair, privateKey),
- CRMFEncryptedValueTemplate},
- { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof (CMMFCertifiedKeyPair, derPublicationInfo),
- SEC_ASN1_SUB(SEC_AnyTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CMMFPKIStatusInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFPKIStatusInfo)},
- { SEC_ASN1_INTEGER, offsetof(CMMFPKIStatusInfo, status)},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_UTF8_STRING,
- offsetof(CMMFPKIStatusInfo, statusString)},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING,
- offsetof(CMMFPKIStatusInfo, failInfo)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFSequenceOfCertsTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF| SEC_ASN1_XTRN, 0,
- SEC_ASN1_SUB(SEC_SignedCertificateTemplate)}
-};
-
-const SEC_ASN1Template CMMFRandTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFRand)},
- { SEC_ASN1_INTEGER, offsetof(CMMFRand, integer)},
- { SEC_ASN1_OCTET_STRING, offsetof(CMMFRand, senderHash)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN,
- offsetof(CMMFPOPODecKeyRespContent, responses),
- SEC_ASN1_SUB(SEC_IntegerTemplate),
- sizeof(CMMFPOPODecKeyRespContent)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFCertOrEncCertEncryptedCertTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 1,
- 0,
- CRMFEncryptedValueTemplate},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFCertOrEncCertCertificateTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- 0,
- SEC_ASN1_SUB(SEC_SignedCertificateTemplate)},
- { 0 }
-};
-
-const SEC_ASN1Template CMMFCertRepContentTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFCertRepContent)},
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL |
- SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CMMFCertRepContent, caPubs),
- CMMFSequenceOfCertsTemplate },
- { SEC_ASN1_SEQUENCE_OF, offsetof(CMMFCertRepContent, response),
- CMMFCertResponseTemplate},
- { 0 }
-};
-
-static const SEC_ASN1Template CMMFChallengeTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFChallenge)},
- { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN,
- offsetof(CMMFChallenge, owf),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, witness) },
- { SEC_ASN1_ANY, offsetof(CMMFChallenge, senderDER) },
- { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, key) },
- { SEC_ASN1_OCTET_STRING, offsetof(CMMFChallenge, challenge) },
- { 0 }
-};
-
-const SEC_ASN1Template CMMFPOPODecKeyChallContentTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF,offsetof(CMMFPOPODecKeyChallContent, challenges),
- CMMFChallengeTemplate, sizeof(CMMFPOPODecKeyChallContent) },
- { 0 }
-};
-
-SECStatus
-cmmf_decode_process_cert_response(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertResponse *inCertResp)
-{
- SECStatus rv = SECSuccess;
-
- if (inCertResp->certifiedKeyPair != NULL) {
- rv = cmmf_decode_process_certified_key_pair(poolp,
- db,
- inCertResp->certifiedKeyPair);
- }
- return rv;
-}
-
-static CERTCertificate*
-cmmf_DecodeDERCertificate(CERTCertDBHandle *db, SECItem *derCert)
-{
- CERTCertificate *newCert;
-
- newCert = CERT_DecodeDERCertificate(derCert, PR_TRUE, NULL);
- if (newCert != NULL && newCert->dbhandle == NULL) {
- newCert->dbhandle = db;
- }
- return newCert;
-}
-
-static CMMFCertOrEncCertChoice
-cmmf_get_certorenccertchoice_from_der(SECItem *der)
-{
- CMMFCertOrEncCertChoice retChoice;
-
- switch(der->data[0] & 0x0f) {
- case 0:
- retChoice = cmmfCertificate;
- break;
- case 1:
- retChoice = cmmfEncryptedCert;
- break;
- default:
- retChoice = cmmfNoCertOrEncCert;
- break;
- }
- return retChoice;
-}
-
-static SECStatus
-cmmf_decode_process_certorenccert(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertOrEncCert *inCertOrEncCert)
-{
- SECStatus rv = SECSuccess;
-
- inCertOrEncCert->choice =
- cmmf_get_certorenccertchoice_from_der(&inCertOrEncCert->derValue);
-
- switch (inCertOrEncCert->choice) {
- case cmmfCertificate:
- {
- /* The DER has implicit tagging, so we gotta switch it to
- * un-tagged in order for the ASN1 parser to understand it.
- * Saving the bits that were changed.
- */
- inCertOrEncCert->derValue.data[0] = 0x30;
- inCertOrEncCert->cert.certificate =
- cmmf_DecodeDERCertificate(db, &inCertOrEncCert->derValue);
- if (inCertOrEncCert->cert.certificate == NULL) {
- rv = SECFailure;
- }
-
- }
- break;
- case cmmfEncryptedCert:
- inCertOrEncCert->cert.encryptedCert =
- PORT_ArenaZNew(poolp, CRMFEncryptedValue);
- if (inCertOrEncCert->cert.encryptedCert == NULL) {
- rv = SECFailure;
- break;
- }
- rv = SEC_ASN1Decode(poolp, inCertOrEncCert->cert.encryptedCert,
- CMMFCertOrEncCertEncryptedCertTemplate,
- (const char*)inCertOrEncCert->derValue.data,
- inCertOrEncCert->derValue.len);
- break;
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-cmmf_decode_process_certified_key_pair(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertifiedKeyPair *inCertKeyPair)
-{
- return cmmf_decode_process_certorenccert (poolp,
- db,
- &inCertKeyPair->certOrEncCert);
-}
-
-
diff --git a/security/nss/lib/crmf/challcli.c b/security/nss/lib/crmf/challcli.c
deleted file mode 100644
index bf385609a..000000000
--- a/security/nss/lib/crmf/challcli.c
+++ /dev/null
@@ -1,285 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secder.h"
-
-CMMFPOPODecKeyChallContent*
-CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len)
-{
- PRArenaPool *poolp;
- CMMFPOPODecKeyChallContent *challContent;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- challContent = PORT_ArenaZNew(poolp, CMMFPOPODecKeyChallContent);
- if (challContent == NULL) {
- goto loser;
- }
- challContent->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, challContent,
- CMMFPOPODecKeyChallContentTemplate, buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (challContent->challenges) {
- while (challContent->challenges[challContent->numChallenges] != NULL) {
- challContent->numChallenges++;
- }
- challContent->numAllocated = challContent->numChallenges;
- }
- return challContent;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-int
-CMMF_POPODecKeyChallContentGetNumChallenges
- (CMMFPOPODecKeyChallContent *inKeyChallCont)
-{
- PORT_Assert(inKeyChallCont != NULL);
- if (inKeyChallCont == NULL) {
- return 0;
- }
- return inKeyChallCont->numChallenges;
-}
-
-SECItem*
-CMMF_POPODecKeyChallContentGetPublicValue
- (CMMFPOPODecKeyChallContent *inKeyChallCont,
- int inIndex)
-{
- PORT_Assert(inKeyChallCont != NULL);
- if (inKeyChallCont == NULL || (inIndex > inKeyChallCont->numChallenges-1)||
- inIndex < 0) {
- return NULL;
- }
- return SECITEM_DupItem(&inKeyChallCont->challenges[inIndex]->key);
-}
-
-static SECAlgorithmID*
-cmmf_get_owf(CMMFPOPODecKeyChallContent *inChalCont,
- int inIndex)
-{
- int i;
-
- for (i=inIndex; i >= 0; i--) {
- if (inChalCont->challenges[i]->owf != NULL) {
- return inChalCont->challenges[i]->owf;
- }
- }
- return NULL;
-}
-
-SECStatus
-CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
- int inIndex,
- SECKEYPrivateKey *inPrivKey)
-{
- CMMFChallenge *challenge;
- SECItem *decryptedRand=NULL;
- SECStatus rv = SECFailure;
- PK11SlotInfo *slot;
- PK11SymKey *symKey = NULL;
- CMMFRand randStr;
- SECAlgorithmID *owf;
- unsigned char hash[SHA1_LENGTH]; /*SHA1 is the longest, so we'll use
- *it's length.
- */
- SECItem hashItem;
- SECOidTag tag;
-
- PORT_Assert(inChalCont != NULL && inPrivKey != NULL);
- if (inChalCont == NULL || inIndex <0 || inIndex > inChalCont->numChallenges
- || inPrivKey == NULL){
- return SECFailure;
- }
- challenge = inChalCont->challenges[inIndex];
- decryptedRand = PORT_ZNew(SECItem);
- if (decryptedRand == NULL) {
- goto loser;
- }
- decryptedRand->data =
- PORT_NewArray(unsigned char, challenge->challenge.len);
- if (decryptedRand->data == NULL) {
- goto loser;
- }
- slot = inPrivKey->pkcs11Slot;
- symKey = PK11_PubUnwrapSymKey(inPrivKey, &challenge->challenge,
- CKM_RSA_PKCS, CKA_VALUE, 0);
- if (symKey == NULL) {
- rv = SECFailure;
- goto loser;
- }
- rv = PK11_ExtractKeyValue(symKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- decryptedRand = PK11_GetKeyData(symKey);
- rv = SEC_ASN1DecodeItem(NULL, &randStr, CMMFRandTemplate,
- decryptedRand);
- /* The decryptedRand returned points to a member within the symKey structure,
- * so we don't want to free it. Let the symKey destruction function deal with
- * freeing that memory.
- */
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECFailure; /* Just so that when we do go to loser,
- * I won't have to set it again.
- */
- owf = cmmf_get_owf(inChalCont, inIndex);
- if (owf == NULL) {
- /* No hashing algorithm came with the challenges. Can't verify */
- goto loser;
- }
- /* Verify the hashes in the challenge */
- tag = SECOID_FindOIDTag(&owf->algorithm);
- switch (tag) {
- case SEC_OID_MD2:
- hashItem.len = MD2_LENGTH;
- break;
- case SEC_OID_MD5:
- hashItem.len = MD5_LENGTH;
- break;
- case SEC_OID_SHA1:
- hashItem.len = SHA1_LENGTH;
- break;
- default:
- goto loser;
- }
- rv = PK11_HashBuf(tag, hash, randStr.integer.data, randStr.integer.len);
- if (rv != SECSuccess) {
- goto loser;
- }
- hashItem.data = hash;
- if (SECITEM_CompareItem(&hashItem, &challenge->witness) != SECEqual) {
- /* The hash for the data we decrypted doesn't match the hash provided
- * in the challenge. Bail out.
- */
- rv = SECFailure;
- goto loser;
- }
- rv = PK11_HashBuf(tag, hash, challenge->senderDER.data,
- challenge->senderDER.len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (SECITEM_CompareItem(&hashItem, &randStr.senderHash) != SECEqual) {
- /* The hash for the data we decrypted doesn't match the hash provided
- * in the challenge. Bail out.
- */
- rv = SECFailure;
- goto loser;
- }
- /* All of the hashes have verified, so we can now store the integer away.*/
- rv = SECITEM_CopyItem(inChalCont->poolp, &challenge->randomNumber,
- &randStr.integer);
- loser:
- if (symKey != NULL) {
- PK11_FreeSymKey(symKey);
- }
- return rv;
-}
-
-SECStatus
-CMMF_POPODecKeyChallContentGetRandomNumber
- (CMMFPOPODecKeyChallContent *inKeyChallCont,
- int inIndex,
- long *inDest)
-{
- CMMFChallenge *challenge;
-
- PORT_Assert(inKeyChallCont != NULL);
- if (inKeyChallCont == NULL || inIndex > 0 || inIndex >=
- inKeyChallCont->numChallenges) {
- return SECFailure;
- }
- challenge = inKeyChallCont->challenges[inIndex];
- if (challenge->randomNumber.data == NULL) {
- /* There is no random number here, nothing to see. */
- return SECFailure;
- }
- *inDest = DER_GetInteger(&challenge->randomNumber);
- return (*inDest == -1) ? SECFailure : SECSuccess;
-}
-
-SECStatus
-CMMF_EncodePOPODecKeyRespContent(long *inDecodedRand,
- int inNumRand,
- CRMFEncoderOutputCallback inCallback,
- void *inArg)
-{
- PRArenaPool *poolp;
- CMMFPOPODecKeyRespContent *response;
- SECItem *currItem;
- SECStatus rv=SECFailure;
- int i;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return SECFailure;
- }
- response = PORT_ArenaZNew(poolp, CMMFPOPODecKeyRespContent);
- if (response == NULL) {
- goto loser;
- }
- response->responses = PORT_ArenaZNewArray(poolp, SECItem*, inNumRand+1);
- if (response->responses == NULL) {
- goto loser;
- }
- for (i=0; i<inNumRand; i++) {
- currItem = response->responses[i] = PORT_ArenaZNew(poolp,SECItem);
- if (currItem == NULL) {
- goto loser;
- }
- SEC_ASN1EncodeInteger(poolp, currItem,inDecodedRand[i]);
- }
- rv = cmmf_user_encode(response, inCallback, inArg,
- CMMFPOPODecKeyRespContentTemplate);
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return rv;
-}
diff --git a/security/nss/lib/crmf/cmmf.h b/security/nss/lib/crmf/cmmf.h
deleted file mode 100644
index a10220429..000000000
--- a/security/nss/lib/crmf/cmmf.h
+++ /dev/null
@@ -1,1119 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMMF_H_
-#define _CMMF_H_
-/*
- * These are the functions exported by the security library for
- * implementing Certificate Management Message Formats (CMMF).
- *
- * This API is designed against July 1998 CMMF draft. Please read this
- * draft before trying to use this API in an application that use CMMF.
- */
-#include "seccomon.h"
-#include "cmmft.h"
-#include "crmf.h"
-
-SEC_BEGIN_PROTOS
-
-/******************* Creation Functions *************************/
-
-/*
- * FUNCTION: CMMF_CreateCertRepContent
- * INPUTS:
- * NONE
- * NOTES:
- * This function will create an empty CMMFCertRepContent Structure.
- * The client of the library must set the CMMFCertResponses.
- * Call CMMF_CertRepContentSetCertResponse to accomplish this task.
- * If the client of the library also wants to include the chain of
- * CA certs required to make the certificates in CMMFCertResponse valid,
- * then the user must also set the caPubs field of CMMFCertRepContent.
- * Call CMMF_CertRepContentSetCAPubs to accomplish this. After setting
- * the desired fields, the user can then call CMMF_EncodeCertRepContent
- * to DER-encode the CertRepContent.
- * RETURN:
- * A pointer to the CMMFCertRepContent. A NULL return value indicates
- * an error in allocating memory or failure to initialize the structure.
- */
-extern CMMFCertRepContent* CMMF_CreateCertRepContent(void);
-
-/*
- * FUNCTION: CMMF_CreateCertRepContentFromDER
- * INPUTS
- * db
- * The certificate database where the certificates will be placed.
- * The certificates will be placed in the temporary database associated
- * with the handle.
- * buf
- * A buffer to the DER-encoded CMMFCertRepContent
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a
- * CMMFCertRepContent structure. The user must call
- * CMMF_DestroyCertRepContent after the return value is no longer needed.
- *
- * RETURN:
- * A pointer to the CMMFCertRepContent structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CMMFCertRepContent*
- CMMF_CreateCertRepContentFromDER(CERTCertDBHandle *db,
- const char *buf,
- long len);
-
-/*
- * FUNCTION: CMMF_CreateCertResponse
- * INPUTS:
- * inCertReqId
- * The Certificate Request Id this response is for.
- * NOTES:
- * This creates a CMMFCertResponse. This response should correspond
- * to a request that was received via CRMF. From the CRMF message you
- * can get the Request Id to pass in as inCertReqId, in essence binding
- * a CMRFCertRequest message to the CMMFCertResponse created by this
- * function. If no requuest id is associated with the response to create
- * then the user should pass in -1 for 'inCertReqId'.
- *
- * RETURN:
- * A pointer to the new CMMFCertResponse corresponding to the request id
- * passed in. A NULL return value indicates an error while trying to
- * create the CMMFCertResponse.
- */
-extern CMMFCertResponse* CMMF_CreateCertResponse(long inCertReqId);
-
-/*
- * FUNCTION: CMMF_CreateKeyRecRepContent
- * INPUTS:
- * NONE
- * NOTES:
- * This function creates a new empty CMMFKeyRecRepContent structure.
- * At the very minimum, the user must call
- * CMMF_KeyRecRepContentSetPKIStatusInfoStatus field to have an
- * encodable structure. Depending on what the response is, the user may
- * have to set other fields as well to properly build up the structure so
- * that it can be encoded. Refer to the CMMF draft for how to properly
- * set up a CMMFKeyRecRepContent. This is the structure that an RA returns
- * to an end entity when doing key recovery.
-
- * The user must call CMMF_DestroyKeyRecRepContent when the return value
- * is no longer needed.
- * RETURN:
- * A pointer to the empty CMMFKeyRecRepContent. A return value of NULL
- * indicates an error in allocating memory or initializing the structure.
- */
-extern CMMFKeyRecRepContent *CMMF_CreateKeyRecRepContent(void);
-
-/*
- * FUNCTION: CMMF_CreateKeyRecRepContentFromDER
- * INPUTS:
- * db
- * The handle for the certificate database where the decoded
- * certificates will be placed. The decoded certificates will
- * be placed in the temporary database associated with the
- * handle.
- * buf
- * A buffer contatining the DER-encoded CMMFKeyRecRepContent
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES
- * This function passes the buffer to the ASN1 decoder and creates a
- * CMMFKeyRecRepContent structure.
- *
- * RETURN:
- * A pointer to the CMMFKeyRecRepContent structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CMMFKeyRecRepContent*
- CMMF_CreateKeyRecRepContentFromDER(CERTCertDBHandle *db,
- const char *buf,
- long len);
-
-/*
- * FUNCTION: CMMF_CreatePOPODecKeyChallContent
- * INPUTS:
- * NONE
- * NOTES:
- * This function creates an empty CMMFPOPODecKeyChallContent. The user
- * must add the challenges individually specifying the random number to
- * be used and the public key to be used when creating each individual
- * challenge. User can accomplish this by calling the function
- * CMMF_POPODecKeyChallContentSetNextChallenge.
- * RETURN:
- * A pointer to a CMMFPOPODecKeyChallContent structure. Ther user can
- * then call CMMF_EncodePOPODecKeyChallContent passing in the return
- * value from this function after setting all of the challenges. A
- * return value of NULL indicates an error while creating the
- * CMMFPOPODecKeyChallContent structure.
- */
-extern CMMFPOPODecKeyChallContent*
- CMMF_CreatePOPODecKeyChallContent(void);
-
-/*
- * FUNCTION: CMMF_CreatePOPODecKeyChallContentFromDER
- * INPUTS
- * buf
- * A buffer containing the DER-encoded CMMFPOPODecKeyChallContent
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a
- * CMMFPOPODecKeyChallContent structure.
- *
- * RETURN:
- * A pointer to the CMMFPOPODecKeyChallContent structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CMMFPOPODecKeyChallContent*
- CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len);
-
-/*
- * FUNCTION: CMMF_CreatePOPODecKeyRespContentFromDER
- * INPUTS:
- * buf
- * A buffer contatining the DER-encoded CMMFPOPODecKeyRespContent
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES
- * This function passes the buffer to the ASN1 decoder and creates a
- * CMMFPOPODecKeyRespContent structure.
- *
- * RETURN:
- * A pointer to the CMMFPOPODecKeyRespContent structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CMMFPOPODecKeyRespContent*
- CMMF_CreatePOPODecKeyRespContentFromDER(const char *buf, long len);
-
-/************************** Set Functions *************************/
-
-/*
- * FUNCTION: CMMF_CertRepContentSetCertResponses
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to operate on.
- * inCertResponses
- * An array of pointers to CMMFCertResponse structures to
- * add to the CMMFCertRepContent structure.
- * inNumResponses
- * The length of the array 'inCertResponses'
- * NOTES:
- * This function will add the CMMFCertResponse structure to the
- * CMMFCertRepContent passed in. The CMMFCertResponse field of
- * CMMFCertRepContent is required, so the client must call this function
- * before calling CMMF_EncodeCertRepContent. If the user calls
- * CMMF_EncodeCertRepContent before calling this function,
- * CMMF_EncodeCertRepContent will fail.
- *
- * RETURN:
- * SECSuccess if adding the CMMFCertResponses to the CMMFCertRepContent
- * structure was successful. Any other return value indicates an error
- * while trying to add the CMMFCertResponses.
- */
-extern SECStatus
- CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
- CMMFCertResponse **inCertResponses,
- int inNumResponses);
-
-/*
- * FUNCTION: CMMF_CertRepContentSetCAPubs
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to operate on.
- * inCAPubs
- * The certificate list which makes up the chain of CA certificates
- * required to make the issued cert valid.
- * NOTES:
- * This function will set the the certificates in the CA chain as part
- * of the CMMFCertRepContent. This field is an optional member of the
- * CMMFCertRepContent structure, so the client is not required to call
- * this function before calling CMMF_EncodeCertRepContent.
- *
- * RETURN:
- * SECSuccess if adding the 'inCAPubs' to the CERTRepContent was successful.
- * Any other return value indicates an error while adding 'inCAPubs' to the
- * CMMFCertRepContent structure.
- *
- */
-extern SECStatus
- CMMF_CertRepContentSetCAPubs (CMMFCertRepContent *inCertRepContent,
- CERTCertList *inCAPubs);
-
-/*
- * FUNCTION: CMMF_CertResponseSetPKIStatusInfoStatus
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to operate on.
- * inPKIStatus
- * The value to set for the PKIStatusInfo.status field.
- * NOTES:
- * This function will set the CertResponse.status.status field of
- * the CMMFCertResponse structure. (View the definition of CertResponse
- * in the CMMF draft to see exactly which value this talks about.) This
- * field is a required member of the structure, so the user must call this
- * function in order to have a CMMFCertResponse that can be encoded.
- *
- * RETURN:
- * SECSuccess if setting the field with the passed in value was successful.
- * Any other return value indicates an error while trying to set the field.
- */
-extern SECStatus
- CMMF_CertResponseSetPKIStatusInfoStatus (CMMFCertResponse *inCertResp,
- CMMFPKIStatus inPKIStatus);
-
-/*
- * FUNCTION: CMMF_CertResponseSetCertificate
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to operate on.
- * inCertificate
- * The certificate to add to the
- * CertResponse.CertifiedKeyPair.certOrEncCert.certificate field.
- * NOTES:
- * This function will take the certificate and make it a member of the
- * CMMFCertResponse. The certificate should be the actual certificate
- * being issued via the response.
- *
- * RETURN:
- * SECSuccess if adding the certificate to the response was successful.
- * Any other return value indicates an error in adding the certificate to
- * the CertResponse.
- */
-extern SECStatus
- CMMF_CertResponseSetCertificate (CMMFCertResponse *inCertResp,
- CERTCertificate *inCertificate);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetPKIStatusInfoStatus
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * inPKIStatus
- * The value to set the PKIStatusInfo.status field to.
- * NOTES:
- * This function sets the only required field for the KeyRecRepContent.
- * In most cases, the user will set this field and other fields of the
- * structure to properly create the CMMFKeyRecRepContent structure.
- * Refer to the CMMF draft to see which fields need to be set in order
- * to create the desired CMMFKeyRecRepContent.
- *
- * RETURN:
- * SECSuccess if setting the PKIStatusInfo.status field was successful.
- * Any other return value indicates an error in setting the field.
- */
-extern SECStatus
-CMMF_KeyRecRepContentSetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep,
- CMMFPKIStatus inPKIStatus);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetNewSignCert
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * inNewSignCert
- * The new signing cert to add to the CMMFKeyRecRepContent structure.
- * NOTES:
- * This function sets the new signeing cert in the CMMFKeyRecRepContent
- * structure.
- *
- * RETURN:
- * SECSuccess if setting the new signing cert was successful. Any other
- * return value indicates an error occurred while trying to add the
- * new signing certificate.
- */
-extern SECStatus
- CMMF_KeyRecRepContentSetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertificate *inNewSignCert);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetCACerts
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * inCACerts
- * The list of CA certificates required to construct a valid
- * certificate chain with the certificates that will be returned
- * to the end user via this KeyRecRepContent.
- * NOTES:
- * This function sets the caCerts that are required to form a chain with the
- * end entity certificates that are being re-issued in this
- * CMMFKeyRecRepContent structure.
- *
- * RETURN:
- * SECSuccess if adding the caCerts was successful. Any other return value
- * indicates an error while tring to add the caCerts.
- */
-extern SECStatus
- CMMF_KeyRecRepContentSetCACerts(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertList *inCACerts);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentSetCertifiedKeyPair
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * inCert
- * The certificate to add to the CMMFKeyRecRepContent structure.
- * inPrivKey
- * The private key associated with the certificate above passed in.
- * inPubKey
- * The public key to use for wrapping the private key.
- * NOTES:
- * This function adds another certificate-key pair to the
- * CMMFKeyRecRepcontent structure. There may be more than one
- * certificate-key pair in the structure, so the user must call this
- * function multiple times to add more than one cert-key pair.
- *
- * RETURN:
- * SECSuccess if adding the certified key pair was successful. Any other
- * return value indicates an error in adding certified key pair to
- * CMMFKeyRecRepContent structure.
- */
-extern SECStatus
- CMMF_KeyRecRepContentSetCertifiedKeyPair(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertificate *inCert,
- SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentSetNextChallenge
- * INPUTS:
- * inDecKeyChall
- * The CMMFPOPODecKeyChallContent to operate on.
- * inRandom
- * The random number to use when generating the challenge,
- * inSender
- * The GeneralName representation of the sender of the challenge.
- * inPubKey
- * The public key to use when encrypting the challenge.
- * passwdArg
- * This value will be passed to the function used for getting a
- * password. The password for getting a password should be registered
- * by calling PK11_SetPasswordFunc before this function is called.
- * If no password callback is registered and the library needs to
- * authenticate to the slot for any reason, this function will fail.
- * NOTES:
- * This function adds a challenge to the end of the list of challenges
- * contained by 'inDecKeyChall'. Refer to the CMMF draft on how the
- * the random number passed in and the sender's GeneralName are used
- * to generate the challenge and witness fields of the challenge. This
- * library will use SHA1 as the one-way function for generating the
- * witess field of the challenge.
- *
- * RETURN:
- * SECSuccess if generating the challenge and adding to the end of list
- * of challenges was successful. Any other return value indicates an error
- * while trying to generate the challenge.
- */
-extern SECStatus
-CMMF_POPODecKeyChallContentSetNextChallenge
- (CMMFPOPODecKeyChallContent *inDecKeyChall,
- long inRandom,
- CERTGeneralName *inSender,
- SECKEYPublicKey *inPubKey,
- void *passwdArg);
-
-
-/************************** Encoding Functions *************************/
-
-/*
- * FUNCTION: CMMF_EncodeCertRepContent
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to DER-encode.
- * inCallback
- * A callback function that the ASN1 encoder will call whenever it
- * wants to write out DER-encoded bytes. Look at the defintion of
- * CRMFEncoderOutputCallback in crmft.h for a description of the
- * parameters to the function.
- * inArg
- * An opaque pointer to a user-supplied argument that will be passed
- * to the callback funtion whenever the function is called.
- * NOTES:
- * The CMMF library will use the same DER-encoding scheme as the CRMF
- * library. In other words, when reading CRMF comments that pertain to
- * encoding, those comments apply to the CMMF libray as well.
- * The callback function will be called multiple times, each time supplying
- * the next chunk of DER-encoded bytes. The user must concatenate the
- * output of each successive call to the callback in order to get the
- * entire DER-encoded CMMFCertRepContent structure.
- *
- * RETURN:
- * SECSuccess if encoding the CMMFCertRepContent was successful. Any
- * other return value indicates an error while decoding the structure.
- */
-extern SECStatus
- CMMF_EncodeCertRepContent (CMMFCertRepContent *inCertRepContent,
- CRMFEncoderOutputCallback inCallback,
- void *inArg);
-
-/*
- * FUNCTION: CMMF_EncodeKeyRecRepContent
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRepContent to DER-encode.
- * inCallback
- * A callback function that the ASN1 encoder will call whenever it
- * wants to write out DER-encoded bytes. Look at the defintion of
- * CRMFEncoderOutputCallback in crmft.h for a description of the
- * parameters to the function.
- * inArg
- * An opaque pointer to a user-supplied argument that will be passed
- * to the callback funtion whenever the function is called.
- * NOTES:
- * The CMMF library will use the same DER-encoding scheme as the CRMF
- * library. In other words, when reading CRMF comments that pertain to
- * encoding, those comments apply to the CMMF libray as well.
- * The callback function will be called multiple times, each time supplying
- * the next chunk of DER-encoded bytes. The user must concatenate the
- * output of each successive call to the callback in order to get the
- * entire DER-encoded CMMFCertRepContent structure.
- *
- * RETURN:
- * SECSuccess if encoding the CMMFKeyRecRepContent was successful. Any
- * other return value indicates an error while decoding the structure.
- */
-extern SECStatus
- CMMF_EncodeKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep,
- CRMFEncoderOutputCallback inCallback,
- void *inArg);
-
-/*
- * FUNCTION: CMMF_EncodePOPODecKeyChallContent
- * INPUTS:
- * inDecKeyChall
- * The CMMFDecKeyChallContent to operate on.
- * inCallback
- * A callback function that the ASN1 encoder will call whenever it
- * wants to write out DER-encoded bytes. Look at the defintion of
- * CRMFEncoderOutputCallback in crmft.h for a description of the
- * parameters to the function.
- * inArg
- * An opaque pointer to a user-supplied argument that will be passed
- * to the callback function whenever the function is called.
- * NOTES:
- * The CMMF library will use the same DER-encoding scheme as the CRMF
- * library. In other words, when reading CRMF comments that pertain to
- * encoding, those comments apply to the CMMF libray as well.
- * The callback function will be called multiple times, each time supplying
- * the next chunk of DER-encoded bytes. The user must concatenate the
- * output of each successive call to the callback in order to get the
- * entire DER-encoded CMMFCertRepContent structure.
- * The DER will be an encoding of the type POPODecKeyChallContents, which
- * is just a sequence of challenges.
- *
- * RETURN:
- * SECSuccess if encoding was successful. Any other return value indicates
- * an error in trying to encode the Challenges.
- */
-extern SECStatus
-CMMF_EncodePOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyChall,
- CRMFEncoderOutputCallback inCallback,
- void *inArg);
-
-/*
- * FUNCTION: CMMF_EncodePOPODecKeyRespContent
- * INPUTS:
- * inDecodedRand
- * An array of integers to encode as the responses to
- * CMMFPOPODecKeyChallContent. The integers must be in the same order
- * as the challenges extracted from CMMFPOPODecKeyChallContent.
- * inNumRand
- * The number of random integers contained in the array 'inDecodedRand'
- * inCallback
- * A callback function that the ASN1 encoder will call whenever it
- * wants to write out DER-encoded bytes. Look at the defintion of
- * CRMFEncoderOutputCallback in crmft.h for a description of the
- * parameters to the function.
- * inArg
- * An opaque pointer to a user-supplied argument that will be passed
- * to the callback funtion whenever the function is called.
- * NOTES:
- * The CMMF library will use the same DER-encoding scheme as the CRMF
- * library. In other words, when reading CRMF comments that pertain to
- * encoding, those comments apply to the CMMF libray as well.
- * The callback function will be called multiple times, each time supplying
- * the next chunk of DER-encoded bytes. The user must concatenate the
- * output of each successive call to the callback in order to get the
- * entire DER-encoded POPODecKeyRespContent.
- *
- * RETURN:
- * SECSuccess if encoding was successful. Any other return value indicates
- * an error in trying to encode the Challenges.
- */
-extern SECStatus
- CMMF_EncodePOPODecKeyRespContent(long *inDecodedRand,
- int inNumRand,
- CRMFEncoderOutputCallback inCallback,
- void *inArg);
-
-/*************** Accessor function ***********************************/
-
-/*
- * FUNCTION: CMMF_CertRepContentGetCAPubs
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to extract the caPubs from.
- * NOTES:
- * This function will return a copy of the list of certificates that
- * make up the chain of CA's required to make the cert issued valid.
- * The user must call CERT_DestroyCertList on the return value when
- * done using the return value.
- *
- * Only call this function on a CertRepContent that has been decoded.
- * The client must call CERT_DestroyCertList when the certificate list
- * is no longer needed.
- *
- * The certs in the list will not be in the temporary database. In order
- * to make these certificates a part of the permanent CA internal database,
- * the user must collect the der for all of these certs and call
- * CERT_ImportCAChain. Afterwards the certs will be part of the permanent
- * database.
- *
- * RETURN:
- * A pointer to the CERTCertList representing the CA chain associated
- * with the issued cert. A NULL return value indicates that no CA Pubs
- * were available in the CMMFCertRepContent structure.
- */
-extern CERTCertList*
- CMMF_CertRepContentGetCAPubs (CMMFCertRepContent *inCertRepContent);
-
-
-/*
- * FUNCTION: CMMF_CertRepContentGetNumResponses
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to operate on.
- * NOTES:
- * This function will return the number of CertResponses that are contained
- * by the CMMFCertRepContent passed in.
- *
- * RETURN:
- * The number of CMMFCertResponses contained in the structure passed in.
- */
-extern int
- CMMF_CertRepContentGetNumResponses (CMMFCertRepContent *inCertRepContent);
-
-/*
- * FUNCTION: CMMF_CertRepContentGetResponseAtIndex
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to operate on.
- * inIndex
- * The index of the CMMFCertResponse the user wants a copy of.
- * NOTES:
- * This funciton creates a copy of the CMMFCertResponse at the index
- * corresponding to the parameter 'inIndex'. Indexing is done like a
- * traditional C array, ie the valid indexes are (0...numResponses-1).
- * The user must call CMMF_DestroyCertResponse after the return value is
- * no longer needed.
- *
- * RETURN:
- * A pointer to the CMMFCertResponse at the index corresponding to
- * 'inIndex'. A return value of NULL indicates an error in copying
- * the CMMFCertResponse.
- */
-extern CMMFCertResponse*
-CMMF_CertRepContentGetResponseAtIndex (CMMFCertRepContent *inCertRepContent,
- int inIndex);
-
-/*
- * FUNCTION: CMMF_CertResponseGetCertReqId
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to operate on.
- * NOTES:
- * This function returns the CertResponse.certReqId from the
- * CMMFCertResponse structure passed in. If the return value is -1, that
- * means there is no associated certificate request with the CertResponse.
- * RETURN:
- * A long representing the id of the certificate request this
- * CMMFCertResponse corresponds to. A return value of -1 indicates an
- * error in extracting the value of the integer.
- */
-extern long CMMF_CertResponseGetCertReqId(CMMFCertResponse *inCertResp);
-
-/*
- * FUNCTION: CMMF_CertResponseGetPKIStatusInfoStatus
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to operate on.
- * NOTES:
- * This function returns the CertResponse.status.status field of the
- * CMMFCertResponse structure.
- *
- * RETURN:
- * The enumerated value corresponding to the PKIStatus defined in the CMMF
- * draft. See the CMMF draft for the definition of PKIStatus. See crmft.h
- * for the definition of CMMFPKIStatus.
- */
-extern CMMFPKIStatus
- CMMF_CertResponseGetPKIStatusInfoStatus(CMMFCertResponse *inCertResp);
-
-/*
- * FUNCTION: CMMF_CertResponseGetCertificate
- * INPUTS:
- * inCertResp
- * The Certificate Response to operate on.
- * inCertdb
- * This is the certificate database where the function will place the
- * newly issued certificate.
- * NOTES:
- * This function retrieves the CertResponse.certifiedKeyPair.certificate
- * from the CMMFCertResponse. The user will get a copy of that certificate
- * so the user must call CERT_DestroyCertificate when the return value is
- * no longer needed. The certificate returned will be in the temporary
- * certificate database.
- *
- * RETURN:
- * A pointer to a copy of the certificate contained within the
- * CMMFCertResponse. A return value of NULL indicates an error while trying
- * to make a copy of the certificate.
- */
-extern CERTCertificate*
- CMMF_CertResponseGetCertificate(CMMFCertResponse *inCertResp,
- CERTCertDBHandle *inCertdb);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetPKIStatusInfoStatus
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent structure to operate on.
- * NOTES:
- * This function retrieves the KeyRecRepContent.status.status field of
- * the CMMFKeyRecRepContent structure.
- * RETURN:
- * The CMMFPKIStatus corresponding to the value held in the
- * CMMFKeyRecRepContent structure.
- */
-extern CMMFPKIStatus
-CMMF_KeyRecRepContentGetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetNewSignCert
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * NOTES:
- * This function retrieves the KeyRecRepContent.newSignCert field of the
- * CMMFKeyRecRepContent structure. The user must call
- * CERT_DestroyCertificate when the return value is no longer needed. The
- * returned certificate will be in the temporary database. The user
- * must then place the certificate permanently in whatever token the
- * user determines is the proper destination. A return value of NULL
- * indicates the newSigCert field was not present.
- */
-extern CERTCertificate*
- CMMF_KeyRecRepContentGetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetCACerts
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * NOTES:
- * This function returns a CERTCertList which contains all of the
- * certficates that are in the sequence KeyRecRepContent.caCerts
- * User must call CERT_DestroyCertList when the return value is no longer
- * needed. All of these certificates will be placed in the tempoaray
- * database.
- *
- * RETURN:
- * A pointer to the list of caCerts contained in the CMMFKeyRecRepContent
- * structure. A return value of NULL indicates the library was not able to
- * make a copy of the certifcates. This may be because there are no caCerts
- * included in the CMMFKeyRecRepContent strucure or an internal error. Call
- * CMMF_KeyRecRepContentHasCACerts to find out if there are any caCerts
- * included in 'inKeyRecRep'.
- */
-extern CERTCertList*
- CMMF_KeyRecRepContentGetCACerts(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetNumKeyPairs
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to operate on.
- * RETURN:
- * This function returns the number of CMMFCertifiedKeyPair structures that
- * that are stored in the KeyRecRepContent structure.
- */
-extern int
- CMMF_KeyRecRepContentGetNumKeyPairs(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentGetCertKeyAtIndex
- * INPUTS:
- * inKeyRecRepContent
- * The CMMFKeyRecRepContent to operate on.
- * inIndex
- * The index of the desired CMMFCertifiedKeyPair
- * NOTES:
- * This function retrieves the CMMFCertifiedKeyPair structure at the index
- * 'inIndex'. Valid indexes are 0...(numKeyPairs-1) The user must call
- * CMMF_DestroyCertifiedKeyPair when the return value is no longer needed.
- *
- * RETURN:
- * A pointer to the Certified Key Pair at the desired index. A return value
- * of NULL indicates an error in extracting the Certified Key Pair at the
- * desired index.
- */
-extern CMMFCertifiedKeyPair*
- CMMF_KeyRecRepContentGetCertKeyAtIndex(CMMFKeyRecRepContent *inKeyRecRep,
- int inIndex);
-
-/*
- * FUNCTION: CMMF_CertifiedKeyPairGetCertificate
- * INPUTS:
- * inCertKeyPair
- * The CMMFCertifiedKeyPair to operate on.
- * inCertdb
- * The database handle for the database you want this certificate
- * to wind up in.
- * NOTES:
- * This function retrieves the certificate at
- * CertifiedKeyPair.certOrEncCert.certificate
- * The user must call CERT_DestroyCertificate when the return value is no
- * longer needed. The user must import this certificate as a token object
- * onto PKCS#11 slot in order to make it a permanent object. The returned
- * certificate will be in the temporary database.
- *
- * RETURN:
- * A pointer to the certificate contained within the certified key pair.
- * A return value of NULL indicates an error in creating the copy of the
- * certificate.
- */
-extern CERTCertificate*
- CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
- CERTCertDBHandle *inCertdb);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetNumChallenges
- * INPUTS:
- * inKeyChallCont
- * The CMMFPOPODecKeyChallContent to operate on.
- * RETURN:
- * This function returns the number of CMMFChallenges are contained in
- * the CMMFPOPODecKeyChallContent structure.
- */
-extern int CMMF_POPODecKeyChallContentGetNumChallenges
- (CMMFPOPODecKeyChallContent *inKeyChallCont);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetPublicValue
- * ---------------------------------------------------
- * INPUTS:
- * inKeyChallCont
- * The CMMFPOPODecKeyChallContent to operate on.
- * inIndex
- * The index of the Challenge within inKeyChallCont to operate on.
- * Indexes start from 0, ie the Nth Challenge corresponds to index
- * N-1.
- * NOTES:
- * This function retrieves the public value stored away in the Challenge at
- * index inIndex of inKeyChallCont.
- * RETURN:
- * A pointer to a SECItem containing the public value. User must call
- * SECITEM_FreeItem on the return value when the value is no longer necessary.
- * A return value of NULL indicates an error while retrieving the public value.
- */
-extern SECItem* CMMF_POPODecKeyChallContentGetPublicValue
- (CMMFPOPODecKeyChallContent *inKeyChallCont,
- int inIndex);
-
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetRandomNumber
- * INPUTS:
- * inChallContent
- * The CMMFPOPODecKeyChallContent to operate on.
- * inIndex
- * The index of the challenge to look at. Valid indexes are 0 through
- * (CMMF_POPODecKeyChallContentGetNumChallenges(inChallContent) - 1).
- * inDest
- * A pointer to a user supplied buffer where the library
- * can place a copy of the random integer contatained in the
- * challenge.
- * NOTES:
- * This function returns the value held in the decrypted Rand structure
- * corresponding to the random integer. The user must call
- * CMMF_POPODecKeyChallContentDecryptChallenge before calling this function. Call
- * CMMF_ChallengeIsDecrypted to find out if the challenge has been
- * decrypted.
- *
- * RETURN:
- * SECSuccess indicates the witness field has been previously decrypted
- * and the value for the random integer was successfully placed at *inDest.
- * Any other return value indicates an error and that the value at *inDest
- * is not a valid value.
- */
-extern SECStatus CMMF_POPODecKeyChallContentGetRandomNumber
- (CMMFPOPODecKeyChallContent *inKeyChallCont,
- int inIndex,
- long *inDest);
-
-/*
- * FUNCTION: CMMF_POPODecKeyRespContentGetNumResponses
- * INPUTS:
- * inRespCont
- * The POPODecKeyRespContent to operate on.
- * RETURN:
- * This function returns the number of responses contained in inRespContent.
- */
-extern int
- CMMF_POPODecKeyRespContentGetNumResponses(CMMFPOPODecKeyRespContent *inRespCont);
-
-/*
- * FUNCTION: CMMF_POPODecKeyRespContentGetResponse
- * INPUTS:
- * inRespCont
- * The POPODecKeyRespContent to operate on.
- * inIndex
- * The index of the response to retrieve.
- * The Nth response is at index N-1, ie the 1st response is at index 0,
- * the 2nd response is at index 1, and so on.
- * inDest
- * A pointer to a pre-allocated buffer where the library can put the
- * value of the response located at inIndex.
- * NOTES:
- * The function returns the response contained at index inIndex.
- * CMMFPOPODecKeyRespContent is a structure that the server will generally
- * get in response to a CMMFPOPODecKeyChallContent. The server will expect
- * to see the responses in the same order as it constructed them in
- * the CMMFPOPODecKeyChallContent structure.
- * RETURN:
- * SECSuccess if getting the response at the desired index was successful. Any
- * other return value indicates an errror.
- */
-extern SECStatus
- CMMF_POPODecKeyRespContentGetResponse (CMMFPOPODecKeyRespContent *inRespCont,
- int inIndex,
- long *inDest);
-
-/************************* Destructor Functions ******************************/
-
-/*
- * FUNCTION: CMMF_DestroyCertResponse
- * INPUTS:
- * inCertResp
- * The CMMFCertResponse to destroy.
- * NOTES:
- * This function frees all the memory associated with the CMMFCertResponse
- * passed in.
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return value
- * indicates an error while freeing the memory.
- */
-extern SECStatus CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp);
-
-/*
- * FUNCTION: CMMF_DestroyCertRepContent
- * INPUTS:
- * inCertRepContent
- * The CMMFCertRepContent to destroy
- * NOTES:
- * This function frees the memory associated with the CMMFCertRepContent
- * passed in.
- * RETURN:
- * SECSuccess if freeing all the memory associated with the
- * CMMFCertRepContent passed in is successful. Any other return value
- * indicates an error while freeing the memory.
- */
-extern SECStatus
- CMMF_DestroyCertRepContent (CMMFCertRepContent *inCertRepContent);
-
-/*
- * FUNCTION: CMMF_DestroyKeyRecRepContent
- * INPUTS:
- * inKeyRecRep
- * The CMMFKeyRecRepContent to destroy.
- * NOTES:
- * This function destroys all the memory associated with the
- * CMMFKeyRecRepContent passed in.
- *
- * RETURN:
- * SECSuccess if freeing all the memory is successful. Any other return
- * value indicates an error in freeing the memory.
- */
-extern SECStatus
- CMMF_DestroyKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_DestroyCertifiedKeyPair
- * INPUTS:
- * inCertKeyPair
- * The CMMFCertifiedKeyPair to operate on.
- * NOTES:
- * This function frees up all the memory associated with 'inCertKeyPair'
- *
- * RETURN:
- * SECSuccess if freeing all the memory associated with 'inCertKeyPair'
- * is successful. Any other return value indicates an error while trying
- * to free the memory.
- */
-extern SECStatus
- CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyRespContent
- * INPUTS:
- * inDecKeyResp
- * The CMMFPOPODecKeyRespContent structure to free.
- * NOTES:
- * This function frees up all the memory associate with the
- * CMMFPOPODecKeyRespContent.
- *
- * RETURN:
- * SECSuccess if freeing up all the memory associated with the
- * CMMFPOPODecKeyRespContent structure is successful. Any other
- * return value indicates an error while freeing the memory.
- */
-extern SECStatus
- CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp);
-
-
-/************************** Miscellaneous Functions *************************/
-
-/*
- * FUNCTION: CMMF_CertifiedKeyPairUnwrapPrivKey
- * INPUTS:
- * inCertKeyPair
- * The CMMFCertifiedKeyPair to operate on.
- * inPrivKey
- * The private key to use to un-wrap the private key
- * inNickName
- * This is the nickname that will be associated with the private key
- * to be unwrapped.
- * inSlot
- * The PKCS11 slot where the unwrapped private key should end up.
- * inCertdb
- * The Certificate database with which the new key will be associated.
- * destPrivKey
- * A pointer to memory where the library can place a pointer to the
- * private key after importing the key onto the specified slot.
- * wincx
- * An opaque pointer that the library will use in a callback function
- * to get the password if necessary.
- *
- * NOTES:
- * This function uses the private key passed in to unwrap the private key
- * contained within the CMMFCertifiedKeyPair structure. After this
- * function successfully returns, the private key has been unwrapped and
- * placed in the specified slot.
- *
- * RETURN:
- * SECSuccess if unwrapping the private key was successful. Any other
- * return value indicates an error while trying to un-wrap the private key.
- */
-extern SECStatus
- CMMF_CertifiedKeyPairUnwrapPrivKey(CMMFCertifiedKeyPair *inKeyPair,
- SECKEYPrivateKey *inPrivKey,
- SECItem *inNickName,
- PK11SlotInfo *inSlot,
- CERTCertDBHandle *inCertdb,
- SECKEYPrivateKey **destPrivKey,
- void *wincx);
-
-/*
- * FUNCTION: CMMF_KeyRecRepContentHasCACerts
- * INPUTS:
- * inKeyRecRecp
- * The CMMFKeyRecRepContent to operate on.
- * RETURN:
- * This function returns PR_TRUE if there are one or more certificates in
- * the sequence KeyRecRepContent.caCerts within the CMMFKeyRecRepContent
- * structure. The function will return PR_FALSE if there are 0 certificate
- * in the above mentioned sequence.
- */
-extern PRBool
- CMMF_KeyRecRepContentHasCACerts(CMMFKeyRecRepContent *inKeyRecRep);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContDecryptChallenge
- * INPUTS:
- * inChalCont
- * The CMMFPOPODecKeyChallContent to operate on.
- * inIndex
- * The index of the Challenge to operate on. The 1st Challenge is
- * at index 0, the second at index 1 and so forth.
- * inPrivKey
- * The private key to use to decrypt the witness field.
- * NOTES:
- * This function uses the private key to decrypt the challenge field
- * contained in the appropriate challenge. Make sure the private key matches
- * the public key that was used to encrypt the witness. Use
- * CMMF_POPODecKeyChallContentGetPublicValue to get the public value of
- * the key used to encrypt the witness and then use that to determine the
- * appropriate private key. This can be done by calling PK11_MakeIDFromPubKey
- * and then passing that return value to PK11_FindKeyByKeyID. The creator of
- * the challenge will most likely be an RA that has the public key
- * from a Cert request. So the private key should be the private key
- * associated with public key in that request. This function will also
- * verify the witness field of the challenge. This function also verifies
- * that the sender and witness hashes match within the challenge.
- *
- * RETURN:
- * SECSuccess if decrypting the witness field was successful. This does
- * not indicate that the decrypted data is valid, since the private key
- * passed in may not be the actual key needed to properly decrypt the
- * witness field. Meaning that there is a decrypted structure now, but
- * may be garbage because the private key was incorrect.
- * Any other return value indicates the function could not complete the
- * decryption process.
- */
-extern SECStatus
- CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
- int inIndex,
- SECKEYPrivateKey *inPrivKey);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyChallContent
- * INPUTS:
- * inDecKeyCont
- * The CMMFPOPODecKeyChallContent to free
- * NOTES:
- * This function frees up all the memory associated with the
- * CMMFPOPODecKeyChallContent
- * RETURN:
- * SECSuccess if freeing up all the memory associatd with the
- * CMMFPOPODecKeyChallContent is successful. Any other return value
- * indicates an error while freeing the memory.
- *
- */
-extern SECStatus
- CMMF_DestroyPOPODecKeyChallContent (CMMFPOPODecKeyChallContent *inDecKeyCont);
-
-SEC_END_PROTOS
-#endif /* _CMMF_H_ */
diff --git a/security/nss/lib/crmf/cmmfasn1.c b/security/nss/lib/crmf/cmmfasn1.c
deleted file mode 100644
index 6f0363571..000000000
--- a/security/nss/lib/crmf/cmmfasn1.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secasn1.h"
-#include "secitem.h"
-
-static const SEC_ASN1Template CMMFSequenceOfCertifiedKeyPairsTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, CMMFCertifiedKeyPairTemplate}
-};
-
-static const SEC_ASN1Template CMMFKeyRecRepContentTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CMMFKeyRecRepContent)},
- { SEC_ASN1_INLINE, offsetof(CMMFKeyRecRepContent, status),
- CMMFPKIStatusInfoTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 0,
- offsetof(CMMFKeyRecRepContent, newSigCert),
- SEC_SignedCertificateTemplate},
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(CMMFKeyRecRepContent, caCerts),
- CMMFSequenceOfCertsTemplate},
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(CMMFKeyRecRepContent, keyPairHist),
- CMMFSequenceOfCertifiedKeyPairsTemplate},
- { 0 }
-};
-
-SECStatus
-CMMF_EncodeCertRepContent (CMMFCertRepContent *inCertRepContent,
- CRMFEncoderOutputCallback inCallback,
- void *inArg)
-{
- return cmmf_user_encode(inCertRepContent, inCallback, inArg,
- CMMFCertRepContentTemplate);
-}
-
-SECStatus
-CMMF_EncodePOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyChall,
- CRMFEncoderOutputCallback inCallback,
- void *inArg)
-{
- return cmmf_user_encode(inDecKeyChall, inCallback, inArg,
- CMMFPOPODecKeyChallContentTemplate);
-}
-
-CMMFPOPODecKeyRespContent*
-CMMF_CreatePOPODecKeyRespContentFromDER(const char *buf, long len)
-{
- PRArenaPool *poolp;
- CMMFPOPODecKeyRespContent *decKeyResp;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- decKeyResp = PORT_ArenaZNew(poolp, CMMFPOPODecKeyRespContent);
- if (decKeyResp == NULL) {
- goto loser;
- }
- decKeyResp->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, decKeyResp, CMMFPOPODecKeyRespContentTemplate,
- buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- return decKeyResp;
-
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-CMMF_EncodeKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep,
- CRMFEncoderOutputCallback inCallback,
- void *inArg)
-{
- return cmmf_user_encode(inKeyRecRep, inCallback, inArg,
- CMMFKeyRecRepContentTemplate);
-}
-
-CMMFKeyRecRepContent*
-CMMF_CreateKeyRecRepContentFromDER(CERTCertDBHandle *db, const char *buf,
- long len)
-{
- PRArenaPool *poolp;
- CMMFKeyRecRepContent *keyRecContent;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- keyRecContent = PORT_ArenaZNew(poolp, CMMFKeyRecRepContent);
- if (keyRecContent == NULL) {
- goto loser;
- }
- keyRecContent->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, keyRecContent, CMMFKeyRecRepContentTemplate,
- buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (keyRecContent->keyPairHist != NULL) {
- while(keyRecContent->keyPairHist[keyRecContent->numKeyPairs] != NULL) {
- rv = cmmf_decode_process_certified_key_pair(poolp, db,
- keyRecContent->keyPairHist[keyRecContent->numKeyPairs]);
- if (rv != SECSuccess) {
- goto loser;
- }
- keyRecContent->numKeyPairs++;
- }
- keyRecContent->allocKeyPairs = keyRecContent->numKeyPairs;
- }
- keyRecContent->isDecoded = PR_TRUE;
- return keyRecContent;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
diff --git a/security/nss/lib/crmf/cmmfchal.c b/security/nss/lib/crmf/cmmfchal.c
deleted file mode 100644
index 019833ac5..000000000
--- a/security/nss/lib/crmf/cmmfchal.c
+++ /dev/null
@@ -1,319 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "sechash.h"
-#include "genname.h"
-#include "pk11func.h"
-#include "cert.h"
-#include "secitem.h"
-#include "secmod.h"
-#include "keyhi.h"
-
-static int
-cmmf_create_witness_and_challenge(PRArenaPool *poolp,
- CMMFChallenge *challenge,
- long inRandom,
- SECItem *senderDER,
- SECKEYPublicKey *inPubKey,
- void *passwdArg)
-{
- SECItem *encodedRandNum;
- SECItem encodedRandStr = {siBuffer, NULL, 0};
- SECItem *dummy;
- unsigned char *randHash, *senderHash, *encChal=NULL;
- unsigned modulusLen = 0;
- SECStatus rv = SECFailure;
- CMMFRand randStr= { {siBuffer, NULL, 0}, {siBuffer, NULL, 0}};
- PK11SlotInfo *slot;
- PK11SymKey *symKey = NULL;
- CK_OBJECT_HANDLE id;
- CERTSubjectPublicKeyInfo *spki = NULL;
-
-
- encodedRandNum = SEC_ASN1EncodeInteger(poolp, &challenge->randomNumber,
- inRandom);
- encodedRandNum = &challenge->randomNumber;
- randHash = PORT_ArenaNewArray(poolp, unsigned char, SHA1_LENGTH);
- senderHash = PORT_ArenaNewArray(poolp, unsigned char, SHA1_LENGTH);
- if (randHash == NULL) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_SHA1, randHash, encodedRandNum->data,
- (uint32)encodedRandNum->len);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = PK11_HashBuf(SEC_OID_SHA1, senderHash, senderDER->data,
- (uint32)senderDER->len);
- if (rv != SECSuccess) {
- goto loser;
- }
- challenge->witness.data = randHash;
- challenge->witness.len = SHA1_LENGTH;
-
- randStr.integer = *encodedRandNum;
- randStr.senderHash.data = senderHash;
- randStr.senderHash.len = SHA1_LENGTH;
- dummy = SEC_ASN1EncodeItem(NULL, &encodedRandStr, &randStr,
- CMMFRandTemplate);
- if (dummy != &encodedRandStr) {
- rv = SECFailure;
- goto loser;
- }
- /* XXXX Now I have to encrypt encodedRandStr and stash it away. */
- modulusLen = SECKEY_PublicKeyStrength(inPubKey);
- encChal = PORT_ArenaNewArray(poolp, unsigned char, modulusLen);
- if (encChal == NULL) {
- rv = SECFailure;
- goto loser;
- }
- slot =PK11_GetBestSlot(CKM_RSA_PKCS, passwdArg);
- if (slot == NULL) {
- rv = SECFailure;
- goto loser;
- }
- id = PK11_ImportPublicKey(slot, inPubKey, PR_FALSE);
- /* In order to properly encrypt the data, we import as a symmetric
- * key, and then wrap that key. That in essence encrypts the data.
- * This is the method recommended in the PK11 world in order
- * to prevent threading issues as well as breaking any other semantics
- * the PK11 libraries depend on.
- */
- symKey = PK11_ImportSymKey(slot, CKM_RSA_PKCS, PK11_OriginGenerated,
- CKA_VALUE, &encodedRandStr, passwdArg);
- if (symKey == NULL) {
- rv = SECFailure;
- goto loser;
- }
- challenge->challenge.data = encChal;
- challenge->challenge.len = modulusLen;
- rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, inPubKey, symKey,
- &challenge->challenge);
- PK11_FreeSlot(slot);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &challenge->senderDER, senderDER);
- crmf_get_public_value(inPubKey, &challenge->key);
- /* Fall through */
- loser:
- if (spki != NULL) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- if (encodedRandStr.data != NULL) {
- PORT_Free(encodedRandStr.data);
- }
- if (encodedRandNum != NULL) {
- SECITEM_FreeItem(encodedRandNum, PR_TRUE);
- }
- if (symKey != NULL) {
- PK11_FreeSymKey(symKey);
- }
- return rv;
-}
-
-static SECStatus
-cmmf_create_first_challenge(CMMFPOPODecKeyChallContent *challContent,
- long inRandom,
- SECItem *senderDER,
- SECKEYPublicKey *inPubKey,
- void *passwdArg)
-{
- SECOidData *oidData;
- CMMFChallenge *challenge;
- SECAlgorithmID *algId;
- PRArenaPool *poolp;
- SECStatus rv;
-
- oidData = SECOID_FindOIDByTag(SEC_OID_SHA1);
- if (oidData == NULL) {
- return SECFailure;
- }
- poolp = challContent->poolp;
- challenge = PORT_ArenaZNew(poolp, CMMFChallenge);
- if (challenge == NULL) {
- return SECFailure;
- }
- algId = challenge->owf = PORT_ArenaZNew(poolp, SECAlgorithmID);
- if (algId == NULL) {
- return SECFailure;
- }
- rv = SECITEM_CopyItem(poolp, &algId->algorithm, &oidData->oid);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- rv = cmmf_create_witness_and_challenge(poolp, challenge, inRandom,
- senderDER, inPubKey, passwdArg);
- challContent->challenges[0] = (rv == SECSuccess) ? challenge : NULL;
- challContent->numChallenges++;
- return rv ;
-}
-
-CMMFPOPODecKeyChallContent*
-CMMF_CreatePOPODecKeyChallContent (void)
-{
- PRArenaPool *poolp;
- CMMFPOPODecKeyChallContent *challContent;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- challContent = PORT_ArenaZNew(poolp, CMMFPOPODecKeyChallContent);
- if (challContent == NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
- }
- challContent->poolp = poolp;
- return challContent;
-}
-
-SECStatus
-CMMF_POPODecKeyChallContentSetNextChallenge
- (CMMFPOPODecKeyChallContent *inDecKeyChall,
- long inRandom,
- CERTGeneralName *inSender,
- SECKEYPublicKey *inPubKey,
- void *passwdArg)
-{
- CMMFChallenge *curChallenge;
- PRArenaPool *genNamePool = NULL, *poolp;
- SECStatus rv;
- SECItem *genNameDER;
- void *mark;
-
- PORT_Assert (inDecKeyChall != NULL &&
- inSender != NULL &&
- inPubKey != NULL);
-
- if (inDecKeyChall == NULL ||
- inSender == NULL || inPubKey == NULL) {
- return SECFailure;
- }
- poolp = inDecKeyChall->poolp;
- mark = PORT_ArenaMark(poolp);
-
- genNamePool = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- genNameDER = cert_EncodeGeneralName(inSender, NULL, genNamePool);
- if (genNameDER == NULL) {
- rv = SECFailure;
- goto loser;
- }
- if (inDecKeyChall->challenges == NULL) {
- inDecKeyChall->challenges =
- PORT_ArenaZNewArray(poolp, CMMFChallenge*,(CMMF_MAX_CHALLENGES+1));
- inDecKeyChall->numAllocated = CMMF_MAX_CHALLENGES;
- }
-
- if (inDecKeyChall->numChallenges >= inDecKeyChall->numAllocated) {
- rv = SECFailure;
- goto loser;
- }
-
- if (inDecKeyChall->numChallenges == 0) {
- rv = cmmf_create_first_challenge(inDecKeyChall, inRandom,
- genNameDER, inPubKey, passwdArg);
- } else {
- curChallenge = PORT_ArenaZNew(poolp, CMMFChallenge);
- if (curChallenge == NULL) {
- rv = SECFailure;
- goto loser;
- }
- rv = cmmf_create_witness_and_challenge(poolp, curChallenge, inRandom,
- genNameDER, inPubKey,
- passwdArg);
- if (rv == SECSuccess) {
- inDecKeyChall->challenges[inDecKeyChall->numChallenges] =
- curChallenge;
- inDecKeyChall->numChallenges++;
- }
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- PORT_FreeArena(genNamePool, PR_FALSE);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- if (genNamePool != NULL) {
- PORT_FreeArena(genNamePool, PR_FALSE);
- }
- PORT_Assert(rv != SECSuccess);
- return rv;
-}
-
-SECStatus
-CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp)
-{
- PORT_Assert(inDecKeyResp != NULL);
- if (inDecKeyResp != NULL && inDecKeyResp->poolp != NULL) {
- PORT_FreeArena(inDecKeyResp->poolp, PR_FALSE);
- }
- return SECSuccess;
-}
-
-int
-CMMF_POPODecKeyRespContentGetNumResponses(CMMFPOPODecKeyRespContent *inRespCont)
-{
- int numResponses = 0;
-
- PORT_Assert(inRespCont != NULL);
- if (inRespCont == NULL) {
- return 0;
- }
-
- while (inRespCont->responses[numResponses] != NULL) {
- numResponses ++;
- }
- return numResponses;
-}
-
-SECStatus
-CMMF_POPODecKeyRespContentGetResponse (CMMFPOPODecKeyRespContent *inRespCont,
- int inIndex,
- long *inDest)
-{
- PORT_Assert(inRespCont != NULL);
-
- if (inRespCont == NULL || inIndex < 0 ||
- inIndex >= CMMF_POPODecKeyRespContentGetNumResponses(inRespCont)) {
- return SECFailure;
- }
- *inDest = DER_GetInteger(inRespCont->responses[inIndex]);
- return (*inDest == -1) ? SECFailure : SECSuccess;
-}
diff --git a/security/nss/lib/crmf/cmmfi.h b/security/nss/lib/crmf/cmmfi.h
deleted file mode 100644
index 0a476badd..000000000
--- a/security/nss/lib/crmf/cmmfi.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * These are the definitions needed by the library internally to implement
- * CMMF. Most of these will be helper utilities for manipulating internal
- * data strucures.
- */
-#ifndef _CMMFI_H_
-#define _CMMFI_H_
-#include "cmmfit.h"
-#include "crmfi.h"
-
-#define CMMF_MAX_CHALLENGES 10
-#define CMMF_MAX_KEY_PAIRS 50
-
-/*
- * Some templates that the code will need to implement CMMF.
- */
-extern const SEC_ASN1Template CMMFCertOrEncCertCertificateTemplate[];
-extern const SEC_ASN1Template CMMFCertOrEncCertEncryptedCertTemplate[];
-extern const SEC_ASN1Template CMMFPOPODecKeyRespContentTemplate[];
-extern const SEC_ASN1Template CMMFRandTemplate[];
-extern const SEC_ASN1Template CMMFSequenceOfCertsTemplate[];
-extern const SEC_ASN1Template CMMFPKIStatusInfoTemplate[];
-extern const SEC_ASN1Template CMMFCertifiedKeyPairTemplate[];
-
-
-/*
- * Some utility functions that are shared by multiple files in this
- * implementation.
- */
-
-extern SECStatus cmmf_CopyCertResponse (PRArenaPool *poolp,
- CMMFCertResponse *dest,
- CMMFCertResponse *src);
-
-extern SECStatus cmmf_CopyPKIStatusInfo (PRArenaPool *poolp,
- CMMFPKIStatusInfo *dest,
- CMMFPKIStatusInfo *src);
-
-extern SECStatus cmmf_CopyCertifiedKeyPair(PRArenaPool *poolp,
- CMMFCertifiedKeyPair *dest,
- CMMFCertifiedKeyPair *src);
-
-extern SECStatus cmmf_DestroyPKIStatusInfo(CMMFPKIStatusInfo *info,
- PRBool freeit);
-
-extern SECStatus cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert,
- PRBool freeit);
-
-extern SECStatus cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo *statusInfo,
- PRArenaPool *poolp,
- CMMFPKIStatus inStatus);
-
-extern SECStatus cmmf_ExtractCertsFromList(CERTCertList *inCertList,
- PRArenaPool *poolp,
- CERTCertificate ***certArray);
-
-extern SECStatus
- cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
- PRArenaPool *poolp,
- CERTCertificate *inCert);
-
-extern CMMFPKIStatus
- cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus);
-
-extern CERTCertList*
- cmmf_MakeCertList(CERTCertificate **inCerts);
-
-extern CERTCertificate*
-cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
- CERTCertDBHandle *certdb);
-
-extern SECStatus
-cmmf_decode_process_cert_response(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertResponse *inCertResp);
-
-extern SECStatus
-cmmf_decode_process_certified_key_pair(PRArenaPool *poolp,
- CERTCertDBHandle *db,
- CMMFCertifiedKeyPair *inCertKeyPair);
-
-extern SECStatus
-cmmf_user_encode(void *src, CRMFEncoderOutputCallback inCallback, void *inArg,
- const SEC_ASN1Template *inTemplate);
-
-extern SECStatus
-cmmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src);
-#endif /*_CMMFI_H_*/
-
-
-
-
-
diff --git a/security/nss/lib/crmf/cmmfit.h b/security/nss/lib/crmf/cmmfit.h
deleted file mode 100644
index e6ef02f96..000000000
--- a/security/nss/lib/crmf/cmmfit.h
+++ /dev/null
@@ -1,145 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMMFIT_H_
-#define _CMMFIT_H_
-
-/*
- * All fields marked by a PKIStausInfo in comments is an integer
- * with the following possible values.
- *
- * Integer Value Meaning
- * ------------- -------
- * 0 granted- got exactly what you asked for.
- *
- * 1 grantedWithMods-got something like what you asked
- * for;requester is responsible for ascertainging the
- * differences.
- *
- * 2 rejection-you don't get what you asked for; more
- * information elsewhere in the message
- *
- * 3 waiting-the request body part has not yet been
- * processed, expect to hear more later.
- *
- * 4 revocationWarning-this message contains a warning
- * that a revocation is imminent.
- *
- * 5 revocationNotification-notification that a
- * revocation has occurred.
- *
- * 6 keyUpdateWarning-update already done for the
- * oldCertId specified in FullCertTemplate.
- */
-
-struct CMMFPKIStatusInfoStr {
- SECItem status;
- SECItem statusString;
- SECItem failInfo;
-};
-
-struct CMMFCertOrEncCertStr {
- union {
- CERTCertificate *certificate;
- CRMFEncryptedValue *encryptedCert;
- } cert;
- CMMFCertOrEncCertChoice choice;
- SECItem derValue;
-};
-
-struct CMMFCertifiedKeyPairStr {
- CMMFCertOrEncCert certOrEncCert;
- CRMFEncryptedValue *privateKey;
- SECItem derPublicationInfo; /* We aren't creating
- * PKIPublicationInfo's, so
- * we'll store away the der
- * here if we decode one that
- * does have pubInfo.
- */
- SECItem unwrappedPrivKey;
-};
-
-struct CMMFCertResponseStr {
- SECItem certReqId;
- CMMFPKIStatusInfo status; /*PKIStatusInfo*/
- CMMFCertifiedKeyPair *certifiedKeyPair;
-};
-
-struct CMMFCertRepContentStr {
- CERTCertificate **caPubs;
- CMMFCertResponse **response;
- PRArenaPool *poolp;
- PRBool isDecoded;
-};
-
-struct CMMFChallengeStr {
- SECAlgorithmID *owf;
- SECItem witness;
- SECItem senderDER;
- SECItem key;
- SECItem challenge;
- SECItem randomNumber;
-};
-
-struct CMMFRandStr {
- SECItem integer;
- SECItem senderHash;
- CERTGeneralName *sender;
-};
-
-struct CMMFPOPODecKeyChallContentStr {
- CMMFChallenge **challenges;
- PRArenaPool *poolp;
- int numChallenges;
- int numAllocated;
-};
-
-struct CMMFPOPODecKeyRespContentStr {
- SECItem **responses;
- PRArenaPool *poolp;
-};
-
-struct CMMFKeyRecRepContentStr {
- CMMFPKIStatusInfo status; /* PKIStatusInfo */
- CERTCertificate *newSigCert;
- CERTCertificate **caCerts;
- CMMFCertifiedKeyPair **keyPairHist;
- PRArenaPool *poolp;
- int numKeyPairs;
- int allocKeyPairs;
- PRBool isDecoded;
-};
-
-#endif /* _CMMFIT_H_ */
-
diff --git a/security/nss/lib/crmf/cmmfrec.c b/security/nss/lib/crmf/cmmfrec.c
deleted file mode 100644
index ce0126b91..000000000
--- a/security/nss/lib/crmf/cmmfrec.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * This file will implement the functions related to key recovery in
- * CMMF
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "keyhi.h"
-
-CMMFKeyRecRepContent*
-CMMF_CreateKeyRecRepContent(void)
-{
- PRArenaPool *poolp;
- CMMFKeyRecRepContent *keyRecContent;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- keyRecContent = PORT_ArenaZNew(poolp, CMMFKeyRecRepContent);
- if (keyRecContent == NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
- }
- keyRecContent->poolp = poolp;
- return keyRecContent;
-}
-
-SECStatus
-CMMF_DestroyKeyRecRepContent(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep != NULL && inKeyRecRep->poolp != NULL) {
- if (!inKeyRecRep->isDecoded) {
- int i;
-
- CERT_DestroyCertificate(inKeyRecRep->newSigCert);
- if (inKeyRecRep->caCerts != NULL) {
- for (i=0; inKeyRecRep->caCerts[i] != NULL; i++) {
- CERT_DestroyCertificate(inKeyRecRep->caCerts[i]);
- }
- }
- if (inKeyRecRep->keyPairHist != NULL) {
- for (i=0; inKeyRecRep->keyPairHist[i] != NULL; i++) {
- if (inKeyRecRep->keyPairHist[i]->certOrEncCert.choice ==
- cmmfCertificate) {
- CERT_DestroyCertificate(inKeyRecRep->keyPairHist[i]->
- certOrEncCert.cert.certificate);
- }
- }
- }
- }
- PORT_FreeArena(inKeyRecRep->poolp, PR_TRUE);
- }
- return SECSuccess;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep,
- CMMFPKIStatus inPKIStatus)
-{
- PORT_Assert(inKeyRecRep != NULL && inPKIStatus >= cmmfGranted &&
- inPKIStatus < cmmfNumPKIStatus);
- if (inKeyRecRep == NULL) {
- return SECFailure;
- }
-
- return cmmf_PKIStatusInfoSetStatus(&inKeyRecRep->status,
- inKeyRecRep->poolp,
- inPKIStatus);
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertificate *inNewSignCert)
-{
- PORT_Assert (inKeyRecRep != NULL && inNewSignCert != NULL);
- if (inKeyRecRep == NULL || inNewSignCert == NULL) {
- return SECFailure;
- }
- inKeyRecRep->newSigCert = CERT_DupCertificate(inNewSignCert);
- return (inKeyRecRep->newSigCert == NULL) ? SECFailure : SECSuccess;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetCACerts(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertList *inCACerts)
-{
- SECStatus rv;
- void *mark;
-
- PORT_Assert (inKeyRecRep != NULL && inCACerts != NULL);
- if (inKeyRecRep == NULL || inCACerts == NULL) {
- return SECFailure;
- }
- mark = PORT_ArenaMark(inKeyRecRep->poolp);
- rv = cmmf_ExtractCertsFromList(inCACerts, inKeyRecRep->poolp,
- &inKeyRecRep->caCerts);
- if (rv != SECSuccess) {
- PORT_ArenaRelease(inKeyRecRep->poolp, mark);
- } else {
- PORT_ArenaUnmark(inKeyRecRep->poolp, mark);
- }
- return rv;
-}
-
-SECStatus
-CMMF_KeyRecRepContentSetCertifiedKeyPair(CMMFKeyRecRepContent *inKeyRecRep,
- CERTCertificate *inCert,
- SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey)
-{
- CMMFCertifiedKeyPair *keyPair;
- CRMFEncryptedValue *dummy;
- PRArenaPool *poolp;
- void *mark;
- SECStatus rv;
-
- PORT_Assert (inKeyRecRep != NULL &&
- inCert != NULL &&
- inPrivKey != NULL &&
- inPubKey != NULL);
- if (inKeyRecRep == NULL ||
- inCert == NULL ||
- inPrivKey == NULL ||
- inPubKey == NULL) {
- return SECFailure;
- }
- poolp = inKeyRecRep->poolp;
- mark = PORT_ArenaMark(poolp);
- if (inKeyRecRep->keyPairHist == NULL) {
- inKeyRecRep->keyPairHist = PORT_ArenaNewArray(poolp,
- CMMFCertifiedKeyPair*,
- (CMMF_MAX_KEY_PAIRS+1));
- if (inKeyRecRep->keyPairHist == NULL) {
- goto loser;
- }
- inKeyRecRep->allocKeyPairs = CMMF_MAX_KEY_PAIRS;
- inKeyRecRep->numKeyPairs = 0;
- }
-
- if (inKeyRecRep->allocKeyPairs == inKeyRecRep->numKeyPairs) {
- goto loser;
- }
-
- keyPair = PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
- if (keyPair == NULL) {
- goto loser;
- }
- rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert,
- poolp, inCert);
- if (rv != SECSuccess) {
- goto loser;
- }
- keyPair->privateKey = PORT_ArenaZNew(poolp, CRMFEncryptedValue);
- if (keyPair->privateKey == NULL) {
- goto loser;
- }
- dummy = crmf_create_encrypted_value_wrapped_privkey(inPrivKey, inPubKey,
- keyPair->privateKey);
- PORT_Assert(dummy = keyPair->privateKey);
- if (dummy != keyPair->privateKey) {
- crmf_destroy_encrypted_value(dummy, PR_TRUE);
- goto loser;
- }
- inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = keyPair;
- inKeyRecRep->numKeyPairs++;
- inKeyRecRep->keyPairHist[inKeyRecRep->numKeyPairs] = NULL;
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-CMMFPKIStatus
-CMMF_KeyRecRepContentGetPKIStatusInfoStatus(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep == NULL) {
- return cmmfNoPKIStatus;
- }
- return cmmf_PKIStatusInfoGetStatus(&inKeyRecRep->status);
-}
-
-CERTCertificate*
-CMMF_KeyRecRepContentGetNewSignCert(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep == NULL ||
- inKeyRecRep->newSigCert == NULL) {
- return NULL;
- }
- return CERT_NewTempCertificate(CERT_GetDefaultCertDB(),
- &inKeyRecRep->newSigCert->signatureWrap.data,
- NULL, PR_FALSE, PR_TRUE);
-}
-
-CERTCertList*
-CMMF_KeyRecRepContentGetCACerts(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep == NULL || inKeyRecRep->caCerts == NULL) {
- return NULL;
- }
- return cmmf_MakeCertList(inKeyRecRep->caCerts);
-}
-
-int
-CMMF_KeyRecRepContentGetNumKeyPairs(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- return (inKeyRecRep == NULL) ? 0 : inKeyRecRep->numKeyPairs;
-}
-
-PRBool
-cmmf_KeyRecRepContentIsValidIndex(CMMFKeyRecRepContent *inKeyRecRep,
- int inIndex)
-{
- int numKeyPairs = CMMF_KeyRecRepContentGetNumKeyPairs(inKeyRecRep);
-
- return (PRBool)(inIndex >= 0 && inIndex < numKeyPairs);
-}
-
-CMMFCertifiedKeyPair*
-CMMF_KeyRecRepContentGetCertKeyAtIndex(CMMFKeyRecRepContent *inKeyRecRep,
- int inIndex)
-{
- CMMFCertifiedKeyPair *newKeyPair;
- SECStatus rv;
-
- PORT_Assert(inKeyRecRep != NULL &&
- cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex));
- if (inKeyRecRep == NULL ||
- !cmmf_KeyRecRepContentIsValidIndex(inKeyRecRep, inIndex)) {
- return NULL;
- }
- newKeyPair = PORT_ZNew(CMMFCertifiedKeyPair);
- if (newKeyPair == NULL) {
- return NULL;
- }
- rv = cmmf_CopyCertifiedKeyPair(NULL, newKeyPair,
- inKeyRecRep->keyPairHist[inIndex]);
- if (rv != SECSuccess) {
- CMMF_DestroyCertifiedKeyPair(newKeyPair);
- newKeyPair = NULL;
- }
- return newKeyPair;
-}
-
-SECStatus
-CMMF_CertifiedKeyPairUnwrapPrivKey(CMMFCertifiedKeyPair *inKeyPair,
- SECKEYPrivateKey *inPrivKey,
- SECItem *inNickName,
- PK11SlotInfo *inSlot,
- CERTCertDBHandle *inCertdb,
- SECKEYPrivateKey **destPrivKey,
- void *wincx)
-{
- CERTCertificate *cert;
- SECItem keyUsageValue = {siBuffer, NULL, 0};
- unsigned char keyUsage = 0x0;
- SECKEYPublicKey *pubKey;
- SECStatus rv;
-
- PORT_Assert(inKeyPair != NULL &&
- inPrivKey != NULL && inCertdb != NULL);
- if (inKeyPair == NULL ||
- inPrivKey == NULL ||
- inKeyPair->privateKey == NULL ||
- inCertdb == NULL) {
- return SECFailure;
- }
-
- cert = CMMF_CertifiedKeyPairGetCertificate(inKeyPair, inCertdb);
- CERT_FindKeyUsageExtension(cert, &keyUsageValue);
- if (keyUsageValue.data != NULL) {
- keyUsage = keyUsageValue.data[3];
- PORT_Free(keyUsageValue.data);
- }
- pubKey = CERT_ExtractPublicKey(cert);
- rv = crmf_encrypted_value_unwrap_priv_key(NULL, inKeyPair->privateKey,
- inPrivKey, pubKey,
- inNickName, inSlot, keyUsage,
- destPrivKey, wincx);
- SECKEY_DestroyPublicKey(pubKey);
- CERT_DestroyCertificate(cert);
- return rv;
-}
-
-
-PRBool
-CMMF_KeyRecRepContentHasCACerts(CMMFKeyRecRepContent *inKeyRecRep)
-{
- PORT_Assert(inKeyRecRep != NULL);
- if (inKeyRecRep == NULL) {
- return PR_FALSE;
- }
- return (PRBool)(inKeyRecRep->caCerts != NULL &&
- inKeyRecRep->caCerts[0] != NULL);
-}
diff --git a/security/nss/lib/crmf/cmmfresp.c b/security/nss/lib/crmf/cmmfresp.c
deleted file mode 100644
index b26fb39fb..000000000
--- a/security/nss/lib/crmf/cmmfresp.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * This file will contain all routines dealing with creating a
- * CMMFCertRepContent structure through Create/Set functions.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "crmf.h"
-#include "crmfi.h"
-#include "secitem.h"
-#include "secder.h"
-
-CMMFCertRepContent*
-CMMF_CreateCertRepContent(void)
-{
- CMMFCertRepContent *retCertRep;
- PRArenaPool *poolp;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
- retCertRep = PORT_ArenaZNew(poolp, CMMFCertRepContent);
- if (retCertRep == NULL) {
- goto loser;
- }
- retCertRep->poolp = poolp;
- return retCertRep;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-cmmf_CertOrEncCertSetCertificate(CMMFCertOrEncCert *certOrEncCert,
- PRArenaPool *poolp,
- CERTCertificate *inCert)
-{
- SECItem *derDest = NULL;
- SECStatus rv = SECFailure;
-
- if (inCert->derCert.data == NULL) {
- derDest = SEC_ASN1EncodeItem(NULL, NULL, inCert,
- CMMFCertOrEncCertCertificateTemplate);
- if (derDest == NULL) {
- goto loser;
- }
- } else {
- derDest = SECITEM_DupItem(&inCert->derCert);
- if (derDest == NULL) {
- goto loser;
- }
- }
- PORT_Assert(certOrEncCert->cert.certificate == NULL);
- certOrEncCert->cert.certificate = CERT_DupCertificate(inCert);
- certOrEncCert->choice = cmmfCertificate;
- if (poolp != NULL) {
- rv = SECITEM_CopyItem(poolp, &certOrEncCert->derValue, derDest);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- certOrEncCert->derValue = *derDest;
- }
- PORT_Free(derDest);
- return SECSuccess;
- loser:
- if (derDest != NULL) {
- SECITEM_FreeItem(derDest, PR_TRUE);
- }
- return rv;
-}
-
-SECStatus
-cmmf_ExtractCertsFromList(CERTCertList *inCertList,
- PRArenaPool *poolp,
- CERTCertificate ***certArray)
-{
- CERTCertificate **arrayLocalCopy;
- CERTCertListNode *node;
- int numNodes = 0, i;
-
- for (node = CERT_LIST_HEAD(inCertList); !CERT_LIST_END(node, inCertList);
- node = CERT_LIST_NEXT(node)) {
- numNodes++;
- }
-
- arrayLocalCopy = *certArray = (poolp == NULL) ?
- PORT_NewArray(CERTCertificate*, (numNodes+1)) :
- PORT_ArenaNewArray(poolp, CERTCertificate*, (numNodes+1));
- if (arrayLocalCopy == NULL) {
- return SECFailure;
- }
- for (node = CERT_LIST_HEAD(inCertList), i=0;
- !CERT_LIST_END(node, inCertList);
- node = CERT_LIST_NEXT(node), i++) {
- arrayLocalCopy[i] = CERT_DupCertificate(node->cert);
- if (arrayLocalCopy[i] == NULL) {
- int j;
-
- for (j=0; j<i; j++) {
- CERT_DestroyCertificate(arrayLocalCopy[j]);
- }
- if (poolp == NULL) {
- PORT_Free(arrayLocalCopy);
- }
- *certArray = NULL;
- return SECFailure;
- }
- }
- arrayLocalCopy[numNodes] = NULL;
- return SECSuccess;
-}
-
-SECStatus
-CMMF_CertRepContentSetCertResponses(CMMFCertRepContent *inCertRepContent,
- CMMFCertResponse **inCertResponses,
- int inNumResponses)
-{
- PRArenaPool *poolp;
- CMMFCertResponse **respArr, *newResp;
- void *mark;
- SECStatus rv;
- int i;
-
- PORT_Assert (inCertRepContent != NULL &&
- inCertResponses != NULL &&
- inNumResponses > 0);
- if (inCertRepContent == NULL ||
- inCertResponses == NULL ||
- inCertRepContent->response != NULL) {
- return SECFailure;
- }
- poolp = inCertRepContent->poolp;
- mark = PORT_ArenaMark(poolp);
- respArr = inCertRepContent->response =
- PORT_ArenaZNewArray(poolp, CMMFCertResponse*, (inNumResponses+1));
- if (respArr == NULL) {
- goto loser;
- }
- for (i=0; i<inNumResponses; i++) {
- newResp = PORT_ArenaZNew(poolp, CMMFCertResponse);
- if (newResp == NULL) {
- goto loser;
- }
- rv = cmmf_CopyCertResponse(poolp, newResp, inCertResponses[i]);
- if (rv != SECSuccess) {
- goto loser;
- }
- respArr[i] = newResp;
- }
- respArr[inNumResponses] = NULL;
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-CMMFCertResponse*
-CMMF_CreateCertResponse(long inCertReqId)
-{
- SECItem *dummy;
- CMMFCertResponse *newResp;
-
- newResp = PORT_ZNew(CMMFCertResponse);
- if (newResp == NULL) {
- goto loser;
- }
- dummy = SEC_ASN1EncodeInteger(NULL, &newResp->certReqId, inCertReqId);
- if (dummy != &newResp->certReqId) {
- goto loser;
- }
- return newResp;
-
- loser:
- if (newResp != NULL) {
- CMMF_DestroyCertResponse(newResp);
- }
- return NULL;
-}
-
-SECStatus
-CMMF_CertResponseSetPKIStatusInfoStatus(CMMFCertResponse *inCertResp,
- CMMFPKIStatus inPKIStatus)
-{
- PORT_Assert (inCertResp != NULL && inPKIStatus >= cmmfGranted
- && inPKIStatus < cmmfNumPKIStatus);
-
- if (inCertResp == NULL) {
- return SECFailure;
- }
- return cmmf_PKIStatusInfoSetStatus(&inCertResp->status, NULL,
- inPKIStatus);
-}
-
-SECStatus
-CMMF_CertResponseSetCertificate (CMMFCertResponse *inCertResp,
- CERTCertificate *inCertificate)
-{
- CMMFCertifiedKeyPair *keyPair = NULL;
- SECStatus rv = SECFailure;
-
- PORT_Assert(inCertResp != NULL && inCertificate != NULL);
- if (inCertResp == NULL || inCertificate == NULL) {
- return SECFailure;
- }
- if (inCertResp->certifiedKeyPair == NULL) {
- keyPair = inCertResp->certifiedKeyPair =
- PORT_ZNew(CMMFCertifiedKeyPair);
- } else {
- keyPair = inCertResp->certifiedKeyPair;
- }
- if (keyPair == NULL) {
- goto loser;
- }
- rv = cmmf_CertOrEncCertSetCertificate(&keyPair->certOrEncCert, NULL,
- inCertificate);
- if (rv != SECSuccess) {
- goto loser;
- }
- return SECSuccess;
- loser:
- if (keyPair) {
- if (keyPair->certOrEncCert.derValue.data) {
- PORT_Free(keyPair->certOrEncCert.derValue.data);
- }
- PORT_Free(keyPair);
- }
- return rv;
-}
-
-
-SECStatus
-CMMF_CertRepContentSetCAPubs(CMMFCertRepContent *inCertRepContent,
- CERTCertList *inCAPubs)
-{
- PRArenaPool *poolp;
- void *mark;
- SECStatus rv;
-
- PORT_Assert(inCertRepContent != NULL &&
- inCAPubs != NULL &&
- inCertRepContent->caPubs == NULL);
-
- if (inCertRepContent == NULL ||
- inCAPubs == NULL || inCertRepContent == NULL) {
- return SECFailure;
- }
-
- poolp = inCertRepContent->poolp;
- mark = PORT_ArenaMark(poolp);
-
- rv = cmmf_ExtractCertsFromList(inCAPubs, poolp,
- &inCertRepContent->caPubs);
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
- return rv;
-}
-
-CERTCertificate*
-CMMF_CertifiedKeyPairGetCertificate(CMMFCertifiedKeyPair *inCertKeyPair,
- CERTCertDBHandle *inCertdb)
-{
- PORT_Assert(inCertKeyPair != NULL);
- if (inCertKeyPair == NULL) {
- return NULL;
- }
- return cmmf_CertOrEncCertGetCertificate(&inCertKeyPair->certOrEncCert,
- inCertdb);
-}
diff --git a/security/nss/lib/crmf/cmmft.h b/security/nss/lib/crmf/cmmft.h
deleted file mode 100644
index 078253057..000000000
--- a/security/nss/lib/crmf/cmmft.h
+++ /dev/null
@@ -1,102 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _CMMFT_H_
-#define _CMMFT_H_
-
-#include "secasn1.h"
-
-/*
- * These are the enumerations used to distinguish between the different
- * choices available for the CMMFCertOrEncCert structure.
- */
-typedef enum {
- cmmfNoCertOrEncCert = 0,
- cmmfCertificate = 1,
- cmmfEncryptedCert = 2
-} CMMFCertOrEncCertChoice;
-
-/*
- * This is the enumeration and the corresponding values used to
- * represent the CMMF type PKIStatus
- */
-typedef enum {
- cmmfNoPKIStatus = -1,
- cmmfGranted = 0,
- cmmfGrantedWithMods = 1,
- cmmfRejection = 2,
- cmmfWaiting = 3,
- cmmfRevocationWarning = 4,
- cmmfRevocationNotification = 5,
- cmmfKeyUpdateWarning = 6,
- cmmfNumPKIStatus
-} CMMFPKIStatus;
-
-/*
- * These enumerations are used to represent the corresponding values
- * in PKIFailureInfo defined in CMMF.
- */
-typedef enum {
- cmmfBadAlg = 0,
- cmmfBadMessageCheck = 1,
- cmmfBadRequest = 2,
- cmmfBadTime = 3,
- cmmfBadCertId = 4,
- cmmfBadDataFormat = 5,
- cmmfWrongAuthority = 6,
- cmmfIncorrectData = 7,
- cmmfMissingTimeStamp = 8,
- cmmfNoFailureInfo = 9
-} CMMFPKIFailureInfo;
-
-typedef struct CMMFPKIStatusInfoStr CMMFPKIStatusInfo;
-typedef struct CMMFCertOrEncCertStr CMMFCertOrEncCert;
-typedef struct CMMFCertifiedKeyPairStr CMMFCertifiedKeyPair;
-typedef struct CMMFCertResponseStr CMMFCertResponse;
-typedef struct CMMFCertResponseSeqStr CMMFCertResponseSeq;
-typedef struct CMMFPOPODecKeyChallContentStr CMMFPOPODecKeyChallContent;
-typedef struct CMMFChallengeStr CMMFChallenge;
-typedef struct CMMFRandStr CMMFRand;
-typedef struct CMMFPOPODecKeyRespContentStr CMMFPOPODecKeyRespContent;
-typedef struct CMMFKeyRecRepContentStr CMMFKeyRecRepContent;
-typedef struct CMMFCertRepContentStr CMMFCertRepContent;
-
-/* Export this so people can call SEC_ASN1EncodeItem instead of having to
- * write callbacks that are passed in to the high level encode function
- * for CMMFCertRepContent.
- */
-extern const SEC_ASN1Template CMMFCertRepContentTemplate[];
-extern const SEC_ASN1Template CMMFPOPODecKeyChallContentTemplate[];
-
-#endif /*_CMMFT_H_*/
diff --git a/security/nss/lib/crmf/config.mk b/security/nss/lib/crmf/config.mk
deleted file mode 100644
index 3b647d954..000000000
--- a/security/nss/lib/crmf/config.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/crmf/crmf.h b/security/nss/lib/crmf/crmf.h
deleted file mode 100644
index cf7b91095..000000000
--- a/security/nss/lib/crmf/crmf.h
+++ /dev/null
@@ -1,1779 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _CRMF_H_
-#define _CRMF_H_
-
-#include "seccomon.h"
-#include "cert.h"
-#include "crmft.h"
-#include "secoid.h"
-#include "secpkcs7.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * FUNCTION: CRMF_EncodeCertReqMsg
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to be encoded.
- * fn
- * A Callback function that the ASN1 encoder calls whenever
- * the encoder wants to write out some DER encoded bytes.
- * arg
- * An opaque pointer that gets passed to the function fn
- * OUTPUT:
- * The function fn will be called multiple times. Look at the
- * comments in crmft.h where the CRMFEncoderOutputCallback type is
- * defined for information on proper behavior of the function fn.
- * RETURN:
- * SECSuccess if encoding was successful. Any other return value
- * indicates an error occurred during encoding.
- */
-extern SECStatus
- CRMF_EncodeCertReqMsg (CRMFCertReqMsg *inCertReqMsg,
- CRMFEncoderOutputCallback fn,
- void *arg);
-
-/*
- * FUNCTION: CRMF_EncoderCertRequest
- * INPUTS:
- * inCertReq
- * The Certificate Request to be encoded.
- * fn
- * A Callback function that the ASN1 encoder calls whenever
- * the encoder wants to write out some DER encoded bytes.
- * arg
- * An opaque pointer that gets passed to the function fn.
- * OUTPUT:
- * The function fn will be called, probably multiple times whenever
- * the ASN1 encoder wants to write out DER-encoded bytes. Look at the
- * comments in crmft.h where the CRMFEncoderOuputCallback type is
- * defined for information on proper behavior of the funciton fn.
- * RETURN:
- * SECSuccess if encoding was successful. Any other return value
- * indicates an error occured during encoding.
- */
-extern SECStatus CRMF_EncodeCertRequest (CRMFCertRequest *inCertReq,
- CRMFEncoderOutputCallback fn,
- void *arg);
-/*
- * FUNCTION: CRMF_EncodeCertReqMessages
- * INPUTS:
- * inCertReqMsgs
- * An array of pointers to the Certificate Request Messages
- * to encode. The user must place a NULL pointer in the index
- * after the last message to be encoded. When the library runs
- * into the NULL pointer, the library assumes there are no more
- * messages to encode.
- * fn
- * A Callback function that the ASN1 encoder calls whenever
- * the encoder wants to write out some DER encoded byts.
- * arg
- * An opaque pointer that gets passed to the function fn.
- *
- * NOTES:
- * The parameter inCertReqMsgs needs to be an array with a NULL pointer
- * to signal the end of messages. An array in the form of
- * {m1, m2, m3, NULL, m4, ...} will only encode the messages m1, m2, and
- * m3. All messages from m4 on will not be looked at by the library.
- *
- * OUTPUT:
- * The function fn will be called, probably multiple times. Look at the
- * comments in crmft.h where the CRMFEncoderOuputCallback type is
- * defined for information on proper behavior of the funciton fn.
- *
- * RETURN:
- * SECSuccess if encoding the Certificate Request Messages was successful.
- * Any other return value indicates an error occurred while encoding the
- * certificate request messages.
- */
-extern SECStatus
- CRMF_EncodeCertReqMessages(CRMFCertReqMsg **inCertReqMsgs,
- CRMFEncoderOutputCallback fn,
- void *arg);
-
-
-/*
- * FUNCTION: CRMF_CreateCertReqMsg
- * INPUTS:
- * NONE
- * OUTPUT:
- * An empty CRMF Certificate Request Message.
- * Before encoding this message, the user must set
- * the ProofOfPossession field and the certificate
- * request which are necessary for the full message.
- * After the user no longer needs this CertReqMsg,
- * the user must call CRMF_DestroyCertReqMsg to free
- * all memory associated with the Certificate Request
- * Message.
- * RETURN:
- * A pointer to a Certificate Request Message. The user
- * must pass the return value of this function to
- * CRMF_DestroyCertReqMsg after the Certificate Request
- * Message is no longer necessary.
- */
-extern CRMFCertReqMsg* CRMF_CreateCertReqMsg(void);
-
-/*
- * FUNCTION: CRMF_DestroyCertReqMsg
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to destroy.
- * NOTES:
- * This function frees all the memory used for the Certificate
- * Request Message and all the memory used in making copies of
- * fields of elelments of the message, eg. the Proof Of Possession
- * filed and the Cetificate Request.
- * RETURN:
- * SECSuccess if destruction was successful. Any other return value
- * indicates an error while trying to free the memory associated
- * with inCertReqMsg.
- *
- */
-extern SECStatus CRMF_DestroyCertReqMsg(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetCertRequest
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message that the function will set
- * the certificate request for.
- * inCertReq
- * The Certificate Request that will be added to the Certificate
- * Request Message.
- * NOTES:
- * This function will make a copy of the Certificate Request passed in
- * and store it as part of the Certificate Request Message. Therefore,
- * the user must not call this function until the Certificate Request
- * has been fully built and is ready to be encoded.
- * RETURN:
- * SECSuccess
- * If copying the Certificate as a member of the Certificate
- * request message was successful.
- * Any other return value indicates a failure to copy the Certificate
- * Request and make it a part of the Certificate Request Message.
- */
-extern SECStatus CRMF_CertReqMsgSetCertRequest(CRMFCertReqMsg *inCertReqMsg,
- CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CreateCertRequest
- * INPUTS:
- * inRequestID
- * The ID that will be associated with this certificate request.
- * OUTPUTS:
- * A certificate request which only has the requestID set.
- * NOTES:
- * The user must call the function CRMF_DestroyCertRequest when
- * the returned value is no longer needed. This is usually the
- * case after fully constructing the Certificate Request and then
- * calling the function CRMF_CertReqMsgSetCertRequest.
- * RETURN:
- * A pointer to the new Certificate Request. A NULL return value
- * indicates an error in creating the Certificate Request.
- */
-extern CRMFCertRequest *CRMF_CreateCertRequest (long inRequestID);
-
-/*
- * FUNCTION: CRMF_DestroyCertRequest
- * INPUTS:
- * inCertReq
- * The Certificate Request that will be destroyed.
- * RETURN:
- * SECSuccess
- * If freeing the memory associated with the certificate request
- * was successful.
- * Any other return value indicates an error while trying to free the
- * memory.
- */
-extern SECStatus CRMF_DestroyCertRequest (CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CreateCertExtension
- * INPUTS:
- * id
- * The SECOidTag to associate with this CertExtension. This must
- * correspond to a valid Certificate Extension, if not the function
- * will fail.
- * isCritical
- * A boolean value stating if the extension value is crtical. PR_TRUE
- * means the value is crtical. PR_FALSE indicates the value is not
- * critical.
- * data
- * This is the data associated with the extension. The user of the
- * library is responsible for making sure the value passed in is a
- * valid interpretation of the certificate extension.
- * NOTES:
- * Use this function to create CRMFCertExtension Structures which will
- * then be passed to CRMF_AddFieldToCertTemplate as part of the
- * CRMFCertCreationInfo.extensions The user must call
- * CRMF_DestroyCertExtension after the extension has been added to a certifcate
- * and the extension is no longer needed.
- *
- * RETURN:
- * A pointer to a newly created CertExtension. A return value of NULL
- * indicates the id passed in was an invalid certificate extension.
- */
-extern CRMFCertExtension *CRMF_CreateCertExtension(SECOidTag id,
- PRBool isCritical,
- SECItem *data);
-
-/*
- * FUNCTION: CMRF_DestroyCertExtension
- * INPUTS:
- * inExtension
- * The Cert Extension to destroy
- * NOTES:
- * Destroy a structure allocated by CRMF_CreateCertExtension.
- *
- * RETURN:
- * SECSuccess if freeing the memory associated with the certificate extension
- * was successful. Any other error indicates an error while freeing the
- * memory.
- */
-extern SECStatus CRMF_DestroyCertExtension(CRMFCertExtension *inExtension);
-
-/*
- * FUNCTION: CRMF_CertRequestSetTemplateField
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * inTemplateField
- * An enumeration that indicates which field of the Certificate
- * template to add.
- * data
- * A generic pointer that will be type cast according to the
- * table under NOTES and used as the key for adding to the
- * certificate template;
- * NOTES:
- *
- * Below is a table that tells what type to pass in as data
- * depending on the template field one wants to set.
- *
- * Look in crmft.h for the definition of CRMFCertTemplateField.
- *
- * In all cases, the library makes copies of the data passed in.
- *
- * CRMFCertTemplateField Type of data What data means
- * --------------------- ------------ ---------------
- * crmfVersion long * The version of
- * the certificate
- * to be created.
- *
- * crmfSerialNumber long * The serial number
- * for the cert to be
- * created.
- *
- * crmfSigningAlg SECAlgorithm * The ASN.1 object ID for
- * the algorithm used in encoding
- * the certificate.
- *
- * crmfIssuer CERTName * Certificate Library
- * representation of the ASN1 type
- * Name from X.509
- *
- * crmfValidity CRMFValidityCreationInfo * At least one of the two
- * fields in the structure must
- * be present. A NULL pointer
- * in the structure indicates
- * that member should not be
- * added.
- *
- * crmfSubject CERTName * Certificate Library
- * representation of the ASN1 type
- * Name from X.509
- *
- * crmfPublicKey CERTSubjectPublicKeyInfo * The public key info for the
- * certificate being requested.
- *
- * crmfIssuerUID SECItem * A bit string representation
- * of the issuer UID. NOTE: The
- * length is the number of bits
- * and not the number of bytes.
- *
- * crmfSubjectUID SECItem* A bit string representation
- * of the subject UID. NOTE: The
- * length is the number of bits
- * and not the number of bytes.
- *
- * crmfExtension CRMFCertExtCreationInfo * A pointer to the structure
- * populated with an array of
- * of certificate extensions
- * and an integer that tells
- * how many elements are in the
- * array. Look in crmft.h for
- * the definition of
- * CRMFCertExtCreationInfo
- * RETURN:
- * SECSuccess if adding the desired field to the template was successful.
- * Any other return value indicates failure when trying to add the field
- * to the template.
- *
- */
-extern SECStatus
- CRMF_CertRequestSetTemplateField(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inTemplateField,
- void *data);
-
-/*
- * FUNCTION: CRMF_CertRequestIsFieldPresent
- * INPUTS:
- * inCertReq
- * The certificate request to operate on.
- * inTemplateField
- * The enumeration for the template field the user wants to query
- * about.
- * NOTES:
- * This function checks to see if the the field associated with inTemplateField
- * enumeration is already present in the certificate request passed in.
- *
- * RETURN:
- * The function returns PR_TRUE if the field associated with inTemplateField
- * is already present in the certificate request. If the field is not present
- * the function returns PR_FALSE.
- */
-extern PRBool
- CRMF_CertRequestIsFieldPresent(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inTemplateField);
-
-/*
- * FUNCTION: CRMF_CertRequestIsControlPresent
- * INPUTS:
- * inCertReq
- * The certificate request to operate on.
- * inControlType
- * The type of control to look for.
- * NOTES:
- * This function looks at the control present in the certificate request
- * and returns PR_TRUE iff a control of type inControlType already exists.
- * The CRMF draft does not explicitly state that two controls of the same
- * type can not exist within the same request. So the library will not
- * cause an error if you try to add a control and one of the same type
- * already exists. It is up to the application to ensure that multiple
- * controls of the same type do not exist, if that is the desired behavior
- * by the application.
- *
- * RETURN:
- * The function returns PR_TRUE if a control of type inControlType already
- * exists in the certificate request. If a control of type inControlType
- * does not exist, the function will return PR_FALSE.
- */
-extern PRBool
- CRMF_CertRequestIsControlPresent(CRMFCertRequest *inCertReq,
- CRMFControlType inControlType);
-
-
-/*
- * FUNCTION: CRMF_CertRequestSetRegTokenControl
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * value
- * The UTF8 value which will be the Registration Token Control
- * for this Certificate Request.
- * NOTES:
- * The library does no verification that the value passed in is
- * a valid UTF8 value. The caller must make sure of this in order
- * to get an encoding that is valid. The library will ultimately
- * encode this value as it was passed in.
- * RETURN:
- * SECSucces on successful addition of the Registration Token Control.
- * Any other return value indicates an unsuccessful attempt to add the
- * control.
- *
- */
-extern SECStatus CRMF_CertRequestSetRegTokenControl(CRMFCertRequest *inCertReq,
- SECItem *value);
-
-/*
- * FUNCTION: CRMF_CertRequestSetAuthenticatorControl
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * value
- * The UTF8 value that will become the Authenticator Control
- * for the passed in Certificate Request.
- * NOTES:
- * The library does no verification that the value passed in is
- * a valid UTF8 value. The caller must make sure of this in order
- * to get an encoding that is valid. The library will ultimately
- * encode this value as it was passed in.
- * RETURN:
- * SECSucces on successful addition of the Authenticator Control.
- * Any other return value indicates an unsuccessful attempt to add the
- * control.
- */
-extern SECStatus
- CRMF_CertRequestSetAuthenticatorControl (CRMFCertRequest *inCertReq,
- SECItem *value);
-
-/*
- * FUNCTION: CRMF_CreateEncryptedKeyWithencryptedValue
- * INPUTS:
- * inPrivKey
- * This is the private key associated with a certificate that is
- * being requested. This structure will eventually wind up as
- * a part of the PKIArchiveOptions Control.
- * inCACert
- * This is the certificate for the CA that will be receiving the
- * certificate request for the private key passed in.
- * OUTPUT:
- * A CRMFEncryptedKey that can ultimately be used as part of the
- * PKIArchiveOptions Control.
- *
- * RETURN:
- * A pointer to a CRMFEncyptedKey. A NULL return value indicates an erro
- * during the creation of the encrypted key.
- */
-extern CRMFEncryptedKey*
- CRMF_CreateEncryptedKeyWithEncryptedValue(SECKEYPrivateKey *inPrivKey,
- CERTCertificate *inCACert);
-
-/*
- * FUNCTION: CRMF_DestroyEncryptedKey
- * INPUTS:
- * inEncrKey
- * The CRMFEncryptedKey to be destroyed.
- * NOTES:
- * Frees all memory associated with the CRMFEncryptedKey passed in.
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return
- * value indicates an error while freeig the memroy.
- */
-extern SECStatus CRMF_DestroyEncryptedKey(CRMFEncryptedKey *inEncrKey);
-
-/*
- * FUNCTION: CRMF_CreatePKIArchiveOptions
- * INPUTS:
- * inType
- * An enumeration value indicating which option for
- * PKIArchiveOptions to use.
- * data
- * A pointer that will be type-cast and de-referenced according
- * to the table under NOTES.
- * NOTES:
- * A table listing what should be passed in as data
- * ------------------------------------------------
- *
- * inType data
- * ------ ----
- * crmfEncryptedPrivateKey CRMFEncryptedKey*
- * crmfKeyGenParameters SECItem*(This needs to be an octet string)
- * crmfArchiveRemGenPrivKey PRBool*
- *
- * RETURN:
- * A pointer the a CRMFPKIArchiveOptions that can be added to a Certificate
- * Request. A NULL pointer indicates an error occurred while creating
- * the CRMFPKIArchiveOptions Structure.
- */
-extern CRMFPKIArchiveOptions*
- CRMF_CreatePKIArchiveOptions(CRMFPKIArchiveOptionsType inType,
- void *data);
-/*
- * FUNCTION: CRMF_DestroyPKIArchiveOptions
- * INPUTS:
- * inArchOpt
- * A pointer to the CRMFPKIArchiveOptions structure to free.
- * NOTES:
- * Will free all memory associated with 'inArchOpt'.
- * RETURN:
- * SECSuccess if successful in freeing the memory used by 'inArchOpt'
- * Any other return value indicates an error while freeing the memory.
- */
-extern SECStatus
- CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inArchOpt);
-
-/*
- * FUNCTION: CRMF_CertRequestSetPKIArchiveOptions
- * INPUTS:
- * inCertReq
- * The Certificate Request to add the the options to.
- * inOptions
- * The Archive Options to add to the Certificate Request.
- * NOTES:
- * Adds the PKIArchiveOption to the Certificate Request. This is what
- * enables Key Escrow to take place through CRMF. The library makes
- * its own copy of the information.
- * RETURN:
- * SECSuccess if successful in adding the ArchiveOptions to the Certificate
- * request. Any other return value indicates an error when trying to add
- * the Archive Options to the Certificate Request.
- */
-extern SECStatus
- CRMF_CertRequestSetPKIArchiveOptions(CRMFCertRequest *inCertReq,
- CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPType
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to operate on.
- * NOTES:
- * Returns an enumeration value indicating the method of Proof
- * of Possession that was used for the passed in Certificate Request
- * Message.
- * RETURN:
- * An enumeration indicating what method for Proof Of Possession is
- * being used in this Certificate Request Message. Look in the file
- * crmft.h for the definition of CRMFPOPChoice for the possible return
- * values.
- */
-extern CRMFPOPChoice CRMF_CertReqMsgGetPOPType(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetRAVerifiedPOP
- * INPUT:
- * InCertReqMsg
- * The Certificate Request Message to operate on.
- * NOTES:
- * This function will set the method of Proof Of Possession to
- * crmfRAVerified which means the RA has already verified the
- * requester does possess the private key.
- * RETURN:
- * SECSuccess if adding RAVerified to the message is successful.
- * Any other message indicates an error while trying to add RAVerified
- * as the Proof of Possession.
- */
-extern SECStatus CRMF_CertReqMsgSetRAVerifiedPOP(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetSignaturePOP
- * INPUT:
- * inCertReqMsg
- * The Certificate Request Message to add the SignaturePOP to.
- * inPrivKey
- * The Private Key which corresponds to the the Certificate Request
- * Message.
- * inPubKey
- * The Public Key which corresponds to the Private Key passed in.
- * inCertForInput
- * A Certificate that in the future may be used to create
- * POPOSigningKeyInput.
- * fn
- * A callback for retrieving a password which may be used in the
- * future to generate POPOSigningKeyInput.
- * arg
- * An opaque pointer that would be passed to fn whenever it is
- * called.
- * NOTES:
- * Adds Proof Of Possession to the CertRequest using the signature field
- * of the ProofOfPossession field. NOTE: In order to use this option,
- * the certificate template must contain the publicKey at the very minimum.
- *
- * If you don't want the function to generate POPOSigningKeyInput, then
- * make sure the cert template already contains the subject and public key
- * values. Currently creating POPOSigningKeyInput is not supported, so
- * a Message passed to this function must have the publicKey and the subject
- * as part of the template
- *
- * This will take care of creating the entire POPOSigningKey structure
- * that will become part of the message.
- *
- * inPrivKey is the key to be used in the signing operation when creating
- * POPOSigningKey structure. This should be the key corresponding to
- * the certificate being requested.
- *
- * inCertForInput will be used if POPOSigningKeyInput needs to be generated.
- * It will be used in generating the authInfo.sender field. If the parameter
- * is not passed in then authInfo.publicKeyMAC will be generated instead.
- * If passed in, this certificate needs to be a valid certificate.
- *
- * The last 3 arguments are for future compatibility in case we ever want to
- * support generating POPOSigningKeyInput. Pass in NULL for all 3 if you
- * definitely don't want the funciton to even try to generate
- * POPOSigningKeyInput. If you try to use POPOSigningKeyInput, the function
- * will fail.
- *
- * RETURN:
- * SECSuccess if adding the Signature Proof Of Possession worked.
- * Any other return value indicates an error in trying to add
- * the Signature Proof Of Possession.
- */
-extern SECStatus
- CRMF_CertReqMsgSetSignaturePOP(CRMFCertReqMsg *inCertReqMsg,
- SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey,
- CERTCertificate *inCertForInput,
- CRMFMACPasswordCallback fn,
- void *arg);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetKeyEnciphermentPOP
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to operate on.
- * inKeyChoice
- * An enumeration indicating which POPOPrivKey Choice to use
- * in constructing the KeyEnciphermentPOP.
- * subseqMess
- * This parameter must be provided iff inKeyChoice is
- * crmfSubsequentMessage. This details how the RA is to respond
- * in order to perform Proof Of Possession. Look in crmft.h under
- * the definition of CRMFSubseqMessOptions for possible values.
- * encPrivKey
- * This parameter only needs to be provided if inKeyChoice is
- * crmfThisMessage. The item should contain the encrypted private
- * key.
- *
- * NOTES:
- * Adds Proof Of Possession using the keyEncipherment field of
- * ProofOfPossession.
- *
- * The funciton looks at the the inKeyChoice parameter and interprets it in
- * in the following manner.
- *
- * If a parameter is not mentioned under interpretation, the funciton will not
- * look at its value when implementing that case.
- *
- * inKeyChoice Interpretation
- * ----------- --------------
- * crmfThisMessage This options requires that the encrypted private key
- * be included in the thisMessage field of POPOPrivKey.
- * We don't support this yet, so any clients who want
- * to use this feature have to implement a wrapping
- * function and agree with the server on how to properly
- * wrap the key. That encrypted key must be passed in
- * as the encPrivKey parameter.
- *
- * crmfSubequentMessage Must pass in a value for subseqMess. The value must
- * be either CRMFEncrCert or CRMFChallengeResp. The
- * parameter encPrivKey will not be looked at in this
- * case.
- *
- * crmfDHMAC This is not a valid option for this function. Passing
- * in this value will result in the function returning
- * SECFailure.
- * RETURN:
- * SECSuccess if adding KeyEnciphermentPOP was successful. Any other return
- * value indicates an error in adding KeyEnciphermentPOP.
- */
-extern SECStatus
- CRMF_CertReqMsgSetKeyEnciphermentPOP(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKeyChoice inKeyChoice,
- CRMFSubseqMessOptions subseqMess,
- SECItem *encPrivKey);
-
-/*
- * FUNCTION: CRMF_CertReqMsgSetKeyAgreementPOP
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to operate on.
- * inKeyChoice
- * An enumeration indicating which POPOPrivKey Choice to use
- * in constructing the KeyAgreementPOP.
- * subseqMess
- * This parameter must be provided iff inKeyChoice is
- * crmfSubsequentMessage. This details how the RA is to respond
- * in order to perform Proof Of Possession. Look in crmft.h under
- * the definition of CRMFSubseqMessOptions for possible values.
- * encPrivKey
- * This parameter only needs to be provided if inKeyChoice is
- * crmfThisMessage. The item should contain the encrypted private
- * key.
- * Adds Proof Of Possession using the keyAgreement field of
- * ProofOfPossession.
- *
- * The funciton looks at the the inKeyChoice parameter and interprets it in
- * in the following manner.
- *
- * If a parameter is not mentioned under interpretation, the funciton will not
- * look at its value when implementing that case.
- *
- * inKeyChoice Interpretation
- * ----------- --------------
- * crmfThisMessage This options requires that the encrypted private key
- * be included in the thisMessage field of POPOPrivKey.
- * We don't support this yet, so any clients who want
- * to use this feature have to implement a wrapping
- * function and agree with the server on how to properly
- * wrap the key. That encrypted key must be passed in
- * as the encPrivKey parameter.
- *
- * crmfSubequentMessage Must pass in a value for subseqMess. The value must
- * be either crmfEncrCert or crmfChallengeResp. The
- * parameter encPrivKey will not be looked at in this
- * case.
- *
- * crmfDHMAC This option is not supported.
- */
-extern SECStatus
- CRMF_CertReqMsgSetKeyAgreementPOP(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKeyChoice inKeyChoice,
- CRMFSubseqMessOptions subseqMess,
- SECItem *encPrivKey);
-
-/*
- * FUNCTION: CRMF_CreateCertReqMsgFromDER
- * INPUTS:
- * buf
- * A buffer to the DER-encoded Certificate Request Message.
- * len
- * The length in bytes of the buffer 'buf'
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a
- * CRMFCertReqMsg structure. Do not try adding any fields to a message
- * returned from this function. Specifically adding more Controls or
- * Extensions may cause your program to crash.
- *
- * RETURN:
- * A pointer to the Certificate Request Message structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CRMFCertReqMsg* CRMF_CreateCertReqMsgFromDER(const char *buf, long len);
-
-/*
- * FUNCTION: CRMF_CreateCertReqMessagesFromDER
- * INPUTS:
- * buf
- * A buffer to the DER-encoded Certificate Request Messages.
- * len
- * The length in bytes of buf
- * NOTES:
- * This function passes the buffer to the ASN1 decoder and creates a
- * CRMFCertReqMessages structure. Do not try adding any fields to a message
- * derived from this function. Specifically adding more Controls or
- * Extensions may cause your program to crash.
- * The user must call CRMF_DestroyCertReqMessages after the return value is
- * no longer needed, ie when all individual messages have been extracted.
- *
- * RETURN:
- * A pointer to the Certificate Request Messages structure. A NULL return
- * value indicates the library was unable to parse the DER.
- */
-extern CRMFCertReqMessages*
- CRMF_CreateCertReqMessagesFromDER(const char *buf, long len);
-
-/*
- * FUNCTION: CRMF_DestroyCertReqMessages
- * INPUTS
- * inCertReqMsgs
- * The Messages to destroy.
- * RETURN:
- * SECSuccess if freeing the memory was done successfully. Any other
- * return value indicates an error in freeing up memory.
- */
-extern SECStatus
- CRMF_DestroyCertReqMessages(CRMFCertReqMessages *inCertReqMsgs);
-
-/*
- * FUNCTION: CRMF_CertReqMessagesGetNumMessages
- * INPUTS:
- * inCertReqMsgs
- * The Request Messages to operate on.
- * RETURN:
- * The number of messages contained in the in the Request Messages
- * strucure.
- */
-extern int
- CRMF_CertReqMessagesGetNumMessages(CRMFCertReqMessages *inCertReqMsgs);
-
-/*
- * FUNCTION: CRMF_CertReqMessagesGetCertReqMsgAtIndex
- * INPUTS:
- * inReqMsgs
- * The Certificate Request Messages to operate on.
- * index
- * The index of the single message the user wants a copy of.
- * NOTES:
- * This function returns a copy of the request messages stored at the
- * index corresponding to the parameter 'index'. Indexing of the messages
- * is done in the same manner as a C array. Meaning the valid index are
- * 0...numMessages-1. User must call CRMF_DestroyCertReqMsg when done using
- * the return value of this function.
- *
- * RETURN:
- * SECSuccess if copying the message at the requested index was successful.
- * Any other return value indicates an invalid index or error while copying
- * the single request message.
- */
-extern CRMFCertReqMsg*
- CRMF_CertReqMessagesGetCertReqMsgAtIndex(CRMFCertReqMessages *inReqMsgs,
- int index);
-
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetID
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to get the ID from.
- * destID
- * A pointer to where the library can place the ID of the Message.
- * RETURN:
- * SECSuccess if the function was able to retrieve the ID and place it
- * at *destID. Any other return value indicates an error meaning the value
- * in *destId is un-reliable and should not be used by the caller of this
- * function.
- *
- */
-extern SECStatus CRMF_CertReqMsgGetID(CRMFCertReqMsg *inCertReqMsg,
- long *destID);
-
-/*
- * FUNCTION: CRMF_DoesRequestHaveField
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * inField
- * An enumeration indicating which filed of the certificate template
- * to look for.
- * NOTES:
- * All the fields in a certificate template are optional. This function
- * checks to see if the requested field is present. Look in crmft.h at the
- * definition of CRMFCertTemplateField for possible values for possible
- * querying.
- *
- * RETURN:
- * PR_TRUE iff the field corresponding to 'inField' has been specified as part
- * of 'inCertReq'
- * PR_FALSE iff the field corresponding to 'inField' has not been speicified
- * as part of 'inCertReq'
- *
- */
-extern PRBool CRMF_DoesRequestHaveField(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inField);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetCertRequest
- * INPUTS:
- * inCertReqMsg
- * The Certificate Request Message to operate on.
- * NOTES:
- * This function returns a copy of the Certificate Request to the user.
- * The user can keep adding to this request and then making it a part
- * of another message. After the user no longer wants to use the
- * returned request, the user must call CRMF_DestroyCertRequest and
- * pass it the request returned by this function.
- * RETURN:
- * A pointer to a copy of the certificate request contained by the message.
- * A NULL return value indicates an error occurred while copying the
- * certificate request.
- */
-extern CRMFCertRequest *
- CRMF_CertReqMsgGetCertRequest(CRMFCertReqMsg *inCertReqMsg);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateVersion
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * version
- * A pointer to where the library can store the version contatined
- * in the certificate template within the certifcate request.
- * RETURN:
- * SECSuccess if the Certificate template contains the version field. In
- * this case, *version will hold the value of the certificate template
- * version.
- * SECFailure indicates that version field was not present as part of
- * of the certificate template.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateVersion(CRMFCertRequest *inCertReq,
- long *version);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSerialNumber
- * INPUTS:
- * inCertReq
- * The certificate request to operate on.
- * serialNumber
- * A pointer where the library can put the serial number contained
- * in the certificate request's certificate template.
- * RETURN:
- * If a serial number exists in the CertTemplate of the request, the function
- * returns SECSuccess and the value at *serialNumber contains the serial
- * number.
- * If no serial number is present, then the function returns SECFailure and
- * the value at *serialNumber is un-changed.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateSerialNumber(CRMFCertRequest *inCertReq,
- long *serialNumber);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSigningAlg
- * INPUT:
- * inCertReq
- * The Certificate Request to operate on.
- * destAlg
- * A Pointer to where the library can place a copy of the signing alg
- * used in the cert request's cert template.
- * RETURN:
- * If the signingAlg is present in the CertRequest's CertTemplate, then
- * the function returns SECSuccess and places a copy of sigingAlg in
- * *destAlg.
- * If no signingAlg is present, then the function returns SECFailure and
- * the value at *destAlg is un-changed
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateSigningAlg(CRMFCertRequest *inCertReq,
- SECAlgorithmID *destAlg);
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateIssuer
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * destIssuer
- * A pointer to where the library can place a copy of the cert
- * request's cert template issuer field.
- * RETURN:
- * If the issuer is present in the cert request cert template, the function
- * returns SECSuccess and places a copy of the issuer in *destIssuer.
- * If there is no issuer present, the funciton returns SECFailure and the
- * value at *destIssuer is unchanged.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateIssuer(CRMFCertRequest *inCertReq,
- CERTName *destIssuer);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateValidity
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * destValdity
- * A pointer to where the library can place a copy of the validity
- * info in the cert request cert template.
- * NOTES:
- * Pass the pointer to
- * RETURN:
- * If there is an OptionalValidity field, the function will return SECSuccess
- * and place the appropriate values in *destValidity->notBefore and
- * *destValidity->notAfter. (Each field is optional, but at least one will
- * be present if the function returns SECSuccess)
- *
- * If there is no OptionalValidity field, the function will return SECFailure
- * and the values at *destValidity will be un-changed.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateValidity(CRMFCertRequest *inCertReq,
- CRMFGetValidity *destValidity);
-/*
- * FUNCTION: CRMF_DestroyGetValidity
- * INPUTS:
- * inValidity
- * A pointer to the memroy to be freed.
- * NOTES:
- * The function will free the memory allocated by the function
- * CRMF_CertRequestGetCertTemplateValidity. That means only memory pointed
- * to within the CRMFGetValidity structure. Since
- * CRMF_CertRequestGetCertTemplateValidity does not allocate memory for the
- * structure passed into it, it will not free it. Meaning this function will
- * free the memory at inValidity->notBefore and inValidity->notAfter, but not
- * the memory directly at inValdity.
- *
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return value
- * indicates an error while freeing the memory.
- */
-extern SECStatus
- CRMF_DestroyGetValidity(CRMFGetValidity *inValidity);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSubject
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * destSubject
- * A pointer to where the library can place a copy of the subject
- * contained in the request's cert template.
- * RETURN:
- * If there is a subject in the CertTemplate, then the function returns
- * SECSuccess and a copy of the subject is placed in *destSubject.
- *
- * If there is no subject, the function returns SECFailure and the values at
- * *destSubject is unchanged.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateSubject (CRMFCertRequest *inCertReq,
- CERTName *destSubject);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplatePublicKey
- * INPUTS:
- * inCertReq
- * The Cert request to operate on.
- * destPublicKey
- * A pointer to where the library can place a copy of the request's
- * cert template public key.
- * RETURN:
- * If there is a publicKey parameter in the CertRequest, the function returns
- * SECSuccess, and places a copy of the publicKey in *destPublicKey.
- *
- * If there is no publicKey, the function returns SECFailure and the value
- * at *destPublicKey is un-changed.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplatePublicKey(CRMFCertRequest *inCertReq,
- CERTSubjectPublicKeyInfo *destPublicKey);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateIssuerUID
- * INPUTS:
- * inCertReq
- * The Cert request to operate on.
- * destIssuerUID
- * A pointer to where the library can store a copy of the request's
- * cert template destIssuerUID.
- *
- * NOTES:
- * destIssuerUID is a bit string and will be returned in a SECItem as
- * a bit string. Meaning the len field contains the number of valid bits as
- * opposed to the number of bytes allocated.
- *
- * RETURN:
- * If the CertTemplate has an issuerUID, the function returns SECSuccess and
- * places a copy of the issuerUID in *destIssuerUID.
- *
- * If there is no issuerUID, the function returns SECFailure and the value
- * *destIssuerUID is unchanged.
- */
-extern SECStatus
- CRMF_CertRequestGetCertTemplateIssuerUID(CRMFCertRequest *inCertReq,
- SECItem *destIssuerUID);
-
-/*
- * FUNCTION: CRMF_CertRequestGetCertTemplateSubjectUID
- * inCertReq
- * The Cert request to operate on.
- * destSubjectUID
- * A pointer to where the library can store a copy of the request's
- * cert template destIssuerUID.
- *
- * NOTES:
- * destSubjectUID is a bit string and will be returned in a SECItem as
- * a bit string. Meaning the len field contains the number of valid bits as
- * opposed to the number of bytes allocated.
- *
- * RETURN:
- * If the CertTemplate has an issuerUID, the function returns SECSuccess and
- * places a copy of the issuerUID in *destIssuerUID.
- *
- * If there is no issuerUID, the function returns SECSuccess and the value
- * *destIssuerUID is unchanged.
- */
-extern SECStatus CRMF_GetCertTemplateSubjectUID(CRMFCertRequest *inCertReq,
- SECItem *destSubjectUID);
-
-/*
- * FUNCTION: CRMF_CertRequestGetNumberOfExtensions
- * INPUTS:
- * inCertReq
- * The cert request to operate on.
- * RETURN:
- * Returns the number of extensions contained by the Cert Request.
- */
-extern int CRMF_CertRequestGetNumberOfExtensions(CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CertRequestGetExtensionAtIndex
- * INPUTS:
- * inCertReq
- * The Certificate request to operate on.
- * index
- * The index of the extension array whihc the user wants to access.
- * NOTES:
- * This function retrieves the extension at the index corresponding to the
- * parameter "index" indicates. Indexing is done like a C array.
- * (0 ... numElements-1)
- *
- * Call CRMF_DestroyCertExtension when done using the return value.
- *
- * RETURN:
- * A pointer to a copy of the extension at the desired index. A NULL
- * return value indicates an invalid index or an error while copying
- * the extension.
- */
-extern CRMFCertExtension *
- CRMF_CertRequestGetExtensionAtIndex(CRMFCertRequest *inCertReq,
- int index);
-/*
- * FUNCTION: CRMF_CertExtensionGetOidTag
- * INPUTS:
- * inExtension
-
- * The extension to operate on.
- * RETURN:
- * Returns the SECOidTag associated with the cert extension passed in.
- */
-extern SECOidTag CRMF_CertExtensionGetOidTag(CRMFCertExtension *inExtension);
-
-/*
- * FUNCTION: CRMF_CertExtensionGetIsCritical
- * INPUT:
- * inExt
- * The cert extension to operate on.
- *
- * RETURN:
- * PR_TRUE if the extension is critical.
- * PR_FALSE if the extension is not critical.
- */
-extern PRBool CRMF_CertExtensionGetIsCritical(CRMFCertExtension *inExt);
-
-/*
- * FUNCTION: CRMF_CertExtensionGetValue
- * INPUT:
- * inExtension
- * The extension to operate on.
- * NOTES:
- * Caller is responsible for freeing the memory associated with the return
- * value. Call SECITEM_FreeItem(retVal, PR_TRUE) when done using the return
- * value.
- *
- * RETURN:
- * A pointer to an item containig the value for the certificate extension.
- * A NULL return value indicates an error in copying the information.
- */
-extern SECItem* CRMF_CertExtensionGetValue(CRMFCertExtension *inExtension);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPOSigningKey
- * INPUTS:
- * inCertReqMsg
- * The certificate request message to operate on.
- * destKey
- * A pointer to where the library can place a pointer to
- * a copy of the Proof Of Possession Signing Key used
- * by the message.
- *
- * RETURN:
- * Get the POPOSigningKey associated with this CRMFCertReqMsg.
- * If the CertReqMsg does not have a pop, the function returns
- * SECFailure and the value at *destKey is un-changed..
- *
- * If the CertReqMsg does have a pop, then the CertReqMsg's
- * POPOSigningKey will be placed at *destKey.
- */
-extern SECStatus
- CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOSigningKey **destKey);
-
-/*
- * FUNCTION: CRMF_DestroyPOPOSigningKey
- * INPUTS:
- * inKey
- * The signing key to free.
- *
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return value
- * indicates an error while freeing memory.
- */
-extern SECStatus CRMF_DestroyPOPOSigningKey (CRMFPOPOSigningKey *inKey);
-
-/*
- * FUNCTION: CRMF_POPOSigningKeyGetAlgID
- * INPUTS:
- * inSignKey
- * The Signing Key to operate on.
- * RETURN:
- * Return the algorithmID used by the CRMFPOPOSigningKey. User must
- * call SECOID_DestroyAlgorithmID(destID, PR_TRUE) when done using the
- * return value.
- */
-extern SECAlgorithmID*
- CRMF_POPOSigningKeyGetAlgID(CRMFPOPOSigningKey *inSignKey);
-
-/*
- * FUNCTION: CRMF_POPOSigningKeyGetSignature
- * INPUTS:
- * inSignKey
- * The Signing Key to operate on.
- *
- * RETURN:
- * Get the actual signature stored away in the CRMFPOPOSigningKey. SECItem
- * returned is a BIT STRING, so the len field is the number of bits as opposed
- * to the total number of bytes allocatd. User must call
- * SECITEM_FreeItem(retVal,PR_TRUE) when done using the return value.
- */
-extern SECItem* CRMF_POPOSigningKeyGetSignature(CRMFPOPOSigningKey *inSignKey);
-
-/*
- * FUNCTION: CRMF_POPOSigningKeyGetInput
- * INPUTS:
- * inSignKey
- * The Signing Key to operate on.
- * NOTES:
- * This function will return the der encoded input that was read in while
- * decoding. The API does not support this option when creating, so you
- * cannot add this field.
- *
- * RETURN:
- * Get the poposkInput that is part of the of the POPOSigningKey. If the
- * optional field is not part of the POPOSigningKey, the function returns
- * NULL.
- *
- * If the optional field is part of the POPOSingingKey, the function will
- * return a copy of the der encoded poposkInput.
- */
-extern SECItem* CRMF_POPOSigningKeyGetInput(CRMFPOPOSigningKey *inSignKey);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPKeyEncipherment
- * INPUTS:
- * inCertReqMsg
- * The certificate request message to operate on.
- * destKey
- * A pointer to where the library can place a pointer to a
- * copy of the POPOPrivKey representing Key Encipherment
- * Proof of Possession.
- *NOTES:
- * This function gets the POPOPrivKey associated with this CRMFCertReqMsg
- * for Key Encipherment.
- *
- * RETURN:
- * If the CertReqMsg did not use Key Encipherment for Proof Of Possession, the
- * function returns SECFailure and the value at *destKey is un-changed.
- *
- * If the CertReqMsg did use Key Encipherment for ProofOfPossession, the
- * function returns SECSuccess and places the POPOPrivKey representing the
- * Key Encipherment Proof Of Possessin at *destKey.
- */
-extern SECStatus
- CRMF_CertReqMsgGetPOPKeyEncipherment(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey **destKey);
-
-/*
- * FUNCTION: CRMF_CertReqMsgGetPOPKeyAgreement
- * INPUTS:
- * inCertReqMsg
- * The certificate request message to operate on.
- * destKey
- * A pointer to where the library can place a pointer to a
- * copy of the POPOPrivKey representing Key Agreement
- * Proof of Possession.
- * NOTES:
- * This function gets the POPOPrivKey associated with this CRMFCertReqMsg for
- * Key Agreement.
- *
- * RETURN:
- * If the CertReqMsg used Key Agreement for Proof Of Possession, the
- * function returns SECSuccess and the POPOPrivKey for Key Agreement
- * is placed at *destKey.
- *
- * If the CertReqMsg did not use Key Agreement for Proof Of Possession, the
- * function return SECFailure and the value at *destKey is unchanged.
- */
-extern SECStatus
- CRMF_CertReqMsgGetPOPKeyAgreement(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey **destKey);
-
-/*
- * FUNCTION: CRMF_DestroyPOPOPrivKey
- * INPUTS:
- * inPrivKey
- * The POPOPrivKey to destroy.
- * NOTES:
- * Destroy a structure allocated by CRMF_GetPOPKeyEncipherment or
- * CRMF_GetPOPKeyAgreement.
- *
- * RETURN:
- * SECSuccess on successful destruction of the POPOPrivKey.
- * Any other return value indicates an error in freeing the
- * memory.
- */
-extern SECStatus CRMF_DestroyPOPOPrivKey(CRMFPOPOPrivKey *inPrivKey);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetChoice
- * INPUT:
- * inKey
- * The POPOPrivKey to operate on.
- * RETURN:
- * Returns which choice was used in constructing the POPPOPrivKey. Look at
- * the definition of CRMFPOPOPrivKeyChoice in crmft.h for the possible return
- * values.
- */
-extern CRMFPOPOPrivKeyChoice CRMF_POPOPrivKeyGetChoice(CRMFPOPOPrivKey *inKey);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetThisMessage
- * INPUTS:
- * inKey
- * The POPOPrivKey to operate on.
- * destString
- * A pointer to where the library can place a copy of the This Message
- * field stored in the POPOPrivKey
- *
- * RETURN:
- * Returns the field thisMessage from the POPOPrivKey.
- * If the POPOPrivKey did not use the field thisMessage, the function
- * returns SECFailure and the value at *destString is unchanged.
- *
- * If the POPOPrivKey did use the field thisMessage, the function returns
- * SECSuccess and the BIT STRING representing thisMessage is placed
- * at *destString. BIT STRING representation means the len field is the
- * number of valid bits as opposed to the total number of bytes.
- */
-extern SECStatus CRMF_POPOPrivKeyGetThisMessage(CRMFPOPOPrivKey *inKey,
- SECItem *destString);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetSubseqMess
- * INPUTS:
- * inKey
- * The POPOPrivKey to operate on.
- * destOpt
- * A pointer to where the library can place the value of the
- * Subsequent Message option used by POPOPrivKey.
- *
- * RETURN:
- * Retrieves the field subsequentMessage from the POPOPrivKey.
- * If the POPOPrivKey used the subsequentMessage option, the function
- * returns SECSuccess and places the appropriate enumerated value at
- * *destMessageOption.
- *
- * If the POPOPrivKey did not use the subsequenMessage option, the function
- * returns SECFailure and the value at *destOpt is un-changed.
- */
-extern SECStatus CRMF_POPOPrivKeyGetSubseqMess(CRMFPOPOPrivKey *inKey,
- CRMFSubseqMessOptions *destOpt);
-
-/*
- * FUNCTION: CRMF_POPOPrivKeyGetDHMAC
- * INPUTS:
- * inKey
- * The POPOPrivKey to operate on.
- * destMAC
- * A pointer to where the library can place a copy of the dhMAC
- * field of the POPOPrivKey.
- *
- * NOTES:
- * Returns the field dhMAC from the POPOPrivKey. The populated SECItem
- * is in BIT STRING format.
- *
- * RETURN:
- * If the POPOPrivKey used the dhMAC option, the function returns SECSuccess
- * and the BIT STRING for dhMAC will be placed at *destMAC. The len field in
- * destMAC (ie destMAC->len) will be the valid number of bits as opposed to
- * the number of allocated bytes.
- *
- * If the POPOPrivKey did not use the dhMAC option, the function returns
- * SECFailure and the value at *destMAC is unchanged.
- *
- */
-extern SECStatus CRMF_POPOPrivKeyGetDHMAC(CRMFPOPOPrivKey *inKey,
- SECItem *destMAC);
-
-/*
- * FUNCTION: CRMF_CertRequestGetNumControls
- * INPUTS:
- * inCertReq
- * The Certificate Request to operate on.
- * RETURN:
- * Returns the number of Controls registered with this CertRequest.
- */
-extern int CRMF_CertRequestGetNumControls (CRMFCertRequest *inCertReq);
-
-/*
- * FUNCTION: CRMF_CertRequestGetControlAtIndex
- * INPUTS:
- * inCertReq
- * The certificate request to operate on.
- * index
- * The index of the control the user wants a copy of.
- * NOTES:
- * Function retrieves the Control at located at index. The Controls
- * are numbered like a traditional C array (0 ... numElements-1)
- *
- * RETURN:
- * Returns a copy of the control at the index specified. This is a copy
- * so the user must call CRMF_DestroyControl after the return value is no
- * longer needed. A return value of NULL indicates an error while copying
- * the control or that the index was invalid.
- */
-extern CRMFControl*
- CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq,
- int index);
-
-/*
- * FUNCTION: CRMF_DestroyControl
- * INPUTS:
- * inControl
- * The Control to destroy.
- * NOTES:
- * Destroy a CRMFControl allocated by CRMF_GetControlAtIndex.
- *
- * RETURN:
- * SECSuccess if freeing the memory was successful. Any other return
- * value indicates an error while freeing the memory.
- */
-extern SECStatus CRMF_DestroyControl(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetControlType
- * INPUTS:
- * inControl
- * The control to operate on.
- * NOTES:
- * The function returns an enumertion which indicates the type of control
- * 'inControl'.
- *
- * RETURN:
- * Look in crmft.h at the definition of the enumerated type CRMFControlType
- * for the possible return values.
- */
-extern CRMFControlType CRMF_ControlGetControlType(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetRegTokenControlValue
- * INPUTS:
- * inControl
- * The Control to operate on.
- * NOTES:
- * The user must call SECITEM_FreeItem passing in the return value
- * after the returnvalue is no longer needed.
-
- * RETURN:
- * Return the value for a Registration Token Control.
- * The SECItem returned should be in UTF8 format. A NULL
- * return value indicates there was no Registration Control associated
- * with the Control.
- * (This library will not verify format. It assumes the client properly
- * formatted the strings when adding it or the message decoded was properly
- * formatted. The library will just give back the bytes it was given.)
- */
-extern SECItem* CRMF_ControlGetRegTokenControlValue(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetAuthenticatorControlValue
- * INPUTS:
- * inControl
- * The Control to operate on.
- * NOTES:
- * The user must call SECITEM_FreeItem passing in the return value
- * after the returnvalue is no longer needed.
- *
- * RETURN:
- * Return the value for the Authenticator Control.
- * The SECItem returned should be in UTF8 format. A NULL
- * return value indicates there was no Authenticator Control associated
- * with the CRMFControl..
- * (This library will not verify format. It assumes the client properly
- * formatted the strings when adding it or the message decoded was properly
- * formatted. The library will just give back the bytes it was given.)
- */
-extern SECItem* CRMF_ControlGetAuthicatorControlValue(CRMFControl *inControl);
-
-/*
- * FUNCTION: CRMF_ControlGetPKIArchiveOptions
- * INPUTS:inControl
- * The Control tooperate on.
- * NOTES:
- * This function returns a copy of the PKIArchiveOptions. The user must call
- * the function CRMF_DestroyPKIArchiveOptions when the return value is no
- * longer needed.
- *
- * RETURN:
- * Get the PKIArchiveOptions associated with the Control. A return
- * value of NULL indicates the Control was not a PKIArchiveOptions
- * Control.
- */
-extern CRMFPKIArchiveOptions*
- CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl);
-
-/*
- * FUNCTION: CMRF_DestroyPKIArchiveOptions
- * INPUTS:
- * inOptions
- * The ArchiveOptions to destroy.
- * NOTE:
- * Destroy the CRMFPKIArchiveOptions structure.
- *
- * RETURN:
- * SECSuccess if successful in freeing all the memory associated with
- * the PKIArchiveOptions. Any other return value indicates an error while
- * freeing the PKIArchiveOptions.
- */
-extern SECStatus
- CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetOptionType
- * INPUTS:
- * inOptions
- * The PKIArchiveOptions to operate on.
- * RETURN:
- * Returns the choice used for the PKIArchiveOptions. Look at the definition
- * of CRMFPKIArchiveOptionsType in crmft.h for possible return values.
- */
-extern CRMFPKIArchiveOptionsType
- CRMF_PKIArchiveOptionsGetOptionType(CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetEncryptedPrivKey
- * INPUTS:
- * inOpts
- * The PKIArchiveOptions to operate on.
- *
- * NOTES:
- * The user must call CRMF_DestroyEncryptedKey when done using this return
- * value.
- *
- * RETURN:
- * Get the encryptedPrivKey field of the PKIArchiveOptions structure.
- * A return value of NULL indicates that encryptedPrivKey was not used as
- * the choice for this PKIArchiveOptions.
- */
-extern CRMFEncryptedKey*
- CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts);
-
-/*
- * FUNCTION: CRMF_EncryptedKeyGetChoice
- * INPUTS:
- * inEncrKey
- * The EncryptedKey to operate on.
- *
- * NOTES:
- * Get the choice used for representing the EncryptedKey.
- *
- * RETURN:
- * Returns the Choice used in representing the EncryptedKey. Look in
- * crmft.h at the definition of CRMFEncryptedKeyChoice for possible return
- * values.
- */
-extern CRMFEncryptedKeyChoice
- CRMF_EncryptedKeyGetChoice(CRMFEncryptedKey *inEncrKey);
-
-
-/*
- * FUNCTION: CRMF_EncryptedKeyGetEncryptedValue
- * INPUTS:
- * inKey
- * The EncryptedKey to operate on.
- *
- * NOTES:
- * The user must call CRMF_DestroyEncryptedValue passing in
- * CRMF_GetEncryptedValue's return value.
- *
- * RETURN:
- * A pointer to a copy of the EncryptedValue contained as a member of
- * the EncryptedKey.
- */
-extern CRMFEncryptedValue*
- CRMF_EncryptedKeyGetEncryptedValue(CRMFEncryptedKey *inKey);
-
-/*
- * FUNCTION: CRMF_DestroyEncryptedValue
- * INPUTS:
- * inEncrValue
- * The EncryptedValue to destroy.
- *
- * NOTES:
- * Free up all memory associated with 'inEncrValue'.
- *
- * RETURN:
- * SECSuccess if freeing up the memory associated with the EncryptedValue
- * is successful. Any other return value indicates an error while freeing the
- * memory.
- */
-extern SECStatus CRMF_DestroyEncryptedValue(CRMFEncryptedValue *inEncrValue);
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetEncValue
- * INPUTS:
- * inEncValue
- * The EncryptedValue to operate on.
- * NOTES:
- * Function retrieves the encValue from an EncryptedValue structure.
- *
- * RETURN:
- * A poiner to a SECItem containing the encValue of the EncryptedValue
- * structure. The return value is in BIT STRING format, meaning the
- * len field of the return structure represents the number of valid bits
- * as opposed to the allocated number of bytes.
- * ANULL return value indicates an error in copying the encValue field.
- */
-extern SECItem* CRMF_EncryptedValueGetEncValue(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetIntendedAlg
- * INPUTS
- * inEncValue
- * The EncryptedValue to operate on.
- * NOTES:
- * Retrieve the IntendedAlg field from the EncryptedValue structure.
- * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
- * the return value. When present, this alogorithm is the alogrithm for
- * which the private key will be used.
- *
- * RETURN:
- * A Copy of the intendedAlg field. A NULL return value indicates the
- * optional field was not present in the structure.
- */
-extern SECAlgorithmID*
- CRMF_EncryptedValueGetIntendedAlg(CRMFEncryptedValue *inEncValue);
-
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetSymmAlg
- * INPUTS
- * inEncValue
- * The EncryptedValue to operate on.
- * NOTES:
- * Retrieve the symmAlg field from the EncryptedValue structure.
- * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
- * the return value. When present, this is algorithm used to
- * encrypt the encValue of the EncryptedValue.
- *
- * RETURN:
- * A Copy of the symmAlg field. A NULL return value indicates the
- * optional field was not present in the structure.
- */
-extern SECAlgorithmID*
- CRMF_EncryptedValueGetSymmAlg(CRMFEncryptedValue *inEncValue);
-
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetKeyAlg
- * INPUTS
- * inEncValue
- * The EncryptedValue to operate on.
- * NOTES:
- * Retrieve the keyAlg field from the EncryptedValue structure.
- * Call SECOID_DestroyAlgorithmID (destAlgID, PR_TRUE) after done using
- * the return value. When present, this is the algorithm used to encrypt
- * the symmetric key in the encSymmKey field of the EncryptedValue structure.
- *
- * RETURN:
- * A Copy of the keyAlg field. A NULL return value indicates the
- * optional field was not present in the structure.
- */
-extern SECAlgorithmID*
- CRMF_EncryptedValueGetKeyAlg(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_EncryptedValueGetValueHint
- * INPUTS:
- * inEncValue
- * The EncryptedValue to operate on.
- *
- * NOTES:
- * Return a copy of the der-encoded value hint.
- * User must call SECITEM_FreeItem(retVal, PR_TRUE) when done using the
- * return value. When, present, this is a value that the client which
- * originally issued a certificate request can use to reproduce any data
- * it wants. The RA does not know how to interpret this data.
- *
- * RETURN:
- * A copy of the valueHint field of the EncryptedValue. A NULL return
- * value indicates the optional valueHint field is not present in the
- * EncryptedValue.
- */
-extern SECItem*
- CRMF_EncryptedValueGetValueHint(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_EncrypteValueGetEncSymmKey
- * INPUTS:
- * inEncValue
- * The EncryptedValue to operate on.
- *
- * NOTES:
- * Return a copy of the encSymmKey field. This field is the encrypted
- * symmetric key that the client uses in doing Public Key wrap of a private
- * key. When present, this is the symmetric key that was used to wrap the
- * private key. (The encrypted private key will be stored in encValue
- * of the same EncryptedValue structure.) The user must call
- * SECITEM_FreeItem(retVal, PR_TRUE) when the return value is no longer
- * needed.
- *
- * RETURN:
- * A copy of the optional encSymmKey field of the EncryptedValue structure.
- * The return value will be in BIT STRING format, meaning the len field will
- * be the number of valid bits as opposed to the number of bytes. A return
- * value of NULL means the optional encSymmKey field was not present in
- * the EncryptedValue structure.
- */
-extern SECItem*
- CRMF_EncryptedValueGetEncSymmKey(CRMFEncryptedValue *inEncValue);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetKeyGenParameters
- * INPUTS:
- * inOptions
- * The PKiArchiveOptions to operate on.
- *
- * NOTES:
- * User must call SECITEM_FreeItem(retVal, PR_TRUE) after the return
- * value is no longer needed.
- *
- * RETURN:
- * Get the keyGenParameters field of the PKIArchiveOptions.
- * A NULL return value indicates that keyGenParameters was not
- * used as the choice for this PKIArchiveOptions.
- *
- * The SECItem returned is in BIT STRING format (ie, the len field indicates
- * number of valid bits as opposed to allocated number of bytes.)
- */
-extern SECItem*
- CRMF_PKIArchiveOptionsGetKeyGenParameters(CRMFPKIArchiveOptions *inOptions);
-
-/*
- * FUNCTION: CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey
- * INPUTS:
- * inOpt
- * The PKIArchiveOptions to operate on.
- * destVal
- * A pointer to where the library can place the value for
- * arciveRemGenPrivKey
- * RETURN:
- * If the PKIArchiveOptions used the archiveRemGenPrivKey field, the
- * function returns SECSuccess and fills the value at *destValue with either
- * PR_TRUE or PR_FALSE, depending on what the PKIArchiveOptions has as a
- * value.
- *
- * If the PKIArchiveOptions does not use the archiveRemGenPrivKey field, the
- * function returns SECFailure and the value at *destValue is unchanged.
- */
-extern SECStatus
- CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey(CRMFPKIArchiveOptions *inOpt,
- PRBool *destVal);
-
-/* Helper functions that can be used by other libraries. */
-/*
- * A quick helper funciton to get the best wrap mechanism.
- */
-extern CK_MECHANISM_TYPE CRMF_GetBestWrapPadMechanism(PK11SlotInfo *slot);
-
-/*
- * A helper function to get a randomly generated IV from a mechanism
- * type.
- */
-extern SECItem* CRMF_GetIVFromMechanism(CK_MECHANISM_TYPE mechType);
-
-SEC_END_PROTOS
-#endif /*_CRMF_H_*/
-
-
diff --git a/security/nss/lib/crmf/crmfcont.c b/security/nss/lib/crmf/crmfcont.c
deleted file mode 100644
index 3b4b9a98b..000000000
--- a/security/nss/lib/crmf/crmfcont.c
+++ /dev/null
@@ -1,1166 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "pk11func.h"
-#include "keyhi.h"
-#include "secoid.h"
-
-static SECStatus
-crmf_modify_control_array (CRMFCertRequest *inCertReq, int count)
-{
- if (count > 0) {
- void *dummy = PORT_Realloc(inCertReq->controls,
- sizeof(CRMFControl*)*(count+2));
- if (dummy == NULL) {
- return SECFailure;
- }
- inCertReq->controls = dummy;
- } else {
- inCertReq->controls = PORT_ZNewArray(CRMFControl*, 2);
- }
- return (inCertReq->controls == NULL) ? SECFailure : SECSuccess ;
-}
-
-static SECStatus
-crmf_add_new_control(CRMFCertRequest *inCertReq,SECOidTag inTag,
- CRMFControl **destControl)
-{
- SECOidData *oidData;
- SECStatus rv;
- PRArenaPool *poolp;
- int numControls = 0;
- CRMFControl *newControl;
- CRMFControl **controls;
- void *mark;
-
- poolp = inCertReq->poolp;
- if (poolp == NULL) {
- return SECFailure;
- }
- mark = PORT_ArenaMark(poolp);
- if (inCertReq->controls != NULL) {
- while (inCertReq->controls[numControls] != NULL)
- numControls++;
- }
- rv = crmf_modify_control_array(inCertReq, numControls);
- if (rv != SECSuccess) {
- goto loser;
- }
- controls = inCertReq->controls;
- oidData = SECOID_FindOIDByTag(inTag);
- newControl = *destControl = PORT_ArenaZNew(poolp,CRMFControl);
- if (newControl == NULL) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &newControl->derTag, &oidData->oid);
- if (rv != SECSuccess) {
- goto loser;
- }
- newControl->tag = inTag;
- controls[numControls] = newControl;
- controls[numControls+1] = NULL;
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- *destControl = NULL;
- return SECFailure;
-
-}
-
-SECStatus
-crmf_add_secitem_control(CRMFCertRequest *inCertReq, SECItem *value,
- SECOidTag inTag)
-{
- SECStatus rv;
- CRMFControl *newControl;
- void *mark;
-
- rv = crmf_add_new_control(inCertReq, inTag, &newControl);
- if (rv != SECSuccess) {
- return rv;
- }
- mark = PORT_ArenaMark(inCertReq->poolp);
- rv = SECITEM_CopyItem(inCertReq->poolp, &newControl->derValue, value);
- if (rv != SECSuccess) {
- PORT_ArenaRelease(inCertReq->poolp, mark);
- return rv;
- }
- PORT_ArenaUnmark(inCertReq->poolp, mark);
- return SECSuccess;
-}
-
-SECStatus
-CRMF_CertRequestSetRegTokenControl(CRMFCertRequest *inCertReq, SECItem *value)
-{
- return crmf_add_secitem_control(inCertReq, value,
- SEC_OID_PKIX_REGCTRL_REGTOKEN);
-}
-
-SECStatus
-CRMF_CertRequestSetAuthenticatorControl (CRMFCertRequest *inCertReq,
- SECItem *value)
-{
- return crmf_add_secitem_control(inCertReq, value,
- SEC_OID_PKIX_REGCTRL_AUTHENTICATOR);
-}
-
-SECStatus
-crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue, PRBool freeit)
-{
- if (inEncrValue != NULL) {
- if (inEncrValue->intendedAlg) {
- SECOID_DestroyAlgorithmID(inEncrValue->intendedAlg, PR_TRUE);
- }
- if (inEncrValue->symmAlg) {
- SECOID_DestroyAlgorithmID(inEncrValue->symmAlg, PR_TRUE);
- }
- if (inEncrValue->encSymmKey.data) {
- PORT_Free(inEncrValue->encSymmKey.data);
- }
- if (inEncrValue->keyAlg) {
- SECOID_DestroyAlgorithmID(inEncrValue->keyAlg, PR_TRUE);
- }
- if (inEncrValue->valueHint.data) {
- PORT_Free(inEncrValue->valueHint.data);
- }
- if (inEncrValue->encValue.data) {
- PORT_Free(inEncrValue->encValue.data);
- }
- if (freeit) {
- PORT_Free(inEncrValue);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyEncryptedValue(CRMFEncryptedValue *inEncrValue)
-{
- return crmf_destroy_encrypted_value(inEncrValue, PR_TRUE);
-}
-
-SECStatus
-crmf_copy_encryptedvalue_secalg(PRArenaPool *poolp,
- SECAlgorithmID *srcAlgId,
- SECAlgorithmID **destAlgId)
-{
- SECAlgorithmID *newAlgId;
-
- *destAlgId = newAlgId = (poolp != NULL) ?
- PORT_ArenaZNew(poolp, SECAlgorithmID) :
- PORT_ZNew(SECAlgorithmID);
- if (newAlgId == NULL) {
- return SECFailure;
- }
-
- return SECOID_CopyAlgorithmID(poolp, newAlgId, srcAlgId);
-}
-
-SECStatus
-crmf_copy_encryptedvalue(PRArenaPool *poolp,
- CRMFEncryptedValue *srcValue,
- CRMFEncryptedValue *destValue)
-{
- SECStatus rv;
-
- if (srcValue->intendedAlg != NULL) {
- rv = crmf_copy_encryptedvalue_secalg(poolp,
- srcValue->intendedAlg,
- &destValue->intendedAlg);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->symmAlg != NULL) {
- rv = crmf_copy_encryptedvalue_secalg(poolp,
- srcValue->symmAlg,
- &destValue->symmAlg);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->encSymmKey.data != NULL) {
- rv = crmf_make_bitstring_copy(poolp,
- &destValue->encSymmKey,
- &srcValue->encSymmKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->keyAlg != NULL) {
- rv = crmf_copy_encryptedvalue_secalg(poolp,
- srcValue->keyAlg,
- &destValue->keyAlg);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->valueHint.data != NULL) {
- rv = SECITEM_CopyItem(poolp,
- &destValue->valueHint,
- &srcValue->valueHint);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValue->encValue.data != NULL) {
- rv = crmf_make_bitstring_copy(poolp,
- &destValue->encValue,
- &srcValue->encValue);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- return SECSuccess;
- loser:
- if (poolp == NULL && destValue != NULL) {
- crmf_destroy_encrypted_value(destValue, PR_TRUE);
- }
- return SECFailure;
-}
-
-SECStatus
-crmf_copy_encryptedkey(PRArenaPool *poolp,
- CRMFEncryptedKey *srcEncrKey,
- CRMFEncryptedKey *destEncrKey)
-{
- SECStatus rv;
- void *mark = NULL;
-
- if (poolp != NULL) {
- mark = PORT_ArenaMark(poolp);
- }
-
- switch (srcEncrKey->encKeyChoice) {
- case crmfEncryptedValueChoice:
- rv = crmf_copy_encryptedvalue(poolp,
- &srcEncrKey->value.encryptedValue,
- &destEncrKey->value.encryptedValue);
- break;
- case crmfEnvelopedDataChoice:
- destEncrKey->value.envelopedData =
- SEC_PKCS7CopyContentInfo(srcEncrKey->value.envelopedData);
- rv = (destEncrKey->value.envelopedData != NULL) ? SECSuccess:
- SECFailure;
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- destEncrKey->encKeyChoice = srcEncrKey->encKeyChoice;
- if (mark) {
- PORT_ArenaUnmark(poolp, mark);
- }
- return SECSuccess;
-
- loser:
- if (mark) {
- PORT_ArenaRelease(poolp, mark);
- }
- return SECFailure;
-}
-
-CRMFPKIArchiveOptions*
-crmf_create_encr_pivkey_option(CRMFEncryptedKey *inEncryptedKey)
-{
- CRMFPKIArchiveOptions *newArchOpt;
- SECStatus rv;
-
- newArchOpt = PORT_ZNew(CRMFPKIArchiveOptions);
- if (newArchOpt == NULL) {
- goto loser;
- }
-
- rv = crmf_copy_encryptedkey(NULL, inEncryptedKey,
- &newArchOpt->option.encryptedKey);
-
- if (rv != SECSuccess) {
- goto loser;
- }
- newArchOpt->archOption = crmfEncryptedPrivateKey;
- return newArchOpt;
- loser:
- if (newArchOpt != NULL) {
- CRMF_DestroyPKIArchiveOptions(newArchOpt);
- }
- return NULL;
-}
-
-static CRMFPKIArchiveOptions*
-crmf_create_keygen_param_option(SECItem *inKeyGenParams)
-{
- CRMFPKIArchiveOptions *newArchOptions;
- SECStatus rv;
-
- newArchOptions = PORT_ZNew(CRMFPKIArchiveOptions);
- if (newArchOptions == NULL) {
- goto loser;
- }
- newArchOptions->archOption = crmfKeyGenParameters;
- rv = SECITEM_CopyItem(NULL, &newArchOptions->option.keyGenParameters,
- inKeyGenParams);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newArchOptions;
- loser:
- if (newArchOptions != NULL) {
- CRMF_DestroyPKIArchiveOptions(newArchOptions);
- }
- return NULL;
-}
-
-static CRMFPKIArchiveOptions*
-crmf_create_arch_rem_gen_privkey(PRBool archiveRemGenPrivKey)
-{
- unsigned char value;
- SECItem *dummy;
- CRMFPKIArchiveOptions *newArchOptions;
-
- value = (archiveRemGenPrivKey) ? hexTrue : hexFalse;
- newArchOptions = PORT_ZNew(CRMFPKIArchiveOptions);
- if (newArchOptions == NULL) {
- goto loser;
- }
- dummy = SEC_ASN1EncodeItem(NULL,
- &newArchOptions->option.archiveRemGenPrivKey,
- &value, SEC_ASN1_GET(SEC_BooleanTemplate));
- PORT_Assert (dummy == &newArchOptions->option.archiveRemGenPrivKey);
- if (dummy != &newArchOptions->option.archiveRemGenPrivKey) {
- SECITEM_FreeItem (dummy, PR_TRUE);
- goto loser;
- }
- newArchOptions->archOption = crmfArchiveRemGenPrivKey;
- return newArchOptions;
- loser:
- if (newArchOptions != NULL) {
- CRMF_DestroyPKIArchiveOptions(newArchOptions);
- }
- return NULL;
-}
-
-CRMFPKIArchiveOptions*
-CRMF_CreatePKIArchiveOptions(CRMFPKIArchiveOptionsType inType, void *data)
-{
- CRMFPKIArchiveOptions* retOptions;
-
- PORT_Assert(data != NULL);
- if (data == NULL) {
- return NULL;
- }
- switch(inType) {
- case crmfEncryptedPrivateKey:
- retOptions = crmf_create_encr_pivkey_option((CRMFEncryptedKey*)data);
- break;
- case crmfKeyGenParameters:
- retOptions = crmf_create_keygen_param_option((SECItem*)data);
- break;
- case crmfArchiveRemGenPrivKey:
- retOptions = crmf_create_arch_rem_gen_privkey(*(PRBool*)data);
- break;
- default:
- retOptions = NULL;
- }
- return retOptions;
-}
-
-static SECStatus
-crmf_destroy_encrypted_key(CRMFEncryptedKey *inEncrKey, PRBool freeit)
-{
- PORT_Assert(inEncrKey != NULL);
- if (inEncrKey != NULL) {
- switch (inEncrKey->encKeyChoice){
- case crmfEncryptedValueChoice:
- crmf_destroy_encrypted_value(&inEncrKey->value.encryptedValue,
- PR_FALSE);
- break;
- case crmfEnvelopedDataChoice:
- SEC_PKCS7DestroyContentInfo(inEncrKey->value.envelopedData);
- break;
- default:
- break;
- }
- if (freeit) {
- PORT_Free(inEncrKey);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions,
- PRBool freeit)
-{
- PORT_Assert(inArchOptions != NULL);
- if (inArchOptions != NULL) {
- switch (inArchOptions->archOption) {
- case crmfEncryptedPrivateKey:
- crmf_destroy_encrypted_key(&inArchOptions->option.encryptedKey,
- PR_FALSE);
- break;
- case crmfKeyGenParameters:
- case crmfArchiveRemGenPrivKey:
- /* This is a union, so having a pointer to one is like
- * having a pointer to both.
- */
- SECITEM_FreeItem(&inArchOptions->option.keyGenParameters,
- PR_FALSE);
- break;
- case crmfNoArchiveOptions:
- break;
- }
- if (freeit) {
- PORT_Free(inArchOptions);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyPKIArchiveOptions(CRMFPKIArchiveOptions *inArchOptions)
-{
- return crmf_destroy_pkiarchiveoptions(inArchOptions, PR_TRUE);
-}
-
-static CK_MECHANISM_TYPE
-crmf_get_non_pad_mechanism(CK_MECHANISM_TYPE type)
-{
- switch (type) {
- case CKM_DES3_CBC_PAD:
- return CKM_DES3_CBC;
- case CKM_CAST5_CBC_PAD:
- return CKM_CAST5_CBC;
- case CKM_DES_CBC_PAD:
- return CKM_DES_CBC;
- case CKM_IDEA_CBC_PAD:
- return CKM_IDEA_CBC;
- case CKM_CAST3_CBC_PAD:
- return CKM_CAST3_CBC;
- case CKM_CAST_CBC_PAD:
- return CKM_CAST_CBC;
- case CKM_RC5_CBC_PAD:
- return CKM_RC5_CBC;
- case CKM_RC2_CBC_PAD:
- return CKM_RC2_CBC;
- case CKM_CDMF_CBC_PAD:
- return CKM_CDMF_CBC;
- }
- return type;
-}
-
-static CK_MECHANISM_TYPE
-crmf_get_pad_mech_from_tag(SECOidTag oidTag)
-{
- CK_MECHANISM_TYPE mechType;
- SECOidData *oidData;
-
- oidData = SECOID_FindOIDByTag(oidTag);
- mechType = (CK_MECHANISM_TYPE)oidData->mechanism;
- return PK11_GetPadMechanism(mechType);
-}
-
-static CK_MECHANISM_TYPE
-crmf_get_best_privkey_wrap_mechanism(PK11SlotInfo *slot)
-{
- CK_MECHANISM_TYPE privKeyPadMechs[] = { CKM_DES3_CBC_PAD,
- CKM_CAST5_CBC_PAD,
- CKM_DES_CBC_PAD,
- CKM_IDEA_CBC_PAD,
- CKM_CAST3_CBC_PAD,
- CKM_CAST_CBC_PAD,
- CKM_RC5_CBC_PAD,
- CKM_RC2_CBC_PAD,
- CKM_CDMF_CBC_PAD };
- int mechCount = sizeof(privKeyPadMechs)/sizeof(privKeyPadMechs[0]);
- int i;
-
- for (i=0; i < mechCount; i++) {
- if (PK11_DoesMechanism(slot, privKeyPadMechs[i])) {
- return privKeyPadMechs[i];
- }
- }
- return CKM_INVALID_MECHANISM;
-}
-
-CK_MECHANISM_TYPE
-CRMF_GetBestWrapPadMechanism(PK11SlotInfo *slot)
-{
- return crmf_get_best_privkey_wrap_mechanism(slot);
-}
-
-static SECItem*
-crmf_get_iv(CK_MECHANISM_TYPE mechType)
-{
- int iv_size = PK11_GetIVLength(mechType);
- SECItem *iv;
- SECStatus rv;
-
- iv = PORT_ZNew(SECItem);
- if (iv == NULL) {
- return NULL;
- }
- if (iv_size == 0) {
- iv->data = NULL;
- iv->len = 0;
- return iv;
- }
- iv->data = PORT_NewArray(unsigned char, iv_size);
- if (iv->data == NULL) {
- iv->len = 0;
- return iv;
- }
- iv->len = iv_size;
- rv = PK11_GenerateRandom(iv->data, iv->len);
- if (rv != SECSuccess) {
- PORT_Free(iv->data);
- iv->data = NULL;
- iv->len = 0;
- }
- return iv;
-}
-
-SECItem*
-CRMF_GetIVFromMechanism(CK_MECHANISM_TYPE mechType)
-{
- return crmf_get_iv(mechType);
-}
-
-CK_MECHANISM_TYPE
-crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey)
-{
- CERTSubjectPublicKeyInfo *spki = NULL;
- SECOidTag tag;
-
-
- spki = SECKEY_CreateSubjectPublicKeyInfo(inPubKey);
- if (spki == NULL) {
- return CKM_INVALID_MECHANISM;
- }
- tag = SECOID_FindOIDTag(&spki->algorithm.algorithm);
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- spki = NULL;
- return PK11_AlgtagToMechanism(tag);
-}
-
-SECItem*
-crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest)
-{
- SECItem *pubValue;
-
- if (dest != NULL) {
- pubValue = dest;
- } else {
- pubValue = PORT_ZNew(SECItem);
- }
- switch(pubKey->keyType) {
- case dsaKey:
- SECITEM_CopyItem(NULL, pubValue, &pubKey->u.dsa.publicValue);
- break;
- case rsaKey:
- SECITEM_CopyItem(NULL, pubValue, &pubKey->u.rsa.modulus);
- break;
- case dhKey:
- SECITEM_CopyItem(NULL, pubValue, &pubKey->u.dh.publicValue);
- break;
- default:
- if (dest == NULL) {
- PORT_Free(pubValue);
- }
- pubValue = NULL;
- break;
- }
- return pubValue;
-}
-
-static SECItem*
-crmf_decode_params(SECItem *inParams)
-{
- SECItem *params;
- SECStatus rv;
-
- params = PORT_ZNew(SECItem);
- rv = SEC_ASN1DecodeItem(NULL, params,
- SEC_ASN1_GET(SEC_OctetStringTemplate),
- inParams);
- if (rv != SECSuccess) {
- SECITEM_FreeItem(params, PR_TRUE);
- return NULL;
- }
- return params;
-}
-
-int
-crmf_get_key_size_from_mech(CK_MECHANISM_TYPE mechType)
-{
- CK_MECHANISM_TYPE keyGen = PK11_GetKeyGen(mechType);
-
- switch (keyGen) {
- case CKM_CDMF_KEY_GEN:
- case CKM_DES_KEY_GEN:
- return 8;
- case CKM_DES2_KEY_GEN:
- return 16;
- case CKM_DES3_KEY_GEN:
- return 24;
- }
- return 0;
-}
-
-SECStatus
-crmf_encrypted_value_unwrap_priv_key(PRArenaPool *poolp,
- CRMFEncryptedValue *encValue,
- SECKEYPrivateKey *privKey,
- SECKEYPublicKey *newPubKey,
- SECItem *nickname,
- PK11SlotInfo *slot,
- unsigned char keyUsage,
- SECKEYPrivateKey **unWrappedKey,
- void *wincx)
-{
- PK11SymKey *wrappingKey = NULL;
- CK_MECHANISM_TYPE wrapMechType;
- SECOidTag oidTag;
- SECItem *params = NULL, *publicValue = NULL;
- int keySize, origLen;
- CK_KEY_TYPE keyType;
- CK_ATTRIBUTE_TYPE *usage = NULL;
- CK_ATTRIBUTE_TYPE rsaUsage[] = {
- CKA_UNWRAP, CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER };
- CK_ATTRIBUTE_TYPE dsaUsage[] = { CKA_SIGN };
- CK_ATTRIBUTE_TYPE dhUsage[] = { CKA_DERIVE };
- int usageCount = 0;
-
- oidTag = SECOID_GetAlgorithmTag(encValue->symmAlg);
- wrapMechType = crmf_get_pad_mech_from_tag(oidTag);
- keySize = crmf_get_key_size_from_mech(wrapMechType);
- wrappingKey = PK11_PubUnwrapSymKey(privKey, &encValue->encSymmKey,
- wrapMechType, CKA_UNWRAP, keySize);
- if (wrappingKey == NULL) {
- goto loser;
- }/* Make the length a byte length instead of bit length*/
- params = (encValue->symmAlg != NULL) ?
- crmf_decode_params(&encValue->symmAlg->parameters) : NULL;
- origLen = encValue->encValue.len;
- encValue->encValue.len = CRMF_BITS_TO_BYTES(origLen);
- publicValue = crmf_get_public_value(newPubKey, NULL);
- switch(newPubKey->keyType) {
- default:
- case rsaKey:
- keyType = CKK_RSA;
- switch (keyUsage & (KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE)) {
- case KU_KEY_ENCIPHERMENT:
- usage = rsaUsage;
- usageCount = 2;
- break;
- case KU_DIGITAL_SIGNATURE:
- usage = &rsaUsage[2];
- usageCount = 2;
- break;
- case KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE:
- case 0: /* default to everything */
- usage = rsaUsage;
- usageCount = 4;
- break;
- }
- break;
- case dhKey:
- keyType = CKK_DH;
- usage = dhUsage;
- usageCount = sizeof(dhUsage)/sizeof(dhUsage[0]);
- break;
- case dsaKey:
- keyType = CKK_DSA;
- usage = dsaUsage;
- usageCount = sizeof(dsaUsage)/sizeof(dsaUsage[0]);
- break;
- }
- PORT_Assert(usage != NULL);
- PORT_Assert(usageCount != 0);
- *unWrappedKey = PK11_UnwrapPrivKey(slot, wrappingKey, wrapMechType, params,
- &encValue->encValue, nickname,
- publicValue, PR_TRUE,PR_TRUE,
- keyType, usage, usageCount, wincx);
- encValue->encValue.len = origLen;
- if (*unWrappedKey == NULL) {
- goto loser;
- }
- SECITEM_FreeItem (publicValue, PR_TRUE);
- if (params!= NULL) {
- SECITEM_FreeItem(params, PR_TRUE);
- }
- PK11_FreeSymKey(wrappingKey);
- return SECSuccess;
- loser:
- *unWrappedKey = NULL;
- return SECFailure;
-}
-
-CRMFEncryptedValue *
-crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inCAKey,
- CRMFEncryptedValue *destValue)
-{
- SECItem wrappedPrivKey, wrappedSymKey;
- SECItem encodedParam, *dummy;
- SECStatus rv;
- CK_MECHANISM_TYPE pubMechType, symKeyType;
- unsigned char *wrappedSymKeyBits;
- unsigned char *wrappedPrivKeyBits;
- SECItem *iv = NULL;
- SECOidTag tag;
- PK11SymKey *symKey;
- PK11SlotInfo *slot;
- SECAlgorithmID *symmAlg;
- CRMFEncryptedValue *myEncrValue = NULL;
-
- encodedParam.data = NULL;
- wrappedSymKeyBits = PORT_NewArray(unsigned char, MAX_WRAPPED_KEY_LEN);
- wrappedPrivKeyBits = PORT_NewArray(unsigned char, MAX_WRAPPED_KEY_LEN);
- if (wrappedSymKeyBits == NULL || wrappedPrivKeyBits == NULL) {
- goto loser;
- }
- if (destValue == NULL) {
- myEncrValue = destValue = PORT_ZNew(CRMFEncryptedValue);
- if (destValue == NULL) {
- goto loser;
- }
- }
-
- pubMechType = crmf_get_mechanism_from_public_key(inCAKey);
- if (pubMechType == CKM_INVALID_MECHANISM) {
- /* XXX I should probably do something here for non-RSA
- * keys that are in certs. (ie DSA)
- */
- goto loser;
- }
- slot = inPrivKey->pkcs11Slot;
- PORT_Assert(slot != NULL);
- symKeyType = crmf_get_best_privkey_wrap_mechanism(slot);
- symKey = PK11_KeyGen(slot, symKeyType, NULL, 0, NULL);
- if (symKey == NULL) {
- goto loser;
- }
-
- wrappedSymKey.data = wrappedSymKeyBits;
- wrappedSymKey.len = MAX_WRAPPED_KEY_LEN;
- rv = PK11_PubWrapSymKey(pubMechType, inCAKey, symKey, &wrappedSymKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- /* Make the length of the result a Bit String length. */
- wrappedSymKey.len <<= 3;
-
- wrappedPrivKey.data = wrappedPrivKeyBits;
- wrappedPrivKey.len = MAX_WRAPPED_KEY_LEN;
- iv = crmf_get_iv(symKeyType);
- rv = PK11_WrapPrivKey(slot, symKey, inPrivKey, symKeyType, iv,
- &wrappedPrivKey, NULL);
- PK11_FreeSymKey(symKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- /* Make the length of the result a Bit String length. */
- wrappedPrivKey.len <<= 3;
- rv = crmf_make_bitstring_copy(NULL,
- &destValue->encValue,
- &wrappedPrivKey);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_make_bitstring_copy(NULL,
- &destValue->encSymmKey,
- &wrappedSymKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- destValue->symmAlg = symmAlg = PORT_ZNew(SECAlgorithmID);
- if (symmAlg == NULL) {
- goto loser;
- }
-
- dummy = SEC_ASN1EncodeItem(NULL, &encodedParam, iv,
- SEC_ASN1_GET(SEC_OctetStringTemplate));
- if (dummy != &encodedParam) {
- SECITEM_FreeItem(dummy, PR_TRUE);
- goto loser;
- }
-
- symKeyType = crmf_get_non_pad_mechanism(symKeyType);
- tag = PK11_MechanismToAlgtag(symKeyType);
- rv = SECOID_SetAlgorithmID(NULL, symmAlg, tag, &encodedParam);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_Free(encodedParam.data);
- PORT_Free(wrappedPrivKeyBits);
- PORT_Free(wrappedSymKeyBits);
- if (iv->data != NULL) {
- PORT_Free(iv->data);
- }
- PORT_Free(iv);
- return destValue;
- loser:
- if (iv != NULL) {
- if (iv->data) {
- PORT_Free(iv->data);
- }
- PORT_Free(iv);
- }
- if (myEncrValue != NULL) {
- crmf_destroy_encrypted_value(myEncrValue, PR_TRUE);
- }
- if (wrappedSymKeyBits != NULL) {
- PORT_Free(wrappedSymKeyBits);
- }
- if (wrappedPrivKeyBits != NULL) {
- PORT_Free(wrappedPrivKeyBits);
- }
- if (encodedParam.data != NULL) {
- PORT_Free(encodedParam.data);
- }
- return NULL;
-}
-
-CRMFEncryptedKey*
-CRMF_CreateEncryptedKeyWithEncryptedValue (SECKEYPrivateKey *inPrivKey,
- CERTCertificate *inCACert)
-{
- SECKEYPublicKey *caPubKey = NULL;
- CRMFEncryptedKey *encKey = NULL;
- CRMFEncryptedValue *dummy;
-
- PORT_Assert(inPrivKey != NULL && inCACert != NULL);
- if (inPrivKey == NULL || inCACert == NULL) {
- return NULL;
- }
-
- caPubKey = CERT_ExtractPublicKey(inCACert);
- if (caPubKey == NULL) {
- goto loser;
- }
-
- encKey = PORT_ZNew(CRMFEncryptedKey);
- if (encKey == NULL) {
- goto loser;
- }
- dummy = crmf_create_encrypted_value_wrapped_privkey(inPrivKey,
- caPubKey,
- &encKey->value.encryptedValue);
- PORT_Assert(dummy == &encKey->value.encryptedValue);
- /* We won't add the der value here, but rather when it
- * becomes part of a certificate request.
- */
- SECKEY_DestroyPublicKey(caPubKey);
- encKey->encKeyChoice = crmfEncryptedValueChoice;
- return encKey;
- loser:
- if (encKey != NULL) {
- CRMF_DestroyEncryptedKey(encKey);
- }
- if (caPubKey != NULL) {
- SECKEY_DestroyPublicKey(caPubKey);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_DestroyEncryptedKey(CRMFEncryptedKey *inEncrKey)
-{
- return crmf_destroy_encrypted_key(inEncrKey, PR_TRUE);
-}
-
-SECStatus
-crmf_copy_pkiarchiveoptions(PRArenaPool *poolp,
- CRMFPKIArchiveOptions *destOpt,
- CRMFPKIArchiveOptions *srcOpt)
-{
- SECStatus rv;
- destOpt->archOption = srcOpt->archOption;
- switch (srcOpt->archOption) {
- case crmfEncryptedPrivateKey:
- rv = crmf_copy_encryptedkey(poolp,
- &srcOpt->option.encryptedKey,
- &destOpt->option.encryptedKey);
- break;
- case crmfKeyGenParameters:
- case crmfArchiveRemGenPrivKey:
- /* We've got a union, so having a pointer to one is just
- * like having a pointer to the other one.
- */
- rv = SECITEM_CopyItem(poolp,
- &destOpt->option.keyGenParameters,
- &srcOpt->option.keyGenParameters);
- break;
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
-static SECStatus
-crmf_check_and_adjust_archoption(CRMFControl *inControl)
-{
- CRMFPKIArchiveOptions *options;
-
- options = &inControl->value.archiveOptions;
- if (options->archOption == crmfNoArchiveOptions) {
- /* It hasn't been set, so figure it out from the
- * der.
- */
- switch (inControl->derValue.data[0] & 0x0f) {
- case 0:
- options->archOption = crmfEncryptedPrivateKey;
- break;
- case 1:
- options->archOption = crmfKeyGenParameters;
- break;
- case 2:
- options->archOption = crmfArchiveRemGenPrivKey;
- break;
- default:
- /* We've got bad DER. Return an error. */
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-static const SEC_ASN1Template *
-crmf_get_pkiarchive_subtemplate(CRMFControl *inControl)
-{
- const SEC_ASN1Template *retTemplate;
- SECStatus rv;
- /*
- * We could be in the process of decoding, in which case the
- * archOption field will not be set. Let's check it and set
- * it accordingly.
- */
-
- rv = crmf_check_and_adjust_archoption(inControl);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- switch (inControl->value.archiveOptions.archOption) {
- case crmfEncryptedPrivateKey:
- retTemplate = CRMFEncryptedKeyWithEncryptedValueTemplate;
- inControl->value.archiveOptions.option.encryptedKey.encKeyChoice =
- crmfEncryptedValueChoice;
- break;
- default:
- retTemplate = NULL;
- }
- return retTemplate;
-}
-
-const SEC_ASN1Template*
-crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl)
-{
- const SEC_ASN1Template *retTemplate;
-
- switch (inControl->tag) {
- case SEC_OID_PKIX_REGCTRL_REGTOKEN:
- case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
- retTemplate = SEC_ASN1_GET(SEC_UTF8StringTemplate);
- break;
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- retTemplate = crmf_get_pkiarchive_subtemplate(inControl);
- break;
- case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
- case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
- case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
- /* We don't support these controls, so we fail for now.*/
- retTemplate = NULL;
- break;
- default:
- retTemplate = NULL;
- }
- return retTemplate;
-}
-
-static SECStatus
-crmf_encode_pkiarchiveoptions(PRArenaPool *poolp, CRMFControl *inControl)
-{
- const SEC_ASN1Template *asn1Template;
-
- asn1Template = crmf_get_pkiarchiveoptions_subtemplate(inControl);
- /* We've got a union, so passing a pointer to one element of the
- * union, is the same as passing a pointer to any of the other
- * members of the union.
- */
- SEC_ASN1EncodeItem(poolp, &inControl->derValue,
- &inControl->value.archiveOptions, asn1Template);
-
- if (inControl->derValue.data == NULL) {
- goto loser;
- }
- return SECSuccess;
- loser:
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestSetPKIArchiveOptions(CRMFCertRequest *inCertReq,
- CRMFPKIArchiveOptions *inOptions)
-{
- CRMFControl *newControl;
- PRArenaPool *poolp;
- SECStatus rv;
- void *mark;
-
- PORT_Assert(inCertReq != NULL && inOptions != NULL);
- if (inCertReq == NULL || inOptions == NULL) {
- return SECFailure;
- }
- poolp = inCertReq->poolp;
- mark = PORT_ArenaMark(poolp);
- rv = crmf_add_new_control(inCertReq,
- SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS,
- &newControl);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_copy_pkiarchiveoptions(poolp,
- &newControl->value.archiveOptions,
- inOptions);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_encode_pkiarchiveoptions(poolp, newControl);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECStatus
-crmf_destroy_control(CRMFControl *inControl, PRBool freeit)
-{
- PORT_Assert(inControl != NULL);
- if (inControl != NULL) {
- SECITEM_FreeItem(&inControl->derTag, PR_FALSE);
- SECITEM_FreeItem(&inControl->derValue, PR_FALSE);
- /* None of the other tags require special processing at
- * the moment when freeing because they are not supported,
- * but if/when they are, add the necessary routines here.
- * If all controls are supported, then every member of the
- * union inControl->value will have a case that deals with
- * it in the following switch statement.
- */
- switch (inControl->tag) {
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- crmf_destroy_pkiarchiveoptions(&inControl->value.archiveOptions,
- PR_FALSE);
- break;
- default:
- /* Put this here to get rid of all those annoying warnings.*/
- break;
- }
- if (freeit) {
- PORT_Free(inControl);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyControl(CRMFControl *inControl)
-{
- return crmf_destroy_control(inControl, PR_TRUE);
-}
-
-static SECOidTag
-crmf_controltype_to_tag(CRMFControlType inControlType)
-{
- SECOidTag retVal;
-
- switch(inControlType) {
- case crmfRegTokenControl:
- retVal = SEC_OID_PKIX_REGCTRL_REGTOKEN;
- break;
- case crmfAuthenticatorControl:
- retVal = SEC_OID_PKIX_REGCTRL_AUTHENTICATOR;
- break;
- case crmfPKIPublicationInfoControl:
- retVal = SEC_OID_PKIX_REGCTRL_PKIPUBINFO;
- break;
- case crmfPKIArchiveOptionsControl:
- retVal = SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS;
- break;
- case crmfOldCertIDControl:
- retVal = SEC_OID_PKIX_REGCTRL_OLD_CERT_ID;
- break;
- case crmfProtocolEncrKeyControl:
- retVal = SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY;
- break;
- default:
- retVal = SEC_OID_UNKNOWN;
- break;
- }
- return retVal;
-}
-
-PRBool
-CRMF_CertRequestIsControlPresent(CRMFCertRequest *inCertReq,
- CRMFControlType inControlType)
-{
- SECOidTag controlTag;
- int i;
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL || inCertReq->controls == NULL) {
- return PR_FALSE;
- }
- controlTag = crmf_controltype_to_tag(inControlType);
- for (i=0; inCertReq->controls[i] != NULL; i++) {
- if (inCertReq->controls[i]->tag == controlTag) {
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-
diff --git a/security/nss/lib/crmf/crmfdec.c b/security/nss/lib/crmf/crmfdec.c
deleted file mode 100644
index cce945e6d..000000000
--- a/security/nss/lib/crmf/crmfdec.c
+++ /dev/null
@@ -1,380 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "secitem.h"
-
-static CRMFPOPChoice
-crmf_get_popchoice_from_der(SECItem *derPOP)
-{
- CRMFPOPChoice retChoice;
-
- switch (derPOP->data[0] & 0x0f) {
- case 0:
- retChoice = crmfRAVerified;
- break;
- case 1:
- retChoice = crmfSignature;
- break;
- case 2:
- retChoice = crmfKeyEncipherment;
- break;
- case 3:
- retChoice = crmfKeyAgreement;
- break;
- default:
- retChoice = crmfNoPOPChoice;
- break;
- }
- return retChoice;
-}
-
-static SECStatus
-crmf_decode_process_raverified(CRMFCertReqMsg *inCertReqMsg)
-{
- CRMFProofOfPossession *pop;
- /* Just set up the structure so that the message structure
- * looks like one that was created using the API
- */
- pop = inCertReqMsg->pop;
- pop->popChoice.raVerified.data = NULL;
- pop->popChoice.raVerified.len = 0;
- return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_signature(CRMFCertReqMsg *inCertReqMsg)
-{
- return SEC_ASN1Decode(inCertReqMsg->poolp,
- &inCertReqMsg->pop->popChoice.signature,
- CRMFPOPOSigningKeyTemplate,
- (const char*)inCertReqMsg->derPOP.data,
- inCertReqMsg->derPOP.len);
-}
-
-static CRMFPOPOPrivKeyChoice
-crmf_get_messagechoice_from_der(SECItem *derPOP)
-{
- CRMFPOPOPrivKeyChoice retChoice;
-
- switch (derPOP->data[2] & 0x0f) {
- case 0:
- retChoice = crmfThisMessage;
- break;
- case 1:
- retChoice = crmfSubsequentMessage;
- break;
- case 2:
- retChoice = crmfDHMAC;
- break;
- default:
- retChoice = crmfNoMessage;
- }
- return retChoice;
-}
-
-static SECStatus
-crmf_decode_process_popoprivkey(CRMFCertReqMsg *inCertReqMsg)
-{
- /* We've got a union, so a pointer to one POPOPrivKey
- * struct is the same as having a pointer to the other
- * one.
- */
- CRMFPOPOPrivKey *popoPrivKey =
- &inCertReqMsg->pop->popChoice.keyEncipherment;
- SECItem *derPOP, privKeyDer;
- SECStatus rv;
-
- derPOP = &inCertReqMsg->derPOP;
- popoPrivKey->messageChoice = crmf_get_messagechoice_from_der(derPOP);
- if (popoPrivKey->messageChoice == crmfNoMessage) {
- return SECFailure;
- }
- /* If we ever encounter BER encodings of this, we'll get in trouble*/
- switch (popoPrivKey->messageChoice) {
- case crmfThisMessage:
- case crmfDHMAC:
- privKeyDer.data = &derPOP->data[5];
- privKeyDer.len = derPOP->len - 5;
- break;
- case crmfSubsequentMessage:
- privKeyDer.data = &derPOP->data[4];
- privKeyDer.len = derPOP->len - 4;
- break;
- default:
- rv = SECFailure;
- }
-
- rv = SECITEM_CopyItem(inCertReqMsg->poolp,
- &popoPrivKey->message.subsequentMessage,
- &privKeyDer);
-
- if (rv != SECSuccess) {
- return rv;
- }
-
- if (popoPrivKey->messageChoice == crmfThisMessage ||
- popoPrivKey->messageChoice == crmfDHMAC) {
-
- popoPrivKey->message.thisMessage.len =
- CRMF_BYTES_TO_BITS(privKeyDer.len) - (int)derPOP->data[4];
-
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_keyagreement(CRMFCertReqMsg *inCertReqMsg)
-{
- return crmf_decode_process_popoprivkey(inCertReqMsg);
-}
-
-static SECStatus
-crmf_decode_process_keyencipherment(CRMFCertReqMsg *inCertReqMsg)
-{
- SECStatus rv;
-
- rv = crmf_decode_process_popoprivkey(inCertReqMsg);
- if (rv != SECSuccess) {
- return rv;
- }
- if (inCertReqMsg->pop->popChoice.keyEncipherment.messageChoice ==
- crmfDHMAC) {
- /* Key Encipherment can not use the dhMAC option for
- * POPOPrivKey.
- */
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_pop(CRMFCertReqMsg *inCertReqMsg)
-{
- SECItem *derPOP;
- PRArenaPool *poolp;
- CRMFProofOfPossession *pop;
- void *mark;
- SECStatus rv;
-
- derPOP = &inCertReqMsg->derPOP;
- poolp = inCertReqMsg->poolp;
- if (derPOP->data == NULL) {
- /* There is no Proof of Possession field in this message. */
- return SECSuccess;
- }
- mark = PORT_ArenaMark(poolp);
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
- pop->popUsed = crmf_get_popchoice_from_der(derPOP);
- if (pop->popUsed == crmfNoPOPChoice) {
- /* A bad encoding of CRMF. Not a valid tag was given to the
- * Proof Of Possession field.
- */
- goto loser;
- }
- inCertReqMsg->pop = pop;
- switch (pop->popUsed) {
- case crmfRAVerified:
- rv = crmf_decode_process_raverified(inCertReqMsg);
- break;
- case crmfSignature:
- rv = crmf_decode_process_signature(inCertReqMsg);
- break;
- case crmfKeyEncipherment:
- rv = crmf_decode_process_keyencipherment(inCertReqMsg);
- break;
- case crmfKeyAgreement:
- rv = crmf_decode_process_keyagreement(inCertReqMsg);
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- inCertReqMsg->pop = NULL;
- return SECFailure;
-
-}
-
-static SECStatus
-crmf_decode_process_single_control(PRArenaPool *poolp,
- CRMFControl *inControl)
-{
- const SEC_ASN1Template *asn1Template = NULL;
-
- inControl->tag = SECOID_FindOIDTag(&inControl->derTag);
- asn1Template = crmf_get_pkiarchiveoptions_subtemplate(inControl);
-
- PORT_Assert (asn1Template != NULL);
- /* We've got a union, so passing a pointer to one element of the
- * union is the same as passing a pointer to any of the other
- * members of the union.
- */
- return SEC_ASN1Decode(poolp, &inControl->value.archiveOptions,
- asn1Template, (const char*)inControl->derValue.data,
- inControl->derValue.len);
-}
-
-static SECStatus
-crmf_decode_process_controls(CRMFCertReqMsg *inCertReqMsg)
-{
- int i, numControls;
- SECStatus rv;
- PRArenaPool *poolp;
- CRMFControl **controls;
-
- numControls = CRMF_CertRequestGetNumControls(inCertReqMsg->certReq);
- controls = inCertReqMsg->certReq->controls;
- poolp = inCertReqMsg->poolp;
- for (i=0; i < numControls; i++) {
- rv = crmf_decode_process_single_control(poolp, controls[i]);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_decode_process_single_reqmsg(CRMFCertReqMsg *inCertReqMsg)
-{
- SECStatus rv;
-
- rv = crmf_decode_process_pop(inCertReqMsg);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_decode_process_controls(inCertReqMsg);
- if (rv != SECSuccess) {
- goto loser;
- }
- inCertReqMsg->certReq->certTemplate.numExtensions =
- CRMF_CertRequestGetNumberOfExtensions(inCertReqMsg->certReq);
- inCertReqMsg->isDecoded = PR_TRUE;
- rv = SECSuccess;
- loser:
- return rv;
-}
-
-CRMFCertReqMsg*
-CRMF_CreateCertReqMsgFromDER (const char * buf, long len)
-{
- PRArenaPool *poolp;
- CRMFCertReqMsg *certReqMsg;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
- certReqMsg = PORT_ArenaZNew (poolp, CRMFCertReqMsg);
- if (certReqMsg == NULL) {
- goto loser;
- }
- certReqMsg->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, certReqMsg, CRMFCertReqMsgTemplate, buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_decode_process_single_reqmsg(certReqMsg);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- return certReqMsg;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-CRMFCertReqMessages*
-CRMF_CreateCertReqMessagesFromDER(const char *buf, long len)
-{
- long arenaSize;
- int i;
- SECStatus rv;
- PRArenaPool *poolp;
- CRMFCertReqMessages *certReqMsgs;
-
- PORT_Assert (buf != NULL);
- /* Wanna make sure the arena is big enough to store all of the requests
- * coming in. We'll guestimate according to the length of the buffer.
- */
- arenaSize = len * 1.5;
- poolp = PORT_NewArena(arenaSize);
- if (poolp == NULL) {
- return NULL;
- }
- certReqMsgs = PORT_ArenaZNew(poolp, CRMFCertReqMessages);
- if (certReqMsgs == NULL) {
- goto loser;
- }
- certReqMsgs->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, certReqMsgs, CRMFCertReqMessagesTemplate,
- buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- for (i=0; certReqMsgs->messages[i] != NULL; i++) {
- /* The sub-routines expect the individual messages to have
- * an arena. We'll give them one temporarily.
- */
- certReqMsgs->messages[i]->poolp = poolp;
- rv = crmf_decode_process_single_reqmsg(certReqMsgs->messages[i]);
- if (rv != SECSuccess) {
- goto loser;
- }
- certReqMsgs->messages[i]->poolp = NULL;
- }
- return certReqMsgs;
-
- loser:
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
-}
diff --git a/security/nss/lib/crmf/crmfenc.c b/security/nss/lib/crmf/crmfenc.c
deleted file mode 100644
index f96041c96..000000000
--- a/security/nss/lib/crmf/crmfenc.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "crmf.h"
-#include "crmfi.h"
-
-SECStatus
-CRMF_EncodeCertReqMsg(CRMFCertReqMsg *inCertReqMsg,
- CRMFEncoderOutputCallback fn,
- void *arg)
-{
- struct crmfEncoderOutput output;
-
- output.fn = fn;
- output.outputArg = arg;
- return SEC_ASN1Encode(inCertReqMsg,CRMFCertReqMsgTemplate,
- crmf_encoder_out, &output);
-
-}
-
-
-SECStatus
-CRMF_EncodeCertRequest(CRMFCertRequest *inCertReq,
- CRMFEncoderOutputCallback fn,
- void *arg)
-{
- struct crmfEncoderOutput output;
-
- output.fn = fn;
- output.outputArg = arg;
- return SEC_ASN1Encode(inCertReq, CRMFCertRequestTemplate,
- crmf_encoder_out, &output);
-}
-
-SECStatus
-CRMF_EncodeCertReqMessages(CRMFCertReqMsg **inCertReqMsgs,
- CRMFEncoderOutputCallback fn,
- void *arg)
-{
- struct crmfEncoderOutput output;
- CRMFCertReqMessages msgs;
-
- output.fn = fn;
- output.outputArg = arg;
- msgs.messages = inCertReqMsgs;
- return SEC_ASN1Encode(&msgs, CRMFCertReqMessagesTemplate,
- crmf_encoder_out, &output);
-}
-
-
-
-
diff --git a/security/nss/lib/crmf/crmffut.h b/security/nss/lib/crmf/crmffut.h
deleted file mode 100644
index e4244f3e6..000000000
--- a/security/nss/lib/crmf/crmffut.h
+++ /dev/null
@@ -1,390 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * These functions to be implemented in the future if the features
- * which these functions would implement wind up being needed.
- */
-
-/*
- * Use this functionto create the CRMFSinglePubInfo* variables that will
- * populate the inPubInfoArray paramter for the funciton
- * CRMF_CreatePKIPublicationInfo.
- *
- * "inPubMethod" specifies which publication method will be used
- * "pubLocation" is a representation of the location where
- */
-extern CRMFSinglePubInfo*
- CRMF_CreateSinglePubInfo(CRMFPublicationMethod inPubMethod,
- CRMFGeneralName *pubLocation);
-
-/*
- * Create a PKIPublicationInfo that can later be passed to the function
- * CRMFAddPubInfoControl.
- */
-extern CRMFPKIPublicationInfo *
- CRMF_CreatePKIPublicationInfo(CRMFPublicationAction inAction,
- CRMFSinglePubInfo **inPubInfoArray,
- int numPubInfo);
-
-/*
- * Only call this function on a CRMFPublicationInfo that was created by
- * CRMF_CreatePKIPublicationInfo that was passed in NULL for arena.
- */
-
-extern SECStatus
- CRMF_DestroyPKIPublicationInfo(CRMFPKIPublicationInfo *inPubInfo);
-
-extern SECStatus CRMF_AddPubInfoControl(CRMFCertRequest *inCertReq,
- CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * This is to create a Cert ID Control which can later be added to
- * a certificate request.
- */
-extern CRMFCertID* CRMF_CreateCertID(CRMFGeneralName *issuer,
- long serialNumber);
-
-extern SECStatus CRMF_DestroyCertID(CRMFCertID* certID);
-
-extern SECStatus CRMF_AddCertIDControl(CRMFCertRequest *inCertReq,
- CRMFCertID *certID);
-
-extern SECStatus
- CRMF_AddProtocolEncryptioKeyControl(CRMFCertRequest *inCertReq,
- CERTSubjectPublicKeyInfo *spki);
-
-/*
- * Add the ASCII Pairs Registration Info to the Certificate Request.
- * The SECItem must be an OCTET string representation.
- */
-extern SECStatus
- CRMF_AddUTF8PairsRegInfo(CRMFCertRequest *inCertReq,
- SECItem *asciiPairs);
-
-/*
- * This takes a CertRequest and adds it to another CertRequest.
- */
-extern SECStatus
- CRMF_AddCertReqToRegInfo(CRMFCertRequest *certReqToAddTo,
- CRMFCertRequest *certReqBeingAdded);
-
-/*
- * Returns which option was used for the authInfo field of POPOSigningKeyInput
- */
-extern CRMFPOPOSkiInputAuthChoice
- CRMF_GetSignKeyInputAuthChoice(CRMFPOPOSigningKeyInput *inKeyInput);
-
-/*
- * Gets the PKMACValue associated with the POPOSigningKeyInput.
- * If the POPOSigningKeyInput did not use authInfo.publicKeyMAC
- * the function returns SECFailure and the value at *destValue is unchanged.
- *
- * If the POPOSigningKeyInput did use authInfo.publicKeyMAC, the function
- * returns SECSuccess and places the PKMACValue at *destValue.
- */
-extern SECStatus
- CRMF_GetSignKeyInputPKMACValue(CRMFPOPOSigningKeyInput *inKeyInput,
- CRMFPKMACValue **destValue);
-/*
- * Gets the SubjectPublicKeyInfo from the POPOSigningKeyInput
- */
-extern CERTSubjectPublicKeyInfo *
- CRMF_GetSignKeyInputPublicKey(CRMFPOPOSigningKeyInput *inKeyInput);
-
-
-/*
- * Return the value for the PKIPublicationInfo Control.
- * A return value of NULL indicates that the Control was
- * not a PKIPublicationInfo Control. Call
- * CRMF_DestroyPKIPublicationInfo on the return value when done
- * using the pointer.
- */
-extern CRMFPKIPublicationInfo* CRMF_GetPKIPubInfo(CRMFControl *inControl);
-
-/*
- * Free up a CRMFPKIPublicationInfo structure.
- */
-extern SECStatus
- CRMF_DestroyPKIPublicationInfo(CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * Get the choice used for action in this PKIPublicationInfo.
- */
-extern CRMFPublicationAction
- CRMF_GetPublicationAction(CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * Get the number of pubInfos are stored in the PKIPubicationInfo.
- */
-extern int CRMF_GetNumPubInfos(CRMFPKIPublicationInfo *inPubInfo);
-
-/*
- * Get the pubInfo at index for the given PKIPubicationInfo.
- * Indexing is done like a traditional C Array. (0 .. numElements-1)
- */
-extern CRMFSinglePubInfo*
- CRMF_GetPubInfoAtIndex(CRMFPKIPublicationInfo *inPubInfo,
- int index);
-
-/*
- * Destroy the CRMFSinglePubInfo.
- */
-extern SECStatus CRMF_DestroySinglePubInfo(CRMFSinglePubInfo *inPubInfo);
-
-/*
- * Get the pubMethod used by the SinglePubInfo.
- */
-extern CRMFPublicationMethod
- CRMF_GetPublicationMethod(CRMFSinglePubInfo *inPubInfo);
-
-/*
- * Get the pubLocation associated with the SinglePubInfo.
- * A NULL return value indicates there was no pubLocation associated
- * with the SinglePuInfo.
- */
-extern CRMFGeneralName* CRMF_GetPubLocation(CRMFSinglePubInfo *inPubInfo);
-
-/*
- * Get the authInfo.sender field out of the POPOSigningKeyInput.
- * If the POPOSigningKeyInput did not use the authInfo the function
- * returns SECFailure and the value at *destName is unchanged.
- *
- * If the POPOSigningKeyInput did use authInfo.sender, the function returns
- * SECSuccess and puts the authInfo.sender at *destName/
- */
-extern SECStatus CRMF_GetSignKeyInputSender(CRMFPOPOSigningKeyInput *keyInput,
- CRMFGeneralName **destName);
-
-/**************** CMMF Functions that need to be added. **********************/
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentSetNextChallenge
- * INPUTS:
- * inDecKeyChall
- * The CMMFPOPODecKeyChallContent to operate on.
- * inRandom
- * The random number to use when generating the challenge,
- * inSender
- * The GeneralName representation of the sender of the challenge.
- * inPubKey
- * The public key to use when encrypting the challenge.
- * NOTES:
- * This function adds a challenge to the end of the list of challenges
- * contained by 'inDecKeyChall'. Refer to the CMMF draft on how the
- * the random number passed in and the sender's GeneralName are used
- * to generate the challenge and witness fields of the challenge. This
- * library will use SHA1 as the one-way function for generating the
- * witess field of the challenge.
- *
- * RETURN:
- * SECSuccess if generating the challenge and adding to the end of list
- * of challenges was successful. Any other return value indicates an error
- * while trying to generate the challenge.
- */
-extern SECStatus
-CMMF_POPODecKeyChallContentSetNextChallenge
- (CMMFPOPODecKeyChallContent *inDecKeyChall,
- long inRandom,
- CERTGeneralName *inSender,
- SECKEYPublicKey *inPubKey);
-
-/*
- * FUNCTION: CMMF_POPODecKeyChallContentGetNumChallenges
- * INPUTS:
- * inKeyChallCont
- * The CMMFPOPODecKeyChallContent to operate on.
- * RETURN:
- * This function returns the number of CMMFChallenges are contained in
- * the CMMFPOPODecKeyChallContent structure.
- */
-extern int CMMF_POPODecKeyChallContentGetNumChallenges
- (CMMFPOPODecKeyChallContent *inKeyChallCont);
-
-/*
- * FUNCTION: CMMF_ChallengeGetRandomNumber
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to operate on.
- * inDest
- * A pointer to a user supplied buffer where the library
- * can place a copy of the random integer contatained in the
- * challenge.
- * NOTES:
- * This function returns the value held in the decrypted Rand structure
- * corresponding to the random integer. The user must call
- * CMMF_ChallengeDecryptWitness before calling this function. Call
- * CMMF_ChallengeIsDecrypted to find out if the challenge has been
- * decrypted.
- *
- * RETURN:
- * SECSuccess indicates the witness field has been previously decrypted
- * and the value for the random integer was successfully placed at *inDest.
- * Any other return value indicates an error and that the value at *inDest
- * is not a valid value.
- */
-extern SECStatus CMMF_ChallengeGetRandomNumber(CMMFChallenge *inChallenge,
- long *inDest);
-
-/*
- * FUNCTION: CMMF_ChallengeGetSender
- * INPUTS:
- * inChallenge
- * the CMMFChallenge to operate on.
- * NOTES:
- * This function returns the value held in the decrypted Rand structure
- * corresponding to the sender. The user must call
- * CMMF_ChallengeDecryptWitness before calling this function. Call
- * CMMF_ChallengeIsDecrypted to find out if the witness field has been
- * decrypted. The user must call CERT_DestroyGeneralName after the return
- * value is no longer needed.
- *
- * RETURN:
- * A pointer to a copy of the sender CERTGeneralName. A return value of
- * NULL indicates an error in trying to copy the information or that the
- * witness field has not been decrypted.
- */
-extern CERTGeneralName* CMMF_ChallengeGetSender(CMMFChallenge *inChallenge);
-
-/*
- * FUNCTION: CMMF_ChallengeGetAlgId
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to operate on.
- * inDestAlgId
- * A pointer to memory where a pointer to a copy of the algorithm
- * id can be placed.
- * NOTES:
- * This function retrieves the one way function algorithm identifier
- * contained within the CMMFChallenge if the optional field is present.
- *
- * RETURN:
- * SECSucces indicates the function was able to place a pointer to a copy of
- * the alogrithm id at *inAlgId. If the value at *inDestAlgId is NULL,
- * that means there was no algorithm identifier present in the
- * CMMFChallenge. Any other return value indicates the function was not
- * able to make a copy of the algorithm identifier. In this case the value
- * at *inDestAlgId is not valid.
- */
-extern SECStatus CMMF_ChallengeGetAlgId(CMMFChallenge *inChallenge,
- SECAlgorithmID *inAlgId);
-
-/*
- * FUNCTION: CMMF_DestroyChallenge
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to free up.
- * NOTES:
- * This function frees up all the memory associated with the CMMFChallenge
- * passed in.
- * RETURN:
- * SECSuccess if freeing all the memory associated with the CMMFChallenge
- * passed in is successful. Any other return value indicates an error
- * while freeing the memory.
- */
-extern SECStatus CMMF_DestroyChallenge (CMMFChallenge *inChallenge);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyRespContent
- * INPUTS:
- * inDecKeyResp
- * The CMMFPOPODecKeyRespContent structure to free.
- * NOTES:
- * This function frees up all the memory associate with the
- * CMMFPOPODecKeyRespContent.
- *
- * RETURN:
- * SECSuccess if freeint up all the memory associated with the
- * CMMFPOPODecKeyRespContent structure is successful. Any other
- * return value indicates an error while freeing the memory.
- */
-extern SECStatus
- CMMF_DestroyPOPODecKeyRespContent(CMMFPOPODecKeyRespContent *inDecKeyResp);
-
-/*
- * FUNCTION: CMMF_ChallengeDecryptWitness
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to operate on.
- * inPrivKey
- * The private key to use to decrypt the witness field.
- * NOTES:
- * This function uses the private key to decrypt the challenge field
- * contained in the CMMFChallenge. Make sure the private key matches the
- * public key that was used to encrypt the witness. The creator of
- * the challenge will most likely be an RA that has the public key
- * from a Cert request. So the private key should be the private key
- * associated with public key in that request. This function will also
- * verify the witness field of the challenge.
- *
- * RETURN:
- * SECSuccess if decrypting the witness field was successful. This does
- * not indicate that the decrypted data is valid, since the private key
- * passed in may not be the actual key needed to properly decrypt the
- * witness field. Meaning that there is a decrypted structure now, but
- * may be garbage because the private key was incorrect.
- * Any other return value indicates the function could not complete the
- * decryption process.
- */
-extern SECStatus CMMF_ChallengeDecryptWitness(CMMFChallenge *inChallenge,
- SECKEYPrivateKey *inPrivKey);
-
-/*
- * FUNCTION: CMMF_ChallengeIsDecrypted
- * INPUTS:
- * inChallenge
- * The CMMFChallenge to operate on.
- * RETURN:
- * This is a predicate function that returns PR_TRUE if the decryption
- * process has already been performed. The function return PR_FALSE if
- * the decryption process has not been performed yet.
- */
-extern PRBool CMMF_ChallengeIsDecrypted(CMMFChallenge *inChallenge);
-
-/*
- * FUNCTION: CMMF_DestroyPOPODecKeyChallContent
- * INPUTS:
- * inDecKeyCont
- * The CMMFPOPODecKeyChallContent to free
- * NOTES:
- * This function frees up all the memory associated with the
- * CMMFPOPODecKeyChallContent
- * RETURN:
- * SECSuccess if freeing up all the memory associatd with the
- * CMMFPOPODecKeyChallContent is successful. Any other return value
- * indicates an error while freeing the memory.
- *
- */
-extern SECStatus
- CMMF_DestroyPOPODecKeyChallContent (CMMFPOPODecKeyChallContent *inDecKeyCont);
-
diff --git a/security/nss/lib/crmf/crmfget.c b/security/nss/lib/crmf/crmfget.c
deleted file mode 100644
index 11f27a72d..000000000
--- a/security/nss/lib/crmf/crmfget.c
+++ /dev/null
@@ -1,478 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "keyhi.h"
-#include "secder.h"
-
-
-CRMFPOPChoice
-CRMF_CertReqMsgGetPOPType(CRMFCertReqMsg *inCertReqMsg)
-{
- PORT_Assert(inCertReqMsg != NULL);
- if (inCertReqMsg != NULL && inCertReqMsg->pop != NULL) {
- return inCertReqMsg->pop->popUsed;
- }
- return crmfNoPOPChoice;
-}
-
-static SECStatus
-crmf_destroy_validity(CRMFOptionalValidity *inValidity, PRBool freeit)
-{
- if (inValidity != NULL){
- if (inValidity->notBefore.data != NULL) {
- PORT_Free(inValidity->notBefore.data);
- }
- if (inValidity->notAfter.data != NULL) {
- PORT_Free(inValidity->notAfter.data);
- }
- if (freeit) {
- PORT_Free(inValidity);
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_copy_cert_request_validity(PRArenaPool *poolp,
- CRMFOptionalValidity **destValidity,
- CRMFOptionalValidity *srcValidity)
-{
- CRMFOptionalValidity *myValidity = NULL;
- SECStatus rv;
-
- *destValidity = myValidity = (poolp == NULL) ?
- PORT_ZNew(CRMFOptionalValidity) :
- PORT_ArenaZNew(poolp, CRMFOptionalValidity);
- if (myValidity == NULL) {
- goto loser;
- }
- if (srcValidity->notBefore.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &myValidity->notBefore,
- &srcValidity->notBefore);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcValidity->notAfter.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &myValidity->notAfter,
- &srcValidity->notAfter);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- return SECSuccess;
- loser:
- if (myValidity != NULL && poolp == NULL) {
- crmf_destroy_validity(myValidity, PR_TRUE);
- }
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_extensions(PRArenaPool *poolp,
- CRMFCertTemplate *destTemplate,
- CRMFCertExtension **srcExt)
-{
- int numExt = 0, i;
- CRMFCertExtension **myExtArray = NULL;
-
- while (srcExt[numExt] != NULL) {
- numExt++;
- }
- if (numExt == 0) {
- /*No extensions to copy.*/
- destTemplate->extensions = NULL;
- destTemplate->numExtensions = 0;
- return SECSuccess;
- }
- destTemplate->extensions = myExtArray =
- PORT_NewArray(CRMFCertExtension*, numExt+1);
- if (myExtArray == NULL) {
- goto loser;
- }
-
- for (i=0; i<numExt; i++) {
- myExtArray[i] = crmf_copy_cert_extension(poolp, srcExt[i]);
- if (myExtArray[i] == NULL) {
- goto loser;
- }
- }
- destTemplate->numExtensions = numExt;
- myExtArray[numExt] = NULL;
- return SECSuccess;
- loser:
- if (myExtArray != NULL) {
- if (poolp == NULL) {
- for (i=0; myExtArray[i] != NULL; i++) {
- CRMF_DestroyCertExtension(myExtArray[i]);
- }
- }
- PORT_Free(myExtArray);
- }
- destTemplate->extensions = NULL;
- destTemplate->numExtensions = 0;
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_cert_request_template(PRArenaPool *poolp,
- CRMFCertTemplate *destTemplate,
- CRMFCertTemplate *srcTemplate)
-{
- SECStatus rv;
-
- if (srcTemplate->version.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &destTemplate->version,
- &srcTemplate->version);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->serialNumber.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &destTemplate->serialNumber,
- &srcTemplate->serialNumber);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->signingAlg != NULL) {
- rv = crmf_template_copy_secalg(poolp, &destTemplate->signingAlg,
- srcTemplate->signingAlg);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->issuer != NULL) {
- rv = crmf_copy_cert_name(poolp, &destTemplate->issuer,
- srcTemplate->issuer);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->validity != NULL) {
- rv = crmf_copy_cert_request_validity(poolp, &destTemplate->validity,
- srcTemplate->validity);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->subject != NULL) {
- rv = crmf_copy_cert_name(poolp, &destTemplate->subject,
- srcTemplate->subject);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->publicKey != NULL) {
- rv = crmf_template_add_public_key(poolp, &destTemplate->publicKey,
- srcTemplate->publicKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->issuerUID.data != NULL) {
- rv = crmf_make_bitstring_copy(poolp, &destTemplate->issuerUID,
- &srcTemplate->issuerUID);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->subjectUID.data != NULL) {
- rv = crmf_make_bitstring_copy(poolp, &destTemplate->subjectUID,
- &srcTemplate->subjectUID);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (srcTemplate->extensions != NULL) {
- rv = crmf_copy_extensions(poolp, destTemplate,
- srcTemplate->extensions);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- return SECSuccess;
- loser:
- return SECFailure;
-}
-
-static CRMFControl*
-crmf_copy_control(PRArenaPool *poolp, CRMFControl *srcControl)
-{
- CRMFControl *newControl;
- SECStatus rv;
-
- newControl = (poolp == NULL) ? PORT_ZNew(CRMFControl) :
- PORT_ArenaZNew(poolp, CRMFControl);
- if (newControl == NULL) {
- goto loser;
- }
- newControl->tag = srcControl->tag;
- rv = SECITEM_CopyItem(poolp, &newControl->derTag, &srcControl->derTag);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &newControl->derValue, &srcControl->derValue);
- if (rv != SECSuccess) {
- goto loser;
- }
- /* We only handle PKIArchiveOptions Control right now. But if in
- * the future, more controls that are part of the union are added,
- * then they need to be handled here as well.
- */
- switch (newControl->tag) {
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- rv = crmf_copy_pkiarchiveoptions(poolp,
- &newControl->value.archiveOptions,
- &srcControl->value.archiveOptions);
- break;
- default:
- rv = SECSuccess;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- return newControl;
-
- loser:
- if (poolp == NULL && newControl != NULL) {
- CRMF_DestroyControl(newControl);
- }
- return NULL;
-}
-
-static SECStatus
-crmf_copy_cert_request_controls(PRArenaPool *poolp,
- CRMFCertRequest *destReq,
- CRMFCertRequest *srcReq)
-{
- int numControls, i;
- CRMFControl **myControls = NULL;
-
- numControls = CRMF_CertRequestGetNumControls(srcReq);
- if (numControls == 0) {
- /* No Controls To Copy*/
- return SECSuccess;
- }
- myControls = destReq->controls = PORT_NewArray(CRMFControl*,
- numControls+1);
- if (myControls == NULL) {
- goto loser;
- }
- for (i=0; i<numControls; i++) {
- myControls[i] = crmf_copy_control(poolp, srcReq->controls[i]);
- if (myControls[i] == NULL) {
- goto loser;
- }
- }
- myControls[numControls] = NULL;
- return SECSuccess;
- loser:
- if (myControls != NULL) {
- if (poolp == NULL) {
- for (i=0; myControls[i] != NULL; i++) {
- CRMF_DestroyControl(myControls[i]);
- }
- }
- PORT_Free(myControls);
- }
- return SECFailure;
-}
-
-
-CRMFCertRequest*
-crmf_copy_cert_request(PRArenaPool *poolp, CRMFCertRequest *srcReq)
-{
- CRMFCertRequest *newReq = NULL;
- SECStatus rv;
-
- if (srcReq == NULL) {
- return NULL;
- }
- newReq = (poolp == NULL) ? PORT_ZNew(CRMFCertRequest) :
- PORT_ArenaZNew(poolp, CRMFCertRequest);
- if (newReq == NULL) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &newReq->certReqId, &srcReq->certReqId);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = crmf_copy_cert_request_template(poolp, &newReq->certTemplate,
- &srcReq->certTemplate);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = crmf_copy_cert_request_controls(poolp, newReq, srcReq);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newReq;
- loser:
- if (newReq != NULL && poolp == NULL) {
- CRMF_DestroyCertRequest(newReq);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_DestroyGetValidity(CRMFGetValidity *inValidity)
-{
- PORT_Assert(inValidity != NULL);
- if (inValidity != NULL) {
- if (inValidity->notAfter) {
- PORT_Free(inValidity->notAfter);
- inValidity->notAfter = NULL;
- }
- if (inValidity->notBefore) {
- PORT_Free(inValidity->notBefore);
- inValidity->notBefore = NULL;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-crmf_make_bitstring_copy(PRArenaPool *arena, SECItem *dest, SECItem *src)
-{
- int origLenBits;
- int bytesToCopy;
- SECStatus rv;
-
- origLenBits = src->len;
- bytesToCopy = CRMF_BITS_TO_BYTES(origLenBits);
- src->len = bytesToCopy;
- rv = SECITEM_CopyItem(arena, dest, src);
- src->len = origLenBits;
- if (rv != SECSuccess) {
- return rv;
- }
- dest->len = origLenBits;
- return SECSuccess;
-}
-
-int
-CRMF_CertRequestGetNumberOfExtensions(CRMFCertRequest *inCertReq)
-{
- CRMFCertTemplate *certTemplate;
- int count = 0;
-
- certTemplate = &inCertReq->certTemplate;
- if (certTemplate->extensions) {
- while (certTemplate->extensions[count] != NULL)
- count++;
- }
- return count;
-}
-
-SECOidTag
-CRMF_CertExtensionGetOidTag(CRMFCertExtension *inExtension)
-{
- PORT_Assert(inExtension != NULL);
- if (inExtension == NULL) {
- return SEC_OID_UNKNOWN;
- }
- return SECOID_FindOIDTag(&inExtension->id);
-}
-
-PRBool
-CRMF_CertExtensionGetIsCritical(CRMFCertExtension *inExt)
-{
- PORT_Assert(inExt != NULL);
- if (inExt == NULL) {
- return PR_FALSE;
- }
- return inExt->critical.data != NULL;
-}
-
-SECItem*
-CRMF_CertExtensionGetValue(CRMFCertExtension *inExtension)
-{
- PORT_Assert(inExtension != NULL);
- if (inExtension == NULL) {
- return NULL;
- }
-
- return SECITEM_DupItem(&inExtension->value);
-}
-
-
-SECStatus
-CRMF_DestroyPOPOSigningKey(CRMFPOPOSigningKey *inKey)
-{
- PORT_Assert(inKey != NULL);
- if (inKey != NULL) {
- if (inKey->derInput.data != NULL) {
- SECITEM_FreeItem(&inKey->derInput, PR_FALSE);
- }
- if (inKey->algorithmIdentifier != NULL) {
- SECOID_DestroyAlgorithmID(inKey->algorithmIdentifier, PR_TRUE);
- }
- if (inKey->signature.data != NULL) {
- SECITEM_FreeItem(&inKey->signature, PR_FALSE);
- }
- PORT_Free(inKey);
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyPOPOPrivKey(CRMFPOPOPrivKey *inPrivKey)
-{
- PORT_Assert(inPrivKey != NULL);
- if (inPrivKey != NULL) {
- SECITEM_FreeItem(&inPrivKey->message.thisMessage, PR_FALSE);
- PORT_Free(inPrivKey);
- }
- return SECSuccess;
-}
-
-int
-CRMF_CertRequestGetNumControls(CRMFCertRequest *inCertReq)
-{
- int count = 0;
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return 0;
- }
- if (inCertReq->controls) {
- while (inCertReq->controls[count] != NULL)
- count++;
- }
- return count;
-}
-
diff --git a/security/nss/lib/crmf/crmfi.h b/security/nss/lib/crmf/crmfi.h
deleted file mode 100644
index 2a950452d..000000000
--- a/security/nss/lib/crmf/crmfi.h
+++ /dev/null
@@ -1,186 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _CRMFI_H_
-#define _CRMFI_H_
-/* This file will contain all declarations common to both
- * encoding and decoding of CRMF Cert Requests. This header
- * file should only be included internally by CRMF implementation
- * files.
- */
-#include "secasn1.h"
-#include "crmfit.h"
-
-#define CRMF_DEFAULT_ARENA_SIZE 1024
-#define MAX_WRAPPED_KEY_LEN 2048
-
-
-#define CRMF_BITS_TO_BYTES(bits) (((bits)+7)/8)
-#define CRMF_BYTES_TO_BITS(bytes) ((bytes)*8)
-
-struct crmfEncoderArg {
- SECItem *buffer;
- long allocatedLen;
-};
-
-struct crmfEncoderOutput {
- CRMFEncoderOutputCallback fn;
- void *outputArg;
-};
-
-/*
- * This funciton is used by the API for encoding functions that are
- * exposed through the API, ie all of the CMMF_Encode* and CRMF_Encode*
- * functions.
- */
-extern void
- crmf_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind);
-
-/*
- * This function is used when we want to encode something locally within
- * the library, ie the CertRequest so that we can produce its signature.
- */
-extern SECStatus
- crmf_init_encoder_callback_arg (struct crmfEncoderArg *encoderArg,
- SECItem *derDest);
-
-/*
- * This is the callback function we feed to the ASN1 encoder when doing
- * internal DER-encodings. ie, encoding the cert request so we can
- * produce a signature.
- */
-extern void
-crmf_generic_encoder_callback(void *arg, const char* buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind);
-
-/* The ASN1 templates that need to be seen by internal files
- * in order to implement CRMF.
- */
-extern const SEC_ASN1Template CRMFCertReqMsgTemplate[];
-extern const SEC_ASN1Template CRMFRAVerifiedTemplate[];
-extern const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[];
-extern const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[];
-extern const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[];
-extern const SEC_ASN1Template CRMFThisMessageTemplate[];
-extern const SEC_ASN1Template CRMFSubsequentMessageTemplate[];
-extern const SEC_ASN1Template CRMFDHMACTemplate[];
-extern const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate[];
-extern const SEC_ASN1Template CRMFEncryptedValueTemplate[];
-
-/*
- * Use these two values for encoding Boolean values.
- */
-extern const unsigned char hexTrue;
-extern const unsigned char hexFalse;
-/*
- * Prototypes for helper routines used internally by multiple files.
- */
-extern SECStatus crmf_encode_integer(PRArenaPool *poolp, SECItem *dest,
- long value);
-extern SECStatus crmf_make_bitstring_copy(PRArenaPool *arena, SECItem *dest,
- SECItem *src);
-
-extern SECStatus crmf_copy_pkiarchiveoptions(PRArenaPool *poolp,
- CRMFPKIArchiveOptions *destOpt,
- CRMFPKIArchiveOptions *srcOpt);
-extern SECStatus
- crmf_destroy_pkiarchiveoptions(CRMFPKIArchiveOptions *inArchOptions,
- PRBool freeit);
-extern const SEC_ASN1Template*
- crmf_get_pkiarchiveoptions_subtemplate(CRMFControl *inControl);
-
-extern SECStatus crmf_copy_encryptedkey(PRArenaPool *poolp,
- CRMFEncryptedKey *srcEncrKey,
- CRMFEncryptedKey *destEncrKey);
-extern SECStatus
-crmf_copy_encryptedvalue(PRArenaPool *poolp,
- CRMFEncryptedValue *srcValue,
- CRMFEncryptedValue *destValue);
-
-extern SECStatus
-crmf_copy_encryptedvalue_secalg(PRArenaPool *poolp,
- SECAlgorithmID *srcAlgId,
- SECAlgorithmID **destAlgId);
-
-extern SECStatus crmf_template_copy_secalg(PRArenaPool *poolp,
- SECAlgorithmID **dest,
- SECAlgorithmID *src);
-
-extern SECStatus crmf_copy_cert_name(PRArenaPool *poolp, CERTName **dest,
- CERTName *src);
-
-extern SECStatus crmf_template_add_public_key(PRArenaPool *poolp,
- CERTSubjectPublicKeyInfo **dest,
- CERTSubjectPublicKeyInfo *pubKey);
-
-extern CRMFCertExtension* crmf_create_cert_extension(PRArenaPool *poolp,
- SECOidTag tag,
- PRBool isCritical,
- SECItem *data);
-extern CRMFCertRequest*
-crmf_copy_cert_request(PRArenaPool *poolp, CRMFCertRequest *srcReq);
-
-extern SECStatus crmf_destroy_encrypted_value(CRMFEncryptedValue *inEncrValue,
- PRBool freeit);
-
-extern CRMFEncryptedValue *
-crmf_create_encrypted_value_wrapped_privkey(SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey,
- CRMFEncryptedValue *destValue);
-
-extern CK_MECHANISM_TYPE
- crmf_get_mechanism_from_public_key(SECKEYPublicKey *inPubKey);
-
-extern SECStatus
-crmf_encrypted_value_unwrap_priv_key(PRArenaPool *poolp,
- CRMFEncryptedValue *encValue,
- SECKEYPrivateKey *privKey,
- SECKEYPublicKey *newPubKey,
- SECItem *nickname,
- PK11SlotInfo *slot,
- unsigned char keyUsage,
- SECKEYPrivateKey **unWrappedKey,
- void *wincx);
-
-extern SECItem*
-crmf_get_public_value(SECKEYPublicKey *pubKey, SECItem *dest);
-
-extern CRMFCertExtension*
-crmf_copy_cert_extension(PRArenaPool *poolp, CRMFCertExtension *inExtension);
-
-extern SECStatus
-crmf_create_prtime(SECItem *src, PRTime **dest);
-#endif /*_CRMFI_H_*/
diff --git a/security/nss/lib/crmf/crmfit.h b/security/nss/lib/crmf/crmfit.h
deleted file mode 100644
index 4cc95319a..000000000
--- a/security/nss/lib/crmf/crmfit.h
+++ /dev/null
@@ -1,216 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _CRMFIT_H_
-#define _CRMFIT_H_
-
-struct CRMFCertReqMessagesStr {
- CRMFCertReqMsg **messages;
- PRArenaPool *poolp;
-};
-
-struct CRMFCertExtensionStr {
- SECItem id;
- SECItem critical;
- SECItem value;
-};
-
-
-struct CRMFOptionalValidityStr {
- SECItem notBefore;
- SECItem notAfter;
-};
-
-struct CRMFCertTemplateStr {
- SECItem version;
- SECItem serialNumber;
- SECAlgorithmID *signingAlg;
- CERTName *issuer;
- CRMFOptionalValidity *validity;
- CERTName *subject;
- CERTSubjectPublicKeyInfo *publicKey;
- SECItem issuerUID;
- SECItem subjectUID;
- CRMFCertExtension **extensions;
- int numExtensions;
-};
-
-struct CRMFCertIDStr {
- SECItem issuer; /* General Name */
- SECItem serialNumber; /*INTEGER*/
-};
-
-struct CRMFEncryptedValueStr {
- SECAlgorithmID *intendedAlg;
- SECAlgorithmID *symmAlg;
- SECItem encSymmKey; /*BIT STRING */
- SECAlgorithmID *keyAlg;
- SECItem valueHint; /*OCTET STRING */
- SECItem encValue; /*BIT STRING */
-};
-
-/*
- * The field derValue will contain the actual der
- * to include in the encoding or that was read in
- * from a der blob.
- */
-struct CRMFEncryptedKeyStr {
- union {
- SEC_PKCS7ContentInfo *envelopedData;
- CRMFEncryptedValue encryptedValue;
- } value;
- CRMFEncryptedKeyChoice encKeyChoice;
- SECItem derValue;
-};
-
-/* ASN1 must only have one of the following 3 options. */
-struct CRMFPKIArchiveOptionsStr {
- union {
- CRMFEncryptedKey encryptedKey;
- SECItem keyGenParameters;
- SECItem archiveRemGenPrivKey; /* BOOLEAN */
- } option;
- CRMFPKIArchiveOptionsType archOption;
-};
-
-struct CRMFPKIPublicationInfoStr {
- SECItem action; /* Possible values */
- /* dontPublish (0), pleasePublish (1) */
- CRMFSinglePubInfo **pubInfos;
-};
-
-struct CRMFControlStr {
- SECOidTag tag;
- SECItem derTag;
- SECItem derValue;
- /* These will be C structures used to represent the various
- * options. Values that can't be stored as der right away.
- * After creating these structures, we'll place their der
- * encoding in derValue so the encoder knows how to get to
- * it.
- */
- union {
- CRMFCertID oldCertId;
- CRMFPKIArchiveOptions archiveOptions;
- CRMFPKIPublicationInfo pubInfo;
- CRMFProtocolEncrKey protEncrKey;
- } value;
-};
-
-struct CRMFCertRequestStr {
- SECItem certReqId;
- CRMFCertTemplate certTemplate;
- CRMFControl **controls;
- /* The following members are used by the internal implementation, but
- * are not part of the encoding.
- */
- PRArenaPool *poolp;
- long requestID; /* This is the value that will be encoded into
- * the certReqId field.
- */
-};
-
-struct CRMFAttributeStr {
- SECItem derTag;
- SECItem derValue;
-};
-
-struct CRMFCertReqMsgStr {
- CRMFCertRequest *certReq;
- CRMFProofOfPossession *pop;
- CRMFAttribute **regInfo;
- SECItem derPOP;
- /* This arena will be used for allocating memory when decoding.
- */
- PRArenaPool *poolp;
- PRBool isDecoded;
-};
-
-struct CRMFPOPOSigningKeyInputStr {
- /* ASN1 must have only one of the next 2 options */
- union {
- SECItem sender; /*General Name*/
- CRMFPKMACValue *publicKeyMAC;
- }authInfo;
- CERTSubjectPublicKeyInfo publicKey;
-};
-
-struct CRMFPOPOSigningKeyStr {
- SECItem derInput; /*If in the future we support
- *POPOSigningKeyInput, this will
- *a C structure representation
- *instead.
- */
- SECAlgorithmID *algorithmIdentifier;
- SECItem signature; /* This is a BIT STRING. Remember */
-}; /* that when interpreting. */
-
-/* ASN1 must only choose one of these members */
-struct CRMFPOPOPrivKeyStr {
- union {
- SECItem thisMessage; /* BIT STRING */
- SECItem subsequentMessage; /*INTEGER*/
- SECItem dhMAC; /*BIT STRING*/
- } message;
- CRMFPOPOPrivKeyChoice messageChoice;
-};
-
-/* ASN1 must only have one of these options. */
-struct CRMFProofOfPossessionStr {
- union {
- SECItem raVerified;
- CRMFPOPOSigningKey signature;
- CRMFPOPOPrivKey keyEncipherment;
- CRMFPOPOPrivKey keyAgreement;
- } popChoice;
- CRMFPOPChoice popUsed; /*Not part of encoding*/
-};
-
-struct CRMFPKMACValueStr {
- SECAlgorithmID algID;
- SECItem value; /*BIT STRING*/
-};
-
-struct CRMFSinglePubInfoStr {
- SECItem pubMethod; /* Possible Values:
- * dontCare (0)
- * x500 (1)
- * web (2)
- * ldap (3)
- */
- CERTGeneralName *pubLocation; /* General Name */
-};
-
-#endif /* _CRMFIT_H_ */
diff --git a/security/nss/lib/crmf/crmfpop.c b/security/nss/lib/crmf/crmfpop.c
deleted file mode 100644
index d6ec26827..000000000
--- a/security/nss/lib/crmf/crmfpop.c
+++ /dev/null
@@ -1,604 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "secasn1.h"
-#include "keyhi.h"
-#include "cryptohi.h"
-
-#define CRMF_DEFAULT_ALLOC_SIZE 1024
-
-SECStatus
-crmf_init_encoder_callback_arg (struct crmfEncoderArg *encoderArg,
- SECItem *derDest)
-{
- derDest->data = PORT_ZNewArray(unsigned char, CRMF_DEFAULT_ALLOC_SIZE);
- if (derDest->data == NULL) {
- return SECFailure;
- }
- derDest->len = 0;
- encoderArg->allocatedLen = CRMF_DEFAULT_ALLOC_SIZE;
- encoderArg->buffer = derDest;
- return SECSuccess;
-
-}
-
-/* Caller should release or unmark the pool, instead of doing it here.
-** But there are NO callers of this function at present...
-*/
-SECStatus
-CRMF_CertReqMsgSetRAVerifiedPOP(CRMFCertReqMsg *inCertReqMsg)
-{
- SECItem *dummy;
- CRMFProofOfPossession *pop;
- PRArenaPool *poolp;
- void *mark;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
- poolp = inCertReqMsg->poolp;
- mark = PORT_ArenaMark(poolp);
- if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice) {
- return SECFailure;
- }
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
- pop->popUsed = crmfRAVerified;
- pop->popChoice.raVerified.data = NULL;
- pop->popChoice.raVerified.len = 0;
- inCertReqMsg->pop = pop;
- dummy = SEC_ASN1EncodeItem(poolp, &(inCertReqMsg->derPOP),
- &(pop->popChoice.raVerified),
- CRMFRAVerifiedTemplate);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECOidTag
-crmf_map_keytag_to_signtag(SECOidTag inTag)
-{
- switch (inTag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS:
- return SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- default:
- /* Put this in here to kill warnings. */
- break;
- }
- return inTag;
-}
-
-SECOidTag
-crmf_get_key_sign_tag(SECKEYPublicKey *inPubKey)
-{
- CERTSubjectPublicKeyInfo *spki;
- SECOidTag tag;
-
- spki = SECKEY_CreateSubjectPublicKeyInfo(inPubKey);
- if (spki == NULL) {
- return SEC_OID_UNKNOWN;
- }
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- return crmf_map_keytag_to_signtag(tag);
-}
-
-SECAlgorithmID*
-crmf_create_poposignkey_algid(PRArenaPool *poolp,
- SECKEYPublicKey *inPubKey)
-{
- SECAlgorithmID *algID;
- SECOidTag tag;
- SECStatus rv;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
- algID = PORT_ArenaZNew(poolp, SECAlgorithmID);
- if (algID == NULL) {
- goto loser;
- }
- tag = crmf_get_key_sign_tag(inPubKey);
- if (tag == SEC_OID_UNKNOWN) {
- goto loser;
- }
- rv = SECOID_SetAlgorithmID(poolp, algID, tag, NULL);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return algID;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-static CRMFPOPOSigningKeyInput*
-crmf_create_poposigningkeyinput(PRArenaPool *poolp, CERTCertificate *inCert,
- CRMFMACPasswordCallback fn, void *arg)
-{
- /* PSM isn't going to do this, so we'll fail here for now.*/
- return NULL;
-}
-
-void
-crmf_generic_encoder_callback(void *arg, const char* buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct crmfEncoderArg *encoderArg = (struct crmfEncoderArg*)arg;
- unsigned char *cursor;
-
- if (encoderArg->buffer->len + len > encoderArg->allocatedLen) {
- int newSize = encoderArg->buffer->len+CRMF_DEFAULT_ALLOC_SIZE;
- void *dummy = PORT_Realloc(encoderArg->buffer->data, newSize);
- if (dummy == NULL) {
- /* I really want to return an error code here */
- PORT_Assert(0);
- return;
- }
- encoderArg->buffer->data = dummy;
- encoderArg->allocatedLen = newSize;
- }
- cursor = &(encoderArg->buffer->data[encoderArg->buffer->len]);
- PORT_Memcpy (cursor, buf, len);
- encoderArg->buffer->len += len;
-}
-
-static SECStatus
-crmf_encode_certreq(CRMFCertRequest *inCertReq, SECItem *derDest)
-{
- struct crmfEncoderArg encoderArg;
- SECStatus rv;
-
- rv = crmf_init_encoder_callback_arg (&encoderArg, derDest);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- return SEC_ASN1Encode(inCertReq, CRMFCertRequestTemplate,
- crmf_generic_encoder_callback, &encoderArg);
-}
-
-static SECStatus
-crmf_sign_certreq(PRArenaPool *poolp,
- CRMFPOPOSigningKey *crmfSignKey,
- CRMFCertRequest *certReq,
- SECKEYPrivateKey *inKey,
- SECAlgorithmID *inAlgId)
-{
- SECItem derCertReq;
- SECItem certReqSig;
- SECStatus rv = SECSuccess;
-
- rv = crmf_encode_certreq(certReq, &derCertReq);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SEC_SignData(&certReqSig, derCertReq.data, derCertReq.len,
- inKey,SECOID_GetAlgorithmTag(inAlgId));
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* Now make it a part of the POPOSigningKey */
- rv = SECITEM_CopyItem(poolp, &(crmfSignKey->signature), &certReqSig);
- /* Convert this length to number of bits */
- crmfSignKey->signature.len <<= 3;
-
- loser:
- if (derCertReq.data != NULL) {
- PORT_Free(derCertReq.data);
- }
- if (certReqSig.data != NULL) {
- PORT_Free(certReqSig.data);
- }
- return rv;
-}
-
-static SECStatus
-crmf_create_poposignkey(PRArenaPool *poolp,
- CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOSigningKeyInput *signKeyInput,
- SECKEYPrivateKey *inPrivKey,
- SECAlgorithmID *inAlgID,
- CRMFPOPOSigningKey *signKey)
-{
- CRMFCertRequest *certReq;
- void *mark;
- PRBool useSignKeyInput;
- SECStatus rv;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->certReq != NULL);
- mark = PORT_ArenaMark(poolp);
- if (signKey == NULL) {
- goto loser;
- }
- certReq = inCertReqMsg->certReq;
- useSignKeyInput = !(CRMF_DoesRequestHaveField(certReq,crmfSubject) &&
- CRMF_DoesRequestHaveField(certReq,crmfPublicKey));
-
- if (useSignKeyInput) {
- goto loser;
- } else {
- rv = crmf_sign_certreq(poolp, signKey, certReq,inPrivKey, inAlgID);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- PORT_ArenaUnmark(poolp,mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp,mark);
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertReqMsgSetSignaturePOP(CRMFCertReqMsg *inCertReqMsg,
- SECKEYPrivateKey *inPrivKey,
- SECKEYPublicKey *inPubKey,
- CERTCertificate *inCertForInput,
- CRMFMACPasswordCallback fn,
- void *arg)
-{
- SECAlgorithmID *algID;
- PRArenaPool *poolp;
- SECItem derDest = {siBuffer, NULL, 0};
- void *mark;
- SECStatus rv;
- CRMFPOPOSigningKeyInput *signKeyInput = NULL;
- CRMFCertRequest *certReq;
- CRMFProofOfPossession *pop;
- struct crmfEncoderArg encoderArg;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->certReq != NULL &&
- inCertReqMsg->pop == NULL);
- certReq = inCertReqMsg->certReq;
- if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice ||
- !CRMF_DoesRequestHaveField(certReq, crmfPublicKey)) {
- return SECFailure;
- }
- poolp = inCertReqMsg->poolp;
- mark = PORT_ArenaMark(poolp);
- algID = crmf_create_poposignkey_algid(poolp, inPubKey);
-
- if(!CRMF_DoesRequestHaveField(certReq,crmfSubject)) {
- signKeyInput = crmf_create_poposigningkeyinput(poolp, inCertForInput,
- fn, arg);
- if (signKeyInput == NULL) {
- goto loser;
- }
- }
-
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
-
- rv = crmf_create_poposignkey(poolp, inCertReqMsg,
- signKeyInput, inPrivKey, algID,
- &(pop->popChoice.signature));
- if (rv != SECSuccess) {
- goto loser;
- }
-
- pop->popUsed = crmfSignature;
- pop->popChoice.signature.algorithmIdentifier = algID;
- inCertReqMsg->pop = pop;
-
- rv = crmf_init_encoder_callback_arg (&encoderArg, &derDest);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SEC_ASN1Encode(&pop->popChoice.signature,
- CRMFPOPOSigningKeyTemplate,
- crmf_generic_encoder_callback, &encoderArg);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECITEM_CopyItem(poolp, &(inCertReqMsg->derPOP), &derDest);
- PORT_Free (derDest.data);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp,mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp,mark);
- if (derDest.data != NULL) {
- PORT_Free(derDest.data);
- }
- return SECFailure;
-}
-
-static const SEC_ASN1Template*
-crmf_get_popoprivkey_subtemplate(CRMFPOPOPrivKey *inPrivKey)
-{
- const SEC_ASN1Template *retTemplate = NULL;
-
- switch (inPrivKey->messageChoice) {
- case crmfThisMessage:
- retTemplate = CRMFThisMessageTemplate;
- break;
- case crmfSubsequentMessage:
- retTemplate = CRMFSubsequentMessageTemplate;
- break;
- case crmfDHMAC:
- retTemplate = CRMFDHMACTemplate;
- break;
- default:
- retTemplate = NULL;
- }
- return retTemplate;
-}
-
-static SECStatus
-crmf_encode_popoprivkey(PRArenaPool *poolp,
- CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey *popoPrivKey,
- const SEC_ASN1Template *privKeyTemplate)
-{
- struct crmfEncoderArg encoderArg;
- SECItem derDest;
- SECStatus rv;
- void *mark;
- const SEC_ASN1Template *subDerTemplate;
-
- mark = PORT_ArenaMark(poolp);
- rv = crmf_init_encoder_callback_arg(&encoderArg, &derDest);
- if (rv != SECSuccess) {
- goto loser;
- }
- subDerTemplate = crmf_get_popoprivkey_subtemplate(popoPrivKey);
- /* We've got a union, so a pointer to one item is a pointer to
- * all the items in the union.
- */
- rv = SEC_ASN1Encode(&popoPrivKey->message.thisMessage,
- subDerTemplate,
- crmf_generic_encoder_callback, &encoderArg);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (encoderArg.allocatedLen > derDest.len+2) {
- void *dummy = PORT_Realloc(derDest.data, derDest.len+2);
- if (dummy == NULL) {
- goto loser;
- }
- derDest.data = dummy;
- }
- PORT_Memmove(&derDest.data[2], &derDest.data[0], derDest.len);
- /* I couldn't figure out how to get the ASN1 encoder to implicitly
- * tag an implicitly tagged der blob. So I'm putting in the outter-
- * most tag myself. -javi
- */
- derDest.data[0] = (unsigned char)privKeyTemplate->kind;
- derDest.data[1] = (unsigned char)derDest.len;
- derDest.len += 2;
- rv = SECITEM_CopyItem(poolp, &inCertReqMsg->derPOP, &derDest);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_Free(derDest.data);
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- if (derDest.data) {
- PORT_Free(derDest.data);
- }
- return SECFailure;
-}
-
-static const SEC_ASN1Template*
-crmf_get_template_for_privkey(CRMFPOPChoice inChoice)
-{
- switch (inChoice) {
- case crmfKeyAgreement:
- return CRMFPOPOKeyAgreementTemplate;
- case crmfKeyEncipherment:
- return CRMFPOPOKeyEnciphermentTemplate;
- default:
- break;
- }
- return NULL;
-}
-
-static SECStatus
-crmf_add_privkey_thismessage(CRMFCertReqMsg *inCertReqMsg, SECItem *encPrivKey,
- CRMFPOPChoice inChoice)
-{
- PRArenaPool *poolp;
- void *mark;
- CRMFPOPOPrivKey *popoPrivKey;
- CRMFProofOfPossession *pop;
- SECStatus rv;
-
- PORT_Assert(inCertReqMsg != NULL && encPrivKey != NULL);
- poolp = inCertReqMsg->poolp;
- mark = PORT_ArenaMark(poolp);
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
- pop->popUsed = inChoice;
- /* popChoice is a union, so getting a pointer to one
- * field gives me a pointer to the other fields as
- * well. This in essence points to both
- * pop->popChoice.keyEncipherment and
- * pop->popChoice.keyAgreement
- */
- popoPrivKey = &pop->popChoice.keyEncipherment;
-
- rv = SECITEM_CopyItem(poolp, &(popoPrivKey->message.thisMessage),
- encPrivKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- popoPrivKey->message.thisMessage.len <<= 3;
- popoPrivKey->messageChoice = crmfThisMessage;
- inCertReqMsg->pop = pop;
- rv = crmf_encode_popoprivkey(poolp, inCertReqMsg, popoPrivKey,
- crmf_get_template_for_privkey(inChoice));
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-static SECStatus
-crmf_add_privkey_subseqmessage(CRMFCertReqMsg *inCertReqMsg,
- CRMFSubseqMessOptions subsequentMessage,
- CRMFPOPChoice inChoice)
-{
- void *mark;
- PRArenaPool *poolp;
- CRMFProofOfPossession *pop;
- CRMFPOPOPrivKey *popoPrivKey;
- SECStatus rv;
- const SEC_ASN1Template *privKeyTemplate;
-
- if (subsequentMessage == crmfNoSubseqMess) {
- return SECFailure;
- }
- poolp = inCertReqMsg->poolp;
- mark = PORT_ArenaMark(poolp);
- pop = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (pop == NULL) {
- goto loser;
- }
-
- pop->popUsed = inChoice;
- /*
- * We have a union, so a pointer to one member of the union
- * is also a member to another member of that same union.
- */
- popoPrivKey = &pop->popChoice.keyEncipherment;
-
- switch (subsequentMessage) {
- case crmfEncrCert:
- rv = crmf_encode_integer(poolp,
- &(popoPrivKey->message.subsequentMessage),
- 0);
- break;
- case crmfChallengeResp:
- rv = crmf_encode_integer(poolp,
- &(popoPrivKey->message.subsequentMessage),
- 1);
- break;
- default:
- goto loser;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- popoPrivKey->messageChoice = crmfSubsequentMessage;
- privKeyTemplate = crmf_get_template_for_privkey(inChoice);
- inCertReqMsg->pop = pop;
- rv = crmf_encode_popoprivkey(poolp, inCertReqMsg, popoPrivKey,
- privKeyTemplate);
-
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertReqMsgSetKeyEnciphermentPOP(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKeyChoice inKeyChoice,
- CRMFSubseqMessOptions subseqMess,
- SECItem *encPrivKey)
-{
- SECStatus rv;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
- if (CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfNoPOPChoice) {
- return SECFailure;
- }
- switch (inKeyChoice) {
- case crmfThisMessage:
- rv = crmf_add_privkey_thismessage(inCertReqMsg, encPrivKey,
- crmfKeyEncipherment);
- break;
- case crmfSubsequentMessage:
- rv = crmf_add_privkey_subseqmessage(inCertReqMsg, subseqMess,
- crmfKeyEncipherment);
- break;
- case crmfDHMAC:
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-CRMF_CertReqMsgSetKeyAgreementPOP (CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKeyChoice inKeyChoice,
- CRMFSubseqMessOptions subseqMess,
- SECItem *encPrivKey)
-{
- SECStatus rv;
-
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->pop == NULL);
- switch (inKeyChoice) {
- case crmfThisMessage:
- rv = crmf_add_privkey_thismessage(inCertReqMsg, encPrivKey,
- crmfKeyAgreement);
- break;
- case crmfSubsequentMessage:
- rv = crmf_add_privkey_subseqmessage(inCertReqMsg, subseqMess,
- crmfKeyAgreement);
- case crmfDHMAC:
- /* This case should be added in the future. */
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
diff --git a/security/nss/lib/crmf/crmfreq.c b/security/nss/lib/crmf/crmfreq.c
deleted file mode 100644
index 7367f7d26..000000000
--- a/security/nss/lib/crmf/crmfreq.c
+++ /dev/null
@@ -1,697 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "keyhi.h"
-#include "secder.h"
-
-/*
- * Macro that returns PR_TRUE if the pointer is not NULL.
- * If the pointer is NULL, then the macro will return PR_FALSE.
- */
-#define IS_NOT_NULL(ptr) ((ptr) == NULL) ? PR_FALSE : PR_TRUE
-
-const unsigned char hexTrue = 0xff;
-const unsigned char hexFalse = 0x00;
-
-
-SECStatus
-crmf_encode_integer(PRArenaPool *poolp, SECItem *dest, long value)
-{
- SECItem *dummy;
-
- dummy = SEC_ASN1EncodeInteger(poolp, dest, value);
- PORT_Assert (dummy == dest);
- if (dummy == NULL) {
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src)
-{
- return SECITEM_CopyItem (poolp, dest, src);
-}
-
-PRBool
-CRMF_DoesRequestHaveField (CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inField)
-{
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return PR_FALSE;
- }
- switch (inField) {
- case crmfVersion:
- return inCertReq->certTemplate.version.data != NULL;
- case crmfSerialNumber:
- return inCertReq->certTemplate.serialNumber.data != NULL;
- case crmfSigningAlg:
- return inCertReq->certTemplate.signingAlg != NULL;
- case crmfIssuer:
- return inCertReq->certTemplate.issuer != NULL;
- case crmfValidity:
- return inCertReq->certTemplate.validity != NULL;
- case crmfSubject:
- return inCertReq->certTemplate.subject != NULL;
- case crmfPublicKey:
- return inCertReq->certTemplate.publicKey != NULL;
- case crmfIssuerUID:
- return inCertReq->certTemplate.issuerUID.data != NULL;
- case crmfSubjectUID:
- return inCertReq->certTemplate.subjectUID.data != NULL;
- case crmfExtension:
- return CRMF_CertRequestGetNumberOfExtensions(inCertReq) != 0;
- }
- return PR_FALSE;
-}
-
-CRMFCertRequest *
-CRMF_CreateCertRequest (long inRequestID) {
- PRArenaPool *poolp;
- CRMFCertRequest *certReq;
- SECStatus rv;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
-
- certReq=PORT_ArenaZNew(poolp,CRMFCertRequest);
- if (certReq == NULL) {
- goto loser;
- }
-
- certReq->poolp = poolp;
- certReq->requestID = inRequestID;
-
- rv = crmf_encode_integer(poolp, &(certReq->certReqId), inRequestID);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- return certReq;
- loser:
- if (poolp) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_DestroyCertRequest(CRMFCertRequest *inCertReq)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq != NULL) {
- if (inCertReq->certTemplate.extensions) {
- PORT_Free(inCertReq->certTemplate.extensions);
- }
- if (inCertReq->controls) {
- /* Right now we don't support EnveloppedData option,
- * so we won't go through and delete each occurrence of
- * an EnveloppedData in the control.
- */
- PORT_Free(inCertReq->controls);
- }
- if (inCertReq->poolp) {
- PORT_FreeArena(inCertReq->poolp, PR_TRUE);
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-crmf_template_add_version(PRArenaPool *poolp, SECItem *dest, long version)
-{
- return (crmf_encode_integer(poolp, dest, version));
-}
-
-static SECStatus
-crmf_template_add_serialnumber(PRArenaPool *poolp, SECItem *dest, long serial)
-{
- return (crmf_encode_integer(poolp, dest, serial));
-}
-
-SECStatus
-crmf_template_copy_secalg (PRArenaPool *poolp, SECAlgorithmID **dest,
- SECAlgorithmID* src)
-{
- SECStatus rv;
- void *mark = NULL;
- SECAlgorithmID *mySecAlg;
-
- if (poolp != NULL) {
- mark = PORT_ArenaMark(poolp);
- }
- *dest = mySecAlg = PORT_ArenaZNew(poolp, SECAlgorithmID);
- if (mySecAlg == NULL) {
- goto loser;
- }
- rv = SECOID_CopyAlgorithmID(poolp, mySecAlg, src);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (mark) {
- PORT_ArenaUnmark(poolp, mark);
- }
- return SECSuccess;
-
- loser:
- *dest = NULL;
- if (mark) {
- PORT_ArenaRelease(poolp, mark);
- }
- return SECFailure;
-}
-
-SECStatus
-crmf_copy_cert_name(PRArenaPool *poolp, CERTName **dest,
- CERTName *src)
-{
- CERTName *newName;
- SECStatus rv;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
- *dest = newName = PORT_ArenaZNew(poolp, CERTName);
- if (newName == NULL) {
- goto loser;
- }
-
- rv = CERT_CopyName(poolp, newName, src);
- if (rv != SECSuccess) {
- goto loser;
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- *dest = NULL;
- return SECFailure;
-}
-
-static SECStatus
-crmf_template_add_issuer (PRArenaPool *poolp, CERTName **dest,
- CERTName* issuerName)
-{
- return crmf_copy_cert_name(poolp, dest, issuerName);
-}
-
-
-static SECStatus
-crmf_encode_utctime(PRArenaPool *poolp, SECItem *destTime, PRTime time)
-{
- SECItem tmpItem;
- SECStatus rv;
-
-
- rv = DER_TimeToUTCTime (&tmpItem, time);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = SECITEM_CopyItem(poolp, destTime, &tmpItem);
- PORT_Free(tmpItem.data);
- return rv;
-}
-
-static SECStatus
-crmf_template_add_validity (PRArenaPool *poolp, CRMFOptionalValidity **dest,
- CRMFValidityCreationInfo *info)
-{
- SECStatus rv;
- void *mark;
- CRMFOptionalValidity *myValidity;
-
- /*First off, let's make sure at least one of the two fields is present*/
- if (!info || (!info->notBefore && !info->notAfter)) {
- return SECFailure;
- }
- mark = PORT_ArenaMark (poolp);
- *dest = myValidity = PORT_ArenaZNew(poolp, CRMFOptionalValidity);
- if (myValidity == NULL) {
- goto loser;
- }
-
- if (info->notBefore) {
- rv = crmf_encode_utctime (poolp, &myValidity->notBefore,
- *info->notBefore);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- if (info->notAfter) {
- rv = crmf_encode_utctime (poolp, &myValidity->notAfter,
- *info->notAfter);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser:
- PORT_ArenaRelease(poolp, mark);
- *dest = NULL;
- return SECFailure;
-}
-
-static SECStatus
-crmf_template_add_subject (PRArenaPool *poolp, CERTName **dest,
- CERTName *subject)
-{
- return crmf_copy_cert_name(poolp, dest, subject);
-}
-
-SECStatus
-crmf_template_add_public_key(PRArenaPool *poolp,
- CERTSubjectPublicKeyInfo **dest,
- CERTSubjectPublicKeyInfo *pubKey)
-{
- CERTSubjectPublicKeyInfo *spki;
- SECStatus rv;
-
- *dest = spki = (poolp == NULL) ?
- PORT_ZNew(CERTSubjectPublicKeyInfo) :
- PORT_ArenaZNew (poolp, CERTSubjectPublicKeyInfo);
- if (spki == NULL) {
- goto loser;
- }
- rv = SECKEY_CopySubjectPublicKeyInfo (poolp, spki, pubKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- return SECSuccess;
- loser:
- if (poolp == NULL && spki != NULL) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- *dest = NULL;
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_bitstring (PRArenaPool *poolp, SECItem *dest, SECItem *src)
-{
- SECStatus rv;
- int origLenBits, numBytesToCopy;
-
- origLenBits = src->len;
- numBytesToCopy = CRMF_BITS_TO_BYTES(origLenBits);
- rv = crmf_copy_secitem(poolp, dest, src);
- src->len = origLenBits;
- dest->len = origLenBits;
- return rv;
-}
-
-static SECStatus
-crmf_template_add_issuer_uid(PRArenaPool *poolp, SECItem *dest,
- SECItem *issuerUID)
-{
- return crmf_copy_bitstring (poolp, dest, issuerUID);
-}
-
-static SECStatus
-crmf_template_add_subject_uid(PRArenaPool *poolp, SECItem *dest,
- SECItem *subjectUID)
-{
- return crmf_copy_bitstring (poolp, dest, subjectUID);
-}
-
-static void
-crmf_zeroize_new_extensions (CRMFCertExtension **extensions,
- int numToZeroize)
-{
- PORT_Memset((void*)extensions, 0, sizeof(CERTCertExtension*)*numToZeroize);
-}
-
-/*
- * The strategy for adding templates will differ from all the other
- * attributes in the template. First, we want to allow the client
- * of this API to set extensions more than just once. So we will
- * need the ability grow the array of extensions. Since arenas don't
- * give us the realloc function, we'll use the generic PORT_* functions
- * to allocate the array of pointers *ONLY*. Then we will allocate each
- * individual extension from the arena that comes along with the certReq
- * structure that owns this template.
- */
-static SECStatus
-crmf_template_add_extensions(PRArenaPool *poolp, CRMFCertTemplate *inTemplate,
- CRMFCertExtCreationInfo *extensions)
-{
- void *mark;
- int newSize, oldSize, i;
- SECStatus rv;
- CRMFCertExtension **extArray;
- CRMFCertExtension *newExt, *currExt;
-
- mark = PORT_ArenaMark(poolp);
- if (inTemplate->extensions == NULL) {
- newSize = extensions->numExtensions;
- extArray = PORT_ZNewArray(CRMFCertExtension*,newSize+1);
- } else {
- newSize = inTemplate->numExtensions + extensions->numExtensions;
- extArray = PORT_Realloc(inTemplate->extensions,
- sizeof(CRMFCertExtension*)*(newSize+1));
- }
- if (extArray == NULL) {
- goto loser;
- }
- oldSize = inTemplate->numExtensions;
- inTemplate->extensions = extArray;
- inTemplate->numExtensions = newSize;
- for (i=oldSize; i < newSize; i++) {
- newExt = PORT_ArenaZNew(poolp, CRMFCertExtension);
- if (newExt == NULL) {
- goto loser2;
- }
- currExt = extensions->extensions[i-oldSize];
- rv = crmf_copy_secitem(poolp, &(newExt->id), &(currExt->id));
- if (rv != SECSuccess) {
- goto loser2;
- }
- rv = crmf_copy_secitem(poolp, &(newExt->critical),
- &(currExt->critical));
- if (rv != SECSuccess) {
- goto loser2;
- }
- rv = crmf_copy_secitem(poolp, &(newExt->value), &(currExt->value));
- if (rv != SECSuccess) {
- goto loser2;
- }
- extArray[i] = newExt;
- }
- extArray[newSize] = NULL;
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
- loser2:
- crmf_zeroize_new_extensions (&(inTemplate->extensions[oldSize]),
- extensions->numExtensions);
- inTemplate->numExtensions = oldSize;
- loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestSetTemplateField(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inTemplateField,
- void *data)
-{
- CRMFCertTemplate *certTemplate;
- PRArenaPool *poolp;
- SECStatus rv = SECFailure;
- void *mark;
-
-
- if (inCertReq == NULL) {
- return SECFailure;
- }
-
- certTemplate = &(inCertReq->certTemplate);
-
- poolp = inCertReq->poolp;
- mark = PORT_ArenaMark(poolp);
- switch (inTemplateField) {
- case crmfVersion:
- rv = crmf_template_add_version(poolp,&(certTemplate->version),
- *(long*)data);
- break;
- case crmfSerialNumber:
- rv = crmf_template_add_serialnumber(poolp,
- &(certTemplate->serialNumber),
- *(long*)data);
- break;
- case crmfSigningAlg:
- rv = crmf_template_copy_secalg (poolp, &(certTemplate->signingAlg),
- (SECAlgorithmID*)data);
- break;
- case crmfIssuer:
- rv = crmf_template_add_issuer (poolp, &(certTemplate->issuer),
- (CERTName*)data);
- break;
- case crmfValidity:
- rv = crmf_template_add_validity (poolp, &(certTemplate->validity),
- (CRMFValidityCreationInfo*)data);
- break;
- case crmfSubject:
- rv = crmf_template_add_subject (poolp, &(certTemplate->subject),
- (CERTName*)data);
- break;
- case crmfPublicKey:
- rv = crmf_template_add_public_key(poolp, &(certTemplate->publicKey),
- (CERTSubjectPublicKeyInfo*)data);
- break;
- case crmfIssuerUID:
- rv = crmf_template_add_issuer_uid(poolp, &(certTemplate->issuerUID),
- (SECItem*)data);
- break;
- case crmfSubjectUID:
- rv = crmf_template_add_subject_uid(poolp, &(certTemplate->subjectUID),
- (SECItem*)data);
- break;
- case crmfExtension:
- rv = crmf_template_add_extensions(poolp, certTemplate,
- (CRMFCertExtCreationInfo*)data);
- break;
- }
- if (rv != SECSuccess) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
- return rv;
-}
-
-SECStatus
-CRMF_CertReqMsgSetCertRequest (CRMFCertReqMsg *inCertReqMsg,
- CRMFCertRequest *inCertReq)
-{
- PORT_Assert (inCertReqMsg != NULL && inCertReq != NULL);
- if (inCertReqMsg == NULL || inCertReq == NULL) {
- return SECFailure;
- }
- inCertReqMsg->certReq = crmf_copy_cert_request(inCertReqMsg->poolp,
- inCertReq);
- return (inCertReqMsg->certReq == NULL) ? SECFailure : SECSuccess;
-}
-
-CRMFCertReqMsg*
-CRMF_CreateCertReqMsg(void)
-{
- PRArenaPool *poolp;
- CRMFCertReqMsg *reqMsg;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
- reqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
- if (reqMsg == NULL) {
- goto loser;
- }
- reqMsg->poolp = poolp;
- return reqMsg;
-
- loser:
- if (poolp) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_DestroyCertReqMsg(CRMFCertReqMsg *inCertReqMsg)
-{
- PORT_Assert(inCertReqMsg != NULL && inCertReqMsg->poolp != NULL);
- if (!inCertReqMsg->isDecoded) {
- if (inCertReqMsg->certReq->certTemplate.extensions != NULL) {
- PORT_Free(inCertReqMsg->certReq->certTemplate.extensions);
- }
- if (inCertReqMsg->certReq->controls != NULL) {
- PORT_Free(inCertReqMsg->certReq->controls);
- }
- }
- PORT_FreeArena(inCertReqMsg->poolp, PR_TRUE);
- return SECSuccess;
-}
-
-CRMFCertExtension*
-crmf_create_cert_extension(PRArenaPool *poolp,
- SECOidTag id,
- PRBool isCritical,
- SECItem *data)
-{
- CRMFCertExtension *newExt;
- SECOidData *oidData;
- SECStatus rv;
-
- newExt = (poolp == NULL) ? PORT_ZNew(CRMFCertExtension) :
- PORT_ArenaZNew(poolp, CRMFCertExtension);
- if (newExt == NULL) {
- goto loser;
- }
- oidData = SECOID_FindOIDByTag(id);
- if (oidData == NULL ||
- oidData->supportedExtension != SUPPORTED_CERT_EXTENSION) {
- goto loser;
- }
-
- rv = SECITEM_CopyItem(poolp, &(newExt->id), &(oidData->oid));
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = SECITEM_CopyItem(poolp, &(newExt->value), data);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- if (isCritical) {
- newExt->critical.data = (poolp == NULL) ?
- PORT_New(unsigned char) :
- PORT_ArenaNew(poolp, unsigned char);
- if (newExt->critical.data == NULL) {
- goto loser;
- }
- newExt->critical.data[0] = hexTrue;
- newExt->critical.len = 1;
- }
- return newExt;
- loser:
- if (newExt != NULL && poolp == NULL) {
- CRMF_DestroyCertExtension(newExt);
- }
- return NULL;
-}
-
-CRMFCertExtension *
-CRMF_CreateCertExtension(SECOidTag id,
- PRBool isCritical,
- SECItem *data)
-{
- return crmf_create_cert_extension(NULL, id, isCritical, data);
-}
-
-SECStatus
-crmf_destroy_cert_extension(CRMFCertExtension *inExtension, PRBool freeit)
-{
- if (inExtension != NULL) {
- SECITEM_FreeItem (&(inExtension->id), PR_FALSE);
- SECITEM_FreeItem (&(inExtension->value), PR_FALSE);
- SECITEM_FreeItem (&(inExtension->critical), PR_FALSE);
- if (freeit) {
- PORT_Free(inExtension);
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_DestroyCertExtension(CRMFCertExtension *inExtension)
-{
- return crmf_destroy_cert_extension(inExtension, PR_TRUE);
-}
-
-SECStatus
-CRMF_DestroyCertReqMessages(CRMFCertReqMessages *inCertReqMsgs)
-{
- PORT_Assert (inCertReqMsgs != NULL);
- if (inCertReqMsgs != NULL) {
- PORT_FreeArena(inCertReqMsgs->poolp, PR_TRUE);
- }
- return SECSuccess;
-}
-
-static PRBool
-crmf_item_has_data(SECItem *item)
-{
- if (item != NULL && item->data != NULL) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-PRBool
-CRMF_CertRequestIsFieldPresent(CRMFCertRequest *inCertReq,
- CRMFCertTemplateField inTemplateField)
-{
- PRBool retVal;
- CRMFCertTemplate *certTemplate;
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- /* This is probably some kind of error, but this is
- * the safest return value for this function.
- */
- return PR_FALSE;
- }
- certTemplate = &inCertReq->certTemplate;
- switch (inTemplateField) {
- case crmfVersion:
- retVal = crmf_item_has_data(&certTemplate->version);
- break;
- case crmfSerialNumber:
- retVal = crmf_item_has_data(&certTemplate->serialNumber);
- break;
- case crmfSigningAlg:
- retVal = IS_NOT_NULL(certTemplate->signingAlg);
- break;
- case crmfIssuer:
- retVal = IS_NOT_NULL(certTemplate->issuer);
- break;
- case crmfValidity:
- retVal = IS_NOT_NULL(certTemplate->validity);
- break;
- case crmfSubject:
- retVal = IS_NOT_NULL(certTemplate->subject);
- break;
- case crmfPublicKey:
- retVal = IS_NOT_NULL(certTemplate->publicKey);
- break;
- case crmfIssuerUID:
- retVal = crmf_item_has_data(&certTemplate->issuerUID);
- break;
- case crmfSubjectUID:
- retVal = crmf_item_has_data(&certTemplate->subjectUID);
- break;
- case crmfExtension:
- retVal = IS_NOT_NULL(certTemplate->extensions);
- break;
- default:
- retVal = PR_FALSE;
- }
- return retVal;
-}
diff --git a/security/nss/lib/crmf/crmft.h b/security/nss/lib/crmf/crmft.h
deleted file mode 100644
index 3bc4d3826..000000000
--- a/security/nss/lib/crmf/crmft.h
+++ /dev/null
@@ -1,217 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-/* Header file with all of the structures and types that will be exported
- * by the security library for implementation of CRMF.
- */
-
-#ifndef _CRMFT_H_
-#define _CRMFT_H_
-
-/* Use these enumerated values for adding fields to the certificate request */
-typedef enum {
- crmfVersion = 0,
- crmfSerialNumber = 1,
- crmfSigningAlg = 2,
- crmfIssuer = 3,
- crmfValidity = 4,
- crmfSubject = 5,
- crmfPublicKey = 6,
- crmfIssuerUID = 7,
- crmfSubjectUID = 8,
- crmfExtension = 9
-} CRMFCertTemplateField;
-
-/*
- * An enumeration for the different types of controls.
- */
-typedef enum {
- crmfNoControl = 0,
- crmfRegTokenControl = 1,
- crmfAuthenticatorControl = 2,
- crmfPKIPublicationInfoControl = 3,
- crmfPKIArchiveOptionsControl = 4,
- crmfOldCertIDControl = 5,
- crmfProtocolEncrKeyControl = 6
-} CRMFControlType;
-
-/*
- * The possible values that are passed into CRMF_CreatePKIPublicationInfo
- */
-typedef enum {
- crmfDontPublish = 0,
- crmfPleasePublish = 1
-} CRMFPublicationAction;
-
-/*
- * An enumeration for the possible for pubMethod which is a part of
- * the SinglePubInfo ASN1 type.
- */
-typedef enum {
- crmfDontCare = 0,
- crmfX500 = 1,
- crmfWeb = 2,
- crmfLdap = 3
-} CRMFPublicationMethod;
-
-/*
- * An enumeration for the different options for PKIArchiveOptions type.
- */
-typedef enum {
- crmfNoArchiveOptions = 0,
- crmfEncryptedPrivateKey = 1,
- crmfKeyGenParameters = 2,
- crmfArchiveRemGenPrivKey = 3
-} CRMFPKIArchiveOptionsType;
-
-/*
- * An enumeration for the different options for ProofOfPossession
- */
-typedef enum {
- crmfNoPOPChoice = 0,
- crmfRAVerified = 1,
- crmfSignature = 2,
- crmfKeyEncipherment = 3,
- crmfKeyAgreement = 4
-} CRMFPOPChoice;
-
-/*
- * An enumertion type for options for the authInfo field of the
- * CRMFPOPOSigningKeyInput structure.
- */
-typedef enum {
- crmfSender = 0,
- crmfPublicKeyMAC = 1
-} CRMFPOPOSkiInputAuthChoice;
-
-/*
- * An enumeration for the SubsequentMessage Options.
- */
-typedef enum {
- crmfNoSubseqMess = 0,
- crmfEncrCert = 1,
- crmfChallengeResp = 2
-} CRMFSubseqMessOptions;
-
-/*
- * An enumeration for the choice used by POPOPrivKey.
- */
-typedef enum {
- crmfNoMessage = 0,
- crmfThisMessage = 1,
- crmfSubsequentMessage = 2,
- crmfDHMAC = 3
-} CRMFPOPOPrivKeyChoice;
-
-/*
- * An enumeration for the choices for the EncryptedKey type.
- */
-typedef enum {
- crmfNoEncryptedKeyChoice = 0,
- crmfEncryptedValueChoice = 1,
- crmfEnvelopedDataChoice = 2
-} CRMFEncryptedKeyChoice;
-
-/*
- * TYPE: CRMFEncoderOutputCallback
- * This function type defines a prototype for a function that the CRMF
- * library expects when encoding is performed.
- *
- * ARGUMENTS:
- * arg
- * This will be a pointer the user passed into an encoding function.
- * The user of the library is free to use this pointer in any way.
- * The most common use is to keep around a buffer for writing out
- * the DER encoded bytes.
- * buf
- * The DER encoded bytes that should be written out.
- * len
- * The number of DER encoded bytes to write out.
- *
- */
-typedef void (*CRMFEncoderOutputCallback) (void *arg,
- const char *buf,
- unsigned long len);
-
-/*
- * Type for the function that gets a password. Just in case we ever
- * need to support publicKeyMAC for POPOSigningKeyInput
- */
-typedef SECItem* (*CRMFMACPasswordCallback) (void *arg);
-
-typedef struct CRMFOptionalValidityStr CRMFOptionalValidity;
-typedef struct CRMFValidityCreationInfoStr CRMFGetValidity;
-typedef struct CRMFCertTemplateStr CRMFCertTemplate;
-typedef struct CRMFCertRequestStr CRMFCertRequest;
-typedef struct CRMFCertReqMsgStr CRMFCertReqMsg;
-typedef struct CRMFCertReqMessagesStr CRMFCertReqMessages;
-typedef struct CRMFProofOfPossessionStr CRMFProofOfPossession;
-typedef struct CRMFPOPOSigningKeyStr CRMFPOPOSigningKey;
-typedef struct CRMFPOPOSigningKeyInputStr CRMFPOPOSigningKeyInput;
-typedef struct CRMFPOPOPrivKeyStr CRMFPOPOPrivKey;
-typedef struct CRMFPKIPublicationInfoStr CRMFPKIPublicationInfo;
-typedef struct CRMFSinglePubInfoStr CRMFSinglePubInfo;
-typedef struct CRMFPKIArchiveOptionsStr CRMFPKIArchiveOptions;
-typedef struct CRMFEncryptedKeyStr CRMFEncryptedKey;
-typedef struct CRMFEncryptedValueStr CRMFEncryptedValue;
-typedef struct CRMFCertIDStr CRMFCertID;
-typedef struct CRMFCertIDStr CRMFOldCertID;
-typedef CERTSubjectPublicKeyInfo CRMFProtocolEncrKey;
-typedef struct CRMFValidityCreationInfoStr CRMFValidityCreationInfo;
-typedef struct CRMFCertExtCreationInfoStr CRMFCertExtCreationInfo;
-typedef struct CRMFPKMACValueStr CRMFPKMACValue;
-typedef struct CRMFAttributeStr CRMFAttribute;
-typedef struct CRMFControlStr CRMFControl;
-typedef CERTGeneralName CRMFGeneralName;
-typedef struct CRMFCertExtensionStr CRMFCertExtension;
-
-struct CRMFValidityCreationInfoStr {
- PRTime *notBefore;
- PRTime *notAfter;
-};
-
-struct CRMFCertExtCreationInfoStr {
- CRMFCertExtension **extensions;
- int numExtensions;
-};
-
-/*
- * Some ASN1 Templates that may be needed.
- */
-extern const SEC_ASN1Template CRMFCertReqMessagesTemplate[];
-extern const SEC_ASN1Template CRMFCertRequestTemplate[];
-
-
-#endif /*_CRMFT_H_*/
diff --git a/security/nss/lib/crmf/crmftmpl.c b/security/nss/lib/crmf/crmftmpl.c
deleted file mode 100644
index a65a074a1..000000000
--- a/security/nss/lib/crmf/crmftmpl.c
+++ /dev/null
@@ -1,299 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "crmf.h"
-#include "crmfi.h"
-#include "secoid.h"
-#include "secasn1.h"
-
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-SEC_ASN1_MKSUB(SEC_NullTemplate)
-SEC_ASN1_MKSUB(SEC_BitStringTemplate)
-SEC_ASN1_MKSUB(SEC_IntegerTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_UTCTimeTemplate)
-SEC_ASN1_MKSUB(CERT_SubjectPublicKeyInfoTemplate)
-SEC_ASN1_MKSUB(CERT_NameTemplate)
-
-/*
- * It's all implicit tagging.
- */
-
-const SEC_ASN1Template CRMFControlTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFControl)},
- { SEC_ASN1_OBJECT_ID, offsetof(CRMFControl, derTag)},
- { SEC_ASN1_ANY, offsetof(CRMFControl, derValue) },
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFCertExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CRMFCertExtension) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(CRMFCertExtension,id) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
- offsetof(CRMFCertExtension,critical) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(CRMFCertExtension,value) },
- { 0, }
-};
-
-static const SEC_ASN1Template CRMFSequenceOfCertExtensionTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, CRMFCertExtensionTemplate }
-};
-
-static const SEC_ASN1Template CRMFOptionalValidityTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFOptionalValidity) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 0,
- offsetof (CRMFOptionalValidity, notBefore),
- SEC_ASN1_SUB(SEC_UTCTimeTemplate) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_NO_STREAM |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1,
- offsetof (CRMFOptionalValidity, notAfter),
- SEC_ASN1_SUB(SEC_UTCTimeTemplate) },
- { 0 }
-};
-
-static const SEC_ASN1Template crmfPointerToNameTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(CERT_NameTemplate)},
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFCertTemplateTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(CRMFCertTemplate, version),
- SEC_ASN1_SUB(SEC_IntegerTemplate) },
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL | SEC_ASN1_XTRN | 1 ,
- offsetof (CRMFCertTemplate, serialNumber),
- SEC_ASN1_SUB(SEC_IntegerTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 2,
- offsetof (CRMFCertTemplate, signingAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 3,
- offsetof (CRMFCertTemplate, issuer), crmfPointerToNameTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER | 4,
- offsetof (CRMFCertTemplate, validity),
- CRMFOptionalValidityTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | 5,
- offsetof (CRMFCertTemplate, subject), crmfPointerToNameTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 6,
- offsetof (CRMFCertTemplate, publicKey),
- SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
- SEC_ASN1_XTRN | 7,
- offsetof (CRMFCertTemplate, issuerUID),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
- SEC_ASN1_XTRN | 8,
- offsetof (CRMFCertTemplate, subjectUID),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_OPTIONAL |
- SEC_ASN1_CONTEXT_SPECIFIC | 9,
- offsetof (CRMFCertTemplate, extensions),
- CRMFSequenceOfCertExtensionTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFAttributeTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFAttribute)},
- { SEC_ASN1_OBJECT_ID, offsetof(CRMFAttribute, derTag)},
- { SEC_ASN1_ANY, offsetof(CRMFAttribute, derValue) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFCertRequestTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFCertRequest) },
- { SEC_ASN1_INTEGER, offsetof(CRMFCertRequest, certReqId)},
- { SEC_ASN1_INLINE, offsetof(CRMFCertRequest, certTemplate),
- CRMFCertTemplateTemplate},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CRMFCertRequest,controls),
- CRMFControlTemplate}, /* SEQUENCE SIZE (1...MAX)*/
- { 0 }
-};
-
-const SEC_ASN1Template CRMFCertReqMsgTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFCertReqMsg) },
- { SEC_ASN1_POINTER, offsetof(CRMFCertReqMsg, certReq),
- CRMFCertRequestTemplate },
- { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
- offsetof(CRMFCertReqMsg, derPOP) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SEQUENCE_OF,
- offsetof(CRMFCertReqMsg, regInfo),
- CRMFAttributeTemplate}, /* SEQUENCE SIZE (1...MAX)*/
- { 0 }
-};
-
-const SEC_ASN1Template CRMFCertReqMessagesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, offsetof(CRMFCertReqMessages, messages),
- CRMFCertReqMsgTemplate, sizeof (CRMFCertReqMessages)}
-};
-
-static const SEC_ASN1Template CRMFPOPOSigningKeyInputTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL,sizeof(CRMFPOPOSigningKeyInput) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(CRMFPOPOSigningKeyInput, authInfo.sender) },
- { SEC_ASN1_BIT_STRING | SEC_ASN1_OPTIONAL | 1,
- offsetof (CRMFPOPOSigningKeyInput, authInfo.publicKeyMAC) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(CRMFPOPOSigningKeyInput, publicKey),
- SEC_ASN1_SUB(CERT_SubjectPublicKeyInfoTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFRAVerifiedTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 0 | SEC_ASN1_XTRN,
- 0,
- SEC_ASN1_SUB(SEC_NullTemplate) },
- { 0 }
-};
-
-
-/* This template will need to add POPOSigningKeyInput eventually, maybe*/
-static const SEC_ASN1Template crmfPOPOSigningKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPOPOSigningKey) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(CRMFPOPOSigningKey, derInput),
- SEC_ASN1_SUB(SEC_AnyTemplate) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(CRMFPOPOSigningKey, algorithmIdentifier),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_BIT_STRING | SEC_ASN1_XTRN,
- offsetof(CRMFPOPOSigningKey, signature),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFPOPOSigningKeyTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | 1,
- 0,
- crmfPOPOSigningKeyTemplate},
- { 0 }
-};
-
-const SEC_ASN1Template CRMFThisMessageTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- 0,
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFSubsequentMessageTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
- 0,
- SEC_ASN1_SUB(SEC_IntegerTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFDHMACTemplate[] = {
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- 0,
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFPOPOKeyEnciphermentTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
- 0,
- SEC_ASN1_SUB(SEC_AnyTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFPOPOKeyAgreementTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 3,
- 0,
- SEC_ASN1_SUB(SEC_AnyTemplate)},
- { 0 }
-};
-
-const SEC_ASN1Template CRMFEncryptedValueTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFEncryptedValue)},
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 0,
- offsetof(CRMFEncryptedValue, intendedAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 1,
- offsetof (CRMFEncryptedValue, symmAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_OPTIONAL |
- SEC_ASN1_XTRN | 2,
- offsetof(CRMFEncryptedValue, encSymmKey),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_POINTER |
- SEC_ASN1_XTRN | 3,
- offsetof(CRMFEncryptedValue, keyAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_NO_STREAM | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 4,
- offsetof(CRMFEncryptedValue, valueHint),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) },
- { SEC_ASN1_BIT_STRING, offsetof(CRMFEncryptedValue, encValue) },
- { 0 }
-};
-
-const SEC_ASN1Template CRMFEncryptedKeyWithEncryptedValueTemplate [] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- 0,
- CRMFEncryptedValueTemplate},
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFSinglePubInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (CRMFSinglePubInfo)},
- { SEC_ASN1_INTEGER, offsetof(CRMFSinglePubInfo, pubMethod) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC,
- offsetof(CRMFSinglePubInfo, pubLocation) },
- { 0 }
-};
-
-static const SEC_ASN1Template CRMFPublicationInfoTemplate[] ={
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CRMFPKIPublicationInfo) },
- { SEC_ASN1_INTEGER, offsetof(CRMFPKIPublicationInfo, action) },
- { SEC_ASN1_POINTER, offsetof(CRMFPKIPublicationInfo, pubInfos),
- CRMFSinglePubInfoTemplate},
- { 0 }
-};
diff --git a/security/nss/lib/crmf/encutil.c b/security/nss/lib/crmf/encutil.c
deleted file mode 100644
index 7862e1482..000000000
--- a/security/nss/lib/crmf/encutil.c
+++ /dev/null
@@ -1,63 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*- */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secasn1.h"
-#include "crmf.h"
-#include "crmfi.h"
-
-void
-crmf_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct crmfEncoderOutput *output;
-
- output = (struct crmfEncoderOutput*) arg;
- output->fn (output->outputArg, buf, len);
-}
-
-SECStatus
-cmmf_user_encode(void *src, CRMFEncoderOutputCallback inCallback, void *inArg,
- const SEC_ASN1Template *inTemplate)
-{
- struct crmfEncoderOutput output;
-
- PORT_Assert(src != NULL);
- if (src == NULL) {
- return SECFailure;
- }
- output.fn = inCallback;
- output.outputArg = inArg;
- return SEC_ASN1Encode(src, inTemplate, crmf_encoder_out, &output);
-}
-
diff --git a/security/nss/lib/crmf/manifest.mn b/security/nss/lib/crmf/manifest.mn
deleted file mode 100644
index 67e145d09..000000000
--- a/security/nss/lib/crmf/manifest.mn
+++ /dev/null
@@ -1,73 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-EXPORTS = \
- crmf.h \
- crmft.h \
- cmmf.h \
- cmmft.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- crmfi.h \
- crmfit.h \
- cmmfi.h \
- cmmfit.h \
- $(NULL)
-
-CSRCS = crmfenc.c \
- crmftmpl.c \
- crmfreq.c \
- crmfpop.c \
- crmfdec.c \
- crmfget.c \
- crmfcont.c \
- cmmfasn1.c \
- cmmfresp.c \
- cmmfrec.c \
- cmmfchal.c \
- servget.c \
- encutil.c \
- respcli.c \
- respcmn.c \
- challcli.c \
- asn1cmn.c \
- $(NULL)
-
-REQUIRES = dbm
-
-LIBRARY_NAME = crmf
diff --git a/security/nss/lib/crmf/respcli.c b/security/nss/lib/crmf/respcli.c
deleted file mode 100644
index 9dac74a5e..000000000
--- a/security/nss/lib/crmf/respcli.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-/*
- * This file will contain all routines needed by a client that has
- * to parse a CMMFCertRepContent structure and retirieve the appropriate
- * data.
- */
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "crmf.h"
-#include "crmfi.h"
-#include "secitem.h"
-#include "secder.h"
-#include "secasn1.h"
-
-CMMFCertRepContent*
-CMMF_CreateCertRepContentFromDER(CERTCertDBHandle *db, const char *buf,
- long len)
-{
- PRArenaPool *poolp;
- CMMFCertRepContent *certRepContent;
- SECStatus rv;
- int i;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- certRepContent = PORT_ArenaZNew(poolp, CMMFCertRepContent);
- if (certRepContent == NULL) {
- goto loser;
- }
- certRepContent->poolp = poolp;
- rv = SEC_ASN1Decode(poolp, certRepContent, CMMFCertRepContentTemplate,
- buf, len);
- if (rv != SECSuccess) {
- goto loser;
- }
- if (certRepContent->response != NULL) {
- for (i=0; certRepContent->response[i] != NULL; i++) {
- rv = cmmf_decode_process_cert_response(poolp, db,
- certRepContent->response[i]);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- }
- certRepContent->isDecoded = PR_TRUE;
- return certRepContent;
- loser:
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
-}
-
-long
-CMMF_CertResponseGetCertReqId(CMMFCertResponse *inCertResp)
-{
- PORT_Assert(inCertResp != NULL);
- if (inCertResp == NULL) {
- return -1;
- }
- return DER_GetInteger(&inCertResp->certReqId);
-}
-
-PRBool
-cmmf_CertRepContentIsIndexValid(CMMFCertRepContent *inCertRepContent,
- int inIndex)
-{
- int numResponses;
-
- PORT_Assert(inCertRepContent != NULL);
- numResponses = CMMF_CertRepContentGetNumResponses(inCertRepContent);
- return (PRBool)(inIndex >= 0 && inIndex < numResponses);
-}
-
-CMMFCertResponse*
-CMMF_CertRepContentGetResponseAtIndex(CMMFCertRepContent *inCertRepContent,
- int inIndex)
-{
- CMMFCertResponse *certResponse;
- SECStatus rv;
-
- PORT_Assert(inCertRepContent != NULL &&
- cmmf_CertRepContentIsIndexValid(inCertRepContent, inIndex));
- if (inCertRepContent == NULL ||
- !cmmf_CertRepContentIsIndexValid(inCertRepContent, inIndex)) {
- return NULL;
- }
- certResponse = PORT_ZNew(CMMFCertResponse);
- rv = cmmf_CopyCertResponse(NULL, certResponse,
- inCertRepContent->response[inIndex]);
- if (rv != SECSuccess) {
- CMMF_DestroyCertResponse(certResponse);
- certResponse = NULL;
- }
- return certResponse;
-}
-
-CMMFPKIStatus
-CMMF_CertResponseGetPKIStatusInfoStatus(CMMFCertResponse *inCertResp)
-{
- PORT_Assert(inCertResp != NULL);
- if (inCertResp == NULL) {
- return cmmfNoPKIStatus;
- }
- return cmmf_PKIStatusInfoGetStatus(&inCertResp->status);
-}
-
-CERTCertificate*
-CMMF_CertResponseGetCertificate(CMMFCertResponse *inCertResp,
- CERTCertDBHandle *inCertdb)
-{
- PORT_Assert(inCertResp != NULL);
- if (inCertResp == NULL || inCertResp->certifiedKeyPair == NULL) {
- return NULL;
- }
-
- return cmmf_CertOrEncCertGetCertificate
- (&inCertResp->certifiedKeyPair->certOrEncCert,
- inCertdb);
-
-}
-
-CERTCertList*
-CMMF_CertRepContentGetCAPubs (CMMFCertRepContent *inCertRepContent)
-{
- PORT_Assert (inCertRepContent != NULL);
- if (inCertRepContent == NULL || inCertRepContent->caPubs == NULL) {
- return NULL;
- }
- return cmmf_MakeCertList(inCertRepContent->caPubs);
-}
-
diff --git a/security/nss/lib/crmf/respcmn.c b/security/nss/lib/crmf/respcmn.c
deleted file mode 100644
index 5fa017a05..000000000
--- a/security/nss/lib/crmf/respcmn.c
+++ /dev/null
@@ -1,415 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "secder.h"
-
-SECStatus
-cmmf_DestroyPKIStatusInfo (CMMFPKIStatusInfo *info, PRBool freeit)
-{
- if (info->status.data != NULL) {
- PORT_Free(info->status.data);
- }
- if (info->statusString.data != NULL) {
- PORT_Free(info->statusString.data);
- }
- if (info->failInfo.data != NULL) {
- PORT_Free(info->failInfo.data);
- }
- if (freeit) {
- PORT_Free(info);
- }
- return SECSuccess;
-}
-
-SECStatus
-CMMF_DestroyCertResponse(CMMFCertResponse *inCertResp)
-{
- PORT_Assert(inCertResp != NULL);
- if (inCertResp != NULL) {
- if (inCertResp->certReqId.data != NULL) {
- PORT_Free(inCertResp->certReqId.data);
- }
- cmmf_DestroyPKIStatusInfo(&inCertResp->status, PR_FALSE);
- if (inCertResp->certifiedKeyPair != NULL) {
- CMMF_DestroyCertifiedKeyPair(inCertResp->certifiedKeyPair);
- }
- PORT_Free(inCertResp);
- }
- return SECSuccess;
-}
-
-SECStatus
-CMMF_DestroyCertRepContent(CMMFCertRepContent *inCertRepContent)
-{
- CMMFCertifiedKeyPair *certKeyPair;
- int i;
-
- PORT_Assert(inCertRepContent != NULL);
- if (inCertRepContent != NULL && inCertRepContent->poolp != NULL) {
- if (!inCertRepContent->isDecoded) {
- if (inCertRepContent->response != NULL) {
- for (i=0; inCertRepContent->response[i] != NULL; i++) {
- certKeyPair = inCertRepContent->response[i]->certifiedKeyPair;
- if (certKeyPair != NULL &&
- certKeyPair->certOrEncCert.choice == cmmfCertificate &&
- certKeyPair->certOrEncCert.cert.certificate != NULL) {
- CERT_DestroyCertificate
- (certKeyPair->certOrEncCert.cert.certificate);
- }
- }
- }
- if (inCertRepContent->caPubs != NULL) {
- for (i=0; inCertRepContent->caPubs[i] != NULL; i++) {
- CERT_DestroyCertificate(inCertRepContent->caPubs[i]);
- }
- }
- }
- PORT_FreeArena(inCertRepContent->poolp, PR_TRUE);
- }
- return SECSuccess;
-}
-
-SECStatus
-CMMF_DestroyPOPODecKeyChallContent(CMMFPOPODecKeyChallContent *inDecKeyCont)
-{
- PORT_Assert(inDecKeyCont != NULL);
- if (inDecKeyCont != NULL && inDecKeyCont->poolp) {
- PORT_FreeArena(inDecKeyCont->poolp, PR_FALSE);
- }
- return SECSuccess;
-}
-
-SECStatus
-crmf_create_prtime(SECItem *src, PRTime **dest)
-{
- *dest = PORT_ZNew(PRTime);
- return DER_UTCTimeToTime(*dest, src);
-}
-
-CRMFCertExtension*
-crmf_copy_cert_extension(PRArenaPool *poolp, CRMFCertExtension *inExtension)
-{
- PRBool isCritical;
- SECOidTag id;
- SECItem *data;
- CRMFCertExtension *newExt;
-
- PORT_Assert(inExtension != NULL);
- if (inExtension == NULL) {
- return NULL;
- }
- id = CRMF_CertExtensionGetOidTag(inExtension);
- isCritical = CRMF_CertExtensionGetIsCritical(inExtension);
- data = CRMF_CertExtensionGetValue(inExtension);
- newExt = crmf_create_cert_extension(poolp, id,
- isCritical,
- data);
- SECITEM_FreeItem(data, PR_TRUE);
- return newExt;
-}
-
-static SECItem*
-cmmf_encode_certificate(CERTCertificate *inCert)
-{
- return SEC_ASN1EncodeItem(NULL, NULL, inCert,
- SEC_ASN1_GET(SEC_SignedCertificateTemplate));
-}
-
-CERTCertList*
-cmmf_MakeCertList(CERTCertificate **inCerts)
-{
- CERTCertList *certList;
- CERTCertificate *currCert;
- SECItem *derCert, *freeCert = NULL;
- SECStatus rv;
- int i;
-
- certList = CERT_NewCertList();
- if (certList == NULL) {
- return NULL;
- }
- for (i=0; inCerts[i] != NULL; i++) {
- derCert = &inCerts[i]->derCert;
- if (derCert->data == NULL) {
- derCert = freeCert = cmmf_encode_certificate(inCerts[i]);
- }
- currCert=CERT_DecodeDERCertificate(derCert, PR_TRUE, NULL);
- if (freeCert != NULL) {
- SECITEM_FreeItem(freeCert, PR_TRUE);
- freeCert = NULL;
- }
- if (currCert == NULL) {
- goto loser;
- }
- rv = CERT_AddCertToListTail(certList, currCert);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- return certList;
- loser:
- CERT_DestroyCertList(certList);
- return NULL;
-}
-
-CMMFPKIStatus
-cmmf_PKIStatusInfoGetStatus(CMMFPKIStatusInfo *inStatus)
-{
- long derVal;
-
- derVal = DER_GetInteger(&inStatus->status);
- if (derVal == -1 || derVal < cmmfGranted || derVal >= cmmfNumPKIStatus) {
- return cmmfNoPKIStatus;
- }
- return (CMMFPKIStatus)derVal;
-}
-
-int
-CMMF_CertRepContentGetNumResponses(CMMFCertRepContent *inCertRepContent)
-{
- int numResponses = 0;
- PORT_Assert (inCertRepContent != NULL);
- if (inCertRepContent != NULL && inCertRepContent->response != NULL) {
- while (inCertRepContent->response[numResponses] != NULL) {
- numResponses++;
- }
- }
- return numResponses;
-}
-
-
-SECStatus
-cmmf_DestroyCertOrEncCert(CMMFCertOrEncCert *certOrEncCert, PRBool freeit)
-{
- switch (certOrEncCert->choice) {
- case cmmfCertificate:
- CERT_DestroyCertificate(certOrEncCert->cert.certificate);
- break;
- case cmmfEncryptedCert:
- crmf_destroy_encrypted_value(certOrEncCert->cert.encryptedCert,
- PR_TRUE);
- break;
- default:
- break;
- }
- if (freeit) {
- PORT_Free(certOrEncCert);
- }
- return SECSuccess;
-}
-
-SECStatus
-cmmf_copy_secitem (PRArenaPool *poolp, SECItem *dest, SECItem *src)
-{
- SECStatus rv;
-
- if (src->data != NULL) {
- rv = SECITEM_CopyItem(poolp, dest, src);
- } else {
- dest->data = NULL;
- dest->len = 0;
- rv = SECSuccess;
- }
- return rv;
-}
-
-SECStatus
-CMMF_DestroyCertifiedKeyPair(CMMFCertifiedKeyPair *inCertKeyPair)
-{
- PORT_Assert(inCertKeyPair != NULL);
- if (inCertKeyPair != NULL) {
- cmmf_DestroyCertOrEncCert(&inCertKeyPair->certOrEncCert, PR_FALSE);
- }
- if (inCertKeyPair->privateKey) {
- crmf_destroy_encrypted_value(inCertKeyPair->privateKey, PR_TRUE);
- }
- if (inCertKeyPair->derPublicationInfo.data) {
- PORT_Free(inCertKeyPair->derPublicationInfo.data);
- }
- PORT_Free(inCertKeyPair);
- return SECSuccess;
-}
-
-SECStatus
-cmmf_CopyCertResponse(PRArenaPool *poolp,
- CMMFCertResponse *dest,
- CMMFCertResponse *src)
-{
- SECStatus rv;
-
- if (src->certReqId.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &dest->certReqId, &src->certReqId);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- rv = cmmf_CopyPKIStatusInfo(poolp, &dest->status, &src->status);
- if (rv != SECSuccess) {
- return rv;
- }
- if (src->certifiedKeyPair != NULL) {
- dest->certifiedKeyPair = (poolp == NULL) ?
- PORT_ZNew(CMMFCertifiedKeyPair) :
- PORT_ArenaZNew(poolp, CMMFCertifiedKeyPair);
- if (dest->certifiedKeyPair == NULL) {
- return SECFailure;
- }
- rv = cmmf_CopyCertifiedKeyPair(poolp, dest->certifiedKeyPair,
- src->certifiedKeyPair);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- return SECSuccess;
-}
-
-static SECStatus
-cmmf_CopyCertOrEncCert(PRArenaPool *poolp, CMMFCertOrEncCert *dest,
- CMMFCertOrEncCert *src)
-{
- SECStatus rv = SECSuccess;
- CRMFEncryptedValue *encVal;
-
- dest->choice = src->choice;
- rv = cmmf_copy_secitem(poolp, &dest->derValue, &src->derValue);
- switch (src->choice) {
- case cmmfCertificate:
- dest->cert.certificate = CERT_DupCertificate(src->cert.certificate);
- break;
- case cmmfEncryptedCert:
- dest->cert.encryptedCert = encVal = (poolp == NULL) ?
- PORT_ZNew(CRMFEncryptedValue) :
- PORT_ArenaZNew(poolp, CRMFEncryptedValue);
- if (encVal == NULL) {
- return SECFailure;
- }
- rv = crmf_copy_encryptedvalue(poolp, src->cert.encryptedCert, encVal);
- if (rv != SECSuccess) {
- return rv;
- }
- break;
- default:
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-cmmf_CopyCertifiedKeyPair(PRArenaPool *poolp, CMMFCertifiedKeyPair *dest,
- CMMFCertifiedKeyPair *src)
-{
- SECStatus rv;
-
- rv = cmmf_CopyCertOrEncCert(poolp, &dest->certOrEncCert,
- &src->certOrEncCert);
- if (rv != SECSuccess) {
- return rv;
- }
-
- if (src->privateKey != NULL) {
- CRMFEncryptedValue *encVal;
-
- encVal = dest->privateKey = (poolp == NULL) ?
- PORT_ZNew(CRMFEncryptedValue) :
- PORT_ArenaZNew(poolp, CRMFEncryptedValue);
- if (encVal == NULL) {
- return SECFailure;
- }
- rv = crmf_copy_encryptedvalue(poolp, src->privateKey,
- dest->privateKey);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- rv = cmmf_copy_secitem(poolp, &dest->derPublicationInfo,
- &src->derPublicationInfo);
- return rv;
-}
-
-SECStatus
-cmmf_CopyPKIStatusInfo(PRArenaPool *poolp, CMMFPKIStatusInfo *dest,
- CMMFPKIStatusInfo *src)
-{
- SECStatus rv;
-
- rv = cmmf_copy_secitem (poolp, &dest->status, &src->status);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = cmmf_copy_secitem (poolp, &dest->statusString, &src->statusString);
- if (rv != SECSuccess) {
- return rv;
- }
- rv = cmmf_copy_secitem (poolp, &dest->failInfo, &src->failInfo);
- return rv;
-}
-
-CERTCertificate*
-cmmf_CertOrEncCertGetCertificate(CMMFCertOrEncCert *certOrEncCert,
- CERTCertDBHandle *certdb)
-{
- if (certOrEncCert->choice != cmmfCertificate ||
- certOrEncCert->cert.certificate == NULL) {
- return NULL;
- }
- return CERT_NewTempCertificate(certdb,
- &certOrEncCert->cert.certificate->derCert,
- NULL, PR_FALSE, PR_TRUE);
-}
-
-SECStatus
-cmmf_PKIStatusInfoSetStatus(CMMFPKIStatusInfo *statusInfo,
- PRArenaPool *poolp,
- CMMFPKIStatus inStatus)
-{
- SECItem *dummy;
-
- if (inStatus <cmmfGranted || inStatus >= cmmfNumPKIStatus) {
- return SECFailure;
- }
-
- dummy = SEC_ASN1EncodeInteger(poolp, &statusInfo->status, inStatus);
- PORT_Assert(dummy == &statusInfo->status);
- if (dummy != &statusInfo->status) {
- SECITEM_FreeItem(dummy, PR_TRUE);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
diff --git a/security/nss/lib/crmf/servget.c b/security/nss/lib/crmf/servget.c
deleted file mode 100644
index 7b863d337..000000000
--- a/security/nss/lib/crmf/servget.c
+++ /dev/null
@@ -1,1008 +0,0 @@
-/* -*- Mode: C; tab-width: 8 -*-*/
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "cmmf.h"
-#include "cmmfi.h"
-#include "secitem.h"
-#include "keyhi.h"
-#include "secder.h"
-
-CRMFEncryptedKeyChoice
-CRMF_EncryptedKeyGetChoice(CRMFEncryptedKey *inEncrKey)
-{
- PORT_Assert(inEncrKey != NULL);
- if (inEncrKey == NULL) {
- return crmfNoEncryptedKeyChoice;
- }
- return inEncrKey->encKeyChoice;
-}
-
-CRMFEncryptedValue*
-CRMF_EncryptedKeyGetEncryptedValue(CRMFEncryptedKey *inEncrKey)
-{
- CRMFEncryptedValue *newEncrValue = NULL;
- SECStatus rv;
-
- PORT_Assert(inEncrKey != NULL);
- if (inEncrKey == NULL ||
- CRMF_EncryptedKeyGetChoice(inEncrKey) != crmfEncryptedValueChoice) {
- goto loser;
- }
- newEncrValue = PORT_ZNew(CRMFEncryptedValue);
- if (newEncrValue == NULL) {
- goto loser;
- }
- rv = crmf_copy_encryptedvalue(NULL, &inEncrKey->value.encryptedValue,
- newEncrValue);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newEncrValue;
- loser:
- if (newEncrValue != NULL) {
- CRMF_DestroyEncryptedValue(newEncrValue);
- }
- return NULL;
-}
-
-static SECItem*
-crmf_get_encvalue_bitstring(SECItem *srcItem)
-{
- SECItem *newItem = NULL;
- SECStatus rv;
-
- if (srcItem->data == NULL) {
- return NULL;
- }
- newItem = PORT_ZNew(SECItem);
- if (newItem == NULL) {
- goto loser;
- }
- rv = crmf_make_bitstring_copy(NULL, newItem, srcItem);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newItem;
- loser:
- if (newItem != NULL) {
- SECITEM_FreeItem(newItem, PR_TRUE);
- }
- return NULL;
-}
-
-SECItem*
-CRMF_EncryptedValueGetEncSymmKey(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_bitstring(&inEncValue->encSymmKey);
-}
-
-SECItem*
-CRMF_EncryptedValueGetEncValue(CRMFEncryptedValue *inEncrValue)
-{
- if (inEncrValue == NULL || inEncrValue->encValue.data == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_bitstring(&inEncrValue->encValue);
-}
-
-static SECAlgorithmID*
-crmf_get_encvalue_algid(SECAlgorithmID *srcAlg)
-{
- SECStatus rv;
- SECAlgorithmID *newAlgID;
-
- if (srcAlg == NULL) {
- return NULL;
- }
- rv = crmf_copy_encryptedvalue_secalg(NULL, srcAlg, &newAlgID);
- if (rv != SECSuccess) {
- return NULL;
- }
- return newAlgID;
-}
-
-SECAlgorithmID*
-CRMF_EncryptedValueGetIntendedAlg(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_algid(inEncValue->intendedAlg);
-}
-
-SECAlgorithmID*
-CRMF_EncryptedValueGetKeyAlg(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_algid(inEncValue->keyAlg);
-}
-
-SECAlgorithmID*
-CRMF_EncryptedValueGetSymmAlg(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL) {
- return NULL;
- }
- return crmf_get_encvalue_algid(inEncValue->symmAlg);
-}
-
-SECItem*
-CRMF_EncryptedValueGetValueHint(CRMFEncryptedValue *inEncValue)
-{
- if (inEncValue == NULL || inEncValue->valueHint.data == NULL) {
- return NULL;
- }
- return SECITEM_DupItem(&inEncValue->valueHint);
-}
-
-SECStatus
-CRMF_PKIArchiveOptionsGetArchiveRemGenPrivKey(CRMFPKIArchiveOptions *inOpt,
- PRBool *destVal)
-{
- if (inOpt == NULL || destVal == NULL ||
- CRMF_PKIArchiveOptionsGetOptionType(inOpt) != crmfArchiveRemGenPrivKey){
- return SECFailure;
- }
- *destVal = (inOpt->option.archiveRemGenPrivKey.data[0] == hexFalse)
- ? PR_FALSE:
- PR_TRUE;
- return SECSuccess;
-}
-
-CRMFEncryptedKey*
-CRMF_PKIArchiveOptionsGetEncryptedPrivKey(CRMFPKIArchiveOptions *inOpts)
-{
- CRMFEncryptedKey *newEncrKey = NULL;
- SECStatus rv;
-
- PORT_Assert(inOpts != NULL);
- if (inOpts == NULL ||
- CRMF_PKIArchiveOptionsGetOptionType(inOpts) != crmfEncryptedPrivateKey){
- return NULL;
- }
- newEncrKey = PORT_ZNew(CRMFEncryptedKey);
- if (newEncrKey == NULL) {
- goto loser;
- }
- rv = crmf_copy_encryptedkey(NULL, &inOpts->option.encryptedKey,
- newEncrKey);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newEncrKey;
- loser:
- if (newEncrKey != NULL) {
- CRMF_DestroyEncryptedKey(newEncrKey);
- }
- return NULL;
-}
-
-SECItem*
-CRMF_PKIArchiveOptionsGetKeyGenParameters(CRMFPKIArchiveOptions *inOptions)
-{
- if (inOptions == NULL ||
- CRMF_PKIArchiveOptionsGetOptionType(inOptions) != crmfKeyGenParameters ||
- inOptions->option.keyGenParameters.data == NULL) {
- return NULL;
- }
- return SECITEM_DupItem(&inOptions->option.keyGenParameters);
-}
-
-CRMFPKIArchiveOptionsType
-CRMF_PKIArchiveOptionsGetOptionType(CRMFPKIArchiveOptions *inOptions)
-{
- PORT_Assert (inOptions != NULL);
- if (inOptions == NULL) {
- return crmfNoArchiveOptions;
- }
- return inOptions->archOption;
-}
-
-static SECStatus
-crmf_extract_long_from_item(SECItem *intItem, long *destLong)
-{
- *destLong = DER_GetInteger(intItem);
- return (*destLong == -1) ? SECFailure : SECSuccess;
-}
-
-SECStatus
-CRMF_POPOPrivGetKeySubseqMess(CRMFPOPOPrivKey *inKey,
- CRMFSubseqMessOptions *destOpt)
-{
- long value;
- SECStatus rv;
-
- PORT_Assert(inKey != NULL);
- if (inKey == NULL ||
- inKey->messageChoice != crmfSubsequentMessage) {
- return SECFailure;
- }
- rv = crmf_extract_long_from_item(&inKey->message.subsequentMessage,&value);
- if (rv != SECSuccess) {
- return SECFailure;
- }
- switch (value) {
- case 0:
- *destOpt = crmfEncrCert;
- break;
- case 1:
- *destOpt = crmfChallengeResp;
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess) {
- return rv;
- }
- return SECSuccess;
-}
-
-CRMFPOPOPrivKeyChoice
-CRMF_POPOPrivKeyGetChoice(CRMFPOPOPrivKey *inPrivKey)
-{
- PORT_Assert(inPrivKey != NULL);
- if (inPrivKey != NULL) {
- return inPrivKey->messageChoice;
- }
- return crmfNoMessage;
-}
-
-SECStatus
-CRMF_POPOPrivKeyGetDHMAC(CRMFPOPOPrivKey *inKey, SECItem *destMAC)
-{
- PORT_Assert(inKey != NULL);
- if (inKey == NULL || inKey->message.dhMAC.data == NULL) {
- return SECFailure;
- }
- return crmf_make_bitstring_copy(NULL, destMAC, &inKey->message.dhMAC);
-}
-
-SECStatus
-CRMF_POPOPrivKeyGetThisMessage(CRMFPOPOPrivKey *inKey,
- SECItem *destString)
-{
- PORT_Assert(inKey != NULL);
- if (inKey == NULL ||
- inKey->messageChoice != crmfThisMessage) {
- return SECFailure;
- }
-
- return crmf_make_bitstring_copy(NULL, destString,
- &inKey->message.thisMessage);
-}
-
-SECAlgorithmID*
-CRMF_POPOSigningKeyGetAlgID(CRMFPOPOSigningKey *inSignKey)
-{
- SECAlgorithmID *newAlgId = NULL;
- SECStatus rv;
-
- PORT_Assert(inSignKey != NULL);
- if (inSignKey == NULL) {
- return NULL;
- }
- newAlgId = PORT_ZNew(SECAlgorithmID);
- if (newAlgId == NULL) {
- goto loser;
- }
- rv = SECOID_CopyAlgorithmID(NULL, newAlgId,
- inSignKey->algorithmIdentifier);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newAlgId;
-
- loser:
- if (newAlgId != NULL) {
- SECOID_DestroyAlgorithmID(newAlgId, PR_TRUE);
- }
- return NULL;
-}
-
-SECItem*
-CRMF_POPOSigningKeyGetInput(CRMFPOPOSigningKey *inSignKey)
-{
- PORT_Assert(inSignKey != NULL);
- if (inSignKey == NULL || inSignKey->derInput.data == NULL) {
- return NULL;
- }
- return SECITEM_DupItem(&inSignKey->derInput);
-}
-
-SECItem*
-CRMF_POPOSigningKeyGetSignature(CRMFPOPOSigningKey *inSignKey)
-{
- SECItem *newSig = NULL;
- SECStatus rv;
-
- PORT_Assert(inSignKey != NULL);
- if (inSignKey == NULL) {
- return NULL;
- }
- newSig = PORT_ZNew(SECItem);
- if (newSig == NULL) {
- goto loser;
- }
- rv = crmf_make_bitstring_copy(NULL, newSig, &inSignKey->signature);
- if (rv != SECSuccess) {
- goto loser;
- }
- return newSig;
- loser:
- if (newSig != NULL) {
- SECITEM_FreeItem(newSig, PR_TRUE);
- }
- return NULL;
-}
-
-static SECStatus
-crmf_copy_poposigningkey(PRArenaPool *poolp,
- CRMFPOPOSigningKey *inPopoSignKey,
- CRMFPOPOSigningKey *destPopoSignKey)
-{
- SECStatus rv;
-
- /* We don't support use of the POPOSigningKeyInput, so we'll only
- * store away the DER encoding.
- */
- if (inPopoSignKey->derInput.data != NULL) {
- rv = SECITEM_CopyItem(poolp, &destPopoSignKey->derInput,
- &inPopoSignKey->derInput);
- }
- destPopoSignKey->algorithmIdentifier = (poolp == NULL) ?
- PORT_ZNew(SECAlgorithmID) :
- PORT_ArenaZNew(poolp, SECAlgorithmID);
-
- if (destPopoSignKey->algorithmIdentifier == NULL) {
- goto loser;
- }
- rv = SECOID_CopyAlgorithmID(poolp, destPopoSignKey->algorithmIdentifier,
- inPopoSignKey->algorithmIdentifier);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = crmf_make_bitstring_copy(poolp, &destPopoSignKey->signature,
- &inPopoSignKey->signature);
- if (rv != SECSuccess) {
- goto loser;
- }
- return SECSuccess;
- loser:
- if (destPopoSignKey && poolp == NULL) {
- CRMF_DestroyPOPOSigningKey(destPopoSignKey);
- }
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_popoprivkey(PRArenaPool *poolp,
- CRMFPOPOPrivKey *srcPrivKey,
- CRMFPOPOPrivKey *destPrivKey)
-{
- SECStatus rv;
-
- destPrivKey->messageChoice = srcPrivKey->messageChoice;
- switch (destPrivKey->messageChoice) {
- case crmfThisMessage:
- case crmfDHMAC:
- /* I've got a union, so taking the address of one, will also give
- * me a pointer to the other (eg, message.dhMAC)
- */
- rv = crmf_make_bitstring_copy(poolp, &destPrivKey->message.thisMessage,
- &srcPrivKey->message.thisMessage);
- break;
- case crmfSubsequentMessage:
- rv = SECITEM_CopyItem(poolp, &destPrivKey->message.subsequentMessage,
- &srcPrivKey->message.subsequentMessage);
- break;
- default:
- rv = SECFailure;
- }
-
- if (rv != SECSuccess) {
- if (destPrivKey && poolp == NULL) {
- CRMF_DestroyPOPOPrivKey(destPrivKey);
- }
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static CRMFProofOfPossession*
-crmf_copy_pop(PRArenaPool *poolp, CRMFProofOfPossession *srcPOP)
-{
- CRMFProofOfPossession *newPOP;
- SECStatus rv;
-
- /*
- * Proof Of Possession structures are always part of the Request
- * message, so there will always be an arena for allocating memory.
- */
- if (poolp == NULL) {
- return NULL;
- }
- newPOP = PORT_ArenaZNew(poolp, CRMFProofOfPossession);
- if (newPOP == NULL) {
- return NULL;
- }
- switch (srcPOP->popUsed) {
- case crmfRAVerified:
- newPOP->popChoice.raVerified.data = NULL;
- newPOP->popChoice.raVerified.len = 0;
- break;
- case crmfSignature:
- rv = crmf_copy_poposigningkey(poolp, &srcPOP->popChoice.signature,
- &newPOP->popChoice.signature);
- if (rv != SECSuccess) {
- goto loser;
- }
- break;
- case crmfKeyEncipherment:
- case crmfKeyAgreement:
- /* We've got a union, so a pointer to one, is a pointer to the
- * other one.
- */
- rv = crmf_copy_popoprivkey(poolp, &srcPOP->popChoice.keyEncipherment,
- &newPOP->popChoice.keyEncipherment);
- if (rv != SECSuccess) {
- goto loser;
- }
- break;
- default:
- goto loser;
- }
- newPOP->popUsed = srcPOP->popUsed;
- return newPOP;
-
- loser:
- return NULL;
-}
-
-static CRMFCertReqMsg*
-crmf_copy_cert_req_msg(CRMFCertReqMsg *srcReqMsg)
-{
- CRMFCertReqMsg *newReqMsg;
- PRArenaPool *poolp;
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- return NULL;
- }
- newReqMsg = PORT_ArenaZNew(poolp, CRMFCertReqMsg);
- newReqMsg->poolp = poolp;
- if (newReqMsg == NULL) {
- goto loser;
- }
- newReqMsg->certReq = crmf_copy_cert_request(poolp, srcReqMsg->certReq);
- if (newReqMsg->certReq == NULL) {
- goto loser;
- }
- newReqMsg->pop = crmf_copy_pop(poolp, srcReqMsg->pop);
- if (newReqMsg->pop == NULL) {
- goto loser;
- }
- /* None of my set/get routines operate on the regInfo field, so
- * for now, that won't get copied over.
- */
- return newReqMsg;
-
- loser:
- if (newReqMsg != NULL) {
- CRMF_DestroyCertReqMsg(newReqMsg);
- }
- return NULL;
-}
-
-CRMFCertReqMsg*
-CRMF_CertReqMessagesGetCertReqMsgAtIndex(CRMFCertReqMessages *inReqMsgs,
- int index)
-{
- int numMsgs;
-
- PORT_Assert(inReqMsgs != NULL && index >= 0);
- if (inReqMsgs == NULL) {
- return NULL;
- }
- numMsgs = CRMF_CertReqMessagesGetNumMessages(inReqMsgs);
- if (index < 0 || index >= numMsgs) {
- return NULL;
- }
- return crmf_copy_cert_req_msg(inReqMsgs->messages[index]);
-}
-
-int
-CRMF_CertReqMessagesGetNumMessages(CRMFCertReqMessages *inCertReqMsgs)
-{
- int numMessages = 0;
-
- PORT_Assert(inCertReqMsgs != NULL);
- if (inCertReqMsgs == NULL) {
- return 0;
- }
- while (inCertReqMsgs->messages[numMessages] != NULL) {
- numMessages++;
- }
- return numMessages;
-}
-
-CRMFCertRequest*
-CRMF_CertReqMsgGetCertRequest(CRMFCertReqMsg *inCertReqMsg)
-{
- PRArenaPool *poolp = NULL;
- CRMFCertRequest *newCertReq = NULL;
-
- PORT_Assert(inCertReqMsg != NULL);
-
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- if (poolp == NULL) {
- goto loser;
- }
- newCertReq = crmf_copy_cert_request(poolp, inCertReqMsg->certReq);
- if (newCertReq == NULL) {
- goto loser;
- }
- newCertReq->poolp = poolp;
- return newCertReq;
- loser:
- if (poolp != NULL) {
- PORT_FreeArena(poolp, PR_FALSE);
- }
- return NULL;
-}
-
-SECStatus
-CRMF_CertReqMsgGetID(CRMFCertReqMsg *inCertReqMsg, long *destID)
-{
- PORT_Assert(inCertReqMsg != NULL && destID != NULL);
- if (inCertReqMsg == NULL || inCertReqMsg->certReq == NULL) {
- return SECFailure;
- }
- return crmf_extract_long_from_item(&inCertReqMsg->certReq->certReqId,
- destID);
-}
-
-SECStatus
-CRMF_CertReqMsgGetPOPKeyAgreement(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey **destKey)
-{
- PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
- if (inCertReqMsg == NULL || destKey == NULL ||
- CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyAgreement) {
- return SECFailure;
- }
- *destKey = PORT_ZNew(CRMFPOPOPrivKey);
- if (*destKey == NULL) {
- return SECFailure;
- }
- return crmf_copy_popoprivkey(NULL,
- &inCertReqMsg->pop->popChoice.keyAgreement,
- *destKey);
-}
-
-SECStatus
-CRMF_CertReqMsgGetPOPKeyEncipherment(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOPrivKey **destKey)
-{
- PORT_Assert(inCertReqMsg != NULL && destKey != NULL);
- if (inCertReqMsg == NULL || destKey == NULL ||
- CRMF_CertReqMsgGetPOPType(inCertReqMsg) != crmfKeyEncipherment) {
- return SECFailure;
- }
- *destKey = PORT_ZNew(CRMFPOPOPrivKey);
- if (destKey == NULL) {
- return SECFailure;
- }
- return crmf_copy_popoprivkey(NULL,
- &inCertReqMsg->pop->popChoice.keyEncipherment,
- *destKey);
-}
-
-SECStatus
-CRMF_CertReqMsgGetPOPOSigningKey(CRMFCertReqMsg *inCertReqMsg,
- CRMFPOPOSigningKey **destKey)
-{
- CRMFProofOfPossession *pop;
- PORT_Assert(inCertReqMsg != NULL);
- if (inCertReqMsg == NULL) {
- return SECFailure;
- }
- pop = inCertReqMsg->pop;;
- if (pop->popUsed != crmfSignature) {
- return SECFailure;
- }
- *destKey = PORT_ZNew(CRMFPOPOSigningKey);
- if (*destKey == NULL) {
- return SECFailure;
- }
- return crmf_copy_poposigningkey(NULL,&pop->popChoice.signature, *destKey);
-}
-
-static SECStatus
-crmf_copy_name(CERTName *destName, CERTName *srcName)
-{
- PRArenaPool *poolp = NULL;
- SECStatus rv;
-
- if (destName->arena != NULL) {
- poolp = destName->arena;
- } else {
- poolp = PORT_NewArena(CRMF_DEFAULT_ARENA_SIZE);
- }
- if (poolp == NULL) {
- return SECFailure;
- }
- /* Need to do this so that CERT_CopyName doesn't free out
- * the arena from underneath us.
- */
- destName->arena = NULL;
- rv = CERT_CopyName(poolp, destName, srcName);
- destName->arena = poolp;
- return rv;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateIssuer(CRMFCertRequest *inCertReq,
- CERTName *destIssuer)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuer)) {
- return crmf_copy_name(destIssuer,
- inCertReq->certTemplate.issuer);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateIssuerUID(CRMFCertRequest *inCertReq,
- SECItem *destIssuerUID)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfIssuerUID)) {
- return crmf_make_bitstring_copy(NULL, destIssuerUID,
- &inCertReq->certTemplate.issuerUID);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplatePublicKey(CRMFCertRequest *inCertReq,
- CERTSubjectPublicKeyInfo *destPublicKey)
-{
- PORT_Assert (inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfPublicKey)) {
- return SECKEY_CopySubjectPublicKeyInfo(NULL, destPublicKey,
- inCertReq->certTemplate.publicKey);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSerialNumber(CRMFCertRequest *inCertReq,
- long *serialNumber)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfSerialNumber)) {
- return
- crmf_extract_long_from_item(&inCertReq->certTemplate.serialNumber,
- serialNumber);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSigningAlg(CRMFCertRequest *inCertReq,
- SECAlgorithmID *destAlg)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfSigningAlg)) {
- return SECOID_CopyAlgorithmID(NULL, destAlg,
- inCertReq->certTemplate.signingAlg);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSubject(CRMFCertRequest *inCertReq,
- CERTName *destSubject)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfSubject)) {
- return crmf_copy_name(destSubject, inCertReq->certTemplate.subject);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateSubjectUID(CRMFCertRequest *inCertReq,
- SECItem *destSubjectUID)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfSubjectUID)) {
- return crmf_make_bitstring_copy(NULL, destSubjectUID,
- &inCertReq->certTemplate.subjectUID);
- }
- return SECFailure;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateVersion(CRMFCertRequest *inCertReq,
- long *version)
-{
- PORT_Assert (inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfVersion)) {
- return crmf_extract_long_from_item(&inCertReq->certTemplate.version,
- version);
- }
- return SECFailure;
-}
-
-static SECStatus
-crmf_copy_validity(CRMFGetValidity *destValidity,
- CRMFOptionalValidity *src)
-{
- SECStatus rv;
-
- destValidity->notBefore = destValidity->notAfter = NULL;
- if (src->notBefore.data != NULL) {
- rv = crmf_create_prtime(&src->notBefore,
- &destValidity->notBefore);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- if (src->notAfter.data != NULL) {
- rv = crmf_create_prtime(&src->notAfter,
- &destValidity->notAfter);
- if (rv != SECSuccess) {
- return rv;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-CRMF_CertRequestGetCertTemplateValidity(CRMFCertRequest *inCertReq,
- CRMFGetValidity *destValidity)
-{
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return SECFailure;
- }
- if (CRMF_DoesRequestHaveField(inCertReq, crmfValidity)) {
- return crmf_copy_validity(destValidity,
- inCertReq->certTemplate.validity);
- }
- return SECFailure;
-}
-
-CRMFControl*
-CRMF_CertRequestGetControlAtIndex(CRMFCertRequest *inCertReq, int index)
-{
- CRMFControl *newControl, *srcControl;
- int numControls;
- SECStatus rv;
-
- PORT_Assert(inCertReq != NULL);
- if (inCertReq == NULL) {
- return NULL;
- }
- numControls = CRMF_CertRequestGetNumControls(inCertReq);
- if (index >= numControls || index < 0) {
- return NULL;
- }
- newControl = PORT_ZNew(CRMFControl);
- if (newControl == NULL) {
- return NULL;
- }
- srcControl = inCertReq->controls[index];
- newControl->tag = srcControl->tag;
- rv = SECITEM_CopyItem (NULL, &newControl->derTag, &srcControl->derTag);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- rv = SECITEM_CopyItem(NULL, &newControl->derValue,
- &srcControl->derValue);
- if (rv != SECSuccess) {
- goto loser;
- }
- /* Copy over the PKIArchiveOptions stuff */
- switch (srcControl->tag) {
- case SEC_OID_PKIX_REGCTRL_REGTOKEN:
- case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
- /* No further processing necessary for these types. */
- rv = SECSuccess;
- break;
- case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
- case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
- case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
- /* These aren't supported yet, so no post-processing will
- * be done at this time. But we don't want to fail in case
- * we read in DER that has one of these options.
- */
- rv = SECSuccess;
- break;
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- rv = crmf_copy_pkiarchiveoptions(NULL,
- &newControl->value.archiveOptions,
- &srcControl->value.archiveOptions);
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess) {
- goto loser;
- }
- return newControl;
- loser:
- if (newControl != NULL) {
- CRMF_DestroyControl(newControl);
- }
- return NULL;
-}
-
-static SECItem*
-crmf_copy_control_value(CRMFControl *inControl)
-{
- return SECITEM_DupItem(&inControl->derValue);
-}
-
-SECItem*
-CRMF_ControlGetAuthenticatorControlValue(CRMFControl *inControl)
-{
- PORT_Assert (inControl!= NULL);
- if (inControl == NULL ||
- CRMF_ControlGetControlType(inControl) != crmfAuthenticatorControl) {
- return NULL;
- }
- return crmf_copy_control_value(inControl);
-}
-
-CRMFControlType
-CRMF_ControlGetControlType(CRMFControl *inControl)
-{
- CRMFControlType retType;
-
- PORT_Assert(inControl != NULL);
- switch (inControl->tag) {
- case SEC_OID_PKIX_REGCTRL_REGTOKEN:
- retType = crmfRegTokenControl;
- break;
- case SEC_OID_PKIX_REGCTRL_AUTHENTICATOR:
- retType = crmfAuthenticatorControl;
- break;
- case SEC_OID_PKIX_REGCTRL_PKIPUBINFO:
- retType = crmfPKIPublicationInfoControl;
- break;
- case SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS:
- retType = crmfPKIArchiveOptionsControl;
- break;
- case SEC_OID_PKIX_REGCTRL_OLD_CERT_ID:
- retType = crmfOldCertIDControl;
- break;
- case SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY:
- retType = crmfProtocolEncrKeyControl;
- break;
- default:
- retType = crmfNoControl;
- }
- return retType;
-}
-
-CRMFPKIArchiveOptions*
-CRMF_ControlGetPKIArchiveOptions(CRMFControl *inControl)
-{
- CRMFPKIArchiveOptions *newOpt = NULL;
- SECStatus rv;
-
- PORT_Assert(inControl != NULL);
- if (inControl == NULL ||
- CRMF_ControlGetControlType(inControl) != crmfPKIArchiveOptionsControl){
- goto loser;
- }
- newOpt = PORT_ZNew(CRMFPKIArchiveOptions);
- if (newOpt == NULL) {
- goto loser;
- }
- rv = crmf_copy_pkiarchiveoptions(NULL, newOpt,
- &inControl->value.archiveOptions);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- loser:
- if (newOpt != NULL) {
- CRMF_DestroyPKIArchiveOptions(newOpt);
- }
- return NULL;
-}
-
-SECItem*
-CRMF_ControlGetRegTokenControlValue(CRMFControl *inControl)
-{
- PORT_Assert(inControl != NULL);
- if (inControl == NULL ||
- CRMF_ControlGetControlType(inControl) != crmfRegTokenControl) {
- return NULL;
- }
- return crmf_copy_control_value(inControl);;
-}
-
-CRMFCertExtension*
-CRMF_CertRequestGetExtensionAtIndex(CRMFCertRequest *inCertReq,
- int index)
-{
- int numExtensions;
-
- PORT_Assert(inCertReq != NULL);
- numExtensions = CRMF_CertRequestGetNumberOfExtensions(inCertReq);
- if (index >= numExtensions || index < 0) {
- return NULL;
- }
- return
- crmf_copy_cert_extension(NULL,
- inCertReq->certTemplate.extensions[index]);
-}
-
diff --git a/security/nss/lib/cryptohi/Makefile b/security/nss/lib/cryptohi/Makefile
deleted file mode 100644
index ced902117..000000000
--- a/security/nss/lib/cryptohi/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
--include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-export:: private_export
-
diff --git a/security/nss/lib/cryptohi/config.mk b/security/nss/lib/cryptohi/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/cryptohi/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/cryptohi/cryptohi.h b/security/nss/lib/cryptohi/cryptohi.h
deleted file mode 100644
index 28359cb65..000000000
--- a/security/nss/lib/cryptohi/cryptohi.h
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * crypto.h - public data structures and prototypes for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _CRYPTOHI_H_
-#define _CRYPTOHI_H_
-
-#include "blapi.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "cryptoht.h"
-#include "keyt.h"
-#include "certt.h"
-
-
-SEC_BEGIN_PROTOS
-
-
-/****************************************/
-/*
-** DER encode/decode DSA signatures
-*/
-
-/* ANSI X9.57 defines DSA signatures as DER encoded data. Our DSA code (and
- * most of the rest of the world) just generates 40 bytes of raw data. These
- * functions convert between formats.
- */
-extern SECStatus DSAU_EncodeDerSig(SECItem *dest, SECItem *src);
-extern SECItem *DSAU_DecodeDerSig(SECItem *item);
-
-
-
-/****************************************/
-/*
-** Signature creation operations
-*/
-
-/*
-** Create a new signature context used for signing a data stream.
-** "alg" the signature algorithm to use (e.g. SEC_OID_RSA_WITH_MD5)
-** "privKey" the private key to use
-*/
-extern SGNContext *SGN_NewContext(SECOidTag alg, SECKEYPrivateKey *privKey);
-
-/*
-** Destroy a signature-context object
-** "key" the object
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SGN_DestroyContext(SGNContext *cx, PRBool freeit);
-
-/*
-** Reset the signing context "cx" to its initial state, preparing it for
-** another stream of data.
-*/
-extern SECStatus SGN_Begin(SGNContext *cx);
-
-/*
-** Update the signing context with more data to sign.
-** "cx" the context
-** "input" the input data to sign
-** "inputLen" the length of the input data
-*/
-extern SECStatus SGN_Update(SGNContext *cx, unsigned char *input,
- unsigned int inputLen);
-
-/*
-** Finish the signature process. Use either k0 or k1 to sign the data
-** stream that was input using SGN_Update. The resulting signature is
-** formatted using PKCS#1 and then encrypted using RSA private or public
-** encryption.
-** "cx" the context
-** "result" the final signature data (memory is allocated)
-*/
-extern SECStatus SGN_End(SGNContext *cx, SECItem *result);
-
-/*
-** Sign a single block of data using private key encryption and given
-** signature/hash algorithm.
-** "result" the final signature data (memory is allocated)
-** "buf" the input data to sign
-** "len" the amount of data to sign
-** "pk" the private key to encrypt with
-** "algid" the signature/hash algorithm to sign with
-** (must be compatible with the key type).
-*/
-extern SECStatus SEC_SignData(SECItem *result, unsigned char *buf, int len,
- SECKEYPrivateKey *pk, SECOidTag algid);
-
-/*
-** Sign a pre-digested block of data using private key encryption, encoding
-** The given signature/hash algorithm.
-** "result" the final signature data (memory is allocated)
-** "digest" the digest to sign
-** "pk" the private key to encrypt with
-** "algtag" The algorithm tag to encode (need for RSA only)
-*/
-extern SECStatus SGN_Digest(SECKEYPrivateKey *privKey,
- SECOidTag algtag, SECItem *result, SECItem *digest);
-
-/*
-** DER sign a single block of data using private key encryption and the
-** MD5 hashing algorithm. This routine first computes a digital signature
-** using SEC_SignData, then wraps it with an CERTSignedData and then der
-** encodes the result.
-** "arena" is the memory arena to use to allocate data from
-** "result" the final der encoded data (memory is allocated)
-** "buf" the input data to sign
-** "len" the amount of data to sign
-** "pk" the private key to encrypt with
-*/
-extern SECStatus SEC_DerSignData(PRArenaPool *arena, SECItem *result,
- unsigned char *buf, int len,
- SECKEYPrivateKey *pk, SECOidTag algid);
-
-/*
-** Destroy a signed-data object.
-** "sd" the object
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SEC_DestroySignedData(CERTSignedData *sd, PRBool freeit);
-
-/****************************************/
-/*
-** Signature verification operations
-*/
-
-/*
-** Create a signature verification context.
-** "key" the public key to verify with
-** "sig" the encrypted signature data if sig is NULL then
-** VFY_EndWithSignature must be called with the correct signature at
-** the end of the processing.
-** "algid" specifies the signing algorithm to use. This must match
-** the key type.
-** "wincx" void pointer to the window context
-*/
-extern VFYContext *VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig,
- SECOidTag algid, void *wincx);
-
-/*
-** Destroy a verification-context object.
-** "cx" the context to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void VFY_DestroyContext(VFYContext *cx, PRBool freeit);
-
-extern SECStatus VFY_Begin(VFYContext *cx);
-
-/*
-** Update a verification context with more input data. The input data
-** is fed to a secure hash function (depending on what was in the
-** encrypted signature data).
-** "cx" the context
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-extern SECStatus VFY_Update(VFYContext *cx, unsigned char *input,
- unsigned int inputLen);
-
-/*
-** Finish the verification process. The return value is a status which
-** indicates success or failure. On success, the SECSuccess value is
-** returned. Otherwise, SECFailure is returned and the error code found
-** using PORT_GetError() indicates what failure occurred.
-** "cx" the context
-*/
-extern SECStatus VFY_End(VFYContext *cx);
-
-/*
-** Finish the verification process. The return value is a status which
-** indicates success or failure. On success, the SECSuccess value is
-** returned. Otherwise, SECFailure is returned and the error code found
-** using PORT_GetError() indicates what failure occurred. If signature is
-** supplied the verification uses this signature to verify, otherwise the
-** signature passed in VFY_CreateContext() is used.
-** VFY_EndWithSignature(cx,NULL); is identical to VFY_End(cx);.
-** "cx" the context
-** "sig" the encrypted signature data
-*/
-extern SECStatus VFY_EndWithSignature(VFYContext *cx, SECItem *sig);
-
-
-/*
-** Verify the signature on a block of data for which we already have
-** the digest. The signature data is an RSA private key encrypted
-** block of data formatted according to PKCS#1.
-** "dig" the digest
-** "key" the public key to check the signature with
-** "sig" the encrypted signature data
-** "algid" specifies the signing algorithm to use. This must match
-** the key type.
-**/
-extern SECStatus VFY_VerifyDigest(SECItem *dig, SECKEYPublicKey *key,
- SECItem *sig, SECOidTag algid, void *wincx);
-
-/*
-** Verify the signature on a block of data. The signature data is an RSA
-** private key encrypted block of data formatted according to PKCS#1.
-** "buf" the input data
-** "len" the length of the input data
-** "key" the public key to check the signature with
-** "sig" the encrypted signature data
-** "algid" specifies the signing algorithm to use. This must match
-** the key type.
-*/
-extern SECStatus VFY_VerifyData(unsigned char *buf, int len,
- SECKEYPublicKey *key, SECItem *sig,
- SECOidTag algid, void *wincx);
-
-
-SEC_END_PROTOS
-
-#endif /* _CRYPTOHI_H_ */
diff --git a/security/nss/lib/cryptohi/cryptoht.h b/security/nss/lib/cryptohi/cryptoht.h
deleted file mode 100644
index 3116db279..000000000
--- a/security/nss/lib/cryptohi/cryptoht.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * cryptoht.h - public data structures for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _CRYPTOHT_H_
-#define _CRYPTOHT_H_
-
-typedef struct SGNContextStr SGNContext;
-typedef struct VFYContextStr VFYContext;
-
-
-#endif /* _CRYPTOHT_H_ */
diff --git a/security/nss/lib/cryptohi/dsautil.c b/security/nss/lib/cryptohi/dsautil.c
deleted file mode 100644
index a364ac302..000000000
--- a/security/nss/lib/cryptohi/dsautil.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "secasn1.h"
-#include "secitem.h"
-#include "prerr.h"
-
-#ifndef DSA_SUBPRIME_LEN
-#define DSA_SUBPRIME_LEN 20 /* bytes */
-#endif
-
-typedef struct {
- SECItem r;
- SECItem s;
-} DSA_ASN1Signature;
-
-const SEC_ASN1Template DSA_SignatureTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(DSA_ASN1Signature) },
- { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature,r) },
- { SEC_ASN1_INTEGER, offsetof(DSA_ASN1Signature,s) },
- { 0, }
-};
-
-/* Input is variable length multi-byte integer, MSB first (big endian).
-** Most signficant bit of first byte is NOT treated as a sign bit.
-** May be one or more leading bytes of zeros.
-** Output is variable length multi-byte integer, MSB first (big endian).
-** Most significant bit of first byte will be zero (positive sign bit)
-** No more than one leading zero byte.
-** Caller supplies dest buffer, and assures that it is long enough,
-** e.g. at least one byte longer that src's buffer.
-*/
-void
-DSAU_ConvertUnsignedToSigned(SECItem *dest, SECItem *src)
-{
- unsigned char *pSrc = src->data;
- unsigned char *pDst = dest->data;
- unsigned int cntSrc = src->len;
- unsigned char c;
-
- /* skip any leading zeros. */
- while (cntSrc && !(c = *pSrc)) {
- pSrc++;
- cntSrc--;
- }
- if (!cntSrc) {
- *pDst = 0;
- dest->len = 1;
- return;
- }
-
- if (c & 0x80)
- *pDst++ = 0;
-
- PORT_Memcpy(pDst, pSrc, cntSrc);
- dest->len = (pDst - dest->data) + cntSrc;
-}
-
-/*
-** src is a buffer holding a signed variable length integer.
-** dest is a buffer which will be filled with an unsigned integer,
-** MSB first (big endian) with leading zeros, so that the last byte
-** of src will be the LSB of the integer. The result will be exactly
-** the length specified by the caller in dest->len.
-** src can be shorter than dest. src can be longer than dst, but only
-** if the extra leading bytes are zeros.
-*/
-SECStatus
-DSAU_ConvertSignedToFixedUnsigned(SECItem *dest, SECItem *src)
-{
- unsigned char *pSrc = src->data;
- unsigned char *pDst = dest->data;
- unsigned int cntSrc = src->len;
- unsigned int cntDst = dest->len;
- int zCount = cntDst - cntSrc;
-
- if (zCount > 0) {
- PORT_Memset(pDst, 0, zCount);
- PORT_Memcpy(pDst + zCount, pSrc, cntSrc);
- return SECSuccess;
- }
- if (zCount <= 0) {
- /* Source is longer than destination. Check for leading zeros. */
- while (zCount++ < 0) {
- if (*pSrc++ != 0)
- goto loser;
- }
- }
- PORT_Memcpy(pDst, pSrc, cntDst);
- return SECSuccess;
-
-loser:
- PORT_SetError( PR_INVALID_ARGUMENT_ERROR );
- return SECFailure;
-}
-
-/* src is a "raw" DSA signature, 20 bytes of r followed by 20 bytes of s.
-** dest is the signature DER encoded. ?
-*/
-SECStatus
-DSAU_EncodeDerSig(SECItem *dest, SECItem *src)
-{
- SECItem * item;
- SECItem srcItem;
- DSA_ASN1Signature sig;
- unsigned char signedR[DSA_SUBPRIME_LEN + 1];
- unsigned char signedS[DSA_SUBPRIME_LEN + 1];
-
- PORT_Memset(&sig, 0, sizeof(sig));
-
- PORT_Assert(src->len == 2 * DSA_SUBPRIME_LEN);
- if (src->len != 2 * DSA_SUBPRIME_LEN) {
- PORT_SetError( PR_INVALID_ARGUMENT_ERROR );
- return SECFailure;
- }
-
- /* Must convert r and s from "unsigned" integers to "signed" integers.
- ** If the high order bit of the first byte (MSB) is 1, then must
- ** prepend with leading zero.
- ** Must remove all but one leading zero byte from numbers.
- */
- sig.r.data = signedR;
- sig.r.len = sizeof signedR;
- sig.s.data = signedS;
- sig.s.len = sizeof signedR;
-
- srcItem.data = src->data;
- srcItem.len = DSA_SUBPRIME_LEN;
-
- DSAU_ConvertUnsignedToSigned(&sig.r, &srcItem);
- srcItem.data += DSA_SUBPRIME_LEN;
- DSAU_ConvertUnsignedToSigned(&sig.s, &srcItem);
-
- item = SEC_ASN1EncodeItem(NULL, dest, &sig, DSA_SignatureTemplate);
- if (item == NULL)
- return SECFailure;
-
- /* XXX leak item? */
- return SECSuccess;
-}
-
-/* src is a DER-encoded DSA signature.
-** Returns a newly-allocated SECItem structure, pointing at a newly allocated
-** buffer containing the "raw" DSA signature, which is 20 bytes of r,
-** followed by 20 bytes of s.
-*/
-SECItem *
-DSAU_DecodeDerSig(SECItem *item)
-{
- SECItem * result = NULL;
- SECStatus status;
- DSA_ASN1Signature sig;
- SECItem dst;
-
- PORT_Memset(&sig, 0, sizeof(sig));
-
- result = PORT_ZNew(SECItem);
- if (result == NULL)
- goto loser;
-
- result->len = 2 * DSA_SUBPRIME_LEN;
- result->data = (unsigned char*)PORT_Alloc(2 * DSA_SUBPRIME_LEN);
- if (result->data == NULL)
- goto loser;
-
- status = SEC_ASN1DecodeItem(NULL, &sig, DSA_SignatureTemplate, item);
- if (status != SECSuccess)
- goto loser;
-
- /* Convert sig.r and sig.s from variable length signed integers to
- ** fixed length unsigned integers.
- */
- dst.data = result->data;
- dst.len = DSA_SUBPRIME_LEN;
- status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.r);
- if (status != SECSuccess)
- goto loser;
-
- dst.data += DSA_SUBPRIME_LEN;
- status = DSAU_ConvertSignedToFixedUnsigned(&dst, &sig.s);
- if (status != SECSuccess)
- goto loser;
-
-done:
- if (sig.r.data != NULL)
- PORT_Free(sig.r.data);
- if (sig.s.data != NULL)
- PORT_Free(sig.s.data);
-
- return result;
-
-loser:
- if (result != NULL) {
- SECITEM_FreeItem(result, PR_TRUE);
- result = NULL;
- }
- goto done;
-}
diff --git a/security/nss/lib/cryptohi/hasht.h b/security/nss/lib/cryptohi/hasht.h
deleted file mode 100644
index 143e37486..000000000
--- a/security/nss/lib/cryptohi/hasht.h
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * hasht.h - public data structures for the hashing library
- *
- * $Id$
- */
-
-#ifndef _HASHT_H_
-#define _HASHT_H_
-
-/* Opaque objects */
-typedef struct SECHashObjectStr SECHashObject;
-typedef struct HASHContextStr HASHContext;
-
-/*
- * The hash functions the security library supports
- * NOTE the order must match the definition of SECHashObjects[]!
- */
-typedef enum {
- HASH_AlgNULL = 0,
- HASH_AlgMD2 = 1,
- HASH_AlgMD5 = 2,
- HASH_AlgSHA1 = 3,
- HASH_AlgTOTAL
-} HASH_HashType;
-
-/*
- * Number of bytes each hash algorithm produces
- */
-#define MD2_LENGTH 16
-#define MD5_LENGTH 16
-#define SHA1_LENGTH 20
-
-/*
- * Structure to hold hash computation info and routines
- */
-struct SECHashObjectStr {
- unsigned int length;
- void * (*create)(void);
- void * (*clone)(void *);
- void (*destroy)(void *, PRBool);
- void (*begin)(void *);
- void (*update)(void *, const unsigned char *, unsigned int);
- void (*end)(void *, unsigned char *, unsigned int *, unsigned int);
-};
-
-struct HASHContextStr {
- const struct SECHashObjectStr *hashobj;
- void *hash_context;
-};
-
-/* This symbol is NOT exported from the NSS DLL. Code that needs a
- * pointer to one of the SECHashObjects should call HASH_GetHashObject()
- * instead. See "sechash.h".
- */
-extern const SECHashObject SECHashObjects[];
-
-/* Only those functions below the PKCS #11 line should use SECRawHashObjects.
- * This symbol is not exported from the NSS DLL.
- */
-extern const SECHashObject SECRawHashObjects[];
-
-#endif /* _HASHT_H_ */
diff --git a/security/nss/lib/cryptohi/key.h b/security/nss/lib/cryptohi/key.h
deleted file mode 100644
index 678beafd8..000000000
--- a/security/nss/lib/cryptohi/key.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * key.h - public data structures and prototypes for the private key library
- *
- * $Id$
- */
-
-#ifndef _KEY_H_
-#define _KEY_H_
-
-#include "keyhi.h"
-
-#endif /* _KEY_H_ */
diff --git a/security/nss/lib/cryptohi/keyhi.h b/security/nss/lib/cryptohi/keyhi.h
deleted file mode 100644
index 051591580..000000000
--- a/security/nss/lib/cryptohi/keyhi.h
+++ /dev/null
@@ -1,256 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * key.h - public data structures and prototypes for the private key library
- *
- * $Id$
- */
-
-#ifndef _KEYHI_H_
-#define _KEYHI_H_
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "keythi.h"
-#include "certt.h"
-/*#include "secpkcs5.h" */
-
-SEC_BEGIN_PROTOS
-
-
-/*
-** Destroy a subject-public-key-info object.
-*/
-extern void SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki);
-
-/*
-** Copy subject-public-key-info "src" to "dst". "dst" is filled in
-** appropriately (memory is allocated for each of the sub objects).
-*/
-extern SECStatus SECKEY_CopySubjectPublicKeyInfo(PRArenaPool *arena,
- CERTSubjectPublicKeyInfo *dst,
- CERTSubjectPublicKeyInfo *src);
-
-/*
-** Update the PQG parameters for a cert's public key.
-** Only done for DSA and Fortezza certs
-*/
-extern SECStatus
-SECKEY_UpdateCertPQG(CERTCertificate * subjectCert);
-
-
-/* Compare the KEA parameters of two public keys.
- * Only used by fortezza. */
-
-extern SECStatus
-SECKEY_KEAParamCompare(CERTCertificate *cert1,CERTCertificate *cert2);
-
-/*
-** Return the strength of the public key
-*/
-extern unsigned SECKEY_PublicKeyStrength(SECKEYPublicKey *pubk);
-
-
-/*
-** Make a copy of the private key "privKey"
-*/
-extern SECKEYPrivateKey *SECKEY_CopyPrivateKey(SECKEYPrivateKey *privKey);
-
-/*
-** Make a copy of the public key "pubKey"
-*/
-extern SECKEYPublicKey *SECKEY_CopyPublicKey(SECKEYPublicKey *pubKey);
-
-/*
-** Convert a private key "privateKey" into a public key
-*/
-extern SECKEYPublicKey *SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privateKey);
-
-/*
- * create a new RSA key pair. The private Key is returned...
- */
-SECKEYPrivateKey *SECKEY_CreateRSAPrivateKey(int keySizeInBits,
- SECKEYPublicKey **pubk, void *cx);
-
-/*
- * create a new DH key pair. The private Key is returned...
- */
-SECKEYPrivateKey *SECKEY_CreateDHPrivateKey(SECKEYDHParams *param,
- SECKEYPublicKey **pubk, void *cx);
-/*
-** Create a subject-public-key-info based on a public key.
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_CreateSubjectPublicKeyInfo(SECKEYPublicKey *k);
-
-/*
-** Decode a DER encoded public key into an SECKEYPublicKey structure.
-*/
-extern SECKEYPublicKey *SECKEY_DecodeDERPublicKey(SECItem *pubkder);
-
-/*
-** Convert a base64 ascii encoded DER public key to our internal format.
-*/
-extern SECKEYPublicKey *SECKEY_ConvertAndDecodePublicKey(char *pubkstr);
-
-/*
-** Convert a base64 ascii encoded DER public key and challenge to spki,
-** and verify the signature and challenge data are correct
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge,
- void *cx);
-
-/*
-** Encode a CERTSubjectPublicKeyInfo structure. into a
-** DER encoded subject public key info.
-*/
-SECItem *
-SECKEY_EncodeDERSubjectPublicKeyInfo(SECKEYPublicKey *pubk);
-
-/*
-** Decode a DER encoded subject public key info into a
-** CERTSubjectPublicKeyInfo structure.
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_DecodeDERSubjectPublicKeyInfo(SECItem *spkider);
-
-/*
-** Convert a base64 ascii encoded DER subject public key info to our
-** internal format.
-*/
-extern CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(char *spkistr);
-
-/*
- * extract the public key from a subject Public Key info structure.
- * (used by JSS).
- */
-extern SECKEYPublicKey *
-SECKEY_ExtractPublicKey(CERTSubjectPublicKeyInfo *);
-
-/*
-** Destroy a private key object.
-** "key" the object
-*/
-extern void SECKEY_DestroyPrivateKey(SECKEYPrivateKey *key);
-
-
-/*
-** Destroy a public key object.
-** "key" the object
-*/
-extern void SECKEY_DestroyPublicKey(SECKEYPublicKey *key);
-
-/* Destroy and zero out a private key info structure. for now this
- * function zero's out memory allocated in an arena for the key
- * since PORT_FreeArena does not currently do this.
- *
- * NOTE -- If a private key info is allocated in an arena, one should
- * not call this function with freeit = PR_FALSE. The function should
- * destroy the arena.
- */
-extern void
-SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk, PRBool freeit);
-
-/* Destroy and zero out an encrypted private key info.
- *
- * NOTE -- If a encrypted private key info is allocated in an arena, one should
- * not call this function with freeit = PR_FALSE. The function should
- * destroy the arena.
- */
-extern void
-SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
- PRBool freeit);
-
-/* Copy private key info structure.
- * poolp is the arena into which the contents of from is to be copied.
- * NULL is a valid entry.
- * to is the destination private key info
- * from is the source private key info
- * if either from or to is NULL or an error occurs, SECFailure is
- * returned. otherwise, SECSuccess is returned.
- */
-extern SECStatus
-SECKEY_CopyPrivateKeyInfo(PRArenaPool *poolp,
- SECKEYPrivateKeyInfo *to,
- SECKEYPrivateKeyInfo *from);
-
-/* Copy encrypted private key info structure.
- * poolp is the arena into which the contents of from is to be copied.
- * NULL is a valid entry.
- * to is the destination encrypted private key info
- * from is the source encrypted private key info
- * if either from or to is NULL or an error occurs, SECFailure is
- * returned. otherwise, SECSuccess is returned.
- */
-extern SECStatus
-SECKEY_CopyEncryptedPrivateKeyInfo(PRArenaPool *poolp,
- SECKEYEncryptedPrivateKeyInfo *to,
- SECKEYEncryptedPrivateKeyInfo *from);
-/*
- * Accessor functions for key type of public and private keys.
- */
-KeyType SECKEY_GetPrivateKeyType(SECKEYPrivateKey *privKey);
-KeyType SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey);
-
-/*
- * Creates a PublicKey from its DER encoding.
- * Currently only supports RSA and DSA keys.
- */
-SECKEYPublicKey*
-SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type);
-
-SECKEYPrivateKeyList*
-SECKEY_NewPrivateKeyList(void);
-
-void
-SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys);
-
-void
-SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node);
-
-SECStatus
-SECKEY_AddPrivateKeyToListTail( SECKEYPrivateKeyList *list,
- SECKEYPrivateKey *key);
-
-#define PRIVKEY_LIST_HEAD(l) ((SECKEYPrivateKeyListNode*)PR_LIST_HEAD(&l->list))
-#define PRIVKEY_LIST_NEXT(n) ((SECKEYPrivateKeyListNode *)n->links.next)
-#define PRIVKEY_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
-
-SEC_END_PROTOS
-
-#endif /* _KEYHI_H_ */
diff --git a/security/nss/lib/cryptohi/keyt.h b/security/nss/lib/cryptohi/keyt.h
deleted file mode 100644
index 1b104b96a..000000000
--- a/security/nss/lib/cryptohi/keyt.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * keyt.h - public data structures for the private key library
- *
- * $Id$
- */
-
-#ifndef _KEYT_H_
-#define _KEYT_H_
-
-#include "keythi.h"
-
-#endif /* _KEYT_H_ */
diff --git a/security/nss/lib/cryptohi/keythi.h b/security/nss/lib/cryptohi/keythi.h
deleted file mode 100644
index 9a7f9c9ea..000000000
--- a/security/nss/lib/cryptohi/keythi.h
+++ /dev/null
@@ -1,214 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _KEYTHI_H_
-#define _KEYTHI_H_ 1
-
-#include "plarena.h"
-#include "pkcs11t.h"
-#include "secmodt.h"
-#include "prclist.h"
-
-typedef enum {
- nullKey = 0,
- rsaKey = 1,
- dsaKey = 2,
- fortezzaKey = 3,
- dhKey = 4,
- keaKey = 5
-} KeyType;
-
-/*
-** Template Definitions
-**/
-
-SEC_BEGIN_PROTOS
-extern const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_DHParamKeyTemplate[];
-extern const SEC_ASN1Template SECKEY_PQGParamsTemplate[];
-extern const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[];
-
-/* Windows DLL accessor functions */
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_DSAPublicKeyTemplate;
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_RSAPublicKeyTemplate;
-SEC_END_PROTOS
-
-
-/*
-** RSA Public Key structures
-** member names from PKCS#1, section 7.1
-*/
-
-struct SECKEYRSAPublicKeyStr {
- PRArenaPool * arena;
- SECItem modulus;
- SECItem publicExponent;
-};
-typedef struct SECKEYRSAPublicKeyStr SECKEYRSAPublicKey;
-
-
-/*
-** DSA Public Key and related structures
-*/
-
-struct SECKEYPQGParamsStr {
- PRArenaPool *arena;
- SECItem prime; /* p */
- SECItem subPrime; /* q */
- SECItem base; /* g */
- /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
-};
-typedef struct SECKEYPQGParamsStr SECKEYPQGParams;
-
-struct SECKEYDSAPublicKeyStr {
- SECKEYPQGParams params;
- SECItem publicValue;
-};
-typedef struct SECKEYDSAPublicKeyStr SECKEYDSAPublicKey;
-
-
-/*
-** Diffie-Hellman Public Key structure
-** Structure member names suggested by PKCS#3.
-*/
-struct SECKEYDHParamsStr {
- PRArenaPool * arena;
- SECItem prime; /* p */
- SECItem base; /* g */
-};
-typedef struct SECKEYDHParamsStr SECKEYDHParams;
-
-struct SECKEYDHPublicKeyStr {
- PRArenaPool * arena;
- SECItem prime;
- SECItem base;
- SECItem publicValue;
-};
-typedef struct SECKEYDHPublicKeyStr SECKEYDHPublicKey;
-
-
-/*
-** FORTEZZA Public Key structures
-*/
-struct SECKEYFortezzaPublicKeyStr {
- int KEAversion;
- int DSSversion;
- unsigned char KMID[8];
- SECItem clearance;
- SECItem KEApriviledge;
- SECItem DSSpriviledge;
- SECItem KEAKey;
- SECItem DSSKey;
- SECKEYPQGParams params;
- SECKEYPQGParams keaParams;
-};
-typedef struct SECKEYFortezzaPublicKeyStr SECKEYFortezzaPublicKey;
-
-struct SECKEYDiffPQGParamsStr {
- SECKEYPQGParams DiffKEAParams;
- SECKEYPQGParams DiffDSAParams;
-};
-typedef struct SECKEYDiffPQGParamsStr SECKEYDiffPQGParams;
-
-struct SECKEYPQGDualParamsStr {
- SECKEYPQGParams CommParams;
- SECKEYDiffPQGParams DiffParams;
-};
-typedef struct SECKEYPQGDualParamsStr SECKEYPQGDualParams;
-
-struct SECKEYKEAParamsStr {
- PLArenaPool *arena;
- SECItem hash;
-};
-typedef struct SECKEYKEAParamsStr SECKEYKEAParams;
-
-struct SECKEYKEAPublicKeyStr {
- SECKEYKEAParams params;
- SECItem publicValue;
-};
-typedef struct SECKEYKEAPublicKeyStr SECKEYKEAPublicKey;
-
-/*
-** A Generic public key object.
-*/
-struct SECKEYPublicKeyStr {
- PLArenaPool *arena;
- KeyType keyType;
- PK11SlotInfo *pkcs11Slot;
- CK_OBJECT_HANDLE pkcs11ID;
- union {
- SECKEYRSAPublicKey rsa;
- SECKEYDSAPublicKey dsa;
- SECKEYDHPublicKey dh;
- SECKEYKEAPublicKey kea;
- SECKEYFortezzaPublicKey fortezza;
- } u;
-};
-typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
-
-/*
-** A generic key structure
-*/
-struct SECKEYPrivateKeyStr {
- PLArenaPool *arena;
- KeyType keyType;
- PK11SlotInfo *pkcs11Slot; /* pkcs11 slot this key lives in */
- CK_OBJECT_HANDLE pkcs11ID; /* ID of pkcs11 object */
- PRBool pkcs11IsTemp; /* temp pkcs11 object, delete it when done */
- void *wincx; /* context for errors and pw prompts */
-};
-typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey;
-
-/* Despite the name, this struct isn't used by any pkcs5 code.
-** It's used by pkcs7 and pkcs12 code.
-*/
-typedef struct {
- SECItem *pwitem;
- PK11SymKey *key;
- PK11SlotInfo *slot;
- void *wincx;
-} SEC_PKCS5KeyAndPassword;
-
-typedef struct {
- PRCList links;
- SECKEYPrivateKey *key;
-} SECKEYPrivateKeyListNode;
-
-typedef struct {
- PRCList list;
- PRArenaPool *arena;
-} SECKEYPrivateKeyList;
-
-#endif /* _KEYTHI_H_ */
-
diff --git a/security/nss/lib/cryptohi/manifest.mn b/security/nss/lib/cryptohi/manifest.mn
deleted file mode 100644
index a4a76a7df..000000000
--- a/security/nss/lib/cryptohi/manifest.mn
+++ /dev/null
@@ -1,64 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-REQUIRES = dbm
-
-LIBRARY_NAME = cryptohi
-
-EXPORTS = \
- cryptohi.h \
- cryptoht.h \
- hasht.h \
- key.h \
- keyhi.h \
- keyt.h \
- keythi.h \
- sechash.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- $(NULL)
-
-LIBSRCS = \
- sechash.c \
- seckey.c \
- secsign.c \
- secvfy.c \
- dsautil.c \
- $(NULL)
-
-CSRCS = $(LIBSRCS)
-
diff --git a/security/nss/lib/cryptohi/sechash.c b/security/nss/lib/cryptohi/sechash.c
deleted file mode 100644
index 36ee1efd2..000000000
--- a/security/nss/lib/cryptohi/sechash.c
+++ /dev/null
@@ -1,281 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "sechash.h"
-#include "secoidt.h"
-#include "blapi.h"
-#include "pk11func.h" /* for the PK11_ calls below. */
-
-static void *
-null_hash_new_context(void)
-{
- return NULL;
-}
-
-static void *
-null_hash_clone_context(void *v)
-{
- PORT_Assert(v == NULL);
- return NULL;
-}
-
-static void
-null_hash_begin(void *v)
-{
-}
-
-static void
-null_hash_update(void *v, const unsigned char *input, unsigned int length)
-{
-}
-
-static void
-null_hash_end(void *v, unsigned char *output, unsigned int *outLen,
- unsigned int maxOut)
-{
- *outLen = 0;
-}
-
-static void
-null_hash_destroy_context(void *v, PRBool b)
-{
- PORT_Assert(v == NULL);
-}
-
-
-static void *
-md2_NewContext(void) {
- return (void *) PK11_CreateDigestContext(SEC_OID_MD2);
-}
-
-static void *
-md5_NewContext(void) {
- return (void *) PK11_CreateDigestContext(SEC_OID_MD5);
-}
-
-static void *
-sha1_NewContext(void) {
- return (void *) PK11_CreateDigestContext(SEC_OID_SHA1);
-}
-
-const SECHashObject SECHashObjects[] = {
- { 0,
- (void * (*)(void)) null_hash_new_context,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) null_hash_destroy_context,
- (void (*)(void *)) null_hash_begin,
- (void (*)(void *, const unsigned char *, unsigned int)) null_hash_update,
- (void (*)(void *, unsigned char *, unsigned int *,
- unsigned int)) null_hash_end
- },
- { MD2_LENGTH,
- (void * (*)(void)) md2_NewContext,
- (void * (*)(void *)) PK11_CloneContext,
- (void (*)(void *, PRBool)) PK11_DestroyContext,
- (void (*)(void *)) PK11_DigestBegin,
- (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
- PK11_DigestFinal
- },
- { MD5_LENGTH,
- (void * (*)(void)) md5_NewContext,
- (void * (*)(void *)) PK11_CloneContext,
- (void (*)(void *, PRBool)) PK11_DestroyContext,
- (void (*)(void *)) PK11_DigestBegin,
- (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
- PK11_DigestFinal
- },
- { SHA1_LENGTH,
- (void * (*)(void)) sha1_NewContext,
- (void * (*)(void *)) PK11_CloneContext,
- (void (*)(void *, PRBool)) PK11_DestroyContext,
- (void (*)(void *)) PK11_DigestBegin,
- (void (*)(void *, const unsigned char *, unsigned int)) PK11_DigestOp,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int))
- PK11_DigestFinal
- },
-};
-
-const SECHashObject *
-HASH_GetHashObject(HASH_HashType type)
-{
- return &SECHashObjects[type];
-}
-
-
-unsigned int
-HASH_ResultLen(HASH_HashType type)
-{
- if ( ( type < HASH_AlgNULL ) || ( type >= HASH_AlgTOTAL ) ) {
- return(0);
- }
-
- return(SECHashObjects[type].length);
-}
-
-unsigned int
-HASH_ResultLenContext(HASHContext *context)
-{
- return(context->hashobj->length);
-}
-
-
-
-SECStatus
-HASH_HashBuf(HASH_HashType type,
- unsigned char *dest,
- unsigned char *src,
- uint32 src_len)
-{
- HASHContext *cx;
- unsigned int part;
-
- if ( ( type < HASH_AlgNULL ) || ( type >= HASH_AlgTOTAL ) ) {
- return(SECFailure);
- }
-
- cx = HASH_Create(type);
- if ( cx == NULL ) {
- return(SECFailure);
- }
- HASH_Begin(cx);
- HASH_Update(cx, src, src_len);
- HASH_End(cx, dest, &part, HASH_ResultLenContext(cx));
- HASH_Destroy(cx);
-
- return(SECSuccess);
-}
-
-HASHContext *
-HASH_Create(HASH_HashType type)
-{
- void *hash_context = NULL;
- HASHContext *ret = NULL;
-
- if ( ( type < HASH_AlgNULL ) || ( type >= HASH_AlgTOTAL ) ) {
- return(NULL);
- }
-
- hash_context = (* SECHashObjects[type].create)();
- if ( hash_context == NULL ) {
- goto loser;
- }
-
- ret = (HASHContext *)PORT_Alloc(sizeof(HASHContext));
- if ( ret == NULL ) {
- goto loser;
- }
-
- ret->hash_context = hash_context;
- ret->hashobj = &SECHashObjects[type];
-
- return(ret);
-
-loser:
- if ( hash_context != NULL ) {
- (* SECHashObjects[type].destroy)(hash_context, PR_TRUE);
- }
-
- return(NULL);
-}
-
-
-HASHContext *
-HASH_Clone(HASHContext *context)
-{
- void *hash_context = NULL;
- HASHContext *ret = NULL;
-
- hash_context = (* context->hashobj->clone)(context->hash_context);
- if ( hash_context == NULL ) {
- goto loser;
- }
-
- ret = (HASHContext *)PORT_Alloc(sizeof(HASHContext));
- if ( ret == NULL ) {
- goto loser;
- }
-
- ret->hash_context = hash_context;
- ret->hashobj = context->hashobj;
-
- return(ret);
-
-loser:
- if ( hash_context != NULL ) {
- (* context->hashobj->destroy)(hash_context, PR_TRUE);
- }
-
- return(NULL);
-
-}
-
-void
-HASH_Destroy(HASHContext *context)
-{
- (* context->hashobj->destroy)(context->hash_context, PR_TRUE);
- PORT_Free(context);
- return;
-}
-
-
-void
-HASH_Begin(HASHContext *context)
-{
- (* context->hashobj->begin)(context->hash_context);
- return;
-}
-
-
-void
-HASH_Update(HASHContext *context,
- const unsigned char *src,
- unsigned int len)
-{
- (* context->hashobj->update)(context->hash_context, src, len);
- return;
-}
-
-void
-HASH_End(HASHContext *context,
- unsigned char *result,
- unsigned int *result_len,
- unsigned int max_result_len)
-{
- (* context->hashobj->end)(context->hash_context, result, result_len,
- max_result_len);
- return;
-}
-
-
-
diff --git a/security/nss/lib/cryptohi/sechash.h b/security/nss/lib/cryptohi/sechash.h
deleted file mode 100644
index 0e5a92e3b..000000000
--- a/security/nss/lib/cryptohi/sechash.h
+++ /dev/null
@@ -1,79 +0,0 @@
-#ifndef _HASH_H_
-#define _HASH_H_
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * hash.h - public data structures and prototypes for the hashing library
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "hasht.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Generic hash api.
-*/
-
-extern unsigned int HASH_ResultLen(HASH_HashType type);
-
-extern unsigned int HASH_ResultLenContext(HASHContext *context);
-
-extern SECStatus HASH_HashBuf(HASH_HashType type,
- unsigned char *dest,
- unsigned char *src,
- uint32 src_len);
-
-extern HASHContext * HASH_Create(HASH_HashType type);
-
-extern HASHContext * HASH_Clone(HASHContext *context);
-
-extern void HASH_Destroy(HASHContext *context);
-
-extern void HASH_Begin(HASHContext *context);
-
-extern void HASH_Update(HASHContext *context,
- const unsigned char *src,
- unsigned int len);
-
-extern void HASH_End(HASHContext *context,
- unsigned char *result,
- unsigned int *result_len,
- unsigned int max_result_len);
-
-extern const SECHashObject * HASH_GetHashObject(HASH_HashType type);
-
-SEC_END_PROTOS
-
-#endif /* _HASH_H_ */
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c
deleted file mode 100644
index d55533a46..000000000
--- a/security/nss/lib/cryptohi/seckey.c
+++ /dev/null
@@ -1,1818 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "cryptohi.h"
-#include "keyhi.h"
-#include "secrng.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "cert.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "secdig.h"
-#include "prtime.h"
-
-const SEC_ASN1Template CERT_SubjectPublicKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTSubjectPublicKeyInfo) },
- { SEC_ASN1_INLINE,
- offsetof(CERTSubjectPublicKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTSubjectPublicKeyInfo,subjectPublicKey), },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_PublicKeyAndChallengeTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(CERTPublicKeyAndChallenge) },
- { SEC_ASN1_ANY, offsetof(CERTPublicKeyAndChallenge,spki) },
- { SEC_ASN1_IA5_STRING, offsetof(CERTPublicKeyAndChallenge,challenge) },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPublicKey) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.rsa.modulus), },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.rsa.publicExponent), },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dsa.publicValue), },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_PQGParamsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dh.publicValue), },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_DHParamKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPublicKey) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dh.prime), },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.dh.base), },
- /* XXX chrisk: this needs to be expanded for decoding of j and validationParms (RFC2459 7.3.2) */
- { SEC_ASN1_SKIP_REST },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_FortezzaParameterTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,prime), },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,subPrime), },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPQGParams,base), },
- { 0 },
-};
-
-const SEC_ASN1Template SECKEY_FortezzaDiffParameterTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYDiffPQGParams) },
- { SEC_ASN1_INLINE, offsetof(SECKEYDiffPQGParams,DiffKEAParams),
- SECKEY_FortezzaParameterTemplate},
- { SEC_ASN1_INLINE, offsetof(SECKEYDiffPQGParams,DiffDSAParams),
- SECKEY_FortezzaParameterTemplate},
- { 0 },
-};
-
-const SEC_ASN1Template SECKEY_FortezzaPreParamTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 1, offsetof(SECKEYPQGDualParams,CommParams),
- SECKEY_FortezzaParameterTemplate},
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_FortezzaAltPreParamTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0, offsetof(SECKEYPQGDualParams,DiffParams),
- SECKEY_FortezzaDiffParameterTemplate},
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_KEAPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYPublicKey,u.kea.publicValue), },
- { 0, }
-};
-
-const SEC_ASN1Template SECKEY_KEAParamsTemplate[] = {
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPublicKey,u.kea.params.hash), },
- { 0, }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_DSAPublicKeyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_RSAPublicKeyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SubjectPublicKeyInfoTemplate)
-
-
-/* Create an RSA key pair is any slot able to do so.
-** The created keys are "session" (temporary), not "token" (permanent),
-** and they are "sensitive", which makes them costly to move to another token.
-*/
-SECKEYPrivateKey *
-SECKEY_CreateRSAPrivateKey(int keySizeInBits,SECKEYPublicKey **pubk, void *cx)
-{
- SECKEYPrivateKey *privk;
- PK11SlotInfo *slot = PK11_GetBestSlot(CKM_RSA_PKCS_KEY_PAIR_GEN,cx);
- PK11RSAGenParams param;
-
- param.keySizeInBits = keySizeInBits;
- param.pe = 65537L;
-
- privk = PK11_GenerateKeyPair(slot,CKM_RSA_PKCS_KEY_PAIR_GEN,&param,pubk,
- PR_FALSE, PR_TRUE, cx);
- PK11_FreeSlot(slot);
- return(privk);
-}
-
-/* Create a DH key pair in any slot able to do so,
-** This is a "session" (temporary), not "token" (permanent) key.
-** Because of the high probability that this key will need to be moved to
-** another token, and the high cost of moving "sensitive" keys, we attempt
-** to create this key pair without the "sensitive" attribute, but revert to
-** creating a "sensitive" key if necessary.
-*/
-SECKEYPrivateKey *
-SECKEY_CreateDHPrivateKey(SECKEYDHParams *param, SECKEYPublicKey **pubk, void *cx)
-{
- SECKEYPrivateKey *privk;
- PK11SlotInfo *slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN,cx);
-
- privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param,
- pubk, PR_FALSE, PR_FALSE, cx);
- if (!privk)
- privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param,
- pubk, PR_FALSE, PR_TRUE, cx);
-
- PK11_FreeSlot(slot);
- return(privk);
-}
-
-void
-SECKEY_DestroyPrivateKey(SECKEYPrivateKey *privk)
-{
- if (privk) {
- if (privk->pkcs11Slot) {
- if (privk->pkcs11IsTemp) {
- PK11_DestroyObject(privk->pkcs11Slot,privk->pkcs11ID);
- }
- PK11_FreeSlot(privk->pkcs11Slot);
-
- }
- if (privk->arena) {
- PORT_FreeArena(privk->arena, PR_TRUE);
- }
- }
-}
-
-void
-SECKEY_DestroyPublicKey(SECKEYPublicKey *pubk)
-{
- if (pubk) {
- if (pubk->pkcs11Slot) {
- PK11_DestroyObject(pubk->pkcs11Slot,pubk->pkcs11ID);
- PK11_FreeSlot(pubk->pkcs11Slot);
- }
- if (pubk->arena) {
- PORT_FreeArena(pubk->arena, PR_FALSE);
- }
- }
-}
-
-SECStatus
-SECKEY_CopySubjectPublicKeyInfo(PRArenaPool *arena,
- CERTSubjectPublicKeyInfo *to,
- CERTSubjectPublicKeyInfo *from)
-{
- SECStatus rv;
-
- rv = SECOID_CopyAlgorithmID(arena, &to->algorithm, &from->algorithm);
- if (rv == SECSuccess)
- rv = SECITEM_CopyItem(arena, &to->subjectPublicKey, &from->subjectPublicKey);
-
- return rv;
-}
-
-SECStatus
-SECKEY_KEASetParams(SECKEYKEAParams * params, SECKEYPublicKey * pubKey) {
-
- if (pubKey->keyType == fortezzaKey) {
- /* the key is a fortezza V1 public key */
-
- /* obtain hash of pubkey->u.fortezza.params.prime.data +
- pubkey->u.fortezza.params.subPrime.data +
- pubkey->u.fortezza.params.base.data */
-
- /* store hash in params->hash */
-
- } else if (pubKey->keyType == keaKey) {
-
- /* the key is a new fortezza KEA public key. */
- SECITEM_CopyItem(pubKey->arena, &params->hash,
- &pubKey->u.kea.params.hash );
-
- } else {
-
- /* the key has no KEA parameters */
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
-SECStatus
-SECKEY_KEAParamCompare(CERTCertificate *cert1,CERTCertificate *cert2)
-{
-
- SECStatus rv;
-
- SECKEYPublicKey *pubKey1 = 0;
- SECKEYPublicKey *pubKey2 = 0;
-
- SECKEYKEAParams params1;
- SECKEYKEAParams params2;
-
-
- rv = SECFailure;
-
- /* get cert1's public key */
- pubKey1 = CERT_ExtractPublicKey(cert1);
- if ( !pubKey1 ) {
- return(SECFailure);
- }
-
-
- /* get cert2's public key */
- pubKey2 = CERT_ExtractPublicKey(cert2);
- if ( !pubKey2 ) {
- return(SECFailure);
- }
-
- /* handle the case when both public keys are new
- * fortezza KEA public keys. */
-
- if ((pubKey1->keyType == keaKey) &&
- (pubKey2->keyType == keaKey) ) {
-
- rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.kea.params.hash,
- &pubKey2->u.kea.params.hash);
- goto done;
- }
-
- /* handle the case when both public keys are old fortezza
- * public keys. */
-
- if ((pubKey1->keyType == fortezzaKey) &&
- (pubKey2->keyType == fortezzaKey) ) {
-
- rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.fortezza.keaParams.prime,
- &pubKey2->u.fortezza.keaParams.prime);
-
- if (rv == SECEqual) {
- rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.fortezza.keaParams.subPrime,
- &pubKey2->u.fortezza.keaParams.subPrime);
- }
-
- if (rv == SECEqual) {
- rv = (SECStatus)SECITEM_CompareItem(&pubKey1->u.fortezza.keaParams.base,
- &pubKey2->u.fortezza.keaParams.base);
- }
-
- goto done;
- }
-
-
- /* handle the case when the public keys are a mixture of
- * old and new. */
-
- rv = SECKEY_KEASetParams(&params1, pubKey1);
- if (rv != SECSuccess) return rv;
-
- rv = SECKEY_KEASetParams(&params2, pubKey2);
- if (rv != SECSuccess) return rv;
-
- rv = (SECStatus)SECITEM_CompareItem(&params1.hash, &params2.hash);
-
-done:
- SECKEY_DestroyPublicKey(pubKey1);
- SECKEY_DestroyPublicKey(pubKey2);
-
- return rv; /* returns SECEqual if parameters are equal */
-
-}
-
-
-/* Procedure to update the pqg parameters for a cert's public key.
- * pqg parameters only need to be updated for DSA and fortezza certificates.
- * The procedure uses calls to itself recursively to update a certificate
- * issuer's pqg parameters. Some important rules are:
- * - Do nothing if the cert already has PQG parameters.
- * - If the cert does not have PQG parameters, obtain them from the issuer.
- * - A valid cert chain cannot have a DSA or Fortezza cert without
- * pqg parameters that has a parent that is not a DSA or Fortezza cert.
- * - pqg paramters are stored in two different formats: the standard
- * DER encoded format and the fortezza-only wrapped format. The params
- * should be copied from issuer to subject cert without modifying the
- * formats. The public key extraction code will deal with the different
- * formats at the time of extraction. */
-
-SECStatus
-seckey_UpdateCertPQGChain(CERTCertificate * subjectCert, int count)
-{
- SECStatus rv, rvCompare;
- SECOidData *oid=NULL;
- int tag;
- CERTSubjectPublicKeyInfo * subjectSpki=NULL;
- CERTSubjectPublicKeyInfo * issuerSpki=NULL;
- CERTCertificate *issuerCert = NULL;
-
- rv = SECSuccess;
-
- /* increment cert chain length counter*/
- count++;
-
- /* check if cert chain length exceeds the maximum length*/
- if (count > CERT_MAX_CERT_CHAIN) {
- return SECFailure;
- }
-
- oid = SECOID_FindOID(&subjectCert->subjectPublicKeyInfo.algorithm.algorithm);
- if (oid != NULL) {
- tag = oid->offset;
-
- /* Check if cert has a DSA or Fortezza public key. If not, return
- * success since no PQG params need to be updated. */
-
- if ( (tag != SEC_OID_MISSI_KEA_DSS_OLD) &&
- (tag != SEC_OID_MISSI_DSS_OLD) &&
- (tag != SEC_OID_MISSI_KEA_DSS) &&
- (tag != SEC_OID_MISSI_DSS) &&
- (tag != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
- (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
- (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
- (tag != SEC_OID_SDN702_DSA_SIGNATURE) ) {
-
- return SECSuccess;
- }
- } else {
- return SECFailure; /* return failure if oid is NULL */
- }
-
- /* if cert has PQG parameters, return success */
-
- subjectSpki=&subjectCert->subjectPublicKeyInfo;
-
- if (subjectSpki->algorithm.parameters.len != 0) {
- return SECSuccess;
- }
-
- /* check if the cert is self-signed */
- rvCompare = (SECStatus)SECITEM_CompareItem(&subjectCert->derSubject,
- &subjectCert->derIssuer);
- if (rvCompare == SECEqual) {
- /* fail since cert is self-signed and has no pqg params. */
- return SECFailure;
- }
-
- /* get issuer cert */
- issuerCert = CERT_FindCertIssuer(subjectCert, PR_Now(), certUsageAnyCA);
- if ( ! issuerCert ) {
- return SECFailure;
- }
-
- /* if parent is not DSA or fortezza, return failure since
- we don't allow this case. */
-
- oid = SECOID_FindOID(&issuerCert->subjectPublicKeyInfo.algorithm.algorithm);
- if (oid != NULL) {
- tag = oid->offset;
-
- /* Check if issuer cert has a DSA or Fortezza public key. If not,
- * return failure. */
-
- if ( (tag != SEC_OID_MISSI_KEA_DSS_OLD) &&
- (tag != SEC_OID_MISSI_DSS_OLD) &&
- (tag != SEC_OID_MISSI_KEA_DSS) &&
- (tag != SEC_OID_MISSI_DSS) &&
- (tag != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
- (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
- (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) &&
- (tag != SEC_OID_SDN702_DSA_SIGNATURE) ) {
-
- return SECFailure;
- }
- } else {
- return SECFailure; /* return failure if oid is NULL */
- }
-
-
- /* at this point the subject cert has no pqg parameters and the
- * issuer cert has a DSA or fortezza public key. Update the issuer's
- * pqg parameters with a recursive call to this same function. */
-
- rv = seckey_UpdateCertPQGChain(issuerCert, count);
- if (rv != SECSuccess) return rv;
-
- /* ensure issuer has pqg parameters */
-
- issuerSpki=&issuerCert->subjectPublicKeyInfo;
- if (issuerSpki->algorithm.parameters.len == 0) {
- rv = SECFailure;
- }
-
- /* if update was successful and pqg params present, then copy the
- * parameters to the subject cert's key. */
-
- if (rv == SECSuccess) {
- rv = SECITEM_CopyItem(subjectCert->arena,
- &subjectSpki->algorithm.parameters,
- &issuerSpki->algorithm.parameters);
- }
-
- return rv;
-
-}
-
-
-SECStatus
-SECKEY_UpdateCertPQG(CERTCertificate * subjectCert)
-{
- return(seckey_UpdateCertPQGChain(subjectCert,0));
-}
-
-
-/* Decode the PQG parameters. The params could be stored in two
- * possible formats, the old fortezza-only wrapped format or
- * the standard DER encoded format. Store the decoded parameters in an
- * old fortezza cert data structure */
-
-SECStatus
-SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk,
- SECItem *params) {
- SECStatus rv;
- SECKEYPQGDualParams dual_params;
-
- if (params == NULL) return SECFailure;
-
- if (params->data == NULL) return SECFailure;
-
- /* Check if params use the standard format.
- * The value 0xa1 will appear in the first byte of the parameter data
- * if the PQG parameters are not using the standard format. This
- * code should be changed to use a better method to detect non-standard
- * parameters. */
-
- if ((params->data[0] != 0xa1) &&
- (params->data[0] != 0xa0)) {
-
- /* PQG params are in the standard format */
-
- /* Store DSA PQG parameters */
- rv = SEC_ASN1DecodeItem(arena, &pubk->u.fortezza.params,
- SECKEY_PQGParamsTemplate,
- params);
-
- if (rv == SECSuccess) {
-
- /* Copy the DSA PQG parameters to the KEA PQG parameters. */
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
- &pubk->u.fortezza.params.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
- &pubk->u.fortezza.params.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
- &pubk->u.fortezza.params.base);
- if (rv != SECSuccess) return rv;
- }
-
- } else {
-
- dual_params.CommParams.prime.len = 0;
- dual_params.CommParams.subPrime.len = 0;
- dual_params.CommParams.base.len = 0;
- dual_params.DiffParams.DiffDSAParams.prime.len = 0;
- dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
- dual_params.DiffParams.DiffDSAParams.base.len = 0;
-
- /* else the old fortezza-only wrapped format is used. */
-
- if (params->data[0] == 0xa1) {
- rv = SEC_ASN1DecodeItem(arena, &dual_params,
- SECKEY_FortezzaPreParamTemplate, params);
- } else {
- rv = SEC_ASN1DecodeItem(arena, &dual_params,
- SECKEY_FortezzaAltPreParamTemplate, params);
- }
-
- if (rv < 0) return rv;
-
- if ( (dual_params.CommParams.prime.len > 0) &&
- (dual_params.CommParams.subPrime.len > 0) &&
- (dual_params.CommParams.base.len > 0) ) {
- /* copy in common params */
-
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
- &dual_params.CommParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
- &dual_params.CommParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
- &dual_params.CommParams.base);
-
- /* Copy the DSA PQG parameters to the KEA PQG parameters. */
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
- &pubk->u.fortezza.params.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
- &pubk->u.fortezza.params.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
- &pubk->u.fortezza.params.base);
- if (rv != SECSuccess) return rv;
-
- } else {
-
- /* else copy in different params */
-
- /* copy DSA PQG parameters */
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
- &dual_params.DiffParams.DiffDSAParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
- &dual_params.DiffParams.DiffDSAParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
- &dual_params.DiffParams.DiffDSAParams.base);
-
- /* copy KEA PQG parameters */
-
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
- &dual_params.DiffParams.DiffKEAParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
- &dual_params.DiffParams.DiffKEAParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
- &dual_params.DiffParams.DiffKEAParams.base);
- }
-
- }
- return rv;
-}
-
-
-/* Decode the DSA PQG parameters. The params could be stored in two
- * possible formats, the old fortezza-only wrapped format or
- * the normal standard format. Store the decoded parameters in
- * a V3 certificate data structure. */
-
-SECStatus
-SECKEY_DSADecodePQG(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) {
- SECStatus rv;
- SECKEYPQGDualParams dual_params;
-
- if (params == NULL) return SECFailure;
-
- if (params->data == NULL) return SECFailure;
-
- /* Check if params use the standard format.
- * The value 0xa1 will appear in the first byte of the parameter data
- * if the PQG parameters are not using the standard format. This
- * code should be changed to use a better method to detect non-standard
- * parameters. */
-
- if ((params->data[0] != 0xa1) &&
- (params->data[0] != 0xa0)) {
-
- /* PQG params are in the standard format */
- rv = SEC_ASN1DecodeItem(arena, &pubk->u.dsa.params,
- SECKEY_PQGParamsTemplate,
- params);
- } else {
-
- dual_params.CommParams.prime.len = 0;
- dual_params.CommParams.subPrime.len = 0;
- dual_params.CommParams.base.len = 0;
- dual_params.DiffParams.DiffDSAParams.prime.len = 0;
- dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
- dual_params.DiffParams.DiffDSAParams.base.len = 0;
-
- /* else the old fortezza-only wrapped format is used. */
- if (params->data[0] == 0xa1) {
- rv = SEC_ASN1DecodeItem(arena, &dual_params,
- SECKEY_FortezzaPreParamTemplate, params);
- } else {
- rv = SEC_ASN1DecodeItem(arena, &dual_params,
- SECKEY_FortezzaAltPreParamTemplate, params);
- }
-
- if (rv < 0) return rv;
-
- if ( (dual_params.CommParams.prime.len > 0) &&
- (dual_params.CommParams.subPrime.len > 0) &&
- (dual_params.CommParams.base.len > 0) ) {
- /* copy in common params */
-
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
- &dual_params.CommParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
- &dual_params.CommParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
- &dual_params.CommParams.base);
-
- } else {
-
- /* else copy in different params */
-
- /* copy DSA PQG parameters */
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
- &dual_params.DiffParams.DiffDSAParams.prime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
- &dual_params.DiffParams.DiffDSAParams.subPrime);
- if (rv != SECSuccess) return rv;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
- &dual_params.DiffParams.DiffDSAParams.base);
-
- }
- }
- return rv;
-}
-
-
-
-/* Decodes the DER encoded fortezza public key and stores the results in a
- * structure of type SECKEYPublicKey. */
-
-SECStatus
-SECKEY_FortezzaDecodeCertKey(PRArenaPool *arena, SECKEYPublicKey *pubk,
- SECItem *rawkey, SECItem *params) {
-
- unsigned char *rawptr = rawkey->data;
- unsigned char *end = rawkey->data + rawkey->len;
- unsigned char *clearptr;
-
- /* first march down and decode the raw key data */
-
- /* version */
- pubk->u.fortezza.KEAversion = *rawptr++;
- if (*rawptr++ != 0x01) {
- return SECFailure;
- }
-
- /* KMID */
- PORT_Memcpy(pubk->u.fortezza.KMID,rawptr,
- sizeof(pubk->u.fortezza.KMID));
- rawptr += sizeof(pubk->u.fortezza.KMID);
-
- /* clearance (the string up to the first byte with the hi-bit on */
- clearptr = rawptr;
- while ((rawptr < end) && (*rawptr++ & 0x80));
-
- if (rawptr >= end) { return SECFailure; }
- pubk->u.fortezza.clearance.len = rawptr - clearptr;
- pubk->u.fortezza.clearance.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.clearance.len);
- if (pubk->u.fortezza.clearance.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.clearance.data,clearptr,
- pubk->u.fortezza.clearance.len);
-
- /* KEAPrivilege (the string up to the first byte with the hi-bit on */
- clearptr = rawptr;
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return SECFailure; }
- pubk->u.fortezza.KEApriviledge.len = rawptr - clearptr;
- pubk->u.fortezza.KEApriviledge.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.KEApriviledge.len);
- if (pubk->u.fortezza.KEApriviledge.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.KEApriviledge.data,clearptr,
- pubk->u.fortezza.KEApriviledge.len);
-
-
- /* now copy the key. The next to bytes are the key length, and the
- * key follows */
- pubk->u.fortezza.KEAKey.len = (*rawptr << 8) | rawptr[1];
-
- rawptr += 2;
- if (rawptr+pubk->u.fortezza.KEAKey.len > end) { return SECFailure; }
- pubk->u.fortezza.KEAKey.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.KEAKey.len);
- if (pubk->u.fortezza.KEAKey.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.KEAKey.data,rawptr,
- pubk->u.fortezza.KEAKey.len);
- rawptr += pubk->u.fortezza.KEAKey.len;
-
- /* shared key */
- if (rawptr >= end) {
- pubk->u.fortezza.DSSKey.len = pubk->u.fortezza.KEAKey.len;
- /* this depends on the fact that we are going to get freed with an
- * ArenaFree call. We cannot free DSSKey and KEAKey separately */
- pubk->u.fortezza.DSSKey.data=
- pubk->u.fortezza.KEAKey.data;
- pubk->u.fortezza.DSSpriviledge.len =
- pubk->u.fortezza.KEApriviledge.len;
- pubk->u.fortezza.DSSpriviledge.data =
- pubk->u.fortezza.DSSpriviledge.data;
- goto done;
- }
-
-
- /* DSS Version is next */
- pubk->u.fortezza.DSSversion = *rawptr++;
-
- if (*rawptr++ != 2) {
- return SECFailure;
- }
-
- /* DSSPrivilege (the string up to the first byte with the hi-bit on */
- clearptr = rawptr;
- while ((rawptr < end) && (*rawptr++ & 0x80));
- if (rawptr >= end) { return SECFailure; }
- pubk->u.fortezza.DSSpriviledge.len = rawptr - clearptr;
- pubk->u.fortezza.DSSpriviledge.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.DSSpriviledge.len);
- if (pubk->u.fortezza.DSSpriviledge.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.DSSpriviledge.data,clearptr,
- pubk->u.fortezza.DSSpriviledge.len);
-
- /* finally copy the DSS key. The next to bytes are the key length,
- * and the key follows */
- pubk->u.fortezza.DSSKey.len = (*rawptr << 8) | rawptr[1];
-
- rawptr += 2;
- if (rawptr+pubk->u.fortezza.DSSKey.len > end){ return SECFailure; }
- pubk->u.fortezza.DSSKey.data =
- (unsigned char*)PORT_ArenaZAlloc(arena,pubk->u.fortezza.DSSKey.len);
- if (pubk->u.fortezza.DSSKey.data == NULL) {
- return SECFailure;
- }
- PORT_Memcpy(pubk->u.fortezza.DSSKey.data,rawptr,
- pubk->u.fortezza.DSSKey.len);
-
- /* ok, now we decode the parameters */
-done:
-
- return SECKEY_FortezzaDecodePQGtoOld(arena, pubk, params);
-}
-
-
-/* Function used to determine what kind of cert we are dealing with. */
-KeyType
-CERT_GetCertKeyType (CERTSubjectPublicKeyInfo *spki) {
- int tag;
- KeyType keyType;
-
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
- switch (tag) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- keyType = rsaKey;
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- keyType = dsaKey;
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_DSS:
- keyType = fortezzaKey;
- break;
- case SEC_OID_MISSI_KEA:
- case SEC_OID_MISSI_ALT_KEA:
- keyType = keaKey;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- keyType = dhKey;
- default:
- keyType = nullKey;
- }
- return keyType;
-}
-
-static SECKEYPublicKey *
-seckey_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki)
-{
- SECKEYPublicKey *pubk;
- SECItem os;
- SECStatus rv;
- PRArenaPool *arena;
- SECOidTag tag;
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- return NULL;
-
- pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
- if (pubk == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
- pubk->arena = arena;
- pubk->pkcs11Slot = 0;
- pubk->pkcs11ID = CK_INVALID_HANDLE;
-
-
- /* Convert bit string length from bits to bytes */
- os = spki->subjectPublicKey;
- DER_ConvertBitString (&os);
-
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
- switch ( tag ) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- pubk->keyType = rsaKey;
- rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate, &os);
- if (rv == SECSuccess)
- return pubk;
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_SDN702_DSA_SIGNATURE:
- pubk->keyType = dsaKey;
- rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_DSAPublicKeyTemplate, &os);
- if (rv != SECSuccess) break;
-
- rv = SECKEY_DSADecodePQG(arena, pubk,
- &spki->algorithm.parameters);
-
- if (rv == SECSuccess) return pubk;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- pubk->keyType = dhKey;
- rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_DHPublicKeyTemplate, &os);
- if (rv != SECSuccess) break;
-
- rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_DHParamKeyTemplate,
- &spki->algorithm.parameters);
-
- if (rv == SECSuccess) return pubk;
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_DSS:
- pubk->keyType = fortezzaKey;
- rv = SECKEY_FortezzaDecodeCertKey(arena, pubk, &os,
- &spki->algorithm.parameters);
- if (rv == SECSuccess)
- return pubk;
- break;
-
- case SEC_OID_MISSI_KEA:
- pubk->keyType = keaKey;
-
- rv = SEC_ASN1DecodeItem(arena, pubk,
- SECKEY_KEAPublicKeyTemplate, &os);
- if (rv != SECSuccess) break;
-
-
- rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_KEAParamsTemplate,
- &spki->algorithm.parameters);
-
- if (rv == SECSuccess)
- return pubk;
-
- break;
-
- case SEC_OID_MISSI_ALT_KEA:
- pubk->keyType = keaKey;
-
- rv = SECITEM_CopyItem(arena,&pubk->u.kea.publicValue,&os);
- if (rv != SECSuccess) break;
-
- rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_KEAParamsTemplate,
- &spki->algorithm.parameters);
-
- if (rv == SECSuccess)
- return pubk;
-
- break;
-
-
- default:
- rv = SECFailure;
- break;
- }
-
- SECKEY_DestroyPublicKey (pubk);
- return NULL;
-}
-
-
-/* required for JSS */
-SECKEYPublicKey *
-SECKEY_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki)
-{
- return seckey_ExtractPublicKey(spki);
-}
-
-SECKEYPublicKey *
-CERT_ExtractPublicKey(CERTCertificate *cert)
-{
- SECStatus rv;
-
- rv = SECKEY_UpdateCertPQG(cert);
- if (rv != SECSuccess) return NULL;
-
- return seckey_ExtractPublicKey(&cert->subjectPublicKeyInfo);
-}
-
-/*
- * Get the public key for the fortezza KMID. NOTE this requires the
- * PQG paramters to be set. We probably should have a fortezza call that
- * just extracts the kmid for us directly so this function can work
- * without having the whole cert chain
- */
-SECKEYPublicKey *
-CERT_KMIDPublicKey(CERTCertificate *cert)
-{
- return seckey_ExtractPublicKey(&cert->subjectPublicKeyInfo);
-}
-
-/* returns key strength in bytes (not bits) */
-unsigned
-SECKEY_PublicKeyStrength(SECKEYPublicKey *pubk)
-{
- unsigned char b0;
-
- /* interpret modulus length as key strength... in
- * fortezza that's the public key length */
-
- switch (pubk->keyType) {
- case rsaKey:
- b0 = pubk->u.rsa.modulus.data[0];
- return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
- case dsaKey:
- b0 = pubk->u.dsa.publicValue.data[0];
- return b0 ? pubk->u.dsa.publicValue.len :
- pubk->u.dsa.publicValue.len - 1;
- case dhKey:
- b0 = pubk->u.dh.publicValue.data[0];
- return b0 ? pubk->u.dh.publicValue.len :
- pubk->u.dh.publicValue.len - 1;
- case fortezzaKey:
- return PR_MAX(pubk->u.fortezza.KEAKey.len, pubk->u.fortezza.DSSKey.len);
- default:
- break;
- }
- return 0;
-}
-
-SECKEYPrivateKey *
-SECKEY_CopyPrivateKey(SECKEYPrivateKey *privk)
-{
- SECKEYPrivateKey *copyk;
- PRArenaPool *arena;
-
- if (privk == NULL) {
- return NULL;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- copyk = (SECKEYPrivateKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPrivateKey));
- if (copyk) {
- copyk->arena = arena;
- copyk->keyType = privk->keyType;
-
- /* copy the PKCS #11 parameters */
- copyk->pkcs11Slot = PK11_ReferenceSlot(privk->pkcs11Slot);
- /* if the key we're referencing was a temparary key we have just
- * created, that we want to go away when we're through, we need
- * to make a copy of it */
- if (privk->pkcs11IsTemp) {
- copyk->pkcs11ID =
- PK11_CopyKey(privk->pkcs11Slot,privk->pkcs11ID);
- if (copyk->pkcs11ID == CK_INVALID_HANDLE) goto fail;
- } else {
- copyk->pkcs11ID = privk->pkcs11ID;
- }
- copyk->pkcs11IsTemp = privk->pkcs11IsTemp;
- copyk->wincx = privk->wincx;
- return copyk;
- } else {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- }
-
-fail:
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-SECKEYPublicKey *
-SECKEY_CopyPublicKey(SECKEYPublicKey *pubk)
-{
- SECKEYPublicKey *copyk;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- copyk = (SECKEYPublicKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPublicKey));
- if (copyk != NULL) {
- SECStatus rv = SECSuccess;
-
- copyk->arena = arena;
- copyk->keyType = pubk->keyType;
- copyk->pkcs11Slot = NULL; /* go get own reference */
- copyk->pkcs11ID = CK_INVALID_HANDLE;
- switch (pubk->keyType) {
- case rsaKey:
- rv = SECITEM_CopyItem(arena, &copyk->u.rsa.modulus,
- &pubk->u.rsa.modulus);
- if (rv == SECSuccess) {
- rv = SECITEM_CopyItem (arena, &copyk->u.rsa.publicExponent,
- &pubk->u.rsa.publicExponent);
- if (rv == SECSuccess)
- return copyk;
- }
- break;
- case dsaKey:
- rv = SECITEM_CopyItem(arena, &copyk->u.dsa.publicValue,
- &pubk->u.dsa.publicValue);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.prime,
- &pubk->u.dsa.params.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.subPrime,
- &pubk->u.dsa.params.subPrime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.dsa.params.base,
- &pubk->u.dsa.params.base);
- break;
- case keaKey:
- rv = SECITEM_CopyItem(arena, &copyk->u.kea.publicValue,
- &pubk->u.kea.publicValue);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.kea.params.hash,
- &pubk->u.kea.params.hash);
- break;
- case fortezzaKey:
- copyk->u.fortezza.KEAversion = pubk->u.fortezza.KEAversion;
- copyk->u.fortezza.DSSversion = pubk->u.fortezza.DSSversion;
- PORT_Memcpy(copyk->u.fortezza.KMID, pubk->u.fortezza.KMID,
- sizeof(pubk->u.fortezza.KMID));
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.clearance,
- &pubk->u.fortezza.clearance);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.KEApriviledge,
- &pubk->u.fortezza.KEApriviledge);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.DSSpriviledge,
- &pubk->u.fortezza.DSSpriviledge);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.KEAKey,
- &pubk->u.fortezza.KEAKey);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.DSSKey,
- &pubk->u.fortezza.DSSKey);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.params.prime,
- &pubk->u.fortezza.params.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.params.subPrime,
- &pubk->u.fortezza.params.subPrime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.params.base,
- &pubk->u.fortezza.params.base);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.keaParams.prime,
- &pubk->u.fortezza.keaParams.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.keaParams.subPrime,
- &pubk->u.fortezza.keaParams.subPrime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.fortezza.keaParams.base,
- &pubk->u.fortezza.keaParams.base);
- break;
- case dhKey:
- rv = SECITEM_CopyItem(arena,&copyk->u.dh.prime,&pubk->u.dh.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena,&copyk->u.dh.base,&pubk->u.dh.base);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &copyk->u.dh.publicValue,
- &pubk->u.dh.publicValue);
- break;
- case nullKey:
- return copyk;
- default:
- rv = SECFailure;
- break;
- }
- if (rv == SECSuccess)
- return copyk;
-
- SECKEY_DestroyPublicKey (copyk);
- } else {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-
-SECKEYPublicKey *
-SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privk)
-{
- SECKEYPublicKey *pubk;
- PRArenaPool *arena;
- CERTCertificate *cert;
- SECStatus rv;
-
- /*
- * First try to look up the cert.
- */
- cert = PK11_GetCertFromPrivateKey(privk);
- if (cert) {
- pubk = CERT_ExtractPublicKey(cert);
- CERT_DestroyCertificate(cert);
- return pubk;
- }
-
- /* couldn't find the cert, build pub key by hand */
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- pubk = (SECKEYPublicKey *)PORT_ArenaZAlloc(arena,
- sizeof (SECKEYPublicKey));
- if (pubk == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
- pubk->keyType = privk->keyType;
- pubk->pkcs11Slot = NULL;
- pubk->pkcs11ID = CK_INVALID_HANDLE;
- pubk->arena = arena;
-
- /*
- * fortezza is at the head of this switch, since we don't want to
- * allocate an arena... CERT_ExtractPublicKey will to that for us.
- */
- switch(privk->keyType) {
- case fortezzaKey:
- case nullKey:
- case dhKey:
- case dsaKey:
- /* Nothing to query, if the cert isn't there, we're done -- no way
- * to get the public key */
- break;
- case rsaKey:
- rv = PK11_ReadAttribute(privk->pkcs11Slot,privk->pkcs11ID,
- CKA_MODULUS,arena,&pubk->u.rsa.modulus);
- if (rv != SECSuccess) break;
- rv = PK11_ReadAttribute(privk->pkcs11Slot,privk->pkcs11ID,
- CKA_PUBLIC_EXPONENT,arena,&pubk->u.rsa.publicExponent);
- if (rv != SECSuccess) break;
- return pubk;
- break;
- default:
- break;
- }
-
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-CERTSubjectPublicKeyInfo *
-SECKEY_CreateSubjectPublicKeyInfo(SECKEYPublicKey *pubk)
-{
- CERTSubjectPublicKeyInfo *spki;
- PRArenaPool *arena;
- SECItem params = { siBuffer, NULL, 0 };
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- spki = (CERTSubjectPublicKeyInfo *) PORT_ArenaZAlloc(arena, sizeof (*spki));
- if (spki != NULL) {
- SECStatus rv;
- SECItem *rv_item;
-
- spki->arena = arena;
- switch(pubk->keyType) {
- case rsaKey:
- rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
- SEC_OID_PKCS1_RSA_ENCRYPTION, 0);
- if (rv == SECSuccess) {
- /*
- * DER encode the public key into the subjectPublicKeyInfo.
- */
- rv_item = SEC_ASN1EncodeItem(arena, &spki->subjectPublicKey,
- pubk, SECKEY_RSAPublicKeyTemplate);
- if (rv_item != NULL) {
- /*
- * The stored value is supposed to be a BIT_STRING,
- * so convert the length.
- */
- spki->subjectPublicKey.len <<= 3;
- /*
- * We got a good one; return it.
- */
- return spki;
- }
- }
- break;
- case dsaKey:
- /* DER encode the params. */
- rv_item = SEC_ASN1EncodeItem(arena, &params, &pubk->u.dsa.params,
- SECKEY_PQGParamsTemplate);
- if (rv_item != NULL) {
- rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
- SEC_OID_ANSIX9_DSA_SIGNATURE,
- &params);
- if (rv == SECSuccess) {
- /*
- * DER encode the public key into the subjectPublicKeyInfo.
- */
- rv_item = SEC_ASN1EncodeItem(arena, &spki->subjectPublicKey,
- pubk,
- SECKEY_DSAPublicKeyTemplate);
- if (rv_item != NULL) {
- /*
- * The stored value is supposed to be a BIT_STRING,
- * so convert the length.
- */
- spki->subjectPublicKey.len <<= 3;
- /*
- * We got a good one; return it.
- */
- return spki;
- }
- }
- }
- SECITEM_FreeItem(&params, PR_FALSE);
- break;
- case keaKey:
- case dhKey: /* later... */
-
- break;
- case fortezzaKey:
-#ifdef notdef
- /* encode the DSS parameters (PQG) */
- rv = FortezzaBuildParams(&params,pubk);
- if (rv != SECSuccess) break;
-
- /* set the algorithm */
- rv = SECOID_SetAlgorithmID(arena, &spki->algorithm,
- SEC_OID_MISSI_KEA_DSS, &params);
- PORT_Free(params.data);
- if (rv == SECSuccess) {
- /*
- * Encode the public key into the subjectPublicKeyInfo.
- * Fortezza key material is not standard DER
- */
- rv = FortezzaEncodeCertKey(arena,&spki->subjectPublicKey,pubk);
- if (rv == SECSuccess) {
- /*
- * The stored value is supposed to be a BIT_STRING,
- * so convert the length.
- */
- spki->subjectPublicKey.len <<= 3;
-
- /*
- * We got a good one; return it.
- */
- return spki;
- }
- }
-#endif
- break;
- default:
- break;
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-void
-SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki)
-{
- if (spki && spki->arena) {
- PORT_FreeArena(spki->arena, PR_FALSE);
- }
-}
-
-/*
- * this only works for RSA keys... need to do something
- * similiar to CERT_ExtractPublicKey for other key times.
- */
-SECKEYPublicKey *
-SECKEY_DecodeDERPublicKey(SECItem *pubkder)
-{
- PRArenaPool *arena;
- SECKEYPublicKey *pubk;
- SECStatus rv;
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPublicKey));
- if (pubk != NULL) {
- pubk->arena = arena;
- pubk->pkcs11Slot = NULL;
- pubk->pkcs11ID = 0;
- rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate,
- pubkder);
- if (rv == SECSuccess)
- return pubk;
- SECKEY_DestroyPublicKey (pubk);
- } else {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-/*
- * Decode a base64 ascii encoded DER encoded public key.
- */
-SECKEYPublicKey *
-SECKEY_ConvertAndDecodePublicKey(char *pubkstr)
-{
- SECKEYPublicKey *pubk;
- SECStatus rv;
- SECItem der;
-
- rv = ATOB_ConvertAsciiToItem (&der, pubkstr);
- if (rv != SECSuccess)
- return NULL;
-
- pubk = SECKEY_DecodeDERPublicKey (&der);
-
- PORT_Free (der.data);
- return pubk;
-}
-
-SECItem *
-SECKEY_EncodeDERSubjectPublicKeyInfo(SECKEYPublicKey *pubk)
-{
- CERTSubjectPublicKeyInfo *spki=NULL;
- SECItem *spkiDER=NULL;
-
- /* get the subjectpublickeyinfo */
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
- if( spki == NULL ) {
- goto finish;
- }
-
- /* DER-encode the subjectpublickeyinfo */
- spkiDER = SEC_ASN1EncodeItem(NULL /*arena*/, NULL/*dest*/, spki,
- CERT_SubjectPublicKeyInfoTemplate);
-finish:
- if (spki!=NULL) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- return spkiDER;
-}
-
-
-CERTSubjectPublicKeyInfo *
-SECKEY_DecodeDERSubjectPublicKeyInfo(SECItem *spkider)
-{
- PRArenaPool *arena;
- CERTSubjectPublicKeyInfo *spki;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- spki = (CERTSubjectPublicKeyInfo *)
- PORT_ArenaZAlloc(arena, sizeof (CERTSubjectPublicKeyInfo));
- if (spki != NULL) {
- spki->arena = arena;
- rv = SEC_ASN1DecodeItem(arena,spki,
- CERT_SubjectPublicKeyInfoTemplate,spkider);
- if (rv == SECSuccess)
- return spki;
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-/*
- * Decode a base64 ascii encoded DER encoded subject public key info.
- */
-CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(char *spkistr)
-{
- CERTSubjectPublicKeyInfo *spki;
- SECStatus rv;
- SECItem der;
-
- rv = ATOB_ConvertAsciiToItem(&der, spkistr);
- if (rv != SECSuccess)
- return NULL;
-
- spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&der);
-
- PORT_Free(der.data);
- return spki;
-}
-
-/*
- * Decode a base64 ascii encoded DER encoded public key and challenge
- * Verify digital signature and make sure challenge matches
- */
-CERTSubjectPublicKeyInfo *
-SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge,
- void *wincx)
-{
- CERTSubjectPublicKeyInfo *spki = NULL;
- CERTPublicKeyAndChallenge pkac;
- SECStatus rv;
- SECItem signedItem;
- PRArenaPool *arena = NULL;
- CERTSignedData sd;
- SECItem sig;
- SECKEYPublicKey *pubKey = NULL;
- int len;
-
- signedItem.data = NULL;
-
- /* convert the base64 encoded data to binary */
- rv = ATOB_ConvertAsciiToItem(&signedItem, pkacstr);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* create an arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto loser;
- }
-
- /* decode the outer wrapping of signed data */
- PORT_Memset(&sd, 0, sizeof(CERTSignedData));
- rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, &signedItem );
- if ( rv ) {
- goto loser;
- }
-
- /* decode the public key and challenge wrapper */
- PORT_Memset(&pkac, 0, sizeof(CERTPublicKeyAndChallenge));
- rv = SEC_ASN1DecodeItem(arena, &pkac, CERT_PublicKeyAndChallengeTemplate,
- &sd.data);
- if ( rv ) {
- goto loser;
- }
-
- /* decode the subject public key info */
- spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&pkac.spki);
- if ( spki == NULL ) {
- goto loser;
- }
-
- /* get the public key */
- pubKey = seckey_ExtractPublicKey(spki);
- if ( pubKey == NULL ) {
- goto loser;
- }
-
- /* check the signature */
- sig = sd.signature;
- DER_ConvertBitString(&sig);
- rv = VFY_VerifyData(sd.data.data, sd.data.len, pubKey, &sig,
- SECOID_GetAlgorithmTag(&(sd.signatureAlgorithm)), wincx);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* check the challenge */
- if ( challenge ) {
- len = PORT_Strlen(challenge);
- /* length is right */
- if ( len != pkac.challenge.len ) {
- goto loser;
- }
- /* actual data is right */
- if ( PORT_Memcmp(challenge, pkac.challenge.data, len) != 0 ) {
- goto loser;
- }
- }
- goto done;
-
-loser:
- /* make sure that we return null if we got an error */
- if ( spki ) {
- SECKEY_DestroySubjectPublicKeyInfo(spki);
- }
- spki = NULL;
-
-done:
- if ( signedItem.data ) {
- PORT_Free(signedItem.data);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if ( pubKey ) {
- SECKEY_DestroyPublicKey(pubKey);
- }
-
- return spki;
-}
-
-void
-SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk,
- PRBool freeit)
-{
- PRArenaPool *poolp;
-
- if(pvk != NULL) {
- if(pvk->arena) {
- poolp = pvk->arena;
- /* zero structure since PORT_FreeArena does not support
- * this yet.
- */
- PORT_Memset(pvk->privateKey.data, 0, pvk->privateKey.len);
- PORT_Memset((char *)pvk, 0, sizeof(*pvk));
- if(freeit == PR_TRUE) {
- PORT_FreeArena(poolp, PR_TRUE);
- } else {
- pvk->arena = poolp;
- }
- } else {
- SECITEM_ZfreeItem(&pvk->version, PR_FALSE);
- SECITEM_ZfreeItem(&pvk->privateKey, PR_FALSE);
- SECOID_DestroyAlgorithmID(&pvk->algorithm, PR_FALSE);
- PORT_Memset((char *)pvk, 0, sizeof(pvk));
- if(freeit == PR_TRUE) {
- PORT_Free(pvk);
- }
- }
- }
-}
-
-void
-SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
- PRBool freeit)
-{
- PRArenaPool *poolp;
-
- if(epki != NULL) {
- if(epki->arena) {
- poolp = epki->arena;
- /* zero structure since PORT_FreeArena does not support
- * this yet.
- */
- PORT_Memset(epki->encryptedData.data, 0, epki->encryptedData.len);
- PORT_Memset((char *)epki, 0, sizeof(*epki));
- if(freeit == PR_TRUE) {
- PORT_FreeArena(poolp, PR_TRUE);
- } else {
- epki->arena = poolp;
- }
- } else {
- SECITEM_ZfreeItem(&epki->encryptedData, PR_FALSE);
- SECOID_DestroyAlgorithmID(&epki->algorithm, PR_FALSE);
- PORT_Memset((char *)epki, 0, sizeof(epki));
- if(freeit == PR_TRUE) {
- PORT_Free(epki);
- }
- }
- }
-}
-
-SECStatus
-SECKEY_CopyPrivateKeyInfo(PRArenaPool *poolp,
- SECKEYPrivateKeyInfo *to,
- SECKEYPrivateKeyInfo *from)
-{
- SECStatus rv = SECFailure;
-
- if((to == NULL) || (from == NULL)) {
- return SECFailure;
- }
-
- rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
- if(rv != SECSuccess) {
- return SECFailure;
- }
- rv = SECITEM_CopyItem(poolp, &to->privateKey, &from->privateKey);
- if(rv != SECSuccess) {
- return SECFailure;
- }
- rv = SECITEM_CopyItem(poolp, &to->version, &from->version);
-
- return rv;
-}
-
-SECStatus
-SECKEY_CopyEncryptedPrivateKeyInfo(PRArenaPool *poolp,
- SECKEYEncryptedPrivateKeyInfo *to,
- SECKEYEncryptedPrivateKeyInfo *from)
-{
- SECStatus rv = SECFailure;
-
- if((to == NULL) || (from == NULL)) {
- return SECFailure;
- }
-
- rv = SECOID_CopyAlgorithmID(poolp, &to->algorithm, &from->algorithm);
- if(rv != SECSuccess) {
- return SECFailure;
- }
- rv = SECITEM_CopyItem(poolp, &to->encryptedData, &from->encryptedData);
-
- return rv;
-}
-
-KeyType
-SECKEY_GetPrivateKeyType(SECKEYPrivateKey *privKey)
-{
- return privKey->keyType;
-}
-
-KeyType
-SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey)
-{
- return pubKey->keyType;
-}
-
-SECKEYPublicKey*
-SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type)
-{
- SECKEYPublicKey *pubk = NULL;
- SECStatus rv = SECFailure;
-
- pubk = PORT_ZNew(SECKEYPublicKey);
- if(pubk == NULL) {
- goto finish;
- }
- pubk->arena = NULL;
- pubk->pkcs11Slot = NULL;
- pubk->pkcs11ID = CK_INVALID_HANDLE;
- pubk->keyType = (type == CKK_RSA) ? rsaKey : dsaKey;
-
- if( type == CKK_RSA) {
- rv = SEC_ASN1DecodeItem(NULL, pubk, SECKEY_RSAPublicKeyTemplate,
- derKey);
- } else if( type == CKK_DSA) {
- rv = SEC_ASN1DecodeItem(NULL, pubk, SECKEY_DSAPublicKeyTemplate,
- derKey);
- } else {
- rv = SECFailure;
- }
-
-finish:
- if( rv != SECSuccess && pubk != NULL) {
- PORT_Free(pubk);
- pubk = NULL;
- }
- return pubk;
-}
-
-SECKEYPrivateKeyList*
-SECKEY_NewPrivateKeyList(void)
-{
- PRArenaPool *arena = NULL;
- SECKEYPrivateKeyList *ret = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- ret = (SECKEYPrivateKeyList *)PORT_ArenaZAlloc(arena,
- sizeof(SECKEYPrivateKeyList));
- if ( ret == NULL ) {
- goto loser;
- }
-
- ret->arena = arena;
-
- PR_INIT_CLIST(&ret->list);
-
- return(ret);
-
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-void
-SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys)
-{
- while( !PR_CLIST_IS_EMPTY(&keys->list) ) {
- SECKEY_RemovePrivateKeyListNode(
- (SECKEYPrivateKeyListNode*)(PR_LIST_HEAD(&keys->list)) );
- }
-
- PORT_FreeArena(keys->arena, PR_FALSE);
-
- return;
-}
-
-
-void
-SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node)
-{
- PR_ASSERT(node->key);
- SECKEY_DestroyPrivateKey(node->key);
- node->key = NULL;
- PR_REMOVE_LINK(&node->links);
- return;
-
-}
-
-SECStatus
-SECKEY_AddPrivateKeyToListTail( SECKEYPrivateKeyList *list,
- SECKEYPrivateKey *key)
-{
- SECKEYPrivateKeyListNode *node;
-
- node = (SECKEYPrivateKeyListNode *)PORT_ArenaZAlloc(list->arena,
- sizeof(SECKEYPrivateKeyListNode));
- if ( node == NULL ) {
- goto loser;
- }
-
- PR_INSERT_BEFORE(&node->links, &list->list);
- node->key = key;
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
diff --git a/security/nss/lib/cryptohi/secsign.c b/security/nss/lib/cryptohi/secsign.c
deleted file mode 100644
index 98131c6eb..000000000
--- a/security/nss/lib/cryptohi/secsign.c
+++ /dev/null
@@ -1,500 +0,0 @@
-/*
- * Signature stuff.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include "cryptohi.h"
-#include "sechash.h"
-#include "secder.h"
-#include "keyhi.h"
-#include "secoid.h"
-#include "secdig.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-struct SGNContextStr {
- SECOidTag signalg;
- SECOidTag hashalg;
- void *hashcx;
- const SECHashObject *hashobj;
- SECKEYPrivateKey *key;
-};
-
-SGNContext *
-SGN_NewContext(SECOidTag alg, SECKEYPrivateKey *key)
-{
- SGNContext *cx;
- SECOidTag hashalg, signalg;
- KeyType keyType;
-
- /* OK, map a PKCS #7 hash and encrypt algorithm into
- * a standard hashing algorithm. Why did we pass in the whole
- * PKCS #7 algTag if we were just going to change here you might
- * ask. Well the answer is for some cards we may have to do the
- * hashing on card. It may not support CKM_RSA_PKCS sign algorithm,
- * it may just support CKM_RSA_PKCS_WITH_SHA1 and/or CKM_RSA_PKCS_WITH_MD5.
- */
- switch (alg) {
- /* We probably shouldn't be generating MD2 signatures either */
- case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
- hashalg = SEC_OID_MD2;
- signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
- keyType = rsaKey;
- break;
- case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
- hashalg = SEC_OID_MD5;
- signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
- keyType = rsaKey;
- break;
- case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
- case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
- hashalg = SEC_OID_SHA1;
- signalg = SEC_OID_PKCS1_RSA_ENCRYPTION;
- keyType = rsaKey;
- break;
- /* what about normal DSA? */
- case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- hashalg = SEC_OID_SHA1;
- signalg = SEC_OID_ANSIX9_DSA_SIGNATURE;
- keyType = dsaKey;
- break;
- case SEC_OID_MISSI_DSS:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_DSS_OLD:
- hashalg = SEC_OID_SHA1;
- signalg = SEC_OID_MISSI_DSS; /* XXX Is there a better algid? */
- keyType = fortezzaKey;
- break;
- /* we don't implement MD4 hashes.
- * we *CERTAINLY* don't want to sign one! */
- case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return 0;
- }
-
- /* verify our key type */
- if (key->keyType != keyType &&
- !((key->keyType == dsaKey) && (keyType == fortezzaKey)) &&
- !((key->keyType == fortezzaKey) && (keyType == dsaKey)) ) {
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return 0;
- }
-
- cx = (SGNContext*) PORT_ZAlloc(sizeof(SGNContext));
- if (cx) {
- cx->hashalg = hashalg;
- cx->signalg = signalg;
- cx->key = key;
- }
- return cx;
-}
-
-void
-SGN_DestroyContext(SGNContext *cx, PRBool freeit)
-{
- if (cx) {
- if (cx->hashcx != NULL) {
- (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
- cx->hashcx = NULL;
- }
- if (freeit) {
- PORT_ZFree(cx, sizeof(SGNContext));
- }
- }
-}
-
-SECStatus
-SGN_Begin(SGNContext *cx)
-{
- if (cx->hashcx != NULL) {
- (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
- cx->hashcx = NULL;
- }
-
- switch (cx->hashalg) {
- case SEC_OID_MD2:
- cx->hashobj = &SECHashObjects[HASH_AlgMD2];
- break;
- case SEC_OID_MD5:
- cx->hashobj = &SECHashObjects[HASH_AlgMD5];
- break;
- case SEC_OID_SHA1:
- cx->hashobj = &SECHashObjects[HASH_AlgSHA1];
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return SECFailure;
- }
-
- cx->hashcx = (*cx->hashobj->create)();
- if (cx->hashcx == NULL)
- return SECFailure;
-
- (*cx->hashobj->begin)(cx->hashcx);
- return SECSuccess;
-}
-
-SECStatus
-SGN_Update(SGNContext *cx, unsigned char *input, unsigned inputLen)
-{
- if (cx->hashcx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- (*cx->hashobj->update)(cx->hashcx, input, inputLen);
- return SECSuccess;
-}
-
-SECStatus
-SGN_End(SGNContext *cx, SECItem *result)
-{
- unsigned char digest[32];
- unsigned part1, signatureLen;
- SECStatus rv;
- SECItem digder, sigitem;
- PRArenaPool *arena = 0;
- SECKEYPrivateKey *privKey = cx->key;
- SGNDigestInfo *di = 0;
-
-
- result->data = 0;
- digder.data = 0;
-
- /* Finish up digest function */
- if (cx->hashcx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- (*cx->hashobj->end)(cx->hashcx, digest, &part1, sizeof(digest));
-
-
- if (privKey->keyType == rsaKey) {
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- rv = SECFailure;
- goto loser;
- }
-
- /* Construct digest info */
- di = SGN_CreateDigestInfo(cx->hashalg, digest, part1);
- if (!di) {
- rv = SECFailure;
- goto loser;
- }
-
- /* Der encode the digest as a DigestInfo */
- rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- digder.data = digest;
- digder.len = part1;
- }
-
- /*
- ** Encrypt signature after constructing appropriate PKCS#1 signature
- ** block
- */
- signatureLen = PK11_SignatureLen(privKey);
- sigitem.len = signatureLen;
- sigitem.data = (unsigned char*) PORT_Alloc(signatureLen);
-
- if (sigitem.data == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = PK11_Sign(privKey, &sigitem, &digder);
- if (rv != SECSuccess) {
- PORT_Free(sigitem.data);
- sigitem.data = NULL;
- }
-
- if (cx->signalg == SEC_OID_ANSIX9_DSA_SIGNATURE) {
- rv = DSAU_EncodeDerSig(result, &sigitem);
- PORT_Free(sigitem.data);
- if (rv != SECSuccess)
- goto loser;
- } else {
- result->len = sigitem.len;
- result->data = sigitem.data;
- }
-
- loser:
- SGN_DestroyDigestInfo(di);
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return rv;
-}
-
-/************************************************************************/
-
-/*
-** Sign a block of data returning in result a bunch of bytes that are the
-** signature. Returns zero on success, an error code on failure.
-*/
-SECStatus
-SEC_SignData(SECItem *res, unsigned char *buf, int len,
- SECKEYPrivateKey *pk, SECOidTag algid)
-{
- SECStatus rv;
- SGNContext *sgn;
-
-
- sgn = SGN_NewContext(algid, pk);
-
- if (sgn == NULL)
- return SECFailure;
-
- rv = SGN_Begin(sgn);
- if (rv != SECSuccess)
- goto loser;
-
- rv = SGN_Update(sgn, buf, len);
- if (rv != SECSuccess)
- goto loser;
-
- rv = SGN_End(sgn, res);
-
- loser:
- SGN_DestroyContext(sgn, PR_TRUE);
- return rv;
-}
-
-/*
-** Sign the input file's contents returning in result a bunch of bytes
-** that are the signature. Returns zero on success, an error code on
-** failure.
-*/
-SECStatus
-SEC_SignFile(SECItem *result, FILE *input,
- SECKEYPrivateKey *pk, SECOidTag algid)
-{
- unsigned char buf[1024];
- SECStatus rv;
- int nb;
- SGNContext *sgn;
-
- sgn = SGN_NewContext(algid, pk);
- if (sgn == NULL)
- return SECFailure;
- rv = SGN_Begin(sgn);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- ** Now feed the contents of the input file into the digest
- ** algorithm, one chunk at a time, until we have exhausted the
- ** input
- */
- for (;;) {
- if (feof(input)) break;
- nb = fread(buf, 1, sizeof(buf), input);
- if (nb == 0) {
- if (ferror(input)) {
- PORT_SetError(SEC_ERROR_IO);
- rv = SECFailure;
- goto loser;
- }
- break;
- }
- rv = SGN_Update(sgn, buf, nb);
- if (rv != SECSuccess)
- goto loser;
- }
-
- /* Sign the digest */
- rv = SGN_End(sgn, result);
- /* FALL THROUGH */
-
- loser:
- SGN_DestroyContext(sgn, PR_TRUE);
- return rv;
-}
-
-/************************************************************************/
-
-DERTemplate CERTSignedDataTemplate[] =
-{
- { DER_SEQUENCE,
- 0, NULL, sizeof(CERTSignedData) },
- { DER_ANY,
- offsetof(CERTSignedData,data), },
- { DER_INLINE,
- offsetof(CERTSignedData,signatureAlgorithm),
- SECAlgorithmIDTemplate, },
- { DER_BIT_STRING,
- offsetof(CERTSignedData,signature), },
- { 0, }
-};
-
-const SEC_ASN1Template CERT_SignedDataTemplate[] =
-{
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTSignedData) },
- { SEC_ASN1_ANY,
- offsetof(CERTSignedData,data), },
- { SEC_ASN1_INLINE,
- offsetof(CERTSignedData,signatureAlgorithm),
- SECOID_AlgorithmIDTemplate, },
- { SEC_ASN1_BIT_STRING,
- offsetof(CERTSignedData,signature), },
- { 0, }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SignedDataTemplate)
-
-
-SECStatus
-SEC_DerSignData(PRArenaPool *arena, SECItem *result,
- unsigned char *buf, int len, SECKEYPrivateKey *pk, SECOidTag algID)
-{
- SECItem it;
- CERTSignedData sd;
- SECStatus rv;
-
- it.data = 0;
-
- /* XXX We should probably have some asserts here to make sure the key type
- * and algID match
- */
-
- if (algID == SEC_OID_UNKNOWN) {
- switch(pk->keyType) {
- case rsaKey:
- algID = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
- break;
- case dsaKey:
- algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- break;
- default:
- return SECFailure;
- break;
- }
- }
-
- /* Sign input buffer */
- rv = SEC_SignData(&it, buf, len, pk, algID);
- if (rv) goto loser;
-
- /* Fill out SignedData object */
- PORT_Memset(&sd, 0, sizeof(sd));
- sd.data.data = buf;
- sd.data.len = len;
- sd.signature.data = it.data;
- sd.signature.len = it.len << 3; /* convert to bit string */
- rv = SECOID_SetAlgorithmID(arena, &sd.signatureAlgorithm, algID, 0);
- if (rv) goto loser;
-
- /* DER encode the signed data object */
- rv = DER_Encode(arena, result, CERTSignedDataTemplate, &sd);
- /* FALL THROUGH */
-
- loser:
- PORT_Free(it.data);
- return rv;
-}
-
-SECStatus
-SGN_Digest(SECKEYPrivateKey *privKey,
- SECOidTag algtag, SECItem *result, SECItem *digest)
-{
- unsigned modulusLen;
- SECStatus rv;
- SECItem digder;
- PRArenaPool *arena = 0;
- SGNDigestInfo *di = 0;
-
-
- result->data = 0;
-
- if (privKey->keyType == rsaKey) {
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) {
- rv = SECFailure;
- goto loser;
- }
-
- /* Construct digest info */
- di = SGN_CreateDigestInfo(algtag, digest->data, digest->len);
- if (!di) {
- rv = SECFailure;
- goto loser;
- }
-
- /* Der encode the digest as a DigestInfo */
- rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- digder.data = digest->data;
- digder.len = digest->len;
- }
-
- /*
- ** Encrypt signature after constructing appropriate PKCS#1 signature
- ** block
- */
- modulusLen = PK11_SignatureLen(privKey);
- result->len = modulusLen;
- result->data = (unsigned char*) PORT_Alloc(modulusLen);
-
- if (result->data == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = PK11_Sign(privKey, result, &digder);
- if (rv != SECSuccess) {
- PORT_Free(result->data);
- result->data = NULL;
- }
-
- loser:
- SGN_DestroyDigestInfo(di);
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return rv;
-}
diff --git a/security/nss/lib/cryptohi/secvfy.c b/security/nss/lib/cryptohi/secvfy.c
deleted file mode 100644
index bf63dd070..000000000
--- a/security/nss/lib/cryptohi/secvfy.c
+++ /dev/null
@@ -1,494 +0,0 @@
-/*
- * Verification stuff.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include "cryptohi.h"
-#include "sechash.h"
-#include "keyhi.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secdig.h"
-#include "secerr.h"
-
-/*
-** Decrypt signature block using public key (in place)
-** XXX this is assuming that the signature algorithm has WITH_RSA_ENCRYPTION
-*/
-static SECStatus
-DecryptSigBlock(int *tagp, unsigned char *digest, SECKEYPublicKey *key,
- SECItem *sig, char *wincx)
-{
- SGNDigestInfo *di = NULL;
- unsigned char *dsig = NULL;
- unsigned char *buf = NULL;
- SECStatus rv;
- SECOidTag tag;
- SECItem it;
-
- if (key == NULL) goto loser;
-
- it.len = SECKEY_PublicKeyStrength(key);
- if (!it.len) goto loser;
- it.data = buf = (unsigned char *)PORT_Alloc(it.len);
- if (!buf) goto loser;
-
- /* Decrypt signature block */
- dsig = (unsigned char*) PORT_Alloc(sig->len);
- if (dsig == NULL) goto loser;
-
- /* decrypt the block */
- rv = PK11_VerifyRecover(key, sig, &it, wincx);
- if (rv != SECSuccess) goto loser;
-
- di = SGN_DecodeDigestInfo(&it);
- if (di == NULL) goto sigloser;
-
- /*
- ** Finally we have the digest info; now we can extract the algorithm
- ** ID and the signature block
- */
- tag = SECOID_GetAlgorithmTag(&di->digestAlgorithm);
- /* XXX Check that tag is an appropriate algorithm? */
- if (di->digest.len > 32) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- goto loser;
- }
- PORT_Memcpy(digest, di->digest.data, di->digest.len);
- *tagp = tag;
- goto done;
-
- sigloser:
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-
- loser:
- rv = SECFailure;
-
- done:
- if (di != NULL) SGN_DestroyDigestInfo(di);
- if (dsig != NULL) PORT_Free(dsig);
- if (buf != NULL) PORT_Free(buf);
-
- return rv;
-}
-
-typedef enum { VFY_RSA, VFY_DSA} VerifyType;
-
-struct VFYContextStr {
- SECOidTag alg;
- VerifyType type;
- SECKEYPublicKey *key;
- /* digest holds the full dsa signature... 40 bytes */
- unsigned char digest[DSA_SIGNATURE_LEN];
- void * wincx;
- void *hashcx;
- const SECHashObject *hashobj;
- SECOidTag sigAlg;
- PRBool hasSignature;
-};
-
-/*
- * decode the DSA signature from it's DER wrapping.
- */
-static SECStatus
-decodeDSASignature(SECOidTag algid, SECItem *sig, unsigned char *digest) {
- SECItem *dsasig = NULL;
- SECStatus rv=SECSuccess;
-
- /* if this is a DER encoded signature, decode it first */
- if ((algid == SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) ||
- (algid == SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) ||
- (algid == SEC_OID_ANSIX9_DSA_SIGNATURE)) {
- dsasig = DSAU_DecodeDerSig(sig);
- if ((dsasig == NULL) || (dsasig->len != DSA_SIGNATURE_LEN)) {
- rv = SECFailure;
- goto loser;
- }
- PORT_Memcpy(digest, dsasig->data, dsasig->len);
- } else {
- if (sig->len != DSA_SIGNATURE_LEN) {
- rv = SECFailure;
- goto loser;
- }
- PORT_Memcpy(digest, sig->data, sig->len);
- }
-
-loser:
- if (dsasig != NULL)
- SECITEM_FreeItem(dsasig, PR_TRUE);
- return rv;
-
-}
-/*
- * Pulls the hash algorithm, signing algorithm, and key type out of a
- * composite algorithm.
- *
- * alg: the composite algorithm to dissect.
- * hashalg: address of a SECOidTag which will be set with the hash algorithm.
- * signalg: address of a SECOidTag which will be set with the signing alg.
- * keyType: address of a KeyType which will be set with the key type.
- * Returns: SECSuccess if the algorithm was acceptable, SECFailure if the
- * algorithm was not found or was not a signing algorithm.
- */
-static SECStatus
-decodeSigAlg(SECOidTag alg, SECOidTag *hashalg)
-{
- PR_ASSERT(hashalg!=NULL);
-
- switch (alg) {
- /* We probably shouldn't be generating MD2 signatures either */
- case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
- *hashalg = SEC_OID_MD2;
- return SECSuccess;
- case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
- *hashalg = SEC_OID_MD5;
- return SECSuccess;
- case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
- case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
- *hashalg = SEC_OID_SHA1;
- return SECSuccess;
- /* what about normal DSA? */
- case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- *hashalg = SEC_OID_SHA1;
- return SECSuccess;
- case SEC_OID_MISSI_DSS:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_DSS_OLD:
- *hashalg = SEC_OID_SHA1;
- return SECSuccess;
- /* we don't implement MD4 hashes */
- case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
- default:
- break;
- }
- return SECFailure;
-}
-
-VFYContext *
-VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig, SECOidTag algid,
- void *wincx)
-{
- VFYContext *cx;
- SECStatus rv;
-
- cx = (VFYContext*) PORT_ZAlloc(sizeof(VFYContext));
- if (cx) {
- cx->wincx = wincx;
- cx->hasSignature = (sig != NULL);
- cx->sigAlg = algid;
- rv = SECSuccess;
- switch (key->keyType) {
- case rsaKey:
- cx->type = VFY_RSA;
- cx->key = SECKEY_CopyPublicKey(key); /* extra safety precautions */
- if (sig) {
- int hashid;
- rv = DecryptSigBlock(&hashid, &cx->digest[0],
- key, sig, (char*)wincx);
- cx->alg = hashid;
- } else {
- rv = decodeSigAlg(algid,&cx->alg);
- }
- break;
- case fortezzaKey:
- case dsaKey:
- cx->type = VFY_DSA;
- cx->alg = SEC_OID_SHA1;
- cx->key = SECKEY_CopyPublicKey(key);
- if (sig) {
- rv = decodeDSASignature(algid,sig,&cx->digest[0]);
- }
- break;
- default:
- rv = SECFailure;
- break;
- }
- if (rv) goto loser;
- switch (cx->alg) {
- case SEC_OID_MD2:
- case SEC_OID_MD5:
- case SEC_OID_SHA1:
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- goto loser;
- }
- }
- return cx;
-
- loser:
- VFY_DestroyContext(cx, PR_TRUE);
- return 0;
-}
-
-void
-VFY_DestroyContext(VFYContext *cx, PRBool freeit)
-{
- if (cx) {
- if (cx->hashcx != NULL) {
- (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
- cx->hashcx = NULL;
- }
- if (cx->key) {
- SECKEY_DestroyPublicKey(cx->key);
- }
- if (freeit) {
- PORT_ZFree(cx, sizeof(VFYContext));
- }
- }
-}
-
-SECStatus
-VFY_Begin(VFYContext *cx)
-{
- if (cx->hashcx != NULL) {
- (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
- cx->hashcx = NULL;
- }
-
- switch (cx->alg) {
- case SEC_OID_MD2:
- cx->hashobj = &SECHashObjects[HASH_AlgMD2];
- break;
- case SEC_OID_MD5:
- cx->hashobj = &SECHashObjects[HASH_AlgMD5];
- break;
- case SEC_OID_SHA1:
- cx->hashobj = &SECHashObjects[HASH_AlgSHA1];
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return SECFailure;
- }
-
- cx->hashcx = (*cx->hashobj->create)();
- if (cx->hashcx == NULL)
- return SECFailure;
-
- (*cx->hashobj->begin)(cx->hashcx);
- return SECSuccess;
-}
-
-SECStatus
-VFY_Update(VFYContext *cx, unsigned char *input, unsigned inputLen)
-{
- if (cx->hashcx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- (*cx->hashobj->update)(cx->hashcx, input, inputLen);
- return SECSuccess;
-}
-
-SECStatus
-VFY_EndWithSignature(VFYContext *cx, SECItem *sig)
-{
- unsigned char final[32];
- unsigned part;
- SECItem hash,dsasig;
- SECStatus rv;
-
- if ((cx->hasSignature == PR_FALSE) && (sig == NULL)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (cx->hashcx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- (*cx->hashobj->end)(cx->hashcx, final, &part, sizeof(final));
- switch (cx->type) {
- case VFY_DSA:
- if (sig) {
- rv = decodeDSASignature(cx->sigAlg,sig,&cx->digest[0]);
- if (rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- }
- dsasig.data = cx->digest;
- dsasig.len = DSA_SIGNATURE_LEN; /* magic size of dsa signature */
- hash.data = final;
- hash.len = part;
- if (PK11_Verify(cx->key,&dsasig,&hash,cx->wincx) != SECSuccess) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- break;
- case VFY_RSA:
- if (sig) {
- int hashid;
- rv = DecryptSigBlock(&hashid, &cx->digest[0],
- cx->key, sig, (char*)cx->wincx);
- if ((rv != SECSuccess) || (hashid != cx->alg)) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- }
- if (PORT_Memcmp(final, cx->digest, part)) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- break;
- default:
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure; /* shouldn't happen */
- }
- return SECSuccess;
-}
-
-SECStatus
-VFY_End(VFYContext *cx)
-{
- return VFY_EndWithSignature(cx,NULL);
-}
-
-/************************************************************************/
-/*
- * Verify that a previously-computed digest matches a signature.
- * XXX This should take a parameter that specifies the digest algorithm,
- * and we should compare that the algorithm found in the DigestInfo
- * matches it!
- */
-SECStatus
-VFY_VerifyDigest(SECItem *digest, SECKEYPublicKey *key, SECItem *sig,
- SECOidTag algid, void *wincx)
-{
- SECStatus rv;
- VFYContext *cx;
- SECItem dsasig;
-
- rv = SECFailure;
-
- cx = VFY_CreateContext(key, sig, algid, wincx);
- if (cx != NULL) {
- switch (key->keyType) {
- case rsaKey:
- if (PORT_Memcmp(digest->data, cx->digest, digest->len)) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- } else {
- rv = SECSuccess;
- }
- break;
- case fortezzaKey:
- case dsaKey:
- dsasig.data = &cx->digest[0];
- dsasig.len = DSA_SIGNATURE_LEN; /* magic size of dsa signature */
- if (PK11_Verify(cx->key, &dsasig, digest, cx->wincx) != SECSuccess) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- } else {
- rv = SECSuccess;
- }
- break;
- default:
- break;
- }
- VFY_DestroyContext(cx, PR_TRUE);
- }
- return rv;
-}
-
-SECStatus
-VFY_VerifyData(unsigned char *buf, int len, SECKEYPublicKey *key,
- SECItem *sig, SECOidTag algid, void *wincx)
-{
- SECStatus rv;
- VFYContext *cx;
-
- cx = VFY_CreateContext(key, sig, algid, wincx);
- if (cx == NULL)
- return SECFailure;
-
- rv = VFY_Begin(cx);
- if (rv == SECSuccess) {
- rv = VFY_Update(cx, buf, len);
- if (rv == SECSuccess)
- rv = VFY_End(cx);
- }
-
- VFY_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-SECStatus
-SEC_VerifyFile(FILE *input, SECKEYPublicKey *key, SECItem *sig,
- SECOidTag algid, void *wincx)
-{
- unsigned char buf[1024];
- SECStatus rv;
- int nb;
- VFYContext *cx;
-
- cx = VFY_CreateContext(key, sig, algid, wincx);
- if (cx == NULL)
- rv = SECFailure;
-
- rv = VFY_Begin(cx);
- if (rv == SECSuccess) {
- /*
- * Now feed the contents of the input file into the digest algorithm,
- * one chunk at a time, until we have exhausted the input.
- */
- for (;;) {
- if (feof(input))
- break;
- nb = fread(buf, 1, sizeof(buf), input);
- if (nb == 0) {
- if (ferror(input)) {
- PORT_SetError(SEC_ERROR_IO);
- VFY_DestroyContext(cx, PR_TRUE);
- return SECFailure;
- }
- break;
- }
- rv = VFY_Update(cx, buf, nb);
- if (rv != SECSuccess)
- goto loser;
- }
- }
-
- /* Verify the digest */
- rv = VFY_End(cx);
- /* FALL THROUGH */
-
- loser:
- VFY_DestroyContext(cx, PR_TRUE);
- return rv;
-}
diff --git a/security/nss/lib/dev/Makefile b/security/nss/lib/dev/Makefile
deleted file mode 100644
index 4cbbfed70..000000000
--- a/security/nss/lib/dev/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/dev/ckhelper.c b/security/nss/lib/dev/ckhelper.c
deleted file mode 100644
index 8f1d200fb..000000000
--- a/security/nss/lib/dev/ckhelper.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifdef NSS_3_4_CODE
-#include "pkcs11.h"
-#else
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-#endif /* NSS_3_4_CODE */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-static const CK_BBOOL s_true = CK_TRUE;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_true = { (CK_VOID_PTR)&s_true, sizeof(s_true) };
-
-static const CK_BBOOL s_false = CK_FALSE;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_false = { (CK_VOID_PTR)&s_false, sizeof(s_false) };
-
-static const CK_OBJECT_CLASS s_class_cert = CKO_CERTIFICATE;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_class_cert = { (CK_VOID_PTR)&s_class_cert, sizeof(s_class_cert) };
-
-static const CK_OBJECT_CLASS s_class_pubkey = CKO_PUBLIC_KEY;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_class_pubkey = { (CK_VOID_PTR)&s_class_pubkey, sizeof(s_class_pubkey) };
-
-static const CK_OBJECT_CLASS s_class_privkey = CKO_PRIVATE_KEY;
-NSS_IMPLEMENT_DATA const NSSItem
-g_ck_class_privkey = { (CK_VOID_PTR)&s_class_privkey, sizeof(s_class_privkey) };
-
-NSS_IMPLEMENT PRStatus
-nssCKObject_GetAttributes
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG count,
- NSSArena *arenaOpt,
- nssSession *session,
- NSSSlot *slot
-)
-{
- nssArenaMark *mark;
- CK_SESSION_HANDLE hSession;
- CK_ULONG i;
- CK_RV ckrv;
- PRStatus nssrv;
- PRBool alloced = PR_FALSE;
- hSession = session->handle;
- if (arenaOpt) {
- mark = nssArena_Mark(arenaOpt);
- if (!mark) {
- goto loser;
- }
- }
- nssSession_EnterMonitor(session);
- /* XXX kinda hacky, if the storage size is already in the first template
- * item, then skip the alloc portion
- */
- if (obj_template[0].ulValueLen == 0) {
- /* Get the storage size needed for each attribute */
- ckrv = CKAPI(slot)->C_GetAttributeValue(hSession,
- object, obj_template, count);
- if (ckrv != CKR_OK &&
- ckrv != CKR_ATTRIBUTE_TYPE_INVALID &&
- ckrv != CKR_ATTRIBUTE_SENSITIVE)
- {
- nssSession_ExitMonitor(session);
- /* set an error here */
- goto loser;
- }
- /* Allocate memory for each attribute. */
- for (i=0; i<count; i++) {
- if ((CK_LONG)obj_template[i].ulValueLen <= 0) continue;
- obj_template[i].pValue = nss_ZAlloc(arenaOpt,
- obj_template[i].ulValueLen);
- if (!obj_template[i].pValue) {
- nssSession_ExitMonitor(session);
- goto loser;
- }
- }
- alloced = PR_TRUE;
- }
- /* Obtain the actual attribute values. */
- ckrv = CKAPI(slot)->C_GetAttributeValue(hSession,
- object, obj_template, count);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK &&
- ckrv != CKR_ATTRIBUTE_TYPE_INVALID &&
- ckrv != CKR_ATTRIBUTE_SENSITIVE)
- {
- /* set an error here */
- goto loser;
- }
- if (alloced && arenaOpt) {
- nssrv = nssArena_Unmark(arenaOpt, mark);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- }
- return PR_SUCCESS;
-loser:
- if (alloced) {
- if (arenaOpt) {
- /* release all arena memory allocated before the failure. */
- (void)nssArena_Release(arenaOpt, mark);
- } else {
- CK_ULONG j;
- /* free each heap object that was allocated before the failure. */
- for (j=0; j<i; j++) {
- nss_ZFreeIf(obj_template[j].pValue);
- }
- }
- }
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssCKObject_GetAttributeItem
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_TYPE attribute,
- NSSArena *arenaOpt,
- nssSession *session,
- NSSSlot *slot,
- NSSItem *rvItem
-)
-{
- CK_ATTRIBUTE attr = { 0, NULL, 0 };
- PRStatus nssrv;
- attr.type = attribute;
- nssrv = nssCKObject_GetAttributes(object, &attr, 1,
- arenaOpt, session, slot);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
- rvItem->data = (void *)attr.pValue;
- rvItem->size = (PRUint32)attr.ulValueLen;
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRBool
-nssCKObject_IsAttributeTrue
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_TYPE attribute,
- nssSession *session,
- NSSSlot *slot,
- PRStatus *rvStatus
-)
-{
- CK_BBOOL bool;
- CK_ATTRIBUTE attr = { 0, NULL, 0 };
- CK_RV ckrv;
- attr.type = attribute;
- NSS_CK_SET_ATTRIBUTE_VAR(&attr, 0, bool);
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(slot)->C_GetAttributeValue(session->handle, object, &attr, 1);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- *rvStatus = PR_FAILURE;
- return PR_FALSE;
- }
- *rvStatus = PR_SUCCESS;
- return (PRBool)(bool == CK_TRUE);
-}
-
-NSS_IMPLEMENT PRStatus
-nssCKObject_SetAttributes
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG count,
- nssSession *session,
- NSSSlot *slot
-)
-{
- CK_RV ckrv;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(slot)->C_SetAttributeValue(session->handle, object,
- obj_template, count);
- nssSession_ExitMonitor(session);
- if (ckrv == CKR_OK) {
- return PR_SUCCESS;
- } else {
- return PR_FAILURE;
- }
-}
-
-NSS_IMPLEMENT PRBool
-nssCKObject_IsTokenObjectTemplate
-(
- CK_ATTRIBUTE_PTR objectTemplate,
- CK_ULONG otsize
-)
-{
- CK_ULONG ul;
- for (ul=0; ul<otsize; ul++) {
- if (objectTemplate[ul].type == CKA_TOKEN) {
- return (*((CK_BBOOL*)objectTemplate[ul].pValue) == CK_TRUE);
- }
- }
- return PR_FALSE;
-}
-
diff --git a/security/nss/lib/dev/ckhelper.h b/security/nss/lib/dev/ckhelper.h
deleted file mode 100644
index d1da20500..000000000
--- a/security/nss/lib/dev/ckhelper.h
+++ /dev/null
@@ -1,161 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ckhelper.h
- *
- * This file contains some helper utilities for interaction with cryptoki.
- */
-
-#ifndef CKHELPER_H
-#define CKHELPER_H
-
-#ifdef DEBUG
-static const char CKHELPER_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-PR_BEGIN_EXTERN_C
-
-/* Shortcut to cryptoki API functions. */
-#define CKAPI(x) \
- ((CK_FUNCTION_LIST_PTR)((x)->epv))
-
-/* Some globals to keep from constantly redeclaring common cryptoki
- * attribute types on the stack.
- */
-
-/* Boolean values */
-NSS_EXTERN_DATA const NSSItem g_ck_true;
-NSS_EXTERN_DATA const NSSItem g_ck_false;
-
-/* Object classes */
-NSS_EXTERN_DATA const NSSItem g_ck_class_cert;
-NSS_EXTERN_DATA const NSSItem g_ck_class_pubkey;
-NSS_EXTERN_DATA const NSSItem g_ck_class_privkey;
-
-#define NSS_CK_SET_ATTRIBUTE_VAR(cktemplate, index, var) \
- (cktemplate)[index].pValue = (CK_VOID_PTR)&var; \
- (cktemplate)[index].ulValueLen = (CK_ULONG)sizeof(var)
-
-/* so, nssUTF8_Size or nssUTF8_Length? \0 or no? */
-#define NSS_CK_SET_ATTRIBUTE_UTF8(cktemplate, index, utf8) \
- (cktemplate)[index].pValue = (CK_VOID_PTR)utf8; \
- (cktemplate)[index].ulValueLen = (CK_ULONG)nssUTF8_Size(utf8, NULL);
-
-#define NSS_CK_SET_ATTRIBUTE_ITEM(cktemplate, index, item) \
- (cktemplate)[index].pValue = (CK_VOID_PTR)(item)->data; \
- (cktemplate)[index].ulValueLen = (CK_ULONG)(item)->size;
-
-/* NSS_CK_ATTRIBUTE_TO_ITEM(attrib, item)
- *
- * Convert a CK_ATTRIBUTE to an NSSItem.
- */
-#define NSS_CK_ATTRIBUTE_TO_ITEM(attrib, item) \
- if ((CK_LONG)(attrib)->ulValueLen > 0) { \
- (item)->data = (void *)(attrib)->pValue; \
- (item)->size = (PRUint32)(attrib)->ulValueLen; \
- }
-
-/* NSS_CK_ATTRIBUTE_TO_UTF8(attrib, str)
- *
- * Convert a CK_ATTRIBUTE to a string.
- */
-#define NSS_CK_ATTRIBUTE_TO_UTF8(attrib, str) \
- str = (NSSUTF8 *)((attrib)->pValue);
-
-/* NSS_CK_ITEM_TO_ATTRIBUTE(item, attrib)
- *
- * Convert an NSSItem to a CK_ATTRIBUTE.
- */
-#define NSS_CK_ITEM_TO_ATTRIBUTE(item, attrib) \
- (attrib)->pValue = (CK_VOID_PTR)(item)->data; \
- (attrib)->ulValueLen = (CK_ULONG)(item)->size; \
-
-/* Get an array of attributes from an object. */
-NSS_EXTERN PRStatus
-nssCKObject_GetAttributes
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG count,
- NSSArena *arenaOpt,
- nssSession *session,
- NSSSlot *slot
-);
-
-/* Get a single attribute as an item. */
-NSS_EXTERN PRStatus
-nssCKObject_GetAttributeItem
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_TYPE attribute,
- NSSArena *arenaOpt,
- nssSession *session,
- NSSSlot *slot,
- NSSItem *rvItem
-);
-
-NSS_EXTERN PRBool
-nssCKObject_IsAttributeTrue
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_TYPE attribute,
- nssSession *session,
- NSSSlot *slot,
- PRStatus *rvStatus
-);
-
-NSS_EXTERN PRStatus
-nssCKObject_SetAttributes
-(
- CK_OBJECT_HANDLE object,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG count,
- nssSession *session,
- NSSSlot *slot
-);
-
-NSS_EXTERN PRBool
-nssCKObject_IsTokenObjectTemplate
-(
- CK_ATTRIBUTE_PTR objectTemplate,
- CK_ULONG otsize
-);
-
-PR_END_EXTERN_C
-
-#endif /* CKHELPER_H */
diff --git a/security/nss/lib/dev/config.mk b/security/nss/lib/dev/config.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/dev/config.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/dev/dev.h b/security/nss/lib/dev/dev.h
deleted file mode 100644
index 48ce1d230..000000000
--- a/security/nss/lib/dev/dev.h
+++ /dev/null
@@ -1,435 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEV_H
-#define DEV_H
-
-#ifdef DEBUG
-static const char DEV_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-/*
- * nssdev.h
- *
- * This file prototypes the methods of the low-level cryptoki devices.
- *
- * |-----------|---> NSSSlot <--> NSSToken
- * | NSSModule |---> NSSSlot <--> NSSToken
- * |-----------|---> NSSSlot <--> NSSToken
- */
-
-PR_BEGIN_EXTERN_C
-
-NSS_EXTERN NSSModule *
-nssModule_Create
-(
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt, /* XXX is this where the mech flags go??? */
- void *reserved
- /* XXX more? */
-);
-
-/* This is to use the new loading mechanism. */
-NSS_EXTERN NSSModule *
-nssModule_CreateFromSpec
-(
- NSSUTF8 *moduleSpec
-);
-
-NSS_EXTERN PRStatus
-nssModule_Destroy
-(
- NSSModule *mod
-);
-
-NSS_EXTERN NSSModule *
-nssModule_AddRef
-(
- NSSModule *mod
-);
-
-NSS_EXTERN PRStatus
-nssModule_Load
-(
- NSSModule *mod
-);
-
-NSS_EXTERN PRStatus
-nssModule_Unload
-(
- NSSModule *mod
-);
-
-NSS_EXTERN PRStatus
-nssModule_LogoutAllSlots
-(
- NSSModule *mod
-);
-
-NSS_EXTERN NSSSlot **
-nssModule_GetSlots
-(
- NSSModule *mod
-);
-
-NSS_EXTERN NSSSlot *
-nssModule_FindSlotByName
-(
- NSSModule *mod,
- NSSUTF8 *slotName
-);
-
-NSS_EXTERN NSSToken *
-nssModule_FindTokenByName
-(
- NSSModule *mod,
- NSSUTF8 *tokenName
-);
-
-/* This descends from NSSTrustDomain_TraverseCertificates, a questionable
- * function. Do we want NSS to have access to this at the module level?
- */
-NSS_EXTERN PRStatus *
-nssModule_TraverseCertificates
-(
- NSSModule *mod,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-NSS_EXTERN NSSSlot *
-nssSlot_Create
-(
- NSSArena *arenaOpt,
- CK_SLOT_ID slotId,
- NSSModule *parent
-);
-
-NSS_EXTERN PRStatus
-nssSlot_Destroy
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN NSSSlot *
-nssSlot_AddRef
-(
- NSSSlot *slot
-);
-
-NSS_EXTERN NSSUTF8 *
-nssSlot_GetName
-(
- NSSSlot *slot,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN PRStatus
-nssSlot_Login
-(
- NSSSlot *slot,
- PRBool asSO,
- NSSCallback *pwcb
-);
-extern const NSSError NSS_ERROR_INVALID_PASSWORD;
-extern const NSSError NSS_ERROR_USER_CANCELED;
-
-NSS_EXTERN PRStatus
-nssSlot_Logout
-(
- NSSSlot *slot,
- nssSession *sessionOpt
-);
-
-#define NSSSLOT_ASK_PASSWORD_FIRST_TIME -1
-#define NSSSLOT_ASK_PASSWORD_EVERY_TIME 0
-NSS_EXTERN void
-nssSlot_SetPasswordDefaults
-(
- NSSSlot *slot,
- PRInt32 askPasswordTimeout
-);
-
-NSS_EXTERN PRStatus
-nssSlot_SetPassword
-(
- NSSSlot *slot,
- NSSCallback *pwcb
-);
-extern const NSSError NSS_ERROR_INVALID_PASSWORD;
-extern const NSSError NSS_ERROR_USER_CANCELED;
-
-/*
- * nssSlot_IsLoggedIn
- */
-
-NSS_EXTERN nssSession *
-nssSlot_CreateSession
-(
- NSSSlot *slot,
- NSSArena *arenaOpt,
- PRBool readWrite /* so far, this is the only flag used */
-);
-
-NSS_EXTERN NSSToken *
-nssToken_Create
-(
- NSSArena *arenaOpt,
- CK_SLOT_ID slotID,
- NSSSlot *parent
-);
-
-NSS_EXTERN PRStatus
-nssToken_Destroy
-(
- NSSToken *tok
-);
-
-NSS_EXTERN NSSToken *
-nssToken_AddRef
-(
- NSSToken *tok
-);
-
-NSS_EXTERN NSSUTF8 *
-nssToken_GetName
-(
- NSSToken *tok
-);
-
-NSS_EXTERN PRStatus
-nssToken_ImportCertificate
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSCertificate *cert,
- NSSTrustDomain *td,
- NSSCryptoContext *cc
-);
-
-NSS_EXTERN PRStatus
-nssToken_ImportTrust
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSTrust *trust,
- NSSTrustDomain *trustDomain,
- NSSCryptoContext *cryptoContext
-);
-
-NSS_EXTERN NSSPublicKey *
-nssToken_GenerateKeyPair
-(
- NSSToken *tok,
- nssSession *sessionOpt
- /* algorithm and parameters */
-);
-
-NSS_EXTERN NSSSymmetricKey *
-nssToken_GenerateSymmetricKey
-(
- NSSToken *tok,
- nssSession *sessionOpt
- /* algorithm and parameters */
-);
-
-/* Permanently remove an object from the token. */
-NSS_EXTERN PRStatus
-nssToken_DeleteStoredObject
-(
- nssCryptokiInstance *instance
-);
-
-NSS_EXTERN NSSTrust *
-nssToken_FindTrustForCert
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSCertificate *c
-);
-
-NSS_EXTERN PRStatus
-nssToken_TraverseCertificates
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- nssTokenCertSearch *search
-);
-
-NSS_EXTERN PRStatus
-nssToken_TraverseCertificatesBySubject
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *subject,
- nssTokenCertSearch *search
-);
-
-NSS_EXTERN PRStatus
-nssToken_TraverseCertificatesByNickname
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSUTF8 *name,
- nssTokenCertSearch *search
-);
-
-NSS_EXTERN PRStatus
-nssToken_TraverseCertificatesByEmail
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSASCII7 *email,
- nssTokenCertSearch *search
-);
-
-NSS_EXTERN NSSCertificate *
-nssToken_FindCertificateByIssuerAndSerialNumber
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *issuer,
- NSSDER *serial
-);
-
-NSS_EXTERN NSSCertificate *
-nssToken_FindCertificateByEncodedCertificate
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSBER *encodedCertificate
-);
-
-NSS_EXTERN NSSTrust *
-nssToken_FindTrustForCert
-(
- NSSToken *token,
- nssSession *session,
- NSSCertificate *c
-);
-
-NSS_EXTERN NSSItem *
-nssToken_Digest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSAlgorithmAndParameters *ap,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN PRStatus
-nssToken_BeginDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSAlgorithmAndParameters *ap
-);
-
-NSS_EXTERN PRStatus
-nssToken_ContinueDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSItem *item
-);
-
-NSS_EXTERN NSSItem *
-nssToken_FinishDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN PRStatus
-nssSession_Destroy
-(
- nssSession *s
-);
-
-/* would like to inline */
-NSS_EXTERN PRStatus
-nssSession_EnterMonitor
-(
- nssSession *s
-);
-
-/* would like to inline */
-NSS_EXTERN PRStatus
-nssSession_ExitMonitor
-(
- nssSession *s
-);
-
-/* would like to inline */
-NSS_EXTERN PRBool
-nssSession_IsReadWrite
-(
- nssSession *s
-);
-
-NSS_EXTERN NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateSHA1Digest
-(
- NSSArena *arenaOpt
-);
-
-NSS_EXTERN NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateMD5Digest
-(
- NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* DEV_H */
diff --git a/security/nss/lib/dev/devm.h b/security/nss/lib/dev/devm.h
deleted file mode 100644
index d226069c9..000000000
--- a/security/nss/lib/dev/devm.h
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVM_H
-#define DEVM_H
-
-#ifdef DEBUG
-static const char DEVM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-PR_BEGIN_EXTERN_C
-
-/* PKCS#11 stores strings in a fixed-length buffer padded with spaces. This
- * function gets the length of the actual string.
- */
-NSS_EXTERN PRUint32
-nssPKCS11StringLength(
- CK_CHAR *pkcs11str,
- PRUint32 bufLen
-);
-
-PR_END_EXTERN_C
-
-#endif /* DEV_H */
diff --git a/security/nss/lib/dev/devmod.c b/security/nss/lib/dev/devmod.c
deleted file mode 100644
index 455d063e8..000000000
--- a/security/nss/lib/dev/devmod.c
+++ /dev/null
@@ -1,396 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "nspr.h"
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/* Threading callbacks for C_Initialize. Use NSPR threads. */
-
-CK_RV PR_CALLBACK
-nss_ck_CreateMutex(CK_VOID_PTR_PTR pMutex)
-{
- CK_VOID_PTR mutex = (CK_VOID_PTR)PZ_NewLock(nssILockOther);
- if (mutex != NULL) {
- *pMutex = (CK_VOID_PTR)mutex;
- return CKR_OK;
- }
- return CKR_HOST_MEMORY;
-}
-
-CK_RV PR_CALLBACK
-nss_ck_DestroyMutex(CK_VOID_PTR mutex)
-{
- PZ_DestroyLock((PZLock *)mutex);
- return CKR_OK;
-}
-
-CK_RV PR_CALLBACK
-nss_ck_LockMutex(CK_VOID_PTR mutex)
-{
- PZ_Lock((PZLock *)mutex);
- return CKR_OK;
-}
-
-CK_RV PR_CALLBACK
-nss_ck_UnlockMutex(CK_VOID_PTR mutex)
-{
- return (PZ_Unlock((PZLock *)mutex) == PR_SUCCESS) ?
- CKR_OK : CKR_MUTEX_NOT_LOCKED;
-}
-
-/* Default callback args to C_Initialize */
-static CK_C_INITIALIZE_ARGS
-s_ck_initialize_args = {
- nss_ck_CreateMutex, /* CreateMutex */
- nss_ck_DestroyMutex, /* DestroyMutex */
- nss_ck_LockMutex, /* LockMutex */
- nss_ck_UnlockMutex, /* UnlockMutex */
- CKF_LIBRARY_CANT_CREATE_OS_THREADS |
- CKF_OS_LOCKING_OK, /* flags */
- NULL /* pReserved */
-};
-
-/* Alloc memory for a module. Copy in the module name and library path
- * if provided. XXX use the opaque arg also, right?
- */
-NSS_IMPLEMENT NSSModule *
-nssModule_Create
-(
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-)
-{
- NSSArena *arena;
- NSSModule *rvMod;
- arena = NSSArena_Create();
- if(!arena) {
- return (NSSModule *)NULL;
- }
- rvMod = nss_ZNEW(arena, NSSModule);
- if (!rvMod) {
- goto loser;
- }
- if (moduleOpt) {
- /* XXX making the gross assumption this is just the module name */
- /* if the name is a duplicate, should that be tested here? or
- * wait for Load?
- */
- rvMod->name = nssUTF8_Duplicate(moduleOpt, arena);
- if (!rvMod->name) {
- goto loser;
- }
- }
- if (uriOpt) {
- /* Load the module from a URI. */
- /* XXX at this time - only file URI (even worse, no file:// for now) */
- rvMod->libraryPath = nssUTF8_Duplicate(uriOpt, arena);
- if (!rvMod->libraryPath) {
- goto loser;
- }
- }
- rvMod->arena = arena;
- rvMod->refCount = 1;
- /* everything else is 0/NULL at this point. */
- return rvMod;
-loser:
- nssArena_Destroy(arena);
- return (NSSModule *)NULL;
-}
-
-/* load all slots in a module. */
-static PRStatus
-module_load_slots(NSSModule *mod)
-{
- CK_ULONG i, ulNumSlots;
- CK_SLOT_ID *slotIDs;
- nssArenaMark *mark = NULL;
- NSSSlot **slots;
- PRStatus nssrv;
- CK_RV ckrv;
- /* Get the number of slots */
- ckrv = CKAPI(mod)->C_GetSlotList(CK_FALSE, NULL, &ulNumSlots);
- if (ckrv != CKR_OK) {
- /* what is the error? */
- return PR_FAILURE;
- }
- /* Alloc memory for the array of slot ID's */
- slotIDs = nss_ZNEWARRAY(NULL, CK_SLOT_ID, ulNumSlots);
- if (!slotIDs) {
- goto loser;
- }
- /* Get the actual slot list */
- ckrv = CKAPI(mod)->C_GetSlotList(CK_FALSE, slotIDs, &ulNumSlots);
- if (ckrv != CKR_OK) {
- /* what is the error? */
- goto loser;
- }
- /* Alloc memory for the array of slots, in the module's arena */
- mark = nssArena_Mark(mod->arena);
- if (!mark) {
- return PR_FAILURE;
- }
- slots = nss_ZNEWARRAY(mod->arena, NSSSlot *, ulNumSlots);
- if (!slots) {
- goto loser;
- }
- /* Initialize each slot */
- for (i=0; i<ulNumSlots; i++) {
- slots[i] = nssSlot_Create(mod->arena, slotIDs[i], mod);
- }
- nss_ZFreeIf(slotIDs);
- nssrv = nssArena_Unmark(mod->arena, mark);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- mod->slots = slots;
- mod->numSlots = ulNumSlots;
- return PR_SUCCESS;
-loser:
- if (mark) {
- nssArena_Release(mod->arena, mark);
- }
- nss_ZFreeIf(slotIDs);
- return PR_FAILURE;
-}
-
-/* This is going to take much more thought. The module has a list of slots,
- * each of which points to a token. Presumably, all are ref counted. Some
- * kind of consistency check is needed here, or perhaps at a higher level.
- */
-NSS_IMPLEMENT PRStatus
-nssModule_Destroy
-(
- NSSModule *mod
-)
-{
- PRUint32 i;
- if (--mod->refCount == 0) {
- /* Ignore any failure here. */
- for (i=0; i<mod->numSlots; i++) {
- nssSlot_Destroy(mod->slots[i]);
- }
- (void)nssModule_Unload(mod);
- return NSSArena_Destroy(mod->arena);
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSModule *
-nssModule_AddRef
-(
- NSSModule *mod
-)
-{
- ++mod->refCount;
- return mod;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_Load
-(
- NSSModule *mod
-)
-{
- PRLibrary *library = NULL;
- CK_C_GetFunctionList ep;
- CK_RV ckrv;
- /* Use NSPR to load the library */
- library = PR_LoadLibrary((char *)mod->libraryPath);
- if (!library) {
- /* what's the error to set? */
- return PR_FAILURE;
- }
- mod->library = library;
- /* TODO: semantics here in SECMOD_LoadModule about module db */
- /* Load the cryptoki entry point function */
- ep = (CK_C_GetFunctionList)PR_FindSymbol(library, "C_GetFunctionList");
- if (ep == NULL) {
- goto loser;
- }
- /* Load the cryptoki entry point vector (function list) */
- ckrv = (*ep)((CK_FUNCTION_LIST_PTR *)&mod->epv);
- if (ckrv != CKR_OK) {
- goto loser;
- }
- /* Initialize the module */
- /* XXX This is where some additional parameters may need to come in,
- * SECMOD_LoadModule has LibraryParameters
- */
- ckrv = CKAPI(mod)->C_Initialize(&s_ck_initialize_args);
- if (ckrv != CKR_OK) {
- /* Apparently the token is not thread safe. Retry without
- * threading parameters.
- */
- mod->flags |= NSSMODULE_FLAGS_NOT_THREADSAFE;
- ckrv = CKAPI(mod)->C_Initialize((CK_VOID_PTR)NULL);
- if (ckrv != CKR_OK) {
- goto loser;
- }
- }
- /* TODO: check the version # using C_GetInfo */
- /* TODO: if the name is not set, get it from info.libraryDescription */
- /* Now load the slots */
- if (module_load_slots(mod) != PR_SUCCESS) {
- goto loser;
- }
- /* Module has successfully loaded */
- return PR_SUCCESS;
-loser:
- if (library) {
- PR_UnloadLibrary(library);
- }
- /* clear all values set above, they are invalid now */
- mod->library = NULL;
- mod->epv = NULL;
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssModule_Unload
-(
- NSSModule *mod
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- if (mod->library) {
- (void)CKAPI(mod)->C_Finalize(NULL);
- nssrv = PR_UnloadLibrary(mod->library);
- }
- /* Free the slots, yes? */
- mod->library = NULL;
- mod->epv = NULL;
- return nssrv;
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssModule_FindSlotByName
-(
- NSSModule *mod,
- NSSUTF8 *slotName
-)
-{
- PRUint32 i;
- PRStatus nssrv;
- for (i=0; i<mod->numSlots; i++) {
- if (nssUTF8_Equal(mod->slots[i]->name, slotName, &nssrv)) {
- return nssSlot_AddRef(mod->slots[i]);
- }
- if (nssrv != PR_SUCCESS) {
- break;
- }
- }
- return (NSSSlot *)NULL;
-}
-
-NSS_EXTERN NSSToken *
-nssModule_FindTokenByName
-(
- NSSModule *mod,
- NSSUTF8 *tokenName
-)
-{
- PRUint32 i;
- PRStatus nssrv;
- NSSToken *tok;
- for (i=0; i<mod->numSlots; i++) {
- tok = mod->slots[i]->token;
- if (nssUTF8_Equal(tok->name, tokenName, &nssrv)) {
- return nssToken_AddRef(tok);
- }
- if (nssrv != PR_SUCCESS) {
- break;
- }
- }
- return (NSSToken *)NULL;
-}
-
-NSS_IMPLEMENT PRStatus *
-nssModule_TraverseCertificates
-(
- NSSModule *mod,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- return NULL;
-}
-
-#ifdef DEBUG
-void
-nssModule_Debug(NSSModule *m)
-{
- PRUint32 i;
- printf("\n");
- printf("Module Name: %s\n", m->name);
- printf("Module Path: %s\n", m->libraryPath);
- printf("Number of Slots in Module: %d\n\n", m->numSlots);
- for (i=0; i<m->numSlots; i++) {
- printf("\tSlot #%d\n", i);
- if (m->slots[i]->name) {
- printf("\tSlot Name: %s\n", m->slots[i]->name);
- } else {
- printf("\tSlot Name: <NULL>\n");
- }
- if (m->slots[i]->token) {
- printf("\tToken Name: %s\n", m->slots[i]->token->name);
- } else {
- printf("\tToken: <NULL>\n");
- }
- }
-}
-#endif
diff --git a/security/nss/lib/dev/devobject.c b/security/nss/lib/dev/devobject.c
deleted file mode 100644
index d2bb6df57..000000000
--- a/security/nss/lib/dev/devobject.c
+++ /dev/null
@@ -1,950 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/* XXX */
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifdef NSS_3_4_CODE
-#include "pkim.h" /* for cert decoding */
-#endif
-
-/* The number of object handles to grab during each call to C_FindObjects */
-#define OBJECT_STACK_SIZE 16
-
-NSS_IMPLEMENT PRStatus
-nssToken_DeleteStoredObject
-(
- nssCryptokiInstance *instance
-)
-{
- CK_RV ckrv;
- PRStatus nssrv;
- PRBool createdSession;
- NSSToken *token = instance->token;
- nssSession *session = NULL;
- if (nssCKObject_IsAttributeTrue(instance->handle, CKA_TOKEN,
- token->defaultSession,
- token->slot, &nssrv)) {
- if (nssSession_IsReadWrite(token->defaultSession)) {
- session = token->defaultSession;
- } else {
- session = nssSlot_CreateSession(token->slot, NULL, PR_TRUE);
- createdSession = PR_TRUE;
- }
- }
- if (session == NULL) {
- return PR_FAILURE;
- }
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(token)->C_DestroyObject(session->handle, instance->handle);
- nssSession_ExitMonitor(session);
- if (createdSession) {
- nssSession_Destroy(session);
- }
- if (ckrv != CKR_OK) {
- return PR_FAILURE;
- }
- return PR_SUCCESS;
-}
-
-static CK_OBJECT_HANDLE
-import_object
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- CK_ATTRIBUTE_PTR objectTemplate,
- CK_ULONG otsize
-)
-{
- nssSession *session = NULL;
- PRBool createdSession = PR_FALSE;
- CK_OBJECT_HANDLE object;
- CK_RV ckrv;
- if (nssCKObject_IsTokenObjectTemplate(objectTemplate, otsize)) {
- if (sessionOpt) {
- if (!nssSession_IsReadWrite(sessionOpt)) {
- return CK_INVALID_HANDLE;
- } else {
- session = sessionOpt;
- }
- } else if (nssSession_IsReadWrite(tok->defaultSession)) {
- session = tok->defaultSession;
- } else {
- session = nssSlot_CreateSession(tok->slot, NULL, PR_TRUE);
- createdSession = PR_TRUE;
- }
- } else {
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- }
- if (session == NULL) {
- return CK_INVALID_HANDLE;
- }
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(tok->slot)->C_CreateObject(session->handle,
- objectTemplate, otsize,
- &object);
- nssSession_ExitMonitor(session);
- if (createdSession) {
- nssSession_Destroy(session);
- }
- if (ckrv != CKR_OK) {
- return CK_INVALID_HANDLE;
- }
- return object;
-}
-
-static CK_OBJECT_HANDLE
-find_object_by_template
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- CK_ATTRIBUTE_PTR cktemplate,
- CK_ULONG ctsize
-)
-{
- CK_SESSION_HANDLE hSession;
- CK_OBJECT_HANDLE rvObject;
- CK_ULONG count;
- CK_RV ckrv;
- nssSession *session;
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- hSession = session->handle;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(tok)->C_FindObjectsInit(hSession, cktemplate, ctsize);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- return CK_INVALID_HANDLE;
- }
- ckrv = CKAPI(tok)->C_FindObjects(hSession, &rvObject, 1, &count);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- return CK_INVALID_HANDLE;
- }
- ckrv = CKAPI(tok)->C_FindObjectsFinal(hSession);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- return CK_INVALID_HANDLE;
- }
- return rvObject;
-}
-
-static PRStatus
-traverse_objects_by_template
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- CK_ATTRIBUTE_PTR obj_template,
- CK_ULONG otsize,
- PRStatus (*callback)(NSSToken *t, nssSession *session,
- CK_OBJECT_HANDLE h, void *arg),
- void *arg
-)
-{
- NSSSlot *slot;
- PRStatus cbrv;
- PRUint32 i;
- CK_RV ckrv;
- CK_ULONG count;
- CK_OBJECT_HANDLE *objectStack;
- CK_OBJECT_HANDLE startOS[OBJECT_STACK_SIZE];
- CK_SESSION_HANDLE hSession;
- NSSArena *objectArena = NULL;
- nssSession *session;
- nssList *objectList = NULL;
- slot = tok->slot;
- objectStack = startOS;
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- hSession = session->handle;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(slot)->C_FindObjectsInit(hSession, obj_template, otsize);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- goto loser;
- }
- while (PR_TRUE) {
- ckrv = CKAPI(slot)->C_FindObjects(hSession, objectStack,
- OBJECT_STACK_SIZE, &count);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- goto loser;
- }
- if (count == OBJECT_STACK_SIZE) {
- if (!objectList) {
- objectArena = NSSArena_Create();
- objectList = nssList_Create(objectArena, PR_FALSE);
- }
- objectStack = nss_ZNEWARRAY(objectArena, CK_OBJECT_HANDLE,
- OBJECT_STACK_SIZE);
- nssList_Add(objectList, objectStack);
- } else {
- break;
- }
- }
- ckrv = CKAPI(slot)->C_FindObjectsFinal(hSession);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- goto loser;
- }
- if (objectList) {
- nssListIterator *objects;
- objects = nssList_CreateIterator(objectList);
- for (objectStack = (CK_OBJECT_HANDLE *)nssListIterator_Start(objects);
- objectStack != NULL;
- objectStack = (CK_OBJECT_HANDLE *)nssListIterator_Next(objects)) {
- for (i=0; i<count; i++) {
- cbrv = (*callback)(tok, session, objectStack[i], arg);
- }
- }
- nssListIterator_Finish(objects);
- count = OBJECT_STACK_SIZE;
- }
- for (i=0; i<count; i++) {
- cbrv = (*callback)(tok, session, startOS[i], arg);
- }
- if (objectArena)
- NSSArena_Destroy(objectArena);
- return PR_SUCCESS;
-loser:
- if (objectArena)
- NSSArena_Destroy(objectArena);
- return PR_FAILURE;
-}
-
-static PRStatus
-add_object_instance
-(
- nssPKIObject *object,
- NSSToken *t,
- CK_OBJECT_HANDLE h,
- NSSTrustDomain *td,
- NSSCryptoContext *cc
-)
-{
- nssPKIObjectInstance *oi;
- oi = nss_ZNEW(object->arena, nssPKIObjectInstance);
- if (!oi) {
- return PR_FAILURE;
- }
- oi->cryptoki.handle = h;
- oi->cryptoki.token = t;
- oi->trustDomain = td;
- oi->cryptoContext = cc;
- nssList_Add(object->instanceList, oi);
- return PR_SUCCESS;
-}
-
-#if 0
-#ifdef NSS_3_4_CODE
-static void make_nss3_nickname(NSSCertificate *c)
-{
- /* In NSS 3.4, the semantic is that nickname = token name + label */
- PRStatus utf8rv;
- NSSUTF8 *tokenName;
- NSSUTF8 *label;
- char *fullname;
- PRUint32 len, tlen;
- tokenName = nssToken_GetName(c->token);
- label = c->nickname ? c->nickname : c->email;
- if (!label) return;
- tlen = nssUTF8_Length(tokenName, &utf8rv); /* token name */
- tlen += 1; /* : */
- len = nssUTF8_Length(label, &utf8rv); /* label */
- len += 1; /* \0 */
- len += tlen;
- fullname = nss_ZAlloc(c->arena, len);
- utf8rv = nssUTF8_CopyIntoFixedBuffer(tokenName, fullname, tlen, ':');
- utf8rv = nssUTF8_CopyIntoFixedBuffer(label, fullname + tlen,
- len - tlen, '\0');
- nss_ZFreeIf(c->nickname);
- c->nickname = nssUTF8_Create(c->arena,
- nssStringType_UTF8String,
- fullname, len);
-}
-#endif
-#endif
-
-static NSSCertificateType
-nss_cert_type_from_ck_attrib(CK_ATTRIBUTE_PTR attrib)
-{
- CK_CERTIFICATE_TYPE ckCertType;
- ckCertType = *((CK_ULONG *)attrib->pValue);
- switch (ckCertType) {
- case CKC_X_509:
- return NSSCertificateType_PKIX;
- break;
- default:
- return NSSCertificateType_Unknown;
- }
-}
-
-/* Create a certificate from an object handle. */
-static NSSCertificate *
-get_token_cert
-(
- NSSToken *token,
- nssSession *sessionOpt,
- CK_OBJECT_HANDLE handle
-)
-{
- NSSCertificate *rvCert;
- nssPKIObject *object;
- NSSArena *arena;
- nssSession *session;
- PRStatus nssrv;
- CK_ULONG template_size;
- CK_ATTRIBUTE cert_template[] = {
- { CKA_CERTIFICATE_TYPE, NULL, 0 },
- { CKA_ID, NULL, 0 },
- { CKA_VALUE, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0 },
- { CKA_LABEL, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
- { CKA_NETSCAPE_EMAIL, NULL, 0 }
- };
- template_size = sizeof(cert_template) / sizeof(cert_template[0]);
- session = (sessionOpt) ? sessionOpt : token->defaultSession;
- arena = nssArena_Create();
- if (!arena) {
- return NULL;
- }
- rvCert = nss_ZNEW(arena, NSSCertificate);
- if (!rvCert) {
- goto loser;
- }
- object = &rvCert->object;
- object->arena = arena;
- object->refCount = 1;
- object->instanceList = nssList_Create(arena, PR_TRUE);
- if (!object->instanceList) {
- goto loser;
- }
- object->instances = nssList_CreateIterator(object->instanceList);
- if (!object->instances) {
- goto loser;
- }
- nssrv = nssCKObject_GetAttributes(handle,
- cert_template, template_size,
- arena, session, token->slot);
- if (nssrv) {
- goto loser;
- }
- rvCert->type = nss_cert_type_from_ck_attrib(&cert_template[0]);
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[1], &rvCert->id);
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[2], &rvCert->encoding);
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[3], &rvCert->issuer);
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[4], &rvCert->serial);
- NSS_CK_ATTRIBUTE_TO_UTF8(&cert_template[5], rvCert->nickname);
- NSS_CK_ATTRIBUTE_TO_ITEM(&cert_template[6], &rvCert->subject);
- NSS_CK_ATTRIBUTE_TO_UTF8(&cert_template[7], rvCert->email);
-#ifdef NSS_3_4_CODE
- /* nss 3.4 database doesn't associate email address with cert */
- if (!rvCert->email) {
- nssDecodedCert *dc;
- NSSASCII7 *email;
- dc = nssCertificate_GetDecoding(rvCert);
- email = dc->getEmailAddress(dc);
- if (email) rvCert->email = nssUTF8_Duplicate(email, arena);
- }
- /*make_nss3_nickname(rvCert);*/
-#endif
- return rvCert;
-loser:
- nssArena_Destroy(arena);
- return (NSSCertificate *)NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_ImportCertificate
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSCertificate *cert,
- NSSTrustDomain *td,
- NSSCryptoContext *cc
-)
-{
- CK_CERTIFICATE_TYPE cert_type = CKC_X_509;
- CK_OBJECT_HANDLE handle;
- CK_ATTRIBUTE cert_tmpl[] = {
- { CKA_TOKEN, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- { CKA_CERTIFICATE_TYPE, NULL, 0 },
- { CKA_ID, NULL, 0 },
- { CKA_LABEL, NULL, 0 },
- { CKA_VALUE, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0 }
- };
- CK_ULONG ctsize = sizeof(cert_tmpl)/sizeof(cert_tmpl[0]);
- if (td) {
- /* trust domain == token object */
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_tmpl, 0, &g_ck_true);
- } else {
- /* crypto context == session object */
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_tmpl, 0, &g_ck_false);
- }
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_tmpl, 1, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_VAR( cert_tmpl, 2, cert_type);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_tmpl, 3, &cert->id);
- NSS_CK_SET_ATTRIBUTE_UTF8(cert_tmpl, 4, cert->nickname);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_tmpl, 5, &cert->encoding);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_tmpl, 6, &cert->issuer);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_tmpl, 7, &cert->subject);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_tmpl, 8, &cert->serial);
- /* Import the certificate onto the token */
- handle = import_object(tok, sessionOpt, cert_tmpl, ctsize);
- if (handle == CK_INVALID_HANDLE) {
- return PR_FAILURE;
- }
- return add_object_instance(&cert->object, tok, handle, td, cc);
-}
-
-struct cert_search_index_str
-{
- NSSDER issuer;
- NSSDER serial;
-};
-
-static PRBool
-compare_cert_by_issuer_sn(void *a, void *b)
-{
- NSSCertificate *c = (NSSCertificate *)a;
- struct cert_search_index_str *csi = (struct cert_search_index_str *)b;
- return (nssItem_Equal(&c->issuer, &csi->issuer, NULL) &&
- nssItem_Equal(&c->serial, &csi->serial, NULL));
-}
-
-static PRStatus
-retrieve_cert(NSSToken *t, nssSession *session, CK_OBJECT_HANDLE h, void *arg)
-{
- PRStatus nssrv;
- PRBool found;
- nssTokenCertSearch *search = (nssTokenCertSearch *)arg;
- NSSCertificate *cert = NULL;
- struct cert_search_index_str csi;
- nssListIterator *instances;
- nssPKIObjectInstance *oi;
- CK_ATTRIBUTE issuersn_tmpl[] = {
- { CKA_ISSUER, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0 }
- };
- CK_ULONG ist_size = sizeof(issuersn_tmpl) / sizeof(issuersn_tmpl[0]);
- if (search->cached) {
- nssrv = nssCKObject_GetAttributes(h, issuersn_tmpl, ist_size,
- NULL, session, t->slot);
- NSS_CK_ATTRIBUTE_TO_ITEM(&issuersn_tmpl[0], &csi.issuer);
- NSS_CK_ATTRIBUTE_TO_ITEM(&issuersn_tmpl[1], &csi.serial);
- cert = (NSSCertificate *)nssList_Get(search->cached, &csi);
- nss_ZFreeIf(csi.issuer.data);
- nss_ZFreeIf(csi.serial.data);
- }
- found = PR_FALSE;
- if (cert) {
- instances = cert->object.instances;
- for (oi = (nssPKIObjectInstance *)nssListIterator_Start(instances);
- oi != (nssPKIObjectInstance *)NULL;
- oi = (nssPKIObjectInstance *)nssListIterator_Next(instances))
- {
- if (oi->cryptoki.handle == h && oi->cryptoki.token == t) {
- found = PR_TRUE;
- break;
- }
- }
- nssListIterator_Finish(instances);
- } else {
- cert = get_token_cert(t, session, h);
- if (!cert) return PR_FAILURE;
- }
- if (!found) {
- nssrv = add_object_instance(&cert->object, t, h,
- search->trustDomain,
- search->cryptoContext);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
- }
- return (*search->callback)(cert, search->cbarg);
-}
-
-/* traverse all certificates - this should only happen if the token
- * has been marked as "traversable"
- */
-NSS_IMPLEMENT PRStatus
-nssToken_TraverseCertificates
-(
- NSSToken *token,
- nssSession *sessionOpt,
- nssTokenCertSearch *search
-)
-{
- PRStatus nssrv;
- /* this is really traversal - the template is all certs */
- CK_ATTRIBUTE cert_template[] = {
- { CKA_CLASS, NULL, 0 }
- };
- CK_ULONG ctsize = sizeof(cert_template) / sizeof(cert_template[0]);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 0, &g_ck_class_cert);
- nssList_SetCompareFunction(search->cached, compare_cert_by_issuer_sn);
- nssrv = traverse_objects_by_template(token, sessionOpt,
- cert_template, ctsize,
- retrieve_cert, search);
- return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_TraverseCertificatesBySubject
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *subject,
- nssTokenCertSearch *search
-)
-{
- PRStatus nssrv;
- CK_ATTRIBUTE subj_tmpl[] =
- {
- { CKA_CLASS, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 }
- };
- CK_ULONG stsize = (CK_ULONG)(sizeof(subj_tmpl) / sizeof(subj_tmpl[0]));
- NSS_CK_SET_ATTRIBUTE_ITEM(subj_tmpl, 0, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_ITEM(subj_tmpl, 1, subject);
- nssList_SetCompareFunction(search->cached, compare_cert_by_issuer_sn);
- /* now traverse the token certs matching this template */
- nssrv = traverse_objects_by_template(token, sessionOpt,
- subj_tmpl, stsize,
- retrieve_cert, search);
- return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_TraverseCertificatesByNickname
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSUTF8 *name,
- nssTokenCertSearch *search
-)
-{
- PRStatus nssrv;
- CK_ATTRIBUTE nick_tmpl[] =
- {
- { CKA_CLASS, NULL, 0 },
- { CKA_LABEL, NULL, 0 }
- };
- CK_ULONG ntsize = sizeof(nick_tmpl) / sizeof(nick_tmpl[0]);
- /* set up the search template */
- NSS_CK_SET_ATTRIBUTE_ITEM(nick_tmpl, 0, &g_ck_class_cert);
- nick_tmpl[1].pValue = (CK_VOID_PTR)name;
- nick_tmpl[1].ulValueLen = (CK_ULONG)nssUTF8_Length(name, &nssrv);
- nssList_SetCompareFunction(search->cached, compare_cert_by_issuer_sn);
- /* now traverse the token certs matching this template */
- nssrv = traverse_objects_by_template(token, sessionOpt,
- nick_tmpl, ntsize,
- retrieve_cert, search);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
-#if 0
- /* This is to workaround the fact that PKCS#11 doesn't specify
- * whether the '\0' should be included. XXX Is that still true?
- * im - this is not needed by the current softoken. However, I'm
- * leaving it in until I have surveyed more tokens to see if it needed.
- */
- nick_tmpl[1].ulValueLen++;
- nssrv = traverse_objects_by_template(token, sessionOpt,
- nick_tmpl, ntsize,
- retrieve_cert, search);
-#endif
- return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_TraverseCertificatesByEmail
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSASCII7 *email,
- nssTokenCertSearch *search
-)
-{
- PRStatus nssrv;
- CK_ATTRIBUTE email_tmpl[] =
- {
- { CKA_CLASS, NULL, 0 },
- { CKA_NETSCAPE_EMAIL, NULL, 0 }
- };
- CK_ULONG etsize = sizeof(email_tmpl) / sizeof(email_tmpl[0]);
- /* set up the search template */
- NSS_CK_SET_ATTRIBUTE_ITEM(email_tmpl, 0, &g_ck_class_cert);
- email_tmpl[1].pValue = (CK_VOID_PTR)email;
- email_tmpl[1].ulValueLen = (CK_ULONG)nssUTF8_Length(email, &nssrv);
- nssList_SetCompareFunction(search->cached, compare_cert_by_issuer_sn);
- /* now traverse the token certs matching this template */
- nssrv = traverse_objects_by_template(token, sessionOpt,
- email_tmpl, etsize,
- retrieve_cert, search);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
-#if 0
- /* This is to workaround the fact that PKCS#11 doesn't specify
- * whether the '\0' should be included. XXX Is that still true?
- */
- email_tmpl[1].ulValueLen++;
- nssrv = traverse_objects_by_template(token, sessionOpt,
- email_tmpl, etsize,
- retrieve_cert, search);
-#endif
- return nssrv;
-}
-
-/* XXX these next two need to create instances as needed */
-
-NSS_IMPLEMENT NSSCertificate *
-nssToken_FindCertificateByIssuerAndSerialNumber
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSDER *issuer,
- NSSDER *serial
-)
-{
- NSSCertificate *rvCert = NULL;
- nssSession *session;
- PRBool tokenObject;
- PRStatus nssrv;
- CK_ULONG ctsize;
- CK_OBJECT_HANDLE object;
- CK_ATTRIBUTE cert_template[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0 }
- };
- ctsize = sizeof(cert_template) / sizeof(cert_template[0]);
- /* Set the unique id */
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 0, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 1, issuer);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 2, serial);
- /* get the object handle */
- object = find_object_by_template(token, sessionOpt, cert_template, ctsize);
- if (object == CK_INVALID_HANDLE) {
- return NULL;
- }
- session = (sessionOpt) ? sessionOpt : token->defaultSession;
- rvCert = get_token_cert(token, sessionOpt, object);
- if (rvCert) {
- NSSTrustDomain *td;
- NSSCryptoContext *cc;
- tokenObject = nssCKObject_IsAttributeTrue(object, CKA_TOKEN,
- session, token->slot,
- &nssrv);
- if (tokenObject) {
- td = token->trustDomain;
- cc = NULL;
- } else {
- td = NULL;
- cc = NULL; /* XXX how to recover the crypto context from
- * the token?
- */
- }
- add_object_instance(&rvCert->object, token, object, td, cc);
- }
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-nssToken_FindCertificateByEncodedCertificate
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSBER *encodedCertificate
-)
-{
- NSSCertificate *rvCert = NULL;
- nssSession *session;
- PRBool tokenObject;
- PRStatus nssrv;
- CK_ULONG ctsize;
- CK_OBJECT_HANDLE object;
- CK_ATTRIBUTE cert_template[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_VALUE, NULL, 0 }
- };
- ctsize = sizeof(cert_template) / sizeof(cert_template[0]);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 0, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 1, encodedCertificate);
- /* get the object handle */
- object = find_object_by_template(token, sessionOpt, cert_template, ctsize);
- if (object == CK_INVALID_HANDLE) {
- return NULL;
- }
- session = (sessionOpt) ? sessionOpt : token->defaultSession;
- rvCert = get_token_cert(token, sessionOpt, object);
- if (rvCert) {
- NSSTrustDomain *td;
- NSSCryptoContext *cc;
- tokenObject = nssCKObject_IsAttributeTrue(object, CKA_TOKEN,
- session, token->slot,
- &nssrv);
- if (tokenObject) {
- td = token->trustDomain;
- cc = NULL;
- } else {
- td = NULL;
- cc = NULL; /* XXX how to recover the crypto context from
- * the token?
- */
- }
- add_object_instance(&rvCert->object, token, object, td, cc);
- }
- return rvCert;
-}
-
-static void
-sha1_hash(NSSToken *token, NSSItem *input, NSSItem *output)
-{
- NSSAlgorithmAndParameters *ap;
- ap = NSSAlgorithmAndParameters_CreateSHA1Digest(NULL);
- (void)nssToken_Digest(token, NULL, ap, input, output, NULL);
- nss_ZFreeIf(ap);
-}
-
-static void
-md5_hash(NSSToken *token, NSSItem *input, NSSItem *output)
-{
- NSSAlgorithmAndParameters *ap;
- ap = NSSAlgorithmAndParameters_CreateMD5Digest(NULL);
- (void)nssToken_Digest(token, NULL, ap, input, output, NULL);
- nss_ZFreeIf(ap);
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_ImportTrust
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSTrust *trust,
- NSSTrustDomain *trustDomain,
- NSSCryptoContext *cryptoContext
-)
-{
- PRStatus nssrv;
- CK_OBJECT_HANDLE handle;
- CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
- CK_ATTRIBUTE trust_tmpl[] = {
- { CKA_TOKEN, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0 },
- { CKA_CERT_SHA1_HASH, NULL, 0 },
- { CKA_CERT_MD5_HASH, NULL, 0 },
- { CKA_TRUST_SERVER_AUTH, NULL, 0 },
- { CKA_TRUST_CLIENT_AUTH, NULL, 0 },
- { CKA_TRUST_EMAIL_PROTECTION, NULL, 0 },
- { CKA_TRUST_CODE_SIGNING, NULL, 0 }
- };
- CK_ULONG tsize = sizeof(trust_tmpl) / sizeof(trust_tmpl[0]);
- PRUint8 sha1[20]; /* this is cheating... */
- PRUint8 md5[16];
- NSSItem sha1_result, md5_result;
- NSSCertificate *c = trust->certificate;
- sha1_result.data = sha1; sha1_result.size = sizeof sha1;
- md5_result.data = md5; md5_result.size = sizeof md5;
- sha1_hash(tok, &c->encoding, &sha1_result);
- md5_hash(tok, &c->encoding, &md5_result);
- if (trustDomain) {
- NSS_CK_SET_ATTRIBUTE_ITEM(trust_tmpl, 0, &g_ck_true);
- } else {
- NSS_CK_SET_ATTRIBUTE_ITEM(trust_tmpl, 0, &g_ck_false);
- }
- NSS_CK_SET_ATTRIBUTE_VAR( trust_tmpl, 1, tobjc);
- NSS_CK_SET_ATTRIBUTE_ITEM(trust_tmpl, 2, &c->issuer);
- NSS_CK_SET_ATTRIBUTE_ITEM(trust_tmpl, 3, &c->serial);
- NSS_CK_SET_ATTRIBUTE_ITEM(trust_tmpl, 4, &sha1_result);
- NSS_CK_SET_ATTRIBUTE_ITEM(trust_tmpl, 5, &md5_result);
- /* now set the trust values */
- NSS_CK_SET_ATTRIBUTE_VAR(trust_tmpl, 6, trust->serverAuth);
- NSS_CK_SET_ATTRIBUTE_VAR(trust_tmpl, 7, trust->clientAuth);
- NSS_CK_SET_ATTRIBUTE_VAR(trust_tmpl, 8, trust->emailProtection);
- NSS_CK_SET_ATTRIBUTE_VAR(trust_tmpl, 9, trust->codeSigning);
- /* import the trust object onto the token */
- handle = import_object(tok, NULL, trust_tmpl, tsize);
- if (handle != CK_INVALID_HANDLE) {
- nssrv = add_object_instance(&trust->object, tok, handle,
- trustDomain, cryptoContext);
- } else {
- nssrv = PR_FAILURE;
- }
- return nssrv;
-}
-
-static CK_OBJECT_HANDLE
-get_cert_trust_handle
-(
- NSSToken *token,
- nssSession *session,
- NSSCertificate *c
-)
-{
- CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
- CK_ATTRIBUTE tobj_template[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_CERT_SHA1_HASH, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0 }
- };
- CK_ULONG tobj_size = sizeof(tobj_template) / sizeof(tobj_template[0]);
- PRUint8 sha1[20]; /* this is cheating... */
- NSSItem sha1_result;
- sha1_result.data = sha1; sha1_result.size = sizeof sha1;
- sha1_hash(token, &c->encoding, &sha1_result);
- NSS_CK_SET_ATTRIBUTE_VAR( tobj_template, 0, tobjc);
- NSS_CK_SET_ATTRIBUTE_ITEM(tobj_template, 1, &sha1_result);
- NSS_CK_SET_ATTRIBUTE_ITEM(tobj_template, 2, &c->issuer);
- NSS_CK_SET_ATTRIBUTE_ITEM(tobj_template, 3, &c->serial);
-#ifdef NSS_3_4_CODE
- if (PK11_HasRootCerts(token->pk11slot)) {
- tobj_size -= 2;
- }
- /*
- * we need to arrange for the built-in token to lose the bottom 2
- * attributes so that old built-in tokens will continue to work.
- */
-#endif
- return find_object_by_template(token, session,
- tobj_template, tobj_size);
-}
-
-NSS_IMPLEMENT NSSTrust *
-nssToken_FindTrustForCert
-(
- NSSToken *token,
- nssSession *sessionOpt,
- NSSCertificate *c
-)
-{
- PRStatus nssrv;
- NSSTrust *rvTrust;
- nssSession *session;
- NSSArena *arena;
- nssPKIObject *object;
- CK_TRUST saTrust, caTrust, epTrust, csTrust;
- CK_OBJECT_HANDLE tobjID;
- CK_ATTRIBUTE trust_template[] = {
- { CKA_TRUST_SERVER_AUTH, NULL, 0 },
- { CKA_TRUST_CLIENT_AUTH, NULL, 0 },
- { CKA_TRUST_EMAIL_PROTECTION, NULL, 0 },
- { CKA_TRUST_CODE_SIGNING, NULL, 0 }
- };
- CK_ULONG trust_size = sizeof(trust_template) / sizeof(trust_template[0]);
- session = (sessionOpt) ? sessionOpt : token->defaultSession;
- tobjID = get_cert_trust_handle(token, session, c);
- if (tobjID == CK_INVALID_HANDLE) {
- return NULL;
- }
- /* Then use the trust object to find the trust settings */
- NSS_CK_SET_ATTRIBUTE_VAR(trust_template, 0, saTrust);
- NSS_CK_SET_ATTRIBUTE_VAR(trust_template, 1, caTrust);
- NSS_CK_SET_ATTRIBUTE_VAR(trust_template, 2, epTrust);
- NSS_CK_SET_ATTRIBUTE_VAR(trust_template, 3, csTrust);
- nssrv = nssCKObject_GetAttributes(tobjID,
- trust_template, trust_size,
- NULL, session, token->slot);
- if (nssrv != PR_SUCCESS) {
- return NULL;
- }
- arena = nssArena_Create();
- if (!arena) {
- return NULL;
- }
- rvTrust = nss_ZNEW(arena, NSSTrust);
- if (!rvTrust) {
- nssArena_Destroy(arena);
- return NULL;
- }
- object = &rvTrust->object;
- object->arena = arena;
- object->refCount = 1;
- object->instanceList = nssList_Create(arena, PR_TRUE);
- if (!object->instanceList) {
- nssArena_Destroy(arena);
- return NULL;
- }
- object->instances = nssList_CreateIterator(object->instanceList);
- if (!object->instances) {
- nssArena_Destroy(arena);
- return NULL;
- }
- /* need to figure out trust domain and/or crypto context */
- nssrv = add_object_instance(object, token, tobjID,
- token->trustDomain, NULL);
- if (nssrv != PR_SUCCESS) {
- nssArena_Destroy(arena);
- return NULL;
- }
- rvTrust->serverAuth = saTrust;
- rvTrust->clientAuth = caTrust;
- rvTrust->emailProtection = epTrust;
- rvTrust->codeSigning = csTrust;
- return rvTrust;
-}
-
diff --git a/security/nss/lib/dev/devslot.c b/security/nss/lib/dev/devslot.c
deleted file mode 100644
index 25e16d2c4..000000000
--- a/security/nss/lib/dev/devslot.c
+++ /dev/null
@@ -1,537 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifdef NSS_3_4_CODE
-#include "pkcs11.h"
-#else
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-#endif /* NSS_3_4_CODE */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/* The flags needed to open a read-only session. */
-static const CK_FLAGS s_ck_readonly_flags = CKF_SERIAL_SESSION;
-
-/* In pk11slot.c, this was a no-op. So it is here also. */
-static CK_RV PR_CALLBACK
-nss_ck_slot_notify
-(
- CK_SESSION_HANDLE session,
- CK_NOTIFICATION event,
- CK_VOID_PTR pData
-)
-{
- return CKR_OK;
-}
-
-/* maybe this should really inherit completely from the module... I dunno,
- * any uses of slots where independence is needed?
- */
-NSS_IMPLEMENT NSSSlot *
-nssSlot_Create
-(
- NSSArena *arenaOpt,
- CK_SLOT_ID slotID,
- NSSModule *parent
-)
-{
- NSSArena *arena;
- nssArenaMark *mark;
- NSSSlot *rvSlot;
- NSSToken *token;
- NSSUTF8 *slotName = NULL;
- PRUint32 length;
- PRBool newArena;
- PRStatus nssrv;
- CK_SLOT_INFO slotInfo;
- CK_RV ckrv;
- if (arenaOpt) {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if (!mark) {
- return (NSSSlot *)NULL;
- }
- newArena = PR_FALSE;
- } else {
- arena = NSSArena_Create();
- if(!arena) {
- return (NSSSlot *)NULL;
- }
- newArena = PR_TRUE;
- }
- rvSlot = nss_ZNEW(arena, NSSSlot);
- if (!rvSlot) {
- goto loser;
- }
- /* Get slot information */
- ckrv = CKAPI(parent)->C_GetSlotInfo(slotID, &slotInfo);
- if (ckrv != CKR_OK) {
- /* set an error here, eh? */
- goto loser;
- }
- /* Grab the slot description from the PKCS#11 fixed-length buffer */
- length = nssPKCS11StringLength(slotInfo.slotDescription,
- sizeof(slotInfo.slotDescription));
- if (length > 0) {
- slotName = nssUTF8_Create(arena, nssStringType_UTF8String,
- (void *)slotInfo.slotDescription, length);
- if (!slotName) {
- goto loser;
- }
- }
- if (!arenaOpt) {
- /* Avoid confusion now - only set the slot's arena to a non-NULL value
- * if a new arena is created. Otherwise, depend on the caller (having
- * passed arenaOpt) to free the arena.
- */
- rvSlot->arena = arena;
- }
- rvSlot->refCount = 1;
- rvSlot->epv = parent->epv;
- rvSlot->module = parent;
- rvSlot->name = slotName;
- rvSlot->slotID = slotID;
- rvSlot->ckFlags = slotInfo.flags;
- /* Initialize the token if present. */
- if (slotInfo.flags & CKF_TOKEN_PRESENT) {
- token = nssToken_Create(arena, slotID, rvSlot);
- if (!token) {
- goto loser;
- }
- }
- rvSlot->token = token;
- nssrv = nssArena_Unmark(arena, mark);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- return rvSlot;
-loser:
- if (newArena) {
- nssArena_Destroy(arena);
- } else {
- if (mark) {
- nssArena_Release(arena, mark);
- }
- }
- /* everything was created in the arena, nothing to see here, move along */
- return (NSSSlot *)NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Destroy
-(
- NSSSlot *slot
-)
-{
- if (--slot->refCount == 0) {
-#ifndef NSS_3_4_CODE
- /* Not going to do this in 3.4, maybe never */
- nssToken_Destroy(slot->token);
-#endif
- if (slot->arena) {
- return NSSArena_Destroy(slot->arena);
- } else {
- nss_ZFreeIf(slot);
- }
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSSlot *
-nssSlot_AddRef
-(
- NSSSlot *slot
-)
-{
- ++slot->refCount;
- return slot;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssSlot_GetName
-(
- NSSSlot *slot,
- NSSArena *arenaOpt
-)
-{
- if (slot->name) {
- return nssUTF8_Duplicate(slot->name, arenaOpt);
- }
- return (NSSUTF8 *)NULL;
-}
-
-static PRStatus
-nssslot_login(NSSSlot *slot, nssSession *session,
- CK_USER_TYPE userType, NSSCallback *pwcb)
-{
- PRStatus nssrv;
- PRUint32 attempts;
- PRBool keepTrying;
- NSSUTF8 *password = NULL;
- CK_ULONG pwLen;
- CK_RV ckrv;
- if (!pwcb->getPW) {
- /* set error INVALID_ARG */
- return PR_FAILURE;
- }
- keepTrying = PR_TRUE;
- nssrv = PR_FAILURE;
- attempts = 0;
- while (keepTrying) {
- nssrv = pwcb->getPW(slot->name, &attempts, pwcb->arg, &password);
- if (nssrv != PR_SUCCESS) {
- nss_SetError(NSS_ERROR_USER_CANCELED);
- break;
- }
- pwLen = (CK_ULONG)nssUTF8_Length(password, &nssrv);
- if (nssrv != PR_SUCCESS) {
- break;
- }
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(slot)->C_Login(session->handle, userType,
- (CK_CHAR_PTR)password, pwLen);
- nssSession_ExitMonitor(session);
- switch (ckrv) {
- case CKR_OK:
- case CKR_USER_ALREADY_LOGGED_IN:
- slot->authInfo.lastLogin = PR_Now();
- nssrv = PR_SUCCESS;
- keepTrying = PR_FALSE;
- break;
- case CKR_PIN_INCORRECT:
- nss_SetError(NSS_ERROR_INVALID_PASSWORD);
- keepTrying = PR_TRUE; /* received bad pw, keep going */
- break;
- default:
- nssrv = PR_FAILURE;
- keepTrying = PR_FALSE;
- break;
- }
- nss_ZFreeIf(password);
- password = NULL;
- ++attempts;
- }
- nss_ZFreeIf(password);
- return nssrv;
-}
-
-static PRStatus
-nssslot_init_password(NSSSlot *slot, nssSession *rwSession, NSSCallback *pwcb)
-{
- NSSUTF8 *userPW = NULL;
- NSSUTF8 *ssoPW = NULL;
- PRStatus nssrv;
- CK_ULONG userPWLen, ssoPWLen;
- CK_RV ckrv;
- if (!pwcb->getInitPW) {
- /* set error INVALID_ARG */
- return PR_FAILURE;
- }
- /* Get the SO and user passwords */
- nssrv = pwcb->getInitPW(slot->name, pwcb->arg, &ssoPW, &userPW);
- if (nssrv != PR_SUCCESS) goto loser;
- userPWLen = (CK_ULONG)nssUTF8_Length(userPW, &nssrv);
- if (nssrv != PR_SUCCESS) goto loser;
- ssoPWLen = (CK_ULONG)nssUTF8_Length(ssoPW, &nssrv);
- if (nssrv != PR_SUCCESS) goto loser;
- /* First log in as SO */
- ckrv = CKAPI(slot)->C_Login(rwSession->handle, CKU_SO,
- (CK_CHAR_PTR)ssoPW, ssoPWLen);
- if (ckrv != CKR_OK) {
- /* set error ...SO_LOGIN_FAILED */
- goto loser;
- }
- /* Now change the user PIN */
- ckrv = CKAPI(slot)->C_InitPIN(rwSession->handle,
- (CK_CHAR_PTR)userPW, userPWLen);
- if (ckrv != CKR_OK) {
- /* set error */
- goto loser;
- }
- nss_ZFreeIf(ssoPW);
- nss_ZFreeIf(userPW);
- return PR_SUCCESS;
-loser:
- nss_ZFreeIf(ssoPW);
- nss_ZFreeIf(userPW);
- return PR_FAILURE;
-}
-
-static PRStatus
-nssslot_change_password(NSSSlot *slot, nssSession *rwSession, NSSCallback *pwcb)
-{
- NSSUTF8 *userPW = NULL;
- NSSUTF8 *newPW = NULL;
- PRUint32 attempts;
- PRStatus nssrv;
- PRBool keepTrying = PR_TRUE;
- CK_ULONG userPWLen, newPWLen;
- CK_RV ckrv;
- if (!pwcb->getNewPW) {
- /* set error INVALID_ARG */
- return PR_FAILURE;
- }
- attempts = 0;
- while (keepTrying) {
- nssrv = pwcb->getNewPW(slot->name, &attempts, pwcb->arg,
- &userPW, &newPW);
- if (nssrv != PR_SUCCESS) {
- nss_SetError(NSS_ERROR_USER_CANCELED);
- break;
- }
- userPWLen = (CK_ULONG)nssUTF8_Length(userPW, &nssrv);
- if (nssrv != PR_SUCCESS) return nssrv;
- newPWLen = (CK_ULONG)nssUTF8_Length(newPW, &nssrv);
- if (nssrv != PR_SUCCESS) return nssrv;
- nssSession_EnterMonitor(rwSession);
- ckrv = CKAPI(slot)->C_SetPIN(rwSession->handle,
- (CK_CHAR_PTR)userPW, userPWLen,
- (CK_CHAR_PTR)newPW, newPWLen);
- nssSession_ExitMonitor(rwSession);
- switch (ckrv) {
- case CKR_OK:
- slot->authInfo.lastLogin = PR_Now();
- nssrv = PR_SUCCESS;
- keepTrying = PR_FALSE;
- break;
- case CKR_PIN_INCORRECT:
- nss_SetError(NSS_ERROR_INVALID_PASSWORD);
- keepTrying = PR_TRUE; /* received bad pw, keep going */
- break;
- default:
- nssrv = PR_FAILURE;
- keepTrying = PR_FALSE;
- break;
- }
- nss_ZFreeIf(userPW);
- nss_ZFreeIf(newPW);
- userPW = NULL;
- newPW = NULL;
- ++attempts;
- }
- nss_ZFreeIf(userPW);
- nss_ZFreeIf(newPW);
- return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Login
-(
- NSSSlot *slot,
- PRBool asSO,
- NSSCallback *pwcb
-)
-{
- PRBool needsLogin, needsInit;
- CK_USER_TYPE userType;
- userType = (asSO) ? CKU_SO : CKU_USER;
- needsInit = PR_FALSE; /* XXX */
- needsLogin = PR_TRUE; /* XXX */
- if (needsInit) {
- return nssSlot_SetPassword(slot, pwcb);
- } else if (needsLogin) {
- return nssslot_login(slot, slot->token->defaultSession,
- userType, pwcb);
- }
- return PR_SUCCESS; /* login not required */
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_Logout
-(
- NSSSlot *slot,
- nssSession *sessionOpt
-)
-{
- nssSession *session;
- PRStatus nssrv = PR_SUCCESS;
- CK_RV ckrv;
- session = (sessionOpt) ? sessionOpt : slot->token->defaultSession;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(slot)->C_Logout(session->handle);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- /* translate the error */
- nssrv = PR_FAILURE;
- }
- return nssrv;
-}
-
-NSS_IMPLEMENT void
-nssSlot_SetPasswordDefaults
-(
- NSSSlot *slot,
- PRInt32 askPasswordTimeout
-)
-{
- slot->authInfo.askPasswordTimeout = askPasswordTimeout;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSlot_SetPassword
-(
- NSSSlot *slot,
- NSSCallback *pwcb
-)
-{
- PRStatus nssrv;
- nssSession *rwSession;
- PRBool needsInit;
- needsInit = PR_FALSE; /* XXX */
- rwSession = nssSlot_CreateSession(slot, NULL, PR_TRUE);
- if (needsInit) {
- nssrv = nssslot_init_password(slot, rwSession, pwcb);
- } else {
- nssrv = nssslot_change_password(slot, rwSession, pwcb);
- }
- nssSession_Destroy(rwSession);
- return nssrv;
-}
-
-#ifdef PURE_STAN
-NSS_IMPLEMENT nssSession *
-nssSlot_CreateSession
-(
- NSSSlot *slot,
- NSSArena *arenaOpt,
- PRBool readWrite /* so far, this is the only flag used */
-)
-{
- CK_RV ckrv;
- CK_FLAGS ckflags;
- CK_SESSION_HANDLE session;
- nssSession *rvSession;
- ckflags = s_ck_readonly_flags;
- if (readWrite) {
- ckflags |= CKF_RW_SESSION;
- }
- /* does the opening and closing of sessions need to be done in a
- * threadsafe manner? should there be a "meta-lock" controlling
- * calls like this?
- */
- ckrv = CKAPI(slot)->C_OpenSession(slot->slotID, ckflags,
- slot, nss_ck_slot_notify, &session);
- if (ckrv != CKR_OK) {
- /* set an error here, eh? */
- return (nssSession *)NULL;
- }
- rvSession = nss_ZNEW(arenaOpt, nssSession);
- if (!rvSession) {
- return (nssSession *)NULL;
- }
- if (slot->module->flags & NSSMODULE_FLAGS_NOT_THREADSAFE) {
- /* If the parent module is not threadsafe, create lock to manage
- * session within threads.
- */
- rvSession->lock = PZ_NewLock(nssILockOther);
- if (!rvSession->lock) {
- /* need to translate NSPR error? */
- if (arenaOpt) {
- } else {
- nss_ZFreeIf(rvSession);
- }
- return (nssSession *)NULL;
- }
- }
- rvSession->handle = session;
- rvSession->slot = slot;
- rvSession->isRW = readWrite;
- return rvSession;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSession_Destroy
-(
- nssSession *s
-)
-{
- CK_RV ckrv = CKR_OK;
- if (s) {
- ckrv = CKAPI(s->slot)->C_CloseSession(s->handle);
- if (s->lock) {
- PZ_DestroyLock(s->lock);
- }
- nss_ZFreeIf(s);
- }
- return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-#endif
-
-NSS_IMPLEMENT PRStatus
-nssSession_EnterMonitor
-(
- nssSession *s
-)
-{
- if (s->lock) PZ_Lock(s->lock);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-nssSession_ExitMonitor
-(
- nssSession *s
-)
-{
- return (s->lock) ? PZ_Unlock(s->lock) : PR_SUCCESS;
-}
-
-NSS_EXTERN PRBool
-nssSession_IsReadWrite
-(
- nssSession *s
-)
-{
- return s->isRW;
-}
-
diff --git a/security/nss/lib/dev/devt.h b/security/nss/lib/dev/devt.h
deleted file mode 100644
index 01de793a7..000000000
--- a/security/nss/lib/dev/devt.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVT_H
-#define DEVT_H
-
-#ifdef DEBUG
-static const char DEVT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * devt.h
- *
- * This file contains definitions for the low-level cryptoki devices.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSCKT_H
-#include "nssckt.h"
-#endif /* NSSCKT_H */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifdef NSS_3_4_CODE
-#include "secmodt.h"
-#endif /* NSS_3_4_CODE */
-
-PR_BEGIN_EXTERN_C
-
-typedef struct nssSessionStr nssSession;
-
-/* The list of boolean flags used to describe properties of a
- * module.
- */
-#define NSSMODULE_FLAGS_NOT_THREADSAFE 0x0001 /* isThreadSafe */
-
-struct NSSModuleStr {
- NSSArena *arena;
- PRInt32 refCount;
- NSSUTF8 *name;
- NSSUTF8 *libraryPath;
- PRLibrary *library;
- void *epv;
- NSSSlot **slots;
- PRUint32 numSlots;
- PRUint32 flags;
-};
-
-/* The list of boolean flags used to describe properties of a
- * slot.
- */
-#define NSSSLOT_FLAGS_LOGIN_REQUIRED 0x0001 /* needLogin */
-/*#define NSSSLOT_FLAGS_READONLY 0x0002*/ /* readOnly */
-
-/* this should track global and per-transaction login information */
-struct nssSlotAuthInfoStr
-{
- PRTime lastLogin;
- PRInt32 askPasswordTimeout;
-};
-
-struct NSSSlotStr
-{
- NSSArena *arena;
- PRInt32 refCount;
- NSSModule *module; /* Parent */
- NSSToken *token; /* Child (or peer, if you will) */
- NSSUTF8 *name;
- CK_SLOT_ID slotID;
- void *epv;
- CK_FLAGS ckFlags; /* from CK_SLOT_INFO.flags */
- PRUint32 flags;
- struct nssSlotAuthInfoStr authInfo;
- NSSTrustDomain *trustDomain;
-#ifdef NSS_3_4_CODE
- PK11SlotInfo *pk11slot;
-#endif
-};
-
-struct NSSTokenStr
-{
- NSSArena *arena;
- PRInt32 refCount;
- NSSSlot *slot; /* Parent (or peer, if you will) */
- NSSUTF8 *name;
- CK_FLAGS ckFlags; /* from CK_TOKEN_INFO.flags */
- PRUint32 flags;
- void *epv;
- nssSession *defaultSession;
- NSSTrustDomain *trustDomain;
-#ifdef NSS_3_4_CODE
- PK11SlotInfo *pk11slot;
-#endif
-};
-
-struct nssSessionStr
-{
- PZLock *lock;
- CK_SESSION_HANDLE handle;
- NSSSlot *slot;
- PRBool isRW;
-};
-
-typedef enum {
- NSSCertificateType_Unknown = 0,
- NSSCertificateType_PKIX = 1
-} NSSCertificateType;
-
-#ifdef nodef
-typedef enum {
- nssTrustLevel_Unknown = 0,
- nssTrustLevel_NotTrusted = 1,
- nssTrustLevel_Trusted = 2,
- nssTrustLevel_TrustedDelegator = 3,
- nssTrustLevel_Valid = 4
-} nssTrustLevel;
-#else
-typedef CK_ULONG nssTrustLevel; /* for now */
-#endif
-
-typedef struct nssCryptokiInstanceStr nssCryptokiInstance;
-
-struct nssCryptokiInstanceStr
-{
- CK_OBJECT_HANDLE handle;
- NSSToken *token;
-};
-
-typedef struct nssTokenCertSearchStr nssTokenCertSearch;
-
-struct nssTokenCertSearchStr
-{
- PRStatus (* callback)(NSSCertificate *c, void *arg);
- void *cbarg;
- nssList *cached;
- NSSTrustDomain *trustDomain;
- NSSCryptoContext *cryptoContext;
-};
-
-struct NSSAlgorithmAndParametersStr
-{
- CK_MECHANISM mechanism;
-};
-
-PR_END_EXTERN_C
-
-#endif /* DEVT_H */
diff --git a/security/nss/lib/dev/devtoken.c b/security/nss/lib/dev/devtoken.c
deleted file mode 100644
index b90dd4c6c..000000000
--- a/security/nss/lib/dev/devtoken.c
+++ /dev/null
@@ -1,384 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-#ifndef NSSCKEPV_H
-#include "nssckepv.h"
-#endif /* NSSCKEPV_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-/* maybe this should really inherit completely from the module... I dunno,
- * any uses of slots where independence is needed?
- */
-NSS_IMPLEMENT NSSToken *
-nssToken_Create
-(
- NSSArena *arenaOpt,
- CK_SLOT_ID slotID,
- NSSSlot *parent
-)
-{
- NSSArena *arena;
- nssArenaMark *mark;
- NSSToken *rvToken;
- nssSession *session;
- NSSUTF8 *tokenName = NULL;
- PRUint32 length;
- PRBool newArena;
- PRBool readWrite;
- PRStatus nssrv;
- CK_TOKEN_INFO tokenInfo;
- CK_RV ckrv;
- if (arenaOpt) {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if (!mark) {
- return (NSSToken *)NULL;
- }
- newArena = PR_FALSE;
- } else {
- arena = NSSArena_Create();
- if(!arena) {
- return (NSSToken *)NULL;
- }
- newArena = PR_TRUE;
- }
- rvToken = nss_ZNEW(arena, NSSToken);
- if (!rvToken) {
- goto loser;
- }
- /* Get token information */
- ckrv = CKAPI(parent)->C_GetTokenInfo(slotID, &tokenInfo);
- if (ckrv != CKR_OK) {
- /* set an error here, eh? */
- goto loser;
- }
- /* Grab the slot description from the PKCS#11 fixed-length buffer */
- length = nssPKCS11StringLength(tokenInfo.label, sizeof(tokenInfo.label));
- if (length > 0) {
- tokenName = nssUTF8_Create(arena, nssStringType_UTF8String,
- (void *)tokenInfo.label, length);
- if (!tokenName) {
- goto loser;
- }
- }
- /* Open a default session handle for the token. */
- if (tokenInfo.ulMaxSessionCount == 1) {
- /* if the token can only handle one session, it must be RW. */
- readWrite = PR_TRUE;
- } else {
- readWrite = PR_FALSE;
- }
- session = nssSlot_CreateSession(parent, arena, readWrite);
- if (session == NULL) {
- goto loser;
- }
- /* TODO: seed the RNG here */
- if (!arenaOpt) {
- /* Avoid confusion now - only set the token's arena to a non-NULL value
- * if a new arena is created. Otherwise, depend on the caller (having
- * passed arenaOpt) to free the arena.
- */
- rvToken->arena = arena;
- }
- rvToken->refCount = 1;
- rvToken->slot = parent;
- rvToken->name = tokenName;
- rvToken->ckFlags = tokenInfo.flags;
- rvToken->defaultSession = session;
- nssrv = nssArena_Unmark(arena, mark);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- return rvToken;
-loser:
- if (session) {
- nssSession_Destroy(session);
- }
- if (newArena) {
- nssArena_Destroy(arena);
- } else {
- if (mark) {
- nssArena_Release(arena, mark);
- }
- }
- return (NSSToken *)NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_Destroy
-(
- NSSToken *tok
-)
-{
- if (--tok->refCount == 0) {
-#ifndef NSS_3_4_CODE
- /* don't do this in 3.4 -- let PK11SlotInfo handle it */
- if (tok->defaultSession) {
- nssSession_Destroy(tok->defaultSession);
- }
-#endif
- if (tok->arena) {
- return NSSArena_Destroy(tok->arena);
- } else {
- nss_ZFreeIf(tok);
- }
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSToken *
-nssToken_AddRef
-(
- NSSToken *tok
-)
-{
- ++tok->refCount;
- return tok;
-}
-
-NSS_IMPLEMENT NSSUTF8 *
-nssToken_GetName
-(
- NSSToken *tok
-)
-{
- return tok->name;
-}
-
-NSS_IMPLEMENT NSSItem *
-nssToken_Digest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSAlgorithmAndParameters *ap,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- CK_RV ckrv;
- CK_ULONG digestLen;
- CK_BYTE_PTR digest;
- NSSItem *rvItem = NULL;
- nssSession *session;
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(tok)->C_DigestInit(session->handle, &ap->mechanism);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
-#if 0
- /* XXX the standard says this should work, but it doesn't */
- ckrv = CKAPI(tok)->C_Digest(session->handle, NULL, 0, NULL, &digestLen);
- if (ckrv != CKR_OK) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
-#endif
- digestLen = 0; /* XXX for now */
- digest = NULL;
- if (rvOpt) {
- if (rvOpt->size > 0 && rvOpt->size < digestLen) {
- nssSession_ExitMonitor(session);
- /* the error should be bad args */
- return NULL;
- }
- if (rvOpt->data) {
- digest = rvOpt->data;
- }
- digestLen = rvOpt->size;
- }
- if (!digest) {
- digest = (CK_BYTE_PTR)nss_ZAlloc(arenaOpt, digestLen);
- if (!digest) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
- }
- ckrv = CKAPI(tok)->C_Digest(session->handle,
- (CK_BYTE_PTR)data->data,
- (CK_ULONG)data->size,
- (CK_BYTE_PTR)digest,
- &digestLen);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- nss_ZFreeIf(digest);
- return NULL;
- }
- if (!rvOpt) {
- rvItem = nssItem_Create(arenaOpt, NULL, digestLen, (void *)digest);
- }
- return rvItem;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_BeginDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSAlgorithmAndParameters *ap
-)
-{
- CK_RV ckrv;
- nssSession *session;
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(tok)->C_DigestInit(session->handle, &ap->mechanism);
- nssSession_ExitMonitor(session);
- return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssToken_ContinueDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSItem *item
-)
-{
- CK_RV ckrv;
- nssSession *session;
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(tok)->C_DigestUpdate(session->handle,
- (CK_BYTE_PTR)item->data,
- (CK_ULONG)item->size);
- nssSession_ExitMonitor(session);
- return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-nssToken_FinishDigest
-(
- NSSToken *tok,
- nssSession *sessionOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- CK_RV ckrv;
- CK_ULONG digestLen;
- CK_BYTE_PTR digest;
- NSSItem *rvItem = NULL;
- nssSession *session;
- session = (sessionOpt) ? sessionOpt : tok->defaultSession;
- nssSession_EnterMonitor(session);
- ckrv = CKAPI(tok)->C_DigestFinal(session->handle, NULL, &digestLen);
- if (ckrv != CKR_OK || digestLen == 0) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
- digest = NULL;
- if (rvOpt) {
- if (rvOpt->size > 0 && rvOpt->size < digestLen) {
- nssSession_ExitMonitor(session);
- /* the error should be bad args */
- return NULL;
- }
- if (rvOpt->data) {
- digest = rvOpt->data;
- }
- digestLen = rvOpt->size;
- }
- if (!digest) {
- digest = (CK_BYTE_PTR)nss_ZAlloc(arenaOpt, digestLen);
- if (!digest) {
- nssSession_ExitMonitor(session);
- return NULL;
- }
- }
- ckrv = CKAPI(tok)->C_DigestFinal(session->handle, digest, &digestLen);
- nssSession_ExitMonitor(session);
- if (ckrv != CKR_OK) {
- nss_ZFreeIf(digest);
- return NULL;
- }
- if (!rvOpt) {
- rvItem = nssItem_Create(arenaOpt, NULL, digestLen, (void *)digest);
- }
- return rvItem;
-}
-
-/* XXX of course this doesn't belong here */
-NSS_IMPLEMENT NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateSHA1Digest
-(
- NSSArena *arenaOpt
-)
-{
- NSSAlgorithmAndParameters *rvAP = NULL;
- rvAP = nss_ZNEW(arenaOpt, NSSAlgorithmAndParameters);
- if (rvAP) {
- rvAP->mechanism.mechanism = CKM_SHA_1;
- rvAP->mechanism.pParameter = NULL;
- rvAP->mechanism.ulParameterLen = 0;
- }
- return rvAP;
-}
-
-NSS_IMPLEMENT NSSAlgorithmAndParameters *
-NSSAlgorithmAndParameters_CreateMD5Digest
-(
- NSSArena *arenaOpt
-)
-{
- NSSAlgorithmAndParameters *rvAP = NULL;
- rvAP = nss_ZNEW(arenaOpt, NSSAlgorithmAndParameters);
- if (rvAP) {
- rvAP->mechanism.mechanism = CKM_MD5;
- rvAP->mechanism.pParameter = NULL;
- rvAP->mechanism.ulParameterLen = 0;
- }
- return rvAP;
-}
-
diff --git a/security/nss/lib/dev/devutil.c b/security/nss/lib/dev/devutil.c
deleted file mode 100644
index 02db7831b..000000000
--- a/security/nss/lib/dev/devutil.c
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef DEVM_H
-#include "devm.h"
-#endif /* DEVM_H */
-
-NSS_IMPLEMENT PRUint32
-nssPKCS11StringLength(CK_CHAR *pkcs11Str, PRUint32 bufLen)
-{
- PRInt32 i;
- for (i = bufLen - 1; i>=0; ) {
- if (pkcs11Str[i] != ' ') break;
- --i;
- }
- return (PRUint32)(i + 1);
-}
-
diff --git a/security/nss/lib/dev/manifest.mn b/security/nss/lib/dev/manifest.mn
deleted file mode 100644
index fbd4ec37b..000000000
--- a/security/nss/lib/dev/manifest.mn
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- ckhelper.h \
- devt.h \
- dev.h \
- $(NULL)
-
-EXPORTS = \
- nssdevt.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- devmod.c \
- devslot.c \
- devobject.c \
- devtoken.c \
- devutil.c \
- ckhelper.c \
- $(NULL)
-
-# here is where the 3.4 glue code is added
-ifndef PURE_STAN_BUILD
-DEFINES = -DNSS_3_4_CODE
-endif
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nssdev
diff --git a/security/nss/lib/dev/nssdevt.h b/security/nss/lib/dev/nssdevt.h
deleted file mode 100644
index a603ce545..000000000
--- a/security/nss/lib/dev/nssdevt.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSDEVT_H
-#define NSSDEVT_H
-
-#ifdef DEBUG
-static const char NSSDEVT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nssdevt.h
- *
- * This file contains definitions for the low-level cryptoki devices.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSModule and NSSSlot -- placeholders for the PKCS#11 types
- */
-
-typedef struct NSSModuleStr NSSModule;
-
-typedef struct NSSSlotStr NSSSlot;
-
-typedef struct NSSTokenStr NSSToken;
-
-PR_END_EXTERN_C
-
-#endif /* NSSDEVT_H */
diff --git a/security/nss/lib/fortcrypt/Makefile b/security/nss/lib/fortcrypt/Makefile
deleted file mode 100644
index 32b8df58d..000000000
--- a/security/nss/lib/fortcrypt/Makefile
+++ /dev/null
@@ -1,168 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-
-CILIB = $(OBJDIR)/cilib.$(LIB_SUFFIX)
-ORIG_CILIB = libci/$(OS_CONFIG).$(LIB_SUFFIX)
-
-ifeq ($(OS_ARCH), WINNT)
-ORIG_CILIB = libci/tssp32.lib
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-ORIG_CILIB = libci/tssp.lib
-endif
-
-ifeq ($(OS_TARGET), WIN95)
-ORIG_CILIB = libci/tssp32.lib
-endif
-
-ifeq ($(OS_ARCH), WINNT)
-STUBDLL = $(OBJDIR)/stub.$(DLL_SUFFIX)
-endif
-
-STUBLIB = $(OBJDIR)/stub.$(LIB_SUFFIX)
-
-ifeq ($(OS_TARGET), WIN16)
-W16LIBS += $(CILIB)
-else
-EXTRA_LIBS += $(CILIB)
-endif
-
-INST_JS = inst.js
-LIBCI_JAR = $(OBJDIR)/libfort.jar
-LIBCI_JAR_SRC = $(INST_JS) $(SHARED_LIBRARY)
-
-ifneq ($(OS_TARGET), WIN16)
-TARGETS : $(LIBCI_JAR)
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-# note that rules.mk is not included below for WIN16
-all:
- @echo Skipping fortcrypt directory for 16-bit windows builds
-
-all_platforms alltags clean clobber clobber_all realclean: all
-
-boot export install libs program release: all
-
-endif
-
-$(SHARED_LIBRARY): $(CILIB) $(DIRS)
-
-cilib_name:
- @echo $(CILIB)
-
-$(CILIB):
- @$(MAKE_OBJDIR)
- @if test -f $(ORIG_CILIB); then \
- echo "Copying $(ORIG_CILIB) to $@"; \
- cp $(ORIG_CILIB) $@; \
- else \
- echo "Making empty stub $@"; \
- $(MAKE) $(STUBLIB); \
- fi
- @$(RANLIB) $@
-
-$(STUBLIB): $(OBJDIR)/maci$(OBJ_SUFFIX)
- @$(MAKE_OBJDIR)
-ifeq ($(OS_ARCH), WINNT)
- $(MAKE) $(STUBDLL)
-else
- $(AR) $<
-endif
- cp $@ $(CILIB)
-
-ifeq ($(OS_ARCH), WINNT)
-$(STUBDLL): $(OBJDIR)/maci.o
- $(LINK_DLL) -MAP $(DLLBASE) $(subst /,\\,$(OBJDIR)/maci.o $(OS_LIBS))
-
-$(OBJDIR)/maci.o: maci.c
- $(CC) -Fo$@ -c $(CFLAGS) $<
-endif
-
-#
-# The following rules packages the shared library into a JAR,
-# ready to be signed
-#
-$(OBJDIR)/replace: replace.c
- $(CC) -o $@ $<
-
-# ZIP options:
-# -5 means medium compression
-# -q means quiet
-# -j means do not store tree structure, all files go into one dir
-#
-$(LIBCI_JAR): $(DIRS) $(LIBCI_JAR_SRC)
- @echo +++ building $@ from $(LIBCI_JAR_SRC)
- @rm -f $@
- zip -5qj $@ $(LIBCI_JAR_SRC)
-
-force:
- (cd swfort ; $(MAKE))
-
-
-MD_FILES += $(LIBCI_JAR)
-
-# coreconf doesn't build the AIX shared library for FORTEZZA,
-# so I'm going to override their shared library command and build the shared
-# library the way config used to.
-#
-ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.1)
-DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry
-EXTRA_DSO_LDOPTS = -lc
-MKSHLIB = svld $(DSO_LDOPTS)
-
-$(SHARED_LIBRARY): $(OBJS)
- @$(MAKE_OBJDIR)
- rm -f $@
- $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
- chmod +x $@
-endif
-
-ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.2)
-LD += -G
-endif
-
-
-ifneq ($(OS_TARGET), WIN16)
-include $(CORE_DEPTH)/coreconf/rules.mk
-endif
-
-export:: private_export
-
-
diff --git a/security/nss/lib/fortcrypt/config.mk b/security/nss/lib/fortcrypt/config.mk
deleted file mode 100644
index d54a9dfc0..000000000
--- a/security/nss/lib/fortcrypt/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only shared libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(SHARED_LIBRARY)
-LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/fortcrypt/cryptint.h b/security/nss/lib/fortcrypt/cryptint.h
deleted file mode 100644
index c4de00ff2..000000000
--- a/security/nss/lib/fortcrypt/cryptint.h
+++ /dev/null
@@ -1,703 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* @(#)cryptint.h 1.26\t10 Nov 1995 */
-/*****************************************************************************
- Definitive Fortezza header file.
- Application Level Interface to Fortezza CI Library.
-
- Version for CI Library 1.52
- November 8, 1995
-
-
- NOTICE: Fortezza Export Policy
-
- The Fortezza Cryptologic Interface (CI) Library (both source and
- object) and Fortezza CI Library based applications are defense
- articles, as defined in the International Traffic In Arms
- Regulations (ITAR), and are subject to export controls under the
- ITAR and the Arms Export Control Act. Any export to any country
- of (a) the Fortezza CI Library, related documentation, and
- technical data, or (b) your cryptographic application, process,
- or service that is the direct product of, or contains the
- Fortezza CI Library must comply with the requirements of the ITAR.
- If you or your customer intends to engage in such export, contact
- the United States Department of State, Office of Defense Trade
- Controls for specific guidance.
-
-
- ****************************************************************************/
-#ifndef __CRYPTINT_H
-#define __CRYPTINT_H
-
-#if __cplusplus__ || __cplusplus
-extern "C"
-{
-#endif /* C++ */
-
-#ifndef PROTO_LIST
-#ifdef _K_AND_R_
-#define PROTO_LIST(list) ()
-#else
-#define PROTO_LIST(list) list
-#endif /*_K_AND_R_ */
-#endif /* PROTO_LIST */
-
-
-#ifndef RETURN_TYPE
-#if defined( _WIN32 ) || defined( __WIN32__ )
-#define RETURN_TYPE __declspec(dllimport) int
-#elif defined( _WINDOWS ) || defined( _Windows )
-#define RETURN_TYPE extern int _far _pascal
-#else
-#define RETURN_TYPE extern int
-#endif /* Windows */
-#endif /* RETURN_TYPE */
-
-/* MS Visual C++ defines _MSDOS and _WINDOWS */
-/* Borland C/C++ defines __MSDOS__ and _Windows */
-#if defined( _WIN32 ) || defined ( __WIN32__ )
-#define CI_FAR
-#elif defined( _WINDOWS ) || defined( _Windows )
-#define CI_FAR _far
-#else
-#define CI_FAR
-#endif /* MS DOS or Windows */
-
-
-/*****************************************************************************
- Constants
- ****************************************************************************/
-#define CI_LIB_VERSION_VAL 0x0152 /* Version 1.52 */
-
-#define CI_CERT_SIZE 2048
-#define CI_CERT_FLAGS_SIZE 16
-#define CI_CERT_NAME_SIZE 32
-#define CI_CHALLENGE_SIZE 20
-
-#define CI_G_SIZE 128
-
-#define CI_HASHVALUE_SIZE 20
-
-#define CI_IV_SIZE 24
-
-#define CI_KEY_SIZE 12
-#define CI_KS_SIZE 10
-
-#define CI_NAME_SIZE 32
-
-#define CI_PASSWORD_SIZE 24
-#define CI_PIN_SIZE 12
-#define CI_P_SIZE 128
-
-#define CI_Q_SIZE 20
-
-#define CI_R_SIZE 40
-#define CI_RANDOM_NO_SIZE 20
-#define CI_RANDOM_SEED_SIZE 8
-#define CI_RA_SIZE 128
-#define CI_RB_SIZE 128
-#define CI_REG_FLAGS_SIZE 4
-
-#define CI_S_SIZE 40
-#define CI_SAVE_DATA_SIZE 28
-#define CI_SERIAL_NUMBER_SIZE 8
-#define CI_SIGNATURE_SIZE 40
-#define CI_STATUS_FLAGS_SIZE 4
-
-#define CI_TIME_SIZE 16
-#define CI_TIMESTAMP_SIZE 16
-
-#define CI_WRAPPED_X_SIZE 24
-
-#define CI_Y_SIZE 128
-
-#define CI_X_SIZE 20
-
-
-/* Miscellaneous */
-#define CI_NULL_FLAG 0
-#define CI_POWER_DOWN_FLAG 2
-#define CI_NO_LOG_OFF_FLAG 4
-#define CI_INITIATOR_FLAG 0
-#define CI_RECIPIENT_FLAG 1
-
-#define CI_BLOCK_LOCK_FLAG 1
-#define CI_SSO_LOGGED_ON 0x40
-#define CI_USER_LOGGED_ON 0x00
-#define CI_FAST_MODE 0x10
-#define CI_SLOW_MODE 0x00
-#define CI_WORST_CASE_MODE 0x40
-#define CI_TYPICAL_CASE_MODE 0x00
-
-/* Card Public Key Algorithms Types */
-#define CI_DSA_TYPE 0xA
-#define CI_KEA_TYPE 0x5
-#define CI_DSA_KEA_TYPE 0xF
-
-/* Fortezza Pin Types */
-#define CI_SSO_PIN 0x25
-#define CI_USER_PIN 0x2A
-
-/* Crypto Types */
-#define CI_ENCRYPT_TYPE 0
-#define CI_DECRYPT_TYPE 1
-#define CI_HASH_TYPE 2
-
-/* Save and Restore Types */
-#define CI_ENCRYPT_INT_TYPE 0x00 /* Internal Encryption */
-#define CI_ENCRYPT_EXT_TYPE 0x10 /* External Encryption */
-#define CI_DECRYPT_INT_TYPE 0x01 /* Internal Decryption */
-#define CI_DECRYPT_EXT_TYPE 0x11 /* External Decryption */
-#define CI_HASH_INT_TYPE 0x02 /* Internal Hash */
-#define CI_HASH_EXT_TYPE 0x12 /* External Hash */
-#define CI_TYPE_EXT_FLAG 0x10 /* Used to differentiate */
-
-/* Configuration types */
-#define CI_SET_SPEED_TYPE 1
-#define CI_SET_TIMING_TYPE 2
-
-/* Lock States */
-#define CI_SOCKET_UNLOCKED 0
-#define CI_HOLD_LOCK 1
-#define CI_SOCKET_LOCKED 2
-
-/* Fortezza Crypto Types Modes */
-#define CI_ECB64_MODE 0
-#define CI_CBC64_MODE 1
-#define CI_OFB64_MODE 2
-#define CI_CFB64_MODE 3
-#define CI_CFB32_MODE 4
-#define CI_CFB16_MODE 5
-#define CI_CFB8_MODE 6
-
-/* Card States */
-#define CI_POWER_UP 0
-#define CI_UNINITIALIZED 1
-#define CI_INITIALIZED 2
-#define CI_SSO_INITIALIZED 3
-#define CI_LAW_INITIALIZED 4
-#define CI_USER_INITIALIZED 5
-#define CI_STANDBY 6
-#define CI_READY 7
-#define CI_ZEROIZE 8
-#define CI_INTERNAL_FAILURE (-1)
-
-/* Flags for Firmware Update. */
-#define CI_NOT_LAST_BLOCK_FLAG 0x00000000UL
-#define CI_LAST_BLOCK_FLAG 0x80000000UL
-#define CI_DESTRUCTIVE_FLAG 0x000000FFUL
-#define CI_NONDESTRUCTIVE_FLAG 0x0000FF00UL
-
-
-/****************************************************************************
- Fortezza Library Return Codes
- ***************************************************************************/
-
-/* Card Responses */
-#define CI_OK 0
-#define CI_FAIL 1
-#define CI_CHECKWORD_FAIL 2
-#define CI_INV_TYPE 3
-#define CI_INV_MODE 4
-#define CI_INV_KEY_INDEX 5
-#define CI_INV_CERT_INDEX 6
-#define CI_INV_SIZE 7
-#define CI_INV_HEADER 8
-#define CI_INV_STATE 9
-#define CI_EXEC_FAIL 10
-#define CI_NO_KEY 11
-#define CI_NO_IV 12
-#define CI_NO_X 13
-
-#define CI_NO_SAVE 15
-#define CI_REG_IN_USE 16
-#define CI_INV_COMMAND 17
-#define CI_INV_POINTER 18
-#define CI_BAD_CLOCK 19
-#define CI_NO_DSA_PARMS 20
-
-/* Library Errors */
-#define CI_ERROR (-1)
-#define CI_LIB_NOT_INIT (-2)
-#define CI_CARD_NOT_READY (-3)
-#define CI_CARD_IN_USE (-4)
-#define CI_TIME_OUT (-5)
-#define CI_OUT_OF_MEMORY (-6)
-#define CI_NULL_PTR (-7)
-#define CI_BAD_SIZE (-8)
-#define CI_NO_DECRYPT (-9)
-#define CI_NO_ENCRYPT (-10)
-#define CI_NO_EXECUTE (-11)
-#define CI_BAD_PARAMETER (-12)
-#define CI_OUT_OF_RESOURCES (-13)
-
-#define CI_NO_CARD (-20)
-#define CI_NO_DRIVER (-21)
-#define CI_NO_CRDSRV (-22)
-#define CI_NO_SCTSRV (-23)
-
-#define CI_BAD_CARD (-30)
-#define CI_BAD_IOCTL (-31)
-#define CI_BAD_READ (-32)
-#define CI_BAD_SEEK (-33)
-#define CI_BAD_WRITE (-34)
-#define CI_BAD_FLUSH (-35)
-#define CI_BAD_IOSEEK (-36)
-#define CI_BAD_ADDR (-37)
-
-#define CI_INV_SOCKET_INDEX (-40)
-#define CI_SOCKET_IN_USE (-41)
-#define CI_NO_SOCKET (-42)
-#define CI_SOCKET_NOT_OPENED (-43)
-#define CI_BAD_TUPLES (-44)
-#define CI_NOT_A_CRYPTO_CARD (-45)
-
-#define CI_INVALID_FUNCTION (-50)
-#define CI_LIB_ALRDY_INIT (-51)
-#define CI_SRVR_ERROR (-52)
-
-
-/*****************************************************************************
- Data Structures
- ****************************************************************************/
-
-typedef unsigned char CI_CERTIFICATE[CI_CERT_SIZE];
-
-typedef unsigned char CI_CERT_FLAGS[CI_CERT_FLAGS_SIZE];
-
-typedef unsigned char CI_CERT_STR[CI_CERT_NAME_SIZE+4];
-
-typedef unsigned char CI_FAR *CI_DATA;
-
-typedef unsigned char CI_G[CI_G_SIZE];
-
-typedef unsigned char CI_HASHVALUE[CI_HASHVALUE_SIZE];
-
-typedef unsigned char CI_IV[CI_IV_SIZE];
-
-typedef unsigned char CI_KEY[CI_KEY_SIZE];
-
-typedef unsigned char CI_KS[CI_KS_SIZE];
-
-typedef unsigned char CI_P[CI_P_SIZE];
-
-typedef unsigned char CI_PASSWORD[CI_PASSWORD_SIZE + 4];
-
-typedef unsigned char CI_PIN[CI_PIN_SIZE + 4];
-
-typedef unsigned char CI_Q[CI_Q_SIZE];
-
-typedef unsigned char CI_RA[CI_RA_SIZE];
-
-typedef unsigned char CI_RB[CI_RB_SIZE];
-
-typedef unsigned char CI_RANDOM[CI_RANDOM_NO_SIZE];
-
-typedef unsigned char CI_RANDSEED[CI_RANDOM_SEED_SIZE];
-
-typedef unsigned char CI_REG_FLAGS[CI_REG_FLAGS_SIZE];
-
-typedef unsigned char CI_SIGNATURE[CI_SIGNATURE_SIZE];
-
-typedef unsigned char CI_SAVE_DATA[CI_SAVE_DATA_SIZE];
-
-typedef unsigned char CI_SERIAL_NUMBER[CI_SERIAL_NUMBER_SIZE];
-
-typedef unsigned int CI_STATE, CI_FAR *CI_STATE_PTR;
-
-typedef unsigned char CI_TIME[CI_TIME_SIZE];
-
-typedef unsigned char CI_TIMESTAMP[CI_TIMESTAMP_SIZE];
-
-typedef unsigned char CI_WRAPPED_X[CI_WRAPPED_X_SIZE];
-
-typedef unsigned char CI_Y[CI_Y_SIZE];
-
-typedef unsigned char CI_X[CI_X_SIZE];
-
-typedef struct {
- int LibraryVersion; /* CI Library version */
- int ManufacturerVersion; /* Card's hardware version */
- char ManufacturerName[CI_NAME_SIZE+4]; /* Card manufacturer's name*/
- char ProductName[CI_NAME_SIZE+4]; /* Card's product name */
- char ProcessorType[CI_NAME_SIZE+4]; /* Card's processor type */
- unsigned long UserRAMSize; /* Amount of User RAM in bytes */
- unsigned long LargestBlockSize; /* Largest block of data to pass in */
- int KeyRegisterCount; /* Number of key registers */
- int CertificateCount; /* Maximum number of personalities (# certs-1) */
- int CryptoCardFlag; /* A flag that if non-zero indicates that there is
- a Crypto-Card in the socket. If this value is
- zero then there is NOT a Crypto-Card in the
- sockets. */
- int ICDVersion; /* The ICD compliance level */
- int ManufacturerSWVer; /* The Manufacturer's Software Version */
- int DriverVersion; /* Driver Version */
-} CI_CONFIG, CI_FAR *CI_CONFIG_PTR;
-
-typedef struct {
- int CertificateIndex; /* Index from 1 to CertificateCount */
- CI_CERT_STR CertLabel; /* The certificate label */
-} CI_PERSON, CI_FAR *CI_PERSON_PTR;
-
-typedef struct {
- int CurrentSocket; /* The currently selected socket */
- int LockState; /* Lock status of the current socket */
- CI_SERIAL_NUMBER SerialNumber; /* Serial number of the Crypto Engine chip */
- CI_STATE CurrentState; /* State of The Card */
- int DecryptionMode; /* Decryption mode of The Card */
- int EncryptionMode; /* Encryption mode of The Card */
- int CurrentPersonality; /* Index of the current personality */
- int KeyRegisterCount; /* No. of Key Register on The Card */
- CI_REG_FLAGS KeyRegisterFlags; /* Bit Masks indicating Key Register use */
- int CertificateCount; /* No. of Certificates on The Card */
- CI_CERT_FLAGS CertificateFlags; /* Bit Mask indicating certificate use */
- unsigned char Flags[CI_STATUS_FLAGS_SIZE];
- /* Flag[0] : bit 6 for Condition mode */
- /* bit 4 for Clock mode */
-} CI_STATUS, CI_FAR *CI_STATUS_PTR;
-
-
-/*****************************************************************************
- Function Call Prototypes
- ****************************************************************************/
-
-RETURN_TYPE
-CI_ChangePIN PROTO_LIST( (
- int PINType,
- CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPIN ) );
-
-RETURN_TYPE
-CI_CheckPIN PROTO_LIST( (
- int PINType,
- CI_PIN CI_FAR pPIN ) );
-
-RETURN_TYPE
-CI_Close PROTO_LIST( (
- unsigned int Flags,
- int SocketIndex ) );
-
-RETURN_TYPE
-CI_Decrypt PROTO_LIST( (
- unsigned int CipherSize,
- CI_DATA pCipher,
- CI_DATA pPlain ) );
-
-RETURN_TYPE
-CI_DeleteCertificate PROTO_LIST( (
- int CertificateIndex ) );
-
-RETURN_TYPE
-CI_DeleteKey PROTO_LIST( (
- int RegisterIndex ) );
-
-RETURN_TYPE
-CI_Encrypt PROTO_LIST( (
- unsigned int PlainSize,
- CI_DATA pPlain,
- CI_DATA pCipher ) );
-
-RETURN_TYPE
-CI_ExtractX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-CI_FirmwareUpdate PROTO_LIST( (
- unsigned long Flags,
- long Cksum,
- unsigned int CksumLength,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-CI_GenerateIV PROTO_LIST( (
- CI_IV CI_FAR pIV ) );
-
-RETURN_TYPE
-CI_GenerateMEK PROTO_LIST( (
- int RegisterIndex,
- int Reserved ) );
-
-RETURN_TYPE
-CI_GenerateRa PROTO_LIST( (
- CI_RA CI_FAR pRa ) );
-
-RETURN_TYPE
-CI_GenerateRandom PROTO_LIST( (
- CI_RANDOM CI_FAR pRandom ) );
-
-RETURN_TYPE
-CI_GenerateTEK PROTO_LIST( (
- int Flags,
- int RegisterIndex,
- CI_RA CI_FAR pRa,
- CI_RB CI_FAR pRb,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-CI_GenerateX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-CI_GetCertificate PROTO_LIST( (
- int CertificateIndex,
- CI_CERTIFICATE CI_FAR pCertificate ) );
-
-RETURN_TYPE
-CI_GetConfiguration PROTO_LIST( (
- CI_CONFIG_PTR pConfiguration ) );
-
-RETURN_TYPE
-CI_GetHash PROTO_LIST( (
- unsigned int DataSize,
- CI_DATA pData,
- CI_HASHVALUE CI_FAR pHashValue ) );
-
-RETURN_TYPE
-CI_GetPersonalityList PROTO_LIST( (
- int EntryCount,
- CI_PERSON CI_FAR pPersonalityList[] ) );
-
-RETURN_TYPE
-CI_GetState PROTO_LIST( (
- CI_STATE_PTR pState ) );
-
-RETURN_TYPE
-CI_GetStatus PROTO_LIST( (
- CI_STATUS_PTR pStatus ) );
-
-RETURN_TYPE
-CI_GetTime PROTO_LIST( (
- CI_TIME CI_FAR pTime ) );
-
-RETURN_TYPE
-CI_Hash PROTO_LIST( (
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-CI_Initialize PROTO_LIST( (
- int CI_FAR *SocketCount ) );
-
-RETURN_TYPE
-CI_InitializeHash PROTO_LIST( (
- void ) );
-
-RETURN_TYPE
-CI_InstallX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pWrappedX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-CI_LoadCertificate PROTO_LIST( (
- int CertificateIndex,
- CI_CERT_STR CI_FAR pCertLabel,
- CI_CERTIFICATE CI_FAR pCertificate,
- long Reserved ) );
-
-RETURN_TYPE
-CI_LoadDSAParameters PROTO_LIST( (
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-CI_LoadInitValues PROTO_LIST( (
- CI_RANDSEED CI_FAR pRandSeed,
- CI_KS CI_FAR pKs ) );
-
-RETURN_TYPE
-CI_LoadIV PROTO_LIST( (
- CI_IV CI_FAR pIV ) );
-
-RETURN_TYPE
-CI_LoadX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- CI_X CI_FAR pX,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-CI_Lock PROTO_LIST( (
- int Flags ) );
-
-RETURN_TYPE
-CI_Open PROTO_LIST( (
- unsigned int Flags,
- int SocketIndex ) );
-
-RETURN_TYPE
-CI_RelayX PROTO_LIST( (
- CI_PASSWORD CI_FAR pOldPassword,
- unsigned int OldYSize,
- CI_Y CI_FAR pOldY,
- CI_RA CI_FAR pOldRa,
- CI_WRAPPED_X CI_FAR pOldWrappedX,
- CI_PASSWORD CI_FAR pNewPassword,
- unsigned int NewYSize,
- CI_Y CI_FAR pNewY,
- CI_RA CI_FAR pNewRa,
- CI_WRAPPED_X CI_FAR pNewWrappedX ) );
-
-RETURN_TYPE
-CI_Reset PROTO_LIST( (
- void ) );
-
-RETURN_TYPE
-CI_Restore PROTO_LIST( (
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) );
-
-RETURN_TYPE
-CI_Save PROTO_LIST( (
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) );
-
-RETURN_TYPE
-CI_Select PROTO_LIST( (
- int SocketIndex ) );
-
-RETURN_TYPE
-CI_SetConfiguration PROTO_LIST( (
- int Type,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-CI_SetKey PROTO_LIST( (
- int RegisterIndex ) );
-
-RETURN_TYPE
-CI_SetMode PROTO_LIST( (
- int CryptoType,
- int CryptoMode ) );
-
-RETURN_TYPE
-CI_SetPersonality PROTO_LIST( (
- int CertificateIndex ) );
-
-RETURN_TYPE
-CI_SetTime PROTO_LIST( (
- CI_TIME CI_FAR pTime ) );
-
-RETURN_TYPE
-CI_Sign PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature ) );
-
-RETURN_TYPE
-CI_Terminate PROTO_LIST( (
- void ) );
-
-RETURN_TYPE
-CI_TimeStamp PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) );
-
-RETURN_TYPE
-CI_Unlock PROTO_LIST( (
- void ) );
-
-RETURN_TYPE
-CI_UnwrapKey PROTO_LIST( (
- int UnwrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) );
-
-RETURN_TYPE
-CI_VerifySignature PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_SIGNATURE CI_FAR pSignature ) );
-
-RETURN_TYPE
-CI_VerifyTimeStamp PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) );
-
-RETURN_TYPE
-CI_WrapKey PROTO_LIST( (
- int WrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) );
-
-RETURN_TYPE
-CI_Zeroize PROTO_LIST( (
- void ) );
-
-#if __cplusplus__ || __cplusplus
-}
-#endif /* C++ */
-
-#endif /* CRYPTINT_H */
diff --git a/security/nss/lib/fortcrypt/fmutex.c b/security/nss/lib/fortcrypt/fmutex.c
deleted file mode 100644
index ad98c04b6..000000000
--- a/security/nss/lib/fortcrypt/fmutex.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "fmutex.h"
-#include "fpkmem.h"
-#include <stdio.h>
-
-typedef struct PKMutexFunctions {
- CK_CREATEMUTEX CreateMutex;
- CK_DESTROYMUTEX DestroyMutex;
- CK_LOCKMUTEX LockMutex;
- CK_UNLOCKMUTEX UnlockMutex;
- int useMutex;
-} PKMutexFunctions;
-
-static PKMutexFunctions gMutex = {NULL, NULL, NULL, NULL, 0};
-static int gInit = 0;
-
-#define FMUTEX_CHECKS() \
- if (gInit == 0) { \
- return CKR_GENERAL_ERROR; \
- } \
- if (!gMutex.useMutex) { \
- return CKR_GENERAL_ERROR; \
- }
-
-CK_RV FMUTEX_Init(CK_C_INITIALIZE_ARGS_PTR pArgs) {
- if (gInit != 0) {
- return CKR_GENERAL_ERROR;
- }
-
- if (pArgs && pArgs->CreateMutex && pArgs->DestroyMutex &&
- pArgs->LockMutex && pArgs->UnlockMutex) {
-
- gMutex.CreateMutex = pArgs->CreateMutex;
- gMutex.DestroyMutex = pArgs->DestroyMutex;
- gMutex.LockMutex = pArgs->LockMutex;
- gMutex.UnlockMutex = pArgs->UnlockMutex;
- gMutex.useMutex = 1;
- gInit = 1;
- } else {
- gInit = 0;
- return CKR_GENERAL_ERROR;
- }
-
- return CKR_OK;
-}
-
-
-CK_RV FMUTEX_Create(CK_VOID_PTR_PTR pMutex) {
- CK_RV rv;
- FMUTEX_CHECKS()
-
- rv = gMutex.CreateMutex(pMutex);
- return rv;
-}
-
-CK_RV FMUTEX_Destroy(CK_VOID_PTR pMutex) {
- CK_RV rv;
- FMUTEX_CHECKS()
-
- rv = gMutex.DestroyMutex(pMutex);
- return rv;
-}
-
-CK_RV FMUTEX_Lock(CK_VOID_PTR pMutex) {
- CK_RV rv;
- FMUTEX_CHECKS()
-
- rv = gMutex.LockMutex(pMutex);
- return rv;
-}
-
-CK_RV FMUTEX_Unlock(CK_VOID_PTR pMutex) {
- CK_RV rv;
- FMUTEX_CHECKS()
-
- rv = gMutex.UnlockMutex(pMutex);
- return rv;
-}
-
-int FMUTEX_MutexEnabled (void) {
- return gMutex.useMutex;
-}
diff --git a/security/nss/lib/fortcrypt/fmutex.h b/security/nss/lib/fortcrypt/fmutex.h
deleted file mode 100644
index 589eea786..000000000
--- a/security/nss/lib/fortcrypt/fmutex.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _FMUTEX_H_
-#define _FMUTEX_H_ 1
-
-#include "fpkcs11t.h"
-
-/*
- * All of these functions will return CK_RV values.
- */
-extern CK_RV FMUTEX_Init(CK_C_INITIALIZE_ARGS_PTR pArgs);
-
-
-extern CK_RV FMUTEX_Create(CK_VOID_PTR_PTR pMutex);
-
-extern CK_RV FMUTEX_Destroy(CK_VOID_PTR pMutex);
-
-extern CK_RV FMUTEX_Lock(CK_VOID_PTR pMutex);
-
-extern CK_RV FMUTEX_Unlock(CK_VOID_PTR pMutex);
-
-/* Returns 0 if mutexes have not been enabled.
- * Returns 1 if mutexes have been enabled.
- */
-extern int FMUTEX_MutexEnabled(void);
-
-#endif /*_FMUTEX_H_*/
diff --git a/security/nss/lib/fortcrypt/forsock.c b/security/nss/lib/fortcrypt/forsock.c
deleted file mode 100644
index eb4d5ef87..000000000
--- a/security/nss/lib/fortcrypt/forsock.c
+++ /dev/null
@@ -1,816 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "fortsock.h"
-#include "fpkmem.h"
-#include "fmutex.h"
-#include <string.h>
-#include <stdlib.h>
-
-#define DEF_ENCRYPT_SIZE 0x8000
-
-static unsigned char Fortezza_mail_Rb[128] = {
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
-0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,1,
-};
-
-int InitSocket (FortezzaSocket *inSocket, int inSlotID) {
- int ci_rv;
- CK_RV mrv;
-
- if (inSocket == NULL)
- return SOCKET_FAILURE;
-
- inSocket->isLoggedIn = PR_FALSE;
- inSocket->personalitiesLoaded = PR_FALSE;
- inSocket->isOpen = PR_FALSE;
- inSocket->personalityList = NULL;
- inSocket->keyRegisters = NULL;
- inSocket->keys = NULL;
- inSocket->numPersonalities = 0;
- inSocket->numKeyRegisters = 0;
- inSocket->hitCount = 0;
-
- inSocket->slotID = inSlotID;
- ci_rv = MACI_GetSessionID(&(inSocket->maciSession));
- if (ci_rv != CI_OK)
- return SOCKET_FAILURE;
-
- ci_rv = MACI_Open (inSocket->maciSession, 0, inSlotID);
- if (ci_rv == CI_OK) {
- inSocket->isOpen = PR_TRUE;
- } else {
- MACI_Close (inSocket->maciSession, CI_NULL_FLAG, inSlotID);
- }
-
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create(&inSocket->registersLock);
- if (mrv != CKR_OK) {
- inSocket->registersLock = NULL;
- }
- } else {
- inSocket->registersLock = NULL;
- }
-
- return SOCKET_SUCCESS;
-}
-
-int FreeSocket (FortezzaSocket *inSocket) {
- if (inSocket->registersLock) {
- FMUTEX_Destroy(inSocket->registersLock);
- }
- MACI_Close(inSocket->maciSession, CI_NULL_FLAG, inSocket->slotID);
- return SOCKET_SUCCESS;
-}
-
-int LoginToSocket (FortezzaSocket *inSocket, int inUserType, CI_PIN inPin) {
- int ci_rv, i;
- CI_STATUS ciStatus;
- CI_CONFIG ciConfig;
- FortezzaKey **oldRegisters, **newRegisters;
- int oldCount;
- HSESSION hs;
-
- if (inSocket == NULL || inSocket->isLoggedIn)
- return SOCKET_FAILURE;
-
- hs = inSocket->maciSession;
- ci_rv = MACI_Select (hs, inSocket->slotID);
- if (ci_rv != CI_OK)
- return ci_rv;
-
- ci_rv = MACI_CheckPIN(hs, inUserType, inPin);
-
- if (ci_rv != CI_OK) {
- return ci_rv;
- }
-
- ci_rv = MACI_GetStatus(hs, &ciStatus);
-
- if (ci_rv != CI_OK) {
- if (ci_rv == CI_FAIL) {
- ci_rv = CI_EXEC_FAIL;
- }
- return ci_rv;
- }
-
- ci_rv = MACI_GetConfiguration(hs, &ciConfig);
- if (ci_rv != CI_OK) {
- return ci_rv;
- }
-
- inSocket->isLoggedIn = PR_TRUE;
- inSocket->hasLoggedIn = PR_TRUE;
- PORT_Memcpy (inSocket->openCardSerial, ciStatus.SerialNumber,
- sizeof (CI_SERIAL_NUMBER));
- inSocket->openCardState = ciStatus.CurrentState;
- inSocket->numPersonalities = ciStatus.CertificateCount;
- inSocket->numKeyRegisters = ciConfig.KeyRegisterCount;
- newRegisters =
- (FortezzaKey**)PORT_Alloc (sizeof(FortezzaKey)*ciConfig.KeyRegisterCount);
-
- FMUTEX_Lock(inSocket->registersLock);
- oldRegisters = inSocket->keyRegisters;
- oldCount = inSocket->numKeyRegisters;
- inSocket->keyRegisters = newRegisters;
- if (oldRegisters) {
- for (i=0; i<oldCount; i++) {
- if (oldRegisters[i]) {
- oldRegisters[i]->keyRegister = KeyNotLoaded;
- }
- oldRegisters[i] = NULL;
- }
- PORT_Free(oldRegisters);
- }
-
- if (inSocket->keyRegisters == NULL) {
- FMUTEX_Unlock(inSocket->registersLock);
- return SOCKET_FAILURE;
- }
-
- for (i=0; i<ciConfig.KeyRegisterCount; i++) {
- inSocket->keyRegisters[i] = NULL;
- }
- FMUTEX_Unlock(inSocket->registersLock);
-
- return SOCKET_SUCCESS;
-}
-
-int LogoutFromSocket (FortezzaSocket *inSocket) {
- if (inSocket == NULL)
- return SOCKET_FAILURE;
-
- inSocket->isLoggedIn = PR_FALSE;
- inSocket->hasLoggedIn = PR_FALSE;
- if (UnloadPersonalityList(inSocket) != SOCKET_SUCCESS)
- return SOCKET_FAILURE;
-
-
- return SOCKET_SUCCESS;
-}
-
-
-int FetchPersonalityList(FortezzaSocket *inSocket) {
- int rv;
-
- if (inSocket == NULL || inSocket->numPersonalities == 0) {
- return SOCKET_FAILURE;
- }
-
- rv = MACI_Select (inSocket->maciSession, inSocket->slotID);
-
- inSocket->personalityList =
- (CI_PERSON*)PORT_Alloc (sizeof(CI_PERSON)*inSocket->numPersonalities);
-
- if (inSocket->personalityList == NULL) {
- return SOCKET_FAILURE;
- }
-
- rv = MACI_GetPersonalityList(inSocket->maciSession,
- inSocket->numPersonalities,
- inSocket->personalityList);
-
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
-
- inSocket->personalitiesLoaded = PR_TRUE;
- return SOCKET_SUCCESS;
-}
-
-int UnloadPersonalityList(FortezzaSocket *inSocket) {
- if (inSocket == NULL)
- return SOCKET_FAILURE;
-
- inSocket->personalitiesLoaded = PR_FALSE;
- if (inSocket->personalityList) {
- PORT_Free(inSocket->personalityList);
- }
- inSocket->numPersonalities = 0;
- inSocket->personalityList = NULL;
-
- return SOCKET_SUCCESS;
-}
-
-PRBool SocketIsLoggedIn(CI_STATE status) {
-
- return (PRBool)((status == CI_READY) || (status == CI_STANDBY));
-}
-
-PRBool SocketStateUnchanged(FortezzaSocket* inSocket) {
- CI_STATUS ciStatus;
- int ciRV;
-
- ciRV = MACI_Select (inSocket->maciSession, inSocket->slotID);
- if (ciRV != CI_OK)
- return PR_FALSE;
-
- if (inSocket->hasLoggedIn && !inSocket->isLoggedIn)
- return PR_FALSE; /* User Logged out from the socket */
-
- /*
- * Some vendor cards are slow. so if we think we are logged in,
- * and the card still thinks we're logged in, we must have the same
- * card.
- */
- if (inSocket->isLoggedIn) {
- CI_STATE state;
- ciRV = MACI_GetState(inSocket->maciSession, &state);
- if (ciRV != CI_OK) return PR_FALSE;
-
- return SocketIsLoggedIn(state);
- }
-
- ciRV = MACI_GetStatus(inSocket->maciSession, &ciStatus);
- if(ciRV != CI_OK) {
- return PR_FALSE;
- }
- if (inSocket->isLoggedIn) {
- if (PORT_Memcmp(ciStatus.SerialNumber, inSocket->openCardSerial,
- sizeof (CI_SERIAL_NUMBER)) != 0)
- return PR_FALSE; /* Serial Number of card in slot has changed */
- /* Probably means there is a new card */
- }
-
- if (inSocket->isLoggedIn && !SocketIsLoggedIn(ciStatus.CurrentState))
- return PR_FALSE; /* State of card changed. */
- /* Probably re-inserted same card */
-
- return PR_TRUE; /* No change in the state of the socket */
-}
-
-/*
- * can we regenerate this key on the fly?
- */
-static PRBool
-FortezzaIsRegenerating(FortezzaKey *key) {
- /* TEK's are the only type of key that can't be regenerated */
- if (key->keyType != TEK) return PR_TRUE;
- /* Client TEK's can never be regenerated */
- if (key->keyData.tek.flags == CI_INITIATOR_FLAG) return PR_FALSE;
- /* Only Server TEK's that use the Mail protocol can be regenerated */
- return ((PRBool)(memcmp(key->keyData.tek.Rb,Fortezza_mail_Rb,
- sizeof(key->keyData.tek.Rb)) == 0));
-}
-
-int GetBestKeyRegister(FortezzaSocket *inSocket) {
- int i, candidate = -1, candidate2 = 1;
- CK_ULONG minHitCount = 0xffffffff;
- CK_ULONG minRegHitCount = 0xffffffff;
- FortezzaKey **registers;
-
- registers = inSocket->keyRegisters;
- for (i=1; i< inSocket->numKeyRegisters; i++) {
- if (registers[i] == NULL)
- return i;
- }
-
- for (i=1; i < inSocket->numKeyRegisters; i++) {
- if (registers[i]->hitCount < minHitCount) {
- minHitCount = registers[i]->hitCount;
- candidate2 = i;
- }
-
- if (FortezzaIsRegenerating(registers[i]) &&
- (registers[i]->hitCount < minRegHitCount)) {
- minRegHitCount = registers[i]->hitCount;
- candidate = i;
- }
- }
-
- if (candidate == -1)
- candidate = candidate2;
-
- return candidate;
-}
-
-int SetFortezzaKeyHandle (FortezzaKey *inKey, CK_OBJECT_HANDLE inHandle) {
- inKey->keyHandle = inHandle;
- return SOCKET_SUCCESS;
-}
-
-void
-RemoveKey (FortezzaKey *inKey) {
- if (inKey != NULL && inKey->keySocket->keyRegisters != NULL) {
- if (inKey->keyRegister != KeyNotLoaded) {
- FortezzaKey **registers = inKey->keySocket->keyRegisters;
- registers[inKey->keyRegister] = NULL;
- MACI_DeleteKey(inKey->keySocket->maciSession, inKey->keyRegister);
- }
-
- PORT_Free(inKey);
- }
-}
-
-FortezzaKey *NewFortezzaKey(FortezzaSocket *inSocket,
- FortezzaKeyType inKeyType,
- CreateTEKInfo *TEKinfo,
- int inKeyRegister) {
- FortezzaKey *newKey, *oldKey;
- FortezzaKey **registers;
- HSESSION hs = inSocket->maciSession;
- int ciRV;
-
- newKey = (FortezzaKey*)PORT_Alloc (sizeof(FortezzaKey));
- if (newKey == NULL) {
- return NULL;
- }
-
- newKey->keyHandle = 0;
- newKey->keyRegister = KeyNotLoaded;
- newKey->keyType = inKeyType;
- newKey->keySocket = inSocket;
- newKey->hitCount = 0;
- newKey->id = TEKinfo ? TEKinfo->personality : 0;
-
- if (inKeyType != Ks && inSocket->keyRegisters) {
- registers = inSocket->keyRegisters;
- oldKey = registers[inKeyRegister];
- if (oldKey != NULL) {
- oldKey->keyRegister = KeyNotLoaded;
- }
-
- registers[inKeyRegister] = newKey;
- newKey->hitCount = inSocket->hitCount++;
-
- MACI_DeleteKey (hs, inKeyRegister);
- }
- newKey->keyRegister = inKeyRegister;
-
- MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
- switch (inKeyType) {
- case MEK:
- ciRV = MACI_GenerateMEK (hs, inKeyRegister, 0);
- if (ciRV != CI_OK) {
- RemoveKey(newKey);
- MACI_Unlock(hs);
- return NULL;
- }
- MACI_WrapKey(hs, 0, inKeyRegister, newKey->keyData.mek);
- break;
- case TEK:
- PORT_Memcpy (newKey->keyData.tek.Rb, TEKinfo->Rb, TEKinfo->randomLen);
- PORT_Memcpy (newKey->keyData.tek.Ra, TEKinfo->Ra, TEKinfo->randomLen);
- PORT_Memcpy (newKey->keyData.tek.pY, TEKinfo->pY, TEKinfo->YSize);
- newKey->keyData.tek.ySize = TEKinfo->YSize;
- newKey->keyData.tek.randomLen = TEKinfo->randomLen;
- newKey->keyData.tek.registerIndex = TEKinfo->personality;
- newKey->keyData.tek.flags = TEKinfo->flag;
-
- ciRV = MACI_SetPersonality(hs,TEKinfo->personality);
- if (ciRV != CI_OK) {
- RemoveKey(newKey);
- MACI_Unlock(hs);
- return NULL;
- }
- ciRV = MACI_GenerateTEK(hs, TEKinfo->flag, inKeyRegister,
- newKey->keyData.tek.Ra, TEKinfo->Rb,
- TEKinfo->YSize, TEKinfo->pY);
- if (ciRV != CI_OK) {
- RemoveKey(newKey);
- MACI_Unlock(hs);
- return NULL;
- }
-
-
- break;
- case Ks:
- break;
- default:
- RemoveKey(newKey);
- MACI_Unlock(hs);
- return NULL;
- }
- MACI_Unlock(hs);
- return newKey;
-}
-
-FortezzaKey *NewUnwrappedKey(int inKeyRegister, int id,
- FortezzaSocket *inSocket) {
- FortezzaKey *newKey;
-
- newKey = (FortezzaKey*)PORT_Alloc (sizeof(FortezzaKey));
- if (newKey == NULL) {
- return NULL;
- }
-
- newKey->keyRegister = inKeyRegister;
- newKey->keyType = UNWRAP;
- newKey->keySocket = inSocket;
- newKey->id = id;
- newKey->hitCount = inSocket->hitCount++;
- MACI_WrapKey(inSocket->maciSession,0 , inKeyRegister, newKey->keyData.mek);
- inSocket->keyRegisters[inKeyRegister] = newKey;
-
- return newKey;
-}
-
-int LoadKeyIntoRegister (FortezzaKey *inKey) {
- int registerIndex = GetBestKeyRegister(inKey->keySocket);
- FortezzaSocket *socket = inKey->keySocket;
- FortezzaKey **registers = socket->keyRegisters;
- HSESSION hs = socket->maciSession;
- FortezzaTEK *tek = &inKey->keyData.tek;
- FortezzaKey *oldKey;
- int rv = CI_FAIL;
-
- if (inKey->keyRegister != KeyNotLoaded) {
- return inKey->keyRegister;
- }
-
- oldKey = registers[registerIndex];
-
- MACI_Select(hs, socket->slotID);
- if (oldKey) {
- oldKey->keyRegister = KeyNotLoaded;
- }
- MACI_DeleteKey (hs, registerIndex);
-
- switch (inKey->keyType) {
- case TEK:
- if (!FortezzaIsRegenerating(inKey)) {
- return KeyNotLoaded;
- }
- if (MACI_SetPersonality(hs, tek->registerIndex) == CI_OK) {
- rv = MACI_GenerateTEK (hs, tek->flags, registerIndex,
- tek->Ra, tek->Rb, tek->ySize,
- tek->pY);
- }
- if (rv != CI_OK)
- return KeyNotLoaded;
- break;
- case MEK:
- case UNWRAP:
- rv = MACI_UnwrapKey (hs, 0, registerIndex, inKey->keyData.mek);
- if (rv != CI_OK)
- return KeyNotLoaded;
- break;
- default:
- return KeyNotLoaded;
- }
- inKey->keyRegister = registerIndex;
- registers[registerIndex] = inKey;
-
- return registerIndex;
-}
-
-int InitCryptoOperation (FortezzaContext *inContext,
- CryptoType inCryptoOperation) {
- inContext->cryptoOperation = inCryptoOperation;
- return SOCKET_SUCCESS;
-}
-
-int EndCryptoOperation (FortezzaContext *inContext,
- CryptoType inCryptoOperation) {
- if (inCryptoOperation != inContext->cryptoOperation) {
- return SOCKET_FAILURE;
- }
- inContext->cryptoOperation = None;
- return SOCKET_SUCCESS;
-}
-
-CryptoType GetCryptoOperation (FortezzaContext *inContext) {
- return inContext->cryptoOperation;
-}
-
-void InitContext(FortezzaContext *inContext, FortezzaSocket *inSocket,
- CK_OBJECT_HANDLE hKey) {
- inContext->fortezzaKey = NULL;
- inContext->fortezzaSocket = inSocket;
- inContext->session = NULL;
- inContext->mechanism = NO_MECHANISM;
- inContext->userRamSize = 0;
- inContext->cryptoOperation = None;
- inContext->hKey = hKey;
-}
-
-extern PRBool fort11_FortezzaIsUserCert(unsigned char *label);
-
-static int
-GetValidPersonality (FortezzaSocket *inSocket) {
- int index = -1; /* return an invalid personalidyt if one isn't found */
- int i;
- PRBool unLoadList = PR_FALSE;
- int numPersonalities = 0;
-
- if (!inSocket->personalitiesLoaded) {
- numPersonalities = inSocket->numPersonalities;
- FetchPersonalityList (inSocket);
- unLoadList = PR_TRUE;
- }
-
- for (i=0; i<inSocket->numPersonalities; i++) {
- if (fort11_FortezzaIsUserCert(inSocket->personalityList[i].CertLabel)) {
- index = inSocket->personalityList[i].CertificateIndex;
- break;
- }
- }
-
- if (unLoadList) {
- UnloadPersonalityList(inSocket);
- /* UnloadPersonality sets numPersonalities to zero,
- * so we set it back to what it was when this function
- * was called.
- */
- inSocket->numPersonalities = numPersonalities;
- }
- return index;
-}
-
-int RestoreState (FortezzaContext *inContext, CryptoType inType) {
- FortezzaKey *key = inContext->fortezzaKey;
- FortezzaSocket *socket = inContext->fortezzaSocket;
- HSESSION hs = socket->maciSession;
- CI_IV bogus_iv;
- int rv, cryptoType = -1;
- int personality = inContext->fortezzaKey->id;
-
- if (key == NULL)
- return SOCKET_FAILURE;
-
- if (personality == 0) {
- personality = GetValidPersonality (socket);
- }
- rv = MACI_SetPersonality(hs, personality);
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
- /*
- * The cards need to have some state bits set because
- * save and restore don't necessarily save all the state.
- * Instead of fixing the cards, they decided to change the
- * protocol :(.
- */
- switch (inType) {
- case Encrypt:
- rv = MACI_SetKey(hs, key->keyRegister);
- if (rv != CI_OK)
- break;
- rv = MACI_GenerateIV (hs, bogus_iv);
- cryptoType = CI_ENCRYPT_EXT_TYPE;
- break;
- case Decrypt:
- rv = MACI_SetKey(hs, key->keyRegister);
- rv = MACI_LoadIV (hs, inContext->cardIV);
- cryptoType = CI_DECRYPT_EXT_TYPE;
- break;
- default:
- rv = CI_INV_POINTER;
- break;
- }
-
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
- /*PORT_Assert(cryptoType != -1); */
-
- rv = MACI_Restore(hs, cryptoType, inContext->cardState);
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
-
- return SOCKET_SUCCESS;
-}
-
-int SaveState (FortezzaContext *inContext, CI_IV inIV,
- PK11Session *inSession, FortezzaKey *inKey,
- int inCryptoType, CK_MECHANISM_TYPE inMechanism){
- int ciRV;
- FortezzaSocket *socket = inContext->fortezzaSocket;
- HSESSION hs = socket->maciSession;
- CI_CONFIG ciConfig;
-
- ciRV = MACI_Select (hs, socket->slotID);
- if (ciRV != CI_OK) {
- return SOCKET_FAILURE;
- }
- inContext->session = inSession;
- inContext->fortezzaKey = inKey;
- inContext->mechanism = inMechanism;
- PORT_Memcpy (inContext->cardIV, inIV, sizeof (CI_IV));
- ciRV = MACI_Save(hs, inCryptoType, inContext->cardState);
- if (ciRV != CI_OK) {
- return SOCKET_FAILURE;
- }
- ciRV = MACI_GetConfiguration (hs, &ciConfig);
- if (ciRV == CI_OK) {
- inContext->userRamSize = ciConfig.LargestBlockSize;
- }
-
- if (inContext->userRamSize == 0) inContext->userRamSize = 0x4000;
-
- return SOCKET_SUCCESS;
-}
-
-int SocketSaveState (FortezzaContext *inContext, int inCryptoType) {
- int ciRV;
-
- ciRV = MACI_Save (inContext->fortezzaSocket->maciSession, inCryptoType,
- inContext->cardState);
- if (ciRV != CI_OK) {
- return SOCKET_FAILURE;
- }
- return SOCKET_SUCCESS;
-}
-
-int DecryptData (FortezzaContext *inContext,
- CK_BYTE_PTR inData,
- CK_ULONG inDataLen,
- CK_BYTE_PTR inDest,
- CK_ULONG inDestLen) {
- FortezzaSocket *socket = inContext->fortezzaSocket;
- FortezzaKey *key = inContext->fortezzaKey;
- HSESSION hs = socket->maciSession;
- CK_ULONG defaultEncryptSize;
- CK_ULONG left = inDataLen;
- CK_BYTE_PTR loopin, loopout;
- int rv = CI_OK;
-
- MACI_Select (hs, socket->slotID);
-
- defaultEncryptSize = (inContext->userRamSize > DEF_ENCRYPT_SIZE)
- ? DEF_ENCRYPT_SIZE : inContext->userRamSize;
-
- if (key->keyRegister == KeyNotLoaded) {
- rv = LoadKeyIntoRegister(key);
- if (rv == KeyNotLoaded) {
- return SOCKET_FAILURE;
- }
- }
-
- key->hitCount = socket->hitCount++;
- loopin = inData;
- loopout = inDest;
- left = inDataLen;
- rv = CI_OK;
-
- MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
- RestoreState (inContext, Decrypt);
-
- while ((left > 0) && (rv == CI_OK)) {
- CK_ULONG current = (left > defaultEncryptSize)
- ? defaultEncryptSize : left;
- rv = MACI_Decrypt(hs, current, loopin, loopout);
- loopin += current;
- loopout += current;
- left -= current;
- }
-
- MACI_Unlock(hs);
-
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
-
-
- rv = SocketSaveState (inContext, CI_DECRYPT_EXT_TYPE);
- if (rv != SOCKET_SUCCESS) {
- return rv;
- }
-
-
- return SOCKET_SUCCESS;
-}
-
-int EncryptData (FortezzaContext *inContext,
- CK_BYTE_PTR inData,
- CK_ULONG inDataLen,
- CK_BYTE_PTR inDest,
- CK_ULONG inDestLen) {
- FortezzaSocket *socket = inContext->fortezzaSocket;
- FortezzaKey *key = inContext->fortezzaKey;
- HSESSION hs = socket->maciSession;
- CK_ULONG defaultEncryptSize;
- CK_ULONG left = inDataLen;
- CK_BYTE_PTR loopin, loopout;
- int rv = CI_OK;
-
- MACI_Select (hs, socket->slotID);
-
- defaultEncryptSize = (inContext->userRamSize > DEF_ENCRYPT_SIZE)
- ? DEF_ENCRYPT_SIZE : inContext->userRamSize;
- if (key->keyRegister == KeyNotLoaded) {
- rv = LoadKeyIntoRegister(key);
- if (rv == KeyNotLoaded) {
- return rv;
- }
- }
-
- key->hitCount = socket->hitCount++;
- loopin = inData;
- loopout = inDest;
-
- RestoreState (inContext,Encrypt);
-
- rv = CI_OK;
- while ((left > 0) && (rv == CI_OK)) {
- CK_ULONG current = (left > defaultEncryptSize) ? defaultEncryptSize :
- left;
- rv = MACI_Encrypt(hs, current, loopin, loopout);
- loopin += current;
- loopout += current;
- left -= current;
- }
-
- if (rv != CI_OK) {
- return SOCKET_FAILURE;
- }
-
- rv = SocketSaveState (inContext, CI_ENCRYPT_EXT_TYPE);
- if (rv != SOCKET_SUCCESS) {
- return rv;
- }
-
- return SOCKET_SUCCESS;
-}
-
-int WrapKey (FortezzaKey *wrappingKey, FortezzaKey *srcKey,
- CK_BYTE_PTR pDest, CK_ULONG ulDestLen) {
- int ciRV;
- HSESSION hs = wrappingKey->keySocket->maciSession;
-
- if (wrappingKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister(wrappingKey) == KeyNotLoaded) {
- return SOCKET_FAILURE;
- }
- }
-
- if (srcKey->id == 0) srcKey->id = wrappingKey->id;
-
- ciRV = MACI_WrapKey (hs, wrappingKey->keyRegister,
- srcKey->keyRegister, pDest);
- if (ciRV != CI_OK) {
- return SOCKET_FAILURE;
- }
-
- return SOCKET_SUCCESS;
-}
-
-int UnwrapKey (CK_BYTE_PTR inWrappedKey, FortezzaKey *inUnwrapKey) {
- int newIndex;
- int ciRV;
- FortezzaSocket *socket = inUnwrapKey->keySocket;
- HSESSION hs = socket->maciSession;
- FortezzaKey *oldKey;
-
- if (inUnwrapKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister(inUnwrapKey) == KeyNotLoaded) {
- return KeyNotLoaded;
- }
- }
-
- ciRV = MACI_Select(hs, socket->slotID);
- if (ciRV != CI_OK) {
- return KeyNotLoaded;
- }
-
- newIndex = GetBestKeyRegister(inUnwrapKey->keySocket);
- oldKey = socket->keyRegisters[newIndex];
-
- MACI_Select(hs, socket->slotID);
- if (oldKey) {
- oldKey->keyRegister = KeyNotLoaded;
- socket->keyRegisters[newIndex] = NULL;
- }
- MACI_DeleteKey (hs, newIndex);
- ciRV = MACI_UnwrapKey(hs,inUnwrapKey->keyRegister, newIndex, inWrappedKey);
- if (ciRV != CI_OK) {
- inUnwrapKey->keyRegister = KeyNotLoaded;
- socket->keyRegisters[newIndex] = NULL;
- return KeyNotLoaded;
- }
-
- return newIndex;
-}
-
diff --git a/security/nss/lib/fortcrypt/fortinst.htm b/security/nss/lib/fortcrypt/fortinst.htm
deleted file mode 100644
index 649012c82..000000000
--- a/security/nss/lib/fortcrypt/fortinst.htm
+++ /dev/null
@@ -1,161 +0,0 @@
-<HTML>
-<TITLE>Generic PKCS #11 Installer</TITLE>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-
-<SCRIPT>
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = 0;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-var new_window;
-var has_new_window = 0;
-
-function HandleCipher(checkBox) {
- if (checkBox.checked) {
- pkcs11MechanismFlags |= checkBox.value;
- } else {
- pkcs11MechanismFlags &= ~checkBox.value;
- }
-}
-
-function HandleSSL(checkBox) {
- if (checkBox.checked) {
- pkcs11CipherFlags |= checkBox.value;
- } else {
- pkcs11CipherFlags &= ~checkBox.value;
- }
-}
-
-function colonize(string) {
- len = string.length;
- end = len -1;
-
- if (len == 0) return string;
-
-
- for (i=0; i < len; i++) {
- if (string.charAt(i) == "/") {
- if (i == 0) {
- new_string = ":" + string.substring(1,len);
- } else if (i == end) {
- new_string = string.substring(0,i)+':';
- } else {
- new_string = string.substring(0,i)+':'+
- string.substring(i+1,len);
- }
- string = new_string;
- }
- }
-
- if (string.charAt(0) == ":") string = string.substring(1,len);
- return string;
-}
-
-function DoInstall(name,module) {
- if ((navigator.platform == "MacPPC")
- || (navigator.platform == "Mac68K")) {
- module = colonize(module);
- }
- result = pkcs11.addmodule(name, module,
- pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- }
- if (has_new_window) new_window.close();
-}
-
-default_name = "Netscape FORTEZZA Module"
-
-default_module = "D:/dogbert/ns/dist/WIN32_D.OBJ/bin/fort32.dll"
-document.writeln("<FORM name=instform target=_self> <H2>FORTEZZA PKCS #11 Installer version 1.5</H2>");
-document.writeln(" Module name: <Input Type=Text Name=modName value=\""+default_name+"\" size=50 required><br>");
-document.writeln(" Module Library: <Input Type=FILE required Name=module><br>");
-document.writeln("<i>Note: If you use the browse button, be sure to change the filter to show all the files (*), not just the HTML files (*.html).</i><p>");
-document.writeln("<hr>");
-document.write("<Input type=submit Name=Install Value=Install onclick=DoInstall(");
-document.writeln( "document.instform.modName.value,document.instform.module.value) >");
-document.writeln("</FORM>");
-</SCRIPT>
diff --git a/security/nss/lib/fortcrypt/fortpk11.c b/security/nss/lib/fortcrypt/fortpk11.c
deleted file mode 100644
index e28fd7909..000000000
--- a/security/nss/lib/fortcrypt/fortpk11.c
+++ /dev/null
@@ -1,4553 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * This file implements PKCS 11 for FORTEZZA using MACI
- * drivers. Except for the Mac. They only have CI libraries, so
- * that's what we use there.
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- *
- * This implementations queries the MACI to figure out how
- * many slots exist on a given system. There is an artificial boundary
- * of 32 slots, because allocating slots dynamically caused memory
- * problems in the client when first this module was first developed.
- * Some how the heap was being corrupted and we couldn't find out where.
- * Subsequent attempts to allocate dynamic memory caused no problem.
- *
- * In this implementation, session objects are only visible to the session
- * that created or generated them.
- */
-
-#include "fpkmem.h"
-#include "seccomon.h"
-#include "fpkcs11.h"
-#include "fpkcs11i.h"
-#include "cryptint.h"
-#include "pk11func.h"
-#include "fortsock.h"
-#include "fmutex.h"
-#ifdef notdef
-#include <ctype.h>
-#include <stdio.h>
-#endif
-
-/* sigh */
-#ifndef EOF
-/* stdio was not included */
-extern int sprintf(char *out, char *fmt, ...);
-#endif
-
-#ifdef XP_MAC
-#ifndef __POWERPC__
-#include <A4Stuff.h>
-#endif
-
-
-/* This is not a 4.0 project, so I can't depend on
- * 4.0 defines, so instead I depend on CodeWarrior
- * defines. I define XP_MAC in fpkmem.h
- */
-#if __POWERPC__
-#elif __CFM68K__
-#else
-/* These include are taken fromn npmac.cpp which are used
- * by the plugin group to properly set-up a plug-in for
- * dynamic loading on 68K.
- */
-
-#include <Quickdraw.h>
-
-/*
-** The Mixed Mode procInfos defined in npupp.h assume Think C-
-** style calling conventions. These conventions are used by
-** Metrowerks with the exception of pointer return types, which
-** in Metrowerks 68K are returned in A0, instead of the standard
-** D0. Thus, since NPN_MemAlloc and NPN_UserAgent return pointers,
-** Mixed Mode will return the values to a 68K plugin in D0, but
-** a 68K plugin compiled by Metrowerks will expect the result in
-** A0. The following pragma forces Metrowerks to use D0 instead.
-*/
-#ifdef __MWERKS__
-#ifndef powerc
-#pragma pointers_in_D0
-#endif
-#endif
-
-#ifdef __MWERKS__
-#ifndef powerc
-#pragma pointers_in_A0
-#endif
-#endif
-
-/* The following fix for static initializers fixes a previous
-** incompatibility with some parts of PowerPlant.
-*/
-#ifdef __MWERKS__
-#ifdef __cplusplus
- extern "C" {
-#endif
-#ifndef powerc
- extern void __InitCode__(void);
-#else
- extern void __sinit(void);
-#endif
- extern void __destroy_global_chain(void);
-#ifdef __cplusplus
- }
-#endif /* __cplusplus */
-#endif /* __MWERKS__ */
-
-#endif
-#endif
-
-
-typedef struct {
- unsigned char *data;
- int len;
-} CertItem;
-
-
-/*
- * ******************** Static data *******************************
- */
-
-/* The next three strings must be exactly 32 characters long */
-static char *manufacturerID = "Netscape Communications Corp ";
-static char *libraryDescription = "Communicator Fortezza Crypto Svc";
-
-typedef enum {DSA_KEY, KEA_KEY, V1_KEY, INVALID_KEY } PrivKeyType;
-
-static PK11Slot fort11_slot[NUM_SLOTS];
-static FortezzaSocket fortezzaSockets[NUM_SLOTS];
-static PRBool init = PR_FALSE;
-static CK_ULONG kNumSockets = 0;
-
-#define __PASTE(x,y) x##y
-
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-#define fort11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define fort11_SlotFromSession pk11_SlotFromSession
-#define fort11_isToken pk11_isToken
-
-static CK_FUNCTION_LIST fort11_funcList = {
- { 2, 1 },
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-#define CK_EXTERN
-#define CK_FUNC(name) name,
-#define _CK_RV
-
-#include "fpkcs11f.h"
-
-};
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef _CK_RV
-
-
-#undef __PASTE
-#undef pk11_SlotFromSessionHandle
-#undef pk11_SlotFromID
-
-#define MAJOR_VERSION_MASK 0xFF00
-#define MINOR_VERSION_MASK 0x00FF
-
-/* Mechanisms */
-struct mechanismList {
- CK_MECHANISM_TYPE type;
- CK_MECHANISM_INFO domestic;
- PRBool privkey;
-};
-
-static struct mechanismList mechanisms[] = {
- {CKM_DSA, {512,1024,CKF_SIGN}, PR_TRUE},
- {CKM_SKIPJACK_KEY_GEN, {92, 92, CKF_GENERATE}, PR_TRUE},
- {CKM_SKIPJACK_CBC64, {92, 92, CKF_ENCRYPT | CKF_DECRYPT}, PR_TRUE},
- {CKM_SKIPJACK_WRAP, {92, 92, CKF_WRAP}, PR_TRUE},
- {CKM_KEA_KEY_DERIVE, {128, 128, CKF_DERIVE}, PR_TRUE},
-};
-static CK_ULONG mechanismCount = sizeof(mechanisms)/sizeof(mechanisms[0]);
-
-/*************Static function prototypes********************************/
-static PRBool fort11_isTrue(PK11Object *object,CK_ATTRIBUTE_TYPE type);
-static void fort11_FreeAttribute(PK11Attribute *attribute);
-static void fort11_DestroyAttribute(PK11Attribute *attribute);
-static PK11Object* fort11_NewObject(PK11Slot *slot);
-static PK11FreeStatus fort11_FreeObject(PK11Object *object);
-static CK_RV fort11_AddAttributeType(PK11Object *object,
- CK_ATTRIBUTE_TYPE type,
- void *valPtr,
- CK_ULONG length);
-static void fort11_AddSlotObject(PK11Slot *slot, PK11Object *object);
-static PK11Attribute* fort11_FindAttribute(PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-static PK11Attribute* fort11_NewAttribute(CK_ATTRIBUTE_TYPE type,
- CK_VOID_PTR value, CK_ULONG len);
-static void fort11_DeleteAttributeType(PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-static void fort11_AddAttribute(PK11Object *object,
- PK11Attribute *attribute);
-static void fort11_AddObject(PK11Session *session,
- PK11Object *object);
-static PK11Object * fort11_ObjectFromHandle(CK_OBJECT_HANDLE handle,
- PK11Session *session);
-static void fort11_DeleteObject(PK11Session *session,PK11Object *object);
-static CK_RV fort11_DestroyObject(PK11Object *object);
-void fort11_FreeSession(PK11Session *session);
-
-#define FIRST_SLOT_SESS_ID 0x00000100L
-#define ADD_NEXT_SESS_ID 0x00000100L
-#define SLOT_MASK 0x000000FFL
-
-#define FAILED CKR_FUNCTION_FAILED
-
-static void
-fort11_FreeFortezzaKey (void *inFortezzaKey) {
- RemoveKey ((FortezzaKey*) inFortezzaKey);
-}
-
-static void
-fort11_DestroySlotObjects (PK11Slot *slot, PK11Session *session) {
- PK11Object *currObject, *nextObject = NULL, *oldObject;
- int i;
-
- for (i=0; i<HASH_SIZE; i++) {
- currObject = slot->tokObjects[i];
- slot->tokObjects[i] = NULL;
- do {
- FMUTEX_Lock(slot->sessionLock);
-
- if (currObject) {
- nextObject = currObject->next;
- FMUTEX_Lock(currObject->refLock);
- currObject->refCount++;
- FMUTEX_Unlock(currObject->refLock);
- fort11_DeleteObject(session, currObject);
- }
- FMUTEX_Unlock(slot->sessionLock);
- if (currObject) {
- oldObject = currObject;
- currObject = nextObject;
- fort11_FreeObject(oldObject);
- }
- } while (currObject != NULL);
- }
-}
-
-static void
-fort11_TokenRemoved(PK11Slot *slot, PK11Session *session) {
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
-
- LogoutFromSocket (socket);
- slot->isLoggedIn = PR_FALSE;
- if (session && session->notify) {
- /*If no session pointer exists, lots of leaked memory*/
- session->notify (session->handle, CKN_SURRENDER,
- session->appData);
- fort11_FreeSession(session); /* Release the reference held
- * by the slot with the session
- */
- }
-
- fort11_DestroySlotObjects(slot, session);
- fort11_FreeSession(session); /* Release the reference held
- * by the slot with the session
- */
-
- /* All keys will have been freed at this point so we can
- * NULL out this pointer
- */
- socket->keys = NULL;
-
-}
-
-PRBool
-fort11_FortezzaIsUserCert(unsigned char * label) {
-
- if ( (!PORT_Memcmp(label, "KEAK", 4)) || /* v3 user certs */
- (!PORT_Memcmp(label, "DSA1", 4)) ||
- (!PORT_Memcmp(label, "DSAI", 4)) ||
- (!PORT_Memcmp(label, "DSAO", 4)) ||
- (!PORT_Memcmp(label, "INKS", 4)) || /* v1 user certs */
- (!PORT_Memcmp(label, "INKX", 4)) ||
- (!PORT_Memcmp(label, "ONKS", 4)) ||
- (!PORT_Memcmp(label, "ONKX", 4)) ||
- (!PORT_Memcmp(label, "3IXS", 4)) || /* old v3 user certs */
- (!PORT_Memcmp(label, "3OXS", 4)) ||
- (!PORT_Memcmp(label, "3IKX", 4)) ) {
-
- return PR_TRUE;
-
- } else { return PR_FALSE; }
-
-}
-
-static PRBool
-fort11_FortezzaIsACert(unsigned char * label) {
- if (label == NULL) return PR_FALSE;
-
- if ( (!PORT_Memcmp(label, "DSA1", 4)) || /* v3 certs */
- (!PORT_Memcmp(label, "DSAI", 4)) ||
- (!PORT_Memcmp(label, "DSAO", 4)) ||
- (!PORT_Memcmp(label, "DSAX", 4)) ||
- (!PORT_Memcmp(label, "KEAK", 4)) ||
- (!PORT_Memcmp(label, "KEAX", 4)) ||
- (!PORT_Memcmp(label, "CAX1", 4)) ||
- (!PORT_Memcmp(label, "PCA1", 4)) ||
- (!PORT_Memcmp(label, "PAA1", 4)) ||
- (!PORT_Memcmp(label, "ICA1", 4)) ||
-
- (!PORT_Memcmp(label, "3IXS", 4)) || /* old v3 certs */
- (!PORT_Memcmp(label, "3OXS", 4)) ||
- (!PORT_Memcmp(label, "3CAX", 4)) ||
- (!PORT_Memcmp(label, "3IKX", 4)) ||
- (!PORT_Memcmp(label, "3PCA", 4)) ||
- (!PORT_Memcmp(label, "3PAA", 4)) ||
- (!PORT_Memcmp(label, "3ICA", 4)) ||
-
- (!PORT_Memcmp(label, "INKS", 4)) || /* v1 certs */
- (!PORT_Memcmp(label, "INKX", 4)) ||
- (!PORT_Memcmp(label, "ONKS", 4)) ||
- (!PORT_Memcmp(label, "ONKX", 4)) ||
- (!PORT_Memcmp(label, "RRXX", 4)) ||
- (!PORT_Memcmp(label, "RTXX", 4)) ||
- (!PORT_Memcmp(label, "LAXX", 4)) ) {
-
- return PR_TRUE;
-
- }
-
- return PR_FALSE;
-}
-
-static
-int fort11_cert_length(unsigned char *buf, int length) {
- unsigned char tag;
- int used_length= 0;
- int data_length;
-
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0) {
- return 0;
- }
-
- data_length = buf[used_length++];
-
- if (data_length&0x80) {
- int len_count = data_length & 0x7f;
-
- data_length = 0;
-
- while (len_count-- > 0) {
- data_length = (data_length << 8) | buf[used_length++];
- }
- }
-
- if (data_length > (length-used_length) ) {
- return length;
- }
-
- return (data_length + used_length);
-}
-
-unsigned char *fort11_data_start(unsigned char *buf, int length,
- int *data_length, PRBool includeTag) {
- unsigned char tag;
- int used_length= 0;
-
- tag = buf[used_length++];
-
- /* blow out when we come to the end */
- if (tag == 0) {
- return NULL;
- }
-
- *data_length = buf[used_length++];
-
- if (*data_length&0x80) {
- int len_count = *data_length & 0x7f;
-
- *data_length = 0;
-
- while (len_count-- > 0) {
- *data_length = (*data_length << 8) | buf[used_length++];
- }
- }
-
- if (*data_length > (length-used_length) ) {
- *data_length = length-used_length;
- return NULL;
- }
- if (includeTag) *data_length += used_length;
-
- return (buf + (includeTag ? 0 : used_length));
-}
-
-int
-fort11_GetCertFields(unsigned char *cert,int cert_length,CertItem *issuer,
- CertItem *serial,CertItem *subject)
-{
- unsigned char *buf;
- int buf_length;
- unsigned char *date;
- int datelen;
-
- /* get past the signature wrap */
- buf = fort11_data_start(cert,cert_length,&buf_length,PR_FALSE);
- if (buf == NULL) return FAILED;
- /* get into the raw cert data */
- buf = fort11_data_start(buf,buf_length,&buf_length,PR_FALSE);
- if (buf == NULL) return FAILED;
- /* skip past any optional version number */
- if ((buf[0] & 0xa0) == 0xa0) {
- date = fort11_data_start(buf,buf_length,&datelen,PR_FALSE);
- if (date == NULL) return FAILED;
- buf_length -= (date-buf) + datelen;
- buf = date + datelen;
- }
- /* serial number */
- serial->data = fort11_data_start(buf,buf_length,&serial->len,PR_FALSE);
- if (serial->data == NULL) return FAILED;
- buf_length -= (serial->data-buf) + serial->len;
- buf = serial->data + serial->len;
- /* skip the OID */
- date = fort11_data_start(buf,buf_length,&datelen,PR_FALSE);
- if (date == NULL) return FAILED;
- buf_length -= (date-buf) + datelen;
- buf = date + datelen;
- /* issuer */
- issuer->data = fort11_data_start(buf,buf_length,&issuer->len,PR_TRUE);
- if (issuer->data == NULL) return FAILED;
- buf_length -= (issuer->data-buf) + issuer->len;
- buf = issuer->data + issuer->len;
- /* skip the date */
- date = fort11_data_start(buf,buf_length,&datelen,PR_FALSE);
- if (date == NULL) return FAILED;
- buf_length -= (date-buf) + datelen;
- buf = date + datelen;
- /*subject */
- subject->data=fort11_data_start(buf,buf_length,&subject->len,PR_TRUE);
- if (subject->data == NULL) return FAILED;
- buf_length -= (subject->data-buf) + subject->len;
- buf = subject->data +subject->len;
- /*subject */
- return CKR_OK;
-}
-
-/* quick tohex function to get rid of scanf */
-static
-int fort11_tohex(char *s) {
- int val = 0;
-
- for(;*s;s++) {
- if ((*s >= '0') && (*s <= '9')) {
- val = (val << 4) + (*s - '0');
- continue;
- } else if ((*s >= 'a') && (*s <= 'f')) {
- val = (val << 4) + (*s - 'a') + 10;
- continue;
- } else if ((*s >= 'A') && (*s <= 'F')) {
- val = (val << 4) + (*s - 'A') + 10;
- continue;
- }
- break;
- }
- return val;
-}
-
-/* only should be called for V3 KEA cert labels. */
-
-static int
-fort11_GetSibling(CI_CERT_STR label) {
-
- int value = 0;
- char s[3];
-
- label +=4;
-
- strcpy(s,"00");
- memcpy(s, label, 2);
- value = fort11_tohex(s);
-
- /* sibling of 255 means no sibling */
- if (value == 255) {
- value = -1;
- }
-
- return value;
-}
-
-
-static PrivKeyType
-fort11_GetKeyType(CI_CERT_STR label) {
- if (label == NULL) return INVALID_KEY;
-
- if ( (!PORT_Memcmp(label, "DSA1", 4)) || /* v3 certs */
- (!PORT_Memcmp(label, "DSAI", 4)) ||
- (!PORT_Memcmp(label, "DSAO", 4)) ||
- (!PORT_Memcmp(label, "3IXS", 4)) || /* old v3 certs */
- (!PORT_Memcmp(label, "3OXS", 4)) ) {
-
- return DSA_KEY;
- }
-
-
- if ( (!PORT_Memcmp(label, "KEAK", 4)) ||
- (!PORT_Memcmp(label, "3IKX", 4)) ) {
- return KEA_KEY;
- }
-
- if ( (!PORT_Memcmp(label, "INKS", 4)) || /* V1 Certs*/
- (!PORT_Memcmp(label, "INKX", 4)) ||
- (!PORT_Memcmp(label, "ONKS", 4)) ||
- (!PORT_Memcmp(label, "ONKX", 4)) ||
- (!PORT_Memcmp(label, "RRXX", 4)) ||
- (!PORT_Memcmp(label, "RTXX", 4)) ||
- (!PORT_Memcmp(label, "LAXX", 4)) ) {
-
- return V1_KEY;
- }
-
- return INVALID_KEY;
-}
-
-static CK_RV
-fort11_ConvertToDSAKey(PK11Object *privateKey, PK11Slot *slot) {
- CK_KEY_TYPE key_type = CKK_DSA;
- CK_BBOOL cktrue = TRUE;
- CK_BBOOL ckfalse = FALSE;
- CK_OBJECT_CLASS privClass = CKO_PRIVATE_KEY;
- CK_CHAR label[] = "A DSA Private Key";
-
-
- /* Fill in the common Default values */
- if (fort11_AddAttributeType(privateKey,CKA_START_DATE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey,CKA_END_DATE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey,CKA_SUBJECT, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_CLASS, &privClass,
- sizeof (CK_OBJECT_CLASS)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_KEY_TYPE, &key_type,
- sizeof(CK_KEY_TYPE)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_TOKEN, &cktrue,
- sizeof (CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_LABEL, label,
- PORT_Strlen((char*)label)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_SENSITIVE, &cktrue,
- sizeof (CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_SIGN, &cktrue,
- sizeof (CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(privateKey, CKA_DERIVE, &cktrue,
- sizeof(cktrue)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_LOCAL, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_DECRYPT, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_SIGN_RECOVER, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_UNWRAP, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_EXTRACTABLE, &ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_ALWAYS_SENSITIVE, &cktrue,
- sizeof(cktrue)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_NEVER_EXTRACTABLE, &cktrue,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_PRIME, NULL, 0) != CKR_OK){
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_SUBPRIME, NULL, 0) != CKR_OK){
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_BASE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_VALUE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_PRIVATE, &cktrue,
- sizeof(cktrue)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_MODIFIABLE,&ckfalse,
- sizeof(ckfalse)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- FMUTEX_Lock(slot->objectLock);
- privateKey->handle = slot->tokenIDCount++;
- privateKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
- privateKey->objclass = privClass;
- privateKey->slot = slot;
- privateKey->inDB = PR_TRUE;
-
-
- return CKR_OK;
-}
-
-static int
-fort11_LoadRootPAAKey(PK11Slot *slot, PK11Session *session) {
- CK_OBJECT_CLASS theClass = CKO_SECRET_KEY;
- int id = 0;
- CK_BBOOL True = TRUE;
- CK_BBOOL False = FALSE;
- CK_CHAR label[] = "Trusted Root PAA Key";
- PK11Object *rootKey;
- FortezzaKey *newKey;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
-
- /*Don't know the key type. Does is matter?*/
-
- rootKey = fort11_NewObject(slot);
-
- if (rootKey == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_CLASS, &theClass,
- sizeof(theClass)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_TOKEN, &True,
- sizeof(True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_LABEL, label,
- sizeof(label)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_PRIVATE, &True,
- sizeof (True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey,CKA_MODIFIABLE, &False,
- sizeof(False)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_ID, &id,
- sizeof(int)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_DERIVE, &True,
- sizeof(True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_AddAttributeType(rootKey, CKA_SENSITIVE, &True,
- sizeof(True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- FMUTEX_Lock(slot->objectLock);
- rootKey->handle = slot->tokenIDCount++;
- rootKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
-
- rootKey->objclass = theClass;
- rootKey->slot = slot;
- rootKey->inDB = PR_TRUE;
-
- newKey = NewFortezzaKey(socket, Ks, NULL, 0);
- if (newKey == NULL) {
- fort11_FreeObject(rootKey);
- return CKR_HOST_MEMORY;
- }
-
- rootKey->objectInfo = (void*)newKey;
- rootKey->infoFree = fort11_FreeFortezzaKey;
- fort11_AddObject(session, rootKey);
-
- return CKR_OK;
-}
-
-static CK_RV
-fort11_ConvertToKEAKey (PK11Object *privateKey, PK11Slot *slot) {
- CK_OBJECT_CLASS theClass = CKO_PRIVATE_KEY;
- CK_KEY_TYPE keyType = CKK_KEA;
- CK_CHAR label[] = "A KEA private key Object";
- CK_BBOOL True = TRUE;
- CK_BBOOL False = FALSE;
-
- if (fort11_AddAttributeType(privateKey, CKA_CLASS, &theClass,
- sizeof (CK_OBJECT_CLASS)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_KEY_TYPE, &keyType,
- sizeof (CK_KEY_TYPE)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_TOKEN, &True,
- sizeof(CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_LABEL, label,
- PORT_Strlen((char*)label)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_SENSITIVE,
- &True, sizeof(CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType (privateKey, CKA_DERIVE,
- &True, sizeof(CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_PRIVATE, &True,
- sizeof(True)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_START_DATE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_END_DATE, NULL, 0) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- if (fort11_AddAttributeType(privateKey, CKA_LOCAL, &False,
- sizeof(False)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- FMUTEX_Lock(slot->objectLock);
- privateKey->handle = slot->tokenIDCount++;
- privateKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
- privateKey->objclass = theClass;
- privateKey->slot = slot;
- privateKey->inDB = PR_TRUE;
-
- return CKR_OK;
-}
-
-static CK_RV
-fort11_ConvertToV1Key (PK11Object* privateKey, PK11Slot *slot) {
- CK_RV rv;
- CK_BBOOL True = TRUE;
-
- rv = fort11_ConvertToDSAKey(privateKey, slot);
- if (rv != CKR_OK) {
- return rv;
- }
-
- if (fort11_AddAttributeType(privateKey, CKA_DERIVE, &True,
- sizeof (CK_BBOOL)) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- return CKR_OK;
-}
-
-static CK_RV
-fort11_NewPrivateKey(PK11Object *privKeyObject, PK11Slot *slot,CI_PERSON currPerson) {
- PrivKeyType keyType = fort11_GetKeyType(currPerson.CertLabel);
- CK_RV rv;
-
- switch (keyType) {
- case DSA_KEY:
- rv = fort11_ConvertToDSAKey(privKeyObject, slot);
- break;
- case KEA_KEY:
- rv = fort11_ConvertToKEAKey(privKeyObject, slot);
- break;
- case V1_KEY:
- rv = fort11_ConvertToV1Key(privKeyObject, slot);
- break;
- default:
- rv = CKR_GENERAL_ERROR;
- break;
- }
- return rv;
-}
-
-
-PRBool
-fort11_LoadCertObjectForSearch(CI_PERSON currPerson, PK11Slot *slot,
- PK11Session *session, CI_PERSON *pers_array) {
- PK11Object *certObject, *privKeyObject;
- PK11Attribute *attribute, *newAttribute;
- int ci_rv;
- CI_CERTIFICATE cert;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_CERTIFICATE_TYPE certType = CKC_X_509;
- CK_BBOOL cktrue = TRUE;
- CK_BBOOL ckfalse = FALSE;
- CertItem issuer, serial, subject;
- int certSize;
- char nickname[50];
- char *cursor;
- PrivKeyType priv_key;
- int sibling;
-
-
- certObject = fort11_NewObject(slot);
- if (certObject == NULL)
- return PR_FALSE;
-
- ci_rv = MACI_GetCertificate (fortezzaSockets[slot->slotID-1].maciSession,
- currPerson.CertificateIndex, cert);
- if (ci_rv != CI_OK){
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
-
- ci_rv = fort11_GetCertFields(cert,CI_CERT_SIZE,&issuer,&serial,&subject);
-
- if (ci_rv != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
-
- if (fort11_AddAttributeType(certObject, CKA_CLASS, &certClass,
- sizeof (CK_OBJECT_CLASS)) != CKR_OK) {
- fort11_FreeObject (certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_TOKEN, &cktrue,
- sizeof (CK_BBOOL)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_PRIVATE, &ckfalse,
- sizeof (CK_BBOOL)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
-
-
- /* check if the label represents a KEA key. if so, the
- nickname should be made the same as the corresponding DSA
- sibling cert. */
-
- priv_key = fort11_GetKeyType(currPerson.CertLabel);
-
- if (priv_key == KEA_KEY) {
- sibling = fort11_GetSibling(currPerson.CertLabel);
-
- /* check for failure of fort11_GetSibling. also check that
- the sibling is not zero. */
-
- if (sibling > 0) {
- /* assign the KEA cert label to be the same as the
- sibling DSA label */
-
- sprintf (nickname, "%s", &pers_array[sibling-1].CertLabel[8] );
- } else {
- sprintf (nickname, "%s", &currPerson.CertLabel[8]);
- }
- } else {
- sprintf (nickname, "%s", &currPerson.CertLabel[8]);
- }
-
- cursor = nickname+PORT_Strlen(nickname)-1;
- while ((*cursor) == ' ') {
- cursor--;
- }
- cursor[1] = '\0';
- if (fort11_AddAttributeType(certObject, CKA_LABEL, nickname,
- PORT_Strlen(nickname)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
-
-
-
- if (fort11_AddAttributeType(certObject, CKA_CERTIFICATE_TYPE, &certType,
- sizeof(CK_CERTIFICATE_TYPE)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- certSize = fort11_cert_length(cert,CI_CERT_SIZE);
- if (fort11_AddAttributeType (certObject, CKA_VALUE, cert, certSize)
- != CI_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_ISSUER, issuer.data,
- issuer.len) != CKR_OK) {
- fort11_FreeObject (certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_SUBJECT, subject.data,
- subject.len) != CKR_OK) {
- fort11_FreeObject (certObject);
- return PR_FALSE;
- }
- if (fort11_AddAttributeType(certObject, CKA_SERIAL_NUMBER,
- serial.data, serial.len) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- /*Change this to a byte array later*/
- if (fort11_AddAttributeType(certObject, CKA_ID,
- &currPerson.CertificateIndex,
- sizeof(int)) != CKR_OK) {
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- certObject->objectInfo = NULL;
- certObject->infoFree = NULL;
-
- certObject->objclass = certClass;
- certObject->slot = slot;
- certObject->inDB = PR_TRUE;
-
- FMUTEX_Lock(slot->objectLock);
-
- certObject->handle = slot->tokenIDCount++;
- certObject->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_CERT);
-
- FMUTEX_Unlock(slot->objectLock);
-
- if (fort11_FortezzaIsUserCert (currPerson.CertLabel)) {
- privKeyObject = fort11_NewObject(slot);
- if (fort11_NewPrivateKey(privKeyObject, slot, currPerson) != CKR_OK) {
- fort11_FreeObject(privKeyObject);
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- if(fort11_AddAttributeType(privKeyObject,CKA_ID,
- &currPerson.CertificateIndex,
- sizeof(int)) != CKR_OK) {
- fort11_FreeObject(privKeyObject);
- fort11_FreeObject(certObject);
- return PR_FALSE;
- }
- attribute = fort11_FindAttribute(certObject,CKA_SUBJECT);
- newAttribute=
- fort11_NewAttribute(pk11_attr_expand(&attribute->attrib));
- fort11_FreeAttribute(attribute);
- if (newAttribute != NULL) {
- fort11_DeleteAttributeType(privKeyObject,
- CKA_SUBJECT);
- fort11_AddAttribute(privKeyObject,
- newAttribute);
- }
- fort11_AddObject (session, privKeyObject);
- }
-
-
- fort11_AddObject (session, certObject);
-
-
- return PR_TRUE;
-}
-
-#define TRUSTED_PAA "00000000Trusted Root PAA"
-
-static int
-fort11_BuildCertObjects(FortezzaSocket *currSocket, PK11Slot *slot,
- PK11Session *session) {
-
- int i;
- CI_PERSON rootPAA;
-
- PORT_Memcpy (rootPAA.CertLabel, TRUSTED_PAA, 1+PORT_Strlen (TRUSTED_PAA));
- rootPAA.CertificateIndex = 0;
-
- if (!fort11_LoadCertObjectForSearch(rootPAA, slot, session,
- currSocket->personalityList)) {
- return CKR_GENERAL_ERROR;
- }
-
- if (fort11_LoadRootPAAKey(slot, session) != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
-
- for (i=0 ; i < currSocket->numPersonalities; i++) {
- if (fort11_FortezzaIsACert (currSocket->personalityList[i].CertLabel)){
- if (!fort11_LoadCertObjectForSearch(currSocket->personalityList[i],
- slot, session,
- currSocket->personalityList)){
- return CKR_GENERAL_ERROR;
- }
- }
- }
-
- return CKR_OK;
-}
-
-PK11Slot*
-fort11_SlotFromSessionHandle(CK_SESSION_HANDLE inHandle) {
- CK_SESSION_HANDLE whichSlot = inHandle & SLOT_MASK;
-
- if (whichSlot >= kNumSockets) return NULL_PTR;
-
- return &fort11_slot[whichSlot];
-}
-
-PK11Slot*
-fort11_SlotFromID (CK_SLOT_ID inSlotID) {
- if (inSlotID == 0 || inSlotID > kNumSockets)
- return NULL;
-
- return &fort11_slot[inSlotID-1];
-}
-
-CK_ULONG fort11_firstSessionID (int inSlotNum) {
- return (CK_ULONG)(inSlotNum);
-}
-
-/*
- * Utility to convert passed in PIN to a CI_PIN
- */
-void fort11_convertToCIPin (CI_PIN ciPin,CK_CHAR_PTR pPin, CK_ULONG ulLen) {
- unsigned long i;
-
- for (i=0; i<ulLen; i++) {
- ciPin[i] = pPin[i];
- }
- ciPin[ulLen] = '\0';
-}
-
-
-/*
- * return true if object has attribute
- */
-static PRBool
-fort11_hasAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
- PK11Attribute *attribute;
-
- FMUTEX_Lock(object->attributeLock);
- pk11queue_find(attribute,type,object->head,HASH_SIZE);
- FMUTEX_Unlock(object->attributeLock);
-
- return (PRBool)(attribute != NULL);
-}
-
-/*
- * create a new attribute with type, value, and length. Space is allocated
- * to hold value.
- */
-static PK11Attribute *
-fort11_NewAttribute(CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value, CK_ULONG len) {
- PK11Attribute *attribute;
- CK_RV mrv;
-
- attribute = (PK11Attribute*)PORT_Alloc(sizeof(PK11Attribute));
- if (attribute == NULL) return NULL;
-
- attribute->attrib.type = type;
- if (value) {
- attribute->attrib.pValue = (CK_VOID_PTR)PORT_Alloc(len);
- if (attribute->attrib.pValue == NULL) {
- PORT_Free(attribute);
- return NULL;
- }
- PORT_Memcpy(attribute->attrib.pValue,value,len);
- attribute->attrib.ulValueLen = len;
- } else {
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
- attribute->handle = type;
- attribute->next = attribute->prev = NULL;
- attribute->refCount = 1;
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create (&attribute->refLock);
- if (mrv != CKR_OK) {
- if (attribute->attrib.pValue) PORT_Free(attribute->attrib.pValue);
- PORT_Free(attribute);
- return NULL;
- }
- } else {
- attribute->refLock = NULL;
- }
-
- return attribute;
-}
-
-/*
- * add an attribute to an object
- */
-static
-void fort11_AddAttribute(PK11Object *object,PK11Attribute *attribute) {
- FMUTEX_Lock (object->attributeLock);
- pk11queue_add(attribute,attribute->handle,object->head,HASH_SIZE);
- FMUTEX_Unlock(object->attributeLock);
-}
-
-static CK_RV
-fort11_AddAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *valPtr,
- CK_ULONG length) {
- PK11Attribute *attribute;
- attribute = fort11_NewAttribute(type,valPtr,length);
- if (attribute == NULL) { return CKR_HOST_MEMORY; }
- fort11_AddAttribute(object,attribute);
- return CKR_OK;
-}
-
-
-
-/* Make sure a given attribute exists. If it doesn't, initialize it to
- * value and len
- */
-static CK_RV
-fort11_forceAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *value,
- unsigned int len) {
- if ( !fort11_hasAttribute(object, type)) {
- return fort11_AddAttributeType(object,type,value,len);
- }
- return CKR_OK;
-}
-
-/*
- * look up and attribute structure from a type and Object structure.
- * The returned attribute is referenced and needs to be freed when
- * it is no longer needed.
- */
-static PK11Attribute *
-fort11_FindAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
- PK11Attribute *attribute;
-
- FMUTEX_Lock(object->attributeLock);
- pk11queue_find(attribute,type,object->head,HASH_SIZE);
- if (attribute) {
- /* atomic increment would be nice here */
- FMUTEX_Lock(attribute->refLock);
- attribute->refCount++;
- FMUTEX_Unlock(attribute->refLock);
- }
- FMUTEX_Unlock(object->attributeLock);
-
- return(attribute);
-}
-
-/*
- * this is only valid for CK_BBOOL type attributes. Return the state
- * of that attribute.
- */
-static PRBool
-fort11_isTrue(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
- PK11Attribute *attribute;
- PRBool tok = PR_FALSE;
-
- attribute=fort11_FindAttribute(object,type);
- if (attribute == NULL) { return PR_FALSE; }
- tok = (PRBool)(*(CK_BBOOL *)attribute->attrib.pValue);
- fort11_FreeAttribute(attribute);
-
- return tok;
-}
-
-/*
- * add an object to a slot and session queue
- */
-static
-void fort11_AddSlotObject(PK11Slot *slot, PK11Object *object) {
- FMUTEX_Lock(slot->objectLock);
- pk11queue_add(object,object->handle,slot->tokObjects,HASH_SIZE);
- FMUTEX_Unlock(slot->objectLock);
-}
-
-static
-void fort11_AddObject(PK11Session *session, PK11Object *object) {
- PK11Slot *slot = fort11_SlotFromSession(session);
-
- if (!fort11_isToken(object->handle)) {
- FMUTEX_Lock(session->objectLock);
- pk11queue_add(&object->sessionList,0,session->objects,0);
- FMUTEX_Unlock(session->objectLock);
- }
- fort11_AddSlotObject(slot,object);
-}
-
-/*
- * free all the data associated with an object. Object reference count must
- * be 'zero'.
- */
-static CK_RV
-fort11_DestroyObject(PK11Object *object) {
- int i;
- CK_RV crv = CKR_OK;
-/* PORT_Assert(object->refCount == 0);*/
-
- if (object->label) PORT_Free(object->label);
-
- /* clean out the attributes */
- /* since no one is referencing us, it's safe to walk the chain
- * without a lock */
- for (i=0; i < HASH_SIZE; i++) {
- PK11Attribute *ap,*next;
- for (ap = object->head[i]; ap != NULL; ap = next) {
- next = ap->next;
- /* paranoia */
- ap->next = ap->prev = NULL;
- fort11_FreeAttribute(ap);
- }
- object->head[i] = NULL;
- }
- FMUTEX_Destroy(object->attributeLock);
- FMUTEX_Destroy(object->refLock);
- if (object->objectInfo) {
- (*object->infoFree)(object->objectInfo);
- }
- PORT_Free(object);
- return crv;
-}
-
-
-/*
- * release a reference to an attribute structure
- */
-static void
-fort11_FreeAttribute(PK11Attribute *attribute) {
- PRBool destroy = PR_FALSE;
-
- FMUTEX_Lock(attribute->refLock);
- if (attribute->refCount == 1) destroy = PR_TRUE;
- attribute->refCount--;
- FMUTEX_Unlock(attribute->refLock);
-
- if (destroy) fort11_DestroyAttribute(attribute);
-}
-
-
-/*
- * release a reference to an object handle
- */
-static PK11FreeStatus
-fort11_FreeObject(PK11Object *object) {
- PRBool destroy = PR_FALSE;
- CK_RV crv;
-
- FMUTEX_Lock(object->refLock);
- if (object->refCount == 1) destroy = PR_TRUE;
- object->refCount--;
- FMUTEX_Unlock(object->refLock);
-
- if (destroy) {
- crv = fort11_DestroyObject(object);
- if (crv != CKR_OK) {
- return PK11_DestroyFailure;
- }
- return PK11_Destroyed;
- }
- return PK11_Busy;
-}
-
-static void
-fort11_update_state(PK11Slot *slot,PK11Session *session) {
- if (slot->isLoggedIn) {
- if (slot->ssoLoggedIn) {
- session->info.state = CKS_RW_SO_FUNCTIONS;
- } else if (session->info.flags & CKF_RW_SESSION) {
- session->info.state = CKS_RW_USER_FUNCTIONS;
- } else {
- session->info.state = CKS_RO_USER_FUNCTIONS;
- }
- } else {
- if (session->info.flags & CKF_RW_SESSION) {
- session->info.state = CKS_RW_PUBLIC_SESSION;
- } else {
- session->info.state = CKS_RO_PUBLIC_SESSION;
- }
- }
-}
-
-/* update the state of all the sessions on a slot */
-static void
-fort11_update_all_states(PK11Slot *slot) {
- int i;
- PK11Session *session;
-
- for (i=0; i < SESSION_HASH_SIZE; i++) {
- FMUTEX_Lock(slot->sessionLock);
- for (session = slot->head[i]; session; session = session->next) {
- fort11_update_state(slot,session);
- }
- FMUTEX_Unlock(slot->sessionLock);
- }
-}
-
-
-/*
- * Create a new object
- */
-static PK11Object *
-fort11_NewObject(PK11Slot *slot) {
- PK11Object *object;
- CK_RV mrv;
- int i;
-
- object = (PK11Object*)PORT_Alloc(sizeof(PK11Object));
- if (object == NULL) return NULL;
-
- object->handle = 0;
- object->next = object->prev = NULL;
- object->sessionList.next = NULL;
- object->sessionList.prev = NULL;
- object->sessionList.parent = object;
- object->inDB = PR_FALSE;
- object->label = NULL;
- object->refCount = 1;
- object->session = NULL;
- object->slot = slot;
- object->objclass = 0xffff;
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create(&object->refLock);
- if (mrv != CKR_OK) {
- PORT_Free(object);
- return NULL;
- }
- mrv = FMUTEX_Create(&object->attributeLock);
- if (mrv != CKR_OK) {
- FMUTEX_Destroy(object->refLock);
- PORT_Free(object);
- return NULL;
- }
- } else {
- object->attributeLock = NULL;
- object->refLock = NULL;
- }
- for (i=0; i < HASH_SIZE; i++) {
- object->head[i] = NULL;
- }
- object->objectInfo = NULL;
- object->infoFree = NULL;
- return object;
-}
-
-/*
- * look up and object structure from a handle. OBJECT_Handles only make
- * sense in terms of a given session. make a reference to that object
- * structure returned.
- */
-static PK11Object * fort11_ObjectFromHandle(CK_OBJECT_HANDLE handle,
- PK11Session *session) {
- PK11Object **head;
- void *lock;
- PK11Slot *slot = fort11_SlotFromSession(session);
- PK11Object *object;
-
- /*
- * Token objects are stored in the slot. Session objects are stored
- * with the session.
- */
- head = slot->tokObjects;
- lock = slot->objectLock;
-
- FMUTEX_Lock(lock);
- pk11queue_find(object,handle,head,HASH_SIZE);
- if (object) {
- FMUTEX_Lock(object->refLock);
- object->refCount++;
- FMUTEX_Unlock(object->refLock);
- }
- FMUTEX_Unlock(lock);
-
- return(object);
-}
-
-/*
- * add an object to a slot andsession queue
- */
-static
-void fort11_DeleteObject(PK11Session *session, PK11Object *object) {
- PK11Slot *slot;
-
- if (session == NULL)
- return;
- slot = fort11_SlotFromSession(session);
- if (!fort11_isToken(object->handle)) {
- FMUTEX_Lock(session->objectLock);
- pk11queue_delete(&object->sessionList,0,session->objects,0);
- FMUTEX_Unlock(session->objectLock);
- }
- FMUTEX_Lock(slot->objectLock);
- pk11queue_delete(object,object->handle,slot->tokObjects,HASH_SIZE);
- FMUTEX_Unlock(slot->objectLock);
- fort11_FreeObject(object);
-}
-
-
-
-/*
- * ******************** Search Utilities *******************************
- */
-
-/* add an object to a search list */
-CK_RV
-fort11_AddToList(PK11ObjectListElement **list,PK11Object *object) {
- PK11ObjectListElement *newelem =
- (PK11ObjectListElement *)PORT_Alloc(sizeof(PK11ObjectListElement));
-
- if (newelem == NULL) return CKR_HOST_MEMORY;
-
- newelem->next = *list;
- newelem->object = object;
- FMUTEX_Lock(object->refLock);
- object->refCount++;
- FMUTEX_Unlock(object->refLock);
-
- *list = newelem;
- return CKR_OK;
-}
-
-
-/*
- * free a single list element. Return the Next object in the list.
- */
-PK11ObjectListElement *
-fort11_FreeObjectListElement(PK11ObjectListElement *objectList) {
- PK11ObjectListElement *ol = objectList->next;
-
- fort11_FreeObject(objectList->object);
- PORT_Free(objectList);
- return ol;
-}
-
-/* free an entire object list */
-void
-fort11_FreeObjectList(PK11ObjectListElement *objectList) {
- PK11ObjectListElement *ol;
-
- for (ol= objectList; ol != NULL; ol = fort11_FreeObjectListElement(ol)) {}
-}
-
-/*
- * free a search structure
- */
-void
-fort11_FreeSearch(PK11SearchResults *search) {
- if (search->handles) {
- PORT_Free(search->handles);
- }
- PORT_Free(search);
-}
-
-
-/*
- * Free up all the memory associated with an attribute. Reference count
- * must be zero to call this.
- */
-static void
-fort11_DestroyAttribute(PK11Attribute *attribute) {
- /*PORT_Assert(attribute->refCount == 0);*/
- FMUTEX_Destroy(attribute->refLock);
- if (attribute->attrib.pValue) {
- /* clear out the data in the attribute value... it may have been
- * sensitive data */
- PORT_Memset(attribute->attrib.pValue,0,attribute->attrib.ulValueLen);
- PORT_Free(attribute->attrib.pValue);
- }
- PORT_Free(attribute);
-}
-
-/*
- * delete an attribute from an object
- */
-static void
-fort11_DeleteAttribute(PK11Object *object, PK11Attribute *attribute) {
- FMUTEX_Lock(object->attributeLock);
- if (attribute->next || attribute->prev) {
- pk11queue_delete(attribute,attribute->handle,
- object->head,HASH_SIZE);
- }
- FMUTEX_Unlock(object->attributeLock);
- fort11_FreeAttribute(attribute);
-}
-
-/*
- * decode when a particular attribute may be modified
- * PK11_NEVER: This attribute must be set at object creation time and
- * can never be modified.
- * PK11_ONCOPY: This attribute may be modified only when you copy the
- * object.
- * PK11_SENSITIVE: The CKA_SENSITIVE attribute can only be changed from
- * FALSE to TRUE.
- * PK11_ALWAYS: This attribute can always be modified.
- * Some attributes vary their modification type based on the class of the
- * object.
- */
-PK11ModifyType
-fort11_modifyType(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass) {
- /* if we don't know about it, user user defined, always allow modify */
- PK11ModifyType mtype = PK11_ALWAYS;
-
- switch(type) {
- /* NEVER */
- case CKA_CLASS:
- case CKA_CERTIFICATE_TYPE:
- case CKA_KEY_TYPE:
- case CKA_MODULUS:
- case CKA_MODULUS_BITS:
- case CKA_PUBLIC_EXPONENT:
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME:
- case CKA_SUBPRIME:
- case CKA_BASE:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- case CKA_VALUE_LEN:
- mtype = PK11_NEVER;
- break;
-
- /* ONCOPY */
- case CKA_TOKEN:
- case CKA_PRIVATE:
- mtype = PK11_ONCOPY;
- break;
-
- /* SENSITIVE */
- case CKA_SENSITIVE:
- mtype = PK11_SENSITIVE;
- break;
-
- /* ALWAYS */
- case CKA_LABEL:
- case CKA_APPLICATION:
- case CKA_ID:
- case CKA_SERIAL_NUMBER:
- case CKA_START_DATE:
- case CKA_END_DATE:
- case CKA_DERIVE:
- case CKA_ENCRYPT:
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_VERIFY:
- case CKA_SIGN_RECOVER:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- case CKA_UNWRAP:
- mtype = PK11_ALWAYS;
- break;
-
- /* DEPENDS ON CLASS */
- case CKA_VALUE:
- mtype = (inClass == CKO_DATA) ? PK11_ALWAYS : PK11_NEVER;
- break;
-
- case CKA_SUBJECT:
- mtype = (inClass == CKO_CERTIFICATE) ? PK11_NEVER : PK11_ALWAYS;
- break;
- default:
- break;
- }
- return mtype;
-}
-
-/* decode if a particular attribute is sensitive (cannot be read
- * back to the user of if the object is set to SENSITIVE) */
-PRBool
-fort11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass) {
- switch(type) {
- /* ALWAYS */
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- return PR_TRUE;
-
- /* DEPENDS ON CLASS */
- case CKA_VALUE:
- /* PRIVATE and SECRET KEYS have SENSITIVE values */
- return (PRBool)((inClass == CKO_PRIVATE_KEY) ||
- (inClass == CKO_SECRET_KEY));
-
- default:
- break;
- }
- return PR_FALSE;
-}
-
-static void
-fort11_DeleteAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type) {
- PK11Attribute *attribute;
- attribute = fort11_FindAttribute(object, type);
- if (attribute == NULL) return ;
- fort11_DeleteAttribute(object,attribute);
-}
-
-
-/*
- * create a new nession. NOTE: The session handle is not set, and the
- * session is not added to the slot's session queue.
- */
-static PK11Session *
-fort11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
- CK_VOID_PTR pApplication,
- CK_FLAGS flags) {
- PK11Session *session;
- PK11Slot *slot = &fort11_slot[slotID-1];
- CK_RV mrv;
-
- if (slot == NULL) return NULL;
-
- session = (PK11Session*)PORT_Alloc(sizeof(PK11Session));
- if (session == NULL) return NULL;
-
- session->next = session->prev = NULL;
- session->refCount = 1;
- session->context = NULL;
- session->search = NULL;
- session->objectIDCount = 1;
- session->fortezzaContext.fortezzaKey = NULL;
- session->fortezzaContext.fortezzaSocket = NULL;
-
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create(&session->refLock);
- if (mrv != CKR_OK) {
- PORT_Free(session);
- return NULL;
- }
- mrv = FMUTEX_Create(&session->objectLock);
- if (mrv != CKR_OK) {
- FMUTEX_Destroy(session->refLock);
- PORT_Free(session);
- return NULL;
- }
- } else {
- session->refLock = NULL;
- session->objectLock = NULL;
- }
-
- session->objects[0] = NULL;
-
- session->slot = slot;
- session->notify = notify;
- session->appData = pApplication;
- session->info.flags = flags;
- session->info.slotID = slotID;
- fort11_update_state(slot,session);
- return session;
-}
-
-
-/*
- * look up a session structure from a session handle
- * generate a reference to it.
- */
-PK11Session *
-fort11_SessionFromHandle(CK_SESSION_HANDLE handle, PRBool isCloseSession) {
- PK11Slot *slot = fort11_SlotFromSessionHandle(handle);
- PK11Session *session;
-
- if (!isCloseSession &&
- !SocketStateUnchanged(&fortezzaSockets[slot->slotID-1]))
- return NULL;
-
- FMUTEX_Lock(slot->sessionLock);
- pk11queue_find(session,handle,slot->head,SESSION_HASH_SIZE);
- if (session) session->refCount++;
- FMUTEX_Unlock(slot->sessionLock);
-
- return (session);
-}
-
-/* free all the data associated with a session. */
-static void
-fort11_DestroySession(PK11Session *session)
-{
- PK11ObjectList *op,*next;
-/* PORT_Assert(session->refCount == 0);*/
-
- /* clean out the attributes */
- FMUTEX_Lock(session->objectLock);
- for (op = session->objects[0]; op != NULL; op = next) {
- next = op->next;
- /* paranoia */
- op->next = op->prev = NULL;
- fort11_DeleteObject(session,op->parent);
- }
- FMUTEX_Unlock(session->objectLock);
-
- FMUTEX_Destroy(session->objectLock);
- FMUTEX_Destroy(session->refLock);
-
- if (session->search) {
- fort11_FreeSearch(session->search);
- }
-
- pk11queue_delete(session, session->handle, session->slot->head,
- SESSION_HASH_SIZE);
-
- PORT_Free(session);
-}
-
-
-/*
- * release a reference to a session handle
- */
-void
-fort11_FreeSession(PK11Session *session) {
- PRBool destroy = PR_FALSE;
- PK11Slot *slot = NULL;
-
- if (!session) return; /*Quick fix to elminate crash*/
- /*Fix in later version */
-
- if (FMUTEX_MutexEnabled()) {
- slot = fort11_SlotFromSession(session);
- FMUTEX_Lock(slot->sessionLock);
- }
- if (session->refCount == 1) destroy = PR_TRUE;
- session->refCount--;
- if (FMUTEX_MutexEnabled()) {
- FMUTEX_Unlock(slot->sessionLock);
- }
-
- if (destroy) {
- fort11_DestroySession(session);
- }
-}
-
-
-/* return true if the object matches the template */
-PRBool
-fort11_objectMatch(PK11Object *object,CK_ATTRIBUTE_PTR theTemplate,int count) {
- int i;
-
- for (i=0; i < count; i++) {
- PK11Attribute *attribute =
- fort11_FindAttribute(object,theTemplate[i].type);
- if (attribute == NULL) {
- return PR_FALSE;
- }
- if (attribute->attrib.ulValueLen == theTemplate[i].ulValueLen) {
- if (PORT_Memcmp(attribute->attrib.pValue,theTemplate[i].pValue,
- theTemplate[i].ulValueLen) == 0) {
- fort11_FreeAttribute(attribute);
- continue;
- }
- }
- fort11_FreeAttribute(attribute);
- return PR_FALSE;
- }
- return PR_TRUE;
-}
-
-/* search through all the objects in the queue and return the template matches
- * in the object list.
- */
-CK_RV
-fort11_searchObjectList(PK11ObjectListElement **objectList,PK11Object **head,
- void *lock, CK_ATTRIBUTE_PTR theTemplate, int count) {
- int i;
- PK11Object *object;
- CK_RV rv;
-
- for(i=0; i < HASH_SIZE; i++) {
- /* We need to hold the lock to copy a consistant version of
- * the linked list. */
- FMUTEX_Lock(lock);
- for (object = head[i]; object != NULL; object= object->next) {
- if (fort11_objectMatch(object,theTemplate,count)) {
- rv = fort11_AddToList(objectList,object);
- if (rv != CKR_OK) {
- return rv;
- }
- }
- }
- FMUTEX_Unlock(lock);
- }
- return CKR_OK;
-}
-
-static PRBool
-fort11_NotAllFuncsNULL (CK_C_INITIALIZE_ARGS_PTR pArgs) {
- return (PRBool)(pArgs && pArgs->CreateMutex && pArgs->DestroyMutex &&
- pArgs->LockMutex && pArgs->UnlockMutex);
-}
-
-static PRBool
-fort11_InArgCheck(CK_C_INITIALIZE_ARGS_PTR pArgs) {
- PRBool rv;
- /* The only check for now, is to make sure that all of the
- * function pointers are either all NULL or all Non-NULL.
- * We also need to make sure the pReserved field in pArgs is
- * set to NULL.
- */
- if (pArgs == NULL) {
- return PR_TRUE; /* If the argument is NULL, no
- * inconsistencies can exist.
- */
- }
-
- if (pArgs->pReserved != NULL) {
- return PR_FALSE;
- }
-
- if (pArgs->CreateMutex != NULL) {
- rv = (PRBool) (pArgs->DestroyMutex != NULL &&
- pArgs->LockMutex != NULL &&
- pArgs->UnlockMutex != NULL);
- } else { /*pArgs->CreateMutex == NULL*/
- rv = (PRBool) (pArgs->DestroyMutex == NULL &&
- pArgs->LockMutex == NULL &&
- pArgs->UnlockMutex == NULL);
- }
- return rv;
-}
-
-
-
-/**********************************************************************
- *
- * Start of PKCS 11 functions
- *
- **********************************************************************/
-
-
-/**********************************************************************
- *
- * In order to get this to work on 68K, we have to do some special tricks,
- * First trick is that we need to make the module a Code Resource, and
- * all Code Resources on 68K have to have a main function. So we
- * define main to be a wrapper for C_GetFunctionList which will be the
- * first funnction called by any software that uses the PKCS11 module.
- *
- * The second trick is that whenever you access a global variable from
- * the Code Resource, it does funny things to the stack on 68K, so we
- * need to call some macros that handle the stack for us. First thing
- * you do is call EnterCodeResource() first thing in a function that
- * accesses a global, right before you leave that function, you call
- * ExitCodeResource. This will take care of stack management.
- *
- * Third trick is to call __InitCode__() when we first enter the module
- * so that all of the global variables get initialized properly.
- *
- **********************************************************************/
-
-#if defined(XP_MAC) && !defined(__POWERPC__)
-
-#define FORT11_RETURN(exp) {ExitCodeResource(); return (exp);}
-#define FORT11_ENTER() EnterCodeResource();
-
-#else /*XP_MAC*/
-
-#define FORT11_RETURN(exp) return (exp);
-#define FORT11_ENTER()
-
-#endif /*XP_MAC*/
-
-#define CARD_OK(rv) if ((rv) != CI_OK) FORT11_RETURN (CKR_DEVICE_ERROR);
-#define SLOT_OK(slot) if ((slot) > kNumSockets) FORT11_RETURN (CKR_SLOT_ID_INVALID);
-
-#ifdef XP_MAC
-/* This is not a 4.0 project, so I can't depend on
- * 4.0 defines, so instead I depend on CodeWarrior
- * defines.
- */
-#if __POWERPC__
-#elif __CFM68K__
-#else
-/* To get this to work on 68K, we need to have
- * the symbol main. So we just make it a wrapper for C_GetFunctionList.
- */
-PR_PUBLIC_API(CK_RV) main(CK_FUNCTION_LIST_PTR *pFunctionList) {
- FORT11_ENTER()
- CK_RV rv;
-
- __InitCode__();
-
- rv = C_GetFunctionList(pFunctionList);
- FORT11_RETURN (rv);
-}
-#endif
-
-#endif /*XP_MAC*/
-
-/* Return the function list */
-PR_PUBLIC_API(CK_RV) C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
- /* No need to do a FORT11_RETURN as this function will never be directly
- * called in the case where we need to do stack management.
- * The main function will call this after taking care of stack stuff.
- */
- *pFunctionList = &fort11_funcList;
- return CKR_OK;
-}
-
-
-/* C_Initialize initializes the Cryptoki library. */
-PR_PUBLIC_API(CK_RV) C_Initialize(CK_VOID_PTR pReserved) {
- FORT11_ENTER()
- int i,j, tempNumSockets;
- int rv = 1;
- CK_C_INITIALIZE_ARGS_PTR pArgs = (CK_C_INITIALIZE_ARGS_PTR)pReserved;
- CK_RV mrv;
-
- /* intialize all the slots */
- if (!init) {
- init = PR_TRUE;
-
- /* need to initialize locks before MACI_Initialize is called in
- * software fortezza. */
- if (pArgs) {
- if (!fort11_InArgCheck(pArgs)) {
- FORT11_RETURN (CKR_ARGUMENTS_BAD);
- }
- if (pArgs->flags & CKF_OS_LOCKING_OK){
- if (!fort11_NotAllFuncsNULL(pArgs)) {
- FORT11_RETURN (CKR_CANT_LOCK);
- }
- }
- if (fort11_NotAllFuncsNULL(pArgs)) {
- mrv = FMUTEX_Init(pArgs);
- if (mrv != CKR_OK) {
- return CKR_GENERAL_ERROR;
- }
- }
- }
- rv = MACI_Initialize (&tempNumSockets);
- kNumSockets = (CK_ULONG)tempNumSockets;
-
- CARD_OK (rv);
- for (i=0; i < (int) kNumSockets; i++) {
- if (FMUTEX_MutexEnabled()) {
- mrv = FMUTEX_Create(&fort11_slot[i].sessionLock);
- if (mrv != CKR_OK) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
- mrv = FMUTEX_Create(&fort11_slot[i].objectLock);
- if (mrv != CKR_OK) {
- FMUTEX_Destroy(fort11_slot[i].sessionLock);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
- } else {
- fort11_slot[i].sessionLock = NULL;
- fort11_slot[i].objectLock = NULL;
- }
- for(j=0; j < SESSION_HASH_SIZE; j++) {
- fort11_slot[i].head[j] = NULL;
- }
- for(j=0; j < HASH_SIZE; j++) {
- fort11_slot[i].tokObjects[j] = NULL;
- }
- fort11_slot[i].password = NULL;
- fort11_slot[i].hasTokens = PR_FALSE;
- fort11_slot[i].sessionIDCount = fort11_firstSessionID (i);
- fort11_slot[i].sessionCount = 0;
- fort11_slot[i].rwSessionCount = 0;
- fort11_slot[i].tokenIDCount = 1;
- fort11_slot[i].needLogin = PR_TRUE;
- fort11_slot[i].isLoggedIn = PR_FALSE;
- fort11_slot[i].ssoLoggedIn = PR_FALSE;
- fort11_slot[i].DB_loaded = PR_FALSE;
- fort11_slot[i].slotID= i+1;
- InitSocket(&fortezzaSockets[i], i+1);
- }
- }
- FORT11_RETURN (CKR_OK);
-}
-
-/*C_Finalize indicates that an application is done with the Cryptoki library.*/
-PR_PUBLIC_API(CK_RV) C_Finalize (CK_VOID_PTR pReserved) {
- FORT11_ENTER()
- int i;
-
- for (i=0; i< (int) kNumSockets; i++) {
- FreeSocket(&fortezzaSockets[i]);
- }
- MACI_Terminate(fortezzaSockets[0].maciSession);
- init = PR_FALSE;
- FORT11_RETURN (CKR_OK);
-}
-
-
-
-
-/* C_GetInfo returns general information about Cryptoki. */
-PR_PUBLIC_API(CK_RV) C_GetInfo(CK_INFO_PTR pInfo) {
- FORT11_ENTER()
- pInfo->cryptokiVersion = fort11_funcList.version;
- PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
- pInfo->libraryVersion.major = 1;
- pInfo->libraryVersion.minor = 7;
- PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32);
- pInfo->flags = 0;
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_GetSlotList obtains a list of slots in the system. */
-PR_PUBLIC_API(CK_RV) C_GetSlotList(CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList,
- CK_ULONG_PTR pulCount) {
- FORT11_ENTER()
- int i;
-
- if (pSlotList != NULL) {
- if (*pulCount >= kNumSockets) {
- for (i=0; i < (int) kNumSockets; i++) {
- pSlotList[i] = i+1;
- }
- } else {
- FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
- }
- } else {
- *pulCount = kNumSockets;
- }
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_GetSlotInfo obtains information about a particular slot in the system. */
-PR_PUBLIC_API(CK_RV) C_GetSlotInfo(CK_SLOT_ID slotID,
- CK_SLOT_INFO_PTR pInfo) {
- FORT11_ENTER()
- int rv;
- CI_CONFIG ciConfig;
- CI_STATE ciState;
- HSESSION maciSession;
- char slotDescription[65];
- FortezzaSocket *socket;
-
-
- SLOT_OK(slotID);
-
- socket = &fortezzaSockets[slotID-1];
- if (!socket->isOpen) {
- InitSocket(socket, slotID);
- }
- maciSession = socket->maciSession;
-
- rv = MACI_Select(maciSession, slotID);
-
- CARD_OK (rv)
-
- rv = MACI_GetConfiguration (maciSession, &ciConfig);
-
-
- pInfo->firmwareVersion.major = 0;
- pInfo->firmwareVersion.minor = 0;
-#ifdef SWFORT
- PORT_Memcpy (pInfo->manufacturerID,"Netscape Communications Corp ",32);
- PORT_Memcpy (slotDescription,"Netscape Software Slot # ",32);
-#define _local_BASE 24
-#else
- PORT_Memcpy (pInfo->manufacturerID,"LITRONIC ",32);
- PORT_Memcpy (slotDescription,"Litronic MACI Slot # ",32);
-#define _local_BASE 20
-#endif
- slotDescription[_local_BASE] = (char )((slotID < 10) ? slotID :
- slotID/10) + '0';
- if (slotID >= 10) slotDescription[_local_BASE+1] =
- (char)(slotID % 10) + '0';
- PORT_Memcpy (&slotDescription[32]," ",32);
- PORT_Memcpy (pInfo->slotDescription, slotDescription , 64);
- if (rv == CI_OK) {
- pInfo->hardwareVersion.major =
- (ciConfig.ManufacturerVersion & MAJOR_VERSION_MASK) >> 8;
- pInfo->hardwareVersion.minor =
- ciConfig.ManufacturerVersion & MINOR_VERSION_MASK;
- pInfo->flags = CKF_TOKEN_PRESENT;
- } else {
- pInfo->hardwareVersion.major = 0;
- pInfo->hardwareVersion.minor = 0;
- pInfo->flags = 0;
- }
-#ifdef SWFORT
- /* do we need to make it a removable device as well?? */
- pInfo->flags |= CKF_REMOVABLE_DEVICE;
-#else
- pInfo->flags |= (CKF_REMOVABLE_DEVICE | CKF_HW_SLOT);
-#endif
-
- rv = MACI_GetState(maciSession, &ciState);
-
- if (rv == CI_OK) {
- switch (ciState) {
- case CI_ZEROIZE:
- case CI_INTERNAL_FAILURE:
- pInfo->flags &= (~CKF_TOKEN_PRESENT);
- default:
- break;
- }
- } else {
- pInfo->flags &= (~CKF_TOKEN_PRESENT);
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-#define CKF_THREAD_SAFE 0x8000
-
-/* C_GetTokenInfo obtains information about a particular token
- in the system. */
-PR_PUBLIC_API(CK_RV) C_GetTokenInfo(CK_SLOT_ID slotID,
- CK_TOKEN_INFO_PTR pInfo) {
- FORT11_ENTER()
- CI_STATUS cardStatus;
- CI_CONFIG ciConfig;
- PK11Slot *slot;
- int rv, i;
- char tmp[33];
- FortezzaSocket *socket;
-
- SLOT_OK (slotID);
-
- slot = &fort11_slot[slotID-1];
-
- socket = &fortezzaSockets[slotID-1];
- if (!socket->isOpen) {
- InitSocket(socket, slotID);
- }
-
- rv = MACI_Select (socket->maciSession, slotID);
- rv = MACI_GetStatus (socket->maciSession, &cardStatus);
- if (rv != CI_OK) {
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
-#ifdef SWFORT
- sprintf (tmp, "Software FORTEZZA Slot #%d", (int) slotID);
-#else
- sprintf (tmp, "FORTEZZA Slot #%d", (int) slotID);
-#endif
-
- PORT_Memcpy (pInfo->label, tmp, PORT_Strlen(tmp)+1);
-
- for (i=0; i<8; i++) {
- int serNum;
-
- serNum = (int)cardStatus.SerialNumber[i];
- sprintf ((char*)&pInfo->serialNumber[2*i], "%.2x", serNum);
- }
-
- rv = MACI_GetTime (fortezzaSockets[slotID-1].maciSession, pInfo->utcTime);
- if (rv == CI_OK) {
- pInfo->flags = CKF_CLOCK_ON_TOKEN;
- } else {
- switch (rv) {
- case CI_LIB_NOT_INIT:
- case CI_INV_POINTER:
- case CI_NO_CARD:
- case CI_NO_SOCKET:
- FORT11_RETURN (CKR_DEVICE_ERROR);
- default:
- pInfo->flags = 0;
- break;
- }
- }
-
- rv = MACI_GetConfiguration (fortezzaSockets[slotID-1].maciSession,
- &ciConfig);
-
- if (rv == CI_OK) {
- PORT_Memcpy(pInfo->manufacturerID,ciConfig.ManufacturerName,
- PORT_Strlen(ciConfig.ManufacturerName));
- for (i=PORT_Strlen(ciConfig.ManufacturerName); i<32; i++) {
- pInfo->manufacturerID[i] = ' ';
- }
- PORT_Memcpy(pInfo->model,ciConfig.ProcessorType,16);
- }
- pInfo->ulMaxPinLen = CI_PIN_SIZE;
- pInfo->ulMinPinLen = 0;
- pInfo->ulTotalPublicMemory = 0;
- pInfo->ulFreePublicMemory = 0;
- pInfo->flags |= CKF_RNG | CKF_LOGIN_REQUIRED| CKF_USER_PIN_INITIALIZED |
- CKF_THREAD_SAFE | CKF_WRITE_PROTECTED;
-
- pInfo->ulMaxSessionCount = 0;
- pInfo->ulSessionCount = slot->sessionCount;
- pInfo->ulMaxRwSessionCount = 0;
- pInfo->ulRwSessionCount = slot->rwSessionCount;
-
- if (rv == CI_OK) {
- pInfo->firmwareVersion.major =
- (ciConfig.ManufacturerSWVer & MAJOR_VERSION_MASK) >> 8;
- pInfo->firmwareVersion.minor =
- ciConfig.ManufacturerSWVer & MINOR_VERSION_MASK;
- pInfo->hardwareVersion.major =
- (ciConfig.ManufacturerVersion & MAJOR_VERSION_MASK) >> 8;
- pInfo->hardwareVersion.minor =
- ciConfig.ManufacturerVersion & MINOR_VERSION_MASK;
- }
- FORT11_RETURN (CKR_OK);
-}
-
-
-
-/* C_GetMechanismList obtains a list of mechanism types supported by a
- token. */
-PR_PUBLIC_API(CK_RV) C_GetMechanismList(CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList,
- CK_ULONG_PTR pulCount) {
- FORT11_ENTER()
- CK_RV rv = CKR_OK;
- int i;
-
- SLOT_OK (slotID);
-
- if (pMechanismList == NULL) {
- *pulCount = mechanismCount;
- } else {
- if (*pulCount >= mechanismCount) {
- *pulCount = mechanismCount;
- for (i=0; i< (int)mechanismCount; i++) {
- pMechanismList[i] = mechanisms[i].type;
- }
- } else {
- rv = CKR_BUFFER_TOO_SMALL;
- }
- }
- FORT11_RETURN (rv);
-}
-
-
-/* C_GetMechanismInfo obtains information about a particular mechanism
- * possibly supported by a token. */
-PR_PUBLIC_API(CK_RV) C_GetMechanismInfo(CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo) {
- int i;
- FORT11_ENTER()
- SLOT_OK (slotID);
-
- for (i=0; i< (int)mechanismCount; i++) {
- if (type == mechanisms[i].type) {
- PORT_Memcpy (pInfo, &mechanisms[i].domestic, sizeof (CK_MECHANISM_INFO));
- FORT11_RETURN (CKR_OK);
- }
- }
- FORT11_RETURN (CKR_MECHANISM_INVALID);
-}
-
-
-/* C_InitToken initializes a token. */
-PR_PUBLIC_API(CK_RV) C_InitToken(CK_SLOT_ID slotID,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,
- CK_CHAR_PTR pLabel) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-PR_PUBLIC_API(CK_RV) C_InitPIN(CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SetPIN modifies the PIN of user that is currently logged in. */
-/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
-PR_PUBLIC_API(CK_RV) C_SetPIN(CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen,
- CK_CHAR_PTR pNewPin,
- CK_ULONG ulNewLen) {
- FORT11_ENTER()
-#ifndef SWFORT
- CI_PIN ciOldPin, ciNewPin;
-#endif
- PK11Session *session;
- PK11Slot *slot;
- int rv;
-
- session = fort11_SessionFromHandle (hSession, PR_FALSE);
-
- slot = fort11_SlotFromSession (session);
- SLOT_OK(slot->slotID)
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- rv = MACI_Select (fortezzaSockets[slot->slotID-1].maciSession, slot->slotID);
- CARD_OK (rv)
-
- if (slot->needLogin && session->info.state != CKS_RW_USER_FUNCTIONS) {
- fort11_FreeSession (session);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- fort11_FreeSession (session);
-
- if (ulNewLen > CI_PIN_SIZE || ulOldLen > CI_PIN_SIZE)
- FORT11_RETURN (CKR_PIN_LEN_RANGE);
-
-#ifndef SWFORT
- fort11_convertToCIPin (ciOldPin,pOldPin, ulOldLen);
- fort11_convertToCIPin (ciNewPin,pNewPin, ulNewLen);
-
- rv = MACI_ChangePIN (fortezzaSockets[slot->slotID-1].maciSession,
- CI_USER_PIN, ciOldPin, ciNewPin);
-#else
- rv = MACI_ChangePIN (fortezzaSockets[slot->slotID-1].maciSession,
- CI_USER_PIN, pOldPin, pNewPin);
-#endif
-
- if (rv != CI_OK) {
- switch (rv) {
- case CI_FAIL:
- FORT11_RETURN (CKR_PIN_INCORRECT);
- default:
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_OpenSession opens a session between an application and a token. */
-PR_PUBLIC_API(CK_RV) C_OpenSession(CK_SLOT_ID slotID,
- CK_FLAGS flags,
- CK_VOID_PTR pApplication,
- CK_NOTIFY Notify,
- CK_SESSION_HANDLE_PTR phSession) {
- FORT11_ENTER()
- PK11Slot *slot;
- CK_SESSION_HANDLE sessionID;
- PK11Session *session;
- FortezzaSocket *socket;
-
- SLOT_OK (slotID)
- slot = &fort11_slot[slotID-1];
- socket = &fortezzaSockets[slotID-1];
-
- if (!socket->isOpen) {
- if (InitSocket(socket, slotID) != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_TOKEN_NOT_PRESENT);
- }
- }
-
- session = fort11_NewSession (slotID, Notify, pApplication,
- flags | CKF_SERIAL_SESSION);
-
- if (session == NULL) FORT11_RETURN (CKR_HOST_MEMORY);
-
- FMUTEX_Lock(slot->sessionLock);
-
- slot->sessionIDCount += ADD_NEXT_SESS_ID;
- sessionID = slot->sessionIDCount;
- fort11_update_state (slot, session);
- pk11queue_add (session, sessionID, slot->head, SESSION_HASH_SIZE);
- slot->sessionCount++;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount++;
- }
- session->handle = sessionID;
- session->info.ulDeviceError = 0;
-
- FMUTEX_Unlock(slot->sessionLock);
-
- *phSession = sessionID;
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_CloseSession closes a session between an application and a token. */
-PR_PUBLIC_API(CK_RV) C_CloseSession(CK_SESSION_HANDLE hSession) {
- FORT11_ENTER()
- PK11Slot *slot;
- PK11Session *session;
-
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- slot = fort11_SlotFromSessionHandle (hSession);
-
- if (session == NULL) {
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- FMUTEX_Lock(slot->sessionLock);
- if (session->next || session->prev) {
- session->refCount--;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount--;
- }
- if (slot->sessionCount == 0) {
- slot->isLoggedIn = PR_FALSE;
- slot->password = NULL;
- }
- }
-
- FMUTEX_Unlock(slot->sessionLock);
-
- fort11_FreeSession (session);
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-PR_PUBLIC_API(CK_RV) C_CloseAllSessions (CK_SLOT_ID slotID) {
- FORT11_ENTER()
- PK11Slot *slot;
- PK11Session *session;
- int i;
-
-
- slot = fort11_SlotFromID(slotID);
- if (slot == NULL) FORT11_RETURN (CKR_SLOT_ID_INVALID);
-
- /* first log out the card */
- FMUTEX_Lock(slot->sessionLock);
- slot->isLoggedIn = PR_FALSE;
- slot->password = NULL;
- FMUTEX_Unlock(slot->sessionLock);
-
- /* now close all the current sessions */
- /* NOTE: If you try to open new sessions before C_CloseAllSessions
- * completes, some of those new sessions may or may not be closed by
- * C_CloseAllSessions... but any session running when this code starts
- * will guarrenteed be close, and no session will be partially closed */
- for (i=0; i < SESSION_HASH_SIZE; i++) {
- do {
- FMUTEX_Lock(slot->sessionLock);
- session = slot->head[i];
- /* hand deque */
- /* this duplicates much of C_close session functionality, but because
- * we know that we are freeing all the sessions, we and do some
- * more efficient processing */
- if (session) {
- slot->head[i] = session->next;
- if (session->next) session->next->prev = NULL;
- session->next = session->prev = NULL;
- slot->sessionCount--;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount--;
- }
- }
- FMUTEX_Unlock(slot->sessionLock);
- if (session) fort11_FreeSession(session);
- } while (session != NULL);
- }
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_GetSessionInfo obtains information about the session. */
-PR_PUBLIC_API(CK_RV) C_GetSessionInfo(CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo) {
- FORT11_ENTER()
- PK11Session *session;
- PK11Slot *slot;
- CI_STATE cardState;
- FortezzaSocket *socket;
- int ciRV;
-
- session = fort11_SessionFromHandle (hSession, PR_FALSE);
- slot = fort11_SlotFromSessionHandle(hSession);
- socket = &fortezzaSockets[slot->slotID-1];
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- PORT_Memcpy (pInfo, &session->info, sizeof (CK_SESSION_INFO));
- fort11_FreeSession(session);
-
- ciRV = MACI_Select(socket->maciSession, slot->slotID);
- CARD_OK(ciRV)
-
- ciRV = MACI_GetState(socket->maciSession, &cardState);
- CARD_OK(ciRV)
-
- if (socket->isLoggedIn) {
- switch (cardState) {
- case CI_POWER_UP:
- case CI_UNINITIALIZED:
- case CI_INITIALIZED:
- case CI_SSO_INITIALIZED:
- case CI_LAW_INITIALIZED:
- case CI_USER_INITIALIZED:
- pInfo->state = CKS_RO_PUBLIC_SESSION;
- break;
- case CI_STANDBY:
- case CI_READY:
- pInfo->state = CKS_RO_USER_FUNCTIONS;
- break;
- default:
- pInfo->state = CKS_RO_PUBLIC_SESSION;
- break;
- }
- } else {
- pInfo->state = CKS_RO_PUBLIC_SESSION;
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_Login logs a user into a token. */
-PR_PUBLIC_API(CK_RV) C_Login(CK_SESSION_HANDLE hSession,
- CK_USER_TYPE userType,
- CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen) {
- FORT11_ENTER()
- PK11Slot *slot;
- PK11Session *session;
-#ifndef SWFORT
- CI_PIN ciPin;
-#endif
- int rv, ciUserType;
-
- slot = fort11_SlotFromSessionHandle (hSession);
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- fort11_FreeSession(session);
-
- if (slot->isLoggedIn) FORT11_RETURN (CKR_USER_ALREADY_LOGGED_IN);
- slot->ssoLoggedIn = PR_FALSE;
-
-#ifndef SWFORT
- if (ulPinLen > CI_PIN_SIZE) FORT11_RETURN (CKR_PIN_LEN_RANGE);
-
- fort11_convertToCIPin (ciPin, pPin, ulPinLen);
-#endif
- switch (userType) {
- case CKU_SO:
- ciUserType = CI_SSO_PIN;
- break;
- case CKU_USER:
- ciUserType = CI_USER_PIN;
- break;
- default:
- FORT11_RETURN (CKR_USER_TYPE_INVALID);
- }
-
-#ifndef SWFORT
- rv = LoginToSocket(&fortezzaSockets[slot->slotID-1], ciUserType, ciPin);
-#else
- rv = LoginToSocket(&fortezzaSockets[slot->slotID-1], ciUserType, pPin);
-#endif
-
- switch (rv) {
- case SOCKET_SUCCESS:
- break;
- case CI_FAIL:
- FORT11_RETURN (CKR_PIN_INCORRECT);
- default:
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- FMUTEX_Lock(slot->sessionLock);
- slot->isLoggedIn = PR_TRUE;
- if (userType == CKU_SO) {
- slot->ssoLoggedIn = PR_TRUE;
- }
- FMUTEX_Unlock(slot->sessionLock);
-
- fort11_update_all_states(slot);
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_Logout logs a user out from a token. */
-PR_PUBLIC_API(CK_RV) C_Logout(CK_SESSION_HANDLE hSession) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (!slot->isLoggedIn)
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-
- FMUTEX_Lock(slot->sessionLock);
-
- slot->isLoggedIn = PR_FALSE;
- slot->ssoLoggedIn = PR_FALSE;
- slot->password = NULL;
- LogoutFromSocket (&fortezzaSockets[slot->slotID-1]);
-
- FMUTEX_Unlock(slot->sessionLock);
-
- fort11_update_all_states(slot);
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_CreateObject creates a new object. */
-PR_PUBLIC_API(CK_RV) C_CreateObject(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_CopyObject copies an object, creating a new object for the copy. */
-PR_PUBLIC_API(CK_RV) C_CopyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DestroyObject destroys an object. */
-PR_PUBLIC_API(CK_RV) C_DestroyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- PK11FreeStatus status;
-
- /*
- * This whole block just makes sure we really can destroy the
- * requested object.
- */
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- object = fort11_ObjectFromHandle(hObject,session);
- if (object == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OBJECT_HANDLE_INVALID);
- }
-
- /* don't destroy a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (fort11_isTrue(object,CKA_PRIVATE))) {
- fort11_FreeSession(session);
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- /* don't destroy a token object if we aren't in a rw session */
-
- if (((session->info.flags & CKF_RW_SESSION) == 0) &&
- (fort11_isTrue(object,CKA_TOKEN))) {
- fort11_FreeSession(session);
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_SESSION_READ_ONLY);
- }
-
- /* ACTUALLY WE NEED TO DEAL WITH TOKEN OBJECTS AS WELL */
- FMUTEX_Lock(session->objectLock);
- fort11_DeleteObject(session,object);
- FMUTEX_Unlock(session->objectLock);
-
- fort11_FreeSession(session);
-
- /*
- * get some indication if the object is destroyed. Note: this is not
- * 100%. Someone may have an object reference outstanding (though that
- * should not be the case by here. Also now that the object is "half"
- * destroyed. Our internal representation is destroyed, but it is still
- * in the data base.
- */
- status = fort11_FreeObject(object);
-
- FORT11_RETURN ((status != PK11_DestroyFailure) ? CKR_OK : CKR_DEVICE_ERROR);
-}
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-PR_PUBLIC_API(CK_RV) C_GetObjectSize(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ULONG_PTR pulSize) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- *pulSize = 0;
- return CKR_OK;
-}
-
-
-/* C_GetAttributeValue obtains the value of one or more object attributes. */
-PR_PUBLIC_API(CK_RV) C_GetAttributeValue(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- PK11Attribute *attribute;
- PRBool sensitive;
- int i;
-
- /*
- * make sure we're allowed
- */
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- object = fort11_ObjectFromHandle(hObject,session);
- fort11_FreeSession(session);
- if (object == NULL) {
- FORT11_RETURN (CKR_OBJECT_HANDLE_INVALID);
- }
-
- /* don't read a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (fort11_isTrue(object,CKA_PRIVATE))) {
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- sensitive = fort11_isTrue(object,CKA_SENSITIVE);
- for (i=0; i < (int)ulCount; i++) {
- /* Make sure that this attribute is retrievable */
- if (sensitive && fort11_isSensitive(pTemplate[i].type,object->objclass)) {
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_ATTRIBUTE_SENSITIVE);
- }
- attribute = fort11_FindAttribute(object,pTemplate[i].type);
- if (attribute == NULL) {
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_ATTRIBUTE_TYPE_INVALID);
- }
- if (pTemplate[i].pValue != NULL) {
- PORT_Memcpy(pTemplate[i].pValue,attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- }
- pTemplate[i].ulValueLen = attribute->attrib.ulValueLen;
- fort11_FreeAttribute(attribute);
- }
-
- fort11_FreeObject(object);
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_SetAttributeValue modifies the value of one or more object attributes */
-PR_PUBLIC_API(CK_RV) C_SetAttributeValue (CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_FindObjectsInit initializes a search for token and session objects
- * that match a template. */
-PR_PUBLIC_API(CK_RV) C_FindObjectsInit(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11ObjectListElement *objectList = NULL;
- PK11ObjectListElement *olp;
- PK11SearchResults *search, *freeSearch;
- FortezzaSocket *currSocket;
- int rv, count, i;
-
- if (slot == NULL) {
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
-
- if ((!slot->isLoggedIn) && (slot->needLogin))
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
-
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- currSocket = &fortezzaSockets[slot->slotID-1];
- if (currSocket->personalityList == NULL) {
- rv = FetchPersonalityList(currSocket);
- if (rv != SOCKET_SUCCESS) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- rv = fort11_BuildCertObjects(currSocket, slot, session);
-
- if (rv != CKR_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (rv);
- }
-
-
- }
- rv = fort11_searchObjectList(&objectList, slot->tokObjects,
- slot->objectLock, pTemplate, ulCount);
- if (rv != CKR_OK) {
- fort11_FreeObjectList(objectList);
- fort11_FreeSession(session);
- FORT11_RETURN (rv);
- }
-
- /*copy list to session*/
-
- count = 0;
- for(olp = objectList; olp != NULL; olp = olp->next) {
- count++;
- }
-
- search = (PK11SearchResults *)PORT_Alloc(sizeof(PK11SearchResults));
- if (search != NULL) {
- search->handles = (CK_OBJECT_HANDLE *)
- PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * count);
- if (search->handles != NULL) {
- for (i=0; i < count; i++) {
- search->handles[i] = objectList->object->handle;
- objectList = fort11_FreeObjectListElement(objectList);
- }
- } else {
- PORT_Free(search);
- search = NULL;
- }
- }
- if (search == NULL) {
- fort11_FreeObjectList(objectList);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- /* store the search info */
- search->index = 0;
- search->size = count;
- if ((freeSearch = session->search) != NULL) {
- session->search = NULL;
- fort11_FreeSearch(freeSearch);
- }
- session->search = search;
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_FindObjects continues a search for token and session objects
- * that match a template, obtaining additional object handles. */
-PR_PUBLIC_API(CK_RV) C_FindObjects(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,
- CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount) {
- FORT11_ENTER()
- PK11Session *session;
- PK11SearchResults *search;
- PK11Slot *slot;
- int transfer;
- unsigned long left;
-
- *pulObjectCount = 0;
- session = fort11_SessionFromHandle(hSession,PR_FALSE);
- slot = fort11_SlotFromSessionHandle(hSession);
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- if (session->search == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
- search = session->search;
- left = session->search->size - session->search->index;
- transfer = (ulMaxObjectCount > left) ? left : ulMaxObjectCount;
- PORT_Memcpy(phObject,&search->handles[search->index],
- transfer*sizeof(CK_OBJECT_HANDLE_PTR));
- search->index += transfer;
- if (search->index == search->size) {
- session->search = NULL;
- fort11_FreeSearch(search);
- }
- fort11_FreeSession(session);
- *pulObjectCount = transfer;
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_FindObjectsFinal finishes a search for token and session objects. */
-PR_PUBLIC_API(CK_RV) C_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
- FORT11_ENTER()
- PK11Session *session;
- PK11SearchResults *search;
- PK11Slot *slot;
-
- session = fort11_SessionFromHandle(hSession, PR_FALSE);
- slot = fort11_SlotFromSessionHandle(hSession);
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- search = session->search;
- session->search = NULL;
- if (search == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
- fort11_FreeSearch(search);
-
- /* UnloadPersonalityList(&fortezzaSockets[session->slot->slotID-1]); */
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_EncryptInit initializes an encryption operation. */
-PR_PUBLIC_API(CK_RV) C_EncryptInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Object *keyObject;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs = socket->maciSession;
- FortezzaKey *fortezzaKey;
- CI_IV fortezzaIV;
- int ciRV, registerIndex;
-
-
- if (pMechanism->mechanism != CKM_SKIPJACK_CBC64) {
- if (session) {
- fort11_FreeSession(session);
- }
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- keyObject = fort11_ObjectFromHandle (hKey, session);
-
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- ciRV = MACI_Select (hs, slot->slotID);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_SetMode(hs, CI_ENCRYPT_TYPE, CI_CBC64_MODE);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- /*Load the correct key into a key register*/
- fortezzaKey = (FortezzaKey*)keyObject->objectInfo;
- fort11_FreeObject (keyObject);
- if (fortezzaKey == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- if (fortezzaKey->keyRegister == KeyNotLoaded) {
- registerIndex = LoadKeyIntoRegister (fortezzaKey);
- } else {
- registerIndex = fortezzaKey->keyRegister;
- }
-
- if (registerIndex == KeyNotLoaded) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_SetKey (hs,registerIndex);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_GenerateIV(hs, fortezzaIV);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- context = &session->fortezzaContext;
- InitContext(context, socket, hKey);
- ciRV = SaveState(context, fortezzaIV, session, fortezzaKey,
- CI_ENCRYPT_EXT_TYPE, pMechanism->mechanism);
- if (ciRV != SOCKET_SUCCESS) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- if (pMechanism->pParameter != NULL &&
- pMechanism->ulParameterLen >= sizeof(CI_IV)) {
- PORT_Memcpy (pMechanism->pParameter, fortezzaIV, sizeof(CI_IV));
- }
-
- InitCryptoOperation(context, Encrypt);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_Encrypt encrypts single-part data. */
-PR_PUBLIC_API(CK_RV) C_Encrypt (CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle (hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs;
- CK_RV rv;
-
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession , PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
- if (GetCryptoOperation(context) != Encrypt) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- *pulEncryptedDataLen = ulDataLen;
- if (pEncryptedData == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- hs = socket->maciSession;
- FMUTEX_Lock(socket->registersLock);
- MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
- rv = EncryptData (context, pData, ulDataLen,
- pEncryptedData, *pulEncryptedDataLen);
- MACI_Unlock(hs);
- FMUTEX_Unlock(socket->registersLock);
-
- if (rv != SOCKET_SUCCESS) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- EndCryptoOperation(context, Encrypt);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_EncryptUpdate continues a multiple-part encryption operation. */
-PR_PUBLIC_API(CK_RV) C_EncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession,PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- int rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
-
- if (GetCryptoOperation(context) != Encrypt) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- if (pEncryptedPart == NULL) {
- *pulEncryptedPartLen = ulPartLen;
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- if (*pulEncryptedPartLen < ulPartLen) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
- }
-
- *pulEncryptedPartLen = ulPartLen;
-
- FMUTEX_Lock(socket->registersLock);
- MACI_Lock(socket->maciSession, CI_BLOCK_LOCK_FLAG);
- rv = EncryptData(context,pPart, ulPartLen, pEncryptedPart,
- *pulEncryptedPartLen);
- MACI_Unlock(socket->maciSession);
- FMUTEX_Unlock(socket->registersLock);
-
- fort11_FreeSession(session);
- if (rv != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_EncryptFinal finishes a multiple-part encryption operation. */
-PR_PUBLIC_API(CK_RV) C_EncryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart,
- CK_ULONG_PTR pulLastEncryptedPartLen){
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
- int rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
-
- rv = EndCryptoOperation(context, Encrypt);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-/* C_DecryptInit initializes a decryption operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptInit( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Object *keyObject;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs = socket->maciSession;
- FortezzaKey *fortezzaKey;
- CI_IV fortezzaIV;
- int ciRV, registerIndex;
-
- if (pMechanism->mechanism != CKM_SKIPJACK_CBC64) {
- if (session) fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- keyObject = fort11_ObjectFromHandle (hKey, session);
-
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- fortezzaKey = (FortezzaKey*)keyObject->objectInfo;
- fort11_FreeObject(keyObject);
-
- if (fortezzaKey == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- ciRV = MACI_Select (hs, slot->slotID);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_SetMode(hs, CI_DECRYPT_TYPE, CI_CBC64_MODE);
- if (ciRV != CI_OK) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- FMUTEX_Lock(socket->registersLock);
- if (fortezzaKey->keyRegister == KeyNotLoaded) {
- registerIndex = LoadKeyIntoRegister(fortezzaKey);
- } else {
- registerIndex = fortezzaKey->keyRegister;
- }
-
- if (registerIndex == KeyNotLoaded) {
- FMUTEX_Unlock(socket->registersLock);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- if (pMechanism->pParameter == NULL ||
- pMechanism->ulParameterLen < sizeof (CI_IV)) {
- FORT11_RETURN (CKR_MECHANISM_PARAM_INVALID);
- }
-
- PORT_Memcpy (fortezzaIV, pMechanism->pParameter, sizeof(CI_IV));
-
- ciRV = MACI_SetKey (hs, registerIndex);
- if (ciRV != CI_OK) {
- FMUTEX_Unlock(socket->registersLock);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_LoadIV (hs, fortezzaIV);
- if (ciRV != CI_OK) {
- FMUTEX_Unlock(socket->registersLock);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- context = &session->fortezzaContext;
- InitContext(context, socket, hKey);
- ciRV = SaveState (context, fortezzaIV, session, fortezzaKey,
- CI_DECRYPT_EXT_TYPE, pMechanism->mechanism);
-
- FMUTEX_Unlock(socket->registersLock);
-
- if (ciRV != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- InitCryptoOperation (context, Decrypt);
- fort11_FreeSession (session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-PR_PUBLIC_API(CK_RV) C_Decrypt(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle (hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs;
- CK_RV rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
-
- if (GetCryptoOperation(context) != Decrypt) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- *pulDataLen = ulEncryptedDataLen;
- if (pData == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- hs = socket->maciSession;
- FMUTEX_Lock(socket->registersLock);
- MACI_Lock(hs, CI_NULL_FLAG);
- rv = DecryptData (context, pEncryptedData, ulEncryptedDataLen,
- pData, *pulDataLen);
- MACI_Unlock(hs);
- FMUTEX_Unlock(socket->registersLock);
- if (rv != SOCKET_SUCCESS) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- EndCryptoOperation (context, Decrypt);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_DecryptUpdate continues a multiple-part decryption operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession,PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- HSESSION hs;
- int rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession (session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
- hs = socket->maciSession;
-
- if (GetCryptoOperation(context) != Decrypt) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- if (pPart == NULL) {
- *pulPartLen = ulEncryptedPartLen;
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- *pulPartLen = ulEncryptedPartLen;
-
- FMUTEX_Lock(socket->registersLock);
- MACI_Lock (hs, CI_NULL_FLAG);
- rv = DecryptData (context, pEncryptedPart, ulEncryptedPartLen, pPart,
- *pulPartLen);
- MACI_Unlock(hs);
- FMUTEX_Unlock(socket->registersLock);
-
- fort11_FreeSession(session);
-
- if (rv != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_DecryptFinal finishes a multiple-part decryption operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart,
- CK_ULONG_PTR pulLastPartLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
- EndCryptoOperation (context, Decrypt);
-
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/*
- ************** Crypto Functions: Digest (HASH) ************************
- */
-
-/* C_DigestInit initializes a message-digesting operation. */
-PR_PUBLIC_API(CK_RV) C_DigestInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_Digest digests data in a single part. */
-PR_PUBLIC_API(CK_RV) C_Digest(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting operation. */
-PR_PUBLIC_API(CK_RV) C_DigestUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting operation. */
-PR_PUBLIC_API(CK_RV) C_DigestFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/*
- ************** Crypto Functions: Sign ************************
- */
-
-/* C_SignInit initializes a signature (private key encryption) operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_SignInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle (hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Object *keyObject;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- FortezzaContext *context;
- PK11Attribute *idAttribute;
- int personalityIndex;
- HSESSION hs = socket->maciSession;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (pMechanism->mechanism != CKM_DSA) {
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- keyObject = fort11_ObjectFromHandle (hKey, session);
-
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- context = &session->fortezzaContext;
- InitContext(context, socket, hKey);
- InitCryptoOperation (context, Sign);
- fort11_FreeSession(session);
-
- idAttribute = fort11_FindAttribute(keyObject, CKA_ID);
- fort11_FreeObject(keyObject);
-
- if (idAttribute == NULL) {
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- personalityIndex = *(int*)(idAttribute->attrib.pValue);
- fort11_FreeAttribute(idAttribute);
-
- MACI_Select (hs, slot->slotID);
- if (MACI_SetPersonality (hs,personalityIndex) != CI_OK) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_Sign(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen) {
-
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- HSESSION hs = socket->maciSession;
- PK11Object *keyObject;
- PK11Attribute *idAttribute;
- int ciRV, personalityIndex;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
-
- context = &session->fortezzaContext;
- if (GetCryptoOperation(context) != Sign) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OPERATION_NOT_INITIALIZED);
- }
-
- if (pSignature == NULL) {
- *pulSignatureLen = 40;
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- if (ulDataLen > 20) {
- FORT11_RETURN (CKR_DATA_LEN_RANGE);
- }
-
- if (*pulSignatureLen < 40) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
- }
- *pulSignatureLen = 40;
-
- keyObject = fort11_ObjectFromHandle(context->hKey, session);
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN(CKR_GENERAL_ERROR);
- }
-
- idAttribute = fort11_FindAttribute(keyObject, CKA_ID);
- fort11_FreeObject(keyObject);
-
- personalityIndex = *(int*)(idAttribute->attrib.pValue);
- fort11_FreeAttribute(idAttribute);
-
- MACI_Select(hs, slot->slotID);
-
- MACI_Lock(hs, CI_BLOCK_LOCK_FLAG);
- ciRV = MACI_SetPersonality(hs, personalityIndex);
- if (ciRV != CI_OK) {
- MACI_Unlock(hs);
- fort11_FreeSession(session);
- FORT11_RETURN(CKR_DEVICE_ERROR);
- }
-
- ciRV = MACI_Sign (hs, pData, pSignature);
- if (ciRV != CI_OK) {
- MACI_Unlock(hs);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- MACI_Unlock(hs);
- EndCryptoOperation (context, Sign);
- fort11_FreeSession(session);
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_SignUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SignFinal finishes a multiple-part signature operation,
- * FORT11_RETURNing the signature. */
-PR_PUBLIC_API(CK_RV) C_SignFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- ************** Crypto Functions: Sign Recover ************************
- */
-/* C_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-PR_PUBLIC_API(CK_RV) C_SignRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-PR_PUBLIC_API(CK_RV) C_SignRecover(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- ************** Crypto Functions: verify ************************
- */
-
-/* C_VerifyInit initializes a verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
-PR_PUBLIC_API(CK_RV) C_VerifyInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_Verify(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,
- CK_ULONG ulDataLen,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_VerifyUpdate continues a multiple-part verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-PR_PUBLIC_API(CK_RV) C_VerifyUpdate( CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_VerifyFinal finishes a multiple-part verification operation,
- * checking the signature. */
-PR_PUBLIC_API(CK_RV) C_VerifyFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- ************** Crypto Functions: Verify Recover ************************
- */
-
-/* C_VerifyRecoverInit initializes a signature verification operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-PR_PUBLIC_API(CK_RV) C_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey) {
- /* For functions that don't access globals, we don't have to worry about the
- * stack.
- */
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_VerifyRecover verifies a signature in a single-part operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-PR_PUBLIC_API(CK_RV) C_VerifyRecover(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,
- CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/*
- **************************** Key Functions: ************************
- */
-
-#define MAX_KEY_LEN 256
-/* C_GenerateKey generates a secret key, creating a new key object. */
-PR_PUBLIC_API(CK_RV) C_GenerateKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- PK11Object *key;
- FortezzaKey *newKey;
- int i, keyRegister;
- CK_ULONG key_length = 0;
- CK_RV crv = CKR_OK;
- CK_OBJECT_CLASS secretKey = CKO_SECRET_KEY;
- CK_BBOOL False = FALSE;
- CK_BBOOL cktrue = TRUE;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
- if (pMechanism->mechanism != CKM_SKIPJACK_KEY_GEN) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- key = fort11_NewObject(slot);
-
- if (key == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
-
- for (i=0; i < (int) ulCount; i++) {
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG *)pTemplate[i].pValue;
- continue;
- }
- crv = fort11_AddAttributeType (key, pk11_attr_expand (&pTemplate[i]));
- if (crv != CKR_OK)
- break;
- }
-
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
-
- /* make sure we don't have any class, key_type, or value fields */
- fort11_DeleteAttributeType(key,CKA_CLASS);
- fort11_DeleteAttributeType(key,CKA_KEY_TYPE);
- fort11_DeleteAttributeType(key,CKA_VALUE);
-
- if (MAX_KEY_LEN < key_length) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- }
-
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
-
- if (fort11_AddAttributeType(key, CKA_CLASS,&secretKey,
- sizeof(CK_OBJECT_CLASS)) != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- if (fort11_AddAttributeType(key, CKA_TOKEN, &False,
- sizeof(CK_BBOOL)) != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- if (fort11_isTrue(key,CKA_SENSITIVE)) {
- fort11_forceAttribute(key,CKA_ALWAYS_SENSITIVE,&cktrue,
- sizeof(CK_BBOOL));
- }
- if (!fort11_isTrue(key,CKA_EXTRACTABLE)) {
- fort11_forceAttribute(key,CKA_NEVER_EXTRACTABLE,&cktrue,
- sizeof(CK_BBOOL));
- }
-
- FMUTEX_Lock(socket->registersLock);
-
- keyRegister = GetBestKeyRegister(socket);
- newKey = NewFortezzaKey(socket, MEK, NULL, keyRegister);
-
- FMUTEX_Unlock(socket->registersLock);
-
- if (newKey == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
-
- key->objectInfo = (void*)newKey;
- key->infoFree = fort11_FreeFortezzaKey;
-
- FMUTEX_Lock(slot->objectLock);
- key->handle = slot->tokenIDCount++;
- key->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
-
- key->objclass = secretKey;
- key->slot = slot;
- key->inDB = PR_TRUE;
-
- fort11_AddObject(session, key);
- fort11_FreeSession(session);
- SetFortezzaKeyHandle(newKey, key->handle);
- *phKey = key->handle;
-
- FORT11_RETURN (CKR_OK);
-
-}
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
-PR_PUBLIC_API(CK_RV) C_GenerateKeyPair
- (CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount,
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount,
- CK_OBJECT_HANDLE_PTR phPrivateKey,
- CK_OBJECT_HANDLE_PTR phPublicKey) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-PR_PUBLIC_API(CK_RV) C_WrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle (hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- PK11Object *wrapKey;
- PK11Object *srcKey;
- FortezzaKey *wrapFortKey;
- FortezzaKey *srcFortKey;
- int rv;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (!socket->isLoggedIn) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- if (pMechanism->mechanism != CKM_SKIPJACK_WRAP) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- wrapKey = fort11_ObjectFromHandle (hWrappingKey, session);
- if ((wrapKey == NULL) || (wrapKey->objectInfo == NULL)) {
- if (wrapKey)
- fort11_FreeObject(wrapKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- srcKey = fort11_ObjectFromHandle (hKey, session);
- fort11_FreeSession(session);
- if ((srcKey == NULL) || (srcKey->objectInfo == NULL)) {
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- wrapFortKey = (FortezzaKey*)wrapKey->objectInfo;
- fort11_FreeObject(wrapKey);
-
- srcFortKey = (FortezzaKey*)srcKey->objectInfo;
- fort11_FreeObject(srcKey);
-
- FMUTEX_Lock(socket->registersLock);
- if (wrapFortKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister(wrapFortKey) == KeyNotLoaded) {
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
-
- if (srcFortKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister(srcFortKey) == KeyNotLoaded) {
- FMUTEX_Unlock(socket->registersLock);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
-
- MACI_Lock(socket->maciSession, CI_BLOCK_LOCK_FLAG);
- rv = WrapKey (wrapFortKey, srcFortKey, pWrappedKey, *pulWrappedKeyLen);
- MACI_Unlock(socket->maciSession);
- FMUTEX_Unlock(socket->registersLock);
-
- if (rv != SOCKET_SUCCESS) {
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
-PR_PUBLIC_API(CK_RV) C_UnwrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey,
- CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- PK11Object *wrapKey;
- PK11Object *newKey;
- FortezzaKey *fortKey;
- FortezzaKey *unwrapFort;
- CK_ULONG key_length;
- int i, newKeyRegister;
- CK_RV crv = CKR_OK;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (pMechanism->mechanism != CKM_SKIPJACK_WRAP){
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- if (!socket->isLoggedIn) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_USER_NOT_LOGGED_IN);
- }
-
- wrapKey = fort11_ObjectFromHandle(hUnwrappingKey, session);
- if (wrapKey == NULL || wrapKey->objectInfo == NULL) {
- if (wrapKey)
- fort11_FreeObject(wrapKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_UNWRAPPING_KEY_HANDLE_INVALID);
- }
-
- fortKey = (FortezzaKey*)wrapKey->objectInfo;
- fort11_FreeObject(wrapKey);
-
- newKey = fort11_NewObject(slot);
- if (newKey == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
-
- for (i=0; i< (int)ulAttributeCount; i++) {
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG*)pTemplate[i].pValue;
- continue;
- }
- crv=fort11_AddAttributeType(newKey,fort11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) {
- break;
- }
- }
-
- if (crv != CKR_OK) {
- fort11_FreeSession(session);
- fort11_FreeObject(newKey);
- FORT11_RETURN (crv);
- }
-
- /* make sure we don't have any class, key_type, or value fields */
- if (!fort11_hasAttribute(newKey,CKA_CLASS)) {
- fort11_FreeObject(newKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_TEMPLATE_INCOMPLETE);
- }
- if (!fort11_hasAttribute(newKey,CKA_KEY_TYPE)) {
- fort11_FreeObject(newKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_TEMPLATE_INCOMPLETE);
- }
-
- FMUTEX_Lock(socket->registersLock);
- newKeyRegister = UnwrapKey (pWrappedKey, fortKey);
- if (newKeyRegister == KeyNotLoaded) {
- /*Couldn't Unwrap the key*/
- fort11_FreeObject(newKey);
- fort11_FreeSession(session);
- FMUTEX_Unlock(socket->registersLock);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- unwrapFort = NewUnwrappedKey(newKeyRegister, fortKey->id, socket);
- FMUTEX_Unlock(socket->registersLock);
-
- if (unwrapFort == NULL) {
- fort11_FreeObject(newKey);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
- newKey->objectInfo = unwrapFort;
- newKey->infoFree = fort11_FreeFortezzaKey;
-
- FMUTEX_Lock(slot->objectLock);
- newKey->handle = slot->tokenIDCount++;
- newKey->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
- newKey->objclass = CKO_SECRET_KEY;
- newKey->slot = slot;
- newKey->inDB = PR_TRUE;
-
- fort11_AddObject (session, newKey);
- fort11_FreeSession(session);
-
- SetFortezzaKeyHandle(unwrapFort, newKey->handle);
- *phKey = newKey->handle;
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key object. */
-PR_PUBLIC_API(CK_RV) C_DeriveKey( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaSocket *socket = &fortezzaSockets[slot->slotID-1];
- PK11Object *key, *sourceKey;
- CK_ULONG i;
- CK_ULONG key_length = 0;
- CK_RV crv = 0;
- CK_KEY_TYPE keyType = CKK_SKIPJACK;
- CK_OBJECT_CLASS classType = CKO_SECRET_KEY;
- CK_BBOOL ckTrue = TRUE;
- CK_BBOOL ckFalse = FALSE;
- int ciRV;
- int personality;
- PK11Attribute *att;
-
- CK_KEA_DERIVE_PARAMS_PTR params;
- FortezzaKey *derivedKey;
- CreateTEKInfo tekInfo;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (pMechanism->mechanism != CKM_KEA_KEY_DERIVE) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_INVALID);
- }
-
- key = fort11_NewObject (slot);
-
- if (key == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_HOST_MEMORY);
- }
-
- for (i = 0; i < ulAttributeCount; i++) {
- crv = fort11_AddAttributeType (key, fort11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) {
- break;
- }
- if (pTemplate[i].type == CKA_KEY_TYPE) {
- keyType = *(CK_KEY_TYPE*)pTemplate[i].pValue;
- } else if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG*)pTemplate[i].pValue;
- }
- }
-
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
-
- if (key_length == 0) {
- key_length = 12;
- }
-
- classType = CKO_SECRET_KEY;
- crv = fort11_forceAttribute (key, CKA_CLASS, &classType,
- sizeof(classType));
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
- crv = fort11_forceAttribute (key, CKA_SENSITIVE, &ckTrue,
- sizeof(CK_BBOOL));
- if (crv != CKR_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (crv);
- }
- crv = fort11_forceAttribute (key, CKA_EXTRACTABLE, &ckFalse,
- sizeof(CK_BBOOL));
- if (crv != CKR_OK) {
- fort11_FreeSession(session);
- fort11_FreeObject(key);
- FORT11_RETURN (crv);
- }
-
- sourceKey = fort11_ObjectFromHandle (hBaseKey, session);
-
- if (sourceKey == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
-
- att = fort11_FindAttribute(sourceKey,CKA_ID);
- fort11_FreeObject(sourceKey);
- if (att == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_TYPE_INCONSISTENT);
- }
- personality = *(int *) att->attrib.pValue;
- fort11_FreeAttribute(att);
-
- params = (CK_KEA_DERIVE_PARAMS_PTR)pMechanism->pParameter;
-
- if (params == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_MECHANISM_PARAM_INVALID);
- }
-
- ciRV = MACI_SetPersonality(socket->maciSession,personality);
- if (ciRV != CI_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- /*
- * If we're sending, generate our own RA.
- */
- if (params->isSender) {
- ciRV = MACI_GenerateRa(socket->maciSession,params->pRandomA);
- if (ciRV != CI_OK) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
- PORT_Memcpy (tekInfo.Ra, params->pRandomA, params->ulRandomLen);
- PORT_Memcpy (tekInfo.Rb, params->pRandomB, params->ulRandomLen);
- tekInfo.randomLen = params->ulRandomLen;
- tekInfo.personality = personality;
- tekInfo.flag = (params->isSender) ? CI_INITIATOR_FLAG : CI_RECIPIENT_FLAG;
-
- PORT_Memcpy (tekInfo.pY, params->pPublicData, params->ulPublicDataLen);
- tekInfo.YSize = params->ulPublicDataLen;
-
- FMUTEX_Lock(socket->registersLock);
- derivedKey = NewFortezzaKey(socket, TEK, &tekInfo,
- GetBestKeyRegister(socket));
- FMUTEX_Unlock(socket->registersLock);
-
- if (derivedKey == NULL) {
- fort11_FreeObject(key);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_GENERAL_ERROR);
- }
-
- key->objectInfo = derivedKey;
- key->infoFree = fort11_FreeFortezzaKey;
-
- FMUTEX_Lock(slot->objectLock);
- key->handle = slot->tokenIDCount++;
- key->handle |= (PK11_TOKEN_MAGIC | PK11_TOKEN_TYPE_PRIV);
- FMUTEX_Unlock(slot->objectLock);
- key->objclass = classType;
- key->slot = slot;
- key->inDB = PR_TRUE;
-
- fort11_AddObject (session, key);
- fort11_FreeSession(session);
-
- SetFortezzaKeyHandle(derivedKey, key->handle);
- *phKey = key->handle;
-
- FORT11_RETURN (CKR_OK);
-}
-
-/*
- **************************** Random Functions: ************************
- */
-
-/* C_SeedRandom mixes additional seed material into the token's random number
- * generator. */
-PR_PUBLIC_API(CK_RV) C_SeedRandom(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_GenerateRandom generates random data. */
-PR_PUBLIC_API(CK_RV) C_GenerateRandom(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData,
- CK_ULONG ulRandomLen) {
- FORT11_ENTER()
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- PK11Session *session = fort11_SessionFromHandle(hSession,PR_FALSE);
- CI_RANDOM randomNum;
- CK_ULONG randomSize = sizeof (CI_RANDOM);
- int ciRV;
- CK_ULONG bytesCopied = 0, bytesToCopy;
- CK_ULONG bufferSize = 0, bytesRemaining;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle (hSession, PR_TRUE);
- fort11_TokenRemoved(slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- fort11_FreeSession(session);
- ciRV = MACI_Select(fortezzaSockets[slot->slotID-1].maciSession,
- slot->slotID);
- if (ciRV != CI_OK) {
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- while (bytesCopied < ulRandomLen) {
- bytesRemaining = ulRandomLen - bytesCopied;
- if (bufferSize < bytesRemaining) {
- ciRV =
- MACI_GenerateRandom(fortezzaSockets[slot->slotID-1].maciSession,
- randomNum);
- if (ciRV != CI_OK)
- FORT11_RETURN (CKR_DEVICE_ERROR);
- bufferSize = randomSize;
- }
- bytesToCopy = (bytesRemaining > randomSize) ? randomSize :
- bytesRemaining;
-
- PORT_Memcpy (&pRandomData[bytesCopied],
- &randomNum[randomSize-bufferSize], bytesToCopy);
-
- bytesCopied += bytesToCopy;
- bufferSize -= bytesToCopy;
- }
-
- FORT11_RETURN (CKR_OK);
-}
-
-
-/* C_GetFunctionStatus obtains an updated status of a function running
- * in parallel with an application. */
-PR_PUBLIC_API(CK_RV) C_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_CancelFunction cancels a function running in parallel */
-PR_PUBLIC_API(CK_RV) C_CancelFunction(CK_SESSION_HANDLE hSession) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_GetOperationState saves the state of the cryptographic
- *operation in a session. */
-PR_PUBLIC_API(CK_RV) C_GetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG_PTR pulOperationStateLen) {
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (pOperationState == NULL) {
- *pulOperationStateLen = sizeof (FortezzaContext);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_OK);
- }
-
- if (*pulOperationStateLen < sizeof (FortezzaContext)) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_BUFFER_TOO_SMALL);
- }
-
- context = &session->fortezzaContext;
- fort11_FreeSession(session);
- PORT_Memcpy (pOperationState, context, sizeof(FortezzaContext));
- ((FortezzaContext *)pOperationState)->session = NULL;
- ((FortezzaContext *)pOperationState)->fortezzaKey = NULL;
- *pulOperationStateLen = sizeof(FortezzaContext);
- FORT11_RETURN (CKR_OK);
-}
-
-
-
-/* C_SetOperationState restores the state of the cryptographic operation in a session. */
-PR_PUBLIC_API(CK_RV) C_SetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState,
- CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey,
- CK_OBJECT_HANDLE hAuthenticationKey){
- FORT11_ENTER()
- PK11Session *session = fort11_SessionFromHandle(hSession, PR_FALSE);
- PK11Slot *slot = fort11_SlotFromSessionHandle(hSession);
- FortezzaContext *context;
- FortezzaContext passedInCxt;
- PK11Object *keyObject;
- FortezzaKey *fortKey;
-
- if (session == NULL) {
- session = fort11_SessionFromHandle(hSession, PR_TRUE);
- fort11_TokenRemoved (slot, session);
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SESSION_HANDLE_INVALID);
- }
-
- if (ulOperationStateLen != sizeof(FortezzaContext)) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SAVED_STATE_INVALID);
- }
-
- PORT_Memcpy(&passedInCxt, pOperationState, sizeof(FortezzaContext));
- if (passedInCxt.fortezzaSocket->slotID != slot->slotID) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SAVED_STATE_INVALID);
- }
- passedInCxt.session = NULL;
- passedInCxt.fortezzaKey = NULL;
-
- if (hEncryptionKey != 0) {
- keyObject = fort11_ObjectFromHandle(hEncryptionKey, session);
- if (keyObject == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_KEY_HANDLE_INVALID);
- }
- fortKey = (FortezzaKey*)keyObject->objectInfo;
- fort11_FreeObject(keyObject);
- if (fortKey == NULL) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_SAVED_STATE_INVALID);
- }
- if (fortKey->keyRegister == KeyNotLoaded) {
- if (LoadKeyIntoRegister (fortKey) == KeyNotLoaded) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
- }
- passedInCxt.fortezzaKey = fortKey;
-
- }
- if (hAuthenticationKey != 0) {
- fort11_FreeSession(session);
- FORT11_RETURN (CKR_DEVICE_ERROR);
- }
-
- passedInCxt.session = session;
- context = &session->fortezzaContext;
- fort11_FreeSession (session);
- PORT_Memcpy (context, &passedInCxt, sizeof(passedInCxt));
-
- FORT11_RETURN (CKR_OK);
-}
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting and
- encryption operation. */
-PR_PUBLIC_API(CK_RV) C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen){
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and digesting
- operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart,
- CK_ULONG_PTR pulPartLen){
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and encryption
- operation. */
-PR_PUBLIC_API(CK_RV) C_SignEncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,
- CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen){
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and verify
- operation. */
-PR_PUBLIC_API(CK_RV) C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,
- CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen){
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-/* C_DigestKey continues a multi-part message-digesting operation,
- * by digesting the value of a secret key as part of the data already digested.
- */
-PR_PUBLIC_API(CK_RV) C_DigestKey(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hKey) {
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
-
-PR_PUBLIC_API(CK_RV) C_WaitForSlotEvent(CK_FLAGS flags,
- CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pRserved) {
- return CKR_FUNCTION_FAILED;
-}
-
diff --git a/security/nss/lib/fortcrypt/fortsock.h b/security/nss/lib/fortcrypt/fortsock.h
deleted file mode 100644
index f74fc80b8..000000000
--- a/security/nss/lib/fortcrypt/fortsock.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef FORSOCK_H_
-#define FORSOCK_H_
-
-#include "seccomon.h"
-#include "fpkcs11.h"
-#include "fpkcs11i.h"
-#include "fpkstrs.h"
-
-
-#ifndef prtypes_h___
-typedef enum { PR_FALSE, PR_TRUE }PRBool;
-#endif
-
-
-#define SOCKET_SUCCESS 0
-#define SOCKET_FAILURE 1
-
-#define KeyNotLoaded -1
-#define NoCryptoType -1
-#define NoCryptoMode -1
-#define NO_MECHANISM 0xFFFFFFFFL
-
-
-/*Get the Fortezza context in here*/
-
-int InitSocket (FortezzaSocket *inSocket, int inSlotID);
-int FreeSocket (FortezzaSocket *inSocket);
-
-int FetchPersonalityList (FortezzaSocket *inSocket);
-int UnloadPersonalityList(FortezzaSocket *inSocket);
-
-int LoginToSocket (FortezzaSocket *inSocket, int inUserType, CI_PIN inPin);
-
-int LogoutFromSocket (FortezzaSocket *inSocket);
-
-PRBool SocketStateUnchanged(FortezzaSocket* inSocket);
-
-int GetBestKeyRegister(FortezzaSocket *inSocket);
-
-FortezzaKey *NewFortezzaKey(FortezzaSocket *inSocket,
- FortezzaKeyType inKeyType,
- CreateTEKInfo *TEKinfo,
- int inKeyRegister);
-FortezzaKey *NewUnwrappedKey(int inKeyRegister, int i,
- FortezzaSocket *inSocket);
-
-int LoadKeyIntoRegister (FortezzaKey *inKey);
-int SetFortezzaKeyHandle (FortezzaKey *inKey, CK_OBJECT_HANDLE inHandle);
-void RemoveKey (FortezzaKey *inKey);
-
-void InitContext(FortezzaContext *inContext, FortezzaSocket *inSocket,
- CK_OBJECT_HANDLE hKey);
-int InitCryptoOperation (FortezzaContext *inContext,
- CryptoType inCryptoOperation);
-int EndCryptoOperation (FortezzaContext *inContext,
- CryptoType inCryptoOperation);
-CryptoType GetCryptoOperation (FortezzaContext *inContext);
-int EncryptData (FortezzaContext *inContext, CK_BYTE_PTR inData,
- CK_ULONG inDataLen, CK_BYTE_PTR inDest,
- CK_ULONG inDestLen);
-int DecryptData (FortezzaContext *inContext, CK_BYTE_PTR inData,
- CK_ULONG inDataLen, CK_BYTE_PTR inDest,
- CK_ULONG inDestLen);
-
-int SaveState (FortezzaContext *inContext, CI_IV inIV,
- PK11Session *inSession, FortezzaKey *inKey,
- int inCryptoType, CK_MECHANISM_TYPE inMechanism);
-
-int WrapKey (FortezzaKey *wrappingKey, FortezzaKey *srcKey,
- CK_BYTE_PTR pDest, CK_ULONG ulDestLen);
-int UnwrapKey (CK_BYTE_PTR inWrappedKey, FortezzaKey *inKey);
-
-#endif /*SOCKET_H_*/
diff --git a/security/nss/lib/fortcrypt/fpkcs11.h b/security/nss/lib/fortcrypt/fpkcs11.h
deleted file mode 100644
index 09f3dfe29..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* Define API */
-#ifndef _FPKCS11_H_
-#define _FPKCS11_H_ 1
-
-#include "seccomon.h"
-
-#ifndef FALSE
-#define FALSE 0
-#endif
-
-#ifndef TRUE
-#define TRUE (!FALSE)
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* All the various pkcs11 types and #define'd values are in the file */
-/* pkcs11t.h. CK_PTR should be defined there, too; it's the recipe for */
-/* making pointers. */
-#include "fpkcs11t.h"
-
-#define __PASTE(x,y) x##y
-
-/* ================================================================= */
-/* Define the "extern" form of all the entry points */
-
-#define CK_EXTERN extern
-#define CK_FUNC(name) CK_ENTRY name
-#define CK_NEED_ARG_LIST 1
-#define _CK_RV PR_PUBLIC_API(CK_RV)
-
-/* pkcs11f.h has all the information about the PKCS #11 functions. */
-#include "fpkcs11f.h"
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-/* ================================================================= */
-/* Define the typedef form of all the entry points. */
-/* That is, for each Cryptoki function C_XXX, define a type CK_C_XXX */
-/* which is a pointer to that kind of function. */
-
-#define CK_EXTERN typedef
-#define CK_FUNC(name) CK_ENTRY (CK_PTR __PASTE(CK_,name))
-#define CK_NEED_ARG_LIST 1
-#define _CK_RV CK_RV
-
-#include "fpkcs11f.h"
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef CK_NEED_ARG_LIST
-#undef _CK_RV
-
-/* =================================================================
- * Define structed vector of entry points.
- * The CK_FUNCTION_LIST contains a CK_VERSION indicating the PKCS #11
- * version, and then a whole slew of function pointers to the routines
- * in the library. This type was declared, but not defined, in
- * pkcs11t.h. */
-
-
-/* These data types are platform/implementation dependent. */
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win32 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(push, cryptoki, 1)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win16 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(push, 1)
-#else /* not Watcom 16-bit */
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win16 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(1)
-#endif
-#endif
-#else /* not windows */
-#define CK_ENTRY
-#define CK_PTR * /* definition for UNIX */
-#define NULL_PTR 0 /* NULL pointer */
-#endif
-
-
-#define CK_EXTERN
-#define CK_FUNC(name) __PASTE(CK_,name) name;
-#define _CK_RV
-
-struct CK_FUNCTION_LIST {
-
- CK_VERSION version; /* PKCS #11 version */
-
-/* Pile all the function pointers into it. */
-#include "fpkcs11f.h"
-
-};
-
-#undef CK_FUNC
-#undef CK_EXTERN
-#undef _CK_RV
-
-
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#pragma pack(pop, cryptoki)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#pragma pack(pop)
-#else /* not Watcom 16-bit */
-#pragma pack()
-#endif
-#endif
-#endif
-
-
-#undef __PASTE
-/* ================================================================= */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/security/nss/lib/fortcrypt/fpkcs11f.h b/security/nss/lib/fortcrypt/fpkcs11f.h
deleted file mode 100644
index 6fa7e755d..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11f.h
+++ /dev/null
@@ -1,953 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* This function contains pretty much everything about all */
-/* the PKCS #11 function prototypes. */
-
-/* General-purpose */
-
-/* C_Initialize initializes the PKCS #11 library. */
-CK_EXTERN _CK_RV CK_FUNC(C_Initialize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
-);
-#endif
-
-
-/* C_Finalize indicates that an application is done with the PKCS #11
- * library. */
-CK_EXTERN _CK_RV CK_FUNC(C_Finalize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
-);
-#endif
-
-
-/* C_GetInfo returns general information about PKCS #11. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_INFO_PTR pInfo /* location that receives the information */
-);
-#endif
-
-
-/* C_GetFunctionList returns the function list. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetFunctionList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives ptr to function
-list */
-);
-#endif
-
-
-
-/* Slot and token management */
-
-/* C_GetSlotList obtains a list of slots in the system. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetSlotList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_BBOOL tokenPresent, /* only slots with token present */
- CK_SLOT_ID_PTR pSlotList, /* receives the array of slot IDs */
- CK_ULONG_PTR pulCount /* receives the number of slots */
-);
-#endif
-
-
-/* C_GetSlotInfo obtains information about a particular slot in the
-system. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetSlotInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the ID of the slot */
- CK_SLOT_INFO_PTR pInfo /* receives the slot information */
-);
-#endif
-
-
-/* C_GetTokenInfo obtains information about a particular token in the
- * system. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetTokenInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_TOKEN_INFO_PTR pInfo /* receives the token information */
-);
-#endif
-
-
-/* C_GetMechanismList obtains a list of mechanism types supported by
- * a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetMechanismList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_MECHANISM_TYPE_PTR pMechanismList, /* receives mech. types array
-*/
- CK_ULONG_PTR pulCount /* receives number of mechs. */
-);
-#endif
-
-
-/* C_GetMechanismInfo obtains information about a particular mechanism
- * possibly supported by a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetMechanismInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_MECHANISM_TYPE type, /* type of mechanism */
- CK_MECHANISM_INFO_PTR pInfo /* receives mechanism information */
-);
-#endif
-
-
-/* C_InitToken initializes a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_InitToken)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_CHAR_PTR pPin, /* the SO's initial PIN */
- CK_ULONG ulPinLen, /* length in bytes of the PIN */
- CK_CHAR_PTR pLabel /* 32-byte token label (blank padded) */
-);
-#endif
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-CK_EXTERN _CK_RV CK_FUNC(C_InitPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_CHAR_PTR pPin, /* the normal user's PIN */
- CK_ULONG ulPinLen /* length in bytes of the PIN */
-);
-#endif
-
-
-/* C_SetPIN modifies the PIN of user that is currently logged in. */
-CK_EXTERN _CK_RV CK_FUNC(C_SetPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_CHAR_PTR pOldPin, /* the old PIN */
- CK_ULONG ulOldLen, /* length of the old PIN */
- CK_CHAR_PTR pNewPin, /* the new PIN */
- CK_ULONG ulNewLen /* length of the new PIN */
-);
-#endif
-
-
-
-/* Session management */
-
-/* C_OpenSession opens a session between an application and a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_OpenSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the slot's ID */
- CK_FLAGS flags, /* defined in CK_SESSION_INFO */
- CK_VOID_PTR pApplication, /* pointer passed to callback */
- CK_NOTIFY Notify, /* notification callback function
-*/
- CK_SESSION_HANDLE_PTR phSession /* receives new session handle */
-);
-#endif
-
-
-/* C_CloseSession closes a session between an application and a token.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_CloseSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_CloseAllSessions)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID /* the token's slot */
-);
-#endif
-
-
-/* C_GetSessionInfo obtains information about the session. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetSessionInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_SESSION_INFO_PTR pInfo /* receives session information */
-);
-#endif
-
-
-/* C_GetOperationState obtains the state of the cryptographic operation
- * in a session. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pOperationState, /* location receiving state */
- CK_ULONG_PTR pulOperationStateLen /* location receiving state
-length */
-);
-#endif
-
-
-/* C_SetOperationState restores the state of the cryptographic operation
- * in a session. */
-CK_EXTERN _CK_RV CK_FUNC(C_SetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pOperationState, /* the location holding the
-state */
- CK_ULONG ulOperationStateLen, /* location holding state
-length */
- CK_OBJECT_HANDLE hEncryptionKey, /* handle of en/decryption key
-*/
- CK_OBJECT_HANDLE hAuthenticationKey /* handle of sign/verify key */
-);
-#endif
-
-
-/* C_Login logs a user into a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_Login)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_USER_TYPE userType, /* the user type */
- CK_CHAR_PTR pPin, /* the user's PIN */
- CK_ULONG ulPinLen /* the length of the PIN */
-);
-#endif
-
-
-/* C_Logout logs a user out from a token. */
-CK_EXTERN _CK_RV CK_FUNC(C_Logout)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Object management */
-
-/* C_CreateObject creates a new object. */
-CK_EXTERN _CK_RV CK_FUNC(C_CreateObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phObject /* receives new object's handle. */
-);
-#endif
-
-
-/* C_CopyObject copies an object, creating a new object for the copy. */
-CK_EXTERN _CK_RV CK_FUNC(C_CopyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
-);
-#endif
-
-
-/* C_DestroyObject destroys an object. */
-CK_EXTERN _CK_RV CK_FUNC(C_DestroyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject /* the object's handle */
-);
-#endif
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetObjectSize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ULONG_PTR pulSize /* receives size of object */
-);
-#endif
-
-
-/* C_GetAttributeValue obtains the value of one or more object
-attributes. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attributes, gets values */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_SetAttributeValue modifies the value of one or more object
-attributes */
-CK_EXTERN _CK_RV CK_FUNC(C_SetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attributes and values */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_FindObjectsInit initializes a search for token and session objects
- * that match a template. */
-CK_EXTERN _CK_RV CK_FUNC(C_FindObjectsInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
- CK_ULONG ulCount /* attributes in search template */
-);
-#endif
-
-
-/* C_FindObjects continues a search for token and session objects
- * that match a template, obtaining additional object handles. */
-CK_EXTERN _CK_RV CK_FUNC(C_FindObjects)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE_PTR phObject, /* receives object handle array
-*/
- CK_ULONG ulMaxObjectCount, /* max handles to be returned
-*/
- CK_ULONG_PTR pulObjectCount /* actual number returned */
-);
-#endif
-
-
-/* C_FindObjectsFinal finishes a search for token and session objects.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_FindObjectsFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Encryption and decryption */
-
-/* C_EncryptInit initializes an encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_EncryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of encryption key */
-);
-#endif
-
-
-/* C_Encrypt encrypts single-part data. */
-CK_EXTERN _CK_RV CK_FUNC(C_Encrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the plaintext data */
- CK_ULONG ulDataLen, /* bytes of plaintext data */
- CK_BYTE_PTR pEncryptedData, /* receives encrypted data */
- CK_ULONG_PTR pulEncryptedDataLen /* receives encrypted byte
-count */
-);
-#endif
-
-
-/* C_EncryptUpdate continues a multiple-part encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_EncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* bytes of plaintext data */
- CK_BYTE_PTR pEncryptedPart, /* receives encrypted data */
- CK_ULONG_PTR pulEncryptedPartLen /* receives encrypted byte count
-*/
-);
-#endif
-
-
-/* C_EncryptFinal finishes a multiple-part encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_EncryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pLastEncryptedPart, /* receives encrypted last
-part */
- CK_ULONG_PTR pulLastEncryptedPartLen /* receives byte count */
-);
-#endif
-
-
-/* C_DecryptInit initializes a decryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the decryption key */
-);
-#endif
-
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-CK_EXTERN _CK_RV CK_FUNC(C_Decrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pEncryptedData, /* input encrypted data */
- CK_ULONG ulEncryptedDataLen, /* count of bytes of input */
- CK_BYTE_PTR pData, /* receives decrypted output */
- CK_ULONG_PTR pulDataLen /* receives decrypted byte count
-*/
-);
-#endif
-
-
-/* C_DecryptUpdate continues a multiple-part decryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pEncryptedPart, /* input encrypted data */
- CK_ULONG ulEncryptedPartLen, /* count of bytes of input */
- CK_BYTE_PTR pPart, /* receives decrypted output */
- CK_ULONG_PTR pulPartLen /* receives decrypted byte
-count */
-);
-#endif
-
-
-/* C_DecryptFinal finishes a multiple-part decryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pLastPart, /* receives decrypted output */
- CK_ULONG_PTR pulLastPartLen /* receives decrypted byte count */
-);
-#endif
-
-
-
-/* Message digesting */
-
-/* C_DigestInit initializes a message-digesting operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DigestInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
-);
-#endif
-
-
-/* C_Digest digests data in a single part. */
-CK_EXTERN _CK_RV CK_FUNC(C_Digest)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* data to be digested */
- CK_ULONG ulDataLen, /* bytes of data to be digested */
- CK_BYTE_PTR pDigest, /* receives the message digest */
- CK_ULONG_PTR pulDigestLen /* receives byte length of digest */
-);
-#endif
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting operation.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_DigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* data to be digested */
- CK_ULONG ulPartLen /* bytes of data to be digested */
-);
-#endif
-
-
-/* C_DigestKey continues a multi-part message-digesting operation, by
- * digesting the value of a secret key as part of the data already
-digested.
- */
-CK_EXTERN _CK_RV CK_FUNC(C_DigestKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hKey /* handle of secret key to digest */
-);
-#endif
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting operation.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_DigestFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pDigest, /* receives the message digest */
- CK_ULONG_PTR pulDigestLen /* receives byte count of digest */
-);
-#endif
-
-
-
-/* Signing and MACing */
-
-/* C_SignInit initializes a signature (private key encryption)
-operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_SignInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the signature key */
-);
-#endif
-
-
-/* C_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_Sign)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data (digest) to be signed
-*/
- CK_ULONG ulDataLen, /* count of bytes to be signed */
- CK_BYTE_PTR pSignature, /* receives the signature */
- CK_ULONG_PTR pulSignatureLen /* receives byte count of signature
-*/
-);
-#endif
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_SignUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the data (digest) to be signed */
- CK_ULONG ulPartLen /* count of bytes to be signed */
-);
-#endif
-
-
-/* C_SignFinal finishes a multiple-part signature operation,
- * returning the signature. */
-CK_EXTERN _CK_RV CK_FUNC(C_SignFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* receives the signature */
- CK_ULONG_PTR pulSignatureLen /* receives byte count of signature
-*/
-);
-#endif
-
-
-/* C_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-CK_EXTERN _CK_RV CK_FUNC(C_SignRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the signature key */
-);
-#endif
-
-
-/* C_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-CK_EXTERN _CK_RV CK_FUNC(C_SignRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data (digest) to be signed
-*/
- CK_ULONG ulDataLen, /* count of bytes to be signed */
- CK_BYTE_PTR pSignature, /* receives the signature */
- CK_ULONG_PTR pulSignatureLen /* receives byte count of signature
-*/
-);
-#endif
-
-
-
-/* Verifying signatures and MACs */
-
-/* C_VerifyInit initializes a verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the verification key */
-);
-#endif
-
-
-/* C_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_Verify)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* plaintext data (digest) to
-compare */
- CK_ULONG ulDataLen, /* length of data (digest) in bytes
-*/
- CK_BYTE_PTR pSignature, /* the signature to be verified */
- CK_ULONG ulSignatureLen /* count of bytes of signature */
-);
-#endif
-
-
-/* C_VerifyUpdate continues a multiple-part verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* plaintext data (digest) to compare */
- CK_ULONG ulPartLen /* length of data (digest) in bytes */
-);
-#endif
-
-
-/* C_VerifyFinal finishes a multiple-part verification operation,
- * checking the signature. */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* the signature to be verified */
- CK_ULONG ulSignatureLen /* count of bytes of signature */
-);
-#endif
-
-
-/* C_VerifyRecoverInit initializes a signature verification operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the verification key */
-);
-#endif
-
-
-/* C_VerifyRecover verifies a signature in a single-part operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-CK_EXTERN _CK_RV CK_FUNC(C_VerifyRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* the signature to be verified */
- CK_ULONG ulSignatureLen, /* count of bytes of signature */
- CK_BYTE_PTR pData, /* receives decrypted data (digest)
-*/
- CK_ULONG_PTR pulDataLen /* receives byte count of data */
-);
-#endif
-
-
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting and
-encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DigestEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* bytes of plaintext data */
- CK_BYTE_PTR pEncryptedPart, /* receives encrypted data */
- CK_ULONG_PTR pulEncryptedPartLen /* receives encrypted byte
-count */
-);
-#endif
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptDigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pEncryptedPart, /* input encrypted data */
- CK_ULONG ulEncryptedPartLen, /* count of bytes of input */
- CK_BYTE_PTR pPart, /* receives decrypted output */
- CK_ULONG_PTR pulPartLen /* receives decrypted byte
-count */
-);
-#endif
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_SignEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* bytes of plaintext data */
- CK_BYTE_PTR pEncryptedPart, /* receives encrypted data */
- CK_ULONG_PTR pulEncryptedPartLen /* receives encrypted byte
-count */
-);
-#endif
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and
- * verify operation. */
-CK_EXTERN _CK_RV CK_FUNC(C_DecryptVerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pEncryptedPart, /* input encrypted data */
- CK_ULONG ulEncryptedPartLen, /* count of byes of input */
- CK_BYTE_PTR pPart, /* receives decrypted output */
- CK_ULONG_PTR pulPartLen /* receives decrypted byte
-count */
-);
-#endif
-
-
-
-/* Key management */
-
-/* C_GenerateKey generates a secret key, creating a new key object. */
-CK_EXTERN _CK_RV CK_FUNC(C_GenerateKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the key generation mechanism */
- CK_ATTRIBUTE_PTR pTemplate, /* template for the new key */
- CK_ULONG ulCount, /* number of attributes in template
-*/
- CK_OBJECT_HANDLE_PTR phKey /* receives handle of new key */
-);
-#endif
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
-CK_EXTERN _CK_RV CK_FUNC(C_GenerateKeyPair)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's
-handle */
- CK_MECHANISM_PTR pMechanism, /* the key gen.
-mech. */
- CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* pub. attr.
-template */
- CK_ULONG ulPublicKeyAttributeCount, /* # of pub. attrs.
-*/
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* priv. attr.
-template */
- CK_ULONG ulPrivateKeyAttributeCount, /* # of priv. attrs.
-*/
- CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. key
-handle */
- CK_OBJECT_HANDLE_PTR phPrivateKey /* gets priv. key
-handle */
-);
-#endif
-
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-CK_EXTERN _CK_RV CK_FUNC(C_WrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
- CK_OBJECT_HANDLE hWrappingKey, /* handle of the wrapping key */
- CK_OBJECT_HANDLE hKey, /* handle of the key to be wrapped
-*/
- CK_BYTE_PTR pWrappedKey, /* receives the wrapped key */
- CK_ULONG_PTR pulWrappedKeyLen /* receives byte size of wrapped
-key */
-);
-#endif
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key
-object. */
-CK_EXTERN _CK_RV CK_FUNC(C_UnwrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the unwrapping mechanism */
- CK_OBJECT_HANDLE hUnwrappingKey, /* handle of the unwrapping
-key */
- CK_BYTE_PTR pWrappedKey, /* the wrapped key */
- CK_ULONG ulWrappedKeyLen, /* bytes length of wrapped key
-*/
- CK_ATTRIBUTE_PTR pTemplate, /* template for the new key */
- CK_ULONG ulAttributeCount, /* # of attributes in template
-*/
- CK_OBJECT_HANDLE_PTR phKey /* gets handle of recovered
-key */
-);
-#endif
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key object.
-*/
-CK_EXTERN _CK_RV CK_FUNC(C_DeriveKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the key derivation
-mechanism */
- CK_OBJECT_HANDLE hBaseKey, /* handle of the base key */
- CK_ATTRIBUTE_PTR pTemplate, /* template for the new key */
- CK_ULONG ulAttributeCount, /* # of attributes in template
-*/
- CK_OBJECT_HANDLE_PTR phKey /* gets handle of derived key
-*/
-);
-#endif
-
-
-
-/* Random number generation */
-
-/* C_SeedRandom mixes additional seed material into the token's random
-number
- * generator. */
-CK_EXTERN _CK_RV CK_FUNC(C_SeedRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSeed, /* the seed material */
- CK_ULONG ulSeedLen /* count of bytes of seed material */
-);
-#endif
-
-
-/* C_GenerateRandom generates random data. */
-CK_EXTERN _CK_RV CK_FUNC(C_GenerateRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR RandomData, /* receives the random data */
- CK_ULONG ulRandomLen /* number of bytes to be generated */
-);
-#endif
-
-
-
-/* Parallel function management */
-
-/* C_GetFunctionStatus obtains an updated status of a function running
- * in parallel with an application. */
-CK_EXTERN _CK_RV CK_FUNC(C_GetFunctionStatus)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CancelFunction cancels a function running in parallel. */
-CK_EXTERN _CK_RV CK_FUNC(C_CancelFunction)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Functions added in for PKCS #11 Version 2.01 or later */
-
-/* C_WaitForSlotEvent waits for a slot event (token insertion,
- * removal, etc.) to occur. */
-CK_EXTERN _CK_RV CK_FUNC(C_WaitForSlotEvent)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FLAGS flags, /* blocking/nonblocking flag */
- CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
- CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
-);
-#endif
diff --git a/security/nss/lib/fortcrypt/fpkcs11i.h b/security/nss/lib/fortcrypt/fpkcs11i.h
deleted file mode 100644
index 9359bb8d6..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11i.h
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal data structures used by pkcs11.c
- */
-#ifndef _FPKCS11I_H_
-#define _FPKCS11I_H_ 1
-
-#include "fpkstrs.h"
-#ifdef SWFORT
-#ifndef RETURN_TYPE
-#define RETURN_TYPE int
-#endif
-#endif
-#include "genci.h"
-
-typedef struct PK11AttributeStr PK11Attribute;
-typedef struct PK11ObjectListStr PK11ObjectList;
-typedef struct PK11ObjectListElementStr PK11ObjectListElement;
-typedef struct PK11ObjectStr PK11Object;
-typedef struct PK11SessionStr PK11Session;
-typedef struct PK11SlotStr PK11Slot;
-typedef struct PK11SessionContextStr PK11SessionContext;
-typedef struct PK11SearchResultsStr PK11SearchResults;
-
-typedef void (*PK11Destroy)(void *, PRBool);
-typedef SECStatus (*PK11Cipher)(void *,void *,unsigned int *,unsigned int,
- void *, unsigned int);
-typedef SECStatus (*PK11Verify)(void *,void *,unsigned int,void *,unsigned int);
-typedef void (*PK11Hash)(void *,void *,unsigned int);
-typedef void (*PK11End)(void *,void *,unsigned int *,unsigned int);
-typedef void (*PK11Free)(void *);
-
-#define HASH_SIZE 32
-#define SESSION_HASH_SIZE 64
-
-/* Value to tell if an attribute is modifiable or not.
- * NEVER: attribute is only set on creation.
- * ONCOPY: attribute is set on creation and can only be changed on copy.
- * SENSITIVE: attribute can only be changed to TRUE.
- * ALWAYS: attribute can always be changed.
- */
-typedef enum {
- PK11_NEVER = 0,
- PK11_ONCOPY = 1,
- PK11_SENSITIVE = 2,
- PK11_ALWAYS = 3
-} PK11ModifyType;
-
-/*
- * Free Status Enum... tell us more information when we think we're
- * deleting an object.
- */
-typedef enum {
- PK11_DestroyFailure,
- PK11_Destroyed,
- PK11_Busy
-} PK11FreeStatus;
-
-/*
- * attribute values of an object.
- */
-struct PK11AttributeStr {
- PK11Attribute *next;
- PK11Attribute *prev;
- int refCount;
- void *refLock;
- /*must be called handle to make pk11queue_find work */
- CK_ATTRIBUTE_TYPE handle;
- CK_ATTRIBUTE attrib;
-};
-
-struct PK11ObjectListStr {
- PK11ObjectList *next;
- PK11ObjectList *prev;
- PK11Object *parent;
-};
-
-/*
- * PKCS 11 crypto object structure
- */
-struct PK11ObjectStr {
- PK11Object *next;
- PK11Object *prev;
- PK11ObjectList sessionList;
- CK_OBJECT_HANDLE handle;
- int refCount;
- void *refLock;
- void *attributeLock;
- PK11Session *session;
- PK11Slot *slot;
- CK_OBJECT_CLASS objclass;
- void *objectInfo;
- PK11Free infoFree;
- char *label;
- PRBool inDB;
- PK11Attribute *head[HASH_SIZE];
-};
-
-/*
- * struct to deal with a temparary list of objects
- */
-struct PK11ObjectListElementStr {
- PK11ObjectListElement *next;
- PK11Object *object;
-};
-
-/*
- * Area to hold Search results
- */
-struct PK11SearchResultsStr {
- CK_OBJECT_HANDLE *handles;
- int size;
- int index;
-};
-
-
-/*
- * the universal crypto/hash/sign/verify context structure
- */
-typedef enum {
- PK11_ENCRYPT,
- PK11_DECRYPT,
- PK11_HASH,
- PK11_SIGN,
- PK11_SIGN_RECOVER,
- PK11_VERIFY,
- PK11_VERIFY_RECOVER
-} PK11ContextType;
-
-
-struct PK11SessionContextStr {
- PK11ContextType type;
- PRBool multi; /* is multipart */
- void *cipherInfo;
- unsigned int cipherInfoLen;
- CK_MECHANISM_TYPE currentMech;
- PK11Cipher update;
- PK11Hash hashUpdate;
- PK11End end;
- PK11Destroy destroy;
- PK11Verify verify;
- unsigned int maxLen;
-};
-
-/*
- * Sessions (have objects)
- */
-struct PK11SessionStr {
- PK11Session *next;
- PK11Session *prev;
- CK_SESSION_HANDLE handle;
- int refCount;
- void *refLock;
- void *objectLock;
- int objectIDCount;
- CK_SESSION_INFO info;
- CK_NOTIFY notify;
- CK_VOID_PTR appData;
- PK11Slot *slot;
- PK11SearchResults *search;
- PK11SessionContext *context;
- PK11ObjectList *objects[1];
- FortezzaContext fortezzaContext;
-};
-
-/*
- * slots (have sessions and objects)
- */
-struct PK11SlotStr {
- CK_SLOT_ID slotID;
- void *sessionLock;
- void *objectLock;
- SECItem *password;
- PRBool hasTokens;
- PRBool isLoggedIn;
- PRBool ssoLoggedIn;
- PRBool needLogin;
- PRBool DB_loaded;
- int sessionIDCount;
- int sessionCount;
- int rwSessionCount;
- int tokenIDCount;
- PK11Object *tokObjects[HASH_SIZE];
- PK11Session *head[SESSION_HASH_SIZE];
-};
-
-/*
- * session handle modifiers
- */
-#define PK11_PRIVATE_KEY_FLAG 0x80000000L
-
-/*
- * object handle modifiers
- */
-#define PK11_TOKEN_MASK 0x80000000L
-#define PK11_TOKEN_MAGIC 0x80000000L
-#define PK11_TOKEN_TYPE_MASK 0x70000000L
-#define PK11_TOKEN_TYPE_CERT 0x00000000L
-#define PK11_TOKEN_TYPE_PRIV 0x10000000L
-
-/* how big a password/pin we can deal with */
-#define PK11_MAX_PIN 255
-
-/* slot helper macros */
-#define pk11_SlotFromSessionHandle(handle) (((handle) & PK11_PRIVATE_KEY_FLAG)\
- ? &pk11_slot[1] : &pk11_slot[0])
-#define PK11_TOSLOT1(handle) handle &= ~PK11_PRIVATE_KEY_FLAG
-#define PK11_TOSLOT2(handle) handle |= PK11_PRIVATE_KEY_FLAG
-#define pk11_SlotFromSession(sp) ((sp)->slot)
-#define pk11_SlotFromID(id) ((id) == NETSCAPE_SLOT_ID ? \
- &pk11_slot[0] : (((id) == PRIVATE_KEY_SLOT_ID) ? &pk11_slot[1] : NULL))
-#define pk11_isToken(id) (((id) & PK11_TOKEN_MASK) == PK11_TOKEN_MAGIC)
-
-/* queueing helper macros */
-#define pk11_hash(value,size) ((value) & (size-1))/*size must be a power of 2*/
-#define pk11queue_add(element,id,head,hash_size) \
- { int tmp = pk11_hash(id,hash_size); \
- (element)->next = (head)[tmp]; \
- (element)->prev = NULL; \
- if ((head)[tmp]) (head)[tmp]->prev = (element); \
- (head)[tmp] = (element); }
-#define pk11queue_find(element,id,head,hash_size) \
- for( (element) = (head)[pk11_hash(id,hash_size)]; (element) != NULL; \
- (element) = (element)->next) { \
- if ((element)->handle == (id)) { break; } }
-#define pk11queue_delete(element,id,head,hash_size) \
- if ((element)->next) (element)->next->prev = (element)->prev; \
- if ((element)->prev) (element)->prev->next = (element)->next; \
- else (head)[pk11_hash(id,hash_size)] = ((element)->next); \
- (element)->next = NULL; \
- (element)->prev = NULL; \
-
-/* expand an attribute & secitem structures out */
-#define pk11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define pk11_item_expand(ip) (ip)->data,(ip)->len
-
-#endif
-
diff --git a/security/nss/lib/fortcrypt/fpkcs11t.h b/security/nss/lib/fortcrypt/fpkcs11t.h
deleted file mode 100644
index f3c6b0470..000000000
--- a/security/nss/lib/fortcrypt/fpkcs11t.h
+++ /dev/null
@@ -1,1098 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-#ifndef _PKCS11T_H_
-#define _PKCS11T_H_ 1
-
-/* an unsigned 8-bit value */
-typedef unsigned char CK_BYTE;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE CK_CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef CK_BYTE CK_BBOOL;
-
-/* an unsigned value, at least 32 bits long */
-typedef unsigned long int CK_ULONG;
-
-/* a signed value, the same size as a CK_ULONG */
-/* CK_LONG is new for v2.0 */
-typedef long int CK_LONG;
-
-/* at least 32 bits, each bit is a Boolean flag */
-typedef CK_ULONG CK_FLAGS;
-
-/* some special values for certain CK_ULONG variables */
-#define CK_UNAVAILABLE_INFORMATION (~0UL)
-#define CK_EFFECTIVELY_INFINITE 0
-
-/* these data types are platform/implementation dependent. */
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win32 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(push, cryptoki, 1)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win16 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(push, 1)
-#else /* not Watcom 16-bit */
-#define CK_ENTRY
-#define CK_PTR * /* definition for Win16 */
-#define NULL_PTR 0 /* NULL pointer */
-#pragma pack(1)
-#endif
-#endif
-#else /* not windows */
-#define CK_ENTRY
-#define CK_PTR * /* definition for UNIX */
-#define NULL_PTR 0 /* NULL pointer */
-#endif
-
-
-typedef CK_BYTE CK_PTR CK_BYTE_PTR; /* Pointer to a CK_BYTE */
-typedef CK_CHAR CK_PTR CK_CHAR_PTR; /* Pointer to a CK_CHAR */
-typedef CK_ULONG CK_PTR CK_ULONG_PTR; /* Pointer to a CK_ULONG */
-typedef void CK_PTR CK_VOID_PTR; /* Pointer to a void */
-typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; /* Pointer to a CK_VOID_PTR */
-
-/* The following value is always invalid if used as a session */
-/* handle or object handle */
-#define CK_INVALID_HANDLE 0
-
-typedef struct CK_VERSION {
- CK_BYTE major; /* integer portion of the version number */
- CK_BYTE minor; /* hundredths portion of the version number */
-} CK_VERSION;
-
-typedef CK_VERSION CK_PTR CK_VERSION_PTR; /* points to a CK_VERSION */
-
-
-typedef struct CK_INFO {
- CK_VERSION cryptokiVersion; /* PKCS #11 interface version number */
- CK_CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags; /* must be zero */
-
- /* libraryDescription and libraryVersion are new for v2.0 */
- CK_CHAR libraryDescription[32]; /* blank padded */
- CK_VERSION libraryVersion; /* version of library */
-} CK_INFO;
-
-typedef CK_INFO CK_PTR CK_INFO_PTR; /* points to a CK_INFO structure */
-
-
-/* CK_NOTIFICATION enumerates the types of notifications
- * that PKCS #11 provides to an application. */
-/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG for v2.0 */
-typedef CK_ULONG CK_NOTIFICATION;
-#define CKN_SURRENDER 0
-
-
-typedef CK_ULONG CK_SLOT_ID;
-
-/* CK_SLOT_ID_PTR points to a CK_SLOT_ID. */
-typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
-
-
-/* CK_SLOT_INFO provides information about a slot. */
-typedef struct CK_SLOT_INFO {
- CK_CHAR slotDescription[64]; /* blank padded */
- CK_CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags;
-
- /* hardwareVersion and firmwareVersion are new for v2.0 */
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
-} CK_SLOT_INFO;
-
-/* flags: bits flags that provide capabilities of the slot.
- * Bit Flag Mask Meaning
- */
-#define CKF_TOKEN_PRESENT 0x00000001 /* a token is present in the slot */
-#define CKF_REMOVABLE_DEVICE 0x00000002 /* reader supports removable devices*/
-#define CKF_HW_SLOT 0x00000004 /* a hardware slot, not a "soft token"*/
-
-/* CK_SLOT_INFO_PTR points to a CK_SLOT_INFO. */
-typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
-
-
-/* CK_TOKEN_INFO provides information about a token. */
-typedef struct CK_TOKEN_INFO {
- CK_CHAR label[32]; /* blank padded */
- CK_CHAR manufacturerID[32]; /* blank padded */
- CK_CHAR model[16]; /* blank padded */
- CK_CHAR serialNumber[16]; /* blank padded */
- CK_FLAGS flags; /* see below */
-
- /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
- * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
- * changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulMaxSessionCount; /* max open sessions */
- CK_ULONG ulSessionCount; /* sessions currently open */
- CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
- CK_ULONG ulRwSessionCount; /* R/W sessions currently open */
- CK_ULONG ulMaxPinLen; /* in bytes */
- CK_ULONG ulMinPinLen; /* in bytes */
- CK_ULONG ulTotalPublicMemory; /* in bytes */
- CK_ULONG ulFreePublicMemory; /* in bytes */
- CK_ULONG ulTotalPrivateMemory; /* in bytes */
- CK_ULONG ulFreePrivateMemory; /* in bytes */
-
- /* hardwareVersion, firmwareVersion, and time are new for v2.0 */
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
- CK_CHAR utcTime[16]; /* time */
-} CK_TOKEN_INFO;
-
-/* The flags parameter is defined as follows:
- * Table 7-2, Token Information Flags
- * Bit Flag Mask Meaning
- */
-#define CKF_RNG 0x00000001 /* has random number generator */
-#define CKF_WRITE_PROTECTED 0x00000002 /* token is write-protected */
-#define CKF_LOGIN_REQUIRED 0x00000004 /* a user must be logged in */
-#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's PIN is initialized */
-
-
-/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, then that means */
-/* that *every* time the state of cryptographic operations of a session is */
-/* successfully saved, all keys needed to continue those operations are */
-/* stored in the state. */
-#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 /* key always saved in saved sessions */
-
-/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, then that means that */
-/* the token has some sort of clock. The time on that clock is returned in */
-/* the token info structure. */
-#define CKF_CLOCK_ON_TOKEN 0x00000040 /* token has a clock */
-
-/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is true, that means */
-/* that there is some way for the user to login without sending a PIN through */
-/* the PKCS #11 library itself. */
-#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 /* token has protected path */
-/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, that
- * means that a single session with the token can perform dual
- * simultaneous cryptographic operations (digest and encrypt;
- * decrypt and digest; sign and encrypt; and decrypt and sign) */
-#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 /* dual crypto operations */
-
-/* CK_TOKEN_INFO_PTR points to a CK_TOKEN_INFO. */
-typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
-
-
-/* CK_SESSION_HANDLE is a PKCS #11-assigned value that identifies a session. */
-typedef CK_ULONG CK_SESSION_HANDLE;
-
-/* CK_SESSION_HANDLE_PTR points to a CK_SESSION_HANDLE. */
-typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
-
-
-/* CK_USER_TYPE enumerates the types of PKCS #11 users */
-/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for v2.0 */
-typedef CK_ULONG CK_USER_TYPE;
-/* Security Officer */
-#define CKU_SO 0
-/* Normal user */
-#define CKU_USER 1
-
-
-/* CK_STATE enumerates the session states */
-/* CK_STATE has been changed from an enum to a CK_ULONG for v2.0 */
-typedef CK_ULONG CK_STATE;
-#define CKS_RO_PUBLIC_SESSION 0
-#define CKS_RO_USER_FUNCTIONS 1
-#define CKS_RW_PUBLIC_SESSION 2
-#define CKS_RW_SO_FUNCTIONS 3
-#define CKS_RW_USER_FUNCTIONS 4
-
-
-/* CK_SESSION_INFO provides information about a session. */
-typedef struct CK_SESSION_INFO {
- CK_SLOT_ID slotID;
- CK_STATE state;
- CK_FLAGS flags; /* see below */
-
- /* ulDeviceError was changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulDeviceError; /* device-dependent error code */
-} CK_SESSION_INFO;
-
-/* The flags are defined in the following table. */
-/* Table 7-3, Session Information Flags */
-/* Bit Flag Mask Meaning
- */
-#define CKF_RW_SESSION 0x00000002 /* session is read/write; not R/O */
-#define CKF_SERIAL_SESSION 0x00000004 /* session doesn't support parallel */
-
-/* CK_SESSION_INFO_PTR points to a CK_SESSION_INFO. */
-typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
-
-
-/* CK_OBJECT_HANDLE is a token-specific identifier for an object. */
-typedef CK_ULONG CK_OBJECT_HANDLE;
-
-/* CK_OBJECT_HANDLE_PTR points to a CK_OBJECT_HANDLE. */
-typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
-
-
-/* CK_OBJECT_CLASS is a value that identifies the classes (or types)
- * of objects that PKCS #11 recognizes. It is defined as follows: */
-/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_OBJECT_CLASS;
-
-/* The following classes of objects are defined: */
-#define CKO_DATA 0x00000000
-#define CKO_CERTIFICATE 0x00000001
-#define CKO_PUBLIC_KEY 0x00000002
-#define CKO_PRIVATE_KEY 0x00000003
-#define CKO_SECRET_KEY 0x00000004
-#define CKO_VENDOR_DEFINED 0x80000000L
-
-/* CK_OBJECT_CLASS_PTR points to a CK_OBJECT_CLASS structure. */
-typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
-
-
-/* CK_KEY_TYPE is a value that identifies a key type. */
-/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_KEY_TYPE;
-
-/* the following key types are defined: */
-#define CKK_RSA 0x00000000
-#define CKK_DSA 0x00000001
-#define CKK_DH 0x00000002
-
-/* CKK_ECDSA, and CKK_KEA are new for v2.0 */
-#define CKK_ECDSA 0x00000003
-#define CKK_KEA 0x00000005
-
-#define CKK_GENERIC_SECRET 0x00000010
-#define CKK_RC2 0x00000011
-#define CKK_RC4 0x00000012
-#define CKK_DES 0x00000013
-#define CKK_DES2 0x00000014
-#define CKK_DES3 0x00000015
-
-/* all these key types are new for v2.0 */
-#define CKK_CAST 0x00000016
-#define CKK_CAST3 0x00000017
-#define CKK_CAST5 0x00000018
-#define CKK_RC5 0x00000019
-#define CKK_IDEA 0x0000001A
-#define CKK_SKIPJACK 0x0000001B
-#define CKK_BATON 0x0000001C
-#define CKK_JUNIPER 0x0000001D
-#define CKK_CDMF 0x0000001E
-
-#define CKK_VENDOR_DEFINED 0x80000000L
-
-/* CK_CERTIFICATE_TYPE is a value that identifies a certificate type. */
-/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_CERTIFICATE_TYPE;
-
-/* The following certificate types are defined: */
-#define CKC_X_509 0x00000000
-#define CKC_VENDOR_DEFINED 0x80000000L
-
-
-/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute type. */
-/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_ATTRIBUTE_TYPE;
-
-/* The following attribute types are defined: */
-#define CKA_CLASS 0x00000000
-#define CKA_TOKEN 0x00000001
-#define CKA_PRIVATE 0x00000002
-#define CKA_LABEL 0x00000003
-#define CKA_APPLICATION 0x00000010
-#define CKA_VALUE 0x00000011
-#define CKA_CERTIFICATE_TYPE 0x00000080
-#define CKA_ISSUER 0x00000081
-#define CKA_SERIAL_NUMBER 0x00000082
-#define CKA_KEY_TYPE 0x00000100
-#define CKA_SUBJECT 0x00000101
-#define CKA_ID 0x00000102
-#define CKA_SENSITIVE 0x00000103
-#define CKA_ENCRYPT 0x00000104
-#define CKA_DECRYPT 0x00000105
-#define CKA_WRAP 0x00000106
-#define CKA_UNWRAP 0x00000107
-#define CKA_SIGN 0x00000108
-#define CKA_SIGN_RECOVER 0x00000109
-#define CKA_VERIFY 0x0000010A
-#define CKA_VERIFY_RECOVER 0x0000010B
-#define CKA_DERIVE 0x0000010C
-#define CKA_START_DATE 0x00000110
-#define CKA_END_DATE 0x00000111
-#define CKA_MODULUS 0x00000120
-#define CKA_MODULUS_BITS 0x00000121
-#define CKA_PUBLIC_EXPONENT 0x00000122
-#define CKA_PRIVATE_EXPONENT 0x00000123
-#define CKA_PRIME_1 0x00000124
-#define CKA_PRIME_2 0x00000125
-#define CKA_EXPONENT_1 0x00000126
-#define CKA_EXPONENT_2 0x00000127
-#define CKA_COEFFICIENT 0x00000128
-#define CKA_PRIME 0x00000130
-#define CKA_SUBPRIME 0x00000131
-#define CKA_BASE 0x00000132
-#define CKA_VALUE_BITS 0x00000160
-#define CKA_VALUE_LEN 0x00000161
-
-/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, CKA_ALWAYS_SENSITIVE, */
-/* and CKA_MODIFIABLE are new for v2.0 */
-#define CKA_EXTRACTABLE 0x00000162
-#define CKA_LOCAL 0x00000163
-#define CKA_NEVER_EXTRACTABLE 0x00000164
-#define CKA_ALWAYS_SENSITIVE 0x00000165
-#define CKA_MODIFIABLE 0x00000170
-
-#define CKA_VENDOR_DEFINED 0x80000000L
-
-/* CK_ATTRIBUTE is a structure that includes the type, length and value
- * of an attribute. */
-typedef struct CK_ATTRIBUTE {
- CK_ATTRIBUTE_TYPE type;
- CK_VOID_PTR pValue;
-
- /* ulValueLen was changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulValueLen; /* in bytes */
-} CK_ATTRIBUTE;
-
-/* CK_ATTRIBUTE_PTR points to a CK_ATTRIBUTE. */
-typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
-
-
-/* CK_DATE is a structure that defines a date. */
-typedef struct CK_DATE{
- CK_CHAR year[4]; /* the year ("1900" - "9999") */
- CK_CHAR month[2]; /* the month ("01" - "12") */
- CK_CHAR day[2]; /* the day ("01" - "31") */
-} CK_DATE;
-
-
-/* CK_MECHANISM_TYPE is a value that identifies a mechanism type. */
-/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_MECHANISM_TYPE;
-
-/* the following mechanism types are defined: */
-#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
-#define CKM_RSA_PKCS 0x00000001
-#define CKM_RSA_9796 0x00000002
-#define CKM_RSA_X_509 0x00000003
-
-/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS are */
-/* new for v2.0. They are mechanisms which hash and sign */
-#define CKM_MD2_RSA_PKCS 0x00000004
-#define CKM_MD5_RSA_PKCS 0x00000005
-#define CKM_SHA1_RSA_PKCS 0x00000006
-
-#define CKM_DSA_KEY_PAIR_GEN 0x00000010
-#define CKM_DSA 0x00000011
-#define CKM_DSA_SHA1 0x00000012
-#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
-#define CKM_DH_PKCS_DERIVE 0x00000021
-#define CKM_RC2_KEY_GEN 0x00000100
-#define CKM_RC2_ECB 0x00000101
-#define CKM_RC2_CBC 0x00000102
-#define CKM_RC2_MAC 0x00000103
-
-/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new to v2.0 */
-#define CKM_RC2_MAC_GENERAL 0x00000104
-#define CKM_RC2_CBC_PAD 0x00000105
-
-#define CKM_RC4_KEY_GEN 0x00000110
-#define CKM_RC4 0x00000111
-#define CKM_DES_KEY_GEN 0x00000120
-#define CKM_DES_ECB 0x00000121
-#define CKM_DES_CBC 0x00000122
-#define CKM_DES_MAC 0x00000123
-
-/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new to v2.0 */
-#define CKM_DES_MAC_GENERAL 0x00000124
-#define CKM_DES_CBC_PAD 0x00000125
-
-#define CKM_DES2_KEY_GEN 0x00000130
-#define CKM_DES3_KEY_GEN 0x00000131
-#define CKM_DES3_ECB 0x00000132
-#define CKM_DES3_CBC 0x00000133
-#define CKM_DES3_MAC 0x00000134
-
-/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, */
-/* CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, CKM_CDMF_MAC_GENERAL, */
-/* and CKM_CDMF_CBC_PAD are new to v2.0 */
-#define CKM_DES3_MAC_GENERAL 0x00000135
-#define CKM_DES3_CBC_PAD 0x00000136
-#define CKM_CDMF_KEY_GEN 0x00000140
-#define CKM_CDMF_ECB 0x00000141
-#define CKM_CDMF_CBC 0x00000142
-#define CKM_CDMF_MAC 0x00000143
-#define CKM_CDMF_MAC_GENERAL 0x00000144
-#define CKM_CDMF_CBC_PAD 0x00000145
-
-#define CKM_MD2 0x00000200
-
-/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new to v2.0 */
-#define CKM_MD2_HMAC 0x00000201
-#define CKM_MD2_HMAC_GENERAL 0x00000202
-
-#define CKM_MD5 0x00000210
-
-/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new to v2.0 */
-#define CKM_MD5_HMAC 0x00000211
-#define CKM_MD5_HMAC_GENERAL 0x00000212
-
-#define CKM_SHA_1 0x00000220
-
-/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new to v2.0 */
-#define CKM_SHA_1_HMAC 0x00000221
-#define CKM_SHA_1_HMAC_GENERAL 0x00000222
-
-/* All the following mechanisms are new to v2.0 */
-#define CKM_CAST_KEY_GEN 0x00000300
-#define CKM_CAST_ECB 0x00000301
-#define CKM_CAST_CBC 0x00000302
-#define CKM_CAST_MAC 0x00000303
-#define CKM_CAST_MAC_GENERAL 0x00000304
-#define CKM_CAST_CBC_PAD 0x00000305
-#define CKM_CAST3_KEY_GEN 0x00000310
-#define CKM_CAST3_ECB 0x00000311
-#define CKM_CAST3_CBC 0x00000312
-#define CKM_CAST3_MAC 0x00000313
-#define CKM_CAST3_MAC_GENERAL 0x00000314
-#define CKM_CAST3_CBC_PAD 0x00000315
-#define CKM_CAST5_KEY_GEN 0x00000320
-#define CKM_CAST5_ECB 0x00000321
-#define CKM_CAST5_CBC 0x00000322
-#define CKM_CAST5_MAC 0x00000323
-#define CKM_CAST5_MAC_GENERAL 0x00000324
-#define CKM_CAST5_CBC_PAD 0x00000325
-#define CKM_RC5_KEY_GEN 0x00000330
-#define CKM_RC5_ECB 0x00000331
-#define CKM_RC5_CBC 0x00000332
-#define CKM_RC5_MAC 0x00000333
-#define CKM_RC5_MAC_GENERAL 0x00000334
-#define CKM_RC5_CBC_PAD 0x00000335
-#define CKM_IDEA_KEY_GEN 0x00000340
-#define CKM_IDEA_ECB 0x00000341
-#define CKM_IDEA_CBC 0x00000342
-#define CKM_IDEA_MAC 0x00000343
-#define CKM_IDEA_MAC_GENERAL 0x00000344
-#define CKM_IDEA_CBC_PAD 0x00000345
-#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350
-#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360
-#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362
-#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363
-#define CKM_XOR_BASE_AND_DATA 0x00000364
-#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365
-#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
-#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
-#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
-#define CKM_SSL3_MD5_MAC 0x00000380
-#define CKM_SSL3_SHA1_MAC 0x00000381
-#define CKM_MD5_KEY_DERIVATION 0x00000390
-#define CKM_MD2_KEY_DERIVATION 0x00000391
-#define CKM_SHA1_KEY_DERIVATION 0x00000392
-#define CKM_PBE_MD2_DES_CBC 0x000003A0
-#define CKM_PBE_MD5_DES_CBC 0x000003A1
-#define CKM_PBE_MD5_CAST_CBC 0x000003A2
-#define CKM_PBE_MD5_CAST3_CBC 0x000003A3
-#define CKM_PBE_MD5_CAST5_CBC 0x000003A4
-#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
-#define CKM_PBE_SHA1_RC4_128 0x000003A6
-#define CKM_PBE_SHA1_RC4_40 0x000003A7
-#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
-#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
-#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
-#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
-#define CKM_KEY_WRAP_LYNKS 0x00000400
-#define CKM_KEY_WRAP_SET_OAEP 0x00000401
-
-/* Fortezza mechanisms */
-#define CKM_SKIPJACK_KEY_GEN 0x00001000
-#define CKM_SKIPJACK_ECB64 0x00001001
-#define CKM_SKIPJACK_CBC64 0x00001002
-#define CKM_SKIPJACK_OFB64 0x00001003
-#define CKM_SKIPJACK_CFB64 0x00001004
-#define CKM_SKIPJACK_CFB32 0x00001005
-#define CKM_SKIPJACK_CFB16 0x00001006
-#define CKM_SKIPJACK_CFB8 0x00001007
-#define CKM_SKIPJACK_WRAP 0x00001008
-#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009
-#define CKM_SKIPJACK_RELAYX 0x0000100a
-#define CKM_KEA_KEY_PAIR_GEN 0x00001010
-#define CKM_KEA_KEY_DERIVE 0x00001011
-#define CKM_FORTEZZA_TIMESTAMP 0x00001020
-#define CKM_BATON_KEY_GEN 0x00001030
-#define CKM_BATON_ECB128 0x00001031
-#define CKM_BATON_ECB96 0x00001032
-#define CKM_BATON_CBC128 0x00001033
-#define CKM_BATON_COUNTER 0x00001034
-#define CKM_BATON_SHUFFLE 0x00001035
-#define CKM_BATON_WRAP 0x00001036
-#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040
-#define CKM_ECDSA 0x00001041
-#define CKM_ECDSA_SHA1 0x00001042
-#define CKM_JUNIPER_KEY_GEN 0x00001060
-#define CKM_JUNIPER_ECB128 0x00001061
-#define CKM_JUNIPER_CBC128 0x00001062
-#define CKM_JUNIPER_COUNTER 0x00001063
-#define CKM_JUNIPER_SHUFFLE 0x00001064
-#define CKM_JUNIPER_WRAP 0x00001065
-#define CKM_FASTHASH 0x00001070
-
-#define CKM_VENDOR_DEFINED 0x80000000L
-
-
-/* CK_MECHANISM_TYPE_PTR points to a CK_MECHANISM_TYPE structure. */
-typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
-
-
-/* CK_MECHANISM is a structure that specifies a particular mechanism. */
-typedef struct CK_MECHANISM {
- CK_MECHANISM_TYPE mechanism;
- CK_VOID_PTR pParameter;
-
- /* ulParameterLen was changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulParameterLen; /* in bytes */
-} CK_MECHANISM;
-
-/* CK_MECHANISM_PTR points to a CK_MECHANISM structure. */
-typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
-
-
-/* CK_MECHANISM_INFO provides information about a particular mechanism. */
-typedef struct CK_MECHANISM_INFO {
- CK_ULONG ulMinKeySize;
- CK_ULONG ulMaxKeySize;
- CK_FLAGS flags;
-} CK_MECHANISM_INFO;
-
-/* The flags are defined as follows.
- * Table 7-4, Mechanism Information FLags
- * Bit Flag Mask Meaning */
-#define CKF_HW 0x00000001 /* performed by HW device; not SW */
-
-/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, CKG_SIGN_RECOVER, */
-/* CKF_VERIFY, CKF_VERIFY_RECOVER, CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, */
-/* CKF_UNWRAP, and CKF_DERIVE are new for v2.0 */
-#define CKF_ENCRYPT 0x00000100 /* can be used with C_EncryptInit */
-#define CKF_DECRYPT 0x00000200 /* can be used with C_DecryptInit */
-#define CKF_DIGEST 0x00000400 /* can be used with C_DigestInit */
-#define CKF_SIGN 0x00000800 /* can be used with C_SignInit */
-#define CKF_SIGN_RECOVER 0x00001000 /* can use with C_SignRecoverInit */
-#define CKF_VERIFY 0x00002000 /* can be used with C_VerifyInit */
-#define CKF_VERIFY_RECOVER 0x00004000 /* can use w/ C_VerifyRecoverInit */
-#define CKF_GENERATE 0x00008000L /* can be used with C_GenerateKey */
-#define CKF_GENERATE_KEY_PAIR 0x00010000L /* can use with C_GenerateKeyPair */
-#define CKF_WRAP 0x00020000L /* can be used with C_WrapKey */
-#define CKF_UNWRAP 0x00040000L /* can be used with C_UnwrapKey */
-#define CKF_DERIVE 0x00080000L /* can be used with C_DeriveKey */
-
-#define CKF_EXTENSION 0x80000000L /* Must be FALSE for this version */
-
-/* CK_MECHANISM_INFO_PTR points to a CK_MECHANISM_INFO structure. */
-typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
-
-
-/* CK_RV is a value that identifies the return value of a PKCS #11 function. */
-/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_RV;
-
-#define CKR_OK 0x00000000
-#define CKR_CANCEL 0x00000001
-#define CKR_HOST_MEMORY 0x00000002
-#define CKR_SLOT_ID_INVALID 0x00000003
-
-/* CKR_FLAGS_INVALID was removed for v2.0 */
-
-/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
-#define CKR_GENERAL_ERROR 0x00000005
-#define CKR_FUNCTION_FAILED 0x00000006
-
-/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
- * and CKR_CANT_LOCK are new for v2.01 */
-#define CKR_ARGUMENTS_BAD 0x00000007
-#define CKR_NO_EVENT 0x00000008
-#define CKR_NEED_TO_CREATE_THREADS 0x00000009
-#define CKR_CANT_LOCK 0x0000000A
-
-#define CKR_ATTRIBUTE_READ_ONLY 0x00000010
-#define CKR_ATTRIBUTE_SENSITIVE 0x00000011
-#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012
-#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013
-#define CKR_DATA_INVALID 0x00000020
-#define CKR_DATA_LEN_RANGE 0x00000021
-#define CKR_DEVICE_ERROR 0x00000030
-#define CKR_DEVICE_MEMORY 0x00000031
-#define CKR_DEVICE_REMOVED 0x00000032
-#define CKR_ENCRYPTED_DATA_INVALID 0x00000040
-#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041
-#define CKR_FUNCTION_CANCELED 0x00000050
-#define CKR_FUNCTION_NOT_PARALLEL 0x00000051
-
-/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
-#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054
-
-#define CKR_KEY_HANDLE_INVALID 0x00000060
-
-/* CKR_KEY_SENSITIVE was removed for v2.0 */
-
-#define CKR_KEY_SIZE_RANGE 0x00000062
-#define CKR_KEY_TYPE_INCONSISTENT 0x00000063
-
-/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
- * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
- * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are
- * new for v2.0 */
-#define CKR_KEY_NOT_NEEDED 0x00000064
-#define CKR_KEY_CHANGED 0x00000065
-#define CKR_KEY_NEEDED 0x00000066
-#define CKR_KEY_INDIGESTIBLE 0x00000067
-#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068
-#define CKR_KEY_NOT_WRAPPABLE 0x00000069
-#define CKR_KEY_UNEXTRACTABLE 0x0000006A
-
-#define CKR_MECHANISM_INVALID 0x00000070
-#define CKR_MECHANISM_PARAM_INVALID 0x00000071
-
-/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
- * were removed for v2.0 */
-#define CKR_OBJECT_HANDLE_INVALID 0x00000082
-#define CKR_OPERATION_ACTIVE 0x00000090
-#define CKR_OPERATION_NOT_INITIALIZED 0x00000091
-#define CKR_PIN_INCORRECT 0x000000A0
-#define CKR_PIN_INVALID 0x000000A1
-#define CKR_PIN_LEN_RANGE 0x000000A2
-
-/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
-#define CKR_PIN_EXPIRED 0x000000A3
-#define CKR_PIN_LOCKED 0x000000A4
-
-#define CKR_SESSION_CLOSED 0x000000B0
-#define CKR_SESSION_COUNT 0x000000B1
-#define CKR_SESSION_HANDLE_INVALID 0x000000B3
-#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4
-#define CKR_SESSION_READ_ONLY 0x000000B5
-#define CKR_SESSION_EXISTS 0x000000B6
-
-/* CKR_SESSION_READ_ONLY_EXISTS and CKR_SESSION_READ_WRITE_SO_EXISTS
- * are new for v2.0 */
-#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7
-#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8
-
-#define CKR_SIGNATURE_INVALID 0x000000C0
-#define CKR_SIGNATURE_LEN_RANGE 0x000000C1
-#define CKR_TEMPLATE_INCOMPLETE 0x000000D0
-#define CKR_TEMPLATE_INCONSISTENT 0x000000D1
-#define CKR_TOKEN_NOT_PRESENT 0x000000E0
-#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1
-#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2
-#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0
-#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1
-#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2
-#define CKR_USER_ALREADY_LOGGED_IN 0x00000100
-#define CKR_USER_NOT_LOGGED_IN 0x00000101
-#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102
-#define CKR_USER_TYPE_INVALID 0x00000103
-
-/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
- * are new to v2.01 */
-#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104
-#define CKR_USER_TOO_MANY_TYPES 0x00000105
-
-#define CKR_WRAPPED_KEY_INVALID 0x00000110
-#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112
-#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113
-#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114
-#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115
-#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120
-
-/* These are new to v2.0 */
-#define CKR_RANDOM_NO_RNG 0x00000121
-#define CKR_INSERTION_CALLBACK_SET 0x00000140
-#define CKR_INSERTION_CALLBACK_NOT_SUPPORTED 0x00000141
-#define CKR_BUFFER_TOO_SMALL 0x00000150
-#define CKR_SAVED_STATE_INVALID 0x00000160
-#define CKR_INFORMATION_SENSITIVE 0x00000170
-#define CKR_STATE_UNSAVEABLE 0x00000180
-
-/* These are new to v2.01 */
-#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190
-#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191
-#define CKR_MUTEX_BAD 0x000001A0
-#define CKR_MUTEX_NOT_LOCKED 0x000001A1
-
-#define CKR_VENDOR_DEFINED 0x80000000L
-
-
-/* CK_NOTIFY is an application callback that processes events. */
-typedef CK_RV (CK_ENTRY CK_PTR CK_NOTIFY)(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_NOTIFICATION event,
- CK_VOID_PTR pApplication /* same as passed to C_OpenSession. */
-);
-
-/* CK_FUNCTION_LIST is going to be a structure holding a PKCS #11 spec */
-/* version and pointers of appropriate types to all the PKCS #11 functions. */
-/* CK_FUNCTION_LIST is new for v2.0 */
-typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
-
-typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
-
-typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
-
-/* CK_CREATEMUTEX is an application callback for creating a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_CREATEMUTEX)(
- CK_VOID_PTR_PTR ppMutex /* location to receive pointer to mutex */
-);
-
-
-/* CK_DESTROYMUTEX is an application callback for destroying a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_DESTROYMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_LOCKMUTEX is an application callback for locking a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_LOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_UNLOCKMUTEX is an application callback for unlocking a mutex */
-typedef CK_RV CK_ENTRY (CK_PTR CK_UNLOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_C_INITIALIZE_ARGS provides the optional arguments to C_Initialize
-*/
-typedef struct CK_C_INITIALIZE_ARGS {
- CK_CREATEMUTEX CreateMutex;
- CK_DESTROYMUTEX DestroyMutex;
- CK_LOCKMUTEX LockMutex;
- CK_UNLOCKMUTEX UnlockMutex;
- CK_FLAGS flags;
- CK_VOID_PTR pReserved;
-} CK_C_INITIALIZE_ARGS;
-
-/* flags: bit flags that provide capabilities of the slot
- * Bit Flag Mask Meaning
- */
-#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 /* library may not
- * spawn its own
- * threads */
-#define CKF_OS_LOCKING_OK 0x00000002 /* library can use
- * native operating
- * system thread
- * synchronization */
-
-/* CK_C_INITIALIZE_ARGS_PTR is a pointer to a CK_C_INITIALIZE_ARGS */
-typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
-
-
-/* additional flags for parameters to functions */
-
-/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
-#define CKF_DONT_BLOCK 1
-
-/* CK_KEA_DERIVE_PARAMS provides the parameters to the CKM_KEA_DERIVE
- * mechanism. */
-/* CK_KEA_DERIVE_PARAMS is new for v2.0 */
-typedef struct CK_KEA_DERIVE_PARAMS {
- CK_BBOOL isSender;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pRandomB;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
-} CK_KEA_DERIVE_PARAMS;
-
-/* CK_KEA_DERIVE_PARAMS_PTR points to a CK_KEA_DERIVE_PARAMS. */
-typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
-
-
-/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and CKM_RC2_MAC */
-/* mechanisms. An instance of CK_RC2_PARAMS just holds the effective keysize. */
-typedef CK_ULONG CK_RC2_PARAMS;
-
-
-/* CK_RC2_PARAMS_PTR points to a CK_RC2_PARAMS. */
-typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
-
-
-/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC mechanism. */
-typedef struct CK_RC2_CBC_PARAMS {
- /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
-
- CK_BYTE iv[8]; /* IV for CBC mode */
-} CK_RC2_CBC_PARAMS;
-
-/* CK_RC2_CBC_PARAMS_PTR points to a CK_RC2_CBC_PARAMS. */
-typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
-
-/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the */
-/* CKM_RC2_MAC_GENERAL mechanism. */
-/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC2_MAC_GENERAL_PARAMS {
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC2_MAC_GENERAL_PARAMS;
-
-typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR CK_RC2_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and CKM_RC5_MAC */
-/* mechanisms. */
-/* CK_RC5_PARAMS is new for v2.0 */
-typedef struct CK_RC5_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
-} CK_RC5_PARAMS;
-
-/* CK_RC5_PARAMS_PTR points to a CK_RC5_PARAMS. */
-typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
-
-
-/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC mechanism. */
-/* CK_RC5_CBC_PARAMS is new for v2.0 */
-typedef struct CK_RC5_CBC_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_BYTE_PTR pIv; /* pointer to IV */
- CK_ULONG ulIvLen; /* length of IV in bytes */
-} CK_RC5_CBC_PARAMS;
-
-/* CK_RC5_CBC_PARAMS_PTR points to a CK_RC5_CBC_PARAMS. */
-typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
-
-
-/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the */
-/* CKM_RC5_MAC_GENERAL mechanism. */
-/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC5_MAC_GENERAL_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC5_MAC_GENERAL_PARAMS;
-
-typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR CK_RC5_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_MAC_GENERAL_PARAMS provides the parameters to most block ciphers' */
-/* MAC_GENERAL mechanisms. Its value is the length of the MAC. */
-/* CK_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
-
-typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
- * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
- CK_ULONG ulPasswordLen;
- CK_BYTE_PTR pPassword;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPAndGLen;
- CK_ULONG ulQLen;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pPrimeP;
- CK_BYTE_PTR pBaseG;
- CK_BYTE_PTR pSubprimeQ;
-} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS_PTR points to a
- * CK_SKIPJACK_PRIVATE_WRAP_PARAMS */
-typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
- CK_SKIPJACK_PRIVATE_WRAP_PTR;
-
-
-/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
- * CKM_SKIPJACK_RELAYX mechanism */
-/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_RELAYX_PARAMS {
- CK_ULONG ulOldWrappedXLen;
- CK_BYTE_PTR pOldWrappedX;
- CK_ULONG ulOldPasswordLen;
- CK_BYTE_PTR pOldPassword;
- CK_ULONG ulOldPublicDataLen;
- CK_BYTE_PTR pOldPublicData;
- CK_ULONG ulOldRandomLen;
- CK_BYTE_PTR pOldRandomA;
- CK_ULONG ulNewPasswordLen;
- CK_BYTE_PTR pNewPassword;
- CK_ULONG ulNewPublicDataLen;
- CK_BYTE_PTR pNewPublicData;
- CK_ULONG ulNewRandomLen;
- CK_BYTE_PTR pNewRandomA;
-} CK_SKIPJACK_RELAYX_PARAMS;
-
-/* CK_SKIPJACK_RELAYX_PARAMS_PTR points to a CK_SKIPJACK_RELAYX_PARAMS
-*/
-typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR CK_SKIPJACK_RELAYX_PARAMS_PTR;
-
-typedef struct CK_PBE_PARAMS {
- CK_CHAR_PTR pInitVector;
- CK_CHAR_PTR pPassword;
- CK_ULONG ulPasswordLen;
- CK_CHAR_PTR pSalt;
- CK_ULONG ulSaltLen;
- CK_ULONG ulIteration;
-} CK_PBE_PARAMS;
-
-typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
-
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the */
-/* CKM_KEY_WRAP_SET_OAEP mechanism. */
-/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
-typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
- CK_BYTE bBC; /* block contents byte */
- CK_BYTE_PTR pX; /* extra data */
- CK_ULONG ulXLen; /* length of extra data in bytes */
-} CK_KEY_WRAP_SET_OAEP_PARAMS;
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS_PTR points to a CK_KEY_WRAP_SET_OAEP_PARAMS. */
-typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
-
-/* CK_BATON_PARAMS provides the parameters to the CKM_BATON_ECB128, */
-/* CKM_BATON_ECB96, CKM_BATON_CBC128, CKM_BATON_COUNTER, and */
-/* CKM_BATON_SHUFFLE mechanisms. */
-/* CK_BATON_PARAMS is new for v2.0 */
-typedef struct CK_BATON_PARAMS {
- CK_BYTE iv[24];
-} CK_BATON_PARAMS;
-
-/* CK_BATON_PARAMS_PTR points to a CK_BATON_PARAMS. */
-typedef CK_BATON_PARAMS CK_PTR CK_BATON_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_RANDOM_DATA {
- CK_BYTE_PTR pClientRandom;
- CK_ULONG ulClientRandomLen;
- CK_BYTE_PTR pServerRandom;
- CK_ULONG ulServerRandomLen;
-} CK_SSL3_RANDOM_DATA;
-
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_VERSION_PTR pVersion;
-} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_OUT {
- CK_OBJECT_HANDLE hClientMacSecret;
- CK_OBJECT_HANDLE hServerMacSecret;
- CK_OBJECT_HANDLE hClientKey;
- CK_OBJECT_HANDLE hServerKey;
- CK_BYTE_PTR pIVClient;
- CK_BYTE_PTR pIVServer;
-} CK_SSL3_KEY_MAT_OUT;
-
-typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_PARAMS {
- CK_ULONG ulMacSizeInBits;
- CK_ULONG ulKeySizeInBits;
- CK_ULONG ulIVSizeInBits;
- CK_BBOOL bIsExport;
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
-} CK_SSL3_KEY_MAT_PARAMS;
-
-typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
-
-/* The CK_DERIVATION_STRING_DATA is used for bunches of Deriviation
- * Mechanisms. */
-typedef struct CK_KEY_DERIVATION_STRING_DATA {
- CK_BYTE_PTR pData;
- CK_ULONG ulLen;
-} CK_KEY_DERIVATION_STRING_DATA;
-typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR CK_KEY_DERIVATION_STRING_DATA_PTR;
-
-/* The CK_EXTRACT_PARAMS is used for the CKM_EXTRACT_KEY_FROM_KEY mechanism. */
-/* CK_EXTRACT_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_EXTRACT_PARAMS;
-
-/* CK_EXTRACT_PARAMS_PTR points to a CK_EXTRACT_PARAMS. */
-typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
-
-
-/* Do not attempt to use these. They are only used by NETSCAPE's internal
- * PKCS #11 interface. Most of these are place holders for other mechanism
- * and will change in the future.
- */
-#define CKM_NETSCAPE_PBE_KEY_GEN 0x80000001L
-#define CKM_NETSCAPE_PBE_SHA1_DES_CBC 0x80000002L
-#define CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC 0x80000003L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC 0x80000004L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC 0x80000005L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4 0x80000006L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4 0x80000007L
-#define CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC 0x80000008L
-#define CKM_TLS_MASTER_KEY_DERIVE 0x80000371L
-#define CKM_TLS_KEY_AND_MAC_DERIVE 0x80000372L
-
-/* define used to pass in the database key for DSA private keys */
-#define CKA_NETSCAPE_DB 0xD5A0DB00L
-#define CKA_NETSCAPE_TRUST 0x80000001L
-
-#if defined(XP_WIN)
-#if defined(_WIN32)
-#pragma pack(pop, cryptoki)
-#else /* win16 */
-#if defined(__WATCOMC__)
-#pragma pack(pop)
-#else /* not Watcom 16-bit */
-#pragma pack()
-#endif
-#endif
-#endif
-
-#endif
diff --git a/security/nss/lib/fortcrypt/fpkmem.h b/security/nss/lib/fortcrypt/fpkmem.h
deleted file mode 100644
index c35370be0..000000000
--- a/security/nss/lib/fortcrypt/fpkmem.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _FPKMEM_H_
-#define _FPKMEM_H_
-
-#define PORT_Free free
-#define PORT_Alloc malloc
-
-#define PORT_Memcmp memcmp
-#define PORT_Memcpy memcpy
-
-#define NUM_SLOTS 32
-
-#if !defined (XP_UNIX) && !defined (_WINDOWS) && !defined(XP_OS2)
-#define XP_MAC 1 /*Make sure we get this define in for Mac builds*/
-#endif
-
-#endif /*_FPKMEM_H_*/
diff --git a/security/nss/lib/fortcrypt/fpkstrs.h b/security/nss/lib/fortcrypt/fpkstrs.h
deleted file mode 100644
index 144ea1ee7..000000000
--- a/security/nss/lib/fortcrypt/fpkstrs.h
+++ /dev/null
@@ -1,122 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _context_h_
-#define _context_h_
-
-#ifdef SWFORT
-#ifndef RETURN_TYPE
-#define RETURN_TYPE int
-#endif
-#endif
-#include "cryptint.h"
-#include "genci.h"
-#include "maci.h"
-
-typedef enum {NOKEY, TEK, MEK, UNWRAP, Ks} FortezzaKeyType;
-typedef enum {Encrypt, Decrypt, Sign, None} CryptoType;
-
-typedef struct FortezzaKeyStr *FortezzaKeyPtr;
-typedef struct FortezzaSocketStr *FortezzaSocketPtr;
-typedef struct FortezzaKeyStr FortezzaKey;
-typedef unsigned char FortezzaMEK[12];
-
-
-typedef struct CreateTEKInfoStr {
- CI_RA Ra;
- CI_RB Rb;
- unsigned long randomLen;
- int personality;
- int flag; /*Either CI_INITIATOR_FLAG or CI_RECIPIENT_FLAG*/
- CI_Y pY;
- unsigned int YSize;
-} CreateTEKInfo;
-
-typedef struct FortezzaTEKStr {
- CI_RA Ra; /*All the parameters necessary to create a TEK */
- CI_RB Rb;
- unsigned long randomLen;
- CI_Y pY;
- int flags;
- int registerIndex;
- unsigned int ySize;
-} FortezzaTEK;
-
-struct FortezzaKeyStr {
- FortezzaKeyPtr next, prev;
- CK_OBJECT_HANDLE keyHandle;
- int keyRegister;
- FortezzaKeyType keyType;
- FortezzaSocketPtr keySocket;
- unsigned long id;
- unsigned long hitCount;
- union {
- FortezzaTEK tek;
- FortezzaMEK mek;
- } keyData;
-};
-
-typedef struct FortezzaSocketStr {
- PRBool isOpen;
- PRBool isLoggedIn;
- PRBool hasLoggedIn;
- PRBool personalitiesLoaded;
- unsigned long slotID;
- unsigned long hitCount;
- HSESSION maciSession;
- CI_SERIAL_NUMBER openCardSerial;
- CI_STATE openCardState;
- CI_PERSON *personalityList;
- int numPersonalities;
- int numKeyRegisters;
- FortezzaKey **keyRegisters; /*Array of pointers to keys in registers*/
- FortezzaKey *keys; /*Linked list of all the keys*/
- void *registersLock;
-} FortezzaSocket;
-
-typedef struct PK11SessionStr *PK11SessionPtr;
-
-typedef struct FortezzaConstextStr {
- FortezzaKey *fortezzaKey;
- FortezzaSocket *fortezzaSocket;
- PK11SessionPtr session;
- CryptoType cryptoOperation;
- CK_MECHANISM_TYPE mechanism;
- CI_SAVE_DATA cardState;
- CI_IV cardIV;
- unsigned long userRamSize;
- CK_OBJECT_HANDLE hKey;
-} FortezzaContext;
-
-
-
-#endif /*_context_h_*/
diff --git a/security/nss/lib/fortcrypt/genci.h b/security/nss/lib/fortcrypt/genci.h
deleted file mode 100644
index f12ec9a77..000000000
--- a/security/nss/lib/fortcrypt/genci.h
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * the following header file switches between MACI and CI based on
- * compile options. That lest the rest of the source code operate
- * without change, even if it only suports CI_ calls, not MACI_ calls
- */
-#ifndef _GENCI_H_
-#define _GENCI_H_ 1
-#include "seccomon.h"
-
-#if defined (XP_UNIX) || defined (XP_WIN32) || defined (XP_OS2)
-
-/*
- * On unix, NT, Windows '95, and OS/2 we use full maci
- */
-#include "maci.h"
-
-#define MACI_SEL(x)
-
-/*
- * for sec-for.c
- */
-#define CI_Initialize MACI_Initialize
-#define CI_Terminate() { HSESSION hs;\
- MACI_GetSessionID(&hs);\
- MACI_Terminate(hs); }
-
-#else
-
-/*
- * On Mac we use the original CI_LIB
- */
-#include "cryptint.h"
-
-/*
- * MACI specific values not defined for CI lib
- */
-#define MACI_SESSION_EXCEEDED (-53)
-
-#ifndef HSESSION_DEFINE
-typedef unsigned int HSESSION;
-#define HSESSION_DEFINE
-#endif
-
-/*
- * Map MACI_ calls to CI_ calls. NOTE: this assumes the proper CI_Select
- * calls are issued in the CI_ case
- */
-#define MACI_ChangePIN(s,pin,old,new) CI_ChangePIN(pin,old,new)
-#define MACI_CheckPIN(s,type,pin) CI_CheckPIN(type,pin)
-#define MACI_Close(s,flag,socket) CI_Close(flag,socket)
-#define MACI_Decrypt(s,size,in,out) CI_Decrypt(size,in,out)
-#define MACI_DeleteCertificate(s,cert) CI_DeleteCertificate(cert)
-#define MACI_DeleteKey(s,index) CI_DeleteKey(index)
-#define MACI_Encrypt(s,size,in,out) CI_Encrypt(size,in,out)
-#define MACI_ExtractX(s,cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g) \
- CI_ExtractX(cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g)
-#define MACI_FirmwareUpdate(s,flags,Cksum,len,size,data) \
- CI_FirmwareUpdate(flags,Cksum,len,size,data)
-#define MACI_GenerateIV(s,iv) CI_GenerateIV(iv)
-#define MACI_GenerateMEK(s,index,res) CI_GenerateMEK(index,res)
-#define MACI_GenerateRa(s,Ra) CI_GenerateRa(Ra)
-#define MACI_GenerateRandom(s,ran) CI_GenerateRandom(ran)
-#define MACI_GenerateTEK(s,flag,index,Ra,Rb,size,Y) \
- CI_GenerateTEK(flag,index,Ra,Rb,size,Y)
-#define MACI_GenerateX(s,cert,type,pgSize,qSize,p,q,g,ySize,y) \
- CI_GenerateX(cert,type,pgSize,qSize,p,q,g,ySize,y)
-#define MACI_GetCertificate(s,cert,val) CI_GetCertificate(cert,val)
-#define MACI_GetConfiguration(s,config) CI_GetConfiguration(config)
-#define MACI_GetHash(s,size,data,val) CI_GetHash(size,data,val)
-#define MACI_GetPersonalityList(s,cnt,list) CI_GetPersonalityList(cnt,list)
-#define MACI_GetSessionID(s) CI_OK
-#define MACI_GetState(s,state) CI_GetState(state)
-#define MACI_GetStatus(s,status) CI_GetStatus(status)
-#define MACI_GetTime(s,time) CI_GetTime(time)
-#define MACI_Hash(s,size,data) CI_Hash(size,data)
-#define MACI_Initialize(count) CI_Initialize(count)
-#define MACI_InitializeHash(s) CI_InitializeHash()
-#define MACI_InstallX(s,cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g) \
- CI_InstallX(cert,type,pass,ySize,y,x,Ra,pgSize,qSize,p,q,g)
-#define MACI_LoadCertificate(s,cert,label,data,res) \
- CI_LoadCertificate(cert,label,data,res)
-#define MACI_LoadDSAParameters(s,pgSize,qSize,p,q,g) \
- CI_LoadDSAParameters(pgSize,qSize,p,q,g)
-#define MACI_LoadInitValues(s,seed,Ks) CI_LoadInitValues(seed,Ks)
-#define MACI_LoadIV(s,iv) CI_LoadIV(iv)
-#define MACI_LoadX(s,cert,type,pgSize,qSize,p,q,g,x,ySize,y) \
- CI_LoadX(cert,type,pgSize,qSize,p,q,g,x,ySize,y)
-#define MACI_Lock(s,flags) CI_Lock(flags)
-#define MACI_Open(s,flags,index) CI_Open(flags,index)
-#define MACI_RelayX(s,oPass,oSize,oY,oRa,oX,nPass,nSize,nY,nRa,nX) \
- CI_RelayX(oPass,oSize,oY,oRa,oX,nPass,nSize,nY,nRa,nX)
-#define MACI_Reset(s) CI_Reset()
-#define MACI_Restore(s,type,data) CI_Restore(type,data)
-#define MACI_Save(s,type,data) CI_Save(type,data)
-#define MACI_Select(s,socket) CI_Select(socket)
-#define MACI_SetConfiguration(s,typ,sz,d) CI_SetConfiguration(typ,sz,d)
-#define MACI_SetKey(s,key) CI_SetKey(key)
-#define MACI_SetMode(s,type,mode) CI_SetMode(type,mode)
-#define MACI_SetPersonality(s,index) CI_SetPersonality(index)
-#define MACI_SetTime(s,time) CI_SetTime(time)
-#define MACI_Sign(s,hash,sig) CI_Sign(hash,sig)
-#define MACI_Terminate(s) CI_Terminate()
-#define MACI_TimeStamp(s,val,sig,time) CI_TimeStamp(val,sig,time)
-#define MACI_Unlock(s) CI_Unlock()
-#define MACI_UnwrapKey(s,targ,wrap,key) CI_UnwrapKey(targ,wrap,key)
-#define MACI_VerifySignature(s,h,siz,y,sig) CI_VerifySignature(h,siz,y,sig)
-#define MACI_VerifyTimeStamp(s,hash,sig,tim) CI_VerityTimeStap(hash,sig,tim)
-#define MACI_WrapKey(s,src,wrap,key) CI_WrapKey(src,wrap,key)
-#define MACI_Zeroize(s) CI_Zeroize()
-
-#define MACI_SEL(x) CI_Select(x)
-#endif /* ! XP_UNIX */
-#endif /* _GENCI_H_ */
diff --git a/security/nss/lib/fortcrypt/globinst.htm b/security/nss/lib/fortcrypt/globinst.htm
deleted file mode 100644
index cd0a194d4..000000000
--- a/security/nss/lib/fortcrypt/globinst.htm
+++ /dev/null
@@ -1,139 +0,0 @@
-<HTML>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<SCRIPT>
-
-
-// ---------------------- Configuration variables ----------------
-var pkcs11jar="fortpk11.jar";
-//var pkcs11base="file://d|/dogbert/ns/dist/";
-pkcs11base="";
-
-var comm_platforms = pk_init_array (
- "Win32", "Win16", "Mac68k", "MacPPC",
- "AIX4.1", "HP-UXA.09", "HP-UXB.10",
- "SunOS4.1.3_U1", "SunOS5.4", "SunOS5.5.1" );
-var directories = pk_init_array (
- "win32", "win16", "none", "macppc",
- "aix", "hpux", "hpux",
- "sunos", "sol24",
- "sol251" );
-
-function mapPlatform(InPlat)
-{
- for (i=0; i < comm_platforms.length; i++) {
- if (InPlat == comm_platforms[i]) {
- return directories[i];
- }
- }
- return InPlat;
-}
-
-
-function pk_init_array()
-{
- var numArgs = pk_init_array.arguments.length;
- var a = new Array(numArgs);
-
- for (var i = 0; i < numArgs; i++) {
- a[i] = pk_init_array.arguments[i];
- }
- return a;
-}
-
-function getPlatform() {
- return navigator.platform;
-// var string = navigator.appVersion;
-// start = string.indexOf("(",0);
-// if (start == -1) {
-// return "unknown";
-// }
-// end = string.indexOf(";",start);
-// if (end == -1) {
-// end = string.indexOf(")",start);
-// }
-// if (end == -1) {
-// end = string.length;
-// }
-// platform = string.substring(start+1,end);
-// return platform;
-}
-
-function getURLPath() {
- var string = window.location.href;
- end = string.lastIndexOf("/");
- if (end == -1) {
- end = string.length-1;
- }
- return string.substring(0,end+1);
-}
-
-
-
-plat=getPlatform();
-platDir = mapPlatform(plat);
-if (pkcs11base == "") pkcs11base=getURLPath();
-
-if (plat == "MacPPC") {
- pkcs11jar= "macinst.htm"
-}
-
-function DoInstall(url) {
- window.location.href = url;
-}
-
-function DoCancel() {
- // set window.location.href to your home page if you wish
- //alert('Cancel Installation?');
- history.back();
-}
-
-// ------ Change the following for your own Message --------
-document.write("<CENTER><H1>Netscape Fortezza PKCS #11 Module Installer</H1>");
-document.write("</CENTER>");
-document.write("<Table><TR><TD>");
-document.write("<DD><p><IMG SRC=about:logo WIDTH=90 Height=77 NAME=LITRONIC></TD>");
-document.write("<TD VAlign=Center><i> Netscape Fortezza PKCS #11 Modules require Litronic's MACI drivers to be installed on your platform.");
-document.write(" If you haven't already installed theLitronic MACI drivers, please to do so now.</I>");
-document.write("</TD></TR></Table>");
-// ----- end of generic message section --------
-document.write("<p>Netscape has detected you are installing on <b>"+plat+"</b>.<br>");
-document.write("Installing: <b>"+pkcs11base+platDir+"/"+pkcs11jar+"</b><br>");
-document.write("<FORM>");
-document.write("<CENTER><Table><TR><TD><Input Type=Button name=install value='Install Now' onclick=DoInstall("+ "\"" +pkcs11base+platDir+"/"+pkcs11jar+"\""+")>");
-document.write("</TD><TD><Input type=Button name=cancel value=Cancel Onclick=DoCancel()>");
-document.write("</TD></TR></Table></CENTER>");
-document.write("</FORM>");
-document.close();
-</SCRIPT>
-</HTML>
diff --git a/security/nss/lib/fortcrypt/handinst.htm b/security/nss/lib/fortcrypt/handinst.htm
deleted file mode 100644
index f816432e1..000000000
--- a/security/nss/lib/fortcrypt/handinst.htm
+++ /dev/null
@@ -1,180 +0,0 @@
-<HTML>
-<TITLE>Generic PKCS #11 Installer</TITLE>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<SCRIPT>
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-var new_window;
-var has_new_window = 0;
-
-function HandleCipher(checkBox) {
- if (checkBox.checked) {
- pkcs11MechanismFlags |= checkBox.value;
- } else {
- pkcs11MechanismFlags &= ~checkBox.value;
- }
-}
-
-function HandleSSL(checkBox) {
- if (checkBox.checked) {
- pkcs11CipherFlags |= checkBox.value;
- } else {
- pkcs11CipherFlags &= ~checkBox.value;
- }
-}
-
-function colonize(string) {
- len = string.length;
- end = len -1;
-
- if (len == 0) return string;
-
-
- for (i=0; i < len; i++) {
- if (string.charAt(i) == "/") {
- if (i == 0) {
- new_string = ":" + string.substring(1,len);
- } else if (i == end) {
- new_string = string.substring(0,i)+':';
- } else {
- new_string = string.substring(0,i)+':'+
- string.substring(i+1,len);
- }
- string = new_string;
- }
- }
-
- if (string.charAt(0) == ":") string = string.substring(1,len);
- return string;
-}
-
-function DoInstall(name,module) {
- if ((navigator.platform == "MacPPC")
- || (navigator.platform == "Mac68K")) {
- module = colonize(module);
- }
- result = pkcs11.addmodule(name, module,
- pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- }
- if (has_new_window) new_window.close();
-}
-
-default_name = "Netscape FORTEZZA Module"
-
-default_module = "D:/dogbert/ns/dist/WIN32_D.OBJ/bin/fort32.dll"
-document.writeln("<FORM name=instform target=_self> <H2>PKCS #11 Installer</H2>");
-document.writeln(" Module name: <Input Type=Text Name=modName value=\""+default_name+"\" size=50 required><br>");
-document.writeln(" Module Library: <Input Type=FILE required Name=module><p>");
-document.writeln("<hr><TABLE><TR><TD>");
-document.writeln("<Input type=Checkbox name=RSA value="+PKCS11_MECH_RSA_FLAG+" onclick=HandleCipher(document.instform.RSA)> RSA<br>");
-document.writeln("<Input type=Checkbox name=DSA value="+PKCS11_MECH_DSA_FLAG+" onclick=HandleCipher(document.instform.DSA)> DSA<br>");
-document.writeln("<Input type=Checkbox name=RC2 value="+PKCS11_MECH_RC2_FLAG+" onclick=HandleCipher(document.instform.RC2)> RC2<br>");
-document.writeln("<Input type=Checkbox name=RC4 value="+PKCS11_MECH_RC4_FLAG+" onclick=HandleCipher(document.instform.RC4)> RC4<br>");
-document.writeln("</TD><TD>");
-document.writeln("<Input type=Checkbox name=DES value="+PKCS11_MECH_DES_FLAG+" onclick=HandleCipher(document.instform.DES)> DES<br>");
-document.writeln("<Input type=Checkbox name=DH value="+PKCS11_MECH_DH_FLAG+" onclick=HandleCipher(document.instform.DH)> DH<br>");
-document.writeln("<Input type=Checkbox name=SKIPJACK value="+PKCS11_MECH_SKIPJACK_FLAG+" onclick=HandleCipher(document.instform.SKIPJACK)> SKIPJACK<br>");
-document.writeln("<Input type=Checkbox name=RC5 value="+PKCS11_MECH_RC5_FLAG+" onclick=HandleCipher(document.instform.RC5)> RC5<br>");
-document.writeln("</TD><TD>");
-document.writeln("<Input type=Checkbox name=SHA1 value="+PKCS11_MECH_SHA1_FLAG+" onclick=HandleCipher(document.instform.SHA1)> SHA1<br>");
-document.writeln("<Input type=Checkbox name=MD5 value="+PKCS11_MECH_MD5_FLAG+" onclick=HandleCipher(document.instform.MD5)> MD5<br>");
-document.writeln("<Input type=Checkbox name=MD2 value="+PKCS11_MECH_MD2_FLAG+" onclick=HandleCipher(document.instform.MD2)> MD2<br>");
-document.writeln("</TD><TD>");
-document.writeln("<Input type=Checkbox name=Random value="+PKCS11_MECH_RANDOM_FLAG+" CHECKED onclick=HandleCipher(document.instform.Random)> Random Number Generation<br>");
-document.writeln("<Input type=Checkbox name=readCert value="+PKCS11_PUB_READABLE_CERT_FLAG+" onclick=HandleCipher(document.instform.ReadCert)> Public Readable Certificates<br>");
-document.writeln("<Input type=Checkbox name=Disable value="+PKCS11_DISABLE_FLAG+" onclick=HandleCipher(document.instform.Disable)> Disable<br>");
-document.writeln("</TD></TR></TABLE>");
-document.writeln("<hr>");
-document.writeln("<Input type=Checkbox name=fortssl value="+ PKCS11_CIPHER_FORTEZZA_FLAG +" checked onclick=HandleSSL(document.instform.fortssl)> Enable FORTEZZA menus<br>");
-document.writeln("<hr>");
-document.write("<Input type=submit Name=Install Value=Install onclick=DoInstall(");
-document.writeln( "document.instform.modName.value,document.instform.module.value) >");
-document.writeln("</FORM>");
-</SCRIPT>
diff --git a/security/nss/lib/fortcrypt/homeinst.htm b/security/nss/lib/fortcrypt/homeinst.htm
deleted file mode 100644
index a0583fbc7..000000000
--- a/security/nss/lib/fortcrypt/homeinst.htm
+++ /dev/null
@@ -1,211 +0,0 @@
-<HTML>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<SCRIPT>
-
-
-// ---------------------- Configuration variables ----------------
-var pkcs11jar="bin/fortWIN32.jar";
-var pkcs11base="ftp://sweetlou/products/client/dogbert/new";
-//pkcs11base="";
-win_file = "libfort.jar"
-unix = "libfort-v404b9."
-mac_file = "macinst.htm"
-
-
-var winDates = pk_init_array (
- "oct_02a_404", "oct_01a_404" );
-
-var unixDates = pk_init_array (
- "current", "Oct_02", "Oct_O1");
-
-
-var comm_platforms = pk_init_array (
- "Win32", "Win16", "Mac68k", "MacPPC",
- "AIX4.1", "HP-UXA.09", "HP-UXB.10",
- "SunOS4.1.3_U1", "SunOS5.4", "SunOS5.5.1",
- "BSD_3861.1","BSD_3862.1", "FreeBSD2", "IRIX5.3", "IRIX6.2",
- "LinuxELF1.2","LinusELF2.0","NCR4.0","NEC4.2","OSF1V3","SCOOS5.0",
- "SINIX-N5.42","SunOS5.4_i86pc","UNIXWARE2.1",
- "OS23.0","OS24.0");
-var isSupport = pk_init_array ( 1, 1, 0, 1,
- 1, 1, 1,
- 1, 1, 1, 1,
- 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0,
- 0, 0, 0,
- 0, 0 );
-var directories = pk_init_array (
- "32bit/fortezza", "16bit/fortezza", "", "404-fortezza-items",
- "aix4", "hpux", "hpux10",
- "sunos4", "sol24", "sol251",
- // not really supported
- "bsdi", "bsdi2", "freebsd", "irix53", "irix62",
- "linux12","linux20","ncr","nec","osf132","sco",
- "sinix","solx86","unixware",
- "" ,"" );
-var files = pk_init_array (
- win_file, win_file, mac_file, mac_file,
- unix+"rs6000-ibm-aix4.jar",unix+"hppa1.1-hp-hpux9.jar",
- unix+"hppa1.1-hp-hpux10.jar",
- unix+"sparc-sun-sunos4.1.3_U1.jar",unix+"sparc-sun-solaris2.4.jar",
- unix+"sparc-sun-solaris2.5.1.jar",
- unix+"x86-bsdi-bsd.jar",unix+"x86-bsdi-bsd2.jar",
- unix+"x86-unknown-freebsd.jar",
- unix+"mips-sgi-irix5.3.jar",unix+"mips-sgi-irix6.2.jar",
- unix+"x86-unknown-linix1.2.jar",unix+"x86-unknown-linix2.0.jar",
- unix+"x86-ncr-sysv5.jar",unix+"mips-nec-uxv4.2.jar",
- unix+"alpha-dec-osf3.2.jar",unix+"x86-sco-opensv5.0.2",
- unix+"mips-sni-reliantunix.jar",unix+"x86-sun-solaris2.4.jar",
- unix+"x86-sco-unixware2.1.jar",
- win_file, win_file );
-
-function isSupported(InPlat)
-{
- for (i=0; i < comm_platforms.length; i++) {
- if (InPlat == comm_platforms[i]) {
- return isSupport[i];
- }
- }
- return 0;
-}
-
-function mapPlatform(InPlat)
-{
- for (i=0; i < comm_platforms.length; i++) {
- if (InPlat == comm_platforms[i]) {
- return directories[i];
- }
- }
- return InPlat;
-}
-
-function mapFile(InPlat)
-{
- for (i=0; i < comm_platforms.length; i++) {
- if (InPlat == comm_platforms[i]) {
- return files[i];
- }
- }
- return unix+"unknown-unknown-unknown.jar";
-}
-
-function mapDate(platform) {
- if ((platform == "MacPPC") || (platform == "Mac68K")) {
- return "";
- } else if ((platform == "Win32") || (platform == "Win16")) {
- return "/oct_2a_404";
- } else if ((platform == "OS23.0") || (platform == "OS24.0")) {
- return "";
- }
- return "/current/signed";
-}
-function mapBaseDir(platform) {
- if ((platform == "MacPPC") || (platform == "Mac68K")) {
- return "mac";
- } else if ((platform == "Win32") || (platform == "Win16")) {
- return "windows"
- } else if ((platform == "OS23.0") || (platform == "OS24.0")) {
- return "os2";
- }
- return "unix/Fortezza";
-}
-
-function pk_init_array()
-{
- var numArgs = pk_init_array.arguments.length;
- var a = new Array(numArgs);
-
- for (var i = 0; i < numArgs; i++) {
- a[i] = pk_init_array.arguments[i];
- }
- return a;
-}
-
-function getPlatform() {
- return navigator.platform;
-}
-
-function getURLPath() {
- var string = window.location.href;
- end = string.lastIndexOf("/");
- if (end == -1) {
- end = string.length-1;
- }
- return string.substring(0,end+1);
-}
-
-
-
-plat=getPlatform();
-platDir = mapPlatform(plat);
-platFile = mapFile(plat);
-platBase = mapBaseDir(plat);
-platDate = mapDate(plat);
-if (pkcs11base == "") pkcs11base=getURLPath();
-pkcs11loc=pkcs11base+"/"+platBase+"/"+platDir + platDate + "/" + platFile;
-
-
-
-function DoInstall(url) {
- window.location.href = url;
-}
-
-function DoCancel() {
- // set window.location.href to your home page if you wish
- //alert('Cancel Installation?');
- history.back();
-}
-
-// ------ Change the following for your own Message --------
-document.write("<CENTER><H1>Netscape Fortezza PKCS #11 Module Installer</H1>");
-document.write("</CENTER>");
-document.write("<Table><TR><TD>");
-document.write("<DD><p><IMG SRC=litronic.gif WIDTH=110 Height=63 NAME=LITRONIC></TD>");
-document.write("<TD VAlign=Center><i> Netscape Fortezza PKCS #11 Modules require Litronic's MACI drivers to be installed on your platform.");
-document.write(" If you haven't already installed theLitronic MACI drivers, please to do so now.</I>");
-document.write("</TD></TR></Table>");
-// ----- end of generic message section --------
-document.write("<p>Netscape has detected you are installing on <b>"+plat+"</b>.<br>");
-if (!isSupported(plat)) {
- document.write("<b>This platform is currently not suppported for FORTEZZA</b><br>");
-}
-document.write("Installing: <b>"+pkcs11loc+"</b><br>");
-document.write("<FORM>");
-document.write("<CENTER><Table><TR><TD><Input Type=Button name=install value='Install Now' onclick=DoInstall("+ "\"" +pkcs11loc+"\""+")>");
-document.write("</TD><TD><Input type=Button name=cancel value=Cancel Onclick=DoCancel()>");
-document.write("</TD></TR></Table></CENTER>");
-document.write("</FORM>");
-document.close();
-</SCRIPT>
-</HTML>
diff --git a/security/nss/lib/fortcrypt/inst.js b/security/nss/lib/fortcrypt/inst.js
deleted file mode 100644
index 2c2b1ab64..000000000
--- a/security/nss/lib/fortcrypt/inst.js
+++ /dev/null
@@ -1,268 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-//
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-//
-// The Original Code is the Netscape security libraries.
-//
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation. Portions created by Netscape are
-// Copyright (C) 1994-2000 Netscape Communications Corporation. All
-// Rights Reserved.
-//
-// Contributor(s):
-//
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable
-// instead of those above. If you wish to allow use of your
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL. If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-////////////////////////////////////////////////////////////////////////////////////////
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-var pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-var pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3; // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2; // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1; // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1; // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2; // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3; // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4; // Error deleting a module
-JS_ERR_ADD_MODULE = -5; // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6; // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7; // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8; // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9; // The SSL, S/MIME cipher flags are invalid
-JS_ERR_ADD_MODULE_DULICATE =-10; // Module with the same name already installed
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Find out which library is to be installed depending on the platform
-
-// pathname seperator is platform specific
-var sep = "/";
-var vendor = "netscape";
-var moduleName = "not_supported";
-var plat = navigator.platform;
-
-var dir = "pkcs11/" + vendor + "/" + plat + "/";
-if (plat == "Win16") {
- dir = "pkcs11/";
-}
-
-bAbort = false;
-if (plat == "Win32") {
- moduleName = "fort32.dll";
- sep = "\\";
-} else if (plat == "Win16") {
- moduleName = "FORT16.DLL";
- sep = "\\";
-} else if (plat == "MacPPC") {
- moduleName = "FortPK11Lib";
- sep = ":";
-} else if (plat == "AIX4.1") {
- moduleName = "libfort_shr.a";
-} else if (plat == "SunOS4.1.3_U1") {
- moduleName = "libfort.so.1.0";
-} else if ((plat == "SunOS5.4") || (plat == "SunOS5.5.1")){
- moduleName = "libfort.so";
-} else if ((plat == "HP-UXA.09") || (plat == "HP-UXB.10")){
- moduleName = "libfort.sl";
-} else if (plat == "IRIX6.2"){
- // The module only works on 6.3, but Communicator returns 6.2 even when
- // running 6.3. So in order to prevent the user from thinking
- // the module actually works on 6.2, we will force the name to
- // say 6.3 instead of 6.2. In the even the user tries to install
- // on 6.2, the user will see 6.3 instead. If they don't get it that
- // it's not going to work at this point in time, then the entire install
- // process wil just fail miserably, and that is OK.
- plat = "IRIX6.3";
- moduleName = "libfort.so";
-} else {
- window.alert("Sorry, platform "+plat+" is not supported.");
- bAbort = true;
-}
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Installation Begins...
-if (!bAbort) {
-if (confirm("This script will install a security module. \nIt may over-write older files having the same name. \nDo you want to continue?")) {
- // Step 1. Create a version object and a software update object
- vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module");
- // "Fortezza ... Module" is the logical name of the bundle
-
- ////////////////////////////////////////
- // Step 2. Start the install process
- bAbort = false;
- err = su.StartInstall("NSfortezza", // NSfortezza is the component folder (logical)
- vi,
- netscape.softupdate.SoftwareUpdate.FULL_INSTALL);
-
- bAbort = (err!=0);
-
- if (err == 0) {
- ////////////////////////////////////////
- // Step 3. Find out the physical location of the Program dir
- Folder = su.GetFolder("Program");
-
- ////////////////////////////////////////
- // Step 4. Install the files. Unpack them and list where they go
-
- err = su.AddSubcomponent("FortezzaLibrary_"+plat, //component name (logical)
- vi, // version info
- moduleName, // source file in JAR (physical)
- Folder, // target folder (physical)
- dir + moduleName, // target path & filename (physical)
- true); // forces update
- if (err != 0) {
- if (err == -200) {
- errmsg = "Bad Package Name.";
- } else if (err == -201) {
- errmsg = "Unexpected error.";
- } else if (err == -203) {
- errmsg = "Installation script was signed by more than one certificate.";
- } else if (err == -204) {
- errmsg = "Installation script was not signed."
- } else if (err == -205) {
- errmsg = "The file to be installed is not signed."
- } else if (err == -206) {
- errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script.";
- } else if (err == -207) {
- errmsg = "JAR archive has not been opened."
- } else if (err == -208) {
- errmsg = "Bad arguments to AddSubcomponent( )."
- } else if (err == -209) {
- errmsg = "Illegal relative path( )."
- } else if (err == -210) {
- errmsg = "User cancelled installation."
- } else if (err == -211) {
- errmsg = "A problem occurred with the StartInstall( )."
- } else {
- errmsg = "Unknown error";
- }
- window.alert("Error adding sub-component: "+"("+err+")"+errmsg);
- //window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
- bAbort = true;
- }
- }
-
- ////////////////////////////////////////
- // Step 5. Unless there was a problem, move files to final location
- // and update the Client Version Registry
- if (bAbort) {
- su.AbortInstall();
- } else {
- err = su.FinalizeInstall();
-
- if (err != 0) {
-
- if (err == -900) {
- errmsg = "Restart the computer, and install again.";
- } else if (err == -201) {
- errmsg = "Unexpected error.";
- } else if (err == -202) {
- errmsg = "Access denied. Make sure you have the permissions to write to the disk.";
- } else if (err == -203) {
- errmsg = "Installation script was signed by more than one certificate.";
- } else if (err == -204) {
- errmsg = "Installation script was not signed."
- } else if (err == -205) {
- errmsg = "The file to be installed is not signed."
- } else if (err == -206) {
- errmsg = "The file to be installed is not present, or it was signed with a different certificate than the one used to sign the install script."
- } else if (err == -207) {
- errmsg = "JAR archive has not been opened."
- } else if (err == -208) {
- errmsg = "Bad arguments to AddSubcomponent( )."
- } else if (err == -209) {
- errmsg = "Illegal relative path( )."
- } else if (err == -210) {
- errmsg = "User cancelled installation."
- } else if (err == -211) {
- errmsg = "A problem occurred with the StartInstall( )."
- } else {
- errmsg = "\nIf you have FORTEZZA module already installed, try deleting it first.";
- }
- window.alert("Error Finalizing Install: "+"("+err+")"+errmsg);
- //window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
-
- } else {
-
- // Platform specific full path
- if (plat=="Win16") {
- fullpath = Folder + "pkcs11" + sep + moduleName;
- } else {
- fullpath = Folder + "pkcs11" + sep + vendor + sep + plat + sep + moduleName;
- }
-
- ////////////////////////////////////////
- // Step 6: Call pkcs11.addmodule() to register the newly downloaded module
- moduleCommonName = "Netscape FORTEZZA Module " + plat;
- result = pkcs11.addmodule(moduleCommonName,
- fullpath,
- pkcs11MechanismFlags,
- pkcs11CipherFlags);
- if (result == -10) {
- window.alert("New module was copied to destination, \nbut setup failed because a module "
- +"with the same name has been installed. \nTry deleting the module "
- + moduleCommonName +" first.")
- } else if (result < 0) {
- window.alert("New module was copied to destination, but setup failed. Error code: " + result);
- }
- }
- }
-}
-}
diff --git a/security/nss/lib/fortcrypt/inst_PPC.js b/security/nss/lib/fortcrypt/inst_PPC.js
deleted file mode 100644
index 490910fff..000000000
--- a/security/nss/lib/fortcrypt/inst_PPC.js
+++ /dev/null
@@ -1,134 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-//
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-//
-// The Original Code is the Netscape security libraries.
-//
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation. Portions created by Netscape are
-// Copyright (C) 1994-2000 Netscape Communications Corporation. All
-// Rights Reserved.
-//
-// Contributor(s):
-//
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable
-// instead of those above. If you wish to allow use of your
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL. If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-
-if (confirm("This script will install and configure a security module, do you want to continue?")) {
- // Step 1. Create a version object and a software update object
- vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module");
- // "Fortezza ... Module" is the logical name of the bundle
-
- // Step 2. Start the install process
- bAbort = false;
- err = su.StartInstall("NSfortezza", vi, netscape.softupdate.SoftwareUpdate.FULL_INSTALL);
- // nsfortezza is the component folder (logical)
- bAbort = bAbort || (err !=0);
-
- if (err == 0) {
-
- // Step 3. Find out the physical location of the Program dir
- Folder = su.GetFolder("Program");
-
- // Step 4. Install the files. Unpack them and list where they go
- err = su.AddSubcomponent("FortezzaCardDLL", //component name (logical)
- vi, // version info
- "FortPK11Lib", // source file in JAR (physical)
- Folder, // target folder (physical)
- "FortPK11Lib", // target path & filename (physical)
- this.force); // forces update
- bAbort = bAbort || (err !=0);
- }
-
- // Step 5. Unless there was a problem, move files to final location
- // and update the Client Version Registry
- if (bAbort) {
- window.alert("Installation Aborted");
- su.AbortInstall();
- } else {
- err = su.FinalizeInstall();
- window.alert("Files have been installed.\nContinue to setup the newly isntalled module...");
- // Add Module
- compFolder = su.GetComponentFolder("NSfortezza/FortezzaCardDLL") + "/FortPK11Lib";
- result = pkcs11.addmodule("Netscape FORTEZZA Module", compFolder, pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- } else {
- window.alert("New module setup completed.");
- }
- }
-}
diff --git a/security/nss/lib/fortcrypt/install.js b/security/nss/lib/fortcrypt/install.js
deleted file mode 100644
index e823e213b..000000000
--- a/security/nss/lib/fortcrypt/install.js
+++ /dev/null
@@ -1,134 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-//
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-//
-// The Original Code is the Netscape security libraries.
-//
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation. Portions created by Netscape are
-// Copyright (C) 1994-2000 Netscape Communications Corporation. All
-// Rights Reserved.
-//
-// Contributor(s):
-//
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable
-// instead of those above. If you wish to allow use of your
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL. If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-
-if (confirm("This script will install and configure a security module, do you want to continue?")) {
- // Step 1. Create a version object and a software update object
- vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module");
- // "Fortezza ... Module" is the logical name of the bundle
-
- // Step 2. Start the install process
- bAbort = false;
- err = su.StartInstall("NSfortezza", vi, netscape.softupdate.SoftwareUpdate.FULL_INSTALL);
- // nsfortezza is the component folder (logical)
- bAbort = bAbort || (err !=0);
-
- if (err == 0) {
-
- // Step 3. Find out the physical location of the Program dir
- Folder = su.GetFolder("Program");
-
- // Step 4. Install the files. Unpack them and list where they go
- err = su.AddSubcomponent("FortezzaCardDLL", //component name (logical)
- vi, // version info
- "DUMMY_DLL", // source file in JAR (physical)
- Folder, // target folder (physical)
- "DUMMY_DLL", // target path & filename (physical)
- this.force); // forces update
- bAbort = bAbort || (err !=0);
- }
-
- // Step 5. Unless there was a problem, move files to final location
- // and update the Client Version Registry
- if (bAbort) {
- window.alert("Installation Aborted");
- su.AbortInstall();
- } else {
- err = su.FinalizeInstall();
- window.alert("Files have been installed.\nContinue to setup the newly isntalled module...");
- // Add Module
- compFolder = su.GetComponentFolder("NSfortezza/FortezzaCardDLL") + "/DUMMY_DLL";
- result = pkcs11.addmodule("Netscape FORTEZZA Module", compFolder, pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- } else {
- window.alert("New module setup completed.");
- }
- }
-}
diff --git a/security/nss/lib/fortcrypt/maci.c b/security/nss/lib/fortcrypt/maci.c
deleted file mode 100644
index a0120b771..000000000
--- a/security/nss/lib/fortcrypt/maci.c
+++ /dev/null
@@ -1,901 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "seccomon.h"
-
-#if defined( _WIN32 ) || defined( __WIN32__ )
-#define RETURN_TYPE extern _declspec( dllexport ) int _cdecl
-#endif /* Windows */
-#include "maci.h"
-
-
-RETURN_TYPE
-MACI_ChangePIN PROTO_LIST( (
- HSESSION hSession,
- int PINType,
- CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPIN ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_CheckPIN PROTO_LIST( (
- HSESSION hSession,
- int PINType,
- CI_PIN CI_FAR pPIN ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Close PROTO_LIST( (
- HSESSION hSession,
- unsigned int Flags,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Decrypt PROTO_LIST( (
- HSESSION hSession,
- unsigned int CipherSize,
- CI_DATA pCipher,
- CI_DATA pPlain ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_DeleteCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_DeleteKey PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Encrypt PROTO_LIST( (
- HSESSION hSession,
- unsigned int PlainSize,
- CI_DATA pPlain,
- CI_DATA pCipher ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_ExtractX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_FirmwareUpdate PROTO_LIST( (
- HSESSION hSession,
- unsigned long Flags,
- long Cksum,
- unsigned int CksumLength,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateIV PROTO_LIST( (
- HSESSION hSession,
- CI_IV CI_FAR pIV ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateMEK PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex,
- int Reserved ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateRa PROTO_LIST( (
- HSESSION hSession,
- CI_RA CI_FAR pRa ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateRandom PROTO_LIST( (
- HSESSION hSession,
- CI_RANDOM CI_FAR pRandom ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateTEK PROTO_LIST( (
- HSESSION hSession,
- int Flags,
- int RegisterIndex,
- CI_RA CI_FAR pRa,
- CI_RB CI_FAR pRb,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GenerateX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- CI_CERTIFICATE CI_FAR pCertificate ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetConfiguration PROTO_LIST( (
- HSESSION hSession,
- CI_CONFIG_PTR pConfiguration ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetHash PROTO_LIST( (
- HSESSION hSession,
- unsigned int DataSize,
- CI_DATA pData,
- CI_HASHVALUE CI_FAR pHashValue ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetPersonalityList PROTO_LIST( (
- HSESSION hSession,
- int EntryCount,
- CI_PERSON CI_FAR pPersonalityList[] ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetSessionID PROTO_LIST( (
- HSESSION *hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetState PROTO_LIST( (
- HSESSION hSession,
- CI_STATE_PTR pState ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetStatus PROTO_LIST( (
- HSESSION hSession,
- CI_STATUS_PTR pStatus ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_GetTime PROTO_LIST( (
- HSESSION hSession,
- CI_TIME CI_FAR pTime ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Hash PROTO_LIST( (
- HSESSION hSession,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Initialize PROTO_LIST( (
- int CI_FAR *SocketCount ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_InitializeHash PROTO_LIST( (
- HSESSION hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_InstallX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pWrappedX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- CI_CERT_STR CI_FAR pCertLabel,
- CI_CERTIFICATE CI_FAR pCertificate,
- long Reserved ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadDSAParameters PROTO_LIST( (
- HSESSION hSession,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadInitValues PROTO_LIST( (
- HSESSION hSession,
- CI_RANDSEED CI_FAR pRandSeed,
- CI_KS CI_FAR pKs ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadIV PROTO_LIST( (
- HSESSION hSession,
- CI_IV CI_FAR pIV ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_LoadX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- CI_X CI_FAR pX,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Lock PROTO_LIST( (
- HSESSION hSession,
- int Flags ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Open PROTO_LIST( (
- HSESSION hSession,
- unsigned int Flags,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_RelayX PROTO_LIST( (
- HSESSION hSession,
- CI_PASSWORD CI_FAR pOldPassword,
- unsigned int OldYSize,
- CI_Y CI_FAR pOldY,
- CI_RA CI_FAR pOldRa,
- CI_WRAPPED_X CI_FAR pOldWrappedX,
- CI_PASSWORD CI_FAR pNewPassword,
- unsigned int NewYSize,
- CI_Y CI_FAR pNewY,
- CI_RA CI_FAR pNewRa,
- CI_WRAPPED_X CI_FAR pNewWrappedX ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Reset PROTO_LIST( (
- HSESSION hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Restore PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Save PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Select PROTO_LIST( (
- HSESSION hSession,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetConfiguration PROTO_LIST( (
- HSESSION hSession,
- int Type,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetKey PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetMode PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- int CryptoMode ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetPersonality PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_SetTime PROTO_LIST( (
- HSESSION hSession,
- CI_TIME CI_FAR pTime ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Sign PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Terminate PROTO_LIST( (
- HSESSION hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_TimeStamp PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Unlock PROTO_LIST( (
- HSESSION hSession) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_UnwrapKey PROTO_LIST( (
- HSESSION hSession,
- int UnwrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_VerifySignature PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_SIGNATURE CI_FAR pSignature ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_VerifyTimeStamp PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_WrapKey PROTO_LIST( (
- HSESSION hSession,
- int WrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-MACI_Zeroize PROTO_LIST( (
- HSESSION hSession ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_ChangePIN PROTO_LIST( (
- int PINType,
- CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPIN ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_CheckPIN PROTO_LIST( (
- int PINType,
- CI_PIN CI_FAR pPIN ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Close PROTO_LIST( (
- unsigned int Flags,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Decrypt PROTO_LIST( (
- unsigned int CipherSize,
- CI_DATA pCipher,
- CI_DATA pPlain ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_DeleteCertificate PROTO_LIST( (
- int CertificateIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_DeleteKey PROTO_LIST( (
- int RegisterIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Encrypt PROTO_LIST( (
- unsigned int PlainSize,
- CI_DATA pPlain,
- CI_DATA pCipher ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_ExtractX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_FirmwareUpdate PROTO_LIST( (
- unsigned long Flags,
- long Cksum,
- unsigned int CksumLength,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateIV PROTO_LIST( (
- CI_IV CI_FAR pIV ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateMEK PROTO_LIST( (
- int RegisterIndex,
- int Reserved ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateRa PROTO_LIST( (
- CI_RA CI_FAR pRa ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateRandom PROTO_LIST( (
- CI_RANDOM CI_FAR pRandom ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateTEK PROTO_LIST( (
- int Flags,
- int RegisterIndex,
- CI_RA CI_FAR pRa,
- CI_RB CI_FAR pRb,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GenerateX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetCertificate PROTO_LIST( (
- int CertificateIndex,
- CI_CERTIFICATE CI_FAR pCertificate ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetConfiguration PROTO_LIST( (
- CI_CONFIG_PTR pConfiguration ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetHash PROTO_LIST( (
- unsigned int DataSize,
- CI_DATA pData,
- CI_HASHVALUE CI_FAR pHashValue ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetPersonalityList PROTO_LIST( (
- int EntryCount,
- CI_PERSON CI_FAR pPersonalityList[] ) ) {
- return CI_ERROR;
-}
-
-
-RETURN_TYPE
-CI_GetState PROTO_LIST( (
- CI_STATE_PTR pState ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetStatus PROTO_LIST( (
- CI_STATUS_PTR pStatus ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_GetTime PROTO_LIST( (
- CI_TIME CI_FAR pTime ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Hash PROTO_LIST( (
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Initialize PROTO_LIST( (
- int CI_FAR *SocketCount ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_InitializeHash PROTO_LIST( () ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_InstallX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pWrappedX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadCertificate PROTO_LIST( (
- int CertificateIndex,
- CI_CERT_STR CI_FAR pCertLabel,
- CI_CERTIFICATE CI_FAR pCertificate,
- long Reserved ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadDSAParameters PROTO_LIST( (
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadInitValues PROTO_LIST( (
- CI_RANDSEED CI_FAR pRandSeed,
- CI_KS CI_FAR pKs ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadIV PROTO_LIST( (
- CI_IV CI_FAR pIV ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_LoadX PROTO_LIST( (
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- CI_X CI_FAR pX,
- unsigned int YSize,
- CI_Y CI_FAR pY ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Lock PROTO_LIST( (
- int Flags ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Open PROTO_LIST( (
- unsigned int Flags,
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_RelayX PROTO_LIST( (
- CI_PASSWORD CI_FAR pOldPassword,
- unsigned int OldYSize,
- CI_Y CI_FAR pOldY,
- CI_RA CI_FAR pOldRa,
- CI_WRAPPED_X CI_FAR pOldWrappedX,
- CI_PASSWORD CI_FAR pNewPassword,
- unsigned int NewYSize,
- CI_Y CI_FAR pNewY,
- CI_RA CI_FAR pNewRa,
- CI_WRAPPED_X CI_FAR pNewWrappedX ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Reset PROTO_LIST( ( ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Restore PROTO_LIST( (
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Save PROTO_LIST( (
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Select PROTO_LIST( (
- int SocketIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetConfiguration PROTO_LIST( (
- int Type,
- unsigned int DataSize,
- CI_DATA pData ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetKey PROTO_LIST( (
- int RegisterIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetMode PROTO_LIST( (
- int CryptoType,
- int CryptoMode ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetPersonality PROTO_LIST( (
- int CertificateIndex ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_SetTime PROTO_LIST( (
- CI_TIME CI_FAR pTime ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Sign PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Terminate PROTO_LIST( ( ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_TimeStamp PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_Unlock PROTO_LIST( () ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_UnwrapKey PROTO_LIST( (
- int UnwrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_VerifySignature PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_SIGNATURE CI_FAR pSignature ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_VerifyTimeStamp PROTO_LIST( (
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) ) {
- return CI_ERROR;
-}
-
-RETURN_TYPE
-CI_WrapKey PROTO_LIST( (
- int WrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) ) {
- return CI_ERROR;
-}
-
diff --git a/security/nss/lib/fortcrypt/maci.h b/security/nss/lib/fortcrypt/maci.h
deleted file mode 100644
index eb38ff81c..000000000
--- a/security/nss/lib/fortcrypt/maci.h
+++ /dev/null
@@ -1,776 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* @(#)maci.h 1.27\t05 Jan 1996 */
-/*****************************************************************************
- Definitive Fortezza header file.
- Application Level Interface to Fortezza MACI Library.
-
- Version for CI Library 1.52
- January 5, 1996
-
-
- NOTICE: Fortezza Export Policy
-
- The Fortezza Cryptologic Interface (CI) Library (both source and
- object) and Fortezza CI Library based applications are defense
- articles, as defined in the International Traffic In Arms
- Regulations (ITAR), and are subject to export controls under the
- ITAR and the Arms Export Control Act. Any export to any country
- of (a) the Fortezza CI Library, related documentation, and
- technical data, or (b) your cryptographic application, process,
- or service that is the direct product of, or contains the
- Fortezza CI Library must comply with the requirements of the ITAR.
- If you or your customer intends to engage in such export, contact
- the United States Department of State, Office of Defense Trade
- Controls for specific guidance.
-
-
- ****************************************************************************/
-#ifndef __MACI_H
-#define __MACI_H
-
-#if __cplusplus__ || __cplusplus
-extern "C"
-{
-#endif /* C++ */
-
-
-#ifndef __CRYPTINT_H
-
-#ifndef PROTO_LIST
-#ifdef _K_AND_R_
-#define PROTO_LIST(list) ()
-#else
-#define PROTO_LIST(list) list
-#endif /*_K_AND_R_ */
-#endif /* PROTO_LIST */
-
-
-#ifndef RETURN_TYPE
-#if defined( _WIN32 ) || defined( __WIN32__ )
-#define RETURN_TYPE extern _declspec( dllimport ) int _cdecl
-#elif defined( _WINDOWS ) || defined( _Windows )
-#define RETURN_TYPE extern int _far _pascal
-#else
-#define RETURN_TYPE extern int
-#endif /* Windows */
-#endif /* RETURN_TYPE */
-
-/* MS Visual C++ defines _MSDOS and _WINDOWS */
-/* Borland C/C++ defines __MSDOS__ and _Windows */
-#if (defined( _WINDOWS ) || defined( _Windows )) && \
- !(defined( _WIN32 ) || defined( __WIN32__ ))
-#define CI_FAR _far
-#else
-#define CI_FAR
-#endif /* MS DOS or Windows */
-
-
-/*****************************************************************************
- Constants
- ****************************************************************************/
-#define CI_LIB_VERSION_VAL 0x0152 /* Version 1.52 */
-
-#define CI_CERT_SIZE 2048
-#define CI_CERT_FLAGS_SIZE 16
-#define CI_CERT_NAME_SIZE 32
-#define CI_CHALLENGE_SIZE 20
-
-#define CI_G_SIZE 128
-
-#define CI_HASHVALUE_SIZE 20
-
-#define CI_IV_SIZE 24
-
-#define CI_KEY_SIZE 12
-#define CI_KS_SIZE 10
-
-#define CI_NAME_SIZE 32
-
-#define CI_PASSWORD_SIZE 24
-#define CI_PIN_SIZE 12
-#define CI_P_SIZE 128
-
-#define CI_Q_SIZE 20
-
-#define CI_R_SIZE 40
-#define CI_RANDOM_NO_SIZE 20
-#define CI_RANDOM_SEED_SIZE 8
-#define CI_RA_SIZE 128
-#define CI_RB_SIZE 128
-#define CI_REG_FLAGS_SIZE 4
-
-#define CI_S_SIZE 40
-#define CI_SAVE_DATA_SIZE 28
-#define CI_SERIAL_NUMBER_SIZE 8
-#define CI_SIGNATURE_SIZE 40
-#define CI_STATUS_FLAGS_SIZE 4
-
-#define CI_TIME_SIZE 16
-#define CI_TIMESTAMP_SIZE 16
-
-#define CI_WRAPPED_X_SIZE 24
-
-#define CI_Y_SIZE 128
-
-#define CI_X_SIZE 20
-
-
-/* Miscellaneous */
-#define CI_NULL_FLAG 0
-#define CI_POWER_DOWN_FLAG 2
-#define CI_NO_LOG_OFF_FLAG 4
-#define CI_INITIATOR_FLAG 0
-#define CI_RECIPIENT_FLAG 1
-
-#define CI_BLOCK_LOCK_FLAG 1
-#define CI_SSO_LOGGED_ON 0x40
-#define CI_USER_LOGGED_ON 0x00
-#define CI_FAST_MODE 0x10
-#define CI_SLOW_MODE 0x00
-#define CI_WORST_CASE_MODE 0x40
-#define CI_TYPICAL_CASE_MODE 0x00
-
-/* Card Public Key Algorithms Types */
-#define CI_DSA_TYPE 0xA
-#define CI_KEA_TYPE 0x5
-#define CI_DSA_KEA_TYPE 0xF
-
-/* Fortezza Pin Types */
-#define CI_SSO_PIN 0x25
-#define CI_USER_PIN 0x2A
-
-/* Crypto Types */
-#define CI_ENCRYPT_TYPE 0
-#define CI_DECRYPT_TYPE 1
-#define CI_HASH_TYPE 2
-
-/* Save and Restore Types */
-#define CI_ENCRYPT_INT_TYPE 0x00 /* Internal Encryption */
-#define CI_ENCRYPT_EXT_TYPE 0x10 /* External Encryption */
-#define CI_DECRYPT_INT_TYPE 0x01 /* Internal Decryption */
-#define CI_DECRYPT_EXT_TYPE 0x11 /* External Decryption */
-#define CI_HASH_INT_TYPE 0x02 /* Internal Hash */
-#define CI_HASH_EXT_TYPE 0x12 /* External Hash */
-#define CI_TYPE_EXT_FLAG 0x10 /* Used to differentiate */
-
-/* Configuration types */
-#define CI_SET_SPEED_TYPE 1
-#define CI_SET_TIMING_TYPE 2
-
-/* Lock States */
-#define CI_SOCKET_UNLOCKED 0
-#define CI_HOLD_LOCK 1
-#define CI_SOCKET_LOCKED 2
-
-/* Fortezza Crypto Types Modes */
-#define CI_ECB64_MODE 0
-#define CI_CBC64_MODE 1
-#define CI_OFB64_MODE 2
-#define CI_CFB64_MODE 3
-#define CI_CFB32_MODE 4
-#define CI_CFB16_MODE 5
-#define CI_CFB8_MODE 6
-
-/* Card States */
-#define CI_POWER_UP 0
-#define CI_UNINITIALIZED 1
-#define CI_INITIALIZED 2
-#define CI_SSO_INITIALIZED 3
-#define CI_LAW_INITIALIZED 4
-#define CI_USER_INITIALIZED 5
-#define CI_STANDBY 6
-#define CI_READY 7
-#define CI_ZEROIZE 8
-#define CI_INTERNAL_FAILURE (-1)
-
-/* Flags for Firmware Update. */
-#if !defined( _K_AND_R_ )
-
-#define CI_NOT_LAST_BLOCK_FLAG 0x00000000UL
-#define CI_LAST_BLOCK_FLAG 0x80000000UL
-#define CI_DESTRUCTIVE_FLAG 0x000000FFUL
-#define CI_NONDESTRUCTIVE_FLAG 0x0000FF00UL
-
-#else
-
-#define CI_NOT_LAST_BLOCK_FLAG 0x00000000L
-#define CI_LAST_BLOCK_FLAG 0x80000000L
-#define CI_DESTRUCTIVE_FLAG 0x000000FFL
-#define CI_NONDESTRUCTIVE_FLAG 0x0000FF00L
-
-#endif /* _K_AND_R_ */
-
-/****************************************************************************
- Fortezza Library Return Codes
- ***************************************************************************/
-
-/* Card Responses */
-#define CI_OK 0
-#define CI_FAIL 1
-#define CI_CHECKWORD_FAIL 2
-#define CI_INV_TYPE 3
-#define CI_INV_MODE 4
-#define CI_INV_KEY_INDEX 5
-#define CI_INV_CERT_INDEX 6
-#define CI_INV_SIZE 7
-#define CI_INV_HEADER 8
-#define CI_INV_STATE 9
-#define CI_EXEC_FAIL 10
-#define CI_NO_KEY 11
-#define CI_NO_IV 12
-#define CI_NO_X 13
-
-#define CI_NO_SAVE 15
-#define CI_REG_IN_USE 16
-#define CI_INV_COMMAND 17
-#define CI_INV_POINTER 18
-#define CI_BAD_CLOCK 19
-#define CI_NO_DSA_PARMS 20
-
-/* Library Errors */
-#define CI_ERROR (-1)
-#define CI_LIB_NOT_INIT (-2)
-#define CI_CARD_NOT_READY (-3)
-#define CI_CARD_IN_USE (-4)
-#define CI_TIME_OUT (-5)
-#define CI_OUT_OF_MEMORY (-6)
-#define CI_NULL_PTR (-7)
-#define CI_BAD_SIZE (-8)
-#define CI_NO_DECRYPT (-9)
-#define CI_NO_ENCRYPT (-10)
-#define CI_NO_EXECUTE (-11)
-#define CI_BAD_PARAMETER (-12)
-#define CI_OUT_OF_RESOURCES (-13)
-
-#define CI_NO_CARD (-20)
-#define CI_NO_DRIVER (-21)
-#define CI_NO_CRDSRV (-22)
-#define CI_NO_SCTSRV (-23)
-
-#define CI_BAD_CARD (-30)
-#define CI_BAD_IOCTL (-31)
-#define CI_BAD_READ (-32)
-#define CI_BAD_SEEK (-33)
-#define CI_BAD_WRITE (-34)
-#define CI_BAD_FLUSH (-35)
-#define CI_BAD_IOSEEK (-36)
-#define CI_BAD_ADDR (-37)
-
-#define CI_INV_SOCKET_INDEX (-40)
-#define CI_SOCKET_IN_USE (-41)
-#define CI_NO_SOCKET (-42)
-#define CI_SOCKET_NOT_OPENED (-43)
-#define CI_BAD_TUPLES (-44)
-#define CI_NOT_A_CRYPTO_CARD (-45)
-
-#define CI_INVALID_FUNCTION (-50)
-#define CI_LIB_ALRDY_INIT (-51)
-#define CI_SRVR_ERROR (-52)
-#define MACI_SESSION_EXCEEDED (-53)
-
-
-/*****************************************************************************
- Data Structures
- ****************************************************************************/
-
-
-typedef unsigned char CI_CERTIFICATE[CI_CERT_SIZE];
-
-typedef unsigned char CI_CERT_FLAGS[CI_CERT_FLAGS_SIZE];
-
-typedef unsigned char CI_CERT_STR[CI_CERT_NAME_SIZE+4];
-
-typedef unsigned char CI_FAR *CI_DATA;
-
-typedef unsigned char CI_G[CI_G_SIZE];
-
-typedef unsigned char CI_HASHVALUE[CI_HASHVALUE_SIZE];
-
-typedef unsigned char CI_IV[CI_IV_SIZE];
-
-typedef unsigned char CI_KEY[CI_KEY_SIZE];
-
-typedef unsigned char CI_KS[CI_KS_SIZE];
-
-typedef unsigned char CI_P[CI_P_SIZE];
-
-typedef unsigned char CI_PASSWORD[CI_PASSWORD_SIZE + 4];
-
-typedef unsigned char CI_PIN[CI_PIN_SIZE + 4];
-
-typedef unsigned char CI_Q[CI_Q_SIZE];
-
-typedef unsigned char CI_RA[CI_RA_SIZE];
-
-typedef unsigned char CI_RB[CI_RB_SIZE];
-
-typedef unsigned char CI_RANDOM[CI_RANDOM_NO_SIZE];
-
-typedef unsigned char CI_RANDSEED[CI_RANDOM_SEED_SIZE];
-
-typedef unsigned char CI_REG_FLAGS[CI_REG_FLAGS_SIZE];
-
-typedef unsigned char CI_SIGNATURE[CI_SIGNATURE_SIZE];
-
-typedef unsigned char CI_SAVE_DATA[CI_SAVE_DATA_SIZE];
-
-typedef unsigned char CI_SERIAL_NUMBER[CI_SERIAL_NUMBER_SIZE];
-
-typedef unsigned int CI_STATE, CI_FAR *CI_STATE_PTR;
-
-typedef unsigned char CI_TIME[CI_TIME_SIZE];
-
-typedef unsigned char CI_TIMESTAMP[CI_TIMESTAMP_SIZE];
-
-typedef unsigned char CI_WRAPPED_X[CI_WRAPPED_X_SIZE];
-
-typedef unsigned char CI_Y[CI_Y_SIZE];
-
-typedef unsigned char CI_X[CI_X_SIZE];
-
-typedef struct {
- int LibraryVersion; /* CI Library version */
- int ManufacturerVersion; /* Card's hardware version */
- char ManufacturerName[CI_NAME_SIZE+4]; /* Card manufacturer's name*/
- char ProductName[CI_NAME_SIZE+4]; /* Card's product name */
- char ProcessorType[CI_NAME_SIZE+4]; /* Card's processor type */
- unsigned long UserRAMSize; /* Amount of User RAM in bytes */
- unsigned long LargestBlockSize; /* Largest block of data to pass in */
- int KeyRegisterCount; /* Number of key registers */
- int CertificateCount; /* Maximum number of personalities (# certs-1) */
- int CryptoCardFlag; /* A flag that if non-zero indicates that there is
- a Crypto-Card in the socket. If this value is
- zero then there is NOT a Crypto-Card in the
- sockets. */
- int ICDVersion; /* The ICD compliance level */
- int ManufacturerSWVer; /* The Manufacturer's Software Version */
- int DriverVersion; /* Driver Version */
-} CI_CONFIG, CI_FAR *CI_CONFIG_PTR;
-
-typedef struct {
- int CertificateIndex; /* Index from 1 to CertificateCount */
- CI_CERT_STR CertLabel; /* The certificate label */
-} CI_PERSON, CI_FAR *CI_PERSON_PTR;
-
-typedef struct {
- int CurrentSocket; /* The currently selected socket */
- int LockState; /* Lock status of the current socket */
- CI_SERIAL_NUMBER SerialNumber; /* Serial number of the Crypto Engine chip */
- CI_STATE CurrentState; /* State of The Card */
- int DecryptionMode; /* Decryption mode of The Card */
- int EncryptionMode; /* Encryption mode of The Card */
- int CurrentPersonality; /* Index of the current personality */
- int KeyRegisterCount; /* No. of Key Register on The Card */
- CI_REG_FLAGS KeyRegisterFlags; /* Bit Masks indicating Key Register use */
- int CertificateCount; /* No. of Certificates on The Card */
- CI_CERT_FLAGS CertificateFlags; /* Bit Mask indicating certificate use */
- unsigned char Flags[CI_STATUS_FLAGS_SIZE];
- /* Flag[0] : bit 6 for Condition mode */
- /* bit 4 for Clock mode */
-} CI_STATUS, CI_FAR *CI_STATUS_PTR;
-
-#endif
-
-/* Session constants */
-#ifndef HSESSION_DEFINE
-typedef unsigned int HSESSION;
-#define HSESSION_DEFINE
-#endif
-#define MAXSESSION 100
-
-/*****************************************************************************
- Function Call Prototypes
- ****************************************************************************/
-
-RETURN_TYPE
-MACI_ChangePIN PROTO_LIST( (
- HSESSION hSession,
- int PINType,
- CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPIN ) );
-
-RETURN_TYPE
-MACI_CheckPIN PROTO_LIST( (
- HSESSION hSession,
- int PINType,
- CI_PIN CI_FAR pPIN ) );
-
-RETURN_TYPE
-MACI_Close PROTO_LIST( (
- HSESSION hSession,
- unsigned int Flags,
- int SocketIndex ) );
-
-RETURN_TYPE
-MACI_Decrypt PROTO_LIST( (
- HSESSION hSession,
- unsigned int CipherSize,
- CI_DATA pCipher,
- CI_DATA pPlain ) );
-
-RETURN_TYPE
-MACI_DeleteCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex ) );
-
-RETURN_TYPE
-MACI_DeleteKey PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex ) );
-
-RETURN_TYPE
-MACI_Encrypt PROTO_LIST( (
- HSESSION hSession,
- unsigned int PlainSize,
- CI_DATA pPlain,
- CI_DATA pCipher ) );
-
-RETURN_TYPE
-MACI_ExtractX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-MACI_FirmwareUpdate PROTO_LIST( (
- HSESSION hSession,
- unsigned long Flags,
- long Cksum,
- unsigned int CksumLength,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-MACI_GenerateIV PROTO_LIST( (
- HSESSION hSession,
- CI_IV CI_FAR pIV ) );
-
-RETURN_TYPE
-MACI_GenerateMEK PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex,
- int Reserved ) );
-
-RETURN_TYPE
-MACI_GenerateRa PROTO_LIST( (
- HSESSION hSession,
- CI_RA CI_FAR pRa ) );
-
-RETURN_TYPE
-MACI_GenerateRandom PROTO_LIST( (
- HSESSION hSession,
- CI_RANDOM CI_FAR pRandom ) );
-
-RETURN_TYPE
-MACI_GenerateTEK PROTO_LIST( (
- HSESSION hSession,
- int Flags,
- int RegisterIndex,
- CI_RA CI_FAR pRa,
- CI_RB CI_FAR pRb,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-MACI_GenerateX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-MACI_GetCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- CI_CERTIFICATE CI_FAR pCertificate ) );
-
-RETURN_TYPE
-MACI_GetConfiguration PROTO_LIST( (
- HSESSION hSession,
- CI_CONFIG_PTR pConfiguration ) );
-
-RETURN_TYPE
-MACI_GetHash PROTO_LIST( (
- HSESSION hSession,
- unsigned int DataSize,
- CI_DATA pData,
- CI_HASHVALUE CI_FAR pHashValue ) );
-
-RETURN_TYPE
-MACI_GetPersonalityList PROTO_LIST( (
- HSESSION hSession,
- int EntryCount,
- CI_PERSON CI_FAR pPersonalityList[] ) );
-
-RETURN_TYPE
-MACI_GetSessionID PROTO_LIST( (
- HSESSION *hSession ) );
-
-RETURN_TYPE
-MACI_GetState PROTO_LIST( (
- HSESSION hSession,
- CI_STATE_PTR pState ) );
-
-RETURN_TYPE
-MACI_GetStatus PROTO_LIST( (
- HSESSION hSession,
- CI_STATUS_PTR pStatus ) );
-
-RETURN_TYPE
-MACI_GetTime PROTO_LIST( (
- HSESSION hSession,
- CI_TIME CI_FAR pTime ) );
-
-RETURN_TYPE
-MACI_Hash PROTO_LIST( (
- HSESSION hSession,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-MACI_Initialize PROTO_LIST( (
- int CI_FAR *SocketCount ) );
-
-RETURN_TYPE
-MACI_InitializeHash PROTO_LIST( (
- HSESSION hSession ) );
-
-RETURN_TYPE
-MACI_InstallX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- CI_PASSWORD CI_FAR pPassword,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_WRAPPED_X CI_FAR pWrappedX,
- CI_RA CI_FAR pRa,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-MACI_LoadCertificate PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- CI_CERT_STR CI_FAR pCertLabel,
- CI_CERTIFICATE CI_FAR pCertificate,
- long Reserved ) );
-
-RETURN_TYPE
-MACI_LoadDSAParameters PROTO_LIST( (
- HSESSION hSession,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG ) );
-
-RETURN_TYPE
-MACI_LoadInitValues PROTO_LIST( (
- HSESSION hSession,
- CI_RANDSEED CI_FAR pRandSeed,
- CI_KS CI_FAR pKs ) );
-
-RETURN_TYPE
-MACI_LoadIV PROTO_LIST( (
- HSESSION hSession,
- CI_IV CI_FAR pIV ) );
-
-RETURN_TYPE
-MACI_LoadX PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex,
- int AlgorithmType,
- unsigned int PandGSize,
- unsigned int QSize,
- CI_P CI_FAR pP,
- CI_Q CI_FAR pQ,
- CI_G CI_FAR pG,
- CI_X CI_FAR pX,
- unsigned int YSize,
- CI_Y CI_FAR pY ) );
-
-RETURN_TYPE
-MACI_Lock PROTO_LIST( (
- HSESSION hSession,
- int Flags ) );
-
-RETURN_TYPE
-MACI_Open PROTO_LIST( (
- HSESSION hSession,
- unsigned int Flags,
- int SocketIndex ) );
-
-RETURN_TYPE
-MACI_RelayX PROTO_LIST( (
- HSESSION hSession,
- CI_PASSWORD CI_FAR pOldPassword,
- unsigned int OldYSize,
- CI_Y CI_FAR pOldY,
- CI_RA CI_FAR pOldRa,
- CI_WRAPPED_X CI_FAR pOldWrappedX,
- CI_PASSWORD CI_FAR pNewPassword,
- unsigned int NewYSize,
- CI_Y CI_FAR pNewY,
- CI_RA CI_FAR pNewRa,
- CI_WRAPPED_X CI_FAR pNewWrappedX ) );
-
-RETURN_TYPE
-MACI_Reset PROTO_LIST( (
- HSESSION hSession ) );
-
-RETURN_TYPE
-MACI_Restore PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) );
-
-RETURN_TYPE
-MACI_Save PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- CI_SAVE_DATA CI_FAR pData ) );
-
-RETURN_TYPE
-MACI_Select PROTO_LIST( (
- HSESSION hSession,
- int SocketIndex ) );
-
-RETURN_TYPE
-MACI_SetConfiguration PROTO_LIST( (
- HSESSION hSession,
- int Type,
- unsigned int DataSize,
- CI_DATA pData ) );
-
-RETURN_TYPE
-MACI_SetKey PROTO_LIST( (
- HSESSION hSession,
- int RegisterIndex ) );
-
-RETURN_TYPE
-MACI_SetMode PROTO_LIST( (
- HSESSION hSession,
- int CryptoType,
- int CryptoMode ) );
-
-RETURN_TYPE
-MACI_SetPersonality PROTO_LIST( (
- HSESSION hSession,
- int CertificateIndex ) );
-
-RETURN_TYPE
-MACI_SetTime PROTO_LIST( (
- HSESSION hSession,
- CI_TIME CI_FAR pTime ) );
-
-RETURN_TYPE
-MACI_Sign PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature ) );
-
-RETURN_TYPE
-MACI_Terminate PROTO_LIST( (
- HSESSION hSession ) );
-
-RETURN_TYPE
-MACI_TimeStamp PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) );
-
-RETURN_TYPE
-MACI_Unlock PROTO_LIST( (
- HSESSION hSession) );
-
-RETURN_TYPE
-MACI_UnwrapKey PROTO_LIST( (
- HSESSION hSession,
- int UnwrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) );
-
-RETURN_TYPE
-MACI_VerifySignature PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- unsigned int YSize,
- CI_Y CI_FAR pY,
- CI_SIGNATURE CI_FAR pSignature ) );
-
-RETURN_TYPE
-MACI_VerifyTimeStamp PROTO_LIST( (
- HSESSION hSession,
- CI_HASHVALUE CI_FAR pHashValue,
- CI_SIGNATURE CI_FAR pSignature,
- CI_TIMESTAMP CI_FAR pTimeStamp ) );
-
-RETURN_TYPE
-MACI_WrapKey PROTO_LIST( (
- HSESSION hSession,
- int WrapIndex,
- int KeyIndex,
- CI_KEY CI_FAR pKey ) );
-
-RETURN_TYPE
-MACI_Zeroize PROTO_LIST( (
- HSESSION hSession ) );
-
-#if __cplusplus__ || __cplusplus
-}
-#endif /* C++ */
-
-#endif /* CRYPTINT_H */
-
diff --git a/security/nss/lib/fortcrypt/macinst.htm b/security/nss/lib/fortcrypt/macinst.htm
deleted file mode 100644
index cf3988157..000000000
--- a/security/nss/lib/fortcrypt/macinst.htm
+++ /dev/null
@@ -1,148 +0,0 @@
-<HTML>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<TITLE>MAC Installer</TITLE>
-
-<SCRIPT>
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-pkcs11MechanismFlags = PKCS11_MECH_RANDOM_FLAG;
-
-
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3 // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2 // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1 // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1 // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2 // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4 // Error deleting a module
-JS_ERR_ADD_MODULE = -5 // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6 // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7 // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8 // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9 // The SSL, S/MIME cipher flags are invalid
-
-var new_window;
-var has_new_window = 0;
-
-function colonize(string) {
- len = string.length;
- end = len -1;
-
- if (len == 0) return string;
-
-
- for (i=0; i < len; i++) {
- if (string.charAt(i) == "/") {
- if (i == 0) {
- new_string = ":" + string.substring(1,len);
- } else if (i == end) {
- new_string = string.substring(0,i)+':';
- } else {
- new_string = string.substring(0,i)+':'+
- string.substring(i+1,len);
- }
- string = new_string;
- }
- }
-
- if (string.charAt(0) == ":") string = string.substring(1,len);
- return string;
-}
-
-function DoInstall(module) {
- module = colonize(module);
- result = pkcs11.addmodule("Netscape FORTEZZA Module", module, pkcs11MechanismFlags, pkcs11CipherFlags);
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- }
- if (has_new_window) new_window.close();
-}
-
-function DoUnpack(name) {
- new_window = open(name,"unpacking","toolbar=no,location=no,status=yes,scrollbar=no,width=50,height=50");
- has_new_window = 1;
-}
-
-filename=navigator.platform+".hqx"
-
-default_module = "D:/dogbert/ns/dist/WIN32_D.OBJ/bin/fort32.dll"
-document.writeln("<FORM name=instform target=_self> <H2>Mac Fortezza Installer</H2>");
-document.writeln("<I>You must first unpack the <b>"+filename+"</b> file.");
-document.writeln(" Do that by clicking on button below.</i><p>");
-document.writeln("<Input type=button value=Unpack name=unpack onclick=DoUnpack(\""+filename+"\"); ><p>");
-document.writeln("<I>Then move <b>FortPK11Lib</b> to an appropriate directory ");
-document.writeln(" enter that directory below, then click the Install button.</i><p>");
-document.writeln(" Module Name: <Input Type=FILE Name=module><p>");
-document.write("<Input type=submit Name=Install Value=Install onclick=DoInstall(");
-document.writeln( "document.instform.module.value) >");
-document.writeln("</FORM>");
-</SCRIPT>
diff --git a/security/nss/lib/fortcrypt/manifest.mn b/security/nss/lib/fortcrypt/manifest.mn
deleted file mode 100644
index 6dc9019c4..000000000
--- a/security/nss/lib/fortcrypt/manifest.mn
+++ /dev/null
@@ -1,50 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = security
-LIBRARY_NAME = fort
-#LIBRARY_VERSION = 32
-
-DIRS = swfort
-
-CSRCS = forsock.c \
- fortpk11.c \
- fmutex.c \
- $(NULL)
-
-EXPORTS =
-PRIVATE_EXPORTS = maci.h cryptint.h
-
-REQUIRES = security dbm
-
diff --git a/security/nss/lib/fortcrypt/replace.c b/security/nss/lib/fortcrypt/replace.c
deleted file mode 100644
index b4c5edd18..000000000
--- a/security/nss/lib/fortcrypt/replace.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-# include <stdio.h>
-# include <string.h>
-
-int main(int argc, char* argv[]) {
- FILE *templ;
- FILE *target;
- unsigned char buffer[81];
- unsigned char *find, *replace;
- int matchcount = 0;
- int ch;
- int len;
-
- buffer[0] = '\0';
-
- if (argc != 5) {
- fprintf(stderr, "usuage: replace template.js searchstring replacestring target.js \n");
- return 1;
- }
-
- templ = fopen(argv[1], "r");
- if (!templ) {
- fprintf(stderr, "Cannot open template script %s\n", argv[1]);
- return 2;
- }
-
- find = (unsigned char*) argv[2];
- replace = (unsigned char*) argv[3];
-
- target = fopen(argv[4], "w");
- if (!target) {
- fclose(templ);
- fprintf(stderr, "Cannot write to target script %s\n", argv[4]);
- return 3;
- }
-
- for (len = 0; find[len]!='\0'; len++);
-
- if (len > 80) {
- fprintf(stderr, "length of searchstring exceeds 80 chars");
- return 4;
- }
-
- /* get a char from templ */
- while ((int)(ch=fgetc(templ)) != EOF) {
- if ((unsigned char)ch == find[matchcount]) {
- /* if it matches find[matchcount],
- * then store one more char in buffer,
- * increase match count, and checks if
- * the whole word has been found */
- buffer[matchcount] = (unsigned char) ch;
- buffer[++matchcount] = '\0';
-
- if (matchcount == len) {
- matchcount = 0;
- fprintf(target, "%s", replace);
- }
- } else {
- /* reset matchcount, flush buffer */
- if (matchcount > 0) {
- fprintf(target, "%s", buffer);
- matchcount = 0;
- }
- fputc(ch, target);
- }
- }
- fclose(templ);
- fclose(target);
- return 0;
-}
diff --git a/security/nss/lib/fortcrypt/secmodjar.html b/security/nss/lib/fortcrypt/secmodjar.html
deleted file mode 100644
index f093a5965..000000000
--- a/security/nss/lib/fortcrypt/secmodjar.html
+++ /dev/null
@@ -1,441 +0,0 @@
-<HTML>
-<--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
--->
-<HEAD>
- <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
- <META NAME="Author" CONTENT="Hoi-Sheung Wilson So">
- <META NAME="GENERATOR" CONTENT="Mozilla/4.02 [en] (WinNT; I) [Netscape]">
- <TITLE>How to Package Your Security Module for use with SmartUpdate</TITLE>
-</HEAD>
-<BODY>
-<FONT SIZE=+2>Using
-JAR Installation Manager Technology to Install Your PKCS11 Security Module</FONT>
-
-<P>Table of contents
-<BR><A HREF="#intro">I. Introduction</A>
-<BR><A HREF="#procedure">II. How to Create a Security Module JAR</A>
-<BR><A HREF="#samplescript">III. Sample Installer Script</A>
-<BR><A HREF="#reference">IV. Programmers' Reference</A>
-<BR><A HREF="#copyright">VI. Copyright Notice</A>
-<BR><A NAME="intro"></A><FONT SIZE=+1>I. Introduction</FONT>
-<BR>This docuemnt describes how to prepare your security module so that
-users can download it from the Internet, verify its integrity, and install
-by only pointing and clicking mouses.&nbsp; The packaged module is a signed
-JAR archive. This JAR archive contains a dynamically-linked library which
-implements the Security Module and a pice of installer script (.js) that
-registers and configures the newly installed module.&nbsp; SmartUpdate
-allows users to download JAR archinve that has been signed digitally by
-the software vendor.&nbsp; SmartUpdate then decompresses the JAR file,
-verify the signature and validity of the files packaged into the archive.&nbsp;
-If the signature is valid, SmartUpdate will run the installer script found
-in the archive.&nbsp; The installer script will instruct SmartUpdate to
-move the downloaded security module library to a specified location.&nbsp;
-Next, the script will register the module with Navigator, and configure
-it.
-
-<P>This document does not describe how SmartUpdate works.&nbsp; For more
-information about SmartUpdate, check out <A HREF="http://developer.netscape.com/library/documentation/communicator/jarman/index.htm">JAR
-Installation Manager</A>.
-
-<P><A NAME="procedure"></A><FONT SIZE=+1>II. How to Create a Security Module
-JAR</FONT>
-<OL>
-<LI>
-Obtain a copy of PKCS#11: Cryptographic Token Interface Standard Version
-2.00, published by <A HREF="http://www.rsa.com">RSA Laboratories</A>, Redwood
-City, California.</LI>
-
-<LI>
-Implement a PKCS#11 library according to PKCS#11 standards.</LI>
-
-<LI>
-Write a installer script that will register the module with Navigator.</LI>
-
-<LI>
-Use either JAR Packager or command line tool to package the library and
-the script in a signed JAR archive.</LI>
-
-<LI>
-Publish the JAR file on the web, and notify users to install/upgrade their
-library.</LI>
-</OL>
-<A NAME="samplescript"></A><FONT SIZE=+1>III. Sample Installer Script</FONT>
-
-<P>Functions of the following installer script:
-<BR>1. Start SmartUpdate and declares the version and the name of the module
-to be installed.
-<BR>2. Extract a library called DUMMY_DLL from the JAR archive and install
-it under the Netscape Program folder.
-<BR>3. Register the installed module by calling pkcs11.addmodule( ) method
-with information about the capabilities of the module.
-<BR>4. Check to see if pkcs11.addmodule( ) has been successful, and display
-appropriate messages.
-
-<P><TT>// Crypto Mechanism Flags</TT>
-<BR><TT>PKCS11_MECH_RSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;0;</TT>
-<BR><TT>PKCS11_MECH_DSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;1;</TT>
-<BR><TT>PKCS11_MECH_RC2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;2;</TT>
-<BR><TT>PKCS11_MECH_RC4_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;3;</TT>
-<BR><TT>PKCS11_MECH_DES_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;4;</TT>
-<BR><TT>PKCS11_MECH_DH_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;5; //Diffie-Hellman</TT>
-<BR><TT>PKCS11_MECH_SKIPJACK_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&nbsp;
-0x1&lt;&lt;6; //SKIPJACK algorithm as in Fortezza cards</TT>
-<BR><TT>PKCS11_MECH_RC5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;7;</TT>
-<BR><TT>PKCS11_MECH_SHA1_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;8;</TT>
-<BR><TT>PKCS11_MECH_MD5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;9;</TT>
-<BR><TT>PKCS11_MECH_MD2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;10;</TT>
-<BR><TT>PKCS11_MECH_RANDOM_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;27; //Random number generator</TT>
-<BR><TT>PKCS11_PUB_READABLE_CERT_FLAG&nbsp; =&nbsp; 0x1&lt;&lt;28; //Stored
-certs can be read off the token w/o logging in</TT>
-<BR><TT>PKCS11_DISABLE_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;30; //tell Navigator to disable this slot by default</TT>
-
-<P><TT>// Important:</TT>
-<BR><TT>// 0x1&lt;&lt;11, 0x1&lt;&lt;12, ... , 0x1&lt;&lt;26, and 0x1&lt;&lt;31
-are reserved</TT>
-<BR><TT>// for internal use in Navigator.</TT>
-<BR><TT>// Therefore, these bits should always be set to 0; otherwise,</TT>
-<BR><TT>// Navigator might exhibit unpredictable behavior.</TT>
-
-<P><TT>// These flags indicate which mechanisms should be turned on by</TT>
-<BR><TT>pkcs11MechanismFlags = PKCS11_MECH_DSA_FLAG | PKCS11_MECH_SKIPJACK_FLAG
-| PKCS11_MECH_RANDOM_FLAG;</TT>
-<BR><TT>&nbsp;</TT>
-
-<P><TT>// Ciphers that support SSL or S/MIME</TT>
-<BR><TT>PKCS11_CIPHER_FORTEZZA_FLAG&nbsp;&nbsp;&nbsp; = 0x1&lt;&lt;0;</TT>
-
-<P><TT>// Important:</TT>
-<BR><TT>// 0x1&lt;&lt;11, 0x1&lt;&lt;12, ... , 0x1&lt;&lt;26, 0x1&lt;&lt;29,
-and 0x1&lt;&lt;31 are reserved</TT>
-<BR><TT>// for internal use in Navigator.</TT>
-<BR><TT>// Therefore, these bits should ALWAYS be set to 0; otherwise,</TT>
-<BR><TT>// Navigator might exhibit unpredictable behavior.</TT>
-
-<P><TT>// These flags indicate which SSL ciphers are supported</TT>
-<BR><TT>pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;</TT>
-<BR><TT>&nbsp;</TT>
-
-<P><TT>// Return values of pkcs11.addmodule() &amp; pkcs11.delmodule()</TT>
-<BR><TT>// success codes</TT>
-<BR><TT>JS_OK_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 3 // Successfully added a module</TT>
-<BR><TT>JS_OK_DEL_EXTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 2 // Successfully deleted ext. module</TT>
-<BR><TT>JS_OK_DEL_INTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 1 // Successfully deleted int. module</TT>
-
-<P><TT>// failure codes</TT>
-<BR><TT>JS_ERR_OTHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -1 // Other errors than the followings</TT>
-<BR><TT>JS_ERR_USER_CANCEL_ACTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -2 // User abort an action</TT>
-<BR><TT>JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect
-# of arguments</TT>
-<BR><TT>JS_ERR_DEL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -4 // Error deleting a module</TT>
-<BR><TT>JS_ERR_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -5 // Error adding a module</TT>
-<BR><TT>JS_ERR_BAD_MODULE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -6 // The module name is invalid</TT>
-<BR><TT>JS_ERR_BAD_DLL_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -7 // The DLL name is bad</TT>
-<BR><TT>JS_ERR_BAD_MECHANISM_FLAGS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -8 // The mechanism flags are invalid</TT>
-<BR><TT>JS_ERR_BAD_CIPHER_ENABLE_FLAGS&nbsp;&nbsp; = -9 // The SSL, S/MIME
-cipher flags are invalid</TT>
-<BR>&nbsp;
-
-<P><TT>if (confirm("This script will install and configure a security module,
-do you want to continue?")) {</TT>
-<BR><TT>&nbsp;// Step 1. Create a version object and a software update
-object</TT>
-<BR><TT>&nbsp;vi = new netscape.softupdate.VersionInfo(1, 6, 0, 0);</TT>
-<BR><TT>&nbsp;su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza
-Card PKCS#11 Module");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-// "Fortezza ... Module" is the logical name of the bundle</TT>
-
-<P><TT>&nbsp;// Step 2. Start the install process</TT>
-<BR><TT>&nbsp;bAbort = false;</TT>
-<BR><TT>&nbsp;err = su.StartInstall("litronic", vi, netscape.softupdate.SoftwareUpdate.FULL_INSTALL);</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-// litronic is the component folder (logical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; bAbort = bAbort || (err
-!=0);</TT>
-
-<P><TT>&nbsp;if (err == 0) {</TT>
-
-<P><TT>&nbsp;&nbsp;&nbsp; // Step 3. Find out the physical location of
-the Program dir</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; Folder = su.GetFolder("Program");</TT>
-
-<P><TT>&nbsp;&nbsp;&nbsp; // Step 4. Install the files. Unpack them and
-list where they go</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; err = su.AddSubcomponent("FortezzaCardDLL",
-//component name (logical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-vi, // version info</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-"DUMMY_DLL", // source file in JAR (physical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-Folder, // target folder (physical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-"DUMMY_DLL", // target path &amp; filename (physical)</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-this.force); // forces update</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; bAbort = bAbort || (err !=0);</TT>
-<BR><TT>&nbsp;}</TT>
-
-<P><TT>&nbsp;// Step 5. Unless there was a problem, move files to final
-location</TT>
-<BR><TT>&nbsp;// and update the Client Version Registry</TT>
-<BR><TT>&nbsp;if (bAbort) {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; window.alert("Installation Aborted");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; su.AbortInstall();</TT>
-<BR><TT>&nbsp;} else {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; err = su.FinalizeInstall();</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; window.alert("Files have been installed.\nContinue
-to setup the newly isntalled module...");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; // Add Module</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; compFolder = su.GetComponentFolder("litronic/FortezzaCardDLL")
-+ "/DUMMY_DLL";</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp; result = pkcs11.addmodule("Fortezza", compFolder,
-pkcs11MechanismFlags, pkcs11CipherFlags);</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if
-( result &lt; 0) {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-window.alert("New module setup failed.&nbsp; Error code: " + result);</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }
-else {</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-window.alert("New module setup completed.");</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }</TT>
-<BR><TT>&nbsp;}</TT>
-<BR><TT>}</TT>
-
-<P><A NAME="reference"></A><FONT SIZE=+1>IV. Appendix A: Programmers' Refernce</FONT>
-<UL>
-<LI>
-<A HREF="#delmodule">pkcs11.addmodule( )</A></LI>
-
-<LI>
-<A HREF="#delmodule">pkcs11.delmodule( )</A></LI>
-</UL>
-
-<HR ALIGN=LEFT WIDTH="70%">
-<BR><A NAME="addmodule"></A>Name
-<BR><TT>addmodule</TT>
-<BR>Adds a PKCS#11 security module to the security module database, and
-notifies Communicator which cryptographic mechanisms should be turned on
-by default, and which SSL or S/MIME ciphers are supported.&nbsp; For security
-reasons, it will pop up a dialog box to ask the user to confirm this action.&nbsp;
-It might pop up other dialog boxes if necessary.
-
-<P>Method of
-<BR><TT>pkcs11</TT>
-
-<P>Syntax
-<BR><TT>int pkcs11.addmodule( string ModuleName,</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-string LibraryFullPath,</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-int CryptoMechanismFlags,</TT>
-<BR><TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-int CipherFlags);</TT>
-<BR>&nbsp;
-<BR>Parameters
-<TABLE BORDER WIDTH="90%" >
-<TR>
-<TD><TT>ModuleName</TT></TD>
-
-<TD>Name of the module</TD>
-</TR>
-
-<TR>
-<TD><TT>LibraryFullPath</TT></TD>
-
-<TD>The filename of the library prepended with its full path</TD>
-</TR>
-
-<TR>
-<TD><TT>CryptoMechanismFlags</TT></TD>
-
-<TD>A bit vector indicating all cryptographic mechanisms should be turned
-on by default&nbsp; (See below)</TD>
-</TR>
-
-<TR>
-<TD><TT>CipherFlags</TT></TD>
-
-<TD>A bit vector indicating all SSL or S/MIME cipher functions supported
-by the module (Seel below)</TD>
-</TR>
-</TABLE>
-Cryptographic Mechanism Flags
-<BR><TT>PKCS11_MECH_RSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;0;</TT>
-<BR><TT>PKCS11_MECH_DSA_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;1;</TT>
-<BR><TT>PKCS11_MECH_RC2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;2;</TT>
-<BR><TT>PKCS11_MECH_RC4_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;3;</TT>
-<BR><TT>PKCS11_MECH_DES_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;4;</TT>
-<BR><TT>PKCS11_MECH_DH_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;5; //Diffie-Hellman</TT>
-<BR><TT>PKCS11_MECH_SKIPJACK_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =&nbsp;
-0x1&lt;&lt;6; //SKIPJACK algorithm as in Fortezza cards</TT>
-<BR><TT>PKCS11_MECH_RC5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;7;</TT>
-<BR><TT>PKCS11_MECH_SHA1_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;8;</TT>
-<BR><TT>PKCS11_MECH_MD5_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;9;</TT>
-<BR><TT>PKCS11_MECH_MD2_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;10;</TT>
-<BR><TT>PKCS11_MECH_RANDOM_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;27; //Random number generator</TT>
-<BR><TT>PKCS11_PUB_READABLE_CERT_FLAG&nbsp; =&nbsp; 0x1&lt;&lt;28; //Stored
-certs can be read off the token w/o logging in</TT>
-<BR><TT>PKCS11_DISABLE_FLAG&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-=&nbsp; 0x1&lt;&lt;30; //tell Navigator to disable this slot by default</TT>
-
-<P>Supported SSL or S/MIME Ciphers
-<BR><TT>PKCS11_CIPHER_FORTEZZA_FLAG&nbsp;&nbsp;&nbsp; = 0x1&lt;&lt;0;</TT>
-
-<P>Important for CryptoMechanismFlags:
-<BR><TT>0x1&lt;&lt;11</TT>, <TT>0x1&lt;&lt;12</TT>, ... , <TT>0x1&lt;&lt;26</TT>,
-<TT>0x1&lt;&lt;29, </TT>and <TT>0x1&lt;&lt;31</TT> are reserved for internal
-use in Navigator.
-<BR>Therefore, these bits should always be set to 0; otherwise, Navigator
-might exhibit unpredictable behavior.
-
-<P>Important for CipherFlags:
-<BR><TT>0x1&lt;&lt;1</TT>, <TT>0x1&lt;&lt;2</TT>, ... , <TT>0x1&lt;&lt;31</TT>
-are reserved for internal use in Navigator.
-<BR>Therefore, these bits should ALWAYS be set to 0; otherwise, Navigator
-might exhibit unpredictable behavior.
-
-<P>Example of CryptoMechanismFlags and CipherFlags:
-<BR><TT>pkcs11MechanismFlags = PKCS11_MECH_DSA_FLAG | PKCS11_MECH_SKIPJACK_FLAG
-| PKCS11_MECH_RANDOM_FLAG;</TT>
-<BR><TT>pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;</TT>
-<BR><TT>&nbsp;</TT>
-<BR>Return Values:
-<BR><TT>// Return values of pkcs11.addmod()</TT>
-<BR><TT>// success codes</TT>
-<BR><TT>JS_OK_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 3 // Successfully added a module</TT>
-
-<P><TT>// failure codes</TT>
-<BR><TT>JS_ERR_OTHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -1 // Other errors than the followings</TT>
-<BR><TT>JS_ERR_USER_CANCEL_ACTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -2 // User abort an action</TT>
-<BR><TT>JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect
-# of arguments</TT>
-<BR><TT>JS_ERR_ADD_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -5 // Error adding a module</TT>
-<BR><TT>JS_ERR_BAD_MODULE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -6 // The module name is invalid</TT>
-<BR><TT>JS_ERR_BAD_DLL_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -7 // The DLL name is bad</TT>
-<BR><TT>JS_ERR_BAD_MECHANISM_FLAGS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -8 // The mechanism flags are invalid</TT>
-<BR><TT>JS_ERR_BAD_CIPHER_ENABLE_FLAGS&nbsp;&nbsp; = -9 // The SSL, S/MIME
-cipher flags are invalid</TT>
-<BR>&nbsp;
-<HR ALIGN=LEFT WIDTH="70%">
-<BR><A NAME="delmodule"></A>Name
-<BR><TT>delmodule</TT>
-<BR>Deletes a PKCS#11 security module from the module database, but does
-not physically remove the file.&nbsp; For security reasons, it will pop
-up a dialog box to ask the user to confirm this action.&nbsp; It might
-pop up other dialog boxes if necessary.
-
-<P>Method of
-<BR><TT>pkcs11</TT>
-
-<P>Syntax
-<BR><TT>int pkcs11.delmodule( string ModuleName);</TT>
-<BR>&nbsp;
-<BR>Parameters
-<TABLE BORDER WIDTH="90%" >
-<TR>
-<TD><TT>ModuleName</TT></TD>
-
-<TD>Name of the module</TD>
-</TR>
-</TABLE>
-<TT>&nbsp;</TT>
-<BR>Return Values:
-<BR><TT>// Return values of pkcs11.addmod() &amp; pkcs11.delmod()</TT>
-<BR><TT>// success codes</TT>
-<BR><TT>JS_OK_DEL_EXTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 2 // Successfully deleted ext. module</TT>
-<BR><TT>JS_OK_DEL_INTERNAL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= 1 // Successfully deleted int. module</TT>
-
-<P><TT>// failure codes</TT>
-<BR><TT>JS_ERR_OTHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -1 // Other errors than the followings</TT>
-<BR><TT>JS_ERR_USER_CANCEL_ACTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -2 // User abort an action</TT>
-<BR><TT>JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3 // Calling a method w/ incorrect
-# of arguments</TT>
-<BR><TT>JS_ERR_DEL_MODULE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -4 // Error deleting a module</TT>
-<BR><TT>JS_ERR_BAD_MODULE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-= -6 // The module name is invalid</TT>
-
-<P><A NAME="copyright"></A><FONT SIZE=+1>VI. Copyright Notice</FONT>
-<BR>&nbsp;
-
-<P><FONT SIZE=+4>XXX Don't know what to put here!!!</FONT>
-
-<P>Last modified 9/26/97
-</BODY>
-</HTML>
diff --git a/security/nss/lib/fortcrypt/swfort/.cvsignore b/security/nss/lib/fortcrypt/swfort/.cvsignore
deleted file mode 100644
index 46d9697ae..000000000
--- a/security/nss/lib/fortcrypt/swfort/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-nslib.c
diff --git a/security/nss/lib/fortcrypt/swfort/Makefile b/security/nss/lib/fortcrypt/swfort/Makefile
deleted file mode 100644
index 9c5e39de2..000000000
--- a/security/nss/lib/fortcrypt/swfort/Makefile
+++ /dev/null
@@ -1,83 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-$(OBJDIR)/nslib.c: nsmap.h swflib.c
- @$(MAKE_OBJDIR)
- rm -f $@
- cat $+ > $@
-
-export:: private_export
-
-
diff --git a/security/nss/lib/fortcrypt/swfort/config.mk b/security/nss/lib/fortcrypt/swfort/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/fortcrypt/swfort/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/fortcrypt/swfort/manifest.mn b/security/nss/lib/fortcrypt/swfort/manifest.mn
deleted file mode 100644
index 6320cdd62..000000000
--- a/security/nss/lib/fortcrypt/swfort/manifest.mn
+++ /dev/null
@@ -1,52 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../..
-
-MODULE = security
-LIBRARY_NAME = swfci
-#LIBRARY_VERSION = 12
-
-BUILT_CSRCS = nslib.c \
- $(NULL)
-
-CSRCS = swfalg.c \
- swfparse.c \
- swflib.c \
- swfutl.c \
- $(NULL)
-DIRS = pkcs11
-
-EXPORTS = swfort.h swfortt.h
-PRIVATE_EXPORTS = swforti.h swfortti.h
-
-REQUIRES = security dbm nspr
diff --git a/security/nss/lib/fortcrypt/swfort/nsmap.h b/security/nss/lib/fortcrypt/swfort/nsmap.h
deleted file mode 100644
index b5e1c2cda..000000000
--- a/security/nss/lib/fortcrypt/swfort/nsmap.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#define MACI_ChangePIN NSCI_ChangePIN
-#define MACI_CheckPIN NSCI_CheckPIN
-#define MACI_Close NSCI_Close
-#define MACI_Decrypt NSCI_Decrypt
-#define MACI_DeleteCertificate NSCI_DeleteCertificate
-#define MACI_DeleteKey NSCI_DeleteKey
-#define MACI_Encrypt NSCI_Encrypt
-#define MACI_ExtractX NSCI_ExtractX
-#define MACI_FirmwareUpdate NSCI_FirmwareUpdate
-#define MACI_GenerateIV NSCI_GenerateIV
-#define MACI_GenerateMEK NSCI_GenerateMEK
-#define MACI_GenerateRa NSCI_GenerateRa
-#define MACI_GenerateRandom NSCI_GenerateRandom
-#define MACI_GenerateTEK NSCI_GenerateTEK
-#define MACI_GenerateX NSCI_GenerateX
-#define MACI_GetCertificate NSCI_GetCertificate
-#define MACI_GetConfiguration NSCI_GetConfiguration
-#define MACI_GetHash NSCI_GetHash
-#define MACI_GetPersonalityList NSCI_GetPersonalityList
-#define MACI_GetSessionID NSCI_GetSessionID
-#define MACI_GetState NSCI_GetState
-#define MACI_GetStatus NSCI_GetStatus
-#define MACI_GetTime NSCI_GetTime
-#define MACI_Hash NSCI_Hash
-#define MACI_Initialize NSCI_Initialize
-#define MACI_InitializeHash NSCI_InitializeHash
-#define MACI_InstallX NSCI_InstallX
-#define MACI_LoadCertificate NSCI_LoadCertificate
-#define MACI_LoadDSAParameters NSCI_LoadDSAParameters
-#define MACI_LoadInitValues NSCI_LoadInitValues
-#define MACI_LoadIV NSCI_LoadIV
-#define MACI_LoadX NSCI_LoadX
-#define MACI_Lock NSCI_Lock
-#define MACI_Open NSCI_Open
-#define MACI_RelayX NSCI_RelayX
-#define MACI_Reset NSCI_Reset
-#define MACI_Restore NSCI_Restore
-#define MACI_Save NSCI_Save
-#define MACI_Select NSCI_Select
-#define MACI_SetConfiguration NSCI_SetConfiguration
-#define MACI_SetKey NSCI_SetKey
-#define MACI_SetMode NSCI_SetMode
-#define MACI_SetPersonality NSCI_SetPersonality
-#define MACI_SetTime NSCI_SetTime
-#define MACI_Sign NSCI_Sign
-#define MACI_Terminate NSCI_Terminate
-#define MACI_TimeStamp NSCI_TimeStamp
-#define MACI_Unlock NSCI_Unlock
-#define MACI_UnwrapKey NSCI_UnwrapKey
-#define MACI_VerifySignature NSCI_VerifySignature
-#define MACI_VerifyTimeStamp NSCI_VerityTimeStap
-#define MACI_WrapKey NSCI_WrapKey
-#define MACI_Zeroize NSCI_Zeroize
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore b/security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore
deleted file mode 100644
index 6532d294d..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/.cvsignore
+++ /dev/null
@@ -1,15 +0,0 @@
-forsock.c
-cryptint.h
-fmutex.h
-fortsock.h
-fpkcs11.h
-fpkcs11f.h
-fpkcs11i.h
-fpkcs11t.h
-fpkmem.h
-fpkstrs.h
-genci.h
-maci.h
-fortpk11.c
-fmutex.c
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile b/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile
deleted file mode 100644
index 495e70ae3..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/Makefile
+++ /dev/null
@@ -1,179 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-
-
-#SWCILIB = ../$(OBJDIR)/$(LIB_PREFIX)swfci.$(LIB_SUFFIX)
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-CRYPTO_LIB = $(DIST)/lib/freebl.lib
-
-ifdef MOZILLA_SECURITY_BUILD
-CRYPTO_LIB = $(DIST)/lib/crypto.lib
-endif
-ifdef MOZILLA_BSAFE_BUILD
-CRYPTO_LIB += $(DIST)/lib/bsafe$(BSAFEVER).lib
-CRYPTO_LIB += $(DIST)/lib/freebl.lib
-endif
-
-# $(DIST)/lib/dbm.lib
-# $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib
-EXTRA_LIBS = \
- $(DIST)/lib/swfci.lib \
- $(DIST)/lib/softokn.lib \
- $(CRYPTO_LIB) \
- $(DIST)/lib/secutil.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4_s.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4_s.lib \
- wsock32.lib \
- winmm.lib \
- $(NULL)
-
-else
-
-# $(DIST)/lib/libdbm.a
-# $(DIST)/lib/libnspr3.a
-#
-CRYPTO_LIB = $(DIST)/lib/libfreebl.$(LIB_SUFFIX)
-
-ifdef MOZILLA_SECURITY_BUILD
-CRYPTO_LIB = $(DIST)/lib/libcrypto.$(LIB_SUFFIX)
-endif
-ifdef MOZILLA_BSAFE_BUILD
-CRYPTO_LIB += $(DIST)/lib/libbsafe.$(LIB_SUFFIX)
-CRYPTO_LIB += $(DIST)/lib/libfreebl.$(LIB_SUFFIX)
-endif
-
-ifeq ($(OS_ARCH), OS2)
-PLC_STATIC_LIB = $(DIST)/lib/plc4.$(LIB_SUFFIX)
-PLDS_STATIC_LIB = $(DIST)/lib/plds4.$(LIB_SUFFIX)
-else
-PLC_STATIC_LIB = $(DIST)/lib/libplc4.$(LIB_SUFFIX)
-PLDS_STATIC_LIB = $(DIST)/lib/libplds4.$(LIB_SUFFIX)
-endif
-
-EXTRA_LIBS += \
- $(DIST)/lib/libswfci.$(LIB_SUFFIX) \
- $(DIST)/lib/libsoftokn.$(LIB_SUFFIX) \
- $(CRYPTO_LIB) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(PLC_STATIC_LIB) \
- $(PLDS_STATIC_LIB) \
- $(NULL)
-
-endif
-
-#ifeq ($(OS_TARGET), WIN16)
-#W16LIBS += $(SWCILIB)
-#else
-#OBJS += $(SWCILIB)
-#endif
-
-INST_JS = inst.js
-LIBCI_JAR = $(OBJDIR)/lib$(LIBRARY_NAME).jar
-LIBCI_JAR_SRC = $(INST_JS) pk11inst $(SHARED_LIBRARY)
-
-ifneq ($(OS_TARGET), WIN16)
-TARGETS : $(LIBCI_JAR)
-endif
-
-ifeq ($(OS_TARGET), WIN16)
-# note that rules.mk is not included below for WIN16
-all:
- @echo Skipping fortcrypt directory for 16-bit windows builds
-
-all_platforms alltags clean clobber clobber_all realclean: all
-
-boot export install libs program release: all
-
-endif
-
-#$(SHARED_LIBRARY): $(SWCILIB)
-
-#
-# The following rules packages the shared library into a JAR,
-# ready to be signed
-#
-$(OBJDIR)/replace: replace.c
- $(CC) -o $@ $<
-
-# ZIP options:
-# -5 means medium compression
-# -q means quiet
-# -j means do not store tree structure, all files go into one dir
-#
-$(LIBCI_JAR): $(LIBCI_JAR_SRC)
- @echo +++ building $@ from $(LIBCI_JAR_SRC)
- @rm -f $@
- zip -5qj $@ $(LIBCI_JAR_SRC)
-
-$(LIBSWCI_JAR): $(LIBSWCI_JAR_SRC)
- @echo +++ building $@ from $(LIBSWCI_JAR_SRC)
- @rm -f $@
- zip -5qj $@ $(LIBSWCI_JAR_SRC)
-
-
-MD_FILES += $(LIBCI_JAR) $(LIBSWCI_JAR)
-
-# coreconf doesn't build the AIX shared library for FORTEZZA,
-# so I'm going to override their shared library command and build the shared
-# library the way config used to.
-#
-
-
-ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.1)
-DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry
-EXTRA_DSO_LDOPTS = -lc
-MKSHLIB = xlC $(DSO_LDOPTS)
-
-$(SHARED_LIBRARY): $(OBJS)
- @$(MAKE_OBJDIR)
- rm -f $@
- $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS)
- chmod +x $@
-
-endif
-
-ifeq ($(OS_ARCH)$(OS_RELEASE), AIX4.2)
-LD += -G
-endif
-
-ifneq ($(OS_TARGET), WIN16)
-include $(CORE_DEPTH)/coreconf/rules.mk
-endif
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/config.mk b/security/nss/lib/fortcrypt/swfort/pkcs11/config.mk
deleted file mode 100644
index 960774691..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only shared libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(SHARED_LIBRARY) $(SHARED_SW_LIBRARY) $(LIBCI_JAR) $(LIBCI_SW_JAR)
-LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/inst.js b/security/nss/lib/fortcrypt/swfort/pkcs11/inst.js
deleted file mode 100644
index 2f7574717..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/inst.js
+++ /dev/null
@@ -1,189 +0,0 @@
-//
-// The contents of this file are subject to the Mozilla Public
-// License Version 1.1 (the "License"); you may not use this file
-// except in compliance with the License. You may obtain a copy of
-// the License at http://www.mozilla.org/MPL/
-//
-// Software distributed under the License is distributed on an "AS
-// IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-// implied. See the License for the specific language governing
-// rights and limitations under the License.
-//
-// The Original Code is the Netscape security libraries.
-//
-// The Initial Developer of the Original Code is Netscape
-// Communications Corporation. Portions created by Netscape are
-// Copyright (C) 1994-2000 Netscape Communications Corporation. All
-// Rights Reserved.
-//
-// Contributor(s):
-//
-// Alternatively, the contents of this file may be used under the
-// terms of the GNU General Public License Version 2 or later (the
-// "GPL"), in which case the provisions of the GPL are applicable
-// instead of those above. If you wish to allow use of your
-// version of this file only under the terms of the GPL and not to
-// allow others to use your version of this file under the MPL,
-// indicate your decision by deleting the provisions above and
-// replace them with the notice and other provisions required by
-// the GPL. If you do not delete the provisions above, a recipient
-// may use your version of this file under either the MPL or the
-// GPL.
-//
-////////////////////////////////////////////////////////////////////////////////////////
-// Crypto Mechanism Flags
-PKCS11_MECH_RSA_FLAG = 0x1<<0;
-PKCS11_MECH_DSA_FLAG = 0x1<<1;
-PKCS11_MECH_RC2_FLAG = 0x1<<2;
-PKCS11_MECH_RC4_FLAG = 0x1<<3;
-PKCS11_MECH_DES_FLAG = 0x1<<4;
-PKCS11_MECH_DH_FLAG = 0x1<<5; //Diffie-Hellman
-PKCS11_MECH_SKIPJACK_FLAG = 0x1<<6; //SKIPJACK algorithm as in Fortezza cards
-PKCS11_MECH_RC5_FLAG = 0x1<<7;
-PKCS11_MECH_SHA1_FLAG = 0x1<<8;
-PKCS11_MECH_MD5_FLAG = 0x1<<9;
-PKCS11_MECH_MD2_FLAG = 0x1<<10;
-PKCS11_MECH_RANDOM_FLAG = 0x1<<27; //Random number generator
-PKCS11_PUB_READABLE_CERT_FLAG = 0x1<<28; //Stored certs can be read off the token w/o logging in
-PKCS11_DISABLE_FLAG = 0x1<<30; //tell Navigator to disable this slot by default
-
-// Important:
-// 0x1<<11, 0x1<<12, ... , 0x1<<26, 0x1<<29, and 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should always be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which mechanisms should be turned on by
-var pkcs11MechanismFlags = 0;
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Ciphers that support SSL or S/MIME
-PKCS11_CIPHER_FORTEZZA_FLAG = 0x1<<0;
-
-// Important:
-// 0x1<<1, 0x1<<2, ... , 0x1<<31 are reserved
-// for internal use in Navigator.
-// Therefore, these bits should ALWAYS be set to 0; otherwise,
-// Navigator might exhibit unpredictable behavior.
-
-// These flags indicate which SSL ciphers are supported
-var pkcs11CipherFlags = PKCS11_CIPHER_FORTEZZA_FLAG;
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Return values of pkcs11.addmodule() & pkcs11.delmodule()
-// success codes
-JS_OK_ADD_MODULE = 3; // Successfully added a module
-JS_OK_DEL_EXTERNAL_MODULE = 2; // Successfully deleted ext. module
-JS_OK_DEL_INTERNAL_MODULE = 1; // Successfully deleted int. module
-
-// failure codes
-JS_ERR_OTHER = -1; // Other errors than the followings
-JS_ERR_USER_CANCEL_ACTION = -2; // User abort an action
-JS_ERR_INCORRECT_NUM_OF_ARGUMENTS= -3; // Calling a method w/ incorrect # of arguments
-JS_ERR_DEL_MODULE = -4; // Error deleting a module
-JS_ERR_ADD_MODULE = -5; // Error adding a module
-JS_ERR_BAD_MODULE_NAME = -6; // The module name is invalid
-JS_ERR_BAD_DLL_NAME = -7; // The DLL name is bad
-JS_ERR_BAD_MECHANISM_FLAGS = -8; // The mechanism flags are invalid
-JS_ERR_BAD_CIPHER_ENABLE_FLAGS = -9; // The SSL, S/MIME cipher flags are invalid
-
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Find out which library is to be installed depending on the platform
-
-// pathname seperator is platform specific
-var sep = "/";
-var vendor = "netscape";
-var moduleName = "not_supported";
-
-// platform-independent relative path
-var dir = "pkcs11/" + vendor + "/";
-
-var plat = navigator.platform;
-
-bAbort = false;
-progName = "instinit";
-if (plat == "Win32") {
- moduleName = "swft32.dll";
- // progName = "instinit.exe";
- sep = "\\";
-} else if (plat == "AIX4.1") {
- moduleName = "libswft.so";
-} else if (plat == "SunOS4.1.3_U1") {
- moduleName = "libswft.so.1.0";
-} else if ((plat == "SunOS5.4") || (plat == "SunOS5.5.1")){
- moduleName = "libswft.so";
-} else if ((plat == "HP-UXA.09") || (plat == "HP-UXB.10")){
- moduleName = "libswft.sl";
-} else {
- window.alert("Sorry, platform "+plat+" is not supported.");
- bAbort = true;
-}
-
-////////////////////////////////////////////////////////////////////////////////////////
-// Installation Begins...
-if (!bAbort) {
-if (confirm("This script will install and configure a security module, do you want to continue?")) {
- // Step 1. Create a version object and a software update object
- vi = new netscape.softupdate.VersionInfo(1, 5, 0, 0);
- su = new netscape.softupdate.SoftwareUpdate(this, "Fortezza Card PKCS#11 Module");
- // "Fortezza ... Module" is the logical name of the bundle
-
- ////////////////////////////////////////
- // Step 2. Start the install process
- bAbort = false;
- err = su.StartInstall("NSfortezza", // NSfortezza is the component folder (logical)
- vi,
- netscape.softupdate.SoftwareUpdate.FULL_INSTALL);
-
- bAbort = bAbort || (err !=0);
-
- if (err == 0) {
- ////////////////////////////////////////
- // Step 3. Find out the physical location of the Program dir
- Folder = su.GetFolder("Program");
-
- ////////////////////////////////////////
- // Step 4. Install the files. Unpack them and list where they go
- err = su.AddSubcomponent("FortezzaLibrary", //component name (logical)
- vi, // version info
- moduleName, // source file in JAR (physical)
- Folder, // target folder (physical)
- dir + moduleName, // target path & filename (physical)
- this.force); // forces update
- bAbort = bAbort || (err !=0);
- if (err != 0) window.alert("Add sub err= "+ err);
- }
-
- if (err == 0) {
- /// Try installing the init program
- err = su.AddSubcomponent("FortezzaInitProg", vi, progName, Folder, progName, this.force);
- // don't fail because it didn't install, may just not be part of the package
-}
-
- ////////////////////////////////////////
- // Step 5. Unless there was a problem, move files to final location
- // and update the Client Version Registry
- if (bAbort) {
- window.alert("Aborting, Folder="+Folder+" module="+dir+moduleName);
- su.AbortInstall();
- } else {
- err = su.FinalizeInstall();
- // Platform specific full path
- fullpath = Folder + "pkcs11" + sep + vendor + sep + moduleName;
-
- ////////////////////////////////////////
- // Step 6: Call pkcs11.addmodule() to register the newly downloaded module
- result = pkcs11.addmodule("Netscape Software FORTEZZA Module",
- fullpath,
- pkcs11MechanismFlags,
- pkcs11CipherFlags);
-
- if ( result < 0) {
- window.alert("New module setup failed. Error code: " + result);
- } else {
- window.alert("New module setup completed.");
- }
- }
-}
-}
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn b/security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn
deleted file mode 100644
index 7ef8c2009..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/manifest.mn
+++ /dev/null
@@ -1,63 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../../../..
-
-MODULE = security
-LIBRARY_NAME = swft
-#LIBRARY_VERSION = 32
-
-COPIED_CSRCS = forsock.c \
- fortpk11.c \
- fmutex.c \
- $(NULL)
-
-CSRCS = \
- $(COPIED_CSRCS) \
- stub.c \
- $(NULL)
-
-vpath %.c ../../
-INCLUDES = -I../..
-
-EXPORTS =
-
-REQUIRES = security dbm
-
-
-DEFINES = -DSWFORT
-
-GARBAGE = $(COPIED_CSRCS) cryptint.h fmutex.h fortsock.h fpkcs11.h \
- fpkcs11f.h fpkcs11i.h fpkcs11t.h fpkmem.h fpkstrs.h genci.h maci.h
-
-
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst b/security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst
deleted file mode 100755
index 31d73eb4a..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/pk11inst
+++ /dev/null
@@ -1,49 +0,0 @@
-ForwardCompatible { HPUX:10:hppa1.1 Solaris:5.5.1:sparc AIX:4.1:rs6000 }
- Platforms {
- WINNT::x86 {
- ModuleName { "Netscape Software FORTEZZA Module" }
- ModuleFile { %root%/pkcs11/netscape/swft32.dll }
- DefaultMechanismFlags{0x0000}
- DefaultCipherFlags{0x0001}
- Files {
- swft32.dll {
- RelativePath { %root%/pkcs11/netscape/swft32.dll }
- }
- }
- WIN95::x86 {
- EquivalentPlatform {WINNT::x86}
- }
- Solaris:5.5.1:sparc {
- ModuleName { "Netscape Software FORTEZZA Module" }
- ModuleFile { %root%/pkcs11/netscape/libswft.so }
- DefaultMechanismFlags{0x0000}
- DefaultCipherFlags{0x0001}
- Files {
- libswft.so {
- RelativePath { %root%/pkcs11/netscape/libswft.so }
- }
- }
- }
- AIX:4.1:rs6000 {
- ModuleName { "Netscape Software FORTEZZA Module" }
- ModuleFile { %root%/pkcs11/netscape/libswft.so }
- DefaultMechanismFlags{0x0000}
- DefaultCipherFlags{0x0001}
- Files {
- libswft.so {
- RelativePath { %root%/pkcs11/netscape/libswft.so }
- }
- }
- }
- HPUX:10:hppa1.1 {
- ModuleName { "Netscape Software FORTEZZA Module" }
- ModuleFile { %root%/pkcs11/netscape/libswft.sl }
- DefaultMechanismFlags{0x0000}
- DefaultCipherFlags{0x0001}
- Files {
- libswft.so {
- RelativePath { %root%/pkcs11/netscape/libswft.sl }
- }
- }
- }
- }
diff --git a/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c b/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c
deleted file mode 100644
index e3b854f3d..000000000
--- a/security/nss/lib/fortcrypt/swfort/pkcs11/stub.c
+++ /dev/null
@@ -1,350 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * secport.c - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- *
- * NOTE - These are not public interfaces. These stubs are to allow the
- * SW FORTEZZA to link with some low level security functions without dragging
- * in NSPR.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "plarena.h"
-#include "secerr.h"
-#include "prmon.h"
-#include "prbit.h"
-
-unsigned long port_allocFailures;
-
-/* locations for registering Unicode conversion functions.
- * Is this the appropriate location? or should they be
- * moved to client/server specific locations?
- */
-PORTCharConversionFunc ucs4Utf8ConvertFunc;
-PORTCharConversionFunc ucs2Utf8ConvertFunc;
-PORTCharConversionWSwapFunc ucs2AsciiConvertFunc;
-
-void *
-PORT_Alloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)malloc(bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void *
-PORT_Realloc(void *oldptr, size_t bytes)
-{
- void *rv;
-
- rv = (void *)realloc(oldptr, bytes);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void *
-PORT_ZAlloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)calloc(1, bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- }
- return rv;
-}
-
-void
-PORT_Free(void *ptr)
-{
- if (ptr) {
- free(ptr);
- }
-}
-
-void
-PORT_ZFree(void *ptr, size_t len)
-{
- if (ptr) {
- memset(ptr, 0, len);
- free(ptr);
- }
-}
-
-void
-PORT_SetError(int value)
-{
- return;
-}
-
-int
-PORT_GetError(void)
-{
- return(1);
-}
-
-/********************* Arena code follows *****************************/
-
-
-PLArenaPool *
-PORT_NewArena(unsigned long chunksize)
-{
- PLArenaPool *arena;
-
- arena = (PLArenaPool*)PORT_ZAlloc(sizeof(PLArenaPool));
- if ( arena != NULL ) {
- PR_InitArenaPool(arena, "security", chunksize, sizeof(double));
- }
- return(arena);
-}
-
-void *
-PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PL_ARENA_ALLOCATE(p, arena, size);
- if (p == NULL) {
- ++port_allocFailures;
- }
-
- return(p);
-}
-
-void *
-PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PL_ARENA_ALLOCATE(p, arena, size);
- if (p == NULL) {
- ++port_allocFailures;
- } else {
- PORT_Memset(p, 0, size);
- }
-
- return(p);
-}
-
-/* need to zeroize!! */
-void
-PORT_FreeArena(PLArenaPool *arena, PRBool zero)
-{
- PR_FinishArenaPool(arena);
- PORT_Free(arena);
-}
-
-void *
-PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
-{
- PORT_Assert(newsize >= oldsize);
-
- PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
-
- return(ptr);
-}
-
-void *
-PORT_ArenaMark(PLArenaPool *arena)
-{
- void * result;
-
- result = PL_ARENA_MARK(arena);
- return result;
-}
-
-void
-PORT_ArenaRelease(PLArenaPool *arena, void *mark)
-{
- PL_ARENA_RELEASE(arena, mark);
-}
-
-void
-PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
-{
- /* do nothing */
-}
-
-char *
-PORT_ArenaStrdup(PLArenaPool *arena,char *str) {
- int len = PORT_Strlen(str)+1;
- char *newstr;
-
- newstr = (char*)PORT_ArenaAlloc(arena,len);
- if (newstr) {
- PORT_Memcpy(newstr,str,len);
- }
- return newstr;
-}
-
-PR_IMPLEMENT(void)
-PR_Assert(const char *expr, const char *file, int line) {
- return;
-}
-
-PR_IMPLEMENT(void *)
-PR_Alloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Malloc(PRUint32 bytes) { return malloc(bytes); }
-
-PR_IMPLEMENT(void *)
-PR_Calloc(PRUint32 blocks, PRUint32 bytes) { return calloc(blocks,bytes); }
-
-PR_IMPLEMENT(void)
-PR_Free(void *ptr) { free(ptr); }
-
-PR_IMPLEMENT(void)
-PR_SetError(PRErrorCode errorCode, PRInt32 oserr) { return; }
-
-PR_IMPLEMENT(void)
-PR_SetErrorText(PRIntn textLength, const char *text) { return; }
-
-
-/* Old template; want to expunge it eventually. */
-#include "secasn1.h"
-#include "secoid.h"
-
-const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECAlgorithmID) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SECAlgorithmID,algorithm), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(SECAlgorithmID,parameters), },
- { 0, }
-};
-
-/* now make the RNG happy */ /* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicIncrement(PRInt32 *val) { return ++(*val); }
-/* This is not atomic! */
-PR_IMPLEMENT(PRInt32) PR_AtomicDecrement(PRInt32 *val) { return --(*val); }
-
-PR_IMPLEMENT(PRStatus) PR_Sleep(PRIntervalTime ticks) { return PR_SUCCESS; }
-
-#include "nssilock.h"
-#include "fmutex.h"
-PR_IMPLEMENT(PRLock *)
-PR_NewLock(void) {
- PRLock *lock = NULL;
-
- FMUTEX_Create((void **)&lock);
-
- /* if we don't have a lock, FMUTEX can deal with things */
- if (lock == NULL) lock=(PRLock *) 1;
- return lock;
-}
-
-PR_IMPLEMENT(void)
-PR_DestroyLock(PRLock *lock) {
- FMUTEX_Destroy(lock);
-}
-
-PR_IMPLEMENT(void)
-PR_Lock(PRLock *lock) {
- FMUTEX_Lock(lock);
-}
-
-PR_IMPLEMENT(PRStatus)
-PR_Unlock(PRLock *lock) {
- FMUTEX_Unlock(lock);
- return PR_SUCCESS;
-}
-
-/* this implementation is here to satisfy the PRMonitor use in plarena.c.
-** It appears that it doesn't need re-entrant locks. It could have used
-** PRLock instead of PRMonitor. So, this implementation just uses
-** PRLock for a PRMonitor.
-*/
-PR_IMPLEMENT(PRMonitor*)
-PR_NewMonitor(void)
-{
- return (PRMonitor *) PR_NewLock();
-}
-
-
-PR_IMPLEMENT(void)
-PR_EnterMonitor(PRMonitor *mon)
-{
- PR_Lock( (PRLock *)mon );
-}
-
-PR_IMPLEMENT(PRStatus)
-PR_ExitMonitor(PRMonitor *mon)
-{
- return PR_Unlock( (PRLock *)mon );
-}
-
-#include "prinit.h"
-
-/* This is NOT threadsafe. It is merely a pseudo-functional stub.
-*/
-PR_IMPLEMENT(PRStatus) PR_CallOnce(
- PRCallOnceType *once,
- PRCallOnceFN func)
-{
- /* This is not really atomic! */
- if (1 == PR_AtomicIncrement(&once->initialized)) {
- once->status = (*func)();
- } else {
- /* Should wait to be sure that func has finished before returning. */
- }
- return once->status;
-}
-
-
-/*
-** Compute the log of the least power of 2 greater than or equal to n
-*/
-PRIntn PR_CeilingLog2(PRUint32 i) {
- PRIntn log2;
- PR_CEILING_LOG2(log2,i);
- return log2;
-}
-
-/********************** end of arena functions ***********************/
-
diff --git a/security/nss/lib/fortcrypt/swfort/swfalg.c b/security/nss/lib/fortcrypt/swfort/swfalg.c
deleted file mode 100644
index 6f8ab9f6c..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfalg.c
+++ /dev/null
@@ -1,506 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Software implementation of FORTEZZA skipjack primatives
- */
-#include "maci.h"
-#include "seccomon.h"
-#include "swforti.h"
-
-/*
- * Xor the IV into the plaintext buffer either just before encryption, or
- * just after decryption.
- */
-static void
-fort_XorIV(unsigned char *obuffer, unsigned char *buffer, unsigned char *iv) {
- int i;
-#ifdef USE_INT32
- if ((buffer & 0x3) == 0) && ((iv & 0x3) == 0)) {
- int32 *ibuffer = (int32 *)buffer;
- int32 *iobuffer = (int32 *)obuffer;
- int32 *iiv = (int32 *)iv;
-
- iobuffer[0] = ibuffer[0] ^ iiv[0];
- iobuffer[1] = ibuffer[1] ^ iiv[1];
- return;
- }
-#endif
-
- for (i=0; i < SKIPJACK_BLOCK_SIZE; i++) {
- obuffer[i] = buffer[i] ^ iv[i];
- }
-}
-
-
-/* the F-table for Skipjack */
-unsigned char F[256] = {
- 0xa3, 0xd7, 0x09, 0x83, 0xf8, 0x48, 0xf6, 0xf4,
- 0xb3, 0x21, 0x15, 0x78, 0x99, 0xb1, 0xaf, 0xf9,
- 0xe7, 0x2d, 0x4d, 0x8a, 0xce, 0x4c, 0xca, 0x2e,
- 0x52, 0x95, 0xd9, 0x1e, 0x4e, 0x38, 0x44, 0x28,
- 0x0a, 0xdf, 0x02, 0xa0, 0x17, 0xf1, 0x60, 0x68,
- 0x12, 0xb7, 0x7a, 0xc3, 0xe9, 0xfa, 0x3d, 0x53,
- 0x96, 0x84, 0x6b, 0xba, 0xf2, 0x63, 0x9a, 0x19,
- 0x7c, 0xae, 0xe5, 0xf5, 0xf7, 0x16, 0x6a, 0xa2,
- 0x39, 0xb6, 0x7b, 0x0f, 0xc1, 0x93, 0x81, 0x1b,
- 0xee, 0xb4, 0x1a, 0xea, 0xd0, 0x91, 0x2f, 0xb8,
- 0x55, 0xb9, 0xda, 0x85, 0x3f, 0x41, 0xbf, 0xe0,
- 0x5a, 0x58, 0x80, 0x5f, 0x66, 0x0b, 0xd8, 0x90,
- 0x35, 0xd5, 0xc0, 0xa7, 0x33, 0x06, 0x65, 0x69,
- 0x45, 0x00, 0x94, 0x56, 0x6d, 0x98, 0x9b, 0x76,
- 0x97, 0xfc, 0xb2, 0xc2, 0xb0, 0xfe, 0xdb, 0x20,
- 0xe1, 0xeb, 0xd6, 0xe4, 0xdd, 0x47, 0x4a, 0x1d,
- 0x42, 0xed, 0x9e, 0x6e, 0x49, 0x3c, 0xcd, 0x43,
- 0x27, 0xd2, 0x07, 0xd4, 0xde, 0xc7, 0x67, 0x18,
- 0x89, 0xcb, 0x30, 0x1f, 0x8d, 0xc6, 0x8f, 0xaa,
- 0xc8, 0x74, 0xdc, 0xc9, 0x5d, 0x5c, 0x31, 0xa4,
- 0x70, 0x88, 0x61, 0x2c, 0x9f, 0x0d, 0x2b, 0x87,
- 0x50, 0x82, 0x54, 0x64, 0x26, 0x7d, 0x03, 0x40,
- 0x34, 0x4b, 0x1c, 0x73, 0xd1, 0xc4, 0xfd, 0x3b,
- 0xcc, 0xfb, 0x7f, 0xab, 0xe6, 0x3e, 0x5b, 0xa5,
- 0xad, 0x04, 0x23, 0x9c, 0x14, 0x51, 0x22, 0xf0,
- 0x29, 0x79, 0x71, 0x7e, 0xff, 0x8c, 0x0e, 0xe2,
- 0x0c, 0xef, 0xbc, 0x72, 0x75, 0x6f, 0x37, 0xa1,
- 0xec, 0xd3, 0x8e, 0x62, 0x8b, 0x86, 0x10, 0xe8,
- 0x08, 0x77, 0x11, 0xbe, 0x92, 0x4f, 0x24, 0xc5,
- 0x32, 0x36, 0x9d, 0xcf, 0xf3, 0xa6, 0xbb, 0xac,
- 0x5e, 0x6c, 0xa9, 0x13, 0x57, 0x25, 0xb5, 0xe3,
- 0xbd, 0xa8, 0x3a, 0x01, 0x05, 0x59, 0x2a, 0x46
-};
-
-typedef unsigned char fort_keysched[32*4];
-
-/* do the key schedule work once for efficency */
-static void
-fort_skipKeySchedule(FORTSkipjackKeyPtr key,fort_keysched keysched)
-{
- unsigned char *keyptr = key;
- unsigned char *first = keyptr +sizeof(FORTSkipjackKey)-1;
- int i;
-
- keyptr = first;
-
- for (i=0; i < (32*4); i++) {
- keysched[i] = *keyptr--;
- if (keyptr < key) keyptr = first;
- }
- return;
-}
-
-static void
-fort_clearShedule(fort_keysched keysched)
-{
- PORT_Memset(keysched, 0, sizeof(keysched));
-}
-
-
-static unsigned int
-G(fort_keysched cv, int k, unsigned int wordIn)
-{
- unsigned char g1, g2, g3, g4, g5, g6;
-
- g1 = (unsigned char) (wordIn >> 8) & 0xff;
- g2 = (unsigned char) wordIn & 0xff;
-
- g3 = F[g2^cv[4*k]]^g1;
- g4 = F[g3^cv[4*k+1]]^g2;
- g5 = F[g4^cv[4*k+2]]^g3;
- g6 = F[g5^cv[4*k+3]]^g4;
-
- return ((g5<<8)+g6);
-}
-
-static unsigned int
-G1(fort_keysched cv, int k, unsigned int wordIn)
-{
- unsigned char g1, g2, g3, g4, g5, g6;
-
- g5 = (unsigned char) (wordIn >> 8) & 0xff;
- g6 = (unsigned char) wordIn & 0xff;
-
- g4 = F[g5^cv[4*k+3]]^g6;
- g3 = F[g4^cv[4*k+2]]^g5;
- g2 = F[g3^cv[4*k+1]]^g4;
- g1 = F[g2^cv[4*k]]^g3;
-
- return ((g1<<8)+g2);
-}
-
-static void
-ruleA(fort_keysched cv,int round,unsigned int *w)
-{
- unsigned int w4;
- int i;
-
- for(i=0; i<8; i++) {
- int k = round*16+i;
- int counter = k+1;
-
- w4 = w[4];
- w[4] = w[3];
- w[3] = w[2];
- w[2] = G(cv,k,w[1]);
- w[1] = G(cv,k,w[1]) ^ w4 ^ counter;
- }
- return;
-}
-
-static void
-ruleB(fort_keysched cv,int round,unsigned int *w)
-{
- unsigned int w4;
- int i;
-
- for(i=0; i<8; i++) {
- int k = round*16+i+8;
- int counter = k+1;
-
- w4 = w[4];
- w[4] = w[3];
- w[3] = w[1] ^ w[2] ^ counter;
- w[2] = G(cv,k,w[1]);
- w[1] = w4;
- }
- return;
-}
-
-static void
-ruleA1(fort_keysched cv,int round,unsigned int *w)
-{
- unsigned int w4;
- int i;
-
- for(i=7; i>=0; i--) {
- int k = round*16+i;
- int counter = k+1;
-
- w4 = w[4];
- w[4] = w[1] ^ w[2] ^ counter;
- w[1] = G1(cv,k,w[2]);
- w[2] = w[3];
- w[3] = w4;
- }
- return;
-}
-
-static void
-ruleB1(fort_keysched cv,int round,unsigned int *w)
-{
- unsigned int w4;
- int i;
-
- for(i=7; i>=0; i--) {
- int k = round*16+i+8;
- int counter = k+1;
-
- w4 = w[4];
- w[4] = w[1];
- w[1] = G1(cv,k,w[2]);
- w[2] = G1(cv,k,w[2]) ^ w[3] ^ counter;
- w[3] = w4;
- }
- return;
-}
-
-
-static void
-fort_doskipD(fort_keysched cv,unsigned char *cipherIn,
- unsigned char *plainOut) {
- unsigned int w[5]; /* ignore w[0] so the code matches the doc */
-
- /* initial byte swap */
- w[1]=(cipherIn[7]<<8)+cipherIn[6];
- w[2]=(cipherIn[5]<<8)+cipherIn[4];
- w[3]=(cipherIn[3]<<8)+cipherIn[2];
- w[4]=(cipherIn[1]<<8)+cipherIn[0];
-
- ruleB1(cv,1,w);
- ruleA1(cv,1,w);
- ruleB1(cv,0,w);
- ruleA1(cv,0,w);
-
- /* final byte swap */
- plainOut[0] = w[4] & 0xff;
- plainOut[1] = (w[4] >> 8) & 0xff;
- plainOut[2] = w[3] & 0xff;
- plainOut[3] = (w[3] >> 8) & 0xff;
- plainOut[4] = w[2] & 0xff;
- plainOut[5] = (w[2] >> 8) & 0xff;
- plainOut[6] = w[1] & 0xff;
- plainOut[7] = (w[1] >> 8) & 0xff;
- return;
-}
-
-static void
-fort_doskipE(fort_keysched cv,unsigned char *cipherIn,
- unsigned char *plainOut) {
- unsigned int w[5]; /* ignore w[0] so the code matches the doc */
-
- /* initial byte swap */
- w[1]=(cipherIn[7]<<8)+cipherIn[6];
- w[2]=(cipherIn[5]<<8)+cipherIn[4];
- w[3]=(cipherIn[3]<<8)+cipherIn[2];
- w[4]=(cipherIn[1]<<8)+cipherIn[0];
-
- ruleA(cv,0,w);
- ruleB(cv,0,w);
- ruleA(cv,1,w);
- ruleB(cv,1,w);
-
- /* final byte swap */
- plainOut[0] = w[4] & 0xff;
- plainOut[1] = (w[4] >> 8) & 0xff;
- plainOut[2] = w[3] & 0xff;
- plainOut[3] = (w[3] >> 8) & 0xff;
- plainOut[4] = w[2] & 0xff;
- plainOut[5] = (w[2] >> 8) & 0xff;
- plainOut[6] = w[1] & 0xff;
- plainOut[7] = (w[1] >> 8) & 0xff;
- return;
-}
-
-/* Checksums are calculated by encrypted a fixed string with the key, then
- * taking 16 bytes of the result from the block */
-static int
-fort_CalcKeyChecksum(FORTSkipjackKeyPtr key, unsigned char *sum) {
- unsigned char ckdata[8] = {
- 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55 };
- unsigned char ckres[8];
- fort_keysched keysched;
-
-
- fort_skipKeySchedule(key,keysched);
-
- fort_doskipE(keysched,ckdata,ckres);
- fort_clearShedule(keysched);
- PORT_Memcpy(sum,&ckres[1],2);
- return CI_OK;
-}
-
-/* These function actually implements skipjack CBC Decrypt */
-int
-fort_skipjackDecrypt(FORTSkipjackKeyPtr key, unsigned char *iv,
- unsigned long size, unsigned char *cipherIn,
- unsigned char *plainOut) {
- unsigned char ivdata1[SKIPJACK_BLOCK_SIZE];
- unsigned char ivdata2[SKIPJACK_BLOCK_SIZE];
- unsigned char *lastiv, *nextiv, *tmpiv;
- fort_keysched keysched;
-
- /* do the key schedule work once for efficency */
- fort_skipKeySchedule(key,keysched);
-
- /* As we decrypt, we need to save the last block so that we can
- * Xor it out of decrypted text to get the real plain text. We actually
- * have to save it because cipherIn and plainOut may point to the same
- * buffer. */
- lastiv =ivdata1;
- nextiv = ivdata2;
- PORT_Memcpy(lastiv,iv,SKIPJACK_BLOCK_SIZE);
- while (size >= SKIPJACK_BLOCK_SIZE) {
- /* save the IV for the next block */
- PORT_Memcpy(nextiv,cipherIn,SKIPJACK_BLOCK_SIZE);
- fort_doskipD(keysched,cipherIn,plainOut);
- /* xor out the last IV */
- fort_XorIV(plainOut,plainOut,lastiv);
-
- /* swap the IV buffers */
- tmpiv = lastiv;
- lastiv = nextiv;
- nextiv =tmpiv;
-
- /* increment the loop pointers... be sure to get the input, output,
- * and size (decrement) each fortdoskipD operates on an entire block*/
- cipherIn += SKIPJACK_BLOCK_SIZE;
- plainOut += SKIPJACK_BLOCK_SIZE;
- size -= SKIPJACK_BLOCK_SIZE;
- }
- fort_clearShedule(keysched); /* don't leave the key lying around the stack*/
- if (size != 0) return CI_INV_SIZE;
- return CI_OK;
-}
-
-/* These function actually implements skipjack CBC Encrypt */
-int
-fort_skipjackEncrypt(FORTSkipjackKeyPtr key, unsigned char *iv,
- unsigned long size, unsigned char *plainIn,
- unsigned char *cipherOut) {
- unsigned char *tmpiv;
- fort_keysched keysched;
- unsigned char plain[SKIPJACK_BLOCK_SIZE];
-
- fort_skipKeySchedule(key,keysched);
- tmpiv = iv;
- while (size >= SKIPJACK_BLOCK_SIZE) {
- /* We Xor into a temp buffer because we don't want to modify plainIn,
- * doing so may make the caller very unhappy:). */
- fort_XorIV(plain,plainIn,tmpiv);
- fort_doskipE(keysched,plain,cipherOut);
- tmpiv = cipherOut;
- cipherOut += SKIPJACK_BLOCK_SIZE;
- plainIn += SKIPJACK_BLOCK_SIZE;
- size -= SKIPJACK_BLOCK_SIZE;
- }
- fort_clearShedule(keysched); /* don't leave the key lying around the stack*/
- if (size != 0) return CI_INV_SIZE;
- return CI_OK;
-}
-
-
-
-/*
- * unwrap is used for key generation and mixing
- */
-int
-fort_skipjackUnwrap(FORTSkipjackKeyPtr key,unsigned long len,
- unsigned char *cipherIn, unsigned char *plainOut) {
- unsigned char low[10];
- fort_keysched keysched;
- int i,ret;
-
- /* unwrap can only unwrap 80 bit symetric keys and 160 private keys
- * sometimes these values have checksums. When they do, we should verify
- * those checksums. */
- switch (len) {
- case 20: /* private key */
- case 24: /* private key with checksum */
- ret = fort_skipjackUnwrap(key,len/2,cipherIn,plainOut);
- if (ret != CI_OK) return ret;
- ret = fort_skipjackUnwrap(key,len/2,&cipherIn[len/2],low);
-
- /* unmunge the low word */
- for (i=0; i < 10; i++) {
- low[i] = low[i] ^ plainOut[i];
- }
-
- /* the unwrap will fail above because the checkword is on
- * low, not low ^ high.
- */
- if (ret == CI_CHECKWORD_FAIL) {
- unsigned char checksum[2];
-
- ret = fort_CalcKeyChecksum(low,checksum);
- if (ret != CI_OK) return ret;
- if (PORT_Memcmp(checksum,&cipherIn[len-2],2) != 0) {
- return CI_CHECKWORD_FAIL;
- }
- }
- if (ret != CI_OK) return ret;
-
- /* re-order the low word */
- PORT_Memcpy(&plainOut[10],&low[8],2);
- PORT_Memcpy(&plainOut[12],&low[0],8);
- return CI_OK;
- case 10: /* 80 bit skipjack key */
- case 12: /* 80 bit skipjack key with checksum */
- fort_skipKeySchedule(key,keysched);
- fort_doskipD(keysched,cipherIn,plainOut);
- plainOut[8] = cipherIn[8] ^ plainOut[0];
- plainOut[9] = cipherIn[9] ^ plainOut[1];
- fort_doskipD(keysched,plainOut,plainOut);
- fort_clearShedule(keysched);
- /* if we have a checkum, verify it */
- if (len == 12) {
- unsigned char checksum[2];
-
- ret = fort_CalcKeyChecksum(plainOut,checksum);
- if (ret != CI_OK) return ret;
- if (PORT_Memcmp(checksum,&cipherIn[10],2) != 0) {
- return CI_CHECKWORD_FAIL;
- }
- }
- return CI_OK;
- default:
- break;
- }
- return CI_INV_SIZE;
-}
-
-/*
- * unwrap is used for key generation and mixing
- */
-int
-fort_skipjackWrap(FORTSkipjackKeyPtr key,unsigned long len,
- unsigned char *plainIn, unsigned char *cipherOut) {
- unsigned char low[10];
- unsigned char checksum[2];
- fort_keysched keysched;
- int i,ret;
-
-
- /* NOTE: length refers to the target in the case of wrap */
- /* Wrap can only Wrap 80 bit symetric keys and 160 private keys
- * sometimes these values have checksums. When they do, we should verify
- * those checksums. */
- switch (len) {
- case 20: /* private key */
- case 24: /* private key with checksum */
- /* re-order the low word */
- PORT_Memcpy(&low[8],&plainIn[10],2);
- PORT_Memcpy(&low[0],&plainIn[12],8);
- if (len == 24) {
- ret = fort_CalcKeyChecksum(low,checksum);
- if (ret != CI_OK) return ret;
- }
- /* munge the low word */
- for (i=0; i < 10; i++) {
- low[i] = low[i] ^ plainIn[i];
- }
- ret = fort_skipjackWrap(key,len/2,plainIn,cipherOut);
- ret = fort_skipjackWrap(key,len/2,low,&cipherOut[len/2]);
- if (len == 24) {
- PORT_Memcpy(&cipherOut[len - 2], checksum, sizeof(checksum));
- }
-
- return CI_OK;
- case 10: /* 80 bit skipjack key */
- case 12: /* 80 bit skipjack key with checksum */
-
- fort_skipKeySchedule(key,keysched);
- fort_doskipE(keysched,plainIn,cipherOut);
- cipherOut[8] = plainIn[8] ^ cipherOut[0];
- cipherOut[9] = plainIn[9] ^ cipherOut[1];
- fort_doskipE(keysched,cipherOut,cipherOut);
- fort_clearShedule(keysched);
- /* if we need a checkum, get it */
- if (len == 12) {
- ret = fort_CalcKeyChecksum(plainIn,&cipherOut[10]);
- if (ret != CI_OK) return ret;
- }
- return CI_OK;
- default:
- break;
- }
- return CI_INV_SIZE;
-}
-
diff --git a/security/nss/lib/fortcrypt/swfort/swflib.c b/security/nss/lib/fortcrypt/swfort/swflib.c
deleted file mode 100644
index c7970ddd0..000000000
--- a/security/nss/lib/fortcrypt/swfort/swflib.c
+++ /dev/null
@@ -1,1028 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * implement the MACI calls as Software Fortezza Calls.
- * only do the ones Nescape Needs. This provides a single software slot,
- * with 100 key registers, and 50 backup Ra private registers. Since we only
- * create one session per slot, this implementation only uses one session.
- * One future enhancement may be to try to improve on this for better threading
- * support.
- */
-
-#include "prtypes.h"
-#include "prio.h"
-
-#include "swforti.h"
-/*#include "keytlow.h"*/
-/* #include "dh.h" */
-#include "blapi.h"
-#include "maci.h"
-/* #include "dsa.h" */
-/* #include "hasht.h" */
-#include "secitem.h"
-#include "secrng.h"
-/*#include "keylow.h" */
-#include "secder.h"
-
-#ifdef XP_UNIX
-#include <unistd.h>
-#endif
-
-#ifndef O_BINARY
-#define O_BINARY 0
-#endif
-
-
-/* currently we only support one software token. In the future we can use the
- * session to determin which of many possible tokens we are talking about.
- * all the calls which need tokens take a pointer to the software token as a
- * target.
- */
-static FORTSWToken *swtoken = NULL;
-
-#define SOCKET_ID 1
-
-
-/* can't change the pin on SW fortezza for now */
-int
-MACI_ChangePIN(HSESSION session, int PINType, CI_PIN CI_FAR pOldPIN,
- CI_PIN CI_FAR pNewPin)
-{
- return CI_INV_STATE;
-}
-
-
-/*
- * Check pin checks the pin, then logs the user in or out depending on if
- * the pin succedes. The General implementation would support both SSO and
- * User mode our's only needs User mode. Pins are checked by whether or not
- * they can produce our valid Ks for this 'card'.
- */
-int
-MACI_CheckPIN(HSESSION session, int PINType, CI_PIN CI_FAR pin)
-{
- FORTSkipjackKeyPtr Ks;
- FORTSWFile *config_file = NULL;
- FORTSkipjackKey seed;
- unsigned char pinArea[13];
- unsigned char *padPin = NULL;
-
- /* This SW module can only log in as USER */
- if (PINType != CI_USER_PIN) return CI_INV_TYPE;
-
- if (swtoken == NULL) return CI_NO_CARD;
- /* we can't check a pin if we haven't been initialized yet */
- if (swtoken->config_file == NULL) return CI_NO_CARD;
- config_file = swtoken->config_file;
-
- /* Make sure the pin value meets minimum lengths */
- if (PORT_Strlen((char *)pin) < 12) {
- PORT_Memset(pinArea, ' ', sizeof(pinArea));
- PORT_Memcpy(pinArea,pin,PORT_Strlen((char *)pin));
- pinArea[12] = 0;
- padPin = pinArea;
- }
-
- /* get the Ks by unwrapping it from the memphrase with the pbe generated
- * from the pin */
- Ks = fort_CalculateKMemPhrase(config_file,
- &config_file->fortezzaPhrase, (char *)pin, NULL);
-
- if (Ks == 0) {
- Ks = fort_CalculateKMemPhrase(config_file,
- &config_file->fortezzaPhrase, (char *)padPin, NULL);
- if (Ks == 0) {
- PORT_Memset(pinArea, 0, sizeof(pinArea));
- fort_Logout(swtoken);
- return CI_FAIL;
- }
- }
-
- /* use Ks and hash to verify that pin is correct */
- if (! fort_CheckMemPhrase(config_file, &config_file->fortezzaPhrase,
- (char *)pin, Ks) ) {
- if ((padPin == NULL) ||
- ! fort_CheckMemPhrase(config_file, &config_file->fortezzaPhrase,
- (char *)padPin, Ks) ) {
- PORT_Memset(pinArea, 0, sizeof(pinArea));
- fort_Logout(swtoken);
- return CI_FAIL;
- }
- }
-
- PORT_Memset(pinArea, 0, sizeof(pinArea));
-
-
- /* OK, add the random Seed value into the random number generator */
- fort_skipjackUnwrap(Ks,config_file->wrappedRandomSeed.len,
- config_file->wrappedRandomSeed.data,seed);
- RNG_RandomUpdate(seed,sizeof(seed));
-
- /* it is, go ahead and log in */
- swtoken->login = PR_TRUE;
- /* Ks is always stored in keyReg[0] when we log in */
- PORT_Memcpy(swtoken->keyReg[0].data, Ks, sizeof (FORTSkipjackKey));
- swtoken->keyReg[0].present = PR_TRUE;
- PORT_Memset(Ks, 0, sizeof(FORTSkipjackKey));
- PORT_Free(Ks);
-
-
- return CI_OK;
-}
-
-/*
- * close an open socket. Power_Down flag is set when we want to reset the
- * cards complete state.
- */
-int
-MACI_Close(HSESSION session, unsigned int flags, int socket)
-{
- if (socket != SOCKET_ID) return CI_BAD_CARD;
- if (swtoken == NULL) return CI_BAD_CARD;
-
- if (flags == CI_POWER_DOWN_FLAG) {
- fort_Logout(swtoken);
- }
- return CI_OK;
-}
-
-/*
- * Decrypt keeps track of it's own IV.
- */
-int
-MACI_Decrypt(HSESSION session, unsigned int size, CI_DATA cipherIn,
- CI_DATA plainOut)
-{
- int ret;
- unsigned char IV[SKIPJACK_BLOCK_SIZE];
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,swtoken->key,PR_TRUE)) != CI_OK) return ret;
-
- /*fort_AddNoise();*/
-
- /* save the IV, before we potentially trash the new one when we decrypt.
- * (it's permissible to decrypt into the cipher text buffer by passing the
- * same buffers for both cipherIn and plainOut.
- */
- PORT_Memcpy(IV,swtoken->IV, sizeof(IV));
- fort_UpdateIV(cipherIn,size,swtoken->IV);
- return fort_skipjackDecrypt(swtoken->keyReg[swtoken->key].data,
- IV,size,cipherIn,plainOut);
-}
-
-/*
- * Clear a key from one of the key registers (indicated by index).
- * return an error if no key exists.
- */
-int
-MACI_DeleteKey(HSESSION session, int index)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-
- /* can't delete Ks */
- if (index == 0) return CI_INV_KEY_INDEX;
-
- if ((ret = fort_KeyOK(swtoken,index,PR_TRUE)) != CI_OK) return ret;
- fort_ClearKey(&swtoken->keyReg[index]);
- return CI_OK;
-}
-
-
-/*
- * encrypt some blocks of data and update the IV.
- */
-int
-MACI_Encrypt(HSESSION session, unsigned int size, CI_DATA plainIn,
- CI_DATA cipherOut)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,swtoken->key,PR_TRUE)) != CI_OK) return ret;
-
- /*fort_AddNoise();*/
-
- ret = fort_skipjackEncrypt(swtoken->keyReg[swtoken->key].data,
- swtoken->IV,size,plainIn,cipherOut);
- fort_UpdateIV(cipherOut,size,swtoken->IV);
-
- return ret;
-
-}
-
-/*
- * create a new IV and encode it.
- */
-
-static char *leafbits="THIS IS NOT LEAF";
-
-int
-MACI_GenerateIV(HSESSION Session, CI_IV CI_FAR pIV)
-{
- int ret;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,swtoken->key,PR_TRUE)) != CI_OK) return ret;
-
- ret = fort_GenerateRandom(swtoken->IV,SKIPJACK_BLOCK_SIZE);
- if (ret != CI_OK) return ret;
-
- PORT_Memcpy(pIV,leafbits,SKIPJACK_LEAF_SIZE);
- PORT_Memcpy(&pIV[SKIPJACK_LEAF_SIZE],swtoken->IV,SKIPJACK_BLOCK_SIZE);
-
- return CI_OK;
-}
-
-
-/*
- * create a new Key
- */
-int
-MACI_GenerateMEK(HSESSION session, int index, int reserved)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,index,PR_FALSE)) != CI_OK) return ret;
-
- ret = fort_GenerateRandom(swtoken->keyReg[index].data,
- sizeof (swtoken->keyReg[index].data));
- if (ret == CI_OK) swtoken->keyReg[index].present = PR_TRUE;
-
- return ret;
-}
-
-/*
- * build a new Ra/ra pair for a KEA exchange.
- */
-int
-MACI_GenerateRa(HSESSION session, CI_RA CI_FAR pRa)
-{
- int ret;
- int counter;
- int RaLen,raLen;
- DSAPrivateKey *privKey = NULL;
- PQGParams params;
- SECStatus rv;
- int crv = CI_EXEC_FAIL;
- fortSlotEntry *certEntry = NULL;
- unsigned char *unsignedRa = NULL;
- unsigned char *unsignedra = NULL;
- fortKeyInformation *key_info = NULL;
-
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- /* make sure the personality is set */
- if (swtoken->certIndex == 0) return CI_INV_STATE;
-
- /* pick next Ra circular buffer */
- counter = swtoken->nextRa;
- swtoken->nextRa++;
- if (swtoken->nextRa >= MAX_RA_SLOTS) swtoken->nextRa = 0;
-
- /* now get the params for diffie -helman key gen */
- certEntry = fort_GetCertEntry(swtoken->config_file,swtoken->certIndex);
- if (certEntry == NULL) return CI_INV_CERT_INDEX;
- if (certEntry->exchangeKeyInformation) {
- key_info = certEntry->exchangeKeyInformation;
- } else {
- key_info = certEntry->signatureKeyInformation;
- }
- if (key_info == NULL) return CI_NO_X;
-
- /* Generate Diffie Helman key Pair -- but we use DSA key gen to do it */
- rv = SECITEM_CopyItem(NULL,&params.prime,&key_info->p);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
- rv = SECITEM_CopyItem(NULL,&params.subPrime,&key_info->q);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
- rv = SECITEM_CopyItem(NULL,&params.base,&key_info->g);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
-
- /* KEA uses DSA like key generation with short DSA keys that have to
- * maintain a relationship to q */
- rv = DSA_NewKey(&params, &privKey);
- SECITEM_FreeItem(&params.prime,PR_FALSE);
- SECITEM_FreeItem(&params.subPrime,PR_FALSE);
- SECITEM_FreeItem(&params.base,PR_FALSE);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
-
- /* save private key, public key, and param in Ra Circular buffer */
- unsignedRa = privKey->publicValue.data;
- RaLen = privKey->publicValue.len;
- while ((unsignedRa[0] == 0) && (RaLen > CI_RA_SIZE)) {
- unsignedRa++;
- RaLen--;
- }
- if (RaLen > CI_RA_SIZE) goto loser;
-
- unsignedra = privKey->privateValue.data;
- raLen = privKey->privateValue.len;
- while ((unsignedra[0] == 0) && (raLen > sizeof(fortRaPrivate))) {
- unsignedra++;
- raLen--;
- }
-
- if (raLen > sizeof(fortRaPrivate)) goto loser;
-
- PORT_Memset(swtoken->RaValues[counter].private, 0, sizeof(fortRaPrivate));
- PORT_Memcpy(
- &swtoken->RaValues[counter].private[sizeof(fortRaPrivate) - raLen],
- unsignedra, raLen);
- PORT_Memset(pRa, 0, CI_RA_SIZE);
- PORT_Memcpy(&pRa[CI_RA_SIZE-RaLen], unsignedRa, RaLen);
- PORT_Memcpy(swtoken->RaValues[counter].public, pRa, CI_RA_SIZE);
- crv = CI_OK;
-
-loser:
- PORT_FreeArena(privKey->params.arena, PR_TRUE);
-
- return crv;
-}
-
-
-/*
- * return some random data.
- */
-int
-MACI_GenerateRandom(HSESSION session, CI_RANDOM CI_FAR random)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_FALSE)) != CI_OK) return ret;
- return fort_GenerateRandom(random,sizeof (CI_RANDOM));
-}
-
-
-static CI_RA Remail = {
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1
-};
-
-/*
- * build a new Token exchange key using KEA.
- */
-int
-MACI_GenerateTEK(HSESSION hSession, int flags, int target,
- CI_RA CI_FAR Ra, CI_RA CI_FAR Rb, unsigned int YSize, CI_Y CI_FAR pY )
-{
- FORTEZZAPrivateKey *key = NULL;
- fortSlotEntry * certEntry;
- unsigned char * w = NULL;
- SECItem *q;
- SECStatus rv;
- int ret,i;
- PRBool email = PR_TRUE;
- SECItem R; /* public */
- SECItem Y; /* public */
- SECItem r; /* private */
- SECItem x; /* private */
- SECItem wItem; /* derived secret */
- fortRaPrivatePtr ra;
- FORTSkipjackKey cover_key;
-
- unsigned char pad[10] = { 0x72, 0xf1, 0xa8, 0x7e, 0x92,
- 0x82, 0x41, 0x98, 0xab, 0x0b };
-
- /* verify that everything is ok with the token, keys and certs */
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- /* make sure the personality is set */
- if (swtoken->certIndex == 0) return CI_INV_STATE;
- if ((ret = fort_KeyOK(swtoken,target,PR_FALSE)) != CI_OK) return ret;
-
- /* get the cert from the entry, then look up the key from that cert */
- certEntry = fort_GetCertEntry(swtoken->config_file,swtoken->certIndex);
- if (certEntry == NULL) return CI_INV_CERT_INDEX;
- key = fort_GetPrivKey(swtoken,fortezzaDHKey,certEntry);
- if (key == NULL) return CI_NO_X;
-
- if (certEntry->exchangeKeyInformation) {
- q = &certEntry->exchangeKeyInformation->q;
- } else {
- q = &certEntry->signatureKeyInformation->q;
- }
-
- email = (PORT_Memcmp(Rb,Remail,sizeof(Rb)) == 0) ? PR_TRUE: PR_FALSE;
-
-
- /* load the common elements */
- Y.data = pY;
- Y.len = YSize;
- x.data = key->u.dh.privateValue.data;
- x.len = key->u.dh.privateValue.len;
-
- /* now initialize the rest of the values */
- if (flags == CI_INITIATOR_FLAG) {
- if (email) {
- R.data = Y.data;
- R.len = Y.len;
- } else {
- R.data = Rb;
- R.len = sizeof(CI_RA);
- }
- ra = fort_LookupPrivR(swtoken,Ra);
- if (ra == NULL) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
- r.data = ra;
- r.len = sizeof(fortRaPrivate);
- } else {
- R.data = Ra;
- R.len = sizeof(CI_RA);
- if (email) {
- r.data = x.data;
- r.len = x.len;
- } else {
- ra = fort_LookupPrivR(swtoken,Rb);
- if (ra == NULL) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
- r.data = ra;
- r.len = sizeof(fortRaPrivate);
- }
- }
-
-
- if (!KEA_Verify(&Y,&key->u.dh.prime,q)) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
- if (!KEA_Verify(&R,&key->u.dh.prime,q)) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
-
- /* calculate the base key */
- rv = KEA_Derive(&key->u.dh.prime, &Y, &R, &r, &x, &wItem);
- if (rv != SECSuccess) {
- ret = CI_EXEC_FAIL;
- goto loser;
- }
-
- w = wItem.data;
- /* use the skipjack wrapping function to 'mix' the key up */
- for (i=0; i < sizeof(FORTSkipjackKey); i++)
- cover_key[i] = pad[i] ^ w[i];
-
- ret = fort_skipjackWrap(cover_key,sizeof(FORTSkipjackKey),
- &w[sizeof(FORTSkipjackKey)],swtoken->keyReg[target].data);
- if (ret != CI_OK) goto loser;
-
- swtoken->keyReg[target].present = PR_TRUE;
-
- ret = CI_OK;
-loser:
- if (w) PORT_Free(w);
- if (key) fort_DestroyPrivateKey(key);
-
- return ret;
-}
-
-
-/*
- * return the bytes of a certificate.
- */
-int
-MACI_GetCertificate(HSESSION hSession, int certIndex,
- CI_CERTIFICATE CI_FAR cert)
-{
- int len;
- int ret;
- fortSlotEntry *certEntry = NULL;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-
- certEntry = fort_GetCertEntry(swtoken->config_file,certIndex);
- if (certEntry == NULL) return CI_INV_CERT_INDEX;
-
- len = certEntry->certificateData.dataEncryptedWithKs.len;
- PORT_Memset(cert,0,sizeof(CI_CERTIFICATE));
- PORT_Memcpy(cert, certEntry->certificateData.dataEncryptedWithKs.data,len);
-
- /* Ks is always stored in keyReg[0] when we log in */
- return fort_skipjackDecrypt(swtoken->keyReg[0].data,
- &certEntry->certificateData.dataIV.data[SKIPJACK_LEAF_SIZE],
- len,cert,cert);
-}
-
-
-/*
- * return out sofware configuration bytes. Those field not used by the PKCS #11
- * module may not be filled in exactly.
- */
-#define NETSCAPE "Netscape Communications Corp "
-#define PRODUCT "Netscape Software FORTEZZA Lib "
-#define SOFTWARE "Software FORTEZZA Implementation"
-
-int
-MACI_GetConfiguration(HSESSION hSession, CI_CONFIG_PTR config)
-{
- config->LibraryVersion = 0x0100;
- config->ManufacturerVersion = 0x0100;
- PORT_Memcpy(config->ManufacturerName,NETSCAPE,sizeof(NETSCAPE));
- PORT_Memcpy(config->ProductName,PRODUCT,sizeof(PRODUCT));
- PORT_Memcpy(config->ProcessorType,SOFTWARE,sizeof(SOFTWARE));
- config->UserRAMSize = 0;
- config->LargestBlockSize = 0x10000;
- config->KeyRegisterCount = KEY_REGISTERS;
- config->CertificateCount =
- swtoken ? fort_GetCertCount(swtoken->config_file): 0;
- config->CryptoCardFlag = 0;
- config->ICDVersion = 0;
- config->ManufacturerSWVer = 0x0100;
- config->DriverVersion = 0x0100;
- return CI_OK;
-}
-
-/*
- * return a list of all the personalities (up to the value 'EntryCount')
- */
-int
-MACI_GetPersonalityList(HSESSION hSession, int EntryCount,
- CI_PERSON CI_FAR personList[])
-{
- int count;
- int i,ret;
- FORTSWFile *config_file = NULL;
- unsigned char tmp[32];
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- config_file = swtoken->config_file;
-
- /* search for the index */
- count= fort_GetCertCount(config_file);
-
- /* don't return more than the user asked for */
- if (count > EntryCount) count = EntryCount;
- for (i=0; i < count ;i ++) {
- int len, dataLen;
- personList[i].CertificateIndex =
- config_file->slotEntries[i]->certIndex;
- len = config_file->slotEntries[i]->certificateLabel.
- dataEncryptedWithKs.len;
- if (len > sizeof(tmp)) len = sizeof(tmp);
- PORT_Memset(personList[i].CertLabel, ' ',
- sizeof(personList[i].CertLabel));
- PORT_Memcpy(tmp,
- config_file->slotEntries[i]->
- certificateLabel.dataEncryptedWithKs.data,
- len);
- /* Ks is always stored in keyReg[0] when we log in */
- ret = fort_skipjackDecrypt(swtoken->keyReg[0].data,
- &config_file->slotEntries[i]->
- certificateLabel.dataIV.data[SKIPJACK_LEAF_SIZE],len,
- tmp,tmp);
- if (ret != CI_OK) return ret;
- dataLen = DER_GetInteger(&config_file->slotEntries[i]->
- certificateLabel.length);
- if (dataLen > sizeof(tmp)) dataLen = sizeof(tmp);
- PORT_Memcpy(personList[i].CertLabel, tmp, dataLen);
- personList[i].CertLabel[32] = 0;
- personList[i].CertLabel[33] = 0;
- personList[i].CertLabel[34] = 0;
- personList[i].CertLabel[35] = 0;
- }
- return CI_OK;
-}
-
-
-/*
- * get a new session ID. This function is only to make the interface happy,
- * the PKCS #11 module only uses one session per token.
- */
-int
-MACI_GetSessionID(HSESSION *session)
-{
- *session = 1;
- return CI_OK;
-}
-
-/*
- * return the current card state.
- */
-int
-MACI_GetState(HSESSION hSession, CI_STATE_PTR state)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_FALSE)) != CI_OK) return ret;
- *state = fort_GetState(swtoken);
- return CI_OK;
-}
-
-/*
- * return the status. NOTE that KeyRegisterFlags and CertificateFlags are never
- * really used by the PKCS #11 module, so they are not implemented.
- */
-int
-MACI_GetStatus(HSESSION hSession, CI_STATUS_PTR status)
-{
- int ret;
- FORTSWFile *config_file = NULL;
-
- if ((ret = fort_CardExists(swtoken,PR_FALSE)) != CI_OK) return ret;
- config_file = swtoken->config_file;
- status->CurrentSocket = 1;
- status->LockState = swtoken->lock;
- PORT_Memcpy(status->SerialNumber,
- config_file->serialID.data, config_file->serialID.len);
- status->CurrentState = fort_GetState(swtoken);
- status->DecryptionMode = CI_CBC64_MODE;
- status->EncryptionMode = CI_CBC64_MODE;
- status->CurrentPersonality = swtoken->certIndex;
- status->KeyRegisterCount = KEY_REGISTERS;
- /* our code doesn't use KeyRegisters, which is good, because there's not
- * enough of them .... */
- PORT_Memset(status->KeyRegisterFlags,0,sizeof(status->KeyRegisterFlags));
- status->CertificateCount = fort_GetCertCount(config_file);
- PORT_Memset(status->CertificateFlags,0,sizeof(status->CertificateFlags));
- PORT_Memset(status->Flags,0,sizeof(status->Flags));
-
- return CI_OK;
-}
-
-/*
- * add the time call because the PKCS #11 module calls it, but always pretend
- * the clock is bad, so it never uses the returned time.
- */
-int
-MACI_GetTime(HSESSION hSession, CI_TIME CI_FAR time)
-{
- return CI_BAD_CLOCK;
-}
-
-
-/* This function is copied from NSPR so that the PKCS #11 module can be
- * independent of NSPR */
-PRInt32 local_getFileInfo(const char *fn, PRFileInfo *info);
-
-/*
- * initialize the SW module, and return the number of slots we support (1).
- */
-int
-MACI_Initialize(int CI_FAR *count)
-{
- char *filename = NULL;
- SECItem file;
- FORTSignedSWFile *decode_file = NULL;
- PRFileInfo info;
- /*PRFileDesc *fd = NULL;*/
- int fd = -1;
- PRStatus err;
- int ret = CI_OK;
- int fcount;
-
- file.data = NULL;
- file.len = 0;
-
- *count = 1;
-
- /* allocate swtoken structure */
- swtoken = PORT_ZNew(FORTSWToken);
- if (swtoken == NULL) return CI_OUT_OF_MEMORY;
-
- filename = (char *)fort_LookupFORTEZZAInitFile();
- if (filename == NULL) {
- ret = CI_BAD_READ;
- goto failed;
- }
-
- fd = open(filename,O_RDONLY|O_BINARY,0);
- if (fd < 0) {
- ret = CI_BAD_READ;
- goto failed;
- }
-
- err = local_getFileInfo(filename,&info);
- if ((err != 0) || (info.size == 0)) {
- ret = CI_BAD_READ;
- goto failed;
- }
-
- file.data = PORT_ZAlloc(info.size);
- if (file.data == NULL) {
- ret = CI_OUT_OF_MEMORY;
- goto failed;
- }
-
- fcount = read(fd,file.data,info.size);
- close(fd); fd = -1;
- if (fcount != (int)info.size) {
- ret = CI_BAD_READ;
- goto failed;
- }
-
- file.len = fcount;
-
- decode_file = FORT_GetSWFile(&file);
- if (decode_file == NULL) {
- ret = CI_BAD_READ;
- goto failed;
- }
- swtoken->config_file = &decode_file->file;
-
- RNG_SystemInfoForRNG();
- RNG_FileForRNG(filename);
-
-
-failed:
- if (filename) PORT_Free(filename);
- if (fd != -1) close(fd);
- if (file.data) PORT_Free(file.data);
- if (ret != CI_OK) {
- if (decode_file) FORT_DestroySignedSWFile(decode_file);
- if (swtoken) PORT_Free(swtoken);
- swtoken = NULL;
- }
-
- return CI_OK;
-}
-
-/*
- * load an IV from an external source. We technically should check it with the
- * key we received.
- */
-int
-MACI_LoadIV(HSESSION session, CI_IV CI_FAR iv)
-{
- int ret;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- PORT_Memcpy(swtoken->IV,&iv[SKIPJACK_LEAF_SIZE],SKIPJACK_BLOCK_SIZE);
- return CI_OK;
-}
-
-/* implement token lock (should call PR_Monitor here) */
-int
-MACI_Lock(HSESSION session, int flags)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- swtoken->lock = 1;
-
- return CI_OK;
-}
-
-/* open a token. For software there isn't much to do that hasn't already been
- * done by initialize. */
-int
-MACI_Open(HSESSION session, unsigned int flags, int socket)
-{
- if (socket != SOCKET_ID) return CI_NO_CARD;
- if (swtoken == NULL) return CI_NO_CARD;
- return CI_OK;
-}
-
-/*
- * Reset logs out the token...
- */
-int
-MACI_Reset(HSESSION session)
-{
- if (swtoken) fort_Logout(swtoken);
- return CI_OK;
-}
-
-/*
- * restore and encrypt/decrypt state. NOTE: there is no error checking in this
- * or the save function.
- */
-int
-MACI_Restore(HSESSION session, int type, CI_SAVE_DATA CI_FAR data)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- PORT_Memcpy(swtoken->IV,data, sizeof (swtoken->IV));
- return CI_OK;
-}
-
-/*
- * save and encrypt/decrypt state. NOTE: there is no error checking in this
- * or the restore function.
- */
-int
-MACI_Save(HSESSION session, int type,CI_SAVE_DATA CI_FAR data)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- PORT_Memcpy(data,swtoken->IV, sizeof (swtoken->IV));
- return CI_OK;
-}
-
-/*
- * picks a token to operate against. In our case there can be only one.
- */
-int
-MACI_Select(HSESSION session, int socket)
-{
- if (socket == SOCKET_ID) return CKR_OK;
- return CI_NO_CARD;
-}
-
-/*
- * set a register as the key to use for encrypt/decrypt operations.
- */
-int
-MACI_SetKey(HSESSION session, int index)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,index,PR_TRUE)) != CI_OK) return ret;
-
- swtoken->key = index;
- return CI_OK;
-}
-
-/*
- * only CBC64 is supported. Keep setmode for compatibility */
-int
-MACI_SetMode(HSESSION session, int type, int mode)
-{
- if (mode != CI_CBC64_MODE) return CI_INV_MODE;
- return CI_OK;
-}
-
-/* set the personality to use for sign/verify */
-int
-MACI_SetPersonality(HSESSION session, int cert)
-{
- int ret;
- fortSlotEntry *certEntry = NULL;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
-
- certEntry = fort_GetCertEntry(swtoken->config_file,cert);
- if ((certEntry == NULL) ||
- ((certEntry->exchangeKeyInformation == NULL) &&
- (certEntry->signatureKeyInformation == NULL)) )
- return CI_INV_CERT_INDEX;
- swtoken->certIndex = cert;
- return CI_OK;
-}
-
-
-/* DSA sign some data */
-int
-MACI_Sign(HSESSION session, CI_HASHVALUE CI_FAR hash, CI_SIGNATURE CI_FAR sig)
-{
- FORTEZZAPrivateKey *key = NULL;
- fortSlotEntry * certEntry = NULL;
- int ret = CI_OK;
- SECStatus rv;
- SECItem signItem;
- SECItem hashItem;
- unsigned char random[DSA_SUBPRIME_LEN];
-
- /* standard checks */
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- /* make sure the personality is set */
- if (swtoken->certIndex == 0) return CI_INV_STATE;
-
- /* get the current personality */
- certEntry = fort_GetCertEntry(swtoken->config_file,swtoken->certIndex);
- if (certEntry == NULL) return CI_INV_CERT_INDEX;
-
- /* extract the private key from the personality */
- ret = CI_OK;
- key = fort_GetPrivKey(swtoken,fortezzaDSAKey,certEntry);
- if (key == NULL) {
- ret = CI_NO_X;
- goto loser;
- }
-
- /* create a random value for the signature */
- ret = fort_GenerateRandom(random, sizeof(random));
- if (ret != CI_OK) goto loser;
-
- /* Sign with that private key */
- signItem.data = sig;
- signItem.len = DSA_SIGNATURE_LEN;
-
- hashItem.data = hash;
- hashItem.len = SHA1_LENGTH;
-
- rv = DSA_SignDigestWithSeed(&key->u.dsa, &signItem, &hashItem, random);
- if (rv != SECSuccess) {
- ret = CI_EXEC_FAIL;
- }
-
- /* clean up */
-loser:
- if (key != NULL) fort_DestroyPrivateKey(key);
-
- return ret;
-}
-
-/*
- * clean up after ourselves.
- */
-int
-MACI_Terminate(HSESSION session)
-{
- if (swtoken == NULL) return CI_OUT_OF_MEMORY;
-
- /* clear all the keys */
- fort_Logout(swtoken);
-
- FORT_DestroySWFile(swtoken->config_file);
- PORT_Free(swtoken);
- swtoken = NULL;
- return CI_OK;
-}
-
-
-
-/* implement token unlock (should call PR_Monitor here) */
-int
-MACI_Unlock(HSESSION session)
-{
- int ret;
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- swtoken->lock = 0;
- return CI_OK;
-}
-
-/*
- * unwrap a key into our software token. NOTE: this function does not
- * verify that the wrapping key is Ks or a TEK. This is because our higher
- * level software doesn't try to wrap MEKs with MEKs. If this API was exposed
- * generically, then we would have to worry about things like this.
- */
-int
-MACI_UnwrapKey(HSESSION session, int wrapKey, int target,
- CI_KEY CI_FAR keyData)
-{
- int ret = CI_OK;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,target,PR_FALSE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,wrapKey,PR_TRUE)) != CI_OK) return ret;
- ret = fort_skipjackUnwrap(swtoken->keyReg[wrapKey].data,
- sizeof(CI_KEY), keyData, swtoken->keyReg[target].data);
- if (ret != CI_OK) goto loser;
-
- swtoken->keyReg[target].present = PR_TRUE;
-
-loser:
- return ret;
-}
-
-/*
- * Wrap a key out of our software token. NOTE: this function does not
- * verify that the wrapping key is Ks or a TEK, or that the source key is
- * a MEK. This is because our higher level software doesn't try to wrap MEKs
- * with MEKs, or wrap out TEKS and Ks. If this API was exposed
- * generically, then we would have to worry about things like this.
- */
-int
-MACI_WrapKey(HSESSION session, int wrapKey, int source, CI_KEY CI_FAR keyData)
-{
- int ret;
-
- if ((ret = fort_CardExists(swtoken,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,source,PR_TRUE)) != CI_OK) return ret;
- if ((ret = fort_KeyOK(swtoken,wrapKey,PR_TRUE)) != CI_OK) return ret;
- ret = fort_skipjackWrap(swtoken->keyReg[wrapKey].data,
- sizeof(CI_KEY), swtoken->keyReg[source].data,keyData);
-
- return ret;
-}
-
diff --git a/security/nss/lib/fortcrypt/swfort/swfort.h b/security/nss/lib/fortcrypt/swfort/swfort.h
deleted file mode 100644
index d0cefb098..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfort.h
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Software implementation of FORTEZZA skipjack primatives
- */
-#ifndef _SWFORT_H_
-#define _SWFORT_H_
-
-#include "seccomon.h"
-#include "swfortt.h"
-/*#include "genci.h"*/
-
-
-SEC_BEGIN_PROTOS
-
-FORTSignedSWFile *
-FORT_GetSWFile(SECItem *initBits);
-
-SECStatus
-FORT_CheckInitPhrase(FORTSignedSWFile *sw_init_file, char *initMemPhrase);
-
-SECStatus
-FORT_CheckUserPhrase(FORTSignedSWFile *sw_init_file, char *userMemPhrase);
-
-void
-FORT_DestroySWFile(FORTSWFile *file);
-
-void
-FORT_DestroySignedSWFile(FORTSignedSWFile *swfile);
-
-SECItem *
-FORT_GetDERCert(FORTSignedSWFile *swfile, int index);
-
-SECItem *
-FORT_PutSWFile(FORTSignedSWFile *sw_init_file);
-
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swforti.h b/security/nss/lib/fortcrypt/swfort/swforti.h
deleted file mode 100644
index bcc07ee62..000000000
--- a/security/nss/lib/fortcrypt/swfort/swforti.h
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Software implementation of FORTEZZA Skipjack primatives and helper functions.
- */
-#ifndef _SWFORTI_H_
-#define _SWFORTI_H_
-
-#ifndef RETURN_TYPE
-#define RETURN_TYPE int
-#endif
-
-#include "seccomon.h"
-#include "swfort.h"
-#include "swfortti.h"
-#include "maci.h"
-
-
-SEC_BEGIN_PROTOS
-/*
- * Check to see if the index is ok, and that key is appropriately present or
- * absent.
- */
-int fort_KeyOK(FORTSWToken *token, int index, PRBool isPresent);
-
-/*
- * clear out a key register
- */
-void fort_ClearKey(FORTKeySlot *key);
-
-/*
- * clear out an Ra register
- */
-void fort_ClearRaSlot(FORTRaRegisters *ra);
-
-/*
- * provide a helper function to do all the loggin out functions.
- * NOTE: Logging in only happens in MACI_CheckPIN
- */
-void fort_Logout(FORTSWToken *token);
-
-/*
- * update the new IV value based on the current cipherText (should be the last
- * block of the cipher text).
- */
-int fort_UpdateIV(unsigned char *cipherText, unsigned int size,unsigned char *IV);
-
-
-/*
- * verify that we have a card initialized, and if necessary, logged in.
- */
-int fort_CardExists(FORTSWToken *token,PRBool needLogin);
-
-/*
- * walk down the cert slot entries, counting them.
- * return that count.
- */
-int fort_GetCertCount(FORTSWFile *file);
-
-/*
- * copy an unsigned SECItem to a signed SecItem. (if the high bit is on,
- * pad with a leading 0.
- */
-SECStatus fort_CopyUnsigned(PRArenaPool *arena, SECItem *to, const SECItem *from);
-
-/*
- * return the private key based on the token and entry.
- */
-FORTEZZAPrivateKey *fort_GetPrivKey(FORTSWToken *token,FORTEZZAKeyType keyType,fortSlotEntry *certEntry);
-
-/*
- * Free the key acquired above.
- */
-void fort_DestroyPrivateKey(FORTEZZAPrivateKey *key);
-
-/*
- * find a particulare certificate entry from the config
- * file.
- */
-fortSlotEntry * fort_GetCertEntry(FORTSWFile *file,int index);
-
-/*
- * use the token to termine it's CI_State.
- */
-CI_STATE fort_GetState(FORTSWToken *token);
-
-/*
- * find the private ra value for a given public Ra value.
- */
-fortRaPrivatePtr fort_LookupPrivR(FORTSWToken *token,CI_RA Ra);
-
-/*
- * go add more noise to the random number generator
- */
-void fort_AddNoise(void);
-
-/*
- * Get a random number
- */
-int fort_GenerateRandom(unsigned char *buf, int bytes);
-
-
-/*
- * We're deep in the bottom of MACI and PKCS #11... We need to
- * find our fortezza key file. This function lets us search manual paths to
- * find our key file.
- */
-char *fort_FindFileInPath(char *path, char *fn);
-
-
-char *fort_LookupFORTEZZAInitFile(void);
-
-
-FORTSkipjackKeyPtr fort_CalculateKMemPhrase(FORTSWFile *file,
- fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey);
-
-
-PRBool fort_CheckMemPhrase(FORTSWFile *file,
- fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey);
-
-
-/* These function actually implements skipjack CBC64 Decrypt */
-int fort_skipjackDecrypt(FORTSkipjackKeyPtr key, unsigned char *iv,
- unsigned long size, unsigned char *cipherIn,
- unsigned char *plainOut);
-
-/* These function actually implements skipjack CBC64 Encrypt */
-int fort_skipjackEncrypt(FORTSkipjackKeyPtr key, unsigned char *iv,
- unsigned long size, unsigned char *plainIn,
- unsigned char *cipherOut);
-
-/*
- * unwrap is used for key generation and mixing
- */
-int fort_skipjackUnwrap(FORTSkipjackKeyPtr key,unsigned long len,
- unsigned char *cipherIn, unsigned char *plainOut);
-
-/*
- * unwrap is used for key generation and mixing
- */
-int
-fort_skipjackWrap(FORTSkipjackKeyPtr key,unsigned long len,
- unsigned char *plainIn, unsigned char *cipherOut);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swfortt.h b/security/nss/lib/fortcrypt/swfort/swfortt.h
deleted file mode 100644
index a5ee7b2b5..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfortt.h
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * All the data structures for Software fortezza are internal only.
- * The external API for Software fortezza is MACI (which is only used by
- * the PKCS #11 module.
- */
-
-#ifndef _SWFORTT_H_
-#define _SWFORTT_H_
-
-/* structure typedefs */
-typedef struct FORTKeySlotStr FORTKeySlot;
-typedef struct FORTRaRegistersStr FORTRaRegisters;
-typedef struct FORTSWTokenStr FORTSWToken;
-
-/* Der parsing typedefs */
-typedef struct fortKeyInformationStr fortKeyInformation;
-typedef struct fortProtectedDataStr fortProtectedData;
-typedef struct fortSlotEntryStr fortSlotEntry;
-typedef struct fortProtectedPhraseStr fortProtectedPhrase;
-typedef struct FORTSWFileStr FORTSWFile;
-typedef struct FORTSignedSWFileStr FORTSignedSWFile;
-
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swfortti.h b/security/nss/lib/fortcrypt/swfort/swfortti.h
deleted file mode 100644
index 0fd2d0e34..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfortti.h
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * All the data structures for Software fortezza are internal only.
- * The external API for Software fortezza is MACI (which is only used by
- * the PKCS #11 module.
- */
-
-#ifndef _SWFORTTI_H_
-#define _SWFORTTI_H_
-
-#include "maci.h"
-#include "seccomon.h"
-#include "mcom_db.h" /* really should be included by certt.h */
-#include "certt.h"
-/*#include "keyt.h"*/
-#include "blapit.h"
-#include "swfortt.h"
-
-
-typedef enum {
- fortezzaDSAKey = 0,
- fortezzaDHKey = 1
-} FORTEZZAKeyType;
-
-/*
-** Low Level private key object
-** This is only used by the raw Crypto engines (crypto), keydb (keydb),
-** and PKCS #11. Everyone else uses the high level key structure.
-*/
-struct FORTEZZAPrivateKeyStr {
- PLArenaPool *arena;
- FORTEZZAKeyType keyType;
- union {
- DSAPrivateKey dsa;
- DHPrivateKey dh;
- } u;
-};
-typedef struct FORTEZZAPrivateKeyStr FORTEZZAPrivateKey;
-
-
-/* the following parameters are tunable. The bigger the key registers are,
- * the less likely the PKCS #11 module will thrash. */
-#define KEY_REGISTERS 100
-#define MAX_RA_SLOTS 20
-
-/* SKIPJACK algorithm constants */
-#define SKIPJACK_KEY_SIZE 10
-#define SKIPJACK_BLOCK_SIZE 8
-#define SKIPJACK_LEAF_SIZE 16
-
-/* private typedefs */
-typedef unsigned char FORTSkipjackKey[SKIPJACK_KEY_SIZE];
-typedef unsigned char *FORTSkipjackKeyPtr;
-typedef unsigned char fortRaPrivate[20];
-typedef unsigned char *fortRaPrivatePtr;
-
-/* save a public/private key pair */
-struct FORTRaRegistersStr {
- CI_RA public;
- fortRaPrivate private;
-};
-
-/* FORTEZZA Key Register */
-struct FORTKeySlotStr {
- FORTSkipjackKey data;
- PRBool present;
-};
-
-/* structure to hole private key information */
-struct fortKeyInformationStr {
- SECItem keyFlags;
- SECItem privateKeyWrappedWithKs;
- SECItem derPublicKey;
- SECItem p;
- SECItem g;
- SECItem q;
-};
-
-/* struture to hole Ks wrapped data */
-struct fortProtectedDataStr {
- SECItem length;
- SECItem dataIV;
- SECItem dataEncryptedWithKs;
-};
-
-/* This structure represents a fortezza personality */
-struct fortSlotEntryStr {
- SECItem trusted;
- SECItem certificateIndex;
- int certIndex;
- fortProtectedData certificateLabel;
- fortProtectedData certificateData;
- fortKeyInformation *exchangeKeyInformation;
- fortKeyInformation *signatureKeyInformation;
-};
-
-/* this structure represents a K value wrapped by a protected pin */
-struct fortProtectedPhraseStr {
- SECItem kValueIV;
- SECItem wrappedKValue;
- SECItem memPhraseIV;
- SECItem hashedEncryptedMemPhrase;
-};
-
-
-/* This structure represents all the relevant data stored in a der encoded
- * fortezza slot file. */
-struct FORTSWFileStr {
- PRArenaPool *arena;
- SECItem version;
- SECItem derIssuer;
- SECItem serialID;
- fortProtectedPhrase initMemPhrase;
-#define fortezzaPhrase initMemPhrase
- fortProtectedPhrase ssoMemPhrase;
- fortProtectedPhrase userMemPhrase;
- fortProtectedPhrase ssoPinPhrase;
- fortProtectedPhrase userPinPhrase;
- SECItem wrappedRandomSeed;
- fortSlotEntry **slotEntries;
-};
-
-/* This data structed represents a signed data structure */
-struct FORTSignedSWFileStr {
- FORTSWFile file;
- CERTSignedData signatureWrap;
- FORTSkipjackKeyPtr Kinit;
- FORTSkipjackKeyPtr Ks;
-};
-
-
-/* collect all the data that makes up a token */
-struct FORTSWTokenStr {
- PRBool login; /* has this token been logged in? */
- int lock; /* the current lock state */
- int certIndex; /* index of the current personality */
- int key; /* currently selected key */
- int nextRa; /* where the next Ra/ra pair will go */
- FORTSWFile *config_file; /* parsed Fortezza Config file */
- unsigned char IV[SKIPJACK_BLOCK_SIZE];
- FORTKeySlot keyReg[KEY_REGISTERS]; /* sw fortezza key slots */
- FORTRaRegisters RaValues[MAX_RA_SLOTS]; /* Ra/ra values */
-};
-
-#endif
diff --git a/security/nss/lib/fortcrypt/swfort/swfparse.c b/security/nss/lib/fortcrypt/swfort/swfparse.c
deleted file mode 100644
index 4422cb18a..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfparse.c
+++ /dev/null
@@ -1,531 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following program decodes the FORTEZZA Init File, and stores the result
- * into the fortezza directory.
- */
-#include "secasn1.h"
-#include "swforti.h"
-#include "blapi.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-
-
-/*
- * templates for parsing the FORTEZZA Init File. These were taken from DER
- * definitions on SWF Initialization File Format Version 1.0 pp1-3.
- */
-
-/* Key info structure... There are up to two of these per slot entry */
-static const SEC_ASN1Template fortKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortKeyInformation) },
- { SEC_ASN1_INTEGER,
- offsetof(fortKeyInformation,keyFlags) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortKeyInformation,privateKeyWrappedWithKs) },
- { SEC_ASN1_ANY ,
- offsetof(fortKeyInformation, derPublicKey) },
- { SEC_ASN1_OCTET_STRING, offsetof(fortKeyInformation,p) },
- { SEC_ASN1_OCTET_STRING, offsetof(fortKeyInformation,g) },
- { SEC_ASN1_OCTET_STRING, offsetof(fortKeyInformation,q) },
- { 0 }
-};
-
-/* This is data that has been wrapped by Ks */
-static const SEC_ASN1Template fortProtDataTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortProtectedData) },
- { SEC_ASN1_INTEGER,
- offsetof(fortProtectedData,length) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedData,dataIV) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedData,dataEncryptedWithKs) },
- { 0 }
-};
-
-/* DER to describe each Certificate Slot ... there are an arbitrary number */
-static const SEC_ASN1Template fortSlotEntryTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortSlotEntry) },
- { SEC_ASN1_BOOLEAN,
- offsetof(fortSlotEntry,trusted) },
- { SEC_ASN1_INTEGER,
- offsetof(fortSlotEntry,certificateIndex) },
- { SEC_ASN1_INLINE,
- offsetof(fortSlotEntry,certificateLabel), fortProtDataTemplate },
- { SEC_ASN1_INLINE,
- offsetof(fortSlotEntry,certificateData), fortProtDataTemplate },
- { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_CONSTRUCTED | 0,
- offsetof(fortSlotEntry, exchangeKeyInformation),
- fortKeyInfoTemplate },
- { SEC_ASN1_POINTER | SEC_ASN1_OPTIONAL | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_CONSTRUCTED | 1,
- offsetof(fortSlotEntry, signatureKeyInformation),
- fortKeyInfoTemplate },
- { 0 }
-};
-
-/* This data is used to check MemPhrases, and to generate Ks
- * each file has two mem phrases, one for SSO, one for User */
-static const SEC_ASN1Template fortProtectedMemPhrase[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortProtectedPhrase) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,kValueIV) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,wrappedKValue) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,memPhraseIV) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,hashedEncryptedMemPhrase) },
- { 0 }
-};
-
-/* This data is used to check the Mem Init Phrases, and to generate Kinit
- * each file has one mem init phrase, which is used only in transport of
- * this file */
-static const SEC_ASN1Template fortMemInitPhrase[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(fortProtectedPhrase) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,wrappedKValue) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,memPhraseIV) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(fortProtectedPhrase,hashedEncryptedMemPhrase) },
- { 0 }
-};
-
-static const SEC_ASN1Template fortSlotEntriesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, fortSlotEntryTemplate }
-};
-
-/* This is the complete file with all it's data, but has not been signed
- * yet. */
-static const SEC_ASN1Template fortSwFortezzaInitFileToSign[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(FORTSWFile) },
- { SEC_ASN1_INTEGER,
- offsetof(FORTSWFile,version) },
- { SEC_ASN1_ANY,
- offsetof(FORTSWFile,derIssuer) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(FORTSWFile,serialID) },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,initMemPhrase), fortMemInitPhrase },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,ssoMemPhrase), fortProtectedMemPhrase },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,userMemPhrase), fortProtectedMemPhrase },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,ssoPinPhrase), fortProtectedMemPhrase },
- { SEC_ASN1_INLINE,
- offsetof(FORTSWFile,userPinPhrase), fortProtectedMemPhrase },
- { SEC_ASN1_OCTET_STRING,
- offsetof(FORTSWFile,wrappedRandomSeed) },
- { SEC_ASN1_SEQUENCE_OF, offsetof(FORTSWFile,slotEntries),
- fortSlotEntryTemplate },
- /* optional extentions to ignore here... */
- { 0 }
-};
-
-/* The complete, signed init file */
-static const SEC_ASN1Template fortSwFortezzaInitFile[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(FORTSignedSWFile) },
- { SEC_ASN1_SAVE,
- offsetof(FORTSignedSWFile,signatureWrap.data) },
- { SEC_ASN1_INLINE,
- offsetof(FORTSignedSWFile,file),
- fortSwFortezzaInitFileToSign },
- { SEC_ASN1_INLINE,
- offsetof(FORTSignedSWFile,signatureWrap.signatureAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(FORTSignedSWFile,signatureWrap.signature) },
- { 0 }
-};
-
-FORTSkipjackKeyPtr
-fort_CalculateKMemPhrase(FORTSWFile *file,
- fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey)
-{
- unsigned char *data = NULL;
- unsigned char hashout[SHA1_LENGTH];
- int data_len = prot_phrase->wrappedKValue.len;
- int ret;
- unsigned int len;
- unsigned int version;
- unsigned char enc_version[2];
- FORTSkipjackKeyPtr Kout = NULL;
- FORTSkipjackKey Kfek;
- SHA1Context *sha;
-
- data = (unsigned char *) PORT_ZAlloc(data_len);
- if (data == NULL) goto fail;
-
- PORT_Memcpy(data,prot_phrase->wrappedKValue.data,data_len);
-
- /* if it's a real protected mem phrase, it's been wrapped by kinit, which
- * was passed to us. */
- if (wrapKey) {
- fort_skipjackDecrypt(wrapKey,
- &prot_phrase->kValueIV.data[SKIPJACK_LEAF_SIZE],data_len,
- data,data);
- data_len = sizeof(CI_KEY);
- }
-
- /* now calculate the PBE key for fortezza */
- sha = SHA1_NewContext();
- if (sha == NULL) goto fail;
- SHA1_Begin(sha);
- version = DER_GetUInteger(&file->version);
- enc_version[0] = (version >> 8) & 0xff;
- enc_version[1] = version & 0xff;
- SHA1_Update(sha,enc_version,sizeof(enc_version));
- SHA1_Update(sha,file->derIssuer.data, file->derIssuer.len);
- SHA1_Update(sha,file->serialID.data, file->serialID.len);
- SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
- SHA1_End(sha,hashout,&len,SHA1_LENGTH);
- SHA1_DestroyContext(sha, PR_TRUE);
- PORT_Memcpy(Kfek,hashout,sizeof(FORTSkipjackKey));
-
- /* now use that key to unwrap */
- Kout = (FORTSkipjackKeyPtr) PORT_Alloc(sizeof(FORTSkipjackKey));
- ret = fort_skipjackUnwrap(Kfek,data_len,data,Kout);
- if (ret != CI_OK) {
- PORT_Free(Kout);
- Kout = NULL;
- }
-
-fail:
- PORT_Memset(&Kfek, 0, sizeof(FORTSkipjackKey));
- if (data) PORT_ZFree(data,data_len);
- return Kout;
-}
-
-
-PRBool
-fort_CheckMemPhrase(FORTSWFile *file,
- fortProtectedPhrase * prot_phrase, char *phrase, FORTSkipjackKeyPtr wrapKey)
-{
- unsigned char *data = NULL;
- unsigned char hashout[SHA1_LENGTH];
- int data_len = prot_phrase->hashedEncryptedMemPhrase.len;
- unsigned int len;
- SHA1Context *sha;
- PRBool pinOK = PR_FALSE;
- unsigned char cw[4];
- int i;
-
-
- /* first, decrypt the hashed/Encrypted Memphrase */
- data = (unsigned char *) PORT_ZAlloc(data_len);
- if (data == NULL) goto failed;
-
- PORT_Memcpy(data,prot_phrase->hashedEncryptedMemPhrase.data,data_len);
- fort_skipjackDecrypt(wrapKey,
- &prot_phrase->memPhraseIV.data[SKIPJACK_LEAF_SIZE],data_len,
- data,data);
-
- /* now build the hash for comparisons */
- sha = SHA1_NewContext();
- if (sha == NULL) goto failed;
- SHA1_Begin(sha);
- SHA1_Update(sha,(unsigned char *)phrase,strlen(phrase));
- SHA1_End(sha,hashout,&len,SHA1_LENGTH);
- SHA1_DestroyContext(sha, PR_TRUE);
-
- /* hashes don't match... must not be the right pass mem */
- if (PORT_Memcmp(data,hashout,len) != 0) goto failed;
-
- /* now calcuate the checkword and compare it */
- cw[0] = cw[1] = cw[2] = cw[3] = 0;
- for (i=0; i <5 ; i++) {
- cw[0] = cw[0] ^ hashout[i*4];
- cw[1] = cw[1] ^ hashout[i*4+1];
- cw[2] = cw[2] ^ hashout[i*4+2];
- cw[3] = cw[3] ^ hashout[i*4+3];
- }
-
- /* checkword doesn't match, must not be the right pass mem */
- if (PORT_Memcmp(data+len,cw,4) != 0) goto failed;
-
- /* pased all our test, its OK */
- pinOK = PR_TRUE;
-
-failed:
- PORT_Free(data);
-
- return pinOK;
-}
-
-/*
- * walk through the list of memphrases. This function allows us to use a
- * for loop to walk down them.
- */
-fortProtectedPhrase *
-fort_getNextPhrase( FORTSWFile *file, fortProtectedPhrase *last)
-{
- if (last == &file->userMemPhrase) {
- return &file->userPinPhrase;
- }
- /* we can add more test here if we want to support SSO mode someday. */
-
- return NULL;
-}
-
-/*
- * decode the DER file data into our nice data structures, including turning
- * cert indexes into integers.
- */
-FORTSignedSWFile *
-FORT_GetSWFile(SECItem *initBits)
-{
- FORTSignedSWFile *sw_init_file;
- PRArenaPool *arena = NULL;
- SECStatus rv;
- int i, count;
-
- /* get the local arena... be sure to free this at the end */
-
- /* get the local arena... be sure to free this at the end */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) goto fail;
-
- sw_init_file = (FORTSignedSWFile *)
- PORT_ArenaZAlloc(arena,sizeof(FORTSignedSWFile));
- if (sw_init_file == NULL) goto fail;
-
- /* ANS1 decode the complete init file */
- rv = SEC_ASN1DecodeItem(arena,sw_init_file,fortSwFortezzaInitFile,initBits);
- if (rv != SECSuccess) {
- goto fail;
- }
-
- /* count the certs */
- count = 0;
- while (sw_init_file->file.slotEntries[count]) count++;
-
- for (i=0; i < count; i++) {
- /* update the cert Index Pointers */
- sw_init_file->file.slotEntries[i]->certIndex =
- DER_GetInteger(&sw_init_file->
- file.slotEntries[i]->certificateIndex );
- }
-
- /* now start checking the mem phrases and pins, as well as calculating the
- * file's 'K' values. First we start with K(init). */
- sw_init_file->file.arena = arena;
-
- return sw_init_file;
- /* OK now that we've read in the init file, and now have Kinit, Ks, and the
- * appropriate Pin Phrase, we need to build our database file. */
-
-fail:
- if (arena) PORT_FreeArena(arena,PR_TRUE);
- return NULL;
-}
-
-/*
- * Check the init memphrases and the user mem phrases. Remove all the init
- * memphrase wrappings. Save the Kinit and Ks values for use.
- */
-SECStatus
-FORT_CheckInitPhrase(FORTSignedSWFile *sw_init_file, char *initMemPhrase)
-{
- SECStatus rv = SECFailure;
-
- sw_init_file->Kinit = fort_CalculateKMemPhrase(&sw_init_file->file,
- &sw_init_file->file.initMemPhrase, initMemPhrase, NULL);
- if (sw_init_file->Kinit == NULL) goto fail;
-
- /* now check the init Mem phrase */
- if (!fort_CheckMemPhrase(&sw_init_file->file,
- &sw_init_file->file.initMemPhrase,
- initMemPhrase, sw_init_file->Kinit)) {
- goto fail;
- }
- rv = SECSuccess;
-
-fail:
- return rv;
-}
-
- /* now check user user mem phrase and calculate Ks */
-SECStatus
-FORT_CheckUserPhrase(FORTSignedSWFile *sw_init_file, char *userMemPhrase)
-{
- SECStatus rv = SECFailure;
- char tmp_data[13];
- char *padMemPhrase = NULL;
- fortProtectedPhrase *phrase_store;
-
- if (strlen(userMemPhrase) < 12) {
- PORT_Memset(tmp_data, ' ', sizeof(tmp_data));
- PORT_Memcpy(tmp_data,userMemPhrase,strlen(userMemPhrase));
- tmp_data[12] = 0;
- padMemPhrase = tmp_data;
- }
-
- for (phrase_store = &sw_init_file->file.userMemPhrase; phrase_store;
- phrase_store = fort_getNextPhrase(&sw_init_file->file,phrase_store)) {
- sw_init_file->Ks = fort_CalculateKMemPhrase(&sw_init_file->file,
- phrase_store, userMemPhrase, sw_init_file->Kinit);
-
- if ((sw_init_file->Ks == NULL) && (padMemPhrase != NULL)) {
- sw_init_file->Ks = fort_CalculateKMemPhrase(&sw_init_file->file,
- phrase_store, padMemPhrase, sw_init_file->Kinit);
- userMemPhrase = padMemPhrase;
- }
- if (sw_init_file->Ks == NULL) {
- continue;
- }
-
- /* now check the User Mem phrase */
- if (fort_CheckMemPhrase(&sw_init_file->file, phrase_store,
- userMemPhrase, sw_init_file->Ks)) {
- break;
- }
- PORT_Free(sw_init_file->Ks);
- sw_init_file->Ks = NULL;
- }
-
-
- if (phrase_store == NULL) goto fail;
-
- /* strip the Kinit wrapping */
- fort_skipjackDecrypt(sw_init_file->Kinit,
- &phrase_store->kValueIV.data[SKIPJACK_LEAF_SIZE],
- phrase_store->wrappedKValue.len, phrase_store->wrappedKValue.data,
- phrase_store->wrappedKValue.data);
- phrase_store->wrappedKValue.len = 12;
-
- PORT_Memset(phrase_store->kValueIV.data,0,phrase_store->kValueIV.len);
-
- sw_init_file->file.initMemPhrase = *phrase_store;
- sw_init_file->file.ssoMemPhrase = *phrase_store;
- sw_init_file->file.ssoPinPhrase = *phrase_store;
- sw_init_file->file.userMemPhrase = *phrase_store;
- sw_init_file->file.userPinPhrase = *phrase_store;
-
-
- rv = SECSuccess;
-
-fail:
- /* don't keep the pin around */
- PORT_Memset(tmp_data, 0, sizeof(tmp_data));
- return rv;
-}
-
-void
-FORT_DestroySWFile(FORTSWFile *file)
-{
- PORT_FreeArena(file->arena,PR_FALSE);
-}
-
-void
-FORT_DestroySignedSWFile(FORTSignedSWFile *swfile)
-{
- FORT_DestroySWFile(&swfile->file);
-}
-
-
-SECItem *
-FORT_GetDERCert(FORTSignedSWFile *swfile,int index)
-{
- SECItem *newItem = NULL;
- unsigned char *cert = NULL;
- int len,ret;
- fortSlotEntry *certEntry = NULL;
-
-
- newItem = PORT_ZNew(SECItem);
- if (newItem == NULL) return NULL;
-
- certEntry = fort_GetCertEntry(&swfile->file,index);
- if (certEntry == NULL) {
- PORT_Free(newItem);
- return NULL;
- }
-
- newItem->len = len = certEntry->certificateData.dataEncryptedWithKs.len;
- newItem->data = cert = PORT_ZAlloc(len);
- if (cert == NULL) {
- PORT_Free(newItem);
- return NULL;
- }
- newItem->len = DER_GetUInteger(&certEntry->certificateData.length);
-
-
- PORT_Memcpy(cert, certEntry->certificateData.dataEncryptedWithKs.data,len);
-
- /* Ks is always stored in keyReg[0] when we log in */
- ret = fort_skipjackDecrypt(swfile->Ks,
- &certEntry->certificateData.dataIV.data[SKIPJACK_LEAF_SIZE],
- len,cert,cert);
- if (ret != CI_OK) {
- SECITEM_FreeItem(newItem,PR_TRUE);
- return NULL;
- }
- return newItem;
-}
-
-/*
- * decode the DER file data into our nice data structures, including turning
- * cert indexes into integers.
- */
-SECItem *
-FORT_PutSWFile(FORTSignedSWFile *sw_init_file)
-{
- SECItem *outBits, *tmpBits;
-
- outBits = PORT_ZNew(SECItem);
- if (outBits == NULL) goto fail;
-
- /* ANS1 encode the complete init file */
- tmpBits = SEC_ASN1EncodeItem(NULL,outBits,sw_init_file,fortSwFortezzaInitFile);
- if (tmpBits == NULL) {
- goto fail;
- }
-
- return outBits;
-
-fail:
- if (outBits) SECITEM_FreeItem(outBits,PR_TRUE);
- return NULL;
-}
diff --git a/security/nss/lib/fortcrypt/swfort/swfutl.c b/security/nss/lib/fortcrypt/swfort/swfutl.c
deleted file mode 100644
index f6927c841..000000000
--- a/security/nss/lib/fortcrypt/swfort/swfutl.c
+++ /dev/null
@@ -1,750 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This File includes utility functions used by cilib. and swfparse.c
- */
-
-#include "prtypes.h"
-#include "prsystem.h"
-#include "prio.h"
-
-#include "swforti.h"
-#include "keyt.h"
-/* #include "dh.h" */
-#include "maci.h"
-#include "secport.h"
-#include "secrng.h"
-#ifdef XP_OS2
-#include <sys/stat.h>
-#endif
-
-#ifdef XP_WIN
-#include <windows.h>
-#include <winsock.h>
-#include <direct.h>
-#endif
-
-/* no platform seem to agree on where this function is defined */
-static char *local_index(char *source, char target) {
- while ((*source != target) && (*source != 0)) {
- source++;
- }
- return (*source != 0) ? source : NULL;
-}
-
-/*
- * Check to see if the index is ok, and that key is appropriately present or
- * absent.
- */
-int
-fort_KeyOK(FORTSWToken *token, int index, PRBool isPresent)
-{
- if (index < 0) return CI_INV_KEY_INDEX;
- if (index >= KEY_REGISTERS) return CI_INV_KEY_INDEX;
-
- return (token->keyReg[index].present == isPresent) ? CI_OK :
- (isPresent ? CI_NO_KEY : CI_REG_IN_USE);
-}
-
-/*
- * clear out a key register
- */
-void
-fort_ClearKey(FORTKeySlot *key)
-{
- key->present = PR_FALSE;
- PORT_Memset(key->data, 0, sizeof (key->data));
- return;
-}
-
-/*
- * clear out an Ra register
- */
-void
-fort_ClearRaSlot(FORTRaRegisters *ra)
-{
- PORT_Memset(ra->public, 0, sizeof(ra->public));
- PORT_Memset(ra->private, 0, sizeof(ra->private));
- return;
-}
-
-/*
- * provide a helper function to do all the loggin out functions.
- * NOTE: Logining in only happens in MACI_CheckPIN
- */
-void
-fort_Logout(FORTSWToken *token)
-{
- int i;
-
- /* ditch all the stored keys */
- for (i=0; i < KEY_REGISTERS; i++) {
- fort_ClearKey(&token->keyReg[i]);
- }
- for (i=0; i < MAX_RA_SLOTS; i++) {
- fort_ClearRaSlot(&token->RaValues[i]);
- }
-
- /* mark as logged out */
- token->login = PR_FALSE;
- token->certIndex = 0;
- token->key = 0;
- return;
-}
-
-/*
- * update the new IV value based on the current cipherText (should be the last
- * block of the cipher text).
- */
-int
-fort_UpdateIV(unsigned char *cipherText, unsigned int size,unsigned char *IV)
-{
- if (size == 0) return CI_INV_SIZE;
- if ((size & (SKIPJACK_BLOCK_SIZE-1)) != 0) return CI_INV_SIZE;
- size -= SKIPJACK_BLOCK_SIZE;
- PORT_Memcpy(IV,&cipherText[size],SKIPJACK_BLOCK_SIZE);
- return CI_OK;
-}
-
-
-/*
- * verify that we have a card initialized, and if necessary, logged in.
- */
-int
-fort_CardExists(FORTSWToken *token,PRBool needLogin)
-{
- if (token == NULL ) return CI_LIB_NOT_INIT;
- if (token->config_file == NULL) return CI_NO_CARD;
- if (needLogin && !token->login) return CI_INV_STATE;
- return CI_OK;
-}
-
-/*
- * walk down the cert slot entries, counting them.
- * return that count.
- */
-int
-fort_GetCertCount(FORTSWFile *file)
-{
- int i;
-
- if (file->slotEntries == NULL) return 0;
-
- for (i=0; file->slotEntries[i]; i++)
- /* no body */ ;
-
- return i;
-}
-
-/*
- * copy an unsigned SECItem to a signed SecItem. (if the high bit is on,
- * pad with a leading 0.
- */
-SECStatus
-fort_CopyUnsigned(PRArenaPool *arena, SECItem *to, const SECItem *from)
-{
- int offset = 0;
-
- if (from->data && from->len) {
- if (from->data[0] & 0x80) offset = 1;
- if ( arena ) {
- to->data = (unsigned char*) PORT_ArenaZAlloc(arena,
- from->len+offset);
- } else {
- to->data = (unsigned char*) PORT_ZAlloc(from->len+offset);
- }
-
- if (!to->data) {
- return SECFailure;
- }
- PORT_Memcpy(to->data+offset, from->data, from->len);
- to->len = from->len+offset;
- } else {
- to->data = 0;
- to->len = 0;
- }
- return SECSuccess;
-}
-
-/*
- * NOTE: these keys do not have the public values, and cannot be used to
- * extract the public key from the private key. Since we never do this in
- * this code, and this function is static, we're reasonably safe (as long as
- * any of your callees do not try to extract the public value as well).
- * Also -- the token must be logged in before this function is called.
- */
-FORTEZZAPrivateKey *
-fort_GetPrivKey(FORTSWToken *token,FORTEZZAKeyType keyType,
- fortSlotEntry *certEntry)
-{
- FORTEZZAPrivateKey *returnKey = NULL;
- SECStatus rv = SECFailure;
- PRArenaPool *poolp;
- fortKeyInformation *keyInfo = NULL;
- unsigned char *keyData;
- int len, ret;
-
-
- /* select the right keyinfo */
- switch (keyType) {
- case fortezzaDSAKey:
- keyInfo = certEntry->signatureKeyInformation;
- if (keyInfo == NULL) keyInfo = certEntry->exchangeKeyInformation;
- break;
- case fortezzaDHKey:
- keyInfo = certEntry->exchangeKeyInformation;
- if (keyInfo == NULL) keyInfo = certEntry->signatureKeyInformation;
- break;
- }
-
- /* if we don't have any key information, blow out of here */
- if (keyInfo == NULL) return NULL;
-
- poolp = PORT_NewArena(2048);
- if(!poolp) {
- return NULL;
- }
-
- returnKey = (FORTEZZAPrivateKey*)PORT_ArenaZAlloc(poolp, sizeof(FORTEZZAPrivateKey));
- if(!returnKey) {
- rv = SECFailure;
- goto loser;
- }
-
- returnKey->keyType = keyType;
- returnKey->arena = poolp;
-
- /*
- * decrypt the private key
- */
- len = keyInfo->privateKeyWrappedWithKs.len;
- keyData = PORT_ArenaZAlloc(poolp,len);
- if (keyData == NULL) {
- rv = SECFailure;
- goto loser;
- }
- /* keys must be 160 bits (20 bytes) if that's not the case the Unwrap will
- * fail.. */
- ret = fort_skipjackUnwrap(token->keyReg[0].data, len,
- keyInfo->privateKeyWrappedWithKs.data, keyData);
- if (ret != CI_OK) {
- rv = SECFailure;
- goto loser;
- }
-
- switch(keyType) {
- case dsaKey:
- returnKey->u.dsa.privateValue.data = keyData;
- returnKey->u.dsa.privateValue.len = 20;
- returnKey->u.dsa.params.arena = poolp;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dsa.params.prime),
- &(keyInfo->p));
- if(rv != SECSuccess) break;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dsa.params.subPrime),
- &(keyInfo->q));
- if(rv != SECSuccess) break;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dsa.params.base),
- &(keyInfo->g));
- if(rv != SECSuccess) break;
- break;
- case dhKey:
- returnKey->u.dh.arena = poolp;
- returnKey->u.dh.privateValue.data = keyData;
- returnKey->u.dh.privateValue.len = 20;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dh.prime),
- &(keyInfo->p));
- if(rv != SECSuccess) break;
- rv = fort_CopyUnsigned(poolp, &(returnKey->u.dh.base),
- &(keyInfo->g));
- if(rv != SECSuccess) break;
- rv = SECSuccess;
- break;
- default:
- rv = SECFailure;
- }
-
-loser:
-
- if(rv != SECSuccess) {
- PORT_FreeArena(poolp, PR_TRUE);
- returnKey = NULL;
- }
-
- return returnKey;
-}
-
-
-void
-fort_DestroyPrivateKey(FORTEZZAPrivateKey *key)
-{
- if (key && key->arena) {
- PORT_FreeArena(key->arena, PR_TRUE);
- }
-}
-
-/*
- * find a particulare certificate entry from the config
- * file.
- */
-fortSlotEntry *
-fort_GetCertEntry(FORTSWFile *file,int index)
-{
- /* search for the index */
- int i,count= fort_GetCertCount(file);
-
- /* make sure the given index exists & has key material */
- for (i=0; i < count ;i ++) {
- if (file->slotEntries[i]->certIndex == index) {
- return file->slotEntries[i];
- }
- }
- return NULL;
-}
-
-/*
- * use the token to determine it's CI_State.
- */
-CI_STATE
-fort_GetState(FORTSWToken *token)
-{
- /* no file? then the token has not been initialized */
- if (!token->config_file) {
- return CI_UNINITIALIZED;
- }
- /* we're initialized, are we logged in (CI_USER_INITIALIZED is not logged
- * in) */
- if (!token->login) {
- return CI_USER_INITIALIZED;
- }
- /* We're logged in, do we have a personality set */
- if (token->certIndex) {
- return CI_READY;
- }
- /* We're logged in, with no personality set */
- return CI_STANDBY;
-}
-
-/*
- * find the private ra value for a given public Ra value.
- */
-fortRaPrivatePtr
-fort_LookupPrivR(FORTSWToken *token,CI_RA Ra)
-{
- int i;
-
- /* probably a more efficient way of doing this would be to search first
- * several entries before nextRa (or search backwards from next Ra)
- */
- for (i=0; i < MAX_RA_SLOTS; i++) {
- if (PORT_Memcmp(token->RaValues[i].public,Ra,CI_RA_SIZE) == 0) {
- return token->RaValues[i].private;
- }
- }
- return NULL;
-}
-
-/*
- * go add more noise to the random number generator
- */
-void
-fort_AddNoise(void)
-{
- unsigned char seed[20];
-
- /* note: GetNoise doesn't always get 20 bytes, but adding more
- * random data from the stack doesn't subtract entropy from the
- * Random number generator, so just send it all.
- */
- RNG_GetNoise(seed,sizeof(seed));
- RNG_RandomUpdate(seed,sizeof(seed));
-}
-
-/*
- * Get a random number
- */
-int
-fort_GenerateRandom(unsigned char *buf, int bytes)
-{
- SECStatus rv;
-
- fort_AddNoise();
- rv = RNG_GenerateGlobalRandomBytes(buf,bytes);
- if (rv != SECSuccess) return CI_EXEC_FAIL;
- return CI_OK;
-}
-
-/*
- * NOTE: that MAC is missing below.
- */
-#if defined (XP_UNIX) || defined (XP_OS2)
-#ifdef XP_UNIX
-#define NS_PATH_SEP ':'
-#define NS_DIR_SEP '/'
-#define NS_DEFAULT_PATH ".:/bin/netscape:/etc/netscape/:/etc"
-#endif
-
-#ifdef XP_OS2 /* for OS/2 */
-#define NS_PATH_SEP ';'
-#define NS_DIR_SEP '\\'
-#define NS_DEFAULT_PATH ".:\\bin\\netscape:\\etc\\netscape\\:\\etc"
-#endif
-
-PRInt32
-local_getFileInfo(const char *fn, PRFileInfo *info)
-{
- PRInt32 rv;
- struct stat sb;
-
- rv = stat(fn, &sb);
- if (rv < 0)
- return -1;
- else if (NULL != info)
- {
- if (S_IFREG & sb.st_mode)
- info->type = PR_FILE_FILE;
- else if (S_IFDIR & sb.st_mode)
- info->type = PR_FILE_DIRECTORY;
- else
- info->type = PR_FILE_OTHER;
-
-#if defined(OSF1)
- if (0x7fffffffLL < sb.st_size)
- {
- return -1;
- }
-#endif /* defined(OSF1) */
- info->size = sb.st_size;
-
- }
- return rv;
-}
-#endif /* UNIX & OS/2 */
-
-#ifdef XP_WIN
-#define NS_PATH_SEP ';'
-#define NS_DIR_SEP '\\'
-#define NS_DEFAULT_PATH ".;c:\\program files\\netscape\\communicator\\program\\pkcs11\\netscape;c:\\netscape\\communicator\\program\\pkcs11\\netscape;c:\\windows\\system"
-
-
-/*
- * Since we're a pkcs #11 module, we may get
- * loaded into lots of different binaries, each with different or no versions
- * of NSPR running... so we copy the one function we need.
- */
-
-#define _PR_IS_SLASH(ch) ((ch) == '/' || (ch) == '\\')
-
-/*
- * IsRootDirectory --
- *
- * Return PR_TRUE if the pathname 'fn' is a valid root directory,
- * else return PR_FALSE. The char buffer pointed to by 'fn' must
- * be writable. During the execution of this function, the contents
- * of the buffer pointed to by 'fn' may be modified, but on return
- * the original contents will be restored. 'buflen' is the size of
- * the buffer pointed to by 'fn'.
- *
- * Root directories come in three formats:
- * 1. / or \, meaning the root directory of the current drive.
- * 2. C:/ or C:\, where C is a drive letter.
- * 3. \\<server name>\<share point name>\ or
- * \\<server name>\<share point name>, meaning the root directory
- * of a UNC (Universal Naming Convention) name.
- */
-
-static PRBool
-IsRootDirectory(char *fn, size_t buflen)
-{
- char *p;
- PRBool slashAdded = PR_FALSE;
- PRBool rv = PR_FALSE;
-
- if (_PR_IS_SLASH(fn[0]) && fn[1] == '\0') {
- return PR_TRUE;
- }
-
- if (isalpha(fn[0]) && fn[1] == ':' && _PR_IS_SLASH(fn[2])
- && fn[3] == '\0') {
- rv = GetDriveType(fn) > 1 ? PR_TRUE : PR_FALSE;
- return rv;
- }
-
- /* The UNC root directory */
-
- if (_PR_IS_SLASH(fn[0]) && _PR_IS_SLASH(fn[1])) {
- /* The 'server' part should have at least one character. */
- p = &fn[2];
- if (*p == '\0' || _PR_IS_SLASH(*p)) {
- return PR_FALSE;
- }
-
- /* look for the next slash */
- do {
- p++;
- } while (*p != '\0' && !_PR_IS_SLASH(*p));
- if (*p == '\0') {
- return PR_FALSE;
- }
-
- /* The 'share' part should have at least one character. */
- p++;
- if (*p == '\0' || _PR_IS_SLASH(*p)) {
- return PR_FALSE;
- }
-
- /* look for the final slash */
- do {
- p++;
- } while (*p != '\0' && !_PR_IS_SLASH(*p));
- if (_PR_IS_SLASH(*p) && p[1] != '\0') {
- return PR_FALSE;
- }
- if (*p == '\0') {
- /*
- * GetDriveType() doesn't work correctly if the
- * path is of the form \\server\share, so we add
- * a final slash temporarily.
- */
- if ((p + 1) < (fn + buflen)) {
- *p++ = '\\';
- *p = '\0';
- slashAdded = PR_TRUE;
- } else {
- return PR_FALSE; /* name too long */
- }
- }
- rv = GetDriveType(fn) > 1 ? PR_TRUE : PR_FALSE;
- /* restore the 'fn' buffer */
- if (slashAdded) {
- *--p = '\0';
- }
- }
- return rv;
-}
-
-PRInt32
-local_getFileInfo(const char *fn, PRFileInfo *info)
-{
- HANDLE hFindFile;
- WIN32_FIND_DATA findFileData;
- char pathbuf[MAX_PATH + 1];
-
- if (NULL == fn || '\0' == *fn) {
- return -1;
- }
-
- /*
- * FindFirstFile() expands wildcard characters. So
- * we make sure the pathname contains no wildcard.
- */
- if (NULL != strpbrk(fn, "?*")) {
- return -1;
- }
-
- hFindFile = FindFirstFile(fn, &findFileData);
- if (INVALID_HANDLE_VALUE == hFindFile) {
- DWORD len;
- char *filePart;
-
- /*
- * FindFirstFile() does not work correctly on root directories.
- * It also doesn't work correctly on a pathname that ends in a
- * slash. So we first check to see if the pathname specifies a
- * root directory. If not, and if the pathname ends in a slash,
- * we remove the final slash and try again.
- */
-
- /*
- * If the pathname does not contain ., \, and /, it cannot be
- * a root directory or a pathname that ends in a slash.
- */
- if (NULL == strpbrk(fn, ".\\/")) {
- return -1;
- }
- len = GetFullPathName(fn, sizeof(pathbuf), pathbuf,
- &filePart);
- if (len > sizeof(pathbuf)) {
- return -1;
- }
- if (IsRootDirectory(pathbuf, sizeof(pathbuf))) {
- info->type = PR_FILE_DIRECTORY;
- info->size = 0;
- /*
- * These timestamps don't make sense for root directories.
- */
- info->modifyTime = 0;
- info->creationTime = 0;
- return 0;
- }
- if (!((pathbuf[len - 1] == '/') || (pathbuf[len-1] == '\\'))) {
- return -1;
- } else {
- pathbuf[len - 1] = '\0';
- hFindFile = FindFirstFile(pathbuf, &findFileData);
- if (INVALID_HANDLE_VALUE == hFindFile) {
- return -1;
- }
- }
- }
-
- FindClose(hFindFile);
-
- if (findFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
- info->type = PR_FILE_DIRECTORY;
- } else {
- info->type = PR_FILE_FILE;
- }
-
- info->size = findFileData.nFileSizeLow;
-
- return 0;
-}
-
-#endif /* XP_WIN */
-
-#ifdef XP_MAC
-#error Need to write fort_FindFileInPath for Mac
-#define NS_PATH_SEP ','
-#define NS_DIR_SEP ':'
-#define NS_DEFAULT_PATH ",System Folder,System Folder:Netscape f:pkcs11:netscape"
-#endif
-
-#define NETSCAPE_INIT_FILE "nsswft.swf"
-
-/*
- * OK, We're deep in the bottom of MACI and PKCS #11... We need to
- * find our fortezza key file. We have no clue of where the our binary lives
- * or where our key file lives. This function lets us search manual paths
- * to find our key file.
- */
-char *fort_FindFileInPath(char *path, char *fn)
-{
- char *next;
- char *holdData;
- char *ret = NULL;
- int len = 0;
- int fn_len = PORT_Strlen(fn)+1; /* include the NULL */
- PRFileInfo info;
- char dirSep = NS_DIR_SEP;
-
- holdData = PORT_Alloc(strlen(path)+1+fn_len);
-
- while ((next = local_index(path,NS_PATH_SEP)) != NULL) {
- len = next - path;
-
- PORT_Memcpy(holdData,path,len);
- if ((len != 0) && (holdData[len-1] != dirSep)) {
- PORT_Memcpy(&holdData[len],&dirSep,1);
- len++;
- }
- PORT_Memcpy(&holdData[len],fn,fn_len);
-
- if ((local_getFileInfo(holdData,&info) == 0) &&
- (info.type == PR_FILE_FILE) && (info.size != 0)) {
- ret = PORT_Strdup(holdData);
- PORT_Free(holdData);
- return ret;
- }
- path = next+1;
- }
-
- len = strlen(path);
- PORT_Memcpy(holdData,path,len);
- if ((len != 0) && (holdData[len-1] != dirSep)) {
- PORT_Memcpy(&holdData[len],&dirSep,1);
- len++;
- }
- PORT_Memcpy(&holdData[len],fn,fn_len);
-
- if ((local_getFileInfo(holdData,&info) == 0) &&
- (info.type == PR_FILE_FILE) && (info.size != 0)) {
- ret = PORT_Strdup(holdData);
- }
- PORT_Free(holdData);
- return ret;
-}
-
-static char *path_table[] = {
- "PATH","LD_LIBRARY_PATH","LIBPATH"
-};
-
-static int path_table_size = sizeof(path_table)/sizeof(path_table[0]);
-
-char *fort_LookupFORTEZZAInitFile(void)
-{
- char *fname = NULL;
- char *home = NULL;
-#ifdef XP_UNIX
- char unix_home[512];
-#endif
- int i;
-
- /* first try to get it from the environment */
- fname = getenv("SW_FORTEZZA_FILE");
- if (fname != NULL) {
- return PORT_Strdup(fname);
- }
-
-#ifdef XP_UNIX
- home = getenv("HOME");
- if (home) {
- strncpy(unix_home,home, sizeof(unix_home)-sizeof("/.netscape"));
- strcat(unix_home,"/.netscape");
- fname = fort_FindFileInPath(unix_home,NETSCAPE_INIT_FILE);
- if (fname) return fname;
- }
-#endif
-#ifdef XP_WIN
- home = getenv("windir");
- if (home) {
- fname = fort_FindFileInPath(home,NETSCAPE_INIT_FILE);
- if (fname) return fname;
- }
-#endif
-
- fname = fort_FindFileInPath(NS_DEFAULT_PATH,NETSCAPE_INIT_FILE);
- if (fname) return fname;
-
- /* now search the system paths */
- for (i=0; i < path_table_size; i++) {
- char *path = getenv(path_table[i]);
-
- if (path != NULL) {
- fname = fort_FindFileInPath(path,NETSCAPE_INIT_FILE);
- if (fname) return fname;
- }
- }
-
-
- return NULL;
-}
diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile
deleted file mode 100644
index ae3696654..000000000
--- a/security/nss/lib/freebl/Makefile
+++ /dev/null
@@ -1,320 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
--include config.mk
-
-ifdef USE_64
- DEFINES += -DNSS_USE_64
-endif
-
-ifdef USE_HYBRID
- DEFINES += -DNSS_USE_HYBRID
-endif
-
-# des.c wants _X86_ defined for intel CPUs.
-# coreconf does this for windows, but not for Linux, FreeBSD, etc.
-ifeq ($(CPU_ARCH),x86)
-ifneq ($(OS_ARCH),WINNT)
- OS_REL_CFLAGS += -D_X86_
-endif
-endif
-
-ifeq ($(OS_ARCH),OSF1)
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_NO_MP_WORD
- MPI_SRCS += mpvalpha.c
-endif
-
-ifeq ($(OS_ARCH),WINNT)
-ifneq ($(OS_TARGET),WIN16)
- ASFILES = mpi_x86.asm
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-endif
-endif
-
-ifdef XP_OS2_VACPP
- ASFILES = mpi_x86.asm
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-endif
-
-ifeq ($(OS_ARCH),IRIX)
-ifeq ($(USE_N32),1)
- ASFILES = mpi_mips.s
-ifeq ($(NS_USE_GCC),1)
- ASFLAGS = -Wp,-P -Wp,-traditional -O -mips3
-else
- ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3
-endif
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
- DEFINES += -DMP_USE_UINT_DIGIT
-else
-endif
-endif
-
-ifeq ($(OS_TARGET),Linux)
-ifeq ($(CPU_ARCH),x86)
- ASFILES = mpi_x86.s
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-endif
-endif
-
-ifeq ($(OS_ARCH),AIX)
-DEFINES += -DMP_USE_UINT_DIGIT
-ifndef USE_64
-DEFINES += -DMP_NO_DIV_WORD -DMP_NO_ADD_WORD -DMP_NO_SUB_WORD
-endif
-endif
-
-ifeq ($(OS_ARCH), HP-UX)
-MKSHLIB += +k +vshlibunsats -u FREEBL_GetVector +e FREEBL_GetVector
-ifndef FREEBL_EXTENDED_BUILD
-ifdef USE_PURE_32
-# build for DA1.1 (HP PA 1.1) pure 32 bit model
- DEFINES += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-else
-ifdef USE_64
-# this builds for DA2.0W (HP PA 2.0 Wide), the LP64 ABI, using 32-bit digits
- MPI_SRCS += mpi_hp.c
- ASFILES += hpma512.s hppa20.s
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-else
-# this builds for DA2.0 (HP PA 2.0 Narrow) hybrid model
-# (the 32-bit ABI with 64-bit registers) using 32-bit digits
- MPI_SRCS += mpi_hp.c
- ASFILES += hpma512.s hppa20.s
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-# This is done in coreconf by defining USE_LONG_LONGS
-# OS_CFLAGS += -Aa +e +DA2.0 +DS2.0
-endif
-endif
-endif
-endif
-
-# Note: -xarch=v8 or v9 is now done in coreconf
-ifeq ($(OS_TARGET),SunOS)
-ifeq ($(CPU_ARCH),sparc)
-ifndef NS_USE_GCC
-ifdef USE_HYBRID
- OS_CFLAGS += -xchip=ultra2
-endif
-endif
-ifeq ($(OS_RELEASE),5.5.1)
- SYSV_SPARC = 1
-endif
-ifeq ($(OS_RELEASE),5.6)
- SYSV_SPARC = 1
-endif
-ifeq ($(OS_RELEASE),5.7)
- SYSV_SPARC = 1
-endif
-ifeq ($(OS_RELEASE),5.8)
- SYSV_SPARC = 1
-endif
-ifeq ($(SYSV_SPARC),1)
-SOLARIS_AS = /usr/ccs/bin/as
-ifdef NS_USE_GCC
-LD = gcc
-DSO_LDOPTS += -shared -Wl,-B,symbolic,-z,defs,-z,now,-z,text,-M,mapfile.Solaris
-else
-MKSHLIB += -B symbolic -z defs -z now -z text -M mapfile.Solaris
-endif
-ifdef USE_PURE_32
-# this builds for Sparc v8 pure 32-bit architecture
- DEFINES += -DMP_USE_LONG_LONG_MULTIPLY -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-else
-ifdef USE_64
-# this builds for Sparc v9a pure 64-bit architecture
- MPI_SRCS += mpi_sparc.c
- ASFILES = mpv_sparcv9.s montmulfv9.s
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_USING_MONT_MULF
- DEFINES += -DMP_USE_UINT_DIGIT
-# MPI_SRCS += mpv_sparc.c
-# removed -xdepend from the following line
- SOLARIS_FLAGS = -fast -xO5 -xrestrict=%all -xchip=ultra -xarch=v9a -KPIC -mt
- SOLARIS_AS_FLAGS = -xarch=v9a -K PIC
-else
-# this builds for Sparc v8+a hybrid architecture, 64-bit registers, 32-bit ABI
- MPI_SRCS += mpi_sparc.c
- ASFILES = mpv_sparcv8.s montmulfv8.s
- DEFINES += -DMP_NO_MP_WORD -DMP_ASSEMBLY_MULTIPLY -DMP_USING_MONT_MULF
- DEFINES += -DMP_USE_UINT_DIGIT
- SOLARIS_AS_FLAGS = -xarch=v8plusa -K PIC
-# ASM_SUFFIX = .S
-endif
-endif
-endif
-else
-# Solaris x86
- DEFINES += -DMP_USE_UINT_DIGIT
- DEFINES += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
- ASFILES = mpi_i86pc.s
-ifdef NS_USE_GCC
- LD = gcc
- AS = gcc
- ASFLAGS =
-endif
-
-endif
-endif
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
-rijndael_tables:
- $(CC) -o $(OBJDIR)/make_rijndael_tab rijndael_tables.c \
- $(DEFINES) $(INCLUDES) $(OBJDIR)/libfreebl.a
- $(OBJDIR)/make_rijndael_tab
-
-ifdef MOZILLA_BSAFE_BUILD
-
-private_export::
-ifeq ($(OS_ARCH), WINNT)
- rm -f $(DIST)/lib/bsafe$(BSAFEVER).lib
-endif
- $(NSINSTALL) -R $(BSAFEPATH) $(DIST)/lib
-endif
-
-ifdef USE_PURE_32
-vpath %.h $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-vpath %.c $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-vpath %.S $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-vpath %.s $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-vpath %.asm $(FREEBL_PARENT)/mpi:$(FREEBL_PARENT)
-INCLUDES += -I$(FREEBL_PARENT) -I$(FREEBL_PARENT)/mpi
-else
-vpath %.h mpi
-vpath %.c mpi
-vpath %.S mpi
-vpath %.s mpi
-vpath %.asm mpi
-INCLUDES += -Impi
-endif
-
-
-DEFINES += -DMP_API_COMPATIBLE
-
-MPI_USERS = dh.c pqg.c dsa.c rsa.c
-
-MPI_OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_SRCS:.c=$(OBJ_SUFFIX)))
-MPI_OBJS += $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(MPI_USERS:.c=$(OBJ_SUFFIX)))
-
-$(MPI_OBJS): $(MPI_HDRS)
-
-$(OBJDIR)/$(PROG_PREFIX)mpprime$(OBJ_SUFFIX): primes.c
-
-$(OBJDIR)/ldvector$(OBJ_SUFFIX) $(OBJDIR)/loader$(OBJ_SUFFIX) : loader.h
-
-ifeq ($(SYSV_SPARC),1)
-
-$(OBJDIR)/mpv_sparcv8.o $(OBJDIR)/montmulfv8.o : $(OBJDIR)/%.o : %.s
- @$(MAKE_OBJDIR)
- $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $<
-
-$(OBJDIR)/mpv_sparcv9.o $(OBJDIR)/montmulfv9.o : $(OBJDIR)/%.o : %.s
- @$(MAKE_OBJDIR)
- $(SOLARIS_AS) -o $@ $(SOLARIS_AS_FLAGS) $<
-
-$(OBJDIR)/mpmontg.o: mpmontg.c montmulf.h
-
-endif
-
-ifdef FREEBL_EXTENDED_BUILD
-
-PURE32DIR = $(OBJDIR)/$(OS_ARCH)pure32
-ALL_TRASH += $(PURE32DIR)
-
-FILES2LN = \
- $(wildcard *.tab) \
- $(wildcard mapfile.*) \
- Makefile manifest.mn config.mk
-
-LINKEDFILES = $(addprefix $(PURE32DIR)/, $(FILES2LN))
-
-CDDIR := $(shell pwd)
-
-$(PURE32DIR):
- -mkdir $(PURE32DIR)
- -ln -s $(CDDIR)/mpi $(PURE32DIR)
-
-$(LINKEDFILES) : $(PURE32DIR)/% : %
- ln -s $(CDDIR)/$* $(PURE32DIR)
-
-libs::
- $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_HYBRID=1 libs
-
-libs:: $(PURE32DIR) $(LINKEDFILES)
- cd $(PURE32DIR) && $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_PURE_32=1 FREEBL_PARENT=$(CDDIR) CORE_DEPTH=$(CDDIR)/$(CORE_DEPTH) libs
-
-release_md::
- $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_HYBRID=1 $@
- cd $(PURE32DIR) && $(MAKE) FREEBL_RECURSIVE_BUILD=1 USE_PURE_32=1 FREEBL_PARENT=$(CDDIR) CORE_DEPTH=$(CDDIR)/$(CORE_DEPTH) $@
-
-endif
diff --git a/security/nss/lib/freebl/alg2268.c b/security/nss/lib/freebl/alg2268.c
deleted file mode 100644
index af720f733..000000000
--- a/security/nss/lib/freebl/alg2268.c
+++ /dev/null
@@ -1,493 +0,0 @@
-/*
- * alg2268.c - implementation of the algorithm in RFC 2268
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-
-#include "blapi.h"
-#include "secerr.h"
-#ifdef XP_UNIX_XXX
-#include <stddef.h> /* for ptrdiff_t */
-#endif
-
-/*
-** RC2 symmetric block cypher
-*/
-
-typedef SECStatus (rc2Func)(RC2Context *cx, unsigned char *output,
- const unsigned char *input, unsigned int inputLen);
-
-/* forward declarations */
-static rc2Func rc2_EncryptECB;
-static rc2Func rc2_DecryptECB;
-static rc2Func rc2_EncryptCBC;
-static rc2Func rc2_DecryptCBC;
-
-typedef union {
- PRUint32 l[2];
- PRUint16 s[4];
- PRUint8 b[8];
-} RC2Block;
-
-struct RC2ContextStr {
- union {
- PRUint8 Kb[128];
- PRUint16 Kw[64];
- } u;
- RC2Block iv;
- rc2Func *enc;
- rc2Func *dec;
-};
-
-#define B u.Kb
-#define K u.Kw
-#define BYTESWAP(x) ((x) << 8 | (x) >> 8)
-#define SWAPK(i) cx->K[i] = (tmpS = cx->K[i], BYTESWAP(tmpS))
-#define RC2_BLOCK_SIZE 8
-
-#define LOAD_HARD(R) \
- R[0] = (PRUint16)input[1] << 8 | input[0]; \
- R[1] = (PRUint16)input[3] << 8 | input[2]; \
- R[2] = (PRUint16)input[5] << 8 | input[4]; \
- R[3] = (PRUint16)input[7] << 8 | input[6];
-#define LOAD_EASY(R) \
- R[0] = ((PRUint16 *)input)[0]; \
- R[1] = ((PRUint16 *)input)[1]; \
- R[2] = ((PRUint16 *)input)[2]; \
- R[3] = ((PRUint16 *)input)[3];
-#define STORE_HARD(R) \
- output[0] = (PRUint8)(R[0]); output[1] = (PRUint8)(R[0] >> 8); \
- output[2] = (PRUint8)(R[1]); output[3] = (PRUint8)(R[1] >> 8); \
- output[4] = (PRUint8)(R[2]); output[5] = (PRUint8)(R[2] >> 8); \
- output[6] = (PRUint8)(R[3]); output[7] = (PRUint8)(R[3] >> 8);
-#define STORE_EASY(R) \
- ((PRUint16 *)output)[0] = R[0]; \
- ((PRUint16 *)output)[1] = R[1]; \
- ((PRUint16 *)output)[2] = R[2]; \
- ((PRUint16 *)output)[3] = R[3];
-
-#if defined (_X86_)
-#define LOAD(R) LOAD_EASY(R)
-#define STORE(R) STORE_EASY(R)
-#elif !defined(IS_LITTLE_ENDIAN)
-#define LOAD(R) LOAD_HARD(R)
-#define STORE(R) STORE_HARD(R)
-#else
-#define LOAD(R) if ((ptrdiff_t)input & 1) { LOAD_HARD(R) } else { LOAD_EASY(R) }
-#define STORE(R) if ((ptrdiff_t)input & 1) { STORE_HARD(R) } else { STORE_EASY(R) }
-#endif
-
-static const PRUint8 S[256] = {
-0331,0170,0371,0304,0031,0335,0265,0355,0050,0351,0375,0171,0112,0240,0330,0235,
-0306,0176,0067,0203,0053,0166,0123,0216,0142,0114,0144,0210,0104,0213,0373,0242,
-0027,0232,0131,0365,0207,0263,0117,0023,0141,0105,0155,0215,0011,0201,0175,0062,
-0275,0217,0100,0353,0206,0267,0173,0013,0360,0225,0041,0042,0134,0153,0116,0202,
-0124,0326,0145,0223,0316,0140,0262,0034,0163,0126,0300,0024,0247,0214,0361,0334,
-0022,0165,0312,0037,0073,0276,0344,0321,0102,0075,0324,0060,0243,0074,0266,0046,
-0157,0277,0016,0332,0106,0151,0007,0127,0047,0362,0035,0233,0274,0224,0103,0003,
-0370,0021,0307,0366,0220,0357,0076,0347,0006,0303,0325,0057,0310,0146,0036,0327,
-0010,0350,0352,0336,0200,0122,0356,0367,0204,0252,0162,0254,0065,0115,0152,0052,
-0226,0032,0322,0161,0132,0025,0111,0164,0113,0237,0320,0136,0004,0030,0244,0354,
-0302,0340,0101,0156,0017,0121,0313,0314,0044,0221,0257,0120,0241,0364,0160,0071,
-0231,0174,0072,0205,0043,0270,0264,0172,0374,0002,0066,0133,0045,0125,0227,0061,
-0055,0135,0372,0230,0343,0212,0222,0256,0005,0337,0051,0020,0147,0154,0272,0311,
-0323,0000,0346,0317,0341,0236,0250,0054,0143,0026,0001,0077,0130,0342,0211,0251,
-0015,0070,0064,0033,0253,0063,0377,0260,0273,0110,0014,0137,0271,0261,0315,0056,
-0305,0363,0333,0107,0345,0245,0234,0167,0012,0246,0040,0150,0376,0177,0301,0255
-};
-
-/*
-** Create a new RC2 context suitable for RC2 encryption/decryption.
-** "key" raw key data
-** "len" the number of bytes of key data
-** "iv" is the CBC initialization vector (if mode is NSS_RC2_CBC)
-** "mode" one of NSS_RC2 or NSS_RC2_CBC
-** "effectiveKeyLen" in bytes, not bits.
-**
-** When mode is set to NSS_RC2_CBC the RC2 cipher is run in "cipher block
-** chaining" mode.
-*/
-RC2Context *
-RC2_CreateContext(unsigned char *key, unsigned int len,
- unsigned char *input, int mode, unsigned efLen8)
-{
- RC2Context *cx;
- PRUint8 *L,*L2;
- int i;
-#if !defined(IS_LITTLE_ENDIAN)
- PRUint16 tmpS;
-#endif
- PRUint8 tmpB;
-
- if (!key || len == 0 || len > (sizeof cx->B) || efLen8 > (sizeof cx->B)) {
- return NULL;
- }
- if (mode == NSS_RC2) {
- /* groovy */
- } else if (mode == NSS_RC2_CBC) {
- if (!input) {
- return NULL; /* not groovy */
- }
- } else {
- return NULL;
- }
-
- cx = PORT_ZNew(RC2Context);
- if (!cx)
- return cx;
-
- if (mode == NSS_RC2_CBC) {
- cx->enc = & rc2_EncryptCBC;
- cx->dec = & rc2_DecryptCBC;
- LOAD(cx->iv.s);
- } else {
- cx->enc = & rc2_EncryptECB;
- cx->dec = & rc2_DecryptECB;
- }
-
- /* Step 0. Copy key into table. */
- memcpy(cx->B, key, len);
-
- /* Step 1. Compute all values to the right of the key. */
- L2 = cx->B;
- L = L2 + len;
- tmpB = L[-1];
- for (i = (sizeof cx->B) - len; i > 0; --i) {
- *L++ = tmpB = S[ (PRUint8)(tmpB + *L2++) ];
- }
-
- /* step 2. Adjust left most byte of effective key. */
- i = (sizeof cx->B) - efLen8;
- L = cx->B + i;
- *L = tmpB = S[*L]; /* mask is always 0xff */
-
- /* step 3. Recompute all values to the left of effective key. */
- L2 = --L + efLen8;
- while(L >= cx->B) {
- *L-- = tmpB = S[ tmpB ^ *L2-- ];
- }
-
-#if !defined(IS_LITTLE_ENDIAN)
- for (i = 63; i >= 0; --i) {
- SWAPK(i); /* candidate for unrolling */
- }
-#endif
- return cx;
-}
-
-/*
-** Destroy an RC2 encryption/decryption context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-void
-RC2_DestroyContext(RC2Context *cx, PRBool freeit)
-{
- if (cx) {
- memset(cx, 0, sizeof *cx);
- if (freeit) {
- PORT_Free(cx);
- }
- }
-}
-
-#define ROL(x,k) (x << k | x >> (16-k))
-#define MIX(j) \
- R0 = R0 + cx->K[ 4*j+0] + (R3 & R2) + (~R3 & R1); R0 = ROL(R0,1);\
- R1 = R1 + cx->K[ 4*j+1] + (R0 & R3) + (~R0 & R2); R1 = ROL(R1,2);\
- R2 = R2 + cx->K[ 4*j+2] + (R1 & R0) + (~R1 & R3); R2 = ROL(R2,3);\
- R3 = R3 + cx->K[ 4*j+3] + (R2 & R1) + (~R2 & R0); R3 = ROL(R3,5)
-#define MASH \
- R0 = R0 + cx->K[R3 & 63];\
- R1 = R1 + cx->K[R0 & 63];\
- R2 = R2 + cx->K[R1 & 63];\
- R3 = R3 + cx->K[R2 & 63]
-
-/* Encrypt one block */
-static void
-rc2_Encrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input)
-{
- register PRUint16 R0, R1, R2, R3;
-
- /* step 1. Initialize input. */
- R0 = input->s[0];
- R1 = input->s[1];
- R2 = input->s[2];
- R3 = input->s[3];
-
- /* step 2. Expand Key (already done, in context) */
- /* step 3. j = 0 */
- /* step 4. Perform 5 mixing rounds. */
-
- MIX(0);
- MIX(1);
- MIX(2);
- MIX(3);
- MIX(4);
-
- /* step 5. Perform 1 mashing round. */
- MASH;
-
- /* step 6. Perform 6 mixing rounds. */
-
- MIX(5);
- MIX(6);
- MIX(7);
- MIX(8);
- MIX(9);
- MIX(10);
-
- /* step 7. Perform 1 mashing round. */
- MASH;
-
- /* step 8. Perform 5 mixing rounds. */
-
- MIX(11);
- MIX(12);
- MIX(13);
- MIX(14);
- MIX(15);
-
- /* output results */
- output->s[0] = R0;
- output->s[1] = R1;
- output->s[2] = R2;
- output->s[3] = R3;
-}
-
-#define ROR(x,k) (x >> k | x << (16-k))
-#define R_MIX(j) \
- R3 = ROR(R3,5); R3 = R3 - cx->K[ 4*j+3] - (R2 & R1) - (~R2 & R0); \
- R2 = ROR(R2,3); R2 = R2 - cx->K[ 4*j+2] - (R1 & R0) - (~R1 & R3); \
- R1 = ROR(R1,2); R1 = R1 - cx->K[ 4*j+1] - (R0 & R3) - (~R0 & R2); \
- R0 = ROR(R0,1); R0 = R0 - cx->K[ 4*j+0] - (R3 & R2) - (~R3 & R1)
-#define R_MASH \
- R3 = R3 - cx->K[R2 & 63];\
- R2 = R2 - cx->K[R1 & 63];\
- R1 = R1 - cx->K[R0 & 63];\
- R0 = R0 - cx->K[R3 & 63]
-
-/* Encrypt one block */
-static void
-rc2_Decrypt1Block(RC2Context *cx, RC2Block *output, RC2Block *input)
-{
- register PRUint16 R0, R1, R2, R3;
-
- /* step 1. Initialize input. */
- R0 = input->s[0];
- R1 = input->s[1];
- R2 = input->s[2];
- R3 = input->s[3];
-
- /* step 2. Expand Key (already done, in context) */
- /* step 3. j = 63 */
- /* step 4. Perform 5 r_mixing rounds. */
- R_MIX(15);
- R_MIX(14);
- R_MIX(13);
- R_MIX(12);
- R_MIX(11);
-
- /* step 5. Perform 1 r_mashing round. */
- R_MASH;
-
- /* step 6. Perform 6 r_mixing rounds. */
- R_MIX(10);
- R_MIX(9);
- R_MIX(8);
- R_MIX(7);
- R_MIX(6);
- R_MIX(5);
-
- /* step 7. Perform 1 r_mashing round. */
- R_MASH;
-
- /* step 8. Perform 5 r_mixing rounds. */
- R_MIX(4);
- R_MIX(3);
- R_MIX(2);
- R_MIX(1);
- R_MIX(0);
-
- /* output results */
- output->s[0] = R0;
- output->s[1] = R1;
- output->s[2] = R2;
- output->s[3] = R3;
-}
-
-static SECStatus
-rc2_EncryptECB(RC2Context *cx, unsigned char *output,
- const unsigned char *input, unsigned int inputLen)
-{
- RC2Block iBlock;
-
- while (inputLen > 0) {
- LOAD(iBlock.s)
- rc2_Encrypt1Block(cx, &iBlock, &iBlock);
- STORE(iBlock.s)
- output += RC2_BLOCK_SIZE;
- input += RC2_BLOCK_SIZE;
- inputLen -= RC2_BLOCK_SIZE;
- }
- return SECSuccess;
-}
-
-static SECStatus
-rc2_DecryptECB(RC2Context *cx, unsigned char *output,
- const unsigned char *input, unsigned int inputLen)
-{
- RC2Block iBlock;
-
- while (inputLen > 0) {
- LOAD(iBlock.s)
- rc2_Decrypt1Block(cx, &iBlock, &iBlock);
- STORE(iBlock.s)
- output += RC2_BLOCK_SIZE;
- input += RC2_BLOCK_SIZE;
- inputLen -= RC2_BLOCK_SIZE;
- }
- return SECSuccess;
-}
-
-static SECStatus
-rc2_EncryptCBC(RC2Context *cx, unsigned char *output,
- const unsigned char *input, unsigned int inputLen)
-{
- RC2Block iBlock;
-
- while (inputLen > 0) {
-
- LOAD(iBlock.s)
- iBlock.l[0] ^= cx->iv.l[0];
- iBlock.l[1] ^= cx->iv.l[1];
- rc2_Encrypt1Block(cx, &iBlock, &iBlock);
- cx->iv = iBlock;
- STORE(iBlock.s)
- output += RC2_BLOCK_SIZE;
- input += RC2_BLOCK_SIZE;
- inputLen -= RC2_BLOCK_SIZE;
- }
- return SECSuccess;
-}
-
-static SECStatus
-rc2_DecryptCBC(RC2Context *cx, unsigned char *output,
- const unsigned char *input, unsigned int inputLen)
-{
- RC2Block iBlock;
- RC2Block oBlock;
-
- while (inputLen > 0) {
- LOAD(iBlock.s)
- rc2_Decrypt1Block(cx, &oBlock, &iBlock);
- oBlock.l[0] ^= cx->iv.l[0];
- oBlock.l[1] ^= cx->iv.l[1];
- cx->iv = iBlock;
- STORE(oBlock.s)
- output += RC2_BLOCK_SIZE;
- input += RC2_BLOCK_SIZE;
- inputLen -= RC2_BLOCK_SIZE;
- }
- return SECSuccess;
-}
-
-
-/*
-** Perform RC2 encryption.
-** "cx" the context
-** "output" the output buffer to store the encrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-SECStatus RC2_Encrypt(RC2Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- SECStatus rv = SECSuccess;
- if (inputLen) {
- if (inputLen % RC2_BLOCK_SIZE) {
- PORT_SetError(SEC_ERROR_INPUT_LEN);
- return SECFailure;
- }
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- return SECFailure;
- }
- rv = (*cx->enc)(cx, output, input, inputLen);
- }
- if (rv == SECSuccess) {
- *outputLen = inputLen;
- }
- return rv;
-}
-
-/*
-** Perform RC2 decryption.
-** "cx" the context
-** "output" the output buffer to store the decrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-SECStatus RC2_Decrypt(RC2Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- SECStatus rv = SECSuccess;
- if (inputLen) {
- if (inputLen % RC2_BLOCK_SIZE) {
- PORT_SetError(SEC_ERROR_INPUT_LEN);
- return SECFailure;
- }
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- return SECFailure;
- }
- rv = (*cx->dec)(cx, output, input, inputLen);
- }
- if (rv == SECSuccess) {
- *outputLen = inputLen;
- }
- return rv;
-}
-
diff --git a/security/nss/lib/freebl/arcfive.c b/security/nss/lib/freebl/arcfive.c
deleted file mode 100644
index 2ee3f5447..000000000
--- a/security/nss/lib/freebl/arcfive.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * arcfive.c - stubs for RC5 - NOT a working implementation!
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "blapi.h"
-#include "prerror.h"
-
-/******************************************/
-/*
-** RC5 symmetric block cypher -- 64-bit block size
-*/
-
-/*
-** Create a new RC5 context suitable for RC5 encryption/decryption.
-** "key" raw key data
-** "len" the number of bytes of key data
-** "iv" is the CBC initialization vector (if mode is NSS_RC5_CBC)
-** "mode" one of NSS_RC5 or NSS_RC5_CBC
-**
-** When mode is set to NSS_RC5_CBC the RC5 cipher is run in "cipher block
-** chaining" mode.
-*/
-RC5Context *
-RC5_CreateContext(SECItem *key, unsigned int rounds,
- unsigned int wordSize, unsigned char *iv, int mode)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return NULL;
-}
-
-/*
-** Destroy an RC5 encryption/decryption context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-void
-RC5_DestroyContext(RC5Context *cx, PRBool freeit)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-}
-
-/*
-** Perform RC5 encryption.
-** "cx" the context
-** "output" the output buffer to store the encrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-SECStatus
-RC5_Encrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-/*
-** Perform RC5 decryption.
-** "cx" the context
-** "output" the output buffer to store the decrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-SECStatus
-RC5_Decrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
diff --git a/security/nss/lib/freebl/arcfour.c b/security/nss/lib/freebl/arcfour.c
deleted file mode 100644
index 71de64b2d..000000000
--- a/security/nss/lib/freebl/arcfour.c
+++ /dev/null
@@ -1,562 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "blapi.h"
-
-/* Architecture-dependent defines */
-
-#if defined(SOLARIS) || defined(HPUX) || defined(i386) || defined(IRIX)
-/* Convert the byte-stream to a word-stream */
-#define CONVERT_TO_WORDS
-#endif
-
-#if defined(AIX) || defined(OSF1)
-/* Treat array variables as longs, not bytes */
-#define USE_LONG
-#endif
-
-#if defined(NSS_USE_HYBRID) && !defined(SOLARIS) && !defined(NSS_USE_64)
-typedef unsigned long long WORD;
-#else
-typedef unsigned long WORD;
-#endif
-#define WORDSIZE sizeof(WORD)
-
-#ifdef USE_LONG
-typedef unsigned long Stype;
-#else
-typedef PRUint8 Stype;
-#endif
-
-#define ARCFOUR_STATE_SIZE 256
-
-#define MASK1BYTE (WORD)(0xff)
-
-#define SWAP(a, b) \
- tmp = a; \
- a = b; \
- b = tmp;
-
-/*
- * State information for stream cipher.
- */
-struct RC4ContextStr
-{
- Stype S[ARCFOUR_STATE_SIZE];
- PRUint8 i;
- PRUint8 j;
-};
-
-/*
- * array indices [0..255] to initialize cx->S array (faster than loop).
- */
-static const Stype Kinit[256] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
- 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
- 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
- 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
- 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
- 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
- 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
- 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
- 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
- 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
- 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
- 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
- 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
- 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
- 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
- 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
- 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
- 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
- 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
- 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
- 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
- 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
- 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
- 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
- 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
- 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
- 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
- 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
- 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
- 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
-};
-
-/*
- * Initialize a new generator.
- */
-RC4Context *
-RC4_CreateContext(unsigned char *key, int len)
-{
- int i;
- PRUint8 j, tmp;
- RC4Context *cx;
- PRUint8 K[256];
- PRUint8 *L;
- /* verify the key length. */
- PORT_Assert(len > 0 && len < ARCFOUR_STATE_SIZE);
- if (len < 0 || len >= ARCFOUR_STATE_SIZE) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- /* Create space for the context. */
- cx = (RC4Context *)PORT_ZAlloc(sizeof(RC4Context));
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return NULL;
- }
- /* Initialize the state using array indices. */
- memcpy(cx->S, Kinit, sizeof cx->S);
- /* Fill in K repeatedly with values from key. */
- L = K;
- for (i = sizeof K; i > len; i-= len) {
- memcpy(L, key, len);
- L += len;
- }
- memcpy(L, key, i);
- /* Stir the state of the generator. At this point it is assumed
- * that the key is the size of the state buffer. If this is not
- * the case, the key bytes are repeated to fill the buffer.
- */
- j = 0;
-#define ARCFOUR_STATE_STIR(ii) \
- j = j + cx->S[ii] + K[ii]; \
- SWAP(cx->S[ii], cx->S[j]);
- for (i=0; i<ARCFOUR_STATE_SIZE; i++) {
- ARCFOUR_STATE_STIR(i);
- }
- cx->i = 0;
- cx->j = 0;
- return cx;
-}
-
-void
-RC4_DestroyContext(RC4Context *cx, PRBool freeit)
-{
- if (freeit)
- PORT_ZFree(cx, sizeof(*cx));
-}
-
-/*
- * Generate the next byte in the stream.
- */
-#define ARCFOUR_NEXT_BYTE() \
- tmpSi = cx->S[++tmpi]; \
- tmpj += tmpSi; \
- tmpSj = cx->S[tmpj]; \
- cx->S[tmpi] = tmpSj; \
- cx->S[tmpj] = tmpSi; \
- t = tmpSi + tmpSj;
-
-#ifdef CONVERT_TO_WORDS
-/*
- * Straight RC4 op. No optimization.
- */
-static SECStatus
-rc4_no_opt(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- PRUint8 t;
- Stype tmpSi, tmpSj;
- register PRUint8 tmpi = cx->i;
- register PRUint8 tmpj = cx->j;
- unsigned int index;
- PORT_Assert(maxOutputLen >= inputLen);
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- for (index=0; index < inputLen; index++) {
- /* Generate next byte from stream. */
- ARCFOUR_NEXT_BYTE();
- /* output = next stream byte XOR next input byte */
- output[index] = cx->S[t] ^ input[index];
- }
- *outputLen = inputLen;
- cx->i = tmpi;
- cx->j = tmpj;
- return SECSuccess;
-}
-#endif
-
-#ifndef CONVERT_TO_WORDS
-/*
- * Byte-at-a-time RC4, unrolling the loop into 8 pieces.
- */
-static SECStatus
-rc4_unrolled(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- PRUint8 t;
- Stype tmpSi, tmpSj;
- register PRUint8 tmpi = cx->i;
- register PRUint8 tmpj = cx->j;
- int index;
- PORT_Assert(maxOutputLen >= inputLen);
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- for (index = inputLen / 8; index-- > 0; input += 8, output += 8) {
- ARCFOUR_NEXT_BYTE();
- output[0] = cx->S[t] ^ input[0];
- ARCFOUR_NEXT_BYTE();
- output[1] = cx->S[t] ^ input[1];
- ARCFOUR_NEXT_BYTE();
- output[2] = cx->S[t] ^ input[2];
- ARCFOUR_NEXT_BYTE();
- output[3] = cx->S[t] ^ input[3];
- ARCFOUR_NEXT_BYTE();
- output[4] = cx->S[t] ^ input[4];
- ARCFOUR_NEXT_BYTE();
- output[5] = cx->S[t] ^ input[5];
- ARCFOUR_NEXT_BYTE();
- output[6] = cx->S[t] ^ input[6];
- ARCFOUR_NEXT_BYTE();
- output[7] = cx->S[t] ^ input[7];
- }
- index = inputLen % 8;
- if (index) {
- input += index;
- output += index;
- switch (index) {
- case 7:
- ARCFOUR_NEXT_BYTE();
- output[-7] = cx->S[t] ^ input[-7]; /* FALLTHRU */
- case 6:
- ARCFOUR_NEXT_BYTE();
- output[-6] = cx->S[t] ^ input[-6]; /* FALLTHRU */
- case 5:
- ARCFOUR_NEXT_BYTE();
- output[-5] = cx->S[t] ^ input[-5]; /* FALLTHRU */
- case 4:
- ARCFOUR_NEXT_BYTE();
- output[-4] = cx->S[t] ^ input[-4]; /* FALLTHRU */
- case 3:
- ARCFOUR_NEXT_BYTE();
- output[-3] = cx->S[t] ^ input[-3]; /* FALLTHRU */
- case 2:
- ARCFOUR_NEXT_BYTE();
- output[-2] = cx->S[t] ^ input[-2]; /* FALLTHRU */
- case 1:
- ARCFOUR_NEXT_BYTE();
- output[-1] = cx->S[t] ^ input[-1]; /* FALLTHRU */
- default:
- /* FALLTHRU */
- ; /* hp-ux build breaks without this */
- }
- }
- cx->i = tmpi;
- cx->j = tmpj;
- *outputLen = inputLen;
- return SECSuccess;
-}
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-#define ARCFOUR_NEXT4BYTES_L(n) \
- ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n ); \
- ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 8); \
- ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 16); \
- ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 24);
-#else
-#define ARCFOUR_NEXT4BYTES_B(n) \
- ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 24); \
- ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 16); \
- ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n + 8); \
- ARCFOUR_NEXT_BYTE(); streamWord |= (WORD)cx->S[t] << (n );
-#endif
-
-#if (defined(NSS_USE_HYBRID) && !defined(SOLARIS)) || defined(NSS_USE_64)
-/* 64-bit wordsize */
-#ifdef IS_LITTLE_ENDIAN
-#define ARCFOUR_NEXT_WORD() \
- { streamWord = 0; ARCFOUR_NEXT4BYTES_L(0); ARCFOUR_NEXT4BYTES_L(32); }
-#else
-#define ARCFOUR_NEXT_WORD() \
- { streamWord = 0; ARCFOUR_NEXT4BYTES_B(32); ARCFOUR_NEXT4BYTES_B(0); }
-#endif
-#else
-/* 32-bit wordsize */
-#ifdef IS_LITTLE_ENDIAN
-#define ARCFOUR_NEXT_WORD() \
- { streamWord = 0; ARCFOUR_NEXT4BYTES_L(0); }
-#else
-#define ARCFOUR_NEXT_WORD() \
- { streamWord = 0; ARCFOUR_NEXT4BYTES_B(0); }
-#endif
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-#define RSH <<
-#define LSH >>
-#else
-#define RSH >>
-#define LSH <<
-#endif
-
-#ifdef CONVERT_TO_WORDS
-/*
- * Convert input and output buffers to words before performing
- * RC4 operations.
- */
-static SECStatus
-rc4_wordconv(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- ptrdiff_t inOffset = (ptrdiff_t)input % WORDSIZE;
- ptrdiff_t outOffset = (ptrdiff_t)output % WORDSIZE;
- register WORD streamWord, mask;
- register WORD *pInWord, *pOutWord;
- register WORD inWord, nextInWord;
- PRUint8 t;
- register Stype tmpSi, tmpSj;
- register PRUint8 tmpi = cx->i;
- register PRUint8 tmpj = cx->j;
- unsigned int byteCount;
- unsigned int bufShift, invBufShift;
- int i;
-
- PORT_Assert(maxOutputLen >= inputLen);
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (inputLen < 2*WORDSIZE) {
- /* Ignore word conversion, do byte-at-a-time */
- return rc4_no_opt(cx, output, outputLen, maxOutputLen, input, inputLen);
- }
- *outputLen = inputLen;
- pInWord = (WORD *)(input - inOffset);
- if (inOffset < outOffset) {
- bufShift = 8*(outOffset - inOffset);
- invBufShift = 8*WORDSIZE - bufShift;
- } else {
- invBufShift = 8*(inOffset - outOffset);
- bufShift = 8*WORDSIZE - invBufShift;
- }
- /*****************************************************************/
- /* Step 1: */
- /* If the first output word is partial, consume the bytes in the */
- /* first partial output word by loading one or two words of */
- /* input and shifting them accordingly. Otherwise, just load */
- /* in the first word of input. At the end of this block, at */
- /* least one partial word of input should ALWAYS be loaded. */
- /*****************************************************************/
- if (outOffset) {
- /* Generate input and stream words aligned relative to the
- * partial output buffer.
- */
- byteCount = WORDSIZE - outOffset;
- pOutWord = (WORD *)(output - outOffset);
- mask = streamWord = 0;
-#ifdef IS_LITTLE_ENDIAN
- for (i = WORDSIZE - byteCount; i < WORDSIZE; i++) {
-#else
- for (i = byteCount - 1; i >= 0; --i) {
-#endif
- ARCFOUR_NEXT_BYTE();
- streamWord |= (WORD)(cx->S[t]) << 8*i;
- mask |= MASK1BYTE << 8*i;
- } /* } */
- inWord = *pInWord++;
- /* If buffers are relatively misaligned, shift the bytes in inWord
- * to be aligned to the output buffer.
- */
- nextInWord = 0;
- if (inOffset < outOffset) {
- /* Have more bytes than needed, shift remainder into nextInWord */
- nextInWord = inWord LSH 8*(inOffset + byteCount);
- inWord = inWord RSH bufShift;
- } else if (inOffset > outOffset) {
- /* Didn't get enough bytes from current input word, load another
- * word and then shift remainder into nextInWord.
- */
- nextInWord = *pInWord++;
- inWord = (inWord LSH invBufShift) |
- (nextInWord RSH bufShift);
- nextInWord = nextInWord LSH invBufShift;
- }
- /* Store output of first partial word */
- *pOutWord = (*pOutWord & ~mask) | ((inWord ^ streamWord) & mask);
- /* Consumed byteCount bytes of input */
- inputLen -= byteCount;
- /* move to next word of output */
- pOutWord++;
- /* inWord has been consumed, but there may be bytes in nextInWord */
- inWord = nextInWord;
- } else {
- /* output is word-aligned */
- pOutWord = (WORD *)output;
- if (inOffset) {
- /* Input is not word-aligned. The first word load of input
- * will not produce a full word of input bytes, so one word
- * must be pre-loaded. The main loop below will load in the
- * next input word and shift some of its bytes into inWord
- * in order to create a full input word. Note that the main
- * loop must execute at least once because the input must
- * be at least two words.
- */
- inWord = *pInWord++;
- inWord = inWord LSH invBufShift;
- } else {
- /* Input is word-aligned. The first word load of input
- * will produce a full word of input bytes, so nothing
- * needs to be loaded here.
- */
- inWord = 0;
- }
- }
- /* Output buffer is aligned, inOffset is now measured relative to
- * outOffset (and not a word boundary).
- */
- inOffset = (inOffset + WORDSIZE - outOffset) % WORDSIZE;
- /*****************************************************************/
- /* Step 2: main loop */
- /* At this point the output buffer is word-aligned. Any unused */
- /* bytes from above will be in inWord (shifted correctly). If */
- /* the input buffer is unaligned relative to the output buffer, */
- /* shifting has to be done. */
- /*****************************************************************/
- if (inOffset) {
- for (; inputLen >= WORDSIZE; inputLen -= WORDSIZE) {
- nextInWord = *pInWord++;
- inWord |= nextInWord RSH bufShift;
- nextInWord = nextInWord LSH invBufShift;
- ARCFOUR_NEXT_WORD();
- *pOutWord++ = inWord ^ streamWord;
- inWord = nextInWord;
- }
- if (inputLen == 0) {
- /* Nothing left to do. */
- cx->i = tmpi;
- cx->j = tmpj;
- return SECSuccess;
- }
- /* If the amount of remaining input is greater than the amount
- * bytes pulled from the current input word, need to do another
- * word load. What's left in inWord will be consumed in step 3.
- */
- if (inputLen > WORDSIZE - inOffset)
- inWord |= *pInWord RSH bufShift;
- } else {
- for (; inputLen >= WORDSIZE; inputLen -= WORDSIZE) {
- inWord = *pInWord++;
- ARCFOUR_NEXT_WORD();
- *pOutWord++ = inWord ^ streamWord;
- }
- if (inputLen == 0) {
- /* Nothing left to do. */
- cx->i = tmpi;
- cx->j = tmpj;
- return SECSuccess;
- } else {
- /* A partial input word remains at the tail. Load it. The
- * relevant bytes will be consumed in step 3.
- */
- inWord = *pInWord;
- }
- }
- /*****************************************************************/
- /* Step 3: */
- /* A partial word of input remains, and it is already loaded */
- /* into nextInWord. Shift appropriately and consume the bytes */
- /* used in the partial word. */
- /*****************************************************************/
- mask = streamWord = 0;
-#ifdef IS_LITTLE_ENDIAN
- for (i = 0; i < inputLen; ++i) {
-#else
- for (i = WORDSIZE - 1; i >= WORDSIZE - inputLen; --i) {
-#endif
- ARCFOUR_NEXT_BYTE();
- streamWord |= (WORD)(cx->S[t]) << 8*i;
- mask |= MASK1BYTE << 8*i;
- } /* } */
- *pOutWord = (*pOutWord & ~mask) | ((inWord ^ streamWord) & mask);
- cx->i = tmpi;
- cx->j = tmpj;
- return SECSuccess;
-}
-#endif
-
-SECStatus
-RC4_Encrypt(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- PORT_Assert(maxOutputLen >= inputLen);
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-#ifdef CONVERT_TO_WORDS
- /* Convert the byte-stream to a word-stream */
- return rc4_wordconv(cx, output, outputLen, maxOutputLen, input, inputLen);
-#else
- /* Operate on bytes, but unroll the main loop */
- return rc4_unrolled(cx, output, outputLen, maxOutputLen, input, inputLen);
-#endif
-}
-
-SECStatus RC4_Decrypt(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- PORT_Assert(maxOutputLen >= inputLen);
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* decrypt and encrypt are same operation. */
-#ifdef CONVERT_TO_WORDS
- /* Convert the byte-stream to a word-stream */
- return rc4_wordconv(cx, output, outputLen, maxOutputLen, input, inputLen);
-#else
- /* Operate on bytes, but unroll the main loop */
- return rc4_unrolled(cx, output, outputLen, maxOutputLen, input, inputLen);
-#endif
-}
-
-#undef CONVERT_TO_WORDS
-#undef USE_LONG
diff --git a/security/nss/lib/freebl/blapi.h b/security/nss/lib/freebl/blapi.h
deleted file mode 100644
index c41691e5b..000000000
--- a/security/nss/lib/freebl/blapi.h
+++ /dev/null
@@ -1,814 +0,0 @@
-/*
- * crypto.h - public data structures and prototypes for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _BLAPI_H_
-#define _BLAPI_H_
-
-#include "blapit.h"
-
-
-SEC_BEGIN_PROTOS
-
-/*
-** RSA encryption/decryption. When encrypting/decrypting the output
-** buffer must be at least the size of the public key modulus.
-*/
-
-/*
-** Generate and return a new RSA public and private key.
-** Both keys are encoded in a single RSAPrivateKey structure.
-** "cx" is the random number generator context
-** "keySizeInBits" is the size of the key to be generated, in bits.
-** 512, 1024, etc.
-** "publicExponent" when not NULL is a pointer to some data that
-** represents the public exponent to use. The data is a byte
-** encoded integer, in "big endian" order.
-*/
-extern RSAPrivateKey *RSA_NewKey(int keySizeInBits,
- SECItem * publicExponent);
-
-/*
-** Perform a raw public-key operation
-** Length of input and output buffers are equal to key's modulus len.
-*/
-extern SECStatus RSA_PublicKeyOp(RSAPublicKey * key,
- unsigned char * output,
- const unsigned char * input);
-
-/*
-** Perform a raw private-key operation
-** Length of input and output buffers are equal to key's modulus len.
-*/
-extern SECStatus RSA_PrivateKeyOp(RSAPrivateKey * key,
- unsigned char * output,
- const unsigned char * input);
-
-/*
-** Perform a raw private-key operation, and check the parameters used in
-** the operation for validity by performing a test operation first.
-** Length of input and output buffers are equal to key's modulus len.
-*/
-extern SECStatus RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey * key,
- unsigned char * output,
- const unsigned char * input);
-
-/*
-** Perform a check of private key parameters for consistency.
-*/
-extern SECStatus RSA_PrivateKeyCheck(RSAPrivateKey *key);
-
-
-/********************************************************************
-** DSA signing algorithm
-*/
-
-/*
-** Generate and return a new DSA public and private key pair,
-** both of which are encoded into a single DSAPrivateKey struct.
-** "params" is a pointer to the PQG parameters for the domain
-** Uses a random seed.
-*/
-extern SECStatus DSA_NewKey(const PQGParams * params,
- DSAPrivateKey ** privKey);
-
-/* signature is caller-supplied buffer of at least 20 bytes.
-** On input, signature->len == size of buffer to hold signature.
-** digest->len == size of digest.
-** On output, signature->len == size of signature in buffer.
-** Uses a random seed.
-*/
-extern SECStatus DSA_SignDigest(DSAPrivateKey * key,
- SECItem * signature,
- const SECItem * digest);
-
-/* signature is caller-supplied buffer of at least 20 bytes.
-** On input, signature->len == size of buffer to hold signature.
-** digest->len == size of digest.
-*/
-extern SECStatus DSA_VerifyDigest(DSAPublicKey * key,
- const SECItem * signature,
- const SECItem * digest);
-
-/* For FIPS compliance testing. Seed must be exactly 20 bytes long */
-extern SECStatus DSA_NewKeyFromSeed(const PQGParams *params,
- const unsigned char * seed,
- DSAPrivateKey **privKey);
-
-/* For FIPS compliance testing. Seed must be exactly 20 bytes. */
-extern SECStatus DSA_SignDigestWithSeed(DSAPrivateKey * key,
- SECItem * signature,
- const SECItem * digest,
- const unsigned char * seed);
-
-/******************************************************
-** Diffie Helman key exchange algorithm
-*/
-
-/* Generates parameters for Diffie-Helman key generation.
-** primeLen is the length in bytes of prime P to be generated.
-*/
-extern SECStatus DH_GenParam(int primeLen, DHParams ** params);
-
-/* Generates a public and private key, both of which are encoded in a single
-** DHPrivateKey struct. Params is input, privKey are output.
-** This is Phase 1 of Diffie Hellman.
-*/
-extern SECStatus DH_NewKey(DHParams * params,
- DHPrivateKey ** privKey);
-
-/*
-** DH_Derive does the Diffie-Hellman phase 2 calculation, using the
-** other party's publicValue, and the prime and our privateValue.
-** maxOutBytes is the requested length of the generated secret in bytes.
-** A zero value means produce a value of any length up to the size of
-** the prime. If successful, derivedSecret->data is set
-** to the address of the newly allocated buffer containing the derived
-** secret, and derivedSecret->len is the size of the secret produced.
-** The size of the secret produced will never be larger than the length
-** of the prime, and it may be smaller than maxOutBytes.
-** It is the caller's responsibility to free the allocated buffer
-** containing the derived secret.
-*/
-extern SECStatus DH_Derive(SECItem * publicValue,
- SECItem * prime,
- SECItem * privateValue,
- SECItem * derivedSecret,
- unsigned int maxOutBytes);
-
-/*
-** KEA_CalcKey returns octet string with the private key for a dual
-** Diffie-Helman key generation as specified for government key exchange.
-*/
-extern SECStatus KEA_Derive(SECItem *prime,
- SECItem *public1,
- SECItem *public2,
- SECItem *private1,
- SECItem *private2,
- SECItem *derivedSecret);
-
-/*
- * verify that a KEA or DSA public key is a valid key for this prime and
- * subprime domain.
- */
-extern PRBool KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime);
-
-
-/******************************************/
-/*
-** RC4 symmetric stream cypher
-*/
-
-/*
-** Create a new RC4 context suitable for RC4 encryption/decryption.
-** "key" raw key data
-** "len" the number of bytes of key data
-*/
-extern RC4Context *RC4_CreateContext(unsigned char *key, int len);
-
-/*
-** Destroy an RC4 encryption/decryption context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void RC4_DestroyContext(RC4Context *cx, PRBool freeit);
-
-/*
-** Perform RC4 encryption.
-** "cx" the context
-** "output" the output buffer to store the encrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-extern SECStatus RC4_Encrypt(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform RC4 decryption.
-** "cx" the context
-** "output" the output buffer to store the decrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-extern SECStatus RC4_Decrypt(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-/******************************************/
-/*
-** RC2 symmetric block cypher
-*/
-
-/*
-** Create a new RC2 context suitable for RC2 encryption/decryption.
-** "key" raw key data
-** "len" the number of bytes of key data
-** "iv" is the CBC initialization vector (if mode is NSS_RC2_CBC)
-** "mode" one of NSS_RC2 or NSS_RC2_CBC
-** "effectiveKeyLen" is the effective key length (as specified in
-** RFC 2268) in bytes (not bits).
-**
-** When mode is set to NSS_RC2_CBC the RC2 cipher is run in "cipher block
-** chaining" mode.
-*/
-extern RC2Context *RC2_CreateContext(unsigned char *key, unsigned int len,
- unsigned char *iv, int mode, unsigned effectiveKeyLen);
-
-/*
-** Destroy an RC2 encryption/decryption context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void RC2_DestroyContext(RC2Context *cx, PRBool freeit);
-
-/*
-** Perform RC2 encryption.
-** "cx" the context
-** "output" the output buffer to store the encrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-extern SECStatus RC2_Encrypt(RC2Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform RC2 decryption.
-** "cx" the context
-** "output" the output buffer to store the decrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-extern SECStatus RC2_Decrypt(RC2Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-/******************************************/
-/*
-** RC5 symmetric block cypher -- 64-bit block size
-*/
-
-/*
-** Create a new RC5 context suitable for RC5 encryption/decryption.
-** "key" raw key data
-** "len" the number of bytes of key data
-** "iv" is the CBC initialization vector (if mode is NSS_RC5_CBC)
-** "mode" one of NSS_RC5 or NSS_RC5_CBC
-**
-** When mode is set to NSS_RC5_CBC the RC5 cipher is run in "cipher block
-** chaining" mode.
-*/
-extern RC5Context *RC5_CreateContext(SECItem *key, unsigned int rounds,
- unsigned int wordSize, unsigned char *iv, int mode);
-
-/*
-** Destroy an RC5 encryption/decryption context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void RC5_DestroyContext(RC5Context *cx, PRBool freeit);
-
-/*
-** Perform RC5 encryption.
-** "cx" the context
-** "output" the output buffer to store the encrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-extern SECStatus RC5_Encrypt(RC5Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform RC5 decryption.
-** "cx" the context
-** "output" the output buffer to store the decrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-
-extern SECStatus RC5_Decrypt(RC5Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-
-
-/******************************************/
-/*
-** DES symmetric block cypher
-*/
-
-/*
-** Create a new DES context suitable for DES encryption/decryption.
-** "key" raw key data
-** "len" the number of bytes of key data
-** "iv" is the CBC initialization vector (if mode is NSS_DES_CBC or
-** mode is DES_EDE3_CBC)
-** "mode" one of NSS_DES, NSS_DES_CBC, NSS_DES_EDE3 or NSS_DES_EDE3_CBC
-** "encrypt" is PR_TRUE if the context will be used for encryption
-**
-** When mode is set to NSS_DES_CBC or NSS_DES_EDE3_CBC then the DES
-** cipher is run in "cipher block chaining" mode.
-*/
-extern DESContext *DES_CreateContext(unsigned char *key, unsigned char *iv,
- int mode, PRBool encrypt);
-
-/*
-** Destroy an DES encryption/decryption context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void DES_DestroyContext(DESContext *cx, PRBool freeit);
-
-/*
-** Perform DES encryption.
-** "cx" the context
-** "output" the output buffer to store the encrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-**
-** NOTE: the inputLen must be a multiple of DES_KEY_LENGTH
-*/
-extern SECStatus DES_Encrypt(DESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform DES decryption.
-** "cx" the context
-** "output" the output buffer to store the decrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-**
-** NOTE: the inputLen must be a multiple of DES_KEY_LENGTH
-*/
-extern SECStatus DES_Decrypt(DESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-/******************************************/
-/*
-** AES symmetric block cypher (Rijndael)
-*/
-
-/*
-** Create a new AES context suitable for AES encryption/decryption.
-** "key" raw key data
-** "keylen" the number of bytes of key data (16, 24, or 32)
-** "blocklen" is the blocksize to use (16, 24, or 32)
-** XXX currently only blocksize==16 has been tested!
-*/
-extern AESContext *
-AES_CreateContext(unsigned char *key, unsigned char *iv, int mode, int encrypt,
- unsigned int keylen, unsigned int blocklen);
-
-/*
-** Destroy a AES encryption/decryption context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void
-AES_DestroyContext(AESContext *cx, PRBool freeit);
-
-/*
-** Perform AES encryption.
-** "cx" the context
-** "output" the output buffer to store the encrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-extern SECStatus
-AES_Encrypt(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-/*
-** Perform AES decryption.
-** "cx" the context
-** "output" the output buffer to store the decrypted data.
-** "outputLen" how much data is stored in "output". Set by the routine
-** after some data is stored in output.
-** "maxOutputLen" the maximum amount of data that can ever be
-** stored in "output"
-** "input" the input data
-** "inputLen" the amount of input data
-*/
-extern SECStatus
-AES_Decrypt(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
-
-/******************************************/
-/*
-** MD5 secure hash function
-*/
-
-/*
-** Hash a null terminated string "src" into "dest" using MD5
-*/
-extern SECStatus MD5_Hash(unsigned char *dest, const char *src);
-
-/*
-** Hash a non-null terminated string "src" into "dest" using MD5
-*/
-extern SECStatus MD5_HashBuf(unsigned char *dest, const unsigned char *src,
- uint32 src_length);
-
-/*
-** Create a new MD5 context
-*/
-extern MD5Context *MD5_NewContext(void);
-
-
-/*
-** Destroy an MD5 secure hash context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void MD5_DestroyContext(MD5Context *cx, PRBool freeit);
-
-/*
-** Reset an MD5 context, preparing it for a fresh round of hashing
-*/
-extern void MD5_Begin(MD5Context *cx);
-
-/*
-** Update the MD5 hash function with more data.
-** "cx" the context
-** "input" the data to hash
-** "inputLen" the amount of data to hash
-*/
-extern void MD5_Update(MD5Context *cx,
- const unsigned char *input, unsigned int inputLen);
-
-/*
-** Finish the MD5 hash function. Produce the digested results in "digest"
-** "cx" the context
-** "digest" where the 16 bytes of digest data are stored
-** "digestLen" where the digest length (16) is stored
-** "maxDigestLen" the maximum amount of data that can ever be
-** stored in "digest"
-*/
-extern void MD5_End(MD5Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen);
-/*
- * Return the the size of a buffer needed to flatten the MD5 Context into
- * "cx" the context
- * returns size;
- */
-extern unsigned int MD5_FlattenSize(MD5Context *cx);
-
-/*
- * Flatten the MD5 Context into a buffer:
- * "cx" the context
- * "space" the buffer to flatten to
- * returns status;
- */
-extern SECStatus MD5_Flatten(MD5Context *cx,unsigned char *space);
-
-/*
- * Resurrect a flattened context into a MD5 Context
- * "space" the buffer of the flattend buffer
- * "arg" ptr to void used by cryptographic resurrect
- * returns resurected context;
- */
-extern MD5Context * MD5_Resurrect(unsigned char *space, void *arg);
-
-/*
-** trace the intermediate state info of the MD5 hash.
-*/
-extern void MD5_TraceState(MD5Context *cx);
-
-
-/******************************************/
-/*
-** MD2 secure hash function
-*/
-
-/*
-** Hash a null terminated string "src" into "dest" using MD2
-*/
-extern SECStatus MD2_Hash(unsigned char *dest, const char *src);
-
-/*
-** Create a new MD2 context
-*/
-extern MD2Context *MD2_NewContext(void);
-
-
-/*
-** Destroy an MD2 secure hash context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void MD2_DestroyContext(MD2Context *cx, PRBool freeit);
-
-/*
-** Reset an MD2 context, preparing it for a fresh round of hashing
-*/
-extern void MD2_Begin(MD2Context *cx);
-
-/*
-** Update the MD2 hash function with more data.
-** "cx" the context
-** "input" the data to hash
-** "inputLen" the amount of data to hash
-*/
-extern void MD2_Update(MD2Context *cx,
- const unsigned char *input, unsigned int inputLen);
-
-/*
-** Finish the MD2 hash function. Produce the digested results in "digest"
-** "cx" the context
-** "digest" where the 16 bytes of digest data are stored
-** "digestLen" where the digest length (16) is stored
-** "maxDigestLen" the maximum amount of data that can ever be
-** stored in "digest"
-*/
-extern void MD2_End(MD2Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen);
-
-/*
- * Return the the size of a buffer needed to flatten the MD2 Context into
- * "cx" the context
- * returns size;
- */
-extern unsigned int MD2_FlattenSize(MD2Context *cx);
-
-/*
- * Flatten the MD2 Context into a buffer:
- * "cx" the context
- * "space" the buffer to flatten to
- * returns status;
- */
-extern SECStatus MD2_Flatten(MD2Context *cx,unsigned char *space);
-
-/*
- * Resurrect a flattened context into a MD2 Context
- * "space" the buffer of the flattend buffer
- * "arg" ptr to void used by cryptographic resurrect
- * returns resurected context;
- */
-extern MD2Context * MD2_Resurrect(unsigned char *space, void *arg);
-
-/******************************************/
-/*
-** SHA-1 secure hash function
-*/
-
-/*
-** Hash a null terminated string "src" into "dest" using SHA-1
-*/
-extern SECStatus SHA1_Hash(unsigned char *dest, const char *src);
-
-/*
-** Hash a non-null terminated string "src" into "dest" using SHA-1
-*/
-extern SECStatus SHA1_HashBuf(unsigned char *dest, const unsigned char *src,
- uint32 src_length);
-
-/*
-** Create a new SHA-1 context
-*/
-extern SHA1Context *SHA1_NewContext(void);
-
-
-/*
-** Destroy a SHA-1 secure hash context.
-** "cx" the context
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SHA1_DestroyContext(SHA1Context *cx, PRBool freeit);
-
-/*
-** Reset a SHA-1 context, preparing it for a fresh round of hashing
-*/
-extern void SHA1_Begin(SHA1Context *cx);
-
-/*
-** Update the SHA-1 hash function with more data.
-** "cx" the context
-** "input" the data to hash
-** "inputLen" the amount of data to hash
-*/
-extern void SHA1_Update(SHA1Context *cx, const unsigned char *input,
- unsigned int inputLen);
-
-/*
-** Finish the SHA-1 hash function. Produce the digested results in "digest"
-** "cx" the context
-** "digest" where the 16 bytes of digest data are stored
-** "digestLen" where the digest length (20) is stored
-** "maxDigestLen" the maximum amount of data that can ever be
-** stored in "digest"
-*/
-extern void SHA1_End(SHA1Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen);
-
-/*
-** trace the intermediate state info of the SHA1 hash.
-*/
-extern void SHA1_TraceState(SHA1Context *cx);
-
-/*
- * Return the the size of a buffer needed to flatten the SHA-1 Context into
- * "cx" the context
- * returns size;
- */
-extern unsigned int SHA1_FlattenSize(SHA1Context *cx);
-
-/*
- * Flatten the SHA-1 Context into a buffer:
- * "cx" the context
- * "space" the buffer to flatten to
- * returns status;
- */
-extern SECStatus SHA1_Flatten(SHA1Context *cx,unsigned char *space);
-
-/*
- * Resurrect a flattened context into a SHA-1 Context
- * "space" the buffer of the flattend buffer
- * "arg" ptr to void used by cryptographic resurrect
- * returns resurected context;
- */
-extern SHA1Context * SHA1_Resurrect(unsigned char *space, void *arg);
-
-
-/******************************************/
-/*
-** Pseudo Random Number Generation. FIPS compliance desirable.
-*/
-
-/*
-** Initialize the global RNG context and give it some seed input taken
-** from the system. This function is thread-safe and will only allow
-** the global context to be initialized once. The seed input is likely
-** small, so it is imperative that RNG_RandomUpdate() be called with
-** additional seed data before the generator is used. A good way to
-** provide the generator with additional entropy is to call
-** RNG_SystemInfoForRNG(). Note that NSS_Init() does exactly that.
-*/
-extern SECStatus RNG_RNGInit(void);
-
-/*
-** Update the global random number generator with more seeding
-** material
-*/
-extern SECStatus RNG_RandomUpdate(const void *data, size_t bytes);
-
-/*
-** Generate some random bytes, using the global random number generator
-** object.
-*/
-extern SECStatus RNG_GenerateGlobalRandomBytes(void *dest, size_t len);
-
-/* Destroy the global RNG context. After a call to RNG_RNGShutdown()
-** a call to RNG_RNGInit() is required in order to use the generator again,
-** along with seed data (see the comment above RNG_RNGInit()).
-*/
-extern void RNG_RNGShutdown(void);
-
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of seed and length of h both equal length of P.
- * All lengths are specified by "j", according to the table above.
- */
-extern SECStatus
-PQG_ParamGen(unsigned int j, /* input : determines length of P. */
- PQGParams **pParams, /* output: P Q and G returned here */
- PQGVerify **pVfy); /* output: counter and seed. */
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of P specified by j. Length of h will match length of P.
- * Length of SEED in bytes specified in seedBytes.
- * seedBbytes must be in the range [20..255] or an error will result.
- */
-extern SECStatus
-PQG_ParamGenSeedLen(
- unsigned int j, /* input : determines length of P. */
- unsigned int seedBytes, /* input : length of seed in bytes.*/
- PQGParams **pParams, /* output: P Q and G returned here */
- PQGVerify **pVfy); /* output: counter and seed. */
-
-
-/* Test PQGParams for validity as DSS PQG values.
- * If vfy is non-NULL, test PQGParams to make sure they were generated
- * using the specified seed, counter, and h values.
- *
- * Return value indicates whether Verification operation ran succesfully
- * to completion, but does not indicate if PQGParams are valid or not.
- * If return value is SECSuccess, then *pResult has these meanings:
- * SECSuccess: PQGParams are valid.
- * SECFailure: PQGParams are invalid.
- *
- * Verify the following 12 facts about PQG counter SEED g and h
- * 1. Q is 160 bits long.
- * 2. P is one of the 9 valid lengths.
- * 3. G < P
- * 4. P % Q == 1
- * 5. Q is prime
- * 6. P is prime
- * Steps 7-12 are done only if the optional PQGVerify is supplied.
- * 7. counter < 4096
- * 8. g >= 160 and g < 2048 (g is length of seed in bits)
- * 9. Q generated from SEED matches Q in PQGParams.
- * 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams.
- * 11. 1 < h < P-1
- * 12. G generated from h matches G in PQGParams.
- */
-
-extern SECStatus PQG_VerifyParams(const PQGParams *params,
- const PQGVerify *vfy, SECStatus *result);
-
-
-/*
- * clean-up any global tables freebl may have allocated after it starts up.
- * This function is not thread safe and should be called only after the
- * library has been quiessed.
- */
-extern void BL_Cleanup(void);
-
-/**************************************************************************
- * Free the PQGParams struct and the things it points to. *
- **************************************************************************/
-extern void PQG_DestroyParams(PQGParams *params);
-
-/**************************************************************************
- * Free the PQGVerify struct and the things it points to. *
- **************************************************************************/
-extern void PQG_DestroyVerify(PQGVerify *vfy);
-
-SEC_END_PROTOS
-
-#endif /* _BLAPI_H_ */
diff --git a/security/nss/lib/freebl/blapi_bsf.c b/security/nss/lib/freebl/blapi_bsf.c
deleted file mode 100644
index 1204306d9..000000000
--- a/security/nss/lib/freebl/blapi_bsf.c
+++ /dev/null
@@ -1,2114 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*****************************************************************************
-**
-** Implementation of BLAPI using RSA BSAFE Crypto-C 4.1
-**
-******************************************************************************/
-
-/*
-** Notes:
-**
-** 1. SHA1, MD2, and MD5 are not implemented here. This is because
-** BSAFE Crypto-C 4.1 does not provide a mechanism for saving and
-** restoring intermediate hash values. BLAPI uses the functions
-** <hash>_Flatten and <hash>_Resurrect to accomplish this, so the
-** hashes are implemented elsewhere.
-**
-** 2. The DSA and PQG functions which use seeds are not consistent across
-** implementations. In this BSAFE-dependent implementation of BLAPI,
-** the seed is understood to be an initial value sent to a random number
-** generator used during the key/param generation. In the implementation
-** used by Netscape-branded products, the seed is understood to be actual
-** bytes used for the creation of a key or parameters. This means that
-** while the BSAFE-dependent implementation may be self-consistent (using
-** the same seed will produce the same key/parameters), it is not
-** consistent with the Netscape-branded implementation.
-** Also, according to the BSAFE Crypto-C 4.0 Library Reference Manual, the
-** SHA1 Random Number Generator is implemented according to the X9.62
-** Draft Standard. Random number generation in the Netscape-branded
-** implementation of BLAPI is compliant with FIPS-186, thus random
-** numbers generated using the same seed will differ across
-** implementations.
-**
-** 3. PQG_VerifyParams is not implemented here. BSAFE Crypto-C 4.1
-** allows access to the seed and counter values used in generating
-** p and q, but does not provide a mechanism for verifying that
-** p, q, and g were generated from that seed and counter. At this
-** time, this implementation will set a PR_NOT_IMPLEMENTED_ERROR
-** in a call to PQG_VerifyParams.
-**
-*/
-
-#include "prerr.h"
-#include "secerr.h"
-
-/* BSAFE headers */
-#include "aglobal.h"
-#include "bsafe.h"
-
-/* BLAPI definition */
-#include "blapi.h"
-
-/* default block sizes for algorithms */
-#define DES_BLOCK_SIZE 8
-#define RC2_BLOCK_SIZE 8
-#define RC5_BLOCK_SIZE 8
-
-#define MAX_RC5_KEY_BYTES 255
-#define MAX_RC5_ROUNDS 255
-#define RC5_VERSION_NUMBER 0x10
-
-#define SECITEMFROMITEM(arena, to, from) \
- tmp.data = from.data; tmp.len = from.len; to.type = siBuffer; \
- if (SECITEM_CopyItem(arena, &to, &tmp) != SECSuccess) goto loser;
-
-#define ITEMFROMSECITEM(to, from) \
- to.data = from.data; to.len = from.len;
-
-static const B_ALGORITHM_METHOD *rand_chooser[] = {
- &AM_SHA_RANDOM,
- (B_ALGORITHM_METHOD *)NULL_PTR
-};
-
-static B_ALGORITHM_OBJ
-generateRandomAlgorithm(int numBytes, unsigned char *seedData)
-{
- SECItem seed = { siBuffer, 0, 0 };
- B_ALGORITHM_OBJ randomAlgorithm = NULL_PTR;
- int status;
-
- /* Allocate space for random seed. */
- if (seedData) {
- seed.len = numBytes;
- seed.data = seedData;
- } else {
- if (SECITEM_AllocItem(NULL, &seed, numBytes) == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
- if ((status = RNG_GenerateGlobalRandomBytes(seed.data, seed.len))
- != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
- }
-
- /* Generate the random seed. */
- if ((status = B_CreateAlgorithmObject(&randomAlgorithm)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_SetAlgorithmInfo(randomAlgorithm, AI_SHA1Random,
- NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_RandomInit(randomAlgorithm, rand_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_RandomUpdate(randomAlgorithm, seed.data, seed.len,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
-
- if (seedData == NULL)
- SECITEM_FreeItem(&seed, PR_FALSE);
-
- return randomAlgorithm;
-
-loser:
- if (randomAlgorithm != NULL_PTR)
- B_DestroyAlgorithmObject(&randomAlgorithm);
- if (seedData == NULL)
- SECITEM_FreeItem(&seed, PR_FALSE);
- return NULL_PTR;
-}
-
-/*****************************************************************************
-** BLAPI implementation of DES
-******************************************************************************/
-
-struct DESContextStr {
- B_ALGORITHM_OBJ algobj;
- B_ALGORITHM_METHOD *alg_chooser[3];
- B_KEY_OBJ keyobj;
-};
-
-DESContext *
-DES_CreateContext(unsigned char *key, unsigned char *iv,
- int mode, PRBool encrypt)
-{
- /* BLAPI */
- DESContext *cx;
- /* BSAFE */
- B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams;
- ITEM ivItem;
- unsigned int blockLength = DES_BLOCK_SIZE;
- int status;
-
- cx = (DESContext *)PORT_ZAlloc(sizeof(DESContext));
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return NULL;
- }
-
- /* Create an encryption object. */
- cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
- if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- /* Set the IV. */
- ivItem.data = iv;
- ivItem.len = DES_BLOCK_SIZE;
-
- /* Create the key. */
- cx->keyobj = (B_KEY_OBJ)NULL_PTR;
- if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- /* Set fields common to all DES modes. */
- fbParams.encryptionParams = NULL_PTR;
- fbParams.paddingMethodName = (unsigned char *)"nopad";
- fbParams.paddingParams = NULL_PTR;
-
- /* Set mode-specific fields. */
- switch (mode) {
- case NSS_DES:
- fbParams.encryptionMethodName = (unsigned char *)"des";
- fbParams.feedbackMethodName = (unsigned char *)"ecb";
- fbParams.feedbackParams = (POINTER)&blockLength;
- if ((status = B_SetKeyInfo(cx->keyobj, KI_DES8Strong, (POINTER)key))
- != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
- if (encrypt) {
- cx->alg_chooser[0] = &AM_DES_ENCRYPT;
- cx->alg_chooser[1] = &AM_ECB_ENCRYPT;
- } else {
- cx->alg_chooser[0] = &AM_DES_DECRYPT;
- cx->alg_chooser[1] = &AM_ECB_DECRYPT;
- }
- cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR;
- break;
-
- case NSS_DES_CBC:
- fbParams.encryptionMethodName = (unsigned char *)"des";
- fbParams.feedbackMethodName = (unsigned char *)"cbc";
- fbParams.feedbackParams = (POINTER)&ivItem;
- if ((status = B_SetKeyInfo(cx->keyobj, KI_DES8Strong, (POINTER)key))
- != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
- if (encrypt) {
- cx->alg_chooser[0] = &AM_DES_ENCRYPT;
- cx->alg_chooser[1] = &AM_CBC_ENCRYPT;
- } else {
- cx->alg_chooser[0] = &AM_DES_DECRYPT;
- cx->alg_chooser[1] = &AM_CBC_DECRYPT;
- }
- cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR;
- break;
-
- case NSS_DES_EDE3:
- fbParams.encryptionMethodName = (unsigned char *)"des_ede";
- fbParams.feedbackMethodName = (unsigned char *)"ecb";
- fbParams.feedbackParams = (POINTER)&blockLength;
- if ((status = B_SetKeyInfo(cx->keyobj, KI_DES24Strong, (POINTER)key))
- != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
- if (encrypt) {
- cx->alg_chooser[0] = &AM_DES_EDE_ENCRYPT;
- cx->alg_chooser[1] = &AM_ECB_ENCRYPT;
- } else {
- cx->alg_chooser[0] = &AM_DES_EDE_DECRYPT;
- cx->alg_chooser[1] = &AM_ECB_DECRYPT;
- }
- cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR;
- break;
-
- case NSS_DES_EDE3_CBC:
- fbParams.encryptionMethodName = (unsigned char *)"des_ede";
- fbParams.feedbackMethodName = (unsigned char *)"cbc";
- fbParams.feedbackParams = (POINTER)&ivItem;
- if ((status = B_SetKeyInfo(cx->keyobj, KI_DES24Strong, (POINTER)key))
- != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
- if (encrypt) {
- cx->alg_chooser[0] = &AM_DES_EDE_ENCRYPT;
- cx->alg_chooser[1] = &AM_CBC_ENCRYPT;
- } else {
- cx->alg_chooser[0] = &AM_DES_EDE_DECRYPT;
- cx->alg_chooser[1] = &AM_CBC_DECRYPT;
- }
- cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL_PTR;
- break;
-
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher,
- (POINTER)&fbParams)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- return cx;
-
-loser:
- DES_DestroyContext(cx, PR_TRUE);
- return NULL;
-}
-
-void
-DES_DestroyContext(DESContext *cx, PRBool freeit)
-{
- if (freeit) {
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
- if (cx->keyobj != NULL_PTR)
- B_DestroyKeyObject(&cx->keyobj);
- if (cx->algobj != NULL_PTR)
- B_DestroyAlgorithmObject(&cx->algobj);
- PORT_ZFree(cx, sizeof(DESContext));
- }
-}
-
-SECStatus
-DES_Encrypt(DESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen)
-{
- unsigned int outputLenUpdate, outputLenFinal;
- int status;
-
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert((inputLen & (DES_BLOCK_SIZE -1 )) == 0);
- if (inputLen & (DES_BLOCK_SIZE -1 )) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if ((status = B_EncryptUpdate(cx->algobj,
- output,
- &outputLenUpdate,
- maxOutputLen,
- input,
- inputLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- if ((status = B_EncryptFinal(cx->algobj,
- output + outputLenUpdate,
- &outputLenFinal,
- maxOutputLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- *outputLen = outputLenUpdate + outputLenFinal;
- return SECSuccess;
-}
-
-SECStatus
-DES_Decrypt(DESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen)
-{
- unsigned int outputLenUpdate, outputLenFinal;
- int status;
- ptrdiff_t inpptr;
- unsigned char *inp = NULL;
- PRBool cpybuffer = PR_FALSE;
-
- /* The BSAFE Crypto-C 4.1 library with which we tested on a Sun
- * UltraSparc crashed when the input to an DES CBC decryption operation
- * was not 4-byte aligned.
- * So, we work around this problem by aligning unaligned input in a
- * temporary buffer.
- */
- inpptr = (ptrdiff_t)input;
- if (inpptr & 0x03) {
- inp = PORT_ZAlloc(inputLen);
- if (inp == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
- }
- PORT_Memcpy(inp, input, inputLen);
- cpybuffer = PR_TRUE;
- } else {
- inp = input;
- }
-
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
- PORT_Assert((inputLen & (DES_BLOCK_SIZE - 1)) == 0);
- if (inputLen & (DES_BLOCK_SIZE - 1)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
- PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
- if ((status = B_DecryptUpdate(cx->algobj,
- output,
- &outputLenUpdate,
- maxOutputLen,
- input,
- inputLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
- if ((status = B_DecryptFinal(cx->algobj,
- output + outputLenUpdate,
- &outputLenFinal,
- maxOutputLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
- *outputLen = outputLenUpdate + outputLenFinal;
-
- if (cpybuffer)
- PORT_ZFree(inp, inputLen);
- return SECSuccess;
-
-loser:
- if (cpybuffer)
- PORT_ZFree(inp, inputLen);
- return SECFailure;
-}
-}
-
-/*****************************************************************************
-** BLAPI implementation of RC2
-******************************************************************************/
-
-struct RC2ContextStr
-{
- B_ALGORITHM_OBJ algobj;
- B_ALGORITHM_METHOD *alg_chooser[6];
- B_KEY_OBJ keyobj;
-};
-
-RC2Context *
-RC2_CreateContext(unsigned char *key, unsigned int len,
- unsigned char *iv, int mode, unsigned effectiveKeyLen)
-{
- /* BLAPI */
- RC2Context *cx;
- /* BSAFE */
- B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams;
- A_RC2_PARAMS rc2Params;
- ITEM ivItem;
- ITEM keyItem;
- unsigned int blockLength = RC2_BLOCK_SIZE;
- int status;
-
- if (mode == NSS_RC2_CBC && iv == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
-
- cx = (RC2Context *)PORT_ZAlloc(sizeof(RC2Context));
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return NULL;
- }
- cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
- if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- cx->keyobj = (B_KEY_OBJ)NULL_PTR;
- if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- rc2Params.effectiveKeyBits = effectiveKeyLen * BITS_PER_BYTE;
- ivItem.data = iv;
- ivItem.len = RC2_BLOCK_SIZE;
-
- fbParams.encryptionMethodName = (unsigned char *)"rc2";
- fbParams.encryptionParams = (POINTER)&rc2Params;
- fbParams.paddingMethodName = (unsigned char *)"nopad";
- fbParams.paddingParams = NULL_PTR;
- cx->alg_chooser[0] = &AM_RC2_ENCRYPT;
- cx->alg_chooser[1] = &AM_RC2_DECRYPT;
- cx->alg_chooser[4] = &AM_SHA_RANDOM;
- cx->alg_chooser[5] = (B_ALGORITHM_METHOD *)NULL;
-
- switch (mode) {
- case NSS_RC2:
- fbParams.feedbackMethodName = (unsigned char *)"ecb";
- fbParams.feedbackParams = (POINTER)&blockLength;
- cx->alg_chooser[2] = &AM_ECB_ENCRYPT;
- cx->alg_chooser[3] = &AM_ECB_DECRYPT;
- break;
- case NSS_RC2_CBC:
- fbParams.feedbackMethodName = (unsigned char *)"cbc";
- fbParams.feedbackParams = (POINTER)&ivItem;
- cx->alg_chooser[2] = &AM_CBC_ENCRYPT;
- cx->alg_chooser[3] = &AM_CBC_DECRYPT;
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher,
- (POINTER)&fbParams)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- keyItem.len = len;
- keyItem.data = key;
- if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- return cx;
-
-loser:
- RC2_DestroyContext(cx, PR_TRUE);
- return NULL;
-}
-
-void
-RC2_DestroyContext(RC2Context *cx, PRBool freeit)
-{
- if (freeit) {
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
- if (cx->keyobj != NULL_PTR)
- B_DestroyKeyObject(&cx->keyobj);
- if (cx->algobj != NULL_PTR)
- B_DestroyAlgorithmObject(&cx->algobj);
- PORT_ZFree(cx, sizeof(RC2Context));
- }
-}
-
-SECStatus
-RC2_Encrypt(RC2Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen)
-{
- int status;
- unsigned int outputLenUpdate, outputLenFinal;
-
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert((inputLen & (RC2_BLOCK_SIZE - 1)) == 0);
- if (inputLen & (RC2_BLOCK_SIZE - 1)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if ((status = B_EncryptUpdate(cx->algobj,
- output,
- &outputLenUpdate,
- maxOutputLen,
- input,
- inputLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- if ((status = B_EncryptFinal(cx->algobj,
- output + outputLenUpdate,
- &outputLenFinal,
- maxOutputLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- *outputLen = outputLenUpdate + outputLenFinal;
- return SECSuccess;
-}
-
-SECStatus
-RC2_Decrypt(RC2Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen)
-{
- int status;
- unsigned int outputLenUpdate, outputLenFinal;
- ptrdiff_t inpptr;
- unsigned char *inp = NULL;
- PRBool cpybuffer = PR_FALSE;
-
- /* The BSAFE Crypto-C 4.1 library with which we tested on a Sun
- * UltraSparc crashed when the input to an RC2 CBC decryption operation
- * was not 4-byte aligned.
- * So, we work around this problem by aligning unaligned input in a
- * temporary buffer.
- */
- inpptr = (ptrdiff_t)input;
- if (inpptr & 0x03) {
- inp = PORT_ZAlloc(inputLen);
- if (inp == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
- }
- PORT_Memcpy(inp, input, inputLen);
- cpybuffer = PR_TRUE;
- } else {
- inp = input;
- }
-
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
- PORT_Assert((inputLen & (RC2_BLOCK_SIZE - 1)) == 0);
- if (inputLen & (RC2_BLOCK_SIZE - 1)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
- PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
- if ((status = B_DecryptUpdate(cx->algobj,
- output,
- &outputLenUpdate,
- maxOutputLen,
- inp,
- inputLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
- if ((status = B_DecryptFinal(cx->algobj,
- output + outputLenUpdate,
- &outputLenFinal,
- maxOutputLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
- *outputLen = outputLenUpdate + outputLenFinal;
-
- if (cpybuffer)
- PORT_ZFree(inp, inputLen);
- return SECSuccess;
-
-loser:
- if (cpybuffer)
- PORT_ZFree(inp, inputLen);
- return SECFailure;
-}
-
-/*****************************************************************************
-** BLAPI implementation of RC4
-******************************************************************************/
-
-struct RC4ContextStr
-{
- B_ALGORITHM_OBJ algobj;
- B_ALGORITHM_METHOD *alg_chooser[3];
- B_KEY_OBJ keyobj;
-};
-
-RC4Context *
-RC4_CreateContext(unsigned char *key, int len)
-{
- /* BLAPI */
- RC4Context *cx;
- /* BSAFE */
- ITEM keyItem;
- int status;
-
- cx = (RC4Context *)PORT_ZAlloc(sizeof(RC4Context));
- if (cx == NULL) {
- /* set out of memory error */
- return NULL;
- }
-
- cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
- if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- cx->keyobj = (B_KEY_OBJ)NULL_PTR;
- if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_SetAlgorithmInfo(cx->algobj, AI_RC4, NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- cx->alg_chooser[0] = &AM_RC4_ENCRYPT;
- cx->alg_chooser[1] = &AM_RC4_DECRYPT;
- cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL;
-
- keyItem.len = len;
- keyItem.data = key;
- if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- return cx;
-
-loser:
- RC4_DestroyContext(cx, PR_TRUE);
- return NULL;
-}
-
-void
-RC4_DestroyContext(RC4Context *cx, PRBool freeit)
-{
- if (freeit) {
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
- if (cx->keyobj != NULL_PTR)
- B_DestroyKeyObject(&cx->keyobj);
- if (cx->algobj != NULL_PTR)
- B_DestroyAlgorithmObject(&cx->algobj);
- PORT_ZFree(cx, sizeof(RC4Context));
- }
-}
-
-SECStatus
-RC4_Encrypt(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- int status;
- unsigned int outputLenUpdate, outputLenFinal;
-
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if ((status = B_EncryptUpdate(cx->algobj,
- output,
- &outputLenUpdate,
- maxOutputLen,
- input,
- inputLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- if ((status = B_EncryptFinal(cx->algobj,
- output + outputLenUpdate,
- &outputLenFinal,
- maxOutputLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- *outputLen = outputLenUpdate + outputLenFinal;
- return SECSuccess;
-}
-
-SECStatus
-RC4_Decrypt(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- int status;
- unsigned int outputLenUpdate, outputLenFinal;
-
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if ((status = B_DecryptUpdate(cx->algobj,
- output,
- &outputLenUpdate,
- maxOutputLen,
- input,
- inputLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- if ((status = B_DecryptFinal(cx->algobj,
- output + outputLenUpdate,
- &outputLenFinal,
- maxOutputLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- *outputLen = outputLenUpdate + outputLenFinal;
- return SECSuccess;
-}
-
-
-/*****************************************************************************
-** BLAPI implementation of RC5
-******************************************************************************/
-
-struct RC5ContextStr
-{
- B_ALGORITHM_OBJ algobj;
- B_ALGORITHM_METHOD *alg_chooser[6];
- B_KEY_OBJ keyobj;
- unsigned int blocksize;
-};
-
-RC5Context *
-RC5_CreateContext(SECItem *key, unsigned int rounds,
- unsigned int wordSize, unsigned char *iv, int mode)
-{
- /* BLAPI */
- RC5Context *cx;
- /* BSAFE */
- B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams;
- A_RC5_PARAMS rc5Params;
- ITEM keyItem;
- ITEM ivItem;
- unsigned int blocksize;
- int status;
-
- if (rounds > MAX_RC5_ROUNDS) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- if (key->len > MAX_RC5_KEY_BYTES) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- if (mode == NSS_RC5_CBC && (iv == NULL)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
-
- cx = (RC5Context *)PORT_ZAlloc(sizeof(RC5Context));
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return NULL;
- }
- cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
- if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- cx->keyobj = (B_KEY_OBJ)NULL_PTR;
- if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- rc5Params.version = RC5_VERSION_NUMBER;
- rc5Params.rounds = rounds;
- rc5Params.wordSizeInBits = wordSize * BITS_PER_BYTE;
- if (rc5Params.wordSizeInBits == 64) {
- fbParams.encryptionMethodName = (unsigned char *)"rc5_64";
- cx->alg_chooser[0] = &AM_RC5_64ENCRYPT;
- cx->alg_chooser[1] = &AM_RC5_64DECRYPT;
- } else {
- fbParams.encryptionMethodName = (unsigned char *)"rc5";
- cx->alg_chooser[0] = &AM_RC5_ENCRYPT;
- cx->alg_chooser[1] = &AM_RC5_DECRYPT;
- }
- fbParams.encryptionParams = (POINTER)&rc5Params;
- fbParams.paddingMethodName = (unsigned char *)"nopad";
- fbParams.paddingParams = NULL_PTR;
- cx->alg_chooser[4] = &AM_SHA_RANDOM;
- cx->alg_chooser[5] = (B_ALGORITHM_METHOD *)NULL;
- switch (mode) {
- case NSS_RC5:
- blocksize = 2 * wordSize;
- cx->blocksize = blocksize;
- fbParams.feedbackMethodName = (unsigned char *)"ecb";
- fbParams.feedbackParams = (POINTER)&blocksize;
- cx->alg_chooser[2] = &AM_ECB_ENCRYPT;
- cx->alg_chooser[3] = &AM_ECB_DECRYPT;
- break;
- case NSS_RC5_CBC:
- ivItem.len = 2 * wordSize;
- ivItem.data = iv;
- cx->blocksize = RC5_BLOCK_SIZE;
- fbParams.feedbackMethodName = (unsigned char *)"cbc";
- fbParams.feedbackParams = (POINTER)&ivItem;
- cx->alg_chooser[2] = &AM_CBC_ENCRYPT;
- cx->alg_chooser[3] = &AM_CBC_DECRYPT;
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
- if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher,
- (POINTER)&fbParams)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- keyItem.len = key->len;
- keyItem.data = key->data;
- if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- return cx;
-
-loser:
- RC5_DestroyContext(cx, PR_TRUE);
- return NULL;
-}
-
-void RC5_DestroyContext(RC5Context *cx, PRBool freeit)
-{
- if (freeit) {
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
- if (cx->keyobj != NULL_PTR)
- B_DestroyKeyObject(&cx->keyobj);
- if (cx->algobj != NULL_PTR)
- B_DestroyAlgorithmObject(&cx->algobj);
- PORT_ZFree(cx, sizeof(RC5Context));
- }
-}
-
-SECStatus
-RC5_Encrypt(RC5Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen)
-{
- int status;
- unsigned int outputLenUpdate, outputLenFinal;
-
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert((inputLen & (RC5_BLOCK_SIZE - 1)) == 0);
- if (inputLen & (RC5_BLOCK_SIZE - 1)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if ((status = B_EncryptUpdate(cx->algobj,
- output,
- &outputLenUpdate,
- maxOutputLen,
- input,
- inputLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- if ((status = B_EncryptFinal(cx->algobj,
- output + outputLenUpdate,
- &outputLenFinal,
- maxOutputLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- *outputLen = outputLenUpdate + outputLenFinal;
- return SECSuccess;
-}
-
-SECStatus
-RC5_Decrypt(RC5Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen)
-{
- int status;
- unsigned int outputLenUpdate, outputLenFinal;
- ptrdiff_t inpptr;
- unsigned char *inp = NULL;
- PRBool cpybuffer = PR_FALSE;
-
- /* The BSAFE Crypto-C 4.1 library with which we tested on a Sun
- * UltraSparc crashed when the input to an RC5 CBC decryption operation
- * was not 4-byte aligned.
- * So, we work around this problem by aligning unaligned input in a
- * temporary buffer.
- */
- inpptr = (ptrdiff_t)input;
- if (inpptr & 0x03) {
- inp = PORT_ZAlloc(inputLen);
- if (inp == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
- }
- PORT_Memcpy(inp, input, inputLen);
- cpybuffer = PR_TRUE;
- } else {
- inp = input;
- }
-
- PORT_Assert(cx != NULL);
- if (cx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert((inputLen & (cx->blocksize - 1)) == 0);
- if (inputLen & (cx->blocksize - 1)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- PORT_Assert(maxOutputLen >= inputLen); /* check for enough room */
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if ((status = B_DecryptUpdate(cx->algobj,
- output,
- &outputLenUpdate,
- maxOutputLen,
- input,
- inputLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- if ((status = B_DecryptFinal(cx->algobj,
- output + outputLenUpdate,
- &outputLenFinal,
- maxOutputLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- *outputLen = outputLenUpdate + outputLenFinal;
- return SECSuccess;
-}
-
-/*****************************************************************************
-** BLAPI implementation of RSA
-******************************************************************************/
-
-static const SECItem defaultPublicExponent =
-{
- siBuffer,
- (unsigned char *)"\001\000\001",
- 3
-};
-
-static const B_ALGORITHM_METHOD *rsa_alg_chooser[] = {
- &AM_SHA_RANDOM,
- &AM_RSA_KEY_GEN,
- &AM_RSA_ENCRYPT,
- &AM_RSA_DECRYPT,
- &AM_RSA_CRT_ENCRYPT,
- &AM_RSA_CRT_DECRYPT,
- (B_ALGORITHM_METHOD *)NULL_PTR
-};
-
-static SECStatus
-rsaZFreePrivateKeyInfo(A_PKCS_RSA_PRIVATE_KEY *privateKeyInfo)
-{
- PORT_ZFree(privateKeyInfo->modulus.data, privateKeyInfo->modulus.len);
- PORT_ZFree(privateKeyInfo->publicExponent.data,
- privateKeyInfo->publicExponent.len);
- PORT_ZFree(privateKeyInfo->privateExponent.data,
- privateKeyInfo->privateExponent.len);
- PORT_ZFree(privateKeyInfo->prime[0].data, privateKeyInfo->prime[0].len);
- PORT_ZFree(privateKeyInfo->prime[1].data, privateKeyInfo->prime[1].len);
- PORT_ZFree(privateKeyInfo->primeExponent[0].data,
- privateKeyInfo->primeExponent[0].len);
- PORT_ZFree(privateKeyInfo->primeExponent[1].data,
- privateKeyInfo->primeExponent[1].len);
- PORT_ZFree(privateKeyInfo->coefficient.data,
- privateKeyInfo->coefficient.len);
- return SECSuccess;
-}
-
-static SECStatus
-rsaConvertKeyInfoToBLKey(A_PKCS_RSA_PRIVATE_KEY *keyInfo, RSAPrivateKey *key)
-{
- PRArenaPool *arena = key->arena;
- SECItem tmp;
-
- SECITEMFROMITEM(arena, key->modulus, keyInfo->modulus);
- SECITEMFROMITEM(arena, key->publicExponent, keyInfo->publicExponent);
- SECITEMFROMITEM(arena, key->privateExponent, keyInfo->privateExponent);
- SECITEMFROMITEM(arena, key->prime1, keyInfo->prime[0]);
- SECITEMFROMITEM(arena, key->prime2, keyInfo->prime[1]);
- SECITEMFROMITEM(arena, key->exponent1, keyInfo->primeExponent[0]);
- SECITEMFROMITEM(arena, key->exponent2, keyInfo->primeExponent[1]);
- SECITEMFROMITEM(arena, key->coefficient, keyInfo->coefficient);
- /* Version field is to be handled at a higher level. */
- key->version.data = NULL;
- key->version.len = 0;
- return SECSuccess;
-
-loser:
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
-}
-
-static SECStatus
-rsaConvertBLKeyToKeyInfo(RSAPrivateKey *key, A_PKCS_RSA_PRIVATE_KEY *keyInfo)
-{
- ITEMFROMSECITEM(keyInfo->modulus, key->modulus);
- ITEMFROMSECITEM(keyInfo->publicExponent, key->publicExponent);
- ITEMFROMSECITEM(keyInfo->privateExponent, key->privateExponent);
- ITEMFROMSECITEM(keyInfo->prime[0], key->prime1);
- ITEMFROMSECITEM(keyInfo->prime[1], key->prime2);
- ITEMFROMSECITEM(keyInfo->primeExponent[0], key->exponent1);
- ITEMFROMSECITEM(keyInfo->primeExponent[1], key->exponent2);
- ITEMFROMSECITEM(keyInfo->coefficient, key->coefficient);
- return SECSuccess;
-}
-
-RSAPrivateKey *
-RSA_NewKey(int keySizeInBits,
- SECItem * publicExponent)
-{
- /* BLAPI */
- RSAPrivateKey *privateKey;
- /* BSAFE */
- A_RSA_KEY_GEN_PARAMS keygenParams;
- A_PKCS_RSA_PRIVATE_KEY *privateKeyInfo = (A_PKCS_RSA_PRIVATE_KEY *)NULL_PTR;
- B_ALGORITHM_OBJ keypairGenerator = (B_ALGORITHM_OBJ)NULL_PTR;
- B_ALGORITHM_OBJ randomAlgorithm = NULL;
- B_KEY_OBJ publicKeyObj = (B_KEY_OBJ)NULL_PTR;
- B_KEY_OBJ privateKeyObj = (B_KEY_OBJ)NULL_PTR;
- PRArenaPool *arena;
- int status;
-
- /* Allocate space for key structure. */
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
- privateKey = (RSAPrivateKey *)PORT_ArenaZAlloc(arena,
- sizeof(RSAPrivateKey));
- if (privateKey == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
- privateKey->arena = arena;
-
- randomAlgorithm = generateRandomAlgorithm(keySizeInBits / BITS_PER_BYTE, 0);
- if (randomAlgorithm == NULL_PTR) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateAlgorithmObject(&keypairGenerator)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if (publicExponent == NULL) publicExponent = &defaultPublicExponent;
- keygenParams.modulusBits = keySizeInBits;
- keygenParams.publicExponent.data = publicExponent->data;
- keygenParams.publicExponent.len = publicExponent->len;
-
- if ((status = B_SetAlgorithmInfo(keypairGenerator, AI_RSAKeyGen,
- (POINTER)&keygenParams)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_GenerateInit(keypairGenerator, rsa_alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_GenerateKeypair(keypairGenerator, publicKeyObj,
- privateKeyObj, randomAlgorithm,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_GetKeyInfo((POINTER *)&privateKeyInfo, privateKeyObj,
- KI_PKCS_RSAPrivate)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- /* Convert the BSAFE key info to an RSAPrivateKey. */
- if ((status = rsaConvertKeyInfoToBLKey(privateKeyInfo, privateKey)) != 0) {
- goto loser;
- }
-
- B_DestroyAlgorithmObject(&publicKeyObj);
- B_DestroyKeyObject(&publicKeyObj);
- B_DestroyKeyObject(&privateKeyObj);
- rsaZFreePrivateKeyInfo(privateKeyInfo);
- B_DestroyAlgorithmObject(&randomAlgorithm);
- return privateKey;
-
-loser:
- if (keypairGenerator != NULL_PTR)
- B_DestroyAlgorithmObject(&keypairGenerator);
- if (publicKeyObj != NULL_PTR)
- B_DestroyKeyObject(&publicKeyObj);
- if (privateKeyObj != NULL_PTR)
- B_DestroyKeyObject(&privateKeyObj);
- if (privateKeyInfo != (A_PKCS_RSA_PRIVATE_KEY *)NULL_PTR)
- rsaZFreePrivateKeyInfo(privateKeyInfo);
- if (randomAlgorithm != NULL_PTR)
- B_DestroyAlgorithmObject(&randomAlgorithm);
- PORT_FreeArena(arena, PR_TRUE);
- return NULL;
-}
-
-static unsigned int
-rsa_modulusLen(SECItem *modulus)
-{
- unsigned char byteZero = modulus->data[0];
- unsigned int modLen = modulus->len - !byteZero;
- return modLen;
-}
-
-SECStatus
-RSA_PublicKeyOp(RSAPublicKey * key,
- unsigned char * output,
- unsigned char * input)
-{
- B_ALGORITHM_OBJ rsaPubKeyAlg = (B_ALGORITHM_OBJ)NULL_PTR;
- B_KEY_OBJ publicKeyObj = (B_KEY_OBJ)NULL_PTR;
- A_RSA_KEY pubKeyInfo;
- unsigned int outputLenUpdate;
- unsigned int modulusLen;
- int status;
-
- PORT_Assert(key != NULL);
- if (key == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if ((status = B_CreateAlgorithmObject(&rsaPubKeyAlg)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_SetAlgorithmInfo(rsaPubKeyAlg, AI_RSAPublic,
- NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- modulusLen = rsa_modulusLen(&key->modulus);
- pubKeyInfo.modulus.len = key->modulus.len;
- pubKeyInfo.modulus.data = key->modulus.data;
- pubKeyInfo.exponent.len = key->publicExponent.len;
- pubKeyInfo.exponent.data = key->publicExponent.data;
-
- if ((status = B_SetKeyInfo(publicKeyObj, KI_RSAPublic,
- (POINTER)&pubKeyInfo)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_EncryptInit(rsaPubKeyAlg, publicKeyObj, rsa_alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
- if ((status = B_EncryptUpdate(rsaPubKeyAlg,
- output,
- &outputLenUpdate,
- modulusLen,
- input,
- modulusLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
- if ((status = B_EncryptFinal(rsaPubKeyAlg,
- output + outputLenUpdate,
- &outputLenUpdate,
- modulusLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
-
- B_DestroyAlgorithmObject(&rsaPubKeyAlg);
- B_DestroyAlgorithmObject(&publicKeyObj);
- /* Don't delete pubKeyInfo data -- it was a shallow copy. */
- return SECSuccess;
-
-loser:
- if (rsaPubKeyAlg != NULL_PTR)
- B_DestroyAlgorithmObject(&rsaPubKeyAlg);
- if (publicKeyObj != NULL_PTR)
- B_DestroyAlgorithmObject(&publicKeyObj);
- return SECFailure;
-}
-
-SECStatus
-RSA_PrivateKeyOp(RSAPrivateKey * key,
- unsigned char * output,
- unsigned char * input)
-{
- A_PKCS_RSA_PRIVATE_KEY privKeyInfo;
- B_ALGORITHM_OBJ rsaPrivKeyAlg = (B_ALGORITHM_OBJ)NULL_PTR;
- B_KEY_OBJ privateKeyObj = (B_KEY_OBJ)NULL_PTR;
- unsigned int outputLenUpdate;
- unsigned int modulusLen;
- int status;
-
- if ((status = B_CreateAlgorithmObject(&rsaPrivKeyAlg)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_SetAlgorithmInfo(rsaPrivKeyAlg, AI_RSAPrivate,
- NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = rsaConvertBLKeyToKeyInfo(key, &privKeyInfo)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SetKeyInfo(privateKeyObj, KI_PKCS_RSAPrivate,
- (POINTER)&privKeyInfo)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- modulusLen = rsa_modulusLen(&key->modulus);
-
- if ((status = B_DecryptInit(rsaPrivKeyAlg, privateKeyObj, rsa_alg_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
- if ((status = B_DecryptUpdate(rsaPrivKeyAlg,
- output,
- &outputLenUpdate,
- modulusLen,
- input,
- modulusLen,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
- if ((status = B_DecryptFinal(rsaPrivKeyAlg,
- output + outputLenUpdate,
- &outputLenUpdate,
- modulusLen - outputLenUpdate,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
-
- B_DestroyAlgorithmObject(&rsaPrivKeyAlg);
- B_DestroyAlgorithmObject(&privateKeyObj);
- /* Don't delete privKeyInfo data -- it was a shallow copy. */
- return SECSuccess;
-
-loser:
- if (rsaPrivKeyAlg != NULL_PTR)
- B_DestroyAlgorithmObject(&rsaPrivKeyAlg);
- if (privateKeyObj != NULL_PTR)
- B_DestroyAlgorithmObject(&privateKeyObj);
- return SECFailure;
-}
-
-/*
- * this should check the operation!!!!
- */
-SECStatus
-RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
- unsigned char *output,
- const unsigned char *input)
-{
- return RSA_PrivateKeyOp(key, output, input);
-}
-
-/*
- * this should check the key!!!
- */
-SECStatus
-RSA_PrivateKeyCheck(RSAPrivateKey *key)
-{
- return SECSuccess;
-}
-
-/*****************************************************************************
-** BLAPI implementation of DSA
-******************************************************************************/
-
-static const B_ALGORITHM_METHOD *dsa_pk_gen_chooser[] = {
- &AM_SHA_RANDOM,
- &AM_DSA_PARAM_GEN,
- &AM_DSA_KEY_GEN,
- (B_ALGORITHM_METHOD *)NULL_PTR
-};
-
-static SECStatus
-dsaConvertKeyInfoToBLKey(A_DSA_PRIVATE_KEY *privateKeyInfo,
- A_DSA_PUBLIC_KEY *publicKeyInfo,
- DSAPrivateKey *privateKey)
-{
- PRArenaPool *arena;
- SECItem tmp;
-
- arena = privateKey->params.arena;
- SECITEMFROMITEM(arena, privateKey->params.prime,
- privateKeyInfo->params.prime);
- SECITEMFROMITEM(arena, privateKey->params.subPrime,
- privateKeyInfo->params.subPrime);
- SECITEMFROMITEM(arena, privateKey->params.base,
- privateKeyInfo->params.base);
- SECITEMFROMITEM(arena, privateKey->privateValue,
- privateKeyInfo->x);
- SECITEMFROMITEM(arena, privateKey->publicValue,
- publicKeyInfo->y);
-
- return SECSuccess;
-
-loser:
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
-}
-
-static SECStatus
-dsaConvertBLKeyToPrKeyInfo(DSAPrivateKey *privateKey,
- A_DSA_PRIVATE_KEY *privateKeyInfo)
-{
- ITEMFROMSECITEM(privateKeyInfo->params.prime, privateKey->params.prime)
- ITEMFROMSECITEM(privateKeyInfo->params.subPrime,
- privateKey->params.subPrime);
- ITEMFROMSECITEM(privateKeyInfo->params.base, privateKey->params.base);
- ITEMFROMSECITEM(privateKeyInfo->x, privateKey->privateValue);
- return SECSuccess;
-}
-
-static SECStatus
-dsaConvertBLKeyToPubKeyInfo(DSAPublicKey *publicKey,
- A_DSA_PUBLIC_KEY *publicKeyInfo)
-{
- ITEMFROMSECITEM(publicKeyInfo->params.prime, publicKey->params.prime)
- ITEMFROMSECITEM(publicKeyInfo->params.subPrime,
- publicKey->params.subPrime);
- ITEMFROMSECITEM(publicKeyInfo->params.base, publicKey->params.base);
- ITEMFROMSECITEM(publicKeyInfo->y, publicKey->publicValue);
- return SECSuccess;
-}
-
-static SECStatus
-dsaZFreeKeyInfoParams(A_DSA_PARAMS *params)
-{
- PORT_ZFree(params->prime.data,
- params->prime.len);
- PORT_ZFree(params->subPrime.data,
- params->subPrime.len);
- PORT_ZFree(params->base.data,
- params->base.len);
- return SECSuccess;
-}
-
-static SECStatus
-dsaZFreePrivateKeyInfo(A_DSA_PRIVATE_KEY *privateKeyInfo)
-{
- dsaZFreeKeyInfoParams(&privateKeyInfo->params);
- PORT_ZFree(privateKeyInfo->x.data,
- privateKeyInfo->x.len);
- return SECSuccess;
-}
-
-static SECStatus
-dsaZFreePublicKeyInfo(A_DSA_PUBLIC_KEY *publicKeyInfo)
-{
- dsaZFreeKeyInfoParams(&publicKeyInfo->params);
- PORT_ZFree(publicKeyInfo->y.data,
- publicKeyInfo->y.len);
- return SECSuccess;
-}
-
-SECStatus
-DSA_NewKey(PQGParams * params,
- DSAPrivateKey ** privKey)
-{
- return DSA_NewKeyFromSeed(params, NULL, privKey);
-}
-
-SECStatus
-DSA_SignDigest(DSAPrivateKey * key,
- SECItem * signature,
- SECItem * digest)
-{
- return DSA_SignDigestWithSeed(key, signature, digest, NULL);
-}
-
-SECStatus
-DSA_VerifyDigest(DSAPublicKey * key,
- SECItem * signature,
- SECItem * digest)
-{
- B_ALGORITHM_OBJ dsaVerifier = (B_ALGORITHM_OBJ)NULL_PTR;
- B_KEY_OBJ publicKeyObj = (B_KEY_OBJ)NULL_PTR;
- A_DSA_PUBLIC_KEY publicKeyInfo;
- const B_ALGORITHM_METHOD *dsa_verify_chooser[] = {
- &AM_DSA_VERIFY,
- (B_ALGORITHM_METHOD *)NULL_PTR
- };
- int status;
-
- if ((status = B_CreateAlgorithmObject(&dsaVerifier)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = dsaConvertBLKeyToPubKeyInfo(key, &publicKeyInfo)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SetKeyInfo(publicKeyObj, KI_DSAPublic,
- (POINTER)&publicKeyInfo)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SetAlgorithmInfo(dsaVerifier, AI_DSA, NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_VerifyInit(dsaVerifier, publicKeyObj, dsa_verify_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_VerifyUpdate(dsaVerifier, digest->data, digest->len,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
-
- if ((status = B_VerifyFinal(dsaVerifier, signature->data, signature->len,
- (B_ALGORITHM_OBJ)NULL_PTR,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- if (status == BE_SIGNATURE) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- } else {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- goto loser;
- }
- }
-
- B_DestroyAlgorithmObject(&dsaVerifier);
- B_DestroyKeyObject(&publicKeyObj);
- /* publicKeyInfo data is shallow copy */
- return (status == BE_SIGNATURE) ? SECFailure : SECSuccess;
-
-loser:
- if (dsaVerifier != NULL_PTR)
- B_DestroyAlgorithmObject(&dsaVerifier);
- if (publicKeyObj != NULL_PTR)
- B_DestroyKeyObject(&publicKeyObj);
- return SECFailure;
-}
-
-SECStatus
-DSA_NewKeyFromSeed(PQGParams *params, unsigned char * seed,
- DSAPrivateKey **privKey)
-{
- PRArenaPool *arena;
- DSAPrivateKey *privateKey;
- /* BSAFE */
- B_ALGORITHM_OBJ dsaKeyGenObj = (B_ALGORITHM_OBJ)NULL_PTR;
- B_ALGORITHM_OBJ randomAlgorithm = NULL_PTR;
- A_DSA_PRIVATE_KEY *privateKeyInfo = (A_DSA_PRIVATE_KEY *)NULL_PTR;
- A_DSA_PUBLIC_KEY *publicKeyInfo = (A_DSA_PUBLIC_KEY *)NULL_PTR;
- A_DSA_PARAMS dsaParamInfo;
- B_KEY_OBJ publicKeyObj = (B_KEY_OBJ)NULL_PTR;
- B_KEY_OBJ privateKeyObj = (B_KEY_OBJ)NULL_PTR;
- int status;
-
- /* Allocate space for key structure. */
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
- privateKey = (DSAPrivateKey *)
- PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
- if (privateKey == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
- privateKey->params.arena = arena;
-
- if ((status = B_CreateAlgorithmObject(&dsaKeyGenObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateKeyObject(&publicKeyObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- randomAlgorithm = generateRandomAlgorithm(DSA_SUBPRIME_LEN, seed);
- if (randomAlgorithm == NULL_PTR) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- ITEMFROMSECITEM(dsaParamInfo.prime, params->prime);
- ITEMFROMSECITEM(dsaParamInfo.subPrime, params->subPrime);
- ITEMFROMSECITEM(dsaParamInfo.base, params->base);
-
- if ((status = B_SetAlgorithmInfo(dsaKeyGenObj, AI_DSAKeyGen,
- (POINTER)&dsaParamInfo)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_GenerateInit(dsaKeyGenObj, dsa_pk_gen_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_GenerateKeypair(dsaKeyGenObj, publicKeyObj, privateKeyObj,
- randomAlgorithm,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_GetKeyInfo((POINTER *)&privateKeyInfo, privateKeyObj,
- KI_DSAPrivate)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_GetKeyInfo((POINTER *)&publicKeyInfo, publicKeyObj,
- KI_DSAPublic)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = dsaConvertKeyInfoToBLKey(privateKeyInfo, publicKeyInfo,
- privateKey)) != 0) {
- goto loser;
- }
-
- B_DestroyAlgorithmObject(&dsaKeyGenObj);
- B_DestroyAlgorithmObject(&randomAlgorithm);
- B_DestroyKeyObject(&publicKeyObj);
- B_DestroyKeyObject(&privateKeyObj);
- dsaZFreePrivateKeyInfo(privateKeyInfo);
- dsaZFreePublicKeyInfo(publicKeyInfo);
- /* dsaParamInfo contains only public info, no need to ZFree */
-
- *privKey = privateKey;
- return SECSuccess;
-
-loser:
- if (dsaKeyGenObj != NULL_PTR)
- B_DestroyAlgorithmObject(&dsaKeyGenObj);
- if (randomAlgorithm != NULL_PTR)
- B_DestroyAlgorithmObject(&randomAlgorithm);
- if (privateKeyObj != NULL_PTR)
- B_DestroyKeyObject(&privateKeyObj);
- if (publicKeyObj != NULL_PTR)
- B_DestroyKeyObject(&publicKeyObj);
- if (privateKeyInfo != (A_DSA_PRIVATE_KEY *)NULL_PTR)
- dsaZFreePrivateKeyInfo(privateKeyInfo);
- if (publicKeyInfo != (A_DSA_PUBLIC_KEY *)NULL_PTR)
- dsaZFreePublicKeyInfo(publicKeyInfo);
- if (arena != NULL)
- PORT_FreeArena(arena, PR_TRUE);
- *privKey = NULL;
- return SECFailure;
-}
-
-SECStatus
-DSA_SignDigestWithSeed(DSAPrivateKey * key,
- SECItem * signature,
- SECItem * digest,
- unsigned char * seed)
-{
- B_ALGORITHM_OBJ dsaSigner = (B_ALGORITHM_OBJ)NULL_PTR;
- B_ALGORITHM_OBJ randomAlgorithm = NULL_PTR;
- B_KEY_OBJ privateKeyObj = (B_KEY_OBJ)NULL_PTR;
- A_DSA_PRIVATE_KEY privateKeyInfo;
- const B_ALGORITHM_METHOD *dsa_sign_chooser[] = {
- &AM_DSA_SIGN,
- (B_ALGORITHM_METHOD *)NULL_PTR
- };
- int status;
- unsigned int siglen;
-
- randomAlgorithm = generateRandomAlgorithm(DSA_SUBPRIME_LEN, seed);
-
- if ((status = B_CreateAlgorithmObject(&dsaSigner)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateKeyObject(&privateKeyObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = dsaConvertBLKeyToPrKeyInfo(key, &privateKeyInfo)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SetKeyInfo(privateKeyObj, KI_DSAPrivate,
- (POINTER)&privateKeyInfo)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SetAlgorithmInfo(dsaSigner, AI_DSA, NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SignInit(dsaSigner, privateKeyObj, dsa_sign_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SignUpdate(dsaSigner, digest->data, digest->len,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_SignFinal(dsaSigner, signature->data, &siglen,
- signature->len, randomAlgorithm,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- SECITEM_ReallocItem(NULL, signature, signature->len, siglen);
- signature->len = siglen; /* shouldn't realloc do this? */
-
- B_DestroyAlgorithmObject(&dsaSigner);
- B_DestroyKeyObject(&privateKeyObj);
- B_DestroyAlgorithmObject(&randomAlgorithm);
- /* privateKeyInfo is shallow copy */
- return SECSuccess;
-
-loser:
- if (dsaSigner != NULL_PTR)
- B_DestroyAlgorithmObject(&dsaSigner);
- if (privateKeyObj != NULL_PTR)
- B_DestroyKeyObject(&privateKeyObj);
- if (randomAlgorithm != NULL_PTR)
- B_DestroyAlgorithmObject(&randomAlgorithm);
- return SECFailure;
-}
-
-SECStatus
-PQG_ParamGen(unsigned int j, /* input : determines length of P. */
- PQGParams **pParams, /* output: P Q and G returned here */
- PQGVerify **pVfy) /* output: counter and seed. */
-{
- return PQG_ParamGenSeedLen(j, DSA_SUBPRIME_LEN, pParams, pVfy);
-}
-
-SECStatus
-PQG_ParamGenSeedLen(
- unsigned int j, /* input : determines length of P. */
- unsigned int seedBytes, /* input : length of seed in bytes.*/
- PQGParams **pParams, /* output: P Q and G returned here */
- PQGVerify **pVfy) /* output: counter and seed. */
-{
- B_DSA_PARAM_GEN_PARAMS dsaParams;
- B_ALGORITHM_OBJ dsaKeyGenObj = (B_ALGORITHM_OBJ)NULL_PTR;
- B_ALGORITHM_OBJ dsaParamGenerator = (B_ALGORITHM_OBJ)NULL_PTR;
- B_ALGORITHM_OBJ randomAlgorithm = NULL_PTR;
- A_DSA_PARAMS *dsaParamInfo;
- SECItem tmp;
- PQGParams *params;
- PRArenaPool *arena;
- int status;
-
- if (!pParams || j > 8) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /* Allocate space for key structure. */
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
- params = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
- if (params == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
- params->arena = arena;
-
- if ((status = B_CreateAlgorithmObject(&dsaParamGenerator)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- if ((status = B_CreateAlgorithmObject(&dsaKeyGenObj)) != 0) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- goto loser;
- }
-
- randomAlgorithm = generateRandomAlgorithm(seedBytes, NULL);
-
- dsaParams.primeBits = 512 + (j * 64);
- if ((status = B_SetAlgorithmInfo(dsaParamGenerator, AI_DSAParamGen,
- (POINTER)&dsaParams)) != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- goto loser;
- }
-
- if ((status = B_GenerateInit(dsaParamGenerator, dsa_pk_gen_chooser,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_GenerateParameters(dsaParamGenerator, dsaKeyGenObj,
- randomAlgorithm,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- if ((status = B_GetAlgorithmInfo((POINTER *)&dsaParamInfo, dsaKeyGenObj,
- AI_DSAKeyGen)) != 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- goto loser;
- }
-
- SECITEMFROMITEM(arena, params->prime, dsaParamInfo->prime);
- SECITEMFROMITEM(arena, params->subPrime, dsaParamInfo->subPrime);
- SECITEMFROMITEM(arena, params->base, dsaParamInfo->base);
-
- B_DestroyAlgorithmObject(&dsaKeyGenObj);
- B_DestroyAlgorithmObject(&dsaParamGenerator);
- B_DestroyAlgorithmObject(&randomAlgorithm);
- dsaZFreeKeyInfoParams(dsaParamInfo);
-
- *pParams = params;
- return SECSuccess;
-
-loser:
- if (dsaParamGenerator != NULL_PTR)
- B_DestroyAlgorithmObject(&dsaParamGenerator);
- if (dsaKeyGenObj != NULL_PTR)
- B_DestroyAlgorithmObject(&dsaKeyGenObj);
- if (randomAlgorithm != NULL_PTR)
- B_DestroyAlgorithmObject(&randomAlgorithm);
- if (dsaParamInfo != NULL)
- dsaZFreeKeyInfoParams(dsaParamInfo);
- if (arena != NULL)
- PORT_FreeArena(arena, PR_TRUE);
- *pParams = NULL;
- return SECFailure;
-}
-
-SECStatus
-PQG_VerifyParams(const PQGParams *params,
- const PQGVerify *vfy, SECStatus *result)
-{
- /* BSAFE does not provide access to h.
- * Verification is thus skipped.
- */
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-/* Destroy functions are implemented in util/pqgutil.c */
-
-/*****************************************************************************
-** BLAPI implementation of RNG
-******************************************************************************/
-
-static SECItem globalseed;
-static B_ALGORITHM_OBJ globalrng = NULL_PTR;
-
-SECStatus
-RNG_RNGInit(void)
-{
- int status;
- PRInt32 nBytes;
- if (globalrng == NULL) {
- globalseed.len = 20;
- globalseed.data = (unsigned char *)PORT_Alloc(globalseed.len);
- } else {
- B_DestroyAlgorithmObject(&globalrng);
- }
- nBytes = RNG_GetNoise(globalseed.data, globalseed.len);
- globalrng = generateRandomAlgorithm(globalseed.len, globalseed.data);
- if (globalrng == NULL_PTR) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-RNG_RandomUpdate(const void *data, size_t bytes)
-{
- int status;
- if (data == NULL || bytes <= 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (globalrng == NULL_PTR) {
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return SECFailure;
- }
- if ((status = B_RandomUpdate(globalrng, data, bytes,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-RNG_GenerateGlobalRandomBytes(void *dest, size_t len)
-{
- int status;
- if (dest == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (globalrng == NULL_PTR) {
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return SECFailure;
- }
- if ((status = B_GenerateRandomBytes(globalrng, dest, len,
- (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-void
-RNG_RNGShutdown(void)
-{
- if (globalrng == NULL_PTR)
- /* no-op */
- return;
- B_DestroyAlgorithmObject(&globalrng);
- SECITEM_ZfreeItem(&globalseed, PR_FALSE);
- globalrng = NULL_PTR;
-}
diff --git a/security/nss/lib/freebl/blapit.h b/security/nss/lib/freebl/blapit.h
deleted file mode 100644
index 0e1b2b0e2..000000000
--- a/security/nss/lib/freebl/blapit.h
+++ /dev/null
@@ -1,230 +0,0 @@
-/*
- * blapit.h - public data structures for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _BLAPIT_H_
-#define _BLAPIT_H_
-
-#include "seccomon.h"
-#include "plarena.h"
-
-/* RC2 operation modes */
-#define NSS_RC2 0
-#define NSS_RC2_CBC 1
-
-/* RC5 operation modes */
-#define NSS_RC5 0
-#define NSS_RC5_CBC 1
-
-/* DES operation modes */
-#define NSS_DES 0
-#define NSS_DES_CBC 1
-#define NSS_DES_EDE3 2
-#define NSS_DES_EDE3_CBC 3
-
-#define DES_KEY_LENGTH 8 /* Bytes */
-
-/* AES operation modes */
-#define NSS_AES 0
-#define NSS_AES_CBC 1
-
-#define DSA_SIGNATURE_LEN 40 /* Bytes */
-#define DSA_SUBPRIME_LEN 20 /* Bytes */
-
-/*
- * Number of bytes each hash algorithm produces
- */
-#define MD2_LENGTH 16 /* Bytes */
-#define MD5_LENGTH 16 /* Bytes */
-#define SHA1_LENGTH 20 /* Bytes */
-
-#define NSS_FREEBL_DEFAULT_CHUNKSIZE 2048
-
-/*
- * The FIPS 186 algorithm for generating primes P and Q allows only 9
- * distinct values for the length of P, and only one value for the
- * length of Q.
- * The algorithm uses a variable j to indicate which of the 9 lengths
- * of P is to be used.
- * The following table relates j to the lengths of P and Q in bits.
- *
- * j bits in P bits in Q
- * _ _________ _________
- * 0 512 160
- * 1 576 160
- * 2 640 160
- * 3 704 160
- * 4 768 160
- * 5 832 160
- * 6 896 160
- * 7 960 160
- * 8 1024 160
- *
- * The FIPS-186 compliant PQG generator takes j as an input parameter.
- */
-
-#define DSA_Q_BITS 160
-#define DSA_MAX_P_BITS 1024
-#define DSA_MIN_P_BITS 512
-
-/*
- * function takes desired number of bits in P,
- * returns index (0..8) or -1 if number of bits is invalid.
- */
-#define PQG_PBITS_TO_INDEX(bits) ((((bits)-512) % 64) ? -1 : (int)((bits)-512)/64)
-
-/*
- * function takes index (0-8)
- * returns number of bits in P for that index, or -1 if index is invalid.
- */
-#define PQG_INDEX_TO_PBITS(j) (((unsigned)(j) > 8) ? -1 : (512 + 64 * (j)))
-
-
-/***************************************************************************
-** Opaque objects
-*/
-
-struct DESContextStr ;
-struct RC2ContextStr ;
-struct RC4ContextStr ;
-struct RC5ContextStr ;
-struct AESContextStr ;
-struct MD2ContextStr ;
-struct MD5ContextStr ;
-struct SHA1ContextStr ;
-
-typedef struct DESContextStr DESContext;
-typedef struct RC2ContextStr RC2Context;
-typedef struct RC4ContextStr RC4Context;
-typedef struct RC5ContextStr RC5Context;
-typedef struct AESContextStr AESContext;
-typedef struct MD2ContextStr MD2Context;
-typedef struct MD5ContextStr MD5Context;
-typedef struct SHA1ContextStr SHA1Context;
-
-/***************************************************************************
-** RSA Public and Private Key structures
-*/
-
-/* member names from PKCS#1, section 7.1 */
-struct RSAPublicKeyStr {
- PRArenaPool * arena;
- SECItem modulus;
- SECItem publicExponent;
-};
-typedef struct RSAPublicKeyStr RSAPublicKey;
-
-/* member names from PKCS#1, section 7.2 */
-struct RSAPrivateKeyStr {
- PRArenaPool * arena;
- SECItem version;
- SECItem modulus;
- SECItem publicExponent;
- SECItem privateExponent;
- SECItem prime1;
- SECItem prime2;
- SECItem exponent1;
- SECItem exponent2;
- SECItem coefficient;
-};
-typedef struct RSAPrivateKeyStr RSAPrivateKey;
-
-
-/***************************************************************************
-** DSA Public and Private Key and related structures
-*/
-
-struct PQGParamsStr {
- PRArenaPool *arena;
- SECItem prime; /* p */
- SECItem subPrime; /* q */
- SECItem base; /* g */
- /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
-};
-typedef struct PQGParamsStr PQGParams;
-
-struct PQGVerifyStr {
- PRArenaPool * arena; /* includes this struct, seed, & h. */
- unsigned int counter;
- SECItem seed;
- SECItem h;
-};
-typedef struct PQGVerifyStr PQGVerify;
-
-struct DSAPublicKeyStr {
- PQGParams params;
- SECItem publicValue;
-};
-typedef struct DSAPublicKeyStr DSAPublicKey;
-
-struct DSAPrivateKeyStr {
- PQGParams params;
- SECItem publicValue;
- SECItem privateValue;
-};
-typedef struct DSAPrivateKeyStr DSAPrivateKey;
-
-/***************************************************************************
-** Diffie-Hellman Public and Private Key and related structures
-** Structure member names suggested by PKCS#3.
-*/
-
-struct DHParamsStr {
- PRArenaPool * arena;
- SECItem prime; /* p */
- SECItem base; /* g */
-};
-typedef struct DHParamsStr DHParams;
-
-struct DHPublicKeyStr {
- PRArenaPool * arena;
- SECItem prime;
- SECItem base;
- SECItem publicValue;
-};
-typedef struct DHPublicKeyStr DHPublicKey;
-
-struct DHPrivateKeyStr {
- PRArenaPool * arena;
- SECItem prime;
- SECItem base;
- SECItem publicValue;
- SECItem privateValue;
-};
-typedef struct DHPrivateKeyStr DHPrivateKey;
-
-
-#endif /* _BLAPIT_H_ */
diff --git a/security/nss/lib/freebl/config.mk b/security/nss/lib/freebl/config.mk
deleted file mode 100644
index 77eea20a2..000000000
--- a/security/nss/lib/freebl/config.mk
+++ /dev/null
@@ -1,101 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-# only do this in the outermost freebl build.
-ifndef FREEBL_RECURSIVE_BUILD
-# we only do this stuff for some of the 32-bit builds, no 64-bit builds
-ifndef USE_64
-
-ifeq ($(OS_ARCH), HP-UX)
- FREEBL_EXTENDED_BUILD = 1
-endif
-
-ifeq ($(OS_TARGET),SunOS)
- ifeq ($(CPU_ARCH),sparc)
- FREEBL_EXTENDED_BUILD = 1
- endif
-endif
-
-ifdef FREEBL_EXTENDED_BUILD
-# We're going to change this build so that it builds libfreebl.a with
-# just loader.c. Then we have to build this directory twice again to
-# build the two DSOs.
-# To build libfreebl.a with just loader.c, we must now override many
-# of the make variables setup by the prior inclusion of CORECONF's config.mk
-
-CSRCS = loader.c sysrand.c
-SIMPLE_OBJS = $(CSRCS:.c=$(OBJ_SUFFIX))
-OBJS = $(addprefix $(OBJDIR)/$(PROG_PREFIX), $(SIMPLE_OBJS))
-ALL_TRASH := $(TARGETS) $(OBJS) $(OBJDIR) LOGS TAGS $(GARBAGE) \
- $(NOSUCHFILE) so_locations
-endif
-
-#end of 32-bit only stuff.
-endif
-
-# Override the values defined in coreconf's ruleset.mk.
-#
-# - (1) LIBRARY: a static (archival) library
-# - (2) SHARED_LIBRARY: a shared (dynamic link) library
-# - (3) IMPORT_LIBRARY: an import library, used only on Windows
-# - (4) PROGRAM: an executable binary
-#
-# override these variables to prevent building a DSO/DLL.
- TARGETS = $(LIBRARY)
- SHARED_LIBRARY =
- IMPORT_LIBRARY =
- PROGRAM =
-
-else
-# This is a recursive build.
-
-TARGETS = $(SHARED_LIBRARY)
-LIBRARY =
-PROGRAM =
-
-#ifeq ($(OS_ARCH), HP-UX)
- EXTRA_LIBS += \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
- EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- -lc
-#endif
-
-endif
diff --git a/security/nss/lib/freebl/des.c b/security/nss/lib/freebl/des.c
deleted file mode 100644
index 9b44f8c35..000000000
--- a/security/nss/lib/freebl/des.c
+++ /dev/null
@@ -1,683 +0,0 @@
-/*
- * des.c
- *
- * core source file for DES-150 library
- * Make key schedule from DES key.
- * Encrypt/Decrypt one 8-byte block.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com. Portions created by Nelson B. Bolyard are
- * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include "des.h"
-#include <stddef.h> /* for ptrdiff_t */
-/* #define USE_INDEXING 1 */
-
-/*
- * The tables below are the 8 sbox functions, with the 6-bit input permutation
- * and the 32-bit output permutation pre-computed.
- * They are shifted circularly to the left 3 bits, which removes 2 shifts
- * and an or from each round by reducing the number of sboxes whose
- * indices cross word broundaries from 2 to 1.
- */
-
-static const HALF SP[8][64] = {
-/* Box S1 */ {
- 0x04041000, 0x00000000, 0x00040000, 0x04041010,
- 0x04040010, 0x00041010, 0x00000010, 0x00040000,
- 0x00001000, 0x04041000, 0x04041010, 0x00001000,
- 0x04001010, 0x04040010, 0x04000000, 0x00000010,
- 0x00001010, 0x04001000, 0x04001000, 0x00041000,
- 0x00041000, 0x04040000, 0x04040000, 0x04001010,
- 0x00040010, 0x04000010, 0x04000010, 0x00040010,
- 0x00000000, 0x00001010, 0x00041010, 0x04000000,
- 0x00040000, 0x04041010, 0x00000010, 0x04040000,
- 0x04041000, 0x04000000, 0x04000000, 0x00001000,
- 0x04040010, 0x00040000, 0x00041000, 0x04000010,
- 0x00001000, 0x00000010, 0x04001010, 0x00041010,
- 0x04041010, 0x00040010, 0x04040000, 0x04001010,
- 0x04000010, 0x00001010, 0x00041010, 0x04041000,
- 0x00001010, 0x04001000, 0x04001000, 0x00000000,
- 0x00040010, 0x00041000, 0x00000000, 0x04040010
- },
-/* Box S2 */ {
- 0x00420082, 0x00020002, 0x00020000, 0x00420080,
- 0x00400000, 0x00000080, 0x00400082, 0x00020082,
- 0x00000082, 0x00420082, 0x00420002, 0x00000002,
- 0x00020002, 0x00400000, 0x00000080, 0x00400082,
- 0x00420000, 0x00400080, 0x00020082, 0x00000000,
- 0x00000002, 0x00020000, 0x00420080, 0x00400002,
- 0x00400080, 0x00000082, 0x00000000, 0x00420000,
- 0x00020080, 0x00420002, 0x00400002, 0x00020080,
- 0x00000000, 0x00420080, 0x00400082, 0x00400000,
- 0x00020082, 0x00400002, 0x00420002, 0x00020000,
- 0x00400002, 0x00020002, 0x00000080, 0x00420082,
- 0x00420080, 0x00000080, 0x00020000, 0x00000002,
- 0x00020080, 0x00420002, 0x00400000, 0x00000082,
- 0x00400080, 0x00020082, 0x00000082, 0x00400080,
- 0x00420000, 0x00000000, 0x00020002, 0x00020080,
- 0x00000002, 0x00400082, 0x00420082, 0x00420000
- },
-/* Box S3 */ {
- 0x00000820, 0x20080800, 0x00000000, 0x20080020,
- 0x20000800, 0x00000000, 0x00080820, 0x20000800,
- 0x00080020, 0x20000020, 0x20000020, 0x00080000,
- 0x20080820, 0x00080020, 0x20080000, 0x00000820,
- 0x20000000, 0x00000020, 0x20080800, 0x00000800,
- 0x00080800, 0x20080000, 0x20080020, 0x00080820,
- 0x20000820, 0x00080800, 0x00080000, 0x20000820,
- 0x00000020, 0x20080820, 0x00000800, 0x20000000,
- 0x20080800, 0x20000000, 0x00080020, 0x00000820,
- 0x00080000, 0x20080800, 0x20000800, 0x00000000,
- 0x00000800, 0x00080020, 0x20080820, 0x20000800,
- 0x20000020, 0x00000800, 0x00000000, 0x20080020,
- 0x20000820, 0x00080000, 0x20000000, 0x20080820,
- 0x00000020, 0x00080820, 0x00080800, 0x20000020,
- 0x20080000, 0x20000820, 0x00000820, 0x20080000,
- 0x00080820, 0x00000020, 0x20080020, 0x00080800
- },
-/* Box S4 */ {
- 0x02008004, 0x00008204, 0x00008204, 0x00000200,
- 0x02008200, 0x02000204, 0x02000004, 0x00008004,
- 0x00000000, 0x02008000, 0x02008000, 0x02008204,
- 0x00000204, 0x00000000, 0x02000200, 0x02000004,
- 0x00000004, 0x00008000, 0x02000000, 0x02008004,
- 0x00000200, 0x02000000, 0x00008004, 0x00008200,
- 0x02000204, 0x00000004, 0x00008200, 0x02000200,
- 0x00008000, 0x02008200, 0x02008204, 0x00000204,
- 0x02000200, 0x02000004, 0x02008000, 0x02008204,
- 0x00000204, 0x00000000, 0x00000000, 0x02008000,
- 0x00008200, 0x02000200, 0x02000204, 0x00000004,
- 0x02008004, 0x00008204, 0x00008204, 0x00000200,
- 0x02008204, 0x00000204, 0x00000004, 0x00008000,
- 0x02000004, 0x00008004, 0x02008200, 0x02000204,
- 0x00008004, 0x00008200, 0x02000000, 0x02008004,
- 0x00000200, 0x02000000, 0x00008000, 0x02008200
- },
-/* Box S5 */ {
- 0x00000400, 0x08200400, 0x08200000, 0x08000401,
- 0x00200000, 0x00000400, 0x00000001, 0x08200000,
- 0x00200401, 0x00200000, 0x08000400, 0x00200401,
- 0x08000401, 0x08200001, 0x00200400, 0x00000001,
- 0x08000000, 0x00200001, 0x00200001, 0x00000000,
- 0x00000401, 0x08200401, 0x08200401, 0x08000400,
- 0x08200001, 0x00000401, 0x00000000, 0x08000001,
- 0x08200400, 0x08000000, 0x08000001, 0x00200400,
- 0x00200000, 0x08000401, 0x00000400, 0x08000000,
- 0x00000001, 0x08200000, 0x08000401, 0x00200401,
- 0x08000400, 0x00000001, 0x08200001, 0x08200400,
- 0x00200401, 0x00000400, 0x08000000, 0x08200001,
- 0x08200401, 0x00200400, 0x08000001, 0x08200401,
- 0x08200000, 0x00000000, 0x00200001, 0x08000001,
- 0x00200400, 0x08000400, 0x00000401, 0x00200000,
- 0x00000000, 0x00200001, 0x08200400, 0x00000401
- },
-/* Box S6 */ {
- 0x80000040, 0x81000000, 0x00010000, 0x81010040,
- 0x81000000, 0x00000040, 0x81010040, 0x01000000,
- 0x80010000, 0x01010040, 0x01000000, 0x80000040,
- 0x01000040, 0x80010000, 0x80000000, 0x00010040,
- 0x00000000, 0x01000040, 0x80010040, 0x00010000,
- 0x01010000, 0x80010040, 0x00000040, 0x81000040,
- 0x81000040, 0x00000000, 0x01010040, 0x81010000,
- 0x00010040, 0x01010000, 0x81010000, 0x80000000,
- 0x80010000, 0x00000040, 0x81000040, 0x01010000,
- 0x81010040, 0x01000000, 0x00010040, 0x80000040,
- 0x01000000, 0x80010000, 0x80000000, 0x00010040,
- 0x80000040, 0x81010040, 0x01010000, 0x81000000,
- 0x01010040, 0x81010000, 0x00000000, 0x81000040,
- 0x00000040, 0x00010000, 0x81000000, 0x01010040,
- 0x00010000, 0x01000040, 0x80010040, 0x00000000,
- 0x81010000, 0x80000000, 0x01000040, 0x80010040
- },
-/* Box S7 */ {
- 0x00800000, 0x10800008, 0x10002008, 0x00000000,
- 0x00002000, 0x10002008, 0x00802008, 0x10802000,
- 0x10802008, 0x00800000, 0x00000000, 0x10000008,
- 0x00000008, 0x10000000, 0x10800008, 0x00002008,
- 0x10002000, 0x00802008, 0x00800008, 0x10002000,
- 0x10000008, 0x10800000, 0x10802000, 0x00800008,
- 0x10800000, 0x00002000, 0x00002008, 0x10802008,
- 0x00802000, 0x00000008, 0x10000000, 0x00802000,
- 0x10000000, 0x00802000, 0x00800000, 0x10002008,
- 0x10002008, 0x10800008, 0x10800008, 0x00000008,
- 0x00800008, 0x10000000, 0x10002000, 0x00800000,
- 0x10802000, 0x00002008, 0x00802008, 0x10802000,
- 0x00002008, 0x10000008, 0x10802008, 0x10800000,
- 0x00802000, 0x00000000, 0x00000008, 0x10802008,
- 0x00000000, 0x00802008, 0x10800000, 0x00002000,
- 0x10000008, 0x10002000, 0x00002000, 0x00800008
- },
-/* Box S8 */ {
- 0x40004100, 0x00004000, 0x00100000, 0x40104100,
- 0x40000000, 0x40004100, 0x00000100, 0x40000000,
- 0x00100100, 0x40100000, 0x40104100, 0x00104000,
- 0x40104000, 0x00104100, 0x00004000, 0x00000100,
- 0x40100000, 0x40000100, 0x40004000, 0x00004100,
- 0x00104000, 0x00100100, 0x40100100, 0x40104000,
- 0x00004100, 0x00000000, 0x00000000, 0x40100100,
- 0x40000100, 0x40004000, 0x00104100, 0x00100000,
- 0x00104100, 0x00100000, 0x40104000, 0x00004000,
- 0x00000100, 0x40100100, 0x00004000, 0x00104100,
- 0x40004000, 0x00000100, 0x40000100, 0x40100000,
- 0x40100100, 0x40000000, 0x00100000, 0x40004100,
- 0x00000000, 0x40104100, 0x00100100, 0x40000100,
- 0x40100000, 0x40004000, 0x40004100, 0x00000000,
- 0x40104100, 0x00104000, 0x00104000, 0x00004100,
- 0x00004100, 0x00100100, 0x40000000, 0x40104000
- }
-};
-
-static const HALF PC2[8][64] = {
-/* table 0 */ {
- 0x00000000, 0x00001000, 0x04000000, 0x04001000,
- 0x00100000, 0x00101000, 0x04100000, 0x04101000,
- 0x00008000, 0x00009000, 0x04008000, 0x04009000,
- 0x00108000, 0x00109000, 0x04108000, 0x04109000,
- 0x00000004, 0x00001004, 0x04000004, 0x04001004,
- 0x00100004, 0x00101004, 0x04100004, 0x04101004,
- 0x00008004, 0x00009004, 0x04008004, 0x04009004,
- 0x00108004, 0x00109004, 0x04108004, 0x04109004,
- 0x08000000, 0x08001000, 0x0c000000, 0x0c001000,
- 0x08100000, 0x08101000, 0x0c100000, 0x0c101000,
- 0x08008000, 0x08009000, 0x0c008000, 0x0c009000,
- 0x08108000, 0x08109000, 0x0c108000, 0x0c109000,
- 0x08000004, 0x08001004, 0x0c000004, 0x0c001004,
- 0x08100004, 0x08101004, 0x0c100004, 0x0c101004,
- 0x08008004, 0x08009004, 0x0c008004, 0x0c009004,
- 0x08108004, 0x08109004, 0x0c108004, 0x0c109004
- },
-/* table 1 */ {
- 0x00000000, 0x00002000, 0x80000000, 0x80002000,
- 0x00000008, 0x00002008, 0x80000008, 0x80002008,
- 0x00200000, 0x00202000, 0x80200000, 0x80202000,
- 0x00200008, 0x00202008, 0x80200008, 0x80202008,
- 0x20000000, 0x20002000, 0xa0000000, 0xa0002000,
- 0x20000008, 0x20002008, 0xa0000008, 0xa0002008,
- 0x20200000, 0x20202000, 0xa0200000, 0xa0202000,
- 0x20200008, 0x20202008, 0xa0200008, 0xa0202008,
- 0x00000400, 0x00002400, 0x80000400, 0x80002400,
- 0x00000408, 0x00002408, 0x80000408, 0x80002408,
- 0x00200400, 0x00202400, 0x80200400, 0x80202400,
- 0x00200408, 0x00202408, 0x80200408, 0x80202408,
- 0x20000400, 0x20002400, 0xa0000400, 0xa0002400,
- 0x20000408, 0x20002408, 0xa0000408, 0xa0002408,
- 0x20200400, 0x20202400, 0xa0200400, 0xa0202400,
- 0x20200408, 0x20202408, 0xa0200408, 0xa0202408
- },
-/* table 2 */ {
- 0x00000000, 0x00004000, 0x00000020, 0x00004020,
- 0x00080000, 0x00084000, 0x00080020, 0x00084020,
- 0x00000800, 0x00004800, 0x00000820, 0x00004820,
- 0x00080800, 0x00084800, 0x00080820, 0x00084820,
- 0x00000010, 0x00004010, 0x00000030, 0x00004030,
- 0x00080010, 0x00084010, 0x00080030, 0x00084030,
- 0x00000810, 0x00004810, 0x00000830, 0x00004830,
- 0x00080810, 0x00084810, 0x00080830, 0x00084830,
- 0x00400000, 0x00404000, 0x00400020, 0x00404020,
- 0x00480000, 0x00484000, 0x00480020, 0x00484020,
- 0x00400800, 0x00404800, 0x00400820, 0x00404820,
- 0x00480800, 0x00484800, 0x00480820, 0x00484820,
- 0x00400010, 0x00404010, 0x00400030, 0x00404030,
- 0x00480010, 0x00484010, 0x00480030, 0x00484030,
- 0x00400810, 0x00404810, 0x00400830, 0x00404830,
- 0x00480810, 0x00484810, 0x00480830, 0x00484830
- },
-/* table 3 */ {
- 0x00000000, 0x40000000, 0x00000080, 0x40000080,
- 0x00040000, 0x40040000, 0x00040080, 0x40040080,
- 0x00000040, 0x40000040, 0x000000c0, 0x400000c0,
- 0x00040040, 0x40040040, 0x000400c0, 0x400400c0,
- 0x10000000, 0x50000000, 0x10000080, 0x50000080,
- 0x10040000, 0x50040000, 0x10040080, 0x50040080,
- 0x10000040, 0x50000040, 0x100000c0, 0x500000c0,
- 0x10040040, 0x50040040, 0x100400c0, 0x500400c0,
- 0x00800000, 0x40800000, 0x00800080, 0x40800080,
- 0x00840000, 0x40840000, 0x00840080, 0x40840080,
- 0x00800040, 0x40800040, 0x008000c0, 0x408000c0,
- 0x00840040, 0x40840040, 0x008400c0, 0x408400c0,
- 0x10800000, 0x50800000, 0x10800080, 0x50800080,
- 0x10840000, 0x50840000, 0x10840080, 0x50840080,
- 0x10800040, 0x50800040, 0x108000c0, 0x508000c0,
- 0x10840040, 0x50840040, 0x108400c0, 0x508400c0
- },
-/* table 4 */ {
- 0x00000000, 0x00000008, 0x08000000, 0x08000008,
- 0x00040000, 0x00040008, 0x08040000, 0x08040008,
- 0x00002000, 0x00002008, 0x08002000, 0x08002008,
- 0x00042000, 0x00042008, 0x08042000, 0x08042008,
- 0x80000000, 0x80000008, 0x88000000, 0x88000008,
- 0x80040000, 0x80040008, 0x88040000, 0x88040008,
- 0x80002000, 0x80002008, 0x88002000, 0x88002008,
- 0x80042000, 0x80042008, 0x88042000, 0x88042008,
- 0x00080000, 0x00080008, 0x08080000, 0x08080008,
- 0x000c0000, 0x000c0008, 0x080c0000, 0x080c0008,
- 0x00082000, 0x00082008, 0x08082000, 0x08082008,
- 0x000c2000, 0x000c2008, 0x080c2000, 0x080c2008,
- 0x80080000, 0x80080008, 0x88080000, 0x88080008,
- 0x800c0000, 0x800c0008, 0x880c0000, 0x880c0008,
- 0x80082000, 0x80082008, 0x88082000, 0x88082008,
- 0x800c2000, 0x800c2008, 0x880c2000, 0x880c2008
- },
-/* table 5 */ {
- 0x00000000, 0x00400000, 0x00008000, 0x00408000,
- 0x40000000, 0x40400000, 0x40008000, 0x40408000,
- 0x00000020, 0x00400020, 0x00008020, 0x00408020,
- 0x40000020, 0x40400020, 0x40008020, 0x40408020,
- 0x00001000, 0x00401000, 0x00009000, 0x00409000,
- 0x40001000, 0x40401000, 0x40009000, 0x40409000,
- 0x00001020, 0x00401020, 0x00009020, 0x00409020,
- 0x40001020, 0x40401020, 0x40009020, 0x40409020,
- 0x00100000, 0x00500000, 0x00108000, 0x00508000,
- 0x40100000, 0x40500000, 0x40108000, 0x40508000,
- 0x00100020, 0x00500020, 0x00108020, 0x00508020,
- 0x40100020, 0x40500020, 0x40108020, 0x40508020,
- 0x00101000, 0x00501000, 0x00109000, 0x00509000,
- 0x40101000, 0x40501000, 0x40109000, 0x40509000,
- 0x00101020, 0x00501020, 0x00109020, 0x00509020,
- 0x40101020, 0x40501020, 0x40109020, 0x40509020
- },
-/* table 6 */ {
- 0x00000000, 0x00000040, 0x04000000, 0x04000040,
- 0x00000800, 0x00000840, 0x04000800, 0x04000840,
- 0x00800000, 0x00800040, 0x04800000, 0x04800040,
- 0x00800800, 0x00800840, 0x04800800, 0x04800840,
- 0x10000000, 0x10000040, 0x14000000, 0x14000040,
- 0x10000800, 0x10000840, 0x14000800, 0x14000840,
- 0x10800000, 0x10800040, 0x14800000, 0x14800040,
- 0x10800800, 0x10800840, 0x14800800, 0x14800840,
- 0x00000080, 0x000000c0, 0x04000080, 0x040000c0,
- 0x00000880, 0x000008c0, 0x04000880, 0x040008c0,
- 0x00800080, 0x008000c0, 0x04800080, 0x048000c0,
- 0x00800880, 0x008008c0, 0x04800880, 0x048008c0,
- 0x10000080, 0x100000c0, 0x14000080, 0x140000c0,
- 0x10000880, 0x100008c0, 0x14000880, 0x140008c0,
- 0x10800080, 0x108000c0, 0x14800080, 0x148000c0,
- 0x10800880, 0x108008c0, 0x14800880, 0x148008c0
- },
-/* table 7 */ {
- 0x00000000, 0x00000010, 0x00000400, 0x00000410,
- 0x00000004, 0x00000014, 0x00000404, 0x00000414,
- 0x00004000, 0x00004010, 0x00004400, 0x00004410,
- 0x00004004, 0x00004014, 0x00004404, 0x00004414,
- 0x20000000, 0x20000010, 0x20000400, 0x20000410,
- 0x20000004, 0x20000014, 0x20000404, 0x20000414,
- 0x20004000, 0x20004010, 0x20004400, 0x20004410,
- 0x20004004, 0x20004014, 0x20004404, 0x20004414,
- 0x00200000, 0x00200010, 0x00200400, 0x00200410,
- 0x00200004, 0x00200014, 0x00200404, 0x00200414,
- 0x00204000, 0x00204010, 0x00204400, 0x00204410,
- 0x00204004, 0x00204014, 0x00204404, 0x00204414,
- 0x20200000, 0x20200010, 0x20200400, 0x20200410,
- 0x20200004, 0x20200014, 0x20200404, 0x20200414,
- 0x20204000, 0x20204010, 0x20204400, 0x20204410,
- 0x20204004, 0x20204014, 0x20204404, 0x20204414
- }
-};
-
-/*
- * The PC-1 Permutation
- * If we number the bits of the 8 bytes of key input like this (in octal):
- * 00 01 02 03 04 05 06 07
- * 10 11 12 13 14 15 16 17
- * 20 21 22 23 24 25 26 27
- * 30 31 32 33 34 35 36 37
- * 40 41 42 43 44 45 46 47
- * 50 51 52 53 54 55 56 57
- * 60 61 62 63 64 65 66 67
- * 70 71 72 73 74 75 76 77
- * then after the PC-1 permutation,
- * C0 is
- * 70 60 50 40 30 20 10 00
- * 71 61 51 41 31 21 11 01
- * 72 62 52 42 32 22 12 02
- * 73 63 53 43
- * D0 is
- * 76 66 56 46 36 26 16 06
- * 75 65 55 45 35 25 15 05
- * 74 64 54 44 34 24 14 04
- * 33 23 13 03
- * and these parity bits have been discarded:
- * 77 67 57 47 37 27 17 07
- *
- * We achieve this by flipping the input matrix about the diagonal from 70-07,
- * getting left =
- * 77 67 57 47 37 27 17 07 (these are the parity bits)
- * 76 66 56 46 36 26 16 06
- * 75 65 55 45 35 25 15 05
- * 74 64 54 44 34 24 14 04
- * right =
- * 73 63 53 43 33 23 13 03
- * 72 62 52 42 32 22 12 02
- * 71 61 51 41 31 21 11 01
- * 70 60 50 40 30 20 10 00
- * then byte swap right, ala htonl() on a little endian machine.
- * right =
- * 70 60 50 40 30 20 10 00
- * 71 67 57 47 37 27 11 07
- * 72 62 52 42 32 22 12 02
- * 73 63 53 43 33 23 13 03
- * then
- * c0 = right >> 4;
- * d0 = ((left & 0x00ffffff) << 4) | (right & 0xf);
-*/
-
-#define FLIP_RIGHT_DIAGONAL(word, temp) \
- temp = (word ^ (word >> 18)) & 0x00003333; \
- word ^= temp | (temp << 18); \
- temp = (word ^ (word >> 9)) & 0x00550055; \
- word ^= temp | (temp << 9);
-
-#define BYTESWAP(word, temp) \
- word = (word >> 16) | (word << 16); \
- temp = 0x00ff00ff; \
- word = ((word & temp) << 8) | ((word >> 8) & temp);
-
-#define PC1(left, right, c0, d0, temp) \
- right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \
- left ^= temp << 4; \
- FLIP_RIGHT_DIAGONAL(left, temp); \
- FLIP_RIGHT_DIAGONAL(right, temp); \
- BYTESWAP(right, temp); \
- c0 = right >> 4; \
- d0 = ((left & 0x00ffffff) << 4) | (right & 0xf);
-
-#define LEFT_SHIFT_1( reg ) (((reg << 1) | (reg >> 27)) & 0x0FFFFFFF)
-#define LEFT_SHIFT_2( reg ) (((reg << 2) | (reg >> 26)) & 0x0FFFFFFF)
-
-/*
- * setup key schedules from key
- */
-
-void
-DES_MakeSchedule( HALF * ks, BYTE * key, DESDirection direction)
-{
- register HALF left, right;
- register HALF c0, d0;
- register HALF temp;
- int delta;
- unsigned int ls;
-
-#if defined(_X86_)
- left = HALFPTR(key)[0];
- right = HALFPTR(key)[1];
- BYTESWAP(left, temp);
- BYTESWAP(right, temp);
-#else
- if (((ptrdiff_t)key & 0x03) == 0) {
- left = HALFPTR(key)[0];
- right = HALFPTR(key)[1];
-#if defined(IS_LITTLE_ENDIAN)
- BYTESWAP(left, temp);
- BYTESWAP(right, temp);
-#endif
- } else {
- left = ((HALF)key[0] << 24) | ((HALF)key[1] << 16) |
- ((HALF)key[2] << 8) | key[3];
- right = ((HALF)key[4] << 24) | ((HALF)key[5] << 16) |
- ((HALF)key[6] << 8) | key[7];
- }
-#endif
-
- PC1(left, right, c0, d0, temp);
-
- if (direction == DES_ENCRYPT) {
- delta = 2 * (int)sizeof(HALF);
- } else {
- ks += 30;
- delta = (-2) * (int)sizeof(HALF);
- }
-
- for (ls = 0x8103; ls; ls >>= 1) {
- if ( ls & 1 ) {
- c0 = LEFT_SHIFT_1( c0 );
- d0 = LEFT_SHIFT_1( d0 );
- } else {
- c0 = LEFT_SHIFT_2( c0 );
- d0 = LEFT_SHIFT_2( d0 );
- }
-
-#ifdef USE_INDEXING
-#define PC2LOOKUP(b,c) PC2[b][c]
-
- left = PC2LOOKUP(0, ((c0 >> 22) & 0x3F) );
- left |= PC2LOOKUP(1, ((c0 >> 13) & 0x3F) );
- left |= PC2LOOKUP(2, ((c0 >> 4) & 0x38) | (c0 & 0x7) );
- left |= PC2LOOKUP(3, ((c0>>18)&0xC) | ((c0>>11)&0x3) | (c0&0x30));
-
- right = PC2LOOKUP(4, ((d0 >> 22) & 0x3F) );
- right |= PC2LOOKUP(5, ((d0 >> 15) & 0x30) | ((d0 >> 14) & 0xf) );
- right |= PC2LOOKUP(6, ((d0 >> 7) & 0x3F) );
- right |= PC2LOOKUP(7, ((d0 >> 1) & 0x3C) | (d0 & 0x3));
-#else
-#define PC2LOOKUP(b,c) *(HALF *)((BYTE *)&PC2[b][0]+(c))
-
- left = PC2LOOKUP(0, ((c0 >> 20) & 0xFC) );
- left |= PC2LOOKUP(1, ((c0 >> 11) & 0xFC) );
- left |= PC2LOOKUP(2, ((c0 >> 2) & 0xE0) | ((c0 << 2) & 0x1C) );
- left |= PC2LOOKUP(3, ((c0>>16)&0x30)|((c0>>9)&0xC)|((c0<<2)&0xC0));
-
- right = PC2LOOKUP(4, ((d0 >> 20) & 0xFC) );
- right |= PC2LOOKUP(5, ((d0 >> 13) & 0xC0) | ((d0 >> 12) & 0x3C) );
- right |= PC2LOOKUP(6, ((d0 >> 5) & 0xFC) );
- right |= PC2LOOKUP(7, ((d0 << 1) & 0xF0) | ((d0 << 2) & 0x0C));
-#endif
- /* left contains key bits for S1 S3 S2 S4 */
- /* right contains key bits for S6 S8 S5 S7 */
- temp = (left << 16) /* S2 S4 XX XX */
- | (right >> 16); /* XX XX S6 S8 */
- ks[0] = temp;
-
- temp = (left & 0xffff0000) /* S1 S3 XX XX */
- | (right & 0x0000ffff);/* XX XX S5 S7 */
- ks[1] = temp;
-
- ks = (HALF*)((BYTE *)ks + delta);
- }
-}
-
-/*
- * The DES Initial Permutation
- * if we number the bits of the 8 bytes of input like this (in octal):
- * 00 01 02 03 04 05 06 07
- * 10 11 12 13 14 15 16 17
- * 20 21 22 23 24 25 26 27
- * 30 31 32 33 34 35 36 37
- * 40 41 42 43 44 45 46 47
- * 50 51 52 53 54 55 56 57
- * 60 61 62 63 64 65 66 67
- * 70 71 72 73 74 75 76 77
- * then after the initial permutation, they will be in this order.
- * 71 61 51 41 31 21 11 01
- * 73 63 53 43 33 23 13 03
- * 75 65 55 45 35 25 15 05
- * 77 67 57 47 37 27 17 07
- * 70 60 50 40 30 20 10 00
- * 72 62 52 42 32 22 12 02
- * 74 64 54 44 34 24 14 04
- * 76 66 56 46 36 26 16 06
- *
- * One way to do this is in two steps:
- * 1. Flip this matrix about the diagonal from 70-07 as done for PC1.
- * 2. Rearrange the bytes (rows in the matrix above) with the following code.
- *
- * #define swapHiLo(word, temp) \
- * temp = (word ^ (word >> 24)) & 0x000000ff; \
- * word ^= temp | (temp << 24);
- *
- * right ^= temp = ((left << 8) ^ right) & 0xff00ff00;
- * left ^= temp >> 8;
- * swapHiLo(left, temp);
- * swapHiLo(right,temp);
- *
- * However, the two steps can be combined, so that the rows are rearranged
- * while the matrix is being flipped, reducing the number of bit exchange
- * operations from 8 ot 5.
- *
- * Initial Permutation */
-#define IP(left, right, temp) \
- right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \
- left ^= temp << 4; \
- right ^= temp = ((left >> 16) ^ right) & 0x0000ffff; \
- left ^= temp << 16; \
- right ^= temp = ((left << 2) ^ right) & 0xcccccccc; \
- left ^= temp >> 2; \
- right ^= temp = ((left << 8) ^ right) & 0xff00ff00; \
- left ^= temp >> 8; \
- right ^= temp = ((left >> 1) ^ right) & 0x55555555; \
- left ^= temp << 1;
-
-/* The Final (Inverse Initial) permutation is done by reversing the
-** steps of the Initital Permutation
-*/
-
-#define FP(left, right, temp) \
- right ^= temp = ((left >> 1) ^ right) & 0x55555555; \
- left ^= temp << 1; \
- right ^= temp = ((left << 8) ^ right) & 0xff00ff00; \
- left ^= temp >> 8; \
- right ^= temp = ((left << 2) ^ right) & 0xcccccccc; \
- left ^= temp >> 2; \
- right ^= temp = ((left >> 16) ^ right) & 0x0000ffff; \
- left ^= temp << 16; \
- right ^= temp = ((left >> 4) ^ right) & 0x0f0f0f0f; \
- left ^= temp << 4;
-
-void
-DES_Do1Block(HALF * ks, const BYTE * inbuf, BYTE * outbuf)
-{
- register HALF left, right;
- register HALF temp;
-
-#if defined(_X86_)
- left = HALFPTR(inbuf)[0];
- right = HALFPTR(inbuf)[1];
- BYTESWAP(left, temp);
- BYTESWAP(right, temp);
-#else
- if (((ptrdiff_t)inbuf & 0x03) == 0) {
- left = HALFPTR(inbuf)[0];
- right = HALFPTR(inbuf)[1];
-#if defined(IS_LITTLE_ENDIAN)
- BYTESWAP(left, temp);
- BYTESWAP(right, temp);
-#endif
- } else {
- left = ((HALF)inbuf[0] << 24) | ((HALF)inbuf[1] << 16) |
- ((HALF)inbuf[2] << 8) | inbuf[3];
- right = ((HALF)inbuf[4] << 24) | ((HALF)inbuf[5] << 16) |
- ((HALF)inbuf[6] << 8) | inbuf[7];
- }
-#endif
-
- IP(left, right, temp);
-
- /* shift the values left circularly 3 bits. */
- left = (left << 3) | (left >> 29);
- right = (right << 3) | (right >> 29);
-
-#ifdef USE_INDEXING
-#define KSLOOKUP(s,b) SP[s][((temp >> (b+2)) & 0x3f)]
-#else
-#define KSLOOKUP(s,b) *(HALF*)((BYTE*)&SP[s][0]+((temp >> b) & 0xFC))
-#endif
-#define ROUND(out, in, r) \
- temp = in ^ ks[2*r]; \
- out ^= KSLOOKUP( 1, 24 ); \
- out ^= KSLOOKUP( 3, 16 ); \
- out ^= KSLOOKUP( 5, 8 ); \
- out ^= KSLOOKUP( 7, 0 ); \
- temp = ((in >> 4) | (in << 28)) ^ ks[2*r+1]; \
- out ^= KSLOOKUP( 0, 24 ); \
- out ^= KSLOOKUP( 2, 16 ); \
- out ^= KSLOOKUP( 4, 8 ); \
- out ^= KSLOOKUP( 6, 0 );
-
- /* Do the 16 Feistel rounds */
- ROUND(left, right, 0)
- ROUND(right, left, 1)
- ROUND(left, right, 2)
- ROUND(right, left, 3)
- ROUND(left, right, 4)
- ROUND(right, left, 5)
- ROUND(left, right, 6)
- ROUND(right, left, 7)
- ROUND(left, right, 8)
- ROUND(right, left, 9)
- ROUND(left, right, 10)
- ROUND(right, left, 11)
- ROUND(left, right, 12)
- ROUND(right, left, 13)
- ROUND(left, right, 14)
- ROUND(right, left, 15)
-
- /* now shift circularly right 3 bits to undo the shifting done
- ** above. switch left and right here.
- */
- temp = (left >> 3) | (left << 29);
- left = (right >> 3) | (right << 29);
- right = temp;
-
- FP(left, right, temp);
-
-#if defined(_X86_)
- BYTESWAP(left, temp);
- BYTESWAP(right, temp);
- HALFPTR(outbuf)[0] = left;
- HALFPTR(outbuf)[1] = right;
-#else
- if (((ptrdiff_t)inbuf & 0x03) == 0) {
-#if defined(IS_LITTLE_ENDIAN)
- BYTESWAP(left, temp);
- BYTESWAP(right, temp);
-#endif
- HALFPTR(outbuf)[0] = left;
- HALFPTR(outbuf)[1] = right;
- } else {
- outbuf[0] = (BYTE)(left >> 24);
- outbuf[1] = (BYTE)(left >> 16);
- outbuf[2] = (BYTE)(left >> 8);
- outbuf[3] = (BYTE)(left );
-
- outbuf[4] = (BYTE)(right >> 24);
- outbuf[5] = (BYTE)(right >> 16);
- outbuf[6] = (BYTE)(right >> 8);
- outbuf[7] = (BYTE)(right );
- }
-#endif
-
-}
-
-/* Ackowledgements:
-** Two ideas used in this implementation were shown to me by Dennis Ferguson
-** in 1990. He credits them to Richard Outerbridge and Dan Hoey. They were:
-** 1. The method of computing the Initial and Final permutations.
-** 2. Circularly rotating the SP tables and the initial values of left and
-** right to reduce the number of shifts required during the 16 rounds.
-*/
diff --git a/security/nss/lib/freebl/des.h b/security/nss/lib/freebl/des.h
deleted file mode 100644
index 472896ef1..000000000
--- a/security/nss/lib/freebl/des.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * des.h
- *
- * header file for DES-150 library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com. Portions created by Nelson B. Bolyard are
- * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#ifndef _DES_H_
-#define _DES_H_ 1
-
-#include "blapi.h"
-
-typedef unsigned char BYTE;
-typedef unsigned int HALF;
-
-#define HALFPTR(x) ((HALF *)(x))
-#define SHORTPTR(x) ((unsigned short *)(x))
-#define BYTEPTR(x) ((BYTE *)(x))
-
-typedef enum {
- DES_ENCRYPT = 0x5555,
- DES_DECRYPT = 0xAAAA
-} DESDirection;
-
-typedef void DESFunc(struct DESContextStr *cx, BYTE *out, const BYTE *in,
- unsigned int len);
-
-struct DESContextStr {
- /* key schedule, 16 internal keys, each with 8 6-bit parts */
- HALF ks0 [32];
- HALF ks1 [32];
- HALF ks2 [32];
- HALF iv [2];
- DESDirection direction;
- DESFunc *worker;
-};
-
-void DES_MakeSchedule( HALF * ks, BYTE * key, DESDirection direction);
-void DES_Do1Block( HALF * ks, const BYTE * inbuf, BYTE * outbuf);
-
-#endif
diff --git a/security/nss/lib/freebl/desblapi.c b/security/nss/lib/freebl/desblapi.c
deleted file mode 100644
index af7e9ca2d..000000000
--- a/security/nss/lib/freebl/desblapi.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/*
- * desblapi.c
- *
- * core source file for DES-150 library
- * Implement DES Modes of Operation and Triple-DES.
- * Adapt DES-150 to blapi API.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com. Portions created by Nelson B. Bolyard are
- * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include "des.h"
-#include <stddef.h>
-#include "secerr.h"
-
-#if defined(_X86_)
-/* Intel X86 CPUs do unaligned loads and stores without complaint. */
-#define COPY8B(to, from, ptr) \
- HALFPTR(to)[0] = HALFPTR(from)[0]; \
- HALFPTR(to)[1] = HALFPTR(from)[1];
-#elif defined(USE_MEMCPY)
-#define COPY8B(to, from, ptr) memcpy(to, from, 8)
-#else
-#define COPY8B(to, from, ptr) \
- if (((ptrdiff_t)(ptr) & 0x3) == 0) { \
- HALFPTR(to)[0] = HALFPTR(from)[0]; \
- HALFPTR(to)[1] = HALFPTR(from)[1]; \
- } else if (((ptrdiff_t)(ptr) & 0x1) == 0) { \
- SHORTPTR(to)[0] = SHORTPTR(from)[0]; \
- SHORTPTR(to)[1] = SHORTPTR(from)[1]; \
- SHORTPTR(to)[2] = SHORTPTR(from)[2]; \
- SHORTPTR(to)[3] = SHORTPTR(from)[3]; \
- } else { \
- BYTEPTR(to)[0] = BYTEPTR(from)[0]; \
- BYTEPTR(to)[1] = BYTEPTR(from)[1]; \
- BYTEPTR(to)[2] = BYTEPTR(from)[2]; \
- BYTEPTR(to)[3] = BYTEPTR(from)[3]; \
- BYTEPTR(to)[4] = BYTEPTR(from)[4]; \
- BYTEPTR(to)[5] = BYTEPTR(from)[5]; \
- BYTEPTR(to)[6] = BYTEPTR(from)[6]; \
- BYTEPTR(to)[7] = BYTEPTR(from)[7]; \
- }
-#endif
-#define COPY8BTOHALF(to, from) COPY8B(to, from, from)
-#define COPY8BFROMHALF(to, from) COPY8B(to, from, to)
-
-static void
-DES_ECB(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
- while (len) {
- DES_Do1Block(cx->ks0, in, out);
- len -= 8;
- in += 8;
- out += 8;
- }
-}
-
-static void
-DES_EDE3_ECB(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
- while (len) {
- DES_Do1Block(cx->ks0, in, out);
- len -= 8;
- in += 8;
- DES_Do1Block(cx->ks1, out, out);
- DES_Do1Block(cx->ks2, out, out);
- out += 8;
- }
-}
-
-static void
-DES_CBCEn(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
- const BYTE * bufend = in + len;
- HALF vec[2];
-
- while (in != bufend) {
- COPY8BTOHALF(vec, in);
- in += 8;
- vec[0] ^= cx->iv[0];
- vec[1] ^= cx->iv[1];
- DES_Do1Block( cx->ks0, (BYTE *)vec, (BYTE *)cx->iv);
- COPY8BFROMHALF(out, cx->iv);
- out += 8;
- }
-}
-
-static void
-DES_CBCDe(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
- const BYTE * bufend;
- HALF oldciphertext[2];
- HALF plaintext [2];
-
- for (bufend = in + len; in != bufend; ) {
- oldciphertext[0] = cx->iv[0];
- oldciphertext[1] = cx->iv[1];
- COPY8BTOHALF(cx->iv, in);
- in += 8;
- DES_Do1Block(cx->ks0, (BYTE *)cx->iv, (BYTE *)plaintext);
- plaintext[0] ^= oldciphertext[0];
- plaintext[1] ^= oldciphertext[1];
- COPY8BFROMHALF(out, plaintext);
- out += 8;
- }
-}
-
-static void
-DES_EDE3CBCEn(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
- const BYTE * bufend = in + len;
- HALF vec[2];
-
- while (in != bufend) {
- COPY8BTOHALF(vec, in);
- in += 8;
- vec[0] ^= cx->iv[0];
- vec[1] ^= cx->iv[1];
- DES_Do1Block( cx->ks0, (BYTE *)vec, (BYTE *)cx->iv);
- DES_Do1Block( cx->ks1, (BYTE *)cx->iv, (BYTE *)cx->iv);
- DES_Do1Block( cx->ks2, (BYTE *)cx->iv, (BYTE *)cx->iv);
- COPY8BFROMHALF(out, cx->iv);
- out += 8;
- }
-}
-
-static void
-DES_EDE3CBCDe(DESContext *cx, BYTE *out, const BYTE *in, unsigned int len)
-{
- const BYTE * bufend;
- HALF oldciphertext[2];
- HALF plaintext [2];
-
- for (bufend = in + len; in != bufend; ) {
- oldciphertext[0] = cx->iv[0];
- oldciphertext[1] = cx->iv[1];
- COPY8BTOHALF(cx->iv, in);
- in += 8;
- DES_Do1Block(cx->ks0, (BYTE *)cx->iv, (BYTE *)plaintext);
- DES_Do1Block(cx->ks1, (BYTE *)plaintext, (BYTE *)plaintext);
- DES_Do1Block(cx->ks2, (BYTE *)plaintext, (BYTE *)plaintext);
- plaintext[0] ^= oldciphertext[0];
- plaintext[1] ^= oldciphertext[1];
- COPY8BFROMHALF(out, plaintext);
- out += 8;
- }
-}
-
-DESContext *
-DES_CreateContext(BYTE * key, BYTE *iv, int mode, PRBool encrypt)
-{
- DESContext *cx = PORT_ZNew(DESContext);
- DESDirection opposite;
- if (!cx)
- return 0;
- cx->direction = encrypt ? DES_ENCRYPT : DES_DECRYPT;
- opposite = encrypt ? DES_DECRYPT : DES_ENCRYPT;
- switch (mode) {
- case NSS_DES: /* DES ECB */
- DES_MakeSchedule( cx->ks0, key, cx->direction);
- cx->worker = &DES_ECB;
- break;
-
- case NSS_DES_EDE3: /* DES EDE ECB */
- cx->worker = &DES_EDE3_ECB;
- if (encrypt) {
- DES_MakeSchedule(cx->ks0, key, cx->direction);
- DES_MakeSchedule(cx->ks1, key + 8, opposite);
- DES_MakeSchedule(cx->ks2, key + 16, cx->direction);
- } else {
- DES_MakeSchedule(cx->ks2, key, cx->direction);
- DES_MakeSchedule(cx->ks1, key + 8, opposite);
- DES_MakeSchedule(cx->ks0, key + 16, cx->direction);
- }
- break;
-
- case NSS_DES_CBC: /* DES CBC */
- COPY8BTOHALF(cx->iv, iv);
- cx->worker = encrypt ? &DES_CBCEn : &DES_CBCDe;
- DES_MakeSchedule(cx->ks0, key, cx->direction);
- break;
-
- case NSS_DES_EDE3_CBC: /* DES EDE CBC */
- COPY8BTOHALF(cx->iv, iv);
- if (encrypt) {
- cx->worker = &DES_EDE3CBCEn;
- DES_MakeSchedule(cx->ks0, key, cx->direction);
- DES_MakeSchedule(cx->ks1, key + 8, opposite);
- DES_MakeSchedule(cx->ks2, key + 16, cx->direction);
- } else {
- cx->worker = &DES_EDE3CBCDe;
- DES_MakeSchedule(cx->ks2, key, cx->direction);
- DES_MakeSchedule(cx->ks1, key + 8, opposite);
- DES_MakeSchedule(cx->ks0, key + 16, cx->direction);
- }
- break;
-
- default:
- PORT_Free(cx);
- cx = 0;
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- break;
- }
- return cx;
-}
-
-void
-DES_DestroyContext(DESContext *cx, PRBool freeit)
-{
- if (cx) {
- memset(cx, 0, sizeof *cx);
- if (freeit)
- PORT_Free(cx);
- }
-}
-
-SECStatus
-DES_Encrypt(DESContext *cx, BYTE *out, unsigned int *outLen,
- unsigned int maxOutLen, const BYTE *in, unsigned int inLen)
-{
-
- if (inLen < 0 || (inLen % 8) != 0 || maxOutLen < inLen || !cx ||
- cx->direction != DES_ENCRYPT) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- cx->worker(cx, out, in, inLen);
- if (outLen)
- *outLen = inLen;
- return SECSuccess;
-}
-
-SECStatus
-DES_Decrypt(DESContext *cx, BYTE *out, unsigned int *outLen,
- unsigned int maxOutLen, const BYTE *in, unsigned int inLen)
-{
-
- if (inLen < 0 || (inLen % 8) != 0 || maxOutLen < inLen || !cx ||
- cx->direction != DES_DECRYPT) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- cx->worker(cx, out, in, inLen);
- if (outLen)
- *outLen = inLen;
- return SECSuccess;
-}
diff --git a/security/nss/lib/freebl/dh.c b/security/nss/lib/freebl/dh.c
deleted file mode 100644
index 6c369b6dd..000000000
--- a/security/nss/lib/freebl/dh.c
+++ /dev/null
@@ -1,385 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Diffie-Hellman parameter generation, key generation, and secret derivation.
- * KEA secret generation and verification.
- *
- * $Id$
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "blapi.h"
-#include "secitem.h"
-#include "mpi.h"
-#include "mpprime.h"
-#include "secmpi.h"
-
-#define DH_SECRET_KEY_LEN 20
-#define KEA_DERIVED_SECRET_LEN 128
-
-SECStatus
-DH_GenParam(int primeLen, DHParams **params)
-{
- PRArenaPool *arena;
- DHParams *dhparams;
- unsigned char *pb = NULL;
- unsigned char *ab = NULL;
- unsigned long counter = 0;
- mp_int p, q, a, h, psub1, test;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- if (!params || primeLen < 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- dhparams = (DHParams *)PORT_ArenaZAlloc(arena, sizeof(DHParams));
- if (!dhparams) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(arena, PR_TRUE);
- return SECFailure;
- }
- dhparams->arena = arena;
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&q) = 0;
- MP_DIGITS(&a) = 0;
- MP_DIGITS(&h) = 0;
- MP_DIGITS(&psub1) = 0;
- MP_DIGITS(&test) = 0;
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&q) );
- CHECK_MPI_OK( mp_init(&a) );
- CHECK_MPI_OK( mp_init(&h) );
- CHECK_MPI_OK( mp_init(&psub1) );
- CHECK_MPI_OK( mp_init(&test) );
- /* generate prime with MPI, uses Miller-Rabin to generate strong prime. */
- pb = PORT_Alloc(primeLen);
- CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(pb, primeLen) );
- pb[0] |= 0x80; /* set high-order bit */
- pb[primeLen-1] |= 0x01; /* set low-order bit */
- CHECK_MPI_OK( mp_read_unsigned_octets(&p, pb, primeLen) );
- CHECK_MPI_OK( mpp_make_prime(&p, primeLen * 8, PR_TRUE, &counter) );
- /* construct Sophie-Germain prime q = (p-1)/2. */
- CHECK_MPI_OK( mp_sub_d(&p, 1, &psub1) );
- CHECK_MPI_OK( mp_div_2(&psub1, &q) );
- /* construct a generator from the prime. */
- ab = PORT_Alloc(primeLen);
- /* generate a candidate number a in p's field */
- CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(ab, primeLen) );
- CHECK_MPI_OK( mp_read_unsigned_octets(&a, ab, primeLen) );
- /* force a < p (note that quot(a/p) <= 1) */
- if ( mp_cmp(&a, &p) > 0 )
- CHECK_MPI_OK( mp_sub(&a, &p, &a) );
- do {
- /* check that a is in the range [2..p-1] */
- if ( mp_cmp_d(&a, 2) < 0 || mp_cmp(&a, &psub1) >= 0) {
- /* a is outside of the allowed range. Set a=3 and keep going. */
- mp_set(&a, 3);
- }
- /* if a**q mod p != 1 then a is a generator */
- CHECK_MPI_OK( mp_exptmod(&a, &q, &p, &test) );
- if ( mp_cmp_d(&test, 1) != 0 )
- break;
- /* increment the candidate and try again. */
- CHECK_MPI_OK( mp_add_d(&a, 1, &a) );
- } while (PR_TRUE);
- MPINT_TO_SECITEM(&p, &dhparams->prime, arena);
- MPINT_TO_SECITEM(&a, &dhparams->base, arena);
- *params = dhparams;
-cleanup:
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&a);
- mp_clear(&h);
- mp_clear(&psub1);
- mp_clear(&test);
- if (pb) PORT_ZFree(pb, primeLen);
- if (ab) PORT_ZFree(ab, primeLen);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- if (rv)
- PORT_FreeArena(arena, PR_TRUE);
- return rv;
-}
-
-SECStatus
-DH_NewKey(DHParams *params, DHPrivateKey **privKey)
-{
- PRArenaPool *arena;
- DHPrivateKey *key;
- mp_int g, xa, p, Ya;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- if (!params || !privKey) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- key = (DHPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DHPrivateKey));
- if (!key) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(arena, PR_TRUE);
- return SECFailure;
- }
- key->arena = arena;
- MP_DIGITS(&g) = 0;
- MP_DIGITS(&xa) = 0;
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&Ya) = 0;
- CHECK_MPI_OK( mp_init(&g) );
- CHECK_MPI_OK( mp_init(&xa) );
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&Ya) );
- /* Set private key's p */
- CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->prime, &params->prime) );
- SECITEM_TO_MPINT(key->prime, &p);
- /* Set private key's g */
- CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->base, &params->base) );
- SECITEM_TO_MPINT(key->base, &g);
- /* Generate private key xa */
- SECITEM_AllocItem(arena, &key->privateValue, DH_SECRET_KEY_LEN);
- RNG_GenerateGlobalRandomBytes(key->privateValue.data,
- key->privateValue.len);
- SECITEM_TO_MPINT( key->privateValue, &xa );
- /* xa < p */
- CHECK_MPI_OK( mp_mod(&xa, &p, &xa) );
- /* Compute public key Ya = g ** xa mod p */
- CHECK_MPI_OK( mp_exptmod(&g, &xa, &p, &Ya) );
- MPINT_TO_SECITEM(&Ya, &key->publicValue, key->arena);
- *privKey = key;
-cleanup:
- mp_clear(&g);
- mp_clear(&xa);
- mp_clear(&p);
- mp_clear(&Ya);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- if (rv)
- PORT_FreeArena(arena, PR_TRUE);
- return rv;
-}
-
-SECStatus
-DH_Derive(SECItem *publicValue,
- SECItem *prime,
- SECItem *privateValue,
- SECItem *derivedSecret,
- unsigned int maxOutBytes)
-{
- mp_int p, Xa, Yb, ZZ;
- mp_err err = MP_OKAY;
- unsigned int len = 0, nb;
- unsigned char *secret = NULL;
- if (!publicValue || !prime || !privateValue || !derivedSecret) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- memset(derivedSecret, 0, sizeof *derivedSecret);
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&Xa) = 0;
- MP_DIGITS(&Yb) = 0;
- MP_DIGITS(&ZZ) = 0;
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&Xa) );
- CHECK_MPI_OK( mp_init(&Yb) );
- CHECK_MPI_OK( mp_init(&ZZ) );
- SECITEM_TO_MPINT(*publicValue, &Yb);
- SECITEM_TO_MPINT(*privateValue, &Xa);
- SECITEM_TO_MPINT(*prime, &p);
- /* ZZ = (Yb)**Xa mod p */
- CHECK_MPI_OK( mp_exptmod(&Yb, &Xa, &p, &ZZ) );
- /* number of bytes in the derived secret */
- len = mp_unsigned_octet_size(&ZZ);
- /* allocate a buffer which can hold the entire derived secret. */
- secret = PORT_Alloc(len);
- /* grab the derived secret */
- err = mp_to_unsigned_octets(&ZZ, secret, len);
- if (err >= 0) err = MP_OKAY;
- /* Take minimum of bytes requested and bytes in derived secret,
- ** if maxOutBytes is 0 take all of the bytes from the derived secret.
- */
- if (maxOutBytes > 0)
- nb = PR_MIN(len, maxOutBytes);
- else
- nb = len;
- SECITEM_AllocItem(NULL, derivedSecret, nb);
- memcpy(derivedSecret->data, secret, nb);
-cleanup:
- mp_clear(&p);
- mp_clear(&Xa);
- mp_clear(&Yb);
- mp_clear(&ZZ);
- if (secret) {
- /* free the buffer allocated for the full secret. */
- PORT_ZFree(secret, len);
- }
- if (err) {
- MP_TO_SEC_ERROR(err);
- if (derivedSecret->data)
- PORT_ZFree(derivedSecret->data, derivedSecret->len);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-KEA_Derive(SECItem *prime,
- SECItem *public1,
- SECItem *public2,
- SECItem *private1,
- SECItem *private2,
- SECItem *derivedSecret)
-{
- mp_int p, Y, R, r, x, t, u, w;
- mp_err err;
- unsigned char *secret = NULL;
- unsigned int len = 0, offset;
- if (!prime || !public1 || !public2 || !private1 || !private2 ||
- !derivedSecret) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- memset(derivedSecret, 0, sizeof *derivedSecret);
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&Y) = 0;
- MP_DIGITS(&R) = 0;
- MP_DIGITS(&r) = 0;
- MP_DIGITS(&x) = 0;
- MP_DIGITS(&t) = 0;
- MP_DIGITS(&u) = 0;
- MP_DIGITS(&w) = 0;
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&Y) );
- CHECK_MPI_OK( mp_init(&R) );
- CHECK_MPI_OK( mp_init(&r) );
- CHECK_MPI_OK( mp_init(&x) );
- CHECK_MPI_OK( mp_init(&t) );
- CHECK_MPI_OK( mp_init(&u) );
- CHECK_MPI_OK( mp_init(&w) );
- SECITEM_TO_MPINT(*prime, &p);
- SECITEM_TO_MPINT(*public1, &Y);
- SECITEM_TO_MPINT(*public2, &R);
- SECITEM_TO_MPINT(*private1, &r);
- SECITEM_TO_MPINT(*private2, &x);
- /* t = DH(Y, r, p) = Y ** r mod p */
- CHECK_MPI_OK( mp_exptmod(&Y, &r, &p, &t) );
- /* u = DH(R, x, p) = R ** x mod p */
- CHECK_MPI_OK( mp_exptmod(&R, &x, &p, &u) );
- /* w = (t + u) mod p */
- CHECK_MPI_OK( mp_addmod(&t, &u, &p, &w) );
- /* allocate a buffer for the full derived secret */
- len = mp_unsigned_octet_size(&w);
- secret = PORT_Alloc(len);
- /* grab the secret */
- err = mp_to_unsigned_octets(&w, secret, len);
- if (err > 0) err = MP_OKAY;
- /* allocate output buffer */
- SECITEM_AllocItem(NULL, derivedSecret, KEA_DERIVED_SECRET_LEN);
- memset(derivedSecret->data, 0, derivedSecret->len);
- /* copy in the 128 lsb of the secret */
- if (len >= KEA_DERIVED_SECRET_LEN) {
- memcpy(derivedSecret->data, secret + (len - KEA_DERIVED_SECRET_LEN),
- KEA_DERIVED_SECRET_LEN);
- } else {
- offset = KEA_DERIVED_SECRET_LEN - len;
- memcpy(derivedSecret->data + offset, secret, len);
- }
-cleanup:
- mp_clear(&p);
- mp_clear(&Y);
- mp_clear(&R);
- mp_clear(&r);
- mp_clear(&x);
- mp_clear(&t);
- mp_clear(&u);
- mp_clear(&w);
- if (secret)
- PORT_ZFree(secret, len);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-PRBool
-KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime)
-{
- mp_int p, q, y, r;
- mp_err err;
- int cmp = 1; /* default is false */
- if (!Y || !prime || !subPrime) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&q) = 0;
- MP_DIGITS(&y) = 0;
- MP_DIGITS(&r) = 0;
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&q) );
- CHECK_MPI_OK( mp_init(&y) );
- CHECK_MPI_OK( mp_init(&r) );
- SECITEM_TO_MPINT(*prime, &p);
- SECITEM_TO_MPINT(*subPrime, &q);
- SECITEM_TO_MPINT(*Y, &y);
- /* compute r = y**q mod p */
- CHECK_MPI_OK( mp_exptmod(&y, &q, &p, &r) );
- /* compare to 1 */
- cmp = mp_cmp_d(&r, 1);
-cleanup:
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&y);
- mp_clear(&r);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return PR_FALSE;
- }
- return (cmp == 0) ? PR_TRUE : PR_FALSE;
-}
diff --git a/security/nss/lib/freebl/dh_bsf.c b/security/nss/lib/freebl/dh_bsf.c
deleted file mode 100644
index f366363bf..000000000
--- a/security/nss/lib/freebl/dh_bsf.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "blapi.h"
-
-SECStatus
-DH_GenParam(int primeLen, DHParams ** params)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-SECStatus
-DH_NewKey(DHParams * params,
- DHPrivateKey ** privKey)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-SECStatus
-DH_Derive(SECItem * publicValue,
- SECItem * prime,
- SECItem * privateValue,
- SECItem * derivedSecret,
- unsigned int maxOutBytes)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-SECStatus
-KEA_Derive(SECItem *prime,
- SECItem *public1,
- SECItem *public2,
- SECItem *private1,
- SECItem *private2,
- SECItem *derivedSecret)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-PRBool
-KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return PR_FALSE;
-}
diff --git a/security/nss/lib/freebl/dsa.c b/security/nss/lib/freebl/dsa.c
deleted file mode 100644
index 63a5e08b3..000000000
--- a/security/nss/lib/freebl/dsa.c
+++ /dev/null
@@ -1,415 +0,0 @@
-/*
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "prinit.h"
-#include "blapi.h"
-#include "nssilock.h"
-#include "secitem.h"
-#include "blapi.h"
-#include "mpi.h"
-
- /* XXX to be replaced by define in blapit.h */
-#define NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE 2048
-
-#define CHECKOK(func) if (MP_OKAY > (err = func)) goto cleanup
-
-#define SECITEM_TO_MPINT(it, mp) \
- CHECKOK(mp_read_unsigned_octets((mp), (it).data, (it).len))
-
-/* DSA-specific random number functions defined in prng_fips1861.c. */
-extern SECStatus
-DSA_RandomUpdate(void *data, size_t bytes, unsigned char *q);
-
-extern SECStatus
-DSA_GenerateGlobalRandomBytes(void *dest, size_t len, unsigned char *q);
-
-static void translate_mpi_error(mp_err err)
-{
- switch (err) {
- case MP_MEM: PORT_SetError(SEC_ERROR_NO_MEMORY); break;
- case MP_RANGE: PORT_SetError(SEC_ERROR_BAD_DATA); break;
- case MP_BADARG: PORT_SetError(SEC_ERROR_INVALID_ARGS); break;
- default: PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); break;
- }
-}
-
-SECStatus
-dsa_NewKey(const PQGParams *params, DSAPrivateKey **privKey,
- const unsigned char *xb)
-{
- unsigned int y_len;
- mp_int p, g;
- mp_int x, y;
- mp_err err;
- PRArenaPool *arena;
- DSAPrivateKey *key;
- /* Check args. */
- if (!params || !privKey) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* Initialize an arena for the DSA key. */
- arena = PORT_NewArena(NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE);
- if (!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey));
- if (!key) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(arena, PR_TRUE);
- return SECFailure;
- }
- key->params.arena = arena;
- /* Initialize MPI integers. */
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&g) = 0;
- MP_DIGITS(&x) = 0;
- MP_DIGITS(&y) = 0;
- CHECKOK( mp_init(&p) );
- CHECKOK( mp_init(&g) );
- CHECKOK( mp_init(&x) );
- CHECKOK( mp_init(&y) );
- /* Copy over the PQG params */
- CHECKOK( SECITEM_CopyItem(arena, &key->params.prime, &params->prime) );
- CHECKOK( SECITEM_CopyItem(arena, &key->params.subPrime, &params->subPrime));
- CHECKOK( SECITEM_CopyItem(arena, &key->params.base, &params->base) );
- /* Convert stored p, g, and received x into MPI integers. */
- SECITEM_TO_MPINT(params->prime, &p);
- SECITEM_TO_MPINT(params->base, &g);
- CHECKOK( mp_read_unsigned_octets(&x, xb, DSA_SUBPRIME_LEN) );
- /* Store x in private key */
- SECITEM_AllocItem(arena, &key->privateValue, DSA_SUBPRIME_LEN);
- memcpy(key->privateValue.data, xb, DSA_SUBPRIME_LEN);
- /* Compute public key y = g**x mod p */
- CHECKOK( mp_exptmod(&g, &x, &p, &y) );
- /* Store y in public key */
- y_len = mp_unsigned_octet_size(&y);
- SECITEM_AllocItem(arena, &key->publicValue, y_len);
- err = mp_to_unsigned_octets(&y, key->publicValue.data, y_len);
- /* mp_to_unsigned_octets returns bytes written (y_len) if okay */
- if (err < 0) goto cleanup; else err = MP_OKAY;
- *privKey = key;
- key = NULL;
-cleanup:
- mp_clear(&p);
- mp_clear(&g);
- mp_clear(&x);
- mp_clear(&y);
- if (key)
- PORT_FreeArena(key->params.arena, PR_TRUE);
- if (err) {
- translate_mpi_error(err);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
-** Generate and return a new DSA public and private key pair,
-** both of which are encoded into a single DSAPrivateKey struct.
-** "params" is a pointer to the PQG parameters for the domain
-** Uses a random seed.
-*/
-SECStatus
-DSA_NewKey(const PQGParams *params, DSAPrivateKey **privKey)
-{
- SECStatus rv;
- unsigned char seed[DSA_SUBPRIME_LEN];
- /* Generate seed bytes for x according to FIPS 186-1 appendix 3 */
- if (DSA_GenerateGlobalRandomBytes(seed, DSA_SUBPRIME_LEN,
- params->subPrime.data))
- return SECFailure;
- /* Generate a new DSA key using random seed. */
- rv = dsa_NewKey(params, privKey, seed);
- return rv;
-}
-
-/* For FIPS compliance testing. Seed must be exactly 20 bytes long */
-SECStatus
-DSA_NewKeyFromSeed(const PQGParams *params,
- const unsigned char *seed,
- DSAPrivateKey **privKey)
-{
- SECStatus rv;
- rv = dsa_NewKey(params, privKey, seed);
- return rv;
-}
-
-SECStatus
-dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest,
- const unsigned char *kb)
-{
- mp_int p, q, g; /* PQG parameters */
- mp_int x, k; /* private key & pseudo-random integer */
- mp_int r, s; /* tuple (r, s) is signature) */
- mp_err err;
-
- /* FIPS-compliance dictates that digest is a SHA1 hash. */
- /* Check args. */
- if (!key || !signature || !digest ||
- (signature->len != DSA_SIGNATURE_LEN) ||
- (digest->len != SHA1_LENGTH)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* Initialize MPI integers. */
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&q) = 0;
- MP_DIGITS(&g) = 0;
- MP_DIGITS(&x) = 0;
- MP_DIGITS(&k) = 0;
- MP_DIGITS(&r) = 0;
- MP_DIGITS(&s) = 0;
- CHECKOK( mp_init(&p) );
- CHECKOK( mp_init(&q) );
- CHECKOK( mp_init(&g) );
- CHECKOK( mp_init(&x) );
- CHECKOK( mp_init(&k) );
- CHECKOK( mp_init(&r) );
- CHECKOK( mp_init(&s) );
- /*
- ** Convert stored PQG and private key into MPI integers.
- */
- SECITEM_TO_MPINT(key->params.prime, &p);
- SECITEM_TO_MPINT(key->params.subPrime, &q);
- SECITEM_TO_MPINT(key->params.base, &g);
- SECITEM_TO_MPINT(key->privateValue, &x);
- CHECKOK( mp_read_unsigned_octets(&k, kb, DSA_SUBPRIME_LEN) );
- /*
- ** FIPS 186-1, Section 5, Step 1
- **
- ** r = (g**k mod p) mod q
- */
- CHECKOK( mp_exptmod(&g, &k, &p, &r) ); /* r = g**k mod p */
- CHECKOK( mp_mod(&r, &q, &r) ); /* r = r mod q */
- /*
- ** FIPS 186-1, Section 5, Step 2
- **
- ** s = (k**-1 * (SHA1(M) + x*r)) mod q
- */
- SECITEM_TO_MPINT(*digest, &s); /* s = SHA1(M) */
- CHECKOK( mp_invmod(&k, &q, &k) ); /* k = k**-1 mod q */
- CHECKOK( mp_mulmod(&x, &r, &q, &x) ); /* x = x * r mod q */
- CHECKOK( mp_addmod(&s, &x, &q, &s) ); /* s = s + x mod q */
- CHECKOK( mp_mulmod(&s, &k, &q, &s) ); /* s = s * k mod q */
- /*
- ** verify r != 0 and s != 0
- ** mentioned as optional in FIPS 186-1.
- */
- if (mp_cmp_z(&r) == 0 || mp_cmp_z(&s) == 0) {
- PORT_SetError(SEC_ERROR_NEED_RANDOM);
- err = MP_UNDEF;
- goto cleanup;
- }
- /*
- ** Step 4
- **
- ** Signature is tuple (r, s)
- */
- err = mp_to_fixlen_octets(&r, signature->data, DSA_SUBPRIME_LEN);
- if (err < 0) goto cleanup; else err = MP_OKAY;
- err = mp_to_fixlen_octets(&s, signature->data + DSA_SUBPRIME_LEN,
- DSA_SUBPRIME_LEN);
- if (err < 0) goto cleanup; else err = MP_OKAY;
-cleanup:
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&g);
- mp_clear(&x);
- mp_clear(&k);
- mp_clear(&r);
- mp_clear(&s);
- if (err) {
- translate_mpi_error(err);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* signature is caller-supplied buffer of at least 20 bytes.
-** On input, signature->len == size of buffer to hold signature.
-** digest->len == size of digest.
-** On output, signature->len == size of signature in buffer.
-** Uses a random seed.
-*/
-SECStatus
-DSA_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest)
-{
- SECStatus rv;
- int prerr = 0;
- unsigned char KSEED[DSA_SUBPRIME_LEN];
- rv = DSA_GenerateGlobalRandomBytes(KSEED, DSA_SUBPRIME_LEN,
- key->params.subPrime.data);
- if (rv) return rv;
- do {
- rv = dsa_SignDigest(key, signature, digest, KSEED);
- if (rv) prerr = PORT_GetError();
- } while (prerr == SEC_ERROR_NEED_RANDOM);
- return rv;
-}
-
-/* For FIPS compliance testing. Seed must be exactly 20 bytes. */
-SECStatus
-DSA_SignDigestWithSeed(DSAPrivateKey * key,
- SECItem * signature,
- const SECItem * digest,
- const unsigned char * seed)
-{
- SECStatus rv;
- rv = dsa_SignDigest(key, signature, digest, seed);
- return rv;
-}
-
-/* signature is caller-supplied buffer of at least 20 bytes.
-** On input, signature->len == size of buffer to hold signature.
-** digest->len == size of digest.
-*/
-SECStatus
-DSA_VerifyDigest(DSAPublicKey *key, const SECItem *signature,
- const SECItem *digest)
-{
- /* FIPS-compliance dictates that digest is a SHA1 hash. */
- mp_int p, q, g; /* PQG parameters */
- mp_int r_, s_; /* tuple (r', s') is received signature) */
- mp_int u1, u2, v, w; /* intermediate values used in verification */
- mp_int y; /* public key */
- mp_err err;
- SECStatus verified = SECFailure;
-
- /* Check args. */
- if (!key || !signature || !digest ||
- (signature->len != DSA_SIGNATURE_LEN) ||
- (digest->len != SHA1_LENGTH)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* Initialize MPI integers. */
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&q) = 0;
- MP_DIGITS(&g) = 0;
- MP_DIGITS(&y) = 0;
- MP_DIGITS(&r_) = 0;
- MP_DIGITS(&s_) = 0;
- MP_DIGITS(&u1) = 0;
- MP_DIGITS(&u2) = 0;
- MP_DIGITS(&v) = 0;
- MP_DIGITS(&w) = 0;
- CHECKOK( mp_init(&p) );
- CHECKOK( mp_init(&q) );
- CHECKOK( mp_init(&g) );
- CHECKOK( mp_init(&y) );
- CHECKOK( mp_init(&r_) );
- CHECKOK( mp_init(&s_) );
- CHECKOK( mp_init(&u1) );
- CHECKOK( mp_init(&u2) );
- CHECKOK( mp_init(&v) );
- CHECKOK( mp_init(&w) );
- /*
- ** Convert stored PQG and public key into MPI integers.
- */
- SECITEM_TO_MPINT(key->params.prime, &p);
- SECITEM_TO_MPINT(key->params.subPrime, &q);
- SECITEM_TO_MPINT(key->params.base, &g);
- SECITEM_TO_MPINT(key->publicValue, &y);
- /*
- ** Convert received signature (r', s') into MPI integers.
- */
- CHECKOK( mp_read_unsigned_octets(&r_, signature->data, DSA_SUBPRIME_LEN) );
- CHECKOK( mp_read_unsigned_octets(&s_, signature->data + DSA_SUBPRIME_LEN,
- DSA_SUBPRIME_LEN) );
- /*
- ** Verify that 0 < r' < q and 0 < s' < q
- */
- if (mp_cmp_z(&r_) <= 0 || mp_cmp_z(&s_) <= 0 ||
- mp_cmp(&r_, &q) >= 0 || mp_cmp(&s_, &q) >= 0)
- goto cleanup; /* will return verified == SECFailure */
- /*
- ** FIPS 186-1, Section 6, Step 1
- **
- ** w = (s')**-1 mod q
- */
- CHECKOK( mp_invmod(&s_, &q, &w) ); /* w = (s')**-1 mod q */
- /*
- ** FIPS 186-1, Section 6, Step 2
- **
- ** u1 = ((SHA1(M')) * w) mod q
- */
- SECITEM_TO_MPINT(*digest, &u1); /* u1 = SHA1(M') */
- CHECKOK( mp_mulmod(&u1, &w, &q, &u1) ); /* u1 = u1 * w mod q */
- /*
- ** FIPS 186-1, Section 6, Step 3
- **
- ** u2 = ((r') * w) mod q
- */
- CHECKOK( mp_mulmod(&r_, &w, &q, &u2) );
- /*
- ** FIPS 186-1, Section 6, Step 4
- **
- ** v = ((g**u1 * y**u2) mod p) mod q
- */
- CHECKOK( mp_exptmod(&g, &u1, &p, &g) ); /* g = g**u1 mod p */
- CHECKOK( mp_exptmod(&y, &u2, &p, &y) ); /* y = y**u2 mod p */
- CHECKOK( mp_mulmod(&g, &y, &p, &v) ); /* v = g * y mod p */
- CHECKOK( mp_mod(&v, &q, &v) ); /* v = v mod q */
- /*
- ** Verification: v == r'
- */
- if (mp_cmp(&v, &r_)) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- verified = SECFailure; /* Signature failed to verify. */
- } else {
- verified = SECSuccess; /* Signature verified. */
- }
-cleanup:
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&g);
- mp_clear(&y);
- mp_clear(&r_);
- mp_clear(&s_);
- mp_clear(&u1);
- mp_clear(&u2);
- mp_clear(&v);
- mp_clear(&w);
- if (err) {
- translate_mpi_error(err);
- }
- return verified;
-}
diff --git a/security/nss/lib/freebl/fblstdlib.c b/security/nss/lib/freebl/fblstdlib.c
deleted file mode 100755
index 7aeb8efef..000000000
--- a/security/nss/lib/freebl/fblstdlib.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <plstr.h>
-#include "aglobal.h"
-#include "bsafe.h"
-#include "secport.h"
-
-void CALL_CONV T_memset (p, c, count)
-POINTER p;
-int c;
-unsigned int count;
-{
- if (count >= 0)
- memset(p, c, count);
-}
-
-void CALL_CONV T_memcpy (d, s, count)
-POINTER d, s;
-unsigned int count;
-{
- if (count >= 0)
- memcpy(d, s, count);
-}
-
-void CALL_CONV T_memmove (d, s, count)
-POINTER d, s;
-unsigned int count;
-{
- if (count >= 0)
- PORT_Memmove(d, s, count);
-}
-
-int CALL_CONV T_memcmp (s1, s2, count)
-POINTER s1, s2;
-unsigned int count;
-{
- if (count == 0)
- return (0);
- else
- return(memcmp(s1, s2, count));
-}
-
-POINTER CALL_CONV T_malloc (size)
-unsigned int size;
-{
- return((POINTER)PORT_Alloc(size == 0 ? 1 : size));
-}
-
-POINTER CALL_CONV T_realloc (p, size)
-POINTER p;
-unsigned int size;
-{
- POINTER result;
-
- if (p == NULL_PTR)
- return (T_malloc(size));
-
- if ((result = (POINTER)PORT_Realloc(p, size == 0 ? 1 : size)) == NULL_PTR)
- PORT_Free(p);
- return (result);
-}
-
-void CALL_CONV T_free (p)
-POINTER p;
-{
- if (p != NULL_PTR)
- PORT_Free(p);
-}
-
-unsigned int CALL_CONV T_strlen(p)
-char *p;
-{
- return PL_strlen(p);
-}
-
-void CALL_CONV T_strcpy(dest, src)
-char *dest;
-char *src;
-{
- PL_strcpy(dest, src);
-}
-
-int CALL_CONV T_strcmp (a, b)
-char *a, *b;
-{
- return (PL_strcmp (a, b));
-}
diff --git a/security/nss/lib/freebl/ldvector.c b/security/nss/lib/freebl/ldvector.c
deleted file mode 100644
index ef97116e3..000000000
--- a/security/nss/lib/freebl/ldvector.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * ldvector.c - platform dependent DSO containing freebl implementation.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "loader.h"
-
-static const struct FREEBLVectorStr vector = {
-
- sizeof vector,
- FREEBL_VERSION,
-
- RSA_NewKey,
- RSA_PublicKeyOp,
- RSA_PrivateKeyOp,
- DSA_NewKey,
- DSA_SignDigest,
- DSA_VerifyDigest,
- DSA_NewKeyFromSeed,
- DSA_SignDigestWithSeed,
- DH_GenParam,
- DH_NewKey,
- DH_Derive,
- KEA_Derive,
- KEA_Verify,
- RC4_CreateContext,
- RC4_DestroyContext,
- RC4_Encrypt,
- RC4_Decrypt,
- RC2_CreateContext,
- RC2_DestroyContext,
- RC2_Encrypt,
- RC2_Decrypt,
- RC5_CreateContext,
- RC5_DestroyContext,
- RC5_Encrypt,
- RC5_Decrypt,
- DES_CreateContext,
- DES_DestroyContext,
- DES_Encrypt,
- DES_Decrypt,
- AES_CreateContext,
- AES_DestroyContext,
- AES_Encrypt,
- AES_Decrypt,
- MD5_Hash,
- MD5_HashBuf,
- MD5_NewContext,
- MD5_DestroyContext,
- MD5_Begin,
- MD5_Update,
- MD5_End,
- MD5_FlattenSize,
- MD5_Flatten,
- MD5_Resurrect,
- MD5_TraceState,
- MD2_Hash,
- MD2_NewContext,
- MD2_DestroyContext,
- MD2_Begin,
- MD2_Update,
- MD2_End,
- MD2_FlattenSize,
- MD2_Flatten,
- MD2_Resurrect,
- SHA1_Hash,
- SHA1_HashBuf,
- SHA1_NewContext,
- SHA1_DestroyContext,
- SHA1_Begin,
- SHA1_Update,
- SHA1_End,
- SHA1_TraceState,
- SHA1_FlattenSize,
- SHA1_Flatten,
- SHA1_Resurrect,
- RNG_RNGInit,
- RNG_RandomUpdate,
- RNG_GenerateGlobalRandomBytes,
- RNG_RNGShutdown,
- PQG_ParamGen,
- PQG_ParamGenSeedLen,
- PQG_VerifyParams,
- RSA_PrivateKeyOpDoubleChecked,
- RSA_PrivateKeyCheck,
- BL_Cleanup,
-};
-
-
-const FREEBLVector *
-FREEBL_GetVector(void)
-{
- return &vector;
-}
-
diff --git a/security/nss/lib/freebl/loader.c b/security/nss/lib/freebl/loader.c
deleted file mode 100644
index c1045faef..000000000
--- a/security/nss/lib/freebl/loader.c
+++ /dev/null
@@ -1,959 +0,0 @@
-/*
- * loader.c - load platform dependent DSO containing freebl implementation.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "loader.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "prinit.h"
-
-#if defined(SOLARIS)
-#include <stddef.h>
-#include <strings.h>
-#include <sys/systeminfo.h>
-#if defined(SOLARIS2_5)
-static int
-isHybrid(void)
-{
- long buflen;
- int rv = 0; /* false */
- char buf[256];
- buflen = sysinfo(SI_MACHINE, buf, sizeof buf);
- if (buflen > 0) {
- rv = (!strcmp(buf, "sun4u") || !strcmp(buf, "sun4u1"));
- }
- return rv;
-}
-#else /* SunOS2.6or higher has SI_ISALIST */
-
-static int
-isHybrid(void)
-{
- long buflen;
- int rv = 0; /* false */
- char buf[256];
- buflen = sysinfo(SI_ISALIST, buf, sizeof buf);
- if (buflen > 0) {
-#if defined(NSS_USE_64)
- char * found = strstr(buf, "sparcv9+vis");
-#else
- char * found = strstr(buf, "sparcv8plus+vis");
-#endif
- rv = (found != 0);
- }
- return rv;
-}
-#endif
-#elif defined(HPUX)
-/* This code tests to see if we're running on a PA2.x CPU.
-** It returns true (1) if so, and false (0) otherwise.
-*/
-static int
-isHybrid(void)
-{
- long cpu = sysconf(_SC_CPU_VERSION);
- return (cpu == CPU_PA_RISC2_0);
-}
-
-#else
-#error "code for this platform is missing."
-#endif
-
-/*
- * On Solaris, if an application using libnss3.so is linked
- * with the -R linker option, the -R search patch is only used
- * to search for the direct dependencies of the application
- * (such as libnss3.so) and is not used to search for the
- * dependencies of libnss3.so. So we build libnss3.so with
- * the -R '$ORIGIN' linker option to instruct it to search for
- * its dependencies (libfreebl_*.so) in the same directory
- * where it resides. This requires that libnss3.so, not
- * libnspr4.so, be the shared library that calls dlopen().
- * Therefore we have to duplicate the relevant code in the PR
- * load library functions here.
- */
-
-#if defined(SOLARIS)
-
-#include <dlfcn.h>
-
-typedef struct {
- void *dlh;
-} BLLibrary;
-
-static BLLibrary *
-bl_LoadLibrary(const char *name)
-{
- BLLibrary *lib;
- const char *error;
-
- lib = PR_NEWZAP(BLLibrary);
- if (NULL == lib) {
- PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
- return NULL;
- }
- lib->dlh = dlopen(name, RTLD_NOW | RTLD_LOCAL);
- if (NULL == lib->dlh) {
- PR_SetError(PR_LOAD_LIBRARY_ERROR, 0);
- error = dlerror();
- if (NULL != error)
- PR_SetErrorText(strlen(error), error);
- PR_Free(lib);
- return NULL;
- }
- return lib;
-}
-
-static void *
-bl_FindSymbol(BLLibrary *lib, const char *name)
-{
- void *f;
- const char *error;
-
- f = dlsym(lib->dlh, name);
- if (NULL == f) {
- PR_SetError(PR_FIND_SYMBOL_ERROR, 0);
- error = dlerror();
- if (NULL != error)
- PR_SetErrorText(strlen(error), error);
- }
- return f;
-}
-
-static PRStatus
-bl_UnloadLibrary(BLLibrary *lib)
-{
- const char *error;
-
- if (dlclose(lib->dlh) == -1) {
- PR_SetError(PR_UNLOAD_LIBRARY_ERROR, 0);
- error = dlerror();
- if (NULL != error)
- PR_SetErrorText(strlen(error), error);
- return PR_FAILURE;
- }
- PR_Free(lib);
- return PR_SUCCESS;
-}
-
-#elif defined(HPUX)
-
-#include <dl.h>
-#include <string.h>
-#include <errno.h>
-
-typedef struct {
- shl_t dlh;
-} BLLibrary;
-
-static BLLibrary *
-bl_LoadLibrary(const char *name)
-{
- BLLibrary *lib;
- const char *error;
-
- lib = PR_NEWZAP(BLLibrary);
- if (NULL == lib) {
- PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
- return NULL;
- }
- lib->dlh = shl_load(name, DYNAMIC_PATH | BIND_IMMEDIATE, 0L);
- if (NULL == lib->dlh) {
- PR_SetError(PR_LOAD_LIBRARY_ERROR, errno);
- error = strerror(errno);
- if (NULL != error)
- PR_SetErrorText(strlen(error), error);
- PR_Free(lib);
- return NULL;
- }
- return lib;
-}
-
-static void *
-bl_FindSymbol(BLLibrary *lib, const char *name)
-{
- void *f;
- const char *error;
-
- if (shl_findsym(&lib->dlh, name, TYPE_PROCEDURE, &f) == -1) {
- f = NULL;
- PR_SetError(PR_FIND_SYMBOL_ERROR, errno);
- error = strerror(errno);
- if (NULL != error)
- PR_SetErrorText(strlen(error), error);
- }
- return f;
-}
-
-static PRStatus
-bl_UnloadLibrary(BLLibrary *lib)
-{
- const char *error;
-
- if (shl_unload(lib->dlh) == -1) {
- PR_SetError(PR_UNLOAD_LIBRARY_ERROR, errno);
- error = strerror(errno);
- if (NULL != error)
- PR_SetErrorText(strlen(error), error);
- return PR_FAILURE;
- }
- PR_Free(lib);
- return PR_SUCCESS;
-}
-
-#else
-#error "code for this platform is missing."
-#endif
-
-#define LSB(x) ((x)&0xff)
-#define MSB(x) ((x)>>8)
-
-static const FREEBLVector *vector;
-
-/* This function must be run only once. */
-/* determine if hybrid platform, then actually load the DSO. */
-static PRStatus
-freebl_LoadDSO( void )
-{
- int hybrid = isHybrid();
- BLLibrary * handle;
- const char * name;
-
- name = hybrid ?
-#if defined( AIX )
- "libfreebl_hybrid_3_shr.a" : "libfreebl_pure32_3_shr.a";
-#elif defined( HPUX )
- "libfreebl_hybrid_3.sl" : "libfreebl_pure32_3.sl";
-#else
- "libfreebl_hybrid_3.so" : "libfreebl_pure32_3.so";
-#endif
-
- handle = bl_LoadLibrary(name);
- if (handle) {
- void * address = bl_FindSymbol(handle, "FREEBL_GetVector");
- if (address) {
- FREEBLGetVectorFn * getVector = (FREEBLGetVectorFn *)address;
- const FREEBLVector * dsoVector = getVector();
- if (dsoVector) {
- unsigned short dsoVersion = dsoVector->version;
- unsigned short myVersion = FREEBL_VERSION;
- if (MSB(dsoVersion) == MSB(myVersion) &&
- LSB(dsoVersion) >= LSB(myVersion) &&
- dsoVector->length >= sizeof(FREEBLVector)) {
- vector = dsoVector;
- return PR_SUCCESS;
- }
- }
- }
- bl_UnloadLibrary(handle);
- }
- return PR_FAILURE;
-}
-
-static PRStatus
-freebl_RunLoaderOnce( void )
-{
- PRStatus status;
- static PRCallOnceType once;
-
- status = PR_CallOnce(&once, &freebl_LoadDSO);
- return status;
-}
-
-
-RSAPrivateKey *
-RSA_NewKey(int keySizeInBits, SECItem * publicExponent)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_RSA_NewKey)(keySizeInBits, publicExponent);
-}
-
-SECStatus
-RSA_PublicKeyOp(RSAPublicKey * key,
- unsigned char * output,
- const unsigned char * input)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RSA_PublicKeyOp)(key, output, input);
-}
-
-SECStatus
-RSA_PrivateKeyOp(RSAPrivateKey * key,
- unsigned char * output,
- const unsigned char * input)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RSA_PrivateKeyOp)(key, output, input);
-}
-
-SECStatus
-RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
- unsigned char *output,
- const unsigned char *input)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RSA_PrivateKeyOpDoubleChecked)(key, output, input);
-}
-
-SECStatus
-RSA_PrivateKeyCheck(RSAPrivateKey *key)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RSA_PrivateKeyCheck)(key);
-}
-
-SECStatus
-DSA_NewKey(const PQGParams * params, DSAPrivateKey ** privKey)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DSA_NewKey)(params, privKey);
-}
-
-SECStatus
-DSA_SignDigest(DSAPrivateKey * key, SECItem * signature, const SECItem * digest)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DSA_SignDigest)( key, signature, digest);
-}
-
-SECStatus
-DSA_VerifyDigest(DSAPublicKey * key, const SECItem * signature,
- const SECItem * digest)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DSA_VerifyDigest)( key, signature, digest);
-}
-
-SECStatus
-DSA_NewKeyFromSeed(const PQGParams *params, const unsigned char * seed,
- DSAPrivateKey **privKey)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DSA_NewKeyFromSeed)(params, seed, privKey);
-}
-
-SECStatus
-DSA_SignDigestWithSeed(DSAPrivateKey * key, SECItem * signature,
- const SECItem * digest, const unsigned char * seed)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DSA_SignDigestWithSeed)( key, signature, digest, seed);
-}
-
-SECStatus
-DH_GenParam(int primeLen, DHParams ** params)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DH_GenParam)(primeLen, params);
-}
-
-SECStatus
-DH_NewKey(DHParams * params, DHPrivateKey ** privKey)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DH_NewKey)( params, privKey);
-}
-
-SECStatus
-DH_Derive(SECItem * publicValue, SECItem * prime, SECItem * privateValue,
- SECItem * derivedSecret, unsigned int maxOutBytes)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DH_Derive)( publicValue, prime, privateValue,
- derivedSecret, maxOutBytes);
-}
-
-SECStatus
-KEA_Derive(SECItem *prime, SECItem *public1, SECItem *public2,
- SECItem *private1, SECItem *private2, SECItem *derivedSecret)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_KEA_Derive)(prime, public1, public2,
- private1, private2, derivedSecret);
-}
-
-PRBool
-KEA_Verify(SECItem *Y, SECItem *prime, SECItem *subPrime)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return PR_FALSE;
- return (vector->p_KEA_Verify)(Y, prime, subPrime);
-}
-
-RC4Context *
-RC4_CreateContext(unsigned char *key, int len)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_RC4_CreateContext)(key, len);
-}
-
-void
-RC4_DestroyContext(RC4Context *cx, PRBool freeit)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_RC4_DestroyContext)(cx, freeit);
-}
-
-SECStatus
-RC4_Encrypt(RC4Context *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RC4_Encrypt)(cx, output, outputLen, maxOutputLen, input,
- inputLen);
-}
-
-SECStatus
-RC4_Decrypt(RC4Context *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RC4_Decrypt)(cx, output, outputLen, maxOutputLen, input,
- inputLen);
-}
-
-RC2Context *
-RC2_CreateContext(unsigned char *key, unsigned int len,
- unsigned char *iv, int mode, unsigned effectiveKeyLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_RC2_CreateContext)(key, len, iv, mode, effectiveKeyLen);
-}
-
-void
-RC2_DestroyContext(RC2Context *cx, PRBool freeit)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_RC2_DestroyContext)(cx, freeit);
-}
-
-SECStatus
-RC2_Encrypt(RC2Context *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RC2_Encrypt)(cx, output, outputLen, maxOutputLen, input,
- inputLen);
-}
-
-SECStatus
-RC2_Decrypt(RC2Context *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RC2_Decrypt)(cx, output, outputLen, maxOutputLen, input,
- inputLen);
-}
-
-RC5Context *
-RC5_CreateContext(SECItem *key, unsigned int rounds,
- unsigned int wordSize, unsigned char *iv, int mode)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_RC5_CreateContext)(key, rounds, wordSize, iv, mode);
-}
-
-void
-RC5_DestroyContext(RC5Context *cx, PRBool freeit)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_RC5_DestroyContext)(cx, freeit);
-}
-
-SECStatus
-RC5_Encrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RC5_Encrypt)(cx, output, outputLen, maxOutputLen, input,
- inputLen);
-}
-
-SECStatus
-RC5_Decrypt(RC5Context *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RC5_Decrypt)(cx, output, outputLen, maxOutputLen, input,
- inputLen);
-}
-
-DESContext *
-DES_CreateContext(unsigned char *key, unsigned char *iv,
- int mode, PRBool encrypt)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_DES_CreateContext)(key, iv, mode, encrypt);
-}
-
-void
-DES_DestroyContext(DESContext *cx, PRBool freeit)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_DES_DestroyContext)(cx, freeit);
-}
-
-SECStatus
-DES_Encrypt(DESContext *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DES_Encrypt)(cx, output, outputLen, maxOutputLen, input,
- inputLen);
-}
-
-SECStatus
-DES_Decrypt(DESContext *cx, unsigned char *output, unsigned int *outputLen,
- unsigned int maxOutputLen, const unsigned char *input,
- unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_DES_Decrypt)(cx, output, outputLen, maxOutputLen, input,
- inputLen);
-}
-
-AESContext *
-AES_CreateContext(unsigned char *key, unsigned char *iv, int mode, int encrypt,
- unsigned int keylen, unsigned int blocklen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_AES_CreateContext)(key, iv, mode, encrypt, keylen,
- blocklen);
-}
-
-void
-AES_DestroyContext(AESContext *cx, PRBool freeit)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_AES_DestroyContext)(cx, freeit);
-}
-
-SECStatus
-AES_Encrypt(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_AES_Encrypt)(cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-AES_Decrypt(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_AES_Decrypt)(cx, output, outputLen, maxOutputLen,
- input, inputLen);
-}
-
-SECStatus
-MD5_Hash(unsigned char *dest, const char *src)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_MD5_Hash)(dest, src);
-}
-
-SECStatus
-MD5_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_MD5_HashBuf)(dest, src, src_length);
-}
-
-MD5Context *
-MD5_NewContext(void)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_MD5_NewContext)();
-}
-
-void
-MD5_DestroyContext(MD5Context *cx, PRBool freeit)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_MD5_DestroyContext)(cx, freeit);
-}
-
-void
-MD5_Begin(MD5Context *cx)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_MD5_Begin)(cx);
-}
-
-void
-MD5_Update(MD5Context *cx, const unsigned char *input, unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_MD5_Update)(cx, input, inputLen);
-}
-
-void
-MD5_End(MD5Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_MD5_End)(cx, digest, digestLen, maxDigestLen);
-}
-
-unsigned int
-MD5_FlattenSize(MD5Context *cx)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return 0;
- return (vector->p_MD5_FlattenSize)(cx);
-}
-
-SECStatus
-MD5_Flatten(MD5Context *cx,unsigned char *space)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_MD5_Flatten)(cx, space);
-}
-
-MD5Context *
-MD5_Resurrect(unsigned char *space, void *arg)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_MD5_Resurrect)(space, arg);
-}
-
-void
-MD5_TraceState(MD5Context *cx)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_MD5_TraceState)(cx);
-}
-
-SECStatus
-MD2_Hash(unsigned char *dest, const char *src)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_MD2_Hash)(dest, src);
-}
-
-MD2Context *
-MD2_NewContext(void)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_MD2_NewContext)();
-}
-
-void
-MD2_DestroyContext(MD2Context *cx, PRBool freeit)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_MD2_DestroyContext)(cx, freeit);
-}
-
-void
-MD2_Begin(MD2Context *cx)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_MD2_Begin)(cx);
-}
-
-void
-MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_MD2_Update)(cx, input, inputLen);
-}
-
-void
-MD2_End(MD2Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_MD2_End)(cx, digest, digestLen, maxDigestLen);
-}
-
-unsigned int
-MD2_FlattenSize(MD2Context *cx)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return 0;
- return (vector->p_MD2_FlattenSize)(cx);
-}
-
-SECStatus
-MD2_Flatten(MD2Context *cx,unsigned char *space)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_MD2_Flatten)(cx, space);
-}
-
-MD2Context *
-MD2_Resurrect(unsigned char *space, void *arg)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_MD2_Resurrect)(space, arg);
-}
-
-
-SECStatus
-SHA1_Hash(unsigned char *dest, const char *src)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_SHA1_Hash)(dest, src);
-}
-
-SECStatus
-SHA1_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_SHA1_HashBuf)(dest, src, src_length);
-}
-
-SHA1Context *
-SHA1_NewContext(void)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_SHA1_NewContext)();
-}
-
-void
-SHA1_DestroyContext(SHA1Context *cx, PRBool freeit)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_SHA1_DestroyContext)(cx, freeit);
-}
-
-void
-SHA1_Begin(SHA1Context *cx)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_SHA1_Begin)(cx);
-}
-
-void
-SHA1_Update(SHA1Context *cx, const unsigned char *input,
- unsigned int inputLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_SHA1_Update)(cx, input, inputLen);
-}
-
-void
-SHA1_End(SHA1Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_SHA1_End)(cx, digest, digestLen, maxDigestLen);
-}
-
-void
-SHA1_TraceState(SHA1Context *cx)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_SHA1_TraceState)(cx);
-}
-
-unsigned int
-SHA1_FlattenSize(SHA1Context *cx)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return 0;
- return (vector->p_SHA1_FlattenSize)(cx);
-}
-
-SECStatus
-SHA1_Flatten(SHA1Context *cx,unsigned char *space)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_SHA1_Flatten)(cx, space);
-}
-
-SHA1Context *
-SHA1_Resurrect(unsigned char *space, void *arg)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return NULL;
- return (vector->p_SHA1_Resurrect)(space, arg);
-}
-
-SECStatus
-RNG_RNGInit(void)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RNG_RNGInit)();
-}
-
-SECStatus
-RNG_RandomUpdate(const void *data, size_t bytes)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RNG_RandomUpdate)(data, bytes);
-}
-
-SECStatus
-RNG_GenerateGlobalRandomBytes(void *dest, size_t len)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_RNG_GenerateGlobalRandomBytes)(dest, len);
-}
-
-void
-RNG_RNGShutdown(void)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return ;
- (vector->p_RNG_RNGShutdown)();
-}
-
-SECStatus
-PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_PQG_ParamGen)(j, pParams, pVfy);
-}
-
-SECStatus
-PQG_ParamGenSeedLen( unsigned int j, unsigned int seedBytes,
- PQGParams **pParams, PQGVerify **pVfy)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_PQG_ParamGenSeedLen)(j, seedBytes, pParams, pVfy);
-}
-
-SECStatus
-PQG_VerifyParams(const PQGParams *params, const PQGVerify *vfy,
- SECStatus *result)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return SECFailure;
- return (vector->p_PQG_VerifyParams)(params, vfy, result);
-}
-#if 0
-void
-PQG_DestroyParams(PQGParams *params)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_PQG_DestroyParams)( params);
-}
-
-void
-PQG_DestroyVerify(PQGVerify *vfy)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_PQG_DestroyVerify)( vfy);
-}
-#endif
-
-void
-BL_Cleanup(void)
-{
- if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
- return;
- (vector->p_BL_Cleanup)();
-}
diff --git a/security/nss/lib/freebl/loader.h b/security/nss/lib/freebl/loader.h
deleted file mode 100644
index 33a4d1bdf..000000000
--- a/security/nss/lib/freebl/loader.h
+++ /dev/null
@@ -1,273 +0,0 @@
-/*
- * loader.h - load platform dependent DSO containing freebl implementation.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _LOADER_H_
-#define _LOADER_H_ 1
-
-#include "blapi.h"
-
-#define FREEBL_VERSION 0x0302
-
-struct FREEBLVectorStr {
-
- unsigned short length; /* of this struct in bytes */
- unsigned short version; /* of this struct. */
-
- RSAPrivateKey * (* p_RSA_NewKey)(int keySizeInBits,
- SECItem * publicExponent);
-
- SECStatus (* p_RSA_PublicKeyOp) (RSAPublicKey * key,
- unsigned char * output,
- const unsigned char * input);
-
- SECStatus (* p_RSA_PrivateKeyOp)(RSAPrivateKey * key,
- unsigned char * output,
- const unsigned char * input);
-
- SECStatus (* p_DSA_NewKey)(const PQGParams * params,
- DSAPrivateKey ** privKey);
-
- SECStatus (* p_DSA_SignDigest)(DSAPrivateKey * key,
- SECItem * signature,
- const SECItem * digest);
-
- SECStatus (* p_DSA_VerifyDigest)(DSAPublicKey * key,
- const SECItem * signature,
- const SECItem * digest);
-
- SECStatus (* p_DSA_NewKeyFromSeed)(const PQGParams *params,
- const unsigned char * seed,
- DSAPrivateKey **privKey);
-
- SECStatus (* p_DSA_SignDigestWithSeed)(DSAPrivateKey * key,
- SECItem * signature,
- const SECItem * digest,
- const unsigned char * seed);
-
- SECStatus (* p_DH_GenParam)(int primeLen, DHParams ** params);
-
- SECStatus (* p_DH_NewKey)(DHParams * params,
- DHPrivateKey ** privKey);
-
- SECStatus (* p_DH_Derive)(SECItem * publicValue,
- SECItem * prime,
- SECItem * privateValue,
- SECItem * derivedSecret,
- unsigned int maxOutBytes);
-
- SECStatus (* p_KEA_Derive)(SECItem *prime,
- SECItem *public1,
- SECItem *public2,
- SECItem *private1,
- SECItem *private2,
- SECItem *derivedSecret);
-
- PRBool (* p_KEA_Verify)(SECItem *Y, SECItem *prime, SECItem *subPrime);
-
- RC4Context * (* p_RC4_CreateContext)(unsigned char *key, int len);
-
- void (* p_RC4_DestroyContext)(RC4Context *cx, PRBool freeit);
-
- SECStatus (* p_RC4_Encrypt)(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_RC4_Decrypt)(RC4Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- RC2Context * (* p_RC2_CreateContext)(unsigned char *key, unsigned int len,
- unsigned char *iv, int mode, unsigned effectiveKeyLen);
-
- void (* p_RC2_DestroyContext)(RC2Context *cx, PRBool freeit);
-
- SECStatus (* p_RC2_Encrypt)(RC2Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_RC2_Decrypt)(RC2Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- RC5Context *(* p_RC5_CreateContext)(SECItem *key, unsigned int rounds,
- unsigned int wordSize, unsigned char *iv, int mode);
-
- void (* p_RC5_DestroyContext)(RC5Context *cx, PRBool freeit);
-
- SECStatus (* p_RC5_Encrypt)(RC5Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_RC5_Decrypt)(RC5Context *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- DESContext *(* p_DES_CreateContext)(unsigned char *key, unsigned char *iv,
- int mode, PRBool encrypt);
-
- void (* p_DES_DestroyContext)(DESContext *cx, PRBool freeit);
-
- SECStatus (* p_DES_Encrypt)(DESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_DES_Decrypt)(DESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- AESContext * (* p_AES_CreateContext)(unsigned char *key, unsigned char *iv,
- int mode, int encrypt, unsigned int keylen,
- unsigned int blocklen);
-
- void (* p_AES_DestroyContext)(AESContext *cx, PRBool freeit);
-
- SECStatus (* p_AES_Encrypt)(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_AES_Decrypt)(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen);
-
- SECStatus (* p_MD5_Hash)(unsigned char *dest, const char *src);
-
- SECStatus (* p_MD5_HashBuf)(unsigned char *dest, const unsigned char *src,
- uint32 src_length);
-
- MD5Context *(* p_MD5_NewContext)(void);
-
- void (* p_MD5_DestroyContext)(MD5Context *cx, PRBool freeit);
-
- void (* p_MD5_Begin)(MD5Context *cx);
-
- void (* p_MD5_Update)(MD5Context *cx,
- const unsigned char *input, unsigned int inputLen);
-
- void (* p_MD5_End)(MD5Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen);
-
- unsigned int (* p_MD5_FlattenSize)(MD5Context *cx);
-
- SECStatus (* p_MD5_Flatten)(MD5Context *cx,unsigned char *space);
-
- MD5Context * (* p_MD5_Resurrect)(unsigned char *space, void *arg);
-
- void (* p_MD5_TraceState)(MD5Context *cx);
-
- SECStatus (* p_MD2_Hash)(unsigned char *dest, const char *src);
-
- MD2Context *(* p_MD2_NewContext)(void);
-
- void (* p_MD2_DestroyContext)(MD2Context *cx, PRBool freeit);
-
- void (* p_MD2_Begin)(MD2Context *cx);
-
- void (* p_MD2_Update)(MD2Context *cx,
- const unsigned char *input, unsigned int inputLen);
-
- void (* p_MD2_End)(MD2Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen);
-
- unsigned int (* p_MD2_FlattenSize)(MD2Context *cx);
-
- SECStatus (* p_MD2_Flatten)(MD2Context *cx,unsigned char *space);
-
- MD2Context * (* p_MD2_Resurrect)(unsigned char *space, void *arg);
-
- SECStatus (* p_SHA1_Hash)(unsigned char *dest, const char *src);
-
- SECStatus (* p_SHA1_HashBuf)(unsigned char *dest, const unsigned char *src,
- uint32 src_length);
-
- SHA1Context *(* p_SHA1_NewContext)(void);
-
- void (* p_SHA1_DestroyContext)(SHA1Context *cx, PRBool freeit);
-
- void (* p_SHA1_Begin)(SHA1Context *cx);
-
- void (* p_SHA1_Update)(SHA1Context *cx, const unsigned char *input,
- unsigned int inputLen);
-
- void (* p_SHA1_End)(SHA1Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen);
-
- void (* p_SHA1_TraceState)(SHA1Context *cx);
-
- unsigned int (* p_SHA1_FlattenSize)(SHA1Context *cx);
-
- SECStatus (* p_SHA1_Flatten)(SHA1Context *cx,unsigned char *space);
-
- SHA1Context * (* p_SHA1_Resurrect)(unsigned char *space, void *arg);
-
- SECStatus (* p_RNG_RNGInit)(void);
-
- SECStatus (* p_RNG_RandomUpdate)(const void *data, size_t bytes);
-
- SECStatus (* p_RNG_GenerateGlobalRandomBytes)(void *dest, size_t len);
-
- void (* p_RNG_RNGShutdown)(void);
-
- SECStatus (* p_PQG_ParamGen)(unsigned int j, PQGParams **pParams,
- PQGVerify **pVfy);
-
- SECStatus (* p_PQG_ParamGenSeedLen)( unsigned int j, unsigned int seedBytes,
- PQGParams **pParams, PQGVerify **pVfy);
-
- SECStatus (* p_PQG_VerifyParams)(const PQGParams *params,
- const PQGVerify *vfy, SECStatus *result);
-
- SECStatus (* p_RSA_PrivateKeyOpDoubleChecked)(RSAPrivateKey *key,
- unsigned char *output,
- const unsigned char *input);
-
- SECStatus (* p_RSA_PrivateKeyCheck)(RSAPrivateKey *key);
-
- void (* p_BL_Cleanup)(void);
-
-};
-
-typedef struct FREEBLVectorStr FREEBLVector;
-
-SEC_BEGIN_PROTOS
-
-typedef const FREEBLVector * FREEBLGetVectorFn(void);
-
-extern FREEBLGetVectorFn FREEBL_GetVector;
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/freebl/mac_rand.c b/security/nss/lib/freebl/mac_rand.c
deleted file mode 100644
index 8578dfa08..000000000
--- a/security/nss/lib/freebl/mac_rand.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef notdef
-#include "xp_core.h"
-#include "xp_file.h"
-#endif
-#include "secrng.h"
-#include "mcom_db.h"
-#ifdef XP_MAC
-#include <Events.h>
-#include <OSUtils.h>
-#include <QDOffscreen.h>
-#include <PPCToolbox.h>
-#include <Processes.h>
-#include <LowMem.h>
-#include <Scrap.h>
-
-/* Static prototypes */
-static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen);
-void FE_ReadScreen();
-
-static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen)
-{
- union endianness {
- int32 i;
- char c[4];
- } u;
-
- if (srclen <= dstlen) {
- memcpy(dst, src, srclen);
- return srclen;
- }
- u.i = 0x01020304;
- if (u.c[0] == 0x01) {
- /* big-endian case */
- memcpy(dst, (char*)src + (srclen - dstlen), dstlen);
- } else {
- /* little-endian case */
- memcpy(dst, src, dstlen);
- }
- return dstlen;
-}
-
-size_t RNG_GetNoise(void *buf, size_t maxbytes)
-{
- UnsignedWide microTickCount;
- Microseconds(&microTickCount);
- return CopyLowBits(buf, maxbytes, &microTickCount, sizeof(microTickCount));
-}
-
-void RNG_FileForRNG(const char *filename)
-{
- unsigned char buffer[BUFSIZ];
- size_t bytes;
-#ifdef notdef /*sigh*/
- XP_File file;
- unsigned long totalFileBytes = 0;
-
- if (filename == NULL) /* For now, read in global history if filename is null */
- file = XP_FileOpen(NULL, xpGlobalHistory,XP_FILE_READ_BIN);
- else
- file = XP_FileOpen(NULL, xpURL,XP_FILE_READ_BIN);
- if (file != NULL) {
- for (;;) {
- bytes = XP_FileRead(buffer, sizeof(buffer), file);
- if (bytes == 0) break;
- RNG_RandomUpdate( buffer, bytes);
- totalFileBytes += bytes;
- if (totalFileBytes > 100*1024) break; /* No more than 100 K */
- }
- XP_FileClose(file);
- }
-#endif
- /*
- * Pass yet another snapshot of our highest resolution clock into
- * the hash function.
- */
- bytes = RNG_GetNoise(buffer, sizeof(buffer));
- RNG_RandomUpdate(buffer, sizeof(buffer));
-}
-
-void RNG_SystemInfoForRNG()
-{
-/* Time */
- {
- unsigned long sec;
- size_t bytes;
- GetDateTime(&sec); /* Current time since 1970 */
- RNG_RandomUpdate( &sec, sizeof(sec));
- bytes = RNG_GetNoise(&sec, sizeof(sec));
- RNG_RandomUpdate(&sec, bytes);
- }
-/* User specific variables */
- {
- MachineLocation loc;
- ReadLocation(&loc);
- RNG_RandomUpdate( &loc, sizeof(loc));
- }
-#if !TARGET_CARBON
-/* User name */
- {
- unsigned long userRef;
- Str32 userName;
- GetDefaultUser(&userRef, userName);
- RNG_RandomUpdate( &userRef, sizeof(userRef));
- RNG_RandomUpdate( userName, sizeof(userName));
- }
-#endif
-/* Mouse location */
- {
- Point mouseLoc;
- GetMouse(&mouseLoc);
- RNG_RandomUpdate( &mouseLoc, sizeof(mouseLoc));
- }
-/* Keyboard time threshold */
- {
- SInt16 keyTresh = LMGetKeyThresh();
- RNG_RandomUpdate( &keyTresh, sizeof(keyTresh));
- }
-/* Last key pressed */
- {
- SInt8 keyLast;
- keyLast = LMGetKbdLast();
- RNG_RandomUpdate( &keyLast, sizeof(keyLast));
- }
-/* Volume */
- {
- UInt8 volume = LMGetSdVolume();
- RNG_RandomUpdate( &volume, sizeof(volume));
- }
-#if !TARGET_CARBON
-/* Current directory */
- {
- SInt32 dir = LMGetCurDirStore();
- RNG_RandomUpdate( &dir, sizeof(dir));
- }
-#endif
-/* Process information about all the processes in the machine */
- {
- ProcessSerialNumber process;
- ProcessInfoRec pi;
-
- process.highLongOfPSN = process.lowLongOfPSN = kNoProcess;
-
- while (GetNextProcess(&process) == noErr)
- {
- FSSpec fileSpec;
- pi.processInfoLength = sizeof(ProcessInfoRec);
- pi.processName = NULL;
- pi.processAppSpec = &fileSpec;
- GetProcessInformation(&process, &pi);
- RNG_RandomUpdate( &pi, sizeof(pi));
- RNG_RandomUpdate( &fileSpec, sizeof(fileSpec));
- }
- }
-
-#if !TARGET_CARBON
-/* Heap */
- {
- THz zone = LMGetTheZone();
- RNG_RandomUpdate( &zone, sizeof(zone));
- }
-#endif
-
-/* Screen */
- {
- GDHandle h = GetMainDevice(); /* GDHandle is **GDevice */
- RNG_RandomUpdate( *h, sizeof(GDevice));
- }
-
-#if !TARGET_CARBON
-/* Scrap size */
- {
- SInt32 scrapSize = LMGetScrapSize();
- RNG_RandomUpdate( &scrapSize, sizeof(scrapSize));
- }
-/* Scrap count */
- {
- SInt16 scrapCount = LMGetScrapCount();
- RNG_RandomUpdate( &scrapCount, sizeof(scrapCount));
- }
-#else
- {
- ScrapRef scrap;
- if (GetCurrentScrap(&scrap) == noErr) {
- UInt32 flavorCount;
- if (GetScrapFlavorCount(scrap, &flavorCount) == noErr) {
- ScrapFlavorInfo* flavorInfo = (ScrapFlavorInfo*) malloc(flavorCount * sizeof(ScrapFlavorInfo));
- if (flavorInfo != NULL) {
- if (GetScrapFlavorInfoList(scrap, &flavorCount, flavorInfo) == noErr) {
- UInt32 i;
- RNG_RandomUpdate(&flavorCount, sizeof(flavorCount));
- for (i = 0; i < flavorCount; ++i) {
- Size flavorSize;
- if (GetScrapFlavorSize(scrap, flavorInfo[i].flavorType, &flavorSize) == noErr)
- RNG_RandomUpdate(&flavorSize, sizeof(flavorSize));
- }
- }
- free(flavorInfo);
- }
- }
- }
- }
-#endif
-/* File stuff, last modified, etc. */
- {
- HParamBlockRec pb;
- GetVolParmsInfoBuffer volInfo;
- pb.ioParam.ioVRefNum = 0;
- pb.ioParam.ioNamePtr = nil;
- pb.ioParam.ioBuffer = (Ptr) &volInfo;
- pb.ioParam.ioReqCount = sizeof(volInfo);
- PBHGetVolParmsSync(&pb);
- RNG_RandomUpdate( &volInfo, sizeof(volInfo));
- }
-#if !TARGET_CARBON
-/* Event queue */
- {
- EvQElPtr eventQ;
- for (eventQ = (EvQElPtr) LMGetEventQueue()->qHead;
- eventQ;
- eventQ = (EvQElPtr)eventQ->qLink)
- RNG_RandomUpdate( &eventQ->evtQWhat, sizeof(EventRecord));
- }
-#endif
- FE_ReadScreen();
- RNG_FileForRNG(NULL);
-}
-
-void FE_ReadScreen()
-{
- UInt16 coords[4];
- PixMapHandle pmap;
- GDHandle gh;
- UInt16 screenHeight;
- UInt16 screenWidth; /* just what they say */
- UInt32 bytesToRead; /* number of bytes we're giving */
- UInt32 offset; /* offset into the graphics buffer */
- UInt16 rowBytes;
- UInt32 rowsToRead;
- float bytesPerPixel; /* dependent on buffer depth */
- Ptr p; /* temporary */
- UInt16 x, y, w, h;
-
- gh = LMGetMainDevice();
- if ( !gh )
- return;
- pmap = (**gh).gdPMap;
- if ( !pmap )
- return;
-
- RNG_GenerateGlobalRandomBytes( coords, sizeof( coords ) );
-
- /* make x and y inside the screen rect */
- screenHeight = (**pmap).bounds.bottom - (**pmap).bounds.top;
- screenWidth = (**pmap).bounds.right - (**pmap).bounds.left;
- x = coords[0] % screenWidth;
- y = coords[1] % screenHeight;
- w = ( coords[2] & 0x7F ) | 0x40; /* Make sure that w is in the range 64..128 */
- h = ( coords[3] & 0x7F ) | 0x40; /* same for h */
-
- bytesPerPixel = (**pmap).pixelSize / 8;
- rowBytes = (**pmap).rowBytes & 0x7FFF;
-
- /* starting address */
- offset = ( rowBytes * y ) + (UInt32)( (float)x * bytesPerPixel );
-
- /* don't read past the end of the pixmap's rowbytes */
- bytesToRead = MIN( (UInt32)( w * bytesPerPixel ),
- (UInt32)( rowBytes - ( x * bytesPerPixel ) ) );
-
- /* don't read past the end of the graphics device pixmap */
- rowsToRead = MIN( h,
- ( screenHeight - y ) );
-
- p = GetPixBaseAddr( pmap ) + offset;
-
- while ( rowsToRead-- )
- {
- RNG_RandomUpdate( p, bytesToRead );
- p += rowBytes;
- }
-}
-#endif
diff --git a/security/nss/lib/freebl/manifest.mn b/security/nss/lib/freebl/manifest.mn
deleted file mode 100644
index 0a102e6ed..000000000
--- a/security/nss/lib/freebl/manifest.mn
+++ /dev/null
@@ -1,128 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-ifndef FREEBL_RECURSIVE_BUILD
- LIBRARY_NAME = freebl
-else
- ifdef USE_PURE_32
- CORE_DEPTH = ../../../..
- LIBRARY_NAME = freebl_pure32
- else
- LIBRARY_NAME = freebl_hybrid
- endif
-endif
-
-# same version as rest of freebl
-LIBRARY_VERSION = _3
-
-REQUIRES =
-
-EXPORTS = \
- blapi.h \
- blapit.h \
- secrng.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- secmpi.h \
- $(NULL)
-
-MPI_HDRS = mpi-config.h mpi.h mpi-priv.h mplogic.h mpprime.h logtab.h
-MPI_SRCS = mpprime.c mpmontg.c mplogic.c mpi.c
-
-ifdef MOZILLA_BSAFE_BUILD
-CSRCS = \
- fblstdlib.c \
- sha_fast.c \
- md2.c \
- md5.c \
- blapi_bsf.c \
- $(MPI_SRCS) \
- dh.c \
- $(NULL)
-else
-CSRCS = \
- ldvector.c \
- prng_fips1861.c \
- sysrand.c \
- sha_fast.c \
- md2.c \
- md5.c \
- alg2268.c \
- arcfour.c \
- arcfive.c \
- desblapi.c \
- des.c \
- rijndael.c \
- dh.c \
- pqg.c \
- dsa.c \
- rsa.c \
- $(MPI_SRCS) \
- $(NULL)
-endif
-
-ALL_CSRCS := $(CSRCS)
-
-ALL_HDRS = \
- blapi.h \
- blapit.h \
- des.h \
- loader.h \
- rijndael.h \
- secmpi.h \
- sha.h \
- sha_fast.h \
- vis_proto.h \
- $(NULL)
-
-ifdef AES_GEN_TBL
-DEFINES += -DRIJNDAEL_GENERATE_TABLES
-else
-ifdef AES_GEN_TBL_M
-DEFINES += -DRIJNDAEL_GENERATE_TABLES_MACRO
-else
-ifdef AES_GEN_VAL
-DEFINES += -DRIJNDAEL_GENERATE_VALUES
-else
-ifdef AES_GEN_VAL_M
-DEFINES += -DRIJNDAEL_GENERATE_VALUES_MACRO
-else
-DEFINES += -DRIJNDAEL_INCLUDE_TABLES
-endif
-endif
-endif
-endif
diff --git a/security/nss/lib/freebl/mapfile.Solaris b/security/nss/lib/freebl/mapfile.Solaris
deleted file mode 100644
index 8a39ceceb..000000000
--- a/security/nss/lib/freebl/mapfile.Solaris
+++ /dev/null
@@ -1,39 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-libfreebl_3.so {
- global:
- FREEBL_GetVector;
- local:
- *;
-};
diff --git a/security/nss/lib/freebl/md2.c b/security/nss/lib/freebl/md2.c
deleted file mode 100644
index 3f7427c14..000000000
--- a/security/nss/lib/freebl/md2.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-
-#include "blapi.h"
-
-#define MD2_DIGEST_LEN 16
-#define MD2_BUFSIZE 16
-#define MD2_X_SIZE 48 /* The X array, [CV | INPUT | TMP VARS] */
-#define MD2_CV 0 /* index into X for chaining variables */
-#define MD2_INPUT 16 /* index into X for input */
-#define MD2_TMPVARS 32 /* index into X for temporary variables */
-#define MD2_CHECKSUM_SIZE 16
-
-struct MD2ContextStr {
- unsigned char checksum[MD2_BUFSIZE];
- unsigned char X[MD2_X_SIZE];
- PRUint8 unusedBuffer;
-};
-
-static const PRUint8 MD2S[256] = {
- 0051, 0056, 0103, 0311, 0242, 0330, 0174, 0001,
- 0075, 0066, 0124, 0241, 0354, 0360, 0006, 0023,
- 0142, 0247, 0005, 0363, 0300, 0307, 0163, 0214,
- 0230, 0223, 0053, 0331, 0274, 0114, 0202, 0312,
- 0036, 0233, 0127, 0074, 0375, 0324, 0340, 0026,
- 0147, 0102, 0157, 0030, 0212, 0027, 0345, 0022,
- 0276, 0116, 0304, 0326, 0332, 0236, 0336, 0111,
- 0240, 0373, 0365, 0216, 0273, 0057, 0356, 0172,
- 0251, 0150, 0171, 0221, 0025, 0262, 0007, 0077,
- 0224, 0302, 0020, 0211, 0013, 0042, 0137, 0041,
- 0200, 0177, 0135, 0232, 0132, 0220, 0062, 0047,
- 0065, 0076, 0314, 0347, 0277, 0367, 0227, 0003,
- 0377, 0031, 0060, 0263, 0110, 0245, 0265, 0321,
- 0327, 0136, 0222, 0052, 0254, 0126, 0252, 0306,
- 0117, 0270, 0070, 0322, 0226, 0244, 0175, 0266,
- 0166, 0374, 0153, 0342, 0234, 0164, 0004, 0361,
- 0105, 0235, 0160, 0131, 0144, 0161, 0207, 0040,
- 0206, 0133, 0317, 0145, 0346, 0055, 0250, 0002,
- 0033, 0140, 0045, 0255, 0256, 0260, 0271, 0366,
- 0034, 0106, 0141, 0151, 0064, 0100, 0176, 0017,
- 0125, 0107, 0243, 0043, 0335, 0121, 0257, 0072,
- 0303, 0134, 0371, 0316, 0272, 0305, 0352, 0046,
- 0054, 0123, 0015, 0156, 0205, 0050, 0204, 0011,
- 0323, 0337, 0315, 0364, 0101, 0201, 0115, 0122,
- 0152, 0334, 0067, 0310, 0154, 0301, 0253, 0372,
- 0044, 0341, 0173, 0010, 0014, 0275, 0261, 0112,
- 0170, 0210, 0225, 0213, 0343, 0143, 0350, 0155,
- 0351, 0313, 0325, 0376, 0073, 0000, 0035, 0071,
- 0362, 0357, 0267, 0016, 0146, 0130, 0320, 0344,
- 0246, 0167, 0162, 0370, 0353, 0165, 0113, 0012,
- 0061, 0104, 0120, 0264, 0217, 0355, 0037, 0032,
- 0333, 0231, 0215, 0063, 0237, 0021, 0203, 0024
-};
-
-SECStatus
-MD2_Hash(unsigned char *dest, const char *src)
-{
- unsigned int len;
- MD2Context *cx = MD2_NewContext();
- if (!cx) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
- }
- MD2_Begin(cx);
- MD2_Update(cx, (unsigned char *)src, PL_strlen(src));
- MD2_End(cx, dest, &len, MD2_DIGEST_LEN);
- MD2_DestroyContext(cx, PR_TRUE);
- return SECSuccess;
-}
-
-MD2Context *
-MD2_NewContext(void)
-{
- MD2Context *cx = (MD2Context *)PORT_ZAlloc(sizeof(MD2Context));
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return NULL;
- }
- return cx;
-}
-
-void
-MD2_DestroyContext(MD2Context *cx, PRBool freeit)
-{
- if (freeit)
- PORT_ZFree(cx, sizeof(*cx));
-}
-
-void
-MD2_Begin(MD2Context *cx)
-{
- memset(cx, 0, sizeof(*cx));
- cx->unusedBuffer = MD2_BUFSIZE;
-}
-
-static void
-md2_compress(MD2Context *cx)
-{
- int j;
- unsigned char P;
- P = cx->checksum[MD2_CHECKSUM_SIZE-1];
- /* Compute the running checksum, and set the tmp variables to be
- * CV[i] XOR input[i]
- */
-#define CKSUMFN(n) \
- P = cx->checksum[n] ^ MD2S[cx->X[MD2_INPUT+n] ^ P]; \
- cx->checksum[n] = P; \
- cx->X[MD2_TMPVARS+n] = cx->X[n] ^ cx->X[MD2_INPUT+n];
- CKSUMFN(0);
- CKSUMFN(1);
- CKSUMFN(2);
- CKSUMFN(3);
- CKSUMFN(4);
- CKSUMFN(5);
- CKSUMFN(6);
- CKSUMFN(7);
- CKSUMFN(8);
- CKSUMFN(9);
- CKSUMFN(10);
- CKSUMFN(11);
- CKSUMFN(12);
- CKSUMFN(13);
- CKSUMFN(14);
- CKSUMFN(15);
- /* The compression function. */
-#define COMPRESS(n) \
- P = cx->X[n] ^ MD2S[P]; \
- cx->X[n] = P;
- P = 0x00;
- for (j=0; j<18; j++) {
- COMPRESS(0);
- COMPRESS(1);
- COMPRESS(2);
- COMPRESS(3);
- COMPRESS(4);
- COMPRESS(5);
- COMPRESS(6);
- COMPRESS(7);
- COMPRESS(8);
- COMPRESS(9);
- COMPRESS(10);
- COMPRESS(11);
- COMPRESS(12);
- COMPRESS(13);
- COMPRESS(14);
- COMPRESS(15);
- COMPRESS(16);
- COMPRESS(17);
- COMPRESS(18);
- COMPRESS(19);
- COMPRESS(20);
- COMPRESS(21);
- COMPRESS(22);
- COMPRESS(23);
- COMPRESS(24);
- COMPRESS(25);
- COMPRESS(26);
- COMPRESS(27);
- COMPRESS(28);
- COMPRESS(29);
- COMPRESS(30);
- COMPRESS(31);
- COMPRESS(32);
- COMPRESS(33);
- COMPRESS(34);
- COMPRESS(35);
- COMPRESS(36);
- COMPRESS(37);
- COMPRESS(38);
- COMPRESS(39);
- COMPRESS(40);
- COMPRESS(41);
- COMPRESS(42);
- COMPRESS(43);
- COMPRESS(44);
- COMPRESS(45);
- COMPRESS(46);
- COMPRESS(47);
- P = (P + j) % 256;
- }
- cx->unusedBuffer = MD2_BUFSIZE;
-}
-
-void
-MD2_Update(MD2Context *cx, const unsigned char *input, unsigned int inputLen)
-{
- PRUint32 bytesToConsume;
-
- /* Fill the remaining input buffer. */
- if (cx->unusedBuffer != MD2_BUFSIZE) {
- bytesToConsume = PR_MIN(inputLen, cx->unusedBuffer);
- memcpy(&cx->X[MD2_INPUT + (MD2_BUFSIZE - cx->unusedBuffer)],
- input, bytesToConsume);
- if (cx->unusedBuffer + bytesToConsume >= MD2_BUFSIZE)
- md2_compress(cx);
- inputLen -= bytesToConsume;
- input += bytesToConsume;
- }
-
- /* Iterate over 16-byte chunks of the input. */
- while (inputLen >= MD2_BUFSIZE) {
- memcpy(&cx->X[MD2_INPUT], input, MD2_BUFSIZE);
- md2_compress(cx);
- inputLen -= MD2_BUFSIZE;
- input += MD2_BUFSIZE;
- }
-
- /* Copy any input that remains into the buffer. */
- if (inputLen)
- memcpy(&cx->X[MD2_INPUT], input, inputLen);
- cx->unusedBuffer = MD2_BUFSIZE - inputLen;
-}
-
-void
-MD2_End(MD2Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
- PRUint8 padStart;
- if (maxDigestLen < MD2_BUFSIZE) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
- padStart = MD2_BUFSIZE - cx->unusedBuffer;
- memset(&cx->X[MD2_INPUT + padStart], cx->unusedBuffer,
- cx->unusedBuffer);
- md2_compress(cx);
- memcpy(&cx->X[MD2_INPUT], cx->checksum, MD2_BUFSIZE);
- md2_compress(cx);
- *digestLen = MD2_DIGEST_LEN;
- memcpy(digest, &cx->X[MD2_CV], MD2_DIGEST_LEN);
-}
-
-unsigned int
-MD2_FlattenSize(MD2Context *cx)
-{
- return sizeof(*cx);
-}
-
-SECStatus
-MD2_Flatten(MD2Context *cx, unsigned char *space)
-{
- memcpy(space, cx, sizeof(*cx));
- return SECSuccess;
-}
-
-MD2Context *
-MD2_Resurrect(unsigned char *space, void *arg)
-{
- MD2Context *cx = MD2_NewContext();
- if (cx)
- memcpy(cx, space, sizeof(*cx));
- return cx;
-}
diff --git a/security/nss/lib/freebl/md5.c b/security/nss/lib/freebl/md5.c
deleted file mode 100644
index c1e55902c..000000000
--- a/security/nss/lib/freebl/md5.c
+++ /dev/null
@@ -1,531 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "prlong.h"
-
-#include "blapi.h"
-
-#define MD5_HASH_LEN 16
-#define MD5_BUFFER_SIZE 64
-#define MD5_END_BUFFER (MD5_BUFFER_SIZE - 8)
-
-#define CV0_1 0x67452301
-#define CV0_2 0xefcdab89
-#define CV0_3 0x98badcfe
-#define CV0_4 0x10325476
-
-#define T1_0 0xd76aa478
-#define T1_1 0xe8c7b756
-#define T1_2 0x242070db
-#define T1_3 0xc1bdceee
-#define T1_4 0xf57c0faf
-#define T1_5 0x4787c62a
-#define T1_6 0xa8304613
-#define T1_7 0xfd469501
-#define T1_8 0x698098d8
-#define T1_9 0x8b44f7af
-#define T1_10 0xffff5bb1
-#define T1_11 0x895cd7be
-#define T1_12 0x6b901122
-#define T1_13 0xfd987193
-#define T1_14 0xa679438e
-#define T1_15 0x49b40821
-
-#define T2_0 0xf61e2562
-#define T2_1 0xc040b340
-#define T2_2 0x265e5a51
-#define T2_3 0xe9b6c7aa
-#define T2_4 0xd62f105d
-#define T2_5 0x02441453
-#define T2_6 0xd8a1e681
-#define T2_7 0xe7d3fbc8
-#define T2_8 0x21e1cde6
-#define T2_9 0xc33707d6
-#define T2_10 0xf4d50d87
-#define T2_11 0x455a14ed
-#define T2_12 0xa9e3e905
-#define T2_13 0xfcefa3f8
-#define T2_14 0x676f02d9
-#define T2_15 0x8d2a4c8a
-
-#define T3_0 0xfffa3942
-#define T3_1 0x8771f681
-#define T3_2 0x6d9d6122
-#define T3_3 0xfde5380c
-#define T3_4 0xa4beea44
-#define T3_5 0x4bdecfa9
-#define T3_6 0xf6bb4b60
-#define T3_7 0xbebfbc70
-#define T3_8 0x289b7ec6
-#define T3_9 0xeaa127fa
-#define T3_10 0xd4ef3085
-#define T3_11 0x04881d05
-#define T3_12 0xd9d4d039
-#define T3_13 0xe6db99e5
-#define T3_14 0x1fa27cf8
-#define T3_15 0xc4ac5665
-
-#define T4_0 0xf4292244
-#define T4_1 0x432aff97
-#define T4_2 0xab9423a7
-#define T4_3 0xfc93a039
-#define T4_4 0x655b59c3
-#define T4_5 0x8f0ccc92
-#define T4_6 0xffeff47d
-#define T4_7 0x85845dd1
-#define T4_8 0x6fa87e4f
-#define T4_9 0xfe2ce6e0
-#define T4_10 0xa3014314
-#define T4_11 0x4e0811a1
-#define T4_12 0xf7537e82
-#define T4_13 0xbd3af235
-#define T4_14 0x2ad7d2bb
-#define T4_15 0xeb86d391
-
-#define R1B0 0
-#define R1B1 1
-#define R1B2 2
-#define R1B3 3
-#define R1B4 4
-#define R1B5 5
-#define R1B6 6
-#define R1B7 7
-#define R1B8 8
-#define R1B9 9
-#define R1B10 10
-#define R1B11 11
-#define R1B12 12
-#define R1B13 13
-#define R1B14 14
-#define R1B15 15
-
-#define R2B0 1
-#define R2B1 6
-#define R2B2 11
-#define R2B3 0
-#define R2B4 5
-#define R2B5 10
-#define R2B6 15
-#define R2B7 4
-#define R2B8 9
-#define R2B9 14
-#define R2B10 3
-#define R2B11 8
-#define R2B12 13
-#define R2B13 2
-#define R2B14 7
-#define R2B15 12
-
-#define R3B0 5
-#define R3B1 8
-#define R3B2 11
-#define R3B3 14
-#define R3B4 1
-#define R3B5 4
-#define R3B6 7
-#define R3B7 10
-#define R3B8 13
-#define R3B9 0
-#define R3B10 3
-#define R3B11 6
-#define R3B12 9
-#define R3B13 12
-#define R3B14 15
-#define R3B15 2
-
-#define R4B0 0
-#define R4B1 7
-#define R4B2 14
-#define R4B3 5
-#define R4B4 12
-#define R4B5 3
-#define R4B6 10
-#define R4B7 1
-#define R4B8 8
-#define R4B9 15
-#define R4B10 6
-#define R4B11 13
-#define R4B12 4
-#define R4B13 11
-#define R4B14 2
-#define R4B15 9
-
-#define S1_0 7
-#define S1_1 12
-#define S1_2 17
-#define S1_3 22
-
-#define S2_0 5
-#define S2_1 9
-#define S2_2 14
-#define S2_3 20
-
-#define S3_0 4
-#define S3_1 11
-#define S3_2 16
-#define S3_3 23
-
-#define S4_0 6
-#define S4_1 10
-#define S4_2 15
-#define S4_3 21
-
-struct MD5ContextStr {
- PRUint32 lsbInput;
- PRUint32 msbInput;
- PRUint32 cv[4];
- union {
- PRUint8 b[64];
- PRUint32 w[16];
- } u;
-};
-
-#define inBuf u.b
-
-SECStatus
-MD5_Hash(unsigned char *dest, const char *src)
-{
- return MD5_HashBuf(dest, (unsigned char *)src, PL_strlen(src));
-}
-
-SECStatus
-MD5_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- unsigned int len;
- MD5Context *cx = MD5_NewContext();
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return SECFailure;
- }
- MD5_Begin(cx);
- MD5_Update(cx, src, src_length);
- MD5_End(cx, dest, &len, MD5_HASH_LEN);
- MD5_DestroyContext(cx, PR_TRUE);
- return SECSuccess;
-}
-
-MD5Context *
-MD5_NewContext(void)
-{
- MD5Context *cx = (MD5Context *)PORT_ZAlloc(sizeof(MD5Context));
- if (cx == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return NULL;
- }
- return cx;
-}
-
-void
-MD5_DestroyContext(MD5Context *cx, PRBool freeit)
-{
- if (freeit) {
- PORT_ZFree(cx, sizeof(MD5Context));
- }
-}
-
-void
-MD5_Begin(MD5Context *cx)
-{
- cx->lsbInput = 0;
- cx->msbInput = 0;
- memset(cx->inBuf, 0, sizeof(cx->inBuf));
- cx->cv[0] = CV0_1;
- cx->cv[1] = CV0_2;
- cx->cv[2] = CV0_3;
- cx->cv[3] = CV0_4;
-}
-
-#define cls(i32, s) (tmp = i32, tmp << s | tmp >> (32 - s))
-
-#define MASK 0x00ff00ff
-#ifdef IS_LITTLE_ENDIAN
-#define lendian(i32) \
- (i32)
-#else
-#define lendian(i32) \
- (tmp = i32 >> 16 | i32 << 16, (tmp & MASK) << 8 | tmp >> 8 & MASK)
-#endif
-
-#if defined(SOLARIS) || defined(HPUX)
-#define addto64(sumhigh, sumlow, addend) \
- sumlow += addend; sumhigh += (sumlow < addend);
-#else
-#define addto64(sumhigh, sumlow, addend) \
- sumlow += addend; if (sumlow < addend) ++sumhigh;
-#endif
-
-#define F(X, Y, Z) \
- ((X & Y) | ((~X) & Z))
-
-#define G(X, Y, Z) \
- ((X & Z) | (Y & (~Z)))
-
-#define H(X, Y, Z) \
- (X ^ Y ^ Z)
-
-#define I(X, Y, Z) \
- (Y ^ (X | (~Z)))
-
-#define FF(a, b, c, d, bufint, s, ti) \
- a = b + cls(a + F(b, c, d) + bufint + ti, s)
-
-#define GG(a, b, c, d, bufint, s, ti) \
- a = b + cls(a + G(b, c, d) + bufint + ti, s)
-
-#define HH(a, b, c, d, bufint, s, ti) \
- a = b + cls(a + H(b, c, d) + bufint + ti, s)
-
-#define II(a, b, c, d, bufint, s, ti) \
- a = b + cls(a + I(b, c, d) + bufint + ti, s)
-
-static void
-md5_compress(MD5Context *cx)
-{
- PRUint32 a, b, c, d;
- PRUint32 tmp;
- a = cx->cv[0];
- b = cx->cv[1];
- c = cx->cv[2];
- d = cx->cv[3];
-#ifndef IS_LITTLE_ENDIAN
- cx->u.w[0] = lendian(cx->u.w[0]);
- cx->u.w[1] = lendian(cx->u.w[1]);
- cx->u.w[2] = lendian(cx->u.w[2]);
- cx->u.w[3] = lendian(cx->u.w[3]);
- cx->u.w[4] = lendian(cx->u.w[4]);
- cx->u.w[5] = lendian(cx->u.w[5]);
- cx->u.w[6] = lendian(cx->u.w[6]);
- cx->u.w[7] = lendian(cx->u.w[7]);
- cx->u.w[8] = lendian(cx->u.w[8]);
- cx->u.w[9] = lendian(cx->u.w[9]);
- cx->u.w[10] = lendian(cx->u.w[10]);
- cx->u.w[11] = lendian(cx->u.w[11]);
- cx->u.w[12] = lendian(cx->u.w[12]);
- cx->u.w[13] = lendian(cx->u.w[13]);
- cx->u.w[14] = lendian(cx->u.w[14]);
- cx->u.w[15] = lendian(cx->u.w[15]);
-#endif
- FF(a, b, c, d, cx->u.w[R1B0 ], S1_0, T1_0);
- FF(d, a, b, c, cx->u.w[R1B1 ], S1_1, T1_1);
- FF(c, d, a, b, cx->u.w[R1B2 ], S1_2, T1_2);
- FF(b, c, d, a, cx->u.w[R1B3 ], S1_3, T1_3);
- FF(a, b, c, d, cx->u.w[R1B4 ], S1_0, T1_4);
- FF(d, a, b, c, cx->u.w[R1B5 ], S1_1, T1_5);
- FF(c, d, a, b, cx->u.w[R1B6 ], S1_2, T1_6);
- FF(b, c, d, a, cx->u.w[R1B7 ], S1_3, T1_7);
- FF(a, b, c, d, cx->u.w[R1B8 ], S1_0, T1_8);
- FF(d, a, b, c, cx->u.w[R1B9 ], S1_1, T1_9);
- FF(c, d, a, b, cx->u.w[R1B10], S1_2, T1_10);
- FF(b, c, d, a, cx->u.w[R1B11], S1_3, T1_11);
- FF(a, b, c, d, cx->u.w[R1B12], S1_0, T1_12);
- FF(d, a, b, c, cx->u.w[R1B13], S1_1, T1_13);
- FF(c, d, a, b, cx->u.w[R1B14], S1_2, T1_14);
- FF(b, c, d, a, cx->u.w[R1B15], S1_3, T1_15);
- GG(a, b, c, d, cx->u.w[R2B0 ], S2_0, T2_0);
- GG(d, a, b, c, cx->u.w[R2B1 ], S2_1, T2_1);
- GG(c, d, a, b, cx->u.w[R2B2 ], S2_2, T2_2);
- GG(b, c, d, a, cx->u.w[R2B3 ], S2_3, T2_3);
- GG(a, b, c, d, cx->u.w[R2B4 ], S2_0, T2_4);
- GG(d, a, b, c, cx->u.w[R2B5 ], S2_1, T2_5);
- GG(c, d, a, b, cx->u.w[R2B6 ], S2_2, T2_6);
- GG(b, c, d, a, cx->u.w[R2B7 ], S2_3, T2_7);
- GG(a, b, c, d, cx->u.w[R2B8 ], S2_0, T2_8);
- GG(d, a, b, c, cx->u.w[R2B9 ], S2_1, T2_9);
- GG(c, d, a, b, cx->u.w[R2B10], S2_2, T2_10);
- GG(b, c, d, a, cx->u.w[R2B11], S2_3, T2_11);
- GG(a, b, c, d, cx->u.w[R2B12], S2_0, T2_12);
- GG(d, a, b, c, cx->u.w[R2B13], S2_1, T2_13);
- GG(c, d, a, b, cx->u.w[R2B14], S2_2, T2_14);
- GG(b, c, d, a, cx->u.w[R2B15], S2_3, T2_15);
- HH(a, b, c, d, cx->u.w[R3B0 ], S3_0, T3_0);
- HH(d, a, b, c, cx->u.w[R3B1 ], S3_1, T3_1);
- HH(c, d, a, b, cx->u.w[R3B2 ], S3_2, T3_2);
- HH(b, c, d, a, cx->u.w[R3B3 ], S3_3, T3_3);
- HH(a, b, c, d, cx->u.w[R3B4 ], S3_0, T3_4);
- HH(d, a, b, c, cx->u.w[R3B5 ], S3_1, T3_5);
- HH(c, d, a, b, cx->u.w[R3B6 ], S3_2, T3_6);
- HH(b, c, d, a, cx->u.w[R3B7 ], S3_3, T3_7);
- HH(a, b, c, d, cx->u.w[R3B8 ], S3_0, T3_8);
- HH(d, a, b, c, cx->u.w[R3B9 ], S3_1, T3_9);
- HH(c, d, a, b, cx->u.w[R3B10], S3_2, T3_10);
- HH(b, c, d, a, cx->u.w[R3B11], S3_3, T3_11);
- HH(a, b, c, d, cx->u.w[R3B12], S3_0, T3_12);
- HH(d, a, b, c, cx->u.w[R3B13], S3_1, T3_13);
- HH(c, d, a, b, cx->u.w[R3B14], S3_2, T3_14);
- HH(b, c, d, a, cx->u.w[R3B15], S3_3, T3_15);
- II(a, b, c, d, cx->u.w[R4B0 ], S4_0, T4_0);
- II(d, a, b, c, cx->u.w[R4B1 ], S4_1, T4_1);
- II(c, d, a, b, cx->u.w[R4B2 ], S4_2, T4_2);
- II(b, c, d, a, cx->u.w[R4B3 ], S4_3, T4_3);
- II(a, b, c, d, cx->u.w[R4B4 ], S4_0, T4_4);
- II(d, a, b, c, cx->u.w[R4B5 ], S4_1, T4_5);
- II(c, d, a, b, cx->u.w[R4B6 ], S4_2, T4_6);
- II(b, c, d, a, cx->u.w[R4B7 ], S4_3, T4_7);
- II(a, b, c, d, cx->u.w[R4B8 ], S4_0, T4_8);
- II(d, a, b, c, cx->u.w[R4B9 ], S4_1, T4_9);
- II(c, d, a, b, cx->u.w[R4B10], S4_2, T4_10);
- II(b, c, d, a, cx->u.w[R4B11], S4_3, T4_11);
- II(a, b, c, d, cx->u.w[R4B12], S4_0, T4_12);
- II(d, a, b, c, cx->u.w[R4B13], S4_1, T4_13);
- II(c, d, a, b, cx->u.w[R4B14], S4_2, T4_14);
- II(b, c, d, a, cx->u.w[R4B15], S4_3, T4_15);
- cx->cv[0] += a;
- cx->cv[1] += b;
- cx->cv[2] += c;
- cx->cv[3] += d;
-}
-
-void
-MD5_Update(MD5Context *cx, const unsigned char *input, unsigned int inputLen)
-{
- PRUint32 bytesToConsume;
- PRUint32 inBufIndex = cx->lsbInput & 63;
-
- /* Add the number of input bytes to the 64-bit input counter. */
- addto64(cx->msbInput, cx->lsbInput, inputLen);
- if (inBufIndex) {
- /* There is already data in the buffer. Fill with input. */
- bytesToConsume = PR_MIN(inputLen, MD5_BUFFER_SIZE - inBufIndex);
- memcpy(&cx->inBuf[inBufIndex], input, bytesToConsume);
- if (inBufIndex + bytesToConsume >= MD5_BUFFER_SIZE)
- /* The buffer is filled. Run the compression function. */
- md5_compress(cx);
- /* Remaining input. */
- inputLen -= bytesToConsume;
- input += bytesToConsume;
- }
-
- /* Iterate over 64-byte chunks of the message. */
- while (inputLen >= MD5_BUFFER_SIZE) {
- memcpy(cx->inBuf, input, MD5_BUFFER_SIZE);
- md5_compress(cx);
- inputLen -= MD5_BUFFER_SIZE;
- input += MD5_BUFFER_SIZE;
- }
-
- /* Tail of message (message bytes mod 64). */
- if (inputLen)
- memcpy(cx->inBuf, input, inputLen);
-}
-
-static const unsigned char padbytes[] = {
- 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-};
-
-void
-MD5_End(MD5Context *cx, unsigned char *digest,
- unsigned int *digestLen, unsigned int maxDigestLen)
-{
-#ifndef IS_LITTLE_ENDIAN
- PRUint32 tmp;
-#endif
- PRUint32 lowInput, highInput;
- PRUint32 inBufIndex = cx->lsbInput & 63;
-
- if (maxDigestLen < MD5_HASH_LEN) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
-
- /* Copy out the length of bits input before padding. */
- lowInput = cx->lsbInput;
- highInput = (cx->msbInput << 3) | (lowInput >> 29);
- lowInput <<= 3;
-
- if (inBufIndex < MD5_END_BUFFER) {
- MD5_Update(cx, padbytes, MD5_END_BUFFER - inBufIndex);
- } else {
- MD5_Update(cx, padbytes,
- MD5_END_BUFFER + MD5_BUFFER_SIZE - inBufIndex);
- }
-
- /* Store the number of bytes input (before padding) in final 64 bits. */
- cx->u.w[14] = lendian(lowInput);
- cx->u.w[15] = lendian(highInput);
-
- /* Final call to compress. */
- md5_compress(cx);
-
- /* Copy the resulting values out of the chain variables into return buf. */
- *digestLen = MD5_HASH_LEN;
-#ifndef IS_LITTLE_ENDIAN
- cx->cv[0] = lendian(cx->cv[0]);
- cx->cv[1] = lendian(cx->cv[1]);
- cx->cv[2] = lendian(cx->cv[2]);
- cx->cv[3] = lendian(cx->cv[3]);
-#endif
- memcpy(digest, cx->cv, MD5_HASH_LEN);
-}
-
-unsigned int
-MD5_FlattenSize(MD5Context *cx)
-{
- return sizeof(*cx);
-}
-
-SECStatus
-MD5_Flatten(MD5Context *cx, unsigned char *space)
-{
- memcpy(space, cx, sizeof(*cx));
- return SECSuccess;
-}
-
-MD5Context *
-MD5_Resurrect(unsigned char *space, void *arg)
-{
- MD5Context *cx = MD5_NewContext();
- if (cx)
- memcpy(cx, space, sizeof(*cx));
- return cx;
-}
-
-void
-MD5_TraceState(MD5Context *cx)
-{
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-}
diff --git a/security/nss/lib/freebl/mknewpc2.c b/security/nss/lib/freebl/mknewpc2.c
deleted file mode 100644
index 3bd3f0cf0..000000000
--- a/security/nss/lib/freebl/mknewpc2.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/*
- * mknewpc2.c
- *
- * Generate PC-2 tables for DES-150 library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com. Portions created by Nelson B. Bolyard are
- * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-typedef unsigned char BYTE;
-typedef unsigned int HALF;
-
-#define DES_ENCRYPT 0
-#define DES_DECRYPT 1
-
-/* two 28-bit registers defined in key schedule production process */
-static HALF C0, D0;
-
-static HALF L0, R0;
-
-/* key schedule, 16 internal keys, each with 8 6-bit parts */
-static BYTE KS [8] [16];
-
-
-/*
- * This table takes the 56 bits in C0 and D0 and shows show they are
- * permuted into the 8 6-bit parts of the key in the key schedule.
- * The bits of C0 are numbered left to right, 1-28.
- * The bits of D0 are numbered left to right, 29-56.
- * Zeros in this table represent bits that are always zero.
- * Note that all the bits in the first 4 rows come from C0,
- * and all the bits in the second 4 rows come from D0.
- */
-static const BYTE PC2[64] = {
- 14, 17, 11, 24, 1, 5, 0, 0, /* S1 */
- 3, 28, 15, 6, 21, 10, 0, 0, /* S2 */
- 23, 19, 12, 4, 26, 8, 0, 0, /* S3 */
- 16, 7, 27, 20, 13, 2, 0, 0, /* S4 */
-
- 41, 52, 31, 37, 47, 55, 0, 0, /* S5 */
- 30, 40, 51, 45, 33, 48, 0, 0, /* S6 */
- 44, 49, 39, 56, 34, 53, 0, 0, /* S7 */
- 46, 42, 50, 36, 29, 32, 0, 0 /* S8 */
-};
-
-/* This table represents the same info as PC2, except that
- * The bits of C0 and D0 are each numbered right to left, 0-27.
- * -1 values indicate bits that are always zero.
- * As before all the bits in the first 4 rows come from C0,
- * and all the bits in the second 4 rows come from D0.
- */
-static signed char PC2a[64] = {
-/* bits of C0 */
- 14, 11, 17, 4, 27, 23, -1, -1, /* S1 */
- 25, 0, 13, 22, 7, 18, -1, -1, /* S2 */
- 5, 9, 16, 24, 2, 20, -1, -1, /* S3 */
- 12, 21, 1, 8, 15, 26, -1, -1, /* S4 */
-/* bits of D0 */
- 15, 4, 25, 19, 9, 1, -1, -1, /* S5 */
- 26, 16, 5, 11, 23, 8, -1, -1, /* S6 */
- 12, 7, 17, 0, 22, 3, -1, -1, /* S7 */
- 10, 14, 6, 20, 27, 24, -1, -1 /* S8 */
-};
-
-/* This table represents the same info as PC2a, except that
- * The order of of the rows has been changed to increase the efficiency
- * with which the key sechedule is created.
- * Fewer shifts and ANDs are required to make the KS from these.
- */
-static const signed char PC2b[64] = {
-/* bits of C0 */
- 14, 11, 17, 4, 27, 23, -1, -1, /* S1 */
- 5, 9, 16, 24, 2, 20, -1, -1, /* S3 */
- 25, 0, 13, 22, 7, 18, -1, -1, /* S2 */
- 12, 21, 1, 8, 15, 26, -1, -1, /* S4 */
-/* bits of D0 */
- 26, 16, 5, 11, 23, 8, -1, -1, /* S6 */
- 10, 14, 6, 20, 27, 24, -1, -1, /* S8 */
- 15, 4, 25, 19, 9, 1, -1, -1, /* S5 */
- 12, 7, 17, 0, 22, 3, -1, -1 /* S7 */
-};
-
-/* Only 24 of the 28 bits in C0 and D0 are used in PC2.
- * The used bits of C0 and D0 are grouped into 4 groups of 6,
- * so that the PC2 permutation can be accomplished with 4 lookups
- * in tables of 64 entries.
- * The following table shows how the bits of C0 and D0 are grouped
- * into indexes for the respective table lookups.
- * Bits are numbered right-to-left, 0-27, as in PC2b.
- */
-static BYTE NDX[48] = {
-/* Bits of C0 */
- 27, 26, 25, 24, 23, 22, /* C0 table 0 */
- 18, 17, 16, 15, 14, 13, /* C0 table 1 */
- 9, 8, 7, 2, 1, 0, /* C0 table 2 */
- 5, 4, 21, 20, 12, 11, /* C0 table 3 */
-/* bits of D0 */
- 27, 26, 25, 24, 23, 22, /* D0 table 0 */
- 20, 19, 17, 16, 15, 14, /* D0 table 1 */
- 12, 11, 10, 9, 8, 7, /* D0 table 2 */
- 6, 5, 4, 3, 1, 0 /* D0 table 3 */
-};
-
-/* Here's the code that does that grouping.
- left = PC2LOOKUP(0, 0, ((c0 >> 22) & 0x3F) );
- left |= PC2LOOKUP(0, 1, ((c0 >> 13) & 0x3F) );
- left |= PC2LOOKUP(0, 2, ((c0 >> 4) & 0x38) | (c0 & 0x7) );
- left |= PC2LOOKUP(0, 3, ((c0>>18)&0xC) | ((c0>>11)&0x3) | (c0&0x30));
-
- right = PC2LOOKUP(1, 0, ((d0 >> 22) & 0x3F) );
- right |= PC2LOOKUP(1, 1, ((d0 >> 15) & 0x30) | ((d0 >> 14) & 0xf) );
- right |= PC2LOOKUP(1, 2, ((d0 >> 7) & 0x3F) );
- right |= PC2LOOKUP(1, 3, ((d0 >> 1) & 0x3C) | (d0 & 0x3));
-*/
-
-void
-make_pc2a( void )
-{
-
- int i, j;
-
- for ( i = 0; i < 64; ++i ) {
- j = PC2[i];
- if (j == 0)
- j = -1;
- else if ( j < 29 )
- j = 28 - j ;
- else
- j = 56 - j;
- PC2a[i] = j;
- }
- for ( i = 0; i < 64; i += 8 ) {
- printf("%3d,%3d,%3d,%3d,%3d,%3d,%3d,%3d,\n",
- PC2a[i+0],PC2a[i+1],PC2a[i+2],PC2a[i+3],
- PC2a[i+4],PC2a[i+5],PC2a[i+6],PC2a[i+7] );
- }
-}
-
-HALF PC2cd0[64];
-
-HALF PC_2H[8][64];
-
-void
-mktable( )
-{
- int i;
- int table;
- const BYTE * ndx = NDX;
- HALF mask;
-
- mask = 0x80000000;
- for (i = 0; i < 32; ++i, mask >>= 1) {
- int bit = PC2b[i];
- if (bit < 0)
- continue;
- PC2cd0[bit + 32] = mask;
- }
-
- mask = 0x80000000;
- for (i = 32; i < 64; ++i, mask >>= 1) {
- int bit = PC2b[i];
- if (bit < 0)
- continue;
- PC2cd0[bit] = mask;
- }
-
-#if DEBUG
- for (i = 0; i < 64; ++i) {
- printf("0x%08x,\n", PC2cd0[i]);
- }
-#endif
- for (i = 0; i < 24; ++i) {
- NDX[i] += 32; /* because c0 is the upper half */
- }
-
- for (table = 0; table < 8; ++table) {
- HALF bitvals[6];
- for (i = 0; i < 6; ++i) {
- bitvals[5-i] = PC2cd0[*ndx++];
- }
- for (i = 0; i < 64; ++i) {
- int j;
- int k = 0;
- HALF value = 0;
-
- for (j = i; j; j >>= 1, ++k) {
- if (j & 1) {
- value |= bitvals[k];
- }
- }
- PC_2H[table][i] = value;
- }
- printf("/* table %d */ {\n", table );
- for (i = 0; i < 64; i += 4) {
- printf(" 0x%08x, 0x%08x, 0x%08x, 0x%08x, \n",
- PC_2H[table][i], PC_2H[table][i+1],
- PC_2H[table][i+2], PC_2H[table][i+3]);
- }
- printf(" },\n");
- }
-}
-
-
-int
-main(void)
-{
-/* make_pc2a(); */
- mktable();
- return 0;
-}
diff --git a/security/nss/lib/freebl/mksp.c b/security/nss/lib/freebl/mksp.c
deleted file mode 100644
index 17ce7bc2a..000000000
--- a/security/nss/lib/freebl/mksp.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * mksp.c
- *
- * Generate SP tables for DES-150 library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the DES-150 library.
- *
- * The Initial Developer of the Original Code is Nelson B. Bolyard,
- * nelsonb@iname.com. Portions created by Nelson B. Bolyard are
- * Copyright (C) 1990, 2000 Nelson B. Bolyard, All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include <stdio.h>
-
-/*
- * sboxes - the tables for the s-box functions
- * from FIPS 46, pages 15-16.
- */
-unsigned char S[8][64] = {
-/* Func S1 = */ {
- 14, 0, 4, 15, 13, 7, 1, 4, 2, 14, 15, 2, 11, 13, 8, 1,
- 3, 10, 10, 6, 6, 12, 12, 11, 5, 9, 9, 5, 0, 3, 7, 8,
- 4, 15, 1, 12, 14, 8, 8, 2, 13, 4, 6, 9, 2, 1, 11, 7,
- 15, 5, 12, 11, 9, 3, 7, 14, 3, 10, 10, 0, 5, 6, 0, 13
- },
-/* Func S2 = */ {
- 15, 3, 1, 13, 8, 4, 14, 7, 6, 15, 11, 2, 3, 8, 4, 14,
- 9, 12, 7, 0, 2, 1, 13, 10, 12, 6, 0, 9, 5, 11, 10, 5,
- 0, 13, 14, 8, 7, 10, 11, 1, 10, 3, 4, 15, 13, 4, 1, 2,
- 5, 11, 8, 6, 12, 7, 6, 12, 9, 0, 3, 5, 2, 14, 15, 9
- },
-/* Func S3 = */ {
- 10, 13, 0, 7, 9, 0, 14, 9, 6, 3, 3, 4, 15, 6, 5, 10,
- 1, 2, 13, 8, 12, 5, 7, 14, 11, 12, 4, 11, 2, 15, 8, 1,
- 13, 1, 6, 10, 4, 13, 9, 0, 8, 6, 15, 9, 3, 8, 0, 7,
- 11, 4, 1, 15, 2, 14, 12, 3, 5, 11, 10, 5, 14, 2, 7, 12
- },
-/* Func S4 = */ {
- 7, 13, 13, 8, 14, 11, 3, 5, 0, 6, 6, 15, 9, 0, 10, 3,
- 1, 4, 2, 7, 8, 2, 5, 12, 11, 1, 12, 10, 4, 14, 15, 9,
- 10, 3, 6, 15, 9, 0, 0, 6, 12, 10, 11, 1, 7, 13, 13, 8,
- 15, 9, 1, 4, 3, 5, 14, 11, 5, 12, 2, 7, 8, 2, 4, 14
- },
-/* Func S5 = */ {
- 2, 14, 12, 11, 4, 2, 1, 12, 7, 4, 10, 7, 11, 13, 6, 1,
- 8, 5, 5, 0, 3, 15, 15, 10, 13, 3, 0, 9, 14, 8, 9, 6,
- 4, 11, 2, 8, 1, 12, 11, 7, 10, 1, 13, 14, 7, 2, 8, 13,
- 15, 6, 9, 15, 12, 0, 5, 9, 6, 10, 3, 4, 0, 5, 14, 3
- },
-/* Func S6 = */ {
- 12, 10, 1, 15, 10, 4, 15, 2, 9, 7, 2, 12, 6, 9, 8, 5,
- 0, 6, 13, 1, 3, 13, 4, 14, 14, 0, 7, 11, 5, 3, 11, 8,
- 9, 4, 14, 3, 15, 2, 5, 12, 2, 9, 8, 5, 12, 15, 3, 10,
- 7, 11, 0, 14, 4, 1, 10, 7, 1, 6, 13, 0, 11, 8, 6, 13
- },
-/* Func S7 = */ {
- 4, 13, 11, 0, 2, 11, 14, 7, 15, 4, 0, 9, 8, 1, 13, 10,
- 3, 14, 12, 3, 9, 5, 7, 12, 5, 2, 10, 15, 6, 8, 1, 6,
- 1, 6, 4, 11, 11, 13, 13, 8, 12, 1, 3, 4, 7, 10, 14, 7,
- 10, 9, 15, 5, 6, 0, 8, 15, 0, 14, 5, 2, 9, 3, 2, 12
- },
-/* Func S8 = */ {
- 13, 1, 2, 15, 8, 13, 4, 8, 6, 10, 15, 3, 11, 7, 1, 4,
- 10, 12, 9, 5, 3, 6, 14, 11, 5, 0, 0, 14, 12, 9, 7, 2,
- 7, 2, 11, 1, 4, 14, 1, 7, 9, 4, 12, 10, 14, 8, 2, 13,
- 0, 15, 6, 12, 10, 9, 13, 0, 15, 3, 3, 5, 5, 6, 8, 11
- }
-};
-
-/*
- * Permutation function for results from s-boxes
- * from FIPS 46 pages 12 and 16.
- * P =
- */
-unsigned char P[32] = {
- 16, 7, 20, 21, 29, 12, 28, 17,
- 1, 15, 23, 26, 5, 18, 31, 10,
- 2, 8, 24, 14, 32, 27, 3, 9,
- 19, 13, 30, 6, 22, 11, 4, 25
-};
-
-unsigned int Pinv[32];
-unsigned int SP[8][64];
-
-void
-makePinv(void)
-{
- int i;
- unsigned int Pi = 0x80000000;
- for (i = 0; i < 32; ++i) {
- int j = 32 - P[i];
- Pinv[j] = Pi;
- Pi >>= 1;
- }
-}
-
-void
-makeSP(void)
-{
- int box;
- for (box = 0; box < 8; ++box) {
- int item;
- printf("/* box S%d */ {\n", box + 1);
- for (item = 0; item < 64; ++item ) {
- unsigned int s = S[box][item];
- unsigned int val = 0;
- unsigned int bitnum = (7-box) * 4;
- for (; s; s >>= 1, ++bitnum) {
- if (s & 1) {
- val |= Pinv[bitnum];
- }
- }
- val = (val << 3) | (val >> 29);
- SP[box][item] = val;
- }
- for (item = 0; item < 64; item += 4) {
- printf("\t0x%08x, 0x%08x, 0x%08x, 0x%08x,\n",
- SP[box][item], SP[box][item+1], SP[box][item+2], SP[box][item+3]);
- }
- printf(" },\n");
- }
-}
-
-int
-main()
-{
- makePinv();
- makeSP();
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/Makefile b/security/nss/lib/freebl/mpi/Makefile
deleted file mode 100644
index a4724af90..000000000
--- a/security/nss/lib/freebl/mpi/Makefile
+++ /dev/null
@@ -1,424 +0,0 @@
-##
-## Makefile for MPI library
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-## Netscape Communications Corporation
-## Richard C. Swift (swift@netscape.com)
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-##
-## $Id$
-##
-
-## Define CC to be the C compiler you wish to use. The GNU cc
-## compiler (gcc) should work, at the very least
-#CC=cc
-#CC=gcc
-
-##
-## Define PERL to point to your local Perl interpreter. It
-## should be Perl 5.x, although it's conceivable that Perl 4
-## might work ... I haven't tested it.
-##
-#PERL=/usr/bin/perl
-PERL=perl
-
-##
-## Define CFLAGS to contain any local options your compiler
-## setup requires.
-##
-## Conditional compilation options are no longer here; see
-## the file 'mpi-config.h' instead.
-##
-MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC
-CFLAGS= -O $(MPICMN)
-#CFLAGS=-ansi -fullwarn -woff 1521 -O3 $(MPICMN)
-#CFLAGS=-ansi -pedantic -Wall -O3 $(MPICMN)
-#CFLAGS=-ansi -pedantic -Wall -g -O2 -DMP_DEBUG=1 $(MPICMN)
-
-ifeq ($(TARGET),mipsIRIX)
-#IRIX
-#MPICMN += -DMP_MONT_USE_MP_MUL
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-MPICMN += -DMP_USE_UINT_DIGIT
-#MPICMN += -DMP_NO_MP_WORD
-AS_OBJS = mpi_mips.o
-#ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3 -exceptions
-ASFLAGS = -O -OPT:Olimit=4000 -dollar -fullwarn -xansi -n32 -mips3
-#CFLAGS=-ansi -n32 -O3 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
-CFLAGS=-ansi -n32 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
-#CFLAGS=-ansi -n32 -g -fullwarn -woff 1429 -D_SGI_SOURCE $(MPICMN)
-#CFLAGS=-ansi -64 -O2 -fullwarn -woff 1429 -D_SGI_SOURCE -DMP_NO_MP_WORD \
- $(MPICMN)
-endif
-
-ifeq ($(TARGET),alphaOSF1)
-#Alpha/OSF1
-MPICMN += -DMP_ASSEMBLY_MULTIPLY
-AS_OBJS+= mpvalpha.o
-#CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT $(MPICMN)
-CFLAGS= -O -Olimit 4000 -ieee_with_inexact -std1 -DOSF1 -D_REENTRANT \
- -DMP_NO_MP_WORD $(MPICMN)
-endif
-
-ifeq ($(TARGET),v9SOLARIS)
-#Solaris 64
-SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xchip=ultra -xarch=v9a -KPIC -mt
-#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v9a -KPIC -mt
-SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v9a -KPIC -mt
-AS_OBJS += montmulfv9.o
-AS_OBJS += mpi_sparc.o mpv_sparcv9.o
-MPICMN += -DMP_USE_UINT_DIGIT
-#MPICMN += -DMP_NO_MP_WORD
-MPICMN += -DMP_ASSEMBLY_MULTIPLY
-MPICMN += -DMP_USING_MONT_MULF
-CFLAGS= -O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_8 -D_SVID_GETTOD -xarch=v9 -DXP_UNIX $(MPICMN)
-#CFLAGS= -g -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_8 -D_SVID_GETTOD -xarch=v9 -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),v8plusSOLARIS)
-#Solaris 32
-SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8plusa -KPIC -mt
-SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt
-AS_OBJS = montmulfv8.o mpi_sparc.o mpv_sparcv8.o
-#AS_OBJS = montmulf.o
-MPICMN += -DMP_ASSEMBLY_MULTIPLY
-MPICMN += -DMP_USING_MONT_MULF -DMP_USE_UINT_DIGIT
-MPICMN += -DMP_NO_MP_WORD
-CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_6 -D_SVID_GETTOD -xarch=v8plus -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),v8SOLARIS)
-#Solaris 32
-#SOLARIS_FPU_FLAGS = -fast -xO5 -xrestrict=%all -xdepend -xchip=ultra -xarch=v8 -KPIC -mt
-#SOLARIS_ASM_FLAGS = -xchip=ultra -xarch=v8plusa -KPIC -mt
-#AS_OBJS = montmulfv8.o mpi_sparc.o mpv_sparcv8.o
-#AS_OBJS = montmulf.o
-#MPICMN += -DMP_USING_MONT_MULF
-#MPICMN += -DMP_ASSEMBLY_MULTIPLY
-MPICMN += -DMP_USE_LONG_LONG_MULTIPLY -DMP_USE_UINT_DIGIT
-MPICMN += -DMP_NO_MP_WORD
-CFLAGS=-O -KPIC -DSVR4 -DSYSV -D__svr4 -D__svr4__ -DSOLARIS -D_REENTRANT \
- -DSOLARIS2_6 -D_SVID_GETTOD -xarch=v8 -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),PA2.0WHPUX)
-#HPUX64 (HP PA 2.0 Wide) using MAXPY and 64-bit digits
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-AS_OBJS = mpi_hp.o hpma512.o hppa20.o
-CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0W +DS2.0 +O3 +DChpux -DHPUX11 -DXP_UNIX \
- $(MPICMN)
-AS = $(CC) $(CFLAGS) -c
-endif
-
-ifeq ($(TARGET),PA2.0NHPUX)
-#HPUX32 (HP PA 2.0 Narrow) hybrid model, using 32-bit digits
-# This one is for DA2.0 (N) which is the 32-bit ABI with 64-bit registers.
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE
-AS_OBJS = mpi_hp.o hpma512.o hppa20.o
-CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +O3 +DChpux -DHPUX11 -DXP_UNIX \
- -Wl,+k $(MPICMN)
-#CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE -Aa +e -z +DA2.0 +DS2.0 +DChpux -DHPUX11 -DXP_UNIX \
- -Wl,+k $(MPICMN)
-AS = $(CC) $(CFLAGS) -c
-endif
-
-ifeq ($(TARGET),PA1.1HPUX)
-#HPUX32 (HP PA 1.1) Pure 32 bit
-MPICMN += -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY
-CFLAGS= -O -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
- -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN)
-##CFLAGS= -g -DHPUX10 -D_POSIX_C_SOURCE=199506L -Ae +Z -DHPUX -Dhppa \
-# -D_HPUX_SOURCE +DAportable +DS1.1 -DHPUX11 -DXP_UNIX $(MPICMN)
-endif
-
-ifeq ($(TARGET),32AIX)
-#
-CC = xlC_r
-MPICMN += -DMP_USE_UINT_DIGIT
-MPICMN += -DMP_NO_DIV_WORD
-#MPICMN += -DMP_NO_MUL_WORD
-MPICMN += -DMP_NO_ADD_WORD
-MPICMN += -DMP_NO_SUB_WORD
-#MPICMN += -DMP_NO_MP_WORD
-#MPICMN += -DMP_USE_LONG_LONG_MULTIPLY
-CFLAGS = -O -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
-#CFLAGS = -g -DAIX -DSYSV -qarch=com -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
-#CFLAGS += -pg
-endif
-
-ifeq ($(TARGET),64AIX)
-#
-CC = xlC_r
-MPICMN += -DMP_USE_UINT_DIGIT
-CFLAGS = -O -O2 -DAIX -DSYSV -qarch=com -DAIX_64BIT -DAIX4_3 -DXP_UNIX -UDEBUG -DNDEBUG $(MPICMN)
-OBJECT_MODE=64
-export OBJECT_MODE
-endif
-
-ifeq ($(TARGET),x86LINUX)
-#Linux
-AS_OBJS = mpi_x86.o
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-MPICMN += -DMP_MONT_USE_MP_MUL
-CFLAGS= -O2 -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
- -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
- -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN)
-#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
- -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
- -DXP_UNIX -DDEBUG -UNDEBUG -D_REENTRANT $(MPICMN)
-#CFLAGS= -g -fPIC -DLINUX1_2 -Di386 -D_XOPEN_SOURCE -DLINUX2_1 -ansi -Wall \
- -pipe -DLINUX -Dlinux -D_POSIX_SOURCE -D_BSD_SOURCE -DHAVE_STRERROR \
- -DXP_UNIX -UDEBUG -DNDEBUG -D_REENTRANT $(MPICMN)
-endif
-
-##
-## Define LIBS to include any libraries you need to link against.
-## If NO_TABLE is define, LIBS should include '-lm' or whatever is
-## necessary to bring in the math library. Otherwise, it can be
-## left alone, unless your system has other peculiar requirements.
-##
-LIBS=#-lmalloc#-lefence#-lm
-
-##
-## Define RANLIB to be the library header randomizer; you might not
-## need this on some systems (just set it to 'echo' on these systems,
-## such as IRIX)
-##
-RANLIB=echo
-
-##
-## This is the version string used for the documentation and
-## building the distribution tarball. Don't mess with it unless
-## you are releasing a new version
-VERS=1.7p6
-
-## ----------------------------------------------------------------------
-## You probably don't need to change anything below this line...
-##
-
-##
-## This is the list of source files that need to be packed into
-## the distribution file
-SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
- utils/gcd.c utils/invmod.c utils/lap.c \
- utils/ptab.pl utils/sieve.c utils/isprime.c\
- utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
- utils/bbsrand.c utils/prng.c utils/primegen.c \
- utils/basecvt.c utils/makeprime.c\
- utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
- utils/mpi.h utils/mpprime.h mulsqr.c \
- make-test-arrays test-arrays.txt all-tests make-logtab \
- types.pl stats timetest multest
-
-## These are the header files that go into the distribution file
-HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
- utils/bbs_rand.h tests/mpi.h tests/mpprime.h
-
-## These are the documentation files that go into the distribution file
-DOCS=README doc utils/README utils/PRIMES
-
-## This is the list of tools built by 'make tools'
-TOOLS=gcd invmod isprime lap dec2hex hex2dec primegen prng \
- basecvt fact exptmod pi makeprime identest
-
-LIBOBJS = mpprime.o mpmontg.o mplogic.o mpi.o $(AS_OBJS)
-LIBHDRS = mpi-config.h mpi-priv.h mpi.h
-APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
-
-help:
- @ echo ""
- @ echo "The following targets can be built with this Makefile:"
- @ echo ""
- @ echo "libmpi.a - arithmetic and prime testing library"
- @ echo "mpi-test - test driver (requires MP_IOFUNC)"
- @ echo "tools - command line tools"
- @ echo "doc - manual pages for tools"
- @ echo "clean - clean up objects and such"
- @ echo "distclean - get ready for distribution"
- @ echo "dist - distribution tarball"
- @ echo ""
-
-.SUFFIXES: .c .o .i
-
-.c.i:
- $(CC) $(CFLAGS) -E $< > $@
-
-#.c.o: $*.h $*.c
-# $(CC) $(CFLAGS) -c $<
-
-#---------------------------------------
-
-$(LIBOBJS): $(LIBHDRS)
-
-logtab.h: make-logtab
- $(PERL) make-logtab > logtab.h
-
-mpi.o: mpi.c logtab.h $(LIBHDRS)
-
-mplogic.o: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
-
-mpmontg.o: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
-
-mpprime.o: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
-
-mpi_mips.o: mpi_mips.s
- $(CC) -o $@ $(ASFLAGS) -c mpi_mips.s
-
-mpi_sparc.o : montmulf.h
-
-mpv_sparcv9.s: vis_64.il mpv_sparc.c
- $(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_64.il mpv_sparc.c
-
-mpv_sparcv8.s: vis_64.il mpv_sparc.c
- $(CC) -o $@ $(SOLARIS_FPU_FLAGS) -S vis_32.il mpv_sparc.c
-
-montmulfv8.o montmulfv9.o mpv_sparcv8.o mpv_sparcv9.o : %.o : %.s
- $(CC) -o $@ $(SOLARIS_ASM_FLAGS) -c $<
-
-# This rule is used to build the .s sources, which are then hand optimized.
-#montmulfv8.s montmulfv9.s : montmulf%.s : montmulf%.il montmulf.c montmulf.h
-# $(CC) -o $@ $(SOLARIS_ASM_FLAGS) -S montmulf$*.il montmulf.c
-
-
-libmpi.a: $(LIBOBJS)
- ar -cvr libmpi.a $(LIBOBJS)
- $(RANLIB) libmpi.a
-
-lib libs: libmpi.a
-
-mpi.i: mpi.h
-
-#---------------------------------------
-
-MPTESTOBJS = mptest1.o mptest2.o mptest3.o mptest3a.o mptest4.o mptest4a.o \
- mptest4b.o mptest6.o mptest7.o mptest8.o mptest9.o
-MPTESTS = $(MPTESTOBJS:.o=)
-
-$(MPTESTOBJS): mptest%.o: tests/mptest-%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -o $@ -c $<
-
-$(MPTESTS): mptest%: mptest%.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-tests: mptest1 mptest2 mptest3 mptest3a mptest4 mptest4a mptest4b mptest6 \
- bbsrand
-
-utests: mptest7 mptest8 mptest9
-
-#---------------------------------------
-
-EXTRAOBJS = bbsrand.o bbs_rand.o prng.o
-UTILOBJS = primegen.o metime.o identest.o basecvt.o fact.o exptmod.o pi.o \
- makeprime.o gcd.o invmod.o lap.o isprime.o \
- dec2hex.o hex2dec.o
-UTILS = $(UTILOBJS:.o=)
-
-$(UTILS): % : %.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-$(UTILOBJS) $(EXTRAOBJS): %.o : utils/%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -o $@ -c $<
-
-prng: prng.o bbs_rand.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-bbsrand: bbsrand.o bbs_rand.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-utils: $(UTILS) prng bbsrand
-
-#---------------------------------------
-
-test-info.c: test-arrays.txt
- $(PERL) make-test-arrays test-arrays.txt > test-info.c
-
-mpi-test.o: mpi-test.c test-info.c $(LIBHDRS)
- $(CC) $(CFLAGS) -o $@ -c $<
-
-mpi-test: mpi-test.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-mdxptest.o: mdxptest.c $(LIBHDRS) mpi-priv.h
-
-mdxptest: mdxptest.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-mulsqr.o: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h
- $(CC) $(CFLAGS) -DMP_SQUARE=1 -o $@ -c mulsqr.c
-
-mulsqr: mulsqr.o libmpi.a
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-
-#---------------------------------------
-
-alltests: tests utests mpi-test
-
-tools: $(TOOLS)
-
-doc:
- (cd doc; ./build)
-
-clean:
- rm -f *.o *.a *.i
- rm -f core
- rm -f *~ .*~
- rm -f utils/*.o
- rm -f utils/core
- rm -f utils/*~ utils/.*~
-
-clobber: clean
- rm -f $(TOOLS) $(UTILS)
-
-distclean: clean
- rm -f mptest? mpi-test metime mulsqr karatsuba
- rm -f mptest?a mptest?b
- rm -f utils/mptest?
- rm -f test-info.c logtab.h
- rm -f libmpi.a
- rm -f $(TOOLS)
-
-dist: Makefile $(HDRS) $(SRCS) $(DOCS)
- tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
- pgps -ab mpi-$(VERS).tar
- chmod +r mpi-$(VERS).tar.asc
- gzip -9 mpi-$(VERS).tar
-
-# END
diff --git a/security/nss/lib/freebl/mpi/Makefile.os2 b/security/nss/lib/freebl/mpi/Makefile.os2
deleted file mode 100644
index e81b64649..000000000
--- a/security/nss/lib/freebl/mpi/Makefile.os2
+++ /dev/null
@@ -1,277 +0,0 @@
-##
-## Makefile.win - gmake Makefile for building MPI with VACPP on OS/2
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-## Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-##
-## $Id$
-##
-
-## Define CC to be the C compiler you wish to use. The GNU cc
-## compiler (gcc) should work, at the very least
-#CC=cc
-#CC=gcc
-CC=icc.exe
-AS=alp.exe
-
-##
-## Define PERL to point to your local Perl interpreter. It
-## should be Perl 5.x, although it's conceivable that Perl 4
-## might work ... I haven't tested it.
-##
-#PERL=/usr/bin/perl
-PERL=perl
-
-##
-## Define CFLAGS to contain any local options your compiler
-## setup requires.
-##
-## Conditional compilation options are no longer here; see
-## the file 'mpi-config.h' instead.
-##
-MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC -DMP_USE_UINT_DIGIT -DMP_NO_MP_WORD
-
-#OS/2
-AS_SRCS = mpi_x86.asm
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \
- -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-CFLAGS = /Ti+ -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- $(MPICMN)
-ASFLAGS =
-
-##
-## Define LIBS to include any libraries you need to link against.
-## If NO_TABLE is define, LIBS should include '-lm' or whatever is
-## necessary to bring in the math library. Otherwise, it can be
-## left alone, unless your system has other peculiar requirements.
-##
-LIBS=#-lmalloc#-lefence#-lm
-
-##
-## Define RANLIB to be the library header randomizer; you might not
-## need this on some systems (just set it to 'echo' on these systems,
-## such as IRIX)
-##
-RANLIB=echo
-
-##
-## This is the version string used for the documentation and
-## building the distribution tarball. Don't mess with it unless
-## you are releasing a new version
-VERS=1.7p6
-
-## ----------------------------------------------------------------------
-## You probably don't need to change anything below this line...
-##
-
-##
-## This is the list of source files that need to be packed into
-## the distribution file
-SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
- utils/gcd.c utils/invmod.c utils/lap.c \
- utils/ptab.pl utils/sieve.c utils/isprime.c\
- utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
- utils/bbsrand.c utils/prng.c utils/primegen.c \
- utils/basecvt.c utils/makeprime.c\
- utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
- utils/mpi.h utils/mpprime.h mulsqr.c \
- make-test-arrays test-arrays.txt all-tests make-logtab \
- types.pl stats timetest multest
-
-## These are the header files that go into the distribution file
-HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
- utils/bbs_rand.h tests/mpi.h tests/mpprime.h
-
-## These are the documentation files that go into the distribution file
-DOCS=README doc utils/README utils/PRIMES
-
-## This is the list of tools built by 'make tools'
-TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \
- primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe
-
-AS_OBJS = $(AS_SRCS:.asm=.obj)
-LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS)
-LIBHDRS = mpi-config.h mpi-priv.h mpi.h
-APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
-
-
-help:
- @ echo ""
- @ echo "The following targets can be built with this Makefile:"
- @ echo ""
- @ echo "mpi.lib - arithmetic and prime testing library"
- @ echo "mpi-test.exe - test driver (requires MP_IOFUNC)"
- @ echo "tools - command line tools"
- @ echo "doc - manual pages for tools"
- @ echo "clean - clean up objects and such"
- @ echo "distclean - get ready for distribution"
- @ echo "dist - distribution tarball"
- @ echo ""
-
-.SUFFIXES: .c .obj .i .lib .exe .asm
-
-.c.i:
- $(CC) $(CFLAGS) -E $< > $@
-
-.c.obj:
- $(CC) $(CFLAGS) -c $<
-
-.asm.obj:
- $(AS) $(ASFLAGS) $<
-
-.obj.exe:
- $(CC) $(CFLAGS) -Fo$@ $<
-
-#---------------------------------------
-
-$(LIBOBJS): $(LIBHDRS)
-
-logtab.h: make-logtab
- $(PERL) make-logtab > logtab.h
-
-mpi.obj: mpi.c logtab.h $(LIBHDRS)
-
-mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
-
-mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
-
-mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
-
-mpi_mips.obj: mpi_mips.s
- $(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s
-
-mpi.lib: $(LIBOBJS)
- ilib /out:mpi.lib $(LIBOBJS)
- $(RANLIB) mpi.lib
-
-lib libs: mpi.lib
-
-#---------------------------------------
-
-MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \
- mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj
-MPTESTS = $(MPTESTOBJS:.obj=.exe)
-
-$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \
- mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe
-
-utests: mptest7.exe mptest8.exe mptest9.exe
-
-#---------------------------------------
-
-EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj
-UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \
- exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \
- isprime.obj dec2hex.obj hex2dec.obj
-UTILS = $(UTILOBJS:.obj=.exe)
-
-$(UTILS): %.exe : %.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-utils: $(UTILS) prng.exe bbsrand.exe
-
-#---------------------------------------
-
-test-info.c: test-arrays.txt
- $(PERL) make-test-arrays test-arrays.txt > test-info.c
-
-mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-mpi-test.exe: mpi-test.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h
-
-mdxptest.exe: mdxptest.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h
- $(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c
-
-mulsqr.exe: mulsqr.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-#---------------------------------------
-
-alltests: tests utests mpi-test.exe
-
-tools: $(TOOLS)
-
-doc:
- (cd doc; ./build)
-
-clean:
- rm -f *.obj *.lib *.pdb *.ilk
- cd utils; rm -f *.obj *.lib *.pdb *.ilk
-
-distclean: clean
- rm -f mptest? mpi-test metime mulsqr karatsuba
- rm -f mptest?a mptest?b
- rm -f utils/mptest?
- rm -f test-info.c logtab.h
- rm -f mpi.lib
- rm -f $(TOOLS)
-
-dist: Makefile $(HDRS) $(SRCS) $(DOCS)
- tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
- pgps -ab mpi-$(VERS).tar
- chmod +r mpi-$(VERS).tar.asc
- gzip -9 mpi-$(VERS).tar
-
-
-print:
- @echo LIBOBJS = $(LIBOBJS)
-# END
diff --git a/security/nss/lib/freebl/mpi/Makefile.win b/security/nss/lib/freebl/mpi/Makefile.win
deleted file mode 100644
index 1c403f4d3..000000000
--- a/security/nss/lib/freebl/mpi/Makefile.win
+++ /dev/null
@@ -1,277 +0,0 @@
-##
-## Makefile.win - gmake Makefile for building MPI with MSVC on NT
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-## Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-##
-## $Id$
-##
-
-## Define CC to be the C compiler you wish to use. The GNU cc
-## compiler (gcc) should work, at the very least
-#CC=cc
-#CC=gcc
-CC=cl.exe
-AS=ml.exe
-
-##
-## Define PERL to point to your local Perl interpreter. It
-## should be Perl 5.x, although it's conceivable that Perl 4
-## might work ... I haven't tested it.
-##
-#PERL=/usr/bin/perl
-PERL=perl
-
-##
-## Define CFLAGS to contain any local options your compiler
-## setup requires.
-##
-## Conditional compilation options are no longer here; see
-## the file 'mpi-config.h' instead.
-##
-MPICMN = -I. -DMP_API_COMPATIBLE -DMP_IOFUNC
-
-#NT
-AS_SRCS = mpi_x86.asm
-MPICMN += -DMP_ASSEMBLY_MULTIPLY -DMP_ASSEMBLY_SQUARE -DMP_ASSEMBLY_DIV_2DX1D
-#CFLAGS= -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC \
- -DDEBUG -D_DEBUG -UNDEBUG -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -O2 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-#CFLAGS = -Od -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-CFLAGS = -O2 -Z7 -MD -W3 -nologo -D_X86_ -DXP_PC -UDEBUG -U_DEBUG -DNDEBUG \
- -DWIN32 -D_WINDOWS -DWIN95 $(MPICMN)
-ASFLAGS = -Cp -Sn -Zi -coff -I.
-
-##
-## Define LIBS to include any libraries you need to link against.
-## If NO_TABLE is define, LIBS should include '-lm' or whatever is
-## necessary to bring in the math library. Otherwise, it can be
-## left alone, unless your system has other peculiar requirements.
-##
-LIBS=#-lmalloc#-lefence#-lm
-
-##
-## Define RANLIB to be the library header randomizer; you might not
-## need this on some systems (just set it to 'echo' on these systems,
-## such as IRIX)
-##
-RANLIB=echo
-
-##
-## This is the version string used for the documentation and
-## building the distribution tarball. Don't mess with it unless
-## you are releasing a new version
-VERS=1.7p6
-
-## ----------------------------------------------------------------------
-## You probably don't need to change anything below this line...
-##
-
-##
-## This is the list of source files that need to be packed into
-## the distribution file
-SRCS= mpi.c mpprime.c mplogic.c mpmontg.c mpi-test.c primes.c tests/ \
- utils/gcd.c utils/invmod.c utils/lap.c \
- utils/ptab.pl utils/sieve.c utils/isprime.c\
- utils/dec2hex.c utils/hex2dec.c utils/bbs_rand.c \
- utils/bbsrand.c utils/prng.c utils/primegen.c \
- utils/basecvt.c utils/makeprime.c\
- utils/fact.c utils/exptmod.c utils/pi.c utils/metime.c \
- utils/mpi.h utils/mpprime.h mulsqr.c \
- make-test-arrays test-arrays.txt all-tests make-logtab \
- types.pl stats timetest multest
-
-## These are the header files that go into the distribution file
-HDRS=mpi.h mpi-config.h utils/mpi.h utils/mpi-config.h mpprime.h mplogic.h \
- utils/bbs_rand.h tests/mpi.h tests/mpprime.h
-
-## These are the documentation files that go into the distribution file
-DOCS=README doc utils/README utils/PRIMES
-
-## This is the list of tools built by 'make tools'
-TOOLS=gcd.exe invmod.exe isprime.exe lap.exe dec2hex.exe hex2dec.exe \
- primegen.exe prng.exe basecvt.exe fact.exe exptmod.exe pi.exe makeprime.exe
-
-AS_OBJS = $(AS_SRCS:.asm=.obj)
-LIBOBJS = mpprime.obj mpmontg.obj mplogic.obj mpi.obj $(AS_OBJS)
-LIBHDRS = mpi-config.h mpi-priv.h mpi.h
-APPHDRS = mpi-config.h mpi.h mplogic.h mpprime.h
-
-
-help:
- @ echo ""
- @ echo "The following targets can be built with this Makefile:"
- @ echo ""
- @ echo "mpi.lib - arithmetic and prime testing library"
- @ echo "mpi-test - test driver (requires MP_IOFUNC)"
- @ echo "tools - command line tools"
- @ echo "doc - manual pages for tools"
- @ echo "clean - clean up objects and such"
- @ echo "distclean - get ready for distribution"
- @ echo "dist - distribution tarball"
- @ echo ""
-
-.SUFFIXES: .c .obj .i .lib .exe .asm
-
-.c.i:
- $(CC) $(CFLAGS) -E $< > $@
-
-.c.obj:
- $(CC) $(CFLAGS) -c $<
-
-.asm.obj:
- $(AS) $(ASFLAGS) -c $<
-
-.obj.exe:
- $(CC) $(CFLAGS) -Fo$@ $<
-
-#---------------------------------------
-
-$(LIBOBJS): $(LIBHDRS)
-
-logtab.h: make-logtab
- $(PERL) make-logtab > logtab.h
-
-mpi.obj: mpi.c logtab.h $(LIBHDRS)
-
-mplogic.obj: mplogic.c mpi-priv.h mplogic.h $(LIBHDRS)
-
-mpmontg.obj: mpmontg.c mpi-priv.h mplogic.h mpprime.h $(LIBHDRS)
-
-mpprime.obj: mpprime.c mpi-priv.h mpprime.h mplogic.h primes.c $(LIBHDRS)
-
-mpi_mips.obj: mpi_mips.s
- $(CC) -Fo$@ $(ASFLAGS) -c mpi_mips.s
-
-mpi.lib: $(LIBOBJS)
- ar -cvr mpi.lib $(LIBOBJS)
- $(RANLIB) mpi.lib
-
-lib libs: mpi.lib
-
-#---------------------------------------
-
-MPTESTOBJS = mptest1.obj mptest2.obj mptest3.obj mptest3a.obj mptest4.obj \
- mptest4a.obj mptest4b.obj mptest6.obj mptest7.obj mptest8.obj mptest9.obj
-MPTESTS = $(MPTESTOBJS:.obj=.exe)
-
-$(MPTESTOBJS): mptest%.obj: tests/mptest-%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-$(MPTESTS): mptest%.exe: mptest%.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-tests: mptest1.exe mptest2.exe mptest3.exe mptest3a.exe mptest4.exe \
- mptest4a.exe mptest4b.exe mptest6.exe bbsrand.exe
-
-utests: mptest7.exe mptest8.exe mptest9.exe
-
-#---------------------------------------
-
-EXTRAOBJS = bbsrand.obj bbs_rand.obj prng.obj
-UTILOBJS = primegen.obj metime.obj identest.obj basecvt.obj fact.obj \
- exptmod.obj pi.obj makeprime.obj karatsuba.obj gcd.obj invmod.obj lap.obj \
- isprime.obj dec2hex.obj hex2dec.obj
-UTILS = $(UTILOBJS:.obj=.exe)
-
-$(UTILS): %.exe : %.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-$(UTILOBJS) $(EXTRAOBJS): %.obj : utils/%.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-prng.exe: prng.obj bbs_rand.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-bbsrand.exe: bbsrand.obj bbs_rand.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-utils: $(UTILS) prng.exe bbsrand.exe
-
-#---------------------------------------
-
-test-info.c: test-arrays.txt
- $(PERL) make-test-arrays test-arrays.txt > test-info.c
-
-mpi-test.obj: mpi-test.c test-info.c $(LIBHDRS)
- $(CC) $(CFLAGS) -Fo$@ -c $<
-
-mpi-test.exe: mpi-test.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-mdxptest.obj: mdxptest.c $(LIBHDRS) mpi-priv.h
-
-mdxptest.exe: mdxptest.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-mulsqr.obj: mulsqr.c logtab.h mpi.h mpi-config.h mpprime.h
- $(CC) $(CFLAGS) -DMP_SQUARE=1 -Fo$@ -c mulsqr.c
-
-mulsqr.exe: mulsqr.obj mpi.lib $(LIBS)
- $(CC) $(CFLAGS) -Fo$@ $^
-
-#---------------------------------------
-
-alltests: tests utests mpi-test.exe
-
-tools: $(TOOLS)
-
-doc:
- (cd doc; ./build)
-
-clean:
- rm -f *.obj *.lib *.pdb *.ilk
- cd utils; rm -f *.obj *.lib *.pdb *.ilk
-
-distclean: clean
- rm -f mptest? mpi-test metime mulsqr karatsuba
- rm -f mptest?a mptest?b
- rm -f utils/mptest?
- rm -f test-info.c logtab.h
- rm -f mpi.lib
- rm -f $(TOOLS)
-
-dist: Makefile $(HDRS) $(SRCS) $(DOCS)
- tar -cvf mpi-$(VERS).tar Makefile $(HDRS) $(SRCS) $(DOCS)
- pgps -ab mpi-$(VERS).tar
- chmod +r mpi-$(VERS).tar.asc
- gzip -9 mpi-$(VERS).tar
-
-
-print:
- @echo LIBOBJS = $(LIBOBJS)
-# END
diff --git a/security/nss/lib/freebl/mpi/README b/security/nss/lib/freebl/mpi/README
deleted file mode 100644
index 3c5cbdaa6..000000000
--- a/security/nss/lib/freebl/mpi/README
+++ /dev/null
@@ -1,795 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
-All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-About the MPI Library
----------------------
-
-The files 'mpi.h' and 'mpi.c' define a simple, arbitrary precision
-signed integer arithmetic package. The implementation is not the most
-efficient possible, but the code is small and should be fairly easily
-portable to just about any machine that supports an ANSI C compiler,
-as long as it is capable of at least 16-bit arithmetic (but also see
-below for more on this).
-
-This library was written with an eye to cryptographic applications;
-thus, some care is taken to make sure that temporary values are not
-left lying around in memory when they are no longer in use. This adds
-some overhead for zeroing buffers before they are released back into
-the free pool; however, it gives you the assurance that there is only
-one copy of your important values residing in your process's address
-space at a time. Obviously, it is difficult to guarantee anything, in
-a pre-emptive multitasking environment, but this at least helps you
-keep a lid on the more obvious ways your data can get spread around in
-memory.
-
-
-Using the Library
------------------
-
-To use the MPI library in your program, you must include the header:
-
-#include "mpi.h"
-
-This header provides all the type and function declarations you'll
-need to use the library. Almost all the names defined by the library
-begin with the prefix 'mp_', so it should be easy to keep them from
-clashing with your program's namespace (he says, glibly, knowing full
-well there are always pathological cases).
-
-There are a few things you may want to configure about the library.
-By default, the MPI library uses an unsigned short for its digit type,
-and an unsigned int for its word type. The word type must be big
-enough to contain at least two digits, for the primitive arithmetic to
-work out. On my machine, a short is 2 bytes and an int is 4 bytes --
-but if you have 64-bit ints, you might want to use a 4-byte digit and
-an 8-byte word. I have tested the library using 1-byte digits and
-2-byte words, as well. Whatever you choose to do, the things you need
-to change are:
-
-(1) The type definitions for mp_digit and mp_word.
-
-(2) The macro DIGIT_FMT which tells mp_print() how to display a
- single digit. This is just a printf() format string, so you
- can adjust it appropriately.
-
-(3) The macros DIGIT_MAX and MP_WORD_MAX, which specify the
- largest value expressible in an mp_digit and an mp_word,
- respectively.
-
-Both the mp_digit and mp_word should be UNSIGNED integer types. The
-code relies on having the full positive precision of the type used for
-digits and words.
-
-The remaining type definitions should be left alone, for the most
-part. The code in the library does not make any significant
-assumptions about the sizes of things, but there is little if any
-reason to change the other parameters, so I would recommend you leave
-them as you found them.
-
-The library comes with a Perl script, 'types.pl', which will scan your
-current Makefile settings, and attempt to find good definitions for
-these types. It relies on a Unix sort of build environment, so it
-probably won't work under MacOS or Windows, but it can be convenient
-if you're porting to a new flavour of Unix. Just run 'types.pl' at
-the command line, and it will spit out its results to the standard
-output.
-
-
-Conventions
------------
-
-Most functions in the library return a value of type mp_err. This
-permits the library to communicate success or various kinds of failure
-to the calling program. The return values currently defined are:
-
- MP_OKAY - okay, operation succeeded, all's well
- MP_YES - okay, the answer is yes (same as MP_OKAY)
- MP_NO - okay, but answer is no (not MP_OKAY)
- MP_MEM - operation ran out of memory
- MP_RANGE - input parameter was out of range
- MP_BADARG - an invalid input parameter was provided
- MP_UNDEF - no output value is defined for this input
-
-The only function which currently uses MP_UNDEF is mp_invmod().
-Division by zero is undefined, but the division functions will return
-MP_RANGE for a zero divisor. MP_BADARG usually means you passed a
-bogus mp_int structure to the function. MP_YES and MP_NO are not used
-by the library itself; they're defined so you can use them in your own
-extensions.
-
-If you need a readable interpretation of these error codes in your
-program, you may also use the mp_strerror() function. This function
-takes an mp_err as input, and returns a pointer to a human-readable
-string describing the meaning of the error. These strings are stored
-as constants within the library, so the caller should not attempt to
-modify or free the memory associated with these strings.
-
-The library represents values in signed-magnitude format. Values
-strictly less than zero are negative, all others are considered
-positive (zero is positive by fiat). You can access the 'sign' member
-of the mp_int structure directly, but better is to use the mp_cmp_z()
-function, to find out which side of zero the value lies on.
-
-Most arithmetic functions have a single-digit variant, as well as the
-full arbitrary-precision. An mp_digit is an unsigned value between 0
-and DIGIT_MAX inclusive. The radix is available as RADIX. The number
-of bits in a given digit is given as DIGIT_BIT.
-
-Generally, input parameters are given before output parameters.
-Unless otherwise specified, any input parameter can be re-used as an
-output parameter, without confusing anything.
-
-The basic numeric type defined by the library is an mp_int. Virtually
-all the functions in the library take a pointer to an mp_int as one of
-their parameters. An explanation of how to create and use these
-<HR>
-<A NAME="p23">
-<H3>Problem 23:</H3>
-
-structures follows. And so, without further ado...
-
-
-Initialization and Cleanup
---------------------------
-
-The basic numeric type defined by the library is an 'mp_int'.
-However, it is not sufficient to simply declare a variable of type
-mp_int in your program. These variables also need to be initialized
-before they can be used, to allocate the internal storage they require
-for computation.
-
-This is done using one of the following functions:
-
- mp_init(mp_int *mp);
- mp_init_copy(mp_int *mp, mp_int *from);
- mp_init_size(mp_int *mp, mp_size p);
-
-Each of these requires a pointer to a structure of type mp_int. The
-basic mp_init() simply initializes the mp_int to a default size, and
-sets its value to zero. If you would like to initialize a copy of an
-existing mp_int, use mp_init_copy(), where the 'from' parameter is the
-mp_int you'd like to make a copy of. The third function,
-mp_init_size(), permits you to specify how many digits of precision
-should be preallocated for your mp_int. This can help the library
-avoid unnecessary re-allocations later on.
-
-The default precision used by mp_init() can be retrieved using:
-
- precision = mp_get_prec();
-
-This returns the number of digits that will be allocated. You can
-change this value by using:
-
- mp_set_prec(unsigned int prec);
-
-Any positive value is acceptable -- if you pass zero, the default
-precision will be re-set to the compiled-in library default (this is
-specified in the header file 'mpi-config.h', and typically defaults to
-8 or 16).
-
-Just as you must allocate an mp_int before you can use it, you must
-clean up the structure when you are done with it. This is performed
-using the mp_clear() function. Remember that any mp_int that you
-create as a local variable in a function must be mp_clear()'d before
-that function exits, or else the memory allocated to that mp_int will
-be orphaned and unrecoverable.
-
-To set an mp_int to a given value, the following functions are given:
-
- mp_set(mp_int *mp, mp_digit d);
- mp_set_int(mp_int *mp, long z);
-
-The mp_set() function sets the mp_int to a single digit value, while
-mp_set_int() sets the mp_int to a signed long integer value.
-
-To set an mp_int to zero, use:
-
- mp_zero(mp_int *mp);
-
-
-Copying and Moving
-------------------
-
-If you have two initialized mp_int's, and you want to copy the value
-of one into the other, use:
-
- mp_copy(from, to)
-
-This takes care of clearing the old value of 'to', and copies the new
-value into it. If 'to' is not yet initialized, use mp_init_copy()
-instead (see above).
-
-Note: The library tries, whenever possible, to avoid allocating
----- new memory. Thus, mp_copy() tries first to satisfy the needs
- of the copy by re-using the memory already allocated to 'to'.
- Only if this proves insufficient will mp_copy() actually
- allocate new memory.
-
- For this reason, if you know a priori that 'to' has enough
- available space to hold 'from', you don't need to check the
- return value of mp_copy() for memory failure. The USED()
- macro tells you how many digits are used by an mp_int, and
- the ALLOC() macro tells you how many are allocated.
-
-If you have two initialized mp_int's, and you want to exchange their
-values, use:
-
- mp_exch(a, b)
-
-This is better than using mp_copy() with a temporary, since it will
-not (ever) touch the memory allocator -- it just swaps the exact
-contents of the two structures. The mp_exch() function cannot fail;
-if you pass it an invalid structure, it just ignores it, and does
-nothing.
-
-
-Basic Arithmetic
-----------------
-
-Once you have initialized your integers, you can operate on them. The
-basic arithmetic functions on full mp_int values are:
-
-mp_add(a, b, c) - computes c = a + b
-mp_sub(a, b, c) - computes c = a - b
-mp_mul(a, b, c) - computes c = a * b
-mp_sqr(a, b) - computes b = a * a
-mp_div(a, b, q, r) - computes q, r such that a = bq + r
-mp_div_2d(a, d, q, r) - computes q = a / 2^d, r = a % 2^d
-mp_expt(a, b, c) - computes c = a ** b
-mp_2expt(a, k) - computes a = 2^k
-mp_sqrt(a, c) - computes c = floor(sqrt(a))
-
-The mp_div_2d() function efficiently computes division by powers of
-two. Either the q or r parameter may be NULL, in which case that
-portion of the computation will be discarded.
-
-The algorithms used for some of the computations here are described in
-the following files which are included with this distribution:
-
-mul.txt Describes the multiplication algorithm
-div.txt Describes the division algorithm
-expt.txt Describes the exponentiation algorithm
-sqrt.txt Describes the square-root algorithm
-square.txt Describes the squaring algorithm
-
-There are single-digit versions of most of these routines, as well.
-In the following prototypes, 'd' is a single mp_digit:
-
-mp_add_d(a, d, c) - computes c = a + d
-mp_sub_d(a, d, c) - computes c = a - d
-mp_mul_d(a, d, c) - computes c = a * d
-mp_mul_2(a, c) - computes c = a * 2
-mp_div_d(a, d, q, r) - computes q, r such that a = bq + r
-mp_div_2(a, c) - computes c = a / 2
-mp_expt_d(a, d, c) - computes c = a ** d
-
-The mp_mul_2() and mp_div_2() functions take advantage of the internal
-representation of an mp_int to do multiplication by two more quickly
-than mp_mul_d() would. Other basic functions of an arithmetic variety
-include:
-
-mp_zero(a) - assign 0 to a
-mp_neg(a, c) - negate a: c = -a
-mp_abs(a, c) - absolute value: c = |a|
-
-
-Comparisons
------------
-
-Several comparison functions are provided. Each of these, unless
-otherwise specified, returns zero if the comparands are equal, < 0 if
-the first is less than the second, and > 0 if the first is greater
-than the second:
-
-mp_cmp_z(a) - compare a <=> 0
-mp_cmp_d(a, d) - compare a <=> d, d is a single digit
-mp_cmp(a, b) - compare a <=> b
-mp_cmp_mag(a, b) - compare |a| <=> |b|
-mp_cmp_int(a, z) - compare a <=> z, z is a signed long integer
-mp_isodd(a) - return nonzero if odd, zero otherwise
-mp_iseven(a) - return nonzero if even, zero otherwise
-
-
-Modular Arithmetic
-------------------
-
-Modular variations of the basic arithmetic functions are also
-supported. These are available if the MP_MODARITH parameter in
-mpi-config.h is turned on (it is by default). The modular arithmetic
-functions are:
-
-mp_mod(a, m, c) - compute c = a (mod m), 0 <= c < m
-mp_mod_d(a, d, c) - compute c = a (mod d), 0 <= c < d (see below)
-mp_addmod(a, b, m, c) - compute c = (a + b) mod m
-mp_submod(a, b, m, c) - compute c = (a - b) mod m
-mp_mulmod(a, b, m, c) - compute c = (a * b) mod m
-mp_sqrmod(a, m, c) - compute c = (a * a) mod m
-mp_exptmod(a, b, m, c) - compute c = (a ** b) mod m
-mp_exptmod_d(a, d, m, c)- compute c = (a ** d) mod m
-
-The mp_sqr() function squares its input argument. A call to mp_sqr(a,
-c) is identical in meaning to mp_mul(a, a, c); however, if the
-MP_SQUARE variable is set true in mpi-config.h (see below), then it
-will be implemented with a different algorithm, that is supposed to
-take advantage of the redundant computation that takes place during
-squaring. Unfortunately, some compilers result in worse performance
-on this code, so you can change the behaviour at will. There is a
-utility program "mulsqr.c" that lets you test which does better on
-your system.
-
-The mp_sqrmod() function is analogous to the mp_sqr() function; it
-uses the mp_sqr() function rather than mp_mul(), and then performs the
-modular reduction. This probably won't help much unless you are doing
-a lot of them.
-
-See the file 'square.txt' for a synopsis of the algorithm used.
-
-Note: The mp_mod_d() function computes a modular reduction around
----- a single digit d. The result is a single digit c.
-
-Because an inverse is defined for a (mod m) if and only if (a, m) = 1
-(that is, if a and m are relatively prime), mp_invmod() may not be
-able to compute an inverse for the arguments. In this case, it
-returns the value MP_UNDEF, and does not modify c. If an inverse is
-defined, however, it returns MP_OKAY, and sets c to the value of the
-inverse (mod m).
-
-See the file 'redux.txt' for a description of the modular reduction
-algorithm used by mp_exptmod().
-
-
-Greatest Common Divisor
------------------------
-
-If The greates common divisor of two values can be found using one of the
-following functions:
-
-mp_gcd(a, b, c) - compute c = (a, b) using binary algorithm
-mp_lcm(a, b, c) - compute c = [a, b] = ab / (a, b)
-mp_xgcd(a, b, g, x, y) - compute g, x, y so that ax + by = g = (a, b)
-
-Also provided is a function to compute modular inverses, if they
-exist:
-
-mp_invmod(a, m, c) - compute c = a^-1 (mod m), if it exists
-
-The function mp_xgcd() computes the greatest common divisor, and also
-returns values of x and y satisfying Bezout's identity. This is used
-by mp_invmod() to find modular inverses. However, if you do not need
-these values, you will find that mp_gcd() is MUCH more efficient,
-since it doesn't need all the intermediate values that mp_xgcd()
-requires in order to compute x and y.
-
-The mp_gcd() (and mp_xgcd()) functions use the binary (extended) GCD
-algorithm due to Josef Stein.
-
-
-Input & Output Functions
-------------------------
-
-The following basic I/O routines are provided. These are present at
-all times:
-
-mp_read_radix(mp, str, r) - convert a string in radix r to an mp_int
-mp_read_raw(mp, s, len) - convert a string of bytes to an mp_int
-mp_radix_size(mp, r) - return length of buffer needed by mp_toradix()
-mp_raw_size(mp) - return length of buffer needed by mp_toraw()
-mp_toradix(mp, str, r) - convert an mp_int to a string of radix r
- digits
-mp_toraw(mp, str) - convert an mp_int to a string of bytes
-mp_tovalue(ch, r) - convert ch to its value when taken as
- a radix r digit, or -1 if invalid
-mp_strerror(err) - get a string describing mp_err value 'err'
-
-If you compile the MPI library with MP_IOFUNC defined, you will also
-have access to the following additional I/O function:
-
-mp_print(mp, ofp) - print an mp_int as text to output stream ofp
-
-Note that mp_radix_size() returns a size in bytes guaranteed to be AT
-LEAST big enough for the digits output by mp_toradix(). Because it
-uses an approximation technique to figure out how many digits will be
-needed, it may return a figure which is larger than necessary. Thus,
-the caller should not rely on the value to determine how many bytes
-will actually be written by mp_toradix(). The string mp_toradix()
-creates will be NUL terminated, so the standard C library function
-strlen() should be able to ascertain this for you, if you need it.
-
-The mp_read_radix() and mp_toradix() functions support bases from 2 to
-64 inclusive. If you require more general radix conversion facilities
-than this, you will need to write them yourself (that's why mp_div_d()
-is provided, after all).
-
-Note: mp_read_radix() will accept as digits either capital or
----- lower-case letters. However, the current implementation of
- mp_toradix() only outputs upper-case letters, when writing
- bases betwee 10 and 36. The underlying code supports using
- lower-case letters, but the interface stub does not have a
- selector for it. You can add one yourself if you think it
- is worthwhile -- I do not. Bases from 36 to 64 use lower-
- case letters as distinct from upper-case. Bases 63 and
- 64 use the characters '+' and '/' as digits.
-
- Note also that compiling with MP_IOFUNC defined will cause
- inclusion of <stdio.h>, so if you are trying to write code
- which does not depend on the standard C library, you will
- probably want to avoid this option. This is needed because
- the mp_print() function takes a standard library FILE * as
- one of its parameters, and uses the fprintf() function.
-
-The mp_toraw() function converts the integer to a sequence of bytes,
-in big-endian ordering (most-significant byte first). Assuming your
-bytes are 8 bits wide, this corresponds to base 256. The sign is
-encoded as a single leading byte, whose value is 0 for zero or
-positive values, or 1 for negative values. The mp_read_raw() function
-reverses this process -- it takes a buffer of bytes, interprets the
-first as a sign indicator (0 = zero/positive, nonzero = negative), and
-the rest as a sequence of 1-byte digits in big-endian ordering.
-
-The mp_raw_size() function returns the exact number of bytes required
-to store the given integer in "raw" format (as described in the
-previous paragraph). Zero is returned in case of error; a valid
-integer will require at least three bytes of storage.
-
-In previous versions of the MPI library, an "external representation
-format" was supported. This was removed, however, because I found I
-was never using it, it was not as portable as I would have liked, and
-I decided it was a waste of space.
-
-
-Other Functions
----------------
-
-The files 'mpprime.h' and 'mpprime.c' define some routines which are
-useful for divisibility testing and probabilistic primality testing.
-The routines defined are:
-
-mpp_divis(a, b) - is a divisible by b?
-mpp_divis_d(a, d) - is a divisible by digit d?
-mpp_random(a) - set a to random value at current precision
-mpp_random_size(a, prec) - set a to random value at given precision
-
-Note: The mpp_random() and mpp_random_size() functions use the C
----- library's rand() function to generate random values. It is
- up to the caller to seed this generator before it is called.
- These functions are not suitable for generating quantities
- requiring cryptographic-quality randomness; they are intended
- primarily for use in primality testing.
-
- Note too that the MPI library does not call srand(), so your
- application should do this, if you ever want the sequence
- to change.
-
-mpp_divis_vector(a, v, s, w) - is a divisible by any of the s digits
- in v? If so, let w be the index of
- that digit
-
-mpp_divis_primes(a, np) - is a divisible by any of the first np
- primes? If so, set np to the prime
- which divided a.
-
-mpp_fermat(a, d) - test if w^a = w (mod a). If so,
- returns MP_YES, otherwise MP_NO.
-
-mpp_pprime(a, nt) - perform nt iterations of the Rabin-
- Miller probabilistic primality test
- on a. Returns MP_YES if all tests
- passed, or MP_NO if any test fails.
-
-The mpp_fermat() function works based on Fermat's little theorem, a
-consequence of which is that if p is a prime, and (w, p) = 1, then:
-
- w^p = w (mod p)
-
-Put another way, if w^p != w (mod p), then p is not prime. The test
-is expensive to compute, but it helps to quickly eliminate an enormous
-class of composite numbers prior to Rabin-Miller testing.
-
-Building the Library
---------------------
-
-The MPI library is designed to be as self-contained as possible. You
-should be able to compile it with your favourite ANSI C compiler, and
-link it into your program directly. If you are on a Unix system using
-the GNU C compiler (gcc), the following should work:
-
-% gcc -ansi -pedantic -Wall -O2 -c mpi.c
-
-The file 'mpi-config.h' defines several configurable parameters for
-the library, which you can adjust to suit your application. At the
-time of this writing, the available options are:
-
-MP_IOFUNC - Define true to include the mp_print() function,
- which is moderately useful for debugging. This
- implicitly includes <stdio.h>.
-
-MP_MODARITH - Define true to include the modular arithmetic
- functions. If you don't need modular arithmetic
- in your application, you can set this to zero to
- leave out all the modular routines.
-
-MP_NUMTH - Define true to include number theoretic functions
- such as mp_gcd(), mp_lcm(), and mp_invmod().
-
-MP_LOGTAB - If true, the file "logtab.h" is included, which
- is basically a static table of base 2 logarithms.
- These are used to compute how big the buffers for
- radix conversion need to be. If you set this false,
- the library includes <math.h> and uses log(). This
- typically forces you to link against math libraries.
-
-MP_MEMSET - If true, use memset() to zero buffers. If you run
- into weird alignment related bugs, set this to zero
- and an explicit loop will be used.
-
-MP_MEMCPY - If true, use memcpy() to copy buffers. If you run
- into weird alignment bugs, set this to zero and an
- explicit loop will be used.
-
-MP_CRYPTO - If true, whenever arrays of digits are free'd, they
- are zeroed first. This is useful if you're using
- the library in a cryptographic environment; however,
- it does add overhead to each free operation. For
- performance, if you don't care about zeroing your
- buffers, set this to false.
-
-MP_ARGCHK - Set to 0, 1, or 2. This defines how the argument
- checking macro, ARGCHK(), gets expanded. If this
- is set to zero, ARGCHK() expands to nothing; no
- argument checks are performed. If this is 1, the
- ARGCHK() macro expands to code that returns MP_BADARG
- or similar at runtime. If it is 2, ARGCHK() expands
- to an assert() call that aborts the program on a
- bad input.
-
-MP_DEBUG - Turns on debugging output. This is probably not at
- all useful unless you are debugging the library. It
- tends to spit out a LOT of output.
-
-MP_DEFPREC - The default precision of a newly-created mp_int, in
- digits. The precision can be changed at runtime by
- the mp_set_prec() function, but this is its initial
- value.
-
-MP_SQUARE - If this is set to a nonzero value, the mp_sqr()
- function will use an alternate algorithm that takes
- advantage of the redundant inner product computation
- when both multiplicands are identical. Unfortunately,
- with some compilers this is actually SLOWER than just
- calling mp_mul() with the same argument twice. So
- if you set MP_SQUARE to zero, mp_sqr() will be expan-
- ded into a call to mp_mul(). This applies to all
- the uses of mp_sqr(), including mp_sqrmod() and the
- internal calls to s_mp_sqr() inside mpi.c
-
- The program 'mulsqr' (mulsqr.c) can be used to test
- which works best for your configuration. Set up the
- CC and CFLAGS variables in the Makefile, then type:
-
- make mulsqr
-
- Invoke it with arguments similar to the following:
-
- mulsqr 25000 1024
-
- That is, 25000 products computed on 1024-bit values.
- The output will compare the two timings, and recommend
- a setting for MP_SQUARE. It is off by default.
-
-If you would like to use the mp_print() function (see above), be sure
-to define MP_IOFUNC in mpi-config.h. Many of the test drivers in the
-'tests' subdirectory expect this to be defined (although the test
-driver 'mpi-test' doesn't need it)
-
-The Makefile which comes with the library should take care of building
-the library for you, if you have set the CC and CFLAGS variables at
-the top of the file appropriately. By default, they are set up to
-use the GNU C compiler:
-
-CC=gcc
-CFLAGS=-ansi -pedantic -Wall -O2
-
-If all goes well, the library should compile without warnings using
-this combination. You should, of course, make whatever adjustments
-you find necessary.
-
-The MPI library distribution comes with several additional programs
-which are intended to demonstrate the use of the library, and provide
-a framework for testing it. There are a handful of test driver
-programs, in the files named 'mptest-X.c', where X is a digit. Also,
-there are some simple command-line utilities (in the 'utils'
-directory) for manipulating large numbers. These include:
-
-basecvt.c A radix-conversion program, supporting bases from
- 2 to 64 inclusive.
-
-bbsrand.c A BBS (quadratic residue) pseudo-random number
- generator. The file 'bbsrand.c' is just the driver
- for the program; the real code lives in the files
- 'bbs_rand.h' and 'bbs_rand.c'
-
-dec2hex.c Converts decimal to hexadecimal
-
-gcd.c Computes the greatest common divisor of two values.
- If invoked as 'xgcd', also computes constants x and
- y such that (a, b) = ax + by, in accordance with
- Bezout's identity.
-
-hex2dec.c Converts hexadecimal to decimal
-
-invmod.c Computes modular inverses
-
-isprime.c Performs the Rabin-Miller probabilistic primality
- test on a number. Values which fail this test are
- definitely composite, and those which pass are very
- likely to be prime (although there are no guarantees)
-
-lap.c Computes the order (least annihilating power) of
- a value v modulo m. Very dumb algorithm.
-
-primegen.c Generates large (probable) primes.
-
-prng.c A pseudo-random number generator based on the
- BBS generator code in 'bbs_rand.c'
-
-sieve.c Implements the Sieve of Eratosthenes, using a big
- bitmap, to generate a list of prime numbers.
-
-fact.c Computes the factorial of an arbitrary precision
- integer (iterative).
-
-exptmod.c Computes arbitrary precision modular exponentiation
- from the command line (exptmod a b m -> a^b (mod m))
-
-Most of these can be built from the Makefile that comes with the
-library. Try 'make tools', if your environment supports it. (If you
-are compiling on a Macintosh, I'm afraid you'll have to build them by
-hand -- fortunately, this is not difficult -- the library itself
-should compile just fine under Metrowerks CodeWarrior).
-
-
-Testing the Library
--------------------
-
-Automatic test vectors are included, in the form of a program called
-'mpi-test'. To build this program and run all the tests, simply
-invoke the shell script 'all-tests'. If all the tests pass, you
-should see a message:
-
- All tests passed
-
-If something went wrong, you'll get:
-
- One or more tests failed.
-
-If this happens, scan back through the preceding lines, to see which
-test failed. Any failure indicates a bug in the library, which needs
-to be fixed before it will give accurate results. If you get any such
-thing, please let me know, and I'll try to fix it. Please let me know
-what platform and compiler you were using, as well as which test
-failed. If a reason for failure was given, please send me that text
-as well.
-
-If you're on a system such as the Macintosh, where the standard Unix
-build tools don't work, you can build the 'mpi-test' program manually,
-and run it by hand. This is tedious and obnoxious, sorry.
-
-Further manual testing can be performed by building the manual testing
-programs, whose source is found in the 'tests' subdirectory. Each
-test is in a source file called 'mptest-X.c'. The Makefile contains a
-target to build all of them at once:
-
- make tests
-
-Read the comments at the top of each source file to see what the
-driver is supposed to test. You probably don't need to do this; these
-programs were only written to help me as I was developing the library.
-
-The relevant files are:
-
-mpi-test.c The source for the test driver
-
-make-test-arrays A Perl script to generate some of the internal
- data structures used by mpi-test.c
-
-test-arrays.txt The source file for make-test-arrays
-
-all-tests A Bourne shell script which runs all the
- tests in the mpi-test suite
-
-Running 'make mpi-test' should build the mpi-test program. If you
-cannot use make, here is what needs to be done:
-
-(1) Use 'make-test-arrays' to generate the file 'test-info.c' from
- the 'test-arrays.txt' file. Since Perl can be found everywhere,
- even on the Macintosh, this should be no trouble. Under Unix,
- this looks like:
-
- make-test-arrays test-arrays.txt > test-info.c
-
-(2) Build the MPI library:
-
- gcc -ansi -pedantic -Wall -c mpi.c
-
-(3) Build the mpi-test program:
-
- gcc -ansi -pedantic -Wall -o mpi-test mpi.o mpi-test.c
-
-When you've got mpi-test, you can use 'all-tests' to run all the tests
-made available by mpi-test. If any of them fail, there should be a
-diagnostic indicating what went wrong. These are fairly high-level
-diagnostics, and won't really help you debug the problem; they're
-simply intended to help you isolate which function caused the problem.
-If you encounter a problem of this sort, feel free to e-mail me, and I
-will certainly attempt to help you debug it.
-
-Note: Several of the tests hard-wired into 'mpi-test' operate under
----- the assumption that you are using at least a 16-bit mp_digit
- type. If that is not true, several tests might fail, because
- of range problems with the maximum digit value.
-
- If you are using an 8-bit digit, you will also need to
- modify the code for mp_read_raw(), which assumes that
- multiplication by 256 can be done with mp_mul_d(), a
- fact that fails when DIGIT_MAX is 255. You can replace
- the call with s_mp_lshd(), which will give you the same
- effect, and without doing as much work. :)
-
-Acknowledgements:
-----------------
-
-The algorithms used in this library were drawn primarily from Volume
-2 of Donald Knuth's magnum opus, _The Art of Computer Programming_,
-"Semi-Numerical Methods". Barrett's algorithm for modular reduction
-came from Menezes, Oorschot, and Vanstone's _Handbook of Applied
-Cryptography_, Chapter 14.
-
-Thanks are due to Tom St. Denis, for finding an obnoxious sign-related
-bug in mp_read_raw() that made things break on platforms which use
-signed chars.
-
-About the Author
-----------------
-
-This software was written by Michael J. Fromberger. You can contact
-the author as follows:
-
-E-mail: <sting@linguist.dartmouth.edu>
-
-Postal: 8000 Cummings Hall, Thayer School of Engineering
- Dartmouth College, Hanover, New Hampshire, USA
-
-PGP key: http://linguist.dartmouth.edu/~sting/keys/mjf.html
- 9736 188B 5AFA 23D6 D6AA BE0D 5856 4525 289D 9907
-
-Last updated: 16-Jan-2000
diff --git a/security/nss/lib/freebl/mpi/all-tests b/security/nss/lib/freebl/mpi/all-tests
deleted file mode 100755
index fa60e95ed..000000000
--- a/security/nss/lib/freebl/mpi/all-tests
+++ /dev/null
@@ -1,112 +0,0 @@
-#!/bin/sh
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
-## All Rights Reserved.
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-
-ECHO=/bin/echo
-MAKE=gmake
-
-$ECHO "\n** Running unit tests for MPI library\n"
-
-# Build the mpi-test program, which comprises all the unit tests for
-# the MPI library...
-
-$ECHO "Bringing mpi-test up to date ... "
-if $MAKE mpi-test ; then
- :
-else
- $ECHO " "
- $ECHO "Make failed to build mpi-test."
- $ECHO " "
- exit 1
-fi
-
-if [ ! -x mpi-test ] ; then
- $ECHO " "
- $ECHO "Cannot find 'mpi-test' program, testing cannot continue."
- $ECHO " "
- exit 1
-fi
-
-# Get the list of available test suites...
-tests=`mpi-test list | awk '{print $1}'`
-errs=0
-
-# Run each test suite and check the result code of mpi-test
-for test in $tests ; do
- $ECHO "$test ... \c"
- if mpi-test $test ; then
- $ECHO "passed"
- else
- $ECHO "FAILED"
- errs=1
- fi
-done
-
-# If any tests failed, we'll stop at this point
-if [ "$errs" = "0" ] ; then
- $ECHO "All unit tests passed"
-else
- $ECHO "One or more tests failed"
- exit 1
-fi
-
-# Now try to build the 'pi' program, and see if it can compute the
-# first thousand digits of pi correctly
-$ECHO "\n** Running other tests\n"
-
-$ECHO "Bringing 'pi' up to date ... "
-if $MAKE pi ; then
- :
-else
- $ECHO "\nMake failed to build pi.\n"
- exit 1
-fi
-
-if [ ! -x pi ] ; then
- $ECHO "\nCannot find 'pi' program; testing cannot continue.\n"
- exit 1
-fi
-
-./pi 2000 > /tmp/pi.tmp.$$
-if cmp tests/pi2k.txt /tmp/pi.tmp.$$ ; then
- $ECHO "Okay! The pi test passes."
-else
- $ECHO "Oops! The pi test failed. :("
- exit 1
-fi
-
-rm -f /tmp/pi.tmp.$$
-
-exit 0
-
-# Here there be dragons
diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE b/security/nss/lib/freebl/mpi/doc/LICENSE
deleted file mode 100644
index 35cca68ce..000000000
--- a/security/nss/lib/freebl/mpi/doc/LICENSE
+++ /dev/null
@@ -1,11 +0,0 @@
-Within this directory, each of the file listed below is licensed under
-the terms given in the file LICENSE-MPL, also in this directory.
-
-basecvt.pod
-gcd.pod
-invmod.pod
-isprime.pod
-lap.pod
-mpi-test.pod
-prime.txt
-prng.pod
diff --git a/security/nss/lib/freebl/mpi/doc/LICENSE-MPL b/security/nss/lib/freebl/mpi/doc/LICENSE-MPL
deleted file mode 100644
index 9ff410e4b..000000000
--- a/security/nss/lib/freebl/mpi/doc/LICENSE-MPL
+++ /dev/null
@@ -1,32 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation. Portions created by Netscape are
-Copyright (C) 1994-2000 Netscape Communications Corporation. All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/basecvt.pod b/security/nss/lib/freebl/mpi/doc/basecvt.pod
deleted file mode 100644
index 5c072ccd6..000000000
--- a/security/nss/lib/freebl/mpi/doc/basecvt.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=head1 NAME
-
- basecvt - radix conversion for arbitrary precision integers
-
-=head1 SYNOPSIS
-
- basecvt <ibase> <obase> [values]
-
-=head1 DESCRIPTION
-
-The B<basecvt> program is a command-line tool for converting integers
-of arbitrary precision from one radix to another. The current version
-supports radix values from 2 (binary) to 64, inclusive. The first two
-command line arguments specify the input and output radix, in base 10.
-Any further arguments are taken to be integers notated in the input
-radix, and these are converted to the output radix. The output is
-written, one integer per line, to standard output.
-
-When reading integers, only digits considered "valid" for the input
-radix are considered. Processing of an integer terminates when an
-invalid input digit is encountered. So, for example, if you set the
-input radix to 10 and enter '10ACF', B<basecvt> would assume that you
-had entered '10' and ignore the rest of the string.
-
-If no values are provided, no output is written, but the program
-simply terminates with a zero exit status. Error diagnostics are
-written to standard error in the event of out-of-range radix
-specifications. Regardless of the actual values of the input and
-output radix, the radix arguments are taken to be in base 10 (decimal)
-notation.
-
-=head1 DIGITS
-
-For radices from 2-10, standard ASCII decimal digits 0-9 are used for
-both input and output. For radices from 11-36, the ASCII letters A-Z
-are also included, following the convention used in hexadecimal. In
-this range, input is accepted in either upper or lower case, although
-on output only lower-case letters are used.
-
-For radices from 37-62, the output includes both upper- and lower-case
-ASCII letters, and case matters. In this range, case is distinguished
-both for input and for output values.
-
-For radices 63 and 64, the characters '+' (plus) and '/' (forward
-solidus) are also used. These are derived from the MIME base64
-encoding scheme. The overall encoding is not the same as base64,
-because the ASCII digits are used for the bottom of the range, and the
-letters are shifted upward; however, the output will consist of the
-same character set.
-
-This input and output behaviour is inherited from the MPI library used
-by B<basecvt>, and so is not configurable at runtime.
-
-=head1 SEE ALSO
-
- dec2hex(1), hex2dec(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
diff --git a/security/nss/lib/freebl/mpi/doc/build b/security/nss/lib/freebl/mpi/doc/build
deleted file mode 100755
index 5b6f921fc..000000000
--- a/security/nss/lib/freebl/mpi/doc/build
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/sh
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-## Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-## $Id$
-##
-
-VERS="1.7p6"
-SECT="1"
-NAME="MPI Tools"
-
-echo "Building manual pages ..."
-case $# in
- 0)
- files=`ls *.pod`
- ;;
- *)
- files=$*
- ;;
-esac
-
-for name in $files
-do
- echo -n "$name ... "
-# sname=`noext $name`
- sname=`basename $name .pod`
- pod2man --section="$SECT" --center="$NAME" --release="$VERS" $name > $sname.$SECT
- echo "(done)"
-done
-
-echo "Finished building."
-
diff --git a/security/nss/lib/freebl/mpi/doc/div.txt b/security/nss/lib/freebl/mpi/doc/div.txt
deleted file mode 100644
index b1ca744e1..000000000
--- a/security/nss/lib/freebl/mpi/doc/div.txt
+++ /dev/null
@@ -1,96 +0,0 @@
-Division
-
-This describes the division algorithm used by the MPI library.
-
-Input: a, b; a > b
-Compute: Q, R; a = Qb + R
-
-The input numbers are normalized so that the high-order digit of b is
-at least half the radix. This guarantees that we have a reasonable
-way to guess at the digits of the quotient (this method was taken from
-Knuth, vol. 2, with adaptations).
-
-To normalize, test the high-order digit of b. If it is less than half
-the radix, multiply both a and b by d, where:
-
- radix - 1
- d = -----------
- bmax + 1
-
-...where bmax is the high-order digit of b. Otherwise, set d = 1.
-
-Given normalize values for a and b, let the notation a[n] denote the
-nth digit of a. Let #a be the number of significant figures of a (not
-including any leading zeroes).
-
- Let R = 0
- Let p = #a - 1
-
- while(p >= 0)
- do
- R = (R * radix) + a[p]
- p = p - 1
- while(R < b and p >= 0)
-
- if(R < b)
- break
-
- q = (R[#R - 1] * radix) + R[#R - 2]
- q = q / b[#b - 1]
-
- T = b * q
-
- while(T > L)
- q = q - 1
- T = T - b
- endwhile
-
- L = L - T
-
- Q = (Q * radix) + q
-
- endwhile
-
-At this point, Q is the quotient, and R is the normalized remainder.
-To denormalize R, compute:
-
- R = (R / d)
-
-At this point, you are finished.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/expt.txt b/security/nss/lib/freebl/mpi/doc/expt.txt
deleted file mode 100644
index 4c12eb2af..000000000
--- a/security/nss/lib/freebl/mpi/doc/expt.txt
+++ /dev/null
@@ -1,127 +0,0 @@
-Exponentiation
-
-For exponentiation, the MPI library uses a simple and fairly standard
-square-and-multiply method. The algorithm is this:
-
-Input: a, b
-Output: a ** b
-
- s = 1
-
- while(b != 0)
- if(b is odd)
- s = s * a
- endif
-
- b = b / 2
-
- x = x * x
- endwhile
-
- return s
-
-The modular exponentiation is done the same way, except replacing:
-
- s = s * a
-
-with
- s = (s * a) mod m
-
-and replacing
-
- x = x * x
-
-with
-
- x = (x * x) mod m
-
-Here is a sample exponentiation using the MPI library, as compared to
-the same problem solved by the Unix 'bc' program on my system:
-
-Computation of 2,381,283 ** 235
-
-'bc' says:
-
-4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\
-4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\
-6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\
-4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\
-6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\
-FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\
-CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\
-5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\
-CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\
-49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\
-5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\
-A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\
-D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\
-92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\
-A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\
-AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\
-E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\
-1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\
-CFFF2E1AC93F3CA264A1B
-
-MPI says:
-
-4385CA4A804D199FBEAD95FAD0796FAD0D0B51FC9C16743C45568C789666985DB719\
-4D90E393522F74C9601262C0514145A49F3B53D00983F95FDFCEA3D0043ECEF6227E\
-6FB59C924C3EE74447B359B5BF12A555D46CB819809EF423F004B55C587D6F0E8A55\
-4988036A42ACEF9F71459F97CEF6E574BD7373657111648626B1FF8EE15F663B2C0E\
-6BBE5082D4CDE8E14F263635AE8F35DB2C280819517BE388B5573B84C5A19C871685\
-FD408A6471F9D6AFAF5129A7548EAE926B40874B340285F44765BF5468CE20A13267\
-CD88CE6BC786ACED36EC7EA50F67FF27622575319068A332C3C0CB23E26FB55E26F4\
-5F732753A52B8E2FB4D4F42D894242613CA912A25486C3DEC9C66E5DB6182F6C1761\
-CF8CD0D255BE64B93836B27D452AE38F950EB98B517D4CF50D48F0165EF0CCCE1F5C\
-49BF18219FDBA0EEDD1A7E8B187B70C2BAED5EC5C6821EF27FAFB1CFF70111C52235\
-5E948B93A015AA1AE152B110BB5658CB14D3E45A48BFE7F082C1182672A455A695CD\
-A1855E8781E625F25B41B516E77F589FA420C3B058861EA138CF7A2C58DB3C7504FD\
-D29554D78237834CC5AE710D403CC4F6973D5012B7E117A8976B14A0B5AFA889BD47\
-92C461F0F96116F00A97AE9E83DC5203680CAF9A18A062566C145650AB86BE4F907F\
-A9F7AB4A700B29E1E5BACCD6DCBFA513E10832815F710807EED2E279081FEC61D619\
-AB270BEB3D3A1787B35A9DD41A8766CF21F3B5C693B3BAB1C2FA14A4ED202BC35743\
-E5CBE2391624D4F8C9BFBBC78D69764E7C6C5B11BF005677BFAD17D9278FFC1F158F\
-1B3683FF7960FA0608103792C4163DC0AF3E06287BB8624F8FE3A0FFBDF82ACECA2F\
-CFFF2E1AC93F3CA264A1B
-
-Diff says:
-% diff bc.txt mp.txt
-%
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/gcd.pod b/security/nss/lib/freebl/mpi/doc/gcd.pod
deleted file mode 100644
index 53b955f7e..000000000
--- a/security/nss/lib/freebl/mpi/doc/gcd.pod
+++ /dev/null
@@ -1,27 +0,0 @@
-=head1 NAME
-
- gcd - compute greatest common divisor of two integers
-
-=head1 SYNOPSIS
-
- gcd <a> <b>
-
-=head1 DESCRIPTION
-
-The B<gcd> program computes the greatest common divisor of two
-arbitrary-precision integers I<a> and I<b>. The result is written in
-standard decimal notation to the standard output.
-
-If I<b> is zero, B<gcd> will print an error message and exit.
-
-=head1 SEE ALSO
-
-invmod(1), isprime(1), lap(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/invmod.pod b/security/nss/lib/freebl/mpi/doc/invmod.pod
deleted file mode 100644
index faa8f9d0c..000000000
--- a/security/nss/lib/freebl/mpi/doc/invmod.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=head1 NAME
-
- invmod - compute modular inverse of an integer
-
-=head1 SYNOPSIS
-
- invmod <a> <m>
-
-=head1 DESCRIPTION
-
-The B<invmod> program computes the inverse of I<a>, modulo I<m>, if
-that inverse exists. Both I<a> and I<m> are arbitrary-precision
-integers in decimal notation. The result is written in standard
-decimal notation to the standard output.
-
-If there is no inverse, the message:
-
- No inverse
-
-...will be printed to the standard output (an inverse exists if and
-only if the greatest common divisor of I<a> and I<m> is 1).
-
-=head1 SEE ALSO
-
-gcd(1), isprime(1), lap(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/isprime.pod b/security/nss/lib/freebl/mpi/doc/isprime.pod
deleted file mode 100644
index a17c1c1bd..000000000
--- a/security/nss/lib/freebl/mpi/doc/isprime.pod
+++ /dev/null
@@ -1,62 +0,0 @@
-=head1 NAME
-
- isprime - probabilistic primality testing
-
-=head1 SYNOPSIS
-
- isprime <a>
-
-=head1 DESCRIPTION
-
-The B<isprime> program attempts to determine whether the arbitrary
-precision integer I<a> is prime. It first tests I<a> for divisibility
-by the first 170 or so small primes, and assuming I<a> is not
-divisible by any of these, applies 15 iterations of the Rabin-Miller
-probabilistic primality test.
-
-If the program discovers that the number is composite, it will print:
-
- Not prime (reason)
-
-Where I<reason> is either:
-
- divisible by small prime x
-
-Or:
-
- failed nth pseudoprime test
-
-In the first case, I<x> indicates the first small prime factor that
-was found. In the second case, I<n> indicates which of the
-pseudoprime tests failed (numbered from 1)
-
-If this happens, the number is definitely not prime. However, if the
-number succeeds, this message results:
-
- Probably prime, 1 in 4^15 chance of false positive
-
-If this happens, the number is prime with very high probability, but
-its primality has not been absolutely proven, only demonstrated to a
-very convincing degree.
-
-The value I<a> can be input in standard decimal notation, or, if it is
-prefixed with I<Ox>, it will be read as hexadecimal.
-
-=head1 ENVIRONMENT
-
-You can control how many iterations of Rabin-Miller are performed on
-the candidate number by setting the I<RM_TESTS> environment variable
-to an integer value before starting up B<isprime>. This will change
-the output slightly if the number passes all the tests.
-
-=head1 SEE ALSO
-
-gcd(1), invmod(1), lap(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/lap.pod b/security/nss/lib/freebl/mpi/doc/lap.pod
deleted file mode 100644
index ac100639b..000000000
--- a/security/nss/lib/freebl/mpi/doc/lap.pod
+++ /dev/null
@@ -1,35 +0,0 @@
-=head1 NAME
-
- lap - compute least annihilating power of a number
-
-=head1 SYNOPSIS
-
- lap <a> <m>
-
-=head1 DESCRIPTION
-
-The B<lap> program computes the order of I<a> modulo I<m>, for
-arbitrary precision integers I<a> and I<m>. The B<order> of I<a>
-modulo I<m> is defined as the smallest positive value I<n> for which
-I<a> raised to the I<n>th power, modulo I<m>, is equal to 1. The
-order may not exist, if I<m> is composite.
-
-=head1 RESTRICTIONS
-
-This program is very slow, especially for large moduli. It is
-intended as a way to help find primitive elements in a modular field,
-but it does not do so in a particularly inefficient manner. It was
-written simply to help verify that a particular candidate does not
-have an obviously short cycle mod I<m>.
-
-=head1 SEE ALSO
-
-gcd(1), invmod(1), isprime(1)
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/mpi-test.pod b/security/nss/lib/freebl/mpi/doc/mpi-test.pod
deleted file mode 100644
index 16050f09f..000000000
--- a/security/nss/lib/freebl/mpi/doc/mpi-test.pod
+++ /dev/null
@@ -1,49 +0,0 @@
-=head1 NAME
-
- mpi-test - automated test program for MPI library
-
-=head1 SYNOPSIS
-
- mpi-test <suite-name> [quiet]
- mpi-test list
- mpi-test help
-
-=head1 DESCRIPTION
-
-The B<mpi-test> program is a general unit test driver for the MPI
-library. It is used to verify that the library works as it is
-supposed to on your architecture. As with most such things, passing
-all the tests in B<mpi-test> does not guarantee the code is correct,
-but if any of them fail, there are certainly problems.
-
-Each major function of the library can be tested individually. For a
-list of the test suites understood by B<mpi-test>, run it with the
-I<list> command line option:
-
- mpi-test list
-
-This will display a list of the available test suites and a brief
-synopsis of what each one does. For a brief overview of this
-document, run B<mpi-test> I<help>.
-
-B<mpi-test> exits with a zero status if the selected test succeeds, or
-a nonzero status if it fails. If a I<suite-name> which is not
-understood by B<mpi-test> is given, a diagnostic is printed to the
-standard error, and the program exits with a result code of 2. If a
-test fails, the result code will be 1, and a diagnostic is ordinarily
-printed to the standard error. However, if the I<quiet> option is
-provided, these diagnostics will be suppressed.
-
-=head1 RESTRICTIONS
-
-Only a few canned test cases are provided. The solutions have been
-verified using the GNU bc(1) program, so bugs there may cause problems
-here; however, this is very unlikely, so if a test fails, it is almost
-certainly my fault, not bc(1)'s.
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Thayer School of Engineering, Hanover, New Hampshire, USA
-
- $Date$
diff --git a/security/nss/lib/freebl/mpi/doc/mul.txt b/security/nss/lib/freebl/mpi/doc/mul.txt
deleted file mode 100644
index 436d01bf7..000000000
--- a/security/nss/lib/freebl/mpi/doc/mul.txt
+++ /dev/null
@@ -1,109 +0,0 @@
-Multiplication
-
-This describes the multiplication algorithm used by the MPI library.
-
-This is basically a standard "schoolbook" algorithm. It is slow --
-O(mn) for m = #a, n = #b -- but easy to implement and verify.
-Basically, we run two nested loops, as illustrated here (R is the
-radix):
-
-k = 0
-for j <- 0 to (#b - 1)
- for i <- 0 to (#a - 1)
- w = (a[j] * b[i]) + k + c[i+j]
- c[i+j] = w mod R
- k = w div R
- endfor
- c[i+j] = k;
- k = 0;
-endfor
-
-It is necessary that 'w' have room for at least two radix R digits.
-The product of any two digits in radix R is at most:
-
- (R - 1)(R - 1) = R^2 - 2R + 1
-
-Since a two-digit radix-R number can hold R^2 - 1 distinct values,
-this insures that the product will fit into the two-digit register.
-
-To insure that two digits is enough for w, we must also show that
-there is room for the carry-in from the previous multiplication, and
-the current value of the product digit that is being recomputed.
-Assuming each of these may be as big as R - 1 (and no larger,
-certainly), two digits will be enough if and only if:
-
- (R^2 - 2R + 1) + 2(R - 1) <= R^2 - 1
-
-Solving this equation shows that, indeed, this is the case:
-
- R^2 - 2R + 1 + 2R - 2 <= R^2 - 1
-
- R^2 - 1 <= R^2 - 1
-
-This suggests that a good radix would be one more than the largest
-value that can be held in half a machine word -- so, for example, as
-in this implementation, where we used a radix of 65536 on a machine
-with 4-byte words. Another advantage of a radix of this sort is that
-binary-level operations are easy on numbers in this representation.
-
-Here's an example multiplication worked out longhand in radix-10,
-using the above algorithm:
-
- a = 999
- b = x 999
- -------------
- p = 98001
-
-w = (a[jx] * b[ix]) + kin + c[ix + jx]
-c[ix+jx] = w % RADIX
-k = w / RADIX
- product
-ix jx a[jx] b[ix] kin w c[i+j] kout 000000
-0 0 9 9 0 81+0+0 1 8 000001
-0 1 9 9 8 81+8+0 9 8 000091
-0 2 9 9 8 81+8+0 9 8 000991
- 8 0 008991
-1 0 9 9 0 81+0+9 0 9 008901
-1 1 9 9 9 81+9+9 9 9 008901
-1 2 9 9 9 81+9+8 8 9 008901
- 9 0 098901
-2 0 9 9 0 81+0+9 0 9 098001
-2 1 9 9 9 81+9+8 8 9 098001
-2 2 9 9 9 81+9+9 9 9 098001
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/pi.txt b/security/nss/lib/freebl/mpi/doc/pi.txt
deleted file mode 100644
index 5edfdb4cb..000000000
--- a/security/nss/lib/freebl/mpi/doc/pi.txt
+++ /dev/null
@@ -1,85 +0,0 @@
-This file describes how pi is computed by the program in 'pi.c' (see
-the utils subdirectory).
-
-Basically, we use Machin's formula, which is what everyone in the
-world uses as a simple method for computing approximations to pi.
-This works for up to a few thousand digits without too much effort.
-Beyond that, though, it gets too slow.
-
-Machin's formula states:
-
- pi := 16 * arctan(1/5) - 4 * arctan(1/239)
-
-We compute this in integer arithmetic by first multiplying everything
-through by 10^d, where 'd' is the number of digits of pi we wanted to
-compute. It turns out, the last few digits will be wrong, but the
-number that are wrong is usually very small (ordinarly only 2-3).
-Having done this, we compute the arctan() function using the formula:
-
- 1 1 1 1 1
- arctan(1/x) := --- - ----- + ----- - ----- + ----- - ...
- x 3 x^3 5 x^5 7 x^7 9 x^9
-
-This is done iteratively by computing the first term manually, and
-then iteratively dividing x^2 and k, where k = 3, 5, 7, ... out of the
-current figure. This is then added to (or subtracted from) a running
-sum, as appropriate. The iteration continues until we overflow our
-available precision and the current figure goes to zero under integer
-division. At that point, we're finished.
-
-Actually, we get a couple extra bits of precision out of the fact that
-we know we're computing y * arctan(1/x), by setting up the multiplier
-as:
-
- y * 10^d
-
-... instead of just 10^d. There is also a bit of cleverness in how
-the loop is constructed, to avoid special-casing the first term.
-Check out the code for arctan() in 'pi.c', if you are interested in
-seeing how it is set up.
-
-Thanks to Jason P. for this algorithm, which I assembled from notes
-and programs found on his cool "Pile of Pi Programs" page, at:
-
- http://www.isr.umd.edu/~jasonp/pipage.html
-
-Thanks also to Henrik Johansson <Henrik.Johansson@Nexus.Comm.SE>, from
-whose pi program I borrowed the clever idea of pre-multiplying by x in
-order to avoid a special case on the loop iteration.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/prime.txt b/security/nss/lib/freebl/mpi/doc/prime.txt
deleted file mode 100644
index 694797d5f..000000000
--- a/security/nss/lib/freebl/mpi/doc/prime.txt
+++ /dev/null
@@ -1,6542 +0,0 @@
-2
-3
-5
-7
-11
-13
-17
-19
-23
-29
-31
-37
-41
-43
-47
-53
-59
-61
-67
-71
-73
-79
-83
-89
-97
-101
-103
-107
-109
-113
-127
-131
-137
-139
-149
-151
-157
-163
-167
-173
-179
-181
-191
-193
-197
-199
-211
-223
-227
-229
-233
-239
-241
-251
-257
-263
-269
-271
-277
-281
-283
-293
-307
-311
-313
-317
-331
-337
-347
-349
-353
-359
-367
-373
-379
-383
-389
-397
-401
-409
-419
-421
-431
-433
-439
-443
-449
-457
-461
-463
-467
-479
-487
-491
-499
-503
-509
-521
-523
-541
-547
-557
-563
-569
-571
-577
-587
-593
-599
-601
-607
-613
-617
-619
-631
-641
-643
-647
-653
-659
-661
-673
-677
-683
-691
-701
-709
-719
-727
-733
-739
-743
-751
-757
-761
-769
-773
-787
-797
-809
-811
-821
-823
-827
-829
-839
-853
-857
-859
-863
-877
-881
-883
-887
-907
-911
-919
-929
-937
-941
-947
-953
-967
-971
-977
-983
-991
-997
-1009
-1013
-1019
-1021
-1031
-1033
-1039
-1049
-1051
-1061
-1063
-1069
-1087
-1091
-1093
-1097
-1103
-1109
-1117
-1123
-1129
-1151
-1153
-1163
-1171
-1181
-1187
-1193
-1201
-1213
-1217
-1223
-1229
-1231
-1237
-1249
-1259
-1277
-1279
-1283
-1289
-1291
-1297
-1301
-1303
-1307
-1319
-1321
-1327
-1361
-1367
-1373
-1381
-1399
-1409
-1423
-1427
-1429
-1433
-1439
-1447
-1451
-1453
-1459
-1471
-1481
-1483
-1487
-1489
-1493
-1499
-1511
-1523
-1531
-1543
-1549
-1553
-1559
-1567
-1571
-1579
-1583
-1597
-1601
-1607
-1609
-1613
-1619
-1621
-1627
-1637
-1657
-1663
-1667
-1669
-1693
-1697
-1699
-1709
-1721
-1723
-1733
-1741
-1747
-1753
-1759
-1777
-1783
-1787
-1789
-1801
-1811
-1823
-1831
-1847
-1861
-1867
-1871
-1873
-1877
-1879
-1889
-1901
-1907
-1913
-1931
-1933
-1949
-1951
-1973
-1979
-1987
-1993
-1997
-1999
-2003
-2011
-2017
-2027
-2029
-2039
-2053
-2063
-2069
-2081
-2083
-2087
-2089
-2099
-2111
-2113
-2129
-2131
-2137
-2141
-2143
-2153
-2161
-2179
-2203
-2207
-2213
-2221
-2237
-2239
-2243
-2251
-2267
-2269
-2273
-2281
-2287
-2293
-2297
-2309
-2311
-2333
-2339
-2341
-2347
-2351
-2357
-2371
-2377
-2381
-2383
-2389
-2393
-2399
-2411
-2417
-2423
-2437
-2441
-2447
-2459
-2467
-2473
-2477
-2503
-2521
-2531
-2539
-2543
-2549
-2551
-2557
-2579
-2591
-2593
-2609
-2617
-2621
-2633
-2647
-2657
-2659
-2663
-2671
-2677
-2683
-2687
-2689
-2693
-2699
-2707
-2711
-2713
-2719
-2729
-2731
-2741
-2749
-2753
-2767
-2777
-2789
-2791
-2797
-2801
-2803
-2819
-2833
-2837
-2843
-2851
-2857
-2861
-2879
-2887
-2897
-2903
-2909
-2917
-2927
-2939
-2953
-2957
-2963
-2969
-2971
-2999
-3001
-3011
-3019
-3023
-3037
-3041
-3049
-3061
-3067
-3079
-3083
-3089
-3109
-3119
-3121
-3137
-3163
-3167
-3169
-3181
-3187
-3191
-3203
-3209
-3217
-3221
-3229
-3251
-3253
-3257
-3259
-3271
-3299
-3301
-3307
-3313
-3319
-3323
-3329
-3331
-3343
-3347
-3359
-3361
-3371
-3373
-3389
-3391
-3407
-3413
-3433
-3449
-3457
-3461
-3463
-3467
-3469
-3491
-3499
-3511
-3517
-3527
-3529
-3533
-3539
-3541
-3547
-3557
-3559
-3571
-3581
-3583
-3593
-3607
-3613
-3617
-3623
-3631
-3637
-3643
-3659
-3671
-3673
-3677
-3691
-3697
-3701
-3709
-3719
-3727
-3733
-3739
-3761
-3767
-3769
-3779
-3793
-3797
-3803
-3821
-3823
-3833
-3847
-3851
-3853
-3863
-3877
-3881
-3889
-3907
-3911
-3917
-3919
-3923
-3929
-3931
-3943
-3947
-3967
-3989
-4001
-4003
-4007
-4013
-4019
-4021
-4027
-4049
-4051
-4057
-4073
-4079
-4091
-4093
-4099
-4111
-4127
-4129
-4133
-4139
-4153
-4157
-4159
-4177
-4201
-4211
-4217
-4219
-4229
-4231
-4241
-4243
-4253
-4259
-4261
-4271
-4273
-4283
-4289
-4297
-4327
-4337
-4339
-4349
-4357
-4363
-4373
-4391
-4397
-4409
-4421
-4423
-4441
-4447
-4451
-4457
-4463
-4481
-4483
-4493
-4507
-4513
-4517
-4519
-4523
-4547
-4549
-4561
-4567
-4583
-4591
-4597
-4603
-4621
-4637
-4639
-4643
-4649
-4651
-4657
-4663
-4673
-4679
-4691
-4703
-4721
-4723
-4729
-4733
-4751
-4759
-4783
-4787
-4789
-4793
-4799
-4801
-4813
-4817
-4831
-4861
-4871
-4877
-4889
-4903
-4909
-4919
-4931
-4933
-4937
-4943
-4951
-4957
-4967
-4969
-4973
-4987
-4993
-4999
-5003
-5009
-5011
-5021
-5023
-5039
-5051
-5059
-5077
-5081
-5087
-5099
-5101
-5107
-5113
-5119
-5147
-5153
-5167
-5171
-5179
-5189
-5197
-5209
-5227
-5231
-5233
-5237
-5261
-5273
-5279
-5281
-5297
-5303
-5309
-5323
-5333
-5347
-5351
-5381
-5387
-5393
-5399
-5407
-5413
-5417
-5419
-5431
-5437
-5441
-5443
-5449
-5471
-5477
-5479
-5483
-5501
-5503
-5507
-5519
-5521
-5527
-5531
-5557
-5563
-5569
-5573
-5581
-5591
-5623
-5639
-5641
-5647
-5651
-5653
-5657
-5659
-5669
-5683
-5689
-5693
-5701
-5711
-5717
-5737
-5741
-5743
-5749
-5779
-5783
-5791
-5801
-5807
-5813
-5821
-5827
-5839
-5843
-5849
-5851
-5857
-5861
-5867
-5869
-5879
-5881
-5897
-5903
-5923
-5927
-5939
-5953
-5981
-5987
-6007
-6011
-6029
-6037
-6043
-6047
-6053
-6067
-6073
-6079
-6089
-6091
-6101
-6113
-6121
-6131
-6133
-6143
-6151
-6163
-6173
-6197
-6199
-6203
-6211
-6217
-6221
-6229
-6247
-6257
-6263
-6269
-6271
-6277
-6287
-6299
-6301
-6311
-6317
-6323
-6329
-6337
-6343
-6353
-6359
-6361
-6367
-6373
-6379
-6389
-6397
-6421
-6427
-6449
-6451
-6469
-6473
-6481
-6491
-6521
-6529
-6547
-6551
-6553
-6563
-6569
-6571
-6577
-6581
-6599
-6607
-6619
-6637
-6653
-6659
-6661
-6673
-6679
-6689
-6691
-6701
-6703
-6709
-6719
-6733
-6737
-6761
-6763
-6779
-6781
-6791
-6793
-6803
-6823
-6827
-6829
-6833
-6841
-6857
-6863
-6869
-6871
-6883
-6899
-6907
-6911
-6917
-6947
-6949
-6959
-6961
-6967
-6971
-6977
-6983
-6991
-6997
-7001
-7013
-7019
-7027
-7039
-7043
-7057
-7069
-7079
-7103
-7109
-7121
-7127
-7129
-7151
-7159
-7177
-7187
-7193
-7207
-7211
-7213
-7219
-7229
-7237
-7243
-7247
-7253
-7283
-7297
-7307
-7309
-7321
-7331
-7333
-7349
-7351
-7369
-7393
-7411
-7417
-7433
-7451
-7457
-7459
-7477
-7481
-7487
-7489
-7499
-7507
-7517
-7523
-7529
-7537
-7541
-7547
-7549
-7559
-7561
-7573
-7577
-7583
-7589
-7591
-7603
-7607
-7621
-7639
-7643
-7649
-7669
-7673
-7681
-7687
-7691
-7699
-7703
-7717
-7723
-7727
-7741
-7753
-7757
-7759
-7789
-7793
-7817
-7823
-7829
-7841
-7853
-7867
-7873
-7877
-7879
-7883
-7901
-7907
-7919
-7927
-7933
-7937
-7949
-7951
-7963
-7993
-8009
-8011
-8017
-8039
-8053
-8059
-8069
-8081
-8087
-8089
-8093
-8101
-8111
-8117
-8123
-8147
-8161
-8167
-8171
-8179
-8191
-8209
-8219
-8221
-8231
-8233
-8237
-8243
-8263
-8269
-8273
-8287
-8291
-8293
-8297
-8311
-8317
-8329
-8353
-8363
-8369
-8377
-8387
-8389
-8419
-8423
-8429
-8431
-8443
-8447
-8461
-8467
-8501
-8513
-8521
-8527
-8537
-8539
-8543
-8563
-8573
-8581
-8597
-8599
-8609
-8623
-8627
-8629
-8641
-8647
-8663
-8669
-8677
-8681
-8689
-8693
-8699
-8707
-8713
-8719
-8731
-8737
-8741
-8747
-8753
-8761
-8779
-8783
-8803
-8807
-8819
-8821
-8831
-8837
-8839
-8849
-8861
-8863
-8867
-8887
-8893
-8923
-8929
-8933
-8941
-8951
-8963
-8969
-8971
-8999
-9001
-9007
-9011
-9013
-9029
-9041
-9043
-9049
-9059
-9067
-9091
-9103
-9109
-9127
-9133
-9137
-9151
-9157
-9161
-9173
-9181
-9187
-9199
-9203
-9209
-9221
-9227
-9239
-9241
-9257
-9277
-9281
-9283
-9293
-9311
-9319
-9323
-9337
-9341
-9343
-9349
-9371
-9377
-9391
-9397
-9403
-9413
-9419
-9421
-9431
-9433
-9437
-9439
-9461
-9463
-9467
-9473
-9479
-9491
-9497
-9511
-9521
-9533
-9539
-9547
-9551
-9587
-9601
-9613
-9619
-9623
-9629
-9631
-9643
-9649
-9661
-9677
-9679
-9689
-9697
-9719
-9721
-9733
-9739
-9743
-9749
-9767
-9769
-9781
-9787
-9791
-9803
-9811
-9817
-9829
-9833
-9839
-9851
-9857
-9859
-9871
-9883
-9887
-9901
-9907
-9923
-9929
-9931
-9941
-9949
-9967
-9973
-10007
-10009
-10037
-10039
-10061
-10067
-10069
-10079
-10091
-10093
-10099
-10103
-10111
-10133
-10139
-10141
-10151
-10159
-10163
-10169
-10177
-10181
-10193
-10211
-10223
-10243
-10247
-10253
-10259
-10267
-10271
-10273
-10289
-10301
-10303
-10313
-10321
-10331
-10333
-10337
-10343
-10357
-10369
-10391
-10399
-10427
-10429
-10433
-10453
-10457
-10459
-10463
-10477
-10487
-10499
-10501
-10513
-10529
-10531
-10559
-10567
-10589
-10597
-10601
-10607
-10613
-10627
-10631
-10639
-10651
-10657
-10663
-10667
-10687
-10691
-10709
-10711
-10723
-10729
-10733
-10739
-10753
-10771
-10781
-10789
-10799
-10831
-10837
-10847
-10853
-10859
-10861
-10867
-10883
-10889
-10891
-10903
-10909
-10937
-10939
-10949
-10957
-10973
-10979
-10987
-10993
-11003
-11027
-11047
-11057
-11059
-11069
-11071
-11083
-11087
-11093
-11113
-11117
-11119
-11131
-11149
-11159
-11161
-11171
-11173
-11177
-11197
-11213
-11239
-11243
-11251
-11257
-11261
-11273
-11279
-11287
-11299
-11311
-11317
-11321
-11329
-11351
-11353
-11369
-11383
-11393
-11399
-11411
-11423
-11437
-11443
-11447
-11467
-11471
-11483
-11489
-11491
-11497
-11503
-11519
-11527
-11549
-11551
-11579
-11587
-11593
-11597
-11617
-11621
-11633
-11657
-11677
-11681
-11689
-11699
-11701
-11717
-11719
-11731
-11743
-11777
-11779
-11783
-11789
-11801
-11807
-11813
-11821
-11827
-11831
-11833
-11839
-11863
-11867
-11887
-11897
-11903
-11909
-11923
-11927
-11933
-11939
-11941
-11953
-11959
-11969
-11971
-11981
-11987
-12007
-12011
-12037
-12041
-12043
-12049
-12071
-12073
-12097
-12101
-12107
-12109
-12113
-12119
-12143
-12149
-12157
-12161
-12163
-12197
-12203
-12211
-12227
-12239
-12241
-12251
-12253
-12263
-12269
-12277
-12281
-12289
-12301
-12323
-12329
-12343
-12347
-12373
-12377
-12379
-12391
-12401
-12409
-12413
-12421
-12433
-12437
-12451
-12457
-12473
-12479
-12487
-12491
-12497
-12503
-12511
-12517
-12527
-12539
-12541
-12547
-12553
-12569
-12577
-12583
-12589
-12601
-12611
-12613
-12619
-12637
-12641
-12647
-12653
-12659
-12671
-12689
-12697
-12703
-12713
-12721
-12739
-12743
-12757
-12763
-12781
-12791
-12799
-12809
-12821
-12823
-12829
-12841
-12853
-12889
-12893
-12899
-12907
-12911
-12917
-12919
-12923
-12941
-12953
-12959
-12967
-12973
-12979
-12983
-13001
-13003
-13007
-13009
-13033
-13037
-13043
-13049
-13063
-13093
-13099
-13103
-13109
-13121
-13127
-13147
-13151
-13159
-13163
-13171
-13177
-13183
-13187
-13217
-13219
-13229
-13241
-13249
-13259
-13267
-13291
-13297
-13309
-13313
-13327
-13331
-13337
-13339
-13367
-13381
-13397
-13399
-13411
-13417
-13421
-13441
-13451
-13457
-13463
-13469
-13477
-13487
-13499
-13513
-13523
-13537
-13553
-13567
-13577
-13591
-13597
-13613
-13619
-13627
-13633
-13649
-13669
-13679
-13681
-13687
-13691
-13693
-13697
-13709
-13711
-13721
-13723
-13729
-13751
-13757
-13759
-13763
-13781
-13789
-13799
-13807
-13829
-13831
-13841
-13859
-13873
-13877
-13879
-13883
-13901
-13903
-13907
-13913
-13921
-13931
-13933
-13963
-13967
-13997
-13999
-14009
-14011
-14029
-14033
-14051
-14057
-14071
-14081
-14083
-14087
-14107
-14143
-14149
-14153
-14159
-14173
-14177
-14197
-14207
-14221
-14243
-14249
-14251
-14281
-14293
-14303
-14321
-14323
-14327
-14341
-14347
-14369
-14387
-14389
-14401
-14407
-14411
-14419
-14423
-14431
-14437
-14447
-14449
-14461
-14479
-14489
-14503
-14519
-14533
-14537
-14543
-14549
-14551
-14557
-14561
-14563
-14591
-14593
-14621
-14627
-14629
-14633
-14639
-14653
-14657
-14669
-14683
-14699
-14713
-14717
-14723
-14731
-14737
-14741
-14747
-14753
-14759
-14767
-14771
-14779
-14783
-14797
-14813
-14821
-14827
-14831
-14843
-14851
-14867
-14869
-14879
-14887
-14891
-14897
-14923
-14929
-14939
-14947
-14951
-14957
-14969
-14983
-15013
-15017
-15031
-15053
-15061
-15073
-15077
-15083
-15091
-15101
-15107
-15121
-15131
-15137
-15139
-15149
-15161
-15173
-15187
-15193
-15199
-15217
-15227
-15233
-15241
-15259
-15263
-15269
-15271
-15277
-15287
-15289
-15299
-15307
-15313
-15319
-15329
-15331
-15349
-15359
-15361
-15373
-15377
-15383
-15391
-15401
-15413
-15427
-15439
-15443
-15451
-15461
-15467
-15473
-15493
-15497
-15511
-15527
-15541
-15551
-15559
-15569
-15581
-15583
-15601
-15607
-15619
-15629
-15641
-15643
-15647
-15649
-15661
-15667
-15671
-15679
-15683
-15727
-15731
-15733
-15737
-15739
-15749
-15761
-15767
-15773
-15787
-15791
-15797
-15803
-15809
-15817
-15823
-15859
-15877
-15881
-15887
-15889
-15901
-15907
-15913
-15919
-15923
-15937
-15959
-15971
-15973
-15991
-16001
-16007
-16033
-16057
-16061
-16063
-16067
-16069
-16073
-16087
-16091
-16097
-16103
-16111
-16127
-16139
-16141
-16183
-16187
-16189
-16193
-16217
-16223
-16229
-16231
-16249
-16253
-16267
-16273
-16301
-16319
-16333
-16339
-16349
-16361
-16363
-16369
-16381
-16411
-16417
-16421
-16427
-16433
-16447
-16451
-16453
-16477
-16481
-16487
-16493
-16519
-16529
-16547
-16553
-16561
-16567
-16573
-16603
-16607
-16619
-16631
-16633
-16649
-16651
-16657
-16661
-16673
-16691
-16693
-16699
-16703
-16729
-16741
-16747
-16759
-16763
-16787
-16811
-16823
-16829
-16831
-16843
-16871
-16879
-16883
-16889
-16901
-16903
-16921
-16927
-16931
-16937
-16943
-16963
-16979
-16981
-16987
-16993
-17011
-17021
-17027
-17029
-17033
-17041
-17047
-17053
-17077
-17093
-17099
-17107
-17117
-17123
-17137
-17159
-17167
-17183
-17189
-17191
-17203
-17207
-17209
-17231
-17239
-17257
-17291
-17293
-17299
-17317
-17321
-17327
-17333
-17341
-17351
-17359
-17377
-17383
-17387
-17389
-17393
-17401
-17417
-17419
-17431
-17443
-17449
-17467
-17471
-17477
-17483
-17489
-17491
-17497
-17509
-17519
-17539
-17551
-17569
-17573
-17579
-17581
-17597
-17599
-17609
-17623
-17627
-17657
-17659
-17669
-17681
-17683
-17707
-17713
-17729
-17737
-17747
-17749
-17761
-17783
-17789
-17791
-17807
-17827
-17837
-17839
-17851
-17863
-17881
-17891
-17903
-17909
-17911
-17921
-17923
-17929
-17939
-17957
-17959
-17971
-17977
-17981
-17987
-17989
-18013
-18041
-18043
-18047
-18049
-18059
-18061
-18077
-18089
-18097
-18119
-18121
-18127
-18131
-18133
-18143
-18149
-18169
-18181
-18191
-18199
-18211
-18217
-18223
-18229
-18233
-18251
-18253
-18257
-18269
-18287
-18289
-18301
-18307
-18311
-18313
-18329
-18341
-18353
-18367
-18371
-18379
-18397
-18401
-18413
-18427
-18433
-18439
-18443
-18451
-18457
-18461
-18481
-18493
-18503
-18517
-18521
-18523
-18539
-18541
-18553
-18583
-18587
-18593
-18617
-18637
-18661
-18671
-18679
-18691
-18701
-18713
-18719
-18731
-18743
-18749
-18757
-18773
-18787
-18793
-18797
-18803
-18839
-18859
-18869
-18899
-18911
-18913
-18917
-18919
-18947
-18959
-18973
-18979
-19001
-19009
-19013
-19031
-19037
-19051
-19069
-19073
-19079
-19081
-19087
-19121
-19139
-19141
-19157
-19163
-19181
-19183
-19207
-19211
-19213
-19219
-19231
-19237
-19249
-19259
-19267
-19273
-19289
-19301
-19309
-19319
-19333
-19373
-19379
-19381
-19387
-19391
-19403
-19417
-19421
-19423
-19427
-19429
-19433
-19441
-19447
-19457
-19463
-19469
-19471
-19477
-19483
-19489
-19501
-19507
-19531
-19541
-19543
-19553
-19559
-19571
-19577
-19583
-19597
-19603
-19609
-19661
-19681
-19687
-19697
-19699
-19709
-19717
-19727
-19739
-19751
-19753
-19759
-19763
-19777
-19793
-19801
-19813
-19819
-19841
-19843
-19853
-19861
-19867
-19889
-19891
-19913
-19919
-19927
-19937
-19949
-19961
-19963
-19973
-19979
-19991
-19993
-19997
-20011
-20021
-20023
-20029
-20047
-20051
-20063
-20071
-20089
-20101
-20107
-20113
-20117
-20123
-20129
-20143
-20147
-20149
-20161
-20173
-20177
-20183
-20201
-20219
-20231
-20233
-20249
-20261
-20269
-20287
-20297
-20323
-20327
-20333
-20341
-20347
-20353
-20357
-20359
-20369
-20389
-20393
-20399
-20407
-20411
-20431
-20441
-20443
-20477
-20479
-20483
-20507
-20509
-20521
-20533
-20543
-20549
-20551
-20563
-20593
-20599
-20611
-20627
-20639
-20641
-20663
-20681
-20693
-20707
-20717
-20719
-20731
-20743
-20747
-20749
-20753
-20759
-20771
-20773
-20789
-20807
-20809
-20849
-20857
-20873
-20879
-20887
-20897
-20899
-20903
-20921
-20929
-20939
-20947
-20959
-20963
-20981
-20983
-21001
-21011
-21013
-21017
-21019
-21023
-21031
-21059
-21061
-21067
-21089
-21101
-21107
-21121
-21139
-21143
-21149
-21157
-21163
-21169
-21179
-21187
-21191
-21193
-21211
-21221
-21227
-21247
-21269
-21277
-21283
-21313
-21317
-21319
-21323
-21341
-21347
-21377
-21379
-21383
-21391
-21397
-21401
-21407
-21419
-21433
-21467
-21481
-21487
-21491
-21493
-21499
-21503
-21517
-21521
-21523
-21529
-21557
-21559
-21563
-21569
-21577
-21587
-21589
-21599
-21601
-21611
-21613
-21617
-21647
-21649
-21661
-21673
-21683
-21701
-21713
-21727
-21737
-21739
-21751
-21757
-21767
-21773
-21787
-21799
-21803
-21817
-21821
-21839
-21841
-21851
-21859
-21863
-21871
-21881
-21893
-21911
-21929
-21937
-21943
-21961
-21977
-21991
-21997
-22003
-22013
-22027
-22031
-22037
-22039
-22051
-22063
-22067
-22073
-22079
-22091
-22093
-22109
-22111
-22123
-22129
-22133
-22147
-22153
-22157
-22159
-22171
-22189
-22193
-22229
-22247
-22259
-22271
-22273
-22277
-22279
-22283
-22291
-22303
-22307
-22343
-22349
-22367
-22369
-22381
-22391
-22397
-22409
-22433
-22441
-22447
-22453
-22469
-22481
-22483
-22501
-22511
-22531
-22541
-22543
-22549
-22567
-22571
-22573
-22613
-22619
-22621
-22637
-22639
-22643
-22651
-22669
-22679
-22691
-22697
-22699
-22709
-22717
-22721
-22727
-22739
-22741
-22751
-22769
-22777
-22783
-22787
-22807
-22811
-22817
-22853
-22859
-22861
-22871
-22877
-22901
-22907
-22921
-22937
-22943
-22961
-22963
-22973
-22993
-23003
-23011
-23017
-23021
-23027
-23029
-23039
-23041
-23053
-23057
-23059
-23063
-23071
-23081
-23087
-23099
-23117
-23131
-23143
-23159
-23167
-23173
-23189
-23197
-23201
-23203
-23209
-23227
-23251
-23269
-23279
-23291
-23293
-23297
-23311
-23321
-23327
-23333
-23339
-23357
-23369
-23371
-23399
-23417
-23431
-23447
-23459
-23473
-23497
-23509
-23531
-23537
-23539
-23549
-23557
-23561
-23563
-23567
-23581
-23593
-23599
-23603
-23609
-23623
-23627
-23629
-23633
-23663
-23669
-23671
-23677
-23687
-23689
-23719
-23741
-23743
-23747
-23753
-23761
-23767
-23773
-23789
-23801
-23813
-23819
-23827
-23831
-23833
-23857
-23869
-23873
-23879
-23887
-23893
-23899
-23909
-23911
-23917
-23929
-23957
-23971
-23977
-23981
-23993
-24001
-24007
-24019
-24023
-24029
-24043
-24049
-24061
-24071
-24077
-24083
-24091
-24097
-24103
-24107
-24109
-24113
-24121
-24133
-24137
-24151
-24169
-24179
-24181
-24197
-24203
-24223
-24229
-24239
-24247
-24251
-24281
-24317
-24329
-24337
-24359
-24371
-24373
-24379
-24391
-24407
-24413
-24419
-24421
-24439
-24443
-24469
-24473
-24481
-24499
-24509
-24517
-24527
-24533
-24547
-24551
-24571
-24593
-24611
-24623
-24631
-24659
-24671
-24677
-24683
-24691
-24697
-24709
-24733
-24749
-24763
-24767
-24781
-24793
-24799
-24809
-24821
-24841
-24847
-24851
-24859
-24877
-24889
-24907
-24917
-24919
-24923
-24943
-24953
-24967
-24971
-24977
-24979
-24989
-25013
-25031
-25033
-25037
-25057
-25073
-25087
-25097
-25111
-25117
-25121
-25127
-25147
-25153
-25163
-25169
-25171
-25183
-25189
-25219
-25229
-25237
-25243
-25247
-25253
-25261
-25301
-25303
-25307
-25309
-25321
-25339
-25343
-25349
-25357
-25367
-25373
-25391
-25409
-25411
-25423
-25439
-25447
-25453
-25457
-25463
-25469
-25471
-25523
-25537
-25541
-25561
-25577
-25579
-25583
-25589
-25601
-25603
-25609
-25621
-25633
-25639
-25643
-25657
-25667
-25673
-25679
-25693
-25703
-25717
-25733
-25741
-25747
-25759
-25763
-25771
-25793
-25799
-25801
-25819
-25841
-25847
-25849
-25867
-25873
-25889
-25903
-25913
-25919
-25931
-25933
-25939
-25943
-25951
-25969
-25981
-25997
-25999
-26003
-26017
-26021
-26029
-26041
-26053
-26083
-26099
-26107
-26111
-26113
-26119
-26141
-26153
-26161
-26171
-26177
-26183
-26189
-26203
-26209
-26227
-26237
-26249
-26251
-26261
-26263
-26267
-26293
-26297
-26309
-26317
-26321
-26339
-26347
-26357
-26371
-26387
-26393
-26399
-26407
-26417
-26423
-26431
-26437
-26449
-26459
-26479
-26489
-26497
-26501
-26513
-26539
-26557
-26561
-26573
-26591
-26597
-26627
-26633
-26641
-26647
-26669
-26681
-26683
-26687
-26693
-26699
-26701
-26711
-26713
-26717
-26723
-26729
-26731
-26737
-26759
-26777
-26783
-26801
-26813
-26821
-26833
-26839
-26849
-26861
-26863
-26879
-26881
-26891
-26893
-26903
-26921
-26927
-26947
-26951
-26953
-26959
-26981
-26987
-26993
-27011
-27017
-27031
-27043
-27059
-27061
-27067
-27073
-27077
-27091
-27103
-27107
-27109
-27127
-27143
-27179
-27191
-27197
-27211
-27239
-27241
-27253
-27259
-27271
-27277
-27281
-27283
-27299
-27329
-27337
-27361
-27367
-27397
-27407
-27409
-27427
-27431
-27437
-27449
-27457
-27479
-27481
-27487
-27509
-27527
-27529
-27539
-27541
-27551
-27581
-27583
-27611
-27617
-27631
-27647
-27653
-27673
-27689
-27691
-27697
-27701
-27733
-27737
-27739
-27743
-27749
-27751
-27763
-27767
-27773
-27779
-27791
-27793
-27799
-27803
-27809
-27817
-27823
-27827
-27847
-27851
-27883
-27893
-27901
-27917
-27919
-27941
-27943
-27947
-27953
-27961
-27967
-27983
-27997
-28001
-28019
-28027
-28031
-28051
-28057
-28069
-28081
-28087
-28097
-28099
-28109
-28111
-28123
-28151
-28163
-28181
-28183
-28201
-28211
-28219
-28229
-28277
-28279
-28283
-28289
-28297
-28307
-28309
-28319
-28349
-28351
-28387
-28393
-28403
-28409
-28411
-28429
-28433
-28439
-28447
-28463
-28477
-28493
-28499
-28513
-28517
-28537
-28541
-28547
-28549
-28559
-28571
-28573
-28579
-28591
-28597
-28603
-28607
-28619
-28621
-28627
-28631
-28643
-28649
-28657
-28661
-28663
-28669
-28687
-28697
-28703
-28711
-28723
-28729
-28751
-28753
-28759
-28771
-28789
-28793
-28807
-28813
-28817
-28837
-28843
-28859
-28867
-28871
-28879
-28901
-28909
-28921
-28927
-28933
-28949
-28961
-28979
-29009
-29017
-29021
-29023
-29027
-29033
-29059
-29063
-29077
-29101
-29123
-29129
-29131
-29137
-29147
-29153
-29167
-29173
-29179
-29191
-29201
-29207
-29209
-29221
-29231
-29243
-29251
-29269
-29287
-29297
-29303
-29311
-29327
-29333
-29339
-29347
-29363
-29383
-29387
-29389
-29399
-29401
-29411
-29423
-29429
-29437
-29443
-29453
-29473
-29483
-29501
-29527
-29531
-29537
-29567
-29569
-29573
-29581
-29587
-29599
-29611
-29629
-29633
-29641
-29663
-29669
-29671
-29683
-29717
-29723
-29741
-29753
-29759
-29761
-29789
-29803
-29819
-29833
-29837
-29851
-29863
-29867
-29873
-29879
-29881
-29917
-29921
-29927
-29947
-29959
-29983
-29989
-30011
-30013
-30029
-30047
-30059
-30071
-30089
-30091
-30097
-30103
-30109
-30113
-30119
-30133
-30137
-30139
-30161
-30169
-30181
-30187
-30197
-30203
-30211
-30223
-30241
-30253
-30259
-30269
-30271
-30293
-30307
-30313
-30319
-30323
-30341
-30347
-30367
-30389
-30391
-30403
-30427
-30431
-30449
-30467
-30469
-30491
-30493
-30497
-30509
-30517
-30529
-30539
-30553
-30557
-30559
-30577
-30593
-30631
-30637
-30643
-30649
-30661
-30671
-30677
-30689
-30697
-30703
-30707
-30713
-30727
-30757
-30763
-30773
-30781
-30803
-30809
-30817
-30829
-30839
-30841
-30851
-30853
-30859
-30869
-30871
-30881
-30893
-30911
-30931
-30937
-30941
-30949
-30971
-30977
-30983
-31013
-31019
-31033
-31039
-31051
-31063
-31069
-31079
-31081
-31091
-31121
-31123
-31139
-31147
-31151
-31153
-31159
-31177
-31181
-31183
-31189
-31193
-31219
-31223
-31231
-31237
-31247
-31249
-31253
-31259
-31267
-31271
-31277
-31307
-31319
-31321
-31327
-31333
-31337
-31357
-31379
-31387
-31391
-31393
-31397
-31469
-31477
-31481
-31489
-31511
-31513
-31517
-31531
-31541
-31543
-31547
-31567
-31573
-31583
-31601
-31607
-31627
-31643
-31649
-31657
-31663
-31667
-31687
-31699
-31721
-31723
-31727
-31729
-31741
-31751
-31769
-31771
-31793
-31799
-31817
-31847
-31849
-31859
-31873
-31883
-31891
-31907
-31957
-31963
-31973
-31981
-31991
-32003
-32009
-32027
-32029
-32051
-32057
-32059
-32063
-32069
-32077
-32083
-32089
-32099
-32117
-32119
-32141
-32143
-32159
-32173
-32183
-32189
-32191
-32203
-32213
-32233
-32237
-32251
-32257
-32261
-32297
-32299
-32303
-32309
-32321
-32323
-32327
-32341
-32353
-32359
-32363
-32369
-32371
-32377
-32381
-32401
-32411
-32413
-32423
-32429
-32441
-32443
-32467
-32479
-32491
-32497
-32503
-32507
-32531
-32533
-32537
-32561
-32563
-32569
-32573
-32579
-32587
-32603
-32609
-32611
-32621
-32633
-32647
-32653
-32687
-32693
-32707
-32713
-32717
-32719
-32749
-32771
-32779
-32783
-32789
-32797
-32801
-32803
-32831
-32833
-32839
-32843
-32869
-32887
-32909
-32911
-32917
-32933
-32939
-32941
-32957
-32969
-32971
-32983
-32987
-32993
-32999
-33013
-33023
-33029
-33037
-33049
-33053
-33071
-33073
-33083
-33091
-33107
-33113
-33119
-33149
-33151
-33161
-33179
-33181
-33191
-33199
-33203
-33211
-33223
-33247
-33287
-33289
-33301
-33311
-33317
-33329
-33331
-33343
-33347
-33349
-33353
-33359
-33377
-33391
-33403
-33409
-33413
-33427
-33457
-33461
-33469
-33479
-33487
-33493
-33503
-33521
-33529
-33533
-33547
-33563
-33569
-33577
-33581
-33587
-33589
-33599
-33601
-33613
-33617
-33619
-33623
-33629
-33637
-33641
-33647
-33679
-33703
-33713
-33721
-33739
-33749
-33751
-33757
-33767
-33769
-33773
-33791
-33797
-33809
-33811
-33827
-33829
-33851
-33857
-33863
-33871
-33889
-33893
-33911
-33923
-33931
-33937
-33941
-33961
-33967
-33997
-34019
-34031
-34033
-34039
-34057
-34061
-34123
-34127
-34129
-34141
-34147
-34157
-34159
-34171
-34183
-34211
-34213
-34217
-34231
-34253
-34259
-34261
-34267
-34273
-34283
-34297
-34301
-34303
-34313
-34319
-34327
-34337
-34351
-34361
-34367
-34369
-34381
-34403
-34421
-34429
-34439
-34457
-34469
-34471
-34483
-34487
-34499
-34501
-34511
-34513
-34519
-34537
-34543
-34549
-34583
-34589
-34591
-34603
-34607
-34613
-34631
-34649
-34651
-34667
-34673
-34679
-34687
-34693
-34703
-34721
-34729
-34739
-34747
-34757
-34759
-34763
-34781
-34807
-34819
-34841
-34843
-34847
-34849
-34871
-34877
-34883
-34897
-34913
-34919
-34939
-34949
-34961
-34963
-34981
-35023
-35027
-35051
-35053
-35059
-35069
-35081
-35083
-35089
-35099
-35107
-35111
-35117
-35129
-35141
-35149
-35153
-35159
-35171
-35201
-35221
-35227
-35251
-35257
-35267
-35279
-35281
-35291
-35311
-35317
-35323
-35327
-35339
-35353
-35363
-35381
-35393
-35401
-35407
-35419
-35423
-35437
-35447
-35449
-35461
-35491
-35507
-35509
-35521
-35527
-35531
-35533
-35537
-35543
-35569
-35573
-35591
-35593
-35597
-35603
-35617
-35671
-35677
-35729
-35731
-35747
-35753
-35759
-35771
-35797
-35801
-35803
-35809
-35831
-35837
-35839
-35851
-35863
-35869
-35879
-35897
-35899
-35911
-35923
-35933
-35951
-35963
-35969
-35977
-35983
-35993
-35999
-36007
-36011
-36013
-36017
-36037
-36061
-36067
-36073
-36083
-36097
-36107
-36109
-36131
-36137
-36151
-36161
-36187
-36191
-36209
-36217
-36229
-36241
-36251
-36263
-36269
-36277
-36293
-36299
-36307
-36313
-36319
-36341
-36343
-36353
-36373
-36383
-36389
-36433
-36451
-36457
-36467
-36469
-36473
-36479
-36493
-36497
-36523
-36527
-36529
-36541
-36551
-36559
-36563
-36571
-36583
-36587
-36599
-36607
-36629
-36637
-36643
-36653
-36671
-36677
-36683
-36691
-36697
-36709
-36713
-36721
-36739
-36749
-36761
-36767
-36779
-36781
-36787
-36791
-36793
-36809
-36821
-36833
-36847
-36857
-36871
-36877
-36887
-36899
-36901
-36913
-36919
-36923
-36929
-36931
-36943
-36947
-36973
-36979
-36997
-37003
-37013
-37019
-37021
-37039
-37049
-37057
-37061
-37087
-37097
-37117
-37123
-37139
-37159
-37171
-37181
-37189
-37199
-37201
-37217
-37223
-37243
-37253
-37273
-37277
-37307
-37309
-37313
-37321
-37337
-37339
-37357
-37361
-37363
-37369
-37379
-37397
-37409
-37423
-37441
-37447
-37463
-37483
-37489
-37493
-37501
-37507
-37511
-37517
-37529
-37537
-37547
-37549
-37561
-37567
-37571
-37573
-37579
-37589
-37591
-37607
-37619
-37633
-37643
-37649
-37657
-37663
-37691
-37693
-37699
-37717
-37747
-37781
-37783
-37799
-37811
-37813
-37831
-37847
-37853
-37861
-37871
-37879
-37889
-37897
-37907
-37951
-37957
-37963
-37967
-37987
-37991
-37993
-37997
-38011
-38039
-38047
-38053
-38069
-38083
-38113
-38119
-38149
-38153
-38167
-38177
-38183
-38189
-38197
-38201
-38219
-38231
-38237
-38239
-38261
-38273
-38281
-38287
-38299
-38303
-38317
-38321
-38327
-38329
-38333
-38351
-38371
-38377
-38393
-38431
-38447
-38449
-38453
-38459
-38461
-38501
-38543
-38557
-38561
-38567
-38569
-38593
-38603
-38609
-38611
-38629
-38639
-38651
-38653
-38669
-38671
-38677
-38693
-38699
-38707
-38711
-38713
-38723
-38729
-38737
-38747
-38749
-38767
-38783
-38791
-38803
-38821
-38833
-38839
-38851
-38861
-38867
-38873
-38891
-38903
-38917
-38921
-38923
-38933
-38953
-38959
-38971
-38977
-38993
-39019
-39023
-39041
-39043
-39047
-39079
-39089
-39097
-39103
-39107
-39113
-39119
-39133
-39139
-39157
-39161
-39163
-39181
-39191
-39199
-39209
-39217
-39227
-39229
-39233
-39239
-39241
-39251
-39293
-39301
-39313
-39317
-39323
-39341
-39343
-39359
-39367
-39371
-39373
-39383
-39397
-39409
-39419
-39439
-39443
-39451
-39461
-39499
-39503
-39509
-39511
-39521
-39541
-39551
-39563
-39569
-39581
-39607
-39619
-39623
-39631
-39659
-39667
-39671
-39679
-39703
-39709
-39719
-39727
-39733
-39749
-39761
-39769
-39779
-39791
-39799
-39821
-39827
-39829
-39839
-39841
-39847
-39857
-39863
-39869
-39877
-39883
-39887
-39901
-39929
-39937
-39953
-39971
-39979
-39983
-39989
-40009
-40013
-40031
-40037
-40039
-40063
-40087
-40093
-40099
-40111
-40123
-40127
-40129
-40151
-40153
-40163
-40169
-40177
-40189
-40193
-40213
-40231
-40237
-40241
-40253
-40277
-40283
-40289
-40343
-40351
-40357
-40361
-40387
-40423
-40427
-40429
-40433
-40459
-40471
-40483
-40487
-40493
-40499
-40507
-40519
-40529
-40531
-40543
-40559
-40577
-40583
-40591
-40597
-40609
-40627
-40637
-40639
-40693
-40697
-40699
-40709
-40739
-40751
-40759
-40763
-40771
-40787
-40801
-40813
-40819
-40823
-40829
-40841
-40847
-40849
-40853
-40867
-40879
-40883
-40897
-40903
-40927
-40933
-40939
-40949
-40961
-40973
-40993
-41011
-41017
-41023
-41039
-41047
-41051
-41057
-41077
-41081
-41113
-41117
-41131
-41141
-41143
-41149
-41161
-41177
-41179
-41183
-41189
-41201
-41203
-41213
-41221
-41227
-41231
-41233
-41243
-41257
-41263
-41269
-41281
-41299
-41333
-41341
-41351
-41357
-41381
-41387
-41389
-41399
-41411
-41413
-41443
-41453
-41467
-41479
-41491
-41507
-41513
-41519
-41521
-41539
-41543
-41549
-41579
-41593
-41597
-41603
-41609
-41611
-41617
-41621
-41627
-41641
-41647
-41651
-41659
-41669
-41681
-41687
-41719
-41729
-41737
-41759
-41761
-41771
-41777
-41801
-41809
-41813
-41843
-41849
-41851
-41863
-41879
-41887
-41893
-41897
-41903
-41911
-41927
-41941
-41947
-41953
-41957
-41959
-41969
-41981
-41983
-41999
-42013
-42017
-42019
-42023
-42043
-42061
-42071
-42073
-42083
-42089
-42101
-42131
-42139
-42157
-42169
-42179
-42181
-42187
-42193
-42197
-42209
-42221
-42223
-42227
-42239
-42257
-42281
-42283
-42293
-42299
-42307
-42323
-42331
-42337
-42349
-42359
-42373
-42379
-42391
-42397
-42403
-42407
-42409
-42433
-42437
-42443
-42451
-42457
-42461
-42463
-42467
-42473
-42487
-42491
-42499
-42509
-42533
-42557
-42569
-42571
-42577
-42589
-42611
-42641
-42643
-42649
-42667
-42677
-42683
-42689
-42697
-42701
-42703
-42709
-42719
-42727
-42737
-42743
-42751
-42767
-42773
-42787
-42793
-42797
-42821
-42829
-42839
-42841
-42853
-42859
-42863
-42899
-42901
-42923
-42929
-42937
-42943
-42953
-42961
-42967
-42979
-42989
-43003
-43013
-43019
-43037
-43049
-43051
-43063
-43067
-43093
-43103
-43117
-43133
-43151
-43159
-43177
-43189
-43201
-43207
-43223
-43237
-43261
-43271
-43283
-43291
-43313
-43319
-43321
-43331
-43391
-43397
-43399
-43403
-43411
-43427
-43441
-43451
-43457
-43481
-43487
-43499
-43517
-43541
-43543
-43573
-43577
-43579
-43591
-43597
-43607
-43609
-43613
-43627
-43633
-43649
-43651
-43661
-43669
-43691
-43711
-43717
-43721
-43753
-43759
-43777
-43781
-43783
-43787
-43789
-43793
-43801
-43853
-43867
-43889
-43891
-43913
-43933
-43943
-43951
-43961
-43963
-43969
-43973
-43987
-43991
-43997
-44017
-44021
-44027
-44029
-44041
-44053
-44059
-44071
-44087
-44089
-44101
-44111
-44119
-44123
-44129
-44131
-44159
-44171
-44179
-44189
-44201
-44203
-44207
-44221
-44249
-44257
-44263
-44267
-44269
-44273
-44279
-44281
-44293
-44351
-44357
-44371
-44381
-44383
-44389
-44417
-44449
-44453
-44483
-44491
-44497
-44501
-44507
-44519
-44531
-44533
-44537
-44543
-44549
-44563
-44579
-44587
-44617
-44621
-44623
-44633
-44641
-44647
-44651
-44657
-44683
-44687
-44699
-44701
-44711
-44729
-44741
-44753
-44771
-44773
-44777
-44789
-44797
-44809
-44819
-44839
-44843
-44851
-44867
-44879
-44887
-44893
-44909
-44917
-44927
-44939
-44953
-44959
-44963
-44971
-44983
-44987
-45007
-45013
-45053
-45061
-45077
-45083
-45119
-45121
-45127
-45131
-45137
-45139
-45161
-45179
-45181
-45191
-45197
-45233
-45247
-45259
-45263
-45281
-45289
-45293
-45307
-45317
-45319
-45329
-45337
-45341
-45343
-45361
-45377
-45389
-45403
-45413
-45427
-45433
-45439
-45481
-45491
-45497
-45503
-45523
-45533
-45541
-45553
-45557
-45569
-45587
-45589
-45599
-45613
-45631
-45641
-45659
-45667
-45673
-45677
-45691
-45697
-45707
-45737
-45751
-45757
-45763
-45767
-45779
-45817
-45821
-45823
-45827
-45833
-45841
-45853
-45863
-45869
-45887
-45893
-45943
-45949
-45953
-45959
-45971
-45979
-45989
-46021
-46027
-46049
-46051
-46061
-46073
-46091
-46093
-46099
-46103
-46133
-46141
-46147
-46153
-46171
-46181
-46183
-46187
-46199
-46219
-46229
-46237
-46261
-46271
-46273
-46279
-46301
-46307
-46309
-46327
-46337
-46349
-46351
-46381
-46399
-46411
-46439
-46441
-46447
-46451
-46457
-46471
-46477
-46489
-46499
-46507
-46511
-46523
-46549
-46559
-46567
-46573
-46589
-46591
-46601
-46619
-46633
-46639
-46643
-46649
-46663
-46679
-46681
-46687
-46691
-46703
-46723
-46727
-46747
-46751
-46757
-46769
-46771
-46807
-46811
-46817
-46819
-46829
-46831
-46853
-46861
-46867
-46877
-46889
-46901
-46919
-46933
-46957
-46993
-46997
-47017
-47041
-47051
-47057
-47059
-47087
-47093
-47111
-47119
-47123
-47129
-47137
-47143
-47147
-47149
-47161
-47189
-47207
-47221
-47237
-47251
-47269
-47279
-47287
-47293
-47297
-47303
-47309
-47317
-47339
-47351
-47353
-47363
-47381
-47387
-47389
-47407
-47417
-47419
-47431
-47441
-47459
-47491
-47497
-47501
-47507
-47513
-47521
-47527
-47533
-47543
-47563
-47569
-47581
-47591
-47599
-47609
-47623
-47629
-47639
-47653
-47657
-47659
-47681
-47699
-47701
-47711
-47713
-47717
-47737
-47741
-47743
-47777
-47779
-47791
-47797
-47807
-47809
-47819
-47837
-47843
-47857
-47869
-47881
-47903
-47911
-47917
-47933
-47939
-47947
-47951
-47963
-47969
-47977
-47981
-48017
-48023
-48029
-48049
-48073
-48079
-48091
-48109
-48119
-48121
-48131
-48157
-48163
-48179
-48187
-48193
-48197
-48221
-48239
-48247
-48259
-48271
-48281
-48299
-48311
-48313
-48337
-48341
-48353
-48371
-48383
-48397
-48407
-48409
-48413
-48437
-48449
-48463
-48473
-48479
-48481
-48487
-48491
-48497
-48523
-48527
-48533
-48539
-48541
-48563
-48571
-48589
-48593
-48611
-48619
-48623
-48647
-48649
-48661
-48673
-48677
-48679
-48731
-48733
-48751
-48757
-48761
-48767
-48779
-48781
-48787
-48799
-48809
-48817
-48821
-48823
-48847
-48857
-48859
-48869
-48871
-48883
-48889
-48907
-48947
-48953
-48973
-48989
-48991
-49003
-49009
-49019
-49031
-49033
-49037
-49043
-49057
-49069
-49081
-49103
-49109
-49117
-49121
-49123
-49139
-49157
-49169
-49171
-49177
-49193
-49199
-49201
-49207
-49211
-49223
-49253
-49261
-49277
-49279
-49297
-49307
-49331
-49333
-49339
-49363
-49367
-49369
-49391
-49393
-49409
-49411
-49417
-49429
-49433
-49451
-49459
-49463
-49477
-49481
-49499
-49523
-49529
-49531
-49537
-49547
-49549
-49559
-49597
-49603
-49613
-49627
-49633
-49639
-49663
-49667
-49669
-49681
-49697
-49711
-49727
-49739
-49741
-49747
-49757
-49783
-49787
-49789
-49801
-49807
-49811
-49823
-49831
-49843
-49853
-49871
-49877
-49891
-49919
-49921
-49927
-49937
-49939
-49943
-49957
-49991
-49993
-49999
-50021
-50023
-50033
-50047
-50051
-50053
-50069
-50077
-50087
-50093
-50101
-50111
-50119
-50123
-50129
-50131
-50147
-50153
-50159
-50177
-50207
-50221
-50227
-50231
-50261
-50263
-50273
-50287
-50291
-50311
-50321
-50329
-50333
-50341
-50359
-50363
-50377
-50383
-50387
-50411
-50417
-50423
-50441
-50459
-50461
-50497
-50503
-50513
-50527
-50539
-50543
-50549
-50551
-50581
-50587
-50591
-50593
-50599
-50627
-50647
-50651
-50671
-50683
-50707
-50723
-50741
-50753
-50767
-50773
-50777
-50789
-50821
-50833
-50839
-50849
-50857
-50867
-50873
-50891
-50893
-50909
-50923
-50929
-50951
-50957
-50969
-50971
-50989
-50993
-51001
-51031
-51043
-51047
-51059
-51061
-51071
-51109
-51131
-51133
-51137
-51151
-51157
-51169
-51193
-51197
-51199
-51203
-51217
-51229
-51239
-51241
-51257
-51263
-51283
-51287
-51307
-51329
-51341
-51343
-51347
-51349
-51361
-51383
-51407
-51413
-51419
-51421
-51427
-51431
-51437
-51439
-51449
-51461
-51473
-51479
-51481
-51487
-51503
-51511
-51517
-51521
-51539
-51551
-51563
-51577
-51581
-51593
-51599
-51607
-51613
-51631
-51637
-51647
-51659
-51673
-51679
-51683
-51691
-51713
-51719
-51721
-51749
-51767
-51769
-51787
-51797
-51803
-51817
-51827
-51829
-51839
-51853
-51859
-51869
-51871
-51893
-51899
-51907
-51913
-51929
-51941
-51949
-51971
-51973
-51977
-51991
-52009
-52021
-52027
-52051
-52057
-52067
-52069
-52081
-52103
-52121
-52127
-52147
-52153
-52163
-52177
-52181
-52183
-52189
-52201
-52223
-52237
-52249
-52253
-52259
-52267
-52289
-52291
-52301
-52313
-52321
-52361
-52363
-52369
-52379
-52387
-52391
-52433
-52453
-52457
-52489
-52501
-52511
-52517
-52529
-52541
-52543
-52553
-52561
-52567
-52571
-52579
-52583
-52609
-52627
-52631
-52639
-52667
-52673
-52691
-52697
-52709
-52711
-52721
-52727
-52733
-52747
-52757
-52769
-52783
-52807
-52813
-52817
-52837
-52859
-52861
-52879
-52883
-52889
-52901
-52903
-52919
-52937
-52951
-52957
-52963
-52967
-52973
-52981
-52999
-53003
-53017
-53047
-53051
-53069
-53077
-53087
-53089
-53093
-53101
-53113
-53117
-53129
-53147
-53149
-53161
-53171
-53173
-53189
-53197
-53201
-53231
-53233
-53239
-53267
-53269
-53279
-53281
-53299
-53309
-53323
-53327
-53353
-53359
-53377
-53381
-53401
-53407
-53411
-53419
-53437
-53441
-53453
-53479
-53503
-53507
-53527
-53549
-53551
-53569
-53591
-53593
-53597
-53609
-53611
-53617
-53623
-53629
-53633
-53639
-53653
-53657
-53681
-53693
-53699
-53717
-53719
-53731
-53759
-53773
-53777
-53783
-53791
-53813
-53819
-53831
-53849
-53857
-53861
-53881
-53887
-53891
-53897
-53899
-53917
-53923
-53927
-53939
-53951
-53959
-53987
-53993
-54001
-54011
-54013
-54037
-54049
-54059
-54083
-54091
-54101
-54121
-54133
-54139
-54151
-54163
-54167
-54181
-54193
-54217
-54251
-54269
-54277
-54287
-54293
-54311
-54319
-54323
-54331
-54347
-54361
-54367
-54371
-54377
-54401
-54403
-54409
-54413
-54419
-54421
-54437
-54443
-54449
-54469
-54493
-54497
-54499
-54503
-54517
-54521
-54539
-54541
-54547
-54559
-54563
-54577
-54581
-54583
-54601
-54617
-54623
-54629
-54631
-54647
-54667
-54673
-54679
-54709
-54713
-54721
-54727
-54751
-54767
-54773
-54779
-54787
-54799
-54829
-54833
-54851
-54869
-54877
-54881
-54907
-54917
-54919
-54941
-54949
-54959
-54973
-54979
-54983
-55001
-55009
-55021
-55049
-55051
-55057
-55061
-55073
-55079
-55103
-55109
-55117
-55127
-55147
-55163
-55171
-55201
-55207
-55213
-55217
-55219
-55229
-55243
-55249
-55259
-55291
-55313
-55331
-55333
-55337
-55339
-55343
-55351
-55373
-55381
-55399
-55411
-55439
-55441
-55457
-55469
-55487
-55501
-55511
-55529
-55541
-55547
-55579
-55589
-55603
-55609
-55619
-55621
-55631
-55633
-55639
-55661
-55663
-55667
-55673
-55681
-55691
-55697
-55711
-55717
-55721
-55733
-55763
-55787
-55793
-55799
-55807
-55813
-55817
-55819
-55823
-55829
-55837
-55843
-55849
-55871
-55889
-55897
-55901
-55903
-55921
-55927
-55931
-55933
-55949
-55967
-55987
-55997
-56003
-56009
-56039
-56041
-56053
-56081
-56087
-56093
-56099
-56101
-56113
-56123
-56131
-56149
-56167
-56171
-56179
-56197
-56207
-56209
-56237
-56239
-56249
-56263
-56267
-56269
-56299
-56311
-56333
-56359
-56369
-56377
-56383
-56393
-56401
-56417
-56431
-56437
-56443
-56453
-56467
-56473
-56477
-56479
-56489
-56501
-56503
-56509
-56519
-56527
-56531
-56533
-56543
-56569
-56591
-56597
-56599
-56611
-56629
-56633
-56659
-56663
-56671
-56681
-56687
-56701
-56711
-56713
-56731
-56737
-56747
-56767
-56773
-56779
-56783
-56807
-56809
-56813
-56821
-56827
-56843
-56857
-56873
-56891
-56893
-56897
-56909
-56911
-56921
-56923
-56929
-56941
-56951
-56957
-56963
-56983
-56989
-56993
-56999
-57037
-57041
-57047
-57059
-57073
-57077
-57089
-57097
-57107
-57119
-57131
-57139
-57143
-57149
-57163
-57173
-57179
-57191
-57193
-57203
-57221
-57223
-57241
-57251
-57259
-57269
-57271
-57283
-57287
-57301
-57329
-57331
-57347
-57349
-57367
-57373
-57383
-57389
-57397
-57413
-57427
-57457
-57467
-57487
-57493
-57503
-57527
-57529
-57557
-57559
-57571
-57587
-57593
-57601
-57637
-57641
-57649
-57653
-57667
-57679
-57689
-57697
-57709
-57713
-57719
-57727
-57731
-57737
-57751
-57773
-57781
-57787
-57791
-57793
-57803
-57809
-57829
-57839
-57847
-57853
-57859
-57881
-57899
-57901
-57917
-57923
-57943
-57947
-57973
-57977
-57991
-58013
-58027
-58031
-58043
-58049
-58057
-58061
-58067
-58073
-58099
-58109
-58111
-58129
-58147
-58151
-58153
-58169
-58171
-58189
-58193
-58199
-58207
-58211
-58217
-58229
-58231
-58237
-58243
-58271
-58309
-58313
-58321
-58337
-58363
-58367
-58369
-58379
-58391
-58393
-58403
-58411
-58417
-58427
-58439
-58441
-58451
-58453
-58477
-58481
-58511
-58537
-58543
-58549
-58567
-58573
-58579
-58601
-58603
-58613
-58631
-58657
-58661
-58679
-58687
-58693
-58699
-58711
-58727
-58733
-58741
-58757
-58763
-58771
-58787
-58789
-58831
-58889
-58897
-58901
-58907
-58909
-58913
-58921
-58937
-58943
-58963
-58967
-58979
-58991
-58997
-59009
-59011
-59021
-59023
-59029
-59051
-59053
-59063
-59069
-59077
-59083
-59093
-59107
-59113
-59119
-59123
-59141
-59149
-59159
-59167
-59183
-59197
-59207
-59209
-59219
-59221
-59233
-59239
-59243
-59263
-59273
-59281
-59333
-59341
-59351
-59357
-59359
-59369
-59377
-59387
-59393
-59399
-59407
-59417
-59419
-59441
-59443
-59447
-59453
-59467
-59471
-59473
-59497
-59509
-59513
-59539
-59557
-59561
-59567
-59581
-59611
-59617
-59621
-59627
-59629
-59651
-59659
-59663
-59669
-59671
-59693
-59699
-59707
-59723
-59729
-59743
-59747
-59753
-59771
-59779
-59791
-59797
-59809
-59833
-59863
-59879
-59887
-59921
-59929
-59951
-59957
-59971
-59981
-59999
-60013
-60017
-60029
-60037
-60041
-60077
-60083
-60089
-60091
-60101
-60103
-60107
-60127
-60133
-60139
-60149
-60161
-60167
-60169
-60209
-60217
-60223
-60251
-60257
-60259
-60271
-60289
-60293
-60317
-60331
-60337
-60343
-60353
-60373
-60383
-60397
-60413
-60427
-60443
-60449
-60457
-60493
-60497
-60509
-60521
-60527
-60539
-60589
-60601
-60607
-60611
-60617
-60623
-60631
-60637
-60647
-60649
-60659
-60661
-60679
-60689
-60703
-60719
-60727
-60733
-60737
-60757
-60761
-60763
-60773
-60779
-60793
-60811
-60821
-60859
-60869
-60887
-60889
-60899
-60901
-60913
-60917
-60919
-60923
-60937
-60943
-60953
-60961
-61001
-61007
-61027
-61031
-61043
-61051
-61057
-61091
-61099
-61121
-61129
-61141
-61151
-61153
-61169
-61211
-61223
-61231
-61253
-61261
-61283
-61291
-61297
-61331
-61333
-61339
-61343
-61357
-61363
-61379
-61381
-61403
-61409
-61417
-61441
-61463
-61469
-61471
-61483
-61487
-61493
-61507
-61511
-61519
-61543
-61547
-61553
-61559
-61561
-61583
-61603
-61609
-61613
-61627
-61631
-61637
-61643
-61651
-61657
-61667
-61673
-61681
-61687
-61703
-61717
-61723
-61729
-61751
-61757
-61781
-61813
-61819
-61837
-61843
-61861
-61871
-61879
-61909
-61927
-61933
-61949
-61961
-61967
-61979
-61981
-61987
-61991
-62003
-62011
-62017
-62039
-62047
-62053
-62057
-62071
-62081
-62099
-62119
-62129
-62131
-62137
-62141
-62143
-62171
-62189
-62191
-62201
-62207
-62213
-62219
-62233
-62273
-62297
-62299
-62303
-62311
-62323
-62327
-62347
-62351
-62383
-62401
-62417
-62423
-62459
-62467
-62473
-62477
-62483
-62497
-62501
-62507
-62533
-62539
-62549
-62563
-62581
-62591
-62597
-62603
-62617
-62627
-62633
-62639
-62653
-62659
-62683
-62687
-62701
-62723
-62731
-62743
-62753
-62761
-62773
-62791
-62801
-62819
-62827
-62851
-62861
-62869
-62873
-62897
-62903
-62921
-62927
-62929
-62939
-62969
-62971
-62981
-62983
-62987
-62989
-63029
-63031
-63059
-63067
-63073
-63079
-63097
-63103
-63113
-63127
-63131
-63149
-63179
-63197
-63199
-63211
-63241
-63247
-63277
-63281
-63299
-63311
-63313
-63317
-63331
-63337
-63347
-63353
-63361
-63367
-63377
-63389
-63391
-63397
-63409
-63419
-63421
-63439
-63443
-63463
-63467
-63473
-63487
-63493
-63499
-63521
-63527
-63533
-63541
-63559
-63577
-63587
-63589
-63599
-63601
-63607
-63611
-63617
-63629
-63647
-63649
-63659
-63667
-63671
-63689
-63691
-63697
-63703
-63709
-63719
-63727
-63737
-63743
-63761
-63773
-63781
-63793
-63799
-63803
-63809
-63823
-63839
-63841
-63853
-63857
-63863
-63901
-63907
-63913
-63929
-63949
-63977
-63997
-64007
-64013
-64019
-64033
-64037
-64063
-64067
-64081
-64091
-64109
-64123
-64151
-64153
-64157
-64171
-64187
-64189
-64217
-64223
-64231
-64237
-64271
-64279
-64283
-64301
-64303
-64319
-64327
-64333
-64373
-64381
-64399
-64403
-64433
-64439
-64451
-64453
-64483
-64489
-64499
-64513
-64553
-64567
-64577
-64579
-64591
-64601
-64609
-64613
-64621
-64627
-64633
-64661
-64663
-64667
-64679
-64693
-64709
-64717
-64747
-64763
-64781
-64783
-64793
-64811
-64817
-64849
-64853
-64871
-64877
-64879
-64891
-64901
-64919
-64921
-64927
-64937
-64951
-64969
-64997
-65003
-65011
-65027
-65029
-65033
-65053
-65063
-65071
-65089
-65099
-65101
-65111
-65119
-65123
-65129
-65141
-65147
-65167
-65171
-65173
-65179
-65183
-65203
-65213
-65239
-65257
-65267
-65269
-65287
-65293
-65309
-65323
-65327
-65353
-65357
-65371
-65381
-65393
-65407
-65413
-65419
-65423
-65437
-65447
-65449
-65479
-65497
-65519
-65521
diff --git a/security/nss/lib/freebl/mpi/doc/prng.pod b/security/nss/lib/freebl/mpi/doc/prng.pod
deleted file mode 100644
index 1ae75da82..000000000
--- a/security/nss/lib/freebl/mpi/doc/prng.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=head1 NAME
-
- prng - pseudo-random number generator
-
-=head1 SYNOPSIS
-
- prng [count]
-
-=head1 DESCRIPTION
-
-B<Prng> generates 32-bit pseudo-random integers using the
-Blum-Blum-Shub (BBS) quadratic residue generator. It is seeded using
-the standard C library's rand() function, which itself seeded from the
-system clock and the process ID number. Thus, the values generated
-are not particularly useful for cryptographic applications, but they
-are in general much better than the typical output of the usual
-multiplicative congruency generator used by most runtime libraries.
-
-You may optionally specify how many random values should be generated
-by giving a I<count> argument on the command line. If you do not
-specify a count, only one random value will be generated. The results
-are output to the standard output in decimal notation, one value per
-line.
-
-=head1 RESTRICTIONS
-
-As stated above, B<prng> uses the C library's rand() function to seed
-the generator, so it is not terribly suitable for cryptographic
-applications. Also note that each time you run the program, a new
-seed is generated, so it is better to run it once with a I<count>
-parameter than it is to run it multiple times to generate several
-values.
-
-=head1 AUTHOR
-
- Michael J. Fromberger <sting@linguist.dartmouth.edu>
- Copyright (C) 1998 Michael J. Fromberger, All Rights Reserved
- Thayer School of Engineering, Dartmouth College, Hanover, NH USA
-
- $Date$
-
diff --git a/security/nss/lib/freebl/mpi/doc/redux.txt b/security/nss/lib/freebl/mpi/doc/redux.txt
deleted file mode 100644
index f6f8b6ad4..000000000
--- a/security/nss/lib/freebl/mpi/doc/redux.txt
+++ /dev/null
@@ -1,118 +0,0 @@
-Modular Reduction
-
-Usually, modular reduction is accomplished by long division, using the
-mp_div() or mp_mod() functions. However, when performing modular
-exponentiation, you spend a lot of time reducing by the same modulus
-again and again. For this purpose, doing a full division for each
-multiplication is quite inefficient.
-
-For this reason, the mp_exptmod() function does not perform modular
-reductions in the usual way, but instead takes advantage of an
-algorithm due to Barrett, as described by Menezes, Oorschot and
-VanStone in their book _Handbook of Applied Cryptography_, published
-by the CRC Press (see Chapter 14 for details). This method reduces
-most of the computation of reduction to efficient shifting and masking
-operations, and avoids the multiple-precision division entirely.
-
-Here is a brief synopsis of Barrett reduction, as it is implemented in
-this library.
-
-Let b denote the radix of the computation (one more than the maximum
-value that can be denoted by an mp_digit). Let m be the modulus, and
-let k be the number of significant digits of m. Let x be the value to
-be reduced modulo m. By the Division Theorem, there exist unique
-integers Q and R such that:
-
- x = Qm + R, 0 <= R < m
-
-Barrett reduction takes advantage of the fact that you can easily
-approximate Q to within two, given a value M such that:
-
- 2k
- b
- M = floor( ----- )
- m
-
-Computation of M requires a full-precision division step, so if you
-are only doing a single reduction by m, you gain no advantage.
-However, when multiple reductions by the same m are required, this
-division need only be done once, beforehand. Using this, we can use
-the following equation to compute Q', an approximation of Q:
-
- x
- floor( ------ ) M
- k-1
- b
-Q' = floor( ----------------- )
- k+1
- b
-
-The divisions by b^(k-1) and b^(k+1) and the floor() functions can be
-efficiently implemented with shifts and masks, leaving only a single
-multiplication to be performed to get this approximation. It can be
-shown that Q - 2 <= Q' <= Q, so in the worst case, we can get out with
-two additional subtractions to bring the value into line with the
-actual value of Q.
-
-Once we've got Q', we basically multiply that by m and subtract from
-x, yielding:
-
- x - Q'm = Qm + R - Q'm
-
-Since we know the constraint on Q', this is one of:
-
- R
- m + R
- 2m + R
-
-Since R < m by the Division Theorem, we can simply subtract off m
-until we get a value in the correct range, which will happen with no
-more than 2 subtractions:
-
- v = x - Q'm
-
- while(v >= m)
- v = v - m
- endwhile
-
-
-In random performance trials, modular exponentiation using this method
-of reduction gave around a 40% speedup over using the division for
-reduction.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/sqrt.txt b/security/nss/lib/freebl/mpi/doc/sqrt.txt
deleted file mode 100644
index e14157caa..000000000
--- a/security/nss/lib/freebl/mpi/doc/sqrt.txt
+++ /dev/null
@@ -1,82 +0,0 @@
-Square Root
-
-A simple iterative algorithm is used to compute the greatest integer
-less than or equal to the square root. Essentially, this is Newton's
-linear approximation, computed by finding successive values of the
-equation:
-
- x[k]^2 - V
-x[k+1] = x[k] - ------------
- 2 x[k]
-
-...where V is the value for which the square root is being sought. In
-essence, what is happening here is that we guess a value for the
-square root, then figure out how far off we were by squaring our guess
-and subtracting the target. Using this value, we compute a linear
-approximation for the error, and adjust the "guess". We keep doing
-this until the precision gets low enough that the above equation
-yields a quotient of zero. At this point, our last guess is one
-greater than the square root we're seeking.
-
-The initial guess is computed by dividing V by 4, which is a heuristic
-I have found to be fairly good on average. This also has the
-advantage of being very easy to compute efficiently, even for large
-values.
-
-So, the resulting algorithm works as follows:
-
- x = V / 4 /* compute initial guess */
-
- loop
- t = (x * x) - V /* Compute absolute error */
- u = 2 * x /* Adjust by tangent slope */
- t = t / u
-
- /* Loop is done if error is zero */
- if(t == 0)
- break
-
- /* Adjust guess by error term */
- x = x - t
- end
-
- x = x - 1
-
-The result of the computation is the value of x.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/square.txt b/security/nss/lib/freebl/mpi/doc/square.txt
deleted file mode 100644
index e0d28798a..000000000
--- a/security/nss/lib/freebl/mpi/doc/square.txt
+++ /dev/null
@@ -1,104 +0,0 @@
-Squaring Algorithm
-
-When you are squaring a value, you can take advantage of the fact that
-half the multiplications performed by the more general multiplication
-algorithm (see 'mul.txt' for a description) are redundant when the
-multiplicand equals the multiplier.
-
-In particular, the modified algorithm is:
-
-k = 0
-for j <- 0 to (#a - 1)
- w = c[2*j] + (a[j] ^ 2);
- k = w div R
-
- for i <- j+1 to (#a - 1)
- w = (2 * a[j] * a[i]) + k + c[i+j]
- c[i+j] = w mod R
- k = w div R
- endfor
- c[i+j] = k;
- k = 0;
-endfor
-
-On the surface, this looks identical to the multiplication algorithm;
-however, note the following differences:
-
- - precomputation of the leading term in the outer loop
-
- - i runs from j+1 instead of from zero
-
- - doubling of a[i] * a[j] in the inner product
-
-Unfortunately, the construction of the inner product is such that we
-need more than two digits to represent the inner product, in some
-cases. In a C implementation, this means that some gymnastics must be
-performed in order to handle overflow, for which C has no direct
-abstraction. We do this by observing the following:
-
-If we have multiplied a[i] and a[j], and the product is more than half
-the maximum value expressible in two digits, then doubling this result
-will overflow into a third digit. If this occurs, we take note of the
-overflow, and double it anyway -- C integer arithmetic ignores
-overflow, so the two digits we get back should still be valid, modulo
-the overflow.
-
-Having doubled this value, we now have to add in the remainders and
-the digits already computed by earlier steps. If we did not overflow
-in the previous step, we might still cause an overflow here. That
-will happen whenever the maximum value expressible in two digits, less
-the amount we have to add, is greater than the result of the previous
-step. Thus, the overflow computation is:
-
-
- u = 0
- w = a[i] * a[j]
-
- if(w > (R - 1)/ 2)
- u = 1;
-
- w = w * 2
- v = c[i + j] + k
-
- if(u == 0 && (R - 1 - v) < w)
- u = 1
-
-If there is an overflow, u will be 1, otherwise u will be 0. The rest
-of the parameters are the same as they are in the above description.
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/doc/timing.txt b/security/nss/lib/freebl/mpi/doc/timing.txt
deleted file mode 100644
index c1701063a..000000000
--- a/security/nss/lib/freebl/mpi/doc/timing.txt
+++ /dev/null
@@ -1,245 +0,0 @@
-MPI Library Timing Tests
-
-Hardware/OS
-(A) SGI O2 1 x MIPS R10000 250MHz IRIX 6.5.3
-(B) IBM RS/6000 43P-240 1 x PowerPC 603e 223MHz AIX 4.3
-(C) Dell GX1/L+ 1 x Pentium III 550MHz Linux 2.2.12-20
-(D) PowerBook G3 1 x PowerPC 750 266MHz LinuxPPC 2.2.6-15apmac
-(E) PowerBook G3 1 x PowerPC 750 266MHz MacOS 8.5.1
-(F) PowerBook G3 1 x PowerPC 750 400MHz MacOS 9.0.2
-
-Compiler
-(1) MIPSpro C 7.2.1 -O3 optimizations
-(2) GCC 2.95.1 -O3 optimizations
-(3) IBM AIX xlc -O3 optimizations (version unknown)
-(4) EGCS 2.91.66 -O3 optimizations
-(5) Metrowerks CodeWarrior 5.0 C, all optimizations
-(6) MIPSpro C 7.30 -O3 optimizations
-(7) same as (6), with optimized libmalloc.so
-
-Timings are given in seconds, computed using the C library's clock()
-function. The first column gives the hardware and compiler
-configuration used for the test. The second column indicates the
-number of tests that were aggregated to get the statistics for that
-size. These were compiled using 16 bit digits.
-
-Source data were generated randomly using a fixed seed, so they should
-be internally consistent, but may vary on different systems depending
-on the C library. Also, since the resolution of the timer accessed by
-clock() varies, there may be some variance in the precision of these
-measurements.
-
-Prime Generation (primegen)
-
-128 bits:
-A1 200 min=0.03, avg=0.19, max=0.72, sum=38.46
-A2 200 min=0.02, avg=0.16, max=0.62, sum=32.55
-B3 200 min=0.01, avg=0.07, max=0.22, sum=13.29
-C4 200 min=0.00, avg=0.03, max=0.20, sum=6.14
-D4 200 min=0.00, avg=0.05, max=0.33, sum=9.70
-A6 200 min=0.01, avg=0.09, max=0.36, sum=17.48
-A7 200 min=0.00, avg=0.05, max=0.24, sum=10.07
-
-192 bits:
-A1 200 min=0.05, avg=0.45, max=3.13, sum=89.96
-A2 200 min=0.04, avg=0.39, max=2.61, sum=77.55
-B3 200 min=0.02, avg=0.18, max=1.25, sum=36.97
-C4 200 min=0.01, avg=0.09, max=0.33, sum=18.24
-D4 200 min=0.02, avg=0.15, max=0.54, sum=29.63
-A6 200 min=0.02, avg=0.24, max=1.70, sum=47.84
-A7 200 min=0.01, avg=0.15, max=1.05, sum=30.88
-
-256 bits:
-A1 200 min=0.08, avg=0.92, max=6.13, sum=184.79
-A2 200 min=0.06, avg=0.76, max=5.03, sum=151.11
-B3 200 min=0.04, avg=0.41, max=2.68, sum=82.35
-C4 200 min=0.02, avg=0.19, max=0.69, sum=37.91
-D4 200 min=0.03, avg=0.31, max=1.15, sum=63.00
-A6 200 min=0.04, avg=0.48, max=3.13, sum=95.46
-A7 200 min=0.03, avg=0.37, max=2.36, sum=73.60
-
-320 bits:
-A1 200 min=0.11, avg=1.59, max=6.14, sum=318.81
-A2 200 min=0.09, avg=1.27, max=4.93, sum=254.03
-B3 200 min=0.07, avg=0.82, max=3.13, sum=163.80
-C4 200 min=0.04, avg=0.44, max=1.91, sum=87.59
-D4 200 min=0.06, avg=0.73, max=3.22, sum=146.73
-A6 200 min=0.07, avg=0.93, max=3.50, sum=185.01
-A7 200 min=0.05, avg=0.76, max=2.94, sum=151.78
-
-384 bits:
-A1 200 min=0.16, avg=2.69, max=11.41, sum=537.89
-A2 200 min=0.13, avg=2.15, max=9.03, sum=429.14
-B3 200 min=0.11, avg=1.54, max=6.49, sum=307.78
-C4 200 min=0.06, avg=0.81, max=4.84, sum=161.13
-D4 200 min=0.10, avg=1.38, max=8.31, sum=276.81
-A6 200 min=0.11, avg=1.73, max=7.36, sum=345.55
-A7 200 min=0.09, avg=1.46, max=6.12, sum=292.02
-
-448 bits:
-A1 200 min=0.23, avg=3.36, max=15.92, sum=672.63
-A2 200 min=0.17, avg=2.61, max=12.25, sum=522.86
-B3 200 min=0.16, avg=2.10, max=9.83, sum=420.86
-C4 200 min=0.09, avg=1.44, max=7.64, sum=288.36
-D4 200 min=0.16, avg=2.50, max=13.29, sum=500.17
-A6 200 min=0.15, avg=2.31, max=10.81, sum=461.58
-A7 200 min=0.14, avg=2.03, max=9.53, sum=405.16
-
-512 bits:
-A1 200 min=0.30, avg=6.12, max=22.18, sum=1223.35
-A2 200 min=0.25, avg=4.67, max=16.90, sum=933.18
-B3 200 min=0.23, avg=4.13, max=14.94, sum=825.45
-C4 200 min=0.13, avg=2.08, max=9.75, sum=415.22
-D4 200 min=0.24, avg=4.04, max=20.18, sum=808.11
-A6 200 min=0.22, avg=4.47, max=16.19, sum=893.83
-A7 200 min=0.20, avg=4.03, max=14.65, sum=806.02
-
-Modular Exponentation (metime)
-
-The following results are aggregated from 200 pseudo-randomly
-generated tests, based on a fixed seed.
-
- base, exponent, and modulus size (bits)
-P/C 128 192 256 320 384 448 512 640 768 896 1024
-------- -----------------------------------------------------------------
-A1 0.015 0.027 0.047 0.069 0.098 0.133 0.176 0.294 0.458 0.680 1.040
-A2 0.013 0.024 0.037 0.053 0.077 0.102 0.133 0.214 0.326 0.476 0.668
-B3 0.005 0.011 0.021 0.036 0.056 0.084 0.121 0.222 0.370 0.573 0.840
-C4 0.002 0.006 0.011 0.020 0.032 0.048 0.069 0.129 0.223 0.344 0.507
-D4 0.004 0.010 0.019 0.034 0.056 0.085 0.123 0.232 0.390 0.609 0.899
-E5 0.007 0.015 0.031 0.055 0.088 0.133 0.183 0.342 0.574 0.893 1.317
-A6 0.008 0.016 0.038 0.042 0.064 0.093 0.133 0.239 0.393 0.604 0.880
-A7 0.005 0.011 0.020 0.036 0.056 0.083 0.121 0.223 0.374 0.583 0.855
-
-Multiplication and Squaring tests, (mulsqr)
-
-The following results are aggregated from 500000 pseudo-randomly
-generated tests, based on a per-run wall-clock seed. Times are given
-in seconds, except where indicated in microseconds (us).
-
-(A1)
-
-bits multiply square ad percent time/mult time/square
-64 9.33 9.15 > 1.9 18.7us 18.3us
-128 10.88 10.44 > 4.0 21.8us 20.9us
-192 13.30 11.89 > 10.6 26.7us 23.8us
-256 14.88 12.64 > 15.1 29.8us 25.3us
-320 18.64 15.01 > 19.5 37.3us 30.0us
-384 23.11 17.70 > 23.4 46.2us 35.4us
-448 28.28 20.88 > 26.2 56.6us 41.8us
-512 34.09 24.51 > 28.1 68.2us 49.0us
-640 47.86 33.25 > 30.5 95.7us 66.5us
-768 64.91 43.54 > 32.9 129.8us 87.1us
-896 84.49 55.48 > 34.3 169.0us 111.0us
-1024 107.25 69.21 > 35.5 214.5us 138.4us
-1536 227.97 141.91 > 37.8 456.0us 283.8us
-2048 394.05 242.15 > 38.5 788.1us 484.3us
-
-(A2)
-
-bits multiply square ad percent time/mult time/square
-64 7.87 7.95 < 1.0 15.7us 15.9us
-128 9.40 9.19 > 2.2 18.8us 18.4us
-192 11.15 10.59 > 5.0 22.3us 21.2us
-256 12.02 11.16 > 7.2 24.0us 22.3us
-320 14.62 13.43 > 8.1 29.2us 26.9us
-384 17.72 15.80 > 10.8 35.4us 31.6us
-448 21.24 18.51 > 12.9 42.5us 37.0us
-512 25.36 21.78 > 14.1 50.7us 43.6us
-640 34.57 29.00 > 16.1 69.1us 58.0us
-768 46.10 37.60 > 18.4 92.2us 75.2us
-896 58.94 47.72 > 19.0 117.9us 95.4us
-1024 73.76 59.12 > 19.8 147.5us 118.2us
-1536 152.00 118.80 > 21.8 304.0us 237.6us
-2048 259.41 199.57 > 23.1 518.8us 399.1us
-
-(B3)
-
-bits multiply square ad percent time/mult time/square
-64 2.60 2.47 > 5.0 5.20us 4.94us
-128 4.43 4.06 > 8.4 8.86us 8.12us
-192 7.03 6.10 > 13.2 14.1us 12.2us
-256 10.44 8.59 > 17.7 20.9us 17.2us
-320 14.44 11.64 > 19.4 28.9us 23.3us
-384 19.12 15.08 > 21.1 38.2us 30.2us
-448 24.55 19.09 > 22.2 49.1us 38.2us
-512 31.03 23.53 > 24.2 62.1us 47.1us
-640 45.05 33.80 > 25.0 90.1us 67.6us
-768 63.02 46.05 > 26.9 126.0us 92.1us
-896 83.74 60.29 > 28.0 167.5us 120.6us
-1024 106.73 76.65 > 28.2 213.5us 153.3us
-1536 228.94 160.98 > 29.7 457.9us 322.0us
-2048 398.08 275.93 > 30.7 796.2us 551.9us
-
-(C4)
-
-bits multiply square ad percent time/mult time/square
-64 1.34 1.28 > 4.5 2.68us 2.56us
-128 2.76 2.59 > 6.2 5.52us 5.18us
-192 4.52 4.16 > 8.0 9.04us 8.32us
-256 6.64 5.99 > 9.8 13.3us 12.0us
-320 9.20 8.13 > 11.6 18.4us 16.3us
-384 12.01 10.58 > 11.9 24.0us 21.2us
-448 15.24 13.33 > 12.5 30.5us 26.7us
-512 19.02 16.46 > 13.5 38.0us 32.9us
-640 27.56 23.54 > 14.6 55.1us 47.1us
-768 37.89 31.78 > 16.1 75.8us 63.6us
-896 49.24 41.42 > 15.9 98.5us 82.8us
-1024 62.59 52.18 > 16.6 125.2us 104.3us
-1536 131.66 107.72 > 18.2 263.3us 215.4us
-2048 226.45 182.95 > 19.2 453.0us 365.9us
-
-(A7)
-
-bits multiply square ad percent time/mult time/square
-64 1.74 1.71 > 1.7 3.48us 3.42us
-128 3.48 2.96 > 14.9 6.96us 5.92us
-192 5.74 4.60 > 19.9 11.5us 9.20us
-256 8.75 6.61 > 24.5 17.5us 13.2us
-320 12.5 8.99 > 28.1 25.0us 18.0us
-384 16.9 11.9 > 29.6 33.8us 23.8us
-448 22.2 15.2 > 31.7 44.4us 30.4us
-512 28.3 19.0 > 32.7 56.6us 38.0us
-640 42.4 28.0 > 34.0 84.8us 56.0us
-768 59.4 38.5 > 35.2 118.8us 77.0us
-896 79.5 51.2 > 35.6 159.0us 102.4us
-1024 102.6 65.5 > 36.2 205.2us 131.0us
-1536 224.3 140.6 > 37.3 448.6us 281.2us
-2048 393.4 244.3 > 37.9 786.8us 488.6us
-
-------------------------------------------------------------------
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the GPL.
-
-$Id$
-
-
diff --git a/security/nss/lib/freebl/mpi/hpma512.s b/security/nss/lib/freebl/mpi/hpma512.s
deleted file mode 100644
index f8241ac3e..000000000
--- a/security/nss/lib/freebl/mpi/hpma512.s
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is multacc512 multiple-precision integer arithmetic.
- *
- * The Initial Developer of the Original Code is Hewlett-Packard Company.
- * Portions created by Hewlett-Packard Company are
- * Copyright (C) March 1999, Hewlett-Packard Company. All Rights Reserved.
- *
- * Contributor(s):
- * coded by: Bill Worley, Hewlett-Packard labs
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * This PA-RISC 2.0 function computes the product of two unsigned integers,
- * and adds the result to a previously computed integer. The multiplicand
- * is a 512-bit (64-byte, eight doubleword) unsigned integer, stored in
- * memory in little-double-wordian order. The multiplier is an unsigned
- * 64-bit integer. The previously computed integer to which the product is
- * added is located in the result ("res") area, and is assumed to be a
- * 576-bit (72-byte, nine doubleword) unsigned integer, stored in memory
- * in little-double-wordian order. This value normally will be the result
- * of a previously computed nine doubleword result. It is not necessary
- * to pad the multiplicand with an additional 64-bit zero doubleword.
- *
- * Multiplicand, multiplier, and addend ideally should be aligned at
- * 16-byte boundaries for best performance. The code will function
- * correctly for alignment at eight-byte boundaries which are not 16-byte
- * boundaries, but the execution may be slightly slower due to even/odd
- * bank conflicts on PA-RISC 8000 processors.
- *
- * This function is designed to accept the same calling sequence as Bill
- * Ackerman's "maxpy_little" function. The carry from the ninth doubleword
- * of the result is written to the tenth word of the result, as is done by
- * Bill Ackerman's function. The final carry also is returned as an
- * integer, which may be ignored. The function prototype may be either
- * of the following:
- *
- * void multacc512( int l, chunk* m, const chunk* a, chunk* res );
- * or
- * int multacc512( int l, chunk* m, const chunk* a, chunk* res );
- *
- * where: "l" originally denoted vector lengths. This parameter is
- * ignored. This function always assumes a multiplicand length of
- * 512 bits (eight doublewords), and addend and result lengths of
- * 576 bits (nine doublewords).
- *
- * "m" is a pointer to the doubleword multiplier, ideally aligned
- * on a 16-byte boundary.
- *
- * "a" is a pointer to the eight-doubleword multiplicand, stored
- * in little-double-wordian order, and ideally aligned on a 16-byte
- * boundary.
- *
- * "res" is a pointer to the nine doubleword addend, and to the
- * nine-doubleword product computed by this function. The result
- * also is stored in little-double-wordian order, and ideally is
- * aligned on a 16-byte boundary. It is expected that the alignment
- * of the "res" area may alternate between even/odd doubleword
- * boundaries for successive calls for 512-bit x 512-bit
- * multiplications.
- *
- * The code for this function has been scheduled to use the parallelism
- * of the PA-RISC 8000 series microprocessors as well as the author was
- * able. Comments and/or suggestions for improvement are welcomed.
- *
- * The code is "64-bit safe". This means it may be called in either
- * the 32ILP context or the 64LP context. All 64-bits of registers are
- * saved and restored.
- *
- * This code is self-contained. It requires no other header files in order
- * to compile and to be linkable on a PA-RISC 2.0 machine. Symbolic
- * definitions for registers and stack offsets are included within this
- * one source file.
- *
- * This is a leaf routine. As such, minimal use is made of the stack area.
- * Of the 192 bytes allocated, 64 bytes are used for saving/restoring eight
- * general registers, and 128 bytes are used to move intermediate products
- * from the floating-point registers to the general registers. Stack
- * protocols assure proper alignment of these areas.
- *
- */
-
-
-/* ====================================================================*/
-/* symbolic definitions for PA-RISC registers */
-/* in the MIPS style, avoids lots of case shifts */
-/* assigments (except t4) preserve register number parity */
-/* ====================================================================*/
-
-#define zero %r0 /* permanent zero */
-#define t5 %r1 /* temp register, altered by addil */
-
-#define rp %r2 /* return pointer */
-
-#define s1 %r3 /* callee saves register*/
-#define s0 %r4 /* callee saves register*/
-#define s3 %r5 /* callee saves register*/
-#define s2 %r6 /* callee saves register*/
-#define s5 %r7 /* callee saves register*/
-#define s4 %r8 /* callee saves register*/
-#define s7 %r9 /* callee saves register*/
-#define s6 %r10 /* callee saves register*/
-
-#define t1 %r19 /* caller saves register*/
-#define t0 %r20 /* caller saves register*/
-#define t3 %r21 /* caller saves register*/
-#define t2 %r22 /* caller saves register*/
-
-#define a3 %r23 /* fourth argument register, high word */
-#define a2 %r24 /* third argument register, low word*/
-#define a1 %r25 /* second argument register, high word*/
-#define a0 %r26 /* first argument register, low word*/
-
-#define v0 %r28 /* high order return value*/
-#define v1 %r29 /* low order return value*/
-
-#define sp %r30 /* stack pointer*/
-#define t4 %r31 /* temporary register */
-
-#define fa0 %fr4 /* first argument register*/
-#define fa1 %fr5 /* second argument register*/
-#define fa2 %fr6 /* third argument register*/
-#define fa3 %fr7 /* fourth argument register*/
-
-#define fa0r %fr4R /* first argument register*/
-#define fa1r %fr5R /* second argument register*/
-#define fa2r %fr6R /* third argument register*/
-#define fa3r %fr7R /* fourth argument register*/
-
-#define ft0 %fr8 /* caller saves register*/
-#define ft1 %fr9 /* caller saves register*/
-#define ft2 %fr10 /* caller saves register*/
-#define ft3 %fr11 /* caller saves register*/
-
-#define ft0r %fr8R /* caller saves register*/
-#define ft1r %fr9R /* caller saves register*/
-#define ft2r %fr10R /* caller saves register*/
-#define ft3r %fr11R /* caller saves register*/
-
-#define ft4 %fr22 /* caller saves register*/
-#define ft5 %fr23 /* caller saves register*/
-#define ft6 %fr24 /* caller saves register*/
-#define ft7 %fr25 /* caller saves register*/
-#define ft8 %fr26 /* caller saves register*/
-#define ft9 %fr27 /* caller saves register*/
-#define ft10 %fr28 /* caller saves register*/
-#define ft11 %fr29 /* caller saves register*/
-#define ft12 %fr30 /* caller saves register*/
-#define ft13 %fr31 /* caller saves register*/
-
-#define ft4r %fr22R /* caller saves register*/
-#define ft5r %fr23R /* caller saves register*/
-#define ft6r %fr24R /* caller saves register*/
-#define ft7r %fr25R /* caller saves register*/
-#define ft8r %fr26R /* caller saves register*/
-#define ft9r %fr27R /* caller saves register*/
-#define ft10r %fr28R /* caller saves register*/
-#define ft11r %fr29R /* caller saves register*/
-#define ft12r %fr30R /* caller saves register*/
-#define ft13r %fr31R /* caller saves register*/
-
-
-
-/* ================================================================== */
-/* functional definitions for PA-RISC registers */
-/* ================================================================== */
-
-/* general registers */
-
-#define T1 a0 /* temp, (length parameter ignored) */
-
-#define pM a1 /* -> 64-bit multiplier */
-#define T2 a1 /* temp, (after fetching multiplier) */
-
-#define pA a2 /* -> multiplicand vector (8 64-bit words) */
-#define T3 a2 /* temp, (after fetching multiplicand) */
-
-#define pR a3 /* -> addend vector (8 64-bit doublewords,
- result vector (9 64-bit words) */
-
-#define S0 s0 /* callee saves summand registers */
-#define S1 s1
-#define S2 s2
-#define S3 s3
-#define S4 s4
-#define S5 s5
-#define S6 s6
-#define S7 s7
-
-#define S8 v0 /* caller saves summand registers */
-#define S9 v1
-#define S10 t0
-#define S11 t1
-#define S12 t2
-#define S13 t3
-#define S14 t4
-#define S15 t5
-
-
-
-/* floating-point registers */
-
-#define M fa0 /* multiplier double word */
-#define MR fa0r /* low order half of multiplier double word */
-#define ML fa0 /* high order half of multiplier double word */
-
-#define A0 fa2 /* multiplicand double word 0 */
-#define A0R fa2r /* low order half of multiplicand double word */
-#define A0L fa2 /* high order half of multiplicand double word */
-
-#define A1 fa3 /* multiplicand double word 1 */
-#define A1R fa3r /* low order half of multiplicand double word */
-#define A1L fa3 /* high order half of multiplicand double word */
-
-#define A2 ft0 /* multiplicand double word 2 */
-#define A2R ft0r /* low order half of multiplicand double word */
-#define A2L ft0 /* high order half of multiplicand double word */
-
-#define A3 ft1 /* multiplicand double word 3 */
-#define A3R ft1r /* low order half of multiplicand double word */
-#define A3L ft1 /* high order half of multiplicand double word */
-
-#define A4 ft2 /* multiplicand double word 4 */
-#define A4R ft2r /* low order half of multiplicand double word */
-#define A4L ft2 /* high order half of multiplicand double word */
-
-#define A5 ft3 /* multiplicand double word 5 */
-#define A5R ft3r /* low order half of multiplicand double word */
-#define A5L ft3 /* high order half of multiplicand double word */
-
-#define A6 ft4 /* multiplicand double word 6 */
-#define A6R ft4r /* low order half of multiplicand double word */
-#define A6L ft4 /* high order half of multiplicand double word */
-
-#define A7 ft5 /* multiplicand double word 7 */
-#define A7R ft5r /* low order half of multiplicand double word */
-#define A7L ft5 /* high order half of multiplicand double word */
-
-#define P0 ft6 /* product word 0 */
-#define P1 ft7 /* product word 0 */
-#define P2 ft8 /* product word 0 */
-#define P3 ft9 /* product word 0 */
-#define P4 ft10 /* product word 0 */
-#define P5 ft11 /* product word 0 */
-#define P6 ft12 /* product word 0 */
-#define P7 ft13 /* product word 0 */
-
-
-
-
-/* ====================================================================== */
-/* symbolic definitions for HP-UX stack offsets */
-/* symbolic definitions for memory NOPs */
-/* ====================================================================== */
-
-#define ST_SZ 192 /* stack area total size */
-
-#define SV0 -192(sp) /* general register save area */
-#define SV1 -184(sp)
-#define SV2 -176(sp)
-#define SV3 -168(sp)
-#define SV4 -160(sp)
-#define SV5 -152(sp)
-#define SV6 -144(sp)
-#define SV7 -136(sp)
-
-#define XF0 -128(sp) /* data transfer area */
-#define XF1 -120(sp) /* for floating-pt to integer regs */
-#define XF2 -112(sp)
-#define XF3 -104(sp)
-#define XF4 -96(sp)
-#define XF5 -88(sp)
-#define XF6 -80(sp)
-#define XF7 -72(sp)
-#define XF8 -64(sp)
-#define XF9 -56(sp)
-#define XF10 -48(sp)
-#define XF11 -40(sp)
-#define XF12 -32(sp)
-#define XF13 -24(sp)
-#define XF14 -16(sp)
-#define XF15 -8(sp)
-
-#define mnop proberi (sp),3,zero /* memory NOP */
-
-
-
-
-/* ====================================================================== */
-/* assembler formalities */
-/* ====================================================================== */
-
-#ifdef __LP64__
- .level 2.0W
-#else
- .level 2.0
-#endif
- .space $TEXT$
- .subspa $CODE$
- .align 16
-
-/* ====================================================================== */
-/* here to compute 64-bit x 512-bit product + 512-bit addend */
-/* ====================================================================== */
-
-multacc512
- .PROC
- .CALLINFO
- .ENTER
- fldd 0(pM),M ; multiplier double word
- ldo ST_SZ(sp),sp ; push stack
-
- fldd 0(pA),A0 ; multiplicand double word 0
- std S1,SV1 ; save s1
-
- fldd 16(pA),A2 ; multiplicand double word 2
- std S3,SV3 ; save s3
-
- fldd 32(pA),A4 ; multiplicand double word 4
- std S5,SV5 ; save s5
-
- fldd 48(pA),A6 ; multiplicand double word 6
- std S7,SV7 ; save s7
-
-
- std S0,SV0 ; save s0
- fldd 8(pA),A1 ; multiplicand double word 1
- xmpyu MR,A0L,P0 ; A0 cross 32-bit word products
- xmpyu ML,A0R,P2
-
- std S2,SV2 ; save s2
- fldd 24(pA),A3 ; multiplicand double word 3
- xmpyu MR,A2L,P4 ; A2 cross 32-bit word products
- xmpyu ML,A2R,P6
-
- std S4,SV4 ; save s4
- fldd 40(pA),A5 ; multiplicand double word 5
-
- std S6,SV6 ; save s6
- fldd 56(pA),A7 ; multiplicand double word 7
-
-
- fstd P0,XF0 ; MR * A0L
- xmpyu MR,A0R,P0 ; A0 right 32-bit word product
- xmpyu MR,A1L,P1 ; A1 cross 32-bit word product
-
- fstd P2,XF2 ; ML * A0R
- xmpyu ML,A0L,P2 ; A0 left 32-bit word product
- xmpyu ML,A1R,P3 ; A1 cross 32-bit word product
-
- fstd P4,XF4 ; MR * A2L
- xmpyu MR,A2R,P4 ; A2 right 32-bit word product
- xmpyu MR,A3L,P5 ; A3 cross 32-bit word product
-
- fstd P6,XF6 ; ML * A2R
- xmpyu ML,A2L,P6 ; A2 parallel 32-bit word product
- xmpyu ML,A3R,P7 ; A3 cross 32-bit word product
-
-
- ldd XF0,S0 ; MR * A0L
- fstd P1,XF1 ; MR * A1L
-
- ldd XF2,S2 ; ML * A0R
- fstd P3,XF3 ; ML * A1R
-
- ldd XF4,S4 ; MR * A2L
- fstd P5,XF5 ; MR * A3L
- xmpyu MR,A1R,P1 ; A1 parallel 32-bit word products
- xmpyu ML,A1L,P3
-
- ldd XF6,S6 ; ML * A2R
- fstd P7,XF7 ; ML * A3R
- xmpyu MR,A3R,P5 ; A3 parallel 32-bit word products
- xmpyu ML,A3L,P7
-
-
- fstd P0,XF0 ; MR * A0R
- ldd XF1,S1 ; MR * A1L
- nop
- add S0,S2,T1 ; A0 cross product sum
-
- fstd P2,XF2 ; ML * A0L
- ldd XF3,S3 ; ML * A1R
- add,dc zero,zero,S0 ; A0 cross product sum carry
- depd,z T1,31,32,S2 ; A0 cross product sum << 32
-
- fstd P4,XF4 ; MR * A2R
- ldd XF5,S5 ; MR * A3L
- shrpd S0,T1,32,S0 ; A0 carry | cross product sum >> 32
- add S4,S6,T3 ; A2 cross product sum
-
- fstd P6,XF6 ; ML * A2L
- ldd XF7,S7 ; ML * A3R
- add,dc zero,zero,S4 ; A2 cross product sum carry
- depd,z T3,31,32,S6 ; A2 cross product sum << 32
-
-
- ldd XF0,S8 ; MR * A0R
- fstd P1,XF1 ; MR * A1R
- xmpyu MR,A4L,P0 ; A4 cross 32-bit word product
- xmpyu MR,A5L,P1 ; A5 cross 32-bit word product
-
- ldd XF2,S10 ; ML * A0L
- fstd P3,XF3 ; ML * A1L
- xmpyu ML,A4R,P2 ; A4 cross 32-bit word product
- xmpyu ML,A5R,P3 ; A5 cross 32-bit word product
-
- ldd XF4,S12 ; MR * A2R
- fstd P5,XF5 ; MR * A3L
- xmpyu MR,A6L,P4 ; A6 cross 32-bit word product
- xmpyu MR,A7L,P5 ; A7 cross 32-bit word product
-
- ldd XF6,S14 ; ML * A2L
- fstd P7,XF7 ; ML * A3L
- xmpyu ML,A6R,P6 ; A6 cross 32-bit word product
- xmpyu ML,A7R,P7 ; A7 cross 32-bit word product
-
-
- fstd P0,XF0 ; MR * A4L
- ldd XF1,S9 ; MR * A1R
- shrpd S4,T3,32,S4 ; A2 carry | cross product sum >> 32
- add S1,S3,T1 ; A1 cross product sum
-
- fstd P2,XF2 ; ML * A4R
- ldd XF3,S11 ; ML * A1L
- add,dc zero,zero,S1 ; A1 cross product sum carry
- depd,z T1,31,32,S3 ; A1 cross product sum << 32
-
- fstd P4,XF4 ; MR * A6L
- ldd XF5,S13 ; MR * A3R
- shrpd S1,T1,32,S1 ; A1 carry | cross product sum >> 32
- add S5,S7,T3 ; A3 cross product sum
-
- fstd P6,XF6 ; ML * A6R
- ldd XF7,S15 ; ML * A3L
- add,dc zero,zero,S5 ; A3 cross product sum carry
- depd,z T3,31,32,S7 ; A3 cross product sum << 32
-
-
- shrpd S5,T3,32,S5 ; A3 carry | cross product sum >> 32
- add S2,S8,S8 ; M * A0 right doubleword, P0 doubleword
-
- add,dc S0,S10,S10 ; M * A0 left doubleword
- add S3,S9,S9 ; M * A1 right doubleword
-
- add,dc S1,S11,S11 ; M * A1 left doubleword
- add S6,S12,S12 ; M * A2 right doubleword
-
-
- ldd 24(pR),S3 ; Addend word 3
- fstd P1,XF1 ; MR * A5L
- add,dc S4,S14,S14 ; M * A2 left doubleword
- xmpyu MR,A5R,P1 ; A5 right 32-bit word product
-
- ldd 8(pR),S1 ; Addend word 1
- fstd P3,XF3 ; ML * A5R
- add S7,S13,S13 ; M * A3 right doubleword
- xmpyu ML,A5L,P3 ; A5 left 32-bit word product
-
- ldd 0(pR),S7 ; Addend word 0
- fstd P5,XF5 ; MR * A7L
- add,dc S5,S15,S15 ; M * A3 left doubleword
- xmpyu MR,A7R,P5 ; A7 right 32-bit word product
-
- ldd 16(pR),S5 ; Addend word 2
- fstd P7,XF7 ; ML * A7R
- add S10,S9,S9 ; P1 doubleword
- xmpyu ML,A7L,P7 ; A7 left 32-bit word products
-
-
- ldd XF0,S0 ; MR * A4L
- fstd P1,XF9 ; MR * A5R
- add,dc S11,S12,S12 ; P2 doubleword
- xmpyu MR,A4R,P0 ; A4 right 32-bit word product
-
- ldd XF2,S2 ; ML * A4R
- fstd P3,XF11 ; ML * A5L
- add,dc S14,S13,S13 ; P3 doubleword
- xmpyu ML,A4L,P2 ; A4 left 32-bit word product
-
- ldd XF6,S6 ; ML * A6R
- fstd P5,XF13 ; MR * A7R
- add,dc zero,S15,T2 ; P4 partial doubleword
- xmpyu MR,A6R,P4 ; A6 right 32-bit word product
-
- ldd XF4,S4 ; MR * A6L
- fstd P7,XF15 ; ML * A7L
- add S7,S8,S8 ; R0 + P0, new R0 doubleword
- xmpyu ML,A6L,P6 ; A6 left 32-bit word product
-
-
- fstd P0,XF0 ; MR * A4R
- ldd XF7,S7 ; ML * A7R
- add,dc S1,S9,S9 ; c + R1 + P1, new R1 doubleword
-
- fstd P2,XF2 ; ML * A4L
- ldd XF1,S1 ; MR * A5L
- add,dc S5,S12,S12 ; c + R2 + P2, new R2 doubleword
-
- fstd P4,XF4 ; MR * A6R
- ldd XF5,S5 ; MR * A7L
- add,dc S3,S13,S13 ; c + R3 + P3, new R3 doubleword
-
- fstd P6,XF6 ; ML * A6L
- ldd XF3,S3 ; ML * A5R
- add,dc zero,T2,T2 ; c + partial P4
- add S0,S2,T1 ; A4 cross product sum
-
-
- std S8,0(pR) ; save R0
- add,dc zero,zero,S0 ; A4 cross product sum carry
- depd,z T1,31,32,S2 ; A4 cross product sum << 32
-
- std S9,8(pR) ; save R1
- shrpd S0,T1,32,S0 ; A4 carry | cross product sum >> 32
- add S4,S6,T3 ; A6 cross product sum
-
- std S12,16(pR) ; save R2
- add,dc zero,zero,S4 ; A6 cross product sum carry
- depd,z T3,31,32,S6 ; A6 cross product sum << 32
-
-
- std S13,24(pR) ; save R3
- shrpd S4,T3,32,S4 ; A6 carry | cross product sum >> 32
- add S1,S3,T1 ; A5 cross product sum
-
- ldd XF0,S8 ; MR * A4R
- add,dc zero,zero,S1 ; A5 cross product sum carry
- depd,z T1,31,32,S3 ; A5 cross product sum << 32
-
- ldd XF2,S10 ; ML * A4L
- ldd XF9,S9 ; MR * A5R
- shrpd S1,T1,32,S1 ; A5 carry | cross product sum >> 32
- add S5,S7,T3 ; A7 cross product sum
-
- ldd XF4,S12 ; MR * A6R
- ldd XF11,S11 ; ML * A5L
- add,dc zero,zero,S5 ; A7 cross product sum carry
- depd,z T3,31,32,S7 ; A7 cross product sum << 32
-
- ldd XF6,S14 ; ML * A6L
- ldd XF13,S13 ; MR * A7R
- shrpd S5,T3,32,S5 ; A7 carry | cross product sum >> 32
- add S2,S8,S8 ; M * A4 right doubleword
-
-
- ldd XF15,S15 ; ML * A7L
- add,dc S0,S10,S10 ; M * A4 left doubleword
- add S3,S9,S9 ; M * A5 right doubleword
-
- add,dc S1,S11,S11 ; M * A5 left doubleword
- add S6,S12,S12 ; M * A6 right doubleword
-
- ldd 32(pR),S0 ; Addend word 4
- ldd 40(pR),S1 ; Addend word 5
- add,dc S4,S14,S14 ; M * A6 left doubleword
- add S7,S13,S13 ; M * A7 right doubleword
-
- ldd 48(pR),S2 ; Addend word 6
- ldd 56(pR),S3 ; Addend word 7
- add,dc S5,S15,S15 ; M * A7 left doubleword
- add S8,T2,S8 ; P4 doubleword
-
- ldd 64(pR),S4 ; Addend word 8
- ldd SV5,s5 ; restore s5
- add,dc S10,S9,S9 ; P5 doubleword
- add,dc S11,S12,S12 ; P6 doubleword
-
-
- ldd SV6,s6 ; restore s6
- ldd SV7,s7 ; restore s7
- add,dc S14,S13,S13 ; P7 doubleword
- add,dc zero,S15,S15 ; P8 doubleword
-
- add S0,S8,S8 ; new R4 doubleword
-
- ldd SV0,s0 ; restore s0
- std S8,32(pR) ; save R4
- add,dc S1,S9,S9 ; new R5 doubleword
-
- ldd SV1,s1 ; restore s1
- std S9,40(pR) ; save R5
- add,dc S2,S12,S12 ; new R6 doubleword
-
- ldd SV2,s2 ; restore s2
- std S12,48(pR) ; save R6
- add,dc S3,S13,S13 ; new R7 doubleword
-
- ldd SV3,s3 ; restore s3
- std S13,56(pR) ; save R7
- add,dc S4,S15,S15 ; new R8 doubleword
-
- ldd SV4,s4 ; restore s4
- std S15,64(pR) ; save result[8]
- add,dc zero,zero,v0 ; return carry from R8
-
- CMPIB,*= 0,v0,$L0 ; if no overflow, exit
- LDO 8(pR),pR
-
-$FINAL1 ; Final carry propagation
- LDD 64(pR),v0
- LDO 8(pR),pR
- ADDI 1,v0,v0
- CMPIB,*= 0,v0,$FINAL1 ; Keep looping if there is a carry.
- STD v0,56(pR)
-$L0
- bv zero(rp) ; -> caller
- ldo -ST_SZ(sp),sp ; pop stack
-
-/* ====================================================================== */
-/* end of module */
-/* ====================================================================== */
-
- .LEAVE
-
- .PROCEND
- .SPACE $TEXT$
- .SUBSPA $CODE$
- .EXPORT multacc512,ENTRY
-
- .end
diff --git a/security/nss/lib/freebl/mpi/hppa20.s b/security/nss/lib/freebl/mpi/hppa20.s
deleted file mode 100644
index f7579b805..000000000
--- a/security/nss/lib/freebl/mpi/hppa20.s
+++ /dev/null
@@ -1,929 +0,0 @@
-; The contents of this file are subject to the Mozilla Public
-; License Version 1.1 (the "License"); you may not use this file
-; except in compliance with the License. You may obtain a copy of
-; the License at http://www.mozilla.org/MPL/
-;
-; Software distributed under the License is distributed on an "AS
-; IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-; implied. See the License for the specific language governing
-; rights and limitations under the License.
-;
-; The Original Code is MAXPY multiple-precision integer arithmetic.
-;
-; The Initial Developer of the Original Code is the Hewlett-Packard Company.
-; Portions created by Hewlett-Packard Company are
-; Copyright (C) 1997 Hewlett-Packard Company. All Rights Reserved.
-;
-; Contributor(s):
-; coded by: William B. Ackerman
-;
-; Alternatively, the contents of this file may be used under the
-; terms of the GNU General Public License Version 2 or later (the
-; "GPL"), in which case the provisions of the GPL are applicable
-; instead of those above. If you wish to allow use of your
-; version of this file only under the terms of the GPL and not to
-; allow others to use your version of this file under the MPL,
-; indicate your decision by deleting the provisions above and
-; replace them with the notice and other provisions required by
-; the GPL. If you do not delete the provisions above, a recipient
-; may use your version of this file under either the MPL or the
-; GPL.
-
-#ifdef __LP64__
- .LEVEL 2.0W
-#else
-; .LEVEL 1.1
-; .ALLOW 2.0N
- .LEVEL 2.0N
-#endif
- .SPACE $TEXT$,SORT=8
- .SUBSPA $CODE$,QUAD=0,ALIGN=4,ACCESS=0x2c,CODE_ONLY,SORT=24
-
-; ***************************************************************
-;
-; maxpy_[little/big]
-;
-; ***************************************************************
-
-; There is no default -- you must specify one or the other.
-#define LITTLE_WORDIAN 1
-
-#ifdef LITTLE_WORDIAN
-#define EIGHT 8
-#define SIXTEEN 16
-#define THIRTY_TWO 32
-#define UN_EIGHT -8
-#define UN_SIXTEEN -16
-#define UN_TWENTY_FOUR -24
-#endif
-
-#ifdef BIG_WORDIAN
-#define EIGHT -8
-#define SIXTEEN -16
-#define THIRTY_TWO -32
-#define UN_EIGHT 8
-#define UN_SIXTEEN 16
-#define UN_TWENTY_FOUR 24
-#endif
-
-; This performs a multiple-precision integer version of "daxpy",
-; Using the selected addressing direction. "Little-wordian" means that
-; the least significant word of a number is stored at the lowest address.
-; "Big-wordian" means that the most significant word is at the lowest
-; address. Either way, the incoming address of the vector is that
-; of the least significant word. That means that, for little-wordian
-; addressing, we move the address upward as we propagate carries
-; from the least significant word to the most significant. For
-; big-wordian we move the address downward.
-
-; We use the following registers:
-;
-; r2 return PC, of course
-; r26 = arg1 = length
-; r25 = arg2 = address of scalar
-; r24 = arg3 = multiplicand vector
-; r23 = arg4 = result vector
-;
-; fr9 = scalar loaded once only from r25
-
-; The cycle counts shown in the bodies below are simply the result of a
-; scheduling by hand. The actual PCX-U hardware does it differently.
-; The intention is that the overall speed is the same.
-
-; The pipeline startup and shutdown code is constructed in the usual way,
-; by taking the loop bodies and removing unnecessary instructions.
-; We have left the comments describing cycle numbers in the code.
-; These are intended for reference when comparing with the main loop,
-; and have no particular relationship to actual cycle numbers.
-
-#ifdef LITTLE_WORDIAN
-maxpy_little
-#else
-maxpy_big
-#endif
- .PROC
- .CALLINFO FRAME=120,ENTRY_GR=%r4
- .ENTER
-
-; Of course, real men don't use the sissy "enter" and "leave" commands.
-; They write their own stack manipulation stuff. Unfortunately,
-; that doesn't generate complete unwind info, whereas "enter" and
-; "leave" (if the documentation is to be believed) do so. Therefore,
-; we use the sissy commands. We have verified (by real-man methods)
-; that the above command generates what we want:
-; STW,MA %r3,128(%sp)
-; STW %r4,-124(%sp)
-
- ADDIB,< -1,%r26,$L0 ; If N = 0, exit immediately.
- FLDD 0(%r25),%fr9 ; fr9 = scalar
-
-; First startup
-
- FLDD 0(%r24),%fr24 ; Cycle 1
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- CMPIB,> 3,%r26,$N_IS_SMALL ; Pick out cases N = 1, 2, or 3
- XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6
- FLDD EIGHT(%r24),%fr28 ; Cycle 8
- XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
- FSTD %fr24,-96(%sp)
- XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
- FSTD %fr25,-80(%sp)
- LDO SIXTEEN(%r24),%r24 ; Cycle 12
- FSTD %fr31,-64(%sp)
- XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
- FSTD %fr27,-48(%sp)
-
-; Second startup
-
- XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
- FSTD %fr30,-56(%sp)
- FLDD 0(%r24),%fr24
-
- FSTD %fr26,-88(%sp) ; Cycle 2
-
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- FSTD %fr28,-104(%sp)
-
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- LDD -96(%sp),%r3
- FSTD %fr29,-72(%sp)
-
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
-
- XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6
- LDD -56(%sp),%r20
- ADD %r21,%r3,%r3
-
- ADD,DC %r20,%r19,%r19 ; Cycle 7
- LDD -88(%sp),%r4
- SHRPD %r3,%r0,32,%r21
- LDD -48(%sp),%r1
-
- FLDD EIGHT(%r24),%fr28 ; Cycle 8
- LDD -104(%sp),%r31
- ADD,DC %r0,%r0,%r20
- SHRPD %r19,%r3,32,%r3
-
- LDD -72(%sp),%r29 ; Cycle 9
- SHRPD %r20,%r19,32,%r20
- ADD %r21,%r1,%r1
-
- XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
- ADD,DC %r3,%r4,%r4
- FSTD %fr24,-96(%sp)
-
- XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
- ADD,DC %r0,%r20,%r20
- LDD 0(%r23),%r3
- FSTD %fr25,-80(%sp)
-
- LDO SIXTEEN(%r24),%r24 ; Cycle 12
- FSTD %fr31,-64(%sp)
-
- XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
- ADD %r0,%r0,%r0 ; clear the carry bit
- ADDIB,<= -4,%r26,$ENDLOOP ; actually happens in cycle 12
- FSTD %fr27,-48(%sp)
-; MFCTL %cr16,%r21 ; for timing
-; STD %r21,-112(%sp)
-
-; Here is the loop.
-
-$LOOP XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
- ADD,DC %r29,%r4,%r4
- FSTD %fr30,-56(%sp)
- FLDD 0(%r24),%fr24
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
- FSTD %fr26,-88(%sp)
-
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- ADD %r3,%r1,%r1
- FSTD %fr28,-104(%sp)
- LDD UN_EIGHT(%r23),%r21
-
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- ADD,DC %r21,%r4,%r28
- FSTD %fr29,-72(%sp)
- LDD -96(%sp),%r3
-
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- ADD,DC %r20,%r31,%r22
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
-
- XMPYU %fr9L,%fr24R,%fr24 ; Cycle 6
- ADD %r21,%r3,%r3
- LDD -56(%sp),%r20
- STD %r1,UN_SIXTEEN(%r23)
-
- ADD,DC %r20,%r19,%r19 ; Cycle 7
- SHRPD %r3,%r0,32,%r21
- LDD -88(%sp),%r4
- LDD -48(%sp),%r1
-
- ADD,DC %r0,%r0,%r20 ; Cycle 8
- SHRPD %r19,%r3,32,%r3
- FLDD EIGHT(%r24),%fr28
- LDD -104(%sp),%r31
-
- SHRPD %r20,%r19,32,%r20 ; Cycle 9
- ADD %r21,%r1,%r1
- STD %r28,UN_EIGHT(%r23)
- LDD -72(%sp),%r29
-
- XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
- ADD,DC %r3,%r4,%r4
- FSTD %fr24,-96(%sp)
-
- XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
- ADD,DC %r0,%r20,%r20
- FSTD %fr25,-80(%sp)
- LDD 0(%r23),%r3
-
- LDO SIXTEEN(%r24),%r24 ; Cycle 12
- FSTD %fr31,-64(%sp)
-
- XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
- ADD %r22,%r1,%r1
- ADDIB,> -2,%r26,$LOOP ; actually happens in cycle 12
- FSTD %fr27,-48(%sp)
-
-$ENDLOOP
-
-; Shutdown code, first stage.
-
-; MFCTL %cr16,%r21 ; for timing
-; STD %r21,UN_SIXTEEN(%r23)
-; LDD -112(%sp),%r21
-; STD %r21,UN_EIGHT(%r23)
-
- XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
- ADD,DC %r29,%r4,%r4
- CMPIB,= 0,%r26,$ONEMORE
- FSTD %fr30,-56(%sp)
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
- FSTD %fr26,-88(%sp)
-
- ADD %r3,%r1,%r1 ; Cycle 3
- FSTD %fr28,-104(%sp)
- LDD UN_EIGHT(%r23),%r21
-
- ADD,DC %r21,%r4,%r28 ; Cycle 4
- FSTD %fr29,-72(%sp)
- STD %r28,UN_EIGHT(%r23) ; moved up from cycle 9
- LDD -96(%sp),%r3
-
- ADD,DC %r20,%r31,%r22 ; Cycle 5
- STD %r1,UN_SIXTEEN(%r23)
-$JOIN4
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
-
- ADD %r21,%r3,%r3 ; Cycle 6
- LDD -56(%sp),%r20
-
- ADD,DC %r20,%r19,%r19 ; Cycle 7
- SHRPD %r3,%r0,32,%r21
- LDD -88(%sp),%r4
- LDD -48(%sp),%r1
-
- ADD,DC %r0,%r0,%r20 ; Cycle 8
- SHRPD %r19,%r3,32,%r3
- LDD -104(%sp),%r31
-
- SHRPD %r20,%r19,32,%r20 ; Cycle 9
- ADD %r21,%r1,%r1
- LDD -72(%sp),%r29
-
- ADD,DC %r3,%r4,%r4 ; Cycle 10
-
- ADD,DC %r0,%r20,%r20 ; Cycle 11
- LDD 0(%r23),%r3
-
- ADD %r22,%r1,%r1 ; Cycle 13
-
-; Shutdown code, second stage.
-
- ADD,DC %r29,%r4,%r4 ; Cycle 1
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
-
- LDD UN_EIGHT(%r23),%r21 ; Cycle 3
- ADD %r3,%r1,%r1
-
- ADD,DC %r21,%r4,%r28 ; Cycle 4
-
- ADD,DC %r20,%r31,%r22 ; Cycle 5
-
- STD %r1,UN_SIXTEEN(%r23); Cycle 6
-
- STD %r28,UN_EIGHT(%r23) ; Cycle 9
-
- LDD 0(%r23),%r3 ; Cycle 11
-
-; Shutdown code, third stage.
-
- LDO SIXTEEN(%r23),%r23
- ADD %r3,%r22,%r1
-$JOIN1 ADD,DC %r0,%r0,%r21
- CMPIB,*= 0,%r21,$L0 ; if no overflow, exit
- STD %r1,UN_SIXTEEN(%r23)
-
-; Final carry propagation
-
-$FINAL1 LDO EIGHT(%r23),%r23
- LDD UN_SIXTEEN(%r23),%r21
- ADDI 1,%r21,%r21
- CMPIB,*= 0,%r21,$FINAL1 ; Keep looping if there is a carry.
- STD %r21,UN_SIXTEEN(%r23)
- B $L0
- NOP
-
-; Here is the code that handles the difficult cases N=1, N=2, and N=3.
-; We do the usual trick -- branch out of the startup code at appropriate
-; points, and branch into the shutdown code.
-
-$N_IS_SMALL
- CMPIB,= 0,%r26,$N_IS_ONE
- FSTD %fr24,-96(%sp) ; Cycle 10
- FLDD EIGHT(%r24),%fr28 ; Cycle 8
- XMPYU %fr9L,%fr28R,%fr31 ; Cycle 10
- XMPYU %fr9R,%fr28L,%fr30 ; Cycle 11
- FSTD %fr25,-80(%sp)
- FSTD %fr31,-64(%sp) ; Cycle 12
- XMPYU %fr9R,%fr28R,%fr29 ; Cycle 13
- FSTD %fr27,-48(%sp)
- XMPYU %fr9L,%fr28L,%fr28 ; Cycle 1
- CMPIB,= 2,%r26,$N_IS_THREE
- FSTD %fr30,-56(%sp)
-
-; N = 2
- FSTD %fr26,-88(%sp) ; Cycle 2
- FSTD %fr28,-104(%sp) ; Cycle 3
- LDD -96(%sp),%r3 ; Cycle 4
- FSTD %fr29,-72(%sp)
- B $JOIN4
- ADD %r0,%r0,%r22
-
-$N_IS_THREE
- FLDD SIXTEEN(%r24),%fr24
- FSTD %fr26,-88(%sp) ; Cycle 2
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- FSTD %fr28,-104(%sp)
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- LDD -96(%sp),%r3
- FSTD %fr29,-72(%sp)
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
- B $JOIN3
- ADD %r0,%r0,%r22
-
-$N_IS_ONE
- FSTD %fr25,-80(%sp)
- FSTD %fr27,-48(%sp)
- FSTD %fr26,-88(%sp) ; Cycle 2
- B $JOIN5
- ADD %r0,%r0,%r22
-
-; We came out of the unrolled loop with wrong parity. Do one more
-; single cycle. This is quite tricky, because of the way the
-; carry chains and SHRPD chains have been chopped up.
-
-$ONEMORE
-
- FLDD 0(%r24),%fr24
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
- FSTD %fr26,-88(%sp)
-
- XMPYU %fr9R,%fr24R,%fr27 ; Cycle 3
- FSTD %fr28,-104(%sp)
- LDD UN_EIGHT(%r23),%r21
- ADD %r3,%r1,%r1
-
- XMPYU %fr9R,%fr24L,%fr25 ; Cycle 4
- ADD,DC %r21,%r4,%r28
- STD %r28,UN_EIGHT(%r23) ; moved from cycle 9
- LDD -96(%sp),%r3
- FSTD %fr29,-72(%sp)
-
- XMPYU %fr9L,%fr24L,%fr26 ; Cycle 5
- ADD,DC %r20,%r31,%r22
- LDD -64(%sp),%r19
- LDD -80(%sp),%r21
-
- STD %r1,UN_SIXTEEN(%r23); Cycle 6
-$JOIN3
- XMPYU %fr9L,%fr24R,%fr24
- LDD -56(%sp),%r20
- ADD %r21,%r3,%r3
-
- ADD,DC %r20,%r19,%r19 ; Cycle 7
- LDD -88(%sp),%r4
- SHRPD %r3,%r0,32,%r21
- LDD -48(%sp),%r1
-
- LDD -104(%sp),%r31 ; Cycle 8
- ADD,DC %r0,%r0,%r20
- SHRPD %r19,%r3,32,%r3
-
- LDD -72(%sp),%r29 ; Cycle 9
- SHRPD %r20,%r19,32,%r20
- ADD %r21,%r1,%r1
-
- ADD,DC %r3,%r4,%r4 ; Cycle 10
- FSTD %fr24,-96(%sp)
-
- ADD,DC %r0,%r20,%r20 ; Cycle 11
- LDD 0(%r23),%r3
- FSTD %fr25,-80(%sp)
-
- ADD %r22,%r1,%r1 ; Cycle 13
- FSTD %fr27,-48(%sp)
-
-; Shutdown code, stage 1-1/2.
-
- ADD,DC %r29,%r4,%r4 ; Cycle 1
-
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- ADD,DC %r0,%r20,%r20
- FSTD %fr26,-88(%sp)
-
- LDD UN_EIGHT(%r23),%r21 ; Cycle 3
- ADD %r3,%r1,%r1
-
- ADD,DC %r21,%r4,%r28 ; Cycle 4
- STD %r28,UN_EIGHT(%r23) ; moved from cycle 9
-
- ADD,DC %r20,%r31,%r22 ; Cycle 5
- STD %r1,UN_SIXTEEN(%r23)
-$JOIN5
- LDD -96(%sp),%r3 ; moved from cycle 4
- LDD -80(%sp),%r21
- ADD %r21,%r3,%r3 ; Cycle 6
- ADD,DC %r0,%r0,%r19 ; Cycle 7
- LDD -88(%sp),%r4
- SHRPD %r3,%r0,32,%r21
- LDD -48(%sp),%r1
- SHRPD %r19,%r3,32,%r3 ; Cycle 8
- ADD %r21,%r1,%r1 ; Cycle 9
- ADD,DC %r3,%r4,%r4 ; Cycle 10
- LDD 0(%r23),%r3 ; Cycle 11
- ADD %r22,%r1,%r1 ; Cycle 13
-
-; Shutdown code, stage 2-1/2.
-
- ADD,DC %r0,%r4,%r4 ; Cycle 1
- LDO SIXTEEN(%r23),%r23 ; Cycle 2
- LDD UN_EIGHT(%r23),%r21 ; Cycle 3
- ADD %r3,%r1,%r1
- STD %r1,UN_SIXTEEN(%r23)
- ADD,DC %r21,%r4,%r1
- B $JOIN1
- LDO EIGHT(%r23),%r23
-
-; exit
-
-$L0
- .LEAVE
-
-; We have verified that the above command generates what we want:
-; LDW -124(%sp),%r4
-; BVE (%r2)
-; LDW,MB -128(%sp),%r3
-
- .PROCEND
-
-; ***************************************************************
-;
-; add_diag_[little/big]
-;
-; ***************************************************************
-
-; The arguments are as follows:
-; r2 return PC, of course
-; r26 = arg1 = length
-; r25 = arg2 = vector to square
-; r24 = arg3 = result vector
-
-#ifdef LITTLE_WORDIAN
-add_diag_little
-#else
-add_diag_big
-#endif
- .PROC
- .CALLINFO FRAME=120,ENTRY_GR=%r4
- .ENTER
-
- ADDIB,< -1,%r26,$Z0 ; If N=0, exit immediately.
- NOP
-
-; Startup code
-
- FLDD 0(%r25),%fr7 ; Cycle 2 (alternate body)
- XMPYU %fr7R,%fr7R,%fr29 ; Cycle 4
- XMPYU %fr7L,%fr7R,%fr27 ; Cycle 5
- XMPYU %fr7L,%fr7L,%fr30
- LDO SIXTEEN(%r25),%r25 ; Cycle 6
- FSTD %fr29,-88(%sp)
- FSTD %fr27,-72(%sp) ; Cycle 7
- CMPIB,= 0,%r26,$DIAG_N_IS_ONE ; Cycle 1 (main body)
- FSTD %fr30,-96(%sp)
- FLDD UN_EIGHT(%r25),%fr7 ; Cycle 2
- LDD -88(%sp),%r22 ; Cycle 3
- LDD -72(%sp),%r31 ; Cycle 4
- XMPYU %fr7R,%fr7R,%fr28
- XMPYU %fr7L,%fr7R,%fr24 ; Cycle 5
- XMPYU %fr7L,%fr7L,%fr31
- LDD -96(%sp),%r20 ; Cycle 6
- FSTD %fr28,-80(%sp)
- ADD %r0,%r0,%r0 ; clear the carry bit
- ADDIB,<= -2,%r26,$ENDDIAGLOOP ; Cycle 7
- FSTD %fr24,-64(%sp)
-
-; Here is the loop. It is unrolled twice, modelled after the "alternate body" and then the "main body".
-
-$DIAGLOOP
- SHRPD %r31,%r0,31,%r3 ; Cycle 1 (alternate body)
- LDO SIXTEEN(%r25),%r25
- LDD 0(%r24),%r1
- FSTD %fr31,-104(%sp)
- SHRPD %r0,%r31,31,%r4 ; Cycle 2
- ADD,DC %r22,%r3,%r3
- FLDD UN_SIXTEEN(%r25),%fr7
- ADD,DC %r0,%r20,%r20 ; Cycle 3
- ADD %r1,%r3,%r3
- XMPYU %fr7R,%fr7R,%fr29 ; Cycle 4
- LDD -80(%sp),%r21
- STD %r3,0(%r24)
- XMPYU %fr7L,%fr7R,%fr27 ; Cycle 5
- XMPYU %fr7L,%fr7L,%fr30
- LDD -64(%sp),%r29
- LDD EIGHT(%r24),%r1
- ADD,DC %r4,%r20,%r20 ; Cycle 6
- LDD -104(%sp),%r19
- FSTD %fr29,-88(%sp)
- ADD %r20,%r1,%r1 ; Cycle 7
- FSTD %fr27,-72(%sp)
- SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body)
- LDO THIRTY_TWO(%r24),%r24
- LDD UN_SIXTEEN(%r24),%r28
- FSTD %fr30,-96(%sp)
- SHRPD %r0,%r29,31,%r3 ; Cycle 2
- ADD,DC %r21,%r4,%r4
- FLDD UN_EIGHT(%r25),%fr7
- STD %r1,UN_TWENTY_FOUR(%r24)
- ADD,DC %r0,%r19,%r19 ; Cycle 3
- ADD %r28,%r4,%r4
- XMPYU %fr7R,%fr7R,%fr28 ; Cycle 4
- LDD -88(%sp),%r22
- STD %r4,UN_SIXTEEN(%r24)
- XMPYU %fr7L,%fr7R,%fr24 ; Cycle 5
- XMPYU %fr7L,%fr7L,%fr31
- LDD -72(%sp),%r31
- LDD UN_EIGHT(%r24),%r28
- ADD,DC %r3,%r19,%r19 ; Cycle 6
- LDD -96(%sp),%r20
- FSTD %fr28,-80(%sp)
- ADD %r19,%r28,%r28 ; Cycle 7
- FSTD %fr24,-64(%sp)
- ADDIB,> -2,%r26,$DIAGLOOP ; Cycle 8
- STD %r28,UN_EIGHT(%r24)
-
-$ENDDIAGLOOP
-
- ADD,DC %r0,%r22,%r22
- CMPIB,= 0,%r26,$ONEMOREDIAG
- SHRPD %r31,%r0,31,%r3
-
-; Shutdown code, first stage.
-
- FSTD %fr31,-104(%sp) ; Cycle 1 (alternate body)
- LDD 0(%r24),%r28
- SHRPD %r0,%r31,31,%r4 ; Cycle 2
- ADD %r3,%r22,%r3
- ADD,DC %r0,%r20,%r20 ; Cycle 3
- LDD -80(%sp),%r21
- ADD %r3,%r28,%r3
- LDD -64(%sp),%r29 ; Cycle 4
- STD %r3,0(%r24)
- LDD EIGHT(%r24),%r1 ; Cycle 5
- LDO SIXTEEN(%r25),%r25 ; Cycle 6
- LDD -104(%sp),%r19
- ADD,DC %r4,%r20,%r20
- ADD %r20,%r1,%r1 ; Cycle 7
- ADD,DC %r0,%r21,%r21 ; Cycle 8
- STD %r1,EIGHT(%r24)
-
-; Shutdown code, second stage.
-
- SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body)
- LDO THIRTY_TWO(%r24),%r24
- LDD UN_SIXTEEN(%r24),%r1
- SHRPD %r0,%r29,31,%r3 ; Cycle 2
- ADD %r4,%r21,%r4
- ADD,DC %r0,%r19,%r19 ; Cycle 3
- ADD %r4,%r1,%r4
- STD %r4,UN_SIXTEEN(%r24); Cycle 4
- LDD UN_EIGHT(%r24),%r28 ; Cycle 5
- ADD,DC %r3,%r19,%r19 ; Cycle 6
- ADD %r19,%r28,%r28 ; Cycle 7
- ADD,DC %r0,%r0,%r22 ; Cycle 8
- CMPIB,*= 0,%r22,$Z0 ; if no overflow, exit
- STD %r28,UN_EIGHT(%r24)
-
-; Final carry propagation
-
-$FDIAG2
- LDO EIGHT(%r24),%r24
- LDD UN_EIGHT(%r24),%r26
- ADDI 1,%r26,%r26
- CMPIB,*= 0,%r26,$FDIAG2 ; Keep looping if there is a carry.
- STD %r26,UN_EIGHT(%r24)
-
- B $Z0
- NOP
-
-; Here is the code that handles the difficult case N=1.
-; We do the usual trick -- branch out of the startup code at appropriate
-; points, and branch into the shutdown code.
-
-$DIAG_N_IS_ONE
-
- LDD -88(%sp),%r22
- LDD -72(%sp),%r31
- B $JOINDIAG
- LDD -96(%sp),%r20
-
-; We came out of the unrolled loop with wrong parity. Do one more
-; single cycle. This is the "alternate body". It will, of course,
-; give us opposite registers from the other case, so we need
-; completely different shutdown code.
-
-$ONEMOREDIAG
- FSTD %fr31,-104(%sp) ; Cycle 1 (alternate body)
- LDD 0(%r24),%r28
- FLDD 0(%r25),%fr7 ; Cycle 2
- SHRPD %r0,%r31,31,%r4
- ADD %r3,%r22,%r3
- ADD,DC %r0,%r20,%r20 ; Cycle 3
- LDD -80(%sp),%r21
- ADD %r3,%r28,%r3
- LDD -64(%sp),%r29 ; Cycle 4
- STD %r3,0(%r24)
- XMPYU %fr7R,%fr7R,%fr29
- LDD EIGHT(%r24),%r1 ; Cycle 5
- XMPYU %fr7L,%fr7R,%fr27
- XMPYU %fr7L,%fr7L,%fr30
- LDD -104(%sp),%r19 ; Cycle 6
- FSTD %fr29,-88(%sp)
- ADD,DC %r4,%r20,%r20
- FSTD %fr27,-72(%sp) ; Cycle 7
- ADD %r20,%r1,%r1
- ADD,DC %r0,%r21,%r21 ; Cycle 8
- STD %r1,EIGHT(%r24)
-
-; Shutdown code, first stage.
-
- SHRPD %r29,%r0,31,%r4 ; Cycle 1 (main body)
- LDO THIRTY_TWO(%r24),%r24
- FSTD %fr30,-96(%sp)
- LDD UN_SIXTEEN(%r24),%r1
- SHRPD %r0,%r29,31,%r3 ; Cycle 2
- ADD %r4,%r21,%r4
- ADD,DC %r0,%r19,%r19 ; Cycle 3
- LDD -88(%sp),%r22
- ADD %r4,%r1,%r4
- LDD -72(%sp),%r31 ; Cycle 4
- STD %r4,UN_SIXTEEN(%r24)
- LDD UN_EIGHT(%r24),%r28 ; Cycle 5
- LDD -96(%sp),%r20 ; Cycle 6
- ADD,DC %r3,%r19,%r19
- ADD %r19,%r28,%r28 ; Cycle 7
- ADD,DC %r0,%r22,%r22 ; Cycle 8
- STD %r28,UN_EIGHT(%r24)
-
-; Shutdown code, second stage.
-
-$JOINDIAG
- SHRPD %r31,%r0,31,%r3 ; Cycle 1 (alternate body)
- LDD 0(%r24),%r28
- SHRPD %r0,%r31,31,%r4 ; Cycle 2
- ADD %r3,%r22,%r3
- ADD,DC %r0,%r20,%r20 ; Cycle 3
- ADD %r3,%r28,%r3
- STD %r3,0(%r24) ; Cycle 4
- LDD EIGHT(%r24),%r1 ; Cycle 5
- ADD,DC %r4,%r20,%r20
- ADD %r20,%r1,%r1 ; Cycle 7
- ADD,DC %r0,%r0,%r21 ; Cycle 8
- CMPIB,*= 0,%r21,$Z0 ; if no overflow, exit
- STD %r1,EIGHT(%r24)
-
-; Final carry propagation
-
-$FDIAG1
- LDO EIGHT(%r24),%r24
- LDD EIGHT(%r24),%r26
- ADDI 1,%r26,%r26
- CMPIB,*= 0,%r26,$FDIAG1 ; Keep looping if there is a carry.
- STD %r26,EIGHT(%r24)
-
-$Z0
- .LEAVE
- .PROCEND
-; .ALLOW
-
- .SPACE $TEXT$
- .SUBSPA $CODE$
-#ifdef LITTLE_WORDIAN
- .EXPORT maxpy_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN
- .EXPORT add_diag_little,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN
-#else
- .EXPORT maxpy_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,LONG_RETURN
- .EXPORT add_diag_big,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,LONG_RETURN
-#endif
- .END
-
-
-; How to use "maxpy_PA20_little" and "maxpy_PA20_big"
-;
-; The routine "maxpy_PA20_little" or "maxpy_PA20_big"
-; performs a 64-bit x any-size multiply, and adds the
-; result to an area of memory. That is, it performs
-; something like
-;
-; A B C D
-; * Z
-; __________
-; P Q R S T
-;
-; and then adds the "PQRST" vector into an area of memory,
-; handling all carries.
-;
-; Digression on nomenclature and endian-ness:
-;
-; Each of the capital letters in the above represents a 64-bit
-; quantity. That is, you could think of the discussion as
-; being in terms of radix-16-quintillion arithmetic. The data
-; type being manipulated is "unsigned long long int". This
-; requires the 64-bit extension of the HP-UX C compiler,
-; available at release 10. You need these compiler flags to
-; enable these extensions:
-;
-; -Aa +e +DA2.0 +DS2.0
-;
-; (The first specifies ANSI C, the second enables the
-; extensions, which are beyond ANSI C, and the third and
-; fourth tell the compiler to use whatever features of the
-; PA2.0 architecture it wishes, in order to made the code more
-; efficient. Since the presence of the assembly code will
-; make the program unable to run on anything less than PA2.0,
-; you might as well gain the performance enhancements in the C
-; code as well.)
-;
-; Questions of "endian-ness" often come up, usually in the
-; context of byte ordering in a word. These routines have a
-; similar issue, that could be called "wordian-ness".
-; Independent of byte ordering (PA is always big-endian), one
-; can make two choices when representing extremely large
-; numbers as arrays of 64-bit doublewords in memory.
-;
-; "Little-wordian" layout means that the least significant
-; word of a number is stored at the lowest address.
-;
-; MSW LSW
-; | |
-; V V
-;
-; A B C D E
-;
-; ^ ^ ^
-; | | |____ address 0
-; | |
-; | |_______address 8
-; |
-; address 32
-;
-; "Big-wordian" means that the most significant word is at the
-; lowest address.
-;
-; MSW LSW
-; | |
-; V V
-;
-; A B C D E
-;
-; ^ ^ ^
-; | | |____ address 32
-; | |
-; | |_______address 24
-; |
-; address 0
-;
-; When you compile the file, you must specify one or the other, with
-; a switch "-DLITTLE_WORDIAN" or "-DBIG_WORDIAN".
-;
-; Incidentally, you assemble this file as part of your
-; project with the same C compiler as the rest of the program.
-; My "makefile" for a superprecision arithmetic package has
-; the following stuff:
-;
-; # definitions:
-; CC = cc -Aa +e -z +DA2.0 +DS2.0 +w1
-; CFLAGS = +O3
-; LDFLAGS = -L /usr/lib -Wl,-aarchive
-;
-; # general build rule for ".s" files:
-; .s.o:
-; $(CC) $(CFLAGS) -c $< -DBIG_WORDIAN
-;
-; # Now any bind step that calls for pa20.o will assemble pa20.s
-;
-; End of digression, back to arithmetic:
-;
-; The way we multiply two huge numbers is, of course, to multiply
-; the "ABCD" vector by each of the "WXYZ" doublewords, adding
-; the result vectors with increasing offsets, the way we learned
-; in school, back before we all used calculators:
-;
-; A B C D
-; * W X Y Z
-; __________
-; P Q R S T
-; E F G H I
-; M N O P Q
-; + R S T U V
-; _______________
-; F I N A L S U M
-;
-; So we call maxpy_PA20_big (in my case; my package is
-; big-wordian) repeatedly, giving the W, X, Y, and Z arguments
-; in turn as the "scalar", and giving the "ABCD" vector each
-; time. We direct it to add its result into an area of memory
-; that we have cleared at the start. We skew the exact
-; location into that area with each call.
-;
-; The prototype for the function is
-;
-; extern void maxpy_PA20_big(
-; int length, /* Number of doublewords in the multiplicand vector. */
-; const long long int *scalaraddr, /* Address to fetch the scalar. */
-; const long long int *multiplicand, /* The multiplicand vector. */
-; long long int *result); /* Where to accumulate the result. */
-;
-; (You should place a copy of this prototype in an include file
-; or in your C file.)
-;
-; Now, IN ALL CASES, the given address for the multiplicand or
-; the result is that of the LEAST SIGNIFICANT DOUBLEWORD.
-; That word is, of course, the word at which the routine
-; starts processing. "maxpy_PA20_little" then increases the
-; addresses as it computes. "maxpy_PA20_big" decreases them.
-;
-; In our example above, "length" would be 4 in each case.
-; "multiplicand" would be the "ABCD" vector. Specifically,
-; the address of the element "D". "scalaraddr" would be the
-; address of "W", "X", "Y", or "Z" on the four calls that we
-; would make. (The order doesn't matter, of course.)
-; "result" would be the appropriate address in the result
-; area. When multiplying by "Z", that would be the least
-; significant word. When multiplying by "Y", it would be the
-; next higher word (8 bytes higher if little-wordian; 8 bytes
-; lower if big-wordian), and so on. The size of the result
-; area must be the the sum of the sizes of the multiplicand
-; and multiplier vectors, and must be initialized to zero
-; before we start.
-;
-; Whenever the routine adds its partial product into the result
-; vector, it follows carry chains as far as they need to go.
-;
-; Here is the super-precision multiply routine that I use for
-; my package. The package is big-wordian. I have taken out
-; handling of exponents (it's a floating point package):
-;
-; static void mul_PA20(
-; int size,
-; const long long int *arg1,
-; const long long int *arg2,
-; long long int *result)
-; {
-; int i;
-;
-; for (i=0 ; i<2*size ; i++) result[i] = 0ULL;
-;
-; for (i=0 ; i<size ; i++) {
-; maxpy_PA20_big(size, &arg2[i], &arg1[size-1], &result[size+i]);
-; }
-; }
diff --git a/security/nss/lib/freebl/mpi/hppatch.adb b/security/nss/lib/freebl/mpi/hppatch.adb
deleted file mode 100644
index 7b7aaef76..000000000
--- a/security/nss/lib/freebl/mpi/hppatch.adb
+++ /dev/null
@@ -1,49 +0,0 @@
-#/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is script to change the system id in an object file
-# from PA-RISC 2.0 to 1.1.
-#
-# The Initial Developer of the Original Code is Hewlett-Packard Company.
-# Portions created by Hewlett-Packard Company are
-# Copyright (C) March 1999, Hewlett-Packard Company. All Rights Reserved.
-#
-# Contributor(s):
-# wrapped by Dennis Handly on Tue Mar 23 15:23:43 1999
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-# script to change the system id in an object file from PA-RISC 2.0 to 1.1
-
-adb -w $1 << EOF
-?m 0 -1 0
-0x0?X
-0x0?W (@0x0&~0x40000)|(~@0x0&0x40000)
-
-0?"change checksum"
-0x7c?X
-0x7c?W (@0x7c&~0x40000)|(~@0x7c&0x40000)
-$q
-EOF
-
-exit 0
-
diff --git a/security/nss/lib/freebl/mpi/logtab.h b/security/nss/lib/freebl/mpi/logtab.h
deleted file mode 100644
index 6f28be96f..000000000
--- a/security/nss/lib/freebl/mpi/logtab.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * logtab.h
- *
- * Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-const float s_logv_2[] = {
- 0.000000000f, 0.000000000f, 1.000000000f, 0.630929754f, /* 0 1 2 3 */
- 0.500000000f, 0.430676558f, 0.386852807f, 0.356207187f, /* 4 5 6 7 */
- 0.333333333f, 0.315464877f, 0.301029996f, 0.289064826f, /* 8 9 10 11 */
- 0.278942946f, 0.270238154f, 0.262649535f, 0.255958025f, /* 12 13 14 15 */
- 0.250000000f, 0.244650542f, 0.239812467f, 0.235408913f, /* 16 17 18 19 */
- 0.231378213f, 0.227670249f, 0.224243824f, 0.221064729f, /* 20 21 22 23 */
- 0.218104292f, 0.215338279f, 0.212746054f, 0.210309918f, /* 24 25 26 27 */
- 0.208014598f, 0.205846832f, 0.203795047f, 0.201849087f, /* 28 29 30 31 */
- 0.200000000f, 0.198239863f, 0.196561632f, 0.194959022f, /* 32 33 34 35 */
- 0.193426404f, 0.191958720f, 0.190551412f, 0.189200360f, /* 36 37 38 39 */
- 0.187901825f, 0.186652411f, 0.185449023f, 0.184288833f, /* 40 41 42 43 */
- 0.183169251f, 0.182087900f, 0.181042597f, 0.180031327f, /* 44 45 46 47 */
- 0.179052232f, 0.178103594f, 0.177183820f, 0.176291434f, /* 48 49 50 51 */
- 0.175425064f, 0.174583430f, 0.173765343f, 0.172969690f, /* 52 53 54 55 */
- 0.172195434f, 0.171441601f, 0.170707280f, 0.169991616f, /* 56 57 58 59 */
- 0.169293808f, 0.168613099f, 0.167948779f, 0.167300179f, /* 60 61 62 63 */
- 0.166666667f
-};
-
diff --git a/security/nss/lib/freebl/mpi/make-logtab b/security/nss/lib/freebl/mpi/make-logtab
deleted file mode 100755
index 0ed950c70..000000000
--- a/security/nss/lib/freebl/mpi/make-logtab
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/linguist/bin/perl
-
-#
-# make-logtab
-#
-# Generate a table of logarithms of 2 in various bases, for use in
-# estimating the output sizes of various bases.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-#
-# $Id$
-
-$ARRAYNAME = $ENV{'ARRAYNAME'} || "s_logv_2";
-$ARRAYTYPE = $ENV{'ARRAYTYPE'} || "float";
-
-printf("const %s %s[] = {\n %0.9ff, %0.9ff, ",
- $ARRAYTYPE, $ARRAYNAME, 0, 0);
-$brk = 2;
-for($ix = 2; $ix < 64; $ix++) {
- printf("%0.9ff, ", (log(2)/log($ix)));
- $brk = ($brk + 1) & 3;
- if(!$brk) {
- printf(" /* %2d %2d %2d %2d */\n ",
- $ix - 3, $ix - 2, $ix - 1, $ix);
- }
-}
-printf("%0.9ff\n};\n\n", (log(2)/log($ix)));
-
-exit 0;
diff --git a/security/nss/lib/freebl/mpi/make-test-arrays b/security/nss/lib/freebl/mpi/make-test-arrays
deleted file mode 100755
index a55bf3a1e..000000000
--- a/security/nss/lib/freebl/mpi/make-test-arrays
+++ /dev/null
@@ -1,129 +0,0 @@
-#!/usr/linguist/bin/perl
-
-#
-# make-test-arrays
-#
-# Given a test-arrays file, which specifies the test suite names, the
-# names of the functions which perform those test suites, and
-# descriptive comments, this script generates C structures for the
-# mpi-test program. The input consists of lines of the form:
-#
-# suite-name:function-name:comment
-#
-# The output is written to the standard output. Blank lines are
-# ignored, and comments beginning with '#' are stripped.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-# Read parameters from the environment, if available
-$NAMEVAR = $ENV{'NAMEVAR'} || "g_names";
-$COUNTVAR = $ENV{'COUNTVAR'} || "g_count";
-$FUNCVAR = $ENV{'FUNCVAR'} || "g_tests";
-$DESCVAR = $ENV{'DESCVAR'} || "g_descs";
-$FUNCLEN = 13;
-$NAMELEN = 18;
-$DESCLEN = 45;
-
-#------------------------------------------------------------------------
-# Suck in input from the files on the command line, or standard input
-while(<>) {
- chomp;
- s/\#.*$//;
- next if /^\s*$/;
-
- ($suite, $func, $desc) = split(/:/, $_);
-
- $tmp = { "suite" => $suite,
- "func" => $func,
- "desc" => $desc };
-
- push(@item, $tmp);
-}
-$count = scalar(@item);
-$last = pop(@item);
-
-#------------------------------------------------------------------------
-# Output the table of names
-print "/* Table mapping test suite names to index numbers */\n";
-printf("const int %s = %d;\n", $COUNTVAR, $count);
-printf("const char *%s[] = {\n", $NAMEVAR);
-
-foreach $elt (@item) {
- printf(" \"%s\",%s/* %s%s */\n", $elt->{"suite"},
- " " x ($NAMELEN - length($elt->{"suite"})),
- $elt->{"desc"},
- " " x ($DESCLEN - length($elt->{"desc"})));
-}
-printf(" \"%s\" %s/* %s%s */\n", $last->{"suite"},
- " " x ($NAMELEN - length($last->{"suite"})),
- $last->{"desc"},
- " " x ($DESCLEN - length($last->{"desc"})));
-print "};\n\n";
-
-#------------------------------------------------------------------------
-# Output the driver function prototypes
-print "/* Test function prototypes */\n";
-foreach $elt (@item, $last) {
- printf("int %s(void);\n", $elt->{"func"});
-}
-print "\n";
-
-#------------------------------------------------------------------------
-# Output the table of functions
-print "/* Table mapping index numbers to functions */\n";
-printf("int (*%s[])(void) = {\n ", $FUNCVAR);
-$brk = 0;
-
-foreach $elt (@item) {
- print($elt->{"func"}, ", ",
- " " x ($FUNCLEN - length($elt->{"func"})));
- $brk = ($brk + 1) & 3;
- print "\n " unless($brk);
-}
-print $last->{"func"}, "\n};\n\n";
-
-#------------------------------------------------------------------------
-# Output the table of descriptions
-print "/* Table mapping index numbers to descriptions */\n";
-printf("const char *%s[] = {\n", $DESCVAR);
-
-foreach $elt (@item) {
- printf(" \"%s\",\n", $elt->{"desc"});
-}
-printf(" \"%s\"\n};\n\n", $last->{"desc"});
-
-exit 0;
-
diff --git a/security/nss/lib/freebl/mpi/mdxptest.c b/security/nss/lib/freebl/mpi/mdxptest.c
deleted file mode 100644
index 61d02e9a9..000000000
--- a/security/nss/lib/freebl/mpi/mdxptest.c
+++ /dev/null
@@ -1,339 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <malloc.h>
-#include <time.h>
-#include "mpi.h"
-#include "mpi-priv.h"
-
-/* #define OLD_WAY 1 */
-
-/* This key is the 1024-bit test key used for speed testing of RSA private
-** key ops.
-*/
-
-#define CONST const
-
-static CONST unsigned char default_n[128] = {
-0xc2,0xae,0x96,0x89,0xaf,0xce,0xd0,0x7b,0x3b,0x35,0xfd,0x0f,0xb1,0xf4,0x7a,0xd1,
-0x3c,0x7d,0xb5,0x86,0xf2,0x68,0x36,0xc9,0x97,0xe6,0x82,0x94,0x86,0xaa,0x05,0x39,
-0xec,0x11,0x51,0xcc,0x5c,0xa1,0x59,0xba,0x29,0x18,0xf3,0x28,0xf1,0x9d,0xe3,0xae,
-0x96,0x5d,0x6d,0x87,0x73,0xf6,0xf6,0x1f,0xd0,0x2d,0xfb,0x2f,0x7a,0x13,0x7f,0xc8,
-0x0c,0x7a,0xe9,0x85,0xfb,0xce,0x74,0x86,0xf8,0xef,0x2f,0x85,0x37,0x73,0x0f,0x62,
-0x4e,0x93,0x17,0xb7,0x7e,0x84,0x9a,0x94,0x11,0x05,0xca,0x0d,0x31,0x4b,0x2a,0xc8,
-0xdf,0xfe,0xe9,0x0c,0x13,0xc7,0xf2,0xad,0x19,0x64,0x28,0x3c,0xb5,0x6a,0xc8,0x4b,
-0x79,0xea,0x7c,0xce,0x75,0x92,0x45,0x3e,0xa3,0x9d,0x64,0x6f,0x04,0x69,0x19,0x17
-};
-
-static CONST unsigned char default_d[128] = {
-0x13,0xcb,0xbc,0xf2,0xf3,0x35,0x8c,0x6d,0x7b,0x6f,0xd9,0xf3,0xa6,0x9c,0xbd,0x80,
-0x59,0x2e,0x4f,0x2f,0x11,0xa7,0x17,0x2b,0x18,0x8f,0x0f,0xe8,0x1a,0x69,0x5f,0x6e,
-0xac,0x5a,0x76,0x7e,0xd9,0x4c,0x6e,0xdb,0x47,0x22,0x8a,0x57,0x37,0x7a,0x5e,0x94,
-0x7a,0x25,0xb5,0xe5,0x78,0x1d,0x3c,0x99,0xaf,0x89,0x7d,0x69,0x2e,0x78,0x9d,0x1d,
-0x84,0xc8,0xc1,0xd7,0x1a,0xb2,0x6d,0x2d,0x8a,0xd9,0xab,0x6b,0xce,0xae,0xb0,0xa0,
-0x58,0x55,0xad,0x5c,0x40,0x8a,0xd6,0x96,0x08,0x8a,0xe8,0x63,0xe6,0x3d,0x6c,0x20,
-0x49,0xc7,0xaf,0x0f,0x25,0x73,0xd3,0x69,0x43,0x3b,0xf2,0x32,0xf8,0x3d,0x5e,0xee,
-0x7a,0xca,0xd6,0x94,0x55,0xe5,0xbd,0x25,0x34,0x8d,0x63,0x40,0xb5,0x8a,0xc3,0x01
-};
-
-
-#define DEFAULT_ITERS 50
-
-typedef clock_t timetype;
-#define gettime(x) *(x) = clock()
-#define subtime(a, b) a -= b
-#define msec(x) ((clock_t)((double)x * 1000.0 / CLOCKS_PER_SEC))
-#define sec(x) (x / CLOCKS_PER_SEC)
-
-struct TimingContextStr {
- timetype start;
- timetype end;
- timetype interval;
-
- int minutes;
- int seconds;
- int millisecs;
-};
-
-typedef struct TimingContextStr TimingContext;
-
-TimingContext *CreateTimingContext(void)
-{
- return (TimingContext *)malloc(sizeof(TimingContext));
-}
-
-void DestroyTimingContext(TimingContext *ctx)
-{
- free(ctx);
-}
-
-void TimingBegin(TimingContext *ctx)
-{
- gettime(&ctx->start);
-}
-
-static void timingUpdate(TimingContext *ctx)
-{
-
- ctx->millisecs = msec(ctx->interval) % 1000;
- ctx->seconds = sec(ctx->interval);
- ctx->minutes = ctx->seconds / 60;
- ctx->seconds %= 60;
-
-}
-
-void TimingEnd(TimingContext *ctx)
-{
- gettime(&ctx->end);
- ctx->interval = ctx->end;
- subtime(ctx->interval, ctx->start);
- timingUpdate(ctx);
-}
-
-char *TimingGenerateString(TimingContext *ctx)
-{
- static char sBuf[4096];
-
- sprintf(sBuf, "%d minutes, %d.%03d seconds", ctx->minutes,
- ctx->seconds, ctx->millisecs);
- return sBuf;
-}
-
-static void
-dumpBytes( unsigned char * b, int l)
-{
- int i;
- if (l <= 0)
- return;
- for (i = 0; i < l; ++i) {
- if (i % 16 == 0)
- printf("\t");
- printf(" %02x", b[i]);
- if (i % 16 == 15)
- printf("\n");
- }
- if ((i % 16) != 0)
- printf("\n");
- printf("\n");
-}
-
-static mp_err
-testNewFuncs(const unsigned char * modulusBytes, int modulus_len)
-{
- mp_err mperr = MP_OKAY;
- mp_int modulus;
- unsigned char buf[512];
-
- mperr = mp_init(&modulus);
- mperr = mp_read_unsigned_octets(&modulus, modulusBytes, modulus_len );
- mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len);
- mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len+1);
- mperr = mp_to_fixlen_octets(&modulus, buf, modulus_len+4);
- mperr = mp_to_unsigned_octets(&modulus, buf, modulus_len);
- mperr = mp_to_signed_octets(&modulus, buf, modulus_len + 1);
- mp_clear(&modulus);
- return mperr;
-}
-
-int
-testModExp( const unsigned char * modulusBytes,
- const unsigned int expo,
- const unsigned char * input,
- unsigned char * output,
- int modulus_len)
-{
- mp_err mperr = MP_OKAY;
- mp_int modulus;
- mp_int base;
- mp_int exponent;
- mp_int result;
-
- mperr = mp_init(&modulus);
- mperr += mp_init(&base);
- mperr += mp_init(&exponent);
- mperr += mp_init(&result);
- /* we initialize all mp_ints unconditionally, even if some fail.
- ** This guarantees that the DIGITS pointer is valid (even if null).
- ** So, mp_clear will do the right thing below.
- */
- if (mperr == MP_OKAY) {
- mperr = mp_read_unsigned_octets(&modulus,
- modulusBytes + (sizeof default_n - modulus_len), modulus_len );
- mperr += mp_read_unsigned_octets(&base, input, modulus_len );
- mp_set(&exponent, expo);
- if (mperr == MP_OKAY) {
-#if OLD_WAY
- mperr = s_mp_exptmod(&base, &exponent, &modulus, &result);
-#else
- mperr = mp_exptmod(&base, &exponent, &modulus, &result);
-#endif
- if (mperr == MP_OKAY) {
- mperr = mp_to_fixlen_octets(&result, output, modulus_len);
- }
- }
- }
- mp_clear(&base);
- mp_clear(&result);
-
- mp_clear(&modulus);
- mp_clear(&exponent);
-
- return (int)mperr;
-}
-
-int
-doModExp( const unsigned char * modulusBytes,
- const unsigned char * exponentBytes,
- const unsigned char * input,
- unsigned char * output,
- int modulus_len)
-{
- mp_err mperr = MP_OKAY;
- mp_int modulus;
- mp_int base;
- mp_int exponent;
- mp_int result;
-
- mperr = mp_init(&modulus);
- mperr += mp_init(&base);
- mperr += mp_init(&exponent);
- mperr += mp_init(&result);
- /* we initialize all mp_ints unconditionally, even if some fail.
- ** This guarantees that the DIGITS pointer is valid (even if null).
- ** So, mp_clear will do the right thing below.
- */
- if (mperr == MP_OKAY) {
- mperr = mp_read_unsigned_octets(&modulus,
- modulusBytes + (sizeof default_n - modulus_len), modulus_len );
- mperr += mp_read_unsigned_octets(&exponent, exponentBytes, modulus_len );
- mperr += mp_read_unsigned_octets(&base, input, modulus_len );
- if (mperr == MP_OKAY) {
-#if OLD_WAY
- mperr = s_mp_exptmod(&base, &exponent, &modulus, &result);
-#else
- mperr = mp_exptmod(&base, &exponent, &modulus, &result);
-#endif
- if (mperr == MP_OKAY) {
- mperr = mp_to_fixlen_octets(&result, output, modulus_len);
- }
- }
- }
- mp_clear(&base);
- mp_clear(&result);
-
- mp_clear(&modulus);
- mp_clear(&exponent);
-
- return (int)mperr;
-}
-
-int
-main(int argc, char **argv)
-{
- TimingContext * timeCtx;
- char * progName;
- long iters = DEFAULT_ITERS;
- unsigned int modulus_len;
- int i;
- int rv;
- unsigned char buf [1024];
- unsigned char buf2[1024];
-
- progName = strrchr(argv[0], '/');
- if (!progName)
- progName = strrchr(argv[0], '\\');
- progName = progName ? progName+1 : argv[0];
-
- if (argc >= 2) {
- iters = atol(argv[1]);
- }
-
- if (argc >= 3) {
- modulus_len = atol(argv[2]);
- } else
- modulus_len = sizeof default_n;
-
- /* no library init function !? */
-
- memset(buf, 0x41, sizeof buf);
-
- if (iters < 2) {
- testNewFuncs( default_n, modulus_len);
- testNewFuncs( default_n+1, modulus_len - 1);
- testNewFuncs( default_n+2, modulus_len - 2);
- testNewFuncs( default_n+3, modulus_len - 3);
-
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = testModExp(default_n, 0, buf, buf2, modulus_len);
- dumpBytes((unsigned char *)buf2, modulus_len);
-
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = testModExp(default_n, 1, buf, buf2, modulus_len);
- dumpBytes((unsigned char *)buf2, modulus_len);
-
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = testModExp(default_n, 2, buf, buf2, modulus_len);
- dumpBytes((unsigned char *)buf2, modulus_len);
-
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = testModExp(default_n, 3, buf, buf2, modulus_len);
- dumpBytes((unsigned char *)buf2, modulus_len);
- }
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
- rv = doModExp(default_n, default_d, buf, buf2, modulus_len);
- if (rv != 0) {
- fprintf(stderr, "Error in modexp operation:\n");
- exit(1);
- }
- dumpBytes((unsigned char *)buf2, modulus_len);
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-
- timeCtx = CreateTimingContext();
- TimingBegin(timeCtx);
- i = iters;
- while (i--) {
- rv = doModExp(default_n, default_d, buf, buf2, modulus_len);
- if (rv != 0) {
- fprintf(stderr, "Error in modexp operation\n");
- exit(1);
- }
- }
- TimingEnd(timeCtx);
- printf("%ld iterations in %s\n", iters, TimingGenerateString(timeCtx));
- printf("%lu allocations, %lu frees, %lu copies\n", mp_allocs, mp_frees, mp_copies);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/montmulf.c b/security/nss/lib/freebl/mpi/montmulf.c
deleted file mode 100644
index 2cf0825f8..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.c
+++ /dev/null
@@ -1,326 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SPARC optimized Montgomery multiply functions.
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifdef SOLARIS
-#define RF_INLINE_MACROS 1
-#endif
-
-static const double TwoTo16=65536.0;
-static const double TwoToMinus16=1.0/65536.0;
-static const double Zero=0.0;
-static const double TwoTo32=65536.0*65536.0;
-static const double TwoToMinus32=1.0/(65536.0*65536.0);
-
-#ifdef RF_INLINE_MACROS
-
-double upper32(double);
-double lower32(double, double);
-double mod(double, double, double);
-
-void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/,
- const double * /* 2^16*/,
- const double * /* 0 */,
- double * /*result16*/,
- double * /* result32 */,
- float * /*source - should be unsigned int*
- converted to float* */);
-
-#else
-#ifdef MP_USE_FLOOR
-#include <math.h>
-#else
-#define floor(d) ((double)((unsigned long long)(d)))
-#endif
-
-static double upper32(double x)
-{
- return floor(x*TwoToMinus32);
-}
-
-static double lower32(double x, double y)
-{
- return x-TwoTo32*floor(x*TwoToMinus32);
-}
-
-static double mod(double x, double oneoverm, double m)
-{
- return x-m*floor(x*oneoverm);
-}
-
-#endif
-
-
-static void cleanup(double *dt, int from, int tlen)
-{
- int i;
- double tmp,tmp1,x,x1;
-
- tmp=tmp1=Zero;
- /* original code **
- for(i=2*from;i<2*tlen-2;i++)
- {
- x=dt[i];
- dt[i]=lower32(x,Zero)+tmp1;
- tmp1=tmp;
- tmp=upper32(x);
- }
- dt[tlen-2]+=tmp1;
- dt[tlen-1]+=tmp;
- **end original code ***/
- /* new code ***/
- for(i=2*from;i<2*tlen;i+=2)
- {
- x=dt[i];
- x1=dt[i+1];
- dt[i]=lower32(x,Zero)+tmp;
- dt[i+1]=lower32(x1,Zero)+tmp1;
- tmp=upper32(x);
- tmp1=upper32(x1);
- }
- /** end new code **/
-}
-
-
-void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-{
-int i;
-long long t, t1, a, b, c, d;
-
- t1=0;
- a=(long long)d16[0];
- b=(long long)d16[1];
- for(i=0; i<ilen-1; i++)
- {
- c=(long long)d16[2*i+2];
- t1+=(unsigned int)a;
- t=(a>>32);
- d=(long long)d16[2*i+3];
- t1+=(b&0xffff)<<16;
- t+=(b>>16)+(t1>>32);
- i32[i]=(unsigned int)t1;
- t1=t;
- a=c;
- b=d;
- }
- t1+=(unsigned int)a;
- t=(a>>32);
- t1+=(b&0xffff)<<16;
- i32[i]=(unsigned int)t1;
-}
-
-void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-{
-int i;
-
-#pragma pipeloop(0)
- for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-}
-
-
-void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-{
-int i;
-unsigned int a;
-
-#pragma pipeloop(0)
- for(i=0;i<len;i++)
- {
- a=i32[i];
- d16[2*i]=(double)(a&0xffff);
- d16[2*i+1]=(double)(a>>16);
- }
-}
-
-
-void conv_i32_to_d32_and_d16(double *d32, double *d16,
- unsigned int *i32, int len)
-{
-int i = 0;
-unsigned int a;
-
-#pragma pipeloop(0)
-#ifdef RF_INLINE_MACROS
- for(;i<len-3;i+=4)
- {
- i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
- &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
- }
-#endif
- for(;i<len;i++)
- {
- a=i32[i];
- d32[i]=(double)(i32[i]);
- d16[2*i]=(double)(a&0xffff);
- d16[2*i+1]=(double)(a>>16);
- }
-}
-
-
-void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-{
-long long acc;
-int i;
-
- if(i32[len]>0) i=-1;
- else
- {
- for(i=len-1; i>=0; i--)
- {
- if(i32[i]!=nint[i]) break;
- }
- }
- if((i<0)||(i32[i]>nint[i]))
- {
- acc=0;
- for(i=0;i<len;i++)
- {
- acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
- i32[i]=(unsigned int)acc;
- acc=acc>>32;
- }
- }
-}
-
-
-
-
-/*
-** the lengths of the input arrays should be at least the following:
-** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-** all of them should be different from one another
-**
-*/
-void mont_mulf_noconv(unsigned int *result,
- double *dm1, double *dm2, double *dt,
- double *dn, unsigned int *nint,
- int nlen, double dn0)
-{
- int i, j, jj;
- int tmp;
- double digit, m2j, nextm2j, a, b;
- double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-
- pdm1=&(dm1[0]);
- pdm2=&(dm2[0]);
- pdn=&(dn[0]);
- pdm2[2*nlen]=Zero;
-
- if (nlen!=16)
- {
- for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-
- a=dt[0]=pdm1[0]*pdm2[0];
- digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-
- pdtj=&(dt[0]);
- for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
- {
- m2j=pdm2[j];
- a=pdtj[0]+pdn[0]*digit;
- b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
- pdtj[1]=b;
-
-#pragma pipeloop(0)
- for(i=1;i<nlen;i++)
- {
- pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
- }
- if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-
- digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
- }
- }
- else
- {
- a=dt[0]=pdm1[0]*pdm2[0];
-
- dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
- dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
- dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
- dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
- dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
- dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
- dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
- dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
- dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
- dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
- dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
-
- pdn_0=pdn[0];
- pdm1_0=pdm1[0];
-
- digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
- pdtj=&(dt[0]);
-
- for(j=0;j<32;j++,pdtj++)
- {
-
- m2j=pdm2[j];
- a=pdtj[0]+pdn_0*digit;
- b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
- pdtj[1]=b;
-
- /**** this loop will be fully unrolled:
- for(i=1;i<16;i++)
- {
- pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
- }
- *************************************/
- pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
- pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
- pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
- pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
- pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
- pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
- pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
- pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
- pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
- pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
- pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
- pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
- pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
- pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
- pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
- /* no need for cleenup, cannot overflow */
- digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
- }
- }
-
- conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-
- adjust_montf_result(result,nint,nlen);
-
-}
-
diff --git a/security/nss/lib/freebl/mpi/montmulf.h b/security/nss/lib/freebl/mpi/montmulf.h
deleted file mode 100644
index 5fd5dd4e3..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is interface file for SPARC Montgomery multiply functions.
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* The functions that are to be called from outside of the .s file have the
- * following interfaces and array size requirements:
- */
-
-
-void conv_i32_to_d32(double *d32, unsigned int *i32, int len);
-
-/* Converts an array of int's to an array of doubles, so that each double
- * corresponds to an int. len is the number of items converted.
- * Does not allocate the output array.
- * The pointers d32 and i32 should point to arrays of size at least len
- * (doubles and unsigned ints, respectively)
- */
-
-
-void conv_i32_to_d16(double *d16, unsigned int *i32, int len);
-
-/* Converts an array of int's to an array of doubles so that each element
- * of the int array is converted to a pair of doubles, the first one
- * corresponding to the lower (least significant) 16 bits of the int and
- * the second one corresponding to the upper (most significant) 16 bits of
- * the 32-bit int. len is the number of ints converted.
- * Does not allocate the output array.
- * The pointer d16 should point to an array of doubles of size at least
- * 2*len and i32 should point an array of ints of size at least len
- */
-
-
-void conv_i32_to_d32_and_d16(double *d32, double *d16,
- unsigned int *i32, int len);
-
-/* Does the above two conversions together, it is much faster than doing
- * both of those in succession
- */
-
-
-void mont_mulf_noconv(unsigned int *result,
- double *dm1, double *dm2, double *dt,
- double *dn, unsigned int *nint,
- int nlen, double dn0);
-
-/* Does the Montgomery multiplication of the numbers stored in the arrays
- * pointed to by dm1 and dm2, writing the result to the array pointed to by
- * result. It uses the array pointed to by dt as a temporary work area.
- * nint should point to the modulus in the array-of-integers representation,
- * dn should point to its array-of-doubles as obtained as a result of the
- * function call conv_i32_to_d32(dn, nint, nlen);
- * nlen is the length of the array containing the modulus.
- * The representation used for dm1 is the one that is a result of the function
- * call conv_i32_to_d32(dm1, m1, nlen), the representation for dm2 is the
- * result of the function call conv_i32_to_d16(dm2, m2, nlen).
- * Note that m1 and m2 should both be of length nlen, so they should be
- * padded with 0's if necessary before the conversion. The result comes in
- * this form (int representation, padded with 0's).
- * dn0 is the value of the 16 least significant bits of n0'.
- * The function does not allocate memory for any of the arrays, so the
- * pointers should point to arrays with the following minimal sizes:
- * result - nlen+1
- * dm1 - nlen
- * dm2 - 2*nlen+1 ( the +1 is necessary for technical reasons )
- * dt - 4*nlen+2
- * dn - nlen
- * nint - nlen
- * No two arrays should point to overlapping areas of memory.
- */
diff --git a/security/nss/lib/freebl/mpi/montmulf.il b/security/nss/lib/freebl/mpi/montmulf.il
deleted file mode 100644
index b3dd734b6..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.il
+++ /dev/null
@@ -1,137 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is inline macros for SPARC Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
-!
-! double upper32(double /*frs1*/);
-!
- .inline upper32,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f10
-
- fdtox %f10,%f10
- fitod %f10,%f0
- .end
-
-!
-! double lower32(double /*frs1*/, double /* Zero */);
-!
- .inline lower32,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f10
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f12
-
- fdtox %f10,%f10
- fmovs %f12,%f10
- fxtod %f10,%f0
- .end
-
-!
-! double mod(double /*x*/, double /*1/m*/, double /*m*/);
-!
- .inline mod,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f2
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o4,[%sp+0x48]
- ldd [%sp+0x48],%f6
-
- fmuld %f2,%f4,%f4
- fdtox %f4,%f4
- fxtod %f4,%f4
- fmuld %f4,%f6,%f4
- fsubd %f2,%f4,%f0
- .end
-
-
-!
-! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-! double * /* 0 */,
-! double * /*result16*/, double * /* result32 */
-! float * /*source - should be unsigned int*
-! converted to float* */);
-!
- .inline i16_to_d16_and_d32x4,24
- ldd [%o0],%f2 ! 1/(2^16)
- ldd [%o1],%f4 ! 2^16
- ldd [%o2],%f22
-
- fmovd %f22,%f6
- ld [%o5],%f7
- fmovd %f22,%f10
- ld [%o5+4],%f11
- fmovd %f22,%f14
- ld [%o5+8],%f15
- fmovd %f22,%f18
- ld [%o5+12],%f19
- fxtod %f6,%f6
- std %f6,[%o4]
- fxtod %f10,%f10
- std %f10,[%o4+8]
- fxtod %f14,%f14
- std %f14,[%o4+16]
- fxtod %f18,%f18
- std %f18,[%o4+24]
- fmuld %f2,%f6,%f8
- fmuld %f2,%f10,%f12
- fmuld %f2,%f14,%f16
- fmuld %f2,%f18,%f20
- fdtox %f8,%f8
- fdtox %f12,%f12
- fdtox %f16,%f16
- fdtox %f20,%f20
- fxtod %f8,%f8
- std %f8,[%o3+8]
- fxtod %f12,%f12
- std %f12,[%o3+24]
- fxtod %f16,%f16
- std %f16,[%o3+40]
- fxtod %f20,%f20
- std %f20,[%o3+56]
- fmuld %f8,%f4,%f8
- fmuld %f12,%f4,%f12
- fmuld %f16,%f4,%f16
- fmuld %f20,%f4,%f20
- fsubd %f6,%f8,%f8
- std %f8,[%o3]
- fsubd %f10,%f12,%f12
- std %f12,[%o3+16]
- fsubd %f14,%f16,%f16
- std %f16,[%o3+32]
- fsubd %f18,%f20,%f20
- std %f20,[%o3+48]
- .end
-
-
diff --git a/security/nss/lib/freebl/mpi/montmulf.s b/security/nss/lib/freebl/mpi/montmulf.s
deleted file mode 100644
index 6ed2d7593..000000000
--- a/security/nss/lib/freebl/mpi/montmulf.s
+++ /dev/null
@@ -1,1976 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is SPARC hand-optimized Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
- .section ".text",#alloc,#execinstr
- .file "montmulf.c"
-
- .section ".data",#alloc,#write
- .align 8
-TwoTo16: /* frequency 1.0 confidence 0.0 */
- .word 1089470464
- .word 0
- .type TwoTo16,#object
- .size TwoTo16,8
-TwoToMinus16: /* frequency 1.0 confidence 0.0 */
- .word 1055916032
- .word 0
- .type TwoToMinus16,#object
- .size TwoToMinus16,8
-Zero: /* frequency 1.0 confidence 0.0 */
- .word 0
- .word 0
- .type Zero,#object
- .size Zero,8
-TwoTo32: /* frequency 1.0 confidence 0.0 */
- .word 1106247680
- .word 0
- .type TwoTo32,#object
- .size TwoTo32,8
-TwoToMinus32: /* frequency 1.0 confidence 0.0 */
- .word 1039138816
- .word 0
- .type TwoToMinus32,#object
- .size TwoToMinus32,8
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE cleanup
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global cleanup
- cleanup: /* frequency 1.0 confidence 0.0 */
-! FILE montmulf.c
-
-! 1 !#define RF_INLINE_MACROS
-! 3 !static double TwoTo16=65536.0;
-! 4 !static double TwoToMinus16=1.0/65536.0;
-! 5 !static double Zero=0.0;
-! 6 !static double TwoTo32=65536.0*65536.0;
-! 7 !static double TwoToMinus32=1.0/(65536.0*65536.0);
-! 9 !#ifdef RF_INLINE_MACROS
-! 11 !double upper32(double);
-! 12 !double lower32(double, double);
-! 13 !double mod(double, double, double);
-! 15 !#else
-! 17 !static double upper32(double x)
-! 18 !{
-! 19 ! return floor(x*TwoToMinus32);
-! 20 !}
-! 22 !static double lower32(double x, double y)
-! 23 !{
-! 24 ! return x-TwoTo32*floor(x*TwoToMinus32);
-! 25 !}
-! 27 !static double mod(double x, double oneoverm, double m)
-! 28 !{
-! 29 ! return x-m*floor(x*oneoverm);
-! 30 !}
-! 32 !#endif
-! 35 !void cleanup(double *dt, int from, int tlen)
-! 36 !{
-! 37 ! int i;
-! 38 ! double tmp,tmp1,x,x1;
-! 40 ! tmp=tmp1=Zero;
-
-/* 000000 40 ( 0 1) */ sethi %hi(Zero),%g2
-
-! 41 ! /* original code **
-! 42 ! for(i=2*from;i<2*tlen-2;i++)
-! 43 ! {
-! 44 ! x=dt[i];
-! 45 ! dt[i]=lower32(x,Zero)+tmp1;
-! 46 ! tmp1=tmp;
-! 47 ! tmp=upper32(x);
-! 48 ! }
-! 49 ! dt[tlen-2]+=tmp1;
-! 50 ! dt[tlen-1]+=tmp;
-! 51 ! **end original code ***/
-! 52 ! /* new code ***/
-! 53 ! for(i=2*from;i<2*tlen;i+=2)
-
-/* 0x0004 53 ( 1 2) */ sll %o2,1,%g3
-/* 0x0008 40 ( 1 4) */ ldd [%g2+%lo(Zero)],%f0
-/* 0x000c ( 1 2) */ add %g2,%lo(Zero),%g2
-/* 0x0010 53 ( 2 3) */ sll %o1,1,%g4
-/* 0x0014 36 ( 3 4) */ sll %o1,4,%g1
-/* 0x0018 40 ( 3 4) */ fmovd %f0,%f4
-/* 0x001c 53 ( 3 4) */ cmp %g4,%g3
-/* 0x0020 ( 3 4) */ bge,pt %icc,.L77000116 ! tprob=0.56
-/* 0x0024 ( 4 5) */ fmovd %f0,%f2
-/* 0x0028 36 ( 4 5) */ add %o0,%g1,%g1
-/* 0x002c ( 4 5) */ sub %g3,1,%g3
-
-! 54 ! {
-! 55 ! x=dt[i];
-
-/* 0x0030 55 ( 5 8) */ ldd [%g1],%f8
- .L900000114: /* frequency 6.4 confidence 0.0 */
-/* 0x0034 ( 0 3) */ fdtox %f8,%f6
-
-! 56 ! x1=dt[i+1];
-
-/* 0x0038 56 ( 0 3) */ ldd [%g1+8],%f10
-
-! 57 ! dt[i]=lower32(x,Zero)+tmp;
-! 58 ! dt[i+1]=lower32(x1,Zero)+tmp1;
-! 59 ! tmp=upper32(x);
-! 60 ! tmp1=upper32(x1);
-
-/* 0x003c 60 ( 0 1) */ add %g4,2,%g4
-/* 0x0040 ( 1 4) */ fdtox %f8,%f8
-/* 0x0044 ( 1 2) */ cmp %g4,%g3
-/* 0x0048 ( 5 6) */ fmovs %f0,%f6
-/* 0x004c ( 7 10) */ fxtod %f6,%f6
-/* 0x0050 ( 8 11) */ fdtox %f10,%f0
-/* 0x0054 57 (10 13) */ faddd %f6,%f2,%f2
-/* 0x0058 (10 11) */ std %f2,[%g1]
-/* 0x005c (12 15) */ ldd [%g2],%f2
-/* 0x0060 (14 15) */ fmovs %f2,%f0
-/* 0x0064 (16 19) */ fxtod %f0,%f6
-/* 0x0068 (17 20) */ fdtox %f10,%f0
-/* 0x006c (18 21) */ fitod %f8,%f2
-/* 0x0070 58 (19 22) */ faddd %f6,%f4,%f4
-/* 0x0074 (19 20) */ std %f4,[%g1+8]
-/* 0x0078 60 (19 20) */ add %g1,16,%g1
-/* 0x007c (20 23) */ fitod %f0,%f4
-/* 0x0080 (20 23) */ ldd [%g2],%f0
-/* 0x0084 (20 21) */ ble,a,pt %icc,.L900000114 ! tprob=0.86
-/* 0x0088 (21 24) */ ldd [%g1],%f8
- .L77000116: /* frequency 1.0 confidence 0.0 */
-/* 0x008c ( 0 2) */ retl ! Result =
-/* 0x0090 ( 1 2) */ nop
-/* 0x0094 0 ( 0 0) */ .type cleanup,2
-/* 0x0094 ( 0 0) */ .size cleanup,(.-cleanup)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE conv_d16_to_i32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global conv_d16_to_i32
- conv_d16_to_i32: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ save %sp,-136,%sp
-
-! 61 ! }
-! 62 ! /** end new code **/
-! 63 !}
-! 66 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-! 67 !{
-! 68 !int i;
-! 69 !long long t, t1, a, b, c, d;
-! 71 ! t1=0;
-! 72 ! a=(long long)d16[0];
-
-/* 0x0004 72 ( 1 4) */ ldd [%i1],%f0
-
-! 73 ! b=(long long)d16[1];
-! 74 ! for(i=0; i<ilen-1; i++)
-
-/* 0x0008 74 ( 1 2) */ sub %i3,1,%g2
-/* 0x000c 67 ( 1 2) */ or %g0,%i0,%g5
-/* 0x0010 74 ( 2 3) */ cmp %g2,0
-/* 0x0014 71 ( 2 3) */ or %g0,0,%o4
-/* 0x0018 72 ( 3 6) */ fdtox %f0,%f0
-/* 0x001c ( 3 4) */ std %f0,[%sp+120]
-/* 0x0020 74 ( 3 4) */ or %g0,0,%o7
-/* 0x0024 67 ( 4 5) */ or %g0,%i3,%o0
-/* 0x0028 ( 4 5) */ sub %i3,2,%o2
-/* 0x002c 73 ( 5 8) */ ldd [%i1+8],%f0
-/* 0x0030 67 ( 5 6) */ sethi %hi(0xfc00),%o0
-/* 0x0034 ( 5 6) */ add %o2,1,%g3
-/* 0x0038 ( 6 7) */ add %o0,1023,%o1
-/* 0x003c ( 6 7) */ or %g0,%g5,%o5
-/* 0x0040 73 ( 7 10) */ fdtox %f0,%f0
-/* 0x0044 ( 7 8) */ std %f0,[%sp+112]
-/* 0x0048 72 (11 13) */ ldx [%sp+120],%g4
-/* 0x004c 73 (12 14) */ ldx [%sp+112],%g1
-/* 0x0050 74 (12 13) */ ble,pt %icc,.L900000214 ! tprob=0.56
-/* 0x0054 (12 13) */ sethi %hi(0xfc00),%g2
-/* 0x0058 67 (13 14) */ or %g0,-1,%g2
-/* 0x005c 74 (13 14) */ cmp %g3,3
-/* 0x0060 67 (14 15) */ srl %g2,0,%o3
-/* 0x0064 (14 15) */ or %g0,%i1,%g2
-/* 0x0068 74 (14 15) */ bl,pn %icc,.L77000134 ! tprob=0.44
-/* 0x006c (15 18) */ ldd [%g2+16],%f0
-
-! 75 ! {
-! 76 ! c=(long long)d16[2*i+2];
-! 77 ! t1+=a&0xffffffff;
-! 78 ! t=(a>>32);
-! 79 ! d=(long long)d16[2*i+3];
-! 80 ! t1+=(b&0xffff)<<16;
-
-/* 0x0070 80 (15 16) */ and %g1,%o1,%o0
-
-! 81 ! t+=(b>>16)+(t1>>32);
-! 82 ! i32[i]=t1&0xffffffff;
-! 83 ! t1=t;
-! 84 ! a=c;
-! 85 ! b=d;
-
-/* 0x0074 85 (15 16) */ add %g2,16,%g2
-/* 0x0078 80 (16 17) */ sllx %o0,16,%g3
-/* 0x007c 77 (16 17) */ and %g4,%o3,%o0
-/* 0x0080 76 (17 20) */ fdtox %f0,%f0
-/* 0x0084 (17 18) */ std %f0,[%sp+104]
-/* 0x0088 74 (17 18) */ add %o0,%g3,%o4
-/* 0x008c 79 (18 21) */ ldd [%g2+8],%f2
-/* 0x0090 81 (18 19) */ srax %g1,16,%o0
-/* 0x0094 82 (18 19) */ and %o4,%o3,%o7
-/* 0x0098 81 (19 20) */ stx %o0,[%sp+112]
-/* 0x009c (19 20) */ srax %o4,32,%o0
-/* 0x00a0 85 (19 20) */ add %g5,4,%o5
-/* 0x00a4 81 (20 21) */ stx %o0,[%sp+120]
-/* 0x00a8 78 (20 21) */ srax %g4,32,%o4
-/* 0x00ac 79 (20 23) */ fdtox %f2,%f0
-/* 0x00b0 (21 22) */ std %f0,[%sp+96]
-/* 0x00b4 81 (22 24) */ ldx [%sp+112],%o0
-/* 0x00b8 (23 25) */ ldx [%sp+120],%g4
-/* 0x00bc 76 (25 27) */ ldx [%sp+104],%g3
-/* 0x00c0 81 (25 26) */ add %o0,%g4,%g4
-/* 0x00c4 79 (26 28) */ ldx [%sp+96],%g1
-/* 0x00c8 81 (26 27) */ add %o4,%g4,%o4
-/* 0x00cc 82 (27 28) */ st %o7,[%g5]
-/* 0x00d0 (27 28) */ or %g0,1,%o7
-/* 0x00d4 84 (27 28) */ or %g0,%g3,%g4
- .L900000209: /* frequency 64.0 confidence 0.0 */
-/* 0x00d8 76 (17 19) */ ldd [%g2+16],%f0
-/* 0x00dc 85 (17 18) */ add %o7,1,%o7
-/* 0x00e0 (17 18) */ add %o5,4,%o5
-/* 0x00e4 (18 18) */ cmp %o7,%o2
-/* 0x00e8 (18 19) */ add %g2,16,%g2
-/* 0x00ec 76 (19 22) */ fdtox %f0,%f0
-/* 0x00f0 (20 21) */ std %f0,[%sp+104]
-/* 0x00f4 79 (21 23) */ ldd [%g2+8],%f0
-/* 0x00f8 (23 26) */ fdtox %f0,%f0
-/* 0x00fc (24 25) */ std %f0,[%sp+96]
-/* 0x0100 80 (25 26) */ and %g1,%o1,%g3
-/* 0x0104 (26 27) */ sllx %g3,16,%g3
-/* 0x0108 ( 0 0) */ stx %g3,[%sp+120]
-/* 0x010c 77 (26 27) */ and %g4,%o3,%g3
-/* 0x0110 74 ( 0 0) */ stx %o7,[%sp+128]
-/* 0x0114 ( 0 0) */ ldx [%sp+120],%o7
-/* 0x0118 (27 27) */ add %g3,%o7,%g3
-/* 0x011c ( 0 0) */ ldx [%sp+128],%o7
-/* 0x0120 81 (28 29) */ srax %g1,16,%g1
-/* 0x0124 74 (28 28) */ add %g3,%o4,%g3
-/* 0x0128 81 (29 30) */ srax %g3,32,%o4
-/* 0x012c ( 0 0) */ stx %o4,[%sp+112]
-/* 0x0130 78 (30 31) */ srax %g4,32,%o4
-/* 0x0134 81 ( 0 0) */ ldx [%sp+112],%g4
-/* 0x0138 (30 31) */ add %g1,%g4,%g4
-/* 0x013c 79 (31 33) */ ldx [%sp+96],%g1
-/* 0x0140 81 (31 32) */ add %o4,%g4,%o4
-/* 0x0144 82 (32 33) */ and %g3,%o3,%g3
-/* 0x0148 84 ( 0 0) */ ldx [%sp+104],%g4
-/* 0x014c 85 (33 34) */ ble,pt %icc,.L900000209 ! tprob=0.50
-/* 0x0150 (33 34) */ st %g3,[%o5-4]
- .L900000212: /* frequency 8.0 confidence 0.0 */
-/* 0x0154 85 ( 0 1) */ ba .L900000214 ! tprob=1.00
-/* 0x0158 ( 0 1) */ sethi %hi(0xfc00),%g2
- .L77000134: /* frequency 0.7 confidence 0.0 */
- .L900000213: /* frequency 6.4 confidence 0.0 */
-/* 0x015c 77 ( 0 1) */ and %g4,%o3,%o0
-/* 0x0160 80 ( 0 1) */ and %g1,%o1,%g3
-/* 0x0164 76 ( 0 3) */ fdtox %f0,%f0
-/* 0x0168 77 ( 1 2) */ add %o4,%o0,%o0
-/* 0x016c 76 ( 1 2) */ std %f0,[%sp+104]
-/* 0x0170 85 ( 1 2) */ add %o7,1,%o7
-/* 0x0174 80 ( 2 3) */ sllx %g3,16,%o4
-/* 0x0178 79 ( 2 5) */ ldd [%g2+24],%f2
-/* 0x017c 85 ( 2 3) */ add %g2,16,%g2
-/* 0x0180 80 ( 3 4) */ add %o0,%o4,%o4
-/* 0x0184 81 ( 3 4) */ stx %o7,[%sp+128]
-/* 0x0188 ( 4 5) */ srax %g1,16,%o0
-/* 0x018c ( 4 5) */ stx %o0,[%sp+112]
-/* 0x0190 82 ( 4 5) */ and %o4,%o3,%g3
-/* 0x0194 81 ( 5 6) */ srax %o4,32,%o0
-/* 0x0198 ( 5 6) */ stx %o0,[%sp+120]
-/* 0x019c 79 ( 5 8) */ fdtox %f2,%f0
-/* 0x01a0 ( 6 7) */ std %f0,[%sp+96]
-/* 0x01a4 78 ( 6 7) */ srax %g4,32,%o4
-/* 0x01a8 81 ( 7 9) */ ldx [%sp+120],%o7
-/* 0x01ac ( 8 10) */ ldx [%sp+112],%g4
-/* 0x01b0 76 (10 12) */ ldx [%sp+104],%g1
-/* 0x01b4 81 (10 11) */ add %g4,%o7,%g4
-/* 0x01b8 (11 13) */ ldx [%sp+128],%o7
-/* 0x01bc (11 12) */ add %o4,%g4,%o4
-/* 0x01c0 79 (12 14) */ ldx [%sp+96],%o0
-/* 0x01c4 84 (12 13) */ or %g0,%g1,%g4
-/* 0x01c8 82 (13 14) */ st %g3,[%o5]
-/* 0x01cc 85 (13 14) */ add %o5,4,%o5
-/* 0x01d0 (13 14) */ cmp %o7,%o2
-/* 0x01d4 (14 15) */ or %g0,%o0,%g1
-/* 0x01d8 (14 15) */ ble,a,pt %icc,.L900000213 ! tprob=0.86
-/* 0x01dc (14 17) */ ldd [%g2+16],%f0
- .L77000127: /* frequency 1.0 confidence 0.0 */
-
-! 86 ! }
-! 87 ! t1+=a&0xffffffff;
-! 88 ! t=(a>>32);
-! 89 ! t1+=(b&0xffff)<<16;
-! 90 ! i32[i]=t1&0xffffffff;
-
-/* 0x01e0 90 ( 0 1) */ sethi %hi(0xfc00),%g2
- .L900000214: /* frequency 1.0 confidence 0.0 */
-/* 0x01e4 90 ( 0 1) */ or %g0,-1,%g3
-/* 0x01e8 ( 0 1) */ add %g2,1023,%g2
-/* 0x01ec ( 1 2) */ srl %g3,0,%g3
-/* 0x01f0 ( 1 2) */ and %g1,%g2,%g2
-/* 0x01f4 ( 2 3) */ and %g4,%g3,%g4
-/* 0x01f8 ( 3 4) */ sllx %g2,16,%g2
-/* 0x01fc ( 3 4) */ add %o4,%g4,%g4
-/* 0x0200 ( 4 5) */ add %g4,%g2,%g2
-/* 0x0204 ( 5 6) */ sll %o7,2,%g4
-/* 0x0208 ( 5 6) */ and %g2,%g3,%g2
-/* 0x020c ( 6 7) */ st %g2,[%g5+%g4]
-/* 0x0210 ( 7 9) */ ret ! Result =
-/* 0x0214 ( 9 10) */ restore %g0,%g0,%g0
-/* 0x0218 0 ( 0 0) */ .type conv_d16_to_i32,2
-/* 0x0218 ( 0 0) */ .size conv_d16_to_i32,(.-conv_d16_to_i32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000301: /* frequency 1.0 confidence 0.0 */
-/* 000000 0 ( 0 0) */ .word 1127219200,0
-/* 0x0008 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE conv_i32_to_d32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global conv_i32_to_d32
- conv_i32_to_d32: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ orcc %g0,%o2,%g1
-
-! 92 !}
-! 94 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-! 95 !{
-! 96 !int i;
-! 98 !#pragma pipeloop(0)
-! 99 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-
-/* 0x0004 99 ( 0 1) */ ble,pt %icc,.L77000140 ! tprob=0.56
-/* 0x0008 ( 0 1) */ nop
-/* 0x000c ( 1 2) */ sethi %hi(.L_const_seg_900000301),%g2
-/* 0x0010 95 ( 1 2) */ or %g0,%o1,%g4
-/* 0x0014 99 ( 2 3) */ add %g2,%lo(.L_const_seg_900000301),%g2
-/* 0x0018 ( 2 3) */ or %g0,0,%o5
-/* 0x001c 95 ( 3 4) */ or %g0,%o0,%g5
-/* 0x0020 99 ( 3 4) */ sub %o2,1,%g3
-/* 0x0024 ( 4 5) */ cmp %o2,9
-/* 0x0028 ( 4 5) */ bl,pn %icc,.L77000144 ! tprob=0.44
-/* 0x002c ( 4 7) */ ldd [%g2],%f8
-/* 0x0030 ( 5 8) */ ld [%o1],%f7
-/* 0x0034 ( 5 6) */ add %o1,16,%g4
-/* 0x0038 ( 5 6) */ sub %o2,5,%g1
-/* 0x003c ( 6 9) */ ld [%o1+4],%f5
-/* 0x0040 ( 6 7) */ or %g0,4,%o5
-/* 0x0044 ( 7 10) */ ld [%o1+8],%f3
-/* 0x0048 ( 7 8) */ fmovs %f8,%f6
-/* 0x004c ( 8 11) */ ld [%o1+12],%f1
- .L900000305: /* frequency 64.0 confidence 0.0 */
-/* 0x0050 ( 8 16) */ ld [%g4],%f11
-/* 0x0054 ( 8 9) */ add %o5,5,%o5
-/* 0x0058 ( 8 9) */ add %g4,20,%g4
-/* 0x005c ( 8 11) */ fsubd %f6,%f8,%f6
-/* 0x0060 ( 9 10) */ std %f6,[%g5]
-/* 0x0064 ( 9 9) */ cmp %o5,%g1
-/* 0x0068 ( 9 10) */ add %g5,40,%g5
-/* 0x006c ( 0 0) */ fmovs %f8,%f4
-/* 0x0070 (10 18) */ ld [%g4-16],%f7
-/* 0x0074 (10 13) */ fsubd %f4,%f8,%f12
-/* 0x0078 ( 0 0) */ fmovs %f8,%f2
-/* 0x007c (11 12) */ std %f12,[%g5-32]
-/* 0x0080 (12 20) */ ld [%g4-12],%f5
-/* 0x0084 (12 15) */ fsubd %f2,%f8,%f12
-/* 0x0088 ( 0 0) */ fmovs %f8,%f0
-/* 0x008c (13 14) */ std %f12,[%g5-24]
-/* 0x0090 (14 22) */ ld [%g4-8],%f3
-/* 0x0094 (14 17) */ fsubd %f0,%f8,%f12
-/* 0x0098 ( 0 0) */ fmovs %f8,%f10
-/* 0x009c (15 16) */ std %f12,[%g5-16]
-/* 0x00a0 (16 24) */ ld [%g4-4],%f1
-/* 0x00a4 (16 19) */ fsubd %f10,%f8,%f10
-/* 0x00a8 ( 0 0) */ fmovs %f8,%f6
-/* 0x00ac (17 18) */ ble,pt %icc,.L900000305 ! tprob=0.50
-/* 0x00b0 (17 18) */ std %f10,[%g5-8]
- .L900000308: /* frequency 8.0 confidence 0.0 */
-/* 0x00b4 ( 0 1) */ fmovs %f8,%f4
-/* 0x00b8 ( 0 1) */ add %g5,32,%g5
-/* 0x00bc ( 0 1) */ cmp %o5,%g3
-/* 0x00c0 ( 1 2) */ fmovs %f8,%f2
-/* 0x00c4 ( 2 3) */ fmovs %f8,%f0
-/* 0x00c8 ( 4 7) */ fsubd %f6,%f8,%f6
-/* 0x00cc ( 4 5) */ std %f6,[%g5-32]
-/* 0x00d0 ( 5 8) */ fsubd %f4,%f8,%f4
-/* 0x00d4 ( 5 6) */ std %f4,[%g5-24]
-/* 0x00d8 ( 6 9) */ fsubd %f2,%f8,%f2
-/* 0x00dc ( 6 7) */ std %f2,[%g5-16]
-/* 0x00e0 ( 7 10) */ fsubd %f0,%f8,%f0
-/* 0x00e4 ( 7 8) */ bg,pn %icc,.L77000140 ! tprob=0.14
-/* 0x00e8 ( 7 8) */ std %f0,[%g5-8]
- .L77000144: /* frequency 0.7 confidence 0.0 */
-/* 0x00ec ( 0 3) */ ld [%g4],%f1
- .L900000309: /* frequency 6.4 confidence 0.0 */
-/* 0x00f0 ( 0 3) */ ldd [%g2],%f8
-/* 0x00f4 ( 0 1) */ add %o5,1,%o5
-/* 0x00f8 ( 0 1) */ add %g4,4,%g4
-/* 0x00fc ( 1 2) */ cmp %o5,%g3
-/* 0x0100 ( 2 3) */ fmovs %f8,%f0
-/* 0x0104 ( 4 7) */ fsubd %f0,%f8,%f0
-/* 0x0108 ( 4 5) */ std %f0,[%g5]
-/* 0x010c ( 4 5) */ add %g5,8,%g5
-/* 0x0110 ( 4 5) */ ble,a,pt %icc,.L900000309 ! tprob=0.86
-/* 0x0114 ( 6 9) */ ld [%g4],%f1
- .L77000140: /* frequency 1.0 confidence 0.0 */
-/* 0x0118 ( 0 2) */ retl ! Result =
-/* 0x011c ( 1 2) */ nop
-/* 0x0120 0 ( 0 0) */ .type conv_i32_to_d32,2
-/* 0x0120 ( 0 0) */ .size conv_i32_to_d32,(.-conv_i32_to_d32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000401: /* frequency 1.0 confidence 0.0 */
-/* 000000 0 ( 0 0) */ .word 1127219200,0
-/* 0x0008 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE conv_i32_to_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global conv_i32_to_d16
- conv_i32_to_d16: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ save %sp,-104,%sp
-/* 0x0004 ( 1 2) */ orcc %g0,%i2,%o0
-
-! 100 !}
-! 103 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-! 104 !{
-! 105 !int i;
-! 106 !unsigned int a;
-! 108 !#pragma pipeloop(0)
-! 109 ! for(i=0;i<len;i++)
-
-/* 0x0008 109 ( 1 2) */ ble,pt %icc,.L77000150 ! tprob=0.56
-/* 0x000c ( 1 2) */ nop
-/* 0x0010 ( 2 3) */ sub %o0,1,%o5
-/* 0x0014 ( 2 3) */ sethi %hi(0xfc00),%g2
-
-! 110 ! {
-! 111 ! a=i32[i];
-! 112 ! d16[2*i]=(double)(a&0xffff);
-! 113 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0018 113 ( 3 4) */ sethi %hi(.L_const_seg_900000401),%o0
-/* 0x001c ( 3 4) */ add %o5,1,%g3
-/* 0x0020 ( 4 5) */ add %g2,1023,%o4
-/* 0x0024 109 ( 4 5) */ or %g0,0,%g1
-/* 0x0028 ( 5 6) */ cmp %g3,3
-/* 0x002c ( 5 6) */ or %g0,%i1,%o7
-/* 0x0030 ( 6 7) */ add %o0,%lo(.L_const_seg_900000401),%o3
-/* 0x0034 ( 6 7) */ or %g0,%i0,%g2
-/* 0x0038 ( 6 7) */ bl,pn %icc,.L77000154 ! tprob=0.44
-/* 0x003c ( 7 8) */ add %o7,4,%o0
-/* 0x0040 112 ( 7 10) */ ldd [%o3],%f0
-/* 0x0044 113 ( 7 8) */ or %g0,1,%g1
-/* 0x0048 111 ( 8 11) */ ld [%o0-4],%o1
-/* 0x004c 0 ( 8 9) */ or %g0,%o0,%o7
-/* 0x0050 112 (10 11) */ and %o1,%o4,%o0
- .L900000406: /* frequency 64.0 confidence 0.0 */
-/* 0x0054 112 (22 23) */ st %o0,[%sp+96]
-/* 0x0058 113 (22 23) */ add %g1,1,%g1
-/* 0x005c (22 23) */ add %g2,16,%g2
-/* 0x0060 (23 23) */ cmp %g1,%o5
-/* 0x0064 (23 24) */ add %o7,4,%o7
-/* 0x0068 112 (29 31) */ ld [%sp+96],%f3
-/* 0x006c ( 0 0) */ fmovs %f0,%f2
-/* 0x0070 (31 34) */ fsubd %f2,%f0,%f2
-/* 0x0074 113 (32 33) */ srl %o1,16,%o0
-/* 0x0078 112 (32 33) */ std %f2,[%g2-16]
-/* 0x007c 113 (33 34) */ st %o0,[%sp+92]
-/* 0x0080 (40 42) */ ld [%sp+92],%f3
-/* 0x0084 111 (41 43) */ ld [%o7-4],%o1
-/* 0x0088 113 ( 0 0) */ fmovs %f0,%f2
-/* 0x008c (42 45) */ fsubd %f2,%f0,%f2
-/* 0x0090 112 (43 44) */ and %o1,%o4,%o0
-/* 0x0094 113 (43 44) */ ble,pt %icc,.L900000406 ! tprob=0.50
-/* 0x0098 (43 44) */ std %f2,[%g2-8]
- .L900000409: /* frequency 8.0 confidence 0.0 */
-/* 0x009c 112 ( 0 1) */ st %o0,[%sp+96]
-/* 0x00a0 ( 0 1) */ fmovs %f0,%f2
-/* 0x00a4 113 ( 0 1) */ add %g2,16,%g2
-/* 0x00a8 ( 1 2) */ srl %o1,16,%o0
-/* 0x00ac 112 ( 4 7) */ ld [%sp+96],%f3
-/* 0x00b0 ( 6 9) */ fsubd %f2,%f0,%f2
-/* 0x00b4 ( 6 7) */ std %f2,[%g2-16]
-/* 0x00b8 113 ( 7 8) */ st %o0,[%sp+92]
-/* 0x00bc (10 11) */ fmovs %f0,%f2
-/* 0x00c0 (11 14) */ ld [%sp+92],%f3
-/* 0x00c4 (13 16) */ fsubd %f2,%f0,%f0
-/* 0x00c8 (13 14) */ std %f0,[%g2-8]
-/* 0x00cc (14 16) */ ret ! Result =
-/* 0x00d0 (16 17) */ restore %g0,%g0,%g0
- .L77000154: /* frequency 0.7 confidence 0.0 */
-/* 0x00d4 111 ( 0 3) */ ld [%o7],%o0
- .L900000410: /* frequency 6.4 confidence 0.0 */
-/* 0x00d8 112 ( 0 1) */ and %o0,%o4,%o1
-/* 0x00dc ( 0 1) */ st %o1,[%sp+96]
-/* 0x00e0 113 ( 0 1) */ add %g1,1,%g1
-/* 0x00e4 112 ( 1 4) */ ldd [%o3],%f0
-/* 0x00e8 113 ( 1 2) */ srl %o0,16,%o0
-/* 0x00ec ( 1 2) */ add %o7,4,%o7
-/* 0x00f0 ( 2 3) */ cmp %g1,%o5
-/* 0x00f4 112 ( 3 4) */ fmovs %f0,%f2
-/* 0x00f8 ( 4 7) */ ld [%sp+96],%f3
-/* 0x00fc ( 6 9) */ fsubd %f2,%f0,%f2
-/* 0x0100 ( 6 7) */ std %f2,[%g2]
-/* 0x0104 113 ( 7 8) */ st %o0,[%sp+92]
-/* 0x0108 (10 11) */ fmovs %f0,%f2
-/* 0x010c (11 14) */ ld [%sp+92],%f3
-/* 0x0110 (13 16) */ fsubd %f2,%f0,%f0
-/* 0x0114 (13 14) */ std %f0,[%g2+8]
-/* 0x0118 (13 14) */ add %g2,16,%g2
-/* 0x011c (13 14) */ ble,a,pt %icc,.L900000410 ! tprob=0.86
-/* 0x0120 (14 17) */ ld [%o7],%o0
- .L77000150: /* frequency 1.0 confidence 0.0 */
-/* 0x0124 ( 0 2) */ ret ! Result =
-/* 0x0128 ( 2 3) */ restore %g0,%g0,%g0
-/* 0x012c 0 ( 0 0) */ .type conv_i32_to_d16,2
-/* 0x012c ( 0 0) */ .size conv_i32_to_d16,(.-conv_i32_to_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000501: /* frequency 1.0 confidence 0.0 */
-/* 000000 0 ( 0 0) */ .word 1127219200,0
-/* 0x0008 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE conv_i32_to_d32_and_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global conv_i32_to_d32_and_d16
- conv_i32_to_d32_and_d16: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ save %sp,-104,%sp
-/* 0x0004 ( 1 2) */ or %g0,%i3,%i4
-/* 0x0008 ( 1 2) */ or %g0,%i2,%g1
-
-! 114 ! }
-! 115 !}
-! 118 !void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-! 119 ! double * /* 0 */,
-! 120 ! double * /*result16*/, double * /* result32 */,
-! 121 ! float * /*source - should be unsigned int*
-! 122 ! converted to float* */);
-! 126 !void conv_i32_to_d32_and_d16(double *d32, double *d16,
-! 127 ! unsigned int *i32, int len)
-! 128 !{
-! 129 !int i;
-! 130 !unsigned int a;
-! 132 !#pragma pipeloop(0)
-! 133 ! for(i=0;i<len-3;i+=4)
-
-/* 0x000c 133 ( 2 3) */ sub %i4,3,%g2
-/* 0x0010 ( 2 3) */ or %g0,0,%o7
-/* 0x0014 ( 3 4) */ cmp %g2,0
-/* 0x0018 128 ( 3 4) */ or %g0,%i0,%i3
-/* 0x001c 133 ( 3 4) */ ble,pt %icc,.L900000515 ! tprob=0.56
-/* 0x0020 ( 4 5) */ cmp %o7,%i4
-
-! 134 ! {
-! 135 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-! 136 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-
-/* 0x0024 136 ( 4 5) */ sethi %hi(Zero),%g2
-/* 0x0028 133 ( 5 6) */ or %g0,%g1,%o3
-/* 0x002c ( 5 6) */ sub %i4,4,%o2
-/* 0x0030 136 ( 6 7) */ add %g2,%lo(Zero),%o1
-/* 0x0034 133 ( 6 7) */ or %g0,0,%o5
-/* 0x0038 ( 7 8) */ or %g0,0,%o4
-/* 0x003c 136 ( 7 8) */ or %g0,%o3,%g4
- .L900000514: /* frequency 6.4 confidence 0.0 */
-/* 0x0040 ( 0 3) */ ldd [%o1],%f2
-/* 0x0044 136 ( 0 1) */ add %i3,%o5,%g2
-/* 0x0048 ( 0 1) */ add %i1,%o4,%g3
-/* 0x004c ( 1 4) */ ldd [%o1-8],%f0
-/* 0x0050 ( 1 2) */ add %o7,4,%o7
-/* 0x0054 ( 1 2) */ add %o3,16,%o3
-/* 0x0058 ( 2 3) */ fmovd %f2,%f14
-/* 0x005c ( 2 5) */ ld [%g4],%f15
-/* 0x0060 ( 2 3) */ cmp %o7,%o2
-/* 0x0064 ( 3 4) */ fmovd %f2,%f10
-/* 0x0068 ( 3 6) */ ld [%g4+4],%f11
-/* 0x006c ( 4 5) */ fmovd %f2,%f6
-/* 0x0070 ( 4 7) */ ld [%g4+8],%f7
-/* 0x0074 ( 5 8) */ ld [%g4+12],%f3
-/* 0x0078 ( 5 8) */ fxtod %f14,%f14
-/* 0x007c ( 6 9) */ fxtod %f10,%f10
-/* 0x0080 ( 6 9) */ ldd [%o1-16],%f16
-/* 0x0084 ( 7 10) */ fxtod %f6,%f6
-/* 0x0088 ( 7 8) */ std %f14,[%i3+%o5]
-/* 0x008c ( 7 8) */ add %o5,32,%o5
-/* 0x0090 ( 8 11) */ fxtod %f2,%f2
-/* 0x0094 ( 8 11) */ fmuld %f0,%f14,%f12
-/* 0x0098 ( 8 9) */ std %f10,[%g2+8]
-/* 0x009c ( 9 12) */ fmuld %f0,%f10,%f8
-/* 0x00a0 ( 9 10) */ std %f6,[%g2+16]
-/* 0x00a4 (10 13) */ fmuld %f0,%f6,%f4
-/* 0x00a8 (10 11) */ std %f2,[%g2+24]
-/* 0x00ac (11 14) */ fmuld %f0,%f2,%f0
-/* 0x00b0 (11 14) */ fdtox %f12,%f12
-/* 0x00b4 (12 15) */ fdtox %f8,%f8
-/* 0x00b8 (13 16) */ fdtox %f4,%f4
-/* 0x00bc (14 17) */ fdtox %f0,%f0
-/* 0x00c0 (15 18) */ fxtod %f12,%f12
-/* 0x00c4 (15 16) */ std %f12,[%g3+8]
-/* 0x00c8 (16 19) */ fxtod %f8,%f8
-/* 0x00cc (16 17) */ std %f8,[%g3+24]
-/* 0x00d0 (17 20) */ fxtod %f4,%f4
-/* 0x00d4 (17 18) */ std %f4,[%g3+40]
-/* 0x00d8 (18 21) */ fxtod %f0,%f0
-/* 0x00dc (18 21) */ fmuld %f12,%f16,%f12
-/* 0x00e0 (18 19) */ std %f0,[%g3+56]
-/* 0x00e4 (19 22) */ fmuld %f8,%f16,%f8
-/* 0x00e8 (20 23) */ fmuld %f4,%f16,%f4
-/* 0x00ec (21 24) */ fmuld %f0,%f16,%f0
-/* 0x00f0 (21 24) */ fsubd %f14,%f12,%f12
-/* 0x00f4 (21 22) */ std %f12,[%i1+%o4]
-/* 0x00f8 (22 25) */ fsubd %f10,%f8,%f8
-/* 0x00fc (22 23) */ std %f8,[%g3+16]
-/* 0x0100 (22 23) */ add %o4,64,%o4
-/* 0x0104 (23 26) */ fsubd %f6,%f4,%f4
-/* 0x0108 (23 24) */ std %f4,[%g3+32]
-/* 0x010c (24 27) */ fsubd %f2,%f0,%f0
-/* 0x0110 (24 25) */ std %f0,[%g3+48]
-/* 0x0114 (24 25) */ ble,pt %icc,.L900000514 ! tprob=0.86
-/* 0x0118 (25 26) */ or %g0,%o3,%g4
- .L77000159: /* frequency 1.0 confidence 0.0 */
-
-! 137 ! }
-! 138 ! for(;i<len;i++)
-
-/* 0x011c 138 ( 0 1) */ cmp %o7,%i4
- .L900000515: /* frequency 1.0 confidence 0.0 */
-/* 0x0120 138 ( 0 1) */ bge,pt %icc,.L77000164 ! tprob=0.56
-/* 0x0124 ( 0 1) */ nop
-
-! 139 ! {
-! 140 ! a=i32[i];
-! 141 ! d32[i]=(double)(i32[i]);
-! 142 ! d16[2*i]=(double)(a&0xffff);
-! 143 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0128 143 ( 0 1) */ sethi %hi(.L_const_seg_900000501),%o1
-/* 0x012c 138 ( 1 2) */ sethi %hi(0xfc00),%o0
-/* 0x0130 141 ( 1 4) */ ldd [%o1+%lo(.L_const_seg_900000501)],%f0
-/* 0x0134 138 ( 1 2) */ sub %i4,%o7,%g3
-/* 0x0138 ( 2 3) */ sll %o7,2,%g2
-/* 0x013c ( 2 3) */ add %o0,1023,%o3
-/* 0x0140 ( 3 4) */ sll %o7,3,%g4
-/* 0x0144 ( 3 4) */ cmp %g3,3
-/* 0x0148 ( 4 5) */ add %g1,%g2,%o0
-/* 0x014c ( 4 5) */ add %o1,%lo(.L_const_seg_900000501),%o2
-/* 0x0150 ( 5 6) */ add %i3,%g4,%o4
-/* 0x0154 ( 5 6) */ sub %i4,1,%o1
-/* 0x0158 ( 6 7) */ sll %o7,4,%g5
-/* 0x015c ( 6 7) */ bl,pn %icc,.L77000161 ! tprob=0.44
-/* 0x0160 ( 7 8) */ add %i1,%g5,%o5
-/* 0x0164 141 ( 7 10) */ ld [%g1+%g2],%f3
-/* 0x0168 143 ( 7 8) */ add %o4,8,%o4
-/* 0x016c 140 ( 8 11) */ ld [%g1+%g2],%g1
-/* 0x0170 143 ( 8 9) */ add %o5,16,%o5
-/* 0x0174 ( 8 9) */ add %o7,1,%o7
-/* 0x0178 141 ( 9 10) */ fmovs %f0,%f2
-/* 0x017c 143 ( 9 10) */ add %o0,4,%o0
-/* 0x0180 142 (10 11) */ and %g1,%o3,%g2
-/* 0x0184 141 (11 14) */ fsubd %f2,%f0,%f2
-/* 0x0188 (11 12) */ std %f2,[%o4-8]
-/* 0x018c 143 (11 12) */ srl %g1,16,%g1
-/* 0x0190 142 (12 13) */ st %g2,[%sp+96]
-/* 0x0194 (15 16) */ fmovs %f0,%f2
-/* 0x0198 (16 19) */ ld [%sp+96],%f3
-/* 0x019c (18 21) */ fsubd %f2,%f0,%f2
-/* 0x01a0 (18 19) */ std %f2,[%o5-16]
-/* 0x01a4 143 (19 20) */ st %g1,[%sp+92]
-/* 0x01a8 (22 23) */ fmovs %f0,%f2
-/* 0x01ac (23 26) */ ld [%sp+92],%f3
-/* 0x01b0 (25 28) */ fsubd %f2,%f0,%f2
-/* 0x01b4 (25 26) */ std %f2,[%o5-8]
- .L900000509: /* frequency 64.0 confidence 0.0 */
-/* 0x01b8 141 (26 28) */ ld [%o0],%f3
-/* 0x01bc 143 (26 27) */ add %o7,2,%o7
-/* 0x01c0 (26 27) */ add %o5,32,%o5
-/* 0x01c4 140 (27 29) */ ld [%o0],%g1
-/* 0x01c8 143 (27 27) */ cmp %o7,%o1
-/* 0x01cc (27 28) */ add %o4,16,%o4
-/* 0x01d0 141 ( 0 0) */ fmovs %f0,%f2
-/* 0x01d4 (28 31) */ fsubd %f2,%f0,%f2
-/* 0x01d8 (29 30) */ std %f2,[%o4-16]
-/* 0x01dc 142 (29 30) */ and %g1,%o3,%g2
-/* 0x01e0 (30 31) */ st %g2,[%sp+96]
-/* 0x01e4 (37 39) */ ld [%sp+96],%f3
-/* 0x01e8 ( 0 0) */ fmovs %f0,%f2
-/* 0x01ec (39 42) */ fsubd %f2,%f0,%f2
-/* 0x01f0 143 (40 41) */ srl %g1,16,%g1
-/* 0x01f4 142 (40 41) */ std %f2,[%o5-32]
-/* 0x01f8 143 (41 42) */ st %g1,[%sp+92]
-/* 0x01fc (48 50) */ ld [%sp+92],%f3
-/* 0x0200 ( 0 0) */ fmovs %f0,%f2
-/* 0x0204 (50 53) */ fsubd %f2,%f0,%f2
-/* 0x0208 (51 52) */ std %f2,[%o5-24]
-/* 0x020c (51 52) */ add %o0,4,%o0
-/* 0x0210 141 (52 54) */ ld [%o0],%f3
-/* 0x0214 140 (53 55) */ ld [%o0],%g1
-/* 0x0218 141 ( 0 0) */ fmovs %f0,%f2
-/* 0x021c (54 57) */ fsubd %f2,%f0,%f2
-/* 0x0220 (55 56) */ std %f2,[%o4-8]
-/* 0x0224 142 (55 56) */ and %g1,%o3,%g2
-/* 0x0228 (56 57) */ st %g2,[%sp+96]
-/* 0x022c (63 65) */ ld [%sp+96],%f3
-/* 0x0230 ( 0 0) */ fmovs %f0,%f2
-/* 0x0234 (65 68) */ fsubd %f2,%f0,%f2
-/* 0x0238 143 (66 67) */ srl %g1,16,%g1
-/* 0x023c 142 (66 67) */ std %f2,[%o5-16]
-/* 0x0240 143 (67 68) */ st %g1,[%sp+92]
-/* 0x0244 (74 76) */ ld [%sp+92],%f3
-/* 0x0248 ( 0 0) */ fmovs %f0,%f2
-/* 0x024c (76 79) */ fsubd %f2,%f0,%f2
-/* 0x0250 (77 78) */ std %f2,[%o5-8]
-/* 0x0254 (77 78) */ bl,pt %icc,.L900000509 ! tprob=0.50
-/* 0x0258 (77 78) */ add %o0,4,%o0
- .L900000512: /* frequency 8.0 confidence 0.0 */
-/* 0x025c 143 ( 0 1) */ cmp %o7,%i4
-/* 0x0260 ( 0 1) */ bge,pn %icc,.L77000164 ! tprob=0.14
-/* 0x0264 ( 0 1) */ nop
- .L77000161: /* frequency 0.7 confidence 0.0 */
-/* 0x0268 141 ( 0 3) */ ld [%o0],%f3
- .L900000513: /* frequency 6.4 confidence 0.0 */
-/* 0x026c 141 ( 0 3) */ ldd [%o2],%f0
-/* 0x0270 143 ( 0 1) */ add %o7,1,%o7
-/* 0x0274 140 ( 1 4) */ ld [%o0],%o1
-/* 0x0278 143 ( 1 2) */ add %o0,4,%o0
-/* 0x027c ( 1 2) */ cmp %o7,%i4
-/* 0x0280 141 ( 2 3) */ fmovs %f0,%f2
-/* 0x0284 142 ( 3 4) */ and %o1,%o3,%g1
-/* 0x0288 141 ( 4 7) */ fsubd %f2,%f0,%f2
-/* 0x028c ( 4 5) */ std %f2,[%o4]
-/* 0x0290 143 ( 4 5) */ srl %o1,16,%o1
-/* 0x0294 142 ( 5 6) */ st %g1,[%sp+96]
-/* 0x0298 143 ( 5 6) */ add %o4,8,%o4
-/* 0x029c 142 ( 8 9) */ fmovs %f0,%f2
-/* 0x02a0 ( 9 12) */ ld [%sp+96],%f3
-/* 0x02a4 (11 14) */ fsubd %f2,%f0,%f2
-/* 0x02a8 (11 12) */ std %f2,[%o5]
-/* 0x02ac 143 (12 13) */ st %o1,[%sp+92]
-/* 0x02b0 (15 16) */ fmovs %f0,%f2
-/* 0x02b4 (16 19) */ ld [%sp+92],%f3
-/* 0x02b8 (18 21) */ fsubd %f2,%f0,%f0
-/* 0x02bc (18 19) */ std %f0,[%o5+8]
-/* 0x02c0 (18 19) */ add %o5,16,%o5
-/* 0x02c4 (18 19) */ bl,a,pt %icc,.L900000513 ! tprob=0.86
-/* 0x02c8 (19 22) */ ld [%o0],%f3
- .L77000164: /* frequency 1.0 confidence 0.0 */
-/* 0x02cc ( 0 2) */ ret ! Result =
-/* 0x02d0 ( 2 3) */ restore %g0,%g0,%g0
-/* 0x02d4 0 ( 0 0) */ .type conv_i32_to_d32_and_d16,2
-/* 0x02d4 ( 0 0) */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 4
-!
-! SUBROUTINE adjust_montf_result
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global adjust_montf_result
- adjust_montf_result: /* frequency 1.0 confidence 0.0 */
-
-! 144 ! }
-! 145 !}
-! 148 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-! 149 !{
-! 150 !long long acc;
-! 151 !int i;
-! 153 ! if(i32[len]>0) i=-1;
-
-/* 000000 153 ( 0 1) */ sll %o2,2,%g1
-/* 0x0004 ( 0 1) */ or %g0,-1,%g3
-/* 0x0008 ( 1 4) */ ld [%o0+%g1],%g1
-/* 0x000c ( 3 4) */ cmp %g1,0
-/* 0x0010 ( 3 4) */ bleu,pn %icc,.L77000175 ! tprob=0.50
-/* 0x0014 ( 3 4) */ or %g0,%o1,%o3
-/* 0x0018 ( 4 5) */ ba .L900000611 ! tprob=1.00
-/* 0x001c ( 4 5) */ cmp %g3,0
- .L77000175: /* frequency 0.8 confidence 0.0 */
-
-! 154 ! else
-! 155 ! {
-! 156 ! for(i=len-1; i>=0; i++)
-
-/* 0x0020 156 ( 0 1) */ subcc %o2,1,%g3
-/* 0x0024 ( 0 1) */ bneg,pt %icc,.L900000611 ! tprob=0.60
-/* 0x0028 ( 1 2) */ cmp %g3,0
-/* 0x002c ( 1 2) */ sll %g3,2,%g1
-/* 0x0030 ( 2 3) */ add %o0,%g1,%g2
-/* 0x0034 ( 2 3) */ add %o1,%g1,%g1
-
-! 157 ! {
-! 158 ! if(i32[i]!=nint[i]) break;
-
-/* 0x0038 158 ( 3 6) */ ld [%g1],%g5
- .L900000610: /* frequency 5.3 confidence 0.0 */
-/* 0x003c 158 ( 0 3) */ ld [%g2],%o5
-/* 0x0040 ( 0 1) */ add %g1,4,%g1
-/* 0x0044 ( 0 1) */ add %g2,4,%g2
-/* 0x0048 ( 2 3) */ cmp %o5,%g5
-/* 0x004c ( 2 3) */ bne,pn %icc,.L77000182 ! tprob=0.16
-/* 0x0050 ( 2 3) */ nop
-/* 0x0054 ( 3 4) */ addcc %g3,1,%g3
-/* 0x0058 ( 3 4) */ bpos,a,pt %icc,.L900000610 ! tprob=0.84
-/* 0x005c ( 3 6) */ ld [%g1],%g5
- .L77000182: /* frequency 1.0 confidence 0.0 */
-
-! 159 ! }
-! 160 ! }
-! 161 ! if((i<0)||(i32[i]>nint[i]))
-
-/* 0x0060 161 ( 0 1) */ cmp %g3,0
- .L900000611: /* frequency 1.0 confidence 0.0 */
-/* 0x0064 161 ( 0 1) */ bl,pn %icc,.L77000198 ! tprob=0.50
-/* 0x0068 ( 0 1) */ sll %g3,2,%g2
-/* 0x006c ( 1 4) */ ld [%o1+%g2],%g1
-/* 0x0070 ( 2 5) */ ld [%o0+%g2],%g2
-/* 0x0074 ( 4 5) */ cmp %g2,%g1
-/* 0x0078 ( 4 5) */ bleu,pt %icc,.L77000191 ! tprob=0.56
-/* 0x007c ( 4 5) */ nop
- .L77000198: /* frequency 0.8 confidence 0.0 */
-
-! 162 ! {
-! 163 ! acc=0;
-! 164 ! for(i=0;i<len;i++)
-
-/* 0x0080 164 ( 0 1) */ cmp %o2,0
-/* 0x0084 ( 0 1) */ ble,pt %icc,.L77000191 ! tprob=0.60
-/* 0x0088 ( 0 1) */ nop
-/* 0x008c 161 ( 1 2) */ or %g0,-1,%g2
-/* 0x0090 ( 1 2) */ sub %o2,1,%g4
-/* 0x0094 ( 2 3) */ srl %g2,0,%g3
-/* 0x0098 163 ( 2 3) */ or %g0,0,%g5
-/* 0x009c 164 ( 3 4) */ or %g0,0,%o5
-/* 0x00a0 161 ( 3 4) */ or %g0,%o0,%o4
-/* 0x00a4 ( 4 5) */ cmp %o2,3
-/* 0x00a8 ( 4 5) */ add %o1,4,%g2
-/* 0x00ac 164 ( 4 5) */ bl,pn %icc,.L77000199 ! tprob=0.40
-/* 0x00b0 ( 5 6) */ add %o0,8,%g1
-
-! 165 ! {
-! 166 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-
-/* 0x00b4 166 ( 5 8) */ ld [%o0],%o2
-/* 0x00b8 0 ( 5 6) */ or %g0,%g2,%o3
-/* 0x00bc 166 ( 6 9) */ ld [%o1],%o1
-/* 0x00c0 0 ( 6 7) */ or %g0,%g1,%o4
-
-! 167 ! i32[i]=acc&0xffffffff;
-! 168 ! acc=acc>>32;
-
-/* 0x00c4 168 ( 6 7) */ or %g0,2,%o5
-/* 0x00c8 166 ( 7 10) */ ld [%o0+4],%g1
-/* 0x00cc 164 ( 8 9) */ sub %o2,%o1,%o2
-/* 0x00d0 ( 9 10) */ or %g0,%o2,%g5
-/* 0x00d4 167 ( 9 10) */ and %o2,%g3,%o2
-/* 0x00d8 ( 9 10) */ st %o2,[%o0]
-/* 0x00dc 168 (10 11) */ srax %g5,32,%g5
- .L900000605: /* frequency 64.0 confidence 0.0 */
-/* 0x00e0 166 (12 20) */ ld [%o3],%o2
-/* 0x00e4 168 (12 13) */ add %o5,1,%o5
-/* 0x00e8 (12 13) */ add %o3,4,%o3
-/* 0x00ec (13 13) */ cmp %o5,%g4
-/* 0x00f0 (13 14) */ add %o4,4,%o4
-/* 0x00f4 164 (14 14) */ sub %g1,%o2,%g1
-/* 0x00f8 (15 15) */ add %g1,%g5,%g5
-/* 0x00fc 167 (16 17) */ and %g5,%g3,%o2
-/* 0x0100 166 (16 24) */ ld [%o4-4],%g1
-/* 0x0104 167 (17 18) */ st %o2,[%o4-8]
-/* 0x0108 168 (17 18) */ ble,pt %icc,.L900000605 ! tprob=0.50
-/* 0x010c (17 18) */ srax %g5,32,%g5
- .L900000608: /* frequency 8.0 confidence 0.0 */
-/* 0x0110 166 ( 0 3) */ ld [%o3],%g2
-/* 0x0114 164 ( 2 3) */ sub %g1,%g2,%g1
-/* 0x0118 ( 3 4) */ add %g1,%g5,%g1
-/* 0x011c 167 ( 4 5) */ and %g1,%g3,%g2
-/* 0x0120 ( 5 7) */ retl ! Result =
-/* 0x0124 ( 6 7) */ st %g2,[%o4-4]
- .L77000199: /* frequency 0.6 confidence 0.0 */
-/* 0x0128 166 ( 0 3) */ ld [%o4],%g1
- .L900000609: /* frequency 5.3 confidence 0.0 */
-/* 0x012c 166 ( 0 3) */ ld [%o3],%g2
-/* 0x0130 ( 0 1) */ add %g5,%g1,%g1
-/* 0x0134 168 ( 0 1) */ add %o5,1,%o5
-/* 0x0138 ( 1 2) */ add %o3,4,%o3
-/* 0x013c ( 1 2) */ cmp %o5,%g4
-/* 0x0140 166 ( 2 3) */ sub %g1,%g2,%g1
-/* 0x0144 167 ( 3 4) */ and %g1,%g3,%g2
-/* 0x0148 ( 3 4) */ st %g2,[%o4]
-/* 0x014c 168 ( 3 4) */ add %o4,4,%o4
-/* 0x0150 ( 4 5) */ srax %g1,32,%g5
-/* 0x0154 ( 4 5) */ ble,a,pt %icc,.L900000609 ! tprob=0.84
-/* 0x0158 ( 4 7) */ ld [%o4],%g1
- .L77000191: /* frequency 1.0 confidence 0.0 */
-/* 0x015c ( 0 2) */ retl ! Result =
-/* 0x0160 ( 1 2) */ nop
-/* 0x0164 0 ( 0 0) */ .type adjust_montf_result,2
-/* 0x0164 ( 0 0) */ .size adjust_montf_result,(.-adjust_montf_result)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .align 32
-!
-! SUBROUTINE mont_mulf_noconv
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .global mont_mulf_noconv
- mont_mulf_noconv: /* frequency 1.0 confidence 0.0 */
-/* 000000 ( 0 1) */ save %sp,-144,%sp
-/* 0x0004 ( 1 2) */ st %i0,[%fp+68]
-
-! 169 ! }
-! 170 ! }
-! 171 !}
-! 175 !void cleanup(double *dt, int from, int tlen);
-! 177 !/*
-! 178 !** the lengths of the input arrays should be at least the following:
-! 179 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-! 180 !** all of them should be different from one another
-! 181 !**
-! 182 !*/
-! 183 !void mont_mulf_noconv(unsigned int *result,
-! 184 ! double *dm1, double *dm2, double *dt,
-! 185 ! double *dn, unsigned int *nint,
-! 186 ! int nlen, double dn0)
-! 187 !{
-! 188 ! int i, j, jj;
-! 189 ! int tmp;
-! 190 ! double digit, m2j, nextm2j, a, b;
-! 191 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-! 193 ! pdm1=&(dm1[0]);
-! 194 ! pdm2=&(dm2[0]);
-! 195 ! pdn=&(dn[0]);
-! 196 ! pdm2[2*nlen]=Zero;
-
-/* 0x0008 196 ( 1 2) */ sethi %hi(Zero),%g2
-/* 0x000c 187 ( 1 2) */ or %g0,%i2,%o1
-/* 0x0010 ( 2 3) */ st %i5,[%fp+88]
-/* 0x0014 ( 2 3) */ or %g0,%i3,%o2
-/* 0x0018 196 ( 2 3) */ add %g2,%lo(Zero),%g4
-/* 0x001c ( 3 6) */ ldd [%g2+%lo(Zero)],%f2
-/* 0x0020 187 ( 3 4) */ or %g0,%o2,%g5
-/* 0x0024 196 ( 3 4) */ or %g0,%o1,%i0
-/* 0x0028 187 ( 4 5) */ or %g0,%i4,%i2
-
-! 198 ! if (nlen!=16)
-! 199 ! {
-! 200 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-! 202 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 203 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 205 ! pdtj=&(dt[0]);
-! 206 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-! 207 ! {
-! 208 ! m2j=pdm2[j];
-! 209 ! a=pdtj[0]+pdn[0]*digit;
-! 210 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-! 211 ! pdtj[1]=b;
-! 213 !#pragma pipeloop(0)
-! 214 ! for(i=1;i<nlen;i++)
-! 215 ! {
-! 216 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 217 ! }
-! 218 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-! 219 !
-! 220 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 221 ! }
-! 222 ! }
-! 223 ! else
-! 224 ! {
-! 225 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 227 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
-! 228 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
-! 229 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
-! 230 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
-! 231 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
-! 232 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
-! 233 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
-! 234 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
-! 235 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
-! 236 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
-! 237 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
-! 239 ! pdn_0=pdn[0];
-! 240 ! pdm1_0=pdm1[0];
-! 242 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 243 ! pdtj=&(dt[0]);
-! 245 ! for(j=0;j<32;j++,pdtj++)
-! 246 ! {
-! 248 ! m2j=pdm2[j];
-! 249 ! a=pdtj[0]+pdn_0*digit;
-! 250 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-! 251 ! pdtj[1]=b;
-! 253 ! /**** this loop will be fully unrolled:
-! 254 ! for(i=1;i<16;i++)
-! 255 ! {
-! 256 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 257 ! }
-! 258 ! *************************************/
-! 259 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-! 260 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-! 261 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-! 262 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-! 263 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-! 264 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-! 265 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-! 266 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-! 267 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-! 268 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-! 269 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-! 270 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-! 271 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-! 272 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-! 273 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-! 274 ! /* no need for cleenup, cannot overflow */
-! 275 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 276 ! }
-! 277 ! }
-! 279 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-! 281 ! adjust_montf_result(result,nint,nlen);
-
-/* 0x002c 281 ( 4 5) */ or %g0,1,%o4
-/* 0x0030 187 ( 6 9) */ ldd [%fp+96],%f0
-/* 0x0034 196 ( 7 10) */ ld [%fp+92],%o0
-/* 0x0038 187 ( 8 9) */ fmovd %f0,%f16
-/* 0x003c 196 ( 9 10) */ sll %o0,4,%g2
-/* 0x0040 ( 9 10) */ or %g0,%o0,%g1
-/* 0x0044 198 (10 11) */ cmp %o0,16
-/* 0x0048 (10 11) */ be,pn %icc,.L77000289 ! tprob=0.50
-/* 0x004c (10 11) */ std %f2,[%o1+%g2]
-/* 0x0050 200 (11 12) */ sll %o0,2,%g2
-/* 0x0054 (11 14) */ ldd [%g4],%f2
-/* 0x0058 (12 13) */ add %g2,2,%o1
-/* 0x005c (12 13) */ add %g2,1,%o3
-/* 0x0060 196 (13 14) */ sll %o0,1,%o7
-/* 0x0064 200 (13 14) */ cmp %o1,0
-/* 0x0068 (13 14) */ ble,a,pt %icc,.L900000755 ! tprob=0.55
-/* 0x006c (14 17) */ ldd [%i1],%f0
-/* 0x0070 (14 15) */ cmp %o1,3
-/* 0x0074 281 (14 15) */ or %g0,1,%o1
-/* 0x0078 (14 15) */ bl,pn %icc,.L77000279 ! tprob=0.40
-/* 0x007c (15 16) */ add %o2,8,%o0
-/* 0x0080 (15 16) */ std %f2,[%g5]
-/* 0x0084 0 (16 17) */ or %g0,%o0,%o2
- .L900000726: /* frequency 64.0 confidence 0.0 */
-/* 0x0088 ( 3 5) */ ldd [%g4],%f0
-/* 0x008c ( 3 4) */ add %o4,1,%o4
-/* 0x0090 ( 3 4) */ add %o2,8,%o2
-/* 0x0094 ( 4 4) */ cmp %o4,%o3
-/* 0x0098 ( 5 6) */ ble,pt %icc,.L900000726 ! tprob=0.50
-/* 0x009c ( 5 6) */ std %f0,[%o2-8]
- .L900000729: /* frequency 8.0 confidence 0.0 */
-/* 0x00a0 ( 0 1) */ ba .L900000755 ! tprob=1.00
-/* 0x00a4 ( 0 3) */ ldd [%i1],%f0
- .L77000279: /* frequency 0.6 confidence 0.0 */
-/* 0x00a8 ( 0 1) */ std %f2,[%o2]
- .L900000754: /* frequency 5.3 confidence 0.0 */
-/* 0x00ac ( 0 3) */ ldd [%g4],%f2
-/* 0x00b0 ( 0 1) */ cmp %o1,%o3
-/* 0x00b4 ( 0 1) */ add %o2,8,%o2
-/* 0x00b8 ( 1 2) */ add %o1,1,%o1
-/* 0x00bc ( 1 2) */ ble,a,pt %icc,.L900000754 ! tprob=0.87
-/* 0x00c0 ( 3 4) */ std %f2,[%o2]
- .L77000284: /* frequency 0.8 confidence 0.0 */
-/* 0x00c4 202 ( 0 3) */ ldd [%i1],%f0
- .L900000755: /* frequency 0.8 confidence 0.0 */
-/* 0x00c8 202 ( 0 3) */ ldd [%i0],%f2
-/* 0x00cc ( 0 1) */ add %o7,1,%o2
-/* 0x00d0 206 ( 0 1) */ cmp %o7,0
-/* 0x00d4 ( 1 2) */ sll %o2,1,%o0
-/* 0x00d8 ( 1 2) */ sub %o7,1,%o1
-/* 0x00dc 202 ( 2 5) */ fmuld %f0,%f2,%f0
-/* 0x00e0 ( 2 3) */ std %f0,[%g5]
-/* 0x00e4 ( 2 3) */ sub %g1,1,%o7
-/* 0x00e8 ( 3 6) */ ldd [%g4],%f6
-/* 0x00ec 0 ( 3 4) */ or %g0,%o7,%g3
-/* 0x00f0 ( 3 4) */ or %g0,0,%l0
-/* 0x00f4 ( 4 7) */ ldd [%g4-8],%f2
-/* 0x00f8 ( 4 5) */ or %g0,0,%i5
-/* 0x00fc ( 4 5) */ or %g0,%o1,%o5
-/* 0x0100 ( 5 8) */ fdtox %f0,%f0
-/* 0x0104 ( 5 8) */ ldd [%g4-16],%f4
-/* 0x0108 ( 5 6) */ or %g0,%o0,%o3
-/* 0x010c 210 ( 6 7) */ add %i0,8,%o4
-/* 0x0110 ( 6 7) */ or %g0,0,%i4
-/* 0x0114 ( 9 10) */ fmovs %f6,%f0
-/* 0x0118 (11 14) */ fxtod %f0,%f0
-/* 0x011c 203 (14 17) */ fmuld %f0,%f16,%f0
-/* 0x0120 (17 20) */ fmuld %f0,%f2,%f2
-/* 0x0124 (20 23) */ fdtox %f2,%f2
-/* 0x0128 (23 26) */ fxtod %f2,%f2
-/* 0x012c (26 29) */ fmuld %f2,%f4,%f2
-/* 0x0130 (29 32) */ fsubd %f0,%f2,%f22
-/* 0x0134 206 (29 30) */ ble,pt %icc,.L900000748 ! tprob=0.60
-/* 0x0138 (29 30) */ sll %g1,4,%g2
-/* 0x013c 210 (30 33) */ ldd [%i2],%f0
- .L900000749: /* frequency 5.3 confidence 0.0 */
-/* 0x0140 210 ( 0 3) */ fmuld %f0,%f22,%f8
-/* 0x0144 ( 0 3) */ ldd [%i1],%f0
-/* 0x0148 214 ( 0 1) */ cmp %g1,1
-/* 0x014c 210 ( 1 4) */ ldd [%o4+%i4],%f6
-/* 0x0150 ( 1 2) */ add %i1,8,%o0
-/* 0x0154 214 ( 1 2) */ or %g0,1,%o1
-/* 0x0158 210 ( 2 5) */ ldd [%i3],%f2
-/* 0x015c ( 2 3) */ add %i3,16,%l1
-/* 0x0160 ( 3 6) */ fmuld %f0,%f6,%f6
-/* 0x0164 ( 3 6) */ ldd [%g4-8],%f4
-/* 0x0168 ( 4 7) */ faddd %f2,%f8,%f2
-/* 0x016c ( 4 7) */ ldd [%i3+8],%f0
-/* 0x0170 208 ( 5 8) */ ldd [%i0+%i4],%f20
-/* 0x0174 210 ( 6 9) */ faddd %f0,%f6,%f0
-/* 0x0178 ( 7 10) */ fmuld %f2,%f4,%f2
-/* 0x017c (10 13) */ faddd %f0,%f2,%f18
-/* 0x0180 211 (10 11) */ std %f18,[%i3+8]
-/* 0x0184 214 (10 11) */ ble,pt %icc,.L900000753 ! tprob=0.54
-/* 0x0188 (11 12) */ srl %i5,31,%g2
-/* 0x018c (11 12) */ cmp %g3,7
-/* 0x0190 210 (12 13) */ add %i2,8,%g2
-/* 0x0194 214 (12 13) */ bl,pn %icc,.L77000281 ! tprob=0.36
-/* 0x0198 (13 14) */ add %g2,24,%o2
-/* 0x019c 216 (13 16) */ ldd [%o0+16],%f14
-/* 0x01a0 (13 14) */ add %i3,48,%l1
-/* 0x01a4 (14 17) */ ldd [%o0+24],%f12
-/* 0x01a8 0 (14 15) */ or %g0,%o2,%g2
-/* 0x01ac 214 (14 15) */ sub %g1,3,%o2
-/* 0x01b0 216 (15 18) */ ldd [%o0],%f2
-/* 0x01b4 (15 16) */ or %g0,5,%o1
-/* 0x01b8 (16 19) */ ldd [%g2-24],%f0
-/* 0x01bc (17 20) */ ldd [%o0+8],%f6
-/* 0x01c0 (17 20) */ fmuld %f2,%f20,%f2
-/* 0x01c4 (17 18) */ add %o0,32,%o0
-/* 0x01c8 (18 21) */ ldd [%g2-16],%f8
-/* 0x01cc (18 21) */ fmuld %f0,%f22,%f4
-/* 0x01d0 (19 22) */ ldd [%i3+16],%f0
-/* 0x01d4 (19 22) */ fmuld %f6,%f20,%f10
-/* 0x01d8 (20 23) */ ldd [%g2-8],%f6
-/* 0x01dc (21 24) */ faddd %f2,%f4,%f4
-/* 0x01e0 (21 24) */ ldd [%i3+32],%f2
- .L900000738: /* frequency 512.0 confidence 0.0 */
-/* 0x01e4 216 (16 24) */ ldd [%g2],%f24
-/* 0x01e8 (16 17) */ add %o1,3,%o1
-/* 0x01ec (16 17) */ add %g2,24,%g2
-/* 0x01f0 (16 19) */ fmuld %f8,%f22,%f8
-/* 0x01f4 (17 25) */ ldd [%l1],%f28
-/* 0x01f8 (17 17) */ cmp %o1,%o2
-/* 0x01fc (17 18) */ add %o0,24,%o0
-/* 0x0200 (18 26) */ ldd [%o0-24],%f26
-/* 0x0204 (18 21) */ faddd %f0,%f4,%f0
-/* 0x0208 (18 19) */ add %l1,48,%l1
-/* 0x020c (19 22) */ faddd %f10,%f8,%f10
-/* 0x0210 (19 22) */ fmuld %f14,%f20,%f4
-/* 0x0214 (19 20) */ std %f0,[%l1-80]
-/* 0x0218 (20 28) */ ldd [%g2-16],%f8
-/* 0x021c (20 23) */ fmuld %f6,%f22,%f6
-/* 0x0220 (21 29) */ ldd [%l1-32],%f0
-/* 0x0224 (22 30) */ ldd [%o0-16],%f14
-/* 0x0228 (22 25) */ faddd %f2,%f10,%f2
-/* 0x022c (23 26) */ faddd %f4,%f6,%f10
-/* 0x0230 (23 26) */ fmuld %f12,%f20,%f4
-/* 0x0234 (23 24) */ std %f2,[%l1-64]
-/* 0x0238 (24 32) */ ldd [%g2-8],%f6
-/* 0x023c (24 27) */ fmuld %f24,%f22,%f24
-/* 0x0240 (25 33) */ ldd [%l1-16],%f2
-/* 0x0244 (26 34) */ ldd [%o0-8],%f12
-/* 0x0248 (26 29) */ faddd %f28,%f10,%f10
-/* 0x024c (27 28) */ std %f10,[%l1-48]
-/* 0x0250 (27 30) */ fmuld %f26,%f20,%f10
-/* 0x0254 (27 28) */ ble,pt %icc,.L900000738 ! tprob=0.50
-/* 0x0258 (27 30) */ faddd %f4,%f24,%f4
- .L900000741: /* frequency 64.0 confidence 0.0 */
-/* 0x025c 216 ( 0 3) */ fmuld %f8,%f22,%f28
-/* 0x0260 ( 0 3) */ ldd [%g2],%f24
-/* 0x0264 ( 0 3) */ faddd %f0,%f4,%f26
-/* 0x0268 ( 1 4) */ fmuld %f12,%f20,%f8
-/* 0x026c ( 1 2) */ add %l1,32,%l1
-/* 0x0270 ( 1 2) */ cmp %o1,%g3
-/* 0x0274 ( 2 5) */ fmuld %f14,%f20,%f14
-/* 0x0278 ( 2 5) */ ldd [%l1-32],%f4
-/* 0x027c ( 2 3) */ add %g2,8,%g2
-/* 0x0280 ( 3 6) */ faddd %f10,%f28,%f12
-/* 0x0284 ( 3 6) */ fmuld %f6,%f22,%f6
-/* 0x0288 ( 3 6) */ ldd [%l1-16],%f0
-/* 0x028c ( 4 7) */ fmuld %f24,%f22,%f10
-/* 0x0290 ( 4 5) */ std %f26,[%l1-64]
-/* 0x0294 ( 6 9) */ faddd %f2,%f12,%f2
-/* 0x0298 ( 6 7) */ std %f2,[%l1-48]
-/* 0x029c ( 7 10) */ faddd %f14,%f6,%f6
-/* 0x02a0 ( 8 11) */ faddd %f8,%f10,%f2
-/* 0x02a4 (10 13) */ faddd %f4,%f6,%f4
-/* 0x02a8 (10 11) */ std %f4,[%l1-32]
-/* 0x02ac (11 14) */ faddd %f0,%f2,%f0
-/* 0x02b0 (11 12) */ bg,pn %icc,.L77000213 ! tprob=0.13
-/* 0x02b4 (11 12) */ std %f0,[%l1-16]
- .L77000281: /* frequency 4.0 confidence 0.0 */
-/* 0x02b8 216 ( 0 3) */ ldd [%o0],%f0
- .L900000752: /* frequency 36.6 confidence 0.0 */
-/* 0x02bc 216 ( 0 3) */ ldd [%g2],%f4
-/* 0x02c0 ( 0 3) */ fmuld %f0,%f20,%f2
-/* 0x02c4 ( 0 1) */ add %o1,1,%o1
-/* 0x02c8 ( 1 4) */ ldd [%l1],%f0
-/* 0x02cc ( 1 2) */ add %o0,8,%o0
-/* 0x02d0 ( 1 2) */ add %g2,8,%g2
-/* 0x02d4 ( 2 5) */ fmuld %f4,%f22,%f4
-/* 0x02d8 ( 2 3) */ cmp %o1,%g3
-/* 0x02dc ( 5 8) */ faddd %f2,%f4,%f2
-/* 0x02e0 ( 8 11) */ faddd %f0,%f2,%f0
-/* 0x02e4 ( 8 9) */ std %f0,[%l1]
-/* 0x02e8 ( 8 9) */ add %l1,16,%l1
-/* 0x02ec ( 8 9) */ ble,a,pt %icc,.L900000752 ! tprob=0.87
-/* 0x02f0 (10 13) */ ldd [%o0],%f0
- .L77000213: /* frequency 5.3 confidence 0.0 */
-/* 0x02f4 ( 0 1) */ srl %i5,31,%g2
- .L900000753: /* frequency 5.3 confidence 0.0 */
-/* 0x02f8 218 ( 0 1) */ cmp %l0,30
-/* 0x02fc ( 0 1) */ bne,a,pt %icc,.L900000751 ! tprob=0.54
-/* 0x0300 ( 0 3) */ fdtox %f18,%f0
-/* 0x0304 ( 1 2) */ add %i5,%g2,%g2
-/* 0x0308 ( 1 2) */ sub %o3,1,%o2
-/* 0x030c ( 2 3) */ sra %g2,1,%o0
-/* 0x0310 216 ( 2 5) */ ldd [%g4],%f0
-/* 0x0314 ( 3 4) */ add %o0,1,%g2
-/* 0x0318 ( 4 5) */ sll %g2,1,%o0
-/* 0x031c ( 4 5) */ fmovd %f0,%f2
-/* 0x0320 ( 5 6) */ sll %g2,4,%o1
-/* 0x0324 ( 5 6) */ cmp %o0,%o3
-/* 0x0328 ( 5 6) */ bge,pt %icc,.L77000215 ! tprob=0.53
-/* 0x032c ( 6 7) */ or %g0,0,%l0
-/* 0x0330 218 ( 6 7) */ add %g5,%o1,%o1
-/* 0x0334 216 ( 7 10) */ ldd [%o1],%f8
- .L900000750: /* frequency 32.0 confidence 0.0 */
-/* 0x0338 ( 0 3) */ fdtox %f8,%f6
-/* 0x033c ( 0 3) */ ldd [%g4],%f10
-/* 0x0340 ( 0 1) */ add %o0,2,%o0
-/* 0x0344 ( 1 4) */ ldd [%o1+8],%f4
-/* 0x0348 ( 1 4) */ fdtox %f8,%f8
-/* 0x034c ( 1 2) */ cmp %o0,%o2
-/* 0x0350 ( 5 6) */ fmovs %f10,%f6
-/* 0x0354 ( 7 10) */ fxtod %f6,%f10
-/* 0x0358 ( 8 11) */ fdtox %f4,%f6
-/* 0x035c ( 9 12) */ fdtox %f4,%f4
-/* 0x0360 (10 13) */ faddd %f10,%f2,%f2
-/* 0x0364 (10 11) */ std %f2,[%o1]
-/* 0x0368 (12 15) */ ldd [%g4],%f2
-/* 0x036c (14 15) */ fmovs %f2,%f6
-/* 0x0370 (16 19) */ fxtod %f6,%f6
-/* 0x0374 (17 20) */ fitod %f8,%f2
-/* 0x0378 (19 22) */ faddd %f6,%f0,%f0
-/* 0x037c (19 20) */ std %f0,[%o1+8]
-/* 0x0380 (19 20) */ add %o1,16,%o1
-/* 0x0384 (20 23) */ fitod %f4,%f0
-/* 0x0388 (20 21) */ ble,a,pt %icc,.L900000750 ! tprob=0.87
-/* 0x038c (20 23) */ ldd [%o1],%f8
- .L77000233: /* frequency 4.6 confidence 0.0 */
-/* 0x0390 ( 0 0) */ or %g0,0,%l0
- .L77000215: /* frequency 5.3 confidence 0.0 */
-/* 0x0394 ( 0 3) */ fdtox %f18,%f0
- .L900000751: /* frequency 5.3 confidence 0.0 */
-/* 0x0398 ( 0 3) */ ldd [%g4],%f6
-/* 0x039c 220 ( 0 1) */ add %i5,1,%i5
-/* 0x03a0 ( 0 1) */ add %i4,8,%i4
-/* 0x03a4 ( 1 4) */ ldd [%g4-8],%f2
-/* 0x03a8 ( 1 2) */ add %l0,1,%l0
-/* 0x03ac ( 1 2) */ add %i3,8,%i3
-/* 0x03b0 ( 2 3) */ fmovs %f6,%f0
-/* 0x03b4 ( 2 5) */ ldd [%g4-16],%f4
-/* 0x03b8 ( 2 3) */ cmp %i5,%o5
-/* 0x03bc ( 4 7) */ fxtod %f0,%f0
-/* 0x03c0 ( 7 10) */ fmuld %f0,%f16,%f0
-/* 0x03c4 (10 13) */ fmuld %f0,%f2,%f2
-/* 0x03c8 (13 16) */ fdtox %f2,%f2
-/* 0x03cc (16 19) */ fxtod %f2,%f2
-/* 0x03d0 (19 22) */ fmuld %f2,%f4,%f2
-/* 0x03d4 (22 25) */ fsubd %f0,%f2,%f22
-/* 0x03d8 (22 23) */ ble,a,pt %icc,.L900000749 ! tprob=0.89
-/* 0x03dc (22 25) */ ldd [%i2],%f0
- .L900000725: /* frequency 0.7 confidence 0.0 */
-/* 0x03e0 220 ( 0 1) */ ba .L900000748 ! tprob=1.00
-/* 0x03e4 ( 0 1) */ sll %g1,4,%g2
-
-
- .L77000289: /* frequency 0.8 confidence 0.0 */
-/* 0x03e8 225 ( 0 3) */ ldd [%o1],%f6
-/* 0x03ec 242 ( 0 1) */ add %g4,-8,%g2
-/* 0x03f0 ( 0 1) */ add %g4,-16,%g3
-/* 0x03f4 225 ( 1 4) */ ldd [%i1],%f2
-/* 0x03f8 245 ( 1 2) */ or %g0,0,%o3
-/* 0x03fc ( 1 2) */ or %g0,0,%o0
-/* 0x0400 225 ( 3 6) */ fmuld %f2,%f6,%f2
-/* 0x0404 ( 3 4) */ std %f2,[%o2]
-/* 0x0408 ( 4 7) */ ldd [%g4],%f6
-/* 0x040c 237 ( 7 8) */ std %f6,[%o2+8]
-/* 0x0410 ( 8 9) */ std %f6,[%o2+16]
-/* 0x0414 ( 9 10) */ std %f6,[%o2+24]
-/* 0x0418 (10 11) */ std %f6,[%o2+32]
-/* 0x041c (11 12) */ std %f6,[%o2+40]
-/* 0x0420 (12 13) */ std %f6,[%o2+48]
-/* 0x0424 (13 14) */ std %f6,[%o2+56]
-/* 0x0428 (14 15) */ std %f6,[%o2+64]
-/* 0x042c (15 16) */ std %f6,[%o2+72]
-! prefetch [%i4],0
-! prefetch [%i4+32],0
-! prefetch [%i4+64],0
-! prefetch [%i4+96],0
-! prefetch [%i4+120],0
-! prefetch [%i1],0
-! prefetch [%i1+32],0
-! prefetch [%i1+64],0
-! prefetch [%i1+96],0
-! prefetch [%i1+120],0
-/* 0x0430 (16 17) */ std %f6,[%o2+80]
-/* 0x0434 (17 18) */ std %f6,[%o2+88]
-/* 0x0438 (18 19) */ std %f6,[%o2+96]
-/* 0x043c (19 20) */ std %f6,[%o2+104]
-/* 0x0440 (20 21) */ std %f6,[%o2+112]
-/* 0x0444 (21 22) */ std %f6,[%o2+120]
-/* 0x0448 (22 23) */ std %f6,[%o2+128]
-/* 0x044c (23 24) */ std %f6,[%o2+136]
-/* 0x0450 (24 25) */ std %f6,[%o2+144]
-/* 0x0454 (25 26) */ std %f6,[%o2+152]
-/* 0x0458 (26 27) */ std %f6,[%o2+160]
-/* 0x045c (27 28) */ std %f6,[%o2+168]
-/* 0x0460 (27 30) */ fdtox %f2,%f2
-/* 0x0464 (28 29) */ std %f6,[%o2+176]
-/* 0x0468 (29 30) */ std %f6,[%o2+184]
-/* 0x046c (30 31) */ std %f6,[%o2+192]
-/* 0x0470 (31 32) */ std %f6,[%o2+200]
-/* 0x0474 (32 33) */ std %f6,[%o2+208]
-/* 0x0478 (33 34) */ std %f6,[%o2+216]
-/* 0x047c (34 35) */ std %f6,[%o2+224]
-/* 0x0480 (35 36) */ std %f6,[%o2+232]
-/* 0x0484 (36 37) */ std %f6,[%o2+240]
-/* 0x0488 (37 38) */ std %f6,[%o2+248]
-/* 0x048c (38 39) */ std %f6,[%o2+256]
-/* 0x0490 (39 40) */ std %f6,[%o2+264]
-/* 0x0494 (40 41) */ std %f6,[%o2+272]
-/* 0x0498 (41 42) */ std %f6,[%o2+280]
-/* 0x049c (42 43) */ std %f6,[%o2+288]
-/* 0x04a0 (43 44) */ std %f6,[%o2+296]
-/* 0x04a4 (44 45) */ std %f6,[%o2+304]
-/* 0x04a8 (45 46) */ std %f6,[%o2+312]
-/* 0x04ac (46 47) */ std %f6,[%o2+320]
-/* 0x04b0 (47 48) */ std %f6,[%o2+328]
-/* 0x04b4 (48 49) */ std %f6,[%o2+336]
-/* 0x04b8 (49 50) */ std %f6,[%o2+344]
-/* 0x04bc (50 51) */ std %f6,[%o2+352]
-/* 0x04c0 (51 52) */ std %f6,[%o2+360]
-/* 0x04c4 (52 53) */ std %f6,[%o2+368]
-/* 0x04c8 (53 54) */ std %f6,[%o2+376]
-/* 0x04cc (54 55) */ std %f6,[%o2+384]
-/* 0x04d0 (55 56) */ std %f6,[%o2+392]
-/* 0x04d4 (56 57) */ std %f6,[%o2+400]
-/* 0x04d8 (57 58) */ std %f6,[%o2+408]
-/* 0x04dc (58 59) */ std %f6,[%o2+416]
-/* 0x04e0 (59 60) */ std %f6,[%o2+424]
-/* 0x04e4 (60 61) */ std %f6,[%o2+432]
-/* 0x04e8 (61 62) */ std %f6,[%o2+440]
-/* 0x04ec (62 63) */ std %f6,[%o2+448]
-/* 0x04f0 (63 64) */ std %f6,[%o2+456]
-/* 0x04f4 (64 65) */ std %f6,[%o2+464]
-/* 0x04f8 (65 66) */ std %f6,[%o2+472]
-/* 0x04fc (66 67) */ std %f6,[%o2+480]
-/* 0x0500 (67 68) */ std %f6,[%o2+488]
-/* 0x0504 (68 69) */ std %f6,[%o2+496]
-/* 0x0508 (69 70) */ std %f6,[%o2+504]
-/* 0x050c (70 71) */ std %f6,[%o2+512]
-/* 0x0510 (71 72) */ std %f6,[%o2+520]
-/* 0x0514 242 (72 75) */ ld [%g4],%f2 ! dalign
-/* 0x0518 (73 76) */ ld [%g2],%f6 ! dalign
-/* 0x051c (74 77) */ fxtod %f2,%f10
-/* 0x0520 (74 77) */ ld [%g2+4],%f7
-/* 0x0524 (75 78) */ ld [%g3],%f8 ! dalign
-/* 0x0528 (76 79) */ ld [%g3+4],%f9
-/* 0x052c (77 80) */ fmuld %f10,%f0,%f0
-/* 0x0530 239 (77 80) */ ldd [%i4],%f4
-/* 0x0534 240 (78 81) */ ldd [%i1],%f2
-/* 0x0538 (80 83) */ fmuld %f0,%f6,%f6
-/* 0x053c (83 86) */ fdtox %f6,%f6
-/* 0x0540 (86 89) */ fxtod %f6,%f6
-/* 0x0544 (89 92) */ fmuld %f6,%f8,%f6
-/* 0x0548 (92 95) */ fsubd %f0,%f6,%f0
-/* 0x054c 250 (95 98) */ fmuld %f4,%f0,%f10
- .L900000747: /* frequency 6.4 confidence 0.0 */
-
-
- fmovd %f0,%f0
- fmovd %f16,%f18
- ldd [%i4],%f2
- ldd [%o2],%f8
- ldd [%i1],%f10
- ldd [%g4-8],%f14
- ldd [%g4-16],%f16
- ldd [%o1],%f24
-
- ldd [%i1+8],%f26
- ldd [%i1+16],%f40
- ldd [%i1+48],%f46
- ldd [%i1+56],%f30
- ldd [%i1+64],%f54
- ldd [%i1+104],%f34
- ldd [%i1+112],%f58
-
- ldd [%i4+112],%f60
- ldd [%i4+8],%f28
- ldd [%i4+104],%f38
-
- nop
- nop
-!
- .L99999999:
-!1
-!!!
- ldd [%i1+24],%f32
- fmuld %f0,%f2,%f4
-!2
-!!!
- ldd [%i4+24],%f36
- fmuld %f26,%f24,%f20
-!3
-!!!
- ldd [%i1+40],%f42
- fmuld %f28,%f0,%f22
-!4
-!!!
- ldd [%i4+40],%f44
- fmuld %f32,%f24,%f32
-!5
-!!!
- ldd [%o1+8],%f6
- faddd %f4,%f8,%f4
- fmuld %f36,%f0,%f36
-!6
-!!!
- add %o1,8,%o1
- ldd [%i4+56],%f50
- fmuld %f42,%f24,%f42
-!7
-!!!
- ldd [%i1+72],%f52
- faddd %f20,%f22,%f20
- fmuld %f44,%f0,%f44
-!8
-!!!
- ldd [%o2+16],%f22
- fmuld %f10,%f6,%f12
-!9
-!!!
- ldd [%i4+72],%f56
- faddd %f32,%f36,%f32
- fmuld %f14,%f4,%f4
-!10
-!!!
- ldd [%o2+48],%f36
- fmuld %f30,%f24,%f48
-!11
-!!!
- ldd [%o2+8],%f8
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50
-!12
-!!!
- std %f20,[%o2+16]
- faddd %f42,%f44,%f42
- fmuld %f52,%f24,%f52
-!13
-!!!
- ldd [%o2+80],%f44
- faddd %f4,%f12,%f4
- fmuld %f56,%f0,%f56
-!14
-!!!
- ldd [%i1+88],%f20
- faddd %f32,%f36,%f32
-!15
-!!!
- ldd [%i4+88],%f22
- faddd %f48,%f50,%f48
-!16
-!!!
- ldd [%o2+112],%f50
- faddd %f52,%f56,%f52
-!17
-!!!
- ldd [%o2+144],%f56
- faddd %f4,%f8,%f8
- fmuld %f20,%f24,%f20
-!18
-!!!
- std %f32,[%o2+48]
- faddd %f42,%f44,%f42
- fmuld %f22,%f0,%f22
-!19
-!!!
- std %f42,[%o2+80]
- faddd %f48,%f50,%f48
- fmuld %f34,%f24,%f32
-!20
-!!!
- std %f48,[%o2+112]
- faddd %f52,%f56,%f52
- fmuld %f38,%f0,%f36
-!21
-!!!
- ldd [%i1+120],%f42
- fdtox %f8,%f4
-!22
-!!!
- std %f52,[%o2+144]
- faddd %f20,%f22,%f20
-!23
-!!!
- ldd [%i4+120],%f44
-!24
-!!!
- ldd [%o2+176],%f22
- faddd %f32,%f36,%f32
- fmuld %f42,%f24,%f42
-!25
-!!!
- ldd [%i4+16],%f50
- fmovs %f17,%f4
-!26
-!!!
- ldd [%i1+32],%f52
- fmuld %f44,%f0,%f44
-!27
-!!!
- ldd [%i4+32],%f56
- fmuld %f40,%f24,%f48
-!28
-!!!
- ldd [%o2+208],%f36
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50
-!29
-!!!
- std %f20,[%o2+176]
- fxtod %f4,%f4
- fmuld %f52,%f24,%f52
-!30
-!!!
- ldd [%i4+48],%f22
- faddd %f42,%f44,%f42
- fmuld %f56,%f0,%f56
-!31
-!!!
- ldd [%o2+240],%f44
- faddd %f32,%f36,%f32
-!32
-!!!
- std %f32,[%o2+208]
- faddd %f48,%f50,%f48
- fmuld %f46,%f24,%f20
-!33
-!!!
- ldd [%o2+32],%f50
- fmuld %f4,%f18,%f12
-!34
-!!!
- ldd [%i4+64],%f36
- faddd %f52,%f56,%f52
- fmuld %f22,%f0,%f22
-!35
-!!!
- ldd [%o2+64],%f56
- faddd %f42,%f44,%f42
-!36
-!!!
- std %f42,[%o2+240]
- faddd %f48,%f50,%f48
- fmuld %f54,%f24,%f32
-!37
-!!!
- std %f48,[%o2+32]
- fmuld %f12,%f14,%f4
-!38
-!!!
- ldd [%i1+80],%f42
- faddd %f52,%f56,%f56 ! yes, tmp52!
- fmuld %f36,%f0,%f36
-!39
-!!!
- ldd [%i4+80],%f44
- faddd %f20,%f22,%f20
-!40
-!!!
- ldd [%i1+96],%f48
- fmuld %f58,%f24,%f52
-!41
-!!!
- ldd [%i4+96],%f50
- fdtox %f4,%f4
- fmuld %f42,%f24,%f42
-!42
-!!!
- std %f56,[%o2+64] ! yes, tmp52!
- faddd %f32,%f36,%f32
- fmuld %f44,%f0,%f44
-!43
-!!!
- ldd [%o2+96],%f22
- fmuld %f48,%f24,%f48
-!44
-!!!
- ldd [%o2+128],%f36
- fmovd %f6,%f24
- fmuld %f50,%f0,%f50
-!45
-!!!
- fxtod %f4,%f4
- fmuld %f60,%f0,%f56
-!46
-!!!
- add %o2,8,%o2
- faddd %f42,%f44,%f42
-!47
-!!!
- ldd [%o2+160-8],%f44
- faddd %f20,%f22,%f20
-!48
-!!!
- std %f20,[%o2+96-8]
- faddd %f48,%f50,%f48
-!49
-!!!
- ldd [%o2+192-8],%f50
- faddd %f52,%f56,%f52
- fmuld %f4,%f16,%f4
-!50
-!!!
- ldd [%o2+224-8],%f56
- faddd %f32,%f36,%f32
-!51
-!!!
- std %f32,[%o2+128-8]
- faddd %f42,%f44,%f42
-!52
- add %o3,1,%o3
- std %f42,[%o2+160-8]
- faddd %f48,%f50,%f48
-!53
-!!!
- cmp %o3,31
- std %f48,[%o2+192-8]
- faddd %f52,%f56,%f52
-!54
- std %f52,[%o2+224-8]
- ble,pt %icc,.L99999999
- fsubd %f12,%f4,%f0
-
-
-
-!55
- std %f8,[%o2]
-
-
-
-
-
-
- .L77000285: /* frequency 1.0 confidence 0.0 */
-/* 0x07a8 279 ( 0 1) */ sll %g1,4,%g2
- .L900000748: /* frequency 1.0 confidence 0.0 */
-/* 0x07ac 279 ( 0 3) */ ldd [%g5+%g2],%f0
-/* 0x07b0 ( 0 1) */ add %g5,%g2,%i1
-/* 0x07b4 ( 0 1) */ or %g0,0,%o4
-/* 0x07b8 206 ( 1 4) */ ld [%fp+68],%o0
-/* 0x07bc 279 ( 1 2) */ or %g0,0,%i0
-/* 0x07c0 ( 1 2) */ cmp %g1,0
-/* 0x07c4 ( 2 5) */ fdtox %f0,%f0
-/* 0x07c8 ( 2 3) */ std %f0,[%sp+120]
-/* 0x07cc 275 ( 2 3) */ sethi %hi(0xfc00),%o1
-/* 0x07d0 206 ( 3 4) */ or %g0,%o0,%o3
-/* 0x07d4 275 ( 3 4) */ sub %g1,1,%g4
-/* 0x07d8 279 ( 4 7) */ ldd [%i1+8],%f0
-/* 0x07dc ( 4 5) */ or %g0,%o0,%g5
-/* 0x07e0 ( 4 5) */ add %o1,1023,%o1
-/* 0x07e4 ( 6 9) */ fdtox %f0,%f0
-/* 0x07e8 ( 6 7) */ std %f0,[%sp+112]
-/* 0x07ec (10 12) */ ldx [%sp+112],%o5
-/* 0x07f0 (11 13) */ ldx [%sp+120],%o7
-/* 0x07f4 (11 12) */ ble,pt %icc,.L900000746 ! tprob=0.56
-/* 0x07f8 (11 12) */ sethi %hi(0xfc00),%g2
-/* 0x07fc 275 (12 13) */ or %g0,-1,%g2
-/* 0x0800 279 (12 13) */ cmp %g1,3
-/* 0x0804 275 (13 14) */ srl %g2,0,%o2
-/* 0x0808 279 (13 14) */ bl,pn %icc,.L77000286 ! tprob=0.44
-/* 0x080c (13 14) */ or %g0,%i1,%g2
-/* 0x0810 (14 17) */ ldd [%i1+16],%f0
-/* 0x0814 (14 15) */ and %o5,%o1,%o0
-/* 0x0818 (14 15) */ add %i1,16,%g2
-/* 0x081c (15 16) */ sllx %o0,16,%g3
-/* 0x0820 (15 16) */ and %o7,%o2,%o0
-/* 0x0824 (16 19) */ fdtox %f0,%f0
-/* 0x0828 (16 17) */ std %f0,[%sp+104]
-/* 0x082c (16 17) */ add %o0,%g3,%o4
-/* 0x0830 (17 20) */ ldd [%i1+24],%f2
-/* 0x0834 (17 18) */ srax %o5,16,%o0
-/* 0x0838 (17 18) */ add %o3,4,%g5
-/* 0x083c (18 19) */ stx %o0,[%sp+128]
-/* 0x0840 (18 19) */ and %o4,%o2,%o0
-/* 0x0844 (18 19) */ or %g0,1,%i0
-/* 0x0848 (19 20) */ stx %o0,[%sp+112]
-/* 0x084c (19 20) */ srax %o4,32,%o0
-/* 0x0850 (19 22) */ fdtox %f2,%f0
-/* 0x0854 (20 21) */ stx %o0,[%sp+136]
-/* 0x0858 (20 21) */ srax %o7,32,%o4
-/* 0x085c (21 22) */ std %f0,[%sp+96]
-/* 0x0860 (22 24) */ ldx [%sp+136],%o7
-/* 0x0864 (23 25) */ ldx [%sp+128],%o0
-/* 0x0868 (25 27) */ ldx [%sp+104],%g3
-/* 0x086c (25 26) */ add %o0,%o7,%o0
-/* 0x0870 (26 28) */ ldx [%sp+112],%o7
-/* 0x0874 (26 27) */ add %o4,%o0,%o4
-/* 0x0878 (27 29) */ ldx [%sp+96],%o5
-/* 0x087c (28 29) */ st %o7,[%o3]
-/* 0x0880 (28 29) */ or %g0,%g3,%o7
- .L900000730: /* frequency 64.0 confidence 0.0 */
-/* 0x0884 (17 19) */ ldd [%g2+16],%f0
-/* 0x0888 (17 18) */ add %i0,1,%i0
-/* 0x088c (17 18) */ add %g5,4,%g5
-/* 0x0890 (18 18) */ cmp %i0,%g4
-/* 0x0894 (18 19) */ add %g2,16,%g2
-/* 0x0898 (19 22) */ fdtox %f0,%f0
-/* 0x089c (20 21) */ std %f0,[%sp+104]
-/* 0x08a0 (21 23) */ ldd [%g2+8],%f0
-/* 0x08a4 (23 26) */ fdtox %f0,%f0
-/* 0x08a8 (24 25) */ std %f0,[%sp+96]
-/* 0x08ac (25 26) */ and %o5,%o1,%g3
-/* 0x08b0 (26 27) */ sllx %g3,16,%g3
-/* 0x08b4 ( 0 0) */ stx %g3,[%sp+120]
-/* 0x08b8 (26 27) */ and %o7,%o2,%g3
-/* 0x08bc ( 0 0) */ stx %o7,[%sp+128]
-/* 0x08c0 ( 0 0) */ ldx [%sp+120],%o7
-/* 0x08c4 (27 27) */ add %g3,%o7,%g3
-/* 0x08c8 ( 0 0) */ ldx [%sp+128],%o7
-/* 0x08cc (28 29) */ srax %o5,16,%o5
-/* 0x08d0 (28 28) */ add %g3,%o4,%g3
-/* 0x08d4 (29 30) */ srax %g3,32,%o4
-/* 0x08d8 ( 0 0) */ stx %o4,[%sp+112]
-/* 0x08dc (30 31) */ srax %o7,32,%o4
-/* 0x08e0 ( 0 0) */ ldx [%sp+112],%o7
-/* 0x08e4 (30 31) */ add %o5,%o7,%o7
-/* 0x08e8 (31 33) */ ldx [%sp+96],%o5
-/* 0x08ec (31 32) */ add %o4,%o7,%o4
-/* 0x08f0 (32 33) */ and %g3,%o2,%g3
-/* 0x08f4 ( 0 0) */ ldx [%sp+104],%o7
-/* 0x08f8 (33 34) */ ble,pt %icc,.L900000730 ! tprob=0.50
-/* 0x08fc (33 34) */ st %g3,[%g5-4]
- .L900000733: /* frequency 8.0 confidence 0.0 */
-/* 0x0900 ( 0 1) */ ba .L900000746 ! tprob=1.00
-/* 0x0904 ( 0 1) */ sethi %hi(0xfc00),%g2
- .L77000286: /* frequency 0.7 confidence 0.0 */
-/* 0x0908 ( 0 3) */ ldd [%g2+16],%f0
- .L900000745: /* frequency 6.4 confidence 0.0 */
-/* 0x090c ( 0 1) */ and %o7,%o2,%o0
-/* 0x0910 ( 0 1) */ and %o5,%o1,%g3
-/* 0x0914 ( 0 3) */ fdtox %f0,%f0
-/* 0x0918 ( 1 2) */ add %o4,%o0,%o0
-/* 0x091c ( 1 2) */ std %f0,[%sp+104]
-/* 0x0920 ( 1 2) */ add %i0,1,%i0
-/* 0x0924 ( 2 3) */ sllx %g3,16,%o4
-/* 0x0928 ( 2 5) */ ldd [%g2+24],%f2
-/* 0x092c ( 2 3) */ add %g2,16,%g2
-/* 0x0930 ( 3 4) */ add %o0,%o4,%o4
-/* 0x0934 ( 3 4) */ cmp %i0,%g4
-/* 0x0938 ( 4 5) */ srax %o5,16,%o0
-/* 0x093c ( 4 5) */ stx %o0,[%sp+112]
-/* 0x0940 ( 4 5) */ and %o4,%o2,%g3
-/* 0x0944 ( 5 6) */ srax %o4,32,%o5
-/* 0x0948 ( 5 8) */ fdtox %f2,%f0
-/* 0x094c ( 5 6) */ std %f0,[%sp+96]
-/* 0x0950 ( 6 7) */ srax %o7,32,%o4
-/* 0x0954 ( 6 8) */ ldx [%sp+112],%o7
-/* 0x0958 ( 8 9) */ add %o7,%o5,%o7
-/* 0x095c ( 9 11) */ ldx [%sp+104],%o5
-/* 0x0960 ( 9 10) */ add %o4,%o7,%o4
-/* 0x0964 (10 12) */ ldx [%sp+96],%o0
-/* 0x0968 (11 12) */ st %g3,[%g5]
-/* 0x096c (11 12) */ or %g0,%o5,%o7
-/* 0x0970 (11 12) */ add %g5,4,%g5
-/* 0x0974 (12 13) */ or %g0,%o0,%o5
-/* 0x0978 (12 13) */ ble,a,pt %icc,.L900000745 ! tprob=0.86
-/* 0x097c (12 15) */ ldd [%g2+16],%f0
- .L77000236: /* frequency 1.0 confidence 0.0 */
-/* 0x0980 ( 0 1) */ sethi %hi(0xfc00),%g2
- .L900000746: /* frequency 1.0 confidence 0.0 */
-/* 0x0984 ( 0 1) */ or %g0,-1,%o0
-/* 0x0988 ( 0 1) */ add %g2,1023,%g2
-/* 0x098c ( 0 3) */ ld [%fp+88],%o1
-/* 0x0990 ( 1 2) */ srl %o0,0,%g3
-/* 0x0994 ( 1 2) */ and %o5,%g2,%g2
-/* 0x0998 ( 2 3) */ and %o7,%g3,%g4
-/* 0x099c 281 ( 2 3) */ or %g0,-1,%o5
-/* 0x09a0 275 ( 3 4) */ sllx %g2,16,%g2
-/* 0x09a4 ( 3 4) */ add %o4,%g4,%g4
-/* 0x09a8 ( 4 5) */ add %g4,%g2,%g2
-/* 0x09ac ( 5 6) */ sll %i0,2,%g4
-/* 0x09b0 ( 5 6) */ and %g2,%g3,%g2
-/* 0x09b4 ( 6 7) */ st %g2,[%o3+%g4]
-/* 0x09b8 281 ( 6 7) */ sll %g1,2,%g2
-/* 0x09bc ( 7 10) */ ld [%o3+%g2],%g2
-/* 0x09c0 ( 9 10) */ cmp %g2,0
-/* 0x09c4 ( 9 10) */ bleu,pn %icc,.L77000241 ! tprob=0.50
-/* 0x09c8 ( 9 10) */ or %g0,%o1,%o2
-/* 0x09cc (10 11) */ ba .L900000744 ! tprob=1.00
-/* 0x09d0 (10 11) */ cmp %o5,0
- .L77000241: /* frequency 0.8 confidence 0.0 */
-/* 0x09d4 ( 0 1) */ subcc %g1,1,%o5
-/* 0x09d8 ( 0 1) */ bneg,pt %icc,.L900000744 ! tprob=0.60
-/* 0x09dc ( 1 2) */ cmp %o5,0
-/* 0x09e0 ( 1 2) */ sll %o5,2,%g2
-/* 0x09e4 ( 2 3) */ add %o1,%g2,%o0
-/* 0x09e8 ( 2 3) */ add %o3,%g2,%o4
-/* 0x09ec ( 3 6) */ ld [%o0],%g2
- .L900000743: /* frequency 5.3 confidence 0.0 */
-/* 0x09f0 ( 0 3) */ ld [%o4],%g3
-/* 0x09f4 ( 0 1) */ add %o0,4,%o0
-/* 0x09f8 ( 0 1) */ add %o4,4,%o4
-/* 0x09fc ( 2 3) */ cmp %g3,%g2
-/* 0x0a00 ( 2 3) */ bne,pn %icc,.L77000244 ! tprob=0.16
-/* 0x0a04 ( 2 3) */ nop
-/* 0x0a08 ( 3 4) */ addcc %o5,1,%o5
-/* 0x0a0c ( 3 4) */ bpos,a,pt %icc,.L900000743 ! tprob=0.84
-/* 0x0a10 ( 3 6) */ ld [%o0],%g2
- .L77000244: /* frequency 1.0 confidence 0.0 */
-/* 0x0a14 ( 0 1) */ cmp %o5,0
- .L900000744: /* frequency 1.0 confidence 0.0 */
-/* 0x0a18 ( 0 1) */ bl,pn %icc,.L77000287 ! tprob=0.50
-/* 0x0a1c ( 0 1) */ sll %o5,2,%g2
-/* 0x0a20 ( 1 4) */ ld [%o2+%g2],%g3
-/* 0x0a24 ( 2 5) */ ld [%o3+%g2],%g2
-/* 0x0a28 ( 4 5) */ cmp %g2,%g3
-/* 0x0a2c ( 4 5) */ bleu,pt %icc,.L77000224 ! tprob=0.56
-/* 0x0a30 ( 4 5) */ nop
- .L77000287: /* frequency 0.8 confidence 0.0 */
-/* 0x0a34 ( 0 1) */ cmp %g1,0
-/* 0x0a38 ( 0 1) */ ble,pt %icc,.L77000224 ! tprob=0.60
-/* 0x0a3c ( 0 1) */ nop
-/* 0x0a40 281 ( 1 2) */ sub %g1,1,%o7
-/* 0x0a44 ( 1 2) */ or %g0,-1,%g2
-/* 0x0a48 ( 2 3) */ srl %g2,0,%o4
-/* 0x0a4c ( 2 3) */ add %o7,1,%o0
-/* 0x0a50 279 ( 3 4) */ or %g0,0,%o5
-/* 0x0a54 ( 3 4) */ or %g0,0,%g1
-/* 0x0a58 ( 4 5) */ cmp %o0,3
-/* 0x0a5c ( 4 5) */ bl,pn %icc,.L77000288 ! tprob=0.40
-/* 0x0a60 ( 4 5) */ add %o3,8,%o1
-/* 0x0a64 ( 5 6) */ add %o2,4,%o0
-/* 0x0a68 ( 5 8) */ ld [%o1-8],%g2
-/* 0x0a6c 0 ( 5 6) */ or %g0,%o1,%o3
-/* 0x0a70 279 ( 6 9) */ ld [%o0-4],%g3
-/* 0x0a74 0 ( 6 7) */ or %g0,%o0,%o2
-/* 0x0a78 279 ( 6 7) */ or %g0,2,%g1
-/* 0x0a7c ( 7 10) */ ld [%o3-4],%o0
-/* 0x0a80 ( 8 9) */ sub %g2,%g3,%g2
-/* 0x0a84 ( 9 10) */ or %g0,%g2,%o5
-/* 0x0a88 ( 9 10) */ and %g2,%o4,%g2
-/* 0x0a8c ( 9 10) */ st %g2,[%o3-8]
-/* 0x0a90 (10 11) */ srax %o5,32,%o5
- .L900000734: /* frequency 64.0 confidence 0.0 */
-/* 0x0a94 (12 20) */ ld [%o2],%g2
-/* 0x0a98 (12 13) */ add %g1,1,%g1
-/* 0x0a9c (12 13) */ add %o2,4,%o2
-/* 0x0aa0 (13 13) */ cmp %g1,%o7
-/* 0x0aa4 (13 14) */ add %o3,4,%o3
-/* 0x0aa8 (14 14) */ sub %o0,%g2,%o0
-/* 0x0aac (15 15) */ add %o0,%o5,%o5
-/* 0x0ab0 (16 17) */ and %o5,%o4,%g2
-/* 0x0ab4 (16 24) */ ld [%o3-4],%o0
-/* 0x0ab8 (17 18) */ st %g2,[%o3-8]
-/* 0x0abc (17 18) */ ble,pt %icc,.L900000734 ! tprob=0.50
-/* 0x0ac0 (17 18) */ srax %o5,32,%o5
- .L900000737: /* frequency 8.0 confidence 0.0 */
-/* 0x0ac4 ( 0 3) */ ld [%o2],%o1
-/* 0x0ac8 ( 2 3) */ sub %o0,%o1,%o0
-/* 0x0acc ( 3 4) */ add %o0,%o5,%o0
-/* 0x0ad0 ( 4 5) */ and %o0,%o4,%o1
-/* 0x0ad4 ( 4 5) */ st %o1,[%o3-4]
-/* 0x0ad8 ( 5 7) */ ret ! Result =
-/* 0x0adc ( 7 8) */ restore %g0,%g0,%g0
- .L77000288: /* frequency 0.6 confidence 0.0 */
-/* 0x0ae0 ( 0 3) */ ld [%o3],%o0
- .L900000742: /* frequency 5.3 confidence 0.0 */
-/* 0x0ae4 ( 0 3) */ ld [%o2],%o1
-/* 0x0ae8 ( 0 1) */ add %o5,%o0,%o0
-/* 0x0aec ( 0 1) */ add %g1,1,%g1
-/* 0x0af0 ( 1 2) */ add %o2,4,%o2
-/* 0x0af4 ( 1 2) */ cmp %g1,%o7
-/* 0x0af8 ( 2 3) */ sub %o0,%o1,%o0
-/* 0x0afc ( 3 4) */ and %o0,%o4,%o1
-/* 0x0b00 ( 3 4) */ st %o1,[%o3]
-/* 0x0b04 ( 3 4) */ add %o3,4,%o3
-/* 0x0b08 ( 4 5) */ srax %o0,32,%o5
-/* 0x0b0c ( 4 5) */ ble,a,pt %icc,.L900000742 ! tprob=0.84
-/* 0x0b10 ( 4 7) */ ld [%o3],%o0
- .L77000224: /* frequency 1.0 confidence 0.0 */
-/* 0x0b14 ( 0 2) */ ret ! Result =
-/* 0x0b18 ( 2 3) */ restore %g0,%g0,%g0
-/* 0x0b1c 0 ( 0 0) */ .type mont_mulf_noconv,2
-/* 0x0b1c ( 0 0) */ .size mont_mulf_noconv,(.-mont_mulf_noconv)
-
-! Begin Disassembling Stabs
- .xstabs ".stab.index","Xa ; O ; V=3.1 ; R=WorkShop Compilers 5.0 99/02/25 C 5.0 patch 107289-01",60,0,0,0 ! (/tmp/acompAAALcayz5:1)
- .xstabs ".stab.index","/home/ferenc; /usr/dist/pkgs/devpro,v5.0/5.x-sparc/SC5.0/bin/cc -DMONOLITH -I../include -DNO_ASM -DSIXTY_FOUR_BIT -fast -xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W -DULTRASPARC -Wc,-Qrm-Qd -Wc,-Qrm-Qf -Wc,-assembly -V -c montmulf.il -o montmulf.o montmulf.c -W0,-xp",52,0,0,0 ! (/tmp/acompAAALcayz5:2)
-! End Disassembling Stabs
-
-! Begin Disassembling Ident
- .ident "cg: WorkShop Compilers 5.0 99/04/15 Compiler Common 5.0 Patch 107357-02" ! (NO SOURCE LINE)
- .ident "acomp: WorkShop Compilers 5.0 99/02/25 C 5.0 patch 107289-01" ! (/tmp/acompAAALcayz5:31)
-! End Disassembling Ident
diff --git a/security/nss/lib/freebl/mpi/montmulfv8.il b/security/nss/lib/freebl/mpi/montmulfv8.il
deleted file mode 100644
index b3dd734b6..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv8.il
+++ /dev/null
@@ -1,137 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is inline macros for SPARC Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
-!
-! double upper32(double /*frs1*/);
-!
- .inline upper32,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f10
-
- fdtox %f10,%f10
- fitod %f10,%f0
- .end
-
-!
-! double lower32(double /*frs1*/, double /* Zero */);
-!
- .inline lower32,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f10
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f12
-
- fdtox %f10,%f10
- fmovs %f12,%f10
- fxtod %f10,%f0
- .end
-
-!
-! double mod(double /*x*/, double /*1/m*/, double /*m*/);
-!
- .inline mod,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f2
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o4,[%sp+0x48]
- ldd [%sp+0x48],%f6
-
- fmuld %f2,%f4,%f4
- fdtox %f4,%f4
- fxtod %f4,%f4
- fmuld %f4,%f6,%f4
- fsubd %f2,%f4,%f0
- .end
-
-
-!
-! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-! double * /* 0 */,
-! double * /*result16*/, double * /* result32 */
-! float * /*source - should be unsigned int*
-! converted to float* */);
-!
- .inline i16_to_d16_and_d32x4,24
- ldd [%o0],%f2 ! 1/(2^16)
- ldd [%o1],%f4 ! 2^16
- ldd [%o2],%f22
-
- fmovd %f22,%f6
- ld [%o5],%f7
- fmovd %f22,%f10
- ld [%o5+4],%f11
- fmovd %f22,%f14
- ld [%o5+8],%f15
- fmovd %f22,%f18
- ld [%o5+12],%f19
- fxtod %f6,%f6
- std %f6,[%o4]
- fxtod %f10,%f10
- std %f10,[%o4+8]
- fxtod %f14,%f14
- std %f14,[%o4+16]
- fxtod %f18,%f18
- std %f18,[%o4+24]
- fmuld %f2,%f6,%f8
- fmuld %f2,%f10,%f12
- fmuld %f2,%f14,%f16
- fmuld %f2,%f18,%f20
- fdtox %f8,%f8
- fdtox %f12,%f12
- fdtox %f16,%f16
- fdtox %f20,%f20
- fxtod %f8,%f8
- std %f8,[%o3+8]
- fxtod %f12,%f12
- std %f12,[%o3+24]
- fxtod %f16,%f16
- std %f16,[%o3+40]
- fxtod %f20,%f20
- std %f20,[%o3+56]
- fmuld %f8,%f4,%f8
- fmuld %f12,%f4,%f12
- fmuld %f16,%f4,%f16
- fmuld %f20,%f4,%f20
- fsubd %f6,%f8,%f8
- std %f8,[%o3]
- fsubd %f10,%f12,%f12
- std %f12,[%o3+16]
- fsubd %f14,%f16,%f16
- std %f16,[%o3+32]
- fsubd %f18,%f20,%f20
- std %f20,[%o3+48]
- .end
-
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv8.s b/security/nss/lib/freebl/mpi/montmulfv8.s
deleted file mode 100644
index f6b90dfd8..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv8.s
+++ /dev/null
@@ -1,1856 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is SPARC hand-optimized Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
- .section ".text",#alloc,#execinstr
- .file "montmulf.c"
-
- .section ".rodata",#alloc
- .global TwoTo16
- .align 8
-!
-! CONSTANT POOL
-!
- .global TwoTo16
-TwoTo16:
- .word 1089470464
- .word 0
- .type TwoTo16,#object
- .size TwoTo16,8
- .global TwoToMinus16
-!
-! CONSTANT POOL
-!
- .global TwoToMinus16
-TwoToMinus16:
- .word 1055916032
- .word 0
- .type TwoToMinus16,#object
- .size TwoToMinus16,8
- .global Zero
-!
-! CONSTANT POOL
-!
- .global Zero
-Zero:
- .word 0
- .word 0
- .type Zero,#object
- .size Zero,8
- .global TwoTo32
-!
-! CONSTANT POOL
-!
- .global TwoTo32
-TwoTo32:
- .word 1106247680
- .word 0
- .type TwoTo32,#object
- .size TwoTo32,8
- .global TwoToMinus32
-!
-! CONSTANT POOL
-!
- .global TwoToMinus32
-TwoToMinus32:
- .word 1039138816
- .word 0
- .type TwoToMinus32,#object
- .size TwoToMinus32,8
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 4
-!
-! SUBROUTINE conv_d16_to_i32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_d16_to_i32
- conv_d16_to_i32:
-/* 000000 */ save %sp,-128,%sp
-! FILE montmulf.c
-
-! 36 !#define RF_INLINE_MACROS
-! 38 !static const double TwoTo16=65536.0;
-! 39 !static const double TwoToMinus16=1.0/65536.0;
-! 40 !static const double Zero=0.0;
-! 41 !static const double TwoTo32=65536.0*65536.0;
-! 42 !static const double TwoToMinus32=1.0/(65536.0*65536.0);
-! 44 !#ifdef RF_INLINE_MACROS
-! 46 !double upper32(double);
-! 47 !double lower32(double, double);
-! 48 !double mod(double, double, double);
-! 50 !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/,
-! 51 ! const double * /* 2^16*/,
-! 52 ! const double * /* 0 */,
-! 53 ! double * /*result16*/,
-! 54 ! double * /* result32 */,
-! 55 ! float * /*source - should be unsigned int*
-! 56 ! converted to float* */);
-! 58 !#else
-! 60 !static double upper32(double x)
-! 61 !{
-! 62 ! return floor(x*TwoToMinus32);
-! 63 !}
-! 65 !static double lower32(double x, double y)
-! 66 !{
-! 67 ! return x-TwoTo32*floor(x*TwoToMinus32);
-! 68 !}
-! 70 !static double mod(double x, double oneoverm, double m)
-! 71 !{
-! 72 ! return x-m*floor(x*oneoverm);
-! 73 !}
-! 75 !#endif
-! 78 !static void cleanup(double *dt, int from, int tlen)
-! 79 !{
-! 80 ! int i;
-! 81 ! double tmp,tmp1,x,x1;
-! 83 ! tmp=tmp1=Zero;
-! 84 ! /* original code **
-! 85 ! for(i=2*from;i<2*tlen-2;i++)
-! 86 ! {
-! 87 ! x=dt[i];
-! 88 ! dt[i]=lower32(x,Zero)+tmp1;
-! 89 ! tmp1=tmp;
-! 90 ! tmp=upper32(x);
-! 91 ! }
-! 92 ! dt[tlen-2]+=tmp1;
-! 93 ! dt[tlen-1]+=tmp;
-! 94 ! **end original code ***/
-! 95 ! /* new code ***/
-! 96 ! for(i=2*from;i<2*tlen;i+=2)
-! 97 ! {
-! 98 ! x=dt[i];
-! 99 ! x1=dt[i+1];
-! 100 ! dt[i]=lower32(x,Zero)+tmp;
-! 101 ! dt[i+1]=lower32(x1,Zero)+tmp1;
-! 102 ! tmp=upper32(x);
-! 103 ! tmp1=upper32(x1);
-! 104 ! }
-! 105 ! /** end new code **/
-! 106 !}
-! 109 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-! 110 !{
-! 111 !int i;
-! 112 !long long t, t1, a, b, c, d;
-! 114 ! t1=0;
-! 115 ! a=(long long)d16[0];
-
-/* 0x0004 115 */ ldd [%i1],%f0
-/* 0x0008 110 */ or %g0,%i1,%o0
-
-! 116 ! b=(long long)d16[1];
-! 117 ! for(i=0; i<ilen-1; i++)
-
-/* 0x000c 117 */ sub %i3,1,%g2
-/* 0x0010 */ cmp %g2,0
-/* 0x0014 114 */ or %g0,0,%o4
-/* 0x0018 115 */ fdtox %f0,%f0
-/* 0x001c */ std %f0,[%sp+120]
-/* 0x0020 117 */ or %g0,0,%o7
-/* 0x0024 110 */ or %g0,%i3,%o1
-/* 0x0028 */ sub %i3,2,%o2
-/* 0x002c 116 */ ldd [%o0+8],%f0
-/* 0x0030 110 */ sethi %hi(0xfc00),%o1
-/* 0x0034 */ add %o2,1,%g3
-/* 0x0038 */ add %o1,1023,%o1
-/* 0x003c */ or %g0,%i0,%o5
-/* 0x0040 116 */ fdtox %f0,%f0
-/* 0x0044 */ std %f0,[%sp+112]
-/* 0x0048 */ ldx [%sp+112],%g1
-/* 0x004c 115 */ ldx [%sp+120],%g4
-/* 0x0050 117 */ ble,pt %icc,.L900000117
-/* 0x0054 */ sethi %hi(0xfc00),%g2
-/* 0x0058 110 */ or %g0,-1,%g2
-/* 0x005c 117 */ cmp %g3,3
-/* 0x0060 110 */ srl %g2,0,%o3
-/* 0x0064 117 */ bl,pn %icc,.L77000134
-/* 0x0068 */ or %g0,%o0,%g2
-
-! 118 ! {
-! 119 ! c=(long long)d16[2*i+2];
-
-/* 0x006c 119 */ ldd [%o0+16],%f0
-
-! 120 ! t1+=a&0xffffffff;
-! 121 ! t=(a>>32);
-! 122 ! d=(long long)d16[2*i+3];
-! 123 ! t1+=(b&0xffff)<<16;
-! 124 ! t+=(b>>16)+(t1>>32);
-! 125 ! i32[i]=t1&0xffffffff;
-! 126 ! t1=t;
-! 127 ! a=c;
-! 128 ! b=d;
-
-/* 0x0070 128 */ add %o0,16,%g2
-/* 0x0074 123 */ and %g1,%o1,%o0
-/* 0x0078 */ sllx %o0,16,%g3
-/* 0x007c 120 */ and %g4,%o3,%o0
-/* 0x0080 117 */ add %o0,%g3,%o4
-/* 0x0084 119 */ fdtox %f0,%f0
-/* 0x0088 */ std %f0,[%sp+104]
-/* 0x008c 125 */ and %o4,%o3,%g5
-/* 0x0090 122 */ ldd [%g2+8],%f2
-/* 0x0094 128 */ add %o5,4,%o5
-/* 0x0098 124 */ srax %o4,32,%o4
-/* 0x009c */ stx %o4,[%sp+112]
-/* 0x00a0 122 */ fdtox %f2,%f0
-/* 0x00a4 */ std %f0,[%sp+96]
-/* 0x00a8 124 */ srax %g1,16,%o0
-/* 0x00ac */ ldx [%sp+112],%o7
-/* 0x00b0 121 */ srax %g4,32,%o4
-/* 0x00b4 124 */ add %o0,%o7,%g4
-/* 0x00b8 128 */ or %g0,1,%o7
-/* 0x00bc 119 */ ldx [%sp+104],%g3
-/* 0x00c0 124 */ add %o4,%g4,%o4
-/* 0x00c4 122 */ ldx [%sp+96],%g1
-/* 0x00c8 125 */ st %g5,[%o5-4]
-/* 0x00cc 127 */ or %g0,%g3,%g4
- .L900000112:
-/* 0x00d0 119 */ ldd [%g2+16],%f0
-/* 0x00d4 128 */ add %o7,1,%o7
-/* 0x00d8 */ add %o5,4,%o5
-/* 0x00dc */ cmp %o7,%o2
-/* 0x00e0 */ add %g2,16,%g2
-/* 0x00e4 119 */ fdtox %f0,%f0
-/* 0x00e8 */ std %f0,[%sp+104]
-/* 0x00ec 122 */ ldd [%g2+8],%f0
-/* 0x00f0 */ fdtox %f0,%f0
-/* 0x00f4 */ std %f0,[%sp+96]
-/* 0x00f8 123 */ and %g1,%o1,%g3
-/* 0x00fc */ sllx %g3,16,%g5
-/* 0x0100 120 */ and %g4,%o3,%g3
-/* 0x0104 117 */ add %g3,%g5,%g3
-/* 0x0108 124 */ srax %g1,16,%g1
-/* 0x010c 117 */ add %g3,%o4,%g3
-/* 0x0110 124 */ srax %g3,32,%o4
-/* 0x0114 */ stx %o4,[%sp+112]
-/* 0x0118 119 */ ldx [%sp+104],%g5
-/* 0x011c 121 */ srax %g4,32,%o4
-/* 0x0120 124 */ ldx [%sp+112],%g4
-/* 0x0124 */ add %g1,%g4,%g4
-/* 0x0128 122 */ ldx [%sp+96],%g1
-/* 0x012c 124 */ add %o4,%g4,%o4
-/* 0x0130 125 */ and %g3,%o3,%g3
-/* 0x0134 127 */ or %g0,%g5,%g4
-/* 0x0138 128 */ ble,pt %icc,.L900000112
-/* 0x013c */ st %g3,[%o5-4]
- .L900000115:
-/* 0x0140 128 */ ba .L900000117
-/* 0x0144 */ sethi %hi(0xfc00),%g2
- .L77000134:
-/* 0x0148 119 */ ldd [%g2+16],%f0
- .L900000116:
-/* 0x014c 120 */ and %g4,%o3,%o0
-/* 0x0150 123 */ and %g1,%o1,%g3
-/* 0x0154 119 */ fdtox %f0,%f0
-/* 0x0158 120 */ add %o4,%o0,%o0
-/* 0x015c 119 */ std %f0,[%sp+104]
-/* 0x0160 128 */ add %o7,1,%o7
-/* 0x0164 123 */ sllx %g3,16,%o4
-/* 0x0168 122 */ ldd [%g2+24],%f2
-/* 0x016c 128 */ add %g2,16,%g2
-/* 0x0170 123 */ add %o0,%o4,%o0
-/* 0x0174 128 */ cmp %o7,%o2
-/* 0x0178 125 */ and %o0,%o3,%g3
-/* 0x017c 122 */ fdtox %f2,%f0
-/* 0x0180 */ std %f0,[%sp+96]
-/* 0x0184 124 */ srax %o0,32,%o0
-/* 0x0188 */ stx %o0,[%sp+112]
-/* 0x018c 121 */ srax %g4,32,%o4
-/* 0x0190 122 */ ldx [%sp+96],%o0
-/* 0x0194 124 */ srax %g1,16,%g5
-/* 0x0198 */ ldx [%sp+112],%g4
-/* 0x019c 119 */ ldx [%sp+104],%g1
-/* 0x01a0 125 */ st %g3,[%o5]
-/* 0x01a4 124 */ add %g5,%g4,%g4
-/* 0x01a8 128 */ add %o5,4,%o5
-/* 0x01ac 124 */ add %o4,%g4,%o4
-/* 0x01b0 127 */ or %g0,%g1,%g4
-/* 0x01b4 128 */ or %g0,%o0,%g1
-/* 0x01b8 */ ble,a,pt %icc,.L900000116
-/* 0x01bc */ ldd [%g2+16],%f0
- .L77000127:
-
-! 129 ! }
-! 130 ! t1+=a&0xffffffff;
-! 131 ! t=(a>>32);
-! 132 ! t1+=(b&0xffff)<<16;
-! 133 ! i32[i]=t1&0xffffffff;
-
-/* 0x01c0 133 */ sethi %hi(0xfc00),%g2
- .L900000117:
-/* 0x01c4 133 */ or %g0,-1,%g3
-/* 0x01c8 */ add %g2,1023,%g2
-/* 0x01cc */ srl %g3,0,%g3
-/* 0x01d0 */ and %g1,%g2,%g2
-/* 0x01d4 */ and %g4,%g3,%g4
-/* 0x01d8 */ sllx %g2,16,%g2
-/* 0x01dc */ add %o4,%g4,%g4
-/* 0x01e0 */ add %g4,%g2,%g2
-/* 0x01e4 */ sll %o7,2,%g4
-/* 0x01e8 */ and %g2,%g3,%g2
-/* 0x01ec */ st %g2,[%i0+%g4]
-/* 0x01f0 */ ret ! Result =
-/* 0x01f4 */ restore %g0,%g0,%g0
-/* 0x01f8 0 */ .type conv_d16_to_i32,2
-/* 0x01f8 */ .size conv_d16_to_i32,(.-conv_d16_to_i32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000201:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 4
-/* 0x0008 */ .skip 16
-!
-! SUBROUTINE conv_i32_to_d32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d32
- conv_i32_to_d32:
-/* 000000 */ or %g0,%o7,%g2
-
-! 135 !}
-! 137 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-! 138 !{
-! 139 !int i;
-! 141 !#pragma pipeloop(0)
-! 142 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-
-/* 0x0004 142 */ cmp %o2,0
- .L900000210:
-/* 0x0008 */ call .+8
-/* 0x000c */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0010 142 */ or %g0,0,%o5
-/* 0x0014 138 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0018 */ or %g0,%o0,%g5
-/* 0x001c */ add %g4,%o7,%g1
-/* 0x0020 142 */ ble,pt %icc,.L77000140
-/* 0x0024 */ or %g0,%g2,%o7
-/* 0x0028 */ sethi %hi(.L_const_seg_900000201),%g2
-/* 0x002c 138 */ or %g0,%o1,%g4
-/* 0x0030 142 */ add %g2,%lo(.L_const_seg_900000201),%g2
-/* 0x0034 */ sub %o2,1,%g3
-/* 0x0038 */ ld [%g1+%g2],%g2
-/* 0x003c */ cmp %o2,9
-/* 0x0040 */ bl,pn %icc,.L77000144
-/* 0x0044 */ ldd [%g2],%f8
-/* 0x0048 */ add %o1,16,%g4
-/* 0x004c */ sub %o2,5,%g1
-/* 0x0050 */ ld [%o1],%f7
-/* 0x0054 */ or %g0,4,%o5
-/* 0x0058 */ ld [%o1+4],%f5
-/* 0x005c */ ld [%o1+8],%f3
-/* 0x0060 */ fmovs %f8,%f6
-/* 0x0064 */ ld [%o1+12],%f1
- .L900000205:
-/* 0x0068 */ ld [%g4],%f11
-/* 0x006c */ add %o5,5,%o5
-/* 0x0070 */ add %g4,20,%g4
-/* 0x0074 */ fsubd %f6,%f8,%f6
-/* 0x0078 */ std %f6,[%g5]
-/* 0x007c */ cmp %o5,%g1
-/* 0x0080 */ add %g5,40,%g5
-/* 0x0084 */ fmovs %f8,%f4
-/* 0x0088 */ ld [%g4-16],%f7
-/* 0x008c */ fsubd %f4,%f8,%f12
-/* 0x0090 */ fmovs %f8,%f2
-/* 0x0094 */ std %f12,[%g5-32]
-/* 0x0098 */ ld [%g4-12],%f5
-/* 0x009c */ fsubd %f2,%f8,%f12
-/* 0x00a0 */ fmovs %f8,%f0
-/* 0x00a4 */ std %f12,[%g5-24]
-/* 0x00a8 */ ld [%g4-8],%f3
-/* 0x00ac */ fsubd %f0,%f8,%f12
-/* 0x00b0 */ fmovs %f8,%f10
-/* 0x00b4 */ std %f12,[%g5-16]
-/* 0x00b8 */ ld [%g4-4],%f1
-/* 0x00bc */ fsubd %f10,%f8,%f10
-/* 0x00c0 */ fmovs %f8,%f6
-/* 0x00c4 */ ble,pt %icc,.L900000205
-/* 0x00c8 */ std %f10,[%g5-8]
- .L900000208:
-/* 0x00cc */ fmovs %f8,%f4
-/* 0x00d0 */ add %g5,32,%g5
-/* 0x00d4 */ cmp %o5,%g3
-/* 0x00d8 */ fmovs %f8,%f2
-/* 0x00dc */ fmovs %f8,%f0
-/* 0x00e0 */ fsubd %f6,%f8,%f6
-/* 0x00e4 */ std %f6,[%g5-32]
-/* 0x00e8 */ fsubd %f4,%f8,%f4
-/* 0x00ec */ std %f4,[%g5-24]
-/* 0x00f0 */ fsubd %f2,%f8,%f2
-/* 0x00f4 */ std %f2,[%g5-16]
-/* 0x00f8 */ fsubd %f0,%f8,%f0
-/* 0x00fc */ bg,pn %icc,.L77000140
-/* 0x0100 */ std %f0,[%g5-8]
- .L77000144:
-/* 0x0104 */ ld [%g4],%f1
- .L900000211:
-/* 0x0108 */ ldd [%g2],%f8
-/* 0x010c */ add %o5,1,%o5
-/* 0x0110 */ add %g4,4,%g4
-/* 0x0114 */ cmp %o5,%g3
-/* 0x0118 */ fmovs %f8,%f0
-/* 0x011c */ fsubd %f0,%f8,%f0
-/* 0x0120 */ std %f0,[%g5]
-/* 0x0124 */ add %g5,8,%g5
-/* 0x0128 */ ble,a,pt %icc,.L900000211
-/* 0x012c */ ld [%g4],%f1
- .L77000140:
-/* 0x0130 */ retl ! Result =
-/* 0x0134 */ nop
-/* 0x0138 0 */ .type conv_i32_to_d32,2
-/* 0x0138 */ .size conv_i32_to_d32,(.-conv_i32_to_d32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000301:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 4
-!
-! SUBROUTINE conv_i32_to_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d16
- conv_i32_to_d16:
-/* 000000 */ save %sp,-104,%sp
-/* 0x0004 */ or %g0,%i2,%o0
-
-! 143 !}
-! 146 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-! 147 !{
-! 148 !int i;
-! 149 !unsigned int a;
-! 151 !#pragma pipeloop(0)
-! 152 ! for(i=0;i<len;i++)
-! 153 ! {
-! 154 ! a=i32[i];
-! 155 ! d16[2*i]=(double)(a&0xffff);
-! 156 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0008 156 */ sethi %hi(.L_const_seg_900000301),%g2
- .L900000310:
-/* 0x000c */ call .+8
-/* 0x0010 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-/* 0x0014 152 */ cmp %o0,0
-/* 0x0018 147 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-/* 0x001c 152 */ ble,pt %icc,.L77000150
-/* 0x0020 */ add %g3,%o7,%o2
-/* 0x0024 */ sub %i2,1,%o5
-/* 0x0028 156 */ add %g2,%lo(.L_const_seg_900000301),%o1
-/* 0x002c 152 */ sethi %hi(0xfc00),%o0
-/* 0x0030 */ ld [%o2+%o1],%o3
-/* 0x0034 */ add %o5,1,%g2
-/* 0x0038 */ or %g0,0,%g1
-/* 0x003c */ cmp %g2,3
-/* 0x0040 */ or %g0,%i1,%o7
-/* 0x0044 */ add %o0,1023,%o4
-/* 0x0048 */ or %g0,%i0,%g3
-/* 0x004c */ bl,pn %icc,.L77000154
-/* 0x0050 */ add %o7,4,%o0
-/* 0x0054 155 */ ldd [%o3],%f0
-/* 0x0058 156 */ or %g0,1,%g1
-/* 0x005c 154 */ ld [%o0-4],%o1
-/* 0x0060 0 */ or %g0,%o0,%o7
-/* 0x0064 155 */ and %o1,%o4,%o0
- .L900000306:
-/* 0x0068 155 */ st %o0,[%sp+96]
-/* 0x006c 156 */ add %g1,1,%g1
-/* 0x0070 */ add %g3,16,%g3
-/* 0x0074 */ cmp %g1,%o5
-/* 0x0078 */ add %o7,4,%o7
-/* 0x007c 155 */ ld [%sp+96],%f3
-/* 0x0080 */ fmovs %f0,%f2
-/* 0x0084 */ fsubd %f2,%f0,%f2
-/* 0x0088 156 */ srl %o1,16,%o0
-/* 0x008c 155 */ std %f2,[%g3-16]
-/* 0x0090 156 */ st %o0,[%sp+92]
-/* 0x0094 */ ld [%sp+92],%f3
-/* 0x0098 154 */ ld [%o7-4],%o1
-/* 0x009c 156 */ fmovs %f0,%f2
-/* 0x00a0 */ fsubd %f2,%f0,%f2
-/* 0x00a4 155 */ and %o1,%o4,%o0
-/* 0x00a8 156 */ ble,pt %icc,.L900000306
-/* 0x00ac */ std %f2,[%g3-8]
- .L900000309:
-/* 0x00b0 155 */ st %o0,[%sp+96]
-/* 0x00b4 */ fmovs %f0,%f2
-/* 0x00b8 156 */ add %g3,16,%g3
-/* 0x00bc */ srl %o1,16,%o0
-/* 0x00c0 155 */ ld [%sp+96],%f3
-/* 0x00c4 */ fsubd %f2,%f0,%f2
-/* 0x00c8 */ std %f2,[%g3-16]
-/* 0x00cc 156 */ st %o0,[%sp+92]
-/* 0x00d0 */ fmovs %f0,%f2
-/* 0x00d4 */ ld [%sp+92],%f3
-/* 0x00d8 */ fsubd %f2,%f0,%f0
-/* 0x00dc */ std %f0,[%g3-8]
-/* 0x00e0 */ ret ! Result =
-/* 0x00e4 */ restore %g0,%g0,%g0
- .L77000154:
-/* 0x00e8 154 */ ld [%o7],%o0
- .L900000311:
-/* 0x00ec 155 */ and %o0,%o4,%o1
-/* 0x00f0 */ st %o1,[%sp+96]
-/* 0x00f4 156 */ add %g1,1,%g1
-/* 0x00f8 155 */ ldd [%o3],%f0
-/* 0x00fc 156 */ srl %o0,16,%o0
-/* 0x0100 */ add %o7,4,%o7
-/* 0x0104 */ cmp %g1,%o5
-/* 0x0108 155 */ fmovs %f0,%f2
-/* 0x010c */ ld [%sp+96],%f3
-/* 0x0110 */ fsubd %f2,%f0,%f2
-/* 0x0114 */ std %f2,[%g3]
-/* 0x0118 156 */ st %o0,[%sp+92]
-/* 0x011c */ fmovs %f0,%f2
-/* 0x0120 */ ld [%sp+92],%f3
-/* 0x0124 */ fsubd %f2,%f0,%f0
-/* 0x0128 */ std %f0,[%g3+8]
-/* 0x012c */ add %g3,16,%g3
-/* 0x0130 */ ble,a,pt %icc,.L900000311
-/* 0x0134 */ ld [%o7],%o0
- .L77000150:
-/* 0x0138 */ ret ! Result =
-/* 0x013c */ restore %g0,%g0,%g0
-/* 0x0140 0 */ .type conv_i32_to_d16,2
-/* 0x0140 */ .size conv_i32_to_d16,(.-conv_i32_to_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000401:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 4
-/* 0x0008 */ .skip 16
-!
-! SUBROUTINE conv_i32_to_d32_and_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d32_and_d16
- conv_i32_to_d32_and_d16:
-/* 000000 */ save %sp,-120,%sp
- .L900000415:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4
-
-! 157 ! }
-! 158 !}
-! 161 !void conv_i32_to_d32_and_d16(double *d32, double *d16,
-! 162 ! unsigned int *i32, int len)
-! 163 !{
-! 164 !int i = 0;
-! 165 !unsigned int a;
-! 167 !#pragma pipeloop(0)
-! 168 !#ifdef RF_INLINE_MACROS
-! 169 ! for(;i<len-3;i+=4)
-
-/* 0x000c 169 */ sub %i3,3,%g2
-/* 0x0010 */ cmp %g2,0
-/* 0x0014 163 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g4
-
-! 170 ! {
-! 171 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-! 172 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-
-/* 0x0018 172 */ sethi %hi(Zero),%g2
-/* 0x001c 163 */ add %g4,%o7,%o4
-/* 0x0020 172 */ add %g2,%lo(Zero),%g2
-/* 0x0024 */ sethi %hi(TwoToMinus16),%g3
-/* 0x0028 */ ld [%o4+%g2],%o1
-/* 0x002c */ sethi %hi(TwoTo16),%g4
-/* 0x0030 */ add %g3,%lo(TwoToMinus16),%g2
-/* 0x0034 */ ld [%o4+%g2],%o3
-/* 0x0038 164 */ or %g0,0,%g5
-/* 0x003c 172 */ add %g4,%lo(TwoTo16),%g3
-/* 0x0040 */ ld [%o4+%g3],%o2
-/* 0x0044 163 */ or %g0,%i0,%i4
-/* 0x0048 169 */ or %g0,%i2,%o7
-/* 0x004c */ ble,pt %icc,.L900000418
-/* 0x0050 */ cmp %g5,%i3
-/* 0x0054 172 */ stx %o7,[%sp+104]
-/* 0x0058 169 */ sub %i3,4,%o5
-/* 0x005c */ or %g0,0,%g4
-/* 0x0060 */ or %g0,0,%g1
- .L900000417:
-/* 0x0064 */ ldd [%o1],%f2
-/* 0x0068 172 */ add %i4,%g4,%g2
-/* 0x006c */ add %i1,%g1,%g3
-/* 0x0070 */ ldd [%o3],%f0
-/* 0x0074 */ add %g5,4,%g5
-/* 0x0078 */ fmovd %f2,%f14
-/* 0x007c */ ld [%o7],%f15
-/* 0x0080 */ cmp %g5,%o5
-/* 0x0084 */ fmovd %f2,%f10
-/* 0x0088 */ ld [%o7+4],%f11
-/* 0x008c */ add %o7,16,%o7
-/* 0x0090 */ ldx [%sp+104],%o0
-/* 0x0094 */ fmovd %f2,%f6
-/* 0x0098 */ stx %o7,[%sp+112]
-/* 0x009c */ fxtod %f14,%f14
-/* 0x00a0 */ ld [%o0+8],%f7
-/* 0x00a4 */ fxtod %f10,%f10
-/* 0x00a8 */ ld [%o0+12],%f3
-/* 0x00ac */ fxtod %f6,%f6
-/* 0x00b0 */ ldd [%o2],%f16
-/* 0x00b4 */ fmuld %f0,%f14,%f12
-/* 0x00b8 */ fxtod %f2,%f2
-/* 0x00bc */ fmuld %f0,%f10,%f8
-/* 0x00c0 */ std %f14,[%i4+%g4]
-/* 0x00c4 */ ldx [%sp+112],%o7
-/* 0x00c8 */ add %g4,32,%g4
-/* 0x00cc */ fmuld %f0,%f6,%f4
-/* 0x00d0 */ fdtox %f12,%f12
-/* 0x00d4 */ std %f10,[%g2+8]
-/* 0x00d8 */ fmuld %f0,%f2,%f0
-/* 0x00dc */ fdtox %f8,%f8
-/* 0x00e0 */ std %f6,[%g2+16]
-/* 0x00e4 */ std %f2,[%g2+24]
-/* 0x00e8 */ fdtox %f4,%f4
-/* 0x00ec */ fdtox %f0,%f0
-/* 0x00f0 */ fxtod %f12,%f12
-/* 0x00f4 */ std %f12,[%g3+8]
-/* 0x00f8 */ fxtod %f8,%f8
-/* 0x00fc */ std %f8,[%g3+24]
-/* 0x0100 */ fxtod %f4,%f4
-/* 0x0104 */ std %f4,[%g3+40]
-/* 0x0108 */ fxtod %f0,%f0
-/* 0x010c */ std %f0,[%g3+56]
-/* 0x0110 */ fmuld %f12,%f16,%f12
-/* 0x0114 */ fmuld %f8,%f16,%f8
-/* 0x0118 */ fmuld %f4,%f16,%f4
-/* 0x011c */ fsubd %f14,%f12,%f12
-/* 0x0120 */ std %f12,[%i1+%g1]
-/* 0x0124 */ fmuld %f0,%f16,%f0
-/* 0x0128 */ fsubd %f10,%f8,%f8
-/* 0x012c */ std %f8,[%g3+16]
-/* 0x0130 */ add %g1,64,%g1
-/* 0x0134 */ fsubd %f6,%f4,%f4
-/* 0x0138 */ std %f4,[%g3+32]
-/* 0x013c */ fsubd %f2,%f0,%f0
-/* 0x0140 */ std %f0,[%g3+48]
-/* 0x0144 */ ble,a,pt %icc,.L900000417
-/* 0x0148 */ stx %o7,[%sp+104]
- .L77000159:
-
-! 173 ! }
-! 174 !#endif
-! 175 ! for(;i<len;i++)
-
-/* 0x014c 175 */ cmp %g5,%i3
- .L900000418:
-/* 0x0150 175 */ bge,pt %icc,.L77000164
-/* 0x0154 */ nop
-
-! 176 ! {
-! 177 ! a=i32[i];
-! 178 ! d32[i]=(double)(i32[i]);
-! 179 ! d16[2*i]=(double)(a&0xffff);
-! 180 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0158 180 */ sethi %hi(.L_const_seg_900000401),%g2
-/* 0x015c */ add %g2,%lo(.L_const_seg_900000401),%o1
-/* 0x0160 175 */ sethi %hi(0xfc00),%o0
-/* 0x0164 */ ld [%o4+%o1],%o2
-/* 0x0168 */ sll %g5,2,%o3
-/* 0x016c */ sub %i3,%g5,%g3
-/* 0x0170 */ sll %g5,3,%g2
-/* 0x0174 */ add %o0,1023,%o4
-/* 0x0178 178 */ ldd [%o2],%f0
-/* 0x017c */ add %i2,%o3,%o0
-/* 0x0180 175 */ cmp %g3,3
-/* 0x0184 */ add %i4,%g2,%o3
-/* 0x0188 */ sub %i3,1,%o1
-/* 0x018c */ sll %g5,4,%g4
-/* 0x0190 */ bl,pn %icc,.L77000161
-/* 0x0194 */ add %i1,%g4,%o5
-/* 0x0198 178 */ ld [%o0],%f3
-/* 0x019c 180 */ add %o3,8,%o3
-/* 0x01a0 177 */ ld [%o0],%o7
-/* 0x01a4 180 */ add %o5,16,%o5
-/* 0x01a8 */ add %g5,1,%g5
-/* 0x01ac 178 */ fmovs %f0,%f2
-/* 0x01b0 180 */ add %o0,4,%o0
-/* 0x01b4 179 */ and %o7,%o4,%g1
-/* 0x01b8 178 */ fsubd %f2,%f0,%f2
-/* 0x01bc */ std %f2,[%o3-8]
-/* 0x01c0 180 */ srl %o7,16,%o7
-/* 0x01c4 179 */ st %g1,[%sp+96]
-/* 0x01c8 */ fmovs %f0,%f2
-/* 0x01cc */ ld [%sp+96],%f3
-/* 0x01d0 */ fsubd %f2,%f0,%f2
-/* 0x01d4 */ std %f2,[%o5-16]
-/* 0x01d8 180 */ st %o7,[%sp+92]
-/* 0x01dc */ fmovs %f0,%f2
-/* 0x01e0 */ ld [%sp+92],%f3
-/* 0x01e4 */ fsubd %f2,%f0,%f2
-/* 0x01e8 */ std %f2,[%o5-8]
- .L900000411:
-/* 0x01ec 178 */ ld [%o0],%f3
-/* 0x01f0 180 */ add %g5,2,%g5
-/* 0x01f4 */ add %o5,32,%o5
-/* 0x01f8 177 */ ld [%o0],%o7
-/* 0x01fc 180 */ cmp %g5,%o1
-/* 0x0200 */ add %o3,16,%o3
-/* 0x0204 178 */ fmovs %f0,%f2
-/* 0x0208 */ fsubd %f2,%f0,%f2
-/* 0x020c */ std %f2,[%o3-16]
-/* 0x0210 179 */ and %o7,%o4,%g1
-/* 0x0214 */ st %g1,[%sp+96]
-/* 0x0218 */ ld [%sp+96],%f3
-/* 0x021c */ fmovs %f0,%f2
-/* 0x0220 */ fsubd %f2,%f0,%f2
-/* 0x0224 180 */ srl %o7,16,%o7
-/* 0x0228 179 */ std %f2,[%o5-32]
-/* 0x022c 180 */ st %o7,[%sp+92]
-/* 0x0230 */ ld [%sp+92],%f3
-/* 0x0234 */ fmovs %f0,%f2
-/* 0x0238 */ fsubd %f2,%f0,%f2
-/* 0x023c */ std %f2,[%o5-24]
-/* 0x0240 */ add %o0,4,%o0
-/* 0x0244 178 */ ld [%o0],%f3
-/* 0x0248 177 */ ld [%o0],%o7
-/* 0x024c 178 */ fmovs %f0,%f2
-/* 0x0250 */ fsubd %f2,%f0,%f2
-/* 0x0254 */ std %f2,[%o3-8]
-/* 0x0258 179 */ and %o7,%o4,%g1
-/* 0x025c */ st %g1,[%sp+96]
-/* 0x0260 */ ld [%sp+96],%f3
-/* 0x0264 */ fmovs %f0,%f2
-/* 0x0268 */ fsubd %f2,%f0,%f2
-/* 0x026c 180 */ srl %o7,16,%o7
-/* 0x0270 179 */ std %f2,[%o5-16]
-/* 0x0274 180 */ st %o7,[%sp+92]
-/* 0x0278 */ ld [%sp+92],%f3
-/* 0x027c */ fmovs %f0,%f2
-/* 0x0280 */ fsubd %f2,%f0,%f2
-/* 0x0284 */ std %f2,[%o5-8]
-/* 0x0288 */ bl,pt %icc,.L900000411
-/* 0x028c */ add %o0,4,%o0
- .L900000414:
-/* 0x0290 180 */ cmp %g5,%i3
-/* 0x0294 */ bge,pn %icc,.L77000164
-/* 0x0298 */ nop
- .L77000161:
-/* 0x029c 178 */ ld [%o0],%f3
- .L900000416:
-/* 0x02a0 178 */ ldd [%o2],%f0
-/* 0x02a4 180 */ add %g5,1,%g5
-/* 0x02a8 177 */ ld [%o0],%o1
-/* 0x02ac 180 */ add %o0,4,%o0
-/* 0x02b0 */ cmp %g5,%i3
-/* 0x02b4 178 */ fmovs %f0,%f2
-/* 0x02b8 179 */ and %o1,%o4,%o7
-/* 0x02bc 178 */ fsubd %f2,%f0,%f2
-/* 0x02c0 */ std %f2,[%o3]
-/* 0x02c4 180 */ srl %o1,16,%o1
-/* 0x02c8 179 */ st %o7,[%sp+96]
-/* 0x02cc 180 */ add %o3,8,%o3
-/* 0x02d0 179 */ fmovs %f0,%f2
-/* 0x02d4 */ ld [%sp+96],%f3
-/* 0x02d8 */ fsubd %f2,%f0,%f2
-/* 0x02dc */ std %f2,[%o5]
-/* 0x02e0 180 */ st %o1,[%sp+92]
-/* 0x02e4 */ fmovs %f0,%f2
-/* 0x02e8 */ ld [%sp+92],%f3
-/* 0x02ec */ fsubd %f2,%f0,%f0
-/* 0x02f0 */ std %f0,[%o5+8]
-/* 0x02f4 */ add %o5,16,%o5
-/* 0x02f8 */ bl,a,pt %icc,.L900000416
-/* 0x02fc */ ld [%o0],%f3
- .L77000164:
-/* 0x0300 */ ret ! Result =
-/* 0x0304 */ restore %g0,%g0,%g0
-/* 0x0308 0 */ .type conv_i32_to_d32_and_d16,2
-/* 0x0308 */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 4
-!
-! SUBROUTINE adjust_montf_result
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global adjust_montf_result
- adjust_montf_result:
-/* 000000 */ or %g0,%o2,%g5
-
-! 181 ! }
-! 182 !}
-! 185 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-! 186 !{
-! 187 !long long acc;
-! 188 !int i;
-! 190 ! if(i32[len]>0) i=-1;
-
-/* 0x0004 190 */ or %g0,-1,%g4
-/* 0x0008 */ sll %o2,2,%g1
-/* 0x000c */ ld [%o0+%g1],%g1
-/* 0x0010 */ cmp %g1,0
-/* 0x0014 */ bleu,pn %icc,.L77000175
-/* 0x0018 */ or %g0,%o1,%o3
-/* 0x001c */ ba .L900000511
-/* 0x0020 */ cmp %g4,0
- .L77000175:
-
-! 191 ! else
-! 192 ! {
-! 193 ! for(i=len-1; i>=0; i--)
-
-/* 0x0024 193 */ sub %o2,1,%g4
-/* 0x0028 */ sll %g4,2,%g1
-/* 0x002c */ cmp %g4,0
-/* 0x0030 */ bl,pt %icc,.L900000511
-/* 0x0034 */ cmp %g4,0
-/* 0x0038 */ add %o1,%g1,%g2
-
-! 194 ! {
-! 195 ! if(i32[i]!=nint[i]) break;
-
-/* 0x003c 195 */ ld [%g2],%o5
-/* 0x0040 193 */ add %o0,%g1,%g3
- .L900000510:
-/* 0x0044 195 */ ld [%g3],%o2
-/* 0x0048 */ sub %g4,1,%g1
-/* 0x004c */ sub %g2,4,%g2
-/* 0x0050 */ sub %g3,4,%g3
-/* 0x0054 */ cmp %o2,%o5
-/* 0x0058 */ bne,pn %icc,.L77000182
-/* 0x005c */ nop
-/* 0x0060 0 */ or %g0,%g1,%g4
-/* 0x0064 195 */ cmp %g1,0
-/* 0x0068 */ bge,a,pt %icc,.L900000510
-/* 0x006c */ ld [%g2],%o5
- .L77000182:
-
-! 196 ! }
-! 197 ! }
-! 198 ! if((i<0)||(i32[i]>nint[i]))
-
-/* 0x0070 198 */ cmp %g4,0
- .L900000511:
-/* 0x0074 198 */ bl,pn %icc,.L77000198
-/* 0x0078 */ sll %g4,2,%g2
-/* 0x007c */ ld [%o1+%g2],%g1
-/* 0x0080 */ ld [%o0+%g2],%g2
-/* 0x0084 */ cmp %g2,%g1
-/* 0x0088 */ bleu,pt %icc,.L77000191
-/* 0x008c */ nop
- .L77000198:
-
-! 199 ! {
-! 200 ! acc=0;
-! 201 ! for(i=0;i<len;i++)
-
-/* 0x0090 201 */ cmp %g5,0
-/* 0x0094 */ ble,pt %icc,.L77000191
-/* 0x0098 */ nop
-/* 0x009c */ or %g0,%g5,%g1
-/* 0x00a0 198 */ or %g0,-1,%g2
-/* 0x00a4 */ srl %g2,0,%g3
-/* 0x00a8 */ sub %g5,1,%g4
-/* 0x00ac 200 */ or %g0,0,%g5
-/* 0x00b0 201 */ or %g0,0,%o5
-/* 0x00b4 198 */ or %g0,%o0,%o4
-/* 0x00b8 */ cmp %g1,3
-/* 0x00bc 201 */ bl,pn %icc,.L77000199
-/* 0x00c0 */ add %o0,8,%g1
-/* 0x00c4 */ add %o1,4,%g2
-
-! 202 ! {
-! 203 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-
-/* 0x00c8 203 */ ld [%o0],%o2
-/* 0x00cc */ ld [%o1],%o1
-/* 0x00d0 0 */ or %g0,%g1,%o4
-/* 0x00d4 */ or %g0,%g2,%o3
-/* 0x00d8 203 */ ld [%o0+4],%g1
-
-! 204 ! i32[i]=acc&0xffffffff;
-! 205 ! acc=acc>>32;
-
-/* 0x00dc 205 */ or %g0,2,%o5
-/* 0x00e0 201 */ sub %o2,%o1,%o2
-/* 0x00e4 */ or %g0,%o2,%g5
-/* 0x00e8 204 */ and %o2,%g3,%o2
-/* 0x00ec */ st %o2,[%o0]
-/* 0x00f0 205 */ srax %g5,32,%g5
- .L900000505:
-/* 0x00f4 203 */ ld [%o3],%o2
-/* 0x00f8 205 */ add %o5,1,%o5
-/* 0x00fc */ add %o3,4,%o3
-/* 0x0100 */ cmp %o5,%g4
-/* 0x0104 */ add %o4,4,%o4
-/* 0x0108 201 */ sub %g1,%o2,%g1
-/* 0x010c */ add %g1,%g5,%g5
-/* 0x0110 204 */ and %g5,%g3,%o2
-/* 0x0114 203 */ ld [%o4-4],%g1
-/* 0x0118 204 */ st %o2,[%o4-8]
-/* 0x011c 205 */ ble,pt %icc,.L900000505
-/* 0x0120 */ srax %g5,32,%g5
- .L900000508:
-/* 0x0124 203 */ ld [%o3],%g2
-/* 0x0128 201 */ sub %g1,%g2,%g1
-/* 0x012c */ add %g1,%g5,%g1
-/* 0x0130 204 */ and %g1,%g3,%g2
-/* 0x0134 */ retl ! Result =
-/* 0x0138 */ st %g2,[%o4-4]
- .L77000199:
-/* 0x013c 203 */ ld [%o4],%g1
- .L900000509:
-/* 0x0140 203 */ ld [%o3],%g2
-/* 0x0144 */ add %g5,%g1,%g1
-/* 0x0148 205 */ add %o5,1,%o5
-/* 0x014c */ add %o3,4,%o3
-/* 0x0150 */ cmp %o5,%g4
-/* 0x0154 203 */ sub %g1,%g2,%g1
-/* 0x0158 204 */ and %g1,%g3,%g2
-/* 0x015c */ st %g2,[%o4]
-/* 0x0160 205 */ add %o4,4,%o4
-/* 0x0164 */ srax %g1,32,%g5
-/* 0x0168 */ ble,a,pt %icc,.L900000509
-/* 0x016c */ ld [%o4],%g1
- .L77000191:
-/* 0x0170 */ retl ! Result =
-/* 0x0174 */ nop
-/* 0x0178 0 */ .type adjust_montf_result,2
-/* 0x0178 */ .size adjust_montf_result,(.-adjust_montf_result)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 4
-/* 000000 */ .skip 16
-!
-! SUBROUTINE mont_mulf_noconv
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global mont_mulf_noconv
- mont_mulf_noconv:
-/* 000000 */ save %sp,-144,%sp
- .L900000646:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5
-
-! 206 ! }
-! 207 ! }
-! 208 !}
-! 213 !/*
-! 214 !** the lengths of the input arrays should be at least the following:
-! 215 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-! 216 !** all of them should be different from one another
-! 217 !**
-! 218 !*/
-! 219 !void mont_mulf_noconv(unsigned int *result,
-! 220 ! double *dm1, double *dm2, double *dt,
-! 221 ! double *dn, unsigned int *nint,
-! 222 ! int nlen, double dn0)
-! 223 !{
-! 224 ! int i, j, jj;
-! 225 ! int tmp;
-! 226 ! double digit, m2j, nextm2j, a, b;
-! 227 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-! 229 ! pdm1=&(dm1[0]);
-! 230 ! pdm2=&(dm2[0]);
-! 231 ! pdn=&(dn[0]);
-! 232 ! pdm2[2*nlen]=Zero;
-
-/* 0x000c 232 */ ld [%fp+92],%o1
-/* 0x0010 */ sethi %hi(Zero),%g2
-/* 0x0014 223 */ ldd [%fp+96],%f2
-/* 0x0018 */ add %g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000646-.)),%g5
-/* 0x001c 232 */ add %g2,%lo(Zero),%g2
-/* 0x0020 223 */ st %i0,[%fp+68]
-/* 0x0024 */ add %g5,%o7,%o3
-
-! 234 ! if (nlen!=16)
-! 235 ! {
-! 236 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-! 238 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 239 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-/* 0x0028 239 */ sethi %hi(TwoToMinus16),%g3
-/* 0x002c 232 */ ld [%o3+%g2],%l0
-/* 0x0030 239 */ sethi %hi(TwoTo16),%g4
-/* 0x0034 223 */ or %g0,%i2,%o2
-/* 0x0038 */ fmovd %f2,%f16
-/* 0x003c */ st %i5,[%fp+88]
-/* 0x0040 239 */ add %g3,%lo(TwoToMinus16),%g2
-/* 0x0044 223 */ or %g0,%i1,%i2
-/* 0x0048 232 */ ldd [%l0],%f0
-/* 0x004c 239 */ add %g4,%lo(TwoTo16),%g3
-/* 0x0050 223 */ or %g0,%i3,%o0
-/* 0x0054 232 */ sll %o1,4,%g4
-/* 0x0058 239 */ ld [%o3+%g2],%g5
-/* 0x005c 223 */ or %g0,%i3,%i1
-/* 0x0060 239 */ ld [%o3+%g3],%g1
-/* 0x0064 232 */ or %g0,%o1,%i0
-/* 0x0068 */ or %g0,%o2,%i3
-/* 0x006c 234 */ cmp %o1,16
-/* 0x0070 */ be,pn %icc,.L77000279
-/* 0x0074 */ std %f0,[%o2+%g4]
-/* 0x0078 236 */ sll %o1,2,%g2
-/* 0x007c */ or %g0,%o0,%o3
-/* 0x0080 232 */ sll %o1,1,%o1
-/* 0x0084 236 */ add %g2,2,%o2
-/* 0x0088 */ cmp %o2,0
-/* 0x008c */ ble,a,pt %icc,.L900000660
-/* 0x0090 */ ldd [%i2],%f0
-
-! 241 ! pdtj=&(dt[0]);
-! 242 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-! 243 ! {
-! 244 ! m2j=pdm2[j];
-! 245 ! a=pdtj[0]+pdn[0]*digit;
-! 246 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-! 247 ! pdtj[1]=b;
-! 249 !#pragma pipeloop(0)
-! 250 ! for(i=1;i<nlen;i++)
-! 251 ! {
-! 252 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 253 ! }
-! 254 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-! 255 !
-! 256 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 257 ! }
-! 258 ! }
-! 259 ! else
-! 260 ! {
-! 261 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 263 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
-! 264 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
-! 265 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
-! 266 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
-! 267 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
-! 268 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
-! 269 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
-! 270 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
-! 271 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
-! 272 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
-! 273 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
-! 275 ! pdn_0=pdn[0];
-! 276 ! pdm1_0=pdm1[0];
-! 278 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 279 ! pdtj=&(dt[0]);
-! 281 ! for(j=0;j<32;j++,pdtj++)
-
-/* 0x0094 281 */ add %g2,2,%o0
-/* 0x0098 236 */ add %g2,1,%o2
-/* 0x009c 281 */ cmp %o0,3
-/* 0x00a0 */ bl,pn %icc,.L77000280
-/* 0x00a4 */ or %g0,1,%o0
-/* 0x00a8 */ add %o3,8,%o3
-/* 0x00ac */ or %g0,1,%o4
-/* 0x00b0 */ std %f0,[%o3-8]
- .L900000630:
-/* 0x00b4 */ std %f0,[%o3]
-/* 0x00b8 */ add %o4,2,%o4
-/* 0x00bc */ add %o3,16,%o3
-/* 0x00c0 */ cmp %o4,%g2
-/* 0x00c4 */ ble,pt %icc,.L900000630
-/* 0x00c8 */ std %f0,[%o3-8]
- .L900000633:
-/* 0x00cc */ cmp %o4,%o2
-/* 0x00d0 */ bg,pn %icc,.L77000285
-/* 0x00d4 */ add %o4,1,%o0
- .L77000280:
-/* 0x00d8 */ std %f0,[%o3]
- .L900000659:
-/* 0x00dc */ ldd [%l0],%f0
-/* 0x00e0 */ cmp %o0,%o2
-/* 0x00e4 */ add %o3,8,%o3
-/* 0x00e8 */ add %o0,1,%o0
-/* 0x00ec */ ble,a,pt %icc,.L900000659
-/* 0x00f0 */ std %f0,[%o3]
- .L77000285:
-/* 0x00f4 238 */ ldd [%i2],%f0
- .L900000660:
-/* 0x00f8 238 */ ldd [%i3],%f2
-/* 0x00fc */ add %o1,1,%o2
-/* 0x0100 242 */ cmp %o1,0
-/* 0x0104 */ sll %o2,1,%o0
-/* 0x0108 */ sub %o1,1,%o1
-/* 0x010c 238 */ fmuld %f0,%f2,%f0
-/* 0x0110 */ std %f0,[%i1]
-/* 0x0114 0 */ or %g0,0,%l1
-/* 0x0118 */ ldd [%l0],%f6
-/* 0x011c */ or %g0,0,%g4
-/* 0x0120 */ or %g0,%o2,%i5
-/* 0x0124 */ ldd [%g5],%f2
-/* 0x0128 */ or %g0,%o1,%g3
-/* 0x012c */ or %g0,%o0,%o3
-/* 0x0130 */ fdtox %f0,%f0
-/* 0x0134 */ ldd [%g1],%f4
-/* 0x0138 246 */ add %i3,8,%o4
-/* 0x013c */ or %g0,0,%l2
-/* 0x0140 */ or %g0,%i1,%o5
-/* 0x0144 */ sub %i0,1,%o7
-/* 0x0148 */ fmovs %f6,%f0
-/* 0x014c */ fxtod %f0,%f0
-/* 0x0150 239 */ fmuld %f0,%f16,%f0
-/* 0x0154 */ fmuld %f0,%f2,%f2
-/* 0x0158 */ fdtox %f2,%f2
-/* 0x015c */ fxtod %f2,%f2
-/* 0x0160 */ fmuld %f2,%f4,%f2
-/* 0x0164 */ fsubd %f0,%f2,%f22
-/* 0x0168 242 */ ble,pt %icc,.L900000653
-/* 0x016c */ sll %i0,4,%g2
-/* 0x0170 246 */ ldd [%i4],%f0
- .L900000654:
-/* 0x0174 246 */ fmuld %f0,%f22,%f8
-/* 0x0178 */ ldd [%i2],%f0
-/* 0x017c 250 */ cmp %i0,1
-/* 0x0180 246 */ ldd [%o4+%l2],%f6
-/* 0x0184 */ add %i2,8,%o0
-/* 0x0188 250 */ or %g0,1,%o1
-/* 0x018c 246 */ ldd [%o5],%f2
-/* 0x0190 */ add %o5,16,%l3
-/* 0x0194 */ fmuld %f0,%f6,%f6
-/* 0x0198 */ ldd [%g5],%f4
-/* 0x019c */ faddd %f2,%f8,%f2
-/* 0x01a0 */ ldd [%o5+8],%f0
-/* 0x01a4 244 */ ldd [%i3+%l2],%f20
-/* 0x01a8 246 */ faddd %f0,%f6,%f0
-/* 0x01ac */ fmuld %f2,%f4,%f2
-/* 0x01b0 */ faddd %f0,%f2,%f18
-/* 0x01b4 247 */ std %f18,[%o5+8]
-/* 0x01b8 250 */ ble,pt %icc,.L900000658
-/* 0x01bc */ srl %g4,31,%g2
-/* 0x01c0 */ cmp %o7,7
-/* 0x01c4 246 */ add %i4,8,%g2
-/* 0x01c8 250 */ bl,pn %icc,.L77000284
-/* 0x01cc */ add %g2,24,%o2
-/* 0x01d0 252 */ ldd [%o0+24],%f12
-/* 0x01d4 */ add %o5,48,%l3
-/* 0x01d8 */ ldd [%o0],%f2
-/* 0x01dc 0 */ or %g0,%o2,%g2
-/* 0x01e0 250 */ sub %o7,2,%o2
-/* 0x01e4 252 */ ldd [%g2-24],%f0
-/* 0x01e8 */ or %g0,5,%o1
-/* 0x01ec */ ldd [%o0+8],%f6
-/* 0x01f0 */ fmuld %f2,%f20,%f2
-/* 0x01f4 */ ldd [%o0+16],%f14
-/* 0x01f8 */ fmuld %f0,%f22,%f4
-/* 0x01fc */ add %o0,32,%o0
-/* 0x0200 */ ldd [%g2-16],%f8
-/* 0x0204 */ fmuld %f6,%f20,%f10
-/* 0x0208 */ ldd [%o5+16],%f0
-/* 0x020c */ ldd [%g2-8],%f6
-/* 0x0210 */ faddd %f2,%f4,%f4
-/* 0x0214 */ ldd [%o5+32],%f2
- .L900000642:
-/* 0x0218 252 */ ldd [%g2],%f24
-/* 0x021c */ add %o1,3,%o1
-/* 0x0220 */ add %g2,24,%g2
-/* 0x0224 */ fmuld %f8,%f22,%f8
-/* 0x0228 */ ldd [%l3],%f28
-/* 0x022c */ cmp %o1,%o2
-/* 0x0230 */ add %o0,24,%o0
-/* 0x0234 */ ldd [%o0-24],%f26
-/* 0x0238 */ faddd %f0,%f4,%f0
-/* 0x023c */ add %l3,48,%l3
-/* 0x0240 */ faddd %f10,%f8,%f10
-/* 0x0244 */ fmuld %f14,%f20,%f4
-/* 0x0248 */ std %f0,[%l3-80]
-/* 0x024c */ ldd [%g2-16],%f8
-/* 0x0250 */ fmuld %f6,%f22,%f6
-/* 0x0254 */ ldd [%l3-32],%f0
-/* 0x0258 */ ldd [%o0-16],%f14
-/* 0x025c */ faddd %f2,%f10,%f2
-/* 0x0260 */ faddd %f4,%f6,%f10
-/* 0x0264 */ fmuld %f12,%f20,%f4
-/* 0x0268 */ std %f2,[%l3-64]
-/* 0x026c */ ldd [%g2-8],%f6
-/* 0x0270 */ fmuld %f24,%f22,%f24
-/* 0x0274 */ ldd [%l3-16],%f2
-/* 0x0278 */ ldd [%o0-8],%f12
-/* 0x027c */ faddd %f28,%f10,%f10
-/* 0x0280 */ std %f10,[%l3-48]
-/* 0x0284 */ fmuld %f26,%f20,%f10
-/* 0x0288 */ ble,pt %icc,.L900000642
-/* 0x028c */ faddd %f4,%f24,%f4
- .L900000645:
-/* 0x0290 252 */ fmuld %f8,%f22,%f28
-/* 0x0294 */ ldd [%g2],%f24
-/* 0x0298 */ faddd %f0,%f4,%f26
-/* 0x029c */ fmuld %f12,%f20,%f8
-/* 0x02a0 */ add %l3,32,%l3
-/* 0x02a4 */ cmp %o1,%o7
-/* 0x02a8 */ fmuld %f14,%f20,%f14
-/* 0x02ac */ ldd [%l3-32],%f4
-/* 0x02b0 */ add %g2,8,%g2
-/* 0x02b4 */ faddd %f10,%f28,%f12
-/* 0x02b8 */ fmuld %f6,%f22,%f6
-/* 0x02bc */ ldd [%l3-16],%f0
-/* 0x02c0 */ fmuld %f24,%f22,%f10
-/* 0x02c4 */ std %f26,[%l3-64]
-/* 0x02c8 */ faddd %f2,%f12,%f2
-/* 0x02cc */ std %f2,[%l3-48]
-/* 0x02d0 */ faddd %f14,%f6,%f6
-/* 0x02d4 */ faddd %f8,%f10,%f2
-/* 0x02d8 */ faddd %f4,%f6,%f4
-/* 0x02dc */ std %f4,[%l3-32]
-/* 0x02e0 */ faddd %f0,%f2,%f0
-/* 0x02e4 */ bg,pn %icc,.L77000213
-/* 0x02e8 */ std %f0,[%l3-16]
- .L77000284:
-/* 0x02ec 252 */ ldd [%o0],%f0
- .L900000657:
-/* 0x02f0 252 */ ldd [%g2],%f4
-/* 0x02f4 */ fmuld %f0,%f20,%f2
-/* 0x02f8 */ add %o1,1,%o1
-/* 0x02fc */ ldd [%l3],%f0
-/* 0x0300 */ add %o0,8,%o0
-/* 0x0304 */ add %g2,8,%g2
-/* 0x0308 */ fmuld %f4,%f22,%f4
-/* 0x030c */ cmp %o1,%o7
-/* 0x0310 */ faddd %f2,%f4,%f2
-/* 0x0314 */ faddd %f0,%f2,%f0
-/* 0x0318 */ std %f0,[%l3]
-/* 0x031c */ add %l3,16,%l3
-/* 0x0320 */ ble,a,pt %icc,.L900000657
-/* 0x0324 */ ldd [%o0],%f0
- .L77000213:
-/* 0x0328 */ srl %g4,31,%g2
- .L900000658:
-/* 0x032c 254 */ cmp %l1,30
-/* 0x0330 */ bne,a,pt %icc,.L900000656
-/* 0x0334 */ fdtox %f18,%f0
-/* 0x0338 */ add %g4,%g2,%g2
-/* 0x033c */ sra %g2,1,%o0
-/* 0x0340 281 */ ldd [%l0],%f0
-/* 0x0344 */ sll %i5,1,%o2
-/* 0x0348 */ add %o0,1,%g2
-/* 0x034c */ sll %g2,1,%o0
-/* 0x0350 254 */ sub %o2,1,%o2
-/* 0x0354 281 */ fmovd %f0,%f2
-/* 0x0358 */ sll %g2,4,%o1
-/* 0x035c */ cmp %o0,%o3
-/* 0x0360 */ bge,pt %icc,.L77000215
-/* 0x0364 */ or %g0,0,%l1
-/* 0x0368 254 */ add %i1,%o1,%o1
-/* 0x036c 281 */ ldd [%o1],%f6
- .L900000655:
-/* 0x0370 */ fdtox %f6,%f10
-/* 0x0374 */ ldd [%o1+8],%f4
-/* 0x0378 */ add %o0,2,%o0
-/* 0x037c */ ldd [%l0],%f12
-/* 0x0380 */ fdtox %f6,%f6
-/* 0x0384 */ cmp %o0,%o2
-/* 0x0388 */ fdtox %f4,%f8
-/* 0x038c */ fdtox %f4,%f4
-/* 0x0390 */ fmovs %f12,%f10
-/* 0x0394 */ fmovs %f12,%f8
-/* 0x0398 */ fxtod %f10,%f10
-/* 0x039c */ fxtod %f8,%f8
-/* 0x03a0 */ faddd %f10,%f2,%f2
-/* 0x03a4 */ std %f2,[%o1]
-/* 0x03a8 */ faddd %f8,%f0,%f0
-/* 0x03ac */ std %f0,[%o1+8]
-/* 0x03b0 */ add %o1,16,%o1
-/* 0x03b4 */ fitod %f6,%f2
-/* 0x03b8 */ fitod %f4,%f0
-/* 0x03bc */ ble,a,pt %icc,.L900000655
-/* 0x03c0 */ ldd [%o1],%f6
- .L77000233:
-/* 0x03c4 */ or %g0,0,%l1
- .L77000215:
-/* 0x03c8 */ fdtox %f18,%f0
- .L900000656:
-/* 0x03cc */ ldd [%l0],%f6
-/* 0x03d0 256 */ add %g4,1,%g4
-/* 0x03d4 */ add %l2,8,%l2
-/* 0x03d8 */ ldd [%g5],%f2
-/* 0x03dc */ add %l1,1,%l1
-/* 0x03e0 */ add %o5,8,%o5
-/* 0x03e4 */ fmovs %f6,%f0
-/* 0x03e8 */ ldd [%g1],%f4
-/* 0x03ec */ cmp %g4,%g3
-/* 0x03f0 */ fxtod %f0,%f0
-/* 0x03f4 */ fmuld %f0,%f16,%f0
-/* 0x03f8 */ fmuld %f0,%f2,%f2
-/* 0x03fc */ fdtox %f2,%f2
-/* 0x0400 */ fxtod %f2,%f2
-/* 0x0404 */ fmuld %f2,%f4,%f2
-/* 0x0408 */ fsubd %f0,%f2,%f22
-/* 0x040c */ ble,a,pt %icc,.L900000654
-/* 0x0410 */ ldd [%i4],%f0
- .L900000629:
-/* 0x0414 256 */ ba .L900000653
-/* 0x0418 */ sll %i0,4,%g2
- .L77000279:
-/* 0x041c 261 */ ldd [%o2],%f6
-/* 0x0420 279 */ or %g0,%o0,%o4
-/* 0x0424 281 */ or %g0,0,%o3
-/* 0x0428 261 */ ldd [%i2],%f4
-/* 0x042c 273 */ std %f0,[%o0+8]
-/* 0x0430 */ std %f0,[%o0+16]
-/* 0x0434 261 */ fmuld %f4,%f6,%f4
-/* 0x0438 */ std %f4,[%o0]
-/* 0x043c 273 */ std %f0,[%o0+24]
-/* 0x0440 */ std %f0,[%o0+32]
-/* 0x0444 */ fdtox %f4,%f4
-/* 0x0448 */ std %f0,[%o0+40]
-/* 0x044c */ std %f0,[%o0+48]
-/* 0x0450 */ std %f0,[%o0+56]
-/* 0x0454 */ std %f0,[%o0+64]
-/* 0x0458 */ std %f0,[%o0+72]
-/* 0x045c */ std %f0,[%o0+80]
-/* 0x0460 */ std %f0,[%o0+88]
-/* 0x0464 */ std %f0,[%o0+96]
-/* 0x0468 */ std %f0,[%o0+104]
-/* 0x046c */ std %f0,[%o0+112]
-/* 0x0470 */ std %f0,[%o0+120]
-/* 0x0474 */ std %f0,[%o0+128]
-/* 0x0478 */ std %f0,[%o0+136]
-/* 0x047c */ std %f0,[%o0+144]
-/* 0x0480 */ std %f0,[%o0+152]
-/* 0x0484 */ std %f0,[%o0+160]
-/* 0x0488 */ std %f0,[%o0+168]
-/* 0x048c */ fmovs %f0,%f4
-/* 0x0490 */ std %f0,[%o0+176]
-/* 0x0494 281 */ or %g0,0,%o1
-/* 0x0498 273 */ std %f0,[%o0+184]
-/* 0x049c */ fxtod %f4,%f4
-/* 0x04a0 */ std %f0,[%o0+192]
-/* 0x04a4 */ std %f0,[%o0+200]
-/* 0x04a8 */ std %f0,[%o0+208]
-/* 0x04ac 278 */ fmuld %f4,%f2,%f2
-/* 0x04b0 273 */ std %f0,[%o0+216]
-/* 0x04b4 */ std %f0,[%o0+224]
-/* 0x04b8 */ std %f0,[%o0+232]
-/* 0x04bc */ std %f0,[%o0+240]
-/* 0x04c0 */ std %f0,[%o0+248]
-/* 0x04c4 */ std %f0,[%o0+256]
-/* 0x04c8 */ std %f0,[%o0+264]
-/* 0x04cc */ std %f0,[%o0+272]
-/* 0x04d0 */ std %f0,[%o0+280]
-/* 0x04d4 */ std %f0,[%o0+288]
-/* 0x04d8 */ std %f0,[%o0+296]
-/* 0x04dc */ std %f0,[%o0+304]
-/* 0x04e0 */ std %f0,[%o0+312]
-/* 0x04e4 */ std %f0,[%o0+320]
-/* 0x04e8 */ std %f0,[%o0+328]
-/* 0x04ec */ std %f0,[%o0+336]
-/* 0x04f0 */ std %f0,[%o0+344]
-/* 0x04f4 */ std %f0,[%o0+352]
-/* 0x04f8 */ std %f0,[%o0+360]
-/* 0x04fc */ std %f0,[%o0+368]
-/* 0x0500 */ std %f0,[%o0+376]
-/* 0x0504 */ std %f0,[%o0+384]
-/* 0x0508 */ std %f0,[%o0+392]
-/* 0x050c */ std %f0,[%o0+400]
-/* 0x0510 */ std %f0,[%o0+408]
-/* 0x0514 */ std %f0,[%o0+416]
-/* 0x0518 */ std %f0,[%o0+424]
-/* 0x051c */ std %f0,[%o0+432]
-/* 0x0520 */ std %f0,[%o0+440]
-/* 0x0524 */ std %f0,[%o0+448]
-/* 0x0528 */ std %f0,[%o0+456]
-/* 0x052c */ std %f0,[%o0+464]
-/* 0x0530 */ std %f0,[%o0+472]
-/* 0x0534 */ std %f0,[%o0+480]
-/* 0x0538 */ std %f0,[%o0+488]
-/* 0x053c */ std %f0,[%o0+496]
-/* 0x0540 */ std %f0,[%o0+504]
-/* 0x0544 */ std %f0,[%o0+512]
-/* 0x0548 */ std %f0,[%o0+520]
-/* 0x054c */ ldd [%g5],%f0
-/* 0x0550 */ ldd [%g1],%f8
-/* 0x0554 */ fmuld %f2,%f0,%f6
-/* 0x0558 275 */ ldd [%i4],%f4
-/* 0x055c 276 */ ldd [%i2],%f0
-/* 0x0560 */ fdtox %f6,%f6
-/* 0x0564 */ fxtod %f6,%f6
-/* 0x0568 */ fmuld %f6,%f8,%f6
-/* 0x056c */ fsubd %f2,%f6,%f2
-/* 0x0570 286 */ fmuld %f4,%f2,%f12
-
-! 282 ! {
-! 284 ! m2j=pdm2[j];
-! 285 ! a=pdtj[0]+pdn_0*digit;
-! 286 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-
-! 287 ! pdtj[1]=b;
-! 289 ! /**** this loop will be fully unrolled:
-! 290 ! for(i=1;i<16;i++)
-! 291 ! {
-! 292 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 293 ! }
-! 294 ! *************************************/
-! 295 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-! 296 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-! 297 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-! 298 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-! 299 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-! 300 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-! 301 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-! 302 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-! 303 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-! 304 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-! 305 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-! 306 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-! 307 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-! 308 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-! 309 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-! 310 ! /* no need for cleenup, cannot overflow */
-! 311 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-
- fmovd %f2,%f0 ! hand modified
- fmovd %f16,%f18 ! hand modified
- ldd [%i4],%f2
- ldd [%o4],%f8
- ldd [%i2],%f10
- ldd [%g5],%f14 ! hand modified
- ldd [%g1],%f16 ! hand modified
- ldd [%i3],%f24
-
- ldd [%i2+8],%f26
- ldd [%i2+16],%f40
- ldd [%i2+48],%f46
- ldd [%i2+56],%f30
- ldd [%i2+64],%f54
- ldd [%i2+104],%f34
- ldd [%i2+112],%f58
-
- ldd [%i4+8],%f28
- ldd [%i4+104],%f38
- ldd [%i4+112],%f60
-
- .L99999999: !1
- ldd [%i2+24],%f32
- fmuld %f0,%f2,%f4 !2
- ldd [%i4+24],%f36
- fmuld %f26,%f24,%f20 !3
- ldd [%i2+40],%f42
- fmuld %f28,%f0,%f22 !4
- ldd [%i4+40],%f44
- fmuld %f32,%f24,%f32 !5
- ldd [%i3+8],%f6
- faddd %f4,%f8,%f4
- fmuld %f36,%f0,%f36 !6
- add %i3,8,%i3
- ldd [%i4+56],%f50
- fmuld %f42,%f24,%f42 !7
- ldd [%i2+72],%f52
- faddd %f20,%f22,%f20
- fmuld %f44,%f0,%f44 !8
- ldd [%o4+16],%f22
- fmuld %f10,%f6,%f12 !9
- ldd [%i4+72],%f56
- faddd %f32,%f36,%f32
- fmuld %f14,%f4,%f4 !10
- ldd [%o4+48],%f36
- fmuld %f30,%f24,%f48 !11
- ldd [%o4+8],%f8
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50 !12
- std %f20,[%o4+16]
- faddd %f42,%f44,%f42
- fmuld %f52,%f24,%f52 !13
- ldd [%o4+80],%f44
- faddd %f4,%f12,%f4
- fmuld %f56,%f0,%f56 !14
- ldd [%i2+88],%f20
- faddd %f32,%f36,%f32 !15
- ldd [%i4+88],%f22
- faddd %f48,%f50,%f48 !16
- ldd [%o4+112],%f50
- faddd %f52,%f56,%f52 !17
- ldd [%o4+144],%f56
- faddd %f4,%f8,%f8
- fmuld %f20,%f24,%f20 !18
- std %f32,[%o4+48]
- faddd %f42,%f44,%f42
- fmuld %f22,%f0,%f22 !19
- std %f42,[%o4+80]
- faddd %f48,%f50,%f48
- fmuld %f34,%f24,%f32 !20
- std %f48,[%o4+112]
- faddd %f52,%f56,%f52
- fmuld %f38,%f0,%f36 !21
- ldd [%i2+120],%f42
- fdtox %f8,%f4 !22
- std %f52,[%o4+144]
- faddd %f20,%f22,%f20 !23
- ldd [%i4+120],%f44 !24
- ldd [%o4+176],%f22
- faddd %f32,%f36,%f32
- fmuld %f42,%f24,%f42 !25
- ldd [%i4+16],%f50
- fmovs %f17,%f4 !26
- ldd [%i2+32],%f52
- fmuld %f44,%f0,%f44 !27
- ldd [%i4+32],%f56
- fmuld %f40,%f24,%f48 !28
- ldd [%o4+208],%f36
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50 !29
- std %f20,[%o4+176]
- fxtod %f4,%f4
- fmuld %f52,%f24,%f52 !30
- ldd [%i4+48],%f22
- faddd %f42,%f44,%f42
- fmuld %f56,%f0,%f56 !31
- ldd [%o4+240],%f44
- faddd %f32,%f36,%f32 !32
- std %f32,[%o4+208]
- faddd %f48,%f50,%f48
- fmuld %f46,%f24,%f20 !33
- ldd [%o4+32],%f50
- fmuld %f4,%f18,%f12 !34
- ldd [%i4+64],%f36
- faddd %f52,%f56,%f52
- fmuld %f22,%f0,%f22 !35
- ldd [%o4+64],%f56
- faddd %f42,%f44,%f42 !36
- std %f42,[%o4+240]
- faddd %f48,%f50,%f48
- fmuld %f54,%f24,%f32 !37
- std %f48,[%o4+32]
- fmuld %f12,%f14,%f4 !38
- ldd [%i2+80],%f42
- faddd %f52,%f56,%f56 ! yes, tmp52!
- fmuld %f36,%f0,%f36 !39
- ldd [%i4+80],%f44
- faddd %f20,%f22,%f20 !40
- ldd [%i2+96],%f48
- fmuld %f58,%f24,%f52 !41
- ldd [%i4+96],%f50
- fdtox %f4,%f4
- fmuld %f42,%f24,%f42 !42
- std %f56,[%o4+64] ! yes, tmp52!
- faddd %f32,%f36,%f32
- fmuld %f44,%f0,%f44 !43
- ldd [%o4+96],%f22
- fmuld %f48,%f24,%f48 !44
- ldd [%o4+128],%f36
- fmovd %f6,%f24
- fmuld %f50,%f0,%f50 !45
- fxtod %f4,%f4
- fmuld %f60,%f0,%f56 !46
- add %o4,8,%o4
- faddd %f42,%f44,%f42 !47
- ldd [%o4+160-8],%f44
- faddd %f20,%f22,%f20 !48
- std %f20,[%o4+96-8]
- faddd %f48,%f50,%f48 !49
- ldd [%o4+192-8],%f50
- faddd %f52,%f56,%f52
- fmuld %f4,%f16,%f4 !50
- ldd [%o4+224-8],%f56
- faddd %f32,%f36,%f32 !51
- std %f32,[%o4+128-8]
- faddd %f42,%f44,%f42 !52
- add %o3,1,%o3
- std %f42,[%o4+160-8]
- faddd %f48,%f50,%f48 !53
- cmp %o3,31
- std %f48,[%o4+192-8]
- fsubd %f12,%f4,%f0 !54
- faddd %f52,%f56,%f52
- ble,pt %icc,.L99999999
- std %f52,[%o4+224-8] !55
- std %f8,[%o4]
-
-! 312 ! }
-! 313 ! }
-! 315 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-
-/* 0x07c8 315 */ sll %i0,4,%g2
- .L900000653:
-/* 0x07cc 315 */ add %i1,%g2,%i1
-/* 0x07d0 242 */ ld [%fp+68],%o0
-/* 0x07d4 315 */ or %g0,0,%o4
-/* 0x07d8 */ ldd [%i1],%f0
-/* 0x07dc */ or %g0,0,%g5
-/* 0x07e0 */ cmp %i0,0
-/* 0x07e4 242 */ or %g0,%o0,%o3
-/* 0x07e8 311 */ sub %i0,1,%g1
-/* 0x07ec 315 */ fdtox %f0,%f0
-/* 0x07f0 */ std %f0,[%sp+120]
-/* 0x07f4 311 */ sethi %hi(0xfc00),%o1
-/* 0x07f8 */ add %g1,1,%g3
-/* 0x07fc */ or %g0,%o0,%g4
-/* 0x0800 315 */ ldd [%i1+8],%f0
-/* 0x0804 */ add %o1,1023,%o1
-/* 0x0808 */ fdtox %f0,%f0
-/* 0x080c */ std %f0,[%sp+112]
-/* 0x0810 */ ldx [%sp+112],%o5
-/* 0x0814 */ ldx [%sp+120],%o7
-/* 0x0818 */ ble,pt %icc,.L900000651
-/* 0x081c */ sethi %hi(0xfc00),%g2
-/* 0x0820 311 */ or %g0,-1,%g2
-/* 0x0824 315 */ cmp %g3,3
-/* 0x0828 311 */ srl %g2,0,%o2
-/* 0x082c 315 */ bl,pn %icc,.L77000287
-/* 0x0830 */ or %g0,%i1,%g2
-/* 0x0834 */ ldd [%i1+16],%f0
-/* 0x0838 */ and %o5,%o1,%o0
-/* 0x083c */ add %i1,16,%g2
-/* 0x0840 */ sllx %o0,16,%g3
-/* 0x0844 */ and %o7,%o2,%o0
-/* 0x0848 */ fdtox %f0,%f0
-/* 0x084c */ std %f0,[%sp+104]
-/* 0x0850 */ add %o0,%g3,%o4
-/* 0x0854 */ ldd [%i1+24],%f2
-/* 0x0858 */ srax %o5,16,%o0
-/* 0x085c */ add %o3,4,%g4
-/* 0x0860 */ stx %o0,[%sp+128]
-/* 0x0864 */ and %o4,%o2,%o0
-/* 0x0868 */ stx %o0,[%sp+112]
-/* 0x086c */ srax %o4,32,%o0
-/* 0x0870 */ fdtox %f2,%f0
-/* 0x0874 */ stx %o0,[%sp+136]
-/* 0x0878 */ srax %o7,32,%o4
-/* 0x087c */ std %f0,[%sp+96]
-/* 0x0880 */ ldx [%sp+128],%g5
-/* 0x0884 */ ldx [%sp+136],%o7
-/* 0x0888 */ ldx [%sp+104],%g3
-/* 0x088c */ add %g5,%o7,%o0
-/* 0x0890 */ or %g0,1,%g5
-/* 0x0894 */ ldx [%sp+112],%o7
-/* 0x0898 */ add %o4,%o0,%o4
-/* 0x089c */ ldx [%sp+96],%o5
-/* 0x08a0 */ st %o7,[%o3]
-/* 0x08a4 */ or %g0,%g3,%o7
- .L900000634:
-/* 0x08a8 */ ldd [%g2+16],%f0
-/* 0x08ac */ add %g5,1,%g5
-/* 0x08b0 */ add %g4,4,%g4
-/* 0x08b4 */ cmp %g5,%g1
-/* 0x08b8 */ add %g2,16,%g2
-/* 0x08bc */ fdtox %f0,%f0
-/* 0x08c0 */ std %f0,[%sp+104]
-/* 0x08c4 */ ldd [%g2+8],%f0
-/* 0x08c8 */ fdtox %f0,%f0
-/* 0x08cc */ std %f0,[%sp+96]
-/* 0x08d0 */ and %o5,%o1,%g3
-/* 0x08d4 */ sllx %g3,16,%g3
-/* 0x08d8 */ stx %g3,[%sp+120]
-/* 0x08dc */ and %o7,%o2,%g3
-/* 0x08e0 */ stx %o7,[%sp+128]
-/* 0x08e4 */ ldx [%sp+120],%o7
-/* 0x08e8 */ add %g3,%o7,%g3
-/* 0x08ec */ ldx [%sp+128],%o7
-/* 0x08f0 */ srax %o5,16,%o5
-/* 0x08f4 */ add %g3,%o4,%g3
-/* 0x08f8 */ srax %g3,32,%o4
-/* 0x08fc */ stx %o4,[%sp+112]
-/* 0x0900 */ srax %o7,32,%o4
-/* 0x0904 */ ldx [%sp+112],%o7
-/* 0x0908 */ add %o5,%o7,%o7
-/* 0x090c */ ldx [%sp+96],%o5
-/* 0x0910 */ add %o4,%o7,%o4
-/* 0x0914 */ and %g3,%o2,%g3
-/* 0x0918 */ ldx [%sp+104],%o7
-/* 0x091c */ ble,pt %icc,.L900000634
-/* 0x0920 */ st %g3,[%g4-4]
- .L900000637:
-/* 0x0924 */ ba .L900000651
-/* 0x0928 */ sethi %hi(0xfc00),%g2
- .L77000287:
-/* 0x092c */ ldd [%g2+16],%f0
- .L900000650:
-/* 0x0930 */ and %o7,%o2,%o0
-/* 0x0934 */ and %o5,%o1,%g3
-/* 0x0938 */ fdtox %f0,%f0
-/* 0x093c */ add %o4,%o0,%o0
-/* 0x0940 */ std %f0,[%sp+104]
-/* 0x0944 */ add %g5,1,%g5
-/* 0x0948 */ sllx %g3,16,%o4
-/* 0x094c */ ldd [%g2+24],%f2
-/* 0x0950 */ add %g2,16,%g2
-/* 0x0954 */ add %o0,%o4,%o4
-/* 0x0958 */ cmp %g5,%g1
-/* 0x095c */ srax %o5,16,%o0
-/* 0x0960 */ stx %o0,[%sp+112]
-/* 0x0964 */ and %o4,%o2,%g3
-/* 0x0968 */ srax %o4,32,%o5
-/* 0x096c */ fdtox %f2,%f0
-/* 0x0970 */ std %f0,[%sp+96]
-/* 0x0974 */ srax %o7,32,%o4
-/* 0x0978 */ ldx [%sp+112],%o7
-/* 0x097c */ add %o7,%o5,%o7
-/* 0x0980 */ ldx [%sp+104],%o5
-/* 0x0984 */ add %o4,%o7,%o4
-/* 0x0988 */ ldx [%sp+96],%o0
-/* 0x098c */ st %g3,[%g4]
-/* 0x0990 */ or %g0,%o5,%o7
-/* 0x0994 */ add %g4,4,%g4
-/* 0x0998 */ or %g0,%o0,%o5
-/* 0x099c */ ble,a,pt %icc,.L900000650
-/* 0x09a0 */ ldd [%g2+16],%f0
- .L77000236:
-/* 0x09a4 */ sethi %hi(0xfc00),%g2
- .L900000651:
-/* 0x09a8 */ or %g0,-1,%o0
-/* 0x09ac */ add %g2,1023,%g2
-/* 0x09b0 */ ld [%fp+88],%o1
-/* 0x09b4 */ srl %o0,0,%g3
-/* 0x09b8 */ and %o5,%g2,%g2
-/* 0x09bc */ and %o7,%g3,%g4
-
-! 317 ! adjust_montf_result(result,nint,nlen);
-
-/* 0x09c0 317 */ or %g0,-1,%o5
-/* 0x09c4 311 */ sllx %g2,16,%g2
-/* 0x09c8 */ add %o4,%g4,%g4
-/* 0x09cc */ add %g4,%g2,%g2
-/* 0x09d0 */ sll %g5,2,%g4
-/* 0x09d4 */ and %g2,%g3,%g2
-/* 0x09d8 */ st %g2,[%o3+%g4]
-/* 0x09dc 317 */ sll %i0,2,%g2
-/* 0x09e0 */ ld [%o3+%g2],%g2
-/* 0x09e4 */ cmp %g2,0
-/* 0x09e8 */ bleu,pn %icc,.L77000241
-/* 0x09ec */ or %g0,%o1,%o2
-/* 0x09f0 */ ba .L900000649
-/* 0x09f4 */ cmp %o5,0
- .L77000241:
-/* 0x09f8 */ sub %i0,1,%o5
-/* 0x09fc */ sll %o5,2,%g2
-/* 0x0a00 */ cmp %o5,0
-/* 0x0a04 */ bl,pt %icc,.L900000649
-/* 0x0a08 */ cmp %o5,0
-/* 0x0a0c */ add %o1,%g2,%o1
-/* 0x0a10 */ add %o3,%g2,%o4
-/* 0x0a14 */ ld [%o1],%g2
- .L900000648:
-/* 0x0a18 */ ld [%o4],%g3
-/* 0x0a1c */ sub %o5,1,%o0
-/* 0x0a20 */ sub %o1,4,%o1
-/* 0x0a24 */ sub %o4,4,%o4
-/* 0x0a28 */ cmp %g3,%g2
-/* 0x0a2c */ bne,pn %icc,.L77000244
-/* 0x0a30 */ nop
-/* 0x0a34 0 */ or %g0,%o0,%o5
-/* 0x0a38 317 */ cmp %o0,0
-/* 0x0a3c */ bge,a,pt %icc,.L900000648
-/* 0x0a40 */ ld [%o1],%g2
- .L77000244:
-/* 0x0a44 */ cmp %o5,0
- .L900000649:
-/* 0x0a48 */ bl,pn %icc,.L77000288
-/* 0x0a4c */ sll %o5,2,%g2
-/* 0x0a50 */ ld [%o2+%g2],%g3
-/* 0x0a54 */ ld [%o3+%g2],%g2
-/* 0x0a58 */ cmp %g2,%g3
-/* 0x0a5c */ bleu,pt %icc,.L77000224
-/* 0x0a60 */ nop
- .L77000288:
-/* 0x0a64 */ cmp %i0,0
-/* 0x0a68 */ ble,pt %icc,.L77000224
-/* 0x0a6c */ nop
-/* 0x0a70 317 */ sub %i0,1,%o7
-/* 0x0a74 */ or %g0,-1,%g2
-/* 0x0a78 */ srl %g2,0,%o4
-/* 0x0a7c */ add %o7,1,%o0
-/* 0x0a80 315 */ or %g0,0,%o5
-/* 0x0a84 */ or %g0,0,%g1
-/* 0x0a88 */ cmp %o0,3
-/* 0x0a8c */ bl,pn %icc,.L77000289
-/* 0x0a90 */ add %o3,8,%o1
-/* 0x0a94 */ add %o2,4,%o0
-/* 0x0a98 */ ld [%o1-8],%g2
-/* 0x0a9c 0 */ or %g0,%o1,%o3
-/* 0x0aa0 315 */ ld [%o0-4],%g3
-/* 0x0aa4 0 */ or %g0,%o0,%o2
-/* 0x0aa8 315 */ or %g0,2,%g1
-/* 0x0aac */ ld [%o3-4],%o0
-/* 0x0ab0 */ sub %g2,%g3,%g2
-/* 0x0ab4 */ or %g0,%g2,%o5
-/* 0x0ab8 */ and %g2,%o4,%g2
-/* 0x0abc */ st %g2,[%o3-8]
-/* 0x0ac0 */ srax %o5,32,%o5
- .L900000638:
-/* 0x0ac4 */ ld [%o2],%g2
-/* 0x0ac8 */ add %g1,1,%g1
-/* 0x0acc */ add %o2,4,%o2
-/* 0x0ad0 */ cmp %g1,%o7
-/* 0x0ad4 */ add %o3,4,%o3
-/* 0x0ad8 */ sub %o0,%g2,%o0
-/* 0x0adc */ add %o0,%o5,%o5
-/* 0x0ae0 */ and %o5,%o4,%g2
-/* 0x0ae4 */ ld [%o3-4],%o0
-/* 0x0ae8 */ st %g2,[%o3-8]
-/* 0x0aec */ ble,pt %icc,.L900000638
-/* 0x0af0 */ srax %o5,32,%o5
- .L900000641:
-/* 0x0af4 */ ld [%o2],%o1
-/* 0x0af8 */ sub %o0,%o1,%o0
-/* 0x0afc */ add %o0,%o5,%o0
-/* 0x0b00 */ and %o0,%o4,%o1
-/* 0x0b04 */ st %o1,[%o3-4]
-/* 0x0b08 */ ret ! Result =
-/* 0x0b0c */ restore %g0,%g0,%g0
- .L77000289:
-/* 0x0b10 */ ld [%o3],%o0
- .L900000647:
-/* 0x0b14 */ ld [%o2],%o1
-/* 0x0b18 */ add %o5,%o0,%o0
-/* 0x0b1c */ add %g1,1,%g1
-/* 0x0b20 */ add %o2,4,%o2
-/* 0x0b24 */ cmp %g1,%o7
-/* 0x0b28 */ sub %o0,%o1,%o0
-/* 0x0b2c */ and %o0,%o4,%o1
-/* 0x0b30 */ st %o1,[%o3]
-/* 0x0b34 */ add %o3,4,%o3
-/* 0x0b38 */ srax %o0,32,%o5
-/* 0x0b3c */ ble,a,pt %icc,.L900000647
-/* 0x0b40 */ ld [%o3],%o0
- .L77000224:
-/* 0x0b44 */ ret ! Result =
-/* 0x0b48 */ restore %g0,%g0,%g0
-/* 0x0b4c 0 */ .type mont_mulf_noconv,2
-/* 0x0b4c */ .size mont_mulf_noconv,(.-mont_mulf_noconv)
-
-! Begin Disassembling Stabs
- .xstabs ".stab.index","Xa ; O ; P ; V=3.1 ; R=WorkShop Compilers 5.0 98/12/15 C 5.0",60,0,0,0 ! (/usr/tmp/acompAAA7YaaOM:1)
- .xstabs ".stab.index","/h/interzone/d3/nelsonb/nss_tip/mozilla/security/nss/lib/freebl/mpi32; /tools/ns/workshop-5.0/bin/../SC5.0/bin/cc -fast -xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -Wc,-Qrm-Qd -Wc,-Qrm-Qf -Wc,-assembly -V -W0,-xp -KPIC -mt -o montmulf.o -c montmulf.il montmulf.c -W0,-xp",52,0,0,0 ! (/usr/tmp/acompAAA7YaaOM:2)
-! End Disassembling Stabs
-
-! Begin Disassembling Ident
- .ident "cg: WorkShop Compilers 5.0 99/08/12 Compiler Common 5.0 Patch 107357-05" ! (NO SOURCE LINE)
- .ident "acomp: WorkShop Compilers 5.0 98/12/15 C 5.0" ! (/usr/tmp/acompAAA7YaaOM:36)
-! End Disassembling Ident
diff --git a/security/nss/lib/freebl/mpi/montmulfv9.il b/security/nss/lib/freebl/mpi/montmulfv9.il
deleted file mode 100644
index 047785161..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv9.il
+++ /dev/null
@@ -1,122 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is inline macros for SPARC Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
-!
-! double upper32(double /*frs1*/);
-!
- .inline upper32,8
- fdtox %f0,%f10
- fitod %f10,%f0
- .end
-
-!
-! double lower32(double /*frs1*/, double /* Zero */);
-!
- .inline lower32,8
- fdtox %f0,%f10
- fmovs %f2,%f10
- fxtod %f10,%f0
- .end
-
-!
-! double mod(double /*x*/, double /*1/m*/, double /*m*/);
-!
- .inline mod,12
- fmuld %f0,%f2,%f2
- fdtox %f2,%f2
- fxtod %f2,%f2
- fmuld %f2,%f4,%f2
- fsubd %f0,%f2,%f0
- .end
-
-
-!
-! void i16_to_d16_and_d32x4(double * /*1/(2^16)*/, double * /* 2^16*/,
-! double * /* 0 */,
-! double * /*result16*/, double * /* result32 */
-! float * /*source - should be unsigned int*
-! converted to float* */);
-!
- .inline i16_to_d16_and_d32x4,24
- ldd [%o0],%f2 ! 1/(2^16)
- ldd [%o1],%f4 ! 2^16
- ldd [%o2],%f22
-
- fmovd %f22,%f6
- ld [%o5],%f7
- fmovd %f22,%f10
- ld [%o5+4],%f11
- fmovd %f22,%f14
- ld [%o5+8],%f15
- fmovd %f22,%f18
- ld [%o5+12],%f19
- fxtod %f6,%f6
- std %f6,[%o4]
- fxtod %f10,%f10
- std %f10,[%o4+8]
- fxtod %f14,%f14
- std %f14,[%o4+16]
- fxtod %f18,%f18
- std %f18,[%o4+24]
- fmuld %f2,%f6,%f8
- fmuld %f2,%f10,%f12
- fmuld %f2,%f14,%f16
- fmuld %f2,%f18,%f20
- fdtox %f8,%f8
- fdtox %f12,%f12
- fdtox %f16,%f16
- fdtox %f20,%f20
- fxtod %f8,%f8
- std %f8,[%o3+8]
- fxtod %f12,%f12
- std %f12,[%o3+24]
- fxtod %f16,%f16
- std %f16,[%o3+40]
- fxtod %f20,%f20
- std %f20,[%o3+56]
- fmuld %f8,%f4,%f8
- fmuld %f12,%f4,%f12
- fmuld %f16,%f4,%f16
- fmuld %f20,%f4,%f20
- fsubd %f6,%f8,%f8
- std %f8,[%o3]
- fsubd %f10,%f12,%f12
- std %f12,[%o3+16]
- fsubd %f14,%f16,%f16
- std %f16,[%o3+32]
- fsubd %f18,%f20,%f20
- std %f20,[%o3+48]
- .end
-
-
diff --git a/security/nss/lib/freebl/mpi/montmulfv9.s b/security/nss/lib/freebl/mpi/montmulfv9.s
deleted file mode 100644
index 3a0a17f7e..000000000
--- a/security/nss/lib/freebl/mpi/montmulfv9.s
+++ /dev/null
@@ -1,2386 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is SPARC hand-optimized Montgomery multiply functions.
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-!
-! $Id$
-!
-
- .section ".text",#alloc,#execinstr
- .file "montmulf.c"
-
- .section ".rodata",#alloc
- .global TwoTo16
- .align 8
-!
-! CONSTANT POOL
-!
- .global TwoTo16
-TwoTo16:
- .word 1089470464
- .word 0
- .type TwoTo16,#object
- .size TwoTo16,8
- .global TwoToMinus16
-!
-! CONSTANT POOL
-!
- .global TwoToMinus16
-TwoToMinus16:
- .word 1055916032
- .word 0
- .type TwoToMinus16,#object
- .size TwoToMinus16,8
- .global Zero
-!
-! CONSTANT POOL
-!
- .global Zero
-Zero:
- .word 0
- .word 0
- .type Zero,#object
- .size Zero,8
- .global TwoTo32
-!
-! CONSTANT POOL
-!
- .global TwoTo32
-TwoTo32:
- .word 1106247680
- .word 0
- .type TwoTo32,#object
- .size TwoTo32,8
- .global TwoToMinus32
-!
-! CONSTANT POOL
-!
- .global TwoToMinus32
-TwoToMinus32:
- .word 1039138816
- .word 0
- .type TwoToMinus32,#object
- .size TwoToMinus32,8
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .register %g3,#scratch
-/* 000000 */ .register %g2,#scratch
-/* 000000 0 */ .align 8
-!
-! SUBROUTINE conv_d16_to_i32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_d16_to_i32
- conv_d16_to_i32:
-/* 000000 */ save %sp,-208,%sp
-! FILE montmulf.c
-
-! 1 !/*
-! 2 ! * The contents of this file are subject to the Mozilla Public
-! 3 ! * License Version 1.1 (the "License"); you may not use this file
-! 4 ! * except in compliance with the License. You may obtain a copy of
-! 5 ! * the License at http://www.mozilla.org/MPL/
-! 6 ! *
-! 7 ! * Software distributed under the License is distributed on an "AS
-! 8 ! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! 9 ! * implied. See the License for the specific language governing
-! 10 ! * rights and limitations under the License.
-! 11 ! *
-! 12 ! * The Original Code is SPARC optimized Montgomery multiply functions.
-! 13 ! *
-! 14 ! * The Initial Developer of the Original Code is Sun Microsystems Inc.
-! 15 ! * Portions created by Sun Microsystems Inc. are
-! 16 ! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-! 17 ! *
-! 18 ! * Contributor(s):
-! 19 ! * Netscape Communications Corporation
-! 20 ! *
-! 21 ! * Alternatively, the contents of this file may be used under the
-! 22 ! * terms of the GNU General Public License Version 2 or later (the
-! 23 ! * "GPL"), in which case the provisions of the GPL are applicable
-! 24 ! * instead of those above. If you wish to allow use of your
-! 25 ! * version of this file only under the terms of the GPL and not to
-! 26 ! * allow others to use your version of this file under the MPL,
-! 27 ! * indicate your decision by deleting the provisions above and
-! 28 ! * replace them with the notice and other provisions required by
-! 29 ! * the GPL. If you do not delete the provisions above, a recipient
-! 30 ! * may use your version of this file under either the MPL or the
-! 31 ! * GPL.
-! 32 ! *
-! 33 ! * $Id$
-! 34 ! */
-! 36 !#define RF_INLINE_MACROS
-! 38 !static const double TwoTo16=65536.0;
-! 39 !static const double TwoToMinus16=1.0/65536.0;
-! 40 !static const double Zero=0.0;
-! 41 !static const double TwoTo32=65536.0*65536.0;
-! 42 !static const double TwoToMinus32=1.0/(65536.0*65536.0);
-! 44 !#ifdef RF_INLINE_MACROS
-! 46 !double upper32(double);
-! 47 !double lower32(double, double);
-! 48 !double mod(double, double, double);
-! 50 !void i16_to_d16_and_d32x4(const double * /*1/(2^16)*/,
-! 51 ! const double * /* 2^16*/,
-! 52 ! const double * /* 0 */,
-! 53 ! double * /*result16*/,
-! 54 ! double * /* result32 */,
-! 55 ! float * /*source - should be unsigned int*
-! 56 ! converted to float* */);
-! 58 !#else
-! 60 !static double upper32(double x)
-! 61 !{
-! 62 ! return floor(x*TwoToMinus32);
-! 63 !}
-! 65 !static double lower32(double x, double y)
-! 66 !{
-! 67 ! return x-TwoTo32*floor(x*TwoToMinus32);
-! 68 !}
-! 70 !static double mod(double x, double oneoverm, double m)
-! 71 !{
-! 72 ! return x-m*floor(x*oneoverm);
-! 73 !}
-! 75 !#endif
-! 78 !static void cleanup(double *dt, int from, int tlen)
-! 79 !{
-! 80 ! int i;
-! 81 ! double tmp,tmp1,x,x1;
-! 83 ! tmp=tmp1=Zero;
-! 84 ! /* original code **
-! 85 ! for(i=2*from;i<2*tlen-2;i++)
-! 86 ! {
-! 87 ! x=dt[i];
-! 88 ! dt[i]=lower32(x,Zero)+tmp1;
-! 89 ! tmp1=tmp;
-! 90 ! tmp=upper32(x);
-! 91 ! }
-! 92 ! dt[tlen-2]+=tmp1;
-! 93 ! dt[tlen-1]+=tmp;
-! 94 ! **end original code ***/
-! 95 ! /* new code ***/
-! 96 ! for(i=2*from;i<2*tlen;i+=2)
-! 97 ! {
-! 98 ! x=dt[i];
-! 99 ! x1=dt[i+1];
-! 100 ! dt[i]=lower32(x,Zero)+tmp;
-! 101 ! dt[i+1]=lower32(x1,Zero)+tmp1;
-! 102 ! tmp=upper32(x);
-! 103 ! tmp1=upper32(x1);
-! 104 ! }
-! 105 ! /** end new code **/
-! 106 !}
-! 109 !void conv_d16_to_i32(unsigned int *i32, double *d16, long long *tmp, int ilen)
-! 110 !{
-! 111 !int i;
-! 112 !long long t, t1, a, b, c, d;
-! 114 ! t1=0;
-! 115 ! a=(long long)d16[0];
-
-/* 0x0004 115 */ ldd [%i1],%f2
-
-! 116 ! b=(long long)d16[1];
-! 117 ! for(i=0; i<ilen-1; i++)
-
-/* 0x0008 117 */ sub %i3,1,%o1
-/* 0x000c 110 */ or %g0,%i0,%g1
-/* 0x0010 116 */ ldd [%i1+8],%f4
-/* 0x0014 117 */ cmp %o1,0
-/* 0x0018 114 */ or %g0,0,%g5
-/* 0x001c 115 */ fdtox %f2,%f2
-/* 0x0020 */ std %f2,[%sp+2247]
-/* 0x0024 117 */ or %g0,0,%o0
-/* 0x0028 116 */ fdtox %f4,%f2
-/* 0x002c */ std %f2,[%sp+2239]
-/* 0x0030 110 */ sub %o1,1,%o7
-/* 0x0034 */ or %g0,%i1,%o4
-/* 0x0038 */ sethi %hi(0xfc00),%o3
-/* 0x003c */ or %g0,-1,%o1
-/* 0x0040 */ or %g0,2,%i1
-/* 0x0044 */ srl %o1,0,%g3
-/* 0x0048 */ or %g0,%o4,%g4
-/* 0x004c 116 */ ldx [%sp+2239],%i2
-/* 0x0050 */ add %o3,1023,%o5
-/* 0x0054 117 */ sub %o7,1,%o2
-/* 0x0058 115 */ ldx [%sp+2247],%i3
-/* 0x005c 117 */ ble,pt %icc,.L900000113
-/* 0x0060 */ sethi %hi(0xfc00),%g2
-/* 0x0064 */ add %o7,1,%g2
-
-! 118 ! {
-! 119 ! c=(long long)d16[2*i+2];
-! 120 ! t1+=a&0xffffffff;
-! 121 ! t=(a>>32);
-! 122 ! d=(long long)d16[2*i+3];
-! 123 ! t1+=(b&0xffff)<<16;
-
-/* 0x0068 123 */ and %i2,%o5,%i4
-/* 0x006c */ sllx %i4,16,%o1
-/* 0x0070 117 */ cmp %g2,6
-/* 0x0074 */ bl,pn %icc,.L77000134
-/* 0x0078 */ or %g0,3,%i0
-/* 0x007c 119 */ ldd [%o4+16],%f0
-/* 0x0080 120 */ and %i3,%g3,%o3
-
-! 124 ! t+=(b>>16)+(t1>>32);
-
-/* 0x0084 124 */ srax %i2,16,%i5
-/* 0x0088 117 */ add %o3,%o1,%i4
-/* 0x008c 121 */ srax %i3,32,%i3
-/* 0x0090 119 */ fdtox %f0,%f0
-/* 0x0094 */ std %f0,[%sp+2231]
-
-! 125 ! i32[i]=t1&0xffffffff;
-
-/* 0x0098 125 */ and %i4,%g3,%l0
-/* 0x009c 117 */ or %g0,72,%o3
-/* 0x00a0 122 */ ldd [%g4+24],%f0
-/* 0x00a4 117 */ or %g0,64,%o4
-/* 0x00a8 */ or %g0,4,%o1
-
-! 126 ! t1=t;
-! 127 ! a=c;
-! 128 ! b=d;
-
-/* 0x00ac 128 */ or %g0,5,%i0
-/* 0x00b0 */ or %g0,4,%i1
-/* 0x00b4 119 */ ldx [%sp+2231],%g2
-/* 0x00b8 122 */ fdtox %f0,%f0
-/* 0x00bc 128 */ or %g0,4,%o0
-/* 0x00c0 122 */ std %f0,[%sp+2223]
-/* 0x00c4 */ ldd [%g4+40],%f2
-/* 0x00c8 120 */ and %g2,%g3,%i2
-/* 0x00cc 119 */ ldd [%g4+32],%f0
-/* 0x00d0 121 */ srax %g2,32,%g2
-/* 0x00d4 122 */ ldd [%g4+56],%f4
-/* 0x00d8 */ fdtox %f2,%f2
-/* 0x00dc */ ldx [%sp+2223],%g5
-/* 0x00e0 119 */ fdtox %f0,%f0
-/* 0x00e4 125 */ st %l0,[%g1]
-/* 0x00e8 124 */ srax %i4,32,%l0
-/* 0x00ec 122 */ fdtox %f4,%f4
-/* 0x00f0 */ std %f2,[%sp+2223]
-/* 0x00f4 123 */ and %g5,%o5,%i4
-/* 0x00f8 124 */ add %i5,%l0,%i5
-/* 0x00fc 119 */ std %f0,[%sp+2231]
-/* 0x0100 123 */ sllx %i4,16,%i4
-/* 0x0104 124 */ add %i3,%i5,%i3
-/* 0x0108 119 */ ldd [%g4+48],%f2
-/* 0x010c 124 */ srax %g5,16,%g5
-/* 0x0110 117 */ add %i2,%i4,%i2
-/* 0x0114 122 */ ldd [%g4+72],%f0
-/* 0x0118 117 */ add %i2,%i3,%i4
-/* 0x011c 124 */ srax %i4,32,%i5
-/* 0x0120 119 */ fdtox %f2,%f2
-/* 0x0124 125 */ and %i4,%g3,%i4
-/* 0x0128 122 */ ldx [%sp+2223],%i2
-/* 0x012c 124 */ add %g5,%i5,%g5
-/* 0x0130 119 */ ldx [%sp+2231],%i3
-/* 0x0134 124 */ add %g2,%g5,%g5
-/* 0x0138 119 */ std %f2,[%sp+2231]
-/* 0x013c 122 */ std %f4,[%sp+2223]
-/* 0x0140 119 */ ldd [%g4+64],%f2
-/* 0x0144 125 */ st %i4,[%g1+4]
- .L900000108:
-/* 0x0148 122 */ ldx [%sp+2223],%i4
-/* 0x014c 128 */ add %o0,2,%o0
-/* 0x0150 */ add %i0,4,%i0
-/* 0x0154 119 */ ldx [%sp+2231],%l0
-/* 0x0158 117 */ add %o3,16,%o3
-/* 0x015c 123 */ and %i2,%o5,%g2
-/* 0x0160 */ sllx %g2,16,%i5
-/* 0x0164 120 */ and %i3,%g3,%g2
-/* 0x0168 122 */ ldd [%g4+%o3],%f4
-/* 0x016c */ fdtox %f0,%f0
-/* 0x0170 */ std %f0,[%sp+2223]
-/* 0x0174 124 */ srax %i2,16,%i2
-/* 0x0178 117 */ add %g2,%i5,%g2
-/* 0x017c 119 */ fdtox %f2,%f0
-/* 0x0180 117 */ add %o4,16,%o4
-/* 0x0184 119 */ std %f0,[%sp+2231]
-/* 0x0188 117 */ add %g2,%g5,%g2
-/* 0x018c 119 */ ldd [%g4+%o4],%f2
-/* 0x0190 124 */ srax %g2,32,%i5
-/* 0x0194 128 */ cmp %o0,%o2
-/* 0x0198 121 */ srax %i3,32,%g5
-/* 0x019c 124 */ add %i2,%i5,%i2
-/* 0x01a0 */ add %g5,%i2,%i5
-/* 0x01a4 117 */ add %o1,4,%o1
-/* 0x01a8 125 */ and %g2,%g3,%g2
-/* 0x01ac 127 */ or %g0,%l0,%g5
-/* 0x01b0 125 */ st %g2,[%g1+%o1]
-/* 0x01b4 128 */ add %i1,4,%i1
-/* 0x01b8 122 */ ldx [%sp+2223],%i2
-/* 0x01bc 119 */ ldx [%sp+2231],%i3
-/* 0x01c0 117 */ add %o3,16,%o3
-/* 0x01c4 123 */ and %i4,%o5,%g2
-/* 0x01c8 */ sllx %g2,16,%l0
-/* 0x01cc 120 */ and %g5,%g3,%g2
-/* 0x01d0 122 */ ldd [%g4+%o3],%f0
-/* 0x01d4 */ fdtox %f4,%f4
-/* 0x01d8 */ std %f4,[%sp+2223]
-/* 0x01dc 124 */ srax %i4,16,%i4
-/* 0x01e0 117 */ add %g2,%l0,%g2
-/* 0x01e4 119 */ fdtox %f2,%f2
-/* 0x01e8 117 */ add %o4,16,%o4
-/* 0x01ec 119 */ std %f2,[%sp+2231]
-/* 0x01f0 117 */ add %g2,%i5,%g2
-/* 0x01f4 119 */ ldd [%g4+%o4],%f2
-/* 0x01f8 124 */ srax %g2,32,%i5
-/* 0x01fc 121 */ srax %g5,32,%g5
-/* 0x0200 124 */ add %i4,%i5,%i4
-/* 0x0204 */ add %g5,%i4,%g5
-/* 0x0208 117 */ add %o1,4,%o1
-/* 0x020c 125 */ and %g2,%g3,%g2
-/* 0x0210 128 */ ble,pt %icc,.L900000108
-/* 0x0214 */ st %g2,[%g1+%o1]
- .L900000111:
-/* 0x0218 122 */ ldx [%sp+2223],%o2
-/* 0x021c 123 */ and %i2,%o5,%i4
-/* 0x0220 120 */ and %i3,%g3,%g2
-/* 0x0224 123 */ sllx %i4,16,%i4
-/* 0x0228 119 */ ldx [%sp+2231],%i5
-/* 0x022c 128 */ cmp %o0,%o7
-/* 0x0230 124 */ srax %i2,16,%i2
-/* 0x0234 117 */ add %g2,%i4,%g2
-/* 0x0238 122 */ fdtox %f0,%f4
-/* 0x023c */ std %f4,[%sp+2223]
-/* 0x0240 117 */ add %g2,%g5,%g5
-/* 0x0244 123 */ and %o2,%o5,%l0
-/* 0x0248 124 */ srax %g5,32,%l1
-/* 0x024c 120 */ and %i5,%g3,%i4
-/* 0x0250 119 */ fdtox %f2,%f0
-/* 0x0254 121 */ srax %i3,32,%g2
-/* 0x0258 119 */ std %f0,[%sp+2231]
-/* 0x025c 124 */ add %i2,%l1,%i2
-/* 0x0260 123 */ sllx %l0,16,%i3
-/* 0x0264 124 */ add %g2,%i2,%i2
-/* 0x0268 */ srax %o2,16,%o2
-/* 0x026c 117 */ add %o1,4,%g2
-/* 0x0270 */ add %i4,%i3,%o1
-/* 0x0274 125 */ and %g5,%g3,%g5
-/* 0x0278 */ st %g5,[%g1+%g2]
-/* 0x027c 119 */ ldx [%sp+2231],%i3
-/* 0x0280 117 */ add %o1,%i2,%o1
-/* 0x0284 */ add %g2,4,%g2
-/* 0x0288 124 */ srax %o1,32,%i4
-/* 0x028c 122 */ ldx [%sp+2223],%i2
-/* 0x0290 125 */ and %o1,%g3,%g5
-/* 0x0294 121 */ srax %i5,32,%o1
-/* 0x0298 124 */ add %o2,%i4,%o2
-/* 0x029c 125 */ st %g5,[%g1+%g2]
-/* 0x02a0 128 */ bg,pn %icc,.L77000127
-/* 0x02a4 */ add %o1,%o2,%g5
-/* 0x02a8 */ add %i0,6,%i0
-/* 0x02ac */ add %i1,6,%i1
- .L77000134:
-/* 0x02b0 119 */ sra %i1,0,%o2
- .L900000112:
-/* 0x02b4 119 */ sllx %o2,3,%o3
-/* 0x02b8 120 */ and %i3,%g3,%o1
-/* 0x02bc 119 */ ldd [%g4+%o3],%f0
-/* 0x02c0 122 */ sra %i0,0,%o3
-/* 0x02c4 123 */ and %i2,%o5,%o2
-/* 0x02c8 122 */ sllx %o3,3,%o3
-/* 0x02cc 120 */ add %g5,%o1,%o1
-/* 0x02d0 119 */ fdtox %f0,%f0
-/* 0x02d4 */ std %f0,[%sp+2231]
-/* 0x02d8 123 */ sllx %o2,16,%o2
-/* 0x02dc */ add %o1,%o2,%o2
-/* 0x02e0 128 */ add %i1,2,%i1
-/* 0x02e4 122 */ ldd [%g4+%o3],%f0
-/* 0x02e8 124 */ srax %o2,32,%g2
-/* 0x02ec 125 */ and %o2,%g3,%o3
-/* 0x02f0 124 */ srax %i2,16,%o1
-/* 0x02f4 128 */ add %i0,2,%i0
-/* 0x02f8 122 */ fdtox %f0,%f0
-/* 0x02fc */ std %f0,[%sp+2223]
-/* 0x0300 125 */ sra %o0,0,%o2
-/* 0x0304 */ sllx %o2,2,%o2
-/* 0x0308 124 */ add %o1,%g2,%g5
-/* 0x030c 121 */ srax %i3,32,%g2
-/* 0x0310 128 */ add %o0,1,%o0
-/* 0x0314 124 */ add %g2,%g5,%g5
-/* 0x0318 128 */ cmp %o0,%o7
-/* 0x031c 119 */ ldx [%sp+2231],%o4
-/* 0x0320 122 */ ldx [%sp+2223],%i2
-/* 0x0324 125 */ st %o3,[%g1+%o2]
-/* 0x0328 127 */ or %g0,%o4,%i3
-/* 0x032c 128 */ ble,pt %icc,.L900000112
-/* 0x0330 */ sra %i1,0,%o2
- .L77000127:
-
-! 129 ! }
-! 130 ! t1+=a&0xffffffff;
-! 131 ! t=(a>>32);
-! 132 ! t1+=(b&0xffff)<<16;
-! 133 ! i32[i]=t1&0xffffffff;
-
-/* 0x0334 133 */ sethi %hi(0xfc00),%g2
- .L900000113:
-/* 0x0338 133 */ or %g0,-1,%g3
-/* 0x033c */ add %g2,1023,%g2
-/* 0x0340 */ srl %g3,0,%g3
-/* 0x0344 */ and %i2,%g2,%g2
-/* 0x0348 */ and %i3,%g3,%g4
-/* 0x034c */ sllx %g2,16,%g2
-/* 0x0350 */ add %g5,%g4,%g4
-/* 0x0354 */ sra %o0,0,%g5
-/* 0x0358 */ add %g4,%g2,%g4
-/* 0x035c */ sllx %g5,2,%g2
-/* 0x0360 */ and %g4,%g3,%g3
-/* 0x0364 */ st %g3,[%g1+%g2]
-/* 0x0368 */ ret ! Result =
-/* 0x036c */ restore %g0,%g0,%g0
-/* 0x0370 0 */ .type conv_d16_to_i32,2
-/* 0x0370 */ .size conv_d16_to_i32,(.-conv_d16_to_i32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000201:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 8
-/* 0x0008 */ .skip 24
-!
-! SUBROUTINE conv_i32_to_d32
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d32
- conv_i32_to_d32:
-/* 000000 */ or %g0,%o7,%g3
-
-! 135 !}
-! 137 !void conv_i32_to_d32(double *d32, unsigned int *i32, int len)
-! 138 !{
-! 139 !int i;
-! 141 !#pragma pipeloop(0)
-! 142 ! for(i=0;i<len;i++) d32[i]=(double)(i32[i]);
-
-/* 0x0004 142 */ cmp %o2,0
- .L900000210:
-/* 0x0008 */ call .+8
-/* 0x000c */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0010 142 */ or %g0,0,%o3
-/* 0x0014 138 */ add %g4,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000210-.)),%g4
-/* 0x0018 142 */ sub %o2,1,%o4
-/* 0x001c 138 */ add %g4,%o7,%g1
-/* 0x0020 142 */ ble,pt %icc,.L77000140
-/* 0x0024 */ or %g0,%g3,%o7
-/* 0x0028 */ sethi %hi(.L_const_seg_900000201),%g3
-/* 0x002c */ cmp %o2,12
-/* 0x0030 */ add %g3,%lo(.L_const_seg_900000201),%g2
-/* 0x0034 */ or %g0,%o1,%g5
-/* 0x0038 */ ldx [%g1+%g2],%g4
-/* 0x003c */ or %g0,0,%g1
-/* 0x0040 */ or %g0,24,%g2
-/* 0x0044 */ bl,pn %icc,.L77000144
-/* 0x0048 */ or %g0,0,%g3
-/* 0x004c */ ld [%o1],%f13
-/* 0x0050 */ or %g0,7,%o3
-/* 0x0054 */ ldd [%g4],%f8
-/* 0x0058 */ sub %o2,5,%g3
-/* 0x005c */ or %g0,8,%g1
-/* 0x0060 */ ld [%o1+4],%f11
-/* 0x0064 */ ld [%o1+8],%f7
-/* 0x0068 */ fmovs %f8,%f12
-/* 0x006c */ ld [%o1+12],%f5
-/* 0x0070 */ fmovs %f8,%f10
-/* 0x0074 */ ld [%o1+16],%f3
-/* 0x0078 */ fmovs %f8,%f6
-/* 0x007c */ ld [%o1+20],%f1
-/* 0x0080 */ fsubd %f12,%f8,%f12
-/* 0x0084 */ std %f12,[%o0]
-/* 0x0088 */ fsubd %f10,%f8,%f10
-/* 0x008c */ std %f10,[%o0+8]
- .L900000205:
-/* 0x0090 */ ld [%o1+%g2],%f11
-/* 0x0094 */ add %g1,8,%g1
-/* 0x0098 */ add %o3,5,%o3
-/* 0x009c */ fsubd %f6,%f8,%f6
-/* 0x00a0 */ add %g2,4,%g2
-/* 0x00a4 */ std %f6,[%o0+%g1]
-/* 0x00a8 */ cmp %o3,%g3
-/* 0x00ac */ fmovs %f8,%f4
-/* 0x00b0 */ ld [%o1+%g2],%f7
-/* 0x00b4 */ fsubd %f4,%f8,%f12
-/* 0x00b8 */ add %g1,8,%g1
-/* 0x00bc */ add %g2,4,%g2
-/* 0x00c0 */ fmovs %f8,%f2
-/* 0x00c4 */ std %f12,[%o0+%g1]
-/* 0x00c8 */ ld [%o1+%g2],%f5
-/* 0x00cc */ fsubd %f2,%f8,%f12
-/* 0x00d0 */ add %g1,8,%g1
-/* 0x00d4 */ add %g2,4,%g2
-/* 0x00d8 */ fmovs %f8,%f0
-/* 0x00dc */ std %f12,[%o0+%g1]
-/* 0x00e0 */ ld [%o1+%g2],%f3
-/* 0x00e4 */ fsubd %f0,%f8,%f12
-/* 0x00e8 */ add %g1,8,%g1
-/* 0x00ec */ add %g2,4,%g2
-/* 0x00f0 */ fmovs %f8,%f10
-/* 0x00f4 */ std %f12,[%o0+%g1]
-/* 0x00f8 */ ld [%o1+%g2],%f1
-/* 0x00fc */ fsubd %f10,%f8,%f10
-/* 0x0100 */ add %g1,8,%g1
-/* 0x0104 */ add %g2,4,%g2
-/* 0x0108 */ std %f10,[%o0+%g1]
-/* 0x010c */ ble,pt %icc,.L900000205
-/* 0x0110 */ fmovs %f8,%f6
- .L900000208:
-/* 0x0114 */ fmovs %f8,%f4
-/* 0x0118 */ ld [%o1+%g2],%f11
-/* 0x011c */ add %g1,8,%g3
-/* 0x0120 */ fmovs %f8,%f2
-/* 0x0124 */ add %g1,16,%g1
-/* 0x0128 */ cmp %o3,%o4
-/* 0x012c */ fmovs %f8,%f0
-/* 0x0130 */ add %g1,8,%o1
-/* 0x0134 */ add %g1,16,%o2
-/* 0x0138 */ fmovs %f8,%f10
-/* 0x013c */ add %g1,24,%g2
-/* 0x0140 */ fsubd %f6,%f8,%f6
-/* 0x0144 */ std %f6,[%o0+%g3]
-/* 0x0148 */ fsubd %f4,%f8,%f4
-/* 0x014c */ std %f4,[%o0+%g1]
-/* 0x0150 */ sra %o3,0,%g1
-/* 0x0154 */ fsubd %f2,%f8,%f2
-/* 0x0158 */ std %f2,[%o0+%o1]
-/* 0x015c */ sllx %g1,2,%g3
-/* 0x0160 */ fsubd %f0,%f8,%f0
-/* 0x0164 */ std %f0,[%o0+%o2]
-/* 0x0168 */ fsubd %f10,%f8,%f0
-/* 0x016c */ bg,pn %icc,.L77000140
-/* 0x0170 */ std %f0,[%o0+%g2]
- .L77000144:
-/* 0x0174 */ ldd [%g4],%f8
- .L900000211:
-/* 0x0178 */ ld [%g5+%g3],%f13
-/* 0x017c */ sllx %g1,3,%g2
-/* 0x0180 */ add %o3,1,%o3
-/* 0x0184 */ sra %o3,0,%g1
-/* 0x0188 */ cmp %o3,%o4
-/* 0x018c */ fmovs %f8,%f12
-/* 0x0190 */ sllx %g1,2,%g3
-/* 0x0194 */ fsubd %f12,%f8,%f0
-/* 0x0198 */ std %f0,[%o0+%g2]
-/* 0x019c */ ble,a,pt %icc,.L900000211
-/* 0x01a0 */ ldd [%g4],%f8
- .L77000140:
-/* 0x01a4 */ retl ! Result =
-/* 0x01a8 */ nop
-/* 0x01ac 0 */ .type conv_i32_to_d32,2
-/* 0x01ac */ .size conv_i32_to_d32,(.-conv_i32_to_d32)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000301:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 8
-/* 0x0008 */ .skip 24
-!
-! SUBROUTINE conv_i32_to_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d16
- conv_i32_to_d16:
-/* 000000 */ save %sp,-192,%sp
- .L900000310:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-
-! 143 !}
-! 146 !void conv_i32_to_d16(double *d16, unsigned int *i32, int len)
-! 147 !{
-! 148 !int i;
-! 149 !unsigned int a;
-! 151 !#pragma pipeloop(0)
-! 152 ! for(i=0;i<len;i++)
-
-/* 0x000c 152 */ cmp %i2,0
-/* 0x0010 147 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000310-.)),%g3
-/* 0x0014 152 */ ble,pt %icc,.L77000150
-/* 0x0018 */ add %g3,%o7,%o0
-
-! 153 ! {
-! 154 ! a=i32[i];
-! 155 ! d16[2*i]=(double)(a&0xffff);
-! 156 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x001c 156 */ sethi %hi(.L_const_seg_900000301),%g2
-/* 0x0020 147 */ or %g0,%i2,%o1
-/* 0x0024 152 */ sethi %hi(0xfc00),%g3
-/* 0x0028 156 */ add %g2,%lo(.L_const_seg_900000301),%g2
-/* 0x002c 152 */ or %g0,%o1,%g4
-/* 0x0030 156 */ ldx [%o0+%g2],%o5
-/* 0x0034 152 */ add %g3,1023,%g1
-/* 0x0038 147 */ or %g0,%i1,%o7
-/* 0x003c 152 */ or %g0,0,%i2
-/* 0x0040 */ sub %o1,1,%g5
-/* 0x0044 */ or %g0,0,%g3
-/* 0x0048 */ or %g0,1,%g2
-/* 0x004c 154 */ or %g0,0,%o2
-/* 0x0050 */ cmp %g4,6
-/* 0x0054 152 */ bl,pn %icc,.L77000154
-/* 0x0058 */ ldd [%o5],%f0
-/* 0x005c */ sub %o1,2,%o3
-/* 0x0060 */ or %g0,16,%o2
-/* 0x0064 154 */ ld [%i1],%o4
-/* 0x0068 156 */ or %g0,3,%g2
-/* 0x006c */ or %g0,2,%g3
-/* 0x0070 155 */ fmovs %f0,%f2
-/* 0x0074 156 */ or %g0,4,%i2
-/* 0x0078 155 */ and %o4,%g1,%o0
-/* 0x007c */ st %o0,[%sp+2227]
-/* 0x0080 */ fmovs %f0,%f4
-/* 0x0084 156 */ srl %o4,16,%i4
-/* 0x0088 152 */ or %g0,12,%o4
-/* 0x008c */ or %g0,24,%o0
-/* 0x0090 155 */ ld [%sp+2227],%f3
-/* 0x0094 */ fsubd %f2,%f0,%f2
-/* 0x0098 */ std %f2,[%i0]
-/* 0x009c 156 */ st %i4,[%sp+2223]
-/* 0x00a0 154 */ ld [%o7+4],%o1
-/* 0x00a4 156 */ fmovs %f0,%f2
-/* 0x00a8 155 */ and %o1,%g1,%i1
-/* 0x00ac 156 */ ld [%sp+2223],%f3
-/* 0x00b0 */ srl %o1,16,%o1
-/* 0x00b4 */ fsubd %f2,%f0,%f2
-/* 0x00b8 */ std %f2,[%i0+8]
-/* 0x00bc */ st %o1,[%sp+2223]
-/* 0x00c0 155 */ st %i1,[%sp+2227]
-/* 0x00c4 154 */ ld [%o7+8],%o1
-/* 0x00c8 156 */ fmovs %f0,%f2
-/* 0x00cc 155 */ and %o1,%g1,%g4
-/* 0x00d0 */ ld [%sp+2227],%f5
-/* 0x00d4 156 */ srl %o1,16,%o1
-/* 0x00d8 */ ld [%sp+2223],%f3
-/* 0x00dc */ st %o1,[%sp+2223]
-/* 0x00e0 155 */ fsubd %f4,%f0,%f4
-/* 0x00e4 */ st %g4,[%sp+2227]
-/* 0x00e8 156 */ fsubd %f2,%f0,%f2
-/* 0x00ec 154 */ ld [%o7+12],%o1
-/* 0x00f0 155 */ std %f4,[%i0+16]
-/* 0x00f4 156 */ std %f2,[%i0+24]
- .L900000306:
-/* 0x00f8 155 */ ld [%sp+2227],%f5
-/* 0x00fc 156 */ add %i2,2,%i2
-/* 0x0100 */ add %g2,4,%g2
-/* 0x0104 */ ld [%sp+2223],%f3
-/* 0x0108 */ cmp %i2,%o3
-/* 0x010c */ add %g3,4,%g3
-/* 0x0110 155 */ and %o1,%g1,%g4
-/* 0x0114 156 */ srl %o1,16,%o1
-/* 0x0118 155 */ st %g4,[%sp+2227]
-/* 0x011c 156 */ st %o1,[%sp+2223]
-/* 0x0120 152 */ add %o4,4,%o1
-/* 0x0124 154 */ ld [%o7+%o1],%o4
-/* 0x0128 156 */ fmovs %f0,%f2
-/* 0x012c 155 */ fmovs %f0,%f4
-/* 0x0130 */ fsubd %f4,%f0,%f4
-/* 0x0134 152 */ add %o2,16,%o2
-/* 0x0138 156 */ fsubd %f2,%f0,%f2
-/* 0x013c 155 */ std %f4,[%i0+%o2]
-/* 0x0140 152 */ add %o0,16,%o0
-/* 0x0144 156 */ std %f2,[%i0+%o0]
-/* 0x0148 155 */ ld [%sp+2227],%f5
-/* 0x014c 156 */ ld [%sp+2223],%f3
-/* 0x0150 155 */ and %o4,%g1,%g4
-/* 0x0154 156 */ srl %o4,16,%o4
-/* 0x0158 155 */ st %g4,[%sp+2227]
-/* 0x015c 156 */ st %o4,[%sp+2223]
-/* 0x0160 152 */ add %o1,4,%o4
-/* 0x0164 154 */ ld [%o7+%o4],%o1
-/* 0x0168 156 */ fmovs %f0,%f2
-/* 0x016c 155 */ fmovs %f0,%f4
-/* 0x0170 */ fsubd %f4,%f0,%f4
-/* 0x0174 152 */ add %o2,16,%o2
-/* 0x0178 156 */ fsubd %f2,%f0,%f2
-/* 0x017c 155 */ std %f4,[%i0+%o2]
-/* 0x0180 152 */ add %o0,16,%o0
-/* 0x0184 156 */ ble,pt %icc,.L900000306
-/* 0x0188 */ std %f2,[%i0+%o0]
- .L900000309:
-/* 0x018c 155 */ ld [%sp+2227],%f5
-/* 0x0190 156 */ fmovs %f0,%f2
-/* 0x0194 */ srl %o1,16,%o3
-/* 0x0198 */ ld [%sp+2223],%f3
-/* 0x019c 155 */ and %o1,%g1,%i1
-/* 0x01a0 152 */ add %o2,16,%g4
-/* 0x01a4 155 */ fmovs %f0,%f4
-/* 0x01a8 */ st %i1,[%sp+2227]
-/* 0x01ac 152 */ add %o0,16,%o2
-/* 0x01b0 156 */ st %o3,[%sp+2223]
-/* 0x01b4 154 */ sra %i2,0,%o3
-/* 0x01b8 152 */ add %g4,16,%o1
-/* 0x01bc 155 */ fsubd %f4,%f0,%f4
-/* 0x01c0 */ std %f4,[%i0+%g4]
-/* 0x01c4 152 */ add %o0,32,%o0
-/* 0x01c8 156 */ fsubd %f2,%f0,%f2
-/* 0x01cc */ std %f2,[%i0+%o2]
-/* 0x01d0 */ sllx %o3,2,%o2
-/* 0x01d4 155 */ ld [%sp+2227],%f5
-/* 0x01d8 156 */ cmp %i2,%g5
-/* 0x01dc */ add %g2,6,%g2
-/* 0x01e0 */ ld [%sp+2223],%f3
-/* 0x01e4 */ add %g3,6,%g3
-/* 0x01e8 155 */ fmovs %f0,%f4
-/* 0x01ec 156 */ fmovs %f0,%f2
-/* 0x01f0 155 */ fsubd %f4,%f0,%f4
-/* 0x01f4 */ std %f4,[%i0+%o1]
-/* 0x01f8 156 */ fsubd %f2,%f0,%f0
-/* 0x01fc */ bg,pn %icc,.L77000150
-/* 0x0200 */ std %f0,[%i0+%o0]
- .L77000154:
-/* 0x0204 155 */ ldd [%o5],%f0
- .L900000311:
-/* 0x0208 154 */ ld [%o7+%o2],%o0
-/* 0x020c 155 */ sra %g3,0,%o1
-/* 0x0210 */ fmovs %f0,%f2
-/* 0x0214 */ sllx %o1,3,%o2
-/* 0x0218 156 */ add %i2,1,%i2
-/* 0x021c 155 */ and %o0,%g1,%o1
-/* 0x0220 */ st %o1,[%sp+2227]
-/* 0x0224 156 */ add %g3,2,%g3
-/* 0x0228 */ srl %o0,16,%o1
-/* 0x022c */ cmp %i2,%g5
-/* 0x0230 */ sra %g2,0,%o0
-/* 0x0234 */ add %g2,2,%g2
-/* 0x0238 */ sllx %o0,3,%o0
-/* 0x023c 155 */ ld [%sp+2227],%f3
-/* 0x0240 154 */ sra %i2,0,%o3
-/* 0x0244 155 */ fsubd %f2,%f0,%f2
-/* 0x0248 */ std %f2,[%i0+%o2]
-/* 0x024c */ sllx %o3,2,%o2
-/* 0x0250 156 */ st %o1,[%sp+2223]
-/* 0x0254 */ fmovs %f0,%f2
-/* 0x0258 */ ld [%sp+2223],%f3
-/* 0x025c */ fsubd %f2,%f0,%f0
-/* 0x0260 */ std %f0,[%i0+%o0]
-/* 0x0264 */ ble,a,pt %icc,.L900000311
-/* 0x0268 */ ldd [%o5],%f0
- .L77000150:
-/* 0x026c */ ret ! Result =
-/* 0x0270 */ restore %g0,%g0,%g0
-/* 0x0274 0 */ .type conv_i32_to_d16,2
-/* 0x0274 */ .size conv_i32_to_d16,(.-conv_i32_to_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! CONSTANT POOL
-!
- .L_const_seg_900000401:
-/* 000000 0 */ .word 1127219200,0
-/* 0x0008 0 */ .align 8
-/* 0x0008 */ .skip 24
-!
-! SUBROUTINE conv_i32_to_d32_and_d16
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global conv_i32_to_d32_and_d16
- conv_i32_to_d32_and_d16:
-/* 000000 */ save %sp,-192,%sp
- .L900000415:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3
-
-! 157 ! }
-! 158 !}
-! 161 !void conv_i32_to_d32_and_d16(double *d32, double *d16,
-! 162 ! unsigned int *i32, int len)
-! 163 !{
-! 164 !int i = 0;
-! 165 !unsigned int a;
-! 167 !#pragma pipeloop(0)
-! 168 !#ifdef RF_INLINE_MACROS
-! 169 ! for(;i<len-3;i+=4)
-! 170 ! {
-! 171 ! i16_to_d16_and_d32x4(&TwoToMinus16, &TwoTo16, &Zero,
-! 172 ! &(d16[2*i]), &(d32[i]), (float *)(&(i32[i])));
-
-/* 0x000c 172 */ sethi %hi(Zero),%g2
-/* 0x0010 163 */ add %g3,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000415-.)),%g3
-/* 0x0014 */ or %g0,%i3,%g5
-/* 0x0018 */ add %g3,%o7,%o3
-/* 0x001c 172 */ add %g2,%lo(Zero),%g2
-/* 0x0020 */ ldx [%o3+%g2],%o0
-/* 0x0024 */ sethi %hi(TwoToMinus16),%g3
-/* 0x0028 163 */ or %g0,%i0,%i3
-/* 0x002c 169 */ sub %g5,3,%o1
-/* 0x0030 172 */ sethi %hi(TwoTo16),%g4
-/* 0x0034 163 */ or %g0,%i2,%i0
-/* 0x0038 172 */ add %g3,%lo(TwoToMinus16),%g2
-/* 0x003c */ ldx [%o3+%g2],%o2
-/* 0x0040 169 */ cmp %o1,0
-/* 0x0044 164 */ or %g0,0,%i2
-/* 0x0048 169 */ ble,pt %icc,.L900000418
-/* 0x004c */ cmp %i2,%g5
-/* 0x0050 */ ldd [%o0],%f2
-/* 0x0054 172 */ add %g4,%lo(TwoTo16),%g3
-/* 0x0058 */ ldx [%o3+%g3],%o1
-/* 0x005c 169 */ sub %g5,4,%o4
-/* 0x0060 */ or %g0,0,%o5
- .L900000417:
-/* 0x0064 172 */ sra %i2,0,%g2
-/* 0x0068 */ fmovd %f2,%f14
-/* 0x006c */ ldd [%o2],%f0
-/* 0x0070 */ sllx %g2,2,%g3
-/* 0x0074 */ fmovd %f2,%f10
-/* 0x0078 */ ldd [%o1],%f16
-/* 0x007c */ ld [%g3+%i0],%f15
-/* 0x0080 */ add %i0,%g3,%g3
-/* 0x0084 */ fmovd %f2,%f6
-/* 0x0088 */ ld [%g3+4],%f11
-/* 0x008c */ sra %o5,0,%g4
-/* 0x0090 */ add %i2,4,%i2
-/* 0x0094 */ ld [%g3+8],%f7
-/* 0x0098 */ fxtod %f14,%f14
-/* 0x009c */ sllx %g2,3,%g2
-/* 0x00a0 */ ld [%g3+12],%f3
-/* 0x00a4 */ fxtod %f10,%f10
-/* 0x00a8 */ sllx %g4,3,%g3
-/* 0x00ac */ fxtod %f6,%f6
-/* 0x00b0 */ std %f14,[%g2+%i3]
-/* 0x00b4 */ add %i3,%g2,%g4
-/* 0x00b8 */ fxtod %f2,%f2
-/* 0x00bc */ fmuld %f0,%f14,%f12
-/* 0x00c0 */ std %f2,[%g4+24]
-/* 0x00c4 */ fmuld %f0,%f10,%f8
-/* 0x00c8 */ std %f10,[%g4+8]
-/* 0x00cc */ add %i1,%g3,%g2
-/* 0x00d0 */ fmuld %f0,%f6,%f4
-/* 0x00d4 */ std %f6,[%g4+16]
-/* 0x00d8 */ cmp %i2,%o4
-/* 0x00dc */ fmuld %f0,%f2,%f0
-/* 0x00e0 */ fdtox %f12,%f12
-/* 0x00e4 */ add %o5,8,%o5
-/* 0x00e8 */ fdtox %f8,%f8
-/* 0x00ec */ fdtox %f4,%f4
-/* 0x00f0 */ fdtox %f0,%f0
-/* 0x00f4 */ fxtod %f12,%f12
-/* 0x00f8 */ std %f12,[%g2+8]
-/* 0x00fc */ fxtod %f8,%f8
-/* 0x0100 */ std %f8,[%g2+24]
-/* 0x0104 */ fxtod %f4,%f4
-/* 0x0108 */ std %f4,[%g2+40]
-/* 0x010c */ fxtod %f0,%f0
-/* 0x0110 */ std %f0,[%g2+56]
-/* 0x0114 */ fmuld %f12,%f16,%f12
-/* 0x0118 */ fmuld %f8,%f16,%f8
-/* 0x011c */ fmuld %f4,%f16,%f4
-/* 0x0120 */ fsubd %f14,%f12,%f12
-/* 0x0124 */ std %f12,[%g3+%i1]
-/* 0x0128 */ fmuld %f0,%f16,%f0
-/* 0x012c */ fsubd %f10,%f8,%f8
-/* 0x0130 */ std %f8,[%g2+16]
-/* 0x0134 */ fsubd %f6,%f4,%f4
-/* 0x0138 */ std %f4,[%g2+32]
-/* 0x013c */ fsubd %f2,%f0,%f0
-/* 0x0140 */ std %f0,[%g2+48]
-/* 0x0144 */ ble,a,pt %icc,.L900000417
-/* 0x0148 */ ldd [%o0],%f2
- .L77000159:
-
-! 173 ! }
-! 174 !#endif
-! 175 ! for(;i<len;i++)
-
-/* 0x014c 175 */ cmp %i2,%g5
- .L900000418:
-/* 0x0150 175 */ bge,pt %icc,.L77000164
-/* 0x0154 */ nop
-
-! 176 ! {
-! 177 ! a=i32[i];
-! 178 ! d32[i]=(double)(i32[i]);
-! 179 ! d16[2*i]=(double)(a&0xffff);
-! 180 ! d16[2*i+1]=(double)(a>>16);
-
-/* 0x0158 180 */ sethi %hi(.L_const_seg_900000401),%g2
-/* 0x015c */ add %g2,%lo(.L_const_seg_900000401),%g2
-/* 0x0160 175 */ sethi %hi(0xfc00),%g3
-/* 0x0164 180 */ ldx [%o3+%g2],%g1
-/* 0x0168 175 */ sll %i2,1,%i4
-/* 0x016c */ sub %g5,%i2,%g4
-/* 0x0170 177 */ sra %i2,0,%o3
-/* 0x0174 175 */ add %g3,1023,%g3
-/* 0x0178 178 */ ldd [%g1],%f2
-/* 0x017c */ sllx %o3,2,%o2
-/* 0x0180 175 */ add %i4,1,%g2
-/* 0x0184 177 */ or %g0,%o3,%o1
-/* 0x0188 */ cmp %g4,6
-/* 0x018c 175 */ bl,pn %icc,.L77000161
-/* 0x0190 */ sra %i2,0,%o3
-/* 0x0194 177 */ or %g0,%o2,%o0
-/* 0x0198 178 */ ld [%i0+%o2],%f5
-/* 0x019c 179 */ fmovs %f2,%f8
-/* 0x01a0 175 */ add %o0,4,%o3
-/* 0x01a4 177 */ ld [%i0+%o0],%o7
-/* 0x01a8 180 */ fmovs %f2,%f6
-/* 0x01ac 178 */ fmovs %f2,%f4
-/* 0x01b0 */ sllx %o1,3,%o2
-/* 0x01b4 175 */ add %o3,4,%o5
-/* 0x01b8 179 */ sra %i4,0,%o0
-/* 0x01bc 175 */ add %o3,8,%o4
-/* 0x01c0 178 */ fsubd %f4,%f2,%f4
-/* 0x01c4 */ std %f4,[%i3+%o2]
-/* 0x01c8 179 */ sllx %o0,3,%i5
-/* 0x01cc */ and %o7,%g3,%o0
-/* 0x01d0 */ st %o0,[%sp+2227]
-/* 0x01d4 175 */ add %i5,16,%o1
-/* 0x01d8 180 */ srl %o7,16,%g4
-/* 0x01dc */ add %i2,1,%i2
-/* 0x01e0 */ sra %g2,0,%o0
-/* 0x01e4 175 */ add %o2,8,%o2
-/* 0x01e8 179 */ fmovs %f2,%f4
-/* 0x01ec 180 */ sllx %o0,3,%l0
-/* 0x01f0 */ add %i4,3,%g2
-/* 0x01f4 179 */ ld [%sp+2227],%f5
-/* 0x01f8 175 */ add %l0,16,%o0
-/* 0x01fc 180 */ add %i4,2,%i4
-/* 0x0200 175 */ sub %g5,1,%o7
-/* 0x0204 180 */ add %i2,3,%i2
-/* 0x0208 179 */ fsubd %f4,%f2,%f4
-/* 0x020c */ std %f4,[%i1+%i5]
-/* 0x0210 180 */ st %g4,[%sp+2223]
-/* 0x0214 177 */ ld [%i0+%o3],%i5
-/* 0x0218 180 */ fmovs %f2,%f4
-/* 0x021c */ srl %i5,16,%g4
-/* 0x0220 179 */ and %i5,%g3,%i5
-/* 0x0224 180 */ ld [%sp+2223],%f5
-/* 0x0228 */ fsubd %f4,%f2,%f4
-/* 0x022c */ std %f4,[%i1+%l0]
-/* 0x0230 */ st %g4,[%sp+2223]
-/* 0x0234 177 */ ld [%i0+%o5],%g4
-/* 0x0238 179 */ st %i5,[%sp+2227]
-/* 0x023c 178 */ fmovs %f2,%f4
-/* 0x0240 180 */ srl %g4,16,%i5
-/* 0x0244 179 */ and %g4,%g3,%g4
-/* 0x0248 180 */ ld [%sp+2223],%f7
-/* 0x024c */ st %i5,[%sp+2223]
-/* 0x0250 178 */ ld [%i0+%o3],%f5
-/* 0x0254 180 */ fsubd %f6,%f2,%f6
-/* 0x0258 177 */ ld [%i0+%o4],%o3
-/* 0x025c 178 */ fsubd %f4,%f2,%f4
-/* 0x0260 179 */ ld [%sp+2227],%f9
-/* 0x0264 180 */ ld [%sp+2223],%f1
-/* 0x0268 179 */ st %g4,[%sp+2227]
-/* 0x026c */ fsubd %f8,%f2,%f8
-/* 0x0270 */ std %f8,[%i1+%o1]
-/* 0x0274 180 */ std %f6,[%i1+%o0]
-/* 0x0278 178 */ std %f4,[%i3+%o2]
- .L900000411:
-/* 0x027c 179 */ ld [%sp+2227],%f13
-/* 0x0280 180 */ srl %o3,16,%g4
-/* 0x0284 */ add %i2,2,%i2
-/* 0x0288 */ st %g4,[%sp+2223]
-/* 0x028c */ cmp %i2,%o7
-/* 0x0290 */ add %g2,4,%g2
-/* 0x0294 178 */ ld [%i0+%o5],%f11
-/* 0x0298 180 */ add %i4,4,%i4
-/* 0x029c 175 */ add %o4,4,%o5
-/* 0x02a0 177 */ ld [%i0+%o5],%g4
-/* 0x02a4 179 */ and %o3,%g3,%o3
-/* 0x02a8 */ st %o3,[%sp+2227]
-/* 0x02ac 180 */ fmovs %f2,%f0
-/* 0x02b0 179 */ fmovs %f2,%f12
-/* 0x02b4 180 */ fsubd %f0,%f2,%f8
-/* 0x02b8 179 */ fsubd %f12,%f2,%f4
-/* 0x02bc 175 */ add %o1,16,%o1
-/* 0x02c0 180 */ ld [%sp+2223],%f7
-/* 0x02c4 178 */ fmovs %f2,%f10
-/* 0x02c8 179 */ std %f4,[%i1+%o1]
-/* 0x02cc 175 */ add %o0,16,%o0
-/* 0x02d0 178 */ fsubd %f10,%f2,%f4
-/* 0x02d4 175 */ add %o2,8,%o2
-/* 0x02d8 180 */ std %f8,[%i1+%o0]
-/* 0x02dc 178 */ std %f4,[%i3+%o2]
-/* 0x02e0 179 */ ld [%sp+2227],%f9
-/* 0x02e4 180 */ srl %g4,16,%o3
-/* 0x02e8 */ st %o3,[%sp+2223]
-/* 0x02ec 178 */ ld [%i0+%o4],%f5
-/* 0x02f0 175 */ add %o4,8,%o4
-/* 0x02f4 177 */ ld [%i0+%o4],%o3
-/* 0x02f8 179 */ and %g4,%g3,%g4
-/* 0x02fc */ st %g4,[%sp+2227]
-/* 0x0300 180 */ fmovs %f2,%f6
-/* 0x0304 179 */ fmovs %f2,%f8
-/* 0x0308 180 */ fsubd %f6,%f2,%f6
-/* 0x030c 179 */ fsubd %f8,%f2,%f8
-/* 0x0310 175 */ add %o1,16,%o1
-/* 0x0314 180 */ ld [%sp+2223],%f1
-/* 0x0318 178 */ fmovs %f2,%f4
-/* 0x031c 179 */ std %f8,[%i1+%o1]
-/* 0x0320 175 */ add %o0,16,%o0
-/* 0x0324 178 */ fsubd %f4,%f2,%f4
-/* 0x0328 175 */ add %o2,8,%o2
-/* 0x032c 180 */ std %f6,[%i1+%o0]
-/* 0x0330 */ bl,pt %icc,.L900000411
-/* 0x0334 */ std %f4,[%i3+%o2]
- .L900000414:
-/* 0x0338 180 */ srl %o3,16,%o7
-/* 0x033c */ st %o7,[%sp+2223]
-/* 0x0340 179 */ fmovs %f2,%f12
-/* 0x0344 178 */ ld [%i0+%o5],%f11
-/* 0x0348 180 */ fmovs %f2,%f0
-/* 0x034c 179 */ and %o3,%g3,%g4
-/* 0x0350 180 */ fmovs %f2,%f6
-/* 0x0354 175 */ add %o1,16,%o3
-/* 0x0358 */ add %o0,16,%o7
-/* 0x035c 178 */ fmovs %f2,%f10
-/* 0x0360 175 */ add %o2,8,%o2
-/* 0x0364 */ add %o1,32,%o5
-/* 0x0368 179 */ ld [%sp+2227],%f13
-/* 0x036c 178 */ fmovs %f2,%f4
-/* 0x0370 175 */ add %o0,32,%o1
-/* 0x0374 180 */ ld [%sp+2223],%f7
-/* 0x0378 175 */ add %o2,8,%o0
-/* 0x037c 180 */ cmp %i2,%g5
-/* 0x0380 179 */ st %g4,[%sp+2227]
-/* 0x0384 */ fsubd %f12,%f2,%f8
-/* 0x0388 180 */ add %g2,6,%g2
-/* 0x038c 179 */ std %f8,[%i1+%o3]
-/* 0x0390 180 */ fsubd %f0,%f2,%f0
-/* 0x0394 177 */ sra %i2,0,%o3
-/* 0x0398 180 */ std %f0,[%i1+%o7]
-/* 0x039c 178 */ fsubd %f10,%f2,%f0
-/* 0x03a0 180 */ add %i4,6,%i4
-/* 0x03a4 178 */ std %f0,[%i3+%o2]
-/* 0x03a8 */ sllx %o3,2,%o2
-/* 0x03ac 179 */ ld [%sp+2227],%f9
-/* 0x03b0 178 */ ld [%i0+%o4],%f5
-/* 0x03b4 179 */ fmovs %f2,%f8
-/* 0x03b8 */ fsubd %f8,%f2,%f0
-/* 0x03bc */ std %f0,[%i1+%o5]
-/* 0x03c0 180 */ fsubd %f6,%f2,%f0
-/* 0x03c4 */ std %f0,[%i1+%o1]
-/* 0x03c8 178 */ fsubd %f4,%f2,%f0
-/* 0x03cc 180 */ bge,pn %icc,.L77000164
-/* 0x03d0 */ std %f0,[%i3+%o0]
- .L77000161:
-/* 0x03d4 178 */ ldd [%g1],%f2
- .L900000416:
-/* 0x03d8 178 */ ld [%i0+%o2],%f5
-/* 0x03dc 179 */ sra %i4,0,%o0
-/* 0x03e0 180 */ add %i2,1,%i2
-/* 0x03e4 177 */ ld [%i0+%o2],%o1
-/* 0x03e8 178 */ sllx %o3,3,%o3
-/* 0x03ec 180 */ add %i4,2,%i4
-/* 0x03f0 178 */ fmovs %f2,%f4
-/* 0x03f4 179 */ sllx %o0,3,%o4
-/* 0x03f8 180 */ cmp %i2,%g5
-/* 0x03fc 179 */ and %o1,%g3,%o0
-/* 0x0400 178 */ fsubd %f4,%f2,%f0
-/* 0x0404 */ std %f0,[%i3+%o3]
-/* 0x0408 180 */ srl %o1,16,%o1
-/* 0x040c 179 */ st %o0,[%sp+2227]
-/* 0x0410 180 */ sra %g2,0,%o0
-/* 0x0414 */ add %g2,2,%g2
-/* 0x0418 177 */ sra %i2,0,%o3
-/* 0x041c 180 */ sllx %o0,3,%o0
-/* 0x0420 179 */ fmovs %f2,%f4
-/* 0x0424 */ sllx %o3,2,%o2
-/* 0x0428 */ ld [%sp+2227],%f5
-/* 0x042c */ fsubd %f4,%f2,%f0
-/* 0x0430 */ std %f0,[%i1+%o4]
-/* 0x0434 180 */ st %o1,[%sp+2223]
-/* 0x0438 */ fmovs %f2,%f4
-/* 0x043c */ ld [%sp+2223],%f5
-/* 0x0440 */ fsubd %f4,%f2,%f0
-/* 0x0444 */ std %f0,[%i1+%o0]
-/* 0x0448 */ bl,a,pt %icc,.L900000416
-/* 0x044c */ ldd [%g1],%f2
- .L77000164:
-/* 0x0450 */ ret ! Result =
-/* 0x0454 */ restore %g0,%g0,%g0
-/* 0x0458 0 */ .type conv_i32_to_d32_and_d16,2
-/* 0x0458 */ .size conv_i32_to_d32_and_d16,(.-conv_i32_to_d32_and_d16)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-!
-! SUBROUTINE adjust_montf_result
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global adjust_montf_result
- adjust_montf_result:
-/* 000000 */ save %sp,-176,%sp
-/* 0x0004 */ or %g0,%i2,%o1
-/* 0x0008 */ or %g0,%i0,%i2
-
-! 181 ! }
-! 182 !}
-! 185 !void adjust_montf_result(unsigned int *i32, unsigned int *nint, int len)
-! 186 !{
-! 187 !long long acc;
-! 188 !int i;
-! 190 ! if(i32[len]>0) i=-1;
-
-/* 0x000c 190 */ sra %o1,0,%g2
-/* 0x0010 */ or %g0,-1,%o2
-/* 0x0014 */ sllx %g2,2,%g2
-/* 0x0018 */ ld [%i2+%g2],%g2
-/* 0x001c */ cmp %g2,0
-/* 0x0020 */ bleu,pn %icc,.L77000175
-/* 0x0024 */ or %g0,%i1,%i0
-/* 0x0028 */ ba .L900000511
-/* 0x002c */ cmp %o2,0
- .L77000175:
-
-! 191 ! else
-! 192 ! {
-! 193 ! for(i=len-1; i>=0; i--)
-
-/* 0x0030 193 */ sub %o1,1,%o2
-/* 0x0034 */ cmp %o2,0
-/* 0x0038 */ bl,pn %icc,.L77000182
-/* 0x003c */ sra %o2,0,%g2
- .L900000510:
-
-! 194 ! {
-! 195 ! if(i32[i]!=nint[i]) break;
-
-/* 0x0040 195 */ sllx %g2,2,%g2
-/* 0x0044 */ sub %o2,1,%o0
-/* 0x0048 */ ld [%i1+%g2],%g3
-/* 0x004c */ ld [%i2+%g2],%g2
-/* 0x0050 */ cmp %g2,%g3
-/* 0x0054 */ bne,pn %icc,.L77000182
-/* 0x0058 */ nop
-/* 0x005c 0 */ or %g0,%o0,%o2
-/* 0x0060 195 */ cmp %o0,0
-/* 0x0064 */ bge,pt %icc,.L900000510
-/* 0x0068 */ sra %o2,0,%g2
- .L77000182:
-
-! 196 ! }
-! 197 ! }
-! 198 ! if((i<0)||(i32[i]>nint[i]))
-
-/* 0x006c 198 */ cmp %o2,0
- .L900000511:
-/* 0x0070 198 */ bl,pn %icc,.L77000198
-/* 0x0074 */ sra %o2,0,%g2
-/* 0x0078 */ sllx %g2,2,%g2
-/* 0x007c */ ld [%i1+%g2],%g3
-/* 0x0080 */ ld [%i2+%g2],%g2
-/* 0x0084 */ cmp %g2,%g3
-/* 0x0088 */ bleu,pt %icc,.L77000191
-/* 0x008c */ nop
- .L77000198:
-
-! 199 ! {
-! 200 ! acc=0;
-! 201 ! for(i=0;i<len;i++)
-
-/* 0x0090 201 */ cmp %o1,0
-/* 0x0094 */ ble,pt %icc,.L77000191
-/* 0x0098 */ nop
-/* 0x009c 198 */ or %g0,-1,%g2
-/* 0x00a0 201 */ or %g0,%o1,%g3
-/* 0x00a4 198 */ srl %g2,0,%g2
-/* 0x00a8 */ sub %o1,1,%g4
-/* 0x00ac */ cmp %o1,9
-/* 0x00b0 201 */ or %g0,0,%i1
-/* 0x00b4 200 */ or %g0,0,%g5
-
-! 202 ! {
-! 203 ! acc=acc+(unsigned long long)(i32[i])-(unsigned long long)(nint[i]);
-
-/* 0x00b8 203 */ or %g0,0,%o1
-/* 0x00bc 201 */ bl,pn %icc,.L77000199
-/* 0x00c0 */ sub %g3,4,%o7
-/* 0x00c4 203 */ ld [%i2],%o1
-
-! 204 ! i32[i]=acc&0xffffffff;
-! 205 ! acc=acc>>32;
-
-/* 0x00c8 205 */ or %g0,5,%i1
-/* 0x00cc 203 */ ld [%i0],%o2
-/* 0x00d0 201 */ or %g0,8,%o5
-/* 0x00d4 */ or %g0,12,%o4
-/* 0x00d8 203 */ ld [%i0+4],%o3
-/* 0x00dc 201 */ or %g0,16,%g1
-/* 0x00e0 203 */ ld [%i2+4],%o0
-/* 0x00e4 201 */ sub %o1,%o2,%o1
-/* 0x00e8 203 */ ld [%i0+8],%i3
-/* 0x00ec 204 */ and %o1,%g2,%g5
-/* 0x00f0 */ st %g5,[%i2]
-/* 0x00f4 205 */ srax %o1,32,%g5
-/* 0x00f8 201 */ sub %o0,%o3,%o0
-/* 0x00fc 203 */ ld [%i0+12],%o2
-/* 0x0100 201 */ add %o0,%g5,%o0
-/* 0x0104 204 */ and %o0,%g2,%g5
-/* 0x0108 */ st %g5,[%i2+4]
-/* 0x010c 205 */ srax %o0,32,%o0
-/* 0x0110 203 */ ld [%i2+8],%o1
-/* 0x0114 */ ld [%i2+12],%o3
-/* 0x0118 201 */ sub %o1,%i3,%o1
- .L900000505:
-/* 0x011c */ add %g1,4,%g3
-/* 0x0120 203 */ ld [%g1+%i2],%g5
-/* 0x0124 201 */ add %o1,%o0,%o0
-/* 0x0128 203 */ ld [%i0+%g1],%i3
-/* 0x012c 201 */ sub %o3,%o2,%o1
-/* 0x0130 204 */ and %o0,%g2,%o2
-/* 0x0134 */ st %o2,[%o5+%i2]
-/* 0x0138 205 */ srax %o0,32,%o2
-/* 0x013c */ add %i1,4,%i1
-/* 0x0140 201 */ add %g1,8,%o5
-/* 0x0144 203 */ ld [%g3+%i2],%o0
-/* 0x0148 201 */ add %o1,%o2,%o1
-/* 0x014c 203 */ ld [%i0+%g3],%o3
-/* 0x0150 201 */ sub %g5,%i3,%o2
-/* 0x0154 204 */ and %o1,%g2,%g5
-/* 0x0158 */ st %g5,[%o4+%i2]
-/* 0x015c 205 */ srax %o1,32,%g5
-/* 0x0160 */ cmp %i1,%o7
-/* 0x0164 201 */ add %g1,12,%o4
-/* 0x0168 203 */ ld [%o5+%i2],%o1
-/* 0x016c 201 */ add %o2,%g5,%o2
-/* 0x0170 203 */ ld [%i0+%o5],%i3
-/* 0x0174 201 */ sub %o0,%o3,%o0
-/* 0x0178 204 */ and %o2,%g2,%o3
-/* 0x017c */ st %o3,[%g1+%i2]
-/* 0x0180 205 */ srax %o2,32,%g5
-/* 0x0184 203 */ ld [%o4+%i2],%o3
-/* 0x0188 201 */ add %g1,16,%g1
-/* 0x018c */ add %o0,%g5,%o0
-/* 0x0190 203 */ ld [%i0+%o4],%o2
-/* 0x0194 201 */ sub %o1,%i3,%o1
-/* 0x0198 204 */ and %o0,%g2,%g5
-/* 0x019c */ st %g5,[%g3+%i2]
-/* 0x01a0 205 */ ble,pt %icc,.L900000505
-/* 0x01a4 */ srax %o0,32,%o0
- .L900000508:
-/* 0x01a8 */ add %o1,%o0,%g3
-/* 0x01ac */ sub %o3,%o2,%o1
-/* 0x01b0 203 */ ld [%g1+%i2],%o0
-/* 0x01b4 */ ld [%i0+%g1],%o2
-/* 0x01b8 205 */ srax %g3,32,%o7
-/* 0x01bc 204 */ and %g3,%g2,%o3
-/* 0x01c0 201 */ add %o1,%o7,%o1
-/* 0x01c4 204 */ st %o3,[%o5+%i2]
-/* 0x01c8 205 */ cmp %i1,%g4
-/* 0x01cc 201 */ sub %o0,%o2,%o0
-/* 0x01d0 204 */ and %o1,%g2,%o2
-/* 0x01d4 */ st %o2,[%o4+%i2]
-/* 0x01d8 205 */ srax %o1,32,%o1
-/* 0x01dc 203 */ sra %i1,0,%o2
-/* 0x01e0 201 */ add %o0,%o1,%o0
-/* 0x01e4 205 */ srax %o0,32,%g5
-/* 0x01e8 204 */ and %o0,%g2,%o1
-/* 0x01ec */ st %o1,[%g1+%i2]
-/* 0x01f0 205 */ bg,pn %icc,.L77000191
-/* 0x01f4 */ sllx %o2,2,%o1
- .L77000199:
-/* 0x01f8 0 */ or %g0,%o1,%g1
- .L900000509:
-/* 0x01fc 203 */ ld [%o1+%i2],%o0
-/* 0x0200 205 */ add %i1,1,%i1
-/* 0x0204 203 */ ld [%i0+%o1],%o1
-/* 0x0208 */ sra %i1,0,%o2
-/* 0x020c 205 */ cmp %i1,%g4
-/* 0x0210 203 */ add %g5,%o0,%o0
-/* 0x0214 */ sub %o0,%o1,%o0
-/* 0x0218 205 */ srax %o0,32,%g5
-/* 0x021c 204 */ and %o0,%g2,%o1
-/* 0x0220 */ st %o1,[%g1+%i2]
-/* 0x0224 */ sllx %o2,2,%o1
-/* 0x0228 205 */ ble,pt %icc,.L900000509
-/* 0x022c */ or %g0,%o1,%g1
- .L77000191:
-/* 0x0230 */ ret ! Result =
-/* 0x0234 */ restore %g0,%g0,%g0
-/* 0x0238 0 */ .type adjust_montf_result,2
-/* 0x0238 */ .size adjust_montf_result,(.-adjust_montf_result)
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 */ .align 8
-/* 000000 */ .skip 24
-!
-! SUBROUTINE mont_mulf_noconv
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION
-
- .global mont_mulf_noconv
- mont_mulf_noconv:
-/* 000000 */ save %sp,-224,%sp
- .L900000643:
-/* 0x0004 */ call .+8
-/* 0x0008 */ sethi /*X*/%hi(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5
-/* 0x000c */ ldx [%fp+2223],%l0
-
-! 206 ! }
-! 207 ! }
-! 208 !}
-! 213 !/*
-! 214 !** the lengths of the input arrays should be at least the following:
-! 215 !** result[nlen+1], dm1[nlen], dm2[2*nlen+1], dt[4*nlen+2], dn[nlen], nint[nlen]
-! 216 !** all of them should be different from one another
-! 217 !**
-! 218 !*/
-! 219 !void mont_mulf_noconv(unsigned int *result,
-! 220 ! double *dm1, double *dm2, double *dt,
-! 221 ! double *dn, unsigned int *nint,
-! 222 ! int nlen, double dn0)
-! 223 !{
-! 224 ! int i, j, jj;
-! 225 ! int tmp;
-! 226 ! double digit, m2j, nextm2j, a, b;
-! 227 ! double *dptmp, *pdm1, *pdm2, *pdn, *pdtj, pdn_0, pdm1_0;
-! 229 ! pdm1=&(dm1[0]);
-! 230 ! pdm2=&(dm2[0]);
-! 231 ! pdn=&(dn[0]);
-! 232 ! pdm2[2*nlen]=Zero;
-
-/* 0x0010 232 */ sethi %hi(Zero),%g2
-/* 0x0014 223 */ fmovd %f14,%f30
-/* 0x0018 */ add %g5,/*X*/%lo(_GLOBAL_OFFSET_TABLE_-(.L900000643-.)),%g5
-/* 0x001c 232 */ add %g2,%lo(Zero),%g2
-/* 0x0020 */ sll %l0,1,%o3
-/* 0x0024 223 */ add %g5,%o7,%o4
-/* 0x0028 232 */ sra %o3,0,%g5
-/* 0x002c */ ldx [%o4+%g2],%o7
-
-! 234 ! if (nlen!=16)
-! 235 ! {
-! 236 ! for(i=0;i<4*nlen+2;i++) dt[i]=Zero;
-! 238 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 239 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-/* 0x0030 239 */ sethi %hi(TwoToMinus16),%g3
-/* 0x0034 */ sethi %hi(TwoTo16),%g4
-/* 0x0038 */ add %g3,%lo(TwoToMinus16),%g2
-/* 0x003c 232 */ ldd [%o7],%f0
-/* 0x0040 239 */ add %g4,%lo(TwoTo16),%g3
-/* 0x0044 223 */ or %g0,%i4,%o0
-/* 0x0048 232 */ sllx %g5,3,%g4
-/* 0x004c 239 */ ldx [%o4+%g2],%o5
-/* 0x0050 223 */ or %g0,%i5,%l3
-/* 0x0054 */ or %g0,%i0,%l2
-/* 0x0058 239 */ ldx [%o4+%g3],%o4
-/* 0x005c 234 */ cmp %l0,16
-/* 0x0060 232 */ std %f0,[%i2+%g4]
-/* 0x0064 234 */ be,pn %icc,.L77000279
-/* 0x0068 */ or %g0,%i3,%l4
-/* 0x006c 236 */ sll %l0,2,%g2
-/* 0x0070 223 */ or %g0,%o0,%i5
-/* 0x0074 236 */ add %g2,2,%o0
-/* 0x0078 223 */ or %g0,%i1,%i4
-/* 0x007c 236 */ cmp %o0,0
-/* 0x0080 223 */ or %g0,%i2,%l1
-/* 0x0084 236 */ ble,a,pt %icc,.L900000657
-/* 0x0088 */ ldd [%i1],%f6
-
-! 241 ! pdtj=&(dt[0]);
-! 242 ! for(j=jj=0;j<2*nlen;j++,jj++,pdtj++)
-! 243 ! {
-! 244 ! m2j=pdm2[j];
-! 245 ! a=pdtj[0]+pdn[0]*digit;
-! 246 ! b=pdtj[1]+pdm1[0]*pdm2[j+1]+a*TwoToMinus16;
-! 247 ! pdtj[1]=b;
-! 249 !#pragma pipeloop(0)
-! 250 ! for(i=1;i<nlen;i++)
-! 251 ! {
-! 252 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 253 ! }
-! 254 ! if((jj==30)) {cleanup(dt,j/2+1,2*nlen+1); jj=0;}
-! 255 !
-! 256 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 257 ! }
-! 258 ! }
-! 259 ! else
-! 260 ! {
-! 261 ! a=dt[0]=pdm1[0]*pdm2[0];
-! 263 ! dt[65]= dt[64]= dt[63]= dt[62]= dt[61]= dt[60]=
-! 264 ! dt[59]= dt[58]= dt[57]= dt[56]= dt[55]= dt[54]=
-! 265 ! dt[53]= dt[52]= dt[51]= dt[50]= dt[49]= dt[48]=
-! 266 ! dt[47]= dt[46]= dt[45]= dt[44]= dt[43]= dt[42]=
-! 267 ! dt[41]= dt[40]= dt[39]= dt[38]= dt[37]= dt[36]=
-! 268 ! dt[35]= dt[34]= dt[33]= dt[32]= dt[31]= dt[30]=
-! 269 ! dt[29]= dt[28]= dt[27]= dt[26]= dt[25]= dt[24]=
-! 270 ! dt[23]= dt[22]= dt[21]= dt[20]= dt[19]= dt[18]=
-! 271 ! dt[17]= dt[16]= dt[15]= dt[14]= dt[13]= dt[12]=
-! 272 ! dt[11]= dt[10]= dt[ 9]= dt[ 8]= dt[ 7]= dt[ 6]=
-! 273 ! dt[ 5]= dt[ 4]= dt[ 3]= dt[ 2]= dt[ 1]=Zero;
-! 275 ! pdn_0=pdn[0];
-! 276 ! pdm1_0=pdm1[0];
-! 278 ! digit=mod(lower32(a,Zero)*dn0,TwoToMinus16,TwoTo16);
-! 279 ! pdtj=&(dt[0]);
-! 281 ! for(j=0;j<32;j++,pdtj++)
-
-/* 0x008c 281 */ or %g0,%o0,%o1
-/* 0x0090 236 */ sub %o0,1,%g1
-/* 0x0094 */ or %g0,0,%g2
-/* 0x0098 281 */ cmp %o1,5
-/* 0x009c */ bl,pn %icc,.L77000280
-/* 0x00a0 */ or %g0,8,%o0
-/* 0x00a4 */ std %f0,[%i3]
-/* 0x00a8 */ or %g0,2,%g2
-/* 0x00ac */ sub %g1,2,%o1
- .L900000627:
-/* 0x00b0 */ add %o0,8,%g3
-/* 0x00b4 */ std %f0,[%i3+%o0]
-/* 0x00b8 */ add %g2,3,%g2
-/* 0x00bc */ add %o0,16,%o2
-/* 0x00c0 */ std %f0,[%i3+%g3]
-/* 0x00c4 */ cmp %g2,%o1
-/* 0x00c8 */ add %o0,24,%o0
-/* 0x00cc */ ble,pt %icc,.L900000627
-/* 0x00d0 */ std %f0,[%i3+%o2]
- .L900000630:
-/* 0x00d4 */ cmp %g2,%g1
-/* 0x00d8 */ bg,pn %icc,.L77000285
-/* 0x00dc */ std %f0,[%i3+%o0]
- .L77000280:
-/* 0x00e0 */ ldd [%o7],%f0
- .L900000656:
-/* 0x00e4 */ sra %g2,0,%o0
-/* 0x00e8 */ add %g2,1,%g2
-/* 0x00ec */ sllx %o0,3,%o0
-/* 0x00f0 */ cmp %g2,%g1
-/* 0x00f4 */ std %f0,[%i3+%o0]
-/* 0x00f8 */ ble,a,pt %icc,.L900000656
-/* 0x00fc */ ldd [%o7],%f0
- .L77000285:
-/* 0x0100 238 */ ldd [%i1],%f6
- .L900000657:
-/* 0x0104 238 */ ldd [%i2],%f8
-/* 0x0108 242 */ cmp %o3,0
-/* 0x010c */ sub %o3,1,%o1
-/* 0x0110 239 */ ldd [%o7],%f10
-/* 0x0114 */ add %o3,1,%o2
-/* 0x0118 0 */ or %g0,0,%i2
-/* 0x011c 238 */ fmuld %f6,%f8,%f6
-/* 0x0120 */ std %f6,[%i3]
-/* 0x0124 0 */ or %g0,0,%g3
-/* 0x0128 239 */ ldd [%o5],%f8
-/* 0x012c 0 */ or %g0,%o2,%g1
-/* 0x0130 236 */ sub %l0,1,%i1
-/* 0x0134 239 */ ldd [%o4],%f12
-/* 0x0138 236 */ or %g0,1,%g4
-/* 0x013c */ fdtox %f6,%f0
-/* 0x0140 */ fmovs %f10,%f0
-/* 0x0144 */ fxtod %f0,%f6
-/* 0x0148 239 */ fmuld %f6,%f14,%f6
-/* 0x014c */ fmuld %f6,%f8,%f8
-/* 0x0150 */ fdtox %f8,%f8
-/* 0x0154 */ fxtod %f8,%f8
-/* 0x0158 */ fmuld %f8,%f12,%f8
-/* 0x015c */ fsubd %f6,%f8,%f20
-/* 0x0160 242 */ ble,pt %icc,.L900000650
-/* 0x0164 */ sllx %g5,3,%g2
-/* 0x0168 0 */ st %o1,[%sp+2223]
-/* 0x016c 246 */ ldd [%i5],%f6
- .L900000651:
-/* 0x0170 246 */ sra %g4,0,%g2
-/* 0x0174 */ fmuld %f6,%f20,%f6
-/* 0x0178 */ ldd [%i3],%f12
-/* 0x017c */ sllx %g2,3,%g2
-/* 0x0180 */ ldd [%i4],%f8
-/* 0x0184 250 */ cmp %l0,1
-/* 0x0188 246 */ ldd [%l1+%g2],%f10
-/* 0x018c 244 */ sra %i2,0,%g2
-/* 0x0190 */ add %i2,1,%i0
-/* 0x0194 246 */ faddd %f12,%f6,%f6
-/* 0x0198 */ ldd [%o5],%f12
-/* 0x019c 244 */ sllx %g2,3,%g2
-/* 0x01a0 246 */ fmuld %f8,%f10,%f8
-/* 0x01a4 */ ldd [%i3+8],%f10
-/* 0x01a8 */ srl %i2,31,%o3
-/* 0x01ac 244 */ ldd [%l1+%g2],%f18
-/* 0x01b0 0 */ or %g0,1,%l5
-/* 0x01b4 236 */ or %g0,2,%g2
-/* 0x01b8 246 */ fmuld %f6,%f12,%f6
-/* 0x01bc 250 */ or %g0,32,%o1
-/* 0x01c0 */ or %g0,48,%o2
-/* 0x01c4 246 */ faddd %f10,%f8,%f8
-/* 0x01c8 */ faddd %f8,%f6,%f16
-/* 0x01cc 250 */ ble,pn %icc,.L77000213
-/* 0x01d0 */ std %f16,[%i3+8]
-/* 0x01d4 */ cmp %i1,8
-/* 0x01d8 */ sub %l0,3,%o3
-/* 0x01dc */ bl,pn %icc,.L77000284
-/* 0x01e0 */ or %g0,8,%o0
-/* 0x01e4 252 */ ldd [%i5+8],%f0
-/* 0x01e8 */ or %g0,6,%l5
-/* 0x01ec */ ldd [%i4+8],%f2
-/* 0x01f0 */ or %g0,4,%g2
-/* 0x01f4 250 */ or %g0,40,%o0
-/* 0x01f8 252 */ ldd [%i5+16],%f8
-/* 0x01fc */ fmuld %f0,%f20,%f10
-/* 0x0200 */ ldd [%i4+16],%f4
-/* 0x0204 */ fmuld %f2,%f18,%f2
-/* 0x0208 */ ldd [%i3+16],%f0
-/* 0x020c */ fmuld %f8,%f20,%f12
-/* 0x0210 */ ldd [%i4+24],%f6
-/* 0x0214 */ fmuld %f4,%f18,%f4
-/* 0x0218 */ ldd [%i5+24],%f8
-/* 0x021c */ faddd %f2,%f10,%f2
-/* 0x0220 */ ldd [%i4+32],%f14
-/* 0x0224 */ fmuld %f6,%f18,%f10
-/* 0x0228 */ ldd [%i5+32],%f6
-/* 0x022c */ faddd %f4,%f12,%f4
-/* 0x0230 */ ldd [%i4+40],%f12
-/* 0x0234 */ faddd %f0,%f2,%f0
-/* 0x0238 */ std %f0,[%i3+16]
-/* 0x023c */ ldd [%i3+32],%f0
-/* 0x0240 */ ldd [%i3+48],%f2
- .L900000639:
-/* 0x0244 */ add %o2,16,%l6
-/* 0x0248 252 */ ldd [%i5+%o0],%f22
-/* 0x024c */ add %l5,3,%l5
-/* 0x0250 */ fmuld %f8,%f20,%f8
-/* 0x0254 250 */ add %o0,8,%o0
-/* 0x0258 252 */ ldd [%l6+%i3],%f26
-/* 0x025c */ cmp %l5,%o3
-/* 0x0260 */ ldd [%i4+%o0],%f24
-/* 0x0264 */ faddd %f0,%f4,%f0
-/* 0x0268 */ add %g2,6,%g2
-/* 0x026c */ faddd %f10,%f8,%f10
-/* 0x0270 */ fmuld %f14,%f18,%f4
-/* 0x0274 */ std %f0,[%o1+%i3]
-/* 0x0278 250 */ add %o2,32,%o1
-/* 0x027c 252 */ ldd [%i5+%o0],%f8
-/* 0x0280 */ fmuld %f6,%f20,%f6
-/* 0x0284 250 */ add %o0,8,%o0
-/* 0x0288 252 */ ldd [%o1+%i3],%f0
-/* 0x028c */ ldd [%i4+%o0],%f14
-/* 0x0290 */ faddd %f2,%f10,%f2
-/* 0x0294 */ faddd %f4,%f6,%f10
-/* 0x0298 */ fmuld %f12,%f18,%f4
-/* 0x029c */ std %f2,[%o2+%i3]
-/* 0x02a0 250 */ add %o2,48,%o2
-/* 0x02a4 252 */ ldd [%i5+%o0],%f6
-/* 0x02a8 */ fmuld %f22,%f20,%f22
-/* 0x02ac 250 */ add %o0,8,%o0
-/* 0x02b0 252 */ ldd [%o2+%i3],%f2
-/* 0x02b4 */ ldd [%i4+%o0],%f12
-/* 0x02b8 */ faddd %f26,%f10,%f10
-/* 0x02bc */ std %f10,[%l6+%i3]
-/* 0x02c0 */ fmuld %f24,%f18,%f10
-/* 0x02c4 */ ble,pt %icc,.L900000639
-/* 0x02c8 */ faddd %f4,%f22,%f4
- .L900000642:
-/* 0x02cc 252 */ fmuld %f8,%f20,%f24
-/* 0x02d0 */ faddd %f0,%f4,%f8
-/* 0x02d4 250 */ add %o2,16,%o3
-/* 0x02d8 252 */ ldd [%o3+%i3],%f4
-/* 0x02dc */ fmuld %f14,%f18,%f0
-/* 0x02e0 */ cmp %l5,%i1
-/* 0x02e4 */ std %f8,[%o1+%i3]
-/* 0x02e8 */ fmuld %f12,%f18,%f8
-/* 0x02ec 250 */ add %o2,32,%o1
-/* 0x02f0 252 */ faddd %f10,%f24,%f12
-/* 0x02f4 */ ldd [%i5+%o0],%f22
-/* 0x02f8 */ fmuld %f6,%f20,%f6
-/* 0x02fc */ add %g2,8,%g2
-/* 0x0300 */ fmuld %f22,%f20,%f10
-/* 0x0304 */ faddd %f2,%f12,%f2
-/* 0x0308 */ faddd %f0,%f6,%f6
-/* 0x030c */ ldd [%o1+%i3],%f0
-/* 0x0310 */ std %f2,[%o2+%i3]
-/* 0x0314 */ faddd %f8,%f10,%f2
-/* 0x0318 */ sra %l5,0,%o2
-/* 0x031c */ sllx %o2,3,%o0
-/* 0x0320 */ faddd %f4,%f6,%f4
-/* 0x0324 */ std %f4,[%o3+%i3]
-/* 0x0328 */ faddd %f0,%f2,%f0
-/* 0x032c */ std %f0,[%o1+%i3]
-/* 0x0330 */ bg,a,pn %icc,.L77000213
-/* 0x0334 */ srl %i2,31,%o3
- .L77000284:
-/* 0x0338 252 */ ldd [%i4+%o0],%f2
- .L900000655:
-/* 0x033c 252 */ ldd [%i5+%o0],%f0
-/* 0x0340 */ fmuld %f2,%f18,%f2
-/* 0x0344 */ sra %g2,0,%o0
-/* 0x0348 */ sllx %o0,3,%o1
-/* 0x034c */ add %l5,1,%l5
-/* 0x0350 */ fmuld %f0,%f20,%f4
-/* 0x0354 */ ldd [%o1+%i3],%f0
-/* 0x0358 */ sra %l5,0,%o2
-/* 0x035c */ sllx %o2,3,%o0
-/* 0x0360 */ add %g2,2,%g2
-/* 0x0364 */ cmp %l5,%i1
-/* 0x0368 */ faddd %f2,%f4,%f2
-/* 0x036c */ faddd %f0,%f2,%f0
-/* 0x0370 */ std %f0,[%o1+%i3]
-/* 0x0374 */ ble,a,pt %icc,.L900000655
-/* 0x0378 */ ldd [%i4+%o0],%f2
- .L900000626:
-/* 0x037c */ srl %i2,31,%o3
-/* 0x0380 252 */ ba .L900000654
-/* 0x0384 */ cmp %g3,30
- .L77000213:
-/* 0x0388 254 */ cmp %g3,30
- .L900000654:
-/* 0x038c */ add %i2,%o3,%o0
-/* 0x0390 254 */ bne,a,pt %icc,.L900000653
-/* 0x0394 */ fdtox %f16,%f0
-/* 0x0398 281 */ sra %o0,1,%g2
-/* 0x039c */ add %g2,1,%g2
-/* 0x03a0 */ ldd [%o7],%f0
-/* 0x03a4 */ sll %g2,1,%o1
-/* 0x03a8 */ sll %g1,1,%g2
-/* 0x03ac */ or %g0,%o1,%o2
-/* 0x03b0 */ fmovd %f0,%f2
-/* 0x03b4 */ or %g0,%g2,%o0
-/* 0x03b8 */ cmp %o1,%o0
-/* 0x03bc */ sub %g2,1,%o0
-/* 0x03c0 */ bge,pt %icc,.L77000215
-/* 0x03c4 */ or %g0,0,%g3
-/* 0x03c8 254 */ add %o1,1,%o1
-/* 0x03cc 281 */ sra %o2,0,%g2
- .L900000652:
-/* 0x03d0 */ sllx %g2,3,%g2
-/* 0x03d4 */ ldd [%o7],%f6
-/* 0x03d8 */ add %o2,2,%o2
-/* 0x03dc */ sra %o1,0,%g3
-/* 0x03e0 */ ldd [%g2+%l4],%f8
-/* 0x03e4 */ cmp %o2,%o0
-/* 0x03e8 */ sllx %g3,3,%g3
-/* 0x03ec */ add %o1,2,%o1
-/* 0x03f0 */ ldd [%l4+%g3],%f10
-/* 0x03f4 */ fdtox %f8,%f12
-/* 0x03f8 */ fdtox %f10,%f4
-/* 0x03fc */ fmovd %f12,%f8
-/* 0x0400 */ fmovs %f6,%f12
-/* 0x0404 */ fmovs %f6,%f4
-/* 0x0408 */ fxtod %f12,%f6
-/* 0x040c */ fxtod %f4,%f12
-/* 0x0410 */ fdtox %f10,%f4
-/* 0x0414 */ faddd %f6,%f2,%f6
-/* 0x0418 */ std %f6,[%g2+%l4]
-/* 0x041c */ faddd %f12,%f0,%f6
-/* 0x0420 */ std %f6,[%l4+%g3]
-/* 0x0424 */ fitod %f8,%f2
-/* 0x0428 */ fitod %f4,%f0
-/* 0x042c */ ble,pt %icc,.L900000652
-/* 0x0430 */ sra %o2,0,%g2
- .L77000233:
-/* 0x0434 */ or %g0,0,%g3
- .L77000215:
-/* 0x0438 */ fdtox %f16,%f0
- .L900000653:
-/* 0x043c 256 */ ldd [%o7],%f6
-/* 0x0440 */ add %g4,1,%g4
-/* 0x0444 */ or %g0,%i0,%i2
-/* 0x0448 */ ldd [%o5],%f8
-/* 0x044c */ add %g3,1,%g3
-/* 0x0450 */ add %i3,8,%i3
-/* 0x0454 */ fmovs %f6,%f0
-/* 0x0458 */ ldd [%o4],%f10
-/* 0x045c */ ld [%sp+2223],%o0
-/* 0x0460 */ fxtod %f0,%f6
-/* 0x0464 */ cmp %i0,%o0
-/* 0x0468 */ fmuld %f6,%f30,%f6
-/* 0x046c */ fmuld %f6,%f8,%f8
-/* 0x0470 */ fdtox %f8,%f8
-/* 0x0474 */ fxtod %f8,%f8
-/* 0x0478 */ fmuld %f8,%f10,%f8
-/* 0x047c */ fsubd %f6,%f8,%f20
-/* 0x0480 */ ble,a,pt %icc,.L900000651
-/* 0x0484 */ ldd [%i5],%f6
- .L900000625:
-/* 0x0488 256 */ ba .L900000650
-/* 0x048c */ sllx %g5,3,%g2
- .L77000279:
-/* 0x0490 261 */ ldd [%i1],%f4
-/* 0x0494 */ ldd [%i2],%f6
-/* 0x0498 273 */ std %f0,[%i3+8]
-/* 0x049c */ std %f0,[%i3+16]
-/* 0x04a0 261 */ fmuld %f4,%f6,%f6
-/* 0x04a4 */ std %f6,[%i3]
-/* 0x04a8 273 */ std %f0,[%i3+24]
-/* 0x04ac */ std %f0,[%i3+32]
-/* 0x04b0 */ fdtox %f6,%f2
-/* 0x04b4 */ std %f0,[%i3+40]
-/* 0x04b8 */ std %f0,[%i3+48]
-/* 0x04bc */ std %f0,[%i3+56]
-/* 0x04c0 */ std %f0,[%i3+64]
-/* 0x04c4 */ fmovs %f0,%f2
-/* 0x04c8 */ std %f0,[%i3+72]
-/* 0x04cc */ std %f0,[%i3+80]
-/* 0x04d0 */ std %f0,[%i3+88]
-/* 0x04d4 */ std %f0,[%i3+96]
-/* 0x04d8 */ std %f0,[%i3+104]
-/* 0x04dc */ std %f0,[%i3+112]
-/* 0x04e0 */ std %f0,[%i3+120]
-/* 0x04e4 */ std %f0,[%i3+128]
-/* 0x04e8 */ std %f0,[%i3+136]
-/* 0x04ec */ std %f0,[%i3+144]
-/* 0x04f0 */ std %f0,[%i3+152]
-/* 0x04f4 */ std %f0,[%i3+160]
-/* 0x04f8 */ std %f0,[%i3+168]
-/* 0x04fc */ fxtod %f2,%f6
-/* 0x0500 */ std %f0,[%i3+176]
-/* 0x0504 281 */ or %g0,1,%o2
-/* 0x0508 273 */ std %f0,[%i3+184]
-
-! 282 ! {
-! 284 ! m2j=pdm2[j];
-! 285 ! a=pdtj[0]+pdn_0*digit;
-! 286 ! b=pdtj[1]+pdm1_0*pdm2[j+1]+a*TwoToMinus16;
-
-/* 0x050c 286 */ sra %o2,0,%g2
-/* 0x0510 279 */ or %g0,%i3,%o3
-/* 0x0514 273 */ std %f0,[%i3+192]
-/* 0x0518 278 */ fmuld %f6,%f14,%f6
-/* 0x051c 281 */ or %g0,0,%g1
-/* 0x0520 273 */ std %f0,[%i3+200]
-/* 0x0524 */ std %f0,[%i3+208]
-/* 0x0528 */ std %f0,[%i3+216]
-/* 0x052c */ std %f0,[%i3+224]
-/* 0x0530 */ std %f0,[%i3+232]
-/* 0x0534 */ std %f0,[%i3+240]
-/* 0x0538 */ std %f0,[%i3+248]
-/* 0x053c */ std %f0,[%i3+256]
-/* 0x0540 */ std %f0,[%i3+264]
-/* 0x0544 */ std %f0,[%i3+272]
-/* 0x0548 */ std %f0,[%i3+280]
-/* 0x054c */ std %f0,[%i3+288]
-/* 0x0550 */ std %f0,[%i3+296]
-/* 0x0554 */ std %f0,[%i3+304]
-/* 0x0558 */ std %f0,[%i3+312]
-/* 0x055c */ std %f0,[%i3+320]
-/* 0x0560 */ std %f0,[%i3+328]
-/* 0x0564 */ std %f0,[%i3+336]
-/* 0x0568 */ std %f0,[%i3+344]
-/* 0x056c */ std %f0,[%i3+352]
-/* 0x0570 */ std %f0,[%i3+360]
-/* 0x0574 */ std %f0,[%i3+368]
-/* 0x0578 */ std %f0,[%i3+376]
-/* 0x057c */ std %f0,[%i3+384]
-/* 0x0580 */ std %f0,[%i3+392]
-/* 0x0584 */ std %f0,[%i3+400]
-/* 0x0588 */ std %f0,[%i3+408]
-/* 0x058c */ std %f0,[%i3+416]
-/* 0x0590 */ std %f0,[%i3+424]
-/* 0x0594 */ std %f0,[%i3+432]
-/* 0x0598 */ std %f0,[%i3+440]
-/* 0x059c */ std %f0,[%i3+448]
-/* 0x05a0 */ std %f0,[%i3+456]
-/* 0x05a4 */ std %f0,[%i3+464]
-/* 0x05a8 */ std %f0,[%i3+472]
-/* 0x05ac */ std %f0,[%i3+480]
-/* 0x05b0 */ std %f0,[%i3+488]
-/* 0x05b4 */ std %f0,[%i3+496]
-/* 0x05b8 278 */ ldd [%o5],%f8
-/* 0x05bc */ ldd [%o4],%f10
-/* 0x05c0 */ fmuld %f6,%f8,%f8
-/* 0x05c4 273 */ std %f0,[%i3+504]
-/* 0x05c8 */ std %f0,[%i3+512]
-/* 0x05cc */ std %f0,[%i3+520]
-/* 0x05d0 */ fdtox %f8,%f8
-/* 0x05d4 275 */ ldd [%o0],%f0
-/* 0x05d8 */ fxtod %f8,%f8
-/* 0x05dc */ fmuld %f8,%f10,%f8
-/* 0x05e0 */ fsubd %f6,%f8,%f2
-
-! 287 ! pdtj[1]=b;
-! 289 ! /**** this loop will be fully unrolled:
-! 290 ! for(i=1;i<16;i++)
-! 291 ! {
-! 292 ! pdtj[2*i]+=pdm1[i]*m2j+pdn[i]*digit;
-! 293 ! }
-! 294 ! *************************************/
-! 295 ! pdtj[2]+=pdm1[1]*m2j+pdn[1]*digit;
-! 296 ! pdtj[4]+=pdm1[2]*m2j+pdn[2]*digit;
-! 297 ! pdtj[6]+=pdm1[3]*m2j+pdn[3]*digit;
-! 298 ! pdtj[8]+=pdm1[4]*m2j+pdn[4]*digit;
-! 299 ! pdtj[10]+=pdm1[5]*m2j+pdn[5]*digit;
-! 300 ! pdtj[12]+=pdm1[6]*m2j+pdn[6]*digit;
-! 301 ! pdtj[14]+=pdm1[7]*m2j+pdn[7]*digit;
-! 302 ! pdtj[16]+=pdm1[8]*m2j+pdn[8]*digit;
-! 303 ! pdtj[18]+=pdm1[9]*m2j+pdn[9]*digit;
-! 304 ! pdtj[20]+=pdm1[10]*m2j+pdn[10]*digit;
-! 305 ! pdtj[22]+=pdm1[11]*m2j+pdn[11]*digit;
-! 306 ! pdtj[24]+=pdm1[12]*m2j+pdn[12]*digit;
-! 307 ! pdtj[26]+=pdm1[13]*m2j+pdn[13]*digit;
-! 308 ! pdtj[28]+=pdm1[14]*m2j+pdn[14]*digit;
-! 309 ! pdtj[30]+=pdm1[15]*m2j+pdn[15]*digit;
-! 310 ! /* no need for cleenup, cannot overflow */
-! 311 ! digit=mod(lower32(b,Zero)*dn0,TwoToMinus16,TwoTo16);
-
-
- fmovd %f2,%f0 ! hand modified
- fmovd %f30,%f18 ! hand modified
- ldd [%o0],%f2
- ldd [%o3],%f8
- ldd [%i1],%f10
- ldd [%o5],%f14 ! hand modified
- ldd [%o4],%f16 ! hand modified
- ldd [%i2],%f24
-
- ldd [%i1+8],%f26
- ldd [%i1+16],%f40
- ldd [%i1+48],%f46
- ldd [%i1+56],%f30
- ldd [%i1+64],%f54
- ldd [%i1+104],%f34
- ldd [%i1+112],%f58
-
- ldd [%o0+8],%f28
- ldd [%o0+104],%f38
- ldd [%o0+112],%f60
-
- .L99999999: !1
- ldd [%i1+24],%f32
- fmuld %f0,%f2,%f4 !2
- ldd [%o0+24],%f36
- fmuld %f26,%f24,%f20 !3
- ldd [%i1+40],%f42
- fmuld %f28,%f0,%f22 !4
- ldd [%o0+40],%f44
- fmuld %f32,%f24,%f32 !5
- ldd [%i2+8],%f6
- faddd %f4,%f8,%f4
- fmuld %f36,%f0,%f36 !6
- add %i2,8,%i2
- ldd [%o0+56],%f50
- fmuld %f42,%f24,%f42 !7
- ldd [%i1+72],%f52
- faddd %f20,%f22,%f20
- fmuld %f44,%f0,%f44 !8
- ldd [%o3+16],%f22
- fmuld %f10,%f6,%f12 !9
- ldd [%o0+72],%f56
- faddd %f32,%f36,%f32
- fmuld %f14,%f4,%f4 !10
- ldd [%o3+48],%f36
- fmuld %f30,%f24,%f48 !11
- ldd [%o3+8],%f8
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50 !12
- std %f20,[%o3+16]
- faddd %f42,%f44,%f42
- fmuld %f52,%f24,%f52 !13
- ldd [%o3+80],%f44
- faddd %f4,%f12,%f4
- fmuld %f56,%f0,%f56 !14
- ldd [%i1+88],%f20
- faddd %f32,%f36,%f32 !15
- ldd [%o0+88],%f22
- faddd %f48,%f50,%f48 !16
- ldd [%o3+112],%f50
- faddd %f52,%f56,%f52 !17
- ldd [%o3+144],%f56
- faddd %f4,%f8,%f8
- fmuld %f20,%f24,%f20 !18
- std %f32,[%o3+48]
- faddd %f42,%f44,%f42
- fmuld %f22,%f0,%f22 !19
- std %f42,[%o3+80]
- faddd %f48,%f50,%f48
- fmuld %f34,%f24,%f32 !20
- std %f48,[%o3+112]
- faddd %f52,%f56,%f52
- fmuld %f38,%f0,%f36 !21
- ldd [%i1+120],%f42
- fdtox %f8,%f4 !22
- std %f52,[%o3+144]
- faddd %f20,%f22,%f20 !23
- ldd [%o0+120],%f44 !24
- ldd [%o3+176],%f22
- faddd %f32,%f36,%f32
- fmuld %f42,%f24,%f42 !25
- ldd [%o0+16],%f50
- fmovs %f17,%f4 !26
- ldd [%i1+32],%f52
- fmuld %f44,%f0,%f44 !27
- ldd [%o0+32],%f56
- fmuld %f40,%f24,%f48 !28
- ldd [%o3+208],%f36
- faddd %f20,%f22,%f20
- fmuld %f50,%f0,%f50 !29
- std %f20,[%o3+176]
- fxtod %f4,%f4
- fmuld %f52,%f24,%f52 !30
- ldd [%o0+48],%f22
- faddd %f42,%f44,%f42
- fmuld %f56,%f0,%f56 !31
- ldd [%o3+240],%f44
- faddd %f32,%f36,%f32 !32
- std %f32,[%o3+208]
- faddd %f48,%f50,%f48
- fmuld %f46,%f24,%f20 !33
- ldd [%o3+32],%f50
- fmuld %f4,%f18,%f12 !34
- ldd [%o0+64],%f36
- faddd %f52,%f56,%f52
- fmuld %f22,%f0,%f22 !35
- ldd [%o3+64],%f56
- faddd %f42,%f44,%f42 !36
- std %f42,[%o3+240]
- faddd %f48,%f50,%f48
- fmuld %f54,%f24,%f32 !37
- std %f48,[%o3+32]
- fmuld %f12,%f14,%f4 !38
- ldd [%i1+80],%f42
- faddd %f52,%f56,%f56 ! yes, tmp52!
- fmuld %f36,%f0,%f36 !39
- ldd [%o0+80],%f44
- faddd %f20,%f22,%f20 !40
- ldd [%i1+96],%f48
- fmuld %f58,%f24,%f52 !41
- ldd [%o0+96],%f50
- fdtox %f4,%f4
- fmuld %f42,%f24,%f42 !42
- std %f56,[%o3+64] ! yes, tmp52!
- faddd %f32,%f36,%f32
- fmuld %f44,%f0,%f44 !43
- ldd [%o3+96],%f22
- fmuld %f48,%f24,%f48 !44
- ldd [%o3+128],%f36
- fmovd %f6,%f24
- fmuld %f50,%f0,%f50 !45
- fxtod %f4,%f4
- fmuld %f60,%f0,%f56 !46
- add %o3,8,%o3
- faddd %f42,%f44,%f42 !47
- ldd [%o3+160-8],%f44
- faddd %f20,%f22,%f20 !48
- std %f20,[%o3+96-8]
- faddd %f48,%f50,%f48 !49
- ldd [%o3+192-8],%f50
- faddd %f52,%f56,%f52
- fmuld %f4,%f16,%f4 !50
- ldd [%o3+224-8],%f56
- faddd %f32,%f36,%f32 !51
- std %f32,[%o3+128-8]
- faddd %f42,%f44,%f42 !52
- add %g1,1,%g1
- std %f42,[%o3+160-8]
- faddd %f48,%f50,%f48 !53
- cmp %g1,31
- std %f48,[%o3+192-8]
- fsubd %f12,%f4,%f0 !54
- faddd %f52,%f56,%f52
- ble,pt %icc,.L99999999
- std %f52,[%o3+224-8] !55
- std %f8,[%o3]
-! 312 ! }
-! 313 ! }
-! 315 ! conv_d16_to_i32(result,dt+2*nlen,(long long *)dt,nlen+1);
-
-/* 0x0844 315 */ sllx %g5,3,%g2
- .L900000650:
-/* 0x0848 315 */ ldd [%g2+%l4],%f2
-/* 0x084c */ add %l4,%g2,%o0
-/* 0x0850 */ or %g0,0,%g1
-/* 0x0854 */ ldd [%o0+8],%f4
-/* 0x0858 */ or %g0,0,%i2
-/* 0x085c */ cmp %l0,0
-/* 0x0860 */ fdtox %f2,%f2
-/* 0x0864 */ std %f2,[%sp+2255]
-/* 0x0868 311 */ sethi %hi(0xfc00),%o3
-/* 0x086c 315 */ fdtox %f4,%f2
-/* 0x0870 */ std %f2,[%sp+2247]
-/* 0x0874 311 */ or %g0,-1,%o2
-/* 0x0878 */ srl %o2,0,%o5
-/* 0x087c */ or %g0,2,%g5
-/* 0x0880 */ sub %l0,1,%g3
-/* 0x0884 */ or %g0,%o0,%o7
-/* 0x0888 */ add %o3,1023,%o4
-/* 0x088c 315 */ or %g0,64,%o3
-/* 0x0890 */ ldx [%sp+2255],%i0
-/* 0x0894 */ sub %l0,2,%o1
-/* 0x0898 */ ldx [%sp+2247],%i1
-/* 0x089c */ ble,pt %icc,.L900000648
-/* 0x08a0 */ sethi %hi(0xfc00),%g2
-/* 0x08a4 */ cmp %l0,6
-/* 0x08a8 */ and %i0,%o5,%o2
-/* 0x08ac */ bl,pn %icc,.L77000287
-/* 0x08b0 */ or %g0,3,%g4
-/* 0x08b4 */ ldd [%o7+16],%f0
-/* 0x08b8 */ and %i1,%o4,%i3
-/* 0x08bc */ sllx %i3,16,%o0
-/* 0x08c0 */ or %g0,5,%g4
-/* 0x08c4 */ srax %i1,16,%i4
-/* 0x08c8 */ fdtox %f0,%f0
-/* 0x08cc */ std %f0,[%sp+2239]
-/* 0x08d0 */ srax %i0,32,%i1
-/* 0x08d4 */ add %o2,%o0,%i5
-/* 0x08d8 */ ldd [%o7+24],%f0
-/* 0x08dc */ and %i5,%o5,%l1
-/* 0x08e0 */ or %g0,72,%o2
-/* 0x08e4 */ or %g0,4,%o0
-/* 0x08e8 */ or %g0,4,%g5
-/* 0x08ec */ ldx [%sp+2239],%g1
-/* 0x08f0 */ fdtox %f0,%f0
-/* 0x08f4 */ or %g0,4,%i2
-/* 0x08f8 */ std %f0,[%sp+2231]
-/* 0x08fc */ ldd [%o7+40],%f2
-/* 0x0900 */ and %g1,%o5,%i3
-/* 0x0904 */ ldd [%o7+32],%f0
-/* 0x0908 */ srax %g1,32,%g1
-/* 0x090c */ ldd [%o7+56],%f4
-/* 0x0910 */ fdtox %f2,%f2
-/* 0x0914 */ ldx [%sp+2231],%g2
-/* 0x0918 */ fdtox %f0,%f0
-/* 0x091c */ st %l1,[%l2]
-/* 0x0920 */ srax %i5,32,%l1
-/* 0x0924 */ fdtox %f4,%f4
-/* 0x0928 */ std %f2,[%sp+2231]
-/* 0x092c */ and %g2,%o4,%i5
-/* 0x0930 */ add %i4,%l1,%i4
-/* 0x0934 */ std %f0,[%sp+2239]
-/* 0x0938 */ sllx %i5,16,%i0
-/* 0x093c */ add %i1,%i4,%i1
-/* 0x0940 */ ldd [%o7+48],%f2
-/* 0x0944 */ srax %g2,16,%g2
-/* 0x0948 */ add %i3,%i0,%i0
-/* 0x094c */ ldd [%o7+72],%f0
-/* 0x0950 */ add %i0,%i1,%i3
-/* 0x0954 */ srax %i3,32,%i4
-/* 0x0958 */ fdtox %f2,%f2
-/* 0x095c */ and %i3,%o5,%i3
-/* 0x0960 */ ldx [%sp+2231],%i1
-/* 0x0964 */ add %g2,%i4,%g2
-/* 0x0968 */ ldx [%sp+2239],%i0
-/* 0x096c */ add %g1,%g2,%g1
-/* 0x0970 */ std %f2,[%sp+2239]
-/* 0x0974 */ std %f4,[%sp+2231]
-/* 0x0978 */ ldd [%o7+64],%f2
-/* 0x097c */ st %i3,[%l2+4]
- .L900000631:
-/* 0x0980 */ ldx [%sp+2231],%i3
-/* 0x0984 */ add %i2,2,%i2
-/* 0x0988 */ add %g4,4,%g4
-/* 0x098c */ ldx [%sp+2239],%i5
-/* 0x0990 */ add %o2,16,%o2
-/* 0x0994 */ and %i1,%o4,%g2
-/* 0x0998 */ sllx %g2,16,%i4
-/* 0x099c */ and %i0,%o5,%g2
-/* 0x09a0 */ ldd [%o7+%o2],%f4
-/* 0x09a4 */ fdtox %f0,%f0
-/* 0x09a8 */ std %f0,[%sp+2231]
-/* 0x09ac */ srax %i1,16,%i1
-/* 0x09b0 */ add %g2,%i4,%g2
-/* 0x09b4 */ fdtox %f2,%f0
-/* 0x09b8 */ add %o3,16,%o3
-/* 0x09bc */ std %f0,[%sp+2239]
-/* 0x09c0 */ add %g2,%g1,%g1
-/* 0x09c4 */ ldd [%o7+%o3],%f2
-/* 0x09c8 */ srax %g1,32,%i4
-/* 0x09cc */ cmp %i2,%o1
-/* 0x09d0 */ srax %i0,32,%g2
-/* 0x09d4 */ add %i1,%i4,%i0
-/* 0x09d8 */ add %g2,%i0,%i4
-/* 0x09dc */ add %o0,4,%o0
-/* 0x09e0 */ and %g1,%o5,%g2
-/* 0x09e4 */ or %g0,%i5,%g1
-/* 0x09e8 */ st %g2,[%l2+%o0]
-/* 0x09ec */ add %g5,4,%g5
-/* 0x09f0 */ ldx [%sp+2231],%i1
-/* 0x09f4 */ ldx [%sp+2239],%i0
-/* 0x09f8 */ add %o2,16,%o2
-/* 0x09fc */ and %i3,%o4,%g2
-/* 0x0a00 */ sllx %g2,16,%i5
-/* 0x0a04 */ and %g1,%o5,%g2
-/* 0x0a08 */ ldd [%o7+%o2],%f0
-/* 0x0a0c */ fdtox %f4,%f4
-/* 0x0a10 */ std %f4,[%sp+2231]
-/* 0x0a14 */ srax %i3,16,%i3
-/* 0x0a18 */ add %g2,%i5,%g2
-/* 0x0a1c */ fdtox %f2,%f2
-/* 0x0a20 */ add %o3,16,%o3
-/* 0x0a24 */ std %f2,[%sp+2239]
-/* 0x0a28 */ add %g2,%i4,%g2
-/* 0x0a2c */ ldd [%o7+%o3],%f2
-/* 0x0a30 */ srax %g2,32,%i4
-/* 0x0a34 */ srax %g1,32,%g1
-/* 0x0a38 */ add %i3,%i4,%i3
-/* 0x0a3c */ add %g1,%i3,%g1
-/* 0x0a40 */ add %o0,4,%o0
-/* 0x0a44 */ and %g2,%o5,%g2
-/* 0x0a48 */ ble,pt %icc,.L900000631
-/* 0x0a4c */ st %g2,[%l2+%o0]
- .L900000634:
-/* 0x0a50 */ srax %i1,16,%i5
-/* 0x0a54 */ ldx [%sp+2231],%o1
-/* 0x0a58 */ and %i1,%o4,%i3
-/* 0x0a5c */ sllx %i3,16,%i3
-/* 0x0a60 */ ldx [%sp+2239],%i4
-/* 0x0a64 */ and %i0,%o5,%g2
-/* 0x0a68 */ add %g2,%i3,%g2
-/* 0x0a6c */ and %o1,%o4,%i3
-/* 0x0a70 */ fdtox %f0,%f4
-/* 0x0a74 */ sllx %i3,16,%i3
-/* 0x0a78 */ std %f4,[%sp+2231]
-/* 0x0a7c */ add %g2,%g1,%g2
-/* 0x0a80 */ srax %g2,32,%l1
-/* 0x0a84 */ and %i4,%o5,%i1
-/* 0x0a88 */ fdtox %f2,%f0
-/* 0x0a8c */ srax %i0,32,%g1
-/* 0x0a90 */ std %f0,[%sp+2239]
-/* 0x0a94 */ add %i5,%l1,%i0
-/* 0x0a98 */ srax %o1,16,%o1
-/* 0x0a9c */ add %g1,%i0,%i0
-/* 0x0aa0 */ add %o0,4,%g1
-/* 0x0aa4 */ add %i1,%i3,%o0
-/* 0x0aa8 */ and %g2,%o5,%g2
-/* 0x0aac */ st %g2,[%l2+%g1]
-/* 0x0ab0 */ add %o0,%i0,%o0
-/* 0x0ab4 */ srax %o0,32,%i3
-/* 0x0ab8 */ ldx [%sp+2231],%i1
-/* 0x0abc */ add %g1,4,%g1
-/* 0x0ac0 */ ldx [%sp+2239],%i0
-/* 0x0ac4 */ and %o0,%o5,%g2
-/* 0x0ac8 */ add %o1,%i3,%o1
-/* 0x0acc */ srax %i4,32,%o0
-/* 0x0ad0 */ cmp %i2,%g3
-/* 0x0ad4 */ st %g2,[%l2+%g1]
-/* 0x0ad8 */ bg,pn %icc,.L77000236
-/* 0x0adc */ add %o0,%o1,%g1
-/* 0x0ae0 */ add %g4,6,%g4
-/* 0x0ae4 */ add %g5,6,%g5
- .L77000287:
-/* 0x0ae8 */ sra %g5,0,%o1
- .L900000647:
-/* 0x0aec */ sllx %o1,3,%o2
-/* 0x0af0 */ and %i0,%o5,%o0
-/* 0x0af4 */ ldd [%o7+%o2],%f0
-/* 0x0af8 */ sra %g4,0,%o2
-/* 0x0afc */ and %i1,%o4,%o1
-/* 0x0b00 */ sllx %o2,3,%o2
-/* 0x0b04 */ add %g1,%o0,%o0
-/* 0x0b08 */ fdtox %f0,%f0
-/* 0x0b0c */ std %f0,[%sp+2239]
-/* 0x0b10 */ sllx %o1,16,%o1
-/* 0x0b14 */ add %o0,%o1,%o1
-/* 0x0b18 */ add %g5,2,%g5
-/* 0x0b1c */ ldd [%o7+%o2],%f0
-/* 0x0b20 */ srax %o1,32,%g1
-/* 0x0b24 */ and %o1,%o5,%o2
-/* 0x0b28 */ srax %i1,16,%o0
-/* 0x0b2c */ add %g4,2,%g4
-/* 0x0b30 */ fdtox %f0,%f0
-/* 0x0b34 */ std %f0,[%sp+2231]
-/* 0x0b38 */ sra %i2,0,%o1
-/* 0x0b3c */ sllx %o1,2,%o1
-/* 0x0b40 */ add %o0,%g1,%g2
-/* 0x0b44 */ srax %i0,32,%g1
-/* 0x0b48 */ add %i2,1,%i2
-/* 0x0b4c */ add %g1,%g2,%g1
-/* 0x0b50 */ cmp %i2,%g3
-/* 0x0b54 */ ldx [%sp+2239],%o3
-/* 0x0b58 */ ldx [%sp+2231],%i1
-/* 0x0b5c */ st %o2,[%l2+%o1]
-/* 0x0b60 */ or %g0,%o3,%i0
-/* 0x0b64 */ ble,pt %icc,.L900000647
-/* 0x0b68 */ sra %g5,0,%o1
- .L77000236:
-/* 0x0b6c */ sethi %hi(0xfc00),%g2
- .L900000648:
-/* 0x0b70 */ or %g0,-1,%o0
-/* 0x0b74 */ add %g2,1023,%g2
-/* 0x0b78 */ srl %o0,0,%g3
-/* 0x0b7c */ and %i1,%g2,%g2
-/* 0x0b80 */ and %i0,%g3,%g4
-/* 0x0b84 */ sllx %g2,16,%g2
-/* 0x0b88 */ add %g1,%g4,%g4
-/* 0x0b8c */ sra %i2,0,%g5
-/* 0x0b90 */ add %g4,%g2,%g4
-/* 0x0b94 */ sllx %g5,2,%g2
-/* 0x0b98 */ and %g4,%g3,%g3
-/* 0x0b9c */ st %g3,[%l2+%g2]
-
-! 317 ! adjust_montf_result(result,nint,nlen);
-
-/* 0x0ba0 317 */ sra %l0,0,%g4
-/* 0x0ba4 */ sllx %g4,2,%g2
-/* 0x0ba8 */ ld [%l2+%g2],%g2
-/* 0x0bac */ cmp %g2,0
-/* 0x0bb0 */ bleu,pn %icc,.L77000241
-/* 0x0bb4 */ or %g0,-1,%o1
-/* 0x0bb8 */ ba .L900000646
-/* 0x0bbc */ cmp %o1,0
- .L77000241:
-/* 0x0bc0 */ sub %l0,1,%o1
-/* 0x0bc4 */ cmp %o1,0
-/* 0x0bc8 */ bl,pn %icc,.L77000244
-/* 0x0bcc */ sra %o1,0,%g2
- .L900000645:
-/* 0x0bd0 */ sllx %g2,2,%g2
-/* 0x0bd4 */ sub %o1,1,%o0
-/* 0x0bd8 */ ld [%l3+%g2],%g3
-/* 0x0bdc */ ld [%l2+%g2],%g2
-/* 0x0be0 */ cmp %g2,%g3
-/* 0x0be4 */ bne,pn %icc,.L77000244
-/* 0x0be8 */ nop
-/* 0x0bec 0 */ or %g0,%o0,%o1
-/* 0x0bf0 317 */ cmp %o0,0
-/* 0x0bf4 */ bge,pt %icc,.L900000645
-/* 0x0bf8 */ sra %o1,0,%g2
- .L77000244:
-/* 0x0bfc */ cmp %o1,0
- .L900000646:
-/* 0x0c00 */ bl,pn %icc,.L77000288
-/* 0x0c04 */ sra %o1,0,%g2
-/* 0x0c08 */ sllx %g2,2,%g2
-/* 0x0c0c */ ld [%l3+%g2],%g3
-/* 0x0c10 */ ld [%l2+%g2],%g2
-/* 0x0c14 */ cmp %g2,%g3
-/* 0x0c18 */ bleu,pt %icc,.L77000224
-/* 0x0c1c */ nop
- .L77000288:
-/* 0x0c20 */ cmp %l0,0
-/* 0x0c24 */ ble,pt %icc,.L77000224
-/* 0x0c28 */ nop
-/* 0x0c2c 317 */ or %g0,-1,%g2
-/* 0x0c30 315 */ or %g0,0,%i0
-/* 0x0c34 317 */ srl %g2,0,%g2
-/* 0x0c38 315 */ or %g0,0,%g4
-/* 0x0c3c */ or %g0,0,%o1
-/* 0x0c40 317 */ sub %l0,1,%g5
-/* 0x0c44 */ cmp %l0,9
-/* 0x0c48 315 */ or %g0,8,%o5
-/* 0x0c4c */ bl,pn %icc,.L77000289
-/* 0x0c50 */ sub %l0,4,%o7
-/* 0x0c54 */ ld [%l2],%o1
-/* 0x0c58 */ or %g0,5,%i0
-/* 0x0c5c */ ld [%l3],%o2
-/* 0x0c60 */ or %g0,12,%o4
-/* 0x0c64 */ or %g0,16,%g1
-/* 0x0c68 */ ld [%l3+4],%o3
-/* 0x0c6c */ ld [%l2+4],%o0
-/* 0x0c70 */ sub %o1,%o2,%o1
-/* 0x0c74 */ ld [%l3+8],%i1
-/* 0x0c78 */ and %o1,%g2,%g4
-/* 0x0c7c */ st %g4,[%l2]
-/* 0x0c80 */ srax %o1,32,%g4
-/* 0x0c84 */ sub %o0,%o3,%o0
-/* 0x0c88 */ ld [%l3+12],%o2
-/* 0x0c8c */ add %o0,%g4,%o0
-/* 0x0c90 */ and %o0,%g2,%g4
-/* 0x0c94 */ st %g4,[%l2+4]
-/* 0x0c98 */ srax %o0,32,%o0
-/* 0x0c9c */ ld [%l2+8],%o1
-/* 0x0ca0 */ ld [%l2+12],%o3
-/* 0x0ca4 */ sub %o1,%i1,%o1
- .L900000635:
-/* 0x0ca8 */ add %g1,4,%g3
-/* 0x0cac */ ld [%g1+%l2],%g4
-/* 0x0cb0 */ add %o1,%o0,%o0
-/* 0x0cb4 */ ld [%l3+%g1],%i1
-/* 0x0cb8 */ sub %o3,%o2,%o1
-/* 0x0cbc */ and %o0,%g2,%o2
-/* 0x0cc0 */ st %o2,[%o5+%l2]
-/* 0x0cc4 */ srax %o0,32,%o2
-/* 0x0cc8 */ add %i0,4,%i0
-/* 0x0ccc */ add %g1,8,%o5
-/* 0x0cd0 */ ld [%g3+%l2],%o0
-/* 0x0cd4 */ add %o1,%o2,%o1
-/* 0x0cd8 */ ld [%l3+%g3],%o3
-/* 0x0cdc */ sub %g4,%i1,%o2
-/* 0x0ce0 */ and %o1,%g2,%g4
-/* 0x0ce4 */ st %g4,[%o4+%l2]
-/* 0x0ce8 */ srax %o1,32,%g4
-/* 0x0cec */ cmp %i0,%o7
-/* 0x0cf0 */ add %g1,12,%o4
-/* 0x0cf4 */ ld [%o5+%l2],%o1
-/* 0x0cf8 */ add %o2,%g4,%o2
-/* 0x0cfc */ ld [%l3+%o5],%i1
-/* 0x0d00 */ sub %o0,%o3,%o0
-/* 0x0d04 */ and %o2,%g2,%o3
-/* 0x0d08 */ st %o3,[%g1+%l2]
-/* 0x0d0c */ srax %o2,32,%g4
-/* 0x0d10 */ ld [%o4+%l2],%o3
-/* 0x0d14 */ add %g1,16,%g1
-/* 0x0d18 */ add %o0,%g4,%o0
-/* 0x0d1c */ ld [%l3+%o4],%o2
-/* 0x0d20 */ sub %o1,%i1,%o1
-/* 0x0d24 */ and %o0,%g2,%g4
-/* 0x0d28 */ st %g4,[%g3+%l2]
-/* 0x0d2c */ ble,pt %icc,.L900000635
-/* 0x0d30 */ srax %o0,32,%o0
- .L900000638:
-/* 0x0d34 */ add %o1,%o0,%g3
-/* 0x0d38 */ sub %o3,%o2,%o1
-/* 0x0d3c */ ld [%g1+%l2],%o0
-/* 0x0d40 */ ld [%l3+%g1],%o2
-/* 0x0d44 */ srax %g3,32,%o7
-/* 0x0d48 */ and %g3,%g2,%o3
-/* 0x0d4c */ add %o1,%o7,%o1
-/* 0x0d50 */ st %o3,[%o5+%l2]
-/* 0x0d54 */ cmp %i0,%g5
-/* 0x0d58 */ sub %o0,%o2,%o0
-/* 0x0d5c */ and %o1,%g2,%o2
-/* 0x0d60 */ st %o2,[%o4+%l2]
-/* 0x0d64 */ srax %o1,32,%o1
-/* 0x0d68 */ sra %i0,0,%o2
-/* 0x0d6c */ add %o0,%o1,%o0
-/* 0x0d70 */ srax %o0,32,%g4
-/* 0x0d74 */ and %o0,%g2,%o1
-/* 0x0d78 */ st %o1,[%g1+%l2]
-/* 0x0d7c */ bg,pn %icc,.L77000224
-/* 0x0d80 */ sllx %o2,2,%o1
- .L77000289:
-/* 0x0d84 0 */ or %g0,%o1,%g1
- .L900000644:
-/* 0x0d88 */ ld [%o1+%l2],%o0
-/* 0x0d8c */ add %i0,1,%i0
-/* 0x0d90 */ ld [%l3+%o1],%o1
-/* 0x0d94 */ sra %i0,0,%o2
-/* 0x0d98 */ cmp %i0,%g5
-/* 0x0d9c */ add %g4,%o0,%o0
-/* 0x0da0 */ sub %o0,%o1,%o0
-/* 0x0da4 */ srax %o0,32,%g4
-/* 0x0da8 */ and %o0,%g2,%o1
-/* 0x0dac */ st %o1,[%g1+%l2]
-/* 0x0db0 */ sllx %o2,2,%o1
-/* 0x0db4 */ ble,pt %icc,.L900000644
-/* 0x0db8 */ or %g0,%o1,%g1
- .L77000224:
-/* 0x0dbc */ ret ! Result =
-/* 0x0dc0 */ restore %g0,%g0,%g0
-/* 0x0dc4 0 */ .type mont_mulf_noconv,2
-/* 0x0dc4 */ .size mont_mulf_noconv,(.-mont_mulf_noconv)
-
-! Begin Disassembling Stabs
- .xstabs ".stab.index","Xa ; O ; P ; V=3.1 ; R=WorkShop Compilers 5.0 98/12/15 C 5.0",60,0,0,0 ! (/usr/tmp/acompAAAl9a4BP:1)
- .xstabs ".stab.index","/h/interzone/d3/nelsonb/nss_tip/mozilla/security/nss/lib/freebl/mpi32; /tools/ns/workshop-5.0/bin/../SC5.0/bin/cc -fast -xO5 -xrestrict=%%all -xdepend -xchip=ultra -xarch=v9a -KPIC -mt -S montmulf64.il -W0,-xp montmulf.c -W0,-xp",52,0,0,0 ! (/usr/tmp/acompAAAl9a4BP:2)
-! End Disassembling Stabs
-
-! Begin Disassembling Ident
- .ident "cg: WorkShop Compilers 5.0 99/08/12 Compiler Common 5.0 Patch 107357-05" ! (NO SOURCE LINE)
- .ident "acomp: WorkShop Compilers 5.0 98/12/15 C 5.0" ! (/usr/tmp/acompAAAl9a4BP:36)
-! End Disassembling Ident
diff --git a/security/nss/lib/freebl/mpi/mpi-config.h b/security/nss/lib/freebl/mpi/mpi-config.h
deleted file mode 100644
index bf573e254..000000000
--- a/security/nss/lib/freebl/mpi/mpi-config.h
+++ /dev/null
@@ -1,109 +0,0 @@
-/* Default configuration for MPI library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* $Id$ */
-
-#ifndef MPI_CONFIG_H_
-#define MPI_CONFIG_H_
-
-/*
- For boolean options,
- 0 = no
- 1 = yes
-
- Other options are documented individually.
-
- */
-
-#ifndef MP_IOFUNC
-#define MP_IOFUNC 0 /* include mp_print() ? */
-#endif
-
-#ifndef MP_MODARITH
-#define MP_MODARITH 1 /* include modular arithmetic ? */
-#endif
-
-#ifndef MP_NUMTH
-#define MP_NUMTH 1 /* include number theoretic functions? */
-#endif
-
-#ifndef MP_LOGTAB
-#define MP_LOGTAB 1 /* use table of logs instead of log()? */
-#endif
-
-#ifndef MP_MEMSET
-#define MP_MEMSET 1 /* use memset() to zero buffers? */
-#endif
-
-#ifndef MP_MEMCPY
-#define MP_MEMCPY 1 /* use memcpy() to copy buffers? */
-#endif
-
-#ifndef MP_CRYPTO
-#define MP_CRYPTO 1 /* erase memory on free? */
-#endif
-
-#ifndef MP_ARGCHK
-/*
- 0 = no parameter checks
- 1 = runtime checks, continue execution and return an error to caller
- 2 = assertions; dump core on parameter errors
- */
-#ifdef DEBUG
-#define MP_ARGCHK 2 /* how to check input arguments */
-#else
-#define MP_ARGCHK 1 /* how to check input arguments */
-#endif
-#endif
-
-#ifndef MP_DEBUG
-#define MP_DEBUG 0 /* print diagnostic output? */
-#endif
-
-#ifndef MP_DEFPREC
-#define MP_DEFPREC 64 /* default precision, in digits */
-#endif
-
-#ifndef MP_MACRO
-#define MP_MACRO 0 /* use macros for frequent calls? */
-#endif
-
-#ifndef MP_SQUARE
-#define MP_SQUARE 1 /* use separate squaring code? */
-#endif
-
-#endif /* ifndef MPI_CONFIG_H_ */
-
-
diff --git a/security/nss/lib/freebl/mpi/mpi-priv.h b/security/nss/lib/freebl/mpi/mpi-priv.h
deleted file mode 100644
index eaa683a77..000000000
--- a/security/nss/lib/freebl/mpi/mpi-priv.h
+++ /dev/null
@@ -1,258 +0,0 @@
-/*
- * mpi-priv.h - Private header file for MPI
- * Arbitrary precision integer arithmetic library
- *
- * NOTE WELL: the content of this header file is NOT part of the "public"
- * API for the MPI library, and may change at any time.
- * Application programs that use libmpi should NOT include this header file.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-#ifndef _MPI_PRIV_H_
-#define _MPI_PRIV_H_ 1
-
-#include "mpi.h"
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-
-#if MP_DEBUG
-#include <stdio.h>
-
-#define DIAG(T,V) {fprintf(stderr,T);mp_print(V,stderr);fputc('\n',stderr);}
-#else
-#define DIAG(T,V)
-#endif
-
-/* If we aren't using a wired-in logarithm table, we need to include
- the math library to get the log() function
- */
-
-/* {{{ s_logv_2[] - log table for 2 in various bases */
-
-#if MP_LOGTAB
-/*
- A table of the logs of 2 for various bases (the 0 and 1 entries of
- this table are meaningless and should not be referenced).
-
- This table is used to compute output lengths for the mp_toradix()
- function. Since a number n in radix r takes up about log_r(n)
- digits, we estimate the output size by taking the least integer
- greater than log_r(n), where:
-
- log_r(n) = log_2(n) * log_r(2)
-
- This table, therefore, is a table of log_r(2) for 2 <= r <= 36,
- which are the output bases supported.
- */
-
-extern const float s_logv_2[];
-#define LOG_V_2(R) s_logv_2[(R)]
-
-#else
-
-/*
- If MP_LOGTAB is not defined, use the math library to compute the
- logarithms on the fly. Otherwise, use the table.
- Pick which works best for your system.
- */
-
-#include <math.h>
-#define LOG_V_2(R) (log(2.0)/log(R))
-
-#endif /* if MP_LOGTAB */
-
-/* }}} */
-
-/* {{{ Digit arithmetic macros */
-
-/*
- When adding and multiplying digits, the results can be larger than
- can be contained in an mp_digit. Thus, an mp_word is used. These
- macros mask off the upper and lower digits of the mp_word (the
- mp_word may be more than 2 mp_digits wide, but we only concern
- ourselves with the low-order 2 mp_digits)
- */
-
-#define CARRYOUT(W) (mp_digit)((W)>>DIGIT_BIT)
-#define ACCUM(W) (mp_digit)(W)
-
-#define MP_MIN(a,b) (((a) < (b)) ? (a) : (b))
-#define MP_MAX(a,b) (((a) > (b)) ? (a) : (b))
-#define MP_HOWMANY(a,b) (((a) + (b) - 1)/(b))
-#define MP_ROUNDUP(a,b) (MP_HOWMANY(a,b) * (b))
-
-/* }}} */
-
-/* {{{ Comparison constants */
-
-#define MP_LT -1
-#define MP_EQ 0
-#define MP_GT 1
-
-/* }}} */
-
-/* {{{ private function declarations */
-
-/*
- If MP_MACRO is false, these will be defined as actual functions;
- otherwise, suitable macro definitions will be used. This works
- around the fact that ANSI C89 doesn't support an 'inline' keyword
- (although I hear C9x will ... about bloody time). At present, the
- macro definitions are identical to the function bodies, but they'll
- expand in place, instead of generating a function call.
-
- I chose these particular functions to be made into macros because
- some profiling showed they are called a lot on a typical workload,
- and yet they are primarily housekeeping.
- */
-#if MP_MACRO == 0
- void s_mp_setz(mp_digit *dp, mp_size count); /* zero digits */
- void s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count); /* copy */
- void *s_mp_alloc(size_t nb, size_t ni); /* general allocator */
- void s_mp_free(void *ptr); /* general free function */
-extern unsigned long mp_allocs;
-extern unsigned long mp_frees;
-extern unsigned long mp_copies;
-#else
-
- /* Even if these are defined as macros, we need to respect the settings
- of the MP_MEMSET and MP_MEMCPY configuration options...
- */
- #if MP_MEMSET == 0
- #define s_mp_setz(dp, count) \
- {int ix;for(ix=0;ix<(count);ix++)(dp)[ix]=0;}
- #else
- #define s_mp_setz(dp, count) memset(dp, 0, (count) * sizeof(mp_digit))
- #endif /* MP_MEMSET */
-
- #if MP_MEMCPY == 0
- #define s_mp_copy(sp, dp, count) \
- {int ix;for(ix=0;ix<(count);ix++)(dp)[ix]=(sp)[ix];}
- #else
- #define s_mp_copy(sp, dp, count) memcpy(dp, sp, (count) * sizeof(mp_digit))
- #endif /* MP_MEMCPY */
-
- #define s_mp_alloc(nb, ni) calloc(nb, ni)
- #define s_mp_free(ptr) {if(ptr) free(ptr);}
-#endif /* MP_MACRO */
-
-mp_err s_mp_grow(mp_int *mp, mp_size min); /* increase allocated size */
-mp_err s_mp_pad(mp_int *mp, mp_size min); /* left pad with zeroes */
-
-#if MP_MACRO == 0
- void s_mp_clamp(mp_int *mp); /* clip leading zeroes */
-#else
- #define s_mp_clamp(mp)\
- { mp_size used = MP_USED(mp); \
- while (used > 1 && DIGIT(mp, used - 1) == 0) --used; \
- MP_USED(mp) = used; \
- }
-#endif /* MP_MACRO */
-
-void s_mp_exch(mp_int *a, mp_int *b); /* swap a and b in place */
-
-mp_err s_mp_lshd(mp_int *mp, mp_size p); /* left-shift by p digits */
-void s_mp_rshd(mp_int *mp, mp_size p); /* right-shift by p digits */
-mp_err s_mp_mul_2d(mp_int *mp, mp_digit d); /* multiply by 2^d in place */
-void s_mp_div_2d(mp_int *mp, mp_digit d); /* divide by 2^d in place */
-void s_mp_mod_2d(mp_int *mp, mp_digit d); /* modulo 2^d in place */
-void s_mp_div_2(mp_int *mp); /* divide by 2 in place */
-mp_err s_mp_mul_2(mp_int *mp); /* multiply by 2 in place */
-mp_err s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd);
- /* normalize for division */
-mp_err s_mp_add_d(mp_int *mp, mp_digit d); /* unsigned digit addition */
-mp_err s_mp_sub_d(mp_int *mp, mp_digit d); /* unsigned digit subtract */
-mp_err s_mp_mul_d(mp_int *mp, mp_digit d); /* unsigned digit multiply */
-mp_err s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r);
- /* unsigned digit divide */
-mp_err s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu);
- /* Barrett reduction */
-mp_err s_mp_add(mp_int *a, const mp_int *b); /* magnitude addition */
-mp_err s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err s_mp_sub(mp_int *a, const mp_int *b); /* magnitude subtract */
-mp_err s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset);
- /* a += b * RADIX^offset */
-mp_err s_mp_mul(mp_int *a, const mp_int *b); /* magnitude multiply */
-#if MP_SQUARE
-mp_err s_mp_sqr(mp_int *a); /* magnitude square */
-#else
-#define s_mp_sqr(a) s_mp_mul(a, a)
-#endif
-mp_err s_mp_div(mp_int *rem, mp_int *div, mp_int *quot); /* magnitude div */
-mp_err s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err s_mp_2expt(mp_int *a, mp_digit k); /* a = 2^k */
-int s_mp_cmp(const mp_int *a, const mp_int *b); /* magnitude comparison */
-int s_mp_cmp_d(const mp_int *a, mp_digit d); /* magnitude digit compare */
-int s_mp_ispow2(const mp_int *v); /* is v a power of 2? */
-int s_mp_ispow2d(mp_digit d); /* is d a power of 2? */
-
-int s_mp_tovalue(char ch, int r); /* convert ch to value */
-char s_mp_todigit(mp_digit val, int r, int low); /* convert val to digit */
-int s_mp_outlen(int bits, int r); /* output length in bytes */
-mp_digit s_mp_invmod_radix(mp_digit P); /* returns (P ** -1) mod RADIX */
-mp_err s_mp_invmod_odd_m( const mp_int *a, const mp_int *m, mp_int *c);
-mp_err s_mp_invmod_2d( const mp_int *a, mp_size k, mp_int *c);
-mp_err s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c);
-
-/* ------ mpv functions, operate on arrays of digits, not on mp_int's ------ */
-#if defined (__OS2__) && defined (__IBMC__)
-#define MPI_ASM_DECL __cdecl
-#else
-#define MPI_ASM_DECL
-#endif
-
-void MPI_ASM_DECL s_mpv_mul_d(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c);
-void MPI_ASM_DECL s_mpv_mul_d_add(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c);
-void MPI_ASM_DECL s_mpv_mul_d_add_prop(const mp_digit *a,
- mp_size a_len, mp_digit b,
- mp_digit *c);
-void MPI_ASM_DECL s_mpv_sqr_add_prop(const mp_digit *a,
- mp_size a_len,
- mp_digit *sqrs);
-
-mp_err MPI_ASM_DECL s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo,
- mp_digit divisor, mp_digit *quot, mp_digit *rem);
-
-/* c += a * b * (MP_RADIX ** offset); */
-#define s_mp_mul_d_add_offset(a, b, c, off) \
-(s_mpv_mul_d_add_prop(MP_DIGITS(a), MP_USED(a), b, MP_DIGITS(c) + off), MP_OKAY)
-
-/* }}} */
-#endif
-
diff --git a/security/nss/lib/freebl/mpi/mpi-test.c b/security/nss/lib/freebl/mpi/mpi-test.c
deleted file mode 100644
index ed3880631..000000000
--- a/security/nss/lib/freebl/mpi/mpi-test.c
+++ /dev/null
@@ -1,1973 +0,0 @@
-/*
- * mpi-test.c
- *
- * This is a general test suite for the MPI library, which tests
- * all the functions in the library with known values. The program
- * exits with a zero (successful) status if the tests pass, or a
- * nonzero status if the tests fail.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdarg.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-#include "test-info.c"
-
-/* ZS means Zero Suppressed (no leading zeros) */
-#if MP_USE_LONG_DIGIT
-#define ZS_DIGIT_FMT "%lX"
-#elif MP_USE_LONG_LONG_DIGIT
-#define ZS_DIGIT_FMT "%llX"
-#elif MP_USE_UINT_DIGIT
-#define ZS_DIGIT_FMT "%X"
-#else
-#error "unknown type of digit"
-#endif
-
-/*
- Test vectors
-
- If you intend to change any of these values, you must also recompute
- the corresponding solutions below. Basically, these are just hex
- strings (for the big integers) or integer values (for the digits).
-
- The comparison tests think they know what relationships hold between
- these values. If you change that, you may have to adjust the code
- for the comparison tests accordingly. Most of the other tests
- should be fine as long as you re-compute the solutions, though.
- */
-const char *mp1 = "639A868CDA0C569861B";
-const char *mp2 = "AAFC0A3FE45E5E09DBE2C29";
-const char *mp3 = "B55AA8DF8A7E83241F38AC7A9E479CAEF2E4D7C5";
-const char *mp4 = "-63DBC2265B88268DC801C10EA68476B7BDE0090F";
-const char *mp5 = "F595CB42";
-const char *mp5a = "-4B597E";
-const char *mp6 = "0";
-const char *mp7 = "EBFA7121CD838CE6439CC59DDB4CBEF3";
-const char *mp8 = "5";
-const char *mp9 = "F74A2876A1432698923B0767DA19DCF3D71795EE";
-const char *mp10 = "9184E72A000";
-const char *mp11 = "54D79A3557E8";
-const char *mp12 = "10000000000000000";
-const char *mp13 =
-"34584F700C15A341E40BF7BFDD88A6630C8FF2B2067469372D391342BDAB6163963C"
-"D5A5C79F708BDE26E0CCF2DB66CD6D6089E29A877C45F2B050D226E6DA88";
-const char *mp14 =
-"AC3FA0EABAAC45724814D798942A1E28E14C81E0DE8055CED630E7689DA648683645DB6E"
-"458D9F5338CC3D4E33A5D1C9BF42780133599E60DEE0049AFA8F9489501AE5C9AA2B8C13"
-"FD21285A538B2CA87A626BB56E0A654C8707535E637FF4E39174157402BDE3AA30C9F134"
-"0C1307BAA864B075A9CC828B6A5E2B2BF1AE406D920CC5E7657D7C0E697DEE5375773AF9"
-"E200A1B8FAD7CD141F9EE47ABB55511FEB9A4D99EBA22F3A3FF6792FA7EE9E5DC0EE94F7"
-"7A631EDF3D7DD7C2DAAAFDF234D60302AB63D5234CEAE941B9AF0ADDD9E6E3A940A94EE5"
-"5DB45A7C66E61EDD0477419BBEFA44C325129601C4F45671C6A0E64665DF341D17FBC71F"
-"77418BD9F4375DDB3B9D56126526D8E5E0F35A121FD4F347013DA880020A752324F31DDD"
-"9BCDB13A3B86E207A2DE086825E6EEB87B3A64232CFD8205B799BC018634AAE193F19531"
-"D6EBC19A75F27CFFAA03EB5974898F53FD569AA5CE60F431B53B0CDE715A5F382405C9C4"
-"761A8E24888328F09F7BCE4E8D80C957DF177629C8421ACCD0C268C63C0DD47C3C0D954F"
-"D79F7D7297C6788DF4B3E51381759864D880ACA246DF09533739B8BB6085EAF7AE8DC2D9"
-"F224E6874926C8D24D34B457FD2C9A586C6B99582DC24F787A39E3942786CF1D494B6EB4"
-"A513498CDA0B217C4E80BCE7DA1C704C35E071AC21E0DA9F57C27C3533F46A8D20B04137"
-"C1B1384BE4B2EB46";
-const char *mp15 =
-"39849CF7FD65AF2E3C4D87FE5526221103D90BA26A6642FFE3C3ECC0887BBBC57E011BF1"
-"05D822A841653509C68F79EBE51C0099B8CBB04DEF31F36F5954208A3209AC122F0E11D8"
-"4AE67A494D78336A2066D394D42E27EF6B03DDAF6D69F5112C93E714D27C94F82FC7EF77"
-"445768C68EAE1C4A1407BE1B303243391D325090449764AE469CC53EC8012C4C02A72F37"
-"07ED7275D2CC8D0A14B5BCC6BF264941520EBA97E3E6BAE4EE8BC87EE0DDA1F5611A6ECB"
-"65F8AEF4F184E10CADBDFA5A2FEF828901D18C20785E5CC63473D638762DA80625003711"
-"9E984AC43E707915B133543AF9D5522C3E7180DC58E1E5381C1FB7DC6A5F4198F3E88FA6"
-"CBB6DFA8B2D1C763226B253E18BCCB79A29EE82D2DE735078C8AE3C3C86D476AAA08434C"
-"09C274BDD40A1D8FDE38D6536C22F44E807EB73DE4FB36C9F51E0BC835DDBE3A8EFCF2FE"
-"672B525769DC39230EE624D5EEDBD837C82A52E153F37378C3AD68A81A7ADBDF3345DBCE"
-"8FA18CA1DE618EF94DF72EAD928D4F45B9E51632ACF158CF8332C51891D1D12C2A7E6684"
-"360C4BF177C952579A9F442CFFEC8DAE4821A8E7A31C4861D8464CA9116C60866C5E72F7"
-"434ADBED36D54ACDFDFF70A4EFB46E285131FE725F1C637D1C62115EDAD01C4189716327"
-"BFAA79618B1656CBFA22C2C965687D0381CC2FE0245913C4D8D96108213680BD8E93E821"
-"822AD9DDBFE4BD04";
-const char *mp16 = "4A724340668DB150339A70";
-const char *mp17 = "8ADB90F58";
-const char *mp18 = "C64C230AB20E5";
-const char *mp19 =
-"F1C9DACDA287F2E3C88DCE2393B8F53DAAAC1196DC36510962B6B59454CFE64B";
-const char *mp20 =
-"D445662C8B6FE394107B867797750C326E0F4A967E135FC430F6CD7207913AC7";
-
-const mp_digit md1 = 0;
-const mp_digit md2 = 0x1;
-const mp_digit md3 = 0x80;
-const mp_digit md4 = 0x9C97;
-const mp_digit md5 = 0xF5BF;
-const mp_digit md6 = 0x14A0;
-const mp_digit md7 = 0x03E8;
-const mp_digit md8 = 0x0101;
-const mp_digit md9 = 0xA;
-
-/*
- Solutions of the form x_mpABC, where:
-
- x = (p)roduct, (s)um, (d)ifference, (q)uotient, (r)emainder, (g)cd,
- (i)nverse, (e)xponent, square roo(t), (g)cd, (l)cm. A
- leading 'm' indicates a modular operation, e.g. ms_mp12 is the
- modular sum of operands 1 and 2
-
- ABC are the operand numbers involved in the computation. If a 'd'
- precedes the number, it is a digit operand; if a 'c' precedes it,
- it is a constant; otherwise, it is a full integer.
- */
-
-const char *p_mp12 = "4286AD72E095C9FE009938750743174ADDD7FD1E53";
-const char *p_mp34 = "-46BDBD66CA108C94A8CF46C325F7B6E2F2BA82D35"
- "A1BFD6934C441EE369B60CA29BADC26845E918B";
-const char *p_mp57 = "E260C265A0A27C17AD5F4E59D6E0360217A2EBA6";
-const char *p_mp22 = "7233B5C1097FFC77CCF55928FDC3A5D31B712FDE7A1E91";
-const char *p_mp1d4 = "3CECEA2331F4220BEF68DED";
-const char *p_mp8d6 = "6720";
-const char *p_mp1113 =
-"11590FC3831C8C3C51813142C88E566408DB04F9E27642F6471A1822E0100B12F7F1"
-"5699A127C0FA9D26DCBFF458522661F30C6ADA4A07C8C90F9116893F6DBFBF24C3A2"
-"4340";
-const char *p_mp1415 =
-"26B36540DE8B3586699CCEAE218A2842C7D5A01590E70C4A26E789107FBCDB06AA2C"
-"6DDC39E6FA18B16FCB2E934C9A5F844DAD60EE3B1EA82199EC5E9608F67F860FB965"
-"736055DF0E8F2540EB28D07F47E309B5F5D7C94FF190AB9C83A6970160CA700B1081"
-"F60518132AF28C6CEE6B7C473E461ABAC52C39CED50A08DD4E7EA8BA18DAD545126D"
-"A388F6983C29B6BE3F9DCBC15766E8E6D626A92C5296A9C4653CAE5788350C0E2107"
-"F57E5E8B6994C4847D727FF1A63A66A6CEF42B9C9E6BD04C92550B85D5527DE8A132"
-"E6BE89341A9285C7CE7FB929D871BBCBD0ED2863B6B078B0DBB30FCA66D6C64284D6"
-"57F394A0271E15B6EC7A9D530EBAC6CA262EF6F97E1A29FCE7749240E4AECA591ECF"
-"272122BC587370F9371B67BB696B3CDC1BC8C5B64B6280994EBA00CDEB8EB0F5D06E"
-"18F401D65FDCECF23DD7B9BB5B4C5458AEF2CCC09BA7F70EACB844750ACFD027521E"
-"2E047DE8388B35F8512D3DA46FF1A12D4260213602BF7BFFDB6059439B1BD0676449"
-"8D98C74F48FB3F548948D5BA0C8ECFCD054465132DC43466D6BBD59FBAF8D6D4E157"
-"2D612B40A956C7D3E140F3B8562EF18568B24D335707D5BAC7495014DF2444172426"
-"FD099DED560D30D1F945386604AFC85C64BD1E5F531F5C7840475FC0CF0F79810012"
-"4572BAF5A9910CDBD02B27FFCC3C7E5E88EF59F3AE152476E33EDA696A4F751E0AE4"
-"A3D2792DEA78E25B9110E12A19EFD09EA47FF9D6594DA445478BEB6901EAF8A35B2D"
-"FD59BEE9BF7AA8535B7D326EFA5AA2121B5EBE04DD85827A3D43BD04F4AA6D7B62A2"
-"B6D7A3077286A511A431E1EF75FCEBA3FAE9D5843A8ED17AA02BBB1B571F904699C5"
-"A6073F87DDD012E2322AB3F41F2A61F428636FE86914148E19B8EF8314ED83332F2F"
-"8C2ADE95071E792C0A68B903E060DD322A75FD0C2B992059FCCBB58AFA06B50D1634"
-"BBD93F187FCE0566609FCC2BABB269C66CEB097598AA17957BB4FDA3E64A1B30402E"
-"851CF9208E33D52E459A92C63FBB66435BB018E155E2C7F055E0B7AB82CD58FC4889"
-"372ED9EEAC2A07E8E654AB445B9298D2830D6D4DFD117B9C8ABE3968927DC24B3633"
-"BAD6E6466DB45DDAE87A0AB00336AC2CCCE176704F7214FCAB55743AB76C2B6CA231"
-"7984610B27B5786DE55C184DDF556EDFEA79A3652831940DAD941E243F482DC17E50"
-"284BC2FB1AD712A92542C573E55678878F02DFD9E3A863C7DF863227AEDE14B47AD3"
-"957190124820ADC19F5353878EDB6BF7D0C77352A6E3BDB53EEB88F5AEF6226D6E68"
-"756776A8FB49B77564147A641664C2A54F7E5B680CCC6A4D22D894E464DF20537094"
-"548F1732452F9E7F810C0B4B430C073C0FBCE03F0D03F82630654BCE166AA772E1EE"
-"DD0C08D3E3EBDF0AF54203B43AFDFC40D8FC79C97A4B0A4E1BEB14D8FCEFDDED8758"
-"6ED65B18";
-
-const char *mp_mp345 = "B9B6D3A3";
-const char *mp_mp335 = "16609C2D";
-
-const char *s_mp13 = "B55AA8DF8A7E83241F38B2B446B06A4FB84E5DE0";
-const char *s_mp34 = "517EE6B92EF65C965736EB6BF7C325F73504CEB6";
-const char *s_mp46 = "-63DBC2265B88268DC801C10EA68476B7BDE0090F";
-const char *s_mp5d4 = "F59667D9";
-const char *s_mp2d5 = "AAFC0A3FE45E5E09DBF21E8";
-const char *s_mp1415 =
-"E5C43DE2B811F4A084625F96E9504039E5258D8348E698CEB9F4D4292622042DB446"
-"F75F4B65C1FB7A317257FA354BB5A45E789AEC254EAECE11F80A53E3B513822491DB"
-"D9399DEC4807A2A3A10360129AC93F4A42388D3BF20B310DD0E9E9F4BE07FC88D53A"
-"78A26091E0AB506A70813712CCBFBDD440A69A906E650EE090FDD6A42A95AC1A414D"
-"317F1A9F781E6A30E9EE142ECDA45A1E3454A1417A7B9A613DA90831CF88EA1F2E82"
-"41AE88CC4053220903C2E05BCDD42F02B8CF8868F84C64C5858BAD356143C5494607"
-"EE22E11650148BAF65A985F6FC4CA540A55697F2B5AA95D6B8CF96EF638416DE1DD6"
-"3BA9E2C09E22D03E75B60BE456C642F86B82A709253E5E087B507DE3A45F8392423F"
-"4DBC284E8DC88C43CA77BC8DCEFB6129A59025F80F90FF978116DEBB9209E306FBB9"
-"1B6111F8B8CFACB7C7C9BC12691C22EE88303E1713F1DFCEB622B8EA102F6365678B"
-"C580ED87225467AA78E875868BD53B17574BA59305BC1AC666E4B7E9ED72FCFC200E"
-"189D98FC8C5C7533739C53F52DDECDDFA5A8668BFBD40DABC9640F8FCAE58F532940"
-"8162261320A25589E9FB51B50F80056471F24B7E1AEC35D1356FC2747FFC13A04B34"
-"24FCECE10880BD9D97CA8CDEB2F5969BF4F30256EB5ED2BCD1DC64BDC2EE65217848"
-"48A37FB13F84ED4FB7ACA18C4639EE64309BDD3D552AEB4AAF44295943DC1229A497"
-"A84A";
-
-const char *ms_mp345 = "1E71E292";
-
-const char *d_mp12 = "-AAFBA6A55DD183FD854A60E";
-const char *d_mp34 = "119366B05E606A9B1E73A6D8944CC1366B0C4E0D4";
-const char *d_mp5d4 = "F5952EAB";
-const char *d_mp6d2 = "-1";
-const char *md_mp345 = "26596B86";
-
-const char *q_mp42 = "-95825A1FFA1A155D5";
-const char *r_mp42 = "-6312E99D7700A3DCB32ADF2";
-const char *q_mp45a = "15344CDA3D841F661D2B61B6EDF7828CE36";
-const char *r_mp45a = "-47C47B";
-const char *q_mp7c2 = "75FD3890E6C1C67321CE62CEEDA65F79";
-const char *q_mp3d6 = "8CAFD53C272BD6FE8B0847BDC3B539EFAB5C3";
-const char *r_mp3d6 = "1E5";
-const char *r_mp5d5 = "1257";
-const char *r_mp47 = "B3A9018D970281A90FB729A181D95CB8";
-const char *q_mp1404 =
-"-1B994D869142D3EF6123A3CBBC3C0114FA071CFCEEF4B7D231D65591D32501AD80F"
-"FF49AE4EC80514CC071EF6B42521C2508F4CB2FEAD69A2D2EF3934087DCAF88CC4C4"
-"659F1CA8A7F4D36817D802F778F1392337FE36302D6865BF0D4645625DF8BB044E19"
-"930635BE2609FAC8D99357D3A9F81F2578DE15A300964188292107DAC980E0A08CD7"
-"E938A2135FAD45D50CB1D8C2D4C4E60C27AB98B9FBD7E4DBF752C57D2674520E4BB2"
-"7E42324C0EFE84FB3E38CF6950E699E86FD45FE40D428400F2F94EDF7E94FAE10B45"
-"89329E1BF61E5A378C7B31C9C6A234F8254D4C24823B84D0BF8D671D8BC9154DFAC9"
-"49BD8ACABD6BD32DD4DC587F22C86153CB3954BDF7C2A890D623642492C482CF3E2C"
-"776FC019C3BBC61688B485E6FD35D6376089C1E33F880E84C4E51E8ABEACE1B3FB70"
-"3EAD0E28D2D44E7F1C0A859C840775E94F8C1369D985A3C5E8114B21D68B3CBB75D2"
-"791C586153C85B90CAA483E57A40E2D97950AAB84920A4396C950C87C7FFFE748358"
-"42A0BF65445B26D40F05BE164B822CA96321F41D85A289C5F5CD5F438A78704C9683"
-"422299D21899A22F853B0C93081CC9925E350132A0717A611DD932A68A0ACC6E4C7F"
-"7F685EF8C1F4910AEA5DC00BB5A36FCA07FFEAA490C547F6E14A08FE87041AB803E1"
-"BD9E23E4D367A2C35762F209073DFF48F3";
-const char *r_mp1404 = "12FF98621ABF63144BFFC3207AC8FC10D8D1A09";
-
-const char *q_mp13c =
- "34584F700C15A341E40BF7BFDD88A6630C8FF2B2067469372D391342"
- "BDAB6163963CD5A5C79F708BDE26E0CCF2DB66CD6D6089E29A877C45";
-const char *r_mp13c = "F2B050D226E6DA88";
-const char *q_mp9c16 = "F74A2876A1432698923B0767DA19DCF3D71795E";
-const char *r_mp9c16 = "E";
-
-const char *e_mp5d9 = "A8FD7145E727A20E52E73D22990D35D158090307A"
- "13A5215AAC4E9AB1E96BD34E531209E03310400";
-const char *e_mp78 = "AA5F72C737DFFD8CCD108008BFE7C79ADC01A819B"
- "32B75FB82EC0FB8CA83311DA36D4063F1E57857A2"
- "1AB226563D84A15BB63CE975FF1453BD6750C58D9"
- "D113175764F5D0B3C89B262D4702F4D9640A3";
-const char *me_mp817 = "E504493ACB02F7F802B327AB13BF25";
-const char *me_mp5d47 = "1D45ED0D78F2778157992C951DD2734C";
-const char *me_mp1512 = "FB5B2A28D902B9D9";
-const char *me_mp161718 = "423C6AC6DBD74";
-const char *me_mp5114 =
-"64F0F72807993578BBA3C7C36FFB184028F9EB9A810C92079E1498D8A80FC848E1F0"
-"25F1DE43B7F6AC063F5CC29D8A7C2D7A66269D72BF5CDC327AF88AF8EF9E601DCB0A"
-"3F35BFF3525FB1B61CE3A25182F17C0A0633B4089EA15BDC47664A43FEF639748AAC"
-"19CF58E83D8FA32CD10661D2D4210CC84792937E6F36CB601851356622E63ADD4BD5"
-"542412C2E0C4958E51FD2524AABDC7D60CFB5DB332EEC9DC84210F10FAE0BA2018F2"
-"14C9D6867C9D6E49CF28C18D06CE009FD4D04BFC8837C3FAAA773F5CCF6DED1C22DE"
-"181786AFE188540586F2D74BF312E595244E6936AE52E45742109BAA76C36F2692F5"
-"CEF97AD462B138BE92721194B163254CBAAEE9B9864B21CCDD5375BCAD0D24132724"
-"113D3374B4BCF9AA49BA5ACBC12288C0BCF46DCE6CB4A241A91BD559B130B6E9CD3D"
-"D7A2C8B280C2A278BA9BF5D93244D563015C9484B86D9FEB602501DC16EEBC3EFF19"
-"53D7999682BF1A1E3B2E7B21F4BDCA3C355039FEF55B9C0885F98DC355CA7A6D8ECF"
-"5F7F1A6E11A764F2343C823B879B44616B56BF6AE3FA2ACF5483660E618882018E3F"
-"C8459313BACFE1F93CECC37B2576A5C0B2714BD3EEDEEC22F0E7E3E77B11396B9B99"
-"D683F2447A4004BBD4A57F6A616CDDFEC595C4FC19884CC2FC21CF5BF5B0B81E0F83"
-"B9DDA0CF4DFF35BB8D31245912BF4497FD0BD95F0C604E26EA5A8EA4F5EAE870A5BD"
-"FE8C";
-
-const char *e_mpc2d3 = "100000000000000000000000000000000";
-
-const char *t_mp9 = "FB9B6E32FF0452A34746";
-const char *i_mp27 = "B6AD8DCCDAF92B6FE57D062FFEE3A99";
-const char *i_mp2019 =
-"BDF3D88DC373A63EED92903115B03FC8501910AF68297B4C41870AED3EA9F839";
-/* "15E3FE09E8AE5523AABA197BD2D16318D3CA148EDF4AE1C1C52FC96AFAF5680B"; */
-
-
-const char *t_mp15 =
-"795853094E59B0008093BCA8DECF68587C64BDCA2F3F7F8963DABC12F1CFFFA9B8C4"
-"365232FD4751870A0EF6CA619287C5D8B7F1747D95076AB19645EF309773E9EACEA0"
-"975FA4AE16251A8DA5865349C3A903E3B8A2C0DEA3C0720B6020C7FED69AFF62BB72"
-"10FAC443F9FFA2950776F949E819260C2AF8D94E8A1431A40F8C23C1973DE5D49AA2"
-"0B3FF5DA5C1D5324E712A78FF33A9B1748F83FA529905924A31DF38643B3F693EF9B"
-"58D846BB1AEAE4523ECC843FF551C1B300A130B65C1677402778F98C51C10813250E"
-"2496882877B069E877B59740DC1226F18A5C0F66F64A5F59A9FAFC5E9FC45AEC0E7A"
-"BEE244F7DD3AC268CF512A0E52E4F5BE5B94";
-
-const char *g_mp71 = "1";
-const char *g_mp25 = "7";
-const char *l_mp1011 = "C589E3D7D64A6942A000";
-
-/* mp9 in radices from 5 to 64 inclusive */
-#define LOW_RADIX 5
-#define HIGH_RADIX 64
-const char *v_mp9[] = {
- "404041130042310320100141302000203430214122130002340212132414134210033",
- "44515230120451152500101352430105520150025145320010504454125502",
- "644641136612541136016610100564613624243140151310023515322",
- "173512120732412062323044435407317550316717172705712756",
- "265785018434285762514442046172754680368422060744852",
- "1411774500397290569709059837552310354075408897518",
- "184064268501499311A17746095910428222A241708032A",
- "47706011B225950B02BB45602AA039893118A85950892",
- "1A188C826B982353CB58422563AC602B783101671A86",
- "105957B358B89B018958908A9114BC3DDC410B77982",
- "CB7B3387E23452178846C55DD9D70C7CA9AEA78E8",
- "F74A2876A1432698923B0767DA19DCF3D71795EE",
- "17BF7C3673B76D7G7A5GA836277296F806E7453A",
- "2EBG8HH3HFA6185D6H0596AH96G24C966DD3HG2",
- "6G3HGBFEG8I3F25EAF61B904EIA40CFDH2124F",
- "10AHC3D29EBHDF3HD97905CG0JA8061855C3FI",
- "3BA5A55J5K699B2D09C38A4B237CH51IHA132",
- "EDEA90DJ0B5CB3FGG1C8587FEB99D3C143CA",
- "31M26JI1BBD56K3I028MML4EEDMAJK60LGLE",
- "GGG5M3142FKKG82EJ28111D70EMHC241E4E",
- "4446F4D5H10982023N297BF0DKBBHLLJB0I",
- "12E9DEEOBMKAKEP0IM284MIP7FO1O521M46",
- "85NN0HD48NN2FDDB1F5BMMKIB8CK20MDPK",
- "2D882A7A0O0JPCJ4APDRIB77IABAKDGJP2",
- "MFMCI0R7S27AAA3O3L2S8K44HKA7O02CN",
- "7IGQS73FFSHC50NNH44B6PTTNLC3M6H78",
- "2KLUB3U9850CSN6ANIDNIF1LB29MJ43LH",
- "UT52GTL18CJ9H4HR0TJTK6ESUFBHF5FE",
- "BTVL87QQBMUGF8PFWU4W3VU7U922QTMW",
- "4OG10HW0MSWJBIDEE2PDH24GA7RIHIAA",
- "1W8W9AX2DRUX48GXOLMK0PE42H0FEUWN",
- "SVWI84VBH069WR15W1U2VTK06USY8Z2",
- "CPTPNPDa5TYCPPNLALENT9IMX2GL0W2",
- "5QU21UJMRaUYYYYYN6GHSMPOYOXEEUY",
- "2O2Q7C6RPPB1SXJ9bR4035SPaQQ3H2W",
- "18d994IbT4PHbD7cGIPCRP00bbQO0bc",
- "NcDUEEWRO7XT76260WGeBHPVa72RdA",
- "BbX2WCF9VfSB5LPdJAdeXKV1fd6LC2",
- "60QDKW67P4JSQaTdQg7JE9ISafLaVU",
- "33ba9XbDbRdNF4BeDB2XYMhAVDaBdA",
- "1RIPZJA8gT5L5H7fTcaRhQ39geMMTc",
- "d65j70fBATjcDiidPYXUGcaBVVLME",
- "LKA9jhPabDG612TXWkhfT2gMXNIP2",
- "BgNaYhjfT0G8PBcYRP8khJCR3C9QE",
- "6Wk8RhJTAgDh10fYAiUVB1aM0HacG",
- "3dOCjaf78kd5EQNViUZWj3AfFL90I",
- "290VWkL3aiJoW4MBbHk0Z0bDo22Ni",
- "1DbDZ1hpPZNUDBUp6UigcJllEdC26",
- "dFSOLBUM7UZX8Vnc6qokGIOiFo1h",
- "NcoUYJOg0HVmKI9fR2ag0S8R2hrK",
- "EOpiJ5Te7oDe2pn8ZhAUKkhFHlZh",
- "8nXK8rp8neV8LWta1WDgd1QnlWsU",
- "5T3d6bcSBtHgrH9bCbu84tblaa7r",
- "3PlUDIYUvMqOVCir7AtquK5dWanq",
- "2A70gDPX2AtiicvIGGk9poiMtgvu",
- "1MjiRxjk10J6SVAxFguv9kZiUnIc",
- "rpre2vIDeb4h3sp50r1YBbtEx9L",
- "ZHcoip0AglDAfibrsUcJ9M1C8fm",
- "NHP18+eoe6uU54W49Kc6ZK7+bT2",
- "FTAA7QXGoQOaZi7PzePtFFN5vNk"
-};
-
-const unsigned char b_mp4[] = {
- 0x01,
-#if MP_DIGIT_MAX > MP_32BIT_MAX
- 0x00, 0x00, 0x00, 0x00,
-#endif
- 0x63, 0xDB, 0xC2, 0x26,
- 0x5B, 0x88, 0x26, 0x8D,
- 0xC8, 0x01, 0xC1, 0x0E,
- 0xA6, 0x84, 0x76, 0xB7,
- 0xBD, 0xE0, 0x09, 0x0F
-};
-
-/* Search for a test suite name in the names table */
-int find_name(char *name);
-void reason(char *fmt, ...);
-
-/*------------------------------------------------------------------------*/
-/*------------------------------------------------------------------------*/
-
-char g_intbuf[4096]; /* buffer for integer comparison */
-char a_intbuf[4096]; /* buffer for integer comparison */
-int g_verbose = 1; /* print out reasons for failure? */
-int res;
-
-#define IFOK(x) { if (MP_OKAY > (res = (x))) { \
- reason("test %s failed: error %d\n", #x, res); return 1; }}
-
-int main(int argc, char *argv[])
-{
- int which, res;
-
- srand((unsigned int)time(NULL));
-
- if (argc < 2) {
- fprintf(stderr, "Usage: %s <test-suite> | list\n"
- "Type '%s help' for assistance\n", argv[0], argv[0]);
- return 2;
- } else if(argc > 2) {
- if(strcmp(argv[2], "quiet") == 0)
- g_verbose = 0;
- }
-
- if(strcmp(argv[1], "help") == 0) {
- fprintf(stderr, "Help for mpi-test\n\n"
- "This program is a test driver for the MPI library, which\n"
- "tests all the various functions in the library to make sure\n"
- "they are working correctly. The syntax is:\n"
- " %s <suite-name>\n"
- "...where <suite-name> is the name of the test you wish to\n"
- "run. To get a list of the tests, use '%s list'.\n\n"
- "The program exits with a status of zero if the test passes,\n"
- "or non-zero if it fails. Ordinarily, failure is accompanied\n"
- "by a diagnostic message to standard error. To suppress this\n"
- "add the keyword 'quiet' after the suite-name on the command\n"
- "line.\n\n", argv[0], argv[0]);
- return 0;
- }
-
- if ((which = find_name(argv[1])) < 0) {
- fprintf(stderr, "%s: test suite '%s' is not known\n", argv[0], argv[1]);
- return 2;
- }
-
- if((res = (g_tests[which])()) < 0) {
- fprintf(stderr, "%s: test suite not implemented yet\n", argv[0]);
- return 2;
- } else {
- return res;
- }
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int find_name(char *name)
-{
- int ix = 0;
-
- while(ix < g_count) {
- if (strcmp(name, g_names[ix]) == 0)
- return ix;
-
- ++ix;
- }
-
- return -1;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_list(void)
-{
- int ix;
-
- fprintf(stderr, "There are currently %d test suites available\n",
- g_count);
-
- for(ix = 1; ix < g_count; ix++)
- fprintf(stdout, "%-20s %s\n", g_names[ix], g_descs[ix]);
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_copy(void)
-{
- mp_int a, b;
- int ix;
-
- mp_init(&a); mp_init(&b);
-
- mp_read_radix(&a, mp3, 16);
- mp_copy(&a, &b);
-
- if(SIGN(&a) != SIGN(&b) || USED(&a) != USED(&b)) {
- if(SIGN(&a) != SIGN(&b)) {
- reason("error: sign of original is %d, sign of copy is %d\n",
- SIGN(&a), SIGN(&b));
- } else {
- reason("error: original precision is %d, copy precision is %d\n",
- USED(&a), USED(&b));
- }
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- for(ix = 0; ix < USED(&b); ix++) {
- if(DIGIT(&a, ix) != DIGIT(&b, ix)) {
- reason("error: digit %d " DIGIT_FMT " != " DIGIT_FMT "\n",
- ix, DIGIT(&a, ix), DIGIT(&b, ix));
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
- }
-
- mp_clear(&a); mp_clear(&b);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_exch(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp1, 16);
-
- mp_exch(&a, &b);
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, mp1) != 0) {
- mp_clear(&b);
- reason("error: exchange failed\n");
- return 1;
- }
-
- mp_toradix(&b, g_intbuf, 16);
-
- mp_clear(&b);
- if(strcmp(g_intbuf, mp7) != 0) {
- reason("error: exchange failed\n");
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_zero(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp7, 16);
- mp_zero(&a);
-
- if(USED(&a) != 1 || DIGIT(&a, 1) != 0) {
- mp_toradix(&a, g_intbuf, 16);
- reason("error: result is %s\n", g_intbuf);
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_set(void)
-{
- mp_int a;
-
- /* Test single digit set */
- mp_init(&a); mp_set(&a, 5);
- if(DIGIT(&a, 0) != 5) {
- mp_toradix(&a, g_intbuf, 16);
- reason("error: result is %s, expected 5\n", g_intbuf);
- mp_clear(&a);
- return 1;
- }
-
- /* Test integer set */
- mp_set_int(&a, -4938110);
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a);
- if(strcmp(g_intbuf, mp5a) != 0) {
- reason("error: result is %s, expected %s\n", g_intbuf, mp5a);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_abs(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp4, 16);
- mp_abs(&a, &a);
-
- if(SIGN(&a) != ZPOS) {
- reason("error: sign of result is negative\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_neg(void)
-{
- mp_int a;
- mp_sign s;
-
- mp_init(&a); mp_read_radix(&a, mp4, 16);
-
- s = SIGN(&a);
- mp_neg(&a, &a);
- if(SIGN(&a) == s) {
- reason("error: sign of result is same as sign of nonzero input\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_add_d(void)
-{
- mp_int a;
-
- mp_init(&a);
-
- mp_read_radix(&a, mp5, 16);
- mp_add_d(&a, md4, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp5d4) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp5d4);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp2, 16);
- mp_add_d(&a, md5, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp2d5) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp2d5);
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_add(void)
-{
- mp_int a, b;
- int res = 0;
-
- mp_init(&a); mp_init(&b);
-
- mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp3, 16);
- mp_add(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp13) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp13);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp4, 16);
- mp_add(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp34) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp34);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp6, 16);
- mp_add(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp46) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp46);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp15, 16);
- mp_add(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, s_mp1415) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, s_mp1415);
- res = 1;
- }
-
- CLEANUP:
- mp_clear(&a); mp_clear(&b);
- return res;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sub_d(void)
-{
- mp_int a;
-
- mp_init(&a);
- mp_read_radix(&a, mp5, 16);
-
- mp_sub_d(&a, md4, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, d_mp5d4) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, d_mp5d4);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp6, 16);
-
- mp_sub_d(&a, md2, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, d_mp6d2) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, d_mp6d2);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sub(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
-
- mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp2, 16);
- mp_sub(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, d_mp12) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, d_mp12);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- mp_sub(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, d_mp34) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, d_mp34);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_clear(&a); mp_clear(&b);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mul_d(void)
-{
- mp_int a;
-
- mp_init(&a);
- mp_read_radix(&a, mp1, 16);
-
- IFOK( mp_mul_d(&a, md4, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp1d4) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp1d4);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp8, 16);
- IFOK( mp_mul_d(&a, md6, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, p_mp8d6) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp8d6);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mul(void)
-{
- mp_int a, b;
- int res = 0;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp2, 16);
-
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp12) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp12);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp34) !=0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp34);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp7, 16);
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp57) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp57);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp11, 16); mp_read_radix(&b, mp13, 16);
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp1113) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp1113);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp15, 16);
- IFOK( mp_mul(&a, &b, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, p_mp1415) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp1415);
- res = 1;
- }
-
- CLEANUP:
- mp_clear(&a); mp_clear(&b);
- return res;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sqr(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp2, 16);
-
- mp_sqr(&a, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, p_mp22) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, p_mp22);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div_d(void)
-{
- mp_int a, q;
- mp_digit r;
- int err = 0;
-
- mp_init(&a); mp_init(&q);
- mp_read_radix(&a, mp3, 16);
-
- IFOK( mp_div_d(&a, md6, &q, &r) );
- mp_toradix(&q, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp3d6) != 0) {
- reason("error: computed q = %s, expected %s\n", g_intbuf, q_mp3d6);
- ++err;
- }
-
- sprintf(g_intbuf, ZS_DIGIT_FMT, r);
-
- if(strcmp(g_intbuf, r_mp3d6) != 0) {
- reason("error: computed r = %s, expected %s\n", g_intbuf, r_mp3d6);
- ++err;
- }
-
- mp_read_radix(&a, mp9, 16);
- IFOK( mp_div_d(&a, 16, &q, &r) );
- mp_toradix(&q, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp9c16) != 0) {
- reason("error: computed q = %s, expected %s\n", g_intbuf, q_mp9c16);
- ++err;
- }
-
- sprintf(g_intbuf, ZS_DIGIT_FMT, r);
-
- if(strcmp(g_intbuf, r_mp9c16) != 0) {
- reason("error: computed r = %s, expected %s\n", g_intbuf, r_mp9c16);
- ++err;
- }
-
- mp_clear(&a); mp_clear(&q);
- return err;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div_2(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp7, 16);
- IFOK( mp_div_2(&a, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, q_mp7c2) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, q_mp7c2);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div_2d(void)
-{
- mp_int a, q, r;
-
- mp_init(&q); mp_init(&r);
- mp_init(&a); mp_read_radix(&a, mp13, 16);
-
- IFOK( mp_div_2d(&a, 64, &q, &r) );
- mp_clear(&a);
-
- mp_toradix(&q, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp13c) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, q_mp13c);
- mp_clear(&q); mp_clear(&r);
- return 1;
- }
-
- mp_clear(&q);
-
- mp_toradix(&r, g_intbuf, 16);
- if(strcmp(g_intbuf, r_mp13c) != 0) {
- reason("error, computed %s, expected %s\n", g_intbuf, r_mp13c);
- mp_clear(&r);
- return 1;
- }
-
- mp_clear(&r);
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_div(void)
-{
- mp_int a, b, r;
- int err = 0;
-
- mp_init(&a); mp_init(&b); mp_init(&r);
-
- mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp2, 16);
- IFOK( mp_div(&a, &b, &a, &r) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp42) != 0) {
- reason("error: test 1 computed quot %s, expected %s\n", g_intbuf, q_mp42);
- ++err;
- }
-
- mp_toradix(&r, g_intbuf, 16);
-
- if(strcmp(g_intbuf, r_mp42) != 0) {
- reason("error: test 1 computed rem %s, expected %s\n", g_intbuf, r_mp42);
- ++err;
- }
-
- mp_read_radix(&a, mp4, 16); mp_read_radix(&b, mp5a, 16);
- IFOK( mp_div(&a, &b, &a, &r) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp45a) != 0) {
- reason("error: test 2 computed quot %s, expected %s\n", g_intbuf, q_mp45a);
- ++err;
- }
-
- mp_toradix(&r, g_intbuf, 16);
-
- if(strcmp(g_intbuf, r_mp45a) != 0) {
- reason("error: test 2 computed rem %s, expected %s\n", g_intbuf, r_mp45a);
- ++err;
- }
-
- mp_read_radix(&a, mp14, 16); mp_read_radix(&b, mp4, 16);
- IFOK( mp_div(&a, &b, &a, &r) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, q_mp1404) != 0) {
- reason("error: test 3 computed quot %s, expected %s\n", g_intbuf, q_mp1404);
- ++err;
- }
-
- mp_toradix(&r, g_intbuf, 16);
-
- if(strcmp(g_intbuf, r_mp1404) != 0) {
- reason("error: test 3 computed rem %s, expected %s\n", g_intbuf, r_mp1404);
- ++err;
- }
-
- mp_clear(&a); mp_clear(&b); mp_clear(&r);
-
- return err;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_expt_d(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp5, 16);
- mp_expt_d(&a, md9, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- mp_clear(&a);
- if(strcmp(g_intbuf, e_mp5d9) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, e_mp5d9);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_expt(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp8, 16);
-
- mp_expt(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&b);
-
- if(strcmp(g_intbuf, e_mp78) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, e_mp78);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_2expt(void)
-{
- mp_int a;
-
- mp_init(&a);
- mp_2expt(&a, md3);
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a);
-
- if(strcmp(g_intbuf, e_mpc2d3) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, e_mpc2d3);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sqrt(void)
-{
- mp_int a;
- int res = 0;
-
- mp_init(&a); mp_read_radix(&a, mp9, 16);
- mp_sqrt(&a, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, t_mp9) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, t_mp9);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp15, 16);
- mp_sqrt(&a, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, t_mp15) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, t_mp15);
- res = 1;
- }
-
- CLEANUP:
- mp_clear(&a);
- return res;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mod_d(void)
-{
- mp_int a;
- mp_digit r;
-
- mp_init(&a); mp_read_radix(&a, mp5, 16);
- IFOK( mp_mod_d(&a, md5, &r) );
- sprintf(g_intbuf, ZS_DIGIT_FMT, r);
- mp_clear(&a);
-
- if(strcmp(g_intbuf, r_mp5d5) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, r_mp5d5);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mod(void)
-{
- mp_int a, m;
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp4, 16); mp_read_radix(&m, mp7, 16);
- IFOK( mp_mod(&a, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, r_mp47) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, r_mp47);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_addmod(void)
-{
- mp_int a, b, m;
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- mp_read_radix(&m, mp5, 16);
-
- IFOK( mp_addmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
- if(strcmp(g_intbuf, ms_mp345) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, ms_mp345);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_submod(void)
-{
- mp_int a, b, m;
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- mp_read_radix(&m, mp5, 16);
-
- IFOK( mp_submod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
- if(strcmp(g_intbuf, md_mp345) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, md_mp345);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_mulmod(void)
-{
- mp_int a, b, m;
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
- mp_read_radix(&m, mp5, 16);
-
- IFOK( mp_mulmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
- if(strcmp(g_intbuf, mp_mp345) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, mp_mp345);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_sqrmod(void)
-{
- mp_int a, m;
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&m, mp5, 16);
-
- IFOK( mp_sqrmod(&a, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, mp_mp335) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, mp_mp335);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_exptmod(void)
-{
- mp_int a, b, m;
- int res = 0;
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, mp8, 16); mp_read_radix(&b, mp1, 16);
- mp_read_radix(&m, mp7, 16);
-
- IFOK( mp_exptmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, me_mp817) != 0) {
- reason("case 1: error: computed %s, expected %s\n", g_intbuf, me_mp817);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp1, 16); mp_read_radix(&b, mp5, 16);
- mp_read_radix(&m, mp12, 16);
-
- IFOK( mp_exptmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, me_mp1512) != 0) {
- reason("case 2: error: computed %s, expected %s\n", g_intbuf, me_mp1512);
- res = 1; goto CLEANUP;
- }
-
- mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp1, 16);
- mp_read_radix(&m, mp14, 16);
-
- IFOK( mp_exptmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, me_mp5114) != 0) {
- reason("case 3: error: computed %s, expected %s\n", g_intbuf, me_mp5114);
- res = 1;
- }
-
- mp_read_radix(&a, mp16, 16); mp_read_radix(&b, mp17, 16);
- mp_read_radix(&m, mp18, 16);
-
- IFOK( mp_exptmod(&a, &b, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, me_mp161718) != 0) {
- reason("case 4: error: computed %s, expected %s\n", g_intbuf, me_mp161718);
- res = 1;
- }
-
- CLEANUP:
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
- return res;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_exptmod_d(void)
-{
- mp_int a, m;
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp5, 16); mp_read_radix(&m, mp7, 16);
-
- IFOK( mp_exptmod_d(&a, md4, &m, &a) );
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, me_mp5d47) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, me_mp5d47);
- return 1;
- }
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_invmod(void)
-{
- mp_int a, m, c;
- mp_int p1, p2, p3, p4, p5;
- mp_int t1, t2, t3, t4;
- mp_err res;
-
- /* 5 128-bit primes. */
- static const char ivp1[] = { "AAD8A5A2A2BEF644BAEE7DB0CA643719" };
- static const char ivp2[] = { "CB371AD2B79A90BCC88D0430663E40B9" };
- static const char ivp3[] = { "C6C818D4DF2618406CA09280C0400099" };
- static const char ivp4[] = { "CE949C04512E68918006B1F0D7E93F27" };
- static const char ivp5[] = { "F8EE999B6416645040687440E0B89F51" };
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp2, 16); mp_read_radix(&m, mp7, 16);
-
- IFOK( mp_invmod(&a, &m, &a) );
-
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, i_mp27) != 0) {
- reason("error: invmod test 1 computed %s, expected %s\n", g_intbuf, i_mp27);
- return 1;
- }
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, mp20, 16); mp_read_radix(&m, mp19, 16);
-
- IFOK( mp_invmod(&a, &m, &a) );
-
- mp_toradix(&a, g_intbuf, 16);
- mp_clear(&a); mp_clear(&m);
-
- if(strcmp(g_intbuf, i_mp2019) != 0) {
- reason("error: invmod test 2 computed %s, expected %s\n", g_intbuf, i_mp2019);
- return 1;
- }
-
-/* Need the following test cases:
- Odd modulus
- - a is odd, relatively prime to m
- - a is odd, not relatively prime to m
- - a is even, relatively prime to m
- - a is even, not relatively prime to m
- Even modulus
- - a is even (should fail)
- - a is odd, not relatively prime to m
- - a is odd, relatively prime to m,
- m is not a power of 2
- - m has factor 2**k, k < 32
- - m has factor 2**k, k > 32
- m is a power of 2, 2**k
- - k < 32
- - k > 32
-*/
-
- mp_init(&a); mp_init(&m); mp_init(&c);
- mp_init(&p1); mp_init(&p2); mp_init(&p3); mp_init(&p4); mp_init(&p5);
- mp_init(&t1); mp_init(&t2); mp_init(&t3); mp_init(&t4);
-
- mp_read_radix(&p1, ivp1, 16);
- mp_read_radix(&p2, ivp2, 16);
- mp_read_radix(&p3, ivp3, 16);
- mp_read_radix(&p4, ivp4, 16);
- mp_read_radix(&p5, ivp5, 16);
-
- IFOK( mp_2expt(&t2, 68) ); /* t2 = 2**68 */
- IFOK( mp_2expt(&t3, 128) ); /* t3 = 2**128 */
- IFOK( mp_2expt(&t4, 31) ); /* t4 = 2**31 */
-
-/* test 3: Odd modulus - a is odd, relatively prime to m */
-
- IFOK( mp_mul(&p1, &p2, &a) );
- IFOK( mp_mul(&p3, &p4, &m) );
- IFOK( mp_invmod(&a, &m, &t1) );
- IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 3 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&a); mp_clear(&t1); mp_clear(&c);
- mp_init(&a); mp_init(&t1); mp_init(&c);
-
-/* test 4: Odd modulus - a is odd, NOT relatively prime to m */
-
- IFOK( mp_mul(&p1, &p3, &a) );
- /* reuse same m as before */
-
- res = mp_invmod_xgcd(&a, &m, &c);
- if (res != MP_UNDEF)
- goto CLEANUP4;
-
- res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
- if (res != MP_UNDEF) {
-CLEANUP4:
- reason("error: invmod test 4 succeeded, should have failed.\n");
- return 1;
- }
- mp_clear(&a); mp_clear(&t1); mp_clear(&c);
- mp_init(&a); mp_init(&t1); mp_init(&c);
-
-/* test 5: Odd modulus - a is even, relatively prime to m */
-
- IFOK( mp_mul(&p1, &t2, &a) );
- /* reuse m */
- IFOK( mp_invmod(&a, &m, &t1) );
- IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 5 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&a); mp_clear(&t1); mp_clear(&c);
- mp_init(&a); mp_init(&t1); mp_init(&c);
-
-/* test 6: Odd modulus - a is odd, NOT relatively prime to m */
-
- /* reuse t2 */
- IFOK( mp_mul(&t2, &p3, &a) );
- /* reuse same m as before */
-
- res = mp_invmod_xgcd(&a, &m, &c);
- if (res != MP_UNDEF)
- goto CLEANUP6;
-
- res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
- if (res != MP_UNDEF) {
-CLEANUP6:
- reason("error: invmod test 6 succeeded, should have failed.\n");
- return 1;
- }
- mp_clear(&a); mp_clear(&m); mp_clear(&c); mp_clear(&t1);
- mp_init(&a); mp_init(&m); mp_init(&c); mp_init(&t1);
-
-/* test 7: Even modulus, even a, should fail */
-
- IFOK( mp_mul(&p3, &t3, &m) ); /* even m */
- /* reuse t2 */
- IFOK( mp_mul(&p1, &t2, &a) ); /* even a */
-
- res = mp_invmod_xgcd(&a, &m, &c);
- if (res != MP_UNDEF)
- goto CLEANUP7;
-
- res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
- if (res != MP_UNDEF) {
-CLEANUP7:
- reason("error: invmod test 7 succeeded, should have failed.\n");
- return 1;
- }
- mp_clear(&a); mp_clear(&c); mp_clear(&t1);
- mp_init(&a); mp_init(&c); mp_init(&t1);
-
-/* test 8: Even modulus - a is odd, not relatively prime to m */
-
- /* reuse m */
- IFOK( mp_mul(&p3, &p1, &a) ); /* even a */
-
- res = mp_invmod_xgcd(&a, &m, &c);
- if (res != MP_UNDEF)
- goto CLEANUP8;
-
- res = mp_invmod(&a, &m, &t1); /* we expect this to fail. */
- if (res != MP_UNDEF) {
-CLEANUP8:
- reason("error: invmod test 8 succeeded, should have failed.\n");
- return 1;
- }
- mp_clear(&a); mp_clear(&m); mp_clear(&c); mp_clear(&t1);
- mp_init(&a); mp_init(&m); mp_init(&c); mp_init(&t1);
-
-/* test 9: Even modulus - m has factor 2**k, k < 32
- * - a is odd, relatively prime to m,
- */
- IFOK( mp_mul(&p3, &t4, &m) ); /* even m */
- IFOK( mp_mul(&p1, &p2, &a) );
- IFOK( mp_invmod(&a, &m, &t1) );
- IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 9 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&m); mp_clear(&t1); mp_clear(&c);
- mp_init(&m); mp_init(&t1); mp_init(&c);
-
-/* test 10: Even modulus - m has factor 2**k, k > 32
- * - a is odd, relatively prime to m,
- */
- IFOK( mp_mul(&p3, &t3, &m) ); /* even m */
- /* reuse a */
- IFOK( mp_invmod(&a, &m, &t1) );
- IFOK( mp_invmod_xgcd(&a, &m, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 10 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&t1); mp_clear(&c);
- mp_init(&t1); mp_init(&c);
-
-/* test 11: Even modulus - m is a power of 2, 2**k | k < 32
- * - a is odd, relatively prime to m,
- */
- IFOK( mp_invmod(&a, &t4, &t1) );
- IFOK( mp_invmod_xgcd(&a, &t4, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 11 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
- mp_clear(&t1); mp_clear(&c);
- mp_init(&t1); mp_init(&c);
-
-/* test 12: Even modulus - m is a power of 2, 2**k | k > 32
- * - a is odd, relatively prime to m,
- */
- IFOK( mp_invmod(&a, &t3, &t1) );
- IFOK( mp_invmod_xgcd(&a, &t3, &c) );
-
- if (mp_cmp(&t1, &c) != 0) {
- mp_toradix(&t1, g_intbuf, 16);
- mp_toradix(&c, a_intbuf, 16);
- reason("error: invmod test 12 computed %s, expected %s\n",
- g_intbuf, a_intbuf);
- return 1;
- }
-
- mp_clear(&a); mp_clear(&m); mp_clear(&c);
- mp_clear(&t1); mp_clear(&t2); mp_clear(&t3); mp_clear(&t4);
- mp_clear(&p1); mp_clear(&p2); mp_clear(&p3); mp_clear(&p4); mp_clear(&p5);
-
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp_d(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp8, 16);
-
- if(mp_cmp_d(&a, md8) >= 0) {
- reason("error: %s >= " DIGIT_FMT "\n", mp8, md8);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp5, 16);
-
- if(mp_cmp_d(&a, md8) <= 0) {
- reason("error: %s <= " DIGIT_FMT "\n", mp5, md8);
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp6, 16);
-
- if(mp_cmp_d(&a, md1) != 0) {
- reason("error: %s != " DIGIT_FMT "\n", mp6, md1);
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp_z(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp6, 16);
-
- if(mp_cmp_z(&a) != 0) {
- reason("error: someone thinks a zero value is non-zero\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp1, 16);
-
- if(mp_cmp_z(&a) <= 0) {
- reason("error: someone thinks a positive value is non-positive\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp4, 16);
-
- if(mp_cmp_z(&a) >= 0) {
- reason("error: someone thinks a negative value is non-negative\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp3, 16); mp_read_radix(&b, mp4, 16);
-
- if(mp_cmp(&a, &b) <= 0) {
- reason("error: %s <= %s\n", mp3, mp4);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&b, mp3, 16);
- if(mp_cmp(&a, &b) != 0) {
- reason("error: %s != %s\n", mp3, mp3);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&a, mp5, 16);
- if(mp_cmp(&a, &b) >= 0) {
- reason("error: %s >= %s\n", mp5, mp3);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&a, mp5a, 16);
- if(mp_cmp_int(&a, 1000000) >= 0 ||
- (mp_cmp_int(&a, -5000000) <= 0) ||
- (mp_cmp_int(&a, -4938110) != 0)) {
- reason("error: long integer comparison failed (%s)", mp5a);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_clear(&a); mp_clear(&b);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_cmp_mag(void)
-{
- mp_int a, b;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp5, 16); mp_read_radix(&b, mp4, 16);
-
- if(mp_cmp_mag(&a, &b) >= 0) {
- reason("error: %s >= %s\n", mp5, mp4);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&b, mp5, 16);
- if(mp_cmp_mag(&a, &b) != 0) {
- reason("error: %s != %s\n", mp5, mp5);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_read_radix(&a, mp1, 16);
- if(mp_cmp_mag(&b, &a) >= 0) {
- reason("error: %s >= %s\n", mp5, mp1);
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
-
- mp_clear(&a); mp_clear(&b);
- return 0;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_parity(void)
-{
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp1, 16);
-
- if(!mp_isodd(&a)) {
- reason("error: expected operand to be odd, but it isn't\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_read_radix(&a, mp6, 16);
-
- if(!mp_iseven(&a)) {
- reason("error: expected operand to be even, but it isn't\n");
- mp_clear(&a);
- return 1;
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_gcd(void)
-{
- mp_int a, b;
- int out = 0;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp7, 16); mp_read_radix(&b, mp1, 16);
-
- mp_gcd(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, g_mp71) != 0) {
- reason("error: computed %s, expected %s\n", g_intbuf, g_mp71);
- out = 1;
- }
-
- mp_clear(&a); mp_clear(&b);
- return out;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_lcm(void)
-{
- mp_int a, b;
- int out = 0;
-
- mp_init(&a); mp_init(&b);
- mp_read_radix(&a, mp10, 16); mp_read_radix(&b, mp11, 16);
-
- mp_lcm(&a, &b, &a);
- mp_toradix(&a, g_intbuf, 16);
-
- if(strcmp(g_intbuf, l_mp1011) != 0) {
- reason("error: computed %s, expected%s\n", g_intbuf, l_mp1011);
- out = 1;
- }
-
- mp_clear(&a); mp_clear(&b);
-
- return out;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_convert(void)
-{
- int ix;
- mp_int a;
-
- mp_init(&a); mp_read_radix(&a, mp9, 16);
-
- for(ix = LOW_RADIX; ix <= HIGH_RADIX; ix++) {
- mp_toradix(&a, g_intbuf, ix);
-
- if(strcmp(g_intbuf, v_mp9[ix - LOW_RADIX]) != 0) {
- reason("error: radix %d, computed %s, expected %s\n",
- ix, g_intbuf, v_mp9[ix - LOW_RADIX]);
- mp_clear(&a);
- return 1;
- }
- }
-
- mp_clear(&a);
- return 0;
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_raw(void)
-{
- int len, out = 0;
- mp_int a;
- char *buf;
-
- mp_init(&a); mp_read_radix(&a, mp4, 16);
-
- len = mp_raw_size(&a);
- if(len != sizeof(b_mp4)) {
- reason("error: test_raw: expected length %d, computed %d\n", sizeof(b_mp4),
- len);
- mp_clear(&a);
- return 1;
- }
-
- buf = calloc(len, sizeof(char));
- mp_toraw(&a, buf);
-
- if(memcmp(buf, b_mp4, sizeof(b_mp4)) != 0) {
- reason("error: test_raw: binary output does not match test vector\n");
- out = 1;
- }
-
- free(buf);
- mp_clear(&a);
-
- return out;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_pprime(void)
-{
- mp_int p;
- int err = 0;
- mp_err res;
-
- mp_init(&p);
- mp_read_radix(&p, mp7, 16);
-
- if(mpp_pprime(&p, 5) != MP_YES) {
- reason("error: %s failed Rabin-Miller test, but is prime\n", mp7);
- err = 1;
- }
-
- IFOK( mp_set_int(&p, 9) );
- res = mpp_pprime(&p, 50);
- if (res == MP_YES) {
- reason("error: 9 is composite but passed Rabin-Miller test\n");
- err = 1;
- } else if (res != MP_NO) {
- reason("test mpp_pprime(9, 50) failed: error %d\n", res);
- err = 1;
- }
-
- IFOK( mp_set_int(&p, 15) );
- res = mpp_pprime(&p, 50);
- if (res == MP_YES) {
- reason("error: 15 is composite but passed Rabin-Miller test\n");
- err = 1;
- } else if (res != MP_NO) {
- reason("test mpp_pprime(15, 50) failed: error %d\n", res);
- err = 1;
- }
-
- mp_clear(&p);
-
- return err;
-
-}
-
-/*------------------------------------------------------------------------*/
-
-int test_fermat(void)
-{
- mp_int p;
- mp_err res;
- int err = 0;
-
- mp_init(&p);
- mp_read_radix(&p, mp7, 16);
-
- if((res = mpp_fermat(&p, 2)) != MP_YES) {
- reason("error: %s failed Fermat test on 2: %s\n", mp7,
- mp_strerror(res));
- ++err;
- }
-
- if((res = mpp_fermat(&p, 3)) != MP_YES) {
- reason("error: %s failed Fermat test on 3: %s\n", mp7,
- mp_strerror(res));
- ++err;
- }
-
- mp_clear(&p);
-
- return err;
-
-}
-
-/*------------------------------------------------------------------------*/
-/* Like fprintf(), but only if we are behaving in a verbose manner */
-
-void reason(char *fmt, ...)
-{
- va_list ap;
-
- if(!g_verbose)
- return;
-
- va_start(ap, fmt);
- vfprintf(stderr, fmt, ap);
- va_end(ap);
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mpi.c b/security/nss/lib/freebl/mpi/mpi.c
deleted file mode 100644
index 83bd86764..000000000
--- a/security/nss/lib/freebl/mpi/mpi.c
+++ /dev/null
@@ -1,4795 +0,0 @@
-/*
- * mpi.c
- *
- * Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include "mpi-priv.h"
-#if defined(OSF1)
-#include <c_asm.h>
-#endif
-
-#if MP_LOGTAB
-/*
- A table of the logs of 2 for various bases (the 0 and 1 entries of
- this table are meaningless and should not be referenced).
-
- This table is used to compute output lengths for the mp_toradix()
- function. Since a number n in radix r takes up about log_r(n)
- digits, we estimate the output size by taking the least integer
- greater than log_r(n), where:
-
- log_r(n) = log_2(n) * log_r(2)
-
- This table, therefore, is a table of log_r(2) for 2 <= r <= 36,
- which are the output bases supported.
- */
-#include "logtab.h"
-#endif
-
-/* {{{ Constant strings */
-
-/* Constant strings returned by mp_strerror() */
-static const char *mp_err_string[] = {
- "unknown result code", /* say what? */
- "boolean true", /* MP_OKAY, MP_YES */
- "boolean false", /* MP_NO */
- "out of memory", /* MP_MEM */
- "argument out of range", /* MP_RANGE */
- "invalid input parameter", /* MP_BADARG */
- "result is undefined" /* MP_UNDEF */
-};
-
-/* Value to digit maps for radix conversion */
-
-/* s_dmap_1 - standard digits and letters */
-static const char *s_dmap_1 =
- "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/";
-
-/* }}} */
-
-unsigned long mp_allocs;
-unsigned long mp_frees;
-unsigned long mp_copies;
-
-/* {{{ Default precision manipulation */
-
-/* Default precision for newly created mp_int's */
-static mp_size s_mp_defprec = MP_DEFPREC;
-
-mp_size mp_get_prec(void)
-{
- return s_mp_defprec;
-
-} /* end mp_get_prec() */
-
-void mp_set_prec(mp_size prec)
-{
- if(prec == 0)
- s_mp_defprec = MP_DEFPREC;
- else
- s_mp_defprec = prec;
-
-} /* end mp_set_prec() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ mp_init(mp) */
-
-/*
- mp_init(mp)
-
- Initialize a new zero-valued mp_int. Returns MP_OKAY if successful,
- MP_MEM if memory could not be allocated for the structure.
- */
-
-mp_err mp_init(mp_int *mp)
-{
- return mp_init_size(mp, s_mp_defprec);
-
-} /* end mp_init() */
-
-/* }}} */
-
-/* {{{ mp_init_size(mp, prec) */
-
-/*
- mp_init_size(mp, prec)
-
- Initialize a new zero-valued mp_int with at least the given
- precision; returns MP_OKAY if successful, or MP_MEM if memory could
- not be allocated for the structure.
- */
-
-mp_err mp_init_size(mp_int *mp, mp_size prec)
-{
- ARGCHK(mp != NULL && prec > 0, MP_BADARG);
-
- prec = MP_ROUNDUP(prec, s_mp_defprec);
- if((DIGITS(mp) = s_mp_alloc(prec, sizeof(mp_digit))) == NULL)
- return MP_MEM;
-
- SIGN(mp) = ZPOS;
- USED(mp) = 1;
- ALLOC(mp) = prec;
-
- return MP_OKAY;
-
-} /* end mp_init_size() */
-
-/* }}} */
-
-/* {{{ mp_init_copy(mp, from) */
-
-/*
- mp_init_copy(mp, from)
-
- Initialize mp as an exact copy of from. Returns MP_OKAY if
- successful, MP_MEM if memory could not be allocated for the new
- structure.
- */
-
-mp_err mp_init_copy(mp_int *mp, const mp_int *from)
-{
- ARGCHK(mp != NULL && from != NULL, MP_BADARG);
-
- if(mp == from)
- return MP_OKAY;
-
- if((DIGITS(mp) = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL)
- return MP_MEM;
-
- s_mp_copy(DIGITS(from), DIGITS(mp), USED(from));
- USED(mp) = USED(from);
- ALLOC(mp) = ALLOC(from);
- SIGN(mp) = SIGN(from);
-
- return MP_OKAY;
-
-} /* end mp_init_copy() */
-
-/* }}} */
-
-/* {{{ mp_copy(from, to) */
-
-/*
- mp_copy(from, to)
-
- Copies the mp_int 'from' to the mp_int 'to'. It is presumed that
- 'to' has already been initialized (if not, use mp_init_copy()
- instead). If 'from' and 'to' are identical, nothing happens.
- */
-
-mp_err mp_copy(const mp_int *from, mp_int *to)
-{
- ARGCHK(from != NULL && to != NULL, MP_BADARG);
-
- if(from == to)
- return MP_OKAY;
-
- ++mp_copies;
- { /* copy */
- mp_digit *tmp;
-
- /*
- If the allocated buffer in 'to' already has enough space to hold
- all the used digits of 'from', we'll re-use it to avoid hitting
- the memory allocater more than necessary; otherwise, we'd have
- to grow anyway, so we just allocate a hunk and make the copy as
- usual
- */
- if(ALLOC(to) >= USED(from)) {
- s_mp_setz(DIGITS(to) + USED(from), ALLOC(to) - USED(from));
- s_mp_copy(DIGITS(from), DIGITS(to), USED(from));
-
- } else {
- if((tmp = s_mp_alloc(ALLOC(from), sizeof(mp_digit))) == NULL)
- return MP_MEM;
-
- s_mp_copy(DIGITS(from), tmp, USED(from));
-
- if(DIGITS(to) != NULL) {
-#if MP_CRYPTO
- s_mp_setz(DIGITS(to), ALLOC(to));
-#endif
- s_mp_free(DIGITS(to));
- }
-
- DIGITS(to) = tmp;
- ALLOC(to) = ALLOC(from);
- }
-
- /* Copy the precision and sign from the original */
- USED(to) = USED(from);
- SIGN(to) = SIGN(from);
- } /* end copy */
-
- return MP_OKAY;
-
-} /* end mp_copy() */
-
-/* }}} */
-
-/* {{{ mp_exch(mp1, mp2) */
-
-/*
- mp_exch(mp1, mp2)
-
- Exchange mp1 and mp2 without allocating any intermediate memory
- (well, unless you count the stack space needed for this call and the
- locals it creates...). This cannot fail.
- */
-
-void mp_exch(mp_int *mp1, mp_int *mp2)
-{
-#if MP_ARGCHK == 2
- assert(mp1 != NULL && mp2 != NULL);
-#else
- if(mp1 == NULL || mp2 == NULL)
- return;
-#endif
-
- s_mp_exch(mp1, mp2);
-
-} /* end mp_exch() */
-
-/* }}} */
-
-/* {{{ mp_clear(mp) */
-
-/*
- mp_clear(mp)
-
- Release the storage used by an mp_int, and void its fields so that
- if someone calls mp_clear() again for the same int later, we won't
- get tollchocked.
- */
-
-void mp_clear(mp_int *mp)
-{
- if(mp == NULL)
- return;
-
- if(DIGITS(mp) != NULL) {
-#if MP_CRYPTO
- s_mp_setz(DIGITS(mp), ALLOC(mp));
-#endif
- s_mp_free(DIGITS(mp));
- DIGITS(mp) = NULL;
- }
-
- USED(mp) = 0;
- ALLOC(mp) = 0;
-
-} /* end mp_clear() */
-
-/* }}} */
-
-/* {{{ mp_zero(mp) */
-
-/*
- mp_zero(mp)
-
- Set mp to zero. Does not change the allocated size of the structure,
- and therefore cannot fail (except on a bad argument, which we ignore)
- */
-void mp_zero(mp_int *mp)
-{
- if(mp == NULL)
- return;
-
- s_mp_setz(DIGITS(mp), ALLOC(mp));
- USED(mp) = 1;
- SIGN(mp) = ZPOS;
-
-} /* end mp_zero() */
-
-/* }}} */
-
-/* {{{ mp_set(mp, d) */
-
-void mp_set(mp_int *mp, mp_digit d)
-{
- if(mp == NULL)
- return;
-
- mp_zero(mp);
- DIGIT(mp, 0) = d;
-
-} /* end mp_set() */
-
-/* }}} */
-
-/* {{{ mp_set_int(mp, z) */
-
-mp_err mp_set_int(mp_int *mp, long z)
-{
- int ix;
- unsigned long v = labs(z);
- mp_err res;
-
- ARGCHK(mp != NULL, MP_BADARG);
-
- mp_zero(mp);
- if(z == 0)
- return MP_OKAY; /* shortcut for zero */
-
- if (sizeof v <= sizeof(mp_digit)) {
- DIGIT(mp,0) = v;
- } else {
- for (ix = sizeof(long) - 1; ix >= 0; ix--) {
- if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY)
- return res;
-
- res = s_mp_add_d(mp, (mp_digit)((v >> (ix * CHAR_BIT)) & UCHAR_MAX));
- if (res != MP_OKAY)
- return res;
- }
- }
- if(z < 0)
- SIGN(mp) = NEG;
-
- return MP_OKAY;
-
-} /* end mp_set_int() */
-
-/* }}} */
-
-/* {{{ mp_set_ulong(mp, z) */
-
-mp_err mp_set_ulong(mp_int *mp, unsigned long z)
-{
- int ix;
- mp_err res;
-
- ARGCHK(mp != NULL, MP_BADARG);
-
- mp_zero(mp);
- if(z == 0)
- return MP_OKAY; /* shortcut for zero */
-
- if (sizeof z <= sizeof(mp_digit)) {
- DIGIT(mp,0) = z;
- } else {
- for (ix = sizeof(long) - 1; ix >= 0; ix--) {
- if ((res = s_mp_mul_d(mp, (UCHAR_MAX + 1))) != MP_OKAY)
- return res;
-
- res = s_mp_add_d(mp, (mp_digit)((z >> (ix * CHAR_BIT)) & UCHAR_MAX));
- if (res != MP_OKAY)
- return res;
- }
- }
- return MP_OKAY;
-} /* end mp_set_ulong() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Digit arithmetic */
-
-/* {{{ mp_add_d(a, d, b) */
-
-/*
- mp_add_d(a, d, b)
-
- Compute the sum b = a + d, for a single digit d. Respects the sign of
- its primary addend (single digits are unsigned anyway).
- */
-
-mp_err mp_add_d(const mp_int *a, mp_digit d, mp_int *b)
-{
- mp_int tmp;
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_init_copy(&tmp, a)) != MP_OKAY)
- return res;
-
- if(SIGN(&tmp) == ZPOS) {
- if((res = s_mp_add_d(&tmp, d)) != MP_OKAY)
- goto CLEANUP;
- } else if(s_mp_cmp_d(&tmp, d) >= 0) {
- if((res = s_mp_sub_d(&tmp, d)) != MP_OKAY)
- goto CLEANUP;
- } else {
- mp_neg(&tmp, &tmp);
-
- DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0);
- }
-
- if(s_mp_cmp_d(&tmp, 0) == 0)
- SIGN(&tmp) = ZPOS;
-
- s_mp_exch(&tmp, b);
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-
-} /* end mp_add_d() */
-
-/* }}} */
-
-/* {{{ mp_sub_d(a, d, b) */
-
-/*
- mp_sub_d(a, d, b)
-
- Compute the difference b = a - d, for a single digit d. Respects the
- sign of its subtrahend (single digits are unsigned anyway).
- */
-
-mp_err mp_sub_d(const mp_int *a, mp_digit d, mp_int *b)
-{
- mp_int tmp;
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_init_copy(&tmp, a)) != MP_OKAY)
- return res;
-
- if(SIGN(&tmp) == NEG) {
- if((res = s_mp_add_d(&tmp, d)) != MP_OKAY)
- goto CLEANUP;
- } else if(s_mp_cmp_d(&tmp, d) >= 0) {
- if((res = s_mp_sub_d(&tmp, d)) != MP_OKAY)
- goto CLEANUP;
- } else {
- mp_neg(&tmp, &tmp);
-
- DIGIT(&tmp, 0) = d - DIGIT(&tmp, 0);
- SIGN(&tmp) = NEG;
- }
-
- if(s_mp_cmp_d(&tmp, 0) == 0)
- SIGN(&tmp) = ZPOS;
-
- s_mp_exch(&tmp, b);
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-
-} /* end mp_sub_d() */
-
-/* }}} */
-
-/* {{{ mp_mul_d(a, d, b) */
-
-/*
- mp_mul_d(a, d, b)
-
- Compute the product b = a * d, for a single digit d. Respects the sign
- of its multiplicand (single digits are unsigned anyway)
- */
-
-mp_err mp_mul_d(const mp_int *a, mp_digit d, mp_int *b)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if(d == 0) {
- mp_zero(b);
- return MP_OKAY;
- }
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- res = s_mp_mul_d(b, d);
-
- return res;
-
-} /* end mp_mul_d() */
-
-/* }}} */
-
-/* {{{ mp_mul_2(a, c) */
-
-mp_err mp_mul_2(const mp_int *a, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_copy(a, c)) != MP_OKAY)
- return res;
-
- return s_mp_mul_2(c);
-
-} /* end mp_mul_2() */
-
-/* }}} */
-
-/* {{{ mp_div_d(a, d, q, r) */
-
-/*
- mp_div_d(a, d, q, r)
-
- Compute the quotient q = a / d and remainder r = a mod d, for a
- single digit d. Respects the sign of its divisor (single digits are
- unsigned anyway).
- */
-
-mp_err mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r)
-{
- mp_err res;
- mp_int qp;
- mp_digit rem;
- int pow;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- if(d == 0)
- return MP_RANGE;
-
- /* Shortcut for powers of two ... */
- if((pow = s_mp_ispow2d(d)) >= 0) {
- mp_digit mask;
-
- mask = ((mp_digit)1 << pow) - 1;
- rem = DIGIT(a, 0) & mask;
-
- if(q) {
- mp_copy(a, q);
- s_mp_div_2d(q, pow);
- }
-
- if(r)
- *r = rem;
-
- return MP_OKAY;
- }
-
- if((res = mp_init_copy(&qp, a)) != MP_OKAY)
- return res;
-
- res = s_mp_div_d(&qp, d, &rem);
-
- if(s_mp_cmp_d(&qp, 0) == 0)
- SIGN(q) = ZPOS;
-
- if(r)
- *r = rem;
-
- if(q)
- s_mp_exch(&qp, q);
-
- mp_clear(&qp);
- return res;
-
-} /* end mp_div_d() */
-
-/* }}} */
-
-/* {{{ mp_div_2(a, c) */
-
-/*
- mp_div_2(a, c)
-
- Compute c = a / 2, disregarding the remainder.
- */
-
-mp_err mp_div_2(const mp_int *a, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_copy(a, c)) != MP_OKAY)
- return res;
-
- s_mp_div_2(c);
-
- return MP_OKAY;
-
-} /* end mp_div_2() */
-
-/* }}} */
-
-/* {{{ mp_expt_d(a, d, b) */
-
-mp_err mp_expt_d(const mp_int *a, mp_digit d, mp_int *c)
-{
- mp_int s, x;
- mp_err res;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_init(&s)) != MP_OKAY)
- return res;
- if((res = mp_init_copy(&x, a)) != MP_OKAY)
- goto X;
-
- DIGIT(&s, 0) = 1;
-
- while(d != 0) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d /= 2;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- s_mp_exch(&s, c);
-
-CLEANUP:
- mp_clear(&x);
-X:
- mp_clear(&s);
-
- return res;
-
-} /* end mp_expt_d() */
-
-/* }}} */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Full arithmetic */
-
-/* {{{ mp_abs(a, b) */
-
-/*
- mp_abs(a, b)
-
- Compute b = |a|. 'a' and 'b' may be identical.
- */
-
-mp_err mp_abs(const mp_int *a, mp_int *b)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- SIGN(b) = ZPOS;
-
- return MP_OKAY;
-
-} /* end mp_abs() */
-
-/* }}} */
-
-/* {{{ mp_neg(a, b) */
-
-/*
- mp_neg(a, b)
-
- Compute b = -a. 'a' and 'b' may be identical.
- */
-
-mp_err mp_neg(const mp_int *a, mp_int *b)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- if(s_mp_cmp_d(b, 0) == MP_EQ)
- SIGN(b) = ZPOS;
- else
- SIGN(b) = (SIGN(b) == NEG) ? ZPOS : NEG;
-
- return MP_OKAY;
-
-} /* end mp_neg() */
-
-/* }}} */
-
-/* {{{ mp_add(a, b, c) */
-
-/*
- mp_add(a, b, c)
-
- Compute c = a + b. All parameters may be identical.
- */
-
-mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(SIGN(a) == SIGN(b)) { /* same sign: add values, keep sign */
- MP_CHECKOK( s_mp_add_3arg(a, b, c) );
- } else if(s_mp_cmp(a, b) >= 0) { /* different sign: |a| >= |b| */
- MP_CHECKOK( s_mp_sub_3arg(a, b, c) );
- } else { /* different sign: |a| < |b| */
- MP_CHECKOK( s_mp_sub_3arg(b, a, c) );
- }
-
- if (s_mp_cmp_d(c, 0) == MP_EQ)
- SIGN(c) = ZPOS;
-
-CLEANUP:
- return res;
-
-} /* end mp_add() */
-
-/* }}} */
-
-/* {{{ mp_sub(a, b, c) */
-
-/*
- mp_sub(a, b, c)
-
- Compute c = a - b. All parameters may be identical.
- */
-
-mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_err res;
- int magDiff;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if (a == b) {
- mp_zero(c);
- return MP_OKAY;
- }
-
- if (MP_SIGN(a) != MP_SIGN(b)) {
- MP_CHECKOK( s_mp_add_3arg(a, b, c) );
- } else if (!(magDiff = s_mp_cmp(a, b))) {
- mp_zero(c);
- res = MP_OKAY;
- } else if (magDiff > 0) {
- MP_CHECKOK( s_mp_sub_3arg(a, b, c) );
- } else {
- MP_CHECKOK( s_mp_sub_3arg(b, a, c) );
- MP_SIGN(c) = !MP_SIGN(a);
- }
-
- if (s_mp_cmp_d(c, 0) == MP_EQ)
- MP_SIGN(c) = MP_ZPOS;
-
-CLEANUP:
- return res;
-
-} /* end mp_sub() */
-
-/* }}} */
-
-/* {{{ mp_mul(a, b, c) */
-
-/*
- mp_mul(a, b, c)
-
- Compute c = a * b. All parameters may be identical.
- */
-mp_err mp_mul(const mp_int *a, const mp_int *b, mp_int * c)
-{
- mp_digit *pb;
- mp_int tmp;
- mp_err res;
- mp_size ib;
- mp_size useda, usedb;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if (a == c) {
- if ((res = mp_init_copy(&tmp, a)) != MP_OKAY)
- return res;
- if (a == b)
- b = &tmp;
- a = &tmp;
- } else if (b == c) {
- if ((res = mp_init_copy(&tmp, b)) != MP_OKAY)
- return res;
- b = &tmp;
- } else {
- MP_DIGITS(&tmp) = 0;
- }
-
- if (MP_USED(a) < MP_USED(b)) {
- const mp_int *xch = b; /* switch a and b, to do fewer outer loops */
- b = a;
- a = xch;
- }
-
- MP_USED(c) = 1; MP_DIGIT(c, 0) = 0;
- if((res = s_mp_pad(c, USED(a) + USED(b))) != MP_OKAY)
- goto CLEANUP;
-
- pb = MP_DIGITS(b);
- s_mpv_mul_d(MP_DIGITS(a), MP_USED(a), *pb++, MP_DIGITS(c));
-
- /* Outer loop: Digits of b */
- useda = MP_USED(a);
- usedb = MP_USED(b);
- for (ib = 1; ib < usedb; ib++) {
- mp_digit b_i = *pb++;
-
- /* Inner product: Digits of a */
- if (b_i)
- s_mpv_mul_d_add(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib);
- else
- MP_DIGIT(c, ib + useda) = b_i;
- }
-
- s_mp_clamp(c);
-
- if(SIGN(a) == SIGN(b) || s_mp_cmp_d(c, 0) == MP_EQ)
- SIGN(c) = ZPOS;
- else
- SIGN(c) = NEG;
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-} /* end mp_mul() */
-
-/* }}} */
-
-/* {{{ mp_sqr(a, sqr) */
-
-#if MP_SQUARE
-/*
- Computes the square of a. This can be done more
- efficiently than a general multiplication, because many of the
- computation steps are redundant when squaring. The inner product
- step is a bit more complicated, but we save a fair number of
- iterations of the multiplication loop.
- */
-
-/* sqr = a^2; Caller provides both a and tmp; */
-mp_err mp_sqr(const mp_int *a, mp_int *sqr)
-{
- mp_digit *pa;
- mp_digit d;
- mp_err res;
- mp_size ix;
- mp_int tmp;
- int count;
-
- ARGCHK(a != NULL && sqr != NULL, MP_BADARG);
-
- if (a == sqr) {
- if((res = mp_init_copy(&tmp, a)) != MP_OKAY)
- return res;
- a = &tmp;
- } else {
- DIGITS(&tmp) = 0;
- res = MP_OKAY;
- }
-
- ix = 2 * MP_USED(a);
- if (ix > MP_ALLOC(sqr)) {
- MP_USED(sqr) = 1;
- MP_CHECKOK( s_mp_grow(sqr, ix) );
- }
- MP_USED(sqr) = ix;
- MP_DIGIT(sqr, 0) = 0;
-
- pa = MP_DIGITS(a);
- count = MP_USED(a) - 1;
- if (count > 0) {
- d = *pa++;
- s_mpv_mul_d(pa, count, d, MP_DIGITS(sqr) + 1);
- for (ix = 3; --count > 0; ix += 2) {
- d = *pa++;
- s_mpv_mul_d_add(pa, count, d, MP_DIGITS(sqr) + ix);
- } /* for(ix ...) */
- MP_DIGIT(sqr, MP_USED(sqr)-1) = 0; /* above loop stopped short of this. */
-
- /* now sqr *= 2 */
- s_mp_mul_2(sqr);
- } else {
- MP_DIGIT(sqr, 1) = 0;
- }
-
- /* now add the squares of the digits of a to sqr. */
- s_mpv_sqr_add_prop(MP_DIGITS(a), MP_USED(a), MP_DIGITS(sqr));
-
- SIGN(sqr) = ZPOS;
- s_mp_clamp(sqr);
-
-CLEANUP:
- mp_clear(&tmp);
- return res;
-
-} /* end mp_sqr() */
-#endif
-
-/* }}} */
-
-/* {{{ mp_div(a, b, q, r) */
-
-/*
- mp_div(a, b, q, r)
-
- Compute q = a / b and r = a mod b. Input parameters may be re-used
- as output parameters. If q or r is NULL, that portion of the
- computation will be discarded (although it will still be computed)
- */
-mp_err mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r)
-{
- mp_err res;
- mp_int *pQ, *pR;
- mp_int qtmp, rtmp, btmp;
- int cmp;
- mp_sign signA = MP_SIGN(a);
- mp_sign signB = MP_SIGN(b);
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if(mp_cmp_z(b) == MP_EQ)
- return MP_RANGE;
-
- DIGITS(&qtmp) = 0;
- DIGITS(&rtmp) = 0;
- DIGITS(&btmp) = 0;
-
- /* Set up some temporaries... */
- if (!r || r == a || r == b) {
- MP_CHECKOK( mp_init_copy(&rtmp, a) );
- pR = &rtmp;
- } else {
- MP_CHECKOK( mp_copy(a, r) );
- pR = r;
- }
-
- if (!q || q == a || q == b) {
- MP_CHECKOK( mp_init_size(&qtmp, MP_USED(a)) );
- pQ = &qtmp;
- } else {
- MP_CHECKOK( s_mp_pad(q, MP_USED(a)) );
- pQ = q;
- mp_zero(pQ);
- }
-
- /*
- If |a| <= |b|, we can compute the solution without division;
- otherwise, we actually do the work required.
- */
- if ((cmp = s_mp_cmp(a, b)) <= 0) {
- if (cmp) {
- /* r was set to a above. */
- mp_zero(pQ);
- } else {
- mp_set(pQ, 1);
- mp_zero(pR);
- }
- } else {
- MP_CHECKOK( mp_init_copy(&btmp, b) );
- MP_CHECKOK( s_mp_div(pR, &btmp, pQ) );
- }
-
- /* Compute the signs for the output */
- MP_SIGN(pR) = signA; /* Sr = Sa */
- /* Sq = ZPOS if Sa == Sb */ /* Sq = NEG if Sa != Sb */
- MP_SIGN(pQ) = (signA == signB) ? ZPOS : NEG;
-
- if(s_mp_cmp_d(pQ, 0) == MP_EQ)
- SIGN(pQ) = ZPOS;
- if(s_mp_cmp_d(pR, 0) == MP_EQ)
- SIGN(pR) = ZPOS;
-
- /* Copy output, if it is needed */
- if(q && q != pQ)
- s_mp_exch(pQ, q);
-
- if(r && r != pR)
- s_mp_exch(pR, r);
-
-CLEANUP:
- mp_clear(&btmp);
- mp_clear(&rtmp);
- mp_clear(&qtmp);
-
- return res;
-
-} /* end mp_div() */
-
-/* }}} */
-
-/* {{{ mp_div_2d(a, d, q, r) */
-
-mp_err mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r)
-{
- mp_err res;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- if(q) {
- if((res = mp_copy(a, q)) != MP_OKAY)
- return res;
- }
- if(r) {
- if((res = mp_copy(a, r)) != MP_OKAY)
- return res;
- }
- if(q) {
- s_mp_div_2d(q, d);
- }
- if(r) {
- s_mp_mod_2d(r, d);
- }
-
- return MP_OKAY;
-
-} /* end mp_div_2d() */
-
-/* }}} */
-
-/* {{{ mp_expt(a, b, c) */
-
-/*
- mp_expt(a, b, c)
-
- Compute c = a ** b, that is, raise a to the b power. Uses a
- standard iterative square-and-multiply technique.
- */
-
-mp_err mp_expt(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int s, x;
- mp_err res;
- mp_digit d;
- int dig, bit;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(mp_cmp_z(b) < 0)
- return MP_RANGE;
-
- if((res = mp_init(&s)) != MP_OKAY)
- return res;
-
- mp_set(&s, 1);
-
- if((res = mp_init_copy(&x, a)) != MP_OKAY)
- goto X;
-
- /* Loop over low-order digits in ascending order */
- for(dig = 0; dig < (USED(b) - 1); dig++) {
- d = DIGIT(b, dig);
-
- /* Loop over bits of each non-maximal digit */
- for(bit = 0; bit < DIGIT_BIT; bit++) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d >>= 1;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- }
- }
-
- /* Consider now the last digit... */
- d = DIGIT(b, dig);
-
- while(d) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d >>= 1;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- if(mp_iseven(b))
- SIGN(&s) = SIGN(a);
-
- res = mp_copy(&s, c);
-
-CLEANUP:
- mp_clear(&x);
-X:
- mp_clear(&s);
-
- return res;
-
-} /* end mp_expt() */
-
-/* }}} */
-
-/* {{{ mp_2expt(a, k) */
-
-/* Compute a = 2^k */
-
-mp_err mp_2expt(mp_int *a, mp_digit k)
-{
- ARGCHK(a != NULL, MP_BADARG);
-
- return s_mp_2expt(a, k);
-
-} /* end mp_2expt() */
-
-/* }}} */
-
-/* {{{ mp_mod(a, m, c) */
-
-/*
- mp_mod(a, m, c)
-
- Compute c = a (mod m). Result will always be 0 <= c < m.
- */
-
-mp_err mp_mod(const mp_int *a, const mp_int *m, mp_int *c)
-{
- mp_err res;
- int mag;
-
- ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if(SIGN(m) == NEG)
- return MP_RANGE;
-
- /*
- If |a| > m, we need to divide to get the remainder and take the
- absolute value.
-
- If |a| < m, we don't need to do any division, just copy and adjust
- the sign (if a is negative).
-
- If |a| == m, we can simply set the result to zero.
-
- This order is intended to minimize the average path length of the
- comparison chain on common workloads -- the most frequent cases are
- that |a| != m, so we do those first.
- */
- if((mag = s_mp_cmp(a, m)) > 0) {
- if((res = mp_div(a, m, NULL, c)) != MP_OKAY)
- return res;
-
- if(SIGN(c) == NEG) {
- if((res = mp_add(c, m, c)) != MP_OKAY)
- return res;
- }
-
- } else if(mag < 0) {
- if((res = mp_copy(a, c)) != MP_OKAY)
- return res;
-
- if(mp_cmp_z(a) < 0) {
- if((res = mp_add(c, m, c)) != MP_OKAY)
- return res;
-
- }
-
- } else {
- mp_zero(c);
-
- }
-
- return MP_OKAY;
-
-} /* end mp_mod() */
-
-/* }}} */
-
-/* {{{ mp_mod_d(a, d, c) */
-
-/*
- mp_mod_d(a, d, c)
-
- Compute c = a (mod d). Result will always be 0 <= c < d
- */
-mp_err mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c)
-{
- mp_err res;
- mp_digit rem;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if(s_mp_cmp_d(a, d) > 0) {
- if((res = mp_div_d(a, d, NULL, &rem)) != MP_OKAY)
- return res;
-
- } else {
- if(SIGN(a) == NEG)
- rem = d - DIGIT(a, 0);
- else
- rem = DIGIT(a, 0);
- }
-
- if(c)
- *c = rem;
-
- return MP_OKAY;
-
-} /* end mp_mod_d() */
-
-/* }}} */
-
-/* {{{ mp_sqrt(a, b) */
-
-/*
- mp_sqrt(a, b)
-
- Compute the integer square root of a, and store the result in b.
- Uses an integer-arithmetic version of Newton's iterative linear
- approximation technique to determine this value; the result has the
- following two properties:
-
- b^2 <= a
- (b+1)^2 >= a
-
- It is a range error to pass a negative value.
- */
-mp_err mp_sqrt(const mp_int *a, mp_int *b)
-{
- mp_int x, t;
- mp_err res;
- mp_size used;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- /* Cannot take square root of a negative value */
- if(SIGN(a) == NEG)
- return MP_RANGE;
-
- /* Special cases for zero and one, trivial */
- if(mp_cmp_d(a, 1) <= 0)
- return mp_copy(a, b);
-
- /* Initialize the temporaries we'll use below */
- if((res = mp_init_size(&t, USED(a))) != MP_OKAY)
- return res;
-
- /* Compute an initial guess for the iteration as a itself */
- if((res = mp_init_copy(&x, a)) != MP_OKAY)
- goto X;
-
- used = MP_USED(&x);
- if (used > 1) {
- s_mp_rshd(&x, used / 2);
- }
-
- for(;;) {
- /* t = (x * x) - a */
- mp_copy(&x, &t); /* can't fail, t is big enough for original x */
- if((res = mp_sqr(&t, &t)) != MP_OKAY ||
- (res = mp_sub(&t, a, &t)) != MP_OKAY)
- goto CLEANUP;
-
- /* t = t / 2x */
- s_mp_mul_2(&x);
- if((res = mp_div(&t, &x, &t, NULL)) != MP_OKAY)
- goto CLEANUP;
- s_mp_div_2(&x);
-
- /* Terminate the loop, if the quotient is zero */
- if(mp_cmp_z(&t) == MP_EQ)
- break;
-
- /* x = x - t */
- if((res = mp_sub(&x, &t, &x)) != MP_OKAY)
- goto CLEANUP;
-
- }
-
- /* Copy result to output parameter */
- mp_sub_d(&x, 1, &x);
- s_mp_exch(&x, b);
-
- CLEANUP:
- mp_clear(&x);
- X:
- mp_clear(&t);
-
- return res;
-
-} /* end mp_sqrt() */
-
-/* }}} */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Modular arithmetic */
-
-#if MP_MODARITH
-/* {{{ mp_addmod(a, b, m, c) */
-
-/*
- mp_addmod(a, b, m, c)
-
- Compute c = (a + b) mod m
- */
-
-mp_err mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_add(a, b, c)) != MP_OKAY)
- return res;
- if((res = mp_mod(c, m, c)) != MP_OKAY)
- return res;
-
- return MP_OKAY;
-
-}
-
-/* }}} */
-
-/* {{{ mp_submod(a, b, m, c) */
-
-/*
- mp_submod(a, b, m, c)
-
- Compute c = (a - b) mod m
- */
-
-mp_err mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_sub(a, b, c)) != MP_OKAY)
- return res;
- if((res = mp_mod(c, m, c)) != MP_OKAY)
- return res;
-
- return MP_OKAY;
-
-}
-
-/* }}} */
-
-/* {{{ mp_mulmod(a, b, m, c) */
-
-/*
- mp_mulmod(a, b, m, c)
-
- Compute c = (a * b) mod m
- */
-
-mp_err mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_mul(a, b, c)) != MP_OKAY)
- return res;
- if((res = mp_mod(c, m, c)) != MP_OKAY)
- return res;
-
- return MP_OKAY;
-
-}
-
-/* }}} */
-
-/* {{{ mp_sqrmod(a, m, c) */
-
-#if MP_SQUARE
-mp_err mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c)
-{
- mp_err res;
-
- ARGCHK(a != NULL && m != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_sqr(a, c)) != MP_OKAY)
- return res;
- if((res = mp_mod(c, m, c)) != MP_OKAY)
- return res;
-
- return MP_OKAY;
-
-} /* end mp_sqrmod() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_exptmod(a, b, m, c) */
-
-/*
- s_mp_exptmod(a, b, m, c)
-
- Compute c = (a ** b) mod m. Uses a standard square-and-multiply
- method with modular reductions at each step. (This is basically the
- same code as mp_expt(), except for the addition of the reductions)
-
- The modular reductions are done using Barrett's algorithm (see
- s_mp_reduce() below for details)
- */
-
-mp_err s_mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c)
-{
- mp_int s, x, mu;
- mp_err res;
- mp_digit d;
- int dig, bit;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(mp_cmp_z(b) < 0 || mp_cmp_z(m) <= 0)
- return MP_RANGE;
-
- if((res = mp_init(&s)) != MP_OKAY)
- return res;
- if((res = mp_init_copy(&x, a)) != MP_OKAY ||
- (res = mp_mod(&x, m, &x)) != MP_OKAY)
- goto X;
- if((res = mp_init(&mu)) != MP_OKAY)
- goto MU;
-
- mp_set(&s, 1);
-
- /* mu = b^2k / m */
- s_mp_add_d(&mu, 1);
- s_mp_lshd(&mu, 2 * USED(m));
- if((res = mp_div(&mu, m, &mu, NULL)) != MP_OKAY)
- goto CLEANUP;
-
- /* Loop over digits of b in ascending order, except highest order */
- for(dig = 0; dig < (USED(b) - 1); dig++) {
- d = DIGIT(b, dig);
-
- /* Loop over the bits of the lower-order digits */
- for(bit = 0; bit < DIGIT_BIT; bit++) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- if((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d >>= 1;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- if((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY)
- goto CLEANUP;
- }
- }
-
- /* Now do the last digit... */
- d = DIGIT(b, dig);
-
- while(d) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY)
- goto CLEANUP;
- if((res = s_mp_reduce(&s, m, &mu)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d >>= 1;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY)
- goto CLEANUP;
- if((res = s_mp_reduce(&x, m, &mu)) != MP_OKAY)
- goto CLEANUP;
- }
-
- s_mp_exch(&s, c);
-
- CLEANUP:
- mp_clear(&mu);
- MU:
- mp_clear(&x);
- X:
- mp_clear(&s);
-
- return res;
-
-} /* end s_mp_exptmod() */
-
-/* }}} */
-
-/* {{{ mp_exptmod_d(a, d, m, c) */
-
-mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c)
-{
- mp_int s, x;
- mp_err res;
-
- ARGCHK(a != NULL && c != NULL, MP_BADARG);
-
- if((res = mp_init(&s)) != MP_OKAY)
- return res;
- if((res = mp_init_copy(&x, a)) != MP_OKAY)
- goto X;
-
- mp_set(&s, 1);
-
- while(d != 0) {
- if(d & 1) {
- if((res = s_mp_mul(&s, &x)) != MP_OKAY ||
- (res = mp_mod(&s, m, &s)) != MP_OKAY)
- goto CLEANUP;
- }
-
- d /= 2;
-
- if((res = s_mp_sqr(&x)) != MP_OKAY ||
- (res = mp_mod(&x, m, &x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- s_mp_exch(&s, c);
-
-CLEANUP:
- mp_clear(&x);
-X:
- mp_clear(&s);
-
- return res;
-
-} /* end mp_exptmod_d() */
-
-/* }}} */
-#endif /* if MP_MODARITH */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Comparison functions */
-
-/* {{{ mp_cmp_z(a) */
-
-/*
- mp_cmp_z(a)
-
- Compare a <=> 0. Returns <0 if a<0, 0 if a=0, >0 if a>0.
- */
-
-int mp_cmp_z(const mp_int *a)
-{
- if(SIGN(a) == NEG)
- return MP_LT;
- else if(USED(a) == 1 && DIGIT(a, 0) == 0)
- return MP_EQ;
- else
- return MP_GT;
-
-} /* end mp_cmp_z() */
-
-/* }}} */
-
-/* {{{ mp_cmp_d(a, d) */
-
-/*
- mp_cmp_d(a, d)
-
- Compare a <=> d. Returns <0 if a<d, 0 if a=d, >0 if a>d
- */
-
-int mp_cmp_d(const mp_int *a, mp_digit d)
-{
- ARGCHK(a != NULL, MP_EQ);
-
- if(SIGN(a) == NEG)
- return MP_LT;
-
- return s_mp_cmp_d(a, d);
-
-} /* end mp_cmp_d() */
-
-/* }}} */
-
-/* {{{ mp_cmp(a, b) */
-
-int mp_cmp(const mp_int *a, const mp_int *b)
-{
- ARGCHK(a != NULL && b != NULL, MP_EQ);
-
- if(SIGN(a) == SIGN(b)) {
- int mag;
-
- if((mag = s_mp_cmp(a, b)) == MP_EQ)
- return MP_EQ;
-
- if(SIGN(a) == ZPOS)
- return mag;
- else
- return -mag;
-
- } else if(SIGN(a) == ZPOS) {
- return MP_GT;
- } else {
- return MP_LT;
- }
-
-} /* end mp_cmp() */
-
-/* }}} */
-
-/* {{{ mp_cmp_mag(a, b) */
-
-/*
- mp_cmp_mag(a, b)
-
- Compares |a| <=> |b|, and returns an appropriate comparison result
- */
-
-int mp_cmp_mag(mp_int *a, mp_int *b)
-{
- ARGCHK(a != NULL && b != NULL, MP_EQ);
-
- return s_mp_cmp(a, b);
-
-} /* end mp_cmp_mag() */
-
-/* }}} */
-
-/* {{{ mp_cmp_int(a, z) */
-
-/*
- This just converts z to an mp_int, and uses the existing comparison
- routines. This is sort of inefficient, but it's not clear to me how
- frequently this wil get used anyway. For small positive constants,
- you can always use mp_cmp_d(), and for zero, there is mp_cmp_z().
- */
-int mp_cmp_int(const mp_int *a, long z)
-{
- mp_int tmp;
- int out;
-
- ARGCHK(a != NULL, MP_EQ);
-
- mp_init(&tmp); mp_set_int(&tmp, z);
- out = mp_cmp(a, &tmp);
- mp_clear(&tmp);
-
- return out;
-
-} /* end mp_cmp_int() */
-
-/* }}} */
-
-/* {{{ mp_isodd(a) */
-
-/*
- mp_isodd(a)
-
- Returns a true (non-zero) value if a is odd, false (zero) otherwise.
- */
-int mp_isodd(const mp_int *a)
-{
- ARGCHK(a != NULL, 0);
-
- return (int)(DIGIT(a, 0) & 1);
-
-} /* end mp_isodd() */
-
-/* }}} */
-
-/* {{{ mp_iseven(a) */
-
-int mp_iseven(const mp_int *a)
-{
- return !mp_isodd(a);
-
-} /* end mp_iseven() */
-
-/* }}} */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ Number theoretic functions */
-
-#if MP_NUMTH
-/* {{{ mp_gcd(a, b, c) */
-
-/*
- Like the old mp_gcd() function, except computes the GCD using the
- binary algorithm due to Josef Stein in 1961 (via Knuth).
- */
-mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_err res;
- mp_int u, v, t;
- mp_size k = 0;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(mp_cmp_z(a) == MP_EQ && mp_cmp_z(b) == MP_EQ)
- return MP_RANGE;
- if(mp_cmp_z(a) == MP_EQ) {
- return mp_copy(b, c);
- } else if(mp_cmp_z(b) == MP_EQ) {
- return mp_copy(a, c);
- }
-
- if((res = mp_init(&t)) != MP_OKAY)
- return res;
- if((res = mp_init_copy(&u, a)) != MP_OKAY)
- goto U;
- if((res = mp_init_copy(&v, b)) != MP_OKAY)
- goto V;
-
- SIGN(&u) = ZPOS;
- SIGN(&v) = ZPOS;
-
- /* Divide out common factors of 2 until at least 1 of a, b is even */
- while(mp_iseven(&u) && mp_iseven(&v)) {
- s_mp_div_2(&u);
- s_mp_div_2(&v);
- ++k;
- }
-
- /* Initialize t */
- if(mp_isodd(&u)) {
- if((res = mp_copy(&v, &t)) != MP_OKAY)
- goto CLEANUP;
-
- /* t = -v */
- if(SIGN(&v) == ZPOS)
- SIGN(&t) = NEG;
- else
- SIGN(&t) = ZPOS;
-
- } else {
- if((res = mp_copy(&u, &t)) != MP_OKAY)
- goto CLEANUP;
-
- }
-
- for(;;) {
- while(mp_iseven(&t)) {
- s_mp_div_2(&t);
- }
-
- if(mp_cmp_z(&t) == MP_GT) {
- if((res = mp_copy(&t, &u)) != MP_OKAY)
- goto CLEANUP;
-
- } else {
- if((res = mp_copy(&t, &v)) != MP_OKAY)
- goto CLEANUP;
-
- /* v = -t */
- if(SIGN(&t) == ZPOS)
- SIGN(&v) = NEG;
- else
- SIGN(&v) = ZPOS;
- }
-
- if((res = mp_sub(&u, &v, &t)) != MP_OKAY)
- goto CLEANUP;
-
- if(s_mp_cmp_d(&t, 0) == MP_EQ)
- break;
- }
-
- s_mp_2expt(&v, k); /* v = 2^k */
- res = mp_mul(&u, &v, c); /* c = u * v */
-
- CLEANUP:
- mp_clear(&v);
- V:
- mp_clear(&u);
- U:
- mp_clear(&t);
-
- return res;
-
-} /* end mp_gcd() */
-
-/* }}} */
-
-/* {{{ mp_lcm(a, b, c) */
-
-/* We compute the least common multiple using the rule:
-
- ab = [a, b](a, b)
-
- ... by computing the product, and dividing out the gcd.
- */
-
-mp_err mp_lcm(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int gcd, prod;
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- /* Set up temporaries */
- if((res = mp_init(&gcd)) != MP_OKAY)
- return res;
- if((res = mp_init(&prod)) != MP_OKAY)
- goto GCD;
-
- if((res = mp_mul(a, b, &prod)) != MP_OKAY)
- goto CLEANUP;
- if((res = mp_gcd(a, b, &gcd)) != MP_OKAY)
- goto CLEANUP;
-
- res = mp_div(&prod, &gcd, c, NULL);
-
- CLEANUP:
- mp_clear(&prod);
- GCD:
- mp_clear(&gcd);
-
- return res;
-
-} /* end mp_lcm() */
-
-/* }}} */
-
-/* {{{ mp_xgcd(a, b, g, x, y) */
-
-/*
- mp_xgcd(a, b, g, x, y)
-
- Compute g = (a, b) and values x and y satisfying Bezout's identity
- (that is, ax + by = g). This uses the binary extended GCD algorithm
- based on the Stein algorithm used for mp_gcd()
- See algorithm 14.61 in Handbook of Applied Cryptogrpahy.
- */
-
-mp_err mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y)
-{
- mp_int gx, xc, yc, u, v, A, B, C, D;
- mp_int *clean[9];
- mp_err res;
- int last = -1;
-
- if(mp_cmp_z(b) == 0)
- return MP_RANGE;
-
- /* Initialize all these variables we need */
- MP_CHECKOK( mp_init(&u) );
- clean[++last] = &u;
- MP_CHECKOK( mp_init(&v) );
- clean[++last] = &v;
- MP_CHECKOK( mp_init(&gx) );
- clean[++last] = &gx;
- MP_CHECKOK( mp_init(&A) );
- clean[++last] = &A;
- MP_CHECKOK( mp_init(&B) );
- clean[++last] = &B;
- MP_CHECKOK( mp_init(&C) );
- clean[++last] = &C;
- MP_CHECKOK( mp_init(&D) );
- clean[++last] = &D;
- MP_CHECKOK( mp_init_copy(&xc, a) );
- clean[++last] = &xc;
- mp_abs(&xc, &xc);
- MP_CHECKOK( mp_init_copy(&yc, b) );
- clean[++last] = &yc;
- mp_abs(&yc, &yc);
-
- mp_set(&gx, 1);
-
- /* Divide by two until at least one of them is odd */
- while(mp_iseven(&xc) && mp_iseven(&yc)) {
- mp_size nx = mp_trailing_zeros(&xc);
- mp_size ny = mp_trailing_zeros(&yc);
- mp_size n = MP_MIN(nx, ny);
- s_mp_div_2d(&xc,n);
- s_mp_div_2d(&yc,n);
- MP_CHECKOK( s_mp_mul_2d(&gx,n) );
- }
-
- mp_copy(&xc, &u);
- mp_copy(&yc, &v);
- mp_set(&A, 1); mp_set(&D, 1);
-
- /* Loop through binary GCD algorithm */
- do {
- while(mp_iseven(&u)) {
- s_mp_div_2(&u);
-
- if(mp_iseven(&A) && mp_iseven(&B)) {
- s_mp_div_2(&A); s_mp_div_2(&B);
- } else {
- MP_CHECKOK( mp_add(&A, &yc, &A) );
- s_mp_div_2(&A);
- MP_CHECKOK( mp_sub(&B, &xc, &B) );
- s_mp_div_2(&B);
- }
- }
-
- while(mp_iseven(&v)) {
- s_mp_div_2(&v);
-
- if(mp_iseven(&C) && mp_iseven(&D)) {
- s_mp_div_2(&C); s_mp_div_2(&D);
- } else {
- MP_CHECKOK( mp_add(&C, &yc, &C) );
- s_mp_div_2(&C);
- MP_CHECKOK( mp_sub(&D, &xc, &D) );
- s_mp_div_2(&D);
- }
- }
-
- if(mp_cmp(&u, &v) >= 0) {
- MP_CHECKOK( mp_sub(&u, &v, &u) );
- MP_CHECKOK( mp_sub(&A, &C, &A) );
- MP_CHECKOK( mp_sub(&B, &D, &B) );
- } else {
- MP_CHECKOK( mp_sub(&v, &u, &v) );
- MP_CHECKOK( mp_sub(&C, &A, &C) );
- MP_CHECKOK( mp_sub(&D, &B, &D) );
- }
- } while (mp_cmp_z(&u) != 0);
-
- /* copy results to output */
- if(x)
- MP_CHECKOK( mp_copy(&C, x) );
-
- if(y)
- MP_CHECKOK( mp_copy(&D, y) );
-
- if(g)
- MP_CHECKOK( mp_mul(&gx, &v, g) );
-
- CLEANUP:
- while(last >= 0)
- mp_clear(clean[last--]);
-
- return res;
-
-} /* end mp_xgcd() */
-
-/* }}} */
-
-mp_size mp_trailing_zeros(const mp_int *mp)
-{
- mp_digit d;
- mp_size n = 0;
- int ix;
-
- if (!mp || !MP_DIGITS(mp) || !mp_cmp_z(mp))
- return n;
-
- for (ix = 0; !(d = MP_DIGIT(mp,ix)) && (ix < MP_USED(mp)); ++ix)
- n += MP_DIGIT_BIT;
- if (!d)
- return 0; /* shouldn't happen, but ... */
-#if !defined(MP_USE_UINT_DIGIT)
- if (!(d & 0xffffffffU)) {
- d >>= 32;
- n += 32;
- }
-#endif
- if (!(d & 0xffffU)) {
- d >>= 16;
- n += 16;
- }
- if (!(d & 0xffU)) {
- d >>= 8;
- n += 8;
- }
- if (!(d & 0xfU)) {
- d >>= 4;
- n += 4;
- }
- if (!(d & 0x3U)) {
- d >>= 2;
- n += 2;
- }
- if (!(d & 0x1U)) {
- d >>= 1;
- n += 1;
- }
-#if MP_ARGCHK == 2
- assert(0 != (d & 1));
-#endif
- return n;
-}
-
-/* Given a and prime p, computes c and k such that a*c == 2**k (mod p).
-** Returns k (positive) or error (negative).
-** This technique from the paper "Fast Modular Reciprocals" (unpublished)
-** by Richard Schroeppel (a.k.a. Captain Nemo).
-*/
-mp_err s_mp_almost_inverse(const mp_int *a, const mp_int *p, mp_int *c)
-{
- mp_err res;
- mp_err k = 0;
- mp_int d, f, g;
-
- ARGCHK(a && p && c, MP_BADARG);
-
- MP_DIGITS(&d) = 0;
- MP_DIGITS(&f) = 0;
- MP_DIGITS(&g) = 0;
- MP_CHECKOK( mp_init(&d) );
- MP_CHECKOK( mp_init_copy(&f, a) ); /* f = a */
- MP_CHECKOK( mp_init_copy(&g, p) ); /* g = p */
-
- mp_set(c, 1);
- mp_zero(&d);
-
- if (mp_cmp_z(&f) == 0) {
- res = MP_UNDEF;
- } else
- for (;;) {
- int diff_sign;
- while (mp_iseven(&f)) {
- mp_size n = mp_trailing_zeros(&f);
- if (!n) {
- res = MP_UNDEF;
- goto CLEANUP;
- }
- s_mp_div_2d(&f, n);
- MP_CHECKOK( s_mp_mul_2d(&d, n) );
- k += n;
- }
- if (mp_cmp_d(&f, 1) == MP_EQ) { /* f == 1 */
- res = k;
- break;
- }
- diff_sign = mp_cmp(&f, &g);
- if (diff_sign < 0) { /* f < g */
- s_mp_exch(&f, &g);
- s_mp_exch(c, &d);
- } else if (diff_sign == 0) { /* f == g */
- res = MP_UNDEF; /* a and p are not relatively prime */
- break;
- }
- if ((MP_DIGIT(&f,0) % 4) == (MP_DIGIT(&g,0) % 4)) {
- MP_CHECKOK( mp_sub(&f, &g, &f) ); /* f = f - g */
- MP_CHECKOK( mp_sub(c, &d, c) ); /* c = c - d */
- } else {
- MP_CHECKOK( mp_add(&f, &g, &f) ); /* f = f + g */
- MP_CHECKOK( mp_add(c, &d, c) ); /* c = c + d */
- }
- }
- if (res >= 0) {
- while (MP_SIGN(c) != MP_ZPOS) {
- MP_CHECKOK( mp_add(c, p, c) );
- }
- res = k;
- }
-
-CLEANUP:
- mp_clear(&d);
- mp_clear(&f);
- mp_clear(&g);
- return res;
-}
-
-/* Compute T = (P ** -1) mod MP_RADIX. Also works for 16-bit mp_digits.
-** This technique from the paper "Fast Modular Reciprocals" (unpublished)
-** by Richard Schroeppel (a.k.a. Captain Nemo).
-*/
-mp_digit s_mp_invmod_radix(mp_digit P)
-{
- mp_digit T = P;
- T *= 2 - (P * T);
- T *= 2 - (P * T);
- T *= 2 - (P * T);
- T *= 2 - (P * T);
-#if !defined(MP_USE_UINT_DIGIT)
- T *= 2 - (P * T);
- T *= 2 - (P * T);
-#endif
- return T;
-}
-
-/* Given c, k, and prime p, where a*c == 2**k (mod p),
-** Compute x = (a ** -1) mod p. This is similar to Montgomery reduction.
-** This technique from the paper "Fast Modular Reciprocals" (unpublished)
-** by Richard Schroeppel (a.k.a. Captain Nemo).
-*/
-mp_err s_mp_fixup_reciprocal(const mp_int *c, const mp_int *p, int k, mp_int *x)
-{
- int k_orig = k;
- mp_digit r;
- mp_size ix;
- mp_err res;
-
- if (mp_cmp_z(c) < 0) { /* c < 0 */
- MP_CHECKOK( mp_add(c, p, x) ); /* x = c + p */
- } else {
- MP_CHECKOK( mp_copy(c, x) ); /* x = c */
- }
-
- /* make sure x is large enough */
- ix = MP_HOWMANY(k, MP_DIGIT_BIT) + MP_USED(p) + 1;
- ix = MP_MAX(ix, MP_USED(x));
- MP_CHECKOK( s_mp_pad(x, ix) );
-
- r = 0 - s_mp_invmod_radix(MP_DIGIT(p,0));
-
- for (ix = 0; k > 0; ix++) {
- int j = MP_MIN(k, MP_DIGIT_BIT);
- mp_digit v = r * MP_DIGIT(x, ix);
- if (j < MP_DIGIT_BIT) {
- v &= ((mp_digit)1 << j) - 1; /* v = v mod (2 ** j) */
- }
- s_mp_mul_d_add_offset(p, v, x, ix); /* x += p * v * (RADIX ** ix) */
- k -= j;
- }
- s_mp_clamp(x);
- s_mp_div_2d(x, k_orig);
- res = MP_OKAY;
-
-CLEANUP:
- return res;
-}
-
-/* compute mod inverse using Schroeppel's method, only if m is odd */
-mp_err s_mp_invmod_odd_m(const mp_int *a, const mp_int *m, mp_int *c)
-{
- int k;
- mp_err res;
- mp_int x;
-
- ARGCHK(a && m && c, MP_BADARG);
-
- if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
- return MP_RANGE;
- if (mp_iseven(m))
- return MP_UNDEF;
-
- MP_DIGITS(&x) = 0;
-
- if (a == c) {
- if ((res = mp_init_copy(&x, a)) != MP_OKAY)
- return res;
- if (a == m)
- m = &x;
- a = &x;
- } else if (m == c) {
- if ((res = mp_init_copy(&x, m)) != MP_OKAY)
- return res;
- m = &x;
- } else {
- MP_DIGITS(&x) = 0;
- }
-
- MP_CHECKOK( s_mp_almost_inverse(a, m, c) );
- k = res;
- MP_CHECKOK( s_mp_fixup_reciprocal(c, m, k, c) );
-CLEANUP:
- mp_clear(&x);
- return res;
-}
-
-/* Known good algorithm for computing modular inverse. But slow. */
-mp_err mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c)
-{
- mp_int g, x;
- mp_err res;
-
- ARGCHK(a && m && c, MP_BADARG);
-
- if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
- return MP_RANGE;
-
- MP_DIGITS(&g) = 0;
- MP_DIGITS(&x) = 0;
- MP_CHECKOK( mp_init(&x) );
- MP_CHECKOK( mp_init(&g) );
-
- MP_CHECKOK( mp_xgcd(a, m, &g, &x, NULL) );
-
- if (mp_cmp_d(&g, 1) != MP_EQ) {
- res = MP_UNDEF;
- goto CLEANUP;
- }
-
- res = mp_mod(&x, m, c);
- SIGN(c) = SIGN(a);
-
-CLEANUP:
- mp_clear(&x);
- mp_clear(&g);
-
- return res;
-}
-
-/* modular inverse where modulus is 2**k. */
-/* c = a**-1 mod 2**k */
-mp_err s_mp_invmod_2d(const mp_int *a, mp_size k, mp_int *c)
-{
- mp_err res;
- mp_size ix = k + 4;
- mp_int t0, t1, val, tmp, two2k;
-
- static const mp_digit d2 = 2;
- static const mp_int two = { MP_ZPOS, 1, 1, (mp_digit *)&d2 };
-
- if (mp_iseven(a))
- return MP_UNDEF;
- if (k <= MP_DIGIT_BIT) {
- mp_digit i = s_mp_invmod_radix(MP_DIGIT(a,0));
- if (k < MP_DIGIT_BIT)
- i &= ((mp_digit)1 << k) - (mp_digit)1;
- mp_set(c, i);
- return MP_OKAY;
- }
- MP_DIGITS(&t0) = 0;
- MP_DIGITS(&t1) = 0;
- MP_DIGITS(&val) = 0;
- MP_DIGITS(&tmp) = 0;
- MP_DIGITS(&two2k) = 0;
- MP_CHECKOK( mp_init_copy(&val, a) );
- s_mp_mod_2d(&val, k);
- MP_CHECKOK( mp_init_copy(&t0, &val) );
- MP_CHECKOK( mp_init_copy(&t1, &t0) );
- MP_CHECKOK( mp_init(&tmp) );
- MP_CHECKOK( mp_init(&two2k) );
- MP_CHECKOK( s_mp_2expt(&two2k, k) );
- do {
- MP_CHECKOK( mp_mul(&val, &t1, &tmp) );
- MP_CHECKOK( mp_sub(&two, &tmp, &tmp) );
- MP_CHECKOK( mp_mul(&t1, &tmp, &t1) );
- s_mp_mod_2d(&t1, k);
- while (MP_SIGN(&t1) != MP_ZPOS) {
- MP_CHECKOK( mp_add(&t1, &two2k, &t1) );
- }
- if (mp_cmp(&t1, &t0) == MP_EQ)
- break;
- MP_CHECKOK( mp_copy(&t1, &t0) );
- } while (--ix > 0);
- if (!ix) {
- res = MP_UNDEF;
- } else {
- mp_exch(c, &t1);
- }
-
-CLEANUP:
- mp_clear(&t0);
- mp_clear(&t1);
- mp_clear(&val);
- mp_clear(&tmp);
- mp_clear(&two2k);
- return res;
-}
-
-mp_err s_mp_invmod_even_m(const mp_int *a, const mp_int *m, mp_int *c)
-{
- mp_err res;
- mp_size k;
- mp_int oddFactor, evenFactor; /* factors of the modulus */
- mp_int oddPart, evenPart; /* parts to combine via CRT. */
- mp_int C2, tmp1, tmp2;
-
- /*static const mp_digit d1 = 1; */
- /*static const mp_int one = { MP_ZPOS, 1, 1, (mp_digit *)&d1 }; */
-
- if ((res = s_mp_ispow2(m)) >= 0) {
- k = res;
- return s_mp_invmod_2d(a, k, c);
- }
- MP_DIGITS(&oddFactor) = 0;
- MP_DIGITS(&evenFactor) = 0;
- MP_DIGITS(&oddPart) = 0;
- MP_DIGITS(&evenPart) = 0;
- MP_DIGITS(&C2) = 0;
- MP_DIGITS(&tmp1) = 0;
- MP_DIGITS(&tmp2) = 0;
-
- MP_CHECKOK( mp_init_copy(&oddFactor, m) ); /* oddFactor = m */
- MP_CHECKOK( mp_init(&evenFactor) );
- MP_CHECKOK( mp_init(&oddPart) );
- MP_CHECKOK( mp_init(&evenPart) );
- MP_CHECKOK( mp_init(&C2) );
- MP_CHECKOK( mp_init(&tmp1) );
- MP_CHECKOK( mp_init(&tmp2) );
-
- k = mp_trailing_zeros(m);
- s_mp_div_2d(&oddFactor, k);
- MP_CHECKOK( s_mp_2expt(&evenFactor, k) );
-
- /* compute a**-1 mod oddFactor. */
- MP_CHECKOK( s_mp_invmod_odd_m(a, &oddFactor, &oddPart) );
- /* compute a**-1 mod evenFactor, where evenFactor == 2**k. */
- MP_CHECKOK( s_mp_invmod_2d( a, k, &evenPart) );
-
- /* Use Chinese Remainer theorem to compute a**-1 mod m. */
- /* let m1 = oddFactor, v1 = oddPart,
- * let m2 = evenFactor, v2 = evenPart.
- */
-
- /* Compute C2 = m1**-1 mod m2. */
- MP_CHECKOK( s_mp_invmod_2d(&oddFactor, k, &C2) );
-
- /* compute u = (v2 - v1)*C2 mod m2 */
- MP_CHECKOK( mp_sub(&evenPart, &oddPart, &tmp1) );
- MP_CHECKOK( mp_mul(&tmp1, &C2, &tmp2) );
- s_mp_mod_2d(&tmp2, k);
- while (MP_SIGN(&tmp2) != MP_ZPOS) {
- MP_CHECKOK( mp_add(&tmp2, &evenFactor, &tmp2) );
- }
-
- /* compute answer = v1 + u*m1 */
- MP_CHECKOK( mp_mul(&tmp2, &oddFactor, c) );
- MP_CHECKOK( mp_add(&oddPart, c, c) );
- /* not sure this is necessary, but it's low cost if not. */
- MP_CHECKOK( mp_mod(c, m, c) );
-
-CLEANUP:
- mp_clear(&oddFactor);
- mp_clear(&evenFactor);
- mp_clear(&oddPart);
- mp_clear(&evenPart);
- mp_clear(&C2);
- mp_clear(&tmp1);
- mp_clear(&tmp2);
- return res;
-}
-
-
-/* {{{ mp_invmod(a, m, c) */
-
-/*
- mp_invmod(a, m, c)
-
- Compute c = a^-1 (mod m), if there is an inverse for a (mod m).
- This is equivalent to the question of whether (a, m) = 1. If not,
- MP_UNDEF is returned, and there is no inverse.
- */
-
-mp_err mp_invmod(const mp_int *a, const mp_int *m, mp_int *c)
-{
-
- ARGCHK(a && m && c, MP_BADARG);
-
- if(mp_cmp_z(a) == 0 || mp_cmp_z(m) == 0)
- return MP_RANGE;
-
- if (mp_isodd(m)) {
- return s_mp_invmod_odd_m(a, m, c);
- }
- if (mp_iseven(a))
- return MP_UNDEF; /* not invertable */
-
- return s_mp_invmod_even_m(a, m, c);
-
-} /* end mp_invmod() */
-
-/* }}} */
-#endif /* if MP_NUMTH */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ mp_print(mp, ofp) */
-
-#if MP_IOFUNC
-/*
- mp_print(mp, ofp)
-
- Print a textual representation of the given mp_int on the output
- stream 'ofp'. Output is generated using the internal radix.
- */
-
-void mp_print(mp_int *mp, FILE *ofp)
-{
- int ix;
-
- if(mp == NULL || ofp == NULL)
- return;
-
- fputc((SIGN(mp) == NEG) ? '-' : '+', ofp);
-
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- fprintf(ofp, DIGIT_FMT, DIGIT(mp, ix));
- }
-
-} /* end mp_print() */
-
-#endif /* if MP_IOFUNC */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* {{{ More I/O Functions */
-
-/* {{{ mp_read_raw(mp, str, len) */
-
-/*
- mp_read_raw(mp, str, len)
-
- Read in a raw value (base 256) into the given mp_int
- */
-
-mp_err mp_read_raw(mp_int *mp, char *str, int len)
-{
- int ix;
- mp_err res;
- unsigned char *ustr = (unsigned char *)str;
-
- ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG);
-
- mp_zero(mp);
-
- /* Get sign from first byte */
- if(ustr[0])
- SIGN(mp) = NEG;
- else
- SIGN(mp) = ZPOS;
-
- /* Read the rest of the digits */
- for(ix = 1; ix < len; ix++) {
- if((res = mp_mul_d(mp, 256, mp)) != MP_OKAY)
- return res;
- if((res = mp_add_d(mp, ustr[ix], mp)) != MP_OKAY)
- return res;
- }
-
- return MP_OKAY;
-
-} /* end mp_read_raw() */
-
-/* }}} */
-
-/* {{{ mp_raw_size(mp) */
-
-int mp_raw_size(mp_int *mp)
-{
- ARGCHK(mp != NULL, 0);
-
- return (USED(mp) * sizeof(mp_digit)) + 1;
-
-} /* end mp_raw_size() */
-
-/* }}} */
-
-/* {{{ mp_toraw(mp, str) */
-
-mp_err mp_toraw(mp_int *mp, char *str)
-{
- int ix, jx, pos = 1;
-
- ARGCHK(mp != NULL && str != NULL, MP_BADARG);
-
- str[0] = (char)SIGN(mp);
-
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- mp_digit d = DIGIT(mp, ix);
-
- /* Unpack digit bytes, high order first */
- for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
- str[pos++] = (char)(d >> (jx * CHAR_BIT));
- }
- }
-
- return MP_OKAY;
-
-} /* end mp_toraw() */
-
-/* }}} */
-
-/* {{{ mp_read_radix(mp, str, radix) */
-
-/*
- mp_read_radix(mp, str, radix)
-
- Read an integer from the given string, and set mp to the resulting
- value. The input is presumed to be in base 10. Leading non-digit
- characters are ignored, and the function reads until a non-digit
- character or the end of the string.
- */
-
-mp_err mp_read_radix(mp_int *mp, const char *str, int radix)
-{
- int ix = 0, val = 0;
- mp_err res;
- mp_sign sig = ZPOS;
-
- ARGCHK(mp != NULL && str != NULL && radix >= 2 && radix <= MAX_RADIX,
- MP_BADARG);
-
- mp_zero(mp);
-
- /* Skip leading non-digit characters until a digit or '-' or '+' */
- while(str[ix] &&
- (s_mp_tovalue(str[ix], radix) < 0) &&
- str[ix] != '-' &&
- str[ix] != '+') {
- ++ix;
- }
-
- if(str[ix] == '-') {
- sig = NEG;
- ++ix;
- } else if(str[ix] == '+') {
- sig = ZPOS; /* this is the default anyway... */
- ++ix;
- }
-
- while((val = s_mp_tovalue(str[ix], radix)) >= 0) {
- if((res = s_mp_mul_d(mp, radix)) != MP_OKAY)
- return res;
- if((res = s_mp_add_d(mp, val)) != MP_OKAY)
- return res;
- ++ix;
- }
-
- if(s_mp_cmp_d(mp, 0) == MP_EQ)
- SIGN(mp) = ZPOS;
- else
- SIGN(mp) = sig;
-
- return MP_OKAY;
-
-} /* end mp_read_radix() */
-
-mp_err mp_read_variable_radix(mp_int *a, const char * str, int default_radix)
-{
- int radix = default_radix;
- int cx;
- mp_sign sig = ZPOS;
- mp_err res;
-
- /* Skip leading non-digit characters until a digit or '-' or '+' */
- while ((cx = *str) != 0 &&
- (s_mp_tovalue(cx, radix) < 0) &&
- cx != '-' &&
- cx != '+') {
- ++str;
- }
-
- if (cx == '-') {
- sig = NEG;
- ++str;
- } else if (cx == '+') {
- sig = ZPOS; /* this is the default anyway... */
- ++str;
- }
-
- if (str[0] == '0') {
- if ((str[1] | 0x20) == 'x') {
- radix = 16;
- str += 2;
- } else {
- radix = 8;
- str++;
- }
- }
- res = mp_read_radix(a, str, radix);
- if (res == MP_OKAY) {
- MP_SIGN(a) = (s_mp_cmp_d(a, 0) == MP_EQ) ? ZPOS : sig;
- }
- return res;
-}
-
-/* }}} */
-
-/* {{{ mp_radix_size(mp, radix) */
-
-int mp_radix_size(mp_int *mp, int radix)
-{
- int bits;
-
- if(!mp || radix < 2 || radix > MAX_RADIX)
- return 0;
-
- bits = USED(mp) * DIGIT_BIT - 1;
-
- return s_mp_outlen(bits, radix);
-
-} /* end mp_radix_size() */
-
-/* }}} */
-
-/* {{{ mp_toradix(mp, str, radix) */
-
-mp_err mp_toradix(mp_int *mp, char *str, int radix)
-{
- int ix, pos = 0;
-
- ARGCHK(mp != NULL && str != NULL, MP_BADARG);
- ARGCHK(radix > 1 && radix <= MAX_RADIX, MP_RANGE);
-
- if(mp_cmp_z(mp) == MP_EQ) {
- str[0] = '0';
- str[1] = '\0';
- } else {
- mp_err res;
- mp_int tmp;
- mp_sign sgn;
- mp_digit rem, rdx = (mp_digit)radix;
- char ch;
-
- if((res = mp_init_copy(&tmp, mp)) != MP_OKAY)
- return res;
-
- /* Save sign for later, and take absolute value */
- sgn = SIGN(&tmp); SIGN(&tmp) = ZPOS;
-
- /* Generate output digits in reverse order */
- while(mp_cmp_z(&tmp) != 0) {
- if((res = mp_div_d(&tmp, rdx, &tmp, &rem)) != MP_OKAY) {
- mp_clear(&tmp);
- return res;
- }
-
- /* Generate digits, use capital letters */
- ch = s_mp_todigit(rem, radix, 0);
-
- str[pos++] = ch;
- }
-
- /* Add - sign if original value was negative */
- if(sgn == NEG)
- str[pos++] = '-';
-
- /* Add trailing NUL to end the string */
- str[pos--] = '\0';
-
- /* Reverse the digits and sign indicator */
- ix = 0;
- while(ix < pos) {
- char tmp = str[ix];
-
- str[ix] = str[pos];
- str[pos] = tmp;
- ++ix;
- --pos;
- }
-
- mp_clear(&tmp);
- }
-
- return MP_OKAY;
-
-} /* end mp_toradix() */
-
-/* }}} */
-
-/* {{{ mp_tovalue(ch, r) */
-
-int mp_tovalue(char ch, int r)
-{
- return s_mp_tovalue(ch, r);
-
-} /* end mp_tovalue() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ mp_strerror(ec) */
-
-/*
- mp_strerror(ec)
-
- Return a string describing the meaning of error code 'ec'. The
- string returned is allocated in static memory, so the caller should
- not attempt to modify or free the memory associated with this
- string.
- */
-const char *mp_strerror(mp_err ec)
-{
- int aec = (ec < 0) ? -ec : ec;
-
- /* Code values are negative, so the senses of these comparisons
- are accurate */
- if(ec < MP_LAST_CODE || ec > MP_OKAY) {
- return mp_err_string[0]; /* unknown error code */
- } else {
- return mp_err_string[aec + 1];
- }
-
-} /* end mp_strerror() */
-
-/* }}} */
-
-/*========================================================================*/
-/*------------------------------------------------------------------------*/
-/* Static function definitions (internal use only) */
-
-/* {{{ Memory management */
-
-/* {{{ s_mp_grow(mp, min) */
-
-/* Make sure there are at least 'min' digits allocated to mp */
-mp_err s_mp_grow(mp_int *mp, mp_size min)
-{
- if(min > ALLOC(mp)) {
- mp_digit *tmp;
-
- /* Set min to next nearest default precision block size */
- min = MP_ROUNDUP(min, s_mp_defprec);
-
- if((tmp = s_mp_alloc(min, sizeof(mp_digit))) == NULL)
- return MP_MEM;
-
- s_mp_copy(DIGITS(mp), tmp, USED(mp));
-
-#if MP_CRYPTO
- s_mp_setz(DIGITS(mp), ALLOC(mp));
-#endif
- s_mp_free(DIGITS(mp));
- DIGITS(mp) = tmp;
- ALLOC(mp) = min;
- }
-
- return MP_OKAY;
-
-} /* end s_mp_grow() */
-
-/* }}} */
-
-/* {{{ s_mp_pad(mp, min) */
-
-/* Make sure the used size of mp is at least 'min', growing if needed */
-mp_err s_mp_pad(mp_int *mp, mp_size min)
-{
- if(min > USED(mp)) {
- mp_err res;
-
- /* Make sure there is room to increase precision */
- if (min > ALLOC(mp)) {
- if ((res = s_mp_grow(mp, min)) != MP_OKAY)
- return res;
- } else {
-/* s_mp_setz(DIGITS(mp) + USED(mp), min - USED(mp)); */
- }
-
- /* Increase precision; should already be 0-filled */
- USED(mp) = min;
- }
-
- return MP_OKAY;
-
-} /* end s_mp_pad() */
-
-/* }}} */
-
-/* {{{ s_mp_setz(dp, count) */
-
-#if MP_MACRO == 0
-/* Set 'count' digits pointed to by dp to be zeroes */
-void s_mp_setz(mp_digit *dp, mp_size count)
-{
-#if MP_MEMSET == 0
- int ix;
-
- for(ix = 0; ix < count; ix++)
- dp[ix] = 0;
-#else
- memset(dp, 0, count * sizeof(mp_digit));
-#endif
-
-} /* end s_mp_setz() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_copy(sp, dp, count) */
-
-#if MP_MACRO == 0
-/* Copy 'count' digits from sp to dp */
-void s_mp_copy(const mp_digit *sp, mp_digit *dp, mp_size count)
-{
-#if MP_MEMCPY == 0
- int ix;
-
- for(ix = 0; ix < count; ix++)
- dp[ix] = sp[ix];
-#else
- memcpy(dp, sp, count * sizeof(mp_digit));
-#endif
-
-} /* end s_mp_copy() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_alloc(nb, ni) */
-
-#if MP_MACRO == 0
-/* Allocate ni records of nb bytes each, and return a pointer to that */
-void *s_mp_alloc(size_t nb, size_t ni)
-{
- ++mp_allocs;
- return calloc(nb, ni);
-
-} /* end s_mp_alloc() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_free(ptr) */
-
-#if MP_MACRO == 0
-/* Free the memory pointed to by ptr */
-void s_mp_free(void *ptr)
-{
- if(ptr) {
- ++mp_frees;
- free(ptr);
- }
-} /* end s_mp_free() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_clamp(mp) */
-
-#if MP_MACRO == 0
-/* Remove leading zeroes from the given value */
-void s_mp_clamp(mp_int *mp)
-{
- mp_size used = MP_USED(mp);
- while (used > 1 && DIGIT(mp, used - 1) == 0)
- --used;
- MP_USED(mp) = used;
-} /* end s_mp_clamp() */
-#endif
-
-/* }}} */
-
-/* {{{ s_mp_exch(a, b) */
-
-/* Exchange the data for a and b; (b, a) = (a, b) */
-void s_mp_exch(mp_int *a, mp_int *b)
-{
- mp_int tmp;
-
- tmp = *a;
- *a = *b;
- *b = tmp;
-
-} /* end s_mp_exch() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Arithmetic helpers */
-
-/* {{{ s_mp_lshd(mp, p) */
-
-/*
- Shift mp leftward by p digits, growing if needed, and zero-filling
- the in-shifted digits at the right end. This is a convenient
- alternative to multiplication by powers of the radix
- The value of USED(mp) must already have been set to the value for
- the shifted result.
- */
-
-mp_err s_mp_lshd(mp_int *mp, mp_size p)
-{
- mp_err res;
- mp_size pos;
- int ix;
-
- if(p == 0)
- return MP_OKAY;
-
- if (MP_USED(mp) == 1 && MP_DIGIT(mp, 0) == 0)
- return MP_OKAY;
-
- if((res = s_mp_pad(mp, USED(mp) + p)) != MP_OKAY)
- return res;
-
- pos = USED(mp) - 1;
-
- /* Shift all the significant figures over as needed */
- for(ix = pos - p; ix >= 0; ix--)
- DIGIT(mp, ix + p) = DIGIT(mp, ix);
-
- /* Fill the bottom digits with zeroes */
- for(ix = 0; ix < p; ix++)
- DIGIT(mp, ix) = 0;
-
- return MP_OKAY;
-
-} /* end s_mp_lshd() */
-
-/* }}} */
-
-/* {{{ s_mp_mul_2d(mp, d) */
-
-/*
- Multiply the integer by 2^d, where d is a number of bits. This
- amounts to a bitwise shift of the value.
- */
-mp_err s_mp_mul_2d(mp_int *mp, mp_digit d)
-{
- mp_err res;
- mp_digit dshift, bshift;
- mp_digit mask;
-
- ARGCHK(mp != NULL, MP_BADARG);
-
- dshift = d / MP_DIGIT_BIT;
- bshift = d % MP_DIGIT_BIT;
- /* bits to be shifted out of the top word */
- mask = ((mp_digit)~0 << (MP_DIGIT_BIT - bshift));
- mask &= MP_DIGIT(mp, MP_USED(mp) - 1);
-
- if (MP_OKAY != (res = s_mp_pad(mp, MP_USED(mp) + dshift + (mask != 0) )))
- return res;
-
- if (dshift && MP_OKAY != (res = s_mp_lshd(mp, dshift)))
- return res;
-
- if (bshift) {
- mp_digit *pa = MP_DIGITS(mp);
- mp_digit *alim = pa + MP_USED(mp);
- mp_digit prev = 0;
-
- for (pa += dshift; pa < alim; ) {
- mp_digit x = *pa;
- *pa++ = (x << bshift) | prev;
- prev = x >> (DIGIT_BIT - bshift);
- }
- }
-
- s_mp_clamp(mp);
- return MP_OKAY;
-} /* end s_mp_mul_2d() */
-
-/* {{{ s_mp_rshd(mp, p) */
-
-/*
- Shift mp rightward by p digits. Maintains the invariant that
- digits above the precision are all zero. Digits shifted off the
- end are lost. Cannot fail.
- */
-
-void s_mp_rshd(mp_int *mp, mp_size p)
-{
- mp_size ix;
- mp_digit *src, *dst;
-
- if(p == 0)
- return;
-
- /* Shortcut when all digits are to be shifted off */
- if(p >= USED(mp)) {
- s_mp_setz(DIGITS(mp), ALLOC(mp));
- USED(mp) = 1;
- SIGN(mp) = ZPOS;
- return;
- }
-
- /* Shift all the significant figures over as needed */
- dst = MP_DIGITS(mp);
- src = dst + p;
- for (ix = USED(mp) - p; ix > 0; ix--)
- *dst++ = *src++;
-
- MP_USED(mp) -= p;
- /* Fill the top digits with zeroes */
- while (p-- > 0)
- *dst++ = 0;
-
-#if 0
- /* Strip off any leading zeroes */
- s_mp_clamp(mp);
-#endif
-
-} /* end s_mp_rshd() */
-
-/* }}} */
-
-/* {{{ s_mp_div_2(mp) */
-
-/* Divide by two -- take advantage of radix properties to do it fast */
-void s_mp_div_2(mp_int *mp)
-{
- s_mp_div_2d(mp, 1);
-
-} /* end s_mp_div_2() */
-
-/* }}} */
-
-/* {{{ s_mp_mul_2(mp) */
-
-mp_err s_mp_mul_2(mp_int *mp)
-{
- mp_digit *pd;
- int ix, used;
- mp_digit kin = 0;
-
- /* Shift digits leftward by 1 bit */
- used = MP_USED(mp);
- pd = MP_DIGITS(mp);
- for (ix = 0; ix < used; ix++) {
- mp_digit d = *pd;
- *pd++ = (d << 1) | kin;
- kin = (d >> (DIGIT_BIT - 1));
- }
-
- /* Deal with rollover from last digit */
- if (kin) {
- if (ix >= ALLOC(mp)) {
- mp_err res;
- if((res = s_mp_grow(mp, ALLOC(mp) + 1)) != MP_OKAY)
- return res;
- }
-
- DIGIT(mp, ix) = kin;
- USED(mp) += 1;
- }
-
- return MP_OKAY;
-
-} /* end s_mp_mul_2() */
-
-/* }}} */
-
-/* {{{ s_mp_mod_2d(mp, d) */
-
-/*
- Remainder the integer by 2^d, where d is a number of bits. This
- amounts to a bitwise AND of the value, and does not require the full
- division code
- */
-void s_mp_mod_2d(mp_int *mp, mp_digit d)
-{
- mp_size ndig = (d / DIGIT_BIT), nbit = (d % DIGIT_BIT);
- mp_size ix;
- mp_digit dmask;
-
- if(ndig >= USED(mp))
- return;
-
- /* Flush all the bits above 2^d in its digit */
- dmask = ((mp_digit)1 << nbit) - 1;
- DIGIT(mp, ndig) &= dmask;
-
- /* Flush all digits above the one with 2^d in it */
- for(ix = ndig + 1; ix < USED(mp); ix++)
- DIGIT(mp, ix) = 0;
-
- s_mp_clamp(mp);
-
-} /* end s_mp_mod_2d() */
-
-/* }}} */
-
-/* {{{ s_mp_div_2d(mp, d) */
-
-/*
- Divide the integer by 2^d, where d is a number of bits. This
- amounts to a bitwise shift of the value, and does not require the
- full division code (used in Barrett reduction, see below)
- */
-void s_mp_div_2d(mp_int *mp, mp_digit d)
-{
- int ix;
- mp_digit save, next, mask;
-
- s_mp_rshd(mp, d / DIGIT_BIT);
- d %= DIGIT_BIT;
- if (d) {
- mask = ((mp_digit)1 << d) - 1;
- save = 0;
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- next = DIGIT(mp, ix) & mask;
- DIGIT(mp, ix) = (DIGIT(mp, ix) >> d) | (save << (DIGIT_BIT - d));
- save = next;
- }
- }
- s_mp_clamp(mp);
-
-} /* end s_mp_div_2d() */
-
-/* }}} */
-
-/* {{{ s_mp_norm(a, b, *d) */
-
-/*
- s_mp_norm(a, b, *d)
-
- Normalize a and b for division, where b is the divisor. In order
- that we might make good guesses for quotient digits, we want the
- leading digit of b to be at least half the radix, which we
- accomplish by multiplying a and b by a power of 2. The exponent
- (shift count) is placed in *pd, so that the remainder can be shifted
- back at the end of the division process.
- */
-
-mp_err s_mp_norm(mp_int *a, mp_int *b, mp_digit *pd)
-{
- mp_digit d;
- mp_digit mask;
- mp_digit b_msd;
- mp_err res = MP_OKAY;
-
- d = 0;
- mask = DIGIT_MAX & ~(DIGIT_MAX >> 1); /* mask is msb of digit */
- b_msd = DIGIT(b, USED(b) - 1);
- while (!(b_msd & mask)) {
- b_msd <<= 1;
- ++d;
- }
-
- if (d) {
- MP_CHECKOK( s_mp_mul_2d(a, d) );
- MP_CHECKOK( s_mp_mul_2d(b, d) );
- }
-
- *pd = d;
-CLEANUP:
- return res;
-
-} /* end s_mp_norm() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Primitive digit arithmetic */
-
-/* {{{ s_mp_add_d(mp, d) */
-
-/* Add d to |mp| in place */
-mp_err s_mp_add_d(mp_int *mp, mp_digit d) /* unsigned digit addition */
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- mp_word w, k = 0;
- mp_size ix = 1;
-
- w = (mp_word)DIGIT(mp, 0) + d;
- DIGIT(mp, 0) = ACCUM(w);
- k = CARRYOUT(w);
-
- while(ix < USED(mp) && k) {
- w = (mp_word)DIGIT(mp, ix) + k;
- DIGIT(mp, ix) = ACCUM(w);
- k = CARRYOUT(w);
- ++ix;
- }
-
- if(k != 0) {
- mp_err res;
-
- if((res = s_mp_pad(mp, USED(mp) + 1)) != MP_OKAY)
- return res;
-
- DIGIT(mp, ix) = (mp_digit)k;
- }
-
- return MP_OKAY;
-#else
- mp_digit * pmp = MP_DIGITS(mp);
- mp_digit sum, mp_i, carry = 0;
- mp_err res = MP_OKAY;
- int used = (int)MP_USED(mp);
-
- mp_i = *pmp;
- *pmp++ = sum = d + mp_i;
- carry = (sum < d);
- while (carry && --used > 0) {
- mp_i = *pmp;
- *pmp++ = sum = carry + mp_i;
- carry = !sum;
- }
- if (carry && !used) {
- /* mp is growing */
- used = MP_USED(mp);
- MP_CHECKOK( s_mp_pad(mp, used + 1) );
- MP_DIGIT(mp, used) = carry;
- }
-CLEANUP:
- return res;
-#endif
-} /* end s_mp_add_d() */
-
-/* }}} */
-
-/* {{{ s_mp_sub_d(mp, d) */
-
-/* Subtract d from |mp| in place, assumes |mp| > d */
-mp_err s_mp_sub_d(mp_int *mp, mp_digit d) /* unsigned digit subtract */
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- mp_word w, b = 0;
- mp_size ix = 1;
-
- /* Compute initial subtraction */
- w = (RADIX + (mp_word)DIGIT(mp, 0)) - d;
- b = CARRYOUT(w) ? 0 : 1;
- DIGIT(mp, 0) = ACCUM(w);
-
- /* Propagate borrows leftward */
- while(b && ix < USED(mp)) {
- w = (RADIX + (mp_word)DIGIT(mp, ix)) - b;
- b = CARRYOUT(w) ? 0 : 1;
- DIGIT(mp, ix) = ACCUM(w);
- ++ix;
- }
-
- /* Remove leading zeroes */
- s_mp_clamp(mp);
-
- /* If we have a borrow out, it's a violation of the input invariant */
- if(b)
- return MP_RANGE;
- else
- return MP_OKAY;
-#else
- mp_digit *pmp = MP_DIGITS(mp);
- mp_digit mp_i, diff, borrow;
- mp_size used = MP_USED(mp);
-
- mp_i = *pmp;
- *pmp++ = diff = mp_i - d;
- borrow = (diff > mp_i);
- while (borrow && --used) {
- mp_i = *pmp;
- *pmp++ = diff = mp_i - borrow;
- borrow = (diff > mp_i);
- }
- s_mp_clamp(mp);
- return (borrow && !used) ? MP_RANGE : MP_OKAY;
-#endif
-} /* end s_mp_sub_d() */
-
-/* }}} */
-
-/* {{{ s_mp_mul_d(a, d) */
-
-/* Compute a = a * d, single digit multiplication */
-mp_err s_mp_mul_d(mp_int *a, mp_digit d)
-{
- mp_err res;
- mp_size used;
- int pow;
-
- if (!d) {
- mp_zero(a);
- return MP_OKAY;
- }
- if (d == 1)
- return MP_OKAY;
- if (0 <= (pow = s_mp_ispow2d(d))) {
- return s_mp_mul_2d(a, (mp_digit)pow);
- }
-
- used = MP_USED(a);
- MP_CHECKOK( s_mp_pad(a, used + 1) );
-
- s_mpv_mul_d(MP_DIGITS(a), used, d, MP_DIGITS(a));
-
- s_mp_clamp(a);
-
-CLEANUP:
- return res;
-
-} /* end s_mp_mul_d() */
-
-/* }}} */
-
-/* {{{ s_mp_div_d(mp, d, r) */
-
-/*
- s_mp_div_d(mp, d, r)
-
- Compute the quotient mp = mp / d and remainder r = mp mod d, for a
- single digit d. If r is null, the remainder will be discarded.
- */
-
-mp_err s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
- mp_word w = 0, q;
-#else
- mp_digit w, q;
-#endif
- int ix;
- mp_err res;
- mp_int quot;
- mp_int rem;
-
- if(d == 0)
- return MP_RANGE;
- if (d == 1) {
- if (r)
- *r = 0;
- return MP_OKAY;
- }
- /* could check for power of 2 here, but mp_div_d does that. */
- if (MP_USED(mp) == 1) {
- mp_digit n = MP_DIGIT(mp,0);
- mp_digit rem;
-
- q = n / d;
- rem = n % d;
- MP_DIGIT(mp,0) = q;
- if (r)
- *r = rem;
- return MP_OKAY;
- }
-
- MP_DIGITS(&rem) = 0;
- MP_DIGITS(&quot) = 0;
- /* Make room for the quotient */
- MP_CHECKOK( mp_init_size(&quot, USED(mp)) );
-
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- w = (w << DIGIT_BIT) | DIGIT(mp, ix);
-
- if(w >= d) {
- q = w / d;
- w = w % d;
- } else {
- q = 0;
- }
-
- s_mp_lshd(&quot, 1);
- DIGIT(&quot, 0) = (mp_digit)q;
- }
-#else
- {
- mp_digit p;
-#if !defined(MP_ASSEMBLY_DIV_2DX1D)
- mp_digit norm;
-#endif
-
- MP_CHECKOK( mp_init_copy(&rem, mp) );
-
-#if !defined(MP_ASSEMBLY_DIV_2DX1D)
- MP_DIGIT(&quot, 0) = d;
- MP_CHECKOK( s_mp_norm(&rem, &quot, &norm) );
- if (norm)
- d <<= norm;
- MP_DIGIT(&quot, 0) = 0;
-#endif
-
- p = 0;
- for (ix = USED(&rem) - 1; ix >= 0; ix--) {
- w = DIGIT(&rem, ix);
-
- if (p) {
- MP_CHECKOK( s_mpv_div_2dx1d(p, w, d, &q, &w) );
- } else if (w >= d) {
- q = w / d;
- w = w % d;
- } else {
- q = 0;
- }
-
- MP_CHECKOK( s_mp_lshd(&quot, 1) );
- DIGIT(&quot, 0) = q;
- p = w;
- }
-#if !defined(MP_ASSEMBLY_DIV_2DX1D)
- if (norm)
- w >>= norm;
-#endif
- }
-#endif
-
- /* Deliver the remainder, if desired */
- if(r)
- *r = (mp_digit)w;
-
- s_mp_clamp(&quot);
- mp_exch(&quot, mp);
-CLEANUP:
- mp_clear(&quot);
- mp_clear(&rem);
-
- return res;
-} /* end s_mp_div_d() */
-
-/* }}} */
-
-
-/* }}} */
-
-/* {{{ Primitive full arithmetic */
-
-/* {{{ s_mp_add(a, b) */
-
-/* Compute a = |a| + |b| */
-mp_err s_mp_add(mp_int *a, const mp_int *b) /* magnitude addition */
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- mp_word w = 0;
-#else
- mp_digit d, sum, carry = 0;
-#endif
- mp_digit *pa, *pb;
- mp_size ix;
- mp_size used;
- mp_err res;
-
- /* Make sure a has enough precision for the output value */
- if((USED(b) > USED(a)) && (res = s_mp_pad(a, USED(b))) != MP_OKAY)
- return res;
-
- /*
- Add up all digits up to the precision of b. If b had initially
- the same precision as a, or greater, we took care of it by the
- padding step above, so there is no problem. If b had initially
- less precision, we'll have to make sure the carry out is duly
- propagated upward among the higher-order digits of the sum.
- */
- pa = MP_DIGITS(a);
- pb = MP_DIGITS(b);
- used = MP_USED(b);
- for(ix = 0; ix < used; ix++) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- w = w + *pa + *pb++;
- *pa++ = ACCUM(w);
- w = CARRYOUT(w);
-#else
- d = *pa;
- sum = d + *pb++;
- d = (sum < d); /* detect overflow */
- *pa++ = sum += carry;
- carry = d + (sum < carry); /* detect overflow */
-#endif
- }
-
- /* If we run out of 'b' digits before we're actually done, make
- sure the carries get propagated upward...
- */
- used = MP_USED(a);
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- while (w && ix < used) {
- w = w + *pa;
- *pa++ = ACCUM(w);
- w = CARRYOUT(w);
- ++ix;
- }
-#else
- while (carry && ix < used) {
- sum = carry + *pa;
- *pa++ = sum;
- carry = !sum;
- ++ix;
- }
-#endif
-
- /* If there's an overall carry out, increase precision and include
- it. We could have done this initially, but why touch the memory
- allocator unless we're sure we have to?
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- if (w) {
- if((res = s_mp_pad(a, used + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, ix) = (mp_digit)w;
- }
-#else
- if (carry) {
- if((res = s_mp_pad(a, used + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, used) = carry;
- }
-#endif
-
- return MP_OKAY;
-} /* end s_mp_add() */
-
-/* }}} */
-
-/* Compute c = |a| + |b| */ /* magnitude addition */
-mp_err s_mp_add_3arg(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_digit *pa, *pb, *pc;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- mp_word w = 0;
-#else
- mp_digit sum, carry = 0, d;
-#endif
- mp_size ix;
- mp_size used;
- mp_err res;
-
- MP_SIGN(c) = MP_SIGN(a);
- if (MP_USED(a) < MP_USED(b)) {
- const mp_int *xch = a;
- a = b;
- b = xch;
- }
-
- /* Make sure a has enough precision for the output value */
- if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a))))
- return res;
-
- /*
- Add up all digits up to the precision of b. If b had initially
- the same precision as a, or greater, we took care of it by the
- exchange step above, so there is no problem. If b had initially
- less precision, we'll have to make sure the carry out is duly
- propagated upward among the higher-order digits of the sum.
- */
- pa = MP_DIGITS(a);
- pb = MP_DIGITS(b);
- pc = MP_DIGITS(c);
- used = MP_USED(b);
- for (ix = 0; ix < used; ix++) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- w = w + *pa++ + *pb++;
- *pc++ = ACCUM(w);
- w = CARRYOUT(w);
-#else
- d = *pa++;
- sum = d + *pb++;
- d = (sum < d); /* detect overflow */
- *pc++ = sum += carry;
- carry = d + (sum < carry); /* detect overflow */
-#endif
- }
-
- /* If we run out of 'b' digits before we're actually done, make
- sure the carries get propagated upward...
- */
- for (used = MP_USED(a); ix < used; ++ix) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- w = w + *pa++;
- *pc++ = ACCUM(w);
- w = CARRYOUT(w);
-#else
- *pc++ = sum = carry + *pa++;
- carry = (sum < carry);
-#endif
- }
-
- /* If there's an overall carry out, increase precision and include
- it. We could have done this initially, but why touch the memory
- allocator unless we're sure we have to?
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- if (w) {
- if((res = s_mp_pad(c, used + 1)) != MP_OKAY)
- return res;
-
- DIGIT(c, used) = (mp_digit)w;
- ++used;
- }
-#else
- if (carry) {
- if((res = s_mp_pad(c, used + 1)) != MP_OKAY)
- return res;
-
- DIGIT(c, used) = carry;
- ++used;
- }
-#endif
- MP_USED(c) = used;
- return MP_OKAY;
-}
-/* {{{ s_mp_add_offset(a, b, offset) */
-
-/* Compute a = |a| + ( |b| * (RADIX ** offset) ) */
-mp_err s_mp_add_offset(mp_int *a, mp_int *b, mp_size offset)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- mp_word w, k = 0;
-#else
- mp_digit d, sum, carry = 0;
-#endif
- mp_size ib;
- mp_size ia;
- mp_size lim;
- mp_err res;
-
- /* Make sure a has enough precision for the output value */
- lim = MP_USED(b) + offset;
- if((lim > USED(a)) && (res = s_mp_pad(a, lim)) != MP_OKAY)
- return res;
-
- /*
- Add up all digits up to the precision of b. If b had initially
- the same precision as a, or greater, we took care of it by the
- padding step above, so there is no problem. If b had initially
- less precision, we'll have to make sure the carry out is duly
- propagated upward among the higher-order digits of the sum.
- */
- lim = USED(b);
- for(ib = 0, ia = offset; ib < lim; ib++, ia++) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- w = (mp_word)DIGIT(a, ia) + DIGIT(b, ib) + k;
- DIGIT(a, ia) = ACCUM(w);
- k = CARRYOUT(w);
-#else
- d = MP_DIGIT(a, ia);
- sum = d + MP_DIGIT(b, ib);
- d = (sum < d);
- MP_DIGIT(a,ia) = sum += carry;
- carry = d + (sum < carry);
-#endif
- }
-
- /* If we run out of 'b' digits before we're actually done, make
- sure the carries get propagated upward...
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- for (lim = MP_USED(a); k && (ia < lim); ++ia) {
- w = (mp_word)DIGIT(a, ia) + k;
- DIGIT(a, ia) = ACCUM(w);
- k = CARRYOUT(w);
- }
-#else
- for (lim = MP_USED(a); carry && (ia < lim); ++ia) {
- d = MP_DIGIT(a, ia);
- MP_DIGIT(a,ia) = sum = d + carry;
- carry = (sum < d);
- }
-#endif
-
- /* If there's an overall carry out, increase precision and include
- it. We could have done this initially, but why touch the memory
- allocator unless we're sure we have to?
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_ADD_WORD)
- if(k) {
- if((res = s_mp_pad(a, USED(a) + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, ia) = (mp_digit)k;
- }
-#else
- if (carry) {
- if((res = s_mp_pad(a, lim + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, lim) = carry;
- }
-#endif
- s_mp_clamp(a);
-
- return MP_OKAY;
-
-} /* end s_mp_add_offset() */
-
-/* }}} */
-
-/* {{{ s_mp_sub(a, b) */
-
-/* Compute a = |a| - |b|, assumes |a| >= |b| */
-mp_err s_mp_sub(mp_int *a, const mp_int *b) /* magnitude subtract */
-{
- mp_digit *pa, *pb, *limit;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- mp_sword w = 0;
-#else
- mp_digit d, diff, borrow = 0;
-#endif
-
- /*
- Subtract and propagate borrow. Up to the precision of b, this
- accounts for the digits of b; after that, we just make sure the
- carries get to the right place. This saves having to pad b out to
- the precision of a just to make the loops work right...
- */
- pa = MP_DIGITS(a);
- pb = MP_DIGITS(b);
- limit = pb + MP_USED(b);
- while (pb < limit) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- w = w + *pa - *pb++;
- *pa++ = ACCUM(w);
- w >>= MP_DIGIT_BIT;
-#else
- d = *pa;
- diff = d - *pb++;
- d = (diff > d); /* detect borrow */
- if (borrow && --diff == MP_DIGIT_MAX)
- ++d;
- *pa++ = diff;
- borrow = d;
-#endif
- }
- limit = MP_DIGITS(a) + MP_USED(a);
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- while (w && pa < limit) {
- w = w + *pa;
- *pa++ = ACCUM(w);
- w >>= MP_DIGIT_BIT;
- }
-#else
- while (borrow && pa < limit) {
- d = *pa;
- *pa++ = diff = d - borrow;
- borrow = (diff > d);
- }
-#endif
-
- /* Clobber any leading zeroes we created */
- s_mp_clamp(a);
-
- /*
- If there was a borrow out, then |b| > |a| in violation
- of our input invariant. We've already done the work,
- but we'll at least complain about it...
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- return w ? MP_RANGE : MP_OKAY;
-#else
- return borrow ? MP_RANGE : MP_OKAY;
-#endif
-} /* end s_mp_sub() */
-
-/* }}} */
-
-/* Compute c = |a| - |b|, assumes |a| >= |b| */ /* magnitude subtract */
-mp_err s_mp_sub_3arg(const mp_int *a, const mp_int *b, mp_int *c)
-{
- mp_digit *pa, *pb, *pc;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- mp_sword w = 0;
-#else
- mp_digit d, diff, borrow = 0;
-#endif
- int ix, limit;
- mp_err res;
-
- MP_SIGN(c) = MP_SIGN(a);
-
- /* Make sure a has enough precision for the output value */
- if (MP_OKAY != (res = s_mp_pad(c, MP_USED(a))))
- return res;
-
- /*
- Subtract and propagate borrow. Up to the precision of b, this
- accounts for the digits of b; after that, we just make sure the
- carries get to the right place. This saves having to pad b out to
- the precision of a just to make the loops work right...
- */
- pa = MP_DIGITS(a);
- pb = MP_DIGITS(b);
- pc = MP_DIGITS(c);
- limit = MP_USED(b);
- for (ix = 0; ix < limit; ++ix) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- w = w + *pa++ - *pb++;
- *pc++ = ACCUM(w);
- w >>= MP_DIGIT_BIT;
-#else
- d = *pa++;
- diff = d - *pb++;
- d = (diff > d);
- if (borrow && --diff == MP_DIGIT_MAX)
- ++d;
- *pc++ = diff;
- borrow = d;
-#endif
- }
- for (limit = MP_USED(a); ix < limit; ++ix) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- w = w + *pa++;
- *pc++ = ACCUM(w);
- w >>= MP_DIGIT_BIT;
-#else
- d = *pa++;
- *pc++ = diff = d - borrow;
- borrow = (diff > d);
-#endif
- }
-
- /* Clobber any leading zeroes we created */
- MP_USED(c) = ix;
- s_mp_clamp(c);
-
- /*
- If there was a borrow out, then |b| > |a| in violation
- of our input invariant. We've already done the work,
- but we'll at least complain about it...
- */
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_SUB_WORD)
- return w ? MP_RANGE : MP_OKAY;
-#else
- return borrow ? MP_RANGE : MP_OKAY;
-#endif
-}
-/* {{{ s_mp_mul(a, b) */
-
-/* Compute a = |a| * |b| */
-mp_err s_mp_mul(mp_int *a, const mp_int *b)
-{
- return mp_mul(a, b, a);
-} /* end s_mp_mul() */
-
-/* }}} */
-
-#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY)
-/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { unsigned long long product = (unsigned long long)a * b; \
- Plo = (mp_digit)product; \
- Phi = (mp_digit)(product >> MP_DIGIT_BIT); }
-#elif defined(OSF1)
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { Plo = asm ("mulq %a0, %a1, %v0", a, b);\
- Phi = asm ("umulh %a0, %a1, %v0", a, b); }
-#else
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { mp_digit a0b1, a1b0; \
- Plo = (a & MP_HALF_DIGIT_MAX) * (b & MP_HALF_DIGIT_MAX); \
- Phi = (a >> MP_HALF_DIGIT_BIT) * (b >> MP_HALF_DIGIT_BIT); \
- a0b1 = (a & MP_HALF_DIGIT_MAX) * (b >> MP_HALF_DIGIT_BIT); \
- a1b0 = (a >> MP_HALF_DIGIT_BIT) * (b & MP_HALF_DIGIT_MAX); \
- a1b0 += a0b1; \
- Phi += a1b0 >> MP_HALF_DIGIT_BIT; \
- if (a1b0 < a0b1) \
- Phi += MP_HALF_RADIX; \
- a1b0 <<= MP_HALF_DIGIT_BIT; \
- Plo += a1b0; \
- if (Plo < a1b0) \
- ++Phi; \
- }
-#endif
-
-#if !defined(MP_ASSEMBLY_MULTIPLY)
-/* c = a * b */
-void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
- *c = d;
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
- *c = carry;
-#endif
-}
-
-/* c += a * b */
-void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b,
- mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + *c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
- *c = d;
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- a0b0 += a_i = *c;
- if (a0b0 < a_i)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
- *c = carry;
-#endif
-}
-
-/* Presently, this is only used by the Montgomery arithmetic code. */
-/* c += a * b */
-void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + *c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
-
- while (d) {
- mp_word w = (mp_word)*c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
-
- a0b0 += a_i = *c;
- if (a0b0 < a_i)
- ++a1b1;
-
- *c++ = a0b0;
- carry = a1b1;
- }
- while (carry) {
- mp_digit c_i = *c;
- carry += c_i;
- *c++ = carry;
- carry = carry < c_i;
- }
-#endif
-}
-#endif
-
-#if defined(MP_USE_UINT_DIGIT) && defined(MP_USE_LONG_LONG_MULTIPLY)
-/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
-#define MP_SQR_D(a, Phi, Plo) \
- { unsigned long long square = (unsigned long long)a * a; \
- Plo = (mp_digit)square; \
- Phi = (mp_digit)(square >> MP_DIGIT_BIT); }
-#elif defined(OSF1)
-#define MP_SQR_D(a, Phi, Plo) \
- { Plo = asm ("mulq %a0, %a0, %v0", a);\
- Phi = asm ("umulh %a0, %a0, %v0", a); }
-#else
-#define MP_SQR_D(a, Phi, Plo) \
- { mp_digit Pmid; \
- Plo = (a & MP_HALF_DIGIT_MAX) * (a & MP_HALF_DIGIT_MAX); \
- Phi = (a >> MP_HALF_DIGIT_BIT) * (a >> MP_HALF_DIGIT_BIT); \
- Pmid = (a & MP_HALF_DIGIT_MAX) * (a >> MP_HALF_DIGIT_BIT); \
- Phi += Pmid >> (MP_HALF_DIGIT_BIT - 1); \
- Pmid <<= (MP_HALF_DIGIT_BIT + 1); \
- Plo += Pmid; \
- if (Plo < Pmid) \
- ++Phi; \
- }
-#endif
-
-#if !defined(MP_ASSEMBLY_SQUARE)
-/* Add the squares of the digits of a to the digits of b. */
-void s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
-{
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD)
- mp_word w;
- mp_digit d;
- mp_size ix;
-
- w = 0;
-#define ADD_SQUARE(n) \
- d = pa[n]; \
- w += (d * (mp_word)d) + ps[2*n]; \
- ps[2*n] = ACCUM(w); \
- w = (w >> DIGIT_BIT) + ps[2*n+1]; \
- ps[2*n+1] = ACCUM(w); \
- w = (w >> DIGIT_BIT)
-
- for (ix = a_len; ix >= 4; ix -= 4) {
- ADD_SQUARE(0);
- ADD_SQUARE(1);
- ADD_SQUARE(2);
- ADD_SQUARE(3);
- pa += 4;
- ps += 8;
- }
- if (ix) {
- ps += 2*ix;
- pa += ix;
- switch (ix) {
- case 3: ADD_SQUARE(-3); /* FALLTHRU */
- case 2: ADD_SQUARE(-2); /* FALLTHRU */
- case 1: ADD_SQUARE(-1); /* FALLTHRU */
- case 0: break;
- }
- }
- while (w) {
- w += *ps;
- *ps++ = ACCUM(w);
- w = (w >> DIGIT_BIT);
- }
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *pa++;
- mp_digit a0a0, a1a1;
-
- MP_SQR_D(a_i, a1a1, a0a0);
-
- /* here a1a1 and a0a0 constitute a_i ** 2 */
- a0a0 += carry;
- if (a0a0 < carry)
- ++a1a1;
-
- /* now add to ps */
- a0a0 += a_i = *ps;
- if (a0a0 < a_i)
- ++a1a1;
- *ps++ = a0a0;
- a1a1 += a_i = *ps;
- carry = (a1a1 < a_i);
- *ps++ = a1a1;
- }
- while (carry) {
- mp_digit s_i = *ps;
- carry += s_i;
- *ps++ = carry;
- carry = carry < s_i;
- }
-#endif
-}
-#endif
-
-#if (defined(MP_NO_MP_WORD) || defined(MP_NO_DIV_WORD)) \
-&& !defined(MP_ASSEMBLY_DIV_2DX1D)
-/*
-** Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
-** so its high bit is 1. This code is from NSPR.
-*/
-mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
- mp_digit *qp, mp_digit *rp)
-{
- mp_digit d1, d0, q1, q0;
- mp_digit r1, r0, m;
-
- d1 = divisor >> MP_HALF_DIGIT_BIT;
- d0 = divisor & MP_HALF_DIGIT_MAX;
- r1 = Nhi % d1;
- q1 = Nhi / d1;
- m = q1 * d0;
- r1 = (r1 << MP_HALF_DIGIT_BIT) | (Nlo >> MP_HALF_DIGIT_BIT);
- if (r1 < m) {
- q1--, r1 += divisor;
- if (r1 >= divisor && r1 < m) {
- q1--, r1 += divisor;
- }
- }
- r1 -= m;
- r0 = r1 % d1;
- q0 = r1 / d1;
- m = q0 * d0;
- r0 = (r0 << MP_HALF_DIGIT_BIT) | (Nlo & MP_HALF_DIGIT_MAX);
- if (r0 < m) {
- q0--, r0 += divisor;
- if (r0 >= divisor && r0 < m) {
- q0--, r0 += divisor;
- }
- }
- if (qp)
- *qp = (q1 << MP_HALF_DIGIT_BIT) | q0;
- if (rp)
- *rp = r0 - m;
- return MP_OKAY;
-}
-#endif
-
-#if MP_SQUARE
-/* {{{ s_mp_sqr(a) */
-
-mp_err s_mp_sqr(mp_int *a)
-{
- mp_err res;
- mp_int tmp;
-
- if((res = mp_init_size(&tmp, 2 * USED(a))) != MP_OKAY)
- return res;
- res = mp_sqr(a, &tmp);
- if (res == MP_OKAY) {
- s_mp_exch(&tmp, a);
- }
- mp_clear(&tmp);
- return res;
-}
-
-/* }}} */
-#endif
-
-/* {{{ s_mp_div(a, b) */
-
-/*
- s_mp_div(a, b)
-
- Compute a = a / b and b = a mod b. Assumes b > a.
- */
-
-mp_err s_mp_div(mp_int *rem, /* i: dividend, o: remainder */
- mp_int *div, /* i: divisor */
- mp_int *quot) /* i: 0; o: quotient */
-{
- mp_int part, t;
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
- mp_word q_msd;
-#else
- mp_digit q_msd;
-#endif
- mp_err res;
- mp_digit d;
- mp_digit div_msd;
- int ix;
-
- if(mp_cmp_z(div) == 0)
- return MP_RANGE;
-
- /* Shortcut if divisor is power of two */
- if((ix = s_mp_ispow2(div)) >= 0) {
- MP_CHECKOK( mp_copy(rem, quot) );
- s_mp_div_2d(quot, (mp_digit)ix);
- s_mp_mod_2d(rem, (mp_digit)ix);
-
- return MP_OKAY;
- }
-
- DIGITS(&t) = 0;
- MP_SIGN(rem) = ZPOS;
- MP_SIGN(div) = ZPOS;
-
- /* A working temporary for division */
- MP_CHECKOK( mp_init_size(&t, MP_ALLOC(rem)));
-
- /* Normalize to optimize guessing */
- MP_CHECKOK( s_mp_norm(rem, div, &d) );
-
- part = *rem;
-
- /* Perform the division itself...woo! */
- MP_USED(quot) = MP_ALLOC(quot);
-
- /* Find a partial substring of rem which is at least div */
- /* If we didn't find one, we're finished dividing */
- while (MP_USED(rem) > MP_USED(div) || s_mp_cmp(rem, div) >= 0) {
- int i;
- int unusedRem;
-
- unusedRem = MP_USED(rem) - MP_USED(div);
- MP_DIGITS(&part) = MP_DIGITS(rem) + unusedRem;
- MP_ALLOC(&part) = MP_ALLOC(rem) - unusedRem;
- MP_USED(&part) = MP_USED(div);
- if (s_mp_cmp(&part, div) < 0) {
- -- unusedRem;
-#if MP_ARGCHK == 2
- assert(unusedRem >= 0);
-#endif
- -- MP_DIGITS(&part);
- ++ MP_USED(&part);
- ++ MP_ALLOC(&part);
- }
-
- /* Compute a guess for the next quotient digit */
- q_msd = MP_DIGIT(&part, MP_USED(&part) - 1);
- div_msd = MP_DIGIT(div, MP_USED(div) - 1);
- if (q_msd >= div_msd) {
- q_msd = 1;
- } else if (MP_USED(&part) > 1) {
-#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_DIV_WORD)
- q_msd = (q_msd << MP_DIGIT_BIT) | MP_DIGIT(&part, MP_USED(&part) - 2);
- q_msd /= div_msd;
- if (q_msd == RADIX)
- --q_msd;
-#else
- mp_digit r;
- MP_CHECKOK( s_mpv_div_2dx1d(q_msd, MP_DIGIT(&part, MP_USED(&part) - 2),
- div_msd, &q_msd, &r) );
-#endif
- } else {
- q_msd = 0;
- }
-#if MP_ARGCHK == 2
- assert(q_msd > 0); /* This case should never occur any more. */
-#endif
- if (q_msd <= 0)
- break;
-
- /* See what that multiplies out to */
- mp_copy(div, &t);
- MP_CHECKOK( s_mp_mul_d(&t, (mp_digit)q_msd) );
-
- /*
- If it's too big, back it off. We should not have to do this
- more than once, or, in rare cases, twice. Knuth describes a
- method by which this could be reduced to a maximum of once, but
- I didn't implement that here.
- * When using s_mpv_div_2dx1d, we may have to do this 3 times.
- */
- for (i = 4; s_mp_cmp(&t, &part) > 0 && i > 0; --i) {
- --q_msd;
- s_mp_sub(&t, div); /* t -= div */
- }
- if (i < 0) {
- res = MP_RANGE;
- goto CLEANUP;
- }
-
- /* At this point, q_msd should be the right next digit */
- MP_CHECKOK( s_mp_sub(&part, &t) ); /* part -= t */
- s_mp_clamp(rem);
-
- /*
- Include the digit in the quotient. We allocated enough memory
- for any quotient we could ever possibly get, so we should not
- have to check for failures here
- */
- MP_DIGIT(quot, unusedRem) = (mp_digit)q_msd;
- }
-
- /* Denormalize remainder */
- if (d) {
- s_mp_div_2d(rem, d);
- }
-
- s_mp_clamp(quot);
-
-CLEANUP:
- mp_clear(&t);
-
- return res;
-
-} /* end s_mp_div() */
-
-
-/* }}} */
-
-/* {{{ s_mp_2expt(a, k) */
-
-mp_err s_mp_2expt(mp_int *a, mp_digit k)
-{
- mp_err res;
- mp_size dig, bit;
-
- dig = k / DIGIT_BIT;
- bit = k % DIGIT_BIT;
-
- mp_zero(a);
- if((res = s_mp_pad(a, dig + 1)) != MP_OKAY)
- return res;
-
- DIGIT(a, dig) |= ((mp_digit)1 << bit);
-
- return MP_OKAY;
-
-} /* end s_mp_2expt() */
-
-/* }}} */
-
-/* {{{ s_mp_reduce(x, m, mu) */
-
-/*
- Compute Barrett reduction, x (mod m), given a precomputed value for
- mu = b^2k / m, where b = RADIX and k = #digits(m). This should be
- faster than straight division, when many reductions by the same
- value of m are required (such as in modular exponentiation). This
- can nearly halve the time required to do modular exponentiation,
- as compared to using the full integer divide to reduce.
-
- This algorithm was derived from the _Handbook of Applied
- Cryptography_ by Menezes, Oorschot and VanStone, Ch. 14,
- pp. 603-604.
- */
-
-mp_err s_mp_reduce(mp_int *x, const mp_int *m, const mp_int *mu)
-{
- mp_int q;
- mp_err res;
-
- if((res = mp_init_copy(&q, x)) != MP_OKAY)
- return res;
-
- s_mp_rshd(&q, USED(m) - 1); /* q1 = x / b^(k-1) */
- s_mp_mul(&q, mu); /* q2 = q1 * mu */
- s_mp_rshd(&q, USED(m) + 1); /* q3 = q2 / b^(k+1) */
-
- /* x = x mod b^(k+1), quick (no division) */
- s_mp_mod_2d(x, DIGIT_BIT * (USED(m) + 1));
-
- /* q = q * m mod b^(k+1), quick (no division) */
- s_mp_mul(&q, m);
- s_mp_mod_2d(&q, DIGIT_BIT * (USED(m) + 1));
-
- /* x = x - q */
- if((res = mp_sub(x, &q, x)) != MP_OKAY)
- goto CLEANUP;
-
- /* If x < 0, add b^(k+1) to it */
- if(mp_cmp_z(x) < 0) {
- mp_set(&q, 1);
- if((res = s_mp_lshd(&q, USED(m) + 1)) != MP_OKAY)
- goto CLEANUP;
- if((res = mp_add(x, &q, x)) != MP_OKAY)
- goto CLEANUP;
- }
-
- /* Back off if it's too big */
- while(mp_cmp(x, m) >= 0) {
- if((res = s_mp_sub(x, m)) != MP_OKAY)
- break;
- }
-
- CLEANUP:
- mp_clear(&q);
-
- return res;
-
-} /* end s_mp_reduce() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Primitive comparisons */
-
-/* {{{ s_mp_cmp(a, b) */
-
-/* Compare |a| <=> |b|, return 0 if equal, <0 if a<b, >0 if a>b */
-int s_mp_cmp(const mp_int *a, const mp_int *b)
-{
- mp_size used_a = MP_USED(a);
- {
- mp_size used_b = MP_USED(b);
-
- if (used_a > used_b)
- goto IS_GT;
- if (used_a < used_b)
- goto IS_LT;
- }
- {
- mp_digit *pa, *pb;
- mp_digit da = 0, db = 0;
-
-#define CMP_AB(n) if ((da = pa[n]) != (db = pb[n])) goto done
-
- pa = MP_DIGITS(a) + used_a;
- pb = MP_DIGITS(b) + used_a;
- while (used_a >= 4) {
- pa -= 4;
- pb -= 4;
- used_a -= 4;
- CMP_AB(3);
- CMP_AB(2);
- CMP_AB(1);
- CMP_AB(0);
- }
- while (used_a-- > 0 && ((da = *--pa) == (db = *--pb)))
- /* do nothing */;
-done:
- if (da > db)
- goto IS_GT;
- if (da < db)
- goto IS_LT;
- }
- return MP_EQ;
-IS_LT:
- return MP_LT;
-IS_GT:
- return MP_GT;
-} /* end s_mp_cmp() */
-
-/* }}} */
-
-/* {{{ s_mp_cmp_d(a, d) */
-
-/* Compare |a| <=> d, return 0 if equal, <0 if a<d, >0 if a>d */
-int s_mp_cmp_d(const mp_int *a, mp_digit d)
-{
- if(USED(a) > 1)
- return MP_GT;
-
- if(DIGIT(a, 0) < d)
- return MP_LT;
- else if(DIGIT(a, 0) > d)
- return MP_GT;
- else
- return MP_EQ;
-
-} /* end s_mp_cmp_d() */
-
-/* }}} */
-
-/* {{{ s_mp_ispow2(v) */
-
-/*
- Returns -1 if the value is not a power of two; otherwise, it returns
- k such that v = 2^k, i.e. lg(v).
- */
-int s_mp_ispow2(const mp_int *v)
-{
- mp_digit d;
- int extra = 0, ix;
-
- ix = MP_USED(v) - 1;
- d = MP_DIGIT(v, ix); /* most significant digit of v */
-
- extra = s_mp_ispow2d(d);
- if (extra < 0 || ix == 0)
- return extra;
-
- while (--ix >= 0) {
- if (DIGIT(v, ix) != 0)
- return -1; /* not a power of two */
- extra += MP_DIGIT_BIT;
- }
-
- return extra;
-
-} /* end s_mp_ispow2() */
-
-/* }}} */
-
-/* {{{ s_mp_ispow2d(d) */
-
-int s_mp_ispow2d(mp_digit d)
-{
- if ((d != 0) && ((d & (d-1)) == 0)) { /* d is a power of 2 */
- int pow = 0;
-#if defined (MP_USE_UINT_DIGIT)
- if (d & 0xffff0000U)
- pow += 16;
- if (d & 0xff00ff00U)
- pow += 8;
- if (d & 0xf0f0f0f0U)
- pow += 4;
- if (d & 0xccccccccU)
- pow += 2;
- if (d & 0xaaaaaaaaU)
- pow += 1;
-#elif defined(MP_USE_LONG_LONG_DIGIT)
- if (d & 0xffffffff00000000ULL)
- pow += 32;
- if (d & 0xffff0000ffff0000ULL)
- pow += 16;
- if (d & 0xff00ff00ff00ff00ULL)
- pow += 8;
- if (d & 0xf0f0f0f0f0f0f0f0ULL)
- pow += 4;
- if (d & 0xccccccccccccccccULL)
- pow += 2;
- if (d & 0xaaaaaaaaaaaaaaaaULL)
- pow += 1;
-#elif defined(MP_USE_LONG_DIGIT)
- if (d & 0xffffffff00000000UL)
- pow += 32;
- if (d & 0xffff0000ffff0000UL)
- pow += 16;
- if (d & 0xff00ff00ff00ff00UL)
- pow += 8;
- if (d & 0xf0f0f0f0f0f0f0f0UL)
- pow += 4;
- if (d & 0xccccccccccccccccUL)
- pow += 2;
- if (d & 0xaaaaaaaaaaaaaaaaUL)
- pow += 1;
-#else
-#error "unknown type for mp_digit"
-#endif
- return pow;
- }
- return -1;
-
-} /* end s_mp_ispow2d() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ Primitive I/O helpers */
-
-/* {{{ s_mp_tovalue(ch, r) */
-
-/*
- Convert the given character to its digit value, in the given radix.
- If the given character is not understood in the given radix, -1 is
- returned. Otherwise the digit's numeric value is returned.
-
- The results will be odd if you use a radix < 2 or > 62, you are
- expected to know what you're up to.
- */
-int s_mp_tovalue(char ch, int r)
-{
- int val, xch;
-
- if(r > 36)
- xch = ch;
- else
- xch = toupper(ch);
-
- if(isdigit(xch))
- val = xch - '0';
- else if(isupper(xch))
- val = xch - 'A' + 10;
- else if(islower(xch))
- val = xch - 'a' + 36;
- else if(xch == '+')
- val = 62;
- else if(xch == '/')
- val = 63;
- else
- return -1;
-
- if(val < 0 || val >= r)
- return -1;
-
- return val;
-
-} /* end s_mp_tovalue() */
-
-/* }}} */
-
-/* {{{ s_mp_todigit(val, r, low) */
-
-/*
- Convert val to a radix-r digit, if possible. If val is out of range
- for r, returns zero. Otherwise, returns an ASCII character denoting
- the value in the given radix.
-
- The results may be odd if you use a radix < 2 or > 64, you are
- expected to know what you're doing.
- */
-
-char s_mp_todigit(mp_digit val, int r, int low)
-{
- char ch;
-
- if(val >= r)
- return 0;
-
- ch = s_dmap_1[val];
-
- if(r <= 36 && low)
- ch = tolower(ch);
-
- return ch;
-
-} /* end s_mp_todigit() */
-
-/* }}} */
-
-/* {{{ s_mp_outlen(bits, radix) */
-
-/*
- Return an estimate for how long a string is needed to hold a radix
- r representation of a number with 'bits' significant bits, plus an
- extra for a zero terminator (assuming C style strings here)
- */
-int s_mp_outlen(int bits, int r)
-{
- return (int)((double)bits * LOG_V_2(r) + 1.5) + 1;
-
-} /* end s_mp_outlen() */
-
-/* }}} */
-
-/* }}} */
-
-/* {{{ mp_read_unsigned_octets(mp, str, len) */
-/* mp_read_unsigned_octets(mp, str, len)
- Read in a raw value (base 256) into the given mp_int
- No sign bit, number is positive. Leading zeros ignored.
- */
-
-mp_err
-mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len)
-{
- int count;
- mp_err res;
- mp_digit d;
-
- ARGCHK(mp != NULL && str != NULL && len > 0, MP_BADARG);
-
- mp_zero(mp);
-
- count = len % sizeof(mp_digit);
- if (count) {
- for (d = 0; count-- > 0; --len) {
- d = (d << 8) | *str++;
- }
- MP_DIGIT(mp, 0) = d;
- }
-
- /* Read the rest of the digits */
- for(; len > 0; len -= sizeof(mp_digit)) {
- for (d = 0, count = sizeof(mp_digit); count > 0; --count) {
- d = (d << 8) | *str++;
- }
- if (MP_EQ == mp_cmp_z(mp)) {
- if (!d)
- continue;
- } else {
- if((res = s_mp_lshd(mp, 1)) != MP_OKAY)
- return res;
- }
- MP_DIGIT(mp, 0) = d;
- }
- return MP_OKAY;
-} /* end mp_read_unsigned_octets() */
-/* }}} */
-
-/* {{{ mp_unsigned_octet_size(mp) */
-int
-mp_unsigned_octet_size(const mp_int *mp)
-{
- int bytes;
- int ix;
- mp_digit d = 0;
-
- ARGCHK(mp != NULL, MP_BADARG);
- ARGCHK(MP_ZPOS == SIGN(mp), MP_BADARG);
-
- bytes = (USED(mp) * sizeof(mp_digit));
-
- /* subtract leading zeros. */
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- d = DIGIT(mp, ix);
- if (d)
- break;
- bytes -= sizeof(d);
- }
- if (!bytes)
- return 1;
-
- /* Have MSD, check digit bytes, high order first */
- for(ix = sizeof(mp_digit) - 1; ix >= 0; ix--) {
- unsigned char x = (unsigned char)(d >> (ix * CHAR_BIT));
- if (x)
- break;
- --bytes;
- }
- return bytes;
-} /* end mp_unsigned_octet_size() */
-/* }}} */
-
-/* {{{ mp_to_unsigned_octets(mp, str) */
-/* output a buffer of big endian octets no longer than specified. */
-mp_err
-mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen)
-{
- int ix, pos = 0;
- int bytes;
-
- ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
- bytes = mp_unsigned_octet_size(mp);
- ARGCHK(bytes <= maxlen, MP_BADARG);
-
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- mp_digit d = DIGIT(mp, ix);
- int jx;
-
- /* Unpack digit bytes, high order first */
- for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
- unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
- if (!pos && !x) /* suppress leading zeros */
- continue;
- str[pos++] = x;
- }
- }
- return pos;
-} /* end mp_to_unsigned_octets() */
-/* }}} */
-
-/* {{{ mp_to_signed_octets(mp, str) */
-/* output a buffer of big endian octets no longer than specified. */
-mp_err
-mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen)
-{
- int ix, pos = 0;
- int bytes;
-
- ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
- bytes = mp_unsigned_octet_size(mp);
- ARGCHK(bytes <= maxlen, MP_BADARG);
-
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- mp_digit d = DIGIT(mp, ix);
- int jx;
-
- /* Unpack digit bytes, high order first */
- for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
- unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
- if (!pos) {
- if (!x) /* suppress leading zeros */
- continue;
- if (x & 0x80) { /* add one leading zero to make output positive. */
- ARGCHK(bytes + 1 <= maxlen, MP_BADARG);
- if (bytes + 1 > maxlen)
- return MP_BADARG;
- str[pos++] = 0;
- }
- }
- str[pos++] = x;
- }
- }
- return pos;
-} /* end mp_to_signed_octets() */
-/* }}} */
-
-/* {{{ mp_to_fixlen_octets(mp, str) */
-/* output a buffer of big endian octets exactly as long as requested. */
-mp_err
-mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size length)
-{
- int ix, pos = 0;
- int bytes;
-
- ARGCHK(mp != NULL && str != NULL && !SIGN(mp), MP_BADARG);
-
- bytes = mp_unsigned_octet_size(mp);
- ARGCHK(bytes <= length, MP_BADARG);
-
- /* place any needed leading zeros */
- for (;length > bytes; --length) {
- *str++ = 0;
- }
-
- /* Iterate over each digit... */
- for(ix = USED(mp) - 1; ix >= 0; ix--) {
- mp_digit d = DIGIT(mp, ix);
- int jx;
-
- /* Unpack digit bytes, high order first */
- for(jx = sizeof(mp_digit) - 1; jx >= 0; jx--) {
- unsigned char x = (unsigned char)(d >> (jx * CHAR_BIT));
- if (!pos && !x) /* suppress leading zeros */
- continue;
- str[pos++] = x;
- }
- }
- return MP_OKAY;
-} /* end mp_to_fixlen_octets() */
-/* }}} */
-
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mpi.h b/security/nss/lib/freebl/mpi/mpi.h
deleted file mode 100644
index c44099bdd..000000000
--- a/security/nss/lib/freebl/mpi/mpi.h
+++ /dev/null
@@ -1,332 +0,0 @@
-/*
- * mpi.h
- *
- * Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _H_MPI_
-#define _H_MPI_
-
-#include "mpi-config.h"
-
-#if MP_DEBUG
-#undef MP_IOFUNC
-#define MP_IOFUNC 1
-#endif
-
-#if MP_IOFUNC
-#include <stdio.h>
-#include <ctype.h>
-#endif
-
-#include <limits.h>
-
-#if defined(BSDI)
-#undef ULLONG_MAX
-#endif
-
-#ifdef macintosh
-#include <Types.h>
-#else
-#include <sys/types.h>
-#endif
-
-#define MP_NEG 1
-#define MP_ZPOS 0
-
-#define MP_OKAY 0 /* no error, all is well */
-#define MP_YES 0 /* yes (boolean result) */
-#define MP_NO -1 /* no (boolean result) */
-#define MP_MEM -2 /* out of memory */
-#define MP_RANGE -3 /* argument out of range */
-#define MP_BADARG -4 /* invalid parameter */
-#define MP_UNDEF -5 /* answer is undefined */
-#define MP_LAST_CODE MP_UNDEF
-
-typedef unsigned int mp_sign;
-typedef unsigned int mp_size;
-typedef int mp_err;
-
-#define MP_32BIT_MAX 4294967295U
-
-#if !defined(ULONG_MAX)
-#error "ULONG_MAX not defined"
-#elif !defined(UINT_MAX)
-#error "UINT_MAX not defined"
-#elif !defined(USHRT_MAX)
-#error "USHRT_MAX not defined"
-#endif
-
-#if defined(ULONG_LONG_MAX) /* GCC, HPUX */
-#define MP_ULONG_LONG_MAX ULONG_LONG_MAX
-#elif defined(ULLONG_MAX) /* Solaris */
-#define MP_ULONG_LONG_MAX ULLONG_MAX
-/* MP_ULONG_LONG_MAX was defined to be ULLONG_MAX */
-#elif defined(ULONGLONG_MAX) /* IRIX, AIX */
-#define MP_ULONG_LONG_MAX ULONGLONG_MAX
-#endif
-
-/* We only use unsigned long for mp_digit iff long is more than 32 bits. */
-#if !defined(MP_USE_UINT_DIGIT) && ULONG_MAX > MP_32BIT_MAX
-typedef unsigned long mp_digit;
-#define MP_DIGIT_MAX ULONG_MAX
-#define MP_DIGIT_FMT "%016lX" /* printf() format for 1 digit */
-#define MP_HALF_DIGIT_MAX UINT_MAX
-#undef MP_NO_MP_WORD
-#define MP_NO_MP_WORD 1
-#undef MP_USE_LONG_DIGIT
-#define MP_USE_LONG_DIGIT 1
-#undef MP_USE_LONG_LONG_DIGIT
-
-#elif !defined(MP_USE_UINT_DIGIT) && defined(MP_ULONG_LONG_MAX)
-typedef unsigned long long mp_digit;
-#define MP_DIGIT_MAX MP_ULONG_LONG_MAX
-#define MP_DIGIT_FMT "%016llX" /* printf() format for 1 digit */
-#define MP_HALF_DIGIT_MAX UINT_MAX
-#undef MP_NO_MP_WORD
-#define MP_NO_MP_WORD 1
-#undef MP_USE_LONG_LONG_DIGIT
-#define MP_USE_LONG_LONG_DIGIT 1
-#undef MP_USE_LONG_DIGIT
-
-#else
-typedef unsigned int mp_digit;
-#define MP_DIGIT_MAX UINT_MAX
-#define MP_DIGIT_FMT "%08X" /* printf() format for 1 digit */
-#define MP_HALF_DIGIT_MAX USHRT_MAX
-#undef MP_USE_UINT_DIGIT
-#define MP_USE_UINT_DIGIT 1
-#undef MP_USE_LONG_LONG_DIGIT
-#undef MP_USE_LONG_DIGIT
-#endif
-
-#if !defined(MP_NO_MP_WORD)
-#if defined(MP_USE_UINT_DIGIT) && \
- (defined(MP_ULONG_LONG_MAX) || (ULONG_MAX > UINT_MAX))
-
-#if (ULONG_MAX > UINT_MAX)
-typedef unsigned long mp_word;
-typedef long mp_sword;
-#define MP_WORD_MAX ULONG_MAX
-
-#else
-typedef unsigned long long mp_word;
-typedef long long mp_sword;
-#define MP_WORD_MAX MP_ULONG_LONG_MAX
-#endif
-
-#else
-#define MP_NO_MP_WORD 1
-#endif
-#endif /* !defined(MP_NO_MP_WORD) */
-
-#if !defined(MP_WORD_MAX) && defined(MP_DEFINE_SMALL_WORD)
-typedef unsigned int mp_word;
-typedef int mp_sword;
-#define MP_WORD_MAX UINT_MAX
-#endif
-
-#define MP_DIGIT_BIT (CHAR_BIT*sizeof(mp_digit))
-#define MP_WORD_BIT (CHAR_BIT*sizeof(mp_word))
-#define MP_RADIX (1+(mp_word)MP_DIGIT_MAX)
-
-#define MP_HALF_DIGIT_BIT (MP_DIGIT_BIT/2)
-#define MP_HALF_RADIX (1+(mp_digit)MP_HALF_DIGIT_MAX)
-/* MP_HALF_RADIX really ought to be called MP_SQRT_RADIX, but it's named
-** MP_HALF_RADIX because it's the radix for MP_HALF_DIGITs, and it's
-** consistent with the other _HALF_ names.
-*/
-
-
-/* Macros for accessing the mp_int internals */
-#define MP_SIGN(MP) ((MP)->sign)
-#define MP_USED(MP) ((MP)->used)
-#define MP_ALLOC(MP) ((MP)->alloc)
-#define MP_DIGITS(MP) ((MP)->dp)
-#define MP_DIGIT(MP,N) (MP)->dp[(N)]
-
-/* This defines the maximum I/O base (minimum is 2) */
-#define MP_MAX_RADIX 64
-
-typedef struct {
- mp_sign sign; /* sign of this quantity */
- mp_size alloc; /* how many digits allocated */
- mp_size used; /* how many digits used */
- mp_digit *dp; /* the digits themselves */
-} mp_int;
-
-/* Default precision */
-mp_size mp_get_prec(void);
-void mp_set_prec(mp_size prec);
-
-/* Memory management */
-mp_err mp_init(mp_int *mp);
-mp_err mp_init_size(mp_int *mp, mp_size prec);
-mp_err mp_init_copy(mp_int *mp, const mp_int *from);
-mp_err mp_copy(const mp_int *from, mp_int *to);
-void mp_exch(mp_int *mp1, mp_int *mp2);
-void mp_clear(mp_int *mp);
-void mp_zero(mp_int *mp);
-void mp_set(mp_int *mp, mp_digit d);
-mp_err mp_set_int(mp_int *mp, long z);
-#define mp_set_long(mp,z) mp_set_int(mp,z)
-mp_err mp_set_ulong(mp_int *mp, unsigned long z);
-
-/* Single digit arithmetic */
-mp_err mp_add_d(const mp_int *a, mp_digit d, mp_int *b);
-mp_err mp_sub_d(const mp_int *a, mp_digit d, mp_int *b);
-mp_err mp_mul_d(const mp_int *a, mp_digit d, mp_int *b);
-mp_err mp_mul_2(const mp_int *a, mp_int *c);
-mp_err mp_div_d(const mp_int *a, mp_digit d, mp_int *q, mp_digit *r);
-mp_err mp_div_2(const mp_int *a, mp_int *c);
-mp_err mp_expt_d(const mp_int *a, mp_digit d, mp_int *c);
-
-/* Sign manipulations */
-mp_err mp_abs(const mp_int *a, mp_int *b);
-mp_err mp_neg(const mp_int *a, mp_int *b);
-
-/* Full arithmetic */
-mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c);
-mp_err mp_mul(const mp_int *a, const mp_int *b, mp_int *c);
-#if MP_SQUARE
-mp_err mp_sqr(const mp_int *a, mp_int *b);
-#else
-#define mp_sqr(a, b) mp_mul(a, a, b)
-#endif
-mp_err mp_div(const mp_int *a, const mp_int *b, mp_int *q, mp_int *r);
-mp_err mp_div_2d(const mp_int *a, mp_digit d, mp_int *q, mp_int *r);
-mp_err mp_expt(mp_int *a, mp_int *b, mp_int *c);
-mp_err mp_2expt(mp_int *a, mp_digit k);
-mp_err mp_sqrt(const mp_int *a, mp_int *b);
-
-/* Modular arithmetic */
-#if MP_MODARITH
-mp_err mp_mod(const mp_int *a, const mp_int *m, mp_int *c);
-mp_err mp_mod_d(const mp_int *a, mp_digit d, mp_digit *c);
-mp_err mp_addmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err mp_submod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-#if MP_SQUARE
-mp_err mp_sqrmod(const mp_int *a, const mp_int *m, mp_int *c);
-#else
-#define mp_sqrmod(a, m, c) mp_mulmod(a, a, m, c)
-#endif
-mp_err mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c);
-mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c);
-#endif /* MP_MODARITH */
-
-/* Comparisons */
-int mp_cmp_z(const mp_int *a);
-int mp_cmp_d(const mp_int *a, mp_digit d);
-int mp_cmp(const mp_int *a, const mp_int *b);
-int mp_cmp_mag(mp_int *a, mp_int *b);
-int mp_cmp_int(const mp_int *a, long z);
-int mp_isodd(const mp_int *a);
-int mp_iseven(const mp_int *a);
-
-/* Number theoretic */
-#if MP_NUMTH
-mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c);
-mp_err mp_lcm(mp_int *a, mp_int *b, mp_int *c);
-mp_err mp_xgcd(const mp_int *a, const mp_int *b, mp_int *g, mp_int *x, mp_int *y);
-mp_err mp_invmod(const mp_int *a, const mp_int *m, mp_int *c);
-mp_err mp_invmod_xgcd(const mp_int *a, const mp_int *m, mp_int *c);
-#endif /* end MP_NUMTH */
-
-/* Input and output */
-#if MP_IOFUNC
-void mp_print(mp_int *mp, FILE *ofp);
-#endif /* end MP_IOFUNC */
-
-/* Base conversion */
-mp_err mp_read_raw(mp_int *mp, char *str, int len);
-int mp_raw_size(mp_int *mp);
-mp_err mp_toraw(mp_int *mp, char *str);
-mp_err mp_read_radix(mp_int *mp, const char *str, int radix);
-mp_err mp_read_variable_radix(mp_int *a, const char * str, int default_radix);
-int mp_radix_size(mp_int *mp, int radix);
-mp_err mp_toradix(mp_int *mp, char *str, int radix);
-int mp_tovalue(char ch, int r);
-
-#define mp_tobinary(M, S) mp_toradix((M), (S), 2)
-#define mp_tooctal(M, S) mp_toradix((M), (S), 8)
-#define mp_todecimal(M, S) mp_toradix((M), (S), 10)
-#define mp_tohex(M, S) mp_toradix((M), (S), 16)
-
-/* Error strings */
-const char *mp_strerror(mp_err ec);
-
-/* Octet string conversion functions */
-mp_err mp_read_unsigned_octets(mp_int *mp, const unsigned char *str, mp_size len);
-int mp_unsigned_octet_size(const mp_int *mp);
-mp_err mp_to_unsigned_octets(const mp_int *mp, unsigned char *str, mp_size maxlen);
-mp_err mp_to_signed_octets(const mp_int *mp, unsigned char *str, mp_size maxlen);
-mp_err mp_to_fixlen_octets(const mp_int *mp, unsigned char *str, mp_size len);
-
-/* Miscellaneous */
-mp_size mp_trailing_zeros(const mp_int *mp);
-
-#define MP_CHECKOK(x) if (MP_OKAY > (res = (x))) goto CLEANUP
-#define MP_CHECKERR(x) if (MP_OKAY > (res = (x))) goto CLEANUP
-
-#if defined(MP_API_COMPATIBLE)
-#define NEG MP_NEG
-#define ZPOS MP_ZPOS
-#define DIGIT_MAX MP_DIGIT_MAX
-#define DIGIT_BIT MP_DIGIT_BIT
-#define DIGIT_FMT MP_DIGIT_FMT
-#define RADIX MP_RADIX
-#define MAX_RADIX MP_MAX_RADIX
-#define SIGN(MP) MP_SIGN(MP)
-#define USED(MP) MP_USED(MP)
-#define ALLOC(MP) MP_ALLOC(MP)
-#define DIGITS(MP) MP_DIGITS(MP)
-#define DIGIT(MP,N) MP_DIGIT(MP,N)
-
-#if MP_ARGCHK == 1
-#define ARGCHK(X,Y) {if(!(X)){return (Y);}}
-#elif MP_ARGCHK == 2
-#include <assert.h>
-#define ARGCHK(X,Y) assert(X)
-#else
-#define ARGCHK(X,Y) /* */
-#endif
-#endif /* defined MP_API_COMPATIBLE */
-
-#endif /* end _H_MPI_ */
diff --git a/security/nss/lib/freebl/mpi/mpi_hp.c b/security/nss/lib/freebl/mpi/mpi_hp.c
deleted file mode 100644
index e30630c19..000000000
--- a/security/nss/lib/freebl/mpi/mpi_hp.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-/* This file contains routines that perform vector multiplication. */
-
-#include "mpi-priv.h"
-#include <unistd.h>
-
-#include <stddef.h>
-/* #include <sys/systeminfo.h> */
-#include <strings.h>
-
-extern void multacc512(
- int length, /* doublewords in multiplicand vector. */
- const mp_digit *scalaraddr, /* Address of scalar. */
- const mp_digit *multiplicand, /* The multiplicand vector. */
- mp_digit * result); /* Where to accumulate the result. */
-
-extern void maxpy_little(
- int length, /* doublewords in multiplicand vector. */
- const mp_digit *scalaraddr, /* Address of scalar. */
- const mp_digit *multiplicand, /* The multiplicand vector. */
- mp_digit * result); /* Where to accumulate the result. */
-
-extern void add_diag_little(
- int length, /* doublewords in input vector. */
- const mp_digit *root, /* The vector to square. */
- mp_digit * result); /* Where to accumulate the result. */
-
-void
-s_mpv_sqr_add_prop(const mp_digit *pa, mp_size a_len, mp_digit *ps)
-{
- add_diag_little(a_len, pa, ps);
-}
-
-#define MAX_STACK_DIGITS 258
-#define MULTACC512_LEN (512 / MP_DIGIT_BIT)
-#define HP_MPY_ADD_FN (a_len == MULTACC512_LEN ? multacc512 : maxpy_little)
-
-/* c = a * b */
-void
-s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- mp_digit x[MAX_STACK_DIGITS];
- mp_digit *px = x;
- size_t xSize = 0;
-
- if (a == c) {
- if (a_len > MAX_STACK_DIGITS) {
- xSize = sizeof(mp_digit) * (a_len + 2);
- px = malloc(xSize);
- if (!px)
- return;
- }
- memcpy(px, a, a_len * sizeof(*a));
- a = px;
- }
- s_mp_setz(c, a_len + 1);
- HP_MPY_ADD_FN(a_len, &b, a, c);
- if (px != x && px) {
- memset(px, 0, xSize);
- free(px);
- }
-}
-
-/* c += a * b, where a is a_len words long. */
-void
-s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- c[a_len] = 0; /* so carry propagation stops here. */
- HP_MPY_ADD_FN(a_len, &b, a, c);
-}
-
-/* c += a * b, where a is y words long. */
-void
-s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b,
- mp_digit *c)
-{
- HP_MPY_ADD_FN(a_len, &b, a, c);
-}
-
diff --git a/security/nss/lib/freebl/mpi/mpi_i86pc.s b/security/nss/lib/freebl/mpi/mpi_i86pc.s
deleted file mode 100644
index f6c167b1a..000000000
--- a/security/nss/lib/freebl/mpi/mpi_i86pc.s
+++ /dev/null
@@ -1,342 +0,0 @@
- /
- / The contents of this file are subject to the Mozilla Public
- / License Version 1.1 (the "License"); you may not use this file
- / except in compliance with the License. You may obtain a copy of
- / the License at http://www.mozilla.org/MPL/
- /
- / Software distributed under the License is distributed on an "AS
- / IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- / implied. See the License for the specific language governing
- / rights and limitations under the License.
- /
- / The Original Code is the Netscape security libraries.
- /
- / The Initial Developer of the Original Code is Netscape
- / Communications Corporation. Portions created by Netscape are
- / Copyright (C) 2001 Netscape Communications Corporation. All
- / Rights Reserved.
- /
- / Contributor(s):
- /
- / Alternatively, the contents of this file may be used under the
- / terms of the GNU General Public License Version 2 or later (the
- / "GPL"), in which case the provisions of the GPL are applicable
- / instead of those above. If you wish to allow use of your
- / version of this file only under the terms of the GPL and not to
- / allow others to use your version of this file under the MPL,
- / indicate your decision by deleting the provisions above and
- / replace them with the notice and other provisions required by
- / the GPL. If you do not delete the provisions above, a recipient
- / may use your version of this file under either the MPL or the
- / GPL.
- / $Id$
- /
-
-.text
-
- / ebp - 36: caller's esi
- / ebp - 32: caller's edi
- / ebp - 28:
- / ebp - 24:
- / ebp - 20:
- / ebp - 16:
- / ebp - 12:
- / ebp - 8:
- / ebp - 4:
- / ebp + 0: caller's ebp
- / ebp + 4: return address
- / ebp + 8: a argument
- / ebp + 12: a_len argument
- / ebp + 16: b argument
- / ebp + 20: c argument
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
-.globl s_mpv_mul_d
-.type s_mpv_mul_d,@function
-s_mpv_mul_d:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx / carry = 0
- mov 12(%ebp),%ecx / ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je L2 / jmp if a_len == 0
- mov 8(%ebp),%esi / esi = a
- cld
-L1:
- lodsl / eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx / edx = b
- mull %edx / edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax / add carry (%ebx) to edx:eax
- adc $0,%edx
- mov %edx,%ebx / high half of product becomes next carry
-
- stosl / [es:edi] = ax; edi += 4;
- dec %ecx / --a_len
- jnz L1 / jmp if a_len != 0
-L2:
- mov %ebx,0(%edi) / *c = carry
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- / ebp - 36: caller's esi
- / ebp - 32: caller's edi
- / ebp - 28:
- / ebp - 24:
- / ebp - 20:
- / ebp - 16:
- / ebp - 12:
- / ebp - 8:
- / ebp - 4:
- / ebp + 0: caller's ebp
- / ebp + 4: return address
- / ebp + 8: a argument
- / ebp + 12: a_len argument
- / ebp + 16: b argument
- / ebp + 20: c argument
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
-.globl s_mpv_mul_d_add
-.type s_mpv_mul_d_add,@function
-s_mpv_mul_d_add:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx / carry = 0
- mov 12(%ebp),%ecx / ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je L4 / jmp if a_len == 0
- mov 8(%ebp),%esi / esi = a
- cld
-L3:
- lodsl / eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx / edx = b
- mull %edx / edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax / add carry (%ebx) to edx:eax
- adc $0,%edx
- mov 0(%edi),%ebx / add in current word from *c
- add %ebx,%eax
- adc $0,%edx
- mov %edx,%ebx / high half of product becomes next carry
-
- stosl / [es:edi] = ax; edi += 4;
- dec %ecx / --a_len
- jnz L3 / jmp if a_len != 0
-L4:
- mov %ebx,0(%edi) / *c = carry
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- / ebp - 36: caller's esi
- / ebp - 32: caller's edi
- / ebp - 28:
- / ebp - 24:
- / ebp - 20:
- / ebp - 16:
- / ebp - 12:
- / ebp - 8:
- / ebp - 4:
- / ebp + 0: caller's ebp
- / ebp + 4: return address
- / ebp + 8: a argument
- / ebp + 12: a_len argument
- / ebp + 16: b argument
- / ebp + 20: c argument
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
-.globl s_mpv_mul_d_add_prop
-.type s_mpv_mul_d_add_prop,@function
-s_mpv_mul_d_add_prop:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx / carry = 0
- mov 12(%ebp),%ecx / ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je L6 / jmp if a_len == 0
- cld
- mov 8(%ebp),%esi / esi = a
-L5:
- lodsl / eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx / edx = b
- mull %edx / edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax / add carry (%ebx) to edx:eax
- adc $0,%edx
- mov 0(%edi),%ebx / add in current word from *c
- add %ebx,%eax
- adc $0,%edx
- mov %edx,%ebx / high half of product becomes next carry
-
- stosl / [es:edi] = ax; edi += 4;
- dec %ecx / --a_len
- jnz L5 / jmp if a_len != 0
-L6:
- cmp $0,%ebx / is carry zero?
- jz L8
- mov 0(%edi),%eax / add in current word from *c
- add %ebx,%eax
- stosl / [es:edi] = ax; edi += 4;
- jnc L8
-L7:
- mov 0(%edi),%eax / add in current word from *c
- adc $0,%eax
- stosl / [es:edi] = ax; edi += 4;
- jc L7
-L8:
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- / ebp - 20: caller's esi
- / ebp - 16: caller's edi
- / ebp - 12:
- / ebp - 8: carry
- / ebp - 4: a_len local
- / ebp + 0: caller's ebp
- / ebp + 4: return address
- / ebp + 8: pa argument
- / ebp + 12: a_len argument
- / ebp + 16: ps argument
- / ebp + 20:
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
-
-.globl s_mpv_sqr_add_prop
-.type s_mpv_sqr_add_prop,@function
-s_mpv_sqr_add_prop:
- push %ebp
- mov %esp,%ebp
- sub $12,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx / carry = 0
- mov 12(%ebp),%ecx / a_len
- mov 16(%ebp),%edi / edi = ps
- cmp $0,%ecx
- je L11 / jump if a_len == 0
- cld
- mov 8(%ebp),%esi / esi = pa
-L10:
- lodsl / %eax = [ds:si]; si += 4;
- mull %eax
-
- add %ebx,%eax / add "carry"
- adc $0,%edx
- mov 0(%edi),%ebx
- add %ebx,%eax / add low word from result
- mov 4(%edi),%ebx
- stosl / [es:di] = %eax; di += 4;
- adc %ebx,%edx / add high word from result
- movl $0,%ebx
- mov %edx,%eax
- adc $0,%ebx
- stosl / [es:di] = %eax; di += 4;
- dec %ecx / --a_len
- jnz L10 / jmp if a_len != 0
-L11:
- cmp $0,%ebx / is carry zero?
- jz L14
- mov 0(%edi),%eax / add in current word from *c
- add %ebx,%eax
- stosl / [es:edi] = ax; edi += 4;
- jnc L14
-L12:
- mov 0(%edi),%eax / add in current word from *c
- adc $0,%eax
- stosl / [es:edi] = ax; edi += 4;
- jc L12
-L14:
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- /
- / Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
- / so its high bit is 1. This code is from NSPR.
- /
- / mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
- / mp_digit *qp, mp_digit *rp)
-
- / esp + 0: Caller's ebx
- / esp + 4: return address
- / esp + 8: Nhi argument
- / esp + 12: Nlo argument
- / esp + 16: divisor argument
- / esp + 20: qp argument
- / esp + 24: rp argument
- / registers:
- / eax:
- / ebx: carry
- / ecx: a_len
- / edx:
- / esi: a ptr
- / edi: c ptr
- /
-
-.globl s_mpv_div_2dx1d
-.type s_mpv_div_2dx1d,@function
-s_mpv_div_2dx1d:
- push %ebx
- mov 8(%esp),%edx
- mov 12(%esp),%eax
- mov 16(%esp),%ebx
- div %ebx
- mov 20(%esp),%ebx
- mov %eax,0(%ebx)
- mov 24(%esp),%ebx
- mov %edx,0(%ebx)
- xor %eax,%eax / return zero
- pop %ebx
- ret
- nop
-
diff --git a/security/nss/lib/freebl/mpi/mpi_mips.s b/security/nss/lib/freebl/mpi/mpi_mips.s
deleted file mode 100644
index bb846ee57..000000000
--- a/security/nss/lib/freebl/mpi/mpi_mips.s
+++ /dev/null
@@ -1,502 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-#include <regdef.h>
- .set noreorder
- .set noat
-
- .section .text, 1, 0x00000006, 4, 4
-.text:
- .section .text
-
- .ent s_mpv_mul_d_add
- .globl s_mpv_mul_d_add
-
-s_mpv_mul_d_add:
- #/* c += a * b */
- #void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b,
- # mp_digit *c)
- #{
- # mp_digit a0, a1; regs a4, a5
- # mp_digit c0, c1; regs a6, a7
- # mp_digit cy = 0; reg t2
- # mp_word w0, w1; regs t0, t1
- #
- # if (a_len) {
- beq a1,zero,.L.1
- move t2,zero # cy = 0
- dsll32 a2,a2,0 # "b" is sometimes negative (?!?!)
- dsrl32 a2,a2,0 # This clears the upper 32 bits.
- # a0 = a[0];
- lwu a4,0(a0)
- # w0 = ((mp_word)b * a0);
- dmultu a2,a4
- # if (--a_len) {
- addiu a1,a1,-1
- beq a1,zero,.L.2
- # while (a_len >= 2) {
- sltiu t3,a1,2
- bne t3,zero,.L.3
- # a1 = a[1];
- lwu a5,4(a0)
-.L.4:
- # a_len -= 2;
- addiu a1,a1,-2
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += cy;
- mflo t0
- daddu t0,t0,t2
- # w0 += c0;
- daddu t0,t0,a6
- # w1 = (mp_word)b * a1;
- dmultu a2,a5 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # a0 = a[2];
- lwu a4,8(a0)
- # a += 2;
- addiu a0,a0,8
- # c1 = c[1];
- lwu a7,4(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # w1 += c1;
- daddu t1,t1,a7
- # w0 = (mp_word)b * a0;
- dmultu a2,a4 #
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # c += 2;
- addiu a3,a3,8
- sltiu t3,a1,2
- beq t3,zero,.L.4
- # a1 = a[1];
- lwu a5,4(a0)
- # }
-.L.3:
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += cy;
- # if (a_len) {
- mflo t0
- beq a1,zero,.L.5
- daddu t0,t0,t2
- # w1 = (mp_word)b * a1;
- dmultu a2,a5
- # w0 += c0;
- daddu t0,t0,a6 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # c1 = c[1];
- lwu a7,4(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # w1 += c1;
- daddu t1,t1,a7
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c += 1;
- b .L.6
- addiu a3,a3,4
- # } else {
-.L.5:
- # w0 += c0;
- daddu t0,t0,a6
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- b .L.6
- dsrl32 t2,t0,0
- # }
- # } else {
-.L.2:
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += c0;
- mflo t0
- daddu t0,t0,a6
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # }
-.L.6:
- # c[1] = cy;
- jr ra
- sw t2,4(a3)
- # }
-.L.1:
- jr ra
- nop
- #}
- #
- .end s_mpv_mul_d_add
-
- .ent s_mpv_mul_d_add_prop
- .globl s_mpv_mul_d_add_prop
-
-s_mpv_mul_d_add_prop:
- #/* c += a * b */
- #void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b,
- # mp_digit *c)
- #{
- # mp_digit a0, a1; regs a4, a5
- # mp_digit c0, c1; regs a6, a7
- # mp_digit cy = 0; reg t2
- # mp_word w0, w1; regs t0, t1
- #
- # if (a_len) {
- beq a1,zero,.M.1
- move t2,zero # cy = 0
- dsll32 a2,a2,0 # "b" is sometimes negative (?!?!)
- dsrl32 a2,a2,0 # This clears the upper 32 bits.
- # a0 = a[0];
- lwu a4,0(a0)
- # w0 = ((mp_word)b * a0);
- dmultu a2,a4
- # if (--a_len) {
- addiu a1,a1,-1
- beq a1,zero,.M.2
- # while (a_len >= 2) {
- sltiu t3,a1,2
- bne t3,zero,.M.3
- # a1 = a[1];
- lwu a5,4(a0)
-.M.4:
- # a_len -= 2;
- addiu a1,a1,-2
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += cy;
- mflo t0
- daddu t0,t0,t2
- # w0 += c0;
- daddu t0,t0,a6
- # w1 = (mp_word)b * a1;
- dmultu a2,a5 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # a0 = a[2];
- lwu a4,8(a0)
- # a += 2;
- addiu a0,a0,8
- # c1 = c[1];
- lwu a7,4(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # w1 += c1;
- daddu t1,t1,a7
- # w0 = (mp_word)b * a0;
- dmultu a2,a4 #
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # c += 2;
- addiu a3,a3,8
- sltiu t3,a1,2
- beq t3,zero,.M.4
- # a1 = a[1];
- lwu a5,4(a0)
- # }
-.M.3:
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += cy;
- # if (a_len) {
- mflo t0
- beq a1,zero,.M.5
- daddu t0,t0,t2
- # w1 = (mp_word)b * a1;
- dmultu a2,a5
- # w0 += c0;
- daddu t0,t0,a6 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # c1 = c[1];
- lwu a7,4(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # w1 += c1;
- daddu t1,t1,a7
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c += 1;
- b .M.6
- addiu a3,a3,8
- # } else {
-.M.5:
- # w0 += c0;
- daddu t0,t0,a6
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- b .M.6
- addiu a3,a3,4
- # }
- # } else {
-.M.2:
- # c0 = c[0];
- lwu a6,0(a3)
- # w0 += c0;
- mflo t0
- daddu t0,t0,a6
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- addiu a3,a3,4
- # }
-.M.6:
-
- # while (cy) {
- beq t2,zero,.M.1
- nop
-.M.7:
- # mp_word w = (mp_word)*c + cy;
- lwu a6,0(a3)
- daddu t2,t2,a6
- # *c++ = ACCUM(w);
- sw t2,0(a3)
- # cy = CARRYOUT(w);
- dsrl32 t2,t2,0
- bne t2,zero,.M.7
- addiu a3,a3,4
-
- # }
-.M.1:
- jr ra
- nop
- #}
- #
- .end s_mpv_mul_d_add_prop
-
- .ent s_mpv_mul_d
- .globl s_mpv_mul_d
-
-s_mpv_mul_d:
- #/* c = a * b */
- #void s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b,
- # mp_digit *c)
- #{
- # mp_digit a0, a1; regs a4, a5
- # mp_digit cy = 0; reg t2
- # mp_word w0, w1; regs t0, t1
- #
- # if (a_len) {
- beq a1,zero,.N.1
- move t2,zero # cy = 0
- dsll32 a2,a2,0 # "b" is sometimes negative (?!?!)
- dsrl32 a2,a2,0 # This clears the upper 32 bits.
- # a0 = a[0];
- lwu a4,0(a0)
- # w0 = ((mp_word)b * a0);
- dmultu a2,a4
- # if (--a_len) {
- addiu a1,a1,-1
- beq a1,zero,.N.2
- # while (a_len >= 2) {
- sltiu t3,a1,2
- bne t3,zero,.N.3
- # a1 = a[1];
- lwu a5,4(a0)
-.N.4:
- # a_len -= 2;
- addiu a1,a1,-2
- # w0 += cy;
- mflo t0
- daddu t0,t0,t2
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # w1 = (mp_word)b * a1;
- dmultu a2,a5
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # a0 = a[2];
- lwu a4,8(a0)
- # a += 2;
- addiu a0,a0,8
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # w0 = (mp_word)b * a0;
- dmultu a2,a4
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # c += 2;
- addiu a3,a3,8
- sltiu t3,a1,2
- beq t3,zero,.N.4
- # a1 = a[1];
- lwu a5,4(a0)
- # }
-.N.3:
- # w0 += cy;
- # if (a_len) {
- mflo t0
- beq a1,zero,.N.5
- daddu t0,t0,t2
- # w1 = (mp_word)b * a1;
- dmultu a2,a5 #
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # w1 += cy;
- mflo t1
- daddu t1,t1,t2
- # c[1] = ACCUM(w1);
- sw t1,4(a3)
- # cy = CARRYOUT(w1);
- dsrl32 t2,t1,0
- # c += 1;
- b .N.6
- addiu a3,a3,4
- # } else {
-.N.5:
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- b .N.6
- dsrl32 t2,t0,0
- # }
- # } else {
-.N.2:
- mflo t0
- # c[0] = ACCUM(w0);
- sw t0,0(a3)
- # cy = CARRYOUT(w0);
- dsrl32 t2,t0,0
- # }
-.N.6:
- # c[1] = cy;
- jr ra
- sw t2,4(a3)
- # }
-.N.1:
- jr ra
- nop
- #}
- #
- .end s_mpv_mul_d
-
-
- .ent s_mpv_sqr_add_prop
- .globl s_mpv_sqr_add_prop
- #void s_mpv_sqr_add_prop(const mp_digit *a, mp_size a_len, mp_digit *sqrs);
- # registers
- # a0 *a
- # a1 a_len
- # a2 *sqr
- # a3 digit from *a, a_i
- # a4 square of digit from a
- # a5,a6 next 2 digits in sqr
- # a7,t0 carry
-s_mpv_sqr_add_prop:
- move a7,zero
- move t0,zero
- lwu a3,0(a0)
- addiu a1,a1,-1 # --a_len
- dmultu a3,a3
- beq a1,zero,.P.3 # jump if we've already done the only sqr
- addiu a0,a0,4 # ++a
-.P.2:
- lwu a5,0(a2)
- lwu a6,4(a2)
- addiu a2,a2,8 # sqrs += 2;
- dsll32 a6,a6,0
- daddu a5,a5,a6
- lwu a3,0(a0)
- addiu a0,a0,4 # ++a
- mflo a4
- daddu a6,a5,a4
- sltu a7,a6,a5 # a7 = a6 < a5 detect overflow
- dmultu a3,a3
- daddu a4,a6,t0
- sltu t0,a4,a6
- add t0,t0,a7
- sw a4,-8(a2)
- addiu a1,a1,-1 # --a_len
- dsrl32 a4,a4,0
- bne a1,zero,.P.2 # loop if a_len > 0
- sw a4,-4(a2)
-.P.3:
- lwu a5,0(a2)
- lwu a6,4(a2)
- addiu a2,a2,8 # sqrs += 2;
- dsll32 a6,a6,0
- daddu a5,a5,a6
- mflo a4
- daddu a6,a5,a4
- sltu a7,a6,a5 # a7 = a6 < a5 detect overflow
- daddu a4,a6,t0
- sltu t0,a4,a6
- add t0,t0,a7
- sw a4,-8(a2)
- beq t0,zero,.P.9 # jump if no carry
- dsrl32 a4,a4,0
-.P.8:
- sw a4,-4(a2)
- /* propagate final carry */
- lwu a5,0(a2)
- daddu a6,a5,t0
- sltu t0,a6,a5
- bne t0,zero,.P.8 # loop if carry persists
- addiu a2,a2,4 # sqrs++
-.P.9:
- jr ra
- sw a4,-4(a2)
-
- .end s_mpv_sqr_add_prop
diff --git a/security/nss/lib/freebl/mpi/mpi_sparc.c b/security/nss/lib/freebl/mpi/mpi_sparc.c
deleted file mode 100644
index a7bf863fd..000000000
--- a/security/nss/lib/freebl/mpi/mpi_sparc.c
+++ /dev/null
@@ -1,358 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-/* Multiplication performance enhancements for sparc v8+vis CPUs. */
-
-#include "mpi-priv.h"
-#include <stddef.h>
-#include <sys/systeminfo.h>
-#include <strings.h>
-
-/* In the functions below, */
-/* vector y must be 8-byte aligned, and n must be even */
-/* returns carry out of high order word of result */
-/* maximum n is 256 */
-
-/* vector x += vector y * scaler a; where y is of length n words. */
-extern mp_digit mul_add_inp(mp_digit *x, const mp_digit *y, int n, mp_digit a);
-
-/* vector z = vector x + vector y * scaler a; where y is of length n words. */
-extern mp_digit mul_add(mp_digit *z, const mp_digit *x, const mp_digit *y,
- int n, mp_digit a);
-
-/* v8 versions of these functions run on any Sparc v8 CPU. */
-
-/* This trick works on Sparc V8 CPUs with the Workshop compilers. */
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { unsigned long long product = (unsigned long long)a * b; \
- Plo = (mp_digit)product; \
- Phi = (mp_digit)(product >> MP_DIGIT_BIT); }
-
-/* c = a * b */
-static void
-v8_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
- *c = d;
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
- *c = carry;
-#endif
-}
-
-/* c += a * b */
-static void
-v8_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + *c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
- *c = d;
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- a0b0 += a_i = *c;
- if (a0b0 < a_i)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
- *c = carry;
-#endif
-}
-
-/* Presently, this is only used by the Montgomery arithmetic code. */
-/* c += a * b */
-static void
-v8_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
-#if !defined(MP_NO_MP_WORD)
- mp_digit d = 0;
-
- /* Inner product: Digits of a */
- while (a_len--) {
- mp_word w = ((mp_word)b * *a++) + *c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
-
- while (d) {
- mp_word w = (mp_word)*c + d;
- *c++ = ACCUM(w);
- d = CARRYOUT(w);
- }
-#else
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
-
- a0b0 += a_i = *c;
- if (a0b0 < a_i)
- ++a1b1;
-
- *c++ = a0b0;
- carry = a1b1;
- }
- while (carry) {
- mp_digit c_i = *c;
- carry += c_i;
- *c++ = carry;
- carry = carry < c_i;
- }
-#endif
-}
-
-/* vis versions of these functions run only on v8+vis or v9+vis CPUs. */
-
-/* c = a * b */
-static void
-vis_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- mp_digit d;
- mp_digit x[258];
- if (a_len <= 256) {
- if (a == c || ((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
- mp_digit * px;
- px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
- memcpy(px, a, a_len * sizeof(*a));
- a = px;
- if (a_len & 1) {
- px[a_len] = 0;
- }
- }
- s_mp_setz(c, a_len + 1);
- d = mul_add_inp(c, a, a_len, b);
- c[a_len] = d;
- } else {
- v8_mpv_mul_d(a, a_len, b, c);
- }
-}
-
-/* c += a * b, where a is a_len words long. */
-static void
-vis_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- mp_digit d;
- mp_digit x[258];
- if (a_len <= 256) {
- if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
- mp_digit * px;
- px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
- memcpy(px, a, a_len * sizeof(*a));
- a = px;
- if (a_len & 1) {
- px[a_len] = 0;
- }
- }
- d = mul_add_inp(c, a, a_len, b);
- c[a_len] = d;
- } else {
- v8_mpv_mul_d_add(a, a_len, b, c);
- }
-}
-
-/* c += a * b, where a is y words long. */
-static void
-vis_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b,
- mp_digit *c)
-{
- mp_digit d;
- mp_digit x[258];
- if (a_len <= 256) {
- if (((ptrdiff_t)a & 0x7) != 0 || (a_len & 1) != 0) {
- mp_digit * px;
- px = (((ptrdiff_t)x & 0x7) != 0) ? x + 1 : x;
- memcpy(px, a, a_len * sizeof(*a));
- a = px;
- if (a_len & 1) {
- px[a_len] = 0;
- }
- }
- d = mul_add_inp(c, a, a_len, b);
- if (d) {
- c += a_len;
- do {
- mp_digit sum = d + *c;
- *c++ = sum;
- d = sum < d;
- } while (d);
- }
- } else {
- v8_mpv_mul_d_add_prop(a, a_len, b, c);
- }
-}
-
-#if defined(SOLARIS2_5)
-static int
-isSparcV8PlusVis(void)
-{
- long buflen;
- int rv = 0; /* false */
- char buf[256];
- buflen = sysinfo(SI_MACHINE, buf, sizeof buf);
- if (buflen > 0) {
- rv = (!strcmp(buf, "sun4u") || !strcmp(buf, "sun4u1"));
- }
- return rv;
-}
-#else /* SunOS2.6or higher has SI_ISALIST */
-
-static int
-isSparcV8PlusVis(void)
-{
- long buflen;
- int rv = 0; /* false */
- char buf[256];
- buflen = sysinfo(SI_ISALIST, buf, sizeof buf);
- if (buflen > 0) {
-#if defined(MP_USE_LONG_DIGIT)
- char * found = strstr(buf, "sparcv9+vis");
-#else
- char * found = strstr(buf, "sparcv8plus+vis");
-#endif
- rv = (found != 0);
- }
- return rv;
-}
-#endif
-
-typedef void MPVmpy(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c);
-
-/* forward static function declarations */
-static MPVmpy sp_mpv_mul_d;
-static MPVmpy sp_mpv_mul_d_add;
-static MPVmpy sp_mpv_mul_d_add_prop;
-
-static MPVmpy *p_mpv_mul_d = &sp_mpv_mul_d;
-static MPVmpy *p_mpv_mul_d_add = &sp_mpv_mul_d_add;
-static MPVmpy *p_mpv_mul_d_add_prop = &sp_mpv_mul_d_add_prop;
-
-static void
-initPtrs(void)
-{
- if (isSparcV8PlusVis()) {
- p_mpv_mul_d = &vis_mpv_mul_d;
- p_mpv_mul_d_add = &vis_mpv_mul_d_add;
- p_mpv_mul_d_add_prop = &vis_mpv_mul_d_add_prop;
- } else {
- p_mpv_mul_d = &v8_mpv_mul_d;
- p_mpv_mul_d_add = &v8_mpv_mul_d_add;
- p_mpv_mul_d_add_prop = &v8_mpv_mul_d_add_prop;
- }
-}
-
-static void
-sp_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- initPtrs();
- (* p_mpv_mul_d)(a, a_len, b, c);
-}
-
-static void
-sp_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- initPtrs();
- (* p_mpv_mul_d_add)(a, a_len, b, c);
-}
-
-static void
-sp_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- initPtrs();
- (* p_mpv_mul_d_add_prop)(a, a_len, b, c);
-}
-
-
-/* This is the external interface */
-
-void
-s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- (* p_mpv_mul_d)(a, a_len, b, c);
-}
-
-void
-s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- (* p_mpv_mul_d_add)(a, a_len, b, c);
-}
-
-void
-s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c)
-{
- (* p_mpv_mul_d_add_prop)(a, a_len, b, c);
-}
-
-
diff --git a/security/nss/lib/freebl/mpi/mpi_x86.asm b/security/nss/lib/freebl/mpi/mpi_x86.asm
deleted file mode 100644
index ed2fc5e58..000000000
--- a/security/nss/lib/freebl/mpi/mpi_x86.asm
+++ /dev/null
@@ -1,351 +0,0 @@
-;
-; mpi_x86.asm - assembly language implementation of s_mpv_ functions.
-;
-; The contents of this file are subject to the Mozilla Public
-; License Version 1.1 (the "License"); you may not use this file
-; except in compliance with the License. You may obtain a copy of
-; the License at http://www.mozilla.org/MPL/
-;
-; Software distributed under the License is distributed on an "AS
-; IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-; implied. See the License for the specific language governing
-; rights and limitations under the License.
-;
-; The Original Code is the Netscape security libraries.
-;
-; The Initial Developer of the Original Code is Netscape
-; Communications Corporation. Portions created by Netscape are
-; Copyright (C) 2000 Netscape Communications Corporation. All
-; Rights Reserved.
-;
-; Contributor(s):
-;
-; Alternatively, the contents of this file may be used under the
-; terms of the GNU General Public License Version 2 or later (the
-; "GPL"), in which case the provisions of the GPL are applicable
-; instead of those above. If you wish to allow use of your
-; version of this file only under the terms of the GPL and not to
-; allow others to use your version of this file under the MPL,
-; indicate your decision by deleting the provisions above and
-; replace them with the notice and other provisions required by
-; the GPL. If you do not delete the provisions above, a recipient
-; may use your version of this file under either the MPL or the
-; GPL.
-; $Id$
-;
-
- .386p
- .MODEL FLAT
- ASSUME CS: FLAT, DS: FLAT, SS: FLAT
-_TEXT SEGMENT
-
-; ebp - 36: caller's esi
-; ebp - 32: caller's edi
-; ebp - 28:
-; ebp - 24:
-; ebp - 20:
-; ebp - 16:
-; ebp - 12:
-; ebp - 8:
-; ebp - 4:
-; ebp + 0: caller's ebp
-; ebp + 4: return address
-; ebp + 8: a argument
-; ebp + 12: a_len argument
-; ebp + 16: b argument
-; ebp + 20: c argument
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-
-public _s_mpv_mul_d
-_s_mpv_mul_d PROC NEAR
- push ebp
- mov ebp,esp
- sub esp,28
- push edi
- push esi
- push ebx
- mov ebx,0 ; carry = 0
- mov ecx,[ebp+12] ; ecx = a_len
- mov edi,[ebp+20]
- cmp ecx,0
- je L_2 ; jmp if a_len == 0
- mov esi,[ebp+8] ; esi = a
- cld
-L_1:
- lodsd ; eax = [ds:esi]; esi += 4
- mov edx,[ebp+16] ; edx = b
- mul edx ; edx:eax = Phi:Plo = a_i * b
-
- add eax,ebx ; add carry (ebx) to edx:eax
- adc edx,0
- mov ebx,edx ; high half of product becomes next carry
-
- stosd ; [es:edi] = ax; edi += 4;
- dec ecx ; --a_len
- jnz L_1 ; jmp if a_len != 0
-L_2:
- mov [edi],ebx ; *c = carry
- pop ebx
- pop esi
- pop edi
- leave
- ret
- nop
-_s_mpv_mul_d ENDP
-
-; ebp - 36: caller's esi
-; ebp - 32: caller's edi
-; ebp - 28:
-; ebp - 24:
-; ebp - 20:
-; ebp - 16:
-; ebp - 12:
-; ebp - 8:
-; ebp - 4:
-; ebp + 0: caller's ebp
-; ebp + 4: return address
-; ebp + 8: a argument
-; ebp + 12: a_len argument
-; ebp + 16: b argument
-; ebp + 20: c argument
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-public _s_mpv_mul_d_add
-_s_mpv_mul_d_add PROC NEAR
- push ebp
- mov ebp,esp
- sub esp,28
- push edi
- push esi
- push ebx
- mov ebx,0 ; carry = 0
- mov ecx,[ebp+12] ; ecx = a_len
- mov edi,[ebp+20]
- cmp ecx,0
- je L_4 ; jmp if a_len == 0
- mov esi,[ebp+8] ; esi = a
- cld
-L_3:
- lodsd ; eax = [ds:esi]; esi += 4
- mov edx,[ebp+16] ; edx = b
- mul edx ; edx:eax = Phi:Plo = a_i * b
-
- add eax,ebx ; add carry (ebx) to edx:eax
- adc edx,0
- mov ebx,[edi] ; add in current word from *c
- add eax,ebx
- adc edx,0
- mov ebx,edx ; high half of product becomes next carry
-
- stosd ; [es:edi] = ax; edi += 4;
- dec ecx ; --a_len
- jnz L_3 ; jmp if a_len != 0
-L_4:
- mov [edi],ebx ; *c = carry
- pop ebx
- pop esi
- pop edi
- leave
- ret
- nop
-_s_mpv_mul_d_add ENDP
-
-; ebp - 36: caller's esi
-; ebp - 32: caller's edi
-; ebp - 28:
-; ebp - 24:
-; ebp - 20:
-; ebp - 16:
-; ebp - 12:
-; ebp - 8:
-; ebp - 4:
-; ebp + 0: caller's ebp
-; ebp + 4: return address
-; ebp + 8: a argument
-; ebp + 12: a_len argument
-; ebp + 16: b argument
-; ebp + 20: c argument
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-public _s_mpv_mul_d_add_prop
-_s_mpv_mul_d_add_prop PROC NEAR
- push ebp
- mov ebp,esp
- sub esp,28
- push edi
- push esi
- push ebx
- mov ebx,0 ; carry = 0
- mov ecx,[ebp+12] ; ecx = a_len
- mov edi,[ebp+20]
- cmp ecx,0
- je L_6 ; jmp if a_len == 0
- cld
- mov esi,[ebp+8] ; esi = a
-L_5:
- lodsd ; eax = [ds:esi]; esi += 4
- mov edx,[ebp+16] ; edx = b
- mul edx ; edx:eax = Phi:Plo = a_i * b
-
- add eax,ebx ; add carry (ebx) to edx:eax
- adc edx,0
- mov ebx,[edi] ; add in current word from *c
- add eax,ebx
- adc edx,0
- mov ebx,edx ; high half of product becomes next carry
-
- stosd ; [es:edi] = ax; edi += 4;
- dec ecx ; --a_len
- jnz L_5 ; jmp if a_len != 0
-L_6:
- cmp ebx,0 ; is carry zero?
- jz L_8
- mov eax,[edi] ; add in current word from *c
- add eax,ebx
- stosd ; [es:edi] = ax; edi += 4;
- jnc L_8
-L_7:
- mov eax,[edi] ; add in current word from *c
- adc eax,0
- stosd ; [es:edi] = ax; edi += 4;
- jc L_7
-L_8:
- pop ebx
- pop esi
- pop edi
- leave
- ret
- nop
-_s_mpv_mul_d_add_prop ENDP
-
-; ebp - 20: caller's esi
-; ebp - 16: caller's edi
-; ebp - 12:
-; ebp - 8: carry
-; ebp - 4: a_len local
-; ebp + 0: caller's ebp
-; ebp + 4: return address
-; ebp + 8: pa argument
-; ebp + 12: a_len argument
-; ebp + 16: ps argument
-; ebp + 20:
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-
-public _s_mpv_sqr_add_prop
-_s_mpv_sqr_add_prop PROC NEAR
- push ebp
- mov ebp,esp
- sub esp,12
- push edi
- push esi
- push ebx
- mov ebx,0 ; carry = 0
- mov ecx,[ebp+12] ; a_len
- mov edi,[ebp+16] ; edi = ps
- cmp ecx,0
- je L_11 ; jump if a_len == 0
- cld
- mov esi,[ebp+8] ; esi = pa
-L_10:
- lodsd ; eax = [ds:si]; si += 4;
- mul eax
-
- add eax,ebx ; add "carry"
- adc edx,0
- mov ebx,[edi]
- add eax,ebx ; add low word from result
- mov ebx,[edi+4]
- stosd ; [es:di] = eax; di += 4;
- adc edx,ebx ; add high word from result
- mov ebx,0
- mov eax,edx
- adc ebx,0
- stosd ; [es:di] = eax; di += 4;
- dec ecx ; --a_len
- jnz L_10 ; jmp if a_len != 0
-L_11:
- cmp ebx,0 ; is carry zero?
- jz L_14
- mov eax,[edi] ; add in current word from *c
- add eax,ebx
- stosd ; [es:edi] = ax; edi += 4;
- jnc L_14
-L_12:
- mov eax,[edi] ; add in current word from *c
- adc eax,0
- stosd ; [es:edi] = ax; edi += 4;
- jc L_12
-L_14:
- pop ebx
- pop esi
- pop edi
- leave
- ret
- nop
-_s_mpv_sqr_add_prop ENDP
-
-;
-; Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
-; so its high bit is 1. This code is from NSPR.
-;
-; mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
-; mp_digit *qp, mp_digit *rp)
-
-; Dump of assembler code for function s_mpv_div_2dx1d:
-;
-; esp + 0: Caller's ebx
-; esp + 4: return address
-; esp + 8: Nhi argument
-; esp + 12: Nlo argument
-; esp + 16: divisor argument
-; esp + 20: qp argument
-; esp + 24: rp argument
-; registers:
-; eax:
-; ebx: carry
-; ecx: a_len
-; edx:
-; esi: a ptr
-; edi: c ptr
-;
-public _s_mpv_div_2dx1d
-_s_mpv_div_2dx1d PROC NEAR
- push ebx
- mov edx,[esp+8]
- mov eax,[esp+12]
- mov ebx,[esp+16]
- div ebx
- mov ebx,[esp+20]
- mov [ebx],eax
- mov ebx,[esp+24]
- mov [ebx],edx
- xor eax,eax ; return zero
- pop ebx
- ret
- nop
-_s_mpv_div_2dx1d ENDP
-
-_TEXT ENDS
-END
diff --git a/security/nss/lib/freebl/mpi/mpi_x86.s b/security/nss/lib/freebl/mpi/mpi_x86.s
deleted file mode 100644
index 427b7e61e..000000000
--- a/security/nss/lib/freebl/mpi/mpi_x86.s
+++ /dev/null
@@ -1,342 +0,0 @@
- #
- # The contents of this file are subject to the Mozilla Public
- # License Version 1.1 (the "License"); you may not use this file
- # except in compliance with the License. You may obtain a copy of
- # the License at http://www.mozilla.org/MPL/
- #
- # Software distributed under the License is distributed on an "AS
- # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- # implied. See the License for the specific language governing
- # rights and limitations under the License.
- #
- # The Original Code is the Netscape security libraries.
- #
- # The Initial Developer of the Original Code is Netscape
- # Communications Corporation. Portions created by Netscape are
- # Copyright (C) 2000 Netscape Communications Corporation. All
- # Rights Reserved.
- #
- # Contributor(s):
- #
- # Alternatively, the contents of this file may be used under the
- # terms of the GNU General Public License Version 2 or later (the
- # "GPL"), in which case the provisions of the GPL are applicable
- # instead of those above. If you wish to allow use of your
- # version of this file only under the terms of the GPL and not to
- # allow others to use your version of this file under the MPL,
- # indicate your decision by deleting the provisions above and
- # replace them with the notice and other provisions required by
- # the GPL. If you do not delete the provisions above, a recipient
- # may use your version of this file under either the MPL or the
- # GPL.
- # $Id$
- #
-
-.text
-
- # ebp - 36: caller's esi
- # ebp - 32: caller's edi
- # ebp - 28:
- # ebp - 24:
- # ebp - 20:
- # ebp - 16:
- # ebp - 12:
- # ebp - 8:
- # ebp - 4:
- # ebp + 0: caller's ebp
- # ebp + 4: return address
- # ebp + 8: a argument
- # ebp + 12: a_len argument
- # ebp + 16: b argument
- # ebp + 20: c argument
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
-.globl s_mpv_mul_d
-.type s_mpv_mul_d,@function
-s_mpv_mul_d:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx # carry = 0
- mov 12(%ebp),%ecx # ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je 2f # jmp if a_len == 0
- mov 8(%ebp),%esi # esi = a
- cld
-1:
- lodsl # eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx # edx = b
- mull %edx # edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax # add carry (%ebx) to edx:eax
- adc $0,%edx
- mov %edx,%ebx # high half of product becomes next carry
-
- stosl # [es:edi] = ax; edi += 4;
- dec %ecx # --a_len
- jnz 1b # jmp if a_len != 0
-2:
- mov %ebx,0(%edi) # *c = carry
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- # ebp - 36: caller's esi
- # ebp - 32: caller's edi
- # ebp - 28:
- # ebp - 24:
- # ebp - 20:
- # ebp - 16:
- # ebp - 12:
- # ebp - 8:
- # ebp - 4:
- # ebp + 0: caller's ebp
- # ebp + 4: return address
- # ebp + 8: a argument
- # ebp + 12: a_len argument
- # ebp + 16: b argument
- # ebp + 20: c argument
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
-.globl s_mpv_mul_d_add
-.type s_mpv_mul_d_add,@function
-s_mpv_mul_d_add:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx # carry = 0
- mov 12(%ebp),%ecx # ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je 4f # jmp if a_len == 0
- mov 8(%ebp),%esi # esi = a
- cld
-3:
- lodsl # eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx # edx = b
- mull %edx # edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax # add carry (%ebx) to edx:eax
- adc $0,%edx
- mov 0(%edi),%ebx # add in current word from *c
- add %ebx,%eax
- adc $0,%edx
- mov %edx,%ebx # high half of product becomes next carry
-
- stosl # [es:edi] = ax; edi += 4;
- dec %ecx # --a_len
- jnz 3b # jmp if a_len != 0
-4:
- mov %ebx,0(%edi) # *c = carry
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- # ebp - 36: caller's esi
- # ebp - 32: caller's edi
- # ebp - 28:
- # ebp - 24:
- # ebp - 20:
- # ebp - 16:
- # ebp - 12:
- # ebp - 8:
- # ebp - 4:
- # ebp + 0: caller's ebp
- # ebp + 4: return address
- # ebp + 8: a argument
- # ebp + 12: a_len argument
- # ebp + 16: b argument
- # ebp + 20: c argument
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
-.globl s_mpv_mul_d_add_prop
-.type s_mpv_mul_d_add_prop,@function
-s_mpv_mul_d_add_prop:
- push %ebp
- mov %esp,%ebp
- sub $28,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx # carry = 0
- mov 12(%ebp),%ecx # ecx = a_len
- mov 20(%ebp),%edi
- cmp $0,%ecx
- je 6f # jmp if a_len == 0
- cld
- mov 8(%ebp),%esi # esi = a
-5:
- lodsl # eax = [ds:esi]; esi += 4
- mov 16(%ebp),%edx # edx = b
- mull %edx # edx:eax = Phi:Plo = a_i * b
-
- add %ebx,%eax # add carry (%ebx) to edx:eax
- adc $0,%edx
- mov 0(%edi),%ebx # add in current word from *c
- add %ebx,%eax
- adc $0,%edx
- mov %edx,%ebx # high half of product becomes next carry
-
- stosl # [es:edi] = ax; edi += 4;
- dec %ecx # --a_len
- jnz 5b # jmp if a_len != 0
-6:
- cmp $0,%ebx # is carry zero?
- jz 8f
- mov 0(%edi),%eax # add in current word from *c
- add %ebx,%eax
- stosl # [es:edi] = ax; edi += 4;
- jnc 8f
-7:
- mov 0(%edi),%eax # add in current word from *c
- adc $0,%eax
- stosl # [es:edi] = ax; edi += 4;
- jc 7b
-8:
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- # ebp - 20: caller's esi
- # ebp - 16: caller's edi
- # ebp - 12:
- # ebp - 8: carry
- # ebp - 4: a_len local
- # ebp + 0: caller's ebp
- # ebp + 4: return address
- # ebp + 8: pa argument
- # ebp + 12: a_len argument
- # ebp + 16: ps argument
- # ebp + 20:
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
-
-.globl s_mpv_sqr_add_prop
-.type s_mpv_sqr_add_prop,@function
-s_mpv_sqr_add_prop:
- push %ebp
- mov %esp,%ebp
- sub $12,%esp
- push %edi
- push %esi
- push %ebx
- movl $0,%ebx # carry = 0
- mov 12(%ebp),%ecx # a_len
- mov 16(%ebp),%edi # edi = ps
- cmp $0,%ecx
- je 11f # jump if a_len == 0
- cld
- mov 8(%ebp),%esi # esi = pa
-10:
- lodsl # %eax = [ds:si]; si += 4;
- mull %eax
-
- add %ebx,%eax # add "carry"
- adc $0,%edx
- mov 0(%edi),%ebx
- add %ebx,%eax # add low word from result
- mov 4(%edi),%ebx
- stosl # [es:di] = %eax; di += 4;
- adc %ebx,%edx # add high word from result
- movl $0,%ebx
- mov %edx,%eax
- adc $0,%ebx
- stosl # [es:di] = %eax; di += 4;
- dec %ecx # --a_len
- jnz 10b # jmp if a_len != 0
-11:
- cmp $0,%ebx # is carry zero?
- jz 14f
- mov 0(%edi),%eax # add in current word from *c
- add %ebx,%eax
- stosl # [es:edi] = ax; edi += 4;
- jnc 14f
-12:
- mov 0(%edi),%eax # add in current word from *c
- adc $0,%eax
- stosl # [es:edi] = ax; edi += 4;
- jc 12b
-14:
- pop %ebx
- pop %esi
- pop %edi
- leave
- ret
- nop
-
- #
- # Divide 64-bit (Nhi,Nlo) by 32-bit divisor, which must be normalized
- # so its high bit is 1. This code is from NSPR.
- #
- # mp_err s_mpv_div_2dx1d(mp_digit Nhi, mp_digit Nlo, mp_digit divisor,
- # mp_digit *qp, mp_digit *rp)
-
- # esp + 0: Caller's ebx
- # esp + 4: return address
- # esp + 8: Nhi argument
- # esp + 12: Nlo argument
- # esp + 16: divisor argument
- # esp + 20: qp argument
- # esp + 24: rp argument
- # registers:
- # eax:
- # ebx: carry
- # ecx: a_len
- # edx:
- # esi: a ptr
- # edi: c ptr
- #
-
-.globl s_mpv_div_2dx1d
-.type s_mpv_div_2dx1d,@function
-s_mpv_div_2dx1d:
- push %ebx
- mov 8(%esp),%edx
- mov 12(%esp),%eax
- mov 16(%esp),%ebx
- div %ebx
- mov 20(%esp),%ebx
- mov %eax,0(%ebx)
- mov 24(%esp),%ebx
- mov %edx,0(%ebx)
- xor %eax,%eax # return zero
- pop %ebx
- ret
- nop
-
diff --git a/security/nss/lib/freebl/mpi/mplogic.c b/security/nss/lib/freebl/mpi/mplogic.c
deleted file mode 100644
index e1b6e5048..000000000
--- a/security/nss/lib/freebl/mpi/mplogic.c
+++ /dev/null
@@ -1,459 +0,0 @@
-/*
- * mplogic.c
- *
- * Bitwise logical operations on MPI values
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include "mpi-priv.h"
-#include "mplogic.h"
-
-/* {{{ Lookup table for population count */
-
-static unsigned char bitc[] = {
- 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4,
- 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
- 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
- 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
- 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
- 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
- 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
- 4, 5, 5, 6, 5, 6, 6, 7, 5, 6, 6, 7, 6, 7, 7, 8
-};
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
- mpl_not(a, b) - compute b = ~a
- mpl_and(a, b, c) - compute c = a & b
- mpl_or(a, b, c) - compute c = a | b
- mpl_xor(a, b, c) - compute c = a ^ b
- */
-
-/* {{{ mpl_not(a, b) */
-
-mp_err mpl_not(mp_int *a, mp_int *b)
-{
- mp_err res;
- int ix;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- /* This relies on the fact that the digit type is unsigned */
- for(ix = 0; ix < USED(b); ix++)
- DIGIT(b, ix) = ~DIGIT(b, ix);
-
- s_mp_clamp(b);
-
- return MP_OKAY;
-
-} /* end mpl_not() */
-
-/* }}} */
-
-/* {{{ mpl_and(a, b, c) */
-
-mp_err mpl_and(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int *which, *other;
- mp_err res;
- int ix;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(USED(a) <= USED(b)) {
- which = a;
- other = b;
- } else {
- which = b;
- other = a;
- }
-
- if((res = mp_copy(which, c)) != MP_OKAY)
- return res;
-
- for(ix = 0; ix < USED(which); ix++)
- DIGIT(c, ix) &= DIGIT(other, ix);
-
- s_mp_clamp(c);
-
- return MP_OKAY;
-
-} /* end mpl_and() */
-
-/* }}} */
-
-/* {{{ mpl_or(a, b, c) */
-
-mp_err mpl_or(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int *which, *other;
- mp_err res;
- int ix;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(USED(a) >= USED(b)) {
- which = a;
- other = b;
- } else {
- which = b;
- other = a;
- }
-
- if((res = mp_copy(which, c)) != MP_OKAY)
- return res;
-
- for(ix = 0; ix < USED(which); ix++)
- DIGIT(c, ix) |= DIGIT(other, ix);
-
- return MP_OKAY;
-
-} /* end mpl_or() */
-
-/* }}} */
-
-/* {{{ mpl_xor(a, b, c) */
-
-mp_err mpl_xor(mp_int *a, mp_int *b, mp_int *c)
-{
- mp_int *which, *other;
- mp_err res;
- int ix;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if(USED(a) >= USED(b)) {
- which = a;
- other = b;
- } else {
- which = b;
- other = a;
- }
-
- if((res = mp_copy(which, c)) != MP_OKAY)
- return res;
-
- for(ix = 0; ix < USED(which); ix++)
- DIGIT(c, ix) ^= DIGIT(other, ix);
-
- s_mp_clamp(c);
-
- return MP_OKAY;
-
-} /* end mpl_xor() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
- mpl_rsh(a, b, d) - b = a >> d
- mpl_lsh(a, b, d) - b = a << d
- */
-
-/* {{{ mpl_rsh(a, b, d) */
-
-mp_err mpl_rsh(const mp_int *a, mp_int *b, mp_digit d)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- s_mp_div_2d(b, d);
-
- return MP_OKAY;
-
-} /* end mpl_rsh() */
-
-/* }}} */
-
-/* {{{ mpl_lsh(a, b, d) */
-
-mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d)
-{
- mp_err res;
-
- ARGCHK(a != NULL && b != NULL, MP_BADARG);
-
- if((res = mp_copy(a, b)) != MP_OKAY)
- return res;
-
- return s_mp_mul_2d(b, d);
-
-} /* end mpl_lsh() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
- mpl_num_set(a, num)
-
- Count the number of set bits in the binary representation of a.
- Returns MP_OKAY and sets 'num' to be the number of such bits, if
- possible. If num is NULL, the result is thrown away, but it is
- not considered an error.
-
- mpl_num_clear() does basically the same thing for clear bits.
- */
-
-/* {{{ mpl_num_set(a, num) */
-
-mp_err mpl_num_set(mp_int *a, int *num)
-{
- int ix, db, nset = 0;
- mp_digit cur;
- unsigned char reg;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- for(ix = 0; ix < USED(a); ix++) {
- cur = DIGIT(a, ix);
-
- for(db = 0; db < sizeof(mp_digit); db++) {
- reg = (unsigned char)(cur >> (CHAR_BIT * db));
-
- nset += bitc[reg];
- }
- }
-
- if(num)
- *num = nset;
-
- return MP_OKAY;
-
-} /* end mpl_num_set() */
-
-/* }}} */
-
-/* {{{ mpl_num_clear(a, num) */
-
-mp_err mpl_num_clear(mp_int *a, int *num)
-{
- int ix, db, nset = 0;
- mp_digit cur;
- unsigned char reg;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- for(ix = 0; ix < USED(a); ix++) {
- cur = DIGIT(a, ix);
-
- for(db = 0; db < sizeof(mp_digit); db++) {
- reg = (unsigned char)(cur >> (CHAR_BIT * db));
-
- nset += bitc[UCHAR_MAX - reg];
- }
- }
-
- if(num)
- *num = nset;
-
- return MP_OKAY;
-
-
-} /* end mpl_num_clear() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/*
- mpl_parity(a)
-
- Determines the bitwise parity of the value given. Returns MP_EVEN
- if an even number of digits are set, MP_ODD if an odd number are
- set.
- */
-
-/* {{{ mpl_parity(a) */
-
-mp_err mpl_parity(mp_int *a)
-{
- int ix, par = 0;
- mp_digit cur;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- for(ix = 0; ix < USED(a); ix++) {
- int shft = (sizeof(mp_digit) * CHAR_BIT) / 2;
-
- cur = DIGIT(a, ix);
-
- /* Compute parity for current digit */
- while(shft != 0) {
- cur ^= (cur >> shft);
- shft >>= 1;
- }
- cur &= 1;
-
- /* XOR with running parity so far */
- par ^= cur;
- }
-
- if(par)
- return MP_ODD;
- else
- return MP_EVEN;
-
-} /* end mpl_parity() */
-
-/* }}} */
-
-/*
- mpl_set_bit
-
- Returns MP_OKAY or some error code.
- Grows a if needed to set a bit to 1.
- */
-mp_err mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value)
-{
- mp_size ix;
- mp_err rv;
- mp_digit mask;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- ix = bitNum / MP_DIGIT_BIT;
- if (ix + 1 > MP_USED(a)) {
- rv = s_mp_pad(a, ix + 1);
- if (rv != MP_OKAY)
- return rv;
- }
-
- bitNum = bitNum % MP_DIGIT_BIT;
- mask = (mp_digit)1 << bitNum;
- if (value)
- MP_DIGIT(a,ix) |= mask;
- else
- MP_DIGIT(a,ix) &= ~mask;
- s_mp_clamp(a);
- return MP_OKAY;
-}
-
-/*
- mpl_get_bit
-
- returns 0 or 1 or some (negative) error code.
- */
-mp_err mpl_get_bit(const mp_int *a, mp_size bitNum)
-{
- mp_size bit, ix;
- mp_err rv;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- ix = bitNum / MP_DIGIT_BIT;
- ARGCHK(ix <= MP_USED(a) - 1, MP_RANGE);
-
- bit = bitNum % MP_DIGIT_BIT;
- rv = (mp_err)(MP_DIGIT(a, ix) >> bit) & 1;
- return rv;
-}
-
-/*
- mpl_get_bits
- - Extracts numBits bits from a, where the least significant extracted bit
- is bit lsbNum. Returns a negative value if error occurs.
- - Because sign bit is used to indicate error, maximum number of bits to
- be returned is the lesser of (a) the number of bits in an mp_digit, or
- (b) one less than the number of bits in an mp_err.
- - lsbNum + numbits can be greater than the number of significant bits in
- integer a, as long as bit lsbNum is in the high order digit of a.
- */
-mp_err mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits)
-{
- mp_size rshift = (lsbNum % MP_DIGIT_BIT);
- mp_size lsWndx = (lsbNum / MP_DIGIT_BIT);
- mp_digit * digit = MP_DIGITS(a) + lsWndx;
- mp_digit mask = ((1 << numBits) - 1);
-
- ARGCHK(numBits < CHAR_BIT * sizeof mask, MP_BADARG);
- ARGCHK(MP_HOWMANY(lsbNum, MP_DIGIT_BIT) <= MP_USED(a), MP_RANGE);
-
- if ((numBits + lsbNum % MP_DIGIT_BIT <= MP_DIGIT_BIT) ||
- (lsWndx + 1 >= MP_USED(a))) {
- mask &= (digit[0] >> rshift);
- } else {
- mask &= ((digit[0] >> rshift) | (digit[1] << (MP_DIGIT_BIT - rshift)));
- }
- return (mp_err)mask;
-}
-
-/*
- mpl_significant_bits
- returns number of significnant bits in abs(a).
- returns 1 if value is zero.
- */
-mp_err mpl_significant_bits(const mp_int *a)
-{
- mp_err bits = 0;
- int ix;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- ix = MP_USED(a);
- for (ix = MP_USED(a); ix > 0; ) {
- mp_digit d;
- d = MP_DIGIT(a, --ix);
- if (d) {
- while (d) {
- ++bits;
- d >>= 1;
- }
- break;
- }
- }
- bits += ix * MP_DIGIT_BIT;
- if (!bits)
- bits = 1;
- return bits;
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mplogic.h b/security/nss/lib/freebl/mpi/mplogic.h
deleted file mode 100644
index 8efa4327c..000000000
--- a/security/nss/lib/freebl/mpi/mplogic.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * mplogic.h
- *
- * Bitwise logical operations on MPI values
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#ifndef _H_MPLOGIC_
-#define _H_MPLOGIC_
-
-#include "mpi.h"
-
-/*
- The logical operations treat an mp_int as if it were a bit vector,
- without regard to its sign (an mp_int is represented in a signed
- magnitude format). Values are treated as if they had an infinite
- string of zeros left of the most-significant bit.
- */
-
-/* Parity results */
-
-#define MP_EVEN MP_YES
-#define MP_ODD MP_NO
-
-/* Bitwise functions */
-
-mp_err mpl_not(mp_int *a, mp_int *b); /* one's complement */
-mp_err mpl_and(mp_int *a, mp_int *b, mp_int *c); /* bitwise AND */
-mp_err mpl_or(mp_int *a, mp_int *b, mp_int *c); /* bitwise OR */
-mp_err mpl_xor(mp_int *a, mp_int *b, mp_int *c); /* bitwise XOR */
-
-/* Shift functions */
-
-mp_err mpl_rsh(const mp_int *a, mp_int *b, mp_digit d); /* right shift */
-mp_err mpl_lsh(const mp_int *a, mp_int *b, mp_digit d); /* left shift */
-
-/* Bit count and parity */
-
-mp_err mpl_num_set(mp_int *a, int *num); /* count set bits */
-mp_err mpl_num_clear(mp_int *a, int *num); /* count clear bits */
-mp_err mpl_parity(mp_int *a); /* determine parity */
-
-/* Get & Set the value of a bit */
-
-mp_err mpl_set_bit(mp_int *a, mp_size bitNum, mp_size value);
-mp_err mpl_get_bit(const mp_int *a, mp_size bitNum);
-mp_err mpl_get_bits(const mp_int *a, mp_size lsbNum, mp_size numBits);
-mp_err mpl_significant_bits(const mp_int *a);
-
-#endif /* end _H_MPLOGIC_ */
diff --git a/security/nss/lib/freebl/mpi/mpmontg.c b/security/nss/lib/freebl/mpi/mpmontg.c
deleted file mode 100644
index 146c8c625..000000000
--- a/security/nss/lib/freebl/mpi/mpmontg.c
+++ /dev/null
@@ -1,561 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-/* This file implements moduluar exponentiation using Montgomery's
- * method for modular reduction. This file implements the method
- * described as "Improvement 1" in the paper "A Cryptogrpahic Library for
- * the Motorola DSP56000" by Stephen R. Dusse' and Burton S. Kaliski Jr.
- * published in "Advances in Cryptology: Proceedings of EUROCRYPT '90"
- * "Lecture Notes in Computer Science" volume 473, 1991, pg 230-244,
- * published by Springer Verlag.
- */
-
-/* #define MP_USING_MONT_MULF 1 */
-#include <string.h>
-#include "mpi-priv.h"
-#include "mplogic.h"
-#include "mpprime.h"
-#ifdef MP_USING_MONT_MULF
-#include "montmulf.h"
-#endif
-
-#define STATIC
-/* #define DEBUG 1 */
-
-#define MAX_WINDOW_BITS 6
-#define MAX_ODD_INTS 32 /* 2 ** (WINDOW_BITS - 1) */
-
-typedef struct {
- mp_int N; /* modulus N */
- mp_digit n0prime; /* n0' = - (n0 ** -1) mod MP_RADIX */
- mp_size b; /* R == 2 ** b, also b = # significant bits in N */
-} mp_mont_modulus;
-
-mp_err s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c,
- mp_mont_modulus *mmm);
-
-/* computes T = REDC(T), 2^b == R */
-STATIC
-mp_err s_mp_redc(mp_int *T, mp_mont_modulus *mmm)
-{
- mp_err res;
- mp_size i;
-
- i = MP_USED(T) + MP_USED(&mmm->N) + 2;
- MP_CHECKOK( s_mp_pad(T, i) );
- for (i = 0; i < MP_USED(&mmm->N); ++i ) {
- mp_digit m_i = MP_DIGIT(T, i) * mmm->n0prime;
- /* T += N * m_i * (MP_RADIX ** i); */
- MP_CHECKOK( s_mp_mul_d_add_offset(&mmm->N, m_i, T, i) );
- }
- s_mp_clamp(T);
-
- /* T /= R */
- s_mp_div_2d(T, mmm->b);
-
- if ((res = s_mp_cmp(T, &mmm->N)) >= 0) {
- /* T = T - N */
- MP_CHECKOK( s_mp_sub(T, &mmm->N) );
-#ifdef DEBUG
- if ((res = mp_cmp(T, &mmm->N)) >= 0) {
- res = MP_UNDEF;
- goto CLEANUP;
- }
-#endif
- }
- res = MP_OKAY;
-CLEANUP:
- return res;
-}
-
-#if !defined(MP_ASSEMBLY_MUL_MONT) && !defined(MP_MONT_USE_MP_MUL)
-mp_err s_mp_mul_mont(const mp_int *a, const mp_int *b, mp_int *c,
- mp_mont_modulus *mmm)
-{
- mp_digit *pb;
- mp_digit m_i;
- mp_err res;
- mp_size ib;
- mp_size useda, usedb;
-
- ARGCHK(a != NULL && b != NULL && c != NULL, MP_BADARG);
-
- if (MP_USED(a) < MP_USED(b)) {
- const mp_int *xch = b; /* switch a and b, to do fewer outer loops */
- b = a;
- a = xch;
- }
-
- MP_USED(c) = 1; MP_DIGIT(c, 0) = 0;
- ib = MP_USED(a) + MP_MAX(MP_USED(b), MP_USED(&mmm->N)) + 2;
- if((res = s_mp_pad(c, ib)) != MP_OKAY)
- goto CLEANUP;
-
- useda = MP_USED(a);
- pb = MP_DIGITS(b);
- s_mpv_mul_d(MP_DIGITS(a), useda, *pb++, MP_DIGITS(c));
- s_mp_setz(MP_DIGITS(c) + useda + 1, ib - (useda + 1));
- m_i = MP_DIGIT(c, 0) * mmm->n0prime;
- s_mp_mul_d_add_offset(&mmm->N, m_i, c, 0);
-
- /* Outer loop: Digits of b */
- usedb = MP_USED(b);
- for (ib = 1; ib < usedb; ib++) {
- mp_digit b_i = *pb++;
-
- /* Inner product: Digits of a */
- if (b_i)
- s_mpv_mul_d_add_prop(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib);
- m_i = MP_DIGIT(c, ib) * mmm->n0prime;
- s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib);
- }
- if (usedb < MP_USED(&mmm->N)) {
- for (usedb = MP_USED(&mmm->N); ib < usedb; ++ib ) {
- m_i = MP_DIGIT(c, ib) * mmm->n0prime;
- s_mp_mul_d_add_offset(&mmm->N, m_i, c, ib);
- }
- }
- s_mp_clamp(c);
- s_mp_div_2d(c, mmm->b);
- if (s_mp_cmp(c, &mmm->N) >= 0) {
- MP_CHECKOK( s_mp_sub(c, &mmm->N) );
- }
- res = MP_OKAY;
-
-CLEANUP:
- return res;
-}
-#endif
-
-STATIC
-mp_err s_mp_to_mont(const mp_int *x, mp_mont_modulus *mmm, mp_int *xMont)
-{
- mp_err res;
-
- /* xMont = x * R mod N where N is modulus */
- MP_CHECKOK( mpl_lsh(x, xMont, mmm->b) ); /* xMont = x << b */
- MP_CHECKOK( mp_div(xMont, &mmm->N, 0, xMont) ); /* mod N */
-CLEANUP:
- return res;
-}
-
-#ifdef MP_USING_MONT_MULF
-
-unsigned int mp_using_mont_mulf = 1;
-
-/* computes montgomery square of the integer in mResult */
-#define SQR \
- conv_i32_to_d32_and_d16(dm1, d16Tmp, mResult, nLen); \
- mont_mulf_noconv(mResult, dm1, d16Tmp, \
- dTmp, dn, MP_DIGITS(modulus), nLen, dn0)
-
-/* computes montgomery product of x and the integer in mResult */
-#define MUL(x) \
- conv_i32_to_d32(dm1, mResult, nLen); \
- mont_mulf_noconv(mResult, dm1, oddPowers[x], \
- dTmp, dn, MP_DIGITS(modulus), nLen, dn0)
-
-/* Do modular exponentiation using floating point multiply code. */
-mp_err mp_exptmod_f(const mp_int * montBase,
- const mp_int * exponent,
- const mp_int * modulus,
- mp_int * result,
- mp_mont_modulus *mmm,
- int nLen,
- mp_size bits_in_exponent,
- mp_size window_bits,
- mp_size odd_ints)
-{
- mp_digit *mResult;
- double *dBuf = 0, *dm1, *dn, *dSqr, *d16Tmp, *dTmp;
- double dn0;
- mp_size i;
- mp_err res;
- int expOff;
- int dSize = 0, oddPowSize, dTmpSize;
- mp_int accum1;
- double *oddPowers[MAX_ODD_INTS];
-
- /* function for computing n0prime only works if n0 is odd */
-
- MP_DIGITS(&accum1) = 0;
-
- for (i = 0; i < MAX_ODD_INTS; ++i)
- oddPowers[i] = 0;
-
- MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) );
-
- mp_set(&accum1, 1);
- MP_CHECKOK( s_mp_to_mont(&accum1, mmm, &accum1) );
- MP_CHECKOK( s_mp_pad(&accum1, nLen) );
-
- oddPowSize = 2 * nLen + 1;
- dTmpSize = 2 * oddPowSize;
- dSize = sizeof(double) * (nLen * 4 + 1 +
- ((odd_ints + 1) * oddPowSize) + dTmpSize);
- dBuf = (double *)malloc(dSize);
- dm1 = dBuf; /* array of d32 */
- dn = dBuf + nLen; /* array of d32 */
- dSqr = dn + nLen; /* array of d32 */
- d16Tmp = dSqr + nLen; /* array of d16 */
- dTmp = d16Tmp + oddPowSize;
-
- for (i = 0; i < odd_ints; ++i) {
- oddPowers[i] = dTmp;
- dTmp += oddPowSize;
- }
- mResult = (mp_digit *)(dTmp + dTmpSize); /* size is nLen + 1 */
-
- /* Make dn and dn0 */
- conv_i32_to_d32(dn, MP_DIGITS(modulus), nLen);
- dn0 = (double)(mmm->n0prime & 0xffff);
-
- /* Make dSqr */
- conv_i32_to_d32_and_d16(dm1, oddPowers[0], MP_DIGITS(montBase), nLen);
- mont_mulf_noconv(mResult, dm1, oddPowers[0],
- dTmp, dn, MP_DIGITS(modulus), nLen, dn0);
- conv_i32_to_d32(dSqr, mResult, nLen);
-
- for (i = 1; i < odd_ints; ++i) {
- mont_mulf_noconv(mResult, dSqr, oddPowers[i - 1],
- dTmp, dn, MP_DIGITS(modulus), nLen, dn0);
- conv_i32_to_d16(oddPowers[i], mResult, nLen);
- }
-
- s_mp_copy(MP_DIGITS(&accum1), mResult, nLen); /* from, to, len */
-
- for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) {
- mp_size smallExp;
- MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) );
- smallExp = (mp_size)res;
-
- if (window_bits == 4) {
- if (!smallExp) {
- SQR; SQR; SQR; SQR;
- } else if (smallExp & 1) {
- SQR; SQR; SQR; SQR; MUL(smallExp/2);
- } else if (smallExp & 2) {
- SQR; SQR; SQR; MUL(smallExp/4); SQR;
- } else if (smallExp & 4) {
- SQR; SQR; MUL(smallExp/8); SQR; SQR;
- } else if (smallExp & 8) {
- SQR; MUL(smallExp/16); SQR; SQR; SQR;
- } else {
- abort();
- }
- } else if (window_bits == 5) {
- if (!smallExp) {
- SQR; SQR; SQR; SQR; SQR;
- } else if (smallExp & 1) {
- SQR; SQR; SQR; SQR; SQR; MUL(smallExp/2);
- } else if (smallExp & 2) {
- SQR; SQR; SQR; SQR; MUL(smallExp/4); SQR;
- } else if (smallExp & 4) {
- SQR; SQR; SQR; MUL(smallExp/8); SQR; SQR;
- } else if (smallExp & 8) {
- SQR; SQR; MUL(smallExp/16); SQR; SQR; SQR;
- } else if (smallExp & 0x10) {
- SQR; MUL(smallExp/32); SQR; SQR; SQR; SQR;
- } else {
- abort();
- }
- } else if (window_bits == 6) {
- if (!smallExp) {
- SQR; SQR; SQR; SQR; SQR; SQR;
- } else if (smallExp & 1) {
- SQR; SQR; SQR; SQR; SQR; SQR; MUL(smallExp/2);
- } else if (smallExp & 2) {
- SQR; SQR; SQR; SQR; SQR; MUL(smallExp/4); SQR;
- } else if (smallExp & 4) {
- SQR; SQR; SQR; SQR; MUL(smallExp/8); SQR; SQR;
- } else if (smallExp & 8) {
- SQR; SQR; SQR; MUL(smallExp/16); SQR; SQR; SQR;
- } else if (smallExp & 0x10) {
- SQR; SQR; MUL(smallExp/32); SQR; SQR; SQR; SQR;
- } else if (smallExp & 0x20) {
- SQR; MUL(smallExp/64); SQR; SQR; SQR; SQR; SQR;
- } else {
- abort();
- }
- } else {
- abort();
- }
- }
-
- s_mp_copy(mResult, MP_DIGITS(&accum1), nLen); /* from, to, len */
-
- res = s_mp_redc(&accum1, mmm);
- mp_exch(&accum1, result);
-
-CLEANUP:
- mp_clear(&accum1);
- if (dBuf) {
- if (dSize)
- memset(dBuf, 0, dSize);
- free(dBuf);
- }
-
- return res;
-}
-#undef SQR
-#undef MUL
-#endif
-
-#define SQR(a,b) \
- MP_CHECKOK( mp_sqr(a, b) );\
- MP_CHECKOK( s_mp_redc(b, mmm) )
-
-#if defined(MP_MONT_USE_MP_MUL)
-#define MUL(x,a,b) \
- MP_CHECKOK( mp_mul(a, oddPowers + (x), b) ); \
- MP_CHECKOK( s_mp_redc(b, mmm) )
-#else
-#define MUL(x,a,b) \
- MP_CHECKOK( s_mp_mul_mont(a, oddPowers + (x), b, mmm) )
-#endif
-
-#define SWAPPA ptmp = pa1; pa1 = pa2; pa2 = ptmp
-
-/* Do modular exponentiation using integer multiply code. */
-mp_err mp_exptmod_i(const mp_int * montBase,
- const mp_int * exponent,
- const mp_int * modulus,
- mp_int * result,
- mp_mont_modulus *mmm,
- int nLen,
- mp_size bits_in_exponent,
- mp_size window_bits,
- mp_size odd_ints)
-{
- mp_int *pa1, *pa2, *ptmp;
- mp_size i;
- mp_err res;
- int expOff;
- mp_int accum1, accum2, power2, oddPowers[MAX_ODD_INTS];
-
- /* power2 = base ** 2; oddPowers[i] = base ** (2*i + 1); */
- /* oddPowers[i] = base ** (2*i + 1); */
-
- MP_DIGITS(&accum1) = 0;
- MP_DIGITS(&accum2) = 0;
- MP_DIGITS(&power2) = 0;
- for (i = 0; i < MAX_ODD_INTS; ++i) {
- MP_DIGITS(oddPowers + i) = 0;
- }
-
- MP_CHECKOK( mp_init_size(&accum1, 3 * nLen + 2) );
- MP_CHECKOK( mp_init_size(&accum2, 3 * nLen + 2) );
-
- MP_CHECKOK( mp_init_copy(&oddPowers[0], montBase) );
-
- mp_init_size(&power2, nLen + 2 * MP_USED(montBase) + 2);
- MP_CHECKOK( mp_sqr(montBase, &power2) ); /* power2 = montBase ** 2 */
- MP_CHECKOK( s_mp_redc(&power2, mmm) );
-
- for (i = 1; i < odd_ints; ++i) {
- mp_init_size(oddPowers + i, nLen + 2 * MP_USED(&power2) + 2);
- MP_CHECKOK( mp_mul(oddPowers + (i - 1), &power2, oddPowers + i) );
- MP_CHECKOK( s_mp_redc(oddPowers + i, mmm) );
- }
-
- /* set accumulator to montgomery residue of 1 */
- mp_set(&accum1, 1);
- MP_CHECKOK( s_mp_to_mont(&accum1, mmm, &accum1) );
- pa1 = &accum1;
- pa2 = &accum2;
-
- for (expOff = bits_in_exponent - window_bits; expOff >= 0; expOff -= window_bits) {
- mp_size smallExp;
- MP_CHECKOK( mpl_get_bits(exponent, expOff, window_bits) );
- smallExp = (mp_size)res;
-
- if (window_bits == 4) {
- if (!smallExp) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 1) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- MUL(smallExp/2, pa1,pa2); SWAPPA;
- } else if (smallExp & 2) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2);
- MUL(smallExp/4,pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 4) {
- SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/8,pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 8) {
- SQR(pa1,pa2); MUL(smallExp/16,pa2,pa1); SQR(pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else {
- abort();
- }
- } else if (window_bits == 5) {
- if (!smallExp) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 1) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); MUL(smallExp/2,pa2,pa1);
- } else if (smallExp & 2) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- MUL(smallExp/4,pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 4) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2);
- MUL(smallExp/8,pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 8) {
- SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/16,pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 0x10) {
- SQR(pa1,pa2); MUL(smallExp/32,pa2,pa1); SQR(pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- } else {
- abort();
- }
- } else if (window_bits == 6) {
- if (!smallExp) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); SQR(pa2,pa1);
- } else if (smallExp & 1) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/2,pa1,pa2); SWAPPA;
- } else if (smallExp & 2) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); MUL(smallExp/4,pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 4) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- MUL(smallExp/8,pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 8) {
- SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2);
- MUL(smallExp/16,pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1);
- SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 0x10) {
- SQR(pa1,pa2); SQR(pa2,pa1); MUL(smallExp/32,pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else if (smallExp & 0x20) {
- SQR(pa1,pa2); MUL(smallExp/64,pa2,pa1); SQR(pa1,pa2);
- SQR(pa2,pa1); SQR(pa1,pa2); SQR(pa2,pa1); SQR(pa1,pa2); SWAPPA;
- } else {
- abort();
- }
- } else {
- abort();
- }
- }
-
- res = s_mp_redc(pa1, mmm);
- mp_exch(pa1, result);
-
-CLEANUP:
- mp_clear(&accum1);
- mp_clear(&accum2);
- mp_clear(&power2);
- for (i = 0; i < odd_ints; ++i) {
- mp_clear(oddPowers + i);
- }
- return res;
-}
-#undef SQR
-#undef MUL
-
-
-mp_err mp_exptmod(const mp_int *inBase, const mp_int *exponent,
- const mp_int *modulus, mp_int *result)
-{
- const mp_int *base;
- mp_size bits_in_exponent, i, window_bits, odd_ints;
- mp_err res;
- int nLen;
- mp_int montBase, goodBase;
- mp_mont_modulus mmm;
-
- /* function for computing n0prime only works if n0 is odd */
- if (!mp_isodd(modulus))
- return s_mp_exptmod(inBase, exponent, modulus, result);
-
- MP_DIGITS(&montBase) = 0;
- MP_DIGITS(&goodBase) = 0;
-
- if (mp_cmp(inBase, modulus) < 0) {
- base = inBase;
- } else {
- MP_CHECKOK( mp_init(&goodBase) );
- base = &goodBase;
- MP_CHECKOK( mp_mod(inBase, modulus, &goodBase) );
- }
-
- nLen = MP_USED(modulus);
- MP_CHECKOK( mp_init_size(&montBase, 2 * nLen + 2) );
-
- mmm.N = *modulus; /* a copy of the mp_int struct */
- i = mpl_significant_bits(modulus);
- i += MP_DIGIT_BIT - 1;
- mmm.b = i - i % MP_DIGIT_BIT;
-
- /* compute n0', given n0, n0' = -(n0 ** -1) mod MP_RADIX
- ** where n0 = least significant mp_digit of N, the modulus.
- */
- mmm.n0prime = 0 - s_mp_invmod_radix( MP_DIGIT(modulus, 0) );
-
- MP_CHECKOK( s_mp_to_mont(base, &mmm, &montBase) );
-
- bits_in_exponent = mpl_significant_bits(exponent);
- if (bits_in_exponent > 480)
- window_bits = 6;
- else if (bits_in_exponent > 160)
- window_bits = 5;
- else
- window_bits = 4;
- odd_ints = 1 << (window_bits - 1);
- i = bits_in_exponent % window_bits;
- if (i != 0) {
- bits_in_exponent += window_bits - i;
- }
-
-#ifdef MP_USING_MONT_MULF
- if (mp_using_mont_mulf) {
- MP_CHECKOK( s_mp_pad(&montBase, nLen) );
- res = mp_exptmod_f(&montBase, exponent, modulus, result, &mmm, nLen,
- bits_in_exponent, window_bits, odd_ints);
- } else
-#endif
- res = mp_exptmod_i(&montBase, exponent, modulus, result, &mmm, nLen,
- bits_in_exponent, window_bits, odd_ints);
-
-CLEANUP:
- mp_clear(&montBase);
- mp_clear(&goodBase);
- /* Don't mp_clear mmm.N because it is merely a copy of modulus.
- ** Just zap it.
- */
- memset(&mmm, 0, sizeof mmm);
- return res;
-}
diff --git a/security/nss/lib/freebl/mpi/mpprime.c b/security/nss/lib/freebl/mpi/mpprime.c
deleted file mode 100644
index 76a64a083..000000000
--- a/security/nss/lib/freebl/mpi/mpprime.c
+++ /dev/null
@@ -1,619 +0,0 @@
-/*
- * mpprime.c
- *
- * Utilities for finding and working with prime and pseudo-prime
- * integers
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include "mpi-priv.h"
-#include "mpprime.h"
-#include "mplogic.h"
-#include <stdlib.h>
-#include <string.h>
-
-#define SMALL_TABLE 0 /* determines size of hard-wired prime table */
-
-#define RANDOM() rand()
-
-#include "primes.c" /* pull in the prime digit table */
-
-/*
- Test if any of a given vector of digits divides a. If not, MP_NO
- is returned; otherwise, MP_YES is returned and 'which' is set to
- the index of the integer in the vector which divided a.
- */
-mp_err s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which);
-
-/* {{{ mpp_divis(a, b) */
-
-/*
- mpp_divis(a, b)
-
- Returns MP_YES if a is divisible by b, or MP_NO if it is not.
- */
-
-mp_err mpp_divis(mp_int *a, mp_int *b)
-{
- mp_err res;
- mp_int rem;
-
- if((res = mp_init(&rem)) != MP_OKAY)
- return res;
-
- if((res = mp_mod(a, b, &rem)) != MP_OKAY)
- goto CLEANUP;
-
- if(mp_cmp_z(&rem) == 0)
- res = MP_YES;
- else
- res = MP_NO;
-
-CLEANUP:
- mp_clear(&rem);
- return res;
-
-} /* end mpp_divis() */
-
-/* }}} */
-
-/* {{{ mpp_divis_d(a, d) */
-
-/*
- mpp_divis_d(a, d)
-
- Return MP_YES if a is divisible by d, or MP_NO if it is not.
- */
-
-mp_err mpp_divis_d(mp_int *a, mp_digit d)
-{
- mp_err res;
- mp_digit rem;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- if(d == 0)
- return MP_NO;
-
- if((res = mp_mod_d(a, d, &rem)) != MP_OKAY)
- return res;
-
- if(rem == 0)
- return MP_YES;
- else
- return MP_NO;
-
-} /* end mpp_divis_d() */
-
-/* }}} */
-
-/* {{{ mpp_random(a) */
-
-/*
- mpp_random(a)
-
- Assigns a random value to a. This value is generated using the
- standard C library's rand() function, so it should not be used for
- cryptographic purposes, but it should be fine for primality testing,
- since all we really care about there is good statistical properties.
-
- As many digits as a currently has are filled with random digits.
- */
-
-mp_err mpp_random(mp_int *a)
-
-{
- mp_digit next = 0;
- int ix, jx;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- for(ix = 0; ix < USED(a); ix++) {
- for(jx = 0; jx < sizeof(mp_digit); jx++) {
- next = (next << CHAR_BIT) | (RANDOM() & UCHAR_MAX);
- }
- DIGIT(a, ix) = next;
- }
-
- return MP_OKAY;
-
-} /* end mpp_random() */
-
-/* }}} */
-
-/* {{{ mpp_random_size(a, prec) */
-
-mp_err mpp_random_size(mp_int *a, mp_size prec)
-{
- mp_err res;
-
- ARGCHK(a != NULL && prec > 0, MP_BADARG);
-
- if((res = s_mp_pad(a, prec)) != MP_OKAY)
- return res;
-
- return mpp_random(a);
-
-} /* end mpp_random_size() */
-
-/* }}} */
-
-/* {{{ mpp_divis_vector(a, vec, size, which) */
-
-/*
- mpp_divis_vector(a, vec, size, which)
-
- Determines if a is divisible by any of the 'size' digits in vec.
- Returns MP_YES and sets 'which' to the index of the offending digit,
- if it is; returns MP_NO if it is not.
- */
-
-mp_err mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which)
-{
- ARGCHK(a != NULL && vec != NULL && size > 0, MP_BADARG);
-
- return s_mpp_divp(a, vec, size, which);
-
-} /* end mpp_divis_vector() */
-
-/* }}} */
-
-/* {{{ mpp_divis_primes(a, np) */
-
-/*
- mpp_divis_primes(a, np)
-
- Test whether a is divisible by any of the first 'np' primes. If it
- is, returns MP_YES and sets *np to the value of the digit that did
- it. If not, returns MP_NO.
- */
-mp_err mpp_divis_primes(mp_int *a, mp_digit *np)
-{
- int size, which;
- mp_err res;
-
- ARGCHK(a != NULL && np != NULL, MP_BADARG);
-
- size = (int)*np;
- if(size > prime_tab_size)
- size = prime_tab_size;
-
- res = mpp_divis_vector(a, prime_tab, size, &which);
- if(res == MP_YES)
- *np = prime_tab[which];
-
- return res;
-
-} /* end mpp_divis_primes() */
-
-/* }}} */
-
-/* {{{ mpp_fermat(a, w) */
-
-/*
- Using w as a witness, try pseudo-primality testing based on Fermat's
- little theorem. If a is prime, and (w, a) = 1, then w^a == w (mod
- a). So, we compute z = w^a (mod a) and compare z to w; if they are
- equal, the test passes and we return MP_YES. Otherwise, we return
- MP_NO.
- */
-mp_err mpp_fermat(mp_int *a, mp_digit w)
-{
- mp_int base, test;
- mp_err res;
-
- if((res = mp_init(&base)) != MP_OKAY)
- return res;
-
- mp_set(&base, w);
-
- if((res = mp_init(&test)) != MP_OKAY)
- goto TEST;
-
- /* Compute test = base^a (mod a) */
- if((res = mp_exptmod(&base, a, a, &test)) != MP_OKAY)
- goto CLEANUP;
-
-
- if(mp_cmp(&base, &test) == 0)
- res = MP_YES;
- else
- res = MP_NO;
-
- CLEANUP:
- mp_clear(&test);
- TEST:
- mp_clear(&base);
-
- return res;
-
-} /* end mpp_fermat() */
-
-/* }}} */
-
-/*
- Perform the fermat test on each of the primes in a list until
- a) one of them shows a is not prime, or
- b) the list is exhausted.
- Returns: MP_YES if it passes tests.
- MP_NO if fermat test reveals it is composite
- Some MP error code if some other error occurs.
- */
-mp_err mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes)
-{
- mp_err rv = MP_YES;
-
- while (nPrimes-- > 0 && rv == MP_YES) {
- rv = mpp_fermat(a, *primes++);
- }
- return rv;
-}
-
-/* {{{ mpp_pprime(a, nt) */
-
-/*
- mpp_pprime(a, nt)
-
- Performs nt iteration of the Miller-Rabin probabilistic primality
- test on a. Returns MP_YES if the tests pass, MP_NO if one fails.
- If MP_NO is returned, the number is definitely composite. If MP_YES
- is returned, it is probably prime (but that is not guaranteed).
- */
-
-mp_err mpp_pprime(mp_int *a, int nt)
-{
- mp_err res;
- mp_int x, amo, m, z; /* "amo" = "a minus one" */
- int iter, jx;
- mp_size b;
-
- ARGCHK(a != NULL, MP_BADARG);
-
- MP_DIGITS(&x) = 0;
- MP_DIGITS(&amo) = 0;
- MP_DIGITS(&m) = 0;
- MP_DIGITS(&z) = 0;
-
- /* Initialize temporaries... */
- MP_CHECKOK( mp_init(&amo));
- /* Compute amo = a - 1 for what follows... */
- MP_CHECKOK( mp_sub_d(a, 1, &amo) );
-
- b = mp_trailing_zeros(&amo);
- if (!b) { /* a was even ? */
- res = MP_NO;
- goto CLEANUP;
- }
-
- MP_CHECKOK( mp_init_size(&x, MP_USED(a)) );
- MP_CHECKOK( mp_init(&z) );
- MP_CHECKOK( mp_init(&m) );
- MP_CHECKOK( mp_div_2d(&amo, b, &m, 0) );
-
- /* Do the test nt times... */
- for(iter = 0; iter < nt; iter++) {
-
- /* Choose a random value for x < a */
- s_mp_pad(&x, USED(a));
- mpp_random(&x);
- MP_CHECKOK( mp_mod(&x, a, &x) );
-
- /* Compute z = (x ** m) mod a */
- MP_CHECKOK( mp_exptmod(&x, &m, a, &z) );
-
- if(mp_cmp_d(&z, 1) == 0 || mp_cmp(&z, &amo) == 0) {
- res = MP_YES;
- continue;
- }
-
- res = MP_NO; /* just in case the following for loop never executes. */
- for (jx = 1; jx < b; jx++) {
- /* z = z^2 (mod a) */
- MP_CHECKOK( mp_sqrmod(&z, a, &z) );
- res = MP_NO; /* previous line set res to MP_YES */
-
- if(mp_cmp_d(&z, 1) == 0) {
- break;
- }
- if(mp_cmp(&z, &amo) == 0) {
- res = MP_YES;
- break;
- }
- } /* end testing loop */
-
- /* If the test passes, we will continue iterating, but a failed
- test means the candidate is definitely NOT prime, so we will
- immediately break out of this loop
- */
- if(res == MP_NO)
- break;
-
- } /* end iterations loop */
-
-CLEANUP:
- mp_clear(&m);
- mp_clear(&z);
- mp_clear(&x);
- mp_clear(&amo);
- return res;
-
-} /* end mpp_pprime() */
-
-/* }}} */
-
-/* Produce table of composites from list of primes and trial value.
-** trial must be odd. List of primes must not include 2.
-** sieve should have dimension >= MAXPRIME/2, where MAXPRIME is largest
-** prime in list of primes. After this function is finished,
-** if sieve[i] is non-zero, then (trial + 2*i) is composite.
-** Each prime used in the sieve costs one division of trial, and eliminates
-** one or more values from the search space. (3 eliminates 1/3 of the values
-** alone!) Each value left in the search space costs 1 or more modular
-** exponentations. So, these divisions are a bargain!
-*/
-mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes,
- unsigned char *sieve, mp_size nSieve)
-{
- mp_err res;
- mp_digit rem;
- mp_size ix;
- unsigned long offset;
-
- memset(sieve, 0, nSieve);
-
- for(ix = 0; ix < nPrimes; ix++) {
- mp_digit prime = primes[ix];
- mp_size i;
- if((res = mp_mod_d(trial, prime, &rem)) != MP_OKAY)
- return res;
-
- if (rem == 0) {
- offset = 0;
- } else {
- offset = prime - (rem / 2);
- }
- for (i = offset; i < nSieve ; i += prime) {
- sieve[i] = 1;
- }
- }
-
- return MP_OKAY;
-}
-
-#define SIEVE_SIZE 32*1024
-
-mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong,
- unsigned long * nTries)
-{
- mp_digit np;
- mp_err res;
- int i = 0;
- mp_int trial;
- mp_int q;
- mp_size num_tests;
- /*
- * Always make sieve the last variabale allocated so that
- * Mac builds don't break by adding an extra variable
- * on the stack. -javi
- */
-#ifdef macintosh
- unsigned char *sieve;
-
- sieve = malloc(SIEVE_SIZE);
- ARGCHK(sieve != NULL, MP_MEM);
-#else
- unsigned char sieve[SIEVE_SIZE];
-#endif
-
- ARGCHK(start != 0, MP_BADARG);
- ARGCHK(nBits > 16, MP_RANGE);
-
- MP_DIGITS(&trial) = 0;
- MP_DIGITS(&q) = 0;
- MP_CHECKOK( mp_init(&trial) );
- MP_CHECKOK( mp_init(&q) );
- /* values taken from table 4.4, HandBook of Applied Cryptography */
- if (nBits >= 1300) {
- num_tests = 2;
- } else if (nBits >= 850) {
- num_tests = 3;
- } else if (nBits >= 650) {
- num_tests = 4;
- } else if (nBits >= 550) {
- num_tests = 5;
- } else if (nBits >= 450) {
- num_tests = 6;
- } else if (nBits >= 400) {
- num_tests = 7;
- } else if (nBits >= 350) {
- num_tests = 8;
- } else if (nBits >= 300) {
- num_tests = 9;
- } else if (nBits >= 250) {
- num_tests = 12;
- } else if (nBits >= 200) {
- num_tests = 15;
- } else if (nBits >= 150) {
- num_tests = 18;
- } else if (nBits >= 100) {
- num_tests = 27;
- } else
- num_tests = 50;
-
- if (strong)
- --nBits;
- MP_CHECKOK( mpl_set_bit(start, nBits - 1, 1) );
- MP_CHECKOK( mpl_set_bit(start, 0, 1) );
- for (i = mpl_significant_bits(start) - 1; i >= nBits; --i) {
- MP_CHECKOK( mpl_set_bit(start, i, 0) );
- }
- /* start sieveing with prime value of 3. */
- MP_CHECKOK(mpp_sieve(start, prime_tab + 1, prime_tab_size - 1,
- sieve, SIEVE_SIZE) );
-
-#ifdef DEBUG_SIEVE
- res = 0;
- for (i = 0; i < SIEVE_SIZE; ++i) {
- if (!sieve[i])
- ++res;
- }
- fprintf(stderr,"sieve found %d potential primes.\n", res);
-#define FPUTC(x,y) fputc(x,y)
-#else
-#define FPUTC(x,y)
-#endif
-
- res = MP_NO;
- for(i = 0; i < SIEVE_SIZE; ++i) {
- if (sieve[i]) /* this number is composite */
- continue;
- MP_CHECKOK( mp_add_d(start, 2 * i, &trial) );
- FPUTC('.', stderr);
- /* run a Fermat test */
- res = mpp_fermat(&trial, 2);
- if (res != MP_OKAY) {
- if (res == MP_NO)
- continue; /* was composite */
- goto CLEANUP;
- }
-
- FPUTC('+', stderr);
- /* If that passed, run some Miller-Rabin tests */
- res = mpp_pprime(&trial, num_tests);
- if (res != MP_OKAY) {
- if (res == MP_NO)
- continue; /* was composite */
- goto CLEANUP;
- }
- FPUTC('!', stderr);
-
- if (!strong)
- break; /* success !! */
-
- /* At this point, we have strong evidence that our candidate
- is itself prime. If we want a strong prime, we need now
- to test q = 2p + 1 for primality...
- */
- MP_CHECKOK( mp_mul_2(&trial, &q) );
- MP_CHECKOK( mp_add_d(&q, 1, &q) );
-
- /* Test q for small prime divisors ... */
- np = prime_tab_size;
- res = mpp_divis_primes(&q, &np);
- if (res == MP_YES) { /* is composite */
- mp_clear(&q);
- continue;
- }
- if (res != MP_NO)
- goto CLEANUP;
-
- /* And test with Fermat, as with its parent ... */
- res = mpp_fermat(&q, 2);
- if (res != MP_YES) {
- mp_clear(&q);
- if (res == MP_NO)
- continue; /* was composite */
- goto CLEANUP;
- }
-
- /* And test with Miller-Rabin, as with its parent ... */
- res = mpp_pprime(&q, num_tests);
- if (res != MP_YES) {
- mp_clear(&q);
- if (res == MP_NO)
- continue; /* was composite */
- goto CLEANUP;
- }
-
- /* If it passed, we've got a winner */
- mp_exch(&q, &trial);
- mp_clear(&q);
- break;
-
- } /* end of loop through sieved values */
- if (res == MP_YES)
- mp_exch(&trial, start);
-CLEANUP:
- mp_clear(&trial);
- mp_clear(&q);
- if (nTries)
- *nTries += i;
-#ifdef macintosh
- if (sieve != NULL) {
- memset(sieve, 0, SIEVE_SIZE);
- free (sieve);
- }
-#endif
- return res;
-}
-
-/*========================================================================*/
-/*------------------------------------------------------------------------*/
-/* Static functions visible only to the library internally */
-
-/* {{{ s_mpp_divp(a, vec, size, which) */
-
-/*
- Test for divisibility by members of a vector of digits. Returns
- MP_NO if a is not divisible by any of them; returns MP_YES and sets
- 'which' to the index of the offender, if it is. Will stop on the
- first digit against which a is divisible.
- */
-
-mp_err s_mpp_divp(mp_int *a, const mp_digit *vec, int size, int *which)
-{
- mp_err res;
- mp_digit rem;
-
- int ix;
-
- for(ix = 0; ix < size; ix++) {
- if((res = mp_mod_d(a, vec[ix], &rem)) != MP_OKAY)
- return res;
-
- if(rem == 0) {
- if(which)
- *which = ix;
- return MP_YES;
- }
- }
-
- return MP_NO;
-
-} /* end s_mpp_divp() */
-
-/* }}} */
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/mpprime.h b/security/nss/lib/freebl/mpi/mpprime.h
deleted file mode 100644
index 1204580f6..000000000
--- a/security/nss/lib/freebl/mpi/mpprime.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * mpprime.h
- *
- * Utilities for finding and working with prime and pseudo-prime
- * integers
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _H_MP_PRIME_
-#define _H_MP_PRIME_
-
-#include "mpi.h"
-
-extern const int prime_tab_size; /* number of primes available */
-extern const mp_digit prime_tab[];
-
-/* Tests for divisibility */
-mp_err mpp_divis(mp_int *a, mp_int *b);
-mp_err mpp_divis_d(mp_int *a, mp_digit d);
-
-/* Random selection */
-mp_err mpp_random(mp_int *a);
-mp_err mpp_random_size(mp_int *a, mp_size prec);
-
-/* Pseudo-primality testing */
-mp_err mpp_divis_vector(mp_int *a, const mp_digit *vec, int size, int *which);
-mp_err mpp_divis_primes(mp_int *a, mp_digit *np);
-mp_err mpp_fermat(mp_int *a, mp_digit w);
-mp_err mpp_fermat_list(mp_int *a, const mp_digit *primes, mp_size nPrimes);
-mp_err mpp_pprime(mp_int *a, int nt);
-mp_err mpp_sieve(mp_int *trial, const mp_digit *primes, mp_size nPrimes,
- unsigned char *sieve, mp_size nSieve);
-mp_err mpp_make_prime(mp_int *start, mp_size nBits, mp_size strong,
- unsigned long * nTries);
-
-#endif /* end _H_MP_PRIME_ */
diff --git a/security/nss/lib/freebl/mpi/mpv_sparc.c b/security/nss/lib/freebl/mpi/mpv_sparc.c
deleted file mode 100644
index a0a0b78fb..000000000
--- a/security/nss/lib/freebl/mpi/mpv_sparc.c
+++ /dev/null
@@ -1,249 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is a SPARC/VIS optimized multiply and add function
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-#include "vis_proto.h"
-
-/***************************************************************/
-
-typedef int t_s32;
-typedef unsigned int t_u32;
-#if defined(__sparcv9)
-typedef long t_s64;
-typedef unsigned long t_u64;
-#else
-typedef long long t_s64;
-typedef unsigned long long t_u64;
-#endif
-typedef double t_d64;
-
-/***************************************************************/
-
-typedef union {
- t_d64 d64;
- struct {
- t_s32 i0;
- t_s32 i1;
- } i32s;
-} d64_2_i32;
-
-/***************************************************************/
-
-#define BUFF_SIZE 256
-
-#define A_BITS 19
-#define A_MASK ((1 << A_BITS) - 1)
-
-/***************************************************************/
-
-static t_u64 mask_cnst[] = {
- 0x8000000080000000ull
-};
-
-/***************************************************************/
-
-#define DEF_VARS(N) \
- t_d64 *py = (t_d64*)y; \
- t_d64 mask = *((t_d64*)mask_cnst); \
- t_d64 ca = (1u << 31) - 1; \
- t_d64 da = (t_d64)a; \
- t_s64 buff[N], s; \
- d64_2_i32 dy
-
-/***************************************************************/
-
-#define MUL_U32_S64_2(i) \
- dy.d64 = vis_fxnor(mask, py[i]); \
- buff[2*(i) ] = (ca - (t_d64)dy.i32s.i0) * da; \
- buff[2*(i)+1] = (ca - (t_d64)dy.i32s.i1) * da
-
-#define MUL_U32_S64_2_D(i) \
- dy.d64 = vis_fxnor(mask, py[i]); \
- d0 = ca - (t_d64)dy.i32s.i0; \
- d1 = ca - (t_d64)dy.i32s.i1; \
- buff[4*(i) ] = (t_s64)(d0 * da); \
- buff[4*(i)+1] = (t_s64)(d0 * db); \
- buff[4*(i)+2] = (t_s64)(d1 * da); \
- buff[4*(i)+3] = (t_s64)(d1 * db)
-
-/***************************************************************/
-
-#define ADD_S64_U32(i) \
- s = buff[i] + x[i] + c; \
- z[i] = s; \
- c = (s >> 32)
-
-#define ADD_S64_U32_D(i) \
- s = buff[2*(i)] +(((t_s64)(buff[2*(i)+1]))<<A_BITS) + x[i] + uc; \
- z[i] = s; \
- uc = ((t_u64)s >> 32)
-
-/***************************************************************/
-
-#define MUL_U32_S64_8(i) \
- MUL_U32_S64_2(i); \
- MUL_U32_S64_2(i+1); \
- MUL_U32_S64_2(i+2); \
- MUL_U32_S64_2(i+3)
-
-#define MUL_U32_S64_D_8(i) \
- MUL_U32_S64_2_D(i); \
- MUL_U32_S64_2_D(i+1); \
- MUL_U32_S64_2_D(i+2); \
- MUL_U32_S64_2_D(i+3)
-
-/***************************************************************/
-
-#define ADD_S64_U32_8(i) \
- ADD_S64_U32(i); \
- ADD_S64_U32(i+1); \
- ADD_S64_U32(i+2); \
- ADD_S64_U32(i+3); \
- ADD_S64_U32(i+4); \
- ADD_S64_U32(i+5); \
- ADD_S64_U32(i+6); \
- ADD_S64_U32(i+7)
-
-#define ADD_S64_U32_D_8(i) \
- ADD_S64_U32_D(i); \
- ADD_S64_U32_D(i+1); \
- ADD_S64_U32_D(i+2); \
- ADD_S64_U32_D(i+3); \
- ADD_S64_U32_D(i+4); \
- ADD_S64_U32_D(i+5); \
- ADD_S64_U32_D(i+6); \
- ADD_S64_U32_D(i+7)
-
-/***************************************************************/
-
-t_u32 mul_add(t_u32 *z, t_u32 *x, t_u32 *y, int n, t_u32 a)
-{
- if (a < (1 << A_BITS)) {
-
- if (n == 8) {
- DEF_VARS(8);
- t_s32 c = 0;
-
- MUL_U32_S64_8(0);
- ADD_S64_U32_8(0);
-
- return c;
-
- } else if (n == 16) {
- DEF_VARS(16);
- t_s32 c = 0;
-
- MUL_U32_S64_8(0);
- MUL_U32_S64_8(4);
- ADD_S64_U32_8(0);
- ADD_S64_U32_8(8);
-
- return c;
-
- } else {
- DEF_VARS(BUFF_SIZE);
- t_s32 i, c = 0;
-
-#pragma pipeloop(0)
- for (i = 0; i < (n+1)/2; i ++) {
- MUL_U32_S64_2(i);
- }
-
-#pragma pipeloop(0)
- for (i = 0; i < n; i ++) {
- ADD_S64_U32(i);
- }
-
- return c;
-
- }
- } else {
-
- if (n == 8) {
- DEF_VARS(2*8);
- t_d64 d0, d1, db;
- t_u32 uc = 0;
-
- da = (t_d64)(a & A_MASK);
- db = (t_d64)(a >> A_BITS);
-
- MUL_U32_S64_D_8(0);
- ADD_S64_U32_D_8(0);
-
- return uc;
-
- } else if (n == 16) {
- DEF_VARS(2*16);
- t_d64 d0, d1, db;
- t_u32 uc = 0;
-
- da = (t_d64)(a & A_MASK);
- db = (t_d64)(a >> A_BITS);
-
- MUL_U32_S64_D_8(0);
- MUL_U32_S64_D_8(4);
- ADD_S64_U32_D_8(0);
- ADD_S64_U32_D_8(8);
-
- return uc;
-
- } else {
- DEF_VARS(2*BUFF_SIZE);
- t_d64 d0, d1, db;
- t_u32 i, uc = 0;
-
- da = (t_d64)(a & A_MASK);
- db = (t_d64)(a >> A_BITS);
-
-#pragma pipeloop(0)
- for (i = 0; i < (n+1)/2; i ++) {
- MUL_U32_S64_2_D(i);
- }
-
-#pragma pipeloop(0)
- for (i = 0; i < n; i ++) {
- ADD_S64_U32_D(i);
- }
-
- return uc;
- }
- }
-}
-
-/***************************************************************/
-
-t_u32 mul_add_inp(t_u32 *x, t_u32 *y, int n, t_u32 a)
-{
- return mul_add(x, x, y, n, a);
-}
-
-/***************************************************************/
diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv8.s b/security/nss/lib/freebl/mpi/mpv_sparcv8.s
deleted file mode 100644
index 458068980..000000000
--- a/security/nss/lib/freebl/mpi/mpv_sparcv8.s
+++ /dev/null
@@ -1,1651 +0,0 @@
-!/*
-! * The contents of this file are subject to the Mozilla Public
-! * License Version 1.1 (the "License"); you may not use this file
-! * except in compliance with the License. You may obtain a copy of
-! * the License at http://www.mozilla.org/MPL/
-! *
-! * Software distributed under the License is distributed on an "AS
-! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! * implied. See the License for the specific language governing
-! * rights and limitations under the License.
-! *
-! * The Original Code is a SPARC/VIS optimized multiply and add function
-! *
-! * The Initial Developer of the Original Code is Sun Microsystems Inc.
-! * Portions created by Sun Microsystems Inc. are
-! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-! *
-! * Contributor(s):
-! *
-! * Alternatively, the contents of this file may be used under the
-! * terms of the GNU General Public License Version 2 or later (the
-! * "GPL"), in which case the provisions of the GPL are applicable
-! * instead of those above. If you wish to allow use of your
-! * version of this file only under the terms of the GPL and not to
-! * allow others to use your version of this file under the MPL,
-! * indicate your decision by deleting the provisions above and
-! * replace them with the notice and other provisions required by
-! * the GPL. If you do not delete the provisions above, a recipient
-! * may use your version of this file under either the MPL or the
-! * GPL.
-! * $Id$
-! */
-
-
- .section ".text",#alloc,#execinstr
-/* 000000 3 ( 0 0) */ .file "mpv_sparc.c"
-/* 000000 14 ( 0 0) */ .align 8
-!
-! SUBROUTINE .L_const_seg_900000106
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .L_const_seg_900000106: /* frequency 1.0 confidence 0.0 */
-/* 000000 19 ( 0 0) */ .word 1127219200,0
-/* 0x0008 20 ( 0 0) */ .word 1105199103,-4194304
-/* 0x0010 21 ( 0 0) */ .align 16
-/* 0x0010 27 ( 0 0) */ .global mul_add
-
-!
-! ENTRY mul_add
-!
-
- .global mul_add
- mul_add: /* frequency 1.0 confidence 0.0 */
-/* 0x0010 29 ( 0 1) */ sethi %hi(0x1800),%g1
-/* 0x0014 30 ( 0 1) */ sethi %hi(mask_cnst),%g2
-/* 0x0018 31 ( 1 2) */ xor %g1,-984,%g1
-/* 0x001c 32 ( 1 2) */ add %g2,%lo(mask_cnst),%g2
-/* 0x0020 33 ( 2 4) */ save %sp,%g1,%sp
-
-!
-! ENTRY .L900000154
-!
-
- .L900000154: /* frequency 1.0 confidence 0.0 */
-/* 0x0024 35 ( 0 2) */ call (.+0x8) ! params = ! Result =
-/* 0x0028 ( 1 2) */ sethi %hi((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5
-/* 0x002c 177 ( 2 3) */ sethi %hi(.L_const_seg_900000106),%g3
-/* 0x0030 178 ( 2 3) */ add %g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000154-.))),%g5
-/* 0x0034 179 ( 3 4) */ or %g0,%i4,%o1
-/* 0x0038 180 ( 3 4) */ st %o1,[%fp+84]
-/* 0x003c 181 ( 3 4) */ add %g5,%o7,%o3
-/* 0x0040 182 ( 4 5) */ add %g3,%lo(.L_const_seg_900000106),%g3
-/* 0x0044 183 ( 4 6) */ ld [%o3+%g2],%g2
-/* 0x0048 184 ( 4 5) */ or %g0,%i3,%o2
-/* 0x004c 185 ( 5 6) */ sethi %hi(0x80000),%g4
-/* 0x0050 186 ( 5 7) */ ld [%o3+%g3],%o0
-/* 0x0054 187 ( 5 6) */ or %g0,%i2,%g5
-/* 0x0058 188 ( 6 7) */ or %g0,%o2,%o3
-/* 0x005c 189 ( 6 10) */ ldd [%g2],%f0
-/* 0x0060 190 ( 6 7) */ subcc %o1,%g4,%g0
-/* 0x0064 191 ( 6 7) */ bcc,pn %icc,.L77000048 ! tprob=0.50
-/* 0x0068 ( 7 8) */ subcc %o2,8,%g0
-/* 0x006c 193 ( 7 8) */ bne,pn %icc,.L77000037 ! tprob=0.50
-/* 0x0070 ( 8 12) */ ldd [%o0],%f8
-/* 0x0074 195 ( 9 13) */ ldd [%g5],%f4
-/* 0x0078 196 (10 14) */ ldd [%g5+8],%f6
-/* 0x007c 197 (11 15) */ ldd [%g5+16],%f10
-/* 0x0080 198 (11 14) */ fmovs %f8,%f12
-/* 0x0084 199 (12 16) */ fxnor %f0,%f4,%f4
-/* 0x0088 200 (12 14) */ ld [%fp+84],%f13
-/* 0x008c 201 (13 17) */ ldd [%o0+8],%f14
-/* 0x0090 202 (13 17) */ fxnor %f0,%f6,%f6
-/* 0x0094 203 (14 18) */ ldd [%g5+24],%f16
-/* 0x0098 204 (14 18) */ fxnor %f0,%f10,%f10
-/* 0x009c 208 (15 17) */ ld [%i1],%g2
-/* 0x00a0 209 (15 20) */ fsubd %f12,%f8,%f8
-/* 0x00a4 210 (16 21) */ fitod %f4,%f18
-/* 0x00a8 211 (16 18) */ ld [%i1+4],%g3
-/* 0x00ac 212 (17 22) */ fitod %f5,%f4
-/* 0x00b0 213 (17 19) */ ld [%i1+8],%g4
-/* 0x00b4 214 (18 23) */ fitod %f6,%f20
-/* 0x00b8 215 (18 20) */ ld [%i1+12],%g5
-/* 0x00bc 216 (19 21) */ ld [%i1+16],%o0
-/* 0x00c0 217 (19 24) */ fitod %f7,%f6
-/* 0x00c4 218 (20 22) */ ld [%i1+20],%o1
-/* 0x00c8 219 (20 24) */ fxnor %f0,%f16,%f16
-/* 0x00cc 220 (21 26) */ fsubd %f14,%f18,%f12
-/* 0x00d0 221 (21 23) */ ld [%i1+24],%o2
-/* 0x00d4 222 (22 27) */ fsubd %f14,%f4,%f4
-/* 0x00d8 223 (22 24) */ ld [%i1+28],%o3
-/* 0x00dc 224 (23 28) */ fitod %f10,%f18
-/* 0x00e0 225 (24 29) */ fsubd %f14,%f20,%f20
-/* 0x00e4 226 (25 30) */ fitod %f11,%f10
-/* 0x00e8 227 (26 31) */ fsubd %f14,%f6,%f6
-/* 0x00ec 228 (26 31) */ fmuld %f12,%f8,%f12
-/* 0x00f0 229 (27 32) */ fitod %f16,%f22
-/* 0x00f4 230 (27 32) */ fmuld %f4,%f8,%f4
-/* 0x00f8 231 (28 33) */ fsubd %f14,%f18,%f18
-/* 0x00fc 232 (29 34) */ fitod %f17,%f16
-/* 0x0100 233 (29 34) */ fmuld %f20,%f8,%f20
-/* 0x0104 234 (30 35) */ fsubd %f14,%f10,%f10
-/* 0x0108 235 (31 36) */ fdtox %f12,%f12
-/* 0x010c 236 (31 32) */ std %f12,[%sp+152]
-/* 0x0110 237 (31 36) */ fmuld %f6,%f8,%f6
-/* 0x0114 238 (32 37) */ fdtox %f4,%f4
-/* 0x0118 239 (32 33) */ std %f4,[%sp+144]
-/* 0x011c 240 (33 38) */ fsubd %f14,%f22,%f4
-/* 0x0120 241 (33 38) */ fmuld %f18,%f8,%f12
-/* 0x0124 242 (34 39) */ fdtox %f20,%f18
-/* 0x0128 243 (34 35) */ std %f18,[%sp+136]
-/* 0x012c 244 (35 37) */ ldx [%sp+152],%o4
-/* 0x0130 245 (35 40) */ fsubd %f14,%f16,%f14
-/* 0x0134 246 (35 40) */ fmuld %f10,%f8,%f10
-/* 0x0138 247 (36 41) */ fdtox %f6,%f6
-/* 0x013c 248 (36 37) */ std %f6,[%sp+128]
-/* 0x0140 249 (37 39) */ ldx [%sp+144],%o5
-/* 0x0144 250 (37 38) */ add %o4,%g2,%o4
-/* 0x0148 251 (38 39) */ st %o4,[%i0]
-/* 0x014c 252 (38 39) */ srax %o4,32,%g2
-/* 0x0150 253 (38 43) */ fdtox %f12,%f6
-/* 0x0154 254 (38 43) */ fmuld %f4,%f8,%f4
-/* 0x0158 255 (39 40) */ std %f6,[%sp+120]
-/* 0x015c 256 (39 40) */ add %o5,%g3,%g3
-/* 0x0160 257 (40 42) */ ldx [%sp+136],%o7
-/* 0x0164 258 (40 41) */ add %g3,%g2,%g2
-/* 0x0168 259 (40 45) */ fmuld %f14,%f8,%f6
-/* 0x016c 260 (40 45) */ fdtox %f10,%f8
-/* 0x0170 261 (41 42) */ std %f8,[%sp+112]
-/* 0x0174 262 (41 42) */ srax %g2,32,%o5
-/* 0x0178 263 (42 44) */ ldx [%sp+128],%g3
-/* 0x017c 264 (42 43) */ add %o7,%g4,%g4
-/* 0x0180 265 (43 44) */ st %g2,[%i0+4]
-/* 0x0184 266 (43 44) */ add %g4,%o5,%g4
-/* 0x0188 267 (43 48) */ fdtox %f4,%f4
-/* 0x018c 268 (44 46) */ ldx [%sp+120],%o5
-/* 0x0190 269 (44 45) */ add %g3,%g5,%g3
-/* 0x0194 270 (44 45) */ srax %g4,32,%g5
-/* 0x0198 271 (45 46) */ std %f4,[%sp+104]
-/* 0x019c 272 (45 46) */ add %g3,%g5,%g3
-/* 0x01a0 273 (45 50) */ fdtox %f6,%f4
-/* 0x01a4 274 (46 47) */ std %f4,[%sp+96]
-/* 0x01a8 275 (46 47) */ add %o5,%o0,%o0
-/* 0x01ac 276 (46 47) */ srax %g3,32,%o5
-/* 0x01b0 277 (47 49) */ ldx [%sp+112],%g5
-/* 0x01b4 278 (47 48) */ add %o0,%o5,%o0
-/* 0x01b8 279 (48 49) */ st %g4,[%i0+8]
-/* 0x01bc 280 (49 51) */ ldx [%sp+104],%o5
-/* 0x01c0 281 (49 50) */ add %g5,%o1,%o1
-/* 0x01c4 282 (49 50) */ srax %o0,32,%g5
-/* 0x01c8 283 (50 51) */ st %o0,[%i0+16]
-/* 0x01cc 284 (50 51) */ add %o1,%g5,%o1
-/* 0x01d0 285 (51 53) */ ldx [%sp+96],%g5
-/* 0x01d4 286 (51 52) */ add %o5,%o2,%o2
-/* 0x01d8 287 (51 52) */ srax %o1,32,%o5
-/* 0x01dc 288 (52 53) */ st %o1,[%i0+20]
-/* 0x01e0 289 (52 53) */ add %o2,%o5,%o2
-/* 0x01e4 290 (53 54) */ st %o2,[%i0+24]
-/* 0x01e8 291 (53 54) */ srax %o2,32,%g4
-/* 0x01ec 292 (53 54) */ add %g5,%o3,%g2
-/* 0x01f0 293 (54 55) */ st %g3,[%i0+12]
-/* 0x01f4 294 (54 55) */ add %g2,%g4,%g2
-/* 0x01f8 295 (55 56) */ st %g2,[%i0+28]
-/* 0x01fc 299 (55 56) */ srax %g2,32,%o7
-/* 0x0200 300 (56 57) */ or %g0,%o7,%i0
-/* 0x0204 (57 64) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0208 (59 61) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000037
-!
-
- .L77000037: /* frequency 1.0 confidence 0.0 */
-/* 0x020c 307 ( 0 1) */ subcc %o2,16,%g0
-/* 0x0210 308 ( 0 1) */ bne,pn %icc,.L77000076 ! tprob=0.50
-/* 0x0214 ( 1 5) */ ldd [%o0],%f8
-/* 0x0218 310 ( 2 6) */ ldd [%g5],%f4
-/* 0x021c 311 ( 3 7) */ ldd [%g5+8],%f6
-/* 0x0220 317 ( 4 8) */ ldd [%o0+8],%f14
-/* 0x0224 318 ( 4 7) */ fmovs %f8,%f12
-/* 0x0228 319 ( 5 7) */ ld [%fp+84],%f13
-/* 0x022c 320 ( 5 9) */ fxnor %f0,%f4,%f4
-/* 0x0230 321 ( 6 10) */ ldd [%g5+16],%f10
-/* 0x0234 322 ( 6 10) */ fxnor %f0,%f6,%f6
-/* 0x0238 323 ( 7 11) */ ldd [%g5+24],%f16
-/* 0x023c 324 ( 8 12) */ ldd [%g5+32],%f20
-/* 0x0240 325 ( 8 13) */ fsubd %f12,%f8,%f8
-/* 0x0244 331 ( 9 11) */ ld [%i1+40],%o7
-/* 0x0248 332 ( 9 14) */ fitod %f4,%f18
-/* 0x024c 333 (10 14) */ ldd [%g5+40],%f22
-/* 0x0250 334 (10 15) */ fitod %f5,%f4
-/* 0x0254 335 (11 12) */ stx %o7,[%sp+96]
-/* 0x0258 336 (11 16) */ fitod %f6,%f24
-/* 0x025c 337 (12 14) */ ld [%i1+44],%o7
-/* 0x0260 338 (12 16) */ fxnor %f0,%f10,%f10
-/* 0x0264 339 (13 17) */ ldd [%g5+48],%f26
-/* 0x0268 340 (13 18) */ fitod %f7,%f6
-/* 0x026c 341 (14 15) */ stx %o7,[%sp+104]
-/* 0x0270 342 (14 19) */ fsubd %f14,%f18,%f18
-/* 0x0274 343 (15 17) */ ld [%i1+48],%o7
-/* 0x0278 344 (15 20) */ fsubd %f14,%f4,%f4
-/* 0x027c 345 (16 18) */ ld [%i1+36],%o5
-/* 0x0280 346 (16 21) */ fitod %f10,%f28
-/* 0x0284 347 (17 18) */ stx %o7,[%sp+112]
-/* 0x0288 348 (17 21) */ fxnor %f0,%f16,%f16
-/* 0x028c 349 (18 20) */ ld [%i1],%g2
-/* 0x0290 350 (18 23) */ fsubd %f14,%f24,%f24
-/* 0x0294 351 (19 20) */ stx %o5,[%sp+120]
-/* 0x0298 352 (19 24) */ fitod %f11,%f10
-/* 0x029c 353 (19 24) */ fmuld %f18,%f8,%f18
-/* 0x02a0 354 (20 22) */ ld [%i1+52],%o5
-/* 0x02a4 355 (20 25) */ fsubd %f14,%f6,%f6
-/* 0x02a8 356 (20 25) */ fmuld %f4,%f8,%f4
-/* 0x02ac 357 (21 26) */ fitod %f16,%f30
-/* 0x02b0 358 (22 26) */ fxnor %f0,%f20,%f20
-/* 0x02b4 359 (22 24) */ ld [%i1+4],%g3
-/* 0x02b8 360 (23 27) */ ldd [%g5+56],%f2
-/* 0x02bc 361 (23 28) */ fsubd %f14,%f28,%f28
-/* 0x02c0 362 (23 28) */ fmuld %f24,%f8,%f24
-/* 0x02c4 363 (24 25) */ stx %o5,[%sp+128]
-/* 0x02c8 364 (24 29) */ fdtox %f18,%f18
-/* 0x02cc 365 (25 26) */ std %f18,[%sp+272]
-/* 0x02d0 366 (25 30) */ fitod %f17,%f16
-/* 0x02d4 367 (25 30) */ fmuld %f6,%f8,%f6
-/* 0x02d8 368 (26 31) */ fsubd %f14,%f10,%f10
-/* 0x02dc 369 (27 32) */ fitod %f20,%f18
-/* 0x02e0 370 (28 33) */ fdtox %f4,%f4
-/* 0x02e4 371 (28 29) */ std %f4,[%sp+264]
-/* 0x02e8 372 (28 33) */ fmuld %f28,%f8,%f28
-/* 0x02ec 373 (29 31) */ ld [%i1+8],%g4
-/* 0x02f0 374 (29 34) */ fsubd %f14,%f30,%f4
-/* 0x02f4 375 (30 34) */ fxnor %f0,%f22,%f22
-/* 0x02f8 376 (30 32) */ ld [%i1+12],%g5
-/* 0x02fc 377 (31 33) */ ld [%i1+16],%o0
-/* 0x0300 378 (31 36) */ fitod %f21,%f20
-/* 0x0304 379 (31 36) */ fmuld %f10,%f8,%f10
-/* 0x0308 380 (32 34) */ ld [%i1+20],%o1
-/* 0x030c 381 (32 37) */ fdtox %f24,%f24
-/* 0x0310 382 (33 34) */ std %f24,[%sp+256]
-/* 0x0314 383 (33 38) */ fsubd %f14,%f16,%f16
-/* 0x0318 384 (34 36) */ ldx [%sp+272],%o7
-/* 0x031c 385 (34 39) */ fdtox %f6,%f6
-/* 0x0320 386 (34 39) */ fmuld %f4,%f8,%f4
-/* 0x0324 387 (35 36) */ std %f6,[%sp+248]
-/* 0x0328 388 (35 40) */ fitod %f22,%f24
-/* 0x032c 389 (36 38) */ ld [%i1+32],%o4
-/* 0x0330 390 (36 41) */ fsubd %f14,%f18,%f6
-/* 0x0334 391 (36 37) */ add %o7,%g2,%g2
-/* 0x0338 392 (37 39) */ ldx [%sp+264],%o7
-/* 0x033c 393 (37 41) */ fxnor %f0,%f26,%f26
-/* 0x0340 394 (37 38) */ srax %g2,32,%o5
-/* 0x0344 395 (38 39) */ st %g2,[%i0]
-/* 0x0348 396 (38 43) */ fitod %f23,%f18
-/* 0x034c 397 (38 43) */ fmuld %f16,%f8,%f16
-/* 0x0350 398 (39 41) */ ldx [%sp+248],%g2
-/* 0x0354 399 (39 44) */ fdtox %f28,%f22
-/* 0x0358 400 (39 40) */ add %o7,%g3,%g3
-/* 0x035c 401 (40 42) */ ldx [%sp+256],%o7
-/* 0x0360 402 (40 45) */ fsubd %f14,%f20,%f20
-/* 0x0364 403 (40 41) */ add %g3,%o5,%g3
-/* 0x0368 404 (41 42) */ std %f22,[%sp+240]
-/* 0x036c 405 (41 46) */ fitod %f26,%f22
-/* 0x0370 406 (41 42) */ srax %g3,32,%o5
-/* 0x0374 407 (41 42) */ add %g2,%g5,%g2
-/* 0x0378 408 (42 43) */ st %g3,[%i0+4]
-/* 0x037c 409 (42 47) */ fdtox %f10,%f10
-/* 0x0380 410 (42 43) */ add %o7,%g4,%g4
-/* 0x0384 411 (42 47) */ fmuld %f6,%f8,%f6
-/* 0x0388 412 (43 44) */ std %f10,[%sp+232]
-/* 0x038c 413 (43 47) */ fxnor %f0,%f2,%f12
-/* 0x0390 414 (43 44) */ add %g4,%o5,%g4
-/* 0x0394 415 (44 45) */ st %g4,[%i0+8]
-/* 0x0398 416 (44 45) */ srax %g4,32,%o5
-/* 0x039c 417 (44 49) */ fsubd %f14,%f24,%f10
-/* 0x03a0 418 (45 47) */ ldx [%sp+240],%o7
-/* 0x03a4 419 (45 50) */ fdtox %f4,%f4
-/* 0x03a8 420 (45 46) */ add %g2,%o5,%g2
-/* 0x03ac 421 (45 50) */ fmuld %f20,%f8,%f20
-/* 0x03b0 422 (46 47) */ std %f4,[%sp+224]
-/* 0x03b4 423 (46 47) */ srax %g2,32,%g5
-/* 0x03b8 424 (46 51) */ fsubd %f14,%f18,%f4
-/* 0x03bc 425 (47 48) */ st %g2,[%i0+12]
-/* 0x03c0 426 (47 52) */ fitod %f27,%f24
-/* 0x03c4 427 (47 48) */ add %o7,%o0,%g3
-/* 0x03c8 428 (48 50) */ ldx [%sp+232],%o5
-/* 0x03cc 429 (48 53) */ fdtox %f16,%f16
-/* 0x03d0 430 (48 49) */ add %g3,%g5,%g2
-/* 0x03d4 431 (49 50) */ std %f16,[%sp+216]
-/* 0x03d8 432 (49 50) */ srax %g2,32,%g4
-/* 0x03dc 433 (49 54) */ fitod %f12,%f18
-/* 0x03e0 434 (49 54) */ fmuld %f10,%f8,%f10
-/* 0x03e4 435 (50 51) */ st %g2,[%i0+16]
-/* 0x03e8 436 (50 55) */ fsubd %f14,%f22,%f16
-/* 0x03ec 437 (50 51) */ add %o5,%o1,%g2
-/* 0x03f0 438 (51 53) */ ld [%i1+24],%o2
-/* 0x03f4 439 (51 56) */ fitod %f13,%f12
-/* 0x03f8 440 (51 52) */ add %g2,%g4,%g2
-/* 0x03fc 441 (51 56) */ fmuld %f4,%f8,%f22
-/* 0x0400 442 (52 54) */ ldx [%sp+224],%g3
-/* 0x0404 443 (52 53) */ srax %g2,32,%g4
-/* 0x0408 444 (52 57) */ fdtox %f6,%f6
-/* 0x040c 445 (53 54) */ std %f6,[%sp+208]
-/* 0x0410 446 (53 58) */ fdtox %f20,%f6
-/* 0x0414 447 (54 55) */ stx %o4,[%sp+136]
-/* 0x0418 448 (54 59) */ fsubd %f14,%f24,%f4
-/* 0x041c 449 (55 56) */ std %f6,[%sp+200]
-/* 0x0420 450 (55 60) */ fsubd %f14,%f18,%f6
-/* 0x0424 451 (55 60) */ fmuld %f16,%f8,%f16
-/* 0x0428 452 (56 57) */ st %g2,[%i0+20]
-/* 0x042c 453 (56 57) */ add %g3,%o2,%g2
-/* 0x0430 454 (56 61) */ fdtox %f10,%f10
-/* 0x0434 455 (57 59) */ ld [%i1+28],%o3
-/* 0x0438 456 (57 58) */ add %g2,%g4,%g2
-/* 0x043c 457 (58 60) */ ldx [%sp+216],%g5
-/* 0x0440 458 (58 59) */ srax %g2,32,%g4
-/* 0x0444 459 (59 60) */ std %f10,[%sp+192]
-/* 0x0448 460 (59 64) */ fsubd %f14,%f12,%f10
-/* 0x044c 461 (59 64) */ fmuld %f4,%f8,%f4
-/* 0x0450 462 (60 61) */ st %g2,[%i0+24]
-/* 0x0454 463 (60 61) */ add %g5,%o3,%g2
-/* 0x0458 464 (60 65) */ fdtox %f22,%f12
-/* 0x045c 465 (60 65) */ fmuld %f6,%f8,%f6
-/* 0x0460 466 (61 63) */ ldx [%sp+136],%o0
-/* 0x0464 467 (61 62) */ add %g2,%g4,%g2
-/* 0x0468 468 (62 64) */ ldx [%sp+208],%g3
-/* 0x046c 469 (62 63) */ srax %g2,32,%g4
-/* 0x0470 470 (63 65) */ ldx [%sp+120],%o1
-/* 0x0474 471 (64 66) */ ldx [%sp+200],%g5
-/* 0x0478 472 (64 65) */ add %g3,%o0,%g3
-/* 0x047c 473 (64 69) */ fdtox %f4,%f4
-/* 0x0480 474 (64 69) */ fmuld %f10,%f8,%f8
-/* 0x0484 475 (65 66) */ std %f12,[%sp+184]
-/* 0x0488 476 (65 66) */ add %g3,%g4,%g3
-/* 0x048c 477 (65 70) */ fdtox %f16,%f12
-/* 0x0490 478 (66 67) */ std %f12,[%sp+176]
-/* 0x0494 479 (66 67) */ srax %g3,32,%o0
-/* 0x0498 480 (66 67) */ add %g5,%o1,%g5
-/* 0x049c 481 (67 69) */ ldx [%sp+192],%o2
-/* 0x04a0 482 (67 68) */ add %g5,%o0,%g5
-/* 0x04a4 483 (68 70) */ ldx [%sp+96],%g4
-/* 0x04a8 484 (68 69) */ srax %g5,32,%o1
-/* 0x04ac 485 (69 71) */ ld [%i1+56],%o4
-/* 0x04b0 486 (70 72) */ ldx [%sp+104],%o0
-/* 0x04b4 487 (70 71) */ add %o2,%g4,%g4
-/* 0x04b8 488 (71 72) */ std %f4,[%sp+168]
-/* 0x04bc 489 (71 72) */ add %g4,%o1,%g4
-/* 0x04c0 490 (71 76) */ fdtox %f6,%f4
-/* 0x04c4 491 (72 74) */ ldx [%sp+184],%o3
-/* 0x04c8 492 (72 73) */ srax %g4,32,%o2
-/* 0x04cc 493 (73 75) */ ldx [%sp+112],%o1
-/* 0x04d0 494 (74 75) */ std %f4,[%sp+160]
-/* 0x04d4 495 (74 75) */ add %o3,%o0,%o0
-/* 0x04d8 496 (74 79) */ fdtox %f8,%f4
-/* 0x04dc 497 (75 77) */ ldx [%sp+176],%o5
-/* 0x04e0 498 (75 76) */ add %o0,%o2,%o0
-/* 0x04e4 499 (76 77) */ stx %o4,[%sp+144]
-/* 0x04e8 500 (77 78) */ st %g2,[%i0+28]
-/* 0x04ec 501 (77 78) */ add %o5,%o1,%g2
-/* 0x04f0 502 (77 78) */ srax %o0,32,%o1
-/* 0x04f4 503 (78 79) */ std %f4,[%sp+152]
-/* 0x04f8 504 (78 79) */ add %g2,%o1,%o1
-/* 0x04fc 505 (79 81) */ ldx [%sp+168],%o7
-/* 0x0500 506 (79 80) */ srax %o1,32,%o3
-/* 0x0504 507 (80 82) */ ldx [%sp+128],%o2
-/* 0x0508 508 (81 83) */ ld [%i1+60],%o4
-/* 0x050c 509 (82 83) */ add %o7,%o2,%o2
-/* 0x0510 510 (83 84) */ add %o2,%o3,%o2
-/* 0x0514 511 (83 85) */ ldx [%sp+144],%o5
-/* 0x0518 512 (84 86) */ ldx [%sp+160],%g2
-/* 0x051c 513 (85 87) */ ldx [%sp+152],%o3
-/* 0x0520 514 (86 87) */ st %g3,[%i0+32]
-/* 0x0524 515 (86 87) */ add %g2,%o5,%g2
-/* 0x0528 516 (86 87) */ srax %o2,32,%o5
-/* 0x052c 517 (87 88) */ st %g5,[%i0+36]
-/* 0x0530 518 (87 88) */ add %g2,%o5,%g2
-/* 0x0534 519 (87 88) */ add %o3,%o4,%g3
-/* 0x0538 520 (88 89) */ st %o0,[%i0+44]
-/* 0x053c 521 (88 89) */ srax %g2,32,%g5
-/* 0x0540 522 (89 90) */ st %o1,[%i0+48]
-/* 0x0544 523 (89 90) */ add %g3,%g5,%g3
-/* 0x0548 524 (90 91) */ st %o2,[%i0+52]
-/* 0x054c 528 (90 91) */ srax %g3,32,%o7
-/* 0x0550 529 (91 92) */ st %g4,[%i0+40]
-/* 0x0554 530 (92 93) */ st %g2,[%i0+56]
-/* 0x0558 531 (93 94) */ st %g3,[%i0+60]
-/* 0x055c 532 (93 94) */ or %g0,%o7,%i0
-/* 0x0560 (94 101) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0564 (96 98) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000076
-!
-
- .L77000076: /* frequency 1.0 confidence 0.0 */
-/* 0x0568 540 ( 0 4) */ ldd [%o0],%f6
-/* 0x056c 546 ( 0 1) */ add %o2,1,%g2
-/* 0x0570 547 ( 0 3) */ fmovd %f0,%f14
-/* 0x0574 548 ( 0 1) */ or %g0,0,%o7
-/* 0x0578 549 ( 1 3) */ ld [%fp+84],%f9
-/* 0x057c 550 ( 1 2) */ srl %g2,31,%g3
-/* 0x0580 551 ( 1 2) */ add %fp,-2264,%o5
-/* 0x0584 552 ( 2 3) */ add %g2,%g3,%g2
-/* 0x0588 553 ( 2 6) */ ldd [%o0+8],%f18
-/* 0x058c 554 ( 2 3) */ add %fp,-2256,%o4
-/* 0x0590 555 ( 3 6) */ fmovs %f6,%f8
-/* 0x0594 556 ( 3 4) */ sra %g2,1,%o1
-/* 0x0598 557 ( 3 4) */ or %g0,0,%g2
-/* 0x059c 558 ( 4 5) */ subcc %o1,0,%g0
-/* 0x05a0 559 ( 4 5) */ sub %o1,1,%o2
-/* 0x05a4 563 ( 5 6) */ add %g5,32,%o0
-/* 0x05a8 564 ( 6 11) */ fsubd %f8,%f6,%f16
-/* 0x05ac 565 ( 6 7) */ ble,pt %icc,.L900000161 ! tprob=0.50
-/* 0x05b0 ( 6 7) */ subcc %o3,0,%g0
-/* 0x05b4 567 ( 7 8) */ subcc %o1,7,%g0
-/* 0x05b8 568 ( 7 8) */ bl,pn %icc,.L77000077 ! tprob=0.50
-/* 0x05bc ( 7 8) */ sub %o1,2,%o1
-/* 0x05c0 570 ( 8 12) */ ldd [%g5],%f2
-/* 0x05c4 571 ( 9 13) */ ldd [%g5+8],%f4
-/* 0x05c8 572 ( 9 10) */ or %g0,5,%g2
-/* 0x05cc 573 (10 14) */ ldd [%g5+16],%f0
-/* 0x05d0 574 (11 15) */ fxnor %f14,%f2,%f2
-/* 0x05d4 575 (11 15) */ ldd [%g5+24],%f12
-/* 0x05d8 576 (12 16) */ fxnor %f14,%f4,%f6
-/* 0x05dc 577 (12 16) */ ldd [%g5+32],%f10
-/* 0x05e0 578 (13 17) */ fxnor %f14,%f0,%f8
-/* 0x05e4 579 (15 20) */ fitod %f3,%f0
-/* 0x05e8 580 (16 21) */ fitod %f2,%f4
-/* 0x05ec 581 (17 22) */ fitod %f7,%f2
-/* 0x05f0 582 (18 23) */ fitod %f6,%f6
-/* 0x05f4 583 (20 25) */ fsubd %f18,%f0,%f0
-/* 0x05f8 584 (21 26) */ fsubd %f18,%f4,%f4
-
-!
-! ENTRY .L900000149
-!
-
- .L900000149: /* frequency 1.0 confidence 0.0 */
-/* 0x05fc 586 ( 0 4) */ fxnor %f14,%f12,%f22
-/* 0x0600 587 ( 0 5) */ fmuld %f4,%f16,%f4
-/* 0x0604 588 ( 0 1) */ add %g2,2,%g2
-/* 0x0608 589 ( 0 1) */ add %o4,32,%o4
-/* 0x060c 590 ( 1 6) */ fitod %f9,%f24
-/* 0x0610 591 ( 1 6) */ fmuld %f0,%f16,%f20
-/* 0x0614 592 ( 1 2) */ add %o0,8,%o0
-/* 0x0618 593 ( 1 2) */ subcc %g2,%o1,%g0
-/* 0x061c 594 ( 2 6) */ ldd [%o0],%f12
-/* 0x0620 595 ( 2 7) */ fsubd %f18,%f2,%f0
-/* 0x0624 596 ( 2 3) */ add %o5,32,%o5
-/* 0x0628 597 ( 3 8) */ fsubd %f18,%f6,%f2
-/* 0x062c 598 ( 5 10) */ fdtox %f4,%f4
-/* 0x0630 599 ( 6 11) */ fdtox %f20,%f6
-/* 0x0634 600 ( 6 7) */ std %f4,[%o5-32]
-/* 0x0638 601 ( 7 12) */ fitod %f8,%f4
-/* 0x063c 602 ( 7 8) */ std %f6,[%o4-32]
-/* 0x0640 603 ( 8 12) */ fxnor %f14,%f10,%f8
-/* 0x0644 604 ( 8 13) */ fmuld %f2,%f16,%f6
-/* 0x0648 605 ( 9 14) */ fitod %f23,%f2
-/* 0x064c 606 ( 9 14) */ fmuld %f0,%f16,%f20
-/* 0x0650 607 ( 9 10) */ add %o0,8,%o0
-/* 0x0654 608 (10 14) */ ldd [%o0],%f10
-/* 0x0658 609 (10 15) */ fsubd %f18,%f24,%f0
-/* 0x065c 610 (12 17) */ fsubd %f18,%f4,%f4
-/* 0x0660 611 (13 18) */ fdtox %f6,%f6
-/* 0x0664 612 (14 19) */ fdtox %f20,%f20
-/* 0x0668 613 (14 15) */ std %f6,[%o5-16]
-/* 0x066c 614 (15 20) */ fitod %f22,%f6
-/* 0x0670 615 (15 16) */ ble,pt %icc,.L900000149 ! tprob=0.50
-/* 0x0674 (15 16) */ std %f20,[%o4-16]
-
-!
-! ENTRY .L900000152
-!
-
- .L900000152: /* frequency 1.0 confidence 0.0 */
-/* 0x0678 618 ( 0 4) */ fxnor %f14,%f12,%f12
-/* 0x067c 619 ( 0 5) */ fmuld %f0,%f16,%f22
-/* 0x0680 620 ( 0 1) */ add %o5,80,%o5
-/* 0x0684 621 ( 0 1) */ add %o4,80,%o4
-/* 0x0688 622 ( 1 5) */ fxnor %f14,%f10,%f0
-/* 0x068c 623 ( 1 6) */ fmuld %f4,%f16,%f24
-/* 0x0690 624 ( 1 2) */ subcc %g2,%o2,%g0
-/* 0x0694 625 ( 1 2) */ add %o0,8,%g5
-/* 0x0698 626 ( 2 7) */ fitod %f8,%f20
-/* 0x069c 627 ( 3 8) */ fitod %f9,%f8
-/* 0x06a0 628 ( 4 9) */ fsubd %f18,%f6,%f6
-/* 0x06a4 629 ( 5 10) */ fitod %f12,%f26
-/* 0x06a8 630 ( 6 11) */ fitod %f13,%f4
-/* 0x06ac 631 ( 7 12) */ fsubd %f18,%f2,%f12
-/* 0x06b0 632 ( 8 13) */ fitod %f0,%f2
-/* 0x06b4 633 ( 9 14) */ fitod %f1,%f0
-/* 0x06b8 634 (10 15) */ fsubd %f18,%f20,%f10
-/* 0x06bc 635 (10 15) */ fmuld %f6,%f16,%f20
-/* 0x06c0 636 (11 16) */ fsubd %f18,%f8,%f8
-/* 0x06c4 637 (12 17) */ fsubd %f18,%f26,%f6
-/* 0x06c8 638 (12 17) */ fmuld %f12,%f16,%f12
-/* 0x06cc 639 (13 18) */ fsubd %f18,%f4,%f4
-/* 0x06d0 640 (14 19) */ fsubd %f18,%f2,%f2
-/* 0x06d4 641 (15 20) */ fsubd %f18,%f0,%f0
-/* 0x06d8 642 (15 20) */ fmuld %f10,%f16,%f10
-/* 0x06dc 643 (16 21) */ fdtox %f24,%f24
-/* 0x06e0 644 (16 17) */ std %f24,[%o5-80]
-/* 0x06e4 645 (16 21) */ fmuld %f8,%f16,%f8
-/* 0x06e8 646 (17 22) */ fdtox %f22,%f22
-/* 0x06ec 647 (17 18) */ std %f22,[%o4-80]
-/* 0x06f0 648 (17 22) */ fmuld %f6,%f16,%f6
-/* 0x06f4 649 (18 23) */ fdtox %f20,%f20
-/* 0x06f8 650 (18 19) */ std %f20,[%o5-64]
-/* 0x06fc 651 (18 23) */ fmuld %f4,%f16,%f4
-/* 0x0700 652 (19 24) */ fdtox %f12,%f12
-/* 0x0704 653 (19 20) */ std %f12,[%o4-64]
-/* 0x0708 654 (19 24) */ fmuld %f2,%f16,%f2
-/* 0x070c 655 (20 25) */ fdtox %f10,%f10
-/* 0x0710 656 (20 21) */ std %f10,[%o5-48]
-/* 0x0714 657 (20 25) */ fmuld %f0,%f16,%f0
-/* 0x0718 658 (21 26) */ fdtox %f8,%f8
-/* 0x071c 659 (21 22) */ std %f8,[%o4-48]
-/* 0x0720 660 (22 27) */ fdtox %f6,%f6
-/* 0x0724 661 (22 23) */ std %f6,[%o5-32]
-/* 0x0728 662 (23 28) */ fdtox %f4,%f4
-/* 0x072c 663 (23 24) */ std %f4,[%o4-32]
-/* 0x0730 664 (24 29) */ fdtox %f2,%f2
-/* 0x0734 665 (24 25) */ std %f2,[%o5-16]
-/* 0x0738 666 (25 30) */ fdtox %f0,%f0
-/* 0x073c 667 (25 26) */ bg,pn %icc,.L77000043 ! tprob=0.50
-/* 0x0740 (25 26) */ std %f0,[%o4-16]
-
-!
-! ENTRY .L77000077
-!
-
- .L77000077: /* frequency 1.0 confidence 0.0 */
-/* 0x0744 670 ( 0 4) */ ldd [%g5],%f0
-
-!
-! ENTRY .L900000160
-!
-
- .L900000160: /* frequency 1.0 confidence 0.0 */
-/* 0x0748 672 ( 0 4) */ fxnor %f14,%f0,%f0
-/* 0x074c 673 ( 0 1) */ add %g2,1,%g2
-/* 0x0750 674 ( 0 1) */ add %g5,8,%g5
-/* 0x0754 675 ( 1 2) */ subcc %g2,%o2,%g0
-/* 0x0758 676 ( 4 9) */ fitod %f0,%f2
-/* 0x075c 677 ( 5 10) */ fitod %f1,%f0
-/* 0x0760 678 ( 9 14) */ fsubd %f18,%f2,%f2
-/* 0x0764 679 (10 15) */ fsubd %f18,%f0,%f0
-/* 0x0768 680 (14 19) */ fmuld %f2,%f16,%f2
-/* 0x076c 681 (15 20) */ fmuld %f0,%f16,%f0
-/* 0x0770 682 (19 24) */ fdtox %f2,%f2
-/* 0x0774 683 (19 20) */ std %f2,[%o5]
-/* 0x0778 684 (19 20) */ add %o5,16,%o5
-/* 0x077c 685 (20 25) */ fdtox %f0,%f0
-/* 0x0780 686 (20 21) */ std %f0,[%o4]
-/* 0x0784 687 (20 21) */ add %o4,16,%o4
-/* 0x0788 688 (20 21) */ ble,a,pt %icc,.L900000160 ! tprob=0.50
-/* 0x078c (23 27) */ ldd [%g5],%f0
-
-!
-! ENTRY .L77000043
-!
-
- .L77000043: /* frequency 1.0 confidence 0.0 */
-/* 0x0790 696 ( 0 1) */ subcc %o3,0,%g0
-
-!
-! ENTRY .L900000161
-!
-
- .L900000161: /* frequency 1.0 confidence 0.0 */
-/* 0x0794 698 ( 0 1) */ ble,a,pt %icc,.L900000159 ! tprob=0.50
-/* 0x0798 ( 0 1) */ or %g0,%o7,%i0
-/* 0x079c 703 ( 0 2) */ ldx [%fp-2256],%o2
-/* 0x07a0 704 ( 0 1) */ or %g0,%i1,%g3
-/* 0x07a4 705 ( 1 2) */ sub %o3,1,%o5
-/* 0x07a8 706 ( 1 2) */ or %g0,0,%g4
-/* 0x07ac 707 ( 2 3) */ add %fp,-2264,%g5
-/* 0x07b0 708 ( 2 3) */ or %g0,%i0,%g2
-/* 0x07b4 709 ( 3 4) */ subcc %o3,6,%g0
-/* 0x07b8 710 ( 3 4) */ sub %o5,2,%o4
-/* 0x07bc 711 ( 3 4) */ bl,pn %icc,.L77000078 ! tprob=0.50
-/* 0x07c0 ( 3 5) */ ldx [%fp-2264],%o0
-/* 0x07c4 713 ( 4 6) */ ld [%g3],%o1
-/* 0x07c8 714 ( 4 5) */ add %g2,4,%g2
-/* 0x07cc 715 ( 4 5) */ or %g0,3,%g4
-/* 0x07d0 716 ( 5 7) */ ld [%g3+4],%o3
-/* 0x07d4 717 ( 5 6) */ add %g3,8,%g3
-/* 0x07d8 718 ( 5 6) */ add %fp,-2240,%g5
-/* 0x07dc 719 ( 6 7) */ add %o0,%o1,%o0
-/* 0x07e0 720 ( 6 8) */ ldx [%fp-2248],%o1
-/* 0x07e4 721 ( 7 8) */ st %o0,[%g2-4]
-/* 0x07e8 722 ( 7 8) */ srax %o0,32,%o0
-
-!
-! ENTRY .L900000145
-!
-
- .L900000145: /* frequency 1.0 confidence 0.0 */
-/* 0x07ec 724 ( 0 2) */ ld [%g3],%o7
-/* 0x07f0 725 ( 0 1) */ add %o2,%o3,%o2
-/* 0x07f4 726 ( 0 1) */ sra %o0,0,%o3
-/* 0x07f8 727 ( 1 3) */ ldx [%g5],%o0
-/* 0x07fc 728 ( 1 2) */ add %o2,%o3,%o2
-/* 0x0800 729 ( 1 2) */ add %g4,3,%g4
-/* 0x0804 730 ( 2 3) */ st %o2,[%g2]
-/* 0x0808 731 ( 2 3) */ srax %o2,32,%o3
-/* 0x080c 732 ( 2 3) */ subcc %g4,%o4,%g0
-/* 0x0810 733 ( 3 5) */ ld [%g3+4],%o2
-/* 0x0814 734 ( 4 5) */ stx %o2,[%sp+96]
-/* 0x0818 735 ( 4 5) */ add %o1,%o7,%o1
-/* 0x081c 736 ( 5 7) */ ldx [%g5+8],%o2
-/* 0x0820 737 ( 5 6) */ add %o1,%o3,%o1
-/* 0x0824 738 ( 5 6) */ add %g2,12,%g2
-/* 0x0828 739 ( 6 7) */ st %o1,[%g2-8]
-/* 0x082c 740 ( 6 7) */ srax %o1,32,%o7
-/* 0x0830 741 ( 6 7) */ add %g3,12,%g3
-/* 0x0834 742 ( 7 9) */ ld [%g3-4],%o3
-/* 0x0838 743 ( 8 10) */ ldx [%sp+96],%o1
-/* 0x083c 744 (10 11) */ add %o0,%o1,%o0
-/* 0x0840 745 (10 12) */ ldx [%g5+16],%o1
-/* 0x0844 746 (11 12) */ add %o0,%o7,%o0
-/* 0x0848 747 (11 12) */ add %g5,24,%g5
-/* 0x084c 748 (11 12) */ st %o0,[%g2-4]
-/* 0x0850 749 (11 12) */ ble,pt %icc,.L900000145 ! tprob=0.50
-/* 0x0854 (12 13) */ srax %o0,32,%o0
-
-!
-! ENTRY .L900000148
-!
-
- .L900000148: /* frequency 1.0 confidence 0.0 */
-/* 0x0858 752 ( 0 1) */ add %o2,%o3,%o2
-/* 0x085c 753 ( 0 1) */ sra %o0,0,%o3
-/* 0x0860 754 ( 0 2) */ ld [%g3],%o0
-/* 0x0864 755 ( 1 2) */ add %o2,%o3,%o3
-/* 0x0868 756 ( 1 2) */ add %g2,8,%g2
-/* 0x086c 757 ( 2 3) */ srax %o3,32,%o2
-/* 0x0870 758 ( 2 3) */ st %o3,[%g2-8]
-/* 0x0874 759 ( 2 3) */ add %o1,%o0,%o0
-/* 0x0878 760 ( 3 4) */ add %o0,%o2,%o0
-/* 0x087c 761 ( 3 4) */ st %o0,[%g2-4]
-/* 0x0880 762 ( 3 4) */ subcc %g4,%o5,%g0
-/* 0x0884 763 ( 3 4) */ bg,pn %icc,.L77000061 ! tprob=0.50
-/* 0x0888 ( 4 5) */ srax %o0,32,%o7
-/* 0x088c 765 ( 4 5) */ add %g3,4,%g3
-
-!
-! ENTRY .L77000078
-!
-
- .L77000078: /* frequency 1.0 confidence 0.0 */
-/* 0x0890 767 ( 0 2) */ ld [%g3],%o2
-
-!
-! ENTRY .L900000158
-!
-
- .L900000158: /* frequency 1.0 confidence 0.0 */
-/* 0x0894 769 ( 0 2) */ ldx [%g5],%o0
-/* 0x0898 770 ( 0 1) */ sra %o7,0,%o1
-/* 0x089c 771 ( 0 1) */ add %g4,1,%g4
-/* 0x08a0 772 ( 1 2) */ add %g3,4,%g3
-/* 0x08a4 773 ( 1 2) */ add %g5,8,%g5
-/* 0x08a8 774 ( 2 3) */ add %o0,%o2,%o0
-/* 0x08ac 775 ( 2 3) */ subcc %g4,%o5,%g0
-/* 0x08b0 776 ( 3 4) */ add %o0,%o1,%o0
-/* 0x08b4 777 ( 3 4) */ st %o0,[%g2]
-/* 0x08b8 778 ( 3 4) */ add %g2,4,%g2
-/* 0x08bc 779 ( 4 5) */ srax %o0,32,%o7
-/* 0x08c0 780 ( 4 5) */ ble,a,pt %icc,.L900000158 ! tprob=0.50
-/* 0x08c4 ( 4 6) */ ld [%g3],%o2
-
-!
-! ENTRY .L77000047
-!
-
- .L77000047: /* frequency 1.0 confidence 0.0 */
-/* 0x08c8 783 ( 0 1) */ or %g0,%o7,%i0
-/* 0x08cc ( 1 8) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x08d0 ( 3 5) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000048
-!
-
- .L77000048: /* frequency 1.0 confidence 0.0 */
-/* 0x08d4 794 ( 0 1) */ bne,pn %icc,.L77000050 ! tprob=0.50
-/* 0x08d8 ( 0 1) */ sethi %hi(0xfff80000),%g2
-/* 0x08dc 796 ( 0 4) */ ldd [%g5],%f4
-/* 0x08e0 804 ( 0 1) */ srl %o1,19,%g3
-/* 0x08e4 805 ( 1 2) */ st %g3,[%sp+240]
-/* 0x08e8 806 ( 1 2) */ andn %o1,%g2,%g2
-/* 0x08ec 807 ( 2 6) */ ldd [%o0],%f8
-/* 0x08f0 808 ( 3 4) */ st %g2,[%sp+244]
-/* 0x08f4 809 ( 3 7) */ fxnor %f0,%f4,%f4
-/* 0x08f8 810 ( 4 8) */ ldd [%g5+8],%f6
-/* 0x08fc 814 ( 5 9) */ ldd [%o0+8],%f18
-/* 0x0900 815 ( 5 8) */ fmovs %f8,%f12
-/* 0x0904 816 ( 6 10) */ ldd [%g5+16],%f10
-/* 0x0908 817 ( 6 9) */ fmovs %f8,%f16
-/* 0x090c 818 ( 7 11) */ ldd [%g5+24],%f20
-/* 0x0910 819 ( 7 12) */ fitod %f4,%f14
-/* 0x0914 823 ( 8 10) */ ld [%i1],%g2
-/* 0x0918 824 ( 8 13) */ fitod %f5,%f4
-/* 0x091c 825 ( 9 11) */ ld [%sp+240],%f13
-/* 0x0920 826 ( 9 13) */ fxnor %f0,%f6,%f6
-/* 0x0924 827 (10 12) */ ld [%sp+244],%f17
-/* 0x0928 828 (10 14) */ fxnor %f0,%f10,%f10
-/* 0x092c 829 (11 13) */ ld [%i1+28],%o3
-/* 0x0930 830 (11 15) */ fxnor %f0,%f20,%f20
-/* 0x0934 831 (12 14) */ ld [%i1+4],%g3
-/* 0x0938 832 (12 17) */ fsubd %f12,%f8,%f12
-/* 0x093c 833 (13 14) */ stx %o3,[%sp+96]
-/* 0x0940 834 (13 18) */ fsubd %f18,%f14,%f14
-/* 0x0944 835 (14 16) */ ld [%i1+8],%g4
-/* 0x0948 836 (14 19) */ fsubd %f16,%f8,%f8
-/* 0x094c 837 (15 17) */ ld [%i1+12],%g5
-/* 0x0950 838 (15 20) */ fsubd %f18,%f4,%f4
-/* 0x0954 839 (16 18) */ ld [%i1+16],%o0
-/* 0x0958 840 (16 21) */ fitod %f6,%f22
-/* 0x095c 841 (17 19) */ ld [%i1+20],%o1
-/* 0x0960 842 (17 22) */ fitod %f7,%f6
-/* 0x0964 843 (18 20) */ ld [%i1+24],%o2
-/* 0x0968 844 (18 23) */ fitod %f10,%f16
-/* 0x096c 845 (18 23) */ fmuld %f14,%f12,%f24
-/* 0x0970 846 (19 24) */ fitod %f20,%f28
-/* 0x0974 847 (19 24) */ fmuld %f14,%f8,%f14
-/* 0x0978 848 (20 25) */ fitod %f11,%f10
-/* 0x097c 849 (20 25) */ fmuld %f4,%f12,%f26
-/* 0x0980 850 (21 26) */ fsubd %f18,%f22,%f22
-/* 0x0984 851 (21 26) */ fmuld %f4,%f8,%f4
-/* 0x0988 852 (22 27) */ fsubd %f18,%f6,%f6
-/* 0x098c 853 (23 28) */ fdtox %f24,%f24
-/* 0x0990 854 (23 24) */ std %f24,[%sp+224]
-/* 0x0994 855 (24 29) */ fdtox %f14,%f14
-/* 0x0998 856 (24 25) */ std %f14,[%sp+232]
-/* 0x099c 857 (25 30) */ fdtox %f26,%f14
-/* 0x09a0 858 (25 26) */ std %f14,[%sp+208]
-/* 0x09a4 859 (26 28) */ ldx [%sp+224],%o4
-/* 0x09a8 860 (26 31) */ fitod %f21,%f20
-/* 0x09ac 861 (26 31) */ fmuld %f22,%f12,%f30
-/* 0x09b0 862 (27 29) */ ldx [%sp+232],%o5
-/* 0x09b4 863 (27 32) */ fsubd %f18,%f16,%f16
-/* 0x09b8 864 (27 32) */ fmuld %f22,%f8,%f22
-/* 0x09bc 865 (28 29) */ sllx %o4,19,%o4
-/* 0x09c0 866 (28 33) */ fdtox %f4,%f4
-/* 0x09c4 867 (28 29) */ std %f4,[%sp+216]
-/* 0x09c8 868 (28 33) */ fmuld %f6,%f12,%f24
-/* 0x09cc 869 (29 34) */ fsubd %f18,%f28,%f26
-/* 0x09d0 870 (29 30) */ add %o5,%o4,%o4
-/* 0x09d4 871 (29 34) */ fmuld %f6,%f8,%f6
-/* 0x09d8 872 (30 35) */ fsubd %f18,%f10,%f10
-/* 0x09dc 873 (30 31) */ add %o4,%g2,%g2
-/* 0x09e0 874 (30 31) */ st %g2,[%i0]
-/* 0x09e4 875 (31 33) */ ldx [%sp+208],%o7
-/* 0x09e8 876 (31 32) */ srlx %g2,32,%o5
-/* 0x09ec 877 (31 36) */ fsubd %f18,%f20,%f18
-/* 0x09f0 878 (32 37) */ fdtox %f30,%f28
-/* 0x09f4 879 (32 33) */ std %f28,[%sp+192]
-/* 0x09f8 880 (32 37) */ fmuld %f16,%f12,%f14
-/* 0x09fc 881 (33 34) */ sllx %o7,19,%o4
-/* 0x0a00 882 (33 35) */ ldx [%sp+216],%o7
-/* 0x0a04 883 (33 38) */ fdtox %f22,%f20
-/* 0x0a08 884 (33 38) */ fmuld %f16,%f8,%f16
-/* 0x0a0c 885 (34 35) */ std %f20,[%sp+200]
-/* 0x0a10 886 (34 39) */ fdtox %f24,%f20
-/* 0x0a14 887 (34 39) */ fmuld %f26,%f12,%f22
-/* 0x0a18 888 (35 36) */ std %f20,[%sp+176]
-/* 0x0a1c 889 (35 36) */ add %o7,%o4,%o4
-/* 0x0a20 890 (35 40) */ fdtox %f6,%f6
-/* 0x0a24 891 (35 40) */ fmuld %f10,%f12,%f4
-/* 0x0a28 892 (36 38) */ ldx [%sp+192],%o3
-/* 0x0a2c 893 (36 37) */ add %o4,%g3,%g3
-/* 0x0a30 894 (36 41) */ fmuld %f10,%f8,%f10
-/* 0x0a34 895 (37 38) */ std %f6,[%sp+184]
-/* 0x0a38 896 (37 38) */ add %g3,%o5,%g3
-/* 0x0a3c 897 (37 42) */ fdtox %f14,%f6
-/* 0x0a40 898 (37 42) */ fmuld %f26,%f8,%f20
-/* 0x0a44 899 (38 40) */ ldx [%sp+200],%o4
-/* 0x0a48 900 (38 39) */ sllx %o3,19,%o3
-/* 0x0a4c 901 (38 39) */ srlx %g3,32,%o5
-/* 0x0a50 902 (38 43) */ fdtox %f16,%f14
-/* 0x0a54 903 (39 40) */ std %f6,[%sp+160]
-/* 0x0a58 904 (39 44) */ fmuld %f18,%f12,%f12
-/* 0x0a5c 905 (40 42) */ ldx [%sp+176],%o7
-/* 0x0a60 906 (40 41) */ add %o4,%o3,%o3
-/* 0x0a64 907 (40 45) */ fdtox %f4,%f16
-/* 0x0a68 908 (40 45) */ fmuld %f18,%f8,%f18
-/* 0x0a6c 909 (41 42) */ std %f14,[%sp+168]
-/* 0x0a70 910 (41 42) */ add %o3,%g4,%g4
-/* 0x0a74 911 (41 46) */ fdtox %f10,%f4
-/* 0x0a78 912 (42 44) */ ldx [%sp+184],%o3
-/* 0x0a7c 913 (42 43) */ sllx %o7,19,%o4
-/* 0x0a80 914 (42 43) */ add %g4,%o5,%g4
-/* 0x0a84 915 (42 47) */ fdtox %f22,%f14
-/* 0x0a88 916 (43 44) */ std %f16,[%sp+144]
-/* 0x0a8c 917 (43 44) */ srlx %g4,32,%o5
-/* 0x0a90 918 (43 48) */ fdtox %f20,%f6
-/* 0x0a94 919 (44 46) */ ldx [%sp+160],%o7
-/* 0x0a98 920 (44 45) */ add %o3,%o4,%o3
-/* 0x0a9c 921 (44 49) */ fdtox %f12,%f16
-/* 0x0aa0 922 (45 46) */ std %f4,[%sp+152]
-/* 0x0aa4 923 (45 46) */ add %o3,%g5,%g5
-/* 0x0aa8 924 (45 50) */ fdtox %f18,%f8
-/* 0x0aac 925 (46 48) */ ldx [%sp+168],%o3
-/* 0x0ab0 926 (46 47) */ sllx %o7,19,%o4
-/* 0x0ab4 927 (46 47) */ add %g5,%o5,%g5
-/* 0x0ab8 928 (47 48) */ std %f14,[%sp+128]
-/* 0x0abc 929 (47 48) */ srlx %g5,32,%o5
-/* 0x0ac0 930 (48 49) */ std %f6,[%sp+136]
-/* 0x0ac4 931 (48 49) */ add %o3,%o4,%o3
-/* 0x0ac8 932 (49 50) */ std %f16,[%sp+112]
-/* 0x0acc 933 (49 50) */ add %o3,%o0,%o0
-/* 0x0ad0 934 (50 52) */ ldx [%sp+144],%o7
-/* 0x0ad4 935 (50 51) */ add %o0,%o5,%o0
-/* 0x0ad8 936 (51 53) */ ldx [%sp+152],%o3
-/* 0x0adc 937 (52 53) */ std %f8,[%sp+120]
-/* 0x0ae0 938 (52 53) */ sllx %o7,19,%o4
-/* 0x0ae4 939 (52 53) */ srlx %o0,32,%o7
-/* 0x0ae8 940 (53 54) */ stx %o0,[%sp+104]
-/* 0x0aec 941 (53 54) */ add %o3,%o4,%o3
-/* 0x0af0 942 (54 56) */ ldx [%sp+128],%o5
-/* 0x0af4 943 (54 55) */ add %o3,%o1,%o1
-/* 0x0af8 944 (55 57) */ ldx [%sp+136],%o0
-/* 0x0afc 945 (55 56) */ add %o1,%o7,%o1
-/* 0x0b00 946 (56 57) */ st %g3,[%i0+4]
-/* 0x0b04 947 (56 57) */ sllx %o5,19,%o3
-/* 0x0b08 948 (57 59) */ ldx [%sp+112],%o4
-/* 0x0b0c 949 (57 58) */ add %o0,%o3,%o3
-/* 0x0b10 950 (58 60) */ ldx [%sp+120],%o0
-/* 0x0b14 951 (58 59) */ add %o3,%o2,%o2
-/* 0x0b18 952 (58 59) */ srlx %o1,32,%o3
-/* 0x0b1c 953 (59 60) */ st %o1,[%i0+20]
-/* 0x0b20 954 (59 60) */ sllx %o4,19,%g2
-/* 0x0b24 955 (59 60) */ add %o2,%o3,%o2
-/* 0x0b28 956 (60 62) */ ldx [%sp+96],%o4
-/* 0x0b2c 957 (60 61) */ srlx %o2,32,%g3
-/* 0x0b30 958 (60 61) */ add %o0,%g2,%g2
-/* 0x0b34 959 (61 63) */ ldx [%sp+104],%o0
-/* 0x0b38 960 (62 63) */ st %o2,[%i0+24]
-/* 0x0b3c 961 (62 63) */ add %g2,%o4,%g2
-/* 0x0b40 962 (63 64) */ st %o0,[%i0+16]
-/* 0x0b44 963 (63 64) */ add %g2,%g3,%g2
-/* 0x0b48 964 (64 65) */ st %g4,[%i0+8]
-/* 0x0b4c 968 (64 65) */ srlx %g2,32,%o7
-/* 0x0b50 969 (65 66) */ st %g5,[%i0+12]
-/* 0x0b54 970 (66 67) */ st %g2,[%i0+28]
-/* 0x0b58 971 (66 67) */ or %g0,%o7,%i0
-/* 0x0b5c (67 74) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0b60 (69 71) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000050
-!
-
- .L77000050: /* frequency 1.0 confidence 0.0 */
-/* 0x0b64 978 ( 0 1) */ subcc %o2,16,%g0
-/* 0x0b68 979 ( 0 1) */ bne,pn %icc,.L77000073 ! tprob=0.50
-/* 0x0b6c ( 0 1) */ sethi %hi(0xfff80000),%g2
-/* 0x0b70 981 ( 1 5) */ ldd [%g5],%f4
-/* 0x0b74 982 ( 2 6) */ ldd [%g5+8],%f6
-/* 0x0b78 989 ( 2 3) */ andn %o1,%g2,%g2
-/* 0x0b7c 993 ( 2 3) */ srl %o1,19,%g3
-/* 0x0b80 994 ( 3 7) */ ldd [%g5+16],%f8
-/* 0x0b84 995 ( 4 8) */ fxnor %f0,%f4,%f4
-/* 0x0b88 996 ( 4 5) */ st %g2,[%sp+356]
-/* 0x0b8c 997 ( 5 9) */ ldd [%o0],%f20
-/* 0x0b90 998 ( 5 9) */ fxnor %f0,%f6,%f6
-/* 0x0b94 999 ( 6 7) */ st %g3,[%sp+352]
-/* 0x0b98 1000 ( 6 10) */ fxnor %f0,%f8,%f8
-/* 0x0b9c 1005 ( 7 11) */ ldd [%o0+8],%f30
-/* 0x0ba0 1006 ( 8 13) */ fitod %f4,%f22
-/* 0x0ba4 1007 ( 8 12) */ ldd [%g5+24],%f10
-/* 0x0ba8 1008 ( 9 12) */ fmovs %f20,%f24
-/* 0x0bac 1009 ( 9 13) */ ldd [%g5+32],%f12
-/* 0x0bb0 1010 (10 15) */ fitod %f5,%f4
-/* 0x0bb4 1011 (10 14) */ ldd [%g5+40],%f14
-/* 0x0bb8 1012 (11 14) */ fmovs %f20,%f26
-/* 0x0bbc 1013 (11 15) */ ldd [%g5+48],%f16
-/* 0x0bc0 1014 (12 14) */ ld [%sp+356],%f25
-/* 0x0bc4 1015 (12 17) */ fitod %f6,%f28
-/* 0x0bc8 1016 (13 15) */ ld [%sp+352],%f27
-/* 0x0bcc 1017 (13 18) */ fitod %f8,%f32
-/* 0x0bd0 1018 (14 19) */ fsubd %f30,%f22,%f22
-/* 0x0bd4 1019 (14 18) */ ldd [%g5+56],%f18
-/* 0x0bd8 1020 (15 20) */ fsubd %f24,%f20,%f24
-/* 0x0bdc 1021 (16 21) */ fsubd %f26,%f20,%f20
-/* 0x0be0 1022 (17 22) */ fsubd %f30,%f4,%f4
-/* 0x0be4 1023 (18 23) */ fsubd %f30,%f28,%f26
-/* 0x0be8 1024 (19 24) */ fitod %f7,%f6
-/* 0x0bec 1025 (20 25) */ fsubd %f30,%f32,%f28
-/* 0x0bf0 1026 (20 25) */ fmuld %f22,%f24,%f32
-/* 0x0bf4 1027 (21 26) */ fmuld %f22,%f20,%f22
-/* 0x0bf8 1028 (21 25) */ fxnor %f0,%f10,%f10
-/* 0x0bfc 1029 (22 27) */ fmuld %f4,%f24,%f44
-/* 0x0c00 1030 (22 27) */ fitod %f9,%f8
-/* 0x0c04 1031 (23 28) */ fmuld %f4,%f20,%f4
-/* 0x0c08 1032 (23 27) */ fxnor %f0,%f12,%f12
-/* 0x0c0c 1033 (24 29) */ fsubd %f30,%f6,%f6
-/* 0x0c10 1034 (24 29) */ fmuld %f26,%f24,%f46
-/* 0x0c14 1035 (25 30) */ fitod %f10,%f34
-/* 0x0c18 1036 (26 31) */ fdtox %f22,%f22
-/* 0x0c1c 1037 (26 27) */ std %f22,[%sp+336]
-/* 0x0c20 1038 (27 32) */ fmuld %f26,%f20,%f22
-/* 0x0c24 1039 (27 32) */ fdtox %f44,%f26
-/* 0x0c28 1040 (27 28) */ std %f26,[%sp+328]
-/* 0x0c2c 1041 (28 33) */ fdtox %f4,%f4
-/* 0x0c30 1042 (28 29) */ std %f4,[%sp+320]
-/* 0x0c34 1043 (29 34) */ fmuld %f6,%f24,%f26
-/* 0x0c38 1044 (29 34) */ fsubd %f30,%f8,%f8
-/* 0x0c3c 1045 (30 35) */ fdtox %f46,%f4
-/* 0x0c40 1046 (30 31) */ std %f4,[%sp+312]
-/* 0x0c44 1047 (31 36) */ fmuld %f28,%f24,%f4
-/* 0x0c48 1048 (31 36) */ fdtox %f32,%f32
-/* 0x0c4c 1049 (31 32) */ std %f32,[%sp+344]
-/* 0x0c50 1050 (32 37) */ fitod %f11,%f10
-/* 0x0c54 1051 (32 37) */ fmuld %f6,%f20,%f32
-/* 0x0c58 1052 (33 38) */ fsubd %f30,%f34,%f34
-/* 0x0c5c 1053 (34 39) */ fdtox %f22,%f6
-/* 0x0c60 1054 (34 35) */ std %f6,[%sp+304]
-/* 0x0c64 1058 (35 40) */ fitod %f12,%f36
-/* 0x0c68 1059 (35 40) */ fmuld %f28,%f20,%f6
-/* 0x0c6c 1060 (36 41) */ fdtox %f26,%f22
-/* 0x0c70 1061 (36 37) */ std %f22,[%sp+296]
-/* 0x0c74 1062 (37 42) */ fmuld %f8,%f24,%f22
-/* 0x0c78 1063 (37 42) */ fdtox %f4,%f4
-/* 0x0c7c 1064 (37 38) */ std %f4,[%sp+280]
-/* 0x0c80 1065 (38 43) */ fmuld %f8,%f20,%f8
-/* 0x0c84 1066 (38 43) */ fsubd %f30,%f10,%f10
-/* 0x0c88 1067 (39 44) */ fmuld %f34,%f24,%f4
-/* 0x0c8c 1068 (39 44) */ fitod %f13,%f12
-/* 0x0c90 1069 (40 45) */ fsubd %f30,%f36,%f36
-/* 0x0c94 1070 (41 46) */ fdtox %f6,%f6
-/* 0x0c98 1071 (41 42) */ std %f6,[%sp+272]
-/* 0x0c9c 1072 (42 46) */ fxnor %f0,%f14,%f14
-/* 0x0ca0 1073 (42 47) */ fmuld %f34,%f20,%f6
-/* 0x0ca4 1074 (43 48) */ fdtox %f22,%f22
-/* 0x0ca8 1075 (43 44) */ std %f22,[%sp+264]
-/* 0x0cac 1076 (44 49) */ fdtox %f8,%f8
-/* 0x0cb0 1077 (44 45) */ std %f8,[%sp+256]
-/* 0x0cb4 1078 (44 49) */ fmuld %f10,%f24,%f22
-/* 0x0cb8 1079 (45 50) */ fdtox %f4,%f4
-/* 0x0cbc 1080 (45 46) */ std %f4,[%sp+248]
-/* 0x0cc0 1081 (45 50) */ fmuld %f10,%f20,%f8
-/* 0x0cc4 1082 (46 51) */ fsubd %f30,%f12,%f4
-/* 0x0cc8 1083 (46 51) */ fmuld %f36,%f24,%f10
-/* 0x0ccc 1084 (47 52) */ fitod %f14,%f38
-/* 0x0cd0 1085 (48 53) */ fdtox %f6,%f6
-/* 0x0cd4 1086 (48 49) */ std %f6,[%sp+240]
-/* 0x0cd8 1087 (49 54) */ fdtox %f22,%f12
-/* 0x0cdc 1088 (49 50) */ std %f12,[%sp+232]
-/* 0x0ce0 1089 (49 54) */ fmuld %f36,%f20,%f6
-/* 0x0ce4 1090 (50 55) */ fdtox %f8,%f8
-/* 0x0ce8 1091 (50 51) */ std %f8,[%sp+224]
-/* 0x0cec 1092 (51 56) */ fdtox %f10,%f22
-/* 0x0cf0 1093 (51 52) */ std %f22,[%sp+216]
-/* 0x0cf4 1094 (51 56) */ fmuld %f4,%f24,%f8
-/* 0x0cf8 1095 (52 57) */ fitod %f15,%f14
-/* 0x0cfc 1096 (52 57) */ fmuld %f4,%f20,%f4
-/* 0x0d00 1097 (53 58) */ fsubd %f30,%f38,%f22
-/* 0x0d04 1098 (54 58) */ fxnor %f0,%f16,%f16
-/* 0x0d08 1099 (55 60) */ fdtox %f6,%f6
-/* 0x0d0c 1100 (55 56) */ std %f6,[%sp+208]
-/* 0x0d10 1101 (56 61) */ fdtox %f8,%f6
-/* 0x0d14 1102 (56 57) */ std %f6,[%sp+200]
-/* 0x0d18 1103 (57 62) */ fsubd %f30,%f14,%f10
-/* 0x0d1c 1104 (58 63) */ fitod %f16,%f40
-/* 0x0d20 1105 (58 63) */ fmuld %f22,%f24,%f6
-/* 0x0d24 1106 (59 64) */ fdtox %f4,%f4
-/* 0x0d28 1107 (59 60) */ std %f4,[%sp+192]
-/* 0x0d2c 1108 (60 65) */ fitod %f17,%f16
-/* 0x0d30 1109 (60 65) */ fmuld %f22,%f20,%f4
-/* 0x0d34 1110 (61 65) */ fxnor %f0,%f18,%f18
-/* 0x0d38 1111 (62 67) */ fdtox %f32,%f32
-/* 0x0d3c 1112 (62 63) */ std %f32,[%sp+288]
-/* 0x0d40 1113 (62 67) */ fmuld %f10,%f24,%f8
-/* 0x0d44 1114 (63 68) */ fdtox %f6,%f6
-/* 0x0d48 1115 (63 64) */ std %f6,[%sp+184]
-/* 0x0d4c 1116 (63 68) */ fmuld %f10,%f20,%f22
-/* 0x0d50 1117 (64 69) */ fsubd %f30,%f40,%f6
-/* 0x0d54 1118 (65 70) */ fdtox %f4,%f4
-/* 0x0d58 1119 (65 66) */ std %f4,[%sp+176]
-/* 0x0d5c 1120 (66 71) */ fsubd %f30,%f16,%f10
-/* 0x0d60 1121 (67 72) */ fdtox %f8,%f4
-/* 0x0d64 1122 (67 68) */ std %f4,[%sp+168]
-/* 0x0d68 1123 (68 73) */ fdtox %f22,%f4
-/* 0x0d6c 1124 (68 69) */ std %f4,[%sp+160]
-/* 0x0d70 1125 (69 74) */ fitod %f18,%f42
-/* 0x0d74 1126 (69 74) */ fmuld %f6,%f24,%f4
-/* 0x0d78 1127 (70 75) */ fmuld %f6,%f20,%f22
-/* 0x0d7c 1128 (71 76) */ fmuld %f10,%f24,%f6
-/* 0x0d80 1129 (72 77) */ fmuld %f10,%f20,%f8
-/* 0x0d84 1130 (74 79) */ fdtox %f4,%f4
-/* 0x0d88 1131 (74 75) */ std %f4,[%sp+152]
-/* 0x0d8c 1132 (75 80) */ fsubd %f30,%f42,%f4
-/* 0x0d90 1133 (76 81) */ fdtox %f6,%f6
-/* 0x0d94 1134 (76 77) */ std %f6,[%sp+136]
-/* 0x0d98 1135 (77 82) */ fdtox %f22,%f22
-/* 0x0d9c 1136 (77 78) */ std %f22,[%sp+144]
-/* 0x0da0 1137 (78 83) */ fdtox %f8,%f22
-/* 0x0da4 1138 (78 79) */ std %f22,[%sp+128]
-/* 0x0da8 1139 (79 84) */ fitod %f19,%f22
-/* 0x0dac 1140 (80 85) */ fmuld %f4,%f24,%f6
-/* 0x0db0 1141 (81 86) */ fmuld %f4,%f20,%f4
-/* 0x0db4 1142 (84 89) */ fsubd %f30,%f22,%f22
-/* 0x0db8 1143 (85 90) */ fdtox %f6,%f6
-/* 0x0dbc 1144 (85 86) */ std %f6,[%sp+120]
-/* 0x0dc0 1145 (86 91) */ fdtox %f4,%f4
-/* 0x0dc4 1146 (86 87) */ std %f4,[%sp+112]
-/* 0x0dc8 1150 (87 89) */ ldx [%sp+336],%g2
-/* 0x0dcc 1151 (88 90) */ ldx [%sp+344],%g3
-/* 0x0dd0 1152 (89 91) */ ld [%i1],%g4
-/* 0x0dd4 1153 (89 90) */ sllx %g2,19,%g2
-/* 0x0dd8 1154 (89 94) */ fmuld %f22,%f20,%f4
-/* 0x0ddc 1155 (90 92) */ ldx [%sp+328],%g5
-/* 0x0de0 1156 (90 91) */ add %g3,%g2,%g2
-/* 0x0de4 1157 (90 95) */ fmuld %f22,%f24,%f6
-/* 0x0de8 1158 (91 93) */ ldx [%sp+320],%g3
-/* 0x0dec 1159 (91 92) */ add %g2,%g4,%g4
-/* 0x0df0 1160 (92 94) */ ldx [%sp+304],%o0
-/* 0x0df4 1161 (93 94) */ st %g4,[%i0]
-/* 0x0df8 1162 (93 94) */ sllx %g3,19,%g2
-/* 0x0dfc 1163 (93 94) */ srlx %g4,32,%g4
-/* 0x0e00 1164 (94 96) */ ld [%i1+4],%g3
-/* 0x0e04 1165 (94 95) */ add %g5,%g2,%g2
-/* 0x0e08 1166 (94 99) */ fdtox %f4,%f4
-/* 0x0e0c 1167 (95 97) */ ldx [%sp+312],%g5
-/* 0x0e10 1168 (95 100) */ fdtox %f6,%f6
-/* 0x0e14 1169 (96 98) */ ldx [%sp+288],%o1
-/* 0x0e18 1170 (96 97) */ add %g2,%g3,%g2
-/* 0x0e1c 1171 (96 97) */ sllx %o0,19,%g3
-/* 0x0e20 1172 (97 99) */ ldx [%sp+272],%o2
-/* 0x0e24 1173 (97 98) */ add %g2,%g4,%g2
-/* 0x0e28 1174 (97 98) */ add %g5,%g3,%g3
-/* 0x0e2c 1175 (98 100) */ ld [%i1+8],%g4
-/* 0x0e30 1176 (98 99) */ srlx %g2,32,%o0
-/* 0x0e34 1177 (99 101) */ ldx [%sp+296],%g5
-/* 0x0e38 1178 (100 101) */ st %g2,[%i0+4]
-/* 0x0e3c 1179 (100 101) */ sllx %o2,19,%g2
-/* 0x0e40 1180 (100 101) */ add %g3,%g4,%g3
-/* 0x0e44 1181 (101 103) */ ldx [%sp+256],%o2
-/* 0x0e48 1182 (101 102) */ sllx %o1,19,%g4
-/* 0x0e4c 1183 (101 102) */ add %g3,%o0,%g3
-/* 0x0e50 1184 (102 104) */ ld [%i1+12],%o0
-/* 0x0e54 1185 (102 103) */ srlx %g3,32,%o1
-/* 0x0e58 1186 (102 103) */ add %g5,%g4,%g4
-/* 0x0e5c 1187 (103 105) */ ldx [%sp+280],%g5
-/* 0x0e60 1188 (104 105) */ st %g3,[%i0+8]
-/* 0x0e64 1189 (104 105) */ sllx %o2,19,%g3
-/* 0x0e68 1190 (104 105) */ add %g4,%o0,%g4
-/* 0x0e6c 1191 (105 107) */ ld [%i1+16],%o0
-/* 0x0e70 1192 (105 106) */ add %g5,%g2,%g2
-/* 0x0e74 1193 (105 106) */ add %g4,%o1,%g4
-/* 0x0e78 1194 (106 108) */ ldx [%sp+264],%g5
-/* 0x0e7c 1195 (106 107) */ srlx %g4,32,%o1
-/* 0x0e80 1196 (107 109) */ ldx [%sp+240],%o2
-/* 0x0e84 1197 (107 108) */ add %g2,%o0,%g2
-/* 0x0e88 1198 (108 110) */ ld [%i1+20],%o0
-/* 0x0e8c 1199 (108 109) */ add %g5,%g3,%g3
-/* 0x0e90 1200 (108 109) */ add %g2,%o1,%g2
-/* 0x0e94 1201 (109 111) */ ldx [%sp+248],%g5
-/* 0x0e98 1202 (109 110) */ srlx %g2,32,%o1
-/* 0x0e9c 1203 (110 111) */ st %g4,[%i0+12]
-/* 0x0ea0 1204 (110 111) */ sllx %o2,19,%g4
-/* 0x0ea4 1205 (110 111) */ add %g3,%o0,%g3
-/* 0x0ea8 1206 (111 113) */ ld [%i1+24],%o0
-/* 0x0eac 1207 (111 112) */ add %g5,%g4,%g4
-/* 0x0eb0 1208 (111 112) */ add %g3,%o1,%g3
-/* 0x0eb4 1209 (112 114) */ ldx [%sp+224],%o2
-/* 0x0eb8 1210 (112 113) */ srlx %g3,32,%o1
-/* 0x0ebc 1211 (113 115) */ ldx [%sp+232],%g5
-/* 0x0ec0 1212 (113 114) */ add %g4,%o0,%g4
-/* 0x0ec4 1213 (114 115) */ st %g2,[%i0+16]
-/* 0x0ec8 1214 (114 115) */ sllx %o2,19,%g2
-/* 0x0ecc 1215 (114 115) */ add %g4,%o1,%g4
-/* 0x0ed0 1216 (115 117) */ ld [%i1+28],%o0
-/* 0x0ed4 1217 (115 116) */ srlx %g4,32,%o1
-/* 0x0ed8 1218 (115 116) */ add %g5,%g2,%g2
-/* 0x0edc 1222 (116 118) */ ldx [%sp+208],%o2
-/* 0x0ee0 1223 (117 119) */ ldx [%sp+216],%g5
-/* 0x0ee4 1224 (117 118) */ add %g2,%o0,%g2
-/* 0x0ee8 1225 (118 119) */ st %g3,[%i0+20]
-/* 0x0eec 1226 (118 119) */ sllx %o2,19,%g3
-/* 0x0ef0 1227 (118 119) */ add %g2,%o1,%g2
-/* 0x0ef4 1228 (119 121) */ ld [%i1+32],%o0
-/* 0x0ef8 1229 (119 120) */ srlx %g2,32,%o1
-/* 0x0efc 1230 (119 120) */ add %g5,%g3,%g3
-/* 0x0f00 1231 (120 122) */ ldx [%sp+192],%o2
-/* 0x0f04 1232 (121 123) */ ldx [%sp+200],%g5
-/* 0x0f08 1233 (121 122) */ add %g3,%o0,%g3
-/* 0x0f0c 1234 (122 123) */ st %g4,[%i0+24]
-/* 0x0f10 1235 (122 123) */ sllx %o2,19,%g4
-/* 0x0f14 1236 (122 123) */ add %g3,%o1,%g3
-/* 0x0f18 1237 (123 125) */ ld [%i1+36],%o0
-/* 0x0f1c 1238 (123 124) */ srlx %g3,32,%o1
-/* 0x0f20 1239 (123 124) */ add %g5,%g4,%g4
-/* 0x0f24 1240 (124 126) */ ldx [%sp+176],%o2
-/* 0x0f28 1241 (125 127) */ ldx [%sp+184],%g5
-/* 0x0f2c 1242 (125 126) */ add %g4,%o0,%g4
-/* 0x0f30 1243 (126 127) */ st %g2,[%i0+28]
-/* 0x0f34 1244 (126 127) */ sllx %o2,19,%g2
-/* 0x0f38 1245 (126 127) */ add %g4,%o1,%g4
-/* 0x0f3c 1246 (127 129) */ ld [%i1+40],%o0
-/* 0x0f40 1247 (127 128) */ srlx %g4,32,%o1
-/* 0x0f44 1248 (127 128) */ add %g5,%g2,%g2
-/* 0x0f48 1249 (128 130) */ ldx [%sp+160],%o2
-/* 0x0f4c 1250 (129 131) */ ldx [%sp+168],%g5
-/* 0x0f50 1251 (129 130) */ add %g2,%o0,%g2
-/* 0x0f54 1252 (130 131) */ st %g3,[%i0+32]
-/* 0x0f58 1253 (130 131) */ sllx %o2,19,%g3
-/* 0x0f5c 1254 (130 131) */ add %g2,%o1,%g2
-/* 0x0f60 1255 (131 133) */ ld [%i1+44],%o0
-/* 0x0f64 1256 (131 132) */ srlx %g2,32,%o1
-/* 0x0f68 1257 (131 132) */ add %g5,%g3,%g3
-/* 0x0f6c 1258 (132 134) */ ldx [%sp+144],%o2
-/* 0x0f70 1259 (133 135) */ ldx [%sp+152],%g5
-/* 0x0f74 1260 (133 134) */ add %g3,%o0,%g3
-/* 0x0f78 1261 (134 135) */ st %g4,[%i0+36]
-/* 0x0f7c 1262 (134 135) */ sllx %o2,19,%g4
-/* 0x0f80 1263 (134 135) */ add %g3,%o1,%g3
-/* 0x0f84 1264 (135 137) */ ld [%i1+48],%o0
-/* 0x0f88 1265 (135 136) */ srlx %g3,32,%o1
-/* 0x0f8c 1266 (135 136) */ add %g5,%g4,%g4
-/* 0x0f90 1267 (136 138) */ ldx [%sp+128],%o2
-/* 0x0f94 1268 (137 139) */ ldx [%sp+136],%g5
-/* 0x0f98 1269 (137 138) */ add %g4,%o0,%g4
-/* 0x0f9c 1270 (138 139) */ std %f4,[%sp+96]
-/* 0x0fa0 1271 (138 139) */ add %g4,%o1,%g4
-/* 0x0fa4 1272 (139 140) */ st %g2,[%i0+40]
-/* 0x0fa8 1273 (139 140) */ sllx %o2,19,%g2
-/* 0x0fac 1274 (139 140) */ srlx %g4,32,%o1
-/* 0x0fb0 1275 (140 142) */ ld [%i1+52],%o0
-/* 0x0fb4 1276 (140 141) */ add %g5,%g2,%g2
-/* 0x0fb8 1277 (141 142) */ std %f6,[%sp+104]
-/* 0x0fbc 1278 (142 144) */ ldx [%sp+120],%g5
-/* 0x0fc0 1279 (142 143) */ add %g2,%o0,%g2
-/* 0x0fc4 1280 (143 144) */ st %g3,[%i0+44]
-/* 0x0fc8 1281 (143 144) */ add %g2,%o1,%g2
-/* 0x0fcc 1282 (144 146) */ ldx [%sp+112],%o2
-/* 0x0fd0 1283 (144 145) */ srlx %g2,32,%o1
-/* 0x0fd4 1284 (145 147) */ ld [%i1+56],%o0
-/* 0x0fd8 1285 (146 147) */ st %g4,[%i0+48]
-/* 0x0fdc 1286 (146 147) */ sllx %o2,19,%g3
-/* 0x0fe0 1287 (147 149) */ ldx [%sp+96],%o2
-/* 0x0fe4 1288 (147 148) */ add %g5,%g3,%g3
-/* 0x0fe8 1289 (148 150) */ ldx [%sp+104],%g5
-/* 0x0fec 1290 (148 149) */ add %g3,%o0,%g3
-/* 0x0ff0 1291 (149 151) */ ld [%i1+60],%o0
-/* 0x0ff4 1292 (149 150) */ sllx %o2,19,%g4
-/* 0x0ff8 1293 (149 150) */ add %g3,%o1,%g3
-/* 0x0ffc 1294 (150 151) */ st %g2,[%i0+52]
-/* 0x1000 1295 (150 151) */ srlx %g3,32,%o1
-/* 0x1004 1296 (150 151) */ add %g5,%g4,%g4
-/* 0x1008 1297 (151 152) */ st %g3,[%i0+56]
-/* 0x100c 1298 (151 152) */ add %g4,%o0,%g2
-/* 0x1010 1299 (152 153) */ add %g2,%o1,%g2
-/* 0x1014 1300 (152 153) */ st %g2,[%i0+60]
-/* 0x1018 1304 (153 154) */ srlx %g2,32,%o7
-
-!
-! ENTRY .L77000061
-!
-
- .L77000061: /* frequency 1.0 confidence 0.0 */
-/* 0x119c 1437 ( 0 1) */ or %g0,%o7,%i0
-
-!
-! ENTRY .L900000159
-!
-
- .L900000159: /* frequency 1.0 confidence 0.0 */
-/* 0x11a0 ( 0 7) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x11a4 ( 2 4) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000073
-!
-
- .L77000073: /* frequency 1.0 confidence 0.0 */
-
-
- or %g0, %i4, %o2
- or %g0, %o0, %o1
- or %g0, %i3, %o0
-
-!
-! ENTRY .L77000052
-!
-
- .L77000052: /* frequency 1.0 confidence 0.0 */
-/* 0x1028 1318 ( 0 1) */ andn %o2,%g2,%g2
-/* 0x102c 1319 ( 0 1) */ st %g2,[%sp+96]
-/* 0x1030 1325 ( 0 1) */ add %o0,1,%g3
-/* 0x1034 1326 ( 0 1) */ fmovd %f0,%f14
-/* 0x1038 1327 ( 1 2) */ srl %o2,19,%g2
-/* 0x103c 1328 ( 1 2) */ st %g2,[%sp+92]
-/* 0x1040 1329 ( 1 2) */ or %g0,0,%o5
-/* 0x1044 1330 ( 2 3) */ srl %g3,31,%g2
-/* 0x1048 1331 ( 2 5) */ ldd [%o1],%f6
-/* 0x104c 1335 ( 2 3) */ sethi %hi(0x1800),%g1
-/* 0x1050 1336 ( 3 4) */ add %g3,%g2,%g2
-/* 0x1054 1337 ( 3 4) */ xor %g1,-304,%g1
-/* 0x1058 1338 ( 3 6) */ ldd [%o1+8],%f20
-/* 0x105c 1339 ( 4 5) */ sra %g2,1,%o3
-/* 0x1060 1340 ( 4 5) */ fmovs %f6,%f8
-/* 0x1064 1341 ( 4 5) */ add %g1,%fp,%g3
-/* 0x1068 1342 ( 5 6) */ fmovs %f6,%f10
-/* 0x106c 1343 ( 5 7) */ ld [%sp+96],%f9
-/* 0x1070 1344 ( 5 6) */ subcc %o3,0,%g0
-/* 0x1074 1345 ( 6 8) */ ld [%sp+92],%f11
-/* 0x1078 1346 ( 6 7) */ sethi %hi(0x1800),%g1
-/* 0x107c 1347 ( 6 7) */ or %g0,%i2,%o1
-/* 0x1080 1348 ( 7 10) */ fsubd %f8,%f6,%f18
-/* 0x1084 1349 ( 7 8) */ xor %g1,-296,%g1
-/* 0x1088 1350 ( 7 8) */ or %g0,0,%g4
-/* 0x108c 1351 ( 8 11) */ fsubd %f10,%f6,%f16
-/* 0x1090 1352 ( 8 9) */ bleu,pt %icc,.L990000162 ! tprob=0.50
-/* 0x1094 ( 8 9) */ subcc %o0,0,%g0
-/* 0x1098 1354 ( 9 10) */ add %g1,%fp,%g2
-/* 0x109c 1355 ( 9 10) */ sethi %hi(0x1800),%g1
-/* 0x10a0 1356 (10 11) */ xor %g1,-288,%g1
-/* 0x10a4 1357 (10 11) */ subcc %o3,7,%g0
-/* 0x10a8 1358 (11 12) */ add %g1,%fp,%o7
-/* 0x10ac 1359 (11 12) */ sethi %hi(0x1800),%g1
-/* 0x10b0 1360 (12 13) */ xor %g1,-280,%g1
-/* 0x10b4 1361 (13 14) */ add %g1,%fp,%o4
-/* 0x10b8 1362 (13 14) */ bl,pn %icc,.L77000054 ! tprob=0.50
-/* 0x10bc (13 14) */ sub %o3,2,%o2
-/* 0x10c0 1364 (14 17) */ ldd [%o1],%f2
-/* 0x10c4 1365 (14 15) */ add %o1,16,%g5
-/* 0x10c8 1366 (14 15) */ or %g0,4,%g4
-/* 0x10cc 1367 (15 18) */ ldd [%o1+8],%f0
-/* 0x10d0 1368 (15 16) */ add %o1,8,%o1
-/* 0x10d4 1369 (16 18) */ fxnor %f14,%f2,%f6
-/* 0x10d8 1370 (16 19) */ ldd [%g5],%f4
-/* 0x10dc 1371 (16 17) */ add %o1,16,%o1
-/* 0x10e0 1372 (17 19) */ fxnor %f14,%f0,%f12
-/* 0x10e4 1373 (17 20) */ ldd [%o1],%f0
-/* 0x10e8 1374 (17 18) */ add %o1,8,%o1
-/* 0x10ec 1375 (18 21) */ fitod %f7,%f2
-/* 0x10f0 1376 (19 22) */ fitod %f6,%f6
-/* 0x10f4 1377 (20 22) */ fxnor %f14,%f4,%f10
-/* 0x10f8 1378 (21 24) */ fsubd %f20,%f2,%f2
-/* 0x10fc 1379 (22 24) */ fxnor %f14,%f0,%f8
-/* 0x1100 1380 (23 26) */ fitod %f13,%f4
-/* 0x1104 1381 (24 27) */ fsubd %f20,%f6,%f6
-/* 0x1108 1382 (24 27) */ fmuld %f2,%f16,%f0
-
-!
-! ENTRY .L990000154
-!
-
- .L990000154: /* frequency 1.0 confidence 0.0 */
-/* 0x110c 1384 ( 0 3) */ ldd [%o1],%f24
-/* 0x1110 1385 ( 0 1) */ add %g4,3,%g4
-/* 0x1114 1386 ( 0 1) */ add %o4,96,%o4
-/* 0x1118 1387 ( 1 4) */ fitod %f11,%f22
-/* 0x111c 1388 ( 2 5) */ fsubd %f20,%f4,%f26
-/* 0x1120 1389 ( 2 3) */ subcc %g4,%o2,%g0
-/* 0x1124 1390 ( 2 3) */ add %o7,96,%o7
-/* 0x1128 1391 ( 2 5) */ fmuld %f6,%f18,%f28
-/* 0x112c 1392 ( 3 6) */ fmuld %f6,%f16,%f6
-/* 0x1130 1393 ( 3 4) */ add %g2,96,%g2
-/* 0x1134 1394 ( 3 4) */ add %g3,96,%g3
-/* 0x1138 1395 ( 4 7) */ fdtox %f0,%f0
-/* 0x113c 1396 ( 5 8) */ fitod %f12,%f4
-/* 0x1140 1397 ( 5 8) */ fmuld %f2,%f18,%f2
-/* 0x1144 1398 ( 6 9) */ fdtox %f28,%f12
-/* 0x1148 1399 ( 7 10) */ fdtox %f6,%f6
-/* 0x114c 1400 ( 7 8) */ std %f12,[%g3-96]
-/* 0x1150 1401 ( 8 9) */ std %f6,[%g2-96]
-/* 0x1154 1402 ( 8 11) */ fdtox %f2,%f2
-/* 0x1158 1403 ( 9 12) */ fsubd %f20,%f4,%f6
-/* 0x115c 1404 ( 9 10) */ std %f2,[%o7-96]
-/* 0x1160 1405 ( 9 10) */ add %o1,8,%o1
-/* 0x1164 1406 (10 12) */ fxnor %f14,%f24,%f12
-/* 0x1168 1407 (10 13) */ fmuld %f26,%f16,%f4
-/* 0x116c 1408 (10 11) */ std %f0,[%o4-96]
-/* 0x1170 1409 (11 14) */ ldd [%o1],%f0
-/* 0x1174 1410 (11 14) */ fitod %f9,%f2
-/* 0x1178 1411 (12 15) */ fsubd %f20,%f22,%f28
-/* 0x117c 1412 (12 15) */ fmuld %f6,%f18,%f24
-/* 0x1180 1413 (13 16) */ fmuld %f6,%f16,%f22
-/* 0x1184 1414 (13 16) */ fdtox %f4,%f4
-/* 0x1188 1415 (14 17) */ fitod %f10,%f6
-/* 0x118c 1416 (14 17) */ fmuld %f26,%f18,%f10
-/* 0x1190 1417 (15 18) */ fdtox %f24,%f24
-/* 0x1194 1418 (16 19) */ fdtox %f22,%f22
-/* 0x1198 1419 (16 17) */ std %f24,[%g3-64]
-/* 0x119c 1420 (17 18) */ std %f22,[%g2-64]
-/* 0x11a0 1421 (17 20) */ fdtox %f10,%f10
-/* 0x11a4 1422 (18 21) */ fsubd %f20,%f6,%f6
-/* 0x11a8 1423 (18 19) */ std %f10,[%o7-64]
-/* 0x11ac 1424 (18 19) */ add %o1,8,%o1
-/* 0x11b0 1425 (19 21) */ fxnor %f14,%f0,%f10
-/* 0x11b4 1426 (19 22) */ fmuld %f28,%f16,%f0
-/* 0x11b8 1427 (19 20) */ std %f4,[%o4-64]
-/* 0x11bc 1428 (20 23) */ ldd [%o1],%f22
-/* 0x11c0 1429 (20 23) */ fitod %f13,%f4
-/* 0x11c4 1430 (21 24) */ fsubd %f20,%f2,%f2
-/* 0x11c8 1431 (21 24) */ fmuld %f6,%f18,%f26
-/* 0x11cc 1432 (22 25) */ fmuld %f6,%f16,%f24
-/* 0x11d0 1433 (22 25) */ fdtox %f0,%f0
-/* 0x11d4 1434 (23 26) */ fitod %f8,%f6
-/* 0x11d8 1435 (23 26) */ fmuld %f28,%f18,%f8
-/* 0x11dc 1436 (24 27) */ fdtox %f26,%f26
-/* 0x11e0 1437 (25 28) */ fdtox %f24,%f24
-/* 0x11e4 1438 (25 26) */ std %f26,[%g3-32]
-/* 0x11e8 1439 (26 27) */ std %f24,[%g2-32]
-/* 0x11ec 1440 (26 29) */ fdtox %f8,%f8
-/* 0x11f0 1441 (27 30) */ fsubd %f20,%f6,%f6
-/* 0x11f4 1442 (27 28) */ std %f8,[%o7-32]
-/* 0x11f8 1443 (27 28) */ add %o1,8,%o1
-/* 0x11fc 1444 (28 30) */ fxnor %f14,%f22,%f8
-/* 0x1200 1445 (28 29) */ std %f0,[%o4-32]
-/* 0x1204 1446 (28 29) */ bcs,pt %icc,.L990000154 ! tprob=0.50
-/* 0x1208 (28 31) */ fmuld %f2,%f16,%f0
-
-!
-! ENTRY .L990000157
-!
-
- .L990000157: /* frequency 1.0 confidence 0.0 */
-/* 0x120c 1449 ( 0 3) */ fitod %f12,%f28
-/* 0x1210 1450 ( 0 3) */ fmuld %f6,%f18,%f24
-/* 0x1214 1451 ( 0 1) */ add %g3,128,%g3
-/* 0x1218 1452 ( 1 4) */ fitod %f10,%f12
-/* 0x121c 1453 ( 1 4) */ fmuld %f6,%f16,%f26
-/* 0x1220 1454 ( 1 2) */ add %g2,128,%g2
-/* 0x1224 1455 ( 2 5) */ fsubd %f20,%f4,%f4
-/* 0x1228 1456 ( 2 5) */ fmuld %f2,%f18,%f22
-/* 0x122c 1457 ( 2 3) */ add %o7,128,%o7
-/* 0x1230 1458 ( 3 6) */ fdtox %f24,%f6
-/* 0x1234 1459 ( 3 4) */ std %f6,[%g3-128]
-/* 0x1238 1460 ( 3 4) */ add %o4,128,%o4
-/* 0x123c 1461 ( 4 7) */ fsubd %f20,%f28,%f2
-/* 0x1240 1462 ( 4 5) */ subcc %g4,%o3,%g0
-/* 0x1244 1463 ( 5 8) */ fitod %f11,%f6
-/* 0x1248 1464 ( 5 8) */ fmuld %f4,%f18,%f24
-/* 0x124c 1465 ( 6 9) */ fdtox %f26,%f10
-/* 0x1250 1466 ( 6 7) */ std %f10,[%g2-128]
-/* 0x1254 1467 ( 7 10) */ fdtox %f22,%f10
-/* 0x1258 1468 ( 7 8) */ std %f10,[%o7-128]
-/* 0x125c 1469 ( 7 10) */ fmuld %f2,%f18,%f26
-/* 0x1260 1470 ( 8 11) */ fsubd %f20,%f12,%f10
-/* 0x1264 1471 ( 8 11) */ fmuld %f2,%f16,%f2
-/* 0x1268 1472 ( 9 12) */ fsubd %f20,%f6,%f22
-/* 0x126c 1473 ( 9 12) */ fmuld %f4,%f16,%f12
-/* 0x1270 1474 (10 13) */ fdtox %f0,%f0
-/* 0x1274 1475 (10 11) */ std %f0,[%o4-128]
-/* 0x1278 1476 (11 14) */ fitod %f8,%f4
-/* 0x127c 1477 (11 14) */ fmuld %f10,%f18,%f6
-/* 0x1280 1478 (12 15) */ fdtox %f26,%f0
-/* 0x1284 1479 (12 13) */ std %f0,[%g3-96]
-/* 0x1288 1480 (12 15) */ fmuld %f10,%f16,%f10
-/* 0x128c 1481 (13 16) */ fdtox %f2,%f2
-/* 0x1290 1482 (13 14) */ std %f2,[%g2-96]
-/* 0x1294 1483 (14 17) */ fitod %f9,%f0
-/* 0x1298 1484 (14 17) */ fmuld %f22,%f18,%f2
-/* 0x129c 1485 (15 18) */ fdtox %f24,%f8
-/* 0x12a0 1486 (15 16) */ std %f8,[%o7-96]
-/* 0x12a4 1487 (16 19) */ fsubd %f20,%f4,%f4
-/* 0x12a8 1488 (16 19) */ fmuld %f22,%f16,%f8
-/* 0x12ac 1489 (17 20) */ fdtox %f12,%f12
-/* 0x12b0 1490 (17 18) */ std %f12,[%o4-96]
-/* 0x12b4 1491 (18 21) */ fsubd %f20,%f0,%f0
-/* 0x12b8 1492 (19 22) */ fdtox %f6,%f6
-/* 0x12bc 1493 (19 20) */ std %f6,[%g3-64]
-/* 0x12c0 1494 (20 23) */ fdtox %f10,%f10
-/* 0x12c4 1495 (20 21) */ std %f10,[%g2-64]
-/* 0x12c8 1496 (20 23) */ fmuld %f4,%f18,%f6
-/* 0x12cc 1497 (21 24) */ fdtox %f2,%f2
-/* 0x12d0 1498 (21 22) */ std %f2,[%o7-64]
-/* 0x12d4 1499 (21 24) */ fmuld %f4,%f16,%f4
-/* 0x12d8 1500 (22 25) */ fmuld %f0,%f18,%f2
-/* 0x12dc 1501 (22 25) */ fdtox %f8,%f8
-/* 0x12e0 1502 (22 23) */ std %f8,[%o4-64]
-/* 0x12e4 1503 (23 26) */ fdtox %f6,%f6
-/* 0x12e8 1504 (23 24) */ std %f6,[%g3-32]
-/* 0x12ec 1505 (23 26) */ fmuld %f0,%f16,%f0
-/* 0x12f0 1506 (24 27) */ fdtox %f4,%f4
-/* 0x12f4 1507 (24 25) */ std %f4,[%g2-32]
-/* 0x12f8 1508 (25 28) */ fdtox %f2,%f2
-/* 0x12fc 1509 (25 26) */ std %f2,[%o7-32]
-/* 0x1300 1510 (26 29) */ fdtox %f0,%f0
-/* 0x1304 1511 (26 27) */ bcc,pn %icc,.L77000056 ! tprob=0.50
-/* 0x1308 (26 27) */ std %f0,[%o4-32]
-
-!
-! ENTRY .L77000054
-!
-
- .L77000054: /* frequency 1.0 confidence 0.0 */
-/* 0x130c 1514 ( 0 3) */ ldd [%o1],%f0
-
-!
-! ENTRY .L990000161
-!
-
- .L990000161: /* frequency 1.0 confidence 0.0 */
-/* 0x1310 1516 ( 0 2) */ fxnor %f14,%f0,%f0
-/* 0x1314 1517 ( 0 1) */ add %g4,1,%g4
-/* 0x1318 1518 ( 0 1) */ add %o1,8,%o1
-/* 0x131c 1519 ( 1 2) */ subcc %g4,%o3,%g0
-/* 0x1320 1520 ( 2 5) */ fitod %f0,%f2
-/* 0x1324 1521 ( 3 6) */ fitod %f1,%f0
-/* 0x1328 1522 ( 5 8) */ fsubd %f20,%f2,%f2
-/* 0x132c 1523 ( 6 9) */ fsubd %f20,%f0,%f0
-/* 0x1330 1524 ( 8 11) */ fmuld %f2,%f18,%f6
-/* 0x1334 1525 ( 9 12) */ fmuld %f2,%f16,%f4
-/* 0x1338 1526 (10 13) */ fmuld %f0,%f18,%f2
-/* 0x133c 1527 (11 14) */ fdtox %f6,%f6
-/* 0x1340 1528 (11 12) */ std %f6,[%g3]
-/* 0x1344 1529 (11 14) */ fmuld %f0,%f16,%f0
-/* 0x1348 1530 (12 15) */ fdtox %f4,%f4
-/* 0x134c 1531 (12 13) */ std %f4,[%g2]
-/* 0x1350 1532 (12 13) */ add %g2,32,%g2
-/* 0x1354 1533 (13 16) */ fdtox %f2,%f2
-/* 0x1358 1534 (13 14) */ std %f2,[%o7]
-/* 0x135c 1535 (13 14) */ add %o7,32,%o7
-/* 0x1360 1536 (14 17) */ fdtox %f0,%f0
-/* 0x1364 1537 (14 15) */ std %f0,[%o4]
-/* 0x1368 1538 (14 15) */ add %o4,32,%o4
-/* 0x136c 1539 (15 16) */ add %g3,32,%g3
-/* 0x1370 1540 (15 16) */ bcs,a,pt %icc,.L990000161 ! tprob=0.50
-/* 0x1374 (16 19) */ ldd [%o1],%f0
-
-!
-! ENTRY .L77000056
-!
-
- .L77000056: /* frequency 1.0 confidence 0.0 */
-/* 0x1378 1548 ( 0 1) */ subcc %o0,0,%g0
-
-!
-! ENTRY .L990000162
-!
-
- .L990000162: /* frequency 1.0 confidence 0.0 */
-/* 0x137c 1550 ( 0 1) */ bleu,pt %icc,.L77770061 ! tprob=0.50
-/* 0x1380 ( 0 1) */ nop
-/* 0x1384 1555 ( 0 1) */ sethi %hi(0x1800),%g1
-/* 0x1388 1556 ( 1 2) */ xor %g1,-304,%g1
-/* 0x138c 1557 ( 1 2) */ or %g0,%i1,%g4
-/* 0x1390 1558 ( 2 3) */ add %g1,%fp,%g5
-/* 0x1394 1559 ( 2 3) */ sethi %hi(0x1800),%g1
-/* 0x1398 1560 ( 3 4) */ xor %g1,-296,%g1
-/* 0x139c 1561 ( 3 4) */ or %g0,%o0,%o7
-/* 0x13a0 1562 ( 4 5) */ add %g1,%fp,%g2
-/* 0x13a4 1563 ( 4 5) */ or %g0,0,%i2
-/* 0x13a8 1564 ( 5 6) */ or %g0,%i0,%g3
-/* 0x13ac 1565 ( 5 6) */ subcc %o0,6,%g0
-/* 0x13b0 1566 ( 5 6) */ bl,pn %icc,.L77000058 ! tprob=0.50
-/* 0x13b4 ( 6 7) */ sethi %hi(0x1800),%g1
-/* 0x13b8 1568 ( 6 8) */ ld [%g4],%o2
-/* 0x13bc 1569 ( 6 7) */ add %g3,4,%g3
-/* 0x13c0 1570 ( 7 8) */ xor %g1,-264,%g1
-/* 0x13c4 1571 ( 7 8) */ sub %o7,3,%o4
-/* 0x13c8 1572 ( 8 9) */ add %g1,%fp,%g2
-/* 0x13cc 1573 ( 8 9) */ sethi %hi(0x1800),%g1
-/* 0x13d0 1574 ( 9 10) */ xor %g1,-272,%g1
-/* 0x13d4 1575 ( 9 10) */ or %g0,2,%i2
-/* 0x13d8 1576 (10 11) */ add %g1,%fp,%g5
-/* 0x13dc 1577 (10 11) */ sethi %hi(0x1800),%g1
-/* 0x13e0 1578 (11 12) */ xor %g1,-296,%g1
-/* 0x13e4 1579 (12 13) */ add %g1,%fp,%g1
-/* 0x13e8 1580 (13 15) */ ldx [%g1],%o1
-/* 0x13ec 1581 (14 16) */ ldx [%g1-8],%o0
-/* 0x13f0 1582 (15 16) */ sllx %o1,19,%o1
-/* 0x13f4 1583 (15 17) */ ldx [%g1+16],%o3
-/* 0x13f8 1584 (16 17) */ add %o0,%o1,%o0
-/* 0x13fc 1585 (16 18) */ ld [%g4+4],%o1
-/* 0x1400 1586 (16 17) */ add %g4,8,%g4
-/* 0x1404 1587 (17 18) */ sllx %o3,19,%o3
-/* 0x1408 1588 (17 18) */ add %o0,%o2,%o0
-/* 0x140c 1589 (17 19) */ ldx [%g1+8],%o2
-/* 0x1410 1590 (18 19) */ st %o0,[%g3-4]
-/* 0x1414 1591 (18 19) */ srlx %o0,32,%o0
-
-!
-! ENTRY .L990000142
-!
-
- .L990000142: /* frequency 1.0 confidence 0.0 */
-/* 0x1418 1593 ( 0 1) */ add %o2,%o3,%o2
-/* 0x141c 1594 ( 0 1) */ add %i2,4,%i2
-/* 0x1420 1595 ( 0 2) */ ld [%g4],%o3
-/* 0x1424 1596 ( 1 2) */ srl %o0,0,%o5
-/* 0x1428 1597 ( 1 2) */ add %o2,%o1,%o1
-/* 0x142c 1598 ( 1 3) */ ldx [%g2],%o0
-/* 0x1430 1599 ( 3 4) */ sllx %o0,19,%o2
-/* 0x1434 1600 ( 3 5) */ ldx [%g5],%o0
-/* 0x1438 1601 ( 3 4) */ add %o1,%o5,%o1
-/* 0x143c 1602 ( 4 5) */ st %o1,[%g3]
-/* 0x1440 1603 ( 4 5) */ srlx %o1,32,%o5
-/* 0x1444 1604 ( 4 5) */ subcc %i2,%o4,%g0
-/* 0x1448 1605 ( 5 7) */ ldx [%g2+16],%o1
-/* 0x144c 1606 ( 5 6) */ add %o0,%o2,%o0
-/* 0x1450 1607 ( 5 6) */ add %g3,16,%g3
-/* 0x1454 1608 ( 6 8) */ ld [%g4+4],%o2
-/* 0x1458 1609 ( 6 7) */ add %o0,%o3,%o0
-/* 0x145c 1610 ( 7 8) */ sllx %o1,19,%o3
-/* 0x1460 1611 ( 7 9) */ ldx [%g5+16],%o1
-/* 0x1464 1612 ( 7 8) */ add %o0,%o5,%o0
-/* 0x1468 1613 ( 8 9) */ st %o0,[%g3-12]
-/* 0x146c 1614 ( 8 9) */ srlx %o0,32,%o5
-/* 0x1470 1615 ( 8 9) */ add %g4,16,%g4
-/* 0x1474 1616 ( 9 11) */ ldx [%g2+32],%o0
-/* 0x1478 1617 ( 9 10) */ add %o1,%o3,%o1
-/* 0x147c 1618 ( 9 10) */ add %g2,64,%g2
-/* 0x1480 1619 (10 12) */ ld [%g4-8],%o3
-/* 0x1484 1620 (10 11) */ add %o1,%o2,%o2
-/* 0x1488 1621 (11 12) */ sllx %o0,19,%o1
-/* 0x148c 1622 (11 13) */ ldx [%g5+32],%o0
-/* 0x1490 1623 (11 12) */ add %o2,%o5,%o2
-/* 0x1494 1624 (12 13) */ st %o2,[%g3-8]
-/* 0x1498 1625 (12 13) */ srlx %o2,32,%o5
-/* 0x149c 1626 (12 13) */ add %g5,64,%g5
-/* 0x14a0 1627 (13 15) */ ldx [%g2-16],%o2
-/* 0x14a4 1628 (13 14) */ add %o0,%o1,%o0
-/* 0x14a8 1629 (14 16) */ ld [%g4-4],%o1
-/* 0x14ac 1630 (14 15) */ add %o0,%o3,%o0
-/* 0x14b0 1631 (15 16) */ sllx %o2,19,%o3
-/* 0x14b4 1632 (15 17) */ ldx [%g5-16],%o2
-/* 0x14b8 1633 (15 16) */ add %o0,%o5,%o0
-/* 0x14bc 1634 (16 17) */ st %o0,[%g3-4]
-/* 0x14c0 1635 (16 17) */ bcs,pt %icc,.L990000142 ! tprob=0.50
-/* 0x14c4 (16 17) */ srlx %o0,32,%o0
-
-!
-! ENTRY .L990000145
-!
-
- .L990000145: /* frequency 1.0 confidence 0.0 */
-/* 0x14c8 1638 ( 0 1) */ add %o2,%o3,%o3
-/* 0x14cc 1639 ( 0 1) */ add %g3,4,%g3
-/* 0x14d0 1640 ( 1 2) */ srl %o0,0,%o2
-/* 0x14d4 1641 ( 1 2) */ add %o3,%o1,%o0
-/* 0x14d8 1642 ( 2 3) */ add %o0,%o2,%o0
-/* 0x14dc 1643 ( 2 3) */ st %o0,[%g3-4]
-/* 0x14e0 1644 ( 2 3) */ subcc %i2,%o7,%g0
-/* 0x14e4 1645 ( 2 3) */ bcc,pn %icc,.L77770061 ! tprob=0.50
-/* 0x14e8 ( 3 4) */ srlx %o0,32,%o5
-
-!
-! ENTRY .L77000058
-!
-
- .L77000058: /* frequency 1.0 confidence 0.0 */
-/* 0x14ec 1648 ( 0 2) */ ldx [%g2],%o2
-
-!
-! ENTRY .L990000160
-!
-
- .L990000160: /* frequency 1.0 confidence 0.0 */
-/* 0x14f0 1650 ( 0 1) */ sllx %o2,19,%o3
-/* 0x14f4 1651 ( 0 2) */ ldx [%g5],%o0
-/* 0x14f8 1652 ( 0 1) */ add %i2,1,%i2
-/* 0x14fc 1653 ( 1 2) */ srl %o5,0,%o1
-/* 0x1500 1654 ( 1 3) */ ld [%g4],%o2
-/* 0x1504 1655 ( 1 2) */ add %g2,16,%g2
-/* 0x1508 1656 ( 2 3) */ add %o0,%o3,%o0
-/* 0x150c 1657 ( 2 3) */ add %g5,16,%g5
-/* 0x1510 1658 ( 3 4) */ add %o0,%o2,%o0
-/* 0x1514 1659 ( 3 4) */ add %g4,4,%g4
-/* 0x1518 1660 ( 4 5) */ add %o0,%o1,%o0
-/* 0x151c 1661 ( 4 5) */ st %o0,[%g3]
-/* 0x1520 1662 ( 4 5) */ subcc %i2,%o7,%g0
-/* 0x1524 1663 ( 5 6) */ srlx %o0,32,%o5
-/* 0x1528 1664 ( 5 6) */ add %g3,4,%g3
-/* 0x152c 1665 ( 5 6) */ bcs,a,pt %icc,.L990000160 ! tprob=0.50
-/* 0x1530 ( 6 8) */ ldx [%g2],%o2
-
-!
-! ENTRY .L77770061
-!
-
- .L77770061: /* frequency 1.0 confidence 0.0 */
-/* 0x1534 ( 0 2) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x1538 ( 2 3) */ restore %g0,%o5,%o0
-
-
-
-
-/* 0x11a8 1441 ( 0 0) */ .type mul_add,2
-/* 0x11a8 1442 ( 0 0) */ .size mul_add,(.-mul_add)
-/* 0x11a8 1445 ( 0 0) */ .align 16
-/* 0x11b0 1451 ( 0 0) */ .global mul_add_inp
-
-!
-! ENTRY mul_add_inp
-!
-
- .global mul_add_inp
- mul_add_inp: /* frequency 1.0 confidence 0.0 */
-/* 0x11b0 1453 ( 0 1) */ or %g0,%o2,%g1
-/* 0x11b4 1454 ( 0 1) */ or %g0,%o3,%o4
-/* 0x11b8 1455 ( 1 2) */ or %g0,%o0,%g3
-/* 0x11bc 1456 ( 1 2) */ or %g0,%o1,%g2
-/* 0x11c0 1466 ( 2 3) */ or %g0,%g1,%o3
-/* 0x11c4 1467 ( 2 3) */ or %g0,%g3,%o1
-/* 0x11c8 1468 ( 3 4) */ or %g0,%g2,%o2
-/* 0x11cc 1469 ( 3 4) */ or %g0,%o7,%g1
-/* 0x11d0 1470 ( 4 6) */ call mul_add ! params = ! Result =
-/* 0x11d4 ( 5 6) */ or %g0,%g1,%o7
-/* 0x11d8 1472 ( 0 0) */ .type mul_add_inp,2
-/* 0x11d8 1473 ( 0 0) */ .size mul_add_inp,(.-mul_add_inp)
-
- .section ".data",#alloc,#write
-/* 0x11d8 6 ( 0 0) */ .align 8
-
-!
-! ENTRY mask_cnst
-!
-
- mask_cnst: /* frequency 1.0 confidence 0.0 */
-/* 0x11d8 8 ( 0 0) */ .word -2147483648
-/* 0x11dc 9 ( 0 0) */ .word -2147483648
-/* 0x11e0 10 ( 0 0) */ .type mask_cnst,#object
-/* 0x11e0 11 ( 0 0) */ .size mask_cnst,8
-
-! Begin Disassembling Stabs
- .xstabs ".stab.index","Xa ; O ; P ; V=3.1 ; R=WorkShop Compilers 5.0 99/02/25 C 5.0 patch 107289-01",60,0,0,0 ! (mpv_sparc.s:1476)
- .xstabs ".stab.index","/home/ferenc/ssl/vis-code; /usr/dist/pkgs/devpro,v5.0/5.x-sparc/bin/../SC5.0/bin/cc -fast -xO4 -xrestrict -xarch=v8plusa -xchip=ultra3 -xdepend -KPIC -mt -S vis_32.il mpv_sparc.c -W0,-xp",52,0,0,0 ! (mpv_sparc.s:1477)
-! End Disassembling Stabs
-
-! Begin Disassembling Ident
- .ident "cg: WorkShop Compilers 5.0 99/04/15 Compiler Common 5.0 Patch 107357-02" ! (mpv_sparc.s:1481)
- .ident "@(#)vis_proto.h 1.3 97/03/30 SMI" ! (mpv_sparc.s:1482)
- .ident "acomp: WorkShop Compilers 5.0 99/02/25 C 5.0 patch 107289-01" ! (mpv_sparc.s:1483)
-! End Disassembling Ident
diff --git a/security/nss/lib/freebl/mpi/mpv_sparcv9.s b/security/nss/lib/freebl/mpi/mpv_sparcv9.s
deleted file mode 100644
index 071bdda3f..000000000
--- a/security/nss/lib/freebl/mpi/mpv_sparcv9.s
+++ /dev/null
@@ -1,1683 +0,0 @@
-!/*
-! * The contents of this file are subject to the Mozilla Public
-! * License Version 1.1 (the "License"); you may not use this file
-! * except in compliance with the License. You may obtain a copy of
-! * the License at http://www.mozilla.org/MPL/
-! *
-! * Software distributed under the License is distributed on an "AS
-! * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! * implied. See the License for the specific language governing
-! * rights and limitations under the License.
-! *
-! * The Original Code is a SPARC/VIS optimized multiply and add function
-! *
-! * The Initial Developer of the Original Code is Sun Microsystems Inc.
-! * Portions created by Sun Microsystems Inc. are
-! * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
-! *
-! * Contributor(s):
-! *
-! * Alternatively, the contents of this file may be used under the
-! * terms of the GNU General Public License Version 2 or later (the
-! * "GPL"), in which case the provisions of the GPL are applicable
-! * instead of those above. If you wish to allow use of your
-! * version of this file only under the terms of the GPL and not to
-! * allow others to use your version of this file under the MPL,
-! * indicate your decision by deleting the provisions above and
-! * replace them with the notice and other provisions required by
-! * the GPL. If you do not delete the provisions above, a recipient
-! * may use your version of this file under either the MPL or the
-! * GPL.
-! * $Id$
-! */
-
- .section ".text",#alloc,#execinstr
-/* 000000 0 ( 0 0) */ .register %g2,#scratch
-/* 000000 ( 0 0) */ .register %g3,#scratch
-/* 000000 3 ( 0 0) */ .file "mpv_sparc.c"
-/* 000000 15 ( 0 0) */ .align 8
-!
-! SUBROUTINE .L_const_seg_900000101
-!
-! OFFSET SOURCE LINE LABEL INSTRUCTION (ISSUE TIME) (COMPLETION TIME)
-
- .L_const_seg_900000101: /* frequency 1.0 confidence 0.0 */
-/* 000000 20 ( 0 0) */ .word 1127219200,0
-/* 0x0008 21 ( 0 0) */ .word 1105199103,-4194304
-/* 0x0010 22 ( 0 0) */ .align 8
-/* 0x0010 28 ( 0 0) */ .global mul_add
-
-!
-! ENTRY mul_add
-!
-
- .global mul_add
- mul_add: /* frequency 1.0 confidence 0.0 */
-/* 0x0010 30 ( 0 1) */ sethi %hi(0x1c00),%g1
-/* 0x0014 31 ( 0 1) */ sethi %hi(mask_cnst),%g2
-/* 0x0018 32 ( 1 2) */ xor %g1,-48,%g1
-/* 0x001c 33 ( 1 2) */ add %g2,%lo(mask_cnst),%g2
-/* 0x0020 34 ( 2 3) */ save %sp,%g1,%sp
-
-!
-! ENTRY .L900000149
-!
-
- .L900000149: /* frequency 1.0 confidence 0.0 */
-/* 0x0024 36 ( 0 2) */ call (.+0x8) ! params = ! Result =
-/* 0x0028 ( 1 2) */ sethi %hi((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5
-/* 0x002c 178 ( 2 3) */ sethi %hi(.L_const_seg_900000101),%g3
-/* 0x0030 179 ( 2 3) */ add %g5,%lo((_GLOBAL_OFFSET_TABLE_-(.L900000149-.))),%g5
-/* 0x0034 180 ( 3 4) */ add %g3,%lo(.L_const_seg_900000101),%g3
-/* 0x0038 181 ( 3 4) */ add %g5,%o7,%o1
-/* 0x003c 182 ( 4 5) */ sethi %hi(0x80000),%g4
-/* 0x0040 183 ( 4 6) */ ldx [%o1+%g2],%g2
-/* 0x0044 184 ( 4 5) */ or %g0,%i2,%o2
-/* 0x0048 185 ( 5 6) */ subcc %i4,%g4,%g0
-/* 0x004c 186 ( 5 7) */ ldx [%o1+%g3],%o0
-/* 0x0050 187 ( 6 7) */ or %g0,%i0,%o7
-/* 0x0054 188 ( 6 7) */ or %g0,%i1,%o5
-/* 0x0058 189 ( 6 9) */ ldd [%g2],%f0
-/* 0x005c 190 ( 6 7) */ bcc,pn %icc,.L77000048 ! tprob=0.50
-/* 0x0060 ( 7 8) */ subcc %i3,8,%g0
-/* 0x0064 192 ( 7 8) */ bne,pn %icc,.L900000158 ! tprob=0.50
-/* 0x0068 ( 8 9) */ subcc %i3,16,%g0
-/* 0x006c 194 ( 9 12) */ ldd [%o2],%f4
-/* 0x0070 195 (10 11) */ st %i4,[%sp+2287]
-/* 0x0074 196 (11 14) */ ldd [%o0],%f8
-/* 0x0078 197 (11 13) */ fxnor %f0,%f4,%f4
-/* 0x007c 198 (12 15) */ ldd [%o2+8],%f10
-/* 0x0080 199 (13 16) */ fitod %f4,%f12
-/* 0x0084 200 (13 16) */ ldd [%o0+8],%f14
-/* 0x0088 201 (14 17) */ ld [%sp+2287],%f7
-/* 0x008c 202 (14 17) */ fitod %f5,%f4
-/* 0x0090 203 (15 17) */ fxnor %f0,%f10,%f10
-/* 0x0094 204 (15 18) */ ldd [%o2+16],%f16
-/* 0x0098 205 (16 19) */ ldd [%o2+24],%f18
-/* 0x009c 206 (17 20) */ fsubd %f14,%f4,%f4
-/* 0x00a0 210 (17 20) */ ld [%i1],%g2
-/* 0x00a4 211 (18 20) */ fxnor %f0,%f16,%f16
-/* 0x00a8 212 (18 21) */ ld [%i1+4],%g3
-/* 0x00ac 213 (19 22) */ ld [%i1+8],%g4
-/* 0x00b0 214 (20 23) */ fitod %f16,%f20
-/* 0x00b4 215 (20 23) */ ld [%i1+16],%o0
-/* 0x00b8 216 (21 24) */ ld [%i1+12],%g5
-/* 0x00bc 217 (22 25) */ ld [%i1+20],%o1
-/* 0x00c0 218 (23 26) */ ld [%i1+24],%o2
-/* 0x00c4 219 (24 25) */ fmovs %f8,%f6
-/* 0x00c8 220 (24 27) */ ld [%i1+28],%o3
-/* 0x00cc 221 (26 29) */ fsubd %f6,%f8,%f6
-/* 0x00d0 222 (27 30) */ fsubd %f14,%f12,%f8
-/* 0x00d4 223 (28 31) */ fitod %f10,%f12
-/* 0x00d8 224 (29 32) */ fmuld %f4,%f6,%f4
-/* 0x00dc 225 (29 32) */ fitod %f11,%f10
-/* 0x00e0 226 (30 33) */ fmuld %f8,%f6,%f8
-/* 0x00e4 227 (31 34) */ fsubd %f14,%f12,%f12
-/* 0x00e8 228 (32 35) */ fdtox %f4,%f4
-/* 0x00ec 229 (32 33) */ std %f4,[%sp+2271]
-/* 0x00f0 230 (33 36) */ fdtox %f8,%f8
-/* 0x00f4 231 (33 34) */ std %f8,[%sp+2279]
-/* 0x00f8 232 (34 37) */ fmuld %f12,%f6,%f12
-/* 0x00fc 233 (34 37) */ fsubd %f14,%f10,%f10
-/* 0x0100 234 (35 38) */ fsubd %f14,%f20,%f4
-/* 0x0104 235 (36 39) */ fitod %f17,%f8
-/* 0x0108 236 (37 39) */ fxnor %f0,%f18,%f16
-/* 0x010c 237 (37 39) */ ldx [%sp+2279],%o4
-/* 0x0110 238 (37 40) */ fmuld %f10,%f6,%f10
-/* 0x0114 239 (38 41) */ fdtox %f12,%f12
-/* 0x0118 240 (38 39) */ std %f12,[%sp+2263]
-/* 0x011c 241 (38 41) */ fmuld %f4,%f6,%f4
-/* 0x0120 242 (39 42) */ fitod %f16,%f18
-/* 0x0124 243 (39 40) */ add %o4,%g2,%g2
-/* 0x0128 244 (39 40) */ st %g2,[%i0]
-/* 0x012c 245 (40 42) */ ldx [%sp+2271],%o4
-/* 0x0130 246 (40 43) */ fsubd %f14,%f8,%f8
-/* 0x0134 247 (40 41) */ srax %g2,32,%o5
-/* 0x0138 248 (41 44) */ fdtox %f10,%f10
-/* 0x013c 249 (41 42) */ std %f10,[%sp+2255]
-/* 0x0140 250 (42 45) */ fdtox %f4,%f4
-/* 0x0144 251 (42 43) */ std %f4,[%sp+2247]
-/* 0x0148 252 (42 43) */ add %o4,%g3,%o4
-/* 0x014c 253 (43 46) */ fitod %f17,%f12
-/* 0x0150 254 (43 45) */ ldx [%sp+2263],%g2
-/* 0x0154 255 (43 44) */ add %o4,%o5,%g3
-/* 0x0158 256 (43 46) */ fmuld %f8,%f6,%f8
-/* 0x015c 257 (44 47) */ fsubd %f14,%f18,%f10
-/* 0x0160 258 (44 45) */ st %g3,[%i0+4]
-/* 0x0164 259 (44 45) */ srax %g3,32,%g3
-/* 0x0168 260 (45 46) */ add %g2,%g4,%g4
-/* 0x016c 261 (45 47) */ ldx [%sp+2255],%g2
-/* 0x0170 262 (46 49) */ fsubd %f14,%f12,%f4
-/* 0x0174 263 (46 47) */ add %g4,%g3,%g3
-/* 0x0178 264 (46 48) */ ldx [%sp+2247],%g4
-/* 0x017c 265 (47 50) */ fmuld %f10,%f6,%f10
-/* 0x0180 266 (47 50) */ fdtox %f8,%f8
-/* 0x0184 267 (47 48) */ std %f8,[%sp+2239]
-/* 0x0188 268 (48 49) */ add %g4,%o0,%g4
-/* 0x018c 269 (48 49) */ add %g2,%g5,%g2
-/* 0x0190 270 (48 49) */ st %g3,[%i0+8]
-/* 0x0194 271 (49 52) */ fmuld %f4,%f6,%f4
-/* 0x0198 272 (49 50) */ srax %g3,32,%o0
-/* 0x019c 273 (49 51) */ ldx [%sp+2239],%g5
-/* 0x01a0 274 (50 53) */ fdtox %f10,%f6
-/* 0x01a4 275 (50 51) */ std %f6,[%sp+2231]
-/* 0x01a8 276 (50 51) */ add %g2,%o0,%g2
-/* 0x01ac 277 (51 52) */ srax %g2,32,%g3
-/* 0x01b0 278 (51 52) */ add %g5,%o1,%o1
-/* 0x01b4 279 (51 52) */ st %g2,[%i0+12]
-/* 0x01b8 280 (52 55) */ fdtox %f4,%f4
-/* 0x01bc 281 (52 53) */ std %f4,[%sp+2223]
-/* 0x01c0 282 (52 53) */ add %g4,%g3,%g3
-/* 0x01c4 283 (53 54) */ srax %g3,32,%g4
-/* 0x01c8 284 (53 54) */ st %g3,[%i0+16]
-/* 0x01cc 285 (54 56) */ ldx [%sp+2231],%o0
-/* 0x01d0 286 (54 55) */ add %o1,%g4,%g4
-/* 0x01d4 287 (55 56) */ srax %g4,32,%g2
-/* 0x01d8 288 (55 57) */ ldx [%sp+2223],%g5
-/* 0x01dc 289 (56 57) */ add %o0,%o2,%o2
-/* 0x01e0 290 (56 57) */ st %g4,[%i0+20]
-/* 0x01e4 291 (57 58) */ add %o2,%g2,%g2
-/* 0x01e8 292 (57 58) */ add %g5,%o3,%g5
-/* 0x01ec 293 (57 58) */ st %g2,[%i0+24]
-/* 0x01f0 294 (58 59) */ srax %g2,32,%g3
-/* 0x01f4 295 (59 60) */ add %g5,%g3,%g2
-/* 0x01f8 296 (59 60) */ st %g2,[%i0+28]
-/* 0x01fc 300 (60 61) */ srax %g2,32,%o3
-/* 0x0200 301 (61 62) */ srl %o3,0,%i0
-/* 0x0204 (62 64) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0208 (64 65) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L900000158
-!
-
- .L900000158: /* frequency 1.0 confidence 0.0 */
-/* 0x020c 308 ( 0 1) */ bne,a,pn %icc,.L900000157 ! tprob=0.50
-/* 0x0210 ( 0 1) */ st %i4,[%sp+2223]
-/* 0x0214 315 ( 1 4) */ ldd [%o2],%f4
-/* 0x0218 316 ( 2 3) */ st %i4,[%sp+2351]
-/* 0x021c 317 ( 3 6) */ ldd [%o0],%f8
-/* 0x0220 318 ( 3 5) */ fxnor %f0,%f4,%f4
-/* 0x0224 319 ( 4 7) */ ldd [%o2+8],%f10
-/* 0x0228 320 ( 5 8) */ ldd [%o0+8],%f14
-/* 0x022c 321 ( 5 8) */ fitod %f4,%f12
-/* 0x0230 322 ( 6 9) */ ld [%sp+2351],%f7
-/* 0x0234 323 ( 6 8) */ fxnor %f0,%f10,%f10
-/* 0x0238 324 ( 7 10) */ ldd [%o2+16],%f16
-/* 0x023c 325 ( 7 10) */ fitod %f5,%f4
-/* 0x0240 326 ( 8 11) */ ldd [%o2+24],%f18
-/* 0x0244 330 ( 9 12) */ ldd [%o2+32],%f20
-/* 0x0248 331 ( 9 11) */ fxnor %f0,%f16,%f16
-/* 0x024c 335 (10 13) */ ld [%i1],%g2
-/* 0x0250 336 (10 13) */ fsubd %f14,%f4,%f4
-/* 0x0254 337 (11 14) */ ldd [%o2+40],%f22
-/* 0x0258 338 (11 14) */ fitod %f16,%f28
-/* 0x025c 339 (12 15) */ ld [%i1+4],%g3
-/* 0x0260 340 (13 16) */ ld [%i1+8],%g4
-/* 0x0264 341 (13 15) */ fxnor %f0,%f22,%f22
-/* 0x0268 342 (14 17) */ ld [%i1+12],%g5
-/* 0x026c 343 (15 18) */ ld [%i1+16],%o0
-/* 0x0270 344 (16 19) */ ldd [%o2+48],%f24
-/* 0x0274 345 (17 20) */ ld [%i1+20],%o1
-/* 0x0278 346 (17 18) */ fmovs %f8,%f6
-/* 0x027c 347 (18 21) */ ldd [%o2+56],%f26
-/* 0x0280 348 (19 22) */ ld [%i1+24],%o2
-/* 0x0284 349 (19 22) */ fsubd %f6,%f8,%f6
-/* 0x0288 350 (20 23) */ ld [%i1+28],%o3
-/* 0x028c 351 (20 23) */ fsubd %f14,%f12,%f8
-/* 0x0290 355 (21 24) */ ld [%i1+32],%o4
-/* 0x0294 356 (21 24) */ fitod %f10,%f12
-/* 0x0298 357 (22 25) */ ld [%i1+36],%o7
-/* 0x029c 358 (22 25) */ fitod %f11,%f10
-/* 0x02a0 359 (22 25) */ fmuld %f4,%f6,%f4
-/* 0x02a4 360 (23 26) */ ld [%i1+40],%l1
-/* 0x02a8 361 (23 26) */ fmuld %f8,%f6,%f8
-/* 0x02ac 362 (24 27) */ ld [%i1+56],%l5
-/* 0x02b0 363 (24 27) */ fsubd %f14,%f12,%f12
-/* 0x02b4 364 (25 28) */ fsubd %f14,%f10,%f10
-/* 0x02b8 365 (26 29) */ fdtox %f8,%f8
-/* 0x02bc 366 (26 27) */ std %f8,[%sp+2343]
-/* 0x02c0 367 (27 30) */ fitod %f17,%f8
-/* 0x02c4 368 (27 30) */ fmuld %f12,%f6,%f12
-/* 0x02c8 369 (28 31) */ fdtox %f4,%f4
-/* 0x02cc 370 (28 29) */ std %f4,[%sp+2335]
-/* 0x02d0 371 (28 31) */ fmuld %f10,%f6,%f10
-/* 0x02d4 372 (29 31) */ fxnor %f0,%f18,%f16
-/* 0x02d8 373 (30 33) */ fdtox %f12,%f12
-/* 0x02dc 374 (30 31) */ std %f12,[%sp+2327]
-/* 0x02e0 375 (31 33) */ ldx [%sp+2343],%o5
-/* 0x02e4 376 (31 34) */ fsubd %f14,%f8,%f8
-/* 0x02e8 377 (32 35) */ fsubd %f14,%f28,%f4
-/* 0x02ec 378 (33 36) */ fitod %f17,%f12
-/* 0x02f0 379 (33 34) */ add %o5,%g2,%g2
-/* 0x02f4 380 (33 34) */ st %g2,[%i0]
-/* 0x02f8 381 (34 36) */ ldx [%sp+2335],%o5
-/* 0x02fc 382 (34 37) */ fitod %f16,%f18
-/* 0x0300 383 (34 35) */ srax %g2,32,%l0
-/* 0x0304 384 (35 37) */ fxnor %f0,%f20,%f16
-/* 0x0308 385 (35 38) */ fmuld %f8,%f6,%f20
-/* 0x030c 386 (36 39) */ fdtox %f10,%f10
-/* 0x0310 387 (36 37) */ std %f10,[%sp+2319]
-/* 0x0314 388 (36 37) */ add %o5,%g3,%g3
-/* 0x0318 389 (36 39) */ fmuld %f4,%f6,%f4
-/* 0x031c 390 (37 40) */ fitod %f16,%f8
-/* 0x0320 391 (37 38) */ add %g3,%l0,%g3
-/* 0x0324 392 (37 38) */ st %g3,[%i0+4]
-/* 0x0328 393 (38 40) */ ldx [%sp+2327],%o5
-/* 0x032c 394 (38 41) */ fsubd %f14,%f18,%f18
-/* 0x0330 395 (38 39) */ srax %g3,32,%l3
-/* 0x0334 396 (39 41) */ ldx [%sp+2319],%l2
-/* 0x0338 397 (39 42) */ fdtox %f4,%f4
-/* 0x033c 398 (40 41) */ std %f4,[%sp+2311]
-/* 0x0340 399 (40 43) */ fdtox %f20,%f20
-/* 0x0344 400 (40 41) */ add %o5,%g4,%g4
-/* 0x0348 401 (41 42) */ std %f20,[%sp+2303]
-/* 0x034c 402 (41 44) */ fsubd %f14,%f12,%f4
-/* 0x0350 403 (41 42) */ add %g4,%l3,%g4
-/* 0x0354 404 (41 44) */ fmuld %f18,%f6,%f18
-/* 0x0358 405 (42 43) */ st %g4,[%i0+8]
-/* 0x035c 406 (42 45) */ fitod %f17,%f16
-/* 0x0360 407 (42 43) */ srax %g4,32,%l4
-/* 0x0364 408 (43 46) */ ld [%i1+44],%l0
-/* 0x0368 409 (43 46) */ fsubd %f14,%f8,%f20
-/* 0x036c 410 (43 44) */ add %l2,%g5,%l2
-/* 0x0370 411 (44 46) */ ldx [%sp+2311],%g5
-/* 0x0374 412 (44 47) */ fitod %f22,%f8
-/* 0x0378 413 (44 45) */ add %l2,%l4,%l2
-/* 0x037c 414 (44 47) */ fmuld %f4,%f6,%f4
-/* 0x0380 415 (45 46) */ st %l2,[%i0+12]
-/* 0x0384 416 (45 48) */ fsubd %f14,%f16,%f10
-/* 0x0388 417 (46 49) */ ld [%i1+52],%l3
-/* 0x038c 418 (46 49) */ fdtox %f18,%f18
-/* 0x0390 419 (46 47) */ add %g5,%o0,%l4
-/* 0x0394 420 (46 49) */ fmuld %f20,%f6,%f12
-/* 0x0398 421 (47 48) */ std %f18,[%sp+2295]
-/* 0x039c 422 (47 48) */ srax %l2,32,%o0
-/* 0x03a0 423 (47 50) */ fitod %f23,%f16
-/* 0x03a4 424 (48 51) */ ld [%i1+48],%o5
-/* 0x03a8 425 (48 51) */ fsubd %f14,%f8,%f8
-/* 0x03ac 426 (48 49) */ add %l4,%o0,%l4
-/* 0x03b0 427 (49 50) */ st %l4,[%i0+16]
-/* 0x03b4 428 (49 50) */ srax %l4,32,%o0
-/* 0x03b8 429 (49 51) */ fxnor %f0,%f24,%f18
-/* 0x03bc 430 (50 52) */ ldx [%sp+2303],%g5
-/* 0x03c0 431 (50 53) */ fdtox %f4,%f4
-/* 0x03c4 432 (51 52) */ std %f4,[%sp+2287]
-/* 0x03c8 433 (51 54) */ fdtox %f12,%f12
-/* 0x03cc 434 (51 54) */ fmuld %f10,%f6,%f4
-/* 0x03d0 435 (52 53) */ std %f12,[%sp+2279]
-/* 0x03d4 436 (52 55) */ fsubd %f14,%f16,%f12
-/* 0x03d8 437 (52 53) */ add %g5,%o1,%g2
-/* 0x03dc 438 (52 55) */ fmuld %f8,%f6,%f8
-/* 0x03e0 439 (53 55) */ ldx [%sp+2295],%g5
-/* 0x03e4 440 (53 56) */ fitod %f18,%f10
-/* 0x03e8 441 (53 54) */ add %g2,%o0,%g2
-/* 0x03ec 442 (54 55) */ st %g2,[%i0+20]
-/* 0x03f0 443 (54 57) */ fitod %f19,%f16
-/* 0x03f4 444 (54 55) */ srax %g2,32,%o0
-/* 0x03f8 445 (55 58) */ fdtox %f8,%f8
-/* 0x03fc 446 (55 56) */ std %f8,[%sp+2263]
-/* 0x0400 447 (55 56) */ add %g5,%o2,%g3
-/* 0x0404 448 (56 58) */ ldx [%sp+2287],%g5
-/* 0x0408 449 (56 59) */ fsubd %f14,%f10,%f10
-/* 0x040c 450 (56 57) */ add %g3,%o0,%g3
-/* 0x0410 451 (57 58) */ st %g3,[%i0+24]
-/* 0x0414 452 (57 60) */ fsubd %f14,%f16,%f8
-/* 0x0418 453 (57 58) */ srax %g3,32,%o0
-/* 0x041c 454 (58 61) */ fdtox %f4,%f4
-/* 0x0420 455 (58 59) */ std %f4,[%sp+2271]
-/* 0x0424 456 (58 59) */ add %g5,%o3,%g4
-/* 0x0428 457 (59 61) */ fxnor %f0,%f26,%f18
-/* 0x042c 458 (59 62) */ fmuld %f12,%f6,%f4
-/* 0x0430 459 (59 60) */ add %g4,%o0,%g4
-/* 0x0434 460 (60 61) */ st %g4,[%i0+28]
-/* 0x0438 461 (60 63) */ fmuld %f10,%f6,%f10
-/* 0x043c 462 (60 61) */ srax %g4,32,%o0
-/* 0x0440 463 (61 63) */ ldx [%sp+2279],%g5
-/* 0x0444 464 (61 64) */ fitod %f18,%f12
-/* 0x0448 465 (61 64) */ fmuld %f8,%f6,%f8
-/* 0x044c 466 (62 65) */ fdtox %f4,%f4
-/* 0x0450 467 (62 63) */ std %f4,[%sp+2255]
-/* 0x0454 468 (63 64) */ add %g5,%o4,%l2
-/* 0x0458 469 (63 65) */ ldx [%sp+2271],%g5
-/* 0x045c 470 (63 66) */ fdtox %f10,%f16
-/* 0x0460 471 (64 67) */ fsubd %f14,%f12,%f4
-/* 0x0464 472 (64 65) */ std %f16,[%sp+2247]
-/* 0x0468 473 (64 65) */ add %l2,%o0,%l2
-/* 0x046c 474 (65 68) */ fdtox %f8,%f8
-/* 0x0470 475 (65 66) */ std %f8,[%sp+2239]
-/* 0x0474 476 (65 66) */ add %g5,%o7,%l4
-/* 0x0478 477 (66 69) */ fitod %f19,%f10
-/* 0x047c 478 (66 68) */ ldx [%sp+2263],%g5
-/* 0x0480 479 (66 67) */ srax %l2,32,%o0
-/* 0x0484 480 (67 68) */ add %l4,%o0,%l4
-/* 0x0488 481 (67 70) */ fmuld %f4,%f6,%f4
-/* 0x048c 482 (67 69) */ ldx [%sp+2255],%o0
-/* 0x0490 483 (68 69) */ srax %l4,32,%o1
-/* 0x0494 484 (68 69) */ add %g5,%l1,%l1
-/* 0x0498 485 (68 69) */ st %l2,[%i0+32]
-/* 0x049c 486 (69 72) */ fsubd %f14,%f10,%f8
-/* 0x04a0 487 (69 71) */ ldx [%sp+2239],%o3
-/* 0x04a4 488 (69 70) */ add %l1,%o1,%o1
-/* 0x04a8 489 (70 72) */ ldx [%sp+2247],%g5
-/* 0x04ac 490 (70 71) */ srax %o1,32,%o2
-/* 0x04b0 491 (70 71) */ add %o0,%l0,%o0
-/* 0x04b4 492 (71 74) */ fdtox %f4,%f4
-/* 0x04b8 493 (71 72) */ std %f4,[%sp+2231]
-/* 0x04bc 494 (71 72) */ add %o0,%o2,%o2
-/* 0x04c0 495 (72 73) */ add %o3,%l3,%l3
-/* 0x04c4 496 (72 75) */ fmuld %f8,%f6,%f4
-/* 0x04c8 497 (72 73) */ add %g5,%o5,%g5
-/* 0x04cc 498 (73 74) */ srax %o2,32,%o3
-/* 0x04d0 499 (73 74) */ st %l4,[%i0+36]
-/* 0x04d4 500 (74 75) */ add %g5,%o3,%g2
-/* 0x04d8 501 (74 76) */ ldx [%sp+2231],%o0
-/* 0x04dc 502 (75 76) */ srax %g2,32,%g3
-/* 0x04e0 503 (75 78) */ fdtox %f4,%f4
-/* 0x04e4 504 (75 76) */ std %f4,[%sp+2223]
-/* 0x04e8 505 (76 77) */ st %o1,[%i0+40]
-/* 0x04ec 506 (76 77) */ add %l3,%g3,%g3
-/* 0x04f0 507 (76 77) */ add %o0,%l5,%g5
-/* 0x04f4 508 (77 78) */ st %o2,[%i0+44]
-/* 0x04f8 509 (77 78) */ srax %g3,32,%g4
-/* 0x04fc 510 (78 79) */ st %g2,[%i0+48]
-/* 0x0500 511 (78 79) */ add %g5,%g4,%g4
-/* 0x0504 512 (79 80) */ st %g3,[%i0+52]
-/* 0x0508 513 (79 80) */ srax %g4,32,%g5
-/* 0x050c 514 (80 83) */ ld [%i1+60],%g3
-/* 0x0510 515 (81 83) */ ldx [%sp+2223],%g2
-/* 0x0514 516 (82 83) */ st %g4,[%i0+56]
-/* 0x0518 517 (83 84) */ add %g2,%g3,%g2
-/* 0x051c 518 (84 85) */ add %g2,%g5,%g2
-/* 0x0520 519 (84 85) */ st %g2,[%i0+60]
-/* 0x0524 523 (85 86) */ srax %g2,32,%o3
-/* 0x0528 524 (86 87) */ srl %o3,0,%i0
-/* 0x052c (87 89) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0530 (89 90) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L900000157
-!
-
- .L900000157: /* frequency 1.0 confidence 0.0 */
-/* 0x0534 532 ( 0 1) */ fmovd %f0,%f14
-/* 0x0538 533 ( 0 3) */ ldd [%o0],%f8
-/* 0x053c 539 ( 0 1) */ add %i3,1,%g2
-/* 0x0540 540 ( 1 4) */ ld [%sp+2223],%f7
-/* 0x0544 541 ( 1 2) */ srl %g2,31,%g3
-/* 0x0548 545 ( 1 2) */ add %fp,-217,%g4
-/* 0x054c 546 ( 2 3) */ add %g2,%g3,%g2
-/* 0x0550 547 ( 2 3) */ or %g0,0,%g5
-/* 0x0554 548 ( 2 5) */ ldd [%o0+8],%f18
-/* 0x0558 549 ( 3 4) */ fmovs %f8,%f6
-/* 0x055c 550 ( 3 4) */ sra %g2,1,%o1
-/* 0x0560 551 ( 3 4) */ or %g0,0,%o0
-/* 0x0564 552 ( 4 5) */ subcc %o1,0,%g0
-/* 0x0568 553 ( 5 6) */ or %g0,%o1,%o3
-/* 0x056c 554 ( 5 8) */ fsubd %f6,%f8,%f16
-/* 0x0570 555 ( 5 6) */ ble,pt %icc,.L900000156 ! tprob=0.50
-/* 0x0574 ( 6 7) */ subcc %i3,0,%g0
-/* 0x0578 557 ( 6 7) */ sub %o1,1,%g2
-/* 0x057c 558 ( 7 8) */ or %g0,0,%i0
-/* 0x0580 559 ( 7 8) */ or %g0,1,%g3
-/* 0x0584 560 ( 8 9) */ subcc %o3,10,%g0
-/* 0x0588 561 ( 8 9) */ bl,pn %icc,.L77000077 ! tprob=0.50
-/* 0x058c ( 9 10) */ or %g0,0,%o1
-/* 0x0590 563 ( 9 12) */ ldd [%i2+8],%f0
-/* 0x0594 564 ( 9 10) */ sub %o3,3,%o3
-/* 0x0598 565 (10 13) */ ldd [%i2],%f2
-/* 0x059c 566 (10 11) */ or %g0,7,%o0
-/* 0x05a0 567 (10 11) */ or %g0,2,%i0
-/* 0x05a4 568 (11 13) */ fxnor %f14,%f0,%f8
-/* 0x05a8 569 (11 14) */ ldd [%i2+16],%f4
-/* 0x05ac 570 (11 12) */ or %g0,16,%o2
-/* 0x05b0 571 (12 14) */ fxnor %f14,%f2,%f2
-/* 0x05b4 572 (12 15) */ ldd [%i2+24],%f6
-/* 0x05b8 573 (12 13) */ or %g0,48,%o4
-/* 0x05bc 574 (13 16) */ fitod %f8,%f12
-/* 0x05c0 575 (13 14) */ or %g0,24,%o1
-/* 0x05c4 576 (13 14) */ or %g0,3,%g3
-/* 0x05c8 577 (14 17) */ fitod %f2,%f0
-/* 0x05cc 578 (15 18) */ fitod %f3,%f20
-/* 0x05d0 579 (15 18) */ ldd [%i2+32],%f2
-/* 0x05d4 580 (16 19) */ fitod %f9,%f10
-/* 0x05d8 581 (16 19) */ ldd [%i2+40],%f8
-/* 0x05dc 582 (17 20) */ fsubd %f18,%f0,%f0
-/* 0x05e0 583 (18 21) */ fsubd %f18,%f20,%f22
-/* 0x05e4 584 (19 22) */ fsubd %f18,%f12,%f20
-/* 0x05e8 585 (19 22) */ ldd [%i2+48],%f12
-/* 0x05ec 586 (20 23) */ fsubd %f18,%f10,%f10
-/* 0x05f0 587 (20 23) */ fmuld %f0,%f16,%f0
-/* 0x05f4 588 (21 23) */ fxnor %f14,%f4,%f4
-/* 0x05f8 589 (21 24) */ fmuld %f22,%f16,%f22
-/* 0x05fc 590 (22 24) */ fxnor %f14,%f6,%f6
-/* 0x0600 591 (22 25) */ fmuld %f20,%f16,%f20
-/* 0x0604 592 (23 26) */ fdtox %f0,%f0
-/* 0x0608 593 (23 24) */ std %f0,[%fp-217]
-/* 0x060c 594 (23 26) */ fmuld %f10,%f16,%f10
-/* 0x0610 595 (24 27) */ fdtox %f22,%f22
-/* 0x0614 596 (24 25) */ std %f22,[%fp-209]
-/* 0x0618 597 (25 28) */ fitod %f5,%f0
-/* 0x061c 598 (26 29) */ fdtox %f10,%f10
-/* 0x0620 599 (27 30) */ fdtox %f20,%f20
-/* 0x0624 600 (27 28) */ std %f20,[%fp-201]
-/* 0x0628 601 (28 31) */ fitod %f4,%f4
-/* 0x062c 602 (28 29) */ std %f10,[%fp-193]
-/* 0x0630 603 (29 31) */ fxnor %f14,%f2,%f10
-/* 0x0634 604 (30 33) */ fitod %f7,%f2
-/* 0x0638 605 (31 34) */ fsubd %f18,%f0,%f0
-/* 0x063c 606 (32 35) */ fsubd %f18,%f4,%f4
-/* 0x0640 607 (33 35) */ fxnor %f14,%f8,%f8
-
-!
-! ENTRY .L900000144
-!
-
- .L900000144: /* frequency 1.0 confidence 0.0 */
-/* 0x0644 609 ( 0 3) */ fitod %f11,%f22
-/* 0x0648 610 ( 0 1) */ add %o0,3,%o0
-/* 0x064c 611 ( 0 1) */ add %g3,6,%g3
-/* 0x0650 612 ( 0 3) */ fmuld %f0,%f16,%f0
-/* 0x0654 613 ( 1 4) */ fmuld %f4,%f16,%f24
-/* 0x0658 614 ( 1 2) */ subcc %o0,%o3,%g0
-/* 0x065c 615 ( 1 2) */ add %i0,6,%i0
-/* 0x0660 616 ( 1 4) */ fsubd %f18,%f2,%f2
-/* 0x0664 617 ( 2 5) */ fitod %f6,%f4
-/* 0x0668 618 ( 3 6) */ fdtox %f0,%f0
-/* 0x066c 619 ( 3 4) */ add %o4,8,%i1
-/* 0x0670 620 ( 4 7) */ ldd [%i2+%i1],%f20
-/* 0x0674 621 ( 4 7) */ fdtox %f24,%f6
-/* 0x0678 622 ( 4 5) */ add %o2,16,%o4
-/* 0x067c 623 ( 5 8) */ fsubd %f18,%f4,%f4
-/* 0x0680 624 ( 5 6) */ std %f6,[%o4+%g4]
-/* 0x0684 625 ( 5 6) */ add %o1,16,%o2
-/* 0x0688 626 ( 6 8) */ fxnor %f14,%f12,%f6
-/* 0x068c 627 ( 6 7) */ std %f0,[%o2+%g4]
-/* 0x0690 628 ( 7 10) */ fitod %f9,%f0
-/* 0x0694 629 ( 7 10) */ fmuld %f2,%f16,%f2
-/* 0x0698 630 ( 8 11) */ fmuld %f4,%f16,%f24
-/* 0x069c 631 ( 8 11) */ fsubd %f18,%f22,%f12
-/* 0x06a0 632 ( 9 12) */ fitod %f10,%f4
-/* 0x06a4 633 (10 13) */ fdtox %f2,%f2
-/* 0x06a8 634 (10 11) */ add %i1,8,%o1
-/* 0x06ac 635 (11 14) */ ldd [%i2+%o1],%f22
-/* 0x06b0 636 (11 14) */ fdtox %f24,%f10
-/* 0x06b4 637 (11 12) */ add %o4,16,%i4
-/* 0x06b8 638 (12 15) */ fsubd %f18,%f4,%f4
-/* 0x06bc 639 (12 13) */ std %f10,[%i4+%g4]
-/* 0x06c0 640 (12 13) */ add %o2,16,%i1
-/* 0x06c4 641 (13 15) */ fxnor %f14,%f20,%f10
-/* 0x06c8 642 (13 14) */ std %f2,[%i1+%g4]
-/* 0x06cc 643 (14 17) */ fitod %f7,%f2
-/* 0x06d0 644 (14 17) */ fmuld %f12,%f16,%f12
-/* 0x06d4 645 (15 18) */ fmuld %f4,%f16,%f24
-/* 0x06d8 646 (15 18) */ fsubd %f18,%f0,%f0
-/* 0x06dc 647 (16 19) */ fitod %f8,%f4
-/* 0x06e0 648 (17 20) */ fdtox %f12,%f20
-/* 0x06e4 649 (17 18) */ add %o1,8,%o4
-/* 0x06e8 650 (18 21) */ ldd [%i2+%o4],%f12
-/* 0x06ec 651 (18 21) */ fdtox %f24,%f8
-/* 0x06f0 652 (18 19) */ add %i4,16,%o2
-/* 0x06f4 653 (19 22) */ fsubd %f18,%f4,%f4
-/* 0x06f8 654 (19 20) */ std %f8,[%o2+%g4]
-/* 0x06fc 655 (19 20) */ add %i1,16,%o1
-/* 0x0700 656 (20 22) */ fxnor %f14,%f22,%f8
-/* 0x0704 657 (20 21) */ ble,pt %icc,.L900000144 ! tprob=0.50
-/* 0x0708 (20 21) */ std %f20,[%o1+%g4]
-
-!
-! ENTRY .L900000147
-!
-
- .L900000147: /* frequency 1.0 confidence 0.0 */
-/* 0x070c 660 ( 0 3) */ fitod %f6,%f6
-/* 0x0710 661 ( 0 3) */ fmuld %f4,%f16,%f24
-/* 0x0714 662 ( 0 1) */ add %i4,32,%l4
-/* 0x0718 663 ( 1 4) */ fsubd %f18,%f2,%f2
-/* 0x071c 664 ( 1 4) */ fmuld %f0,%f16,%f22
-/* 0x0720 665 ( 1 2) */ add %i1,32,%l3
-/* 0x0724 666 ( 2 5) */ fitod %f10,%f28
-/* 0x0728 667 ( 2 3) */ sra %o0,0,%o2
-/* 0x072c 668 ( 2 3) */ add %i4,48,%l2
-/* 0x0730 669 ( 3 6) */ fsubd %f18,%f6,%f4
-/* 0x0734 670 ( 3 4) */ add %i1,48,%l1
-/* 0x0738 671 ( 3 4) */ add %i4,64,%l0
-/* 0x073c 672 ( 4 7) */ fitod %f11,%f26
-/* 0x0740 673 ( 4 5) */ sllx %o2,3,%o1
-/* 0x0744 674 ( 4 5) */ add %i1,64,%i5
-/* 0x0748 675 ( 5 8) */ fitod %f8,%f6
-/* 0x074c 676 ( 5 6) */ add %i4,80,%i4
-/* 0x0750 677 ( 5 6) */ add %i1,80,%i1
-/* 0x0754 678 ( 6 8) */ fxnor %f14,%f12,%f0
-/* 0x0758 679 ( 6 9) */ fmuld %f4,%f16,%f20
-/* 0x075c 680 ( 6 7) */ add %i4,16,%o4
-/* 0x0760 681 ( 7 10) */ fitod %f9,%f4
-/* 0x0764 682 ( 7 10) */ fmuld %f2,%f16,%f12
-/* 0x0768 683 ( 7 8) */ add %i1,16,%o3
-/* 0x076c 684 ( 8 11) */ fsubd %f18,%f28,%f10
-/* 0x0770 685 ( 8 9) */ subcc %o0,%g2,%g0
-/* 0x0774 686 ( 8 9) */ add %g3,12,%g3
-/* 0x0778 687 ( 9 12) */ fitod %f0,%f2
-/* 0x077c 688 (10 13) */ fsubd %f18,%f26,%f8
-/* 0x0780 689 (11 14) */ fitod %f1,%f0
-/* 0x0784 690 (11 14) */ fmuld %f10,%f16,%f10
-/* 0x0788 691 (12 15) */ fdtox %f24,%f24
-/* 0x078c 692 (12 13) */ std %f24,[%l4+%g4]
-/* 0x0790 693 (12 13) */ add %i0,12,%i0
-/* 0x0794 694 (13 16) */ fsubd %f18,%f6,%f6
-/* 0x0798 695 (13 16) */ fmuld %f8,%f16,%f8
-/* 0x079c 696 (14 17) */ fdtox %f22,%f22
-/* 0x07a0 697 (14 15) */ std %f22,[%l3+%g4]
-/* 0x07a4 698 (15 18) */ fsubd %f18,%f4,%f4
-/* 0x07a8 699 (16 19) */ fdtox %f20,%f20
-/* 0x07ac 700 (16 17) */ std %f20,[%l2+%g4]
-/* 0x07b0 701 (16 19) */ fmuld %f6,%f16,%f6
-/* 0x07b4 702 (17 20) */ fsubd %f18,%f2,%f2
-/* 0x07b8 703 (18 21) */ fsubd %f18,%f0,%f0
-/* 0x07bc 704 (18 21) */ fmuld %f4,%f16,%f4
-/* 0x07c0 705 (19 22) */ fdtox %f12,%f12
-/* 0x07c4 706 (19 20) */ std %f12,[%l1+%g4]
-/* 0x07c8 707 (20 23) */ fdtox %f10,%f10
-/* 0x07cc 708 (20 21) */ std %f10,[%l0+%g4]
-/* 0x07d0 709 (20 23) */ fmuld %f2,%f16,%f2
-/* 0x07d4 710 (21 24) */ fdtox %f8,%f8
-/* 0x07d8 711 (21 22) */ std %f8,[%i5+%g4]
-/* 0x07dc 712 (21 24) */ fmuld %f0,%f16,%f0
-/* 0x07e0 713 (22 25) */ fdtox %f6,%f6
-/* 0x07e4 714 (22 23) */ std %f6,[%i4+%g4]
-/* 0x07e8 715 (23 26) */ fdtox %f4,%f4
-/* 0x07ec 716 (23 24) */ std %f4,[%i1+%g4]
-/* 0x07f0 717 (24 27) */ fdtox %f2,%f2
-/* 0x07f4 718 (24 25) */ std %f2,[%o4+%g4]
-/* 0x07f8 719 (25 28) */ fdtox %f0,%f0
-/* 0x07fc 720 (25 26) */ bg,pn %icc,.L77000043 ! tprob=0.50
-/* 0x0800 (25 26) */ std %f0,[%o3+%g4]
-
-!
-! ENTRY .L77000077
-!
-
- .L77000077: /* frequency 1.0 confidence 0.0 */
-/* 0x0804 723 ( 0 3) */ ldd [%i2+%o1],%f0
-
-!
-! ENTRY .L900000155
-!
-
- .L900000155: /* frequency 1.0 confidence 0.0 */
-/* 0x0808 725 ( 0 2) */ fxnor %f14,%f0,%f0
-/* 0x080c 726 ( 0 1) */ sra %i0,0,%o1
-/* 0x0810 727 ( 0 1) */ add %o0,1,%o0
-/* 0x0814 728 ( 1 2) */ sllx %o1,3,%i4
-/* 0x0818 729 ( 1 2) */ add %i0,2,%i0
-/* 0x081c 730 ( 2 5) */ fitod %f0,%f2
-/* 0x0820 731 ( 2 3) */ sra %g3,0,%o1
-/* 0x0824 732 ( 2 3) */ add %g3,2,%g3
-/* 0x0828 733 ( 3 6) */ fitod %f1,%f0
-/* 0x082c 734 ( 3 4) */ sllx %o1,3,%i1
-/* 0x0830 735 ( 3 4) */ subcc %o0,%g2,%g0
-/* 0x0834 736 ( 4 5) */ sra %o0,0,%o2
-/* 0x0838 737 ( 5 8) */ fsubd %f18,%f2,%f2
-/* 0x083c 738 ( 5 6) */ sllx %o2,3,%o1
-/* 0x0840 739 ( 6 9) */ fsubd %f18,%f0,%f0
-/* 0x0844 740 ( 8 11) */ fmuld %f2,%f16,%f2
-/* 0x0848 741 ( 9 12) */ fmuld %f0,%f16,%f0
-/* 0x084c 742 (11 14) */ fdtox %f2,%f2
-/* 0x0850 743 (11 12) */ std %f2,[%i4+%g4]
-/* 0x0854 744 (12 15) */ fdtox %f0,%f0
-/* 0x0858 745 (12 13) */ std %f0,[%i1+%g4]
-/* 0x085c 746 (12 13) */ ble,a,pt %icc,.L900000155 ! tprob=0.50
-/* 0x0860 (14 17) */ ldd [%i2+%o1],%f0
-
-!
-! ENTRY .L77000043
-!
-
- .L77000043: /* frequency 1.0 confidence 0.0 */
-/* 0x0864 754 ( 0 1) */ subcc %i3,0,%g0
-
-!
-! ENTRY .L900000156
-!
-
- .L900000156: /* frequency 1.0 confidence 0.0 */
-/* 0x0868 756 ( 0 1) */ ble,a,pt %icc,.L77000061 ! tprob=0.50
-/* 0x086c ( 0 1) */ or %g0,%g5,%o3
-/* 0x0870 761 ( 0 2) */ ldx [%fp-209],%i1
-/* 0x0874 762 ( 1 2) */ sub %i3,1,%g3
-/* 0x0878 763 ( 1 2) */ or %g0,0,%i0
-/* 0x087c 764 ( 2 3) */ subcc %i3,5,%g0
-/* 0x0880 765 ( 2 3) */ bl,pn %icc,.L77000078 ! tprob=0.50
-/* 0x0884 ( 2 4) */ ldx [%fp-217],%i2
-/* 0x0888 767 ( 3 6) */ ld [%o5],%i3
-/* 0x088c 768 ( 3 4) */ or %g0,8,%g2
-/* 0x0890 769 ( 3 4) */ or %g0,16,%o4
-/* 0x0894 770 ( 4 5) */ sub %g3,1,%o3
-/* 0x0898 771 ( 4 5) */ or %g0,3,%i0
-/* 0x089c 772 ( 5 6) */ add %i2,%i3,%o1
-/* 0x08a0 773 ( 5 8) */ ld [%o5+4],%i2
-/* 0x08a4 774 ( 6 7) */ st %o1,[%o7]
-/* 0x08a8 775 ( 6 7) */ srax %o1,32,%o1
-/* 0x08ac 776 ( 7 9) */ ldx [%fp-201],%o2
-/* 0x08b0 777 ( 7 8) */ add %i1,%i2,%o0
-/* 0x08b4 778 ( 7 8) */ or %g0,%o1,%i1
-/* 0x08b8 779 ( 8 11) */ ld [%o5+8],%o1
-/* 0x08bc 780 ( 8 9) */ add %o0,%i1,%o0
-/* 0x08c0 781 ( 9 10) */ st %o0,[%o7+4]
-/* 0x08c4 782 ( 9 10) */ srax %o0,32,%o0
-
-!
-! ENTRY .L900000140
-!
-
- .L900000140: /* frequency 1.0 confidence 0.0 */
-/* 0x08c8 784 ( 0 1) */ add %g2,4,%i1
-/* 0x08cc 785 ( 0 1) */ add %o4,8,%o4
-/* 0x08d0 786 ( 1 3) */ ldx [%o4+%g4],%i2
-/* 0x08d4 787 ( 1 2) */ sra %o0,0,%g5
-/* 0x08d8 788 ( 1 2) */ add %o2,%o1,%o1
-/* 0x08dc 789 ( 2 5) */ ld [%o5+%i1],%o0
-/* 0x08e0 790 ( 2 3) */ add %o1,%g5,%o1
-/* 0x08e4 791 ( 2 3) */ add %i0,2,%i0
-/* 0x08e8 792 ( 3 4) */ st %o1,[%o7+%g2]
-/* 0x08ec 793 ( 3 4) */ srax %o1,32,%g5
-/* 0x08f0 794 ( 3 4) */ subcc %i0,%o3,%g0
-/* 0x08f4 795 ( 4 5) */ add %g2,8,%g2
-/* 0x08f8 796 ( 4 5) */ add %o4,8,%o4
-/* 0x08fc 797 ( 5 7) */ ldx [%o4+%g4],%o2
-/* 0x0900 798 ( 5 6) */ add %i2,%o0,%o0
-/* 0x0904 799 ( 6 9) */ ld [%o5+%g2],%o1
-/* 0x0908 800 ( 6 7) */ add %o0,%g5,%o0
-/* 0x090c 801 ( 7 8) */ st %o0,[%o7+%i1]
-/* 0x0910 802 ( 7 8) */ ble,pt %icc,.L900000140 ! tprob=0.50
-/* 0x0914 ( 7 8) */ srax %o0,32,%o0
-
-!
-! ENTRY .L900000143
-!
-
- .L900000143: /* frequency 1.0 confidence 0.0 */
-/* 0x0918 805 ( 0 1) */ sra %o0,0,%o3
-/* 0x091c 806 ( 0 1) */ add %o2,%o1,%o0
-/* 0x0920 807 ( 1 2) */ add %o0,%o3,%o0
-/* 0x0924 808 ( 1 2) */ st %o0,[%o7+%g2]
-/* 0x0928 809 ( 1 2) */ subcc %i0,%g3,%g0
-/* 0x092c 810 ( 2 3) */ srax %o0,32,%g5
-/* 0x0930 811 ( 2 3) */ bg,a,pn %icc,.L77000061 ! tprob=0.50
-/* 0x0934 ( 3 4) */ or %g0,%g5,%o3
-
-!
-! ENTRY .L77000078
-!
-
- .L77000078: /* frequency 1.0 confidence 0.0 */
-/* 0x0938 814 ( 0 1) */ sra %i0,0,%o0
-
-!
-! ENTRY .L900000154
-!
-
- .L900000154: /* frequency 1.0 confidence 0.0 */
-/* 0x093c 816 ( 0 1) */ sllx %o0,2,%g2
-/* 0x0940 817 ( 0 1) */ add %i0,1,%i0
-/* 0x0944 818 ( 1 2) */ sllx %o0,3,%o4
-/* 0x0948 819 ( 1 4) */ ld [%o5+%g2],%o2
-/* 0x094c 820 ( 1 2) */ subcc %i0,%g3,%g0
-/* 0x0950 821 ( 2 4) */ ldx [%o4+%g4],%o0
-/* 0x0954 822 ( 2 3) */ sra %g5,0,%o1
-/* 0x0958 823 ( 4 5) */ add %o0,%o2,%o0
-/* 0x095c 824 ( 5 6) */ add %o0,%o1,%o0
-/* 0x0960 825 ( 5 6) */ st %o0,[%o7+%g2]
-/* 0x0964 826 ( 6 7) */ srax %o0,32,%g5
-/* 0x0968 827 ( 6 7) */ ble,pt %icc,.L900000154 ! tprob=0.50
-/* 0x096c ( 7 8) */ sra %i0,0,%o0
-
-!
-! ENTRY .L77000047
-!
-
- .L77000047: /* frequency 1.0 confidence 0.0 */
-/* 0x0970 834 ( 0 1) */ or %g0,%g5,%o3
-
-!
-! ENTRY .L77000061
-!
-
- .L77000061: /* frequency 1.0 confidence 0.0 */
-
-/* 0x0974 835 ( 1 2) */ srl %o3,0,%i0
-/* 0x0978 ( 2 4) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x097c ( 4 5) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000048
-!
-
- .L77000048: /* frequency 1.0 confidence 0.0 */
-/* 0x0980 844 ( 0 1) */ bne,pn %icc,.L77000050 ! tprob=0.50
-/* 0x0984 ( 0 1) */ sethi %hi(0xfff80000),%g2
-/* 0x0988 854 ( 0 3) */ ldd [%o2],%f4
-/* 0x098c 855 ( 1 4) */ ldd [%o0],%f6
-/* 0x0990 856 ( 1 2) */ srl %i4,19,%g3
-/* 0x0994 857 ( 1 2) */ andn %i4,%g2,%g2
-/* 0x0998 858 ( 2 3) */ st %g3,[%sp+2351]
-/* 0x099c 859 ( 2 4) */ fxnor %f0,%f4,%f4
-/* 0x09a0 860 ( 3 4) */ st %g2,[%sp+2355]
-/* 0x09a4 861 ( 4 7) */ ldd [%o2+8],%f12
-/* 0x09a8 862 ( 4 7) */ fitod %f4,%f10
-/* 0x09ac 863 ( 5 8) */ ldd [%o0+8],%f16
-/* 0x09b0 864 ( 5 8) */ fitod %f5,%f4
-/* 0x09b4 865 ( 6 9) */ ldd [%o2+16],%f18
-/* 0x09b8 866 ( 6 8) */ fxnor %f0,%f12,%f12
-/* 0x09bc 867 ( 7 10) */ ld [%sp+2351],%f9
-/* 0x09c0 868 ( 7 10) */ fsubd %f16,%f10,%f10
-/* 0x09c4 869 ( 8 11) */ ld [%sp+2355],%f15
-/* 0x09c8 870 ( 8 11) */ fitod %f12,%f22
-/* 0x09cc 871 ( 9 12) */ ldd [%o2+24],%f20
-/* 0x09d0 872 ( 9 12) */ fitod %f13,%f12
-/* 0x09d4 876 (10 13) */ ld [%i1],%g2
-/* 0x09d8 877 (10 13) */ fsubd %f16,%f4,%f4
-/* 0x09dc 878 (11 14) */ ld [%i1+4],%g3
-/* 0x09e0 879 (11 14) */ fsubd %f16,%f22,%f22
-/* 0x09e4 880 (12 15) */ ld [%i1+8],%g4
-/* 0x09e8 881 (12 14) */ fxnor %f0,%f18,%f18
-/* 0x09ec 882 (13 16) */ ld [%i1+12],%g5
-/* 0x09f0 883 (13 16) */ fsubd %f16,%f12,%f12
-/* 0x09f4 884 (14 17) */ ld [%i1+16],%o0
-/* 0x09f8 885 (14 17) */ fitod %f18,%f26
-/* 0x09fc 886 (15 18) */ ld [%i1+20],%o1
-/* 0x0a00 887 (15 17) */ fxnor %f0,%f20,%f20
-/* 0x0a04 888 (16 19) */ ld [%i1+24],%o2
-/* 0x0a08 889 (17 20) */ ld [%i1+28],%o3
-/* 0x0a0c 890 (19 20) */ fmovs %f6,%f8
-/* 0x0a10 891 (20 21) */ fmovs %f6,%f14
-/* 0x0a14 892 (22 25) */ fsubd %f8,%f6,%f8
-/* 0x0a18 893 (23 26) */ fsubd %f14,%f6,%f6
-/* 0x0a1c 894 (25 28) */ fmuld %f10,%f8,%f14
-/* 0x0a20 895 (26 29) */ fmuld %f10,%f6,%f10
-/* 0x0a24 896 (27 30) */ fmuld %f4,%f8,%f24
-/* 0x0a28 897 (28 31) */ fdtox %f14,%f14
-/* 0x0a2c 898 (28 29) */ std %f14,[%sp+2335]
-/* 0x0a30 899 (28 31) */ fmuld %f22,%f8,%f28
-/* 0x0a34 900 (29 32) */ fitod %f19,%f14
-/* 0x0a38 901 (29 32) */ fmuld %f22,%f6,%f18
-/* 0x0a3c 902 (30 33) */ fdtox %f10,%f10
-/* 0x0a40 903 (30 31) */ std %f10,[%sp+2343]
-/* 0x0a44 904 (30 33) */ fmuld %f4,%f6,%f4
-/* 0x0a48 905 (31 34) */ fmuld %f12,%f8,%f22
-/* 0x0a4c 906 (32 35) */ fdtox %f18,%f18
-/* 0x0a50 907 (32 33) */ std %f18,[%sp+2311]
-/* 0x0a54 908 (32 35) */ fmuld %f12,%f6,%f10
-/* 0x0a58 909 (33 35) */ ldx [%sp+2335],%o4
-/* 0x0a5c 910 (33 36) */ fdtox %f24,%f12
-/* 0x0a60 911 (34 35) */ std %f12,[%sp+2319]
-/* 0x0a64 912 (34 37) */ fsubd %f16,%f26,%f12
-/* 0x0a68 913 (35 37) */ ldx [%sp+2343],%o5
-/* 0x0a6c 914 (35 36) */ sllx %o4,19,%o4
-/* 0x0a70 915 (35 38) */ fdtox %f4,%f4
-/* 0x0a74 916 (36 37) */ std %f4,[%sp+2327]
-/* 0x0a78 917 (36 39) */ fdtox %f28,%f24
-/* 0x0a7c 918 (37 38) */ std %f24,[%sp+2303]
-/* 0x0a80 919 (37 40) */ fitod %f20,%f4
-/* 0x0a84 920 (37 38) */ add %o5,%o4,%o4
-/* 0x0a88 921 (37 40) */ fmuld %f12,%f8,%f24
-/* 0x0a8c 922 (38 40) */ ldx [%sp+2319],%o7
-/* 0x0a90 923 (38 41) */ fsubd %f16,%f14,%f14
-/* 0x0a94 924 (38 39) */ add %o4,%g2,%o4
-/* 0x0a98 925 (38 41) */ fmuld %f12,%f6,%f12
-/* 0x0a9c 926 (39 41) */ ldx [%sp+2327],%o5
-/* 0x0aa0 927 (39 42) */ fitod %f21,%f18
-/* 0x0aa4 928 (40 41) */ st %o4,[%i0]
-/* 0x0aa8 929 (40 41) */ sllx %o7,19,%o7
-/* 0x0aac 930 (40 43) */ fdtox %f22,%f20
-/* 0x0ab0 931 (41 42) */ std %f20,[%sp+2287]
-/* 0x0ab4 932 (41 44) */ fdtox %f10,%f10
-/* 0x0ab8 933 (41 42) */ add %o5,%o7,%o5
-/* 0x0abc 934 (41 44) */ fmuld %f14,%f8,%f20
-/* 0x0ac0 935 (42 43) */ std %f10,[%sp+2295]
-/* 0x0ac4 936 (42 43) */ srlx %o4,32,%o7
-/* 0x0ac8 937 (42 45) */ fsubd %f16,%f4,%f4
-/* 0x0acc 938 (42 45) */ fmuld %f14,%f6,%f14
-/* 0x0ad0 939 (43 45) */ ldx [%sp+2311],%g2
-/* 0x0ad4 940 (43 46) */ fdtox %f24,%f10
-/* 0x0ad8 941 (43 44) */ add %o5,%g3,%g3
-/* 0x0adc 942 (44 45) */ std %f10,[%sp+2271]
-/* 0x0ae0 943 (44 45) */ add %g3,%o7,%g3
-/* 0x0ae4 944 (44 47) */ fdtox %f12,%f12
-/* 0x0ae8 945 (45 47) */ ldx [%sp+2303],%l0
-/* 0x0aec 946 (45 48) */ fsubd %f16,%f18,%f10
-/* 0x0af0 947 (45 48) */ fmuld %f4,%f8,%f16
-/* 0x0af4 948 (46 47) */ std %f12,[%sp+2279]
-/* 0x0af8 949 (46 49) */ fdtox %f20,%f12
-/* 0x0afc 950 (46 49) */ fmuld %f4,%f6,%f4
-/* 0x0b00 951 (47 48) */ std %f12,[%sp+2255]
-/* 0x0b04 952 (47 48) */ sllx %l0,19,%l0
-/* 0x0b08 953 (47 50) */ fdtox %f14,%f12
-/* 0x0b0c 954 (48 50) */ ldx [%sp+2287],%o5
-/* 0x0b10 955 (48 49) */ add %g2,%l0,%g2
-/* 0x0b14 956 (48 51) */ fmuld %f10,%f8,%f8
-/* 0x0b18 957 (49 51) */ ldx [%sp+2295],%l1
-/* 0x0b1c 958 (49 50) */ srlx %g3,32,%l0
-/* 0x0b20 959 (49 50) */ add %g2,%g4,%g4
-/* 0x0b24 960 (49 52) */ fmuld %f10,%f6,%f6
-/* 0x0b28 961 (50 51) */ std %f12,[%sp+2263]
-/* 0x0b2c 962 (50 51) */ sllx %o5,19,%g2
-/* 0x0b30 963 (50 51) */ add %g4,%l0,%g4
-/* 0x0b34 964 (51 53) */ ldx [%sp+2279],%l0
-/* 0x0b38 965 (51 52) */ srlx %g4,32,%o5
-/* 0x0b3c 966 (51 52) */ add %l1,%g2,%g2
-/* 0x0b40 967 (52 53) */ st %g3,[%i0+4]
-/* 0x0b44 968 (52 53) */ add %g2,%g5,%g2
-/* 0x0b48 969 (52 55) */ fdtox %f16,%f10
-/* 0x0b4c 970 (53 55) */ ldx [%sp+2271],%o7
-/* 0x0b50 971 (53 54) */ add %g2,%o5,%g2
-/* 0x0b54 972 (53 56) */ fdtox %f4,%f4
-/* 0x0b58 973 (54 55) */ std %f10,[%sp+2239]
-/* 0x0b5c 974 (55 56) */ sllx %o7,19,%o7
-/* 0x0b60 975 (55 56) */ std %f4,[%sp+2247]
-/* 0x0b64 976 (55 58) */ fdtox %f8,%f4
-/* 0x0b68 977 (56 57) */ add %l0,%o7,%o7
-/* 0x0b6c 978 (56 58) */ ldx [%sp+2263],%o5
-/* 0x0b70 979 (57 58) */ add %o7,%o0,%o0
-/* 0x0b74 980 (57 58) */ std %f4,[%sp+2223]
-/* 0x0b78 981 (57 60) */ fdtox %f6,%f4
-/* 0x0b7c 982 (58 60) */ ldx [%sp+2255],%g5
-/* 0x0b80 983 (58 59) */ srlx %g2,32,%o7
-/* 0x0b84 984 (59 60) */ std %f4,[%sp+2231]
-/* 0x0b88 985 (59 60) */ add %o0,%o7,%o0
-/* 0x0b8c 986 (60 61) */ sllx %g5,19,%g5
-/* 0x0b90 987 (60 62) */ ldx [%sp+2247],%l1
-/* 0x0b94 988 (61 62) */ add %o5,%g5,%g5
-/* 0x0b98 989 (61 62) */ st %g2,[%i0+12]
-/* 0x0b9c 990 (62 64) */ ldx [%sp+2239],%l0
-/* 0x0ba0 991 (62 63) */ srlx %o0,32,%o4
-/* 0x0ba4 992 (62 63) */ add %g5,%o1,%o1
-/* 0x0ba8 993 (63 64) */ add %o1,%o4,%o1
-/* 0x0bac 994 (63 65) */ ldx [%sp+2223],%o7
-/* 0x0bb0 995 (64 65) */ sllx %l0,19,%g3
-/* 0x0bb4 996 (64 66) */ ldx [%sp+2231],%o5
-/* 0x0bb8 997 (65 66) */ add %l1,%g3,%o4
-/* 0x0bbc 998 (65 66) */ st %o0,[%i0+16]
-/* 0x0bc0 999 (66 67) */ add %o4,%o2,%o2
-/* 0x0bc4 1000 (66 67) */ st %o1,[%i0+20]
-/* 0x0bc8 1001 (67 68) */ srlx %o1,32,%o4
-/* 0x0bcc 1002 (67 68) */ st %g4,[%i0+8]
-/* 0x0bd0 1003 (68 69) */ sllx %o7,19,%g2
-/* 0x0bd4 1004 (68 69) */ add %o2,%o4,%o4
-/* 0x0bd8 1005 (68 69) */ st %o4,[%i0+24]
-/* 0x0bdc 1006 (69 70) */ add %o5,%g2,%g2
-/* 0x0be0 1007 (70 71) */ srlx %o4,32,%g3
-/* 0x0be4 1008 (70 71) */ add %g2,%o3,%g2
-/* 0x0be8 1009 (71 72) */ add %g2,%g3,%g2
-/* 0x0bec 1010 (71 72) */ st %g2,[%i0+28]
-/* 0x0bf0 1014 (72 73) */ srlx %g2,32,%o3
-/* 0x0bf4 1015 (73 74) */ srl %o3,0,%i0
-/* 0x0bf8 (74 76) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x0bfc (76 77) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000050
-!
-
- .L77000050: /* frequency 1.0 confidence 0.0 */
-/* 0x0c00 1022 ( 0 1) */ subcc %i3,16,%g0
-/* 0x0c04 1023 ( 0 1) */ bne,pn %icc,.L77000073 ! tprob=0.50
-/* 0x0c08 ( 0 1) */ sethi %hi(0xfff80000),%g2
-/* 0x0c0c 1034 ( 1 4) */ ldd [%o2],%f4
-/* 0x0c10 1035 ( 1 2) */ andn %i4,%g2,%g2
-/* 0x0c14 1036 ( 2 3) */ st %g2,[%sp+2483]
-/* 0x0c18 1037 ( 2 3) */ srl %i4,19,%g2
-/* 0x0c1c 1038 ( 3 4) */ st %g2,[%sp+2479]
-/* 0x0c20 1039 ( 3 5) */ fxnor %f0,%f4,%f4
-/* 0x0c24 1040 ( 4 7) */ ldd [%o0],%f8
-/* 0x0c28 1041 ( 5 8) */ fitod %f4,%f10
-/* 0x0c2c 1042 ( 5 8) */ ldd [%o0+8],%f16
-/* 0x0c30 1043 ( 6 9) */ ldd [%o2+8],%f14
-/* 0x0c34 1044 ( 6 9) */ fitod %f5,%f4
-/* 0x0c38 1045 ( 7 10) */ ld [%sp+2483],%f13
-/* 0x0c3c 1046 ( 8 11) */ ld [%sp+2479],%f7
-/* 0x0c40 1047 ( 8 11) */ fsubd %f16,%f10,%f10
-/* 0x0c44 1048 ( 9 11) */ fxnor %f0,%f14,%f14
-/* 0x0c48 1049 (10 13) */ fsubd %f16,%f4,%f4
-/* 0x0c4c 1050 (14 15) */ fmovs %f8,%f12
-/* 0x0c50 1051 (15 16) */ fmovs %f8,%f6
-/* 0x0c54 1052 (17 20) */ fsubd %f12,%f8,%f12
-/* 0x0c58 1053 (18 21) */ fsubd %f6,%f8,%f6
-/* 0x0c5c 1054 (19 22) */ fitod %f14,%f8
-/* 0x0c60 1055 (20 23) */ fmuld %f10,%f12,%f18
-/* 0x0c64 1056 (20 23) */ fitod %f15,%f14
-/* 0x0c68 1057 (21 24) */ fmuld %f10,%f6,%f10
-/* 0x0c6c 1058 (22 25) */ fsubd %f16,%f8,%f8
-/* 0x0c70 1059 (22 25) */ fmuld %f4,%f12,%f20
-/* 0x0c74 1060 (23 26) */ fmuld %f4,%f6,%f4
-/* 0x0c78 1061 (23 26) */ fsubd %f16,%f14,%f14
-/* 0x0c7c 1062 (24 27) */ fdtox %f10,%f10
-/* 0x0c80 1063 (24 25) */ std %f10,[%sp+2463]
-/* 0x0c84 1064 (25 28) */ fmuld %f8,%f12,%f10
-/* 0x0c88 1065 (25 28) */ fdtox %f18,%f18
-/* 0x0c8c 1066 (25 26) */ std %f18,[%sp+2471]
-/* 0x0c90 1067 (26 29) */ fmuld %f8,%f6,%f8
-/* 0x0c94 1068 (26 29) */ fdtox %f4,%f4
-/* 0x0c98 1069 (26 27) */ std %f4,[%sp+2447]
-/* 0x0c9c 1070 (27 30) */ fmuld %f14,%f12,%f4
-/* 0x0ca0 1071 (27 30) */ fdtox %f20,%f18
-/* 0x0ca4 1072 (27 28) */ std %f18,[%sp+2455]
-/* 0x0ca8 1073 (28 31) */ fdtox %f10,%f10
-/* 0x0cac 1074 (28 29) */ std %f10,[%sp+2439]
-/* 0x0cb0 1075 (28 31) */ fmuld %f14,%f6,%f14
-/* 0x0cb4 1076 (29 32) */ fdtox %f8,%f8
-/* 0x0cb8 1077 (29 30) */ std %f8,[%sp+2431]
-/* 0x0cbc 1078 (30 33) */ ldd [%o2+16],%f10
-/* 0x0cc0 1079 (30 33) */ fdtox %f4,%f4
-/* 0x0cc4 1080 (31 34) */ ldd [%o2+24],%f8
-/* 0x0cc8 1081 (31 34) */ fdtox %f14,%f14
-/* 0x0ccc 1082 (32 33) */ std %f4,[%sp+2423]
-/* 0x0cd0 1083 (32 34) */ fxnor %f0,%f10,%f10
-/* 0x0cd4 1084 (33 35) */ fxnor %f0,%f8,%f4
-/* 0x0cd8 1085 (33 34) */ std %f14,[%sp+2415]
-/* 0x0cdc 1086 (34 37) */ fitod %f10,%f8
-/* 0x0ce0 1087 (35 38) */ fitod %f11,%f10
-/* 0x0ce4 1088 (36 39) */ fitod %f4,%f14
-/* 0x0ce8 1089 (37 40) */ fsubd %f16,%f8,%f8
-/* 0x0cec 1090 (38 41) */ fsubd %f16,%f10,%f10
-/* 0x0cf0 1091 (39 42) */ fsubd %f16,%f14,%f14
-/* 0x0cf4 1092 (40 43) */ fmuld %f8,%f12,%f18
-/* 0x0cf8 1093 (40 43) */ fitod %f5,%f4
-/* 0x0cfc 1094 (41 44) */ fmuld %f8,%f6,%f8
-/* 0x0d00 1095 (42 45) */ fmuld %f10,%f12,%f20
-/* 0x0d04 1096 (43 46) */ fmuld %f10,%f6,%f10
-/* 0x0d08 1097 (43 46) */ fsubd %f16,%f4,%f4
-/* 0x0d0c 1098 (44 47) */ fdtox %f8,%f8
-/* 0x0d10 1099 (44 45) */ std %f8,[%sp+2399]
-/* 0x0d14 1100 (45 48) */ fmuld %f14,%f12,%f8
-/* 0x0d18 1101 (45 48) */ fdtox %f18,%f18
-/* 0x0d1c 1102 (45 46) */ std %f18,[%sp+2407]
-/* 0x0d20 1103 (46 49) */ fdtox %f10,%f10
-/* 0x0d24 1104 (46 47) */ std %f10,[%sp+2383]
-/* 0x0d28 1105 (46 49) */ fmuld %f14,%f6,%f14
-/* 0x0d2c 1106 (47 50) */ fmuld %f4,%f12,%f10
-/* 0x0d30 1107 (47 50) */ fdtox %f20,%f18
-/* 0x0d34 1108 (47 48) */ std %f18,[%sp+2391]
-/* 0x0d38 1109 (48 51) */ fdtox %f8,%f8
-/* 0x0d3c 1110 (48 49) */ std %f8,[%sp+2375]
-/* 0x0d40 1111 (48 51) */ fmuld %f4,%f6,%f4
-/* 0x0d44 1112 (49 52) */ fdtox %f14,%f14
-/* 0x0d48 1113 (49 50) */ std %f14,[%sp+2367]
-/* 0x0d4c 1117 (50 53) */ ldd [%o2+32],%f8
-/* 0x0d50 1118 (50 53) */ fdtox %f10,%f10
-/* 0x0d54 1119 (51 54) */ fdtox %f4,%f4
-/* 0x0d58 1120 (51 52) */ std %f4,[%sp+2351]
-/* 0x0d5c 1121 (52 54) */ fxnor %f0,%f8,%f8
-/* 0x0d60 1122 (52 55) */ ldd [%o2+40],%f14
-/* 0x0d64 1123 (53 54) */ std %f10,[%sp+2359]
-/* 0x0d68 1124 (54 57) */ fitod %f8,%f4
-/* 0x0d6c 1125 (55 57) */ fxnor %f0,%f14,%f10
-/* 0x0d70 1126 (56 59) */ fitod %f9,%f8
-/* 0x0d74 1127 (57 60) */ fsubd %f16,%f4,%f4
-/* 0x0d78 1128 (58 61) */ fitod %f10,%f14
-/* 0x0d7c 1129 (59 62) */ fsubd %f16,%f8,%f8
-/* 0x0d80 1130 (60 63) */ fmuld %f4,%f12,%f18
-/* 0x0d84 1131 (60 63) */ fitod %f11,%f10
-/* 0x0d88 1132 (61 64) */ fmuld %f4,%f6,%f4
-/* 0x0d8c 1133 (61 64) */ fsubd %f16,%f14,%f14
-/* 0x0d90 1134 (62 65) */ fmuld %f8,%f12,%f20
-/* 0x0d94 1135 (63 66) */ fmuld %f8,%f6,%f8
-/* 0x0d98 1136 (63 66) */ fsubd %f16,%f10,%f10
-/* 0x0d9c 1137 (64 67) */ fdtox %f4,%f4
-/* 0x0da0 1138 (64 65) */ std %f4,[%sp+2335]
-/* 0x0da4 1139 (65 68) */ fmuld %f14,%f12,%f4
-/* 0x0da8 1140 (65 68) */ fdtox %f18,%f18
-/* 0x0dac 1141 (65 66) */ std %f18,[%sp+2343]
-/* 0x0db0 1142 (66 69) */ fdtox %f8,%f8
-/* 0x0db4 1143 (66 67) */ std %f8,[%sp+2319]
-/* 0x0db8 1144 (66 69) */ fmuld %f14,%f6,%f14
-/* 0x0dbc 1145 (67 70) */ fmuld %f10,%f12,%f8
-/* 0x0dc0 1146 (67 70) */ fdtox %f20,%f18
-/* 0x0dc4 1147 (67 68) */ std %f18,[%sp+2327]
-/* 0x0dc8 1148 (68 71) */ fdtox %f4,%f4
-/* 0x0dcc 1149 (68 69) */ std %f4,[%sp+2311]
-/* 0x0dd0 1150 (68 71) */ fmuld %f10,%f6,%f10
-/* 0x0dd4 1151 (69 72) */ fdtox %f14,%f14
-/* 0x0dd8 1152 (69 70) */ std %f14,[%sp+2303]
-/* 0x0ddc 1153 (70 73) */ ldd [%o2+48],%f4
-/* 0x0de0 1154 (70 73) */ fdtox %f8,%f8
-/* 0x0de4 1155 (71 74) */ fdtox %f10,%f10
-/* 0x0de8 1156 (71 72) */ std %f10,[%sp+2287]
-/* 0x0dec 1157 (72 74) */ fxnor %f0,%f4,%f4
-/* 0x0df0 1158 (72 75) */ ldd [%o2+56],%f14
-/* 0x0df4 1159 (73 74) */ std %f8,[%sp+2295]
-/* 0x0df8 1160 (74 77) */ fitod %f4,%f10
-/* 0x0dfc 1161 (75 78) */ fitod %f5,%f4
-/* 0x0e00 1162 (76 78) */ fxnor %f0,%f14,%f8
-/* 0x0e04 1163 (77 80) */ fsubd %f16,%f10,%f10
-/* 0x0e08 1164 (78 81) */ fsubd %f16,%f4,%f4
-/* 0x0e0c 1165 (79 82) */ fitod %f8,%f14
-/* 0x0e10 1166 (80 83) */ fmuld %f10,%f12,%f18
-/* 0x0e14 1167 (80 83) */ fitod %f9,%f8
-/* 0x0e18 1168 (81 84) */ fmuld %f10,%f6,%f10
-/* 0x0e1c 1169 (82 85) */ fmuld %f4,%f12,%f20
-/* 0x0e20 1170 (82 85) */ fsubd %f16,%f14,%f14
-/* 0x0e24 1171 (83 86) */ fdtox %f18,%f18
-/* 0x0e28 1172 (83 84) */ std %f18,[%sp+2279]
-/* 0x0e2c 1173 (83 86) */ fmuld %f4,%f6,%f4
-/* 0x0e30 1174 (84 87) */ fdtox %f10,%f10
-/* 0x0e34 1175 (84 85) */ std %f10,[%sp+2271]
-/* 0x0e38 1176 (85 88) */ fdtox %f20,%f10
-/* 0x0e3c 1177 (85 86) */ std %f10,[%sp+2263]
-/* 0x0e40 1178 (86 89) */ fdtox %f4,%f4
-/* 0x0e44 1179 (86 87) */ std %f4,[%sp+2255]
-/* 0x0e48 1180 (86 89) */ fmuld %f14,%f12,%f10
-/* 0x0e4c 1181 (87 90) */ fmuld %f14,%f6,%f4
-/* 0x0e50 1182 (89 92) */ fdtox %f10,%f10
-/* 0x0e54 1183 (89 90) */ std %f10,[%sp+2247]
-/* 0x0e58 1184 (90 93) */ fdtox %f4,%f4
-/* 0x0e5c 1185 (90 91) */ std %f4,[%sp+2239]
-/* 0x0e60 1189 (91 93) */ ldx [%sp+2463],%g2
-/* 0x0e64 1190 (91 94) */ fsubd %f16,%f8,%f4
-/* 0x0e68 1191 (92 94) */ ldx [%sp+2471],%g3
-/* 0x0e6c 1192 (93 96) */ ld [%i1],%g4
-/* 0x0e70 1193 (93 94) */ sllx %g2,19,%g2
-/* 0x0e74 1194 (94 96) */ ldx [%sp+2455],%g5
-/* 0x0e78 1195 (94 95) */ add %g3,%g2,%g2
-/* 0x0e7c 1196 (94 97) */ fmuld %f4,%f6,%f6
-/* 0x0e80 1197 (95 97) */ ldx [%sp+2447],%g3
-/* 0x0e84 1198 (95 96) */ add %g2,%g4,%g4
-/* 0x0e88 1199 (95 98) */ fmuld %f4,%f12,%f4
-/* 0x0e8c 1200 (96 97) */ st %g4,[%i0]
-/* 0x0e90 1201 (96 97) */ srlx %g4,32,%g4
-/* 0x0e94 1202 (97 100) */ ld [%i1+8],%o0
-/* 0x0e98 1203 (97 98) */ sllx %g3,19,%g2
-/* 0x0e9c 1204 (97 100) */ fdtox %f6,%f6
-/* 0x0ea0 1205 (98 101) */ ld [%i1+4],%g3
-/* 0x0ea4 1206 (98 99) */ add %g5,%g2,%g2
-/* 0x0ea8 1207 (98 101) */ fdtox %f4,%f4
-/* 0x0eac 1208 (99 101) */ ldx [%sp+2439],%g5
-/* 0x0eb0 1209 (100 103) */ ld [%i1+12],%o1
-/* 0x0eb4 1210 (100 101) */ add %g2,%g3,%g2
-/* 0x0eb8 1211 (101 103) */ ldx [%sp+2431],%g3
-/* 0x0ebc 1212 (101 102) */ add %g2,%g4,%g4
-/* 0x0ec0 1213 (102 103) */ st %g4,[%i0+4]
-/* 0x0ec4 1214 (103 104) */ std %f6,[%sp+2223]
-/* 0x0ec8 1215 (103 104) */ sllx %g3,19,%g2
-/* 0x0ecc 1216 (104 106) */ ldx [%sp+2423],%g3
-/* 0x0ed0 1217 (104 105) */ add %g5,%g2,%g2
-/* 0x0ed4 1218 (105 107) */ ldx [%sp+2415],%g5
-/* 0x0ed8 1219 (105 106) */ add %g2,%o0,%g2
-/* 0x0edc 1220 (106 107) */ std %f4,[%sp+2231]
-/* 0x0ee0 1221 (106 107) */ srlx %g4,32,%o0
-/* 0x0ee4 1222 (107 109) */ ldx [%sp+2407],%g4
-/* 0x0ee8 1223 (107 108) */ sllx %g5,19,%g5
-/* 0x0eec 1224 (107 108) */ add %g2,%o0,%g2
-/* 0x0ef0 1225 (108 109) */ st %g2,[%i0+8]
-/* 0x0ef4 1226 (108 109) */ srlx %g2,32,%o0
-/* 0x0ef8 1227 (108 109) */ add %g3,%g5,%g3
-/* 0x0efc 1228 (109 111) */ ldx [%sp+2399],%g5
-/* 0x0f00 1229 (109 110) */ add %g3,%o1,%g3
-/* 0x0f04 1230 (110 113) */ ld [%i1+16],%o1
-/* 0x0f08 1231 (110 111) */ add %g3,%o0,%g3
-/* 0x0f0c 1232 (111 112) */ st %g3,[%i0+12]
-/* 0x0f10 1233 (111 112) */ sllx %g5,19,%g5
-/* 0x0f14 1234 (112 113) */ srlx %g3,32,%o0
-/* 0x0f18 1235 (112 113) */ add %g4,%g5,%g2
-/* 0x0f1c 1236 (112 114) */ ldx [%sp+2383],%g5
-/* 0x0f20 1237 (113 115) */ ldx [%sp+2391],%g4
-/* 0x0f24 1238 (113 114) */ add %g2,%o1,%g2
-/* 0x0f28 1239 (114 117) */ ld [%i1+20],%o1
-/* 0x0f2c 1240 (114 115) */ sllx %g5,19,%g5
-/* 0x0f30 1241 (114 115) */ add %g2,%o0,%g2
-/* 0x0f34 1242 (115 116) */ st %g2,[%i0+16]
-/* 0x0f38 1243 (115 116) */ srlx %g2,32,%o0
-/* 0x0f3c 1244 (115 116) */ add %g4,%g5,%g3
-/* 0x0f40 1245 (116 118) */ ldx [%sp+2367],%g5
-/* 0x0f44 1246 (116 117) */ add %g3,%o1,%g3
-/* 0x0f48 1247 (117 119) */ ldx [%sp+2375],%g4
-/* 0x0f4c 1248 (117 118) */ add %g3,%o0,%g3
-/* 0x0f50 1249 (118 121) */ ld [%i1+24],%o1
-/* 0x0f54 1250 (118 119) */ sllx %g5,19,%g5
-/* 0x0f58 1251 (119 120) */ st %g3,[%i0+20]
-/* 0x0f5c 1252 (119 120) */ add %g4,%g5,%g2
-/* 0x0f60 1253 (120 122) */ ldx [%sp+2351],%g5
-/* 0x0f64 1254 (120 121) */ srlx %g3,32,%o0
-/* 0x0f68 1255 (120 121) */ add %g2,%o1,%g2
-/* 0x0f6c 1256 (121 123) */ ldx [%sp+2359],%g4
-/* 0x0f70 1257 (121 122) */ add %g2,%o0,%g2
-/* 0x0f74 1258 (122 125) */ ld [%i1+28],%o1
-/* 0x0f78 1259 (122 123) */ sllx %g5,19,%g5
-/* 0x0f7c 1260 (123 124) */ st %g2,[%i0+24]
-/* 0x0f80 1261 (123 124) */ add %g4,%g5,%g3
-/* 0x0f84 1265 (124 126) */ ldx [%sp+2335],%g5
-/* 0x0f88 1266 (124 125) */ srlx %g2,32,%o0
-/* 0x0f8c 1267 (124 125) */ add %g3,%o1,%g3
-/* 0x0f90 1268 (125 127) */ ldx [%sp+2343],%g4
-/* 0x0f94 1269 (125 126) */ add %g3,%o0,%g3
-/* 0x0f98 1270 (126 127) */ sllx %g5,19,%g5
-/* 0x0f9c 1271 (126 129) */ ld [%i1+32],%o1
-/* 0x0fa0 1272 (127 128) */ add %g4,%g5,%g2
-/* 0x0fa4 1273 (127 129) */ ldx [%sp+2319],%g5
-/* 0x0fa8 1274 (128 130) */ ldx [%sp+2327],%g4
-/* 0x0fac 1275 (128 129) */ srlx %g3,32,%o0
-/* 0x0fb0 1276 (128 129) */ add %g2,%o1,%g2
-/* 0x0fb4 1277 (129 130) */ st %g3,[%i0+28]
-/* 0x0fb8 1278 (129 130) */ sllx %g5,19,%g5
-/* 0x0fbc 1279 (129 130) */ add %g2,%o0,%g2
-/* 0x0fc0 1280 (130 133) */ ld [%i1+36],%o1
-/* 0x0fc4 1281 (130 131) */ add %g4,%g5,%g3
-/* 0x0fc8 1282 (131 133) */ ldx [%sp+2303],%g5
-/* 0x0fcc 1283 (131 132) */ srlx %g2,32,%o0
-/* 0x0fd0 1284 (132 134) */ ldx [%sp+2311],%g4
-/* 0x0fd4 1285 (132 133) */ add %g3,%o1,%g3
-/* 0x0fd8 1286 (133 134) */ sllx %g5,19,%g5
-/* 0x0fdc 1287 (133 134) */ st %g2,[%i0+32]
-/* 0x0fe0 1288 (133 134) */ add %g3,%o0,%g3
-/* 0x0fe4 1289 (134 135) */ add %g4,%g5,%g2
-/* 0x0fe8 1290 (134 136) */ ldx [%sp+2287],%g5
-/* 0x0fec 1291 (135 137) */ ldx [%sp+2295],%g4
-/* 0x0ff0 1292 (135 136) */ srlx %g3,32,%o0
-/* 0x0ff4 1293 (136 139) */ ld [%i1+40],%o1
-/* 0x0ff8 1294 (136 137) */ sllx %g5,19,%g5
-/* 0x0ffc 1295 (137 138) */ st %g3,[%i0+36]
-/* 0x1000 1296 (137 138) */ add %g4,%g5,%g3
-/* 0x1004 1297 (138 140) */ ldx [%sp+2271],%g5
-/* 0x1008 1298 (138 139) */ add %g2,%o1,%g2
-/* 0x100c 1299 (139 141) */ ldx [%sp+2279],%g4
-/* 0x1010 1300 (139 140) */ add %g2,%o0,%g2
-/* 0x1014 1301 (140 143) */ ld [%i1+44],%o1
-/* 0x1018 1302 (140 141) */ sllx %g5,19,%g5
-/* 0x101c 1303 (141 142) */ st %g2,[%i0+40]
-/* 0x1020 1304 (141 142) */ srlx %g2,32,%o0
-/* 0x1024 1305 (141 142) */ add %g4,%g5,%g2
-/* 0x1028 1306 (142 144) */ ldx [%sp+2255],%g5
-/* 0x102c 1307 (142 143) */ add %g3,%o1,%g3
-/* 0x1030 1308 (143 145) */ ldx [%sp+2263],%g4
-/* 0x1034 1309 (143 144) */ add %g3,%o0,%g3
-/* 0x1038 1310 (144 147) */ ld [%i1+48],%o1
-/* 0x103c 1311 (144 145) */ sllx %g5,19,%g5
-/* 0x1040 1312 (145 146) */ srlx %g3,32,%o0
-/* 0x1044 1313 (145 146) */ st %g3,[%i0+44]
-/* 0x1048 1314 (145 146) */ add %g4,%g5,%g3
-/* 0x104c 1315 (146 148) */ ldx [%sp+2239],%g5
-/* 0x1050 1316 (146 147) */ add %g2,%o1,%g2
-/* 0x1054 1317 (147 150) */ ld [%i1+52],%o1
-/* 0x1058 1318 (147 148) */ add %g2,%o0,%g2
-/* 0x105c 1319 (148 150) */ ldx [%sp+2247],%g4
-/* 0x1060 1320 (148 149) */ sllx %g5,19,%g5
-/* 0x1064 1321 (149 150) */ srlx %g2,32,%o0
-/* 0x1068 1322 (149 150) */ st %g2,[%i0+48]
-/* 0x106c 1323 (149 150) */ add %g3,%o1,%g3
-/* 0x1070 1324 (150 153) */ ld [%i1+56],%o1
-/* 0x1074 1325 (150 151) */ add %g4,%g5,%g2
-/* 0x1078 1326 (150 151) */ add %g3,%o0,%g3
-/* 0x107c 1327 (151 153) */ ldx [%sp+2223],%g5
-/* 0x1080 1328 (151 152) */ srlx %g3,32,%o0
-/* 0x1084 1329 (152 154) */ ldx [%sp+2231],%g4
-/* 0x1088 1330 (152 153) */ add %g2,%o1,%g2
-/* 0x108c 1331 (153 154) */ sllx %g5,19,%g5
-/* 0x1090 1332 (153 156) */ ld [%i1+60],%o1
-/* 0x1094 1333 (153 154) */ add %g2,%o0,%g2
-/* 0x1098 1334 (154 155) */ st %g3,[%i0+52]
-/* 0x109c 1335 (154 155) */ add %g4,%g5,%g3
-/* 0x10a0 1336 (155 156) */ st %g2,[%i0+56]
-/* 0x10a4 1337 (155 156) */ srlx %g2,32,%g2
-/* 0x10a8 1338 (155 156) */ add %g3,%o1,%g3
-/* 0x10ac 1339 (156 157) */ add %g3,%g2,%g2
-/* 0x10b0 1340 (156 157) */ st %g2,[%i0+60]
-/* 0x10b4 1344 (157 158) */ srlx %g2,32,%o3
-/* 0x10b8 1345 (158 159) */ srl %o3,0,%i0
-/* 0x10bc (159 161) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x10c0 (161 162) */ restore %g0,%g0,%g0
-
-!
-! ENTRY .L77000073
-!
-
- .L77000073: /* frequency 1.0 confidence 0.0 */
-
-
- or %g0, %i4, %o2
- or %g0, %o0, %o1
- or %g0, %i3, %o0
-
-!
-! ENTRY .L77000052
-!
-
- .L77000052: /* frequency 1.0 confidence 0.0 */
-/* 0x1028 1318 ( 0 1) */ andn %o2,%g2,%g2
-/* 0x102c 1319 ( 0 1) */ st %g2,[%sp+2227]
-/* 0x1030 1325 ( 0 1) */ add %o0,1,%g3
-/* 0x1034 1326 ( 0 1) */ fmovd %f0,%f14
-/* 0x1038 1327 ( 1 2) */ srl %o2,19,%g2
-/* 0x103c 1328 ( 1 2) */ st %g2,[%sp+2223]
-/* 0x1040 1329 ( 1 2) */ or %g0,0,%o5
-/* 0x1044 1330 ( 2 3) */ srl %g3,31,%g2
-/* 0x1048 1331 ( 2 5) */ ldd [%o1],%f6
-/* 0x104c 1335 ( 2 3) */ sethi %hi(0x1000),%g1
-/* 0x1050 1336 ( 3 4) */ add %g3,%g2,%g2
-/* 0x1054 1337 ( 3 4) */ xor %g1,-625,%g1
-/* 0x1058 1338 ( 3 6) */ ldd [%o1+8],%f20
-/* 0x105c 1339 ( 4 5) */ sra %g2,1,%o3
-/* 0x1060 1340 ( 4 5) */ fmovs %f6,%f8
-/* 0x1064 1341 ( 4 5) */ add %g1,%fp,%g3
-/* 0x1068 1342 ( 5 6) */ fmovs %f6,%f10
-/* 0x106c 1343 ( 5 7) */ ld [%sp+2227],%f9
-/* 0x1070 1344 ( 5 6) */ subcc %o3,0,%g0
-/* 0x1074 1345 ( 6 8) */ ld [%sp+2223],%f11
-/* 0x1078 1346 ( 6 7) */ sethi %hi(0x1000),%g1
-/* 0x107c 1347 ( 6 7) */ or %g0,%i2,%o1
-/* 0x1080 1348 ( 7 10) */ fsubd %f8,%f6,%f18
-/* 0x1084 1349 ( 7 8) */ xor %g1,-617,%g1
-/* 0x1088 1350 ( 7 8) */ or %g0,0,%g4
-/* 0x108c 1351 ( 8 11) */ fsubd %f10,%f6,%f16
-/* 0x1090 1352 ( 8 9) */ bleu,pt %icc,.L990000162 ! tprob=0.50
-/* 0x1094 ( 8 9) */ subcc %o0,0,%g0
-/* 0x1098 1354 ( 9 10) */ add %g1,%fp,%g2
-/* 0x109c 1355 ( 9 10) */ sethi %hi(0x1000),%g1
-/* 0x10a0 1356 (10 11) */ xor %g1,-609,%g1
-/* 0x10a4 1357 (10 11) */ subcc %o3,7,%g0
-/* 0x10a8 1358 (11 12) */ add %g1,%fp,%o7
-/* 0x10ac 1359 (11 12) */ sethi %hi(0x1000),%g1
-/* 0x10b0 1360 (12 13) */ xor %g1,-601,%g1
-/* 0x10b4 1361 (13 14) */ add %g1,%fp,%o4
-/* 0x10b8 1362 (13 14) */ bl,pn %icc,.L77000054 ! tprob=0.50
-/* 0x10bc (13 14) */ sub %o3,2,%o2
-/* 0x10c0 1364 (14 17) */ ldd [%o1],%f2
-/* 0x10c4 1365 (14 15) */ add %o1,16,%g5
-/* 0x10c8 1366 (14 15) */ or %g0,4,%g4
-/* 0x10cc 1367 (15 18) */ ldd [%o1+8],%f0
-/* 0x10d0 1368 (15 16) */ add %o1,8,%o1
-/* 0x10d4 1369 (16 18) */ fxnor %f14,%f2,%f6
-/* 0x10d8 1370 (16 19) */ ldd [%g5],%f4
-/* 0x10dc 1371 (16 17) */ add %o1,16,%o1
-/* 0x10e0 1372 (17 19) */ fxnor %f14,%f0,%f12
-/* 0x10e4 1373 (17 20) */ ldd [%o1],%f0
-/* 0x10e8 1374 (17 18) */ add %o1,8,%o1
-/* 0x10ec 1375 (18 21) */ fitod %f7,%f2
-/* 0x10f0 1376 (19 22) */ fitod %f6,%f6
-/* 0x10f4 1377 (20 22) */ fxnor %f14,%f4,%f10
-/* 0x10f8 1378 (21 24) */ fsubd %f20,%f2,%f2
-/* 0x10fc 1379 (22 24) */ fxnor %f14,%f0,%f8
-/* 0x1100 1380 (23 26) */ fitod %f13,%f4
-/* 0x1104 1381 (24 27) */ fsubd %f20,%f6,%f6
-/* 0x1108 1382 (24 27) */ fmuld %f2,%f16,%f0
-
-!
-! ENTRY .L990000154
-!
-
- .L990000154: /* frequency 1.0 confidence 0.0 */
-/* 0x110c 1384 ( 0 3) */ ldd [%o1],%f24
-/* 0x1110 1385 ( 0 1) */ add %g4,3,%g4
-/* 0x1114 1386 ( 0 1) */ add %o4,96,%o4
-/* 0x1118 1387 ( 1 4) */ fitod %f11,%f22
-/* 0x111c 1388 ( 2 5) */ fsubd %f20,%f4,%f26
-/* 0x1120 1389 ( 2 3) */ subcc %g4,%o2,%g0
-/* 0x1124 1390 ( 2 3) */ add %o7,96,%o7
-/* 0x1128 1391 ( 2 5) */ fmuld %f6,%f18,%f28
-/* 0x112c 1392 ( 3 6) */ fmuld %f6,%f16,%f6
-/* 0x1130 1393 ( 3 4) */ add %g2,96,%g2
-/* 0x1134 1394 ( 3 4) */ add %g3,96,%g3
-/* 0x1138 1395 ( 4 7) */ fdtox %f0,%f0
-/* 0x113c 1396 ( 5 8) */ fitod %f12,%f4
-/* 0x1140 1397 ( 5 8) */ fmuld %f2,%f18,%f2
-/* 0x1144 1398 ( 6 9) */ fdtox %f28,%f12
-/* 0x1148 1399 ( 7 10) */ fdtox %f6,%f6
-/* 0x114c 1400 ( 7 8) */ std %f12,[%g3-96]
-/* 0x1150 1401 ( 8 9) */ std %f6,[%g2-96]
-/* 0x1154 1402 ( 8 11) */ fdtox %f2,%f2
-/* 0x1158 1403 ( 9 12) */ fsubd %f20,%f4,%f6
-/* 0x115c 1404 ( 9 10) */ std %f2,[%o7-96]
-/* 0x1160 1405 ( 9 10) */ add %o1,8,%o1
-/* 0x1164 1406 (10 12) */ fxnor %f14,%f24,%f12
-/* 0x1168 1407 (10 13) */ fmuld %f26,%f16,%f4
-/* 0x116c 1408 (10 11) */ std %f0,[%o4-96]
-/* 0x1170 1409 (11 14) */ ldd [%o1],%f0
-/* 0x1174 1410 (11 14) */ fitod %f9,%f2
-/* 0x1178 1411 (12 15) */ fsubd %f20,%f22,%f28
-/* 0x117c 1412 (12 15) */ fmuld %f6,%f18,%f24
-/* 0x1180 1413 (13 16) */ fmuld %f6,%f16,%f22
-/* 0x1184 1414 (13 16) */ fdtox %f4,%f4
-/* 0x1188 1415 (14 17) */ fitod %f10,%f6
-/* 0x118c 1416 (14 17) */ fmuld %f26,%f18,%f10
-/* 0x1190 1417 (15 18) */ fdtox %f24,%f24
-/* 0x1194 1418 (16 19) */ fdtox %f22,%f22
-/* 0x1198 1419 (16 17) */ std %f24,[%g3-64]
-/* 0x119c 1420 (17 18) */ std %f22,[%g2-64]
-/* 0x11a0 1421 (17 20) */ fdtox %f10,%f10
-/* 0x11a4 1422 (18 21) */ fsubd %f20,%f6,%f6
-/* 0x11a8 1423 (18 19) */ std %f10,[%o7-64]
-/* 0x11ac 1424 (18 19) */ add %o1,8,%o1
-/* 0x11b0 1425 (19 21) */ fxnor %f14,%f0,%f10
-/* 0x11b4 1426 (19 22) */ fmuld %f28,%f16,%f0
-/* 0x11b8 1427 (19 20) */ std %f4,[%o4-64]
-/* 0x11bc 1428 (20 23) */ ldd [%o1],%f22
-/* 0x11c0 1429 (20 23) */ fitod %f13,%f4
-/* 0x11c4 1430 (21 24) */ fsubd %f20,%f2,%f2
-/* 0x11c8 1431 (21 24) */ fmuld %f6,%f18,%f26
-/* 0x11cc 1432 (22 25) */ fmuld %f6,%f16,%f24
-/* 0x11d0 1433 (22 25) */ fdtox %f0,%f0
-/* 0x11d4 1434 (23 26) */ fitod %f8,%f6
-/* 0x11d8 1435 (23 26) */ fmuld %f28,%f18,%f8
-/* 0x11dc 1436 (24 27) */ fdtox %f26,%f26
-/* 0x11e0 1437 (25 28) */ fdtox %f24,%f24
-/* 0x11e4 1438 (25 26) */ std %f26,[%g3-32]
-/* 0x11e8 1439 (26 27) */ std %f24,[%g2-32]
-/* 0x11ec 1440 (26 29) */ fdtox %f8,%f8
-/* 0x11f0 1441 (27 30) */ fsubd %f20,%f6,%f6
-/* 0x11f4 1442 (27 28) */ std %f8,[%o7-32]
-/* 0x11f8 1443 (27 28) */ add %o1,8,%o1
-/* 0x11fc 1444 (28 30) */ fxnor %f14,%f22,%f8
-/* 0x1200 1445 (28 29) */ std %f0,[%o4-32]
-/* 0x1204 1446 (28 29) */ bcs,pt %icc,.L990000154 ! tprob=0.50
-/* 0x1208 (28 31) */ fmuld %f2,%f16,%f0
-
-!
-! ENTRY .L990000157
-!
-
- .L990000157: /* frequency 1.0 confidence 0.0 */
-/* 0x120c 1449 ( 0 3) */ fitod %f12,%f28
-/* 0x1210 1450 ( 0 3) */ fmuld %f6,%f18,%f24
-/* 0x1214 1451 ( 0 1) */ add %g3,128,%g3
-/* 0x1218 1452 ( 1 4) */ fitod %f10,%f12
-/* 0x121c 1453 ( 1 4) */ fmuld %f6,%f16,%f26
-/* 0x1220 1454 ( 1 2) */ add %g2,128,%g2
-/* 0x1224 1455 ( 2 5) */ fsubd %f20,%f4,%f4
-/* 0x1228 1456 ( 2 5) */ fmuld %f2,%f18,%f22
-/* 0x122c 1457 ( 2 3) */ add %o7,128,%o7
-/* 0x1230 1458 ( 3 6) */ fdtox %f24,%f6
-/* 0x1234 1459 ( 3 4) */ std %f6,[%g3-128]
-/* 0x1238 1460 ( 3 4) */ add %o4,128,%o4
-/* 0x123c 1461 ( 4 7) */ fsubd %f20,%f28,%f2
-/* 0x1240 1462 ( 4 5) */ subcc %g4,%o3,%g0
-/* 0x1244 1463 ( 5 8) */ fitod %f11,%f6
-/* 0x1248 1464 ( 5 8) */ fmuld %f4,%f18,%f24
-/* 0x124c 1465 ( 6 9) */ fdtox %f26,%f10
-/* 0x1250 1466 ( 6 7) */ std %f10,[%g2-128]
-/* 0x1254 1467 ( 7 10) */ fdtox %f22,%f10
-/* 0x1258 1468 ( 7 8) */ std %f10,[%o7-128]
-/* 0x125c 1469 ( 7 10) */ fmuld %f2,%f18,%f26
-/* 0x1260 1470 ( 8 11) */ fsubd %f20,%f12,%f10
-/* 0x1264 1471 ( 8 11) */ fmuld %f2,%f16,%f2
-/* 0x1268 1472 ( 9 12) */ fsubd %f20,%f6,%f22
-/* 0x126c 1473 ( 9 12) */ fmuld %f4,%f16,%f12
-/* 0x1270 1474 (10 13) */ fdtox %f0,%f0
-/* 0x1274 1475 (10 11) */ std %f0,[%o4-128]
-/* 0x1278 1476 (11 14) */ fitod %f8,%f4
-/* 0x127c 1477 (11 14) */ fmuld %f10,%f18,%f6
-/* 0x1280 1478 (12 15) */ fdtox %f26,%f0
-/* 0x1284 1479 (12 13) */ std %f0,[%g3-96]
-/* 0x1288 1480 (12 15) */ fmuld %f10,%f16,%f10
-/* 0x128c 1481 (13 16) */ fdtox %f2,%f2
-/* 0x1290 1482 (13 14) */ std %f2,[%g2-96]
-/* 0x1294 1483 (14 17) */ fitod %f9,%f0
-/* 0x1298 1484 (14 17) */ fmuld %f22,%f18,%f2
-/* 0x129c 1485 (15 18) */ fdtox %f24,%f8
-/* 0x12a0 1486 (15 16) */ std %f8,[%o7-96]
-/* 0x12a4 1487 (16 19) */ fsubd %f20,%f4,%f4
-/* 0x12a8 1488 (16 19) */ fmuld %f22,%f16,%f8
-/* 0x12ac 1489 (17 20) */ fdtox %f12,%f12
-/* 0x12b0 1490 (17 18) */ std %f12,[%o4-96]
-/* 0x12b4 1491 (18 21) */ fsubd %f20,%f0,%f0
-/* 0x12b8 1492 (19 22) */ fdtox %f6,%f6
-/* 0x12bc 1493 (19 20) */ std %f6,[%g3-64]
-/* 0x12c0 1494 (20 23) */ fdtox %f10,%f10
-/* 0x12c4 1495 (20 21) */ std %f10,[%g2-64]
-/* 0x12c8 1496 (20 23) */ fmuld %f4,%f18,%f6
-/* 0x12cc 1497 (21 24) */ fdtox %f2,%f2
-/* 0x12d0 1498 (21 22) */ std %f2,[%o7-64]
-/* 0x12d4 1499 (21 24) */ fmuld %f4,%f16,%f4
-/* 0x12d8 1500 (22 25) */ fmuld %f0,%f18,%f2
-/* 0x12dc 1501 (22 25) */ fdtox %f8,%f8
-/* 0x12e0 1502 (22 23) */ std %f8,[%o4-64]
-/* 0x12e4 1503 (23 26) */ fdtox %f6,%f6
-/* 0x12e8 1504 (23 24) */ std %f6,[%g3-32]
-/* 0x12ec 1505 (23 26) */ fmuld %f0,%f16,%f0
-/* 0x12f0 1506 (24 27) */ fdtox %f4,%f4
-/* 0x12f4 1507 (24 25) */ std %f4,[%g2-32]
-/* 0x12f8 1508 (25 28) */ fdtox %f2,%f2
-/* 0x12fc 1509 (25 26) */ std %f2,[%o7-32]
-/* 0x1300 1510 (26 29) */ fdtox %f0,%f0
-/* 0x1304 1511 (26 27) */ bcc,pn %icc,.L77000056 ! tprob=0.50
-/* 0x1308 (26 27) */ std %f0,[%o4-32]
-
-!
-! ENTRY .L77000054
-!
-
- .L77000054: /* frequency 1.0 confidence 0.0 */
-/* 0x130c 1514 ( 0 3) */ ldd [%o1],%f0
-
-!
-! ENTRY .L990000161
-!
-
- .L990000161: /* frequency 1.0 confidence 0.0 */
-/* 0x1310 1516 ( 0 2) */ fxnor %f14,%f0,%f0
-/* 0x1314 1517 ( 0 1) */ add %g4,1,%g4
-/* 0x1318 1518 ( 0 1) */ add %o1,8,%o1
-/* 0x131c 1519 ( 1 2) */ subcc %g4,%o3,%g0
-/* 0x1320 1520 ( 2 5) */ fitod %f0,%f2
-/* 0x1324 1521 ( 3 6) */ fitod %f1,%f0
-/* 0x1328 1522 ( 5 8) */ fsubd %f20,%f2,%f2
-/* 0x132c 1523 ( 6 9) */ fsubd %f20,%f0,%f0
-/* 0x1330 1524 ( 8 11) */ fmuld %f2,%f18,%f6
-/* 0x1334 1525 ( 9 12) */ fmuld %f2,%f16,%f4
-/* 0x1338 1526 (10 13) */ fmuld %f0,%f18,%f2
-/* 0x133c 1527 (11 14) */ fdtox %f6,%f6
-/* 0x1340 1528 (11 12) */ std %f6,[%g3]
-/* 0x1344 1529 (11 14) */ fmuld %f0,%f16,%f0
-/* 0x1348 1530 (12 15) */ fdtox %f4,%f4
-/* 0x134c 1531 (12 13) */ std %f4,[%g2]
-/* 0x1350 1532 (12 13) */ add %g2,32,%g2
-/* 0x1354 1533 (13 16) */ fdtox %f2,%f2
-/* 0x1358 1534 (13 14) */ std %f2,[%o7]
-/* 0x135c 1535 (13 14) */ add %o7,32,%o7
-/* 0x1360 1536 (14 17) */ fdtox %f0,%f0
-/* 0x1364 1537 (14 15) */ std %f0,[%o4]
-/* 0x1368 1538 (14 15) */ add %o4,32,%o4
-/* 0x136c 1539 (15 16) */ add %g3,32,%g3
-/* 0x1370 1540 (15 16) */ bcs,a,pt %icc,.L990000161 ! tprob=0.50
-/* 0x1374 (16 19) */ ldd [%o1],%f0
-
-!
-! ENTRY .L77000056
-!
-
- .L77000056: /* frequency 1.0 confidence 0.0 */
-/* 0x1378 1548 ( 0 1) */ subcc %o0,0,%g0
-
-!
-! ENTRY .L990000162
-!
-
- .L990000162: /* frequency 1.0 confidence 0.0 */
-/* 0x137c 1550 ( 0 1) */ bleu,pt %icc,.L77770061 ! tprob=0.50
-/* 0x1380 ( 0 1) */ nop
-/* 0x1384 1555 ( 0 1) */ sethi %hi(0x1000),%g1
-/* 0x1388 1556 ( 1 2) */ xor %g1,-625,%g1
-/* 0x138c 1557 ( 1 2) */ or %g0,%i1,%g4
-/* 0x1390 1558 ( 2 3) */ add %g1,%fp,%g5
-/* 0x1394 1559 ( 2 3) */ sethi %hi(0x1000),%g1
-/* 0x1398 1560 ( 3 4) */ xor %g1,-617,%g1
-/* 0x139c 1561 ( 3 4) */ or %g0,%o0,%o7
-/* 0x13a0 1562 ( 4 5) */ add %g1,%fp,%g2
-/* 0x13a4 1563 ( 4 5) */ or %g0,0,%i2
-/* 0x13a8 1564 ( 5 6) */ or %g0,%i0,%g3
-/* 0x13ac 1565 ( 5 6) */ subcc %o0,6,%g0
-/* 0x13b0 1566 ( 5 6) */ bl,pn %icc,.L77000058 ! tprob=0.50
-/* 0x13b4 ( 6 7) */ sethi %hi(0x1000),%g1
-/* 0x13b8 1568 ( 6 8) */ ld [%g4],%o2
-/* 0x13bc 1569 ( 6 7) */ add %g3,4,%g3
-/* 0x13c0 1570 ( 7 8) */ xor %g1,-585,%g1
-/* 0x13c4 1571 ( 7 8) */ sub %o7,3,%o4
-/* 0x13c8 1572 ( 8 9) */ add %g1,%fp,%g2
-/* 0x13cc 1573 ( 8 9) */ sethi %hi(0x1000),%g1
-/* 0x13d0 1574 ( 9 10) */ xor %g1,-593,%g1
-/* 0x13d4 1575 ( 9 10) */ or %g0,2,%i2
-/* 0x13d8 1576 (10 11) */ add %g1,%fp,%g5
-/* 0x13dc 1577 (10 11) */ sethi %hi(0x1000),%g1
-/* 0x13e0 1578 (11 12) */ xor %g1,-617,%g1
-/* 0x13e4 1579 (12 13) */ add %g1,%fp,%g1
-/* 0x13e8 1580 (13 15) */ ldx [%g1],%o1
-/* 0x13ec 1581 (14 16) */ ldx [%g1-8],%o0
-/* 0x13f0 1582 (15 16) */ sllx %o1,19,%o1
-/* 0x13f4 1583 (15 17) */ ldx [%g1+16],%o3
-/* 0x13f8 1584 (16 17) */ add %o0,%o1,%o0
-/* 0x13fc 1585 (16 18) */ ld [%g4+4],%o1
-/* 0x1400 1586 (16 17) */ add %g4,8,%g4
-/* 0x1404 1587 (17 18) */ sllx %o3,19,%o3
-/* 0x1408 1588 (17 18) */ add %o0,%o2,%o0
-/* 0x140c 1589 (17 19) */ ldx [%g1+8],%o2
-/* 0x1410 1590 (18 19) */ st %o0,[%g3-4]
-/* 0x1414 1591 (18 19) */ srlx %o0,32,%o0
-
-!
-! ENTRY .L990000142
-!
-
- .L990000142: /* frequency 1.0 confidence 0.0 */
-/* 0x1418 1593 ( 0 1) */ add %o2,%o3,%o2
-/* 0x141c 1594 ( 0 1) */ add %i2,4,%i2
-/* 0x1420 1595 ( 0 2) */ ld [%g4],%o3
-/* 0x1424 1596 ( 1 2) */ srl %o0,0,%o5
-/* 0x1428 1597 ( 1 2) */ add %o2,%o1,%o1
-/* 0x142c 1598 ( 1 3) */ ldx [%g2],%o0
-/* 0x1430 1599 ( 3 4) */ sllx %o0,19,%o2
-/* 0x1434 1600 ( 3 5) */ ldx [%g5],%o0
-/* 0x1438 1601 ( 3 4) */ add %o1,%o5,%o1
-/* 0x143c 1602 ( 4 5) */ st %o1,[%g3]
-/* 0x1440 1603 ( 4 5) */ srlx %o1,32,%o5
-/* 0x1444 1604 ( 4 5) */ subcc %i2,%o4,%g0
-/* 0x1448 1605 ( 5 7) */ ldx [%g2+16],%o1
-/* 0x144c 1606 ( 5 6) */ add %o0,%o2,%o0
-/* 0x1450 1607 ( 5 6) */ add %g3,16,%g3
-/* 0x1454 1608 ( 6 8) */ ld [%g4+4],%o2
-/* 0x1458 1609 ( 6 7) */ add %o0,%o3,%o0
-/* 0x145c 1610 ( 7 8) */ sllx %o1,19,%o3
-/* 0x1460 1611 ( 7 9) */ ldx [%g5+16],%o1
-/* 0x1464 1612 ( 7 8) */ add %o0,%o5,%o0
-/* 0x1468 1613 ( 8 9) */ st %o0,[%g3-12]
-/* 0x146c 1614 ( 8 9) */ srlx %o0,32,%o5
-/* 0x1470 1615 ( 8 9) */ add %g4,16,%g4
-/* 0x1474 1616 ( 9 11) */ ldx [%g2+32],%o0
-/* 0x1478 1617 ( 9 10) */ add %o1,%o3,%o1
-/* 0x147c 1618 ( 9 10) */ add %g2,64,%g2
-/* 0x1480 1619 (10 12) */ ld [%g4-8],%o3
-/* 0x1484 1620 (10 11) */ add %o1,%o2,%o2
-/* 0x1488 1621 (11 12) */ sllx %o0,19,%o1
-/* 0x148c 1622 (11 13) */ ldx [%g5+32],%o0
-/* 0x1490 1623 (11 12) */ add %o2,%o5,%o2
-/* 0x1494 1624 (12 13) */ st %o2,[%g3-8]
-/* 0x1498 1625 (12 13) */ srlx %o2,32,%o5
-/* 0x149c 1626 (12 13) */ add %g5,64,%g5
-/* 0x14a0 1627 (13 15) */ ldx [%g2-16],%o2
-/* 0x14a4 1628 (13 14) */ add %o0,%o1,%o0
-/* 0x14a8 1629 (14 16) */ ld [%g4-4],%o1
-/* 0x14ac 1630 (14 15) */ add %o0,%o3,%o0
-/* 0x14b0 1631 (15 16) */ sllx %o2,19,%o3
-/* 0x14b4 1632 (15 17) */ ldx [%g5-16],%o2
-/* 0x14b8 1633 (15 16) */ add %o0,%o5,%o0
-/* 0x14bc 1634 (16 17) */ st %o0,[%g3-4]
-/* 0x14c0 1635 (16 17) */ bcs,pt %icc,.L990000142 ! tprob=0.50
-/* 0x14c4 (16 17) */ srlx %o0,32,%o0
-
-!
-! ENTRY .L990000145
-!
-
- .L990000145: /* frequency 1.0 confidence 0.0 */
-/* 0x14c8 1638 ( 0 1) */ add %o2,%o3,%o3
-/* 0x14cc 1639 ( 0 1) */ add %g3,4,%g3
-/* 0x14d0 1640 ( 1 2) */ srl %o0,0,%o2
-/* 0x14d4 1641 ( 1 2) */ add %o3,%o1,%o0
-/* 0x14d8 1642 ( 2 3) */ add %o0,%o2,%o0
-/* 0x14dc 1643 ( 2 3) */ st %o0,[%g3-4]
-/* 0x14e0 1644 ( 2 3) */ subcc %i2,%o7,%g0
-/* 0x14e4 1645 ( 2 3) */ bcc,pn %icc,.L77770061 ! tprob=0.50
-/* 0x14e8 ( 3 4) */ srlx %o0,32,%o5
-
-!
-! ENTRY .L77000058
-!
-
- .L77000058: /* frequency 1.0 confidence 0.0 */
-/* 0x14ec 1648 ( 0 2) */ ldx [%g2],%o2
-
-!
-! ENTRY .L990000160
-!
-
- .L990000160: /* frequency 1.0 confidence 0.0 */
-/* 0x14f0 1650 ( 0 1) */ sllx %o2,19,%o3
-/* 0x14f4 1651 ( 0 2) */ ldx [%g5],%o0
-/* 0x14f8 1652 ( 0 1) */ add %i2,1,%i2
-/* 0x14fc 1653 ( 1 2) */ srl %o5,0,%o1
-/* 0x1500 1654 ( 1 3) */ ld [%g4],%o2
-/* 0x1504 1655 ( 1 2) */ add %g2,16,%g2
-/* 0x1508 1656 ( 2 3) */ add %o0,%o3,%o0
-/* 0x150c 1657 ( 2 3) */ add %g5,16,%g5
-/* 0x1510 1658 ( 3 4) */ add %o0,%o2,%o0
-/* 0x1514 1659 ( 3 4) */ add %g4,4,%g4
-/* 0x1518 1660 ( 4 5) */ add %o0,%o1,%o0
-/* 0x151c 1661 ( 4 5) */ st %o0,[%g3]
-/* 0x1520 1662 ( 4 5) */ subcc %i2,%o7,%g0
-/* 0x1524 1663 ( 5 6) */ srlx %o0,32,%o5
-/* 0x1528 1664 ( 5 6) */ add %g3,4,%g3
-/* 0x152c 1665 ( 5 6) */ bcs,a,pt %icc,.L990000160 ! tprob=0.50
-/* 0x1530 ( 6 8) */ ldx [%g2],%o2
-
-!
-! ENTRY .L77770061
-!
-
- .L77770061: /* frequency 1.0 confidence 0.0 */
-/* 0x1534 ( 0 2) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x1538 ( 2 3) */ restore %g0,%o5,%o0
-
-
-/* 0x124c 1476 ( 0 0) */ .type mul_add,2
-/* 0x124c 1477 ( 0 0) */ .size mul_add,(.-mul_add)
-/* 0x124c 1480 ( 0 0) */ .align 8
-/* 0x1250 1486 ( 0 0) */ .global mul_add_inp
-
-!
-! ENTRY mul_add_inp
-!
-
- .global mul_add_inp
- mul_add_inp: /* frequency 1.0 confidence 0.0 */
-/* 0x1250 1488 ( 0 1) */ save %sp,-176,%sp
-/* 0x1254 1500 ( 1 2) */ sra %i2,0,%o3
-/* 0x1258 1501 ( 1 2) */ or %g0,%i1,%o2
-/* 0x125c 1502 ( 2 3) */ or %g0,%i0,%o0
-/* 0x1260 1503 ( 2 3) */ or %g0,%i0,%o1
-/* 0x1264 1504 ( 3 5) */ call mul_add ! params = ! Result =
-/* 0x1268 ( 4 5) */ srl %i3,0,%o4
-/* 0x126c 1506 ( 5 6) */ srl %o0,0,%i0
-/* 0x1270 ( 6 8) */ ret ! Result = %o1 %o0 %f0 %f1
-/* 0x1274 ( 8 9) */ restore %g0,%g0,%g0
-/* 0x1278 1509 ( 0 0) */ .type mul_add_inp,2
-/* 0x1278 1510 ( 0 0) */ .size mul_add_inp,(.-mul_add_inp)
-
- .section ".data",#alloc,#write
-/* 0x1278 6 ( 0 0) */ .align 8
-
-!
-! ENTRY mask_cnst
-!
-
- mask_cnst: /* frequency 1.0 confidence 0.0 */
-/* 0x1278 8 ( 0 0) */ .xword -9223372034707292160
-/* 0x1280 9 ( 0 0) */ .type mask_cnst,#object
-/* 0x1280 10 ( 0 0) */ .size mask_cnst,8
-
-! Begin Disassembling Stabs
- .xstabs ".stab.index","Xa ; O ; P ; V=3.1 ; R=WorkShop Compilers 5.0 99/02/25 C 5.0 patch 107289-01",60,0,0,0 ! (mpv_sparc.s:1513)
- .xstabs ".stab.index","/home/ferenc/ssl/vis-code; /usr/dist/pkgs/devpro,v5.0/5.x-sparc/bin/../SC5.0/bin/cc -fast -xO5 -xrestrict -xarch=v9a -xchip=ultra -xdepend -KPIC -mt -S vis_64.il mpv_sparc.c -W0,-xp",52,0,0,0 ! (mpv_sparc.s:1514)
-! End Disassembling Stabs
-
-! Begin Disassembling Ident
- .ident "cg: WorkShop Compilers 5.0 99/04/15 Compiler Common 5.0 Patch 107357-02" ! (mpv_sparc.s:1518)
- .ident "@(#)vis_proto.h 1.3 97/03/30 SMI" ! (mpv_sparc.s:1519)
- .ident "acomp: WorkShop Compilers 5.0 99/02/25 C 5.0 patch 107289-01" ! (mpv_sparc.s:1520)
-! End Disassembling Ident
diff --git a/security/nss/lib/freebl/mpi/mpvalpha.c b/security/nss/lib/freebl/mpi/mpvalpha.c
deleted file mode 100644
index 5118e73c3..000000000
--- a/security/nss/lib/freebl/mpi/mpvalpha.c
+++ /dev/null
@@ -1,214 +0,0 @@
-/* ***** BEGIN LICENSE BLOCK *****
- * Version: MPL 1.1/GPL 2.0/LGPL 2.1
- *
- * The contents of this file are subject to the Mozilla Public License Version
- * 1.1 (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- * http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
- * for the specific language governing rights and limitations under the
- * License.
- *
- * The Original Code is Multiple Precision Integer optimization code for
- * the Compaq Alpha processor.
- *
- * The Initial Developer of the Original Code is
- * Richard C. Swift.
- * Portions created by the Initial Developer are Copyright (C) 2001
- * the Initial Developer. All Rights Reserved.
- *
- * Contributor(s): Richard C. Swift (swift@netscape.com)
- *
- * Alternatively, the contents of this file may be used under the terms of
- * either the GNU General Public License Version 2 or later (the "GPL"), or
- * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
- * in which case the provisions of the GPL or the LGPL are applicable instead
- * of those above. If you wish to allow use of your version of this file only
- * under the terms of either the GPL or the LGPL, and not to allow others to
- * use your version of this file under the terms of the MPL, indicate your
- * decision by deleting the provisions above and replace them with the notice
- * and other provisions required by the GPL or the LGPL. If you do not delete
- * the provisions above, a recipient may use your version of this file under
- * the terms of any one of the MPL, the GPL or the LGPL.
- *
- * ***** END LICENSE BLOCK ***** */
-
-#include "mpi-priv.h"
-#include <c_asm.h>
-
-
-#define MP_MUL_DxD(a, b, Phi, Plo) \
- { Plo = asm ("mulq %a0, %a1, %v0", a, b); \
- Phi = asm ("umulh %a0, %a1, %v0", a, b); } \
-
-/* This is empty for the loop in s_mpv_mul_d */
-#define CARRY_ADD
-
-#define ONE_MUL \
- a_i = *a++; \
- MP_MUL_DxD(a_i, b, a1b1, a0b0); \
- a0b0 += carry; \
- if (a0b0 < carry) \
- ++a1b1; \
- CARRY_ADD \
- *c++ = a0b0; \
- carry = a1b1; \
-
-#define FOUR_MUL \
- ONE_MUL \
- ONE_MUL \
- ONE_MUL \
- ONE_MUL \
-
-#define SIXTEEN_MUL \
- FOUR_MUL \
- FOUR_MUL \
- FOUR_MUL \
- FOUR_MUL \
-
-#define THIRTYTWO_MUL \
- SIXTEEN_MUL \
- SIXTEEN_MUL \
-
-#define ONETWENTYEIGHT_MUL \
- THIRTYTWO_MUL \
- THIRTYTWO_MUL \
- THIRTYTWO_MUL \
- THIRTYTWO_MUL \
-
-
-#define EXPAND_256(CALL) \
- mp_digit carry = 0; \
- mp_digit a_i; \
- mp_digit a0b0, a1b1; \
- if (a_len &255) { \
- if (a_len &1) { \
- ONE_MUL \
- } \
- if (a_len &2) { \
- ONE_MUL \
- ONE_MUL \
- } \
- if (a_len &4) { \
- FOUR_MUL \
- } \
- if (a_len &8) { \
- FOUR_MUL \
- FOUR_MUL \
- } \
- if (a_len & 16 ) { \
- SIXTEEN_MUL \
- } \
- if (a_len & 32 ) { \
- THIRTYTWO_MUL \
- } \
- if (a_len & 64 ) { \
- THIRTYTWO_MUL \
- THIRTYTWO_MUL \
- } \
- if (a_len & 128) { \
- ONETWENTYEIGHT_MUL \
- } \
- a_len = a_len & (-256); \
- } \
- if (a_len>=256 ) { \
- carry = CALL(a, a_len, b, c, carry); \
- c += a_len; \
- } \
-
-#define FUNC_NAME(NAME) \
-mp_digit NAME(const mp_digit *a, \
- mp_size a_len, \
- mp_digit b, mp_digit *c, \
- mp_digit carry) \
-
-#define DECLARE_MUL_256(FNAME) \
-FUNC_NAME(FNAME) \
-{ \
- mp_digit a_i; \
- mp_digit a0b0, a1b1; \
- while (a_len) { \
- ONETWENTYEIGHT_MUL \
- ONETWENTYEIGHT_MUL \
- a_len-= 256; \
- } \
- return carry; \
-} \
-
-/* Expanding the loop in s_mpv_mul_d appeared to slow down the
- (admittedly) small number of tests (i.e., timetest) used to
- measure performance, so this define disables that optimization. */
-#define DO_NOT_EXPAND 1
-
-/* Need forward declaration so it can be instantiated after
- the routine that uses it; this helps locality somewhat */
-#if !defined(DO_NOT_EXPAND)
-FUNC_NAME(s_mpv_mul_d_MUL256);
-#endif
-
-/* c = a * b */
-void s_mpv_mul_d(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c)
-{
-#if defined(DO_NOT_EXPAND)
- mp_digit carry = 0;
- while (a_len--) {
- mp_digit a_i = *a++;
- mp_digit a0b0, a1b1;
-
- MP_MUL_DxD(a_i, b, a1b1, a0b0);
-
- a0b0 += carry;
- if (a0b0 < carry)
- ++a1b1;
- *c++ = a0b0;
- carry = a1b1;
- }
-#else
- EXPAND_256(s_mpv_mul_d_MUL256)
-#endif
- *c = carry;
-}
-
-#if !defined(DO_NOT_EXPAND)
-DECLARE_MUL_256(s_mpv_mul_d_MUL256)
-#endif
-
-#undef CARRY_ADD
-/* This is redefined for the loop in s_mpv_mul_d_add */
-#define CARRY_ADD \
- a0b0 += a_i = *c; \
- if (a0b0 < a_i) \
- ++a1b1; \
-
-/* Need forward declaration so it can be instantiated between the
- two routines that use it; this helps locality somewhat */
-FUNC_NAME(s_mpv_mul_d_add_MUL256);
-
-/* c += a * b */
-void s_mpv_mul_d_add(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c)
-{
- EXPAND_256(s_mpv_mul_d_add_MUL256)
- *c = carry;
-}
-
-/* Instantiate multiply 256 routine here */
-DECLARE_MUL_256(s_mpv_mul_d_add_MUL256)
-
-/* Presently, this is only used by the Montgomery arithmetic code. */
-/* c += a * b */
-void s_mpv_mul_d_add_prop(const mp_digit *a, mp_size a_len,
- mp_digit b, mp_digit *c)
-{
- EXPAND_256(s_mpv_mul_d_add_MUL256)
- while (carry) {
- mp_digit c_i = *c;
- carry += c_i;
- *c++ = carry;
- carry = carry < c_i;
- }
-}
-
diff --git a/security/nss/lib/freebl/mpi/mulsqr.c b/security/nss/lib/freebl/mpi/mulsqr.c
deleted file mode 100644
index db2b5ce8a..000000000
--- a/security/nss/lib/freebl/mpi/mulsqr.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * Test whether to include squaring code given the current settings
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <limits.h>
-#include <time.h>
-
-#define MP_SQUARE 1 /* make sure squaring code is included */
-
-#include "mpi.h"
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
- int ntests, prec, ix;
- unsigned int seed;
- clock_t start, stop;
- double multime, sqrtime;
- mp_int a, c;
-
- seed = (unsigned int)time(NULL);
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <ntests> <nbits>\n", argv[0]);
- return 1;
- }
-
- if((ntests = abs(atoi(argv[1]))) == 0) {
- fprintf(stderr, "%s: must request at least 1 test.\n", argv[0]);
- return 1;
- }
- if((prec = abs(atoi(argv[2]))) < CHAR_BIT) {
- fprintf(stderr, "%s: must request at least %d bits.\n", argv[0],
- CHAR_BIT);
- return 1;
- }
-
- prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
-
- mp_init_size(&a, prec);
- mp_init_size(&c, 2 * prec);
-
- /* Test multiplication by self */
- srand(seed);
- start = clock();
- for(ix = 0; ix < ntests; ix++) {
- mpp_random_size(&a, prec);
- mp_mul(&a, &a, &c);
- }
- stop = clock();
-
- multime = (double)(stop - start) / CLOCKS_PER_SEC;
-
- /* Test squaring */
- srand(seed);
- start = clock();
- for(ix = 0; ix < ntests; ix++) {
- mpp_random_size(&a, prec);
- mp_sqr(&a, &c);
- }
- stop = clock();
-
- sqrtime = (double)(stop - start) / CLOCKS_PER_SEC;
-
- printf("Multiply: %.4f\n", multime);
- printf("Square: %.4f\n", sqrtime);
- if(multime < sqrtime) {
- printf("Speedup: %.1f%%\n", 100.0 * (1.0 - multime / sqrtime));
- printf("Prefer: multiply\n");
- } else {
- printf("Speedup: %.1f%%\n", 100.0 * (1.0 - sqrtime / multime));
- printf("Prefer: square\n");
- }
-
- mp_clear(&a); mp_clear(&c);
- return 0;
-
-}
diff --git a/security/nss/lib/freebl/mpi/multest b/security/nss/lib/freebl/mpi/multest
deleted file mode 100755
index 08fec8388..000000000
--- a/security/nss/lib/freebl/mpi/multest
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/bin/sh
-#
-# multest
-#
-# Run multiply and square timing tests, to compute a chart for the
-# current processor and compiler combination.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-ECHO=/bin/echo
-MAKE=gmake
-
-$ECHO "\n** Running multiply and square timing tests\n"
-
-$ECHO "Bringing 'mulsqr' up to date ... "
-if $MAKE mulsqr ; then
- :
-else
- $ECHO "\nMake failed to build mulsqr.\n"
- exit 1
-fi
-
-if [ ! -x ./mulsqr ] ; then
- $ECHO "\nCannot find 'mulsqr' program, testing cannot continue.\n"
- exit 1
-fi
-
-sizes='64 128 192 256 320 384 448 512 640 768 896 1024 1536 2048'
-ntests=500000
-
-$ECHO "Running timing tests, please wait ... "
-
-trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP
-
-touch tt$$.tmp
-$ECHO $ntests tests >> tt$$.tmp
-for size in $sizes ; do
- $ECHO "$size bits ... \c"
- set -A res `./mulsqr $ntests $size|head -3|tr -d '%'|awk '{print $2}'`
- $ECHO $size"\t"${res[0]}"\t"${res[1]}"\t"${res[2]} >> tt$$.tmp
- $ECHO "(done)"
-done
-mv tt$$.tmp mulsqr-results.txt
-rm -f tt$$.tmp
-
-$ECHO "\n** Running Karatsuba-Ofman multiplication tests\n"
-
-$ECHO "Brining 'karatsuba' up to date ... "
-if $MAKE karatsuba ; then
- :
-else
- $ECHO "\nMake failed to build karatsuba.\n"
- exit 1
-fi
-
-if [ ! -x ./karatsuba ] ; then
- $ECHO "\nCannot find 'karatsuba' program, testing cannot continue.\n"
- exit 1
-fi
-
-ntests=100000
-
-trap 'echo "oop!";rm -f tt*.tmp;exit 0' INT HUP
-
-touch tt$$.tmp
-for size in $sizes ; do
- $ECHO "$size bits ... "
- ./karatsuba $ntests $size >> tt$$.tmp
- tail -2 tt$$.tmp
-done
-mv tt$$.tmp karatsuba-results.txt
-rm -f tt$$.tmp
-
-exit 0
diff --git a/security/nss/lib/freebl/mpi/primes.c b/security/nss/lib/freebl/mpi/primes.c
deleted file mode 100644
index 14f927b6c..000000000
--- a/security/nss/lib/freebl/mpi/primes.c
+++ /dev/null
@@ -1,871 +0,0 @@
-/*
- * These tables of primes wwere generated using the 'sieve' program
- * (sieve.c) and converted to this format with 'ptab.pl'.
- *
- * The 'small' table is just the first 128 primes. The 'large' table
- * is a table of all the prime values that will fit into a single
- * mp_digit (given the current size of an mp_digit, which is two bytes).
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#if SMALL_TABLE
-#define MP_PRIME_TAB_SIZE 128
-#else
-#define MP_PRIME_TAB_SIZE 6542
-#endif
-
-const int prime_tab_size = MP_PRIME_TAB_SIZE;
-const mp_digit prime_tab[] = {
- 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013,
- 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035,
- 0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059,
- 0x0061, 0x0065, 0x0067, 0x006B, 0x006D, 0x0071, 0x007F, 0x0083,
- 0x0089, 0x008B, 0x0095, 0x0097, 0x009D, 0x00A3, 0x00A7, 0x00AD,
- 0x00B3, 0x00B5, 0x00BF, 0x00C1, 0x00C5, 0x00C7, 0x00D3, 0x00DF,
- 0x00E3, 0x00E5, 0x00E9, 0x00EF, 0x00F1, 0x00FB, 0x0101, 0x0107,
- 0x010D, 0x010F, 0x0115, 0x0119, 0x011B, 0x0125, 0x0133, 0x0137,
- 0x0139, 0x013D, 0x014B, 0x0151, 0x015B, 0x015D, 0x0161, 0x0167,
- 0x016F, 0x0175, 0x017B, 0x017F, 0x0185, 0x018D, 0x0191, 0x0199,
- 0x01A3, 0x01A5, 0x01AF, 0x01B1, 0x01B7, 0x01BB, 0x01C1, 0x01C9,
- 0x01CD, 0x01CF, 0x01D3, 0x01DF, 0x01E7, 0x01EB, 0x01F3, 0x01F7,
- 0x01FD, 0x0209, 0x020B, 0x021D, 0x0223, 0x022D, 0x0233, 0x0239,
- 0x023B, 0x0241, 0x024B, 0x0251, 0x0257, 0x0259, 0x025F, 0x0265,
- 0x0269, 0x026B, 0x0277, 0x0281, 0x0283, 0x0287, 0x028D, 0x0293,
- 0x0295, 0x02A1, 0x02A5, 0x02AB, 0x02B3, 0x02BD, 0x02C5, 0x02CF,
-#if ! SMALL_TABLE
- 0x02D7, 0x02DD, 0x02E3, 0x02E7, 0x02EF, 0x02F5, 0x02F9, 0x0301,
- 0x0305, 0x0313, 0x031D, 0x0329, 0x032B, 0x0335, 0x0337, 0x033B,
- 0x033D, 0x0347, 0x0355, 0x0359, 0x035B, 0x035F, 0x036D, 0x0371,
- 0x0373, 0x0377, 0x038B, 0x038F, 0x0397, 0x03A1, 0x03A9, 0x03AD,
- 0x03B3, 0x03B9, 0x03C7, 0x03CB, 0x03D1, 0x03D7, 0x03DF, 0x03E5,
- 0x03F1, 0x03F5, 0x03FB, 0x03FD, 0x0407, 0x0409, 0x040F, 0x0419,
- 0x041B, 0x0425, 0x0427, 0x042D, 0x043F, 0x0443, 0x0445, 0x0449,
- 0x044F, 0x0455, 0x045D, 0x0463, 0x0469, 0x047F, 0x0481, 0x048B,
- 0x0493, 0x049D, 0x04A3, 0x04A9, 0x04B1, 0x04BD, 0x04C1, 0x04C7,
- 0x04CD, 0x04CF, 0x04D5, 0x04E1, 0x04EB, 0x04FD, 0x04FF, 0x0503,
- 0x0509, 0x050B, 0x0511, 0x0515, 0x0517, 0x051B, 0x0527, 0x0529,
- 0x052F, 0x0551, 0x0557, 0x055D, 0x0565, 0x0577, 0x0581, 0x058F,
- 0x0593, 0x0595, 0x0599, 0x059F, 0x05A7, 0x05AB, 0x05AD, 0x05B3,
- 0x05BF, 0x05C9, 0x05CB, 0x05CF, 0x05D1, 0x05D5, 0x05DB, 0x05E7,
- 0x05F3, 0x05FB, 0x0607, 0x060D, 0x0611, 0x0617, 0x061F, 0x0623,
- 0x062B, 0x062F, 0x063D, 0x0641, 0x0647, 0x0649, 0x064D, 0x0653,
- 0x0655, 0x065B, 0x0665, 0x0679, 0x067F, 0x0683, 0x0685, 0x069D,
- 0x06A1, 0x06A3, 0x06AD, 0x06B9, 0x06BB, 0x06C5, 0x06CD, 0x06D3,
- 0x06D9, 0x06DF, 0x06F1, 0x06F7, 0x06FB, 0x06FD, 0x0709, 0x0713,
- 0x071F, 0x0727, 0x0737, 0x0745, 0x074B, 0x074F, 0x0751, 0x0755,
- 0x0757, 0x0761, 0x076D, 0x0773, 0x0779, 0x078B, 0x078D, 0x079D,
- 0x079F, 0x07B5, 0x07BB, 0x07C3, 0x07C9, 0x07CD, 0x07CF, 0x07D3,
- 0x07DB, 0x07E1, 0x07EB, 0x07ED, 0x07F7, 0x0805, 0x080F, 0x0815,
- 0x0821, 0x0823, 0x0827, 0x0829, 0x0833, 0x083F, 0x0841, 0x0851,
- 0x0853, 0x0859, 0x085D, 0x085F, 0x0869, 0x0871, 0x0883, 0x089B,
- 0x089F, 0x08A5, 0x08AD, 0x08BD, 0x08BF, 0x08C3, 0x08CB, 0x08DB,
- 0x08DD, 0x08E1, 0x08E9, 0x08EF, 0x08F5, 0x08F9, 0x0905, 0x0907,
- 0x091D, 0x0923, 0x0925, 0x092B, 0x092F, 0x0935, 0x0943, 0x0949,
- 0x094D, 0x094F, 0x0955, 0x0959, 0x095F, 0x096B, 0x0971, 0x0977,
- 0x0985, 0x0989, 0x098F, 0x099B, 0x09A3, 0x09A9, 0x09AD, 0x09C7,
- 0x09D9, 0x09E3, 0x09EB, 0x09EF, 0x09F5, 0x09F7, 0x09FD, 0x0A13,
- 0x0A1F, 0x0A21, 0x0A31, 0x0A39, 0x0A3D, 0x0A49, 0x0A57, 0x0A61,
- 0x0A63, 0x0A67, 0x0A6F, 0x0A75, 0x0A7B, 0x0A7F, 0x0A81, 0x0A85,
- 0x0A8B, 0x0A93, 0x0A97, 0x0A99, 0x0A9F, 0x0AA9, 0x0AAB, 0x0AB5,
- 0x0ABD, 0x0AC1, 0x0ACF, 0x0AD9, 0x0AE5, 0x0AE7, 0x0AED, 0x0AF1,
- 0x0AF3, 0x0B03, 0x0B11, 0x0B15, 0x0B1B, 0x0B23, 0x0B29, 0x0B2D,
- 0x0B3F, 0x0B47, 0x0B51, 0x0B57, 0x0B5D, 0x0B65, 0x0B6F, 0x0B7B,
- 0x0B89, 0x0B8D, 0x0B93, 0x0B99, 0x0B9B, 0x0BB7, 0x0BB9, 0x0BC3,
- 0x0BCB, 0x0BCF, 0x0BDD, 0x0BE1, 0x0BE9, 0x0BF5, 0x0BFB, 0x0C07,
- 0x0C0B, 0x0C11, 0x0C25, 0x0C2F, 0x0C31, 0x0C41, 0x0C5B, 0x0C5F,
- 0x0C61, 0x0C6D, 0x0C73, 0x0C77, 0x0C83, 0x0C89, 0x0C91, 0x0C95,
- 0x0C9D, 0x0CB3, 0x0CB5, 0x0CB9, 0x0CBB, 0x0CC7, 0x0CE3, 0x0CE5,
- 0x0CEB, 0x0CF1, 0x0CF7, 0x0CFB, 0x0D01, 0x0D03, 0x0D0F, 0x0D13,
- 0x0D1F, 0x0D21, 0x0D2B, 0x0D2D, 0x0D3D, 0x0D3F, 0x0D4F, 0x0D55,
- 0x0D69, 0x0D79, 0x0D81, 0x0D85, 0x0D87, 0x0D8B, 0x0D8D, 0x0DA3,
- 0x0DAB, 0x0DB7, 0x0DBD, 0x0DC7, 0x0DC9, 0x0DCD, 0x0DD3, 0x0DD5,
- 0x0DDB, 0x0DE5, 0x0DE7, 0x0DF3, 0x0DFD, 0x0DFF, 0x0E09, 0x0E17,
- 0x0E1D, 0x0E21, 0x0E27, 0x0E2F, 0x0E35, 0x0E3B, 0x0E4B, 0x0E57,
- 0x0E59, 0x0E5D, 0x0E6B, 0x0E71, 0x0E75, 0x0E7D, 0x0E87, 0x0E8F,
- 0x0E95, 0x0E9B, 0x0EB1, 0x0EB7, 0x0EB9, 0x0EC3, 0x0ED1, 0x0ED5,
- 0x0EDB, 0x0EED, 0x0EEF, 0x0EF9, 0x0F07, 0x0F0B, 0x0F0D, 0x0F17,
- 0x0F25, 0x0F29, 0x0F31, 0x0F43, 0x0F47, 0x0F4D, 0x0F4F, 0x0F53,
- 0x0F59, 0x0F5B, 0x0F67, 0x0F6B, 0x0F7F, 0x0F95, 0x0FA1, 0x0FA3,
- 0x0FA7, 0x0FAD, 0x0FB3, 0x0FB5, 0x0FBB, 0x0FD1, 0x0FD3, 0x0FD9,
- 0x0FE9, 0x0FEF, 0x0FFB, 0x0FFD, 0x1003, 0x100F, 0x101F, 0x1021,
- 0x1025, 0x102B, 0x1039, 0x103D, 0x103F, 0x1051, 0x1069, 0x1073,
- 0x1079, 0x107B, 0x1085, 0x1087, 0x1091, 0x1093, 0x109D, 0x10A3,
- 0x10A5, 0x10AF, 0x10B1, 0x10BB, 0x10C1, 0x10C9, 0x10E7, 0x10F1,
- 0x10F3, 0x10FD, 0x1105, 0x110B, 0x1115, 0x1127, 0x112D, 0x1139,
- 0x1145, 0x1147, 0x1159, 0x115F, 0x1163, 0x1169, 0x116F, 0x1181,
- 0x1183, 0x118D, 0x119B, 0x11A1, 0x11A5, 0x11A7, 0x11AB, 0x11C3,
- 0x11C5, 0x11D1, 0x11D7, 0x11E7, 0x11EF, 0x11F5, 0x11FB, 0x120D,
- 0x121D, 0x121F, 0x1223, 0x1229, 0x122B, 0x1231, 0x1237, 0x1241,
- 0x1247, 0x1253, 0x125F, 0x1271, 0x1273, 0x1279, 0x127D, 0x128F,
- 0x1297, 0x12AF, 0x12B3, 0x12B5, 0x12B9, 0x12BF, 0x12C1, 0x12CD,
- 0x12D1, 0x12DF, 0x12FD, 0x1307, 0x130D, 0x1319, 0x1327, 0x132D,
- 0x1337, 0x1343, 0x1345, 0x1349, 0x134F, 0x1357, 0x135D, 0x1367,
- 0x1369, 0x136D, 0x137B, 0x1381, 0x1387, 0x138B, 0x1391, 0x1393,
- 0x139D, 0x139F, 0x13AF, 0x13BB, 0x13C3, 0x13D5, 0x13D9, 0x13DF,
- 0x13EB, 0x13ED, 0x13F3, 0x13F9, 0x13FF, 0x141B, 0x1421, 0x142F,
- 0x1433, 0x143B, 0x1445, 0x144D, 0x1459, 0x146B, 0x146F, 0x1471,
- 0x1475, 0x148D, 0x1499, 0x149F, 0x14A1, 0x14B1, 0x14B7, 0x14BD,
- 0x14CB, 0x14D5, 0x14E3, 0x14E7, 0x1505, 0x150B, 0x1511, 0x1517,
- 0x151F, 0x1525, 0x1529, 0x152B, 0x1537, 0x153D, 0x1541, 0x1543,
- 0x1549, 0x155F, 0x1565, 0x1567, 0x156B, 0x157D, 0x157F, 0x1583,
- 0x158F, 0x1591, 0x1597, 0x159B, 0x15B5, 0x15BB, 0x15C1, 0x15C5,
- 0x15CD, 0x15D7, 0x15F7, 0x1607, 0x1609, 0x160F, 0x1613, 0x1615,
- 0x1619, 0x161B, 0x1625, 0x1633, 0x1639, 0x163D, 0x1645, 0x164F,
- 0x1655, 0x1669, 0x166D, 0x166F, 0x1675, 0x1693, 0x1697, 0x169F,
- 0x16A9, 0x16AF, 0x16B5, 0x16BD, 0x16C3, 0x16CF, 0x16D3, 0x16D9,
- 0x16DB, 0x16E1, 0x16E5, 0x16EB, 0x16ED, 0x16F7, 0x16F9, 0x1709,
- 0x170F, 0x1723, 0x1727, 0x1733, 0x1741, 0x175D, 0x1763, 0x1777,
- 0x177B, 0x178D, 0x1795, 0x179B, 0x179F, 0x17A5, 0x17B3, 0x17B9,
- 0x17BF, 0x17C9, 0x17CB, 0x17D5, 0x17E1, 0x17E9, 0x17F3, 0x17F5,
- 0x17FF, 0x1807, 0x1813, 0x181D, 0x1835, 0x1837, 0x183B, 0x1843,
- 0x1849, 0x184D, 0x1855, 0x1867, 0x1871, 0x1877, 0x187D, 0x187F,
- 0x1885, 0x188F, 0x189B, 0x189D, 0x18A7, 0x18AD, 0x18B3, 0x18B9,
- 0x18C1, 0x18C7, 0x18D1, 0x18D7, 0x18D9, 0x18DF, 0x18E5, 0x18EB,
- 0x18F5, 0x18FD, 0x1915, 0x191B, 0x1931, 0x1933, 0x1945, 0x1949,
- 0x1951, 0x195B, 0x1979, 0x1981, 0x1993, 0x1997, 0x1999, 0x19A3,
- 0x19A9, 0x19AB, 0x19B1, 0x19B5, 0x19C7, 0x19CF, 0x19DB, 0x19ED,
- 0x19FD, 0x1A03, 0x1A05, 0x1A11, 0x1A17, 0x1A21, 0x1A23, 0x1A2D,
- 0x1A2F, 0x1A35, 0x1A3F, 0x1A4D, 0x1A51, 0x1A69, 0x1A6B, 0x1A7B,
- 0x1A7D, 0x1A87, 0x1A89, 0x1A93, 0x1AA7, 0x1AAB, 0x1AAD, 0x1AB1,
- 0x1AB9, 0x1AC9, 0x1ACF, 0x1AD5, 0x1AD7, 0x1AE3, 0x1AF3, 0x1AFB,
- 0x1AFF, 0x1B05, 0x1B23, 0x1B25, 0x1B2F, 0x1B31, 0x1B37, 0x1B3B,
- 0x1B41, 0x1B47, 0x1B4F, 0x1B55, 0x1B59, 0x1B65, 0x1B6B, 0x1B73,
- 0x1B7F, 0x1B83, 0x1B91, 0x1B9D, 0x1BA7, 0x1BBF, 0x1BC5, 0x1BD1,
- 0x1BD7, 0x1BD9, 0x1BEF, 0x1BF7, 0x1C09, 0x1C13, 0x1C19, 0x1C27,
- 0x1C2B, 0x1C2D, 0x1C33, 0x1C3D, 0x1C45, 0x1C4B, 0x1C4F, 0x1C55,
- 0x1C73, 0x1C81, 0x1C8B, 0x1C8D, 0x1C99, 0x1CA3, 0x1CA5, 0x1CB5,
- 0x1CB7, 0x1CC9, 0x1CE1, 0x1CF3, 0x1CF9, 0x1D09, 0x1D1B, 0x1D21,
- 0x1D23, 0x1D35, 0x1D39, 0x1D3F, 0x1D41, 0x1D4B, 0x1D53, 0x1D5D,
- 0x1D63, 0x1D69, 0x1D71, 0x1D75, 0x1D7B, 0x1D7D, 0x1D87, 0x1D89,
- 0x1D95, 0x1D99, 0x1D9F, 0x1DA5, 0x1DA7, 0x1DB3, 0x1DB7, 0x1DC5,
- 0x1DD7, 0x1DDB, 0x1DE1, 0x1DF5, 0x1DF9, 0x1E01, 0x1E07, 0x1E0B,
- 0x1E13, 0x1E17, 0x1E25, 0x1E2B, 0x1E2F, 0x1E3D, 0x1E49, 0x1E4D,
- 0x1E4F, 0x1E6D, 0x1E71, 0x1E89, 0x1E8F, 0x1E95, 0x1EA1, 0x1EAD,
- 0x1EBB, 0x1EC1, 0x1EC5, 0x1EC7, 0x1ECB, 0x1EDD, 0x1EE3, 0x1EEF,
- 0x1EF7, 0x1EFD, 0x1F01, 0x1F0D, 0x1F0F, 0x1F1B, 0x1F39, 0x1F49,
- 0x1F4B, 0x1F51, 0x1F67, 0x1F75, 0x1F7B, 0x1F85, 0x1F91, 0x1F97,
- 0x1F99, 0x1F9D, 0x1FA5, 0x1FAF, 0x1FB5, 0x1FBB, 0x1FD3, 0x1FE1,
- 0x1FE7, 0x1FEB, 0x1FF3, 0x1FFF, 0x2011, 0x201B, 0x201D, 0x2027,
- 0x2029, 0x202D, 0x2033, 0x2047, 0x204D, 0x2051, 0x205F, 0x2063,
- 0x2065, 0x2069, 0x2077, 0x207D, 0x2089, 0x20A1, 0x20AB, 0x20B1,
- 0x20B9, 0x20C3, 0x20C5, 0x20E3, 0x20E7, 0x20ED, 0x20EF, 0x20FB,
- 0x20FF, 0x210D, 0x2113, 0x2135, 0x2141, 0x2149, 0x214F, 0x2159,
- 0x215B, 0x215F, 0x2173, 0x217D, 0x2185, 0x2195, 0x2197, 0x21A1,
- 0x21AF, 0x21B3, 0x21B5, 0x21C1, 0x21C7, 0x21D7, 0x21DD, 0x21E5,
- 0x21E9, 0x21F1, 0x21F5, 0x21FB, 0x2203, 0x2209, 0x220F, 0x221B,
- 0x2221, 0x2225, 0x222B, 0x2231, 0x2239, 0x224B, 0x224F, 0x2263,
- 0x2267, 0x2273, 0x2275, 0x227F, 0x2285, 0x2287, 0x2291, 0x229D,
- 0x229F, 0x22A3, 0x22B7, 0x22BD, 0x22DB, 0x22E1, 0x22E5, 0x22ED,
- 0x22F7, 0x2303, 0x2309, 0x230B, 0x2327, 0x2329, 0x232F, 0x2333,
- 0x2335, 0x2345, 0x2351, 0x2353, 0x2359, 0x2363, 0x236B, 0x2383,
- 0x238F, 0x2395, 0x23A7, 0x23AD, 0x23B1, 0x23BF, 0x23C5, 0x23C9,
- 0x23D5, 0x23DD, 0x23E3, 0x23EF, 0x23F3, 0x23F9, 0x2405, 0x240B,
- 0x2417, 0x2419, 0x2429, 0x243D, 0x2441, 0x2443, 0x244D, 0x245F,
- 0x2467, 0x246B, 0x2479, 0x247D, 0x247F, 0x2485, 0x249B, 0x24A1,
- 0x24AF, 0x24B5, 0x24BB, 0x24C5, 0x24CB, 0x24CD, 0x24D7, 0x24D9,
- 0x24DD, 0x24DF, 0x24F5, 0x24F7, 0x24FB, 0x2501, 0x2507, 0x2513,
- 0x2519, 0x2527, 0x2531, 0x253D, 0x2543, 0x254B, 0x254F, 0x2573,
- 0x2581, 0x258D, 0x2593, 0x2597, 0x259D, 0x259F, 0x25AB, 0x25B1,
- 0x25BD, 0x25CD, 0x25CF, 0x25D9, 0x25E1, 0x25F7, 0x25F9, 0x2605,
- 0x260B, 0x260F, 0x2615, 0x2627, 0x2629, 0x2635, 0x263B, 0x263F,
- 0x264B, 0x2653, 0x2659, 0x2665, 0x2669, 0x266F, 0x267B, 0x2681,
- 0x2683, 0x268F, 0x269B, 0x269F, 0x26AD, 0x26B3, 0x26C3, 0x26C9,
- 0x26CB, 0x26D5, 0x26DD, 0x26EF, 0x26F5, 0x2717, 0x2719, 0x2735,
- 0x2737, 0x274D, 0x2753, 0x2755, 0x275F, 0x276B, 0x276D, 0x2773,
- 0x2777, 0x277F, 0x2795, 0x279B, 0x279D, 0x27A7, 0x27AF, 0x27B3,
- 0x27B9, 0x27C1, 0x27C5, 0x27D1, 0x27E3, 0x27EF, 0x2803, 0x2807,
- 0x280D, 0x2813, 0x281B, 0x281F, 0x2821, 0x2831, 0x283D, 0x283F,
- 0x2849, 0x2851, 0x285B, 0x285D, 0x2861, 0x2867, 0x2875, 0x2881,
- 0x2897, 0x289F, 0x28BB, 0x28BD, 0x28C1, 0x28D5, 0x28D9, 0x28DB,
- 0x28DF, 0x28ED, 0x28F7, 0x2903, 0x2905, 0x2911, 0x2921, 0x2923,
- 0x293F, 0x2947, 0x295D, 0x2965, 0x2969, 0x296F, 0x2975, 0x2983,
- 0x2987, 0x298F, 0x299B, 0x29A1, 0x29A7, 0x29AB, 0x29BF, 0x29C3,
- 0x29D5, 0x29D7, 0x29E3, 0x29E9, 0x29ED, 0x29F3, 0x2A01, 0x2A13,
- 0x2A1D, 0x2A25, 0x2A2F, 0x2A4F, 0x2A55, 0x2A5F, 0x2A65, 0x2A6B,
- 0x2A6D, 0x2A73, 0x2A83, 0x2A89, 0x2A8B, 0x2A97, 0x2A9D, 0x2AB9,
- 0x2ABB, 0x2AC5, 0x2ACD, 0x2ADD, 0x2AE3, 0x2AEB, 0x2AF1, 0x2AFB,
- 0x2B13, 0x2B27, 0x2B31, 0x2B33, 0x2B3D, 0x2B3F, 0x2B4B, 0x2B4F,
- 0x2B55, 0x2B69, 0x2B6D, 0x2B6F, 0x2B7B, 0x2B8D, 0x2B97, 0x2B99,
- 0x2BA3, 0x2BA5, 0x2BA9, 0x2BBD, 0x2BCD, 0x2BE7, 0x2BEB, 0x2BF3,
- 0x2BF9, 0x2BFD, 0x2C09, 0x2C0F, 0x2C17, 0x2C23, 0x2C2F, 0x2C35,
- 0x2C39, 0x2C41, 0x2C57, 0x2C59, 0x2C69, 0x2C77, 0x2C81, 0x2C87,
- 0x2C93, 0x2C9F, 0x2CAD, 0x2CB3, 0x2CB7, 0x2CCB, 0x2CCF, 0x2CDB,
- 0x2CE1, 0x2CE3, 0x2CE9, 0x2CEF, 0x2CFF, 0x2D07, 0x2D1D, 0x2D1F,
- 0x2D3B, 0x2D43, 0x2D49, 0x2D4D, 0x2D61, 0x2D65, 0x2D71, 0x2D89,
- 0x2D9D, 0x2DA1, 0x2DA9, 0x2DB3, 0x2DB5, 0x2DC5, 0x2DC7, 0x2DD3,
- 0x2DDF, 0x2E01, 0x2E03, 0x2E07, 0x2E0D, 0x2E19, 0x2E1F, 0x2E25,
- 0x2E2D, 0x2E33, 0x2E37, 0x2E39, 0x2E3F, 0x2E57, 0x2E5B, 0x2E6F,
- 0x2E79, 0x2E7F, 0x2E85, 0x2E93, 0x2E97, 0x2E9D, 0x2EA3, 0x2EA5,
- 0x2EB1, 0x2EB7, 0x2EC1, 0x2EC3, 0x2ECD, 0x2ED3, 0x2EE7, 0x2EEB,
- 0x2F05, 0x2F09, 0x2F0B, 0x2F11, 0x2F27, 0x2F29, 0x2F41, 0x2F45,
- 0x2F4B, 0x2F4D, 0x2F51, 0x2F57, 0x2F6F, 0x2F75, 0x2F7D, 0x2F81,
- 0x2F83, 0x2FA5, 0x2FAB, 0x2FB3, 0x2FC3, 0x2FCF, 0x2FD1, 0x2FDB,
- 0x2FDD, 0x2FE7, 0x2FED, 0x2FF5, 0x2FF9, 0x3001, 0x300D, 0x3023,
- 0x3029, 0x3037, 0x303B, 0x3055, 0x3059, 0x305B, 0x3067, 0x3071,
- 0x3079, 0x307D, 0x3085, 0x3091, 0x3095, 0x30A3, 0x30A9, 0x30B9,
- 0x30BF, 0x30C7, 0x30CB, 0x30D1, 0x30D7, 0x30DF, 0x30E5, 0x30EF,
- 0x30FB, 0x30FD, 0x3103, 0x3109, 0x3119, 0x3121, 0x3127, 0x312D,
- 0x3139, 0x3143, 0x3145, 0x314B, 0x315D, 0x3161, 0x3167, 0x316D,
- 0x3173, 0x317F, 0x3191, 0x3199, 0x319F, 0x31A9, 0x31B1, 0x31C3,
- 0x31C7, 0x31D5, 0x31DB, 0x31ED, 0x31F7, 0x31FF, 0x3209, 0x3215,
- 0x3217, 0x321D, 0x3229, 0x3235, 0x3259, 0x325D, 0x3263, 0x326B,
- 0x326F, 0x3275, 0x3277, 0x327B, 0x328D, 0x3299, 0x329F, 0x32A7,
- 0x32AD, 0x32B3, 0x32B7, 0x32C9, 0x32CB, 0x32CF, 0x32D1, 0x32E9,
- 0x32ED, 0x32F3, 0x32F9, 0x3307, 0x3325, 0x332B, 0x332F, 0x3335,
- 0x3341, 0x3347, 0x335B, 0x335F, 0x3367, 0x336B, 0x3373, 0x3379,
- 0x337F, 0x3383, 0x33A1, 0x33A3, 0x33AD, 0x33B9, 0x33C1, 0x33CB,
- 0x33D3, 0x33EB, 0x33F1, 0x33FD, 0x3401, 0x340F, 0x3413, 0x3419,
- 0x341B, 0x3437, 0x3445, 0x3455, 0x3457, 0x3463, 0x3469, 0x346D,
- 0x3481, 0x348B, 0x3491, 0x3497, 0x349D, 0x34A5, 0x34AF, 0x34BB,
- 0x34C9, 0x34D3, 0x34E1, 0x34F1, 0x34FF, 0x3509, 0x3517, 0x351D,
- 0x352D, 0x3533, 0x353B, 0x3541, 0x3551, 0x3565, 0x356F, 0x3571,
- 0x3577, 0x357B, 0x357D, 0x3581, 0x358D, 0x358F, 0x3599, 0x359B,
- 0x35A1, 0x35B7, 0x35BD, 0x35BF, 0x35C3, 0x35D5, 0x35DD, 0x35E7,
- 0x35EF, 0x3605, 0x3607, 0x3611, 0x3623, 0x3631, 0x3635, 0x3637,
- 0x363B, 0x364D, 0x364F, 0x3653, 0x3659, 0x3661, 0x366B, 0x366D,
- 0x368B, 0x368F, 0x36AD, 0x36AF, 0x36B9, 0x36BB, 0x36CD, 0x36D1,
- 0x36E3, 0x36E9, 0x36F7, 0x3701, 0x3703, 0x3707, 0x371B, 0x373F,
- 0x3745, 0x3749, 0x374F, 0x375D, 0x3761, 0x3775, 0x377F, 0x378D,
- 0x37A3, 0x37A9, 0x37AB, 0x37C9, 0x37D5, 0x37DF, 0x37F1, 0x37F3,
- 0x37F7, 0x3805, 0x380B, 0x3821, 0x3833, 0x3835, 0x3841, 0x3847,
- 0x384B, 0x3853, 0x3857, 0x385F, 0x3865, 0x386F, 0x3871, 0x387D,
- 0x388F, 0x3899, 0x38A7, 0x38B7, 0x38C5, 0x38C9, 0x38CF, 0x38D5,
- 0x38D7, 0x38DD, 0x38E1, 0x38E3, 0x38FF, 0x3901, 0x391D, 0x3923,
- 0x3925, 0x3929, 0x392F, 0x393D, 0x3941, 0x394D, 0x395B, 0x396B,
- 0x3979, 0x397D, 0x3983, 0x398B, 0x3991, 0x3995, 0x399B, 0x39A1,
- 0x39A7, 0x39AF, 0x39B3, 0x39BB, 0x39BF, 0x39CD, 0x39DD, 0x39E5,
- 0x39EB, 0x39EF, 0x39FB, 0x3A03, 0x3A13, 0x3A15, 0x3A1F, 0x3A27,
- 0x3A2B, 0x3A31, 0x3A4B, 0x3A51, 0x3A5B, 0x3A63, 0x3A67, 0x3A6D,
- 0x3A79, 0x3A87, 0x3AA5, 0x3AA9, 0x3AB7, 0x3ACD, 0x3AD5, 0x3AE1,
- 0x3AE5, 0x3AEB, 0x3AF3, 0x3AFD, 0x3B03, 0x3B11, 0x3B1B, 0x3B21,
- 0x3B23, 0x3B2D, 0x3B39, 0x3B45, 0x3B53, 0x3B59, 0x3B5F, 0x3B71,
- 0x3B7B, 0x3B81, 0x3B89, 0x3B9B, 0x3B9F, 0x3BA5, 0x3BA7, 0x3BAD,
- 0x3BB7, 0x3BB9, 0x3BC3, 0x3BCB, 0x3BD1, 0x3BD7, 0x3BE1, 0x3BE3,
- 0x3BF5, 0x3BFF, 0x3C01, 0x3C0D, 0x3C11, 0x3C17, 0x3C1F, 0x3C29,
- 0x3C35, 0x3C43, 0x3C4F, 0x3C53, 0x3C5B, 0x3C65, 0x3C6B, 0x3C71,
- 0x3C85, 0x3C89, 0x3C97, 0x3CA7, 0x3CB5, 0x3CBF, 0x3CC7, 0x3CD1,
- 0x3CDD, 0x3CDF, 0x3CF1, 0x3CF7, 0x3D03, 0x3D0D, 0x3D19, 0x3D1B,
- 0x3D1F, 0x3D21, 0x3D2D, 0x3D33, 0x3D37, 0x3D3F, 0x3D43, 0x3D6F,
- 0x3D73, 0x3D75, 0x3D79, 0x3D7B, 0x3D85, 0x3D91, 0x3D97, 0x3D9D,
- 0x3DAB, 0x3DAF, 0x3DB5, 0x3DBB, 0x3DC1, 0x3DC9, 0x3DCF, 0x3DF3,
- 0x3E05, 0x3E09, 0x3E0F, 0x3E11, 0x3E1D, 0x3E23, 0x3E29, 0x3E2F,
- 0x3E33, 0x3E41, 0x3E57, 0x3E63, 0x3E65, 0x3E77, 0x3E81, 0x3E87,
- 0x3EA1, 0x3EB9, 0x3EBD, 0x3EBF, 0x3EC3, 0x3EC5, 0x3EC9, 0x3ED7,
- 0x3EDB, 0x3EE1, 0x3EE7, 0x3EEF, 0x3EFF, 0x3F0B, 0x3F0D, 0x3F37,
- 0x3F3B, 0x3F3D, 0x3F41, 0x3F59, 0x3F5F, 0x3F65, 0x3F67, 0x3F79,
- 0x3F7D, 0x3F8B, 0x3F91, 0x3FAD, 0x3FBF, 0x3FCD, 0x3FD3, 0x3FDD,
- 0x3FE9, 0x3FEB, 0x3FF1, 0x3FFD, 0x401B, 0x4021, 0x4025, 0x402B,
- 0x4031, 0x403F, 0x4043, 0x4045, 0x405D, 0x4061, 0x4067, 0x406D,
- 0x4087, 0x4091, 0x40A3, 0x40A9, 0x40B1, 0x40B7, 0x40BD, 0x40DB,
- 0x40DF, 0x40EB, 0x40F7, 0x40F9, 0x4109, 0x410B, 0x4111, 0x4115,
- 0x4121, 0x4133, 0x4135, 0x413B, 0x413F, 0x4159, 0x4165, 0x416B,
- 0x4177, 0x417B, 0x4193, 0x41AB, 0x41B7, 0x41BD, 0x41BF, 0x41CB,
- 0x41E7, 0x41EF, 0x41F3, 0x41F9, 0x4205, 0x4207, 0x4219, 0x421F,
- 0x4223, 0x4229, 0x422F, 0x4243, 0x4253, 0x4255, 0x425B, 0x4261,
- 0x4273, 0x427D, 0x4283, 0x4285, 0x4289, 0x4291, 0x4297, 0x429D,
- 0x42B5, 0x42C5, 0x42CB, 0x42D3, 0x42DD, 0x42E3, 0x42F1, 0x4307,
- 0x430F, 0x431F, 0x4325, 0x4327, 0x4333, 0x4337, 0x4339, 0x434F,
- 0x4357, 0x4369, 0x438B, 0x438D, 0x4393, 0x43A5, 0x43A9, 0x43AF,
- 0x43B5, 0x43BD, 0x43C7, 0x43CF, 0x43E1, 0x43E7, 0x43EB, 0x43ED,
- 0x43F1, 0x43F9, 0x4409, 0x440B, 0x4417, 0x4423, 0x4429, 0x443B,
- 0x443F, 0x4445, 0x444B, 0x4451, 0x4453, 0x4459, 0x4465, 0x446F,
- 0x4483, 0x448F, 0x44A1, 0x44A5, 0x44AB, 0x44AD, 0x44BD, 0x44BF,
- 0x44C9, 0x44D7, 0x44DB, 0x44F9, 0x44FB, 0x4505, 0x4511, 0x4513,
- 0x452B, 0x4531, 0x4541, 0x4549, 0x4553, 0x4555, 0x4561, 0x4577,
- 0x457D, 0x457F, 0x458F, 0x45A3, 0x45AD, 0x45AF, 0x45BB, 0x45C7,
- 0x45D9, 0x45E3, 0x45EF, 0x45F5, 0x45F7, 0x4601, 0x4603, 0x4609,
- 0x4613, 0x4625, 0x4627, 0x4633, 0x4639, 0x463D, 0x4643, 0x4645,
- 0x465D, 0x4679, 0x467B, 0x467F, 0x4681, 0x468B, 0x468D, 0x469D,
- 0x46A9, 0x46B1, 0x46C7, 0x46C9, 0x46CF, 0x46D3, 0x46D5, 0x46DF,
- 0x46E5, 0x46F9, 0x4705, 0x470F, 0x4717, 0x4723, 0x4729, 0x472F,
- 0x4735, 0x4739, 0x474B, 0x474D, 0x4751, 0x475D, 0x476F, 0x4771,
- 0x477D, 0x4783, 0x4787, 0x4789, 0x4799, 0x47A5, 0x47B1, 0x47BF,
- 0x47C3, 0x47CB, 0x47DD, 0x47E1, 0x47ED, 0x47FB, 0x4801, 0x4807,
- 0x480B, 0x4813, 0x4819, 0x481D, 0x4831, 0x483D, 0x4847, 0x4855,
- 0x4859, 0x485B, 0x486B, 0x486D, 0x4879, 0x4897, 0x489B, 0x48A1,
- 0x48B9, 0x48CD, 0x48E5, 0x48EF, 0x48F7, 0x4903, 0x490D, 0x4919,
- 0x491F, 0x492B, 0x4937, 0x493D, 0x4945, 0x4955, 0x4963, 0x4969,
- 0x496D, 0x4973, 0x4997, 0x49AB, 0x49B5, 0x49D3, 0x49DF, 0x49E1,
- 0x49E5, 0x49E7, 0x4A03, 0x4A0F, 0x4A1D, 0x4A23, 0x4A39, 0x4A41,
- 0x4A45, 0x4A57, 0x4A5D, 0x4A6B, 0x4A7D, 0x4A81, 0x4A87, 0x4A89,
- 0x4A8F, 0x4AB1, 0x4AC3, 0x4AC5, 0x4AD5, 0x4ADB, 0x4AED, 0x4AEF,
- 0x4B07, 0x4B0B, 0x4B0D, 0x4B13, 0x4B1F, 0x4B25, 0x4B31, 0x4B3B,
- 0x4B43, 0x4B49, 0x4B59, 0x4B65, 0x4B6D, 0x4B77, 0x4B85, 0x4BAD,
- 0x4BB3, 0x4BB5, 0x4BBB, 0x4BBF, 0x4BCB, 0x4BD9, 0x4BDD, 0x4BDF,
- 0x4BE3, 0x4BE5, 0x4BE9, 0x4BF1, 0x4BF7, 0x4C01, 0x4C07, 0x4C0D,
- 0x4C0F, 0x4C15, 0x4C1B, 0x4C21, 0x4C2D, 0x4C33, 0x4C4B, 0x4C55,
- 0x4C57, 0x4C61, 0x4C67, 0x4C73, 0x4C79, 0x4C7F, 0x4C8D, 0x4C93,
- 0x4C99, 0x4CCD, 0x4CE1, 0x4CE7, 0x4CF1, 0x4CF3, 0x4CFD, 0x4D05,
- 0x4D0F, 0x4D1B, 0x4D27, 0x4D29, 0x4D2F, 0x4D33, 0x4D41, 0x4D51,
- 0x4D59, 0x4D65, 0x4D6B, 0x4D81, 0x4D83, 0x4D8D, 0x4D95, 0x4D9B,
- 0x4DB1, 0x4DB3, 0x4DC9, 0x4DCF, 0x4DD7, 0x4DE1, 0x4DED, 0x4DF9,
- 0x4DFB, 0x4E05, 0x4E0B, 0x4E17, 0x4E19, 0x4E1D, 0x4E2B, 0x4E35,
- 0x4E37, 0x4E3D, 0x4E4F, 0x4E53, 0x4E5F, 0x4E67, 0x4E79, 0x4E85,
- 0x4E8B, 0x4E91, 0x4E95, 0x4E9B, 0x4EA1, 0x4EAF, 0x4EB3, 0x4EB5,
- 0x4EC1, 0x4ECD, 0x4ED1, 0x4ED7, 0x4EE9, 0x4EFB, 0x4F07, 0x4F09,
- 0x4F19, 0x4F25, 0x4F2D, 0x4F3F, 0x4F49, 0x4F63, 0x4F67, 0x4F6D,
- 0x4F75, 0x4F7B, 0x4F81, 0x4F85, 0x4F87, 0x4F91, 0x4FA5, 0x4FA9,
- 0x4FAF, 0x4FB7, 0x4FBB, 0x4FCF, 0x4FD9, 0x4FDB, 0x4FFD, 0x4FFF,
- 0x5003, 0x501B, 0x501D, 0x5029, 0x5035, 0x503F, 0x5045, 0x5047,
- 0x5053, 0x5071, 0x5077, 0x5083, 0x5093, 0x509F, 0x50A1, 0x50B7,
- 0x50C9, 0x50D5, 0x50E3, 0x50ED, 0x50EF, 0x50FB, 0x5107, 0x510B,
- 0x510D, 0x5111, 0x5117, 0x5123, 0x5125, 0x5135, 0x5147, 0x5149,
- 0x5171, 0x5179, 0x5189, 0x518F, 0x5197, 0x51A1, 0x51A3, 0x51A7,
- 0x51B9, 0x51C1, 0x51CB, 0x51D3, 0x51DF, 0x51E3, 0x51F5, 0x51F7,
- 0x5209, 0x5213, 0x5215, 0x5219, 0x521B, 0x521F, 0x5227, 0x5243,
- 0x5245, 0x524B, 0x5261, 0x526D, 0x5273, 0x5281, 0x5293, 0x5297,
- 0x529D, 0x52A5, 0x52AB, 0x52B1, 0x52BB, 0x52C3, 0x52C7, 0x52C9,
- 0x52DB, 0x52E5, 0x52EB, 0x52FF, 0x5315, 0x531D, 0x5323, 0x5341,
- 0x5345, 0x5347, 0x534B, 0x535D, 0x5363, 0x5381, 0x5383, 0x5387,
- 0x538F, 0x5395, 0x5399, 0x539F, 0x53AB, 0x53B9, 0x53DB, 0x53E9,
- 0x53EF, 0x53F3, 0x53F5, 0x53FB, 0x53FF, 0x540D, 0x5411, 0x5413,
- 0x5419, 0x5435, 0x5437, 0x543B, 0x5441, 0x5449, 0x5453, 0x5455,
- 0x545F, 0x5461, 0x546B, 0x546D, 0x5471, 0x548F, 0x5491, 0x549D,
- 0x54A9, 0x54B3, 0x54C5, 0x54D1, 0x54DF, 0x54E9, 0x54EB, 0x54F7,
- 0x54FD, 0x5507, 0x550D, 0x551B, 0x5527, 0x552B, 0x5539, 0x553D,
- 0x554F, 0x5551, 0x555B, 0x5563, 0x5567, 0x556F, 0x5579, 0x5585,
- 0x5597, 0x55A9, 0x55B1, 0x55B7, 0x55C9, 0x55D9, 0x55E7, 0x55ED,
- 0x55F3, 0x55FD, 0x560B, 0x560F, 0x5615, 0x5617, 0x5623, 0x562F,
- 0x5633, 0x5639, 0x563F, 0x564B, 0x564D, 0x565D, 0x565F, 0x566B,
- 0x5671, 0x5675, 0x5683, 0x5689, 0x568D, 0x568F, 0x569B, 0x56AD,
- 0x56B1, 0x56D5, 0x56E7, 0x56F3, 0x56FF, 0x5701, 0x5705, 0x5707,
- 0x570B, 0x5713, 0x571F, 0x5723, 0x5747, 0x574D, 0x575F, 0x5761,
- 0x576D, 0x5777, 0x577D, 0x5789, 0x57A1, 0x57A9, 0x57AF, 0x57B5,
- 0x57C5, 0x57D1, 0x57D3, 0x57E5, 0x57EF, 0x5803, 0x580D, 0x580F,
- 0x5815, 0x5827, 0x582B, 0x582D, 0x5855, 0x585B, 0x585D, 0x586D,
- 0x586F, 0x5873, 0x587B, 0x588D, 0x5897, 0x58A3, 0x58A9, 0x58AB,
- 0x58B5, 0x58BD, 0x58C1, 0x58C7, 0x58D3, 0x58D5, 0x58DF, 0x58F1,
- 0x58F9, 0x58FF, 0x5903, 0x5917, 0x591B, 0x5921, 0x5945, 0x594B,
- 0x594D, 0x5957, 0x595D, 0x5975, 0x597B, 0x5989, 0x5999, 0x599F,
- 0x59B1, 0x59B3, 0x59BD, 0x59D1, 0x59DB, 0x59E3, 0x59E9, 0x59ED,
- 0x59F3, 0x59F5, 0x59FF, 0x5A01, 0x5A0D, 0x5A11, 0x5A13, 0x5A17,
- 0x5A1F, 0x5A29, 0x5A2F, 0x5A3B, 0x5A4D, 0x5A5B, 0x5A67, 0x5A77,
- 0x5A7F, 0x5A85, 0x5A95, 0x5A9D, 0x5AA1, 0x5AA3, 0x5AA9, 0x5ABB,
- 0x5AD3, 0x5AE5, 0x5AEF, 0x5AFB, 0x5AFD, 0x5B01, 0x5B0F, 0x5B19,
- 0x5B1F, 0x5B25, 0x5B2B, 0x5B3D, 0x5B49, 0x5B4B, 0x5B67, 0x5B79,
- 0x5B87, 0x5B97, 0x5BA3, 0x5BB1, 0x5BC9, 0x5BD5, 0x5BEB, 0x5BF1,
- 0x5BF3, 0x5BFD, 0x5C05, 0x5C09, 0x5C0B, 0x5C0F, 0x5C1D, 0x5C29,
- 0x5C2F, 0x5C33, 0x5C39, 0x5C47, 0x5C4B, 0x5C4D, 0x5C51, 0x5C6F,
- 0x5C75, 0x5C77, 0x5C7D, 0x5C87, 0x5C89, 0x5CA7, 0x5CBD, 0x5CBF,
- 0x5CC3, 0x5CC9, 0x5CD1, 0x5CD7, 0x5CDD, 0x5CED, 0x5CF9, 0x5D05,
- 0x5D0B, 0x5D13, 0x5D17, 0x5D19, 0x5D31, 0x5D3D, 0x5D41, 0x5D47,
- 0x5D4F, 0x5D55, 0x5D5B, 0x5D65, 0x5D67, 0x5D6D, 0x5D79, 0x5D95,
- 0x5DA3, 0x5DA9, 0x5DAD, 0x5DB9, 0x5DC1, 0x5DC7, 0x5DD3, 0x5DD7,
- 0x5DDD, 0x5DEB, 0x5DF1, 0x5DFD, 0x5E07, 0x5E0D, 0x5E13, 0x5E1B,
- 0x5E21, 0x5E27, 0x5E2B, 0x5E2D, 0x5E31, 0x5E39, 0x5E45, 0x5E49,
- 0x5E57, 0x5E69, 0x5E73, 0x5E75, 0x5E85, 0x5E8B, 0x5E9F, 0x5EA5,
- 0x5EAF, 0x5EB7, 0x5EBB, 0x5ED9, 0x5EFD, 0x5F09, 0x5F11, 0x5F27,
- 0x5F33, 0x5F35, 0x5F3B, 0x5F47, 0x5F57, 0x5F5D, 0x5F63, 0x5F65,
- 0x5F77, 0x5F7B, 0x5F95, 0x5F99, 0x5FA1, 0x5FB3, 0x5FBD, 0x5FC5,
- 0x5FCF, 0x5FD5, 0x5FE3, 0x5FE7, 0x5FFB, 0x6011, 0x6023, 0x602F,
- 0x6037, 0x6053, 0x605F, 0x6065, 0x606B, 0x6073, 0x6079, 0x6085,
- 0x609D, 0x60AD, 0x60BB, 0x60BF, 0x60CD, 0x60D9, 0x60DF, 0x60E9,
- 0x60F5, 0x6109, 0x610F, 0x6113, 0x611B, 0x612D, 0x6139, 0x614B,
- 0x6155, 0x6157, 0x615B, 0x616F, 0x6179, 0x6187, 0x618B, 0x6191,
- 0x6193, 0x619D, 0x61B5, 0x61C7, 0x61C9, 0x61CD, 0x61E1, 0x61F1,
- 0x61FF, 0x6209, 0x6217, 0x621D, 0x6221, 0x6227, 0x623B, 0x6241,
- 0x624B, 0x6251, 0x6253, 0x625F, 0x6265, 0x6283, 0x628D, 0x6295,
- 0x629B, 0x629F, 0x62A5, 0x62AD, 0x62D5, 0x62D7, 0x62DB, 0x62DD,
- 0x62E9, 0x62FB, 0x62FF, 0x6305, 0x630D, 0x6317, 0x631D, 0x632F,
- 0x6341, 0x6343, 0x634F, 0x635F, 0x6367, 0x636D, 0x6371, 0x6377,
- 0x637D, 0x637F, 0x63B3, 0x63C1, 0x63C5, 0x63D9, 0x63E9, 0x63EB,
- 0x63EF, 0x63F5, 0x6401, 0x6403, 0x6409, 0x6415, 0x6421, 0x6427,
- 0x642B, 0x6439, 0x6443, 0x6449, 0x644F, 0x645D, 0x6467, 0x6475,
- 0x6485, 0x648D, 0x6493, 0x649F, 0x64A3, 0x64AB, 0x64C1, 0x64C7,
- 0x64C9, 0x64DB, 0x64F1, 0x64F7, 0x64F9, 0x650B, 0x6511, 0x6521,
- 0x652F, 0x6539, 0x653F, 0x654B, 0x654D, 0x6553, 0x6557, 0x655F,
- 0x6571, 0x657D, 0x658D, 0x658F, 0x6593, 0x65A1, 0x65A5, 0x65AD,
- 0x65B9, 0x65C5, 0x65E3, 0x65F3, 0x65FB, 0x65FF, 0x6601, 0x6607,
- 0x661D, 0x6629, 0x6631, 0x663B, 0x6641, 0x6647, 0x664D, 0x665B,
- 0x6661, 0x6673, 0x667D, 0x6689, 0x668B, 0x6695, 0x6697, 0x669B,
- 0x66B5, 0x66B9, 0x66C5, 0x66CD, 0x66D1, 0x66E3, 0x66EB, 0x66F5,
- 0x6703, 0x6713, 0x6719, 0x671F, 0x6727, 0x6731, 0x6737, 0x673F,
- 0x6745, 0x6751, 0x675B, 0x676F, 0x6779, 0x6781, 0x6785, 0x6791,
- 0x67AB, 0x67BD, 0x67C1, 0x67CD, 0x67DF, 0x67E5, 0x6803, 0x6809,
- 0x6811, 0x6817, 0x682D, 0x6839, 0x683B, 0x683F, 0x6845, 0x684B,
- 0x684D, 0x6857, 0x6859, 0x685D, 0x6863, 0x6869, 0x686B, 0x6871,
- 0x6887, 0x6899, 0x689F, 0x68B1, 0x68BD, 0x68C5, 0x68D1, 0x68D7,
- 0x68E1, 0x68ED, 0x68EF, 0x68FF, 0x6901, 0x690B, 0x690D, 0x6917,
- 0x6929, 0x692F, 0x6943, 0x6947, 0x6949, 0x694F, 0x6965, 0x696B,
- 0x6971, 0x6983, 0x6989, 0x6997, 0x69A3, 0x69B3, 0x69B5, 0x69BB,
- 0x69C1, 0x69C5, 0x69D3, 0x69DF, 0x69E3, 0x69E5, 0x69F7, 0x6A07,
- 0x6A2B, 0x6A37, 0x6A3D, 0x6A4B, 0x6A67, 0x6A69, 0x6A75, 0x6A7B,
- 0x6A87, 0x6A8D, 0x6A91, 0x6A93, 0x6AA3, 0x6AC1, 0x6AC9, 0x6AE1,
- 0x6AE7, 0x6B05, 0x6B0F, 0x6B11, 0x6B23, 0x6B27, 0x6B2D, 0x6B39,
- 0x6B41, 0x6B57, 0x6B59, 0x6B5F, 0x6B75, 0x6B87, 0x6B89, 0x6B93,
- 0x6B95, 0x6B9F, 0x6BBD, 0x6BBF, 0x6BDB, 0x6BE1, 0x6BEF, 0x6BFF,
- 0x6C05, 0x6C19, 0x6C29, 0x6C2B, 0x6C31, 0x6C35, 0x6C55, 0x6C59,
- 0x6C5B, 0x6C5F, 0x6C65, 0x6C67, 0x6C73, 0x6C77, 0x6C7D, 0x6C83,
- 0x6C8F, 0x6C91, 0x6C97, 0x6C9B, 0x6CA1, 0x6CA9, 0x6CAF, 0x6CB3,
- 0x6CC7, 0x6CCB, 0x6CEB, 0x6CF5, 0x6CFD, 0x6D0D, 0x6D0F, 0x6D25,
- 0x6D27, 0x6D2B, 0x6D31, 0x6D39, 0x6D3F, 0x6D4F, 0x6D5D, 0x6D61,
- 0x6D73, 0x6D7B, 0x6D7F, 0x6D93, 0x6D99, 0x6DA5, 0x6DB1, 0x6DB7,
- 0x6DC1, 0x6DC3, 0x6DCD, 0x6DCF, 0x6DDB, 0x6DF7, 0x6E03, 0x6E15,
- 0x6E17, 0x6E29, 0x6E33, 0x6E3B, 0x6E45, 0x6E75, 0x6E77, 0x6E7B,
- 0x6E81, 0x6E89, 0x6E93, 0x6E95, 0x6E9F, 0x6EBD, 0x6EBF, 0x6EE3,
- 0x6EE9, 0x6EF3, 0x6EF9, 0x6EFB, 0x6F0D, 0x6F11, 0x6F17, 0x6F1F,
- 0x6F2F, 0x6F3D, 0x6F4D, 0x6F53, 0x6F61, 0x6F65, 0x6F79, 0x6F7D,
- 0x6F83, 0x6F85, 0x6F8F, 0x6F9B, 0x6F9D, 0x6FA3, 0x6FAF, 0x6FB5,
- 0x6FBB, 0x6FBF, 0x6FCB, 0x6FCD, 0x6FD3, 0x6FD7, 0x6FE3, 0x6FE9,
- 0x6FF1, 0x6FF5, 0x6FF7, 0x6FFD, 0x700F, 0x7019, 0x701F, 0x7027,
- 0x7033, 0x7039, 0x704F, 0x7051, 0x7057, 0x7063, 0x7075, 0x7079,
- 0x7087, 0x708D, 0x7091, 0x70A5, 0x70AB, 0x70BB, 0x70C3, 0x70C7,
- 0x70CF, 0x70E5, 0x70ED, 0x70F9, 0x70FF, 0x7105, 0x7115, 0x7121,
- 0x7133, 0x7151, 0x7159, 0x715D, 0x715F, 0x7163, 0x7169, 0x7183,
- 0x7187, 0x7195, 0x71AD, 0x71C3, 0x71C9, 0x71CB, 0x71D1, 0x71DB,
- 0x71E1, 0x71EF, 0x71F5, 0x71FB, 0x7207, 0x7211, 0x7217, 0x7219,
- 0x7225, 0x722F, 0x723B, 0x7243, 0x7255, 0x7267, 0x7271, 0x7277,
- 0x727F, 0x728F, 0x7295, 0x729B, 0x72A3, 0x72B3, 0x72C7, 0x72CB,
- 0x72CD, 0x72D7, 0x72D9, 0x72E3, 0x72EF, 0x72F5, 0x72FD, 0x7303,
- 0x730D, 0x7321, 0x732B, 0x733D, 0x7357, 0x735B, 0x7361, 0x737F,
- 0x7381, 0x7385, 0x738D, 0x7393, 0x739F, 0x73AB, 0x73BD, 0x73C1,
- 0x73C9, 0x73DF, 0x73E5, 0x73E7, 0x73F3, 0x7415, 0x741B, 0x742D,
- 0x7439, 0x743F, 0x7441, 0x745D, 0x746B, 0x747B, 0x7489, 0x748D,
- 0x749B, 0x74A7, 0x74AB, 0x74B1, 0x74B7, 0x74B9, 0x74DD, 0x74E1,
- 0x74E7, 0x74FB, 0x7507, 0x751F, 0x7525, 0x753B, 0x753D, 0x754D,
- 0x755F, 0x756B, 0x7577, 0x7589, 0x758B, 0x7591, 0x7597, 0x759D,
- 0x75A1, 0x75A7, 0x75B5, 0x75B9, 0x75BB, 0x75D1, 0x75D9, 0x75E5,
- 0x75EB, 0x75F5, 0x75FB, 0x7603, 0x760F, 0x7621, 0x762D, 0x7633,
- 0x763D, 0x763F, 0x7655, 0x7663, 0x7669, 0x766F, 0x7673, 0x7685,
- 0x768B, 0x769F, 0x76B5, 0x76B7, 0x76C3, 0x76DB, 0x76DF, 0x76F1,
- 0x7703, 0x7705, 0x771B, 0x771D, 0x7721, 0x772D, 0x7735, 0x7741,
- 0x774B, 0x7759, 0x775D, 0x775F, 0x7771, 0x7781, 0x77A7, 0x77AD,
- 0x77B3, 0x77B9, 0x77C5, 0x77CF, 0x77D5, 0x77E1, 0x77E9, 0x77EF,
- 0x77F3, 0x77F9, 0x7807, 0x7825, 0x782B, 0x7835, 0x783D, 0x7853,
- 0x7859, 0x7861, 0x786D, 0x7877, 0x7879, 0x7883, 0x7885, 0x788B,
- 0x7895, 0x7897, 0x78A1, 0x78AD, 0x78BF, 0x78D3, 0x78D9, 0x78DD,
- 0x78E5, 0x78FB, 0x7901, 0x7907, 0x7925, 0x792B, 0x7939, 0x793F,
- 0x794B, 0x7957, 0x795D, 0x7967, 0x7969, 0x7973, 0x7991, 0x7993,
- 0x79A3, 0x79AB, 0x79AF, 0x79B1, 0x79B7, 0x79C9, 0x79CD, 0x79CF,
- 0x79D5, 0x79D9, 0x79F3, 0x79F7, 0x79FF, 0x7A05, 0x7A0F, 0x7A11,
- 0x7A15, 0x7A1B, 0x7A23, 0x7A27, 0x7A2D, 0x7A4B, 0x7A57, 0x7A59,
- 0x7A5F, 0x7A65, 0x7A69, 0x7A7D, 0x7A93, 0x7A9B, 0x7A9F, 0x7AA1,
- 0x7AA5, 0x7AED, 0x7AF5, 0x7AF9, 0x7B01, 0x7B17, 0x7B19, 0x7B1D,
- 0x7B2B, 0x7B35, 0x7B37, 0x7B3B, 0x7B4F, 0x7B55, 0x7B5F, 0x7B71,
- 0x7B77, 0x7B8B, 0x7B9B, 0x7BA1, 0x7BA9, 0x7BAF, 0x7BB3, 0x7BC7,
- 0x7BD3, 0x7BE9, 0x7BEB, 0x7BEF, 0x7BF1, 0x7BFD, 0x7C07, 0x7C19,
- 0x7C1B, 0x7C31, 0x7C37, 0x7C49, 0x7C67, 0x7C69, 0x7C73, 0x7C81,
- 0x7C8B, 0x7C93, 0x7CA3, 0x7CD5, 0x7CDB, 0x7CE5, 0x7CED, 0x7CF7,
- 0x7D03, 0x7D09, 0x7D1B, 0x7D1D, 0x7D33, 0x7D39, 0x7D3B, 0x7D3F,
- 0x7D45, 0x7D4D, 0x7D53, 0x7D59, 0x7D63, 0x7D75, 0x7D77, 0x7D8D,
- 0x7D8F, 0x7D9F, 0x7DAD, 0x7DB7, 0x7DBD, 0x7DBF, 0x7DCB, 0x7DD5,
- 0x7DE9, 0x7DED, 0x7DFB, 0x7E01, 0x7E05, 0x7E29, 0x7E2B, 0x7E2F,
- 0x7E35, 0x7E41, 0x7E43, 0x7E47, 0x7E55, 0x7E61, 0x7E67, 0x7E6B,
- 0x7E71, 0x7E73, 0x7E79, 0x7E7D, 0x7E91, 0x7E9B, 0x7E9D, 0x7EA7,
- 0x7EAD, 0x7EB9, 0x7EBB, 0x7ED3, 0x7EDF, 0x7EEB, 0x7EF1, 0x7EF7,
- 0x7EFB, 0x7F13, 0x7F15, 0x7F19, 0x7F31, 0x7F33, 0x7F39, 0x7F3D,
- 0x7F43, 0x7F4B, 0x7F5B, 0x7F61, 0x7F63, 0x7F6D, 0x7F79, 0x7F87,
- 0x7F8D, 0x7FAF, 0x7FB5, 0x7FC3, 0x7FC9, 0x7FCD, 0x7FCF, 0x7FED,
- 0x8003, 0x800B, 0x800F, 0x8015, 0x801D, 0x8021, 0x8023, 0x803F,
- 0x8041, 0x8047, 0x804B, 0x8065, 0x8077, 0x808D, 0x808F, 0x8095,
- 0x80A5, 0x80AB, 0x80AD, 0x80BD, 0x80C9, 0x80CB, 0x80D7, 0x80DB,
- 0x80E1, 0x80E7, 0x80F5, 0x80FF, 0x8105, 0x810D, 0x8119, 0x811D,
- 0x812F, 0x8131, 0x813B, 0x8143, 0x8153, 0x8159, 0x815F, 0x817D,
- 0x817F, 0x8189, 0x819B, 0x819D, 0x81A7, 0x81AF, 0x81B3, 0x81BB,
- 0x81C7, 0x81DF, 0x8207, 0x8209, 0x8215, 0x821F, 0x8225, 0x8231,
- 0x8233, 0x823F, 0x8243, 0x8245, 0x8249, 0x824F, 0x8261, 0x826F,
- 0x827B, 0x8281, 0x8285, 0x8293, 0x82B1, 0x82B5, 0x82BD, 0x82C7,
- 0x82CF, 0x82D5, 0x82DF, 0x82F1, 0x82F9, 0x82FD, 0x830B, 0x831B,
- 0x8321, 0x8329, 0x832D, 0x8333, 0x8335, 0x833F, 0x8341, 0x834D,
- 0x8351, 0x8353, 0x8357, 0x835D, 0x8365, 0x8369, 0x836F, 0x838F,
- 0x83A7, 0x83B1, 0x83B9, 0x83CB, 0x83D5, 0x83D7, 0x83DD, 0x83E7,
- 0x83E9, 0x83ED, 0x83FF, 0x8405, 0x8411, 0x8413, 0x8423, 0x8425,
- 0x843B, 0x8441, 0x8447, 0x844F, 0x8461, 0x8465, 0x8477, 0x8483,
- 0x848B, 0x8491, 0x8495, 0x84A9, 0x84AF, 0x84CD, 0x84E3, 0x84EF,
- 0x84F1, 0x84F7, 0x8509, 0x850D, 0x854B, 0x854F, 0x8551, 0x855D,
- 0x8563, 0x856D, 0x856F, 0x857B, 0x8587, 0x85A3, 0x85A5, 0x85A9,
- 0x85B7, 0x85CD, 0x85D3, 0x85D5, 0x85DB, 0x85E1, 0x85EB, 0x85F9,
- 0x85FD, 0x85FF, 0x8609, 0x860F, 0x8617, 0x8621, 0x862F, 0x8639,
- 0x863F, 0x8641, 0x864D, 0x8663, 0x8675, 0x867D, 0x8687, 0x8699,
- 0x86A5, 0x86A7, 0x86B3, 0x86B7, 0x86C3, 0x86C5, 0x86CF, 0x86D1,
- 0x86D7, 0x86E9, 0x86EF, 0x86F5, 0x8717, 0x871D, 0x871F, 0x872B,
- 0x872F, 0x8735, 0x8747, 0x8759, 0x875B, 0x876B, 0x8771, 0x8777,
- 0x877F, 0x8785, 0x878F, 0x87A1, 0x87A9, 0x87B3, 0x87BB, 0x87C5,
- 0x87C7, 0x87CB, 0x87DD, 0x87F7, 0x8803, 0x8819, 0x881B, 0x881F,
- 0x8821, 0x8837, 0x883D, 0x8843, 0x8851, 0x8861, 0x8867, 0x887B,
- 0x8885, 0x8891, 0x8893, 0x88A5, 0x88CF, 0x88D3, 0x88EB, 0x88ED,
- 0x88F3, 0x88FD, 0x8909, 0x890B, 0x8911, 0x891B, 0x8923, 0x8927,
- 0x892D, 0x8939, 0x8945, 0x894D, 0x8951, 0x8957, 0x8963, 0x8981,
- 0x8995, 0x899B, 0x89B3, 0x89B9, 0x89C3, 0x89CF, 0x89D1, 0x89DB,
- 0x89EF, 0x89F5, 0x89FB, 0x89FF, 0x8A0B, 0x8A19, 0x8A23, 0x8A35,
- 0x8A41, 0x8A49, 0x8A4F, 0x8A5B, 0x8A5F, 0x8A6D, 0x8A77, 0x8A79,
- 0x8A85, 0x8AA3, 0x8AB3, 0x8AB5, 0x8AC1, 0x8AC7, 0x8ACB, 0x8ACD,
- 0x8AD1, 0x8AD7, 0x8AF1, 0x8AF5, 0x8B07, 0x8B09, 0x8B0D, 0x8B13,
- 0x8B21, 0x8B57, 0x8B5D, 0x8B91, 0x8B93, 0x8BA3, 0x8BA9, 0x8BAF,
- 0x8BBB, 0x8BD5, 0x8BD9, 0x8BDB, 0x8BE1, 0x8BF7, 0x8BFD, 0x8BFF,
- 0x8C0B, 0x8C17, 0x8C1D, 0x8C27, 0x8C39, 0x8C3B, 0x8C47, 0x8C53,
- 0x8C5D, 0x8C6F, 0x8C7B, 0x8C81, 0x8C89, 0x8C8F, 0x8C99, 0x8C9F,
- 0x8CA7, 0x8CAB, 0x8CAD, 0x8CB1, 0x8CC5, 0x8CDD, 0x8CE3, 0x8CE9,
- 0x8CF3, 0x8D01, 0x8D0B, 0x8D0D, 0x8D23, 0x8D29, 0x8D37, 0x8D41,
- 0x8D5B, 0x8D5F, 0x8D71, 0x8D79, 0x8D85, 0x8D91, 0x8D9B, 0x8DA7,
- 0x8DAD, 0x8DB5, 0x8DC5, 0x8DCB, 0x8DD3, 0x8DD9, 0x8DDF, 0x8DF5,
- 0x8DF7, 0x8E01, 0x8E15, 0x8E1F, 0x8E25, 0x8E51, 0x8E63, 0x8E69,
- 0x8E73, 0x8E75, 0x8E79, 0x8E7F, 0x8E8D, 0x8E91, 0x8EAB, 0x8EAF,
- 0x8EB1, 0x8EBD, 0x8EC7, 0x8ECF, 0x8ED3, 0x8EDB, 0x8EE7, 0x8EEB,
- 0x8EF7, 0x8EFF, 0x8F15, 0x8F1D, 0x8F23, 0x8F2D, 0x8F3F, 0x8F45,
- 0x8F4B, 0x8F53, 0x8F59, 0x8F65, 0x8F69, 0x8F71, 0x8F83, 0x8F8D,
- 0x8F99, 0x8F9F, 0x8FAB, 0x8FAD, 0x8FB3, 0x8FB7, 0x8FB9, 0x8FC9,
- 0x8FD5, 0x8FE1, 0x8FEF, 0x8FF9, 0x9007, 0x900D, 0x9017, 0x9023,
- 0x9025, 0x9031, 0x9037, 0x903B, 0x9041, 0x9043, 0x904F, 0x9053,
- 0x906D, 0x9073, 0x9085, 0x908B, 0x9095, 0x909B, 0x909D, 0x90AF,
- 0x90B9, 0x90C1, 0x90C5, 0x90DF, 0x90E9, 0x90FD, 0x9103, 0x9113,
- 0x9127, 0x9133, 0x913D, 0x9145, 0x914F, 0x9151, 0x9161, 0x9167,
- 0x917B, 0x9185, 0x9199, 0x919D, 0x91BB, 0x91BD, 0x91C1, 0x91C9,
- 0x91D9, 0x91DB, 0x91ED, 0x91F1, 0x91F3, 0x91F9, 0x9203, 0x9215,
- 0x9221, 0x922F, 0x9241, 0x9247, 0x9257, 0x926B, 0x9271, 0x9275,
- 0x927D, 0x9283, 0x9287, 0x928D, 0x9299, 0x92A1, 0x92AB, 0x92AD,
- 0x92B9, 0x92BF, 0x92C3, 0x92C5, 0x92CB, 0x92D5, 0x92D7, 0x92E7,
- 0x92F3, 0x9301, 0x930B, 0x9311, 0x9319, 0x931F, 0x933B, 0x933D,
- 0x9343, 0x9355, 0x9373, 0x9395, 0x9397, 0x93A7, 0x93B3, 0x93B5,
- 0x93C7, 0x93D7, 0x93DD, 0x93E5, 0x93EF, 0x93F7, 0x9401, 0x9409,
- 0x9413, 0x943F, 0x9445, 0x944B, 0x944F, 0x9463, 0x9467, 0x9469,
- 0x946D, 0x947B, 0x9497, 0x949F, 0x94A5, 0x94B5, 0x94C3, 0x94E1,
- 0x94E7, 0x9505, 0x9509, 0x9517, 0x9521, 0x9527, 0x952D, 0x9535,
- 0x9539, 0x954B, 0x9557, 0x955D, 0x955F, 0x9575, 0x9581, 0x9589,
- 0x958F, 0x959B, 0x959F, 0x95AD, 0x95B1, 0x95B7, 0x95B9, 0x95BD,
- 0x95CF, 0x95E3, 0x95E9, 0x95F9, 0x961F, 0x962F, 0x9631, 0x9635,
- 0x963B, 0x963D, 0x9665, 0x968F, 0x969D, 0x96A1, 0x96A7, 0x96A9,
- 0x96C1, 0x96CB, 0x96D1, 0x96D3, 0x96E5, 0x96EF, 0x96FB, 0x96FD,
- 0x970D, 0x970F, 0x9715, 0x9725, 0x972B, 0x9733, 0x9737, 0x9739,
- 0x9743, 0x9749, 0x9751, 0x975B, 0x975D, 0x976F, 0x977F, 0x9787,
- 0x9793, 0x97A5, 0x97B1, 0x97B7, 0x97C3, 0x97CD, 0x97D3, 0x97D9,
- 0x97EB, 0x97F7, 0x9805, 0x9809, 0x980B, 0x9815, 0x9829, 0x982F,
- 0x983B, 0x9841, 0x9851, 0x986B, 0x986F, 0x9881, 0x9883, 0x9887,
- 0x98A7, 0x98B1, 0x98B9, 0x98BF, 0x98C3, 0x98C9, 0x98CF, 0x98DD,
- 0x98E3, 0x98F5, 0x98F9, 0x98FB, 0x990D, 0x9917, 0x991F, 0x9929,
- 0x9931, 0x993B, 0x993D, 0x9941, 0x9947, 0x9949, 0x9953, 0x997D,
- 0x9985, 0x9991, 0x9995, 0x999B, 0x99AD, 0x99AF, 0x99BF, 0x99C7,
- 0x99CB, 0x99CD, 0x99D7, 0x99E5, 0x99F1, 0x99FB, 0x9A0F, 0x9A13,
- 0x9A1B, 0x9A25, 0x9A4B, 0x9A4F, 0x9A55, 0x9A57, 0x9A61, 0x9A75,
- 0x9A7F, 0x9A8B, 0x9A91, 0x9A9D, 0x9AB7, 0x9AC3, 0x9AC7, 0x9ACF,
- 0x9AEB, 0x9AF3, 0x9AF7, 0x9AFF, 0x9B17, 0x9B1D, 0x9B27, 0x9B2F,
- 0x9B35, 0x9B45, 0x9B51, 0x9B59, 0x9B63, 0x9B6F, 0x9B77, 0x9B8D,
- 0x9B93, 0x9B95, 0x9B9F, 0x9BA1, 0x9BA7, 0x9BB1, 0x9BB7, 0x9BBD,
- 0x9BC5, 0x9BCB, 0x9BCF, 0x9BDD, 0x9BF9, 0x9C01, 0x9C11, 0x9C23,
- 0x9C2B, 0x9C2F, 0x9C35, 0x9C49, 0x9C4D, 0x9C5F, 0x9C65, 0x9C67,
- 0x9C7F, 0x9C97, 0x9C9D, 0x9CA3, 0x9CAF, 0x9CBB, 0x9CBF, 0x9CC1,
- 0x9CD7, 0x9CD9, 0x9CE3, 0x9CE9, 0x9CF1, 0x9CFD, 0x9D01, 0x9D15,
- 0x9D27, 0x9D2D, 0x9D31, 0x9D3D, 0x9D55, 0x9D5B, 0x9D61, 0x9D97,
- 0x9D9F, 0x9DA5, 0x9DA9, 0x9DC3, 0x9DE7, 0x9DEB, 0x9DED, 0x9DF1,
- 0x9E0B, 0x9E17, 0x9E23, 0x9E27, 0x9E2D, 0x9E33, 0x9E3B, 0x9E47,
- 0x9E51, 0x9E53, 0x9E5F, 0x9E6F, 0x9E81, 0x9E87, 0x9E8F, 0x9E95,
- 0x9EA1, 0x9EB3, 0x9EBD, 0x9EBF, 0x9EF5, 0x9EF9, 0x9EFB, 0x9F05,
- 0x9F23, 0x9F2F, 0x9F37, 0x9F3B, 0x9F43, 0x9F53, 0x9F61, 0x9F6D,
- 0x9F73, 0x9F77, 0x9F7D, 0x9F89, 0x9F8F, 0x9F91, 0x9F95, 0x9FA3,
- 0x9FAF, 0x9FB3, 0x9FC1, 0x9FC7, 0x9FDF, 0x9FE5, 0x9FEB, 0x9FF5,
- 0xA001, 0xA00D, 0xA021, 0xA033, 0xA039, 0xA03F, 0xA04F, 0xA057,
- 0xA05B, 0xA061, 0xA075, 0xA079, 0xA099, 0xA09D, 0xA0AB, 0xA0B5,
- 0xA0B7, 0xA0BD, 0xA0C9, 0xA0D9, 0xA0DB, 0xA0DF, 0xA0E5, 0xA0F1,
- 0xA0F3, 0xA0FD, 0xA105, 0xA10B, 0xA10F, 0xA111, 0xA11B, 0xA129,
- 0xA12F, 0xA135, 0xA141, 0xA153, 0xA175, 0xA17D, 0xA187, 0xA18D,
- 0xA1A5, 0xA1AB, 0xA1AD, 0xA1B7, 0xA1C3, 0xA1C5, 0xA1E3, 0xA1ED,
- 0xA1FB, 0xA207, 0xA213, 0xA223, 0xA229, 0xA22F, 0xA231, 0xA243,
- 0xA247, 0xA24D, 0xA26B, 0xA279, 0xA27D, 0xA283, 0xA289, 0xA28B,
- 0xA291, 0xA295, 0xA29B, 0xA2A9, 0xA2AF, 0xA2B3, 0xA2BB, 0xA2C5,
- 0xA2D1, 0xA2D7, 0xA2F7, 0xA301, 0xA309, 0xA31F, 0xA321, 0xA32B,
- 0xA331, 0xA349, 0xA351, 0xA355, 0xA373, 0xA379, 0xA37B, 0xA387,
- 0xA397, 0xA39F, 0xA3A5, 0xA3A9, 0xA3AF, 0xA3B7, 0xA3C7, 0xA3D5,
- 0xA3DB, 0xA3E1, 0xA3E5, 0xA3E7, 0xA3F1, 0xA3FD, 0xA3FF, 0xA40F,
- 0xA41D, 0xA421, 0xA423, 0xA427, 0xA43B, 0xA44D, 0xA457, 0xA459,
- 0xA463, 0xA469, 0xA475, 0xA493, 0xA49B, 0xA4AD, 0xA4B9, 0xA4C3,
- 0xA4C5, 0xA4CB, 0xA4D1, 0xA4D5, 0xA4E1, 0xA4ED, 0xA4EF, 0xA4F3,
- 0xA4FF, 0xA511, 0xA529, 0xA52B, 0xA535, 0xA53B, 0xA543, 0xA553,
- 0xA55B, 0xA561, 0xA56D, 0xA577, 0xA585, 0xA58B, 0xA597, 0xA59D,
- 0xA5A3, 0xA5A7, 0xA5A9, 0xA5C1, 0xA5C5, 0xA5CB, 0xA5D3, 0xA5D9,
- 0xA5DD, 0xA5DF, 0xA5E3, 0xA5E9, 0xA5F7, 0xA5FB, 0xA603, 0xA60D,
- 0xA625, 0xA63D, 0xA649, 0xA64B, 0xA651, 0xA65D, 0xA673, 0xA691,
- 0xA693, 0xA699, 0xA6AB, 0xA6B5, 0xA6BB, 0xA6C1, 0xA6C9, 0xA6CD,
- 0xA6CF, 0xA6D5, 0xA6DF, 0xA6E7, 0xA6F1, 0xA6F7, 0xA6FF, 0xA70F,
- 0xA715, 0xA723, 0xA729, 0xA72D, 0xA745, 0xA74D, 0xA757, 0xA759,
- 0xA765, 0xA76B, 0xA76F, 0xA793, 0xA795, 0xA7AB, 0xA7B1, 0xA7B9,
- 0xA7BF, 0xA7C9, 0xA7D1, 0xA7D7, 0xA7E3, 0xA7ED, 0xA7FB, 0xA805,
- 0xA80B, 0xA81D, 0xA829, 0xA82B, 0xA837, 0xA83B, 0xA855, 0xA85F,
- 0xA86D, 0xA87D, 0xA88F, 0xA897, 0xA8A9, 0xA8B5, 0xA8C1, 0xA8C7,
- 0xA8D7, 0xA8E5, 0xA8FD, 0xA907, 0xA913, 0xA91B, 0xA931, 0xA937,
- 0xA939, 0xA943, 0xA97F, 0xA985, 0xA987, 0xA98B, 0xA993, 0xA9A3,
- 0xA9B1, 0xA9BB, 0xA9C1, 0xA9D9, 0xA9DF, 0xA9EB, 0xA9FD, 0xAA15,
- 0xAA17, 0xAA35, 0xAA39, 0xAA3B, 0xAA47, 0xAA4D, 0xAA57, 0xAA59,
- 0xAA5D, 0xAA6B, 0xAA71, 0xAA81, 0xAA83, 0xAA8D, 0xAA95, 0xAAAB,
- 0xAABF, 0xAAC5, 0xAAC9, 0xAAE9, 0xAAEF, 0xAB01, 0xAB05, 0xAB07,
- 0xAB0B, 0xAB0D, 0xAB11, 0xAB19, 0xAB4D, 0xAB5B, 0xAB71, 0xAB73,
- 0xAB89, 0xAB9D, 0xABA7, 0xABAF, 0xABB9, 0xABBB, 0xABC1, 0xABC5,
- 0xABD3, 0xABD7, 0xABDD, 0xABF1, 0xABF5, 0xABFB, 0xABFD, 0xAC09,
- 0xAC15, 0xAC1B, 0xAC27, 0xAC37, 0xAC39, 0xAC45, 0xAC4F, 0xAC57,
- 0xAC5B, 0xAC61, 0xAC63, 0xAC7F, 0xAC8B, 0xAC93, 0xAC9D, 0xACA9,
- 0xACAB, 0xACAF, 0xACBD, 0xACD9, 0xACE1, 0xACE7, 0xACEB, 0xACED,
- 0xACF1, 0xACF7, 0xACF9, 0xAD05, 0xAD3F, 0xAD45, 0xAD53, 0xAD5D,
- 0xAD5F, 0xAD65, 0xAD81, 0xADA1, 0xADA5, 0xADC3, 0xADCB, 0xADD1,
- 0xADD5, 0xADDB, 0xADE7, 0xADF3, 0xADF5, 0xADF9, 0xADFF, 0xAE05,
- 0xAE13, 0xAE23, 0xAE2B, 0xAE49, 0xAE4D, 0xAE4F, 0xAE59, 0xAE61,
- 0xAE67, 0xAE6B, 0xAE71, 0xAE8B, 0xAE8F, 0xAE9B, 0xAE9D, 0xAEA7,
- 0xAEB9, 0xAEC5, 0xAED1, 0xAEE3, 0xAEE5, 0xAEE9, 0xAEF5, 0xAEFD,
- 0xAF09, 0xAF13, 0xAF27, 0xAF2B, 0xAF33, 0xAF43, 0xAF4F, 0xAF57,
- 0xAF5D, 0xAF6D, 0xAF75, 0xAF7F, 0xAF8B, 0xAF99, 0xAF9F, 0xAFA3,
- 0xAFAB, 0xAFB7, 0xAFBB, 0xAFCF, 0xAFD5, 0xAFFD, 0xB005, 0xB015,
- 0xB01B, 0xB03F, 0xB041, 0xB047, 0xB04B, 0xB051, 0xB053, 0xB069,
- 0xB07B, 0xB07D, 0xB087, 0xB08D, 0xB0B1, 0xB0BF, 0xB0CB, 0xB0CF,
- 0xB0E1, 0xB0E9, 0xB0ED, 0xB0FB, 0xB105, 0xB107, 0xB111, 0xB119,
- 0xB11D, 0xB11F, 0xB131, 0xB141, 0xB14D, 0xB15B, 0xB165, 0xB173,
- 0xB179, 0xB17F, 0xB1A9, 0xB1B3, 0xB1B9, 0xB1BF, 0xB1D3, 0xB1DD,
- 0xB1E5, 0xB1F1, 0xB1F5, 0xB201, 0xB213, 0xB215, 0xB21F, 0xB22D,
- 0xB23F, 0xB249, 0xB25B, 0xB263, 0xB269, 0xB26D, 0xB27B, 0xB281,
- 0xB28B, 0xB2A9, 0xB2B7, 0xB2BD, 0xB2C3, 0xB2C7, 0xB2D3, 0xB2F9,
- 0xB2FD, 0xB2FF, 0xB303, 0xB309, 0xB311, 0xB31D, 0xB327, 0xB32D,
- 0xB33F, 0xB345, 0xB377, 0xB37D, 0xB381, 0xB387, 0xB393, 0xB39B,
- 0xB3A5, 0xB3C5, 0xB3CB, 0xB3E1, 0xB3E3, 0xB3ED, 0xB3F9, 0xB40B,
- 0xB40D, 0xB413, 0xB417, 0xB435, 0xB43D, 0xB443, 0xB449, 0xB45B,
- 0xB465, 0xB467, 0xB46B, 0xB477, 0xB48B, 0xB495, 0xB49D, 0xB4B5,
- 0xB4BF, 0xB4C1, 0xB4C7, 0xB4DD, 0xB4E3, 0xB4E5, 0xB4F7, 0xB501,
- 0xB50D, 0xB50F, 0xB52D, 0xB53F, 0xB54B, 0xB567, 0xB569, 0xB56F,
- 0xB573, 0xB579, 0xB587, 0xB58D, 0xB599, 0xB5A3, 0xB5AB, 0xB5AF,
- 0xB5BB, 0xB5D5, 0xB5DF, 0xB5E7, 0xB5ED, 0xB5FD, 0xB5FF, 0xB609,
- 0xB61B, 0xB629, 0xB62F, 0xB633, 0xB639, 0xB647, 0xB657, 0xB659,
- 0xB65F, 0xB663, 0xB66F, 0xB683, 0xB687, 0xB69B, 0xB69F, 0xB6A5,
- 0xB6B1, 0xB6B3, 0xB6D7, 0xB6DB, 0xB6E1, 0xB6E3, 0xB6ED, 0xB6EF,
- 0xB705, 0xB70D, 0xB713, 0xB71D, 0xB729, 0xB735, 0xB747, 0xB755,
- 0xB76D, 0xB791, 0xB795, 0xB7A9, 0xB7C1, 0xB7CB, 0xB7D1, 0xB7D3,
- 0xB7EF, 0xB7F5, 0xB807, 0xB80F, 0xB813, 0xB819, 0xB821, 0xB827,
- 0xB82B, 0xB82D, 0xB839, 0xB855, 0xB867, 0xB875, 0xB885, 0xB893,
- 0xB8A5, 0xB8AF, 0xB8B7, 0xB8BD, 0xB8C1, 0xB8C7, 0xB8CD, 0xB8D5,
- 0xB8EB, 0xB8F7, 0xB8F9, 0xB903, 0xB915, 0xB91B, 0xB91D, 0xB92F,
- 0xB939, 0xB93B, 0xB947, 0xB951, 0xB963, 0xB983, 0xB989, 0xB98D,
- 0xB993, 0xB999, 0xB9A1, 0xB9A7, 0xB9AD, 0xB9B7, 0xB9CB, 0xB9D1,
- 0xB9DD, 0xB9E7, 0xB9EF, 0xB9F9, 0xBA07, 0xBA0D, 0xBA17, 0xBA25,
- 0xBA29, 0xBA2B, 0xBA41, 0xBA53, 0xBA55, 0xBA5F, 0xBA61, 0xBA65,
- 0xBA79, 0xBA7D, 0xBA7F, 0xBAA1, 0xBAA3, 0xBAAF, 0xBAB5, 0xBABF,
- 0xBAC1, 0xBACB, 0xBADD, 0xBAE3, 0xBAF1, 0xBAFD, 0xBB09, 0xBB1F,
- 0xBB27, 0xBB2D, 0xBB3D, 0xBB43, 0xBB4B, 0xBB4F, 0xBB5B, 0xBB61,
- 0xBB69, 0xBB6D, 0xBB91, 0xBB97, 0xBB9D, 0xBBB1, 0xBBC9, 0xBBCF,
- 0xBBDB, 0xBBED, 0xBBF7, 0xBBF9, 0xBC03, 0xBC1D, 0xBC23, 0xBC33,
- 0xBC3B, 0xBC41, 0xBC45, 0xBC5D, 0xBC6F, 0xBC77, 0xBC83, 0xBC8F,
- 0xBC99, 0xBCAB, 0xBCB7, 0xBCB9, 0xBCD1, 0xBCD5, 0xBCE1, 0xBCF3,
- 0xBCFF, 0xBD0D, 0xBD17, 0xBD19, 0xBD1D, 0xBD35, 0xBD41, 0xBD4F,
- 0xBD59, 0xBD5F, 0xBD61, 0xBD67, 0xBD6B, 0xBD71, 0xBD8B, 0xBD8F,
- 0xBD95, 0xBD9B, 0xBD9D, 0xBDB3, 0xBDBB, 0xBDCD, 0xBDD1, 0xBDE3,
- 0xBDEB, 0xBDEF, 0xBE07, 0xBE09, 0xBE15, 0xBE21, 0xBE25, 0xBE27,
- 0xBE5B, 0xBE5D, 0xBE6F, 0xBE75, 0xBE79, 0xBE7F, 0xBE8B, 0xBE8D,
- 0xBE93, 0xBE9F, 0xBEA9, 0xBEB1, 0xBEB5, 0xBEB7, 0xBECF, 0xBED9,
- 0xBEDB, 0xBEE5, 0xBEE7, 0xBEF3, 0xBEF9, 0xBF0B, 0xBF33, 0xBF39,
- 0xBF4D, 0xBF5D, 0xBF5F, 0xBF6B, 0xBF71, 0xBF7B, 0xBF87, 0xBF89,
- 0xBF8D, 0xBF93, 0xBFA1, 0xBFAD, 0xBFB9, 0xBFCF, 0xBFD5, 0xBFDD,
- 0xBFE1, 0xBFE3, 0xBFF3, 0xC005, 0xC011, 0xC013, 0xC019, 0xC029,
- 0xC02F, 0xC031, 0xC037, 0xC03B, 0xC047, 0xC065, 0xC06D, 0xC07D,
- 0xC07F, 0xC091, 0xC09B, 0xC0B3, 0xC0B5, 0xC0BB, 0xC0D3, 0xC0D7,
- 0xC0D9, 0xC0EF, 0xC0F1, 0xC101, 0xC103, 0xC109, 0xC115, 0xC119,
- 0xC12B, 0xC133, 0xC137, 0xC145, 0xC149, 0xC15B, 0xC173, 0xC179,
- 0xC17B, 0xC181, 0xC18B, 0xC18D, 0xC197, 0xC1BD, 0xC1C3, 0xC1CD,
- 0xC1DB, 0xC1E1, 0xC1E7, 0xC1FF, 0xC203, 0xC205, 0xC211, 0xC221,
- 0xC22F, 0xC23F, 0xC24B, 0xC24D, 0xC253, 0xC25D, 0xC277, 0xC27B,
- 0xC27D, 0xC289, 0xC28F, 0xC293, 0xC29F, 0xC2A7, 0xC2B3, 0xC2BD,
- 0xC2CF, 0xC2D5, 0xC2E3, 0xC2FF, 0xC301, 0xC307, 0xC311, 0xC313,
- 0xC317, 0xC325, 0xC347, 0xC349, 0xC34F, 0xC365, 0xC367, 0xC371,
- 0xC37F, 0xC383, 0xC385, 0xC395, 0xC39D, 0xC3A7, 0xC3AD, 0xC3B5,
- 0xC3BF, 0xC3C7, 0xC3CB, 0xC3D1, 0xC3D3, 0xC3E3, 0xC3E9, 0xC3EF,
- 0xC401, 0xC41F, 0xC42D, 0xC433, 0xC437, 0xC455, 0xC457, 0xC461,
- 0xC46F, 0xC473, 0xC487, 0xC491, 0xC499, 0xC49D, 0xC4A5, 0xC4B7,
- 0xC4BB, 0xC4C9, 0xC4CF, 0xC4D3, 0xC4EB, 0xC4F1, 0xC4F7, 0xC509,
- 0xC51B, 0xC51D, 0xC541, 0xC547, 0xC551, 0xC55F, 0xC56B, 0xC56F,
- 0xC575, 0xC577, 0xC595, 0xC59B, 0xC59F, 0xC5A1, 0xC5A7, 0xC5C3,
- 0xC5D7, 0xC5DB, 0xC5EF, 0xC5FB, 0xC613, 0xC623, 0xC635, 0xC641,
- 0xC64F, 0xC655, 0xC659, 0xC665, 0xC685, 0xC691, 0xC697, 0xC6A1,
- 0xC6A9, 0xC6B3, 0xC6B9, 0xC6CB, 0xC6CD, 0xC6DD, 0xC6EB, 0xC6F1,
- 0xC707, 0xC70D, 0xC719, 0xC71B, 0xC72D, 0xC731, 0xC739, 0xC757,
- 0xC763, 0xC767, 0xC773, 0xC775, 0xC77F, 0xC7A5, 0xC7BB, 0xC7BD,
- 0xC7C1, 0xC7CF, 0xC7D5, 0xC7E1, 0xC7F9, 0xC7FD, 0xC7FF, 0xC803,
- 0xC811, 0xC81D, 0xC827, 0xC829, 0xC839, 0xC83F, 0xC853, 0xC857,
- 0xC86B, 0xC881, 0xC88D, 0xC88F, 0xC893, 0xC895, 0xC8A1, 0xC8B7,
- 0xC8CF, 0xC8D5, 0xC8DB, 0xC8DD, 0xC8E3, 0xC8E7, 0xC8ED, 0xC8EF,
- 0xC8F9, 0xC905, 0xC911, 0xC917, 0xC919, 0xC91F, 0xC92F, 0xC937,
- 0xC93D, 0xC941, 0xC953, 0xC95F, 0xC96B, 0xC979, 0xC97D, 0xC989,
- 0xC98F, 0xC997, 0xC99D, 0xC9AF, 0xC9B5, 0xC9BF, 0xC9CB, 0xC9D9,
- 0xC9DF, 0xC9E3, 0xC9EB, 0xCA01, 0xCA07, 0xCA09, 0xCA25, 0xCA37,
- 0xCA39, 0xCA4B, 0xCA55, 0xCA5B, 0xCA69, 0xCA73, 0xCA75, 0xCA7F,
- 0xCA8D, 0xCA93, 0xCA9D, 0xCA9F, 0xCAB5, 0xCABB, 0xCAC3, 0xCAC9,
- 0xCAD9, 0xCAE5, 0xCAED, 0xCB03, 0xCB05, 0xCB09, 0xCB17, 0xCB29,
- 0xCB35, 0xCB3B, 0xCB53, 0xCB59, 0xCB63, 0xCB65, 0xCB71, 0xCB87,
- 0xCB99, 0xCB9F, 0xCBB3, 0xCBB9, 0xCBC3, 0xCBD1, 0xCBD5, 0xCBD7,
- 0xCBDD, 0xCBE9, 0xCBFF, 0xCC0D, 0xCC19, 0xCC1D, 0xCC23, 0xCC2B,
- 0xCC41, 0xCC43, 0xCC4D, 0xCC59, 0xCC61, 0xCC89, 0xCC8B, 0xCC91,
- 0xCC9B, 0xCCA3, 0xCCA7, 0xCCD1, 0xCCE5, 0xCCE9, 0xCD09, 0xCD15,
- 0xCD1F, 0xCD25, 0xCD31, 0xCD3D, 0xCD3F, 0xCD49, 0xCD51, 0xCD57,
- 0xCD5B, 0xCD63, 0xCD67, 0xCD81, 0xCD93, 0xCD97, 0xCD9F, 0xCDBB,
- 0xCDC1, 0xCDD3, 0xCDD9, 0xCDE5, 0xCDE7, 0xCDF1, 0xCDF7, 0xCDFD,
- 0xCE0B, 0xCE15, 0xCE21, 0xCE2F, 0xCE47, 0xCE4D, 0xCE51, 0xCE65,
- 0xCE7B, 0xCE7D, 0xCE8F, 0xCE93, 0xCE99, 0xCEA5, 0xCEA7, 0xCEB7,
- 0xCEC9, 0xCED7, 0xCEDD, 0xCEE3, 0xCEE7, 0xCEED, 0xCEF5, 0xCF07,
- 0xCF0B, 0xCF19, 0xCF37, 0xCF3B, 0xCF4D, 0xCF55, 0xCF5F, 0xCF61,
- 0xCF65, 0xCF6D, 0xCF79, 0xCF7D, 0xCF89, 0xCF9B, 0xCF9D, 0xCFA9,
- 0xCFB3, 0xCFB5, 0xCFC5, 0xCFCD, 0xCFD1, 0xCFEF, 0xCFF1, 0xCFF7,
- 0xD013, 0xD015, 0xD01F, 0xD021, 0xD033, 0xD03D, 0xD04B, 0xD04F,
- 0xD069, 0xD06F, 0xD081, 0xD085, 0xD099, 0xD09F, 0xD0A3, 0xD0AB,
- 0xD0BD, 0xD0C1, 0xD0CD, 0xD0E7, 0xD0FF, 0xD103, 0xD117, 0xD12D,
- 0xD12F, 0xD141, 0xD157, 0xD159, 0xD15D, 0xD169, 0xD16B, 0xD171,
- 0xD177, 0xD17D, 0xD181, 0xD187, 0xD195, 0xD199, 0xD1B1, 0xD1BD,
- 0xD1C3, 0xD1D5, 0xD1D7, 0xD1E3, 0xD1FF, 0xD20D, 0xD211, 0xD217,
- 0xD21F, 0xD235, 0xD23B, 0xD247, 0xD259, 0xD261, 0xD265, 0xD279,
- 0xD27F, 0xD283, 0xD289, 0xD28B, 0xD29D, 0xD2A3, 0xD2A7, 0xD2B3,
- 0xD2BF, 0xD2C7, 0xD2E3, 0xD2E9, 0xD2F1, 0xD2FB, 0xD2FD, 0xD315,
- 0xD321, 0xD32B, 0xD343, 0xD34B, 0xD355, 0xD369, 0xD375, 0xD37B,
- 0xD387, 0xD393, 0xD397, 0xD3A5, 0xD3B1, 0xD3C9, 0xD3EB, 0xD3FD,
- 0xD405, 0xD40F, 0xD415, 0xD427, 0xD42F, 0xD433, 0xD43B, 0xD44B,
- 0xD459, 0xD45F, 0xD463, 0xD469, 0xD481, 0xD483, 0xD489, 0xD48D,
- 0xD493, 0xD495, 0xD4A5, 0xD4AB, 0xD4B1, 0xD4C5, 0xD4DD, 0xD4E1,
- 0xD4E3, 0xD4E7, 0xD4F5, 0xD4F9, 0xD50B, 0xD50D, 0xD513, 0xD51F,
- 0xD523, 0xD531, 0xD535, 0xD537, 0xD549, 0xD559, 0xD55F, 0xD565,
- 0xD567, 0xD577, 0xD58B, 0xD591, 0xD597, 0xD5B5, 0xD5B9, 0xD5C1,
- 0xD5C7, 0xD5DF, 0xD5EF, 0xD5F5, 0xD5FB, 0xD603, 0xD60F, 0xD62D,
- 0xD631, 0xD643, 0xD655, 0xD65D, 0xD661, 0xD67B, 0xD685, 0xD687,
- 0xD69D, 0xD6A5, 0xD6AF, 0xD6BD, 0xD6C3, 0xD6C7, 0xD6D9, 0xD6E1,
- 0xD6ED, 0xD709, 0xD70B, 0xD711, 0xD715, 0xD721, 0xD727, 0xD73F,
- 0xD745, 0xD74D, 0xD757, 0xD76B, 0xD77B, 0xD783, 0xD7A1, 0xD7A7,
- 0xD7AD, 0xD7B1, 0xD7B3, 0xD7BD, 0xD7CB, 0xD7D1, 0xD7DB, 0xD7FB,
- 0xD811, 0xD823, 0xD825, 0xD829, 0xD82B, 0xD82F, 0xD837, 0xD84D,
- 0xD855, 0xD867, 0xD873, 0xD88F, 0xD891, 0xD8A1, 0xD8AD, 0xD8BF,
- 0xD8CD, 0xD8D7, 0xD8E9, 0xD8F5, 0xD8FB, 0xD91B, 0xD925, 0xD933,
- 0xD939, 0xD943, 0xD945, 0xD94F, 0xD951, 0xD957, 0xD96D, 0xD96F,
- 0xD973, 0xD979, 0xD981, 0xD98B, 0xD991, 0xD99F, 0xD9A5, 0xD9A9,
- 0xD9B5, 0xD9D3, 0xD9EB, 0xD9F1, 0xD9F7, 0xD9FF, 0xDA05, 0xDA09,
- 0xDA0B, 0xDA0F, 0xDA15, 0xDA1D, 0xDA23, 0xDA29, 0xDA3F, 0xDA51,
- 0xDA59, 0xDA5D, 0xDA5F, 0xDA71, 0xDA77, 0xDA7B, 0xDA7D, 0xDA8D,
- 0xDA9F, 0xDAB3, 0xDABD, 0xDAC3, 0xDAC9, 0xDAE7, 0xDAE9, 0xDAF5,
- 0xDB11, 0xDB17, 0xDB1D, 0xDB23, 0xDB25, 0xDB31, 0xDB3B, 0xDB43,
- 0xDB55, 0xDB67, 0xDB6B, 0xDB73, 0xDB85, 0xDB8F, 0xDB91, 0xDBAD,
- 0xDBAF, 0xDBB9, 0xDBC7, 0xDBCB, 0xDBCD, 0xDBEB, 0xDBF7, 0xDC0D,
- 0xDC27, 0xDC31, 0xDC39, 0xDC3F, 0xDC49, 0xDC51, 0xDC61, 0xDC6F,
- 0xDC75, 0xDC7B, 0xDC85, 0xDC93, 0xDC99, 0xDC9D, 0xDC9F, 0xDCA9,
- 0xDCB5, 0xDCB7, 0xDCBD, 0xDCC7, 0xDCCF, 0xDCD3, 0xDCD5, 0xDCDF,
- 0xDCF9, 0xDD0F, 0xDD15, 0xDD17, 0xDD23, 0xDD35, 0xDD39, 0xDD53,
- 0xDD57, 0xDD5F, 0xDD69, 0xDD6F, 0xDD7D, 0xDD87, 0xDD89, 0xDD9B,
- 0xDDA1, 0xDDAB, 0xDDBF, 0xDDC5, 0xDDCB, 0xDDCF, 0xDDE7, 0xDDE9,
- 0xDDED, 0xDDF5, 0xDDFB, 0xDE0B, 0xDE19, 0xDE29, 0xDE3B, 0xDE3D,
- 0xDE41, 0xDE4D, 0xDE4F, 0xDE59, 0xDE5B, 0xDE61, 0xDE6D, 0xDE77,
- 0xDE7D, 0xDE83, 0xDE97, 0xDE9D, 0xDEA1, 0xDEA7, 0xDECD, 0xDED1,
- 0xDED7, 0xDEE3, 0xDEF1, 0xDEF5, 0xDF01, 0xDF09, 0xDF13, 0xDF1F,
- 0xDF2B, 0xDF33, 0xDF37, 0xDF3D, 0xDF4B, 0xDF55, 0xDF5B, 0xDF67,
- 0xDF69, 0xDF73, 0xDF85, 0xDF87, 0xDF99, 0xDFA3, 0xDFAB, 0xDFB5,
- 0xDFB7, 0xDFC3, 0xDFC7, 0xDFD5, 0xDFF1, 0xDFF3, 0xE003, 0xE005,
- 0xE017, 0xE01D, 0xE027, 0xE02D, 0xE035, 0xE045, 0xE053, 0xE071,
- 0xE07B, 0xE08F, 0xE095, 0xE09F, 0xE0B7, 0xE0B9, 0xE0D5, 0xE0D7,
- 0xE0E3, 0xE0F3, 0xE0F9, 0xE101, 0xE125, 0xE129, 0xE131, 0xE135,
- 0xE143, 0xE14F, 0xE159, 0xE161, 0xE16D, 0xE171, 0xE177, 0xE17F,
- 0xE183, 0xE189, 0xE197, 0xE1AD, 0xE1B5, 0xE1BB, 0xE1BF, 0xE1C1,
- 0xE1CB, 0xE1D1, 0xE1E5, 0xE1EF, 0xE1F7, 0xE1FD, 0xE203, 0xE219,
- 0xE22B, 0xE22D, 0xE23D, 0xE243, 0xE257, 0xE25B, 0xE275, 0xE279,
- 0xE287, 0xE29D, 0xE2AB, 0xE2AF, 0xE2BB, 0xE2C1, 0xE2C9, 0xE2CD,
- 0xE2D3, 0xE2D9, 0xE2F3, 0xE2FD, 0xE2FF, 0xE311, 0xE323, 0xE327,
- 0xE329, 0xE339, 0xE33B, 0xE34D, 0xE351, 0xE357, 0xE35F, 0xE363,
- 0xE369, 0xE375, 0xE377, 0xE37D, 0xE383, 0xE39F, 0xE3C5, 0xE3C9,
- 0xE3D1, 0xE3E1, 0xE3FB, 0xE3FF, 0xE401, 0xE40B, 0xE417, 0xE419,
- 0xE423, 0xE42B, 0xE431, 0xE43B, 0xE447, 0xE449, 0xE453, 0xE455,
- 0xE46D, 0xE471, 0xE48F, 0xE4A9, 0xE4AF, 0xE4B5, 0xE4C7, 0xE4CD,
- 0xE4D3, 0xE4E9, 0xE4EB, 0xE4F5, 0xE507, 0xE521, 0xE525, 0xE537,
- 0xE53F, 0xE545, 0xE54B, 0xE557, 0xE567, 0xE56D, 0xE575, 0xE585,
- 0xE58B, 0xE593, 0xE5A3, 0xE5A5, 0xE5CF, 0xE609, 0xE611, 0xE615,
- 0xE61B, 0xE61D, 0xE621, 0xE629, 0xE639, 0xE63F, 0xE653, 0xE657,
- 0xE663, 0xE66F, 0xE675, 0xE681, 0xE683, 0xE68D, 0xE68F, 0xE695,
- 0xE6AB, 0xE6AD, 0xE6B7, 0xE6BD, 0xE6C5, 0xE6CB, 0xE6D5, 0xE6E3,
- 0xE6E9, 0xE6EF, 0xE6F3, 0xE705, 0xE70D, 0xE717, 0xE71F, 0xE72F,
- 0xE73D, 0xE747, 0xE749, 0xE753, 0xE755, 0xE761, 0xE767, 0xE76B,
- 0xE77F, 0xE789, 0xE791, 0xE7C5, 0xE7CD, 0xE7D7, 0xE7DD, 0xE7DF,
- 0xE7E9, 0xE7F1, 0xE7FB, 0xE801, 0xE807, 0xE80F, 0xE819, 0xE81B,
- 0xE831, 0xE833, 0xE837, 0xE83D, 0xE84B, 0xE84F, 0xE851, 0xE869,
- 0xE875, 0xE879, 0xE893, 0xE8A5, 0xE8A9, 0xE8AF, 0xE8BD, 0xE8DB,
- 0xE8E1, 0xE8E5, 0xE8EB, 0xE8ED, 0xE903, 0xE90B, 0xE90F, 0xE915,
- 0xE917, 0xE92D, 0xE933, 0xE93B, 0xE94B, 0xE951, 0xE95F, 0xE963,
- 0xE969, 0xE97B, 0xE983, 0xE98F, 0xE995, 0xE9A1, 0xE9B9, 0xE9D7,
- 0xE9E7, 0xE9EF, 0xEA11, 0xEA19, 0xEA2F, 0xEA35, 0xEA43, 0xEA4D,
- 0xEA5F, 0xEA6D, 0xEA71, 0xEA7D, 0xEA85, 0xEA89, 0xEAAD, 0xEAB3,
- 0xEAB9, 0xEABB, 0xEAC5, 0xEAC7, 0xEACB, 0xEADF, 0xEAE5, 0xEAEB,
- 0xEAF5, 0xEB01, 0xEB07, 0xEB09, 0xEB31, 0xEB39, 0xEB3F, 0xEB5B,
- 0xEB61, 0xEB63, 0xEB6F, 0xEB81, 0xEB85, 0xEB9D, 0xEBAB, 0xEBB1,
- 0xEBB7, 0xEBC1, 0xEBD5, 0xEBDF, 0xEBED, 0xEBFD, 0xEC0B, 0xEC1B,
- 0xEC21, 0xEC29, 0xEC4D, 0xEC51, 0xEC5D, 0xEC69, 0xEC6F, 0xEC7B,
- 0xECAD, 0xECB9, 0xECBF, 0xECC3, 0xECC9, 0xECCF, 0xECD7, 0xECDD,
- 0xECE7, 0xECE9, 0xECF3, 0xECF5, 0xED07, 0xED11, 0xED1F, 0xED2F,
- 0xED37, 0xED3D, 0xED41, 0xED55, 0xED59, 0xED5B, 0xED65, 0xED6B,
- 0xED79, 0xED8B, 0xED95, 0xEDBB, 0xEDC5, 0xEDD7, 0xEDD9, 0xEDE3,
- 0xEDE5, 0xEDF1, 0xEDF5, 0xEDF7, 0xEDFB, 0xEE09, 0xEE0F, 0xEE19,
- 0xEE21, 0xEE49, 0xEE4F, 0xEE63, 0xEE67, 0xEE73, 0xEE7B, 0xEE81,
- 0xEEA3, 0xEEAB, 0xEEC1, 0xEEC9, 0xEED5, 0xEEDF, 0xEEE1, 0xEEF1,
- 0xEF1B, 0xEF27, 0xEF2F, 0xEF45, 0xEF4D, 0xEF63, 0xEF6B, 0xEF71,
- 0xEF93, 0xEF95, 0xEF9B, 0xEF9F, 0xEFAD, 0xEFB3, 0xEFC3, 0xEFC5,
- 0xEFDB, 0xEFE1, 0xEFE9, 0xF001, 0xF017, 0xF01D, 0xF01F, 0xF02B,
- 0xF02F, 0xF035, 0xF043, 0xF047, 0xF04F, 0xF067, 0xF06B, 0xF071,
- 0xF077, 0xF079, 0xF08F, 0xF0A3, 0xF0A9, 0xF0AD, 0xF0BB, 0xF0BF,
- 0xF0C5, 0xF0CB, 0xF0D3, 0xF0D9, 0xF0E3, 0xF0E9, 0xF0F1, 0xF0F7,
- 0xF107, 0xF115, 0xF11B, 0xF121, 0xF137, 0xF13D, 0xF155, 0xF175,
- 0xF17B, 0xF18D, 0xF193, 0xF1A5, 0xF1AF, 0xF1B7, 0xF1D5, 0xF1E7,
- 0xF1ED, 0xF1FD, 0xF209, 0xF20F, 0xF21B, 0xF21D, 0xF223, 0xF227,
- 0xF233, 0xF23B, 0xF241, 0xF257, 0xF25F, 0xF265, 0xF269, 0xF277,
- 0xF281, 0xF293, 0xF2A7, 0xF2B1, 0xF2B3, 0xF2B9, 0xF2BD, 0xF2BF,
- 0xF2DB, 0xF2ED, 0xF2EF, 0xF2F9, 0xF2FF, 0xF305, 0xF30B, 0xF319,
- 0xF341, 0xF359, 0xF35B, 0xF35F, 0xF367, 0xF373, 0xF377, 0xF38B,
- 0xF38F, 0xF3AF, 0xF3C1, 0xF3D1, 0xF3D7, 0xF3FB, 0xF403, 0xF409,
- 0xF40D, 0xF413, 0xF421, 0xF425, 0xF42B, 0xF445, 0xF44B, 0xF455,
- 0xF463, 0xF475, 0xF47F, 0xF485, 0xF48B, 0xF499, 0xF4A3, 0xF4A9,
- 0xF4AF, 0xF4BD, 0xF4C3, 0xF4DB, 0xF4DF, 0xF4ED, 0xF503, 0xF50B,
- 0xF517, 0xF521, 0xF529, 0xF535, 0xF547, 0xF551, 0xF563, 0xF56B,
- 0xF583, 0xF58D, 0xF595, 0xF599, 0xF5B1, 0xF5B7, 0xF5C9, 0xF5CF,
- 0xF5D1, 0xF5DB, 0xF5F9, 0xF5FB, 0xF605, 0xF607, 0xF60B, 0xF60D,
- 0xF635, 0xF637, 0xF653, 0xF65B, 0xF661, 0xF667, 0xF679, 0xF67F,
- 0xF689, 0xF697, 0xF69B, 0xF6AD, 0xF6CB, 0xF6DD, 0xF6DF, 0xF6EB,
- 0xF709, 0xF70F, 0xF72D, 0xF731, 0xF743, 0xF74F, 0xF751, 0xF755,
- 0xF763, 0xF769, 0xF773, 0xF779, 0xF781, 0xF787, 0xF791, 0xF79D,
- 0xF79F, 0xF7A5, 0xF7B1, 0xF7BB, 0xF7BD, 0xF7CF, 0xF7D3, 0xF7E7,
- 0xF7EB, 0xF7F1, 0xF7FF, 0xF805, 0xF80B, 0xF821, 0xF827, 0xF82D,
- 0xF835, 0xF847, 0xF859, 0xF863, 0xF865, 0xF86F, 0xF871, 0xF877,
- 0xF87B, 0xF881, 0xF88D, 0xF89F, 0xF8A1, 0xF8AB, 0xF8B3, 0xF8B7,
- 0xF8C9, 0xF8CB, 0xF8D1, 0xF8D7, 0xF8DD, 0xF8E7, 0xF8EF, 0xF8F9,
- 0xF8FF, 0xF911, 0xF91D, 0xF925, 0xF931, 0xF937, 0xF93B, 0xF941,
- 0xF94F, 0xF95F, 0xF961, 0xF96D, 0xF971, 0xF977, 0xF99D, 0xF9A3,
- 0xF9A9, 0xF9B9, 0xF9CD, 0xF9E9, 0xF9FD, 0xFA07, 0xFA0D, 0xFA13,
- 0xFA21, 0xFA25, 0xFA3F, 0xFA43, 0xFA51, 0xFA5B, 0xFA6D, 0xFA7B,
- 0xFA97, 0xFA99, 0xFA9D, 0xFAAB, 0xFABB, 0xFABD, 0xFAD9, 0xFADF,
- 0xFAE7, 0xFAED, 0xFB0F, 0xFB17, 0xFB1B, 0xFB2D, 0xFB2F, 0xFB3F,
- 0xFB47, 0xFB4D, 0xFB75, 0xFB7D, 0xFB8F, 0xFB93, 0xFBB1, 0xFBB7,
- 0xFBC3, 0xFBC5, 0xFBE3, 0xFBE9, 0xFBF3, 0xFC01, 0xFC29, 0xFC37,
- 0xFC41, 0xFC43, 0xFC4F, 0xFC59, 0xFC61, 0xFC65, 0xFC6D, 0xFC73,
- 0xFC79, 0xFC95, 0xFC97, 0xFC9B, 0xFCA7, 0xFCB5, 0xFCC5, 0xFCCD,
- 0xFCEB, 0xFCFB, 0xFD0D, 0xFD0F, 0xFD19, 0xFD2B, 0xFD31, 0xFD51,
- 0xFD55, 0xFD67, 0xFD6D, 0xFD6F, 0xFD7B, 0xFD85, 0xFD97, 0xFD99,
- 0xFD9F, 0xFDA9, 0xFDB7, 0xFDC9, 0xFDE5, 0xFDEB, 0xFDF3, 0xFE03,
- 0xFE05, 0xFE09, 0xFE1D, 0xFE27, 0xFE2F, 0xFE41, 0xFE4B, 0xFE4D,
- 0xFE57, 0xFE5F, 0xFE63, 0xFE69, 0xFE75, 0xFE7B, 0xFE8F, 0xFE93,
- 0xFE95, 0xFE9B, 0xFE9F, 0xFEB3, 0xFEBD, 0xFED7, 0xFEE9, 0xFEF3,
- 0xFEF5, 0xFF07, 0xFF0D, 0xFF1D, 0xFF2B, 0xFF2F, 0xFF49, 0xFF4D,
- 0xFF5B, 0xFF65, 0xFF71, 0xFF7F, 0xFF85, 0xFF8B, 0xFF8F, 0xFF9D,
- 0xFFA7, 0xFFA9, 0xFFC7, 0xFFD9, 0xFFEF, 0xFFF1,
-#endif
-};
-
diff --git a/security/nss/lib/freebl/mpi/stats b/security/nss/lib/freebl/mpi/stats
deleted file mode 100755
index dd63ca0db..000000000
--- a/security/nss/lib/freebl/mpi/stats
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/usr/bin/perl
-
-#
-# Treat each line as a sequence of comma and/or space delimited
-# floating point numbers, and compute basic statistics on them.
-# These are written to standard output
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-$min = 1.7976931348623157E+308;
-$max = 2.2250738585072014E-308;
-$sum = $num = 0;
-
-while(<>) {
- chomp;
-
- @nums = split(/[\s,]+/, $_);
- next if($#nums < 0);
-
- $num += scalar @nums;
- foreach (@nums) {
- $min = $_ if($_ < $min);
- $max = $_ if($_ > $max);
- $sum += $_;
- }
-}
-
-if($num) {
- $avg = $sum / $num;
-} else {
- $min = $max = 0;
-}
-
-printf "%d\tmin=%.2f, avg=%.2f, max=%.2f, sum=%.2f\n",
- $num, $min, $avg, $max, $sum;
-
-# end
diff --git a/security/nss/lib/freebl/mpi/test-arrays.txt b/security/nss/lib/freebl/mpi/test-arrays.txt
deleted file mode 100644
index d247154be..000000000
--- a/security/nss/lib/freebl/mpi/test-arrays.txt
+++ /dev/null
@@ -1,86 +0,0 @@
-#
-# Test suite table for MPI library
-#
-# Format of entries:
-# suite-name:function-name:description
-#
-# suite-name The name used to identify this test in mpi-test
-# function-name The function called to perform this test in mpi-test.c
-# description A brief description of what the suite tests
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-list:test_list:print out a list of the available test suites
-copy:test_copy:test assignment of mp-int structures
-exchange:test_exch:test exchange of mp-int structures
-zero:test_zero:test zeroing of an mp-int
-set:test_set:test setting an mp-int to a small constant
-absolute-value:test_abs:test the absolute value function
-negate:test_neg:test the arithmetic negation function
-add-digit:test_add_d:test digit addition
-add:test_add:test full addition
-subtract-digit:test_sub_d:test digit subtraction
-subtract:test_sub:test full subtraction
-multiply-digit:test_mul_d:test digit multiplication
-multiply:test_mul:test full multiplication
-square:test_sqr:test full squaring function
-divide-digit:test_div_d:test digit division
-divide-2:test_div_2:test division by two
-divide-2d:test_div_2d:test division & remainder by 2^d
-divide:test_div:test full division
-expt-digit:test_expt_d:test digit exponentiation
-expt:test_expt:test full exponentiation
-expt-2:test_2expt:test power-of-two exponentiation
-square-root:test_sqrt:test integer square root function
-modulo-digit:test_mod_d:test digit modular reduction
-modulo:test_mod:test full modular reduction
-mod-add:test_addmod:test modular addition
-mod-subtract:test_submod:test modular subtraction
-mod-multiply:test_mulmod:test modular multiplication
-mod-square:test_sqrmod:test modular squaring function
-mod-expt:test_exptmod:test full modular exponentiation
-mod-expt-digit:test_exptmod_d:test digit modular exponentiation
-mod-inverse:test_invmod:test modular inverse function
-compare-digit:test_cmp_d:test digit comparison function
-compare-zero:test_cmp_z:test zero comparison function
-compare:test_cmp:test general signed comparison
-compare-magnitude:test_cmp_mag:test general magnitude comparison
-parity:test_parity:test parity comparison functions
-gcd:test_gcd:test greatest common divisor functions
-lcm:test_lcm:test least common multiple function
-conversion:test_convert:test general radix conversion facilities
-binary:test_raw:test raw output format
-pprime:test_pprime:test probabilistic primality tester
-fermat:test_fermat:test Fermat pseudoprimality tester
diff --git a/security/nss/lib/freebl/mpi/test-info.c b/security/nss/lib/freebl/mpi/test-info.c
deleted file mode 100644
index f84013e2e..000000000
--- a/security/nss/lib/freebl/mpi/test-info.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
- * test-info.c
- *
- * Arbitrary precision integer arithmetic library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-/* Table mapping test suite names to index numbers */
-const int g_count = 42;
-const char *g_names[] = {
- "list", /* print out a list of the available test suites */
- "copy", /* test assignment of mp-int structures */
- "exchange", /* test exchange of mp-int structures */
- "zero", /* test zeroing of an mp-int */
- "set", /* test setting an mp-int to a small constant */
- "absolute-value", /* test the absolute value function */
- "negate", /* test the arithmetic negation function */
- "add-digit", /* test digit addition */
- "add", /* test full addition */
- "subtract-digit", /* test digit subtraction */
- "subtract", /* test full subtraction */
- "multiply-digit", /* test digit multiplication */
- "multiply", /* test full multiplication */
- "square", /* test full squaring function */
- "divide-digit", /* test digit division */
- "divide-2", /* test division by two */
- "divide-2d", /* test division & remainder by 2^d */
- "divide", /* test full division */
- "expt-digit", /* test digit exponentiation */
- "expt", /* test full exponentiation */
- "expt-2", /* test power-of-two exponentiation */
- "square-root", /* test integer square root function */
- "modulo-digit", /* test digit modular reduction */
- "modulo", /* test full modular reduction */
- "mod-add", /* test modular addition */
- "mod-subtract", /* test modular subtraction */
- "mod-multiply", /* test modular multiplication */
- "mod-square", /* test modular squaring function */
- "mod-expt", /* test full modular exponentiation */
- "mod-expt-digit", /* test digit modular exponentiation */
- "mod-inverse", /* test modular inverse function */
- "compare-digit", /* test digit comparison function */
- "compare-zero", /* test zero comparison function */
- "compare", /* test general signed comparison */
- "compare-magnitude", /* test general magnitude comparison */
- "parity", /* test parity comparison functions */
- "gcd", /* test greatest common divisor functions */
- "lcm", /* test least common multiple function */
- "conversion", /* test general radix conversion facilities */
- "binary", /* test raw output format */
- "pprime", /* test probabilistic primality tester */
- "fermat" /* test Fermat pseudoprimality tester */
-};
-
-/* Test function prototypes */
-int test_list(void);
-int test_copy(void);
-int test_exch(void);
-int test_zero(void);
-int test_set(void);
-int test_abs(void);
-int test_neg(void);
-int test_add_d(void);
-int test_add(void);
-int test_sub_d(void);
-int test_sub(void);
-int test_mul_d(void);
-int test_mul(void);
-int test_sqr(void);
-int test_div_d(void);
-int test_div_2(void);
-int test_div_2d(void);
-int test_div(void);
-int test_expt_d(void);
-int test_expt(void);
-int test_2expt(void);
-int test_sqrt(void);
-int test_mod_d(void);
-int test_mod(void);
-int test_addmod(void);
-int test_submod(void);
-int test_mulmod(void);
-int test_sqrmod(void);
-int test_exptmod(void);
-int test_exptmod_d(void);
-int test_invmod(void);
-int test_cmp_d(void);
-int test_cmp_z(void);
-int test_cmp(void);
-int test_cmp_mag(void);
-int test_parity(void);
-int test_gcd(void);
-int test_lcm(void);
-int test_convert(void);
-int test_raw(void);
-int test_pprime(void);
-int test_fermat(void);
-
-/* Table mapping index numbers to functions */
-int (*g_tests[])(void) = {
- test_list, test_copy, test_exch, test_zero,
- test_set, test_abs, test_neg, test_add_d,
- test_add, test_sub_d, test_sub, test_mul_d,
- test_mul, test_sqr, test_div_d, test_div_2,
- test_div_2d, test_div, test_expt_d, test_expt,
- test_2expt, test_sqrt, test_mod_d, test_mod,
- test_addmod, test_submod, test_mulmod, test_sqrmod,
- test_exptmod, test_exptmod_d, test_invmod, test_cmp_d,
- test_cmp_z, test_cmp, test_cmp_mag, test_parity,
- test_gcd, test_lcm, test_convert, test_raw,
- test_pprime, test_fermat
-};
-
-/* Table mapping index numbers to descriptions */
-const char *g_descs[] = {
- "print out a list of the available test suites",
- "test assignment of mp-int structures",
- "test exchange of mp-int structures",
- "test zeroing of an mp-int",
- "test setting an mp-int to a small constant",
- "test the absolute value function",
- "test the arithmetic negation function",
- "test digit addition",
- "test full addition",
- "test digit subtraction",
- "test full subtraction",
- "test digit multiplication",
- "test full multiplication",
- "test full squaring function",
- "test digit division",
- "test division by two",
- "test division & remainder by 2^d",
- "test full division",
- "test digit exponentiation",
- "test full exponentiation",
- "test power-of-two exponentiation",
- "test integer square root function",
- "test digit modular reduction",
- "test full modular reduction",
- "test modular addition",
- "test modular subtraction",
- "test modular multiplication",
- "test modular squaring function",
- "test full modular exponentiation",
- "test digit modular exponentiation",
- "test modular inverse function",
- "test digit comparison function",
- "test zero comparison function",
- "test general signed comparison",
- "test general magnitude comparison",
- "test parity comparison functions",
- "test greatest common divisor functions",
- "test least common multiple function",
- "test general radix conversion facilities",
- "test raw output format",
- "test probabilistic primality tester",
- "test Fermat pseudoprimality tester"
-};
-
diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE b/security/nss/lib/freebl/mpi/tests/LICENSE
deleted file mode 100644
index c2c5d0190..000000000
--- a/security/nss/lib/freebl/mpi/tests/LICENSE
+++ /dev/null
@@ -1,6 +0,0 @@
-Within this directory, each of the file listed below is licensed under
-the terms given in the file LICENSE-MPL, also in this directory.
-
-pi1k.txt
-pi2k.txt
-pi5k.txt
diff --git a/security/nss/lib/freebl/mpi/tests/LICENSE-MPL b/security/nss/lib/freebl/mpi/tests/LICENSE-MPL
deleted file mode 100644
index 9ff410e4b..000000000
--- a/security/nss/lib/freebl/mpi/tests/LICENSE-MPL
+++ /dev/null
@@ -1,32 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation. Portions created by Netscape are
-Copyright (C) 1994-2000 Netscape Communications Corporation. All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-1.c b/security/nss/lib/freebl/mpi/tests/mptest-1.c
deleted file mode 100644
index 6861e616e..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-1.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 1: Simple input test (drives single-digit multiply and add,
- * as well as I/O routines)
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#ifdef MAC_CW_SIOUX
-#include <console.h>
-#endif
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- int ix;
- mp_int mp;
-
-#ifdef MAC_CW_SIOUX
- argc = ccommand(&argv);
-#endif
-
- mp_init(&mp);
-
- for(ix = 1; ix < argc; ix++) {
- mp_read_radix(&mp, argv[ix], 10);
- mp_print(&mp, stdout);
- fputc('\n', stdout);
- }
-
- mp_clear(&mp);
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-2.c b/security/nss/lib/freebl/mpi/tests/mptest-2.c
deleted file mode 100644
index d350d1d49..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-2.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 2: Basic addition and subtraction test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, c;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- printf("Test 2: Basic addition and subtraction\n\n");
-
- mp_init(&a);
- mp_init(&b);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- mp_init(&c);
- printf("c = a + b\n");
-
- mp_add(&a, &b, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("c = a - b\n");
-
- mp_sub(&a, &b, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3.c b/security/nss/lib/freebl/mpi/tests/mptest-3.c
deleted file mode 100644
index ac2dd2c6c..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-3.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 3: Multiplication, division, and exponentiation test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include <time.h>
-
-#include "mpi.h"
-
-#define SQRT 1 /* define nonzero to get square-root test */
-#define EXPT 0 /* define nonzero to get exponentiate test */
-
-int main(int argc, char *argv[])
-{
- int ix;
- mp_int a, b, c, d;
- mp_digit r;
- mp_err res;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- printf("Test 3: Multiplication and division\n\n");
- srand(time(NULL));
-
- mp_init(&a);
- mp_init(&b);
-
- mp_read_variable_radix(&a, argv[1], 10);
- mp_read_variable_radix(&b, argv[2], 10);
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- mp_init(&c);
- printf("\nc = a * b\n");
-
- mp_mul(&a, &b, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = b * 32523\n");
-
- mp_mul_d(&b, 32523, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mp_init(&d);
- printf("\nc = a / b, d = a mod b\n");
-
- mp_div(&a, &b, &c, &d);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
-
- ix = rand() % 256;
- printf("\nc = a / %d, r = a mod %d\n", ix, ix);
- mp_div_d(&a, (mp_digit)ix, &c, &r);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("r = %04X\n", r);
-
-#if EXPT
- printf("\nc = a ** b\n");
- mp_expt(&a, &b, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-#endif
-
- ix = rand() % 256;
- printf("\nc = 2^%d\n", ix);
- mp_2expt(&c, ix);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
-#if SQRT
- printf("\nc = sqrt(a)\n");
- if((res = mp_sqrt(&a, &c)) != MP_OKAY) {
- printf("mp_sqrt: %s\n", mp_strerror(res));
- } else {
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- mp_sqr(&c, &c);
- printf("c^2 = "); mp_print(&c, stdout); fputc('\n', stdout);
- }
-#endif
-
- mp_clear(&d);
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-3a.c b/security/nss/lib/freebl/mpi/tests/mptest-3a.c
deleted file mode 100644
index 014bd386c..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-3a.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 3a: Multiplication vs. squaring timing test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include <time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
- int ix, num, prec = 8;
- double d1, d2;
- clock_t start, finish;
- time_t seed;
- mp_int a, c, d;
-
- seed = time(NULL);
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- if(!num) {
- fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
- return 1;
- }
-
- if(argc > 2) {
- if((prec = atoi(argv[2])) <= 0)
- prec = 8;
- else
- prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
- }
-
- printf("Test 3a: Multiplication vs squaring timing test\n"
- "Precision: %d digits (%u bits)\n"
- "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num);
-
- mp_init_size(&a, prec);
-
- mp_init(&c); mp_init(&d);
-
- printf("Verifying accuracy ... \n");
- srand((unsigned int)seed);
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mp_mul(&a, &a, &c);
- mp_sqr(&a, &d);
-
- if(mp_cmp(&c, &d) != 0) {
- printf("Error! Results not accurate:\n");
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
- mp_sub(&c, &d, &d);
- printf("dif "); mp_print(&d, stdout); fputc('\n', stdout);
- mp_clear(&c); mp_clear(&d);
- mp_clear(&a);
- return 1;
- }
- }
- printf("Accuracy is confirmed for the %d test samples\n", num);
- mp_clear(&d);
-
- printf("Testing squaring ... \n");
- srand((unsigned int)seed);
- start = clock();
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mp_sqr(&a, &c);
- }
- finish = clock();
-
- d2 = (double)(finish - start) / CLOCKS_PER_SEC;
-
- printf("Testing multiplication ... \n");
- srand((unsigned int)seed);
- start = clock();
- for(ix = 0; ix < num; ix++) {
- mpp_random(&a);
- mp_mul(&a, &a, &c);
- }
- finish = clock();
-
- d1 = (double)(finish - start) / CLOCKS_PER_SEC;
-
- printf("Multiplication time: %.3f sec (%.3f each)\n", d1, d1 / num);
- printf("Squaring time: %.3f sec (%.3f each)\n", d2, d2 / num);
- printf("Improvement: %.2f%%\n", (1.0 - (d2 / d1)) * 100.0);
-
- mp_clear(&c);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4.c b/security/nss/lib/freebl/mpi/tests/mptest-4.c
deleted file mode 100644
index 6a9920cd8..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-4.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 4: Modular arithmetic tests
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- int ix;
- mp_int a, b, c, m;
- mp_digit r;
-
- if(argc < 4) {
- fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]);
- return 1;
- }
-
- printf("Test 4: Modular arithmetic\n\n");
-
- mp_init(&a);
- mp_init(&b);
- mp_init(&m);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
- mp_read_radix(&m, argv[3], 10);
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- printf("m = "); mp_print(&m, stdout); fputc('\n', stdout);
-
- mp_init(&c);
- printf("\nc = a (mod m)\n");
-
- mp_mod(&a, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = b (mod m)\n");
-
- mp_mod(&b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = b (mod 1853)\n");
-
- mp_mod_d(&b, 1853, &r);
- printf("c = %04X\n", r);
-
- printf("\nc = (a + b) mod m\n");
-
- mp_addmod(&a, &b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = (a - b) mod m\n");
-
- mp_submod(&a, &b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = (a * b) mod m\n");
-
- mp_mulmod(&a, &b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nc = (a ** b) mod m\n");
-
- mp_exptmod(&a, &b, &m, &c);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- printf("\nIn-place modular squaring test:\n");
- for(ix = 0; ix < 5; ix++) {
- printf("a = (a * a) mod m a = ");
- mp_sqrmod(&a, &m, &a);
- mp_print(&a, stdout);
- fputc('\n', stdout);
- }
-
-
- mp_clear(&c);
- mp_clear(&m);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4a.c b/security/nss/lib/freebl/mpi/tests/mptest-4a.c
deleted file mode 100644
index 22610b8a5..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-4a.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * mptest4a - modular exponentiation speed test
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include <sys/time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-typedef struct {
- unsigned int sec;
- unsigned int usec;
-} instant_t;
-
-instant_t now(void)
-{
- struct timeval clk;
- instant_t res;
-
- res.sec = res.usec = 0;
-
- if(gettimeofday(&clk, NULL) != 0)
- return res;
-
- res.sec = clk.tv_sec;
- res.usec = clk.tv_usec;
-
- return res;
-}
-
-extern mp_err s_mp_pad();
-
-int main(int argc, char *argv[])
-{
- int ix, num, prec = 8;
- unsigned int d;
- instant_t start, finish;
- time_t seed;
- mp_int a, m, c;
-
- seed = time(NULL);
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests> [<precision>]\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- if(!num) {
- fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
- return 1;
- }
-
- if(argc > 2) {
- if((prec = atoi(argv[2])) <= 0)
- prec = 8;
- }
-
- printf("Test 3a: Modular exponentiation timing test\n"
- "Precision: %d digits (%d bits)\n"
- "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num);
-
- mp_init_size(&a, prec);
- mp_init_size(&m, prec);
- mp_init_size(&c, prec);
- s_mp_pad(&a, prec);
- s_mp_pad(&m, prec);
- s_mp_pad(&c, prec);
-
- printf("Testing modular exponentiation ... \n");
- srand((unsigned int)seed);
-
- start = now();
- for(ix = 0; ix < num; ix++) {
- mpp_random(&a);
- mpp_random(&c);
- mpp_random(&m);
- mp_exptmod(&a, &c, &m, &c);
- }
- finish = now();
-
- d = (finish.sec - start.sec) * 1000000;
- d -= start.usec; d += finish.usec;
-
- printf("Total time elapsed: %u usec\n", d);
- printf("Time per exponentiation: %u usec (%.3f sec)\n",
- (d / num), (double)(d / num) / 1000000);
-
- mp_clear(&c);
- mp_clear(&a);
- mp_clear(&m);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-4b.c b/security/nss/lib/freebl/mpi/tests/mptest-4b.c
deleted file mode 100644
index 77a38eb8d..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-4b.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * mptest-4b.c
- *
- * Test speed of a large modular exponentiation of a primitive element
- * modulo a prime.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include <sys/time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-char *g_prime =
- "34BD53C07350E817CCD49721020F1754527959C421C1533244769D4CF060A8B1C3DA"
- "25094BE723FB1E2369B55FEEBBE0FAC16425161BF82684062B5EC5D7D47D1B23C117"
- "0FA19745E44A55E148314E582EB813AC9EE5126295E2E380CACC2F6D206B293E5ED9"
- "23B54EE961A8C69CD625CE4EC38B70C649D7F014432AEF3A1C93";
-char *g_gen = "5";
-
-typedef struct {
- unsigned int sec;
- unsigned int usec;
-} instant_t;
-
-instant_t now(void)
-{
- struct timeval clk;
- instant_t res;
-
- res.sec = res.usec = 0;
-
- if(gettimeofday(&clk, NULL) != 0)
- return res;
-
- res.sec = clk.tv_sec;
- res.usec = clk.tv_usec;
-
- return res;
-}
-
-extern mp_err s_mp_pad();
-
-int main(int argc, char *argv[])
-{
- instant_t start, finish;
- mp_int prime, gen, expt, res;
- unsigned int ix, diff;
- int num;
-
- srand(time(NULL));
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- if(num == 0)
- ++num;
-
- mp_init(&prime); mp_init(&gen); mp_init(&res);
- mp_read_radix(&prime, g_prime, 16);
- mp_read_radix(&gen, g_gen, 16);
-
- mp_init_size(&expt, USED(&prime) - 1);
- s_mp_pad(&expt, USED(&prime) - 1);
-
- printf("Testing %d modular exponentations ... \n", num);
-
- start = now();
- for(ix = 0; ix < num; ix++) {
- mpp_random(&expt);
- mp_exptmod(&gen, &expt, &prime, &res);
- }
- finish = now();
-
- diff = (finish.sec - start.sec) * 1000000;
- diff += finish.usec; diff -= start.usec;
-
- printf("%d operations took %u usec (%.3f sec)\n",
- num, diff, (double)diff / 1000000.0);
- printf("That is %.3f sec per operation.\n",
- ((double)diff / 1000000.0) / num);
-
- mp_clear(&expt);
- mp_clear(&res);
- mp_clear(&gen);
- mp_clear(&prime);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5.c b/security/nss/lib/freebl/mpi/tests/mptest-5.c
deleted file mode 100644
index 4b161d1b8..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-5.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 5: Other number theoretic functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, c, x, y;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- printf("Test 5: Number theoretic functions\n\n");
-
- mp_init(&a);
- mp_init(&b);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
-
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- mp_init(&c);
- printf("\nc = (a, b)\n");
-
- mp_gcd(&a, &b, &c);
- printf("Euclid: c = "); mp_print(&c, stdout); fputc('\n', stdout);
-/*
- mp_bgcd(&a, &b, &c);
- printf("Binary: c = "); mp_print(&c, stdout); fputc('\n', stdout);
-*/
- mp_init(&x);
- mp_init(&y);
- printf("\nc = (a, b) = ax + by\n");
-
- mp_xgcd(&a, &b, &c, &x, &y);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("x = "); mp_print(&x, stdout); fputc('\n', stdout);
- printf("y = "); mp_print(&y, stdout); fputc('\n', stdout);
-
- printf("\nc = a^-1 (mod b)\n");
- if(mp_invmod(&a, &b, &c) == MP_UNDEF) {
- printf("a has no inverse mod b\n");
- } else {
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- }
-
- mp_clear(&y);
- mp_clear(&x);
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-5a.c b/security/nss/lib/freebl/mpi/tests/mptest-5a.c
deleted file mode 100644
index 82552b766..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-5a.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 5a: Greatest common divisor speed test, binary vs. Euclid
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#include <sys/time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-typedef struct {
- unsigned int sec;
- unsigned int usec;
-} instant_t;
-
-instant_t now(void)
-{
- struct timeval clk;
- instant_t res;
-
- res.sec = res.usec = 0;
-
- if(gettimeofday(&clk, NULL) != 0)
- return res;
-
- res.sec = clk.tv_sec;
- res.usec = clk.tv_usec;
-
- return res;
-}
-
-#define PRECISION 16
-
-int main(int argc, char *argv[])
-{
- int ix, num, prec = PRECISION;
- mp_int a, b, c, d;
- instant_t start, finish;
- time_t seed;
- unsigned int d1, d2;
-
- seed = time(NULL);
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests>\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- printf("Test 5a: Euclid vs. Binary, a GCD speed test\n\n"
- "Number of tests: %d\n"
- "Precision: %d digits\n\n", num, prec);
-
- mp_init_size(&a, prec);
- mp_init_size(&b, prec);
- mp_init(&c);
- mp_init(&d);
-
- printf("Verifying accuracy ... \n");
- srand((unsigned int)seed);
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mpp_random_size(&b, prec);
-
- mp_gcd(&a, &b, &c);
- mp_bgcd(&a, &b, &d);
-
- if(mp_cmp(&c, &d) != 0) {
- printf("Error! Results not accurate:\n");
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- printf("c = "); mp_print(&c, stdout); fputc('\n', stdout);
- printf("d = "); mp_print(&d, stdout); fputc('\n', stdout);
-
- mp_clear(&a); mp_clear(&b); mp_clear(&c); mp_clear(&d);
- return 1;
- }
- }
- mp_clear(&d);
- printf("Accuracy confirmed for the %d test samples\n", num);
-
- printf("Testing Euclid ... \n");
- srand((unsigned int)seed);
- start = now();
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mpp_random_size(&b, prec);
- mp_gcd(&a, &b, &c);
-
- }
- finish = now();
-
- d1 = (finish.sec - start.sec) * 1000000;
- d1 -= start.usec; d1 += finish.usec;
-
- printf("Testing binary ... \n");
- srand((unsigned int)seed);
- start = now();
- for(ix = 0; ix < num; ix++) {
- mpp_random_size(&a, prec);
- mpp_random_size(&b, prec);
- mp_bgcd(&a, &b, &c);
- }
- finish = now();
-
- d2 = (finish.sec - start.sec) * 1000000;
- d2 -= start.usec; d2 += finish.usec;
-
- printf("Euclidean algorithm time: %u usec\n", d1);
- printf("Binary algorithm time: %u usec\n", d2);
- printf("Improvement: %.2f%%\n",
- (1.0 - ((double)d2 / (double)d1)) * 100.0);
-
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-6.c b/security/nss/lib/freebl/mpi/tests/mptest-6.c
deleted file mode 100644
index 5e91716de..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-6.c
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 6: Output functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include "mpi.h"
-
-void print_buf(FILE *ofp, char *buf, int len)
-{
- int ix, brk = 0;
-
- for(ix = 0; ix < len; ix++) {
- fprintf(ofp, "%02X ", buf[ix]);
-
- brk = (brk + 1) & 0xF;
- if(!brk)
- fputc('\n', ofp);
- }
-
- if(brk)
- fputc('\n', ofp);
-
-}
-
-int main(int argc, char *argv[])
-{
- int ix, size;
- mp_int a;
- char *buf;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>\n", argv[0]);
- return 1;
- }
-
- printf("Test 6: Output functions\n\n");
-
- mp_init(&a);
-
- mp_read_radix(&a, argv[1], 10);
-
- printf("\nConverting to a string:\n");
-
- printf("Rx Size Representation\n");
- for(ix = 2; ix <= MAX_RADIX; ix++) {
- size = mp_radix_size(&a, ix);
-
- buf = calloc(size, sizeof(char));
- mp_toradix(&a, buf, ix);
- printf("%2d: %3d: %s\n", ix, size, buf);
- free(buf);
-
- }
-
- printf("\nRaw output:\n");
- size = mp_raw_size(&a);
- buf = calloc(size, sizeof(char));
-
- printf("Size: %d bytes\n", size);
-
- mp_toraw(&a, buf);
- print_buf(stdout, buf, size);
- free(buf);
-
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-7.c b/security/nss/lib/freebl/mpi/tests/mptest-7.c
deleted file mode 100644
index 4b41a1a4f..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-7.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 7: Random and divisibility tests
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#define MP_IOFUNC
-#include "mpi.h"
-
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
- mp_digit num;
- mp_int a, b;
-
- srand(time(NULL));
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- printf("Test 7: Random & divisibility tests\n\n");
-
- mp_init(&a);
- mp_init(&b);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
-
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- if(mpp_divis(&a, &b) == MP_YES)
- printf("a is divisible by b\n");
- else
- printf("a is not divisible by b\n");
-
- if(mpp_divis(&b, &a) == MP_YES)
- printf("b is divisible by a\n");
- else
- printf("b is not divisible by a\n");
-
- printf("\nb = mpp_random()\n");
- mpp_random(&b);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- mpp_random(&b);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
- mpp_random(&b);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- printf("\nTesting a for divisibility by first 170 primes\n");
- num = 170;
- if(mpp_divis_primes(&a, &num) == MP_YES)
- printf("It is divisible by at least one of them\n");
- else
- printf("It is not divisible by any of them\n");
-
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-8.c b/security/nss/lib/freebl/mpi/tests/mptest-8.c
deleted file mode 100644
index e2ddc2c19..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-8.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Simple test driver for MPI library
- *
- * Test 8: Probabilistic primality tester
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#define MP_IOFUNC
-#include "mpi.h"
-
-#include "mpprime.h"
-
-int main(int argc, char *argv[])
-{
- int ix;
- mp_digit num;
- mp_int a;
-
- srand(time(NULL));
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>\n", argv[0]);
- return 1;
- }
-
- printf("Test 8: Probabilistic primality testing\n\n");
-
- mp_init(&a);
-
- mp_read_radix(&a, argv[1], 10);
-
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
-
- printf("\nChecking for divisibility by small primes ... \n");
- num = 170;
- if(mpp_divis_primes(&a, &num) == MP_YES) {
- printf("it is not prime\n");
- goto CLEANUP;
- }
- printf("Passed that test (not divisible by any small primes).\n");
-
- for(ix = 0; ix < 10; ix++) {
- printf("\nPerforming Rabin-Miller test, iteration %d\n", ix + 1);
-
- if(mpp_pprime(&a, 5) == MP_NO) {
- printf("it is not prime\n");
- goto CLEANUP;
- }
- }
- printf("All tests passed; a is probably prime\n");
-
-CLEANUP:
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/tests/mptest-9.c b/security/nss/lib/freebl/mpi/tests/mptest-9.c
deleted file mode 100644
index 07d6410c7..000000000
--- a/security/nss/lib/freebl/mpi/tests/mptest-9.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * mptest-9.c
- *
- * Test logical functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <ctype.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mplogic.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, c;
- int pco;
- mp_err res;
-
- printf("Test 9: Logical functions\n\n");
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_init(&b); mp_init(&c);
- mp_read_radix(&a, argv[1], 16);
- mp_read_radix(&b, argv[2], 16);
-
- printf("a = "); mp_print(&a, stdout); fputc('\n', stdout);
- printf("b = "); mp_print(&b, stdout); fputc('\n', stdout);
-
- mpl_not(&a, &c);
- printf("~a = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_and(&a, &b, &c);
- printf("a & b = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_or(&a, &b, &c);
- printf("a | b = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_xor(&a, &b, &c);
- printf("a ^ b = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_rsh(&a, &c, 1);
- printf("a >> 1 = "); mp_print(&c, stdout); fputc('\n', stdout);
- mpl_rsh(&a, &c, 5);
- printf("a >> 5 = "); mp_print(&c, stdout); fputc('\n', stdout);
- mpl_rsh(&a, &c, 16);
- printf("a >> 16 = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_lsh(&a, &c, 1);
- printf("a << 1 = "); mp_print(&c, stdout); fputc('\n', stdout);
- mpl_lsh(&a, &c, 5);
- printf("a << 5 = "); mp_print(&c, stdout); fputc('\n', stdout);
- mpl_lsh(&a, &c, 16);
- printf("a << 16 = "); mp_print(&c, stdout); fputc('\n', stdout);
-
- mpl_num_set(&a, &pco);
- printf("population(a) = %d\n", pco);
- mpl_num_set(&b, &pco);
- printf("population(b) = %d\n", pco);
-
- res = mpl_parity(&a);
- if(res == MP_EVEN)
- printf("a has even parity\n");
- else
- printf("a has odd parity\n");
-
- mp_clear(&c);
- mp_clear(&b);
- mp_clear(&a);
-
- return 0;
-}
-
diff --git a/security/nss/lib/freebl/mpi/tests/pi1k.txt b/security/nss/lib/freebl/mpi/tests/pi1k.txt
deleted file mode 100644
index 5ff6209ff..000000000
--- a/security/nss/lib/freebl/mpi/tests/pi1k.txt
+++ /dev/null
@@ -1 +0,0 @@
-31415926535897932384626433832795028841971693993751058209749445923078164062862089986280348253421170679821480865132823066470938446095505822317253594081284811174502841027019385211055596446229489549303819644288109756659334461284756482337867831652712019091456485669234603486104543266482133936072602491412737245870066063155881748815209209628292540917153643678925903600113305305488204665213841469519415116094330572703657595919530921861173819326117931051185480744623799627495673518857527248912279381830119491298336733624406566430860213949463952247371907021798609437027705392171762931767523846748184676694051320005681271452635608277857713427577896091736371787214684409012249534301465495853710507922796892589235420199561121290219608640344181598136297747713099605187072113499999983729780499510597317328160963185950244594553469083026425223082533446850352619311881710100031378387528865875332083814206171776691473035982534904287554687311595628638823537875937519577818577805321712268066130019278766111959092164201989
diff --git a/security/nss/lib/freebl/mpi/tests/pi2k.txt b/security/nss/lib/freebl/mpi/tests/pi2k.txt
deleted file mode 100644
index 9ce82acd1..000000000
--- a/security/nss/lib/freebl/mpi/tests/pi2k.txt
+++ /dev/null
@@ -1 +0,0 @@
-314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759010
diff --git a/security/nss/lib/freebl/mpi/tests/pi5k.txt b/security/nss/lib/freebl/mpi/tests/pi5k.txt
deleted file mode 100644
index 901fac2ea..000000000
--- a/security/nss/lib/freebl/mpi/tests/pi5k.txt
+++ /dev/null
@@ -1 +0,0 @@
-314159265358979323846264338327950288419716939937510582097494459230781640628620899862803482534211706798214808651328230664709384460955058223172535940812848111745028410270193852110555964462294895493038196442881097566593344612847564823378678316527120190914564856692346034861045432664821339360726024914127372458700660631558817488152092096282925409171536436789259036001133053054882046652138414695194151160943305727036575959195309218611738193261179310511854807446237996274956735188575272489122793818301194912983367336244065664308602139494639522473719070217986094370277053921717629317675238467481846766940513200056812714526356082778577134275778960917363717872146844090122495343014654958537105079227968925892354201995611212902196086403441815981362977477130996051870721134999999837297804995105973173281609631859502445945534690830264252230825334468503526193118817101000313783875288658753320838142061717766914730359825349042875546873115956286388235378759375195778185778053217122680661300192787661119590921642019893809525720106548586327886593615338182796823030195203530185296899577362259941389124972177528347913151557485724245415069595082953311686172785588907509838175463746493931925506040092770167113900984882401285836160356370766010471018194295559619894676783744944825537977472684710404753464620804668425906949129331367702898915210475216205696602405803815019351125338243003558764024749647326391419927260426992279678235478163600934172164121992458631503028618297455570674983850549458858692699569092721079750930295532116534498720275596023648066549911988183479775356636980742654252786255181841757467289097777279380008164706001614524919217321721477235014144197356854816136115735255213347574184946843852332390739414333454776241686251898356948556209921922218427255025425688767179049460165346680498862723279178608578438382796797668145410095388378636095068006422512520511739298489608412848862694560424196528502221066118630674427862203919494504712371378696095636437191728746776465757396241389086583264599581339047802759009946576407895126946839835259570982582262052248940772671947826848260147699090264013639443745530506820349625245174939965143142980919065925093722169646151570985838741059788595977297549893016175392846813826868386894277415599185592524595395943104997252468084598727364469584865383673622262609912460805124388439045124413654976278079771569143599770012961608944169486855584840635342207222582848864815845602850601684273945226746767889525213852254995466672782398645659611635488623057745649803559363456817432411251507606947945109659609402522887971089314566913686722874894056010150330861792868092087476091782493858900971490967598526136554978189312978482168299894872265880485756401427047755513237964145152374623436454285844479526586782105114135473573952311342716610213596953623144295248493718711014576540359027993440374200731057853906219838744780847848968332144571386875194350643021845319104848100537061468067491927819119793995206141966342875444064374512371819217999839101591956181467514269123974894090718649423196156794520809514655022523160388193014209376213785595663893778708303906979207734672218256259966150142150306803844773454920260541466592520149744285073251866600213243408819071048633173464965145390579626856100550810665879699816357473638405257145910289706414011097120628043903975951567715770042033786993600723055876317635942187312514712053292819182618612586732157919841484882916447060957527069572209175671167229109816909152801735067127485832228718352093539657251210835791513698820914442100675103346711031412671113699086585163983150197016515116851714376576183515565088490998985998238734552833163550764791853589322618548963213293308985706420467525907091548141654985946163718027098199430992448895757128289059232332609729971208443357326548938239119325974636673058360414281388303203824903758985243744170291327656180937734440307074692112019130203303801976211011004492932151608424448596376698389522868478312355265821314495768572624334418930396864262434107732269780280731891544110104468232527162010526522721116603966655730925471105578537634668206531098965269186205647693125705863566201855810072936065987648611791045334885034611365768675324944166803962657978771855608455296541266540853061434443185867697514566140680070023787765913440171274947042056223053899456131407112700040785473326993908145466464588079727082668306343285878569830523580893306575740679545716377525420211495576158140025012622859413021647155097925923099079654737612551765675135751782966645477917450112996148903046399471329621073404375189573596145890193897131117904297828564750320319869151402870808599048010941214722131794764777262241425485454033215718530614228813758504306332175182979866223717215916077166925474873898665494945011465406284336639379003976926567214638530673609657120918076383271664162748888007869256029022847210403172118608204190004229661711963779213375751149595015660496318629472654736425230817703675159067350235072835405670403867435136222247715891504953098444893330963408780769325993978054193414473774418426312986080998886874132604721
diff --git a/security/nss/lib/freebl/mpi/timetest b/security/nss/lib/freebl/mpi/timetest
deleted file mode 100755
index d78f3c56a..000000000
--- a/security/nss/lib/freebl/mpi/timetest
+++ /dev/null
@@ -1,131 +0,0 @@
-#!/bin/sh
-
-#
-# Simple timing test for the MPI library. Basically, we use prime
-# generation as a timing test, since it exercises most of the pathways
-# of the library fairly heavily. The 'primegen' tool outputs a line
-# summarizing timing results. We gather these and process them for
-# statistical information, which is collected into a file.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-## Netscape Communications Corporation
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-# Avoid using built-in shell echoes
-ECHO=/bin/echo
-MAKE=gmake
-
-# Use a fixed seed so timings will be more consistent
-# This one is the 11th-18th decimal digits of 'e'
-#export SEED=45904523
-SEED=45904523; export SEED
-
-#------------------------------------------------------------------------
-
-$ECHO "\n** Running timing tests for MPI library\n"
-
-$ECHO "Bringing 'metime' up to date ... "
-if $MAKE metime ; then
- :
-else
- $ECHO "\nMake failed to build metime.\n"
- exit 1
-fi
-
-if [ ! -x ./metime ] ; then
- $ECHO "\nCannot find 'metime' program, testing cannot continue.\n"
- exit 1
-fi
-
-#------------------------------------------------------------------------
-
-$ECHO "Bringing 'primegen' up to date ... "
-if $MAKE primegen ; then
- :
-else
- $ECHO "\nMake failed to build primegen.\n"
- exit 1
-fi
-
-if [ ! -x ./primegen ] ; then
- $ECHO "\nCannot find 'primegen' program, testing cannot continue.\n"
- exit 1
-fi
-
-#------------------------------------------------------------------------
-
-rm -f timing-results.txt
-touch timing-results.txt
-
-sizes="256 512 1024 2048"
-ntests=10
-
-trap 'echo "oop!";rm -f tt*.tmp timing-results.txt;exit 0' INT HUP
-
-$ECHO "\n-- Modular exponentiation\n"
-$ECHO "Modular exponentiation:" >> timing-results.txt
-
-$ECHO "Running $ntests modular exponentiations per test:"
-for size in $sizes ; do
- $ECHO "- Gathering statistics for $size bits ... "
- secs=`./metime $ntests $size | tail -1 | awk '{print $2}'`
- $ECHO "$size: " $secs " seconds per op" >> timing-results.txt
- tail -1 timing-results.txt
-done
-
-$ECHO "<done>";
-
-sizes="256 512 1024"
-ntests=1
-
-$ECHO "\n-- Prime generation\n"
-$ECHO "Prime generation:" >> timing-results.txt
-
-$ECHO "Generating $ntests prime values per test:"
-for size in $sizes ; do
- $ECHO "- Gathering statistics for $size bits ... "
- ./primegen $size $ntests | grep ticks | awk '{print $7}' | tr -d '(' > tt$$.tmp
- $ECHO "$size:" >> timing-results.txt
- perl stats tt$$.tmp >> timing-results.txt
- tail -1 timing-results.txt
- rm -f tt$$.tmp
-done
-
-$ECHO "<done>"
-
-trap 'rm -f tt*.tmp timing-results.txt' INT HUP
-
-exit 0
-
diff --git a/security/nss/lib/freebl/mpi/types.pl b/security/nss/lib/freebl/mpi/types.pl
deleted file mode 100755
index 5f2a2f4d1..000000000
--- a/security/nss/lib/freebl/mpi/types.pl
+++ /dev/null
@@ -1,158 +0,0 @@
-#!/usr/bin/perl
-
-#
-# types.pl - find recommended type definitions for digits and words
-#
-# This script scans the Makefile for the C compiler and compilation
-# flags currently in use, and using this combination, attempts to
-# compile a simple test program that outputs the sizes of the various
-# unsigned integer types, in bytes. Armed with these, it finds all
-# the "viable" type combinations for mp_digit and mp_word, where
-# viability is defined by the requirement that mp_word be at least two
-# times the precision of mp_digit.
-#
-# Of these, the one with the largest digit size is chosen, and
-# appropriate typedef statements are written to standard output.
-#
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the GPL.
-##
-# $Id$
-#
-
-@_=split(/\//,$0);chomp($prog=pop(@_));
-
-# The array of integer types to be considered...
-@TYPES = (
- "unsigned char",
- "unsigned short",
- "unsigned int",
- "unsigned long"
-);
-
-# Macro names for the maximum unsigned value of each type
-%TMAX = (
- "unsigned char" => "UCHAR_MAX",
- "unsigned short" => "USHRT_MAX",
- "unsigned int" => "UINT_MAX",
- "unsigned long" => "ULONG_MAX"
-);
-
-# Read the Makefile to find out which C compiler to use
-open(MFP, "<Makefile") or die "$prog: Makefile: $!\n";
-while(<MFP>) {
- chomp;
- if(/^CC=(.*)$/) {
- $cc = $1;
- last if $cflags;
- } elsif(/^CFLAGS=(.*)$/) {
- $cflags = $1;
- last if $cc;
- }
-}
-close(MFP);
-
-# If we couldn't find that, use 'cc' by default
-$cc = "cc" unless $cc;
-
-printf STDERR "Using '%s' as the C compiler.\n", $cc;
-
-print STDERR "Determining type sizes ... \n";
-open(OFP, ">tc$$.c") or die "$prog: tc$$.c: $!\n";
-print OFP "#include <stdio.h>\n\nint main(void)\n{\n";
-foreach $type (@TYPES) {
- printf OFP "\tprintf(\"%%d\\n\", (int)sizeof(%s));\n", $type;
-}
-print OFP "\n\treturn 0;\n}\n";
-close(OFP);
-
-system("$cc $cflags -o tc$$ tc$$.c");
-
-die "$prog: unable to build test program\n" unless(-x "tc$$");
-
-open(IFP, "./tc$$|") or die "$prog: can't execute test program\n";
-$ix = 0;
-while(<IFP>) {
- chomp;
- $size{$TYPES[$ix++]} = $_;
-}
-close(IFP);
-
-unlink("tc$$");
-unlink("tc$$.c");
-
-print STDERR "Selecting viable combinations ... \n";
-while(($type, $size) = each(%size)) {
- push(@ts, [ $size, $type ]);
-}
-
-# Sort them ascending by size
-@ts = sort { $a->[0] <=> $b->[0] } @ts;
-
-# Try all possible combinations, finding pairs in which the word size
-# is twice the digit size. The number of possible pairs is too small
-# to bother doing this more efficiently than by brute force
-for($ix = 0; $ix <= $#ts; $ix++) {
- $w = $ts[$ix];
-
- for($jx = 0; $jx <= $#ts; $jx++) {
- $d = $ts[$jx];
-
- if($w->[0] == 2 * $d->[0]) {
- push(@valid, [ $d, $w ]);
- }
- }
-}
-
-# Sort descending by digit size
-@valid = sort { $b->[0]->[0] <=> $a->[0]->[0] } @valid;
-
-# Select the maximum as the recommended combination
-$rec = shift(@valid);
-
-printf("typedef %-18s mp_sign;\n", "char");
-printf("typedef %-18s mp_digit; /* %d byte type */\n",
- $rec->[0]->[1], $rec->[0]->[0]);
-printf("typedef %-18s mp_word; /* %d byte type */\n",
- $rec->[1]->[1], $rec->[1]->[0]);
-printf("typedef %-18s mp_size;\n", "unsigned int");
-printf("typedef %-18s mp_err;\n\n", "int");
-
-printf("#define %-18s (CHAR_BIT*sizeof(mp_digit))\n", "DIGIT_BIT");
-printf("#define %-18s %s\n", "DIGIT_MAX", $TMAX{$rec->[0]->[1]});
-printf("#define %-18s (CHAR_BIT*sizeof(mp_word))\n", "MP_WORD_BIT");
-printf("#define %-18s %s\n\n", "MP_WORD_MAX", $TMAX{$rec->[1]->[1]});
-printf("#define %-18s (DIGIT_MAX+1)\n\n", "RADIX");
-
-printf("#define %-18s \"%%0%dX\"\n", "DIGIT_FMT", (2 * $rec->[0]->[0]));
-
-exit 0;
diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE b/security/nss/lib/freebl/mpi/utils/LICENSE
deleted file mode 100644
index 5f96df7ab..000000000
--- a/security/nss/lib/freebl/mpi/utils/LICENSE
+++ /dev/null
@@ -1,4 +0,0 @@
-Within this directory, each of the file listed below is licensed under
-the terms given in the file LICENSE-MPL, also in this directory.
-
-PRIMES
diff --git a/security/nss/lib/freebl/mpi/utils/LICENSE-MPL b/security/nss/lib/freebl/mpi/utils/LICENSE-MPL
deleted file mode 100644
index 9ff410e4b..000000000
--- a/security/nss/lib/freebl/mpi/utils/LICENSE-MPL
+++ /dev/null
@@ -1,32 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation. Portions created by Netscape are
-Copyright (C) 1994-2000 Netscape Communications Corporation. All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
diff --git a/security/nss/lib/freebl/mpi/utils/PRIMES b/security/nss/lib/freebl/mpi/utils/PRIMES
deleted file mode 100644
index ed65703ff..000000000
--- a/security/nss/lib/freebl/mpi/utils/PRIMES
+++ /dev/null
@@ -1,41 +0,0 @@
-Probable primes (sorted by number of significant bits)
-
- 128: 81386202757205669562183851789305348631
-
- 128: 180241813863264101444573802809858694397
-
- 128: 245274683055224433281596312431122059021
-
- 128: 187522309397665259809392608791686659539
-
- 256: 83252422946206411852330647237287722547866360773229941071371588246436\
- 513990159
-
- 256: 79132571131322331023736933767063051273085304521895229780914612117520\
- 058517909
-
- 256: 72081815425552909748220041100909735706208853818662000557743644603407\
- 965465527
-
- 256: 87504602391905701494845474079163412737334477797316409702279059573654\
- 274811271
-
- 512: 12233064210800062190450937494718705259777386009095453001870729392786\
- 63450255179083524798507997690270500580265258111668148238355016411719\
- 9168737693316468563
-
- 512: 12003639081420725322369909586347545220275253633035565716386136197501\
- 88208318984400479275215620499883521216480724155582768193682335576385\
- 2069481074929084063
-
-1024: 16467877625718912296741904171202513097057724053648819680815842057593\
- 20371835940722471475475803725455063836431454757000451907612224427007\
- 63984592414360595161051906727075047683803534852982766542661204179549\
- 77327573530800542562611753617736693359790119074768292178493884576587\
- 0230450429880021317876149636714743053
-
-1024: 16602953991090311275234291158294516471009930684624948451178742895360\
- 86073703307475884280944414508444679430090561246728195735962931545473\
- 40743240318558456247740186704660778277799687988031119436541068736925\
- 20563780233711166724859277827382391527748470939542560819625727876091\
- 5372193745283891895989104479029844957
diff --git a/security/nss/lib/freebl/mpi/utils/README b/security/nss/lib/freebl/mpi/utils/README
deleted file mode 100644
index 86887bf81..000000000
--- a/security/nss/lib/freebl/mpi/utils/README
+++ /dev/null
@@ -1,239 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-library.
-
-The Initial Developer of the Original Code is
-Michael J. Fromberger <sting@linguist.dartmouth.edu>
-
-Portions created by Michael J. Fromberger are
-Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-
-
-Additional MPI utilities
-------------------------
-
-The files 'mpprime.h' and 'mpprime.c' define some useful extensions to
-the MPI library for dealing with prime numbers (in particular, testing
-for divisbility, and the Rabin-Miller probabilistic primality test).
-
-The files 'mplogic.h' and 'mplogic.c' define extensions to the MPI
-library for doing bitwise logical operations and shifting.
-
-This document assumes you have read the help file for the MPI library
-and understand its conventions.
-
-Divisibility (mpprime.h)
-------------
-
-To test a number for divisibility by another number:
-
-mpp_divis(a, b) - test if b|a
-mpp_divis_d(a, d) - test if d|a
-
-Each of these functions returns MP_YES if its initial argument is
-divisible by its second, or MP_NO if it is not. Other errors may be
-returned as appropriate (such as MP_RANGE if you try to test for
-divisibility by zero).
-
-Randomness (mpprime.h)
-----------
-
-To generate random data:
-
-mpp_random(a) - fill a with random data
-mpp_random_size(a, p) - fill a with p digits of random data
-
-The mpp_random_size() function increases the precision of a to at
-least p, then fills all those digits randomly. The mp_random()
-function fills a to its current precision (as determined by the number
-of significant digits, USED(a))
-
-Note that these functions simply use the C library's rand() function
-to fill a with random digits up to its precision. This should be
-adequate for primality testing, but should not be used for
-cryptographic applications where truly random values are required for
-security.
-
-You should call srand() in your driver program in order to seed the
-random generator; this function doesn't call it.
-
-Primality Testing (mpprime.h)
------------------
-
-mpp_divis_vector(a, v, s, w) - is a divisible by any of the s values
- in v, and if so, w = which.
-mpp_divis_primes(a, np) - is a divisible by any of the first np primes?
-mpp_fermat(a, w) - is a pseudoprime with respect to witness w?
-mpp_pprime(a, nt) - run nt iterations of Rabin-Miller on a.
-
-The mpp_divis_vector() function tests a for divisibility by each
-member of an array of digits. The array is v, the size of that array
-is s. Returns MP_YES if a is divisible, and stores the index of the
-offending digit in w. Returns MP_NO if a is not divisible by any of
-the digits in the array.
-
-A small table of primes is compiled into the library (typically the
-first 128 primes, although you can change this by editing the file
-'primes.c' before you build). The global variable prime_tab_size
-contains the number of primes in the table, and the values themselves
-are in the array prime_tab[], which is an array of mp_digit.
-
-The mpp_divis_primes() function is basically just a wrapper around
-mpp_divis_vector() that uses prime_tab[] as the test vector. The np
-parameter is a pointer to an mp_digit -- on input, it should specify
-the number of primes to be tested against. If a is divisible by any
-of the primes, MP_YES is returned and np is given the prime value that
-divided a (you can use this if you're factoring, for example).
-Otherwise, MP_NO is returned and np is untouched.
-
-The function mpp_fermat() performs Fermat's test, using w as a
-witness. This test basically relies on the fact that if a is prime,
-and w is relatively prime to a, then:
-
- w^a = w (mod a)
-
-That is,
-
- w^(a - 1) = 1 (mod a)
-
-The function returns MP_YES if the test passes, MP_NO if it fails. If
-w is relatively prime to a, and the test fails, a is definitely
-composite. If w is relatively prime to a and the test passes, then a
-is either prime, or w is a false witness (the probability of this
-happening depends on the choice of w and of a ... consult a number
-theory textbook for more information about this).
-
-Note: If (w, a) != 1, the output of this test is meaningless.
-----
-
-The function mpp_pprime() performs the Rabin-Miller probabilistic
-primality test for nt rounds. If all the tests pass, MP_YES is
-returned, and a is probably prime. The probability that an answer of
-MP_YES is incorrect is no greater than 1 in 4^nt, and in fact is
-usually much less than that (this is a pessimistic estimate). If any
-test fails, MP_NO is returned, and a is definitely composite.
-
-Bruce Schneier recommends at least 5 iterations of this test for most
-cryptographic applications; Knuth suggests that 25 are reasonable.
-Run it as many times as you feel are necessary.
-
-See the programs 'makeprime.c' and 'isprime.c' for reasonable examples
-of how to use these functions for primality testing.
-
-
-Bitwise Logic (mplogic.c)
--------------
-
-The four commonest logical operations are implemented as:
-
-mpl_not(a, b) - Compute bitwise (one's) complement, b = ~a
-
-mpl_and(a, b, c) - Compute bitwise AND, c = a & b
-
-mpl_or(a, b, c) - Compute bitwise OR, c = a | b
-
-mpl_xor(a, b, c) - Compute bitwise XOR, c = a ^ b
-
-Left and right shifts are available as well. These take a number to
-shift, a destination, and a shift amount. The shift amount must be a
-digit value between 0 and DIGIT_BIT inclusive; if it is not, MP_RANGE
-will be returned and the shift will not happen.
-
-mpl_rsh(a, b, d) - Compute logical right shift, b = a >> d
-
-mpl_lsh(a, b, d) - Compute logical left shift, b = a << d
-
-Since these are logical shifts, they fill with zeroes (the library
-uses a signed magnitude representation, so there are no sign bits to
-extend anyway).
-
-
-Command-line Utilities
-----------------------
-
-A handful of interesting command-line utilities are provided. These
-are:
-
-lap.c - Find the order of a mod m. Usage is 'lap <a> <m>'.
- This uses a dumb algorithm, so don't use it for
- a really big modulus.
-
-invmod.c - Find the inverse of a mod m, if it exists. Usage
- is 'invmod <a> <m>'
-
-sieve.c - A simple bitmap-based implementation of the Sieve
- of Eratosthenes. Used to generate the table of
- primes in primes.c. Usage is 'sieve <nbits>'
-
-prng.c - Uses the routines in bbs_rand.{h,c} to generate
- one or more 32-bit pseudo-random integers. This
- is mainly an example, not intended for use in a
- cryptographic application (the system time is
- the only source of entropy used)
-
-dec2hex.c - Convert decimal to hexadecimal
-
-hex2dec.c - Convert hexadecimal to decimal
-
-basecvt.c - General radix conversion tool (supports 2-64)
-
-isprime.c - Probabilistically test an integer for primality
- using the Rabin-Miller pseudoprime test combined
- with division by small primes.
-
-primegen.c - Generate primes at random.
-
-exptmod.c - Perform modular exponentiation
-
-ptab.pl - A Perl script to munge the output of the sieve
- program into a compilable C structure.
-
-
-Other Files
------------
-
-PRIMES - Some randomly generated numbers which are prime with
- extremely high probability.
-
-README - You're reading me already.
-
-
-About the Author
-----------------
-
-This software was written by Michael J. Fromberger. You can contact
-the author as follows:
-
-E-mail: <sting@linguist.dartmouth.edu>
-
-Postal: 8000 Cummings Hall, Thayer School of Engineering
- Dartmouth College, Hanover, New Hampshire, USA
-
-PGP key: http://linguist.dartmouth.edu/~sting/keys/mjf.html
- 9736 188B 5AFA 23D6 D6AA BE0D 5856 4525 289D 9907
-
-Last updated: $Id$
diff --git a/security/nss/lib/freebl/mpi/utils/basecvt.c b/security/nss/lib/freebl/mpi/utils/basecvt.c
deleted file mode 100644
index 90ed0f66b..000000000
--- a/security/nss/lib/freebl/mpi/utils/basecvt.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * basecvt.c
- *
- * Convert integer values specified on the command line from one input
- * base to another. Accepts input and output bases between 2 and 36
- * inclusive.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-#define IBASE 10
-#define OBASE 16
-#define USAGE "Usage: %s ibase obase [value]\n"
-#define MAXBASE 64
-#define MINBASE 2
-
-int main(int argc, char *argv[])
-{
- int ix, ibase = IBASE, obase = OBASE;
- mp_int val;
-
- ix = 1;
- if(ix < argc) {
- ibase = atoi(argv[ix++]);
-
- if(ibase < MINBASE || ibase > MAXBASE) {
- fprintf(stderr, "%s: input radix must be between %d and %d inclusive\n",
- argv[0], MINBASE, MAXBASE);
- return 1;
- }
- }
- if(ix < argc) {
- obase = atoi(argv[ix++]);
-
- if(obase < MINBASE || obase > MAXBASE) {
- fprintf(stderr, "%s: output radix must be between %d and %d inclusive\n",
- argv[0], MINBASE, MAXBASE);
- return 1;
- }
- }
-
- mp_init(&val);
- while(ix < argc) {
- char *out;
- int outlen;
-
- mp_read_radix(&val, argv[ix++], ibase);
-
- outlen = mp_radix_size(&val, obase);
- out = calloc(outlen, sizeof(char));
- mp_toradix(&val, out, obase);
-
- printf("%s\n", out);
- free(out);
- }
-
- mp_clear(&val);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.c b/security/nss/lib/freebl/mpi/utils/bbs_rand.c
deleted file mode 100644
index c3e8b869b..000000000
--- a/security/nss/lib/freebl/mpi/utils/bbs_rand.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Blum, Blum & Shub PRNG using the MPI library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include "bbs_rand.h"
-
-#define SEED 1
-#define MODULUS 2
-
-/* This modulus is the product of two randomly generated 512-bit
- prime integers, each of which is congruent to 3 (mod 4). */
-static char *bbs_modulus =
-"75A2A6E1D27393B86562B9CE7279A8403CB4258A637DAB5233465373E37837383EDC"
-"332282B8575927BC4172CE8C147B4894050EE9D2BDEED355C121037270CA2570D127"
-"7D2390CD1002263326635CC6B259148DE3A1A03201980A925E395E646A5E9164B0EC"
-"28559EBA58C87447245ADD0651EDA507056A1129E3A3E16E903D64B437";
-
-static int bbs_init = 0; /* flag set when library is initialized */
-static mp_int bbs_state; /* the current state of the generator */
-
-/* Suggested size of random seed data */
-int bbs_seed_size = (sizeof(bbs_modulus) / 2);
-
-void bbs_srand(unsigned char *data, int len)
-{
- if((bbs_init & SEED) == 0) {
- mp_init(&bbs_state);
- bbs_init |= SEED;
- }
-
- mp_read_raw(&bbs_state, (char *)data, len);
-
-} /* end bbs_srand() */
-
-unsigned int bbs_rand(void)
-{
- static mp_int modulus;
- unsigned int result = 0, ix;
-
- if((bbs_init & MODULUS) == 0) {
- mp_init(&modulus);
- mp_read_radix(&modulus, bbs_modulus, 16);
- bbs_init |= MODULUS;
- }
-
- for(ix = 0; ix < sizeof(unsigned int); ix++) {
- mp_digit d;
-
- mp_sqrmod(&bbs_state, &modulus, &bbs_state);
- d = DIGIT(&bbs_state, 0);
-
- result = (result << CHAR_BIT) | (d & UCHAR_MAX);
- }
-
- return result;
-
-} /* end bbs_rand() */
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/bbs_rand.h b/security/nss/lib/freebl/mpi/utils/bbs_rand.h
deleted file mode 100644
index de4587421..000000000
--- a/security/nss/lib/freebl/mpi/utils/bbs_rand.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * bbs_rand.h
- *
- * Blum, Blum & Shub PRNG using the MPI library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _H_BBSRAND_
-#define _H_BBSRAND_
-
-#include <limits.h>
-#include "mpi.h"
-
-#define BBS_RAND_MAX UINT_MAX
-
-/* Suggested length of seed data */
-extern int bbs_seed_size;
-
-void bbs_srand(unsigned char *data, int len);
-unsigned int bbs_rand(void);
-
-#endif /* end _H_BBSRAND_ */
diff --git a/security/nss/lib/freebl/mpi/utils/bbsrand.c b/security/nss/lib/freebl/mpi/utils/bbsrand.c
deleted file mode 100644
index 28600fabe..000000000
--- a/security/nss/lib/freebl/mpi/utils/bbsrand.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * bbsrand.c
- *
- * Test driver for routines in bbs_rand.h
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <limits.h>
-
-#include "bbs_rand.h"
-
-#define NUM_TESTS 100
-
-int main(void)
-{
- unsigned int seed, result, ix;
-
- seed = time(NULL);
- bbs_srand((unsigned char *)&seed, sizeof(seed));
-
- for(ix = 0; ix < NUM_TESTS; ix++) {
- result = bbs_rand();
-
- printf("Test %3u: %08X\n", ix + 1, result);
- }
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/dec2hex.c b/security/nss/lib/freebl/mpi/utils/dec2hex.c
deleted file mode 100644
index 9bdcfa018..000000000
--- a/security/nss/lib/freebl/mpi/utils/dec2hex.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * dec2hex.c
- *
- * Convert decimal integers into hexadecimal
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a;
- char *buf;
- int len;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_read_radix(&a, argv[1], 10);
- len = mp_radix_size(&a, 16);
- buf = malloc(len);
- mp_toradix(&a, buf, 16);
-
- printf("%s\n", buf);
-
- free(buf);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/exptmod.c b/security/nss/lib/freebl/mpi/utils/exptmod.c
deleted file mode 100644
index d5e66ac37..000000000
--- a/security/nss/lib/freebl/mpi/utils/exptmod.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * exptmod.c
- *
- * Command line tool to perform modular exponentiation on arbitrary
- * precision integers.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, m;
- mp_err res;
- char *str;
- int len, rval = 0;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b> <m>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_init(&b); mp_init(&m);
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&b, argv[2], 10);
- mp_read_radix(&m, argv[3], 10);
-
- if((res = mp_exptmod(&a, &b, &m, &a)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
- rval = 1;
- } else {
- len = mp_radix_size(&a, 10);
- str = calloc(len, sizeof(char));
- mp_toradix(&a, str, 10);
-
- printf("%s\n", str);
-
- free(str);
- }
-
- mp_clear(&a); mp_clear(&b); mp_clear(&m);
-
- return rval;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/fact.c b/security/nss/lib/freebl/mpi/utils/fact.c
deleted file mode 100644
index 02b6711c9..000000000
--- a/security/nss/lib/freebl/mpi/utils/fact.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * fact.c
- *
- * Compute factorial of input integer
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-mp_err mp_fact(mp_int *a, mp_int *b);
-
-int main(int argc, char *argv[])
-{
- mp_int a;
- mp_err res;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <number>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a);
- mp_read_radix(&a, argv[1], 10);
-
- if((res = mp_fact(&a, &a)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", argv[0],
- mp_strerror(res));
- mp_clear(&a);
- return 1;
- }
-
- {
- char *buf;
- int len;
-
- len = mp_radix_size(&a, 10);
- buf = malloc(len);
- mp_todecimal(&a, buf);
-
- puts(buf);
-
- free(buf);
- }
-
- mp_clear(&a);
- return 0;
-}
-
-mp_err mp_fact(mp_int *a, mp_int *b)
-{
- mp_int ix, s;
- mp_err res = MP_OKAY;
-
- if(mp_cmp_z(a) < 0)
- return MP_UNDEF;
-
- mp_init(&s);
- mp_add_d(&s, 1, &s); /* s = 1 */
- mp_init(&ix);
- mp_add_d(&ix, 1, &ix); /* ix = 1 */
-
- for(/* */; mp_cmp(&ix, a) <= 0; mp_add_d(&ix, 1, &ix)) {
- if((res = mp_mul(&s, &ix, &s)) != MP_OKAY)
- break;
- }
-
- mp_clear(&ix);
-
- /* Copy out results if we got them */
- if(res == MP_OKAY)
- mp_copy(&s, b);
-
- mp_clear(&s);
-
- return res;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/gcd.c b/security/nss/lib/freebl/mpi/utils/gcd.c
deleted file mode 100644
index b36c7f281..000000000
--- a/security/nss/lib/freebl/mpi/utils/gcd.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * gcd.c
- *
- * Greatest common divisor
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-char *g_prog = NULL;
-
-void print_mp_int(mp_int *mp, FILE *ofp);
-
-int main(int argc, char *argv[])
-{
- mp_int a, b, x, y;
- mp_err res;
- int ext = 0;
-
- g_prog = argv[0];
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <b>\n", g_prog);
- return 1;
- }
-
- mp_init(&a); mp_read_radix(&a, argv[1], 10);
- mp_init(&b); mp_read_radix(&b, argv[2], 10);
-
- /* If we were called 'xgcd', compute x, y so that g = ax + by */
- if(strcmp(g_prog, "xgcd") == 0) {
- ext = 1;
- mp_init(&x); mp_init(&y);
- }
-
- if(ext) {
- if((res = mp_xgcd(&a, &b, &a, &x, &y)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", g_prog, mp_strerror(res));
- mp_clear(&a); mp_clear(&b);
- mp_clear(&x); mp_clear(&y);
- return 1;
- }
- } else {
- if((res = mp_gcd(&a, &b, &a)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", g_prog,
- mp_strerror(res));
- mp_clear(&a); mp_clear(&b);
- return 1;
- }
- }
-
- print_mp_int(&a, stdout);
- if(ext) {
- fputs("x = ", stdout); print_mp_int(&x, stdout);
- fputs("y = ", stdout); print_mp_int(&y, stdout);
- }
-
- mp_clear(&a); mp_clear(&b);
-
- if(ext) {
- mp_clear(&x);
- mp_clear(&y);
- }
-
- return 0;
-
-}
-
-void print_mp_int(mp_int *mp, FILE *ofp)
-{
- char *buf;
- int len;
-
- len = mp_radix_size(mp, 10);
- buf = calloc(len, sizeof(char));
- mp_todecimal(mp, buf);
- fprintf(ofp, "%s\n", buf);
- free(buf);
-
-}
diff --git a/security/nss/lib/freebl/mpi/utils/hex2dec.c b/security/nss/lib/freebl/mpi/utils/hex2dec.c
deleted file mode 100644
index 97aad55c9..000000000
--- a/security/nss/lib/freebl/mpi/utils/hex2dec.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * hex2dec.c
- *
- * Convert decimal integers into hexadecimal
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a;
- char *buf;
- int len;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_read_radix(&a, argv[1], 16);
- len = mp_radix_size(&a, 10);
- buf = malloc(len);
- mp_toradix(&a, buf, 10);
-
- printf("%s\n", buf);
-
- free(buf);
- mp_clear(&a);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/identest.c b/security/nss/lib/freebl/mpi/utils/identest.c
deleted file mode 100644
index a75d2b352..000000000
--- a/security/nss/lib/freebl/mpi/utils/identest.c
+++ /dev/null
@@ -1,79 +0,0 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include "mpi.h"
-#include "mpprime.h"
-#include <sys/types.h>
-#include <time.h>
-
-#define MAX_PREC (4096 / MP_DIGIT_BIT)
-
-mp_err identity_test(void)
-{
- mp_size preca, precb;
- mp_err res;
- mp_int a, b;
- mp_int t1, t2, t3, t4, t5;
-
- preca = (rand() % MAX_PREC) + 1;
- precb = (rand() % MAX_PREC) + 1;
-
- MP_DIGITS(&a) = 0;
- MP_DIGITS(&b) = 0;
- MP_DIGITS(&t1) = 0;
- MP_DIGITS(&t2) = 0;
- MP_DIGITS(&t3) = 0;
- MP_DIGITS(&t4) = 0;
- MP_DIGITS(&t5) = 0;
-
- MP_CHECKOK( mp_init(&a) );
- MP_CHECKOK( mp_init(&b) );
- MP_CHECKOK( mp_init(&t1) );
- MP_CHECKOK( mp_init(&t2) );
- MP_CHECKOK( mp_init(&t3) );
- MP_CHECKOK( mp_init(&t4) );
- MP_CHECKOK( mp_init(&t5) );
-
- MP_CHECKOK( mpp_random_size(&a, preca) );
- MP_CHECKOK( mpp_random_size(&b, precb) );
-
- if (mp_cmp(&a, &b) < 0)
- mp_exch(&a, &b);
-
- MP_CHECKOK( mp_mod(&a, &b, &t1) ); /* t1 = a%b */
- MP_CHECKOK( mp_div(&a, &b, &t2, NULL) ); /* t2 = a/b */
- MP_CHECKOK( mp_mul(&b, &t2, &t3) ); /* t3 = (a/b)*b */
- MP_CHECKOK( mp_add(&t1, &t3, &t4) ); /* t4 = a%b + (a/b)*b */
- MP_CHECKOK( mp_sub(&t4, &a, &t5) ); /* t5 = a%b + (a/b)*b - a */
- if (mp_cmp_z(&t5) != 0) {
- res = MP_UNDEF;
- goto CLEANUP;
- }
-
-CLEANUP:
- mp_clear(&t5);
- mp_clear(&t4);
- mp_clear(&t3);
- mp_clear(&t2);
- mp_clear(&t1);
- mp_clear(&b);
- mp_clear(&a);
- return res;
-}
-
-int
-main(void)
-{
- unsigned int seed = (unsigned int)time(NULL);
- unsigned long count = 0;
- mp_err res;
-
- srand(seed);
-
- while (MP_OKAY == (res = identity_test())) {
- if ((++count % 100) == 0)
- fputc('.', stderr);
- }
-
- fprintf(stderr, "\ntest failed, err %d\n", res);
- return res;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/invmod.c b/security/nss/lib/freebl/mpi/utils/invmod.c
deleted file mode 100644
index df58bb6d1..000000000
--- a/security/nss/lib/freebl/mpi/utils/invmod.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * invmod.c
- *
- * Compute modular inverses
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1997, 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "mpi.h"
-
-int main(int argc, char *argv[])
-{
- mp_int a, m;
- mp_err res;
- char *buf;
- int len, out = 0;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a); mp_init(&m);
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&m, argv[2], 10);
-
- if(mp_cmp(&a, &m) > 0)
- mp_mod(&a, &m, &a);
-
- switch((res = mp_invmod(&a, &m, &a))) {
- case MP_OKAY:
- len = mp_radix_size(&a, 10);
- buf = malloc(len);
-
- mp_toradix(&a, buf, 10);
- printf("%s\n", buf);
- free(buf);
- break;
-
- case MP_UNDEF:
- printf("No inverse\n");
- out = 1;
- break;
-
- default:
- printf("error: %s (%d)\n", mp_strerror(res), res);
- out = 2;
- break;
- }
-
- mp_clear(&a);
- mp_clear(&m);
-
- return out;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/isprime.c b/security/nss/lib/freebl/mpi/utils/isprime.c
deleted file mode 100644
index f9cd9707b..000000000
--- a/security/nss/lib/freebl/mpi/utils/isprime.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * isprime.c
- *
- * Probabilistic primality tester command-line tool
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-#define RM_TESTS 15 /* how many iterations of Rabin-Miller? */
-#define MINIMUM 1024 /* don't bother us with a < this */
-
-int g_tests = RM_TESTS;
-char *g_prog = NULL;
-
-int main(int argc, char *argv[])
-{
- mp_int a;
- mp_digit np = prime_tab_size; /* from mpprime.h */
- int res = 0;
-
- g_prog = argv[0];
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <a>, where <a> is a decimal integer\n"
- "Use '0x' prefix for a hexadecimal value\n", g_prog);
- return 1;
- }
-
- /* Read number of tests from environment, if present */
- {
- char *tmp;
-
- if((tmp = getenv("RM_TESTS")) != NULL) {
- if((g_tests = atoi(tmp)) <= 0)
- g_tests = RM_TESTS;
- }
- }
-
- mp_init(&a);
- if(argv[1][0] == '0' && argv[1][1] == 'x')
- mp_read_radix(&a, argv[1] + 2, 16);
- else
- mp_read_radix(&a, argv[1], 10);
-
- if(mp_cmp_d(&a, MINIMUM) <= 0) {
- fprintf(stderr, "%s: please use a value greater than %d\n",
- g_prog, MINIMUM);
- mp_clear(&a);
- return 1;
- }
-
- /* Test for divisibility by small primes */
- if(mpp_divis_primes(&a, &np) != MP_NO) {
- printf("Not prime (divisible by small prime %d)\n", np);
- res = 2;
- goto CLEANUP;
- }
-
- /* Test with Fermat's test, using 2 as a witness */
- if(mpp_fermat(&a, 2) != MP_YES) {
- printf("Not prime (failed Fermat test)\n");
- res = 2;
- goto CLEANUP;
- }
-
- /* Test with Rabin-Miller probabilistic test */
- if(mpp_pprime(&a, g_tests) == MP_NO) {
- printf("Not prime (failed pseudoprime test)\n");
- res = 2;
- goto CLEANUP;
- }
-
- printf("Probably prime, 1 in 4^%d chance of false positive\n", g_tests);
-
-CLEANUP:
- mp_clear(&a);
-
- return res;
-
-}
diff --git a/security/nss/lib/freebl/mpi/utils/lap.c b/security/nss/lib/freebl/mpi/utils/lap.c
deleted file mode 100644
index ababed7f3..000000000
--- a/security/nss/lib/freebl/mpi/utils/lap.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * lap.c
- *
- * Find least annihilating power of a mod m
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <signal.h>
-
-#include "mpi.h"
-
-void sig_catch(int ign);
-
-int g_quit = 0;
-
-int main(int argc, char *argv[])
-{
- mp_int a, m, p, k;
-
- if(argc < 3) {
- fprintf(stderr, "Usage: %s <a> <m>\n", argv[0]);
- return 1;
- }
-
- mp_init(&a);
- mp_init(&m);
- mp_init(&p);
- mp_add_d(&p, 1, &p);
-
- mp_read_radix(&a, argv[1], 10);
- mp_read_radix(&m, argv[2], 10);
-
- mp_init_copy(&k, &a);
-
- signal(SIGINT, sig_catch);
-#ifndef __OS2__
- signal(SIGHUP, sig_catch);
-#endif
- signal(SIGTERM, sig_catch);
-
- while(mp_cmp(&p, &m) < 0) {
- if(g_quit) {
- int len;
- char *buf;
-
- len = mp_radix_size(&p, 10);
- buf = malloc(len);
- mp_toradix(&p, buf, 10);
-
- fprintf(stderr, "Terminated at: %s\n", buf);
- free(buf);
- return 1;
- }
- if(mp_cmp_d(&k, 1) == 0) {
- int len;
- char *buf;
-
- len = mp_radix_size(&p, 10);
- buf = malloc(len);
- mp_toradix(&p, buf, 10);
-
- printf("%s\n", buf);
-
- free(buf);
- break;
- }
-
- mp_mulmod(&k, &a, &m, &k);
- mp_add_d(&p, 1, &p);
- }
-
- if(mp_cmp(&p, &m) >= 0)
- printf("No annihilating power.\n");
-
- mp_clear(&p);
- mp_clear(&m);
- mp_clear(&a);
- return 0;
-}
-
-void sig_catch(int ign)
-{
- g_quit = 1;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/makeprime.c b/security/nss/lib/freebl/mpi/utils/makeprime.c
deleted file mode 100644
index c4deaa9f0..000000000
--- a/security/nss/lib/freebl/mpi/utils/makeprime.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * makeprime.c
- *
- * A simple prime generator function (and test driver). Prints out the
- * first prime it finds greater than or equal to the starting value.
- *
- * Usage: makeprime <start>
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-
-/* These two must be included for make_prime() to work */
-
-#include "mpi.h"
-#include "mpprime.h"
-
-/*
- make_prime(p, nr)
-
- Find the smallest prime integer greater than or equal to p, where
- primality is verified by 'nr' iterations of the Rabin-Miller
- probabilistic primality test. The caller is responsible for
- generating the initial value of p.
-
- Returns MP_OKAY if a prime has been generated, otherwise the error
- code indicates some other problem. The value of p is clobbered; the
- caller should keep a copy if the value is needed.
- */
-mp_err make_prime(mp_int *p, int nr);
-
-/* The main() is not required -- it's just a test driver */
-int main(int argc, char *argv[])
-{
- mp_int start;
- mp_err res;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <start-value>\n", argv[0]);
- return 1;
- }
-
- mp_init(&start);
- if(argv[1][0] == '0' && tolower(argv[1][1]) == 'x') {
- mp_read_radix(&start, argv[1] + 2, 16);
- } else {
- mp_read_radix(&start, argv[1], 10);
- }
- mp_abs(&start, &start);
-
- if((res = make_prime(&start, 5)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
- mp_clear(&start);
-
- return 1;
-
- } else {
- char *buf = malloc(mp_radix_size(&start, 10));
-
- mp_todecimal(&start, buf);
- printf("%s\n", buf);
- free(buf);
-
- mp_clear(&start);
-
- return 0;
- }
-
-} /* end main() */
-
-/*------------------------------------------------------------------------*/
-
-mp_err make_prime(mp_int *p, int nr)
-{
- mp_err res;
-
- if(mp_iseven(p)) {
- mp_add_d(p, 1, p);
- }
-
- do {
- mp_digit which = prime_tab_size;
-
- /* First test for divisibility by a few small primes */
- if((res = mpp_divis_primes(p, &which)) == MP_YES)
- continue;
- else if(res != MP_NO)
- goto CLEANUP;
-
- /* If that passes, try one iteration of Fermat's test */
- if((res = mpp_fermat(p, 2)) == MP_NO)
- continue;
- else if(res != MP_YES)
- goto CLEANUP;
-
- /* If that passes, run Rabin-Miller as often as requested */
- if((res = mpp_pprime(p, nr)) == MP_YES)
- break;
- else if(res != MP_NO)
- goto CLEANUP;
-
- } while((res = mp_add_d(p, 2, p)) == MP_OKAY);
-
- CLEANUP:
- return res;
-
-} /* end make_prime() */
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/metime.c b/security/nss/lib/freebl/mpi/utils/metime.c
deleted file mode 100644
index 3f39b23a9..000000000
--- a/security/nss/lib/freebl/mpi/utils/metime.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * metime.c
- *
- * Modular exponentiation timing test
- *
- * $Id$
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 2000 Michael J. Fromberger. All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mpprime.h"
-
-double clk_to_sec(clock_t start, clock_t stop);
-
-int main(int argc, char *argv[])
-{
- int ix, num, prec = 8;
- unsigned int seed;
- clock_t start, stop;
- double sec;
-
- mp_int a, m, c;
-
- if(getenv("SEED") != NULL)
- seed = abs(atoi(getenv("SEED")));
- else
- seed = (unsigned int)time(NULL);
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-tests> [<nbits>]\n", argv[0]);
- return 1;
- }
-
- if((num = atoi(argv[1])) < 0)
- num = -num;
-
- if(!num) {
- fprintf(stderr, "%s: must perform at least 1 test\n", argv[0]);
- return 1;
- }
-
- if(argc > 2) {
- if((prec = atoi(argv[2])) <= 0)
- prec = 8;
- else
- prec = (prec + (DIGIT_BIT - 1)) / DIGIT_BIT;
-
- }
-
- printf("Modular exponentiation timing test\n"
- "Precision: %d digits (%d bits)\n"
- "# of tests: %d\n\n", prec, prec * DIGIT_BIT, num);
-
- mp_init_size(&a, prec);
- mp_init_size(&m, prec);
- mp_init_size(&c, prec);
-
- srand(seed);
-
- start = clock();
- for(ix = 0; ix < num; ix++) {
-
- mpp_random_size(&a, prec);
- mpp_random_size(&c, prec);
- mpp_random_size(&m, prec);
- /* set msb and lsb of m */
- DIGIT(&m,0) |= 1;
- DIGIT(&m, USED(&m)-1) |= (mp_digit)1 << (DIGIT_BIT - 1);
- if (mp_cmp(&a, &m) > 0)
- mp_sub(&a, &m, &a);
-
- mp_exptmod(&a, &c, &m, &c);
- }
- stop = clock();
-
- sec = clk_to_sec(start, stop);
-
- printf("Total: %.3f seconds\n", sec);
- printf("Individual: %.3f seconds\n", sec / num);
-
- mp_clear(&c);
- mp_clear(&a);
- mp_clear(&m);
-
- return 0;
-}
-
-double clk_to_sec(clock_t start, clock_t stop)
-{
- return (double)(stop - start) / CLOCKS_PER_SEC;
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/pi.c b/security/nss/lib/freebl/mpi/utils/pi.c
deleted file mode 100644
index 367118586..000000000
--- a/security/nss/lib/freebl/mpi/utils/pi.c
+++ /dev/null
@@ -1,194 +0,0 @@
-/*
- * pi.c
- *
- * Compute pi to an arbitrary number of digits. Uses Machin's formula,
- * like everyone else on the planet:
- *
- * pi = 16 * arctan(1/5) - 4 * arctan(1/239)
- *
- * This is pretty effective for up to a few thousand digits, but it
- * gets pretty slow after that.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-
-mp_err arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum);
-
-int main(int argc, char *argv[])
-{
- mp_err res;
- mp_digit ndigits;
- mp_int sum1, sum2;
- clock_t start, stop;
- int out = 0;
-
- /* Make the user specify precision on the command line */
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <num-digits>\n", argv[0]);
- return 1;
- }
-
- if((ndigits = abs(atoi(argv[1]))) == 0) {
- fprintf(stderr, "%s: you must request at least 1 digit\n", argv[0]);
- return 1;
- }
-
- start = clock();
- mp_init(&sum1); mp_init(&sum2);
-
- /* sum1 = 16 * arctan(1/5) */
- if((res = arctan(16, 5, ndigits, &sum1)) != MP_OKAY) {
- fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res));
- out = 1; goto CLEANUP;
- }
-
- /* sum2 = 4 * arctan(1/239) */
- if((res = arctan(4, 239, ndigits, &sum2)) != MP_OKAY) {
- fprintf(stderr, "%s: arctan: %s\n", argv[0], mp_strerror(res));
- out = 1; goto CLEANUP;
- }
-
- /* pi = sum1 - sum2 */
- if((res = mp_sub(&sum1, &sum2, &sum1)) != MP_OKAY) {
- fprintf(stderr, "%s: mp_sub: %s\n", argv[0], mp_strerror(res));
- out = 1; goto CLEANUP;
- }
- stop = clock();
-
- /* Write the output in decimal */
- {
- char *buf = malloc(mp_radix_size(&sum1, 10));
-
- if(buf == NULL) {
- fprintf(stderr, "%s: out of memory\n", argv[0]);
- out = 1; goto CLEANUP;
- }
- mp_todecimal(&sum1, buf);
- printf("%s\n", buf);
- free(buf);
- }
-
- fprintf(stderr, "Computation took %.2f sec.\n",
- (double)(stop - start) / CLOCKS_PER_SEC);
-
- CLEANUP:
- mp_clear(&sum1);
- mp_clear(&sum2);
-
- return out;
-
-}
-
-/* Compute sum := mul * arctan(1/x), to 'prec' digits of precision */
-mp_err arctan(mp_digit mul, mp_digit x, mp_digit prec, mp_int *sum)
-{
- mp_int t, v;
- mp_digit q = 1, rd;
- mp_err res;
- int sign = 1;
-
- prec += 3; /* push inaccuracies off the end */
-
- mp_init(&t); mp_set(&t, 10);
- mp_init(&v);
- if((res = mp_expt_d(&t, prec, &t)) != MP_OKAY || /* get 10^prec */
- (res = mp_mul_d(&t, mul, &t)) != MP_OKAY || /* ... times mul */
- (res = mp_mul_d(&t, x, &t)) != MP_OKAY) /* ... times x */
- goto CLEANUP;
-
- /*
- The extra multiplication by x in the above takes care of what
- would otherwise have to be a special case for 1 / x^1 during the
- first loop iteration. A little sneaky, but effective.
-
- We compute arctan(1/x) by the formula:
-
- 1 1 1 1
- - - ----- + ----- - ----- + ...
- x 3 x^3 5 x^5 7 x^7
-
- We multiply through by 'mul' beforehand, which gives us a couple
- more iterations and more precision
- */
-
- x *= x; /* works as long as x < sqrt(RADIX), which it is here */
-
- mp_zero(sum);
-
- do {
- if((res = mp_div_d(&t, x, &t, &rd)) != MP_OKAY)
- goto CLEANUP;
-
- if(sign < 0 && rd != 0)
- mp_add_d(&t, 1, &t);
-
- if((res = mp_div_d(&t, q, &v, &rd)) != MP_OKAY)
- goto CLEANUP;
-
- if(sign < 0 && rd != 0)
- mp_add_d(&v, 1, &v);
-
- if(sign > 0)
- res = mp_add(sum, &v, sum);
- else
- res = mp_sub(sum, &v, sum);
-
- if(res != MP_OKAY)
- goto CLEANUP;
-
- sign *= -1;
- q += 2;
-
- } while(mp_cmp_z(&t) != 0);
-
- /* Chop off inaccurate low-order digits */
- mp_div_d(sum, 1000, sum, NULL);
-
- CLEANUP:
- mp_clear(&v);
- mp_clear(&t);
-
- return res;
-}
-
-/*------------------------------------------------------------------------*/
-/* HERE THERE BE DRAGONS */
diff --git a/security/nss/lib/freebl/mpi/utils/primegen.c b/security/nss/lib/freebl/mpi/utils/primegen.c
deleted file mode 100644
index 1f7a593e1..000000000
--- a/security/nss/lib/freebl/mpi/utils/primegen.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- * primegen.c
- *
- * Generates random integers which are prime with a high degree of
- * probability using the Miller-Rabin probabilistic primality testing
- * algorithm.
- *
- * Usage:
- * primegen <bits> [<num>]
- *
- * <bits> - number of significant bits each prime should have
- * <num> - number of primes to generate
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <time.h>
-
-#include "mpi.h"
-#include "mplogic.h"
-#include "mpprime.h"
-
-#undef MACOS /* define if running on a Macintosh */
-
-#ifdef MACOS
-#include <console.h>
-#endif
-
-#define NUM_TESTS 5 /* Number of Rabin-Miller iterations to test with */
-
-#ifdef DEBUG
-#define FPUTC(x,y) fputc(x,y)
-#else
-#define FPUTC(x,y)
-#endif
-
-int main(int argc, char *argv[])
-{
- unsigned char *raw;
- char *out;
- unsigned long nTries;
- int rawlen, bits, outlen, ngen, ix, jx;
- int g_strong = 0;
- mp_int testval;
- mp_err res;
- clock_t start, end;
-
-#ifdef MACOS
- argc = ccommand(&argv);
-#endif
-
- /* We'll just use the C library's rand() for now, although this
- won't be good enough for cryptographic purposes */
- if((out = getenv("SEED")) == NULL) {
- srand((unsigned int)time(NULL));
- } else {
- srand((unsigned int)atoi(out));
- }
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <bits> [<count> [strong]]\n", argv[0]);
- return 1;
- }
-
- if((bits = abs(atoi(argv[1]))) < CHAR_BIT) {
- fprintf(stderr, "%s: please request at least %d bits.\n",
- argv[0], CHAR_BIT);
- return 1;
- }
-
- /* If optional third argument is given, use that as the number of
- primes to generate; otherwise generate one prime only.
- */
- if(argc < 3) {
- ngen = 1;
- } else {
- ngen = abs(atoi(argv[2]));
- }
-
- /* If fourth argument is given, and is the word "strong", we'll
- generate strong (Sophie Germain) primes.
- */
- if(argc > 3 && strcmp(argv[3], "strong") == 0)
- g_strong = 1;
-
- /* testval - candidate being tested; nTries - number tried so far */
- if ((res = mp_init(&testval)) != MP_OKAY) {
- fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
- return 1;
- }
-
- if(g_strong) {
- printf("Requested %d strong prime value(s) of %d bits.\n",
- ngen, bits);
- } else {
- printf("Requested %d prime value(s) of %d bits.\n", ngen, bits);
- }
-
- rawlen = (bits / CHAR_BIT) + ((bits % CHAR_BIT) ? 1 : 0) + 1;
-
- if((raw = calloc(rawlen, sizeof(unsigned char))) == NULL) {
- fprintf(stderr, "%s: out of memory, sorry.\n", argv[0]);
- return 1;
- }
-
- /* This loop is one for each prime we need to generate */
- for(jx = 0; jx < ngen; jx++) {
-
- raw[0] = 0; /* sign is positive */
-
- /* Pack the initializer with random bytes */
- for(ix = 1; ix < rawlen; ix++)
- raw[ix] = (rand() * rand()) & UCHAR_MAX;
-
- raw[1] |= 0x80; /* set high-order bit of test value */
- raw[rawlen - 1] |= 1; /* set low-order bit of test value */
-
- /* Make an mp_int out of the initializer */
- mp_read_raw(&testval, (char *)raw, rawlen);
-
- /* Initialize candidate counter */
- nTries = 0;
-
- start = clock(); /* time generation for this prime */
- do {
- res = mpp_make_prime(&testval, bits, g_strong, &nTries);
- if (res != MP_NO)
- break;
- /* This code works whether digits are 16 or 32 bits */
- res = mp_add_d(&testval, 32 * 1024, &testval);
- res = mp_add_d(&testval, 32 * 1024, &testval);
- FPUTC(',', stderr);
- } while (1);
- end = clock();
-
- if (res != MP_YES) {
- break;
- }
- FPUTC('\n', stderr);
- puts("The following value is probably prime:");
- outlen = mp_radix_size(&testval, 10);
- out = calloc(outlen, sizeof(unsigned char));
- mp_toradix(&testval, (char *)out, 10);
- printf("10: %s\n", out);
- mp_toradix(&testval, (char *)out, 16);
- printf("16: %s\n\n", out);
- free(out);
-
- printf("Number of candidates tried: %lu\n", nTries);
- printf("This computation took %ld clock ticks (%.2f seconds)\n",
- (end - start), ((double)(end - start) / CLOCKS_PER_SEC));
-
- FPUTC('\n', stderr);
- } /* end of loop to generate all requested primes */
-
- if(res != MP_OKAY)
- fprintf(stderr, "%s: error: %s\n", argv[0], mp_strerror(res));
-
- free(raw);
- mp_clear(&testval);
-
- return 0;
-}
diff --git a/security/nss/lib/freebl/mpi/utils/prng.c b/security/nss/lib/freebl/mpi/utils/prng.c
deleted file mode 100644
index 9b8f7983a..000000000
--- a/security/nss/lib/freebl/mpi/utils/prng.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * prng.c
- *
- * Command-line pseudo-random number generator
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <limits.h>
-#include <time.h>
-
-#ifdef __OS2__
-#include <types.h>
-#include <process.h>
-#else
-#include <unistd.h>
-#endif
-
-#include "bbs_rand.h"
-
-int main(int argc, char *argv[])
-{
- unsigned char *seed;
- unsigned int ix, num = 1;
- pid_t pid;
-
- if(argc > 1) {
- num = atoi(argv[1]);
- if(num <= 0)
- num = 1;
- }
-
- pid = getpid();
- srand(time(NULL) * (unsigned int)pid);
-
- /* Not a perfect seed, but not bad */
- seed = malloc(bbs_seed_size);
- for(ix = 0; ix < bbs_seed_size; ix++) {
- seed[ix] = rand() % UCHAR_MAX;
- }
-
- bbs_srand(seed, bbs_seed_size);
- memset(seed, 0, bbs_seed_size);
- free(seed);
-
- while(num-- > 0) {
- ix = bbs_rand();
-
- printf("%u\n", ix);
- }
-
- return 0;
-
-}
diff --git a/security/nss/lib/freebl/mpi/utils/ptab.pl b/security/nss/lib/freebl/mpi/utils/ptab.pl
deleted file mode 100755
index f9c56b6c3..000000000
--- a/security/nss/lib/freebl/mpi/utils/ptab.pl
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/usr/linguist/bin/perl
-##
-## The contents of this file are subject to the Mozilla Public
-## License Version 1.1 (the "License"); you may not use this file
-## except in compliance with the License. You may obtain a copy of
-## the License at http://www.mozilla.org/MPL/
-##
-## Software distributed under the License is distributed on an "AS
-## IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-## implied. See the License for the specific language governing
-## rights and limitations under the License.
-##
-## The Original Code is the MPI Arbitrary Precision Integer Arithmetic
-## library.
-##
-## The Initial Developer of the Original Code is
-## Michael J. Fromberger <sting@linguist.dartmouth.edu>
-##
-## Portions created by Michael J. Fromberger are
-## Copyright (C) 1998, 2000 Michael J. Fromberger. All Rights Reserved.
-##
-## Contributor(s):
-##
-## Alternatively, the contents of this file may be used under the
-## terms of the GNU General Public License Version 2 or later (the
-## "GPL"), in which case the provisions of the GPL are applicable
-## instead of those above. If you wish to allow use of your
-## version of this file only under the terms of the GPL and not to
-## allow others to use your version of this file under the MPL,
-## indicate your decision by deleting the provisions above and
-## replace them with the notice and other provisions required by
-## the GPL. If you do not delete the provisions above, a recipient
-## may use your version of this file under either the MPL or the
-## GPL.
-##
-## $Id$
-##
-
-while(<>) {
- chomp;
- push(@primes, $_);
-}
-
-printf("mp_size prime_tab_size = %d;\n", ($#primes + 1));
-print "mp_digit prime_tab[] = {\n";
-
-print "\t";
-$last = pop(@primes);
-foreach $prime (sort {$a<=>$b} @primes) {
- printf("0x%04X, ", $prime);
- $brk = ($brk + 1) % 8;
- print "\n\t" if(!$brk);
-}
-printf("0x%04X", $last);
-print "\n" if($brk);
-print "};\n\n";
-
-exit 0;
diff --git a/security/nss/lib/freebl/mpi/utils/sieve.c b/security/nss/lib/freebl/mpi/utils/sieve.c
deleted file mode 100644
index 4dd20604c..000000000
--- a/security/nss/lib/freebl/mpi/utils/sieve.c
+++ /dev/null
@@ -1,265 +0,0 @@
-/*
- * sieve.c
- *
- * Finds prime numbers using the Sieve of Eratosthenes
- *
- * This implementation uses a bitmap to represent all odd integers in a
- * given range. We iterate over this bitmap, crossing off the
- * multiples of each prime we find. At the end, all the remaining set
- * bits correspond to prime integers.
- *
- * Here, we make two passes -- once we have generated a sieve-ful of
- * primes, we copy them out, reset the sieve using the highest
- * generated prime from the first pass as a base. Then we cross out
- * all the multiples of all the primes we found the first time through,
- * and re-sieve. In this way, we get double use of the memory we
- * allocated for the sieve the first time though. Since we also
- * implicitly ignore multiples of 2, this amounts to 4 times the
- * values.
- *
- * This could (and probably will) be generalized to re-use the sieve a
- * few more times.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the MPI Arbitrary Precision Integer Arithmetic
- * library.
- *
- * The Initial Developer of the Original Code is Michael J. Fromberger.
- * Portions created by Michael J. Fromberger are
- * Copyright (C) 1998, 1999, 2000 Michael J. Fromberger.
- * All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <limits.h>
-
-typedef unsigned char byte;
-
-typedef struct {
- int size;
- byte *bits;
- long base;
- int next;
- int nbits;
-} sieve;
-
-void sieve_init(sieve *sp, long base, int nbits);
-void sieve_grow(sieve *sp, int nbits);
-long sieve_next(sieve *sp);
-void sieve_reset(sieve *sp, long base);
-void sieve_cross(sieve *sp, long val);
-void sieve_clear(sieve *sp);
-
-#define S_ISSET(S, B) (((S)->bits[(B)/CHAR_BIT]>>((B)%CHAR_BIT))&1)
-#define S_SET(S, B) ((S)->bits[(B)/CHAR_BIT]|=(1<<((B)%CHAR_BIT)))
-#define S_CLR(S, B) ((S)->bits[(B)/CHAR_BIT]&=~(1<<((B)%CHAR_BIT)))
-#define S_VAL(S, B) ((S)->base+(2*(B)))
-#define S_BIT(S, V) (((V)-((S)->base))/2)
-
-int main(int argc, char *argv[])
-{
- sieve s;
- long pr, *p;
- int c, ix, cur = 0;
-
- if(argc < 2) {
- fprintf(stderr, "Usage: %s <width>\n", argv[0]);
- return 1;
- }
-
- c = atoi(argv[1]);
- if(c < 0) c = -c;
-
- fprintf(stderr, "%s: sieving to %d positions\n", argv[0], c);
-
- sieve_init(&s, 3, c);
-
- c = 0;
- while((pr = sieve_next(&s)) > 0) {
- ++c;
- }
-
- p = calloc(c, sizeof(long));
- if(!p) {
- fprintf(stderr, "%s: out of memory after first half\n", argv[0]);
- sieve_clear(&s);
- exit(1);
- }
-
- fprintf(stderr, "%s: half done ... \n", argv[0]);
-
- for(ix = 0; ix < s.nbits; ix++) {
- if(S_ISSET(&s, ix)) {
- p[cur] = S_VAL(&s, ix);
- printf("%ld\n", p[cur]);
- ++cur;
- }
- }
-
- sieve_reset(&s, p[cur - 1]);
- fprintf(stderr, "%s: crossing off %d found primes ... \n", argv[0], cur);
- for(ix = 0; ix < cur; ix++) {
- sieve_cross(&s, p[ix]);
- if(!(ix % 1000))
- fputc('.', stderr);
- }
- fputc('\n', stderr);
-
- free(p);
-
- fprintf(stderr, "%s: sieving again from %ld ... \n", argv[0], p[cur - 1]);
- c = 0;
- while((pr = sieve_next(&s)) > 0) {
- ++c;
- }
-
- fprintf(stderr, "%s: done!\n", argv[0]);
- for(ix = 0; ix < s.nbits; ix++) {
- if(S_ISSET(&s, ix)) {
- printf("%ld\n", S_VAL(&s, ix));
- }
- }
-
- sieve_clear(&s);
-
- return 0;
-}
-
-void sieve_init(sieve *sp, long base, int nbits)
-{
- sp->size = (nbits / CHAR_BIT);
-
- if(nbits % CHAR_BIT)
- ++sp->size;
-
- sp->bits = calloc(sp->size, sizeof(byte));
- memset(sp->bits, UCHAR_MAX, sp->size);
- if(!(base & 1))
- ++base;
- sp->base = base;
-
- sp->next = 0;
- sp->nbits = sp->size * CHAR_BIT;
-}
-
-void sieve_grow(sieve *sp, int nbits)
-{
- int ns = (nbits / CHAR_BIT);
-
- if(nbits % CHAR_BIT)
- ++ns;
-
- if(ns > sp->size) {
- byte *tmp;
- int ix;
-
- tmp = calloc(ns, sizeof(byte));
- if(tmp == NULL) {
- fprintf(stderr, "Error: out of memory in sieve_grow\n");
- return;
- }
-
- memcpy(tmp, sp->bits, sp->size);
- for(ix = sp->size; ix < ns; ix++) {
- tmp[ix] = UCHAR_MAX;
- }
-
- free(sp->bits);
- sp->bits = tmp;
- sp->size = ns;
-
- sp->nbits = sp->size * CHAR_BIT;
- }
-}
-
-long sieve_next(sieve *sp)
-{
- long out;
- int ix = 0;
- long val;
-
- if(sp->next > sp->nbits)
- return -1;
-
- out = S_VAL(sp, sp->next);
-#ifdef DEBUG
- fprintf(stderr, "Sieving %ld\n", out);
-#endif
-
- /* Sieve out all multiples of the current prime */
- val = out;
- while(ix < sp->nbits) {
- val += out;
- ix = S_BIT(sp, val);
- if((val & 1) && ix < sp->nbits) { /* && S_ISSET(sp, ix)) { */
- S_CLR(sp, ix);
-#ifdef DEBUG
- fprintf(stderr, "Crossing out %ld (bit %d)\n", val, ix);
-#endif
- }
- }
-
- /* Scan ahead to the next prime */
- ++sp->next;
- while(sp->next < sp->nbits && !S_ISSET(sp, sp->next))
- ++sp->next;
-
- return out;
-}
-
-void sieve_cross(sieve *sp, long val)
-{
- int ix = 0;
- long cur = val;
-
- while(cur < sp->base)
- cur += val;
-
- ix = S_BIT(sp, cur);
- while(ix < sp->nbits) {
- if(cur & 1)
- S_CLR(sp, ix);
- cur += val;
- ix = S_BIT(sp, cur);
- }
-}
-
-void sieve_reset(sieve *sp, long base)
-{
- memset(sp->bits, UCHAR_MAX, sp->size);
- sp->base = base;
- sp->next = 0;
-}
-
-void sieve_clear(sieve *sp)
-{
- if(sp->bits)
- free(sp->bits);
-
- sp->bits = NULL;
-}
diff --git a/security/nss/lib/freebl/mpi/vis_32.il b/security/nss/lib/freebl/mpi/vis_32.il
deleted file mode 100644
index 443b6a00e..000000000
--- a/security/nss/lib/freebl/mpi/vis_32.il
+++ /dev/null
@@ -1,1320 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is vis inline macros (32 bit). (vis_32.il 3.3)
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1995-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-! $Id$
-!
-! @(#)vis_32.il 3.3 00/03/02 SMI
-
-! The interface to the VIS instructions as declared below (and in the VIS
-! User's Manual) will not change, but the macro implementation might change
-! in the future.
-
-!--------------------------------------------------------------------
-! Pure edge handling instructions
-!
-! int vis_edge8(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8,8
- edge8 %o0,%o1,%o0
- .end
-!
-! int vis_edge8l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8l,8
- edge8l %o0,%o1,%o0
- .end
-!
-! int vis_edge16(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16,8
- edge16 %o0,%o1,%o0
- .end
-!
-! int vis_edge16l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16l,8
- edge16l %o0,%o1,%o0
- .end
-!
-! int vis_edge32(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32,8
- edge32 %o0,%o1,%o0
- .end
-!
-! int vis_edge32l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32l,8
- edge32l %o0,%o1,%o0
- .end
-
-!--------------------------------------------------------------------
-! Edge handling instructions with negative return values if cc set
-!
-! int vis_edge8cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8cc,8
- edge8 %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge8lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8lcc,8
- edge8l %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge16cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16cc,8
- edge16 %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge16lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16lcc,8
- edge16l %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge32cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32cc,8
- edge32 %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge32lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32lcc,8
- edge32l %o0,%o1,%o0
- mov 0,%o1
- movgu %icc,-1024,%o1
- or %o1,%o0,%o0
- .end
-
-!--------------------------------------------------------------------
-! Alignment instructions
-!
-! void *vis_alignaddr(void */*rs1*/, int /*rs2*/);
-!
- .inline vis_alignaddr,8
- alignaddr %o0,%o1,%o0
- .end
-!
-! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/);
-!
- .inline vis_alignaddrl,8
- alignaddrl %o0,%o1,%o0
- .end
-!
-! double vis_faligndata(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_faligndata,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- faligndata %f4,%f10,%f0
- .end
-
-!--------------------------------------------------------------------
-! Partitioned comparison instructions
-!
-! int vis_fcmple16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmple16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmple16 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpne16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpne16 %f4,%f10,%o0
- .end
-!
-! int vis_fcmple32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmple32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmple32 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpne32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpne32 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpgt16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpgt16 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpeq16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpeq16 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpgt32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpgt32 %f4,%f10,%o0
- .end
-!
-! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpeq32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fcmpeq32 %f4,%f10,%o0
- .end
-
-!--------------------------------------------------------------------
-! Partitioned arithmetic
-!
-! double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8x16,12
- st %o0,[%sp+0x44]
- ld [%sp+0x44],%f4
- st %o1,[%sp+0x48]
- st %o2,[%sp+0x4c]
- ldd [%sp+0x48],%f10
- fmul8x16 %f4,%f10,%f0
- .end
-!
-! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
-!
- .inline vis_fmul8x16_dummy,16
- st %o0,[%sp+0x44]
- ld [%sp+0x44],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fmul8x16 %f4,%f10,%f0
- .end
-!
-! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmul8x16au,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fmul8x16au %f4,%f10,%f0
- .end
-!
-! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmul8x16al,8
- st %o0,[%sp+0x44]
- ld [%sp+0x44],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fmul8x16al %f4,%f10,%f0
- .end
-!
-! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8sux16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fmul8sux16 %f4,%f10,%f0
- .end
-!
-! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8ulx16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fmul8ulx16 %f4,%f10,%f0
- .end
-!
-! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmuld8sux16,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fmuld8sux16 %f4,%f10,%f0
- .end
-!
-! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmuld8ulx16,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fmuld8ulx16 %f4,%f10,%f0
- .end
-!
-! double vis_fpadd16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpadd16,16
- std %o0,[%sp+0x40]
- ldd [%sp+0x40],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpadd16 %f4,%f10,%f0
- .end
-!
-! float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpadd16s,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpadd16s %f4,%f10,%f0
- .end
-!
-! double vis_fpadd32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpadd32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpadd32 %f4,%f10,%f0
- .end
-!
-! float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpadd32s,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpadd32s %f4,%f10,%f0
- .end
-!
-! double vis_fpsub16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpsub16,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpsub16 %f4,%f10,%f0
- .end
-!
-! float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpsub16s,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpsub16s %f4,%f10,%f0
- .end
-!
-! double vis_fpsub32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpsub32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpsub32 %f4,%f10,%f0
- .end
-!
-! float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpsub32s,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpsub32s %f4,%f10,%f0
- .end
-
-!--------------------------------------------------------------------
-! Pixel packing
-!
-! float vis_fpack16(double /*frs2*/);
-!
- .inline vis_fpack16,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fpack16 %f4,%f0
- .end
-
-!
-! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
-!
- .inline vis_fpack16_pair,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpack16 %f4,%f0
- fpack16 %f10,%f1
- .end
-!
-! void vis_st2_fpack16(double, double, double *)
-!
- .inline vis_st2_fpack16,20
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpack16 %f4,%f0
- fpack16 %f10,%f1
- st %f0,[%o4+0]
- st %f1,[%o4+4]
- .end
-!
-! void vis_std_fpack16(double, double, double *)
-!
- .inline vis_std_fpack16,20
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpack16 %f4,%f0
- fpack16 %f10,%f1
- std %f0,[%o4]
- .end
-!
-! void vis_st2_fpackfix(double, double, double *)
-!
- .inline vis_st2_fpackfix,20
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpackfix %f4,%f0
- fpackfix %f10,%f1
- st %f0,[%o4+0]
- st %f1,[%o4+4]
- .end
-!
-! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack16_to_hi,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f0
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fpack16 %f4,%f0
- .end
-
-! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack16_to_lo,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f0
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fpack16 %f4,%f3
- fmovs %f3,%f1 /* without this, optimizer goes wrong */
- .end
-
-!
-! double vis_fpack32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack32,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fpack32 %f4,%f10,%f0
- .end
-!
-! float vis_fpackfix(double /*frs2*/);
-!
- .inline vis_fpackfix,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fpackfix %f4,%f0
- .end
-!
-! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
-!
- .inline vis_fpackfix_pair,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f6
- fpackfix %f4,%f0
- fpackfix %f6,%f1
- .end
-
-!--------------------------------------------------------------------
-! Motion estimation
-!
-! double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/);
-!
- .inline vis_pdist,24
- std %o4,[%sp+0x48]
- ldd [%sp+0x48],%f0
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- pdist %f4,%f10,%f0
- .end
-
-!--------------------------------------------------------------------
-! Channel merging
-!
-! double vis_fpmerge(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpmerge,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fpmerge %f4,%f10,%f0
- .end
-
-!--------------------------------------------------------------------
-! Pixel expansion
-!
-! double vis_fexpand(float /*frs2*/);
-!
- .inline vis_fexpand,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- fexpand %f4,%f0
- .end
-
-! double vis_fexpand_hi(double /*frs2*/);
-!
- .inline vis_fexpand_hi,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fexpand %f4,%f0
- .end
-
-! double vis_fexpand_lo(double /*frs2*/);
-!
- .inline vis_fexpand_lo,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fmovs %f5, %f2
- fexpand %f2,%f0
- .end
-
-!--------------------------------------------------------------------
-! Bitwise logical operations
-!
-! double vis_fnor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fnor,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fnor %f4,%f10,%f0
- .end
-!
-! float vis_fnors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fnors,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fnors %f4,%f10,%f0
- .end
-!
-! double vis_fandnot(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fandnot,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fandnot1 %f4,%f10,%f0
- .end
-!
-! float vis_fandnots(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fandnots,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fandnot1s %f4,%f10,%f0
- .end
-!
-! double vis_fnot(double /*frs1*/);
-!
- .inline vis_fnot,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fnot1 %f4,%f0
- .end
-!
-! float vis_fnots(float /*frs1*/);
-!
- .inline vis_fnots,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- fnot1s %f4,%f0
- .end
-!
-! double vis_fxor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fxor,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fxor %f4,%f10,%f0
- .end
-!
-! float vis_fxors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fxors,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fxors %f4,%f10,%f0
- .end
-!
-! double vis_fnand(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fnand,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fnand %f4,%f10,%f0
- .end
-!
-! float vis_fnands(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fnands,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fnands %f4,%f10,%f0
- .end
-!
-! double vis_fand(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fand,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fand %f4,%f10,%f0
- .end
-!
-! float vis_fands(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fands,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fands %f4,%f10,%f0
- .end
-!
-! double vis_fxnor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fxnor,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fxnor %f4,%f10,%f0
- .end
-!
-! float vis_fxnors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fxnors,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fxnors %f4,%f10,%f0
- .end
-!
-! double vis_fsrc(double /*frs1*/);
-!
- .inline vis_fsrc,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- fsrc1 %f4,%f0
- .end
-!
-! float vis_fsrcs(float /*frs1*/);
-!
- .inline vis_fsrcs,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- fsrc1s %f4,%f0
- .end
-!
-! double vis_fornot(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fornot,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- fornot1 %f4,%f10,%f0
- .end
-!
-! float vis_fornots(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fornots,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fornot1s %f4,%f10,%f0
- .end
-!
-! double vis_for(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_for,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- std %o2,[%sp+0x48]
- ldd [%sp+0x48],%f10
- for %f4,%f10,%f0
- .end
-!
-! float vis_fors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fors,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- st %o1,[%sp+0x48]
- ld [%sp+0x48],%f10
- fors %f4,%f10,%f0
- .end
-!
-! double vis_fzero(/* void */)
-!
- .inline vis_fzero,0
- fzero %f0
- .end
-!
-! float vis_fzeros(/* void */)
-!
- .inline vis_fzeros,0
- fzeros %f0
- .end
-!
-! double vis_fone(/* void */)
-!
- .inline vis_fone,0
- fone %f0
- .end
-!
-! float vis_fones(/* void */)
-!
- .inline vis_fones,0
- fones %f0
- .end
-
-!--------------------------------------------------------------------
-! Partial store instructions
-!
-! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8P,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P
- .end
-!
-! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8PL,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc8 ! ASI_PST8_PL
- .end
-!
-! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask);
-!
- .inline vis_stdfa_ASI_PST8P_int_pair,16
- ld [%o0],%f4
- ld [%o1],%f5
- stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P
- .end
-!
-! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8S,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc1 ! ASI_PST8_S
- .end
-!
-! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST16P,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc2 ! ASI_PST16_P
- .end
-!
-! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST16S,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc3 ! ASI_PST16_S
- .end
-!
-! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST32P,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc4 ! ASI_PST32_P
- .end
-!
-! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST32S,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]%o3,0xc5 ! ASI_PST32_S
- .end
-
-!--------------------------------------------------------------------
-! Short store instructions
-!
-! vis_stdfa_ASI_FL8P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8P,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd0 ! ASI_FL8_P
- .end
-!
-! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index)
-!
- .inline vis_stdfa_ASI_FL8P_index,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2+%o3]0xd0 ! ASI_FL8_P
- .end
-!
-! vis_stdfa_ASI_FL8S(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8S,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd1 ! ASI_FL8_S
- .end
-!
-! vis_stdfa_ASI_FL16P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16P,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd2 ! ASI_FL16_P
- .end
-!
-! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index)
-!
- .inline vis_stdfa_ASI_FL16P_index,16
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2+%o3]0xd2 ! ASI_FL16_P
- .end
-!
-! vis_stdfa_ASI_FL16S(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16S,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd3 ! ASI_FL16_S
- .end
-!
-! vis_stdfa_ASI_FL8PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8PL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd8 ! ASI_FL8_PL
- .end
-!
-! vis_stdfa_ASI_FL8SL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8SL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xd9 ! ASI_FL8_SL
- .end
-!
-! vis_stdfa_ASI_FL16PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16PL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xda ! ASI_FL16_PL
- .end
-!
-! vis_stdfa_ASI_FL16SL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16SL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0xdb ! ASI_FL16_SL
- .end
-
-!--------------------------------------------------------------------
-! Short load instructions
-!
-! double vis_lddfa_ASI_FL8P(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8P,4
- ldda [%o0]0xd0,%f4 ! ASI_FL8_P
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_FL8P_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL8P_index,8
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index)
-!
- .inline vis_lddfa_ASI_FL8P_hi,8
- sra %o1,16,%o1
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index)
-!
- .inline vis_lddfa_ASI_FL8P_lo,8
- sll %o1,16,%o1
- sra %o1,16,%o1
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8S(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8S,4
- ldda [%o0]0xd1,%f4 ! ASI_FL8_S
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16P(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16P,4
- ldda [%o0]0xd2,%f4 ! ASI_FL16_P
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16P_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL16P_index,8
- ldda [%o0+%o1]0xd2,%f4 ! ASI_FL16_P
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16S(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16S,4
- ldda [%o0]0xd3,%f4 ! ASI_FL16_S
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8PL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8PL,4
- ldda [%o0]0xd8,%f4 ! ASI_FL8_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL8PL_index,8
- ldda [%o0+%o1]0xd8,%f4 ! ASI_FL8_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8SL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8SL,4
- ldda [%o0]0xd9,%f4 ! ASI_FL8_SL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16PL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16PL,4
- ldda [%o0]0xda,%f4 ! ASI_FL16_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL16PL_index,8
- ldda [%o0+%o1]0xda,%f4 ! ASI_FL16_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16SL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16SL,4
- ldda [%o0]0xdb,%f4 ! ASI_FL16_SL
- fmovd %f4,%f0
- .end
-
-!--------------------------------------------------------------------
-! Graphics status register
-!
-! unsigned int vis_read_gsr(void)
-!
- .inline vis_read_gsr,0
- rd %gsr,%o0
- .end
-!
-! void vis_write_gsr(unsigned int /* GSR */)
-!
- .inline vis_write_gsr,4
- wr %g0,%o0,%gsr
- .end
-
-!--------------------------------------------------------------------
-! Voxel texture mapping
-!
-! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/)
-!
- .inline vis_array8,12
- sllx %o0,32,%o0
- srl %o1,0,%o1 ! clear the most significant 32 bits of %o1
- or %o0,%o1,%o3 ! join %o0 and %o1 into %o3
- array8 %o3,%o2,%o0
- .end
-!
-! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/)
-!
- .inline vis_array16,12
- sllx %o0,32,%o0
- srl %o1,0,%o1 ! clear the most significant 32 bits of %o1
- or %o0,%o1,%o3 ! join %o0 and %o1 into %o3
- array16 %o3,%o2,%o0
- .end
-!
-! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/)
-!
- .inline vis_array32,12
- sllx %o0,32,%o0
- srl %o1,0,%o1 ! clear the most significant 32 bits of %o1
- or %o0,%o1,%o3 ! join %o0 and %o1 into %o3
- array32 %o3,%o2,%o0
- .end
-
-!--------------------------------------------------------------------
-! Register aliasing and type casts
-!
-! float vis_read_hi(double /* frs1 */);
-!
- .inline vis_read_hi,8
- std %o0,[%sp+0x48] ! store double frs1
- ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1; return %f0;
- .end
-!
-! float vis_read_lo(double /* frs1 */);
-!
- .inline vis_read_lo,8
- std %o0,[%sp+0x48] ! store double frs1
- ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1;
- fmovs %f1,%f0 ! %f0 = low word (frs1); return %f0;
- .end
-!
-! double vis_write_hi(double /* frs1 */, float /* frs2 */);
-!
- .inline vis_write_hi,12
- std %o0,[%sp+0x48] ! store double frs1;
- ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1;
- st %o2,[%sp+0x44] ! store float frs2;
- ld [%sp+0x44],%f2 ! %f2 = float frs2;
- fmovs %f2,%f0 ! %f0 = float frs2; return %f0:f1;
- .end
-!
-! double vis_write_lo(double /* frs1 */, float /* frs2 */);
-!
- .inline vis_write_lo,12
- std %o0,[%sp+0x48] ! store double frs1;
- ldd [%sp+0x48],%f0 ! %f0:%f1 = double frs1;
- st %o2,[%sp+0x44] ! store float frs2;
- ld [%sp+0x44],%f2 ! %f2 = float frs2;
- fmovs %f2,%f1 ! %f1 = float frs2; return %f0:f1;
- .end
-!
-! double vis_freg_pair(float /* frs1 */, float /* frs2 */);
-!
- .inline vis_freg_pair,8
- st %o0,[%sp+0x48] ! store float frs1
- ld [%sp+0x48],%f0
- st %o1,[%sp+0x48] ! store float frs2
- ld [%sp+0x48],%f1
- .end
-!
-! float vis_to_float(unsigned int /*value*/);
-!
- .inline vis_to_float,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f0
- .end
-!
-! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
-!
- .inline vis_to_double,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f0
- .end
-!
-! double vis_to_double_dup(unsigned int /*value*/);
-!
- .inline vis_to_double_dup,4
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f1
- fmovs %f1,%f0 ! duplicate value
- .end
-!
-! double vis_ll_to_double(unsigned long long /*value*/);
-!
- .inline vis_ll_to_double,8
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f0
- .end
-
-!--------------------------------------------------------------------
-! Address space identifier (ASI) register
-!
-! unsigned int vis_read_asi(void)
-!
- .inline vis_read_asi,0
- rd %asi,%o0
- .end
-!
-! void vis_write_asi(unsigned int /* ASI */)
-!
- .inline vis_write_asi,4
- wr %g0,%o0,%asi
- .end
-
-!--------------------------------------------------------------------
-! Load/store from/into alternate space
-!
-! float vis_ldfa_ASI_REG(void *rs1)
-!
- .inline vis_ldfa_ASI_REG,4
- lda [%o0+0]%asi,%f4
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! float vis_ldfa_ASI_P(void *rs1)
-!
- .inline vis_ldfa_ASI_P,4
- lda [%o0]0x80,%f4 ! ASI_P
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! float vis_ldfa_ASI_PL(void *rs1)
-!
- .inline vis_ldfa_ASI_PL,4
- lda [%o0]0x88,%f4 ! ASI_PL
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_REG(void *rs1)
-!
- .inline vis_lddfa_ASI_REG,4
- ldda [%o0+0]%asi,%f4
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_P(void *rs1)
-!
- .inline vis_lddfa_ASI_P,4
- ldda [%o0]0x80,%f4 ! ASI_P
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_PL(void *rs1)
-!
- .inline vis_lddfa_ASI_PL,4
- ldda [%o0]0x88,%f4 ! ASI_PL
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! vis_stfa_ASI_REG(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_REG,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- sta %f4,[%o1+0]%asi
- .end
-!
-! vis_stfa_ASI_P(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_P,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- sta %f4,[%o1]0x80 ! ASI_P
- .end
-!
-! vis_stfa_ASI_PL(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_PL,8
- st %o0,[%sp+0x48]
- ld [%sp+0x48],%f4
- sta %f4,[%o1]0x88 ! ASI_PL
- .end
-!
-! vis_stdfa_ASI_REG(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_REG,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2+0]%asi
- .end
-!
-! vis_stdfa_ASI_P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_P,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0x80 ! ASI_P
- .end
-!
-! vis_stdfa_ASI_PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_PL,12
- std %o0,[%sp+0x48]
- ldd [%sp+0x48],%f4
- stda %f4,[%o2]0x88 ! ASI_PL
- .end
-!
-! unsigned short vis_lduha_ASI_REG(void *rs1)
-!
- .inline vis_lduha_ASI_REG,4
- lduha [%o0+0]%asi,%o0
- .end
-!
-! unsigned short vis_lduha_ASI_P(void *rs1)
-!
- .inline vis_lduha_ASI_P,4
- lduha [%o0]0x80,%o0 ! ASI_P
- .end
-!
-! unsigned short vis_lduha_ASI_PL(void *rs1)
-!
- .inline vis_lduha_ASI_PL,4
- lduha [%o0]0x88,%o0 ! ASI_PL
- .end
-!
-! unsigned short vis_lduha_ASI_P_index(void *rs1, long index)
-!
- .inline vis_lduha_ASI_P_index,8
- lduha [%o0+%o1]0x80,%o0 ! ASI_P
- .end
-!
-! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index)
-!
- .inline vis_lduha_ASI_PL_index,8
- lduha [%o0+%o1]0x88,%o0 ! ASI_PL
- .end
-
-!--------------------------------------------------------------------
-! Prefetch
-!
-! void vis_prefetch_read(void * /*address*/);
-!
- .inline vis_prefetch_read,4
- prefetch [%o0+0],0
- .end
-!
-! void vis_prefetch_write(void * /*address*/);
-!
- .inline vis_prefetch_write,4
- prefetch [%o0+0],2
- .end
diff --git a/security/nss/lib/freebl/mpi/vis_64.il b/security/nss/lib/freebl/mpi/vis_64.il
deleted file mode 100644
index 7a57e9b79..000000000
--- a/security/nss/lib/freebl/mpi/vis_64.il
+++ /dev/null
@@ -1,1026 +0,0 @@
-!
-! The contents of this file are subject to the Mozilla Public
-! License Version 1.1 (the "License"); you may not use this file
-! except in compliance with the License. You may obtain a copy of
-! the License at http://www.mozilla.org/MPL/
-!
-! Software distributed under the License is distributed on an "AS
-! IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-! implied. See the License for the specific language governing
-! rights and limitations under the License.
-!
-! The Original Code is vis inline macros (64 bit). (vis_64.il 3.4)
-!
-! The Initial Developer of the Original Code is Sun Microsystems Inc.
-! Portions created by Sun Microsystems Inc. are
-! Copyright (C) 1998-2000 Sun Microsystems Inc. All Rights Reserved.
-!
-! Contributor(s):
-!
-! Alternatively, the contents of this file may be used under the
-! terms of the GNU General Public License Version 2 or later (the
-! "GPL"), in which case the provisions of the GPL are applicable
-! instead of those above. If you wish to allow use of your
-! version of this file only under the terms of the GPL and not to
-! allow others to use your version of this file under the MPL,
-! indicate your decision by deleting the provisions above and
-! replace them with the notice and other provisions required by
-! the GPL. If you do not delete the provisions above, a recipient
-! may use your version of this file under either the MPL or the
-! GPL.
-! $Id$
-!
-! @(#)vis_64.il 3.4 00/03/02 SMI
-
-! This file is to be used in place of vis.il in 64-bit builds.
-
-!--------------------------------------------------------------------
-! Pure edge handling instructions
-!
-! int vis_edge8(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8,16
- edge8 %o0,%o1,%o0
- .end
-!
-! int vis_edge8l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8l,16
- edge8l %o0,%o1,%o0
- .end
-!
-! int vis_edge16(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16,16
- edge16 %o0,%o1,%o0
- .end
-!
-! int vis_edge16l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16l,16
- edge16l %o0,%o1,%o0
- .end
-!
-! int vis_edge32(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32,16
- edge32 %o0,%o1,%o0
- .end
-!
-! int vis_edge32l(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32l,16
- edge32l %o0,%o1,%o0
- .end
-
-!--------------------------------------------------------------------
-! Edge handling instructions with negative return values if cc set
-!
-! int vis_edge8cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8cc,16
- edge8 %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge8lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge8lcc,16
- edge8l %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge16cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16cc,16
- edge16 %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge16lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge16lcc,16
- edge16l %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge32cc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32cc,16
- edge32 %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-!
-! int vis_edge32lcc(void */*frs1*/, void */*frs2*/);
-!
- .inline vis_edge32lcc,16
- edge32l %o0,%o1,%o0
- mov 0,%o1
- movgu %xcc,-1024,%o1
- or %o1,%o0,%o0
- .end
-
-!--------------------------------------------------------------------
-! Alignment instructions
-!
-! void *vis_alignaddr(void */*rs1*/, int /*rs2*/);
-!
- .inline vis_alignaddr,12
- alignaddr %o0,%o1,%o0
- .end
-!
-! void *vis_alignaddrl(void */*rs1*/, int /*rs2*/);
-!
- .inline vis_alignaddrl,12
- alignaddrl %o0,%o1,%o0
- .end
-!
-! double vis_faligndata(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_faligndata,16
- faligndata %f0,%f2,%f0
- .end
-
-!--------------------------------------------------------------------
-! Partitioned comparison instructions
-!
-! int vis_fcmple16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmple16,16
- fcmple16 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpne16,16
- fcmpne16 %f0,%f2,%o0
- .end
-!
-! int vis_fcmple32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmple32,16
- fcmple32 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpne32,16
- fcmpne32 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpgt16,16
- fcmpgt16 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpeq16,16
- fcmpeq16 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpgt32,16
- fcmpgt32 %f0,%f2,%o0
- .end
-!
-! int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fcmpeq32,16
- fcmpeq32 %f0,%f2,%o0
- .end
-
-!--------------------------------------------------------------------
-! Partitioned arithmetic
-!
-! double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8x16,12
- fmul8x16 %f1,%f2,%f0
- .end
-!
-! double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
-!
- .inline vis_fmul8x16_dummy,16
- fmul8x16 %f1,%f4,%f0
- .end
-!
-! double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmul8x16au,8
- fmul8x16au %f1,%f3,%f0
- .end
-!
-! double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmul8x16al,8
- fmul8x16al %f1,%f3,%f0
- .end
-!
-! double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8sux16,16
- fmul8sux16 %f0,%f2,%f0
- .end
-!
-! double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fmul8ulx16,16
- fmul8ulx16 %f0,%f2,%f0
- .end
-!
-! double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmuld8sux16,8
- fmuld8sux16 %f1,%f3,%f0
- .end
-!
-! double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fmuld8ulx16,8
- fmuld8ulx16 %f1,%f3,%f0
- .end
-!
-! double vis_fpadd16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpadd16,16
- fpadd16 %f0,%f2,%f0
- .end
-!
-! float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpadd16s,8
- fpadd16s %f1,%f3,%f0
- .end
-!
-! double vis_fpadd32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpadd32,16
- fpadd32 %f0,%f2,%f0
- .end
-!
-! float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpadd32s,8
- fpadd32s %f1,%f3,%f0
- .end
-!
-! double vis_fpsub16(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpsub16,16
- fpsub16 %f0,%f2,%f0
- .end
-!
-! float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpsub16s,8
- fpsub16s %f1,%f3,%f0
- .end
-!
-! double vis_fpsub32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpsub32,16
- fpsub32 %f0,%f2,%f0
- .end
-!
-! float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpsub32s,8
- fpsub32s %f1,%f3,%f0
- .end
-
-!--------------------------------------------------------------------
-! Pixel packing
-!
-! float vis_fpack16(double /*frs2*/);
-!
- .inline vis_fpack16,8
- fpack16 %f0,%f0
- .end
-!
-! double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
-!
- .inline vis_fpack16_pair,16
- fpack16 %f0,%f0
- fpack16 %f2,%f1
- .end
-!
-! void vis_st2_fpack16(double, double, double *)
-!
- .inline vis_st2_fpack16,24
- fpack16 %f0,%f0
- fpack16 %f2,%f1
- st %f0,[%o2+0]
- st %f1,[%o2+4]
- .end
-!
-! void vis_std_fpack16(double, double, double *)
-!
- .inline vis_std_fpack16,24
- fpack16 %f0,%f0
- fpack16 %f2,%f1
- std %f0,[%o2]
- .end
-!
-! void vis_st2_fpackfix(double, double, double *)
-!
- .inline vis_st2_fpackfix,24
- fpackfix %f0,%f0
- fpackfix %f2,%f1
- st %f0,[%o2+0]
- st %f1,[%o2+4]
- .end
-!
-! double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack16_to_hi,16
- fpack16 %f2,%f0
- .end
-
-! double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack16_to_lo,16
- fpack16 %f2,%f3
- fmovs %f3,%f1 /* without this, optimizer goes wrong */
- .end
-
-!
-! double vis_fpack32(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fpack32,16
- fpack32 %f0,%f2,%f0
- .end
-!
-! float vis_fpackfix(double /*frs2*/);
-!
- .inline vis_fpackfix,8
- fpackfix %f0,%f0
- .end
-!
-! double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
-!
- .inline vis_fpackfix_pair,16
- fpackfix %f0,%f0
- fpackfix %f2,%f1
- .end
-
-!--------------------------------------------------------------------
-! Motion estimation
-!
-! double vis_pxldist64(double accum /*frd*/, double pxls1 /*frs1*/,
-! double pxls2 /*frs2*/);
-!
- .inline vis_pxldist64,24
- pdist %f2,%f4,%f0
- .end
-
-!--------------------------------------------------------------------
-! Channel merging
-!
-! double vis_fpmerge(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fpmerge,8
- fpmerge %f1,%f3,%f0
- .end
-
-!--------------------------------------------------------------------
-! Pixel expansion
-!
-! double vis_fexpand(float /*frs2*/);
-!
- .inline vis_fexpand,4
- fexpand %f1,%f0
- .end
-
-! double vis_fexpand_hi(double /*frs2*/);
-!
- .inline vis_fexpand_hi,8
- fexpand %f0,%f0
- .end
-
-! double vis_fexpand_lo(double /*frs2*/);
-!
- .inline vis_fexpand_lo,8
- fexpand %f1,%f0
- .end
-
-!--------------------------------------------------------------------
-! Bitwise logical operations
-!
-! double vis_fnor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fnor,16
- fnor %f0,%f2,%f0
- .end
-!
-! float vis_fnors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fnors,8
- fnors %f1,%f3,%f0
- .end
-!
-! double vis_fandnot(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fandnot,16
- fandnot1 %f0,%f2,%f0
- .end
-!
-! float vis_fandnots(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fandnots,8
- fandnot1s %f1,%f3,%f0
- .end
-!
-! double vis_fnot(double /*frs1*/);
-!
- .inline vis_fnot,8
- fnot1 %f0,%f0
- .end
-!
-! float vis_fnots(float /*frs1*/);
-!
- .inline vis_fnots,4
- fnot1s %f1,%f0
- .end
-!
-! double vis_fxor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fxor,16
- fxor %f0,%f2,%f0
- .end
-!
-! float vis_fxors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fxors,8
- fxors %f1,%f3,%f0
- .end
-!
-! double vis_fnand(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fnand,16
- fnand %f0,%f2,%f0
- .end
-!
-! float vis_fnands(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fnands,8
- fnands %f1,%f3,%f0
- .end
-!
-! double vis_fand(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fand,16
- fand %f0,%f2,%f0
- .end
-!
-! float vis_fands(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fands,8
- fands %f1,%f3,%f0
- .end
-!
-! double vis_fxnor(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fxnor,16
- fxnor %f0,%f2,%f0
- .end
-!
-! float vis_fxnors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fxnors,8
- fxnors %f1,%f3,%f0
- .end
-!
-! double vis_fsrc(double /*frs1*/);
-!
- .inline vis_fsrc,8
- fsrc1 %f0,%f0
- .end
-!
-! float vis_fsrcs(float /*frs1*/);
-!
- .inline vis_fsrcs,4
- fsrc1s %f1,%f0
- .end
-!
-! double vis_fornot(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_fornot,16
- fornot1 %f0,%f2,%f0
- .end
-!
-! float vis_fornots(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fornots,8
- fornot1s %f1,%f3,%f0
- .end
-!
-! double vis_for(double /*frs1*/, double /*frs2*/);
-!
- .inline vis_for,16
- for %f0,%f2,%f0
- .end
-!
-! float vis_fors(float /*frs1*/, float /*frs2*/);
-!
- .inline vis_fors,8
- fors %f1,%f3,%f0
- .end
-!
-! double vis_fzero(/* void */)
-!
- .inline vis_fzero,0
- fzero %f0
- .end
-!
-! float vis_fzeros(/* void */)
-!
- .inline vis_fzeros,0
- fzeros %f0
- .end
-!
-! double vis_fone(/* void */)
-!
- .inline vis_fone,0
- fone %f0
- .end
-!
-! float vis_fones(/* void */)
-!
- .inline vis_fones,0
- fones %f0
- .end
-
-!--------------------------------------------------------------------
-! Partial store instructions
-!
-! vis_stdfa_ASI_PST8P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8P,20
- stda %f0,[%o1]%o2,0xc0 ! ASI_PST8_P
- .end
-!
-! vis_stdfa_ASI_PST8PL(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8PL,20
- stda %f0,[%o1]%o2,0xc8 ! ASI_PST8_PL
- .end
-!
-! vis_stdfa_ASI_PST8P_int_pair(void *rs1, void *rs2, void *rs3, int rmask);
-!
- .inline vis_stdfa_ASI_PST8P_int_pair,28
- ld [%o0],%f4
- ld [%o1],%f5
- stda %f4,[%o2]%o3,0xc0 ! ASI_PST8_P
- .end
-!
-! vis_stdfa_ASI_PST8S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST8S,20
- stda %f0,[%o1]%o2,0xc1 ! ASI_PST8_S
- .end
-!
-! vis_stdfa_ASI_PST16P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST16P,20
- stda %f0,[%o1]%o2,0xc2 ! ASI_PST16_P
- .end
-!
-! vis_stdfa_ASI_PST16S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST16S,20
- stda %f0,[%o1]%o2,0xc3 ! ASI_PST16_S
- .end
-!
-! vis_stdfa_ASI_PST32P(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST32P,20
- stda %f0,[%o1]%o2,0xc4 ! ASI_PST32_P
- .end
-!
-! vis_stdfa_ASI_PST32S(double frd, void *rs1, int rmask)
-!
- .inline vis_stdfa_ASI_PST32S,20
- stda %f0,[%o1]%o2,0xc5 ! ASI_PST32_S
- .end
-
-!--------------------------------------------------------------------
-! Short store instructions
-!
-! vis_stdfa_ASI_FL8P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8P,16
- stda %f0,[%o1]0xd0 ! ASI_FL8_P
- .end
-!
-! vis_stdfa_ASI_FL8P_index(double frd, void *rs1, long index)
-!
- .inline vis_stdfa_ASI_FL8P_index,24
- stda %f0,[%o1+%o2]0xd0 ! ASI_FL8_P
- .end
-!
-! vis_stdfa_ASI_FL8S(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8S,16
- stda %f0,[%o1]0xd1 ! ASI_FL8_S
- .end
-!
-! vis_stdfa_ASI_FL16P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16P,16
- stda %f0,[%o1]0xd2 ! ASI_FL16_P
- .end
-!
-! vis_stdfa_ASI_FL16P_index(double frd, void *rs1, long index)
-!
- .inline vis_stdfa_ASI_FL16P_index,24
- stda %f0,[%o1+%o2]0xd2 ! ASI_FL16_P
- .end
-!
-! vis_stdfa_ASI_FL16S(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16S,16
- stda %f0,[%o1]0xd3 ! ASI_FL16_S
- .end
-!
-! vis_stdfa_ASI_FL8PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8PL,16
- stda %f0,[%o1]0xd8 ! ASI_FL8_PL
- .end
-!
-! vis_stdfa_ASI_FL8SL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL8SL,16
- stda %f0,[%o1]0xd9 ! ASI_FL8_SL
- .end
-!
-! vis_stdfa_ASI_FL16PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16PL,16
- stda %f0,[%o1]0xda ! ASI_FL16_PL
- .end
-!
-! vis_stdfa_ASI_FL16SL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_FL16SL,16
- stda %f0,[%o1]0xdb ! ASI_FL16_SL
- .end
-
-!--------------------------------------------------------------------
-! Short load instructions
-!
-! double vis_lddfa_ASI_FL8P(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8P,8
- ldda [%o0]0xd0,%f4 ! ASI_FL8_P
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_FL8P_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL8P_index,16
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8P_hi(void *rs1, unsigned int index)
-!
- .inline vis_lddfa_ASI_FL8P_hi,12
- sra %o1,16,%o1
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8P_lo(void *rs1, unsigned int index)
-!
- .inline vis_lddfa_ASI_FL8P_lo,12
- sll %o1,16,%o1
- sra %o1,16,%o1
- ldda [%o0+%o1]0xd0,%f4
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8S(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8S,8
- ldda [%o0]0xd1,%f4 ! ASI_FL8_S
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16P(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16P,8
- ldda [%o0]0xd2,%f4 ! ASI_FL16_P
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16P_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL16P_index,16
- ldda [%o0+%o1]0xd2,%f4 ! ASI_FL16_P
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16S(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16S,8
- ldda [%o0]0xd3,%f4 ! ASI_FL16_S
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8PL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8PL,8
- ldda [%o0]0xd8,%f4 ! ASI_FL8_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8PL_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL8PL_index,16
- ldda [%o0+%o1]0xd8,%f4 ! ASI_FL8_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL8SL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL8SL,8
- ldda [%o0]0xd9,%f4 ! ASI_FL8_SL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16PL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16PL,8
- ldda [%o0]0xda,%f4 ! ASI_FL16_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16PL_index(void *rs1, long index)
-!
- .inline vis_lddfa_ASI_FL16PL_index,16
- ldda [%o0+%o1]0xda,%f4 ! ASI_FL16_PL
- fmovd %f4,%f0
- .end
-!
-! double vis_lddfa_ASI_FL16SL(void *rs1)
-!
- .inline vis_lddfa_ASI_FL16SL,8
- ldda [%o0]0xdb,%f4 ! ASI_FL16_SL
- fmovd %f4,%f0
- .end
-
-!--------------------------------------------------------------------
-! Graphics status register
-!
-! unsigned int vis_read_gsr(void)
-!
- .inline vis_read_gsr,0
- rd %gsr,%o0
- .end
-!
-! void vis_write_gsr(unsigned int /* GSR */)
-!
- .inline vis_write_gsr,4
- wr %g0,%o0,%gsr
- .end
-
-!--------------------------------------------------------------------
-! Voxel texture mapping
-!
-! unsigned long vis_array8(unsigned long long /*rs1 */, int /*rs2*/)
-!
- .inline vis_array8,12
- array8 %o0,%o1,%o0
- .end
-!
-! unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/)
-!
- .inline vis_array16,12
- array16 %o0,%o1,%o0
- .end
-!
-! unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/)
-!
- .inline vis_array32,12
- array32 %o0,%o1,%o0
- .end
-
-!--------------------------------------------------------------------
-! Register aliasing and type casts
-!
-! float vis_read_hi(double /* frs1 */);
-!
- .inline vis_read_hi,8
- fmovs %f0,%f0
- .end
-!
-! float vis_read_lo(double /* frs1 */);
-!
- .inline vis_read_lo,8
- fmovs %f1,%f0 ! %f0 = low word (frs1); return %f0;
- .end
-!
-! double vis_write_hi(double /* frs1 */, float /* frs2 */);
-!
- .inline vis_write_hi,12
- fmovs %f3,%f0 ! %f3 = float frs2; return %f0:f1;
- .end
-!
-! double vis_write_lo(double /* frs1 */, float /* frs2 */);
-!
- .inline vis_write_lo,12
- fmovs %f3,%f1 ! %f3 = float frs2; return %f0:f1;
- .end
-!
-! double vis_freg_pair(float /* frs1 */, float /* frs2 */);
-!
- .inline vis_freg_pair,8
- fmovs %f1,%f0 ! %f1 = float frs1; put in hi;
- fmovs %f3,%f1 ! %f3 = float frs2; put in lo; return %f0:f1;
- .end
-!
-! float vis_to_float(unsigned int /*value*/);
-!
- .inline vis_to_float,4
- st %o0,[%sp+2183]
- ld [%sp+2183],%f0
- .end
-!
-! double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
-!
- .inline vis_to_double,8
- st %o0,[%sp+2183]
- ld [%sp+2183],%f0
- st %o1,[%sp+2183]
- ld [%sp+2183],%f1
- .end
-!
-! double vis_to_double_dup(unsigned int /*value*/);
-!
- .inline vis_to_double_dup,4
- st %o0,[%sp+2183]
- ld [%sp+2183],%f1
- fmovs %f1,%f0 ! duplicate value
- .end
-!
-! double vis_ll_to_double(unsigned long long /*value*/);
-!
- .inline vis_ll_to_double,8
- stx %o0,[%sp+2183]
- ldd [%sp+2183],%f0
- .end
-
-!--------------------------------------------------------------------
-! Address space identifier (ASI) register
-!
-! unsigned int vis_read_asi(void)
-!
- .inline vis_read_asi,0
- rd %asi,%o0
- .end
-!
-! void vis_write_asi(unsigned int /* ASI */)
-!
- .inline vis_write_asi,4
- wr %g0,%o0,%asi
- .end
-
-!--------------------------------------------------------------------
-! Load/store from/into alternate space
-!
-! float vis_ldfa_ASI_REG(void *rs1)
-!
- .inline vis_ldfa_ASI_REG,8
- lda [%o0+0]%asi,%f4
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! float vis_ldfa_ASI_P(void *rs1)
-!
- .inline vis_ldfa_ASI_P,8
- lda [%o0]0x80,%f4 ! ASI_P
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! float vis_ldfa_ASI_PL(void *rs1)
-!
- .inline vis_ldfa_ASI_PL,8
- lda [%o0]0x88,%f4 ! ASI_PL
- fmovs %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_REG(void *rs1)
-!
- .inline vis_lddfa_ASI_REG,8
- ldda [%o0+0]%asi,%f4
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_P(void *rs1)
-!
- .inline vis_lddfa_ASI_P,8
- ldda [%o0]0x80,%f4 ! ASI_P
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! double vis_lddfa_ASI_PL(void *rs1)
-!
- .inline vis_lddfa_ASI_PL,8
- ldda [%o0]0x88,%f4 ! ASI_PL
- fmovd %f4,%f0 ! Compiler can clean this up
- .end
-!
-! vis_stfa_ASI_REG(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_REG,12
- sta %f1,[%o1+0]%asi
- .end
-!
-! vis_stfa_ASI_P(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_P,12
- sta %f1,[%o1]0x80 ! ASI_P
- .end
-!
-! vis_stfa_ASI_PL(float frs, void *rs1)
-!
- .inline vis_stfa_ASI_PL,12
- sta %f1,[%o1]0x88 ! ASI_PL
- .end
-!
-! vis_stdfa_ASI_REG(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_REG,16
- stda %f0,[%o1+0]%asi
- .end
-!
-! vis_stdfa_ASI_P(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_P,16
- stda %f0,[%o1]0x80 ! ASI_P
- .end
-!
-! vis_stdfa_ASI_PL(double frd, void *rs1)
-!
- .inline vis_stdfa_ASI_PL,16
- stda %f0,[%o1]0x88 ! ASI_PL
- .end
-!
-! unsigned short vis_lduha_ASI_REG(void *rs1)
-!
- .inline vis_lduha_ASI_REG,8
- lduha [%o0+0]%asi,%o0
- .end
-!
-! unsigned short vis_lduha_ASI_P(void *rs1)
-!
- .inline vis_lduha_ASI_P,8
- lduha [%o0]0x80,%o0 ! ASI_P
- .end
-!
-! unsigned short vis_lduha_ASI_PL(void *rs1)
-!
- .inline vis_lduha_ASI_PL,8
- lduha [%o0]0x88,%o0 ! ASI_PL
- .end
-!
-! unsigned short vis_lduha_ASI_P_index(void *rs1, long index)
-!
- .inline vis_lduha_ASI_P_index,16
- lduha [%o0+%o1]0x80,%o0 ! ASI_P
- .end
-!
-! unsigned short vis_lduha_ASI_PL_index(void *rs1, long index)
-!
- .inline vis_lduha_ASI_PL_index,16
- lduha [%o0+%o1]0x88,%o0 ! ASI_PL
- .end
-
-!--------------------------------------------------------------------
-! Prefetch
-!
-! void vis_prefetch_read(void * /*address*/);
-!
- .inline vis_prefetch_read,8
- prefetch [%o0+0],0
- .end
-!
-! void vis_prefetch_write(void * /*address*/);
-!
- .inline vis_prefetch_write,8
- prefetch [%o0+0],2
- .end
diff --git a/security/nss/lib/freebl/mpi/vis_proto.h b/security/nss/lib/freebl/mpi/vis_proto.h
deleted file mode 100644
index 44192ad53..000000000
--- a/security/nss/lib/freebl/mpi/vis_proto.h
+++ /dev/null
@@ -1,263 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is prototypes for vis.il (vis_proto.h 1.3)
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1995, 1997 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-
-/*
- * Prototypes for the inline templates in vis.il
- */
-
-#ifndef VIS_PROTO_H
-#define VIS_PROTO_H
-
-#pragma ident "@(#)vis_proto.h 1.3 97/03/30 SMI"
-
-#ifdef __cplusplus
-extern "C" {
-#endif /* __cplusplus */
-
-/* Pure edge handling instructions */
-int vis_edge8(void * /*frs1*/, void * /*frs2*/);
-int vis_edge8l(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16l(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32l(void * /*frs1*/, void * /*frs2*/);
-
-/* Edge handling instructions with negative return values if cc set. */
-int vis_edge8cc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge8lcc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16cc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge16lcc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32cc(void * /*frs1*/, void * /*frs2*/);
-int vis_edge32lcc(void * /*frs1*/, void * /*frs2*/);
-
-/* Alignment instructions. */
-void *vis_alignaddr(void * /*rs1*/, int /*rs2*/);
-void *vis_alignaddrl(void * /*rs1*/, int /*rs2*/);
-double vis_faligndata(double /*frs1*/, double /*frs2*/);
-
-/* Partitioned comparison instructions. */
-int vis_fcmple16(double /*frs1*/, double /*frs2*/);
-int vis_fcmpne16(double /*frs1*/, double /*frs2*/);
-int vis_fcmple32(double /*frs1*/, double /*frs2*/);
-int vis_fcmpne32(double /*frs1*/, double /*frs2*/);
-int vis_fcmpgt16(double /*frs1*/, double /*frs2*/);
-int vis_fcmpeq16(double /*frs1*/, double /*frs2*/);
-int vis_fcmpgt32(double /*frs1*/, double /*frs2*/);
-int vis_fcmpeq32(double /*frs1*/, double /*frs2*/);
-
-/* Partitioned multiplication. */
-#if 0
-double vis_fmul8x16(float /*frs1*/, double /*frs2*/);
-#endif
-double vis_fmul8x16_dummy(float /*frs1*/, int /*dummy*/, double /*frs2*/);
-double vis_fmul8x16au(float /*frs1*/, float /*frs2*/);
-double vis_fmul8x16al(float /*frs1*/, float /*frs2*/);
-double vis_fmul8sux16(double /*frs1*/, double /*frs2*/);
-double vis_fmul8ulx16(double /*frs1*/, double /*frs2*/);
-double vis_fmuld8ulx16(float /*frs1*/, float /*frs2*/);
-double vis_fmuld8sux16(float /*frs1*/, float /*frs2*/);
-
-/* Partitioned addition & subtraction. */
-double vis_fpadd16(double /*frs1*/, double /*frs2*/);
-float vis_fpadd16s(float /*frs1*/, float /*frs2*/);
-double vis_fpadd32(double /*frs1*/, double /*frs2*/);
-float vis_fpadd32s(float /*frs1*/, float /*frs2*/);
-double vis_fpsub16(double /*frs1*/, double /*frs2*/);
-float vis_fpsub16s(float /*frs1*/, float /*frs2*/);
-double vis_fpsub32(double /*frs1*/, double /*frs2*/);
-float vis_fpsub32s(float /*frs1*/, float /*frs2*/);
-
-/* Pixel packing & clamping. */
-float vis_fpack16(double /*frs2*/);
-double vis_fpack32(double /*frs1*/, double /*frs2*/);
-float vis_fpackfix(double /*frs2*/);
-
-/* Combined pack ops. */
-double vis_fpack16_pair(double /*frs2*/, double /*frs2*/);
-double vis_fpackfix_pair(double /*frs2*/, double /*frs2*/);
-void vis_st2_fpack16(double, double, double *);
-void vis_std_fpack16(double, double, double *);
-void vis_st2_fpackfix(double, double, double *);
-
-double vis_fpack16_to_hi(double /*frs1*/, double /*frs2*/);
-double vis_fpack16_to_lo(double /*frs1*/, double /*frs2*/);
-
-/* Motion estimation. */
-double vis_pdist(double /*frs1*/, double /*frs2*/, double /*frd*/);
-
-/* Channel merging. */
-double vis_fpmerge(float /*frs1*/, float /*frs2*/);
-
-/* Pixel expansion. */
-double vis_fexpand(float /*frs2*/);
-double vis_fexpand_hi(double /*frs2*/);
-double vis_fexpand_lo(double /*frs2*/);
-
-/* Bitwise logical operators. */
-double vis_fnor(double /*frs1*/, double /*frs2*/);
-float vis_fnors(float /*frs1*/, float /*frs2*/);
-double vis_fandnot(double /*frs1*/, double /*frs2*/);
-float vis_fandnots(float /*frs1*/, float /*frs2*/);
-double vis_fnot(double /*frs1*/);
-float vis_fnots(float /*frs1*/);
-double vis_fxor(double /*frs1*/, double /*frs2*/);
-float vis_fxors(float /*frs1*/, float /*frs2*/);
-double vis_fnand(double /*frs1*/, double /*frs2*/);
-float vis_fnands(float /*frs1*/, float /*frs2*/);
-double vis_fand(double /*frs1*/, double /*frs2*/);
-float vis_fands(float /*frs1*/, float /*frs2*/);
-double vis_fxnor(double /*frs1*/, double /*frs2*/);
-float vis_fxnors(float /*frs1*/, float /*frs2*/);
-double vis_fsrc(double /*frs1*/);
-float vis_fsrcs(float /*frs1*/);
-double vis_fornot(double /*frs1*/, double /*frs2*/);
-float vis_fornots(float /*frs1*/, float /*frs2*/);
-double vis_for(double /*frs1*/, double /*frs2*/);
-float vis_fors(float /*frs1*/, float /*frs2*/);
-double vis_fzero(void);
-float vis_fzeros(void);
-double vis_fone(void);
-float vis_fones(void);
-
-/* Partial stores. */
-void vis_stdfa_ASI_PST8P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST8PL(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST8P_int_pair(void * /*rs1*/, void * /*rs2*/,
- void * /*rs3*/, int /*rmask*/);
-void vis_stdfa_ASI_PST8S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST16P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST16S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST32P(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-void vis_stdfa_ASI_PST32S(double /*frd*/, void * /*rs1*/, int /*rmask*/);
-
-/* Byte & short stores. */
-void vis_stdfa_ASI_FL8P(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL8P_index(double /*frd*/, void * /*rs1*/, long /*index*/);
-void vis_stdfa_ASI_FL8S(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16P(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16P_index(double /*frd*/, void * /*rs1*/, long /*index*/);
-void vis_stdfa_ASI_FL16S(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL8PL(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL8SL(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16PL(double /*frd*/, void * /*rs1*/);
-void vis_stdfa_ASI_FL16SL(double /*frd*/, void * /*rs1*/);
-
-/* Byte & short loads. */
-double vis_lddfa_ASI_FL8P(void * /*rs1*/);
-double vis_lddfa_ASI_FL8P_index(void * /*rs1*/, long /*index*/);
-double vis_lddfa_ASI_FL8P_hi(void * /*rs1*/, unsigned int /*index*/);
-double vis_lddfa_ASI_FL8P_lo(void * /*rs1*/, unsigned int /*index*/);
-double vis_lddfa_ASI_FL8S(void * /*rs1*/);
-double vis_lddfa_ASI_FL16P(void * /*rs1*/);
-double vis_lddfa_ASI_FL16P_index(void * /*rs1*/, long /*index*/);
-double vis_lddfa_ASI_FL16S(void * /*rs1*/);
-double vis_lddfa_ASI_FL8PL(void * /*rs1*/);
-double vis_lddfa_ASI_FL8SL(void * /*rs1*/);
-double vis_lddfa_ASI_FL16PL(void * /*rs1*/);
-double vis_lddfa_ASI_FL16SL(void * /*rs1*/);
-
-/* Direct write to GSR, read from GSR */
-void vis_write_gsr(unsigned int /*GSR*/);
-unsigned int vis_read_gsr(void);
-
-/* Voxel texture mapping. */
-#if !defined(_NO_LONGLONG)
-unsigned long vis_array8(unsigned long long /*rs1*/, int /*rs2*/);
-unsigned long vis_array16(unsigned long long /*rs1*/, int /*rs2*/);
-unsigned long vis_array32(unsigned long long /*rs1*/, int /*rs2*/);
-#endif /* !defined(_NO_LONGLONG) */
-
-/* Register aliasing and type casts. */
-float vis_read_hi(double /*frs1*/);
-float vis_read_lo(double /*frs1*/);
-double vis_write_hi(double /*frs1*/, float /*frs2*/);
-double vis_write_lo(double /*frs1*/, float /*frs2*/);
-double vis_freg_pair(float /*frs1*/, float /*frs2*/);
-float vis_to_float(unsigned int /*value*/);
-double vis_to_double(unsigned int /*value1*/, unsigned int /*value2*/);
-double vis_to_double_dup(unsigned int /*value*/);
-#if !defined(_NO_LONGLONG)
-double vis_ll_to_double(unsigned long long /*value*/);
-#endif /* !defined(_NO_LONGLONG) */
-
-/* Miscellany (no inlines) */
-void vis_error(char * /*fmt*/, int /*a0*/);
-void vis_sim_init(void);
-
-/* For better performance */
-#define vis_fmul8x16(farg,darg) vis_fmul8x16_dummy((farg),0,(darg))
-
-/* Nicknames for explicit ASI loads and stores. */
-#define vis_st_u8 vis_stdfa_ASI_FL8P
-#define vis_st_u8_i vis_stdfa_ASI_FL8P_index
-#define vis_st_u8_le vis_stdfa_ASI_FL8PL
-#define vis_st_u16 vis_stdfa_ASI_FL16P
-#define vis_st_u16_i vis_stdfa_ASI_FL16P_index
-#define vis_st_u16_le vis_stdfa_ASI_FL16PL
-
-#define vis_ld_u8 vis_lddfa_ASI_FL8P
-#define vis_ld_u8_i vis_lddfa_ASI_FL8P_index
-#define vis_ld_u8_le vis_lddfa_ASI_FL8PL
-#define vis_ld_u16 vis_lddfa_ASI_FL16P
-#define vis_ld_u16_i vis_lddfa_ASI_FL16P_index
-#define vis_ld_u16_le vis_lddfa_ASI_FL16PL
-
-#define vis_pst_8 vis_stdfa_ASI_PST8P
-#define vis_pst_16 vis_stdfa_ASI_PST16P
-#define vis_pst_32 vis_stdfa_ASI_PST32P
-
-#define vis_st_u8s vis_stdfa_ASI_FL8S
-#define vis_st_u8s_le vis_stdfa_ASI_FL8SL
-#define vis_st_u16s vis_stdfa_ASI_FL16S
-#define vis_st_u16s_le vis_stdfa_ASI_FL16SL
-
-#define vis_ld_u8s vis_lddfa_ASI_FL8S
-#define vis_ld_u8s_le vis_lddfa_ASI_FL8SL
-#define vis_ld_u16s vis_lddfa_ASI_FL16S
-#define vis_ld_u16s_le vis_lddfa_ASI_FL16SL
-
-#define vis_pst_8s vis_stdfa_ASI_PST8S
-#define vis_pst_16s vis_stdfa_ASI_PST16S
-#define vis_pst_32s vis_stdfa_ASI_PST32S
-
-/* "<" and ">=" may be implemented in terms of ">" and "<=". */
-#define vis_fcmplt16(a,b) vis_fcmpgt16((b),(a))
-#define vis_fcmplt32(a,b) vis_fcmpgt32((b),(a))
-#define vis_fcmpge16(a,b) vis_fcmple16((b),(a))
-#define vis_fcmpge32(a,b) vis_fcmple32((b),(a))
-
-#ifdef __cplusplus
-} // End of extern "C"
-#endif /* __cplusplus */
-
-#endif /* VIS_PROTO_H */
diff --git a/security/nss/lib/freebl/os2_rand.c b/security/nss/lib/freebl/os2_rand.c
deleted file mode 100644
index 7eede8883..000000000
--- a/security/nss/lib/freebl/os2_rand.c
+++ /dev/null
@@ -1,329 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#define INCL_DOS
-#define INCL_DOSERRORS
-#include <os2.h>
-#include <secrng.h>
-#include <stdlib.h>
-#include <time.h>
-#include <stdio.h>
-#include <sys/stat.h>
-
-static BOOL clockTickTime(unsigned long *phigh, unsigned long *plow)
-{
- APIRET rc = NO_ERROR;
- QWORD qword = {0,0};
-
- rc = DosTmrQueryTime(&qword);
- if (rc != NO_ERROR)
- return FALSE;
-
- *phigh = qword.ulHi;
- *plow = qword.ulLo;
-
- return TRUE;
-}
-
-size_t RNG_GetNoise(void *buf, size_t maxbuf)
-{
- unsigned long high = 0;
- unsigned long low = 0;
- clock_t val = 0;
- int n = 0;
- int nBytes = 0;
- time_t sTime;
-
- if (maxbuf <= 0)
- return 0;
-
- clockTickTime(&high, &low);
-
- /* get the maximally changing bits first */
- nBytes = sizeof(low) > maxbuf ? maxbuf : sizeof(low);
- memcpy(buf, &low, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- nBytes = sizeof(high) > maxbuf ? maxbuf : sizeof(high);
- memcpy(((char *)buf) + n, &high, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- /* get the number of milliseconds that have elapsed since application started */
- val = clock();
-
- nBytes = sizeof(val) > maxbuf ? maxbuf : sizeof(val);
- memcpy(((char *)buf) + n, &val, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- /* get the time in seconds since midnight Jan 1, 1970 */
- time(&sTime);
- nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime);
- memcpy(((char *)buf) + n, &sTime, nBytes);
- n += nBytes;
-
- return n;
-}
-
-static BOOL
-EnumSystemFiles(void (*func)(const char *))
-{
- APIRET rc;
- ULONG sysInfo = 0;
- char bootLetter[2];
- char sysDir[_MAX_PATH] = "";
- char filename[_MAX_PATH];
- HDIR hdir = HDIR_CREATE;
- ULONG numFiles = 1;
- FILEFINDBUF3 fileBuf = {0};
- ULONG buflen = sizeof(FILEFINDBUF3);
-
- if (DosQuerySysInfo(QSV_BOOT_DRIVE, QSV_BOOT_DRIVE, (PVOID)&sysInfo,
- sizeof(ULONG)) == NO_ERROR)
- {
- bootLetter[0] = sysInfo + 'A' -1;
- strcpy(sysDir, bootLetter);
- strcpy(sysDir+1, ":\\OS2\\");
-
- strcpy( filename, sysDir );
- strcat( filename, "*.*" );
- }
-
- rc =DosFindFirst( filename, &hdir, FILE_NORMAL, &fileBuf, buflen,
- &numFiles, FIL_STANDARD );
- if( rc == NO_ERROR )
- {
- do {
- // pass the full pathname to the callback
- sprintf( filename, "%s\\%s", sysDir, fileBuf.achName );
- (*func)(filename);
-
- numFiles = 1;
- rc = DosFindNext( hdir, &fileBuf, buflen, &numFiles );
- if( rc != NO_ERROR && rc != ERROR_NO_MORE_FILES )
- printf( "DosFindNext errod code = %d\n", rc );
- } while ( rc == NO_ERROR );
-
- rc = DosFindClose(hdir);
- if( rc != NO_ERROR )
- printf( "DosFindClose error code = %d", rc );
- }
- else
- printf( "DosFindFirst error code = %d", rc );
-
- return TRUE;
-}
-
-static int dwNumFiles, dwReadEvery;
-
-static void
-CountFiles(const char *file)
-{
- dwNumFiles++;
-}
-
-static void
-ReadFiles(const char *file)
-{
- if ((dwNumFiles % dwReadEvery) == 0)
- RNG_FileForRNG(file);
-
- dwNumFiles++;
-}
-
-static void
-ReadSystemFiles()
-{
- // first count the number of files
- dwNumFiles = 0;
- if (!EnumSystemFiles(CountFiles))
- return;
-
- RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles));
-
- // now read 10 files
- if (dwNumFiles == 0)
- return;
-
- dwReadEvery = dwNumFiles / 10;
- if (dwReadEvery == 0)
- dwReadEvery = 1; // less than 10 files
-
- dwNumFiles = 0;
- EnumSystemFiles(ReadFiles);
-}
-
-void RNG_SystemInfoForRNG(void)
-{
- unsigned long *plong = 0;
- PTIB ptib;
- PPIB ppib;
- APIRET rc = NO_ERROR;
- DATETIME dt;
- COUNTRYCODE cc = {0};
- COUNTRYINFO ci = {0};
- unsigned long actual = 0;
- char path[_MAX_PATH]="";
- char fullpath[_MAX_PATH]="";
- unsigned long pathlength = sizeof(path);
- FSALLOCATE fsallocate;
- FILESTATUS3 fstatus;
- unsigned long defaultdrive = 0;
- unsigned long logicaldrives = 0;
- unsigned long sysInfo[QSV_MAX] = {0};
- char buffer[20];
- int nBytes = 0;
-
- nBytes = RNG_GetNoise(buffer, sizeof(buffer));
- RNG_RandomUpdate(buffer, nBytes);
-
- /* allocate memory and use address and memory */
- plong = (unsigned long *)malloc(sizeof(*plong));
- RNG_RandomUpdate(&plong, sizeof(plong));
- RNG_RandomUpdate(plong, sizeof(*plong));
- free(plong);
-
- /* process info */
- rc = DosGetInfoBlocks(&ptib, &ppib);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(ptib, sizeof(*ptib));
- RNG_RandomUpdate(ppib, sizeof(*ppib));
- }
-
- /* time */
- rc = DosGetDateTime(&dt);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&dt, sizeof(dt));
- }
-
- /* country */
- rc = DosQueryCtryInfo(sizeof(ci), &cc, &ci, &actual);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&cc, sizeof(cc));
- RNG_RandomUpdate(&ci, sizeof(ci));
- RNG_RandomUpdate(&actual, sizeof(actual));
- }
-
- /* current directory */
- rc = DosQueryCurrentDir(0, path, &pathlength);
- strcat(fullpath, "\\");
- strcat(fullpath, path);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(fullpath, strlen(fullpath));
- // path info
- rc = DosQueryPathInfo(fullpath, FIL_STANDARD, &fstatus, sizeof(fstatus));
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&fstatus, sizeof(fstatus));
- }
- }
-
- /* file system info */
- rc = DosQueryFSInfo(0, FSIL_ALLOC, &fsallocate, sizeof(fsallocate));
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&fsallocate, sizeof(fsallocate));
- }
-
- /* drive info */
- rc = DosQueryCurrentDisk(&defaultdrive, &logicaldrives);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&defaultdrive, sizeof(defaultdrive));
- RNG_RandomUpdate(&logicaldrives, sizeof(logicaldrives));
- }
-
- /* system info */
- rc = DosQuerySysInfo(1L, QSV_MAX, (PVOID)&sysInfo, sizeof(ULONG)*QSV_MAX);
- if (rc == NO_ERROR)
- {
- RNG_RandomUpdate(&sysInfo, sizeof(sysInfo));
- }
-
- // now let's do some files
- ReadSystemFiles();
-
- /* more noise */
- nBytes = RNG_GetNoise(buffer, sizeof(buffer));
- RNG_RandomUpdate(buffer, nBytes);
-}
-
-void RNG_FileForRNG(const char *filename)
-{
- struct stat stat_buf;
- unsigned char buffer[1024];
- FILE *file = 0;
- int nBytes = 0;
- static int totalFileBytes = 0;
-
- if (stat((char *)filename, &stat_buf) < 0)
- return;
-
- RNG_RandomUpdate((unsigned char*)&stat_buf, sizeof(stat_buf));
-
- file = fopen((char *)filename, "r");
- if (file != NULL)
- {
- for (;;)
- {
- size_t bytes = fread(buffer, 1, sizeof(buffer), file);
-
- if (bytes == 0)
- break;
-
- RNG_RandomUpdate(buffer, bytes);
- totalFileBytes += bytes;
- if (totalFileBytes > 250000)
- break;
- }
- fclose(file);
- }
-
- nBytes = RNG_GetNoise(buffer, 20);
- RNG_RandomUpdate(buffer, nBytes);
-}
diff --git a/security/nss/lib/freebl/pqg.c b/security/nss/lib/freebl/pqg.c
deleted file mode 100644
index dca53e93d..000000000
--- a/security/nss/lib/freebl/pqg.c
+++ /dev/null
@@ -1,667 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PQG parameter generation/verification. Based on FIPS 186-1.
- *
- * $Id$
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "blapi.h"
-#include "secitem.h"
-#include "mpi.h"
-#include "mpprime.h"
-#include "mplogic.h"
-#include "secmpi.h"
-
-#define MAX_ITERATIONS 600 /* Maximum number of iterations of primegen */
-#define PQG_Q_PRIMALITY_TESTS 18 /* from HAC table 4.4 */
-#define PQG_P_PRIMALITY_TESTS 5 /* from HAC table 4.4 */
-
- /* XXX to be replaced by define in blapit.h */
-#define BITS_IN_Q 160
-
-/* For FIPS-compliance testing.
-** The following array holds the seed defined in FIPS 186-1 appendix 5.
-** This seed is used to generate P and Q according to appendix 2; use of
-** this seed will exactly generate the PQG specified in appendix 2.
-*/
-#ifdef FIPS_186_1_A5_TEST
-static const unsigned char fips_186_1_a5_pqseed[] = {
- 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8,
- 0xb6, 0x21, 0x1b, 0x40, 0x62, 0xba, 0x32, 0x24,
- 0xe0, 0x42, 0x7d, 0xd3
-};
-#endif
-
-/* Get a seed for generating P and Q. If in testing mode, copy in the
-** seed from FIPS 186-1 appendix 5. Otherwise, obtain bytes from the
-** global random number generator.
-*/
-static SECStatus
-getPQseed(SECItem *seed)
-{
- if (seed->data) {
- PORT_Free(seed->data);
- seed->data = NULL;
- }
- seed->data = (unsigned char*)PORT_ZAlloc(seed->len);
- if (!seed->data) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-#ifdef FIPS_186_1_A5_TEST
- memcpy(seed->data, fips_186_1_a5_pqseed, seed->len);
- return SECSuccess;
-#else
- return RNG_GenerateGlobalRandomBytes(seed->data, seed->len);
-#endif
-}
-
-/* Generate a candidate h value. If in testing mode, use the h value
-** specified in FIPS 186-1 appendix 5, h = 2. Otherwise, obtain bytes
-** from the global random number generator.
-*/
-static SECStatus
-generate_h_candidate(SECItem *hit, mp_int *H)
-{
- SECStatus rv = SECSuccess;
- mp_err err = MP_OKAY;
-#ifdef FIPS_186_1_A5_TEST
- memset(hit->data, 0, hit->len);
- hit->data[hit->len-1] = 0x02;
-#else
- rv = RNG_GenerateGlobalRandomBytes(hit->data, hit->len);
-#endif
- if (rv)
- return SECFailure;
- err = mp_read_unsigned_octets(H, hit->data, hit->len);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* Compute SHA[(SEED + addend) mod 2**g]
-** Result is placed in shaOutBuf.
-** This computation is used in steps 2 and 7 of FIPS 186 Appendix 2.2 .
-*/
-static SECStatus
-addToSeedThenSHA(const SECItem * seed,
- unsigned long addend,
- int g,
- unsigned char * shaOutBuf)
-{
- SECItem str = { 0, 0, 0 };
- mp_int s, sum, modulus, tmp;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&s) = 0;
- MP_DIGITS(&sum) = 0;
- MP_DIGITS(&modulus) = 0;
- MP_DIGITS(&tmp) = 0;
- CHECK_MPI_OK( mp_init(&s) );
- CHECK_MPI_OK( mp_init(&sum) );
- CHECK_MPI_OK( mp_init(&modulus) );
- SECITEM_TO_MPINT(*seed, &s); /* s = seed */
- /* seed += addend */
- if (addend < MP_DIGIT_MAX) {
- CHECK_MPI_OK( mp_add_d(&s, (mp_digit)addend, &s) );
- } else {
- CHECK_MPI_OK( mp_init(&tmp) );
- CHECK_MPI_OK( mp_set_ulong(&tmp, addend) );
- CHECK_MPI_OK( mp_add(&s, &tmp, &s) );
- }
- CHECK_MPI_OK( mp_div_2d(&s, (mp_digit)g, NULL, &sum) );/*sum = s mod 2**g */
- MPINT_TO_SECITEM(&sum, &str, NULL);
- rv = SHA1_HashBuf(shaOutBuf, str.data, str.len); /* SHA1 hash result */
-cleanup:
- mp_clear(&s);
- mp_clear(&sum);
- mp_clear(&modulus);
- mp_clear(&tmp);
- if (str.data)
- SECITEM_ZfreeItem(&str, PR_FALSE);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return SECFailure;
- }
- return rv;
-}
-
-/*
-** Perform steps 2 and 3 of FIPS 186, appendix 2.2.
-** Generate Q from seed.
-*/
-static SECStatus
-makeQfromSeed(
- unsigned int g, /* input. Length of seed in bits. */
-const SECItem * seed, /* input. */
- mp_int * Q) /* output. */
-{
- unsigned char sha1[SHA1_LENGTH];
- unsigned char sha2[SHA1_LENGTH];
- unsigned char U[SHA1_LENGTH];
- SECStatus rv = SECSuccess;
- mp_err err = MP_OKAY;
- int i;
- /* ******************************************************************
- ** Step 2.
- ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]."
- **/
- CHECK_SEC_OK( SHA1_HashBuf(sha1, seed->data, seed->len) );
- CHECK_SEC_OK( addToSeedThenSHA(seed, 1, g, sha2) );
- for (i=0; i<SHA1_LENGTH; ++i)
- U[i] = sha1[i] ^ sha2[i];
- /* ******************************************************************
- ** Step 3.
- ** "Form Q from U by setting the most signficant bit (the 2**159 bit)
- ** and the least signficant bit to 1. In terms of boolean operations,
- ** Q = U OR 2**159 OR 1. Note that 2**159 < Q < 2**160."
- */
- U[0] |= 0x80; /* U is MSB first */
- U[SHA1_LENGTH-1] |= 0x01;
- err = mp_read_unsigned_octets(Q, U, SHA1_LENGTH);
-cleanup:
- memset(U, 0, SHA1_LENGTH);
- memset(sha1, 0, SHA1_LENGTH);
- memset(sha2, 0, SHA1_LENGTH);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return SECFailure;
- }
- return rv;
-}
-
-/* Perform steps 7, 8 and 9 of FIPS 186, appendix 2.2.
-** Generate P from Q, seed, L, and offset.
-*/
-static SECStatus
-makePfromQandSeed(
- unsigned int L, /* Length of P in bits. Per FIPS 186. */
- unsigned int offset, /* Per FIPS 186, appendix 2.2. */
- unsigned int g, /* input. Length of seed in bits. */
-const SECItem * seed, /* input. */
-const mp_int * Q, /* input. */
- mp_int * P) /* output. */
-{
- unsigned int k; /* Per FIPS 186, appendix 2.2. */
- unsigned int n; /* Per FIPS 186, appendix 2.2. */
- mp_digit b; /* Per FIPS 186, appendix 2.2. */
- unsigned char V_k[SHA1_LENGTH];
- mp_int W, X, c, twoQ, V_n, tmp;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- /* Initialize bignums */
- MP_DIGITS(&W) = 0;
- MP_DIGITS(&X) = 0;
- MP_DIGITS(&c) = 0;
- MP_DIGITS(&twoQ) = 0;
- MP_DIGITS(&V_n) = 0;
- MP_DIGITS(&tmp) = 0;
- CHECK_MPI_OK( mp_init(&W) );
- CHECK_MPI_OK( mp_init(&X) );
- CHECK_MPI_OK( mp_init(&c) );
- CHECK_MPI_OK( mp_init(&twoQ) );
- CHECK_MPI_OK( mp_init(&tmp) );
- CHECK_MPI_OK( mp_init(&V_n) );
- /* L - 1 = n*160 + b */
- n = (L - 1) / BITS_IN_Q;
- b = (L - 1) % BITS_IN_Q;
- /* ******************************************************************
- ** Step 7.
- ** "for k = 0 ... n let
- ** V_k = SHA[(SEED + offset + k) mod 2**g]."
- **
- ** Step 8.
- ** "Let W be the integer
- ** W = V_0 + (V_1 * 2**160) + ... + (V_n-1 * 2**((n-1)*160))
- ** + ((V_n mod 2**b) * 2**(n*160))
- */
- for (k=0; k<n; ++k) { /* Do the first n terms of V_k */
- /* Do step 7 for iteration k.
- ** V_k = SHA[(seed + offset + k) mod 2**g]
- */
- CHECK_SEC_OK( addToSeedThenSHA(seed, offset + k, g, V_k) );
- /* Do step 8 for iteration k.
- ** W += V_k * 2**(k*160)
- */
- OCTETS_TO_MPINT(V_k, &tmp, SHA1_LENGTH); /* get bignum V_k */
- CHECK_MPI_OK( mpl_lsh(&tmp, &tmp, k*160) ); /* tmp = V_k << k*160 */
- CHECK_MPI_OK( mp_add(&W, &tmp, &W) ); /* W += tmp */
- }
- /* Step 8, continued.
- ** [W += ((V_n mod 2**b) * 2**(n*160))]
- */
- CHECK_SEC_OK( addToSeedThenSHA(seed, offset + n, g, V_k) );
- OCTETS_TO_MPINT(V_k, &V_n, SHA1_LENGTH); /* get bignum V_n */
- CHECK_MPI_OK( mp_div_2d(&V_n, b, NULL, &tmp) ); /* tmp = V_n mod 2**b */
- CHECK_MPI_OK( mpl_lsh(&tmp, &tmp, n*160) ); /* tmp = tmp << n*160 */
- CHECK_MPI_OK( mp_add(&W, &tmp, &W) ); /* W += tmp */
- /* Step 8, continued.
- ** "and let X = W + 2**(L-1).
- ** Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L."
- */
- CHECK_MPI_OK( mpl_set_bit(&X, (mp_size)(L-1), 1) ); /* X = 2**(L-1) */
- CHECK_MPI_OK( mp_add(&X, &W, &X) ); /* X += W */
- /*************************************************************
- ** Step 9.
- ** "Let c = X mod 2q and set p = X - (c - 1).
- ** Note that p is congruent to 1 mod 2q."
- */
- CHECK_MPI_OK( mp_mul_2(Q, &twoQ) ); /* 2q */
- CHECK_MPI_OK( mp_mod(&X, &twoQ, &c) ); /* c = X mod 2q */
- CHECK_MPI_OK( mp_sub_d(&c, 1, &c) ); /* c -= 1 */
- CHECK_MPI_OK( mp_sub(&X, &c, P) ); /* P = X - c */
-cleanup:
- mp_clear(&W);
- mp_clear(&X);
- mp_clear(&c);
- mp_clear(&twoQ);
- mp_clear(&V_n);
- mp_clear(&tmp);
- if (err) {
- MP_TO_SEC_ERROR(err);
- return SECFailure;
- }
- return rv;
-}
-
-/*
-** Generate G from h, P, and Q.
-*/
-static SECStatus
-makeGfromH(const mp_int *P, /* input. */
- const mp_int *Q, /* input. */
- mp_int *H, /* input and output. */
- mp_int *G, /* output. */
- PRBool *passed)
-{
- mp_int exp, pm1;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- *passed = PR_FALSE;
- MP_DIGITS(&exp) = 0;
- MP_DIGITS(&pm1) = 0;
- CHECK_MPI_OK( mp_init(&exp) );
- CHECK_MPI_OK( mp_init(&pm1) );
- CHECK_MPI_OK( mp_sub_d(P, 1, &pm1) ); /* P - 1 */
- if ( mp_cmp(H, &pm1) > 0) /* H = H mod (P-1) */
- CHECK_MPI_OK( mp_sub(H, &pm1, H) );
- /* Let b = 2**n (smallest power of 2 greater than P).
- ** Since P-1 >= b/2, and H < b, quotient(H/(P-1)) = 0 or 1
- ** so the above operation safely computes H mod (P-1)
- */
- /* Check for H = to 0 or 1. Regen H if so. (Regen means return error). */
- if (mp_cmp_d(H, 1) <= 0) {
- rv = SECFailure;
- goto cleanup;
- }
- /* Compute G, according to the equation G = (H ** ((P-1)/Q)) mod P */
- CHECK_MPI_OK( mp_div(&pm1, Q, &exp, NULL) ); /* exp = (P-1)/Q */
- CHECK_MPI_OK( mp_exptmod(H, &exp, P, G) ); /* G = H ** exp mod P */
- /* Check for G == 0 or G == 1, return error if so. */
- if (mp_cmp_d(G, 1) <= 0) {
- rv = SECFailure;
- goto cleanup;
- }
- *passed = PR_TRUE;
-cleanup:
- mp_clear(&exp);
- mp_clear(&pm1);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy)
-{
- unsigned int L; /* Length of P in bits. Per FIPS 186. */
- unsigned int seedBytes;
-
- if (j > 8 || !pParams || !pVfy) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- L = 512 + (j * 64); /* bits in P */
- seedBytes = L/8;
- return PQG_ParamGenSeedLen(j, seedBytes, pParams, pVfy);
-}
-
-/* This code uses labels and gotos, so that it can follow the numbered
-** steps in the algorithms from FIPS 186 appendix 2.2 very closely,
-** and so that the correctness of this code can be easily verified.
-** So, please forgive the ugly c code.
-**/
-SECStatus
-PQG_ParamGenSeedLen(unsigned int j, unsigned int seedBytes,
- PQGParams **pParams, PQGVerify **pVfy)
-{
- unsigned int L; /* Length of P in bits. Per FIPS 186. */
- unsigned int n; /* Per FIPS 186, appendix 2.2. */
- unsigned int b; /* Per FIPS 186, appendix 2.2. */
- unsigned int g; /* Per FIPS 186, appendix 2.2. */
- unsigned int counter; /* Per FIPS 186, appendix 2.2. */
- unsigned int offset; /* Per FIPS 186, appendix 2.2. */
- SECItem *seed; /* Per FIPS 186, appendix 2.2. */
- PRArenaPool *arena = NULL;
- PQGParams *params = NULL;
- PQGVerify *verify = NULL;
- PRBool passed;
- SECItem hit = { 0, 0, 0 };
- mp_int P, Q, G, H, l;
- mp_err err = MP_OKAY;
- SECStatus rv = SECFailure;
- int iterations = 0;
- if (j > 8 || !pParams || !pVfy) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* Initialize an arena for the params. */
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- params = (PQGParams *)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
- if (!params) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(arena, PR_TRUE);
- return SECFailure;
- }
- params->arena = arena;
- /* Initialize an arena for the verify. */
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(params->arena, PR_TRUE);
- return SECFailure;
- }
- verify = (PQGVerify *)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
- if (!verify) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(arena, PR_TRUE);
- PORT_FreeArena(params->arena, PR_TRUE);
- return SECFailure;
- }
- verify->arena = arena;
- seed = &verify->seed;
- arena = NULL;
- /* Initialize bignums */
- MP_DIGITS(&P) = 0;
- MP_DIGITS(&Q) = 0;
- MP_DIGITS(&G) = 0;
- MP_DIGITS(&H) = 0;
- MP_DIGITS(&l) = 0;
- CHECK_MPI_OK( mp_init(&P) );
- CHECK_MPI_OK( mp_init(&Q) );
- CHECK_MPI_OK( mp_init(&G) );
- CHECK_MPI_OK( mp_init(&H) );
- CHECK_MPI_OK( mp_init(&l) );
- /* Compute lengths. */
- L = 512 + (j * 64); /* bits in P */
- n = (L - 1) / BITS_IN_Q; /* BITS_IN_Q is 160 */
- b = (L - 1) % BITS_IN_Q;
- g = seedBytes * BITS_PER_BYTE; /* bits in seed, NOT G of PQG. */
-step_1:
- /* ******************************************************************
- ** Step 1.
- ** "Choose an abitrary sequence of at least 160 bits and call it SEED.
- ** Let g be the length of SEED in bits."
- */
- if (++iterations > MAX_ITERATIONS) { /* give up after a while */
- PORT_SetError(SEC_ERROR_NEED_RANDOM);
- goto cleanup;
- }
- seed->len = seedBytes;
- CHECK_SEC_OK( getPQseed(seed) );
- /* ******************************************************************
- ** Step 2.
- ** "Compute U = SHA[SEED] XOR SHA[(SEED+1) mod 2**g]."
- **
- ** Step 3.
- ** "Form Q from U by setting the most signficant bit (the 2**159 bit)
- ** and the least signficant bit to 1. In terms of boolean operations,
- ** Q = U OR 2**159 OR 1. Note that 2**159 < Q < 2**160."
- */
- CHECK_SEC_OK( makeQfromSeed(g, seed, &Q) );
- /* ******************************************************************
- ** Step 4.
- ** "Use a robust primality testing algorithm to test whether q is prime."
- **
- ** Appendix 2.1 states that a Rabin test with at least 50 iterations
- ** "will give an acceptable probability of error."
- */
- /*CHECK_SEC_OK( prm_RabinTest(&Q, &passed) );*/
- err = mpp_pprime(&Q, PQG_Q_PRIMALITY_TESTS);
- passed = (err == MP_YES) ? SECSuccess : SECFailure;
- /* ******************************************************************
- ** Step 5. "If q is not prime, goto step 1."
- */
- if (passed != SECSuccess)
- goto step_1;
- /* ******************************************************************
- ** Step 6. "Let counter = 0 and offset = 2."
- */
- counter = 0;
- offset = 2;
-step_7:
- /* ******************************************************************
- ** Step 7.
- ** "for k = 0 ... n let
- ** V_k = SHA[(SEED + offset + k) mod 2**g]."
- **
- ** Step 8.
- ** "Let W be the sum of (V_k * 2**(k*160)) for k = 0 ... n
- ** and let X = W + 2**(L-1).
- ** Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L."
- **
- ** Step 9.
- ** "Let c = X mod 2q and set p = X - (c - 1).
- ** Note that p is congruent to 1 mod 2q."
- */
- CHECK_SEC_OK( makePfromQandSeed(L, offset, g, seed, &Q, &P) );
- /*************************************************************
- ** Step 10.
- ** "if p < 2**(L-1), then goto step 13."
- */
- CHECK_MPI_OK( mpl_set_bit(&l, (mp_size)(L-1), 1) ); /* l = 2**(L-1) */
- if (mp_cmp(&P, &l) < 0)
- goto step_13;
- /************************************************************
- ** Step 11.
- ** "Perform a robust primality test on p."
- */
- /*CHECK_SEC_OK( prm_RabinTest(&P, &passed) );*/
- err = mpp_pprime(&P, PQG_P_PRIMALITY_TESTS);
- passed = (err == MP_YES) ? SECSuccess : SECFailure;
- /* ******************************************************************
- ** Step 12. "If p passes the test performed in step 11, go to step 15."
- */
- if (passed == SECSuccess)
- goto step_15;
-step_13:
- /* ******************************************************************
- ** Step 13. "Let counter = counter + 1 and offset = offset + n + 1."
- */
- counter++;
- offset += n + 1;
- /* ******************************************************************
- ** Step 14. "If counter >= 4096 goto step 1, otherwise go to step 7."
- */
- if (counter >= 4096)
- goto step_1;
- goto step_7;
-step_15:
- /* ******************************************************************
- ** Step 15.
- ** "Save the value of SEED and the value of counter for use
- ** in certifying the proper generation of p and q."
- */
- /* Generate h. */
- SECITEM_AllocItem(NULL, &hit, seedBytes); /* h is no longer than p */
- if (!hit.data) goto cleanup;
- do {
- /* loop generate h until 1<h<p-1 and (h**[(p-1)/q])mod p > 1 */
- CHECK_SEC_OK( generate_h_candidate(&hit, &H) );
- CHECK_SEC_OK( makeGfromH(&P, &Q, &H, &G, &passed) );
- } while (passed != PR_TRUE);
- /* All generation is done. Now, save the PQG params. */
- MPINT_TO_SECITEM(&P, &params->prime, params->arena);
- MPINT_TO_SECITEM(&Q, &params->subPrime, params->arena);
- MPINT_TO_SECITEM(&G, &params->base, params->arena);
- MPINT_TO_SECITEM(&H, &verify->h, verify->arena);
- verify->counter = counter;
- *pParams = params;
- *pVfy = verify;
-cleanup:
- mp_clear(&P);
- mp_clear(&Q);
- mp_clear(&G);
- mp_clear(&H);
- mp_clear(&l);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- if (rv) {
- PORT_FreeArena(params->arena, PR_TRUE);
- PORT_FreeArena(verify->arena, PR_TRUE);
- }
- return rv;
-}
-
-SECStatus
-PQG_VerifyParams(const PQGParams *params,
- const PQGVerify *vfy, SECStatus *result)
-{
- SECStatus rv = SECSuccess;
- int passed;
- unsigned int g, n, L, offset;
- mp_int P, Q, G, P_, Q_, G_, r, h;
- mp_err err = MP_OKAY;
- int j;
-#define CHECKPARAM(cond) \
- if (!(cond)) { \
- *result = SECFailure; \
- goto cleanup; \
- }
- if (!params || !vfy || !result) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- MP_DIGITS(&P) = 0;
- MP_DIGITS(&Q) = 0;
- MP_DIGITS(&G) = 0;
- MP_DIGITS(&P_) = 0;
- MP_DIGITS(&Q_) = 0;
- MP_DIGITS(&G_) = 0;
- MP_DIGITS(&r) = 0;
- MP_DIGITS(&h) = 0;
- CHECK_MPI_OK( mp_init(&P) );
- CHECK_MPI_OK( mp_init(&Q) );
- CHECK_MPI_OK( mp_init(&G) );
- CHECK_MPI_OK( mp_init(&P_) );
- CHECK_MPI_OK( mp_init(&Q_) );
- CHECK_MPI_OK( mp_init(&G_) );
- CHECK_MPI_OK( mp_init(&r) );
- CHECK_MPI_OK( mp_init(&h) );
- *result = SECSuccess;
- SECITEM_TO_MPINT(params->prime, &P);
- SECITEM_TO_MPINT(params->subPrime, &Q);
- SECITEM_TO_MPINT(params->base, &G);
- /* 1. Q is 160 bits long. */
- CHECKPARAM( mpl_significant_bits(&Q) == 160 );
- /* 2. P is one of the 9 valid lengths. */
- L = mpl_significant_bits(&P);
- j = PQG_PBITS_TO_INDEX(L);
- CHECKPARAM( j >= 0 && j <= 8 );
- /* 3. G < P */
- CHECKPARAM( mp_cmp(&G, &P) < 0 );
- /* 4. P % Q == 1 */
- CHECK_MPI_OK( mp_mod(&P, &Q, &r) );
- CHECKPARAM( mp_cmp_d(&r, 1) == 0 );
- /* 5. Q is prime */
- CHECKPARAM( mpp_pprime(&Q, PQG_Q_PRIMALITY_TESTS) == MP_YES );
- /* 6. P is prime */
- CHECKPARAM( mpp_pprime(&P, PQG_P_PRIMALITY_TESTS) == MP_YES );
- /* Steps 7-12 are done only if the optional PQGVerify is supplied. */
- if (!vfy) goto cleanup;
- /* 7. counter < 4096 */
- CHECKPARAM( vfy->counter < 4096 );
- /* 8. g >= 160 and g < 2048 (g is length of seed in bits) */
- g = vfy->seed.len * 8;
- CHECKPARAM( g >= 160 && g < 2048 );
- /* 9. Q generated from SEED matches Q in PQGParams. */
- CHECK_SEC_OK( makeQfromSeed(g, &vfy->seed, &Q_) );
- CHECKPARAM( mp_cmp(&Q, &Q_) == 0 );
- /* 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams. */
- n = (L - 1) / BITS_IN_Q;
- offset = vfy->counter * (n + 1) + 2;
- CHECK_SEC_OK( makePfromQandSeed(L, offset, g, &vfy->seed, &Q, &P_) );
- CHECKPARAM( mp_cmp(&P, &P_) == 0 );
- /* Next two are optional: if h == 0 ignore */
- if (vfy->h.len == 0) goto cleanup;
- /* 11. 1 < h < P-1 */
- SECITEM_TO_MPINT(vfy->h, &h);
- CHECK_MPI_OK( mpl_set_bit(&P, 0, 0) ); /* P is prime, p-1 == zero 1st bit */
- CHECKPARAM( mp_cmp_d(&h, 1) > 0 && mp_cmp(&h, &P) );
- CHECK_MPI_OK( mpl_set_bit(&P, 0, 1) ); /* set it back */
- /* 12. G generated from h matches G in PQGParams. */
- CHECK_SEC_OK( makeGfromH(&P, &Q, &h, &G_, &passed) );
- CHECKPARAM( passed && mp_cmp(&G, &G_) == 0 );
-cleanup:
- mp_clear(&P);
- mp_clear(&Q);
- mp_clear(&G);
- mp_clear(&P_);
- mp_clear(&Q_);
- mp_clear(&G_);
- mp_clear(&r);
- mp_clear(&h);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-
diff --git a/security/nss/lib/freebl/prng_fips1861.c b/security/nss/lib/freebl/prng_fips1861.c
deleted file mode 100644
index bf0199926..000000000
--- a/security/nss/lib/freebl/prng_fips1861.c
+++ /dev/null
@@ -1,513 +0,0 @@
-/*
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "prinit.h"
-#include "blapi.h"
-#include "nssilock.h"
-#include "secitem.h"
-#include "sha_fast.h"
-#include "secrng.h" /* for RNG_GetNoise() */
-
-/*
- * The minimum amount of seed data required before the generator will
- * provide data.
- * Note that this is a measure of the number of bytes sent to
- * RNG_RandomUpdate, not the actual amount of entropy present in the
- * generator. Naturally, it is impossible to know (at this level) just
- * how much entropy is present in the provided seed data. A bare minimum
- * of entropy would be 20 bytes, so by requiring 1K this code is making
- * the tacit assumption that at least 1 byte of pure entropy is provided
- * with every 8 bytes supplied to RNG_RandomUpdate. The reality of this
- * assumption is left up to the caller.
- */
-#define MIN_SEED_COUNT 1024
-
-/*
- * Steps taken from FIPS 186-1 Appendix 3.1
- */
-
-/*
- * According to FIPS 186-1, 160 <= b <= 512
- * For our purposes, we will assume b == 160
- */
-#define FIPS_B 160
-#define BSIZE FIPS_B / BITS_PER_BYTE
-
-/*
- * Add two 160-bit numbers represented as arrays of 20 bytes.
- * The numbers are big-endian, MSB first, so addition is done
- * from the end of the buffer to the beginning.
- */
-#define ADD_160BIT_PLUS_CARRY(dest, add1, add2, cy) \
- carry = cy; \
- for (i=BSIZE-1; i>=0; --i) { \
- carry += add1[i] + add2[i]; \
- dest[i] = (PRUint8)carry; \
- carry >>= 8; \
- }
-
-#define ADD_160BIT_2(dest, add1, add2) \
- ADD_160BIT_PLUS_CARRY(dest, add1, add2, 0)
-
-
-/*
- * FIPS requires result from Step 3c to be reduced mod q when generating
- * random numbers for DSA.
- * by definition q >= 2^159 + 1, thus xj < 2q
- * thus reducing mod q is simple subtraction when xj > q
- */
-#define dsa_reduce_mod_q(xj, q) \
- PORT_Assert(q[0] >= 0x80); \
- if (memcmp(xj,q,BSIZE) > 0) { \
- carry = 0; \
- for (i=BSIZE-1; i>=0; --i) { \
- carry += (signed int)xj[i] - (signed int)q[i]; \
- xj[i] = (PRUint8)carry; \
- carry >>= 8; \
- } \
- }
-
-/*
- * Specialized SHA1-like function. This function appends zeroes to a
- * single input block and runs a single instance of the compression function,
- * as specified in FIPS 186-1 appendix 3.3.
- */
-void
-RNG_UpdateAndEnd_FIPS186_1(SHA1Context *ctx,
- unsigned char *input, unsigned int inputLen,
- unsigned char *hashout, unsigned int *pDigestLen,
- unsigned int maxDigestLen);
-
-/*
- * Global RNG context
- */
-struct RNGContextStr {
- PRUint8 XKEY[BSIZE]; /* Seed for next SHA iteration */
- PRUint8 Xj[BSIZE]; /* Output from previous operation */
- PZLock *lock; /* Lock to serialize access to global rng */
- PRUint8 avail; /* # bytes of output available, [0...20] */
- PRUint32 seedCount; /* number of seed bytes given to generator */
- PRBool isValid; /* false if RNG reaches an invalid state */
-};
-typedef struct RNGContextStr RNGContext;
-static RNGContext *globalrng = NULL;
-
-/*
- * Free the global RNG context
- */
-static void
-freeRNGContext()
-{
- PZ_DestroyLock(globalrng->lock);
- PORT_ZFree(globalrng, sizeof *globalrng);
- globalrng = NULL;
-}
-
-/*
- * Implementation of the algorithm in FIPS 186-1 appendix 3.1, heretofore
- * called alg3_1(). It is assumed a lock for the global rng context has
- * already been acquired.
- * Calling this function with XSEEDj == NULL is equivalent to saying there
- * is no optional user input, which is further equivalent to saying that
- * the optional user input is 0.
- */
-static SECStatus
-alg_fips186_1_x3_1(RNGContext *rng,
- const unsigned char *XSEEDj, unsigned char *q)
-{
- /* SHA1 context for G(t, XVAL) function */
- SHA1Context sha1cx;
- /* input to hash function */
- PRUint8 XVAL[BSIZE];
- /* store a copy of the output to compare with the previous output */
- PRUint8 x_j[BSIZE];
- /* used by ADD_160BIT macros */
- int i, carry;
- unsigned int len;
- if (!rng->isValid) {
- /* RNG has alread entered an invalid state. */
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* initialize the SHA1 context */
- memset(&sha1cx, 0, sizeof(sha1cx));
- /*
- * <Step 2> Initialize t, taken care of in SHA-1 (same initial values)
- */
- SHA1_Begin(&sha1cx);
- /*
- * <Step 3a> XSEEDj is optional user input
- *
- * <Step 3b> XVAL = (XKEY + XSEEDj) mod 2^b
- * :always reduced mod 2^b, since storing as 160-bit value
- */
- if (XSEEDj) {
- /* XSEEDj > 0 */
- ADD_160BIT_2(XVAL, rng->XKEY, XSEEDj);
- } else {
- /* XSEEDj == 0 */
- memcpy(XVAL, rng->XKEY, BSIZE);
- }
- /*
- * <Step 3c> Xj = G(t, XVAL) mod q
- * :In this code, (mod q) is only understood for DSA ops,
- * :not general RNG (what would q be in non-DSA uses?).
- * :If a q is specified, use it.
- * :FIPS 186-1 specifies a different padding than the SHA1 180-1
- * :specification, this function is implemented below.
- */
- RNG_UpdateAndEnd_FIPS186_1(&sha1cx, XVAL, BSIZE, x_j, &len, BSIZE);
- if (q != NULL) {
- dsa_reduce_mod_q(x_j, q);
- }
- /* [FIPS 140-1] verify output does not match previous output */
- if (memcmp(x_j, rng->Xj, BSIZE) == 0) {
- /* failed FIPS 140-1 continuous RNG condition. RNG now invalid. */
- rng->isValid = PR_FALSE;
- return SECFailure;
- }
- /* Xj is the output */
- memcpy(rng->Xj, x_j, BSIZE);
- /*
- * <Step 3d> XKEY = (1 + XKEY + Xj) mod 2^b
- * :always reduced mod 2^b, since storing as 160-bit value
- */
- ADD_160BIT_PLUS_CARRY(rng->XKEY, rng->XKEY, x_j, 1);
- /* Always have a full buffer after executing alg3_1() */
- rng->avail = BSIZE;
- /* housekeeping */
- memset(x_j, 0, BSIZE);
- memset(XVAL, 0, BSIZE);
- return SECSuccess;
-}
-
-/* Use NSPR to prevent RNG_RNGInit from being called from separate
- * threads, creating a race condition.
- */
-static PRCallOnceType coRNGInit = { 0, 0, 0 };
-static PRStatus rng_init(void)
-{
- unsigned char bytes[120];
- unsigned int numBytes;
- if (globalrng == NULL) {
- /* create a new global RNG context */
- globalrng = (RNGContext *)PORT_ZAlloc(sizeof(RNGContext));
- if (globalrng == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return PR_FAILURE;
- }
- /* create a lock for it */
- globalrng->lock = PZ_NewLock(nssILockOther);
- if (globalrng->lock == NULL) {
- PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
- return PR_FAILURE;
- }
- /* the RNG is in a valid state */
- globalrng->isValid = PR_TRUE;
- /* Try to get some seed data for the RNG */
- numBytes = RNG_GetNoise(bytes, sizeof bytes);
- RNG_RandomUpdate(bytes, numBytes);
- }
- return (globalrng != NULL) ? PR_SUCCESS : PR_FAILURE;
-}
-
-/*
- * Initialize the global RNG context and give it some seed input taken
- * from the system. This function is thread-safe and will only allow
- * the global context to be initialized once. The seed input is likely
- * small, so it is imperative that RNG_RandomUpdate() be called with
- * additional seed data before the generator is used. A good way to
- * provide the generator with additional entropy is to call
- * RNG_SystemInfoForRNG(). Note that NSS_Init() does exactly that.
- */
-SECStatus
-RNG_RNGInit(void)
-{
- /* Allow only one call to initialize the context */
- PR_CallOnce(&coRNGInit, rng_init);
- /* Make sure there is a context */
- return (globalrng != NULL) ? PR_SUCCESS : PR_FAILURE;
-}
-
-/*
-** Update the global random number generator with more seeding
-** material
-*/
-SECStatus
-prng_RandomUpdate(RNGContext *rng, const void *data, size_t bytes,
- unsigned char *q)
-{
- SECStatus rv = SECSuccess;
- unsigned char inputhash[BSIZE];
- /* check for a valid global RNG context */
- PORT_Assert(rng != NULL);
- if (rng == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* RNG_SystemInfoForRNG() sometimes does this, not really an error */
- if (bytes == 0)
- return SECSuccess;
- /* If received 20 bytes of input, use it, else hash the input before
- * locking.
- */
- if (bytes == BSIZE)
- memcpy(inputhash, data, BSIZE);
- else
- rv = SHA1_HashBuf(inputhash, data, bytes);
- if (rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* --- LOCKED --- */
- PZ_Lock(rng->lock);
- /*
- * Random information is initially supplied by a call to
- * RNG_SystemInfoForRNG(). That function collects entropy from
- * the system and calls RNG_RandomUpdate() to seed the generator.
- * FIPS 186-1 3.1 step 1 specifies that a secret value for the
- * seed-key must be chosen before the generator can begin. The
- * size of XKEY is b-bytes, so fill it with the first b-bytes
- * sent to RNG_RandomUpdate().
- */
- if (rng->seedCount == 0) {
- /* This is the first call to RandomUpdate(). Use a SHA1 hash
- * of the input to set the seed, XKEY.
- *
- * <Step 1> copy seed bytes into context's XKEY
- */
- memcpy(rng->XKEY, inputhash, BSIZE);
- /*
- * Now continue with algorithm. Since the input was used to
- * initialize XKEY, the "optional user input" at this stage
- * will be a pad of zeros, XSEEDj = 0.
- */
- rv = alg_fips186_1_x3_1(rng, NULL, q);
- /* As per FIPS 140-1 continuous RNG requirement, the first
- * iteration of output is discarded. So here there is really
- * no output available. This forces another execution of alg3_1()
- * before any bytes can be extracted from the generator.
- */
- rng->avail = 0;
- } else {
- /* Execute the algorithm from FIPS 186-1 appendix 3.1 */
- rv = alg_fips186_1_x3_1(rng, inputhash, q);
- }
- /* If got this far, have added bytes of seed data. */
- rng->seedCount += bytes;
- PZ_Unlock(rng->lock);
- /* --- UNLOCKED --- */
- /* housekeeping */
- memset(inputhash, 0, BSIZE);
- return rv;
-}
-
-/*
-** Update the global random number generator with more seeding
-** material. Not DSA, so no q.
-*/
-SECStatus
-RNG_RandomUpdate(const void *data, size_t bytes)
-{
- return prng_RandomUpdate(globalrng, data, bytes, NULL);
-}
-
-/*
-** Generate some random bytes, using the global random number generator
-** object.
-*/
-SECStatus
-prng_GenerateGlobalRandomBytes(RNGContext *rng,
- void *dest, size_t len, unsigned char *q)
-{
- PRUint8 num;
- SECStatus rv = SECSuccess;
- unsigned char *output = dest;
- /* check for a valid global RNG context */
- PORT_Assert(rng != NULL);
- if (rng == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* --- LOCKED --- */
- PZ_Lock(rng->lock);
- /* Check the amount of seed data in the generator. If not enough,
- * don't produce any data.
- */
- if (rng->seedCount < MIN_SEED_COUNT) {
- PZ_Unlock(rng->lock);
- PORT_SetError(SEC_ERROR_NEED_RANDOM);
- return SECFailure;
- }
- /*
- * If there are enough bytes of random data, send back Xj,
- * else call alg3_1() with 0's to generate more random data.
- */
- while (len > 0) {
- if (rng->avail == 0)
- /* All available bytes are used, so generate more. */
- rv = alg_fips186_1_x3_1(rng, NULL, q);
- /* number of bytes to obtain on this iteration (max of 20) */
- num = PR_MIN(rng->avail, len);
- /* if avail < BSIZE, the first avail bytes have already been used. */
- memcpy(output, rng->Xj + (BSIZE - rng->avail), num);
- rng->avail -= num;
- len -= num;
- output += num;
- }
- PZ_Unlock(rng->lock);
- /* --- UNLOCKED --- */
- return rv;
-}
-
-/*
-** Generate some random bytes, using the global random number generator
-** object. Not DSA, so no q.
-*/
-SECStatus
-RNG_GenerateGlobalRandomBytes(void *dest, size_t len)
-{
- return prng_GenerateGlobalRandomBytes(globalrng, dest, len, NULL);
-}
-
-void
-RNG_RNGShutdown(void)
-{
- /* check for a valid global RNG context */
- PORT_Assert(globalrng != NULL);
- if (globalrng == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return;
- }
- /* clear */
- freeRNGContext();
- /* zero the callonce struct to allow a new call to RNG_RNGInit() */
- memset(&coRNGInit, 0, sizeof coRNGInit);
-}
-
-/*
- * SHA: Generate hash value from context
- * Specialized function for PRNG
- * The PRNG specified in FIPS 186-1 3.3 uses a function, G,
- * which has the same initialization and compression functions
- * as SHA1 180-1, but uses different padding. FIPS 186-1 3.3
- * specifies that the message be padded with 0's until the size
- * reaches 512 bits.
- */
-void
-RNG_UpdateAndEnd_FIPS186_1(SHA1Context *ctx,
- unsigned char *input, unsigned int inputLen,
- unsigned char *hashout, unsigned int *pDigestLen,
- unsigned int maxDigestLen)
-{
- register PRUint32 A;
- static const unsigned char bulk_pad0[64] = { 0,0,0,0,0,0,0,0,0,0,
- 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
- 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 };
-
- PORT_Assert(maxDigestLen >= SHA1_LENGTH);
- PORT_Assert(inputLen <= SHA1_INPUT_LEN);
-
- /*
- * Add the input
- */
- SHA1_Update(ctx, input, inputLen);
- /*
- * Pad with zeroes
- * This will fill the input block and cause the compression function
- * to be called.
- */
- SHA1_Update(ctx, bulk_pad0, SHA1_INPUT_LEN - inputLen);
-
- /*
- * Output hash
- */
-#if defined(IS_LITTLE_ENDIAN)
- SHA_BYTESWAP(ctx->H[0]);
- SHA_BYTESWAP(ctx->H[1]);
- SHA_BYTESWAP(ctx->H[2]);
- SHA_BYTESWAP(ctx->H[3]);
- SHA_BYTESWAP(ctx->H[4]);
-#endif
- memcpy(hashout, ctx->H, SHA1_LENGTH);
- *pDigestLen = SHA1_LENGTH;
-
- /*
- * Re-initialize the context (also zeroizes contents)
- */
- SHA1_Begin(ctx);
-}
-
-/*
- * Specialized RNG for DSA
- *
- * As per FIPS 186-1 appendix 3.1, in step 5 the value Xj should
- * be reduced mod q, a 160-bit prime number. Since this parameter is
- * only meaningful in the context of DSA, the above RNG functions
- * were implemented without it. They are re-implemented below for use
- * with DSA.
- *
- */
-
-/*
-** Update the global random number generator with more seeding
-** material. DSA needs a q parameter.
-*/
-SECStatus
-DSA_RandomUpdate(void *data, size_t bytes, unsigned char *q)
-{
- if( q && (*q == 0) ) {
- ++q;
- }
- return prng_RandomUpdate(globalrng, data, bytes, q);
-}
-
-/*
-** Generate some random bytes, using the global random number generator
-** object. In DSA mode, so there is a q.
-*/
-SECStatus
-DSA_GenerateGlobalRandomBytes(void *dest, size_t len, unsigned char *q)
-{
- if( q && (*q == 0) ) {
- ++q;
- }
- return prng_GenerateGlobalRandomBytes(globalrng, dest, len, q);
-}
diff --git a/security/nss/lib/freebl/rijndael.c b/security/nss/lib/freebl/rijndael.c
deleted file mode 100644
index 7c35add78..000000000
--- a/security/nss/lib/freebl/rijndael.c
+++ /dev/null
@@ -1,1136 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prinit.h"
-#include "prerr.h"
-#include "secerr.h"
-
-#include "prtypes.h"
-#include "blapi.h"
-#include "rijndael.h"
-
-/*
- * There are currently five ways to build this code, varying in performance
- * and code size.
- *
- * RIJNDAEL_INCLUDE_TABLES Include all tables from rijndael32.tab
- * RIJNDAEL_GENERATE_TABLES Generate tables on first
- * encryption/decryption, then store them;
- * use the function gfm
- * RIJNDAEL_GENERATE_TABLES_MACRO Same as above, but use macros to do
- * the generation
- * RIJNDAEL_GENERATE_VALUES Do not store tables, generate the table
- * values "on-the-fly", using gfm
- * RIJNDAEL_GENERATE_VALUES_MACRO Same as above, but use macros
- *
- * The default is RIJNDAEL_INCLUDE_TABLES.
- */
-
-/*
- * When building RIJNDAEL_INCLUDE_TABLES, includes S**-1, Rcon, T[0..4],
- * T**-1[0..4], IMXC[0..4]
- * When building anything else, includes S, S**-1, Rcon
- */
-#include "rijndael32.tab"
-
-#if defined(RIJNDAEL_INCLUDE_TABLES)
-/*
- * RIJNDAEL_INCLUDE_TABLES
- */
-#define T0(i) _T0[i]
-#define T1(i) _T1[i]
-#define T2(i) _T2[i]
-#define T3(i) _T3[i]
-#define TInv0(i) _TInv0[i]
-#define TInv1(i) _TInv1[i]
-#define TInv2(i) _TInv2[i]
-#define TInv3(i) _TInv3[i]
-#define IMXC0(b) _IMXC0[b]
-#define IMXC1(b) _IMXC1[b]
-#define IMXC2(b) _IMXC2[b]
-#define IMXC3(b) _IMXC3[b]
-/* The S-box can be recovered from the T-tables */
-#ifdef IS_LITTLE_ENDIAN
-#define SBOX(b) ((PRUint8)_T3[b])
-#else
-#define SBOX(b) ((PRUint8)_T1[b])
-#endif
-#define SINV(b) (_SInv[b])
-
-#else /* not RIJNDAEL_INCLUDE_TABLES */
-
-/*
- * Code for generating T-table values.
- */
-
-#ifdef IS_LITTLE_ENDIAN
-#define WORD4(b0, b1, b2, b3) \
- (((b3) << 24) | ((b2) << 16) | ((b1) << 8) | (b0))
-#else
-#define WORD4(b0, b1, b2, b3) \
- (((b0) << 24) | ((b1) << 16) | ((b2) << 8) | (b3))
-#endif
-
-/*
- * Define the S and S**-1 tables (both have been stored)
- */
-#define SBOX(b) (_S[b])
-#define SINV(b) (_SInv[b])
-
-/*
- * The function xtime, used for Galois field multiplication
- */
-#define XTIME(a) \
- ((a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1))
-
-/* Choose GFM method (macros or function) */
-#if defined(RIJNDAEL_GENERATE_TABLES_MACRO) || \
- defined(RIJNDAEL_GENERATE_VALUES_MACRO)
-
-/*
- * Galois field GF(2**8) multipliers, in macro form
- */
-#define GFM01(a) \
- (a) /* a * 01 = a, the identity */
-#define GFM02(a) \
- (XTIME(a) & 0xff) /* a * 02 = xtime(a) */
-#define GFM04(a) \
- (GFM02(GFM02(a))) /* a * 04 = xtime**2(a) */
-#define GFM08(a) \
- (GFM02(GFM04(a))) /* a * 08 = xtime**3(a) */
-#define GFM03(a) \
- (GFM01(a) ^ GFM02(a)) /* a * 03 = a * (01 + 02) */
-#define GFM09(a) \
- (GFM01(a) ^ GFM08(a)) /* a * 09 = a * (01 + 08) */
-#define GFM0B(a) \
- (GFM01(a) ^ GFM02(a) ^ GFM08(a)) /* a * 0B = a * (01 + 02 + 08) */
-#define GFM0D(a) \
- (GFM01(a) ^ GFM04(a) ^ GFM08(a)) /* a * 0D = a * (01 + 04 + 08) */
-#define GFM0E(a) \
- (GFM02(a) ^ GFM04(a) ^ GFM08(a)) /* a * 0E = a * (02 + 04 + 08) */
-
-#else /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_VALUES */
-
-/* GF_MULTIPLY
- *
- * multiply two bytes represented in GF(2**8), mod (x**4 + 1)
- */
-PRUint8 gfm(PRUint8 a, PRUint8 b)
-{
- PRUint8 res = 0;
- while (b > 0) {
- res = (b & 0x01) ? res ^ a : res;
- a = XTIME(a);
- b >>= 1;
- }
- return res;
-}
-
-#define GFM01(a) \
- (a) /* a * 01 = a, the identity */
-#define GFM02(a) \
- (XTIME(a) & 0xff) /* a * 02 = xtime(a) */
-#define GFM03(a) \
- (gfm(a, 0x03)) /* a * 03 */
-#define GFM09(a) \
- (gfm(a, 0x09)) /* a * 09 */
-#define GFM0B(a) \
- (gfm(a, 0x0B)) /* a * 0B */
-#define GFM0D(a) \
- (gfm(a, 0x0D)) /* a * 0D */
-#define GFM0E(a) \
- (gfm(a, 0x0E)) /* a * 0E */
-
-#endif /* choosing GFM function */
-
-/*
- * The T-tables
- */
-#define G_T0(i) \
- ( WORD4( GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i)) ) )
-#define G_T1(i) \
- ( WORD4( GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i)), GFM01(SBOX(i)) ) )
-#define G_T2(i) \
- ( WORD4( GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i)), GFM01(SBOX(i)) ) )
-#define G_T3(i) \
- ( WORD4( GFM01(SBOX(i)), GFM01(SBOX(i)), GFM03(SBOX(i)), GFM02(SBOX(i)) ) )
-
-/*
- * The inverse T-tables
- */
-#define G_TInv0(i) \
- ( WORD4( GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i)) ) )
-#define G_TInv1(i) \
- ( WORD4( GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i)), GFM0D(SINV(i)) ) )
-#define G_TInv2(i) \
- ( WORD4( GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i)), GFM09(SINV(i)) ) )
-#define G_TInv3(i) \
- ( WORD4( GFM09(SINV(i)), GFM0D(SINV(i)), GFM0B(SINV(i)), GFM0E(SINV(i)) ) )
-
-/*
- * The inverse mix column tables
- */
-#define G_IMXC0(i) \
- ( WORD4( GFM0E(i), GFM09(i), GFM0D(i), GFM0B(i) ) )
-#define G_IMXC1(i) \
- ( WORD4( GFM0B(i), GFM0E(i), GFM09(i), GFM0D(i) ) )
-#define G_IMXC2(i) \
- ( WORD4( GFM0D(i), GFM0B(i), GFM0E(i), GFM09(i) ) )
-#define G_IMXC3(i) \
- ( WORD4( GFM09(i), GFM0D(i), GFM0B(i), GFM0E(i) ) )
-
-/* Now choose the T-table indexing method */
-#if defined(RIJNDAEL_GENERATE_VALUES)
-/* generate values for the tables with a function*/
-static PRUint32 gen_TInvXi(PRUint8 tx, PRUint8 i)
-{
- PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E;
- si01 = SINV(i);
- si02 = XTIME(si01);
- si04 = XTIME(si02);
- si08 = XTIME(si04);
- si03 = si02 ^ si01;
- si09 = si08 ^ si01;
- si0B = si08 ^ si03;
- si0D = si09 ^ si04;
- si0E = si08 ^ si04 ^ si02;
- switch (tx) {
- case 0:
- return WORD4(si0E, si09, si0D, si0B);
- case 1:
- return WORD4(si0B, si0E, si09, si0D);
- case 2:
- return WORD4(si0D, si0B, si0E, si09);
- case 3:
- return WORD4(si09, si0D, si0B, si0E);
- }
- return -1;
-}
-#define T0(i) G_T0(i)
-#define T1(i) G_T1(i)
-#define T2(i) G_T2(i)
-#define T3(i) G_T3(i)
-#define TInv0(i) gen_TInvXi(0, i)
-#define TInv1(i) gen_TInvXi(1, i)
-#define TInv2(i) gen_TInvXi(2, i)
-#define TInv3(i) gen_TInvXi(3, i)
-#define IMXC0(b) G_IMXC0(b)
-#define IMXC1(b) G_IMXC1(b)
-#define IMXC2(b) G_IMXC2(b)
-#define IMXC3(b) G_IMXC3(b)
-#elif defined(RIJNDAEL_GENERATE_VALUES_MACRO)
-/* generate values for the tables with macros */
-#define T0(i) G_T0(i)
-#define T1(i) G_T1(i)
-#define T2(i) G_T2(i)
-#define T3(i) G_T3(i)
-#define TInv0(i) G_TInv0(i)
-#define TInv1(i) G_TInv1(i)
-#define TInv2(i) G_TInv2(i)
-#define TInv3(i) G_TInv3(i)
-#define IMXC0(b) G_IMXC0(b)
-#define IMXC1(b) G_IMXC1(b)
-#define IMXC2(b) G_IMXC2(b)
-#define IMXC3(b) G_IMXC3(b)
-#else /* RIJNDAEL_GENERATE_TABLES or RIJNDAEL_GENERATE_TABLES_MACRO */
-/* Generate T and T**-1 table values and store, then index */
-/* The inverse mix column tables are still generated */
-#define T0(i) rijndaelTables->T0[i]
-#define T1(i) rijndaelTables->T1[i]
-#define T2(i) rijndaelTables->T2[i]
-#define T3(i) rijndaelTables->T3[i]
-#define TInv0(i) rijndaelTables->TInv0[i]
-#define TInv1(i) rijndaelTables->TInv1[i]
-#define TInv2(i) rijndaelTables->TInv2[i]
-#define TInv3(i) rijndaelTables->TInv3[i]
-#define IMXC0(b) G_IMXC0(b)
-#define IMXC1(b) G_IMXC1(b)
-#define IMXC2(b) G_IMXC2(b)
-#define IMXC3(b) G_IMXC3(b)
-#endif /* choose T-table indexing method */
-
-#endif /* not RIJNDAEL_INCLUDE_TABLES */
-
-#if defined(RIJNDAEL_GENERATE_TABLES) || \
- defined(RIJNDAEL_GENERATE_TABLES_MACRO)
-
-/* Code to generate and store the tables */
-
-struct rijndael_tables_str {
- PRUint32 T0[256];
- PRUint32 T1[256];
- PRUint32 T2[256];
- PRUint32 T3[256];
- PRUint32 TInv0[256];
- PRUint32 TInv1[256];
- PRUint32 TInv2[256];
- PRUint32 TInv3[256];
-};
-
-static struct rijndael_tables_str *rijndaelTables = NULL;
-static PRCallOnceType coRTInit = { 0, 0, 0 };
-static PRStatus
-init_rijndael_tables(void)
-{
- PRUint32 i;
- PRUint8 si01, si02, si03, si04, si08, si09, si0B, si0D, si0E;
- struct rijndael_tables_str *rts;
- rts = (struct rijndael_tables_str *)
- PORT_Alloc(sizeof(struct rijndael_tables_str));
- if (!rts) return PR_FAILURE;
- for (i=0; i<256; i++) {
- /* The forward values */
- si01 = SBOX(i);
- si02 = XTIME(si01);
- si03 = si02 ^ si01;
- rts->T0[i] = WORD4(si02, si01, si01, si03);
- rts->T1[i] = WORD4(si03, si02, si01, si01);
- rts->T2[i] = WORD4(si01, si03, si02, si01);
- rts->T3[i] = WORD4(si01, si01, si03, si02);
- /* The inverse values */
- si01 = SINV(i);
- si02 = XTIME(si01);
- si04 = XTIME(si02);
- si08 = XTIME(si04);
- si03 = si02 ^ si01;
- si09 = si08 ^ si01;
- si0B = si08 ^ si03;
- si0D = si09 ^ si04;
- si0E = si08 ^ si04 ^ si02;
- rts->TInv0[i] = WORD4(si0E, si09, si0D, si0B);
- rts->TInv1[i] = WORD4(si0B, si0E, si09, si0D);
- rts->TInv2[i] = WORD4(si0D, si0B, si0E, si09);
- rts->TInv3[i] = WORD4(si09, si0D, si0B, si0E);
- }
- /* wait until all the values are in to set */
- rijndaelTables = rts;
- return PR_SUCCESS;
-}
-
-#endif /* code to generate tables */
-
-/**************************************************************************
- *
- * Stuff related to the Rijndael key schedule
- *
- *************************************************************************/
-
-#define SUBBYTE(w) \
- ((SBOX((w >> 24) & 0xff) << 24) | \
- (SBOX((w >> 16) & 0xff) << 16) | \
- (SBOX((w >> 8) & 0xff) << 8) | \
- (SBOX((w ) & 0xff) ))
-
-#ifdef IS_LITTLE_ENDIAN
-#define ROTBYTE(b) \
- ((b >> 8) | (b << 24))
-#else
-#define ROTBYTE(b) \
- ((b << 8) | (b >> 24))
-#endif
-
-/* rijndael_key_expansion7
- *
- * Generate the expanded key from the key input by the user.
- * XXX
- * Nk == 7 (224 key bits) is a weird case. Since Nk > 6, an added SubByte
- * transformation is done periodically. The period is every 4 bytes, and
- * since 7%4 != 0 this happens at different times for each key word (unlike
- * Nk == 8 where it happens twice in every key word, in the same positions).
- * For now, I'm implementing this case "dumbly", w/o any unrolling.
- */
-static SECStatus
-rijndael_key_expansion7(AESContext *cx, unsigned char *key, unsigned int Nk)
-{
- unsigned int i;
- PRUint32 *W;
- PRUint32 *pW;
- PRUint32 tmp;
- W = cx->expandedKey;
- /* 1. the first Nk words contain the cipher key */
- memcpy(W, key, Nk * 4);
- i = Nk;
- /* 2. loop until full expanded key is obtained */
- pW = W + i - 1;
- for (; i < cx->Nb * (cx->Nr + 1); ++i) {
- tmp = *pW++;
- if (i % Nk == 0)
- tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
- else if (i % Nk == 4)
- tmp = SUBBYTE(tmp);
- *pW = W[i - Nk] ^ tmp;
- }
- return SECSuccess;
-}
-
-/* rijndael_key_expansion
- *
- * Generate the expanded key from the key input by the user.
- */
-static SECStatus
-rijndael_key_expansion(AESContext *cx, unsigned char *key, unsigned int Nk)
-{
- unsigned int i;
- PRUint32 *W;
- PRUint32 *pW;
- PRUint32 tmp;
- unsigned int round_key_words = cx->Nb * (cx->Nr + 1);
- if (Nk == 7)
- return rijndael_key_expansion7(cx, key, Nk);
- W = cx->expandedKey;
- /* The first Nk words contain the input cipher key */
- memcpy(W, key, Nk * 4);
- i = Nk;
- pW = W + i - 1;
- /* Loop over all sets of Nk words, except the last */
- while (i < round_key_words - Nk) {
- tmp = *pW++;
- tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
- *pW = W[i++ - Nk] ^ tmp;
- tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- if (Nk == 4)
- continue;
- switch (Nk) {
- case 8: tmp = *pW++; tmp = SUBBYTE(tmp); *pW = W[i++ - Nk] ^ tmp;
- case 7: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- case 6: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- case 5: tmp = *pW++; *pW = W[i++ - Nk] ^ tmp;
- }
- }
- /* Generate the last word */
- tmp = *pW++;
- tmp = SUBBYTE(ROTBYTE(tmp)) ^ Rcon[i / Nk - 1];
- *pW = W[i++ - Nk] ^ tmp;
- /* There may be overflow here, if Nk % (Nb * (Nr + 1)) > 0. However,
- * since the above loop generated all but the last Nk key words, there
- * is no more need for the SubByte transformation.
- */
- if (Nk < 8) {
- for (; i < round_key_words; ++i) {
- tmp = *pW++;
- *pW = W[i - Nk] ^ tmp;
- }
- } else {
- /* except in the case when Nk == 8. Then one more SubByte may have
- * to be performed, at i % Nk == 4.
- */
- for (; i < round_key_words; ++i) {
- tmp = *pW++;
- if (i % Nk == 4)
- tmp = SUBBYTE(tmp);
- *pW = W[i - Nk] ^ tmp;
- }
- }
- return SECSuccess;
-}
-
-/* rijndael_invkey_expansion
- *
- * Generate the expanded key for the inverse cipher from the key input by
- * the user.
- */
-static SECStatus
-rijndael_invkey_expansion(AESContext *cx, unsigned char *key, unsigned int Nk)
-{
- unsigned int r;
- PRUint32 *roundkeyw;
- PRUint8 *b;
- int Nb = cx->Nb;
- /* begins like usual key expansion ... */
- if (rijndael_key_expansion(cx, key, Nk) != SECSuccess)
- return SECFailure;
- /* ... but has the additional step of InvMixColumn,
- * excepting the first and last round keys.
- */
- roundkeyw = cx->expandedKey + cx->Nb;
- for (r=1; r<cx->Nr; ++r) {
- /* each key word, roundkeyw, represents a column in the key
- * matrix. Each column is multiplied by the InvMixColumn matrix.
- * [ 0E 0B 0D 09 ] [ b0 ]
- * [ 09 0E 0B 0D ] * [ b1 ]
- * [ 0D 09 0E 0B ] [ b2 ]
- * [ 0B 0D 09 0E ] [ b3 ]
- */
- b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
- b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
- b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
- b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^ IMXC2(b[2]) ^ IMXC3(b[3]);
- if (Nb <= 4)
- continue;
- switch (Nb) {
- case 8: b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
- IMXC2(b[2]) ^ IMXC3(b[3]);
- case 7: b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
- IMXC2(b[2]) ^ IMXC3(b[3]);
- case 6: b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
- IMXC2(b[2]) ^ IMXC3(b[3]);
- case 5: b = (PRUint8 *)roundkeyw;
- *roundkeyw++ = IMXC0(b[0]) ^ IMXC1(b[1]) ^
- IMXC2(b[2]) ^ IMXC3(b[3]);
- }
- }
- return SECSuccess;
-}
-/**************************************************************************
- *
- * Stuff related to Rijndael encryption/decryption, optimized for
- * a 128-bit blocksize.
- *
- *************************************************************************/
-
-#ifdef IS_LITTLE_ENDIAN
-#define BYTE0WORD(w) ((w) & 0x000000ff)
-#define BYTE1WORD(w) ((w) & 0x0000ff00)
-#define BYTE2WORD(w) ((w) & 0x00ff0000)
-#define BYTE3WORD(w) ((w) & 0xff000000)
-#else
-#define BYTE0WORD(w) ((w) & 0xff000000)
-#define BYTE1WORD(w) ((w) & 0x00ff0000)
-#define BYTE2WORD(w) ((w) & 0x0000ff00)
-#define BYTE3WORD(w) ((w) & 0x000000ff)
-#endif
-
-typedef union {
- PRUint32 w[4];
- PRUint8 b[16];
-} rijndael_state;
-
-#define COLUMN_0(state) state.w[0]
-#define COLUMN_1(state) state.w[1]
-#define COLUMN_2(state) state.w[2]
-#define COLUMN_3(state) state.w[3]
-
-#define STATE_BYTE(i) state.b[i]
-
-static SECStatus
-rijndael_encryptBlock128(AESContext *cx,
- unsigned char *output,
- const unsigned char *input)
-{
- unsigned int r;
- PRUint32 *roundkeyw;
- rijndael_state state;
- PRUint32 C0, C1, C2, C3;
-#if defined(_X86_)
-#define pIn input
-#define pOut output
-#else
- unsigned char *pIn, *pOut;
- PRUint32 inBuf[4], outBuf[4];
-
- if ((ptrdiff_t)input & 0x3) {
- memcpy(inBuf, input, sizeof inBuf);
- pIn = (unsigned char *)inBuf;
- } else {
- pIn = (unsigned char *)input;
- }
- if ((ptrdiff_t)output & 0x3) {
- pOut = (unsigned char *)outBuf;
- } else {
- pOut = (unsigned char *)output;
- }
-#endif
- roundkeyw = cx->expandedKey;
- /* Step 1: Add Round Key 0 to initial state */
- COLUMN_0(state) = *((PRUint32 *)(pIn )) ^ *roundkeyw++;
- COLUMN_1(state) = *((PRUint32 *)(pIn + 4 )) ^ *roundkeyw++;
- COLUMN_2(state) = *((PRUint32 *)(pIn + 8 )) ^ *roundkeyw++;
- COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw++;
- /* Step 2: Loop over rounds [1..NR-1] */
- for (r=1; r<cx->Nr; ++r) {
- /* Do ShiftRow, ByteSub, and MixColumn all at once */
- C0 = T0(STATE_BYTE(0)) ^
- T1(STATE_BYTE(5)) ^
- T2(STATE_BYTE(10)) ^
- T3(STATE_BYTE(15));
- C1 = T0(STATE_BYTE(4)) ^
- T1(STATE_BYTE(9)) ^
- T2(STATE_BYTE(14)) ^
- T3(STATE_BYTE(3));
- C2 = T0(STATE_BYTE(8)) ^
- T1(STATE_BYTE(13)) ^
- T2(STATE_BYTE(2)) ^
- T3(STATE_BYTE(7));
- C3 = T0(STATE_BYTE(12)) ^
- T1(STATE_BYTE(1)) ^
- T2(STATE_BYTE(6)) ^
- T3(STATE_BYTE(11));
- /* Round key addition */
- COLUMN_0(state) = C0 ^ *roundkeyw++;
- COLUMN_1(state) = C1 ^ *roundkeyw++;
- COLUMN_2(state) = C2 ^ *roundkeyw++;
- COLUMN_3(state) = C3 ^ *roundkeyw++;
- }
- /* Step 3: Do the last round */
- /* Final round does not employ MixColumn */
- C0 = ((BYTE0WORD(T2(STATE_BYTE(0)))) |
- (BYTE1WORD(T3(STATE_BYTE(5)))) |
- (BYTE2WORD(T0(STATE_BYTE(10)))) |
- (BYTE3WORD(T1(STATE_BYTE(15))))) ^
- *roundkeyw++;
- C1 = ((BYTE0WORD(T2(STATE_BYTE(4)))) |
- (BYTE1WORD(T3(STATE_BYTE(9)))) |
- (BYTE2WORD(T0(STATE_BYTE(14)))) |
- (BYTE3WORD(T1(STATE_BYTE(3))))) ^
- *roundkeyw++;
- C2 = ((BYTE0WORD(T2(STATE_BYTE(8)))) |
- (BYTE1WORD(T3(STATE_BYTE(13)))) |
- (BYTE2WORD(T0(STATE_BYTE(2)))) |
- (BYTE3WORD(T1(STATE_BYTE(7))))) ^
- *roundkeyw++;
- C3 = ((BYTE0WORD(T2(STATE_BYTE(12)))) |
- (BYTE1WORD(T3(STATE_BYTE(1)))) |
- (BYTE2WORD(T0(STATE_BYTE(6)))) |
- (BYTE3WORD(T1(STATE_BYTE(11))))) ^
- *roundkeyw++;
- *((PRUint32 *) pOut ) = C0;
- *((PRUint32 *)(pOut + 4)) = C1;
- *((PRUint32 *)(pOut + 8)) = C2;
- *((PRUint32 *)(pOut + 12)) = C3;
-#if defined(_X86_)
-#undef pIn
-#undef pOut
-#else
- if ((ptrdiff_t)output & 0x3) {
- memcpy(output, outBuf, sizeof outBuf);
- }
-#endif
- return SECSuccess;
-}
-
-static SECStatus
-rijndael_decryptBlock128(AESContext *cx,
- unsigned char *output,
- const unsigned char *input)
-{
- int r;
- PRUint32 *roundkeyw;
- rijndael_state state;
- PRUint32 C0, C1, C2, C3;
-#if defined(_X86_)
-#define pIn input
-#define pOut output
-#else
- unsigned char *pIn, *pOut;
- PRUint32 inBuf[4], outBuf[4];
-
- if ((ptrdiff_t)input & 0x3) {
- memcpy(inBuf, input, sizeof inBuf);
- pIn = (unsigned char *)inBuf;
- } else {
- pIn = (unsigned char *)input;
- }
- if ((ptrdiff_t)output & 0x3) {
- pOut = (unsigned char *)outBuf;
- } else {
- pOut = (unsigned char *)output;
- }
-#endif
- roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3;
- /* reverse the final key addition */
- COLUMN_3(state) = *((PRUint32 *)(pIn + 12)) ^ *roundkeyw--;
- COLUMN_2(state) = *((PRUint32 *)(pIn + 8)) ^ *roundkeyw--;
- COLUMN_1(state) = *((PRUint32 *)(pIn + 4)) ^ *roundkeyw--;
- COLUMN_0(state) = *((PRUint32 *)(pIn )) ^ *roundkeyw--;
- /* Loop over rounds in reverse [NR..1] */
- for (r=cx->Nr; r>1; --r) {
- /* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */
- C0 = TInv0(STATE_BYTE(0)) ^
- TInv1(STATE_BYTE(13)) ^
- TInv2(STATE_BYTE(10)) ^
- TInv3(STATE_BYTE(7));
- C1 = TInv0(STATE_BYTE(4)) ^
- TInv1(STATE_BYTE(1)) ^
- TInv2(STATE_BYTE(14)) ^
- TInv3(STATE_BYTE(11));
- C2 = TInv0(STATE_BYTE(8)) ^
- TInv1(STATE_BYTE(5)) ^
- TInv2(STATE_BYTE(2)) ^
- TInv3(STATE_BYTE(15));
- C3 = TInv0(STATE_BYTE(12)) ^
- TInv1(STATE_BYTE(9)) ^
- TInv2(STATE_BYTE(6)) ^
- TInv3(STATE_BYTE(3));
- /* Invert the key addition step */
- COLUMN_3(state) = C3 ^ *roundkeyw--;
- COLUMN_2(state) = C2 ^ *roundkeyw--;
- COLUMN_1(state) = C1 ^ *roundkeyw--;
- COLUMN_0(state) = C0 ^ *roundkeyw--;
- }
- /* inverse sub */
- pOut[ 0] = SINV(STATE_BYTE( 0));
- pOut[ 1] = SINV(STATE_BYTE(13));
- pOut[ 2] = SINV(STATE_BYTE(10));
- pOut[ 3] = SINV(STATE_BYTE( 7));
- pOut[ 4] = SINV(STATE_BYTE( 4));
- pOut[ 5] = SINV(STATE_BYTE( 1));
- pOut[ 6] = SINV(STATE_BYTE(14));
- pOut[ 7] = SINV(STATE_BYTE(11));
- pOut[ 8] = SINV(STATE_BYTE( 8));
- pOut[ 9] = SINV(STATE_BYTE( 5));
- pOut[10] = SINV(STATE_BYTE( 2));
- pOut[11] = SINV(STATE_BYTE(15));
- pOut[12] = SINV(STATE_BYTE(12));
- pOut[13] = SINV(STATE_BYTE( 9));
- pOut[14] = SINV(STATE_BYTE( 6));
- pOut[15] = SINV(STATE_BYTE( 3));
- /* final key addition */
- *((PRUint32 *)(pOut + 12)) ^= *roundkeyw--;
- *((PRUint32 *)(pOut + 8)) ^= *roundkeyw--;
- *((PRUint32 *)(pOut + 4)) ^= *roundkeyw--;
- *((PRUint32 *) pOut ) ^= *roundkeyw--;
-#if defined(_X86_)
-#undef pIn
-#undef pOut
-#else
- if ((ptrdiff_t)output & 0x3) {
- memcpy(output, outBuf, sizeof outBuf);
- }
-#endif
- return SECSuccess;
-}
-
-/**************************************************************************
- *
- * Stuff related to general Rijndael encryption/decryption, for blocksizes
- * greater than 128 bits.
- *
- * XXX This code is currently untested! So far, AES specs have only been
- * released for 128 bit blocksizes. This will be tested, but for now
- * only the code above has been tested using known values.
- *
- *************************************************************************/
-
-#define COLUMN(array, j) *((PRUint32 *)(array + j))
-
-SECStatus
-rijndael_encryptBlock(AESContext *cx,
- unsigned char *output,
- const unsigned char *input)
-{
- return SECFailure;
-#ifdef rijndael_large_blocks_fixed
- unsigned int j, r, Nb;
- unsigned int c2, c3;
- PRUint32 *roundkeyw;
- PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE];
- Nb = cx->Nb;
- roundkeyw = cx->expandedKey;
- /* Step 1: Add Round Key 0 to initial state */
- for (j=0; j<4*Nb; j+=4) {
- COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw++;
- }
- /* Step 2: Loop over rounds [1..NR-1] */
- for (r=1; r<cx->Nr; ++r) {
- for (j=0; j<Nb; ++j) {
- COLUMN(output, j) = T0(STATE_BYTE(4* j )) ^
- T1(STATE_BYTE(4*((j+ 1)%Nb)+1)) ^
- T2(STATE_BYTE(4*((j+c2)%Nb)+2)) ^
- T3(STATE_BYTE(4*((j+c3)%Nb)+3));
- }
- for (j=0; j<4*Nb; j+=4) {
- COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw++;
- }
- }
- /* Step 3: Do the last round */
- /* Final round does not employ MixColumn */
- for (j=0; j<Nb; ++j) {
- COLUMN(output, j) = ((BYTE0WORD(T2(STATE_BYTE(4* j )))) |
- (BYTE1WORD(T3(STATE_BYTE(4*(j+ 1)%Nb)+1))) |
- (BYTE2WORD(T0(STATE_BYTE(4*(j+c2)%Nb)+2))) |
- (BYTE3WORD(T1(STATE_BYTE(4*(j+c3)%Nb)+3)))) ^
- *roundkeyw++;
- }
- return SECSuccess;
-#endif
-}
-
-SECStatus
-rijndael_decryptBlock(AESContext *cx,
- unsigned char *output,
- const unsigned char *input)
-{
- return SECFailure;
-#ifdef rijndael_large_blocks_fixed
- int j, r, Nb;
- int c2, c3;
- PRUint32 *roundkeyw;
- PRUint8 clone[RIJNDAEL_MAX_STATE_SIZE];
- Nb = cx->Nb;
- roundkeyw = cx->expandedKey + cx->Nb * cx->Nr + 3;
- /* reverse key addition */
- for (j=4*Nb; j>=0; j-=4) {
- COLUMN(clone, j) = COLUMN(input, j) ^ *roundkeyw--;
- }
- /* Loop over rounds in reverse [NR..1] */
- for (r=cx->Nr; r>1; --r) {
- /* Invert the (InvByteSub*InvMixColumn)(InvShiftRow(state)) */
- for (j=0; j<Nb; ++j) {
- COLUMN(output, 4*j) = TInv0(STATE_BYTE(4* j )) ^
- TInv1(STATE_BYTE(4*(j+Nb- 1)%Nb)+1) ^
- TInv2(STATE_BYTE(4*(j+Nb-c2)%Nb)+2) ^
- TInv3(STATE_BYTE(4*(j+Nb-c3)%Nb)+3);
- }
- /* Invert the key addition step */
- for (j=4*Nb; j>=0; j-=4) {
- COLUMN(clone, j) = COLUMN(output, j) ^ *roundkeyw--;
- }
- }
- /* inverse sub */
- for (j=0; j<4*Nb; ++j) {
- output[j] = SINV(clone[j]);
- }
- /* final key addition */
- for (j=4*Nb; j>=0; j-=4) {
- COLUMN(output, j) ^= *roundkeyw--;
- }
- return SECSuccess;
-#endif
-}
-
-/**************************************************************************
- *
- * Rijndael modes of operation (ECB and CBC)
- *
- *************************************************************************/
-
-static SECStatus
-rijndael_encryptECB(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- int blocksize)
-{
- SECStatus rv;
- AESBlockFunc *encryptor;
- encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
- ? &rijndael_encryptBlock128
- : &rijndael_encryptBlock;
- while (inputLen > 0) {
- rv = (*encryptor)(cx, output, input);
- if (rv != SECSuccess)
- return rv;
- output += blocksize;
- input += blocksize;
- inputLen -= blocksize;
- }
- return SECSuccess;
-}
-
-static SECStatus
-rijndael_encryptCBC(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- int blocksize)
-{
- int j;
- SECStatus rv;
- AESBlockFunc *encryptor;
- unsigned char *lastblock;
- unsigned char inblock[RIJNDAEL_MAX_STATE_SIZE * 8];
-
- if (!inputLen)
- return SECSuccess;
- lastblock = cx->iv;
- encryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
- ? &rijndael_encryptBlock128
- : &rijndael_encryptBlock;
- while (inputLen > 0) {
- /* XOR with the last block (IV if first block) */
- for (j=0; j<blocksize; ++j)
- inblock[j] = input[j] ^ lastblock[j];
- /* encrypt */
- rv = (*encryptor)(cx, output, inblock);
- if (rv != SECSuccess)
- return rv;
- /* move to the next block */
- lastblock = output;
- output += blocksize;
- input += blocksize;
- inputLen -= blocksize;
- }
- memcpy(cx->iv, lastblock, blocksize);
- return SECSuccess;
-}
-
-static SECStatus
-rijndael_decryptECB(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- int blocksize)
-{
- SECStatus rv;
- AESBlockFunc *decryptor;
- decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
- ? &rijndael_decryptBlock128
- : &rijndael_decryptBlock;
- while (inputLen > 0) {
- rv = (*decryptor)(cx, output, input);
- if (rv != SECSuccess)
- return rv;
- output += blocksize;
- input += blocksize;
- inputLen -= blocksize;
- }
- return SECSuccess;
-}
-
-static SECStatus
-rijndael_decryptCBC(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- int blocksize)
-{
- SECStatus rv;
- AESBlockFunc *decryptor;
- const unsigned char *in;
- unsigned char *out;
- int j;
- unsigned char newIV[RIJNDAEL_MAX_BLOCKSIZE];
-
- if (!inputLen)
- return SECSuccess;
- PORT_Assert(output - input >= 0 || input - output >= (int)inputLen );
- decryptor = (blocksize == RIJNDAEL_MIN_BLOCKSIZE)
- ? &rijndael_decryptBlock128
- : &rijndael_decryptBlock;
- in = input + (inputLen - blocksize);
- memcpy(newIV, in, blocksize);
- out = output + (inputLen - blocksize);
- while (inputLen > blocksize) {
- rv = (*decryptor)(cx, out, in);
- if (rv != SECSuccess)
- return rv;
- for (j=0; j<blocksize; ++j)
- out[j] ^= in[j - blocksize];
- out -= blocksize;
- in -= blocksize;
- inputLen -= blocksize;
- }
- if (in == input) {
- rv = (*decryptor)(cx, out, in);
- if (rv != SECSuccess)
- return rv;
- for (j=0; j<blocksize; ++j)
- out[j] ^= cx->iv[j];
- }
- memcpy(cx->iv, newIV, blocksize);
- return SECSuccess;
-}
-
-/************************************************************************
- *
- * BLAPI Interface functions
- *
- * The following functions implement the encryption routines defined in
- * BLAPI for the AES cipher, Rijndael.
- *
- ***********************************************************************/
-
-/* AES_CreateContext
- *
- * create a new context for Rijndael operations
- */
-AESContext *
-AES_CreateContext(unsigned char *key, unsigned char *iv, int mode, int encrypt,
- unsigned int keysize, unsigned int blocksize)
-{
- AESContext *cx;
- unsigned int Nk;
- /* According to Rijndael AES Proposal, section 12.1, block and key
- * lengths between 128 and 256 bits are supported, as long as the
- * length in bytes is divisible by 4.
- */
- if (key == NULL ||
- keysize < RIJNDAEL_MIN_BLOCKSIZE ||
- keysize > RIJNDAEL_MAX_BLOCKSIZE ||
- keysize % 4 != 0 ||
- blocksize < RIJNDAEL_MIN_BLOCKSIZE ||
- blocksize > RIJNDAEL_MAX_BLOCKSIZE ||
- blocksize % 4 != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- if (mode != NSS_AES && mode != NSS_AES_CBC) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- if (mode == NSS_AES_CBC && iv == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- cx = PORT_ZNew(AESContext);
- if (!cx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- /* Nb = (block size in bits) / 32 */
- cx->Nb = blocksize / 4;
- /* Nk = (key size in bits) / 32 */
- Nk = keysize / 4;
- /* Obtain number of rounds from "table" */
- cx->Nr = RIJNDAEL_NUM_ROUNDS(Nk, cx->Nb);
- /* copy in the iv, if neccessary */
- if (mode == NSS_AES_CBC) {
- memcpy(cx->iv, iv, blocksize);
- cx->worker = (encrypt) ? &rijndael_encryptCBC : &rijndael_decryptCBC;
- } else {
- cx->worker = (encrypt) ? &rijndael_encryptECB : &rijndael_decryptECB;
- }
- /* Allocate memory for the expanded key */
- cx->expandedKey = PORT_ZNewArray(PRUint32, cx->Nb * (cx->Nr + 1));
- if (!cx->expandedKey) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto cleanup;
- }
- /* Generate expanded key */
- if (encrypt) {
- if (rijndael_key_expansion(cx, key, Nk) != SECSuccess)
- goto cleanup;
- } else {
- if (rijndael_invkey_expansion(cx, key, Nk) != SECSuccess)
- goto cleanup;
- }
- return cx;
-cleanup:
- if (cx->expandedKey)
- PORT_ZFree(cx->expandedKey, cx->Nb * (cx->Nr + 1));
- PORT_ZFree(cx, sizeof *cx);
- return NULL;
-}
-
-/*
- * AES_DestroyContext
- *
- * Zero an AES cipher context. If freeit is true, also free the pointer
- * to the context.
- */
-void
-AES_DestroyContext(AESContext *cx, PRBool freeit)
-{
- PORT_ZFree(cx->expandedKey, cx->Nb * (cx->Nr + 1));
- memset(cx, 0, sizeof *cx);
- if (freeit)
- PORT_Free(cx);
-}
-
-/*
- * AES_Encrypt
- *
- * Encrypt an arbitrary-length buffer. The output buffer must already be
- * allocated to at least inputLen.
- */
-SECStatus
-AES_Encrypt(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- int blocksize;
- /* Check args */
- if (cx == NULL || output == NULL || input == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- blocksize = 4 * cx->Nb;
- if (inputLen % blocksize != 0) {
- PORT_SetError(SEC_ERROR_INPUT_LEN);
- return SECFailure;
- }
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- return SECFailure;
- }
- *outputLen = inputLen;
-#if defined(RIJNDAEL_GENERATE_TABLES) || \
- defined(RIJNDAEL_GENERATE_TABLES_MACRO)
- if (rijndaelTables == NULL) {
- if (PR_CallOnce(&coRTInit, init_rijndael_tables)
- != PR_SUCCESS) {
- return PR_FAILURE;
- }
- }
-#endif
- return (*cx->worker)(cx, output, outputLen, maxOutputLen,
- input, inputLen, blocksize);
-}
-
-/*
- * AES_Decrypt
- *
- * Decrypt and arbitrary-length buffer. The output buffer must already be
- * allocated to at least inputLen.
- */
-SECStatus
-AES_Decrypt(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen)
-{
- int blocksize;
- /* Check args */
- if (cx == NULL || output == NULL || input == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- blocksize = 4 * cx->Nb;
- if (inputLen % blocksize != 0) {
- PORT_SetError(SEC_ERROR_INPUT_LEN);
- return SECFailure;
- }
- if (maxOutputLen < inputLen) {
- PORT_SetError(SEC_ERROR_OUTPUT_LEN);
- return SECFailure;
- }
- *outputLen = inputLen;
-#if defined(RIJNDAEL_GENERATE_TABLES) || \
- defined(RIJNDAEL_GENERATE_TABLES_MACRO)
- if (rijndaelTables == NULL) {
- if (PR_CallOnce(&coRTInit, init_rijndael_tables)
- != PR_SUCCESS) {
- return PR_FAILURE;
- }
- }
-#endif
- return (*cx->worker)(cx, output, outputLen, maxOutputLen,
- input, inputLen, blocksize);
-}
-
diff --git a/security/nss/lib/freebl/rijndael.h b/security/nss/lib/freebl/rijndael.h
deleted file mode 100644
index 2a928ae4f..000000000
--- a/security/nss/lib/freebl/rijndael.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _RIJNDAEL_H_
-#define _RIJNDAEL_H_ 1
-
-#define RIJNDAEL_MIN_BLOCKSIZE 16 /* bytes */
-#define RIJNDAEL_MAX_BLOCKSIZE 32 /* bytes */
-
-typedef SECStatus AESFunc(AESContext *cx, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- const unsigned char *input, unsigned int inputLen,
- int blocksize);
-
-typedef SECStatus AESBlockFunc(AESContext *cx,
- unsigned char *output,
- const unsigned char *input);
-
-/* AESContextStr
- *
- * Values which maintain the state for Rijndael encryption/decryption.
- *
- * iv - initialization vector for CBC mode
- * Nb - the number of bytes in a block, specified by user
- * Nr - the number of rounds, specified by a table
- * expandedKey - the round keys in 4-byte words, the length is Nr * Nb
- * worker - the encryption/decryption function to use with this context
- */
-struct AESContextStr
-{
- unsigned int Nb;
- unsigned int Nr;
- PRUint32 *expandedKey;
- AESFunc *worker;
- unsigned char iv[RIJNDAEL_MAX_BLOCKSIZE];
-};
-
-/* RIJNDAEL_NUM_ROUNDS
- *
- * Number of rounds per execution
- * Nk - number of key bytes
- * Nb - blocksize (in bytes)
- */
-#define RIJNDAEL_NUM_ROUNDS(Nk, Nb) \
- (PR_MAX(Nk, Nb) + 6)
-
-/* RIJNDAEL_NUM_ROUNDS
- *
- * Maximum number of bytes in the state (spec includes up to 256-bit block
- * size)
- */
-#define RIJNDAEL_MAX_STATE_SIZE 32
-
-#endif /* _RIJNDAEL_H_ */
diff --git a/security/nss/lib/freebl/rijndael32.tab b/security/nss/lib/freebl/rijndael32.tab
deleted file mode 100644
index 6b78e2e8b..000000000
--- a/security/nss/lib/freebl/rijndael32.tab
+++ /dev/null
@@ -1,1215 +0,0 @@
-#ifndef RIJNDAEL_INCLUDE_TABLES
-static const PRUint8 _S[256] =
-{
- 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118,
-202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
-183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21,
- 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117,
- 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132,
- 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207,
-208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
- 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210,
-205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115,
- 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219,
-224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121,
-231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8,
-186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138,
-112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
-225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
-140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22
-};
-#endif /* not RIJNDAEL_INCLUDE_TABLES */
-
-static const PRUint8 _SInv[256] =
-{
- 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251,
-124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203,
- 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78,
- 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37,
-114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146,
-108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132,
-144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
-208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107,
- 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
-150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110,
- 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27,
-252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244,
- 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95,
- 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
-160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97,
- 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125
-};
-
-#ifdef RIJNDAEL_INCLUDE_TABLES
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T0[256] =
-{
-0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff, 0xbd6b6bd6,
-0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56,
-0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec, 0x45caca8f, 0x9d82821f,
-0x40c9c989, 0x877d7dfa, 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb,
-0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453,
-0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c,
-0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, 0x5c343468, 0xf4a5a551,
-0x34e5e5d1, 0x08f1f1f9, 0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a,
-0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637,
-0x0f05050a, 0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
-0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, 0x9e83831d,
-0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b,
-0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d, 0x7b292952, 0x3ee3e3dd,
-0x712f2f5e, 0x97848413, 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1,
-0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d,
-0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85,
-0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, 0xc5434386, 0xd74d4d9a,
-0x55333366, 0x94858511, 0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe,
-0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d,
-0xc0404080, 0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1,
-0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, 0x1affffe5,
-0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3,
-0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e, 0x57c4c493, 0xf2a7a755,
-0x827e7efc, 0x473d3d7a, 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6,
-0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54,
-0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428,
-0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, 0x3be0e0db, 0x56323264,
-0x4e3a3a74, 0x1e0a0a14, 0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8,
-0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531,
-0x37e4e4d3, 0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
-0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, 0xfa5656ac,
-0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810,
-0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c, 0x241c1c38, 0xf1a6a657,
-0xc7b4b473, 0x51c6c697, 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e,
-0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c,
-0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c,
-0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, 0x91868617, 0x58c1c199,
-0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122,
-0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c,
-0x92878715, 0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
-0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, 0x31e6e6d7,
-0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e,
-0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c
-};
-#else
-static const PRUint32 _T0[256] =
-{
-0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd,
-0xde6f6fb1, 0x91c5c554, 0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
-0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a, 0x8fcaca45, 0x1f82829d,
-0x89c9c940, 0xfa7d7d87, 0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
-0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea, 0x239c9cbf, 0x53a4a4f7,
-0xe4727296, 0x9bc0c05b, 0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
-0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f, 0x6834345c, 0x51a5a5f4,
-0xd1e5e534, 0xf9f1f108, 0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
-0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e, 0x30181828, 0x379696a1,
-0x0a05050f, 0x2f9a9ab5, 0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
-0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f, 0x1209091b, 0x1d83839e,
-0x582c2c74, 0x341a1a2e, 0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
-0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce, 0x5229297b, 0xdde3e33e,
-0x5e2f2f71, 0x13848497, 0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
-0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed, 0xd46a6abe, 0x8dcbcb46,
-0x67bebed9, 0x7239394b, 0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
-0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16, 0x864343c5, 0x9a4d4dd7,
-0x66333355, 0x11858594, 0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
-0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3, 0xa25151f3, 0x5da3a3fe,
-0x804040c0, 0x058f8f8a, 0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
-0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163, 0x20101030, 0xe5ffff1a,
-0xfdf3f30e, 0xbfd2d26d, 0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
-0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739, 0x93c4c457, 0x55a7a7f2,
-0xfc7e7e82, 0x7a3d3d47, 0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
-0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f, 0x44222266, 0x542a2a7e,
-0x3b9090ab, 0x0b888883, 0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
-0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76, 0xdbe0e03b, 0x64323256,
-0x743a3a4e, 0x140a0a1e, 0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
-0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6, 0x399191a8, 0x319595a4,
-0xd3e4e437, 0xf279798b, 0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
-0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0, 0xd86c6cb4, 0xac5656fa,
-0xf3f4f407, 0xcfeaea25, 0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
-0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72, 0x381c1c24, 0x57a6a6f1,
-0x73b4b4c7, 0x97c6c651, 0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
-0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85, 0xe0707090, 0x7c3e3e42,
-0x71b5b5c4, 0xcc6666aa, 0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
-0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0, 0x17868691, 0x99c1c158,
-0x3a1d1d27, 0x279e9eb9, 0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
-0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7, 0x2d9b9bb6, 0x3c1e1e22,
-0x15878792, 0xc9e9e920, 0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
-0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17, 0x65bfbfda, 0xd7e6e631,
-0x844242c6, 0xd06868b8, 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
-0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T1[256] =
-{
-0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, 0xf2f2ff0d, 0x6b6bd6bd,
-0x6f6fdeb1, 0xc5c59154, 0x30306050, 0x01010203, 0x6767cea9, 0x2b2b567d,
-0xfefee719, 0xd7d7b562, 0xabab4de6, 0x7676ec9a, 0xcaca8f45, 0x82821f9d,
-0xc9c98940, 0x7d7dfa87, 0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b,
-0xadad41ec, 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea, 0x9c9c23bf, 0xa4a453f7,
-0x7272e496, 0xc0c09b5b, 0xb7b775c2, 0xfdfde11c, 0x93933dae, 0x26264c6a,
-0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f, 0x3434685c, 0xa5a551f4,
-0xe5e5d134, 0xf1f1f908, 0x7171e293, 0xd8d8ab73, 0x31316253, 0x15152a3f,
-0x0404080c, 0xc7c79552, 0x23234665, 0xc3c39d5e, 0x18183028, 0x969637a1,
-0x05050a0f, 0x9a9a2fb5, 0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d,
-0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f, 0x0909121b, 0x83831d9e,
-0x2c2c5874, 0x1a1a342e, 0x1b1b362d, 0x6e6edcb2, 0x5a5ab4ee, 0xa0a05bfb,
-0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 0xb3b37dce, 0x2929527b, 0xe3e3dd3e,
-0x2f2f5e71, 0x84841397, 0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c,
-0x20204060, 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed, 0x6a6ad4be, 0xcbcb8d46,
-0xbebe67d9, 0x3939724b, 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 0xcfcf854a,
-0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16, 0x434386c5, 0x4d4d9ad7,
-0x33336655, 0x85851194, 0x45458acf, 0xf9f9e910, 0x02020406, 0x7f7ffe81,
-0x5050a0f0, 0x3c3c7844, 0x9f9f25ba, 0xa8a84be3, 0x5151a2f3, 0xa3a35dfe,
-0x404080c0, 0x8f8f058a, 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104,
-0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263, 0x10102030, 0xffffe51a,
-0xf3f3fd0e, 0xd2d2bf6d, 0xcdcd814c, 0x0c0c1814, 0x13132635, 0xececc32f,
-0x5f5fbee1, 0x979735a2, 0x444488cc, 0x17172e39, 0xc4c49357, 0xa7a755f2,
-0x7e7efc82, 0x3d3d7a47, 0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695,
-0x6060c0a0, 0x81811998, 0x4f4f9ed1, 0xdcdca37f, 0x22224466, 0x2a2a547e,
-0x90903bab, 0x88880b83, 0x46468cca, 0xeeeec729, 0xb8b86bd3, 0x1414283c,
-0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76, 0xe0e0db3b, 0x32326456,
-0x3a3a744e, 0x0a0a141e, 0x494992db, 0x06060c0a, 0x2424486c, 0x5c5cb8e4,
-0xc2c29f5d, 0xd3d3bd6e, 0xacac43ef, 0x6262c4a6, 0x919139a8, 0x959531a4,
-0xe4e4d337, 0x7979f28b, 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7,
-0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0, 0x6c6cd8b4, 0x5656acfa,
-0xf4f4f307, 0xeaeacf25, 0x6565caaf, 0x7a7af48e, 0xaeae47e9, 0x08081018,
-0xbaba6fd5, 0x7878f088, 0x25254a6f, 0x2e2e5c72, 0x1c1c3824, 0xa6a657f1,
-0xb4b473c7, 0xc6c69751, 0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21,
-0x4b4b96dd, 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85, 0x7070e090, 0x3e3e7c42,
-0xb5b571c4, 0x6666ccaa, 0x484890d8, 0x03030605, 0xf6f6f701, 0x0e0e1c12,
-0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0, 0x86861791, 0xc1c19958,
-0x1d1d3a27, 0x9e9e27b9, 0xe1e1d938, 0xf8f8eb13, 0x98982bb3, 0x11112233,
-0x6969d2bb, 0xd9d9a970, 0x8e8e0789, 0x949433a7, 0x9b9b2db6, 0x1e1e3c22,
-0x87871592, 0xe9e9c920, 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a,
-0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17, 0xbfbf65da, 0xe6e6d731,
-0x424284c6, 0x6868d0b8, 0x414182c3, 0x999929b0, 0x2d2d5a77, 0x0f0f1e11,
-0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a
-};
-#else
-static const PRUint32 _T1[256] =
-{
-0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, 0x0dfff2f2, 0xbdd66b6b,
-0xb1de6f6f, 0x5491c5c5, 0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b,
-0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676, 0x458fcaca, 0x9d1f8282,
-0x4089c9c9, 0x87fa7d7d, 0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0,
-0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf, 0xbf239c9c, 0xf753a4a4,
-0x96e47272, 0x5b9bc0c0, 0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
-0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc, 0x5c683434, 0xf451a5a5,
-0x34d1e5e5, 0x08f9f1f1, 0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
-0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3, 0x28301818, 0xa1379696,
-0x0f0a0505, 0xb52f9a9a, 0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
-0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575, 0x1b120909, 0x9e1d8383,
-0x74582c2c, 0x2e341a1a, 0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
-0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3, 0x7b522929, 0x3edde3e3,
-0x715e2f2f, 0x97138484, 0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded,
-0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b, 0xbed46a6a, 0x468dcbcb,
-0xd967bebe, 0x4b723939, 0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
-0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb, 0xc5864343, 0xd79a4d4d,
-0x55663333, 0x94118585, 0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f,
-0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8, 0xf3a25151, 0xfe5da3a3,
-0xc0804040, 0x8a058f8f, 0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5,
-0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121, 0x30201010, 0x1ae5ffff,
-0x0efdf3f3, 0x6dbfd2d2, 0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
-0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717, 0x5793c4c4, 0xf255a7a7,
-0x82fc7e7e, 0x477a3d3d, 0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
-0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc, 0x66442222, 0x7e542a2a,
-0xab3b9090, 0x830b8888, 0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
-0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb, 0x3bdbe0e0, 0x56643232,
-0x4e743a3a, 0x1e140a0a, 0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c,
-0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262, 0xa8399191, 0xa4319595,
-0x37d3e4e4, 0x8bf27979, 0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
-0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9, 0xb4d86c6c, 0xfaac5656,
-0x07f3f4f4, 0x25cfeaea, 0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
-0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e, 0x24381c1c, 0xf157a6a6,
-0xc773b4b4, 0x5197c6c6, 0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
-0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a, 0x90e07070, 0x427c3e3e,
-0xc471b5b5, 0xaacc6666, 0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e,
-0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9, 0x91178686, 0x5899c1c1,
-0x273a1d1d, 0xb9279e9e, 0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
-0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494, 0xb62d9b9b, 0x223c1e1e,
-0x92158787, 0x20c9e9e9, 0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
-0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d, 0xda65bfbf, 0x31d7e6e6,
-0xc6844242, 0xb8d06868, 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
-0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T2[256] =
-{
-0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, 0xf2ff0df2, 0x6bd6bd6b,
-0x6fdeb16f, 0xc59154c5, 0x30605030, 0x01020301, 0x67cea967, 0x2b567d2b,
-0xfee719fe, 0xd7b562d7, 0xab4de6ab, 0x76ec9a76, 0xca8f45ca, 0x821f9d82,
-0xc98940c9, 0x7dfa877d, 0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0,
-0xad41ecad, 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf, 0x9c23bf9c, 0xa453f7a4,
-0x72e49672, 0xc09b5bc0, 0xb775c2b7, 0xfde11cfd, 0x933dae93, 0x264c6a26,
-0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc, 0x34685c34, 0xa551f4a5,
-0xe5d134e5, 0xf1f908f1, 0x71e29371, 0xd8ab73d8, 0x31625331, 0x152a3f15,
-0x04080c04, 0xc79552c7, 0x23466523, 0xc39d5ec3, 0x18302818, 0x9637a196,
-0x050a0f05, 0x9a2fb59a, 0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2,
-0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75, 0x09121b09, 0x831d9e83,
-0x2c58742c, 0x1a342e1a, 0x1b362d1b, 0x6edcb26e, 0x5ab4ee5a, 0xa05bfba0,
-0x52a4f652, 0x3b764d3b, 0xd6b761d6, 0xb37dceb3, 0x29527b29, 0xe3dd3ee3,
-0x2f5e712f, 0x84139784, 0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced,
-0x20406020, 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b, 0x6ad4be6a, 0xcb8d46cb,
-0xbe67d9be, 0x39724b39, 0x4a94de4a, 0x4c98d44c, 0x58b0e858, 0xcf854acf,
-0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb, 0x4386c543, 0x4d9ad74d,
-0x33665533, 0x85119485, 0x458acf45, 0xf9e910f9, 0x02040602, 0x7ffe817f,
-0x50a0f050, 0x3c78443c, 0x9f25ba9f, 0xa84be3a8, 0x51a2f351, 0xa35dfea3,
-0x4080c040, 0x8f058a8f, 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5,
-0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321, 0x10203010, 0xffe51aff,
-0xf3fd0ef3, 0xd2bf6dd2, 0xcd814ccd, 0x0c18140c, 0x13263513, 0xecc32fec,
-0x5fbee15f, 0x9735a297, 0x4488cc44, 0x172e3917, 0xc49357c4, 0xa755f2a7,
-0x7efc827e, 0x3d7a473d, 0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573,
-0x60c0a060, 0x81199881, 0x4f9ed14f, 0xdca37fdc, 0x22446622, 0x2a547e2a,
-0x903bab90, 0x880b8388, 0x468cca46, 0xeec729ee, 0xb86bd3b8, 0x14283c14,
-0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db, 0xe0db3be0, 0x32645632,
-0x3a744e3a, 0x0a141e0a, 0x4992db49, 0x060c0a06, 0x24486c24, 0x5cb8e45c,
-0xc29f5dc2, 0xd3bd6ed3, 0xac43efac, 0x62c4a662, 0x9139a891, 0x9531a495,
-0xe4d337e4, 0x79f28b79, 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d,
-0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9, 0x6cd8b46c, 0x56acfa56,
-0xf4f307f4, 0xeacf25ea, 0x65caaf65, 0x7af48e7a, 0xae47e9ae, 0x08101808,
-0xba6fd5ba, 0x78f08878, 0x254a6f25, 0x2e5c722e, 0x1c38241c, 0xa657f1a6,
-0xb473c7b4, 0xc69751c6, 0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f,
-0x4b96dd4b, 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a, 0x70e09070, 0x3e7c423e,
-0xb571c4b5, 0x66ccaa66, 0x4890d848, 0x03060503, 0xf6f701f6, 0x0e1c120e,
-0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9, 0x86179186, 0xc19958c1,
-0x1d3a271d, 0x9e27b99e, 0xe1d938e1, 0xf8eb13f8, 0x982bb398, 0x11223311,
-0x69d2bb69, 0xd9a970d9, 0x8e07898e, 0x9433a794, 0x9b2db69b, 0x1e3c221e,
-0x87159287, 0xe9c920e9, 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf,
-0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d, 0xbf65dabf, 0xe6d731e6,
-0x4284c642, 0x68d0b868, 0x4182c341, 0x9929b099, 0x2d5a772d, 0x0f1e110f,
-0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16
-};
-#else
-static const PRUint32 _T2[256] =
-{
-0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, 0xf20dfff2, 0x6bbdd66b,
-0x6fb1de6f, 0xc55491c5, 0x30506030, 0x01030201, 0x67a9ce67, 0x2b7d562b,
-0xfe19e7fe, 0xd762b5d7, 0xabe64dab, 0x769aec76, 0xca458fca, 0x829d1f82,
-0xc94089c9, 0x7d87fa7d, 0xfa15effa, 0x59ebb259, 0x47c98e47, 0xf00bfbf0,
-0xadec41ad, 0xd467b3d4, 0xa2fd5fa2, 0xafea45af, 0x9cbf239c, 0xa4f753a4,
-0x7296e472, 0xc05b9bc0, 0xb7c275b7, 0xfd1ce1fd, 0x93ae3d93, 0x266a4c26,
-0x365a6c36, 0x3f417e3f, 0xf702f5f7, 0xcc4f83cc, 0x345c6834, 0xa5f451a5,
-0xe534d1e5, 0xf108f9f1, 0x7193e271, 0xd873abd8, 0x31536231, 0x153f2a15,
-0x040c0804, 0xc75295c7, 0x23654623, 0xc35e9dc3, 0x18283018, 0x96a13796,
-0x050f0a05, 0x9ab52f9a, 0x07090e07, 0x12362412, 0x809b1b80, 0xe23ddfe2,
-0xeb26cdeb, 0x27694e27, 0xb2cd7fb2, 0x759fea75, 0x091b1209, 0x839e1d83,
-0x2c74582c, 0x1a2e341a, 0x1b2d361b, 0x6eb2dc6e, 0x5aeeb45a, 0xa0fb5ba0,
-0x52f6a452, 0x3b4d763b, 0xd661b7d6, 0xb3ce7db3, 0x297b5229, 0xe33edde3,
-0x2f715e2f, 0x84971384, 0x53f5a653, 0xd168b9d1, 0x00000000, 0xed2cc1ed,
-0x20604020, 0xfc1fe3fc, 0xb1c879b1, 0x5bedb65b, 0x6abed46a, 0xcb468dcb,
-0xbed967be, 0x394b7239, 0x4ade944a, 0x4cd4984c, 0x58e8b058, 0xcf4a85cf,
-0xd06bbbd0, 0xef2ac5ef, 0xaae54faa, 0xfb16edfb, 0x43c58643, 0x4dd79a4d,
-0x33556633, 0x85941185, 0x45cf8a45, 0xf910e9f9, 0x02060402, 0x7f81fe7f,
-0x50f0a050, 0x3c44783c, 0x9fba259f, 0xa8e34ba8, 0x51f3a251, 0xa3fe5da3,
-0x40c08040, 0x8f8a058f, 0x92ad3f92, 0x9dbc219d, 0x38487038, 0xf504f1f5,
-0xbcdf63bc, 0xb6c177b6, 0xda75afda, 0x21634221, 0x10302010, 0xff1ae5ff,
-0xf30efdf3, 0xd26dbfd2, 0xcd4c81cd, 0x0c14180c, 0x13352613, 0xec2fc3ec,
-0x5fe1be5f, 0x97a23597, 0x44cc8844, 0x17392e17, 0xc45793c4, 0xa7f255a7,
-0x7e82fc7e, 0x3d477a3d, 0x64acc864, 0x5de7ba5d, 0x192b3219, 0x7395e673,
-0x60a0c060, 0x81981981, 0x4fd19e4f, 0xdc7fa3dc, 0x22664422, 0x2a7e542a,
-0x90ab3b90, 0x88830b88, 0x46ca8c46, 0xee29c7ee, 0xb8d36bb8, 0x143c2814,
-0xde79a7de, 0x5ee2bc5e, 0x0b1d160b, 0xdb76addb, 0xe03bdbe0, 0x32566432,
-0x3a4e743a, 0x0a1e140a, 0x49db9249, 0x060a0c06, 0x246c4824, 0x5ce4b85c,
-0xc25d9fc2, 0xd36ebdd3, 0xacef43ac, 0x62a6c462, 0x91a83991, 0x95a43195,
-0xe437d3e4, 0x798bf279, 0xe732d5e7, 0xc8438bc8, 0x37596e37, 0x6db7da6d,
-0x8d8c018d, 0xd564b1d5, 0x4ed29c4e, 0xa9e049a9, 0x6cb4d86c, 0x56faac56,
-0xf407f3f4, 0xea25cfea, 0x65afca65, 0x7a8ef47a, 0xaee947ae, 0x08181008,
-0xbad56fba, 0x7888f078, 0x256f4a25, 0x2e725c2e, 0x1c24381c, 0xa6f157a6,
-0xb4c773b4, 0xc65197c6, 0xe823cbe8, 0xdd7ca1dd, 0x749ce874, 0x1f213e1f,
-0x4bdd964b, 0xbddc61bd, 0x8b860d8b, 0x8a850f8a, 0x7090e070, 0x3e427c3e,
-0xb5c471b5, 0x66aacc66, 0x48d89048, 0x03050603, 0xf601f7f6, 0x0e121c0e,
-0x61a3c261, 0x355f6a35, 0x57f9ae57, 0xb9d069b9, 0x86911786, 0xc15899c1,
-0x1d273a1d, 0x9eb9279e, 0xe138d9e1, 0xf813ebf8, 0x98b32b98, 0x11332211,
-0x69bbd269, 0xd970a9d9, 0x8e89078e, 0x94a73394, 0x9bb62d9b, 0x1e223c1e,
-0x87921587, 0xe920c9e9, 0xce4987ce, 0x55ffaa55, 0x28785028, 0xdf7aa5df,
-0x8c8f038c, 0xa1f859a1, 0x89800989, 0x0d171a0d, 0xbfda65bf, 0xe631d7e6,
-0x42c68442, 0x68b8d068, 0x41c38241, 0x99b02999, 0x2d775a2d, 0x0f111e0f,
-0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _T3[256] =
-{
-0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, 0xff0df2f2, 0xd6bd6b6b,
-0xdeb16f6f, 0x9154c5c5, 0x60503030, 0x02030101, 0xcea96767, 0x567d2b2b,
-0xe719fefe, 0xb562d7d7, 0x4de6abab, 0xec9a7676, 0x8f45caca, 0x1f9d8282,
-0x8940c9c9, 0xfa877d7d, 0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0,
-0x41ecadad, 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf, 0x23bf9c9c, 0x53f7a4a4,
-0xe4967272, 0x9b5bc0c0, 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 0x4c6a2626,
-0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc, 0x685c3434, 0x51f4a5a5,
-0xd134e5e5, 0xf908f1f1, 0xe2937171, 0xab73d8d8, 0x62533131, 0x2a3f1515,
-0x080c0404, 0x9552c7c7, 0x46652323, 0x9d5ec3c3, 0x30281818, 0x37a19696,
-0x0a0f0505, 0x2fb59a9a, 0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2,
-0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575, 0x121b0909, 0x1d9e8383,
-0x58742c2c, 0x342e1a1a, 0x362d1b1b, 0xdcb26e6e, 0xb4ee5a5a, 0x5bfba0a0,
-0xa4f65252, 0x764d3b3b, 0xb761d6d6, 0x7dceb3b3, 0x527b2929, 0xdd3ee3e3,
-0x5e712f2f, 0x13978484, 0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded,
-0x40602020, 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b, 0xd4be6a6a, 0x8d46cbcb,
-0x67d9bebe, 0x724b3939, 0x94de4a4a, 0x98d44c4c, 0xb0e85858, 0x854acfcf,
-0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb, 0x86c54343, 0x9ad74d4d,
-0x66553333, 0x11948585, 0x8acf4545, 0xe910f9f9, 0x04060202, 0xfe817f7f,
-0xa0f05050, 0x78443c3c, 0x25ba9f9f, 0x4be3a8a8, 0xa2f35151, 0x5dfea3a3,
-0x80c04040, 0x058a8f8f, 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5,
-0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121, 0x20301010, 0xe51affff,
-0xfd0ef3f3, 0xbf6dd2d2, 0x814ccdcd, 0x18140c0c, 0x26351313, 0xc32fecec,
-0xbee15f5f, 0x35a29797, 0x88cc4444, 0x2e391717, 0x9357c4c4, 0x55f2a7a7,
-0xfc827e7e, 0x7a473d3d, 0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373,
-0xc0a06060, 0x19988181, 0x9ed14f4f, 0xa37fdcdc, 0x44662222, 0x547e2a2a,
-0x3bab9090, 0x0b838888, 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 0x283c1414,
-0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb, 0xdb3be0e0, 0x64563232,
-0x744e3a3a, 0x141e0a0a, 0x92db4949, 0x0c0a0606, 0x486c2424, 0xb8e45c5c,
-0x9f5dc2c2, 0xbd6ed3d3, 0x43efacac, 0xc4a66262, 0x39a89191, 0x31a49595,
-0xd337e4e4, 0xf28b7979, 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d,
-0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9, 0xd8b46c6c, 0xacfa5656,
-0xf307f4f4, 0xcf25eaea, 0xcaaf6565, 0xf48e7a7a, 0x47e9aeae, 0x10180808,
-0x6fd5baba, 0xf0887878, 0x4a6f2525, 0x5c722e2e, 0x38241c1c, 0x57f1a6a6,
-0x73c7b4b4, 0x9751c6c6, 0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f,
-0x96dd4b4b, 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a, 0xe0907070, 0x7c423e3e,
-0x71c4b5b5, 0xccaa6666, 0x90d84848, 0x06050303, 0xf701f6f6, 0x1c120e0e,
-0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9, 0x17918686, 0x9958c1c1,
-0x3a271d1d, 0x27b99e9e, 0xd938e1e1, 0xeb13f8f8, 0x2bb39898, 0x22331111,
-0xd2bb6969, 0xa970d9d9, 0x07898e8e, 0x33a79494, 0x2db69b9b, 0x3c221e1e,
-0x15928787, 0xc920e9e9, 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf,
-0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d, 0x65dabfbf, 0xd731e6e6,
-0x84c64242, 0xd0b86868, 0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f,
-0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616
-};
-#else
-static const PRUint32 _T3[256] =
-{
-0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, 0xf2f20dff, 0x6b6bbdd6,
-0x6f6fb1de, 0xc5c55491, 0x30305060, 0x01010302, 0x6767a9ce, 0x2b2b7d56,
-0xfefe19e7, 0xd7d762b5, 0xababe64d, 0x76769aec, 0xcaca458f, 0x82829d1f,
-0xc9c94089, 0x7d7d87fa, 0xfafa15ef, 0x5959ebb2, 0x4747c98e, 0xf0f00bfb,
-0xadadec41, 0xd4d467b3, 0xa2a2fd5f, 0xafafea45, 0x9c9cbf23, 0xa4a4f753,
-0x727296e4, 0xc0c05b9b, 0xb7b7c275, 0xfdfd1ce1, 0x9393ae3d, 0x26266a4c,
-0x36365a6c, 0x3f3f417e, 0xf7f702f5, 0xcccc4f83, 0x34345c68, 0xa5a5f451,
-0xe5e534d1, 0xf1f108f9, 0x717193e2, 0xd8d873ab, 0x31315362, 0x15153f2a,
-0x04040c08, 0xc7c75295, 0x23236546, 0xc3c35e9d, 0x18182830, 0x9696a137,
-0x05050f0a, 0x9a9ab52f, 0x0707090e, 0x12123624, 0x80809b1b, 0xe2e23ddf,
-0xebeb26cd, 0x2727694e, 0xb2b2cd7f, 0x75759fea, 0x09091b12, 0x83839e1d,
-0x2c2c7458, 0x1a1a2e34, 0x1b1b2d36, 0x6e6eb2dc, 0x5a5aeeb4, 0xa0a0fb5b,
-0x5252f6a4, 0x3b3b4d76, 0xd6d661b7, 0xb3b3ce7d, 0x29297b52, 0xe3e33edd,
-0x2f2f715e, 0x84849713, 0x5353f5a6, 0xd1d168b9, 0x00000000, 0xeded2cc1,
-0x20206040, 0xfcfc1fe3, 0xb1b1c879, 0x5b5bedb6, 0x6a6abed4, 0xcbcb468d,
-0xbebed967, 0x39394b72, 0x4a4ade94, 0x4c4cd498, 0x5858e8b0, 0xcfcf4a85,
-0xd0d06bbb, 0xefef2ac5, 0xaaaae54f, 0xfbfb16ed, 0x4343c586, 0x4d4dd79a,
-0x33335566, 0x85859411, 0x4545cf8a, 0xf9f910e9, 0x02020604, 0x7f7f81fe,
-0x5050f0a0, 0x3c3c4478, 0x9f9fba25, 0xa8a8e34b, 0x5151f3a2, 0xa3a3fe5d,
-0x4040c080, 0x8f8f8a05, 0x9292ad3f, 0x9d9dbc21, 0x38384870, 0xf5f504f1,
-0xbcbcdf63, 0xb6b6c177, 0xdada75af, 0x21216342, 0x10103020, 0xffff1ae5,
-0xf3f30efd, 0xd2d26dbf, 0xcdcd4c81, 0x0c0c1418, 0x13133526, 0xecec2fc3,
-0x5f5fe1be, 0x9797a235, 0x4444cc88, 0x1717392e, 0xc4c45793, 0xa7a7f255,
-0x7e7e82fc, 0x3d3d477a, 0x6464acc8, 0x5d5de7ba, 0x19192b32, 0x737395e6,
-0x6060a0c0, 0x81819819, 0x4f4fd19e, 0xdcdc7fa3, 0x22226644, 0x2a2a7e54,
-0x9090ab3b, 0x8888830b, 0x4646ca8c, 0xeeee29c7, 0xb8b8d36b, 0x14143c28,
-0xdede79a7, 0x5e5ee2bc, 0x0b0b1d16, 0xdbdb76ad, 0xe0e03bdb, 0x32325664,
-0x3a3a4e74, 0x0a0a1e14, 0x4949db92, 0x06060a0c, 0x24246c48, 0x5c5ce4b8,
-0xc2c25d9f, 0xd3d36ebd, 0xacacef43, 0x6262a6c4, 0x9191a839, 0x9595a431,
-0xe4e437d3, 0x79798bf2, 0xe7e732d5, 0xc8c8438b, 0x3737596e, 0x6d6db7da,
-0x8d8d8c01, 0xd5d564b1, 0x4e4ed29c, 0xa9a9e049, 0x6c6cb4d8, 0x5656faac,
-0xf4f407f3, 0xeaea25cf, 0x6565afca, 0x7a7a8ef4, 0xaeaee947, 0x08081810,
-0xbabad56f, 0x787888f0, 0x25256f4a, 0x2e2e725c, 0x1c1c2438, 0xa6a6f157,
-0xb4b4c773, 0xc6c65197, 0xe8e823cb, 0xdddd7ca1, 0x74749ce8, 0x1f1f213e,
-0x4b4bdd96, 0xbdbddc61, 0x8b8b860d, 0x8a8a850f, 0x707090e0, 0x3e3e427c,
-0xb5b5c471, 0x6666aacc, 0x4848d890, 0x03030506, 0xf6f601f7, 0x0e0e121c,
-0x6161a3c2, 0x35355f6a, 0x5757f9ae, 0xb9b9d069, 0x86869117, 0xc1c15899,
-0x1d1d273a, 0x9e9eb927, 0xe1e138d9, 0xf8f813eb, 0x9898b32b, 0x11113322,
-0x6969bbd2, 0xd9d970a9, 0x8e8e8907, 0x9494a733, 0x9b9bb62d, 0x1e1e223c,
-0x87879215, 0xe9e920c9, 0xcece4987, 0x5555ffaa, 0x28287850, 0xdfdf7aa5,
-0x8c8c8f03, 0xa1a1f859, 0x89898009, 0x0d0d171a, 0xbfbfda65, 0xe6e631d7,
-0x4242c684, 0x6868b8d0, 0x4141c382, 0x9999b029, 0x2d2d775a, 0x0f0f111e,
-0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv0[256] =
-{
-0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, 0xf1459d1f,
-0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5,
-0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5, 0x495ab1de, 0x671bba25,
-0x980eea45, 0xe1c0fe5d, 0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b,
-0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458,
-0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927,
-0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, 0x184adf63, 0x82311ae5,
-0x60335197, 0x457f5362, 0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9,
-0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72,
-0x578f1fe3, 0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3,
-0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, 0x92b479a7,
-0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4,
-0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4, 0x39ec830b, 0xaaef6040,
-0x069f715e, 0x51106ebd, 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d,
-0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6,
-0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879,
-0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, 0x83868009, 0x48ed2b32,
-0xac70111e, 0x4e725a6c, 0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36,
-0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793,
-0xd296eeb4, 0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
-0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e, 0xadc78bf2,
-0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3,
-0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b, 0x7629438b, 0xdcc623cb,
-0x68fcedb6, 0x63f1e4b8, 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684,
-0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc,
-0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947,
-0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, 0xc74e4987, 0xc1d138d9,
-0xfea2ca8c, 0x360bd498, 0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f,
-0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890,
-0x5ef7392e, 0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
-0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd, 0xf418596e,
-0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef,
-0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029, 0xafb2a431, 0x31233f2a,
-0x3094a5c6, 0xc066a235, 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733,
-0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43,
-0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546,
-0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, 0x5a1d67b3, 0x52d2db92,
-0x335610e9, 0x1347d66d, 0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb,
-0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255,
-0x79ce1418, 0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
-0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, 0x0c25e2bc,
-0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664,
-0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0
-};
-#else
-static const PRUint32 _TInv0[256] =
-{
-0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1,
-0xacfa58ab, 0x4be30393, 0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
-0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f, 0xdeb15a49, 0x25ba1b67,
-0x45ea0e98, 0x5dfec0e1, 0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
-0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da, 0xd4be832d, 0x587421d3,
-0x49e06929, 0x8ec9c844, 0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
-0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4, 0x63df4a18, 0xe51a3182,
-0x97513360, 0x62537f45, 0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
-0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7, 0xab73d323, 0x724b02e2,
-0xe31f8f57, 0x6655ab2a, 0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
-0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c, 0x8acf1c2b, 0xa779b492,
-0xf307f2f0, 0x4e69e2a1, 0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
-0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75, 0x0b83ec39, 0x4060efaa,
-0x5e719f06, 0xbd6e1051, 0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
-0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff, 0x1998fb24, 0xd6bde997,
-0x894043cc, 0x67d99e77, 0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
-0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000, 0x09808683, 0x322bed48,
-0x1e1170ac, 0x6c5a724e, 0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
-0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a, 0x0c0a67b1, 0x9357e70f,
-0xb4ee96d2, 0x1b9b919e, 0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
-0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d, 0x0e090d0b, 0xf28bc7ad,
-0x2db6a8b9, 0x141ea9c8, 0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
-0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34, 0x8b432976, 0xcb23c6dc,
-0xb6edfc68, 0xb8e4f163, 0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
-0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d, 0x1d9e2f4b, 0xdcb230f3,
-0x0d8652ec, 0x77c1e3d0, 0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
-0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef, 0x87494ec7, 0xd938d1c1,
-0x8ccaa2fe, 0x98d40b36, 0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
-0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662, 0xf68d13c2, 0x90d8b8e8,
-0x2e39f75e, 0x82c3aff5, 0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
-0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b, 0xcd267809, 0x6e5918f4,
-0xec9ab701, 0x834f9aa8, 0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
-0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6, 0x31a4b2af, 0x2a3f2331,
-0xc6a59430, 0x35a266c0, 0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
-0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f, 0x764dd68d, 0x43efb04d,
-0xccaa4d54, 0xe49604df, 0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
-0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e, 0xb3671d5a, 0x92dbd252,
-0xe9105633, 0x6dd64713, 0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
-0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c, 0x9cd2df59, 0x55f2733f,
-0x1814ce79, 0x73c737bf, 0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
-0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f, 0x161dc372, 0xbce2250c,
-0x283c498b, 0xff0d9541, 0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
-0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv1[256] =
-{
-0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96, 0x6bab3bcb, 0x459d1ff1,
-0x58faacab, 0x03e34b93, 0xfa302055, 0x6d76adf6, 0x76cc8891, 0x4c02f525,
-0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 0xa362b58f, 0x5ab1de49, 0x1bba2567,
-0x0eea4598, 0xc0fe5de1, 0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6,
-0x5f8f03e7, 0x9c921595, 0x7a6dbfeb, 0x595295da, 0x83bed42d, 0x217458d3,
-0x69e04929, 0xc8c98e44, 0x89c2756a, 0x798ef478, 0x3e58996b, 0x71b927dd,
-0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4, 0x4adf6318, 0x311ae582,
-0x33519760, 0x7f536245, 0x7764b1e0, 0xae6bbb84, 0xa081fe1c, 0x2b08f994,
-0x68487058, 0xfd458f19, 0x6cde9487, 0xf87b52b7, 0xd373ab23, 0x024b72e2,
-0x8f1fe357, 0xab55662a, 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5,
-0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c, 0x1ccf8a2b, 0xb479a792,
-0xf207f3f0, 0xe2694ea1, 0xf4da65cd, 0xbe0506d5, 0x6234d11f, 0xfea6c48a,
-0x532e349d, 0x55f3a2a0, 0xe18a0532, 0xebf6a475, 0xec830b39, 0xef6040aa,
-0x9f715e06, 0x106ebd51, 0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46,
-0x8d5491b5, 0x5dc47105, 0xd406046f, 0x155060ff, 0xfb981924, 0xe9bdd697,
-0x434089cc, 0x9ed96777, 0x42e8b0bd, 0x8b890788, 0x5b19e738, 0xeec879db,
-0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000, 0x86800983, 0xed2b3248,
-0x70111eac, 0x725a6c4e, 0xff0efdfb, 0x38850f56, 0xd5ae3d1e, 0x392d3627,
-0xd90f0a64, 0xa65c6821, 0x545b9bd1, 0x2e36243a, 0x670a0cb1, 0xe757930f,
-0x96eeb4d2, 0x919b1b9e, 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16,
-0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d, 0x0d090e0b, 0xc78bf2ad,
-0xa8b62db9, 0xa91e14c8, 0x19f15785, 0x0775af4c, 0xdd99eebb, 0x607fa3fd,
-0x2601f79f, 0xf5725cbc, 0x3b6644c5, 0x7efb5b34, 0x29438b76, 0xc623cbdc,
-0xfcedb668, 0xf1e4b863, 0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420,
-0x244a857d, 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d, 0x2f9e1d4b, 0x30b2dcf3,
-0x52860dec, 0xe3c177d0, 0x16b32b6c, 0xb970a999, 0x489411fa, 0x64e94722,
-0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef, 0x4e4987c7, 0xd138d9c1,
-0xa2ca8cfe, 0x0bd49836, 0x81f5a6cf, 0xde7aa528, 0x8eb7da26, 0xbfad3fa4,
-0x9d3a2ce4, 0x9278500d, 0xcc5f6a9b, 0x467e5462, 0x138df6c2, 0xb8d890e8,
-0xf7392e5e, 0xafc382f5, 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3,
-0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b, 0x7826cd09, 0x18596ef4,
-0xb79aec01, 0x9a4f83a8, 0x6e95e665, 0xe6ffaa7e, 0xcfbc2108, 0xe815efe6,
-0x9be7bad9, 0x366f4ace, 0x099fead4, 0x7cb029d6, 0xb2a431af, 0x233f2a31,
-0x94a5c630, 0x66a235c0, 0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315,
-0x9804f14a, 0xdaec41f7, 0x50cd7f0e, 0xf691172f, 0xd64d768d, 0xb0ef434d,
-0x4daacc54, 0x0496e4df, 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 0x5165467f,
-0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e, 0x1d67b35a, 0xd2db9252,
-0x5610e933, 0x47d66d13, 0x61d79a8c, 0x0ca1377a, 0x14f8598e, 0x3c13eb89,
-0x27a9ceee, 0xc961b735, 0xe51ce1ed, 0xb1477a3c, 0xdfd29c59, 0x73f2553f,
-0xce141879, 0x37c773bf, 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886,
-0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f, 0xc31d1672, 0x25e2bc0c,
-0x493c288b, 0x950dff41, 0x01a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490,
-0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042
-};
-#else
-static const PRUint32 _TInv1[256] =
-{
-0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e, 0xcb3bab6b, 0xf11f9d45,
-0xabacfa58, 0x934be303, 0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
-0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3, 0x49deb15a, 0x6725ba1b,
-0x9845ea0e, 0xe15dfec0, 0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
-0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259, 0x2dd4be83, 0xd3587421,
-0x2949e069, 0x448ec9c8, 0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
-0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a, 0x1863df4a, 0x82e51a31,
-0x60975133, 0x4562537f, 0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
-0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8, 0x23ab73d3, 0xe2724b02,
-0x57e31f8f, 0x2a6655ab, 0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708,
-0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682, 0x2b8acf1c, 0x92a779b4,
-0xf0f307f2, 0xa14e69e2, 0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
-0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb, 0x390b83ec, 0xaa4060ef,
-0x065e719f, 0x51bd6e10, 0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
-0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015, 0x241998fb, 0x97d6bde9,
-0xcc894043, 0x7767d99e, 0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
-0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000, 0x83098086, 0x48322bed,
-0xac1e1170, 0x4e6c5a72, 0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
-0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e, 0xb10c0a67, 0x0f9357e7,
-0xd2b4ee96, 0x9e1b9b91, 0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
-0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17, 0x0b0e090d, 0xadf28bc7,
-0xb92db6a8, 0xc8141ea9, 0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
-0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e, 0x768b4329, 0xdccb23c6,
-0x68b6edfc, 0x63b8e4f1, 0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
-0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1, 0x4b1d9e2f, 0xf3dcb230,
-0xec0d8652, 0xd077c1e3, 0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
-0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390, 0xc787494e, 0xc1d938d1,
-0xfe8ccaa2, 0x3698d40b, 0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
-0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46, 0xc2f68d13, 0xe890d8b8,
-0x5e2e39f7, 0xf582c3af, 0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
-0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb, 0x09cd2678, 0xf46e5918,
-0x01ec9ab7, 0xa8834f9a, 0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8,
-0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c, 0xaf31a4b2, 0x312a3f23,
-0x30c6a594, 0xc035a266, 0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
-0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6, 0x8d764dd6, 0x4d43efb0,
-0x54ccaa4d, 0xdfe49604, 0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
-0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41, 0x5ab3671d, 0x5292dbd2,
-0x33e91056, 0x136dd647, 0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
-0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1, 0x599cd2df, 0x3f55f273,
-0x791814ce, 0xbf73c737, 0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
-0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340, 0x72161dc3, 0x0cbce225,
-0x8b283c49, 0x41ff0d95, 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
-0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv2[256] =
-{
-0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e, 0xab3bcb6b, 0x9d1ff145,
-0xfaacab58, 0xe34b9303, 0x302055fa, 0x76adf66d, 0xcc889176, 0x02f5254c,
-0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 0x62b58fa3, 0xb1de495a, 0xba25671b,
-0xea45980e, 0xfe5de1c0, 0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9,
-0x8f03e75f, 0x9215959c, 0x6dbfeb7a, 0x5295da59, 0xbed42d83, 0x7458d321,
-0xe0492969, 0xc98e44c8, 0xc2756a89, 0x8ef47879, 0x58996b3e, 0xb927dd71,
-0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a, 0xdf63184a, 0x1ae58231,
-0x51976033, 0x5362457f, 0x64b1e077, 0x6bbb84ae, 0x81fe1ca0, 0x08f9942b,
-0x48705868, 0x458f19fd, 0xde94876c, 0x7b52b7f8, 0x73ab23d3, 0x4b72e202,
-0x1fe3578f, 0x55662aab, 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508,
-0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82, 0xcf8a2b1c, 0x79a792b4,
-0x07f3f0f2, 0x694ea1e2, 0xda65cdf4, 0x0506d5be, 0x34d11f62, 0xa6c48afe,
-0x2e349d53, 0xf3a2a055, 0x8a0532e1, 0xf6a475eb, 0x830b39ec, 0x6040aaef,
-0x715e069f, 0x6ebd5110, 0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd,
-0x5491b58d, 0xc471055d, 0x06046fd4, 0x5060ff15, 0x981924fb, 0xbdd697e9,
-0x4089cc43, 0xd967779e, 0xe8b0bd42, 0x8907888b, 0x19e7385b, 0xc879dbee,
-0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000, 0x80098386, 0x2b3248ed,
-0x111eac70, 0x5a6c4e72, 0x0efdfbff, 0x850f5638, 0xae3d1ed5, 0x2d362739,
-0x0f0a64d9, 0x5c6821a6, 0x5b9bd154, 0x36243a2e, 0x0a0cb167, 0x57930fe7,
-0xeeb4d296, 0x9b1b9e91, 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a,
-0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17, 0x090e0b0d, 0x8bf2adc7,
-0xb62db9a8, 0x1e14c8a9, 0xf1578519, 0x75af4c07, 0x99eebbdd, 0x7fa3fd60,
-0x01f79f26, 0x725cbcf5, 0x6644c53b, 0xfb5b347e, 0x438b7629, 0x23cbdcc6,
-0xedb668fc, 0xe4b863f1, 0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011,
-0x4a857d24, 0xbbd2f83d, 0xf9ae1132, 0x29c76da1, 0x9e1d4b2f, 0xb2dcf330,
-0x860dec52, 0xc177d0e3, 0xb32b6c16, 0x70a999b9, 0x9411fa48, 0xe9472264,
-0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90, 0x4987c74e, 0x38d9c1d1,
-0xca8cfea2, 0xd498360b, 0xf5a6cf81, 0x7aa528de, 0xb7da268e, 0xad3fa4bf,
-0x3a2ce49d, 0x78500d92, 0x5f6a9bcc, 0x7e546246, 0x8df6c213, 0xd890e8b8,
-0x392e5ef7, 0xc382f5af, 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312,
-0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb, 0x26cd0978, 0x596ef418,
-0x9aec01b7, 0x4f83a89a, 0x95e6656e, 0xffaa7ee6, 0xbc2108cf, 0x15efe6e8,
-0xe7bad99b, 0x6f4ace36, 0x9fead409, 0xb029d67c, 0xa431afb2, 0x3f2a3123,
-0xa5c63094, 0xa235c066, 0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8,
-0x04f14a98, 0xec41f7da, 0xcd7f0e50, 0x91172ff6, 0x4d768dd6, 0xef434db0,
-0xaacc544d, 0x96e4df04, 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 0x65467f51,
-0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41, 0x67b35a1d, 0xdb9252d2,
-0x10e93356, 0xd66d1347, 0xd79a8c61, 0xa1377a0c, 0xf8598e14, 0x13eb893c,
-0xa9ceee27, 0x61b735c9, 0x1ce1ede5, 0x477a3cb1, 0xd29c59df, 0xf2553f73,
-0x141879ce, 0xc773bf37, 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db,
-0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40, 0x1d1672c3, 0xe2bc0c25,
-0x3c288b49, 0x0dff4195, 0xa8397101, 0x0c08deb3, 0xb4d89ce4, 0x566490c1,
-0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257
-};
-#else
-static const PRUint32 _TInv2[256] =
-{
-0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27, 0x6bcb3bab, 0x45f11f9d,
-0x58abacfa, 0x03934be3, 0xfa552030, 0x6df6ad76, 0x769188cc, 0x4c25f502,
-0xd7fc4fe5, 0xcbd7c52a, 0x44802635, 0xa38fb562, 0x5a49deb1, 0x1b6725ba,
-0x0e9845ea, 0xc0e15dfe, 0x7502c32f, 0xf012814c, 0x97a38d46, 0xf9c66bd3,
-0x5fe7038f, 0x9c951592, 0x7aebbf6d, 0x59da9552, 0x832dd4be, 0x21d35874,
-0x692949e0, 0xc8448ec9, 0x896a75c2, 0x7978f48e, 0x3e6b9958, 0x71dd27b9,
-0x4fb6bee1, 0xad17f088, 0xac66c920, 0x3ab47dce, 0x4a1863df, 0x3182e51a,
-0x33609751, 0x7f456253, 0x77e0b164, 0xae84bb6b, 0xa01cfe81, 0x2b94f908,
-0x68587048, 0xfd198f45, 0x6c8794de, 0xf8b7527b, 0xd323ab73, 0x02e2724b,
-0x8f57e31f, 0xab2a6655, 0x2807b2eb, 0xc2032fb5, 0x7b9a86c5, 0x08a5d337,
-0x87f23028, 0xa5b223bf, 0x6aba0203, 0x825ced16, 0x1c2b8acf, 0xb492a779,
-0xf2f0f307, 0xe2a14e69, 0xf4cd65da, 0xbed50605, 0x621fd134, 0xfe8ac4a6,
-0x539d342e, 0x55a0a2f3, 0xe132058a, 0xeb75a4f6, 0xec390b83, 0xefaa4060,
-0x9f065e71, 0x1051bd6e, 0x8af93e21, 0x063d96dd, 0x05aedd3e, 0xbd464de6,
-0x8db59154, 0x5d0571c4, 0xd46f0406, 0x15ff6050, 0xfb241998, 0xe997d6bd,
-0x43cc8940, 0x9e7767d9, 0x42bdb0e8, 0x8b880789, 0x5b38e719, 0xeedb79c8,
-0x0a47a17c, 0x0fe97c42, 0x1ec9f884, 0x00000000, 0x86830980, 0xed48322b,
-0x70ac1e11, 0x724e6c5a, 0xfffbfd0e, 0x38560f85, 0xd51e3dae, 0x3927362d,
-0xd9640a0f, 0xa621685c, 0x54d19b5b, 0x2e3a2436, 0x67b10c0a, 0xe70f9357,
-0x96d2b4ee, 0x919e1b9b, 0xc54f80c0, 0x20a261dc, 0x4b695a77, 0x1a161c12,
-0xba0ae293, 0x2ae5c0a0, 0xe0433c22, 0x171d121b, 0x0d0b0e09, 0xc7adf28b,
-0xa8b92db6, 0xa9c8141e, 0x198557f1, 0x074caf75, 0xddbbee99, 0x60fda37f,
-0x269ff701, 0xf5bc5c72, 0x3bc54466, 0x7e345bfb, 0x29768b43, 0xc6dccb23,
-0xfc68b6ed, 0xf163b8e4, 0xdccad731, 0x85104263, 0x22401397, 0x112084c6,
-0x247d854a, 0x3df8d2bb, 0x3211aef9, 0xa16dc729, 0x2f4b1d9e, 0x30f3dcb2,
-0x52ec0d86, 0xe3d077c1, 0x166c2bb3, 0xb999a970, 0x48fa1194, 0x642247e9,
-0x8cc4a8fc, 0x3f1aa0f0, 0x2cd8567d, 0x90ef2233, 0x4ec78749, 0xd1c1d938,
-0xa2fe8cca, 0x0b3698d4, 0x81cfa6f5, 0xde28a57a, 0x8e26dab7, 0xbfa43fad,
-0x9de42c3a, 0x920d5078, 0xcc9b6a5f, 0x4662547e, 0x13c2f68d, 0xb8e890d8,
-0xf75e2e39, 0xaff582c3, 0x80be9f5d, 0x937c69d0, 0x2da96fd5, 0x12b3cf25,
-0x993bc8ac, 0x7da71018, 0x636ee89c, 0xbb7bdb3b, 0x7809cd26, 0x18f46e59,
-0xb701ec9a, 0x9aa8834f, 0x6e65e695, 0xe67eaaff, 0xcf0821bc, 0xe8e6ef15,
-0x9bd9bae7, 0x36ce4a6f, 0x09d4ea9f, 0x7cd629b0, 0xb2af31a4, 0x23312a3f,
-0x9430c6a5, 0x66c035a2, 0xbc37744e, 0xcaa6fc82, 0xd0b0e090, 0xd81533a7,
-0x984af104, 0xdaf741ec, 0x500e7fcd, 0xf62f1791, 0xd68d764d, 0xb04d43ef,
-0x4d54ccaa, 0x04dfe496, 0xb5e39ed1, 0x881b4c6a, 0x1fb8c12c, 0x517f4665,
-0xea049d5e, 0x355d018c, 0x7473fa87, 0x412efb0b, 0x1d5ab367, 0xd25292db,
-0x5633e910, 0x47136dd6, 0x618c9ad7, 0x0c7a37a1, 0x148e59f8, 0x3c89eb13,
-0x27eecea9, 0xc935b761, 0xe5ede11c, 0xb13c7a47, 0xdf599cd2, 0x733f55f2,
-0xce791814, 0x37bf73c7, 0xcdea53f7, 0xaa5b5ffd, 0x6f14df3d, 0xdb867844,
-0xf381caaf, 0xc43eb968, 0x342c3824, 0x405fc2a3, 0xc372161d, 0x250cbce2,
-0x498b283c, 0x9541ff0d, 0x017139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456,
-0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _TInv3[256] =
-{
-0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27, 0x3bcb6bab, 0x1ff1459d,
-0xacab58fa, 0x4b9303e3, 0x2055fa30, 0xadf66d76, 0x889176cc, 0xf5254c02,
-0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 0xb58fa362, 0xde495ab1, 0x25671bba,
-0x45980eea, 0x5de1c0fe, 0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3,
-0x03e75f8f, 0x15959c92, 0xbfeb7a6d, 0x95da5952, 0xd42d83be, 0x58d32174,
-0x492969e0, 0x8e44c8c9, 0x756a89c2, 0xf478798e, 0x996b3e58, 0x27dd71b9,
-0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace, 0x63184adf, 0xe582311a,
-0x97603351, 0x62457f53, 0xb1e07764, 0xbb84ae6b, 0xfe1ca081, 0xf9942b08,
-0x70586848, 0x8f19fd45, 0x94876cde, 0x52b7f87b, 0xab23d373, 0x72e2024b,
-0xe3578f1f, 0x662aab55, 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837,
-0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216, 0x8a2b1ccf, 0xa792b479,
-0xf3f0f207, 0x4ea1e269, 0x65cdf4da, 0x06d5be05, 0xd11f6234, 0xc48afea6,
-0x349d532e, 0xa2a055f3, 0x0532e18a, 0xa475ebf6, 0x0b39ec83, 0x40aaef60,
-0x5e069f71, 0xbd51106e, 0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6,
-0x91b58d54, 0x71055dc4, 0x046fd406, 0x60ff1550, 0x1924fb98, 0xd697e9bd,
-0x89cc4340, 0x67779ed9, 0xb0bd42e8, 0x07888b89, 0xe7385b19, 0x79dbeec8,
-0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000, 0x09838680, 0x3248ed2b,
-0x1eac7011, 0x6c4e725a, 0xfdfbff0e, 0x0f563885, 0x3d1ed5ae, 0x3627392d,
-0x0a64d90f, 0x6821a65c, 0x9bd1545b, 0x243a2e36, 0x0cb1670a, 0x930fe757,
-0xb4d296ee, 0x1b9e919b, 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12,
-0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b, 0x0e0b0d09, 0xf2adc78b,
-0x2db9a8b6, 0x14c8a91e, 0x578519f1, 0xaf4c0775, 0xeebbdd99, 0xa3fd607f,
-0xf79f2601, 0x5cbcf572, 0x44c53b66, 0x5b347efb, 0x8b762943, 0xcbdcc623,
-0xb668fced, 0xb863f1e4, 0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6,
-0x857d244a, 0xd2f83dbb, 0xae1132f9, 0xc76da129, 0x1d4b2f9e, 0xdcf330b2,
-0x0dec5286, 0x77d0e3c1, 0x2b6c16b3, 0xa999b970, 0x11fa4894, 0x472264e9,
-0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033, 0x87c74e49, 0xd9c1d138,
-0x8cfea2ca, 0x98360bd4, 0xa6cf81f5, 0xa528de7a, 0xda268eb7, 0x3fa4bfad,
-0x2ce49d3a, 0x500d9278, 0x6a9bcc5f, 0x5462467e, 0xf6c2138d, 0x90e8b8d8,
-0x2e5ef739, 0x82f5afc3, 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225,
-0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b, 0xcd097826, 0x6ef41859,
-0xec01b79a, 0x83a89a4f, 0xe6656e95, 0xaa7ee6ff, 0x2108cfbc, 0xefe6e815,
-0xbad99be7, 0x4ace366f, 0xead4099f, 0x29d67cb0, 0x31afb2a4, 0x2a31233f,
-0xc63094a5, 0x35c066a2, 0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7,
-0xf14a9804, 0x41f7daec, 0x7f0e50cd, 0x172ff691, 0x768dd64d, 0x434db0ef,
-0xcc544daa, 0xe4df0496, 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 0x467f5165,
-0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b, 0xb35a1d67, 0x9252d2db,
-0xe9335610, 0x6d1347d6, 0x9a8c61d7, 0x377a0ca1, 0x598e14f8, 0xeb893c13,
-0xceee27a9, 0xb735c961, 0xe1ede51c, 0x7a3cb147, 0x9c59dfd2, 0x553f73f2,
-0x1879ce14, 0x73bf37c7, 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44,
-0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3, 0x1672c31d, 0xbc0c25e2,
-0x288b493c, 0xff41950d, 0x397101a8, 0x08deb30c, 0xd89ce4b4, 0x6490c156,
-0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8
-};
-#else
-static const PRUint32 _TInv3[256] =
-{
-0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, 0xab6bcb3b, 0x9d45f11f,
-0xfa58abac, 0xe303934b, 0x30fa5520, 0x766df6ad, 0xcc769188, 0x024c25f5,
-0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, 0xb15a49de, 0xba1b6725,
-0xea0e9845, 0xfec0e15d, 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b,
-0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, 0xbe832dd4, 0x7421d358,
-0xe0692949, 0xc9c8448e, 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27,
-0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, 0xdf4a1863, 0x1a3182e5,
-0x51336097, 0x537f4562, 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x082b94f9,
-0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, 0x73d323ab, 0x4b02e272,
-0x1f8f57e3, 0x55ab2a66, 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3,
-0x2887f230, 0xbfa5b223, 0x036aba02, 0x16825ced, 0xcf1c2b8a, 0x79b492a7,
-0x07f2f0f3, 0x69e2a14e, 0xdaf4cd65, 0x05bed506, 0x34621fd1, 0xa6fe8ac4,
-0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, 0x83ec390b, 0x60efaa40,
-0x719f065e, 0x6e1051bd, 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d,
-0x548db591, 0xc45d0571, 0x06d46f04, 0x5015ff60, 0x98fb2419, 0xbde997d6,
-0x4043cc89, 0xd99e7767, 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79,
-0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x00000000, 0x80868309, 0x2bed4832,
-0x1170ac1e, 0x5a724e6c, 0x0efffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736,
-0x0fd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, 0x0a67b10c, 0x57e70f93,
-0xee96d2b4, 0x9b919e1b, 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c,
-0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, 0x090d0b0e, 0x8bc7adf2,
-0xb6a8b92d, 0x1ea9c814, 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3,
-0x01269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, 0x4329768b, 0x23c6dccb,
-0xedfc68b6, 0xe4f163b8, 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084,
-0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, 0x9e2f4b1d, 0xb230f3dc,
-0x8652ec0d, 0xc1e3d077, 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247,
-0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, 0x494ec787, 0x38d1c1d9,
-0xcaa2fe8c, 0xd40b3698, 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f,
-0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, 0x8d13c2f6, 0xd8b8e890,
-0x39f75e2e, 0xc3aff582, 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf,
-0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, 0x267809cd, 0x5918f46e,
-0x9ab701ec, 0x4f9aa883, 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef,
-0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, 0xa4b2af31, 0x3f23312a,
-0xa59430c6, 0xa266c035, 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533,
-0x04984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, 0x4dd68d76, 0xefb04d43,
-0xaa4d54cc, 0x9604dfe4, 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46,
-0x5eea049d, 0x8c355d01, 0x877473fa, 0x0b412efb, 0x671d5ab3, 0xdbd25292,
-0x105633e9, 0xd647136d, 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb,
-0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, 0xd2df599c, 0xf2733f55,
-0x14ce7918, 0xc737bf73, 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678,
-0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, 0x1dc37216, 0xe2250cbc,
-0x3c498b28, 0x0d9541ff, 0xa8017139, 0x0cb3de08, 0xb4e49cd8, 0x56c19064,
-0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC0[256] =
-{
-0x00000000, 0x0b0d090e, 0x161a121c, 0x1d171b12, 0x2c342438, 0x27392d36,
-0x3a2e3624, 0x31233f2a, 0x58684870, 0x5365417e, 0x4e725a6c, 0x457f5362,
-0x745c6c48, 0x7f516546, 0x62467e54, 0x694b775a, 0xb0d090e0, 0xbbdd99ee,
-0xa6ca82fc, 0xadc78bf2, 0x9ce4b4d8, 0x97e9bdd6, 0x8afea6c4, 0x81f3afca,
-0xe8b8d890, 0xe3b5d19e, 0xfea2ca8c, 0xf5afc382, 0xc48cfca8, 0xcf81f5a6,
-0xd296eeb4, 0xd99be7ba, 0x7bbb3bdb, 0x70b632d5, 0x6da129c7, 0x66ac20c9,
-0x578f1fe3, 0x5c8216ed, 0x41950dff, 0x4a9804f1, 0x23d373ab, 0x28de7aa5,
-0x35c961b7, 0x3ec468b9, 0x0fe75793, 0x04ea5e9d, 0x19fd458f, 0x12f04c81,
-0xcb6bab3b, 0xc066a235, 0xdd71b927, 0xd67cb029, 0xe75f8f03, 0xec52860d,
-0xf1459d1f, 0xfa489411, 0x9303e34b, 0x980eea45, 0x8519f157, 0x8e14f859,
-0xbf37c773, 0xb43ace7d, 0xa92dd56f, 0xa220dc61, 0xf66d76ad, 0xfd607fa3,
-0xe07764b1, 0xeb7a6dbf, 0xda595295, 0xd1545b9b, 0xcc434089, 0xc74e4987,
-0xae053edd, 0xa50837d3, 0xb81f2cc1, 0xb31225cf, 0x82311ae5, 0x893c13eb,
-0x942b08f9, 0x9f2601f7, 0x46bde64d, 0x4db0ef43, 0x50a7f451, 0x5baafd5f,
-0x6a89c275, 0x6184cb7b, 0x7c93d069, 0x779ed967, 0x1ed5ae3d, 0x15d8a733,
-0x08cfbc21, 0x03c2b52f, 0x32e18a05, 0x39ec830b, 0x24fb9819, 0x2ff69117,
-0x8dd64d76, 0x86db4478, 0x9bcc5f6a, 0x90c15664, 0xa1e2694e, 0xaaef6040,
-0xb7f87b52, 0xbcf5725c, 0xd5be0506, 0xdeb30c08, 0xc3a4171a, 0xc8a91e14,
-0xf98a213e, 0xf2872830, 0xef903322, 0xe49d3a2c, 0x3d06dd96, 0x360bd498,
-0x2b1ccf8a, 0x2011c684, 0x1132f9ae, 0x1a3ff0a0, 0x0728ebb2, 0x0c25e2bc,
-0x656e95e6, 0x6e639ce8, 0x737487fa, 0x78798ef4, 0x495ab1de, 0x4257b8d0,
-0x5f40a3c2, 0x544daacc, 0xf7daec41, 0xfcd7e54f, 0xe1c0fe5d, 0xeacdf753,
-0xdbeec879, 0xd0e3c177, 0xcdf4da65, 0xc6f9d36b, 0xafb2a431, 0xa4bfad3f,
-0xb9a8b62d, 0xb2a5bf23, 0x83868009, 0x888b8907, 0x959c9215, 0x9e919b1b,
-0x470a7ca1, 0x4c0775af, 0x51106ebd, 0x5a1d67b3, 0x6b3e5899, 0x60335197,
-0x7d244a85, 0x7629438b, 0x1f6234d1, 0x146f3ddf, 0x097826cd, 0x02752fc3,
-0x335610e9, 0x385b19e7, 0x254c02f5, 0x2e410bfb, 0x8c61d79a, 0x876cde94,
-0x9a7bc586, 0x9176cc88, 0xa055f3a2, 0xab58faac, 0xb64fe1be, 0xbd42e8b0,
-0xd4099fea, 0xdf0496e4, 0xc2138df6, 0xc91e84f8, 0xf83dbbd2, 0xf330b2dc,
-0xee27a9ce, 0xe52aa0c0, 0x3cb1477a, 0x37bc4e74, 0x2aab5566, 0x21a65c68,
-0x10856342, 0x1b886a4c, 0x069f715e, 0x0d927850, 0x64d90f0a, 0x6fd40604,
-0x72c31d16, 0x79ce1418, 0x48ed2b32, 0x43e0223c, 0x5ef7392e, 0x55fa3020,
-0x01b79aec, 0x0aba93e2, 0x17ad88f0, 0x1ca081fe, 0x2d83bed4, 0x268eb7da,
-0x3b99acc8, 0x3094a5c6, 0x59dfd29c, 0x52d2db92, 0x4fc5c080, 0x44c8c98e,
-0x75ebf6a4, 0x7ee6ffaa, 0x63f1e4b8, 0x68fcedb6, 0xb1670a0c, 0xba6a0302,
-0xa77d1810, 0xac70111e, 0x9d532e34, 0x965e273a, 0x8b493c28, 0x80443526,
-0xe90f427c, 0xe2024b72, 0xff155060, 0xf418596e, 0xc53b6644, 0xce366f4a,
-0xd3217458, 0xd82c7d56, 0x7a0ca137, 0x7101a839, 0x6c16b32b, 0x671bba25,
-0x5638850f, 0x5d358c01, 0x40229713, 0x4b2f9e1d, 0x2264e947, 0x2969e049,
-0x347efb5b, 0x3f73f255, 0x0e50cd7f, 0x055dc471, 0x184adf63, 0x1347d66d,
-0xcadc31d7, 0xc1d138d9, 0xdcc623cb, 0xd7cb2ac5, 0xe6e815ef, 0xede51ce1,
-0xf0f207f3, 0xfbff0efd, 0x92b479a7, 0x99b970a9, 0x84ae6bbb, 0x8fa362b5,
-0xbe805d9f, 0xb58d5491, 0xa89a4f83, 0xa397468d
-};
-#else
-static const PRUint32 _IMXC0[256] =
-{
-0x00000000, 0x0e090d0b, 0x1c121a16, 0x121b171d, 0x3824342c, 0x362d3927,
-0x24362e3a, 0x2a3f2331, 0x70486858, 0x7e416553, 0x6c5a724e, 0x62537f45,
-0x486c5c74, 0x4665517f, 0x547e4662, 0x5a774b69, 0xe090d0b0, 0xee99ddbb,
-0xfc82caa6, 0xf28bc7ad, 0xd8b4e49c, 0xd6bde997, 0xc4a6fe8a, 0xcaaff381,
-0x90d8b8e8, 0x9ed1b5e3, 0x8ccaa2fe, 0x82c3aff5, 0xa8fc8cc4, 0xa6f581cf,
-0xb4ee96d2, 0xbae79bd9, 0xdb3bbb7b, 0xd532b670, 0xc729a16d, 0xc920ac66,
-0xe31f8f57, 0xed16825c, 0xff0d9541, 0xf104984a, 0xab73d323, 0xa57ade28,
-0xb761c935, 0xb968c43e, 0x9357e70f, 0x9d5eea04, 0x8f45fd19, 0x814cf012,
-0x3bab6bcb, 0x35a266c0, 0x27b971dd, 0x29b07cd6, 0x038f5fe7, 0x0d8652ec,
-0x1f9d45f1, 0x119448fa, 0x4be30393, 0x45ea0e98, 0x57f11985, 0x59f8148e,
-0x73c737bf, 0x7dce3ab4, 0x6fd52da9, 0x61dc20a2, 0xad766df6, 0xa37f60fd,
-0xb16477e0, 0xbf6d7aeb, 0x955259da, 0x9b5b54d1, 0x894043cc, 0x87494ec7,
-0xdd3e05ae, 0xd33708a5, 0xc12c1fb8, 0xcf2512b3, 0xe51a3182, 0xeb133c89,
-0xf9082b94, 0xf701269f, 0x4de6bd46, 0x43efb04d, 0x51f4a750, 0x5ffdaa5b,
-0x75c2896a, 0x7bcb8461, 0x69d0937c, 0x67d99e77, 0x3daed51e, 0x33a7d815,
-0x21bccf08, 0x2fb5c203, 0x058ae132, 0x0b83ec39, 0x1998fb24, 0x1791f62f,
-0x764dd68d, 0x7844db86, 0x6a5fcc9b, 0x6456c190, 0x4e69e2a1, 0x4060efaa,
-0x527bf8b7, 0x5c72f5bc, 0x0605bed5, 0x080cb3de, 0x1a17a4c3, 0x141ea9c8,
-0x3e218af9, 0x302887f2, 0x223390ef, 0x2c3a9de4, 0x96dd063d, 0x98d40b36,
-0x8acf1c2b, 0x84c61120, 0xaef93211, 0xa0f03f1a, 0xb2eb2807, 0xbce2250c,
-0xe6956e65, 0xe89c636e, 0xfa877473, 0xf48e7978, 0xdeb15a49, 0xd0b85742,
-0xc2a3405f, 0xccaa4d54, 0x41ecdaf7, 0x4fe5d7fc, 0x5dfec0e1, 0x53f7cdea,
-0x79c8eedb, 0x77c1e3d0, 0x65daf4cd, 0x6bd3f9c6, 0x31a4b2af, 0x3fadbfa4,
-0x2db6a8b9, 0x23bfa5b2, 0x09808683, 0x07898b88, 0x15929c95, 0x1b9b919e,
-0xa17c0a47, 0xaf75074c, 0xbd6e1051, 0xb3671d5a, 0x99583e6b, 0x97513360,
-0x854a247d, 0x8b432976, 0xd134621f, 0xdf3d6f14, 0xcd267809, 0xc32f7502,
-0xe9105633, 0xe7195b38, 0xf5024c25, 0xfb0b412e, 0x9ad7618c, 0x94de6c87,
-0x86c57b9a, 0x88cc7691, 0xa2f355a0, 0xacfa58ab, 0xbee14fb6, 0xb0e842bd,
-0xea9f09d4, 0xe49604df, 0xf68d13c2, 0xf8841ec9, 0xd2bb3df8, 0xdcb230f3,
-0xcea927ee, 0xc0a02ae5, 0x7a47b13c, 0x744ebc37, 0x6655ab2a, 0x685ca621,
-0x42638510, 0x4c6a881b, 0x5e719f06, 0x5078920d, 0x0a0fd964, 0x0406d46f,
-0x161dc372, 0x1814ce79, 0x322bed48, 0x3c22e043, 0x2e39f75e, 0x2030fa55,
-0xec9ab701, 0xe293ba0a, 0xf088ad17, 0xfe81a01c, 0xd4be832d, 0xdab78e26,
-0xc8ac993b, 0xc6a59430, 0x9cd2df59, 0x92dbd252, 0x80c0c54f, 0x8ec9c844,
-0xa4f6eb75, 0xaaffe67e, 0xb8e4f163, 0xb6edfc68, 0x0c0a67b1, 0x02036aba,
-0x10187da7, 0x1e1170ac, 0x342e539d, 0x3a275e96, 0x283c498b, 0x26354480,
-0x7c420fe9, 0x724b02e2, 0x605015ff, 0x6e5918f4, 0x44663bc5, 0x4a6f36ce,
-0x587421d3, 0x567d2cd8, 0x37a10c7a, 0x39a80171, 0x2bb3166c, 0x25ba1b67,
-0x0f853856, 0x018c355d, 0x13972240, 0x1d9e2f4b, 0x47e96422, 0x49e06929,
-0x5bfb7e34, 0x55f2733f, 0x7fcd500e, 0x71c45d05, 0x63df4a18, 0x6dd64713,
-0xd731dcca, 0xd938d1c1, 0xcb23c6dc, 0xc52acbd7, 0xef15e8e6, 0xe11ce5ed,
-0xf307f2f0, 0xfd0efffb, 0xa779b492, 0xa970b999, 0xbb6bae84, 0xb562a38f,
-0x9f5d80be, 0x91548db5, 0x834f9aa8, 0x8d4697a3
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC1[256] =
-{
-0x00000000, 0x0d090e0b, 0x1a121c16, 0x171b121d, 0x3424382c, 0x392d3627,
-0x2e36243a, 0x233f2a31, 0x68487058, 0x65417e53, 0x725a6c4e, 0x7f536245,
-0x5c6c4874, 0x5165467f, 0x467e5462, 0x4b775a69, 0xd090e0b0, 0xdd99eebb,
-0xca82fca6, 0xc78bf2ad, 0xe4b4d89c, 0xe9bdd697, 0xfea6c48a, 0xf3afca81,
-0xb8d890e8, 0xb5d19ee3, 0xa2ca8cfe, 0xafc382f5, 0x8cfca8c4, 0x81f5a6cf,
-0x96eeb4d2, 0x9be7bad9, 0xbb3bdb7b, 0xb632d570, 0xa129c76d, 0xac20c966,
-0x8f1fe357, 0x8216ed5c, 0x950dff41, 0x9804f14a, 0xd373ab23, 0xde7aa528,
-0xc961b735, 0xc468b93e, 0xe757930f, 0xea5e9d04, 0xfd458f19, 0xf04c8112,
-0x6bab3bcb, 0x66a235c0, 0x71b927dd, 0x7cb029d6, 0x5f8f03e7, 0x52860dec,
-0x459d1ff1, 0x489411fa, 0x03e34b93, 0x0eea4598, 0x19f15785, 0x14f8598e,
-0x37c773bf, 0x3ace7db4, 0x2dd56fa9, 0x20dc61a2, 0x6d76adf6, 0x607fa3fd,
-0x7764b1e0, 0x7a6dbfeb, 0x595295da, 0x545b9bd1, 0x434089cc, 0x4e4987c7,
-0x053eddae, 0x0837d3a5, 0x1f2cc1b8, 0x1225cfb3, 0x311ae582, 0x3c13eb89,
-0x2b08f994, 0x2601f79f, 0xbde64d46, 0xb0ef434d, 0xa7f45150, 0xaafd5f5b,
-0x89c2756a, 0x84cb7b61, 0x93d0697c, 0x9ed96777, 0xd5ae3d1e, 0xd8a73315,
-0xcfbc2108, 0xc2b52f03, 0xe18a0532, 0xec830b39, 0xfb981924, 0xf691172f,
-0xd64d768d, 0xdb447886, 0xcc5f6a9b, 0xc1566490, 0xe2694ea1, 0xef6040aa,
-0xf87b52b7, 0xf5725cbc, 0xbe0506d5, 0xb30c08de, 0xa4171ac3, 0xa91e14c8,
-0x8a213ef9, 0x872830f2, 0x903322ef, 0x9d3a2ce4, 0x06dd963d, 0x0bd49836,
-0x1ccf8a2b, 0x11c68420, 0x32f9ae11, 0x3ff0a01a, 0x28ebb207, 0x25e2bc0c,
-0x6e95e665, 0x639ce86e, 0x7487fa73, 0x798ef478, 0x5ab1de49, 0x57b8d042,
-0x40a3c25f, 0x4daacc54, 0xdaec41f7, 0xd7e54ffc, 0xc0fe5de1, 0xcdf753ea,
-0xeec879db, 0xe3c177d0, 0xf4da65cd, 0xf9d36bc6, 0xb2a431af, 0xbfad3fa4,
-0xa8b62db9, 0xa5bf23b2, 0x86800983, 0x8b890788, 0x9c921595, 0x919b1b9e,
-0x0a7ca147, 0x0775af4c, 0x106ebd51, 0x1d67b35a, 0x3e58996b, 0x33519760,
-0x244a857d, 0x29438b76, 0x6234d11f, 0x6f3ddf14, 0x7826cd09, 0x752fc302,
-0x5610e933, 0x5b19e738, 0x4c02f525, 0x410bfb2e, 0x61d79a8c, 0x6cde9487,
-0x7bc5869a, 0x76cc8891, 0x55f3a2a0, 0x58faacab, 0x4fe1beb6, 0x42e8b0bd,
-0x099fead4, 0x0496e4df, 0x138df6c2, 0x1e84f8c9, 0x3dbbd2f8, 0x30b2dcf3,
-0x27a9ceee, 0x2aa0c0e5, 0xb1477a3c, 0xbc4e7437, 0xab55662a, 0xa65c6821,
-0x85634210, 0x886a4c1b, 0x9f715e06, 0x9278500d, 0xd90f0a64, 0xd406046f,
-0xc31d1672, 0xce141879, 0xed2b3248, 0xe0223c43, 0xf7392e5e, 0xfa302055,
-0xb79aec01, 0xba93e20a, 0xad88f017, 0xa081fe1c, 0x83bed42d, 0x8eb7da26,
-0x99acc83b, 0x94a5c630, 0xdfd29c59, 0xd2db9252, 0xc5c0804f, 0xc8c98e44,
-0xebf6a475, 0xe6ffaa7e, 0xf1e4b863, 0xfcedb668, 0x670a0cb1, 0x6a0302ba,
-0x7d1810a7, 0x70111eac, 0x532e349d, 0x5e273a96, 0x493c288b, 0x44352680,
-0x0f427ce9, 0x024b72e2, 0x155060ff, 0x18596ef4, 0x3b6644c5, 0x366f4ace,
-0x217458d3, 0x2c7d56d8, 0x0ca1377a, 0x01a83971, 0x16b32b6c, 0x1bba2567,
-0x38850f56, 0x358c015d, 0x22971340, 0x2f9e1d4b, 0x64e94722, 0x69e04929,
-0x7efb5b34, 0x73f2553f, 0x50cd7f0e, 0x5dc47105, 0x4adf6318, 0x47d66d13,
-0xdc31d7ca, 0xd138d9c1, 0xc623cbdc, 0xcb2ac5d7, 0xe815efe6, 0xe51ce1ed,
-0xf207f3f0, 0xff0efdfb, 0xb479a792, 0xb970a999, 0xae6bbb84, 0xa362b58f,
-0x805d9fbe, 0x8d5491b5, 0x9a4f83a8, 0x97468da3
-};
-#else
-static const PRUint32 _IMXC1[256] =
-{
-0x00000000, 0x0b0e090d, 0x161c121a, 0x1d121b17, 0x2c382434, 0x27362d39,
-0x3a24362e, 0x312a3f23, 0x58704868, 0x537e4165, 0x4e6c5a72, 0x4562537f,
-0x74486c5c, 0x7f466551, 0x62547e46, 0x695a774b, 0xb0e090d0, 0xbbee99dd,
-0xa6fc82ca, 0xadf28bc7, 0x9cd8b4e4, 0x97d6bde9, 0x8ac4a6fe, 0x81caaff3,
-0xe890d8b8, 0xe39ed1b5, 0xfe8ccaa2, 0xf582c3af, 0xc4a8fc8c, 0xcfa6f581,
-0xd2b4ee96, 0xd9bae79b, 0x7bdb3bbb, 0x70d532b6, 0x6dc729a1, 0x66c920ac,
-0x57e31f8f, 0x5ced1682, 0x41ff0d95, 0x4af10498, 0x23ab73d3, 0x28a57ade,
-0x35b761c9, 0x3eb968c4, 0x0f9357e7, 0x049d5eea, 0x198f45fd, 0x12814cf0,
-0xcb3bab6b, 0xc035a266, 0xdd27b971, 0xd629b07c, 0xe7038f5f, 0xec0d8652,
-0xf11f9d45, 0xfa119448, 0x934be303, 0x9845ea0e, 0x8557f119, 0x8e59f814,
-0xbf73c737, 0xb47dce3a, 0xa96fd52d, 0xa261dc20, 0xf6ad766d, 0xfda37f60,
-0xe0b16477, 0xebbf6d7a, 0xda955259, 0xd19b5b54, 0xcc894043, 0xc787494e,
-0xaedd3e05, 0xa5d33708, 0xb8c12c1f, 0xb3cf2512, 0x82e51a31, 0x89eb133c,
-0x94f9082b, 0x9ff70126, 0x464de6bd, 0x4d43efb0, 0x5051f4a7, 0x5b5ffdaa,
-0x6a75c289, 0x617bcb84, 0x7c69d093, 0x7767d99e, 0x1e3daed5, 0x1533a7d8,
-0x0821bccf, 0x032fb5c2, 0x32058ae1, 0x390b83ec, 0x241998fb, 0x2f1791f6,
-0x8d764dd6, 0x867844db, 0x9b6a5fcc, 0x906456c1, 0xa14e69e2, 0xaa4060ef,
-0xb7527bf8, 0xbc5c72f5, 0xd50605be, 0xde080cb3, 0xc31a17a4, 0xc8141ea9,
-0xf93e218a, 0xf2302887, 0xef223390, 0xe42c3a9d, 0x3d96dd06, 0x3698d40b,
-0x2b8acf1c, 0x2084c611, 0x11aef932, 0x1aa0f03f, 0x07b2eb28, 0x0cbce225,
-0x65e6956e, 0x6ee89c63, 0x73fa8774, 0x78f48e79, 0x49deb15a, 0x42d0b857,
-0x5fc2a340, 0x54ccaa4d, 0xf741ecda, 0xfc4fe5d7, 0xe15dfec0, 0xea53f7cd,
-0xdb79c8ee, 0xd077c1e3, 0xcd65daf4, 0xc66bd3f9, 0xaf31a4b2, 0xa43fadbf,
-0xb92db6a8, 0xb223bfa5, 0x83098086, 0x8807898b, 0x9515929c, 0x9e1b9b91,
-0x47a17c0a, 0x4caf7507, 0x51bd6e10, 0x5ab3671d, 0x6b99583e, 0x60975133,
-0x7d854a24, 0x768b4329, 0x1fd13462, 0x14df3d6f, 0x09cd2678, 0x02c32f75,
-0x33e91056, 0x38e7195b, 0x25f5024c, 0x2efb0b41, 0x8c9ad761, 0x8794de6c,
-0x9a86c57b, 0x9188cc76, 0xa0a2f355, 0xabacfa58, 0xb6bee14f, 0xbdb0e842,
-0xd4ea9f09, 0xdfe49604, 0xc2f68d13, 0xc9f8841e, 0xf8d2bb3d, 0xf3dcb230,
-0xeecea927, 0xe5c0a02a, 0x3c7a47b1, 0x37744ebc, 0x2a6655ab, 0x21685ca6,
-0x10426385, 0x1b4c6a88, 0x065e719f, 0x0d507892, 0x640a0fd9, 0x6f0406d4,
-0x72161dc3, 0x791814ce, 0x48322bed, 0x433c22e0, 0x5e2e39f7, 0x552030fa,
-0x01ec9ab7, 0x0ae293ba, 0x17f088ad, 0x1cfe81a0, 0x2dd4be83, 0x26dab78e,
-0x3bc8ac99, 0x30c6a594, 0x599cd2df, 0x5292dbd2, 0x4f80c0c5, 0x448ec9c8,
-0x75a4f6eb, 0x7eaaffe6, 0x63b8e4f1, 0x68b6edfc, 0xb10c0a67, 0xba02036a,
-0xa710187d, 0xac1e1170, 0x9d342e53, 0x963a275e, 0x8b283c49, 0x80263544,
-0xe97c420f, 0xe2724b02, 0xff605015, 0xf46e5918, 0xc544663b, 0xce4a6f36,
-0xd3587421, 0xd8567d2c, 0x7a37a10c, 0x7139a801, 0x6c2bb316, 0x6725ba1b,
-0x560f8538, 0x5d018c35, 0x40139722, 0x4b1d9e2f, 0x2247e964, 0x2949e069,
-0x345bfb7e, 0x3f55f273, 0x0e7fcd50, 0x0571c45d, 0x1863df4a, 0x136dd647,
-0xcad731dc, 0xc1d938d1, 0xdccb23c6, 0xd7c52acb, 0xe6ef15e8, 0xede11ce5,
-0xf0f307f2, 0xfbfd0eff, 0x92a779b4, 0x99a970b9, 0x84bb6bae, 0x8fb562a3,
-0xbe9f5d80, 0xb591548d, 0xa8834f9a, 0xa38d4697
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC2[256] =
-{
-0x00000000, 0x090e0b0d, 0x121c161a, 0x1b121d17, 0x24382c34, 0x2d362739,
-0x36243a2e, 0x3f2a3123, 0x48705868, 0x417e5365, 0x5a6c4e72, 0x5362457f,
-0x6c48745c, 0x65467f51, 0x7e546246, 0x775a694b, 0x90e0b0d0, 0x99eebbdd,
-0x82fca6ca, 0x8bf2adc7, 0xb4d89ce4, 0xbdd697e9, 0xa6c48afe, 0xafca81f3,
-0xd890e8b8, 0xd19ee3b5, 0xca8cfea2, 0xc382f5af, 0xfca8c48c, 0xf5a6cf81,
-0xeeb4d296, 0xe7bad99b, 0x3bdb7bbb, 0x32d570b6, 0x29c76da1, 0x20c966ac,
-0x1fe3578f, 0x16ed5c82, 0x0dff4195, 0x04f14a98, 0x73ab23d3, 0x7aa528de,
-0x61b735c9, 0x68b93ec4, 0x57930fe7, 0x5e9d04ea, 0x458f19fd, 0x4c8112f0,
-0xab3bcb6b, 0xa235c066, 0xb927dd71, 0xb029d67c, 0x8f03e75f, 0x860dec52,
-0x9d1ff145, 0x9411fa48, 0xe34b9303, 0xea45980e, 0xf1578519, 0xf8598e14,
-0xc773bf37, 0xce7db43a, 0xd56fa92d, 0xdc61a220, 0x76adf66d, 0x7fa3fd60,
-0x64b1e077, 0x6dbfeb7a, 0x5295da59, 0x5b9bd154, 0x4089cc43, 0x4987c74e,
-0x3eddae05, 0x37d3a508, 0x2cc1b81f, 0x25cfb312, 0x1ae58231, 0x13eb893c,
-0x08f9942b, 0x01f79f26, 0xe64d46bd, 0xef434db0, 0xf45150a7, 0xfd5f5baa,
-0xc2756a89, 0xcb7b6184, 0xd0697c93, 0xd967779e, 0xae3d1ed5, 0xa73315d8,
-0xbc2108cf, 0xb52f03c2, 0x8a0532e1, 0x830b39ec, 0x981924fb, 0x91172ff6,
-0x4d768dd6, 0x447886db, 0x5f6a9bcc, 0x566490c1, 0x694ea1e2, 0x6040aaef,
-0x7b52b7f8, 0x725cbcf5, 0x0506d5be, 0x0c08deb3, 0x171ac3a4, 0x1e14c8a9,
-0x213ef98a, 0x2830f287, 0x3322ef90, 0x3a2ce49d, 0xdd963d06, 0xd498360b,
-0xcf8a2b1c, 0xc6842011, 0xf9ae1132, 0xf0a01a3f, 0xebb20728, 0xe2bc0c25,
-0x95e6656e, 0x9ce86e63, 0x87fa7374, 0x8ef47879, 0xb1de495a, 0xb8d04257,
-0xa3c25f40, 0xaacc544d, 0xec41f7da, 0xe54ffcd7, 0xfe5de1c0, 0xf753eacd,
-0xc879dbee, 0xc177d0e3, 0xda65cdf4, 0xd36bc6f9, 0xa431afb2, 0xad3fa4bf,
-0xb62db9a8, 0xbf23b2a5, 0x80098386, 0x8907888b, 0x9215959c, 0x9b1b9e91,
-0x7ca1470a, 0x75af4c07, 0x6ebd5110, 0x67b35a1d, 0x58996b3e, 0x51976033,
-0x4a857d24, 0x438b7629, 0x34d11f62, 0x3ddf146f, 0x26cd0978, 0x2fc30275,
-0x10e93356, 0x19e7385b, 0x02f5254c, 0x0bfb2e41, 0xd79a8c61, 0xde94876c,
-0xc5869a7b, 0xcc889176, 0xf3a2a055, 0xfaacab58, 0xe1beb64f, 0xe8b0bd42,
-0x9fead409, 0x96e4df04, 0x8df6c213, 0x84f8c91e, 0xbbd2f83d, 0xb2dcf330,
-0xa9ceee27, 0xa0c0e52a, 0x477a3cb1, 0x4e7437bc, 0x55662aab, 0x5c6821a6,
-0x63421085, 0x6a4c1b88, 0x715e069f, 0x78500d92, 0x0f0a64d9, 0x06046fd4,
-0x1d1672c3, 0x141879ce, 0x2b3248ed, 0x223c43e0, 0x392e5ef7, 0x302055fa,
-0x9aec01b7, 0x93e20aba, 0x88f017ad, 0x81fe1ca0, 0xbed42d83, 0xb7da268e,
-0xacc83b99, 0xa5c63094, 0xd29c59df, 0xdb9252d2, 0xc0804fc5, 0xc98e44c8,
-0xf6a475eb, 0xffaa7ee6, 0xe4b863f1, 0xedb668fc, 0x0a0cb167, 0x0302ba6a,
-0x1810a77d, 0x111eac70, 0x2e349d53, 0x273a965e, 0x3c288b49, 0x35268044,
-0x427ce90f, 0x4b72e202, 0x5060ff15, 0x596ef418, 0x6644c53b, 0x6f4ace36,
-0x7458d321, 0x7d56d82c, 0xa1377a0c, 0xa8397101, 0xb32b6c16, 0xba25671b,
-0x850f5638, 0x8c015d35, 0x97134022, 0x9e1d4b2f, 0xe9472264, 0xe0492969,
-0xfb5b347e, 0xf2553f73, 0xcd7f0e50, 0xc471055d, 0xdf63184a, 0xd66d1347,
-0x31d7cadc, 0x38d9c1d1, 0x23cbdcc6, 0x2ac5d7cb, 0x15efe6e8, 0x1ce1ede5,
-0x07f3f0f2, 0x0efdfbff, 0x79a792b4, 0x70a999b9, 0x6bbb84ae, 0x62b58fa3,
-0x5d9fbe80, 0x5491b58d, 0x4f83a89a, 0x468da397
-};
-#else
-static const PRUint32 _IMXC2[256] =
-{
-0x00000000, 0x0d0b0e09, 0x1a161c12, 0x171d121b, 0x342c3824, 0x3927362d,
-0x2e3a2436, 0x23312a3f, 0x68587048, 0x65537e41, 0x724e6c5a, 0x7f456253,
-0x5c74486c, 0x517f4665, 0x4662547e, 0x4b695a77, 0xd0b0e090, 0xddbbee99,
-0xcaa6fc82, 0xc7adf28b, 0xe49cd8b4, 0xe997d6bd, 0xfe8ac4a6, 0xf381caaf,
-0xb8e890d8, 0xb5e39ed1, 0xa2fe8cca, 0xaff582c3, 0x8cc4a8fc, 0x81cfa6f5,
-0x96d2b4ee, 0x9bd9bae7, 0xbb7bdb3b, 0xb670d532, 0xa16dc729, 0xac66c920,
-0x8f57e31f, 0x825ced16, 0x9541ff0d, 0x984af104, 0xd323ab73, 0xde28a57a,
-0xc935b761, 0xc43eb968, 0xe70f9357, 0xea049d5e, 0xfd198f45, 0xf012814c,
-0x6bcb3bab, 0x66c035a2, 0x71dd27b9, 0x7cd629b0, 0x5fe7038f, 0x52ec0d86,
-0x45f11f9d, 0x48fa1194, 0x03934be3, 0x0e9845ea, 0x198557f1, 0x148e59f8,
-0x37bf73c7, 0x3ab47dce, 0x2da96fd5, 0x20a261dc, 0x6df6ad76, 0x60fda37f,
-0x77e0b164, 0x7aebbf6d, 0x59da9552, 0x54d19b5b, 0x43cc8940, 0x4ec78749,
-0x05aedd3e, 0x08a5d337, 0x1fb8c12c, 0x12b3cf25, 0x3182e51a, 0x3c89eb13,
-0x2b94f908, 0x269ff701, 0xbd464de6, 0xb04d43ef, 0xa75051f4, 0xaa5b5ffd,
-0x896a75c2, 0x84617bcb, 0x937c69d0, 0x9e7767d9, 0xd51e3dae, 0xd81533a7,
-0xcf0821bc, 0xc2032fb5, 0xe132058a, 0xec390b83, 0xfb241998, 0xf62f1791,
-0xd68d764d, 0xdb867844, 0xcc9b6a5f, 0xc1906456, 0xe2a14e69, 0xefaa4060,
-0xf8b7527b, 0xf5bc5c72, 0xbed50605, 0xb3de080c, 0xa4c31a17, 0xa9c8141e,
-0x8af93e21, 0x87f23028, 0x90ef2233, 0x9de42c3a, 0x063d96dd, 0x0b3698d4,
-0x1c2b8acf, 0x112084c6, 0x3211aef9, 0x3f1aa0f0, 0x2807b2eb, 0x250cbce2,
-0x6e65e695, 0x636ee89c, 0x7473fa87, 0x7978f48e, 0x5a49deb1, 0x5742d0b8,
-0x405fc2a3, 0x4d54ccaa, 0xdaf741ec, 0xd7fc4fe5, 0xc0e15dfe, 0xcdea53f7,
-0xeedb79c8, 0xe3d077c1, 0xf4cd65da, 0xf9c66bd3, 0xb2af31a4, 0xbfa43fad,
-0xa8b92db6, 0xa5b223bf, 0x86830980, 0x8b880789, 0x9c951592, 0x919e1b9b,
-0x0a47a17c, 0x074caf75, 0x1051bd6e, 0x1d5ab367, 0x3e6b9958, 0x33609751,
-0x247d854a, 0x29768b43, 0x621fd134, 0x6f14df3d, 0x7809cd26, 0x7502c32f,
-0x5633e910, 0x5b38e719, 0x4c25f502, 0x412efb0b, 0x618c9ad7, 0x6c8794de,
-0x7b9a86c5, 0x769188cc, 0x55a0a2f3, 0x58abacfa, 0x4fb6bee1, 0x42bdb0e8,
-0x09d4ea9f, 0x04dfe496, 0x13c2f68d, 0x1ec9f884, 0x3df8d2bb, 0x30f3dcb2,
-0x27eecea9, 0x2ae5c0a0, 0xb13c7a47, 0xbc37744e, 0xab2a6655, 0xa621685c,
-0x85104263, 0x881b4c6a, 0x9f065e71, 0x920d5078, 0xd9640a0f, 0xd46f0406,
-0xc372161d, 0xce791814, 0xed48322b, 0xe0433c22, 0xf75e2e39, 0xfa552030,
-0xb701ec9a, 0xba0ae293, 0xad17f088, 0xa01cfe81, 0x832dd4be, 0x8e26dab7,
-0x993bc8ac, 0x9430c6a5, 0xdf599cd2, 0xd25292db, 0xc54f80c0, 0xc8448ec9,
-0xeb75a4f6, 0xe67eaaff, 0xf163b8e4, 0xfc68b6ed, 0x67b10c0a, 0x6aba0203,
-0x7da71018, 0x70ac1e11, 0x539d342e, 0x5e963a27, 0x498b283c, 0x44802635,
-0x0fe97c42, 0x02e2724b, 0x15ff6050, 0x18f46e59, 0x3bc54466, 0x36ce4a6f,
-0x21d35874, 0x2cd8567d, 0x0c7a37a1, 0x017139a8, 0x166c2bb3, 0x1b6725ba,
-0x38560f85, 0x355d018c, 0x22401397, 0x2f4b1d9e, 0x642247e9, 0x692949e0,
-0x7e345bfb, 0x733f55f2, 0x500e7fcd, 0x5d0571c4, 0x4a1863df, 0x47136dd6,
-0xdccad731, 0xd1c1d938, 0xc6dccb23, 0xcbd7c52a, 0xe8e6ef15, 0xe5ede11c,
-0xf2f0f307, 0xfffbfd0e, 0xb492a779, 0xb999a970, 0xae84bb6b, 0xa38fb562,
-0x80be9f5d, 0x8db59154, 0x9aa8834f, 0x97a38d46
-};
-#endif
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 _IMXC3[256] =
-{
-0x00000000, 0x0e0b0d09, 0x1c161a12, 0x121d171b, 0x382c3424, 0x3627392d,
-0x243a2e36, 0x2a31233f, 0x70586848, 0x7e536541, 0x6c4e725a, 0x62457f53,
-0x48745c6c, 0x467f5165, 0x5462467e, 0x5a694b77, 0xe0b0d090, 0xeebbdd99,
-0xfca6ca82, 0xf2adc78b, 0xd89ce4b4, 0xd697e9bd, 0xc48afea6, 0xca81f3af,
-0x90e8b8d8, 0x9ee3b5d1, 0x8cfea2ca, 0x82f5afc3, 0xa8c48cfc, 0xa6cf81f5,
-0xb4d296ee, 0xbad99be7, 0xdb7bbb3b, 0xd570b632, 0xc76da129, 0xc966ac20,
-0xe3578f1f, 0xed5c8216, 0xff41950d, 0xf14a9804, 0xab23d373, 0xa528de7a,
-0xb735c961, 0xb93ec468, 0x930fe757, 0x9d04ea5e, 0x8f19fd45, 0x8112f04c,
-0x3bcb6bab, 0x35c066a2, 0x27dd71b9, 0x29d67cb0, 0x03e75f8f, 0x0dec5286,
-0x1ff1459d, 0x11fa4894, 0x4b9303e3, 0x45980eea, 0x578519f1, 0x598e14f8,
-0x73bf37c7, 0x7db43ace, 0x6fa92dd5, 0x61a220dc, 0xadf66d76, 0xa3fd607f,
-0xb1e07764, 0xbfeb7a6d, 0x95da5952, 0x9bd1545b, 0x89cc4340, 0x87c74e49,
-0xddae053e, 0xd3a50837, 0xc1b81f2c, 0xcfb31225, 0xe582311a, 0xeb893c13,
-0xf9942b08, 0xf79f2601, 0x4d46bde6, 0x434db0ef, 0x5150a7f4, 0x5f5baafd,
-0x756a89c2, 0x7b6184cb, 0x697c93d0, 0x67779ed9, 0x3d1ed5ae, 0x3315d8a7,
-0x2108cfbc, 0x2f03c2b5, 0x0532e18a, 0x0b39ec83, 0x1924fb98, 0x172ff691,
-0x768dd64d, 0x7886db44, 0x6a9bcc5f, 0x6490c156, 0x4ea1e269, 0x40aaef60,
-0x52b7f87b, 0x5cbcf572, 0x06d5be05, 0x08deb30c, 0x1ac3a417, 0x14c8a91e,
-0x3ef98a21, 0x30f28728, 0x22ef9033, 0x2ce49d3a, 0x963d06dd, 0x98360bd4,
-0x8a2b1ccf, 0x842011c6, 0xae1132f9, 0xa01a3ff0, 0xb20728eb, 0xbc0c25e2,
-0xe6656e95, 0xe86e639c, 0xfa737487, 0xf478798e, 0xde495ab1, 0xd04257b8,
-0xc25f40a3, 0xcc544daa, 0x41f7daec, 0x4ffcd7e5, 0x5de1c0fe, 0x53eacdf7,
-0x79dbeec8, 0x77d0e3c1, 0x65cdf4da, 0x6bc6f9d3, 0x31afb2a4, 0x3fa4bfad,
-0x2db9a8b6, 0x23b2a5bf, 0x09838680, 0x07888b89, 0x15959c92, 0x1b9e919b,
-0xa1470a7c, 0xaf4c0775, 0xbd51106e, 0xb35a1d67, 0x996b3e58, 0x97603351,
-0x857d244a, 0x8b762943, 0xd11f6234, 0xdf146f3d, 0xcd097826, 0xc302752f,
-0xe9335610, 0xe7385b19, 0xf5254c02, 0xfb2e410b, 0x9a8c61d7, 0x94876cde,
-0x869a7bc5, 0x889176cc, 0xa2a055f3, 0xacab58fa, 0xbeb64fe1, 0xb0bd42e8,
-0xead4099f, 0xe4df0496, 0xf6c2138d, 0xf8c91e84, 0xd2f83dbb, 0xdcf330b2,
-0xceee27a9, 0xc0e52aa0, 0x7a3cb147, 0x7437bc4e, 0x662aab55, 0x6821a65c,
-0x42108563, 0x4c1b886a, 0x5e069f71, 0x500d9278, 0x0a64d90f, 0x046fd406,
-0x1672c31d, 0x1879ce14, 0x3248ed2b, 0x3c43e022, 0x2e5ef739, 0x2055fa30,
-0xec01b79a, 0xe20aba93, 0xf017ad88, 0xfe1ca081, 0xd42d83be, 0xda268eb7,
-0xc83b99ac, 0xc63094a5, 0x9c59dfd2, 0x9252d2db, 0x804fc5c0, 0x8e44c8c9,
-0xa475ebf6, 0xaa7ee6ff, 0xb863f1e4, 0xb668fced, 0x0cb1670a, 0x02ba6a03,
-0x10a77d18, 0x1eac7011, 0x349d532e, 0x3a965e27, 0x288b493c, 0x26804435,
-0x7ce90f42, 0x72e2024b, 0x60ff1550, 0x6ef41859, 0x44c53b66, 0x4ace366f,
-0x58d32174, 0x56d82c7d, 0x377a0ca1, 0x397101a8, 0x2b6c16b3, 0x25671bba,
-0x0f563885, 0x015d358c, 0x13402297, 0x1d4b2f9e, 0x472264e9, 0x492969e0,
-0x5b347efb, 0x553f73f2, 0x7f0e50cd, 0x71055dc4, 0x63184adf, 0x6d1347d6,
-0xd7cadc31, 0xd9c1d138, 0xcbdcc623, 0xc5d7cb2a, 0xefe6e815, 0xe1ede51c,
-0xf3f0f207, 0xfdfbff0e, 0xa792b479, 0xa999b970, 0xbb84ae6b, 0xb58fa362,
-0x9fbe805d, 0x91b58d54, 0x83a89a4f, 0x8da39746
-};
-#else
-static const PRUint32 _IMXC3[256] =
-{
-0x00000000, 0x090d0b0e, 0x121a161c, 0x1b171d12, 0x24342c38, 0x2d392736,
-0x362e3a24, 0x3f23312a, 0x48685870, 0x4165537e, 0x5a724e6c, 0x537f4562,
-0x6c5c7448, 0x65517f46, 0x7e466254, 0x774b695a, 0x90d0b0e0, 0x99ddbbee,
-0x82caa6fc, 0x8bc7adf2, 0xb4e49cd8, 0xbde997d6, 0xa6fe8ac4, 0xaff381ca,
-0xd8b8e890, 0xd1b5e39e, 0xcaa2fe8c, 0xc3aff582, 0xfc8cc4a8, 0xf581cfa6,
-0xee96d2b4, 0xe79bd9ba, 0x3bbb7bdb, 0x32b670d5, 0x29a16dc7, 0x20ac66c9,
-0x1f8f57e3, 0x16825ced, 0x0d9541ff, 0x04984af1, 0x73d323ab, 0x7ade28a5,
-0x61c935b7, 0x68c43eb9, 0x57e70f93, 0x5eea049d, 0x45fd198f, 0x4cf01281,
-0xab6bcb3b, 0xa266c035, 0xb971dd27, 0xb07cd629, 0x8f5fe703, 0x8652ec0d,
-0x9d45f11f, 0x9448fa11, 0xe303934b, 0xea0e9845, 0xf1198557, 0xf8148e59,
-0xc737bf73, 0xce3ab47d, 0xd52da96f, 0xdc20a261, 0x766df6ad, 0x7f60fda3,
-0x6477e0b1, 0x6d7aebbf, 0x5259da95, 0x5b54d19b, 0x4043cc89, 0x494ec787,
-0x3e05aedd, 0x3708a5d3, 0x2c1fb8c1, 0x2512b3cf, 0x1a3182e5, 0x133c89eb,
-0x082b94f9, 0x01269ff7, 0xe6bd464d, 0xefb04d43, 0xf4a75051, 0xfdaa5b5f,
-0xc2896a75, 0xcb84617b, 0xd0937c69, 0xd99e7767, 0xaed51e3d, 0xa7d81533,
-0xbccf0821, 0xb5c2032f, 0x8ae13205, 0x83ec390b, 0x98fb2419, 0x91f62f17,
-0x4dd68d76, 0x44db8678, 0x5fcc9b6a, 0x56c19064, 0x69e2a14e, 0x60efaa40,
-0x7bf8b752, 0x72f5bc5c, 0x05bed506, 0x0cb3de08, 0x17a4c31a, 0x1ea9c814,
-0x218af93e, 0x2887f230, 0x3390ef22, 0x3a9de42c, 0xdd063d96, 0xd40b3698,
-0xcf1c2b8a, 0xc6112084, 0xf93211ae, 0xf03f1aa0, 0xeb2807b2, 0xe2250cbc,
-0x956e65e6, 0x9c636ee8, 0x877473fa, 0x8e7978f4, 0xb15a49de, 0xb85742d0,
-0xa3405fc2, 0xaa4d54cc, 0xecdaf741, 0xe5d7fc4f, 0xfec0e15d, 0xf7cdea53,
-0xc8eedb79, 0xc1e3d077, 0xdaf4cd65, 0xd3f9c66b, 0xa4b2af31, 0xadbfa43f,
-0xb6a8b92d, 0xbfa5b223, 0x80868309, 0x898b8807, 0x929c9515, 0x9b919e1b,
-0x7c0a47a1, 0x75074caf, 0x6e1051bd, 0x671d5ab3, 0x583e6b99, 0x51336097,
-0x4a247d85, 0x4329768b, 0x34621fd1, 0x3d6f14df, 0x267809cd, 0x2f7502c3,
-0x105633e9, 0x195b38e7, 0x024c25f5, 0x0b412efb, 0xd7618c9a, 0xde6c8794,
-0xc57b9a86, 0xcc769188, 0xf355a0a2, 0xfa58abac, 0xe14fb6be, 0xe842bdb0,
-0x9f09d4ea, 0x9604dfe4, 0x8d13c2f6, 0x841ec9f8, 0xbb3df8d2, 0xb230f3dc,
-0xa927eece, 0xa02ae5c0, 0x47b13c7a, 0x4ebc3774, 0x55ab2a66, 0x5ca62168,
-0x63851042, 0x6a881b4c, 0x719f065e, 0x78920d50, 0x0fd9640a, 0x06d46f04,
-0x1dc37216, 0x14ce7918, 0x2bed4832, 0x22e0433c, 0x39f75e2e, 0x30fa5520,
-0x9ab701ec, 0x93ba0ae2, 0x88ad17f0, 0x81a01cfe, 0xbe832dd4, 0xb78e26da,
-0xac993bc8, 0xa59430c6, 0xd2df599c, 0xdbd25292, 0xc0c54f80, 0xc9c8448e,
-0xf6eb75a4, 0xffe67eaa, 0xe4f163b8, 0xedfc68b6, 0x0a67b10c, 0x036aba02,
-0x187da710, 0x1170ac1e, 0x2e539d34, 0x275e963a, 0x3c498b28, 0x35448026,
-0x420fe97c, 0x4b02e272, 0x5015ff60, 0x5918f46e, 0x663bc544, 0x6f36ce4a,
-0x7421d358, 0x7d2cd856, 0xa10c7a37, 0xa8017139, 0xb3166c2b, 0xba1b6725,
-0x8538560f, 0x8c355d01, 0x97224013, 0x9e2f4b1d, 0xe9642247, 0xe0692949,
-0xfb7e345b, 0xf2733f55, 0xcd500e7f, 0xc45d0571, 0xdf4a1863, 0xd647136d,
-0x31dccad7, 0x38d1c1d9, 0x23c6dccb, 0x2acbd7c5, 0x15e8e6ef, 0x1ce5ede1,
-0x07f2f0f3, 0x0efffbfd, 0x79b492a7, 0x70b999a9, 0x6bae84bb, 0x62a38fb5,
-0x5d80be9f, 0x548db591, 0x4f9aa883, 0x4697a38d
-};
-#endif
-
-#endif /* RIJNDAEL_INCLUDE_TABLES */
-
-#ifdef IS_LITTLE_ENDIAN
-static const PRUint32 Rcon[30] = {
-0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010, 0x00000020,
-0x00000040, 0x00000080, 0x0000001b, 0x00000036, 0x0000006c, 0x000000d8,
-0x000000ab, 0x0000004d, 0x0000009a, 0x0000002f, 0x0000005e, 0x000000bc,
-0x00000063, 0x000000c6, 0x00000097, 0x00000035, 0x0000006a, 0x000000d4,
-0x000000b3, 0x0000007d, 0x000000fa, 0x000000ef, 0x000000c5, 0x00000091
-};
-#else
-static const PRUint32 Rcon[30] = {
-0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000,
-0x40000000, 0x80000000, 0x1b000000, 0x36000000, 0x6c000000, 0xd8000000,
-0xab000000, 0x4d000000, 0x9a000000, 0x2f000000, 0x5e000000, 0xbc000000,
-0x63000000, 0xc6000000, 0x97000000, 0x35000000, 0x6a000000, 0xd4000000,
-0xb3000000, 0x7d000000, 0xfa000000, 0xef000000, 0xc5000000, 0x91000000
-};
-#endif
-
diff --git a/security/nss/lib/freebl/rijndael_tables.c b/security/nss/lib/freebl/rijndael_tables.c
deleted file mode 100644
index 6f1957468..000000000
--- a/security/nss/lib/freebl/rijndael_tables.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "stdio.h"
-#include "prtypes.h"
-#include "blapi.h"
-
-/*
- * what follows is code thrown together to generate the myriad of tables
- * used by Rijndael, the AES cipher.
- */
-
-
-#define WORD_LE(b0, b1, b2, b3) \
- (((b3) << 24) | ((b2) << 16) | ((b1) << 8) | b0)
-
-#define WORD_BE(b0, b1, b2, b3) \
- (((b0) << 24) | ((b1) << 16) | ((b2) << 8) | b3)
-
-static const PRUint8 __S[256] =
-{
- 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118,
-202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
-183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21,
- 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117,
- 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132,
- 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207,
-208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168,
- 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210,
-205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115,
- 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219,
-224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121,
-231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8,
-186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138,
-112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158,
-225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223,
-140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22,
-};
-
-static const PRUint8 __SInv[256] =
-{
- 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251,
-124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203,
- 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78,
- 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37,
-114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146,
-108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132,
-144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6,
-208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107,
- 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
-150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110,
- 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27,
-252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244,
- 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95,
- 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239,
-160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97,
- 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125
-};
-
-/* GF_MULTIPLY
- *
- * multiply two bytes represented in GF(2**8), mod (x**4 + 1)
- */
-PRUint8 gf_multiply(PRUint8 a, PRUint8 b)
-{
- PRUint8 res = 0;
- while (b > 0) {
- res = (b & 0x01) ? res ^ a : res;
- a = (a & 0x80) ? ((a << 1) ^ 0x1b) : (a << 1);
- b >>= 1;
- }
- return res;
-}
-
-void
-make_T_Table(char *table, const PRUint8 Sx[256], FILE *file,
- unsigned char m0, unsigned char m1,
- unsigned char m2, unsigned char m3)
-{
- PRUint32 Ti;
- int i;
- fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n");
- fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table);
- for (i=0; i<256; i++) {
- Ti = WORD_LE( gf_multiply(Sx[i], m0),
- gf_multiply(Sx[i], m1),
- gf_multiply(Sx[i], m2),
- gf_multiply(Sx[i], m3) );
- if (Ti == 0)
- fprintf(file, "0x00000000%c%c", (i==255)?' ':',',
- (i%6==5)?'\n':' ');
- else
- fprintf(file, "%#.8x%c%c", Ti, (i==255)?' ':',',
- (i%6==5)?'\n':' ');
- }
- fprintf(file, "\n};\n");
- fprintf(file, "#else\n");
- fprintf(file, "static const PRUint32 _T%s[256] = \n{\n", table);
- for (i=0; i<256; i++) {
- Ti = WORD_BE( gf_multiply(Sx[i], m0),
- gf_multiply(Sx[i], m1),
- gf_multiply(Sx[i], m2),
- gf_multiply(Sx[i], m3) );
- if (Ti == 0)
- fprintf(file, "0x00000000%c%c", (i==255)?' ':',',
- (i%6==5)?'\n':' ');
- else
- fprintf(file, "%#.8x%c%c", Ti, (i==255)?' ':',',
- (i%6==5)?'\n':' ');
- }
- fprintf(file, "\n};\n");
- fprintf(file, "#endif\n\n");
-}
-
-void make_InvMixCol_Table(int num, FILE *file, PRUint8 m0, PRUint8 m1, PRUint8 m2, PRUint8 m3)
-{
- PRUint16 i;
- PRUint8 b0, b1, b2, b3;
- fprintf(file, "#ifdef IS_LITTLE_ENDIAN\n");
- fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num);
- for (i=0; i<256; i++) {
- b0 = gf_multiply(i, m0);
- b1 = gf_multiply(i, m1);
- b2 = gf_multiply(i, m2);
- b3 = gf_multiply(i, m3);
- fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b3, b2, b1, b0, (i==255)?' ':',', (i%6==5)?'\n':' ');
- }
- fprintf(file, "\n};\n");
- fprintf(file, "#else\n");
- fprintf(file, "static const PRUint32 _IMXC%d[256] = \n{\n", num);
- for (i=0; i<256; i++) {
- b0 = gf_multiply(i, m0);
- b1 = gf_multiply(i, m1);
- b2 = gf_multiply(i, m2);
- b3 = gf_multiply(i, m3);
- fprintf(file, "0x%.2x%.2x%.2x%.2x%c%c", b0, b1, b2, b3, (i==255)?' ':',', (i%6==5)?'\n':' ');
- }
- fprintf(file, "\n};\n");
- fprintf(file, "#endif\n\n");
-}
-
-int main()
-{
- int i, j;
- PRUint8 cur, last;
- PRUint32 tmp;
- FILE *optfile;
- optfile = fopen("rijndael32.tab", "w");
- /* output S, if there are no T tables */
- fprintf(optfile, "#ifndef RIJNDAEL_INCLUDE_TABLES\n");
- fprintf(optfile, "static const PRUint8 _S[256] = \n{\n");
- for (i=0; i<256; i++) {
- fprintf(optfile, "%3d%c%c", __S[i],(i==255)?' ':',',
- (i%16==15)?'\n':' ');
- }
- fprintf(optfile, "};\n#endif /* not RIJNDAEL_INCLUDE_TABLES */\n\n");
- /* output S**-1 */
- fprintf(optfile, "static const PRUint8 _SInv[256] = \n{\n");
- for (i=0; i<256; i++) {
- fprintf(optfile, "%3d%c%c", __SInv[i],(i==255)?' ':',',
- (i%16==15)?'\n':' ');
- }
- fprintf(optfile, "};\n\n");
- fprintf(optfile, "#ifdef RIJNDAEL_INCLUDE_TABLES\n");
- /* The 32-bit word tables for optimized implementation */
- /* T0 = [ S[a] * 02, S[a], S[a], S[a] * 03 ] */
- make_T_Table("0", __S, optfile, 0x02, 0x01, 0x01, 0x03);
- /* T1 = [ S[a] * 03, S[a] * 02, S[a], S[a] ] */
- make_T_Table("1", __S, optfile, 0x03, 0x02, 0x01, 0x01);
- /* T2 = [ S[a], S[a] * 03, S[a] * 02, S[a] ] */
- make_T_Table("2", __S, optfile, 0x01, 0x03, 0x02, 0x01);
- /* T3 = [ S[a], S[a], S[a] * 03, S[a] * 02 ] */
- make_T_Table("3", __S, optfile, 0x01, 0x01, 0x03, 0x02);
- /* TInv0 = [ Si[a] * 0E, Si[a] * 09, Si[a] * 0D, Si[a] * 0B ] */
- make_T_Table("Inv0", __SInv, optfile, 0x0e, 0x09, 0x0d, 0x0b);
- /* TInv1 = [ Si[a] * 0B, Si[a] * 0E, Si[a] * 09, Si[a] * 0D ] */
- make_T_Table("Inv1", __SInv, optfile, 0x0b, 0x0e, 0x09, 0x0d);
- /* TInv2 = [ Si[a] * 0D, Si[a] * 0B, Si[a] * 0E, Si[a] * 09 ] */
- make_T_Table("Inv2", __SInv, optfile, 0x0d, 0x0b, 0x0e, 0x09);
- /* TInv3 = [ Si[a] * 09, Si[a] * 0D, Si[a] * 0B, Si[a] * 0E ] */
- make_T_Table("Inv3", __SInv, optfile, 0x09, 0x0d, 0x0b, 0x0e);
- /* byte multiply tables for inverse key expansion (mimics InvMixColumn) */
- make_InvMixCol_Table(0, optfile, 0x0e, 0x09, 0x0d, 0x0b);
- make_InvMixCol_Table(1, optfile, 0x0b, 0x0E, 0x09, 0x0d);
- make_InvMixCol_Table(2, optfile, 0x0d, 0x0b, 0x0e, 0x09);
- make_InvMixCol_Table(3, optfile, 0x09, 0x0d, 0x0b, 0x0e);
- fprintf(optfile, "#endif /* RIJNDAEL_INCLUDE_TABLES */\n\n");
- /* round constants for key expansion */
- fprintf(optfile, "#ifdef IS_LITTLE_ENDIAN\n");
- fprintf(optfile, "static const PRUint32 Rcon[30] = {\n");
- cur = 0x01;
- for (i=0; i<30; i++) {
- fprintf(optfile, "%#.8x%c%c", WORD_LE(cur, 0, 0, 0),
- (i==29)?' ':',', (i%6==5)?'\n':' ');
- last = cur;
- cur = gf_multiply(last, 0x02);
- }
- fprintf(optfile, "};\n");
- fprintf(optfile, "#else\n");
- fprintf(optfile, "static const PRUint32 Rcon[30] = {\n");
- cur = 0x01;
- for (i=0; i<30; i++) {
- fprintf(optfile, "%#.8x%c%c", WORD_BE(cur, 0, 0, 0),
- (i==29)?' ':',', (i%6==5)?'\n':' ');
- last = cur;
- cur = gf_multiply(last, 0x02);
- }
- fprintf(optfile, "};\n");
- fprintf(optfile, "#endif\n\n");
- fclose(optfile);
- return 0;
-}
diff --git a/security/nss/lib/freebl/rsa.c b/security/nss/lib/freebl/rsa.c
deleted file mode 100644
index 624282f81..000000000
--- a/security/nss/lib/freebl/rsa.c
+++ /dev/null
@@ -1,1006 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- */
-
-/*
- * RSA key generation, public key op, private key op.
- *
- * $Id$
- */
-
-#include "secerr.h"
-
-#include "prclist.h"
-#include "nssilock.h"
-#include "prinit.h"
-#include "blapi.h"
-#include "mpi.h"
-#include "mpprime.h"
-#include "mplogic.h"
-#include "secmpi.h"
-#include "secitem.h"
-
-#if 0
-/* The cutoff for determining whether a private key operation double check
- * should be performed by a public key operation or Shamir's test.
- */
-#define MAX_BITS_IN_E_FOR_PUBKEY_SIG_CHECK ???
-#endif
-
-/*
-** Number of times to attempt to generate a prime (p or q) from a random
-** seed (the seed changes for each iteration).
-*/
-#define MAX_PRIME_GEN_ATTEMPTS 10
-/*
-** Number of times to attempt to generate a key. The primes p and q change
-** for each attempt.
-*/
-#define MAX_KEY_GEN_ATTEMPTS 10
-
-/*
-** RSABlindingParamsStr
-**
-** For discussion of Paul Kocher's timing attack against an RSA private key
-** operation, see http://www.cryptography.com/timingattack/paper.html. The
-** countermeasure to this attack, known as blinding, is also discussed in
-** the Handbook of Applied Cryptography, 11.118-11.119.
-*/
-struct RSABlindingParamsStr
-{
- /* Blinding-specific parameters */
- PRCList link; /* link to list of structs */
- SECItem modulus; /* list element "key" */
- mp_int f, g; /* Blinding parameters */
- int counter; /* number of remaining uses of (f, g) */
-};
-
-/*
-** RSABlindingParamsListStr
-**
-** List of key-specific blinding params. The arena holds the volatile pool
-** of memory for each entry and the list itself. The lock is for list
-** operations, in this case insertions and iterations, as well as control
-** of the counter for each set of blinding parameters.
-*/
-struct RSABlindingParamsListStr
-{
- PZLock *lock; /* Lock for the list */
- PRCList head; /* Pointer to the list */
-};
-
-/*
-** The master blinding params list.
-*/
-static struct RSABlindingParamsListStr blindingParamsList = { 0 };
-
-/* Number of times to reuse (f, g). Suggested by Paul Kocher */
-#define RSA_BLINDING_PARAMS_MAX_REUSE 50
-
-/* Global, allows optional use of blinding. On by default. */
-/* Cannot be changed at the moment, due to thread-safety issues. */
-static PRBool nssRSAUseBlinding = PR_TRUE;
-
-static SECStatus
-rsa_keygen_from_primes(mp_int *p, mp_int *q, mp_int *e, RSAPrivateKey *key,
- unsigned int keySizeInBits)
-{
- mp_int n, d, phi;
- mp_int psub1, qsub1, tmp;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&d) = 0;
- MP_DIGITS(&phi) = 0;
- MP_DIGITS(&psub1) = 0;
- MP_DIGITS(&qsub1) = 0;
- MP_DIGITS(&tmp) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&d) );
- CHECK_MPI_OK( mp_init(&phi) );
- CHECK_MPI_OK( mp_init(&psub1) );
- CHECK_MPI_OK( mp_init(&qsub1) );
- CHECK_MPI_OK( mp_init(&tmp) );
- /* 1. Compute n = p*q */
- CHECK_MPI_OK( mp_mul(p, q, &n) );
- /* verify that the modulus has the desired number of bits */
- if ((unsigned)mpl_significant_bits(&n) != keySizeInBits) {
- PORT_SetError(SEC_ERROR_NEED_RANDOM);
- rv = SECFailure;
- goto cleanup;
- }
- /* 2. Compute phi = (p-1)*(q-1) */
- CHECK_MPI_OK( mp_sub_d(p, 1, &psub1) );
- CHECK_MPI_OK( mp_sub_d(q, 1, &qsub1) );
- CHECK_MPI_OK( mp_mul(&psub1, &qsub1, &phi) );
- /* 3. Compute d = e**-1 mod(phi) */
- err = mp_invmod(e, &phi, &d);
- /* Verify that phi(n) and e have no common divisors */
- if (err != MP_OKAY) {
- if (err == MP_UNDEF) {
- PORT_SetError(SEC_ERROR_NEED_RANDOM);
- err = MP_OKAY; /* to keep PORT_SetError from being called again */
- rv = SECFailure;
- }
- goto cleanup;
- }
- MPINT_TO_SECITEM(&n, &key->modulus, key->arena);
- MPINT_TO_SECITEM(&d, &key->privateExponent, key->arena);
- /* 4. Compute exponent1 = d mod (p-1) */
- CHECK_MPI_OK( mp_mod(&d, &psub1, &tmp) );
- MPINT_TO_SECITEM(&tmp, &key->exponent1, key->arena);
- /* 5. Compute exponent2 = d mod (q-1) */
- CHECK_MPI_OK( mp_mod(&d, &qsub1, &tmp) );
- MPINT_TO_SECITEM(&tmp, &key->exponent2, key->arena);
- /* 6. Compute coefficient = q**-1 mod p */
- CHECK_MPI_OK( mp_invmod(q, p, &tmp) );
- MPINT_TO_SECITEM(&tmp, &key->coefficient, key->arena);
-cleanup:
- mp_clear(&n);
- mp_clear(&d);
- mp_clear(&phi);
- mp_clear(&psub1);
- mp_clear(&qsub1);
- mp_clear(&tmp);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-static SECStatus
-generate_prime(mp_int *prime, int primeLen)
-{
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- unsigned long counter = 0;
- int piter;
- unsigned char *pb = NULL;
- pb = PORT_Alloc(primeLen);
- if (!pb) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto cleanup;
- }
- for (piter = 0; piter < MAX_PRIME_GEN_ATTEMPTS; piter++) {
- CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(pb, primeLen) );
- pb[0] |= 0xC0; /* set two high-order bits */
- pb[primeLen-1] |= 0x01; /* set low-order bit */
- CHECK_MPI_OK( mp_read_unsigned_octets(prime, pb, primeLen) );
- err = mpp_make_prime(prime, primeLen * 8, PR_FALSE, &counter);
- if (err != MP_NO)
- goto cleanup;
- /* keep going while err == MP_NO */
- }
-cleanup:
- if (pb)
- PORT_ZFree(pb, primeLen);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
-** Generate and return a new RSA public and private key.
-** Both keys are encoded in a single RSAPrivateKey structure.
-** "cx" is the random number generator context
-** "keySizeInBits" is the size of the key to be generated, in bits.
-** 512, 1024, etc.
-** "publicExponent" when not NULL is a pointer to some data that
-** represents the public exponent to use. The data is a byte
-** encoded integer, in "big endian" order.
-*/
-RSAPrivateKey *
-RSA_NewKey(int keySizeInBits, SECItem *publicExponent)
-{
- unsigned int primeLen;
- mp_int p, q, e;
- int kiter;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- int prerr = 0;
- RSAPrivateKey *key = NULL;
- PRArenaPool *arena = NULL;
- /* Require key size to be a multiple of 16 bits. */
- if (!publicExponent || keySizeInBits % 16 != 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- /* 1. Allocate arena & key */
- arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
- if (!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- key = (RSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(RSAPrivateKey));
- if (!key) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_FreeArena(arena, PR_TRUE);
- return NULL;
- }
- key->arena = arena;
- /* length of primes p and q (in bytes) */
- primeLen = keySizeInBits / (2 * BITS_PER_BYTE);
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&q) = 0;
- MP_DIGITS(&e) = 0;
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&q) );
- CHECK_MPI_OK( mp_init(&e) );
- /* 2. Set the version number (PKCS1 v1.5 says it should be zero) */
- SECITEM_AllocItem(arena, &key->version, 1);
- key->version.data[0] = 0;
- /* 3. Set the public exponent */
- SECITEM_CopyItem(arena, &key->publicExponent, publicExponent);
- SECITEM_TO_MPINT(*publicExponent, &e);
- kiter = 0;
- do {
- prerr = 0;
- PORT_SetError(0);
- CHECK_SEC_OK( generate_prime(&p, primeLen) );
- CHECK_SEC_OK( generate_prime(&q, primeLen) );
- /* Assure q < p */
- if (mp_cmp(&p, &q) < 0)
- mp_exch(&p, &q);
- /* Attempt to use these primes to generate a key */
- rv = rsa_keygen_from_primes(&p, &q, &e, key, keySizeInBits);
- if (rv == SECSuccess)
- break; /* generated two good primes */
- prerr = PORT_GetError();
- kiter++;
- /* loop until have primes */
- } while (prerr == SEC_ERROR_NEED_RANDOM && kiter < MAX_KEY_GEN_ATTEMPTS);
- if (prerr)
- goto cleanup;
- MPINT_TO_SECITEM(&p, &key->prime1, arena);
- MPINT_TO_SECITEM(&q, &key->prime2, arena);
-cleanup:
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&e);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- if (rv && arena) {
- PORT_FreeArena(arena, PR_TRUE);
- key = NULL;
- }
- return key;
-}
-
-static unsigned int
-rsa_modulusLen(SECItem *modulus)
-{
- unsigned char byteZero = modulus->data[0];
- unsigned int modLen = modulus->len - !byteZero;
- return modLen;
-}
-
-/*
-** Perform a raw public-key operation
-** Length of input and output buffers are equal to key's modulus len.
-*/
-SECStatus
-RSA_PublicKeyOp(RSAPublicKey *key,
- unsigned char *output,
- const unsigned char *input)
-{
- unsigned int modLen;
- mp_int n, e, m, c;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- if (!key || !output || !input) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&e) = 0;
- MP_DIGITS(&m) = 0;
- MP_DIGITS(&c) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&e) );
- CHECK_MPI_OK( mp_init(&m) );
- CHECK_MPI_OK( mp_init(&c) );
- modLen = rsa_modulusLen(&key->modulus);
- /* 1. Obtain public key (n, e) */
- SECITEM_TO_MPINT(key->modulus, &n);
- SECITEM_TO_MPINT(key->publicExponent, &e);
- /* 2. Represent message as integer in range [0..n-1] */
- CHECK_MPI_OK( mp_read_unsigned_octets(&m, input, modLen) );
- /* 3. Compute c = m**e mod n */
-#ifdef USE_MPI_EXPT_D
- /* XXX see which is faster */
- if (MP_USED(&e) == 1) {
- CHECK_MPI_OK( mp_exptmod_d(&m, MP_DIGIT(&e, 0), &n, &c) );
- } else
-#endif
- CHECK_MPI_OK( mp_exptmod(&m, &e, &n, &c) );
- /* 4. result c is ciphertext */
- err = mp_to_fixlen_octets(&c, output, modLen);
- if (err >= 0) err = MP_OKAY;
-cleanup:
- mp_clear(&n);
- mp_clear(&e);
- mp_clear(&m);
- mp_clear(&c);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
-** RSA Private key operation (no CRT).
-*/
-static SECStatus
-rsa_PrivateKeyOpNoCRT(RSAPrivateKey *key, mp_int *m, mp_int *c, mp_int *n,
- unsigned int modLen)
-{
- mp_int d;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&d) = 0;
- CHECK_MPI_OK( mp_init(&d) );
- SECITEM_TO_MPINT(key->privateExponent, &d);
- /* 1. m = c**d mod n */
- CHECK_MPI_OK( mp_exptmod(c, &d, n, m) );
-cleanup:
- mp_clear(&d);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
-** RSA Private key operation using CRT.
-*/
-static SECStatus
-rsa_PrivateKeyOpCRTNoCheck(RSAPrivateKey *key, mp_int *m, mp_int *c)
-{
- mp_int p, q, d_p, d_q, qInv;
- mp_int m1, m2, h, ctmp;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&q) = 0;
- MP_DIGITS(&d_p) = 0;
- MP_DIGITS(&d_q) = 0;
- MP_DIGITS(&qInv) = 0;
- MP_DIGITS(&m1) = 0;
- MP_DIGITS(&m2) = 0;
- MP_DIGITS(&h) = 0;
- MP_DIGITS(&ctmp) = 0;
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&q) );
- CHECK_MPI_OK( mp_init(&d_p) );
- CHECK_MPI_OK( mp_init(&d_q) );
- CHECK_MPI_OK( mp_init(&qInv) );
- CHECK_MPI_OK( mp_init(&m1) );
- CHECK_MPI_OK( mp_init(&m2) );
- CHECK_MPI_OK( mp_init(&h) );
- CHECK_MPI_OK( mp_init(&ctmp) );
- /* copy private key parameters into mp integers */
- SECITEM_TO_MPINT(key->prime1, &p); /* p */
- SECITEM_TO_MPINT(key->prime2, &q); /* q */
- SECITEM_TO_MPINT(key->exponent1, &d_p); /* d_p = d mod (p-1) */
- SECITEM_TO_MPINT(key->exponent2, &d_q); /* d_q = d mod (q-1) */
- SECITEM_TO_MPINT(key->coefficient, &qInv); /* qInv = q**-1 mod p */
- /* 1. m1 = c**d_p mod p */
- CHECK_MPI_OK( mp_mod(c, &p, &ctmp) );
- CHECK_MPI_OK( mp_exptmod(&ctmp, &d_p, &p, &m1) );
- /* 2. m2 = c**d_q mod q */
- CHECK_MPI_OK( mp_mod(c, &q, &ctmp) );
- CHECK_MPI_OK( mp_exptmod(&ctmp, &d_q, &q, &m2) );
- /* 3. h = (m1 - m2) * qInv mod p */
- CHECK_MPI_OK( mp_submod(&m1, &m2, &p, &h) );
- CHECK_MPI_OK( mp_mulmod(&h, &qInv, &p, &h) );
- /* 4. m = m2 + h * q */
- CHECK_MPI_OK( mp_mul(&h, &q, m) );
- CHECK_MPI_OK( mp_add(m, &m2, m) );
-cleanup:
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&d_p);
- mp_clear(&d_q);
- mp_clear(&qInv);
- mp_clear(&m1);
- mp_clear(&m2);
- mp_clear(&h);
- mp_clear(&ctmp);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
- * Perform a check on the received private key CRT parameters. An attack
- * against RSA CRT was described by Boneh, DeMillo, and Lipton in:
- * "On the Importance of Eliminating Errors in Cryptographic Computations",
- * http://theory.stanford.edu/~dabo/papers/faults.ps.gz
- *
- * The check used to prevent this attack was demonstrated by Shamir in:
- * "How to check modular exponentiation", Rump Session of EUROCRYPT '97
- */
-static SECStatus
-rsa_PrivateKeyOpCRTCheckedShamir(RSAPrivateKey *key, mp_int *m, mp_int *c)
-{
- /* XXX
- * This is not implemented. Open issues are how to store/maintain a
- * set of { r(p), r(q) } values, where r is a 32-bit prime number used
- * in the test.
- * Also, we must determine when this test should be performed in favor
- * of a simple public key operation.
- */
-#if 0
- mp_int p, q, qInv;
- mp_int m1, m2, h, ctmp, res1, res2;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&p) = 0;
- MP_DIGITS(&q) = 0;
- MP_DIGITS(&qInv) = 0;
- MP_DIGITS(&m1) = 0;
- MP_DIGITS(&m2) = 0;
- MP_DIGITS(&h) = 0;
- MP_DIGITS(&ctmp) = 0;
- MP_DIGITS(&res1) = 0;
- MP_DIGITS(&res2) = 0;
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&q) );
- CHECK_MPI_OK( mp_init(&qInv) );
- CHECK_MPI_OK( mp_init(&m1) );
- CHECK_MPI_OK( mp_init(&m2) );
- CHECK_MPI_OK( mp_init(&h) );
- CHECK_MPI_OK( mp_init(&ctmp) );
- CHECK_MPI_OK( mp_init(&res1) );
- CHECK_MPI_OK( mp_init(&res2) );
- /* copy private key parameters into mp integers */
- SECITEM_TO_MPINT(key->prime1, &p); /* p */
- SECITEM_TO_MPINT(key->prime2, &q); /* q */
- SECITEM_TO_MPINT(key->coefficient, &qInv); /* qInv = q**-1 mod p */
- /* s1 = M**d mod pr */
- CHECK_MPI_OK( mp_exptmod(m, d, &pr, s1) );
- /* s2 = M**d mod qr */
- CHECK_MPI_OK( mp_exptmod(m, d, &qr, s2) );
- /* perform the check: s1 mod r = s2 mod r */
- CHECK_MPI_OK( mp_mod_d(s1, r, &res1) );
- CHECK_MPI_OK( mp_mod_d(s2, r, &res2) );
- if (res1 != res2) {
- rv = SECFailure;
- goto cleanup;
- }
- /* reduce s1 = s1 mod p */
- CHECK_MPI_OK( mp_mod(s1, p, &s1) );
- /* reduce s2 = s2 mod q */
- CHECK_MPI_OK( mp_mod(s2, q, &s2) );
- /* 3. h = (m1 - m2) * qInv mod p */
- CHECK_MPI_OK( mp_submod(&m1, &m2, &p, &h) );
- CHECK_MPI_OK( mp_mulmod(&h, &qInv, &p, &h) );
- /* 4. m = m2 + h * q */
- CHECK_MPI_OK( mp_mul(&h, &q, m) );
- CHECK_MPI_OK( mp_add(m, &m2, m) );
-cleanup:
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&qInv);
- mp_clear(&m1);
- mp_clear(&m2);
- mp_clear(&h);
- mp_clear(&ctmp);
- mp_clear(&res1);
- mp_clear(&res2);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-#endif
- return SECFailure;
-}
-
-/*
-** As a defense against the same attack mentioned above, carry out the
-** private key operation. Follow up with a public key operation to invert
-** the result. Verify that result against the input.
-*/
-static SECStatus
-rsa_PrivateKeyOpCRTCheckedPubKey(RSAPrivateKey *key, mp_int *m, mp_int *c)
-{
- mp_int n, e, s;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&e) = 0;
- MP_DIGITS(&s) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&e) );
- CHECK_MPI_OK( mp_init(&s) );
- CHECK_SEC_OK( rsa_PrivateKeyOpCRTNoCheck(key, m, c) );
- /* Perform the CRT parameters check for the small e case.
- * Simply verify that a public key op inverts this operation.
- */
- SECITEM_TO_MPINT(key->modulus, &n);
- SECITEM_TO_MPINT(key->publicExponent, &e);
- /* Perform a public key operation c = m ** e mod n */
- CHECK_MPI_OK( mp_exptmod(m, &e, &n, &s) );
- if (mp_cmp(&s, c) != 0) {
- rv = SECFailure;
- }
-cleanup:
- mp_clear(&n);
- mp_clear(&e);
- mp_clear(&s);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-static PRCallOnceType coBPInit = { 0, 0, 0 };
-static PRStatus
-init_blinding_params_list(void)
-{
- blindingParamsList.lock = PZ_NewLock(nssILockOther);
- if (!blindingParamsList.lock) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return PR_FAILURE;
- }
- PR_INIT_CLIST(&blindingParamsList.head);
- return PR_SUCCESS;
-}
-
-static SECStatus
-generate_blinding_params(struct RSABlindingParamsStr *rsabp,
- RSAPrivateKey *key, mp_int *n, unsigned int modLen)
-{
- SECStatus rv = SECSuccess;
- mp_int e, k;
- mp_err err = MP_OKAY;
- unsigned char *kb = NULL;
- MP_DIGITS(&e) = 0;
- MP_DIGITS(&k) = 0;
- CHECK_MPI_OK( mp_init(&e) );
- CHECK_MPI_OK( mp_init(&k) );
- SECITEM_TO_MPINT(key->publicExponent, &e);
- /* generate random k < n */
- kb = PORT_Alloc(modLen);
- if (!kb) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto cleanup;
- }
- CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(kb, modLen) );
- CHECK_MPI_OK( mp_read_unsigned_octets(&k, kb, modLen) );
- /* k < n */
- CHECK_MPI_OK( mp_mod(&k, n, &k) );
- /* f = k**e mod n */
- CHECK_MPI_OK( mp_exptmod(&k, &e, n, &rsabp->f) );
- /* g = k**-1 mod n */
- CHECK_MPI_OK( mp_invmod(&k, n, &rsabp->g) );
- /* Initialize the counter for this (f, g) */
- rsabp->counter = RSA_BLINDING_PARAMS_MAX_REUSE;
-cleanup:
- if (kb)
- PORT_ZFree(kb, modLen);
- mp_clear(&k);
- mp_clear(&e);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-static SECStatus
-init_blinding_params(struct RSABlindingParamsStr *rsabp, RSAPrivateKey *key,
- mp_int *n, unsigned int modLen)
-{
- SECStatus rv = SECSuccess;
- mp_err err = MP_OKAY;
- MP_DIGITS(&rsabp->f) = 0;
- MP_DIGITS(&rsabp->g) = 0;
- /* initialize blinding parameters */
- CHECK_MPI_OK( mp_init(&rsabp->f) );
- CHECK_MPI_OK( mp_init(&rsabp->g) );
- /* List elements are keyed using the modulus */
- SECITEM_CopyItem(NULL, &rsabp->modulus, &key->modulus);
- CHECK_SEC_OK( generate_blinding_params(rsabp, key, n, modLen) );
- return SECSuccess;
-cleanup:
- mp_clear(&rsabp->f);
- mp_clear(&rsabp->g);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-static SECStatus
-get_blinding_params(RSAPrivateKey *key, mp_int *n, unsigned int modLen,
- mp_int *f, mp_int *g)
-{
- SECStatus rv = SECSuccess;
- mp_err err = MP_OKAY;
- int cmp;
- PRCList *el;
- struct RSABlindingParamsStr *rsabp = NULL;
- /* Init the list if neccessary (the init function is only called once!) */
- if (blindingParamsList.lock == NULL) {
- if (PR_CallOnce(&coBPInit, init_blinding_params_list) != PR_SUCCESS) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return SECFailure;
- }
- }
- /* Acquire the list lock */
- PZ_Lock(blindingParamsList.lock);
- /* Walk the list looking for the private key */
- for (el = PR_NEXT_LINK(&blindingParamsList.head);
- el != &blindingParamsList.head;
- el = PR_NEXT_LINK(el)) {
- rsabp = (struct RSABlindingParamsStr *)el;
- cmp = SECITEM_CompareItem(&rsabp->modulus, &key->modulus);
- if (cmp == 0) {
- /* Check the usage counter for the parameters */
- if (--rsabp->counter <= 0) {
- /* Regenerate the blinding parameters */
- CHECK_SEC_OK( generate_blinding_params(rsabp, key, n, modLen) );
- }
- /* Return the parameters */
- CHECK_MPI_OK( mp_copy(&rsabp->f, f) );
- CHECK_MPI_OK( mp_copy(&rsabp->g, g) );
- /* Now that the params are located, release the list lock. */
- PZ_Unlock(blindingParamsList.lock); /* XXX when fails? */
- return SECSuccess;
- } else if (cmp > 0) {
- /* The key is not in the list. Break to param creation. */
- break;
- }
- }
- /* At this point, the key is not in the list. el should point to the
- ** list element that this key should be inserted before. NOTE: the list
- ** lock is still held, so there cannot be a race condition here.
- */
- rsabp = (struct RSABlindingParamsStr *)
- PORT_ZAlloc(sizeof(struct RSABlindingParamsStr));
- if (!rsabp) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto cleanup;
- }
- /* Initialize the list pointer for the element */
- PR_INIT_CLIST(&rsabp->link);
- /* Initialize the blinding parameters
- ** This ties up the list lock while doing some heavy, element-specific
- ** operations, but we don't want to insert the element until it is valid,
- ** which requires computing the blinding params. If this proves costly,
- ** it could be done after the list lock is released, and then if it fails
- ** the lock would have to be reobtained and the invalid element removed.
- */
- rv = init_blinding_params(rsabp, key, n, modLen);
- if (rv != SECSuccess) {
- PORT_ZFree(rsabp, sizeof(struct RSABlindingParamsStr));
- goto cleanup;
- }
- /* Insert the new element into the list
- ** If inserting in the middle of the list, el points to the link
- ** to insert before. Otherwise, the link needs to be appended to
- ** the end of the list, which is the same as inserting before the
- ** head (since el would have looped back to the head).
- */
- PR_INSERT_BEFORE(&rsabp->link, el);
- /* Return the parameters */
- CHECK_MPI_OK( mp_copy(&rsabp->f, f) );
- CHECK_MPI_OK( mp_copy(&rsabp->g, g) );
- /* Release the list lock */
- PZ_Unlock(blindingParamsList.lock); /* XXX when fails? */
- return SECSuccess;
-cleanup:
- /* It is possible to reach this after the lock is already released.
- ** Ignore the error in that case.
- */
- PZ_Unlock(blindingParamsList.lock);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return SECFailure;
-}
-
-/*
-** Perform a raw private-key operation
-** Length of input and output buffers are equal to key's modulus len.
-*/
-static SECStatus
-rsa_PrivateKeyOp(RSAPrivateKey *key,
- unsigned char *output,
- const unsigned char *input,
- PRBool check)
-{
- unsigned int modLen;
- unsigned int offset;
- SECStatus rv = SECSuccess;
- mp_err err;
- mp_int n, c, m;
- mp_int f, g;
- if (!key || !output || !input) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- /* check input out of range (needs to be in range [0..n-1]) */
- modLen = rsa_modulusLen(&key->modulus);
- offset = (key->modulus.data[0] == 0) ? 1 : 0; /* may be leading 0 */
- if (memcmp(input, key->modulus.data + offset, modLen) >= 0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&c) = 0;
- MP_DIGITS(&m) = 0;
- MP_DIGITS(&f) = 0;
- MP_DIGITS(&g) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&c) );
- CHECK_MPI_OK( mp_init(&m) );
- CHECK_MPI_OK( mp_init(&f) );
- CHECK_MPI_OK( mp_init(&g) );
- SECITEM_TO_MPINT(key->modulus, &n);
- OCTETS_TO_MPINT(input, &c, modLen);
- /* If blinding, compute pre-image of ciphertext by multiplying by
- ** blinding factor
- */
- if (nssRSAUseBlinding) {
- CHECK_SEC_OK( get_blinding_params(key, &n, modLen, &f, &g) );
- /* c' = c*f mod n */
- CHECK_MPI_OK( mp_mulmod(&c, &f, &n, &c) );
- }
- /* Do the private key operation m = c**d mod n */
- if ( key->prime1.len == 0 ||
- key->prime2.len == 0 ||
- key->exponent1.len == 0 ||
- key->exponent2.len == 0 ||
- key->coefficient.len == 0) {
- CHECK_SEC_OK( rsa_PrivateKeyOpNoCRT(key, &m, &c, &n, modLen) );
- } else if (check) {
- /* until the implementation of Shamir's check is complete, all
- * double-checks will be done via a public key operation.
- */
- if (PR_TRUE) {
- CHECK_SEC_OK( rsa_PrivateKeyOpCRTCheckedPubKey(key, &m, &c) );
- } else {
- CHECK_SEC_OK( rsa_PrivateKeyOpCRTCheckedShamir(key, &m, &c) );
- }
- } else {
- CHECK_SEC_OK( rsa_PrivateKeyOpCRTNoCheck(key, &m, &c) );
- }
- /* If blinding, compute post-image of plaintext by multiplying by
- ** blinding factor
- */
- if (nssRSAUseBlinding) {
- /* m = m'*g mod n */
- CHECK_MPI_OK( mp_mulmod(&m, &g, &n, &m) );
- }
- err = mp_to_fixlen_octets(&m, output, modLen);
- if (err >= 0) err = MP_OKAY;
-cleanup:
- mp_clear(&n);
- mp_clear(&c);
- mp_clear(&m);
- mp_clear(&f);
- mp_clear(&g);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-SECStatus
-RSA_PrivateKeyOp(RSAPrivateKey *key,
- unsigned char *output,
- const unsigned char *input)
-{
- return rsa_PrivateKeyOp(key, output, input, PR_FALSE);
-}
-
-SECStatus
-RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
- unsigned char *output,
- const unsigned char *input)
-{
- return rsa_PrivateKeyOp(key, output, input, PR_TRUE);
-}
-
-SECStatus
-RSA_PrivateKeyCheck(RSAPrivateKey *key)
-{
- mp_int p, q, n, psub1, qsub1, e, d, d_p, d_q, qInv, res;
- mp_err err = MP_OKAY;
- SECStatus rv = SECSuccess;
- MP_DIGITS(&n) = 0;
- MP_DIGITS(&psub1)= 0;
- MP_DIGITS(&qsub1)= 0;
- MP_DIGITS(&e) = 0;
- MP_DIGITS(&d) = 0;
- MP_DIGITS(&d_p) = 0;
- MP_DIGITS(&d_q) = 0;
- MP_DIGITS(&qInv) = 0;
- MP_DIGITS(&res) = 0;
- CHECK_MPI_OK( mp_init(&n) );
- CHECK_MPI_OK( mp_init(&p) );
- CHECK_MPI_OK( mp_init(&q) );
- CHECK_MPI_OK( mp_init(&psub1));
- CHECK_MPI_OK( mp_init(&qsub1));
- CHECK_MPI_OK( mp_init(&e) );
- CHECK_MPI_OK( mp_init(&d) );
- CHECK_MPI_OK( mp_init(&d_p) );
- CHECK_MPI_OK( mp_init(&d_q) );
- CHECK_MPI_OK( mp_init(&qInv) );
- CHECK_MPI_OK( mp_init(&res) );
- SECITEM_TO_MPINT(key->modulus, &n);
- SECITEM_TO_MPINT(key->prime1, &p);
- SECITEM_TO_MPINT(key->prime2, &q);
- SECITEM_TO_MPINT(key->publicExponent, &e);
- SECITEM_TO_MPINT(key->privateExponent, &d);
- SECITEM_TO_MPINT(key->exponent1, &d_p);
- SECITEM_TO_MPINT(key->exponent2, &d_q);
- SECITEM_TO_MPINT(key->coefficient, &qInv);
- /* p > q */
- if (mp_cmp(&p, &q) <= 0) {
- /* mind the p's and q's */
- SECItem tmp;
- mp_exch(&p, &q);
- tmp.data = key->prime1.data;
- tmp.len = key->prime1.len;
- key->prime1.data = key->prime2.data;
- key->prime1.len = key->prime2.len;
- key->prime2.data = tmp.data;
- key->prime2.len = tmp.len;
- }
-#define VERIFY_MPI_EQUAL(m1, m2) \
- if (mp_cmp(m1, m2) != 0) { \
- rv = SECFailure; \
- goto cleanup; \
- }
-#define VERIFY_MPI_EQUAL_1(m) \
- if (mp_cmp_d(m, 1) != 0) { \
- rv = SECFailure; \
- goto cleanup; \
- }
- /*
- * The following errors cannot be recovered from.
- */
- /* n == p * q */
- CHECK_MPI_OK( mp_mul(&p, &q, &res) );
- VERIFY_MPI_EQUAL(&res, &n);
- /* gcd(e, p-1) == 1 */
- CHECK_MPI_OK( mp_sub_d(&p, 1, &psub1) );
- CHECK_MPI_OK( mp_gcd(&e, &psub1, &res) );
- VERIFY_MPI_EQUAL_1(&res);
- /* gcd(e, q-1) == 1 */
- CHECK_MPI_OK( mp_sub_d(&q, 1, &qsub1) );
- CHECK_MPI_OK( mp_gcd(&e, &qsub1, &res) );
- VERIFY_MPI_EQUAL_1(&res);
- /* d*e == 1 mod p-1 */
- CHECK_MPI_OK( mp_mulmod(&d, &e, &psub1, &res) );
- VERIFY_MPI_EQUAL_1(&res);
- /* d*e == 1 mod q-1 */
- CHECK_MPI_OK( mp_mulmod(&d, &e, &qsub1, &res) );
- VERIFY_MPI_EQUAL_1(&res);
- /*
- * The following errors can be recovered from.
- */
- /* d_p == d mod p-1 */
- CHECK_MPI_OK( mp_mod(&d, &psub1, &res) );
- if (mp_cmp(&d_p, &res) != 0) {
- /* swap in the correct value */
- SECITEM_ZfreeItem(&key->exponent1, PR_FALSE);
- MPINT_TO_SECITEM(&res, &key->exponent1, key->arena);
- }
- /* d_q == d mod q-1 */
- CHECK_MPI_OK( mp_mod(&d, &qsub1, &res) );
- if (mp_cmp(&d_q, &res) != 0) {
- /* swap in the correct value */
- SECITEM_ZfreeItem(&key->exponent2, PR_FALSE);
- MPINT_TO_SECITEM(&res, &key->exponent2, key->arena);
- }
- /* q * q**-1 == 1 mod p */
- CHECK_MPI_OK( mp_mulmod(&q, &qInv, &p, &res) );
- if (mp_cmp_d(&res, 1) != 0) {
- /* compute the correct value */
- CHECK_MPI_OK( mp_invmod(&q, &p, &qInv) );
- SECITEM_ZfreeItem(&key->coefficient, PR_FALSE);
- MPINT_TO_SECITEM(&res, &key->coefficient, key->arena);
- }
-cleanup:
- mp_clear(&n);
- mp_clear(&p);
- mp_clear(&q);
- mp_clear(&psub1);
- mp_clear(&qsub1);
- mp_clear(&e);
- mp_clear(&d);
- mp_clear(&d_p);
- mp_clear(&d_q);
- mp_clear(&qInv);
- mp_clear(&res);
- if (err) {
- MP_TO_SEC_ERROR(err);
- rv = SECFailure;
- }
- return rv;
-}
-
-/* cleanup at shutdown */
-void RSA_Cleanup(void)
-{
- if (!coBPInit.initialized)
- return;
-
- while (!PR_CLIST_IS_EMPTY(&blindingParamsList.head))
- {
- struct RSABlindingParamsStr * rsabp = (struct RSABlindingParamsStr *)
- PR_LIST_HEAD(&blindingParamsList.head);
- PR_REMOVE_LINK(&rsabp->link);
- mp_clear(&rsabp->f);
- mp_clear(&rsabp->g);
- SECITEM_FreeItem(&rsabp->modulus,PR_FALSE);
- PORT_Free(rsabp);
- }
-
- if (blindingParamsList.lock)
- {
- PZ_DestroyLock(blindingParamsList.lock);
- blindingParamsList.lock = NULL;
- }
-
- coBPInit.initialized = 0;
- coBPInit.inProgress = 0;
- coBPInit.status = 0;
-}
-
-/*
- * need a central place for this function to free up all the memory that
- * free_bl may have allocated along the way. Currently only RSA does this,
- * so I've put it here for now.
- */
-void BL_Cleanup(void)
-{
- RSA_Cleanup();
-}
diff --git a/security/nss/lib/freebl/secmpi.h b/security/nss/lib/freebl/secmpi.h
deleted file mode 100644
index cddcbb03d..000000000
--- a/security/nss/lib/freebl/secmpi.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "mpi.h"
-
-#define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup
-
-#define CHECK_MPI_OK(func) if (MP_OKAY > (err = func)) goto cleanup
-
-#define OCTETS_TO_MPINT(oc, mp, len) \
- CHECK_MPI_OK(mp_read_unsigned_octets((mp), oc, len))
-
-#define SECITEM_TO_MPINT(it, mp) \
- CHECK_MPI_OK(mp_read_unsigned_octets((mp), (it).data, (it).len))
-
-#define MPINT_TO_SECITEM(mp, it, arena) \
- SECITEM_AllocItem(arena, (it), mp_unsigned_octet_size(mp)); \
- err = mp_to_unsigned_octets(mp, (it)->data, (it)->len); \
- if (err < 0) goto cleanup; else err = MP_OKAY;
-
-#define MP_TO_SEC_ERROR(err) \
- switch (err) { \
- case MP_MEM: PORT_SetError(SEC_ERROR_NO_MEMORY); break; \
- case MP_RANGE: PORT_SetError(SEC_ERROR_BAD_DATA); break; \
- case MP_BADARG: PORT_SetError(SEC_ERROR_INVALID_ARGS); break; \
- default: PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); break; \
- }
diff --git a/security/nss/lib/freebl/secrng.h b/security/nss/lib/freebl/secrng.h
deleted file mode 100644
index cddc7b000..000000000
--- a/security/nss/lib/freebl/secrng.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECRNG_H_
-#define _SECRNG_H_
-/*
- * secrng.h - public data structures and prototypes for the secure random
- * number generator
- *
- * $Id$
- */
-
-/******************************************/
-/*
-** Random number generation. A cryptographically strong random number
-** generator.
-*/
-
-#include "blapi.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** The following 3 functions are provided by the security library
-** but are differently implemented for the UNIX, Mac and Win
-** versions
-*/
-
-/*
-** Get the "noisiest" information available on the system.
-** The amount of data returned depends on the system implementation.
-** It will not exceed maxbytes, but may be (much) less.
-** Returns number of noise bytes copied into buf, or zero if error.
-*/
-extern size_t RNG_GetNoise(void *buf, size_t maxbytes);
-
-/*
-** RNG_SystemInfoForRNG should be called before any use of SSL. It
-** gathers up the system specific information to help seed the
-** state of the global random number generator.
-*/
-extern void RNG_SystemInfoForRNG(void);
-
-/*
-** Use the contents (and stat) of a file to help seed the
-** global random number generator.
-*/
-extern void RNG_FileForRNG(const char *filename);
-
-SEC_END_PROTOS
-
-#endif /* _SECUTIL_H_ */
diff --git a/security/nss/lib/freebl/sha.c b/security/nss/lib/freebl/sha.c
deleted file mode 100644
index c8480c72c..000000000
--- a/security/nss/lib/freebl/sha.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SHA 180-1 Reference Implementation (Compact version)
- *
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research. Portions created by Paul Kocher are
- * Copyright (C) 1995-9 by Cryptography Research, Inc. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Paul Kocher
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "sha.h"
-
-static void shaHashBlock(SHA_CTX *ctx);
-
-void shaInit(SHA_CTX *ctx) {
- int i;
-
- ctx->lenW = 0;
- ctx->sizeHi = ctx->sizeLo = 0;
-
- /* Initialize H with the magic constants (see FIPS180 for constants)
- */
- ctx->H[0] = 0x67452301L;
- ctx->H[1] = 0xefcdab89L;
- ctx->H[2] = 0x98badcfeL;
- ctx->H[3] = 0x10325476L;
- ctx->H[4] = 0xc3d2e1f0L;
-
- for (i = 0; i < 80; i++)
- ctx->W[i] = 0;
-}
-
-
-void shaUpdate(SHA_CTX *ctx, unsigned char *dataIn, int len) {
- int i;
-
- /* Read the data into W and process blocks as they get full
- */
- for (i = 0; i < len; i++) {
- ctx->W[ctx->lenW / 4] <<= 8;
- ctx->W[ctx->lenW / 4] |= (unsigned long)dataIn[i];
- if ((++ctx->lenW) % 64 == 0) {
- shaHashBlock(ctx);
- ctx->lenW = 0;
- }
- ctx->sizeLo += 8;
- ctx->sizeHi += (ctx->sizeLo < 8);
- }
-}
-
-
-void shaFinal(SHA_CTX *ctx, unsigned char hashout[20]) {
- unsigned char pad0x80 = 0x80;
- unsigned char pad0x00 = 0x00;
- unsigned char padlen[8];
- int i;
-
- /* Pad with a binary 1 (e.g. 0x80), then zeroes, then length
- */
- padlen[0] = (unsigned char)((ctx->sizeHi >> 24) & 255);
- padlen[1] = (unsigned char)((ctx->sizeHi >> 16) & 255);
- padlen[2] = (unsigned char)((ctx->sizeHi >> 8) & 255);
- padlen[3] = (unsigned char)((ctx->sizeHi >> 0) & 255);
- padlen[4] = (unsigned char)((ctx->sizeLo >> 24) & 255);
- padlen[5] = (unsigned char)((ctx->sizeLo >> 16) & 255);
- padlen[6] = (unsigned char)((ctx->sizeLo >> 8) & 255);
- padlen[7] = (unsigned char)((ctx->sizeLo >> 0) & 255);
- shaUpdate(ctx, &pad0x80, 1);
- while (ctx->lenW != 56)
- shaUpdate(ctx, &pad0x00, 1);
- shaUpdate(ctx, padlen, 8);
-
- /* Output hash
- */
- for (i = 0; i < 20; i++) {
- hashout[i] = (unsigned char)(ctx->H[i / 4] >> 24);
- ctx->H[i / 4] <<= 8;
- }
-
- /*
- * Re-initialize the context (also zeroizes contents)
- */
- shaInit(ctx);
-}
-
-
-void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]) {
- SHA_CTX ctx;
-
- shaInit(&ctx);
- shaUpdate(&ctx, dataIn, len);
- shaFinal(&ctx, hashout);
-}
-
-
-#define SHA_ROTL(X,n) (((X) << (n)) | ((X) >> (32-(n))))
-
-static void shaHashBlock(SHA_CTX *ctx) {
- int t;
- unsigned long A,B,C,D,E,TEMP;
-
- for (t = 16; t <= 79; t++)
- ctx->W[t] =
- SHA_ROTL(ctx->W[t-3] ^ ctx->W[t-8] ^ ctx->W[t-14] ^ ctx->W[t-16], 1);
-
- A = ctx->H[0];
- B = ctx->H[1];
- C = ctx->H[2];
- D = ctx->H[3];
- E = ctx->H[4];
-
- for (t = 0; t <= 19; t++) {
- TEMP = SHA_ROTL(A,5) + (((C^D)&B)^D) + E + ctx->W[t] + 0x5a827999L;
- E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
- }
- for (t = 20; t <= 39; t++) {
- TEMP = SHA_ROTL(A,5) + (B^C^D) + E + ctx->W[t] + 0x6ed9eba1L;
- E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
- }
- for (t = 40; t <= 59; t++) {
- TEMP = SHA_ROTL(A,5) + ((B&C)|(D&(B|C))) + E + ctx->W[t] + 0x8f1bbcdcL;
- E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
- }
- for (t = 60; t <= 79; t++) {
- TEMP = SHA_ROTL(A,5) + (B^C^D) + E + ctx->W[t] + 0xca62c1d6L;
- E = D; D = C; C = SHA_ROTL(B, 30); B = A; A = TEMP;
- }
-
- ctx->H[0] += A;
- ctx->H[1] += B;
- ctx->H[2] += C;
- ctx->H[3] += D;
- ctx->H[4] += E;
-}
-
diff --git a/security/nss/lib/freebl/sha.h b/security/nss/lib/freebl/sha.h
deleted file mode 100644
index 0522a00b2..000000000
--- a/security/nss/lib/freebl/sha.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SHA 180-1 Header File
- *
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research. Portions created by Paul Kocher are
- * Copyright (C) 1995-9 by Cryptography Research, Inc. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Paul Kocher
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-typedef struct {
- unsigned long H[5];
- unsigned long W[80];
- int lenW;
- unsigned long sizeHi,sizeLo;
-} SHA_CTX;
-
-
-void shaInit(SHA_CTX *ctx);
-void shaUpdate(SHA_CTX *ctx, unsigned char *dataIn, int len);
-void shaFinal(SHA_CTX *ctx, unsigned char hashout[20]);
-void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]);
-
diff --git a/security/nss/lib/freebl/sha_fast.c b/security/nss/lib/freebl/sha_fast.c
deleted file mode 100644
index 655f5c3e6..000000000
--- a/security/nss/lib/freebl/sha_fast.c
+++ /dev/null
@@ -1,421 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SHA 180-1 Reference Implementation (Optimized)
- *
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research. Portions created by Paul Kocher are
- * Copyright (C) 1995-9 by Cryptography Research, Inc. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Paul Kocher
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include <memory.h>
-#include "blapi.h"
-#include "sha_fast.h"
-#include "prerror.h"
-
-#ifdef TRACING_SSL
-#include "ssl.h"
-#include "ssltrace.h"
-#endif
-
-static void shaCompress(SHA1Context *ctx);
-
-#define W u.w
-#define B u.b
-
-#define SHA_ROTL(X,n) (((X) << (n)) | ((X) >> (32-(n))))
-#define SHA_F1(X,Y,Z) ((((Y)^(Z))&(X))^(Z))
-#define SHA_F2(X,Y,Z) ((X)^(Y)^(Z))
-#define SHA_F3(X,Y,Z) (((X)&(Y))|((Z)&((X)|(Y))))
-#define SHA_F4(X,Y,Z) ((X)^(Y)^(Z))
-#define SHA_MIX(t) ctx->W[t] = \
- (A = ctx->W[t-3] ^ ctx->W[t-8] ^ ctx->W[t-14] ^ ctx->W[t-16], SHA_ROTL(A, 1))
-
-
-/*
- * SHA: Zeroize and initialize context
- */
-void
-SHA1_Begin(SHA1Context *ctx)
-{
- memset(ctx, 0, sizeof(SHA1Context));
-
- /*
- * Initialize H with constants from FIPS180-1.
- */
- ctx->H[0] = 0x67452301L;
- ctx->H[1] = 0xefcdab89L;
- ctx->H[2] = 0x98badcfeL;
- ctx->H[3] = 0x10325476L;
- ctx->H[4] = 0xc3d2e1f0L;
-
-}
-
-
-/*
- * SHA: Add data to context.
- */
-void
-SHA1_Update(SHA1Context *ctx, const unsigned char *dataIn, unsigned int len)
-{
- register unsigned int lenB = ctx->sizeLo & 63;
- register unsigned int togo;
-
- if (!len)
- return;
-
- /* accumulate the byte count. */
- ctx->sizeLo += len;
- ctx->sizeHi += (ctx->sizeLo < len);
-
- /*
- * Read the data into W and process blocks as they get full
- */
- if (lenB > 0) {
- togo = 64 - lenB;
- if (len < togo)
- togo = len;
- memcpy(ctx->B + lenB, dataIn, togo);
- len -= togo;
- dataIn += togo;
- lenB = (lenB + togo) & 63;
- if (!lenB) {
- shaCompress(ctx);
- }
- }
- while (len >= 64) {
- memcpy(ctx->B, dataIn, 64);
- dataIn += 64;
- len -= 64;
- shaCompress(ctx);
- }
- if (len) {
- memcpy(ctx->B, dataIn, len);
- }
-}
-
-
-/*
- * SHA: Generate hash value from context
- */
-void
-SHA1_End(SHA1Context *ctx, unsigned char *hashout,
- unsigned int *pDigestLen, unsigned int maxDigestLen)
-{
- register PRUint32 sizeHi, sizeLo, lenB;
- static const unsigned char bulk_pad[64] = { 0x80,0,0,0,0,0,0,0,0,0,
- 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
- 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 };
-#define A lenB
-
- PORT_Assert (maxDigestLen >= SHA1_LENGTH);
-
- /*
- * Pad with a binary 1 (e.g. 0x80), then zeroes, then length in bits
- */
- sizeHi = ctx->sizeHi;
- sizeLo = ctx->sizeLo;
- lenB = sizeLo & 63;
- SHA1_Update(ctx, bulk_pad, (((55+64) - lenB) & 63) + 1);
- PORT_Assert((ctx->sizeLo & 63) == 56);
-
- /* Convert size{Hi,Lo} from bytes to bits. */
- sizeHi = (sizeHi << 3) | (sizeLo >> 29);
- sizeLo <<= 3;
-
- ctx->W[14] = SHA_HTONL(sizeHi);
- ctx->W[15] = SHA_HTONL(sizeLo);
- shaCompress(ctx);
-
- /*
- * Output hash
- */
-#if defined(IS_LITTLE_ENDIAN)
- SHA_BYTESWAP(ctx->H[0]);
- SHA_BYTESWAP(ctx->H[1]);
- SHA_BYTESWAP(ctx->H[2]);
- SHA_BYTESWAP(ctx->H[3]);
- SHA_BYTESWAP(ctx->H[4]);
-#endif
- memcpy(hashout, ctx->H, SHA1_LENGTH);
- *pDigestLen = SHA1_LENGTH;
-
- /*
- * Re-initialize the context (also zeroizes contents)
- */
- SHA1_Begin(ctx);
-}
-
-#undef A
-#undef B
-/*
- * SHA: Compression function, unrolled.
- */
-static void
-shaCompress(SHA1Context *ctx)
-{
- register PRUint32 A, B, C, D, E;
-
-#if defined(IS_LITTLE_ENDIAN)
- SHA_BYTESWAP(ctx->W[0]);
- SHA_BYTESWAP(ctx->W[1]);
- SHA_BYTESWAP(ctx->W[2]);
- SHA_BYTESWAP(ctx->W[3]);
- SHA_BYTESWAP(ctx->W[4]);
- SHA_BYTESWAP(ctx->W[5]);
- SHA_BYTESWAP(ctx->W[6]);
- SHA_BYTESWAP(ctx->W[7]);
- SHA_BYTESWAP(ctx->W[8]);
- SHA_BYTESWAP(ctx->W[9]);
- SHA_BYTESWAP(ctx->W[10]);
- SHA_BYTESWAP(ctx->W[11]);
- SHA_BYTESWAP(ctx->W[12]);
- SHA_BYTESWAP(ctx->W[13]);
- SHA_BYTESWAP(ctx->W[14]);
- SHA_BYTESWAP(ctx->W[15]);
-#endif
-
- /*
- * This can be moved into the main code block below, but doing
- * so can cause some compilers to run out of registers and resort
- * to storing intermediates in RAM.
- */
-
- SHA_MIX(16); SHA_MIX(17); SHA_MIX(18); SHA_MIX(19);
- SHA_MIX(20); SHA_MIX(21); SHA_MIX(22); SHA_MIX(23); SHA_MIX(24);
- SHA_MIX(25); SHA_MIX(26); SHA_MIX(27); SHA_MIX(28); SHA_MIX(29);
- SHA_MIX(30); SHA_MIX(31); SHA_MIX(32); SHA_MIX(33); SHA_MIX(34);
- SHA_MIX(35); SHA_MIX(36); SHA_MIX(37); SHA_MIX(38); SHA_MIX(39);
- SHA_MIX(40); SHA_MIX(41); SHA_MIX(42); SHA_MIX(43); SHA_MIX(44);
- SHA_MIX(45); SHA_MIX(46); SHA_MIX(47); SHA_MIX(48); SHA_MIX(49);
- SHA_MIX(50); SHA_MIX(51); SHA_MIX(52); SHA_MIX(53); SHA_MIX(54);
- SHA_MIX(55); SHA_MIX(56); SHA_MIX(57); SHA_MIX(58); SHA_MIX(59);
- SHA_MIX(60); SHA_MIX(61); SHA_MIX(62); SHA_MIX(63); SHA_MIX(64);
- SHA_MIX(65); SHA_MIX(66); SHA_MIX(67); SHA_MIX(68); SHA_MIX(69);
- SHA_MIX(70); SHA_MIX(71); SHA_MIX(72); SHA_MIX(73); SHA_MIX(74);
- SHA_MIX(75); SHA_MIX(76); SHA_MIX(77); SHA_MIX(78); SHA_MIX(79);
-
- A = ctx->H[0];
- B = ctx->H[1];
- C = ctx->H[2];
- D = ctx->H[3];
- E = ctx->H[4];
-
- E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[ 0]+0x5a827999L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[ 1]+0x5a827999L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[ 2]+0x5a827999L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[ 3]+0x5a827999L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[ 4]+0x5a827999L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[ 5]+0x5a827999L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[ 6]+0x5a827999L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[ 7]+0x5a827999L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[ 8]+0x5a827999L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[ 9]+0x5a827999L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[10]+0x5a827999L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[11]+0x5a827999L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[12]+0x5a827999L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[13]+0x5a827999L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[14]+0x5a827999L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F1(B,C,D)+E+ctx->W[15]+0x5a827999L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F1(A,B,C)+D+ctx->W[16]+0x5a827999L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F1(E,A,B)+C+ctx->W[17]+0x5a827999L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F1(D,E,A)+B+ctx->W[18]+0x5a827999L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F1(C,D,E)+A+ctx->W[19]+0x5a827999L; C=SHA_ROTL(C,30);
-
- E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[20]+0x6ed9eba1L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[21]+0x6ed9eba1L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[22]+0x6ed9eba1L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[23]+0x6ed9eba1L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[24]+0x6ed9eba1L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[25]+0x6ed9eba1L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[26]+0x6ed9eba1L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[27]+0x6ed9eba1L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[28]+0x6ed9eba1L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[29]+0x6ed9eba1L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[30]+0x6ed9eba1L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[31]+0x6ed9eba1L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[32]+0x6ed9eba1L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[33]+0x6ed9eba1L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[34]+0x6ed9eba1L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F2(B,C,D)+E+ctx->W[35]+0x6ed9eba1L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F2(A,B,C)+D+ctx->W[36]+0x6ed9eba1L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F2(E,A,B)+C+ctx->W[37]+0x6ed9eba1L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F2(D,E,A)+B+ctx->W[38]+0x6ed9eba1L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F2(C,D,E)+A+ctx->W[39]+0x6ed9eba1L; C=SHA_ROTL(C,30);
-
- E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[40]+0x8f1bbcdcL; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[41]+0x8f1bbcdcL; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[42]+0x8f1bbcdcL; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[43]+0x8f1bbcdcL; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[44]+0x8f1bbcdcL; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[45]+0x8f1bbcdcL; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[46]+0x8f1bbcdcL; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[47]+0x8f1bbcdcL; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[48]+0x8f1bbcdcL; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[49]+0x8f1bbcdcL; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[50]+0x8f1bbcdcL; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[51]+0x8f1bbcdcL; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[52]+0x8f1bbcdcL; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[53]+0x8f1bbcdcL; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[54]+0x8f1bbcdcL; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F3(B,C,D)+E+ctx->W[55]+0x8f1bbcdcL; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F3(A,B,C)+D+ctx->W[56]+0x8f1bbcdcL; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F3(E,A,B)+C+ctx->W[57]+0x8f1bbcdcL; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F3(D,E,A)+B+ctx->W[58]+0x8f1bbcdcL; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F3(C,D,E)+A+ctx->W[59]+0x8f1bbcdcL; C=SHA_ROTL(C,30);
-
- E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[60]+0xca62c1d6L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[61]+0xca62c1d6L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[62]+0xca62c1d6L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[63]+0xca62c1d6L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[64]+0xca62c1d6L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[65]+0xca62c1d6L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[66]+0xca62c1d6L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[67]+0xca62c1d6L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[68]+0xca62c1d6L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[69]+0xca62c1d6L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[70]+0xca62c1d6L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[71]+0xca62c1d6L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[72]+0xca62c1d6L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[73]+0xca62c1d6L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[74]+0xca62c1d6L; C=SHA_ROTL(C,30);
- E = SHA_ROTL(A,5)+SHA_F4(B,C,D)+E+ctx->W[75]+0xca62c1d6L; B=SHA_ROTL(B,30);
- D = SHA_ROTL(E,5)+SHA_F4(A,B,C)+D+ctx->W[76]+0xca62c1d6L; A=SHA_ROTL(A,30);
- C = SHA_ROTL(D,5)+SHA_F4(E,A,B)+C+ctx->W[77]+0xca62c1d6L; E=SHA_ROTL(E,30);
- B = SHA_ROTL(C,5)+SHA_F4(D,E,A)+B+ctx->W[78]+0xca62c1d6L; D=SHA_ROTL(D,30);
- A = SHA_ROTL(B,5)+SHA_F4(C,D,E)+A+ctx->W[79]+0xca62c1d6L; C=SHA_ROTL(C,30);
-
- ctx->H[0] += A;
- ctx->H[1] += B;
- ctx->H[2] += C;
- ctx->H[3] += D;
- ctx->H[4] += E;
-}
-
-/*************************************************************************
-** Code below this line added to make SHA code support BLAPI interface
-*/
-
-SHA1Context *
-SHA1_NewContext(void)
-{
- SHA1Context *cx;
-
- cx = PORT_ZNew(SHA1Context);
- return cx;
-}
-
-void
-SHA1_DestroyContext(SHA1Context *cx, PRBool freeit)
-{
- if (freeit) {
- PORT_ZFree(cx, sizeof(SHA1Context));
- }
-}
-
-SECStatus
-SHA1_HashBuf(unsigned char *dest, const unsigned char *src, uint32 src_length)
-{
- SHA1Context ctx;
- unsigned int outLen;
-
- SHA1_Begin(&ctx);
- SHA1_Update(&ctx, src, src_length);
- SHA1_End(&ctx, dest, &outLen, SHA1_LENGTH);
-
- return SECSuccess;
-}
-
-/* Hash a null-terminated character string. */
-SECStatus
-SHA1_Hash(unsigned char *dest, const char *src)
-{
- return SHA1_HashBuf(dest, (const unsigned char *)src, PORT_Strlen (src));
-}
-
-/*
- * need to support save/restore state in pkcs11. Stores all the info necessary
- * for a structure into just a stream of bytes.
- */
-unsigned int
-SHA1_FlattenSize(SHA1Context *cx)
-{
- return sizeof(SHA1Context);
-}
-
-SECStatus
-SHA1_Flatten(SHA1Context *cx,unsigned char *space)
-{
- PORT_Memcpy(space,cx, sizeof(SHA1Context));
- return SECSuccess;
-}
-
-SHA1Context *
-SHA1_Resurrect(unsigned char *space,void *arg)
-{
- SHA1Context *cx = SHA1_NewContext();
- if (cx == NULL) return NULL;
-
- PORT_Memcpy(cx,space, sizeof(SHA1Context));
- return cx;
-}
-
-void
-SHA1_TraceState(SHA1Context *ctx)
-{
-#ifdef TRACING_SSL
- uint32 W;
- int i;
- int len;
- int fixWord = -1;
- int remainder; /* bytes in last word */
- unsigned char buf[64 * 4];
-
- SSL_TRC(99, ("%d: SSL: SHA1 state: %08x %08x %08x %08x %08x", SSL_GETPID(),
- ctx->H[0], ctx->H[1], ctx->H[2], ctx->H[3], ctx->H[4]));
-
- len = (int)(ctx->sizeLo & 63);
- remainder = len % 4;
- if (remainder)
- fixWord = len - remainder;
- for (i = 0; i < len; i++) {
- if (0 == (i % 4)) {
- W = ctx->W[i / 4];
- if (i == fixWord) {
- W <<= 8 * (4 - remainder);
- }
- }
- buf[i] = (unsigned char)(W >> 24);
- W <<= 8;
- }
-
- PRINT_BUF(99, (0, "SHA1_TraceState: buffered input", buf, len));
-
-#else
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
-#endif
-}
diff --git a/security/nss/lib/freebl/sha_fast.h b/security/nss/lib/freebl/sha_fast.h
deleted file mode 100644
index d371f9332..000000000
--- a/security/nss/lib/freebl/sha_fast.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is SHA 180-1 Reference Implementation (Optimized)
- *
- * The Initial Developer of the Original Code is Paul Kocher of
- * Cryptography Research. Portions created by Paul Kocher are
- * Copyright (C) 1995-9 by Cryptography Research, Inc. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Paul Kocher
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SHA_FAST_H_
-#define _SHA_FAST_H_
-
-#define SHA1_INPUT_LEN 64
-
-struct SHA1ContextStr {
- union {
- PRUint32 w[80]; /* input buffer, plus 64 words */
- PRUint8 b[320];
- } u;
- PRUint32 H[5]; /* 5 state variables */
- PRUint32 sizeHi,sizeLo; /* 64-bit count of hashed bytes. */
-};
-
-#define SHA_MASK 0x00FF00FF
-#if defined(IS_LITTLE_ENDIAN)
-#define SHA_HTONL(x) (A = (x), A = (A << 16) | (A >> 16), \
- ((A & SHA_MASK) << 8) | ((A >> 8) & SHA_MASK))
-#else
-#define SHA_HTONL(x) (x)
-#endif
-#define SHA_BYTESWAP(x) x = SHA_HTONL(x)
-
-#endif /* _SHA_FAST_H_ */
diff --git a/security/nss/lib/freebl/sparcfix.c b/security/nss/lib/freebl/sparcfix.c
deleted file mode 100644
index 6ebc41cf0..000000000
--- a/security/nss/lib/freebl/sparcfix.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is a program to modify v8+vis objects for linking.
- *
- * The Initial Developer of the Original Code is Sun Microsystems Inc.
- * Portions created by Sun Microsystems Inc. are
- * Copyright (C) 1999-2000 Sun Microsystems Inc. All Rights Reserved.
- *
- * Contributor(s):
- * Netscape Communications Corporation
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- * $Id$
- */
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#if defined(SOLARIS2_6) || defined(SOLARIS2_7) || defined(SOLARIS2_8)
-#define NEW_SYSV_SPARC 1
-#include <gelf.h>
-#endif
-#include <libelf.h>
-#include <sys/elf_SPARC.h>
-
-int
-main(int argc, char *argv[])
-{
- Elf * elf;
- off_t size;
- int fd;
- int count;
-#if defined(NEW_SYSV_SPARC)
- GElf_Ehdr hdr;
- GElf_Ehdr *ehdr = &hdr;
-#else
- Elf32_Ehdr *ehdr;
-#endif
-
-
- elf_version(EV_CURRENT);
- fd = open(argv[1], O_RDWR);
- if (fd < 0)
- goto loser;
- elf = elf_begin(fd, ELF_C_RDWR, (Elf *)0);
- if (!elf)
- goto loser;
-
-#if defined(NEW_SYSV_SPARC)
- gelf_getehdr(elf, ehdr);
-#else
- ehdr = elf32_getehdr(elf);
- if (!ehdr)
- goto loser;
-#endif
-
- if (ehdr->e_machine == EM_SPARC32PLUS) {
- ehdr->e_machine = EM_SPARC;
- ehdr->e_flags &= ~(EF_SPARC_32PLUS | EF_SPARC_SUN_US1);
-#if defined(NEW_SYSV_SPARC)
- count = gelf_update_ehdr(elf, ehdr);
- if (count < 0)
- goto loser;
-#endif
- size = elf_update(elf, ELF_C_WRITE);
- if (size < 0)
- goto loser;
- }
-
- do {
- count = elf_end(elf);
- } while (count > 0);
- return count;
-
-loser:
- return 1;
-}
diff --git a/security/nss/lib/freebl/sysrand.c b/security/nss/lib/freebl/sysrand.c
deleted file mode 100644
index 2f647041a..000000000
--- a/security/nss/lib/freebl/sysrand.c
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "seccomon.h"
-#ifdef XP_UNIX
-#include "unix_rand.c"
-#endif
-#ifdef XP_WIN
-#include "win_rand.c"
-#endif
-#ifdef XP_MAC
-#include "mac_rand.c"
-#endif
-#ifdef XP_OS2
-#include "os2_rand.c"
-#endif
diff --git a/security/nss/lib/freebl/unix_rand.c b/security/nss/lib/freebl/unix_rand.c
deleted file mode 100644
index 2c3ac5c75..000000000
--- a/security/nss/lib/freebl/unix_rand.c
+++ /dev/null
@@ -1,907 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
-#include <unistd.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <sys/time.h>
-#include <sys/wait.h>
-#include <sys/stat.h>
-#include <assert.h>
-#include "secrng.h"
-
-size_t RNG_FileUpdate(const char *fileName, size_t limit);
-
-/*
- * When copying data to the buffer we want the least signicant bytes
- * from the input since those bits are changing the fastest. The address
- * of least significant byte depends upon whether we are running on
- * a big-endian or little-endian machine.
- *
- * Does this mean the least signicant bytes are the most significant
- * to us? :-)
- */
-
-static size_t CopyLowBits(void *dst, size_t dstlen, void *src, size_t srclen)
-{
- union endianness {
- int32 i;
- char c[4];
- } u;
-
- if (srclen <= dstlen) {
- memcpy(dst, src, srclen);
- return srclen;
- }
- u.i = 0x01020304;
- if (u.c[0] == 0x01) {
- /* big-endian case */
- memcpy(dst, (char*)src + (srclen - dstlen), dstlen);
- } else {
- /* little-endian case */
- memcpy(dst, src, dstlen);
- }
- return dstlen;
-}
-
-#if defined(SCO) || defined(UNIXWARE) || defined(BSDI) || defined(FREEBSD) \
- || defined(NETBSD) || defined(NTO)
-#include <sys/times.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- int ticks;
- struct tms buffer;
-
- ticks=times(&buffer);
- return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks));
-}
-
-static void
-GiveSystemInfo(void)
-{
- long si;
-
- /*
- * Is this really necessary? Why not use rand48 or something?
- */
- si = sysconf(_SC_CHILD_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-
- si = sysconf(_SC_STREAM_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-
- si = sysconf(_SC_OPEN_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-}
-#endif
-
-#if defined(__sun)
-#if defined(__svr4) || defined(SVR4)
-#include <sys/systeminfo.h>
-#include <sys/times.h>
-#include <wait.h>
-
-int gettimeofday(struct timeval *);
-int gethostname(char *, int);
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- hrtime_t t;
- t = gethrtime();
- if (t) {
- return CopyLowBits(buf, maxbytes, &t, sizeof(t));
- }
- return 0;
-}
-#else /* SunOS (Sun, but not SVR4) */
-
-extern long sysconf(int name);
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- long si;
-
- /* This is not very good */
- si = sysconf(_SC_CHILD_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-}
-#endif
-#endif /* Sun */
-
-#if defined(__hpux)
-#include <sys/unistd.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- extern int ret_cr16();
- int cr16val;
-
- cr16val = ret_cr16();
- return CopyLowBits(buf, maxbytes, &cr16val, sizeof(cr16val));
-}
-
-static void
-GiveSystemInfo(void)
-{
- long si;
-
- /* This is not very good */
- si = sysconf(_AES_OS_VERSION);
- RNG_RandomUpdate(&si, sizeof(si));
- si = sysconf(_SC_CPU_VERSION);
- RNG_RandomUpdate(&si, sizeof(si));
-}
-#endif /* HPUX */
-
-#if defined(OSF1)
-#include <sys/types.h>
-#include <sys/sysinfo.h>
-#include <sys/systeminfo.h>
-#include <c_asm.h>
-
-static void
-GiveSystemInfo(void)
-{
- char buf[BUFSIZ];
- int rv;
- int off = 0;
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-
-/*
- * Use the "get the cycle counter" instruction on the alpha.
- * The low 32 bits completely turn over in less than a minute.
- * The high 32 bits are some non-counter gunk that changes sometimes.
- */
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- unsigned long t;
-
- t = asm("rpcc %v0");
- return CopyLowBits(buf, maxbytes, &t, sizeof(t));
-}
-
-#endif /* Alpha */
-
-#if defined(_IBMR2)
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- /* XXX haven't found any yet! */
-}
-#endif /* IBM R2 */
-
-#if defined(LINUX)
-#include <linux/kernel.h>
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- /* XXX sysinfo() does not seem be implemented anywhwere */
-#if 0
- struct sysinfo si;
- char hn[2000];
- if (sysinfo(&si) == 0) {
- RNG_RandomUpdate(&si, sizeof(si));
- }
-#endif
-}
-#endif /* LINUX */
-
-#if defined(NCR)
-
-#include <sys/utsname.h>
-#include <sys/systeminfo.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-
-#endif /* NCR */
-
-
-#if defined(sgi)
-#include <fcntl.h>
-#undef PRIVATE
-#include <sys/mman.h>
-#include <sys/syssgi.h>
-#include <sys/immu.h>
-#include <sys/systeminfo.h>
-#include <sys/utsname.h>
-#include <wait.h>
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[4096];
-
- rv = syssgi(SGI_SYSID, &buf[0]);
- if (rv > 0) {
- RNG_RandomUpdate(buf, MAXSYSIDSIZE);
- }
-#ifdef SGI_RDUBLK
- rv = syssgi(SGI_RDUBLK, getpid(), &buf[0], sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, sizeof(buf));
- }
-#endif /* SGI_RDUBLK */
- rv = syssgi(SGI_INVENT, SGI_INV_READ, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, sizeof(buf));
- }
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-
-static size_t GetHighResClock(void *buf, size_t maxbuf)
-{
- unsigned phys_addr, raddr, cycleval;
- static volatile unsigned *iotimer_addr = NULL;
- static int tries = 0;
- static int cntr_size;
- int mfd;
- long s0[2];
- struct timeval tv;
-
-#ifndef SGI_CYCLECNTR_SIZE
-#define SGI_CYCLECNTR_SIZE 165 /* Size user needs to use to read CC */
-#endif
-
- if (iotimer_addr == NULL) {
- if (tries++ > 1) {
- /* Don't keep trying if it didn't work */
- return 0;
- }
-
- /*
- ** For SGI machines we can use the cycle counter, if it has one,
- ** to generate some truly random numbers
- */
- phys_addr = syssgi(SGI_QUERY_CYCLECNTR, &cycleval);
- if (phys_addr) {
- int pgsz = getpagesize();
- int pgoffmask = pgsz - 1;
-
- raddr = phys_addr & ~pgoffmask;
- mfd = open("/dev/mmem", O_RDONLY);
- if (mfd < 0) {
- return 0;
- }
- iotimer_addr = (unsigned *)
- mmap(0, pgoffmask, PROT_READ, MAP_PRIVATE, mfd, (int)raddr);
- if (iotimer_addr == (void*)-1) {
- close(mfd);
- iotimer_addr = NULL;
- return 0;
- }
- iotimer_addr = (unsigned*)
- ((__psint_t)iotimer_addr | (phys_addr & pgoffmask));
- /*
- * The file 'mfd' is purposefully not closed.
- */
- cntr_size = syssgi(SGI_CYCLECNTR_SIZE);
- if (cntr_size < 0) {
- struct utsname utsinfo;
-
- /*
- * We must be executing on a 6.0 or earlier system, since the
- * SGI_CYCLECNTR_SIZE call is not supported.
- *
- * The only pre-6.1 platforms with 64-bit counters are
- * IP19 and IP21 (Challenge, PowerChallenge, Onyx).
- */
- uname(&utsinfo);
- if (!strncmp(utsinfo.machine, "IP19", 4) ||
- !strncmp(utsinfo.machine, "IP21", 4))
- cntr_size = 64;
- else
- cntr_size = 32;
- }
- cntr_size /= 8; /* Convert from bits to bytes */
- }
- }
-
- s0[0] = *iotimer_addr;
- if (cntr_size > 4)
- s0[1] = *(iotimer_addr + 1);
- memcpy(buf, (char *)&s0[0], cntr_size);
- return CopyLowBits(buf, maxbuf, &s0, cntr_size);
-}
-#endif
-
-#if defined(sony)
-#include <sys/systeminfo.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-#endif /* sony */
-
-#if defined(sinix)
-#include <sys/systeminfo.h>
-#include <sys/times.h>
-
-int gettimeofday(struct timeval *, struct timezone *);
-int gethostname(char *, int);
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- int ticks;
- struct tms buffer;
-
- ticks=times(&buffer);
- return CopyLowBits(buf, maxbytes, &ticks, sizeof(ticks));
-}
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-#endif /* sinix */
-
-#if defined(VMS)
-#include <c_asm.h>
-
-static void
-GiveSystemInfo(void)
-{
- long si;
-
- /*
- * This is copied from the SCO/UNIXWARE etc section. And like the comment
- * there says, what's the point? This isn't random, it generates the same
- * stuff every time its run!
- */
- si = sysconf(_SC_CHILD_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-
- si = sysconf(_SC_STREAM_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-
- si = sysconf(_SC_OPEN_MAX);
- RNG_RandomUpdate(&si, sizeof(si));
-}
-
-/*
- * Use the "get the cycle counter" instruction on the alpha.
- * The low 32 bits completely turn over in less than a minute.
- * The high 32 bits are some non-counter gunk that changes sometimes.
- */
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- unsigned long t;
-
- t = asm("rpcc %v0");
- return CopyLowBits(buf, maxbytes, &t, sizeof(t));
-}
-
-#endif /* VMS */
-
-#if defined(nec_ews)
-#include <sys/systeminfo.h>
-
-#define getdtablesize() sysconf(_SC_OPEN_MAX)
-
-static size_t
-GetHighResClock(void *buf, size_t maxbytes)
-{
- return 0;
-}
-
-static void
-GiveSystemInfo(void)
-{
- int rv;
- char buf[2000];
-
- rv = sysinfo(SI_MACHINE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
- rv = sysinfo(SI_HW_SERIAL, buf, sizeof(buf));
- if (rv > 0) {
- RNG_RandomUpdate(buf, rv);
- }
-}
-#endif /* nec_ews */
-
-size_t RNG_GetNoise(void *buf, size_t maxbytes)
-{
- struct timeval tv;
- int n = 0;
- int c;
-
- n = GetHighResClock(buf, maxbytes);
- maxbytes -= n;
-
-#if defined(__sun) && (defined(_svr4) || defined(SVR4)) || defined(sony)
- (void)gettimeofday(&tv);
-#else
- (void)gettimeofday(&tv, 0);
-#endif
- c = CopyLowBits((char*)buf+n, maxbytes, &tv.tv_usec, sizeof(tv.tv_usec));
- n += c;
- maxbytes -= c;
- c = CopyLowBits((char*)buf+n, maxbytes, &tv.tv_sec, sizeof(tv.tv_sec));
- n += c;
- return n;
-}
-
-#define SAFE_POPEN_MAXARGS 10 /* must be at least 2 */
-
-/*
- * safe_popen is static to this module and we know what arguments it is
- * called with. Note that this version only supports a single open child
- * process at any time.
- */
-static pid_t safe_popen_pid;
-static struct sigaction oldact;
-
-static FILE *
-safe_popen(char *cmd)
-{
- int p[2], fd, argc;
- pid_t pid;
- char *argv[SAFE_POPEN_MAXARGS + 1];
- FILE *fp;
- static char blank[] = " \t";
- static struct sigaction newact;
-
- if (pipe(p) < 0)
- return 0;
-
- /* Setup signals so that SIGCHLD is ignored as we want to do waitpid */
- newact.sa_handler = SIG_DFL;
- newact.sa_flags = 0;
- sigfillset(&newact.sa_mask);
- sigaction (SIGCHLD, &newact, &oldact);
-
- pid = fork();
- switch (pid) {
- case -1:
- close(p[0]);
- close(p[1]);
- sigaction (SIGCHLD, &oldact, NULL);
- return 0;
-
- case 0:
- /* dup write-side of pipe to stderr and stdout */
- if (p[1] != 1) dup2(p[1], 1);
- if (p[1] != 2) dup2(p[1], 2);
- close(0);
- for (fd = getdtablesize(); --fd > 2; close(fd))
- ;
-
- /* clean up environment in the child process */
- putenv("PATH=/bin:/usr/bin:/sbin:/usr/sbin:/etc:/usr/etc");
- putenv("SHELL=/bin/sh");
- putenv("IFS= \t");
-
- /*
- * The caller may have passed us a string that is in text
- * space. It may be illegal to modify the string
- */
- cmd = strdup(cmd);
- /* format argv */
- argv[0] = strtok(cmd, blank);
- argc = 1;
- while ((argv[argc] = strtok(0, blank)) != 0) {
- if (++argc == SAFE_POPEN_MAXARGS) {
- argv[argc] = 0;
- break;
- }
- }
-
- /* and away we go */
- execvp(argv[0], argv);
- exit(127);
- break;
-
- default:
- close(p[1]);
- fp = fdopen(p[0], "r");
- if (fp == 0) {
- close(p[0]);
- sigaction (SIGCHLD, &oldact, NULL);
- return 0;
- }
- break;
- }
-
- /* non-zero means there's a cmd running */
- safe_popen_pid = pid;
- return fp;
-}
-
-static int
-safe_pclose(FILE *fp)
-{
- pid_t pid;
- int count, status;
-
- if ((pid = safe_popen_pid) == 0)
- return -1;
- safe_popen_pid = 0;
-
- /* if the child hasn't exited, kill it -- we're done with its output */
- count = 0;
- while (waitpid(pid, &status, WNOHANG) == 0) {
- if (kill(pid, SIGKILL) < 0 && errno == ESRCH)
- break;
- if (++count == 1000)
- break;
- }
-
- /* Reset SIGCHLD signal hander before returning */
- sigaction(SIGCHLD, &oldact, NULL);
-
- fclose(fp);
- return status;
-}
-
-
-#if !defined(VMS)
-void RNG_SystemInfoForRNG(void)
-{
- FILE *fp;
- char buf[BUFSIZ];
- size_t bytes;
- const char * const *cp;
- char *randfile;
- extern char **environ;
- static const char * const files[] = {
- "/etc/passwd",
- "/etc/utmp",
- "/tmp",
- "/var/tmp",
- "/usr/tmp",
- 0
- };
-
-#ifdef DO_PS
-For now it is considered that it is too expensive to run the ps command
-for the small amount of entropy it provides.
-#if defined(__sun) && (!defined(__svr4) && !defined(SVR4)) || defined(bsdi) || defined(LINUX)
- static char ps_cmd[] = "ps aux";
-#else
- static char ps_cmd[] = "ps -el";
-#endif
-#endif /* DO_PS */
- static char netstat_ni_cmd[] = "netstat -ni";
-
- GiveSystemInfo();
-
- bytes = RNG_GetNoise(buf, sizeof(buf));
- RNG_RandomUpdate(buf, bytes);
-
-#ifdef DO_PS
- fp = safe_popen(ps_cmd);
- if (fp != NULL) {
- while ((bytes = fread(buf, 1, sizeof(buf), fp)) > 0)
- RNG_RandomUpdate(buf, bytes);
- safe_pclose(fp);
- }
-#endif
- fp = safe_popen(netstat_ni_cmd);
- if (fp != NULL) {
- while ((bytes = fread(buf, 1, sizeof(buf), fp)) > 0)
- RNG_RandomUpdate(buf, bytes);
- safe_pclose(fp);
- }
-
- /*
- * Pass the C environment and the addresses of the pointers to the
- * hash function. This makes the random number function depend on the
- * execution environment of the user and on the platform the program
- * is running on.
- */
- cp = (const char * const *)environ;
- while (*cp) {
- RNG_RandomUpdate(*cp, strlen(*cp));
- cp++;
- }
- RNG_RandomUpdate(environ, (char*)cp - (char*)environ);
-
- /* Give in system information */
- if (gethostname(buf, sizeof(buf)) > 0) {
- RNG_RandomUpdate(buf, strlen(buf));
- }
- GiveSystemInfo();
-
- /* grab some data from system's PRNG before any other files. */
- RNG_FileUpdate("/dev/urandom", 1024);
-
- /* If the user points us to a random file, pass it through the rng */
- randfile = getenv("NSRANDFILE");
- if ( ( randfile != NULL ) && ( randfile[0] != '\0') ) {
- RNG_FileForRNG(randfile);
- }
-
- /* pass other files through */
- for (cp = files; *cp; cp++)
- RNG_FileForRNG(*cp);
-
-}
-#else
-void RNG_SystemInfoForRNG(void)
-{
- FILE *fp;
- char buf[BUFSIZ];
- size_t bytes;
- int extra;
- char **cp;
- extern char **environ;
- char *randfile;
-
- GiveSystemInfo();
-
- bytes = RNG_GetNoise(buf, sizeof(buf));
- RNG_RandomUpdate(buf, bytes);
-
- /*
- * Pass the C environment and the addresses of the pointers to the
- * hash function. This makes the random number function depend on the
- * execution environment of the user and on the platform the program
- * is running on.
- */
- cp = environ;
- while (*cp) {
- RNG_RandomUpdate(*cp, strlen(*cp));
- cp++;
- }
- RNG_RandomUpdate(environ, (char*)cp - (char*)environ);
-
- /* Give in system information */
- if (gethostname(buf, sizeof(buf)) > 0) {
- RNG_RandomUpdate(buf, strlen(buf));
- }
- GiveSystemInfo();
-
- /* If the user points us to a random file, pass it through the rng */
- randfile = getenv("NSRANDFILE");
- if ( ( randfile != NULL ) && ( randfile[0] != '\0') ) {
- RNG_FileForRNG(randfile);
- }
-
- /*
- ** We need to generate at least 1024 bytes of seed data. Since we don't
- ** do the file stuff for VMS, and because the environ list is so short
- ** on VMS, we need to make sure we generate enough. So do another 1000
- ** bytes to be sure.
- */
- extra = 1000;
- while (extra > 0) {
- cp = environ;
- while (*cp) {
- int n = strlen(*cp);
- RNG_RandomUpdate(*cp, n);
- extra -= n;
- cp++;
- }
- }
-}
-#endif
-
-#define TOTAL_FILE_LIMIT 1000000 /* one million */
-
-size_t RNG_FileUpdate(const char *fileName, size_t limit)
-{
- FILE * file;
- size_t bytes;
- size_t fileBytes = 0;
- struct stat stat_buf;
- unsigned char buffer[BUFSIZ];
- static size_t totalFileBytes = 0;
-
- if (stat((char *)fileName, &stat_buf) < 0)
- return fileBytes;
- RNG_RandomUpdate(&stat_buf, sizeof(stat_buf));
-
- file = fopen((char *)fileName, "r");
- if (file != NULL) {
- while (limit > fileBytes) {
- bytes = PR_MIN(sizeof buffer, limit - fileBytes);
- bytes = fread(buffer, 1, bytes, file);
- if (bytes == 0)
- break;
- RNG_RandomUpdate(buffer, bytes);
- fileBytes += bytes;
- totalFileBytes += bytes;
- /* after TOTAL_FILE_LIMIT has been reached, only read in first
- ** buffer of data from each subsequent file.
- */
- if (totalFileBytes > TOTAL_FILE_LIMIT)
- break;
- }
- fclose(file);
- }
- /*
- * Pass yet another snapshot of our highest resolution clock into
- * the hash function.
- */
- bytes = RNG_GetNoise(buffer, sizeof(buffer));
- RNG_RandomUpdate(buffer, bytes);
- return fileBytes;
-}
-
-void RNG_FileForRNG(const char *fileName)
-{
- RNG_FileUpdate(fileName, TOTAL_FILE_LIMIT);
-}
diff --git a/security/nss/lib/freebl/win_rand.c b/security/nss/lib/freebl/win_rand.c
deleted file mode 100644
index dc16b19b7..000000000
--- a/security/nss/lib/freebl/win_rand.c
+++ /dev/null
@@ -1,415 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secrng.h"
-#ifdef XP_WIN
-#include <windows.h>
-#include <time.h>
-#include <io.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <stdio.h>
-
-#ifndef _WIN32
-#define VTD_Device_ID 5
-#define OP_OVERRIDE _asm _emit 0x66
-#include <dos.h>
-#endif
-
-static BOOL
-CurrentClockTickTime(LPDWORD lpdwHigh, LPDWORD lpdwLow)
-{
-#ifdef _WIN32
- LARGE_INTEGER liCount;
-
- if (!QueryPerformanceCounter(&liCount))
- return FALSE;
-
- *lpdwHigh = liCount.u.HighPart;
- *lpdwLow = liCount.u.LowPart;
- return TRUE;
-
-#else /* is WIN16 */
- BOOL bRetVal;
- FARPROC lpAPI;
- WORD w1, w2, w3, w4;
-
- // Get direct access to the VTD and query the current clock tick time
- _asm {
- xor di, di
- mov es, di
- mov ax, 1684h
- mov bx, VTD_Device_ID
- int 2fh
- mov ax, es
- or ax, di
- jz EnumerateFailed
-
- ; VTD API is available. First store the API address (the address actually
- ; contains an instruction that causes a fault, the fault handler then
- ; makes the ring transition and calls the API in the VxD)
- mov word ptr lpAPI, di
- mov word ptr lpAPI+2, es
- mov ax, 100h ; API function to VTD_Get_Real_Time
-; call dword ptr [lpAPI]
- call [lpAPI]
-
- ; Result is in EDX:EAX which we will get 16-bits at a time
- mov w2, dx
- OP_OVERRIDE
- shr dx,10h ; really "shr edx, 16"
- mov w1, dx
-
- mov w4, ax
- OP_OVERRIDE
- shr ax,10h ; really "shr eax, 16"
- mov w3, ax
-
- mov bRetVal, 1 ; return TRUE
- jmp EnumerateExit
-
- EnumerateFailed:
- mov bRetVal, 0 ; return FALSE
-
- EnumerateExit:
- }
-
- *lpdwHigh = MAKELONG(w2, w1);
- *lpdwLow = MAKELONG(w4, w3);
-
- return bRetVal;
-#endif /* is WIN16 */
-}
-
-size_t RNG_GetNoise(void *buf, size_t maxbuf)
-{
- DWORD dwHigh, dwLow, dwVal;
- int n = 0;
- int nBytes;
- time_t sTime;
-
- if (maxbuf <= 0)
- return 0;
-
- CurrentClockTickTime(&dwHigh, &dwLow);
-
- // get the maximally changing bits first
- nBytes = sizeof(dwLow) > maxbuf ? maxbuf : sizeof(dwLow);
- memcpy((char *)buf, &dwLow, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- nBytes = sizeof(dwHigh) > maxbuf ? maxbuf : sizeof(dwHigh);
- memcpy(((char *)buf) + n, &dwHigh, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- // get the number of milliseconds that have elapsed since Windows started
- dwVal = GetTickCount();
-
- nBytes = sizeof(dwVal) > maxbuf ? maxbuf : sizeof(dwVal);
- memcpy(((char *)buf) + n, &dwVal, nBytes);
- n += nBytes;
- maxbuf -= nBytes;
-
- if (maxbuf <= 0)
- return n;
-
- // get the time in seconds since midnight Jan 1, 1970
- time(&sTime);
- nBytes = sizeof(sTime) > maxbuf ? maxbuf : sizeof(sTime);
- memcpy(((char *)buf) + n, &sTime, nBytes);
- n += nBytes;
-
- return n;
-}
-
-static BOOL
-EnumSystemFiles(void (*func)(const char *))
-{
- int iStatus;
- char szSysDir[_MAX_PATH];
- char szFileName[_MAX_PATH];
-#ifdef _WIN32
- struct _finddata_t fdData;
- long lFindHandle;
-#else
- struct _find_t fdData;
-#endif
-
- if (!GetSystemDirectory(szSysDir, sizeof(szSysDir)))
- return FALSE;
-
- // tack *.* on the end so we actually look for files. this will
- // not overflow
- strcpy(szFileName, szSysDir);
- strcat(szFileName, "\\*.*");
-
-#ifdef _WIN32
- lFindHandle = _findfirst(szFileName, &fdData);
- if (lFindHandle == -1)
- return FALSE;
-#else
- if (_dos_findfirst(szFileName, _A_NORMAL | _A_RDONLY | _A_ARCH | _A_SUBDIR, &fdData) != 0)
- return FALSE;
-#endif
-
- do {
- // pass the full pathname to the callback
- sprintf(szFileName, "%s\\%s", szSysDir, fdData.name);
- (*func)(szFileName);
-
-#ifdef _WIN32
- iStatus = _findnext(lFindHandle, &fdData);
-#else
- iStatus = _dos_findnext(&fdData);
-#endif
- } while (iStatus == 0);
-
-#ifdef _WIN32
- _findclose(lFindHandle);
-#endif
-
- return TRUE;
-}
-
-static DWORD dwNumFiles, dwReadEvery;
-
-static void
-CountFiles(const char *file)
-{
- dwNumFiles++;
-}
-
-static void
-ReadFiles(const char *file)
-{
- if ((dwNumFiles % dwReadEvery) == 0)
- RNG_FileForRNG(file);
-
- dwNumFiles++;
-}
-
-static void
-ReadSystemFiles()
-{
- // first count the number of files
- dwNumFiles = 0;
- if (!EnumSystemFiles(CountFiles))
- return;
-
- RNG_RandomUpdate(&dwNumFiles, sizeof(dwNumFiles));
-
- // now read 10 files
- if (dwNumFiles == 0)
- return;
-
- dwReadEvery = dwNumFiles / 10;
- if (dwReadEvery == 0)
- dwReadEvery = 1; // less than 10 files
-
- dwNumFiles = 0;
- EnumSystemFiles(ReadFiles);
-}
-
-void RNG_SystemInfoForRNG(void)
-{
- DWORD dwVal;
- char buffer[256];
- int nBytes;
-#ifdef _WIN32
- MEMORYSTATUS sMem;
- DWORD dwSerialNum;
- DWORD dwComponentLen;
- DWORD dwSysFlags;
- char volName[128];
- DWORD dwSectors, dwBytes, dwFreeClusters, dwNumClusters;
- HANDLE hVal;
-#else
- int iVal;
- HTASK hTask;
- WORD wDS, wCS;
- LPSTR lpszEnv;
-#endif
-
- nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
- RNG_RandomUpdate(buffer, nBytes);
-
-#ifdef _WIN32
- sMem.dwLength = sizeof(sMem);
- GlobalMemoryStatus(&sMem); // assorted memory stats
- RNG_RandomUpdate(&sMem, sizeof(sMem));
-
- dwVal = GetLogicalDrives();
- RNG_RandomUpdate(&dwVal, sizeof(dwVal)); // bitfields in bits 0-25
-
-#else
- dwVal = GetFreeSpace(0);
- RNG_RandomUpdate(&dwVal, sizeof(dwVal));
-
- _asm mov wDS, ds;
- _asm mov wCS, cs;
- RNG_RandomUpdate(&wDS, sizeof(wDS));
- RNG_RandomUpdate(&wCS, sizeof(wCS));
-#endif
-
-#ifdef _WIN32
- dwVal = sizeof(buffer);
- if (GetComputerName(buffer, &dwVal))
- RNG_RandomUpdate(buffer, dwVal);
-
-/* XXX This is code that got yanked because of NSPR20. We should put it
- * back someday.
- */
-#ifdef notdef
- {
- POINT ptVal;
- GetCursorPos(&ptVal);
- RNG_RandomUpdate(&ptVal, sizeof(ptVal));
- }
-
- dwVal = GetQueueStatus(QS_ALLINPUT); // high and low significant
- RNG_RandomUpdate(&dwVal, sizeof(dwVal));
-
- {
- HWND hWnd;
- hWnd = GetClipboardOwner(); // 2 or 4 bytes
- RNG_RandomUpdate((void *)&hWnd, sizeof(hWnd));
- }
-
- {
- UUID sUuid;
- UuidCreate(&sUuid); // this will fail on machines with no ethernet
- RNG_RandomUpdate(&sUuid, sizeof(sUuid)); // boards. shove the bits in regardless
- }
-#endif
-
- hVal = GetCurrentProcess(); // 4 byte handle of current task
- RNG_RandomUpdate(&hVal, sizeof(hVal));
-
- dwVal = GetCurrentProcessId(); // process ID (4 bytes)
- RNG_RandomUpdate(&dwVal, sizeof(dwVal));
-
- volName[0] = '\0';
- buffer[0] = '\0';
- GetVolumeInformation(NULL,
- volName,
- sizeof(volName),
- &dwSerialNum,
- &dwComponentLen,
- &dwSysFlags,
- buffer,
- sizeof(buffer));
-
- RNG_RandomUpdate(volName, strlen(volName));
- RNG_RandomUpdate(&dwSerialNum, sizeof(dwSerialNum));
- RNG_RandomUpdate(&dwComponentLen, sizeof(dwComponentLen));
- RNG_RandomUpdate(&dwSysFlags, sizeof(dwSysFlags));
- RNG_RandomUpdate(buffer, strlen(buffer));
-
- if (GetDiskFreeSpace(NULL, &dwSectors, &dwBytes, &dwFreeClusters, &dwNumClusters)) {
- RNG_RandomUpdate(&dwSectors, sizeof(dwSectors));
- RNG_RandomUpdate(&dwBytes, sizeof(dwBytes));
- RNG_RandomUpdate(&dwFreeClusters, sizeof(dwFreeClusters));
- RNG_RandomUpdate(&dwNumClusters, sizeof(dwNumClusters));
- }
-
-#else /* is WIN16 */
- hTask = GetCurrentTask();
- RNG_RandomUpdate((void *)&hTask, sizeof(hTask));
-
- iVal = GetNumTasks();
- RNG_RandomUpdate(&iVal, sizeof(iVal)); // number of running tasks
-
- lpszEnv = GetDOSEnvironment();
- while (*lpszEnv != '\0') {
- RNG_RandomUpdate(lpszEnv, strlen(lpszEnv));
-
- lpszEnv += strlen(lpszEnv) + 1;
- }
-#endif /* is WIN16 */
-
- // now let's do some files
- ReadSystemFiles();
-
- nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
- RNG_RandomUpdate(buffer, nBytes);
-}
-
-void RNG_FileForRNG(const char *filename)
-{
- FILE* file;
- int nBytes;
- struct stat stat_buf;
- unsigned char buffer[1024];
-
- static DWORD totalFileBytes = 0;
-
- /* windows doesn't initialize all the bytes in the stat buf,
- * so initialize them all here to avoid UMRs.
- */
- memset(&stat_buf, 0, sizeof stat_buf);
-
- if (stat((char *)filename, &stat_buf) < 0)
- return;
-
- RNG_RandomUpdate((unsigned char*)&stat_buf, sizeof(stat_buf));
-
- file = fopen((char *)filename, "r");
- if (file != NULL) {
- for (;;) {
- size_t bytes = fread(buffer, 1, sizeof(buffer), file);
-
- if (bytes == 0)
- break;
-
- RNG_RandomUpdate(buffer, bytes);
- totalFileBytes += bytes;
- if (totalFileBytes > 250000)
- break;
- }
-
- fclose(file);
- }
-
- nBytes = RNG_GetNoise(buffer, 20); // get up to 20 bytes
- RNG_RandomUpdate(buffer, nBytes);
-}
-
-#endif /* is XP_WIN */
diff --git a/security/nss/lib/jar/Makefile b/security/nss/lib/jar/Makefile
deleted file mode 100644
index 063e5daf7..000000000
--- a/security/nss/lib/jar/Makefile
+++ /dev/null
@@ -1,39 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
diff --git a/security/nss/lib/jar/config.mk b/security/nss/lib/jar/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/jar/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/jar/jar-ds.c b/security/nss/lib/jar/jar-ds.c
deleted file mode 100644
index f5a40cad5..000000000
--- a/security/nss/lib/jar/jar-ds.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "jar.h"
-
-/* These are old DS_* routines renamed to ZZ_* */
-
-ZZList *ZZ_NewList()
- {
- ZZList *list;
-
- list = (ZZList *) PORT_ZAlloc (sizeof (ZZList));
-
- if (list)
- ZZ_InitList (list);
-
- return list;
- }
-
-ZZLink *ZZ_NewLink (JAR_Item *thing)
- {
- ZZLink *link;
-
- link = (ZZLink *) PORT_ZAlloc (sizeof (ZZLink));
-
- if (link)
- link->thing = thing;
-
- return link;
- }
-
-void ZZ_DestroyLink (ZZLink *link)
- {
- PORT_Free (link);
- }
-
-void ZZ_DestroyList (ZZList *list)
- {
- PORT_Free (list);
- }
diff --git a/security/nss/lib/jar/jar-ds.h b/security/nss/lib/jar/jar-ds.h
deleted file mode 100644
index 36716d97c..000000000
--- a/security/nss/lib/jar/jar-ds.h
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __JAR_DS_h_
-#define __JAR_DS_h_
-
-/* Typedefs */
-typedef struct ZZLinkStr ZZLink;
-typedef struct ZZListStr ZZList;
-
-/*
-** Circular linked list. Each link contains a pointer to the object that
-** is actually in the list.
-*/
-struct ZZLinkStr
-{
- ZZLink *next;
- ZZLink *prev;
- JAR_Item *thing;
-};
-
-struct ZZListStr
-{
- ZZLink link;
-};
-
-#define ZZ_InitList(lst) \
-{ \
- (lst)->link.next = &(lst)->link; \
- (lst)->link.prev = &(lst)->link; \
- (lst)->link.thing = 0; \
-}
-
-#define ZZ_ListEmpty(lst) \
- ((lst)->link.next == &(lst)->link)
-
-#define ZZ_ListHead(lst) \
- ((lst)->link.next)
-
-#define ZZ_ListTail(lst) \
- ((lst)->link.prev)
-
-#define ZZ_ListIterDone(lst,lnk) \
- ((lnk) == &(lst)->link)
-
-#define ZZ_AppendLink(lst,lnk) \
-{ \
- (lnk)->next = &(lst)->link; \
- (lnk)->prev = (lst)->link.prev; \
- (lst)->link.prev->next = (lnk); \
- (lst)->link.prev = (lnk); \
-}
-
-#define ZZ_InsertLink(lst,lnk) \
-{ \
- (lnk)->next = (lst)->link.next; \
- (lnk)->prev = &(lst)->link; \
- (lst)->link.next->prev = (lnk); \
- (lst)->link.next = (lnk); \
-}
-
-#define ZZ_RemoveLink(lnk) \
-{ \
- (lnk)->next->prev = (lnk)->prev; \
- (lnk)->prev->next = (lnk)->next; \
- (lnk)->next = 0; \
- (lnk)->prev = 0; \
-}
-
-extern ZZLink *ZZ_NewLink (JAR_Item *thing);
-extern void ZZ_DestroyLink (ZZLink *link);
-extern ZZList *ZZ_NewList (void);
-extern void ZZ_DestroyList (ZZList *list);
-
-
-#endif /* __JAR_DS_h_ */
diff --git a/security/nss/lib/jar/jar.c b/security/nss/lib/jar/jar.c
deleted file mode 100644
index cfd46b195..000000000
--- a/security/nss/lib/jar/jar.c
+++ /dev/null
@@ -1,831 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JAR.C
- *
- * Jarnature.
- * Routines common to signing and validating.
- *
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-static void jar_destroy_list (ZZList *list);
-
-static int jar_find_first_cert
- (JAR_Signer *signer, int type, JAR_Item **it);
-
-/*
- * J A R _ n e w
- *
- * Create a new instantiation of a manifest representation.
- * Use this as a token to any calls to this API.
- *
- */
-
-JAR *JAR_new (void)
- {
- JAR *jar;
-
- if ((jar = (JAR*)PORT_ZAlloc (sizeof (JAR))) == NULL)
- goto loser;
-
- if ((jar->manifest = ZZ_NewList()) == NULL)
- goto loser;
-
- if ((jar->hashes = ZZ_NewList()) == NULL)
- goto loser;
-
- if ((jar->phy = ZZ_NewList()) == NULL)
- goto loser;
-
- if ((jar->metainfo = ZZ_NewList()) == NULL)
- goto loser;
-
- if ((jar->signers = ZZ_NewList()) == NULL)
- goto loser;
-
- return jar;
-
-loser:
-
- if (jar)
- {
- if (jar->manifest)
- ZZ_DestroyList (jar->manifest);
-
- if (jar->hashes)
- ZZ_DestroyList (jar->hashes);
-
- if (jar->phy)
- ZZ_DestroyList (jar->phy);
-
- if (jar->metainfo)
- ZZ_DestroyList (jar->metainfo);
-
- if (jar->signers)
- ZZ_DestroyList (jar->signers);
-
- PORT_Free (jar);
- }
-
- return NULL;
- }
-
-/*
- * J A R _ d e s t r o y
- *
- * Godzilla.
- *
- */
-
-void PR_CALLBACK JAR_destroy (JAR *jar)
- {
- PORT_Assert( jar != NULL );
-
- if (jar == NULL)
- return;
-
- if (jar->fp) JAR_FCLOSE ((PRFileDesc*)jar->fp);
-
- if (jar->url) PORT_Free (jar->url);
- if (jar->filename) PORT_Free (jar->filename);
-
- /* Free the linked list elements */
-
- jar_destroy_list (jar->manifest);
- ZZ_DestroyList (jar->manifest);
-
- jar_destroy_list (jar->hashes);
- ZZ_DestroyList (jar->hashes);
-
- jar_destroy_list (jar->phy);
- ZZ_DestroyList (jar->phy);
-
- jar_destroy_list (jar->metainfo);
- ZZ_DestroyList (jar->metainfo);
-
- jar_destroy_list (jar->signers);
- ZZ_DestroyList (jar->signers);
-
- PORT_Free (jar);
- }
-
-static void jar_destroy_list (ZZList *list)
- {
- ZZLink *link, *oldlink;
-
- JAR_Item *it;
-
- JAR_Physical *phy;
- JAR_Digest *dig;
- JAR_Cert *fing;
- JAR_Metainfo *met;
- JAR_Signer *signer;
-
- if (list && !ZZ_ListEmpty (list))
- {
- link = ZZ_ListHead (list);
-
- while (!ZZ_ListIterDone (list, link))
- {
- it = link->thing;
- if (!it) goto next;
-
- if (it->pathname) PORT_Free (it->pathname);
-
- switch (it->type)
- {
- case jarTypeMeta:
-
- met = (JAR_Metainfo *) it->data;
- if (met)
- {
- if (met->header) PORT_Free (met->header);
- if (met->info) PORT_Free (met->info);
- PORT_Free (met);
- }
- break;
-
- case jarTypePhy:
-
- phy = (JAR_Physical *) it->data;
- if (phy)
- PORT_Free (phy);
- break;
-
- case jarTypeSign:
-
- fing = (JAR_Cert *) it->data;
- if (fing)
- {
- if (fing->cert)
- CERT_DestroyCertificate (fing->cert);
- if (fing->key)
- PORT_Free (fing->key);
- PORT_Free (fing);
- }
- break;
-
- case jarTypeSect:
- case jarTypeMF:
- case jarTypeSF:
-
- dig = (JAR_Digest *) it->data;
- if (dig)
- {
- PORT_Free (dig);
- }
- break;
-
- case jarTypeOwner:
-
- signer = (JAR_Signer *) it->data;
-
- if (signer)
- JAR_destroy_signer (signer);
-
- break;
-
- default:
-
- /* PORT_Assert( 1 != 2 ); */
- break;
- }
-
- PORT_Free (it);
-
- next:
-
- oldlink = link;
- link = link->next;
-
- ZZ_DestroyLink (oldlink);
- }
- }
- }
-
-/*
- * J A R _ g e t _ m e t a i n f o
- *
- * Retrieve meta information from the manifest file.
- * It doesn't matter whether it's from .MF or .SF, does it?
- *
- */
-
-int JAR_get_metainfo
- (JAR *jar, char *name, char *header, void **info, unsigned long *length)
- {
- JAR_Item *it;
-
- ZZLink *link;
- ZZList *list;
-
- JAR_Metainfo *met;
-
- PORT_Assert( jar != NULL && header != NULL );
-
- if (jar == NULL || header == NULL)
- return JAR_ERR_PNF;
-
- list = jar->metainfo;
-
- if (ZZ_ListEmpty (list))
- return JAR_ERR_PNF;
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypeMeta)
- {
- if ((name && !it->pathname) || (!name && it->pathname))
- continue;
-
- if (name && it->pathname && strcmp (it->pathname, name))
- continue;
-
- met = (JAR_Metainfo *) it->data;
-
- if (!PORT_Strcasecmp (met->header, header))
- {
- *info = PORT_Strdup (met->info);
- *length = PORT_Strlen (met->info);
- return 0;
- }
- }
- }
-
- return JAR_ERR_PNF;
- }
-
-/*
- * J A R _ f i n d
- *
- * Establish the search pattern for use
- * by JAR_find_next, to traverse the filenames
- * or certificates in the JAR structure.
- *
- * See jar.h for a description on how to use.
- *
- */
-
-JAR_Context *JAR_find (JAR *jar, char *pattern, jarType type)
- {
- JAR_Context *ctx;
-
- PORT_Assert( jar != NULL );
-
- if (!jar)
- return NULL;
-
- ctx = (JAR_Context *) PORT_ZAlloc (sizeof (JAR_Context));
-
- if (ctx == NULL)
- return NULL;
-
- ctx->jar = jar;
-
- if (pattern)
- {
- if ((ctx->pattern = PORT_Strdup (pattern)) == NULL)
- {
- PORT_Free (ctx);
- return NULL;
- }
- }
-
- ctx->finding = type;
-
- switch (type)
- {
- case jarTypeMF: ctx->next = ZZ_ListHead (jar->hashes);
- break;
-
- case jarTypeSF:
- case jarTypeSign: ctx->next = NULL;
- ctx->nextsign = ZZ_ListHead (jar->signers);
- break;
-
- case jarTypeSect: ctx->next = ZZ_ListHead (jar->manifest);
- break;
-
- case jarTypePhy: ctx->next = ZZ_ListHead (jar->phy);
- break;
-
- case jarTypeOwner: if (jar->signers)
- ctx->next = ZZ_ListHead (jar->signers);
- else
- ctx->next = NULL;
- break;
-
- case jarTypeMeta: ctx->next = ZZ_ListHead (jar->metainfo);
- break;
-
- default: PORT_Assert( 1 != 2);
- break;
- }
-
- return ctx;
- }
-
-/*
- * J A R _ f i n d _ e n d
- *
- * Destroy the find iterator context.
- *
- */
-
-void JAR_find_end (JAR_Context *ctx)
- {
- PORT_Assert( ctx != NULL );
-
- if (ctx)
- {
- if (ctx->pattern)
- PORT_Free (ctx->pattern);
- PORT_Free (ctx);
- }
- }
-
-/*
- * J A R _ f i n d _ n e x t
- *
- * Return the next item of the given type
- * from one of the JAR linked lists.
- *
- */
-
-int JAR_find_next (JAR_Context *ctx, JAR_Item **it)
- {
- JAR *jar;
- ZZList *list = NULL;
-
- int finding;
-
- JAR_Signer *signer = NULL;
-
- PORT_Assert( ctx != NULL );
- PORT_Assert( ctx->jar != NULL );
-
- jar = ctx->jar;
-
- /* Internally, convert jarTypeSign to jarTypeSF, and return
- the actual attached certificate later */
-
- finding = (ctx->finding == jarTypeSign) ? jarTypeSF : ctx->finding;
-
- if (ctx->nextsign)
- {
- if (ZZ_ListIterDone (jar->signers, ctx->nextsign))
- {
- *it = NULL;
- return -1;
- }
- PORT_Assert (ctx->nextsign->thing != NULL);
- signer = (JAR_Signer*)ctx->nextsign->thing->data;
- }
-
-
- /* Find out which linked list to traverse. Then if
- necessary, advance to the next linked list. */
-
- while (1)
- {
- switch (finding)
- {
- case jarTypeSign: /* not any more */
- PORT_Assert( finding != jarTypeSign );
- list = signer->certs;
- break;
-
- case jarTypeSect: list = jar->manifest;
- break;
-
- case jarTypePhy: list = jar->phy;
- break;
-
- case jarTypeSF: /* signer, not jar */
- PORT_Assert( signer != NULL );
- list = signer->sf;
- break;
-
- case jarTypeMF: list = jar->hashes;
- break;
-
- case jarTypeOwner: list = jar->signers;
- break;
-
- case jarTypeMeta: list = jar->metainfo;
- break;
-
- default: PORT_Assert( 1 != 2 );
- break;
- }
-
- if (list == NULL)
- {
- *it = NULL;
- return -1;
- }
-
- /* When looping over lists of lists, advance
- to the next signer. This is done when multiple
- signers are possible. */
-
- if (ZZ_ListIterDone (list, ctx->next))
- {
- if (ctx->nextsign && jar->signers)
- {
- ctx->nextsign = ctx->nextsign->next;
- if (!ZZ_ListIterDone (jar->signers, ctx->nextsign))
- {
- PORT_Assert (ctx->nextsign->thing != NULL);
-
- signer = (JAR_Signer*)ctx->nextsign->thing->data;
- PORT_Assert( signer != NULL );
-
- ctx->next = NULL;
- continue;
- }
- }
- *it = NULL;
- return -1;
- }
-
- /* if the signer changed, still need to fill
- in the "next" link */
-
- if (ctx->nextsign && ctx->next == NULL)
- {
- switch (finding)
- {
- case jarTypeSF:
-
- ctx->next = ZZ_ListHead (signer->sf);
- break;
-
- case jarTypeSign:
-
- ctx->next = ZZ_ListHead (signer->certs);
- break;
- }
- }
-
- PORT_Assert( ctx->next != NULL );
-
-
- while (!ZZ_ListIterDone (list, ctx->next))
- {
- *it = ctx->next->thing;
- ctx->next = ctx->next->next;
-
- if (!it || !*it || (*it)->type != finding)
- continue;
-
- if (ctx->pattern && *ctx->pattern)
- {
- if (PORT_Strcmp ((*it)->pathname, ctx->pattern))
- continue;
- }
-
- /* We have a valid match. If this is a jarTypeSign
- return the certificate instead.. */
-
- if (ctx->finding == jarTypeSign)
- {
- JAR_Item *itt;
-
- /* just the first one for now */
- if (jar_find_first_cert (signer, jarTypeSign, &itt) >= 0)
- {
- *it = itt;
- return 0;
- }
-
- continue;
- }
-
- return 0;
- }
-
- } /* end while */
- }
-
-static int jar_find_first_cert
- (JAR_Signer *signer, int type, JAR_Item **it)
- {
- ZZLink *link;
- ZZList *list;
-
- int status = JAR_ERR_PNF;
-
- list = signer->certs;
-
- *it = NULL;
-
- if (ZZ_ListEmpty (list))
- {
- /* empty list */
- return JAR_ERR_PNF;
- }
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- if (link->thing->type == type)
- {
- *it = link->thing;
- status = 0;
- break;
- }
- }
-
- return status;
- }
-
-JAR_Signer *JAR_new_signer (void)
- {
- JAR_Signer *signer;
-
- signer = (JAR_Signer *) PORT_ZAlloc (sizeof (JAR_Signer));
-
- if (signer == NULL)
- goto loser;
-
-
- /* certs */
- signer->certs = ZZ_NewList();
-
- if (signer->certs == NULL)
- goto loser;
-
-
- /* sf */
- signer->sf = ZZ_NewList();
-
- if (signer->sf == NULL)
- goto loser;
-
-
- return signer;
-
-
-loser:
-
- if (signer)
- {
- if (signer->certs)
- ZZ_DestroyList (signer->certs);
-
- if (signer->sf)
- ZZ_DestroyList (signer->sf);
-
- PORT_Free (signer);
- }
-
- return NULL;
- }
-
-void JAR_destroy_signer (JAR_Signer *signer)
- {
- if (signer)
- {
- if (signer->owner) PORT_Free (signer->owner);
- if (signer->digest) PORT_Free (signer->digest);
-
- jar_destroy_list (signer->sf);
- ZZ_DestroyList (signer->sf);
-
- jar_destroy_list (signer->certs);
- ZZ_DestroyList (signer->certs);
-
- PORT_Free (signer);
- }
- }
-
-JAR_Signer *jar_get_signer (JAR *jar, char *basename)
- {
- JAR_Item *it;
- JAR_Context *ctx;
-
- JAR_Signer *candidate;
- JAR_Signer *signer = NULL;
-
- ctx = JAR_find (jar, NULL, jarTypeOwner);
-
- if (ctx == NULL)
- return NULL;
-
- while (JAR_find_next (ctx, &it) >= 0)
- {
- candidate = (JAR_Signer *) it->data;
- if (*basename == '*' || !PORT_Strcmp (candidate->owner, basename))
- {
- signer = candidate;
- break;
- }
- }
-
- JAR_find_end (ctx);
-
- return signer;
- }
-
-/*
- * J A R _ g e t _ f i l e n a m e
- *
- * Returns the filename associated with
- * a JAR structure.
- *
- */
-
-char *JAR_get_filename (JAR *jar)
- {
- return jar->filename;
- }
-
-/*
- * J A R _ g e t _ u r l
- *
- * Returns the URL associated with
- * a JAR structure. Nobody really uses this now.
- *
- */
-
-char *JAR_get_url (JAR *jar)
- {
- return jar->url;
- }
-
-/*
- * J A R _ s e t _ c a l l b a c k
- *
- * Register some manner of callback function for this jar.
- *
- */
-
-int JAR_set_callback (int type, JAR *jar,
- int (*fn) (int status, JAR *jar,
- const char *metafile, char *pathname, char *errortext))
- {
- if (type == JAR_CB_SIGNAL)
- {
- jar->signal = fn;
- return 0;
- }
- else
- return -1;
- }
-
-/*
- * Callbacks
- *
- */
-
-/* To return an error string */
-char *(*jar_fn_GetString) (int) = NULL;
-
-/* To return an MWContext for Java */
-void *(*jar_fn_FindSomeContext) (void) = NULL;
-
-/* To fabricate an MWContext for FE_GetPassword */
-void *(*jar_fn_GetInitContext) (void) = NULL;
-
-void
-JAR_init_callbacks
- (
- char *(*string_cb)(int),
- void *(*find_cx)(void),
- void *(*init_cx)(void)
- )
- {
- jar_fn_GetString = string_cb;
- jar_fn_FindSomeContext = find_cx;
- jar_fn_GetInitContext = init_cx;
- }
-
-/*
- * J A R _ g e t _ e r r o r
- *
- * This is provided to map internal JAR errors to strings for
- * the Java console. Also, a DLL may call this function if it does
- * not have access to the XP_GetString function.
- *
- * These strings aren't UI, since they are Java console only.
- *
- */
-
-char *JAR_get_error (int status)
- {
- char *errstring = NULL;
-
- switch (status)
- {
- case JAR_ERR_GENERAL:
- errstring = "General JAR file error";
- break;
-
- case JAR_ERR_FNF:
- errstring = "JAR file not found";
- break;
-
- case JAR_ERR_CORRUPT:
- errstring = "Corrupt JAR file";
- break;
-
- case JAR_ERR_MEMORY:
- errstring = "Out of memory";
- break;
-
- case JAR_ERR_DISK:
- errstring = "Disk error (perhaps out of space)";
- break;
-
- case JAR_ERR_ORDER:
- errstring = "Inconsistent files in META-INF directory";
- break;
-
- case JAR_ERR_SIG:
- errstring = "Invalid digital signature file";
- break;
-
- case JAR_ERR_METADATA:
- errstring = "JAR metadata failed verification";
- break;
-
- case JAR_ERR_ENTRY:
- errstring = "No Manifest entry for this JAR entry";
- break;
-
- case JAR_ERR_HASH:
- errstring = "Invalid Hash of this JAR entry";
- break;
-
- case JAR_ERR_PK7:
- errstring = "Strange PKCS7 or RSA failure";
- break;
-
- case JAR_ERR_PNF:
- errstring = "Path not found inside JAR file";
- break;
-
- default:
- if (jar_fn_GetString)
- {
- errstring = jar_fn_GetString (status);
- }
- else
- {
- /* this is not a normal situation, and would only be
- called in cases of improper initialization */
-
- char *err;
-
- err = (char*)PORT_Alloc (40);
- if (err)
- PR_snprintf (err, 39, "Error %d\n", status);
- else
- err = "Error! Bad! Out of memory!";
-
- return err;
- }
- break;
- }
-
- return errstring;
- }
diff --git a/security/nss/lib/jar/jar.h b/security/nss/lib/jar/jar.h
deleted file mode 100644
index 6c8131a38..000000000
--- a/security/nss/lib/jar/jar.h
+++ /dev/null
@@ -1,478 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __JAR_h_
-#define __JAR_h_
-
-/*
- * In general, any functions that return pointers
- * have memory owned by the caller.
- *
- */
-
-/* security includes */
-#include "cert.h"
-#include "hasht.h"
-
-/* nspr 2.0 includes */
-#include "prio.h"
-
-#ifndef ZHUGEP
-#ifdef XP_WIN16
-#define ZHUGEP __huge
-#else
-#define ZHUGEP
-#endif
-#endif
-
-#include "stdio.h"
-
-/* various types */
-
-typedef enum
- {
- jarTypeMF = 2,
- jarTypeSF = 3,
- jarTypeMeta = 6,
- jarTypePhy = 7,
- jarTypeSign = 10,
- jarTypeSect = 11,
- jarTypeOwner = 13
- }
-jarType;
-
-/* void data in ZZList's contain JAR_Item type */
-
-typedef struct JAR_Item_
- {
- char *pathname; /* relative. inside zip file */
- jarType type; /* various types */
- size_t size; /* size of data below */
- void *data; /* totally opaque */
- }
-JAR_Item;
-
-
-/* hashes */
-
-typedef enum
- {
- jarHashNone = 0,
- jarHashBad = 1,
- jarHashPresent = 2
- }
-jarHash;
-
-typedef struct JAR_Digest_
- {
- jarHash md5_status;
- unsigned char md5 [MD5_LENGTH];
- jarHash sha1_status;
- unsigned char sha1 [SHA1_LENGTH];
- }
-JAR_Digest;
-
-
-/* physical archive formats */
-
-typedef enum
- {
- jarArchGuess = 0,
- jarArchNone = 1,
- jarArchZip = 2,
- jarArchTar = 3
- }
-jarArch;
-
-
-#include "jar-ds.h"
-
-/* jar object */
-
-typedef struct JAR_
- {
- jarArch format; /* physical archive format */
- char *url; /* Where it came from */
- char *filename; /* Disk location */
- FILE *fp; /* For multiple extractions */ /* JAR_FILE */
-
- /* various linked lists */
-
- ZZList *manifest; /* Digests of MF sections */
- ZZList *hashes; /* Digests of actual signed files */
- ZZList *phy; /* Physical layout of JAR file */
- ZZList *metainfo; /* Global metainfo */
-
- JAR_Digest *globalmeta; /* digest of .MF global portion */
-
- /* Below will change to a linked list to support multiple sigs */
-
- int pkcs7; /* Enforced opaqueness */
- int valid; /* PKCS7 signature validated */
-
- ZZList *signers; /* the above, per signer */
-
- /* Window context, very necessary for PKCS11 now */
-
- void *mw; /* MWContext window context */
-
- /* Signal callback function */
-
- int (*signal) (int status, struct JAR_ *jar,
- const char *metafile, char *pathname, char *errorstring);
- }
-JAR;
-
-
-/*
- * Iterator
- *
- * Context for iterative operations. Certain operations
- * require iterating multiple linked lists because of
- * multiple signers. "nextsign" is used for this purpose.
- *
- */
-
-typedef struct JAR_Context_
- {
- JAR *jar; /* Jar we are searching */
- char *pattern; /* Regular expression */
- jarType finding; /* Type of item to find */
- ZZLink *next; /* Next item in find */
- ZZLink *nextsign; /* Next signer, sometimes */
- }
-JAR_Context;
-
-typedef struct JAR_Signer_
- {
- int pkcs7; /* Enforced opaqueness */
- int valid; /* PKCS7 signature validated */
- char *owner; /* name of .RSA file */
- JAR_Digest *digest; /* of .SF file */
- ZZList *sf; /* Linked list of .SF file contents */
- ZZList *certs; /* Signing information */
- }
-JAR_Signer;
-
-
-/* Meta informaton, or "policy", from the manifest file.
- Right now just one tuple per JAR_Item. */
-
-typedef struct JAR_Metainfo_
- {
- char *header;
- char *info;
- }
-JAR_Metainfo;
-
-/* This should not be global */
-
-typedef struct JAR_Physical_
- {
- unsigned char compression;
- unsigned long offset;
- unsigned long length;
- unsigned long uncompressed_length;
-#ifdef XP_UNIX
- uint16 mode;
-#endif
- }
-JAR_Physical;
-
-typedef struct JAR_Cert_
- {
- size_t length;
- void *key;
- CERTCertificate *cert;
- }
-JAR_Cert;
-
-
-/* certificate stuff */
-
-typedef enum
- {
- jarCertCompany = 1,
- jarCertCA = 2,
- jarCertSerial = 3,
- jarCertExpires = 4,
- jarCertNickname = 5,
- jarCertFinger = 6,
- jarCertJavaHack = 100
- }
-jarCert;
-
-/* callback types */
-
-#define JAR_CB_SIGNAL 1
-
-
-/*
- * This is the base for the JAR error codes. It will
- * change when these are incorporated into allxpstr.c,
- * but right now they won't let me put them there.
- *
- */
-
-#ifndef SEC_ERR_BASE
-#define SEC_ERR_BASE (-0x2000)
-#endif
-
-#define JAR_BASE SEC_ERR_BASE + 300
-
-/* Jar specific error definitions */
-
-#define JAR_ERR_GENERAL (JAR_BASE + 1)
-#define JAR_ERR_FNF (JAR_BASE + 2)
-#define JAR_ERR_CORRUPT (JAR_BASE + 3)
-#define JAR_ERR_MEMORY (JAR_BASE + 4)
-#define JAR_ERR_DISK (JAR_BASE + 5)
-#define JAR_ERR_ORDER (JAR_BASE + 6)
-#define JAR_ERR_SIG (JAR_BASE + 7)
-#define JAR_ERR_METADATA (JAR_BASE + 8)
-#define JAR_ERR_ENTRY (JAR_BASE + 9)
-#define JAR_ERR_HASH (JAR_BASE + 10)
-#define JAR_ERR_PK7 (JAR_BASE + 11)
-#define JAR_ERR_PNF (JAR_BASE + 12)
-
-
-/*
- * Birth and death
- *
- */
-
-extern JAR *JAR_new (void);
-
-extern void PR_CALLBACK JAR_destroy (JAR *jar);
-
-extern char *JAR_get_error (int status);
-
-extern int JAR_set_callback (int type, JAR *jar,
- int (*fn) (int status, JAR *jar,
- const char *metafile, char *pathname, char *errortext));
-
-extern void JAR_init_callbacks
- ( char *(*string_cb)(int), void *(*find_cx)(void), void *(*init_cx)(void) );
-
-/*
- * JAR_set_context
- *
- * PKCS11 may require a password to be entered by the user
- * before any crypto routines may be called. This will require
- * a window context if used from inside Mozilla.
- *
- * Call this routine with your context before calling
- * verifying or signing. If you have no context, call with NULL
- * and one will be chosen for you.
- *
- */
-
-int JAR_set_context (JAR *jar, void /*MWContext*/ *mw);
-
-/*
- * Iterative operations
- *
- * JAR_find sets up for repeated calls with JAR_find_next.
- * I never liked findfirst and findnext, this is nicer.
- *
- * Pattern contains a relative pathname to match inside the
- * archive. It is currently assumed to be "*".
- *
- * To use:
- *
- * JAR_Item *item;
- * JAR_find (jar, "*.class", jarTypeMF);
- * while (JAR_find_next (jar, &item) >= 0)
- * { do stuff }
- *
- */
-
-
-/* Replacement functions with an external context */
-
-extern JAR_Context *JAR_find (JAR *jar, char *pattern, jarType type);
-
-extern int JAR_find_next (JAR_Context *ctx, JAR_Item **it);
-
-extern void JAR_find_end (JAR_Context *ctx);
-
-
-/*
- * Function to parse manifest file:
- *
- * Many signatures may be attached to a single filename located
- * inside the zip file. We only support one.
- *
- * Several manifests may be included in the zip file.
- *
- * You must pass the MANIFEST.MF file before any .SF files.
- *
- * Right now this returns a big ole list, privately in the jar structure.
- * If you need to traverse it, use JAR_find if possible.
- *
- * The path is needed to determine what type of binary signature is
- * being passed, though it is technically not needed for manifest files.
- *
- * When parsing an ASCII file, null terminate the ASCII raw_manifest
- * prior to sending it, and indicate a length of 0. For binary digital
- * signatures only, indicate the true length of the signature.
- * (This is legacy behavior.)
- *
- * You may free the manifest after parsing it.
- *
- */
-
-extern int JAR_parse_manifest
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url);
-
-/*
- * Verify data (nonstreaming). The signature is actually
- * checked by JAR_parse_manifest or JAR_pass_archive.
- *
- */
-
-extern JAR_Digest * PR_CALLBACK JAR_calculate_digest
- (void ZHUGEP *data, long length);
-
-extern int PR_CALLBACK JAR_verify_digest
- (JAR *jar, const char *name, JAR_Digest *dig);
-
-extern int JAR_digest_file (char *filename, JAR_Digest *dig);
-
-/*
- * Get attribute from certificate:
- *
- * Returns any special signed attribute associated with this cert
- * or signature (passed in "data"). Attributes jarCert*. Most of the time
- * this will return a zero terminated string.
- *
- */
-
-extern int PR_CALLBACK JAR_cert_attribute
- (JAR *jar, jarCert attrib, long keylen, void *key,
- void **result, unsigned long *length);
-
-/*
- * Meta information
- *
- * Currently, since this call does not support passing of an owner
- * (certificate, or physical name of the .sf file), it is restricted to
- * returning information located in the manifest.mf file.
- *
- * Meta information is a name/value pair inside the archive file. Here,
- * the name is passed in *header and value returned in **info.
- *
- * Pass a NULL as the name to retrieve metainfo from the global section.
- *
- * Data is returned in **info, of size *length. The return value
- * will indicate if no data was found.
- *
- */
-
-extern int JAR_get_metainfo
- (JAR *jar, char *name, char *header, void **info, unsigned long *length);
-
-extern char *JAR_get_filename (JAR *jar);
-
-extern char *JAR_get_url (JAR *jar);
-
-/*
- * Return an HTML mockup of a certificate or signature.
- *
- * Returns a zero terminated ascii string
- * in raw HTML format.
- *
- */
-
-extern char *JAR_cert_html
- (JAR *jar, int style, long keylen, void *key, int *result);
-
-/* save the certificate with this fingerprint in persistent
- storage, somewhere, for retrieval in a future session when there
- is no corresponding JAR structure. */
-
-extern int PR_CALLBACK JAR_stash_cert
- (JAR *jar, long keylen, void *key);
-
-/* retrieve a certificate presumably stashed with the above
- function, but may be any certificate. Type is &CERTCertificate */
-
-void *JAR_fetch_cert (long length, void *key);
-
-/*
- * New functions to handle archives alone
- * (call JAR_new beforehand)
- *
- * JAR_pass_archive acts much like parse_manifest. Certificates
- * are returned in the JAR structure but as opaque data. When calling
- * JAR_verified_extract you still need to decide which of these
- * certificates to honor.
- *
- * Code to examine a JAR structure is in jarbert.c. You can obtain both
- * a list of filenames and certificates from traversing the linked list.
- *
- */
-
-extern int JAR_pass_archive
- (JAR *jar, jarArch format, char *filename, const char *url);
-
-/*
- * Same thing, but don't check signatures
- */
-extern int JAR_pass_archive_unverified
- (JAR *jar, jarArch format, char *filename, const char *url);
-
-/*
- * Extracts a relative pathname from the archive and places it
- * in the filename specified.
- *
- * Call JAR_set_nailed if you want to keep the file descriptors
- * open between multiple calls to JAR_verify_extract.
- *
- */
-
-extern int JAR_verified_extract
- (JAR *jar, char *path, char *outpath);
-
-/*
- * JAR_extract does no crypto checking. This can be used if you
- * need to extract a manifest file or signature, etc.
- *
- */
-
-extern int JAR_extract
- (JAR *jar, char *path, char *outpath);
-
-
-#endif /* __JAR_h_ */
diff --git a/security/nss/lib/jar/jarevil.c b/security/nss/lib/jar/jarevil.c
deleted file mode 100644
index 56dc5dbc3..000000000
--- a/security/nss/lib/jar/jarevil.c
+++ /dev/null
@@ -1,572 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JAREVIL
- *
- * Wrappers to callback in the mozilla thread
- *
- * Certificate code is unsafe when called outside the
- * mozilla thread. These functions push an event on the
- * queue to cause the cert function to run in that thread.
- *
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-#include "jarevil.h"
-
-/* from libevent.h */
-#ifdef MOZILLA_CLIENT_OLD
-typedef void (*ETVoidPtrFunc) (void * data);
-extern void ET_moz_CallFunction (ETVoidPtrFunc fn, void *data);
-
-extern void *mozilla_event_queue;
-#endif
-
-
-/* Special macros facilitate running on Win 16 */
-#if defined(XP_WIN16)
-
- /*
- * Allocate the data passed to the callback functions from the heap...
- *
- * This inter-thread structure cannot reside on a thread stack since the
- * thread's stack is swapped away with the thread under Win16...
- */
-
- #define ALLOC_OR_DEFINE(type, pointer_var_name, out_of_memory_return_value) \
- type * pointer_var_name = PORT_ZAlloc (sizeof(type)); \
- do { \
- if (!pointer_var_name) \
- return (out_of_memory_return_value); \
- } while (0) /* and now a semicolon can follow :-) */
-
- #define FREE_IF_ALLOC_IS_USED(pointer_var_name) PORT_Free(pointer_var_name)
-
-#else /* not win 16... so we can alloc via auto variables */
-
- #define ALLOC_OR_DEFINE(type, pointer_var_name, out_of_memory_return_value) \
- type actual_structure_allocated_in_macro; \
- type * pointer_var_name = &actual_structure_allocated_in_macro; \
- PORT_Memset (pointer_var_name, 0, sizeof (*pointer_var_name)); \
- ((void) 0) /* and now a semicolon can follow */
-
- #define FREE_IF_ALLOC_IS_USED(pointer_var_name) ((void) 0)
-
-#endif /* not Win 16 */
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_encode
- *
- * Call SEC_PKCS7Encode inside
- * the mozilla thread
- *
- */
-
-struct EVIL_encode
- {
- int error;
- SECStatus status;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7EncoderOutputCallback outputfn;
- void *outputarg;
- PK11SymKey *bulkkey;
- SECKEYGetPasswordKey pwfn;
- void *pwfnarg;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_encode_fn (void *data)
- {
- SECStatus status;
- struct EVIL_encode *encode_data = (struct EVIL_encode *)data;
-
- PORT_SetError (encode_data->error);
-
- status = SEC_PKCS7Encode (encode_data->cinfo, encode_data->outputfn,
- encode_data->outputarg, encode_data->bulkkey,
- encode_data->pwfn, encode_data->pwfnarg);
-
- encode_data->status = status;
- encode_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-SECStatus jar_moz_encode
- (
- SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg
- )
- {
- SECStatus ret;
- ALLOC_OR_DEFINE(struct EVIL_encode, encode_data, SECFailure);
-
- encode_data->error = PORT_GetError();
- encode_data->cinfo = cinfo;
- encode_data->outputfn = outputfn;
- encode_data->outputarg = outputarg;
- encode_data->bulkkey = bulkkey;
- encode_data->pwfn = pwfn;
- encode_data->pwfnarg = pwfnarg;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_encode_fn, encode_data);
- else
- jar_moz_encode_fn (encode_data);
-#else
- jar_moz_encode_fn (encode_data);
-#endif
-
- PORT_SetError (encode_data->error);
- ret = encode_data->status;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(encode_data);
- return ret;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_verify
- *
- * Call SEC_PKCS7VerifyDetachedSignature inside
- * the mozilla thread
- *
- */
-
-struct EVIL_verify
- {
- int error;
- SECStatus status;
- SEC_PKCS7ContentInfo *cinfo;
- SECCertUsage certusage;
- SECItem *detached_digest;
- HASH_HashType digest_type;
- PRBool keepcerts;
- };
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_verify_fn (void *data)
- {
- PRBool result;
- struct EVIL_verify *verify_data = (struct EVIL_verify *)data;
-
- PORT_SetError (verify_data->error);
-
- result = SEC_PKCS7VerifyDetachedSignature
- (verify_data->cinfo, verify_data->certusage, verify_data->detached_digest,
- verify_data->digest_type, verify_data->keepcerts);
-
-
- verify_data->status = result==PR_TRUE ? SECSuccess : SECFailure;
- verify_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-SECStatus jar_moz_verify
- (
- SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts
- )
- {
- SECStatus ret;
- ALLOC_OR_DEFINE(struct EVIL_verify, verify_data, SECFailure);
-
- verify_data->error = PORT_GetError();
- verify_data->cinfo = cinfo;
- verify_data->certusage = certusage;
- verify_data->detached_digest = detached_digest;
- verify_data->digest_type = digest_type;
- verify_data->keepcerts = keepcerts;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_verify_fn, verify_data);
- else
- jar_moz_verify_fn (verify_data);
-#else
- jar_moz_verify_fn (verify_data);
-#endif
-
- PORT_SetError (verify_data->error);
- ret = verify_data->status;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(verify_data);
- return ret;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_nickname
- *
- * Call CERT_FindCertByNickname inside
- * the mozilla thread
- *
- */
-
-struct EVIL_nickname
- {
- int error;
- CERTCertDBHandle *certdb;
- char *nickname;
- CERTCertificate *cert;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_nickname_fn (void *data)
- {
- CERTCertificate *cert;
- struct EVIL_nickname *nickname_data = (struct EVIL_nickname *)data;
-
- PORT_SetError (nickname_data->error);
-
- cert = CERT_FindCertByNickname (nickname_data->certdb, nickname_data->nickname);
-
- nickname_data->cert = cert;
- nickname_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-CERTCertificate *jar_moz_nickname (CERTCertDBHandle *certdb, char *nickname)
- {
- CERTCertificate *cert;
- ALLOC_OR_DEFINE(struct EVIL_nickname, nickname_data, NULL );
-
- nickname_data->error = PORT_GetError();
- nickname_data->certdb = certdb;
- nickname_data->nickname = nickname;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_nickname_fn, nickname_data);
- else
- jar_moz_nickname_fn (nickname_data);
-#else
- jar_moz_nickname_fn (nickname_data);
-#endif
-
- PORT_SetError (nickname_data->error);
- cert = nickname_data->cert;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(nickname_data);
- return cert;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_perm
- *
- * Call CERT_AddTempCertToPerm inside
- * the mozilla thread
- *
- */
-
-struct EVIL_perm
- {
- int error;
- SECStatus status;
- CERTCertificate *cert;
- char *nickname;
- CERTCertTrust *trust;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_perm_fn (void *data)
- {
- SECStatus status;
- struct EVIL_perm *perm_data = (struct EVIL_perm *)data;
-
- PORT_SetError (perm_data->error);
-
- status = CERT_AddTempCertToPerm (perm_data->cert, perm_data->nickname, perm_data->trust);
-
- perm_data->status = status;
- perm_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-SECStatus jar_moz_perm
- (CERTCertificate *cert, char *nickname, CERTCertTrust *trust)
- {
- SECStatus ret;
- ALLOC_OR_DEFINE(struct EVIL_perm, perm_data, SECFailure);
-
- perm_data->error = PORT_GetError();
- perm_data->cert = cert;
- perm_data->nickname = nickname;
- perm_data->trust = trust;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_perm_fn, perm_data);
- else
- jar_moz_perm_fn (perm_data);
-#else
- jar_moz_perm_fn (perm_data);
-#endif
-
- PORT_SetError (perm_data->error);
- ret = perm_data->status;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(perm_data);
- return ret;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_certkey
- *
- * Call CERT_FindCertByKey inside
- * the mozilla thread
- *
- */
-
-struct EVIL_certkey
- {
- int error;
- CERTCertificate *cert;
- CERTCertDBHandle *certdb;
- CERTIssuerAndSN *seckey;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_certkey_fn (void *data)
- {
- CERTCertificate *cert;
- struct EVIL_certkey *certkey_data = (struct EVIL_certkey *)data;
-
- PORT_SetError (certkey_data->error);
-
- cert=CERT_FindCertByIssuerAndSN(certkey_data->certdb, certkey_data->seckey);
-
- certkey_data->cert = cert;
- certkey_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-CERTCertificate *jar_moz_certkey (CERTCertDBHandle *certdb,
- CERTIssuerAndSN *seckey)
- {
- CERTCertificate *cert;
- ALLOC_OR_DEFINE(struct EVIL_certkey, certkey_data, NULL);
-
- certkey_data->error = PORT_GetError();
- certkey_data->certdb = certdb;
- certkey_data->seckey = seckey;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_certkey_fn, certkey_data);
- else
- jar_moz_certkey_fn (certkey_data);
-#else
- jar_moz_certkey_fn (certkey_data);
-#endif
-
- PORT_SetError (certkey_data->error);
- cert = certkey_data->cert;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(certkey_data);
- return cert;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_issuer
- *
- * Call CERT_FindCertIssuer inside
- * the mozilla thread
- *
- */
-
-struct EVIL_issuer
- {
- int error;
- CERTCertificate *cert;
- CERTCertificate *issuer;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_issuer_fn (void *data)
- {
- CERTCertificate *issuer;
- struct EVIL_issuer *issuer_data = (struct EVIL_issuer *)data;
-
- PORT_SetError (issuer_data->error);
-
- issuer = CERT_FindCertIssuer (issuer_data->cert, PR_Now(),
- certUsageObjectSigner);
-
- issuer_data->issuer = issuer;
- issuer_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-CERTCertificate *jar_moz_issuer (CERTCertificate *cert)
- {
- CERTCertificate *issuer_cert;
- ALLOC_OR_DEFINE(struct EVIL_issuer, issuer_data, NULL);
-
- issuer_data->error = PORT_GetError();
- issuer_data->cert = cert;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_issuer_fn, issuer_data);
- else
- jar_moz_issuer_fn (issuer_data);
-#else
- jar_moz_issuer_fn (issuer_data);
-#endif
-
- PORT_SetError (issuer_data->error);
- issuer_cert = issuer_data->issuer;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(issuer_data);
- return issuer_cert;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
-
-/*
- * JAR_MOZ_dup
- *
- * Call CERT_DupCertificate inside
- * the mozilla thread
- *
- */
-
-struct EVIL_dup
- {
- int error;
- CERTCertificate *cert;
- CERTCertificate *return_cert;
- };
-
-
-/* This is called inside the mozilla thread */
-
-PR_STATIC_CALLBACK(void) jar_moz_dup_fn (void *data)
- {
- CERTCertificate *return_cert;
- struct EVIL_dup *dup_data = (struct EVIL_dup *)data;
-
- PORT_SetError (dup_data->error);
-
- return_cert = CERT_DupCertificate (dup_data->cert);
-
- dup_data->return_cert = return_cert;
- dup_data->error = PORT_GetError();
- }
-
-
-/* Wrapper for the ET_MOZ call */
-
-CERTCertificate *jar_moz_dup (CERTCertificate *cert)
- {
- CERTCertificate *dup_cert;
- ALLOC_OR_DEFINE(struct EVIL_dup, dup_data, NULL);
-
- dup_data->error = PORT_GetError();
- dup_data->cert = cert;
-
- /* Synchronously invoke the callback function on the mozilla thread. */
-#ifdef MOZILLA_CLIENT_OLD
- if (mozilla_event_queue)
- ET_moz_CallFunction (jar_moz_dup_fn, dup_data);
- else
- jar_moz_dup_fn (dup_data);
-#else
- jar_moz_dup_fn (dup_data);
-#endif
-
- PORT_SetError (dup_data->error);
- dup_cert = dup_data->return_cert;
-
- /* Free the data passed to the callback function... */
- FREE_IF_ALLOC_IS_USED(dup_data);
- return dup_cert;
- }
-
-/* --- --- --- --- --- --- --- --- --- --- --- --- --- */
diff --git a/security/nss/lib/jar/jarevil.h b/security/nss/lib/jar/jarevil.h
deleted file mode 100644
index 95b4f6883..000000000
--- a/security/nss/lib/jar/jarevil.h
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * jarevil.h
- *
- * dot H file for calls to mozilla thread
- * from within jarver.c
- *
- */
-
-#include "certt.h"
-#include "secpkcs7.h"
-
-extern SECStatus jar_moz_encode
- (
- SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg
- );
-
-extern SECStatus jar_moz_verify
- (
- SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts
- );
-
-extern CERTCertificate *jar_moz_nickname
- (CERTCertDBHandle *certdb, char *nickname);
-
-extern SECStatus jar_moz_perm
- (CERTCertificate *cert, char *nickname, CERTCertTrust *trust);
-
-extern CERTCertificate *jar_moz_certkey
- (CERTCertDBHandle *certdb, CERTIssuerAndSN *seckey);
-
-extern CERTCertificate *jar_moz_issuer (CERTCertificate *cert);
-
-extern CERTCertificate *jar_moz_dup (CERTCertificate *cert);
-
diff --git a/security/nss/lib/jar/jarfile.c b/security/nss/lib/jar/jarfile.c
deleted file mode 100644
index 315ec0d69..000000000
--- a/security/nss/lib/jar/jarfile.c
+++ /dev/null
@@ -1,1151 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARFILE
- *
- * Parsing of a Jar file
- */
-
-#define JAR_SIZE 256
-
-#include "jar.h"
-
-#include "jarint.h"
-#include "jarfile.h"
-
-/* commercial compression */
-#include "jzlib.h"
-
-#ifdef XP_UNIX
-#include "sys/stat.h"
-#endif
-
-#include "sechash.h" /* for HASH_GetHashObject() */
-
-/* extracting */
-
-static int jar_guess_jar (char *filename, JAR_FILE fp);
-
-static int jar_inflate_memory
- (unsigned int method, long *length, long expected_out_len, char ZHUGEP **data);
-
-static int jar_physical_extraction
- (JAR_FILE fp, char *outpath, long offset, long length);
-
-static int jar_physical_inflate
- (JAR_FILE fp, char *outpath, long offset,
- long length, unsigned int method);
-
-static int jar_verify_extract
- (JAR *jar, char *path, char *physical_path);
-
-static JAR_Physical *jar_get_physical (JAR *jar, char *pathname);
-
-static int jar_extract_manifests (JAR *jar, jarArch format, JAR_FILE fp);
-
-static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext);
-
-
-/* indexing */
-
-static int jar_gen_index (JAR *jar, jarArch format, JAR_FILE fp);
-
-static int jar_listtar (JAR *jar, JAR_FILE fp);
-
-static int jar_listzip (JAR *jar, JAR_FILE fp);
-
-
-/* conversions */
-
-static int dosdate (char *date, char *s);
-
-static int dostime (char *time, char *s);
-
-static unsigned int xtoint (unsigned char *ii);
-
-static unsigned long xtolong (unsigned char *ll);
-
-static long atoo (char *s);
-
-/*
- * J A R _ p a s s _ a r c h i v e
- *
- * For use by naive clients. Slam an entire archive file
- * into this function. We extract manifests, parse, index
- * the archive file, and do whatever nastiness.
- *
- */
-
-int JAR_pass_archive
- (JAR *jar, jarArch format, char *filename, const char *url)
- {
- JAR_FILE fp;
- int status = 0;
-
- if (filename == NULL)
- return JAR_ERR_GENERAL;
-
- if ((fp = JAR_FOPEN (filename, "rb")) != NULL)
- {
- if (format == jarArchGuess)
- format = (jarArch)jar_guess_jar (filename, fp);
-
- jar->format = format;
- jar->url = url ? PORT_Strdup (url) : NULL;
- jar->filename = PORT_Strdup (filename);
-
- status = jar_gen_index (jar, format, fp);
-
- if (status == 0)
- status = jar_extract_manifests (jar, format, fp);
-
- JAR_FCLOSE (fp);
-
- if (status < 0)
- return status;
-
- /* people were expecting it this way */
- return jar->valid;
- }
- else
- {
- /* file not found */
- return JAR_ERR_FNF;
- }
- }
-
-/*
- * J A R _ p a s s _ a r c h i v e _ u n v e r i f i e d
- *
- * Same as JAR_pass_archive, but doesn't parse signatures.
- *
- */
-int JAR_pass_archive_unverified
- (JAR *jar, jarArch format, char *filename, const char *url)
-{
- JAR_FILE fp;
- int status = 0;
-
- if (filename == NULL) {
- return JAR_ERR_GENERAL;
- }
-
- if ((fp = JAR_FOPEN (filename, "rb")) != NULL) {
- if (format == jarArchGuess) {
- format = (jarArch)jar_guess_jar (filename, fp);
- }
-
- jar->format = format;
- jar->url = url ? PORT_Strdup (url) : NULL;
- jar->filename = PORT_Strdup (filename);
-
- status = jar_gen_index (jar, format, fp);
-
- if (status == 0) {
- status = jar_extract_mf(jar, format, fp, "mf");
- }
-
- JAR_FCLOSE (fp);
-
- if (status < 0) {
- return status;
- }
-
- /* people were expecting it this way */
- return jar->valid;
- } else {
- /* file not found */
- return JAR_ERR_FNF;
- }
-}
-
-/*
- * J A R _ v e r i f i e d _ e x t r a c t
- *
- * Optimization: keep a file descriptor open
- * inside the JAR structure, so we don't have to
- * open the file 25 times to run java.
- *
- */
-
-int JAR_verified_extract
- (JAR *jar, char *path, char *outpath)
- {
- int status;
-
- status = JAR_extract (jar, path, outpath);
-
- if (status >= 0)
- return jar_verify_extract (jar, path, outpath);
- else
- return status;
- }
-
-int JAR_extract
- (JAR *jar, char *path, char *outpath)
- {
- int result;
-
- JAR_Physical *phy;
-
- if (jar->fp == NULL && jar->filename)
- {
- jar->fp = (FILE*)JAR_FOPEN (jar->filename, "rb");
- }
-
- if (jar->fp == NULL)
- {
- /* file not found */
- return JAR_ERR_FNF;
- }
-
- phy = jar_get_physical (jar, path);
-
- if (phy)
- {
- if (phy->compression != 0 && phy->compression != 8)
- {
- /* unsupported compression method */
- result = JAR_ERR_CORRUPT;
- }
-
- if (phy->compression == 0)
- {
- result = jar_physical_extraction
- ((PRFileDesc*)jar->fp, outpath, phy->offset, phy->length);
- }
- else
- {
- result = jar_physical_inflate
- ((PRFileDesc*)jar->fp, outpath, phy->offset, phy->length,
- (unsigned int) phy->compression);
- }
-
-#ifdef XP_UNIX
- if (phy->mode)
- chmod (outpath, 0400 | (mode_t) phy->mode);
-#endif
- }
- else
- {
- /* pathname not found in archive */
- result = JAR_ERR_PNF;
- }
-
- return result;
- }
-
-/*
- * p h y s i c a l _ e x t r a c t i o n
- *
- * This needs to be done in chunks of say 32k, instead of
- * in one bulk calloc. (Necessary under Win16 platform.)
- * This is done for uncompressed entries only.
- *
- */
-
-#define CHUNK 32768
-
-static int jar_physical_extraction
- (JAR_FILE fp, char *outpath, long offset, long length)
- {
- JAR_FILE out;
-
- char *buffer;
- long at, chunk;
-
- int status = 0;
-
- buffer = (char *) PORT_ZAlloc (CHUNK);
-
- if (buffer == NULL)
- return JAR_ERR_MEMORY;
-
- if ((out = JAR_FOPEN (outpath, "wb")) != NULL)
- {
- at = 0;
-
- JAR_FSEEK (fp, offset, (PRSeekWhence)0);
-
- while (at < length)
- {
- chunk = (at + CHUNK <= length) ? CHUNK : length - at;
-
- if (JAR_FREAD (fp, buffer, chunk) != chunk)
- {
- status = JAR_ERR_DISK;
- break;
- }
-
- at += chunk;
-
- if (JAR_FWRITE (out, buffer, chunk) < chunk)
- {
- /* most likely a disk full error */
- status = JAR_ERR_DISK;
- break;
- }
- }
- JAR_FCLOSE (out);
- }
- else
- {
- /* error opening output file */
- status = JAR_ERR_DISK;
- }
-
- PORT_Free (buffer);
- return status;
- }
-
-/*
- * j a r _ p h y s i c a l _ i n f l a t e
- *
- * Inflate a range of bytes in a file, writing the inflated
- * result to "outpath". Chunk based.
- *
- */
-
-/* input and output chunks differ, assume 4x compression */
-
-#define ICHUNK 8192
-#define OCHUNK 32768
-
-static int jar_physical_inflate
- (JAR_FILE fp, char *outpath, long offset,
- long length, unsigned int method)
- {
- z_stream zs;
-
- JAR_FILE out;
-
- long at, chunk;
- char *inbuf, *outbuf;
-
- int status = 0;
-
- unsigned long prev_total, ochunk, tin;
-
- if ((inbuf = (char *) PORT_ZAlloc (ICHUNK)) == NULL)
- return JAR_ERR_MEMORY;
-
- if ((outbuf = (char *) PORT_ZAlloc (OCHUNK)) == NULL)
- {
- PORT_Free (inbuf);
- return JAR_ERR_MEMORY;
- }
-
- PORT_Memset (&zs, 0, sizeof (zs));
- status = inflateInit2 (&zs, -MAX_WBITS);
-
- if (status != Z_OK)
- return JAR_ERR_GENERAL;
-
- if ((out = JAR_FOPEN (outpath, "wb")) != NULL)
- {
- at = 0;
-
- JAR_FSEEK (fp, offset, (PRSeekWhence)0);
-
- while (at < length)
- {
- chunk = (at + ICHUNK <= length) ? ICHUNK : length - at;
-
- if (JAR_FREAD (fp, inbuf, chunk) != chunk)
- {
- /* incomplete read */
- return JAR_ERR_CORRUPT;
- }
-
- at += chunk;
-
- zs.next_in = (Bytef *) inbuf;
- zs.avail_in = chunk;
- zs.avail_out = OCHUNK;
-
- tin = zs.total_in;
-
- while ((zs.total_in - tin < chunk) || (zs.avail_out == 0))
- {
- prev_total = zs.total_out;
-
- zs.next_out = (Bytef *) outbuf;
- zs.avail_out = OCHUNK;
-
- status = inflate (&zs, Z_NO_FLUSH);
-
- if (status != Z_OK && status != Z_STREAM_END)
- {
- /* error during decompression */
- return JAR_ERR_CORRUPT;
- }
-
- ochunk = zs.total_out - prev_total;
-
- if (JAR_FWRITE (out, outbuf, ochunk) < ochunk)
- {
- /* most likely a disk full error */
- status = JAR_ERR_DISK;
- break;
- }
-
- if (status == Z_STREAM_END)
- break;
- }
- }
-
- JAR_FCLOSE (out);
- status = inflateEnd (&zs);
- }
- else
- {
- /* error opening output file */
- status = JAR_ERR_DISK;
- }
-
- PORT_Free (inbuf);
- PORT_Free (outbuf);
-
- return status;
- }
-
-/*
- * j a r _ i n f l a t e _ m e m o r y
- *
- * Call zlib to inflate the given memory chunk. It is re-XP_ALLOC'd,
- * and thus appears to operate inplace to the caller.
- *
- */
-
-static int jar_inflate_memory
- (unsigned int method, long *length, long expected_out_len, char ZHUGEP **data)
- {
- int status;
- z_stream zs;
-
- long insz, outsz;
-
- char *inbuf, *outbuf;
-
- inbuf = *data;
- insz = *length;
-
- outsz = expected_out_len;
- outbuf = (char*)PORT_ZAlloc (outsz);
-
- if (outbuf == NULL)
- return JAR_ERR_MEMORY;
-
- PORT_Memset (&zs, 0, sizeof (zs));
-
- status = inflateInit2 (&zs, -MAX_WBITS);
-
- if (status < 0)
- {
- /* error initializing zlib stream */
- return JAR_ERR_GENERAL;
- }
-
- zs.next_in = (Bytef *) inbuf;
- zs.next_out = (Bytef *) outbuf;
-
- zs.avail_in = insz;
- zs.avail_out = outsz;
-
- status = inflate (&zs, Z_FINISH);
-
- if (status != Z_OK && status != Z_STREAM_END)
- {
- /* error during deflation */
- return JAR_ERR_GENERAL;
- }
-
- status = inflateEnd (&zs);
-
- if (status != Z_OK)
- {
- /* error during deflation */
- return JAR_ERR_GENERAL;
- }
-
- PORT_Free (*data);
-
- *data = outbuf;
- *length = zs.total_out;
-
- return 0;
- }
-
-/*
- * v e r i f y _ e x t r a c t
- *
- * Validate signature on the freshly extracted file.
- *
- */
-
-static int jar_verify_extract (JAR *jar, char *path, char *physical_path)
- {
- int status;
- JAR_Digest dig;
-
- PORT_Memset (&dig, 0, sizeof (JAR_Digest));
- status = JAR_digest_file (physical_path, &dig);
-
- if (!status)
- status = JAR_verify_digest (jar, path, &dig);
-
- return status;
- }
-
-/*
- * g e t _ p h y s i c a l
- *
- * Let's get physical.
- * Obtains the offset and length of this file in the jar file.
- *
- */
-
-static JAR_Physical *jar_get_physical (JAR *jar, char *pathname)
- {
- JAR_Item *it;
-
- JAR_Physical *phy;
-
- ZZLink *link;
- ZZList *list;
-
- list = jar->phy;
-
- if (ZZ_ListEmpty (list))
- return NULL;
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypePhy
- && it->pathname && !PORT_Strcmp (it->pathname, pathname))
- {
- phy = (JAR_Physical *) it->data;
- return phy;
- }
- }
-
- return NULL;
- }
-
-/*
- * j a r _ e x t r a c t _ m a n i f e s t s
- *
- * Extract the manifest files and parse them,
- * from an open archive file whose contents are known.
- *
- */
-
-static int jar_extract_manifests (JAR *jar, jarArch format, JAR_FILE fp)
- {
- int status;
-
- if (format != jarArchZip && format != jarArchTar)
- return JAR_ERR_CORRUPT;
-
- if ((status = jar_extract_mf (jar, format, fp, "mf")) < 0)
- return status;
-
- if ((status = jar_extract_mf (jar, format, fp, "sf")) < 0)
- return status;
-
- if ((status = jar_extract_mf (jar, format, fp, "rsa")) < 0)
- return status;
-
- if ((status = jar_extract_mf (jar, format, fp, "dsa")) < 0)
- return status;
-
- return 0;
- }
-
-/*
- * j a r _ e x t r a c t _ m f
- *
- * Extracts manifest files based on an extension, which
- * should be .MF, .SF, .RSA, etc. Order of the files is now no
- * longer important when zipping jar files.
- *
- */
-
-static int jar_extract_mf (JAR *jar, jarArch format, JAR_FILE fp, char *ext)
- {
- JAR_Item *it;
-
- JAR_Physical *phy;
-
- ZZLink *link;
- ZZList *list;
-
- char *fn, *e;
- char ZHUGEP *manifest;
-
- long length;
- int status, ret = 0, num;
-
- list = jar->phy;
-
- if (ZZ_ListEmpty (list))
- return JAR_ERR_PNF;
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypePhy
- && !PORT_Strncmp (it->pathname, "META-INF", 8))
- {
- phy = (JAR_Physical *) it->data;
-
- if (PORT_Strlen (it->pathname) < 8)
- continue;
-
- fn = it->pathname + 8;
- if (*fn == '/' || *fn == '\\') fn++;
-
- if (*fn == 0)
- {
- /* just a directory entry */
- continue;
- }
-
- /* skip to extension */
- for (e = fn; *e && *e != '.'; e++)
- /* yip */ ;
-
- /* and skip dot */
- if (*e == '.') e++;
-
- if (PORT_Strcasecmp (ext, e))
- {
- /* not the right extension */
- continue;
- }
-
- if (phy->length == 0)
- {
- /* manifest files cannot be zero length! */
- return JAR_ERR_CORRUPT;
- }
-
- /* Read in the manifest and parse it */
- /* FIX? Does this break on win16 for very very large manifest files? */
-
-#ifdef XP_WIN16
- PORT_Assert( phy->length+1 < 0xFFFF );
-#endif
-
- manifest = (char ZHUGEP *) PORT_ZAlloc (phy->length + 1);
- if (manifest)
- {
- JAR_FSEEK (fp, phy->offset, (PRSeekWhence)0);
- num = JAR_FREAD (fp, manifest, phy->length);
-
- if (num != phy->length)
- {
- /* corrupt archive file */
- return JAR_ERR_CORRUPT;
- }
-
- if (phy->compression == 8)
- {
- length = phy->length;
-
- status = jar_inflate_memory ((unsigned int) phy->compression, &length, phy->uncompressed_length, &manifest);
-
- if (status < 0)
- return status;
- }
- else if (phy->compression)
- {
- /* unsupported compression method */
- return JAR_ERR_CORRUPT;
- }
- else
- length = phy->length;
-
- status = JAR_parse_manifest
- (jar, manifest, length, it->pathname, "url");
-
- PORT_Free (manifest);
-
- if (status < 0 && ret == 0) ret = status;
- }
- else
- return JAR_ERR_MEMORY;
- }
- else if (it->type == jarTypePhy)
- {
- /* ordinary file */
- }
- }
-
- return ret;
- }
-
-/*
- * j a r _ g e n _ i n d e x
- *
- * Generate an index for the various types of
- * known archive files. Right now .ZIP and .TAR
- *
- */
-
-static int jar_gen_index (JAR *jar, jarArch format, JAR_FILE fp)
- {
- int result = JAR_ERR_CORRUPT;
- JAR_FSEEK (fp, 0, (PRSeekWhence)0);
-
- switch (format)
- {
- case jarArchZip:
- result = jar_listzip (jar, fp);
- break;
-
- case jarArchTar:
- result = jar_listtar (jar, fp);
- break;
-
- case jarArchGuess:
- case jarArchNone:
- return JAR_ERR_GENERAL;
- }
-
- JAR_FSEEK (fp, 0, (PRSeekWhence)0);
- return result;
- }
-
-
-/*
- * j a r _ l i s t z i p
- *
- * List the physical contents of a Phil Katz
- * style .ZIP file into the JAR linked list.
- *
- */
-
-static int jar_listzip (JAR *jar, JAR_FILE fp)
- {
- int err = 0;
-
- long pos = 0L;
- char filename [JAR_SIZE];
-
- char date [9], time [9];
- char sig [4];
-
- unsigned int compression;
- unsigned int filename_len, extra_len;
-
- struct ZipLocal *Local;
- struct ZipCentral *Central;
- struct ZipEnd *End;
-
- /* phy things */
-
- ZZLink *ent;
- JAR_Item *it;
- JAR_Physical *phy;
-
- Local = (struct ZipLocal *) PORT_ZAlloc (30);
- Central = (struct ZipCentral *) PORT_ZAlloc (46);
- End = (struct ZipEnd *) PORT_ZAlloc (22);
-
- if (!Local || !Central || !End)
- {
- /* out of memory */
- err = JAR_ERR_MEMORY;
- goto loser;
- }
-
- while (1)
- {
- JAR_FSEEK (fp, pos, (PRSeekWhence)0);
-
- if (JAR_FREAD (fp, (char *) sig, 4) != 4)
- {
- /* zip file ends prematurely */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- JAR_FSEEK (fp, pos, (PRSeekWhence)0);
-
- if (xtolong ((unsigned char *)sig) == LSIG)
- {
- JAR_FREAD (fp, (char *) Local, 30);
-
- filename_len = xtoint ((unsigned char *) Local->filename_len);
- extra_len = xtoint ((unsigned char *) Local->extrafield_len);
-
- if (filename_len >= JAR_SIZE)
- {
- /* corrupt zip file */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- if (JAR_FREAD (fp, filename, filename_len) != filename_len)
- {
- /* truncated archive file */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- filename [filename_len] = 0;
-
- /* Add this to our jar chain */
-
- phy = (JAR_Physical *) PORT_ZAlloc (sizeof (JAR_Physical));
-
- if (phy == NULL)
- {
- err = JAR_ERR_MEMORY;
- goto loser;
- }
-
- /* We will index any file that comes our way, but when it comes
- to actually extraction, compression must be 0 or 8 */
-
- compression = xtoint ((unsigned char *) Local->method);
- phy->compression = compression >= 0 &&
- compression <= 255 ? compression : 222;
-
- phy->offset = pos + 30 + filename_len + extra_len;
- phy->length = xtolong ((unsigned char *) Local->size);
- phy->uncompressed_length = xtolong((unsigned char *) Local->orglen);
-
- dosdate (date, Local->date);
- dostime (time, Local->time);
-
- it = (JAR_Item*)PORT_ZAlloc (sizeof (JAR_Item));
- if (it == NULL)
- {
- err = JAR_ERR_MEMORY;
- goto loser;
- }
-
- it->pathname = PORT_Strdup (filename);
-
- it->type = jarTypePhy;
-
- it->data = (unsigned char *) phy;
- it->size = sizeof (JAR_Physical);
-
- ent = ZZ_NewLink (it);
-
- if (ent == NULL)
- {
- err = JAR_ERR_MEMORY;
- goto loser;
- }
-
- ZZ_AppendLink (jar->phy, ent);
-
- pos = phy->offset + phy->length;
- }
- else if (xtolong ( (unsigned char *)sig) == CSIG)
- {
- if (JAR_FREAD (fp, (char *) Central, 46) != 46)
- {
- /* apparently truncated archive */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
-#ifdef XP_UNIX
- /* with unix we need to locate any bits from
- the protection mask in the external attributes. */
- {
- unsigned int attr;
-
- /* determined empirically */
- attr = Central->external_attributes [2];
-
- if (attr)
- {
- /* we have to read the filename, again */
-
- filename_len = xtoint ((unsigned char *) Central->filename_len);
-
- if (filename_len >= JAR_SIZE)
- {
- /* corrupt in central directory */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- if (JAR_FREAD (fp, filename, filename_len) != filename_len)
- {
- /* truncated in central directory */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
-
- filename [filename_len] = 0;
-
- /* look up this name again */
- phy = jar_get_physical (jar, filename);
-
- if (phy)
- {
- /* always allow access by self */
- phy->mode = 0400 | attr;
- }
- }
- }
-#endif
-
- pos += 46 + xtoint ( (unsigned char *)Central->filename_len)
- + xtoint ( (unsigned char *)Central->commentfield_len)
- + xtoint ( (unsigned char *)Central->extrafield_len);
- }
- else if (xtolong ( (unsigned char *)sig) == ESIG)
- {
- if (JAR_FREAD (fp, (char *) End, 22) != 22)
- {
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
- else
- break;
- }
- else
- {
- /* garbage in archive */
- err = JAR_ERR_CORRUPT;
- goto loser;
- }
- }
-
-loser:
-
- if (Local) PORT_Free (Local);
- if (Central) PORT_Free (Central);
- if (End) PORT_Free (End);
-
- return err;
- }
-
-/*
- * j a r _ l i s t t a r
- *
- * List the physical contents of a Unix
- * .tar file into the JAR linked list.
- *
- */
-
-static int jar_listtar (JAR *jar, JAR_FILE fp)
- {
- long pos = 0L;
-
- long sz, mode;
- time_t when;
- union TarEntry tarball;
-
- char *s;
-
- /* phy things */
-
- JAR_Physical *phy;
-
- while (1)
- {
- JAR_FSEEK (fp, pos, (PRSeekWhence)0);
-
- if (JAR_FREAD (fp, (char *) &tarball, 512) < 512)
- break;
-
- if (!*tarball.val.filename)
- break;
-
- when = atoo (tarball.val.time);
- sz = atoo (tarball.val.size);
- mode = atoo (tarball.val.mode);
-
-
- /* Tag the end of filename */
-
- s = tarball.val.filename;
- while (*s && *s != ' ') s++;
- *s = 0;
-
-
- /* Add to our linked list */
-
- phy = (JAR_Physical *) PORT_ZAlloc (sizeof (JAR_Physical));
-
- if (phy == NULL)
- return JAR_ERR_MEMORY;
-
- phy->compression = 0;
- phy->offset = pos + 512;
- phy->length = sz;
-
- ADDITEM (jar->phy, jarTypePhy,
- tarball.val.filename, phy, sizeof (JAR_Physical));
-
-
- /* Advance to next file entry */
-
- sz += 511;
- sz = (sz / 512) * 512;
-
- pos += sz + 512;
- }
-
- return 0;
- }
-
-/*
- * d o s d a t e
- *
- * Not used right now, but keep it in here because
- * it will be needed.
- *
- */
-
-static int dosdate (char *date, char *s)
- {
- int num = xtoint ( (unsigned char *)s);
-
- PR_snprintf (date, 9, "%02d-%02d-%02d",
- ((num >> 5) & 0x0F), (num & 0x1F), ((num >> 9) + 80));
-
- return 0;
- }
-
-/*
- * d o s t i m e
- *
- * Not used right now, but keep it in here because
- * it will be needed.
- *
- */
-
-static int dostime (char *time, char *s)
- {
- int num = xtoint ( (unsigned char *)s);
-
- PR_snprintf (time, 6, "%02d:%02d",
- ((num >> 11) & 0x1F), ((num >> 5) & 0x3F));
-
- return 0;
- }
-
-/*
- * x t o i n t
- *
- * Converts a two byte ugly endianed integer
- * to our platform's integer.
- *
- */
-
-static unsigned int xtoint (unsigned char *ii)
- {
- return (int) (ii [0]) | ((int) ii [1] << 8);
- }
-
-/*
- * x t o l o n g
- *
- * Converts a four byte ugly endianed integer
- * to our platform's integer.
- *
- */
-
-static unsigned long xtolong (unsigned char *ll)
- {
- unsigned long ret;
-
- ret = (
- (((unsigned long) ll [0]) << 0) |
- (((unsigned long) ll [1]) << 8) |
- (((unsigned long) ll [2]) << 16) |
- (((unsigned long) ll [3]) << 24)
- );
-
- return ret;
- }
-
-/*
- * a t o o
- *
- * Ascii octal to decimal.
- * Used for integer encoding inside tar files.
- *
- */
-
-static long atoo (char *s)
- {
- long num = 0L;
-
- while (*s == ' ') s++;
-
- while (*s >= '0' && *s <= '7')
- {
- num <<= 3;
- num += *s++ - '0';
- }
-
- return num;
- }
-
-/*
- * g u e s s _ j a r
- *
- * Try to guess what kind of JAR file this is.
- * Maybe tar, maybe zip. Look in the file for magic
- * or at its filename.
- *
- */
-
-static int jar_guess_jar (char *filename, JAR_FILE fp)
- {
- char *ext;
-
- ext = filename + PORT_Strlen (filename) - 4;
-
- if (!PORT_Strcmp (ext, ".tar"))
- return jarArchTar;
-
- return jarArchZip;
- }
diff --git a/security/nss/lib/jar/jarfile.h b/security/nss/lib/jar/jarfile.h
deleted file mode 100644
index d28b090fa..000000000
--- a/security/nss/lib/jar/jarfile.h
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARFILE.H
- *
- * Certain constants and structures for the archive format.
- *
- */
-
-/* ZIP */
-
-struct ZipLocal
- {
- char signature [4];
- char word [2];
- char bitflag [2];
- char method [2];
- char time [2];
- char date [2];
- char crc32 [4];
- char size [4];
- char orglen [4];
- char filename_len [2];
- char extrafield_len [2];
- };
-
-struct ZipCentral
- {
- char signature [4];
- char version_made_by [2];
- char version [2];
- char bitflag [2];
- char method [2];
- char time [2];
- char date [2];
- char crc32 [4];
- char size [4];
- char orglen [4];
- char filename_len [2];
- char extrafield_len [2];
- char commentfield_len [2];
- char diskstart_number [2];
- char internal_attributes [2];
- char external_attributes [4];
- char localhdr_offset [4];
- };
-
-struct ZipEnd
- {
- char signature [4];
- char disk_nr [2];
- char start_central_dir [2];
- char total_entries_disk [2];
- char total_entries_archive [2];
- char central_dir_size [4];
- char offset_central_dir [4];
- char commentfield_len [2];
- };
-
-#define LSIG 0x04034B50l
-#define CSIG 0x02014B50l
-#define ESIG 0x06054B50l
-
-/* TAR */
-
-union TarEntry
- {
- struct header
- {
- char filename [100];
- char mode [8];
- char uid [8];
- char gid [8];
- char size [12];
- char time [12];
- char checksum [8];
- char linkflag;
- char linkname [100];
- }
- val;
-
- char buffer [512];
- };
diff --git a/security/nss/lib/jar/jarint.c b/security/nss/lib/jar/jarint.c
deleted file mode 100644
index 4c8da5986..000000000
--- a/security/nss/lib/jar/jarint.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Internal libjar routines.
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-/*-----------------------------------------------------------------------
- * JAR_FOPEN_to_PR_Open
- * Translate JAR_FOPEN arguments to PR_Open arguments
- */
-PRFileDesc*
-JAR_FOPEN_to_PR_Open(const char* name, const char *mode)
-{
-
- PRIntn prflags=0, prmode=0;
-
- /* Get read/write flags */
- if(strchr(mode, 'r') && !strchr(mode, '+')) {
- prflags |= PR_RDONLY;
- } else if( (strchr(mode, 'w') || strchr(mode, 'a')) &&
- !strchr(mode,'+') ) {
- prflags |= PR_WRONLY;
- } else {
- prflags |= PR_RDWR;
- }
-
- /* Create a new file? */
- if(strchr(mode, 'w') || strchr(mode, 'a')) {
- prflags |= PR_CREATE_FILE;
- }
-
- /* Append? */
- if(strchr(mode, 'a')) {
- prflags |= PR_APPEND;
- }
-
- /* Truncate? */
- if(strchr(mode, 'w')) {
- prflags |= PR_TRUNCATE;
- }
-
- /* We can't do umask because it isn't XP. Choose some default
- mode for created files */
- prmode = 0755;
-
- return PR_Open(name, prflags, prmode);
-}
diff --git a/security/nss/lib/jar/jarint.h b/security/nss/lib/jar/jarint.h
deleted file mode 100644
index 7baa4f3f1..000000000
--- a/security/nss/lib/jar/jarint.h
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* JAR internal routines */
-
-#include "nspr.h"
-
-/* definitely required */
-/*#include "certdb.h" */
-#include "key.h"
-#include "base64.h"
-
-extern CERTCertDBHandle *JAR_open_database (void);
-
-extern int JAR_close_database (CERTCertDBHandle *certdb);
-
-extern int jar_close_key_database (void *keydb);
-
-extern void *jar_open_key_database (void);
-
-extern JAR_Signer *JAR_new_signer (void);
-
-extern void JAR_destroy_signer (JAR_Signer *signer);
-
-extern JAR_Signer *jar_get_signer (JAR *jar, char *basename);
-
-extern int jar_append (ZZList *list, int type,
- char *pathname, void *data, size_t size);
-
-/* Translate fopen mode arg to PR_Open flags and mode */
-PRFileDesc*
-JAR_FOPEN_to_PR_Open(const char *name, const char *mode);
-
-
-#define ADDITEM(list,type,pathname,data,size) \
- { int err; err = jar_append (list, type, pathname, data, size); \
- if (err < 0) return err; }
-
-/* Here is some ugliness in the event it is necessary to link
- with NSPR 1.0 libraries, which do not include an FSEEK. It is
- difficult to fudge an FSEEK into 1.0 so we use stdio. */
-
-/* stdio */
-#if 0
-#define JAR_FILE FILE *
-#define JAR_FOPEN(fn,mode) fopen(fn,mode)
-#define JAR_FCLOSE fclose
-#define JAR_FSEEK fseek
-#define JAR_FREAD(fp,buf,siz) fread(buf,1,siz,fp)
-#define JAR_FWRITE(fp,buf,siz) fwrite(buf,1,siz,fp)
-#endif
-
-#if 0
-/* nspr 1.0 suite */
-#define JAR_FILE PRFileHandle
-#define JAR_FOPEN(fn,mode) PR_OpenFile(fn,0,mode)
-#define JAR_FCLOSE PR_CLOSE
-#define JAR_FSEEK (no-equivalent)
-#define JAR_FREAD PR_READ
-#define JAR_FWRITE PR_WRITE
-#endif
-
-/* nspr 2.0 suite */
-#define JAR_FILE PRFileDesc *
-/* #define JAR_FOPEN(fn,mode) PR_Open(fn,0,0) */
-#define JAR_FOPEN(fn,mode) JAR_FOPEN_to_PR_Open(fn,mode)
-#define JAR_FCLOSE PR_Close
-#define JAR_FSEEK PR_Seek
-#define JAR_FREAD PR_Read
-#define JAR_FWRITE PR_Write
-
-#if 0
-/* nav XP suite, note argument order */
-#define JAR_FILE XP_File
-#define JAR_FOPEN(fn,mode) XP_FileOpen(fn,xpURL,mode)
-#define JAR_FCLOSE XP_FileClose
-#define JAR_FSEEK XP_FileSeek
-#define JAR_FREAD(fp,buf,siz) XP_FileRead(buf,siz,fp)
-#define JAR_FWRITE(fp,buf,siz) XP_FileWrite(buf,siz,fp)
-#endif
-
-int jar_create_pk7
- (CERTCertDBHandle *certdb, void *keydb,
- CERTCertificate *cert, char *password, JAR_FILE infp,
- JAR_FILE outfp);
-
diff --git a/security/nss/lib/jar/jarjart.c b/security/nss/lib/jar/jarjart.c
deleted file mode 100644
index 4b344c0f2..000000000
--- a/security/nss/lib/jar/jarjart.c
+++ /dev/null
@@ -1,354 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARJART
- *
- * JAR functions used by Jartool
- */
-
-/* This allows manifest files above 64k to be
- processed on non-win16 platforms */
-
-#include "jar.h"
-#include "jarint.h"
-#include "jarjart.h"
-#include "blapi.h" /* JAR is supposed to be above the line!! */
-#include "pk11func.h" /* PK11 wrapper funcs are all above the line. */
-
-/* from certdb.h */
-#define CERTDB_USER (1<<6)
-
-#if 0
-/* from certdb.h */
-typedef SECStatus (* PermCertCallback)(CERTCertificate *cert, SECItem *k, void *pdata);
-/* from certdb.h */
-SECStatus SEC_TraversePermCerts
- (CERTCertDBHandle *handle, PermCertCallback certfunc, void *udata);
-#endif
-
-/*
- * S O B _ l i s t _ c e r t s
- *
- * Return a list of newline separated certificate nicknames
- * (this function used by the Jartool)
- *
- */
-
-static SECStatus jar_list_cert_callback
- (CERTCertificate *cert, SECItem *k, void *data)
- {
- char *name;
- char **ugly_list;
-
- int trusted;
-
- ugly_list = (char **) data;
-
- if (cert && cert->dbEntry)
- {
- /* name = cert->dbEntry->nickname; */
- name = cert->nickname;
-
- trusted = cert->trust->objectSigningFlags & CERTDB_USER;
-
- /* Add this name or email to list */
-
- if (name && trusted)
- {
- *ugly_list = (char*)PORT_Realloc
- (*ugly_list, PORT_Strlen (*ugly_list) + PORT_Strlen (name) + 2);
-
- if (*ugly_list)
- {
- if (**ugly_list)
- PORT_Strcat (*ugly_list, "\n");
-
- PORT_Strcat (*ugly_list, name);
- }
- }
- }
-
- return (SECSuccess);
- }
-
-/*
- * S O B _ J A R _ l i s t _ c e r t s
- *
- * Return a linfeed separated ascii list of certificate
- * nicknames for the Jartool.
- *
- */
-
-char *JAR_JAR_list_certs (void)
- {
- SECStatus status = SECFailure;
- CERTCertDBHandle *certdb;
-
- char *ugly_list;
-
- certdb = JAR_open_database();
-
- /* a little something */
- ugly_list = (char*)PORT_ZAlloc (16);
-
- if (ugly_list)
- {
- *ugly_list = 0;
-
- status = SEC_TraversePermCerts
- (certdb, jar_list_cert_callback, (void *) &ugly_list);
- }
-
- JAR_close_database (certdb);
-
- return (status != SECSuccess) ? NULL : ugly_list;
- }
-
-int JAR_JAR_validate_archive (char *filename)
- {
- JAR *jar;
- int status = -1;
-
- jar = JAR_new();
-
- if (jar)
- {
- status = JAR_pass_archive (jar, jarArchGuess, filename, "");
-
- if (status == 0)
- status = jar->valid;
-
- JAR_destroy (jar);
- }
-
- return status;
- }
-
-char *JAR_JAR_get_error (int status)
- {
- return JAR_get_error (status);
- }
-
-/*
- * S O B _ J A R _ h a s h
- *
- * Hash algorithm interface for use by the Jartool. Since we really
- * don't know the private sizes of the context, and Java does need to
- * know this number, allocate 512 bytes for it.
- *
- * In april 1997 hashes in this file were changed to call PKCS11,
- * as FIPS requires that when a smartcard has failed validation,
- * hashes are not to be performed. But because of the difficulty of
- * preserving pointer context between calls to the JAR_JAR hashing
- * functions, the hash routines are called directly, though after
- * checking to see if hashing is allowed.
- *
- */
-
-void *JAR_JAR_new_hash (int alg)
- {
- void *context;
-
- MD5Context *md5;
- SHA1Context *sha1;
-
- /* this is a hack because this whole PORT_ZAlloc stuff looks scary */
-
- if (!PK11_HashOK (alg == 1 ? SEC_OID_MD5 : SEC_OID_SHA1))
- return NULL;
-
- context = PORT_ZAlloc (512);
-
- if (context)
- {
- switch (alg)
- {
- case 1: /* MD5 */
- md5 = (MD5Context *) context;
- MD5_Begin (md5);
- break;
-
- case 2: /* SHA1 */
- sha1 = (SHA1Context *) context;
- SHA1_Begin (sha1);
- break;
- }
- }
-
- return context;
- }
-
-void *JAR_JAR_hash (int alg, void *cookie, int length, void *data)
- {
- MD5Context *md5;
- SHA1Context *sha1;
-
- /* this is a hack because this whole PORT_ZAlloc stuff looks scary */
-
- if (!PK11_HashOK (alg == 1 ? SEC_OID_MD5 : SEC_OID_SHA1))
- return NULL;
-
- if (length > 0)
- {
- switch (alg)
- {
- case 1: /* MD5 */
- md5 = (MD5Context *) cookie;
- MD5_Update (md5, (unsigned char*)data, length);
- break;
-
- case 2: /* SHA1 */
- sha1 = (SHA1Context *) cookie;
- SHA1_Update (sha1, (unsigned char*)data, length);
- break;
- }
- }
-
- return cookie;
- }
-
-void *JAR_JAR_end_hash (int alg, void *cookie)
- {
- int length;
- unsigned char *data;
- char *ascii;
-
- MD5Context *md5;
- SHA1Context *sha1;
-
- unsigned int md5_length;
- unsigned char md5_digest [MD5_LENGTH];
-
- unsigned int sha1_length;
- unsigned char sha1_digest [SHA1_LENGTH];
-
- /* this is a hack because this whole PORT_ZAlloc stuff looks scary */
-
- if (!PK11_HashOK (alg == 1 ? SEC_OID_MD5 : SEC_OID_SHA1))
- return NULL;
-
- switch (alg)
- {
- case 1: /* MD5 */
-
- md5 = (MD5Context *) cookie;
-
- MD5_End (md5, md5_digest, &md5_length, MD5_LENGTH);
- /* MD5_DestroyContext (md5, PR_TRUE); */
-
- data = md5_digest;
- length = md5_length;
-
- break;
-
- case 2: /* SHA1 */
-
- sha1 = (SHA1Context *) cookie;
-
- SHA1_End (sha1, sha1_digest, &sha1_length, SHA1_LENGTH);
- /* SHA1_DestroyContext (sha1, PR_TRUE); */
-
- data = sha1_digest;
- length = sha1_length;
-
- break;
-
- default: return NULL;
- }
-
- /* Instead of destroy context, since we created it */
- /* PORT_Free (cookie); */
-
- ascii = BTOA_DataToAscii(data, length);
-
- return ascii ? PORT_Strdup (ascii) : NULL;
- }
-
-/*
- * S O B _ J A R _ s i g n _ a r c h i v e
- *
- * A simple API to sign a JAR archive.
- *
- */
-
-int JAR_JAR_sign_archive
- (char *nickname, char *password, char *sf, char *outsig)
- {
- char *out_fn;
-
- int status = JAR_ERR_GENERAL;
- JAR_FILE sf_fp;
- JAR_FILE out_fp;
-
- CERTCertDBHandle *certdb;
- void *keydb;
-
- CERTCertificate *cert;
-
- /* open cert and key databases */
-
- certdb = JAR_open_database();
- if (certdb == NULL)
- return JAR_ERR_GENERAL;
-
- keydb = jar_open_key_database();
- if (keydb == NULL)
- return JAR_ERR_GENERAL;
-
- out_fn = PORT_Strdup (sf);
-
- if (out_fn == NULL || PORT_Strlen (sf) < 5)
- return JAR_ERR_GENERAL;
-
- sf_fp = JAR_FOPEN (sf, "rb");
- out_fp = JAR_FOPEN (outsig, "wb");
-
- cert = CERT_FindCertByNickname (certdb, nickname);
-
- if (cert && sf_fp && out_fp)
- {
- status = jar_create_pk7 (certdb, keydb, cert, password, sf_fp, out_fp);
- }
-
- /* remove password from prying eyes */
- PORT_Memset (password, 0, PORT_Strlen (password));
-
- JAR_FCLOSE (sf_fp);
- JAR_FCLOSE (out_fp);
-
- JAR_close_database (certdb);
- jar_close_key_database (keydb);
-
- return status;
- }
diff --git a/security/nss/lib/jar/jarjart.h b/security/nss/lib/jar/jarjart.h
deleted file mode 100644
index bb4596e90..000000000
--- a/security/nss/lib/jar/jarjart.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * jarjart.h
- *
- * Functions for the Jartool, which is written in Java and
- * requires wrappers located elsewhere in the client.
- *
- * Do not call these unless you are the Jartool, no matter
- * how convenient they may appear.
- *
- */
-
-#ifndef _JARJART_H_
-#define _JARJART_H_
-
-/* return a list of certificate nicknames, separated by \n's */
-extern char *JAR_JAR_list_certs (void);
-
-/* validate archive, simple api */
-extern int JAR_JAR_validate_archive (char *filename);
-
-/* begin hash */
-extern void *JAR_JAR_new_hash (int alg);
-
-/* hash a streaming pile */
-extern void *JAR_JAR_hash (int alg, void *cookie, int length, void *data);
-
-/* end hash */
-extern void *JAR_JAR_end_hash (int alg, void *cookie);
-
-/* sign the archive (given an .SF file) with the given cert.
- The password argument is a relic, PKCS11 now handles that. */
-
-extern int JAR_JAR_sign_archive
- (char *nickname, char *password, char *sf, char *outsig);
-
-/* convert status to text */
-extern char *JAR_JAR_get_error (int status);
-
-#endif
diff --git a/security/nss/lib/jar/jarnav.c b/security/nss/lib/jar/jarnav.c
deleted file mode 100644
index 865ded5da..000000000
--- a/security/nss/lib/jar/jarnav.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARNAV.C
- *
- * JAR stuff needed for client only.
- *
- */
-
-#include "jar.h"
-#include "jarint.h"
-
-/* from proto.h */
-#ifdef MOZILLA_CLIENT_OLD
-extern MWContext *XP_FindSomeContext(void);
-#endif
-
-/* sigh */
-extern MWContext *FE_GetInitContext(void);
-
-/* To return an MWContext for Java */
-static MWContext *(*jar_fn_FindSomeContext) (void) = NULL;
-
-/* To fabricate an MWContext for FE_GetPassword */
-static MWContext *(*jar_fn_GetInitContext) (void) = NULL;
-
-/*
- * J A R _ i n i t
- *
- * Initialize the JAR functions.
- *
- */
-
-void JAR_init (void)
- {
-#ifdef MOZILLA_CLIENT_OLD
- JAR_init_callbacks (XP_GetString, XP_FindSomeContext, FE_GetInitContext);
-#else
- JAR_init_callbacks (XP_GetString, NULL, NULL);
-#endif
- }
-
-/*
- * J A R _ s e t _ c o n t e x t
- *
- * Set the jar window context for use by PKCS11, since
- * it may be needed to prompt the user for a password.
- *
- */
-
-int JAR_set_context (JAR *jar, MWContext *mw)
- {
- if (mw)
- {
- jar->mw = mw;
- }
- else
- {
- /* jar->mw = XP_FindSomeContext(); */
- jar->mw = NULL;
-
- /*
- * We can't find a context because we're in startup state and none
- * exist yet. go get an FE_InitContext that only works at initialization
- * time.
- */
-
- /* Turn on the mac when we get the FE_ function */
- if (jar->mw == NULL)
- {
- jar->mw = jar_fn_GetInitContext();
- }
- }
-
- return 0;
- }
diff --git a/security/nss/lib/jar/jarsign.c b/security/nss/lib/jar/jarsign.c
deleted file mode 100644
index 5ff7d55de..000000000
--- a/security/nss/lib/jar/jarsign.c
+++ /dev/null
@@ -1,371 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARSIGN
- *
- * Routines used in signing archives.
- */
-
-
-#define USE_MOZ_THREAD
-
-#include "jar.h"
-#include "jarint.h"
-
-#ifdef USE_MOZ_THREAD
-#include "jarevil.h"
-#endif
-
-#include "pk11func.h"
-#include "sechash.h"
-
-/* from libevent.h */
-typedef void (*ETVoidPtrFunc) (void * data);
-
-#ifdef MOZILLA_CLIENT_OLD
-
-extern void ET_moz_CallFunction (ETVoidPtrFunc fn, void *data);
-
-/* from proto.h */
-/* extern MWContext *XP_FindSomeContext(void); */
-extern void *XP_FindSomeContext(void);
-
-#endif
-
-/* key database wrapper */
-
-/* static SECKEYKeyDBHandle *jar_open_key_database (void); */
-
-/* CHUNQ is our bite size */
-
-#define CHUNQ 64000
-#define FILECHUNQ 32768
-
-/*
- * J A R _ c a l c u l a t e _ d i g e s t
- *
- * Quick calculation of a digest for
- * the specified block of memory. Will calculate
- * for all supported algorithms, now MD5.
- *
- * This version supports huge pointers for WIN16.
- *
- */
-
-JAR_Digest * PR_CALLBACK JAR_calculate_digest (void ZHUGEP *data, long length)
- {
- long chunq;
- JAR_Digest *dig;
-
- unsigned int md5_length, sha1_length;
-
- PK11Context *md5 = 0;
- PK11Context *sha1 = 0;
-
- dig = (JAR_Digest *) PORT_ZAlloc (sizeof (JAR_Digest));
-
- if (dig == NULL)
- {
- /* out of memory allocating digest */
- return NULL;
- }
-
-#if defined(XP_WIN16)
- PORT_Assert ( !IsBadHugeReadPtr(data, length) );
-#endif
-
- md5 = PK11_CreateDigestContext (SEC_OID_MD5);
- sha1 = PK11_CreateDigestContext (SEC_OID_SHA1);
-
- if (length >= 0)
- {
- PK11_DigestBegin (md5);
- PK11_DigestBegin (sha1);
-
- do {
- chunq = length;
-
-#ifdef XP_WIN16
- if (length > CHUNQ) chunq = CHUNQ;
-
- /*
- * If the block of data crosses one or more segment
- * boundaries then only pass the chunk of data in the
- * first segment.
- *
- * This allows the data to be treated as FAR by the
- * PK11_DigestOp(...) routine.
- *
- */
-
- if (OFFSETOF(data) + chunq >= 0x10000)
- chunq = 0x10000 - OFFSETOF(data);
-#endif
-
- PK11_DigestOp (md5, (unsigned char*)data, chunq);
- PK11_DigestOp (sha1, (unsigned char*)data, chunq);
-
- length -= chunq;
- data = ((char ZHUGEP *) data + chunq);
- }
- while (length > 0);
-
- PK11_DigestFinal (md5, dig->md5, &md5_length, MD5_LENGTH);
- PK11_DigestFinal (sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
-
- PK11_DestroyContext (md5, PR_TRUE);
- PK11_DestroyContext (sha1, PR_TRUE);
- }
-
- return dig;
- }
-
-/*
- * J A R _ d i g e s t _ f i l e
- *
- * Calculates the MD5 and SHA1 digests for a file
- * present on disk, and returns these in JAR_Digest struct.
- *
- */
-
-int JAR_digest_file (char *filename, JAR_Digest *dig)
- {
- JAR_FILE fp;
-
- int num;
- unsigned char *buf;
-
- PK11Context *md5 = 0;
- PK11Context *sha1 = 0;
-
- unsigned int md5_length, sha1_length;
-
- buf = (unsigned char *) PORT_ZAlloc (FILECHUNQ);
- if (buf == NULL)
- {
- /* out of memory */
- return JAR_ERR_MEMORY;
- }
-
- if ((fp = JAR_FOPEN (filename, "rb")) == 0)
- {
- /* perror (filename); FIX XXX XXX XXX XXX XXX XXX */
- PORT_Free (buf);
- return JAR_ERR_FNF;
- }
-
- md5 = PK11_CreateDigestContext (SEC_OID_MD5);
- sha1 = PK11_CreateDigestContext (SEC_OID_SHA1);
-
- if (md5 == NULL || sha1 == NULL)
- {
- /* can't generate digest contexts */
- PORT_Free (buf);
- JAR_FCLOSE (fp);
- return JAR_ERR_GENERAL;
- }
-
- PK11_DigestBegin (md5);
- PK11_DigestBegin (sha1);
-
- while (1)
- {
- if ((num = JAR_FREAD (fp, buf, FILECHUNQ)) == 0)
- break;
-
- PK11_DigestOp (md5, buf, num);
- PK11_DigestOp (sha1, buf, num);
- }
-
- PK11_DigestFinal (md5, dig->md5, &md5_length, MD5_LENGTH);
- PK11_DigestFinal (sha1, dig->sha1, &sha1_length, SHA1_LENGTH);
-
- PK11_DestroyContext (md5, PR_TRUE);
- PK11_DestroyContext (sha1, PR_TRUE);
-
- PORT_Free (buf);
- JAR_FCLOSE (fp);
-
- return 0;
- }
-
-/*
- * J A R _ o p e n _ k e y _ d a t a b a s e
- *
- */
-
-void* jar_open_key_database (void)
- {
- return NULL;
- }
-
-int jar_close_key_database (void *keydb)
- {
- /* We never do close it */
- return 0;
- }
-
-
-/*
- * j a r _ c r e a t e _ p k 7
- *
- */
-
-static void jar_pk7_out (void *arg, const char *buf, unsigned long len)
- {
- JAR_FWRITE ((JAR_FILE) arg, buf, len);
- }
-
-int jar_create_pk7
- (CERTCertDBHandle *certdb, void *keydb,
- CERTCertificate *cert, char *password, JAR_FILE infp, JAR_FILE outfp)
- {
- int nb;
- unsigned char buffer [4096], digestdata[32];
- const SECHashObject *hashObj;
- void *hashcx;
- unsigned int len;
-
- int status = 0;
- char *errstring;
-
- SECItem digest;
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- void /*MWContext*/ *mw;
-
- if (outfp == NULL || infp == NULL || cert == NULL)
- return JAR_ERR_GENERAL;
-
- /* we sign with SHA */
- hashObj = HASH_GetHashObject(HASH_AlgSHA1);
-
- hashcx = (* hashObj->create)();
- if (hashcx == NULL)
- return JAR_ERR_GENERAL;
-
- (* hashObj->begin)(hashcx);
-
- while (1)
- {
- /* nspr2.0 doesn't support feof
- if (feof (infp)) break; */
-
- nb = JAR_FREAD (infp, buffer, sizeof (buffer));
- if (nb == 0)
- {
-#if 0
- if (ferror(infp))
- {
- /* PORT_SetError(SEC_ERROR_IO); */ /* FIX */
- (* hashObj->destroy) (hashcx, PR_TRUE);
- return JAR_ERR_GENERAL;
- }
-#endif
- /* eof */
- break;
- }
- (* hashObj->update) (hashcx, buffer, nb);
- }
-
- (* hashObj->end) (hashcx, digestdata, &len, 32);
- (* hashObj->destroy) (hashcx, PR_TRUE);
-
- digest.data = digestdata;
- digest.len = len;
-
- /* signtool must use any old context it can find since it's
- calling from inside javaland. */
-
-#ifdef MOZILLA_CLIENT_OLD
- mw = XP_FindSomeContext();
-#else
- mw = NULL;
-#endif
-
- PORT_SetError (0);
-
- cinfo = SEC_PKCS7CreateSignedData
- (cert, certUsageObjectSigner, NULL,
- SEC_OID_SHA1, &digest, NULL, (void *) mw);
-
- if (cinfo == NULL)
- return JAR_ERR_PK7;
-
- rv = SEC_PKCS7IncludeCertChain (cinfo, NULL);
- if (rv != SECSuccess)
- {
- status = PORT_GetError();
- SEC_PKCS7DestroyContentInfo (cinfo);
- return status;
- }
-
- /* Having this here forces signtool to always include
- signing time. */
-
- rv = SEC_PKCS7AddSigningTime (cinfo);
- if (rv != SECSuccess)
- {
- /* don't check error */
- }
-
- PORT_SetError (0);
-
-#ifdef USE_MOZ_THREAD
- /* if calling from mozilla */
- rv = jar_moz_encode
- (cinfo, jar_pk7_out, outfp,
- NULL, /* pwfn */ NULL, /* pwarg */ (void *) mw);
-#else
- /* if calling from mozilla thread*/
- rv = SEC_PKCS7Encode
- (cinfo, jar_pk7_out, outfp,
- NULL, /* pwfn */ NULL, /* pwarg */ (void *) mw):
-#endif
-
- if (rv != SECSuccess)
- status = PORT_GetError();
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- if (rv != SECSuccess)
- {
- errstring = JAR_get_error (status);
- /*XP_TRACE (("Jar signing failed (reason %d = %s)", status, errstring));*/
- return status < 0 ? status : JAR_ERR_GENERAL;
- }
-
- return 0;
- }
diff --git a/security/nss/lib/jar/jarver.c b/security/nss/lib/jar/jarver.c
deleted file mode 100644
index af1a28328..000000000
--- a/security/nss/lib/jar/jarver.c
+++ /dev/null
@@ -1,2032 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * JARVER
- *
- * Jarnature Parsing & Verification
- */
-
-#define USE_MOZ_THREAD
-
-#include "jar.h"
-#include "jarint.h"
-
-#ifdef USE_MOZ_THREAD
-#include "jarevil.h"
-#endif
-/*#include "cdbhdl.h" */
-#include "secder.h"
-
-/* to use huge pointers in win16 */
-
-#if !defined(XP_WIN16)
-#define xp_HUGE_MEMCPY PORT_Memcpy
-#define xp_HUGE_STRCPY PORT_Strcpy
-#define xp_HUGE_STRLEN PORT_Strlen
-#define xp_HUGE_STRNCASECMP PORT_Strncasecmp
-#else
-#define xp_HUGE_MEMCPY hmemcpy
-int xp_HUGE_STRNCASECMP (char ZHUGEP *buf, char *key, int len);
-size_t xp_HUGE_STRLEN (char ZHUGEP *s);
-char *xp_HUGE_STRCPY (char *to, char ZHUGEP *from);
-#endif
-
-/* from certdb.h */
-#define CERTDB_USER (1<<6)
-
-#if 0
-/* from certdb.h */
-extern PRBool SEC_CertNicknameConflict
- (char *nickname, CERTCertDBHandle *handle);
-/* from certdb.h */
-extern SECStatus SEC_AddTempNickname
- (CERTCertDBHandle *handle, char *nickname, SECItem *certKey);
-/* from certdb.h */
-typedef SECStatus (* PermCertCallback)(CERTCertificate *cert, SECItem *k, void *pdata);
-
-/* from certdb.h */
-SECStatus SEC_TraversePermCerts
- (CERTCertDBHandle *handle, PermCertCallback certfunc, void *udata);
-#endif
-
-
-
-#define SZ 512
-
-static int jar_validate_pkcs7
- (JAR *jar, JAR_Signer *signer, char *data, long length);
-
-static void jar_catch_bytes
- (void *arg, const char *buf, unsigned long len);
-
-static int jar_gather_signers
- (JAR *jar, JAR_Signer *signer, SEC_PKCS7ContentInfo *cinfo);
-
-static char ZHUGEP *jar_eat_line
- (int lines, int eating, char ZHUGEP *data, long *len);
-
-static JAR_Digest *jar_digest_section
- (char ZHUGEP *manifest, long length);
-
-static JAR_Digest *jar_get_mf_digest (JAR *jar, char *path);
-
-static int jar_parse_digital_signature
- (char *raw_manifest, JAR_Signer *signer, long length, JAR *jar);
-
-static int jar_add_cert
- (JAR *jar, JAR_Signer *signer, int type, CERTCertificate *cert);
-
-static CERTCertificate *jar_get_certificate
- (JAR *jar, long keylen, void *key, int *result);
-
-static char *jar_cert_element (char *name, char *tag, int occ);
-
-static char *jar_choose_nickname (CERTCertificate *cert);
-
-static char *jar_basename (const char *path);
-
-static int jar_signal
- (int status, JAR *jar, const char *metafile, char *pathname);
-
-#ifdef DEBUG
-static int jar_insanity_check (char ZHUGEP *data, long length);
-#endif
-
-int jar_parse_mf
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url);
-
-int jar_parse_sf
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url);
-
-int jar_parse_sig
- (JAR *jar, const char *path, char ZHUGEP *raw_manifest, long length);
-
-int jar_parse_any
- (JAR *jar, int type, JAR_Signer *signer, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url);
-
-static int jar_internal_digest
- (JAR *jar, const char *path, char *x_name, JAR_Digest *dig);
-
-/*
- * J A R _ p a r s e _ m a n i f e s t
- *
- * Pass manifest files to this function. They are
- * decoded and placed into internal representations.
- *
- * Accepts both signature and manifest files. Use
- * the same "jar" for both.
- *
- */
-
-int JAR_parse_manifest
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url)
- {
-
-#if defined(XP_WIN16)
- PORT_Assert( !IsBadHugeReadPtr(raw_manifest, length) );
-#endif
-
- /* fill in the path, if supplied. This is a the location
- of the jar file on disk, if known */
-
- if (jar->filename == NULL && path)
- {
- jar->filename = PORT_Strdup (path);
- if (jar->filename == NULL)
- return JAR_ERR_MEMORY;
- }
-
- /* fill in the URL, if supplied. This is the place
- from which the jar file was retrieved. */
-
- if (jar->url == NULL && url)
- {
- jar->url = PORT_Strdup (url);
- if (jar->url == NULL)
- return JAR_ERR_MEMORY;
- }
-
- /* Determine what kind of file this is from the META-INF
- directory. It could be MF, SF, or a binary RSA/DSA file */
-
- if (!xp_HUGE_STRNCASECMP (raw_manifest, "Manifest-Version:", 17))
- {
- return jar_parse_mf (jar, raw_manifest, length, path, url);
- }
- else if (!xp_HUGE_STRNCASECMP (raw_manifest, "Signature-Version:", 18))
- {
- return jar_parse_sf (jar, raw_manifest, length, path, url);
- }
- else
- {
- /* This is probably a binary signature */
- return jar_parse_sig (jar, path, raw_manifest, length);
- }
- }
-
-/*
- * j a r _ p a r s e _ s i g
- *
- * Pass some manner of RSA or DSA digital signature
- * on, after checking to see if it comes at an appropriate state.
- *
- */
-
-int jar_parse_sig
- (JAR *jar, const char *path, char ZHUGEP *raw_manifest, long length)
- {
- JAR_Signer *signer;
- int status = JAR_ERR_ORDER;
-
- if (length <= 128)
- {
- /* signature is way too small */
- return JAR_ERR_SIG;
- }
-
- /* make sure that MF and SF have already been processed */
-
- if (jar->globalmeta == NULL)
- return JAR_ERR_ORDER;
-
-#if 0
- /* XXX Turn this on to disable multiple signers */
- if (jar->digest == NULL)
- return JAR_ERR_ORDER;
-#endif
-
- /* Determine whether or not this RSA file has
- has an associated SF file */
-
- if (path)
- {
- char *owner;
- owner = jar_basename (path);
-
- if (owner == NULL)
- return JAR_ERR_MEMORY;
-
- signer = jar_get_signer (jar, owner);
-
- PORT_Free (owner);
- }
- else
- signer = jar_get_signer (jar, "*");
-
- if (signer == NULL)
- return JAR_ERR_ORDER;
-
-
- /* Do not pass a huge pointer to this function,
- since the underlying security code is unaware. We will
- never pass >64k through here. */
-
- if (length > 64000)
- {
- /* this digital signature is way too big */
- return JAR_ERR_SIG;
- }
-
-#ifdef XP_WIN16
- /*
- * For Win16, copy the portion of the raw_buffer containing the digital
- * signature into another buffer... This insures that the data will
- * NOT cross a segment boundary. Therefore,
- * jar_parse_digital_signature(...) does NOT need to deal with HUGE
- * pointers...
- */
-
- {
- unsigned char *manifest_copy;
-
- manifest_copy = (unsigned char *) PORT_ZAlloc (length);
- if (manifest_copy)
- {
- xp_HUGE_MEMCPY (manifest_copy, raw_manifest, length);
-
- status = jar_parse_digital_signature
- (manifest_copy, signer, length, jar);
-
- PORT_Free (manifest_copy);
- }
- else
- {
- /* out of memory */
- return JAR_ERR_MEMORY;
- }
- }
-#else
- /* don't expense unneeded calloc overhead on non-win16 */
- status = jar_parse_digital_signature
- (raw_manifest, signer, length, jar);
-#endif
-
- return status;
- }
-
-/*
- * j a r _ p a r s e _ m f
- *
- * Parse the META-INF/manifest.mf file, whose
- * information applies to all signers.
- *
- */
-
-int jar_parse_mf
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url)
- {
- if (jar->globalmeta)
- {
- /* refuse a second manifest file, if passed for some reason */
- return JAR_ERR_ORDER;
- }
-
-
- /* remember a digest for the global section */
-
- jar->globalmeta = jar_digest_section (raw_manifest, length);
-
- if (jar->globalmeta == NULL)
- return JAR_ERR_MEMORY;
-
-
- return jar_parse_any
- (jar, jarTypeMF, NULL, raw_manifest, length, path, url);
- }
-
-/*
- * j a r _ p a r s e _ s f
- *
- * Parse META-INF/xxx.sf, a digitally signed file
- * pointing to a subset of MF sections.
- *
- */
-
-int jar_parse_sf
- (JAR *jar, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url)
- {
- JAR_Signer *signer = NULL;
- int status = JAR_ERR_MEMORY;
-
- if (jar->globalmeta == NULL)
- {
- /* It is a requirement that the MF file be passed before the SF file */
- return JAR_ERR_ORDER;
- }
-
- signer = JAR_new_signer();
-
- if (signer == NULL)
- goto loser;
-
- if (path)
- {
- signer->owner = jar_basename (path);
- if (signer->owner == NULL)
- goto loser;
- }
-
-
- /* check for priors. When someone doctors a jar file
- to contain identical path entries, prevent the second
- one from affecting JAR functions */
-
- if (jar_get_signer (jar, signer->owner))
- {
- /* someone is trying to spoof us */
- status = JAR_ERR_ORDER;
- goto loser;
- }
-
-
- /* remember its digest */
-
- signer->digest = JAR_calculate_digest (raw_manifest, length);
-
- if (signer->digest == NULL)
- goto loser;
-
- /* Add this signer to the jar */
-
- ADDITEM (jar->signers, jarTypeOwner,
- signer->owner, signer, sizeof (JAR_Signer));
-
-
- return jar_parse_any
- (jar, jarTypeSF, signer, raw_manifest, length, path, url);
-
-loser:
-
- if (signer)
- JAR_destroy_signer (signer);
-
- return status;
- }
-
-/*
- * j a r _ p a r s e _ a n y
- *
- * Parse a MF or SF manifest file.
- *
- */
-
-int jar_parse_any
- (JAR *jar, int type, JAR_Signer *signer, char ZHUGEP *raw_manifest,
- long length, const char *path, const char *url)
- {
- int status;
-
- long raw_len;
-
- JAR_Digest *dig, *mfdig = NULL;
-
- char line [SZ];
- char x_name [SZ], x_md5 [SZ], x_sha [SZ];
-
- char *x_info;
-
- char *sf_md5 = NULL, *sf_sha1 = NULL;
-
- *x_name = 0;
- *x_md5 = 0;
- *x_sha = 0;
-
- PORT_Assert( length > 0 );
- raw_len = length;
-
-#ifdef DEBUG
- if ((status = jar_insanity_check (raw_manifest, raw_len)) < 0)
- return status;
-#endif
-
-
- /* null terminate the first line */
- raw_manifest = jar_eat_line (0, PR_TRUE, raw_manifest, &raw_len);
-
-
- /* skip over the preliminary section */
- /* This is one section at the top of the file with global metainfo */
-
- while (raw_len)
- {
- JAR_Metainfo *met;
-
- raw_manifest = jar_eat_line (1, PR_TRUE, raw_manifest, &raw_len);
- if (!*raw_manifest) break;
-
- met = (JAR_Metainfo*)PORT_ZAlloc (sizeof (JAR_Metainfo));
- if (met == NULL)
- return JAR_ERR_MEMORY;
-
- /* Parse out the header & info */
-
- if (xp_HUGE_STRLEN (raw_manifest) >= SZ)
- {
- /* almost certainly nonsense */
- continue;
- }
-
- xp_HUGE_STRCPY (line, raw_manifest);
- x_info = line;
-
- while (*x_info && *x_info != ' ' && *x_info != '\t' && *x_info != ':')
- x_info++;
-
- if (*x_info) *x_info++ = 0;
-
- while (*x_info == ' ' || *x_info == '\t')
- x_info++;
-
- /* metainfo (name, value) pair is now (line, x_info) */
-
- met->header = PORT_Strdup (line);
- met->info = PORT_Strdup (x_info);
-
- if (type == jarTypeMF)
- {
- ADDITEM (jar->metainfo, jarTypeMeta,
- /* pathname */ NULL, met, sizeof (JAR_Metainfo));
- }
-
- /* For SF files, this metadata may be the digests
- of the MF file, still in the "met" structure. */
-
- if (type == jarTypeSF)
- {
- if (!PORT_Strcasecmp (line, "MD5-Digest"))
- sf_md5 = (char *) met->info;
-
- if (!PORT_Strcasecmp (line, "SHA1-Digest") || !PORT_Strcasecmp (line, "SHA-Digest"))
- sf_sha1 = (char *) met->info;
- }
- }
-
- if (type == jarTypeSF && jar->globalmeta)
- {
- /* this is a SF file which may contain a digest of the manifest.mf's
- global metainfo. */
-
- int match = 0;
- JAR_Digest *glob = jar->globalmeta;
-
- if (sf_md5)
- {
- unsigned int md5_length;
- unsigned char *md5_digest;
-
- md5_digest = ATOB_AsciiToData (sf_md5, &md5_length);
- PORT_Assert( md5_length == MD5_LENGTH );
-
- if (md5_length != MD5_LENGTH)
- return JAR_ERR_CORRUPT;
-
- match = PORT_Memcmp (md5_digest, glob->md5, MD5_LENGTH);
- }
-
- if (sf_sha1 && match == 0)
- {
- unsigned int sha1_length;
- unsigned char *sha1_digest;
-
- sha1_digest = ATOB_AsciiToData (sf_sha1, &sha1_length);
- PORT_Assert( sha1_length == SHA1_LENGTH );
-
- if (sha1_length != SHA1_LENGTH)
- return JAR_ERR_CORRUPT;
-
- match = PORT_Memcmp (sha1_digest, glob->sha1, SHA1_LENGTH);
- }
-
- if (match != 0)
- {
- /* global digest doesn't match, SF file therefore invalid */
- jar->valid = JAR_ERR_METADATA;
- return JAR_ERR_METADATA;
- }
- }
-
- /* done with top section of global data */
-
-
- while (raw_len)
- {
- *x_md5 = 0;
- *x_sha = 0;
- *x_name = 0;
-
-
- /* If this is a manifest file, attempt to get a digest of the following section,
- without damaging it. This digest will be saved later. */
-
- if (type == jarTypeMF)
- {
- char ZHUGEP *sec;
- long sec_len = raw_len;
-
- if (!*raw_manifest || *raw_manifest == '\n')
- {
- /* skip the blank line */
- sec = jar_eat_line (1, PR_FALSE, raw_manifest, &sec_len);
- }
- else
- sec = raw_manifest;
-
- if (!xp_HUGE_STRNCASECMP (sec, "Name:", 5))
- {
- if (type == jarTypeMF)
- mfdig = jar_digest_section (sec, sec_len);
- else
- mfdig = NULL;
- }
- }
-
-
- while (raw_len)
- {
- raw_manifest = jar_eat_line (1, PR_TRUE, raw_manifest, &raw_len);
- if (!*raw_manifest) break; /* blank line, done with this entry */
-
- if (xp_HUGE_STRLEN (raw_manifest) >= SZ)
- {
- /* almost certainly nonsense */
- continue;
- }
-
-
- /* Parse out the name/value pair */
-
- xp_HUGE_STRCPY (line, raw_manifest);
- x_info = line;
-
- while (*x_info && *x_info != ' ' && *x_info != '\t' && *x_info != ':')
- x_info++;
-
- if (*x_info) *x_info++ = 0;
-
- while (*x_info == ' ' || *x_info == '\t')
- x_info++;
-
-
- if (!PORT_Strcasecmp (line, "Name"))
- PORT_Strcpy (x_name, x_info);
-
- else if (!PORT_Strcasecmp (line, "MD5-Digest"))
- PORT_Strcpy (x_md5, x_info);
-
- else if (!PORT_Strcasecmp (line, "SHA1-Digest")
- || !PORT_Strcasecmp (line, "SHA-Digest"))
- {
- PORT_Strcpy (x_sha, x_info);
- }
-
- /* Algorithm list is meta info we don't care about; keeping it out
- of metadata saves significant space for large jar files */
-
- else if (!PORT_Strcasecmp (line, "Digest-Algorithms")
- || !PORT_Strcasecmp (line, "Hash-Algorithms"))
- {
- continue;
- }
-
- /* Meta info is only collected for the manifest.mf file,
- since the JAR_get_metainfo call does not support identity */
-
- else if (type == jarTypeMF)
- {
- JAR_Metainfo *met;
-
- /* this is meta-data */
-
- met = (JAR_Metainfo*)PORT_ZAlloc (sizeof (JAR_Metainfo));
-
- if (met == NULL)
- return JAR_ERR_MEMORY;
-
- /* metainfo (name, value) pair is now (line, x_info) */
-
- if ((met->header = PORT_Strdup (line)) == NULL)
- return JAR_ERR_MEMORY;
-
- if ((met->info = PORT_Strdup (x_info)) == NULL)
- return JAR_ERR_MEMORY;
-
- ADDITEM (jar->metainfo, jarTypeMeta,
- x_name, met, sizeof (JAR_Metainfo));
- }
- }
-
- if(!x_name || !*x_name) {
- /* Whatever that was, it wasn't an entry, because we didn't get a name.
- * We don't really have anything, so don't record this. */
- continue;
- }
-
- dig = (JAR_Digest*)PORT_ZAlloc (sizeof (JAR_Digest));
- if (dig == NULL)
- return JAR_ERR_MEMORY;
-
- if (*x_md5 )
- {
- unsigned int binary_length;
- unsigned char *binary_digest;
-
- binary_digest = ATOB_AsciiToData (x_md5, &binary_length);
- PORT_Assert( binary_length == MD5_LENGTH );
-
- if (binary_length != MD5_LENGTH)
- return JAR_ERR_CORRUPT;
-
- memcpy (dig->md5, binary_digest, MD5_LENGTH);
- dig->md5_status = jarHashPresent;
- }
-
- if (*x_sha )
- {
- unsigned int binary_length;
- unsigned char *binary_digest;
-
- binary_digest = ATOB_AsciiToData (x_sha, &binary_length);
- PORT_Assert( binary_length == SHA1_LENGTH );
-
- if (binary_length != SHA1_LENGTH)
- return JAR_ERR_CORRUPT;
-
- memcpy (dig->sha1, binary_digest, SHA1_LENGTH);
- dig->sha1_status = jarHashPresent;
- }
-
- PORT_Assert( type == jarTypeMF || type == jarTypeSF );
-
-
- if (type == jarTypeMF)
- {
- ADDITEM (jar->hashes, jarTypeMF, x_name, dig, sizeof (JAR_Digest));
- }
- else if (type == jarTypeSF)
- {
- ADDITEM (signer->sf, jarTypeSF, x_name, dig, sizeof (JAR_Digest));
- }
- else
- return JAR_ERR_ORDER;
-
- /* we're placing these calculated digests of manifest.mf
- sections in a list where they can subsequently be forgotten */
-
- if (type == jarTypeMF && mfdig)
- {
- ADDITEM (jar->manifest, jarTypeSect,
- x_name, mfdig, sizeof (JAR_Digest));
-
- mfdig = NULL;
- }
-
-
- /* Retrieve our saved SHA1 digest from saved copy and check digests.
- This is just comparing the digest of the MF section as indicated in
- the SF file with the one we remembered from parsing the MF file */
-
- if (type == jarTypeSF)
- {
- if ((status = jar_internal_digest (jar, path, x_name, dig)) < 0)
- return status;
- }
- }
-
- return 0;
- }
-
-static int jar_internal_digest
- (JAR *jar, const char *path, char *x_name, JAR_Digest *dig)
- {
- int cv;
- int status;
-
- JAR_Digest *savdig;
-
- savdig = jar_get_mf_digest (jar, x_name);
-
- if (savdig == NULL)
- {
- /* no .mf digest for this pathname */
- status = jar_signal (JAR_ERR_ENTRY, jar, path, x_name);
- if (status < 0)
- return 0; /* was continue; */
- else
- return status;
- }
-
- /* check for md5 consistency */
- if (dig->md5_status)
- {
- cv = PORT_Memcmp (savdig->md5, dig->md5, MD5_LENGTH);
- /* md5 hash of .mf file is not what expected */
- if (cv)
- {
- status = jar_signal (JAR_ERR_HASH, jar, path, x_name);
-
- /* bad hash, man */
-
- dig->md5_status = jarHashBad;
- savdig->md5_status = jarHashBad;
-
- if (status < 0)
- return 0; /* was continue; */
- else
- return status;
- }
- }
-
- /* check for sha1 consistency */
- if (dig->sha1_status)
- {
- cv = PORT_Memcmp (savdig->sha1, dig->sha1, SHA1_LENGTH);
- /* sha1 hash of .mf file is not what expected */
- if (cv)
- {
- status = jar_signal (JAR_ERR_HASH, jar, path, x_name);
-
- /* bad hash, man */
-
- dig->sha1_status = jarHashBad;
- savdig->sha1_status = jarHashBad;
-
- if (status < 0)
- return 0; /* was continue; */
- else
- return status;
- }
- }
- return 0;
- }
-
-#ifdef DEBUG
-/*
- * j a r _ i n s a n i t y _ c h e c k
- *
- * Check for illegal characters (or possibly so)
- * in the manifest files, to detect potential memory
- * corruption by our neighbors. Debug only, since
- * not I18N safe.
- *
- */
-
-static int jar_insanity_check (char ZHUGEP *data, long length)
- {
- int c;
- long off;
-
- for (off = 0; off < length; off++)
- {
- c = data [off];
-
- if (c == '\n' || c == '\r' || (c >= ' ' && c <= 128))
- continue;
-
- return JAR_ERR_CORRUPT;
- }
-
- return 0;
- }
-#endif
-
-/*
- * j a r _ p a r s e _ d i g i t a l _ s i g n a t u r e
- *
- * Parse an RSA or DSA (or perhaps other) digital signature.
- * Right now everything is PKCS7.
- *
- */
-
-static int jar_parse_digital_signature
- (char *raw_manifest, JAR_Signer *signer, long length, JAR *jar)
- {
-#if defined(XP_WIN16)
- PORT_Assert( LOWORD(raw_manifest) + length < 0xFFFF );
-#endif
- return jar_validate_pkcs7 (jar, signer, raw_manifest, length);
- }
-
-/*
- * j a r _ a d d _ c e r t
- *
- * Add information for the given certificate
- * (or whatever) to the JAR linked list. A pointer
- * is passed for some relevant reference, say
- * for example the original certificate.
- *
- */
-
-static int jar_add_cert
- (JAR *jar, JAR_Signer *signer, int type, CERTCertificate *cert)
- {
- JAR_Cert *fing;
- unsigned char *keyData;
-
- if (cert == NULL)
- return JAR_ERR_ORDER;
-
- fing = (JAR_Cert*)PORT_ZAlloc (sizeof (JAR_Cert));
-
- if (fing == NULL)
- goto loser;
-
-#ifdef USE_MOZ_THREAD
- fing->cert = jar_moz_dup (cert);
-#else
- fing->cert = CERT_DupCertificate (cert);
-#endif
-
- /* get the certkey */
-
- fing->length = cert->derIssuer.len + 2 + cert->serialNumber.len;
-
- keyData = (unsigned char *) PORT_ZAlloc (fing->length);
- fing->key = keyData;
-
- if (fing->key == NULL)
- goto loser;
- keyData[0] = ((cert->derIssuer.len) >> 8) & 0xff;
- keyData[1] = ((cert->derIssuer.len) & 0xff);
- PORT_Memcpy (&keyData[2], cert->derIssuer.data, cert->derIssuer.len);
- PORT_Memcpy (&keyData[2+cert->derIssuer.len], cert->serialNumber.data,
- cert->serialNumber.len);
-
- ADDITEM (signer->certs, type,
- /* pathname */ NULL, fing, sizeof (JAR_Cert));
-
- return 0;
-
-loser:
-
- if (fing)
- {
- if (fing->cert)
- CERT_DestroyCertificate (fing->cert);
-
- PORT_Free (fing);
- }
-
- return JAR_ERR_MEMORY;
- }
-
-/*
- * e a t _ l i n e
- *
- * Consume an ascii line from the top of a file kept
- * in memory. This destroys the file in place. This function
- * handles PC, Mac, and Unix style text files.
- *
- */
-
-static char ZHUGEP *jar_eat_line
- (int lines, int eating, char ZHUGEP *data, long *len)
- {
- char ZHUGEP *ret;
-
- ret = data;
- if (!*len) return ret;
-
- /* Eat the requisite number of lines, if any;
- prior to terminating the current line with a 0. */
-
- for (/* yip */ ; lines; lines--)
- {
- while (*data && *data != '\n')
- data++;
-
- /* After the CR, ok to eat one LF */
-
- if (*data == '\n')
- data++;
-
- /* If there are zeros, we put them there */
-
- while (*data == 0 && data - ret < *len)
- data++;
- }
-
- *len -= data - ret;
- ret = data;
-
- if (eating)
- {
- /* Terminate this line with a 0 */
-
- while (*data && *data != '\n' && *data != '\r')
- data++;
-
- /* In any case we are allowed to eat CR */
-
- if (*data == '\r')
- *data++ = 0;
-
- /* After the CR, ok to eat one LF */
-
- if (*data == '\n')
- *data++ = 0;
- }
-
- return ret;
- }
-
-/*
- * j a r _ d i g e s t _ s e c t i o n
- *
- * Return the digests of the next section of the manifest file.
- * Does not damage the manifest file, unlike parse_manifest.
- *
- */
-
-static JAR_Digest *jar_digest_section
- (char ZHUGEP *manifest, long length)
- {
- long global_len;
- char ZHUGEP *global_end;
-
- global_end = manifest;
- global_len = length;
-
- while (global_len)
- {
- global_end = jar_eat_line (1, PR_FALSE, global_end, &global_len);
- if (*global_end == 0 || *global_end == '\n')
- break;
- }
-
- return JAR_calculate_digest (manifest, global_end - manifest);
- }
-
-/*
- * J A R _ v e r i f y _ d i g e s t
- *
- * Verifies that a precalculated digest matches the
- * expected value in the manifest.
- *
- */
-
-int PR_CALLBACK JAR_verify_digest
- (JAR *jar, const char *name, JAR_Digest *dig)
- {
- JAR_Item *it;
-
- JAR_Digest *shindig;
-
- ZZLink *link;
- ZZList *list;
-
- int result1, result2;
-
- list = jar->hashes;
-
- result1 = result2 = 0;
-
- if (jar->valid < 0)
- {
- /* signature not valid */
- return JAR_ERR_SIG;
- }
-
- if (ZZ_ListEmpty (list))
- {
- /* empty list */
- return JAR_ERR_PNF;
- }
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypeMF
- && it->pathname && !PORT_Strcmp (it->pathname, name))
- {
- shindig = (JAR_Digest *) it->data;
-
- if (shindig->md5_status)
- {
- if (shindig->md5_status == jarHashBad)
- return JAR_ERR_HASH;
- else
- result1 = memcmp (dig->md5, shindig->md5, MD5_LENGTH);
- }
-
- if (shindig->sha1_status)
- {
- if (shindig->sha1_status == jarHashBad)
- return JAR_ERR_HASH;
- else
- result2 = memcmp (dig->sha1, shindig->sha1, SHA1_LENGTH);
- }
-
- return (result1 == 0 && result2 == 0) ? 0 : JAR_ERR_HASH;
- }
- }
-
- return JAR_ERR_PNF;
- }
-
-/*
- * J A R _ c e r t _ a t t r i b u t e
- *
- * Return the named certificate attribute from the
- * certificate specified by the given key.
- *
- */
-
-int PR_CALLBACK JAR_cert_attribute
- (JAR *jar, jarCert attrib, long keylen, void *key,
- void **result, unsigned long *length)
- {
- int status = 0;
- char *ret = NULL;
-
- CERTCertificate *cert;
-
- CERTCertDBHandle *certdb;
-
- JAR_Digest *dig;
- SECItem hexme;
-
- *length = 0;
-
- if (attrib == 0 || key == 0)
- return JAR_ERR_GENERAL;
-
- if (attrib == jarCertJavaHack)
- {
- cert = (CERTCertificate *) NULL;
- certdb = JAR_open_database();
-
- if (certdb)
- {
-#ifdef USE_MOZ_THREAD
- cert = jar_moz_nickname (certdb, (char*)key);
-#else
- cert = CERT_FindCertByNickname (certdb, key);
-#endif
-
- if (cert)
- {
- *length = cert->certKey.len;
-
- *result = (void *) PORT_ZAlloc (*length);
-
- if (*result)
- PORT_Memcpy (*result, cert->certKey.data, *length);
- else
- return JAR_ERR_MEMORY;
- }
- JAR_close_database (certdb);
- }
-
- return cert ? 0 : JAR_ERR_GENERAL;
- }
-
- if (jar && jar->pkcs7 == 0)
- return JAR_ERR_GENERAL;
-
- cert = jar_get_certificate (jar, keylen, key, &status);
-
- if (cert == NULL || status < 0)
- return JAR_ERR_GENERAL;
-
-#define SEP " <br> "
-#define SEPLEN (PORT_Strlen(SEP))
-
- switch (attrib)
- {
- case jarCertCompany:
-
- ret = cert->subjectName;
-
- /* This is pretty ugly looking but only used
- here for this one purpose. */
-
- if (ret)
- {
- int retlen = 0;
-
- char *cer_ou1, *cer_ou2, *cer_ou3;
- char *cer_cn, *cer_e, *cer_o, *cer_l;
-
- cer_cn = CERT_GetCommonName (&cert->subject);
- cer_e = CERT_GetCertEmailAddress (&cert->subject);
- cer_ou3 = jar_cert_element (ret, "OU=", 3);
- cer_ou2 = jar_cert_element (ret, "OU=", 2);
- cer_ou1 = jar_cert_element (ret, "OU=", 1);
- cer_o = CERT_GetOrgName (&cert->subject);
- cer_l = CERT_GetCountryName (&cert->subject);
-
- if (cer_cn) retlen += SEPLEN + PORT_Strlen (cer_cn);
- if (cer_e) retlen += SEPLEN + PORT_Strlen (cer_e);
- if (cer_ou1) retlen += SEPLEN + PORT_Strlen (cer_ou1);
- if (cer_ou2) retlen += SEPLEN + PORT_Strlen (cer_ou2);
- if (cer_ou3) retlen += SEPLEN + PORT_Strlen (cer_ou3);
- if (cer_o) retlen += SEPLEN + PORT_Strlen (cer_o);
- if (cer_l) retlen += SEPLEN + PORT_Strlen (cer_l);
-
- ret = (char *) PORT_ZAlloc (1 + retlen);
-
- if (cer_cn) { PORT_Strcpy (ret, cer_cn); PORT_Strcat (ret, SEP); }
- if (cer_e) { PORT_Strcat (ret, cer_e); PORT_Strcat (ret, SEP); }
- if (cer_ou1) { PORT_Strcat (ret, cer_ou1); PORT_Strcat (ret, SEP); }
- if (cer_ou2) { PORT_Strcat (ret, cer_ou2); PORT_Strcat (ret, SEP); }
- if (cer_ou3) { PORT_Strcat (ret, cer_ou3); PORT_Strcat (ret, SEP); }
- if (cer_o) { PORT_Strcat (ret, cer_o); PORT_Strcat (ret, SEP); }
- if (cer_l) PORT_Strcat (ret, cer_l);
-
- /* return here to avoid unsightly memory leak */
-
- *result = ret;
- *length = PORT_Strlen (ret);
-
- return 0;
- }
- break;
-
- case jarCertCA:
-
- ret = cert->issuerName;
-
- if (ret)
- {
- int retlen = 0;
-
- char *cer_ou1, *cer_ou2, *cer_ou3;
- char *cer_cn, *cer_e, *cer_o, *cer_l;
-
- /* This is pretty ugly looking but only used
- here for this one purpose. */
-
- cer_cn = CERT_GetCommonName (&cert->issuer);
- cer_e = CERT_GetCertEmailAddress (&cert->issuer);
- cer_ou3 = jar_cert_element (ret, "OU=", 3);
- cer_ou2 = jar_cert_element (ret, "OU=", 2);
- cer_ou1 = jar_cert_element (ret, "OU=", 1);
- cer_o = CERT_GetOrgName (&cert->issuer);
- cer_l = CERT_GetCountryName (&cert->issuer);
-
- if (cer_cn) retlen += SEPLEN + PORT_Strlen (cer_cn);
- if (cer_e) retlen += SEPLEN + PORT_Strlen (cer_e);
- if (cer_ou1) retlen += SEPLEN + PORT_Strlen (cer_ou1);
- if (cer_ou2) retlen += SEPLEN + PORT_Strlen (cer_ou2);
- if (cer_ou3) retlen += SEPLEN + PORT_Strlen (cer_ou3);
- if (cer_o) retlen += SEPLEN + PORT_Strlen (cer_o);
- if (cer_l) retlen += SEPLEN + PORT_Strlen (cer_l);
-
- ret = (char *) PORT_ZAlloc (1 + retlen);
-
- if (cer_cn) { PORT_Strcpy (ret, cer_cn); PORT_Strcat (ret, SEP); }
- if (cer_e) { PORT_Strcat (ret, cer_e); PORT_Strcat (ret, SEP); }
- if (cer_ou1) { PORT_Strcat (ret, cer_ou1); PORT_Strcat (ret, SEP); }
- if (cer_ou2) { PORT_Strcat (ret, cer_ou2); PORT_Strcat (ret, SEP); }
- if (cer_ou3) { PORT_Strcat (ret, cer_ou3); PORT_Strcat (ret, SEP); }
- if (cer_o) { PORT_Strcat (ret, cer_o); PORT_Strcat (ret, SEP); }
- if (cer_l) PORT_Strcat (ret, cer_l);
-
- /* return here to avoid unsightly memory leak */
-
- *result = ret;
- *length = PORT_Strlen (ret);
-
- return 0;
- }
-
- break;
-
- case jarCertSerial:
-
- ret = CERT_Hexify (&cert->serialNumber, 1);
- break;
-
- case jarCertExpires:
-
- ret = DER_UTCDayToAscii (&cert->validity.notAfter);
- break;
-
- case jarCertNickname:
-
- ret = jar_choose_nickname (cert);
- break;
-
- case jarCertFinger:
-
- dig = JAR_calculate_digest
- ((char *) cert->derCert.data, cert->derCert.len);
-
- if (dig)
- {
- hexme.len = sizeof (dig->md5);
- hexme.data = dig->md5;
- ret = CERT_Hexify (&hexme, 1);
- }
- break;
-
- default:
-
- return JAR_ERR_GENERAL;
- }
-
- *result = ret ? PORT_Strdup (ret) : NULL;
- *length = ret ? PORT_Strlen (ret) : 0;
-
- return 0;
- }
-
-/*
- * j a r _ c e r t _ e l e m e n t
- *
- * Retrieve an element from an x400ish ascii
- * designator, in a hackish sort of way. The right
- * thing would probably be to sort AVATags.
- *
- */
-
-static char *jar_cert_element (char *name, char *tag, int occ)
- {
- if (name && tag)
- {
- char *s;
- int found = 0;
-
- while (occ--)
- {
- if (PORT_Strstr (name, tag))
- {
- name = PORT_Strstr (name, tag) + PORT_Strlen (tag);
- found = 1;
- }
- else
- {
- name = PORT_Strstr (name, "=");
- if (name == NULL) return NULL;
- found = 0;
- }
- }
-
- if (!found) return NULL;
-
- /* must mangle only the copy */
- name = PORT_Strdup (name);
-
- /* advance to next equal */
- for (s = name; *s && *s != '='; s++)
- /* yip */ ;
-
- /* back up to previous comma */
- while (s > name && *s != ',') s--;
-
- /* zap the whitespace and return */
- *s = 0;
- }
-
- return name;
- }
-
-/*
- * j a r _ c h o o s e _ n i c k n a m e
- *
- * Attempt to determine a suitable nickname for
- * a certificate with a computer-generated "tmpcertxxx"
- * nickname. It needs to be something a user can
- * understand, so try a few things.
- *
- */
-
-static char *jar_choose_nickname (CERTCertificate *cert)
- {
- char *cert_cn;
- char *cert_o;
- char *cert_cn_o;
-
- int cn_o_length;
-
- /* is the existing name ok */
-
- if (cert->nickname && PORT_Strncmp (cert->nickname, "tmpcert", 7))
- return PORT_Strdup (cert->nickname);
-
- /* we have an ugly name here people */
-
- /* Try the CN */
- cert_cn = CERT_GetCommonName (&cert->subject);
-
- if (cert_cn)
- {
- /* check for duplicate nickname */
-
-#ifdef USE_MOZ_THREAD
- if (jar_moz_nickname (CERT_GetDefaultCertDB(), cert_cn) == NULL)
-#else
- if (CERT_FindCertByNickname (CERT_GetDefaultCertDB(), cert_cn) == NULL)
-#endif
- return cert_cn;
-
- /* Try the CN plus O */
- cert_o = CERT_GetOrgName (&cert->subject);
-
- cn_o_length = PORT_Strlen (cert_cn) + 3 + PORT_Strlen (cert_o) + 20;
- cert_cn_o = (char*)PORT_ZAlloc (cn_o_length);
-
- PR_snprintf (cert_cn_o, cn_o_length,
- "%s's %s Certificate", cert_cn, cert_o);
-
-#ifdef USE_MOZ_THREAD
- if (jar_moz_nickname (CERT_GetDefaultCertDB(), cert_cn_o) == NULL)
-#else
- if (CERT_FindCertByNickname (CERT_GetDefaultCertDB(), cert_cn_o) == NULL)
-#endif
- return cert_cn;
- }
-
- /* If all that failed, use the ugly nickname */
- return cert->nickname ? PORT_Strdup (cert->nickname) : NULL;
- }
-
-/*
- * J A R _ c e r t _ h t m l
- *
- * Return an HTML representation of the certificate
- * designated by the given fingerprint, in specified style.
- *
- * JAR is optional, but supply it if you can in order
- * to optimize.
- *
- */
-
-char *JAR_cert_html
- (JAR *jar, int style, long keylen, void *key, int *result)
- {
- char *html;
- CERTCertificate *cert;
-
- *result = -1;
-
- if (style != 0)
- return NULL;
-
- cert = jar_get_certificate (jar, keylen, key, result);
-
- if (cert == NULL || *result < 0)
- return NULL;
-
- *result = 0;
-
- html = CERT_HTMLCertInfo (cert, /* show images */ PR_TRUE,
- /*show issuer*/PR_TRUE);
-
- if (html == NULL)
- *result = -1;
-
- return html;
- }
-
-/*
- * J A R _ s t a s h _ c e r t
- *
- * Stash the certificate pointed to by this
- * fingerprint, in persistent storage somewhere.
- *
- */
-
-extern int PR_CALLBACK JAR_stash_cert
- (JAR *jar, long keylen, void *key)
- {
- int result = 0;
-
- char *nickname;
- CERTCertTrust trust;
-
- CERTCertDBHandle *certdb;
- CERTCertificate *cert, *newcert;
-
- cert = jar_get_certificate (jar, keylen, key, &result);
-
- if (result < 0)
- return result;
-
- if (cert == NULL)
- return JAR_ERR_GENERAL;
-
- if ((certdb = JAR_open_database()) == NULL)
- return JAR_ERR_GENERAL;
-
- /* Attempt to give a name to the newish certificate */
- nickname = jar_choose_nickname (cert);
-
-#ifdef USE_MOZ_THREAD
- newcert = jar_moz_nickname (certdb, nickname);
-#else
- newcert = CERT_FindCertByNickname (certdb, nickname);
-#endif
-
- if (newcert && newcert->isperm)
- {
- /* already in permanant database */
- return 0;
- }
-
- if (newcert) cert = newcert;
-
- /* FIX, since FindCert returns a bogus dbhandle
- set it ourselves */
-
- cert->dbhandle = certdb;
-
-#if 0
- nickname = cert->subjectName;
- if (nickname)
- {
- /* Not checking for a conflict here. But this should
- be a new cert or it would have been found earlier. */
-
- nickname = jar_cert_element (nickname, "CN=", 1);
-
- if (SEC_CertNicknameConflict (nickname, cert->dbhandle))
- {
- /* conflict */
- nickname = PORT_Realloc (&nickname, PORT_Strlen (nickname) + 3);
-
- /* Beyond one copy, there are probably serious problems
- so we will stop at two rather than counting.. */
-
- PORT_Strcat (nickname, " #2");
- }
- }
-#endif
-
- if (nickname != NULL)
- {
- PORT_Memset ((void *) &trust, 0, sizeof(trust));
-
-#ifdef USE_MOZ_THREAD
- if (jar_moz_perm (cert, nickname, &trust) != SECSuccess)
-#else
- if (CERT_AddTempCertToPerm (cert, nickname, &trust) != SECSuccess)
-#endif
- {
- /* XXX might want to call PORT_GetError here */
- result = JAR_ERR_GENERAL;
- }
- }
-
- JAR_close_database (certdb);
-
- return result;
- }
-
-/*
- * J A R _ f e t c h _ c e r t
- *
- * Given an opaque identifier of a certificate,
- * return the full certificate.
- *
- * The new function, which retrieves by key.
- *
- */
-
-void *JAR_fetch_cert (long length, void *key)
- {
- CERTIssuerAndSN issuerSN;
- CERTCertificate *cert = NULL;
-
- CERTCertDBHandle *certdb;
-
- certdb = JAR_open_database();
-
- if (certdb)
- {
- unsigned char *keyData = (unsigned char *)key;
- issuerSN.derIssuer.len = (keyData[0] << 8) + keyData[0];
- issuerSN.derIssuer.data = &keyData[2];
- issuerSN.serialNumber.len = length - (2 + issuerSN.derIssuer.len);
- issuerSN.serialNumber.data = &keyData[2+issuerSN.derIssuer.len];
-
-#ifdef USE_MOZ_THREAD
- cert = jar_moz_certkey (certdb, &issuerSN);
-#else
- cert = CERT_FindCertByIssuerAndSN (certdb, &issuerSN);
-#endif
-
- JAR_close_database (certdb);
- }
-
- return (void *) cert;
- }
-
-/*
- * j a r _ g e t _ m f _ d i g e s t
- *
- * Retrieve a corresponding saved digest over a section
- * of the main manifest file.
- *
- */
-
-static JAR_Digest *jar_get_mf_digest (JAR *jar, char *pathname)
- {
- JAR_Item *it;
-
- JAR_Digest *dig;
-
- ZZLink *link;
- ZZList *list;
-
- list = jar->manifest;
-
- if (ZZ_ListEmpty (list))
- return NULL;
-
- for (link = ZZ_ListHead (list);
- !ZZ_ListIterDone (list, link);
- link = link->next)
- {
- it = link->thing;
- if (it->type == jarTypeSect
- && it->pathname && !PORT_Strcmp (it->pathname, pathname))
- {
- dig = (JAR_Digest *) it->data;
- return dig;
- }
- }
-
- return NULL;
- }
-
-/*
- * j a r _ b a s e n a m e
- *
- * Return the basename -- leading components of path stripped off,
- * extension ripped off -- of a path.
- *
- */
-
-static char *jar_basename (const char *path)
- {
- char *pith, *e, *basename, *ext;
-
- if (path == NULL)
- return PORT_Strdup ("");
-
- pith = PORT_Strdup (path);
-
- basename = pith;
-
- while (1)
- {
- for (e = basename; *e && *e != '/' && *e != '\\'; e++)
- /* yip */ ;
- if (*e)
- basename = ++e;
- else
- break;
- }
-
- if ((ext = PORT_Strrchr (basename, '.')) != NULL)
- *ext = 0;
-
- /* We already have the space allocated */
- PORT_Strcpy (pith, basename);
-
- return pith;
- }
-
-/*
- * + + + + + + + + + + + + + + +
- *
- * CRYPTO ROUTINES FOR JAR
- *
- * The following functions are the cryptographic
- * interface to PKCS7 for Jarnatures.
- *
- * + + + + + + + + + + + + + + +
- *
- */
-
-/*
- * j a r _ c a t c h _ b y t e s
- *
- * In the event signatures contain enveloped data, it will show up here.
- * But note that the lib/pkcs7 routines aren't ready for it.
- *
- */
-
-static void jar_catch_bytes
- (void *arg, const char *buf, unsigned long len)
- {
- /* Actually this should never be called, since there is
- presumably no data in the signature itself. */
- }
-
-/*
- * j a r _ v a l i d a t e _ p k c s 7
- *
- * Validate (and decode, if necessary) a binary pkcs7
- * signature in DER format.
- *
- */
-
-static int jar_validate_pkcs7
- (JAR *jar, JAR_Signer *signer, char *data, long length)
- {
- SECItem detdig;
-
- SEC_PKCS7ContentInfo *cinfo = NULL;
- SEC_PKCS7DecoderContext *dcx;
-
- int status = 0;
- char *errstring = NULL;
-
- PORT_Assert( jar != NULL && signer != NULL );
-
- if (jar == NULL || signer == NULL)
- return JAR_ERR_ORDER;
-
- signer->valid = JAR_ERR_SIG;
-
- /* We need a context if we can get one */
-
-#ifdef MOZILLA_CLIENT_OLD
- if (jar->mw == NULL) {
- JAR_set_context (jar, NULL);
- }
-#endif
-
-
- dcx = SEC_PKCS7DecoderStart
- (jar_catch_bytes, NULL /*cb_arg*/, NULL /*getpassword*/, jar->mw,
- NULL, NULL, NULL);
-
- if (dcx == NULL)
- {
- /* strange pkcs7 failure */
- return JAR_ERR_PK7;
- }
-
- SEC_PKCS7DecoderUpdate (dcx, data, length);
- cinfo = SEC_PKCS7DecoderFinish (dcx);
-
- if (cinfo == NULL)
- {
- /* strange pkcs7 failure */
- return JAR_ERR_PK7;
- }
-
- if (SEC_PKCS7ContentIsEncrypted (cinfo))
- {
- /* content was encrypted, fail */
- return JAR_ERR_PK7;
- }
-
- if (SEC_PKCS7ContentIsSigned (cinfo) == PR_FALSE)
- {
- /* content was not signed, fail */
- return JAR_ERR_PK7;
- }
-
- PORT_SetError (0);
-
- /* use SHA1 only */
-
- detdig.len = SHA1_LENGTH;
- detdig.data = signer->digest->sha1;
-
-#ifdef USE_MOZ_THREAD
- if (jar_moz_verify
- (cinfo, certUsageObjectSigner, &detdig, HASH_AlgSHA1, PR_FALSE)==
- SECSuccess)
-#else
- if (SEC_PKCS7VerifyDetachedSignature
- (cinfo, certUsageObjectSigner, &detdig, HASH_AlgSHA1, PR_FALSE)==
- PR_TRUE)
-#endif
- {
- /* signature is valid */
- signer->valid = 0;
- jar_gather_signers (jar, signer, cinfo);
- }
- else
- {
- status = PORT_GetError();
-
- PORT_Assert( status < 0 );
- if (status >= 0) status = JAR_ERR_SIG;
-
- jar->valid = status;
- signer->valid = status;
-
- errstring = JAR_get_error (status);
- /*XP_TRACE(("JAR signature invalid (reason %d = %s)", status, errstring));*/
- }
-
- jar->pkcs7 = PR_TRUE;
- signer->pkcs7 = PR_TRUE;
-
- SEC_PKCS7DestroyContentInfo (cinfo);
-
- return status;
- }
-
-/*
- * j a r _ g a t h e r _ s i g n e r s
- *
- * Add the single signer of this signature to the
- * certificate linked list.
- *
- */
-
-static int jar_gather_signers
- (JAR *jar, JAR_Signer *signer, SEC_PKCS7ContentInfo *cinfo)
- {
- int result;
-
- CERTCertificate *cert;
- CERTCertDBHandle *certdb;
-
- SEC_PKCS7SignedData *sdp;
- SEC_PKCS7SignerInfo **pksigners, *pksigner;
-
- sdp = cinfo->content.signedData;
-
- if (sdp == NULL)
- return JAR_ERR_PK7;
-
- pksigners = sdp->signerInfos;
-
- /* permit exactly one signer */
-
- if (pksigners == NULL || pksigners [0] == NULL || pksigners [1] != NULL)
- return JAR_ERR_PK7;
-
- pksigner = *pksigners;
- cert = pksigner->cert;
-
- if (cert == NULL)
- return JAR_ERR_PK7;
-
- certdb = JAR_open_database();
-
- if (certdb == NULL)
- return JAR_ERR_GENERAL;
-
- result = jar_add_cert (jar, signer, jarTypeSign, cert);
-
- JAR_close_database (certdb);
-
- return result;
- }
-
-/*
- * j a r _ o p e n _ d a t a b a s e
- *
- * Open the certificate database,
- * for use by JAR functions.
- *
- */
-
-CERTCertDBHandle *JAR_open_database (void)
- {
- int keepcerts = 0;
- CERTCertDBHandle *certdb;
-
- certdb = CERT_GetDefaultCertDB();
-
- return certdb;
- }
-
-/*
- * j a r _ c l o s e _ d a t a b a s e
- *
- * Close the certificate database.
- * For use by JAR functions.
- *
- */
-
-int JAR_close_database (CERTCertDBHandle *certdb)
- {
-#ifdef notdef
- CERTCertDBHandle *defaultdb;
-
- /* This really just retrieves the handle, nothing more */
- defaultdb = CERT_GetDefaultCertDB();
-
- /* If there is no default db, it means we opened
- the permanent database for some reason */
-
- if (defaultdb == NULL && certdb != NULL)
- CERT_ClosePermCertDB (certdb);
-#endif
-
- return 0;
- }
-
-/*
- * j a r _ g e t _ c e r t i f i c a t e
- *
- * Return the certificate referenced
- * by a given fingerprint, or NULL if not found.
- * Error code is returned in result.
- *
- */
-
-static CERTCertificate *jar_get_certificate
- (JAR *jar, long keylen, void *key, int *result)
- {
- int found = 0;
-
- JAR_Item *it;
- JAR_Cert *fing = NULL;
-
- JAR_Context *ctx;
-
- if (jar == NULL)
- {
- void *cert;
- cert = JAR_fetch_cert (keylen, key);
- *result = (cert == NULL) ? JAR_ERR_GENERAL : 0;
- return (CERTCertificate *) cert;
- }
-
- ctx = JAR_find (jar, NULL, jarTypeSign);
-
- while (JAR_find_next (ctx, &it) >= 0)
- {
- fing = (JAR_Cert *) it->data;
-
- if (keylen != fing->length)
- continue;
-
- PORT_Assert( keylen < 0xFFFF );
- if (!PORT_Memcmp (fing->key, key, keylen))
- {
- found = 1;
- break;
- }
- }
-
- JAR_find_end (ctx);
-
- if (found == 0)
- {
- *result = JAR_ERR_GENERAL;
- return NULL;
- }
-
- PORT_Assert(fing != NULL);
- *result = 0;
- return fing->cert;
- }
-
-/*
- * j a r _ s i g n a l
- *
- * Nonfatal errors come here to callback Java.
- *
- */
-
-static int jar_signal
- (int status, JAR *jar, const char *metafile, char *pathname)
- {
- char *errstring;
-
- errstring = JAR_get_error (status);
-
- if (jar->signal)
- {
- (*jar->signal) (status, jar, metafile, pathname, errstring);
- return 0;
- }
-
- return status;
- }
-
-/*
- * j a r _ a p p e n d
- *
- * Tack on an element to one of a JAR's linked
- * lists, with rudimentary error handling.
- *
- */
-
-int jar_append (ZZList *list, int type,
- char *pathname, void *data, size_t size)
- {
- JAR_Item *it;
- ZZLink *entity;
-
- it = (JAR_Item*)PORT_ZAlloc (sizeof (JAR_Item));
-
- if (it == NULL)
- goto loser;
-
- if (pathname)
- {
- it->pathname = PORT_Strdup (pathname);
- if (it->pathname == NULL)
- goto loser;
- }
-
- it->type = (jarType)type;
- it->data = (unsigned char *) data;
- it->size = size;
-
- entity = ZZ_NewLink (it);
-
- if (entity)
- {
- ZZ_AppendLink (list, entity);
- return 0;
- }
-
-loser:
-
- if (it)
- {
- if (it->pathname) PORT_Free (it->pathname);
- PORT_Free (it);
- }
-
- return JAR_ERR_MEMORY;
- }
-
-/*
- * W I N 1 6 s t u f f
- *
- * These functions possibly belong in xp_mem.c, they operate
- * on huge string pointers for win16.
- *
- */
-
-#if defined(XP_WIN16)
-int xp_HUGE_STRNCASECMP (char ZHUGEP *buf, char *key, int len)
- {
- while (len--)
- {
- char c1, c2;
-
- c1 = *buf++;
- c2 = *key++;
-
- if (c1 >= 'a' && c1 <= 'z') c1 -= ('a' - 'A');
- if (c2 >= 'a' && c2 <= 'z') c2 -= ('a' - 'A');
-
- if (c1 != c2)
- return (c1 < c2) ? -1 : 1;
- }
- return 0;
- }
-
-size_t xp_HUGE_STRLEN (char ZHUGEP *s)
- {
- size_t len = 0L;
- while (*s++) len++;
- return len;
- }
-
-char *xp_HUGE_STRCPY (char *to, char ZHUGEP *from)
- {
- char *ret = to;
-
- while (*from)
- *to++ = *from++;
- *to = 0;
-
- return ret;
- }
-#endif
diff --git a/security/nss/lib/jar/jzconf.h b/security/nss/lib/jar/jzconf.h
deleted file mode 100644
index 278aaa5d5..000000000
--- a/security/nss/lib/jar/jzconf.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-1996 Jean-loup Gailly.
- * For conditions of distribution and use, see copyright notice in zlib.h
- */
-/* This file was modified since it was taken from the zlib distribution */
-/* $Id$ */
-
-#ifndef _ZCONF_H
-#define _ZCONF_H
-
-/*
- * If you *really* need a unique prefix for all types and library functions,
- * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it.
- */
-#ifdef Z_PREFIX
-# define deflateInit_ z_deflateInit_
-# define deflate z_deflate
-# define deflateEnd z_deflateEnd
-# define inflateInit_ z_inflateInit_
-# define inflate z_inflate
-# define inflateEnd z_inflateEnd
-# define deflateInit2_ z_deflateInit2_
-# define deflateSetDictionary z_deflateSetDictionary
-# define deflateCopy z_deflateCopy
-# define deflateReset z_deflateReset
-# define deflateParams z_deflateParams
-# define inflateInit2_ z_inflateInit2_
-# define inflateSetDictionary z_inflateSetDictionary
-# define inflateSync z_inflateSync
-# define inflateReset z_inflateReset
-# define compress z_compress
-# define uncompress z_uncompress
-# define adler32 z_adler32
-# define crc32 z_crc32
-# define get_crc_table z_get_crc_table
-
-# define Byte z_Byte
-# define uInt z_uInt
-# define uLong z_uLong
-# define Bytef z_Bytef
-# define charf z_charf
-# define intf z_intf
-# define uIntf z_uIntf
-# define uLongf z_uLongf
-# define voidpf z_voidpf
-# define voidp z_voidp
-#endif
-
-#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
-# define WIN32
-#endif
-#if defined(__GNUC__) || defined(WIN32) || defined(__386__) || defined(i386)
-# ifndef __32BIT__
-# define __32BIT__
-# endif
-#endif
-#if defined(__MSDOS__) && !defined(MSDOS)
-# define MSDOS
-#endif
-
-/*
- * Compile with -DMAXSEG_64K if the alloc function cannot allocate more
- * than 64k bytes at a time (needed on systems with 16-bit int).
- */
-#if defined(MSDOS) && !defined(__32BIT__)
-# define MAXSEG_64K
-#endif
-#ifdef MSDOS
-# define UNALIGNED_OK
-#endif
-
-#if (defined(MSDOS) || defined(_WINDOWS) || defined(WIN32) || defined(XP_OS2)) && !defined(STDC)
-# define STDC
-#endif
-#if (defined(__STDC__) || defined(__cplusplus)) && !defined(STDC)
-# define STDC
-#endif
-
-#ifndef STDC
-# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */
-# define const
-# endif
-#endif
-
-/* Some Mac compilers merge all .h files incorrectly: */
-#if defined(__MWERKS__) || defined(applec) ||defined(THINK_C) ||defined(__SC__)
-# define NO_DUMMY_DECL
-#endif
-
-/* Maximum value for memLevel in deflateInit2 */
-#ifndef MAX_MEM_LEVEL
-# ifdef MAXSEG_64K
-# define MAX_MEM_LEVEL 8
-# else
-# define MAX_MEM_LEVEL 9
-# endif
-#endif
-
-/* Maximum value for windowBits in deflateInit2 and inflateInit2 */
-#ifndef MAX_WBITS
-# define MAX_WBITS 15 /* 32K LZ77 window */
-#endif
-
-/* The memory requirements for deflate are (in bytes):
- 1 << (windowBits+2) + 1 << (memLevel+9)
- that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values)
- plus a few kilobytes for small objects. For example, if you want to reduce
- the default memory requirements from 256K to 128K, compile with
- make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7"
- Of course this will generally degrade compression (there's no free lunch).
-
- The memory requirements for inflate are (in bytes) 1 << windowBits
- that is, 32K for windowBits=15 (default value) plus a few kilobytes
- for small objects.
-*/
-
- /* Type declarations */
-
-#ifndef OF /* function prototypes */
-# ifdef STDC
-# define OF(args) args
-# else
-# define OF(args) ()
-# endif
-#endif
-
-/* The following definitions for FAR are needed only for MSDOS mixed
- * model programming (small or medium model with some far allocations).
- * This was tested only with MSC; for other MSDOS compilers you may have
- * to define NO_MEMCPY in zutil.h. If you don't need the mixed model,
- * just define FAR to be empty.
- */
-#if (defined(M_I86SM) || defined(M_I86MM)) && !defined(__32BIT__)
- /* MSC small or medium model */
-# define SMALL_MEDIUM
-# ifdef _MSC_VER
-# define FAR __far
-# else
-# define FAR far
-# endif
-#endif
-#if defined(__BORLANDC__) && (defined(__SMALL__) || defined(__MEDIUM__))
-# ifndef __32BIT__
-# define SMALL_MEDIUM
-# define FAR __far
-# endif
-#endif
-#ifndef FAR
-# define FAR
-#endif
-
-typedef unsigned char Byte; /* 8 bits */
-typedef unsigned int uInt; /* 16 bits or more */
-typedef unsigned long uLong; /* 32 bits or more */
-
-#if defined(__BORLANDC__) && defined(SMALL_MEDIUM)
- /* Borland C/C++ ignores FAR inside typedef */
-# define Bytef Byte FAR
-#else
- typedef Byte FAR Bytef;
-#endif
-typedef char FAR charf;
-typedef int FAR intf;
-typedef uInt FAR uIntf;
-typedef uLong FAR uLongf;
-
-#ifdef STDC
- typedef void FAR *voidpf;
- typedef void *voidp;
-#else
- typedef Byte FAR *voidpf;
- typedef Byte *voidp;
-#endif
-
-#ifdef MOZILLA_CLIENT
-#include "prtypes.h"
-#else
-/* Compile with -DZLIB_DLL for Windows DLL support */
-#if (defined(_WINDOWS) || defined(WINDOWS)) && defined(ZLIB_DLL)
-# include <windows.h>
-# define EXPORT WINAPI
-#else
-# define EXPORT
-#endif
-
-#define PR_PUBLIC_API(type) type
-
-#endif /* MOZILLA_CLIENT */
-
-#endif /* _ZCONF_H */
diff --git a/security/nss/lib/jar/jzlib.h b/security/nss/lib/jar/jzlib.h
deleted file mode 100644
index dd5b4d8e9..000000000
--- a/security/nss/lib/jar/jzlib.h
+++ /dev/null
@@ -1,896 +0,0 @@
-/* zlib.h -- interface of the 'zlib' general purpose compression library
- version 1.0.4, Jul 24th, 1996.
-
- Copyright (C) 1995-1996 Jean-loup Gailly and Mark Adler
-
- This software is provided 'as-is', without any express or implied
- warranty. In no event will the authors be held liable for any damages
- arising from the use of this software.
-
- Permission is granted to anyone to use this software for any purpose,
- including commercial applications, and to alter it and redistribute it
- freely, subject to the following restrictions:
-
- 1. The origin of this software must not be misrepresented; you must not
- claim that you wrote the original software. If you use this software
- in a product, an acknowledgment in the product documentation would be
- appreciated but is not required.
- 2. Altered source versions must be plainly marked as such, and must not be
- misrepresented as being the original software.
- 3. This notice may not be removed or altered from any source distribution.
-
- Jean-loup Gailly Mark Adler
- gzip@prep.ai.mit.edu madler@alumni.caltech.edu
-
-
- The data format used by the zlib library is described by RFCs (Request for
- Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt
- (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
-*/
-/* This file was modified since it was taken from the zlib distribution */
-
-#ifndef _ZLIB_H
-#define _ZLIB_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifdef MOZILLA_CLIENT
-#include "jzconf.h"
-#else
-#include "zconf.h"
-#endif
-
-#define ZLIB_VERSION "1.0.4"
-
-/*
- The 'zlib' compression library provides in-memory compression and
- decompression functions, including integrity checks of the uncompressed
- data. This version of the library supports only one compression method
- (deflation) but other algorithms may be added later and will have the same
- stream interface.
-
- For compression the application must provide the output buffer and
- may optionally provide the input buffer for optimization. For decompression,
- the application must provide the input buffer and may optionally provide
- the output buffer for optimization.
-
- Compression can be done in a single step if the buffers are large
- enough (for example if an input file is mmap'ed), or can be done by
- repeated calls of the compression function. In the latter case, the
- application must provide more input and/or consume the output
- (providing more output space) before each call.
-
- The library does not install any signal handler. It is recommended to
- add at least a handler for SIGSEGV when decompressing; the library checks
- the consistency of the input data whenever possible but may go nuts
- for some forms of corrupted input.
-*/
-
-typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size));
-typedef void (*free_func) OF((voidpf opaque, voidpf address));
-
-struct internal_state;
-
-typedef struct z_stream_s {
- Bytef *next_in; /* next input byte */
- uInt avail_in; /* number of bytes available at next_in */
- uLong total_in; /* total nb of input bytes read so far */
-
- Bytef *next_out; /* next output byte should be put there */
- uInt avail_out; /* remaining free space at next_out */
- uLong total_out; /* total nb of bytes output so far */
-
- char *msg; /* last error message, NULL if no error */
- struct internal_state FAR *state; /* not visible by applications */
-
- alloc_func zalloc; /* used to allocate the internal state */
- free_func zfree; /* used to free the internal state */
- voidpf opaque; /* private data object passed to zalloc and zfree */
-
- int data_type; /* best guess about the data type: ascii or binary */
- uLong adler; /* adler32 value of the uncompressed data */
- uLong reserved; /* reserved for future use */
-} z_stream;
-
-typedef z_stream FAR *z_streamp;
-
-/*
- The application must update next_in and avail_in when avail_in has
- dropped to zero. It must update next_out and avail_out when avail_out
- has dropped to zero. The application must initialize zalloc, zfree and
- opaque before calling the init function. All other fields are set by the
- compression library and must not be updated by the application.
-
- The opaque value provided by the application will be passed as the first
- parameter for calls of zalloc and zfree. This can be useful for custom
- memory management. The compression library attaches no meaning to the
- opaque value.
-
- zalloc must return Z_NULL if there is not enough memory for the object.
- On 16-bit systems, the functions zalloc and zfree must be able to allocate
- exactly 65536 bytes, but will not be required to allocate more than this
- if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS,
- pointers returned by zalloc for objects of exactly 65536 bytes *must*
- have their offset normalized to zero. The default allocation function
- provided by this library ensures this (see zutil.c). To reduce memory
- requirements and avoid any allocation of 64K objects, at the expense of
- compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h).
-
- The fields total_in and total_out can be used for statistics or
- progress reports. After compression, total_in holds the total size of
- the uncompressed data and may be saved for use in the decompressor
- (particularly if the decompressor wants to decompress everything in
- a single step).
-*/
-
- /* constants */
-
-#define Z_NO_FLUSH 0
-#define Z_PARTIAL_FLUSH 1
-#define Z_SYNC_FLUSH 2
-#define Z_FULL_FLUSH 3
-#define Z_FINISH 4
-/* Allowed flush values; see deflate() below for details */
-
-#define Z_OK 0
-#define Z_STREAM_END 1
-#define Z_NEED_DICT 2
-#define Z_ERRNO (-1)
-#define Z_STREAM_ERROR (-2)
-#define Z_DATA_ERROR (-3)
-#define Z_MEM_ERROR (-4)
-#define Z_BUF_ERROR (-5)
-#define Z_VERSION_ERROR (-6)
-/* Return codes for the compression/decompression functions. Negative
- * values are errors, positive values are used for special but normal events.
- */
-
-#define Z_NO_COMPRESSION 0
-#define Z_BEST_SPEED 1
-#define Z_BEST_COMPRESSION 9
-#define Z_DEFAULT_COMPRESSION (-1)
-/* compression levels */
-
-#define Z_FILTERED 1
-#define Z_HUFFMAN_ONLY 2
-#define Z_DEFAULT_STRATEGY 0
-/* compression strategy; see deflateInit2() below for details */
-
-#define Z_BINARY 0
-#define Z_ASCII 1
-#define Z_UNKNOWN 2
-/* Possible values of the data_type field */
-
-#define Z_DEFLATED 8
-/* The deflate compression method (the only one supported in this version) */
-
-#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */
-
-#define zlib_version zlibVersion()
-/* for compatibility with versions < 1.0.2 */
-
- /* basic functions */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) zlibVersion (void);
-#else
-extern const char * EXPORT zlibVersion OF((void));
-#endif
-/* The application can compare zlibVersion and ZLIB_VERSION for consistency.
- If the first character differs, the library code actually used is
- not compatible with the zlib.h header file used by the application.
- This check is automatically made by deflateInit and inflateInit.
- */
-
-/*
-extern int EXPORT deflateInit OF((z_streamp strm, int level));
-
- Initializes the internal stream state for compression. The fields
- zalloc, zfree and opaque must be initialized before by the caller.
- If zalloc and zfree are set to Z_NULL, deflateInit updates them to
- use default allocation functions.
-
- The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9:
- 1 gives best speed, 9 gives best compression, 0 gives no compression at
- all (the input data is simply copied a block at a time).
- Z_DEFAULT_COMPRESSION requests a default compromise between speed and
- compression (currently equivalent to level 6).
-
- deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_STREAM_ERROR if level is not a valid compression level,
- Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible
- with the version assumed by the caller (ZLIB_VERSION).
- msg is set to null if there is no error message. deflateInit does not
- perform any compression: this will be done by deflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflate (z_streamp strm, int flush);
-#else
-extern int EXPORT deflate OF((z_streamp strm, int flush));
-#endif
-/*
- Performs one or both of the following actions:
-
- - Compress more input starting at next_in and update next_in and avail_in
- accordingly. If not all input can be processed (because there is not
- enough room in the output buffer), next_in and avail_in are updated and
- processing will resume at this point for the next call of deflate().
-
- - Provide more output starting at next_out and update next_out and avail_out
- accordingly. This action is forced if the parameter flush is non zero.
- Forcing flush frequently degrades the compression ratio, so this parameter
- should be set only when necessary (in interactive applications).
- Some output may be provided even if flush is not set.
-
- Before the call of deflate(), the application should ensure that at least
- one of the actions is possible, by providing more input and/or consuming
- more output, and updating avail_in or avail_out accordingly; avail_out
- should never be zero before the call. The application can consume the
- compressed output when it wants, for example when the output buffer is full
- (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK
- and with zero avail_out, it must be called again after making room in the
- output buffer because there might be more output pending.
-
- If the parameter flush is set to Z_PARTIAL_FLUSH, the current compression
- block is terminated and flushed to the output buffer so that the
- decompressor can get all input data available so far. For method 9, a future
- variant on method 8, the current block will be flushed but not terminated.
- Z_SYNC_FLUSH has the same effect as partial flush except that the compressed
- output is byte aligned (the compressor can clear its internal bit buffer)
- and the current block is always terminated; this can be useful if the
- compressor has to be restarted from scratch after an interruption (in which
- case the internal state of the compressor may be lost).
- If flush is set to Z_FULL_FLUSH, the compression block is terminated, a
- special marker is output and the compression dictionary is discarded; this
- is useful to allow the decompressor to synchronize if one compressed block
- has been damaged (see inflateSync below). Flushing degrades compression and
- so should be used only when necessary. Using Z_FULL_FLUSH too often can
- seriously degrade the compression. If deflate returns with avail_out == 0,
- this function must be called again with the same value of the flush
- parameter and more output space (updated avail_out), until the flush is
- complete (deflate returns with non-zero avail_out).
-
- If the parameter flush is set to Z_FINISH, pending input is processed,
- pending output is flushed and deflate returns with Z_STREAM_END if there
- was enough output space; if deflate returns with Z_OK, this function must be
- called again with Z_FINISH and more output space (updated avail_out) but no
- more input data, until it returns with Z_STREAM_END or an error. After
- deflate has returned Z_STREAM_END, the only possible operations on the
- stream are deflateReset or deflateEnd.
-
- Z_FINISH can be used immediately after deflateInit if all the compression
- is to be done in a single step. In this case, avail_out must be at least
- 0.1% larger than avail_in plus 12 bytes. If deflate does not return
- Z_STREAM_END, then it must be called again as described above.
-
- deflate() may update data_type if it can make a good guess about
- the input data type (Z_ASCII or Z_BINARY). In doubt, the data is considered
- binary. This field is only for information purposes and does not affect
- the compression algorithm in any manner.
-
- deflate() returns Z_OK if some progress has been made (more input
- processed or more output produced), Z_STREAM_END if all input has been
- consumed and all output has been produced (only when flush is set to
- Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example
- if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateEnd (z_streamp strm);
-#else
-extern int EXPORT deflateEnd OF((z_streamp strm));
-#endif
-/*
- All dynamically allocated data structures for this stream are freed.
- This function discards any unprocessed input and does not flush any
- pending output.
-
- deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the
- stream state was inconsistent, Z_DATA_ERROR if the stream was freed
- prematurely (some input or output was discarded). In the error case,
- msg may be set but then points to a static string (which must not be
- deallocated).
-*/
-
-
-/*
-extern int EXPORT inflateInit OF((z_streamp strm));
-
- Initializes the internal stream state for decompression. The fields
- zalloc, zfree and opaque must be initialized before by the caller. If
- zalloc and zfree are set to Z_NULL, inflateInit updates them to use default
- allocation functions.
-
- inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_VERSION_ERROR if the zlib library version is incompatible
- with the version assumed by the caller. msg is set to null if there is no
- error message. inflateInit does not perform any decompression: this will be
- done by inflate().
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflate (z_streamp strm, int flush);
-#else
-extern int EXPORT inflate OF((z_streamp strm, int flush));
-#endif
-/*
- Performs one or both of the following actions:
-
- - Decompress more input starting at next_in and update next_in and avail_in
- accordingly. If not all input can be processed (because there is not
- enough room in the output buffer), next_in is updated and processing
- will resume at this point for the next call of inflate().
-
- - Provide more output starting at next_out and update next_out and avail_out
- accordingly. inflate() provides as much output as possible, until there
- is no more input data or no more space in the output buffer (see below
- about the flush parameter).
-
- Before the call of inflate(), the application should ensure that at least
- one of the actions is possible, by providing more input and/or consuming
- more output, and updating the next_* and avail_* values accordingly.
- The application can consume the uncompressed output when it wants, for
- example when the output buffer is full (avail_out == 0), or after each
- call of inflate(). If inflate returns Z_OK and with zero avail_out, it
- must be called again after making room in the output buffer because there
- might be more output pending.
-
- If the parameter flush is set to Z_PARTIAL_FLUSH, inflate flushes as much
- output as possible to the output buffer. The flushing behavior of inflate is
- not specified for values of the flush parameter other than Z_PARTIAL_FLUSH
- and Z_FINISH, but the current implementation actually flushes as much output
- as possible anyway.
-
- inflate() should normally be called until it returns Z_STREAM_END or an
- error. However if all decompression is to be performed in a single step
- (a single call of inflate), the parameter flush should be set to
- Z_FINISH. In this case all pending input is processed and all pending
- output is flushed; avail_out must be large enough to hold all the
- uncompressed data. (The size of the uncompressed data may have been saved
- by the compressor for this purpose.) The next operation on this stream must
- be inflateEnd to deallocate the decompression state. The use of Z_FINISH
- is never required, but can be used to inform inflate that a faster routine
- may be used for the single inflate() call.
-
- inflate() returns Z_OK if some progress has been made (more input
- processed or more output produced), Z_STREAM_END if the end of the
- compressed data has been reached and all uncompressed output has been
- produced, Z_NEED_DICT if a preset dictionary is needed at this point (see
- inflateSetDictionary below), Z_DATA_ERROR if the input data was corrupted,
- Z_STREAM_ERROR if the stream structure was inconsistent (for example if
- next_in or next_out was NULL), Z_MEM_ERROR if there was not enough memory,
- Z_BUF_ERROR if no progress is possible or if there was not enough room in
- the output buffer when Z_FINISH is used. In the Z_DATA_ERROR case, the
- application may then call inflateSync to look for a good compression block.
- In the Z_NEED_DICT case, strm->adler is set to the Adler32 value of the
- dictionary chosen by the compressor.
-*/
-
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateEnd (z_streamp strm);
-#else
-extern int EXPORT inflateEnd OF((z_streamp strm));
-#endif
-/*
- All dynamically allocated data structures for this stream are freed.
- This function discards any unprocessed input and does not flush any
- pending output.
-
- inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state
- was inconsistent. In the error case, msg may be set but then points to a
- static string (which must not be deallocated).
-*/
-
- /* Advanced functions */
-
-/*
- The following functions are needed only in some special applications.
-*/
-
-/*
-extern int EXPORT deflateInit2 OF((z_streamp strm,
- int level,
- int method,
- int windowBits,
- int memLevel,
- int strategy));
-
- This is another version of deflateInit with more compression options. The
- fields next_in, zalloc, zfree and opaque must be initialized before by
- the caller.
-
- The method parameter is the compression method. It must be Z_DEFLATED in
- this version of the library. (Method 9 will allow a 64K history buffer and
- partial block flushes.)
-
- The windowBits parameter is the base two logarithm of the window size
- (the size of the history buffer). It should be in the range 8..15 for this
- version of the library (the value 16 will be allowed for method 9). Larger
- values of this parameter result in better compression at the expense of
- memory usage. The default value is 15 if deflateInit is used instead.
-
- The memLevel parameter specifies how much memory should be allocated
- for the internal compression state. memLevel=1 uses minimum memory but
- is slow and reduces compression ratio; memLevel=9 uses maximum memory
- for optimal speed. The default value is 8. See zconf.h for total memory
- usage as a function of windowBits and memLevel.
-
- The strategy parameter is used to tune the compression algorithm. Use the
- value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a
- filter (or predictor), or Z_HUFFMAN_ONLY to force Huffman encoding only (no
- string match). Filtered data consists mostly of small values with a
- somewhat random distribution. In this case, the compression algorithm is
- tuned to compress them better. The effect of Z_FILTERED is to force more
- Huffman coding and less string matching; it is somewhat intermediate
- between Z_DEFAULT and Z_HUFFMAN_ONLY. The strategy parameter only affects
- the compression ratio but not the correctness of the compressed output even
- if it is not set appropriately.
-
- If next_in is not null, the library will use this buffer to hold also
- some history information; the buffer must either hold the entire input
- data, or have at least 1<<(windowBits+1) bytes and be writable. If next_in
- is null, the library will allocate its own history buffer (and leave next_in
- null). next_out need not be provided here but must be provided by the
- application for the next call of deflate().
-
- If the history buffer is provided by the application, next_in must
- must never be changed by the application since the compressor maintains
- information inside this buffer from call to call; the application
- must provide more input only by increasing avail_in. next_in is always
- reset by the library in this case.
-
- deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
- not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
- an invalid method). msg is set to null if there is no error message.
- deflateInit2 does not perform any compression: this will be done by
- deflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateSetDictionary (z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength);
-#else
-extern int EXPORT deflateSetDictionary OF((z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength));
-#endif
-/*
- Initializes the compression dictionary (history buffer) from the given
- byte sequence without producing any compressed output. This function must
- be called immediately after deflateInit or deflateInit2, before any call
- of deflate. The compressor and decompressor must use exactly the same
- dictionary (see inflateSetDictionary).
- The dictionary should consist of strings (byte sequences) that are likely
- to be encountered later in the data to be compressed, with the most commonly
- used strings preferably put towards the end of the dictionary. Using a
- dictionary is most useful when the data to be compressed is short and
- can be predicted with good accuracy; the data can then be compressed better
- than with the default empty dictionary. In this version of the library,
- only the last 32K bytes of the dictionary are used.
- Upon return of this function, strm->adler is set to the Adler32 value
- of the dictionary; the decompressor may later use this value to determine
- which dictionary has been used by the compressor. (The Adler32 value
- applies to the whole dictionary even if only a subset of the dictionary is
- actually used by the compressor.)
-
- deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
- parameter is invalid (such as NULL dictionary) or the stream state
- is inconsistent (for example if deflate has already been called for this
- stream). deflateSetDictionary does not perform any compression: this will
- be done by deflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateCopy (z_streamp dest, z_streamp source);
-#else
-extern int EXPORT deflateCopy OF((z_streamp dest, z_streamp source));
-#endif
-/*
- Sets the destination stream as a complete copy of the source stream. If
- the source stream is using an application-supplied history buffer, a new
- buffer is allocated for the destination stream. The compressed output
- buffer is always application-supplied. It's the responsibility of the
- application to provide the correct values of next_out and avail_out for the
- next call of deflate.
-
- This function can be useful when several compression strategies will be
- tried, for example when there are several ways of pre-processing the input
- data with a filter. The streams that will be discarded should then be freed
- by calling deflateEnd. Note that deflateCopy duplicates the internal
- compression state which can be quite large, so this strategy is slow and
- can consume lots of memory.
-
- deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_STREAM_ERROR if the source stream state was inconsistent
- (such as zalloc being NULL). msg is left unchanged in both source and
- destination.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateReset (z_streamp strm);
-#else
-extern int EXPORT deflateReset OF((z_streamp strm));
-#endif
-/*
- This function is equivalent to deflateEnd followed by deflateInit,
- but does not free and reallocate all the internal compression state.
- The stream will keep the same compression level and any other attributes
- that may have been set by deflateInit2.
-
- deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
- stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateParams (z_streamp strm, int level, int strategy);
-#else
-extern int EXPORT deflateParams OF((z_streamp strm, int level, int strategy));
-#endif
-/*
- Dynamically update the compression level and compression strategy.
- This can be used to switch between compression and straight copy of
- the input data, or to switch to a different kind of input data requiring
- a different strategy. If the compression level is changed, the input
- available so far is compressed with the old level (and may be flushed);
- the new level will take effect only at the next call of deflate().
-
- Before the call of deflateParams, the stream state must be set as for
- a call of deflate(), since the currently available input may have to
- be compressed and flushed. In particular, strm->avail_out must be non-zero.
-
- deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source
- stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR
- if strm->avail_out was zero.
-*/
-
-/*
-extern int EXPORT inflateInit2 OF((z_streamp strm,
- int windowBits));
-
- This is another version of inflateInit with more compression options. The
- fields next_out, zalloc, zfree and opaque must be initialized before by
- the caller.
-
- The windowBits parameter is the base two logarithm of the maximum window
- size (the size of the history buffer). It should be in the range 8..15 for
- this version of the library (the value 16 will be allowed soon). The
- default value is 15 if inflateInit is used instead. If a compressed stream
- with a larger window size is given as input, inflate() will return with
- the error code Z_DATA_ERROR instead of trying to allocate a larger window.
-
- If next_out is not null, the library will use this buffer for the history
- buffer; the buffer must either be large enough to hold the entire output
- data, or have at least 1<<windowBits bytes. If next_out is null, the
- library will allocate its own buffer (and leave next_out null). next_in
- need not be provided here but must be provided by the application for the
- next call of inflate().
-
- If the history buffer is provided by the application, next_out must
- never be changed by the application since the decompressor maintains
- history information inside this buffer from call to call; the application
- can only reset next_out to the beginning of the history buffer when
- avail_out is zero and all output has been consumed.
-
- inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was
- not enough memory, Z_STREAM_ERROR if a parameter is invalid (such as
- windowBits < 8). msg is set to null if there is no error message.
- inflateInit2 does not perform any decompression: this will be done by
- inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSetDictionary (z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength);
-#else
-extern int EXPORT inflateSetDictionary OF((z_streamp strm,
- const Bytef *dictionary,
- uInt dictLength));
-#endif
-/*
- Initializes the decompression dictionary (history buffer) from the given
- uncompressed byte sequence. This function must be called immediately after
- a call of inflate if this call returned Z_NEED_DICT. The dictionary chosen
- by the compressor can be determined from the Adler32 value returned by this
- call of inflate. The compressor and decompressor must use exactly the same
- dictionary (see deflateSetDictionary).
-
- inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
- parameter is invalid (such as NULL dictionary) or the stream state is
- inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the
- expected one (incorrect Adler32 value). inflateSetDictionary does not
- perform any decompression: this will be done by subsequent calls of
- inflate().
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateSync (z_streamp strm);
-#else
-extern int EXPORT inflateSync OF((z_streamp strm));
-#endif
-/*
- Skips invalid compressed data until the special marker (see deflate()
- above) can be found, or until all available input is skipped. No output
- is provided.
-
- inflateSync returns Z_OK if the special marker has been found, Z_BUF_ERROR
- if no more input was provided, Z_DATA_ERROR if no marker has been found,
- or Z_STREAM_ERROR if the stream structure was inconsistent. In the success
- case, the application may save the current current value of total_in which
- indicates where valid compressed data was found. In the error case, the
- application may repeatedly call inflateSync, providing more input each time,
- until success or end of the input data.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) inflateReset (z_streamp strm);
-#else
-extern int EXPORT inflateReset OF((z_streamp strm));
-#endif
-/*
- This function is equivalent to inflateEnd followed by inflateInit,
- but does not free and reallocate all the internal decompression state.
- The stream will keep attributes that may have been set by inflateInit2.
-
- inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source
- stream state was inconsistent (such as zalloc or state being NULL).
-*/
-
-
- /* utility functions */
-
-/*
- The following utility functions are implemented on top of the
- basic stream-oriented functions. To simplify the interface, some
- default options are assumed (compression level, window size,
- standard memory allocation functions). The source code of these
- utility functions can easily be modified if you need special options.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) compress (Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT compress OF((Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen));
-#endif
-/*
- Compresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be at least 0.1% larger than
- sourceLen plus 12 bytes. Upon exit, destLen is the actual size of the
- compressed buffer.
- This function can be used to compress a whole file at once if the
- input file is mmap'ed.
- compress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) uncompress (Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen);
-#else
-extern int EXPORT uncompress OF((Bytef *dest, uLongf *destLen,
- const Bytef *source, uLong sourceLen));
-#endif
-/*
- Decompresses the source buffer into the destination buffer. sourceLen is
- the byte length of the source buffer. Upon entry, destLen is the total
- size of the destination buffer, which must be large enough to hold the
- entire uncompressed data. (The size of the uncompressed data must have
- been saved previously by the compressor and transmitted to the decompressor
- by some mechanism outside the scope of this compression library.)
- Upon exit, destLen is the actual size of the compressed buffer.
- This function can be used to decompress a whole file at once if the
- input file is mmap'ed.
-
- uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
- enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer, or Z_DATA_ERROR if the input data was corrupted.
-*/
-
-
-typedef voidp gzFile;
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzopen (const char *path, const char *mode);
-#else
-extern gzFile EXPORT gzopen OF((const char *path, const char *mode));
-#endif
-/*
- Opens a gzip (.gz) file for reading or writing. The mode parameter
- is as in fopen ("rb" or "wb") but can also include a compression level
- ("wb9"). gzopen can be used to read a file which is not in gzip format;
- in this case gzread will directly read from the file without decompression.
- gzopen returns NULL if the file could not be opened or if there was
- insufficient memory to allocate the (de)compression state; errno
- can be checked to distinguish the two cases (if errno is zero, the
- zlib error is Z_MEM_ERROR).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern gzFile) gzdopen (int fd, const char *mode);
-#else
-extern gzFile EXPORT gzdopen OF((int fd, const char *mode));
-#endif
-/*
- gzdopen() associates a gzFile with the file descriptor fd. File
- descriptors are obtained from calls like open, dup, creat, pipe or
- fileno (in the file has been previously opened with fopen).
- The mode parameter is as in gzopen.
- The next call of gzclose on the returned gzFile will also close the
- file descriptor fd, just like fclose(fdopen(fd), mode) closes the file
- descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode).
- gzdopen returns NULL if there was insufficient memory to allocate
- the (de)compression state.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzread (gzFile file, voidp buf, unsigned len);
-#else
-extern int EXPORT gzread OF((gzFile file, voidp buf, unsigned len));
-#endif
-/*
- Reads the given number of uncompressed bytes from the compressed file.
- If the input file was not in gzip format, gzread copies the given number
- of bytes into the buffer.
- gzread returns the number of uncompressed bytes actually read (0 for
- end of file, -1 for error). */
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzwrite (gzFile file, const voidp buf, unsigned len);
-#else
-extern int EXPORT gzwrite OF((gzFile file, const voidp buf, unsigned len));
-#endif
-/*
- Writes the given number of uncompressed bytes into the compressed file.
- gzwrite returns the number of uncompressed bytes actually written
- (0 in case of error).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzflush (gzFile file, int flush);
-#else
-extern int EXPORT gzflush OF((gzFile file, int flush));
-#endif
-/*
- Flushes all pending output into the compressed file. The parameter
- flush is as in the deflate() function. The return value is the zlib
- error number (see function gzerror below). gzflush returns Z_OK if
- the flush parameter is Z_FINISH and all output could be flushed.
- gzflush should be called only when strictly necessary because it can
- degrade compression.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) gzclose (gzFile file);
-#else
-extern int EXPORT gzclose OF((gzFile file));
-#endif
-/*
- Flushes all pending output if necessary, closes the compressed file
- and deallocates all the (de)compression state. The return value is the zlib
- error number (see function gzerror below).
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern const char *) gzerror (gzFile file, int *errnum);
-#else
-extern const char * EXPORT gzerror OF((gzFile file, int *errnum));
-#endif
-/*
- Returns the error message for the last error which occurred on the
- given compressed file. errnum is set to zlib error number. If an
- error occurred in the file system and not in the compression library,
- errnum is set to Z_ERRNO and the application may consult errno
- to get the exact error code.
-*/
-
- /* checksum functions */
-
-/*
- These functions are not related to compression but are exported
- anyway because they might be useful in applications using the
- compression library.
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) adler32 (uLong adler, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len));
-#endif
-
-/*
- Update a running Adler-32 checksum with the bytes buf[0..len-1] and
- return the updated checksum. If buf is NULL, this function returns
- the required initial value for the checksum.
- An Adler-32 checksum is almost as reliable as a CRC32 but can be computed
- much faster. Usage example:
-
- uLong adler = adler32(0L, Z_NULL, 0);
-
- while (read_buffer(buffer, length) != EOF) {
- adler = adler32(adler, buffer, length);
- }
- if (adler != original_adler) error();
-*/
-
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern uLong) crc32 (uLong crc, const Bytef *buf, uInt len);
-#else
-extern uLong EXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
-#endif
-/*
- Update a running crc with the bytes buf[0..len-1] and return the updated
- crc. If buf is NULL, this function returns the required initial value
- for the crc. Pre- and post-conditioning (one's complement) is performed
- within this function so it shouldn't be done by the application.
- Usage example:
-
- uLong crc = crc32(0L, Z_NULL, 0);
-
- while (read_buffer(buffer, length) != EOF) {
- crc = crc32(crc, buffer, length);
- }
- if (crc != original_crc) error();
-*/
-
-
- /* various hacks, don't look :) */
-
-/* deflateInit and inflateInit are macros to allow checking the zlib version
- * and the compiler's view of z_stream:
- */
-#ifdef MOZILLA_CLIENT
-PR_PUBLIC_API(extern int) deflateInit_ (z_streamp strm, int level, const char *version,
- int stream_size);
-PR_PUBLIC_API(extern int) inflateInit_ (z_streamp strm, const char *version,
- int stream_size);
-PR_PUBLIC_API(extern int) deflateInit2_ (z_streamp strm, int level, int method,
- int windowBits, int memLevel, int strategy,
- const char *version, int stream_size);
-PR_PUBLIC_API(extern int) inflateInit2_ (z_streamp strm, int windowBits,
- const char *version, int stream_size);
-#else
-extern int EXPORT deflateInit_ OF((z_streamp strm, int level, const char *version,
- int stream_size));
-extern int EXPORT inflateInit_ OF((z_streamp strm, const char *version,
- int stream_size));
-extern int EXPORT deflateInit2_ OF((z_streamp strm, int level, int method,
- int windowBits, int memLevel, int strategy,
- const char *version, int stream_size));
-extern int EXPORT inflateInit2_ OF((z_streamp strm, int windowBits,
- const char *version, int stream_size));
-#endif /* MOZILLA_CLIENT */
-
-
-#define deflateInit(strm, level) \
- deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit(strm) \
- inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
-#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
- deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
- (strategy), ZLIB_VERSION, sizeof(z_stream))
-#define inflateInit2(strm, windowBits) \
- inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
-
-#if !defined(_Z_UTIL_H) && !defined(NO_DUMMY_DECL)
- struct internal_state {int dummy;}; /* hack for buggy compilers */
-#endif
-
-uLongf *get_crc_table OF((void)); /* can be used by asm versions of crc32() */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* _ZLIB_H */
diff --git a/security/nss/lib/jar/manifest.mn b/security/nss/lib/jar/manifest.mn
deleted file mode 100644
index 9a47b1558..000000000
--- a/security/nss/lib/jar/manifest.mn
+++ /dev/null
@@ -1,53 +0,0 @@
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-
-MODULE = security
-
-LIBRARY_NAME = jar
-
-CORE_DEPTH = ../../..
-
-CSRCS = \
- jarver.c \
- jarsign.c \
- jar.c \
- jar-ds.c \
- jarfile.c \
- jarevil.c \
- jarjart.c \
- jarint.c \
- $(NULL)
-
-REQUIRES = security dbm
-
-EXPORTS = jar.h jar-ds.h jarfile.h
-
-DEFINES = -DMOZILLA_CLIENT=1
diff --git a/security/nss/lib/macbuild/NSS/NSS/NSS.mcp b/security/nss/lib/macbuild/NSS/NSS/NSS.mcp
deleted file mode 100644
index 99a1dd3de..000000000
--- a/security/nss/lib/macbuild/NSS/NSS/NSS.mcp
+++ /dev/null
Binary files differ
diff --git a/security/nss/lib/macbuild/SecurityLib.mcp b/security/nss/lib/macbuild/SecurityLib.mcp
deleted file mode 100644
index 3efcf8c2d..000000000
--- a/security/nss/lib/macbuild/SecurityLib.mcp
+++ /dev/null
Binary files differ
diff --git a/security/nss/lib/manifest.mn b/security/nss/lib/manifest.mn
deleted file mode 100644
index 2738cf722..000000000
--- a/security/nss/lib/manifest.mn
+++ /dev/null
@@ -1,65 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../..
-DEPTH = ../..
-
-#
-# organized by DLL
-#
-# softoken and prereqs.
-# stan (not a separate dll yet)
-# nss base (traditional)
-# ssl
-# smime
-# ckfw (builtins module)
-# crmf jar (not dll's)
-# fortcrypt
-DIRS = util freebl softoken \
- base asn1 dev pki pki1 \
- certdb certhigh pk11wrap cryptohi crypto nss \
- ssl \
- pkcs12 pkcs7 smime \
- crmf jar \
- ckfw \
- fortcrypt \
- $(NULL)
-
-# NSS 4.0 build - pure stan libraries
-ifdef PURE_STAN_BUILD
-DIRS = base asn1 dev pki pki1
-endif
-
-#
-# these dirs are not built at the moment
-#
-#NOBUILD_DIRS = jar
diff --git a/security/nss/lib/nss/Makefile b/security/nss/lib/nss/Makefile
deleted file mode 100644
index 2eeeaef56..000000000
--- a/security/nss/lib/nss/Makefile
+++ /dev/null
@@ -1,78 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/arch.mk
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-include config.mk
-
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/nss/config.mk b/security/nss/lib/nss/config.mk
deleted file mode 100644
index dec348831..000000000
--- a/security/nss/lib/nss/config.mk
+++ /dev/null
@@ -1,118 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-#TARGETS = $(LIBRARY)
-#SHARED_LIBRARY =
-#IMPORT_LIBRARY =
-#PROGRAM =
-
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib
-
-RES = $(OBJDIR)/$(LIBRARY_NAME).res
-RESNAME = $(LIBRARY_NAME).rc
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-SHARED_LIBRARY_LIBS = \
- $(DIST)/lib/certhi.lib \
- $(DIST)/lib/cryptohi.lib \
- $(DIST)/lib/pk11wrap.lib \
- $(DIST)/lib/certdb.lib \
- $(DIST)/lib/secutil.lib \
- $(DIST)/lib/nsspki.lib \
- $(DIST)/lib/nssdev.lib \
- $(DIST)/lib/nssb.lib \
- $(NULL)
-
-SHARED_LIBRARY_DIRS = \
- ../certhigh \
- ../cryptohi \
- ../pk11wrap \
- ../certdb \
- ../util \
- ../pki \
- ../dev \
- ../base \
- $(NULL)
-
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/softokn3.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-else
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-SHARED_LIBRARY_LIBS = \
- $(DIST)/lib/libcerthi.$(LIB_SUFFIX) \
- $(DIST)/lib/libpk11wrap.$(LIB_SUFFIX) \
- $(DIST)/lib/libcryptohi.$(LIB_SUFFIX) \
- $(DIST)/lib/libcertdb.$(LIB_SUFFIX) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libnsspki.$(LIB_SUFFIX) \
- $(DIST)/lib/libnssdev.$(LIB_SUFFIX) \
- $(DIST)/lib/libnssb.$(LIB_SUFFIX) \
- $(NULL)
-
-SHARED_LIBRARY_DIRS = \
- ../certhigh \
- ../pk11wrap \
- ../cryptohi \
- ../certdb \
- ../util \
- ../pki \
- ../dev \
- ../base \
- $(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lsoftokn3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-endif
-
diff --git a/security/nss/lib/nss/manifest.mn b/security/nss/lib/nss/manifest.mn
deleted file mode 100644
index 1fbdc045d..000000000
--- a/security/nss/lib/nss/manifest.mn
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- nssrenam.h \
- $(NULL)
-
-EXPORTS = \
- nss.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- nssinit.c \
- nssver.c \
- $(NULL)
-
-REQUIRES = security dbm
-
-MAPFILE = $(OBJDIR)/nss.def
-
-LIBRARY_NAME = nss
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def
deleted file mode 100644
index 20ef4b743..000000000
--- a/security/nss/lib/nss/nss.def
+++ /dev/null
@@ -1,630 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation. Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation. All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+# Dr Stephen Henson <stephen.henson@gemplus.com>
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above. If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL. If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+# 1. For all unix platforms, the string ";-" means "remove this line"
-;+# 2. For all unix platforms, the string " DATA " will be removed from any
-;+# line on which it occurs.
-;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+# On AIX, lines containing ";+" will be removed.
-;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+# 5. For all unix platforms, after the above processing has taken place,
-;+# all characters after the first ";" on the line will be removed.
-;+# And for AIX, the first ";" will also be removed.
-;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+# directives are hidden behind ";", ";+", and ";-"
-;+NSS_3.2 { # NSS 3.2 release
-;+ global:
-LIBRARY nss3 ;-
-EXPORTS ;-
-ATOB_AsciiToData;
-BTOA_ConvertItemToAscii;
-BTOA_DataToAscii;
-CERT_AsciiToName;
-CERT_CertTimesValid;
-CERT_CheckCertValidTimes;
-CERT_CreateCertificateRequest;
-CERT_ChangeCertTrust;
-CERT_DecodeDERCrl;
-CERT_DestroyCertificateRequest;
-CERT_DestroyCertList;
-CERT_DestroyName;
-CERT_EnableOCSPChecking;
-CERT_FormatName;
-CERT_DestroyCertificate;
-CERT_DupCertificate;
-CERT_FreeDistNames;
-CERT_FreeNicknames;
-CERT_GetAVATag;
-CERT_GetCertEmailAddress;
-CERT_GetCertNicknames;
-CERT_GetCertIssuerAndSN;
-CERT_GetCertTrust;
-CERT_GetCertUid;
-CERT_GetCommonName;
-CERT_GetCountryName;
-CERT_GetDBContentVersion;
-CERT_GetDefaultCertDB;
-CERT_GetDomainComponentName;
-CERT_GetLocalityName;
-CERT_GetOrgName;
-CERT_GetOrgUnitName;
-CERT_GetSSLCACerts;
-CERT_GetSlopTime;
-CERT_GetStateName;
-CERT_ImportCAChain;
-CERT_NameToAscii;
-CERT_RFC1485_EscapeAndQuote;
-CERT_SetSlopTime;
-CERT_VerifyCertName;
-CERT_VerifyCertNow;
-DER_UTCDayToAscii;
-DER_UTCTimeToAscii;
-DER_GeneralizedTimeToTime;
-NSS_Init;
-NSS_Initialize;
-NSS_InitReadWrite;
-NSS_NoDB_Init;
-NSS_Shutdown;
-NSS_VersionCheck;
-PK11_Authenticate;
-PK11_ChangePW;
-PK11_CheckUserPassword;
-PK11_CipherOp;
-PK11_CloneContext;
-PK11_ConfigurePKCS11;
-PK11_CreateContextBySymKey;
-PK11_CreateDigestContext;
-PK11_DestroyContext;
-PK11_DestroyTokenObject;
-PK11_DigestBegin;
-PK11_DigestOp;
-PK11_DigestFinal;
-PK11_DoesMechanism;
-PK11_FindCertFromNickname;
-PK11_FindCertFromDERCert;
-PK11_FindCertByIssuerAndSN;
-PK11_FindKeyByAnyCert;
-PK11_FindKeyByDERCert;
-PK11_FindSlotByName;
-PK11_Finalize;
-PK11_FortezzaHasKEA;
-PK11_FreeSlot;
-PK11_FreeSlotList;
-PK11_FreeSymKey;
-PK11_GenerateKeyPair;
-PK11_GenerateRandom;
-PK11_GenerateNewParam;
-PK11_GetAllTokens;
-PK11_GetBlockSize;
-PK11_GetFirstSafe;
-PK11_GetInternalKeySlot;
-PK11_GetInternalSlot;
-PK11_GetSlotName;
-PK11_GetTokenName;
-PK11_HashBuf;
-PK11_IsFIPS;
-PK11_IsFriendly;
-PK11_IsInternal;
-PK11_IsHW;
-PK11_IsPresent;
-PK11_IsReadOnly;
-PK11_KeyGen;
-PK11_ListCerts;
-PK11_NeedLogin;
-PK11_RandomUpdate;
-PK11_SetPasswordFunc;
-PK11_SetSlotPWValues;
-PORT_Alloc;
-PORT_Free;
-PORT_GetError;
-PORT_SetError;
-PORT_SetUCS4_UTF8ConversionFunction;
-PORT_SetUCS2_UTF8ConversionFunction;
-PORT_SetUCS2_ASCIIConversionFunction;
-SECITEM_CopyItem;
-SECITEM_DupItem;
-SECITEM_FreeItem;
-SECITEM_ZfreeItem;
-SECKEY_ConvertToPublicKey;
-SECKEY_CopyPrivateKey;
-SECKEY_CreateSubjectPublicKeyInfo;
-SECKEY_DestroyPrivateKey;
-SECKEY_DestroySubjectPublicKeyInfo;
-SECMOD_IsModulePresent;
-SECOID_FindOIDTagDescription;
-SECOID_GetAlgorithmTag;
-SEC_DeletePermCertificate;
-SEC_DeletePermCRL;
-SEC_DerSignData;
-SEC_DestroyCrl;
-SEC_FindCrlByDERCert;
-SEC_FindCrlByName;
-SEC_LookupCrls;
-SEC_NewCrl;
-;+#
-;+# The following symbols are exported only to make libssl3.so work.
-;+# These are still private!!!
-;+#
-__CERT_NewTempCertificate;
-__PK11_CreateContextByRawKey;
-__PK11_GetKeyData;
-__nss_InitLock;
-CERT_CertChainFromCert;
-CERT_DestroyCertificateList;
-CERT_DupCertList;
-CERT_ExtractPublicKey;
-CERT_FindCertByName;
-DER_Lengths;
-DSAU_DecodeDerSig;
-DSAU_EncodeDerSig;
-HASH_GetHashObject;
-NSSRWLock_Destroy;
-NSSRWLock_HaveWriteLock;
-NSSRWLock_LockRead;
-NSSRWLock_LockWrite;
-NSSRWLock_New;
-NSSRWLock_UnlockRead;
-NSSRWLock_UnlockWrite;
-NSS_PutEnv;
-PK11_Derive;
-PK11_DeriveWithFlags;
-PK11_DigestKey;
-PK11_FindBestKEAMatch;
-PK11_FindFixedKey;
-PK11_GenerateFortezzaIV;
-PK11_GetBestKeyLength;
-PK11_GetBestSlot;
-PK11_GetBestSlotMultiple;
-PK11_GetBestWrapMechanism;
-PK11_GetCurrentWrapIndex;
-PK11_GetMechanism;
-PK11_GetModuleID;
-PK11_GetPrivateModulusLen;
-PK11_GetSlotFromKey;
-PK11_GetSlotFromPrivateKey;
-PK11_GetSlotID;
-PK11_GetSlotSeries;
-PK11_GetTokenInfo;
-PK11_GetWindow;
-PK11_GetWrapKey;
-PK11_IVFromParam;
-PK11_MakeKEAPubKey;
-PK11_ParamFromIV;
-PK11_PubDecryptRaw;
-PK11_PubDerive;
-PK11_PubEncryptRaw;
-PK11_PubUnwrapSymKey;
-PK11_PubWrapSymKey;
-PK11_ReferenceSymKey;
-PK11_RestoreContext;
-PK11_SaveContext;
-PK11_SetFortezzaHack;
-PK11_SetWrapKey;
-PK11_Sign;
-PK11_SignatureLen;
-PK11_SymKeyFromHandle;
-PK11_TokenExists;
-PK11_UnwrapSymKey;
-PK11_UnwrapSymKeyWithFlags;
-PK11_Verify;
-PK11_VerifyKeyOK;
-PK11_WrapSymKey;
-PORT_ArenaAlloc;
-PORT_ArenaZAlloc;
-PORT_FreeArena;
-PORT_NewArena;
-PORT_Realloc;
-PORT_ZAlloc;
-PORT_ZFree;
-RSA_FormatBlock;
-SECITEM_CompareItem;
-SECKEY_CreateRSAPrivateKey;
-SECKEY_DestroyPublicKey;
-SECKEY_PublicKeyStrength;
-SECKEY_UpdateCertPQG;
-SECMOD_LookupSlot;
-SGN_Begin;
-SGN_DestroyContext;
-SGN_End;
-SGN_NewContext;
-SGN_Update;
-VFY_Begin;
-VFY_CreateContext;
-VFY_DestroyContext;
-VFY_End;
-VFY_Update;
-;+#
-;+# The following symbols are exported only to make libsmime3.so work.
-;+# These are still private!!!
-;+#
-__CERT_ClosePermCertDB;
-__CERT_DecodeDERCertificate;
-__CERT_TraversePermCertsForNickname;
-__CERT_TraversePermCertsForSubject;
-__PBE_CreateContext;
-__PBE_DestroyContext;
-__PBE_GenerateBits;
-ATOB_ConvertAsciiToItem;
-CERT_AddCertToListTail;
-CERT_CertListFromCert;
-CERT_DestroyCertArray;
-CERT_FindCertByDERCert;
-CERT_FindCertByIssuerAndSN;
-CERT_FindSMimeProfile;
-CERT_ImportCerts;
-CERT_NewCertList;
-CERT_OpenCertDBFilename;
-CERT_SaveSMimeProfile;
-CERT_VerifyCert;
-DER_GetInteger;
-DER_TimeToUTCTime;
-DER_UTCTimeToTime;
-PK11_AlgtagToMechanism;
-PK11_BlockData;
-PK11_CreatePBEAlgorithmID;
-PK11_DestroyObject;
-PK11_ExportEncryptedPrivateKeyInfo;
-PK11_ExportPrivateKeyInfo;
-PK11_FindCertAndKeyByRecipientList;
-PK11_FindCertAndKeyByRecipientListNew;
-PK11_FindCertInSlot;
-PK11_FindPrivateKeyFromCert;
-PK11_FortezzaMapSig;
-PK11_GetKeyLength;
-PK11_GetKeyStrength;
-PK11_ImportCertForKeyToSlot;
-PK11_ImportEncryptedPrivateKeyInfo;
-PK11_ImportPrivateKeyInfo;
-PK11_MapPBEMechanismToCryptoMechanism;
-PK11_PBEKeyGen;
-PK11_ParamFromAlgid;
-PK11_ParamToAlgid;
-PK11_TraverseCertsForNicknameInSlot;
-PK11_TraverseCertsForSubjectInSlot;
-PORT_ArenaGrow;
-PORT_ArenaMark;
-PORT_ArenaRelease;
-PORT_ArenaStrdup;
-PORT_ArenaUnmark;
-PORT_UCS2_ASCIIConversion;
-PORT_UCS2_UTF8Conversion;
-SECITEM_AllocItem;
-SECKEY_CopyEncryptedPrivateKeyInfo;
-SECKEY_CopyPrivateKeyInfo;
-SECKEY_DestroyEncryptedPrivateKeyInfo;
-SECKEY_DestroyPrivateKeyInfo;
-SECOID_CompareAlgorithmID;
-SECOID_CopyAlgorithmID;
-SECOID_DestroyAlgorithmID;
-SECOID_FindOID;
-SECOID_FindOIDByTag;
-SECOID_FindOIDTag;
-SECOID_SetAlgorithmID;
-SEC_ASN1DecodeInteger;
-SEC_ASN1DecodeItem;
-SEC_ASN1DecoderClearFilterProc;
-SEC_ASN1DecoderClearNotifyProc;
-SEC_ASN1DecoderFinish;
-SEC_ASN1DecoderSetFilterProc;
-SEC_ASN1DecoderSetNotifyProc;
-SEC_ASN1DecoderStart;
-SEC_ASN1DecoderUpdate;
-SEC_ASN1Encode;
-SEC_ASN1EncodeInteger;
-SEC_ASN1EncodeItem;
-SEC_ASN1EncoderClearNotifyProc;
-SEC_ASN1EncoderClearStreaming;
-SEC_ASN1EncoderClearTakeFromBuf;
-SEC_ASN1EncoderFinish;
-SEC_ASN1EncoderSetNotifyProc;
-SEC_ASN1EncoderSetStreaming;
-SEC_ASN1EncoderSetTakeFromBuf;
-SEC_ASN1EncoderStart;
-SEC_ASN1EncoderUpdate;
-SEC_ASN1LengthLength;
-SEC_PKCS5GetCryptoAlgorithm;
-SEC_PKCS5GetKeyLength;
-SEC_PKCS5GetPBEAlgorithm;
-SEC_PKCS5IsAlgorithmPBEAlg;
-SEC_SignData;
-SGN_CompareDigestInfo;
-SGN_CopyDigestInfo;
-SGN_CreateDigestInfo;
-SGN_DestroyDigestInfo;
-SGN_Digest;
-VFY_VerifyData;
-VFY_VerifyDigest;
-;+#
-;+# Data objects
-;+#
-;+# Don't export these DATA symbols on Windows because they don't work right.
-;;CERT_CrlTemplate DATA ;
-;;CERT_SignedDataTemplate DATA ;
-;;CERT_CertificateTemplate DATA ;
-;;CERT_CertificateRequestTemplate DATA ;
-;;CERT_IssuerAndSNTemplate DATA ;
-;;CERT_SetOfSignedCrlTemplate DATA ;
-;;SECKEY_DSAPublicKeyTemplate DATA ;
-;;SECKEY_EncryptedPrivateKeyInfoTemplate DATA ;
-;;SECKEY_PointerToEncryptedPrivateKeyInfoTemplate DATA ;
-;;SECKEY_PointerToPrivateKeyInfoTemplate DATA ;
-;;SECKEY_PrivateKeyInfoTemplate DATA ;
-;;SECKEY_RSAPublicKeyTemplate DATA ;
-;;SECOID_AlgorithmIDTemplate DATA ;
-;;SEC_AnyTemplate DATA ;
-;;SEC_BMPStringTemplate DATA ;
-;;SEC_BitStringTemplate DATA ;
-;;SEC_GeneralizedTimeTemplate DATA ;
-;;SEC_IA5StringTemplate DATA ;
-;;SEC_IntegerTemplate DATA ;
-;;SEC_ObjectIDTemplate DATA ;
-;;SEC_OctetStringTemplate DATA ;
-;;SEC_PointerToAnyTemplate DATA ;
-;;SEC_PointerToOctetStringTemplate DATA ;
-;;SEC_SetOfAnyTemplate DATA ;
-;;SEC_UTCTimeTemplate DATA ;
-;;sgn_DigestInfoTemplate DATA ;
-NSS_Get_CERT_CrlTemplate;
-NSS_Get_CERT_SignedDataTemplate;
-NSS_Get_CERT_CertificateTemplate;
-NSS_Get_CERT_CertificateRequestTemplate;
-NSS_Get_CERT_IssuerAndSNTemplate;
-NSS_Get_CERT_SetOfSignedCrlTemplate;
-NSS_Get_SECKEY_DSAPublicKeyTemplate;
-NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate;
-NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate;
-NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate;
-NSS_Get_SECKEY_PrivateKeyInfoTemplate;
-NSS_Get_SECKEY_RSAPublicKeyTemplate;
-NSS_Get_SECOID_AlgorithmIDTemplate;
-NSS_Get_SEC_AnyTemplate;
-NSS_Get_SEC_BMPStringTemplate;
-NSS_Get_SEC_BitStringTemplate;
-NSS_Get_SEC_GeneralizedTimeTemplate;
-NSS_Get_SEC_IA5StringTemplate;
-NSS_Get_SEC_IntegerTemplate;
-NSS_Get_SEC_ObjectIDTemplate;
-NSS_Get_SEC_OctetStringTemplate;
-NSS_Get_SEC_PointerToAnyTemplate;
-NSS_Get_SEC_PointerToOctetStringTemplate;
-NSS_Get_SEC_SetOfAnyTemplate;
-NSS_Get_SEC_UTCTimeTemplate;
-NSS_Get_sgn_DigestInfoTemplate;
-;+# commands
-CERT_DecodeBasicConstraintValue;
-CERT_DecodeOidSequence;
-CERT_DecodeUserNotice;
-CERT_DecodeCertificatePoliciesExtension;
-CERT_DestroyCertificatePoliciesExtension;
-CERT_FindCertByNicknameOrEmailAddr;
-CERT_FindCertByNickname;
-CERT_GenTime2FormattedAscii;
-CERT_Hexify;
-CERT_CompareName;
-PK11SDR_Encrypt;
-PK11SDR_Decrypt;
-NSSBase64Decoder_Create;
-NSSBase64Decoder_Destroy;
-NSSBase64Decoder_Update;
-NSSBase64Encoder_Create;
-NSSBase64Encoder_Destroy;
-NSSBase64Encoder_Update;
-;+#PK11_DoPassword;
-;+#PK11_FindKeyByKeyID;
-PK11_InitPin;
-PK11_NeedUserInit;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.2.1 { # NSS 3.2.1 release
-;+ global:
-CERT_AddRDN;
-CERT_CreateRDN;
-CERT_CreateAVA;
-CERT_CreateName;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.3 { # NSS 3.3. release
-;+ global:
-CERT_CheckCertUsage;
-CERT_FindCertIssuer;
-PK11_GetModule;
-SECKEY_CreateDHPrivateKey;
-SECKEY_GetPublicKeyType;
-SECMOD_AddNewModule;
-;+#
-;+# The following symbols are exported only to make JSS work.
-;+# These are still private!!!
-;+#
-CERT_DisableOCSPChecking;
-CERT_DisableOCSPDefaultResponder;
-CERT_EnableOCSPDefaultResponder;
-CERT_GetCertTimes;
-CERT_ImportCAChainTrusted;
-CERT_ImportCRL;
-CERT_IsCACert;
-CERT_IsCADERCert;
-CERT_KeyFromDERCrl;
-CERT_SetOCSPDefaultResponder;
-PBE_CreateContext;
-PBE_DestroyContext;
-PBE_GenerateBits;
-PK11_CheckSSOPassword;
-PK11_CopySymKeyForSigning;
-PK11_DeleteTokenCertAndKey;
-PK11_DEREncodePublicKey;
-PK11_ExtractKeyValue;
-PK11_FindCertsFromNickname;
-PK11_FindKeyByKeyID;
-PK11_GetIVLength;
-PK11_GetKeyData;
-PK11_GetKeyType;
-PK11_GetLowLevelKeyIDForCert;
-PK11_GetLowLevelKeyIDForPrivateKey;
-PK11_GetSlotPWValues;
-PK11_ImportCertForKey;
-PK11_ImportDERCertForKey;
-PK11_ImportDERPrivateKeyInfo;
-PK11_ImportSymKey;
-PK11_IsLoggedIn;
-PK11_KeyForDERCertExists;
-PK11_KeyForCertExists;
-PK11_ListPrivateKeysInSlot;
-PK11_ListCertsInSlot;
-PK11_Logout;
-PK11_NeedPWInit;
-PK11_MakeIDFromPubKey;
-PK11_PQG_DestroyParams;
-PK11_PQG_DestroyVerify;
-PK11_PQG_GetBaseFromParams;
-PK11_PQG_GetCounterFromVerify;
-PK11_PQG_GetHFromVerify;
-PK11_PQG_GetPrimeFromParams;
-PK11_PQG_GetSeedFromVerify;
-PK11_PQG_GetSubPrimeFromParams;
-PK11_PQG_NewParams;
-PK11_PQG_NewVerify;
-PK11_PQG_ParamGen;
-PK11_PQG_ParamGenSeedLen;
-PK11_PQG_VerifyParams;
-PK11_ReferenceSlot;
-PK11_SeedRandom;
-PK11_UnwrapPrivKey;
-PK11_VerifyRecover;
-PK11_WrapPrivKey;
-SEC_CertNicknameConflict;
-SEC_PKCS5GetIV;
-SECMOD_DeleteInternalModule;
-SECMOD_DestroyModule;
-SECMOD_GetDefaultModuleList;
-SECMOD_GetDefaultModuleListLock;
-SECMOD_GetInternalModule;
-SECMOD_GetReadLock;
-SECMOD_ReferenceModule;
-SECMOD_ReleaseReadLock;
-SECKEY_AddPrivateKeyToListTail;
-SECKEY_EncodeDERSubjectPublicKeyInfo;
-SECKEY_ExtractPublicKey;
-SECKEY_DestroyPrivateKeyList;
-SECKEY_GetPrivateKeyType;
-SECKEY_HashPassword;
-SECKEY_ImportDERPublicKey;
-SECKEY_NewPrivateKeyList;
-SECKEY_RemovePrivateKeyListNode;
-VFY_EndWithSignature;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.3.1 { # NSS 3.3.1 release
-;+ global:
-;+#
-;+# The following symbols are exported only to make libsmime3.so work.
-;+# These are still private!!!
-;+#
-PK11_CreatePBEParams;
-PK11_DestroyPBEParams;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.4 { # NSS 3.4 release
-;+ global:
-SECMOD_LoadModule;
-SECMOD_GetModuleSpecList;
-SECMOD_FreeModuleSpecList;
-SECMOD_UpdateModule;
-SECMOD_DeleteModule;
-;+# for PKCS #12
-PK11_RawPBEKeyGen;
-;+# for PSM
-__CERT_AddTempCertToPerm;
-CERT_AddOKDomainName;
-CERT_CopyName;
-CERT_DecodeAVAValue;
-;+#CERT_DecodeCertFromPackage;
-CERT_DecodeTrustString;
-CERT_DerNameToAscii;
-CERT_FilterCertListByCANames;
-CERT_FilterCertListByUsage;
-CERT_FindUserCertByUsage;
-CERT_FindUserCertsByUsage;
-CERT_GetCertChainFromCert;
-CERT_GetOCSPAuthorityInfoAccessLocation;
-CERT_NicknameStringsFromCertList;
-CERT_MakeCANickname;
-CERT_VerifySignedData;
-DER_Encode;
-HASH_Begin;
-HASH_Create;
-HASH_Destroy;
-HASH_End;
-HASH_ResultLen;
-HASH_Update;
-NSSBase64_DecodeBuffer; # from Stan
-NSSBase64_EncodeItem; # from Stan
-PK11_GetKeyGen;
-PK11_GetMinimumPwdLength;
-PK11_GetNextSafe;
-PK11_GetPadMechanism;
-PK11_GetSlotInfo;
-PK11_HasRootCerts;
-PK11_IsDisabled;
-PK11_LoadPrivKey;
-PK11_LogoutAll;
-PK11_MechanismToAlgtag;
-PK11_ResetToken;
-PK11_TraverseSlotCerts;
-SEC_ASN1Decode;
-SECKEY_CopySubjectPublicKeyInfo;
-SECMOD_CreateModule;
-SECMOD_FindModule;
-SECMOD_FindSlot;
-SECMOD_PubCipherFlagstoInternal;
-SECMOD_PubMechFlagstoInternal;
-;;CERT_NameTemplate DATA ;
-;;CERT_SubjectPublicKeyInfoTemplate DATA ;
-;;SEC_BooleanTemplate DATA ;
-;;SEC_NullTemplate DATA ;
-;;SEC_SignedCertificateTemplate DATA ;
-;;SEC_UTF8StringTemplate DATA ;
-NSS_Get_CERT_NameTemplate;
-NSS_Get_CERT_SubjectPublicKeyInfoTemplate;
-NSS_Get_SEC_BooleanTemplate;
-NSS_Get_SEC_NullTemplate;
-NSS_Get_SEC_SignedCertificateTemplate;
-NSS_Get_SEC_UTF8StringTemplate;
-;+ local:
-;+ *;
-;+};
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
deleted file mode 100644
index c76de83d4..000000000
--- a/security/nss/lib/nss/nss.h
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __nss_h_
-#define __nss_h_
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * NSS's major version, minor version, patch level, and whether
- * this is a beta release.
- *
- * The format of the version string should be
- * "<major version>.<minor version>[.<patch level>] [<Beta>]"
- */
-#define NSS_VERSION "3.4 Beta"
-#define NSS_VMAJOR 3
-#define NSS_VMINOR 4
-#define NSS_VPATCH 0
-#define NSS_BETA PR_TRUE
-
-
-/*
- * Return a boolean that indicates whether the underlying library
- * will perform as the caller expects.
- *
- * The only argument is a string, which should be the verson
- * identifier of the NSS library. That string will be compared
- * against a string that represents the actual build version of
- * the NSS library. It also invokes the version checking functions
- * of the dependent libraries such as NSPR.
- */
-extern PRBool NSS_VersionCheck(const char *importedVersion);
-
-/*
- * Open the Cert, Key, and Security Module databases, read only.
- * Initialize the Random Number Generator.
- * Does not initialize the cipher policies or enables.
- * Default policy settings disallow all ciphers.
- */
-extern SECStatus NSS_Init(const char *configdir);
-
-/*
- * Open the Cert, Key, and Security Module databases, read/write.
- * Initialize the Random Number Generator.
- * Does not initialize the cipher policies or enables.
- * Default policy settings disallow all ciphers.
- */
-extern SECStatus NSS_InitReadWrite(const char *configdir);
-
-/*
- * Open the Cert, Key, and Security Module databases, read/write.
- * Initialize the Random Number Generator.
- * Does not initialize the cipher policies or enables.
- * Default policy settings disallow all ciphers.
- *
- * This allows using application defined prefixes for the cert and key db's
- * and an alternate name for the secmod database. NOTE: In future releases,
- * the database prefixes my not necessarily map to database names.
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * flags - change the open options of NSS_Initialize as follows:
- * NSS_INIT_READONLY - Open the databases read only.
- * NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just
- * initialize the volatile certdb.
- * NSS_INIT_NOMODDB - Don't open the security module DB, just
- * initialize the PKCS #11 module.
- * NSS_INIT_FORCEOPEN - Continue to force initializations even if the
- * databases cannot be opened.
- *
- * Also NOTE: This is not the recommended method for initializing NSS.
- * The prefered method is NSS_init().
- */
-#define NSS_INIT_READONLY 0x1
-#define NSS_INIT_NOCERTDB 0x2
-#define NSS_INIT_NOMODDB 0x4
-#define NSS_INIT_FORCEOPEN 0x8
-
-extern SECStatus NSS_Initialize(const char *configdir,
- const char *certPrefix, const char *keyPrefix,
- const char *secmodName, PRUint32 flags);
-
-/*
- * initialize NSS without a creating cert db's, key db's, or secmod db's.
- */
-SECStatus NSS_NoDB_Init(const char *configdir);
-
-/*
- * Close the Cert, Key databases.
- */
-extern void NSS_Shutdown(void);
-
-/*
- * set the PKCS #11 strings for the internal token.
- */
-void PK11_ConfigurePKCS11(const char *man, const char *libdes,
- const char *tokdes, const char *ptokdes, const char *slotdes,
- const char *pslotdes, const char *fslotdes, const char *fpslotdes,
- int minPwd, int pwRequired);
-
-SEC_END_PROTOS
-
-#endif /* __nss_h_ */
diff --git a/security/nss/lib/nss/nss.rc b/security/nss/lib/nss/nss.rc
deleted file mode 100644
index 7eb93b8bb..000000000
--- a/security/nss/lib/nss/nss.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "nss"
-#define MY_FILEDESCRIPTION "NSS Base Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904B0" // Lang=US English, CharSet=Unicode
- BEGIN
- VALUE "CompanyName", "Netscape Communications Corporation\0"
- VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
- VALUE "FileVersion", NSS_VERSION "\0"
- VALUE "InternalName", MY_INTERNAL_NAME "\0"
- VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
- VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
- VALUE "ProductName", "Network Security Services\0"
- VALUE "ProductVersion", NSS_VERSION "\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 1200
- END
-END
diff --git a/security/nss/lib/nss/nssinit.c b/security/nss/lib/nss/nssinit.c
deleted file mode 100644
index 12b52755f..000000000
--- a/security/nss/lib/nss/nssinit.c
+++ /dev/null
@@ -1,448 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- # $Id$
- */
-
-#include <ctype.h>
-#include "seccomon.h"
-#include "prinit.h"
-#include "prprf.h"
-#include "prmem.h"
-#include "cert.h"
-#include "key.h"
-#include "ssl.h"
-#include "sslproto.h"
-#include "secmod.h"
-#include "secoid.h"
-#include "nss.h"
-#include "secrng.h"
-#include "pk11func.h"
-
-#include "pki3hack.h"
-
-#define NSS_MAX_FLAG_SIZE sizeof("readOnly")+sizeof("noCertDB")+ \
- sizeof("noModDB")+sizeof("forceOpen")+sizeof("passwordRequired")
-#define NSS_DEFAULT_MOD_NAME "NSS Internal Module"
-#define SECMOD_DB "secmod.db"
-
-static char *
-nss_makeFlags(PRBool readOnly, PRBool noCertDB,
- PRBool noModDB, PRBool forceOpen, PRBool passwordRequired)
-{
- char *flags = (char *)PORT_Alloc(NSS_MAX_FLAG_SIZE);
- PRBool first = PR_TRUE;
-
- PORT_Memset(flags,0,NSS_MAX_FLAG_SIZE);
- if (readOnly) {
- PORT_Strcat(flags,"readOnly");
- first = PR_FALSE;
- }
- if (noCertDB) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"noCertDB");
- first = PR_FALSE;
- }
- if (noModDB) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"noModDB");
- first = PR_FALSE;
- }
- if (forceOpen) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"forceOpen");
- first = PR_FALSE;
- }
- if (passwordRequired) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"passwordRequired");
- first = PR_FALSE;
- }
- return flags;
-}
-
-/*
- * statics to remember the PKCS11_ConfigurePKCS11()
- * info.
- */
-static char * pk11_config_strings = NULL;
-static char * pk11_config_name = NULL;
-static PRBool pk11_password_required = PR_FALSE;
-
-/*
- * this is a legacy configuration function which used to be part of
- * the PKCS #11 internal token.
- */
-void
-PK11_ConfigurePKCS11(const char *man, const char *libdes, const char *tokdes,
- const char *ptokdes, const char *slotdes, const char *pslotdes,
- const char *fslotdes, const char *fpslotdes, int minPwd, int pwRequired)
-{
- char *strings = NULL;
- char *newStrings;
-
- /* make sure the internationalization was done correctly... */
- strings = PR_smprintf("");
- if (strings == NULL) return;
-
- if (man) {
- newStrings = PR_smprintf("%s manufacturerID='%s'",strings,man);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (libdes) {
- newStrings = PR_smprintf("%s libraryDescription='%s'",strings,libdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- if (pk11_config_name != NULL) {
- PORT_Free(pk11_config_name);
- }
- pk11_config_name = PORT_Strdup(libdes);
- }
- if (strings == NULL) return;
-
- if (tokdes) {
- newStrings = PR_smprintf("%s cryptoTokenDescription='%s'",strings,
- tokdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (ptokdes) {
- newStrings = PR_smprintf("%s dbTokenDescription='%s'",strings,ptokdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (slotdes) {
- newStrings = PR_smprintf("%s cryptoSlotDescription='%s'",strings,
- slotdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (pslotdes) {
- newStrings = PR_smprintf("%s dbSlotDescription='%s'",strings,pslotdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (fslotdes) {
- newStrings = PR_smprintf("%s FIPSSlotDescription='%s'",
- strings,fslotdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- if (fpslotdes) {
- newStrings = PR_smprintf("%s FIPSTokenDescription='%s'",
- strings,fpslotdes);
- PR_smprintf_free(strings);
- strings = newStrings;
- }
- if (strings == NULL) return;
-
- newStrings = PR_smprintf("%s minPS=%d", strings, minPwd);
- PR_smprintf_free(strings);
- strings = newStrings;
- if (strings == NULL) return;
-
- if (pk11_config_strings != NULL) {
- PR_smprintf_free(pk11_config_strings);
- }
- pk11_config_strings = strings;
- pk11_password_required = pwRequired;
-
- return;
-}
-
-static char *
-nss_addEscape(const char *string, char quote)
-{
- char *newString = 0;
- int escapes = 0, size = 0;
- const char *src;
- char *dest;
-
- for (src=string; *src ; src++) {
- if ((*src == quote) || (*src == '\\')) escapes++;
- size++;
- }
-
- newString = PORT_ZAlloc(escapes+size+1);
- if (newString == NULL) {
- return NULL;
- }
-
- for (src=string, dest=newString; *src; src++,dest++) {
- if ((*src == '\\') || (*src == quote)) {
- *dest++ = '\\';
- }
- *dest = *src;
- }
-
- return newString;
-}
-
-static char *
-nss_doubleEscape(const char *string)
-{
- char *round1 = NULL;
- char *retValue = NULL;
- if (string == NULL) {
- goto done;
- }
- round1 = nss_addEscape(string,'\'');
- if (round1) {
- retValue = nss_addEscape(round1,'"');
- PORT_Free(round1);
- }
-
-done:
- if (retValue == NULL) {
- retValue = PORT_Strdup("");
- }
- return retValue;
-}
-
-
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the
- * Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the
- * PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- * be opened.
- */
-
-static SECStatus
-nss_Init(const char *configdir, const char *certPrefix, const char *keyPrefix,
- const char *secmodName, PRBool readOnly, PRBool noCertDB,
- PRBool noModDB, PRBool forceOpen)
-{
- char *moduleSpec = NULL;
- char *flags = NULL;
- SECStatus rv = SECFailure;
- char *lconfigdir,*lcertPrefix,*lkeyPrefix,*lsecmodName;
-
- flags = nss_makeFlags(readOnly,noCertDB,noModDB,forceOpen,
- pk11_password_required);
- if (flags == NULL) return rv;
-
- /*
- * configdir is double nested, and Windows uses the same character
- * for file seps as we use for escapes! (sigh).
- */
- lconfigdir = nss_doubleEscape(configdir);
- if (lconfigdir == NULL) {
- goto loser;
- }
- lcertPrefix = nss_doubleEscape(certPrefix);
- if (lcertPrefix == NULL) {
- goto loser;
- }
- lkeyPrefix = nss_doubleEscape(keyPrefix);
- if (lkeyPrefix == NULL) {
- goto loser;
- }
- lsecmodName = nss_doubleEscape(secmodName);
- if (lsecmodName == NULL) {
- goto loser;
- }
-
- moduleSpec = PR_smprintf("name=\"%s\" parameters=\"configdir='%s' certPrefix='%s' keyPrefix='%s' secmod='%s' flags=%s %s\" NSS=\"flags=internal,moduleDB,moduleDBOnly,critical\"",
- pk11_config_name ? pk11_config_name : NSS_DEFAULT_MOD_NAME,
- lconfigdir,lcertPrefix,lkeyPrefix,lsecmodName,flags,
- pk11_config_strings ? pk11_config_strings : "");
-
-loser:
- PORT_Free(flags);
- if (lconfigdir) PORT_Free(lconfigdir);
- if (lcertPrefix) PORT_Free(lcertPrefix);
- if (lkeyPrefix) PORT_Free(lkeyPrefix);
- if (lsecmodName) PORT_Free(lsecmodName);
-
- if (moduleSpec) {
- SECMODModule *module = SECMOD_LoadModule(moduleSpec,NULL,PR_TRUE);
- PR_smprintf_free(moduleSpec);
- if (module) {
- if (module->loaded) rv=SECSuccess;
- SECMOD_DestroyModule(module);
- }
- }
-
- if (rv == SECSuccess) {
- /* can this function fail?? */
- STAN_LoadDefaultNSS3TrustDomain();
- CERT_SetDefaultCertDB((CERTCertDBHandle *)
- STAN_GetDefaultTrustDomain());
- }
- return rv;
-}
-
-
-SECStatus
-NSS_Init(const char *configdir)
-{
- return nss_Init(configdir, "", "", SECMOD_DB, PR_TRUE,
- PR_FALSE, PR_FALSE, PR_FALSE);
-}
-
-SECStatus
-NSS_InitReadWrite(const char *configdir)
-{
- return nss_Init(configdir, "", "", SECMOD_DB, PR_FALSE,
- PR_FALSE, PR_FALSE, PR_FALSE);
-}
-
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * flags - change the open options of NSS_Initialize as follows:
- * NSS_INIT_READONLY - Open the databases read only.
- * NSS_INIT_NOCERTDB - Don't open the cert DB and key DB's, just
- * initialize the volatile certdb.
- * NSS_INIT_NOMODDB - Don't open the security module DB, just
- * initialize the PKCS #11 module.
- * NSS_INIT_FORCEOPEN - Continue to force initializations even if the
- * databases cannot be opened.
- */
-SECStatus
-NSS_Initialize(const char *configdir, const char *certPrefix,
- const char *keyPrefix, const char *secmodName, PRUint32 flags)
-{
- return nss_Init(configdir, certPrefix, keyPrefix, secmodName,
- ((flags & NSS_INIT_READONLY) == NSS_INIT_READONLY),
- ((flags & NSS_INIT_NOCERTDB) == NSS_INIT_NOCERTDB),
- ((flags & NSS_INIT_NOMODDB) == NSS_INIT_NOMODDB),
- ((flags & NSS_INIT_FORCEOPEN) == NSS_INIT_FORCEOPEN));
-}
-
-/*
- * initialize NSS without a creating cert db's, key db's, or secmod db's.
- */
-SECStatus
-NSS_NoDB_Init(const char * configdir)
-{
- return nss_Init(configdir?configdir:"","","",SECMOD_DB,
- PR_TRUE,PR_TRUE,PR_TRUE,PR_TRUE);
-}
-
-void
-NSS_Shutdown(void)
-{
- SECOID_Shutdown();
- SECMOD_Shutdown();
- STAN_Shutdown();
-}
-
-
-extern const char __nss_base_rcsid[];
-extern const char __nss_base_sccsid[];
-
-PRBool
-NSS_VersionCheck(const char *importedVersion)
-{
- /*
- * This is the secret handshake algorithm.
- *
- * This release has a simple version compatibility
- * check algorithm. This release is not backward
- * compatible with previous major releases. It is
- * not compatible with future major, minor, or
- * patch releases.
- */
- int vmajor = 0, vminor = 0, vpatch = 0;
- const char *ptr = importedVersion;
- volatile char c; /* force a reference that won't get optimized away */
-
- c = __nss_base_rcsid[0] + __nss_base_sccsid[0];
-
- while (isdigit(*ptr)) {
- vmajor = 10 * vmajor + *ptr - '0';
- ptr++;
- }
- if (*ptr == '.') {
- ptr++;
- while (isdigit(*ptr)) {
- vminor = 10 * vminor + *ptr - '0';
- ptr++;
- }
- if (*ptr == '.') {
- ptr++;
- while (isdigit(*ptr)) {
- vpatch = 10 * vpatch + *ptr - '0';
- ptr++;
- }
- }
- }
-
- if (vmajor != NSS_VMAJOR) {
- return PR_FALSE;
- }
- if (vmajor == NSS_VMAJOR && vminor > NSS_VMINOR) {
- return PR_FALSE;
- }
- if (vmajor == NSS_VMAJOR && vminor == NSS_VMINOR && vpatch > NSS_VPATCH) {
- return PR_FALSE;
- }
- /* Check dependent libraries */
- if (PR_VersionCheck(PR_VERSION) == PR_FALSE) {
- return PR_FALSE;
- }
- return PR_TRUE;
-}
-
diff --git a/security/nss/lib/nss/nssrenam.h b/security/nss/lib/nss/nssrenam.h
deleted file mode 100644
index 7791173f5..000000000
--- a/security/nss/lib/nss/nssrenam.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __nssrenam_h_
-#define __nssrenam_h_
-
-#define CERT_NewTempCertificate __CERT_NewTempCertificate
-#define PK11_CreateContextByRawKey __PK11_CreateContextByRawKey
-#define PK11_GetKeyData __PK11_GetKeyData
-#define nss_InitLock __nss_InitLock
-#define CERT_ClosePermCertDB __CERT_ClosePermCertDB
-#define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate
-#define CERT_TraversePermCertsForNickname __CERT_TraversePermCertsForNickname
-#define CERT_TraversePermCertsForSubject __CERT_TraversePermCertsForSubject
-#define PBE_CreateContext __PBE_CreateContext
-#define PBE_DestroyContext __PBE_DestroyContext
-#define PBE_GenerateBits __PBE_GenerateBits
-
-#endif /* __nssrenam_h_ */
diff --git a/security/nss/lib/nss/nssver.c b/security/nss/lib/nss/nssver.c
deleted file mode 100644
index 463a77b6b..000000000
--- a/security/nss/lib/nss/nssver.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_base_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__ " $";
-const char __nss_base_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/pk11wrap/Makefile b/security/nss/lib/pk11wrap/Makefile
deleted file mode 100644
index 4810efd29..000000000
--- a/security/nss/lib/pk11wrap/Makefile
+++ /dev/null
@@ -1,90 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
--include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
-# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
-# pk11slot.c in 64-bit mode for unknown reasons. A workaround is
-# to compile it with optimizations turned on. (Bugzilla bug #63815)
-ifeq ($(OS_ARCH),AIX)
-ifeq ($(OS_RELEASE),4.3)
-ifeq ($(USE_64),1)
-ifndef BUILD_OPT
-$(OBJDIR)/pk11slot.o: pk11slot.c
- @$(MAKE_OBJDIR)
- $(CC) -o $@ -c -O2 $(CFLAGS) $<
-endif
-endif
-endif
-endif
diff --git a/security/nss/lib/pk11wrap/config.mk b/security/nss/lib/pk11wrap/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/pk11wrap/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/pk11wrap/dev3hack.c b/security/nss/lib/pk11wrap/dev3hack.c
deleted file mode 100644
index 5c40608f3..000000000
--- a/security/nss/lib/pk11wrap/dev3hack.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-#include "dev3hack.h"
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#include "pk11func.h"
-#include "secmodti.h"
-
-NSS_IMPLEMENT nssSession *
-nssSession_ImportNSS3Session(NSSArena *arenaOpt,
- CK_SESSION_HANDLE session,
- PZLock *lock, PRBool rw)
-{
- nssSession *rvSession;
- rvSession = nss_ZNEW(arenaOpt, nssSession);
- rvSession->handle = session;
- rvSession->lock = lock;
- rvSession->isRW = rw;
- return rvSession;
-}
-
-NSS_IMPLEMENT nssSession *
-nssSlot_CreateSession
-(
- NSSSlot *slot,
- NSSArena *arenaOpt,
- PRBool readWrite
-)
-{
- nssSession *rvSession;
- rvSession = nss_ZNEW(arenaOpt, nssSession);
- if (!rvSession) {
- return (nssSession *)NULL;
- }
- if (readWrite) {
- rvSession->handle = PK11_GetRWSession(slot->pk11slot);
- rvSession->isRW = PR_TRUE;
- rvSession->slot = slot;
- return rvSession;
- } else {
- return NULL;
- }
-}
-
-NSS_IMPLEMENT PRStatus
-nssSession_Destroy
-(
- nssSession *s
-)
-{
- CK_RV ckrv = CKR_OK;
- if (s) {
- if (s->isRW) {
- PK11_RestoreROSession(s->slot->pk11slot, s->handle);
- }
- nss_ZFreeIf(s);
- }
- return (ckrv == CKR_OK) ? PR_SUCCESS : PR_FAILURE;
-}
-
-static NSSSlot *
-nssSlot_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
-{
- PRUint32 length;
- NSSSlot *rvSlot;
- rvSlot = nss_ZNEW(td->arena, NSSSlot);
- if (!rvSlot) {
- return NULL;
- }
- rvSlot->refCount = 1;
- rvSlot->pk11slot = nss3slot;
- rvSlot->epv = nss3slot->functionList;
- rvSlot->slotID = nss3slot->slotID;
- rvSlot->trustDomain = td;
- /* Grab the slot name from the PKCS#11 fixed-length buffer */
- length = nssPKCS11StringLength(nss3slot->slot_name,
- sizeof(nss3slot->slot_name));
- if (length > 0) {
- rvSlot->name = nssUTF8_Create(td->arena, nssStringType_UTF8String,
- (void *)nss3slot->slot_name, length);
- }
- return rvSlot;
-}
-
-NSS_IMPLEMENT NSSToken *
-nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot)
-{
- PRUint32 length;
- NSSToken *rvToken;
- rvToken = nss_ZNEW(td->arena, NSSToken);
- if (!rvToken) {
- return NULL;
- }
- rvToken->refCount = 1;
- rvToken->pk11slot = nss3slot;
- rvToken->epv = nss3slot->functionList;
- rvToken->defaultSession = nssSession_ImportNSS3Session(td->arena,
- nss3slot->session,
- nss3slot->sessionLock,
- nss3slot->defRWSession);
- rvToken->trustDomain = td;
- /* Grab the token name from the PKCS#11 fixed-length buffer */
- length = nssPKCS11StringLength(nss3slot->token_name,
- sizeof(nss3slot->token_name));
- if (length > 0) {
- rvToken->name = nssUTF8_Create(td->arena, nssStringType_UTF8String,
- (void *)nss3slot->token_name, length);
- }
- rvToken->slot = nssSlot_CreateFromPK11SlotInfo(td, nss3slot);
- rvToken->slot->token = rvToken;
- rvToken->defaultSession->slot = rvToken->slot;
- return rvToken;
-}
-
-
-NSSTrustDomain *
-nssToken_GetTrustDomain(NSSToken *token)
-{
- return token->trustDomain;
-}
-
-typedef enum {
- nssPK11Event_DefaultSessionRO = 0,
- nssPK11Event_DefaultSessionRW = 1
-} nssPK11Event;
-
-NSS_IMPLEMENT PRStatus
-nssToken_Nofify
-(
- NSSToken *tok,
- nssPK11Event event
-)
-{
- switch (event) {
- default:
- return PR_FAILURE;
- }
- return PR_FAILURE;
-}
-
diff --git a/security/nss/lib/pk11wrap/dev3hack.h b/security/nss/lib/pk11wrap/dev3hack.h
deleted file mode 100644
index 2ae362a15..000000000
--- a/security/nss/lib/pk11wrap/dev3hack.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef DEVNSS3HACK_H
-#define DEVNSS3HACK_H
-
-#ifdef DEBUG
-static const char DEVNSS3HACK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "cert.h"
-
-PR_BEGIN_EXTERN_C
-
-NSS_EXTERN NSSToken *
-nssToken_CreateFromPK11SlotInfo(NSSTrustDomain *td, PK11SlotInfo *nss3slot);
-
-NSSTrustDomain *
-nssToken_GetTrustDomain(NSSToken *token);
-
-void PK11Slot_SetNSSToken(PK11SlotInfo *sl, NSSToken *nsst);
-
-NSSToken * PK11Slot_GetNSSToken(PK11SlotInfo *sl);
-
-
-PR_END_EXTERN_C
-
-#endif /* DEVNSS3HACK_H */
diff --git a/security/nss/lib/pk11wrap/manifest.mn b/security/nss/lib/pk11wrap/manifest.mn
deleted file mode 100644
index 1c525506d..000000000
--- a/security/nss/lib/pk11wrap/manifest.mn
+++ /dev/null
@@ -1,69 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- secmod.h \
- secmodt.h \
- pk11func.h \
- pk11sdr.h \
- pk11pqg.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- pk11init.h \
- dev3hack.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- dev3hack.c \
- pk11cert.c \
- pk11err.c \
- pk11load.c \
- pk11pars.c \
- pk11slot.c \
- pk11list.c \
- pk11skey.c \
- pk11kea.c \
- pk11util.c \
- pk11sdr.c \
- pk11pqg.c \
- pk11pk12.c \
- pk11pbe.c \
- $(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = pk11wrap
diff --git a/security/nss/lib/pk11wrap/pk11cert.c b/security/nss/lib/pk11wrap/pk11cert.c
deleted file mode 100644
index e4985954a..000000000
--- a/security/nss/lib/pk11wrap/pk11cert.c
+++ /dev/null
@@ -1,3440 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements the Symkey wrapper and the PKCS context
- * Interfaces.
- */
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "cert.h"
-#include "secitem.h"
-#include "key.h"
-#include "hasht.h"
-#include "secoid.h"
-#include "pkcs7t.h"
-#include "cmsreclist.h"
-
-#include "certdb.h"
-#include "secerr.h"
-#include "sslerr.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "pki3hack.h"
-#include "dev3hack.h"
-
-#include "dev.h"
-#include "nsspki.h"
-#include "pkim.h"
-#include "pkitm.h"
-
-#define PK11_SEARCH_CHUNKSIZE 10
-
-CK_OBJECT_HANDLE
-pk11_FindPubKeyByAnyCert(CERTCertificate *cert, PK11SlotInfo **slot, void *wincx);
-
-struct nss3_cert_cbstr {
- SECStatus(* callback)(CERTCertificate*, void *);
- void *arg;
-};
-
-/* Translate from NSSCertificate to CERTCertificate, then pass the latter
- * to a callback.
- * Question: do all callers of PK11_ functions using a CERTCertificate
- * callback understand that they must dup the cert to keep it alive?
- */
-static PRStatus convert_cert(NSSCertificate *c, void *arg)
-{
- CERTCertificate *nss3cert;
- SECStatus secrv;
- struct nss3_cert_cbstr *nss3cb = (struct nss3_cert_cbstr *)arg;
- nss3cert = STAN_GetCERTCertificate(c);
- if (!nss3cert) return PR_FAILURE;
- secrv = (*nss3cb->callback)(nss3cert, nss3cb->arg);
- /* this destroy is dependent upon the question above */
- CERT_DestroyCertificate(nss3cert);
- return (secrv) ? PR_FAILURE : PR_SUCCESS;
-}
-
-void
-PK11Slot_SetNSSToken(PK11SlotInfo *sl, NSSToken *nsst)
-{
- sl->nssToken = nsst;
-}
-
-NSSToken *
-PK11Slot_GetNSSToken(PK11SlotInfo *sl)
-{
- return sl->nssToken;
-}
-
-/*
- * build a cert nickname based on the token name and the label of the
- * certificate If the label in NULL, build a label based on the ID.
- */
-static int toHex(int x) { return (x < 10) ? (x+'0') : (x+'a'-10); }
-#define MAX_CERT_ID 4
-#define DEFAULT_STRING "Cert ID "
-static char *
-pk11_buildNickname(PK11SlotInfo *slot,CK_ATTRIBUTE *cert_label,
- CK_ATTRIBUTE *key_label, CK_ATTRIBUTE *cert_id)
-{
- int prefixLen = PORT_Strlen(slot->token_name);
- int suffixLen = 0;
- char *suffix = NULL;
- char buildNew[sizeof(DEFAULT_STRING)+MAX_CERT_ID*2];
- char *next,*nickname;
-
- if (cert_label && (cert_label->ulValueLen)) {
- suffixLen = cert_label->ulValueLen;
- suffix = (char*)cert_label->pValue;
- } else if (key_label && (key_label->ulValueLen)) {
- suffixLen = key_label->ulValueLen;
- suffix = (char*)key_label->pValue;
- } else if (cert_id && cert_id->ulValueLen > 0) {
- int i,first = cert_id->ulValueLen - MAX_CERT_ID;
- int offset = sizeof(DEFAULT_STRING);
- char *idValue = (char *)cert_id->pValue;
-
- PORT_Memcpy(buildNew,DEFAULT_STRING,sizeof(DEFAULT_STRING)-1);
- next = buildNew + offset;
- if (first < 0) first = 0;
- for (i=first; i < (int) cert_id->ulValueLen; i++) {
- *next++ = toHex((idValue[i] >> 4) & 0xf);
- *next++ = toHex(idValue[i] & 0xf);
- }
- *next++ = 0;
- suffix = buildNew;
- suffixLen = PORT_Strlen(buildNew);
- } else {
- PORT_SetError( SEC_ERROR_LIBRARY_FAILURE );
- return NULL;
- }
-
- /* if is internal key slot, add code to skip the prefix!! */
- next = nickname = (char *)PORT_Alloc(prefixLen+1+suffixLen+1);
- if (nickname == NULL) return NULL;
-
- PORT_Memcpy(next,slot->token_name,prefixLen);
- next += prefixLen;
- *next++ = ':';
- PORT_Memcpy(next,suffix,suffixLen);
- next += suffixLen;
- *next++ = 0;
- return nickname;
-}
-
-/*
- * return the object handle that matches the template
- */
-CK_OBJECT_HANDLE
-pk11_FindObjectByTemplate(PK11SlotInfo *slot,CK_ATTRIBUTE *theTemplate,int tsize)
-{
- CK_OBJECT_HANDLE object;
- CK_RV crv;
- CK_ULONG objectCount;
-
- /*
- * issue the find
- */
- PK11_EnterSlotMonitor(slot);
- crv=PK11_GETTAB(slot)->C_FindObjectsInit(slot->session, theTemplate, tsize);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- return CK_INVALID_HANDLE;
- }
-
- crv=PK11_GETTAB(slot)->C_FindObjects(slot->session,&object,1,&objectCount);
- PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
- PK11_ExitSlotMonitor(slot);
- if ((crv != CKR_OK) || (objectCount < 1)) {
- /* shouldn't use SSL_ERROR... here */
- PORT_SetError( crv != CKR_OK ? PK11_MapError(crv) :
- SSL_ERROR_NO_CERTIFICATE);
- return CK_INVALID_HANDLE;
- }
-
- /* blow up if the PKCS #11 module returns us and invalid object handle */
- PORT_Assert(object != CK_INVALID_HANDLE);
- return object;
-}
-
-/*
- * return all the object handles that matches the template
- */
-CK_OBJECT_HANDLE *
-pk11_FindObjectsByTemplate(PK11SlotInfo *slot,
- CK_ATTRIBUTE *findTemplate,int findCount,int *object_count) {
- CK_OBJECT_HANDLE *objID = NULL;
- CK_ULONG returned_count = 0;
- CK_RV crv;
-
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session, findTemplate,
- findCount);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- *object_count = -1;
- return NULL;
- }
-
-
- /*
- * collect all the Matching Objects
- */
- do {
- CK_OBJECT_HANDLE *oldObjID = objID;
-
- if (objID == NULL) {
- objID = (CK_OBJECT_HANDLE *) PORT_Alloc(sizeof(CK_OBJECT_HANDLE)*
- (*object_count+ PK11_SEARCH_CHUNKSIZE));
- } else {
- objID = (CK_OBJECT_HANDLE *) PORT_Realloc(objID,
- sizeof(CK_OBJECT_HANDLE)*(*object_count+PK11_SEARCH_CHUNKSIZE));
- }
-
- if (objID == NULL) {
- if (oldObjID) PORT_Free(oldObjID);
- break;
- }
- crv = PK11_GETTAB(slot)->C_FindObjects(slot->session,
- &objID[*object_count],PK11_SEARCH_CHUNKSIZE,&returned_count);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- PORT_Free(objID);
- objID = NULL;
- break;
- }
- *object_count += returned_count;
- } while (returned_count == PK11_SEARCH_CHUNKSIZE);
-
- PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
- PK11_ExitSlotMonitor(slot);
-
- if (objID && (*object_count == 0)) {
- PORT_Free(objID);
- return NULL;
- }
- if (objID == NULL) *object_count = -1;
- return objID;
-}
-/*
- * given a PKCS #11 object, match it's peer based on the KeyID. searchID
- * is typically a privateKey or a certificate while the peer is the opposite
- */
-CK_OBJECT_HANDLE
-PK11_MatchItem(PK11SlotInfo *slot, CK_OBJECT_HANDLE searchID,
- CK_OBJECT_CLASS matchclass)
-{
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- CK_ATTRIBUTE *keyclass = &theTemplate[1];
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- /* if you change the array, change the variable below as well */
- CK_OBJECT_HANDLE peerID;
- CK_OBJECT_HANDLE parent;
- PRArenaPool *arena;
- CK_RV crv;
-
- /* now we need to create space for the public key */
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return CK_INVALID_HANDLE;
-
- crv = PK11_GetAttributes(arena,slot,searchID,theTemplate,tsize);
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- PORT_SetError( PK11_MapError(crv) );
- return CK_INVALID_HANDLE;
- }
-
- /*
- * issue the find
- */
- parent = *(CK_OBJECT_CLASS *)(keyclass->pValue);
- *(CK_OBJECT_CLASS *)(keyclass->pValue) = matchclass;
-
- peerID = pk11_FindObjectByTemplate(slot,theTemplate,tsize);
- PORT_FreeArena(arena,PR_FALSE);
-
- return peerID;
-}
-
-PRBool
-PK11_IsUserCert(PK11SlotInfo *slot, CERTCertificate *cert,
- CK_OBJECT_HANDLE certID)
-{
- CK_OBJECT_CLASS theClass;
-
- if (slot == NULL) return PR_FALSE;
- if (cert == NULL) return PR_FALSE;
-
- theClass = CKO_PRIVATE_KEY;
- if (!PK11_IsLoggedIn(slot,NULL) && PK11_NeedLogin(slot)) {
- theClass = CKO_PUBLIC_KEY;
- }
- if (PK11_MatchItem(slot, certID , theClass) != CK_INVALID_HANDLE) {
- return PR_TRUE;
- }
-
- if (theClass == CKO_PUBLIC_KEY) {
- SECKEYPublicKey *pubKey= CERT_ExtractPublicKey(cert);
- CK_ATTRIBUTE theTemplate;
-
- if (pubKey == NULL) {
- return PR_FALSE;
- }
-
- PK11_SETATTRS(&theTemplate,0,NULL,0);
- switch (pubKey->keyType) {
- case rsaKey:
- PK11_SETATTRS(&theTemplate,CKA_MODULUS, pubKey->u.rsa.modulus.data,
- pubKey->u.rsa.modulus.len);
- break;
- case dsaKey:
- PK11_SETATTRS(&theTemplate,CKA_VALUE, pubKey->u.dsa.publicValue.data,
- pubKey->u.dsa.publicValue.len);
- case dhKey:
- PK11_SETATTRS(&theTemplate,CKA_VALUE, pubKey->u.dh.publicValue.data,
- pubKey->u.dh.publicValue.len);
- break;
- case keaKey:
- case fortezzaKey:
- case nullKey:
- /* fall through and return false */
- break;
- }
-
- if (theTemplate.ulValueLen == 0) {
- SECKEY_DestroyPublicKey(pubKey);
- return PR_FALSE;
- }
- pk11_SignedToUnsigned(&theTemplate);
- if (pk11_FindObjectByTemplate(slot,&theTemplate,1) != CK_INVALID_HANDLE) {
- SECKEY_DestroyPublicKey(pubKey);
- return PR_TRUE;
- }
- SECKEY_DestroyPublicKey(pubKey);
- }
- return PR_FALSE;
-}
-
-/*
- * Check out if a cert has ID of zero. This is a magic ID that tells
- * NSS that this cert may be an automagically trusted cert.
- * The Cert has to be self signed as well. That check is done elsewhere.
- *
- */
-PRBool
-pk11_isID0(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID)
-{
- CK_ATTRIBUTE keyID = {CKA_ID, NULL, 0};
- PRBool isZero = PR_FALSE;
- int i;
- CK_RV crv;
-
-
- crv = PK11_GetAttributes(NULL,slot,certID,&keyID,1);
- if (crv != CKR_OK) {
- return isZero;
- }
-
- if (keyID.ulValueLen != 0) {
- char *value = (char *)keyID.pValue;
- isZero = PR_TRUE; /* ID exists, may be zero */
- for (i=0; i < (int) keyID.ulValueLen; i++) {
- if (value[i] != 0) {
- isZero = PR_FALSE; /* nope */
- break;
- }
- }
- }
- PORT_Free(keyID.pValue);
- return isZero;
-
-}
-
-CERTCertificate
-*pk11_fastCert(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID,
- CK_ATTRIBUTE *privateLabel, char **nickptr)
-{
- CK_ATTRIBUTE certTemp[] = {
- { CKA_ID, NULL, 0 },
- { CKA_VALUE, NULL, 0 },
- { CKA_LABEL, NULL, 0 }
- };
- CK_ATTRIBUTE *id = &certTemp[0];
- CK_ATTRIBUTE *certDER = &certTemp[1];
- CK_ATTRIBUTE *label = &certTemp[2];
- SECItem derCert;
- int csize = sizeof(certTemp)/sizeof(certTemp[0]);
- PRArenaPool *arena;
- char *nickname;
- CERTCertificate *cert;
- CK_RV crv;
-
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return NULL;
- /*
- * grab the der encoding
- */
- crv = PK11_GetAttributes(arena,slot,certID,certTemp,csize);
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
-
- /*
- * build a certificate out of it
- */
- derCert.data = (unsigned char*)certDER->pValue;
- derCert.len = certDER->ulValueLen;
-
- /* figure out the nickname.... */
- nickname = pk11_buildNickname(slot,label,privateLabel,id);
- cert = CERT_DecodeDERCertificate(&derCert, PR_TRUE, nickname);
- if (cert) {
- cert->dbhandle = (CERTCertDBHandle *)
- nssToken_GetTrustDomain(slot->nssToken);
- }
-
- if (nickptr) {
- *nickptr = nickname;
- } else {
- if (nickname) PORT_Free(nickname);
- }
- PORT_FreeArena(arena,PR_FALSE);
- return cert;
-}
-
-CK_TRUST
-pk11_GetTrustField(PK11SlotInfo *slot, PRArenaPool *arena,
- CK_OBJECT_HANDLE id, CK_ATTRIBUTE_TYPE type)
-{
- CK_TRUST rv = 0;
- SECItem item;
-
- item.data = NULL;
- item.len = 0;
-
- if( SECSuccess == PK11_ReadAttribute(slot, id, type, arena, &item) ) {
- PORT_Assert(item.len == sizeof(CK_TRUST));
- PORT_Memcpy(&rv, item.data, sizeof(CK_TRUST));
- /* Damn, is there an endian problem here? */
- return rv;
- }
-
- return 0;
-}
-
-PRBool
-pk11_HandleTrustObject(PK11SlotInfo *slot, CERTCertificate *cert, CERTCertTrust *trust)
-{
- PRArenaPool *arena;
-
- CK_ATTRIBUTE tobjTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_CERT_SHA1_HASH, NULL, 0 },
- };
-
- CK_OBJECT_CLASS tobjc = CKO_NETSCAPE_TRUST;
- CK_OBJECT_HANDLE tobjID;
- unsigned char sha1_hash[SHA1_LENGTH];
-
- CK_TRUST serverAuth, codeSigning, emailProtection, clientAuth;
-
- PK11_HashBuf(SEC_OID_SHA1, sha1_hash, cert->derCert.data, cert->derCert.len);
-
- PK11_SETATTRS(&tobjTemplate[0], CKA_CLASS, &tobjc, sizeof(tobjc));
- PK11_SETATTRS(&tobjTemplate[1], CKA_CERT_SHA1_HASH, sha1_hash,
- SHA1_LENGTH);
-
- tobjID = pk11_FindObjectByTemplate(slot, tobjTemplate,
- sizeof(tobjTemplate)/sizeof(tobjTemplate[0]));
- if( CK_INVALID_HANDLE == tobjID ) {
- return PR_FALSE;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if( NULL == arena ) return PR_FALSE;
-
- /* Unfortunately, it seems that PK11_GetAttributes doesn't deal
- * well with nonexistant attributes. I guess we have to check
- * the trust info fields one at a time.
- */
-
- /* We could verify CKA_CERT_HASH here */
-
- /* We could verify CKA_EXPIRES here */
-
-
- /* "Purpose" trust information */
- serverAuth = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_SERVER_AUTH);
- clientAuth = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_CLIENT_AUTH);
- codeSigning = pk11_GetTrustField(slot, arena, tobjID, CKA_TRUST_CODE_SIGNING);
- emailProtection = pk11_GetTrustField(slot, arena, tobjID,
- CKA_TRUST_EMAIL_PROTECTION);
- /* Here's where the fun logic happens. We have to map back from the
- * key usage, extended key usage, purpose, and possibly other trust values
- * into the old trust-flags bits. */
-
- /* First implementation: keep it simple for testing. We can study what other
- * mappings would be appropriate and add them later.. fgmr 20000724 */
-
- if ( serverAuth == CKT_NETSCAPE_TRUSTED ) {
- trust->sslFlags |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
- }
-
- if ( serverAuth == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
- trust->sslFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA |
- CERTDB_NS_TRUSTED_CA;
- }
- if ( clientAuth == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
- trust->sslFlags |= CERTDB_TRUSTED_CLIENT_CA ;
- }
-
- if ( emailProtection == CKT_NETSCAPE_TRUSTED ) {
- trust->emailFlags |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
- }
-
- if ( emailProtection == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
- trust->emailFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA;
- }
-
- if( codeSigning == CKT_NETSCAPE_TRUSTED ) {
- trust->objectSigningFlags |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
- }
-
- if( codeSigning == CKT_NETSCAPE_TRUSTED_DELEGATOR ) {
- trust->objectSigningFlags |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA;
- }
-
- /* There's certainly a lot more logic that can go here.. */
-
- PORT_FreeArena(arena, PR_FALSE);
-
- return PR_TRUE;
-}
-
-/*
- * Build an CERTCertificate structure from a PKCS#11 object ID.... certID
- * Must be a CertObject. This code does not explicitly checks that.
- */
-CERTCertificate *
-PK11_MakeCertFromHandle(PK11SlotInfo *slot,CK_OBJECT_HANDLE certID,
- CK_ATTRIBUTE *privateLabel)
-{
- char * nickname = NULL;
- CERTCertificate *cert = NULL;
- CERTCertTrust *trust;
- PRBool isFortezzaRootCA = PR_FALSE;
- PRBool swapNickname = PR_FALSE;
-
- cert = pk11_fastCert(slot,certID,privateLabel, &nickname);
- if (cert == NULL) goto loser;
-
- if (nickname) {
- if (cert->nickname != NULL) {
- cert->dbnickname = cert->nickname;
- }
- cert->nickname = PORT_ArenaStrdup(cert->arena,nickname);
- PORT_Free(nickname);
- nickname = NULL;
- swapNickname = PR_TRUE;
- }
-
- /* remember where this cert came from.... If we have just looked
- * it up from the database and it already has a slot, don't add a new
- * one. */
- if (cert->slot == NULL) {
- cert->slot = PK11_ReferenceSlot(slot);
- cert->pkcs11ID = certID;
- cert->ownSlot = PR_TRUE;
- }
-
- trust = (CERTCertTrust*)PORT_ArenaAlloc(cert->arena, sizeof(CERTCertTrust));
- if (trust == NULL) goto loser;
- PORT_Memset(trust,0, sizeof(CERTCertTrust));
- cert->trust = trust;
-
-
-
- if(! pk11_HandleTrustObject(slot, cert, trust) ) {
- unsigned int type;
-
- /* build some cert trust flags */
- if (CERT_IsCACert(cert, &type)) {
- unsigned int trustflags = CERTDB_VALID_CA;
-
- /* Allow PKCS #11 modules to give us trusted CA's. We only accept
- * valid CA's which are self-signed here. They must have an object
- * ID of '0'. */
- if (pk11_isID0(slot,certID) &&
- SECITEM_CompareItem(&cert->derSubject,&cert->derIssuer)
- == SECEqual) {
- trustflags |= CERTDB_TRUSTED_CA;
- /* is the slot a fortezza card? allow the user or
- * admin to turn on objectSigning, but don't turn
- * full trust on explicitly */
- if (PK11_DoesMechanism(slot,CKM_KEA_KEY_DERIVE)) {
- trust->objectSigningFlags |= CERTDB_VALID_CA;
- isFortezzaRootCA = PR_TRUE;
- }
- }
- if ((type & NS_CERT_TYPE_SSL_CA) == NS_CERT_TYPE_SSL_CA) {
- trust->sslFlags |= trustflags;
- }
- if ((type & NS_CERT_TYPE_EMAIL_CA) == NS_CERT_TYPE_EMAIL_CA) {
- trust->emailFlags |= trustflags;
- }
- if ((type & NS_CERT_TYPE_OBJECT_SIGNING_CA)
- == NS_CERT_TYPE_OBJECT_SIGNING_CA) {
- trust->objectSigningFlags |= trustflags;
- }
- }
- }
-
- if (PK11_IsUserCert(slot,cert,certID)) {
- trust->sslFlags |= CERTDB_USER;
- trust->emailFlags |= CERTDB_USER;
- /* trust->objectSigningFlags |= CERTDB_USER; */
- }
-
- return cert;
-
-loser:
- if (nickname) PORT_Free(nickname);
- if (cert) CERT_DestroyCertificate(cert);
- return NULL;
-}
-
-
-/*
- * Build get a certificate from a private key
- */
-CERTCertificate *
-PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey)
-{
- PK11SlotInfo *slot = privKey->pkcs11Slot;
- CK_OBJECT_HANDLE certID =
- PK11_MatchItem(slot,privKey->pkcs11ID,CKO_CERTIFICATE);
- SECStatus rv;
- CERTCertificate *cert;
-
- if (certID == CK_INVALID_HANDLE) {
- /* couldn't find it on the card, look in our data base */
- SECItem derSubject;
-
- rv = PK11_ReadAttribute(slot, privKey->pkcs11ID, CKA_SUBJECT, NULL,
- &derSubject);
- if (rv != SECSuccess) {
- PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
- return NULL;
- }
-
- cert = CERT_FindCertByName(CERT_GetDefaultCertDB(),&derSubject);
- PORT_Free(derSubject.data);
- return cert;
- }
- cert = PK11_MakeCertFromHandle(slot,certID,NULL);
- return (cert);
-
-}
-
-/*
- * destroy a private key if there are no matching certs.
- * this function also frees the privKey structure.
- */
-SECStatus
-PK11_DeleteTokenPrivateKey(SECKEYPrivateKey *privKey)
-{
- CERTCertificate *cert=PK11_GetCertFromPrivateKey(privKey);
-
- /* found a cert matching the private key?. */
- if (cert != NULL) {
- /* yes, don't delete the key */
- CERT_DestroyCertificate(cert);
- SECKEY_DestroyPrivateKey(privKey);
- return SECWouldBlock;
- }
- /* now, then it's safe for the key to go away */
- PK11_DestroyTokenObject(privKey->pkcs11Slot,privKey->pkcs11ID);
- SECKEY_DestroyPrivateKey(privKey);
- return SECSuccess;
-}
-
-
-/*
- * delete a cert and it's private key (if no other certs are pointing to the
- * private key.
- */
-SECStatus
-PK11_DeleteTokenCertAndKey(CERTCertificate *cert,void *wincx)
-{
- SECKEYPrivateKey *privKey = PK11_FindKeyByAnyCert(cert,wincx);
- CK_OBJECT_HANDLE pubKey;
- PK11SlotInfo *slot = NULL;
-
- pubKey = pk11_FindPubKeyByAnyCert(cert, &slot, wincx);
- if (privKey) {
- PK11_DestroyTokenObject(cert->slot,cert->pkcs11ID);
- PK11_DeleteTokenPrivateKey(privKey);
- }
- if ((pubKey != CK_INVALID_HANDLE) && (slot != NULL)) {
- PK11_DestroyTokenObject(slot,pubKey);
- PK11_FreeSlot(slot);
- }
- return SECSuccess;
-}
-
-/*
- * count the number of objects that match the template.
- */
-int
-PK11_NumberObjectsFor(PK11SlotInfo *slot, CK_ATTRIBUTE *findTemplate,
- int templateCount)
-{
- CK_OBJECT_HANDLE objID[PK11_SEARCH_CHUNKSIZE];
- int object_count = 0;
- CK_ULONG returned_count = 0;
- CK_RV crv;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_FindObjectsInit(slot->session,
- findTemplate, templateCount);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- return 0;
- }
-
- /*
- * collect all the Matching Objects
- */
- do {
- crv = PK11_GETTAB(slot)->C_FindObjects(slot->session,
- objID,PK11_SEARCH_CHUNKSIZE,&returned_count);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- break;
- }
- object_count += returned_count;
- } while (returned_count == PK11_SEARCH_CHUNKSIZE);
-
- PK11_GETTAB(slot)->C_FindObjectsFinal(slot->session);
- PK11_ExitSlotMonitor(slot);
- return object_count;
-}
-
-/*
- * cert callback structure
- */
-typedef struct pk11DoCertCallbackStr {
- SECStatus(* callback)(PK11SlotInfo *slot, CERTCertificate*, void *);
- SECStatus(* noslotcallback)(CERTCertificate*, void *);
- SECStatus(* itemcallback)(CERTCertificate*, SECItem *, void *);
- void *callbackArg;
-} pk11DoCertCallback;
-
-/*
- * callback to map object handles to certificate structures.
- */
-static SECStatus
-pk11_DoCerts(PK11SlotInfo *slot, CK_OBJECT_HANDLE certID, void *arg)
-{
- CERTCertificate *cert;
- pk11DoCertCallback *certcb = (pk11DoCertCallback *) arg;
-
- cert = PK11_MakeCertFromHandle(slot, certID, NULL);
-
- if (cert == NULL) {
- return SECFailure;
- }
-
- if (certcb ) {
- if (certcb->callback) {
- (*certcb->callback)(slot, cert, certcb->callbackArg);
- }
- if (certcb->noslotcallback) {
- (*certcb->noslotcallback)(cert, certcb->callbackArg);
- }
- if (certcb->itemcallback) {
- (*certcb->itemcallback)(cert, NULL, certcb->callbackArg);
- }
- }
-
- CERT_DestroyCertificate(cert);
-
- return SECSuccess;
-}
-
-static SECStatus
-pk11_CollectCrls(PK11SlotInfo *slot, CK_OBJECT_HANDLE crlID, void *arg)
-{
- SECItem derCrl;
- CERTCrlHeadNode *head = (CERTCrlHeadNode *) arg;
- CERTCrlNode *new_node = NULL;
- CK_ATTRIBUTE fetchCrl[3] = {
- { CKA_VALUE, NULL, 0},
- { CKA_NETSCAPE_KRL, NULL, 0},
- { CKA_NETSCAPE_URL, NULL, 0},
- };
- const int fetchCrlSize = sizeof(fetchCrl)/sizeof(fetchCrl[2]);
- SECStatus rv;
-
- rv = PK11_GetAttributes(head->arena,slot,crlID,fetchCrl,fetchCrlSize);
- if (rv == SECFailure) {
- goto loser;
- }
- rv = SECFailure;
-
- new_node = (CERTCrlNode *)PORT_ArenaAlloc(head->arena, sizeof(CERTCrlNode));
- if (new_node == NULL) {
- goto loser;
- }
-
- new_node->type = *((CK_BBOOL *)fetchCrl[1].pValue) ?
- SEC_KRL_TYPE : SEC_CRL_TYPE;
- derCrl.data = (unsigned char *)fetchCrl[0].pValue;
- derCrl.len = fetchCrl[0].ulValueLen;
- new_node->crl=CERT_DecodeDERCrl(head->arena,&derCrl,new_node->type);
-
- if (fetchCrl[2].pValue) {
- int nnlen = fetchCrl[2].ulValueLen;
- new_node->crl->url = (char *)PORT_ArenaAlloc(head->arena, nnlen+1);
- if ( !new_node->crl->url ) {
- goto loser;
- }
- PORT_Memcpy(new_node->crl->url, fetchCrl[2].pValue, nnlen);
- new_node->crl->url[nnlen] = 0;
- } else {
- new_node->crl->url = NULL;
- }
-
-
- new_node->next = NULL;
- if (head->last) {
- head->last->next = new_node;
- head->last = new_node;
- } else {
- head->first = head->last = new_node;
- }
- rv = SECSuccess;
-
-loser:
- return(rv);
-}
-
-
-/*
- * key call back structure.
- */
-typedef struct pk11KeyCallbackStr {
- SECStatus (* callback)(SECKEYPrivateKey *,void *);
- void *callbackArg;
- void *wincx;
-} pk11KeyCallback;
-
-/*
- * callback to map Object Handles to Private Keys;
- */
-SECStatus
-pk11_DoKeys(PK11SlotInfo *slot, CK_OBJECT_HANDLE keyHandle, void *arg)
-{
- SECStatus rv = SECSuccess;
- SECKEYPrivateKey *privKey;
- pk11KeyCallback *keycb = (pk11KeyCallback *) arg;
-
- privKey = PK11_MakePrivKey(slot,nullKey,PR_TRUE,keyHandle,keycb->wincx);
-
- if (privKey == NULL) {
- return SECFailure;
- }
-
- if (keycb && (keycb->callback)) {
- rv = (*keycb->callback)(privKey,keycb->callbackArg);
- }
-
- SECKEY_DestroyPrivateKey(privKey);
- return rv;
-}
-
-
-/* Traverse slots callback */
-typedef struct pk11TraverseSlotStr {
- SECStatus (*callback)(PK11SlotInfo *,CK_OBJECT_HANDLE, void *);
- void *callbackArg;
- CK_ATTRIBUTE *findTemplate;
- int templateCount;
-} pk11TraverseSlot;
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-PK11_TraverseSlot(PK11SlotInfo *slot, void *arg)
-{
- int i;
- CK_OBJECT_HANDLE *objID = NULL;
- int object_count = 0;
- pk11TraverseSlot *slotcb = (pk11TraverseSlot*) arg;
-
- objID = pk11_FindObjectsByTemplate(slot,slotcb->findTemplate,
- slotcb->templateCount,&object_count);
-
- /*Actually this isn't a failure... there just were no objs to be found*/
- if (object_count == 0) {
- return SECSuccess;
- }
-
- if (objID == NULL) {
- return SECFailure;
- }
-
- for (i=0; i < object_count; i++) {
- (*slotcb->callback)(slot,objID[i],slotcb->callbackArg);
- }
- PORT_Free(objID);
- return SECSuccess;
-}
-
-typedef struct pk11CertCallbackStr {
- SECStatus(* callback)(CERTCertificate*,SECItem *,void *);
- void *callbackArg;
-} pk11CertCallback;
-
-/*
- * Extract all the certs on a card from a slot.
- */
-static SECStatus
-pk11_TraverseAllSlots( SECStatus (*callback)(PK11SlotInfo *,void *),
- void *arg,void *wincx) {
- PK11SlotList *list;
- PK11SlotListElement *le;
- SECStatus rv;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_FALSE,wincx);
- if (list == NULL) return SECFailure;
-
- /* look at each slot and authenticate as necessary */
- for (le = list->head ; le; le = le->next) {
- if (!PK11_IsFriendly(le->slot)) {
- rv = PK11_Authenticate(le->slot, PR_FALSE, wincx);
- if (rv != SECSuccess) continue;
- }
- (*callback)(le->slot,arg);
- }
-
- PK11_FreeSlotList(list);
-
- return SECSuccess;
-}
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-PK11_TraverseSlotCerts(SECStatus(* callback)(CERTCertificate*,SECItem *,void *),
- void *arg, void *wincx) {
- pk11DoCertCallback caller;
- pk11TraverseSlot creater;
- CK_ATTRIBUTE theTemplate;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
-
- PK11_SETATTRS(&theTemplate, CKA_CLASS, &certClass, sizeof(certClass));
-
- caller.callback = NULL;
- caller.noslotcallback = NULL;
- caller.itemcallback = callback;
- caller.callbackArg = arg;
- creater.callback = pk11_DoCerts;
- creater.callbackArg = (void *) & caller;
- creater.findTemplate = &theTemplate;
- creater.templateCount = 1;
-
- return pk11_TraverseAllSlots(PK11_TraverseSlot, &creater, wincx);
-}
-
-/*
- * Extract all the certs on a card from a slot.
- */
-SECStatus
-PK11_LookupCrls(CERTCrlHeadNode *nodes, int type, void *wincx) {
- pk11TraverseSlot creater;
- CK_ATTRIBUTE theTemplate[2];
- CK_ATTRIBUTE *attrs;
- CK_OBJECT_CLASS certClass = CKO_NETSCAPE_CRL;
-
- attrs = theTemplate;
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass)); attrs++;
- if (type != -1) {
- CK_BBOOL isKrl = (CK_BBOOL) (type == SEC_KRL_TYPE);
- PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, &isKrl, sizeof(isKrl)); attrs++;
- }
-
- creater.callback = pk11_CollectCrls;
- creater.callbackArg = (void *) nodes;
- creater.findTemplate = theTemplate;
- creater.templateCount = (attrs - theTemplate);
-
- return pk11_TraverseAllSlots(PK11_TraverseSlot, &creater, wincx);
-}
-
-/***********************************************************************
- * PK11_TraversePrivateKeysInSlot
- *
- * Traverses all the private keys on a slot.
- *
- * INPUTS
- * slot
- * The PKCS #11 slot whose private keys you want to traverse.
- * callback
- * A callback function that will be called for each key.
- * arg
- * An argument that will be passed to the callback function.
- */
-SECStatus
-PK11_TraversePrivateKeysInSlot( PK11SlotInfo *slot,
- SECStatus(* callback)(SECKEYPrivateKey*, void*), void *arg)
-{
- pk11KeyCallback perKeyCB;
- pk11TraverseSlot perObjectCB;
- CK_OBJECT_CLASS privkClass = CKO_PRIVATE_KEY;
- CK_ATTRIBUTE theTemplate[1];
- int templateSize = 1;
-
- theTemplate[0].type = CKA_CLASS;
- theTemplate[0].pValue = &privkClass;
- theTemplate[0].ulValueLen = sizeof(privkClass);
-
- if(slot==NULL) {
- return SECSuccess;
- }
-
- perObjectCB.callback = pk11_DoKeys;
- perObjectCB.callbackArg = &perKeyCB;
- perObjectCB.findTemplate = theTemplate;
- perObjectCB.templateCount = templateSize;
- perKeyCB.callback = callback;
- perKeyCB.callbackArg = arg;
- perKeyCB.wincx = NULL;
-
- return PK11_TraverseSlot(slot, &perObjectCB);
-}
-
-CK_OBJECT_HANDLE *
-PK11_FindObjectsFromNickname(char *nickname,PK11SlotInfo **slotptr,
- CK_OBJECT_CLASS objclass, int *returnCount, void *wincx)
-{
- char *tokenName;
- char *delimit;
- PK11SlotInfo *slot;
- CK_OBJECT_HANDLE *objID;
- CK_ATTRIBUTE findTemplate[] = {
- { CKA_LABEL, NULL, 0},
- { CKA_CLASS, NULL, 0},
- };
- int findCount = sizeof(findTemplate)/sizeof(findTemplate[0]);
- SECStatus rv;
- PK11_SETATTRS(&findTemplate[1], CKA_CLASS, &objclass, sizeof(objclass));
-
- *slotptr = slot = NULL;
- *returnCount = 0;
- /* first find the slot associated with this nickname */
- if ((delimit = PORT_Strchr(nickname,':')) != NULL) {
- int len = delimit - nickname;
- tokenName = (char*)PORT_Alloc(len+1);
- PORT_Memcpy(tokenName,nickname,len);
- tokenName[len] = 0;
-
- slot = *slotptr = PK11_FindSlotByName(tokenName);
- PORT_Free(tokenName);
- /* if we couldn't find a slot, assume the nickname is an internal cert
- * with no proceding slot name */
- if (slot == NULL) {
- slot = *slotptr = PK11_GetInternalKeySlot();
- } else {
- nickname = delimit+1;
- }
- } else {
- *slotptr = slot = PK11_GetInternalKeySlot();
- }
- if (slot == NULL) {
- return CK_INVALID_HANDLE;
- }
-
- if (!PK11_IsFriendly(slot)) {
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- PK11_FreeSlot(slot);
- *slotptr = NULL;
- return CK_INVALID_HANDLE;
- }
- }
-
- findTemplate[0].pValue = nickname;
- findTemplate[0].ulValueLen = PORT_Strlen(nickname);
- objID = pk11_FindObjectsByTemplate(slot,findTemplate,findCount,returnCount);
- if (objID == NULL) {
- /* PKCS #11 isn't clear on whether or not the NULL is
- * stored in the template.... try the find again with the
- * full null terminated string. */
- findTemplate[0].ulValueLen += 1;
- objID = pk11_FindObjectsByTemplate(slot,findTemplate,findCount,
- returnCount);
- if (objID == NULL) {
- /* Well that's the best we can do. It's just not here */
- /* what about faked nicknames? */
- PK11_FreeSlot(slot);
- *slotptr = NULL;
- *returnCount = 0;
- }
- }
-
- return objID;
-}
-
-static PRStatus
-get_newest_cert(NSSCertificate *c, void *arg)
-{
- nssDecodedCert *dc, *founddc;
- NSSCertificate **cfound = (NSSCertificate **)arg;
- if (!*cfound) {
- *cfound = c;
- return PR_SUCCESS;
- }
- dc = nssCertificate_GetDecoding(c);
- founddc = nssCertificate_GetDecoding(*cfound);
- if (!founddc->isNewerThan(founddc, dc)) {
- *cfound = c;
- }
- return PR_SUCCESS;
-}
-
-
-CERTCertificate *
-PK11_FindCertFromNickname(char *nickname, void *wincx) {
-#ifdef NSS_CLASSIC
- PK11SlotInfo *slot;
- int count=0;
- CK_OBJECT_HANDLE *certID = PK11_FindObjectsFromNickname(nickname,&slot,
- CKO_CERTIFICATE, &count, wincx);
- CERTCertificate *cert;
-
- if (certID == CK_INVALID_HANDLE) return NULL;
- cert = PK11_MakeCertFromHandle(slot,certID[0],NULL);
- PK11_FreeSlot(slot);
- PORT_Free(certID);
- return cert;
-#else
- CERTCertificate *rvCert = NULL;
- NSSCertificate *cert = NULL;
- NSSUsage usage;
- char *delimit = NULL;
- char *tokenName;
- NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
- usage.anyUsage = PR_TRUE;
- /* XXX login to slots ... */
- if ((delimit = PORT_Strchr(nickname,':')) != NULL) {
- NSSToken *token;
- tokenName = nickname;
- nickname = delimit + 1;
- *delimit = '\0';
- /* find token by name */
- token = NSSTrustDomain_FindTokenByName(defaultTD, (NSSUTF8 *)tokenName);
- if (token) {
- nssTokenCertSearch search;
- nssList *certList;
- certList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForNicknameFromCache(defaultTD,
- nickname,
- certList);
- /* set the search criteria */
- search.callback = get_newest_cert;
- search.cbarg = (void *)&cert;
- search.cached = certList;
- search.trustDomain = defaultTD;
- search.cryptoContext = NULL;
- /* find best cert on token */
- nssToken_TraverseCertificatesByNickname(token, NULL,
- (NSSUTF8 *)nickname,
- &search);
- nssList_Destroy(certList);
- if (!cert) {
- certList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForEmailAddressFromCache(
- defaultTD,
- nickname,
- certList);
- search.cached = certList;
- nssToken_TraverseCertificatesByEmail(token, NULL,
- (NSSASCII7 *)nickname,
- &search);
- nssList_Destroy(certList);
- }
- }
- } else {
- /* search the whole trust domain */
- cert = NSSTrustDomain_FindBestCertificateByNickname(
- defaultTD,
- (NSSUTF8 *)nickname,
- NULL,
- &usage,
- NULL);
- if (!cert) {
- cert = NSSTrustDomain_FindCertificateByEmail(defaultTD,
- (NSSASCII7 *)nickname,
- NULL, &usage, NULL);
- }
- }
- if (cert) {
- rvCert = STAN_GetCERTCertificate(cert);
- }
- if (delimit) {
- *delimit = ':';
- }
- return rvCert;
-#endif
-}
-
-static PRStatus
-collect_certs(NSSCertificate *c, void *arg)
-{
- nssList *list = (nssList *)arg;
- /* Add the cert to the return list */
- nssList_AddUnique(list, (void *)c);
- return PR_SUCCESS;
-}
-
-CERTCertList *
-PK11_FindCertsFromNickname(char *nickname, void *wincx) {
-#ifdef NSS_CLASSIC
- PK11SlotInfo *slot;
- int i,count = 0;
- CK_OBJECT_HANDLE *certID = PK11_FindObjectsFromNickname(nickname,&slot,
- CKO_CERTIFICATE, &count, wincx);
- CERTCertList *certList = NULL;
-
- if (certID == NULL) return NULL;
-
- certList= CERT_NewCertList();
-
- for (i=0; i < count; i++) {
- CERTCertificate *cert = PK11_MakeCertFromHandle(slot,certID[i],NULL);
-
- if (cert) CERT_AddCertToListTail(certList,cert);
- }
-
- if (CERT_LIST_HEAD(certList) == NULL) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
- PK11_FreeSlot(slot);
- PORT_Free(certID);
- return certList;
-#else
- PRStatus nssrv;
- char *delimit = NULL;
- char *tokenName;
- int i;
- CERTCertList *certList = NULL;
- NSSCertificate **foundCerts;
- NSSCertificate *c;
- NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
- if ((delimit = PORT_Strchr(nickname,':')) != NULL) {
- NSSToken *token;
- tokenName = nickname;
- nickname = delimit + 1;
- *delimit = '\0';
- /* find token by name */
- token = NSSTrustDomain_FindTokenByName(defaultTD, (NSSUTF8 *)tokenName);
- if (token) {
- nssTokenCertSearch search;
- PRUint32 count;
- nssList *nameList;
- nameList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForNicknameFromCache(defaultTD,
- nickname,
- nameList);
- /* set the search criteria */
- search.callback = collect_certs;
- search.cbarg = nameList;
- search.cached = nameList;
- search.trustDomain = defaultTD;
- search.cryptoContext = NULL;
- nssrv = nssToken_TraverseCertificatesByNickname(token, NULL,
- nickname, &search);
- count = nssList_Count(nameList);
- foundCerts = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
- nssList_GetArray(nameList, (void **)foundCerts, count);
- nssList_Destroy(nameList);
- }
- *delimit = ':';
- } else {
- foundCerts = NSSTrustDomain_FindCertificatesByNickname(
- defaultTD,
- (NSSUTF8 *)nickname,
- NULL,
- 0,
- NULL);
- }
- if (foundCerts) {
- certList = CERT_NewCertList();
- for (i=0, c = *foundCerts; c; c = foundCerts[++i]) {
- CERT_AddCertToListTail(certList, STAN_GetCERTCertificate(c));
- }
- if (CERT_LIST_HEAD(certList) == NULL) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
- nss_ZFreeIf(foundCerts);
- }
- return certList;
-#endif
-}
-
-/*
- * extract a key ID for a certificate...
- * NOTE: We call this function from PKCS11.c If we ever use
- * pkcs11 to extract the public key (we currently do not), this will break.
- */
-SECItem *
-PK11_GetPubIndexKeyID(CERTCertificate *cert) {
- SECKEYPublicKey *pubk;
- SECItem *newItem = NULL;
-
- pubk = CERT_ExtractPublicKey(cert);
- if (pubk == NULL) return NULL;
-
- switch (pubk->keyType) {
- case rsaKey:
- newItem = SECITEM_DupItem(&pubk->u.rsa.modulus);
- break;
- case dsaKey:
- newItem = SECITEM_DupItem(&pubk->u.dsa.publicValue);
- break;
- case dhKey:
- newItem = SECITEM_DupItem(&pubk->u.dh.publicValue);
- case fortezzaKey:
- default:
- newItem = NULL; /* Fortezza Fix later... */
- }
- SECKEY_DestroyPublicKey(pubk);
- /* make hash of it */
- return newItem;
-}
-
-/*
- * generate a CKA_ID from a certificate.
- */
-SECItem *
-pk11_mkcertKeyID(CERTCertificate *cert) {
- SECItem *pubKeyData = PK11_GetPubIndexKeyID(cert) ;
- SECItem *certCKA_ID;
-
- if (pubKeyData == NULL) return NULL;
-
- certCKA_ID = PK11_MakeIDFromPubKey(pubKeyData);
- SECITEM_FreeItem(pubKeyData,PR_TRUE);
- return certCKA_ID;
-}
-
-
-/*
- * Generate a CKA_ID from the relevant public key data. The CKA_ID is generated
- * from the pubKeyData by SHA1_Hashing it to produce a smaller CKA_ID (to make
- * smart cards happy.
- */
-SECItem *
-PK11_MakeIDFromPubKey(SECItem *pubKeyData) {
- PK11Context *context;
- SECItem *certCKA_ID;
- SECStatus rv;
-
- context = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (context == NULL) {
- return NULL;
- }
-
- rv = PK11_DigestBegin(context);
- if (rv == SECSuccess) {
- rv = PK11_DigestOp(context,pubKeyData->data,pubKeyData->len);
- }
- if (rv != SECSuccess) {
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
-
- certCKA_ID = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if (certCKA_ID == NULL) {
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
-
- certCKA_ID->len = SHA1_LENGTH;
- certCKA_ID->data = (unsigned char*)PORT_Alloc(certCKA_ID->len);
- if (certCKA_ID->data == NULL) {
- PORT_Free(certCKA_ID);
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
-
- rv = PK11_DigestFinal(context,certCKA_ID->data,&certCKA_ID->len,
- SHA1_LENGTH);
- PK11_DestroyContext(context,PR_TRUE);
- if (rv != SECSuccess) {
- SECITEM_FreeItem(certCKA_ID,PR_TRUE);
- return NULL;
- }
-
- return certCKA_ID;
-}
-
-/*
- * Write the cert into the token.
- */
-SECStatus
-PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
- CK_OBJECT_HANDLE key, char *nickname, PRBool includeTrust) {
- int len = 0;
- SECItem *keyID = pk11_mkcertKeyID(cert);
- CK_ATTRIBUTE keyAttrs[] = {
- { CKA_LABEL, NULL, 0},
- { CKA_SUBJECT, NULL, 0},
- };
- CK_OBJECT_CLASS certc = CKO_CERTIFICATE;
- CK_CERTIFICATE_TYPE certType = CKC_X_509;
- CK_OBJECT_HANDLE certID;
- CK_SESSION_HANDLE rwsession;
- CK_BBOOL cktrue = CK_TRUE;
- SECStatus rv = SECFailure;
- CK_ATTRIBUTE certAttrs[] = {
- { CKA_ID, NULL, 0 },
- { CKA_LABEL, NULL, 0},
- { CKA_CLASS, NULL, 0},
- { CKA_TOKEN, NULL, 0},
- { CKA_CERTIFICATE_TYPE, NULL, 0},
- { CKA_SUBJECT, NULL, 0},
- { CKA_ISSUER, NULL, 0},
- { CKA_SERIAL_NUMBER, NULL, 0},
- { CKA_VALUE, NULL, 0},
- { CKA_NETSCAPE_TRUST, NULL, 0},
- };
- int certCount = sizeof(certAttrs)/sizeof(certAttrs[0]), keyCount = 2;
- int realCount = 0;
- CK_ATTRIBUTE *attrs;
- CK_RV crv;
- SECCertUsage *certUsage = NULL;
-
- if (keyID == NULL) {
- PORT_SetError(SEC_ERROR_ADDING_CERT);
- return rv;
- }
-
- len = ((nickname) ? PORT_Strlen(nickname) : 0);
-
- attrs = certAttrs;
- PK11_SETATTRS(attrs,CKA_ID, keyID->data, keyID->len); attrs++;
- if (nickname) {
- PK11_SETATTRS(attrs,CKA_LABEL, nickname, len ); attrs++;
- }
- PK11_SETATTRS(attrs,CKA_CLASS, &certc, sizeof(certc) ); attrs++;
- PK11_SETATTRS(attrs,CKA_TOKEN, &cktrue, sizeof(cktrue) ); attrs++;
- PK11_SETATTRS(attrs,CKA_CERTIFICATE_TYPE, &certType,
- sizeof(certType)); attrs++;
- PK11_SETATTRS(attrs,CKA_SUBJECT, cert->derSubject.data,
- cert->derSubject.len ); attrs++;
- PK11_SETATTRS(attrs,CKA_ISSUER, cert->derIssuer.data,
- cert->derIssuer.len ); attrs++;
- PK11_SETATTRS(attrs,CKA_SERIAL_NUMBER, cert->serialNumber.data,
- cert->serialNumber.len); attrs++;
- PK11_SETATTRS(attrs,CKA_VALUE, cert->derCert.data,
- cert->derCert.len); attrs++;
- if (includeTrust && PK11_IsInternal(slot)) {
- certUsage = (SECCertUsage*)PORT_Alloc(sizeof(SECCertUsage));
- if(!certUsage) {
- SECITEM_FreeItem(keyID,PR_TRUE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return rv;
- }
- *certUsage = certUsageUserCertImport;
- PK11_SETATTRS(attrs,CKA_NETSCAPE_TRUST, certUsage,
- sizeof(SECCertUsage));
- attrs++;
- }
- realCount = attrs - certAttrs;
- PORT_Assert(realCount <= certCount);
-
- attrs = keyAttrs;
- if(nickname) {
- PK11_SETATTRS(attrs,CKA_LABEL, nickname, len ); attrs++;
- }
- PK11_SETATTRS(attrs,CKA_SUBJECT, cert->derSubject.data,
- cert->derSubject.len );
-
- if(!nickname) {
- certCount--;
- keyCount--;
- }
-
- rwsession = PK11_GetRWSession(slot);
- if (key != CK_INVALID_HANDLE) {
- crv = PK11_GETTAB(slot)->C_SetAttributeValue(rwsession,key,keyAttrs,
- keyCount);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto done;
- }
- }
-
- crv = PK11_GETTAB(slot)->
- C_CreateObject(rwsession,certAttrs,realCount,&certID);
- if (crv == CKR_OK) {
- rv = SECSuccess;
- } else {
- PORT_SetError( PK11_MapError(crv) );
- }
-
- if (!cert->nickname && nickname) {
- cert->nickname = PORT_ArenaStrdup(cert->arena, nickname);
- }
-
- cert->pkcs11ID = certID;
- cert->dbhandle = STAN_GetDefaultTrustDomain();
- if (cert->slot == NULL) {
- cert->slot = PK11_ReferenceSlot(slot);
- if (cert->nssCertificate) {
- nssPKIObjectInstance *instance;
- NSSCertificate *c = cert->nssCertificate;
- instance = nss_ZNEW(c->object.arena, nssPKIObjectInstance);
- instance->cryptoki.token = slot->nssToken;
- instance->cryptoki.handle = cert->pkcs11ID;
- instance->trustDomain = cert->dbhandle;
- nssList_Add(c->object.instanceList, instance);
- } else {
- cert->nssCertificate = STAN_GetNSSCertificate(cert);
- }
- }
-
-done:
- SECITEM_FreeItem(keyID,PR_TRUE);
- PK11_RestoreROSession(slot,rwsession);
- if(certUsage) {
- PORT_Free(certUsage);
- }
- return rv;
-
-}
-
-/*
- * get a certificate handle, look at the cached handle first..
- */
-CK_OBJECT_HANDLE
-pk11_getcerthandle(PK11SlotInfo *slot, CERTCertificate *cert,
- CK_ATTRIBUTE *theTemplate,int tsize)
-{
- CK_OBJECT_HANDLE certh;
-
- if (cert->slot == slot) {
- certh = cert->pkcs11ID;
- if (certh == CK_INVALID_HANDLE) {
- certh = pk11_FindObjectByTemplate(slot,theTemplate,tsize);
- cert->pkcs11ID = certh;
- }
- } else {
- certh = pk11_FindObjectByTemplate(slot,theTemplate,tsize);
- }
- return certh;
-}
-
-/*
- * return the private key From a given Cert
- */
-SECKEYPrivateKey *
-PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx) {
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_VALUE, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_OBJECT_HANDLE certh;
- CK_OBJECT_HANDLE keyh;
- CK_ATTRIBUTE *attrs = theTemplate;
- SECStatus rv;
-
- PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
- cert->derCert.len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
- /*
- * issue the find
- */
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- certh = pk11_getcerthandle(slot,cert,theTemplate,tsize);
- if (certh == CK_INVALID_HANDLE) {
- return NULL;
- }
- keyh = PK11_MatchItem(slot,certh,CKO_PRIVATE_KEY);
- if (keyh == CK_INVALID_HANDLE) { return NULL; }
- return PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyh, wincx);
-}
-
-
-/*
- * return the private key with the given ID
- */
-static CK_OBJECT_HANDLE
-pk11_FindPrivateKeyFromCertID(PK11SlotInfo *slot, SECItem *keyID) {
- CK_OBJECT_CLASS privKey = CKO_PRIVATE_KEY;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_ATTRIBUTE *attrs = theTemplate;
-
- PK11_SETATTRS(attrs, CKA_ID, keyID->data, keyID->len ); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &privKey, sizeof(privKey));
-
- return pk11_FindObjectByTemplate(slot,theTemplate,tsize);
-}
-
-/*
- * import a cert for a private key we have already generated. Set the label
- * on both to be the nickname. This is for the Key Gen, orphaned key case.
- */
-PK11SlotInfo *
-PK11_KeyForCertExists(CERTCertificate *cert, CK_OBJECT_HANDLE *keyPtr,
- void *wincx) {
- PK11SlotList *list;
- PK11SlotListElement *le;
- SECItem *keyID;
- CK_OBJECT_HANDLE key;
- PK11SlotInfo *slot = NULL;
- SECStatus rv;
-
- keyID = pk11_mkcertKeyID(cert);
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
- if ((keyID == NULL) || (list == NULL)) {
- if (keyID) SECITEM_FreeItem(keyID,PR_TRUE);
- if (list) PK11_FreeSlotList(list);
- return NULL;
- }
-
- /* Look for the slot that holds the Key */
- for (le = list->head ; le; le = le->next) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
-
- key = pk11_FindPrivateKeyFromCertID(le->slot,keyID);
- if (key != CK_INVALID_HANDLE) {
- slot = PK11_ReferenceSlot(le->slot);
- if (keyPtr) *keyPtr = key;
- break;
- }
- }
-
- SECITEM_FreeItem(keyID,PR_TRUE);
- PK11_FreeSlotList(list);
- return slot;
-
-}
-/*
- * import a cert for a private key we have already generated. Set the label
- * on both to be the nickname. This is for the Key Gen, orphaned key case.
- */
-PK11SlotInfo *
-PK11_KeyForDERCertExists(SECItem *derCert, CK_OBJECT_HANDLE *keyPtr,
- void *wincx) {
- CERTCertificate *cert;
- PK11SlotInfo *slot = NULL;
-
- cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if (cert == NULL) return NULL;
-
- slot = PK11_KeyForCertExists(cert, keyPtr, wincx);
- CERT_DestroyCertificate (cert);
- return slot;
-}
-
-PK11SlotInfo *
-PK11_ImportCertForKey(CERTCertificate *cert, char *nickname,void *wincx) {
- PK11SlotInfo *slot = NULL;
- CK_OBJECT_HANDLE key;
-
- slot = PK11_KeyForCertExists(cert,&key,wincx);
-
- if (slot) {
- if (PK11_ImportCert(slot,cert,key,nickname,PR_FALSE) != SECSuccess) {
- PK11_FreeSlot(slot);
- slot = NULL;
- }
- } else {
- PORT_SetError(SEC_ERROR_ADDING_CERT);
- }
-
- return slot;
-}
-
-PK11SlotInfo *
-PK11_ImportDERCertForKey(SECItem *derCert, char *nickname,void *wincx) {
- CERTCertificate *cert;
- PK11SlotInfo *slot = NULL;
-
- cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if (cert == NULL) return NULL;
-
- slot = PK11_ImportCertForKey(cert, nickname, wincx);
- CERT_DestroyCertificate (cert);
- return slot;
-}
-
-static CK_OBJECT_HANDLE
-pk11_FindCertObjectByTemplate(PK11SlotInfo **slotPtr,
- CK_ATTRIBUTE *searchTemplate, int count, void *wincx) {
- PK11SlotList *list;
- PK11SlotListElement *le;
- CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
- PK11SlotInfo *slot = NULL;
- SECStatus rv;
-
- *slotPtr = NULL;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
- if (list == NULL) {
- if (list) PK11_FreeSlotList(list);
- return CK_INVALID_HANDLE;
- }
-
-
- /* Look for the slot that holds the Key */
- for (le = list->head ; le; le = le->next) {
- if (!PK11_IsFriendly(le->slot)) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
- }
-
- certHandle = pk11_FindObjectByTemplate(le->slot,searchTemplate,count);
- if (certHandle != CK_INVALID_HANDLE) {
- slot = PK11_ReferenceSlot(le->slot);
- break;
- }
- }
-
- PK11_FreeSlotList(list);
-
- if (slot == NULL) {
- return CK_INVALID_HANDLE;
- }
- *slotPtr = slot;
- return certHandle;
-}
-
-
-/*
- * We're looking for a cert which we have the private key for that's on the
- * list of recipients. This searches one slot.
- * this is the new version for NSS SMIME code
- * this stuff should REALLY be in the SMIME code, but some things in here are not public
- * (they should be!)
- */
-static CK_OBJECT_HANDLE
-pk11_FindCertObjectByRecipientNew(PK11SlotInfo *slot, NSSCMSRecipient **recipientlist, int *rlIndex)
-{
- CK_OBJECT_HANDLE certHandle;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_OBJECT_CLASS peerClass ;
- CK_ATTRIBUTE searchTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0}
- };
- int count = sizeof(searchTemplate)/sizeof(CK_ATTRIBUTE);
- NSSCMSRecipient *ri = NULL;
- CK_ATTRIBUTE *attrs;
- int i;
-
- peerClass = CKO_PRIVATE_KEY;
- if (!PK11_IsLoggedIn(slot,NULL) && PK11_NeedLogin(slot)) {
- peerClass = CKO_PUBLIC_KEY;
- }
-
- for (i=0; (ri = recipientlist[i]) != NULL; i++) {
- /* XXXXX fixme - not yet implemented! */
- if (ri->kind == RLSubjKeyID)
- continue;
-
- attrs = searchTemplate;
-
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass,sizeof(certClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_ISSUER, ri->id.issuerAndSN->derIssuer.data,
- ri->id.issuerAndSN->derIssuer.len); attrs++;
- PK11_SETATTRS(attrs, CKA_SERIAL_NUMBER,
- ri->id.issuerAndSN->serialNumber.data,ri->id.issuerAndSN->serialNumber.len);
-
- certHandle = pk11_FindObjectByTemplate(slot,searchTemplate,count);
- if (certHandle != CK_INVALID_HANDLE) {
- CERTCertificate *cert = pk11_fastCert(slot,certHandle,NULL,NULL);
- if (PK11_IsUserCert(slot,cert,certHandle)) {
- /* we've found a cert handle, now let's see if there is a key
- * associated with it... */
- ri->slot = PK11_ReferenceSlot(slot);
- *rlIndex = i;
-
- CERT_DestroyCertificate(cert);
- return certHandle;
- }
- CERT_DestroyCertificate(cert);
- }
- }
- *rlIndex = -1;
- return CK_INVALID_HANDLE;
-}
-
-/*
- * This function is the same as above, but it searches all the slots.
- * this is the new version for NSS SMIME code
- * this stuff should REALLY be in the SMIME code, but some things in here are not public
- * (they should be!)
- */
-static CK_OBJECT_HANDLE
-pk11_AllFindCertObjectByRecipientNew(NSSCMSRecipient **recipientlist, void *wincx, int *rlIndex)
-{
- PK11SlotList *list;
- PK11SlotListElement *le;
- CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
- SECStatus rv;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
- if (list == NULL) {
- if (list) PK11_FreeSlotList(list);
- return CK_INVALID_HANDLE;
- }
-
- /* Look for the slot that holds the Key */
- for (le = list->head ; le; le = le->next) {
- if ( !PK11_IsFriendly(le->slot)) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
- }
-
- certHandle = pk11_FindCertObjectByRecipientNew(le->slot, recipientlist, rlIndex);
- if (certHandle != CK_INVALID_HANDLE)
- break;
- }
-
- PK11_FreeSlotList(list);
-
- return (le == NULL) ? CK_INVALID_HANDLE : certHandle;
-}
-
-/*
- * We're looking for a cert which we have the private key for that's on the
- * list of recipients. This searches one slot.
- */
-static CK_OBJECT_HANDLE
-pk11_FindCertObjectByRecipient(PK11SlotInfo *slot,
- SEC_PKCS7RecipientInfo **recipientArray,SEC_PKCS7RecipientInfo **rip)
-{
- CK_OBJECT_HANDLE certHandle;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_OBJECT_CLASS peerClass ;
- CK_ATTRIBUTE searchTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0}
- };
- int count = sizeof(searchTemplate)/sizeof(CK_ATTRIBUTE);
- SEC_PKCS7RecipientInfo *ri = NULL;
- CK_ATTRIBUTE *attrs;
- int i;
-
-
- peerClass = CKO_PRIVATE_KEY;
- if (!PK11_IsLoggedIn(slot,NULL) && PK11_NeedLogin(slot)) {
- peerClass = CKO_PUBLIC_KEY;
- }
-
- for (i=0; (ri = recipientArray[i]) != NULL; i++) {
- attrs = searchTemplate;
-
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass,sizeof(certClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_ISSUER, ri->issuerAndSN->derIssuer.data,
- ri->issuerAndSN->derIssuer.len); attrs++;
- PK11_SETATTRS(attrs, CKA_SERIAL_NUMBER,
- ri->issuerAndSN->serialNumber.data,ri->issuerAndSN->serialNumber.len);
-
- certHandle = pk11_FindObjectByTemplate(slot,searchTemplate,count);
- if (certHandle != CK_INVALID_HANDLE) {
- CERTCertificate *cert = pk11_fastCert(slot,certHandle,NULL,NULL);
- if (PK11_IsUserCert(slot,cert,certHandle)) {
- /* we've found a cert handle, now let's see if there is a key
- * associated with it... */
- *rip = ri;
-
- CERT_DestroyCertificate(cert);
- return certHandle;
- }
- CERT_DestroyCertificate(cert);
- }
- }
- *rip = NULL;
- return CK_INVALID_HANDLE;
-}
-
-/*
- * This function is the same as above, but it searches all the slots.
- */
-static CK_OBJECT_HANDLE
-pk11_AllFindCertObjectByRecipient(PK11SlotInfo **slotPtr,
- SEC_PKCS7RecipientInfo **recipientArray,SEC_PKCS7RecipientInfo **rip,
- void *wincx) {
- PK11SlotList *list;
- PK11SlotListElement *le;
- CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
- PK11SlotInfo *slot = NULL;
- SECStatus rv;
-
- *slotPtr = NULL;
-
- /* get them all! */
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,PR_FALSE,PR_TRUE,wincx);
- if (list == NULL) {
- if (list) PK11_FreeSlotList(list);
- return CK_INVALID_HANDLE;
- }
-
- *rip = NULL;
-
- /* Look for the slot that holds the Key */
- for (le = list->head ; le; le = le->next) {
- if ( !PK11_IsFriendly(le->slot)) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
- }
-
- certHandle = pk11_FindCertObjectByRecipient(le->slot,
- recipientArray,rip);
- if (certHandle != CK_INVALID_HANDLE) {
- slot = PK11_ReferenceSlot(le->slot);
- break;
- }
- }
-
- PK11_FreeSlotList(list);
-
- if (slot == NULL) {
- return CK_INVALID_HANDLE;
- }
- *slotPtr = slot;
- return certHandle;
-}
-
-/*
- * We need to invert the search logic for PKCS 7 because if we search for
- * each cert on the list over all the slots, we wind up with lots of spurious
- * password prompts. This way we get only one password prompt per slot, at
- * the max, and most of the time we can find the cert, and only prompt for
- * the key...
- */
-CERTCertificate *
-PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slotPtr,
- SEC_PKCS7RecipientInfo **array, SEC_PKCS7RecipientInfo **rip,
- SECKEYPrivateKey**privKey, void *wincx)
-{
- CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
- CK_OBJECT_HANDLE keyHandle = CK_INVALID_HANDLE;
- CERTCertificate *cert = NULL;
- SECStatus rv;
-
- *privKey = NULL;
- certHandle = pk11_AllFindCertObjectByRecipient(slotPtr,array,rip,wincx);
- if (certHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
-
- rv = PK11_Authenticate(*slotPtr,PR_TRUE,wincx);
- if (rv != SECSuccess) {
- PK11_FreeSlot(*slotPtr);
- *slotPtr = NULL;
- return NULL;
- }
-
- keyHandle = PK11_MatchItem(*slotPtr,certHandle,CKO_PRIVATE_KEY);
- if (keyHandle == CK_INVALID_HANDLE) {
- PK11_FreeSlot(*slotPtr);
- *slotPtr = NULL;
- return NULL;
- }
-
- *privKey = PK11_MakePrivKey(*slotPtr, nullKey, PR_TRUE, keyHandle, wincx);
- if (*privKey == NULL) {
- PK11_FreeSlot(*slotPtr);
- *slotPtr = NULL;
- return NULL;
- }
- cert = PK11_MakeCertFromHandle(*slotPtr,certHandle,NULL);
- if (cert == NULL) {
- PK11_FreeSlot(*slotPtr);
- SECKEY_DestroyPrivateKey(*privKey);
- *slotPtr = NULL;
- *privKey = NULL;
- return NULL;
- }
- return cert;
-}
-
-/*
- * This is the new version of the above function for NSS SMIME code
- * this stuff should REALLY be in the SMIME code, but some things in here are not public
- * (they should be!)
- */
-int
-PK11_FindCertAndKeyByRecipientListNew(NSSCMSRecipient **recipientlist, void *wincx)
-{
- CK_OBJECT_HANDLE certHandle = CK_INVALID_HANDLE;
- CK_OBJECT_HANDLE keyHandle = CK_INVALID_HANDLE;
- NSSCMSRecipient *rl;
- int rlIndex;
-
- certHandle = pk11_AllFindCertObjectByRecipientNew(recipientlist, wincx, &rlIndex);
- if (certHandle == CK_INVALID_HANDLE) {
- return -1;
- }
-
- rl = recipientlist[rlIndex];
-
- /* at this point, rl->slot is set */
-
- /* authenticate to the token */
- if (PK11_Authenticate(rl->slot, PR_TRUE, wincx) != SECSuccess) {
- PK11_FreeSlot(rl->slot);
- rl->slot = NULL;
- return -1;
- }
-
- /* try to get a private key handle for the cert we found */
- keyHandle = PK11_MatchItem(rl->slot, certHandle, CKO_PRIVATE_KEY);
- if (keyHandle == CK_INVALID_HANDLE) {
- PK11_FreeSlot(rl->slot);
- rl->slot = NULL;
- return -1;
- }
-
- /* make a private key out of the handle */
- rl->privkey = PK11_MakePrivKey(rl->slot, nullKey, PR_TRUE, keyHandle, wincx);
- if (rl->privkey == NULL) {
- PK11_FreeSlot(rl->slot);
- rl->slot = NULL;
- return -1;
- }
- /* make a cert from the cert handle */
- rl->cert = PK11_MakeCertFromHandle(rl->slot, certHandle, NULL);
- if (rl->cert == NULL) {
- PK11_FreeSlot(rl->slot);
- SECKEY_DestroyPrivateKey(rl->privkey);
- rl->slot = NULL;
- rl->privkey = NULL;
- return -1;
- }
- return rlIndex;
-}
-
-CERTCertificate *
-PK11_FindCertByIssuerAndSN(PK11SlotInfo **slotPtr, CERTIssuerAndSN *issuerSN,
- void *wincx)
-{
-#ifdef NSS_CLASSIC
- CK_OBJECT_HANDLE certHandle;
- CERTCertificate *cert = NULL;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE searchTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0}
- };
- int count = sizeof(searchTemplate)/sizeof(CK_ATTRIBUTE);
- CK_ATTRIBUTE *attrs = searchTemplate;
-
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_ISSUER, issuerSN->derIssuer.data,
- issuerSN->derIssuer.len); attrs++;
- PK11_SETATTRS(attrs, CKA_SERIAL_NUMBER, issuerSN->serialNumber.data,
- issuerSN->serialNumber.len);
-
- certHandle = pk11_FindCertObjectByTemplate
- (slotPtr,searchTemplate,count,wincx);
- if (certHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
- cert = PK11_MakeCertFromHandle(*slotPtr,certHandle,NULL);
- if (cert == NULL) {
- PK11_FreeSlot(*slotPtr);
- return NULL;
- }
- return cert;
-#else
- CERTCertificate *rvCert = NULL;
- NSSCertificate *cert;
- NSSDER issuer, serial;
- issuer.data = (void *)issuerSN->derIssuer.data;
- issuer.size = (PRUint32)issuerSN->derIssuer.len;
- serial.data = (void *)issuerSN->serialNumber.data;
- serial.size = (PRUint32)issuerSN->serialNumber.len;
- /* XXX login to slots */
- cert = NSSTrustDomain_FindCertificateByIssuerAndSerialNumber(
- STAN_GetDefaultTrustDomain(),
- &issuer,
- &serial);
- if (cert) {
- rvCert = STAN_GetCERTCertificate(cert);
- if (slotPtr) *slotPtr = rvCert->slot;
- }
- return rvCert;
-#endif
-}
-
-CK_OBJECT_HANDLE
-PK11_FindObjectForCert(CERTCertificate *cert, void *wincx, PK11SlotInfo **pSlot)
-{
- CK_OBJECT_HANDLE certHandle;
- CK_ATTRIBUTE searchTemplate = { CKA_VALUE, NULL, 0 };
-
- PK11_SETATTRS(&searchTemplate, CKA_VALUE, cert->derCert.data,
- cert->derCert.len);
-
- if (cert->slot) {
- certHandle = pk11_getcerthandle(cert->slot,cert,&searchTemplate,1);
- if (certHandle != CK_INVALID_HANDLE) {
- *pSlot = PK11_ReferenceSlot(cert->slot);
- return certHandle;
- }
- }
-
- certHandle = pk11_FindCertObjectByTemplate(pSlot,&searchTemplate,1,wincx);
- if (certHandle != CK_INVALID_HANDLE) {
- if (cert->slot == NULL) {
- cert->slot = PK11_ReferenceSlot(*pSlot);
- cert->pkcs11ID = certHandle;
- cert->ownSlot = PR_FALSE;
- }
- }
-
- return(certHandle);
-}
-
-SECKEYPrivateKey *
-PK11_FindKeyByAnyCert(CERTCertificate *cert, void *wincx)
-{
- CK_OBJECT_HANDLE certHandle;
- CK_OBJECT_HANDLE keyHandle;
- PK11SlotInfo *slot = NULL;
- SECKEYPrivateKey *privKey;
- SECStatus rv;
-
- certHandle = PK11_FindObjectForCert(cert, wincx, &slot);
- if (certHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- PK11_FreeSlot(slot);
- return NULL;
- }
- keyHandle = PK11_MatchItem(slot,certHandle,CKO_PRIVATE_KEY);
- if (keyHandle == CK_INVALID_HANDLE) {
- PK11_FreeSlot(slot);
- return NULL;
- }
- privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx);
- PK11_FreeSlot(slot);
- return privKey;
-}
-
-CK_OBJECT_HANDLE
-pk11_FindPubKeyByAnyCert(CERTCertificate *cert, PK11SlotInfo **slot, void *wincx)
-{
- CK_OBJECT_HANDLE certHandle;
- CK_OBJECT_HANDLE keyHandle;
-
- certHandle = PK11_FindObjectForCert(cert, wincx, slot);
- if (certHandle == CK_INVALID_HANDLE) {
- return CK_INVALID_HANDLE;
- }
- keyHandle = PK11_MatchItem(*slot,certHandle,CKO_PUBLIC_KEY);
- if (keyHandle == CK_INVALID_HANDLE) {
- PK11_FreeSlot(*slot);
- return CK_INVALID_HANDLE;
- }
- return keyHandle;
-}
-
-SECKEYPrivateKey *
-PK11_FindKeyByKeyID(PK11SlotInfo *slot, SECItem *keyID, void *wincx)
-{
- CK_OBJECT_HANDLE keyHandle;
- SECKEYPrivateKey *privKey;
-
- keyHandle = pk11_FindPrivateKeyFromCertID(slot, keyID);
- if (keyHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
- privKey = PK11_MakePrivKey(slot, nullKey, PR_TRUE, keyHandle, wincx);
- return privKey;
-}
-
-/*
- * find the number of certs in the slot with the same subject name
- */
-int
-PK11_NumberCertsForCertSubject(CERTCertificate *cert)
-{
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
- };
- CK_ATTRIBUTE *attr = theTemplate;
- int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
- PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
- PK11_SETATTRS(attr,CKA_SUBJECT,cert->derSubject.data,cert->derSubject.len);
-
- if (cert->slot == NULL) {
- PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
- PR_FALSE,PR_TRUE,NULL);
- PK11SlotListElement *le;
- int count = 0;
-
- /* loop through all the fortezza tokens */
- for (le = list->head; le; le = le->next) {
- count += PK11_NumberObjectsFor(le->slot,theTemplate,templateSize);
- }
- PK11_FreeSlotList(list);
- return count;
- }
-
- return PK11_NumberObjectsFor(cert->slot,theTemplate,templateSize);
-}
-
-/*
- * Walk all the certs with the same subject
- */
-SECStatus
-PK11_TraverseCertsForSubject(CERTCertificate *cert,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
- if(!cert) {
- return SECFailure;
- }
- if (cert->slot == NULL) {
- PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
- PR_FALSE,PR_TRUE,NULL);
- PK11SlotListElement *le;
-
- /* loop through all the fortezza tokens */
- for (le = list->head; le; le = le->next) {
- PK11_TraverseCertsForSubjectInSlot(cert,le->slot,callback,arg);
- }
- PK11_FreeSlotList(list);
- return SECSuccess;
-
- }
-
- return PK11_TraverseCertsForSubjectInSlot(cert, cert->slot, callback, arg);
-}
-
-SECStatus
-PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert, PK11SlotInfo *slot,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-#ifdef NSS_CLASSIC
- pk11DoCertCallback caller;
- pk11TraverseSlot callarg;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
- };
- CK_ATTRIBUTE *attr = theTemplate;
- int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
- PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
- PK11_SETATTRS(attr,CKA_SUBJECT,cert->derSubject.data,cert->derSubject.len);
-
- if (slot == NULL) {
- return SECSuccess;
- }
- caller.noslotcallback = callback;
- caller.callback = NULL;
- caller.itemcallback = NULL;
- caller.callbackArg = arg;
- callarg.callback = pk11_DoCerts;
- callarg.callbackArg = (void *) & caller;
- callarg.findTemplate = theTemplate;
- callarg.templateCount = templateSize;
-
- return PK11_TraverseSlot(slot, &callarg);
-#else
- struct nss3_cert_cbstr pk11cb;
- PRStatus nssrv;
- NSSToken *token;
- NSSDER subject;
- NSSTrustDomain *td;
- nssList *subjectList;
- nssTokenCertSearch search;
- pk11cb.callback = callback;
- pk11cb.arg = arg;
- td = STAN_GetDefaultTrustDomain();
- NSSITEM_FROM_SECITEM(&subject, &cert->derSubject);
- subjectList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForSubjectFromCache(td, &subject, subjectList);
- /* set the search criteria */
- search.callback = convert_cert;
- search.cbarg = &pk11cb;
- search.cached = subjectList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- token = PK11Slot_GetNSSToken(slot);
- nssrv = nssToken_TraverseCertificatesBySubject(token, NULL,
- &subject, &search);
- nssList_Destroy(subjectList);
- return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-#endif
-}
-
-SECStatus
-PK11_TraverseCertsForNicknameInSlot(SECItem *nickname, PK11SlotInfo *slot,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-#ifdef NSS_CLASSIC
- pk11DoCertCallback caller;
- pk11TraverseSlot callarg;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_LABEL, NULL, 0 },
- };
- CK_ATTRIBUTE *attr = theTemplate;
- int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
- if(!nickname) {
- return SECSuccess;
- }
-
- PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
- PK11_SETATTRS(attr,CKA_LABEL,nickname->data,nickname->len);
-
- if (slot == NULL) {
- return SECSuccess;
- }
-
- caller.noslotcallback = callback;
- caller.callback = NULL;
- caller.itemcallback = NULL;
- caller.callbackArg = arg;
- callarg.callback = pk11_DoCerts;
- callarg.callbackArg = (void *) & caller;
- callarg.findTemplate = theTemplate;
- callarg.templateCount = templateSize;
-
- return PK11_TraverseSlot(slot, &callarg);
-#else
- struct nss3_cert_cbstr pk11cb;
- PRStatus nssrv;
- NSSToken *token;
- NSSTrustDomain *td;
- NSSUTF8 *nick;
- PRBool created = PR_FALSE;
- nssTokenCertSearch search;
- nssList *nameList;
- pk11cb.callback = callback;
- pk11cb.arg = arg;
- if (nickname->data[nickname->len-1] != '\0') {
- nick = nssUTF8_Create(NULL, nssStringType_UTF8String,
- nickname->data, nickname->len-1);
- created = PR_TRUE;
- } else {
- nick = (NSSUTF8 *)nickname->data;
- }
- td = STAN_GetDefaultTrustDomain();
- nameList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForNicknameFromCache(td, nick, nameList);
- /* set the search criteria */
- search.callback = convert_cert;
- search.cbarg = &pk11cb;
- search.cached = nameList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- token = PK11Slot_GetNSSToken(slot);
- nssrv = nssToken_TraverseCertificatesByNickname(token, NULL,
- nick, &search);
- nssList_Destroy(nameList);
- if (created) nss_ZFreeIf(nick);
- return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-#endif
-}
-
-SECStatus
-PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg)
-{
-#ifdef NSS_CLASSIC
- pk11DoCertCallback caller;
- pk11TraverseSlot callarg;
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- };
- CK_ATTRIBUTE *attr = theTemplate;
- int templateSize = sizeof(theTemplate)/sizeof(theTemplate[0]);
-
- PK11_SETATTRS(attr,CKA_CLASS, &certClass, sizeof(certClass)); attr++;
-
- if (slot == NULL) {
- return SECSuccess;
- }
-
- caller.noslotcallback = callback;
- caller.callback = NULL;
- caller.itemcallback = NULL;
- caller.callbackArg = arg;
- callarg.callback = pk11_DoCerts;
- callarg.callbackArg = (void *) & caller;
- callarg.findTemplate = theTemplate;
- callarg.templateCount = templateSize;
- return PK11_TraverseSlot(slot, &callarg);
-#else
- PRStatus nssrv;
- NSSTrustDomain *td = STAN_GetDefaultTrustDomain();
- struct nss3_cert_cbstr pk11cb;
- NSSToken *tok;
- nssList *certList = nssList_Create(NULL, PR_FALSE);
- nssTokenCertSearch search;
- pk11cb.callback = callback;
- pk11cb.arg = arg;
- (void *)nssTrustDomain_GetCertsFromCache(td, certList);
- /* set the search criteria */
- search.callback = convert_cert;
- search.cbarg = &pk11cb;
- search.cached = certList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- tok = PK11Slot_GetNSSToken(slot);
- if (tok) {
- nssrv = nssToken_TraverseCertificates(tok, NULL, &search);
- } else {
- nssrv = PR_FAILURE;
- }
- nssList_Destroy(certList);
- return (nssrv == PR_SUCCESS) ? SECSuccess : SECFailure;
-#endif
-}
-
-/*
- * return the certificate associated with a derCert
- */
-CERTCertificate *
-PK11_FindCertFromDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx)
-{
-#ifdef NSS_CLASSIC
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_VALUE, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_OBJECT_HANDLE certh;
- CK_ATTRIBUTE *attrs = theTemplate;
- SECStatus rv;
-
- PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
- cert->derCert.len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
- /*
- * issue the find
- */
- if ( !PK11_IsFriendly(slot)) {
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) return NULL;
- }
-
- certh = pk11_getcerthandle(slot,cert,theTemplate,tsize);
- if (certh == CK_INVALID_HANDLE) {
- return NULL;
- }
- return PK11_MakeCertFromHandle(slot, certh, NULL);
-#else
- CERTCertificate *rvCert = NULL;
- NSSCertificate *c;
- NSSDER derCert;
- NSSToken *tok;
- tok = PK11Slot_GetNSSToken(slot);
- NSSITEM_FROM_SECITEM(&derCert, &cert->derCert);
- /* XXX login to slots */
- c = nssToken_FindCertificateByEncodedCertificate(tok, NULL, &derCert);
- if (c) {
- rvCert = STAN_GetCERTCertificate(c);
- }
- return rvCert;
-#endif
-}
-
-/* mcgreer 3.4 -- nobody uses this, ignoring */
-/*
- * return the certificate associated with a derCert
- */
-CERTCertificate *
-PK11_FindCertFromDERSubjectAndNickname(PK11SlotInfo *slot,
- CERTCertificate *cert,
- char *nickname, void *wincx)
-{
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_LABEL, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_OBJECT_HANDLE certh;
- CK_ATTRIBUTE *attrs = theTemplate;
- SECStatus rv;
-
- PK11_SETATTRS(attrs, CKA_SUBJECT, cert->derSubject.data,
- cert->derSubject.len); attrs++;
- PK11_SETATTRS(attrs, CKA_LABEL, nickname, PORT_Strlen(nickname));
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
- /*
- * issue the find
- */
- if ( !PK11_IsFriendly(slot)) {
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) return NULL;
- }
-
- certh = pk11_getcerthandle(slot,cert,theTemplate,tsize);
- if (certh == CK_INVALID_HANDLE) {
- return NULL;
- }
-
- return PK11_MakeCertFromHandle(slot, certh, NULL);
-}
-
-/*
- * import a cert for a private key we have already generated. Set the label
- * on both to be the nickname.
- */
-static CK_OBJECT_HANDLE
-pk11_findKeyObjectByDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx)
-{
- SECItem *keyID;
- CK_OBJECT_HANDLE key;
- SECStatus rv;
-
- if((slot == NULL) || (cert == NULL)) {
- return CK_INVALID_HANDLE;
- }
-
- keyID = pk11_mkcertKeyID(cert);
- if(keyID == NULL) {
- return CK_INVALID_HANDLE;
- }
-
- key = CK_INVALID_HANDLE;
-
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) goto loser;
-
- key = pk11_FindPrivateKeyFromCertID(slot, keyID);
-
-loser:
- SECITEM_ZfreeItem(keyID, PR_TRUE);
- return key;
-}
-
-SECKEYPrivateKey *
-PK11_FindKeyByDERCert(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx)
-{
- CK_OBJECT_HANDLE keyHandle;
-
- if((slot == NULL) || (cert == NULL)) {
- return NULL;
- }
-
- keyHandle = pk11_findKeyObjectByDERCert(slot, cert, wincx);
- if (keyHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
-
- return PK11_MakePrivKey(slot,nullKey,PR_TRUE,keyHandle,wincx);
-}
-
-SECStatus
-PK11_ImportCertForKeyToSlot(PK11SlotInfo *slot, CERTCertificate *cert,
- char *nickname,
- PRBool addCertUsage,void *wincx)
-{
- CK_OBJECT_HANDLE keyHandle;
-
- if((slot == NULL) || (cert == NULL) || (nickname == NULL)) {
- return SECFailure;
- }
-
- keyHandle = pk11_findKeyObjectByDERCert(slot, cert, wincx);
- if (keyHandle == CK_INVALID_HANDLE) {
- return SECFailure;
- }
-
- return PK11_ImportCert(slot, cert, keyHandle, nickname, addCertUsage);
-}
-
-
-/* remove when the real version comes out */
-#define SEC_OID_MISSI_KEA 300 /* until we have v3 stuff merged */
-PRBool
-KEAPQGCompare(CERTCertificate *server,CERTCertificate *cert) {
-
- if ( SECKEY_KEAParamCompare(server,cert) == SECEqual ) {
- return PR_TRUE;
- } else {
- return PR_FALSE;
- }
-}
-
-PRBool
-PK11_FortezzaHasKEA(CERTCertificate *cert) {
- /* look at the subject and see if it is a KEA for MISSI key */
- SECOidData *oid;
-
- if ((cert->trust == NULL) ||
- ((cert->trust->sslFlags & CERTDB_USER) != CERTDB_USER)) {
- return PR_FALSE;
- }
-
- oid = SECOID_FindOID(&cert->subjectPublicKeyInfo.algorithm.algorithm);
-
-
- return (PRBool)((oid->offset == SEC_OID_MISSI_KEA_DSS_OLD) ||
- (oid->offset == SEC_OID_MISSI_KEA_DSS) ||
- (oid->offset == SEC_OID_MISSI_KEA)) ;
-}
-
-/*
- * Find a kea cert on this slot that matches the domain of it's peer
- */
-static CERTCertificate
-*pk11_GetKEAMate(PK11SlotInfo *slot,CERTCertificate *peer)
-{
- int i;
- CERTCertificate *returnedCert = NULL;
-
- for (i=0; i < slot->cert_count; i++) {
- CERTCertificate *cert = slot->cert_array[i];
-
- if (PK11_FortezzaHasKEA(cert) && KEAPQGCompare(peer,cert)) {
- returnedCert = CERT_DupCertificate(cert);
- break;
- }
- }
- return returnedCert;
-}
-
-/*
- * The following is a FORTEZZA only Certificate request. We call this when we
- * are doing a non-client auth SSL connection. We are only interested in the
- * fortezza slots, and we are only interested in certs that share the same root
- * key as the server.
- */
-CERTCertificate *
-PK11_FindBestKEAMatch(CERTCertificate *server, void *wincx)
-{
- PK11SlotList *keaList = PK11_GetAllTokens(CKM_KEA_KEY_DERIVE,
- PR_FALSE,PR_TRUE,wincx);
- PK11SlotListElement *le;
- CERTCertificate *returnedCert = NULL;
- SECStatus rv;
-
- /* loop through all the fortezza tokens */
- for (le = keaList->head; le; le = le->next) {
- rv = PK11_Authenticate(le->slot, PR_TRUE, wincx);
- if (rv != SECSuccess) continue;
- if (le->slot->session == CK_INVALID_SESSION) {
- continue;
- }
- returnedCert = pk11_GetKEAMate(le->slot,server);
- if (returnedCert) break;
- }
- PK11_FreeSlotList(keaList);
-
- return returnedCert;
-}
-
-/*
- * find a matched pair of kea certs to key exchange parameters from one
- * fortezza card to another as necessary.
- */
-SECStatus
-PK11_GetKEAMatchedCerts(PK11SlotInfo *slot1, PK11SlotInfo *slot2,
- CERTCertificate **cert1, CERTCertificate **cert2)
-{
- CERTCertificate *returnedCert = NULL;
- int i;
-
- for (i=0; i < slot1->cert_count; i++) {
- CERTCertificate *cert = slot1->cert_array[i];
-
- if (PK11_FortezzaHasKEA(cert)) {
- returnedCert = pk11_GetKEAMate(slot2,cert);
- if (returnedCert != NULL) {
- *cert2 = returnedCert;
- *cert1 = CERT_DupCertificate(cert);
- return SECSuccess;
- }
- }
- }
- return SECFailure;
-}
-
-SECOidTag
-PK11_FortezzaMapSig(SECOidTag algTag)
-{
- switch (algTag) {
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- return SEC_OID_ANSIX9_DSA_SIGNATURE;
- default:
- break;
- }
- return algTag;
-}
-
-/*
- * return the private key From a given Cert
- */
-CK_OBJECT_HANDLE
-PK11_FindCertInSlot(PK11SlotInfo *slot, CERTCertificate *cert, void *wincx)
-{
- CK_OBJECT_CLASS certClass = CKO_CERTIFICATE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_VALUE, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_ATTRIBUTE *attrs = theTemplate;
- SECStatus rv;
-
- PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
- cert->derCert.len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &certClass, sizeof(certClass));
-
- /*
- * issue the find
- */
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- return CK_INVALID_HANDLE;
- }
-
- return pk11_getcerthandle(slot,cert,theTemplate,tsize);
-}
-
-SECItem *
-PK11_GetKeyIDFromCert(CERTCertificate *cert, void *wincx)
-{
- CK_OBJECT_HANDLE handle;
- PK11SlotInfo *slot = NULL;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- };
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- SECItem *item = NULL;
- CK_RV crv;
-
- handle = PK11_FindObjectForCert(cert,wincx,&slot);
- if (handle == CK_INVALID_HANDLE) {
- goto loser;
- }
-
-
- crv = PK11_GetAttributes(NULL,slot,handle,theTemplate,tsize);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto loser;
- }
-
- item = PORT_ZNew(SECItem);
- if (item) {
- item->data = theTemplate[0].pValue;
- item->len = theTemplate[0].ulValueLen;
- }
-
-
-loser:
- PK11_FreeSlot(slot);
- return item;
-}
-
-SECItem *
-PK11_GetKeyIDFromPrivateKey(SECKEYPrivateKey *key, void *wincx)
-{
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- };
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- SECItem *item = NULL;
- CK_RV crv;
-
- crv = PK11_GetAttributes(NULL,key->pkcs11Slot,key->pkcs11ID,
- theTemplate,tsize);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto loser;
- }
-
- item = PORT_ZNew(SECItem);
- if (item) {
- item->data = theTemplate[0].pValue;
- item->len = theTemplate[0].ulValueLen;
- }
-
-
-loser:
- return item;
-}
-
-struct listCertsStr {
- PK11CertListType type;
- CERTCertList *certList;
-};
-
-static PRBool
-isOnList(CERTCertList *certList,CERTCertificate *cert)
-{
- CERTCertListNode *cln;
-
- for (cln = CERT_LIST_HEAD(certList); !CERT_LIST_END(cln,certList);
- cln = CERT_LIST_NEXT(cln)) {
- if (cln->cert == cert) {
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-static SECStatus
-#ifdef NSS_CLASSIC
-pk11ListCertCallback(CERTCertificate *cert, SECItem *derCert, void *arg)
-#else
-pk11ListCertCallback(CERTCertificate *cert, void *arg)
-#endif
-{
- struct listCertsStr *listCertP = (struct listCertsStr *)arg;
- CERTCertificate *newCert = NULL;
- PK11CertListType type = listCertP->type;
- CERTCertList *certList = listCertP->certList;
- CERTCertTrust *trust;
- PRBool isUnique = PR_FALSE;
- char *nickname = NULL;
- unsigned int certType;
-
- if ((type == PK11CertListUnique) || (type == PK11CertListRootUnique)) {
- isUnique = PR_TRUE;
- }
- /* at this point the nickname is correct for the cert. save it for later */
- if (!isUnique && cert->nickname) {
- nickname = PORT_ArenaStrdup(listCertP->certList->arena,cert->nickname);
- }
-#ifdef NSS_CLASSIC
- if (derCert == NULL) {
- newCert=CERT_DupCertificate(cert);
- } else {
- newCert=CERT_FindCertByDERCert(CERT_GetDefaultCertDB(),&cert->derCert);
- }
-#else
- newCert=CERT_DupCertificate(cert);
-#endif
-
- if (newCert == NULL) return SECSuccess;
-
- trust = newCert->trust;
-
- /* if we want user certs and we don't have one skip this cert */
- if ((type == PK11CertListUser) &&
- ((trust == NULL) ||
- ( ((trust->sslFlags & CERTDB_USER) == 0) &&
- ((trust->emailFlags & CERTDB_USER) == 0) )) ) {
- CERT_DestroyCertificate(newCert);
- return SECSuccess;
- }
-
- /* if we want root certs, skip the user certs */
- if ((type == PK11CertListRootUnique) &&
- ((trust) && (((trust->sslFlags & CERTDB_USER ) ||
- (trust->emailFlags & CERTDB_USER))) ) ) {
- CERT_DestroyCertificate(newCert);
- return SECSuccess;
- }
-
-
- /* if we want Unique certs and we already have it on our list, skip it */
- if ( isUnique && isOnList(certList,newCert) ) {
- CERT_DestroyCertificate(newCert);
- return SECSuccess;
- }
-
- /* if we want CA certs and it ain't one, skip it */
- if( type == PK11CertListCA && (!CERT_IsCACert(newCert, &certType)) ) {
- CERT_DestroyCertificate(newCert);
- return SECSuccess;
- }
-
- /* put slot certs at the end */
- if (newCert->slot && !PK11_IsInternal(newCert->slot)) {
- CERT_AddCertToListTailWithData(certList,newCert,nickname);
- } else {
- CERT_AddCertToListHeadWithData(certList,newCert,nickname);
- }
- return SECSuccess;
-}
-
-
-CERTCertList *
-PK11_ListCerts(PK11CertListType type, void *pwarg)
-{
-#ifdef NSS_CLASSIC
- CERTCertList *certList = NULL;
- struct listCertsStr listCerts;
-
- certList= CERT_NewCertList();
- listCerts.type = type;
- listCerts.certList = certList;
-
- PK11_TraverseSlotCerts(pk11ListCertCallback,&listCerts,pwarg);
-
- if (CERT_LIST_HEAD(certList) == NULL) {
- CERT_DestroyCertList(certList);
- certList = NULL;
- }
- return certList;
-#else
- NSSTrustDomain *defaultTD = STAN_GetDefaultTrustDomain();
- CERTCertList *certList = NULL;
- struct nss3_cert_cbstr pk11cb;
- struct listCertsStr listCerts;
- certList = CERT_NewCertList();
- listCerts.type = type;
- listCerts.certList = certList;
- pk11cb.callback = pk11ListCertCallback;
- pk11cb.arg = &listCerts;
- NSSTrustDomain_TraverseCertificates(defaultTD, convert_cert, &pk11cb);
- return certList;
-#endif
-}
-
-static SECItem *
-pk11_GetLowLevelKeyFromHandle(PK11SlotInfo *slot, CK_OBJECT_HANDLE handle) {
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_ID, NULL, 0 },
- };
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_RV crv;
- SECItem *item;
-
- item = SECITEM_AllocItem(NULL, NULL, 0);
-
- if (item == NULL) {
- return NULL;
- }
-
- crv = PK11_GetAttributes(NULL,slot,handle,theTemplate,tsize);
- if (crv != CKR_OK) {
- SECITEM_FreeItem(item,PR_TRUE);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
-
- item->data = theTemplate[0].pValue;
- item->len =theTemplate[0].ulValueLen;
-
- return item;
-}
-
-SECItem *
-PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *wincx)
-{
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_VALUE, NULL, 0 },
- { CKA_CLASS, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_OBJECT_HANDLE certHandle;
- CK_ATTRIBUTE *attrs = theTemplate;
- PK11SlotInfo *slotRef = NULL;
- SECItem *item;
- SECStatus rv;
-
- if (slot) {
- PK11_SETATTRS(attrs, CKA_VALUE, cert->derCert.data,
- cert->derCert.len); attrs++;
-
- rv = PK11_Authenticate(slot, PR_TRUE, wincx);
- if (rv != SECSuccess) {
- return NULL;
- }
- certHandle = pk11_getcerthandle(slot,cert,theTemplate,tsize);
- } else {
- certHandle = PK11_FindObjectForCert(cert, wincx, &slotRef);
- if (certHandle == CK_INVALID_HANDLE) {
- return pk11_mkcertKeyID(cert);
- }
- slot = slotRef;
- }
-
- if (certHandle == CK_INVALID_HANDLE) {
- return NULL;
- }
-
- item = pk11_GetLowLevelKeyFromHandle(slot,certHandle);
- if (slotRef) PK11_FreeSlot(slotRef);
- return item;
-}
-
-SECItem *
-PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *privKey)
-{
- return pk11_GetLowLevelKeyFromHandle(privKey->pkcs11Slot,privKey->pkcs11ID);
-}
-
-static SECStatus
-listCertsCallback(CERTCertificate* cert, void*arg)
-{
- CERTCertList *list = (CERTCertList*)arg;
-
- return CERT_AddCertToListTail(list, CERT_DupCertificate(cert));
-}
-
-CERTCertList *
-PK11_ListCertsInSlot(PK11SlotInfo *slot)
-{
- SECStatus status;
- CERTCertList *certs;
-
- certs = CERT_NewCertList();
- if(certs == NULL) return NULL;
-
- status = PK11_TraverseCertsInSlot(slot, listCertsCallback,
- (void*)certs);
-
- if( status != SECSuccess ) {
- CERT_DestroyCertList(certs);
- certs = NULL;
- }
-
- return certs;
-}
-
-static SECStatus
-privateKeyListCallback(SECKEYPrivateKey *key, void *arg)
-{
- SECKEYPrivateKeyList *list = (SECKEYPrivateKeyList*)arg;
-
- return SECKEY_AddPrivateKeyToListTail(list, SECKEY_CopyPrivateKey(key));
-}
-
-SECKEYPrivateKeyList*
-PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot)
-{
- SECStatus status;
- SECKEYPrivateKeyList *keys;
-
- keys = SECKEY_NewPrivateKeyList();
- if(keys == NULL) return NULL;
-
- status = PK11_TraversePrivateKeysInSlot(slot, privateKeyListCallback,
- (void*)keys);
-
- if( status != SECSuccess ) {
- SECKEY_DestroyPrivateKeyList(keys);
- keys = NULL;
- }
-
- return keys;
-}
-
-/*
- * return the certificate associated with a derCert
- */
-SECItem *
-PK11_FindCrlByName(PK11SlotInfo **slot, CK_OBJECT_HANDLE *crlHandle,
- SECItem *name, int type)
-{
- CK_OBJECT_CLASS crlClass = CKO_NETSCAPE_CRL;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- { CKA_NETSCAPE_KRL, NULL, 0 },
- };
- CK_ATTRIBUTE crlData = { CKA_VALUE, NULL, 0 };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_BBOOL ck_true = CK_TRUE;
- CK_BBOOL ck_false = CK_FALSE;
- CK_OBJECT_HANDLE crlh = CK_INVALID_HANDLE;
- CK_ATTRIBUTE *attrs = theTemplate;
- CK_RV crv;
- SECStatus rv;
- SECItem *derCrl = NULL;
-
- PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &crlClass, sizeof(crlClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, (type == SEC_CRL_TYPE) ?
- &ck_false : &ck_true, sizeof (CK_BBOOL)); attrs++;
-
- if (*slot) {
- crlh = pk11_FindObjectByTemplate(*slot,theTemplate,tsize);
- } else {
- PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
- PR_FALSE,PR_TRUE,NULL);
- PK11SlotListElement *le;
-
- /* loop through all the fortezza tokens */
- for (le = list->head; le; le = le->next) {
- crlh = pk11_FindObjectByTemplate(le->slot,theTemplate,tsize);
- if (crlh != CK_INVALID_HANDLE) {
- *slot = PK11_ReferenceSlot(le->slot);
- break;
- }
- }
- PK11_FreeSlotList(list);
- }
-
- if (crlh == CK_INVALID_HANDLE) {
- PORT_SetError(SEC_ERROR_NO_KRL);
- return NULL;
- }
- crv = PK11_GetAttributes(NULL,*slot,crlh,&crlData,1);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError (crv));
- goto loser;
- }
-
- derCrl = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if (derCrl == NULL) {
- goto loser;
- }
-
- derCrl->data = crlData.pValue;
- derCrl->len = crlData.ulValueLen;
-
- if (crlHandle) {
- *crlHandle = crlh;
- }
-
-loser:
- if (!derCrl) {
- if (crlData.pValue) PORT_Free(crlData.pValue);
- }
- return derCrl;
-}
-
-CK_OBJECT_HANDLE
-PK11_PutCrl(PK11SlotInfo *slot, SECItem *crl, SECItem *name,
- char *url, int type)
-{
- CK_OBJECT_CLASS crlClass = CKO_NETSCAPE_CRL;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- { CKA_NETSCAPE_KRL, NULL, 0 },
- { CKA_NETSCAPE_URL, NULL, 0 },
- { CKA_VALUE, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_BBOOL ck_true = CK_TRUE;
- CK_BBOOL ck_false = CK_FALSE;
- CK_OBJECT_HANDLE crlh = CK_INVALID_HANDLE;
- CK_ATTRIBUTE *attrs = theTemplate;
- CK_SESSION_HANDLE rwsession;
- CK_RV crv;
-
- PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &crlClass, sizeof(crlClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_KRL, (type == SEC_CRL_TYPE) ?
- &ck_false : &ck_true, sizeof (CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_URL, url, PORT_Strlen(url)+1); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE,crl->data,crl->len); attrs++;
-
- rwsession = PK11_GetRWSession(slot);
- if (rwsession == CK_INVALID_SESSION) {
- PORT_SetError(SEC_ERROR_READ_ONLY);
- return crlh;
- }
-
- crv = PK11_GETTAB(slot)->
- C_CreateObject(rwsession,attrs,tsize,&crlh);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- }
-
- PK11_RestoreROSession(slot,rwsession);
- return crlh;
-}
-
-
-
-/*
- * delete a crl.
- */
-SECStatus
-SEC_DeletePermCRL(CERTSignedCrl *crl)
-{
- PK11SlotInfo *slot = crl->slot;
- CK_RV crv;
-
- if (slot == NULL) {
- /* shouldn't happen */
- PORT_SetError( SEC_ERROR_CRL_INVALID);
- return SECFailure;
- }
-
- crv = PK11_DestroyTokenObject(slot,crl->pkcs11ID);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- goto loser;
- }
- crl->slot = NULL;
- PK11_FreeSlot(slot);
-loser:
- return SECSuccess;
-}
-
-/*
- * return the certificate associated with a derCert
- */
-SECItem *
-PK11_FindSMimeProfile(PK11SlotInfo **slot, char *emailAddr,
- SECItem *name, SECItem **profileTime)
-{
- CK_OBJECT_CLASS smimeClass = CKO_NETSCAPE_SMIME;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_CLASS, NULL, 0 },
- { CKA_NETSCAPE_EMAIL, NULL, 0 },
- };
- CK_ATTRIBUTE smimeData[] = {
- { CKA_SUBJECT, NULL, 0 },
- { CKA_VALUE, NULL, 0 },
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_BBOOL ck_true = CK_TRUE;
- CK_BBOOL ck_false = CK_FALSE;
- CK_OBJECT_HANDLE smimeh = CK_INVALID_HANDLE;
- CK_ATTRIBUTE *attrs = theTemplate;
- CK_RV crv;
- SECStatus rv;
- SECItem *emailProfile = NULL;
-
- PK11_SETATTRS(attrs, CKA_SUBJECT, name->data, name->len); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &smimeClass, sizeof(smimeClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_EMAIL, emailAddr, strlen(emailAddr));
- attrs++;
-
- if (*slot) {
- smimeh = pk11_FindObjectByTemplate(*slot,theTemplate,tsize);
- } else {
- PK11SlotList *list = PK11_GetAllTokens(CKM_INVALID_MECHANISM,
- PR_FALSE,PR_TRUE,NULL);
- PK11SlotListElement *le;
-
- /* loop through all the fortezza tokens */
- for (le = list->head; le; le = le->next) {
- smimeh = pk11_FindObjectByTemplate(le->slot,theTemplate,tsize);
- if (smimeh != CK_INVALID_HANDLE) {
- *slot = PK11_ReferenceSlot(le->slot);
- break;
- }
- }
- PK11_FreeSlotList(list);
- }
-
- if (smimeh == CK_INVALID_HANDLE) {
- PORT_SetError(SEC_ERROR_NO_KRL);
- return NULL;
- }
-
- if (profileTime) {
- PK11_SETATTRS(smimeData, CKA_NETSCAPE_SMIME_TIMESTAMP, NULL, 0);
- }
-
- crv = PK11_GetAttributes(NULL,*slot,smimeh,smimeData,2);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError (crv));
- goto loser;
- }
-
- if (!profileTime) {
- SECItem profileSubject;
-
- profileSubject.data = smimeData[0].pValue;
- profileSubject.len = smimeData[0].ulValueLen;
- if (!SECITEM_ItemsAreEqual(&profileSubject,name)) {
- goto loser;
- }
- }
-
- emailProfile = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if (emailProfile == NULL) {
- goto loser;
- }
-
- emailProfile->data = smimeData[1].pValue;
- emailProfile->len = smimeData[1].ulValueLen;
-
- if (profileTime) {
- *profileTime = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if (*profileTime) {
- (*profileTime)->data = smimeData[0].pValue;
- (*profileTime)->len = smimeData[0].ulValueLen;
- }
- }
-
-loser:
- if (emailProfile == NULL) {
- if (smimeData[1].pValue) {
- PORT_Free(smimeData[1].pValue);
- }
- }
- if (profileTime == NULL || *profileTime == NULL) {
- if (smimeData[0].pValue) {
- PORT_Free(smimeData[0].pValue);
- }
- }
- return emailProfile;
-}
-
-
-SECStatus
-PK11_SaveSMimeProfile(PK11SlotInfo *slot, char *emailAddr, SECItem *derSubj,
- SECItem *emailProfile, SECItem *profileTime)
-{
- CK_OBJECT_CLASS smimeClass = CKO_NETSCAPE_SMIME;
- CK_BBOOL ck_true = CK_TRUE;
- CK_ATTRIBUTE theTemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_TOKEN, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
- { CKA_NETSCAPE_EMAIL, NULL, 0 },
- { CKA_NETSCAPE_SMIME_TIMESTAMP, NULL, 0 },
- { CKA_VALUE, NULL, 0 }
- };
- /* if you change the array, change the variable below as well */
- int tsize = sizeof(theTemplate)/sizeof(theTemplate[0]);
- int realSize = 0;
- CK_OBJECT_HANDLE smimeh = CK_INVALID_HANDLE;
- CK_ATTRIBUTE *attrs = theTemplate;
- CK_SESSION_HANDLE rwsession;
- CK_RV crv;
-
- PK11_SETATTRS(attrs, CKA_CLASS, &smimeClass, sizeof(smimeClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, &ck_true, sizeof(ck_true)); attrs++;
- PK11_SETATTRS(attrs, CKA_SUBJECT, derSubj->data, derSubj->len); attrs++;
- PK11_SETATTRS(attrs, CKA_NETSCAPE_EMAIL,
- emailAddr, PORT_Strlen(emailAddr)+1); attrs++;
- if (profileTime) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_SMIME_TIMESTAMP, profileTime->data,
- profileTime->len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE,emailProfile->data,
- emailProfile->len); attrs++;
- }
- realSize = attrs - theTemplate;
- PORT_Assert (realSize <= tsize);
-
- if (slot == NULL) {
- slot = PK11_GetInternalKeySlot();
- /* we need to free the key slot in the end!!! */
- }
-
- rwsession = PK11_GetRWSession(slot);
- if (rwsession == CK_INVALID_SESSION) {
- PORT_SetError(SEC_ERROR_READ_ONLY);
- return SECFailure;
- }
-
- crv = PK11_GETTAB(slot)->
- C_CreateObject(rwsession,theTemplate,realSize,&smimeh);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- }
-
- PK11_RestoreROSession(slot,rwsession);
- return SECSuccess;
-}
-
-
diff --git a/security/nss/lib/pk11wrap/pk11err.c b/security/nss/lib/pk11wrap/pk11err.c
deleted file mode 100644
index b6846af84..000000000
--- a/security/nss/lib/pk11wrap/pk11err.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * this file maps PKCS11 Errors into SECErrors
- * This is an information reducing process, since most errors are reflected
- * back to the user (the user doesn't care about invalid flags, or active
- * operations). If any of these errors need more detail in the upper layers
- * which call PK11 library functions, we can add more SEC_ERROR_XXX functions
- * and change there mappings here.
- */
-#include "pkcs11t.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-#ifdef PK11_ERROR_USE_ARRAY
-
-/*
- * build a static array of entries...
- */
-static struct {
- CK_RV pk11_error;
- int sec_error;
-} pk11_error_map = {
-#define MAPERROR(x,y) {x, y},
-
-#else
-
-/* the default is to use a big switch statement */
-int
-PK11_MapError(CK_RV rv) {
-
- switch (rv) {
-#define MAPERROR(x,y) case x: return y;
-
-#endif
-
-/* the guts mapping */
- MAPERROR(CKR_OK, 0)
- MAPERROR(CKR_CANCEL, SEC_ERROR_IO)
- MAPERROR(CKR_HOST_MEMORY, SEC_ERROR_NO_MEMORY)
- MAPERROR(CKR_SLOT_ID_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_ATTRIBUTE_READ_ONLY, SEC_ERROR_READ_ONLY)
- MAPERROR(CKR_ATTRIBUTE_SENSITIVE, SEC_ERROR_IO) /* XX SENSITIVE */
- MAPERROR(CKR_ATTRIBUTE_TYPE_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_ATTRIBUTE_VALUE_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_DATA_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_DEVICE_ERROR, SEC_ERROR_IO)
- MAPERROR(CKR_DEVICE_MEMORY, SEC_ERROR_NO_MEMORY)
- MAPERROR(CKR_DEVICE_REMOVED, SEC_ERROR_NO_TOKEN)
- MAPERROR(CKR_ENCRYPTED_DATA_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_ENCRYPTED_DATA_LEN_RANGE, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_FUNCTION_CANCELED, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_FUNCTION_NOT_PARALLEL, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_MECHANISM_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_MECHANISM_PARAM_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_OBJECT_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_OPERATION_ACTIVE, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_OPERATION_NOT_INITIALIZED,SEC_ERROR_LIBRARY_FAILURE )
- MAPERROR(CKR_PIN_INCORRECT, SEC_ERROR_BAD_PASSWORD)
- MAPERROR(CKR_PIN_INVALID, SEC_ERROR_BAD_PASSWORD)
- MAPERROR(CKR_PIN_LEN_RANGE, SEC_ERROR_BAD_PASSWORD)
- MAPERROR(CKR_SESSION_CLOSED, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_SESSION_COUNT, SEC_ERROR_NO_MEMORY) /* XXXX? */
- MAPERROR(CKR_SESSION_HANDLE_INVALID, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_SESSION_PARALLEL_NOT_SUPPORTED, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_SESSION_READ_ONLY, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_SIGNATURE_INVALID, SEC_ERROR_BAD_SIGNATURE)
- MAPERROR(CKR_SIGNATURE_LEN_RANGE, SEC_ERROR_BAD_SIGNATURE)
- MAPERROR(CKR_TEMPLATE_INCOMPLETE, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_TEMPLATE_INCONSISTENT, SEC_ERROR_BAD_DATA)
- MAPERROR(CKR_TOKEN_NOT_PRESENT, SEC_ERROR_NO_TOKEN)
- MAPERROR(CKR_TOKEN_NOT_RECOGNIZED, SEC_ERROR_IO)
- MAPERROR(CKR_TOKEN_WRITE_PROTECTED, SEC_ERROR_READ_ONLY)
- MAPERROR(CKR_UNWRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_UNWRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_USER_ALREADY_LOGGED_IN, 0)
- MAPERROR(CKR_USER_NOT_LOGGED_IN, SEC_ERROR_LIBRARY_FAILURE) /* XXXX */
- MAPERROR(CKR_USER_PIN_NOT_INITIALIZED, SEC_ERROR_NO_TOKEN)
- MAPERROR(CKR_USER_TYPE_INVALID, SEC_ERROR_LIBRARY_FAILURE)
- MAPERROR(CKR_WRAPPED_KEY_INVALID, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_WRAPPED_KEY_LEN_RANGE, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_WRAPPING_KEY_HANDLE_INVALID, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_WRAPPING_KEY_SIZE_RANGE, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT, SEC_ERROR_INVALID_KEY)
- MAPERROR(CKR_VENDOR_DEFINED, SEC_ERROR_LIBRARY_FAILURE)
-
-
-#ifdef PK11_ERROR_USE_ARRAY
-
-int
-PK11_MapError(CK_RV rv) {
- int size = sizeof(pk11_error_map)/sizeof(pk11_error_map[0]);
-
- for (i=0; i < size; i++) {
- if (pk11_error_map[i].pk11_error == rv) {
- return pk11_error_map[i].sec_error;
- }
- }
- return SEC_ERROR_IO;
- }
-
-
-#else
-
- default:
- break;
- }
- return SEC_ERROR_IO;
-}
-
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h
deleted file mode 100644
index bc100af26..000000000
--- a/security/nss/lib/pk11wrap/pk11func.h
+++ /dev/null
@@ -1,515 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * PKCS #11 Wrapper functions which handles authenticating to the card's
- * choosing the best cards, etc.
- */
-#ifndef _PK11FUNC_H_
-#define _PK11FUNC_H_
-#include "plarena.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "keyt.h"
-#include "certt.h"
-#include "pkcs11t.h"
-#include "secmodt.h"
-#include "seccomon.h"
-#include "pkcs7t.h"
-#include "cmsreclist.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nssdevt.h"
-
-SEC_BEGIN_PROTOS
-
-/************************************************************
- * Generic Slot Lists Management
- ************************************************************/
-PK11SlotList * PK11_NewSlotList(void);
-void PK11_FreeSlotList(PK11SlotList *list);
-SECStatus PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot);
-SECStatus PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le);
-PK11SlotListElement * PK11_GetFirstSafe(PK11SlotList *list);
-PK11SlotListElement *PK11_GetNextSafe(PK11SlotList *list,
- PK11SlotListElement *le, PRBool restart);
-PK11SlotListElement *PK11_FindSlotElement(PK11SlotList *list,
- PK11SlotInfo *slot);
-
-/************************************************************
- * Generic Slot Management
- ************************************************************/
-PK11SlotInfo *PK11_ReferenceSlot(PK11SlotInfo *slot);
-PK11SlotInfo *PK11_FindSlotByID(SECMODModuleID modID,CK_SLOT_ID slotID);
-void PK11_FreeSlot(PK11SlotInfo *slot);
-SECStatus PK11_DestroyObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object);
-SECStatus PK11_DestroyTokenObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object);
-CK_OBJECT_HANDLE PK11_CopyKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE srcObject);
-SECStatus PK11_ReadAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type, PRArenaPool *arena, SECItem *result);
-CK_ULONG PK11_ReadULongAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type);
-PK11SlotInfo *PK11_GetInternalKeySlot(void);
-PK11SlotInfo *PK11_GetInternalSlot(void);
-char * PK11_MakeString(PRArenaPool *arena,char *space,char *staticSring,
- int stringLen);
-int PK11_MapError(CK_RV error);
-CK_SESSION_HANDLE PK11_GetRWSession(PK11SlotInfo *slot);
-void PK11_RestoreROSession(PK11SlotInfo *slot,CK_SESSION_HANDLE rwsession);
-PRBool PK11_RWSessionHasLock(PK11SlotInfo *slot,
- CK_SESSION_HANDLE session_handle);
-PK11SlotInfo *PK11_NewSlotInfo(void);
-SECStatus PK11_Logout(PK11SlotInfo *slot);
-void PK11_LogoutAll(void);
-void PK11_EnterSlotMonitor(PK11SlotInfo *);
-void PK11_ExitSlotMonitor(PK11SlotInfo *);
-void PK11_CleanKeyList(PK11SlotInfo *slot);
-
-void PK11Slot_SetNSSToken(PK11SlotInfo *slot, NSSToken *token);
-
-
-/************************************************************
- * Slot Password Management
- ************************************************************/
-void PK11_SetSlotPWValues(PK11SlotInfo *slot,int askpw, int timeout);
-void PK11_GetSlotPWValues(PK11SlotInfo *slot,int *askpw, int *timeout);
-SECStatus PK11_CheckSSOPassword(PK11SlotInfo *slot, char *ssopw);
-SECStatus PK11_CheckUserPassword(PK11SlotInfo *slot,char *pw);
-SECStatus PK11_DoPassword(PK11SlotInfo *slot, PRBool loadCerts, void *wincx);
-PRBool PK11_IsLoggedIn(PK11SlotInfo *slot, void *wincx);
-SECStatus PK11_VerifyPW(PK11SlotInfo *slot,char *pw);
-SECStatus PK11_InitPin(PK11SlotInfo *slot,char *ssopw, char *pk11_userpwd);
-SECStatus PK11_ChangePW(PK11SlotInfo *slot,char *oldpw, char *newpw);
-void PK11_HandlePasswordCheck(PK11SlotInfo *slot,void *wincx);
-void PK11_SetPasswordFunc(PK11PasswordFunc func);
-void PK11_SetVerifyPasswordFunc(PK11VerifyPasswordFunc func);
-void PK11_SetIsLoggedInFunc(PK11IsLoggedInFunc func);
-int PK11_GetMinimumPwdLength(PK11SlotInfo *slot);
-SECStatus PK11_ResetToken(PK11SlotInfo *slot, char *sso_pwd);
-
-/************************************************************
- * Manage the built-In Slot Lists
- ************************************************************/
-SECStatus PK11_InitSlotLists(void);
-void PK11_DestroySlotLists(void);
-PK11SlotList *PK11_GetSlotList(CK_MECHANISM_TYPE type);
-void PK11_LoadSlotList(PK11SlotInfo *slot, PK11PreSlotInfo *psi, int count);
-void PK11_ClearSlotList(PK11SlotInfo *slot);
-
-
-/******************************************************************
- * Slot initialization
- ******************************************************************/
-PRBool PK11_VerifyMechanism(PK11SlotInfo *slot,PK11SlotInfo *intern,
- CK_MECHANISM_TYPE mech, SECItem *data, SECItem *iv);
-PRBool PK11_VerifySlotMechanisms(PK11SlotInfo *slot);
-SECStatus pk11_CheckVerifyTest(PK11SlotInfo *slot);
-SECStatus PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts);
-SECStatus PK11_Authenticate(PK11SlotInfo *slot, PRBool loadCerts, void *wincx);
-void PK11_InitSlot(SECMODModule *mod,CK_SLOT_ID slotID,PK11SlotInfo *slot);
-
-
-/******************************************************************
- * Slot info functions
- ******************************************************************/
-PK11SlotInfo *PK11_FindSlotByName(char *name);
-PK11SlotInfo *PK11_FindSlotBySerial(char *serial);
-PRBool PK11_IsReadOnly(PK11SlotInfo *slot);
-PRBool PK11_IsInternal(PK11SlotInfo *slot);
-char * PK11_GetTokenName(PK11SlotInfo *slot);
-char * PK11_GetSlotName(PK11SlotInfo *slot);
-PRBool PK11_NeedLogin(PK11SlotInfo *slot);
-PRBool PK11_IsFriendly(PK11SlotInfo *slot);
-PRBool PK11_IsHW(PK11SlotInfo *slot);
-PRBool PK11_NeedUserInit(PK11SlotInfo *slot);
-int PK11_GetSlotSeries(PK11SlotInfo *slot);
-int PK11_GetCurrentWrapIndex(PK11SlotInfo *slot);
-unsigned long PK11_GetDefaultFlags(PK11SlotInfo *slot);
-CK_SLOT_ID PK11_GetSlotID(PK11SlotInfo *slot);
-SECMODModuleID PK11_GetModuleID(PK11SlotInfo *slot);
-SECStatus PK11_GetSlotInfo(PK11SlotInfo *slot, CK_SLOT_INFO *info);
-SECStatus PK11_GetTokenInfo(PK11SlotInfo *slot, CK_TOKEN_INFO *info);
-PRBool PK11_IsDisabled(PK11SlotInfo *slot);
-PRBool PK11_HasRootCerts(PK11SlotInfo *slot);
-PK11DisableReasons PK11_GetDisabledReason(PK11SlotInfo *slot);
-/* Prevents the slot from being used, and set disable reason to user-disable */
-/* NOTE: Mechanisms that were ON continue to stay ON */
-/* Therefore, when the slot is enabled, it will remember */
-/* what mechanisms needs to be turned on */
-PRBool PK11_UserDisableSlot(PK11SlotInfo *slot);
-/* Allow all mechanisms that are ON before UserDisableSlot() */
-/* was called to be available again */
-PRBool PK11_UserEnableSlot(PK11SlotInfo *slot);
-
-PRBool PK11_NeedPWInit(void);
-PRBool PK11_NeedPWInitForSlot(PK11SlotInfo *slot);
-PRBool PK11_TokenExists(CK_MECHANISM_TYPE);
-SECStatus PK11_GetModInfo(SECMODModule *mod, CK_INFO *info);
-PRBool PK11_IsFIPS(void);
-SECMODModule *PK11_GetModule(PK11SlotInfo *slot);
-
-/*********************************************************************
- * Slot mapping utility functions.
- *********************************************************************/
-PRBool PK11_IsPresent(PK11SlotInfo *slot);
-PRBool PK11_DoesMechanism(PK11SlotInfo *slot, CK_MECHANISM_TYPE type);
-PK11SlotList * PK11_GetAllTokens(CK_MECHANISM_TYPE type,PRBool needRW,
- PRBool loadCerts, void *wincx);
-PK11SlotList * PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,
- PRBool needRW,void *wincx);
-PK11SlotInfo *PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type, int count,
- void *wincx);
-PK11SlotInfo *PK11_GetBestSlot(CK_MECHANISM_TYPE type, void *wincx);
-CK_MECHANISM_TYPE PK11_GetBestWrapMechanism(PK11SlotInfo *slot);
-int PK11_GetBestKeyLength(PK11SlotInfo *slot, CK_MECHANISM_TYPE type);
-
-/*********************************************************************
- * Mechanism Mapping functions
- *********************************************************************/
-void PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
- CK_MECHANISM_TYPE keygen, int ivLen, int blocksize);
-CK_MECHANISM_TYPE PK11_GetKeyType(CK_MECHANISM_TYPE type,unsigned long len);
-CK_MECHANISM_TYPE PK11_GetKeyGen(CK_MECHANISM_TYPE type);
-int PK11_GetBlockSize(CK_MECHANISM_TYPE type,SECItem *params);
-int PK11_GetIVLength(CK_MECHANISM_TYPE type);
-SECItem *PK11_ParamFromIV(CK_MECHANISM_TYPE type,SECItem *iv);
-unsigned char *PK11_IVFromParam(CK_MECHANISM_TYPE type,SECItem *param,int *len);
-SECItem * PK11_BlockData(SECItem *data,unsigned long size);
-
-/* PKCS #11 to DER mapping functions */
-SECItem *PK11_ParamFromAlgid(SECAlgorithmID *algid);
-SECItem *PK11_GenerateNewParam(CK_MECHANISM_TYPE, PK11SymKey *);
-CK_MECHANISM_TYPE PK11_AlgtagToMechanism(SECOidTag algTag);
-SECOidTag PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type);
-SECOidTag PK11_FortezzaMapSig(SECOidTag algTag);
-SECStatus PK11_ParamToAlgid(SECOidTag algtag, SECItem *param,
- PRArenaPool *arena, SECAlgorithmID *algid);
-SECStatus PK11_SeedRandom(PK11SlotInfo *,unsigned char *data,int len);
-SECStatus PK11_RandomUpdate(void *data, size_t bytes);
-SECStatus PK11_GenerateRandom(unsigned char *data,int len);
-CK_RV PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism,
- CK_MECHANISM_PTR pCryptoMechanism,
- SECItem *pbe_pwd, PRBool bad3DES);
-CK_MECHANISM_TYPE PK11_GetPadMechanism(CK_MECHANISM_TYPE);
-
-/**********************************************************************
- * Symetric, Public, and Private Keys
- **********************************************************************/
-PK11SymKey *PK11_CreateSymKey(PK11SlotInfo *slot,
- CK_MECHANISM_TYPE type, void *wincx);
-void PK11_FreeSymKey(PK11SymKey *key);
-PK11SymKey *PK11_ReferenceSymKey(PK11SymKey *symKey);
-PK11SymKey *PK11_ImportSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,void *wincx);
-PK11SymKey *PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent,
- PK11Origin origin, CK_MECHANISM_TYPE type, CK_OBJECT_HANDLE keyID,
- PRBool owner, void *wincx);
-PK11SymKey *PK11_GetWrapKey(PK11SlotInfo *slot, int wrap,
- CK_MECHANISM_TYPE type,int series, void *wincx);
-void PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey);
-CK_MECHANISM_TYPE PK11_GetMechanism(PK11SymKey *symKey);
-CK_OBJECT_HANDLE PK11_ImportPublicKey(PK11SlotInfo *slot,
- SECKEYPublicKey *pubKey, PRBool isToken);
-PK11SymKey *PK11_KeyGen(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- SECItem *param, int keySize,void *wincx);
-
-/* Key Generation specialized for SDR (fixed DES3 key) */
-PK11SymKey *PK11_GenDES3TokenKey(PK11SlotInfo *slot, SECItem *keyid, void *cx);
-
-SECStatus PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
- PK11SymKey *symKey, SECItem *wrappedKey);
-SECStatus PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *params,
- PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey);
-PK11SymKey *PK11_Derive(PK11SymKey *baseKey, CK_MECHANISM_TYPE mechanism,
- SECItem *param, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize);
-PK11SymKey *PK11_DeriveWithFlags( PK11SymKey *baseKey,
- CK_MECHANISM_TYPE derive, SECItem *param, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize, CK_FLAGS flags);
-PK11SymKey *PK11_PubDerive( SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey, PRBool isSender, SECItem *randomA, SECItem *randomB,
- CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize,void *wincx) ;
-PK11SymKey *PK11_UnwrapSymKey(PK11SymKey *key,
- CK_MECHANISM_TYPE wraptype, SECItem *param, SECItem *wrapppedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize);
-PK11SymKey *PK11_UnwrapSymKeyWithFlags(PK11SymKey *wrappingKey,
- CK_MECHANISM_TYPE wrapType, SECItem *param, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize,
- CK_FLAGS flags);
-PK11SymKey *PK11_PubUnwrapSymKey(SECKEYPrivateKey *key, SECItem *wrapppedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize);
-PK11SymKey *PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- SECItem *keyID, void *wincx);
-SECStatus PK11_DeleteTokenPrivateKey(SECKEYPrivateKey *privKey);
-SECStatus PK11_DeleteTokenCertAndKey(CERTCertificate *cert,void *wincx);
-SECKEYPrivateKey * PK11_LoadPrivKey(PK11SlotInfo *slot,
- SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
- PRBool token, PRBool sensitive);
-
-/* size to hold key in bytes */
-unsigned int PK11_GetKeyLength(PK11SymKey *key);
-/* size of actual secret parts of key in bits */
-/* algid is because RC4 strength is determined by the effective bits as well
- * as the key bits */
-unsigned int PK11_GetKeyStrength(PK11SymKey *key,SECAlgorithmID *algid);
-SECStatus PK11_ExtractKeyValue(PK11SymKey *symKey);
-SECItem * PK11_GetKeyData(PK11SymKey *symKey);
-PK11SlotInfo * PK11_GetSlotFromKey(PK11SymKey *symKey);
-void *PK11_GetWindow(PK11SymKey *symKey);
-SECKEYPrivateKey *PK11_GenerateKeyPair(PK11SlotInfo *slot,
- CK_MECHANISM_TYPE type, void *param, SECKEYPublicKey **pubk,
- PRBool isPerm, PRBool isSensitive, void *wincx);
-SECKEYPrivateKey *PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
- PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx);
-SECKEYPrivateKey * PK11_FindPrivateKeyFromCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *wincx);
-SECKEYPrivateKey * PK11_FindKeyByAnyCert(CERTCertificate *cert, void *wincx);
-SECKEYPrivateKey * PK11_FindKeyByKeyID(PK11SlotInfo *slot, SECItem *keyID,
- void *wincx);
-CK_OBJECT_HANDLE PK11_FindObjectForCert(CERTCertificate *cert,
- void *wincx, PK11SlotInfo **pSlot);
-int PK11_GetPrivateModulusLen(SECKEYPrivateKey *key);
-SECStatus PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data,
- unsigned *outLen, unsigned int maxLen, unsigned char *enc, unsigned encLen);
-/* The encrypt version of the above function */
-SECStatus PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc,
- unsigned char *data, unsigned dataLen, void *wincx);
-SECStatus PK11_ImportPrivateKeyInfo(PK11SlotInfo *slot,
- SECKEYPrivateKeyInfo *pki, SECItem *nickname,
- SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
- unsigned int usage, void *wincx);
-SECStatus PK11_ImportDERPrivateKeyInfo(PK11SlotInfo *slot,
- SECItem *derPKI, SECItem *nickname,
- SECItem *publicValue, PRBool isPerm, PRBool isPrivate,
- unsigned int usage, void *wincx);
-SECStatus PK11_ImportEncryptedPrivateKeyInfo(PK11SlotInfo *slot,
- SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, KeyType type,
- unsigned int usage, void *wincx);
-SECKEYPrivateKeyInfo *PK11_ExportPrivateKeyInfo(
- CERTCertificate *cert, void *wincx);
-SECKEYEncryptedPrivateKeyInfo *PK11_ExportEncryptedPrivateKeyInfo(
- PK11SlotInfo *slot, SECOidTag algTag, SECItem *pwitem,
- CERTCertificate *cert, int iteration, void *wincx);
-SECKEYPrivateKey *PK11_FindKeyByDERCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *wincx);
-SECKEYPublicKey *PK11_MakeKEAPubKey(unsigned char *data, int length);
-SECStatus PK11_DigestKey(PK11Context *context, PK11SymKey *key);
-PRBool PK11_VerifyKeyOK(PK11SymKey *key);
-SECKEYPrivateKey *PK11_UnwrapPrivKey(PK11SlotInfo *slot,
- PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey, SECItem *label,
- SECItem *publicValue, PRBool token, PRBool sensitive,
- CK_KEY_TYPE keyType, CK_ATTRIBUTE_TYPE *usage, int usageCount,
- void *wincx);
-SECStatus PK11_WrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
- SECKEYPrivateKey *privKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey, void *wincx);
-PK11SymKey * pk11_CopyToSlot(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
-SECItem *PK11_GetKeyIDFromCert(CERTCertificate *cert, void *wincx);
-SECItem * PK11_GetKeyIDFromPrivateKey(SECKEYPrivateKey *key, void *wincx);
-SECItem* PK11_DEREncodePublicKey(SECKEYPublicKey *pubk);
-PK11SymKey* PK11_CopySymKeyForSigning(PK11SymKey *originalKey,
- CK_MECHANISM_TYPE mech);
-SECKEYPrivateKeyList* PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot);
-
-/**********************************************************************
- * Certs
- **********************************************************************/
-SECItem *PK11_MakeIDFromPubKey(SECItem *pubKeyData);
-CERTCertificate *PK11_GetCertFromPrivateKey(SECKEYPrivateKey *privKey);
-SECStatus PK11_TraverseSlotCerts(
- SECStatus(* callback)(CERTCertificate*,SECItem *,void *),
- void *arg, void *wincx);
-SECStatus PK11_TraversePrivateKeysInSlot( PK11SlotInfo *slot,
- SECStatus(* callback)(SECKEYPrivateKey*, void*), void *arg);
-CERTCertificate * PK11_FindCertFromNickname(char *nickname, void *wincx);
-CERTCertList * PK11_FindCertsFromNickname(char *nickname, void *wincx);
-SECKEYPrivateKey * PK11_FindPrivateKeyFromNickname(char *nickname, void *wincx);
-PK11SlotInfo *PK11_ImportCertForKey(CERTCertificate *cert, char *nickname,
- void *wincx);
-PK11SlotInfo *PK11_ImportDERCertForKey(SECItem *derCert, char *nickname,
- void *wincx);
-CK_OBJECT_HANDLE * PK11_FindObjectsFromNickname(char *nickname,
- PK11SlotInfo **slotptr, CK_OBJECT_CLASS objclass, int *returnCount,
- void *wincx);
-PK11SlotInfo *PK11_KeyForCertExists(CERTCertificate *cert,
- CK_OBJECT_HANDLE *keyPtr, void *wincx);
-PK11SlotInfo *PK11_KeyForDERCertExists(SECItem *derCert,
- CK_OBJECT_HANDLE *keyPtr, void *wincx);
-CK_OBJECT_HANDLE PK11_MatchItem(PK11SlotInfo *slot,CK_OBJECT_HANDLE peer,
- CK_OBJECT_CLASS o_class);
-CERTCertificate * PK11_FindCertByIssuerAndSN(PK11SlotInfo **slot,
- CERTIssuerAndSN *sn, void *wincx);
-CERTCertificate * PK11_FindCertAndKeyByRecipientList(PK11SlotInfo **slot,
- SEC_PKCS7RecipientInfo **array, SEC_PKCS7RecipientInfo **rip,
- SECKEYPrivateKey**privKey, void *wincx);
-int PK11_FindCertAndKeyByRecipientListNew(NSSCMSRecipient **recipientlist,
- void *wincx);
-CK_BBOOL PK11_HasAttributeSet( PK11SlotInfo *slot,
- CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type );
-CK_RV PK11_GetAttributes(PRArenaPool *arena,PK11SlotInfo *slot,
- CK_OBJECT_HANDLE obj,CK_ATTRIBUTE *attr, int count);
-int PK11_NumberCertsForCertSubject(CERTCertificate *cert);
-SECStatus PK11_TraverseCertsForSubject(CERTCertificate *cert,
- SECStatus(*callback)(CERTCertificate *, void *), void *arg);
-SECStatus PK11_TraverseCertsForSubjectInSlot(CERTCertificate *cert,
- PK11SlotInfo *slot, SECStatus(*callback)(CERTCertificate *, void *),
- void *arg);
-CERTCertificate *PK11_FindCertFromDERCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *wincx);
-CERTCertificate *PK11_FindCertFromDERSubjectAndNickname(
- PK11SlotInfo *slot,
- CERTCertificate *cert, char *nickname,
- void *wincx);
-SECStatus PK11_ImportCertForKeyToSlot(PK11SlotInfo *slot, CERTCertificate *cert,
- char *nickname, PRBool addUsage,
- void *wincx);
-CERTCertificate *PK11_FindBestKEAMatch(CERTCertificate *serverCert,void *wincx);
-SECStatus PK11_GetKEAMatchedCerts(PK11SlotInfo *slot1,
- PK11SlotInfo *slot2, CERTCertificate **cert1, CERTCertificate **cert2);
-PRBool PK11_FortezzaHasKEA(CERTCertificate *cert);
-CK_OBJECT_HANDLE PK11_FindCertInSlot(PK11SlotInfo *slot, CERTCertificate *cert,
- void *wincx);
-SECStatus PK11_TraverseCertsForNicknameInSlot(SECItem *nickname,
- PK11SlotInfo *slot, SECStatus(*callback)(CERTCertificate *, void *),
- void *arg);
-SECStatus PK11_TraverseCertsInSlot(PK11SlotInfo *slot,
- SECStatus(* callback)(CERTCertificate*, void *), void *arg);
-CERTCertList *
-PK11_ListCerts(PK11CertListType type, void *pwarg);
-CERTCertList *
-PK11_ListCertsInSlot(PK11SlotInfo *slot);
-
-
-/**********************************************************************
- * Sign/Verify
- **********************************************************************/
-int PK11_SignatureLen(SECKEYPrivateKey *key);
-PK11SlotInfo * PK11_GetSlotFromPrivateKey(SECKEYPrivateKey *key);
-SECStatus PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, SECItem *hash);
-SECStatus PK11_VerifyRecover(SECKEYPublicKey *key, SECItem *sig,
- SECItem *dsig, void * wincx);
-SECStatus PK11_Verify(SECKEYPublicKey *key, SECItem *sig,
- SECItem *hash, void *wincx);
-
-
-
-/**********************************************************************
- * Crypto Contexts
- **********************************************************************/
-void PK11_DestroyContext(PK11Context *context, PRBool freeit);
-PK11Context * PK11_CreateContextByRawKey(PK11SlotInfo *slot,
- CK_MECHANISM_TYPE type, PK11Origin origin, CK_ATTRIBUTE_TYPE operation,
- SECItem *key, SECItem *param, void *wincx);
-PK11Context *PK11_CreateContextBySymKey(CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey, SECItem *param);
-PK11Context *PK11_CreateDigestContext(SECOidTag hashAlg);
-PK11Context *PK11_CloneContext(PK11Context *old);
-SECStatus PK11_DigestBegin(PK11Context *cx);
-SECStatus PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, unsigned char *in,
- int32 len);
-SECStatus PK11_DigestOp(PK11Context *context, const unsigned char *in,
- unsigned len);
-SECStatus PK11_CipherOp(PK11Context *context, unsigned char * out, int *outlen,
- int maxout, unsigned char *in, int inlen);
-SECStatus PK11_Finalize(PK11Context *context);
-SECStatus PK11_DigestFinal(PK11Context *context, unsigned char *data,
- unsigned int *outLen, unsigned int length);
-PRBool PK11_HashOK(SECOidTag hashAlg);
-SECStatus PK11_SaveContext(PK11Context *cx,unsigned char *save,
- int *len, int saveLength);
-SECStatus PK11_RestoreContext(PK11Context *cx,unsigned char *save,int len);
-SECStatus PK11_GenerateFortezzaIV(PK11SymKey *symKey,unsigned char *iv,int len);
-SECStatus PK11_ReadSlotCerts(PK11SlotInfo *slot);
-void PK11_FreeSlotCerts(PK11SlotInfo *slot);
-void PK11_SetFortezzaHack(PK11SymKey *symKey) ;
-
-
-/**********************************************************************
- * PBE functions
- **********************************************************************/
-
-/* This function creates PBE parameters from the given inputs. The result
- * can be used to create a password integrity key for PKCS#12, by sending
- * the return value to PK11_KeyGen along with the appropriate mechanism.
- */
-SECItem *
-PK11_CreatePBEParams(SECItem *salt, SECItem *pwd, unsigned int iterations);
-
-/* free params created above (can be called after keygen is done */
-void PK11_DestroyPBEParams(SECItem *params);
-
-SECAlgorithmID *
-PK11_CreatePBEAlgorithmID(SECOidTag algorithm, int iteration, SECItem *salt);
-PK11SymKey *
-PK11_PBEKeyGen(PK11SlotInfo *slot, SECAlgorithmID *algid, SECItem *pwitem,
- PRBool faulty3DES, void *wincx);
-PK11SymKey *
-PK11_RawPBEKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *params,
- SECItem *pwitem, PRBool faulty3DES, void *wincx);
-SECItem *
-PK11_GetPBEIV(SECAlgorithmID *algid, SECItem *pwitem);
-
-/**********************************************************************
- * New fucntions which are already depricated....
- **********************************************************************/
-SECItem *
-PK11_GetLowLevelKeyIDForCert(PK11SlotInfo *slot,
- CERTCertificate *cert, void *pwarg);
-SECItem *
-PK11_GetLowLevelKeyIDForPrivateKey(SECKEYPrivateKey *key);
-
-SECItem *
-PK11_FindCrlByName(PK11SlotInfo **slot, CK_OBJECT_HANDLE *handle,
- SECItem *derName, int type);
-
-CK_OBJECT_HANDLE
-PK11_PutCrl(PK11SlotInfo *slot, SECItem *crl,
- SECItem *name, char *url, int type);
-
-SECItem *
-PK11_FindSMimeProfile(PK11SlotInfo **slotp, char *emailAddr, SECItem *derSubj,
- SECItem **profileTime);
-SECStatus
-PK11_SaveSMimeProfile(PK11SlotInfo *slot, char *emailAddr, SECItem *derSubj,
- SECItem *emailProfile, SECItem *profileTime);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11init.h b/security/nss/lib/pk11wrap/pk11init.h
deleted file mode 100644
index b5fa0b4ec..000000000
--- a/security/nss/lib/pk11wrap/pk11init.h
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal header file included in pk11wrap dir, or in softoken
- */
-#ifndef _PK11_INIT_H_
-#define _PK11_INIT_H_ 1
-
-/* hold slot default flags until we initialize a slot. This structure is only
- * useful between the time we define a module (either by hand or from the
- * database) and the time the module is loaded. Not reference counted */
-struct PK11PreSlotInfoStr {
- CK_SLOT_ID slotID; /* slot these flags are for */
- unsigned long defaultFlags; /* bit mask of default implementation this slot
- * provides */
- int askpw; /* slot specific password bits */
- long timeout; /* slot specific timeout value */
- char hasRootCerts; /* is this the root cert PKCS #11 module? */
- char hasRootTrust; /* is this the root cert PKCS #11 module? */
-};
-
-#define SECMOD_SLOT_FLAGS "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES]"
-
-#define SECMOD_MAKE_NSS_FLAGS(fips,slot) \
-"Flags=internal,critical"fips" slotparams=("#slot"={"SECMOD_SLOT_FLAGS"})"
-
-#define SECMOD_INT_NAME "NSS Internal PKCS #11 Module"
-#define SECMOD_INT_FLAGS SECMOD_MAKE_NSS_FLAGS("",1)
-#define SECMOD_FIPS_NAME "NSS Internal FIPS PKCS #11 Module"
-#define SECMOD_FIPS_FLAGS SECMOD_MAKE_NSS_FLAGS(",fips",3)
-
-
-#endif /* _PK11_INIT_H_ 1 */
diff --git a/security/nss/lib/pk11wrap/pk11kea.c b/security/nss/lib/pk11wrap/pk11kea.c
deleted file mode 100644
index b5b810d0b..000000000
--- a/security/nss/lib/pk11wrap/pk11kea.c
+++ /dev/null
@@ -1,231 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements the Symkey wrapper and the PKCS context
- * Interfaces.
- */
-
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "secasn1.h"
-#include "sechash.h"
-#include "cert.h"
-#include "secerr.h"
-
-/*
- * find an RSA public key on a card
- */
-static CK_OBJECT_HANDLE
-pk11_FindRSAPubKey(PK11SlotInfo *slot)
-{
- CK_KEY_TYPE key_type = CKK_RSA;
- CK_OBJECT_CLASS class_type = CKO_PUBLIC_KEY;
- CK_ATTRIBUTE theTemplate[2];
- int template_count = sizeof(theTemplate)/sizeof(theTemplate[0]);
- CK_ATTRIBUTE *attrs = theTemplate;
-
- PK11_SETATTRS(attrs,CKA_CLASS,&class_type,sizeof(class_type)); attrs++;
- PK11_SETATTRS(attrs,CKA_KEY_TYPE,&key_type,sizeof(key_type)); attrs++;
- template_count = attrs - theTemplate;
- PR_ASSERT(template_count <= sizeof(theTemplate)/sizeof(CK_ATTRIBUTE));
-
- return pk11_FindObjectByTemplate(slot,theTemplate,template_count);
-}
-
-SECKEYPublicKey *PK11_ExtractPublicKey(PK11SlotInfo *slot, KeyType keyType,
- CK_OBJECT_HANDLE id);
-
-PK11SymKey *
-pk11_KeyExchange(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey)
-{
- PK11SymKey *newSymKey = NULL;
- SECStatus rv;
- /* performance improvement can go here --- use a generated key to as a
- * per startup wrapping key. If it exists, use it, otherwise do a full
- * key exchange. */
-
- /* find a common Key Exchange algorithm */
- /* RSA */
- if (PK11_DoesMechanism(symKey->slot, CKM_RSA_PKCS) &&
- PK11_DoesMechanism(slot,CKM_RSA_PKCS)) {
- CK_OBJECT_HANDLE pubKeyHandle = CK_INVALID_HANDLE;
- CK_OBJECT_HANDLE privKeyHandle = CK_INVALID_HANDLE;
- SECKEYPublicKey *pubKey = NULL;
- SECKEYPrivateKey *privKey = NULL;
- SECItem wrapData;
-
- wrapData.data = NULL;
-
- /* find RSA Public Key on target */
- pubKeyHandle = pk11_FindRSAPubKey(slot);
- if (pubKeyHandle != CK_INVALID_HANDLE) {
- privKeyHandle = PK11_MatchItem(slot,pubKeyHandle,CKO_PRIVATE_KEY);
- }
-
- /* if no key exists, generate a key pair */
- if (privKeyHandle == CK_INVALID_HANDLE) {
- unsigned int symKeyLength = PK11_GetKeyLength(symKey);
- PK11RSAGenParams rsaParams;
-
- if (symKeyLength > 60) /* bytes */ {
- /* we'd have to generate an RSA key pair > 512 bits long,
- ** and that's too costly. Don't even try.
- */
- PORT_SetError( SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY );
- goto rsa_failed;
- }
- rsaParams.keySizeInBits =
- (symKeyLength > 28 || symKeyLength == 0) ? 512 : 256;
- rsaParams.pe = 0x10001;
- privKey = PK11_GenerateKeyPair(slot,CKM_RSA_PKCS_KEY_PAIR_GEN,
- &rsaParams, &pubKey,PR_FALSE,PR_TRUE,symKey->cx);
- } else {
- /* if keys exist, build SECKEY data structures for them */
- privKey = PK11_MakePrivKey(slot,nullKey, PR_TRUE, privKeyHandle,
- symKey->cx);
- if (privKey != NULL) {
- pubKey = PK11_ExtractPublicKey(slot, rsaKey, pubKeyHandle);
- if (pubKey && pubKey->pkcs11Slot) {
- PK11_FreeSlot(pubKey->pkcs11Slot);
- pubKey->pkcs11Slot = NULL;
- pubKey->pkcs11ID = CK_INVALID_HANDLE;
- }
- }
- }
- if (privKey == NULL) goto rsa_failed;
- if (pubKey == NULL) goto rsa_failed;
-
- wrapData.len = SECKEY_PublicKeyStrength(pubKey);
- if (!wrapData.len) goto rsa_failed;
- wrapData.data = PORT_Alloc(wrapData.len);
- if (wrapData.data == NULL) goto rsa_failed;
-
- /* now wrap the keys in and out */
- rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, pubKey, symKey, &wrapData);
- if (rv == SECSuccess) {
- newSymKey = PK11_PubUnwrapSymKey(privKey,&wrapData,type,operation,
- symKey->size);
- }
-rsa_failed:
- if (wrapData.data != NULL) PORT_Free(wrapData.data);
- if (privKey != NULL) SECKEY_DestroyPrivateKey(privKey);
- if (pubKey != NULL) SECKEY_DestroyPublicKey(pubKey);
-
- return newSymKey;
- }
- /* KEA */
- if (PK11_DoesMechanism(symKey->slot, CKM_KEA_KEY_DERIVE) &&
- PK11_DoesMechanism(slot,CKM_KEA_KEY_DERIVE)) {
- CERTCertificate *certSource = NULL;
- CERTCertificate *certTarget = NULL;
- SECKEYPublicKey *pubKeySource = NULL;
- SECKEYPublicKey *pubKeyTarget = NULL;
- SECKEYPrivateKey *privKeySource = NULL;
- SECKEYPrivateKey *privKeyTarget = NULL;
- PK11SymKey *tekSource = NULL;
- PK11SymKey *tekTarget = NULL;
- SECItem Ra,wrap;
-
- /* can only exchange skipjack keys */
- if (type != CKM_SKIPJACK_CBC64) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- goto kea_failed;
- }
-
- /* find a pair of certs we can use */
- rv = PK11_GetKEAMatchedCerts(symKey->slot,slot,&certSource,&certTarget);
- if (rv != SECSuccess) goto kea_failed;
-
- /* get all the key pairs */
- pubKeyTarget = CERT_ExtractPublicKey(certSource);
- pubKeySource = CERT_ExtractPublicKey(certTarget);
- privKeySource =
- PK11_FindKeyByDERCert(symKey->slot,certSource,symKey->cx);
- privKeyTarget =
- PK11_FindKeyByDERCert(slot,certTarget,symKey->cx);
-
- if ((pubKeySource == NULL) || (pubKeyTarget == NULL) ||
- (privKeySource == NULL) || (privKeyTarget == NULL)) goto kea_failed;
-
- /* generate the wrapping TEK's */
- Ra.data = (unsigned char*)PORT_Alloc(128 /* FORTEZZA RA MAGIC */);
- Ra.len = 128;
- if (Ra.data == NULL) goto kea_failed;
-
- tekSource = PK11_PubDerive(privKeySource,pubKeyTarget,PR_TRUE,&Ra,NULL,
- CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
- tekTarget = PK11_PubDerive(privKeyTarget,pubKeySource,PR_FALSE,&Ra,NULL,
- CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
- PORT_Free(Ra.data);
-
- if ((tekSource == NULL) || (tekTarget == NULL)) { goto kea_failed; }
-
- /* wrap the key out of Source into target */
- wrap.data = (unsigned char*)PORT_Alloc(12); /* MAGIC SKIPJACK LEN */
- wrap.len = 12;
-
- /* paranoia to prevent infinite recursion on bugs */
- PORT_Assert(tekSource->slot == symKey->slot);
- if (tekSource->slot != symKey->slot) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- goto kea_failed;
- }
-
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP,NULL,tekSource,symKey,&wrap);
- if (rv == SECSuccess) {
- newSymKey = PK11_UnwrapSymKey(tekTarget, CKM_SKIPJACK_WRAP, NULL,
- &wrap, type, operation, symKey->size);
- }
- PORT_Free(wrap.data);
-kea_failed:
- if (certSource == NULL) CERT_DestroyCertificate(certSource);
- if (certTarget == NULL) CERT_DestroyCertificate(certTarget);
- if (pubKeySource == NULL) SECKEY_DestroyPublicKey(pubKeySource);
- if (pubKeyTarget == NULL) SECKEY_DestroyPublicKey(pubKeyTarget);
- if (privKeySource == NULL) SECKEY_DestroyPrivateKey(privKeySource);
- if (privKeyTarget == NULL) SECKEY_DestroyPrivateKey(privKeyTarget);
- if (tekSource == NULL) PK11_FreeSymKey(tekSource);
- if (tekTarget == NULL) PK11_FreeSymKey(tekTarget);
- return newSymKey;
- }
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11list.c b/security/nss/lib/pk11wrap/pk11list.c
deleted file mode 100644
index 67bef9573..000000000
--- a/security/nss/lib/pk11wrap/pk11list.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Locking and queue management primatives
- *
- */
-
-#include "seccomon.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "prlong.h"
-
-#define ISREADING 1
-#define ISWRITING 2
-#define WANTWRITE 4
-#define ISLOCKED 3
-
-/*
- * create a new lock for a Module List
- */
-SECMODListLock *SECMOD_NewListLock() {
- SECMODListLock *modLock;
-
- modLock = (SECMODListLock*)PORT_Alloc(sizeof(SECMODListLock));
-#ifdef PKCS11_USE_THREADS
- modLock->mutex = NULL;
- modLock->monitor = PZ_NewMonitor(nssILockList);
-#else
- modLock->mutex = NULL;
- modLock->monitor = NULL;
-#endif
- modLock->state = 0;
- modLock->count = 0;
- return modLock;
-}
-
-/*
- * destroy the lock
- */
-void SECMOD_DestroyListLock(SECMODListLock *lock) {
- PK11_USE_THREADS(PZ_DestroyMonitor(lock->monitor);)
- PORT_Free(lock);
-}
-
-
-/*
- * Lock the List for Read: NOTE: this assumes the reading isn't so common
- * the writing will be starved.
- */
-void SECMOD_GetReadLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
- if (modLock == NULL) return;
- PZ_EnterMonitor(modLock->monitor);
- while (modLock->state & ISWRITING) {
- PZ_Wait(modLock->monitor,PR_INTERVAL_NO_TIMEOUT); /* wait until woken up */
- }
- modLock->state |= ISREADING;
- modLock->count++;
- PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-/*
- * Release the Read lock
- */
-void SECMOD_ReleaseReadLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
- if (modLock == NULL) return;
- PZ_EnterMonitor(modLock->monitor);
- modLock->count--;
- if (modLock->count == 0) {
- modLock->state &= ~ISREADING;
- if (modLock->state & WANTWRITE) {
- PZ_Notify(modLock->monitor); /* only one writer at a time */
- }
- }
- PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-
-/*
- * lock the list for Write
- */
-void SECMOD_GetWriteLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
- if (modLock == NULL) return;
- PZ_EnterMonitor(modLock->monitor);
- while (modLock->state & ISLOCKED) {
- modLock->state |= WANTWRITE;
- PZ_Wait(modLock->monitor,PR_INTERVAL_NO_TIMEOUT); /* wait until woken up */
- }
- modLock->state = ISWRITING;
- PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-
-/*
- * Release the Write Lock: NOTE, this code is pretty inefficient if you have
- * lots of write collisions.
- */
-void SECMOD_ReleaseWriteLock(SECMODListLock *modLock) {
-#ifdef PKCS11_USE_THREADS
- if (modLock == NULL) return;
- PZ_EnterMonitor(modLock->monitor);
- modLock->state = 0;
- PR_NotifyAll(modLock->monitor); /* enable all the readers */
- PZ_ExitMonitor(modLock->monitor);
-#endif
-}
-
-
-/*
- * must Hold the Write lock
- */
-void
-SECMOD_RemoveList(SECMODModuleList **parent, SECMODModuleList *child) {
- *parent = child->next;
- child->next = NULL;
-}
-
-/*
- * if lock is not specified, it must already be held
- */
-void
-SECMOD_AddList(SECMODModuleList *parent, SECMODModuleList *child,
- SECMODListLock *lock) {
- if (lock) { SECMOD_GetWriteLock(lock); }
-
- child->next = parent->next;
- parent->next = child;
-
- if (lock) { SECMOD_ReleaseWriteLock(lock); }
-}
-
-
diff --git a/security/nss/lib/pk11wrap/pk11load.c b/security/nss/lib/pk11wrap/pk11load.c
deleted file mode 100644
index 1711bd3a3..000000000
--- a/security/nss/lib/pk11wrap/pk11load.c
+++ /dev/null
@@ -1,304 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-#include "seccomon.h"
-#include "pkcs11.h"
-#include "secmod.h"
-#include "prlink.h"
-#include "pk11func.h"
-#include "secmodi.h"
-#include "nssilock.h"
-
-extern void FC_GetFunctionList(void);
-extern void NSC_GetFunctionList(void);
-extern void NSC_ModuleDBFunc(void);
-
-
-/* build the PKCS #11 2.01 lock files */
-CK_RV PR_CALLBACK secmodCreateMutext(CK_VOID_PTR_PTR pmutex) {
- *pmutex = (CK_VOID_PTR) PZ_NewLock(nssILockOther);
- if ( *pmutex ) return CKR_OK;
- return CKR_HOST_MEMORY;
-}
-
-CK_RV PR_CALLBACK secmodDestroyMutext(CK_VOID_PTR mutext) {
- PZ_DestroyLock((PZLock *)mutext);
- return CKR_OK;
-}
-
-CK_RV PR_CALLBACK secmodLockMutext(CK_VOID_PTR mutext) {
- PZ_Lock((PZLock *)mutext);
- return CKR_OK;
-}
-
-CK_RV PR_CALLBACK secmodUnlockMutext(CK_VOID_PTR mutext) {
- PZ_Unlock((PZLock *)mutext);
- return CKR_OK;
-}
-
-static SECMODModuleID nextModuleID = 1;
-static CK_C_INITIALIZE_ARGS secmodLockFunctions = {
- secmodCreateMutext, secmodDestroyMutext, secmodLockMutext,
- secmodUnlockMutext, CKF_LIBRARY_CANT_CREATE_OS_THREADS|
- CKF_OS_LOCKING_OK
- ,NULL
-};
-
-/*
- * set the hasRootCerts flags in the module so it can be stored back
- * into the database.
- */
-void
-SECMOD_SetRootCerts(PK11SlotInfo *slot, SECMODModule *mod) {
- PK11PreSlotInfo *psi = NULL;
- int i;
-
- if (slot->hasRootCerts) {
- for (i=0; i < mod->slotInfoCount; i++) {
- if (slot->slotID == mod->slotInfo[i].slotID) {
- psi = &mod->slotInfo[i];
- break;
- }
- }
- if (psi == NULL) {
- /* allocate more slots */
- PK11PreSlotInfo *psi_list = (PK11PreSlotInfo *)
- PORT_ArenaAlloc(mod->arena,
- (mod->slotInfoCount+1)* sizeof(PK11PreSlotInfo));
- /* copy the old ones */
- if (mod->slotInfoCount > 0) {
- PORT_Memcpy(psi_list,mod->slotInfo,
- (mod->slotInfoCount)*sizeof(PK11PreSlotInfo));
- }
- /* assign psi to the last new slot */
- psi = &psi_list[mod->slotInfoCount];
- psi->slotID = slot->slotID;
- psi->askpw = 0;
- psi->timeout = 0;
- psi ->defaultFlags = 0;
-
- /* increment module count & store new list */
- mod->slotInfo = psi_list;
- mod->slotInfoCount++;
-
- }
- psi->hasRootCerts = 1;
- }
-}
-
-/*
- * load a new module into our address space and initialize it.
- */
-SECStatus
-SECMOD_LoadPKCS11Module(SECMODModule *mod) {
- PRLibrary *library = NULL;
- CK_C_GetFunctionList entry = NULL;
- char * full_name;
- CK_INFO info;
- CK_ULONG slotCount = 0;
-
-
- if (mod->loaded) return SECSuccess;
-
- /* intenal modules get loaded from their internal list */
- if (mod->internal) {
- /* internal, statically get the C_GetFunctionList function */
- if (mod->isFIPS) {
- entry = (CK_C_GetFunctionList) FC_GetFunctionList;
- } else {
- entry = (CK_C_GetFunctionList) NSC_GetFunctionList;
- }
- if (mod->isModuleDB) {
- mod->moduleDBFunc = (void *) NSC_ModuleDBFunc;
- }
- if (mod->moduleDBOnly) {
- mod->loaded = PR_TRUE;
- return SECSuccess;
- }
- } else {
- /* Not internal, load the DLL and look up C_GetFunctionList */
- if (mod->dllName == NULL) {
- return SECFailure;
- }
-
-#ifdef notdef
- /* look up the library name */
- full_name = PR_GetLibraryName(PR_GetLibraryPath(),mod->dllName);
- if (full_name == NULL) {
- return SECFailure;
- }
-#else
- full_name = PORT_Strdup(mod->dllName);
-#endif
-
- /* load the library. If this succeeds, then we have to remember to
- * unload the library if anything goes wrong from here on out...
- */
- library = PR_LoadLibrary(full_name);
- mod->library = (void *)library;
- PORT_Free(full_name);
- if (library == NULL) {
- return SECFailure;
- }
-
- /*
- * now we need to get the entry point to find the function pointers
- */
- if (!mod->moduleDBOnly) {
- entry = (CK_C_GetFunctionList)
- PR_FindSymbol(library, "C_GetFunctionList");
- }
- if (mod->isModuleDB) {
- mod->moduleDBFunc = (void *)
- PR_FindSymbol(library, "NSS_ReturnModuleSpecData");
- }
- if (mod->moduleDBFunc == NULL) mod->isModuleDB = PR_FALSE;
- if (entry == NULL) {
- if (mod->isModuleDB) {
- mod->loaded = PR_TRUE;
- mod->moduleDBOnly = PR_TRUE;
- return SECSuccess;
- }
- PR_UnloadLibrary(library);
- return SECFailure;
- }
- }
-
- /*
- * We need to get the function list
- */
- if ((*entry)((CK_FUNCTION_LIST_PTR *)&mod->functionList) != CKR_OK)
- goto fail;
-
- mod->isThreadSafe = PR_TRUE;
- /* Now we initialize the module */
- if (mod->libraryParams) {
- secmodLockFunctions.LibraryParameters = (void *) mod->libraryParams;
- } else {
- secmodLockFunctions.LibraryParameters = NULL;
- }
- if (PK11_GETTAB(mod)->C_Initialize(&secmodLockFunctions) != CKR_OK) {
- mod->isThreadSafe = PR_FALSE;
- if (PK11_GETTAB(mod)->C_Initialize(NULL) != CKR_OK) goto fail;
- }
-
- /* check the version number */
- if (PK11_GETTAB(mod)->C_GetInfo(&info) != CKR_OK) goto fail2;
- if (info.cryptokiVersion.major != 2) goto fail2;
- /* all 2.0 are a priori *not* thread safe */
- if (info.cryptokiVersion.minor < 1) mod->isThreadSafe = PR_FALSE;
-
-
- /* If we don't have a common name, get it from the PKCS 11 module */
- if ((mod->commonName == NULL) || (mod->commonName[0] == 0)) {
- mod->commonName = PK11_MakeString(mod->arena,NULL,
- (char *)info.libraryDescription, sizeof(info.libraryDescription));
- if (mod->commonName == NULL) goto fail2;
- }
-
-
- /* initialize the Slots */
- if (PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, NULL, &slotCount) == CKR_OK) {
- CK_SLOT_ID *slotIDs;
- int i;
- CK_RV rv;
-
- mod->slots = (PK11SlotInfo **)PORT_ArenaAlloc(mod->arena,
- sizeof(PK11SlotInfo *) * slotCount);
- if (mod->slots == NULL) goto fail2;
-
- slotIDs = (CK_SLOT_ID *) PORT_Alloc(sizeof(CK_SLOT_ID)*slotCount);
- if (slotIDs == NULL) {
- goto fail2;
- }
- rv = PK11_GETTAB(mod)->C_GetSlotList(CK_FALSE, slotIDs, &slotCount);
- if (rv != CKR_OK) {
- PORT_Free(slotIDs);
- goto fail2;
- }
-
- /* Initialize each slot */
- for (i=0; i < (int)slotCount; i++) {
- mod->slots[i] = PK11_NewSlotInfo();
- PK11_InitSlot(mod,slotIDs[i],mod->slots[i]);
- /* look down the slot info table */
- PK11_LoadSlotList(mod->slots[i],mod->slotInfo,mod->slotInfoCount);
- SECMOD_SetRootCerts(mod->slots[i],mod);
- }
- mod->slotCount = slotCount;
- mod->slotInfoCount = 0;
- PORT_Free(slotIDs);
- }
-
- mod->loaded = PR_TRUE;
- mod->moduleID = nextModuleID++;
- return SECSuccess;
-fail2:
- PK11_GETTAB(mod)->C_Finalize(NULL);
-fail:
- mod->functionList = NULL;
- if (library) PR_UnloadLibrary(library);
- return SECFailure;
-}
-
-SECStatus
-SECMOD_UnloadModule(SECMODModule *mod) {
- PRLibrary *library;
-
- if (!mod->loaded) {
- return SECFailure;
- }
-
- if (!mod->moduleDBOnly) PK11_GETTAB(mod)->C_Finalize(NULL);
- mod->moduleID = 0;
- mod->loaded = PR_FALSE;
-
- /* do we want the semantics to allow unloading the internal library?
- * if not, we should change this to SECFailure and move it above the
- * mod->loaded = PR_FALSE; */
- if (mod->internal) {
- return SECSuccess;
- }
-
- library = (PRLibrary *)mod->library;
- /* paranoia */
- if (library == NULL) {
- return SECFailure;
- }
-
- PR_UnloadLibrary(library);
- return SECSuccess;
-}
diff --git a/security/nss/lib/pk11wrap/pk11pars.c b/security/nss/lib/pk11wrap/pk11pars.c
deleted file mode 100644
index db07a0af1..000000000
--- a/security/nss/lib/pk11wrap/pk11pars.c
+++ /dev/null
@@ -1,349 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-
-#include <ctype.h>
-#include "pkcs11.h"
-#include "seccomon.h"
-#include "secmod.h"
-#include "secmodi.h"
-
-#include "pk11pars.h"
-
-/* create a new module */
-static SECMODModule *
-secmod_NewModule(void)
-{
- SECMODModule *newMod;
- PRArenaPool *arena;
-
-
- /* create an arena in which dllName and commonName can be
- * allocated.
- */
- arena = PORT_NewArena(512);
- if (arena == NULL) {
- return NULL;
- }
-
- newMod = (SECMODModule *)PORT_ArenaAlloc(arena,sizeof (SECMODModule));
- if (newMod == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
-
- /*
- * initialize of the fields of the module
- */
- newMod->arena = arena;
- newMod->internal = PR_FALSE;
- newMod->loaded = PR_FALSE;
- newMod->isFIPS = PR_FALSE;
- newMod->dllName = NULL;
- newMod->commonName = NULL;
- newMod->library = NULL;
- newMod->functionList = NULL;
- newMod->slotCount = 0;
- newMod->slots = NULL;
- newMod->slotInfo = NULL;
- newMod->slotInfoCount = 0;
- newMod->refCount = 1;
- newMod->ssl[0] = 0;
- newMod->ssl[1] = 0;
- newMod->libraryParams = NULL;
- newMod->moduleDBFunc = NULL;
- newMod->parent = NULL;
- newMod->isCritical = PR_FALSE;
- newMod->isModuleDB = PR_FALSE;
- newMod->moduleDBOnly = PR_FALSE;
- newMod->trustOrder = 0;
- newMod->cipherOrder = 0;
-#ifdef PKCS11_USE_THREADS
- newMod->refLock = (void *)PZ_NewLock(nssILockRefLock);
- if (newMod->refLock == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
-#else
- newMod->refLock = NULL;
-#endif
- return newMod;
-
-}
-
-/*
- * for 3.4 we continue to use the old SECMODModule structure
- */
-SECMODModule *
-SECMOD_CreateModule(char *library, char *moduleName, char *parameters, char *nss)
-{
- SECMODModule *mod = secmod_NewModule();
- char *slotParams,*ciphers;
- if (mod == NULL) return NULL;
-
- mod->commonName = PORT_ArenaStrdup(mod->arena,moduleName ? moduleName : "");
- if (library) {
- mod->dllName = PORT_ArenaStrdup(mod->arena,library);
- }
- /* new field */
- if (parameters) {
- mod->libraryParams = PORT_ArenaStrdup(mod->arena,parameters);
- }
- mod->internal = pk11_argHasFlag("flags","internal",nss);
- mod->isFIPS = pk11_argHasFlag("flags","FIPS",nss);
- mod->isCritical = pk11_argHasFlag("flags","critical",nss);
- slotParams = pk11_argGetParamValue("slotParams",nss);
- mod->slotInfo = pk11_argParseSlotInfo(mod->arena,slotParams,
- &mod->slotInfoCount);
- if (slotParams) PORT_Free(slotParams);
- /* new field */
- mod->trustOrder = pk11_argReadLong("trustOrder",nss);
- /* new field */
- mod->cipherOrder = pk11_argReadLong("cipherOrder",nss);
- /* new field */
- mod->isModuleDB = pk11_argHasFlag("flags","moduleDB",nss);
- mod->moduleDBOnly = pk11_argHasFlag("flags","moduleDBOnly",nss);
- if (mod->moduleDBOnly) mod->isModuleDB = PR_TRUE;
-
- ciphers = pk11_argGetParamValue("ciphers",nss);
- pk11_argSetNewCipherFlags(&mod->ssl[0],ciphers);
- if (ciphers) PORT_Free(ciphers);
-
- return mod;
-}
-
-static char *
-pk11_mkModuleSpec(SECMODModule * module)
-{
- char *nss = NULL, *modSpec = NULL, **slotStrings = NULL;
- int slotCount, i, si;
-
- /* allocate target slot info strings */
- slotCount = 0;
- if (module->slotCount) {
- for (i=0; i < module->slotCount; i++) {
- if (module->slots[i]->defaultFlags !=0) {
- slotCount++;
- }
- }
- } else {
- slotCount = module->slotInfoCount;
- }
-
- slotStrings = (char **)PORT_ZAlloc(slotCount*sizeof(char *));
- if (slotStrings == NULL) {
- goto loser;
- }
-
-
- /* build the slot info strings */
- if (module->slotCount) {
- for (i=0, si= 0; i < module->slotCount; i++) {
- if (module->slots[i]->defaultFlags) {
- PORT_Assert(si < slotCount);
- if (si >= slotCount) break;
- slotStrings[si] = pk11_mkSlotString(module->slots[i]->slotID,
- module->slots[i]->defaultFlags,
- module->slots[i]->timeout,
- module->slots[i]->askpw,
- module->slots[i]->hasRootCerts,
- module->slots[i]->hasRootTrust);
- si++;
- }
- }
- } else {
- for (i=0; i < slotCount; i++) {
- slotStrings[i] = pk11_mkSlotString(module->slotInfo[i].slotID,
- module->slotInfo[i].defaultFlags,
- module->slotInfo[i].timeout,
- module->slotInfo[i].askpw,
- module->slotInfo[i].hasRootCerts,
- module->slotInfo[i].hasRootTrust);
- }
- }
-
- nss = pk11_mkNSS(slotStrings,slotCount,module->internal, module->isFIPS,
- module->isModuleDB, module->moduleDBOnly, module->isCritical,
- module->trustOrder,module->cipherOrder,module->ssl[0],module->ssl[1]);
- modSpec= pk11_mkNewModuleSpec(module->dllName,module->commonName,
- module->libraryParams,nss);
- PORT_Free(slotStrings);
- PR_smprintf_free(nss);
-loser:
- return (modSpec);
-}
-
-
-char **
-SECMOD_GetModuleSpecList(SECMODModule *module)
-{
- SECMODModuleDBFunc func = (SECMODModuleDBFunc) module->moduleDBFunc;
- if (func) {
- return (*func)(SECMOD_MODULE_DB_FUNCTION_FIND,
- module->libraryParams,NULL);
- }
- return NULL;
-}
-
-SECStatus
-SECMOD_AddPermDB(SECMODModule *module)
-{
- SECMODModuleDBFunc func;
- char *moduleSpec;
- char **retString;
-
- if (module->parent == NULL) return SECFailure;
-
- func = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
- if (func) {
- moduleSpec = pk11_mkModuleSpec(module);
- retString = (*func)(SECMOD_MODULE_DB_FUNCTION_ADD,
- module->parent->libraryParams,moduleSpec);
- PORT_Free(moduleSpec);
- if (retString != NULL) return SECSuccess;
- }
- return SECFailure;
-}
-
-SECStatus
-SECMOD_DeletePermDB(SECMODModule *module)
-{
- SECMODModuleDBFunc func;
- char *moduleSpec;
- char **retString;
-
- if (module->parent == NULL) return SECFailure;
-
- func = (SECMODModuleDBFunc) module->parent->moduleDBFunc;
- if (func) {
- moduleSpec = pk11_mkModuleSpec(module);
- retString = (*func)(SECMOD_MODULE_DB_FUNCTION_DEL,
- module->parent->libraryParams,moduleSpec);
- PORT_Free(moduleSpec);
- if (retString != NULL) return SECSuccess;
- }
- return SECFailure;
-}
-
-SECStatus
-SECMOD_FreeModuleSpecList(SECMODModule *parent, char **moduleSpecList)
-{
- char ** index;
-
- for(index = moduleSpecList; *index; index++) {
- PORT_Free(*index);
- }
- PORT_Free(moduleSpecList);
- return SECSuccess;
-}
-
-SECMODModule *
-SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse)
-{
- char *library = NULL, *moduleName = NULL, *parameters = NULL, *nss= NULL;
- SECStatus status;
- SECMODModule *module = NULL;
- SECStatus rv;
-
- /* initialize the underlying module structures */
- SECMOD_Init();
-
- status = pk11_argParseModuleSpec(modulespec, &library, &moduleName,
- &parameters, &nss);
- if (status != SECSuccess) {
- goto loser;
- }
-
- module = SECMOD_CreateModule(library, moduleName, parameters, nss);
- if (library) PORT_Free(library);
- if (moduleName) PORT_Free(moduleName);
- if (parameters) PORT_Free(parameters);
- if (nss) PORT_Free(nss);
-
- /* load it */
- rv = SECMOD_LoadPKCS11Module(module);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- if (recurse && module->isModuleDB) {
- char ** moduleSpecList;
- char **index;
-
- moduleSpecList = SECMOD_GetModuleSpecList(module);
-
- for (index = moduleSpecList; index && *index; index++) {
- SECMODModule *child;
- child = SECMOD_LoadModule(*index,module,PR_TRUE);
- if (!child) break;
- if (child->isCritical && !child->loaded) {
- rv = SECFailure;
- SECMOD_DestroyModule(child);
- break;
- }
- SECMOD_DestroyModule(child);
- }
-
- SECMOD_FreeModuleSpecList(module,moduleSpecList);
- }
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- if (parent) {
- module->parent = SECMOD_ReferenceModule(parent);
- }
-
- /* inherit the reference */
- if (!module->moduleDBOnly) {
- SECMOD_AddModuleToList(module);
- } else {
- SECMOD_AddModuleToDBOnlyList(module);
- }
-
- /* handle any additional work here */
- return module;
-
-loser:
- if (module) {
- if (module->loaded) {
- SECMOD_UnloadModule(module);
- }
- SECMOD_AddModuleToUnloadList(module);
- }
- return module;
-}
diff --git a/security/nss/lib/pk11wrap/pk11pbe.c b/security/nss/lib/pk11wrap/pk11pbe.c
deleted file mode 100644
index 82fdbdda7..000000000
--- a/security/nss/lib/pk11wrap/pk11pbe.c
+++ /dev/null
@@ -1,680 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "secport.h"
-#include "hasht.h"
-#include "pkcs11t.h"
-#include "sechash.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "secoid.h"
-#include "alghmac.h"
-#include "secerr.h"
-#include "secmod.h"
-#include "pk11func.h"
-#include "secpkcs5.h"
-
-typedef struct SEC_PKCS5PBEParameterStr SEC_PKCS5PBEParameter;
-struct SEC_PKCS5PBEParameterStr {
- PRArenaPool *poolp;
- SECItem salt; /* octet string */
- SECItem iteration; /* integer */
-};
-
-
-/* template for PKCS 5 PBE Parameter. This template has been expanded
- * based upon the additions in PKCS 12. This should eventually be moved
- * if RSA updates PKCS 5.
- */
-const SEC_ASN1Template SEC_PKCS5PBEParameterTemplate[] =
-{
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS5PBEParameter) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS5PBEParameter, salt) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS5PBEParameter, iteration) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_V2PKCS12PBEParameterTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS5PBEParameter) },
- { SEC_ASN1_OCTET_STRING, offsetof(SEC_PKCS5PBEParameter, salt) },
- { SEC_ASN1_INTEGER, offsetof(SEC_PKCS5PBEParameter, iteration) },
- { 0 }
-};
-
-/* maps crypto algorithm from PBE algorithm.
- */
-SECOidTag
-SEC_PKCS5GetCryptoAlgorithm(SECAlgorithmID *algid)
-{
-
- SECOidTag algorithm;
-
- if(algid == NULL)
- return SEC_OID_UNKNOWN;
-
- algorithm = SECOID_GetAlgorithmTag(algid);
- switch(algorithm)
- {
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
- return SEC_OID_DES_EDE3_CBC;
- case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
- case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
- case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
- return SEC_OID_DES_CBC;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- return SEC_OID_RC2_CBC;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
- return SEC_OID_RC4;
- default:
- break;
- }
-
- return SEC_OID_UNKNOWN;
-}
-
-/* check to see if an oid is a pbe algorithm
- */
-PRBool
-SEC_PKCS5IsAlgorithmPBEAlg(SECAlgorithmID *algid)
-{
- return (PRBool)(SEC_PKCS5GetCryptoAlgorithm(algid) != SEC_OID_UNKNOWN);
-}
-
-/* maps PBE algorithm from crypto algorithm, assumes SHA1 hashing.
- */
-SECOidTag
-SEC_PKCS5GetPBEAlgorithm(SECOidTag algTag, int keyLen)
-{
- switch(algTag)
- {
- case SEC_OID_DES_EDE3_CBC:
- switch(keyLen) {
- case 168:
- case 192:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC;
- case 128:
- case 92:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC;
- default:
- break;
- }
- break;
- case SEC_OID_DES_CBC:
- return SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC;
- case SEC_OID_RC2_CBC:
- switch(keyLen) {
- case 40:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
- case 128:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC;
- default:
- break;
- }
- break;
- case SEC_OID_RC4:
- switch(keyLen) {
- case 40:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4;
- case 128:
- return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4;
- default:
- break;
- }
- break;
- default:
- break;
- }
-
- return SEC_OID_UNKNOWN;
-}
-
-
-/* get the key length needed for the PBE algorithm
- */
-
-int
-SEC_PKCS5GetKeyLength(SECAlgorithmID *algid)
-{
-
- SECOidTag algorithm;
-
- if(algid == NULL)
- return SEC_OID_UNKNOWN;
-
- algorithm = SECOID_GetAlgorithmTag(algid);
-
- switch(algorithm)
- {
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
- return 24;
- case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
- case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
- case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
- return 8;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- return 5;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
- return 16;
- default:
- break;
- }
- return -1;
-}
-
-
-/* the V2 algorithms only encode the salt, there is no iteration
- * count so we need a check for V2 algorithm parameters.
- */
-static PRBool
-sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(SECOidTag algorithm)
-{
- switch(algorithm)
- {
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- return PR_TRUE;
- default:
- break;
- }
-
- return PR_FALSE;
-}
-/* destroy a pbe parameter. it assumes that the parameter was
- * generated using the appropriate create function and therefor
- * contains an arena pool.
- */
-static void
-sec_pkcs5_destroy_pbe_param(SEC_PKCS5PBEParameter *pbe_param)
-{
- if(pbe_param != NULL)
- PORT_FreeArena(pbe_param->poolp, PR_TRUE);
-}
-
-/* creates a PBE parameter based on the PBE algorithm. the only required
- * parameters are algorithm and interation. the return is a PBE parameter
- * which conforms to PKCS 5 parameter unless an extended parameter is needed.
- * this is primarily if keyLen and a variable key length algorithm are
- * specified.
- * salt - if null, a salt will be generated from random bytes.
- * iteration - number of iterations to perform hashing.
- * keyLen - only used in variable key length algorithms
- * iv - if null, the IV will be generated based on PKCS 5 when needed.
- * params - optional, currently unsupported additional parameters.
- * once a parameter is allocated, it should be destroyed calling
- * sec_pkcs5_destroy_pbe_parameter or SEC_PKCS5DestroyPBEParameter.
- */
-#define DEFAULT_SALT_LENGTH 16
-static SEC_PKCS5PBEParameter *
-sec_pkcs5_create_pbe_parameter(SECOidTag algorithm,
- SECItem *salt,
- int iteration)
-{
- PRArenaPool *poolp = NULL;
- SEC_PKCS5PBEParameter *pbe_param = NULL;
- SECStatus rv= SECSuccess;
- void *dummy = NULL;
-
- if(iteration < 0) {
- return NULL;
- }
-
- poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(poolp == NULL)
- return NULL;
-
- pbe_param = (SEC_PKCS5PBEParameter *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS5PBEParameter));
- if(!pbe_param) {
- PORT_FreeArena(poolp, PR_TRUE);
- return NULL;
- }
-
- pbe_param->poolp = poolp;
-
- rv = SECFailure;
- if (salt && salt->data) {
- rv = SECITEM_CopyItem(poolp, &pbe_param->salt, salt);
- } else {
- /* sigh, the old interface generated salt on the fly, so we have to
- * preserve the semantics */
- pbe_param->salt.len = DEFAULT_SALT_LENGTH;
- pbe_param->salt.data = PORT_ArenaZAlloc(poolp,DEFAULT_SALT_LENGTH);
- if (pbe_param->salt.data) {
- rv = PK11_GenerateRandom(pbe_param->salt.data,DEFAULT_SALT_LENGTH);
- }
- }
-
- if(rv != SECSuccess) {
- PORT_FreeArena(poolp, PR_TRUE);
- return NULL;
- }
-
- /* encode the integer */
- dummy = SEC_ASN1EncodeInteger(poolp, &pbe_param->iteration,
- iteration);
- rv = (dummy) ? SECSuccess : SECFailure;
-
- if(rv != SECSuccess) {
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
- }
-
- return pbe_param;
-}
-
-/* creates a algorithm ID containing the PBE algorithm and appropriate
- * parameters. the required parameter is the algorithm. if salt is
- * not specified, it is generated randomly. if IV is specified, it overrides
- * the PKCS 5 generation of the IV.
- *
- * the returned SECAlgorithmID should be destroyed using
- * SECOID_DestroyAlgorithmID
- */
-SECAlgorithmID *
-SEC_PKCS5CreateAlgorithmID(SECOidTag algorithm,
- SECItem *salt,
- int iteration)
-{
- PRArenaPool *poolp = NULL;
- SECAlgorithmID *algid, *ret_algid;
- SECItem der_param;
- SECStatus rv = SECFailure;
- SEC_PKCS5PBEParameter *pbe_param;
-
- if(iteration <= 0) {
- return NULL;
- }
-
- der_param.data = NULL;
- der_param.len = 0;
-
- /* generate the parameter */
- pbe_param = sec_pkcs5_create_pbe_parameter(algorithm, salt, iteration);
- if(!pbe_param) {
- return NULL;
- }
-
- poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(!poolp) {
- sec_pkcs5_destroy_pbe_param(pbe_param);
- return NULL;
- }
-
- /* generate the algorithm id */
- algid = (SECAlgorithmID *)PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
- if(algid != NULL) {
- void *dummy;
- if(!sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
- dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
- SEC_PKCS5PBEParameterTemplate);
- } else {
- dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
- SEC_V2PKCS12PBEParameterTemplate);
- }
-
- if(dummy) {
- rv = SECOID_SetAlgorithmID(poolp, algid, algorithm, &der_param);
- }
- }
-
- ret_algid = NULL;
- if(algid != NULL) {
- ret_algid = (SECAlgorithmID *)PORT_ZAlloc(sizeof(SECAlgorithmID));
- if(ret_algid != NULL) {
- rv = SECOID_CopyAlgorithmID(NULL, ret_algid, algid);
- if(rv != SECSuccess) {
- SECOID_DestroyAlgorithmID(ret_algid, PR_TRUE);
- ret_algid = NULL;
- }
- }
- }
-
- if(poolp != NULL) {
- PORT_FreeArena(poolp, PR_TRUE);
- algid = NULL;
- }
-
- sec_pkcs5_destroy_pbe_param(pbe_param);
-
- return ret_algid;
-}
-
-SECStatus
-pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech)
-{
- CK_PBE_PARAMS *pbe_params = NULL;
- SEC_PKCS5PBEParameter p5_param;
- SECItem *salt = NULL;
- SECOidTag algorithm = SECOID_GetAlgorithmTag(algid);
- PRArenaPool *arena = NULL;
- SECStatus rv = SECFailure;
- int iv_len;
-
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL) {
- goto loser;
- }
- iv_len = PK11_GetIVLength(PK11_AlgtagToMechanism(algorithm));
- if (iv_len < 0) {
- goto loser;
- }
-
- if (sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
- rv = SEC_ASN1DecodeItem(arena, &p5_param,
- SEC_V2PKCS12PBEParameterTemplate, &algid->parameters);
- } else {
- rv = SEC_ASN1DecodeItem(arena,&p5_param,SEC_PKCS5PBEParameterTemplate,
- &algid->parameters);
- }
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- salt = &p5_param.salt;
-
- pbe_params = (CK_PBE_PARAMS *)PORT_ZAlloc(sizeof(CK_PBE_PARAMS)+
- salt->len+iv_len);
- if (pbe_params == NULL) {
- goto loser;
- }
-
- /* get salt */
- pbe_params->pSalt = ((CK_CHAR_PTR) pbe_params)+sizeof(CK_PBE_PARAMS);
- if (iv_len) {
- pbe_params->pInitVector = ((CK_CHAR_PTR) pbe_params)+
- sizeof(CK_PBE_PARAMS)+salt->len;
- }
- PORT_Memcpy(pbe_params->pSalt, salt->data, salt->len);
- pbe_params->ulSaltLen = (CK_ULONG) salt->len;
-
- /* get iteration count */
- pbe_params->ulIteration = (CK_ULONG) DER_GetInteger(&p5_param.iteration);
-
- /* copy into the mechanism sec item */
- mech->data = (unsigned char *)pbe_params;
- mech->len = sizeof(*pbe_params);
- if (arena) {
- PORT_FreeArena(arena,PR_TRUE);
- }
- return SECSuccess;
-
-loser:
- if (pbe_params) {
- PORT_Free(pbe_params);
- }
- if (arena) {
- PORT_FreeArena(arena,PR_TRUE);
- }
- return SECFailure;
-}
-
-SECStatus
-PBE_PK11ParamToAlgid(SECOidTag algTag, SECItem *param, PRArenaPool *arena,
- SECAlgorithmID *algId)
-{
- CK_PBE_PARAMS *pbe_param;
- SECItem pbeSalt;
- SECAlgorithmID *pbeAlgID = NULL;
- SECStatus rv;
-
- if(!param || !algId) {
- return SECFailure;
- }
-
- pbe_param = (CK_PBE_PARAMS *)param->data;
- pbeSalt.data = (unsigned char *)pbe_param->pSalt;
- pbeSalt.len = pbe_param->ulSaltLen;
- pbeAlgID = SEC_PKCS5CreateAlgorithmID(algTag, &pbeSalt,
- (int)pbe_param->ulIteration);
- if(!pbeAlgID) {
- return SECFailure;
- }
-
- rv = SECOID_CopyAlgorithmID(arena, algId, pbeAlgID);
- SECOID_DestroyAlgorithmID(pbeAlgID, PR_TRUE);
- return rv;
-}
-
-PBEBitGenContext *
-PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
- SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
- unsigned int iterations)
-{
- SECItem *context = NULL;
- SECItem mechItem;
- CK_PBE_PARAMS pbe_params;
- CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM;
- PK11SymKey *symKey = NULL;
- unsigned char ivData[8];
-
-
- /* use the purpose to select the low level keygen algorithm */
- switch (bitGenPurpose) {
- case pbeBitGenIntegrityKey:
- switch (hashAlgorithm) {
- case SEC_OID_SHA1:
- mechanism = CKM_PBA_SHA1_WITH_SHA1_HMAC;
- break;
- case SEC_OID_MD2:
- mechanism = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN;
- break;
- case SEC_OID_MD5:
- mechanism = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN;
- break;
- default:
- break;
- }
- break;
- case pbeBitGenCipherIV:
- if (bitsNeeded > 64) {
- break;
- }
- if (hashAlgorithm != SEC_OID_SHA1) {
- break;
- }
- mechanism = CKM_PBE_SHA1_DES3_EDE_CBC;
- case pbeBitGenCipherKey:
- if (hashAlgorithm != SEC_OID_SHA1) {
- break;
- }
- switch (bitsNeeded) {
- case 40:
- mechanism = CKM_PBE_SHA1_RC4_40;
- break;
- case 128:
- mechanism = CKM_PBE_SHA1_RC4_128;
- break;
- default:
- break;
- }
- case pbeBitGenIDNull:
- break;
- }
-
- if (mechanism == CKM_INVALID_MECHANISM) {
- /* we should set an error, but this is a depricated function, and
- * we are keeping bug for bug compatibility;)... */
- return NULL;
- }
-
- pbe_params.pInitVector = ivData;
- pbe_params.pPassword = pwitem->data;
- pbe_params.ulPasswordLen = pwitem->len;
- pbe_params.pSalt = salt->data;
- pbe_params.ulSaltLen = salt->len;
- pbe_params.ulIteration = iterations;
- mechItem.data = (unsigned char *) &pbe_params;
- mechItem.len = sizeof(pbe_params);
-
-
- symKey = PK11_RawPBEKeyGen(PK11_GetInternalSlot(),mechanism,
- &mechItem, pwitem, PR_FALSE, NULL);
- if (symKey == NULL) {
- if (bitGenPurpose == pbeBitGenCipherIV) {
- /* NOTE: this assumes that bitsNeeded is a multiple of 8! */
- SECItem ivItem;
-
- ivItem.data = ivData;
- ivItem.len = bitsNeeded/8;
- context = SECITEM_DupItem(&ivItem);
- } else {
- SECItem *keyData;
- PK11_ExtractKeyValue(symKey);
- keyData = PK11_GetKeyData(symKey);
-
- /* assert bitsNeeded with length? */
- if (keyData) {
- context = SECITEM_DupItem(keyData);
- }
- }
- PK11_FreeSymKey(symKey);
- }
-
- return (PBEBitGenContext *)context;
-}
-
-SECItem *
-PBE_GenerateBits(PBEBitGenContext *context)
-{
- return (SECItem *)context;
-}
-
-void
-PBE_DestroyContext(PBEBitGenContext *context)
-{
- SECITEM_FreeItem((SECItem *)context,PR_TRUE);
-}
-
-SECItem *
-SEC_PKCS5GetIV(SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES)
-{
- SECItem mechItem;
- SECOidTag algorithm = SECOID_GetAlgorithmTag(algid);
- CK_PBE_PARAMS *pbe_params;
- CK_MECHANISM_TYPE mechanism;
- SECItem *iv = NULL;
- SECStatus rv;
- int iv_len;
- PK11SymKey *symKey;
-
- rv = pbe_PK11AlgidToParam(algid,&mechItem);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- mechanism = PK11_AlgtagToMechanism(algorithm);
- iv_len = PK11_GetIVLength(mechanism);
- pbe_params = (CK_PBE_PARAMS_PTR)mechItem.data;
-
- symKey = PK11_RawPBEKeyGen(PK11_GetInternalSlot(),mechanism,
- &mechItem, pwitem, faulty3DES,NULL);
-
- if (symKey) {
- SECItem tmp;
-
- tmp.data = pbe_params->pInitVector;
- tmp.len = iv_len;
- iv = SECITEM_DupItem(&tmp);
- PK11_FreeSymKey(symKey);
- }
-
- if (mechItem.data) {
- PORT_ZFree(mechItem.data,mechItem.len);
- }
-
- return iv;
-}
-
-/*
- * Subs from nss 3.x that are depricated
- */
-PBEBitGenContext *
-__PBE_CreateContext(SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose,
- SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded,
- unsigned int iterations)
-{
- PORT_Assert("__PBE_CreateContext is Depricated" == NULL);
- return NULL;
-}
-
-SECItem *
-__PBE_GenerateBits(PBEBitGenContext *context)
-{
- PORT_Assert("__PBE_GenerateBits is Depricated" == NULL);
- return NULL;
-}
-
-void
-__PBE_DestroyContext(PBEBitGenContext *context)
-{
- PORT_Assert("__PBE_DestroyContext is Depricated" == NULL);
-}
-
-SECStatus
-RSA_FormatBlock(SECItem *result, unsigned modulusLen,
- int blockType, SECItem *data)
-{
- PORT_Assert("RSA_FormatBlock is Depricated" == NULL);
- return SECFailure;
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11pk12.c b/security/nss/lib/pk11wrap/pk11pk12.c
deleted file mode 100644
index aea0ea8df..000000000
--- a/security/nss/lib/pk11wrap/pk11pk12.c
+++ /dev/null
@@ -1,476 +0,0 @@
-
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file PKCS #12 fuctions that should really be moved to the
- * PKCS #12 directory, however we can't do that in a point release
- * because that will break binary compatibility, so we keep them here for now.
- */
-
-#include "seccomon.h"
-#include "secmod.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "secerr.h"
-
-
-
-/* These data structures should move to a common .h file shared between the
- * wrappers and the pkcs 12 code. */
-
-/*
-** RSA Raw Private Key structures
-*/
-
-/* member names from PKCS#1, section 7.2 */
-struct SECKEYRSAPrivateKeyStr {
- PRArenaPool * arena;
- SECItem version;
- SECItem modulus;
- SECItem publicExponent;
- SECItem privateExponent;
- SECItem prime1;
- SECItem prime2;
- SECItem exponent1;
- SECItem exponent2;
- SECItem coefficient;
-};
-typedef struct SECKEYRSAPrivateKeyStr SECKEYRSAPrivateKey;
-
-
-/*
-** DSA Raw Private Key structures
-*/
-
-struct SECKEYDSAPrivateKeyStr {
- SECKEYPQGParams params;
- SECItem privateValue;
-};
-typedef struct SECKEYDSAPrivateKeyStr SECKEYDSAPrivateKey;
-
-/*
-** Diffie-Hellman Raw Private Key structures
-** Structure member names suggested by PKCS#3.
-*/
-struct SECKEYDHPrivateKeyStr {
- PRArenaPool * arena;
- SECItem prime;
- SECItem base;
- SECItem privateValue;
-};
-typedef struct SECKEYDHPrivateKeyStr SECKEYDHPrivateKey;
-
-/*
-** raw private key object
-*/
-struct SECKEYRawPrivateKeyStr {
- PLArenaPool *arena;
- KeyType keyType;
- union {
- SECKEYRSAPrivateKey rsa;
- SECKEYDSAPrivateKey dsa;
- SECKEYDHPrivateKey dh;
- } u;
-};
-typedef struct SECKEYRawPrivateKeyStr SECKEYRawPrivateKey;
-
-
-/* ASN1 Templates for new decoder/encoder */
-/*
- * Attribute value for PKCS8 entries (static?)
- */
-const SEC_ASN1Template SECKEY_AttributeTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECKEYAttribute) },
- { SEC_ASN1_OBJECT_ID, offsetof(SECKEYAttribute, attrType) },
- { SEC_ASN1_SET_OF, offsetof(SECKEYAttribute, attrValue),
- SEC_AnyTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_SetOfAttributeTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SECKEY_AttributeTemplate },
-};
-
-const SEC_ASN1Template SECKEY_PrivateKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPrivateKeyInfo) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYPrivateKeyInfo,version) },
- { SEC_ASN1_INLINE, offsetof(SECKEYPrivateKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING, offsetof(SECKEYPrivateKeyInfo,privateKey) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SECKEYPrivateKeyInfo,attributes),
- SECKEY_SetOfAttributeTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_PointerToPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_POINTER, 0, SECKEY_PrivateKeyInfoTemplate }
-};
-
-const SEC_ASN1Template SECKEY_RSAPrivateKeyExportTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYRawPrivateKey) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.version) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.modulus) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.publicExponent) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.privateExponent) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.prime1) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.prime2) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.exponent1) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.exponent2) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.rsa.coefficient) },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dsa.privateValue) },
-};
-
-const SEC_ASN1Template SECKEY_DHPrivateKeyExportTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dh.privateValue) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dh.base) },
- { SEC_ASN1_INTEGER, offsetof(SECKEYRawPrivateKey,u.dh.prime) },
-};
-
-const SEC_ASN1Template SECKEY_EncryptedPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECKEYEncryptedPrivateKeyInfo) },
- { SEC_ASN1_INLINE,
- offsetof(SECKEYEncryptedPrivateKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SECKEYEncryptedPrivateKeyInfo,encryptedData) },
- { 0 }
-};
-
-const SEC_ASN1Template SECKEY_PointerToEncryptedPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_POINTER, 0, SECKEY_EncryptedPrivateKeyInfoTemplate }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_EncryptedPrivateKeyInfoTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PrivateKeyInfoTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_PointerToPrivateKeyInfoTemplate)
-
-
-SECStatus
-PK11_ImportDERPrivateKeyInfo(PK11SlotInfo *slot, SECItem *derPKI,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, unsigned int keyUsage, void *wincx)
-{
- SECKEYPrivateKeyInfo *pki = NULL;
- PRArenaPool *temparena = NULL;
- SECStatus rv = SECFailure;
-
- temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- pki = PORT_ZNew(SECKEYPrivateKeyInfo);
-
- rv = SEC_ASN1DecodeItem(temparena, pki, SECKEY_PrivateKeyInfoTemplate,
- derPKI);
- if( rv != SECSuccess ) {
- goto finish;
- }
-
- rv = PK11_ImportPrivateKeyInfo(slot, pki, nickname, publicValue,
- isPerm, isPrivate, keyUsage, wincx);
-
-finish:
- if( pki != NULL ) {
- SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/);
- }
- if( temparena != NULL ) {
- PORT_FreeArena(temparena, PR_TRUE);
- }
- return rv;
-}
-
-/*
- * import a private key info into the desired slot
- */
-SECStatus
-PK11_ImportPrivateKey(PK11SlotInfo *slot, SECKEYRawPrivateKey *lpk,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, unsigned int keyUsage, void *wincx)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_OBJECT_CLASS keyClass = CKO_PRIVATE_KEY;
- CK_KEY_TYPE keyType = CKK_RSA;
- CK_OBJECT_HANDLE objectID;
- CK_ATTRIBUTE theTemplate[20];
- int templateCount = 0;
- SECStatus rv = SECFailure;
- PRArenaPool *arena;
- CK_ATTRIBUTE *attrs;
- CK_ATTRIBUTE *signedattr = NULL;
- int signedcount = 0;
- CK_ATTRIBUTE *ap;
- SECItem *ck_id = NULL;
-
- arena = PORT_NewArena(2048);
- if(!arena) {
- return SECFailure;
- }
-
- attrs = theTemplate;
-
-
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, isPerm ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_SENSITIVE, isPrivate ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIVATE, isPrivate ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL) ); attrs++;
-
- switch (lpk->keyType) {
- case rsaKey:
- PK11_SETATTRS(attrs, CKA_UNWRAP, (keyUsage & KU_KEY_ENCIPHERMENT) ?
- &cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_DECRYPT, (keyUsage & KU_DATA_ENCIPHERMENT) ?
- &cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_SIGN, (keyUsage & KU_DIGITAL_SIGNATURE) ?
- &cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_SIGN_RECOVER,
- (keyUsage & KU_DIGITAL_SIGNATURE) ?
- &cktrue : &ckfalse, sizeof(CK_BBOOL) ); attrs++;
- ck_id = PK11_MakeIDFromPubKey(&lpk->u.rsa.modulus);
- if (ck_id == NULL) {
- goto loser;
- }
- PK11_SETATTRS(attrs, CKA_ID, ck_id->data,ck_id->len); attrs++;
- if (nickname) {
- PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len); attrs++;
- }
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_MODULUS, lpk->u.rsa.modulus.data,
- lpk->u.rsa.modulus.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT,
- lpk->u.rsa.publicExponent.data,
- lpk->u.rsa.publicExponent.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIVATE_EXPONENT,
- lpk->u.rsa.privateExponent.data,
- lpk->u.rsa.privateExponent.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIME_1,
- lpk->u.rsa.prime1.data,
- lpk->u.rsa.prime1.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIME_2,
- lpk->u.rsa.prime2.data,
- lpk->u.rsa.prime2.len); attrs++;
- PK11_SETATTRS(attrs, CKA_EXPONENT_1,
- lpk->u.rsa.exponent1.data,
- lpk->u.rsa.exponent1.len); attrs++;
- PK11_SETATTRS(attrs, CKA_EXPONENT_2,
- lpk->u.rsa.exponent2.data,
- lpk->u.rsa.exponent2.len); attrs++;
- PK11_SETATTRS(attrs, CKA_COEFFICIENT,
- lpk->u.rsa.coefficient.data,
- lpk->u.rsa.coefficient.len); attrs++;
- break;
- case dsaKey:
- /* To make our intenal PKCS #11 module work correctly with
- * our database, we need to pass in the public key value for
- * this dsa key. We have a netscape only CKA_ value to do this.
- * Only send it to internal slots */
- if( publicValue == NULL ) {
- goto loser;
- }
- if (PK11_IsInternal(slot)) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_DB,
- publicValue->data, publicValue->len); attrs++;
- }
- PK11_SETATTRS(attrs, CKA_SIGN, &cktrue, sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_SIGN_RECOVER, &cktrue, sizeof(CK_BBOOL)); attrs++;
- if(nickname) {
- PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len);
- attrs++;
- }
- ck_id = PK11_MakeIDFromPubKey(publicValue);
- if (ck_id == NULL) {
- goto loser;
- }
- PK11_SETATTRS(attrs, CKA_ID, ck_id->data,ck_id->len); attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, lpk->u.dsa.params.prime.data,
- lpk->u.dsa.params.prime.len); attrs++;
- PK11_SETATTRS(attrs,CKA_SUBPRIME,lpk->u.dsa.params.subPrime.data,
- lpk->u.dsa.params.subPrime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, lpk->u.dsa.params.base.data,
- lpk->u.dsa.params.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, lpk->u.dsa.privateValue.data,
- lpk->u.dsa.privateValue.len); attrs++;
- break;
- case dhKey:
- /* To make our intenal PKCS #11 module work correctly with
- * our database, we need to pass in the public key value for
- * this dh key. We have a netscape only CKA_ value to do this.
- * Only send it to internal slots */
- if (PK11_IsInternal(slot)) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_DB,
- publicValue->data, publicValue->len); attrs++;
- }
- PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL)); attrs++;
- if(nickname) {
- PK11_SETATTRS(attrs, CKA_LABEL, nickname->data, nickname->len);
- attrs++;
- }
- ck_id = PK11_MakeIDFromPubKey(publicValue);
- if (ck_id == NULL) {
- goto loser;
- }
- PK11_SETATTRS(attrs, CKA_ID, ck_id->data,ck_id->len); attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, lpk->u.dh.prime.data,
- lpk->u.dh.prime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, lpk->u.dh.base.data,
- lpk->u.dh.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, lpk->u.dh.privateValue.data,
- lpk->u.dh.privateValue.len); attrs++;
- break;
- /* what about fortezza??? */
- default:
- PORT_SetError(SEC_ERROR_BAD_KEY);
- goto loser;
- }
- templateCount = attrs - theTemplate;
- PORT_Assert(templateCount <= sizeof(theTemplate)/sizeof(CK_ATTRIBUTE));
- PORT_Assert(signedattr != NULL);
- signedcount = attrs - signedattr;
-
- for (ap=signedattr; signedcount; ap++, signedcount--) {
- pk11_SignedToUnsigned(ap);
- }
-
- rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION,
- theTemplate, templateCount, isPerm, &objectID);
-loser:
- if (ck_id) {
- SECITEM_ZfreeItem(ck_id, PR_TRUE);
- }
- return rv;
-}
-
-/*
- * import a private key info into the desired slot
- */
-SECStatus
-PK11_ImportPrivateKeyInfo(PK11SlotInfo *slot, SECKEYPrivateKeyInfo *pki,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, unsigned int keyUsage, void *wincx)
-{
- CK_KEY_TYPE keyType = CKK_RSA;
- SECStatus rv = SECFailure;
- SECKEYRawPrivateKey *lpk = NULL;
- const SEC_ASN1Template *keyTemplate, *paramTemplate;
- void *paramDest = NULL;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(2048);
- if(!arena) {
- return SECFailure;
- }
-
- /* need to change this to use RSA/DSA keys */
- lpk = (SECKEYRawPrivateKey *)PORT_ArenaZAlloc(arena,
- sizeof(SECKEYRawPrivateKey));
- if(lpk == NULL) {
- goto loser;
- }
- lpk->arena = arena;
-
- switch(SECOID_GetAlgorithmTag(&pki->algorithm)) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- keyTemplate = SECKEY_RSAPrivateKeyExportTemplate;
- paramTemplate = NULL;
- paramDest = NULL;
- lpk->keyType = rsaKey;
- keyType = CKK_RSA;
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- keyTemplate = SECKEY_DSAPrivateKeyExportTemplate;
- paramTemplate = SECKEY_PQGParamsTemplate;
- paramDest = &(lpk->u.dsa.params);
- lpk->keyType = dsaKey;
- keyType = CKK_DSA;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- if(!publicValue) {
- goto loser;
- }
- keyTemplate = SECKEY_DHPrivateKeyExportTemplate;
- paramTemplate = NULL;
- paramDest = NULL;
- lpk->keyType = dhKey;
- keyType = CKK_DH;
- break;
-
- default:
- keyTemplate = NULL;
- paramTemplate = NULL;
- paramDest = NULL;
- break;
- }
-
- if(!keyTemplate) {
- goto loser;
- }
-
- /* decode the private key and any algorithm parameters */
- rv = SEC_ASN1DecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
- if(rv != SECSuccess) {
- goto loser;
- }
- if(paramDest && paramTemplate) {
- rv = SEC_ASN1DecodeItem(arena, paramDest, paramTemplate,
- &(pki->algorithm.parameters));
- if(rv != SECSuccess) {
- goto loser;
- }
- }
-
- rv = PK11_ImportPrivateKey(slot,lpk,nickname,publicValue, isPerm,
- isPrivate, keyUsage, wincx);
-
-
-loser:
- if (lpk!= NULL) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- return rv;
-}
-
diff --git a/security/nss/lib/pk11wrap/pk11pqg.c b/security/nss/lib/pk11wrap/pk11pqg.c
deleted file mode 100644
index 530548c36..000000000
--- a/security/nss/lib/pk11wrap/pk11pqg.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* Thse functions are stub functions which will get replaced with calls through
- * PKCS #11.
- */
-
-#include "pk11pqg.h"
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of seed and length of h both equal length of P.
- * All lengths are specified by "j", according to the table above.
- */
-extern SECStatus
-PK11_PQG_ParamGen(unsigned int j, PQGParams **pParams, PQGVerify **pVfy) {
-#ifdef notdef
- return PQG_ParamGen(j, pParams, pVfy);
-#else
- return SECFailure;
-#endif
-}
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of P specified by j. Length of h will match length of P.
- * Length of SEED in bytes specified in seedBytes.
- * seedBbytes must be in the range [20..255] or an error will result.
- */
-extern SECStatus
-PK11_PQG_ParamGenSeedLen( unsigned int j, unsigned int seedBytes,
- PQGParams **pParams, PQGVerify **pVfy) {
-#ifdef notdef
- return PQG_ParamGenSeedLen(j, seedBytes, pParams, pVfy);
-#else
- return SECFailure;
-#endif
-}
-
-/* Test PQGParams for validity as DSS PQG values.
- * If vfy is non-NULL, test PQGParams to make sure they were generated
- * using the specified seed, counter, and h values.
- *
- * Return value indicates whether Verification operation ran succesfully
- * to completion, but does not indicate if PQGParams are valid or not.
- * If return value is SECSuccess, then *pResult has these meanings:
- * SECSuccess: PQGParams are valid.
- * SECFailure: PQGParams are invalid.
- *
- * Verify the following 12 facts about PQG counter SEED g and h
- * 1. Q is 160 bits long.
- * 2. P is one of the 9 valid lengths.
- * 3. G < P
- * 4. P % Q == 1
- * 5. Q is prime
- * 6. P is prime
- * Steps 7-12 are done only if the optional PQGVerify is supplied.
- * 7. counter < 4096
- * 8. g >= 160 and g < 2048 (g is length of seed in bits)
- * 9. Q generated from SEED matches Q in PQGParams.
- * 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams.
- * 11. 1 < h < P-1
- * 12. G generated from h matches G in PQGParams.
- */
-
-extern SECStatus
-PK11_PQG_VerifyParams(const PQGParams *params,
- const PQGVerify *vfy, SECStatus *result) {
-#ifdef notdef
- return PQG_VerifyParams(params, vfy, result);
-#else
- return SECFailure;
-#endif
-}
-
-
-
-/**************************************************************************
- * Free the PQGParams struct and the things it points to. *
- **************************************************************************/
-extern void
-PK11_PQG_DestroyParams(PQGParams *params) {
- PQG_DestroyParams(params);
- return;
-}
-
-/**************************************************************************
- * Free the PQGVerify struct and the things it points to. *
- **************************************************************************/
-extern void
-PK11_PQG_DestroyVerify(PQGVerify *vfy) {
- PQG_DestroyVerify(vfy);
- return;
-}
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGParams *
-PK11_PQG_NewParams(const SECItem * prime, const SECItem * subPrime,
- const SECItem * base) {
- return PQG_NewParams(prime, subPrime, base);
-}
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetPrimeFromParams(const PQGParams *params, SECItem * prime) {
- return PQG_GetPrimeFromParams(params, prime);
-}
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetSubPrimeFromParams(const PQGParams *params, SECItem * subPrime) {
- return PQG_GetSubPrimeFromParams(params, subPrime);
-}
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetBaseFromParams(const PQGParams *params, SECItem *base) {
- return PQG_GetBaseFromParams(params, base);
-}
-
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGVerify *
-PK11_PQG_NewVerify(unsigned int counter, const SECItem * seed,
- const SECItem * h) {
- return PQG_NewVerify(counter, seed, h);
-}
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int
-PK11_PQG_GetCounterFromVerify(const PQGVerify *verify) {
- return PQG_GetCounterFromVerify(verify);
-}
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem *seed) {
- return PQG_GetSeedFromVerify(verify, seed);
-}
-
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
- **************************************************************************/
-extern SECStatus
-PK11_PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h) {
- return PQG_GetHFromVerify(verify, h);
-}
diff --git a/security/nss/lib/pk11wrap/pk11pqg.h b/security/nss/lib/pk11wrap/pk11pqg.h
deleted file mode 100644
index 389946ff1..000000000
--- a/security/nss/lib/pk11wrap/pk11pqg.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/* Thse functions are stub functions which will get replaced with calls through
- * PKCS #11.
- */
-
-#ifndef _PK11PQG_H_
-#define _PK11PQG_H_ 1
-
-#include "blapit.h"
-#include "pqgutil.h"
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of seed and length of h both equal length of P.
- * All lengths are specified by "j", according to the table above.
- */
-extern SECStatus PK11_PQG_ParamGen(unsigned int j, PQGParams **pParams,
- PQGVerify **pVfy);
-
-/* Generate PQGParams and PQGVerify structs.
- * Length of P specified by j. Length of h will match length of P.
- * Length of SEED in bytes specified in seedBytes.
- * seedBbytes must be in the range [20..255] or an error will result.
- */
-extern SECStatus PK11_PQG_ParamGenSeedLen( unsigned int j,
- unsigned int seedBytes, PQGParams **pParams, PQGVerify **pVfy);
-
-/* Test PQGParams for validity as DSS PQG values.
- * If vfy is non-NULL, test PQGParams to make sure they were generated
- * using the specified seed, counter, and h values.
- *
- * Return value indicates whether Verification operation ran succesfully
- * to completion, but does not indicate if PQGParams are valid or not.
- * If return value is SECSuccess, then *pResult has these meanings:
- * SECSuccess: PQGParams are valid.
- * SECFailure: PQGParams are invalid.
- *
- * Verify the following 12 facts about PQG counter SEED g and h
- * 1. Q is 160 bits long.
- * 2. P is one of the 9 valid lengths.
- * 3. G < P
- * 4. P % Q == 1
- * 5. Q is prime
- * 6. P is prime
- * Steps 7-12 are done only if the optional PQGVerify is supplied.
- * 7. counter < 4096
- * 8. g >= 160 and g < 2048 (g is length of seed in bits)
- * 9. Q generated from SEED matches Q in PQGParams.
- * 10. P generated from (L, counter, g, SEED, Q) matches P in PQGParams.
- * 11. 1 < h < P-1
- * 12. G generated from h matches G in PQGParams.
- */
-
-extern SECStatus PK11_PQG_VerifyParams(const PQGParams *params,
- const PQGVerify *vfy, SECStatus *result);
-extern void PK11_PQG_DestroyParams(PQGParams *params);
-extern void PK11_PQG_DestroyVerify(PQGVerify *vfy);
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGParams * PK11_PQG_NewParams(const SECItem * prime, const
- SECItem * subPrime, const SECItem * base);
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetPrimeFromParams(const PQGParams *params,
- SECItem * prime);
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetSubPrimeFromParams(const PQGParams *params,
- SECItem * subPrime);
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetBaseFromParams(const PQGParams *params,
- SECItem *base);
-
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGVerify * PK11_PQG_NewVerify(unsigned int counter,
- const SECItem * seed, const SECItem * h);
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int PK11_PQG_GetCounterFromVerify(const PQGVerify *verify);
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetSeedFromVerify(const PQGVerify *verify,
- SECItem *seed);
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
- **************************************************************************/
-extern SECStatus PK11_PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h);
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11sdr.c b/security/nss/lib/pk11wrap/pk11sdr.c
deleted file mode 100644
index b1005e1e9..000000000
--- a/security/nss/lib/pk11wrap/pk11sdr.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * thayes@netscape.com
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * PKCS #11 Wrapper functions which handles authenticating to the card's
- * choosing the best cards, etc.
- */
-
-#include "seccomon.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "pk11sdr.h"
-
-/*
- * Data structure and template for encoding the result of an SDR operation
- * This is temporary. It should include the algorithm ID of the encryption mechanism
- */
-struct SDRResult
-{
- SECItem keyid;
- SECAlgorithmID alg;
- SECItem data;
-};
-typedef struct SDRResult SDRResult;
-
-static SEC_ASN1Template template[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof (SDRResult) },
- { SEC_ASN1_OCTET_STRING, offsetof(SDRResult, keyid) },
- { SEC_ASN1_INLINE, offsetof(SDRResult, alg), SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING, offsetof(SDRResult, data) },
- { 0 }
-};
-
-static unsigned char keyID[] = {
- 0xF8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
-};
-
-static SECItem keyIDItem = {
- 0,
- keyID,
- sizeof keyID
-};
-
-/* local utility function for padding an incoming data block
- * to the mechanism block size.
- */
-static SECStatus
-padBlock(SECItem *data, int blockSize, SECItem *result)
-{
- SECStatus rv = SECSuccess;
- int padLength;
- unsigned int i;
-
- result->data = 0;
- result->len = 0;
-
- /* This algorithm always adds to the block (to indicate the number
- * of pad bytes). So allocate a block large enough.
- */
- padLength = blockSize - (data->len % blockSize);
- result->len = data->len + padLength;
- result->data = (unsigned char *)PORT_Alloc(result->len);
-
- /* Copy the data */
- PORT_Memcpy(result->data, data->data, data->len);
-
- /* Add the pad values */
- for(i = data->len; i < result->len; i++)
- result->data[i] = (unsigned char)padLength;
-
- return rv;
-}
-
-static SECStatus
-unpadBlock(SECItem *data, int blockSize, SECItem *result)
-{
- SECStatus rv = SECSuccess;
- int padLength;
-
- result->data = 0;
- result->len = 0;
-
- /* Remove the padding from the end if the input data */
- if (data->len == 0 || data->len % blockSize != 0) { rv = SECFailure; goto loser; }
-
- padLength = data->data[data->len-1];
- if (padLength > blockSize) { rv = SECFailure; goto loser; }
-
- result->len = data->len - padLength;
- result->data = (unsigned char *)PORT_Alloc(result->len);
- if (!result->data) { rv = SECFailure; goto loser; }
-
- PORT_Memcpy(result->data, data->data, result->len);
-
-loser:
- return rv;
-}
-
-/*
- * PK11SDR_Encrypt
- * Encrypt a block of data using the symmetric key identified. The result
- * is an ASN.1 (DER) encoded block of keyid, params and data.
- */
-SECStatus
-PK11SDR_Encrypt(SECItem *keyid, SECItem *data, SECItem *result, void *cx)
-{
- SECStatus rv = SECSuccess;
- PK11SlotInfo *slot = 0;
- PK11SymKey *key = 0;
- SECItem *params = 0;
- PK11Context *ctx = 0;
- CK_MECHANISM_TYPE type;
- SDRResult sdrResult;
- SECItem paddedData;
- SECItem *pKeyID;
- PLArenaPool *arena = 0;
-
- /* Initialize */
- paddedData.len = 0;
- paddedData.data = 0;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (!arena) { rv = SECFailure; goto loser; }
-
- /* 1. Locate the requested keyid, or the default key (which has a keyid)
- * 2. Create an encryption context
- * 3. Encrypt
- * 4. Encode the results (using ASN.1)
- */
-
- slot = PK11_GetInternalKeySlot();
- if (!slot) { rv = SECFailure; goto loser; }
-
- /* Use triple-DES */
- type = CKM_DES3_CBC;
-
- /* Find the key to use */
- pKeyID = keyid;
- if (pKeyID->len == 0) {
- pKeyID = &keyIDItem; /* Use default value */
-
- /* Try to find the key */
- key = PK11_FindFixedKey(slot, type, pKeyID, cx);
-
- /* If the default key doesn't exist yet, try to create it */
- if (!key) key = PK11_GenDES3TokenKey(slot, pKeyID, cx);
- } else {
- key = PK11_FindFixedKey(slot, type, pKeyID, cx);
- }
-
- if (!key) { rv = SECFailure; goto loser; }
-
- params = PK11_GenerateNewParam(type, key);
- if (!params) { rv = SECFailure; goto loser; }
-
- ctx = PK11_CreateContextBySymKey(type, CKA_ENCRYPT, key, params);
- if (!ctx) { rv = SECFailure; goto loser; }
-
- rv = padBlock(data, PK11_GetBlockSize(type, 0), &paddedData);
- if (rv != SECSuccess) goto loser;
-
- sdrResult.data.len = paddedData.len;
- sdrResult.data.data = (unsigned char *)PORT_ArenaAlloc(arena, sdrResult.data.len);
-
- rv = PK11_CipherOp(ctx, sdrResult.data.data, (int*)&sdrResult.data.len, sdrResult.data.len,
- paddedData.data, paddedData.len);
- if (rv != SECSuccess) goto loser;
-
- PK11_Finalize(ctx);
-
- sdrResult.keyid = *pKeyID;
-
- rv = PK11_ParamToAlgid(SEC_OID_DES_EDE3_CBC, params, arena, &sdrResult.alg);
- if (rv != SECSuccess) goto loser;
-
- if (!SEC_ASN1EncodeItem(0, result, &sdrResult, template)) { rv = SECFailure; goto loser; }
-
-loser:
- SECITEM_ZfreeItem(&paddedData, PR_FALSE);
- if (arena) PORT_FreeArena(arena, PR_TRUE);
- if (ctx) PK11_DestroyContext(ctx, PR_TRUE);
- if (params) SECITEM_ZfreeItem(params, PR_TRUE);
- if (key) PK11_FreeSymKey(key);
- if (slot) PK11_FreeSlot(slot);
-
- return rv;
-}
-
-/*
- * PK11SDR_Decrypt
- * Decrypt a block of data produced by PK11SDR_Encrypt. The key used is identified
- * by the keyid field within the input.
- */
-SECStatus
-PK11SDR_Decrypt(SECItem *data, SECItem *result, void *cx)
-{
- SECStatus rv = SECSuccess;
- PK11SlotInfo *slot = 0;
- PK11SymKey *key = 0;
- PK11Context *ctx = 0;
- CK_MECHANISM_TYPE type;
- SDRResult sdrResult;
- SECItem *params = 0;
- SECItem paddedResult;
- PLArenaPool *arena = 0;
-
- paddedResult.len = 0;
- paddedResult.data = 0;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (!arena) { rv = SECFailure; goto loser; }
-
- /* Decode the incoming data */
- memset(&sdrResult, 0, sizeof sdrResult);
- rv = SEC_ASN1DecodeItem(arena, &sdrResult, template, data);
- if (rv != SECSuccess) goto loser; /* Invalid format */
-
- /* Find the slot and key for the given keyid */
- slot = PK11_GetInternalKeySlot();
- if (!slot) { rv = SECFailure; goto loser; }
-
- /* Use triple-DES (Should look up the algorithm) */
- type = CKM_DES3_CBC;
- key = PK11_FindFixedKey(slot, type, &sdrResult.keyid, cx);
- if (!key) { rv = SECFailure; goto loser; }
-
- /* Get the parameter values from the data */
- params = PK11_ParamFromAlgid(&sdrResult.alg);
- if (!params) { rv = SECFailure; goto loser; }
-
- ctx = PK11_CreateContextBySymKey(type, CKA_DECRYPT, key, params);
- if (!ctx) { rv = SECFailure; goto loser; }
-
- paddedResult.len = sdrResult.data.len;
- paddedResult.data = PORT_ArenaAlloc(arena, paddedResult.len);
-
- rv = PK11_CipherOp(ctx, paddedResult.data, (int*)&paddedResult.len, paddedResult.len,
- sdrResult.data.data, sdrResult.data.len);
- if (rv != SECSuccess) goto loser;
-
- PK11_Finalize(ctx);
-
- /* Remove the padding */
- rv = unpadBlock(&paddedResult, PK11_GetBlockSize(type, 0), result);
- if (rv) goto loser;
-
-loser:
- /* SECITEM_ZfreeItem(&paddedResult, PR_FALSE); */
- if (arena) PORT_FreeArena(arena, PR_TRUE);
- if (ctx) PK11_DestroyContext(ctx, PR_TRUE);
- if (key) PK11_FreeSymKey(key);
- if (params) SECITEM_ZfreeItem(params, PR_TRUE);
- if (slot) PK11_FreeSlot(slot);
-
- return rv;
-}
diff --git a/security/nss/lib/pk11wrap/pk11sdr.h b/security/nss/lib/pk11wrap/pk11sdr.h
deleted file mode 100644
index 652098cad..000000000
--- a/security/nss/lib/pk11wrap/pk11sdr.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * PKCS #11 Wrapper functions which handles authenticating to the card's
- * choosing the best cards, etc.
- */
-
-#ifndef _PK11SDR_H_
-#define _PK11SDR_H_
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * PK11SDR_Encrypt - encrypt data using the specified key id or SDR default
- *
- */
-SECStatus
-PK11SDR_Encrypt(SECItem *keyid, SECItem *data, SECItem *result, void *cx);
-
-/*
- * PK11SDR_Decrypt - decrypt data previously encrypted with PK11SDR_Encrypt
- */
-SECStatus
-PK11SDR_Decrypt(SECItem *data, SECItem *result, void *cx);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c
deleted file mode 100644
index ae1505aa1..000000000
--- a/security/nss/lib/pk11wrap/pk11skey.c
+++ /dev/null
@@ -1,4775 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements the Symkey wrapper and the PKCS context
- * Interfaces.
- */
-
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11.h"
-#include "pk11func.h"
-#include "secitem.h"
-#include "key.h"
-#include "secoid.h"
-#include "secasn1.h"
-#include "sechash.h"
-#include "cert.h"
-#include "secerr.h"
-#include "secpkcs5.h"
-
-#define PAIRWISE_SECITEM_TYPE siBuffer
-#define PAIRWISE_DIGEST_LENGTH SHA1_LENGTH /* 160-bits */
-#define PAIRWISE_MESSAGE_LENGTH 20 /* 160-bits */
-
-/* forward static declarations. */
-static PK11SymKey *pk11_DeriveWithTemplate(PK11SymKey *baseKey,
- CK_MECHANISM_TYPE derive, SECItem *param, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize, CK_ATTRIBUTE *userAttr,
- unsigned int numAttrs);
-
-
-/*
- * strip leading zero's from key material
- */
-void
-pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib) {
- char *ptr = (char *)attrib->pValue;
- unsigned long len = attrib->ulValueLen;
-
- while (len && (*ptr == 0)) {
- len--;
- ptr++;
- }
- attrib->pValue = ptr;
- attrib->ulValueLen = len;
-}
-
-/*
- * get a new session on a slot. If we run out of session, use the slot's
- * 'exclusive' session. In this case owner becomes false.
- */
-static CK_SESSION_HANDLE
-pk11_GetNewSession(PK11SlotInfo *slot,PRBool *owner)
-{
- CK_SESSION_HANDLE session;
- *owner = PR_TRUE;
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- if ( PK11_GETTAB(slot)->C_OpenSession(slot->slotID,CKF_SERIAL_SESSION,
- slot,pk11_notify,&session) != CKR_OK) {
- *owner = PR_FALSE;
- session = slot->session;
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-
- return session;
-}
-
-static void
-pk11_CloseSession(PK11SlotInfo *slot,CK_SESSION_HANDLE session,PRBool owner)
-{
- if (!owner) return;
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- (void) PK11_GETTAB(slot)->C_CloseSession(session);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-}
-
-
-SECStatus
-PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
- CK_ATTRIBUTE *theTemplate, int count,
- PRBool token, CK_OBJECT_HANDLE *objectID)
-{
- CK_SESSION_HANDLE rwsession;
- CK_RV crv;
- SECStatus rv = SECSuccess;
-
- rwsession = session;
- if (rwsession == CK_INVALID_SESSION) {
- if (token) {
- rwsession = PK11_GetRWSession(slot);
- } else {
- rwsession = slot->session;
- PK11_EnterSlotMonitor(slot);
- }
- }
- crv = PK11_GETTAB(slot)->C_CreateObject(rwsession, theTemplate,
- count,objectID);
- if(crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- rv = SECFailure;
- }
-
- if (session == CK_INVALID_SESSION) {
- if (token) {
- PK11_RestoreROSession(slot, rwsession);
- } else {
- PK11_ExitSlotMonitor(slot);
- }
- }
-
- return rv;
-}
-
-static void
-pk11_EnterKeyMonitor(PK11SymKey *symKey) {
- if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe))
- PK11_EnterSlotMonitor(symKey->slot);
-}
-
-static void
-pk11_ExitKeyMonitor(PK11SymKey *symKey) {
- if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe))
- PK11_ExitSlotMonitor(symKey->slot);
-}
-
-
-static PK11SymKey *
-pk11_getKeyFromList(PK11SlotInfo *slot) {
- PK11SymKey *symKey = NULL;
-
-
- PK11_USE_THREADS(PZ_Lock(slot->freeListLock);)
- if (slot->freeSymKeysHead) {
- symKey = slot->freeSymKeysHead;
- slot->freeSymKeysHead = symKey->next;
- slot->keyCount--;
- }
- PK11_USE_THREADS(PZ_Unlock(slot->freeListLock);)
- if (symKey) {
- symKey->next = NULL;
- if ((symKey->series != slot->series) || (!symKey->sessionOwner))
- symKey->session = pk11_GetNewSession(slot,&symKey->sessionOwner);
- return symKey;
- }
-
- symKey = (PK11SymKey *)PORT_ZAlloc(sizeof(PK11SymKey));
- if (symKey == NULL) {
- return NULL;
- }
- symKey->refLock = PZ_NewLock(nssILockRefLock);
- if (symKey->refLock == NULL) {
- PORT_Free(symKey);
- return NULL;
- }
- symKey->session = pk11_GetNewSession(slot,&symKey->sessionOwner);
- symKey->next = NULL;
- return symKey;
-}
-
-void
-PK11_CleanKeyList(PK11SlotInfo *slot)
-{
- PK11SymKey *symKey = NULL;
-
- while (slot->freeSymKeysHead) {
- symKey = slot->freeSymKeysHead;
- slot->freeSymKeysHead = symKey->next;
- pk11_CloseSession(slot, symKey->session,symKey->sessionOwner);
- PK11_USE_THREADS(PZ_DestroyLock(symKey->refLock);)
- PORT_Free(symKey);
- };
- return;
-}
-
-/*
- * create a symetric key:
- * Slot is the slot to create the key in.
- * type is the mechainism type
- */
-PK11SymKey *
-PK11_CreateSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, void *wincx)
-{
-
- PK11SymKey *symKey = pk11_getKeyFromList(slot);
-
-
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->type = type;
- symKey->data.data = NULL;
- symKey->data.len = 0;
- symKey->owner = PR_TRUE;
- symKey->objectID = CK_INVALID_HANDLE;
- symKey->slot = slot;
- symKey->series = slot->series;
- symKey->cx = wincx;
- symKey->size = 0;
- symKey->refCount = 1;
- symKey->origin = PK11_OriginNULL;
- symKey->origin = PK11_OriginNULL;
- PK11_ReferenceSlot(slot);
- return symKey;
-}
-
-/*
- * destroy a symetric key
- */
-void
-PK11_FreeSymKey(PK11SymKey *symKey)
-{
- PRBool destroy = PR_FALSE;
- PK11SlotInfo *slot;
- PRBool freeit = PR_TRUE;
-
- PK11_USE_THREADS(PZ_Lock(symKey->refLock);)
- if (symKey->refCount-- == 1) {
- destroy= PR_TRUE;
- }
- PK11_USE_THREADS(PZ_Unlock(symKey->refLock);)
- if (destroy) {
- if ((symKey->owner) && symKey->objectID != CK_INVALID_HANDLE) {
- pk11_EnterKeyMonitor(symKey);
- (void) PK11_GETTAB(symKey->slot)->
- C_DestroyObject(symKey->session, symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
- }
- if (symKey->data.data) {
- PORT_Memset(symKey->data.data, 0, symKey->data.len);
- PORT_Free(symKey->data.data);
- }
- slot = symKey->slot;
- PK11_USE_THREADS(PZ_Lock(slot->freeListLock);)
- if (slot->keyCount < slot->maxKeyCount) {
- symKey->next = slot->freeSymKeysHead;
- slot->freeSymKeysHead = symKey;
- slot->keyCount++;
- symKey->slot = NULL;
- freeit = PR_FALSE;
- }
- PK11_USE_THREADS(PZ_Unlock(slot->freeListLock);)
- if (freeit) {
- pk11_CloseSession(symKey->slot, symKey->session,
- symKey->sessionOwner);
- PK11_USE_THREADS(PZ_DestroyLock(symKey->refLock);)
- PORT_Free(symKey);
- }
- PK11_FreeSlot(slot);
- }
-}
-
-PK11SymKey *
-PK11_ReferenceSymKey(PK11SymKey *symKey)
-{
- PK11_USE_THREADS(PZ_Lock(symKey->refLock);)
- symKey->refCount++;
- PK11_USE_THREADS(PZ_Unlock(symKey->refLock);)
- return symKey;
-}
-
-/*
- * turn key handle into an appropriate key object
- */
-PK11SymKey *
-PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent, PK11Origin origin,
- CK_MECHANISM_TYPE type, CK_OBJECT_HANDLE keyID, PRBool owner, void *wincx)
-{
- PK11SymKey *symKey;
-
- if (keyID == CK_INVALID_HANDLE) {
- return NULL;
- }
-
- symKey = PK11_CreateSymKey(slot,type,wincx);
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->objectID = keyID;
- symKey->origin = origin;
- symKey->owner = owner;
-
- /* adopt the parent's session */
- /* This is only used by SSL. What we really want here is a session
- * structure with a ref count so the session goes away only after all the
- * keys do. */
- if (owner && parent) {
- pk11_CloseSession(symKey->slot, symKey->session,symKey->sessionOwner);
- symKey->sessionOwner = parent->sessionOwner;
- symKey->session = parent->session;
- parent->sessionOwner = PR_FALSE;
- }
-
- return symKey;
-}
-
-/*
- * turn key handle into an appropriate key object
- */
-PK11SymKey *
-PK11_GetWrapKey(PK11SlotInfo *slot, int wrap, CK_MECHANISM_TYPE type,
- int series, void *wincx)
-{
- PK11SymKey *symKey = NULL;
-
- if (slot->series != series) return NULL;
- if (slot->refKeys[wrap] == CK_INVALID_HANDLE) return NULL;
- if (type == CKM_INVALID_MECHANISM) type = slot->wrapMechanism;
-
- symKey = PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive,
- slot->wrapMechanism, slot->refKeys[wrap], PR_FALSE, wincx);
- return symKey;
-}
-
-void
-PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey)
-{
- /* save the handle and mechanism for the wrapping key */
- /* mark the key and session as not owned by us to they don't get freed
- * when the key goes way... that lets us reuse the key later */
- slot->refKeys[wrap] = wrapKey->objectID;
- wrapKey->owner = PR_FALSE;
- wrapKey->sessionOwner = PR_FALSE;
- slot->wrapMechanism = wrapKey->type;
-}
-
-CK_MECHANISM_TYPE
-PK11_GetMechanism(PK11SymKey *symKey)
-{
- return symKey->type;
-}
-
-/*
- * figure out if a key is still valid or if it is stale.
- */
-PRBool
-PK11_VerifyKeyOK(PK11SymKey *key) {
- if (!PK11_IsPresent(key->slot)) {
- return PR_FALSE;
- }
- return (PRBool)(key->series == key->slot->series);
-}
-
-static PK11SymKey *
-pk11_ImportSymKeyWithTempl(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE *keyTemplate,
- unsigned int templateCount, SECItem *key, void *wincx)
-{
- PK11SymKey * symKey;
- SECStatus rv;
-
- symKey = PK11_CreateSymKey(slot,type,wincx);
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->size = key->len;
-
- PK11_SETATTRS(&keyTemplate[templateCount], CKA_VALUE, key->data, key->len);
- templateCount++;
-
- if (SECITEM_CopyItem(NULL,&symKey->data,key) != SECSuccess) {
- PK11_FreeSymKey(symKey);
- return NULL;
- }
-
- symKey->origin = origin;
-
- /* import the keys */
- rv = PK11_CreateNewObject(slot, symKey->session, keyTemplate,
- templateCount, PR_FALSE, &symKey->objectID);
- if ( rv != SECSuccess) {
- PK11_FreeSymKey(symKey);
- return NULL;
- }
-
- return symKey;
-}
-
-/*
- * turn key bits into an appropriate key object
- */
-PK11SymKey *
-PK11_ImportSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,void *wincx)
-{
- PK11SymKey * symKey;
- unsigned int templateCount = 0;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_BBOOL cktrue = CK_TRUE; /* sigh */
- CK_ATTRIBUTE keyTemplate[5];
- CK_ATTRIBUTE * attrs = keyTemplate;
-
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
- PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
- /* PK11_SETATTRS(attrs, CKA_VALUE, key->data, key->len); attrs++; */
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
- keyType = PK11_GetKeyType(type,key->len);
- symKey = pk11_ImportSymKeyWithTempl(slot, type, origin, keyTemplate,
- templateCount, key, wincx);
- return symKey;
-}
-
-/*
- * import a public key into the desired slot
- */
-CK_OBJECT_HANDLE
-PK11_ImportPublicKey(PK11SlotInfo *slot, SECKEYPublicKey *pubKey,
- PRBool isToken)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_OBJECT_CLASS keyClass = CKO_PUBLIC_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_OBJECT_HANDLE objectID;
- CK_ATTRIBUTE theTemplate[10];
- CK_ATTRIBUTE *signedattr = NULL;
- CK_ATTRIBUTE *attrs = theTemplate;
- int signedcount = 0;
- int templateCount = 0;
- SECStatus rv;
-
- /* if we already have an object in the desired slot, use it */
- if (!isToken && pubKey->pkcs11Slot == slot) {
- return pubKey->pkcs11ID;
- }
-
- /* free the existing key */
- if (pubKey->pkcs11Slot != NULL) {
- PK11SlotInfo *oSlot = pubKey->pkcs11Slot;
- PK11_EnterSlotMonitor(oSlot);
- (void) PK11_GETTAB(oSlot)->C_DestroyObject(oSlot->session,
- pubKey->pkcs11ID);
- PK11_ExitSlotMonitor(oSlot);
- PK11_FreeSlot(oSlot);
- pubKey->pkcs11Slot = NULL;
- }
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, isToken ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL) ); attrs++;
-
- /* now import the key */
- {
- switch (pubKey->keyType) {
- case rsaKey:
- keyType = CKK_RSA;
- PK11_SETATTRS(attrs, CKA_WRAP, &cktrue, sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_ENCRYPT, &cktrue,
- sizeof(CK_BBOOL) ); attrs++;
- PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL)); attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_MODULUS, pubKey->u.rsa.modulus.data,
- pubKey->u.rsa.modulus.len); attrs++;
- PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT,
- pubKey->u.rsa.publicExponent.data,
- pubKey->u.rsa.publicExponent.len); attrs++;
- break;
- case dsaKey:
- keyType = CKK_DSA;
- PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, pubKey->u.dsa.params.prime.data,
- pubKey->u.dsa.params.prime.len); attrs++;
- PK11_SETATTRS(attrs,CKA_SUBPRIME,pubKey->u.dsa.params.subPrime.data,
- pubKey->u.dsa.params.subPrime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.dsa.params.base.data,
- pubKey->u.dsa.params.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.dsa.publicValue.data,
- pubKey->u.dsa.publicValue.len); attrs++;
- break;
- case fortezzaKey:
- keyType = CKK_DSA;
- PK11_SETATTRS(attrs, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME,pubKey->u.fortezza.params.prime.data,
- pubKey->u.fortezza.params.prime.len); attrs++;
- PK11_SETATTRS(attrs,CKA_SUBPRIME,
- pubKey->u.fortezza.params.subPrime.data,
- pubKey->u.fortezza.params.subPrime.len);attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.fortezza.params.base.data,
- pubKey->u.fortezza.params.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.fortezza.DSSKey.data,
- pubKey->u.fortezza.DSSKey.len); attrs++;
- break;
- case dhKey:
- keyType = CKK_DH;
- PK11_SETATTRS(attrs, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));attrs++;
- signedattr = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, pubKey->u.dh.prime.data,
- pubKey->u.dh.prime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, pubKey->u.dh.base.data,
- pubKey->u.dh.base.len); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE, pubKey->u.dh.publicValue.data,
- pubKey->u.dh.publicValue.len); attrs++;
- break;
- /* what about fortezza??? */
- default:
- PORT_SetError( SEC_ERROR_BAD_KEY );
- return CK_INVALID_HANDLE;
- }
-
- templateCount = attrs - theTemplate;
- signedcount = attrs - signedattr;
- PORT_Assert(templateCount <= (sizeof(theTemplate)/sizeof(CK_ATTRIBUTE)));
- for (attrs=signedattr; signedcount; attrs++, signedcount--) {
- pk11_SignedToUnsigned(attrs);
- }
- rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, theTemplate,
- templateCount, isToken, &objectID);
- if ( rv != SECSuccess) {
- return CK_INVALID_HANDLE;
- }
- }
-
- pubKey->pkcs11ID = objectID;
- pubKey->pkcs11Slot = PK11_ReferenceSlot(slot);
-
- return objectID;
-}
-
-
-/*
- * return the slot associated with a symetric key
- */
-PK11SlotInfo *
-PK11_GetSlotFromKey(PK11SymKey *symKey)
-{
- return PK11_ReferenceSlot(symKey->slot);
-}
-
-PK11SymKey *
-PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *keyID,
- void *wincx)
-{
- CK_ATTRIBUTE findTemp[4];
- CK_ATTRIBUTE *attrs;
- CK_BBOOL ckTrue = CK_TRUE;
- CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
- int tsize = 0;
- CK_OBJECT_HANDLE key_id;
-
- attrs = findTemp;
- PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
- PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
- if (keyID) {
- PK11_SETATTRS(attrs, CKA_ID, keyID->data, keyID->len); attrs++;
- }
- tsize = attrs - findTemp;
- PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
- key_id = pk11_FindObjectByTemplate(slot,findTemp,tsize);
- if (key_id == CK_INVALID_HANDLE) {
- return NULL;
- }
- return PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive, type, key_id,
- PR_FALSE, wincx);
-}
-
-void *
-PK11_GetWindow(PK11SymKey *key)
-{
- return key->cx;
-}
-
-
-/*
- * extract a symetric key value. NOTE: if the key is sensitive, we will
- * not be able to do this operation. This function is used to move
- * keys from one token to another */
-SECStatus
-PK11_ExtractKeyValue(PK11SymKey *symKey)
-{
-
- if (symKey->data.data != NULL) return SECSuccess;
-
- if (symKey->slot == NULL) {
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- return SECFailure;
- }
-
- return PK11_ReadAttribute(symKey->slot,symKey->objectID,CKA_VALUE,NULL,
- &symKey->data);
-}
-
-SECItem *
-__PK11_GetKeyData(PK11SymKey *symKey)
-{
- return &symKey->data;
-}
-
-SECItem *
-PK11_GetKeyData(PK11SymKey *symKey)
-{
- return __PK11_GetKeyData(symKey);
-}
-
-/*
- * take an attribute and copy it into a secitem, converting unsigned to signed.
- */
-static CK_RV
-pk11_Attr2SecItem(PRArenaPool *arena, CK_ATTRIBUTE *attr, SECItem *item) {
- unsigned char *dataPtr;
-
- item->len = attr->ulValueLen;
- dataPtr = (unsigned char*) PORT_ArenaAlloc(arena, item->len+1);
- if ( dataPtr == NULL) {
- return CKR_HOST_MEMORY;
- }
- *dataPtr = 0;
- item->data = dataPtr+1;
- PORT_Memcpy(item->data,attr->pValue,item->len);
- if (item->data[0] & 0x80) {
- item->data = item->data-1;
- item->len++;
- }
- return CKR_OK;
-}
-/*
- * extract a public key from a slot and id
- */
-SECKEYPublicKey *
-PK11_ExtractPublicKey(PK11SlotInfo *slot,KeyType keyType,CK_OBJECT_HANDLE id)
-{
- CK_OBJECT_CLASS keyClass = CKO_PUBLIC_KEY;
- PRArenaPool *arena;
- PRArenaPool *tmp_arena;
- SECKEYPublicKey *pubKey;
- int templateCount = 0;
- CK_KEY_TYPE pk11KeyType;
- CK_RV crv;
- CK_ATTRIBUTE template[8];
- CK_ATTRIBUTE *attrs= template;
- CK_ATTRIBUTE *modulus,*exponent,*base,*prime,*subprime,*value;
-
- /* if we didn't know the key type, get it */
- if (keyType== nullKey) {
-
- pk11KeyType = PK11_ReadULongAttribute(slot,id,CKA_KEY_TYPE);
- if (pk11KeyType == CK_UNAVAILABLE_INFORMATION) {
- return NULL;
- }
- switch (pk11KeyType) {
- case CKK_RSA:
- keyType = rsaKey;
- break;
- case CKK_DSA:
- keyType = dsaKey;
- break;
- case CKK_DH:
- keyType = dhKey;
- break;
- default:
- PORT_SetError( SEC_ERROR_BAD_KEY );
- return NULL;
- }
- }
-
-
- /* now we need to create space for the public key */
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return NULL;
- tmp_arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (tmp_arena == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
-
- pubKey = (SECKEYPublicKey *)
- PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
- if (pubKey == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- PORT_FreeArena (tmp_arena, PR_FALSE);
- return NULL;
- }
-
- pubKey->arena = arena;
- pubKey->keyType = keyType;
- pubKey->pkcs11Slot = PK11_ReferenceSlot(slot);
- pubKey->pkcs11ID = id;
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass,
- sizeof(keyClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &pk11KeyType,
- sizeof(pk11KeyType) ); attrs++;
- switch (pubKey->keyType) {
- case rsaKey:
- modulus = attrs;
- PK11_SETATTRS(attrs, CKA_MODULUS, NULL, 0); attrs++;
- exponent = attrs;
- PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT, NULL, 0); attrs++;
-
- templateCount = attrs - template;
- PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
- crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
- if (crv != CKR_OK) break;
-
- if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_RSA)) {
- crv = CKR_OBJECT_HANDLE_INVALID;
- break;
- }
- crv = pk11_Attr2SecItem(arena,modulus,&pubKey->u.rsa.modulus);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,exponent,&pubKey->u.rsa.publicExponent);
- if (crv != CKR_OK) break;
- break;
- case dsaKey:
- prime = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, NULL, 0); attrs++;
- subprime = attrs;
- PK11_SETATTRS(attrs, CKA_SUBPRIME, NULL, 0); attrs++;
- base = attrs;
- PK11_SETATTRS(attrs, CKA_BASE, NULL, 0); attrs++;
- value = attrs;
- PK11_SETATTRS(attrs, CKA_VALUE, NULL, 0); attrs++;
- templateCount = attrs - template;
- PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
- crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
- if (crv != CKR_OK) break;
-
- if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_DSA)) {
- crv = CKR_OBJECT_HANDLE_INVALID;
- break;
- }
- crv = pk11_Attr2SecItem(arena,prime,&pubKey->u.dsa.params.prime);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,subprime,&pubKey->u.dsa.params.subPrime);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,base,&pubKey->u.dsa.params.base);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,value,&pubKey->u.dsa.publicValue);
- if (crv != CKR_OK) break;
- break;
- case dhKey:
- prime = attrs;
- PK11_SETATTRS(attrs, CKA_PRIME, NULL, 0); attrs++;
- base = attrs;
- PK11_SETATTRS(attrs, CKA_BASE, NULL, 0); attrs++;
- value =attrs;
- PK11_SETATTRS(attrs, CKA_VALUE, NULL, 0); attrs++;
- templateCount = attrs - template;
- PR_ASSERT(templateCount <= sizeof(template)/sizeof(CK_ATTRIBUTE));
- crv = PK11_GetAttributes(tmp_arena,slot,id,template,templateCount);
- if (crv != CKR_OK) break;
-
- if ((keyClass != CKO_PUBLIC_KEY) || (pk11KeyType != CKK_DH)) {
- crv = CKR_OBJECT_HANDLE_INVALID;
- break;
- }
- crv = pk11_Attr2SecItem(arena,prime,&pubKey->u.dh.prime);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,base,&pubKey->u.dh.base);
- if (crv != CKR_OK) break;
- crv = pk11_Attr2SecItem(arena,value,&pubKey->u.dh.publicValue);
- if (crv != CKR_OK) break;
- break;
- case fortezzaKey:
- case nullKey:
- default:
- crv = CKR_OBJECT_HANDLE_INVALID;
- break;
- }
-
- PORT_FreeArena(tmp_arena,PR_FALSE);
-
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- PK11_FreeSlot(slot);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
-
- return pubKey;
-}
-
-/*
- * Build a Private Key structure from raw PKCS #11 information.
- */
-SECKEYPrivateKey *
-PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
- PRBool isTemp, CK_OBJECT_HANDLE privID, void *wincx)
-{
- PRArenaPool *arena;
- SECKEYPrivateKey *privKey;
-
- /* don't know? look it up */
- if (keyType == nullKey) {
- CK_KEY_TYPE pk11Type = CKK_RSA;
-
- pk11Type = PK11_ReadULongAttribute(slot,privID,CKA_KEY_TYPE);
- isTemp = (PRBool)!PK11_HasAttributeSet(slot,privID,CKA_TOKEN);
- switch (pk11Type) {
- case CKK_RSA: keyType = rsaKey; break;
- case CKK_DSA: keyType = dsaKey; break;
- case CKK_DH: keyType = dhKey; break;
- case CKK_KEA: keyType = fortezzaKey; break;
- default:
- break;
- }
- }
-
- /* now we need to create space for the private key */
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return NULL;
-
- privKey = (SECKEYPrivateKey *)
- PORT_ArenaZAlloc(arena, sizeof(SECKEYPrivateKey));
- if (privKey == NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
- }
-
- privKey->arena = arena;
- privKey->keyType = keyType;
- privKey->pkcs11Slot = PK11_ReferenceSlot(slot);
- privKey->pkcs11ID = privID;
- privKey->pkcs11IsTemp = isTemp;
- privKey->wincx = wincx;
-
- return privKey;
-}
-
-/* return the keylength if possible. '0' if not */
-unsigned int
-PK11_GetKeyLength(PK11SymKey *key)
-{
- if (key->size != 0) return key->size ;
- if (key->data.data == NULL) {
- PK11_ExtractKeyValue(key);
- }
- /* key is probably secret. Look up it's type and length */
- /* this is new PKCS #11 version 2.0 functionality. */
- if (key->size == 0) {
- CK_ULONG keyLength;
-
- keyLength = PK11_ReadULongAttribute(key->slot,key->objectID,CKA_VALUE_LEN);
- /* doesn't have a length field, check the known PKCS #11 key types,
- * which don't have this field */
- if (keyLength == CK_UNAVAILABLE_INFORMATION) {
- CK_KEY_TYPE keyType;
- keyType = PK11_ReadULongAttribute(key->slot,key->objectID,CKA_KEY_TYPE);
- switch (keyType) {
- case CKK_DES: key->size = 8; break;
- case CKK_DES2: key->size = 16; break;
- case CKK_DES3: key->size = 24; break;
- case CKK_SKIPJACK: key->size = 10; break;
- case CKK_BATON: key->size = 20; break;
- case CKK_JUNIPER: key->size = 20; break;
- case CKK_GENERIC_SECRET:
- if (key->type == CKM_SSL3_PRE_MASTER_KEY_GEN) {
- key->size=48;
- }
- break;
- default: break;
- }
- } else {
- key->size = (unsigned int)keyLength;
- }
- }
-
- return key->size;
-}
-
-/* return the strength of a key. This is different from length in that
- * 1) it returns the size in bits, and 2) it returns only the secret portions
- * of the key minus any checksums or parity.
- */
-unsigned int
-PK11_GetKeyStrength(PK11SymKey *key, SECAlgorithmID *algid)
-{
- int size=0;
- CK_MECHANISM_TYPE mechanism= CKM_INVALID_MECHANISM; /* RC2 only */
- SECItem *param = NULL; /* RC2 only */
- CK_RC2_CBC_PARAMS *rc2_params = NULL; /* RC2 ONLY */
- unsigned int effectiveBits = 0; /* RC2 ONLY */
-
- switch (PK11_GetKeyType(key->type,0)) {
- case CKK_CDMF:
- return 40;
- case CKK_DES:
- return 56;
- case CKK_DES3:
- case CKK_DES2:
- size = PK11_GetKeyLength(key);
- if (size == 16) {
- /* double des */
- return 112; /* 16*7 */
- }
- return 168;
- /*
- * RC2 has is different than other ciphers in that it allows the user
- * to deprecating keysize while still requiring all the bits for the
- * original key. The info
- * on what the effective key strength is in the parameter for the key.
- * In S/MIME this parameter is stored in the DER encoded algid. In Our
- * other uses of RC2, effectiveBits == keyBits, so this code functions
- * correctly without an algid.
- */
- case CKK_RC2:
- /* if no algid was provided, fall through to default */
- if (!algid) {
- break;
- }
- /* verify that the algid is for RC2 */
- mechanism = PK11_AlgtagToMechanism(SECOID_GetAlgorithmTag(algid));
- if ((mechanism != CKM_RC2_CBC) && (mechanism != CKM_RC2_ECB)) {
- break;
- }
-
- /* now get effective bits from the algorithm ID. */
- param = PK11_ParamFromAlgid(algid);
- /* if we couldn't get memory just use key length */
- if (param == NULL) {
- break;
- }
-
- rc2_params = (CK_RC2_CBC_PARAMS *) param->data;
- /* paranoia... shouldn't happen */
- PORT_Assert(param->data != NULL);
- if (param->data == NULL) {
- SECITEM_FreeItem(param,PR_TRUE);
- break;
- }
- effectiveBits = (unsigned int)rc2_params->ulEffectiveBits;
- SECITEM_FreeItem(param,PR_TRUE);
- param = NULL; rc2_params=NULL; /* paranoia */
-
- /* we have effective bits, is and allocated memory is free, now
- * we need to return the smaller of effective bits and keysize */
- size = PK11_GetKeyLength(key);
- if ((unsigned int)size*8 > effectiveBits) {
- return effectiveBits;
- }
-
- return size*8; /* the actual key is smaller, the strength can't be
- * greater than the actual key size */
-
- default:
- break;
- }
- return PK11_GetKeyLength(key) * 8;
-}
-
-/* Make a Key type to an appropriate signing/verification mechanism */
-static CK_MECHANISM_TYPE
-pk11_mapSignKeyType(KeyType keyType)
-{
- switch (keyType) {
- case rsaKey:
- return CKM_RSA_PKCS;
- case fortezzaKey:
- case dsaKey:
- return CKM_DSA;
- case dhKey:
- default:
- break;
- }
- return CKM_INVALID_MECHANISM;
-}
-
-static CK_MECHANISM_TYPE
-pk11_mapWrapKeyType(KeyType keyType)
-{
- switch (keyType) {
- case rsaKey:
- return CKM_RSA_PKCS;
- /* Add fortezza?? */
- default:
- break;
- }
- return CKM_INVALID_MECHANISM;
-}
-
-/*
- * Some non-compliant PKCS #11 vendors do not give us the modulus, so actually
- * set up a signature to get the signaure length.
- */
-static int
-pk11_backupGetSignLength(SECKEYPrivateKey *key)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_MECHANISM mech = {0, NULL, 0 };
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_ULONG len;
- CK_RV crv;
- unsigned char h_data[20] = { 0 };
- unsigned char buf[20]; /* obviously to small */
- CK_ULONG smallLen = sizeof(buf);
-
- mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_SignInit(session,&mech,key->pkcs11ID);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return -1;
- }
- len = 0;
- crv = PK11_GETTAB(slot)->C_Sign(session,h_data,sizeof(h_data),
- NULL, &len);
- /* now call C_Sign with too small a buffer to clear the session state */
- (void) PK11_GETTAB(slot)->
- C_Sign(session,h_data,sizeof(h_data),buf,&smallLen);
-
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return -1;
- }
- return len;
-}
-/*
- * get the length of a signature object based on the key
- */
-int
-PK11_SignatureLen(SECKEYPrivateKey *key)
-{
- int val;
-
- switch (key->keyType) {
- case rsaKey:
- val = PK11_GetPrivateModulusLen(key);
- if (val == -1) {
- return pk11_backupGetSignLength(key);
- }
- return (unsigned long) val;
-
- case fortezzaKey:
- case dsaKey:
- return 40;
-
- default:
- break;
- }
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- return 0;
-}
-
-PK11SlotInfo *
-PK11_GetSlotFromPrivateKey(SECKEYPrivateKey *key)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- slot = PK11_ReferenceSlot(slot);
- return slot;
-}
-
-/*
- * Get the modulus length for raw parsing
- */
-int
-PK11_GetPrivateModulusLen(SECKEYPrivateKey *key)
-{
- CK_ATTRIBUTE theTemplate = { CKA_MODULUS, NULL, 0 };
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_RV crv;
- int length;
-
- switch (key->keyType) {
- case rsaKey:
- crv = PK11_GetAttributes(NULL, slot, key->pkcs11ID, &theTemplate, 1);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return -1;
- }
- length = theTemplate.ulValueLen;
- if ( *(unsigned char *)theTemplate.pValue == 0) {
- length--;
- }
- if (theTemplate.pValue != NULL)
- PORT_Free(theTemplate.pValue);
- return (int) length;
-
- case fortezzaKey:
- case dsaKey:
- case dhKey:
- default:
- break;
- }
- if (theTemplate.pValue != NULL)
- PORT_Free(theTemplate.pValue);
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- return -1;
-}
-
-/*
- * copy a key (or any other object) on a token
- */
-CK_OBJECT_HANDLE
-PK11_CopyKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE srcObject)
-{
- CK_OBJECT_HANDLE destObject;
- CK_RV crv;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_CopyObject(slot->session,srcObject,NULL,0,
- &destObject);
- PK11_ExitSlotMonitor(slot);
- if (crv == CKR_OK) return destObject;
- PORT_SetError( PK11_MapError(crv) );
- return CK_INVALID_HANDLE;
-}
-
-
-PK11SymKey *
-pk11_KeyExchange(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
-
-/*
- * The next two utilities are to deal with the fact that a given operation
- * may be a multi-slot affair. This creates a new key object that is copied
- * into the new slot.
- */
-PK11SymKey *
-pk11_CopyToSlot(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey)
-{
- SECStatus rv;
- PK11SymKey *newKey = NULL;
-
- /* Extract the raw key data if possible */
- if (symKey->data.data == NULL) {
- rv = PK11_ExtractKeyValue(symKey);
- /* KEY is sensitive, we're try key exchanging it. */
- if (rv != SECSuccess) {
- return pk11_KeyExchange(slot, type, operation, symKey);
- }
- }
- newKey = PK11_ImportSymKey(slot, type, symKey->origin, operation,
- &symKey->data, symKey->cx);
- if (newKey == NULL) newKey = pk11_KeyExchange(slot,type,operation,symKey);
- return newKey;
-}
-
-/*
- * Make sure the slot we are in the correct slot for the operation
- */
-static PK11SymKey *
-pk11_ForceSlot(PK11SymKey *symKey,CK_MECHANISM_TYPE type,
- CK_ATTRIBUTE_TYPE operation)
-{
- PK11SlotInfo *slot = symKey->slot;
- PK11SymKey *newKey = NULL;
-
- if ((slot== NULL) || !PK11_DoesMechanism(slot,type)) {
- slot = PK11_GetBestSlot(type,symKey->cx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
- newKey = pk11_CopyToSlot(slot, type, operation, symKey);
- PK11_FreeSlot(slot);
- }
- return newKey;
-}
-
-/*
- * Use the token to Generate a key. keySize must be 'zero' for fixed key
- * length algorithms. NOTE: this means we can never generate a DES2 key
- * from this interface!
- */
-PK11SymKey *
-PK11_TokenKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
- int keySize, SECItem *keyid, PRBool isToken, void *wincx)
-{
- PK11SymKey *symKey;
- CK_ATTRIBUTE genTemplate[5];
- CK_ATTRIBUTE *attrs = genTemplate;
- int count = sizeof(genTemplate)/sizeof(genTemplate[0]);
- CK_SESSION_HANDLE session;
- CK_MECHANISM mechanism;
- CK_RV crv;
- PRBool weird = PR_FALSE; /* hack for fortezza */
- CK_BBOOL cktrue = CK_TRUE;
- CK_ULONG ck_key_size; /* only used for variable-length keys */
-
- if ((keySize == -1) && (type == CKM_SKIPJACK_CBC64)) {
- weird = PR_TRUE;
- keySize = 0;
- }
-
- /* TNH: Isn't this redundant, since "handleKey" will set defaults? */
- PK11_SETATTRS(attrs, (!weird)
- ? CKA_ENCRYPT : CKA_DECRYPT, &cktrue, sizeof(CK_BBOOL)); attrs++;
-
- if (keySize != 0) {
- ck_key_size = keySize; /* Convert to PK11 type */
-
- PK11_SETATTRS(attrs, CKA_VALUE_LEN, &ck_key_size, sizeof(ck_key_size));
- attrs++;
- }
-
- /* Include key id value if provided */
- if (keyid) {
- PK11_SETATTRS(attrs, CKA_ID, keyid->data, keyid->len); attrs++;
- }
-
- if (isToken) {
- PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue)); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIVATE, &cktrue, sizeof(cktrue)); attrs++;
- }
-
- PK11_SETATTRS(attrs, CKA_SIGN, &cktrue, sizeof(cktrue)); attrs++;
-
- count = attrs - genTemplate;
- PR_ASSERT(count <= sizeof(genTemplate)/sizeof(CK_ATTRIBUTE));
-
- /* find a slot to generate the key into */
- /* Only do slot management if this is not a token key */
- if (!isToken && (slot == NULL || !PK11_DoesMechanism(slot,type))) {
- PK11SlotInfo *bestSlot;
-
- bestSlot = PK11_GetBestSlot(type,wincx); /* TNH: references the slot? */
- if (bestSlot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
-
- symKey = PK11_CreateSymKey(bestSlot,type,wincx);
-
- PK11_FreeSlot(bestSlot);
- } else {
- symKey = PK11_CreateSymKey(slot, type, wincx);
- }
- if (symKey == NULL) return NULL;
-
- symKey->size = keySize;
- symKey->origin = (!weird) ? PK11_OriginGenerated : PK11_OriginFortezzaHack;
-
- /* Initialize the Key Gen Mechanism */
- mechanism.mechanism = PK11_GetKeyGen(type);
- if (mechanism.mechanism == CKM_FAKE_RANDOM) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
-
- /* Set the parameters for the key gen if provided */
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- if (param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- }
-
- /* Get session and perform locking */
- if (isToken) {
- PK11_Authenticate(symKey->slot,PR_TRUE,wincx);
- session = PK11_GetRWSession(symKey->slot); /* Should always be original slot */
- } else {
- session = symKey->session;
- pk11_EnterKeyMonitor(symKey);
- }
-
- crv = PK11_GETTAB(symKey->slot)->C_GenerateKey(session,
- &mechanism, genTemplate, count, &symKey->objectID);
-
- /* Release lock and session */
- if (isToken) {
- PK11_RestoreROSession(symKey->slot, session);
- } else {
- pk11_ExitKeyMonitor(symKey);
- }
-
- if (crv != CKR_OK) {
- PK11_FreeSymKey(symKey);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
-
- return symKey;
-}
-
-PK11SymKey *
-PK11_KeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
- int keySize, void *wincx)
-{
- return PK11_TokenKeyGen(slot, type, param, keySize, 0, PR_FALSE, wincx);
-}
-
-/* --- */
-PK11SymKey *
-PK11_GenDES3TokenKey(PK11SlotInfo *slot, SECItem *keyid, void *cx)
-{
- return PK11_TokenKeyGen(slot, CKM_DES3_CBC, 0, 0, keyid, PR_TRUE, cx);
-}
-
-/*
- * PKCS #11 pairwise consistency check utilized to validate key pair.
- */
-static SECStatus
-pk11_PairwiseConsistencyCheck(SECKEYPublicKey *pubKey,
- SECKEYPrivateKey *privKey, CK_MECHANISM *mech, void* wincx )
-{
- /* Variables used for Encrypt/Decrypt functions. */
- unsigned char *known_message = (unsigned char *)"Known Crypto Message";
- CK_BBOOL isEncryptable = CK_FALSE;
- CK_BBOOL canSignVerify = CK_FALSE;
- CK_BBOOL isDerivable = CK_FALSE;
- unsigned char plaintext[PAIRWISE_MESSAGE_LENGTH];
- CK_ULONG bytes_decrypted;
- PK11SlotInfo *slot;
- CK_OBJECT_HANDLE id;
- unsigned char *ciphertext;
- unsigned char *text_compared;
- CK_ULONG max_bytes_encrypted;
- CK_ULONG bytes_encrypted;
- CK_ULONG bytes_compared;
- CK_RV crv;
-
- /* Variables used for Signature/Verification functions. */
- unsigned char *known_digest = (unsigned char *)"Mozilla Rules World!";
- SECItem signature;
- SECItem digest; /* always uses SHA-1 digest */
- int signature_length;
- SECStatus rv;
-
- /**************************************************/
- /* Pairwise Consistency Check of Encrypt/Decrypt. */
- /**************************************************/
-
- isEncryptable = PK11_HasAttributeSet( privKey->pkcs11Slot,
- privKey->pkcs11ID, CKA_DECRYPT );
-
- /* If the encryption attribute is set; attempt to encrypt */
- /* with the public key and decrypt with the private key. */
- if( isEncryptable ) {
- /* Find a module to encrypt against */
- slot = PK11_GetBestSlot(pk11_mapWrapKeyType(privKey->keyType),wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
-
- id = PK11_ImportPublicKey(slot,pubKey,PR_FALSE);
- if (id == CK_INVALID_HANDLE) {
- PK11_FreeSlot(slot);
- return SECFailure;
- }
-
- /* Compute max bytes encrypted from modulus length of private key. */
- max_bytes_encrypted = PK11_GetPrivateModulusLen( privKey );
-
-
- /* Prepare for encryption using the public key. */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB( slot )->C_EncryptInit( slot->session,
- mech, id );
- if( crv != CKR_OK ) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError( crv ) );
- PK11_FreeSlot(slot);
- return SECFailure;
- }
-
- /* Allocate space for ciphertext. */
- ciphertext = (unsigned char *) PORT_Alloc( max_bytes_encrypted );
- if( ciphertext == NULL ) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- PK11_FreeSlot(slot);
- return SECFailure;
- }
-
- /* Initialize bytes encrypted to max bytes encrypted. */
- bytes_encrypted = max_bytes_encrypted;
-
- /* Encrypt using the public key. */
- crv = PK11_GETTAB( slot )->C_Encrypt( slot->session,
- known_message,
- PAIRWISE_MESSAGE_LENGTH,
- ciphertext,
- &bytes_encrypted );
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- if( crv != CKR_OK ) {
- PORT_SetError( PK11_MapError( crv ) );
- PORT_Free( ciphertext );
- return SECFailure;
- }
-
- /* Always use the smaller of these two values . . . */
- bytes_compared = ( bytes_encrypted > PAIRWISE_MESSAGE_LENGTH )
- ? PAIRWISE_MESSAGE_LENGTH
- : bytes_encrypted;
-
- /* If there was a failure, the plaintext */
- /* goes at the end, therefore . . . */
- text_compared = ( bytes_encrypted > PAIRWISE_MESSAGE_LENGTH )
- ? (ciphertext + bytes_encrypted -
- PAIRWISE_MESSAGE_LENGTH )
- : ciphertext;
-
- /* Check to ensure that ciphertext does */
- /* NOT EQUAL known input message text */
- /* per FIPS PUB 140-1 directive. */
- if( ( bytes_encrypted != max_bytes_encrypted ) ||
- ( PORT_Memcmp( text_compared, known_message,
- bytes_compared ) == 0 ) ) {
- /* Set error to Invalid PRIVATE Key. */
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- PORT_Free( ciphertext );
- return SECFailure;
- }
-
- slot = privKey->pkcs11Slot;
- /* Prepare for decryption using the private key. */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB( slot )->C_DecryptInit( slot->session,
- mech,
- privKey->pkcs11ID );
- if( crv != CKR_OK ) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- PORT_Free( ciphertext );
- PK11_FreeSlot(slot);
- return SECFailure;
- }
-
- /* Initialize bytes decrypted to be the */
- /* expected PAIRWISE_MESSAGE_LENGTH. */
- bytes_decrypted = PAIRWISE_MESSAGE_LENGTH;
-
- /* Decrypt using the private key. */
- /* NOTE: No need to reset the */
- /* value of bytes_encrypted. */
- crv = PK11_GETTAB( slot )->C_Decrypt( slot->session,
- ciphertext,
- bytes_encrypted,
- plaintext,
- &bytes_decrypted );
- PK11_ExitSlotMonitor(slot);
-
- /* Finished with ciphertext; free it. */
- PORT_Free( ciphertext );
-
- if( crv != CKR_OK ) {
- PORT_SetError( PK11_MapError(crv) );
- PK11_FreeSlot(slot);
- return SECFailure;
- }
-
- /* Check to ensure that the output plaintext */
- /* does EQUAL known input message text. */
- if( ( bytes_decrypted != PAIRWISE_MESSAGE_LENGTH ) ||
- ( PORT_Memcmp( plaintext, known_message,
- PAIRWISE_MESSAGE_LENGTH ) != 0 ) ) {
- /* Set error to Bad PUBLIC Key. */
- PORT_SetError( SEC_ERROR_BAD_KEY );
- PK11_FreeSlot(slot);
- return SECFailure;
- }
- }
-
- /**********************************************/
- /* Pairwise Consistency Check of Sign/Verify. */
- /**********************************************/
-
- canSignVerify = PK11_HasAttributeSet ( privKey->pkcs11Slot,
- privKey->pkcs11ID, CKA_SIGN);
-
- if (canSignVerify)
- {
- /* Initialize signature and digest data. */
- signature.data = NULL;
- digest.data = NULL;
-
- /* Determine length of signature. */
- signature_length = PK11_SignatureLen( privKey );
- if( signature_length == 0 )
- goto failure;
-
- /* Allocate space for signature data. */
- signature.data = (unsigned char *) PORT_Alloc( signature_length );
- if( signature.data == NULL ) {
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- goto failure;
- }
-
- /* Allocate space for known digest data. */
- digest.data = (unsigned char *) PORT_Alloc( PAIRWISE_DIGEST_LENGTH );
- if( digest.data == NULL ) {
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- goto failure;
- }
-
- /* "Fill" signature type and length. */
- signature.type = PAIRWISE_SECITEM_TYPE;
- signature.len = signature_length;
-
- /* "Fill" digest with known SHA-1 digest parameters. */
- digest.type = PAIRWISE_SECITEM_TYPE;
- PORT_Memcpy( digest.data, known_digest, PAIRWISE_DIGEST_LENGTH );
- digest.len = PAIRWISE_DIGEST_LENGTH;
-
- /* Sign the known hash using the private key. */
- rv = PK11_Sign( privKey, &signature, &digest );
- if( rv != SECSuccess )
- goto failure;
-
- /* Verify the known hash using the public key. */
- rv = PK11_Verify( pubKey, &signature, &digest, wincx );
- if( rv != SECSuccess )
- goto failure;
-
- /* Free signature and digest data. */
- PORT_Free( signature.data );
- PORT_Free( digest.data );
- }
-
-
-
- /**********************************************/
- /* Pairwise Consistency Check for Derivation */
- /**********************************************/
-
- isDerivable = PK11_HasAttributeSet ( privKey->pkcs11Slot,
- privKey->pkcs11ID, CKA_DERIVE);
-
- if (isDerivable)
- {
- /*
- * We are not doing consistency check for Diffie-Hellman Key -
- * otherwise it would be here
- */
-
- }
-
- return SECSuccess;
-
-failure:
- if( signature.data != NULL )
- PORT_Free( signature.data );
- if( digest.data != NULL )
- PORT_Free( digest.data );
-
- return SECFailure;
-}
-
-
-
-/*
- * take a private key in one pkcs11 module and load it into another:
- * NOTE: the source private key is a rare animal... it can't be sensitive.
- * This is used to do a key gen using one pkcs11 module and storing the
- * result into another.
- */
-SECKEYPrivateKey *
-pk11_loadPrivKey(PK11SlotInfo *slot,SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey, PRBool token, PRBool sensitive)
-{
- CK_ATTRIBUTE privTemplate[] = {
- /* class must be first */
- { CKA_CLASS, NULL, 0 },
- { CKA_KEY_TYPE, NULL, 0 },
- /* these three must be next */
- { CKA_TOKEN, NULL, 0 },
- { CKA_PRIVATE, NULL, 0 },
- { CKA_SENSITIVE, NULL, 0 },
- { CKA_ID, NULL, 0 },
-#ifdef notdef
- { CKA_LABEL, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
-#endif
- /* RSA */
- { CKA_MODULUS, NULL, 0 },
- { CKA_PRIVATE_EXPONENT, NULL, 0 },
- { CKA_PUBLIC_EXPONENT, NULL, 0 },
- { CKA_PRIME_1, NULL, 0 },
- { CKA_PRIME_2, NULL, 0 },
- { CKA_EXPONENT_1, NULL, 0 },
- { CKA_EXPONENT_2, NULL, 0 },
- { CKA_COEFFICIENT, NULL, 0 },
- };
- CK_ATTRIBUTE *attrs = NULL, *ap;
- int templateSize = sizeof(privTemplate)/sizeof(privTemplate[0]);
- PRArenaPool *arena;
- CK_OBJECT_HANDLE objectID;
- int i, count = 0;
- int extra_count = 0;
- CK_RV crv;
- SECStatus rv;
-
- for (i=0; i < templateSize; i++) {
- if (privTemplate[i].type == CKA_MODULUS) {
- attrs= &privTemplate[i];
- count = i;
- break;
- }
- }
- PORT_Assert(attrs != NULL);
- if (attrs == NULL) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return NULL;
- }
-
- ap = attrs;
-
- switch (privKey->keyType) {
- case rsaKey:
- count = templateSize;
- extra_count = templateSize - (attrs - privTemplate);
- break;
- case dsaKey:
- ap->type = CKA_PRIME; ap++; count++; extra_count++;
- ap->type = CKA_SUBPRIME; ap++; count++; extra_count++;
- ap->type = CKA_BASE; ap++; count++; extra_count++;
- ap->type = CKA_VALUE; ap++; count++; extra_count++;
- break;
- case dhKey:
- ap->type = CKA_PRIME; ap++; count++; extra_count++;
- ap->type = CKA_BASE; ap++; count++; extra_count++;
- ap->type = CKA_VALUE; ap++; count++; extra_count++;
- break;
- default:
- count = 0;
- extra_count = 0;
- break;
- }
-
- if (count == 0) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return NULL;
- }
-
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return NULL;
- /*
- * read out the old attributes.
- */
- crv = PK11_GetAttributes(arena, privKey->pkcs11Slot, privKey->pkcs11ID,
- privTemplate,count);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- PORT_FreeArena(arena, PR_TRUE);
- return NULL;
- }
-
- /* Reset sensitive, token, and private */
- *(CK_BBOOL *)(privTemplate[2].pValue) = token ? CK_TRUE : CK_FALSE;
- *(CK_BBOOL *)(privTemplate[3].pValue) = token ? CK_TRUE : CK_FALSE;
- *(CK_BBOOL *)(privTemplate[4].pValue) = sensitive ? CK_TRUE : CK_FALSE;
-
- /* Not everyone can handle zero padded key values, give
- * them the raw data as unsigned */
- for (ap=attrs; extra_count; ap++, extra_count--) {
- pk11_SignedToUnsigned(ap);
- }
-
- /* now Store the puppies */
- rv = PK11_CreateNewObject(slot, CK_INVALID_SESSION, privTemplate,
- count, token, &objectID);
- PORT_FreeArena(arena, PR_TRUE);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- /* try loading the public key as a token object */
- if (pubKey) {
- PK11_ImportPublicKey(slot, pubKey, PR_TRUE);
- if (pubKey->pkcs11Slot) {
- PK11_FreeSlot(pubKey->pkcs11Slot);
- pubKey->pkcs11Slot = NULL;
- pubKey->pkcs11ID = CK_INVALID_HANDLE;
- }
- }
-
- /* build new key structure */
- return PK11_MakePrivKey(slot, privKey->keyType, (PRBool)!token,
- objectID, privKey->wincx);
-}
-
-/*
- * export this for PSM
- */
-SECKEYPrivateKey *
-PK11_LoadPrivKey(PK11SlotInfo *slot,SECKEYPrivateKey *privKey,
- SECKEYPublicKey *pubKey, PRBool token, PRBool sensitive)
-{
- return pk11_loadPrivKey(slot,privKey,pubKey,token,sensitive);
-}
-
-
-/*
- * Use the token to Generate a key. keySize must be 'zero' for fixed key
- * length algorithms. NOTE: this means we can never generate a DES2 key
- * from this interface!
- */
-SECKEYPrivateKey *
-PK11_GenerateKeyPair(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
- void *param, SECKEYPublicKey **pubKey, PRBool token,
- PRBool sensitive, void *wincx)
-{
- /* we have to use these native types because when we call PKCS 11 modules
- * we have to make sure that we are using the correct sizes for all the
- * parameters. */
- CK_BBOOL ckfalse = CK_FALSE;
- CK_BBOOL cktrue = CK_TRUE;
- CK_ULONG modulusBits;
- CK_BYTE publicExponent[4];
- CK_ATTRIBUTE privTemplate[] = {
- { CKA_SENSITIVE, NULL, 0},
- { CKA_TOKEN, NULL, 0},
- { CKA_PRIVATE, NULL, 0},
- { CKA_DERIVE, NULL, 0},
- { CKA_UNWRAP, NULL, 0},
- { CKA_SIGN, NULL, 0},
- { CKA_DECRYPT, NULL, 0},
- };
- CK_ATTRIBUTE rsaPubTemplate[] = {
- { CKA_MODULUS_BITS, NULL, 0},
- { CKA_PUBLIC_EXPONENT, NULL, 0},
- { CKA_TOKEN, NULL, 0},
- { CKA_DERIVE, NULL, 0},
- { CKA_WRAP, NULL, 0},
- { CKA_VERIFY, NULL, 0},
- { CKA_VERIFY_RECOVER, NULL, 0},
- { CKA_ENCRYPT, NULL, 0},
- };
- CK_ATTRIBUTE dsaPubTemplate[] = {
- { CKA_PRIME, NULL, 0 },
- { CKA_SUBPRIME, NULL, 0 },
- { CKA_BASE, NULL, 0 },
- { CKA_TOKEN, NULL, 0},
- { CKA_DERIVE, NULL, 0},
- { CKA_WRAP, NULL, 0},
- { CKA_VERIFY, NULL, 0},
- { CKA_VERIFY_RECOVER, NULL, 0},
- { CKA_ENCRYPT, NULL, 0},
- };
- CK_ATTRIBUTE dhPubTemplate[] = {
- { CKA_PRIME, NULL, 0 },
- { CKA_BASE, NULL, 0 },
- { CKA_TOKEN, NULL, 0},
- { CKA_DERIVE, NULL, 0},
- { CKA_WRAP, NULL, 0},
- { CKA_VERIFY, NULL, 0},
- { CKA_VERIFY_RECOVER, NULL, 0},
- { CKA_ENCRYPT, NULL, 0},
- };
-
- int dsaPubCount = sizeof(dsaPubTemplate)/sizeof(dsaPubTemplate[0]);
- /*CK_ULONG key_size = 0;*/
- CK_ATTRIBUTE *pubTemplate;
- int privCount = sizeof(privTemplate)/sizeof(privTemplate[0]);
- int rsaPubCount = sizeof(rsaPubTemplate)/sizeof(rsaPubTemplate[0]);
- int dhPubCount = sizeof(dhPubTemplate)/sizeof(dhPubTemplate[0]);
- int pubCount = 0;
- PK11RSAGenParams *rsaParams;
- SECKEYPQGParams *dsaParams;
- SECKEYDHParams * dhParams;
- CK_MECHANISM mechanism;
- CK_MECHANISM test_mech;
- CK_SESSION_HANDLE session_handle;
- CK_RV crv;
- CK_OBJECT_HANDLE privID,pubID;
- SECKEYPrivateKey *privKey;
- KeyType keyType;
- PRBool restore;
- int peCount,i;
- CK_ATTRIBUTE *attrs;
- CK_ATTRIBUTE *privattrs;
- SECItem *pubKeyIndex;
- CK_ATTRIBUTE setTemplate;
- SECStatus rv;
- CK_MECHANISM_INFO mechanism_info;
- CK_OBJECT_CLASS keyClass;
- SECItem *cka_id;
- PRBool haslock = PR_FALSE;
- PRBool pubIsToken = PR_FALSE;
-
- PORT_Assert(slot != NULL);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE);
- return NULL;
- }
-
- /* if our slot really doesn't do this mechanism, Generate the key
- * in our internal token and write it out */
- if (!PK11_DoesMechanism(slot,type)) {
- PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
- /* don't loop forever looking for a slot */
- if (slot == int_slot) {
- PK11_FreeSlot(int_slot);
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return NULL;
- }
-
- /* if there isn't a suitable slot, then we can't do the keygen */
- if (int_slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
-
- /* generate the temporary key to load */
- privKey = PK11_GenerateKeyPair(int_slot,type, param, pubKey, PR_FALSE,
- PR_FALSE, wincx);
- PK11_FreeSlot(int_slot);
-
- /* if successful, load the temp key into the new token */
- if (privKey != NULL) {
- SECKEYPrivateKey *newPrivKey = pk11_loadPrivKey(slot,privKey,
- *pubKey,token,sensitive);
- SECKEY_DestroyPrivateKey(privKey);
- if (newPrivKey == NULL) {
- SECKEY_DestroyPublicKey(*pubKey);
- *pubKey = NULL;
- }
- return newPrivKey;
- }
- return NULL;
- }
-
-
- mechanism.mechanism = type;
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- test_mech.pParameter = NULL;
- test_mech.ulParameterLen = 0;
-
- /* set up the private key template */
- privattrs = privTemplate;
- PK11_SETATTRS(privattrs, CKA_SENSITIVE, sensitive ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_TOKEN, token ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_PRIVATE, sensitive ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
-
- /* set up the mechanism specific info */
- switch (type) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- rsaParams = (PK11RSAGenParams *)param;
- modulusBits = rsaParams->keySizeInBits;
- peCount = 0;
-
- /* convert pe to a PKCS #11 string */
- for (i=0; i < 4; i++) {
- if (peCount || (rsaParams->pe &
- ((unsigned long)0xff000000L >> (i*8)))) {
- publicExponent[peCount] =
- (CK_BYTE)((rsaParams->pe >> (3-i)*8) & 0xff);
- peCount++;
- }
- }
- PORT_Assert(peCount != 0);
- attrs = rsaPubTemplate;
- PK11_SETATTRS(attrs, CKA_MODULUS_BITS,
- &modulusBits, sizeof(modulusBits)); attrs++;
- PK11_SETATTRS(attrs, CKA_PUBLIC_EXPONENT,
- publicExponent, peCount);attrs++;
- pubTemplate = rsaPubTemplate;
- pubCount = rsaPubCount;
- keyType = rsaKey;
- test_mech.mechanism = CKM_RSA_PKCS;
- break;
- case CKM_DSA_KEY_PAIR_GEN:
- dsaParams = (SECKEYPQGParams *)param;
- attrs = dsaPubTemplate;
- PK11_SETATTRS(attrs, CKA_PRIME, dsaParams->prime.data,
- dsaParams->prime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_SUBPRIME, dsaParams->subPrime.data,
- dsaParams->subPrime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, dsaParams->base.data,
- dsaParams->base.len); attrs++;
- pubTemplate = dsaPubTemplate;
- pubCount = dsaPubCount;
- keyType = dsaKey;
- test_mech.mechanism = CKM_DSA;
- break;
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- dhParams = (SECKEYDHParams *)param;
- attrs = dhPubTemplate;
- PK11_SETATTRS(attrs, CKA_PRIME, dhParams->prime.data,
- dhParams->prime.len); attrs++;
- PK11_SETATTRS(attrs, CKA_BASE, dhParams->base.data,
- dhParams->base.len); attrs++;
- pubTemplate = dhPubTemplate;
- pubCount = dhPubCount;
- keyType = dhKey;
- test_mech.mechanism = CKM_DH_PKCS_DERIVE;
- break;
- default:
- PORT_SetError( SEC_ERROR_BAD_KEY );
- return NULL;
- }
-
- /* now query the slot to find out how "good" a key we can generate */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
- test_mech.mechanism,&mechanism_info);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if ((crv != CKR_OK) || (mechanism_info.flags == 0)) {
- /* must be old module... guess what it should be... */
- switch (test_mech.mechanism) {
- case CKM_RSA_PKCS:
- mechanism_info.flags = (CKF_SIGN | CKF_DECRYPT |
- CKF_WRAP | CKF_VERIFY_RECOVER | CKF_ENCRYPT | CKF_WRAP);;
- break;
- case CKM_DSA:
- mechanism_info.flags = CKF_SIGN | CKF_VERIFY;
- break;
- case CKM_DH_PKCS_DERIVE:
- mechanism_info.flags = CKF_DERIVE;
- break;
- default:
- break;
- }
- }
- /* set the public key objects */
- PK11_SETATTRS(attrs, CKA_TOKEN, token ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_DERIVE,
- mechanism_info.flags & CKF_DERIVE ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_WRAP,
- mechanism_info.flags & CKF_WRAP ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_VERIFY,
- mechanism_info.flags & CKF_VERIFY ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_VERIFY_RECOVER,
- mechanism_info.flags & CKF_VERIFY_RECOVER ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(attrs, CKA_ENCRYPT,
- mechanism_info.flags & CKF_ENCRYPT? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); attrs++;
- PK11_SETATTRS(privattrs, CKA_DERIVE,
- mechanism_info.flags & CKF_DERIVE ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_UNWRAP,
- mechanism_info.flags & CKF_UNWRAP ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_SIGN,
- mechanism_info.flags & CKF_SIGN ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
- PK11_SETATTRS(privattrs, CKA_DECRYPT,
- mechanism_info.flags & CKF_DECRYPT ? &cktrue : &ckfalse,
- sizeof(CK_BBOOL)); privattrs++;
-
- if (token) {
- session_handle = PK11_GetRWSession(slot);
- haslock = PK11_RWSessionHasLock(slot,session_handle);
- restore = PR_TRUE;
- } else {
- PK11_EnterSlotMonitor(slot); /* gross!! */
- session_handle = slot->session;
- restore = PR_FALSE;
- haslock = PR_TRUE;
- }
-
- crv = PK11_GETTAB(slot)->C_GenerateKeyPair(session_handle, &mechanism,
- pubTemplate,pubCount,privTemplate,privCount,&pubID,&privID);
-
-
- if (crv != CKR_OK) {
- if (restore) {
- PK11_RestoreROSession(slot,session_handle);
- } else PK11_ExitSlotMonitor(slot);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
- /* This locking code is dangerous and needs to be more thought
- * out... the real problem is that we're holding the mutex open this long
- */
- if (haslock) { PK11_ExitSlotMonitor(slot); }
-
- /* swap around the ID's for older PKCS #11 modules */
- keyClass = PK11_ReadULongAttribute(slot,pubID,CKA_CLASS);
- if (keyClass != CKO_PUBLIC_KEY) {
- CK_OBJECT_HANDLE tmp = pubID;
- pubID = privID;
- privID = tmp;
- }
-
- *pubKey = PK11_ExtractPublicKey(slot, keyType, pubID);
- if (*pubKey == NULL) {
- if (restore) {
- /* we may have to restore the mutex so it get's exited properly
- * in RestoreROSession */
- if (haslock) PK11_EnterSlotMonitor(slot);
- PK11_RestoreROSession(slot,session_handle);
- }
- PK11_DestroyObject(slot,pubID);
- PK11_DestroyObject(slot,privID);
- return NULL;
- }
-
- /* set the ID to the public key so we can find it again */
- pubKeyIndex = NULL;
- switch (type) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- pubKeyIndex = &(*pubKey)->u.rsa.modulus;
- break;
- case CKM_DSA_KEY_PAIR_GEN:
- pubKeyIndex = &(*pubKey)->u.dsa.publicValue;
- break;
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- pubKeyIndex = &(*pubKey)->u.dh.publicValue;
- break;
- }
- PORT_Assert(pubKeyIndex != NULL);
-
- cka_id = PK11_MakeIDFromPubKey(pubKeyIndex);
- pubIsToken = (PRBool)PK11_HasAttributeSet(slot,pubID, CKA_TOKEN);
-
- PK11_SETATTRS(&setTemplate, CKA_ID, cka_id->data, cka_id->len);
-
- if (haslock) { PK11_EnterSlotMonitor(slot); }
- crv = PK11_GETTAB(slot)->C_SetAttributeValue(session_handle, privID,
- &setTemplate, 1);
-
- if (crv == CKR_OK && pubIsToken) {
- crv = PK11_GETTAB(slot)->C_SetAttributeValue(session_handle, pubID,
- &setTemplate, 1);
- }
-
-
- if (restore) {
- PK11_RestoreROSession(slot,session_handle);
- } else {
- PK11_ExitSlotMonitor(slot);
- }
- SECITEM_FreeItem(cka_id,PR_TRUE);
-
-
- if (crv != CKR_OK) {
- PK11_DestroyObject(slot,pubID);
- PK11_DestroyObject(slot,privID);
- PORT_SetError( PK11_MapError(crv) );
- *pubKey = NULL;
- return NULL;
- }
-
- privKey = PK11_MakePrivKey(slot,keyType,(PRBool)!token,privID,wincx);
- if (privKey == NULL) {
- SECKEY_DestroyPublicKey(*pubKey);
- PK11_DestroyObject(slot,privID);
- *pubKey = NULL;
- return NULL; /* due to pairwise consistency check */
- }
-
- /* Perform PKCS #11 pairwise consistency check. */
- rv = pk11_PairwiseConsistencyCheck( *pubKey, privKey, &test_mech, wincx );
- if( rv != SECSuccess ) {
- SECKEY_DestroyPublicKey( *pubKey );
- SECKEY_DestroyPrivateKey( privKey );
- *pubKey = NULL;
- privKey = NULL;
- return NULL;
- }
-
- return privKey;
-}
-
-/*
- * This function does a straight public key wrap (which only RSA can do).
- * Use PK11_PubGenKey and PK11_WrapSymKey to implement the FORTEZZA and
- * Diffie-Hellman Ciphers. */
-SECStatus
-PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
- PK11SymKey *symKey, SECItem *wrappedKey)
-{
- PK11SlotInfo *slot;
- CK_ULONG len = wrappedKey->len;
- PK11SymKey *newKey = NULL;
- CK_OBJECT_HANDLE id;
- CK_MECHANISM mechanism;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- /* if this slot doesn't support the mechanism, go to a slot that does */
- newKey = pk11_ForceSlot(symKey,type,CKA_ENCRYPT);
- if (newKey != NULL) {
- symKey = newKey;
- }
-
- if ((symKey == NULL) || (symKey->slot == NULL)) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
-
- slot = symKey->slot;
- mechanism.mechanism = pk11_mapWrapKeyType(pubKey->keyType);
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
-
- id = PK11_ImportPublicKey(slot,pubKey,PR_FALSE);
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_WrapKey(session,&mechanism,
- id,symKey->objectID,wrappedKey->data,&len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- if (newKey) {
- PK11_FreeSymKey(newKey);
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- wrappedKey->len = len;
- return SECSuccess;
-}
-
-/*
- * this little function uses the Encrypt function to wrap a key, just in
- * case we have problems with the wrap implementation for a token.
- */
-static SECStatus
-pk11_HandWrap(PK11SymKey *wrappingKey, SECItem *param, CK_MECHANISM_TYPE type,
- SECItem *inKey, SECItem *outKey)
-{
- PK11SlotInfo *slot;
- CK_ULONG len;
- SECItem *data;
- CK_MECHANISM mech;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- slot = wrappingKey->slot;
- /* use NULL IV's for wrapping */
- mech.mechanism = type;
- if (param) {
- mech.pParameter = param->data;
- mech.ulParameterLen = param->len;
- } else {
- mech.pParameter = NULL;
- mech.ulParameterLen = 0;
- }
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_EncryptInit(session,&mech,
- wrappingKey->objectID);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
-
- /* keys are almost always aligned, but if we get this far,
- * we've gone above and beyond anyway... */
- data = PK11_BlockData(inKey,PK11_GetBlockSize(type,param));
- if (data == NULL) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- len = outKey->len;
- crv = PK11_GETTAB(slot)->C_Encrypt(session,data->data,data->len,
- outKey->data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- SECITEM_FreeItem(data,PR_TRUE);
- outKey->len = len;
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * This function does a symetric based wrap.
- */
-SECStatus
-PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *param,
- PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey)
-{
- PK11SlotInfo *slot;
- CK_ULONG len = wrappedKey->len;
- PK11SymKey *newKey = NULL;
- SECItem *param_save = NULL;
- CK_MECHANISM mechanism;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
- SECStatus rv;
-
- /* if this slot doesn't support the mechanism, go to a slot that does */
- /* Force symKey and wrappingKey into the same slot */
- if ((wrappingKey->slot == NULL) || (symKey->slot != wrappingKey->slot)) {
- /* first try copying the wrapping Key to the symKey slot */
- if (symKey->slot && PK11_DoesMechanism(symKey->slot,type)) {
- newKey = pk11_CopyToSlot(symKey->slot,type,CKA_WRAP,wrappingKey);
- }
- /* Nope, try it the other way */
- if (newKey == NULL) {
- if (wrappingKey->slot) {
- newKey = pk11_CopyToSlot(wrappingKey->slot,
- symKey->type, CKA_ENCRYPT, symKey);
- }
- /* just not playing... one last thing, can we get symKey's data?
- * If it's possible, we it should already be in the
- * symKey->data.data pointer because pk11_CopyToSlot would have
- * tried to put it there. */
- if (newKey == NULL) {
- /* Can't get symKey's data: Game Over */
- if (symKey->data.data == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
- if (param == NULL) {
- param_save = param = PK11_ParamFromIV(type,NULL);
- }
- rv = pk11_HandWrap(wrappingKey, param, type,
- &symKey->data,wrappedKey);
- if (param_save) SECITEM_FreeItem(param_save,PR_TRUE);
- return rv;
- }
- /* we successfully moved the sym Key */
- symKey = newKey;
- } else {
- /* we successfully moved the wrapping Key */
- wrappingKey = newKey;
- }
- }
-
- /* at this point both keys are in the same token */
- slot = wrappingKey->slot;
- mechanism.mechanism = type;
- /* use NULL IV's for wrapping */
- if (param == NULL) {
- param_save = param = PK11_ParamFromIV(type,NULL);
- }
- if (param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- } else {
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- }
-
- len = wrappedKey->len;
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_WrapKey(session, &mechanism,
- wrappingKey->objectID, symKey->objectID,
- wrappedKey->data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- rv = SECSuccess;
- if (crv != CKR_OK) {
- /* can't wrap it? try hand wrapping it... */
- do {
- if (symKey->data.data == NULL) {
- rv = PK11_ExtractKeyValue(symKey);
- if (rv != SECSuccess) break;
- }
- rv = pk11_HandWrap(wrappingKey, param, type, &symKey->data,
- wrappedKey);
- } while (PR_FALSE);
- } else {
- wrappedKey->len = len;
- }
- if (newKey) PK11_FreeSymKey(newKey);
- if (param_save) SECITEM_FreeItem(param_save,PR_TRUE);
- return rv;
-}
-
-/*
- * This Generates a new key based on a symetricKey
- */
-PK11SymKey *
-PK11_Derive( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive, SECItem *param,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize)
-{
- return pk11_DeriveWithTemplate(baseKey, derive, param, target, operation,
- keySize, NULL, 0);
-}
-
-#define MAX_TEMPL_ATTRS 16 /* maximum attributes in template */
-
-/* This mask includes all CK_FLAGs with an equivalent CKA_ attribute. */
-#define CKF_KEY_OPERATION_FLAGS 0x000e7b00UL
-
-static unsigned int
-pk11_FlagsToAttributes(CK_FLAGS flags, CK_ATTRIBUTE *attrs, CK_BBOOL *ckTrue)
-{
-
- const static CK_ATTRIBUTE_TYPE attrTypes[12] = {
- CKA_ENCRYPT, CKA_DECRYPT, 0 /* DIGEST */, CKA_SIGN,
- CKA_SIGN_RECOVER, CKA_VERIFY, CKA_VERIFY_RECOVER, 0 /* GEN */,
- 0 /* GEN PAIR */, CKA_WRAP, CKA_UNWRAP, CKA_DERIVE
- };
-
- const CK_ATTRIBUTE_TYPE *pType = attrTypes;
- CK_ATTRIBUTE *attr = attrs;
- CK_FLAGS test = CKF_ENCRYPT;
-
-
- PR_ASSERT(!(flags & ~CKF_KEY_OPERATION_FLAGS));
- flags &= CKF_KEY_OPERATION_FLAGS;
-
- for (; flags && test <= CKF_DERIVE; test <<= 1, ++pType) {
- if (test & flags) {
- flags ^= test;
- PK11_SETATTRS(attr, *pType, ckTrue, sizeof *ckTrue);
- ++attr;
- }
- }
- return (attr - attrs);
-}
-
-PK11SymKey *
-PK11_DeriveWithFlags( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
- SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize, CK_FLAGS flags)
-{
- CK_BBOOL ckTrue = CK_TRUE;
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- unsigned int templateCount;
-
- templateCount = pk11_FlagsToAttributes(flags, keyTemplate, &ckTrue);
- return pk11_DeriveWithTemplate(baseKey, derive, param, target, operation,
- keySize, keyTemplate, templateCount);
-}
-
-static PRBool
-pk11_FindAttrInTemplate(CK_ATTRIBUTE * attr,
- unsigned int numAttrs,
- CK_ATTRIBUTE_TYPE target)
-{
- for (; numAttrs > 0; ++attr, --numAttrs) {
- if (attr->type == target)
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static PK11SymKey *
-pk11_DeriveWithTemplate( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
- SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize, CK_ATTRIBUTE *userAttr, unsigned int numAttrs)
-{
- PK11SlotInfo * slot = baseKey->slot;
- PK11SymKey * symKey;
- PK11SymKey * newBaseKey = NULL;
- CK_BBOOL cktrue = CK_TRUE;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_ULONG valueLen = 0;
- CK_MECHANISM mechanism;
- CK_RV crv;
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- CK_ATTRIBUTE * attrs = keyTemplate;
- unsigned int templateCount;
-
- if (numAttrs > MAX_TEMPL_ATTRS) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- /* first copy caller attributes in. */
- for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
- *attrs++ = *userAttr++;
- }
-
- /* We only add the following attributes to the template if the caller
- ** didn't already supply them.
- */
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof keyClass);
- attrs++;
- }
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
- keyType = PK11_GetKeyType(target, keySize);
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof keyType );
- attrs++;
- }
- if (keySize > 0 &&
- !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
- valueLen = (CK_ULONG)keySize;
- PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen);
- attrs++;
- }
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
- PK11_SETATTRS(attrs, operation, &cktrue, sizeof cktrue); attrs++;
- }
-
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= MAX_TEMPL_ATTRS);
-
- /* move the key to a slot that can do the function */
- if (!PK11_DoesMechanism(slot,derive)) {
- /* get a new base key & slot */
- PK11SlotInfo *newSlot = PK11_GetBestSlot(derive, baseKey->cx);
-
- if (newSlot == NULL) return NULL;
-
- newBaseKey = pk11_CopyToSlot (newSlot, derive, CKA_DERIVE,
- baseKey);
- PK11_FreeSlot(newSlot);
- if (newBaseKey == NULL) return NULL;
- baseKey = newBaseKey;
- slot = baseKey->slot;
- }
-
-
- /* get our key Structure */
- symKey = PK11_CreateSymKey(slot,target,baseKey->cx);
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->size = keySize;
-
- mechanism.mechanism = derive;
- if (param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- } else {
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- }
- symKey->origin=PK11_OriginDerive;
-
- pk11_EnterKeyMonitor(symKey);
- crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
- baseKey->objectID, keyTemplate, templateCount, &symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
-
- if (newBaseKey) PK11_FreeSymKey(newBaseKey);
- if (crv != CKR_OK) {
- PK11_FreeSymKey(symKey);
- return NULL;
- }
- return symKey;
-}
-
-/* build a public KEA key from the public value */
-SECKEYPublicKey *
-PK11_MakeKEAPubKey(unsigned char *keyData,int length)
-{
- SECKEYPublicKey *pubk;
- SECItem pkData;
- SECStatus rv;
- PRArenaPool *arena;
-
- pkData.data = keyData;
- pkData.len = length;
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- return NULL;
-
- pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey));
- if (pubk == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
- pubk->arena = arena;
- pubk->pkcs11Slot = 0;
- pubk->pkcs11ID = CK_INVALID_HANDLE;
- pubk->keyType = fortezzaKey;
- rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.KEAKey, &pkData);
- if (rv != SECSuccess) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
- return pubk;
-}
-
-
-/*
- * This Generates a wrapping key based on a privateKey, publicKey, and two
- * random numbers. For Mail usage RandomB should be NULL. In the Sender's
- * case RandomA is generate, outherwize it is passed.
- */
-static unsigned char *rb_email = NULL;
-
-PK11SymKey *
-PK11_PubDerive(SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
- PRBool isSender, SECItem *randomA, SECItem *randomB,
- CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE_TYPE operation, int keySize,void *wincx)
-{
- PK11SlotInfo *slot = privKey->pkcs11Slot;
- CK_MECHANISM mechanism;
- PK11SymKey *symKey;
- CK_RV crv;
-
-
- if (rb_email == NULL) {
- rb_email = PORT_ZAlloc(128);
- if (rb_email == NULL) {
- return NULL;
- }
- rb_email[127] = 1;
- }
-
- /* get our key Structure */
- symKey = PK11_CreateSymKey(slot,target,wincx);
- if (symKey == NULL) {
- return NULL;
- }
-
- symKey->origin = PK11_OriginDerive;
-
- switch (privKey->keyType) {
- case rsaKey:
- case nullKey:
- PORT_SetError(SEC_ERROR_BAD_KEY);
- break;
- case dsaKey:
- case keaKey:
- case fortezzaKey:
- {
- CK_KEA_DERIVE_PARAMS param;
- param.isSender = (CK_BBOOL) isSender;
- param.ulRandomLen = randomA->len;
- param.pRandomA = randomA->data;
- param.pRandomB = rb_email;
- if (randomB)
- param.pRandomB = randomB->data;
- if (pubKey->keyType == fortezzaKey) {
- param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
- param.pPublicData = pubKey->u.fortezza.KEAKey.data;
- } else {
- /* assert type == keaKey */
- /* XXX change to match key key types */
- param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
- param.pPublicData = pubKey->u.fortezza.KEAKey.data;
- }
-
- mechanism.mechanism = derive;
- mechanism.pParameter = &param;
- mechanism.ulParameterLen = sizeof(param);
-
- /* get a new symKey structure */
- pk11_EnterKeyMonitor(symKey);
- crv=PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
- privKey->pkcs11ID, NULL, 0, &symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
- if (crv == CKR_OK) return symKey;
- PORT_SetError( PK11_MapError(crv) );
- }
- break;
- case dhKey:
- {
- CK_BBOOL cktrue = CK_TRUE;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_ULONG key_size = 0;
- CK_ATTRIBUTE keyTemplate[4];
- int templateCount;
- CK_ATTRIBUTE *attrs = keyTemplate;
-
- if (pubKey->keyType != dhKey) {
- PORT_SetError(SEC_ERROR_BAD_KEY);
- break;
- }
-
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
- attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
- attrs++;
- PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
- PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size));
- attrs++;
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
- keyType = PK11_GetKeyType(target,keySize);
- key_size = keySize;
- symKey->size = keySize;
- if (key_size == 0) templateCount--;
-
- mechanism.mechanism = derive;
-
- /* we can undefine these when we define diffie-helman keys */
- mechanism.pParameter = pubKey->u.dh.publicValue.data;
- mechanism.ulParameterLen = pubKey->u.dh.publicValue.len;
-
- pk11_EnterKeyMonitor(symKey);
- crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
- privKey->pkcs11ID, keyTemplate, templateCount, &symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
- if (crv == CKR_OK) return symKey;
- PORT_SetError( PK11_MapError(crv) );
- }
- break;
- }
-
- PK11_FreeSymKey(symKey);
- return NULL;
-}
-
-/*
- * this little function uses the Decrypt function to unwrap a key, just in
- * case we are having problem with unwrap. NOTE: The key size may
- * not be preserved properly for some algorithms!
- */
-static PK11SymKey *
-pk11_HandUnwrap(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
- CK_MECHANISM *mech, SECItem *inKey, CK_MECHANISM_TYPE target,
- CK_ATTRIBUTE *keyTemplate, unsigned int templateCount,
- int key_size, void * wincx, CK_RV *crvp)
-{
- CK_ULONG len;
- SECItem outKey;
- PK11SymKey *symKey;
- CK_RV crv;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
-
- /* remove any VALUE_LEN parameters */
- if (keyTemplate[templateCount-1].type == CKA_VALUE_LEN) {
- templateCount--;
- }
-
- /* keys are almost always aligned, but if we get this far,
- * we've gone above and beyond anyway... */
- outKey.data = (unsigned char*)PORT_Alloc(inKey->len);
- if (outKey.data == NULL) {
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- if (crvp) *crvp = CKR_HOST_MEMORY;
- return NULL;
- }
- len = inKey->len;
-
- /* use NULL IV's for wrapping */
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_DecryptInit(session,mech,wrappingKey);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_Free(outKey.data);
- PORT_SetError( PK11_MapError(crv) );
- if (crvp) *crvp =crv;
- return NULL;
- }
- crv = PK11_GETTAB(slot)->C_Decrypt(session,inKey->data,inKey->len,
- outKey.data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- if (crv != CKR_OK) {
- PORT_Free(outKey.data);
- PORT_SetError( PK11_MapError(crv) );
- if (crvp) *crvp =crv;
- return NULL;
- }
-
- outKey.len = (key_size == 0) ? len : key_size;
-
- if (PK11_DoesMechanism(slot,target)) {
- symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap,
- keyTemplate, templateCount,
- &outKey, wincx);
- } else {
- slot = PK11_GetBestSlot(target,wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- PORT_Free(outKey.data);
- if (crvp) *crvp = CKR_DEVICE_ERROR;
- return NULL;
- }
- symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap,
- keyTemplate, templateCount,
- &outKey, wincx);
- PK11_FreeSlot(slot);
- }
- PORT_Free(outKey.data);
-
- if (crvp) *crvp = symKey? CKR_OK : CKR_DEVICE_ERROR;
- return symKey;
-}
-
-/*
- * The wrap/unwrap function is pretty much the same for private and
- * public keys. It's just getting the Object ID and slot right. This is
- * the combined unwrap function.
- */
-static PK11SymKey *
-pk11_AnyUnwrapKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
- CK_MECHANISM_TYPE wrapType, SECItem *param, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize,
- void *wincx, CK_ATTRIBUTE *userAttr, unsigned int numAttrs)
-{
- PK11SymKey * symKey;
- SECItem * param_free = NULL;
- CK_BBOOL cktrue = CK_TRUE;
- CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_ULONG valueLen = 0;
- CK_MECHANISM mechanism;
- CK_RV crv;
- CK_MECHANISM_INFO mechanism_info;
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- CK_ATTRIBUTE * attrs = keyTemplate;
- unsigned int templateCount;
-
- if (numAttrs > MAX_TEMPL_ATTRS) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- /* first copy caller attributes in. */
- for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
- *attrs++ = *userAttr++;
- }
-
- /* We only add the following attributes to the template if the caller
- ** didn't already supply them.
- */
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof keyClass);
- attrs++;
- }
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
- keyType = PK11_GetKeyType(target, keySize);
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof keyType );
- attrs++;
- }
- if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
- PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
- }
-
- /*
- * must be last in case we need to use this template to import the key
- */
- if (keySize > 0 &&
- !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
- valueLen = (CK_ULONG)keySize;
- PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen);
- attrs++;
- }
-
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
-
-
- /* find out if we can do wrap directly. Because the RSA case if *very*
- * common, cache the results for it. */
- if ((wrapType == CKM_RSA_PKCS) && (slot->hasRSAInfo)) {
- mechanism_info.flags = slot->RSAInfoFlags;
- } else {
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,wrapType,
- &mechanism_info);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- mechanism_info.flags = 0;
- }
- if (wrapType == CKM_RSA_PKCS) {
- slot->RSAInfoFlags = mechanism_info.flags;
- slot->hasRSAInfo = PR_TRUE;
- }
- }
-
- /* initialize the mechanism structure */
- mechanism.mechanism = wrapType;
- /* use NULL IV's for wrapping */
- if (param == NULL) param = param_free = PK11_ParamFromIV(wrapType,NULL);
- if (param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- } else {
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- }
-
- if ((mechanism_info.flags & CKF_DECRYPT)
- && !PK11_DoesMechanism(slot,target)) {
- symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey,
- target, keyTemplate, templateCount, keySize,
- wincx, &crv);
- if (symKey) {
- if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
- return symKey;
- }
- /*
- * if the RSA OP simply failed, don't try to unwrap again
- * with this module.
- */
- if (crv == CKR_DEVICE_ERROR){
- return NULL;
- }
- /* fall through, maybe they incorrectly set CKF_DECRYPT */
- }
-
- /* get our key Structure */
- symKey = PK11_CreateSymKey(slot,target,wincx);
- if (symKey == NULL) {
- if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
- return NULL;
- }
-
- symKey->size = keySize;
- symKey->origin = PK11_OriginUnwrap;
-
- pk11_EnterKeyMonitor(symKey);
- crv = PK11_GETTAB(slot)->C_UnwrapKey(symKey->session,&mechanism,wrappingKey,
- wrappedKey->data, wrappedKey->len, keyTemplate, templateCount,
- &symKey->objectID);
- pk11_ExitKeyMonitor(symKey);
- if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
- if ((crv != CKR_OK) && (crv != CKR_DEVICE_ERROR)) {
- /* try hand Unwrapping */
- PK11_FreeSymKey(symKey);
- symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey,
- target, keyTemplate, templateCount, keySize,
- wincx, NULL);
- }
-
- return symKey;
-}
-
-/* use a symetric key to unwrap another symetric key */
-PK11SymKey *
-PK11_UnwrapSymKey( PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize)
-{
- return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
- wrapType, param, wrappedKey, target, operation, keySize,
- wrappingKey->cx, NULL, 0);
-}
-
-/* use a symetric key to unwrap another symetric key */
-PK11SymKey *
-PK11_UnwrapSymKeyWithFlags(PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
- int keySize, CK_FLAGS flags)
-{
- CK_BBOOL ckTrue = CK_TRUE;
- CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
- unsigned int templateCount;
-
- templateCount = pk11_FlagsToAttributes(flags, keyTemplate, &ckTrue);
- return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
- wrapType, param, wrappedKey, target, operation, keySize,
- wrappingKey->cx, keyTemplate, templateCount);
-}
-
-
-/* unwrap a symetric key with a private key. */
-PK11SymKey *
-PK11_PubUnwrapSymKey(SECKEYPrivateKey *wrappingKey, SECItem *wrappedKey,
- CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize)
-{
- CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
-
- PK11_HandlePasswordCheck(wrappingKey->pkcs11Slot,wrappingKey->wincx);
-
- return pk11_AnyUnwrapKey(wrappingKey->pkcs11Slot, wrappingKey->pkcs11ID,
- wrapType, NULL, wrappedKey, target, operation, keySize,
- wrappingKey->wincx, NULL, 0);
-}
-
-/*
- * Recover the Signed data. We need this because our old verify can't
- * figure out which hash algorithm to use until we decryptted this.
- */
-SECStatus
-PK11_VerifyRecover(SECKEYPublicKey *key,
- SECItem *sig, SECItem *dsig, void *wincx)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_OBJECT_HANDLE id = key->pkcs11ID;
- CK_MECHANISM mech = {0, NULL, 0 };
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_ULONG len;
- CK_RV crv;
-
- mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
- if (slot == NULL) {
- slot = PK11_GetBestSlot(mech.mechanism,wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
- id = PK11_ImportPublicKey(slot,key,PR_FALSE);
- }
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_VerifyRecoverInit(session,&mech,id);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- len = dsig->len;
- crv = PK11_GETTAB(slot)->C_VerifyRecover(session,sig->data,
- sig->len, dsig->data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- dsig->len = len;
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * verify a signature from its hash.
- */
-SECStatus
-PK11_Verify(SECKEYPublicKey *key, SECItem *sig, SECItem *hash, void *wincx)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_OBJECT_HANDLE id = key->pkcs11ID;
- CK_MECHANISM mech = {0, NULL, 0 };
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
- if (slot == NULL) {
- slot = PK11_GetBestSlot(mech.mechanism,wincx);
-
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
- id = PK11_ImportPublicKey(slot,key,PR_FALSE);
-
- } else {
- PK11_ReferenceSlot(slot);
- }
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_VerifyInit(session,&mech,id);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PK11_FreeSlot(slot);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- crv = PK11_GETTAB(slot)->C_Verify(session,hash->data,
- hash->len, sig->data, sig->len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PK11_FreeSlot(slot);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * sign a hash. The algorithm is determined by the key.
- */
-SECStatus
-PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, SECItem *hash)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_MECHANISM mech = {0, NULL, 0 };
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_ULONG len;
- CK_RV crv;
-
- mech.mechanism = pk11_mapSignKeyType(key->keyType);
-
- PK11_HandlePasswordCheck(slot, key->wincx);
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_SignInit(session,&mech,key->pkcs11ID);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- len = sig->len;
- crv = PK11_GETTAB(slot)->C_Sign(session,hash->data,
- hash->len, sig->data, &len);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- sig->len = len;
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * Now SSL 2.0 uses raw RSA stuff. These next to functions *must* use
- * RSA keys, or they'll fail. We do the checks up front. If anyone comes
- * up with a meaning for rawdecrypt for any other public key operation,
- * then we need to move this check into some of PK11_PubDecrypt callers,
- * (namely SSL 2.0).
- */
-SECStatus
-PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data,
- unsigned *outLen, unsigned int maxLen, unsigned char *enc,
- unsigned encLen)
-{
- PK11SlotInfo *slot = key->pkcs11Slot;
- CK_MECHANISM mech = {CKM_RSA_X_509, NULL, 0 };
- CK_ULONG out = maxLen;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- if (key->keyType != rsaKey) {
- PORT_SetError( SEC_ERROR_INVALID_KEY );
- return SECFailure;
- }
-
- /* Why do we do a PK11_handle check here? for simple
- * decryption? .. because the user may have asked for 'ask always'
- * and this is a private key operation. In practice, thought, it's mute
- * since only servers wind up using this function */
- PK11_HandlePasswordCheck(slot, key->wincx);
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_DecryptInit(session,&mech,key->pkcs11ID);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- crv = PK11_GETTAB(slot)->C_Decrypt(session,enc, encLen,
- data, &out);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- *outLen = out;
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* The encrypt version of the above function */
-SECStatus
-PK11_PubEncryptRaw(SECKEYPublicKey *key, unsigned char *enc,
- unsigned char *data, unsigned dataLen, void *wincx)
-{
- PK11SlotInfo *slot;
- CK_MECHANISM mech = {CKM_RSA_X_509, NULL, 0 };
- CK_OBJECT_HANDLE id;
- CK_ULONG out = dataLen;
- PRBool owner = PR_TRUE;
- CK_SESSION_HANDLE session;
- CK_RV crv;
-
- if (key->keyType != rsaKey) {
- PORT_SetError( SEC_ERROR_BAD_KEY );
- return SECFailure;
- }
-
- slot = PK11_GetBestSlot(mech.mechanism, wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return SECFailure;
- }
-
- id = PK11_ImportPublicKey(slot,key,PR_FALSE);
-
- session = pk11_GetNewSession(slot,&owner);
- if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_EncryptInit(session,&mech,id);
- if (crv != CKR_OK) {
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- crv = PK11_GETTAB(slot)->C_Encrypt(session,data,dataLen,enc,&out);
- if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
- pk11_CloseSession(slot,session,owner);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
-/**********************************************************************
- *
- * Now Deal with Crypto Contexts
- *
- **********************************************************************/
-
-/*
- * the monitors...
- */
-void
-PK11_EnterContextMonitor(PK11Context *cx) {
- /* if we own the session and our slot is ThreadSafe, only monitor
- * the Context */
- if ((cx->ownSession) && (cx->slot->isThreadSafe)) {
- /* Should this use monitors instead? */
- PZ_Lock(cx->sessionLock);
- } else {
- PK11_EnterSlotMonitor(cx->slot);
- }
-}
-
-void
-PK11_ExitContextMonitor(PK11Context *cx) {
- /* if we own the session and our slot is ThreadSafe, only monitor
- * the Context */
- if ((cx->ownSession) && (cx->slot->isThreadSafe)) {
- /* Should this use monitors instead? */
- PZ_Unlock(cx->sessionLock);
- } else {
- PK11_ExitSlotMonitor(cx->slot);
- }
-}
-
-/*
- * Free up a Cipher Context
- */
-void
-PK11_DestroyContext(PK11Context *context, PRBool freeit)
-{
- pk11_CloseSession(context->slot,context->session,context->ownSession);
- /* initialize the critical fields of the context */
- if (context->savedData != NULL ) PORT_Free(context->savedData);
- if (context->key) PK11_FreeSymKey(context->key);
- if (context->param) SECITEM_FreeItem(context->param, PR_TRUE);
- if (context->sessionLock) PZ_DestroyLock(context->sessionLock);
- PK11_FreeSlot(context->slot);
- if (freeit) PORT_Free(context);
-}
-
-/*
- * save the current context. Allocate Space if necessary.
- */
-static void *
-pk11_saveContextHelper(PK11Context *context, void *space,
- unsigned long *savedLength, PRBool staticBuffer, PRBool recurse)
-{
- CK_ULONG length;
- CK_RV crv;
-
- if (staticBuffer) PORT_Assert(space != NULL);
-
- if (space == NULL) {
- crv =PK11_GETTAB(context->slot)->C_GetOperationState(context->session,
- NULL,&length);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
- space = PORT_Alloc(length);
- if (space == NULL) return NULL;
- *savedLength = length;
- }
- crv = PK11_GETTAB(context->slot)->C_GetOperationState(context->session,
- (CK_BYTE_PTR)space,savedLength);
- if (!staticBuffer && !recurse && (crv == CKR_BUFFER_TOO_SMALL)) {
- if (!staticBuffer) PORT_Free(space);
- return pk11_saveContextHelper(context, NULL,
- savedLength, PR_FALSE, PR_TRUE);
- }
- if (crv != CKR_OK) {
- if (!staticBuffer) PORT_Free(space);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
- return space;
-}
-
-void *
-pk11_saveContext(PK11Context *context, void *space, unsigned long *savedLength)
-{
- return pk11_saveContextHelper(context, space,
- savedLength, PR_FALSE, PR_FALSE);
-}
-
-/*
- * restore the current context
- */
-SECStatus
-pk11_restoreContext(PK11Context *context,void *space, unsigned long savedLength)
-{
- CK_RV crv;
- CK_OBJECT_HANDLE objectID = (context->key) ? context->key->objectID:
- CK_INVALID_HANDLE;
-
- PORT_Assert(space != NULL);
- if (space == NULL) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return SECFailure;
- }
- crv = PK11_GETTAB(context->slot)->C_SetOperationState(context->session,
- (CK_BYTE_PTR)space, savedLength, objectID, 0);
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus pk11_Finalize(PK11Context *context);
-
-/*
- * Context initialization. Used by all flavors of CreateContext
- */
-static SECStatus
-pk11_context_init(PK11Context *context, CK_MECHANISM *mech_info)
-{
- CK_RV crv;
- PK11SymKey *symKey = context->key;
- SECStatus rv = SECSuccess;
-
- switch (context->operation) {
- case CKA_ENCRYPT:
- crv=PK11_GETTAB(context->slot)->C_EncryptInit(context->session,
- mech_info, symKey->objectID);
- break;
- case CKA_DECRYPT:
- if (context->fortezzaHack) {
- CK_ULONG count = 0;;
- /* generate the IV for fortezza */
- crv=PK11_GETTAB(context->slot)->C_EncryptInit(context->session,
- mech_info, symKey->objectID);
- if (crv != CKR_OK) break;
- PK11_GETTAB(context->slot)->C_EncryptFinal(context->session,
- NULL, &count);
- }
- crv=PK11_GETTAB(context->slot)->C_DecryptInit(context->session,
- mech_info, symKey->objectID);
- break;
- case CKA_SIGN:
- crv=PK11_GETTAB(context->slot)->C_SignInit(context->session,
- mech_info, symKey->objectID);
- break;
- case CKA_VERIFY:
- crv=PK11_GETTAB(context->slot)->C_SignInit(context->session,
- mech_info, symKey->objectID);
- break;
- case CKA_DIGEST:
- crv=PK11_GETTAB(context->slot)->C_DigestInit(context->session,
- mech_info);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
-
- /*
- * handle session starvation case.. use our last session to multiplex
- */
- if (!context->ownSession) {
- context->savedData = pk11_saveContext(context,context->savedData,
- &context->savedLength);
- if (context->savedData == NULL) rv = SECFailure;
- /* clear out out session for others to use */
- pk11_Finalize(context);
- }
- return rv;
-}
-
-
-/*
- * Common Helper Function do come up with a new context.
- */
-static PK11Context *pk11_CreateNewContextInSlot(CK_MECHANISM_TYPE type,
- PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey,
- SECItem *param)
-{
- CK_MECHANISM mech_info;
- PK11Context *context;
- SECStatus rv;
-
- PORT_Assert(slot != NULL);
- if (!slot) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
- context = (PK11Context *) PORT_Alloc(sizeof(PK11Context));
- if (context == NULL) {
- return NULL;
- }
-
- /* now deal with the fortezza hack... the fortezza hack is an attempt
- * to get around the issue of the card not allowing you to do a FORTEZZA
- * LoadIV/Encrypt, which was added because such a combination could be
- * use to circumvent the key escrow system. Unfortunately SSL needs to
- * do this kind of operation, so in SSL we do a loadIV (to verify it),
- * Then GenerateIV, and through away the first 8 bytes on either side
- * of the connection.*/
- context->fortezzaHack = PR_FALSE;
- if (type == CKM_SKIPJACK_CBC64) {
- if (symKey->origin == PK11_OriginFortezzaHack) {
- context->fortezzaHack = PR_TRUE;
- }
- }
-
- /* initialize the critical fields of the context */
- context->operation = operation;
- context->key = symKey ? PK11_ReferenceSymKey(symKey) : NULL;
- context->slot = PK11_ReferenceSlot(slot);
- context->session = pk11_GetNewSession(slot,&context->ownSession);
- context->cx = symKey ? symKey->cx : NULL;
- /* get our session */
- context->savedData = NULL;
-
- /* save the parameters so that some digesting stuff can do multiple
- * begins on a single context */
- context->type = type;
- context->param = SECITEM_DupItem(param);
- context->init = PR_FALSE;
- context->sessionLock = PZ_NewLock(nssILockPK11cxt);
- if ((context->param == NULL) || (context->sessionLock == NULL)) {
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
-
- mech_info.mechanism = type;
- mech_info.pParameter = param->data;
- mech_info.ulParameterLen = param->len;
- PK11_EnterContextMonitor(context);
- rv = pk11_context_init(context,&mech_info);
- PK11_ExitContextMonitor(context);
-
- if (rv != SECSuccess) {
- PK11_DestroyContext(context,PR_TRUE);
- return NULL;
- }
- context->init = PR_TRUE;
- return context;
-}
-
-
-/*
- * put together the various PK11_Create_Context calls used by different
- * parts of libsec.
- */
-PK11Context *
-__PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
- SECItem *param, void *wincx)
-{
- PK11SymKey *symKey;
- PK11Context *context;
-
- /* first get a slot */
- if (slot == NULL) {
- slot = PK11_GetBestSlot(type,wincx);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
- } else {
- PK11_ReferenceSlot(slot);
- }
-
- /* now import the key */
- symKey = PK11_ImportSymKey(slot, type, origin, operation, key, wincx);
- if (symKey == NULL) return NULL;
-
- context = PK11_CreateContextBySymKey(type, operation, symKey, param);
-
- PK11_FreeSymKey(symKey);
- PK11_FreeSlot(slot);
-
- return context;
-}
-
-PK11Context *
-PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
- PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
- SECItem *param, void *wincx)
-{
- return __PK11_CreateContextByRawKey(slot, type, origin, operation,
- key, param, wincx);
-}
-
-
-/*
- * Create a context from a key. We really should make sure we aren't using
- * the same key in multiple session!
- */
-PK11Context *
-PK11_CreateContextBySymKey(CK_MECHANISM_TYPE type,CK_ATTRIBUTE_TYPE operation,
- PK11SymKey *symKey, SECItem *param)
-{
- PK11SymKey *newKey;
- PK11Context *context;
-
- /* if this slot doesn't support the mechanism, go to a slot that does */
- newKey = pk11_ForceSlot(symKey,type,operation);
- if (newKey == NULL) {
- PK11_ReferenceSymKey(symKey);
- } else {
- symKey = newKey;
- }
-
-
- /* Context Adopts the symKey.... */
- context = pk11_CreateNewContextInSlot(type, symKey->slot, operation, symKey,
- param);
- PK11_FreeSymKey(symKey);
- return context;
-}
-
-/*
- * Digest contexts don't need keys, but the do need to find a slot.
- * Macing should use PK11_CreateContextBySymKey.
- */
-PK11Context *
-PK11_CreateDigestContext(SECOidTag hashAlg)
-{
- /* digesting has to work without authentication to the slot */
- CK_MECHANISM_TYPE type;
- PK11SlotInfo *slot;
- PK11Context *context;
- SECItem param;
-
- type = PK11_AlgtagToMechanism(hashAlg);
- slot = PK11_GetBestSlot(type, NULL);
- if (slot == NULL) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
-
- /* maybe should really be PK11_GenerateNewParam?? */
- param.data = NULL;
- param.len = 0;
-
- context = pk11_CreateNewContextInSlot(type, slot, CKA_DIGEST, NULL, &param);
- PK11_FreeSlot(slot);
- return context;
-}
-
-/*
- * create a new context which is the clone of the state of old context.
- */
-PK11Context * PK11_CloneContext(PK11Context *old)
-{
- PK11Context *newcx;
- PRBool needFree = PR_FALSE;
- SECStatus rv = SECSuccess;
- void *data;
- unsigned long len;
-
- newcx = pk11_CreateNewContextInSlot(old->type, old->slot, old->operation,
- old->key, old->param);
- if (newcx == NULL) return NULL;
-
- /* now clone the save state. First we need to find the save state
- * of the old session. If the old context owns it's session,
- * the state needs to be saved, otherwise the state is in saveData. */
- if (old->ownSession) {
- PK11_EnterContextMonitor(old);
- data=pk11_saveContext(old,NULL,&len);
- PK11_ExitContextMonitor(old);
- needFree = PR_TRUE;
- } else {
- data = old->savedData;
- len = old->savedLength;
- }
-
- if (data == NULL) {
- PK11_DestroyContext(newcx,PR_TRUE);
- return NULL;
- }
-
- /* now copy that state into our new context. Again we have different
- * work if the new context owns it's own session. If it does, we
- * restore the state gathered above. If it doesn't, we copy the
- * saveData pointer... */
- if (newcx->ownSession) {
- PK11_EnterContextMonitor(newcx);
- rv = pk11_restoreContext(newcx,data,len);
- PK11_ExitContextMonitor(newcx);
- } else {
- PORT_Assert(newcx->savedData != NULL);
- if ((newcx->savedData == NULL) || (newcx->savedLength < len)) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- rv = SECFailure;
- } else {
- PORT_Memcpy(newcx->savedData,data,len);
- newcx->savedLength = len;
- }
- }
-
- if (needFree) PORT_Free(data);
-
- if (rv != SECSuccess) {
- PK11_DestroyContext(newcx,PR_TRUE);
- return NULL;
- }
- return newcx;
-}
-
-/*
- * save the current context state into a variable. Required to make FORTEZZA
- * work.
- */
-SECStatus
-PK11_SaveContext(PK11Context *cx,unsigned char *save,int *len, int saveLength)
-{
- unsigned char * data = NULL;
- CK_ULONG length = saveLength;
-
- if (cx->ownSession) {
- PK11_EnterContextMonitor(cx);
- data = (unsigned char*)pk11_saveContextHelper(cx,save,&length,
- PR_FALSE,PR_FALSE);
- PK11_ExitContextMonitor(cx);
- if (data) *len = length;
- } else if (saveLength >= cx->savedLength) {
- data = (unsigned char*)cx->savedData;
- if (cx->savedData) {
- PORT_Memcpy(save,cx->savedData,cx->savedLength);
- }
- *len = cx->savedLength;
- }
- return (data != NULL) ? SECSuccess : SECFailure;
-}
-
-/*
- * restore the context state into a new running context. Also required for
- * FORTEZZA .
- */
-SECStatus
-PK11_RestoreContext(PK11Context *cx,unsigned char *save,int len)
-{
- SECStatus rv = SECSuccess;
- if (cx->ownSession) {
- PK11_EnterContextMonitor(cx);
- pk11_Finalize(cx);
- rv = pk11_restoreContext(cx,save,len);
- PK11_ExitContextMonitor(cx);
- } else {
- PORT_Assert(cx->savedData != NULL);
- if ((cx->savedData == NULL) || (cx->savedLength < (unsigned) len)) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- rv = SECFailure;
- } else {
- PORT_Memcpy(cx->savedData,save,len);
- cx->savedLength = len;
- }
- }
- return rv;
-}
-
-/*
- * This is to get FIPS compliance until we can convert
- * libjar to use PK11_ hashing functions. It returns PR_FALSE
- * if we can't get a PK11 Context.
- */
-PRBool
-PK11_HashOK(SECOidTag algID) {
- PK11Context *cx;
-
- cx = PK11_CreateDigestContext(algID);
- if (cx == NULL) return PR_FALSE;
- PK11_DestroyContext(cx, PR_TRUE);
- return PR_TRUE;
-}
-
-
-
-/*
- * start a new digesting or Mac'ing operation on this context
- */
-SECStatus PK11_DigestBegin(PK11Context *cx)
-{
- CK_MECHANISM mech_info;
- SECStatus rv;
-
- if (cx->init == PR_TRUE) {
- return SECSuccess;
- }
-
- /*
- * make sure the old context is clear first
- */
- PK11_EnterContextMonitor(cx);
- pk11_Finalize(cx);
-
- mech_info.mechanism = cx->type;
- mech_info.pParameter = cx->param->data;
- mech_info.ulParameterLen = cx->param->len;
- rv = pk11_context_init(cx,&mech_info);
- PK11_ExitContextMonitor(cx);
-
- if (rv != SECSuccess) {
- return SECFailure;
- }
- cx->init = PR_TRUE;
- return SECSuccess;
-}
-
-SECStatus
-PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, unsigned char *in,
- int32 len) {
- PK11Context *context;
- unsigned int max_length;
- unsigned int out_length;
- SECStatus rv;
-
- context = PK11_CreateDigestContext(hashAlg);
- if (context == NULL) return SECFailure;
-
- rv = PK11_DigestBegin(context);
- if (rv != SECSuccess) {
- PK11_DestroyContext(context, PR_TRUE);
- return rv;
- }
-
- rv = PK11_DigestOp(context, in, len);
- if (rv != SECSuccess) {
- PK11_DestroyContext(context, PR_TRUE);
- return rv;
- }
-
- /* we need the output length ... maybe this should be table driven...*/
- switch (hashAlg) {
- case SEC_OID_SHA1: max_length = SHA1_LENGTH; break;
- case SEC_OID_MD2: max_length = MD2_LENGTH; break;
- case SEC_OID_MD5: max_length = MD5_LENGTH; break;
- default: max_length = 16; break;
- }
-
- rv = PK11_DigestFinal(context,out,&out_length,max_length);
- PK11_DestroyContext(context, PR_TRUE);
- return rv;
-}
-
-
-/*
- * execute a bulk encryption operation
- */
-SECStatus
-PK11_CipherOp(PK11Context *context, unsigned char * out, int *outlen,
- int maxout, unsigned char *in, int inlen)
-{
- CK_RV crv = CKR_OK;
- CK_ULONG length = maxout;
- CK_ULONG offset =0;
- SECStatus rv = SECSuccess;
- unsigned char *saveOut = out;
- unsigned char *allocOut = NULL;
-
- /* if we ran out of session, we need to restore our previously stored
- * state.
- */
- PK11_EnterContextMonitor(context);
- if (!context->ownSession) {
- rv = pk11_restoreContext(context,context->savedData,
- context->savedLength);
- if (rv != SECSuccess) {
- PK11_ExitContextMonitor(context);
- return rv;
- }
- }
-
- /*
- * The fortezza hack is to send 8 extra bytes on the first encrypted and
- * loose them on the first decrypt.
- */
- if (context->fortezzaHack) {
- unsigned char random[8];
- if (context->operation == CKA_ENCRYPT) {
- PK11_ExitContextMonitor(context);
- rv = PK11_GenerateRandom(random,sizeof(random));
- PK11_EnterContextMonitor(context);
-
- /* since we are offseting the output, we can't encrypt back into
- * the same buffer... allocate a temporary buffer just for this
- * call. */
- allocOut = out = (unsigned char*)PORT_Alloc(maxout);
- if (out == NULL) {
- PK11_ExitContextMonitor(context);
- return SECFailure;
- }
- crv = PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session,
- random,sizeof(random),out,&length);
-
- out += length;
- maxout -= length;
- offset = length;
- } else if (context->operation == CKA_DECRYPT) {
- length = sizeof(random);
- crv = PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session,
- in,sizeof(random),random,&length);
- inlen -= length;
- in += length;
- context->fortezzaHack = PR_FALSE;
- }
- }
-
- switch (context->operation) {
- case CKA_ENCRYPT:
- length = maxout;
- crv=PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session,
- in, inlen, out, &length);
- length += offset;
- break;
- case CKA_DECRYPT:
- length = maxout;
- crv=PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session,
- in, inlen, out, &length);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- *outlen = 0;
- rv = SECFailure;
- } else {
- *outlen = length;
- }
-
- if (context->fortezzaHack) {
- if (context->operation == CKA_ENCRYPT) {
- PORT_Assert(allocOut);
- PORT_Memcpy(saveOut, allocOut, length);
- PORT_Free(allocOut);
- }
- context->fortezzaHack = PR_FALSE;
- }
-
- /*
- * handle session starvation case.. use our last session to multiplex
- */
- if (!context->ownSession) {
- context->savedData = pk11_saveContext(context,context->savedData,
- &context->savedLength);
- if (context->savedData == NULL) rv = SECFailure;
-
- /* clear out out session for others to use */
- pk11_Finalize(context);
- }
- PK11_ExitContextMonitor(context);
- return rv;
-}
-
-/*
- * execute a digest/signature operation
- */
-SECStatus
-PK11_DigestOp(PK11Context *context, const unsigned char * in, unsigned inLen)
-{
- CK_RV crv = CKR_OK;
- SECStatus rv = SECSuccess;
-
- /* if we ran out of session, we need to restore our previously stored
- * state.
- */
- context->init = PR_FALSE;
- PK11_EnterContextMonitor(context);
- if (!context->ownSession) {
- rv = pk11_restoreContext(context,context->savedData,
- context->savedLength);
- if (rv != SECSuccess) {
- PK11_ExitContextMonitor(context);
- return rv;
- }
- }
-
- switch (context->operation) {
- /* also for MAC'ing */
- case CKA_SIGN:
- crv=PK11_GETTAB(context->slot)->C_SignUpdate(context->session,
- (unsigned char *)in,
- inLen);
- break;
- case CKA_VERIFY:
- crv=PK11_GETTAB(context->slot)->C_VerifyUpdate(context->session,
- (unsigned char *)in,
- inLen);
- break;
- case CKA_DIGEST:
- crv=PK11_GETTAB(context->slot)->C_DigestUpdate(context->session,
- (unsigned char *)in,
- inLen);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- rv = SECFailure;
- }
-
- /*
- * handle session starvation case.. use our last session to multiplex
- */
- if (!context->ownSession) {
- context->savedData = pk11_saveContext(context,context->savedData,
- &context->savedLength);
- if (context->savedData == NULL) rv = SECFailure;
-
- /* clear out out session for others to use */
- pk11_Finalize(context);
- }
- PK11_ExitContextMonitor(context);
- return rv;
-}
-
-/*
- * Digest a key if possible./
- */
-SECStatus
-PK11_DigestKey(PK11Context *context, PK11SymKey *key)
-{
- CK_RV crv = CKR_OK;
- SECStatus rv = SECSuccess;
- PK11SymKey *newKey = NULL;
-
- /* if we ran out of session, we need to restore our previously stored
- * state.
- */
- if (context->slot != key->slot) {
- newKey = pk11_CopyToSlot(context->slot,CKM_SSL3_SHA1_MAC,CKA_SIGN,key);
- } else {
- newKey = PK11_ReferenceSymKey(key);
- }
-
- context->init = PR_FALSE;
- PK11_EnterContextMonitor(context);
- if (!context->ownSession) {
- rv = pk11_restoreContext(context,context->savedData,
- context->savedLength);
- if (rv != SECSuccess) {
- PK11_ExitContextMonitor(context);
- PK11_FreeSymKey(newKey);
- return rv;
- }
- }
-
-
- if (newKey == NULL) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- if (key->data.data) {
- crv=PK11_GETTAB(context->slot)->C_DigestUpdate(context->session,
- key->data.data,key->data.len);
- }
- } else {
- crv=PK11_GETTAB(context->slot)->C_DigestKey(context->session,
- newKey->objectID);
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- rv = SECFailure;
- }
-
- /*
- * handle session starvation case.. use our last session to multiplex
- */
- if (!context->ownSession) {
- context->savedData = pk11_saveContext(context,context->savedData,
- &context->savedLength);
- if (context->savedData == NULL) rv = SECFailure;
-
- /* clear out out session for others to use */
- pk11_Finalize(context);
- }
- PK11_ExitContextMonitor(context);
- if (newKey) PK11_FreeSymKey(newKey);
- return rv;
-}
-
-/*
- * externally callable version of the lowercase pk11_finalize().
- */
-SECStatus
-PK11_Finalize(PK11Context *context) {
- SECStatus rv;
-
- PK11_EnterContextMonitor(context);
- rv = pk11_Finalize(context);
- PK11_ExitContextMonitor(context);
- return rv;
-}
-
-/*
- * clean up a cipher operation, so the session can be used by
- * someone new.
- */
-SECStatus
-pk11_Finalize(PK11Context *context)
-{
- CK_ULONG count = 0;
- CK_RV crv;
-
- if (!context->ownSession) {
- return SECSuccess;
- }
-
- switch (context->operation) {
- case CKA_ENCRYPT:
- crv=PK11_GETTAB(context->slot)->C_EncryptFinal(context->session,
- NULL,&count);
- break;
- case CKA_DECRYPT:
- crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session,
- NULL,&count);
- break;
- case CKA_SIGN:
- crv=PK11_GETTAB(context->slot)->C_SignFinal(context->session,
- NULL,&count);
- break;
- case CKA_VERIFY:
- crv=PK11_GETTAB(context->slot)->C_VerifyFinal(context->session,
- NULL,count);
- break;
- case CKA_DIGEST:
- crv=PK11_GETTAB(context->slot)->C_DigestFinal(context->session,
- NULL,&count);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * Return the final digested or signed data...
- * this routine can either take pre initialized data, or allocate data
- * either out of an arena or out of the standard heap.
- */
-SECStatus
-PK11_DigestFinal(PK11Context *context,unsigned char *data,
- unsigned int *outLen, unsigned int length)
-{
- CK_ULONG len;
- CK_RV crv;
- SECStatus rv;
-
-
- /* if we ran out of session, we need to restore our previously stored
- * state.
- */
- PK11_EnterContextMonitor(context);
- if (!context->ownSession) {
- rv = pk11_restoreContext(context,context->savedData,
- context->savedLength);
- if (rv != SECSuccess) {
- PK11_ExitContextMonitor(context);
- return rv;
- }
- }
-
- len = length;
- switch (context->operation) {
- case CKA_SIGN:
- crv=PK11_GETTAB(context->slot)->C_SignFinal(context->session,
- data,&len);
- break;
- case CKA_VERIFY:
- crv=PK11_GETTAB(context->slot)->C_VerifyFinal(context->session,
- data,len);
- break;
- case CKA_DIGEST:
- crv=PK11_GETTAB(context->slot)->C_DigestFinal(context->session,
- data,&len);
- break;
- case CKA_ENCRYPT:
- crv=PK11_GETTAB(context->slot)->C_EncryptFinal(context->session,
- data, &len);
- break;
- case CKA_DECRYPT:
- crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session,
- data, &len);
- break;
- default:
- crv = CKR_OPERATION_NOT_INITIALIZED;
- break;
- }
- PK11_ExitContextMonitor(context);
-
- *outLen = (unsigned int) len;
- context->init = PR_FALSE; /* allow Begin to start up again */
-
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/****************************************************************************
- *
- * Now Do The PBE Functions Here...
- *
- ****************************************************************************/
-
-static void
-pk11_destroy_ck_pbe_params(CK_PBE_PARAMS *pbe_params)
-{
- if (pbe_params) {
- if (pbe_params->pPassword)
- PORT_ZFree(pbe_params->pPassword, PR_FALSE);
- if (pbe_params->pSalt)
- PORT_ZFree(pbe_params->pSalt, PR_FALSE);
- PORT_ZFree(pbe_params, PR_TRUE);
- }
-}
-
-SECItem *
-PK11_CreatePBEParams(SECItem *salt, SECItem *pwd, unsigned int iterations)
-{
- CK_PBE_PARAMS *pbe_params = NULL;
- SECItem *paramRV = NULL;
- pbe_params = (CK_PBE_PARAMS *)PORT_ZAlloc(sizeof(CK_PBE_PARAMS));
- pbe_params->pPassword = (CK_CHAR_PTR)PORT_ZAlloc(pwd->len);
- if (pbe_params->pPassword != NULL) {
- PORT_Memcpy(pbe_params->pPassword, pwd->data, pwd->len);
- pbe_params->ulPasswordLen = pwd->len;
- } else goto loser;
- pbe_params->pSalt = (CK_CHAR_PTR)PORT_ZAlloc(salt->len);
- if (pbe_params->pSalt != NULL) {
- PORT_Memcpy(pbe_params->pSalt, salt->data, salt->len);
- pbe_params->ulSaltLen = salt->len;
- } else goto loser;
- pbe_params->ulIteration = (CK_ULONG)iterations;
- paramRV = SECITEM_AllocItem(NULL, NULL, sizeof(CK_PBE_PARAMS));
- paramRV->data = (unsigned char *)pbe_params;
- return paramRV;
-loser:
- pk11_destroy_ck_pbe_params(pbe_params);
- return NULL;
-}
-
-void
-PK11_DestroyPBEParams(SECItem *params)
-{
- pk11_destroy_ck_pbe_params((CK_PBE_PARAMS *)params->data);
-}
-
-SECAlgorithmID *
-PK11_CreatePBEAlgorithmID(SECOidTag algorithm, int iteration, SECItem *salt)
-{
- SECAlgorithmID *algid = NULL;
- algid = SEC_PKCS5CreateAlgorithmID(algorithm, salt, iteration);
- return algid;
-}
-
-PK11SymKey *
-PK11_RawPBEKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *mech,
- SECItem *pwitem, PRBool faulty3DES, void *wincx)
-{
- /* pbe stuff */
- CK_PBE_PARAMS *pbe_params;
- PK11SymKey *symKey;
-
- if(faulty3DES && (type == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC)) {
- type = CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC;
- }
- if(mech == NULL) {
- return NULL;
- }
-
- pbe_params = (CK_PBE_PARAMS *)mech->data;
- pbe_params->pPassword = (CK_CHAR_PTR)PORT_ZAlloc(pwitem->len);
- if(pbe_params->pPassword != NULL) {
- PORT_Memcpy(pbe_params->pPassword, pwitem->data, pwitem->len);
- pbe_params->ulPasswordLen = pwitem->len;
- } else {
- SECITEM_ZfreeItem(mech, PR_TRUE);
- return NULL;
- }
-
- symKey = PK11_KeyGen(slot, type, mech, 0, wincx);
-
- PORT_ZFree(pbe_params->pPassword, pwitem->len);
- pbe_params->pPassword = NULL;
- pbe_params->ulPasswordLen = 0;
- return symKey;
-}
-
-PK11SymKey *
-PK11_PBEKeyGen(PK11SlotInfo *slot, SECAlgorithmID *algid, SECItem *pwitem,
- PRBool faulty3DES, void *wincx)
-{
- /* pbe stuff */
- CK_MECHANISM_TYPE type;
- SECItem *mech;
- PK11SymKey *symKey;
-
- mech = PK11_ParamFromAlgid(algid);
- type = PK11_AlgtagToMechanism(SECOID_FindOIDTag(&algid->algorithm));
- if(faulty3DES && (type == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC)) {
- type = CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC;
- }
- if(mech == NULL) {
- return NULL;
- }
- symKey = PK11_RawPBEKeyGen(slot, type, mech, pwitem, faulty3DES, wincx);
-
- SECITEM_ZfreeItem(mech, PR_TRUE);
- return symKey;
-}
-
-
-SECStatus
-PK11_ImportEncryptedPrivateKeyInfo(PK11SlotInfo *slot,
- SECKEYEncryptedPrivateKeyInfo *epki, SECItem *pwitem,
- SECItem *nickname, SECItem *publicValue, PRBool isPerm,
- PRBool isPrivate, KeyType keyType, unsigned int keyUsage,
- void *wincx)
-{
- CK_MECHANISM_TYPE mechanism;
- SECItem *pbe_param, crypto_param;
- PK11SymKey *key = NULL;
- SECStatus rv = SECSuccess;
- CK_MECHANISM cryptoMech, pbeMech;
- CK_RV crv;
- SECKEYPrivateKey *privKey = NULL;
- PRBool faulty3DES = PR_FALSE;
- int usageCount = 0;
- CK_KEY_TYPE key_type;
- CK_ATTRIBUTE_TYPE *usage = NULL;
- CK_ATTRIBUTE_TYPE rsaUsage[] = {
- CKA_UNWRAP, CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER };
- CK_ATTRIBUTE_TYPE dsaUsage[] = { CKA_SIGN };
- CK_ATTRIBUTE_TYPE dhUsage[] = { CKA_DERIVE };
-
- if((epki == NULL) || (pwitem == NULL))
- return SECFailure;
-
- crypto_param.data = NULL;
-
- mechanism = PK11_AlgtagToMechanism(SECOID_FindOIDTag(
- &epki->algorithm.algorithm));
-
- switch (keyType) {
- default:
- case rsaKey:
- key_type = CKK_RSA;
- switch (keyUsage & (KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE)) {
- case KU_KEY_ENCIPHERMENT:
- usage = rsaUsage;
- usageCount = 2;
- break;
- case KU_DIGITAL_SIGNATURE:
- usage = &rsaUsage[2];
- usageCount = 2;
- break;
- case KU_KEY_ENCIPHERMENT|KU_DIGITAL_SIGNATURE:
- case 0: /* default to everything */
- usage = rsaUsage;
- usageCount = 4;
- break;
- }
- break;
- case dhKey:
- key_type = CKK_DH;
- usage = dhUsage;
- usageCount = sizeof(dhUsage)/sizeof(dhUsage[0]);
- break;
- case dsaKey:
- key_type = CKK_DSA;
- usage = dsaUsage;
- usageCount = sizeof(dsaUsage)/sizeof(dsaUsage[0]);
- break;
- }
-
-try_faulty_3des:
- pbe_param = PK11_ParamFromAlgid(&epki->algorithm);
-
- key = PK11_RawPBEKeyGen(slot, mechanism, pbe_param, pwitem,
- faulty3DES, wincx);
- if((key == NULL) || (pbe_param == NULL)) {
- rv = SECFailure;
- goto done;
- }
-
- pbeMech.mechanism = mechanism;
- pbeMech.pParameter = pbe_param->data;
- pbeMech.ulParameterLen = pbe_param->len;
-
- crv = PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech,
- pwitem, faulty3DES);
- if(crv != CKR_OK) {
- rv = SECFailure;
- goto done;
- }
-
- cryptoMech.mechanism = PK11_GetPadMechanism(cryptoMech.mechanism);
- crypto_param.data = (unsigned char*)cryptoMech.pParameter;
- crypto_param.len = cryptoMech.ulParameterLen;
-
- PORT_Assert(usage != NULL);
- PORT_Assert(usageCount != 0);
- privKey = PK11_UnwrapPrivKey(slot, key, cryptoMech.mechanism,
- &crypto_param, &epki->encryptedData,
- nickname, publicValue, isPerm, isPrivate,
- key_type, usage, usageCount, wincx);
- if(privKey) {
- SECKEY_DestroyPrivateKey(privKey);
- privKey = NULL;
- rv = SECSuccess;
- goto done;
- }
-
- /* if we are unable to import the key and the mechanism is
- * CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, then it is possible that
- * the encrypted blob was created with a buggy key generation method
- * which is described in the PKCS 12 implementation notes. So we
- * need to try importing via that method.
- */
- if((mechanism == CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC) && (!faulty3DES)) {
- /* clean up after ourselves before redoing the key generation. */
-
- PK11_FreeSymKey(key);
- key = NULL;
-
- if(pbe_param) {
- SECITEM_ZfreeItem(pbe_param, PR_TRUE);
- pbe_param = NULL;
- }
-
- if(crypto_param.data) {
- SECITEM_ZfreeItem(&crypto_param, PR_FALSE);
- crypto_param.data = NULL;
- cryptoMech.pParameter = NULL;
- crypto_param.len = cryptoMech.ulParameterLen = 0;
- }
-
- faulty3DES = PR_TRUE;
- goto try_faulty_3des;
- }
-
- /* key import really did fail */
- rv = SECFailure;
-
-done:
- if(pbe_param != NULL) {
- SECITEM_ZfreeItem(pbe_param, PR_TRUE);
- pbe_param = NULL;
- }
-
- if(crypto_param.data != NULL) {
- SECITEM_ZfreeItem(&crypto_param, PR_FALSE);
- }
-
- if(key != NULL) {
- PK11_FreeSymKey(key);
- }
-
- return rv;
-}
-
-SECKEYPrivateKeyInfo *
-PK11_ExportPrivateKeyInfo(CERTCertificate *cert, void *wincx)
-{
- return NULL;
-}
-
-static int
-pk11_private_key_encrypt_buffer_length(SECKEYPrivateKey *key)
-
-{
- CK_ATTRIBUTE rsaTemplate = { CKA_MODULUS, NULL, 0 };
- CK_ATTRIBUTE dsaTemplate = { CKA_PRIME, NULL, 0 };
- CK_ATTRIBUTE_PTR pTemplate;
- CK_RV crv;
- int length;
-
- if(!key) {
- return -1;
- }
-
- switch (key->keyType) {
- case rsaKey:
- pTemplate = &rsaTemplate;
- break;
- case dsaKey:
- case dhKey:
- pTemplate = &dsaTemplate;
- break;
- case fortezzaKey:
- default:
- pTemplate = NULL;
- }
-
- if(!pTemplate) {
- return -1;
- }
-
- crv = PK11_GetAttributes(NULL, key->pkcs11Slot, key->pkcs11ID,
- pTemplate, 1);
- if(crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return -1;
- }
-
- length = pTemplate->ulValueLen;
- length *= 10;
-
- if(pTemplate->pValue != NULL) {
- PORT_Free(pTemplate->pValue);
- }
-
- return length;
-}
-
-SECKEYEncryptedPrivateKeyInfo *
-PK11_ExportEncryptedPrivateKeyInfo(PK11SlotInfo *slot, SECOidTag algTag,
- SECItem *pwitem, CERTCertificate *cert, int iteration, void *wincx)
-{
- SECKEYEncryptedPrivateKeyInfo *epki = NULL;
- SECKEYPrivateKey *pk;
- PRArenaPool *arena = NULL;
- SECAlgorithmID *algid;
- CK_MECHANISM_TYPE mechanism;
- SECItem *pbe_param = NULL, crypto_param;
- PK11SymKey *key = NULL;
- SECStatus rv = SECSuccess;
- CK_MECHANISM pbeMech, cryptoMech;
- CK_ULONG encBufLenPtr;
- CK_RV crv;
- SECItem encryptedKey = {siBuffer,NULL,0};
- int encryptBufLen;
-
- if(!pwitem)
- return NULL;
-
- crypto_param.data = NULL;
-
- arena = PORT_NewArena(2048);
- epki = (SECKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(arena,
- sizeof(SECKEYEncryptedPrivateKeyInfo));
- if(epki == NULL) {
- rv = SECFailure;
- goto loser;
- }
- epki->arena = arena;
- algid = SEC_PKCS5CreateAlgorithmID(algTag, NULL, iteration);
- if(algid == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- mechanism = PK11_AlgtagToMechanism(SECOID_FindOIDTag(&algid->algorithm));
- pbe_param = PK11_ParamFromAlgid(algid);
- pbeMech.mechanism = mechanism;
- pbeMech.pParameter = pbe_param->data;
- pbeMech.ulParameterLen = pbe_param->len;
- key = PK11_RawPBEKeyGen(slot, mechanism, pbe_param, pwitem,
- PR_FALSE, wincx);
-
- if((key == NULL) || (pbe_param == NULL)) {
- rv = SECFailure;
- goto loser;
- }
-
- crv = PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech,
- pwitem, PR_FALSE);
- if(crv != CKR_OK) {
- rv = SECFailure;
- goto loser;
- }
- cryptoMech.mechanism = PK11_GetPadMechanism(cryptoMech.mechanism);
- crypto_param.data = (unsigned char *)cryptoMech.pParameter;
- crypto_param.len = cryptoMech.ulParameterLen;
-
- pk = PK11_FindKeyByAnyCert(cert, wincx);
- if(pk == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- encryptBufLen = pk11_private_key_encrypt_buffer_length(pk);
- if(encryptBufLen == -1) {
- rv = SECFailure;
- goto loser;
- }
- encryptedKey.len = (unsigned int)encryptBufLen;
- encBufLenPtr = (CK_ULONG) encryptBufLen;
- encryptedKey.data = (unsigned char *)PORT_ZAlloc(encryptedKey.len);
- if(!encryptedKey.data) {
- rv = SECFailure;
- goto loser;
- }
-
- /* we are extracting an encrypted privateKey structure.
- * which needs to be freed along with the buffer into which it is
- * returned. eventually, we should retrieve an encrypted key using
- * pkcs8/pkcs5.
- */
- PK11_EnterSlotMonitor(pk->pkcs11Slot);
- crv = PK11_GETTAB(pk->pkcs11Slot)->C_WrapKey(pk->pkcs11Slot->session,
- &cryptoMech, key->objectID, pk->pkcs11ID, encryptedKey.data,
- &encBufLenPtr);
- PK11_ExitSlotMonitor(pk->pkcs11Slot);
- encryptedKey.len = (unsigned int) encBufLenPtr;
- if(crv != CKR_OK) {
- rv = SECFailure;
- goto loser;
- }
-
- if(!encryptedKey.len) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECITEM_CopyItem(arena, &epki->encryptedData, &encryptedKey);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- rv = SECOID_CopyAlgorithmID(arena, &epki->algorithm, algid);
-
-loser:
- if(pbe_param != NULL) {
- SECITEM_ZfreeItem(pbe_param, PR_TRUE);
- pbe_param = NULL;
- }
-
- if(crypto_param.data != NULL) {
- SECITEM_ZfreeItem(&crypto_param, PR_FALSE);
- crypto_param.data = NULL;
- }
-
- if(key != NULL) {
- PK11_FreeSymKey(key);
- }
-
- if(rv == SECFailure) {
- if(arena != NULL) {
- PORT_FreeArena(arena, PR_TRUE);
- }
- epki = NULL;
- }
-
- return epki;
-}
-
-
-/*
- * This is required to allow FORTEZZA_NULL and FORTEZZA_RC4
- * working. This function simply gets a valid IV for the keys.
- */
-SECStatus
-PK11_GenerateFortezzaIV(PK11SymKey *symKey,unsigned char *iv,int len)
-{
- CK_MECHANISM mech_info;
- CK_ULONG count = 0;
- CK_RV crv;
- SECStatus rv = SECFailure;
-
- mech_info.mechanism = CKM_SKIPJACK_CBC64;
- mech_info.pParameter = iv;
- mech_info.ulParameterLen = len;
-
- /* generate the IV for fortezza */
- PK11_EnterSlotMonitor(symKey->slot);
- crv=PK11_GETTAB(symKey->slot)->C_EncryptInit(symKey->slot->session,
- &mech_info, symKey->objectID);
- if (crv == CKR_OK) {
- PK11_GETTAB(symKey->slot)->C_EncryptFinal(symKey->slot->session,
- NULL, &count);
- rv = SECSuccess;
- }
- PK11_ExitSlotMonitor(symKey->slot);
- return rv;
-}
-
-SECKEYPrivateKey *
-PK11_UnwrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
- CK_MECHANISM_TYPE wrapType, SECItem *param,
- SECItem *wrappedKey, SECItem *label,
- SECItem *idValue, PRBool perm, PRBool sensitive,
- CK_KEY_TYPE keyType, CK_ATTRIBUTE_TYPE *usage, int usageCount,
- void *wincx)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_OBJECT_CLASS keyClass = CKO_PRIVATE_KEY;
- CK_ATTRIBUTE keyTemplate[15] ;
- int templateCount = 0;
- CK_OBJECT_HANDLE privKeyID;
- CK_MECHANISM mechanism;
- CK_ATTRIBUTE *attrs = keyTemplate;
- SECItem *param_free = NULL, *ck_id;
- CK_RV crv;
- CK_SESSION_HANDLE rwsession;
- PK11SymKey *newKey = NULL;
- int i;
-
- if(!slot || !wrappedKey || !idValue) {
- /* SET AN ERROR!!! */
- return NULL;
- }
-
- ck_id = PK11_MakeIDFromPubKey(idValue);
- if(!ck_id) {
- return NULL;
- }
-
- PK11_SETATTRS(attrs, CKA_TOKEN, perm ? &cktrue : &ckfalse,
- sizeof(cktrue)); attrs++;
- PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass)); attrs++;
- PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType)); attrs++;
- PK11_SETATTRS(attrs, CKA_PRIVATE, sensitive ? &cktrue : &ckfalse,
- sizeof(cktrue)); attrs++;
- PK11_SETATTRS(attrs, CKA_SENSITIVE, sensitive ? &cktrue : &ckfalse,
- sizeof(cktrue)); attrs++;
- PK11_SETATTRS(attrs, CKA_LABEL, label->data, label->len); attrs++;
- PK11_SETATTRS(attrs, CKA_ID, ck_id->data, ck_id->len); attrs++;
- for (i=0; i < usageCount; i++) {
- PK11_SETATTRS(attrs, usage[i], &cktrue, sizeof(cktrue)); attrs++;
- }
-
- if (PK11_IsInternal(slot)) {
- PK11_SETATTRS(attrs, CKA_NETSCAPE_DB, idValue->data,
- idValue->len); attrs++;
- }
-
- templateCount = attrs - keyTemplate;
- PR_ASSERT(templateCount <= (sizeof(keyTemplate) / sizeof(CK_ATTRIBUTE)) );
-
- mechanism.mechanism = wrapType;
- if(!param) param = param_free= PK11_ParamFromIV(wrapType, NULL);
- if(param) {
- mechanism.pParameter = param->data;
- mechanism.ulParameterLen = param->len;
- } else {
- mechanism.pParameter = NULL;
- mechanism.ulParameterLen = 0;
- }
-
- if (wrappingKey->slot != slot) {
- newKey = pk11_CopyToSlot(slot,wrapType,CKA_WRAP,wrappingKey);
- } else {
- newKey = PK11_ReferenceSymKey(wrappingKey);
- }
-
- if (newKey) {
- if (perm) {
- rwsession = PK11_GetRWSession(slot);
- } else {
- rwsession = slot->session;
- }
- crv = PK11_GETTAB(slot)->C_UnwrapKey(rwsession, &mechanism,
- newKey->objectID,
- wrappedKey->data,
- wrappedKey->len, keyTemplate,
- templateCount, &privKeyID);
-
- if (perm) PK11_RestoreROSession(slot, rwsession);
- PK11_FreeSymKey(newKey);
- } else {
- crv = CKR_FUNCTION_NOT_SUPPORTED;
- }
-
- if(ck_id) {
- SECITEM_FreeItem(ck_id, PR_TRUE);
- ck_id = NULL;
- }
-
- if (crv != CKR_OK) {
- /* we couldn't unwrap the key, use the internal module to do the
- * unwrap, then load the new key into the token */
- PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
- if (int_slot && (slot != int_slot)) {
- SECKEYPrivateKey *privKey = PK11_UnwrapPrivKey(int_slot,
- wrappingKey, wrapType, param, wrappedKey, label,
- idValue, PR_FALSE, PR_FALSE,
- keyType, usage, usageCount, wincx);
- if (privKey) {
- SECKEYPrivateKey *newPrivKey = pk11_loadPrivKey(slot,privKey,
- NULL,perm,sensitive);
- SECKEY_DestroyPrivateKey(privKey);
- PK11_FreeSlot(int_slot);
- return newPrivKey;
- }
- }
- if (int_slot) PK11_FreeSlot(int_slot);
- PORT_SetError( PK11_MapError(crv) );
- return NULL;
- }
- return PK11_MakePrivKey(slot, nullKey, PR_FALSE, privKeyID, wincx);
-}
-
-#define ALLOC_BLOCK 10
-
-/*
- * Now we're going to wrap a SECKEYPrivateKey with a PK11SymKey
- * The strategy is to get both keys to reside in the same slot,
- * one that can perform the desired crypto mechanism and then
- * call C_WrapKey after all the setup has taken place.
- */
-SECStatus
-PK11_WrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
- SECKEYPrivateKey *privKey, CK_MECHANISM_TYPE wrapType,
- SECItem *param, SECItem *wrappedKey, void *wincx)
-{
- PK11SlotInfo *privSlot = privKey->pkcs11Slot; /* The slot where
- * the private key
- * we are going to
- * wrap lives.
- */
- PK11SymKey *newSymKey = NULL;
- SECKEYPrivateKey *newPrivKey = NULL;
- SECItem *param_free = NULL;
- CK_ULONG len = wrappedKey->len;
- CK_MECHANISM mech;
- CK_RV crv;
-
- if (!privSlot || !PK11_DoesMechanism(privSlot, wrapType)) {
- /* Figure out a slot that does the mechanism and try to import
- * the private key onto that slot.
- */
- PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
- privSlot = int_slot; /* The private key has a new home */
- newPrivKey = pk11_loadPrivKey(privSlot,privKey,NULL,PR_FALSE,PR_FALSE);
- if (newPrivKey == NULL) {
- PK11_FreeSlot (int_slot);
- return SECFailure;
- }
- privKey = newPrivKey;
- }
-
- if (privSlot != wrappingKey->slot) {
- newSymKey = pk11_CopyToSlot (privSlot, wrapType, CKA_WRAP,
- wrappingKey);
- wrappingKey = newSymKey;
- }
-
- if (wrappingKey == NULL) {
- if (newPrivKey) {
- SECKEY_DestroyPrivateKey(newPrivKey);
- }
- return SECFailure;
- }
- mech.mechanism = wrapType;
- if (!param) {
- param = param_free = PK11_ParamFromIV(wrapType, NULL);
- }
- if (param) {
- mech.pParameter = param->data;
- mech.ulParameterLen = param->len;
- } else {
- mech.pParameter = NULL;
- mech.ulParameterLen = 0;
- }
-
- PK11_EnterSlotMonitor(privSlot);
- crv = PK11_GETTAB(privSlot)->C_WrapKey(privSlot->session, &mech,
- wrappingKey->objectID,
- privKey->pkcs11ID,
- wrappedKey->data, &len);
- PK11_ExitSlotMonitor(privSlot);
-
- if (newSymKey) {
- PK11_FreeSymKey(newSymKey);
- }
- if (newPrivKey) {
- SECKEY_DestroyPrivateKey(newPrivKey);
- }
-
- if (crv != CKR_OK) {
- PORT_SetError( PK11_MapError(crv) );
- return SECFailure;
- }
-
- wrappedKey->len = len;
- return SECSuccess;
-}
-
-void
-PK11_SetFortezzaHack(PK11SymKey *symKey) {
- symKey->origin = PK11_OriginFortezzaHack;
-}
-
-SECItem*
-PK11_DEREncodePublicKey(SECKEYPublicKey *pubk)
-{
- CERTSubjectPublicKeyInfo *spki=NULL;
- SECItem *spkiDER = NULL;
-
- if( pubk == NULL ) {
- return NULL;
- }
-
- /* get the subjectpublickeyinfo */
- spki = SECKEY_CreateSubjectPublicKeyInfo(pubk);
- if( spki == NULL ) {
- goto finish;
- }
-
- /* DER-encode the subjectpublickeyinfo */
- spkiDER = SEC_ASN1EncodeItem(NULL /*arena*/, NULL/*dest*/, spki,
- CERT_SubjectPublicKeyInfoTemplate);
-
-finish:
- return spkiDER;
-}
-
-PK11SymKey*
-PK11_CopySymKeyForSigning(PK11SymKey *originalKey, CK_MECHANISM_TYPE mech)
-{
- return pk11_CopyToSlot(PK11_GetSlotFromKey(originalKey), mech, CKA_SIGN,
- originalKey);
-}
diff --git a/security/nss/lib/pk11wrap/pk11slot.c b/security/nss/lib/pk11wrap/pk11slot.c
deleted file mode 100644
index b42607f57..000000000
--- a/security/nss/lib/pk11wrap/pk11slot.c
+++ /dev/null
@@ -1,4331 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Deal with PKCS #11 Slots.
- */
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pkcs11t.h"
-#include "pk11func.h"
-#include "cert.h"
-#include "key.h"
-#include "secitem.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "prtime.h"
-#include "prlong.h"
-#include "secerr.h"
-/*#include "secpkcs5.h" */
-
-
-/*************************************************************
- * local static and global data
- *************************************************************/
-
-/*
- * This array helps parsing between names, mechanisms, and flags.
- * to make the config files understand more entries, add them
- * to this table. (NOTE: we need function to export this table and it's size)
- */
-PK11DefaultArrayEntry PK11_DefaultArray[] = {
- { "RSA", SECMOD_RSA_FLAG, CKM_RSA_PKCS },
- { "DSA", SECMOD_DSA_FLAG, CKM_DSA },
- { "DH", SECMOD_DH_FLAG, CKM_DH_PKCS_DERIVE },
- { "RC2", SECMOD_RC2_FLAG, CKM_RC2_CBC },
- { "RC4", SECMOD_RC4_FLAG, CKM_RC4 },
- { "DES", SECMOD_DES_FLAG, CKM_DES_CBC },
- { "AES", SECMOD_AES_FLAG, CKM_AES_CBC },
- { "RC5", SECMOD_RC5_FLAG, CKM_RC5_CBC },
- { "SHA-1", SECMOD_SHA1_FLAG, CKM_SHA_1 },
- { "MD5", SECMOD_MD5_FLAG, CKM_MD5 },
- { "MD2", SECMOD_MD2_FLAG, CKM_MD2 },
- { "SSL", SECMOD_SSL_FLAG, CKM_SSL3_PRE_MASTER_KEY_GEN },
- { "TLS", SECMOD_TLS_FLAG, CKM_TLS_MASTER_KEY_DERIVE },
- { "SKIPJACK", SECMOD_FORTEZZA_FLAG, CKM_SKIPJACK_CBC64 },
- { "Publicly-readable certs", SECMOD_FRIENDLY_FLAG, CKM_INVALID_MECHANISM },
- { "Random Num Generator", SECMOD_RANDOM_FLAG, CKM_FAKE_RANDOM },
-};
-int num_pk11_default_mechanisms = sizeof(PK11_DefaultArray) / sizeof(PK11_DefaultArray[0]);
-
-/*
- * These slotlists are lists of modules which provide default support for
- * a given algorithm or mechanism.
- */
-static PK11SlotList pk11_aesSlotList,
- pk11_desSlotList,
- pk11_rc4SlotList,
- pk11_rc2SlotList,
- pk11_rc5SlotList,
- pk11_sha1SlotList,
- pk11_md5SlotList,
- pk11_md2SlotList,
- pk11_rsaSlotList,
- pk11_dsaSlotList,
- pk11_dhSlotList,
- pk11_ideaSlotList,
- pk11_sslSlotList,
- pk11_tlsSlotList,
- pk11_randomSlotList;
-
-/*
- * Tables used for Extended mechanism mapping (currently not used)
- */
-typedef struct {
- CK_MECHANISM_TYPE keyGen;
- CK_KEY_TYPE keyType;
- CK_MECHANISM_TYPE type;
- int blockSize;
- int iv;
-} pk11MechanismData;
-
-static pk11MechanismData pk11_default =
- { CKM_GENERIC_SECRET_KEY_GEN, CKK_GENERIC_SECRET, CKM_FAKE_RANDOM, 8, 8 };
-static pk11MechanismData *pk11_MechanismTable = NULL;
-static int pk11_MechTableSize = 0;
-static int pk11_MechEntrySize = 0;
-
-/*
- * list of mechanisms we're willing to wrap secret keys with.
- * This list is ordered by preference.
- */
-CK_MECHANISM_TYPE wrapMechanismList[] = {
- CKM_DES3_ECB,
- CKM_CAST5_ECB,
- CKM_AES_ECB,
- CKM_CAST5_ECB,
- CKM_DES_ECB,
- CKM_KEY_WRAP_LYNKS,
- CKM_IDEA_ECB,
- CKM_CAST3_ECB,
- CKM_CAST_ECB,
- CKM_RC5_ECB,
- CKM_RC2_ECB,
- CKM_CDMF_ECB,
- CKM_SKIPJACK_WRAP,
-};
-
-int wrapMechanismCount = sizeof(wrapMechanismList)/sizeof(wrapMechanismList[0]);
-
-/*
- * This structure keeps track of status that spans all the Slots.
- * NOTE: This is a global data structure. It semantics expect thread crosstalk
- * be very careful when you see it used.
- * It's major purpose in life is to allow the user to log in one PER
- * Tranaction, even if a transaction spans threads. The problem is the user
- * may have to enter a password one just to be able to look at the
- * personalities/certificates (s)he can use. Then if Auth every is one, they
- * may have to enter the password again to use the card. See PK11_StartTransac
- * and PK11_EndTransaction.
- */
-static struct PK11GlobalStruct {
- int transaction;
- PRBool inTransaction;
- char *(*getPass)(PK11SlotInfo *,PRBool,void *);
- PRBool (*verifyPass)(PK11SlotInfo *,void *);
- PRBool (*isLoggedIn)(PK11SlotInfo *,void *);
-} PK11_Global = { 1, PR_FALSE, NULL, NULL, NULL };
-
-/************************************************************
- * Generic Slot List and Slot List element manipulations
- ************************************************************/
-
-/*
- * allocate a new list
- */
-PK11SlotList *
-PK11_NewSlotList(void)
-{
- PK11SlotList *list;
-
- list = (PK11SlotList *)PORT_Alloc(sizeof(PK11SlotList));
- if (list == NULL) return NULL;
- list->head = NULL;
- list->tail = NULL;
-#ifdef PKCS11_USE_THREADS
- list->lock = PZ_NewLock(nssILockList);
- if (list->lock == NULL) {
- PORT_Free(list);
- return NULL;
- }
-#else
- list->lock = NULL;
-#endif
-
- return list;
-}
-
-/*
- * free a list element when all the references go away.
- */
-static void
-pk11_FreeListElement(PK11SlotList *list, PK11SlotListElement *le)
-{
- PRBool freeit = PR_FALSE;
-
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- if (le->refCount-- == 1) {
- freeit = PR_TRUE;
- }
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
- if (freeit) {
- PK11_FreeSlot(le->slot);
- PORT_Free(le);
- }
-}
-
-/*
- * if we are freeing the list, we must be the only ones with a pointer
- * to the list.
- */
-void
-PK11_FreeSlotList(PK11SlotList *list)
-{
- PK11SlotListElement *le, *next ;
- if (list == NULL) return;
-
- for (le = list->head ; le; le = next) {
- next = le->next;
- pk11_FreeListElement(list,le);
- }
- PK11_USE_THREADS(PZ_DestroyLock((PZLock *)(list->lock));)
- PORT_Free(list);
-}
-
-/*
- * add a slot to a list
- */
-SECStatus
-PK11_AddSlotToList(PK11SlotList *list,PK11SlotInfo *slot)
-{
- PK11SlotListElement *le;
-
- le = (PK11SlotListElement *) PORT_Alloc(sizeof(PK11SlotListElement));
- if (le == NULL) return SECFailure;
-
- le->slot = PK11_ReferenceSlot(slot);
- le->prev = NULL;
- le->refCount = 1;
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- if (list->head) list->head->prev = le; else list->tail = le;
- le->next = list->head;
- list->head = le;
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
-
- return SECSuccess;
-}
-
-/*
- * remove a slot entry from the list
- */
-SECStatus
-PK11_DeleteSlotFromList(PK11SlotList *list,PK11SlotListElement *le)
-{
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- if (le->prev) le->prev->next = le->next; else list->head = le->next;
- if (le->next) le->next->prev = le->prev; else list->tail = le->prev;
- le->next = le->prev = NULL;
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
- pk11_FreeListElement(list,le);
- return SECSuccess;
-}
-
-/*
- * Move a list to the end of the target list. NOTE: There is no locking
- * here... This assumes BOTH lists are private copy lists.
- */
-SECStatus
-PK11_MoveListToList(PK11SlotList *target,PK11SlotList *src)
-{
- if (src->head == NULL) return SECSuccess;
-
- if (target->tail == NULL) {
- target->head = src->head;
- } else {
- target->tail->next = src->head;
- }
- src->head->prev = target->tail;
- target->tail = src->tail;
- src->head = src->tail = NULL;
- return SECSuccess;
-}
-
-/*
- * get an element from the list with a reference. You must own the list.
- */
-PK11SlotListElement *
-PK11_GetFirstRef(PK11SlotList *list)
-{
- PK11SlotListElement *le;
-
- le = list->head;
- if (le != NULL) (le)->refCount++;
- return le;
-}
-
-/*
- * get the next element from the list with a reference. You must own the list.
- */
-PK11SlotListElement *
-PK11_GetNextRef(PK11SlotList *list, PK11SlotListElement *le, PRBool restart)
-{
- PK11SlotListElement *new_le;
- new_le = le->next;
- if (new_le) new_le->refCount++;
- pk11_FreeListElement(list,le);
- return new_le;
-}
-
-/*
- * get an element safely from the list. This just makes sure that if
- * this element is not deleted while we deal with it.
- */
-PK11SlotListElement *
-PK11_GetFirstSafe(PK11SlotList *list)
-{
- PK11SlotListElement *le;
-
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- le = list->head;
- if (le != NULL) (le)->refCount++;
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
- return le;
-}
-
-/*
- * NOTE: if this element gets deleted, we can no longer safely traverse using
- * it's pointers. We can either terminate the loop, or restart from the
- * beginning. This is controlled by the restart option.
- */
-PK11SlotListElement *
-PK11_GetNextSafe(PK11SlotList *list, PK11SlotListElement *le, PRBool restart)
-{
- PK11SlotListElement *new_le;
- PK11_USE_THREADS(PZ_Lock((PZLock *)(list->lock));)
- new_le = le->next;
- if (le->next == NULL) {
- /* if the prev and next fields are NULL then either this element
- * has been removed and we need to walk the list again (if restart
- * is true) or this was the only element on the list */
- if ((le->prev == NULL) && restart && (list->head != le)) {
- new_le = list->head;
- }
- }
- if (new_le) new_le->refCount++;
- PK11_USE_THREADS(PZ_Unlock((PZLock *)(list->lock));)
- pk11_FreeListElement(list,le);
- return new_le;
-}
-
-
-/*
- * Find the element that holds this slot
- */
-PK11SlotListElement *
-PK11_FindSlotElement(PK11SlotList *list,PK11SlotInfo *slot)
-{
- PK11SlotListElement *le;
-
- for (le = PK11_GetFirstSafe(list); le;
- le = PK11_GetNextSafe(list,le,PR_TRUE)) {
- if (le->slot == slot) return le;
- }
- return NULL;
-}
-
-/************************************************************
- * Generic Slot Utilities
- ************************************************************/
-/*
- * Create a new slot structure
- */
-PK11SlotInfo *
-PK11_NewSlotInfo(void)
-{
- PK11SlotInfo *slot;
-
- slot = (PK11SlotInfo *)PORT_Alloc(sizeof(PK11SlotInfo));
- if (slot == NULL) return slot;
-
-#ifdef PKCS11_USE_THREADS
- slot->refLock = PZ_NewLock(nssILockSlot);
- if (slot->refLock == NULL) {
- PORT_Free(slot);
- return slot;
- }
- slot->sessionLock = PZ_NewLock(nssILockSession);
- if (slot->sessionLock == NULL) {
- PZ_DestroyLock(slot->refLock);
- PORT_Free(slot);
- return slot;
- }
- slot->freeListLock = PZ_NewLock(nssILockFreelist);
- if (slot->freeListLock == NULL) {
- PZ_DestroyLock(slot->sessionLock);
- PZ_DestroyLock(slot->refLock);
- PORT_Free(slot);
- return slot;
- }
-#else
- slot->sessionLock = NULL;
- slot->refLock = NULL;
- slot->freeListLock = NULL;
-#endif
- slot->freeSymKeysHead = NULL;
- slot->keyCount = 0;
- slot->maxKeyCount = 0;
- slot->functionList = NULL;
- slot->needTest = PR_TRUE;
- slot->isPerm = PR_FALSE;
- slot->isHW = PR_FALSE;
- slot->isInternal = PR_FALSE;
- slot->isThreadSafe = PR_FALSE;
- slot->disabled = PR_FALSE;
- slot->series = 0;
- slot->wrapKey = 0;
- slot->wrapMechanism = CKM_INVALID_MECHANISM;
- slot->refKeys[0] = CK_INVALID_HANDLE;
- slot->reason = PK11_DIS_NONE;
- slot->readOnly = PR_TRUE;
- slot->needLogin = PR_FALSE;
- slot->hasRandom = PR_FALSE;
- slot->defRWSession = PR_FALSE;
- slot->flags = 0;
- slot->session = CK_INVALID_SESSION;
- slot->slotID = 0;
- slot->defaultFlags = 0;
- slot->refCount = 1;
- slot->askpw = 0;
- slot->timeout = 0;
- slot->mechanismList = NULL;
- slot->mechanismCount = 0;
- slot->cert_array = NULL;
- slot->cert_count = 0;
- slot->slot_name[0] = 0;
- slot->token_name[0] = 0;
- PORT_Memset(slot->serial,' ',sizeof(slot->serial));
- slot->module = NULL;
- slot->authTransact = 0;
- slot->authTime = LL_ZERO;
- slot->minPassword = 0;
- slot->maxPassword = 0;
- slot->hasRootCerts = PR_FALSE;
- return slot;
-}
-
-/* create a new reference to a slot so it doesn't go away */
-PK11SlotInfo *
-PK11_ReferenceSlot(PK11SlotInfo *slot)
-{
- PK11_USE_THREADS(PZ_Lock(slot->refLock);)
- slot->refCount++;
- PK11_USE_THREADS(PZ_Unlock(slot->refLock);)
- return slot;
-}
-
-/* Destroy all info on a slot we have built up */
-void
-PK11_DestroySlot(PK11SlotInfo *slot)
-{
- /* first free up all the sessions on this slot */
- if (slot->functionList) {
- PK11_GETTAB(slot)->C_CloseAllSessions(slot->slotID);
- }
-
- /* free up the cached keys and sessions */
- PK11_CleanKeyList(slot);
-
- /* finally Tell our parent module that we've gone away so it can unload */
- if (slot->module) {
- SECMOD_SlotDestroyModule(slot->module,PR_TRUE);
- }
-#ifdef PKCS11_USE_THREADS
- if (slot->refLock) {
- PZ_DestroyLock(slot->refLock);
- slot->refLock = NULL;
- }
- if (slot->sessionLock) {
- PZ_DestroyLock(slot->sessionLock);
- slot->sessionLock = NULL;
- }
- if (slot->freeListLock) {
- PZ_DestroyLock(slot->freeListLock);
- slot->freeListLock = NULL;
- }
-#endif
-
- /* ok, well not quit finally... now we free the memory */
- PORT_Free(slot);
-}
-
-
-/* We're all done with the slot, free it */
-void
-PK11_FreeSlot(PK11SlotInfo *slot)
-{
- PRBool freeit = PR_FALSE;
-
- PK11_USE_THREADS(PZ_Lock(slot->refLock);)
- if (slot->refCount-- == 1) freeit = PR_TRUE;
- PK11_USE_THREADS(PZ_Unlock(slot->refLock);)
-
- if (freeit) PK11_DestroySlot(slot);
-}
-
-void
-PK11_EnterSlotMonitor(PK11SlotInfo *slot) {
- PZ_Lock(slot->sessionLock);
-}
-
-void
-PK11_ExitSlotMonitor(PK11SlotInfo *slot) {
- PZ_Unlock(slot->sessionLock);
-}
-
-/***********************************************************
- * Functions to find specific slots.
- ***********************************************************/
-PK11SlotInfo *
-PK11_FindSlotByName(char *name)
-{
- SECMODModuleList *mlp;
- SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
- int i;
- PK11SlotInfo *slot = NULL;
-
- if ((name == NULL) || (*name == 0)) {
- return PK11_GetInternalKeySlot();
- }
-
- /* work through all the slots */
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *tmpSlot = mlp->module->slots[i];
- if (PK11_IsPresent(tmpSlot)) {
- if (PORT_Strcmp(tmpSlot->token_name,name) == 0) {
- slot = PK11_ReferenceSlot(tmpSlot);
- break;
- }
- }
- }
- if (slot != NULL) break;
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- if (slot == NULL) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
- }
-
- return slot;
-}
-
-
-PK11SlotInfo *
-PK11_FindSlotBySerial(char *serial)
-{
- SECMODModuleList *mlp;
- SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
- int i;
- PK11SlotInfo *slot = NULL;
-
- /* work through all the slots */
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *tmpSlot = mlp->module->slots[i];
- if (PK11_IsPresent(tmpSlot)) {
- if (PORT_Memcmp(tmpSlot->serial,serial,
- sizeof(tmpSlot->serial)) == 0) {
- slot = PK11_ReferenceSlot(tmpSlot);
- break;
- }
- }
- }
- if (slot != NULL) break;
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- if (slot == NULL) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
- }
-
- return slot;
-}
-
-
-
-
-/***********************************************************
- * Password Utilities
- ***********************************************************/
-/*
- * Check the user's password. Log into the card if it's correct.
- * succeed if the user is already logged in.
- */
-SECStatus
-pk11_CheckPassword(PK11SlotInfo *slot,char *pw)
-{
- int len = PORT_Strlen(pw);
- CK_RV crv;
- SECStatus rv;
- int64 currtime = PR_Now();
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
- (unsigned char *)pw,len);
- PK11_ExitSlotMonitor(slot);
- switch (crv) {
- /* if we're already logged in, we're good to go */
- case CKR_OK:
- slot->authTransact = PK11_Global.transaction;
- case CKR_USER_ALREADY_LOGGED_IN:
- slot->authTime = currtime;
- rv = SECSuccess;
- break;
- case CKR_PIN_INCORRECT:
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
- break;
- default:
- PORT_SetError(PK11_MapError(crv));
- rv = SECFailure; /* some failure we can't fix by retrying */
- }
- return rv;
-}
-
-/*
- * Check the user's password. Logout before hand to make sure that
- * we are really checking the password.
- */
-SECStatus
-PK11_CheckUserPassword(PK11SlotInfo *slot,char *pw)
-{
- int len = PORT_Strlen(pw);
- CK_RV crv;
- SECStatus rv;
- int64 currtime = PR_Now();
-
- /* force a logout */
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_Logout(slot->session);
-
- crv = PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
- (unsigned char *)pw,len);
- PK11_ExitSlotMonitor(slot);
- switch (crv) {
- /* if we're already logged in, we're good to go */
- case CKR_OK:
- slot->authTransact = PK11_Global.transaction;
- slot->authTime = currtime;
- rv = SECSuccess;
- break;
- case CKR_PIN_INCORRECT:
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
- break;
- default:
- PORT_SetError(PK11_MapError(crv));
- rv = SECFailure; /* some failure we can't fix by retrying */
- }
- return rv;
-}
-
-SECStatus
-PK11_Logout(PK11SlotInfo *slot)
-{
- CK_RV crv;
-
- /* force a logout */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_Logout(slot->session);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * transaction stuff is for when we test for the need to do every
- * time auth to see if we already did it for this slot/transaction
- */
-void PK11_StartAuthTransaction(void)
-{
-PK11_Global.transaction++;
-PK11_Global.inTransaction = PR_TRUE;
-}
-
-void PK11_EndAuthTransaction(void)
-{
-PK11_Global.transaction++;
-PK11_Global.inTransaction = PR_FALSE;
-}
-
-/*
- * before we do a private key op, we check to see if we
- * need to reauthenticate.
- */
-void
-PK11_HandlePasswordCheck(PK11SlotInfo *slot,void *wincx)
-{
- int askpw = slot->askpw;
- PRBool NeedAuth = PR_FALSE;
-
- if (!slot->needLogin) return;
-
- if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
- PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
-
- if (def_slot) {
- askpw = def_slot->askpw;
- PK11_FreeSlot(def_slot);
- }
- }
-
- /* timeouts are handled by isLoggedIn */
- if (!PK11_IsLoggedIn(slot,wincx)) {
- NeedAuth = PR_TRUE;
- } else if (askpw == -1) {
- if (!PK11_Global.inTransaction ||
- (PK11_Global.transaction != slot->authTransact)) {
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_Logout(slot->session);
- PK11_ExitSlotMonitor(slot);
- NeedAuth = PR_TRUE;
- }
- }
- if (NeedAuth) PK11_DoPassword(slot,PR_TRUE,wincx);
-}
-
-void
-PK11_SlotDBUpdate(PK11SlotInfo *slot)
-{
- SECMOD_UpdateModule(slot->module);
-}
-
-/*
- * set new askpw and timeout values
- */
-void
-PK11_SetSlotPWValues(PK11SlotInfo *slot,int askpw, int timeout)
-{
- slot->askpw = askpw;
- slot->timeout = timeout;
- slot->defaultFlags |= PK11_OWN_PW_DEFAULTS;
- PK11_SlotDBUpdate(slot);
-}
-
-/*
- * Get the askpw and timeout values for this slot
- */
-void
-PK11_GetSlotPWValues(PK11SlotInfo *slot,int *askpw, int *timeout)
-{
- *askpw = slot->askpw;
- *timeout = slot->timeout;
-
- if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
- PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
-
- if (def_slot) {
- *askpw = def_slot->askpw;
- *timeout = def_slot->timeout;
- PK11_FreeSlot(def_slot);
- }
- }
-}
-
-/*
- * make sure a slot is authenticated...
- */
-SECStatus
-PK11_Authenticate(PK11SlotInfo *slot, PRBool loadCerts, void *wincx) {
- if (slot->needLogin && !PK11_IsLoggedIn(slot,wincx)) {
- return PK11_DoPassword(slot,loadCerts,wincx);
- }
- return SECSuccess;
-}
-
-/*
- * notification stub. If we ever get interested in any events that
- * the pkcs11 functions may pass back to use, we can catch them here...
- * currently pdata is a slotinfo structure.
- */
-CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event,
- CK_VOID_PTR pdata)
-{
- return CKR_OK;
-}
-
-
-/*
- * grab a new RW session
- * !!! has a side effect of grabbing the Monitor if either the slot's default
- * session is RW or the slot is not thread safe. Monitor is release in function
- * below
- */
-CK_SESSION_HANDLE PK11_GetRWSession(PK11SlotInfo *slot)
-{
- CK_SESSION_HANDLE rwsession;
- CK_RV crv;
-
- if (!slot->isThreadSafe || slot->defRWSession) PK11_EnterSlotMonitor(slot);
- if (slot->defRWSession) return slot->session;
-
- crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
- CKF_RW_SESSION|CKF_SERIAL_SESSION,
- slot, pk11_notify,&rwsession);
- if (crv == CKR_SESSION_COUNT) {
- PK11_GETTAB(slot)->C_CloseSession(slot->session);
- slot->session = CK_INVALID_SESSION;
- crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
- CKF_RW_SESSION|CKF_SERIAL_SESSION,
- slot,pk11_notify,&rwsession);
- }
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- if (slot->session == CK_INVALID_SESSION) {
- PK11_GETTAB(slot)->C_OpenSession(slot->slotID,CKF_SERIAL_SESSION,
- slot,pk11_notify,&slot->session);
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return CK_INVALID_SESSION;
- }
-
- return rwsession;
-}
-
-PRBool
-PK11_RWSessionHasLock(PK11SlotInfo *slot,CK_SESSION_HANDLE session_handle) {
- return (PRBool)(!slot->isThreadSafe || slot->defRWSession);
-}
-
-/*
- * close the rwsession and restore our readonly session
- * !!! has a side effect of releasing the Monitor if either the slot's default
- * session is RW or the slot is not thread safe.
- */
-void
-PK11_RestoreROSession(PK11SlotInfo *slot,CK_SESSION_HANDLE rwsession)
-{
- if (slot->defRWSession) {
- PK11_ExitSlotMonitor(slot);
- return;
- }
- PK11_GETTAB(slot)->C_CloseSession(rwsession);
- if (slot->session == CK_INVALID_SESSION) {
- PK11_GETTAB(slot)->C_OpenSession(slot->slotID,CKF_SERIAL_SESSION,
- slot,pk11_notify,&slot->session);
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-}
-
-/*
- * NOTE: this assumes that we are logged out of the card before hand
- */
-SECStatus
-PK11_CheckSSOPassword(PK11SlotInfo *slot, char *ssopw)
-{
- CK_SESSION_HANDLE rwsession;
- CK_RV crv;
- SECStatus rv = SECFailure;
- int len = PORT_Strlen(ssopw);
-
- /* get a rwsession */
- rwsession = PK11_GetRWSession(slot);
- if (rwsession == CK_INVALID_SESSION) return rv;
-
- /* check the password */
- crv = PK11_GETTAB(slot)->C_Login(rwsession,CKU_SO,
- (unsigned char *)ssopw,len);
- switch (crv) {
- /* if we're already logged in, we're good to go */
- case CKR_OK:
- rv = SECSuccess;
- break;
- case CKR_PIN_INCORRECT:
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECWouldBlock; /* everything else is ok, only the pin is bad */
- break;
- default:
- PORT_SetError(PK11_MapError(crv));
- rv = SECFailure; /* some failure we can't fix by retrying */
- }
- PK11_GETTAB(slot)->C_Logout(rwsession);
- /* release rwsession */
- PK11_RestoreROSession(slot,rwsession);
- return rv;
-}
-
-/*
- * make sure the password conforms to your token's requirements.
- */
-SECStatus
-PK11_VerifyPW(PK11SlotInfo *slot,char *pw)
-{
- int len = PORT_Strlen(pw);
-
- if ((slot->minPassword > len) || (slot->maxPassword < len)) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * initialize a user PIN Value
- */
-SECStatus
-PK11_InitPin(PK11SlotInfo *slot,char *ssopw, char *userpw)
-{
- CK_SESSION_HANDLE rwsession = CK_INVALID_SESSION;
- CK_RV crv;
- SECStatus rv = SECFailure;
- int len;
- int ssolen;
-
- if (userpw == NULL) userpw = "";
- if (ssopw == NULL) ssopw = "";
-
- len = PORT_Strlen(userpw);
- ssolen = PORT_Strlen(ssopw);
-
- /* get a rwsession */
- rwsession = PK11_GetRWSession(slot);
- if (rwsession == CK_INVALID_SESSION) goto done;
-
- /* check the password */
- crv = PK11_GETTAB(slot)->C_Login(rwsession,CKU_SO,
- (unsigned char *)ssopw,ssolen);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- goto done;
- }
-
- crv = PK11_GETTAB(slot)->C_InitPIN(rwsession,(unsigned char *)userpw,len);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- } else {
- rv = SECSuccess;
- }
-
-done:
- PK11_GETTAB(slot)->C_Logout(rwsession);
- PK11_RestoreROSession(slot,rwsession);
- if (rv == SECSuccess) {
- /* update our view of the world */
- PK11_InitToken(slot,PR_TRUE);
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_Login(slot->session,CKU_USER,
- (unsigned char *)userpw,len);
- PK11_ExitSlotMonitor(slot);
- }
- return rv;
-}
-
-/*
- * Change an existing user password
- */
-SECStatus
-PK11_ChangePW(PK11SlotInfo *slot,char *oldpw, char *newpw)
-{
- CK_RV crv;
- SECStatus rv = SECFailure;
- int newLen;
- int oldLen;
- CK_SESSION_HANDLE rwsession;
-
- if (newpw == NULL) newpw = "";
- if (oldpw == NULL) oldpw = "";
- newLen = PORT_Strlen(newpw);
- oldLen = PORT_Strlen(oldpw);
-
- /* get a rwsession */
- rwsession = PK11_GetRWSession(slot);
-
- crv = PK11_GETTAB(slot)->C_SetPIN(rwsession,
- (unsigned char *)oldpw,oldLen,(unsigned char *)newpw,newLen);
- if (crv == CKR_OK) {
- rv = SECSuccess;
- } else {
- PORT_SetError(PK11_MapError(crv));
- }
-
- PK11_RestoreROSession(slot,rwsession);
-
- /* update our view of the world */
- PK11_InitToken(slot,PR_TRUE);
- return rv;
-}
-
-static char *
-pk11_GetPassword(PK11SlotInfo *slot, PRBool retry, void * wincx)
-{
- if (PK11_Global.getPass == NULL) return NULL;
- return (*PK11_Global.getPass)(slot, retry, wincx);
-}
-
-void
-PK11_SetPasswordFunc(PK11PasswordFunc func)
-{
- PK11_Global.getPass = func;
-}
-
-void
-PK11_SetVerifyPasswordFunc(PK11VerifyPasswordFunc func)
-{
- PK11_Global.verifyPass = func;
-}
-
-void
-PK11_SetIsLoggedInFunc(PK11IsLoggedInFunc func)
-{
- PK11_Global.isLoggedIn = func;
-}
-
-
-/*
- * authenticate to a slot. This loops until we can't recover, the user
- * gives up, or we succeed. If we're already logged in and this function
- * is called we will still prompt for a password, but we will probably
- * succeed no matter what the password was (depending on the implementation
- * of the PKCS 11 module.
- */
-SECStatus
-PK11_DoPassword(PK11SlotInfo *slot, PRBool loadCerts, void *wincx)
-{
- SECStatus rv = SECFailure;
- char * password;
- PRBool attempt = PR_FALSE;
-
- if (PK11_NeedUserInit(slot)) {
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
-
-
- /*
- * Central server type applications which control access to multiple
- * slave applications to single crypto devices need to virtuallize the
- * login state. This is done by a callback out of PK11_IsLoggedIn and
- * here. If we are actually logged in, then we got here because the
- * higher level code told us that the particular client application may
- * still need to be logged in. If that is the case, we simply tell the
- * server code that it should now verify the clients password and tell us
- * the results.
- */
- if (PK11_IsLoggedIn(slot,NULL) &&
- (PK11_Global.verifyPass != NULL)) {
- if (!PK11_Global.verifyPass(slot,wincx)) {
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- return SECFailure;
- }
- return SECSuccess;
- }
-
- /* get the password. This can drop out of the while loop
- * for the following reasons:
- * (1) the user refused to enter a password.
- * (return error to caller)
- * (2) the token user password is disabled [usually due to
- * too many failed authentication attempts].
- * (return error to caller)
- * (3) the password was successful.
- */
- while ((password = pk11_GetPassword(slot, attempt, wincx)) != NULL) {
- attempt = PR_TRUE;
- rv = pk11_CheckPassword(slot,password);
- PORT_Memset(password, 0, PORT_Strlen(password));
- PORT_Free(password);
- if (rv != SECWouldBlock) break;
- }
- if (rv == SECSuccess) {
- rv = pk11_CheckVerifyTest(slot);
- } else if (!attempt) PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- return rv;
-}
-
-void PK11_LogoutAll(void)
-{
- SECMODListLock *lock = SECMOD_GetDefaultModuleListLock();
- SECMODModuleList *modList = SECMOD_GetDefaultModuleList();
- SECMODModuleList *mlp = NULL;
- int i;
-
- SECMOD_GetReadLock(lock);
- /* find the number of entries */
- for (mlp = modList; mlp != NULL; mlp = mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- PK11_Logout(mlp->module->slots[i]);
- }
- }
-
- SECMOD_ReleaseReadLock(lock);
-}
-
-int
-PK11_GetMinimumPwdLength(PK11SlotInfo *slot)
-{
- return ((int)slot->minPassword);
-}
-
-/************************************************************
- * Manage the built-In Slot Lists
- ************************************************************/
-
-/* Init the static built int slot list (should actually integrate
- * with PK11_NewSlotList */
-static void
-pk11_initSlotList(PK11SlotList *list)
-{
-#ifdef PKCS11_USE_THREADS
- list->lock = PZ_NewLock(nssILockList);
-#else
- list->lock = NULL;
-#endif
- list->head = NULL;
-}
-
-static void
-pk11_freeSlotList(PK11SlotList *list)
-{
- PK11SlotListElement *le, *next ;
- if (list == NULL) return;
-
- for (le = list->head ; le; le = next) {
- next = le->next;
- pk11_FreeListElement(list,le);
- }
-#ifdef PK11_USE_THREADS
- if (list->lock) {
- PZ_DestroyLock((PZLock *)(list->lock));
- }
-#endif
- list->lock = NULL;
- list->head = NULL;
-}
-
-/* initialize the system slotlists */
-SECStatus
-PK11_InitSlotLists(void)
-{
- pk11_initSlotList(&pk11_aesSlotList);
- pk11_initSlotList(&pk11_desSlotList);
- pk11_initSlotList(&pk11_rc4SlotList);
- pk11_initSlotList(&pk11_rc2SlotList);
- pk11_initSlotList(&pk11_rc5SlotList);
- pk11_initSlotList(&pk11_md5SlotList);
- pk11_initSlotList(&pk11_md2SlotList);
- pk11_initSlotList(&pk11_sha1SlotList);
- pk11_initSlotList(&pk11_rsaSlotList);
- pk11_initSlotList(&pk11_dsaSlotList);
- pk11_initSlotList(&pk11_dhSlotList);
- pk11_initSlotList(&pk11_ideaSlotList);
- pk11_initSlotList(&pk11_sslSlotList);
- pk11_initSlotList(&pk11_tlsSlotList);
- pk11_initSlotList(&pk11_randomSlotList);
- return SECSuccess;
-}
-
-void
-PK11_DestroySlotLists(void)
-{
- pk11_freeSlotList(&pk11_aesSlotList);
- pk11_freeSlotList(&pk11_desSlotList);
- pk11_freeSlotList(&pk11_rc4SlotList);
- pk11_freeSlotList(&pk11_rc2SlotList);
- pk11_freeSlotList(&pk11_rc5SlotList);
- pk11_freeSlotList(&pk11_md5SlotList);
- pk11_freeSlotList(&pk11_md2SlotList);
- pk11_freeSlotList(&pk11_sha1SlotList);
- pk11_freeSlotList(&pk11_rsaSlotList);
- pk11_freeSlotList(&pk11_dsaSlotList);
- pk11_freeSlotList(&pk11_dhSlotList);
- pk11_freeSlotList(&pk11_ideaSlotList);
- pk11_freeSlotList(&pk11_sslSlotList);
- pk11_freeSlotList(&pk11_tlsSlotList);
- pk11_freeSlotList(&pk11_randomSlotList);
- return;
-}
-
-/* return a system slot list based on mechanism */
-PK11SlotList *
-PK11_GetSlotList(CK_MECHANISM_TYPE type)
-{
-/* XXX a workaround for Bugzilla bug #55267 */
-#if defined(HPUX) && defined(__LP64__)
- if (CKM_INVALID_MECHANISM == type)
- return NULL;
-#endif
- switch (type) {
- case CKM_AES_CBC:
- case CKM_AES_ECB:
- return &pk11_aesSlotList;
- case CKM_DES_CBC:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_DES3_CBC:
- return &pk11_desSlotList;
- case CKM_RC4:
- return &pk11_rc4SlotList;
- case CKM_RC5_CBC:
- return &pk11_rc5SlotList;
- case CKM_SHA_1:
- return &pk11_sha1SlotList;
- case CKM_MD5:
- return &pk11_md5SlotList;
- case CKM_MD2:
- return &pk11_md2SlotList;
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- return &pk11_rc2SlotList;
- case CKM_RSA_PKCS:
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- case CKM_RSA_X_509:
- return &pk11_rsaSlotList;
- case CKM_DSA:
- return &pk11_dsaSlotList;
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- case CKM_DH_PKCS_DERIVE:
- return &pk11_dhSlotList;
- case CKM_SSL3_PRE_MASTER_KEY_GEN:
- case CKM_SSL3_MASTER_KEY_DERIVE:
- case CKM_SSL3_SHA1_MAC:
- case CKM_SSL3_MD5_MAC:
- return &pk11_sslSlotList;
- case CKM_TLS_MASTER_KEY_DERIVE:
- case CKM_TLS_KEY_AND_MAC_DERIVE:
- return &pk11_tlsSlotList;
- case CKM_IDEA_CBC:
- case CKM_IDEA_ECB:
- return &pk11_ideaSlotList;
- case CKM_FAKE_RANDOM:
- return &pk11_randomSlotList;
- }
- return NULL;
-}
-
-/*
- * load the static SlotInfo structures used to select a PKCS11 slot.
- * preSlotInfo has a list of all the default flags for the slots on this
- * module.
- */
-void
-PK11_LoadSlotList(PK11SlotInfo *slot, PK11PreSlotInfo *psi, int count)
-{
- int i;
-
- for (i=0; i < count; i++) {
- if (psi[i].slotID == slot->slotID)
- break;
- }
-
- if (i == count) return;
-
- slot->defaultFlags = psi[i].defaultFlags;
- slot->askpw = psi[i].askpw;
- slot->timeout = psi[i].timeout;
- slot->hasRootCerts = psi[i].hasRootCerts;
-
- /* if the slot is already disabled, don't load them into the
- * default slot lists. We get here so we can save the default
- * list value. */
- if (slot->disabled) return;
-
- /* if the user has disabled us, don't load us in */
- if (slot->defaultFlags & PK11_DISABLE_FLAG) {
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_USER_SELECTED;
- /* free up sessions and things?? */
- return;
- }
-
- for (i=0; i < sizeof(PK11_DefaultArray)/sizeof(PK11_DefaultArray[0]);
- i++) {
- if (slot->defaultFlags & PK11_DefaultArray[i].flag) {
- CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
- PK11SlotList *slotList = PK11_GetSlotList(mechanism);
-
- if (slotList) PK11_AddSlotToList(slotList,slot);
- }
- }
-
- return;
-}
-
-
-/*
- * update a slot to its new attribute according to the slot list
- * returns: SECSuccess if nothing to do or add/delete is successful
- */
-SECStatus
-PK11_UpdateSlotAttribute(PK11SlotInfo *slot, PK11DefaultArrayEntry *entry,
- PRBool add)
- /* add: PR_TRUE if want to turn on */
-{
- SECStatus result = SECSuccess;
- PK11SlotList *slotList = PK11_GetSlotList(entry->mechanism);
-
- if (add) { /* trying to turn on a mechanism */
-
- /* turn on the default flag in the slot */
- slot->defaultFlags |= entry->flag;
-
- /* add this slot to the list */
- if (slotList!=NULL)
- result = PK11_AddSlotToList(slotList, slot);
-
- } else { /* trying to turn off */
-
- /* turn OFF the flag in the slot */
- slot->defaultFlags &= ~entry->flag;
-
- if (slotList) {
- /* find the element in the list & delete it */
- PK11SlotListElement *le = PK11_FindSlotElement(slotList, slot);
-
- /* remove the slot from the list */
- if (le)
- result = PK11_DeleteSlotFromList(slotList, le);
- }
- }
- return result;
-}
-
-/*
- * clear a slot off of all of it's default list
- */
-void
-PK11_ClearSlotList(PK11SlotInfo *slot)
-{
- int i;
-
- if (slot->disabled) return;
- if (slot->defaultFlags == 0) return;
-
- for (i=0; i < sizeof(PK11_DefaultArray)/sizeof(PK11_DefaultArray[0]);
- i++) {
- if (slot->defaultFlags & PK11_DefaultArray[i].flag) {
- CK_MECHANISM_TYPE mechanism = PK11_DefaultArray[i].mechanism;
- PK11SlotList *slotList = PK11_GetSlotList(mechanism);
- PK11SlotListElement *le = NULL;
-
- if (slotList) le = PK11_FindSlotElement(slotList,slot);
-
- if (le) {
- PK11_DeleteSlotFromList(slotList,le);
- pk11_FreeListElement(slotList,le);
- }
- }
- }
-}
-
-
-/******************************************************************
- * Slot initialization
- ******************************************************************/
-/*
- * turn a PKCS11 Static Label into a string
- */
-char *
-PK11_MakeString(PRArenaPool *arena,char *space,
- char *staticString,int stringLen)
-{
- int i;
- char *newString;
- for(i=(stringLen-1); i >= 0; i--) {
- if (staticString[i] != ' ') break;
- }
- /* move i to point to the last space */
- i++;
- if (arena) {
- newString = (char*)PORT_ArenaAlloc(arena,i+1 /* space for NULL */);
- } else if (space) {
- newString = space;
- } else {
- newString = (char*)PORT_Alloc(i+1 /* space for NULL */);
- }
- if (newString == NULL) return NULL;
-
- if (i) PORT_Memcpy(newString,staticString, i);
- newString[i] = 0;
-
- return newString;
-}
-
-/*
- * verify that slot implements Mechanism mech properly by checking against
- * our internal implementation
- */
-PRBool
-PK11_VerifyMechanism(PK11SlotInfo *slot,PK11SlotInfo *intern,
- CK_MECHANISM_TYPE mech, SECItem *data, SECItem *iv)
-{
- PK11Context *test = NULL, *reference = NULL;
- PK11SymKey *symKey = NULL, *testKey = NULL;
- SECItem *param = NULL;
- unsigned char encTest[8];
- unsigned char encRef[8];
- int outLenTest,outLenRef;
- int key_size = 0;
- PRBool verify = PR_FALSE;
- SECStatus rv;
-
- if ((mech == CKM_RC2_CBC) || (mech == CKM_RC2_ECB) || (mech == CKM_RC4)) {
- key_size = 16;
- }
-
- /* initialize the mechanism parameter */
- param = PK11_ParamFromIV(mech,iv);
- if (param == NULL) goto loser;
-
- /* load the keys and contexts */
- symKey = PK11_KeyGen(intern,mech,NULL, key_size, NULL);
- if (symKey == NULL) goto loser;
-
- reference = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, symKey, param);
- if (reference == NULL) goto loser;
-
- testKey = pk11_CopyToSlot(slot, mech, CKA_ENCRYPT, symKey);
- if (testKey == NULL) goto loser;
-
- test = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, testKey, param);
- if (test == NULL) goto loser;
- SECITEM_FreeItem(param,PR_TRUE); param = NULL;
-
- /* encrypt the test data */
- rv = PK11_CipherOp(test,encTest,&outLenTest,sizeof(encTest),
- data->data,data->len);
- if (rv != SECSuccess) goto loser;
- rv = PK11_CipherOp(reference,encRef,&outLenRef,sizeof(encRef),
- data->data,data->len);
- if (rv != SECSuccess) goto loser;
-
- PK11_DestroyContext(reference,PR_TRUE); reference = NULL;
- PK11_DestroyContext(test,PR_TRUE); test = NULL;
-
- if (outLenTest != outLenRef) goto loser;
- if (PORT_Memcmp(encTest, encRef, outLenTest) != 0) goto loser;
-
- verify = PR_TRUE;
-
-loser:
- if (test) PK11_DestroyContext(test,PR_TRUE);
- if (symKey) PK11_FreeSymKey(symKey);
- if (testKey) PK11_FreeSymKey(testKey);
- if (reference) PK11_DestroyContext(reference,PR_TRUE);
- if (param) SECITEM_FreeItem(param,PR_TRUE);
-
- return verify;
-}
-
-/*
- * this code verifies that the advertised mechanisms are what they
- * seem to be.
- */
-#define MAX_MECH_LIST_SIZE 30 /* we only know of about 30 odd mechanisms */
-PRBool
-PK11_VerifySlotMechanisms(PK11SlotInfo *slot)
-{
- CK_MECHANISM_TYPE mechListArray[MAX_MECH_LIST_SIZE];
- CK_MECHANISM_TYPE *mechList = mechListArray;
- static SECItem data;
- static SECItem iv;
- static unsigned char dataV[8];
- static unsigned char ivV[8];
- static PRBool generated = PR_FALSE;
- CK_ULONG count;
- int i;
- CK_RV crv;
-
- PRBool alloced = PR_FALSE;
- PK11SlotInfo *intern = PK11_GetInternalSlot();
-
- /* if we couldn't initialize an internal module,
- * we can't check external ones */
- if (intern == NULL) return PR_FALSE;
-
- /* first get the count of mechanisms */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,NULL,&count);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PK11_FreeSlot(intern);
- return PR_FALSE;
- }
-
-
- /* don't blow up just because the card supports more mechanisms than
- * we know about, just alloc space for them */
- if (count > MAX_MECH_LIST_SIZE) {
- mechList = (CK_MECHANISM_TYPE *)
- PORT_Alloc(count *sizeof(CK_MECHANISM_TYPE));
- alloced = PR_TRUE;
- if (mechList == NULL) return PR_FALSE;
- }
- /* get the list */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv =PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID, mechList, &count);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- if (alloced) PORT_Free(mechList);
- PK11_FreeSlot(intern);
- return PR_FALSE;
- }
-
- if (!generated) {
- data.data = dataV;
- data.len = sizeof(dataV);
- iv.data = ivV;
- iv.len = sizeof(ivV);
- /* ok, this is a cheat, we know our internal random number generater
- * is thread safe */
- PK11_GETTAB(intern)->C_GenerateRandom(intern->session,
- data.data, data.len);
- PK11_GETTAB(intern)->C_GenerateRandom(intern->session,
- iv.data, iv.len);
- }
- for (i=0; i < (int) count; i++) {
- switch (mechList[i]) {
- case CKM_DES_CBC:
- case CKM_DES_ECB:
- case CKM_RC4:
- case CKM_RC2_CBC:
- case CKM_RC2_ECB:
- if (!PK11_VerifyMechanism(slot,intern,mechList[i],&data,&iv)){
- if (alloced) PORT_Free(mechList);
- PK11_FreeSlot(intern);
- return PR_FALSE;
- }
- }
- }
- if (alloced) PORT_Free(mechList);
- PK11_FreeSlot(intern);
- return PR_TRUE;
-}
-
-/*
- * See if we need to run the verify test, do so if necessary. If we fail,
- * disable the slot.
- */
-SECStatus
-pk11_CheckVerifyTest(PK11SlotInfo *slot)
-{
- PK11_EnterSlotMonitor(slot);
- if (slot->needTest) {
- slot->needTest = PR_FALSE;
- PK11_ExitSlotMonitor(slot);
- if (!PK11_VerifySlotMechanisms(slot)) {
- (void)PK11_GETTAB(slot)->C_CloseSession(slot->session);
- slot->session = CK_INVALID_SESSION;
- PK11_ClearSlotList(slot);
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_TOKEN_VERIFY_FAILED;
- slot->needTest = PR_TRUE;
- PORT_SetError(SEC_ERROR_IO);
- return SECFailure;
- }
- } else {
- PK11_ExitSlotMonitor(slot);
- }
- return SECSuccess;
-}
-
-/*
- * Reads in the slots mechanism list for later use
- */
-SECStatus
-PK11_ReadMechanismList(PK11SlotInfo *slot)
-{
- CK_ULONG count;
- CK_RV crv;
-
- if (slot->mechanismList) {
- PORT_Free(slot->mechanismList);
- slot->mechanismList = NULL;
- }
- slot->mechanismCount = 0;
-
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,NULL,&count);
- if (crv != CKR_OK) {
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
-
- slot->mechanismList = (CK_MECHANISM_TYPE *)
- PORT_Alloc(count *sizeof(CK_MECHANISM_TYPE));
- if (slot->mechanismList == NULL) {
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return SECFailure;
- }
- crv = PK11_GETTAB(slot)->C_GetMechanismList(slot->slotID,
- slot->mechanismList, &count);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_Free(slot->mechanismList);
- slot->mechanismList = NULL;
- PORT_SetError(PK11_MapError(crv));
- return SECSuccess;
- }
- slot->mechanismCount = count;
- return SECSuccess;
-}
-
-/*
- * initialize a new token
- * unlike initialize slot, this can be called multiple times in the lifetime
- * of NSS. It reads the information associated with a card or token,
- * that is not going to change unless the card or token changes.
- */
-SECStatus
-PK11_InitToken(PK11SlotInfo *slot, PRBool loadCerts)
-{
- CK_TOKEN_INFO tokenInfo;
- CK_RV crv;
- char *tmp;
- SECStatus rv;
-
- /* set the slot flags to the current token values */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID,&tokenInfo);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
-
- /* set the slot flags to the current token values */
- slot->series++; /* allow other objects to detect that the
- * slot is different */
- slot->flags = tokenInfo.flags;
- slot->needLogin = ((tokenInfo.flags & CKF_LOGIN_REQUIRED) ?
- PR_TRUE : PR_FALSE);
- slot->readOnly = ((tokenInfo.flags & CKF_WRITE_PROTECTED) ?
- PR_TRUE : PR_FALSE);
- slot->hasRandom = ((tokenInfo.flags & CKF_RNG) ? PR_TRUE : PR_FALSE);
- tmp = PK11_MakeString(NULL,slot->token_name,
- (char *)tokenInfo.label, sizeof(tokenInfo.label));
- slot->minPassword = tokenInfo.ulMinPinLen;
- slot->maxPassword = tokenInfo.ulMaxPinLen;
- PORT_Memcpy(slot->serial,tokenInfo.serialNumber,sizeof(slot->serial));
-
- slot->defRWSession = (PRBool)((!slot->readOnly) &&
- (tokenInfo.ulMaxSessionCount == 1));
- rv = PK11_ReadMechanismList(slot);
- if (rv != SECSuccess) return rv;
-
- slot->hasRSAInfo = PR_FALSE;
- slot->RSAInfoFlags = 0;
-
- /* initialize the maxKeyCount value */
- if (tokenInfo.ulMaxSessionCount == 0) {
- slot->maxKeyCount = 800; /* should be #define or a config param */
- } else if (tokenInfo.ulMaxSessionCount < 20) {
- /* don't have enough sessions to keep that many keys around */
- slot->maxKeyCount = 0;
- } else {
- slot->maxKeyCount = tokenInfo.ulMaxSessionCount/2;
- }
-
- /* Make sure our session handle is valid */
- if (slot->session == CK_INVALID_SESSION) {
- /* we know we don't have a valid session, go get one */
- CK_SESSION_HANDLE session;
-
- /* session should be Readonly, serial */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
- (slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
- slot,pk11_notify,&session);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- slot->session = session;
- } else {
- /* The session we have may be defunct (the token associated with it)
- * has been removed */
- CK_SESSION_INFO sessionInfo;
-
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session,&sessionInfo);
- if (crv == CKR_DEVICE_ERROR) {
- PK11_GETTAB(slot)->C_CloseSession(slot->session);
- crv = CKR_SESSION_CLOSED;
- }
- if ((crv==CKR_SESSION_CLOSED) || (crv==CKR_SESSION_HANDLE_INVALID)) {
- crv =PK11_GETTAB(slot)->C_OpenSession(slot->slotID,
- (slot->defRWSession ? CKF_RW_SESSION : 0) | CKF_SERIAL_SESSION,
- slot,pk11_notify,&slot->session);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- slot->session = CK_INVALID_SESSION;
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return SECFailure;
- }
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- }
-
- if (!(slot->needLogin)) {
- return pk11_CheckVerifyTest(slot);
- }
-
-
- if (!(slot->isInternal) && (slot->hasRandom)) {
- /* if this slot has a random number generater, use it to add entropy
- * to the internal slot. */
- PK11SlotInfo *int_slot = PK11_GetInternalSlot();
-
- if (int_slot) {
- unsigned char random_bytes[32];
-
- /* if this slot can issue random numbers, get some entropy from
- * that random number generater and give it to our internal token.
- */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GenerateRandom
- (slot->session,random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(slot);
- if (crv == CKR_OK) {
- PK11_EnterSlotMonitor(int_slot);
- PK11_GETTAB(int_slot)->C_SeedRandom(int_slot->session,
- random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(int_slot);
- }
-
- /* Now return the favor and send entropy to the token's random
- * number generater */
- PK11_EnterSlotMonitor(int_slot);
- crv = PK11_GETTAB(int_slot)->C_GenerateRandom(int_slot->session,
- random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(int_slot);
- if (crv == CKR_OK) {
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_SeedRandom(slot->session,
- random_bytes, sizeof(random_bytes));
- PK11_ExitSlotMonitor(slot);
- }
- }
- }
-
- return SECSuccess;
-}
-
-static PRBool
-pk11_isRootSlot(PK11SlotInfo *slot)
-{
- CK_ATTRIBUTE findTemp[1];
- CK_ATTRIBUTE *attrs;
- CK_OBJECT_CLASS oclass = CKO_NETSCAPE_BUILTIN_ROOT_LIST;
- int tsize;
- CK_OBJECT_HANDLE handle;
-
- attrs = findTemp;
- PK11_SETATTRS(attrs, CKA_CLASS, &oclass, sizeof(oclass)); attrs++;
- tsize = attrs - findTemp;
- PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
-
- handle = pk11_FindObjectByTemplate(slot,findTemp,tsize);
- if (handle == CK_INVALID_HANDLE) {
- return PR_FALSE;
- }
- return PR_TRUE;
-}
-
-/*
- * Initialize the slot :
- * This initialization code is called on each slot a module supports when
- * it is loaded. It does the bringup initialization. The difference between
- * this and InitToken is Init slot does those one time initialization stuff,
- * usually associated with the reader, while InitToken may get called multiple
- * times as tokens are removed and re-inserted.
- */
-void
-PK11_InitSlot(SECMODModule *mod,CK_SLOT_ID slotID,PK11SlotInfo *slot)
-{
- SECStatus rv;
- char *tmp;
- CK_SLOT_INFO slotInfo;
-
- slot->functionList = mod->functionList;
- slot->isInternal = mod->internal;
- slot->slotID = slotID;
- slot->isThreadSafe = mod->isThreadSafe;
- slot->hasRSAInfo = PR_FALSE;
-
- if (PK11_GETTAB(slot)->C_GetSlotInfo(slotID,&slotInfo) != CKR_OK) {
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
- return;
- }
-
- /* test to make sure claimed mechanism work */
- slot->needTest = mod->internal ? PR_FALSE : PR_TRUE;
- slot->module = mod; /* NOTE: we don't make a reference here because
- * modules have references to their slots. This
- * works because modules keep implicit references
- * from their slots, and won't unload and disappear
- * until all their slots have been freed */
- tmp = PK11_MakeString(NULL,slot->slot_name,
- (char *)slotInfo.slotDescription, sizeof(slotInfo.slotDescription));
- slot->isHW = (PRBool)((slotInfo.flags & CKF_HW_SLOT) == CKF_HW_SLOT);
- if ((slotInfo.flags & CKF_REMOVABLE_DEVICE) == 0) {
- slot->isPerm = PR_TRUE;
- /* permanment slots must have the token present always */
- if ((slotInfo.flags & CKF_TOKEN_PRESENT) == 0) {
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_TOKEN_NOT_PRESENT;
- return; /* nothing else to do */
- }
- }
- /* if the token is present, initialize it */
- if ((slotInfo.flags & CKF_TOKEN_PRESENT) != 0) {
- rv = PK11_InitToken(slot,PR_TRUE);
- /* the only hard failures are on permanent devices, or function
- * verify failures... function verify failures are already handled
- * by tokenInit */
- if ((rv != SECSuccess) && (slot->isPerm) && (!slot->disabled)) {
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_COULD_NOT_INIT_TOKEN;
- }
- }
- if (pk11_isRootSlot(slot)) {
- slot->hasRootCerts= PR_TRUE;
- }
-}
-
-
-
-/*********************************************************************
- * Slot mapping utility functions.
- *********************************************************************/
-
-/*
- * determine if the token is present. If the token is present, make sure
- * we have a valid session handle. Also set the value of needLogin
- * appropriately.
- */
-static PRBool
-pk11_IsPresentCertLoad(PK11SlotInfo *slot, PRBool loadCerts)
-{
- CK_SLOT_INFO slotInfo;
- CK_SESSION_INFO sessionInfo;
- CK_RV crv;
-
- /* disabled slots are never present */
- if (slot->disabled) {
- return PR_FALSE;
- }
-
- /* permanent slots are always present */
- if (slot->isPerm && (slot->session != CK_INVALID_SESSION)) {
- return PR_TRUE;
- }
-
- /* removable slots have a flag that says they are present */
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- if (PK11_GETTAB(slot)->C_GetSlotInfo(slot->slotID,&slotInfo) != CKR_OK) {
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return PR_FALSE;
- }
- if ((slotInfo.flags & CKF_TOKEN_PRESENT) == 0) {
- /* if the slot is no longer present, close the session */
- if (slot->session != CK_INVALID_SESSION) {
- PK11_GETTAB(slot)->C_CloseSession(slot->session);
- slot->session = CK_INVALID_SESSION;
- /* force certs to be freed */
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- return PR_FALSE;
- }
-
- /* use the session Info to determine if the card has been removed and then
- * re-inserted */
- if (slot->session != CK_INVALID_SESSION) {
- crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session, &sessionInfo);
- if (crv != CKR_OK) {
- PK11_GETTAB(slot)->C_CloseSession(slot->session);
- slot->session = CK_INVALID_SESSION;
- }
- }
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
-
- /* card has not been removed, current token info is correct */
- if (slot->session != CK_INVALID_SESSION) return PR_TRUE;
-
- /* initialize the token info state */
- if (PK11_InitToken(slot,loadCerts) != SECSuccess) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-/*
- * old version of the routine
- */
-PRBool
-PK11_IsPresent(PK11SlotInfo *slot) {
- return pk11_IsPresentCertLoad(slot,PR_TRUE);
-}
-
-/* is the slot disabled? */
-PRBool
-PK11_IsDisabled(PK11SlotInfo *slot)
-{
- return slot->disabled;
-}
-
-/* and why? */
-PK11DisableReasons
-PK11_GetDisabledReason(PK11SlotInfo *slot)
-{
- return slot->reason;
-}
-
-/* returns PR_TRUE if successfully disable the slot */
-/* returns PR_FALSE otherwise */
-PRBool PK11_UserDisableSlot(PK11SlotInfo *slot) {
-
- slot->defaultFlags |= PK11_DISABLE_FLAG;
- slot->disabled = PR_TRUE;
- slot->reason = PK11_DIS_USER_SELECTED;
-
- return PR_TRUE;
-}
-
-PRBool PK11_UserEnableSlot(PK11SlotInfo *slot) {
-
- slot->defaultFlags &= ~PK11_DISABLE_FLAG;
- slot->disabled = PR_FALSE;
- slot->reason = PK11_DIS_NONE;
- return PR_TRUE;
-}
-
-PRBool PK11_HasRootCerts(PK11SlotInfo *slot) {
- return slot->hasRootCerts;
-}
-
-/* Get the module this slot is attatched to */
-SECMODModule *
-PK11_GetModule(PK11SlotInfo *slot)
-{
- return slot->module;
-}
-
-/* returnt the default flags of a slot */
-unsigned long
-PK11_GetDefaultFlags(PK11SlotInfo *slot)
-{
- return slot->defaultFlags;
-}
-
-/*
- * we can initialize the password if 1) The toke is not inited
- * (need login == true and see need UserInit) or 2) the token has
- * a NULL password. (slot->needLogin = false & need user Init = false).
- */
-PRBool PK11_NeedPWInitForSlot(PK11SlotInfo *slot)
-{
- if (slot->needLogin && PK11_NeedUserInit(slot)) {
- return PR_TRUE;
- }
- if (!slot->needLogin && !PK11_NeedUserInit(slot)) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-PRBool PK11_NeedPWInit()
-{
- PK11SlotInfo *slot = PK11_GetInternalKeySlot();
- PRBool ret = PK11_NeedPWInitForSlot(slot);
-
- PK11_FreeSlot(slot);
- return ret;
-}
-
-/*
- * The following wrapper functions allow us to export an opaque slot
- * function to the rest of libsec and the world... */
-PRBool
-PK11_IsReadOnly(PK11SlotInfo *slot)
-{
- return slot->readOnly;
-}
-
-PRBool
-PK11_IsHW(PK11SlotInfo *slot)
-{
- return slot->isHW;
-}
-
-PRBool
-PK11_IsInternal(PK11SlotInfo *slot)
-{
- return slot->isInternal;
-}
-
-PRBool
-PK11_NeedLogin(PK11SlotInfo *slot)
-{
- return slot->needLogin;
-}
-
-PRBool
-PK11_IsFriendly(PK11SlotInfo *slot)
-{
- /* internal slot always has public readable certs */
- return (PRBool)(slot->isInternal ||
- ((slot->defaultFlags & SECMOD_FRIENDLY_FLAG) ==
- SECMOD_FRIENDLY_FLAG));
-}
-
-char *
-PK11_GetTokenName(PK11SlotInfo *slot)
-{
- return slot->token_name;
-}
-
-char *
-PK11_GetSlotName(PK11SlotInfo *slot)
-{
- return slot->slot_name;
-}
-
-int
-PK11_GetSlotSeries(PK11SlotInfo *slot)
-{
- return slot->series;
-}
-
-int
-PK11_GetCurrentWrapIndex(PK11SlotInfo *slot)
-{
- return slot->wrapKey;
-}
-
-CK_SLOT_ID
-PK11_GetSlotID(PK11SlotInfo *slot)
-{
- return slot->slotID;
-}
-
-SECMODModuleID
-PK11_GetModuleID(PK11SlotInfo *slot)
-{
- return slot->module->moduleID;
-}
-
-
-/* return the slot info structure */
-SECStatus
-PK11_GetSlotInfo(PK11SlotInfo *slot, CK_SLOT_INFO *info)
-{
- CK_RV crv;
-
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetSlotInfo(slot->slotID,info);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* return the token info structure */
-SECStatus
-PK11_GetTokenInfo(PK11SlotInfo *slot, CK_TOKEN_INFO *info)
-{
- CK_RV crv;
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetTokenInfo(slot->slotID,info);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* Find out if we need to initialize the user's pin */
-PRBool
-PK11_NeedUserInit(PK11SlotInfo *slot)
-{
- return (PRBool)((slot->flags & CKF_USER_PIN_INITIALIZED) == 0);
-}
-
-/* get the internal key slot. FIPS has only one slot for both key slots and
- * default slots */
-PK11SlotInfo *
-PK11_GetInternalKeySlot(void)
-{
- SECMODModule *mod = SECMOD_GetInternalModule();
- PORT_Assert(mod != NULL);
- if (!mod) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
- return PK11_ReferenceSlot(mod->isFIPS ? mod->slots[0] : mod->slots[1]);
-}
-
-/* get the internal default slot */
-PK11SlotInfo *
-PK11_GetInternalSlot(void)
-{
- SECMODModule * mod = SECMOD_GetInternalModule();
- PORT_Assert(mod != NULL);
- if (!mod) {
- PORT_SetError( SEC_ERROR_NO_MODULE );
- return NULL;
- }
- return PK11_ReferenceSlot(mod->slots[0]);
-}
-
-/*
- * Determine if the token is logged in. We have to actually query the token,
- * because it's state can change without intervention from us.
- */
-PRBool
-PK11_IsLoggedIn(PK11SlotInfo *slot,void *wincx)
-{
- CK_SESSION_INFO sessionInfo;
- int askpw = slot->askpw;
- int timeout = slot->timeout;
- CK_RV crv;
-
- /* If we don't have our own password default values, use the system
- * ones */
- if ((slot->defaultFlags & PK11_OWN_PW_DEFAULTS) == 0) {
- PK11SlotInfo *def_slot = PK11_GetInternalKeySlot();
-
- if (def_slot) {
- askpw = def_slot->askpw;
- timeout = def_slot->timeout;
- PK11_FreeSlot(def_slot);
- }
- }
-
- if ((wincx != NULL) && (PK11_Global.isLoggedIn != NULL) &&
- (*PK11_Global.isLoggedIn)(slot, wincx) == PR_FALSE) { return PR_FALSE; }
-
-
- /* forget the password if we've been inactive too long */
- if (askpw == 1) {
- int64 currtime = PR_Now();
- int64 result;
- int64 mult;
-
- LL_I2L(result, timeout);
- LL_I2L(mult, 60*1000*1000);
- LL_MUL(result,result,mult);
- LL_ADD(result, result, slot->authTime);
- if (LL_CMP(result, <, currtime) ) {
- PK11_EnterSlotMonitor(slot);
- PK11_GETTAB(slot)->C_Logout(slot->session);
- PK11_ExitSlotMonitor(slot);
- } else {
- slot->authTime = currtime;
- }
- }
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetSessionInfo(slot->session,&sessionInfo);
- PK11_ExitSlotMonitor(slot);
- /* if we can't get session info, something is really wrong */
- if (crv != CKR_OK) {
- slot->session = CK_INVALID_SESSION;
- return PR_FALSE;
- }
-
- switch (sessionInfo.state) {
- case CKS_RW_PUBLIC_SESSION:
- case CKS_RO_PUBLIC_SESSION:
- default:
- break; /* fail */
- case CKS_RW_USER_FUNCTIONS:
- case CKS_RW_SO_FUNCTIONS:
- case CKS_RO_USER_FUNCTIONS:
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-
-/*
- * check if a given slot supports the requested mechanism
- */
-PRBool
-PK11_DoesMechanism(PK11SlotInfo *slot, CK_MECHANISM_TYPE type)
-{
- int i;
-
- /* CKM_FAKE_RANDOM is not a real PKCS mechanism. It's a marker to
- * tell us we're looking form someone that has implemented get
- * random bits */
- if (type == CKM_FAKE_RANDOM) {
- return slot->hasRandom;
- }
-
- for (i=0; i < (int) slot->mechanismCount; i++) {
- if (slot->mechanismList[i] == type) return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-/*
- * Return true if a token that can do the desired mechanism exists.
- * This allows us to have hardware tokens that can do function XYZ magically
- * allow SSL Ciphers to appear if they are plugged in.
- */
-PRBool
-PK11_TokenExists(CK_MECHANISM_TYPE type)
-{
- SECMODModuleList *mlp;
- SECMODModuleList *modules = SECMOD_GetDefaultModuleList();
- SECMODListLock *moduleLock = SECMOD_GetDefaultModuleListLock();
- PK11SlotInfo *slot;
- PRBool found = PR_FALSE;
- int i;
-
- /* we only need to know if there is a token that does this mechanism.
- * check the internal module first because it's fast, and supports
- * almost everything. */
- slot = PK11_GetInternalSlot();
- if (slot) {
- found = PK11_DoesMechanism(slot,type);
- PK11_FreeSlot(slot);
- }
- if (found) return PR_TRUE; /* bypass getting module locks */
-
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL && (!found); mlp = mlp->next) {
- for (i=0; i < mlp->module->slotCount; i++) {
- slot = mlp->module->slots[i];
- if (PK11_IsPresent(slot)) {
- if (PK11_DoesMechanism(slot,type)) {
- found = PR_TRUE;
- break;
- }
- }
- }
- }
- SECMOD_ReleaseReadLock(moduleLock);
- return found;
-}
-
-/*
- * get all the currently available tokens in a list.
- * that can perform the given mechanism. If mechanism is CKM_INVALID_MECHANISM,
- * get all the tokens. Make sure tokens that need authentication are put at
- * the end of this list.
- */
-PK11SlotList *
-PK11_GetAllTokens(CK_MECHANISM_TYPE type, PRBool needRW, PRBool loadCerts,
- void *wincx)
-{
- PK11SlotList * list = PK11_NewSlotList();
- PK11SlotList * loginList = PK11_NewSlotList();
- PK11SlotList * friendlyList = PK11_NewSlotList();
- SECMODModuleList * mlp;
- SECMODModuleList * modules = SECMOD_GetDefaultModuleList();
- SECMODListLock * moduleLock = SECMOD_GetDefaultModuleListLock();
- int i;
-#if defined( XP_WIN32 )
- int j = 0;
- PRInt32 waste[16];
-#endif
-
- if ((list == NULL) || (loginList == NULL) || (friendlyList == NULL)) {
- if (list) PK11_FreeSlotList(list);
- if (loginList) PK11_FreeSlotList(loginList);
- if (friendlyList) PK11_FreeSlotList(friendlyList);
- return NULL;
- }
-
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
-
-#if defined( XP_WIN32 )
- /* This is works around some horrible cache/page thrashing problems
- ** on Win32. Without this, this loop can take up to 6 seconds at
- ** 100% CPU on a Pentium-Pro 200. The thing this changes is to
- ** increase the size of the stack frame and modify it.
- ** Moving the loop code itself seems to have no effect.
- ** Dunno why this combination makes a difference, but it does.
- */
- waste[ j & 0xf] = j++;
-#endif
-
- for (i = 0; i < mlp->module->slotCount; i++) {
- PK11SlotInfo *slot = mlp->module->slots[i];
-
- if (pk11_IsPresentCertLoad(slot, loadCerts)) {
- if (needRW && slot->readOnly) continue;
- if ((type == CKM_INVALID_MECHANISM)
- || PK11_DoesMechanism(slot, type)) {
- if (slot->needLogin && !PK11_IsLoggedIn(slot, wincx)) {
- if (PK11_IsFriendly(slot)) {
- PK11_AddSlotToList(friendlyList, slot);
- } else {
- PK11_AddSlotToList(loginList, slot);
- }
- } else {
- PK11_AddSlotToList(list, slot);
- }
- }
- }
- }
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- PK11_MoveListToList(list,friendlyList);
- PK11_FreeSlotList(friendlyList);
- PK11_MoveListToList(list,loginList);
- PK11_FreeSlotList(loginList);
-
- return list;
-}
-
-/*
- * NOTE: This routine is working from a private List generated by
- * PK11_GetAllTokens. That is why it does not need to lock.
- */
-PK11SlotList *
-PK11_GetPrivateKeyTokens(CK_MECHANISM_TYPE type,PRBool needRW,void *wincx)
-{
- PK11SlotList *list = PK11_GetAllTokens(type,needRW,PR_TRUE,wincx);
- PK11SlotListElement *le, *next ;
- SECStatus rv;
-
- if (list == NULL) return list;
-
- for (le = list->head ; le; le = next) {
- next = le->next; /* save the pointer here in case we have to
- * free the element later */
- rv = PK11_Authenticate(le->slot,PR_TRUE,wincx);
- if (rv != SECSuccess) {
- PK11_DeleteSlotFromList(list,le);
- continue;
- }
- }
- return list;
-}
-
-
-/*
- * find the best slot which supports the given
- * Mechanism. In normal cases this should grab the first slot on the list
- * with no fuss.
- */
-PK11SlotInfo *
-PK11_GetBestSlotMultiple(CK_MECHANISM_TYPE *type, int mech_count, void *wincx)
-{
- PK11SlotList *list = NULL;
- PK11SlotListElement *le ;
- PK11SlotInfo *slot = NULL;
- PRBool freeit = PR_FALSE;
- PRBool listNeedLogin = PR_FALSE;
- int i;
- SECStatus rv;
-
- list = PK11_GetSlotList(type[0]);
-
- if ((list == NULL) || (list->head == NULL)) {
- /* We need to look up all the tokens for the mechanism */
- list = PK11_GetAllTokens(type[0],PR_FALSE,PR_TRUE,wincx);
- freeit = PR_TRUE;
- }
-
- /* no one can do it! */
- if (list == NULL) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
- return NULL;
- }
-
- PORT_SetError(0);
-
-
- listNeedLogin = PR_FALSE;
- for (i=0; i < mech_count; i++) {
- if ((type[i] != CKM_FAKE_RANDOM) && (type[i] != CKM_SHA_1) &&
- (type[i] != CKM_MD5) && (type[i] != CKM_MD2)) {
- listNeedLogin = PR_TRUE;
- break;
- }
- }
-
- for (le = PK11_GetFirstSafe(list); le;
- le = PK11_GetNextSafe(list,le,PR_TRUE)) {
- if (PK11_IsPresent(le->slot)) {
- PRBool doExit = PR_FALSE;
- for (i=0; i < mech_count; i++) {
- if (!PK11_DoesMechanism(le->slot,type[i])) {
- doExit = PR_TRUE;
- break;
- }
- }
- if (doExit) continue;
-
- if (listNeedLogin && le->slot->needLogin) {
- rv = PK11_Authenticate(le->slot,PR_TRUE,wincx);
- if (rv != SECSuccess) continue;
- }
- slot = le->slot;
- PK11_ReferenceSlot(slot);
- pk11_FreeListElement(list,le);
- if (freeit) { PK11_FreeSlotList(list); }
- return slot;
- }
- }
- if (freeit) { PK11_FreeSlotList(list); }
- if (PORT_GetError() == 0) {
- PORT_SetError(SEC_ERROR_NO_TOKEN);
- }
- return NULL;
-}
-
-/* original get best slot now calls the multiple version with only one type */
-PK11SlotInfo *
-PK11_GetBestSlot(CK_MECHANISM_TYPE type, void *wincx)
-{
- return PK11_GetBestSlotMultiple(&type, 1, wincx);
-}
-
-/*
- * find the best key wrap mechanism for this slot.
- */
-CK_MECHANISM_TYPE
-PK11_GetBestWrapMechanism(PK11SlotInfo *slot)
-{
- int i;
- for (i=0; i < wrapMechanismCount; i++) {
- if (PK11_DoesMechanism(slot,wrapMechanismList[i])) {
- return wrapMechanismList[i];
- }
- }
- return CKM_INVALID_MECHANISM;
-}
-
-int
-PK11_GetBestKeyLength(PK11SlotInfo *slot,CK_MECHANISM_TYPE mechanism)
-{
- CK_MECHANISM_INFO mechanism_info;
- CK_RV crv;
-
- if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,
- mechanism,&mechanism_info);
- if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) return 0;
-
- if (mechanism_info.ulMinKeySize == mechanism_info.ulMaxKeySize)
- return 0;
- return mechanism_info.ulMaxKeySize;
-}
-
-
-/*********************************************************************
- * Mechanism Mapping functions
- *********************************************************************/
-
-/*
- * lookup an entry in the mechanism table. If none found, return the
- * default structure.
- */
-static pk11MechanismData *
-pk11_lookup(CK_MECHANISM_TYPE type)
-{
- int i;
- for (i=0; i < pk11_MechEntrySize; i++) {
- if (pk11_MechanismTable[i].type == type) {
- return (&pk11_MechanismTable[i]);
- }
- }
- return &pk11_default;
-}
-
-/*
- * NOTE: This is not thread safe. Called at init time, and when loading
- * a new Entry. It is reasonably safe as long as it is not re-entered
- * (readers will always see a consistant table)
- *
- * This routine is called to add entries to the mechanism table, once there,
- * they can not be removed.
- */
-void
-PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
- CK_MECHANISM_TYPE keyGen, int ivLen, int blockSize)
-{
- int tableSize = pk11_MechTableSize;
- int size = pk11_MechEntrySize;
- int entry = size++;
- pk11MechanismData *old = pk11_MechanismTable;
- pk11MechanismData *newt = pk11_MechanismTable;
-
-
- if (size > tableSize) {
- int oldTableSize = tableSize;
- tableSize += 10;
- newt = (pk11MechanismData *)
- PORT_Alloc(tableSize*sizeof(pk11MechanismData));
- if (newt == NULL) return;
-
- if (old) PORT_Memcpy(newt,old,oldTableSize*sizeof(pk11MechanismData));
- } else old = NULL;
-
- newt[entry].type = type;
- newt[entry].keyType = key;
- newt[entry].keyGen = keyGen;
- newt[entry].iv = ivLen;
- newt[entry].blockSize = blockSize;
-
- pk11_MechanismTable = newt;
- pk11_MechTableSize = tableSize;
- pk11_MechEntrySize = size;
- if (old) PORT_Free(old);
-}
-
-/*
- * Get the key type needed for the given mechanism
- */
-CK_MECHANISM_TYPE
-PK11_GetKeyType(CK_MECHANISM_TYPE type,unsigned long len)
-{
- switch (type) {
- case CKM_AES_ECB:
- case CKM_AES_CBC:
- case CKM_AES_MAC:
- case CKM_AES_MAC_GENERAL:
- case CKM_AES_CBC_PAD:
- case CKM_AES_KEY_GEN:
- return CKK_AES;
- case CKM_DES_ECB:
- case CKM_DES_CBC:
- case CKM_DES_MAC:
- case CKM_DES_MAC_GENERAL:
- case CKM_DES_CBC_PAD:
- case CKM_DES_KEY_GEN:
- case CKM_KEY_WRAP_LYNKS:
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- return CKK_DES;
- case CKM_DES3_ECB:
- case CKM_DES3_CBC:
- case CKM_DES3_MAC:
- case CKM_DES3_MAC_GENERAL:
- case CKM_DES3_CBC_PAD:
- return (len == 128) ? CKK_DES2 : CKK_DES3;
- case CKM_DES2_KEY_GEN:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- return CKK_DES2;
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_DES3_KEY_GEN:
- return CKK_DES3;
- case CKM_CDMF_ECB:
- case CKM_CDMF_CBC:
- case CKM_CDMF_MAC:
- case CKM_CDMF_MAC_GENERAL:
- case CKM_CDMF_CBC_PAD:
- case CKM_CDMF_KEY_GEN:
- return CKK_CDMF;
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- case CKM_RC2_MAC:
- case CKM_RC2_MAC_GENERAL:
- case CKM_RC2_CBC_PAD:
- case CKM_RC2_KEY_GEN:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- return CKK_RC2;
- case CKM_RC4:
- case CKM_RC4_KEY_GEN:
- return CKK_RC4;
- case CKM_RC5_ECB:
- case CKM_RC5_CBC:
- case CKM_RC5_MAC:
- case CKM_RC5_MAC_GENERAL:
- case CKM_RC5_CBC_PAD:
- case CKM_RC5_KEY_GEN:
- return CKK_RC5;
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_SKIPJACK_KEY_GEN:
- case CKM_SKIPJACK_WRAP:
- case CKM_SKIPJACK_PRIVATE_WRAP:
- return CKK_SKIPJACK;
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_BATON_WRAP:
- case CKM_BATON_KEY_GEN:
- return CKK_BATON;
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- case CKM_JUNIPER_WRAP:
- case CKM_JUNIPER_KEY_GEN:
- return CKK_JUNIPER;
- case CKM_IDEA_CBC:
- case CKM_IDEA_ECB:
- case CKM_IDEA_MAC:
- case CKM_IDEA_MAC_GENERAL:
- case CKM_IDEA_CBC_PAD:
- case CKM_IDEA_KEY_GEN:
- return CKK_IDEA;
- case CKM_CAST_ECB:
- case CKM_CAST_CBC:
- case CKM_CAST_MAC:
- case CKM_CAST_MAC_GENERAL:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST_KEY_GEN:
- case CKM_PBE_MD5_CAST_CBC:
- return CKK_CAST;
- case CKM_CAST3_ECB:
- case CKM_CAST3_CBC:
- case CKM_CAST3_MAC:
- case CKM_CAST3_MAC_GENERAL:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST3_KEY_GEN:
- case CKM_PBE_MD5_CAST3_CBC:
- return CKK_CAST3;
- case CKM_CAST5_ECB:
- case CKM_CAST5_CBC:
- case CKM_CAST5_MAC:
- case CKM_CAST5_MAC_GENERAL:
- case CKM_CAST5_CBC_PAD:
- case CKM_CAST5_KEY_GEN:
- case CKM_PBE_MD5_CAST5_CBC:
- return CKK_CAST5;
- case CKM_RSA_PKCS:
- case CKM_RSA_9796:
- case CKM_RSA_X_509:
- case CKM_MD2_RSA_PKCS:
- case CKM_MD5_RSA_PKCS:
- case CKM_SHA1_RSA_PKCS:
- case CKM_KEY_WRAP_SET_OAEP:
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- return CKK_RSA;
- case CKM_DSA:
- case CKM_DSA_SHA1:
- case CKM_DSA_KEY_PAIR_GEN:
- return CKK_DSA;
- case CKM_DH_PKCS_DERIVE:
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- return CKK_DH;
- case CKM_KEA_KEY_DERIVE:
- case CKM_KEA_KEY_PAIR_GEN:
- return CKK_KEA;
- case CKM_ECDSA_KEY_PAIR_GEN:
- case CKM_ECDSA:
- case CKM_ECDSA_SHA1:
- return CKK_ECDSA;
- case CKM_SSL3_PRE_MASTER_KEY_GEN:
- case CKM_GENERIC_SECRET_KEY_GEN:
- case CKM_SSL3_MASTER_KEY_DERIVE:
- case CKM_SSL3_MASTER_KEY_DERIVE_DH:
- case CKM_SSL3_KEY_AND_MAC_DERIVE:
- case CKM_SSL3_SHA1_MAC:
- case CKM_SSL3_MD5_MAC:
- case CKM_TLS_MASTER_KEY_DERIVE:
- case CKM_TLS_MASTER_KEY_DERIVE_DH:
- case CKM_TLS_KEY_AND_MAC_DERIVE:
- case CKM_SHA_1_HMAC:
- case CKM_SHA_1_HMAC_GENERAL:
- case CKM_MD2_HMAC:
- case CKM_MD2_HMAC_GENERAL:
- case CKM_MD5_HMAC:
- case CKM_MD5_HMAC_GENERAL:
- case CKM_TLS_PRF_GENERAL:
- return CKK_GENERIC_SECRET;
- default:
- return pk11_lookup(type)->keyType;
- }
-}
-
-/*
- * Get the Key Gen Mechanism needed for the given
- * crypto mechanism
- */
-CK_MECHANISM_TYPE
-PK11_GetKeyGen(CK_MECHANISM_TYPE type)
-{
- switch (type) {
- case CKM_AES_ECB:
- case CKM_AES_CBC:
- case CKM_AES_MAC:
- case CKM_AES_MAC_GENERAL:
- case CKM_AES_CBC_PAD:
- return CKM_AES_KEY_GEN;
- case CKM_DES_ECB:
- case CKM_DES_CBC:
- case CKM_DES_MAC:
- case CKM_DES_MAC_GENERAL:
- case CKM_KEY_WRAP_LYNKS:
- case CKM_DES_CBC_PAD:
- return CKM_DES_KEY_GEN;
- case CKM_DES3_ECB:
- case CKM_DES3_CBC:
- case CKM_DES3_MAC:
- case CKM_DES3_MAC_GENERAL:
- case CKM_DES3_CBC_PAD:
- return CKM_DES3_KEY_GEN;
- case CKM_CDMF_ECB:
- case CKM_CDMF_CBC:
- case CKM_CDMF_MAC:
- case CKM_CDMF_MAC_GENERAL:
- case CKM_CDMF_CBC_PAD:
- return CKM_CDMF_KEY_GEN;
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- case CKM_RC2_MAC:
- case CKM_RC2_MAC_GENERAL:
- case CKM_RC2_CBC_PAD:
- return CKM_RC2_KEY_GEN;
- case CKM_RC4:
- return CKM_RC4_KEY_GEN;
- case CKM_RC5_ECB:
- case CKM_RC5_CBC:
- case CKM_RC5_MAC:
- case CKM_RC5_MAC_GENERAL:
- case CKM_RC5_CBC_PAD:
- return CKM_RC5_KEY_GEN;
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_SKIPJACK_WRAP:
- return CKM_SKIPJACK_KEY_GEN;
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_BATON_WRAP:
- return CKM_BATON_KEY_GEN;
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- case CKM_JUNIPER_WRAP:
- return CKM_JUNIPER_KEY_GEN;
- case CKM_IDEA_CBC:
- case CKM_IDEA_ECB:
- case CKM_IDEA_MAC:
- case CKM_IDEA_MAC_GENERAL:
- case CKM_IDEA_CBC_PAD:
- return CKM_IDEA_KEY_GEN;
- case CKM_CAST_ECB:
- case CKM_CAST_CBC:
- case CKM_CAST_MAC:
- case CKM_CAST_MAC_GENERAL:
- case CKM_CAST_CBC_PAD:
- return CKM_CAST_KEY_GEN;
- case CKM_CAST3_ECB:
- case CKM_CAST3_CBC:
- case CKM_CAST3_MAC:
- case CKM_CAST3_MAC_GENERAL:
- case CKM_CAST3_CBC_PAD:
- return CKM_CAST3_KEY_GEN;
- case CKM_CAST5_ECB:
- case CKM_CAST5_CBC:
- case CKM_CAST5_MAC:
- case CKM_CAST5_MAC_GENERAL:
- case CKM_CAST5_CBC_PAD:
- return CKM_CAST5_KEY_GEN;
- case CKM_RSA_PKCS:
- case CKM_RSA_9796:
- case CKM_RSA_X_509:
- case CKM_MD2_RSA_PKCS:
- case CKM_MD5_RSA_PKCS:
- case CKM_SHA1_RSA_PKCS:
- case CKM_KEY_WRAP_SET_OAEP:
- return CKM_RSA_PKCS_KEY_PAIR_GEN;
- case CKM_DSA:
- case CKM_DSA_SHA1:
- return CKM_DSA_KEY_PAIR_GEN;
- case CKM_DH_PKCS_DERIVE:
- return CKM_DH_PKCS_KEY_PAIR_GEN;
- case CKM_KEA_KEY_DERIVE:
- return CKM_KEA_KEY_PAIR_GEN;
- case CKM_ECDSA:
- return CKM_ECDSA_KEY_PAIR_GEN;
- case CKM_SSL3_PRE_MASTER_KEY_GEN:
- case CKM_SSL3_MASTER_KEY_DERIVE:
- case CKM_SSL3_KEY_AND_MAC_DERIVE:
- case CKM_SSL3_SHA1_MAC:
- case CKM_SSL3_MD5_MAC:
- case CKM_TLS_MASTER_KEY_DERIVE:
- case CKM_TLS_KEY_AND_MAC_DERIVE:
- return CKM_SSL3_PRE_MASTER_KEY_GEN;
- case CKM_SHA_1_HMAC:
- case CKM_SHA_1_HMAC_GENERAL:
- case CKM_MD2_HMAC:
- case CKM_MD2_HMAC_GENERAL:
- case CKM_MD5_HMAC:
- case CKM_MD5_HMAC_GENERAL:
- case CKM_TLS_PRF_GENERAL:
- return CKM_GENERIC_SECRET_KEY_GEN;
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- return type;
- default:
- return pk11_lookup(type)->keyGen;
- }
-}
-
-/*
- * get the mechanism block size
- */
-int
-PK11_GetBlockSize(CK_MECHANISM_TYPE type,SECItem *params)
-{
- CK_RC5_PARAMS *rc5_params;
- CK_RC5_CBC_PARAMS *rc5_cbc_params;
- switch (type) {
- case CKM_RC5_ECB:
- if ((params) && (params->data)) {
- rc5_params = (CK_RC5_PARAMS *) params->data;
- return (rc5_params->ulWordsize)*2;
- }
- return 8;
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- if ((params) && (params->data)) {
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *) params->data;
- return (rc5_cbc_params->ulWordsize)*2;
- }
- return 8;
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_RC2_ECB:
- case CKM_IDEA_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- case CKM_RC2_CBC:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_RC2_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- return 8;
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- return 4;
- case CKM_AES_ECB:
- case CKM_AES_CBC:
- case CKM_AES_CBC_PAD:
- case CKM_BATON_ECB128:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- return 16;
- case CKM_BATON_ECB96:
- return 12;
- case CKM_RC4:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- return 0;
- case CKM_RSA_PKCS:
- case CKM_RSA_9796:
- case CKM_RSA_X_509:
- /*actually it's the modulus length of the key!*/
- return -1; /* failure */
- default:
- return pk11_lookup(type)->blockSize;
- }
-}
-
-/*
- * get the iv length
- */
-int
-PK11_GetIVLength(CK_MECHANISM_TYPE type)
-{
- switch (type) {
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_RC2_ECB:
- case CKM_IDEA_ECB:
- case CKM_SKIPJACK_WRAP:
- case CKM_BATON_WRAP:
- case CKM_RC5_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- return 0;
- case CKM_RC2_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- case CKM_RC5_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_RC2_CBC_PAD:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_RC5_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- return 8;
- case CKM_AES_CBC:
- case CKM_AES_CBC_PAD:
- return 16;
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- return 24;
- case CKM_RC4:
- case CKM_RSA_PKCS:
- case CKM_RSA_9796:
- case CKM_RSA_X_509:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- return 0;
- default:
- return pk11_lookup(type)->iv;
- }
-}
-
-
-/* These next two utilities are here to help facilitate future
- * Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions
- * like SSL and S-MIME to automatically add them.
- */
-SECItem *
-PK11_ParamFromIV(CK_MECHANISM_TYPE type,SECItem *iv)
-{
- CK_RC2_CBC_PARAMS *rc2_params = NULL;
- CK_RC2_PARAMS *rc2_ecb_params = NULL;
- CK_RC5_PARAMS *rc5_params = NULL;
- CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL;
- SECItem *param;
-
- param = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if (param == NULL) return NULL;
- param->data = NULL;
- param->len = 0;
- switch (type) {
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- case CKM_RSA_9796:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- case CKM_RC4:
- break;
- case CKM_RC2_ECB:
- rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
- if (rc2_ecb_params == NULL) break;
- /* Maybe we should pass the key size in too to get this value? */
- *rc2_ecb_params = 128;
- param->data = (unsigned char *) rc2_ecb_params;
- param->len = sizeof(CK_RC2_PARAMS);
- break;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
- if (rc2_params == NULL) break;
- /* Maybe we should pass the key size in too to get this value? */
- rc2_params->ulEffectiveBits = 128;
- if (iv && iv->data)
- PORT_Memcpy(rc2_params->iv,iv->data,sizeof(rc2_params->iv));
- param->data = (unsigned char *) rc2_params;
- param->len = sizeof(CK_RC2_CBC_PARAMS);
- break;
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *)
- PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + ((iv) ? iv->len : 0));
- if (rc5_cbc_params == NULL) break;
- if (iv && iv->data) {
- rc5_cbc_params->pIv = ((CK_BYTE_PTR) rc5_cbc_params)
- + sizeof(CK_RC5_CBC_PARAMS);
- PORT_Memcpy(rc5_cbc_params->pIv,iv->data,iv->len);
- rc5_cbc_params->ulIvLen = iv->len;
- rc5_cbc_params->ulWordsize = iv->len/2;
- } else {
- rc5_cbc_params->ulWordsize = 4;
- rc5_cbc_params->pIv = NULL;
- rc5_cbc_params->ulIvLen = iv->len;
- }
- rc5_cbc_params->ulRounds = 16;
- param->data = (unsigned char *) rc5_cbc_params;
- param->len = sizeof(CK_RC5_CBC_PARAMS);
- break;
- case CKM_RC5_ECB:
- rc5_params = (CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS));
- if (rc5_params == NULL) break;
- if (iv && iv->data && iv->len) {
- rc5_params->ulWordsize = iv->len/2;
- } else {
- rc5_params->ulWordsize = 4;
- }
- rc5_params->ulRounds = 16;
- param->data = (unsigned char *) rc5_params;
- param->len = sizeof(CK_RC5_PARAMS);
- break;
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_AES_CBC_PAD:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- if ((iv == NULL) || (iv->data == NULL)) break;
- param->data = (unsigned char*)PORT_Alloc(iv->len);
- if (param->data != NULL) {
- PORT_Memcpy(param->data,iv->data,iv->len);
- param->len = iv->len;
- }
- break;
- /* unknown mechanism, pass IV in if it's there */
- default:
- if (pk11_lookup(type)->iv == 0) {
- break;
- }
- if ((iv == NULL) || (iv->data == NULL)) {
- break;
- }
- param->data = (unsigned char*)PORT_Alloc(iv->len);
- if (param->data != NULL) {
- PORT_Memcpy(param->data,iv->data,iv->len);
- param->len = iv->len;
- }
- break;
- }
- return param;
-}
-
-unsigned char *
-PK11_IVFromParam(CK_MECHANISM_TYPE type,SECItem *param,int *len)
-{
- CK_RC2_CBC_PARAMS *rc2_params;
- CK_RC5_CBC_PARAMS *rc5_cbc_params;
-
- *len = 0;
- switch (type) {
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- case CKM_RSA_9796:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- case CKM_RC4:
- return NULL;
- case CKM_RC2_ECB:
- return NULL;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
- *len = sizeof(rc2_params->iv);
- return &rc2_params->iv[0];
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *) param->data;
- *len = rc5_cbc_params->ulIvLen;
- return rc5_cbc_params->pIv;
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- break;
- /* unknown mechanism, pass IV in if it's there */
- default:
- break;
- }
- if (param->data) {
- *len = param->len;
- }
- return param->data;
-}
-
-typedef struct sec_rc5cbcParameterStr {
- SECItem version;
- SECItem rounds;
- SECItem blockSizeInBits;
- SECItem iv;
-} sec_rc5cbcParameter;
-
-static const SEC_ASN1Template sec_rc5ecb_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc5cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,version) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,rounds) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,blockSizeInBits) },
- { 0 }
-};
-
-static const SEC_ASN1Template sec_rc5cbc_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc5cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,version) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,rounds) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,blockSizeInBits) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(sec_rc5cbcParameter,iv) },
- { 0 }
-};
-
-typedef struct sec_rc2cbcParameterStr {
- SECItem rc2ParameterVersion;
- SECItem iv;
-} sec_rc2cbcParameter;
-
-static const SEC_ASN1Template sec_rc2cbc_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc2cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc2cbcParameter,rc2ParameterVersion) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(sec_rc2cbcParameter,iv) },
- { 0 }
-};
-
-static const SEC_ASN1Template sec_rc2ecb_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc2cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc2cbcParameter,rc2ParameterVersion) },
- { 0 }
-};
-
-/* S/MIME picked id values to represent differnt keysizes */
-/* I do have a formula, but it ain't pretty, and it only works because you
- * can always match three points to a parabola:) */
-static unsigned char rc2_map(SECItem *version)
-{
- long x;
-
- x = DER_GetInteger(version);
-
- switch (x) {
- case 58: return 128;
- case 120: return 64;
- case 160: return 40;
- }
- return 128;
-}
-
-static unsigned long rc2_unmap(unsigned long x)
-{
- switch (x) {
- case 128: return 58;
- case 64: return 120;
- case 40: return 160;
- }
- return 58;
-}
-
-
-
-/* Generate a mechaism param from a type, and iv. */
-SECItem *
-PK11_ParamFromAlgid(SECAlgorithmID *algid)
-{
- CK_RC2_CBC_PARAMS *rc2_params = NULL;
- CK_RC2_PARAMS *rc2_ecb_params = NULL;
- CK_RC5_CBC_PARAMS *rc5_params_cbc;
- CK_RC5_PARAMS *rc5_params_ecb;
- SECItem iv;
- sec_rc2cbcParameter rc2;
- sec_rc5cbcParameter rc5;
- SECItem *mech;
- CK_MECHANISM_TYPE type;
- SECOidTag algtag;
- SECStatus rv;
-
- algtag = SECOID_GetAlgorithmTag(algid);
- type = PK11_AlgtagToMechanism(algtag);
-
- mech = (SECItem *) PORT_Alloc(sizeof(SECItem));
- if (mech == NULL) return NULL;
-
-
- /* handle the complicated cases */
- switch (type) {
- case CKM_RC2_ECB:
- rv = SEC_ASN1DecodeItem(NULL, &rc2 ,sec_rc2ecb_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
- if (rc2_ecb_params == NULL) {
- PORT_Free(rc2.rc2ParameterVersion.data);
- PORT_Free(mech);
- return NULL;
- }
- *rc2_ecb_params = rc2_map(&rc2.rc2ParameterVersion);
- PORT_Free(rc2.rc2ParameterVersion.data);
- mech->data = (unsigned char *) rc2_ecb_params;
- mech->len = sizeof(CK_RC2_PARAMS);
- return mech;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rv = SEC_ASN1DecodeItem(NULL, &rc2 ,sec_rc2cbc_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
- if (rc2_params == NULL) {
- PORT_Free(rc2.iv.data);
- PORT_Free(rc2.rc2ParameterVersion.data);
- PORT_Free(mech);
- return NULL;
- }
- rc2_params->ulEffectiveBits = rc2_map(&rc2.rc2ParameterVersion);
- PORT_Free(rc2.rc2ParameterVersion.data);
- PORT_Memcpy(rc2_params->iv,rc2.iv.data,sizeof(rc2_params->iv));
- PORT_Free(rc2.iv.data);
- mech->data = (unsigned char *) rc2_params;
- mech->len = sizeof(CK_RC2_CBC_PARAMS);
- return mech;
- case CKM_RC5_ECB:
- rv = SEC_ASN1DecodeItem(NULL, &rc5 ,sec_rc5ecb_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- rc5_params_ecb=(CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS));
- PORT_Free(rc5.version.data);
- if (rc5_params_ecb == NULL) {
- PORT_Free(rc5.rounds.data);
- PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(mech);
- return NULL;
- }
- rc5_params_ecb->ulRounds = DER_GetInteger(&rc5.rounds);
- rc5_params_ecb->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
- PORT_Free(rc5.rounds.data);
- PORT_Free(rc5.blockSizeInBits.data);
- mech->data = (unsigned char *) rc5_params_ecb;
- mech->len = sizeof(CK_RC5_PARAMS);
- return mech;
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rv = SEC_ASN1DecodeItem(NULL, &rc5 ,sec_rc5cbc_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- rc5_params_cbc = (CK_RC5_CBC_PARAMS *)
- PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + rc5.iv.len);
- PORT_Free(rc5.version.data);
- if (rc2_params == NULL) {
- PORT_Free(rc5.iv.data);
- PORT_Free(rc5.rounds.data);
- PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(mech);
- return NULL;
- }
- rc5_params_cbc->ulRounds = DER_GetInteger(&rc5.rounds);
- rc5_params_cbc->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
- PORT_Free(rc5.rounds.data);
- PORT_Free(rc5.blockSizeInBits.data);
- rc5_params_cbc->pIv = ((CK_BYTE_PTR)rc5_params_cbc)
- + sizeof(CK_RC5_CBC_PARAMS);
- PORT_Memcpy(rc5_params_cbc->pIv,rc5.iv.data,rc5.iv.len);
- rc5_params_cbc->ulIvLen = rc5.iv.len;
- PORT_Free(rc5.iv.data);
- mech->data = (unsigned char *) rc5_params_cbc;
- mech->len = sizeof(CK_RC5_CBC_PARAMS);
- return mech;
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- rv = pbe_PK11AlgidToParam(algid,mech);
- if (rv != SECSuccess) {
- PORT_Free(mech);
- return NULL;
- }
- return mech;
- default:
- /* must be a simple case */
- break;
- }
-
- /* simple cases are simpley Octect encoded IV's */
- rv = SEC_ASN1DecodeItem(NULL, &iv, SEC_OctetStringTemplate,
- &(algid->parameters));
- if (rv != SECSuccess) {
- iv.data = NULL;
- iv.len = 0;
- }
-
- rv = SECSuccess;
- switch (type) {
- case CKM_RC4:
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- mech->data = NULL;
- mech->len = 0;
- break;
- default:
- if (pk11_lookup(type)->iv == 0) {
- mech->data = NULL;
- mech->len = 0;
- break;
- }
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_AES_CBC_PAD:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- if (iv.data == NULL) {
- rv = SECFailure;
- break;
- }
- mech->data = (unsigned char*)PORT_Alloc(iv.len);
- if (mech->data == NULL) {
- rv = SECFailure;
- break;
- }
- PORT_Memcpy(mech->data,iv.data,iv.len);
- mech->len = iv.len;
- break;
- }
- if (iv.data) PORT_Free(iv.data);
- if (rv != SECSuccess) {
- SECITEM_FreeItem(mech,PR_TRUE);
- return NULL;
- }
- return mech;
-}
-
-SECStatus
-PK11_SeedRandom(PK11SlotInfo *slot, unsigned char *data, int len) {
- CK_RV crv;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_SeedRandom(slot->session,data, (CK_ULONG)len);
- PK11_ExitSlotMonitor(slot);
- return (crv != CKR_OK) ? SECFailure : SECSuccess;
-}
-
-/* Attempts to update the Best Slot for "FAKE RANDOM" generation.
-** If that's not the internal slot, then it also attempts to update the
-** internal slot.
-** The return value indicates if the INTERNAL slot was updated OK.
-*/
-SECStatus
-PK11_RandomUpdate(void *data, size_t bytes)
-{
- PK11SlotInfo *slot;
- PRBool bestIsInternal;
- SECStatus status;
-
- slot = PK11_GetBestSlot(CKM_FAKE_RANDOM, NULL);
- if (slot == NULL) {
- slot = PK11_GetInternalSlot();
- if (!slot)
- return SECFailure;
- }
-
- bestIsInternal = PK11_IsInternal(slot);
- status = PK11_SeedRandom(slot, data, bytes);
- PK11_FreeSlot(slot);
-
- if (!bestIsInternal) {
- /* do internal slot, too. */
- slot = PK11_GetInternalSlot(); /* can't fail */
- status = PK11_SeedRandom(slot, data, bytes);
- PK11_FreeSlot(slot);
- }
- return status;
-}
-
-
-SECStatus
-PK11_GenerateRandom(unsigned char *data,int len) {
- PK11SlotInfo *slot;
- CK_RV crv;
-
- slot = PK11_GetBestSlot(CKM_FAKE_RANDOM,NULL);
- if (slot == NULL) return SECFailure;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GenerateRandom(slot->session,data,
- (CK_ULONG)len);
- PK11_ExitSlotMonitor(slot);
- PK11_FreeSlot(slot);
- return (crv != CKR_OK) ? SECFailure : SECSuccess;
-}
-
-/*
- * Generate an IV for the given mechanism
- */
-static SECStatus
-pk11_GenIV(CK_MECHANISM_TYPE type, SECItem *iv) {
- int iv_size = PK11_GetIVLength(type);
- SECStatus rv;
-
- iv->len = iv_size;
- if (iv_size == 0) {
- iv->data = NULL;
- return SECSuccess;
- }
-
- iv->data = (unsigned char *) PORT_Alloc(iv_size);
- if (iv->data == NULL) {
- iv->len = 0;
- return SECFailure;
- }
-
- rv = PK11_GenerateRandom(iv->data,iv->len);
- if (rv != SECSuccess) {
- PORT_Free(iv->data);
- iv->data = NULL; iv->len = 0;
- return SECFailure;
- }
- return SECSuccess;
-}
-
-
-/*
- * create a new paramter block from the passed in MECHANISM and the
- * key. Use Netscape's S/MIME Rules for the New param block.
- */
-SECItem *
-PK11_GenerateNewParam(CK_MECHANISM_TYPE type, PK11SymKey *key) {
- CK_RC2_CBC_PARAMS *rc2_params;
- CK_RC2_PARAMS *rc2_ecb_params;
- SECItem *mech;
- SECItem iv;
- SECStatus rv;
-
-
- mech = (SECItem *) PORT_Alloc(sizeof(SECItem));
- if (mech == NULL) return NULL;
-
- rv = SECSuccess;
- switch (type) {
- case CKM_RC4:
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- mech->data = NULL;
- mech->len = 0;
- break;
- case CKM_RC2_ECB:
- rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
- if (rc2_ecb_params == NULL) {
- rv = SECFailure;
- break;
- }
- /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
- * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
- *rc2_ecb_params = PK11_GetKeyLength(key)*8;
- mech->data = (unsigned char *) rc2_ecb_params;
- mech->len = sizeof(CK_RC2_PARAMS);
- break;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rv = pk11_GenIV(type,&iv);
- if (rv != SECSuccess) {
- break;
- }
- rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
- if (rc2_params == NULL) {
- PORT_Free(iv.data);
- rv = SECFailure;
- break;
- }
- /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
- * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
- rc2_params->ulEffectiveBits = PK11_GetKeyLength(key)*8;
- if (iv.data)
- PORT_Memcpy(rc2_params->iv,iv.data,sizeof(rc2_params->iv));
- mech->data = (unsigned char *) rc2_params;
- mech->len = sizeof(CK_RC2_CBC_PARAMS);
- PORT_Free(iv.data);
- break;
- case CKM_RC5_ECB:
- PORT_Free(mech);
- return PK11_ParamFromIV(type,NULL);
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rv = pk11_GenIV(type,&iv);
- if (rv != SECSuccess) {
- break;
- }
- PORT_Free(mech);
- return PK11_ParamFromIV(type,&iv);
- default:
- if (pk11_lookup(type)->iv == 0) {
- mech->data = NULL;
- mech->len = 0;
- break;
- }
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- rv = pk11_GenIV(type,&iv);
- if (rv != SECSuccess) {
- break;
- }
- mech->data = (unsigned char*)PORT_Alloc(iv.len);
- if (mech->data == NULL) {
- PORT_Free(iv.data);
- rv = SECFailure;
- break;
- }
- PORT_Memcpy(mech->data,iv.data,iv.len);
- mech->len = iv.len;
- PORT_Free(iv.data);
- break;
- }
- if (rv != SECSuccess) {
- SECITEM_FreeItem(mech,PR_TRUE);
- return NULL;
- }
- return mech;
-
-}
-
-#define RC5_V10 0x10
-
-/* turn a PKCS #11 parameter into a DER Encoded Algorithm ID */
-SECStatus
-PK11_ParamToAlgid(SECOidTag algTag, SECItem *param,
- PRArenaPool *arena, SECAlgorithmID *algid) {
- CK_RC2_CBC_PARAMS *rc2_params;
- sec_rc2cbcParameter rc2;
- CK_RC5_CBC_PARAMS *rc5_params;
- sec_rc5cbcParameter rc5;
- CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(algTag);
- SECItem *newParams = NULL;
- SECStatus rv = SECFailure;
- unsigned long rc2version;
-
- rv = SECSuccess;
- switch (type) {
- case CKM_RC4:
- case CKM_AES_ECB:
- case CKM_DES_ECB:
- case CKM_DES3_ECB:
- case CKM_IDEA_ECB:
- case CKM_CDMF_ECB:
- case CKM_CAST_ECB:
- case CKM_CAST3_ECB:
- case CKM_CAST5_ECB:
- newParams = NULL;
- rv = SECSuccess;
- break;
- case CKM_RC2_ECB:
- break;
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
- rc2version = rc2_unmap(rc2_params->ulEffectiveBits);
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &(rc2.rc2ParameterVersion),
- rc2version) == NULL)
- break;
- rc2.iv.data = rc2_params->iv;
- rc2.iv.len = sizeof(rc2_params->iv);
- newParams = SEC_ASN1EncodeItem (NULL, NULL, &rc2,
- sec_rc2cbc_parameter_template);
- PORT_Free(rc2.rc2ParameterVersion.data);
- if (newParams == NULL)
- break;
- rv = SECSuccess;
- break;
-
- case CKM_RC5_ECB: /* well not really... */
- break;
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- rc5_params = (CK_RC5_CBC_PARAMS *)param->data;
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.version, RC5_V10) == NULL)
- break;
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.blockSizeInBits,
- rc5_params->ulWordsize*8) == NULL) {
- PORT_Free(rc5.version.data);
- break;
- }
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.rounds,
- rc5_params->ulWordsize*8) == NULL) {
- PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(rc5.version.data);
- break;
- }
- rc5.iv.data = rc5_params->pIv;
- rc5.iv.len = rc5_params->ulIvLen;
- newParams = SEC_ASN1EncodeItem (NULL, NULL, &rc5,
- sec_rc5cbc_parameter_template);
- PORT_Free(rc5.version.data);
- PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(rc5.rounds.data);
- if (newParams == NULL)
- break;
- rv = SECSuccess;
- break;
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- return PBE_PK11ParamToAlgid(algTag, param, arena, algid);
- default:
- if (pk11_lookup(type)->iv == 0) {
- rv = SECSuccess;
- newParams = NULL;
- break;
- }
- case CKM_AES_CBC:
- case CKM_DES_CBC:
- case CKM_DES3_CBC:
- case CKM_IDEA_CBC:
- case CKM_CDMF_CBC:
- case CKM_CAST_CBC:
- case CKM_CAST3_CBC:
- case CKM_CAST5_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_CBC_PAD:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_CBC_PAD:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_CBC_PAD:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- newParams = SEC_ASN1EncodeItem(NULL,NULL,param,
- SEC_OctetStringTemplate);
- rv = SECSuccess;
- break;
- }
-
- if (rv != SECSuccess) {
- if (newParams) SECITEM_FreeItem(newParams,PR_TRUE);
- return rv;
- }
-
- rv = SECOID_SetAlgorithmID(arena, algid, algTag, newParams);
- SECITEM_FreeItem(newParams,PR_TRUE);
- return rv;
-}
-
-/* turn an OID algorithm tag into a PKCS #11 mechanism. This allows us to
- * map OID's directly into the PKCS #11 mechanism we want to call. We find
- * this mapping in our standard OID table */
-CK_MECHANISM_TYPE
-PK11_AlgtagToMechanism(SECOidTag algTag) {
- SECOidData *oid = SECOID_FindOIDByTag(algTag);
-
- if (oid) return (CK_MECHANISM_TYPE) oid->mechanism;
- return CKM_INVALID_MECHANISM;
-}
-
-/* turn a mechanism into an oid. */
-SECOidTag
-PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type) {
- SECOidData *oid = SECOID_FindOIDByMechanism((unsigned long)type);
-
- if (oid) return oid->offset;
- return SEC_OID_UNKNOWN;
-}
-
-/* Determine appropriate blocking mechanism, used when wrapping private keys
- * which require PKCS padding. If the mechanism does not map to a padding
- * mechanism, we simply return the mechanism.
- */
-CK_MECHANISM_TYPE
-PK11_GetPadMechanism(CK_MECHANISM_TYPE type) {
- switch(type) {
- case CKM_AES_CBC:
- return CKM_AES_CBC_PAD;
- case CKM_DES_CBC:
- return CKM_DES_CBC_PAD;
- case CKM_DES3_CBC:
- return CKM_DES3_CBC_PAD;
- case CKM_RC2_CBC:
- return CKM_RC2_CBC_PAD;
- case CKM_CDMF_CBC:
- return CKM_CDMF_CBC_PAD;
- case CKM_CAST_CBC:
- return CKM_CAST_CBC_PAD;
- case CKM_CAST3_CBC:
- return CKM_CAST3_CBC_PAD;
- case CKM_CAST5_CBC:
- return CKM_CAST5_CBC_PAD;
- case CKM_RC5_CBC:
- return CKM_RC5_CBC_PAD;
- case CKM_IDEA_CBC:
- return CKM_IDEA_CBC_PAD;
- default:
- break;
- }
-
- return type;
-}
-
-/*
- * Build a block big enough to hold the data
- */
-SECItem *
-PK11_BlockData(SECItem *data,unsigned long size) {
- SECItem *newData;
-
- newData = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if (newData == NULL) return NULL;
-
- newData->len = (data->len + (size-1))/size;
- newData->len *= size;
-
- newData->data = (unsigned char *) PORT_ZAlloc(newData->len);
- if (newData->data == NULL) {
- PORT_Free(newData);
- return NULL;
- }
- PORT_Memset(newData->data,newData->len-data->len,newData->len);
- PORT_Memcpy(newData->data,data->data,data->len);
- return newData;
-}
-
-
-SECStatus
-PK11_DestroyObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object) {
- CK_RV crv;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_DestroyObject(slot->session,object);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-PK11_DestroyTokenObject(PK11SlotInfo *slot,CK_OBJECT_HANDLE object) {
- CK_RV crv;
- SECStatus rv = SECSuccess;
- CK_SESSION_HANDLE rwsession;
-
-
- rwsession = PK11_GetRWSession(slot);
-
- crv = PK11_GETTAB(slot)->C_DestroyObject(rwsession,object);
- if (crv != CKR_OK) {
- rv = SECFailure;
- PORT_SetError(PK11_MapError(crv));
- }
- PK11_RestoreROSession(slot,rwsession);
- return rv;
-}
-
-/*
- * Read in a single attribute into a SECItem. Allocate space for it with
- * PORT_Alloc unless an arena is supplied. In the latter case use the arena
- * to allocate the space.
- */
-SECStatus
-PK11_ReadAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type, PRArenaPool *arena, SECItem *result) {
- CK_ATTRIBUTE attr = { 0, NULL, 0 };
- CK_RV crv;
-
- attr.type = type;
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,id,&attr,1);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- if (arena) {
- attr.pValue = PORT_ArenaAlloc(arena,attr.ulValueLen);
- } else {
- attr.pValue = PORT_Alloc(attr.ulValueLen);
- }
- if (attr.pValue == NULL) return SECFailure;
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,id,&attr,1);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- if (!arena) PORT_Free(attr.pValue);
- return SECFailure;
- }
-
- result->data = (unsigned char*)attr.pValue;
- result->len = attr.ulValueLen;
-
- return SECSuccess;
-}
-
-/*
- * Read in a single attribute into As a Ulong.
- */
-CK_ULONG
-PK11_ReadULongAttribute(PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type) {
- CK_ATTRIBUTE attr;
- CK_ULONG value = CK_UNAVAILABLE_INFORMATION;
- CK_RV crv;
-
- PK11_SETATTRS(&attr,type,&value,sizeof(value));
-
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,id,&attr,1);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- }
- return value;
-}
-
-/*
- * check to see if a bool has been set.
- */
-CK_BBOOL
-PK11_HasAttributeSet( PK11SlotInfo *slot, CK_OBJECT_HANDLE id,
- CK_ATTRIBUTE_TYPE type )
-{
- CK_BBOOL ckvalue = CK_FALSE;
- CK_ATTRIBUTE theTemplate;
- CK_RV crv;
-
- /* Prepare to retrieve the attribute. */
- PK11_SETATTRS( &theTemplate, type, &ckvalue, sizeof( CK_BBOOL ) );
-
- /* Retrieve attribute value. */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB( slot )->C_GetAttributeValue( slot->session, id,
- &theTemplate, 1 );
- PK11_ExitSlotMonitor(slot);
- if( crv != CKR_OK ) {
- PORT_SetError( PK11_MapError( crv ) );
- return CK_FALSE;
- }
-
- return ckvalue;
-}
-
-/*
- * returns a full list of attributes. Allocate space for them. If an arena is
- * provided, allocate space out of the arena.
- */
-CK_RV
-PK11_GetAttributes(PRArenaPool *arena,PK11SlotInfo *slot,
- CK_OBJECT_HANDLE obj,CK_ATTRIBUTE *attr, int count)
-{
- int i;
- /* make pedantic happy... note that it's only used arena != NULL */
- void *mark = NULL;
- CK_RV crv;
-
- /*
- * first get all the lengths of the parameters.
- */
- PK11_EnterSlotMonitor(slot);
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,obj,attr,count);
- if (crv != CKR_OK) {
- PK11_ExitSlotMonitor(slot);
- return crv;
- }
-
- if (arena) {
- mark = PORT_ArenaMark(arena);
- if (mark == NULL) return CKR_HOST_MEMORY;
- }
-
- /*
- * now allocate space to store the results.
- */
- for (i=0; i < count; i++) {
- if (arena) {
- attr[i].pValue = PORT_ArenaAlloc(arena,attr[i].ulValueLen);
- if (attr[i].pValue == NULL) {
- /* arena failures, just release the mark */
- PORT_ArenaRelease(arena,mark);
- PK11_ExitSlotMonitor(slot);
- return CKR_HOST_MEMORY;
- }
- } else {
- attr[i].pValue = PORT_Alloc(attr[i].ulValueLen);
- if (attr[i].pValue == NULL) {
- /* Separate malloc failures, loop to release what we have
- * so far */
- int j;
- for (j= 0; j < i; j++) {
- PORT_Free(attr[j].pValue);
- /* don't give the caller pointers to freed memory */
- attr[j].pValue = NULL;
- }
- PK11_ExitSlotMonitor(slot);
- return CKR_HOST_MEMORY;
- }
- }
- }
-
- /*
- * finally get the results.
- */
- crv = PK11_GETTAB(slot)->C_GetAttributeValue(slot->session,obj,attr,count);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- if (arena) {
- PORT_ArenaRelease(arena,mark);
- } else {
- for (i= 0; i < count; i++) {
- PORT_Free(attr[i].pValue);
- /* don't give the caller pointers to freed memory */
- attr[i].pValue = NULL;
- }
- }
- } else if (arena && mark) {
- PORT_ArenaUnmark(arena,mark);
- }
- return crv;
-}
-
-/*
- * Reset the token to it's initial state. For the internal module, this will
- * Purge your keydb, and reset your cert db certs to USER_INIT.
- */
-SECStatus
-PK11_ResetToken(PK11SlotInfo *slot, char *sso_pwd)
-{
- unsigned char tokenName[32];
- int tokenNameLen;
- CK_RV crv;
-
- /* reconstruct the token name */
- tokenNameLen = PORT_Strlen(slot->token_name);
- if (tokenNameLen > sizeof(tokenName)) {
- tokenNameLen = sizeof(tokenName);
- }
-
- PORT_Memcpy(tokenName,slot->token_name,tokenNameLen);
- if (tokenNameLen < sizeof(tokenName)) {
- PORT_Memset(&tokenName[tokenNameLen],' ',
- sizeof(tokenName)-tokenNameLen);
- }
-
- /* initialize the token */
- PK11_EnterSlotMonitor(slot);
-
- /* first shutdown the token. Existing sessions will get closed here */
- PK11_GETTAB(slot)->C_CloseAllSessions(slot->slotID);
- slot->session = CK_INVALID_SESSION;
-
- /* now re-init the token */
- crv = PK11_GETTAB(slot)->C_InitToken(slot->slotID,
- (unsigned char *)sso_pwd, sso_pwd ? PORT_Strlen(sso_pwd): 0, tokenName);
-
- /* finally bring the token back up */
- PK11_InitToken(slot,PR_TRUE);
- PK11_ExitSlotMonitor(slot);
- if (crv != CKR_OK) {
- PORT_SetError(PK11_MapError(crv));
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static PRBool
-pk11_isAllZero(unsigned char *data,int len) {
- while (len--) {
- if (*data++) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
-}
-
-CK_RV
-PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism,
- CK_MECHANISM_PTR pCryptoMechanism,
- SECItem *pbe_pwd, PRBool faulty3DES)
-{
- int iv_len = 0;
- CK_PBE_PARAMS_PTR pPBEparams;
- CK_RC2_CBC_PARAMS_PTR rc2_params;
- CK_ULONG rc2_key_len;
-
- if((pPBEMechanism == CK_NULL_PTR) || (pCryptoMechanism == CK_NULL_PTR)) {
- return CKR_HOST_MEMORY;
- }
-
- pPBEparams = (CK_PBE_PARAMS_PTR)pPBEMechanism->pParameter;
- iv_len = PK11_GetIVLength(pPBEMechanism->mechanism);
-
- if (iv_len) {
- if (pk11_isAllZero(pPBEparams->pInitVector,iv_len)) {
- SECItem param;
- PK11SymKey *symKey;
-
- param.data = pPBEMechanism->pParameter;
- param.len = pPBEMechanism->ulParameterLen;
-
- symKey = PK11_RawPBEKeyGen(PK11_GetInternalSlot(),
- pPBEMechanism->mechanism, &param, pbe_pwd, faulty3DES, NULL);
- if (symKey== NULL) {
- return CKR_DEVICE_ERROR; /* sigh */
- }
- PK11_FreeSymKey(symKey);
- }
- }
-
- switch(pPBEMechanism->mechanism) {
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- pCryptoMechanism->mechanism = CKM_DES_CBC;
- goto have_crypto_mechanism;
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- pCryptoMechanism->mechanism = CKM_DES3_CBC;
-have_crypto_mechanism:
- pCryptoMechanism->pParameter = PORT_Alloc(iv_len);
- pCryptoMechanism->ulParameterLen = (CK_ULONG)iv_len;
- if(pCryptoMechanism->pParameter == NULL) {
- return CKR_HOST_MEMORY;
- }
- PORT_Memcpy((unsigned char *)(pCryptoMechanism->pParameter),
- (unsigned char *)(pPBEparams->pInitVector),
- iv_len);
- break;
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- pCryptoMechanism->mechanism = CKM_RC4;
- pCryptoMechanism->ulParameterLen = 0;
- pCryptoMechanism->pParameter = CK_NULL_PTR;
- break;
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- rc2_key_len = 40;
- goto have_key_len;
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- rc2_key_len = 128;
-have_key_len:
- pCryptoMechanism->mechanism = CKM_RC2_CBC;
- pCryptoMechanism->ulParameterLen = (CK_ULONG)
- sizeof(CK_RC2_CBC_PARAMS);
- pCryptoMechanism->pParameter = (CK_RC2_CBC_PARAMS_PTR)
- PORT_ZAlloc(sizeof(CK_RC2_CBC_PARAMS));
- if(pCryptoMechanism->pParameter == NULL) {
- return CKR_HOST_MEMORY;
- }
- rc2_params = (CK_RC2_CBC_PARAMS_PTR)pCryptoMechanism->pParameter;
- PORT_Memcpy((unsigned char *)rc2_params->iv,
- (unsigned char *)pPBEparams->pInitVector,
- iv_len);
- rc2_params->ulEffectiveBits = rc2_key_len;
- break;
- default:
- return CKR_MECHANISM_INVALID;
- }
-
- return CKR_OK;
-}
diff --git a/security/nss/lib/pk11wrap/pk11util.c b/security/nss/lib/pk11wrap/pk11util.c
deleted file mode 100644
index 5509cbdd3..000000000
--- a/security/nss/lib/pk11wrap/pk11util.c
+++ /dev/null
@@ -1,640 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Initialize the PCKS 11 subsystem
- */
-#include "seccomon.h"
-#include "secmod.h"
-#include "nssilock.h"
-#include "secmodi.h"
-#include "pk11func.h"
-
-/* these are for displaying error messages */
-
-static SECMODModuleList *modules = NULL;
-static SECMODModuleList *modulesDB = NULL;
-static SECMODModuleList *modulesUnload = NULL;
-static SECMODModule *internalModule = NULL;
-static SECMODModule *defaultDBModule = NULL;
-static SECMODListLock *moduleLock = NULL;
-
-extern PK11DefaultArrayEntry PK11_DefaultArray[];
-extern int num_pk11_default_mechanisms;
-
-
-void SECMOD_Init() {
- /* don't initialize twice */
- if (moduleLock) return;
-
- moduleLock = SECMOD_NewListLock();
- PK11_InitSlotLists();
-}
-
-
-void SECMOD_Shutdown() {
- /* destroy the lock */
- if (moduleLock) {
- SECMOD_DestroyListLock(moduleLock);
- moduleLock = NULL;
- }
- /* free the internal module */
- if (internalModule) {
- SECMOD_DestroyModule(internalModule);
- internalModule = NULL;
- }
- /* destroy the list */
- if (modules) {
- SECMOD_DestroyModuleList(modules);
- modules = NULL;
- }
-
- if (modulesDB) {
- SECMOD_DestroyModuleList(modulesDB);
- modulesDB = NULL;
- }
-
- if (modulesUnload) {
- SECMOD_DestroyModuleList(modulesUnload);
- modulesUnload = NULL;
- }
-
- /* make all the slots and the lists go away */
- PK11_DestroySlotLists();
-}
-
-
-/*
- * retrieve the internal module
- */
-SECMODModule *
-SECMOD_GetInternalModule(void) {
- return internalModule;
-}
-
-
-SECStatus
-secmod_AddModuleToList(SECMODModuleList **moduleList,SECMODModule *newModule) {
- SECMODModuleList *mlp, *newListElement, *last = NULL;
-
- newListElement = SECMOD_NewModuleListElement();
- if (newListElement == NULL) {
- return SECFailure;
- }
-
- newListElement->module = SECMOD_ReferenceModule(newModule);
-
- SECMOD_GetWriteLock(moduleLock);
- /* Added it to the end (This is very inefficient, but Adding a module
- * on the fly should happen maybe 2-3 times through the life this program
- * on a given computer, and this list should be *SHORT*. */
- for(mlp = *moduleList; mlp != NULL; mlp = mlp->next) {
- last = mlp;
- }
-
- if (last == NULL) {
- *moduleList = newListElement;
- } else {
- SECMOD_AddList(last,newListElement,NULL);
- }
- SECMOD_ReleaseWriteLock(moduleLock);
- return SECSuccess;
-}
-
-SECStatus
-SECMOD_AddModuleToList(SECMODModule *newModule) {
- if (newModule->internal && !internalModule) {
- internalModule = SECMOD_ReferenceModule(newModule);
- }
- return secmod_AddModuleToList(&modules,newModule);
-}
-
-SECStatus
-SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule) {
- if (defaultDBModule == NULL) {
- defaultDBModule = SECMOD_ReferenceModule(newModule);
- }
- return secmod_AddModuleToList(&modulesDB,newModule);
-}
-
-SECStatus
-SECMOD_AddModuleToUnloadList(SECMODModule *newModule) {
- return secmod_AddModuleToList(&modulesUnload,newModule);
-}
-
-/*
- * get the list of PKCS11 modules that are available.
- */
-SECMODModuleList *SECMOD_GetDefaultModuleList() { return modules; }
-SECMODListLock *SECMOD_GetDefaultModuleListLock() { return moduleLock; }
-
-
-
-/*
- * find a module by name, and add a reference to it.
- * return that module.
- */
-SECMODModule *SECMOD_FindModule(char *name) {
- SECMODModuleList *mlp;
- SECMODModule *module = NULL;
-
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
- if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
- module = mlp->module;
- SECMOD_ReferenceModule(module);
- break;
- }
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- return module;
-}
-
-/*
- * find a module by ID, and add a reference to it.
- * return that module.
- */
-SECMODModule *SECMOD_FindModuleByID(SECMODModuleID id) {
- SECMODModuleList *mlp;
- SECMODModule *module = NULL;
-
- SECMOD_GetReadLock(moduleLock);
- for(mlp = modules; mlp != NULL; mlp = mlp->next) {
- if (id == mlp->module->moduleID) {
- module = mlp->module;
- SECMOD_ReferenceModule(module);
- break;
- }
- }
- SECMOD_ReleaseReadLock(moduleLock);
-
- return module;
-}
-
-/*
- * lookup the Slot module based on it's module ID and slot ID.
- */
-PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID moduleID,CK_SLOT_ID slotID) {
- int i;
- SECMODModule *module;
-
- module = SECMOD_FindModuleByID(moduleID);
- if (module == NULL) return NULL;
-
- for (i=0; i < module->slotCount; i++) {
- PK11SlotInfo *slot = module->slots[i];
-
- if (slot->slotID == slotID) {
- SECMOD_DestroyModule(module);
- return PK11_ReferenceSlot(slot);
- }
- }
- SECMOD_DestroyModule(module);
- return NULL;
-}
-
-
-/*
- * find a module by name and delete it of the module list
- */
-SECStatus
-SECMOD_DeleteModule(char *name, int *type) {
- SECMODModuleList *mlp;
- SECMODModuleList **mlpp;
- SECStatus rv = SECFailure;
-
-
- *type = SECMOD_EXTERNAL;
-
- SECMOD_GetWriteLock(moduleLock);
- for(mlpp = &modules,mlp = modules;
- mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
- if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
- /* don't delete the internal module */
- if (!mlp->module->internal) {
- SECMOD_RemoveList(mlpp,mlp);
- /* delete it after we release the lock */
- rv = SECSuccess;
- } else if (mlp->module->isFIPS) {
- *type = SECMOD_FIPS;
- } else {
- *type = SECMOD_INTERNAL;
- }
- break;
- }
- }
- SECMOD_ReleaseWriteLock(moduleLock);
-
-
- if (rv == SECSuccess) {
- SECMOD_DeletePermDB(mlp->module);
- SECMOD_DestroyModuleListElement(mlp);
- }
- return rv;
-}
-
-/*
- * find a module by name and delete it of the module list
- */
-SECStatus
-SECMOD_DeleteInternalModule(char *name) {
- SECMODModuleList *mlp;
- SECMODModuleList **mlpp;
- SECStatus rv = SECFailure;
-
- SECMOD_GetWriteLock(moduleLock);
- for(mlpp = &modules,mlp = modules;
- mlp != NULL; mlpp = &mlp->next, mlp = *mlpp) {
- if (PORT_Strcmp(name,mlp->module->commonName) == 0) {
- /* don't delete the internal module */
- if (mlp->module->internal) {
- rv = SECSuccess;
- SECMOD_RemoveList(mlpp,mlp);
- }
- break;
- }
- }
- SECMOD_ReleaseWriteLock(moduleLock);
-
- if (rv == SECSuccess) {
- SECMODModule *newModule,*oldModule;
-
- if (mlp->module->isFIPS) {
- newModule = SECMOD_CreateModule(NULL,SECMOD_INT_NAME,NULL,
- SECMOD_INT_FLAGS);
- } else {
- newModule = SECMOD_CreateModule(NULL,SECMOD_FIPS_NAME,NULL,
- SECMOD_FIPS_FLAGS);
- }
- if (newModule == NULL) {
- SECMODModuleList *last = NULL,*mlp2;
- /* we're in pretty deep trouble if this happens...Security
- * not going to work well... try to put the old module back on
- * the list */
- SECMOD_GetWriteLock(moduleLock);
- for(mlp2 = modules; mlp2 != NULL; mlp2 = mlp->next) {
- last = mlp2;
- }
-
- if (last == NULL) {
- modules = mlp;
- } else {
- SECMOD_AddList(last,mlp,NULL);
- }
- SECMOD_ReleaseWriteLock(moduleLock);
- return SECFailure;
- }
- newModule->libraryParams =
- PORT_ArenaStrdup(mlp->module->arena,mlp->module->libraryParams);
- oldModule = internalModule;
- internalModule = SECMOD_ReferenceModule(newModule);
- SECMOD_AddModule(internalModule);
- SECMOD_DestroyModule(oldModule);
- SECMOD_DeletePermDB(mlp->module);
- SECMOD_DestroyModuleListElement(mlp);
- }
- return rv;
-}
-
-SECStatus
-SECMOD_AddModule(SECMODModule *newModule) {
- SECStatus rv;
- SECMODModule *oldModule;
- int i;
-
- /* Test if a module w/ the same name already exists */
- /* and return SECWouldBlock if so. */
- /* We should probably add a new return value such as */
- /* SECDublicateModule, but to minimize ripples, I'll */
- /* give SECWouldBlock a new meaning */
- if ((oldModule = SECMOD_FindModule(newModule->commonName)) != NULL) {
- SECMOD_DestroyModule(oldModule);
- return SECWouldBlock;
- /* module already exists. */
- }
-
- rv = SECMOD_LoadPKCS11Module(newModule);
- if (rv != SECSuccess) {
- return rv;
- }
-
- if (newModule->parent == NULL) {
- newModule->parent = SECMOD_ReferenceModule(defaultDBModule);
- }
-
- SECMOD_AddPermDB(newModule);
- SECMOD_AddModuleToList(newModule);
-
- for (i=0; i < newModule->slotCount; i++) {
- PK11SlotInfo *slot = newModule->slots[i];
- STAN_AddNewSlotToDefaultTD(slot);
- }
-
- return SECSuccess;
-}
-
-PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,char *name) {
- int i;
- char *string;
-
- for (i=0; i < module->slotCount; i++) {
- PK11SlotInfo *slot = module->slots[i];
-
- if (PK11_IsPresent(slot)) {
- string = PK11_GetTokenName(slot);
- } else {
- string = PK11_GetSlotName(slot);
- }
- if (PORT_Strcmp(name,string) == 0) {
- return PK11_ReferenceSlot(slot);
- }
- }
- return NULL;
-}
-
-SECStatus
-PK11_GetModInfo(SECMODModule *mod,CK_INFO *info) {
- CK_RV crv;
-
- if (mod->functionList == NULL) return SECFailure;
- crv = PK11_GETTAB(mod)->C_GetInfo(info);
- return (crv == CKR_OK) ? SECSuccess : SECFailure;
-}
-
-/* Determine if we have the FIP's module loaded as the default
- * module to trigger other bogus FIPS requirements in PKCS #12 and
- * SSL
- */
-PRBool
-PK11_IsFIPS(void)
-{
- SECMODModule *mod = SECMOD_GetInternalModule();
-
- if (mod && mod->internal) {
- return mod->isFIPS;
- }
-
- return PR_FALSE;
-}
-
-/* combines NewModule() & AddModule */
-/* give a string for the module name & the full-path for the dll, */
-/* installs the PKCS11 module & update registry */
-SECStatus SECMOD_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags) {
- SECMODModule *module;
- SECStatus result = SECFailure;
- int s,i;
- PK11SlotInfo* slot;
-
- module = SECMOD_CreateModule(dllPath,moduleName,NULL, NULL);
-
- if (module->dllName != NULL) {
- if (module->dllName[0] != 0) {
- result = SECMOD_AddModule(module);
- if (result == SECSuccess) {
- /* turn on SSL cipher enable flags */
- module->ssl[0] = cipherEnableFlags;
-
- /* check each slot to turn on appropriate mechanisms */
- for (s = 0; s < module->slotCount; s++) {
- slot = (module->slots)[s];
- /* for each possible mechanism */
- for (i=0; i < num_pk11_default_mechanisms; i++) {
- /* we are told to turn it on by default ? */
- if (PK11_DefaultArray[i].flag & defaultMechanismFlags) {
- /* it ignores if slot attribute update failes */
- result = PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), PR_TRUE);
- } else { /* turn this mechanism of the slot off by default */
- result = PK11_UpdateSlotAttribute(slot, &(PK11_DefaultArray[i]), PR_FALSE);
- }
- } /* for each mechanism */
- /* disable each slot if the defaultFlags say so */
- if (defaultMechanismFlags & PK11_DISABLE_FLAG) {
- PK11_UserDisableSlot(slot);
- }
- } /* for each slot of this module */
-
- /* delete and re-add module in order to save changes to the module */
- result = SECMOD_UpdateModule(module);
- }
- }
- }
- SECMOD_DestroyModule(module);
- return result;
-}
-
-SECStatus SECMOD_UpdateModule(SECMODModule *module)
-{
- SECStatus result;
-
- result = SECMOD_DeletePermDB(module);
-
- if (result == SECSuccess) {
- }
- result = SECMOD_AddPermDB(module);
- return result;
-}
-
-/* Public & Internal(Security Library) representation of
- * encryption mechanism flags conversion */
-
-/* Currently, the only difference is that internal representation
- * puts RANDOM_FLAG at bit 31 (Most-significant bit), but
- * public representation puts this bit at bit 28
- */
-unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags) {
- unsigned long internalFlags = publicFlags;
-
- if (publicFlags & PUBLIC_MECH_RANDOM_FLAG) {
- internalFlags &= ~PUBLIC_MECH_RANDOM_FLAG;
- internalFlags |= SECMOD_RANDOM_FLAG;
- }
- return internalFlags;
-}
-
-unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags) {
- unsigned long publicFlags = internalFlags;
-
- if (internalFlags & SECMOD_RANDOM_FLAG) {
- publicFlags &= ~SECMOD_RANDOM_FLAG;
- publicFlags |= PUBLIC_MECH_RANDOM_FLAG;
- }
- return publicFlags;
-}
-
-
-/* Public & Internal(Security Library) representation of */
-/* cipher flags conversion */
-/* Note: currently they are just stubs */
-unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags) {
- return publicFlags;
-}
-
-unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags) {
- return internalFlags;
-}
-
-/* Funtion reports true if module of modType is installed/configured */
-PRBool
-SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags )
-{
- PRBool result = PR_FALSE;
- SECMODModuleList *mods = SECMOD_GetDefaultModuleList();
- SECMOD_GetReadLock(moduleLock);
-
-
- for ( ; mods != NULL; mods = mods->next) {
- if (mods->module->ssl[0] & SECMOD_PubCipherFlagstoInternal(pubCipherEnableFlags)) {
- result = PR_TRUE;
- }
- }
-
- SECMOD_ReleaseReadLock(moduleLock);
- return result;
-}
-
-/* create a new ModuleListElement */
-SECMODModuleList *SECMOD_NewModuleListElement(void) {
- SECMODModuleList *newModList;
-
- newModList= (SECMODModuleList *) PORT_Alloc(sizeof(SECMODModuleList));
- if (newModList) {
- newModList->next = NULL;
- newModList->module = NULL;
- }
- return newModList;
-}
-/*
- * make a new reference to a module so It doesn't go away on us
- */
-SECMODModule *
-SECMOD_ReferenceModule(SECMODModule *module) {
- PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);)
- PORT_Assert(module->refCount > 0);
-
- module->refCount++;
- PK11_USE_THREADS(PZ_Unlock((PZLock*)module->refLock);)
- return module;
-}
-
-
-/* destroy an existing module */
-void
-SECMOD_DestroyModule(SECMODModule *module) {
- PRBool willfree = PR_FALSE;
- int slotCount;
- int i;
-
- PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);)
- if (module->refCount-- == 1) {
- willfree = PR_TRUE;
- }
- PORT_Assert(willfree || (module->refCount > 0));
- PK11_USE_THREADS(PZ_Unlock((PZLock *)module->refLock);)
-
- if (!willfree) {
- return;
- }
-
- /* slots can't really disappear until our module starts freeing them,
- * so this check is safe */
- slotCount = module->slotCount;
- if (slotCount == 0) {
- SECMOD_SlotDestroyModule(module,PR_FALSE);
- return;
- }
-
- /* now free all out slots, when they are done, they will cause the
- * module to disappear altogether */
- for (i=0 ; i < slotCount; i++) {
- if (!module->slots[i]->disabled) {
- PK11_ClearSlotList(module->slots[i]);
- }
- PK11_FreeSlot(module->slots[i]);
- }
- /* WARNING: once the last slot has been freed is it possible (even likely)
- * that module is no more... touching it now is a good way to go south */
-}
-
-
-/* we can only get here if we've destroyed the module, or some one has
- * erroneously freed a slot that wasn't referenced. */
-void
-SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot) {
- PRBool willfree = PR_FALSE;
- if (fromSlot) {
- PORT_Assert(module->refCount == 0);
- PK11_USE_THREADS(PZ_Lock((PZLock *)module->refLock);)
- if (module->slotCount-- == 1) {
- willfree = PR_TRUE;
- }
- PORT_Assert(willfree || (module->slotCount > 0));
- PK11_USE_THREADS(PZ_Unlock((PZLock *)module->refLock);)
- if (!willfree) return;
- }
- if (module->loaded) {
- SECMOD_UnloadModule(module);
- }
- PK11_USE_THREADS(PZ_DestroyLock((PZLock *)module->refLock);)
- PORT_FreeArena(module->arena,PR_FALSE);
-}
-
-/* destroy a list element
- * this destroys a single element, and returns the next element
- * on the chain. It makes it easy to implement for loops to delete
- * the chain. It also make deleting a single element easy */
-SECMODModuleList *
-SECMOD_DestroyModuleListElement(SECMODModuleList *element) {
- SECMODModuleList *next = element->next;
-
- if (element->module) {
- SECMOD_DestroyModule(element->module);
- element->module = NULL;
- }
- PORT_Free(element);
- return next;
-}
-
-
-/*
- * Destroy an entire module list
- */
-void
-SECMOD_DestroyModuleList(SECMODModuleList *list) {
- SECMODModuleList *lp;
-
- for ( lp = list; lp != NULL; lp = SECMOD_DestroyModuleListElement(lp)) ;
-}
-
diff --git a/security/nss/lib/pk11wrap/secmod.h b/security/nss/lib/pk11wrap/secmod.h
deleted file mode 100644
index d0ac74da2..000000000
--- a/security/nss/lib/pk11wrap/secmod.h
+++ /dev/null
@@ -1,136 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * Definition of Security Module Data Structure. There is a separate data
- * structure for each loaded PKCS #11 module.
- */
-#ifndef _SECMOD_H_
-#define _SEDMOD_H_
-#include "seccomon.h"
-#include "secmodt.h"
-
-#define PKCS11_USE_THREADS
-
-/* These mechanisms flags are visible to all other libraries. */
-/* They must be converted to internal SECMOD_*_FLAG */
-/* if used inside the functions of the security library */
-#define PUBLIC_MECH_RSA_FLAG 0x00000001ul
-#define PUBLIC_MECH_DSA_FLAG 0x00000002ul
-#define PUBLIC_MECH_RC2_FLAG 0x00000004ul
-#define PUBLIC_MECH_RC4_FLAG 0x00000008ul
-#define PUBLIC_MECH_DES_FLAG 0x00000010ul
-#define PUBLIC_MECH_DH_FLAG 0x00000020ul
-#define PUBLIC_MECH_FORTEZZA_FLAG 0x00000040ul
-#define PUBLIC_MECH_RC5_FLAG 0x00000080ul
-#define PUBLIC_MECH_SHA1_FLAG 0x00000100ul
-#define PUBLIC_MECH_MD5_FLAG 0x00000200ul
-#define PUBLIC_MECH_MD2_FLAG 0x00000400ul
-#define PUBLIC_MECH_SSL_FLAG 0x00000800ul
-#define PUBLIC_MECH_TLS_FLAG 0x00001000ul
-
-#define PUBLIC_MECH_RANDOM_FLAG 0x08000000ul
-#define PUBLIC_MECH_FRIENDLY_FLAG 0x10000000ul
-#define PUBLIC_OWN_PW_DEFAULTS 0X20000000ul
-#define PUBLIC_DISABLE_FLAG 0x40000000ul
-
-/* warning: reserved means reserved */
-#define PUBLIC_MECH_RESERVED_FLAGS 0x87FFE000ul
-
-/* These cipher flags are visible to all other libraries, */
-/* But they must be converted before used in functions */
-/* withing the security module */
-#define PUBLIC_CIPHER_FORTEZZA_FLAG 0x00000001ul
-
-/* warning: reserved means reserved */
-#define PUBLIC_CIPHER_RESERVED_FLAGS 0xFFFFFFFEul
-
-SEC_BEGIN_PROTOS
-
-/*
- * the following functions are going to be depricated in NSS 4.0 in
- * favor of the new stan functions.
- */
-
-/* Initialization */
-extern SECMODModule *SECMOD_LoadModule(char *moduleSpec,SECMODModule *parent,
- PRBool recurse);
-SECMODModule * SECMOD_CreateModule(char *lib, char *name, char *param,
- char *nss);
-
-/* Module Management */
-char **SECMOD_GetModuleSpecList(SECMODModule *module);
-SECStatus SECMOD_FreeModuleSpecList(SECMODModule *module,char **moduleSpecList);
-
-/* protoypes */
-extern SECMODModuleList *SECMOD_GetDefaultModuleList(void);
-extern SECMODListLock *SECMOD_GetDefaultModuleListLock(void);
-
-extern SECStatus SECMOD_UpdateModule(SECMODModule *module);
-
-/* lock management */
-extern SECMODListLock *SECMOD_NewListLock(void);
-extern void SECMOD_DestroyListLock(SECMODListLock *);
-extern void SECMOD_GetReadLock(SECMODListLock *);
-extern void SECMOD_ReleaseReadLock(SECMODListLock *);
-extern void SECMOD_GetWriteLock(SECMODListLock *);
-extern void SECMOD_ReleaseWriteLock(SECMODListLock *);
-
-/* Operate on modules by name */
-extern SECMODModule *SECMOD_FindModule(char *name);
-extern SECStatus SECMOD_DeleteModule(char *name, int *type);
-extern SECStatus SECMOD_DeleteInternalModule(char *name);
-extern SECStatus SECMOD_AddNewModule(char* moduleName, char* dllPath,
- unsigned long defaultMechanismFlags,
- unsigned long cipherEnableFlags);
-/* database/memory management */
-extern SECMODModule *SECMOD_GetInternalModule(void);
-extern SECMODModule *SECMOD_ReferenceModule(SECMODModule *module);
-extern void SECMOD_DestroyModule(SECMODModule *module);
-extern PK11SlotInfo *SECMOD_LookupSlot(SECMODModuleID module,
- unsigned long slotID);
-extern PK11SlotInfo *SECMOD_FindSlot(SECMODModule *module,char *name);
-
-/* Funtion reports true if at least one of the modules */
-/* of modType has been installed */
-PRBool SECMOD_IsModulePresent( unsigned long int pubCipherEnableFlags );
-
-/* Functions used to convert between internal & public representation
- * of Mechanism Flags and Cipher Enable Flags */
-extern unsigned long SECMOD_PubMechFlagstoInternal(unsigned long publicFlags);
-extern unsigned long SECMOD_InternaltoPubMechFlags(unsigned long internalFlags);
-
-extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
-extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/pk11wrap/secmodi.h b/security/nss/lib/pk11wrap/secmodi.h
deleted file mode 100644
index 40415d22f..000000000
--- a/security/nss/lib/pk11wrap/secmodi.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal header file included only by files in pkcs11 dir, or in
- * pkcs11 specific client and server files.
- */
-#ifndef _SECMODI_H_
-#define _SECMODI_H_ 1
-#include "pkcs11.h"
-#include "nssilock.h"
-#include "mcom_db.h"
-#include "secoidt.h"
-#include "secdert.h"
-#include "certt.h"
-#include "secmodt.h"
-#include "secmodti.h"
-
-#ifdef PKCS11_USE_THREADS
-#define PK11_USE_THREADS(x) x
-#else
-#define PK11_USE_THREADS(x)
-#endif
-
-SEC_BEGIN_PROTOS
-
-/* proto-types */
-extern SECStatus SECMOD_DeletePermDB(SECMODModule *module);
-extern SECStatus SECMOD_AddPermDB(SECMODModule *module);
-
-extern void SECMOD_Init(void);
-extern void SECMOD_Shutdown(void);
-
-/* list managment */
-extern SECStatus SECMOD_AddModuleToList(SECMODModule *newModule);
-extern SECStatus SECMOD_AddModuleToDBOnlyList(SECMODModule *newModule);
-extern SECStatus SECMOD_AddModuleToUnloadList(SECMODModule *newModule);
-extern void SECMOD_RemoveList(SECMODModuleList **,SECMODModuleList *);
-extern void SECMOD_AddList(SECMODModuleList *,SECMODModuleList *,SECMODListLock *);
-
-/* Operate on modules by name */
-extern SECMODModule *SECMOD_FindModuleByID(SECMODModuleID);
-
-/* database/memory management */
-extern SECMODModuleList *SECMOD_NewModuleListElement(void);
-extern SECMODModuleList *SECMOD_DestroyModuleListElement(SECMODModuleList *);
-extern void SECMOD_DestroyModuleList(SECMODModuleList *);
-extern SECStatus SECMOD_AddModule(SECMODModule *newModule);
-
-extern unsigned long SECMOD_PubCipherFlagstoInternal(unsigned long publicFlags);
-extern unsigned long SECMOD_InternaltoPubCipherFlags(unsigned long internalFlags);
-
-/* Library functions */
-SECStatus SECMOD_LoadPKCS11Module(SECMODModule *);
-SECStatus SECMOD_UnloadModule(SECMODModule *);
-void SECMOD_SetInternalModule(SECMODModule *);
-
-void SECMOD_SlotDestroyModule(SECMODModule *module, PRBool fromSlot);
-CK_RV pk11_notify(CK_SESSION_HANDLE session, CK_NOTIFICATION event,
- CK_VOID_PTR pdata);
-void pk11_SignedToUnsigned(CK_ATTRIBUTE *attrib);
-CK_OBJECT_HANDLE pk11_FindObjectByTemplate(PK11SlotInfo *slot,
- CK_ATTRIBUTE *inTemplate,int tsize);
-SECStatus PK11_UpdateSlotAttribute(PK11SlotInfo *slot,
- PK11DefaultArrayEntry *entry, PRBool add);
-SEC_END_PROTOS
-
-#define PK11_GETTAB(x) ((CK_FUNCTION_LIST_PTR)((x)->functionList))
-#define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
- (x)->pValue=(v); (x)->ulValueLen = (l);
-SECStatus PK11_CreateNewObject(PK11SlotInfo *slot, CK_SESSION_HANDLE session,
- CK_ATTRIBUTE *theTemplate, int count,
- PRBool token, CK_OBJECT_HANDLE *objectID);
-
-#endif
-
diff --git a/security/nss/lib/pk11wrap/secmodt.h b/security/nss/lib/pk11wrap/secmodt.h
deleted file mode 100644
index 8cba61d93..000000000
--- a/security/nss/lib/pk11wrap/secmodt.h
+++ /dev/null
@@ -1,247 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * Definition of Security Module Data Structure. There is a separate data
- * structure for each loaded PKCS #11 module.
- */
-#ifndef _SECMODT_H_
-#define _SECMODT_H_ 1
-
-#include "secoid.h"
-#include "secasn1.h"
-
-/* find a better home for these... */
-extern const SEC_ASN1Template SECKEY_PointerToEncryptedPrivateKeyInfoTemplate[];
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate;
-extern const SEC_ASN1Template SECKEY_PrivateKeyInfoTemplate[];
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PrivateKeyInfoTemplate;
-extern const SEC_ASN1Template SECKEY_PointerToPrivateKeyInfoTemplate[];
-extern SEC_ASN1TemplateChooser NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate;
-
-/* PKCS11 needs to be included */
-typedef struct SECMODModuleStr SECMODModule;
-typedef struct SECMODModuleListStr SECMODModuleList;
-typedef struct SECMODListLockStr SECMODListLock; /* defined in secmodi.h */
-typedef struct PK11SlotInfoStr PK11SlotInfo; /* defined in secmodti.h */
-typedef struct PK11PreSlotInfoStr PK11PreSlotInfo; /* defined in secmodti.h */
-typedef struct PK11SymKeyStr PK11SymKey; /* defined in secmodti.h */
-typedef struct PK11ContextStr PK11Context; /* defined in secmodti.h */
-typedef struct PK11SlotListStr PK11SlotList;
-typedef struct PK11SlotListElementStr PK11SlotListElement;
-typedef struct PK11RSAGenParamsStr PK11RSAGenParams;
-typedef unsigned long SECMODModuleID;
-typedef struct PK11DefaultArrayEntryStr PK11DefaultArrayEntry;
-
-struct SECMODModuleStr {
- PRArenaPool *arena;
- PRBool internal; /* true of internally linked modules, false
- * for the loaded modules */
- PRBool loaded; /* Set to true if module has been loaded */
- PRBool isFIPS; /* Set to true if module is finst internal */
- char *dllName; /* name of the shared library which implements
- * this module */
- char *commonName; /* name of the module to display to the user */
- void *library; /* pointer to the library. opaque. used only by
- * pk11load.c */
- void *functionList; /* The PKCS #11 function table */
- void *refLock; /* only used pk11db.c */
- int refCount; /* Module reference count */
- PK11SlotInfo **slots; /* array of slot points attatched to this mod*/
- int slotCount; /* count of slot in above array */
- PK11PreSlotInfo *slotInfo; /* special info about slots default settings */
- int slotInfoCount; /* count */
- SECMODModuleID moduleID; /* ID so we can find this module again */
- PRBool isThreadSafe;
- unsigned long ssl[2]; /* SSL cipher enable flags */
- char *libraryParams; /* Module specific parameters */
- void *moduleDBFunc; /* function to return module configuration data*/
- SECMODModule *parent; /* module that loaded us */
- PRBool isCritical; /* This module must load successfully */
- PRBool isModuleDB; /* this module has lists of PKCS #11 modules */
- PRBool moduleDBOnly; /* this module only has lists of PKCS #11 modules */
- int trustOrder; /* order for this module's certificate trust rollup */
- int cipherOrder; /* order for cipher operations */
-};
-
-struct SECMODModuleListStr {
- SECMODModuleList *next;
- SECMODModule *module;
-};
-
-struct PK11SlotListStr {
- PK11SlotListElement *head;
- PK11SlotListElement *tail;
- void *lock;
-};
-
-struct PK11SlotListElementStr {
- PK11SlotListElement *next;
- PK11SlotListElement *prev;
- PK11SlotInfo *slot;
- int refCount;
-};
-
-struct PK11RSAGenParamsStr {
- int keySizeInBits;
- unsigned long pe;
-};
-
-typedef enum {
- PK11CertListUnique = 0,
- PK11CertListUser = 1,
- PK11CertListRootUnique = 2,
- PK11CertListCA = 3
-} PK11CertListType;
-
-/*
- * Entry into the Array which lists all the legal bits for the default flags
- * in the slot, their definition, and the PKCS #11 mechanism the represent
- * Always Statically allocated.
- */
-struct PK11DefaultArrayEntryStr {
- char *name;
- unsigned long flag;
- unsigned long mechanism; /* this is a long so we don't include the
- * whole pkcs 11 world to use this header */
-};
-
-
-#define SECMOD_RSA_FLAG 0x00000001L
-#define SECMOD_DSA_FLAG 0x00000002L
-#define SECMOD_RC2_FLAG 0x00000004L
-#define SECMOD_RC4_FLAG 0x00000008L
-#define SECMOD_DES_FLAG 0x00000010L
-#define SECMOD_DH_FLAG 0x00000020L
-#define SECMOD_FORTEZZA_FLAG 0x00000040L
-#define SECMOD_RC5_FLAG 0x00000080L
-#define SECMOD_SHA1_FLAG 0x00000100L
-#define SECMOD_MD5_FLAG 0x00000200L
-#define SECMOD_MD2_FLAG 0x00000400L
-#define SECMOD_SSL_FLAG 0x00000800L
-#define SECMOD_TLS_FLAG 0x00001000L
-#define SECMOD_AES_FLAG 0x00002000L
-/* reserved bit for future, do not use */
-#define SECMOD_RESERVED_FLAG 0X08000000L
-#define SECMOD_FRIENDLY_FLAG 0x10000000L
-#define SECMOD_RANDOM_FLAG 0x80000000L
-
-/* need to make SECMOD and PK11 prefixes consistant. */
-#define PK11_OWN_PW_DEFAULTS 0x20000000L
-#define PK11_DISABLE_FLAG 0x40000000L
-
-/* FAKE PKCS #11 defines */
-#define CKM_FAKE_RANDOM 0x80000efeL
-#define CKM_INVALID_MECHANISM 0xffffffffL
-#define CKA_DIGEST 0x81000000L
-
-/* Cryptographic module types */
-#define SECMOD_EXTERNAL 0 /* external module */
-#define SECMOD_INTERNAL 1 /* internal default module */
-#define SECMOD_FIPS 2 /* internal fips module */
-
-/* default module configuration strings */
-#define SECMOD_SLOT_FLAGS "slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES]"
-
-#define SECMOD_MAKE_NSS_FLAGS(fips,slot) \
-"Flags=internal,critical"fips" slotparams=("#slot"={"SECMOD_SLOT_FLAGS"})"
-
-#define SECMOD_INT_NAME "NSS Internal PKCS #11 Module"
-#define SECMOD_INT_FLAGS SECMOD_MAKE_NSS_FLAGS("",1)
-#define SECMOD_FIPS_NAME "NSS Internal FIPS PKCS #11 Module"
-#define SECMOD_FIPS_FLAGS SECMOD_MAKE_NSS_FLAGS(",fips",3)
-
-
-/*
- * What is the origin of a given Key. Normally this doesn't matter, but
- * the fortezza code needs to know if it needs to invoke the SSL3 fortezza
- * hack.
- */
-typedef enum {
- PK11_OriginNULL = 0, /* There is not key, it's a null SymKey */
- PK11_OriginDerive = 1, /* Key was derived from some other key */
- PK11_OriginGenerated = 2, /* Key was generated (also PBE keys) */
- PK11_OriginFortezzaHack = 3,/* Key was marked for fortezza hack */
- PK11_OriginUnwrap = 4 /* Key was unwrapped or decrypted */
-} PK11Origin;
-
-/* PKCS #11 disable reasons */
-typedef enum {
- PK11_DIS_NONE = 0,
- PK11_DIS_USER_SELECTED = 1,
- PK11_DIS_COULD_NOT_INIT_TOKEN = 2,
- PK11_DIS_TOKEN_VERIFY_FAILED = 3,
- PK11_DIS_TOKEN_NOT_PRESENT = 4
-} PK11DisableReasons;
-
-/* function pointer type for password callback function.
- * This type is passed in to PK11_SetPasswordFunc()
- */
-typedef char *(*PK11PasswordFunc)(PK11SlotInfo *slot, PRBool retry, void *arg);
-typedef PRBool (*PK11VerifyPasswordFunc)(PK11SlotInfo *slot, void *arg);
-typedef PRBool (*PK11IsLoggedInFunc)(PK11SlotInfo *slot, void *arg);
-
-/*
- * PKCS #11 key structures
- */
-
-/*
-** Attributes
-*/
-struct SECKEYAttributeStr {
- SECItem attrType;
- SECItem **attrValue;
-};
-typedef struct SECKEYAttributeStr SECKEYAttribute;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct SECKEYPrivateKeyInfoStr {
- PLArenaPool *arena;
- SECItem version;
- SECAlgorithmID algorithm;
- SECItem privateKey;
- SECKEYAttribute **attributes;
-};
-typedef struct SECKEYPrivateKeyInfoStr SECKEYPrivateKeyInfo;
-
-/*
-** A PKCS#8 private key info object
-*/
-struct SECKEYEncryptedPrivateKeyInfoStr {
- PLArenaPool *arena;
- SECAlgorithmID algorithm;
- SECItem encryptedData;
-};
-typedef struct SECKEYEncryptedPrivateKeyInfoStr SECKEYEncryptedPrivateKeyInfo;
-
-#endif /*_SECMODT_H_ */
diff --git a/security/nss/lib/pk11wrap/secmodti.h b/security/nss/lib/pk11wrap/secmodti.h
deleted file mode 100644
index a10f97c77..000000000
--- a/security/nss/lib/pk11wrap/secmodti.h
+++ /dev/null
@@ -1,187 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal header file included only by files in pkcs11 dir, or in
- * pkcs11 specific client and server files.
- */
-
-#ifndef _SECMODTI_H_
-#define _SECMODTI_H_ 1
-#include "prmon.h"
-#include "prtypes.h"
-#include "nssilckt.h"
-#include "pk11init.h"
-
-#ifndef NSS_3_4_CODE
-#define NSS_3_4_CODE
-#endif /* NSS_3_4_CODE */
-#include "nssdevt.h"
-
-/* internal data structures */
-
-/* structure to allow us to implement the read/write locks for our
- * module lists */
-struct SECMODListLockStr {
- PZLock *mutex; /*general mutex to protect this data structure*/
- PZMonitor *monitor; /* monitor to allow us to signal */
- int state; /* read/write/waiting state */
- int count; /* how many waiters on this lock */
-};
-
-/* represent a pkcs#11 slot reference counted. */
-struct PK11SlotInfoStr {
- /* the PKCS11 function list for this slot */
- void *functionList;
- SECMODModule *module; /* our parent module */
- /* Boolean to indicate the current state of this slot */
- PRBool needTest; /* Has this slot been tested for Export complience */
- PRBool isPerm; /* is this slot a permanment device */
- PRBool isHW; /* is this slot a hardware device */
- PRBool isInternal; /* is this slot one of our internal PKCS #11 devices */
- PRBool disabled; /* is this slot disabled... */
- PK11DisableReasons reason; /* Why this slot is disabled */
- PRBool readOnly; /* is the token in this slot read-only */
- PRBool needLogin; /* does the token of the type that needs
- * authentication (still true even if token is logged
- * in) */
- PRBool hasRandom; /* can this token generated random numbers */
- PRBool defRWSession; /* is the default session RW (we open our default
- * session rw if the token can only handle one session
- * at a time. */
- PRBool isThreadSafe; /* copied from the module */
- /* The actual flags (many of which are distilled into the above PRBools) */
- CK_FLAGS flags; /* flags from PKCS #11 token Info */
- /* a default session handle to do quick and dirty functions */
- CK_SESSION_HANDLE session;
- PZLock *sessionLock; /* lock for this session */
- /* our ID */
- CK_SLOT_ID slotID;
- /* persistant flags saved from startup to startup */
- unsigned long defaultFlags;
- /* keep track of who is using us so we don't accidently get freed while
- * still in use */
- int refCount;
- PZLock *refLock;
- PZLock *freeListLock;
- PK11SymKey *freeSymKeysHead;
- int keyCount;
- int maxKeyCount;
- /* Password control functions for this slot. many of these are only
- * active if the appropriate flag is on in defaultFlags */
- int askpw; /* what our password options are */
- int timeout; /* If we're ask_timeout, what is our timeout time is
- * seconds */
- int authTransact; /* allow multiple authentications off one password if
- * they are all part of the same transaction */
- int64 authTime; /* when were we last authenticated */
- int minPassword; /* smallest legal password */
- int maxPassword; /* largest legal password */
- uint16 series; /* break up the slot info into various groups of
- * inserted tokens so that keys and certs can be
- * invalidated */
- uint16 wrapKey; /* current wrapping key for SSL master secrets */
- CK_MECHANISM_TYPE wrapMechanism;
- /* current wrapping mechanism for current wrapKey */
- CK_OBJECT_HANDLE refKeys[1]; /* array of existing wrapping keys for */
- CK_MECHANISM_TYPE *mechanismList; /* list of mechanism supported by this
- * token */
- int mechanismCount;
- /* cache the certificates stored on the token of this slot */
- CERTCertificate **cert_array;
- int array_size;
- int cert_count;
- char serial[16];
- /* since these are odd sizes, keep them last. They are odd sizes to
- * allow them to become null terminated strings */
- char slot_name[65];
- char token_name[33];
- PRBool hasRootCerts;
- PRBool hasRootTrust;
- PRBool hasRSAInfo;
- CK_FLAGS RSAInfoFlags;
- /* for Stan */
- NSSToken *nssToken;
-};
-
-/* Symetric Key structure. Reference Counted */
-struct PK11SymKeyStr {
- CK_MECHANISM_TYPE type; /* type of operation this key was created for*/
- CK_OBJECT_HANDLE objectID; /* object id of this key in the slot */
- PK11SlotInfo *slot; /* Slot this key is loaded into */
- void *cx; /* window context in case we need to loggin */
- PK11SymKey *next;
- PRBool owner;
- SECItem data; /* raw key data if available */
- CK_SESSION_HANDLE session;
- PRBool sessionOwner;
- int refCount; /* number of references to this key */
- PZLock *refLock;
- int size; /* key size in bytes */
- PK11Origin origin; /* where this key came from
- (see def in secmodt.h) */
- uint16 series; /* break up the slot info into various groups of
- * inserted tokens so that keys and certs can be
- * invalidated */
-};
-
-
-/*
- * hold a hash, encryption or signing context for multi-part operations.
- * hold enough information so that multiple contexts can be interleaved
- * if necessary. ... Not RefCounted.
- */
-struct PK11ContextStr {
- CK_ATTRIBUTE_TYPE operation; /* type of operation this context is doing
- * (CKA_ENCRYPT, CKA_SIGN, CKA_HASH, etc. */
- PK11SymKey *key; /* symetric key used in this context */
- PK11SlotInfo *slot; /* slot this context is operationing on */
- CK_SESSION_HANDLE session; /* session this context is using */
- PZLock *sessionLock; /* lock before accessing a PKCS #11
- * session */
- PRBool ownSession;/* do we own the session? */
- void *cx; /* window context in case we need to loggin*/
- void *savedData;/* save data when we are multiplexing on a
- * single context */
- unsigned long savedLength; /* length of the saved context */
- SECItem *param; /* mechanism parameters used to build this
- context */
- PRBool init; /* has this contexted been initialized */
- CK_MECHANISM_TYPE type; /* what is the PKCS #11 this context is
- * representing (usually what algorithm is
- * being used (CKM_RSA_PKCS, CKM_DES,
- * CKM_SHA, etc.*/
- PRBool fortezzaHack; /*Fortezza SSL has some special
- * non-standard semantics*/
-};
-
-#endif /* _SECMODTI_H_ */
diff --git a/security/nss/lib/pk11wrap/secpkcs5.h b/security/nss/lib/pk11wrap/secpkcs5.h
deleted file mode 100644
index 870d472cc..000000000
--- a/security/nss/lib/pk11wrap/secpkcs5.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- */
-#ifndef _SECPKS5_H_
-#define _SECPKCS5_H_
-#include "seccomon.h"
-#include "secmodt.h"
-
-/* used for V2 PKCS 12 Draft Spec */
-typedef enum {
- pbeBitGenIDNull = 0,
- pbeBitGenCipherKey = 0x01,
- pbeBitGenCipherIV = 0x02,
- pbeBitGenIntegrityKey = 0x03
-} PBEBitGenID;
-
-typedef struct PBEBitGenContextStr PBEBitGenContext;
-
-SECAlgorithmID *
-SEC_PKCS5CreateAlgorithmID(SECOidTag algorithm, SECItem *salt, int iteration);
-
-
-#endif /* _SECPKS5_H_ */
diff --git a/security/nss/lib/pkcs12/Makefile b/security/nss/lib/pkcs12/Makefile
deleted file mode 100644
index 5742208b5..000000000
--- a/security/nss/lib/pkcs12/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/lib/pkcs12/config.mk b/security/nss/lib/pkcs12/config.mk
deleted file mode 100644
index 3b647d954..000000000
--- a/security/nss/lib/pkcs12/config.mk
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/pkcs12/manifest.mn b/security/nss/lib/pkcs12/manifest.mn
deleted file mode 100644
index c8b4981d3..000000000
--- a/security/nss/lib/pkcs12/manifest.mn
+++ /dev/null
@@ -1,58 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- pkcs12t.h \
- pkcs12.h \
- p12plcy.h \
- p12.h \
- p12t.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- p12local.c \
- p12creat.c \
- p12dec.c \
- p12plcy.c \
- p12tmpl.c \
- p12e.c \
- p12d.c \
- $(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = pkcs12
diff --git a/security/nss/lib/pkcs12/p12.h b/security/nss/lib/pkcs12/p12.h
deleted file mode 100644
index 14a8dd385..000000000
--- a/security/nss/lib/pkcs12/p12.h
+++ /dev/null
@@ -1,181 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _P12_H_
-#define _P12_H_
-
-#include "secoid.h"
-#include "key.h"
-#include "secpkcs7.h"
-#include "p12t.h"
-
-typedef int (PR_CALLBACK * PKCS12OpenFunction)(void *arg);
-typedef int (PR_CALLBACK * PKCS12ReadFunction)(void *arg,
- unsigned char *buffer,
- unsigned int *lenRead,
- unsigned int maxLen);
-typedef int (PR_CALLBACK * PKCS12WriteFunction)(void *arg,
- unsigned char *buffer,
- unsigned int *bufLen,
- unsigned int *lenWritten);
-typedef int (PR_CALLBACK * PKCS12CloseFunction)(void *arg);
-typedef SECStatus (PR_CALLBACK * PKCS12UnicodeConvertFunction)(
- PRArenaPool *arena,
- SECItem *dest, SECItem *src,
- PRBool toUnicode,
- PRBool swapBytes);
-typedef void (PR_CALLBACK * SEC_PKCS12EncoderOutputCallback)(
- void *arg, const char *buf,
- unsigned long len);
-typedef void (PR_CALLBACK * SEC_PKCS12DecoderOutputCallback)(
- void *arg, const char *buf,
- unsigned long len);
-typedef SECItem * (PR_CALLBACK * SEC_PKCS12NicknameCollisionCallback)(
- SECItem *old_nickname,
- PRBool *cancel,
- void *arg);
-
-
-
-
-typedef SECStatus (PR_CALLBACK *digestOpenFn)(void *arg, PRBool readData);
-typedef SECStatus (PR_CALLBACK *digestCloseFn)(void *arg, PRBool removeFile);
-typedef int (PR_CALLBACK *digestIOFn)(void *arg, unsigned char *buf,
- unsigned long len);
-
-typedef struct SEC_PKCS12ExportContextStr SEC_PKCS12ExportContext;
-typedef struct SEC_PKCS12SafeInfoStr SEC_PKCS12SafeInfo;
-typedef struct SEC_PKCS12DecoderContextStr SEC_PKCS12DecoderContext;
-
-struct sec_PKCS12PasswordModeInfo {
- SECItem *password;
- SECOidTag algorithm;
-};
-
-struct sec_PKCS12PublicKeyModeInfo {
- CERTCertificate *cert;
- CERTCertDBHandle *certDb;
- SECOidTag algorithm;
- int keySize;
-};
-
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt,
- CERTCertDBHandle *certDb,
- CERTCertificate *signer,
- CERTCertificate **recipients,
- SECOidTag algorithm, int keysize);
-
-extern SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt,
- SECItem *pwitem, SECOidTag privAlg);
-
-extern SEC_PKCS12SafeInfo *
-SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt);
-
-extern SECStatus
-SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt,
- SECItem *pwitem, SECOidTag integAlg);
-extern SECStatus
-SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- SECOidTag algorithm, int keySize);
-
-extern SEC_PKCS12ExportContext *
-SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg,
- PK11SlotInfo *slot, void *wincx);
-
-extern SECStatus
-SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt,
- SEC_PKCS12SafeInfo *safe, void *nestedDest,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- SECItem *keyId, PRBool includeCertChain);
-
-extern SECStatus
-SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt,
- SEC_PKCS12SafeInfo *safe,
- void *nestedDest, CERTCertificate *cert,
- PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem,
- SECItem *keyId, SECItem *nickName);
-
-extern SECStatus
-SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt,
- void *certSafe, void *certNestedDest,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- void *keySafe, void *keyNestedDest,
- PRBool shroudKey, SECItem *pwitem, SECOidTag algorithm);
-
-extern SECStatus
-SEC_PKCS12AddDERCertAndEncryptedKey(SEC_PKCS12ExportContext *p12ctxt,
- void *certSafe, void *certNestedDest, SECItem *derCert,
- void *keySafe, void *keyNestedDest,
- SECKEYEncryptedPrivateKeyInfo *epki, char *nickname);
-
-extern void *
-SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt,
- void *baseSafe, void *nestedDest);
-
-extern SECStatus
-SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp,
- SEC_PKCS12EncoderOutputCallback output, void *outputarg);
-
-extern void
-SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12exp);
-
-extern SEC_PKCS12DecoderContext *
-SEC_PKCS12DecoderStart(SECItem *pwitem, PK11SlotInfo *slot, void *wincx,
- digestOpenFn dOpen, digestCloseFn dClose,
- digestIOFn dRead, digestIOFn dWrite, void *dArg);
-
-extern SECStatus
-SEC_PKCS12DecoderUpdate(SEC_PKCS12DecoderContext *p12dcx, unsigned char *data,
- unsigned long len);
-
-extern void
-SEC_PKCS12DecoderFinish(SEC_PKCS12DecoderContext *p12dcx);
-
-extern SECStatus
-SEC_PKCS12DecoderVerify(SEC_PKCS12DecoderContext *p12dcx);
-
-extern SECStatus
-SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
- SEC_PKCS12NicknameCollisionCallback nicknameCb);
-
-extern SECStatus
-SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx);
-
-CERTCertList *
-SEC_PKCS12DecoderGetCerts(SEC_PKCS12DecoderContext *p12dcx);
-
-#endif
diff --git a/security/nss/lib/pkcs12/p12creat.c b/security/nss/lib/pkcs12/p12creat.c
deleted file mode 100644
index 65678b299..000000000
--- a/security/nss/lib/pkcs12/p12creat.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "pkcs12.h"
-#include "secitem.h"
-#include "secport.h"
-#include "secder.h"
-#include "secoid.h"
-#include "p12local.h"
-#include "secerr.h"
-
-
-/* allocate space for a PFX structure and set up initial
- * arena pool. pfx structure is cleared and a pointer to
- * the new structure is returned.
- */
-SEC_PKCS12PFXItem *
-sec_pkcs12_new_pfx(void)
-{
- SEC_PKCS12PFXItem *pfx = NULL;
- PRArenaPool *poolp = NULL;
-
- poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); /* XXX Different size? */
- if(poolp == NULL)
- goto loser;
-
- pfx = (SEC_PKCS12PFXItem *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12PFXItem));
- if(pfx == NULL)
- goto loser;
- pfx->poolp = poolp;
-
- return pfx;
-
-loser:
- PORT_FreeArena(poolp, PR_TRUE);
- return NULL;
-}
-
-/* allocate space for a PFX structure and set up initial
- * arena pool. pfx structure is cleared and a pointer to
- * the new structure is returned.
- */
-SEC_PKCS12AuthenticatedSafe *
-sec_pkcs12_new_asafe(PRArenaPool *poolp)
-{
- SEC_PKCS12AuthenticatedSafe *asafe = NULL;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
- asafe = (SEC_PKCS12AuthenticatedSafe *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12AuthenticatedSafe));
- if(asafe == NULL)
- goto loser;
- asafe->poolp = poolp;
- PORT_Memset(&asafe->old_baggage, 0, sizeof(SEC_PKCS7ContentInfo));
-
- PORT_ArenaUnmark(poolp, mark);
- return asafe;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/* create a safe contents structure with a list of
- * length 0 with the first element being NULL
- */
-SEC_PKCS12SafeContents *
-sec_pkcs12_create_safe_contents(PRArenaPool *poolp)
-{
- SEC_PKCS12SafeContents *safe;
- void *mark;
-
- if(poolp == NULL)
- return NULL;
-
- /* allocate structure */
- mark = PORT_ArenaMark(poolp);
- safe = (SEC_PKCS12SafeContents *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12SafeContents));
- if(safe == NULL)
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
- /* init list */
- safe->contents = (SEC_PKCS12SafeBag**)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12SafeBag *));
- if(safe->contents == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
- safe->contents[0] = NULL;
- safe->poolp = poolp;
- safe->safe_size = 0;
- PORT_ArenaUnmark(poolp, mark);
- return safe;
-}
-
-/* create a new external bag which is appended onto the list
- * of bags in baggage. the bag is created in the same arena
- * as baggage
- */
-SEC_PKCS12BaggageItem *
-sec_pkcs12_create_external_bag(SEC_PKCS12Baggage *luggage)
-{
- void *dummy, *mark;
- SEC_PKCS12BaggageItem *bag;
-
- if(luggage == NULL) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(luggage->poolp);
-
- /* allocate space for null terminated bag list */
- if(luggage->bags == NULL) {
- luggage->bags=(SEC_PKCS12BaggageItem**)PORT_ArenaZAlloc(luggage->poolp,
- sizeof(SEC_PKCS12BaggageItem *));
- if(luggage->bags == NULL) {
- goto loser;
- }
- luggage->luggage_size = 0;
- }
-
- /* grow the list */
- dummy = PORT_ArenaGrow(luggage->poolp, luggage->bags,
- sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 1),
- sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 2));
- if(dummy == NULL) {
- goto loser;
- }
- luggage->bags = (SEC_PKCS12BaggageItem**)dummy;
-
- luggage->bags[luggage->luggage_size] =
- (SEC_PKCS12BaggageItem *)PORT_ArenaZAlloc(luggage->poolp,
- sizeof(SEC_PKCS12BaggageItem));
- if(luggage->bags[luggage->luggage_size] == NULL) {
- goto loser;
- }
-
- /* create new bag and append it to the end */
- bag = luggage->bags[luggage->luggage_size];
- bag->espvks = (SEC_PKCS12ESPVKItem **)PORT_ArenaZAlloc(
- luggage->poolp,
- sizeof(SEC_PKCS12ESPVKItem *));
- bag->unencSecrets = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc(
- luggage->poolp,
- sizeof(SEC_PKCS12SafeBag *));
- if((bag->espvks == NULL) || (bag->unencSecrets == NULL)) {
- goto loser;
- }
-
- bag->poolp = luggage->poolp;
- luggage->luggage_size++;
- luggage->bags[luggage->luggage_size] = NULL;
- bag->espvks[0] = NULL;
- bag->unencSecrets[0] = NULL;
- bag->nEspvks = bag->nSecrets = 0;
-
- PORT_ArenaUnmark(luggage->poolp, mark);
- return bag;
-
-loser:
- PORT_ArenaRelease(luggage->poolp, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
-}
-
-/* creates a baggage witha NULL terminated 0 length list */
-SEC_PKCS12Baggage *
-sec_pkcs12_create_baggage(PRArenaPool *poolp)
-{
- SEC_PKCS12Baggage *luggage;
- void *mark;
-
- if(poolp == NULL)
- return NULL;
-
- mark = PORT_ArenaMark(poolp);
-
- /* allocate bag */
- luggage = (SEC_PKCS12Baggage *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12Baggage));
- if(luggage == NULL)
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
- /* init list */
- luggage->bags = (SEC_PKCS12BaggageItem **)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12BaggageItem *));
- if(luggage->bags == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
- luggage->bags[0] = NULL;
- luggage->luggage_size = 0;
- luggage->poolp = poolp;
-
- PORT_ArenaUnmark(poolp, mark);
- return luggage;
-}
-
-/* free pfx structure and associated items in the arena */
-void
-SEC_PKCS12DestroyPFX(SEC_PKCS12PFXItem *pfx)
-{
- if (pfx != NULL && pfx->poolp != NULL)
- {
- PORT_FreeArena(pfx->poolp, PR_TRUE);
- }
-}
diff --git a/security/nss/lib/pkcs12/p12d.c b/security/nss/lib/pkcs12/p12d.c
deleted file mode 100644
index 051428575..000000000
--- a/security/nss/lib/pkcs12/p12d.c
+++ /dev/null
@@ -1,3328 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "nssrenam.h"
-#include "p12t.h"
-#include "p12.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "p12plcy.h"
-#include "p12local.h"
-#include "alghmac.h"
-#include "secder.h"
-#include "secport.h"
-
-#include "certdb.h"
-
-#include "prcpucfg.h"
-
-typedef struct sec_PKCS12SafeContentsContextStr sec_PKCS12SafeContentsContext;
-
-/* Opaque structure for decoding SafeContents. These are used
- * for each authenticated safe as well as any nested safe contents.
- */
-struct sec_PKCS12SafeContentsContextStr {
- /* the parent decoder context */
- SEC_PKCS12DecoderContext *p12dcx;
-
- /* memory arena to allocate space from */
- PRArenaPool *arena;
-
- /* decoder context and destination for decoding safe contents */
- SEC_ASN1DecoderContext *safeContentsDcx;
- sec_PKCS12SafeContents safeContents;
-
- /* information for decoding safe bags within the safe contents.
- * these variables are updated for each safe bag decoded.
- */
- SEC_ASN1DecoderContext *currentSafeBagDcx;
- sec_PKCS12SafeBag *currentSafeBag;
- PRBool skipCurrentSafeBag;
-
- /* if the safe contents is nested, the parent is pointed to here. */
- sec_PKCS12SafeContentsContext *nestedCtx;
-};
-
-/* opaque decoder context structure. information for decoding a pkcs 12
- * PDU are stored here as well as decoding pointers for intermediary
- * structures which are part of the PKCS 12 PDU. Upon a successful
- * decode, the safe bags containing certificates and keys encountered.
- */
-struct SEC_PKCS12DecoderContextStr {
- PRArenaPool *arena;
- PK11SlotInfo *slot;
- void *wincx;
- PRBool error;
- int errorValue;
-
- /* password */
- SECItem *pwitem;
-
- /* used for decoding the PFX structure */
- SEC_ASN1DecoderContext *pfxDcx;
- sec_PKCS12PFXItem pfx;
-
- /* safe bags found during decoding */
- sec_PKCS12SafeBag **safeBags;
- unsigned int safeBagCount;
-
- /* state variables for decoding authenticated safes. */
- SEC_PKCS7DecoderContext *currentASafeP7Dcx;
- SEC_PKCS5KeyAndPassword *currentASafeKeyPwd;
- SEC_ASN1DecoderContext *aSafeDcx;
- SEC_PKCS7DecoderContext *aSafeP7Dcx;
- sec_PKCS12AuthenticatedSafe authSafe;
- SEC_PKCS7ContentInfo *aSafeCinfo;
- sec_PKCS12SafeContents safeContents;
-
- /* safe contents info */
- unsigned int safeContentsCnt;
- sec_PKCS12SafeContentsContext **safeContentsList;
-
- /* HMAC info */
- sec_PKCS12MacData macData;
- SEC_ASN1DecoderContext *hmacDcx;
-
- /* routines for reading back the data to be hmac'd */
- digestOpenFn dOpen;
- digestCloseFn dClose;
- digestIOFn dRead, dWrite;
- void *dArg;
-
- /* helper functions */
- SECKEYGetPasswordKey pwfn;
- void *pwfnarg;
- PRBool swapUnicodeBytes;
-
- /* import information */
- PRBool bagsVerified;
-
- /* buffer management for the default callbacks implementation */
- void *buffer; /* storage area */
- PRInt32 filesize; /* actual data size */
- PRInt32 allocated; /* total buffer size allocated */
- PRInt32 currentpos; /* position counter */
-};
-
-
-/* make sure that the PFX version being decoded is a version
- * which we support.
- */
-static PRBool
-sec_pkcs12_proper_version(sec_PKCS12PFXItem *pfx)
-{
- /* if no version, assume it is not supported */
- if(pfx->version.len == 0) {
- return PR_FALSE;
- }
-
- if(DER_GetInteger(&pfx->version) > SEC_PKCS12_VERSION) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-/* retrieve the key for decrypting the safe contents */
-static PK11SymKey *
-sec_pkcs12_decoder_get_decrypt_key(void *arg, SECAlgorithmID *algid)
-{
- SEC_PKCS5KeyAndPassword *keyPwd =
- (SEC_PKCS5KeyAndPassword *)arg;
-
- if(!keyPwd) {
- return NULL;
- }
-
- /* if no slot specified, use the internal key slot */
- if(!keyPwd->slot) {
- keyPwd->slot = PK11_GetInternalKeySlot();
- }
-
- /* retrieve the key */
- if(!keyPwd->key) {
- keyPwd->key = PK11_PBEKeyGen(keyPwd->slot, algid,
- keyPwd->pwitem, PR_FALSE, keyPwd->wincx);
- }
-
- return (PK11SymKey *)keyPwd;
-}
-
-/* XXX this needs to be modified to handle enveloped data. most
- * likely, it should mirror the routines for SMIME in that regard.
- */
-static PRBool
-sec_pkcs12_decoder_decryption_allowed(SECAlgorithmID *algid,
- PK11SymKey *bulkkey)
-{
- PRBool decryptionAllowed = SEC_PKCS12DecryptionAllowed(algid);
-
- if(!decryptionAllowed) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-/* when we encounter a new safe bag during the decoding, we need
- * to allocate space for the bag to be decoded to and set the
- * state variables appropriately. all of the safe bags are allocated
- * in a buffer in the outer SEC_PKCS12DecoderContext, however,
- * a pointer to the safeBag is also used in the sec_PKCS12SafeContentsContext
- * for the current bag.
- */
-static SECStatus
-sec_pkcs12_decoder_init_new_safe_bag(sec_PKCS12SafeContentsContext
- *safeContentsCtx)
-{
- void *mark = NULL;
- SEC_PKCS12DecoderContext *p12dcx;
-
- /* make sure that the structures are defined, and there has
- * not been an error in the decoding
- */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error) {
- return SECFailure;
- }
-
- p12dcx = safeContentsCtx->p12dcx;
- mark = PORT_ArenaMark(p12dcx->arena);
-
- /* allocate a new safe bag, if bags already exist, grow the
- * list of bags, otherwise allocate a new list. the list is
- * NULL terminated.
- */
- if(p12dcx->safeBagCount) {
- p12dcx->safeBags =
- (sec_PKCS12SafeBag**)PORT_ArenaGrow(p12dcx->arena,p12dcx->safeBags,
- (p12dcx->safeBagCount + 1) * sizeof(sec_PKCS12SafeBag *),
- (p12dcx->safeBagCount + 2) * sizeof(sec_PKCS12SafeBag *));
- } else {
- p12dcx->safeBags = (sec_PKCS12SafeBag**)PORT_ArenaZAlloc(p12dcx->arena,
- 2 * sizeof(sec_PKCS12SafeBag *));
- }
- if(!p12dcx->safeBags) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* append the bag to the end of the list and update the reference
- * in the safeContentsCtx.
- */
- p12dcx->safeBags[p12dcx->safeBagCount] =
- (sec_PKCS12SafeBag*)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeBag));
- safeContentsCtx->currentSafeBag = p12dcx->safeBags[p12dcx->safeBagCount];
- p12dcx->safeBags[++p12dcx->safeBagCount] = NULL;
- if(!safeContentsCtx->currentSafeBag) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- safeContentsCtx->currentSafeBag->slot = safeContentsCtx->p12dcx->slot;
- safeContentsCtx->currentSafeBag->pwitem = safeContentsCtx->p12dcx->pwitem;
- safeContentsCtx->currentSafeBag->swapUnicodeBytes =
- safeContentsCtx->p12dcx->swapUnicodeBytes;
- safeContentsCtx->currentSafeBag->arena = safeContentsCtx->p12dcx->arena;
-
- PORT_ArenaUnmark(p12dcx->arena, mark);
- return SECSuccess;
-
-loser:
-
- /* if an error occurred, release the memory and set the error flag
- * the only possible errors triggered by this function are memory
- * related.
- */
- if(mark) {
- PORT_ArenaRelease(p12dcx->arena, mark);
- }
-
- p12dcx->error = PR_TRUE;
- return SECFailure;
-}
-
-/* A wrapper for updating the ASN1 context in which a safeBag is
- * being decoded. This function is called as a callback from
- * secasn1d when decoding SafeContents structures.
- */
-static void
-sec_pkcs12_decoder_safe_bag_update(void *arg, const char *data,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext *)arg;
- SEC_PKCS12DecoderContext *p12dcx;
- SECStatus rv;
-
- /* make sure that we are not skipping the current safeBag,
- * and that there are no errors. If so, just return rather
- * than continuing to process.
- */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error
- || safeContentsCtx->skipCurrentSafeBag) {
- return;
- }
- p12dcx = safeContentsCtx->p12dcx;
-
- rv = SEC_ASN1DecoderUpdate(safeContentsCtx->currentSafeBagDcx, data, len);
- if(rv != SECSuccess) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- return;
-
-loser:
- /* set the error, and finish the decoder context. because there
- * is not a way of returning an error message, it may be worth
- * while to do a check higher up and finish any decoding contexts
- * that are still open.
- */
- p12dcx->error = PR_TRUE;
- SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagDcx);
- safeContentsCtx->currentSafeBagDcx = NULL;
- return;
-}
-
-/* forward declarations of functions that are used when decoding
- * safeContents bags which are nested and when decoding the
- * authenticatedSafes.
- */
-static SECStatus
-sec_pkcs12_decoder_begin_nested_safe_contents(sec_PKCS12SafeContentsContext
- *safeContentsCtx);
-static SECStatus
-sec_pkcs12_decoder_finish_nested_safe_contents(sec_PKCS12SafeContentsContext
- *safeContentsCtx);
-static void
-sec_pkcs12_decoder_safe_bag_update(void *arg, const char *data,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind);
-
-/* notify function for decoding safeBags. This function is
- * used to filter safeBag types which are not supported,
- * initiate the decoding of nested safe contents, and decode
- * safeBags in general. this function is set when the decoder
- * context for the safeBag is first created.
- */
-static void
-sec_pkcs12_decoder_safe_bag_notify(void *arg, PRBool before,
- void *dest, int real_depth)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext *)arg;
- SEC_PKCS12DecoderContext *p12dcx;
- sec_PKCS12SafeBag *bag;
- PRBool after;
-
- /* if an error is encountered, return */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx ||
- safeContentsCtx->p12dcx->error) {
- return;
- }
- p12dcx = safeContentsCtx->p12dcx;
-
- /* to make things more readable */
- if(before)
- after = PR_FALSE;
- else
- after = PR_TRUE;
-
- /* have we determined the safeBagType yet? */
- bag = safeContentsCtx->currentSafeBag;
- if(bag->bagTypeTag == NULL) {
- if(after && (dest == &(bag->safeBagType))) {
- bag->bagTypeTag = SECOID_FindOID(&(bag->safeBagType));
- if(bag->bagTypeTag == NULL) {
- p12dcx->error = PR_TRUE;
- p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- }
- }
- return;
- }
-
- /* process the safeBag depending on it's type. those
- * which we do not support, are ignored. we start a decoding
- * context for a nested safeContents.
- */
- switch(bag->bagTypeTag->offset) {
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- break;
- case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
- /* if we are just starting to decode the safeContents, initialize
- * a new safeContentsCtx to process it.
- */
- if(before && (dest == &(bag->safeBagContent))) {
- sec_pkcs12_decoder_begin_nested_safe_contents(safeContentsCtx);
- } else if(after && (dest == &(bag->safeBagContent))) {
- /* clean up the nested decoding */
- sec_pkcs12_decoder_finish_nested_safe_contents(safeContentsCtx);
- }
- break;
- case SEC_OID_PKCS12_V1_CRL_BAG_ID:
- case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
- default:
- /* skip any safe bag types we don't understand or handle */
- safeContentsCtx->skipCurrentSafeBag = PR_TRUE;
- break;
- }
-
- return;
-}
-
-/* notify function for decoding safe contents. each entry in the
- * safe contents is a safeBag which needs to be allocated and
- * the decoding context initialized at the beginning and then
- * the context needs to be closed and finished at the end.
- *
- * this function is set when the safeContents decode context is
- * initialized.
- */
-static void
-sec_pkcs12_decoder_safe_contents_notify(void *arg, PRBool before,
- void *dest, int real_depth)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext*)arg;
- SEC_PKCS12DecoderContext *p12dcx;
- SECStatus rv;
-
- /* if there is an error we don't want to continue processing,
- * just return and keep going.
- */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error) {
- return;
- }
- p12dcx = safeContentsCtx->p12dcx;
-
- /* if we are done with the current safeBag, then we need to
- * finish the context and set the state variables appropriately.
- */
- if(!before) {
- SEC_ASN1DecoderClearFilterProc(safeContentsCtx->safeContentsDcx);
- SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagDcx);
- safeContentsCtx->currentSafeBagDcx = NULL;
- safeContentsCtx->skipCurrentSafeBag = PR_FALSE;
- } else {
- /* we are starting a new safe bag. we need to allocate space
- * for the bag and initialize the decoding context.
- */
- rv = sec_pkcs12_decoder_init_new_safe_bag(safeContentsCtx);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* set up the decoder context */
- safeContentsCtx->currentSafeBagDcx = SEC_ASN1DecoderStart(p12dcx->arena,
- safeContentsCtx->currentSafeBag,
- sec_PKCS12SafeBagTemplate);
- if(!safeContentsCtx->currentSafeBagDcx) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* set the notify and filter procs so that the safe bag
- * data gets sent to the proper location when decoding.
- */
- SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->currentSafeBagDcx,
- sec_pkcs12_decoder_safe_bag_notify,
- safeContentsCtx);
- SEC_ASN1DecoderSetFilterProc(safeContentsCtx->safeContentsDcx,
- sec_pkcs12_decoder_safe_bag_update,
- safeContentsCtx, PR_TRUE);
- }
-
- return;
-
-loser:
- /* in the event of an error, we want to close the decoding
- * context and clear the filter and notify procedures.
- */
- p12dcx->error = PR_TRUE;
-
- if(safeContentsCtx->currentSafeBagDcx) {
- SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagDcx);
- safeContentsCtx->currentSafeBagDcx = NULL;
- }
-
- SEC_ASN1DecoderClearNotifyProc(safeContentsCtx->safeContentsDcx);
- SEC_ASN1DecoderClearFilterProc(safeContentsCtx->safeContentsDcx);
-
- return;
-}
-
-/* initialize the safeContents for decoding. this routine
- * is used for authenticatedSafes as well as nested safeContents.
- */
-static sec_PKCS12SafeContentsContext *
-sec_pkcs12_decoder_safe_contents_init_decode(SEC_PKCS12DecoderContext *p12dcx,
- PRBool nestedSafe)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx = NULL;
- const SEC_ASN1Template *theTemplate;
-
- if(!p12dcx || p12dcx->error) {
- return NULL;
- }
-
- /* allocate a new safeContents list or grow the existing list and
- * append the new safeContents onto the end.
- */
- if(!p12dcx->safeContentsCnt) {
- p12dcx->safeContentsList =
- (sec_PKCS12SafeContentsContext**)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeContentsContext *));
- } else {
- p12dcx->safeContentsList =
- (sec_PKCS12SafeContentsContext **) PORT_ArenaGrow(p12dcx->arena,
- p12dcx->safeContentsList,
- (p12dcx->safeContentsCnt *
- sizeof(sec_PKCS12SafeContentsContext *)),
- (1 + p12dcx->safeContentsCnt *
- sizeof(sec_PKCS12SafeContentsContext *)));
- }
- if(!p12dcx->safeContentsList) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- p12dcx->safeContentsList[p12dcx->safeContentsCnt] =
- (sec_PKCS12SafeContentsContext*)PORT_ArenaZAlloc(
- p12dcx->arena,
- sizeof(sec_PKCS12SafeContentsContext));
- p12dcx->safeContentsList[p12dcx->safeContentsCnt+1] = NULL;
- if(!p12dcx->safeContentsList[p12dcx->safeContentsCnt]) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* set up the state variables */
- safeContentsCtx = p12dcx->safeContentsList[p12dcx->safeContentsCnt];
- p12dcx->safeContentsCnt++;
- safeContentsCtx->p12dcx = p12dcx;
- safeContentsCtx->arena = p12dcx->arena;
-
- /* begin the decoding -- the template is based on whether we are
- * decoding a nested safeContents or not.
- */
- if(nestedSafe == PR_TRUE) {
- theTemplate = sec_PKCS12NestedSafeContentsDecodeTemplate;
- } else {
- theTemplate = sec_PKCS12SafeContentsDecodeTemplate;
- }
-
- /* start the decoder context */
- safeContentsCtx->safeContentsDcx = SEC_ASN1DecoderStart(p12dcx->arena,
- &safeContentsCtx->safeContents,
- theTemplate);
-
- if(!safeContentsCtx->safeContentsDcx) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* set the safeContents notify procedure to look for
- * and start the decode of safeBags.
- */
- SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->safeContentsDcx,
- sec_pkcs12_decoder_safe_contents_notify,
- safeContentsCtx);
-
- return safeContentsCtx;
-
-loser:
- /* in the case of an error, we want to finish the decoder
- * context and set the error flag.
- */
- if(safeContentsCtx && safeContentsCtx->safeContentsDcx) {
- SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsDcx);
- safeContentsCtx->safeContentsDcx = NULL;
- }
-
- p12dcx->error = PR_TRUE;
-
- return NULL;
-}
-
-/* wrapper for updating safeContents. this is set as the filter of
- * safeBag when there is a nested safeContents.
- */
-static void
-sec_pkcs12_decoder_nested_safe_contents_update(void *arg, const char *buf,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext *)arg;
- SEC_PKCS12DecoderContext *p12dcx;
- SECStatus rv;
-
- /* check for an error */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error) {
- return;
- }
-
- /* no need to update if no data sent in */
- if(!len || !buf) {
- return;
- }
-
- /* update the decoding context */
- p12dcx = safeContentsCtx->p12dcx;
- rv = SEC_ASN1DecoderUpdate(safeContentsCtx->safeContentsDcx, buf, len);
- if(rv != SECSuccess) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- return;
-
-loser:
- /* handle any errors. If a decoding context is open, close it. */
- p12dcx->error = PR_TRUE;
- if(safeContentsCtx->safeContentsDcx) {
- SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsDcx);
- safeContentsCtx->safeContentsDcx = NULL;
- }
-}
-
-/* whenever a new safeContentsSafeBag is encountered, we need
- * to init a safeContentsContext.
- */
-static SECStatus
-sec_pkcs12_decoder_begin_nested_safe_contents(sec_PKCS12SafeContentsContext
- *safeContentsCtx)
-{
- /* check for an error */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx ||
- safeContentsCtx->p12dcx->error) {
- return SECFailure;
- }
-
- safeContentsCtx->nestedCtx = sec_pkcs12_decoder_safe_contents_init_decode(
- safeContentsCtx->p12dcx,
- PR_TRUE);
- if(!safeContentsCtx->nestedCtx) {
- return SECFailure;
- }
-
- /* set up new filter proc */
- SEC_ASN1DecoderSetNotifyProc(safeContentsCtx->nestedCtx->safeContentsDcx,
- sec_pkcs12_decoder_safe_contents_notify,
- safeContentsCtx->nestedCtx);
- SEC_ASN1DecoderSetFilterProc(safeContentsCtx->currentSafeBagDcx,
- sec_pkcs12_decoder_nested_safe_contents_update,
- safeContentsCtx->nestedCtx, PR_TRUE);
-
- return SECSuccess;
-}
-
-/* when the safeContents is done decoding, we need to reset the
- * proper filter and notify procs and close the decoding context
- */
-static SECStatus
-sec_pkcs12_decoder_finish_nested_safe_contents(sec_PKCS12SafeContentsContext
- *safeContentsCtx)
-{
- /* check for error */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx ||
- safeContentsCtx->p12dcx->error) {
- return SECFailure;
- }
-
- /* clean up */
- SEC_ASN1DecoderClearFilterProc(safeContentsCtx->currentSafeBagDcx);
- SEC_ASN1DecoderClearNotifyProc(safeContentsCtx->nestedCtx->safeContentsDcx);
- SEC_ASN1DecoderFinish(safeContentsCtx->nestedCtx->safeContentsDcx);
- safeContentsCtx->nestedCtx->safeContentsDcx = NULL;
- safeContentsCtx->nestedCtx = NULL;
-
- return SECSuccess;
-}
-
-/* wrapper for updating safeContents. This is used when decoding
- * the nested safeContents and any authenticatedSafes.
- */
-static void
-sec_pkcs12_decoder_safe_contents_callback(void *arg, const char *buf,
- unsigned long len)
-{
- SECStatus rv;
- sec_PKCS12SafeContentsContext *safeContentsCtx =
- (sec_PKCS12SafeContentsContext *)arg;
- SEC_PKCS12DecoderContext *p12dcx;
-
- /* check for error */
- if(!safeContentsCtx || !safeContentsCtx->p12dcx
- || safeContentsCtx->p12dcx->error) {
- return;
- }
- p12dcx = safeContentsCtx->p12dcx;
-
- /* update the decoder */
- rv = SEC_ASN1DecoderUpdate(safeContentsCtx->safeContentsDcx, buf, len);
- if(rv != SECSuccess) {
- /* if we fail while trying to decode a 'safe', it's probably because
- * we didn't have the correct password. */
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- goto loser;
- }
-
- return;
-
-loser:
- /* set the error and finish the context */
- p12dcx->error = PR_TRUE;
- if(safeContentsCtx->safeContentsDcx) {
- SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsDcx);
- safeContentsCtx->safeContentsDcx = NULL;
- }
-
- return;
-}
-
-/* this is a wrapper for the ASN1 decoder to call SEC_PKCS7DecoderUpdate
- */
-static void
-sec_pkcs12_decoder_wrap_p7_update(void *arg, const char *data,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- SEC_PKCS7DecoderContext *p7dcx = (SEC_PKCS7DecoderContext *)arg;
-
- SEC_PKCS7DecoderUpdate(p7dcx, data, len);
-}
-
-/* notify function for decoding aSafes. at the beginning,
- * of an authenticatedSafe, we start a decode of a safeContents.
- * at the end, we clean up the safeContents decoder context and
- * reset state variables
- */
-static void
-sec_pkcs12_decoder_asafes_notify(void *arg, PRBool before, void *dest,
- int real_depth)
-{
- SEC_PKCS12DecoderContext *p12dcx;
- sec_PKCS12SafeContentsContext *safeContentsCtx;
-
- /* make sure no error occurred. */
- p12dcx = (SEC_PKCS12DecoderContext *)arg;
- if(!p12dcx || p12dcx->error) {
- return;
- }
-
- if(before) {
-
- /* init a new safeContentsContext */
- safeContentsCtx = sec_pkcs12_decoder_safe_contents_init_decode(p12dcx,
- PR_FALSE);
- if(!safeContentsCtx) {
- goto loser;
- }
-
- /* set up password and encryption key information */
- p12dcx->currentASafeKeyPwd =
- (SEC_PKCS5KeyAndPassword*)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(SEC_PKCS5KeyAndPassword));
- if(!p12dcx->currentASafeKeyPwd) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
- p12dcx->currentASafeKeyPwd->pwitem = p12dcx->pwitem;
- p12dcx->currentASafeKeyPwd->slot = p12dcx->slot;
- p12dcx->currentASafeKeyPwd->wincx = p12dcx->wincx;
-
- /* initiate the PKCS7ContentInfo decode */
- p12dcx->currentASafeP7Dcx = SEC_PKCS7DecoderStart(
- sec_pkcs12_decoder_safe_contents_callback,
- safeContentsCtx,
- p12dcx->pwfn, p12dcx->pwfnarg,
- sec_pkcs12_decoder_get_decrypt_key,
- p12dcx->currentASafeKeyPwd,
- sec_pkcs12_decoder_decryption_allowed);
- if(!p12dcx->currentASafeP7Dcx) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
- SEC_ASN1DecoderSetFilterProc(p12dcx->aSafeDcx,
- sec_pkcs12_decoder_wrap_p7_update,
- p12dcx->currentASafeP7Dcx, PR_TRUE);
- }
-
- if(!before) {
- /* if one is being decoded, finish the decode */
- if(p12dcx->currentASafeP7Dcx != NULL) {
- if(!SEC_PKCS7DecoderFinish(p12dcx->currentASafeP7Dcx)) {
- p12dcx->currentASafeP7Dcx = NULL;
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
- p12dcx->currentASafeP7Dcx = NULL;
- }
- p12dcx->currentASafeP7Dcx = NULL;
- if(p12dcx->currentASafeKeyPwd->key != NULL) {
- p12dcx->currentASafeKeyPwd->key = NULL;
- }
- }
-
-
- return;
-
-loser:
- /* set the error flag */
- p12dcx->error = PR_TRUE;
- return;
-}
-
-/* wrapper for updating asafes decoding context. this function
- * writes data being decoded to disk, so that a mac can be computed
- * later.
- */
-static void
-sec_pkcs12_decoder_asafes_callback(void *arg, const char *buf,
- unsigned long len)
-{
- SEC_PKCS12DecoderContext *p12dcx = (SEC_PKCS12DecoderContext *)arg;
- SECStatus rv;
-
- if(!p12dcx || p12dcx->error) {
- return;
- }
-
- /* update the context */
- rv = SEC_ASN1DecoderUpdate(p12dcx->aSafeDcx, buf, len);
- if(rv != SECSuccess) {
- p12dcx->error = (PRBool)SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* if we are writing to a file, write out the new information */
- if(p12dcx->dWrite) {
- unsigned long writeLen = (*p12dcx->dWrite)(p12dcx->dArg,
- (unsigned char *)buf, len);
- if(writeLen != len) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
- }
-
- return;
-
-loser:
- /* set the error flag */
- p12dcx->error = PR_TRUE;
- SEC_ASN1DecoderFinish(p12dcx->aSafeDcx);
- p12dcx->aSafeDcx = NULL;
-
- return;
-}
-
-/* start the decode of an authenticatedSafe contentInfo.
- */
-static SECStatus
-sec_pkcs12_decode_start_asafes_cinfo(SEC_PKCS12DecoderContext *p12dcx)
-{
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- /* start the decode context */
- p12dcx->aSafeDcx = SEC_ASN1DecoderStart(p12dcx->arena,
- &p12dcx->authSafe,
- sec_PKCS12AuthenticatedSafeTemplate);
- if(!p12dcx->aSafeDcx) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* set the notify function */
- SEC_ASN1DecoderSetNotifyProc(p12dcx->aSafeDcx,
- sec_pkcs12_decoder_asafes_notify, p12dcx);
-
- /* begin the authSafe decoder context */
- p12dcx->aSafeP7Dcx = SEC_PKCS7DecoderStart(
- sec_pkcs12_decoder_asafes_callback, p12dcx,
- p12dcx->pwfn, p12dcx->pwfnarg, NULL, NULL, NULL);
- if(!p12dcx->aSafeP7Dcx) {
- p12dcx->errorValue = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* open the temp file for writing, if the filter functions were set */
- if(p12dcx->dOpen && (*p12dcx->dOpen)(p12dcx->dArg, PR_FALSE)
- != SECSuccess) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
-
- return SECSuccess;
-
-loser:
- p12dcx->error = PR_TRUE;
-
- if(p12dcx->aSafeDcx) {
- SEC_ASN1DecoderFinish(p12dcx->aSafeDcx);
- p12dcx->aSafeDcx = NULL;
- }
-
- if(p12dcx->aSafeP7Dcx) {
- SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
- p12dcx->aSafeP7Dcx = NULL;
- }
-
- return SECFailure;
-}
-
-/* wrapper for updating the safeContents. this function is used as
- * a filter for the pfx when decoding the authenticated safes
- */
-static void
-sec_pkcs12_decode_asafes_cinfo_update(void *arg, const char *buf,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- SEC_PKCS12DecoderContext *p12dcx;
- SECStatus rv;
-
- p12dcx = (SEC_PKCS12DecoderContext*)arg;
- if(!p12dcx || p12dcx->error) {
- return;
- }
-
- /* update the safeContents decoder */
- rv = SEC_PKCS7DecoderUpdate(p12dcx->aSafeP7Dcx, buf, len);
- if(rv != SECSuccess) {
- p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- goto loser;
- }
-
- return;
-
-loser:
-
- /* did we find an error? if so, close the context and set the
- * error flag.
- */
- SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
- p12dcx->aSafeP7Dcx = NULL;
- p12dcx->error = PR_TRUE;
-}
-
-/* notify procedure used while decoding the pfx. When we encounter
- * the authSafes, we want to trigger the decoding of authSafes as well
- * as when we encounter the macData, trigger the decoding of it. we do
- * this because we we are streaming the decoder and not decoding in place.
- * the pfx which is the destination, only has the version decoded into it.
- */
-static void
-sec_pkcs12_decoder_pfx_notify_proc(void *arg, PRBool before, void *dest,
- int real_depth)
-{
- SECStatus rv;
- SEC_PKCS12DecoderContext *p12dcx = (SEC_PKCS12DecoderContext*)arg;
-
- /* if an error occurrs, clear the notifyProc and the filterProc
- * and continue.
- */
- if(p12dcx->error) {
- SEC_ASN1DecoderClearNotifyProc(p12dcx->pfxDcx);
- SEC_ASN1DecoderClearFilterProc(p12dcx->pfxDcx);
- return;
- }
-
- if(before && (dest == &p12dcx->pfx.encodedAuthSafe)) {
-
- /* we want to make sure this is a version we support */
- if(!sec_pkcs12_proper_version(&p12dcx->pfx)) {
- p12dcx->errorValue = SEC_ERROR_PKCS12_UNSUPPORTED_VERSION;
- goto loser;
- }
-
- /* start the decode of the aSafes cinfo... */
- rv = sec_pkcs12_decode_start_asafes_cinfo(p12dcx);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* set the filter proc to update the authenticated safes. */
- SEC_ASN1DecoderSetFilterProc(p12dcx->pfxDcx,
- sec_pkcs12_decode_asafes_cinfo_update,
- p12dcx, PR_TRUE);
- }
-
- if(!before && (dest == &p12dcx->pfx.encodedAuthSafe)) {
-
- /* we are done decoding the authenticatedSafes, so we need to
- * finish the decoderContext and clear the filter proc
- * and close the hmac callback, if present
- */
- p12dcx->aSafeCinfo = SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
- p12dcx->aSafeP7Dcx = NULL;
- if(!p12dcx->aSafeCinfo) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
- SEC_ASN1DecoderClearFilterProc(p12dcx->pfxDcx);
- if(p12dcx->dClose && ((*p12dcx->dClose)(p12dcx->dArg, PR_FALSE)
- != SECSuccess)) {
- p12dcx->errorValue = PORT_GetError();
- goto loser;
- }
-
- }
-
- return;
-
-loser:
- p12dcx->error = PR_TRUE;
-}
-
-/* default implementations of the open/close/read/write functions for
- SEC_PKCS12DecoderStart
-*/
-
-#define DEFAULT_TEMP_SIZE 4096
-
-static SECStatus
-p12u_DigestOpen(void *arg, PRBool readData)
-{
- SEC_PKCS12DecoderContext* p12cxt = arg;
-
- p12cxt->currentpos = 0;
-
- if (PR_FALSE == readData) {
- /* allocate an initial buffer */
- p12cxt->filesize = 0;
- p12cxt->allocated = DEFAULT_TEMP_SIZE;
- p12cxt->buffer = PORT_Alloc(DEFAULT_TEMP_SIZE);
- PR_ASSERT(p12cxt->buffer);
- }
- else
- {
- PR_ASSERT(p12cxt->buffer);
- if (!p12cxt->buffer) {
- return SECFailure; /* no data to read */
- }
- }
-
- return SECSuccess;
-}
-
-static SECStatus
-p12u_DigestClose(void *arg, PRBool removeFile)
-{
- SEC_PKCS12DecoderContext* p12cxt = arg;
-
- PR_ASSERT(p12cxt);
- if (!p12cxt) {
- return SECFailure;
- }
- p12cxt->currentpos = 0;
-
- if (PR_TRUE == removeFile) {
- PR_ASSERT(p12cxt->buffer);
- if (!p12cxt->buffer) {
- return SECFailure;
- }
- if (p12cxt->buffer) {
- PORT_Free(p12cxt->buffer);
- p12cxt->buffer = NULL;
- p12cxt->allocated = 0;
- p12cxt->filesize = 0;
- }
- }
-
- return SECSuccess;
-}
-
-static int
-p12u_DigestRead(void *arg, unsigned char *buf, unsigned long len)
-{
- int toread = len;
- SEC_PKCS12DecoderContext* p12cxt = arg;
-
- if(!buf || len == 0) {
- return -1;
- }
-
- if (!p12cxt->buffer || ((p12cxt->filesize-p12cxt->currentpos)<len) ) {
- /* trying to read past the end of the buffer */
- toread = p12cxt->filesize-p12cxt->currentpos;
- }
- memcpy(buf, (void*)((char*)p12cxt->buffer+p12cxt->currentpos), toread);
- p12cxt->currentpos += toread;
- return toread;
-}
-
-static int
-p12u_DigestWrite(void *arg, unsigned char *buf, unsigned long len)
-{
- SEC_PKCS12DecoderContext* p12cxt = arg;
-
- if(!buf || len == 0) {
- return -1;
- }
-
- if (p12cxt->currentpos+len > p12cxt->filesize) {
- p12cxt->filesize = p12cxt->currentpos + len;
- }
- else {
- p12cxt->filesize += len;
- }
- if (p12cxt->filesize > p12cxt->allocated) {
- void* newbuffer;
- size_t newsize = p12cxt->filesize + DEFAULT_TEMP_SIZE;
- newbuffer = PORT_Realloc(p12cxt->buffer, newsize);
- if (NULL == newbuffer) {
- return -1; /* can't extend the buffer */
- }
- p12cxt->buffer = newbuffer;
- p12cxt->allocated = newsize;
- }
- PR_ASSERT(p12cxt->buffer);
- memcpy((void*)((char*)p12cxt->buffer+p12cxt->currentpos), buf, len);
- p12cxt->currentpos += len;
- return len;
-}
-
-/* SEC_PKCS12DecoderStart
- * Creates a decoder context for decoding a PKCS 12 PDU objct.
- * This function sets up the initial decoding context for the
- * PFX and sets the needed state variables.
- *
- * pwitem - the password for the hMac and any encoded safes.
- * this should be changed to take a callback which retrieves
- * the password. it may be possible for different safes to
- * have different passwords. also, the password is already
- * in unicode. it should probably be converted down below via
- * a unicode conversion callback.
- * slot - the slot to import the dataa into should multiple slots
- * be supported based on key type and cert type?
- * dOpen, dClose, dRead, dWrite - digest routines for writing data
- * to a file so it could be read back and the hmack recomputed
- * and verified. doesn't seem to be away for both encoding
- * and decoding to be single pass, thus the need for these
- * routines.
- * dArg - the argument for dOpen, etc.
- *
- * if NULL == dOpen == dClose == dRead == dWrite == dArg, then default
- * implementations using a memory buffer are used
- *
- * This function returns the decoder context, if it was successful.
- * Otherwise, null is returned.
- */
-SEC_PKCS12DecoderContext *
-SEC_PKCS12DecoderStart(SECItem *pwitem, PK11SlotInfo *slot, void *wincx,
- digestOpenFn dOpen, digestCloseFn dClose,
- digestIOFn dRead, digestIOFn dWrite, void *dArg)
-{
- SEC_PKCS12DecoderContext *p12dcx;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(2048); /* different size? */
- if(!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /* allocate the decoder context and set the state variables */
- p12dcx = (SEC_PKCS12DecoderContext*)PORT_ArenaZAlloc(arena, sizeof(SEC_PKCS12DecoderContext));
- if(!p12dcx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- if (!dOpen && !dClose && !dRead && !dWrite && !dArg) {
- /* use default implementations */
- dOpen = p12u_DigestOpen;
- dClose = p12u_DigestClose;
- dRead = p12u_DigestRead;
- dWrite = p12u_DigestWrite;
- dArg = (void*)p12dcx;
- }
-
- p12dcx->arena = arena;
- p12dcx->pwitem = pwitem;
- p12dcx->slot = (slot ? slot : PK11_GetInternalKeySlot());
- p12dcx->wincx = wincx;
-#ifdef IS_LITTLE_ENDIAN
- p12dcx->swapUnicodeBytes = PR_TRUE;
-#else
- p12dcx->swapUnicodeBytes = PR_FALSE;
-#endif
- p12dcx->errorValue = 0;
- p12dcx->error = PR_FALSE;
-
- /* a slot is *required */
- if(!slot) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* start the decoding of the PFX and set the notify proc
- * for the PFX item.
- */
- p12dcx->pfxDcx = SEC_ASN1DecoderStart(p12dcx->arena, &p12dcx->pfx,
- sec_PKCS12PFXItemTemplate);
- if(!p12dcx->pfxDcx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- SEC_ASN1DecoderSetNotifyProc(p12dcx->pfxDcx,
- sec_pkcs12_decoder_pfx_notify_proc,
- p12dcx);
-
- /* set up digest functions */
- p12dcx->dOpen = dOpen;
- p12dcx->dWrite = dWrite;
- p12dcx->dClose = dClose;
- p12dcx->dRead = dRead;
- p12dcx->dArg = dArg;
-
- return p12dcx;
-
-loser:
- PORT_FreeArena(arena, PR_TRUE);
- return NULL;
-}
-
-/* SEC_PKCS12DecoderUpdate
- * Streaming update sending more data to the decoder. If
- * an error occurs, SECFailure is returned.
- *
- * p12dcx - the decoder context
- * data, len - the data buffer and length of data to send to
- * the update functions.
- */
-SECStatus
-SEC_PKCS12DecoderUpdate(SEC_PKCS12DecoderContext *p12dcx,
- unsigned char *data, unsigned long len)
-{
- SECStatus rv;
-
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- /* update the PFX decoder context */
- rv = SEC_ASN1DecoderUpdate(p12dcx->pfxDcx, (const char *)data, len);
- if(rv != SECSuccess) {
- p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- goto loser;
- }
-
- return SECSuccess;
-
-loser:
-
- p12dcx->error = PR_TRUE;
- return SECFailure;
-}
-
-/* IN_BUF_LEN should be larger than SHA1_LENGTH */
-#define IN_BUF_LEN 80
-
-/* verify the hmac by reading the data from the temporary file
- * using the routines specified when the decodingContext was
- * created and return SECSuccess if the hmac matches.
- */
-static SECStatus
-sec_pkcs12_decoder_verify_mac(SEC_PKCS12DecoderContext *p12dcx)
-{
- SECStatus rv = SECFailure;
- SECItem hmacRes;
- unsigned char buf[IN_BUF_LEN];
- unsigned int bufLen;
- int iteration;
- PK11Context *pk11cx = NULL;
- SECItem ignore = {0};
- PK11SymKey *symKey;
- SECItem *params;
- SECOidTag algtag;
- CK_MECHANISM_TYPE integrityMech;
-
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- /* generate hmac key */
- if(p12dcx->macData.iter.data) {
- iteration = (int)DER_GetInteger(&p12dcx->macData.iter);
- } else {
- iteration = 1;
- }
-
- params = PK11_CreatePBEParams(&p12dcx->macData.macSalt, p12dcx->pwitem,
- iteration);
-
- algtag = SECOID_GetAlgorithmTag(&p12dcx->macData.safeMac.digestAlgorithm);
- switch (algtag) {
- case SEC_OID_SHA1:
- integrityMech = CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN; break;
- case SEC_OID_MD5:
- integrityMech = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN; break;
- case SEC_OID_MD2:
- integrityMech = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN; break;
- default:
- goto loser;
- }
-
- symKey = PK11_KeyGen(NULL, integrityMech, params, 20, NULL);
- PK11_DestroyPBEParams(params);
- if (!symKey) goto loser;
- /* init hmac */
- pk11cx = PK11_CreateContextBySymKey(sec_pkcs12_algtag_to_mech(algtag),
- CKA_SIGN, symKey, &ignore);
- if(!pk11cx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- rv = PK11_DigestBegin(pk11cx);
-
- /* try to open the data for readback */
- if(p12dcx->dOpen && ((*p12dcx->dOpen)(p12dcx->dArg, PR_TRUE)
- != SECSuccess)) {
- goto loser;
- }
-
- /* read the data back IN_BUF_LEN bytes at a time and recompute
- * the hmac. if fewer bytes are read than are requested, it is
- * assumed that the end of file has been reached. if bytesRead
- * is returned as -1, then an error occured reading from the
- * file.
- */
- while(1) {
- int bytesRead = (*p12dcx->dRead)(p12dcx->dArg, buf, IN_BUF_LEN);
- if(bytesRead == -1) {
- goto loser;
- }
-
- rv = PK11_DigestOp(pk11cx, buf, bytesRead);
- if(bytesRead < IN_BUF_LEN) {
- break;
- }
- }
-
- /* finish the hmac context */
- rv = PK11_DigestFinal(pk11cx, buf, &bufLen, IN_BUF_LEN);
-
- hmacRes.data = buf;
- hmacRes.len = bufLen;
-
- /* is the hmac computed the same as the hmac which was decoded? */
- rv = SECSuccess;
- if(SECITEM_CompareItem(&hmacRes, &p12dcx->macData.safeMac.digest)
- != SECEqual) {
- PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
- rv = SECFailure;
- }
-
-loser:
- /* close the file and remove it */
- if(p12dcx->dClose) {
- (*p12dcx->dClose)(p12dcx->dArg, PR_TRUE);
- }
-
- if(pk11cx) {
- PK11_DestroyContext(pk11cx, PR_TRUE);
- }
-
- return rv;
-}
-
-/* SEC_PKCS12DecoderVerify
- * Verify the macData or the signature of the decoded PKCS 12 PDU.
- * If the signature or the macData do not match, SECFailure is
- * returned.
- *
- * p12dcx - the decoder context
- */
-SECStatus
-SEC_PKCS12DecoderVerify(SEC_PKCS12DecoderContext *p12dcx)
-{
- SECStatus rv = SECSuccess;
-
- /* make sure that no errors have occured... */
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- /* check the signature or the mac depending on the type of
- * integrity used.
- */
- if(p12dcx->pfx.encodedMacData.len) {
- rv = SEC_ASN1DecodeItem(p12dcx->arena, &p12dcx->macData,
- sec_PKCS12MacDataTemplate,
- &p12dcx->pfx.encodedMacData);
- if(rv == SECSuccess) {
- return sec_pkcs12_decoder_verify_mac(p12dcx);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- if(SEC_PKCS7VerifySignature(p12dcx->aSafeCinfo, certUsageEmailSigner,
- PR_FALSE)) {
- return SECSuccess;
- } else {
- PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
- }
- }
-
- return SECFailure;
-}
-
-/* SEC_PKCS12DecoderFinish
- * Free any open ASN1 or PKCS7 decoder contexts and then
- * free the arena pool which everything should be allocated
- * from. This function should be called upon completion of
- * decoding and installing of a pfx pdu. This should be
- * called even if an error occurs.
- *
- * p12dcx - the decoder context
- */
-void
-SEC_PKCS12DecoderFinish(SEC_PKCS12DecoderContext *p12dcx)
-{
- if(!p12dcx) {
- return;
- }
-
- if(p12dcx->pfxDcx) {
- SEC_ASN1DecoderFinish(p12dcx->pfxDcx);
- p12dcx->pfxDcx = NULL;
- }
-
- if(p12dcx->aSafeDcx) {
- SEC_ASN1DecoderFinish(p12dcx->aSafeDcx);
- p12dcx->aSafeDcx = NULL;
- }
-
- if(p12dcx->currentASafeP7Dcx) {
- SEC_PKCS7DecoderFinish(p12dcx->currentASafeP7Dcx);
- p12dcx->currentASafeP7Dcx = NULL;
- }
-
- if(p12dcx->aSafeP7Dcx) {
- SEC_PKCS7DecoderFinish(p12dcx->aSafeP7Dcx);
- }
-
- if(p12dcx->hmacDcx) {
- SEC_ASN1DecoderFinish(p12dcx->hmacDcx);
- p12dcx->hmacDcx = NULL;
- }
-
- if(p12dcx->arena) {
- PORT_FreeArena(p12dcx->arena, PR_TRUE);
- }
-}
-
-static SECStatus
-sec_pkcs12_decoder_set_attribute_value(sec_PKCS12SafeBag *bag,
- SECOidTag attributeType,
- SECItem *attrValue)
-{
- int i = 0;
- SECOidData *oid;
-
- if(!bag || !attrValue) {
- return SECFailure;
- }
-
- oid = SECOID_FindOIDByTag(attributeType);
- if(!oid) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- if(!bag->attribs) {
- bag->attribs = (sec_PKCS12Attribute**)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute *) * 2);
- } else {
- while(bag->attribs[i]) i++;
- bag->attribs = (sec_PKCS12Attribute **)PORT_ArenaGrow(bag->arena,
- bag->attribs,
- (i + 1) * sizeof(sec_PKCS12Attribute *),
- (i + 2) * sizeof(sec_PKCS12Attribute *));
- }
-
- if(!bag->attribs) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- bag->attribs[i] = (sec_PKCS12Attribute*)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute));
- if(!bag->attribs) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- bag->attribs[i]->attrValue = (SECItem**)PORT_ArenaZAlloc(bag->arena,
- sizeof(SECItem *) * 2);
- if(!bag->attribs[i]->attrValue) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- bag->attribs[i+1] = NULL;
- bag->attribs[i]->attrValue[0] = attrValue;
- bag->attribs[i]->attrValue[1] = NULL;
-
- if(SECITEM_CopyItem(bag->arena, &bag->attribs[i]->attrType, &oid->oid)
- != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-static SECItem *
-sec_pkcs12_get_attribute_value(sec_PKCS12SafeBag *bag,
- SECOidTag attributeType)
-{
- int i = 0;
-
- if(!bag->attribs) {
- return NULL;
- }
-
- while(bag->attribs[i] != NULL) {
- if(SECOID_FindOIDTag(&bag->attribs[i]->attrType)
- == attributeType) {
- return bag->attribs[i]->attrValue[0];
- }
- i++;
- }
-
- return NULL;
-}
-
-/* For now, this function will merely remove any ":"
- * in the nickname which the PK11 functions may have
- * placed there. This will keep dual certs from appearing
- * twice under "Your" certificates when imported onto smart
- * cards. Once with the name "Slot:Cert" and another with
- * the nickname "Slot:Slot:Cert"
- */
-static void
-sec_pkcs12_sanitize_nickname(PK11SlotInfo *slot, SECItem *nick)
-{
- char *nickname;
- char *delimit;
- int delimitlen;
-
- nickname = (char*)nick->data; /*Mac breaks without this type cast*/
- if ((delimit = PORT_Strchr(nickname, ':')) != NULL) {
- char *slotName;
- int slotNameLen;
-
- slotNameLen = delimit-nickname;
- slotName = PORT_NewArray(char, (slotNameLen+1));
- PORT_Assert(slotName);
- if (slotName == NULL) {
- /* What else can we do?*/
- return;
- }
- PORT_Memcpy(slotName, nickname, slotNameLen);
- slotName[slotNameLen] = '\0';
- if (PORT_Strcmp(PK11_GetTokenName(slot), slotName) == 0) {
- delimitlen = PORT_Strlen(delimit+1);
- PORT_Memmove(nickname, delimit+1, delimitlen+1);
- nick->len = delimitlen;
- }
- PORT_Free(slotName);
- }
-
-}
-
-static SECItem *
-sec_pkcs12_get_nickname(sec_PKCS12SafeBag *bag)
-{
- SECItem *src, *dest;
-
- if(!bag) {
- bag->problem = PR_TRUE;
- bag->error = SEC_ERROR_NO_MEMORY;
- return NULL;
- }
-
- src = sec_pkcs12_get_attribute_value(bag, SEC_OID_PKCS9_FRIENDLY_NAME);
- if(!src) {
- return NULL;
- }
-
- dest = (SECItem*)PORT_ZAlloc(sizeof(SECItem));
- if(!dest) {
- goto loser;
- }
- if(!sec_pkcs12_convert_item_to_unicode(NULL, dest, src, PR_FALSE,
- PR_FALSE, PR_FALSE)) {
- goto loser;
- }
-
- sec_pkcs12_sanitize_nickname(bag->slot, dest);
-
- return dest;
-
-loser:
- if(dest) {
- SECITEM_ZfreeItem(dest, PR_TRUE);
- }
-
- bag->problem = PR_TRUE;
- bag->error = PORT_GetError();
- return NULL;
-}
-
-static SECStatus
-sec_pkcs12_set_nickname(sec_PKCS12SafeBag *bag, SECItem *name)
-{
- int i = 0;
- sec_PKCS12Attribute *attr = NULL;
- SECOidData *oid = SECOID_FindOIDByTag(SEC_OID_PKCS9_FRIENDLY_NAME);
-
- if(!bag || !bag->arena || !name) {
- return SECFailure;
- }
-
- if(!bag->attribs) {
- if(!oid) {
- goto loser;
- }
-
- bag->attribs = (sec_PKCS12Attribute**)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute *)*2);
- if(!bag->attribs) {
- goto loser;
- }
- bag->attribs[0] = (sec_PKCS12Attribute*)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute));
- if(!bag->attribs[0]) {
- goto loser;
- }
- bag->attribs[1] = NULL;
-
- attr = bag->attribs[0];
- if(SECITEM_CopyItem(bag->arena, &attr->attrType, &oid->oid)
- != SECSuccess) {
- goto loser;
- }
- } else {
- while(bag->attribs[i]) {
- if(SECOID_FindOIDTag(&bag->attribs[i]->attrType)
- == SEC_OID_PKCS9_FRIENDLY_NAME) {
- attr = bag->attribs[i];
- goto have_attrib;
-
- }
- i++;
- }
- if(!attr) {
- bag->attribs = (sec_PKCS12Attribute **)PORT_ArenaGrow(bag->arena,
- bag->attribs,
- (i+1) * sizeof(sec_PKCS12Attribute *),
- (i+2) * sizeof(sec_PKCS12Attribute *));
- if(!bag->attribs) {
- goto loser;
- }
- bag->attribs[i] =
- (sec_PKCS12Attribute *)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12Attribute));
- if(!bag->attribs[i]) {
- goto loser;
- }
- bag->attribs[i+1] = NULL;
- attr = bag->attribs[i];
- if(SECITEM_CopyItem(bag->arena, &attr->attrType, &oid->oid)
- != SECSuccess) {
- goto loser;
- }
- }
- }
-have_attrib:
- PORT_Assert(attr);
- if(!attr->attrValue) {
- attr->attrValue = (SECItem **)PORT_ArenaZAlloc(bag->arena,
- sizeof(SECItem *) * 2);
- if(!attr->attrValue) {
- goto loser;
- }
- attr->attrValue[0] = (SECItem*)PORT_ArenaZAlloc(bag->arena,
- sizeof(SECItem));
- if(!attr->attrValue[0]) {
- goto loser;
- }
- attr->attrValue[1] = NULL;
- }
-
- name->len = PORT_Strlen((char *)name->data);
- if(!sec_pkcs12_convert_item_to_unicode(bag->arena, attr->attrValue[0],
- name, PR_FALSE, PR_FALSE, PR_TRUE)) {
- goto loser;
- }
-
- return SECSuccess;
-
-loser:
- bag->problem = PR_TRUE;
- bag->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
-}
-
-static SECStatus
-sec_pkcs12_get_key_info(sec_PKCS12SafeBag *key)
-{
- int i = 0;
- SECKEYPrivateKeyInfo *pki = NULL;
-
- if(!key) {
- return SECFailure;
- }
-
- /* if the bag does *not* contain an unencrypted PrivateKeyInfo
- * then we cannot convert the attributes. We are propagating
- * attributes within the PrivateKeyInfo to the SafeBag level.
- */
- if(SECOID_FindOIDTag(&(key->safeBagType)) !=
- SEC_OID_PKCS12_V1_KEY_BAG_ID) {
- return SECSuccess;
- }
-
- pki = key->safeBagContent.pkcs8KeyBag;
-
- if(!pki || !pki->attributes) {
- return SECSuccess;
- }
-
- while(pki->attributes[i]) {
- SECItem *attrValue = NULL;
-
- if(SECOID_FindOIDTag(&pki->attributes[i]->attrType) ==
- SEC_OID_PKCS9_LOCAL_KEY_ID) {
- attrValue = sec_pkcs12_get_attribute_value(key,
- SEC_OID_PKCS9_LOCAL_KEY_ID);
- if(!attrValue) {
- if(sec_pkcs12_decoder_set_attribute_value(key,
- SEC_OID_PKCS9_LOCAL_KEY_ID,
- pki->attributes[i]->attrValue[0])
- != SECSuccess) {
- key->problem = PR_TRUE;
- key->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
- }
- }
-
- if(SECOID_FindOIDTag(&pki->attributes[i]->attrType) ==
- SEC_OID_PKCS9_FRIENDLY_NAME) {
- attrValue = sec_pkcs12_get_attribute_value(key,
- SEC_OID_PKCS9_FRIENDLY_NAME);
- if(!attrValue) {
- if(sec_pkcs12_decoder_set_attribute_value(key,
- SEC_OID_PKCS9_FRIENDLY_NAME,
- pki->attributes[i]->attrValue[0])
- != SECSuccess) {
- key->problem = PR_TRUE;
- key->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
- }
- }
-
- i++;
- }
-
- return SECSuccess;
-}
-
-/* retrieve the nickname for the certificate bag. first look
- * in the cert bag, otherwise get it from the key.
- */
-static SECItem *
-sec_pkcs12_get_nickname_for_cert(sec_PKCS12SafeBag *cert,
- sec_PKCS12SafeBag *key,
- void *wincx)
-{
- SECItem *nickname;
-
- if(!cert) {
- return NULL;
- }
-
- nickname = sec_pkcs12_get_nickname(cert);
- if(nickname) {
- return nickname;
- }
-
- if(key) {
- nickname = sec_pkcs12_get_nickname(key);
-
- if(nickname && sec_pkcs12_set_nickname(cert, nickname)
- != SECSuccess) {
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->problem = PR_TRUE;
- if(nickname) {
- SECITEM_ZfreeItem(nickname, PR_TRUE);
- }
- return NULL;
- }
- }
-
- return nickname;
-}
-
-/* set the nickname for the certificate */
-static SECStatus
-sec_pkcs12_set_nickname_for_cert(sec_PKCS12SafeBag *cert,
- sec_PKCS12SafeBag *key,
- SECItem *nickname,
- void *wincx)
-{
- if(!nickname || !cert) {
- return SECFailure;
- }
-
- if(sec_pkcs12_set_nickname(cert, nickname) != SECSuccess) {
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->problem = PR_TRUE;
- return SECFailure;
- }
-
- if(key) {
- if(sec_pkcs12_set_nickname(key, nickname) != SECSuccess) {
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->problem = PR_TRUE;
- return SECFailure;
- }
- }
-
- return SECSuccess;
-}
-
-/* retrieve the DER cert from the cert bag */
-static SECItem *
-sec_pkcs12_get_der_cert(sec_PKCS12SafeBag *cert)
-{
- if(!cert) {
- return NULL;
- }
-
- if(SECOID_FindOIDTag(&cert->safeBagType) != SEC_OID_PKCS12_V1_CERT_BAG_ID) {
- return NULL;
- }
-
- /* only support X509 certs not SDSI */
- if(SECOID_FindOIDTag(&cert->safeBagContent.certBag->bagID)
- != SEC_OID_PKCS9_X509_CERT) {
- return NULL;
- }
-
- return SECITEM_DupItem(&(cert->safeBagContent.certBag->value.x509Cert));
-}
-
-struct certNickInfo {
- PRArenaPool *arena;
- unsigned int nNicks;
- SECItem **nickList;
- unsigned int error;
-};
-
-/* callback for traversing certificates to gather the nicknames
- * used in a particular traversal. for instance, when using
- * CERT_TraversePermCertsForSubject, gather the nicknames and
- * store them in the certNickInfo for a particular DN.
- *
- * this handles the case where multiple nicknames are allowed
- * for the same dn, which is not currently allowed, but may be
- * in the future.
- */
-static SECStatus
-gatherNicknames(CERTCertificate *cert, void *arg)
-{
- struct certNickInfo *nickArg = (struct certNickInfo *)arg;
- SECItem tempNick;
- unsigned int i;
-
- if(!cert || !nickArg || nickArg->error) {
- return SECFailure;
- }
-
- if(!cert->nickname) {
- return SECSuccess;
- }
-
- tempNick.data = (unsigned char *)cert->nickname;
- tempNick.len = PORT_Strlen(cert->nickname) + 1;
-
- /* do we already have the nickname in the list? */
- if(nickArg->nNicks > 0) {
-
- /* nicknames have been encountered, but there is no list -- bad */
- if(!nickArg->nickList) {
- nickArg->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
- for(i = 0; i < nickArg->nNicks; i++) {
- if(SECITEM_CompareItem(nickArg->nickList[i], &tempNick)
- == SECEqual) {
- return SECSuccess;
- }
- }
- }
-
- /* add the nickname to the list */
- if(nickArg->nNicks == 0) {
- nickArg->nickList = (SECItem **)PORT_ArenaZAlloc(nickArg->arena,
- 2 * sizeof(SECItem *));
- } else {
- nickArg->nickList = (SECItem **)PORT_ArenaGrow(nickArg->arena,
- nickArg->nickList,
- (nickArg->nNicks + 1) * sizeof(SECItem *),
- (nickArg->nNicks + 2) * sizeof(SECItem *));
- }
- if(!nickArg->nickList) {
- nickArg->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
- nickArg->nickList[nickArg->nNicks] =
- (SECItem *)PORT_ArenaZAlloc(nickArg->arena, sizeof(SECItem));
- if(!nickArg->nickList[nickArg->nNicks]) {
- nickArg->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
-
- if(SECITEM_CopyItem(nickArg->arena, nickArg->nickList[nickArg->nNicks],
- &tempNick) != SECSuccess) {
- nickArg->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
- nickArg->nNicks++;
-
- return SECSuccess;
-}
-
-/* traverses the certs in the data base or in the token for the
- * DN to see if any certs currently have a nickname set.
- * If so, return it.
- */
-static SECItem *
-sec_pkcs12_get_existing_nick_for_dn(sec_PKCS12SafeBag *cert, void *wincx)
-{
- struct certNickInfo *nickArg = NULL;
- SECItem *derCert, *returnDn = NULL;
- PRArenaPool *arena = NULL;
- CERTCertificate *tempCert;
-
- if(!cert) {
- return NULL;
- }
-
- derCert = sec_pkcs12_get_der_cert(cert);
- if(!derCert) {
- return NULL;
- }
-
- tempCert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if(!tempCert) {
- returnDn = NULL;
- goto loser;
- }
-
- arena = PORT_NewArena(1024);
- if(!arena) {
- returnDn = NULL;
- goto loser;
- }
- nickArg = (struct certNickInfo *)PORT_ArenaZAlloc(arena,
- sizeof(struct certNickInfo));
- if(!nickArg) {
- returnDn = NULL;
- goto loser;
- }
- nickArg->error = 0;
- nickArg->nNicks = 0;
- nickArg->nickList = NULL;
- nickArg->arena = arena;
-
- /* if the token is local, first traverse the cert database
- * then traverse the token.
- */
- if(PK11_TraverseCertsForSubjectInSlot(tempCert, cert->slot, gatherNicknames,
- (void *)nickArg) != SECSuccess) {
- returnDn = NULL;
- goto loser;
- }
-
- if(nickArg->error) {
- /* XXX do we want to set the error? */
- returnDn = NULL;
- goto loser;
- }
-
- if(nickArg->nNicks == 0) {
- returnDn = NULL;
- goto loser;
- }
-
- /* set it to the first name, for now. handle multiple names? */
- returnDn = SECITEM_DupItem(nickArg->nickList[0]);
-
-loser:
- if(arena) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- if(tempCert) {
- CERT_DestroyCertificate(tempCert);
- }
-
- if(derCert) {
- SECITEM_FreeItem(derCert, PR_TRUE);
- }
-
- return (returnDn);
-}
-
-/* counts certificates found for a given traversal function */
-static SECStatus
-countCertificate(CERTCertificate *cert, void *arg)
-{
- unsigned int *nCerts = (unsigned int *)arg;
-
- if(!cert || !arg) {
- return SECFailure;
- }
-
- (*nCerts)++;
- return SECSuccess;
-}
-
-static PRBool
-sec_pkcs12_certs_for_nickname_exist(SECItem *nickname, PK11SlotInfo *slot)
-{
- unsigned int nCerts = 0;
-
- if(!nickname || !slot) {
- return PR_TRUE;
- }
-
- /* we want to check the local database first if we are importing to it */
- PK11_TraverseCertsForNicknameInSlot(nickname, slot, countCertificate,
- (void *)&nCerts);
- if(nCerts) return PR_TRUE;
-
- return PR_FALSE;
-}
-
-/* validate cert nickname such that there is a one-to-one relation
- * between nicknames and dn's. we want to enforce the case that the
- * nickname is non-NULL and that there is only one nickname per DN.
- *
- * if there is a problem with a nickname or the nickname is not present,
- * the user will be prompted for it.
- */
-static void
-sec_pkcs12_validate_cert_nickname(sec_PKCS12SafeBag *cert,
- sec_PKCS12SafeBag *key,
- SEC_PKCS12NicknameCollisionCallback nicknameCb,
- void *wincx)
-{
- SECItem *certNickname, *existingDNNick;
- PRBool setNickname = PR_FALSE, cancel = PR_FALSE;
- SECItem *newNickname = NULL;
-
- if(!cert || !cert->hasKey) {
- return;
- }
-
- if(!nicknameCb) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- return;
- }
-
- if(cert->hasKey && !key) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- return;
- }
-
- certNickname = sec_pkcs12_get_nickname_for_cert(cert, key, wincx);
- existingDNNick = sec_pkcs12_get_existing_nick_for_dn(cert, wincx);
-
- /* nickname is already used w/ this dn, so it is safe to return */
- if(certNickname && existingDNNick &&
- SECITEM_CompareItem(certNickname, existingDNNick) == SECEqual) {
- goto loser;
- }
-
- /* nickname not set in pkcs 12 bags, but a nick is already used for
- * this dn. set the nicks in the p12 bags and finish.
- */
- if(existingDNNick) {
- if(sec_pkcs12_set_nickname_for_cert(cert, key, existingDNNick, wincx)
- != SECSuccess) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- }
- goto loser;
- }
-
- /* at this point, we have a certificate for which the DN is not located
- * on the token. the nickname specified may or may not be NULL. if it
- * is not null, we need to make sure that there are no other certificates
- * with this nickname in the token for it to be valid. this imposes a
- * one to one relationship between DN and nickname.
- *
- * if the nickname is null, we need the user to enter a nickname for
- * the certificate.
- *
- * once we have a nickname, we make sure that the nickname is unique
- * for the DN. if it is not, the user is reprompted to enter a new
- * nickname.
- *
- * in order to exit this loop, the nickname entered is either unique
- * or the user hits cancel and the certificate is not imported.
- */
- setNickname = PR_FALSE;
- while(1) {
- if(certNickname && certNickname->data) {
- /* we will use the nickname so long as no other certs have the
- * same nickname. and the nickname is not NULL.
- */
- if(!sec_pkcs12_certs_for_nickname_exist(certNickname, cert->slot)) {
- if(setNickname) {
- if(sec_pkcs12_set_nickname_for_cert(cert, key, certNickname,
- wincx) != SECSuccess) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- }
- }
- goto loser;
- }
- }
-
- setNickname = PR_FALSE;
- newNickname = (*nicknameCb)(certNickname, &cancel, wincx);
- if(cancel) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_USER_CANCELLED;
- goto loser;
- }
-
- if(!newNickname) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- /* at this point we have a new nickname, if we have an existing
- * certNickname, we need to free it and assign the new nickname
- * to it to avoid a memory leak. happy?
- */
- if(certNickname) {
- SECITEM_ZfreeItem(certNickname, PR_TRUE);
- certNickname = NULL;
- }
-
- certNickname = newNickname;
- setNickname = PR_TRUE;
- /* go back and recheck the new nickname */
- }
-
-loser:
- if(certNickname) {
- SECITEM_ZfreeItem(certNickname, PR_TRUE);
- }
-
- if(existingDNNick) {
- SECITEM_ZfreeItem(existingDNNick, PR_TRUE);
- }
-}
-
-static void
-sec_pkcs12_validate_cert(sec_PKCS12SafeBag *cert,
- sec_PKCS12SafeBag *key,
- SEC_PKCS12NicknameCollisionCallback nicknameCb,
- void *wincx)
-{
- CERTCertificate *leafCert, *testCert;
-
- if(!cert) {
- return;
- }
-
- cert->validated = PR_TRUE;
-
- if(!nicknameCb) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->noInstall = PR_TRUE;
- return;
- }
-
- if(!cert->safeBagContent.certBag) {
- cert->noInstall = PR_TRUE;
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE;
- return;
- }
-
- cert->noInstall = PR_FALSE;
- cert->removeExisting = PR_FALSE;
- cert->problem = PR_FALSE;
- cert->error = 0;
-
- leafCert = CERT_DecodeDERCertificate(
- &cert->safeBagContent.certBag->value.x509Cert, PR_FALSE, NULL);
- if(!leafCert) {
- cert->noInstall = PR_TRUE;
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- return;
- }
-
- testCert = PK11_FindCertFromDERCert(cert->slot, leafCert, wincx);
- CERT_DestroyCertificate(leafCert);
- /* if we can't find the certificate through the PKCS11 interface,
- * we should check the cert database directly, if we are
- * importing to an internal slot.
- */
- if(!testCert && PK11_IsInternal(cert->slot)) {
- testCert = CERT_FindCertByDERCert(CERT_GetDefaultCertDB(),
- &cert->safeBagContent.certBag->value.x509Cert);
- }
-
- if(testCert) {
- if(!testCert->nickname) {
- cert->removeExisting = PR_TRUE;
- }
- CERT_DestroyCertificate(testCert);
- if(cert->noInstall && !cert->removeExisting) {
- return;
- }
- }
-
- sec_pkcs12_validate_cert_nickname(cert, key, nicknameCb, wincx);
-}
-
-static void
-sec_pkcs12_validate_key_by_cert(sec_PKCS12SafeBag *cert, sec_PKCS12SafeBag *key,
- void *wincx)
-{
- CERTCertificate *leafCert;
- SECKEYPrivateKey *privk;
-
- if(!key) {
- return;
- }
-
- key->validated = PR_TRUE;
-
- if(!cert) {
- key->problem = PR_TRUE;
- key->noInstall = PR_TRUE;
- key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
- return;
- }
-
- leafCert = CERT_DecodeDERCertificate(
- &(cert->safeBagContent.certBag->value.x509Cert), PR_FALSE, NULL);
- if(!leafCert) {
- key->problem = PR_TRUE;
- key->noInstall = PR_TRUE;
- key->error = SEC_ERROR_NO_MEMORY;
- return;
- }
-
- privk = PK11_FindPrivateKeyFromCert(key->slot, leafCert, wincx);
- if(!privk) {
- privk = PK11_FindKeyByDERCert(key->slot, leafCert, wincx);
- }
-
- if(privk) {
- SECKEY_DestroyPrivateKey(privk);
- key->noInstall = PR_TRUE;
- }
-
- CERT_DestroyCertificate(leafCert);
-}
-
-static SECStatus
-sec_pkcs12_remove_existing_cert(sec_PKCS12SafeBag *cert,
- void *wincx)
-{
- SECItem *derCert = NULL;
- CERTCertificate *tempCert = NULL;
- CK_OBJECT_HANDLE certObj;
- PRBool removed = PR_FALSE;
-
- if(!cert) {
- return SECFailure;
- }
-
- PORT_Assert(cert->removeExisting);
-
- cert->removeExisting = PR_FALSE;
- derCert = &cert->safeBagContent.certBag->value.x509Cert;
- tempCert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if(!tempCert) {
- return SECFailure;
- }
-
- certObj = PK11_FindCertInSlot(cert->slot, tempCert, wincx);
- CERT_DestroyCertificate(tempCert);
- tempCert = NULL;
-
- if(certObj != CK_INVALID_HANDLE) {
- PK11_DestroyObject(cert->slot, certObj);
- removed = PR_TRUE;
- } else if(PK11_IsInternal(cert->slot)) {
- tempCert = CERT_FindCertByDERCert(CERT_GetDefaultCertDB(), derCert);
- if(tempCert) {
- if(SEC_DeletePermCertificate(tempCert) == SECSuccess) {
- removed = PR_TRUE;
- }
- CERT_DestroyCertificate(tempCert);
- tempCert = NULL;
- }
- }
-
- if(!removed) {
- cert->problem = PR_TRUE;
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->noInstall = PR_TRUE;
- }
-
- if(tempCert) {
- CERT_DestroyCertificate(tempCert);
- }
-
- return ((removed) ? SECSuccess : SECFailure);
-}
-
-static SECStatus
-sec_pkcs12_add_cert(sec_PKCS12SafeBag *cert, PRBool keyExists, void *wincx)
-{
- SECItem *derCert, *nickName;
- char *nickData = NULL;
- SECStatus rv;
-
- if(!cert) {
- return SECFailure;
- }
-
- if(cert->problem || cert->noInstall || cert->installed) {
- return SECSuccess;
- }
-
- derCert = &cert->safeBagContent.certBag->value.x509Cert;
- if(cert->removeExisting) {
- if(sec_pkcs12_remove_existing_cert(cert, wincx)
- != SECSuccess) {
- return SECFailure;
- }
- cert->removeExisting = PR_FALSE;
- }
-
- PORT_Assert(!cert->problem && !cert->removeExisting && !cert->noInstall);
-
- nickName = sec_pkcs12_get_nickname(cert);
- if(nickName) {
- nickData = (char *)nickName->data;
- }
-
- if(keyExists) {
- CERTCertificate *newCert;
-
- newCert = CERT_DecodeDERCertificate( derCert, PR_FALSE, NULL);
- if(!newCert) {
- if(nickName) SECITEM_ZfreeItem(nickName, PR_TRUE);
- cert->error = SEC_ERROR_NO_MEMORY;
- cert->problem = PR_TRUE;
- return SECFailure;
- }
-
- rv = PK11_ImportCertForKeyToSlot(cert->slot, newCert, nickData,
- PR_TRUE, wincx);
- CERT_DestroyCertificate(newCert);
- } else {
- SECItem *certList[2];
- certList[0] = derCert;
- certList[1] = NULL;
- rv = CERT_ImportCerts(CERT_GetDefaultCertDB(), certUsageUserCertImport,
- 1, certList, NULL, PR_TRUE, PR_FALSE, nickData);
- }
-
- cert->installed = PR_TRUE;
- if(nickName) SECITEM_ZfreeItem(nickName, PR_TRUE);
- return rv;
-}
-
-static SECStatus
-sec_pkcs12_add_key(sec_PKCS12SafeBag *key, SECItem *publicValue,
- KeyType keyType, unsigned int keyUsage, void *wincx)
-{
- SECStatus rv;
- SECItem *nickName;
-
- if(!key) {
- return SECFailure;
- }
-
- if(key->removeExisting) {
- key->problem = PR_TRUE;
- key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
- return SECFailure;
- }
-
- if(key->problem || key->noInstall) {
- return SECSuccess;
- }
-
- nickName = sec_pkcs12_get_nickname(key);
-
- switch(SECOID_FindOIDTag(&key->safeBagType))
- {
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- rv = PK11_ImportPrivateKeyInfo(key->slot,
- key->safeBagContent.pkcs8KeyBag,
- nickName, publicValue, PR_TRUE, PR_TRUE,
- keyUsage, wincx);
- break;
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- rv = PK11_ImportEncryptedPrivateKeyInfo(key->slot,
- key->safeBagContent.pkcs8ShroudedKeyBag,
- key->pwitem, nickName, publicValue,
- PR_TRUE, PR_TRUE, keyType, keyUsage,
- wincx);
- break;
- default:
- key->error = SEC_ERROR_PKCS12_UNSUPPORTED_VERSION;
- key->problem = PR_TRUE;
- if(nickName) {
- SECITEM_ZfreeItem(nickName, PR_TRUE);
- }
- return SECFailure;
- }
-
- key->installed = PR_TRUE;
-
- if(nickName) {
- SECITEM_ZfreeItem(nickName, PR_TRUE);
- }
-
- if(rv != SECSuccess) {
- key->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
- key->problem = PR_TRUE;
- } else {
- key->installed = PR_TRUE;
- }
-
- return rv;
-}
-
-static SECStatus
-sec_pkcs12_add_item_to_bag_list(sec_PKCS12SafeBag ***bagList,
- sec_PKCS12SafeBag *bag)
-{
- int i = 0;
-
- if(!bagList || !bag) {
- return SECFailure;
- }
-
- if(!(*bagList)) {
- (*bagList) = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(bag->arena,
- sizeof(sec_PKCS12SafeBag *) * 2);
- } else {
- while((*bagList)[i]) i++;
- (*bagList) = (sec_PKCS12SafeBag **)PORT_ArenaGrow(bag->arena, *bagList,
- sizeof(sec_PKCS12SafeBag *) * (i + 1),
- sizeof(sec_PKCS12SafeBag *) * (i + 2));
- }
-
- if(!(*bagList)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- (*bagList)[i] = bag;
- (*bagList)[i+1] = NULL;
-
- return SECSuccess;
-}
-
-static sec_PKCS12SafeBag **
-sec_pkcs12_find_certs_for_key(sec_PKCS12SafeBag **safeBags, sec_PKCS12SafeBag *key )
-{
- sec_PKCS12SafeBag **certList = NULL;
- SECItem *keyId;
- int i;
-
- if(!safeBags || !safeBags[0]) {
- return NULL;
- }
-
- keyId = sec_pkcs12_get_attribute_value(key, SEC_OID_PKCS9_LOCAL_KEY_ID);
- if(!keyId) {
- return NULL;
- }
-
- i = 0;
- certList = NULL;
- while(safeBags[i]) {
- if(SECOID_FindOIDTag(&(safeBags[i]->safeBagType))
- == SEC_OID_PKCS12_V1_CERT_BAG_ID) {
- SECItem *certKeyId = sec_pkcs12_get_attribute_value(safeBags[i],
- SEC_OID_PKCS9_LOCAL_KEY_ID);
-
- if(certKeyId && (SECITEM_CompareItem(certKeyId, keyId)
- == SECEqual)) {
- if(sec_pkcs12_add_item_to_bag_list(&certList, safeBags[i])
- != SECSuccess) {
- return NULL;
- }
- }
- }
- i++;
- }
-
- return certList;
-}
-
-CERTCertList *
-SEC_PKCS12DecoderGetCerts(SEC_PKCS12DecoderContext *p12dcx)
-{
- CERTCertList *certList = NULL;
- sec_PKCS12SafeBag **safeBags = p12dcx->safeBags;
- int i;
-
- if (!p12dcx || !p12dcx->safeBags || !p12dcx->safeBags[0]) {
- return NULL;
- }
-
- safeBags = p12dcx->safeBags;
- i = 0;
- certList = CERT_NewCertList();
-
- if (certList == NULL) {
- return NULL;
- }
-
- while(safeBags[i]) {
- if (SECOID_FindOIDTag(&(safeBags[i]->safeBagType))
- == SEC_OID_PKCS12_V1_CERT_BAG_ID) {
- SECItem *derCert = sec_pkcs12_get_der_cert(safeBags[i]) ;
- CERTCertificate *tempCert = NULL;
-
- if (derCert == NULL) continue;
- tempCert=CERT_DecodeDERCertificate(derCert, PR_TRUE, NULL);
-
- if (tempCert) {
- CERT_AddCertToListTail(certList,tempCert);
- }
- SECITEM_FreeItem(derCert,PR_TRUE);
- }
- i++;
- }
-
- return certList;
-}
-static sec_PKCS12SafeBag **
-sec_pkcs12_get_key_bags(sec_PKCS12SafeBag **safeBags)
-{
- int i;
- sec_PKCS12SafeBag **keyList = NULL;
- SECOidTag bagType;
-
- if(!safeBags || !safeBags[0]) {
- return NULL;
- }
-
- i = 0;
- while(safeBags[i]) {
- bagType = SECOID_FindOIDTag(&(safeBags[i]->safeBagType));
- switch(bagType) {
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- if(sec_pkcs12_add_item_to_bag_list(&keyList, safeBags[i])
- != SECSuccess) {
- return NULL;
- }
- break;
- default:
- break;
- }
- i++;
- }
-
- return keyList;
-}
-
-static SECStatus
-sec_pkcs12_validate_bags(sec_PKCS12SafeBag **safeBags,
- SEC_PKCS12NicknameCollisionCallback nicknameCb,
- void *wincx)
-{
- sec_PKCS12SafeBag **keyList;
- int i;
-
- if(!safeBags || !nicknameCb) {
- return SECFailure;
- }
-
- if(!safeBags[0]) {
- return SECSuccess;
- }
-
- keyList = sec_pkcs12_get_key_bags(safeBags);
- if(keyList) {
- i = 0;
-
- while(keyList[i]) {
- sec_PKCS12SafeBag **certList = sec_pkcs12_find_certs_for_key(
- safeBags, keyList[i]);
- if(certList) {
- int j = 0;
-
- if(SECOID_FindOIDTag(&(keyList[i]->safeBagType)) ==
- SEC_OID_PKCS12_V1_KEY_BAG_ID) {
- /* if it is an unencrypted private key then make sure
- * the attributes are propageted to the appropriate
- * level
- */
- if(sec_pkcs12_get_key_info(keyList[i]) != SECSuccess) {
- keyList[i]->problem = PR_TRUE;
- keyList[i]->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
- }
-
- sec_pkcs12_validate_key_by_cert(certList[0], keyList[i], wincx);
- while(certList[j]) {
- certList[j]->hasKey = PR_TRUE;
- if(keyList[i]->problem) {
- certList[j]->problem = PR_TRUE;
- certList[j]->error = keyList[i]->error;
- } else {
- sec_pkcs12_validate_cert(certList[j], keyList[i],
- nicknameCb, wincx);
- if(certList[j]->problem) {
- keyList[i]->problem = certList[j]->problem;
- keyList[i]->error = certList[j]->error;
- }
- }
- j++;
- }
- }
-
- i++;
- }
- }
-
- i = 0;
- while(safeBags[i]) {
- if(!safeBags[i]->validated) {
- SECOidTag bagType = SECOID_FindOIDTag(&safeBags[i]->safeBagType);
-
- switch(bagType) {
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- sec_pkcs12_validate_cert(safeBags[i], NULL, nicknameCb,
- wincx);
- break;
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- safeBags[i]->noInstall = PR_TRUE;
- safeBags[i]->problem = PR_TRUE;
- safeBags[i]->error = SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY;
- break;
- default:
- safeBags[i]->noInstall = PR_TRUE;
- }
- }
- i++;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-SEC_PKCS12DecoderValidateBags(SEC_PKCS12DecoderContext *p12dcx,
- SEC_PKCS12NicknameCollisionCallback nicknameCb)
-{
- SECStatus rv;
- int i, noInstallCnt, probCnt, bagCnt, errorVal = 0;
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- rv = sec_pkcs12_validate_bags(p12dcx->safeBags, nicknameCb, p12dcx->wincx);
- if(rv == SECSuccess) {
- p12dcx->bagsVerified = PR_TRUE;
- }
-
- noInstallCnt = probCnt = bagCnt = 0;
- i = 0;
- while(p12dcx->safeBags[i]) {
- bagCnt++;
- if(p12dcx->safeBags[i]->noInstall) noInstallCnt++;
- if(p12dcx->safeBags[i]->problem) {
- probCnt++;
- errorVal = p12dcx->safeBags[i]->error;
- }
- i++;
- }
-
- if(bagCnt == noInstallCnt) {
- PORT_SetError(SEC_ERROR_PKCS12_DUPLICATE_DATA);
- return SECFailure;
- }
-
- if(probCnt) {
- PORT_SetError(errorVal);
- return SECFailure;
- }
-
- return rv;
-}
-
-static SECItem *
-sec_pkcs12_get_public_value_and_type(sec_PKCS12SafeBag *certBag,
- KeyType *type, unsigned int *usage)
-{
- SECKEYPublicKey *pubKey = NULL;
- CERTCertificate *cert = NULL;
- SECItem *pubValue;
-
- *type = nullKey;
- *usage = 0;
-
- if(!certBag) {
- return NULL;
- }
-
- cert = CERT_DecodeDERCertificate(
- &certBag->safeBagContent.certBag->value.x509Cert, PR_FALSE, NULL);
- if(!cert) {
- return NULL;
- }
-
- *usage = cert->keyUsage;
- pubKey = CERT_ExtractPublicKey(cert);
- CERT_DestroyCertificate(cert);
- if(!pubKey) {
- return NULL;
- }
-
- *type = pubKey->keyType;
- switch(pubKey->keyType) {
- case dsaKey:
- pubValue = SECITEM_DupItem(&pubKey->u.dsa.publicValue);
- break;
- case dhKey:
- pubValue = SECITEM_DupItem(&pubKey->u.dh.publicValue);
- break;
- case rsaKey:
- pubValue = SECITEM_DupItem(&pubKey->u.rsa.modulus);
- break;
- default:
- pubValue = NULL;
- }
-
- SECKEY_DestroyPublicKey(pubKey);
-
- return pubValue;
-}
-
-static SECStatus
-sec_pkcs12_install_bags(sec_PKCS12SafeBag **safeBags,
- void *wincx)
-{
- sec_PKCS12SafeBag **keyList, **certList;
- int i;
-
- if(!safeBags) {
- return SECFailure;
- }
-
- if(!safeBags[0]) {
- return SECSuccess;
- }
-
- keyList = sec_pkcs12_get_key_bags(safeBags);
- if(keyList) {
- i = 0;
-
- while(keyList[i]) {
- SECStatus rv;
- SECItem *publicValue = NULL;
- KeyType keyType;
- unsigned int keyUsage;
-
- if(keyList[i]->problem) {
- goto next_key_bag;
- }
-
- certList = sec_pkcs12_find_certs_for_key(safeBags,
- keyList[i]);
- if(certList) {
- publicValue = sec_pkcs12_get_public_value_and_type(certList[0],
- &keyType, &keyUsage);
- }
- rv = sec_pkcs12_add_key(keyList[i], publicValue, keyType, keyUsage,
- wincx);
- if(publicValue) {
- SECITEM_FreeItem(publicValue, PR_TRUE);
- }
- if(rv != SECSuccess) {
- PORT_SetError(keyList[i]->error);
- return SECFailure;
- }
-
- if(certList) {
- int j = 0;
-
- while(certList[j]) {
- SECStatus certRv;
-
- if(rv != SECSuccess) {
- certList[j]->problem = keyList[i]->problem;
- certList[j]->error = keyList[i]->error;
- certList[j]->noInstall = PR_TRUE;
- goto next_cert_bag;
- }
-
- certRv = sec_pkcs12_add_cert(certList[j],
- certList[j]->hasKey, wincx);
- if(certRv != SECSuccess) {
- keyList[i]->problem = certList[j]->problem;
- keyList[i]->error = certList[j]->error;
- PORT_SetError(certList[j]->error);
- return SECFailure;
- }
-next_cert_bag:
- j++;
- }
- }
-
-next_key_bag:
- i++;
- }
- }
-
- i = 0;
- while(safeBags[i]) {
- if(!safeBags[i]->installed) {
- SECStatus rv;
- SECOidTag bagType = SECOID_FindOIDTag(&(safeBags[i]->safeBagType));
-
- switch(bagType) {
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- rv = sec_pkcs12_add_cert(safeBags[i], safeBags[i]->hasKey,
- wincx);
- if(rv != SECSuccess) {
- PORT_SetError(safeBags[i]->error);
- return SECFailure;
- }
- break;
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- default:
- break;
- }
- }
- i++;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-SEC_PKCS12DecoderImportBags(SEC_PKCS12DecoderContext *p12dcx)
-{
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- if(!p12dcx->bagsVerified) {
- return SECFailure;
- }
-
- return sec_pkcs12_install_bags(p12dcx->safeBags, p12dcx->wincx);
-}
-
-static SECStatus
-sec_pkcs12_decoder_append_bag_to_context(SEC_PKCS12DecoderContext *p12dcx,
- sec_PKCS12SafeBag *bag)
-{
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- if(!p12dcx->safeBagCount) {
- p12dcx->safeBags = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeBag *) * 2);
- } else {
- p12dcx->safeBags =
- (sec_PKCS12SafeBag **)PORT_ArenaGrow(p12dcx->arena, p12dcx->safeBags,
- (p12dcx->safeBagCount + 1) * sizeof(sec_PKCS12SafeBag *),
- (p12dcx->safeBagCount + 2) * sizeof(sec_PKCS12SafeBag *));
- }
-
- if(!p12dcx->safeBags) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- p12dcx->safeBags[p12dcx->safeBagCount] = bag;
- p12dcx->safeBags[p12dcx->safeBagCount+1] = NULL;
- p12dcx->safeBagCount++;
-
- return SECSuccess;
-}
-
-static sec_PKCS12SafeBag *
-sec_pkcs12_decoder_convert_old_key(SEC_PKCS12DecoderContext *p12dcx,
- void *key, PRBool isEspvk)
-{
- sec_PKCS12SafeBag *keyBag;
- SECOidData *oid;
- SECOidTag keyTag;
- SECItem *keyID, *nickName, *newNickName;
-
- if(!p12dcx || p12dcx->error || !key) {
- return NULL;
- }
-
- newNickName =(SECItem *)PORT_ArenaZAlloc(p12dcx->arena, sizeof(SECItem));
- keyBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeBag));
- if(!keyBag || !newNickName) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- keyBag->swapUnicodeBytes = p12dcx->swapUnicodeBytes;
- keyBag->slot = p12dcx->slot;
- keyBag->arena = p12dcx->arena;
- keyBag->pwitem = p12dcx->pwitem;
- keyBag->oldBagType = PR_TRUE;
-
- keyTag = (isEspvk) ? SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID :
- SEC_OID_PKCS12_V1_KEY_BAG_ID;
- oid = SECOID_FindOIDByTag(keyTag);
- if(!oid) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- if(SECITEM_CopyItem(p12dcx->arena, &keyBag->safeBagType, &oid->oid)
- != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- if(isEspvk) {
- SEC_PKCS12ESPVKItem *espvk = (SEC_PKCS12ESPVKItem *)key;
- keyBag->safeBagContent.pkcs8ShroudedKeyBag =
- espvk->espvkCipherText.pkcs8KeyShroud;
- nickName = &(espvk->espvkData.uniNickName);
- if(!espvk->espvkData.assocCerts || !espvk->espvkData.assocCerts[0]) {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return NULL;
- }
- keyID = &espvk->espvkData.assocCerts[0]->digest;
- } else {
- SEC_PKCS12PrivateKey *pk = (SEC_PKCS12PrivateKey *)key;
- keyBag->safeBagContent.pkcs8KeyBag = &pk->pkcs8data;
- nickName= &(pk->pvkData.uniNickName);
- if(!pk->pvkData.assocCerts || !pk->pvkData.assocCerts[0]) {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return NULL;
- }
- keyID = &pk->pvkData.assocCerts[0]->digest;
- }
-
- if(nickName->len) {
- if(nickName->len >= 2) {
- if(nickName->data[0] && nickName->data[1]) {
- if(!sec_pkcs12_convert_item_to_unicode(p12dcx->arena, newNickName,
- nickName, PR_FALSE, PR_FALSE, PR_TRUE)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- nickName = newNickName;
- } else if(nickName->data[0] && !nickName->data[1]) {
- unsigned int j = 0;
- unsigned char t;
- for(j = 0; j < nickName->len; j+=2) {
- t = nickName->data[j+1];
- nickName->data[j+1] = nickName->data[j];
- nickName->data[j] = t;
- }
- }
- } else {
- if(!sec_pkcs12_convert_item_to_unicode(p12dcx->arena, newNickName,
- nickName, PR_FALSE, PR_FALSE, PR_TRUE)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- nickName = newNickName;
- }
- }
-
- if(sec_pkcs12_decoder_set_attribute_value(keyBag,
- SEC_OID_PKCS9_FRIENDLY_NAME,
- nickName) != SECSuccess) {
- return NULL;
- }
-
- if(sec_pkcs12_decoder_set_attribute_value(keyBag,SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyID) != SECSuccess) {
- return NULL;
- }
-
- return keyBag;
-}
-
-static sec_PKCS12SafeBag *
-sec_pkcs12_decoder_create_cert(SEC_PKCS12DecoderContext *p12dcx,
- SECItem *derCert)
-{
- sec_PKCS12SafeBag *certBag;
- SECOidData *oid;
- SGNDigestInfo *digest;
- SECItem *keyId;
- SECStatus rv;
-
- if(!p12dcx || p12dcx->error || !derCert) {
- return NULL;
- }
-
- keyId = (SECItem *)PORT_ArenaZAlloc(p12dcx->arena, sizeof(SECItem));
- if(!keyId) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- digest = sec_pkcs12_compute_thumbprint(derCert);
- if(!digest) {
- return NULL;
- }
-
- rv = SECITEM_CopyItem(p12dcx->arena, keyId, &digest->digest);
- SGN_DestroyDigestInfo(digest);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- oid = SECOID_FindOIDByTag(SEC_OID_PKCS12_V1_CERT_BAG_ID);
- certBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12SafeBag));
- if(!certBag || !oid || (SECITEM_CopyItem(p12dcx->arena,
- &certBag->safeBagType, &oid->oid) != SECSuccess)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- certBag->slot = p12dcx->slot;
- certBag->pwitem = p12dcx->pwitem;
- certBag->swapUnicodeBytes = p12dcx->swapUnicodeBytes;
- certBag->arena = p12dcx->arena;
-
- oid = SECOID_FindOIDByTag(SEC_OID_PKCS9_X509_CERT);
- certBag->safeBagContent.certBag =
- (sec_PKCS12CertBag *)PORT_ArenaZAlloc(p12dcx->arena,
- sizeof(sec_PKCS12CertBag));
- if(!certBag->safeBagContent.certBag || !oid ||
- (SECITEM_CopyItem(p12dcx->arena,
- &certBag->safeBagContent.certBag->bagID,
- &oid->oid) != SECSuccess)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- if(SECITEM_CopyItem(p12dcx->arena,
- &(certBag->safeBagContent.certBag->value.x509Cert),
- derCert) != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- if(sec_pkcs12_decoder_set_attribute_value(certBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyId) != SECSuccess) {
- return NULL;
- }
-
- return certBag;
-}
-
-static sec_PKCS12SafeBag **
-sec_pkcs12_decoder_convert_old_cert(SEC_PKCS12DecoderContext *p12dcx,
- SEC_PKCS12CertAndCRL *oldCert)
-{
- sec_PKCS12SafeBag **certList;
- SECItem **derCertList;
- int i, j;
-
- if(!p12dcx || p12dcx->error || !oldCert) {
- return NULL;
- }
-
- derCertList = SEC_PKCS7GetCertificateList(&oldCert->value.x509->certOrCRL);
- if(!derCertList) {
- return NULL;
- }
-
- i = 0;
- while(derCertList[i]) i++;
-
- certList = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(p12dcx->arena,
- (i + 1) * sizeof(sec_PKCS12SafeBag *));
- if(!certList) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- for(j = 0; j < i; j++) {
- certList[j] = sec_pkcs12_decoder_create_cert(p12dcx, derCertList[j]);
- if(!certList[j]) {
- return NULL;
- }
- }
-
- return certList;
-}
-
-static SECStatus
-sec_pkcs12_decoder_convert_old_key_and_certs(SEC_PKCS12DecoderContext *p12dcx,
- void *oldKey, PRBool isEspvk,
- SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- sec_PKCS12SafeBag *key, **certList;
- SEC_PKCS12CertAndCRL *oldCert;
- SEC_PKCS12PVKSupportingData *pvkData;
- int i;
- SECItem *keyName;
-
- if(!p12dcx || !oldKey) {
- return SECFailure;
- }
-
- if(isEspvk) {
- pvkData = &((SEC_PKCS12ESPVKItem *)(oldKey))->espvkData;
- } else {
- pvkData = &((SEC_PKCS12PrivateKey *)(oldKey))->pvkData;
- }
-
- if(!pvkData->assocCerts || !pvkData->assocCerts[0]) {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return SECFailure;
- }
-
- oldCert = (SEC_PKCS12CertAndCRL *)sec_pkcs12_find_object(safe, baggage,
- SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID, NULL,
- pvkData->assocCerts[0]);
- if(!oldCert) {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return SECFailure;
- }
-
- key = sec_pkcs12_decoder_convert_old_key(p12dcx,oldKey, isEspvk);
- certList = sec_pkcs12_decoder_convert_old_cert(p12dcx, oldCert);
- if(!key || !certList) {
- return SECFailure;
- }
-
- if(sec_pkcs12_decoder_append_bag_to_context(p12dcx, key) != SECSuccess) {
- return SECFailure;
- }
-
- keyName = sec_pkcs12_get_nickname(key);
- if(!keyName) {
- return SECFailure;
- }
-
- i = 0;
- while(certList[i]) {
- if(sec_pkcs12_decoder_append_bag_to_context(p12dcx, certList[i])
- != SECSuccess) {
- return SECFailure;
- }
- i++;
- }
-
- certList = sec_pkcs12_find_certs_for_key(p12dcx->safeBags, key);
- if(!certList) {
- return SECFailure;
- }
-
- i = 0;
- while(certList[i] != 0) {
- if(sec_pkcs12_set_nickname(certList[i], keyName) != SECSuccess) {
- return SECFailure;
- }
- i++;
- }
-
- return SECSuccess;
-}
-
-static SECStatus
-sec_pkcs12_decoder_convert_old_safe_to_bags(SEC_PKCS12DecoderContext *p12dcx,
- SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- SECStatus rv;
-
- if(!p12dcx || p12dcx->error) {
- return SECFailure;
- }
-
- if(safe && safe->contents) {
- int i = 0;
- while(safe->contents[i] != NULL) {
- if(SECOID_FindOIDTag(&safe->contents[i]->safeBagType)
- == SEC_OID_PKCS12_KEY_BAG_ID) {
- int j = 0;
- SEC_PKCS12PrivateKeyBag *privBag =
- safe->contents[i]->safeContent.keyBag;
-
- while(privBag->privateKeys[j] != NULL) {
- SEC_PKCS12PrivateKey *pk = privBag->privateKeys[j];
- rv = sec_pkcs12_decoder_convert_old_key_and_certs(p12dcx,pk,
- PR_FALSE, safe, baggage);
- if(rv != SECSuccess) {
- goto loser;
- }
- j++;
- }
- }
- i++;
- }
- }
-
- if(baggage && baggage->bags) {
- int i = 0;
- while(baggage->bags[i] != NULL) {
- SEC_PKCS12BaggageItem *bag = baggage->bags[i];
- int j = 0;
-
- if(!bag->espvks) {
- i++;
- continue;
- }
-
- while(bag->espvks[j] != NULL) {
- SEC_PKCS12ESPVKItem *espvk = bag->espvks[j];
- rv = sec_pkcs12_decoder_convert_old_key_and_certs(p12dcx, espvk,
- PR_TRUE, safe, baggage);
- if(rv != SECSuccess) {
- goto loser;
- }
- j++;
- }
- i++;
- }
- }
-
- return SECSuccess;
-
-loser:
- return SECFailure;
-}
-
-SEC_PKCS12DecoderContext *
-sec_PKCS12ConvertOldSafeToNew(PRArenaPool *arena, PK11SlotInfo *slot,
- PRBool swapUnicode, SECItem *pwitem,
- void *wincx, SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- SEC_PKCS12DecoderContext *p12dcx;
-
- if(!arena || !slot || !pwitem) {
- return NULL;
- }
-
- if(!safe && !baggage) {
- return NULL;
- }
-
- p12dcx = (SEC_PKCS12DecoderContext *)PORT_ArenaZAlloc(arena,
- sizeof(SEC_PKCS12DecoderContext));
- if(!p12dcx) {
- return NULL;
- }
-
- p12dcx->arena = arena;
- p12dcx->slot = slot;
- p12dcx->wincx = wincx;
- p12dcx->error = PR_FALSE;
- p12dcx->swapUnicodeBytes = swapUnicode;
- p12dcx->pwitem = pwitem;
-
- if(sec_pkcs12_decoder_convert_old_safe_to_bags(p12dcx, safe, baggage)
- != SECSuccess) {
- p12dcx->error = PR_TRUE;
- return NULL;
- }
-
- return p12dcx;
-}
diff --git a/security/nss/lib/pkcs12/p12dec.c b/security/nss/lib/pkcs12/p12dec.c
deleted file mode 100644
index f1f9fe464..000000000
--- a/security/nss/lib/pkcs12/p12dec.c
+++ /dev/null
@@ -1,693 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "pkcs12.h"
-#include "plarena.h"
-#include "secpkcs7.h"
-#include "p12local.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secport.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "secerr.h"
-#include "cert.h"
-#include "certdb.h"
-#include "p12plcy.h"
-#include "p12.h"
-/*#include "secpkcs5.h" */
-
-/* PFX extraction and validation routines */
-
-/* decode the DER encoded PFX item. if unable to decode, check to see if it
- * is an older PFX item. If that fails, assume the file was not a valid
- * pfx file.
- * the returned pfx structure should be destroyed using SEC_PKCS12DestroyPFX
- */
-static SEC_PKCS12PFXItem *
-sec_pkcs12_decode_pfx(SECItem *der_pfx)
-{
- SEC_PKCS12PFXItem *pfx;
- SECStatus rv;
-
- if(der_pfx == NULL) {
- return NULL;
- }
-
- /* allocate the space for a new PFX item */
- pfx = sec_pkcs12_new_pfx();
- if(pfx == NULL) {
- return NULL;
- }
-
- rv = SEC_ASN1DecodeItem(pfx->poolp, pfx, SEC_PKCS12PFXItemTemplate,
- der_pfx);
-
- /* if a failure occurred, check for older version...
- * we also get rid of the old pfx structure, because we don't
- * know where it failed and what data in may contain
- */
- if(rv != SECSuccess) {
- SEC_PKCS12DestroyPFX(pfx);
- pfx = sec_pkcs12_new_pfx();
- if(pfx == NULL) {
- return NULL;
- }
- rv = SEC_ASN1DecodeItem(pfx->poolp, pfx, SEC_PKCS12PFXItemTemplate_OLD,
- der_pfx);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_PKCS12_DECODING_PFX);
- PORT_FreeArena(pfx->poolp, PR_TRUE);
- return NULL;
- }
- pfx->old = PR_TRUE;
- SGN_CopyDigestInfo(pfx->poolp, &pfx->macData.safeMac, &pfx->old_safeMac);
- SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, &pfx->old_macSalt);
- } else {
- pfx->old = PR_FALSE;
- }
-
- /* convert bit string from bits to bytes */
- pfx->macData.macSalt.len /= 8;
-
- return pfx;
-}
-
-/* validate the integrity MAC used in the PFX. The MAC is generated
- * per the PKCS 12 document. If the MAC is incorrect, it is most likely
- * due to an invalid password.
- * pwitem is the integrity password
- * pfx is the decoded pfx item
- */
-static PRBool
-sec_pkcs12_check_pfx_mac(SEC_PKCS12PFXItem *pfx,
- SECItem *pwitem)
-{
- SECItem *key = NULL, *mac = NULL, *data = NULL;
- SECItem *vpwd = NULL;
- SECOidTag algorithm;
- PRBool ret = PR_FALSE;
-
- if(pfx == NULL) {
- return PR_FALSE;
- }
-
- algorithm = SECOID_GetAlgorithmTag(&pfx->macData.safeMac.digestAlgorithm);
- switch(algorithm) {
- /* only SHA1 hashing supported as a MACing algorithm */
- case SEC_OID_SHA1:
- if(pfx->old == PR_FALSE) {
- pfx->swapUnicode = PR_FALSE;
- }
-
-recheckUnicodePassword:
- vpwd = sec_pkcs12_create_virtual_password(pwitem,
- &pfx->macData.macSalt,
- pfx->swapUnicode);
- if(vpwd == NULL) {
- return PR_FALSE;
- }
-
- key = sec_pkcs12_generate_key_from_password(algorithm,
- &pfx->macData.macSalt,
- (pfx->old ? pwitem : vpwd));
- /* free vpwd only for newer PFX */
- if(vpwd) {
- SECITEM_ZfreeItem(vpwd, PR_TRUE);
- }
- if(key == NULL) {
- return PR_FALSE;
- }
-
- data = SEC_PKCS7GetContent(&pfx->authSafe);
- if(data == NULL) {
- break;
- }
-
- /* check MAC */
- mac = sec_pkcs12_generate_mac(key, data, pfx->old);
- ret = PR_TRUE;
- if(mac) {
- SECItem *safeMac = &pfx->macData.safeMac.digest;
- if(SECITEM_CompareItem(mac, safeMac) != SECEqual) {
-
- /* if we encounter an invalid mac, lets invert the
- * password in case of unicode changes
- */
- if(((!pfx->old) && pfx->swapUnicode) || (pfx->old)){
- PORT_SetError(SEC_ERROR_PKCS12_INVALID_MAC);
- ret = PR_FALSE;
- } else {
- SECITEM_ZfreeItem(mac, PR_TRUE);
- pfx->swapUnicode = PR_TRUE;
- goto recheckUnicodePassword;
- }
- }
- SECITEM_ZfreeItem(mac, PR_TRUE);
- } else {
- ret = PR_FALSE;
- }
- break;
- default:
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM);
- ret = PR_FALSE;
- break;
- }
-
- /* let success fall through */
- if(key != NULL)
- SECITEM_ZfreeItem(key, PR_TRUE);
-
- return ret;
-}
-
-/* check the validity of the pfx structure. we currently only support
- * password integrity mode, so we check the MAC.
- */
-static PRBool
-sec_pkcs12_validate_pfx(SEC_PKCS12PFXItem *pfx,
- SECItem *pwitem)
-{
- SECOidTag contentType;
-
- contentType = SEC_PKCS7ContentType(&pfx->authSafe);
- switch(contentType)
- {
- case SEC_OID_PKCS7_DATA:
- return sec_pkcs12_check_pfx_mac(pfx, pwitem);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- default:
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE);
- break;
- }
-
- return PR_FALSE;
-}
-
-/* decode and return the valid PFX. if the PFX item is not valid,
- * NULL is returned.
- */
-static SEC_PKCS12PFXItem *
-sec_pkcs12_get_pfx(SECItem *pfx_data,
- SECItem *pwitem)
-{
- SEC_PKCS12PFXItem *pfx;
- PRBool valid_pfx;
-
- if((pfx_data == NULL) || (pwitem == NULL)) {
- return NULL;
- }
-
- pfx = sec_pkcs12_decode_pfx(pfx_data);
- if(pfx == NULL) {
- return NULL;
- }
-
- valid_pfx = sec_pkcs12_validate_pfx(pfx, pwitem);
- if(valid_pfx != PR_TRUE) {
- SEC_PKCS12DestroyPFX(pfx);
- pfx = NULL;
- }
-
- return pfx;
-}
-
-/* authenticated safe decoding, validation, and access routines
- */
-
-/* convert dogbert beta 3 authenticated safe structure to a post
- * beta three structure, so that we don't have to change more routines.
- */
-static SECStatus
-sec_pkcs12_convert_old_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe)
-{
- SEC_PKCS12Baggage *baggage;
- SEC_PKCS12BaggageItem *bag;
- SECStatus rv = SECSuccess;
-
- if(asafe->old_baggage.espvks == NULL) {
- /* XXX should the ASN1 engine produce a single NULL element list
- * rather than setting the pointer to NULL?
- * There is no need to return an error -- assume that the list
- * was empty.
- */
- return SECSuccess;
- }
-
- baggage = sec_pkcs12_create_baggage(asafe->poolp);
- if(!baggage) {
- return SECFailure;
- }
- bag = sec_pkcs12_create_external_bag(baggage);
- if(!bag) {
- return SECFailure;
- }
-
- PORT_Memcpy(&asafe->baggage, baggage, sizeof(SEC_PKCS12Baggage));
-
- /* if there are shrouded keys, append them to the bag */
- rv = SECSuccess;
- if(asafe->old_baggage.espvks[0] != NULL) {
- int nEspvk = 0;
- rv = SECSuccess;
- while((asafe->old_baggage.espvks[nEspvk] != NULL) &&
- (rv == SECSuccess)) {
- rv = sec_pkcs12_append_shrouded_key(bag,
- asafe->old_baggage.espvks[nEspvk]);
- nEspvk++;
- }
- }
-
- return rv;
-}
-
-/* decodes the authenticated safe item. a return of NULL indicates
- * an error. however, the error will have occured either in memory
- * allocation or in decoding the authenticated safe.
- *
- * if an old PFX item has been found, we want to convert the
- * old authenticated safe to the new one.
- */
-static SEC_PKCS12AuthenticatedSafe *
-sec_pkcs12_decode_authenticated_safe(SEC_PKCS12PFXItem *pfx)
-{
- SECItem *der_asafe = NULL;
- SEC_PKCS12AuthenticatedSafe *asafe = NULL;
- SECStatus rv;
-
- if(pfx == NULL) {
- return NULL;
- }
-
- der_asafe = SEC_PKCS7GetContent(&pfx->authSafe);
- if(der_asafe == NULL) {
- /* XXX set error ? */
- goto loser;
- }
-
- asafe = sec_pkcs12_new_asafe(pfx->poolp);
- if(asafe == NULL) {
- goto loser;
- }
-
- if(pfx->old == PR_FALSE) {
- rv = SEC_ASN1DecodeItem(pfx->poolp, asafe,
- SEC_PKCS12AuthenticatedSafeTemplate,
- der_asafe);
- asafe->old = PR_FALSE;
- asafe->swapUnicode = pfx->swapUnicode;
- } else {
- /* handle beta exported files */
- rv = SEC_ASN1DecodeItem(pfx->poolp, asafe,
- SEC_PKCS12AuthenticatedSafeTemplate_OLD,
- der_asafe);
- asafe->safe = &(asafe->old_safe);
- rv = sec_pkcs12_convert_old_auth_safe(asafe);
- asafe->old = PR_TRUE;
- }
-
- if(rv != SECSuccess) {
- goto loser;
- }
-
- asafe->poolp = pfx->poolp;
-
- return asafe;
-
-loser:
- return NULL;
-}
-
-/* validates the safe within the authenticated safe item.
- * in order to be valid:
- * 1. the privacy salt must be present
- * 2. the encryption algorithm must be supported (including
- * export policy)
- * PR_FALSE indicates an error, PR_TRUE indicates a valid safe
- */
-static PRBool
-sec_pkcs12_validate_encrypted_safe(SEC_PKCS12AuthenticatedSafe *asafe)
-{
- PRBool valid = PR_FALSE;
- SECAlgorithmID *algid;
-
- if(asafe == NULL) {
- return PR_FALSE;
- }
-
- /* if mode is password privacy, then privacySalt is assumed
- * to be non-zero.
- */
- if(asafe->privacySalt.len != 0) {
- valid = PR_TRUE;
- asafe->privacySalt.len /= 8;
- } else {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- return PR_FALSE;
- }
-
- /* until spec changes, content will have between 2 and 8 bytes depending
- * upon the algorithm used if certs are unencrypted...
- * also want to support case where content is empty -- which we produce
- */
- if(SEC_PKCS7IsContentEmpty(asafe->safe, 8) == PR_TRUE) {
- asafe->emptySafe = PR_TRUE;
- return PR_TRUE;
- }
-
- asafe->emptySafe = PR_FALSE;
-
- /* make sure that a pbe algorithm is being used */
- algid = SEC_PKCS7GetEncryptionAlgorithm(asafe->safe);
- if(algid != NULL) {
- if(SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- valid = SEC_PKCS12DecryptionAllowed(algid);
-
- if(valid == PR_FALSE) {
- PORT_SetError(SEC_ERROR_BAD_EXPORT_ALGORITHM);
- }
- } else {
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM);
- valid = PR_FALSE;
- }
- } else {
- valid = PR_FALSE;
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM);
- }
-
- return valid;
-}
-
-/* validates authenticates safe:
- * 1. checks that the version is supported
- * 2. checks that only password privacy mode is used (currently)
- * 3. further, makes sure safe has appropriate policies per above function
- * PR_FALSE indicates failure.
- */
-static PRBool
-sec_pkcs12_validate_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe)
-{
- PRBool valid = PR_TRUE;
- SECOidTag safe_type;
- int version;
-
- if(asafe == NULL) {
- return PR_FALSE;
- }
-
- /* check version, since it is default it may not be present.
- * therefore, assume ok
- */
- if((asafe->version.len > 0) && (asafe->old == PR_FALSE)) {
- version = DER_GetInteger(&asafe->version);
- if(version > SEC_PKCS12_PFX_VERSION) {
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_VERSION);
- return PR_FALSE;
- }
- }
-
- /* validate password mode is being used */
- safe_type = SEC_PKCS7ContentType(asafe->safe);
- switch(safe_type)
- {
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- valid = sec_pkcs12_validate_encrypted_safe(asafe);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- default:
- PORT_SetError(SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE);
- valid = PR_FALSE;
- break;
- }
-
- return valid;
-}
-
-/* retrieves the authenticated safe item from the PFX item
- * before returning the authenticated safe, the validity of the
- * authenticated safe is checked and if valid, returned.
- * a return of NULL indicates that an error occured.
- */
-static SEC_PKCS12AuthenticatedSafe *
-sec_pkcs12_get_auth_safe(SEC_PKCS12PFXItem *pfx)
-{
- SEC_PKCS12AuthenticatedSafe *asafe;
- PRBool valid_safe;
-
- if(pfx == NULL) {
- return NULL;
- }
-
- asafe = sec_pkcs12_decode_authenticated_safe(pfx);
- if(asafe == NULL) {
- return NULL;
- }
-
- valid_safe = sec_pkcs12_validate_auth_safe(asafe);
- if(valid_safe != PR_TRUE) {
- asafe = NULL;
- } else if(asafe) {
- asafe->baggage.poolp = asafe->poolp;
- }
-
- return asafe;
-}
-
-/* decrypts the authenticated safe.
- * a return of anything but SECSuccess indicates an error. the
- * password is not known to be valid until the call to the
- * function sec_pkcs12_get_safe_contents. If decoding the safe
- * fails, it is assumed the password was incorrect and the error
- * is set then. any failure here is assumed to be due to
- * internal problems in SEC_PKCS7DecryptContents or below.
- */
-static SECStatus
-sec_pkcs12_decrypt_auth_safe(SEC_PKCS12AuthenticatedSafe *asafe,
- SECItem *pwitem,
- void *wincx)
-{
- SECStatus rv = SECFailure;
- SECItem *vpwd = NULL;
-
- if((asafe == NULL) || (pwitem == NULL)) {
- return SECFailure;
- }
-
- if(asafe->old == PR_FALSE) {
- vpwd = sec_pkcs12_create_virtual_password(pwitem, &asafe->privacySalt,
- asafe->swapUnicode);
- if(vpwd == NULL) {
- return SECFailure;
- }
- }
-
- rv = SEC_PKCS7DecryptContents(asafe->poolp, asafe->safe,
- (asafe->old ? pwitem : vpwd), wincx);
-
- if(asafe->old == PR_FALSE) {
- SECITEM_ZfreeItem(vpwd, PR_TRUE);
- }
-
- return rv;
-}
-
-/* extract the safe from the authenticated safe.
- * if we are unable to decode the safe, then it is likely that the
- * safe has not been decrypted or the password used to decrypt
- * the safe was invalid. we assume that the password was invalid and
- * set an error accordingly.
- * a return of NULL indicates that an error occurred.
- */
-static SEC_PKCS12SafeContents *
-sec_pkcs12_get_safe_contents(SEC_PKCS12AuthenticatedSafe *asafe)
-{
- SECItem *src = NULL;
- SEC_PKCS12SafeContents *safe = NULL;
- SECStatus rv = SECFailure;
-
- if(asafe == NULL) {
- return NULL;
- }
-
- safe = (SEC_PKCS12SafeContents *)PORT_ArenaZAlloc(asafe->poolp,
- sizeof(SEC_PKCS12SafeContents));
- if(safe == NULL) {
- return NULL;
- }
- safe->poolp = asafe->poolp;
- safe->old = asafe->old;
- safe->swapUnicode = asafe->swapUnicode;
-
- src = SEC_PKCS7GetContent(asafe->safe);
- if(src != NULL) {
- const SEC_ASN1Template *theTemplate;
- if(asafe->old != PR_TRUE) {
- theTemplate = SEC_PKCS12SafeContentsTemplate;
- } else {
- theTemplate = SEC_PKCS12SafeContentsTemplate_OLD;
- }
-
- rv = SEC_ASN1DecodeItem(asafe->poolp, safe, theTemplate, src);
-
- /* if we could not decode the item, password was probably invalid */
- if(rv != SECSuccess) {
- safe = NULL;
- PORT_SetError(SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT);
- }
- } else {
- PORT_SetError(SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE);
- rv = SECFailure;
- }
-
- return safe;
-}
-
-/* import PFX item
- * der_pfx is the der encoded pfx structure
- * pbef and pbearg are the integrity/encryption password call back
- * ncCall is the nickname collision calllback
- * slot is the destination token
- * wincx window handler
- *
- * on error, error code set and SECFailure returned
- */
-SECStatus
-SEC_PKCS12PutPFX(SECItem *der_pfx, SECItem *pwitem,
- SEC_PKCS12NicknameCollisionCallback ncCall,
- PK11SlotInfo *slot,
- void *wincx)
-{
- SEC_PKCS12PFXItem *pfx;
- SEC_PKCS12AuthenticatedSafe *asafe;
- SEC_PKCS12SafeContents *safe_contents = NULL;
- SECStatus rv;
-
- if(!der_pfx || !pwitem || !slot) {
- return SECFailure;
- }
-
- /* decode and validate each section */
- rv = SECFailure;
-
- pfx = sec_pkcs12_get_pfx(der_pfx, pwitem);
- if(pfx != NULL) {
- asafe = sec_pkcs12_get_auth_safe(pfx);
- if(asafe != NULL) {
-
- /* decrypt safe -- only if not empty */
- if(asafe->emptySafe != PR_TRUE) {
- rv = sec_pkcs12_decrypt_auth_safe(asafe, pwitem, wincx);
- if(rv == SECSuccess) {
- safe_contents = sec_pkcs12_get_safe_contents(asafe);
- if(safe_contents == NULL) {
- rv = SECFailure;
- }
- }
- } else {
- safe_contents = sec_pkcs12_create_safe_contents(asafe->poolp);
- safe_contents->swapUnicode = pfx->swapUnicode;
- if(safe_contents == NULL) {
- rv = SECFailure;
- } else {
- rv = SECSuccess;
- }
- }
-
- /* get safe contents and begin import */
- if(rv == SECSuccess) {
- SEC_PKCS12DecoderContext *p12dcx;
-
- p12dcx = sec_PKCS12ConvertOldSafeToNew(pfx->poolp, slot,
- pfx->swapUnicode,
- pwitem, wincx, safe_contents,
- &asafe->baggage);
- if(!p12dcx) {
- rv = SECFailure;
- goto loser;
- }
-
- if(SEC_PKCS12DecoderValidateBags(p12dcx, ncCall)
- != SECSuccess) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SEC_PKCS12DecoderImportBags(p12dcx);
- }
-
- }
- }
-
-loser:
-
- if(pfx) {
- SEC_PKCS12DestroyPFX(pfx);
- }
-
- return rv;
-}
-
-PRBool
-SEC_PKCS12ValidData(char *buf, int bufLen, long int totalLength)
-{
- int lengthLength;
-
- PRBool valid = PR_FALSE;
-
- if(buf == NULL) {
- return PR_FALSE;
- }
-
- /* check for constructed sequence identifier tag */
- if(*buf == (SEC_ASN1_CONSTRUCTED | SEC_ASN1_SEQUENCE)) {
- totalLength--; /* header byte taken care of */
- buf++;
-
- lengthLength = (long int)SEC_ASN1LengthLength(totalLength - 1);
- if(totalLength > 0x7f) {
- lengthLength--;
- *buf &= 0x7f; /* remove bit 8 indicator */
- if((*buf - (char)lengthLength) == 0) {
- valid = PR_TRUE;
- }
- } else {
- lengthLength--;
- if((*buf - (char)lengthLength) == 0) {
- valid = PR_TRUE;
- }
- }
- }
-
- return valid;
-}
diff --git a/security/nss/lib/pkcs12/p12e.c b/security/nss/lib/pkcs12/p12e.c
deleted file mode 100644
index 1a7248e70..000000000
--- a/security/nss/lib/pkcs12/p12e.c
+++ /dev/null
@@ -1,2273 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "p12t.h"
-#include "p12.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "p12plcy.h"
-#include "p12local.h"
-#include "alghmac.h"
-#include "prcpucfg.h"
-
-/*********************************
- * Structures used in exporting the PKCS 12 blob
- *********************************/
-
-/* A SafeInfo is used for each ContentInfo which makes up the
- * sequence of safes in the AuthenticatedSafe portion of the
- * PFX structure.
- */
-struct SEC_PKCS12SafeInfoStr {
- PRArenaPool *arena;
-
- /* information for setting up password encryption */
- SECItem pwitem;
- SECOidTag algorithm;
- PK11SymKey *encryptionKey;
-
- /* how many items have been stored in this safe,
- * we will skip any safe which does not contain any
- * items
- */
- unsigned int itemCount;
-
- /* the content info for the safe */
- SEC_PKCS7ContentInfo *cinfo;
-
- sec_PKCS12SafeContents *safe;
-};
-
-/* An opaque structure which contains information needed for exporting
- * certificates and keys through PKCS 12.
- */
-struct SEC_PKCS12ExportContextStr {
- PRArenaPool *arena;
- PK11SlotInfo *slot;
- void *wincx;
-
- /* integrity information */
- PRBool integrityEnabled;
- PRBool pwdIntegrity;
- union {
- struct sec_PKCS12PasswordModeInfo pwdInfo;
- struct sec_PKCS12PublicKeyModeInfo pubkeyInfo;
- } integrityInfo;
-
- /* helper functions */
- /* retrieve the password call back */
- SECKEYGetPasswordKey pwfn;
- void *pwfnarg;
-
- /* safe contents bags */
- SEC_PKCS12SafeInfo **safeInfos;
- unsigned int safeInfoCount;
-
- /* the sequence of safes */
- sec_PKCS12AuthenticatedSafe authSafe;
-
- /* information needing deletion */
- CERTCertificate **certList;
-};
-
-/* structures for passing information to encoder callbacks when processing
- * data through the ASN1 engine.
- */
-struct sec_pkcs12_encoder_output {
- SEC_PKCS12EncoderOutputCallback outputfn;
- void *outputarg;
-};
-
-struct sec_pkcs12_hmac_and_output_info {
- void *arg;
- struct sec_pkcs12_encoder_output output;
-};
-
-/* An encoder context which is used for the actual encoding
- * portion of PKCS 12.
- */
-typedef struct sec_PKCS12EncoderContextStr {
- PRArenaPool *arena;
- SEC_PKCS12ExportContext *p12exp;
- PK11SymKey *encryptionKey;
-
- /* encoder information - this is set up based on whether
- * password based or public key pased privacy is being used
- */
- SEC_ASN1EncoderContext *ecx;
- union {
- struct sec_pkcs12_hmac_and_output_info hmacAndOutputInfo;
- struct sec_pkcs12_encoder_output encOutput;
- } output;
-
- /* structures for encoding of PFX and MAC */
- sec_PKCS12PFXItem pfx;
- sec_PKCS12MacData mac;
-
- /* authenticated safe encoding tracking information */
- SEC_PKCS7ContentInfo *aSafeCinfo;
- SEC_PKCS7EncoderContext *aSafeP7Ecx;
- SEC_ASN1EncoderContext *aSafeEcx;
- unsigned int currentSafe;
-
- /* hmac context */
- PK11Context *hmacCx;
-} sec_PKCS12EncoderContext;
-
-
-/*********************************
- * Export setup routines
- *********************************/
-
-/* SEC_PKCS12CreateExportContext
- * Creates an export context and sets the unicode and password retrieval
- * callbacks. This is the first call which must be made when exporting
- * a PKCS 12 blob.
- *
- * pwfn, pwfnarg - password retrieval callback and argument. these are
- * required for password-authentication mode.
- */
-SEC_PKCS12ExportContext *
-SEC_PKCS12CreateExportContext(SECKEYGetPasswordKey pwfn, void *pwfnarg,
- PK11SlotInfo *slot, void *wincx)
-{
- PRArenaPool *arena = NULL;
- SEC_PKCS12ExportContext *p12ctxt = NULL;
-
- /* allocate the arena and create the context */
- arena = PORT_NewArena(4096);
- if(!arena) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- p12ctxt = (SEC_PKCS12ExportContext *)PORT_ArenaZAlloc(arena,
- sizeof(SEC_PKCS12ExportContext));
- if(!p12ctxt) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* password callback for key retrieval */
- p12ctxt->pwfn = pwfn;
- p12ctxt->pwfnarg = pwfnarg;
-
- p12ctxt->integrityEnabled = PR_FALSE;
- p12ctxt->arena = arena;
- p12ctxt->wincx = wincx;
- p12ctxt->slot = (slot) ? slot : PK11_GetInternalSlot();
-
- return p12ctxt;
-
-loser:
- if(arena) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- return NULL;
-}
-
-/*
- * Adding integrity mode
- */
-
-/* SEC_PKCS12AddPasswordIntegrity
- * Add password integrity to the exported data. If an integrity method
- * has already been set, then return an error.
- *
- * p12ctxt - the export context
- * pwitem - the password for integrity mode
- * integAlg - the integrity algorithm to use for authentication.
- */
-SECStatus
-SEC_PKCS12AddPasswordIntegrity(SEC_PKCS12ExportContext *p12ctxt,
- SECItem *pwitem, SECOidTag integAlg)
-{
- if(!p12ctxt || p12ctxt->integrityEnabled) {
- return SECFailure;
- }
-
- /* set up integrity information */
- p12ctxt->pwdIntegrity = PR_TRUE;
- p12ctxt->integrityInfo.pwdInfo.password =
- (SECItem*)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
- if(!p12ctxt->integrityInfo.pwdInfo.password) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- if(SECITEM_CopyItem(p12ctxt->arena,
- p12ctxt->integrityInfo.pwdInfo.password, pwitem)
- != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- p12ctxt->integrityInfo.pwdInfo.algorithm = integAlg;
- p12ctxt->integrityEnabled = PR_TRUE;
-
- return SECSuccess;
-}
-
-/* SEC_PKCS12AddPublicKeyIntegrity
- * Add public key integrity to the exported data. If an integrity method
- * has already been set, then return an error. The certificate must be
- * allowed to be used as a signing cert.
- *
- * p12ctxt - the export context
- * cert - signer certificate
- * certDb - the certificate database
- * algorithm - signing algorithm
- * keySize - size of the signing key (?)
- */
-SECStatus
-SEC_PKCS12AddPublicKeyIntegrity(SEC_PKCS12ExportContext *p12ctxt,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- SECOidTag algorithm, int keySize)
-{
- if(!p12ctxt) {
- return SECFailure;
- }
-
- p12ctxt->integrityInfo.pubkeyInfo.cert = cert;
- p12ctxt->integrityInfo.pubkeyInfo.certDb = certDb;
- p12ctxt->integrityInfo.pubkeyInfo.algorithm = algorithm;
- p12ctxt->integrityInfo.pubkeyInfo.keySize = keySize;
- p12ctxt->integrityEnabled = PR_TRUE;
-
- return SECSuccess;
-}
-
-
-/*
- * Adding safes - encrypted (password/public key) or unencrypted
- * Each of the safe creation routines return an opaque pointer which
- * are later passed into the routines for exporting certificates and
- * keys.
- */
-
-/* append the newly created safeInfo to list of safeInfos in the export
- * context.
- */
-static SECStatus
-sec_pkcs12_append_safe_info(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *info)
-{
- void *mark = NULL, *dummy1 = NULL, *dummy2 = NULL;
-
- if(!p12ctxt || !info) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- /* if no safeInfos have been set, create the list, otherwise expand it. */
- if(!p12ctxt->safeInfoCount) {
- p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)PORT_ArenaZAlloc(p12ctxt->arena,
- 2 * sizeof(SEC_PKCS12SafeInfo *));
- dummy1 = p12ctxt->safeInfos;
- p12ctxt->authSafe.encodedSafes = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena,
- 2 * sizeof(SECItem *));
- dummy2 = p12ctxt->authSafe.encodedSafes;
- } else {
- dummy1 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->safeInfos,
- (p12ctxt->safeInfoCount + 1) * sizeof(SEC_PKCS12SafeInfo *),
- (p12ctxt->safeInfoCount + 2) * sizeof(SEC_PKCS12SafeInfo *));
- p12ctxt->safeInfos = (SEC_PKCS12SafeInfo **)dummy1;
- dummy2 = PORT_ArenaGrow(p12ctxt->arena, p12ctxt->authSafe.encodedSafes,
- (p12ctxt->authSafe.safeCount + 1) * sizeof(SECItem *),
- (p12ctxt->authSafe.safeCount + 2) * sizeof(SECItem *));
- p12ctxt->authSafe.encodedSafes = (SECItem**)dummy2;
- }
- if(!dummy1 || !dummy2) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* append the new safeInfo and null terminate the list */
- p12ctxt->safeInfos[p12ctxt->safeInfoCount] = info;
- p12ctxt->safeInfos[++p12ctxt->safeInfoCount] = NULL;
- p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount] =
- (SECItem*)PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECItem));
- if(!p12ctxt->authSafe.encodedSafes[p12ctxt->authSafe.safeCount]) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- p12ctxt->authSafe.encodedSafes[++p12ctxt->authSafe.safeCount] = NULL;
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return SECFailure;
-}
-
-/* SEC_PKCS12CreatePasswordPrivSafe
- * Create a password privacy safe to store exported information in.
- *
- * p12ctxt - export context
- * pwitem - password for encryption
- * privAlg - pbe algorithm through which encryption is done.
- */
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePasswordPrivSafe(SEC_PKCS12ExportContext *p12ctxt,
- SECItem *pwitem, SECOidTag privAlg)
-{
- SEC_PKCS12SafeInfo *safeInfo = NULL;
- void *mark = NULL;
- PK11SlotInfo *slot;
- SECAlgorithmID *algId;
- SECItem uniPwitem = {siBuffer, NULL, 0};
-
- if(!p12ctxt) {
- return NULL;
- }
-
- /* allocate the safe info */
- mark = PORT_ArenaMark(p12ctxt->arena);
- safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SEC_PKCS12SafeInfo));
- if(!safeInfo) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
- }
-
- safeInfo->itemCount = 0;
-
- /* create the encrypted safe */
- safeInfo->cinfo = SEC_PKCS7CreateEncryptedData(privAlg, 0, p12ctxt->pwfn,
- p12ctxt->pwfnarg);
- if(!safeInfo->cinfo) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- safeInfo->arena = p12ctxt->arena;
-
- /* convert the password to unicode */
- if(!sec_pkcs12_convert_item_to_unicode(NULL, &uniPwitem, pwitem,
- PR_TRUE, PR_TRUE, PR_TRUE)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- if(SECITEM_CopyItem(p12ctxt->arena, &safeInfo->pwitem, &uniPwitem) != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* generate the encryption key */
- slot = p12ctxt->slot;
- if(!slot) {
- slot = PK11_GetInternalKeySlot();
- if(!slot) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- }
-
- algId = SEC_PKCS7GetEncryptionAlgorithm(safeInfo->cinfo);
- safeInfo->encryptionKey = PK11_PBEKeyGen(slot, algId, &uniPwitem,
- PR_FALSE, p12ctxt->wincx);
- if(!safeInfo->encryptionKey) {
- goto loser;
- }
-
- safeInfo->arena = p12ctxt->arena;
- safeInfo->safe = NULL;
- if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
- goto loser;
- }
-
- if(uniPwitem.data) {
- SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
- }
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return safeInfo;
-
-loser:
- if(safeInfo->cinfo) {
- SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
- }
-
- if(uniPwitem.data) {
- SECITEM_ZfreeItem(&uniPwitem, PR_FALSE);
- }
-
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
-}
-
-/* SEC_PKCS12CreateUnencryptedSafe
- * Creates an unencrypted safe within the export context.
- *
- * p12ctxt - the export context
- */
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreateUnencryptedSafe(SEC_PKCS12ExportContext *p12ctxt)
-{
- SEC_PKCS12SafeInfo *safeInfo = NULL;
- void *mark = NULL;
-
- if(!p12ctxt) {
- return NULL;
- }
-
- /* create the safe info */
- mark = PORT_ArenaMark(p12ctxt->arena);
- safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SEC_PKCS12SafeInfo));
- if(!safeInfo) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- safeInfo->itemCount = 0;
-
- /* create the safe content */
- safeInfo->cinfo = SEC_PKCS7CreateData();
- if(!safeInfo->cinfo) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return safeInfo;
-
-loser:
- if(safeInfo->cinfo) {
- SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
- }
-
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
-}
-
-/* SEC_PKCS12CreatePubKeyEncryptedSafe
- * Creates a safe which is protected by public key encryption.
- *
- * p12ctxt - the export context
- * certDb - the certificate database
- * signer - the signer's certificate
- * recipients - the list of recipient certificates.
- * algorithm - the encryption algorithm to use
- * keysize - the algorithms key size (?)
- */
-SEC_PKCS12SafeInfo *
-SEC_PKCS12CreatePubKeyEncryptedSafe(SEC_PKCS12ExportContext *p12ctxt,
- CERTCertDBHandle *certDb,
- CERTCertificate *signer,
- CERTCertificate **recipients,
- SECOidTag algorithm, int keysize)
-{
- SEC_PKCS12SafeInfo *safeInfo = NULL;
- void *mark = NULL;
-
- if(!p12ctxt || !signer || !recipients || !(*recipients)) {
- return NULL;
- }
-
- /* allocate the safeInfo */
- mark = PORT_ArenaMark(p12ctxt->arena);
- safeInfo = (SEC_PKCS12SafeInfo *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SEC_PKCS12SafeInfo));
- if(!safeInfo) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- safeInfo->itemCount = 0;
- safeInfo->arena = p12ctxt->arena;
-
- /* create the enveloped content info using certUsageEmailSigner currently.
- * XXX We need to eventually use something other than certUsageEmailSigner
- */
- safeInfo->cinfo = SEC_PKCS7CreateEnvelopedData(signer, certUsageEmailSigner,
- certDb, algorithm, keysize,
- p12ctxt->pwfn, p12ctxt->pwfnarg);
- if(!safeInfo->cinfo) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* add recipients */
- if(recipients) {
- unsigned int i = 0;
- while(recipients[i] != NULL) {
- SECStatus rv = SEC_PKCS7AddRecipient(safeInfo->cinfo, recipients[i],
- certUsageEmailRecipient, certDb);
- if(rv != SECSuccess) {
- goto loser;
- }
- i++;
- }
- }
-
- if(sec_pkcs12_append_safe_info(p12ctxt, safeInfo) != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return safeInfo;
-
-loser:
- if(safeInfo->cinfo) {
- SEC_PKCS7DestroyContentInfo(safeInfo->cinfo);
- safeInfo->cinfo = NULL;
- }
-
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
-}
-
-/*********************************
- * Routines to handle the exporting of the keys and certificates
- *********************************/
-
-/* creates a safe contents which safeBags will be appended to */
-sec_PKCS12SafeContents *
-sec_PKCS12CreateSafeContents(PRArenaPool *arena)
-{
- sec_PKCS12SafeContents *safeContents;
-
- if(arena == NULL) {
- return NULL;
- }
-
- /* create the safe contents */
- safeContents = (sec_PKCS12SafeContents *)PORT_ArenaZAlloc(arena,
- sizeof(sec_PKCS12SafeContents));
- if(!safeContents) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* set up the internal contents info */
- safeContents->safeBags = NULL;
- safeContents->arena = arena;
- safeContents->bagCount = 0;
-
- return safeContents;
-
-loser:
- return NULL;
-}
-
-/* appends a safe bag to a safeContents using the specified arena.
- */
-SECStatus
-sec_pkcs12_append_bag_to_safe_contents(PRArenaPool *arena,
- sec_PKCS12SafeContents *safeContents,
- sec_PKCS12SafeBag *safeBag)
-{
- void *mark = NULL, *dummy = NULL;
-
- if(!arena || !safeBag || !safeContents) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(arena);
- if(!mark) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* allocate space for the list, or reallocate to increase space */
- if(!safeContents->safeBags) {
- safeContents->safeBags = (sec_PKCS12SafeBag **)PORT_ArenaZAlloc(arena,
- (2 * sizeof(sec_PKCS12SafeBag *)));
- dummy = safeContents->safeBags;
- safeContents->bagCount = 0;
- } else {
- dummy = PORT_ArenaGrow(arena, safeContents->safeBags,
- (safeContents->bagCount + 1) * sizeof(sec_PKCS12SafeBag *),
- (safeContents->bagCount + 2) * sizeof(sec_PKCS12SafeBag *));
- safeContents->safeBags = (sec_PKCS12SafeBag **)dummy;
- }
-
- if(!dummy) {
- PORT_ArenaRelease(arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* append the bag at the end and null terminate the list */
- safeContents->safeBags[safeContents->bagCount++] = safeBag;
- safeContents->safeBags[safeContents->bagCount] = NULL;
-
- PORT_ArenaUnmark(arena, mark);
-
- return SECSuccess;
-}
-
-/* appends a safeBag to a specific safeInfo.
- */
-SECStatus
-sec_pkcs12_append_bag(SEC_PKCS12ExportContext *p12ctxt,
- SEC_PKCS12SafeInfo *safeInfo, sec_PKCS12SafeBag *safeBag)
-{
- sec_PKCS12SafeContents *dest;
- SECStatus rv = SECFailure;
-
- if(!p12ctxt || !safeBag || !safeInfo) {
- return SECFailure;
- }
-
- if(!safeInfo->safe) {
- safeInfo->safe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
- if(!safeInfo->safe) {
- return SECFailure;
- }
- }
-
- dest = safeInfo->safe;
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena, dest, safeBag);
- if(rv == SECSuccess) {
- safeInfo->itemCount++;
- }
-
- return rv;
-}
-
-/* Creates a safeBag of the specified type, and if bagData is specified,
- * the contents are set. The contents could be set later by the calling
- * routine.
- */
-sec_PKCS12SafeBag *
-sec_PKCS12CreateSafeBag(SEC_PKCS12ExportContext *p12ctxt, SECOidTag bagType,
- void *bagData)
-{
- sec_PKCS12SafeBag *safeBag;
- PRBool setName = PR_TRUE;
- void *mark = NULL;
- SECStatus rv = SECSuccess;
- SECOidData *oidData = NULL;
-
- if(!p12ctxt) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
- if(!mark) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- safeBag = (sec_PKCS12SafeBag *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(sec_PKCS12SafeBag));
- if(!safeBag) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /* set the bags content based upon bag type */
- switch(bagType) {
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- safeBag->safeBagContent.pkcs8KeyBag =
- (SECKEYPrivateKeyInfo *)bagData;
- break;
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- safeBag->safeBagContent.certBag = (sec_PKCS12CertBag *)bagData;
- break;
- case SEC_OID_PKCS12_V1_CRL_BAG_ID:
- safeBag->safeBagContent.crlBag = (sec_PKCS12CRLBag *)bagData;
- break;
- case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
- safeBag->safeBagContent.secretBag = (sec_PKCS12SecretBag *)bagData;
- break;
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- safeBag->safeBagContent.pkcs8ShroudedKeyBag =
- (SECKEYEncryptedPrivateKeyInfo *)bagData;
- break;
- case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
- safeBag->safeBagContent.safeContents =
- (sec_PKCS12SafeContents *)bagData;
- setName = PR_FALSE;
- break;
- default:
- goto loser;
- }
-
- oidData = SECOID_FindOIDByTag(bagType);
- if(oidData) {
- rv = SECITEM_CopyItem(p12ctxt->arena, &safeBag->safeBagType, &oidData->oid);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- } else {
- goto loser;
- }
-
- safeBag->arena = p12ctxt->arena;
- PORT_ArenaUnmark(p12ctxt->arena, mark);
-
- return safeBag;
-
-loser:
- if(mark) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- }
-
- return NULL;
-}
-
-/* Creates a new certificate bag and returns a pointer to it. If an error
- * occurs NULL is returned.
- */
-sec_PKCS12CertBag *
-sec_PKCS12NewCertBag(PRArenaPool *arena, SECOidTag certType)
-{
- sec_PKCS12CertBag *certBag = NULL;
- SECOidData *bagType = NULL;
- SECStatus rv;
- void *mark = NULL;
-
- if(!arena) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(arena);
- certBag = (sec_PKCS12CertBag *)PORT_ArenaZAlloc(arena,
- sizeof(sec_PKCS12CertBag));
- if(!certBag) {
- PORT_ArenaRelease(arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- bagType = SECOID_FindOIDByTag(certType);
- if(!bagType) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- rv = SECITEM_CopyItem(arena, &certBag->bagID, &bagType->oid);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- PORT_ArenaUnmark(arena, mark);
- return certBag;
-
-loser:
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-/* Creates a new CRL bag and returns a pointer to it. If an error
- * occurs NULL is returned.
- */
-sec_PKCS12CRLBag *
-sec_PKCS12NewCRLBag(PRArenaPool *arena, SECOidTag crlType)
-{
- sec_PKCS12CRLBag *crlBag = NULL;
- SECOidData *bagType = NULL;
- SECStatus rv;
- void *mark = NULL;
-
- if(!arena) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(arena);
- crlBag = (sec_PKCS12CRLBag *)PORT_ArenaZAlloc(arena,
- sizeof(sec_PKCS12CRLBag));
- if(!crlBag) {
- PORT_ArenaRelease(arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- bagType = SECOID_FindOIDByTag(crlType);
- if(!bagType) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- rv = SECITEM_CopyItem(arena, &crlBag->bagID, &bagType->oid);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- PORT_ArenaUnmark(arena, mark);
- return crlBag;
-
-loser:
- PORT_ArenaRelease(arena, mark);
- return NULL;
-}
-
-/* sec_PKCS12AddAttributeToBag
- * adds an attribute to a safeBag. currently, the only attributes supported
- * are those which are specified within PKCS 12.
- *
- * p12ctxt - the export context
- * safeBag - the safeBag to which attributes are appended
- * attrType - the attribute type
- * attrData - the attribute data
- */
-SECStatus
-sec_PKCS12AddAttributeToBag(SEC_PKCS12ExportContext *p12ctxt,
- sec_PKCS12SafeBag *safeBag, SECOidTag attrType,
- SECItem *attrData)
-{
- sec_PKCS12Attribute *attribute;
- void *mark = NULL, *dummy = NULL;
- SECOidData *oiddata = NULL;
- SECItem unicodeName = { siBuffer, NULL, 0};
- void *src = NULL;
- unsigned int nItems = 0;
- SECStatus rv;
-
- if(!safeBag || !p12ctxt) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(safeBag->arena);
-
- /* allocate the attribute */
- attribute = (sec_PKCS12Attribute *)PORT_ArenaZAlloc(safeBag->arena,
- sizeof(sec_PKCS12Attribute));
- if(!attribute) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* set up the attribute */
- oiddata = SECOID_FindOIDByTag(attrType);
- if(!oiddata) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- if(SECITEM_CopyItem(p12ctxt->arena, &attribute->attrType, &oiddata->oid) !=
- SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- nItems = 1;
- switch(attrType) {
- case SEC_OID_PKCS9_LOCAL_KEY_ID:
- {
- src = attrData;
- break;
- }
- case SEC_OID_PKCS9_FRIENDLY_NAME:
- {
- if(!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena,
- &unicodeName, attrData, PR_FALSE,
- PR_FALSE, PR_TRUE)) {
- goto loser;
- }
- src = &unicodeName;
- break;
- }
- default:
- goto loser;
- }
-
- /* append the attribute to the attribute value list */
- attribute->attrValue = (SECItem **)PORT_ArenaZAlloc(p12ctxt->arena,
- ((nItems + 1) * sizeof(SECItem *)));
- if(!attribute->attrValue) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* XXX this will need to be changed if attributes requiring more than
- * one element are ever used.
- */
- attribute->attrValue[0] = (SECItem *)PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SECItem));
- if(!attribute->attrValue[0]) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- attribute->attrValue[1] = NULL;
-
- rv = SECITEM_CopyItem(p12ctxt->arena, attribute->attrValue[0],
- (SECItem*)src);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* append the attribute to the safeBag attributes */
- if(safeBag->nAttribs) {
- dummy = PORT_ArenaGrow(p12ctxt->arena, safeBag->attribs,
- ((safeBag->nAttribs + 1) * sizeof(sec_PKCS12Attribute *)),
- ((safeBag->nAttribs + 2) * sizeof(sec_PKCS12Attribute *)));
- safeBag->attribs = (sec_PKCS12Attribute **)dummy;
- } else {
- safeBag->attribs = (sec_PKCS12Attribute **)PORT_ArenaZAlloc(p12ctxt->arena,
- 2 * sizeof(sec_PKCS12Attribute *));
- dummy = safeBag->attribs;
- }
- if(!dummy) {
- goto loser;
- }
-
- safeBag->attribs[safeBag->nAttribs] = attribute;
- safeBag->attribs[++safeBag->nAttribs] = NULL;
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- if(mark) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- }
-
- return SECFailure;
-}
-
-/* SEC_PKCS12AddCert
- * Adds a certificate to the data being exported.
- *
- * p12ctxt - the export context
- * safe - the safeInfo to which the certificate is placed
- * nestedDest - if the cert is to be placed within a nested safeContents then,
- * this value is to be specified with the destination
- * cert - the cert to export
- * certDb - the certificate database handle
- * keyId - a unique identifier to associate a certificate/key pair
- * includeCertChain - PR_TRUE if the certificate chain is to be included.
- */
-SECStatus
-SEC_PKCS12AddCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe,
- void *nestedDest, CERTCertificate *cert,
- CERTCertDBHandle *certDb, SECItem *keyId,
- PRBool includeCertChain)
-{
- sec_PKCS12CertBag *certBag;
- sec_PKCS12SafeBag *safeBag;
- void *mark;
- SECStatus rv;
- SECItem nick = {siBuffer, NULL,0};
-
- if(!p12ctxt || !cert) {
- return SECFailure;
- }
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- /* allocate the cert bag */
- certBag = sec_PKCS12NewCertBag(p12ctxt->arena,
- SEC_OID_PKCS9_X509_CERT);
- if(!certBag) {
- goto loser;
- }
-
- if(SECITEM_CopyItem(p12ctxt->arena, &certBag->value.x509Cert,
- &cert->derCert) != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* if the cert chain is to be included, we should only be exporting
- * the cert from our internal database.
- */
- if(includeCertChain) {
- CERTCertificateList *certList = CERT_CertChainFromCert(cert,
- certUsageSSLClient,
- PR_TRUE);
- unsigned int count = 0;
- if(!certList) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* add cert chain */
- for(count = 0; count < (unsigned int)certList->len; count++) {
- if(SECITEM_CompareItem(&certList->certs[count], &cert->derCert)
- != SECEqual) {
- CERTCertificate *tempCert;
-
- /* decode the certificate */
- tempCert =
- CERT_DecodeDERCertificate( &certList->certs[count],
- PR_FALSE, NULL);
- if(!tempCert) {
- CERT_DestroyCertificateList(certList);
- goto loser;
- }
-
- /* add the certificate */
- if(SEC_PKCS12AddCert(p12ctxt, safe, nestedDest, tempCert,
- certDb, NULL, PR_FALSE) != SECSuccess) {
- CERT_DestroyCertificate(tempCert);
- CERT_DestroyCertificateList(certList);
- goto loser;
- }
- CERT_DestroyCertificate(tempCert);
- }
- }
- CERT_DestroyCertificateList(certList);
- }
-
- /* if the certificate has a nickname, we will set the friendly name
- * to that.
- */
- if(cert->nickname) {
- if (cert->slot && !PK11_IsInternal(cert->slot)) {
- /*
- * The cert is coming off of an external token,
- * let's strip the token name from the nickname
- * and only add what comes after the colon as the
- * nickname. -javi
- */
- char *delimit;
-
- delimit = PORT_Strchr(cert->nickname,':');
- if (delimit == NULL) {
- nick.data = (unsigned char *)cert->nickname;
- nick.len = PORT_Strlen(cert->nickname);
- } else {
- delimit++;
- nick.data = (unsigned char *)PORT_ArenaStrdup(p12ctxt->arena,
- delimit);
- nick.len = PORT_Strlen(delimit);
- }
- } else {
- nick.data = (unsigned char *)cert->nickname;
- nick.len = PORT_Strlen(cert->nickname);
- }
- }
-
- safeBag = sec_PKCS12CreateSafeBag(p12ctxt, SEC_OID_PKCS12_V1_CERT_BAG_ID,
- certBag);
- if(!safeBag) {
- goto loser;
- }
-
- /* add the friendly name and keyId attributes, if necessary */
- if(nick.data) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, safeBag,
- SEC_OID_PKCS9_FRIENDLY_NAME, &nick)
- != SECSuccess) {
- goto loser;
- }
- }
-
- if(keyId) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, safeBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyId) != SECSuccess) {
- goto loser;
- }
- }
-
- /* append the cert safeBag */
- if(nestedDest) {
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
- (sec_PKCS12SafeContents*)nestedDest,
- safeBag);
- } else {
- rv = sec_pkcs12_append_bag(p12ctxt, safe, safeBag);
- }
-
- if(rv != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- if(mark) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- }
-
- return SECFailure;
-}
-
-/* SEC_PKCS12AddEncryptedKey
- * Extracts the key associated with a particular certificate and exports
- * it.
- *
- * p12ctxt - the export context
- * safe - the safeInfo to place the key in
- * nestedDest - the nested safeContents to place a key
- * cert - the certificate which the key belongs to
- * shroudKey - encrypt the private key for export. This value should
- * always be true. lower level code will not allow the export
- * of unencrypted private keys.
- * algorithm - the algorithm with which to encrypt the private key
- * pwitem - the password to encrypted the private key with
- * keyId - the keyID attribute
- * nickName - the nickname attribute
- */
-static SECStatus
-SEC_PKCS12AddEncryptedKey(SEC_PKCS12ExportContext *p12ctxt,
- SECKEYEncryptedPrivateKeyInfo *epki, SEC_PKCS12SafeInfo *safe,
- void *nestedDest, SECItem *keyId, SECItem *nickName)
-{
- void *mark;
- void *keyItem;
- SECOidTag keyType;
- SECStatus rv = SECFailure;
- sec_PKCS12SafeBag *returnBag;
-
- if(!p12ctxt || !safe || !epki) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- keyItem = PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SECKEYEncryptedPrivateKeyInfo));
- if(!keyItem) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- rv = SECKEY_CopyEncryptedPrivateKeyInfo(p12ctxt->arena,
- (SECKEYEncryptedPrivateKeyInfo *)keyItem,
- epki);
- keyType = SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID;
-
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* create the safe bag and set any attributes */
- returnBag = sec_PKCS12CreateSafeBag(p12ctxt, keyType, keyItem);
- if(!returnBag) {
- rv = SECFailure;
- goto loser;
- }
-
- if(nickName) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag,
- SEC_OID_PKCS9_FRIENDLY_NAME, nickName)
- != SECSuccess) {
- goto loser;
- }
- }
-
- if(keyId) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyId) != SECSuccess) {
- goto loser;
- }
- }
-
- if(nestedDest) {
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
- (sec_PKCS12SafeContents*)nestedDest,
- returnBag);
- } else {
- rv = sec_pkcs12_append_bag(p12ctxt, safe, returnBag);
- }
-
-loser:
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- } else {
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- }
-
- return rv;
-}
-
-/* SEC_PKCS12AddKeyForCert
- * Extracts the key associated with a particular certificate and exports
- * it.
- *
- * p12ctxt - the export context
- * safe - the safeInfo to place the key in
- * nestedDest - the nested safeContents to place a key
- * cert - the certificate which the key belongs to
- * shroudKey - encrypt the private key for export. This value should
- * always be true. lower level code will not allow the export
- * of unencrypted private keys.
- * algorithm - the algorithm with which to encrypt the private key
- * pwitem - the password to encrypt the private key with
- * keyId - the keyID attribute
- * nickName - the nickname attribute
- */
-SECStatus
-SEC_PKCS12AddKeyForCert(SEC_PKCS12ExportContext *p12ctxt, SEC_PKCS12SafeInfo *safe,
- void *nestedDest, CERTCertificate *cert,
- PRBool shroudKey, SECOidTag algorithm, SECItem *pwitem,
- SECItem *keyId, SECItem *nickName)
-{
- void *mark;
- void *keyItem;
- SECOidTag keyType;
- SECStatus rv = SECFailure;
- SECItem nickname = {siBuffer,NULL,0}, uniPwitem = {siBuffer, NULL, 0};
- sec_PKCS12SafeBag *returnBag;
-
- if(!p12ctxt || !cert || !safe) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- /* retrieve the key based upon the type that it is and
- * specify the type of safeBag to store the key in
- */
- if(!shroudKey) {
-
- /* extract the key unencrypted. this will most likely go away */
- SECKEYPrivateKeyInfo *pki = PK11_ExportPrivateKeyInfo(cert,
- p12ctxt->wincx);
- if(!pki) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
- return SECFailure;
- }
- keyItem = PORT_ArenaZAlloc(p12ctxt->arena, sizeof(SECKEYPrivateKeyInfo));
- if(!keyItem) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- rv = SECKEY_CopyPrivateKeyInfo(p12ctxt->arena,
- (SECKEYPrivateKeyInfo *)keyItem, pki);
- keyType = SEC_OID_PKCS12_V1_KEY_BAG_ID;
- SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
- } else {
-
- /* extract the key encrypted */
- SECKEYEncryptedPrivateKeyInfo *epki = NULL;
- PK11SlotInfo *slot = p12ctxt->slot;
-
- if(!sec_pkcs12_convert_item_to_unicode(p12ctxt->arena, &uniPwitem,
- pwitem, PR_TRUE, PR_TRUE, PR_TRUE)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* we want to make sure to take the key out of the key slot */
- if(PK11_IsInternal(p12ctxt->slot)) {
- slot = PK11_GetInternalKeySlot();
- }
-
- epki = PK11_ExportEncryptedPrivateKeyInfo(slot, algorithm,
- &uniPwitem, cert, 1,
- p12ctxt->wincx);
- if(PK11_IsInternal(p12ctxt->slot)) {
- PK11_FreeSlot(slot);
- }
-
- keyItem = PORT_ArenaZAlloc(p12ctxt->arena,
- sizeof(SECKEYEncryptedPrivateKeyInfo));
- if(!keyItem) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- if(!epki) {
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
- return SECFailure;
- }
- rv = SECKEY_CopyEncryptedPrivateKeyInfo(p12ctxt->arena,
- (SECKEYEncryptedPrivateKeyInfo *)keyItem,
- epki);
- keyType = SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID;
- SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
- }
-
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* if no nickname specified, let's see if the certificate has a
- * nickname.
- */
- if(!nickName) {
- if(cert->nickname) {
- nickname.data = (unsigned char *)cert->nickname;
- nickname.len = PORT_Strlen(cert->nickname);
- nickName = &nickname;
- }
- }
-
- /* create the safe bag and set any attributes */
- returnBag = sec_PKCS12CreateSafeBag(p12ctxt, keyType, keyItem);
- if(!returnBag) {
- rv = SECFailure;
- goto loser;
- }
-
- if(nickName) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag,
- SEC_OID_PKCS9_FRIENDLY_NAME, nickName)
- != SECSuccess) {
- goto loser;
- }
- }
-
- if(keyId) {
- if(sec_PKCS12AddAttributeToBag(p12ctxt, returnBag, SEC_OID_PKCS9_LOCAL_KEY_ID,
- keyId) != SECSuccess) {
- goto loser;
- }
- }
-
- if(nestedDest) {
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
- (sec_PKCS12SafeContents*)nestedDest,
- returnBag);
- } else {
- rv = sec_pkcs12_append_bag(p12ctxt, safe, returnBag);
- }
-
-loser:
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- } else {
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- }
-
- return rv;
-}
-
-/* SEC_PKCS12AddCertAndEncryptedKey
- * Add a certificate and key pair to be exported.
- *
- * p12ctxt - the export context
- * certSafe - the safeInfo where the cert is stored
- * certNestedDest - the nested safeContents to store the cert
- * keySafe - the safeInfo where the key is stored
- * keyNestedDest - the nested safeContents to store the key
- * shroudKey - extract the private key encrypted?
- * pwitem - the password with which the key is encrypted
- * algorithm - the algorithm with which the key is encrypted
- */
-SECStatus
-SEC_PKCS12AddDERCertAndEncryptedKey(SEC_PKCS12ExportContext *p12ctxt,
- void *certSafe, void *certNestedDest,
- SECItem *derCert, void *keySafe,
- void *keyNestedDest, SECKEYEncryptedPrivateKeyInfo *epki,
- char *nickname)
-{
- SECStatus rv = SECFailure;
- SGNDigestInfo *digest = NULL;
- void *mark = NULL;
- CERTCertificate *cert;
- SECItem nick = {siBuffer, NULL,0}, *nickPtr = NULL;
-
- if(!p12ctxt || !certSafe || !keySafe || !derCert) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- cert = CERT_DecodeDERCertificate(derCert, PR_FALSE, NULL);
- if(!cert) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- cert->nickname = nickname;
-
- /* generate the thumbprint of the cert to use as a keyId */
- digest = sec_pkcs12_compute_thumbprint(&cert->derCert);
- if(!digest) {
- CERT_DestroyCertificate(cert);
- return SECFailure;
- }
-
- /* add the certificate */
- rv = SEC_PKCS12AddCert(p12ctxt, (SEC_PKCS12SafeInfo*)certSafe,
- certNestedDest, cert, NULL,
- &digest->digest, PR_FALSE);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- if(nickname) {
- nick.data = (unsigned char *)nickname;
- nick.len = PORT_Strlen(nickname);
- nickPtr = &nick;
- } else {
- nickPtr = NULL;
- }
-
- /* add the key */
- rv = SEC_PKCS12AddEncryptedKey(p12ctxt, epki, (SEC_PKCS12SafeInfo*)keySafe,
- keyNestedDest, &digest->digest, nickPtr );
- if(rv != SECSuccess) {
- goto loser;
- }
-
- SGN_DestroyDigestInfo(digest);
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- SGN_DestroyDigestInfo(digest);
- CERT_DestroyCertificate(cert);
- PORT_ArenaRelease(p12ctxt->arena, mark);
-
- return SECFailure;
-}
-
-/* SEC_PKCS12AddCertAndKey
- * Add a certificate and key pair to be exported.
- *
- * p12ctxt - the export context
- * certSafe - the safeInfo where the cert is stored
- * certNestedDest - the nested safeContents to store the cert
- * keySafe - the safeInfo where the key is stored
- * keyNestedDest - the nested safeContents to store the key
- * shroudKey - extract the private key encrypted?
- * pwitem - the password with which the key is encrypted
- * algorithm - the algorithm with which the key is encrypted
- */
-SECStatus
-SEC_PKCS12AddCertAndKey(SEC_PKCS12ExportContext *p12ctxt,
- void *certSafe, void *certNestedDest,
- CERTCertificate *cert, CERTCertDBHandle *certDb,
- void *keySafe, void *keyNestedDest,
- PRBool shroudKey, SECItem *pwitem, SECOidTag algorithm)
-{
- SECStatus rv = SECFailure;
- SGNDigestInfo *digest = NULL;
- void *mark = NULL;
-
- if(!p12ctxt || !certSafe || !keySafe || !cert) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- /* generate the thumbprint of the cert to use as a keyId */
- digest = sec_pkcs12_compute_thumbprint(&cert->derCert);
- if(!digest) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return SECFailure;
- }
-
- /* add the certificate */
- rv = SEC_PKCS12AddCert(p12ctxt, (SEC_PKCS12SafeInfo*)certSafe,
- (SEC_PKCS12SafeInfo*)certNestedDest, cert, certDb,
- &digest->digest, PR_TRUE);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* add the key */
- rv = SEC_PKCS12AddKeyForCert(p12ctxt, (SEC_PKCS12SafeInfo*)keySafe,
- keyNestedDest, cert,
- shroudKey, algorithm, pwitem,
- &digest->digest, NULL );
- if(rv != SECSuccess) {
- goto loser;
- }
-
- SGN_DestroyDigestInfo(digest);
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return SECSuccess;
-
-loser:
- SGN_DestroyDigestInfo(digest);
- PORT_ArenaRelease(p12ctxt->arena, mark);
-
- return SECFailure;
-}
-
-/* SEC_PKCS12CreateNestedSafeContents
- * Allows nesting of safe contents to be implemented. No limit imposed on
- * depth.
- *
- * p12ctxt - the export context
- * baseSafe - the base safeInfo
- * nestedDest - a parent safeContents (?)
- */
-void *
-SEC_PKCS12CreateNestedSafeContents(SEC_PKCS12ExportContext *p12ctxt,
- void *baseSafe, void *nestedDest)
-{
- sec_PKCS12SafeContents *newSafe;
- sec_PKCS12SafeBag *safeContentsBag;
- void *mark;
- SECStatus rv;
-
- if(!p12ctxt || !baseSafe) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(p12ctxt->arena);
-
- newSafe = sec_PKCS12CreateSafeContents(p12ctxt->arena);
- if(!newSafe) {
- PORT_ArenaRelease(p12ctxt->arena, mark);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /* create the safeContents safeBag */
- safeContentsBag = sec_PKCS12CreateSafeBag(p12ctxt,
- SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
- newSafe);
- if(!safeContentsBag) {
- goto loser;
- }
-
- /* append the safeContents to the appropriate area */
- if(nestedDest) {
- rv = sec_pkcs12_append_bag_to_safe_contents(p12ctxt->arena,
- (sec_PKCS12SafeContents*)nestedDest,
- safeContentsBag);
- } else {
- rv = sec_pkcs12_append_bag(p12ctxt, (SEC_PKCS12SafeInfo*)baseSafe,
- safeContentsBag);
- }
- if(rv != SECSuccess) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12ctxt->arena, mark);
- return newSafe;
-
-loser:
- PORT_ArenaRelease(p12ctxt->arena, mark);
- return NULL;
-}
-
-/*********************************
- * Encoding routines
- *********************************/
-
-/* set up the encoder context based on information in the export context
- * and return the newly allocated enocoder context. A return of NULL
- * indicates an error occurred.
- */
-sec_PKCS12EncoderContext *
-sec_pkcs12_encoder_start_context(SEC_PKCS12ExportContext *p12exp)
-{
- sec_PKCS12EncoderContext *p12enc = NULL;
- unsigned int i, nonEmptyCnt;
- SECStatus rv;
- SECItem ignore = {0};
- void *mark;
-
- if(!p12exp || !p12exp->safeInfos) {
- return NULL;
- }
-
- /* check for any empty safes and skip them */
- i = nonEmptyCnt = 0;
- while(p12exp->safeInfos[i]) {
- if(p12exp->safeInfos[i]->itemCount) {
- nonEmptyCnt++;
- }
- i++;
- }
- if(nonEmptyCnt == 0) {
- return NULL;
- }
- p12exp->authSafe.encodedSafes[nonEmptyCnt] = NULL;
-
- /* allocate the encoder context */
- mark = PORT_ArenaMark(p12exp->arena);
- p12enc = (sec_PKCS12EncoderContext*)PORT_ArenaZAlloc(p12exp->arena,
- sizeof(sec_PKCS12EncoderContext));
- if(!p12enc) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- p12enc->arena = p12exp->arena;
- p12enc->p12exp = p12exp;
-
- /* set up the PFX version and information */
- PORT_Memset(&p12enc->pfx, 0, sizeof(sec_PKCS12PFXItem));
- if(!SEC_ASN1EncodeInteger(p12exp->arena, &(p12enc->pfx.version),
- SEC_PKCS12_VERSION) ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* set up the authenticated safe content info based on the
- * type of integrity being used. this should be changed to
- * enforce integrity mode, but will not be implemented until
- * it is confirmed that integrity must be in place
- */
- if(p12exp->integrityEnabled && !p12exp->pwdIntegrity) {
- SECStatus rv;
-
- /* create public key integrity mode */
- p12enc->aSafeCinfo = SEC_PKCS7CreateSignedData(
- p12exp->integrityInfo.pubkeyInfo.cert,
- certUsageEmailSigner,
- p12exp->integrityInfo.pubkeyInfo.certDb,
- p12exp->integrityInfo.pubkeyInfo.algorithm,
- NULL,
- p12exp->pwfn,
- p12exp->pwfnarg);
- if(!p12enc->aSafeCinfo) {
- goto loser;
- }
- if(SEC_PKCS7IncludeCertChain(p12enc->aSafeCinfo,NULL) != SECSuccess) {
- goto loser;
- }
- rv = SEC_PKCS7AddSigningTime(p12enc->aSafeCinfo);
- PORT_Assert(rv == SECSuccess);
- } else {
- p12enc->aSafeCinfo = SEC_PKCS7CreateData();
-
- /* init password pased integrity mode */
- if(p12exp->integrityEnabled) {
- SECItem pwd = {siBuffer,NULL, 0};
- SECItem *salt = sec_pkcs12_generate_salt();
- PK11SymKey *symKey;
- SECItem *params;
- CK_MECHANISM_TYPE integrityMech;
-
- /* zero out macData and set values */
- PORT_Memset(&p12enc->mac, 0, sizeof(sec_PKCS12MacData));
-
- if(!salt) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- if(SECITEM_CopyItem(p12exp->arena, &(p12enc->mac.macSalt), salt)
- != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* generate HMAC key */
- if(!sec_pkcs12_convert_item_to_unicode(NULL, &pwd,
- p12exp->integrityInfo.pwdInfo.password, PR_TRUE,
- PR_TRUE, PR_TRUE)) {
- goto loser;
- }
-
- params = PK11_CreatePBEParams(salt, &pwd, 1);
- SECITEM_ZfreeItem(salt, PR_TRUE);
- SECITEM_ZfreeItem(&pwd, PR_FALSE);
-
- switch (p12exp->integrityInfo.pwdInfo.algorithm) {
- case SEC_OID_SHA1:
- integrityMech = CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN; break;
- case SEC_OID_MD5:
- integrityMech = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN; break;
- case SEC_OID_MD2:
- integrityMech = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN; break;
- default:
- goto loser;
- }
-
- symKey = PK11_KeyGen(NULL, integrityMech, params, 20, NULL);
- PK11_DestroyPBEParams(params);
- if(!symKey) {
- goto loser;
- }
-
- /* initialize hmac */
- p12enc->hmacCx = PK11_CreateContextBySymKey(
- sec_pkcs12_algtag_to_mech(p12exp->integrityInfo.pwdInfo.algorithm),
- CKA_SIGN, symKey, &ignore);
- if(!p12enc->hmacCx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- rv = PK11_DigestBegin(p12enc->hmacCx);
- if (rv != SECSuccess)
- goto loser;
- }
- }
-
- if(!p12enc->aSafeCinfo) {
- goto loser;
- }
-
- PORT_ArenaUnmark(p12exp->arena, mark);
-
- return p12enc;
-
-loser:
- if(p12enc) {
- if(p12enc->aSafeCinfo) {
- SEC_PKCS7DestroyContentInfo(p12enc->aSafeCinfo);
- }
- if(p12enc->hmacCx) {
- PK11_DestroyContext(p12enc->hmacCx, PR_TRUE);
- }
- }
- if (p12exp->arena != NULL)
- PORT_ArenaRelease(p12exp->arena, mark);
-
- return NULL;
-}
-
-/* callback wrapper to allow the ASN1 engine to call the PKCS 12
- * output routines.
- */
-static void
-sec_pkcs12_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct sec_pkcs12_encoder_output *output;
-
- output = (struct sec_pkcs12_encoder_output*)arg;
- (* output->outputfn)(output->outputarg, buf, len);
-}
-
-/* callback wrapper to wrap SEC_PKCS7EncoderUpdate for ASN1 encoder
- */
-static void
-sec_pkcs12_wrap_pkcs7_encoder_update(void *arg, const char *buf,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- SEC_PKCS7EncoderContext *ecx;
- if(!buf || !len) {
- return;
- }
-
- ecx = (SEC_PKCS7EncoderContext*)arg;
- SEC_PKCS7EncoderUpdate(ecx, buf, len);
-}
-
-/* callback wrapper to wrap SEC_ASN1EncoderUpdate for PKCS 7 encoding
- */
-static void
-sec_pkcs12_wrap_asn1_update_for_p7_update(void *arg, const char *buf,
- unsigned long len)
-{
- if(!buf && !len) return;
-
- SEC_ASN1EncoderUpdate((SEC_ASN1EncoderContext*)arg, buf, len);
-}
-
-/* callback wrapper which updates the HMAC and passes on bytes to the
- * appropriate output function.
- */
-static void
-sec_pkcs12_asafe_update_hmac_and_encode_bits(void *arg, const char *buf,
- unsigned long len, int depth,
- SEC_ASN1EncodingPart data_kind)
-{
- sec_PKCS12EncoderContext *p12ecx;
-
- p12ecx = (sec_PKCS12EncoderContext*)arg;
- PK11_DigestOp(p12ecx->hmacCx, (unsigned char *)buf, len);
- sec_pkcs12_wrap_pkcs7_encoder_update(p12ecx->aSafeP7Ecx, buf, len,
- depth, data_kind);
-}
-
-/* this function encodes content infos which are part of the
- * sequence of content infos labeled AuthenticatedSafes
- */
-static SECStatus
-sec_pkcs12_encoder_asafe_process(sec_PKCS12EncoderContext *p12ecx)
-{
- SECStatus rv = SECSuccess;
- SEC_PKCS5KeyAndPassword keyPwd;
- SEC_PKCS7EncoderContext *p7ecx;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_ASN1EncoderContext *ecx = NULL;
-
- void *arg = NULL;
-
- if(p12ecx->currentSafe < p12ecx->p12exp->authSafe.safeCount) {
- SEC_PKCS12SafeInfo *safeInfo;
- SECOidTag cinfoType;
-
- safeInfo = p12ecx->p12exp->safeInfos[p12ecx->currentSafe];
-
- /* skip empty safes */
- if(safeInfo->itemCount == 0) {
- return SECSuccess;
- }
-
- cinfo = safeInfo->cinfo;
- cinfoType = SEC_PKCS7ContentType(cinfo);
-
- /* determine the safe type and set the appropriate argument */
- switch(cinfoType) {
- case SEC_OID_PKCS7_DATA:
- arg = NULL;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- keyPwd.pwitem = &safeInfo->pwitem;
- keyPwd.key = safeInfo->encryptionKey;
- arg = &keyPwd;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- arg = NULL;
- break;
- default:
- return SECFailure;
-
- }
-
- /* start the PKCS7 encoder */
- p7ecx = SEC_PKCS7EncoderStart(cinfo,
- sec_pkcs12_wrap_asn1_update_for_p7_update,
- p12ecx->aSafeEcx, (PK11SymKey *)arg);
- if(!p7ecx) {
- goto loser;
- }
-
- /* encode safe contents */
- ecx = SEC_ASN1EncoderStart(safeInfo->safe, sec_PKCS12SafeContentsTemplate,
- sec_pkcs12_wrap_pkcs7_encoder_update, p7ecx);
- if(!ecx) {
- goto loser;
- }
- rv = SEC_ASN1EncoderUpdate(ecx, NULL, 0);
- SEC_ASN1EncoderFinish(ecx);
- ecx = NULL;
- if(rv != SECSuccess) {
- goto loser;
- }
-
-
- /* finish up safe content info */
- rv = SEC_PKCS7EncoderFinish(p7ecx, p12ecx->p12exp->pwfn,
- p12ecx->p12exp->pwfnarg);
- }
-
- return SECSuccess;
-
-loser:
- if(p7ecx) {
- SEC_PKCS7EncoderFinish(p7ecx, p12ecx->p12exp->pwfn,
- p12ecx->p12exp->pwfnarg);
- }
-
- if(ecx) {
- SEC_ASN1EncoderFinish(ecx);
- }
-
- return SECFailure;
-}
-
-/* finish the HMAC and encode the macData so that it can be
- * encoded.
- */
-static SECStatus
-sec_pkcs12_update_mac(sec_PKCS12EncoderContext *p12ecx)
-{
- SECItem hmac = { siBuffer, NULL, 0 };
- SECStatus rv;
- SGNDigestInfo *di = NULL;
- void *dummy;
-
- if(!p12ecx) {
- return SECFailure;
- }
-
- /* make sure we are using password integrity mode */
- if(!p12ecx->p12exp->integrityEnabled) {
- return SECSuccess;
- }
-
- if(!p12ecx->p12exp->pwdIntegrity) {
- return SECSuccess;
- }
-
- /* finish the hmac */
- hmac.data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
- if(!hmac.data) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- rv = PK11_DigestFinal(p12ecx->hmacCx, hmac.data, &hmac.len, SHA1_LENGTH);
-
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* create the digest info */
- di = SGN_CreateDigestInfo(p12ecx->p12exp->integrityInfo.pwdInfo.algorithm,
- hmac.data, hmac.len);
- if(!di) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
-
- rv = SGN_CopyDigestInfo(p12ecx->arena, &p12ecx->mac.safeMac, di);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* encode the mac data */
- dummy = SEC_ASN1EncodeItem(p12ecx->arena, &p12ecx->pfx.encodedMacData,
- &p12ecx->mac, sec_PKCS12MacDataTemplate);
- if(!dummy) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- }
-
-loser:
- if(di) {
- SGN_DestroyDigestInfo(di);
- }
- if(hmac.data) {
- SECITEM_ZfreeItem(&hmac, PR_FALSE);
- }
- PK11_DestroyContext(p12ecx->hmacCx, PR_TRUE);
- p12ecx->hmacCx = NULL;
-
- return rv;
-}
-
-/* wraps the ASN1 encoder update for PKCS 7 encoder */
-static void
-sec_pkcs12_wrap_asn1_encoder_update(void *arg, const char *buf,
- unsigned long len)
-{
- SEC_ASN1EncoderContext *cx;
-
- cx = (SEC_ASN1EncoderContext*)arg;
- SEC_ASN1EncoderUpdate(cx, buf, len);
-}
-
-/* pfx notify function for ASN1 encoder. we want to stop encoding, once we reach
- * the authenticated safe. at that point, the encoder will be updated via streaming
- * as the authenticated safe is encoded.
- */
-static void
-sec_pkcs12_encoder_pfx_notify(void *arg, PRBool before, void *dest, int real_depth)
-{
- sec_PKCS12EncoderContext *p12ecx;
-
- if(!before) {
- return;
- }
-
- /* look for authenticated safe */
- p12ecx = (sec_PKCS12EncoderContext*)arg;
- if(dest != &p12ecx->pfx.encodedAuthSafe) {
- return;
- }
-
- SEC_ASN1EncoderSetTakeFromBuf(p12ecx->ecx);
- SEC_ASN1EncoderSetStreaming(p12ecx->ecx);
- SEC_ASN1EncoderClearNotifyProc(p12ecx->ecx);
-}
-
-/* SEC_PKCS12Encode
- * Encodes the PFX item and returns it to the output function, via
- * callback. the output function must be capable of multiple updates.
- *
- * p12exp - the export context
- * output - the output function callback, will be called more than once,
- * must be able to accept streaming data.
- * outputarg - argument for the output callback.
- */
-SECStatus
-SEC_PKCS12Encode(SEC_PKCS12ExportContext *p12exp,
- SEC_PKCS12EncoderOutputCallback output, void *outputarg)
-{
- sec_PKCS12EncoderContext *p12enc;
- struct sec_pkcs12_encoder_output outInfo;
- SECStatus rv;
-
- if(!p12exp || !output) {
- return SECFailure;
- }
-
- /* get the encoder context */
- p12enc = sec_pkcs12_encoder_start_context(p12exp);
- if(!p12enc) {
- return SECFailure;
- }
-
- outInfo.outputfn = output;
- outInfo.outputarg = outputarg;
-
- /* set up PFX encoder. Set it for streaming */
- p12enc->ecx = SEC_ASN1EncoderStart(&p12enc->pfx, sec_PKCS12PFXItemTemplate,
- sec_pkcs12_encoder_out,
- &outInfo);
- if(!p12enc->ecx) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
- SEC_ASN1EncoderSetStreaming(p12enc->ecx);
- SEC_ASN1EncoderSetNotifyProc(p12enc->ecx, sec_pkcs12_encoder_pfx_notify, p12enc);
- rv = SEC_ASN1EncoderUpdate(p12enc->ecx, NULL, 0);
- if(rv != SECSuccess) {
- rv = SECFailure;
- goto loser;
- }
-
- /* set up asafe cinfo - the output of the encoder feeds the PFX encoder */
- p12enc->aSafeP7Ecx = SEC_PKCS7EncoderStart(p12enc->aSafeCinfo,
- sec_pkcs12_wrap_asn1_encoder_update,
- p12enc->ecx, NULL);
- if(!p12enc->aSafeP7Ecx) {
- rv = SECFailure;
- goto loser;
- }
-
- /* encode asafe */
- if(p12enc->p12exp->integrityEnabled && p12enc->p12exp->pwdIntegrity) {
- p12enc->aSafeEcx = SEC_ASN1EncoderStart(&p12enc->p12exp->authSafe,
- sec_PKCS12AuthenticatedSafeTemplate,
- sec_pkcs12_asafe_update_hmac_and_encode_bits,
- p12enc);
- } else {
- p12enc->aSafeEcx = SEC_ASN1EncoderStart(&p12enc->p12exp->authSafe,
- sec_PKCS12AuthenticatedSafeTemplate,
- sec_pkcs12_wrap_pkcs7_encoder_update,
- p12enc->aSafeP7Ecx);
- }
- if(!p12enc->aSafeEcx) {
- rv = SECFailure;
- goto loser;
- }
- SEC_ASN1EncoderSetStreaming(p12enc->aSafeEcx);
- SEC_ASN1EncoderSetTakeFromBuf(p12enc->aSafeEcx);
-
- /* encode each of the safes */
- while(p12enc->currentSafe != p12enc->p12exp->safeInfoCount) {
- sec_pkcs12_encoder_asafe_process(p12enc);
- p12enc->currentSafe++;
- }
- SEC_ASN1EncoderClearTakeFromBuf(p12enc->aSafeEcx);
- SEC_ASN1EncoderClearStreaming(p12enc->aSafeEcx);
- SEC_ASN1EncoderUpdate(p12enc->aSafeEcx, NULL, 0);
- SEC_ASN1EncoderFinish(p12enc->aSafeEcx);
-
- /* finish the encoding of the authenticated safes */
- rv = SEC_PKCS7EncoderFinish(p12enc->aSafeP7Ecx, p12exp->pwfn,
- p12exp->pwfnarg);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- SEC_ASN1EncoderClearTakeFromBuf(p12enc->ecx);
- SEC_ASN1EncoderClearStreaming(p12enc->ecx);
-
- /* update the mac, if necessary */
- rv = sec_pkcs12_update_mac(p12enc);
- if(rv != SECSuccess) {
- goto loser;
- }
-
- /* finish encoding the pfx */
- rv = SEC_ASN1EncoderUpdate(p12enc->ecx, NULL, 0);
-
- SEC_ASN1EncoderFinish(p12enc->ecx);
-
-loser:
- return rv;
-}
-
-void
-SEC_PKCS12DestroyExportContext(SEC_PKCS12ExportContext *p12ecx)
-{
- int i = 0;
-
- if(!p12ecx) {
- return;
- }
-
- if(p12ecx->safeInfos) {
- i = 0;
- while(p12ecx->safeInfos[i] != NULL) {
- if(p12ecx->safeInfos[i]->encryptionKey) {
- PK11_FreeSymKey(p12ecx->safeInfos[i]->encryptionKey);
- }
- if(p12ecx->safeInfos[i]->cinfo) {
- SEC_PKCS7DestroyContentInfo(p12ecx->safeInfos[i]->cinfo);
- }
- i++;
- }
- }
-
- PORT_FreeArena(p12ecx->arena, PR_TRUE);
-}
-
-
-/*********************************
- * All-in-one routines for exporting certificates
- *********************************/
-struct inPlaceEncodeInfo {
- PRBool error;
- SECItem outItem;
-};
-
-static void
-sec_pkcs12_in_place_encoder_output(void *arg, const char *buf, unsigned long len)
-{
- struct inPlaceEncodeInfo *outInfo = (struct inPlaceEncodeInfo*)arg;
-
- if(!outInfo || !len || outInfo->error) {
- return;
- }
-
- if(!outInfo->outItem.data) {
- outInfo->outItem.data = (unsigned char*)PORT_ZAlloc(len);
- outInfo->outItem.len = 0;
- } else {
- if(!PORT_Realloc(&(outInfo->outItem.data), (outInfo->outItem.len + len))) {
- SECITEM_ZfreeItem(&(outInfo->outItem), PR_FALSE);
- outInfo->outItem.data = NULL;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- outInfo->error = PR_TRUE;
- return;
- }
- }
-
- PORT_Memcpy(&(outInfo->outItem.data[outInfo->outItem.len]), buf, len);
- outInfo->outItem.len += len;
-
- return;
-}
-
-/*
- * SEC_PKCS12ExportCertifcateAndKeyUsingPassword
- * Exports a certificate/key pair using password-based encryption and
- * authentication.
- *
- * pwfn, pwfnarg - password function and argument for the key database
- * cert - the certificate to export
- * certDb - certificate database
- * pwitem - the password to use
- * shroudKey - encrypt the key externally,
- * keyShroudAlg - encryption algorithm for key
- * encryptionAlg - the algorithm with which data is encrypted
- * integrityAlg - the algorithm for integrity
- */
-SECItem *
-SEC_PKCS12ExportCertificateAndKeyUsingPassword(
- SECKEYGetPasswordKey pwfn, void *pwfnarg,
- CERTCertificate *cert, PK11SlotInfo *slot,
- CERTCertDBHandle *certDb, SECItem *pwitem,
- PRBool shroudKey, SECOidTag shroudAlg,
- PRBool encryptCert, SECOidTag certEncAlg,
- SECOidTag integrityAlg, void *wincx)
-{
- struct inPlaceEncodeInfo outInfo;
- SEC_PKCS12ExportContext *p12ecx = NULL;
- SEC_PKCS12SafeInfo *keySafe, *certSafe;
- SECItem *returnItem = NULL;
-
- if(!cert || !pwitem || !slot) {
- return NULL;
- }
-
- outInfo.error = PR_FALSE;
- outInfo.outItem.data = NULL;
- outInfo.outItem.len = 0;
-
- p12ecx = SEC_PKCS12CreateExportContext(pwfn, pwfnarg, slot, wincx);
- if(!p12ecx) {
- return NULL;
- }
-
- /* set up cert safe */
- if(encryptCert) {
- certSafe = SEC_PKCS12CreatePasswordPrivSafe(p12ecx, pwitem, certEncAlg);
- } else {
- certSafe = SEC_PKCS12CreateUnencryptedSafe(p12ecx);
- }
- if(!certSafe) {
- goto loser;
- }
-
- /* set up key safe */
- if(shroudKey) {
- keySafe = SEC_PKCS12CreateUnencryptedSafe(p12ecx);
- } else {
- keySafe = certSafe;
- }
- if(!keySafe) {
- goto loser;
- }
-
- /* add integrity mode */
- if(SEC_PKCS12AddPasswordIntegrity(p12ecx, pwitem, integrityAlg)
- != SECSuccess) {
- goto loser;
- }
-
- /* add cert and key pair */
- if(SEC_PKCS12AddCertAndKey(p12ecx, certSafe, NULL, cert, certDb,
- keySafe, NULL, shroudKey, pwitem, shroudAlg)
- != SECSuccess) {
- goto loser;
- }
-
- /* encode the puppy */
- if(SEC_PKCS12Encode(p12ecx, sec_pkcs12_in_place_encoder_output, &outInfo)
- != SECSuccess) {
- goto loser;
- }
- if(outInfo.error) {
- goto loser;
- }
-
- SEC_PKCS12DestroyExportContext(p12ecx);
-
- returnItem = SECITEM_DupItem(&outInfo.outItem);
- SECITEM_ZfreeItem(&outInfo.outItem, PR_FALSE);
-
- return returnItem;
-
-loser:
- if(outInfo.outItem.data) {
- SECITEM_ZfreeItem(&(outInfo.outItem), PR_TRUE);
- }
-
- if(p12ecx) {
- SEC_PKCS12DestroyExportContext(p12ecx);
- }
-
- return NULL;
-}
-
-
diff --git a/security/nss/lib/pkcs12/p12exp.c b/security/nss/lib/pkcs12/p12exp.c
deleted file mode 100644
index 242d98288..000000000
--- a/security/nss/lib/pkcs12/p12exp.c
+++ /dev/null
@@ -1,1407 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "pkcs12.h"
-#include "p12local.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "secerr.h"
-#include "p12plcy.h"
-
-/* release the memory taken up by the list of nicknames */
-static void
-sec_pkcs12_destroy_nickname_list(SECItem **nicknames)
-{
- int i = 0;
-
- if(nicknames == NULL) {
- return;
- }
-
- while(nicknames[i] != NULL) {
- SECITEM_FreeItem(nicknames[i], PR_FALSE);
- i++;
- }
-
- PORT_Free(nicknames);
-}
-
-/* release the memory taken up by the list of certificates */
-static void
-sec_pkcs12_destroy_certificate_list(CERTCertificate **ref_certs)
-{
- int i = 0;
-
- if(ref_certs == NULL) {
- return;
- }
-
- while(ref_certs[i] != NULL) {
- CERT_DestroyCertificate(ref_certs[i]);
- i++;
- }
-}
-
-static void
-sec_pkcs12_destroy_cinfos_for_cert_bags(SEC_PKCS12CertAndCRLBag *certBag)
-{
- int j = 0;
- j = 0;
- while(certBag->certAndCRLs[j] != NULL) {
- SECOidTag certType = SECOID_FindOIDTag(&certBag->certAndCRLs[j]->BagID);
- if(certType == SEC_OID_PKCS12_X509_CERT_CRL_BAG) {
- SEC_PKCS12X509CertCRL *x509;
- x509 = certBag->certAndCRLs[j]->value.x509;
- SEC_PKCS7DestroyContentInfo(&x509->certOrCRL);
- }
- j++;
- }
-}
-
-/* destroy all content infos since they were not allocated in common
- * pool
- */
-static void
-sec_pkcs12_destroy_cert_content_infos(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- int i, j;
-
- if((safe != NULL) && (safe->contents != NULL)) {
- i = 0;
- while(safe->contents[i] != NULL) {
- SECOidTag bagType = SECOID_FindOIDTag(&safe->contents[i]->safeBagType);
- if(bagType == SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID) {
- SEC_PKCS12CertAndCRLBag *certBag;
- certBag = safe->contents[i]->safeContent.certAndCRLBag;
- sec_pkcs12_destroy_cinfos_for_cert_bags(certBag);
- }
- i++;
- }
- }
-
- if((baggage != NULL) && (baggage->bags != NULL)) {
- i = 0;
- while(baggage->bags[i] != NULL) {
- if(baggage->bags[i]->unencSecrets != NULL) {
- j = 0;
- while(baggage->bags[i]->unencSecrets[j] != NULL) {
- SECOidTag bagType;
- bagType = SECOID_FindOIDTag(&baggage->bags[i]->unencSecrets[j]->safeBagType);
- if(bagType == SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID) {
- SEC_PKCS12CertAndCRLBag *certBag;
- certBag = baggage->bags[i]->unencSecrets[j]->safeContent.certAndCRLBag;
- sec_pkcs12_destroy_cinfos_for_cert_bags(certBag);
- }
- j++;
- }
- }
- i++;
- }
- }
-}
-
-/* convert the nickname list from a NULL termincated Char list
- * to a NULL terminated SECItem list
- */
-static SECItem **
-sec_pkcs12_convert_nickname_list(char **nicknames)
-{
- SECItem **nicks;
- int i, j;
- PRBool error = PR_FALSE;
-
- if(nicknames == NULL) {
- return NULL;
- }
-
- i = j = 0;
- while(nicknames[i] != NULL) {
- i++;
- }
-
- /* allocate the space and copy the data */
- nicks = (SECItem **)PORT_ZAlloc(sizeof(SECItem *) * (i + 1));
- if(nicks != NULL) {
- for(j = 0; ((j < i) && (error == PR_FALSE)); j++) {
- nicks[j] = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(nicks[j] != NULL) {
- nicks[j]->data =
- (unsigned char *)PORT_ZAlloc(PORT_Strlen(nicknames[j])+1);
- if(nicks[j]->data != NULL) {
- nicks[j]->len = PORT_Strlen(nicknames[j]);
- PORT_Memcpy(nicks[j]->data, nicknames[j], nicks[j]->len);
- nicks[j]->data[nicks[j]->len] = 0;
- } else {
- error = PR_TRUE;
- }
- } else {
- error = PR_TRUE;
- }
- }
- }
-
- if(error == PR_TRUE) {
- for(i = 0; i < j; i++) {
- SECITEM_FreeItem(nicks[i], PR_TRUE);
- }
- PORT_Free(nicks);
- nicks = NULL;
- }
-
- return nicks;
-}
-
-/* package the certificate add_cert into PKCS12 structures,
- * retrieve the certificate chain for the cert and return
- * the packaged contents.
- * poolp -- common memory pool;
- * add_cert -- certificate to package up
- * nickname for the certificate
- * a return of NULL indicates an error
- */
-static SEC_PKCS12CertAndCRL *
-sec_pkcs12_get_cert(PRArenaPool *poolp,
- CERTCertificate *add_cert,
- SECItem *nickname)
-{
- SEC_PKCS12CertAndCRL *cert;
- SEC_PKCS7ContentInfo *cinfo;
- SGNDigestInfo *t_di;
- void *mark;
- SECStatus rv;
-
- if((poolp == NULL) || (add_cert == NULL) || (nickname == NULL)) {
- return NULL;
- }
- mark = PORT_ArenaMark(poolp);
-
- cert = sec_pkcs12_new_cert_crl(poolp, SEC_OID_PKCS12_X509_CERT_CRL_BAG);
- if(cert != NULL) {
-
- /* copy the nickname */
- rv = SECITEM_CopyItem(poolp, &cert->nickname, nickname);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- cert = NULL;
- } else {
-
- /* package the certificate and cert chain into a NULL signer
- * PKCS 7 SignedData content Info and prepare it for encoding
- * since we cannot use DER_ANY_TEMPLATE
- */
- cinfo = SEC_PKCS7CreateCertsOnly(add_cert, PR_TRUE, NULL);
- rv = SEC_PKCS7PrepareForEncode(cinfo, NULL, NULL, NULL);
-
- /* thumbprint the certificate */
- if((cinfo != NULL) && (rv == SECSuccess))
- {
- PORT_Memcpy(&cert->value.x509->certOrCRL, cinfo, sizeof(*cinfo));
- t_di = sec_pkcs12_compute_thumbprint(&add_cert->derCert);
- if(t_di != NULL)
- {
- /* test */
- rv = SGN_CopyDigestInfo(poolp, &cert->value.x509->thumbprint,
- t_di);
- if(rv != SECSuccess) {
- cert = NULL;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- SGN_DestroyDigestInfo(t_di);
- }
- else
- cert = NULL;
- }
- }
- }
-
- if (cert == NULL) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
-
- return cert;
-}
-
-/* package the private key associated with the certificate and
- * return the appropriate PKCS 12 structure
- * poolp common memory pool
- * nickname key nickname
- * cert -- cert to look up
- * wincx -- window handle
- * an error is indicated by a return of NULL
- */
-static SEC_PKCS12PrivateKey *
-sec_pkcs12_get_private_key(PRArenaPool *poolp,
- SECItem *nickname,
- CERTCertificate *cert,
- void *wincx)
-{
- SECKEYPrivateKeyInfo *pki;
- SEC_PKCS12PrivateKey *pk;
- SECStatus rv;
- void *mark;
-
- if((poolp == NULL) || (nickname == NULL)) {
- return NULL;
- }
-
- mark = PORT_ArenaMark(poolp);
-
- /* retrieve key from the data base */
- pki = PK11_ExportPrivateKeyInfo(nickname, cert, wincx);
- if(pki == NULL) {
- PORT_ArenaRelease(poolp, mark);
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
- return NULL;
- }
-
- pk = (SEC_PKCS12PrivateKey *)PORT_ArenaZAlloc(poolp,
- sizeof(SEC_PKCS12PrivateKey));
- if(pk != NULL) {
- rv = sec_pkcs12_init_pvk_data(poolp, &pk->pvkData);
-
- if(rv == SECSuccess) {
- /* copy the key into poolp memory space */
- rv = SECKEY_CopyPrivateKeyInfo(poolp, &pk->pkcs8data, pki);
- if(rv == SECSuccess) {
- rv = SECITEM_CopyItem(poolp, &pk->pvkData.nickname, nickname);
- }
- }
-
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- pk = NULL;
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- /* destroy private key, zeroing out data */
- SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE);
- if (pk == NULL) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
-
- return pk;
-}
-
-/* get a shrouded key item associated with a certificate
- * return the appropriate PKCS 12 structure
- * poolp common memory pool
- * nickname key nickname
- * cert -- cert to look up
- * wincx -- window handle
- * an error is indicated by a return of NULL
- */
-static SEC_PKCS12ESPVKItem *
-sec_pkcs12_get_shrouded_key(PRArenaPool *poolp,
- SECItem *nickname,
- CERTCertificate *cert,
- SECOidTag algorithm,
- SECItem *pwitem,
- PKCS12UnicodeConvertFunction unicodeFn,
- void *wincx)
-{
- SECKEYEncryptedPrivateKeyInfo *epki;
- SEC_PKCS12ESPVKItem *pk;
- void *mark;
- SECStatus rv;
- PK11SlotInfo *slot = NULL;
- PRBool swapUnicodeBytes = PR_FALSE;
-
-#ifdef IS_LITTLE_ENDIAN
- swapUnicodeBytes = PR_TRUE;
-#endif
-
- if((poolp == NULL) || (nickname == NULL))
- return NULL;
-
- mark = PORT_ArenaMark(poolp);
-
- /* use internal key slot */
- slot = PK11_GetInternalKeySlot();
-
- /* retrieve encrypted prviate key */
- epki = PK11_ExportEncryptedPrivateKeyInfo(slot, algorithm, pwitem,
- nickname, cert, 1, 0, NULL);
- PK11_FreeSlot(slot);
- if(epki == NULL) {
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
- /* create a private key and store the data into the poolp memory space */
- pk = sec_pkcs12_create_espvk(poolp, SEC_OID_PKCS12_PKCS8_KEY_SHROUDING);
- if(pk != NULL) {
- rv = sec_pkcs12_init_pvk_data(poolp, &pk->espvkData);
- rv = SECITEM_CopyItem(poolp, &pk->espvkData.nickname, nickname);
- pk->espvkCipherText.pkcs8KeyShroud =
- (SECKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(poolp,
- sizeof(SECKEYEncryptedPrivateKeyInfo));
- if((pk->espvkCipherText.pkcs8KeyShroud != NULL) && (rv == SECSuccess)) {
- rv = SECKEY_CopyEncryptedPrivateKeyInfo(poolp,
- pk->espvkCipherText.pkcs8KeyShroud, epki);
- if(rv == SECSuccess) {
- rv = (*unicodeFn)(poolp, &pk->espvkData.uniNickName, nickname,
- PR_TRUE, swapUnicodeBytes);
- }
- }
-
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- pk = NULL;
- }
- }
-
- SECKEY_DestroyEncryptedPrivateKeyInfo(epki, PR_TRUE);
- if(pk == NULL) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
-
- return pk;
-}
-
-/* add a thumbprint to a private key associated certs list
- * pvk is the area where the list is stored
- * thumb is the thumbprint to copy
- * a return of SECFailure indicates an error
- */
-static SECStatus
-sec_pkcs12_add_thumbprint(SEC_PKCS12PVKSupportingData *pvk,
- SGNDigestInfo *thumb)
-{
- SGNDigestInfo **thumb_list = NULL;
- int nthumbs, size;
- void *mark, *dummy;
- SECStatus rv = SECFailure;
-
- if((pvk == NULL) || (thumb == NULL)) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(pvk->poolp);
-
- thumb_list = pvk->assocCerts;
- nthumbs = pvk->nThumbs;
-
- /* allocate list space needed -- either growing or allocating
- * list must be NULL terminated
- */
- size = sizeof(SGNDigestInfo *);
- dummy = PORT_ArenaGrow(pvk->poolp, thumb_list, (size * (nthumbs + 1)),
- (size * (nthumbs + 2)));
- thumb_list = dummy;
- if(dummy != NULL) {
- thumb_list[nthumbs] = (SGNDigestInfo *)PORT_ArenaZAlloc(pvk->poolp,
- sizeof(SGNDigestInfo));
- if(thumb_list[nthumbs] != NULL) {
- SGN_CopyDigestInfo(pvk->poolp, thumb_list[nthumbs], thumb);
- nthumbs += 1;
- thumb_list[nthumbs] = 0;
- } else {
- dummy = NULL;
- }
- }
-
- if(dummy == NULL) {
- PORT_ArenaRelease(pvk->poolp, mark);
- return SECFailure;
- }
-
- pvk->assocCerts = thumb_list;
- pvk->nThumbs = nthumbs;
-
- PORT_ArenaUnmark(pvk->poolp, mark);
- return SECSuccess;
-}
-
-/* search the list of shrouded keys in the baggage for the desired
- * name. return a pointer to the item. a return of NULL indicates
- * that no match was present or that an error occurred.
- */
-static SEC_PKCS12ESPVKItem *
-sec_pkcs12_get_espvk_by_name(SEC_PKCS12Baggage *luggage,
- SECItem *name)
-{
- PRBool found = PR_FALSE;
- SEC_PKCS12ESPVKItem *espvk = NULL;
- int i, j;
- SECComparison rv = SECEqual;
- SECItem *t_name;
- SEC_PKCS12BaggageItem *bag;
-
- if((luggage == NULL) || (name == NULL)) {
- return NULL;
- }
-
- i = 0;
- while((found == PR_FALSE) && (i < luggage->luggage_size)) {
- j = 0;
- bag = luggage->bags[i];
- while((found == PR_FALSE) && (j < bag->nEspvks)) {
- espvk = bag->espvks[j];
- if(espvk->poolp == NULL) {
- espvk->poolp = luggage->poolp;
- }
- t_name = SECITEM_DupItem(&espvk->espvkData.nickname);
- if(t_name != NULL) {
- rv = SECITEM_CompareItem(name, t_name);
- if(rv == SECEqual) {
- found = PR_TRUE;
- }
- SECITEM_FreeItem(t_name, PR_TRUE);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- j++;
- }
- i++;
- }
-
- if(found != PR_TRUE) {
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME);
- return NULL;
- }
-
- return espvk;
-}
-
-/* locates a certificate and copies the thumbprint to the
- * appropriate private key
- */
-static SECStatus
-sec_pkcs12_propagate_thumbprints(SECItem **nicknames,
- CERTCertificate **ref_certs,
- SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage)
-{
- SEC_PKCS12CertAndCRL *cert;
- SEC_PKCS12PrivateKey *key;
- SEC_PKCS12ESPVKItem *espvk;
- int i;
- PRBool error = PR_FALSE;
- SECStatus rv = SECFailure;
-
- if((nicknames == NULL) || (safe == NULL)) {
- return SECFailure;
- }
-
- i = 0;
- while((nicknames[i] != NULL) && (error == PR_FALSE)) {
- /* process all certs */
- cert = (SEC_PKCS12CertAndCRL *)sec_pkcs12_find_object(safe, baggage,
- SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID,
- nicknames[i], NULL);
- if(cert != NULL) {
- /* locate key and copy thumbprint */
- key = (SEC_PKCS12PrivateKey *)sec_pkcs12_find_object(safe, baggage,
- SEC_OID_PKCS12_KEY_BAG_ID,
- nicknames[i], NULL);
- if(key != NULL) {
- key->pvkData.poolp = key->poolp;
- rv = sec_pkcs12_add_thumbprint(&key->pvkData,
- &cert->value.x509->thumbprint);
- if(rv == SECFailure)
- error = PR_TRUE; /* XXX Set error? */
- }
-
- /* look in the baggage as well...*/
- if((baggage != NULL) && (error == PR_FALSE)) {
- espvk = sec_pkcs12_get_espvk_by_name(baggage, nicknames[i]);
- if(espvk != NULL) {
- espvk->espvkData.poolp = espvk->poolp;
- rv = sec_pkcs12_add_thumbprint(&espvk->espvkData,
- &cert->value.x509->thumbprint);
- if(rv == SECFailure)
- error = PR_TRUE; /* XXX Set error? */
- }
- }
- }
- i++;
- }
-
- if(error == PR_TRUE) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/* append a safe bag to the end of the safe contents list */
-SECStatus
-sec_pkcs12_append_safe_bag(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12SafeBag *bag)
-{
- int size;
- void *mark = NULL, *dummy = NULL;
-
- if((bag == NULL) || (safe == NULL))
- return SECFailure;
-
- mark = PORT_ArenaMark(safe->poolp);
-
- size = (safe->safe_size * sizeof(SEC_PKCS12SafeBag *));
-
- if(safe->safe_size > 0) {
- dummy = (SEC_PKCS12SafeBag **)PORT_ArenaGrow(safe->poolp,
- safe->contents,
- size,
- (size + sizeof(SEC_PKCS12SafeBag *)));
- safe->contents = dummy;
- } else {
- safe->contents = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc(safe->poolp,
- (2 * sizeof(SEC_PKCS12SafeBag *)));
- dummy = safe->contents;
- }
-
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- safe->contents[safe->safe_size] = bag;
- safe->safe_size++;
- safe->contents[safe->safe_size] = NULL;
-
- PORT_ArenaUnmark(safe->poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(safe->poolp, mark);
- return SECFailure;
-}
-
-/* append a certificate onto the end of a cert bag */
-static SECStatus
-sec_pkcs12_append_cert_to_bag(PRArenaPool *arena,
- SEC_PKCS12SafeBag *safebag,
- CERTCertificate *cert,
- SECItem *nickname)
-{
- int size;
- void *dummy = NULL, *mark = NULL;
- SEC_PKCS12CertAndCRL *p12cert;
- SEC_PKCS12CertAndCRLBag *bag;
-
- if((arena == NULL) || (safebag == NULL) ||
- (cert == NULL) || (nickname == NULL)) {
- return SECFailure;
- }
-
- bag = safebag->safeContent.certAndCRLBag;
- if(bag == NULL) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(arena);
-
- p12cert = sec_pkcs12_get_cert(arena, cert, nickname);
- if(p12cert == NULL) {
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
- }
-
- size = bag->bag_size * sizeof(SEC_PKCS12CertAndCRL *);
- if(bag->bag_size > 0) {
- dummy = (SEC_PKCS12CertAndCRL **)PORT_ArenaGrow(bag->poolp,
- bag->certAndCRLs, size, size + sizeof(SEC_PKCS12CertAndCRL *));
- bag->certAndCRLs = dummy;
- } else {
- bag->certAndCRLs = (SEC_PKCS12CertAndCRL **)PORT_ArenaZAlloc(bag->poolp,
- (2 * sizeof(SEC_PKCS12CertAndCRL *)));
- dummy = bag->certAndCRLs;
- }
-
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- bag->certAndCRLs[bag->bag_size] = p12cert;
- bag->bag_size++;
- bag->certAndCRLs[bag->bag_size] = NULL;
-
- PORT_ArenaUnmark(bag->poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
-}
-
-/* append a key onto the end of a list of keys in a key bag */
-SECStatus
-sec_pkcs12_append_key_to_bag(SEC_PKCS12SafeBag *safebag,
- SEC_PKCS12PrivateKey *pk)
-{
- void *mark, *dummy;
- SEC_PKCS12PrivateKeyBag *bag;
- int size;
-
- if((safebag == NULL) || (pk == NULL))
- return SECFailure;
-
- bag = safebag->safeContent.keyBag;
- if(bag == NULL) {
- return SECFailure;
- }
-
- mark = PORT_ArenaMark(bag->poolp);
-
- size = (bag->bag_size * sizeof(SEC_PKCS12PrivateKey *));
-
- if(bag->bag_size > 0) {
- dummy = (SEC_PKCS12PrivateKey **)PORT_ArenaGrow(bag->poolp,
- bag->privateKeys,
- size,
- size + sizeof(SEC_PKCS12PrivateKey *));
- bag->privateKeys = dummy;
- } else {
- bag->privateKeys = (SEC_PKCS12PrivateKey **)PORT_ArenaZAlloc(bag->poolp,
- (2 * sizeof(SEC_PKCS12PrivateKey *)));
- dummy = bag->privateKeys;
- }
-
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- bag->privateKeys[bag->bag_size] = pk;
- bag->bag_size++;
- bag->privateKeys[bag->bag_size] = NULL;
-
- PORT_ArenaUnmark(bag->poolp, mark);
- return SECSuccess;
-
-loser:
- /* XXX Free memory? */
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
-}
-
-/* append a safe bag to the baggage area */
-static SECStatus
-sec_pkcs12_append_unshrouded_bag(SEC_PKCS12BaggageItem *bag,
- SEC_PKCS12SafeBag *u_bag)
-{
- int size;
- void *mark = NULL, *dummy = NULL;
-
- if((bag == NULL) || (u_bag == NULL))
- return SECFailure;
-
- mark = PORT_ArenaMark(bag->poolp);
-
- /* dump things into the first bag */
- size = (bag->nSecrets + 1) * sizeof(SEC_PKCS12SafeBag *);
- dummy = PORT_ArenaGrow(bag->poolp,
- bag->unencSecrets, size,
- size + sizeof(SEC_PKCS12SafeBag *));
- bag->unencSecrets = dummy;
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- bag->unencSecrets[bag->nSecrets] = u_bag;
- bag->nSecrets++;
- bag->unencSecrets[bag->nSecrets] = NULL;
-
- PORT_ArenaUnmark(bag->poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
-}
-
-/* gather up all certificates and keys and package them up
- * in the safe, baggage, or both.
- * nicknames is the list of nicknames and corresponding certs in ref_certs
- * ref_certs a null terminated list of certificates
- * rSafe, rBaggage -- return areas for safe and baggage
- * shroud_keys -- store keys externally
- * pwitem -- password for computing integrity mac and encrypting contents
- * wincx -- window handle
- *
- * if a failure occurs, an error is set and SECFailure returned.
- */
-static SECStatus
-sec_pkcs12_package_certs_and_keys(SECItem **nicknames,
- CERTCertificate **ref_certs,
- PRBool unencryptedCerts,
- SEC_PKCS12SafeContents **rSafe,
- SEC_PKCS12Baggage **rBaggage,
- PRBool shroud_keys,
- SECOidTag shroud_alg,
- SECItem *pwitem,
- PKCS12UnicodeConvertFunction unicodeFn,
- void *wincx)
-{
- PRArenaPool *permArena;
- SEC_PKCS12SafeContents *safe = NULL;
- SEC_PKCS12Baggage *baggage = NULL;
-
- SECStatus rv = SECFailure;
- PRBool problem = PR_FALSE;
-
- SEC_PKCS12ESPVKItem *espvk = NULL;
- SEC_PKCS12PrivateKey *pk = NULL;
- CERTCertificate *add_cert = NULL;
- SEC_PKCS12SafeBag *certbag = NULL, *keybag = NULL;
- SEC_PKCS12BaggageItem *external_bag = NULL;
- int ncerts = 0, nkeys = 0;
- int i;
-
- if((nicknames == NULL) || (rSafe == NULL) || (rBaggage == NULL)) {
- return SECFailure;
- }
-
- *rBaggage = baggage;
- *rSafe = safe;
-
- permArena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(permArena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* allocate structures */
- safe = sec_pkcs12_create_safe_contents(permArena);
- if(safe == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
-
- certbag = sec_pkcs12_create_safe_bag(permArena,
- SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID);
- if(certbag == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- if(shroud_keys != PR_TRUE) {
- keybag = sec_pkcs12_create_safe_bag(permArena,
- SEC_OID_PKCS12_KEY_BAG_ID);
- if(keybag == NULL) {
- rv = SECFailure;
- goto loser;
- }
- }
-
- if((shroud_keys == PR_TRUE) || (unencryptedCerts == PR_TRUE)) {
- baggage = sec_pkcs12_create_baggage(permArena);
- if(baggage == NULL) {
- rv = SECFailure;
- goto loser;
- }
- external_bag = sec_pkcs12_create_external_bag(baggage);
- }
-
- /* package keys and certs */
- i = 0;
- while((nicknames[i] != NULL) && (problem == PR_FALSE)) {
- if(ref_certs[i] != NULL) {
- /* append cert to bag o certs */
- rv = sec_pkcs12_append_cert_to_bag(permArena, certbag,
- ref_certs[i],
- nicknames[i]);
- if(rv == SECFailure) {
- problem = PR_FALSE;
- } else {
- ncerts++;
- }
-
- if(rv == SECSuccess) {
- /* package up them keys */
- if(shroud_keys == PR_TRUE) {
- espvk = sec_pkcs12_get_shrouded_key(permArena,
- nicknames[i],
- ref_certs[i],
- shroud_alg,
- pwitem, unicodeFn,
- wincx);
- if(espvk != NULL) {
- rv = sec_pkcs12_append_shrouded_key(external_bag, espvk);
- SECITEM_CopyItem(permArena, &espvk->derCert,
- &ref_certs[i]->derCert);
- } else {
- rv = SECFailure;
- }
- } else {
- pk = sec_pkcs12_get_private_key(permArena, nicknames[i],
- ref_certs[i], wincx);
- if(pk != NULL) {
- rv = sec_pkcs12_append_key_to_bag(keybag, pk);
- SECITEM_CopyItem(permArena, &espvk->derCert,
- &ref_certs[i]->derCert);
- } else {
- rv = SECFailure;
- }
- }
-
- if(rv == SECFailure) {
- problem = PR_TRUE;
- } else {
- nkeys++;
- }
- }
- } else {
- /* handle only keys here ? */
- problem = PR_TRUE;
- }
- i++;
- }
-
- /* let success fall through */
-loser:
- if(problem == PR_FALSE) {
- /* if we have certs, we want to append the cert bag to the
- * appropriate area
- */
- if(ncerts > 0) {
- if(unencryptedCerts != PR_TRUE) {
- rv = sec_pkcs12_append_safe_bag(safe, certbag);
- } else {
- rv = sec_pkcs12_append_unshrouded_bag(external_bag, certbag);
- }
- } else {
- rv = SECSuccess;
- }
-
- /* append key bag, if they are stored in safe contents */
- if((rv == SECSuccess) && (shroud_keys == PR_FALSE) && (nkeys > 0)) {
- rv = sec_pkcs12_append_safe_bag(safe, keybag);
- }
- } else {
- rv = SECFailure;
- }
-
- /* if baggage not used, NULLify it */
- if((shroud_keys == PR_TRUE) || (unencryptedCerts == PR_TRUE)) {
- if(((unencryptedCerts == PR_TRUE) && (ncerts == 0)) &&
- ((shroud_keys == PR_TRUE) && (nkeys == 0)))
- baggage = NULL;
- } else {
- baggage = NULL;
- }
-
- if((problem == PR_TRUE) || (rv == SECFailure)) {
- PORT_FreeArena(permArena, PR_TRUE);
- rv = SECFailure;
- baggage = NULL;
- safe = NULL;
- }
-
- *rBaggage = baggage;
- *rSafe = safe;
-
- return rv;
-}
-
-/* DER encode the safe contents and return a SECItem. if an error
- * occurs, NULL is returned.
- */
-static SECItem *
-sec_pkcs12_encode_safe_contents(SEC_PKCS12SafeContents *safe)
-{
- SECItem *dsafe = NULL, *tsafe;
- void *dummy = NULL;
- PRArenaPool *arena;
-
- if(safe == NULL) {
- return NULL;
- }
-
-/* rv = sec_pkcs12_prepare_for_der_code_safe(safe, PR_TRUE);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }*/
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(arena == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- tsafe = (SECItem *)PORT_ArenaZAlloc(arena, sizeof(SECItem));
- if(tsafe != NULL) {
- dummy = SEC_ASN1EncodeItem(arena, tsafe, safe,
- SEC_PKCS12SafeContentsTemplate);
- if(dummy != NULL) {
- dsafe = SECITEM_DupItem(tsafe);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena(arena, PR_TRUE);
-
- return dsafe;
-}
-
-/* prepare the authenicated safe for encoding and encode it.
- * baggage is copied to the appropriate area, safe is encoded and
- * encrypted. the version and transport mode are set on the asafe.
- * the whole ball of wax is then der encoded and packaged up into
- * data content info
- * safe -- container of certs and keys, is encrypted.
- * baggage -- container of certs and keys, keys assumed to be encrypted by
- * another method, certs are in the clear
- * algorithm -- algorithm by which to encrypt safe
- * pwitem -- password for encryption
- * wincx - window handle
- *
- * return of NULL is an error condition.
- */
-static SEC_PKCS7ContentInfo *
-sec_pkcs12_get_auth_safe(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage,
- SECOidTag algorithm,
- SECItem *pwitem,
- PKCS12UnicodeConvertFunction unicodeFn,
- void *wincx)
-{
- SECItem *src = NULL, *dest = NULL, *psalt = NULL;
- PRArenaPool *poolp;
- SEC_PKCS12AuthenticatedSafe *asafe;
- SEC_PKCS7ContentInfo *safe_cinfo = NULL;
- SEC_PKCS7ContentInfo *asafe_cinfo = NULL;
- void *dummy;
- SECStatus rv = SECSuccess;
- PRBool swapUnicodeBytes = PR_FALSE;
-
-#ifdef IS_LITTLE_ENDIAN
- swapUnicodeBytes = PR_TRUE;
-#endif
-
- if(((safe != NULL) && (pwitem == NULL)) && (baggage == NULL))
- return NULL;
-
- poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(poolp == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /* prepare authenticated safe for encode */
- asafe = sec_pkcs12_new_asafe(poolp);
- if(asafe != NULL) {
-
- /* set version */
- dummy = SEC_ASN1EncodeInteger(asafe->poolp, &asafe->version,
- SEC_PKCS12_PFX_VERSION);
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
-
- /* generate the privacy salt used to create virtual pwd */
- psalt = sec_pkcs12_generate_salt();
- if(psalt != NULL) {
- rv = SECITEM_CopyItem(asafe->poolp, &asafe->privacySalt,
- psalt);
- if(rv == SECSuccess) {
- asafe->privacySalt.len *= 8;
- }
- else {
- SECITEM_ZfreeItem(psalt, PR_TRUE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- }
-
- if((psalt == NULL) || (rv == SECFailure)) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- goto loser;
- }
-
- /* package up safe contents */
- if(safe != NULL)
- {
- safe_cinfo = SEC_PKCS7CreateEncryptedData(algorithm, NULL, wincx);
- if((safe_cinfo != NULL) && (safe->safe_size > 0)) {
- /* encode the safe and encrypt the contents of the
- * content info
- */
- src = sec_pkcs12_encode_safe_contents(safe);
-
- if(src != NULL) {
- rv = SEC_PKCS7SetContent(safe_cinfo, (char *)src->data, src->len);
- SECITEM_ZfreeItem(src, PR_TRUE);
- if(rv == SECSuccess) {
- SECItem *vpwd;
- vpwd = sec_pkcs12_create_virtual_password(pwitem, psalt,
- unicodeFn, swapUnicodeBytes);
- if(vpwd != NULL) {
- rv = SEC_PKCS7EncryptContents(NULL, safe_cinfo,
- vpwd, wincx);
- SECITEM_ZfreeItem(vpwd, PR_TRUE);
- } else {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- rv = SECFailure;
- }
- } else if(safe->safe_size > 0) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- } else {
- /* case where there is NULL content in the safe contents */
- rv = SEC_PKCS7SetContent(safe_cinfo, NULL, 0);
- if(rv != SECFailure) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- }
-
- if(rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo(safe_cinfo);
- safe_cinfo = NULL;
- goto loser;
- }
-
- asafe->safe = safe_cinfo;
- /*
- PORT_Memcpy(&asafe->safe, safe_cinfo, sizeof(*safe_cinfo));
- */
- }
-
- /* copy the baggage to the authenticated safe baggage if present */
- if(baggage != NULL) {
- PORT_Memcpy(&asafe->baggage, baggage, sizeof(*baggage));
- }
-
- /* encode authenticated safe and store it in a Data content info */
- dest = (SECItem *)PORT_ArenaZAlloc(poolp, sizeof(SECItem));
- if(dest != NULL) {
- dummy = SEC_ASN1EncodeItem(poolp, dest, asafe,
- SEC_PKCS12AuthenticatedSafeTemplate);
- if(dummy != NULL) {
- asafe_cinfo = SEC_PKCS7CreateData();
- if(asafe_cinfo != NULL) {
- rv = SEC_PKCS7SetContent(asafe_cinfo,
- (char *)dest->data,
- dest->len);
- if(rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- SEC_PKCS7DestroyContentInfo(asafe_cinfo);
- asafe_cinfo = NULL;
- }
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- }
- }
- }
-
-loser:
- PORT_FreeArena(poolp, PR_TRUE);
- if(safe_cinfo != NULL) {
- SEC_PKCS7DestroyContentInfo(safe_cinfo);
- }
- if(psalt != NULL) {
- SECITEM_ZfreeItem(psalt, PR_TRUE);
- }
-
- if(rv == SECFailure) {
- return NULL;
- }
-
- return asafe_cinfo;
-}
-
-/* generates the PFX and computes the mac on the authenticated safe
- * NULL implies an error
- */
-static SEC_PKCS12PFXItem *
-sec_pkcs12_get_pfx(SEC_PKCS7ContentInfo *cinfo,
- PRBool do_mac,
- SECItem *pwitem, PKCS12UnicodeConvertFunction unicodeFn)
-{
- SECItem *dest = NULL, *mac = NULL, *salt = NULL, *key = NULL;
- SEC_PKCS12PFXItem *pfx;
- SECStatus rv = SECFailure;
- SGNDigestInfo *di;
- SECItem *vpwd;
- PRBool swapUnicodeBytes = PR_FALSE;
-
-#ifdef IS_LITTLE_ENDIAN
- swapUnicodeBytes = PR_TRUE;
-#endif
-
- if((cinfo == NULL) || ((do_mac == PR_TRUE) && (pwitem == NULL))) {
- return NULL;
- }
-
- /* allocate new pfx structure */
- pfx = sec_pkcs12_new_pfx();
- if(pfx == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- PORT_Memcpy(&pfx->authSafe, cinfo, sizeof(*cinfo));
- if(do_mac == PR_TRUE) {
-
- /* salt for computing mac */
- salt = sec_pkcs12_generate_salt();
- if(salt != NULL) {
- rv = SECITEM_CopyItem(pfx->poolp, &pfx->macData.macSalt, salt);
- pfx->macData.macSalt.len *= 8;
-
- vpwd = sec_pkcs12_create_virtual_password(pwitem, salt,
- unicodeFn, swapUnicodeBytes);
- if(vpwd == NULL) {
- rv = SECFailure;
- key = NULL;
- } else {
- key = sec_pkcs12_generate_key_from_password(SEC_OID_SHA1,
- salt, vpwd);
- SECITEM_ZfreeItem(vpwd, PR_TRUE);
- }
-
- if((key != NULL) && (rv == SECSuccess)) {
- dest = SEC_PKCS7GetContent(cinfo);
- if(dest != NULL) {
-
- /* compute mac on data -- for password integrity mode */
- mac = sec_pkcs12_generate_mac(key, dest, PR_FALSE);
- if(mac != NULL) {
- di = SGN_CreateDigestInfo(SEC_OID_SHA1,
- mac->data, mac->len);
- if(di != NULL) {
- rv = SGN_CopyDigestInfo(pfx->poolp,
- &pfx->macData.safeMac, di);
- SGN_DestroyDigestInfo(di);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- SECITEM_ZfreeItem(mac, PR_TRUE);
- }
- } else {
- rv = SECFailure;
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- rv = SECFailure;
- }
-
- if(key != NULL) {
- SECITEM_ZfreeItem(key, PR_TRUE);
- }
- SECITEM_ZfreeItem(salt, PR_TRUE);
- }
- }
-
- if(rv == SECFailure) {
- SEC_PKCS12DestroyPFX(pfx);
- pfx = NULL;
- }
-
- return pfx;
-}
-
-/* der encode the pfx */
-static SECItem *
-sec_pkcs12_encode_pfx(SEC_PKCS12PFXItem *pfx)
-{
- SECItem *dest;
- void *dummy;
-
- if(pfx == NULL) {
- return NULL;
- }
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- dummy = SEC_ASN1EncodeItem(NULL, dest, pfx, SEC_PKCS12PFXItemTemplate);
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- SECITEM_ZfreeItem(dest, PR_TRUE);
- dest = NULL;
- }
-
- return dest;
-}
-
-SECItem *
-SEC_PKCS12GetPFX(char **nicknames,
- CERTCertificate **ref_certs,
- PRBool shroud_keys,
- SEC_PKCS5GetPBEPassword pbef,
- void *pbearg,
- PKCS12UnicodeConvertFunction unicodeFn,
- void *wincx)
-{
- SECItem **nicks = NULL;
- SEC_PKCS12PFXItem *pfx = NULL;
- SEC_PKCS12Baggage *baggage = NULL;
- SEC_PKCS12SafeContents *safe = NULL;
- SEC_PKCS7ContentInfo *cinfo = NULL;
- SECStatus rv = SECFailure;
- SECItem *dest = NULL, *pwitem = NULL;
- PRBool problem = PR_FALSE;
- PRBool unencryptedCerts;
- SECOidTag shroud_alg, safe_alg;
-
- /* how should we encrypt certs ? */
- unencryptedCerts = !SEC_PKCS12IsEncryptionAllowed();
- if(!unencryptedCerts) {
- safe_alg = SEC_PKCS12GetPreferredEncryptionAlgorithm();
- if(safe_alg == SEC_OID_UNKNOWN) {
- safe_alg = SEC_PKCS12GetStrongestAllowedAlgorithm();
- }
- if(safe_alg == SEC_OID_UNKNOWN) {
- unencryptedCerts = PR_TRUE;
- /* for export where no encryption is allowed, we still need
- * to encrypt the NULL contents per the spec. encrypted info
- * is known plaintext, so it shouldn't be a problem.
- */
- safe_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
- }
- } else {
- /* for export where no encryption is allowed, we still need
- * to encrypt the NULL contents per the spec. encrypted info
- * is known plaintext, so it shouldn't be a problem.
- */
- safe_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
- }
-
- /* keys are always stored with triple DES */
- shroud_alg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC;
-
- /* check for FIPS, if so, do not encrypt certs */
- if(PK11_IsFIPS() && !unencryptedCerts) {
- unencryptedCerts = PR_TRUE;
- }
-
- if((nicknames == NULL) || (pbef == NULL) || (ref_certs == NULL)) {
- problem = PR_TRUE;
- goto loser;
- }
-
-
- /* get password */
- pwitem = (*pbef)(pbearg);
- if(pwitem == NULL) {
- problem = PR_TRUE;
- goto loser;
- }
- nicks = sec_pkcs12_convert_nickname_list(nicknames);
-
- /* get safe and baggage */
- rv = sec_pkcs12_package_certs_and_keys(nicks, ref_certs, unencryptedCerts,
- &safe, &baggage, shroud_keys,
- shroud_alg, pwitem, unicodeFn, wincx);
- if(rv == SECFailure) {
- problem = PR_TRUE;
- }
-
- if((safe != NULL) && (problem == PR_FALSE)) {
- /* copy thumbprints */
- rv = sec_pkcs12_propagate_thumbprints(nicks, ref_certs, safe, baggage);
-
- /* package everything up into AuthenticatedSafe */
- cinfo = sec_pkcs12_get_auth_safe(safe, baggage,
- safe_alg, pwitem, unicodeFn, wincx);
-
- sec_pkcs12_destroy_cert_content_infos(safe, baggage);
-
- /* get the pfx and mac it */
- if(cinfo != NULL) {
- pfx = sec_pkcs12_get_pfx(cinfo, PR_TRUE, pwitem, unicodeFn);
- if(pfx != NULL) {
- dest = sec_pkcs12_encode_pfx(pfx);
- SEC_PKCS12DestroyPFX(pfx);
- }
- SEC_PKCS7DestroyContentInfo(cinfo);
- }
-
- if(safe != NULL) {
- PORT_FreeArena(safe->poolp, PR_TRUE);
- }
- } else {
- if(safe != NULL) {
- PORT_FreeArena(safe->poolp, PR_TRUE);
- }
- }
-
-loser:
- if(nicks != NULL) {
- sec_pkcs12_destroy_nickname_list(nicks);
- }
-
- if(ref_certs != NULL) {
- sec_pkcs12_destroy_certificate_list(ref_certs);
- }
-
- if(pwitem != NULL) {
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- }
-
- if(problem == PR_TRUE) {
- dest = NULL;
- }
-
- return dest;
-}
diff --git a/security/nss/lib/pkcs12/p12local.c b/security/nss/lib/pkcs12/p12local.c
deleted file mode 100644
index ec7e4a76a..000000000
--- a/security/nss/lib/pkcs12/p12local.c
+++ /dev/null
@@ -1,1363 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "pkcs12.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "seccomon.h"
-#include "secoid.h"
-#include "sechash.h"
-#include "secitem.h"
-#include "secerr.h"
-#include "pk11func.h"
-#include "p12local.h"
-#include "alghmac.h"
-#include "p12.h"
-
-#define SALT_LENGTH 16
-
-SEC_ASN1_MKSUB(SECKEY_PrivateKeyInfoTemplate)
-SEC_ASN1_MKSUB(sgn_DigestInfoTemplate)
-
-CK_MECHANISM_TYPE
-sec_pkcs12_algtag_to_mech(SECOidTag algtag)
-{
- switch (algtag) {
- case SEC_OID_MD2:
- return CKM_MD2_HMAC;
- case SEC_OID_MD5:
- return CKM_MD5_HMAC;
- case SEC_OID_SHA1:
- return CKM_SHA_1_HMAC;
- default:
- break;
- }
- return CKM_INVALID_MECHANISM;
-}
-
-/* helper functions */
-/* returns proper bag type template based upon object type tag */
-const SEC_ASN1Template *
-sec_pkcs12_choose_bag_type_old(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12SafeBag *safebag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- safebag = (SEC_PKCS12SafeBag*)src_or_dest;
-
- oiddata = safebag->safeBagTypeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&safebag->safeBagType);
- safebag->safeBagTypeTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS12_KEY_BAG_ID:
- theTemplate = SEC_PointerToPKCS12KeyBagTemplate;
- break;
- case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
- theTemplate = SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD;
- break;
- case SEC_OID_PKCS12_SECRET_BAG_ID:
- theTemplate = SEC_PointerToPKCS12SecretBagTemplate;
- break;
- }
- return theTemplate;
-}
-
-const SEC_ASN1Template *
-sec_pkcs12_choose_bag_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12SafeBag *safebag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- safebag = (SEC_PKCS12SafeBag*)src_or_dest;
-
- oiddata = safebag->safeBagTypeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&safebag->safeBagType);
- safebag->safeBagTypeTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS12_KEY_BAG_ID:
- theTemplate = SEC_PKCS12PrivateKeyBagTemplate;
- break;
- case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
- theTemplate = SEC_PKCS12CertAndCRLBagTemplate;
- break;
- case SEC_OID_PKCS12_SECRET_BAG_ID:
- theTemplate = SEC_PKCS12SecretBagTemplate;
- break;
- }
- return theTemplate;
-}
-
-/* returns proper cert crl template based upon type tag */
-const SEC_ASN1Template *
-sec_pkcs12_choose_cert_crl_type_old(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12CertAndCRL *certbag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- certbag = (SEC_PKCS12CertAndCRL*)src_or_dest;
- oiddata = certbag->BagTypeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&certbag->BagID);
- certbag->BagTypeTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS12_X509_CERT_CRL_BAG:
- theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate_OLD;
- break;
- case SEC_OID_PKCS12_SDSI_CERT_BAG:
- theTemplate = SEC_PointerToPKCS12SDSICertTemplate;
- break;
- }
- return theTemplate;
-}
-
-const SEC_ASN1Template *
-sec_pkcs12_choose_cert_crl_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12CertAndCRL *certbag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- certbag = (SEC_PKCS12CertAndCRL*)src_or_dest;
- oiddata = certbag->BagTypeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&certbag->BagID);
- certbag->BagTypeTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS12_X509_CERT_CRL_BAG:
- theTemplate = SEC_PointerToPKCS12X509CertCRLTemplate;
- break;
- case SEC_OID_PKCS12_SDSI_CERT_BAG:
- theTemplate = SEC_PointerToPKCS12SDSICertTemplate;
- break;
- }
- return theTemplate;
-}
-
-/* returns appropriate shroud template based on object type tag */
-const SEC_ASN1Template *
-sec_pkcs12_choose_shroud_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS12ESPVKItem *espvk;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- espvk = (SEC_PKCS12ESPVKItem*)src_or_dest;
- oiddata = espvk->espvkTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&espvk->espvkOID);
- espvk->espvkTag = oiddata;
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS12_PKCS8_KEY_SHROUDING:
- theTemplate =
- SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate);
- break;
- }
- return theTemplate;
-}
-
-/* generate SALT placing it into the character array passed in.
- * it is assumed that salt_dest is an array of appropriate size
- * XXX We might want to generate our own random context
- */
-SECItem *
-sec_pkcs12_generate_salt(void)
-{
- SECItem *salt;
-
- salt = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(salt == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
- salt->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- SALT_LENGTH);
- salt->len = SALT_LENGTH;
- if(salt->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- SECITEM_ZfreeItem(salt, PR_TRUE);
- return NULL;
- }
-
- PK11_GenerateRandom(salt->data, salt->len);
-
- return salt;
-}
-
-/* generate KEYS -- as per PKCS12 section 7.
- * only used for MAC
- */
-SECItem *
-sec_pkcs12_generate_key_from_password(SECOidTag algorithm,
- SECItem *salt,
- SECItem *password)
-{
- unsigned char *pre_hash=NULL;
- unsigned char *hash_dest=NULL;
- SECStatus res;
- PRArenaPool *poolp;
- SECItem *key = NULL;
- int key_len = 0;
-
- if((salt == NULL) || (password == NULL)) {
- return NULL;
- }
-
- poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(poolp == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- pre_hash = (unsigned char *)PORT_ArenaZAlloc(poolp, sizeof(char) *
- (salt->len+password->len));
- if(pre_hash == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- hash_dest = (unsigned char *)PORT_ArenaZAlloc(poolp,
- sizeof(unsigned char) * SHA1_LENGTH);
- if(hash_dest == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- PORT_Memcpy(pre_hash, salt->data, salt->len);
- /* handle password of 0 length case */
- if(password->len > 0) {
- PORT_Memcpy(&(pre_hash[salt->len]), password->data, password->len);
- }
-
- res = PK11_HashBuf(SEC_OID_SHA1, hash_dest, pre_hash,
- (salt->len+password->len));
- if(res == SECFailure) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- switch(algorithm) {
- case SEC_OID_SHA1:
- if(key_len == 0)
- key_len = 16;
- key = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(key == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- key->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char)
- * key_len);
- if(key->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- key->len = key_len;
- PORT_Memcpy(key->data, &hash_dest[SHA1_LENGTH-key->len], key->len);
- break;
- default:
- goto loser;
- break;
- }
-
- PORT_FreeArena(poolp, PR_TRUE);
- return key;
-
-loser:
- PORT_FreeArena(poolp, PR_TRUE);
- if(key != NULL) {
- SECITEM_ZfreeItem(key, PR_TRUE);
- }
- return NULL;
-}
-
-/* MAC is generated per PKCS 12 section 6. It is expected that key, msg
- * and mac_dest are pre allocated, non-NULL arrays. msg_len is passed in
- * because it is not known how long the message actually is. String
- * manipulation routines will not necessarily work because msg may have
- * imbedded NULLs
- */
-static SECItem *
-sec_pkcs12_generate_old_mac(SECItem *key,
- SECItem *msg)
-{
- SECStatus res;
- PRArenaPool *temparena = NULL;
- unsigned char *hash_dest=NULL, *hash_src1=NULL, *hash_src2 = NULL;
- int i;
- SECItem *mac = NULL;
-
- if((key == NULL) || (msg == NULL))
- goto loser;
-
- /* allocate return item */
- mac = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(mac == NULL)
- return NULL;
- mac->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char)
- * SHA1_LENGTH);
- mac->len = SHA1_LENGTH;
- if(mac->data == NULL)
- goto loser;
-
- /* allocate temporary items */
- temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(temparena == NULL)
- goto loser;
-
- hash_src1 = (unsigned char *)PORT_ArenaZAlloc(temparena,
- sizeof(unsigned char) * (16+msg->len));
- if(hash_src1 == NULL)
- goto loser;
-
- hash_src2 = (unsigned char *)PORT_ArenaZAlloc(temparena,
- sizeof(unsigned char) * (SHA1_LENGTH+16));
- if(hash_src2 == NULL)
- goto loser;
-
- hash_dest = (unsigned char *)PORT_ArenaZAlloc(temparena,
- sizeof(unsigned char) * SHA1_LENGTH);
- if(hash_dest == NULL)
- goto loser;
-
- /* perform mac'ing as per PKCS 12 */
-
- /* first round of hashing */
- for(i = 0; i < 16; i++)
- hash_src1[i] = key->data[i] ^ 0x36;
- PORT_Memcpy(&(hash_src1[16]), msg->data, msg->len);
- res = PK11_HashBuf(SEC_OID_SHA1, hash_dest, hash_src1, (16+msg->len));
- if(res == SECFailure)
- goto loser;
-
- /* second round of hashing */
- for(i = 0; i < 16; i++)
- hash_src2[i] = key->data[i] ^ 0x5c;
- PORT_Memcpy(&(hash_src2[16]), hash_dest, SHA1_LENGTH);
- res = PK11_HashBuf(SEC_OID_SHA1, mac->data, hash_src2, SHA1_LENGTH+16);
- if(res == SECFailure)
- goto loser;
-
- PORT_FreeArena(temparena, PR_TRUE);
- return mac;
-
-loser:
- if(temparena != NULL)
- PORT_FreeArena(temparena, PR_TRUE);
- if(mac != NULL)
- SECITEM_ZfreeItem(mac, PR_TRUE);
- return NULL;
-}
-
-/* MAC is generated per PKCS 12 section 6. It is expected that key, msg
- * and mac_dest are pre allocated, non-NULL arrays. msg_len is passed in
- * because it is not known how long the message actually is. String
- * manipulation routines will not necessarily work because msg may have
- * imbedded NULLs
- */
-SECItem *
-sec_pkcs12_generate_mac(SECItem *key,
- SECItem *msg,
- PRBool old_method)
-{
- SECStatus res = SECFailure;
- SECItem *mac = NULL;
- PK11Context *pk11cx = NULL;
- SECItem ignore = {0};
-
- if((key == NULL) || (msg == NULL)) {
- return NULL;
- }
-
- if(old_method == PR_TRUE) {
- return sec_pkcs12_generate_old_mac(key, msg);
- }
-
- /* allocate return item */
- mac = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
- if (mac == NULL) {
- return NULL;
- }
-
- pk11cx = PK11_CreateContextByRawKey(NULL, CKM_SHA_1_HMAC, PK11_OriginDerive,
- CKA_SIGN, key, &ignore, NULL);
- if (pk11cx == NULL) {
- goto loser;
- }
-
- res = PK11_DigestBegin(pk11cx);
- if (res == SECFailure) {
- goto loser;
- }
-
- res = PK11_DigestOp(pk11cx, msg->data, msg->len);
- if (res == SECFailure) {
- goto loser;
- }
-
- res = PK11_DigestFinal(pk11cx, mac->data, &mac->len, SHA1_LENGTH);
- if (res == SECFailure) {
- goto loser;
- }
-
- PK11_DestroyContext(pk11cx, PR_TRUE);
- pk11cx = NULL;
-
-loser:
-
- if(res != SECSuccess) {
- SECITEM_ZfreeItem(mac, PR_TRUE);
- mac = NULL;
- if (pk11cx) {
- PK11_DestroyContext(pk11cx, PR_TRUE);
- }
- }
-
- return mac;
-}
-
-/* compute the thumbprint of the DER cert and create a digest info
- * to store it in and return the digest info.
- * a return of NULL indicates an error.
- */
-SGNDigestInfo *
-sec_pkcs12_compute_thumbprint(SECItem *der_cert)
-{
- SGNDigestInfo *thumb = NULL;
- SECItem digest;
- PRArenaPool *temparena = NULL;
- SECStatus rv = SECFailure;
-
- if(der_cert == NULL)
- return NULL;
-
- temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(temparena == NULL) {
- return NULL;
- }
-
- digest.data = (unsigned char *)PORT_ArenaZAlloc(temparena,
- sizeof(unsigned char) *
- SHA1_LENGTH);
- /* digest data and create digest info */
- if(digest.data != NULL) {
- digest.len = SHA1_LENGTH;
- rv = PK11_HashBuf(SEC_OID_SHA1, digest.data, der_cert->data,
- der_cert->len);
- if(rv == SECSuccess) {
- thumb = SGN_CreateDigestInfo(SEC_OID_SHA1,
- digest.data,
- digest.len);
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- } else {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- PORT_FreeArena(temparena, PR_TRUE);
-
- return thumb;
-}
-
-/* create a virtual password per PKCS 12, the password is converted
- * to unicode, the salt is prepended to it, and then the whole thing
- * is returned */
-SECItem *
-sec_pkcs12_create_virtual_password(SECItem *password, SECItem *salt,
- PRBool swap)
-{
- SECItem uniPwd = {siBuffer, NULL,0}, *retPwd = NULL;
-
- if((password == NULL) || (salt == NULL)) {
- return NULL;
- }
-
- if(password->len == 0) {
- uniPwd.data = (unsigned char*)PORT_ZAlloc(2);
- uniPwd.len = 2;
- if(!uniPwd.data) {
- return NULL;
- }
- } else {
- uniPwd.data = (unsigned char*)PORT_ZAlloc(password->len * 3);
- uniPwd.len = password->len * 3;
- if(!PORT_UCS2_ASCIIConversion(PR_TRUE, password->data, password->len,
- uniPwd.data, uniPwd.len, &uniPwd.len, swap)) {
- SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
- return NULL;
- }
- }
-
- retPwd = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(retPwd == NULL) {
- goto loser;
- }
-
- /* allocate space and copy proper data */
- retPwd->len = uniPwd.len + salt->len;
- retPwd->data = (unsigned char *)PORT_Alloc(retPwd->len);
- if(retPwd->data == NULL) {
- PORT_Free(retPwd);
- goto loser;
- }
-
- PORT_Memcpy(retPwd->data, salt->data, salt->len);
- PORT_Memcpy((retPwd->data + salt->len), uniPwd.data, uniPwd.len);
-
- SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
-
- return retPwd;
-
-loser:
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- SECITEM_ZfreeItem(&uniPwd, PR_FALSE);
- return NULL;
-}
-
-/* appends a shrouded key to a key bag. this is used for exporting
- * to store externally wrapped keys. it is used when importing to convert
- * old items to new
- */
-SECStatus
-sec_pkcs12_append_shrouded_key(SEC_PKCS12BaggageItem *bag,
- SEC_PKCS12ESPVKItem *espvk)
-{
- int size;
- void *mark = NULL, *dummy = NULL;
-
- if((bag == NULL) || (espvk == NULL))
- return SECFailure;
-
- mark = PORT_ArenaMark(bag->poolp);
-
- /* grow the list */
- size = (bag->nEspvks + 1) * sizeof(SEC_PKCS12ESPVKItem *);
- dummy = (SEC_PKCS12ESPVKItem **)PORT_ArenaGrow(bag->poolp,
- bag->espvks, size,
- size + sizeof(SEC_PKCS12ESPVKItem *));
- bag->espvks = (SEC_PKCS12ESPVKItem**)dummy;
- if(dummy == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- bag->espvks[bag->nEspvks] = espvk;
- bag->nEspvks++;
- bag->espvks[bag->nEspvks] = NULL;
-
- PORT_ArenaUnmark(bag->poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(bag->poolp, mark);
- return SECFailure;
-}
-
-/* search a certificate list for a nickname, a thumbprint, or both
- * within a certificate bag. if the certificate could not be
- * found or an error occurs, NULL is returned;
- */
-static SEC_PKCS12CertAndCRL *
-sec_pkcs12_find_cert_in_certbag(SEC_PKCS12CertAndCRLBag *certbag,
- SECItem *nickname, SGNDigestInfo *thumbprint)
-{
- PRBool search_both = PR_FALSE, search_nickname = PR_FALSE;
- int i, j;
-
- if((certbag == NULL) || ((nickname == NULL) && (thumbprint == NULL))) {
- return NULL;
- }
-
- if(thumbprint && nickname) {
- search_both = PR_TRUE;
- }
-
- if(nickname) {
- search_nickname = PR_TRUE;
- }
-
-search_again:
- i = 0;
- while(certbag->certAndCRLs[i] != NULL) {
- SEC_PKCS12CertAndCRL *cert = certbag->certAndCRLs[i];
-
- if(SECOID_FindOIDTag(&cert->BagID) == SEC_OID_PKCS12_X509_CERT_CRL_BAG) {
-
- /* check nicknames */
- if(search_nickname) {
- if(SECITEM_CompareItem(nickname, &cert->nickname) == SECEqual) {
- return cert;
- }
- } else {
- /* check thumbprints */
- SECItem **derCertList;
-
- /* get pointer to certificate list, does not need to
- * be freed since it is within the arena which will
- * be freed later.
- */
- derCertList = SEC_PKCS7GetCertificateList(&cert->value.x509->certOrCRL);
- j = 0;
- if(derCertList != NULL) {
- while(derCertList[j] != NULL) {
- SECComparison eq;
- SGNDigestInfo *di;
- di = sec_pkcs12_compute_thumbprint(derCertList[j]);
- if(di) {
- eq = SGN_CompareDigestInfo(thumbprint, di);
- SGN_DestroyDigestInfo(di);
- if(eq == SECEqual) {
- /* copy the derCert for later reference */
- cert->value.x509->derLeafCert = derCertList[j];
- return cert;
- }
- } else {
- /* an error occurred */
- return NULL;
- }
- j++;
- }
- }
- }
- }
-
- i++;
- }
-
- if(search_both) {
- search_both = PR_FALSE;
- search_nickname = PR_FALSE;
- goto search_again;
- }
-
- return NULL;
-}
-
-/* search a key list for a nickname, a thumbprint, or both
- * within a key bag. if the key could not be
- * found or an error occurs, NULL is returned;
- */
-static SEC_PKCS12PrivateKey *
-sec_pkcs12_find_key_in_keybag(SEC_PKCS12PrivateKeyBag *keybag,
- SECItem *nickname, SGNDigestInfo *thumbprint)
-{
- PRBool search_both = PR_FALSE, search_nickname = PR_FALSE;
- int i, j;
-
- if((keybag == NULL) || ((nickname == NULL) && (thumbprint == NULL))) {
- return NULL;
- }
-
- if(keybag->privateKeys == NULL) {
- return NULL;
- }
-
- if(thumbprint && nickname) {
- search_both = PR_TRUE;
- }
-
- if(nickname) {
- search_nickname = PR_TRUE;
- }
-
-search_again:
- i = 0;
- while(keybag->privateKeys[i] != NULL) {
- SEC_PKCS12PrivateKey *key = keybag->privateKeys[i];
-
- /* check nicknames */
- if(search_nickname) {
- if(SECITEM_CompareItem(nickname, &key->pvkData.nickname) == SECEqual) {
- return key;
- }
- } else {
- /* check digests */
- SGNDigestInfo **assocCerts = key->pvkData.assocCerts;
- if((assocCerts == NULL) || (assocCerts[0] == NULL)) {
- return NULL;
- }
-
- j = 0;
- while(assocCerts[j] != NULL) {
- SECComparison eq;
- eq = SGN_CompareDigestInfo(thumbprint, assocCerts[j]);
- if(eq == SECEqual) {
- return key;
- }
- j++;
- }
- }
- i++;
- }
-
- if(search_both) {
- search_both = PR_FALSE;
- search_nickname = PR_FALSE;
- goto search_again;
- }
-
- return NULL;
-}
-
-/* seach the safe first then try the baggage bag
- * safe and bag contain certs and keys to search
- * objType is the object type to look for
- * bagType is the type of bag that was found by sec_pkcs12_find_object
- * index is the entity in safe->safeContents or bag->unencSecrets which
- * is being searched
- * nickname and thumbprint are the search criteria
- *
- * a return of null indicates no match
- */
-static void *
-sec_pkcs12_try_find(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12BaggageItem *bag,
- SECOidTag objType, SECOidTag bagType, int index,
- SECItem *nickname, SGNDigestInfo *thumbprint)
-{
- PRBool searchSafe;
- int i = index;
-
- if((safe == NULL) && (bag == NULL)) {
- return NULL;
- }
-
- searchSafe = (safe == NULL ? PR_FALSE : PR_TRUE);
- switch(objType) {
- case SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID:
- if(objType == bagType) {
- SEC_PKCS12CertAndCRLBag *certBag;
-
- if(searchSafe) {
- certBag = safe->contents[i]->safeContent.certAndCRLBag;
- } else {
- certBag = bag->unencSecrets[i]->safeContent.certAndCRLBag;
- }
- return sec_pkcs12_find_cert_in_certbag(certBag, nickname,
- thumbprint);
- }
- break;
- case SEC_OID_PKCS12_KEY_BAG_ID:
- if(objType == bagType) {
- SEC_PKCS12PrivateKeyBag *keyBag;
-
- if(searchSafe) {
- keyBag = safe->contents[i]->safeContent.keyBag;
- } else {
- keyBag = bag->unencSecrets[i]->safeContent.keyBag;
- }
- return sec_pkcs12_find_key_in_keybag(keyBag, nickname,
- thumbprint);
- }
- break;
- default:
- break;
- }
-
- return NULL;
-}
-
-/* searches both the baggage and the safe areas looking for
- * object of specified type matching either the nickname or the
- * thumbprint specified.
- *
- * safe and baggage store certs and keys
- * objType is the OID for the bag type to be searched:
- * SEC_OID_PKCS12_KEY_BAG_ID, or
- * SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID
- * nickname and thumbprint are the search criteria
- *
- * if no match found, NULL returned and error set
- */
-void *
-sec_pkcs12_find_object(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage,
- SECOidTag objType,
- SECItem *nickname,
- SGNDigestInfo *thumbprint)
-{
- int i, j;
- void *retItem;
-
- if(((safe == NULL) && (thumbprint == NULL)) ||
- ((nickname == NULL) && (thumbprint == NULL))) {
- return NULL;
- }
-
- i = 0;
- if((safe != NULL) && (safe->contents != NULL)) {
- while(safe->contents[i] != NULL) {
- SECOidTag bagType = SECOID_FindOIDTag(&safe->contents[i]->safeBagType);
- retItem = sec_pkcs12_try_find(safe, NULL, objType, bagType, i,
- nickname, thumbprint);
- if(retItem != NULL) {
- return retItem;
- }
- i++;
- }
- }
-
- if((baggage != NULL) && (baggage->bags != NULL)) {
- i = 0;
- while(baggage->bags[i] != NULL) {
- SEC_PKCS12BaggageItem *xbag = baggage->bags[i];
- j = 0;
- if(xbag->unencSecrets != NULL) {
- while(xbag->unencSecrets[j] != NULL) {
- SECOidTag bagType;
- bagType = SECOID_FindOIDTag(&xbag->unencSecrets[j]->safeBagType);
- retItem = sec_pkcs12_try_find(NULL, xbag, objType, bagType,
- j, nickname, thumbprint);
- if(retItem != NULL) {
- return retItem;
- }
- j++;
- }
- }
- i++;
- }
- }
-
- PORT_SetError(SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME);
- return NULL;
-}
-
-/* this function converts a password to unicode and encures that the
- * required double 0 byte be placed at the end of the string
- */
-PRBool
-sec_pkcs12_convert_item_to_unicode(PRArenaPool *arena, SECItem *dest,
- SECItem *src, PRBool zeroTerm,
- PRBool asciiConvert, PRBool toUnicode)
-{
- PRBool success = PR_FALSE;
- if(!src || !dest) {
- return PR_FALSE;
- }
-
- dest->len = src->len * 3 + 2;
- if(arena) {
- dest->data = (unsigned char*)PORT_ArenaZAlloc(arena, dest->len);
- } else {
- dest->data = (unsigned char*)PORT_ZAlloc(dest->len);
- }
-
- if(!dest->data) {
- dest->len = 0;
- return PR_FALSE;
- }
-
- if(!asciiConvert) {
- success = PORT_UCS2_UTF8Conversion(toUnicode, src->data, src->len, dest->data,
- dest->len, &dest->len);
- } else {
-#ifndef IS_LITTLE_ENDIAN
- PRBool swapUnicode = PR_FALSE;
-#else
- PRBool swapUnicode = PR_TRUE;
-#endif
- success = PORT_UCS2_ASCIIConversion(toUnicode, src->data, src->len, dest->data,
- dest->len, &dest->len, swapUnicode);
- }
-
- if(!success) {
- if(!arena) {
- PORT_Free(dest->data);
- dest->data = NULL;
- dest->len = 0;
- }
- return PR_FALSE;
- }
-
- if((dest->data[dest->len-1] || dest->data[dest->len-2]) && zeroTerm) {
- if(dest->len + 2 > 3 * src->len) {
- if(arena) {
- dest->data = (unsigned char*)PORT_ArenaGrow(arena,
- dest->data, dest->len,
- dest->len + 2);
- } else {
- dest->data = (unsigned char*)PORT_Realloc(dest->data,
- dest->len + 2);
- }
-
- if(!dest->data) {
- return PR_FALSE;
- }
- }
- dest->len += 2;
- dest->data[dest->len-1] = dest->data[dest->len-2] = 0;
- }
-
- return PR_TRUE;
-}
-
-/* pkcs 12 templates */
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_shroud_chooser =
- sec_pkcs12_choose_shroud_type;
-
-const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
- { SEC_ASN1_ANY, offsetof(SEC_PKCS12SafeBag, derSafeContent) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
- { SEC_ASN1_ANY, offsetof(SEC_PKCS12CertAndCRL, derValue) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
- SEC_PKCS12CodedCertBagTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12ESPVKItem) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12ESPVKItem, espvkOID) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12ESPVKItem, espvkData),
- SEC_PKCS12PVKSupportingDataTemplate_OLD },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_DYNAMIC | 0, offsetof(SEC_PKCS12ESPVKItem, espvkCipherText),
- &sec_pkcs12_shroud_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12ESPVKItem) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12ESPVKItem, espvkOID) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12ESPVKItem, espvkData),
- SEC_PKCS12PVKSupportingDataTemplate },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_DYNAMIC | 0, offsetof(SEC_PKCS12ESPVKItem, espvkCipherText),
- &sec_pkcs12_shroud_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PVKAdditionalDataTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKAdditionalData) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS12PVKAdditionalData, pvkAdditionalType) },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12PVKAdditionalData, pvkAdditionalContent) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN ,
- offsetof(SEC_PKCS12PVKSupportingData, assocCerts),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
- offsetof(SEC_PKCS12PVKSupportingData, regenerable) },
- { SEC_ASN1_PRINTABLE_STRING,
- offsetof(SEC_PKCS12PVKSupportingData, nickname) },
- { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
- offsetof(SEC_PKCS12PVKSupportingData, pvkAdditionalDER) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PVKSupportingData) },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN ,
- offsetof(SEC_PKCS12PVKSupportingData, assocCerts),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BOOLEAN,
- offsetof(SEC_PKCS12PVKSupportingData, regenerable) },
- { SEC_ASN1_BMP_STRING,
- offsetof(SEC_PKCS12PVKSupportingData, uniNickName) },
- { SEC_ASN1_ANY | SEC_ASN1_OPTIONAL,
- offsetof(SEC_PKCS12PVKSupportingData, pvkAdditionalDER) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12BaggageItemTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12BaggageItem) },
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, espvks),
- SEC_PKCS12ESPVKItemTemplate },
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, unencSecrets),
- SEC_PKCS12SafeBagTemplate },
- /*{ SEC_ASN1_SET_OF, offsetof(SEC_PKCS12BaggageItem, unencSecrets),
- SEC_PKCS12CodedSafeBagTemplate }, */
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12BaggageTemplate[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12Baggage, bags),
- SEC_PKCS12BaggageItemTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12Baggage_OLD, espvks),
- SEC_PKCS12ESPVKItemTemplate_OLD },
-};
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser =
- sec_pkcs12_choose_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_bag_chooser_old =
- sec_pkcs12_choose_bag_type_old;
-
-const SEC_ASN1Template SEC_PKCS12SafeBagTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12SafeBag, safeContent),
- &sec_pkcs12_bag_chooser_old },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SafeBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12SafeBag, safeBagType) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_POINTER,
- offsetof(SEC_PKCS12SafeBag, safeContent),
- &sec_pkcs12_bag_chooser },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BMP_STRING,
- offsetof(SEC_PKCS12SafeBag, uniSafeBagName) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[] =
-{
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS12SafeContents, contents),
- SEC_PKCS12SafeBagTemplate_OLD }
-};
-
-const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[] =
-{
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS12SafeContents, contents),
- SEC_PKCS12SafeBagTemplate } /* here */
-};
-
-const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PrivateKey) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12PrivateKey, pvkData),
- SEC_PKCS12PVKSupportingDataTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS12PrivateKey, pkcs8data),
- SEC_ASN1_SUB(SECKEY_PrivateKeyInfoTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PrivateKeyBag) },
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12PrivateKeyBag, privateKeys),
- SEC_PKCS12PrivateKeyTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, certOrCRL),
- sec_PKCS7ContentInfoTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN ,
- offsetof(SEC_PKCS12X509CertCRL, thumbprint),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
- { SEC_ASN1_INLINE, offsetof(SEC_PKCS12X509CertCRL, certOrCRL),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12X509CertCRL) },
- { SEC_ASN1_IA5_STRING, offsetof(SEC_PKCS12SDSICert, value) },
- { 0 }
-};
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser_old =
- sec_pkcs12_choose_cert_crl_type_old;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_crl_chooser =
- sec_pkcs12_choose_cert_crl_type;
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_EXPLICIT |
- SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | 0,
- offsetof(SEC_PKCS12CertAndCRL, value),
- &sec_pkcs12_cert_crl_chooser_old },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRL) },
- { SEC_ASN1_OBJECT_ID, offsetof(SEC_PKCS12CertAndCRL, BagID) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12CertAndCRL, value),
- &sec_pkcs12_cert_crl_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
- SEC_PKCS12CertAndCRLTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12CertAndCRLBag) },
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12CertAndCRLBag, certAndCRLs),
- SEC_PKCS12CertAndCRLTemplate_OLD },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12SecretAdditional) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS12SecretAdditional, secretAdditionalType) },
- { SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_EXPLICIT,
- offsetof(SEC_PKCS12SecretAdditional, secretAdditionalContent) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12Secret) },
- { SEC_ASN1_BMP_STRING, offsetof(SEC_PKCS12Secret, uniSecretName) },
- { SEC_ASN1_ANY, offsetof(SEC_PKCS12Secret, value) },
- { SEC_ASN1_INLINE | SEC_ASN1_OPTIONAL,
- offsetof(SEC_PKCS12Secret, secretAdditional),
- SEC_PKCS12SecretAdditionalTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12Secret) },
- { SEC_ASN1_INLINE | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12SecretItem, secret), SEC_PKCS12SecretTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS12SecretItem, subFolder), SEC_PKCS12SafeBagTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[] =
-{
- { SEC_ASN1_SET_OF, offsetof(SEC_PKCS12SecretBag, secrets),
- SEC_PKCS12SecretItemTemplate },
-};
-
-const SEC_ASN1Template SEC_PKCS12MacDataTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN , offsetof(SEC_PKCS12MacData, safeMac),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_BIT_STRING, offsetof(SEC_PKCS12MacData, macSalt) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
- { SEC_ASN1_OPTIONAL |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12PFXItem, macData), SEC_PKCS12MacDataTemplate },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS12PFXItem, authSafe),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12PFXItem) },
- { SEC_ASN1_OPTIONAL |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(SEC_PKCS12PFXItem, old_safeMac),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_BIT_STRING,
- offsetof(SEC_PKCS12PFXItem, old_macSalt) },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS12PFXItem, authSafe),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12AuthenticatedSafe) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS12AuthenticatedSafe, version) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS12AuthenticatedSafe, transportMode) },
- { SEC_ASN1_BIT_STRING | SEC_ASN1_OPTIONAL,
- offsetof(SEC_PKCS12AuthenticatedSafe, privacySalt) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS12AuthenticatedSafe, baggage.bags),
- SEC_PKCS12BaggageItemTemplate },
- { SEC_ASN1_POINTER,
- offsetof(SEC_PKCS12AuthenticatedSafe, safe),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SEC_PKCS12AuthenticatedSafe) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS12AuthenticatedSafe, version) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS12AuthenticatedSafe, transportMode) },
- { SEC_ASN1_BIT_STRING,
- offsetof(SEC_PKCS12AuthenticatedSafe, privacySalt) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS12AuthenticatedSafe, old_baggage),
- SEC_PKCS12BaggageTemplate_OLD },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS12AuthenticatedSafe, old_safe),
- sec_PKCS7ContentInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12PrivateKeyBagTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12CertAndCRLBagTemplate_OLD }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12CertAndCRLBagTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12SecretBagTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12X509CertCRLTemplate_OLD }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12X509CertCRLTemplate }
-};
-
-const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[] =
-{
- { SEC_ASN1_POINTER, 0, SEC_PKCS12SDSICertTemplate }
-};
-
-
diff --git a/security/nss/lib/pkcs12/p12local.h b/security/nss/lib/pkcs12/p12local.h
deleted file mode 100644
index e0333e2c3..000000000
--- a/security/nss/lib/pkcs12/p12local.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _P12LOCAL_H_
-#define _P12LOCAL_H_
-
-#include "plarena.h"
-#include "secoidt.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "certt.h"
-#include "secpkcs7.h"
-#include "pkcs12.h"
-#include "p12.h"
-
-/* helper functions */
-extern const SEC_ASN1Template *
-sec_pkcs12_choose_bag_type(void *src_or_dest, PRBool encoding);
-extern const SEC_ASN1Template *
-sec_pkcs12_choose_cert_crl_type(void *src_or_dest, PRBool encoding);
-extern const SEC_ASN1Template *
-sec_pkcs12_choose_shroud_type(void *src_or_dest, PRBool encoding);
-extern SECItem *sec_pkcs12_generate_salt(void);
-extern SECItem *sec_pkcs12_generate_key_from_password(SECOidTag algorithm,
- SECItem *salt, SECItem *password);
-extern SECItem *sec_pkcs12_generate_mac(SECItem *key, SECItem *msg,
- PRBool old_method);
-extern SGNDigestInfo *sec_pkcs12_compute_thumbprint(SECItem *der_cert);
-extern SECItem *sec_pkcs12_create_virtual_password(SECItem *password,
- SECItem *salt, PRBool swapUnicodeBytes);
-extern SECStatus sec_pkcs12_append_shrouded_key(SEC_PKCS12BaggageItem *bag,
- SEC_PKCS12ESPVKItem *espvk);
-extern void *sec_pkcs12_find_object(SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage, SECOidTag objType,
- SECItem *nickname, SGNDigestInfo *thumbprint);
-extern PRBool sec_pkcs12_convert_item_to_unicode(PRArenaPool *arena, SECItem *dest,
- SECItem *src, PRBool zeroTerm,
- PRBool asciiConvert, PRBool toUnicode);
-extern CK_MECHANISM_TYPE sec_pkcs12_algtag_to_mech(SECOidTag algtag);
-
-/* create functions */
-extern SEC_PKCS12PFXItem *sec_pkcs12_new_pfx(void);
-extern SEC_PKCS12SafeContents *sec_pkcs12_create_safe_contents(
- PRArenaPool *poolp);
-extern SEC_PKCS12Baggage *sec_pkcs12_create_baggage(PRArenaPool *poolp);
-extern SEC_PKCS12BaggageItem *sec_pkcs12_create_external_bag(SEC_PKCS12Baggage *luggage);
-extern void SEC_PKCS12DestroyPFX(SEC_PKCS12PFXItem *pfx);
-extern SEC_PKCS12AuthenticatedSafe *sec_pkcs12_new_asafe(PRArenaPool *poolp);
-
-/* conversion from old to new */
-extern SEC_PKCS12DecoderContext *
-sec_PKCS12ConvertOldSafeToNew(PRArenaPool *arena, PK11SlotInfo *slot,
- PRBool swapUnicode, SECItem *pwitem,
- void *wincx, SEC_PKCS12SafeContents *safe,
- SEC_PKCS12Baggage *baggage);
-
-#endif
diff --git a/security/nss/lib/pkcs12/p12plcy.c b/security/nss/lib/pkcs12/p12plcy.c
deleted file mode 100644
index 26edd16ba..000000000
--- a/security/nss/lib/pkcs12/p12plcy.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#include "p12plcy.h"
-#include "secoid.h"
-#include "secport.h"
-/*#include "secpkcs5.h" LOTS of PKCS5 calls below. XXX EVIL. */
-
-#define PKCS12_NULL 0x0000
-
-typedef struct pkcs12SuiteMapStr {
- SECOidTag algTag;
- unsigned int keyLengthBits; /* in bits */
- unsigned long suite;
- PRBool allowed;
- PRBool preferred;
-} pkcs12SuiteMap;
-
-static pkcs12SuiteMap pkcs12SuiteMaps[] = {
- { SEC_OID_RC4, 40, PKCS12_RC4_40, PR_FALSE, PR_FALSE},
- { SEC_OID_RC4, 128, PKCS12_RC4_128, PR_FALSE, PR_FALSE},
- { SEC_OID_RC2_CBC, 40, PKCS12_RC2_CBC_40, PR_FALSE, PR_TRUE},
- { SEC_OID_RC2_CBC, 128, PKCS12_RC2_CBC_128, PR_FALSE, PR_FALSE},
- { SEC_OID_DES_CBC, 64, PKCS12_DES_56, PR_FALSE, PR_FALSE},
- { SEC_OID_DES_EDE3_CBC, 192, PKCS12_DES_EDE3_168, PR_FALSE, PR_FALSE},
- { SEC_OID_UNKNOWN, 0, PKCS12_NULL, PR_FALSE, PR_FALSE},
- { SEC_OID_UNKNOWN, 0, 0L, PR_FALSE, PR_FALSE}
-};
-
-/* determine if algid is an algorithm which is allowed */
-PRBool
-SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid)
-{
- unsigned int keyLengthBits;
- SECOidTag algId;
- int i;
-
- algId = SEC_PKCS5GetCryptoAlgorithm(algid);
- if(algId == SEC_OID_UNKNOWN) {
- return PR_FALSE;
- }
-
- keyLengthBits = (unsigned int)(SEC_PKCS5GetKeyLength(algid) * 8);
-
- i = 0;
- while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
- if((pkcs12SuiteMaps[i].algTag == algId) &&
- (pkcs12SuiteMaps[i].keyLengthBits == keyLengthBits)) {
-
- return pkcs12SuiteMaps[i].allowed;
- }
- i++;
- }
-
- return PR_FALSE;
-}
-
-/* is any encryption allowed? */
-PRBool
-SEC_PKCS12IsEncryptionAllowed(void)
-{
- int i;
-
- i = 0;
- while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
- if(pkcs12SuiteMaps[i].allowed == PR_TRUE) {
- return PR_TRUE;
- }
- i++;
- }
-
- return PR_FALSE;
-}
-
-/* get the preferred algorithm.
- */
-SECOidTag
-SEC_PKCS12GetPreferredEncryptionAlgorithm(void)
-{
- int i;
-
- i = 0;
- while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
- if((pkcs12SuiteMaps[i].preferred == PR_TRUE) &&
- (pkcs12SuiteMaps[i].allowed == PR_TRUE)) {
- return SEC_PKCS5GetPBEAlgorithm(pkcs12SuiteMaps[i].algTag,
- pkcs12SuiteMaps[i].keyLengthBits);
- }
- i++;
- }
-
- return SEC_OID_UNKNOWN;
-}
-
-/* return the strongest algorithm allowed */
-SECOidTag
-SEC_PKCS12GetStrongestAllowedAlgorithm(void)
-{
- int i, keyLengthBits = 0;
- SECOidTag algorithm = SEC_OID_UNKNOWN;
-
- i = 0;
- while(pkcs12SuiteMaps[i].algTag != SEC_OID_UNKNOWN) {
- if((pkcs12SuiteMaps[i].allowed == PR_TRUE) &&
- (pkcs12SuiteMaps[i].keyLengthBits > (unsigned int)keyLengthBits) &&
- (pkcs12SuiteMaps[i].algTag != SEC_OID_RC4)) {
- algorithm = pkcs12SuiteMaps[i].algTag;
- keyLengthBits = pkcs12SuiteMaps[i].keyLengthBits;
- }
- i++;
- }
-
- if(algorithm == SEC_OID_UNKNOWN) {
- return SEC_OID_UNKNOWN;
- }
-
- return SEC_PKCS5GetPBEAlgorithm(algorithm, keyLengthBits);
-}
-
-SECStatus
-SEC_PKCS12EnableCipher(long which, int on)
-{
- int i;
-
- i = 0;
- while(pkcs12SuiteMaps[i].suite != 0L) {
- if(pkcs12SuiteMaps[i].suite == (unsigned long)which) {
- if(on) {
- pkcs12SuiteMaps[i].allowed = PR_TRUE;
- } else {
- pkcs12SuiteMaps[i].allowed = PR_FALSE;
- }
- return SECSuccess;
- }
- i++;
- }
-
- return SECFailure;
-}
-
-SECStatus
-SEC_PKCS12SetPreferredCipher(long which, int on)
-{
- int i;
- PRBool turnedOff = PR_FALSE;
- PRBool turnedOn = PR_FALSE;
-
- i = 0;
- while(pkcs12SuiteMaps[i].suite != 0L) {
- if(pkcs12SuiteMaps[i].preferred == PR_TRUE) {
- pkcs12SuiteMaps[i].preferred = PR_FALSE;
- turnedOff = PR_TRUE;
- }
- if(pkcs12SuiteMaps[i].suite == (unsigned long)which) {
- pkcs12SuiteMaps[i].preferred = PR_TRUE;
- turnedOn = PR_TRUE;
- }
- i++;
- }
-
- if((turnedOn) && (turnedOff)) {
- return SECSuccess;
- }
-
- return SECFailure;
-}
-
diff --git a/security/nss/lib/pkcs12/p12plcy.h b/security/nss/lib/pkcs12/p12plcy.h
deleted file mode 100644
index 1a3a9ee2f..000000000
--- a/security/nss/lib/pkcs12/p12plcy.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _P12PLCY_H_
-#define _P12PLCY_H_
-
-#include "secoid.h"
-#include "ciferfam.h"
-
-/* for the algid specified, can we decrypt it ? */
-extern PRBool SEC_PKCS12DecryptionAllowed(SECAlgorithmID *algid);
-
-/* is encryption allowed? */
-extern PRBool SEC_PKCS12IsEncryptionAllowed(void);
-
-/* get the preferred encryption algorithm */
-extern SECOidTag SEC_PKCS12GetPreferredEncryptionAlgorithm(void);
-
-/* get the stronget crypto allowed (based on order in the table */
-extern SECOidTag SEC_PKCS12GetStrongestAllowedAlgorithm(void);
-
-/* enable a cipher for encryption/decryption */
-extern SECStatus SEC_PKCS12EnableCipher(long which, int on);
-
-/* return the preferred cipher for encryption */
-extern SECStatus SEC_PKCS12SetPreferredCipher(long which, int on);
-
-#endif
diff --git a/security/nss/lib/pkcs12/p12t.h b/security/nss/lib/pkcs12/p12t.h
deleted file mode 100644
index 6b9d3da1b..000000000
--- a/security/nss/lib/pkcs12/p12t.h
+++ /dev/null
@@ -1,182 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _P12T_H_
-#define _P12T_H_
-
-#include "secoid.h"
-#include "key.h"
-#include "pkcs11.h"
-#include "secpkcs7.h"
-#include "secdig.h" /* for SGNDigestInfo */
-
-#define SEC_PKCS12_VERSION 3
-
-/* structure declarations */
-typedef struct sec_PKCS12PFXItemStr sec_PKCS12PFXItem;
-typedef struct sec_PKCS12MacDataStr sec_PKCS12MacData;
-typedef struct sec_PKCS12AuthenticatedSafeStr sec_PKCS12AuthenticatedSafe;
-typedef struct sec_PKCS12SafeContentsStr sec_PKCS12SafeContents;
-typedef struct sec_PKCS12SafeBagStr sec_PKCS12SafeBag;
-typedef struct sec_PKCS12PKCS8ShroudedKeyBagStr sec_PKCS12PKCS8ShroudedKeyBag;
-typedef struct sec_PKCS12CertBagStr sec_PKCS12CertBag;
-typedef struct sec_PKCS12CRLBagStr sec_PKCS12CRLBag;
-typedef struct sec_PKCS12SecretBag sec_PKCS12SecretBag;
-typedef struct sec_PKCS12AttributeStr sec_PKCS12Attribute;
-
-struct sec_PKCS12CertBagStr {
- /* what type of cert is stored? */
- SECItem bagID;
-
- /* certificate information */
- union {
- SECItem x509Cert;
- SECItem SDSICert;
- } value;
-};
-
-struct sec_PKCS12CRLBagStr {
- /* what type of cert is stored? */
- SECItem bagID;
-
- /* certificate information */
- union {
- SECItem x509CRL;
- } value;
-};
-
-struct sec_PKCS12SecretBag {
- /* what type of secret? */
- SECItem secretType;
-
- /* secret information. ssshhhh be vewy vewy quiet. */
- SECItem secretContent;
-};
-
-struct sec_PKCS12AttributeStr {
- SECItem attrType;
- SECItem **attrValue;
-};
-
-struct sec_PKCS12SafeBagStr {
-
- /* What type of bag are we using? */
- SECItem safeBagType;
-
- /* Dependent upon the type of bag being used. */
- union {
- SECKEYPrivateKeyInfo *pkcs8KeyBag;
- SECKEYEncryptedPrivateKeyInfo *pkcs8ShroudedKeyBag;
- sec_PKCS12CertBag *certBag;
- sec_PKCS12CRLBag *crlBag;
- sec_PKCS12SecretBag *secretBag;
- sec_PKCS12SafeContents *safeContents;
- } safeBagContent;
-
- sec_PKCS12Attribute **attribs;
-
- /* used locally */
- SECOidData *bagTypeTag;
- PRArenaPool *arena;
- unsigned int nAttribs;
-
- /* used for validation/importing */
- PRBool problem, noInstall, validated, hasKey, removeExisting, installed;
- int error;
-
- PRBool swapUnicodeBytes;
- PK11SlotInfo *slot;
- SECItem *pwitem;
- PRBool oldBagType;
-};
-
-struct sec_PKCS12SafeContentsStr {
- sec_PKCS12SafeBag **safeBags;
- SECItem **encodedSafeBags;
-
- /* used locally */
- PRArenaPool *arena;
- unsigned int bagCount;
-};
-
-struct sec_PKCS12MacDataStr {
- SGNDigestInfo safeMac;
- SECItem macSalt;
- SECItem iter;
-};
-
-struct sec_PKCS12PFXItemStr {
-
- SECItem version;
-
- /* Content type will either be Data (password integrity mode)
- * or signedData (public-key integrity mode)
- */
- SEC_PKCS7ContentInfo *authSafe;
- SECItem encodedAuthSafe;
-
- /* Only present in password integrity mode */
- sec_PKCS12MacData macData;
- SECItem encodedMacData;
-};
-
-struct sec_PKCS12AuthenticatedSafeStr {
- /* Content type will either be encryptedData (password privacy mode)
- * or envelopedData (public-key privacy mode)
- */
- SEC_PKCS7ContentInfo **safes;
- SECItem **encodedSafes;
-
- /* used locally */
- unsigned int safeCount;
- SECItem dummySafe;
-};
-
-extern const SEC_ASN1Template sec_PKCS12PFXItemTemplate[];
-extern const SEC_ASN1Template sec_PKCS12MacDataTemplate[];
-extern const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12CertBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12CRLBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SecretBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[];
-extern const SEC_ASN1Template sec_PKCS12AttributeTemplate[];
-extern const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[];
-extern const SEC_ASN1Template sec_PKCS12SafeBagTemplate[];
-
-#endif
diff --git a/security/nss/lib/pkcs12/p12tmpl.c b/security/nss/lib/pkcs12/p12tmpl.c
deleted file mode 100644
index e58816386..000000000
--- a/security/nss/lib/pkcs12/p12tmpl.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "seccomon.h"
-#include "secport.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "secasn1.h"
-#include "p12t.h"
-
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-SEC_ASN1_MKSUB(sgn_DigestInfoTemplate)
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_safe_bag_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- sec_PKCS12SafeBag *safeBag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- safeBag = (sec_PKCS12SafeBag*)src_or_dest;
-
- oiddata = SECOID_FindOID(&safeBag->safeBagType);
- if(oiddata == NULL) {
- return SEC_ASN1_GET(SEC_AnyTemplate);
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS12_V1_KEY_BAG_ID:
- theTemplate = SEC_ASN1_GET(SECKEY_PointerToPrivateKeyInfoTemplate);
- break;
- case SEC_OID_PKCS12_V1_CERT_BAG_ID:
- theTemplate = sec_PKCS12PointerToCertBagTemplate;
- break;
- case SEC_OID_PKCS12_V1_CRL_BAG_ID:
- theTemplate = sec_PKCS12PointerToCRLBagTemplate;
- break;
- case SEC_OID_PKCS12_V1_SECRET_BAG_ID:
- theTemplate = sec_PKCS12PointerToSecretBagTemplate;
- break;
- case SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID:
- theTemplate =
- SEC_ASN1_GET(SECKEY_PointerToEncryptedPrivateKeyInfoTemplate);
- break;
- case SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID:
- if(encoding) {
- theTemplate = sec_PKCS12PointerToSafeContentsTemplate;
- } else {
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- }
- break;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_crl_bag_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- sec_PKCS12CRLBag *crlbag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- crlbag = (sec_PKCS12CRLBag*)src_or_dest;
-
- oiddata = SECOID_FindOID(&crlbag->bagID);
- if(oiddata == NULL) {
- return SEC_ASN1_GET(SEC_AnyTemplate);
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS9_X509_CRL:
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_cert_bag_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- sec_PKCS12CertBag *certbag;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- certbag = (sec_PKCS12CertBag*)src_or_dest;
-
- oiddata = SECOID_FindOID(&certbag->bagID);
- if(oiddata == NULL) {
- return SEC_ASN1_GET(SEC_AnyTemplate);
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS9_X509_CERT:
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- case SEC_OID_PKCS9_SDSI_CERT:
- theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
- break;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs12_choose_attr_type(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- sec_PKCS12Attribute *attr;
- SECOidData *oiddata;
-
- if (src_or_dest == NULL) {
- return NULL;
- }
-
- attr = (sec_PKCS12Attribute*)src_or_dest;
-
- oiddata = SECOID_FindOID(&attr->attrType);
- if(oiddata == NULL) {
- return SEC_ASN1_GET(SEC_AnyTemplate);
- }
-
- switch (oiddata->offset) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS9_FRIENDLY_NAME:
- theTemplate = SEC_ASN1_GET(SEC_BMPStringTemplate);
- break;
- case SEC_OID_PKCS9_LOCAL_KEY_ID:
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- case SEC_OID_PKCS12_KEY_USAGE:
- theTemplate = SEC_ASN1_GET(SEC_BitStringTemplate);
- break;
- }
-
- return theTemplate;
-}
-
-
-const SEC_ASN1Template sec_PKCS12PointerToContentInfoTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, sec_PKCS7ContentInfoTemplate }
-};
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_crl_bag_chooser =
- sec_pkcs12_choose_crl_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_cert_bag_chooser =
- sec_pkcs12_choose_cert_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_safe_bag_chooser =
- sec_pkcs12_choose_safe_bag_type;
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs12_attr_chooser =
- sec_pkcs12_choose_attr_type;
-
-const SEC_ASN1Template sec_PKCS12PointerToCertBagTemplate[] = {
- { SEC_ASN1_POINTER, 0, sec_PKCS12CertBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PointerToCRLBagTemplate[] = {
- { SEC_ASN1_POINTER, 0, sec_PKCS12CRLBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PointerToSecretBagTemplate[] = {
- { SEC_ASN1_POINTER, 0, sec_PKCS12SecretBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PointerToSafeContentsTemplate[] = {
- { SEC_ASN1_POINTER, 0, sec_PKCS12SafeContentsTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12PFXItemTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL,
- sizeof(sec_PKCS12PFXItem) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER,
- offsetof(sec_PKCS12PFXItem, version) },
- { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM,
- offsetof(sec_PKCS12PFXItem, encodedAuthSafe) },
- { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM,
- offsetof(sec_PKCS12PFXItem, encodedMacData) },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12MacDataTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12MacData) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN , offsetof(sec_PKCS12MacData, safeMac),
- SEC_ASN1_SUB(sgn_DigestInfoTemplate) },
- { SEC_ASN1_OCTET_STRING, offsetof(sec_PKCS12MacData, macSalt) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_INTEGER, offsetof(sec_PKCS12MacData, iter) },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12AuthenticatedSafeTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN ,
- offsetof(sec_PKCS12AuthenticatedSafe, encodedSafes),
- SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-const SEC_ASN1Template sec_PKCS12SafeBagTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM, 0, NULL,
- sizeof(sec_PKCS12SafeBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SafeBag, safeBagType) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_DYNAMIC | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(sec_PKCS12SafeBag, safeBagContent),
- &sec_pkcs12_safe_bag_chooser },
- { SEC_ASN1_SET_OF | SEC_ASN1_OPTIONAL, offsetof(sec_PKCS12SafeBag, attribs),
- sec_PKCS12AttributeTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12SafeContentsTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM,
- offsetof(sec_PKCS12SafeContents, safeBags),
- sec_PKCS12SafeBagTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12SequenceOfAnyTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN , 0,
- SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-const SEC_ASN1Template sec_PKCS12NestedSafeContentsDecodeTemplate[] = {
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_CONSTRUCTED | 0,
- offsetof(sec_PKCS12SafeContents, encodedSafeBags),
- sec_PKCS12SequenceOfAnyTemplate }
-};
-
-const SEC_ASN1Template sec_PKCS12SafeContentsDecodeTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_MAY_STREAM | SEC_ASN1_XTRN ,
- offsetof(sec_PKCS12SafeContents, encodedSafeBags),
- SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-const SEC_ASN1Template sec_PKCS12CRLBagTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CRLBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CRLBag, bagID) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_POINTER,
- offsetof(sec_PKCS12CRLBag, value), &sec_pkcs12_crl_bag_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12CertBagTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12CertBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12CertBag, bagID) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(sec_PKCS12CertBag, value), &sec_pkcs12_cert_bag_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12SecretBagTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12SecretBag) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12SecretBag, secretType) },
- { SEC_ASN1_ANY, offsetof(sec_PKCS12SecretBag, secretContent) },
- { 0 }
-};
-
-const SEC_ASN1Template sec_PKCS12AttributeTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_PKCS12Attribute) },
- { SEC_ASN1_OBJECT_ID, offsetof(sec_PKCS12Attribute, attrType) },
- { SEC_ASN1_SET_OF | SEC_ASN1_DYNAMIC,
- offsetof(sec_PKCS12Attribute, attrValue),
- &sec_pkcs12_attr_chooser },
- { 0 }
-};
diff --git a/security/nss/lib/pkcs12/pkcs12.h b/security/nss/lib/pkcs12/pkcs12.h
deleted file mode 100644
index dd9d99594..000000000
--- a/security/nss/lib/pkcs12/pkcs12.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-
-#ifndef _PKCS12_H_
-#define _PKCS12_H_
-
-#include "pkcs12t.h"
-#include "p12.h"
-
-typedef SECItem * (* SEC_PKCS12GetPassword)(void *arg);
-
-/* Decode functions */
-/* Import a PFX item.
- * der_pfx is the der-encoded pfx item to import.
- * pbef, and pbefarg are used to retrieve passwords for the HMAC,
- * and any passwords needed for passing to PKCS5 encryption
- * routines.
- * algorithm is the algorithm by which private keys are stored in
- * the key database. this could be a specific algorithm or could
- * be based on a global setting.
- * slot is the slot to where the certificates will be placed. if NULL,
- * the internal key slot is used.
- * If the process is successful, a SECSuccess is returned, otherwise
- * a failure occurred.
- */
-SECStatus
-SEC_PKCS12PutPFX(SECItem *der_pfx, SECItem *pwitem,
- SEC_PKCS12NicknameCollisionCallback ncCall,
- PK11SlotInfo *slot, void *wincx);
-
-/* check the first two bytes of a file to make sure that it matches
- * the desired header for a PKCS 12 file
- */
-PRBool SEC_PKCS12ValidData(char *buf, int bufLen, long int totalLength);
-
-#endif
diff --git a/security/nss/lib/pkcs12/pkcs12t.h b/security/nss/lib/pkcs12/pkcs12t.h
deleted file mode 100644
index 53c36c3f7..000000000
--- a/security/nss/lib/pkcs12/pkcs12t.h
+++ /dev/null
@@ -1,386 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _PKCS12T_H_
-#define _PKCS12T_H_
-
-#include "seccomon.h"
-#include "secoid.h"
-#include "cert.h"
-#include "key.h"
-#include "plarena.h"
-#include "secpkcs7.h"
-#include "secdig.h" /* for SGNDigestInfo */
-
-/* PKCS12 Structures */
-typedef struct SEC_PKCS12PFXItemStr SEC_PKCS12PFXItem;
-typedef struct SEC_PKCS12MacDataStr SEC_PKCS12MacData;
-typedef struct SEC_PKCS12AuthenticatedSafeStr SEC_PKCS12AuthenticatedSafe;
-typedef struct SEC_PKCS12BaggageItemStr SEC_PKCS12BaggageItem;
-typedef struct SEC_PKCS12BaggageStr SEC_PKCS12Baggage;
-typedef struct SEC_PKCS12Baggage_OLDStr SEC_PKCS12Baggage_OLD;
-typedef struct SEC_PKCS12ESPVKItemStr SEC_PKCS12ESPVKItem;
-typedef struct SEC_PKCS12PVKSupportingDataStr SEC_PKCS12PVKSupportingData;
-typedef struct SEC_PKCS12PVKAdditionalDataStr SEC_PKCS12PVKAdditionalData;
-typedef struct SEC_PKCS12SafeContentsStr SEC_PKCS12SafeContents;
-typedef struct SEC_PKCS12SafeBagStr SEC_PKCS12SafeBag;
-typedef struct SEC_PKCS12PrivateKeyStr SEC_PKCS12PrivateKey;
-typedef struct SEC_PKCS12PrivateKeyBagStr SEC_PKCS12PrivateKeyBag;
-typedef struct SEC_PKCS12CertAndCRLBagStr SEC_PKCS12CertAndCRLBag;
-typedef struct SEC_PKCS12CertAndCRLStr SEC_PKCS12CertAndCRL;
-typedef struct SEC_PKCS12X509CertCRLStr SEC_PKCS12X509CertCRL;
-typedef struct SEC_PKCS12SDSICertStr SEC_PKCS12SDSICert;
-typedef struct SEC_PKCS12SecretStr SEC_PKCS12Secret;
-typedef struct SEC_PKCS12SecretAdditionalStr SEC_PKCS12SecretAdditional;
-typedef struct SEC_PKCS12SecretItemStr SEC_PKCS12SecretItem;
-typedef struct SEC_PKCS12SecretBagStr SEC_PKCS12SecretBag;
-
-typedef SECItem *(* SEC_PKCS12PasswordFunc)(SECItem *args);
-
-/* PKCS12 types */
-
-/* stores shrouded keys */
-struct SEC_PKCS12BaggageStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12BaggageItem **bags;
-
- int luggage_size; /* used locally */
-};
-
-/* additional data to be associated with keys. currently there
- * is nothing defined to be stored here. allows future expansion.
- */
-struct SEC_PKCS12PVKAdditionalDataStr
-{
- PRArenaPool *poolp;
- SECOidData *pvkAdditionalTypeTag; /* used locally */
- SECItem pvkAdditionalType;
- SECItem pvkAdditionalContent;
-};
-
-/* cert and other supporting data for private keys. used
- * for both shrouded and non-shrouded keys.
- */
-struct SEC_PKCS12PVKSupportingDataStr
-{
- PRArenaPool *poolp;
- SGNDigestInfo **assocCerts;
- SECItem regenerable;
- SECItem nickname;
- SEC_PKCS12PVKAdditionalData pvkAdditional;
- SECItem pvkAdditionalDER;
-
- SECItem uniNickName;
- /* used locally */
- int nThumbs;
-};
-
-/* shrouded key structure. supports only pkcs8 shrouding
- * currently.
- */
-struct SEC_PKCS12ESPVKItemStr
-{
- PRArenaPool *poolp; /* used locally */
- SECOidData *espvkTag; /* used locally */
- SECItem espvkOID;
- SEC_PKCS12PVKSupportingData espvkData;
- union
- {
- SECKEYEncryptedPrivateKeyInfo *pkcs8KeyShroud;
- } espvkCipherText;
-
- PRBool duplicate; /* used locally */
- PRBool problem_cert; /* used locally */
- PRBool single_cert; /* used locally */
- int nCerts; /* used locally */
- SECItem derCert; /* used locally */
-};
-
-/* generic bag store for the safe. safeBagType identifies
- * the type of bag stored.
- */
-struct SEC_PKCS12SafeBagStr
-{
- PRArenaPool *poolp;
- SECOidData *safeBagTypeTag; /* used locally */
- SECItem safeBagType;
- union
- {
- SEC_PKCS12PrivateKeyBag *keyBag;
- SEC_PKCS12CertAndCRLBag *certAndCRLBag;
- SEC_PKCS12SecretBag *secretBag;
- } safeContent;
-
- SECItem derSafeContent;
- SECItem safeBagName;
-
- SECItem uniSafeBagName;
-};
-
-/* stores private keys and certificates in a list. each safebag
- * has an ID identifying the type of content stored.
- */
-struct SEC_PKCS12SafeContentsStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12SafeBag **contents;
-
- /* used for tracking purposes */
- int safe_size;
- PRBool old;
- PRBool swapUnicode;
- PRBool possibleSwapUnicode;
-};
-
-/* private key structure which holds encrypted private key and
- * supporting data including nickname and certificate thumbprint.
- */
-struct SEC_PKCS12PrivateKeyStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12PVKSupportingData pvkData;
- SECKEYPrivateKeyInfo pkcs8data; /* borrowed from PKCS 8 */
-
- PRBool duplicate; /* used locally */
- PRBool problem_cert;/* used locally */
- PRBool single_cert; /* used locally */
- int nCerts; /* used locally */
- SECItem derCert; /* used locally */
-};
-
-/* private key bag, holds a (null terminated) list of private key
- * structures.
- */
-struct SEC_PKCS12PrivateKeyBagStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12PrivateKey **privateKeys;
-
- int bag_size; /* used locally */
-};
-
-/* container to hold certificates. currently supports x509
- * and sdsi certificates
- */
-struct SEC_PKCS12CertAndCRLStr
-{
- PRArenaPool *poolp;
- SECOidData *BagTypeTag; /* used locally */
- SECItem BagID;
- union
- {
- SEC_PKCS12X509CertCRL *x509;
- SEC_PKCS12SDSICert *sdsi;
- } value;
-
- SECItem derValue;
- SECItem nickname; /* used locally */
- PRBool duplicate; /* used locally */
-};
-
-/* x509 certificate structure. typically holds the der encoding
- * of the x509 certificate. thumbprint contains a digest of the
- * certificate
- */
-struct SEC_PKCS12X509CertCRLStr
-{
- PRArenaPool *poolp;
- SEC_PKCS7ContentInfo certOrCRL;
- SGNDigestInfo thumbprint;
-
- SECItem *derLeafCert; /* used locally */
-};
-
-/* sdsi certificate structure. typically holds the der encoding
- * of the sdsi certificate. thumbprint contains a digest of the
- * certificate
- */
-struct SEC_PKCS12SDSICertStr
-{
- PRArenaPool *poolp;
- SECItem value;
- SGNDigestInfo thumbprint;
-};
-
-/* contains a null terminated list of certs and crls */
-struct SEC_PKCS12CertAndCRLBagStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12CertAndCRL **certAndCRLs;
-
- int bag_size; /* used locally */
-};
-
-/* additional secret information. currently no information
- * stored in this structure.
- */
-struct SEC_PKCS12SecretAdditionalStr
-{
- PRArenaPool *poolp;
- SECOidData *secretTypeTag; /* used locally */
- SECItem secretAdditionalType;
- SECItem secretAdditionalContent;
-};
-
-/* secrets container. this will be used to contain currently
- * unspecified secrets. (it's a secret)
- */
-struct SEC_PKCS12SecretStr
-{
- PRArenaPool *poolp;
- SECItem secretName;
- SECItem value;
- SEC_PKCS12SecretAdditional secretAdditional;
-
- SECItem uniSecretName;
-};
-
-struct SEC_PKCS12SecretItemStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12Secret secret;
- SEC_PKCS12SafeBag subFolder;
-};
-
-/* a bag of secrets. holds a null terminated list of secrets.
- */
-struct SEC_PKCS12SecretBagStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12SecretItem **secrets;
-
- int bag_size; /* used locally */
-};
-
-struct SEC_PKCS12MacDataStr
-{
- SGNDigestInfo safeMac;
- SECItem macSalt;
-};
-
-/* outer transfer unit */
-struct SEC_PKCS12PFXItemStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12MacData macData;
- SEC_PKCS7ContentInfo authSafe;
-
- /* for compatibility with beta */
- PRBool old;
- SGNDigestInfo old_safeMac;
- SECItem old_macSalt;
-
- /* compatibility between platforms for unicode swapping */
- PRBool swapUnicode;
-};
-
-struct SEC_PKCS12BaggageItemStr {
- PRArenaPool *poolp;
- SEC_PKCS12ESPVKItem **espvks;
- SEC_PKCS12SafeBag **unencSecrets;
-
- int nEspvks;
- int nSecrets;
-};
-
-/* stores shrouded keys */
-struct SEC_PKCS12Baggage_OLDStr
-{
- PRArenaPool *poolp;
- SEC_PKCS12ESPVKItem **espvks;
-
- int luggage_size; /* used locally */
-};
-
-/* authenticated safe, stores certs, keys, and shrouded keys */
-struct SEC_PKCS12AuthenticatedSafeStr
-{
- PRArenaPool *poolp;
- SECItem version;
- SECOidData *transportTypeTag; /* local not part of encoding*/
- SECItem transportMode;
- SECItem privacySalt;
- SEC_PKCS12Baggage baggage;
- SEC_PKCS7ContentInfo *safe;
-
- /* used for beta compatibility */
- PRBool old;
- PRBool emptySafe;
- SEC_PKCS12Baggage_OLD old_baggage;
- SEC_PKCS7ContentInfo old_safe;
- PRBool swapUnicode;
-};
-#define SEC_PKCS12_PFX_VERSION 1 /* what we create */
-
-
-
-/* PKCS 12 Templates */
-extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12PFXItemTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12MacDataTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12AuthenticatedSafeTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12BaggageTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PVKAdditionalTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12SafeContentsTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SafeBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PrivateKeyTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PrivateKeyBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CertAndCRLTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CertAndCRLBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12X509CertCRLTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SDSICertTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretItemTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12SecretAdditionalTemplate[];
-extern const SEC_ASN1Template SGN_DigestInfoTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12KeyBagTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12CertAndCRLBagTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12SecretBagTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12X509CertCRLTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPKCS12SDSICertTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CodedSafeBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CodedCertBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12CodedCertAndCRLBagTemplate[];
-extern const SEC_ASN1Template SEC_PKCS12PVKSupportingDataTemplate_OLD[];
-extern const SEC_ASN1Template SEC_PKCS12ESPVKItemTemplate_OLD[];
-#endif
diff --git a/security/nss/lib/pkcs7/Makefile b/security/nss/lib/pkcs7/Makefile
deleted file mode 100644
index cb85677bc..000000000
--- a/security/nss/lib/pkcs7/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/lib/pkcs7/certread.c b/security/nss/lib/pkcs7/certread.c
deleted file mode 100644
index 073a9e545..000000000
--- a/security/nss/lib/pkcs7/certread.c
+++ /dev/null
@@ -1,537 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "secpkcs7.h"
-#include "base64.h"
-#include "secitem.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-
-SEC_ASN1_MKSUB(SEC_AnyTemplate)
-
-SECStatus
-SEC_ReadPKCS7Certs(SECItem *pkcs7Item, CERTImportCertificateFunc f, void *arg)
-{
- SEC_PKCS7ContentInfo *contentInfo = NULL;
- SECStatus rv;
- SECItem **certs;
- int count;
-
- contentInfo = SEC_PKCS7DecodeItem(pkcs7Item, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL);
- if ( contentInfo == NULL ) {
- goto loser;
- }
-
- if ( SEC_PKCS7ContentType (contentInfo) != SEC_OID_PKCS7_SIGNED_DATA ) {
- goto loser;
- }
-
- certs = contentInfo->content.signedData->rawCerts;
- if ( certs ) {
- count = 0;
-
- while ( *certs ) {
- count++;
- certs++;
- }
- rv = (* f)(arg, contentInfo->content.signedData->rawCerts, count);
- }
-
- rv = SECSuccess;
-
- goto done;
-loser:
- rv = SECFailure;
-
-done:
- if ( contentInfo ) {
- SEC_PKCS7DestroyContentInfo(contentInfo);
- }
-
- return(rv);
-}
-
-const SEC_ASN1Template SEC_CertSequenceTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF | SEC_ASN1_XTRN, 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
-};
-
-SECStatus
-SEC_ReadCertSequence(SECItem *certsItem, CERTImportCertificateFunc f, void *arg)
-{
- SECStatus rv;
- SECItem **certs;
- int count;
- SECItem **rawCerts = NULL;
- PRArenaPool *arena;
- SEC_PKCS7ContentInfo *contentInfo = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- return SECFailure;
- }
-
- contentInfo = SEC_PKCS7DecodeItem(certsItem, NULL, NULL, NULL, NULL, NULL,
- NULL, NULL);
- if ( contentInfo == NULL ) {
- goto loser;
- }
-
- if ( SEC_PKCS7ContentType (contentInfo) != SEC_OID_NS_TYPE_CERT_SEQUENCE ) {
- goto loser;
- }
-
-
- rv = SEC_ASN1DecodeItem(arena, &rawCerts, SEC_CertSequenceTemplate,
- contentInfo->content.data);
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- certs = rawCerts;
- if ( certs ) {
- count = 0;
-
- while ( *certs ) {
- count++;
- certs++;
- }
- rv = (* f)(arg, rawCerts, count);
- }
-
- rv = SECSuccess;
-
- goto done;
-loser:
- rv = SECFailure;
-
-done:
- if ( contentInfo ) {
- SEC_PKCS7DestroyContentInfo(contentInfo);
- }
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(rv);
-}
-
-CERTCertificate *
-CERT_ConvertAndDecodeCertificate(char *certstr)
-{
- CERTCertificate *cert;
- SECStatus rv;
- SECItem der;
-
- rv = ATOB_ConvertAsciiToItem(&der, certstr);
- if (rv != SECSuccess)
- return NULL;
-
- cert = CERT_DecodeDERCertificate(&der, PR_TRUE, NULL);
-
- PORT_Free(der.data);
- return cert;
-}
-
-#define NS_CERT_HEADER "-----BEGIN CERTIFICATE-----"
-#define NS_CERT_TRAILER "-----END CERTIFICATE-----"
-
-#define CERTIFICATE_TYPE_STRING "certificate"
-#define CERTIFICATE_TYPE_LEN (sizeof(CERTIFICATE_TYPE_STRING)-1)
-
-CERTPackageType
-CERT_CertPackageType(SECItem *package, SECItem *certitem)
-{
- unsigned char *cp;
- int seqLen, seqLenLen;
- SECItem oiditem;
- SECOidData *oiddata;
- CERTPackageType type = certPackageNone;
-
- cp = package->data;
-
- /* is a DER encoded certificate of some type? */
- if ( ( *cp & 0x1f ) == SEC_ASN1_SEQUENCE ) {
- cp++;
-
- if ( *cp & 0x80) {
- /* Multibyte length */
- seqLenLen = cp[0] & 0x7f;
-
- switch (seqLenLen) {
- case 4:
- seqLen = ((unsigned long)cp[1]<<24) |
- ((unsigned long)cp[2]<<16) | (cp[3]<<8) | cp[4];
- break;
- case 3:
- seqLen = ((unsigned long)cp[1]<<16) | (cp[2]<<8) | cp[3];
- break;
- case 2:
- seqLen = (cp[1]<<8) | cp[2];
- break;
- case 1:
- seqLen = cp[1];
- break;
- default:
- /* indefinite length */
- seqLen = 0;
- }
- cp += ( seqLenLen + 1 );
-
- } else {
- seqLenLen = 0;
- seqLen = *cp;
- cp++;
- }
-
- /* check entire length if definite length */
- if ( seqLen || seqLenLen ) {
- if ( package->len != ( seqLen + seqLenLen + 2 ) ) {
- /* not a DER package */
- return(type);
- }
- }
-
- /* check the type string */
- /* netscape wrapped DER cert */
- if ( ( cp[0] == SEC_ASN1_OCTET_STRING ) &&
- ( cp[1] == CERTIFICATE_TYPE_LEN ) &&
- ( PORT_Strcmp((char *)&cp[2], CERTIFICATE_TYPE_STRING) ) ) {
-
- cp += ( CERTIFICATE_TYPE_LEN + 2 );
-
- /* it had better be a certificate by now!! */
- if ( certitem ) {
- certitem->data = cp;
- certitem->len = package->len -
- ( cp - (unsigned char *)package->data );
- }
- type = certPackageNSCertWrap;
-
- } else if ( cp[0] == SEC_ASN1_OBJECT_ID ) {
- /* XXX - assume DER encoding of OID len!! */
- oiditem.len = cp[1];
- oiditem.data = (unsigned char *)&cp[2];
- oiddata = SECOID_FindOID(&oiditem);
- if ( oiddata == NULL ) {
- /* failure */
- return(type);
- }
-
- if ( certitem ) {
- certitem->data = package->data;
- certitem->len = package->len;
- }
-
- switch ( oiddata->offset ) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- type = certPackagePKCS7;
- break;
- case SEC_OID_NS_TYPE_CERT_SEQUENCE:
- type = certPackageNSCertSeq;
- break;
- default:
- break;
- }
-
- } else {
- /* it had better be a certificate by now!! */
- if ( certitem ) {
- certitem->data = package->data;
- certitem->len = package->len;
- }
-
- type = certPackageCert;
- }
- }
-
- return(type);
-}
-
-/*
- * read an old style ascii or binary certificate chain
- */
-SECStatus
-CERT_DecodeCertPackage(char *certbuf,
- int certlen,
- CERTImportCertificateFunc f,
- void *arg)
-{
- unsigned char *cp;
- int seqLen, seqLenLen;
- int cl;
- unsigned char *bincert = NULL, *certbegin = NULL, *certend = NULL;
- unsigned int binLen;
- char *ascCert = NULL;
- int asciilen;
- CERTCertificate *cert;
- SECItem certitem, oiditem;
- SECStatus rv;
- SECOidData *oiddata;
- SECItem *pcertitem = &certitem;
-
- if ( certbuf == NULL ) {
- return(SECFailure);
- }
-
- cert = 0;
- cp = (unsigned char *)certbuf;
-
- /* is a DER encoded certificate of some type? */
- if ( ( *cp & 0x1f ) == SEC_ASN1_SEQUENCE ) {
- cp++;
-
- if ( *cp & 0x80) {
- /* Multibyte length */
- seqLenLen = cp[0] & 0x7f;
-
- switch (seqLenLen) {
- case 4:
- seqLen = ((unsigned long)cp[1]<<24) |
- ((unsigned long)cp[2]<<16) | (cp[3]<<8) | cp[4];
- break;
- case 3:
- seqLen = ((unsigned long)cp[1]<<16) | (cp[2]<<8) | cp[3];
- break;
- case 2:
- seqLen = (cp[1]<<8) | cp[2];
- break;
- case 1:
- seqLen = cp[1];
- break;
- default:
- /* indefinite length */
- seqLen = 0;
- }
- cp += ( seqLenLen + 1 );
-
- } else {
- seqLenLen = 0;
- seqLen = *cp;
- cp++;
- }
-
- /* check entire length if definite length */
- if ( seqLen || seqLenLen ) {
- if ( certlen != ( seqLen + seqLenLen + 2 ) ) {
- goto notder;
- }
- }
-
- /* check the type string */
- /* netscape wrapped DER cert */
- if ( ( cp[0] == SEC_ASN1_OCTET_STRING ) &&
- ( cp[1] == CERTIFICATE_TYPE_LEN ) &&
- ( PORT_Strcmp((char *)&cp[2], CERTIFICATE_TYPE_STRING) ) ) {
-
- cp += ( CERTIFICATE_TYPE_LEN + 2 );
-
- /* it had better be a certificate by now!! */
- certitem.data = cp;
- certitem.len = certlen - ( cp - (unsigned char *)certbuf );
-
- rv = (* f)(arg, &pcertitem, 1);
-
- return(rv);
- } else if ( cp[0] == SEC_ASN1_OBJECT_ID ) {
- /* XXX - assume DER encoding of OID len!! */
- oiditem.len = cp[1];
- oiditem.data = (unsigned char *)&cp[2];
- oiddata = SECOID_FindOID(&oiditem);
- if ( oiddata == NULL ) {
- return(SECFailure);
- }
-
- certitem.data = (unsigned char*)certbuf;
- certitem.len = certlen;
-
- switch ( oiddata->offset ) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- return(SEC_ReadPKCS7Certs(&certitem, f, arg));
- break;
- case SEC_OID_NS_TYPE_CERT_SEQUENCE:
- return(SEC_ReadCertSequence(&certitem, f, arg));
- break;
- default:
- break;
- }
-
- } else {
- /* it had better be a certificate by now!! */
- certitem.data = (unsigned char*)certbuf;
- certitem.len = certlen;
-
- rv = (* f)(arg, &pcertitem, 1);
- return(rv);
- }
- }
-
- /* now look for a netscape base64 ascii encoded cert */
-notder:
- cp = (unsigned char *)certbuf;
- cl = certlen;
- certbegin = 0;
- certend = 0;
-
- /* find the beginning marker */
- while ( cl > sizeof(NS_CERT_HEADER) ) {
- if ( !PORT_Strncasecmp((char *)cp, NS_CERT_HEADER,
- sizeof(NS_CERT_HEADER)-1) ) {
- cp = cp + sizeof(NS_CERT_HEADER);
- certbegin = cp;
- break;
- }
-
- /* skip to next eol */
- do {
- cp++;
- cl--;
- } while ( ( *cp != '\n') && cl );
-
- /* skip all blank lines */
- while ( ( *cp == '\n') && cl ) {
- cp++;
- cl--;
- }
- }
-
- if ( certbegin ) {
-
- /* find the ending marker */
- while ( cl > sizeof(NS_CERT_TRAILER) ) {
- if ( !PORT_Strncasecmp((char *)cp, NS_CERT_TRAILER,
- sizeof(NS_CERT_TRAILER)-1) ) {
- certend = (unsigned char *)cp;
- break;
- }
-
- /* skip to next eol */
- do {
- cp++;
- cl--;
- } while ( ( *cp != '\n') && cl );
-
- /* skip all blank lines */
- while ( ( *cp == '\n') && cl ) {
- cp++;
- cl--;
- }
- }
- }
-
- if ( certbegin && certend ) {
-
- /* Convert the ASCII data into a nul-terminated string */
- asciilen = certend - certbegin;
- ascCert = (char *)PORT_Alloc(asciilen+1);
- if (!ascCert) {
- rv = SECFailure;
- goto loser;
- }
-
- PORT_Memcpy(ascCert, certbegin, asciilen);
- ascCert[asciilen] = '\0';
-
- /* convert to binary */
- bincert = ATOB_AsciiToData(ascCert, &binLen);
- if (!bincert) {
- rv = SECFailure;
- goto loser;
- }
-
- /* now recurse to decode the binary */
- rv = CERT_DecodeCertPackage((char *)bincert, binLen, f, arg);
-
- } else {
- rv = SECFailure;
- }
-
-loser:
-
- if ( bincert ) {
- PORT_Free(bincert);
- }
-
- if ( ascCert ) {
- PORT_Free(ascCert);
- }
-
- return(rv);
-}
-
-typedef struct {
- PRArenaPool *arena;
- SECItem cert;
-} collect_args;
-
-static SECStatus
-collect_certs(void *arg, SECItem **certs, int numcerts)
-{
- SECStatus rv;
- collect_args *collectArgs;
-
- collectArgs = (collect_args *)arg;
-
- rv = SECITEM_CopyItem(collectArgs->arena, &collectArgs->cert, *certs);
-
- return(rv);
-}
-
-
-/*
- * read an old style ascii or binary certificate
- */
-CERTCertificate *
-CERT_DecodeCertFromPackage(char *certbuf, int certlen)
-{
- collect_args collectArgs;
- SECStatus rv;
- CERTCertificate *cert = NULL;
-
- collectArgs.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- rv = CERT_DecodeCertPackage(certbuf, certlen, collect_certs,
- (void *)&collectArgs);
- if ( rv == SECSuccess ) {
- cert = CERT_DecodeDERCertificate(&collectArgs.cert, PR_TRUE, NULL);
- }
-
- PORT_FreeArena(collectArgs.arena, PR_FALSE);
-
- return(cert);
-}
diff --git a/security/nss/lib/pkcs7/config.mk b/security/nss/lib/pkcs7/config.mk
deleted file mode 100644
index ec34728f9..000000000
--- a/security/nss/lib/pkcs7/config.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
diff --git a/security/nss/lib/pkcs7/manifest.mn b/security/nss/lib/pkcs7/manifest.mn
deleted file mode 100644
index 64cc3e05f..000000000
--- a/security/nss/lib/pkcs7/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- secmime.h \
- secpkcs7.h \
- pkcs7t.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- p7local.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- certread.c \
- p7common.c \
- p7create.c \
- p7decode.c \
- p7encode.c \
- p7local.c \
- secmime.c \
- $(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = pkcs7
diff --git a/security/nss/lib/pkcs7/p7common.c b/security/nss/lib/pkcs7/p7common.c
deleted file mode 100644
index 329b078ed..000000000
--- a/security/nss/lib/pkcs7/p7common.c
+++ /dev/null
@@ -1,747 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 implementation -- the exported parts that are used whether
- * creating or decoding.
- *
- * $Id$
- */
-
-#include "p7local.h"
-
-#include "cert.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-
-/*
- * Find out (saving pointer to lookup result for future reference)
- * and return the inner content type.
- */
-SECOidTag
-SEC_PKCS7ContentType (SEC_PKCS7ContentInfo *cinfo)
-{
- if (cinfo->contentTypeTag == NULL)
- cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-
- if (cinfo->contentTypeTag == NULL)
- return SEC_OID_UNKNOWN;
-
- return cinfo->contentTypeTag->offset;
-}
-
-
-/*
- * Destroy a PKCS7 contentInfo and all of its sub-pieces.
- */
-void
-SEC_PKCS7DestroyContentInfo(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
- CERTCertificate **certs;
- CERTCertificateList **certlists;
- SEC_PKCS7SignerInfo **signerinfos;
- SEC_PKCS7RecipientInfo **recipientinfos;
-
- PORT_Assert (cinfo->refCount > 0);
- if (cinfo->refCount <= 0)
- return;
-
- cinfo->refCount--;
- if (cinfo->refCount > 0)
- return;
-
- certs = NULL;
- certlists = NULL;
- recipientinfos = NULL;
- signerinfos = NULL;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *edp;
-
- edp = cinfo->content.envelopedData;
- if (edp != NULL) {
- recipientinfos = edp->recipientInfos;
- }
- }
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- if (sdp != NULL) {
- certs = sdp->certs;
- certlists = sdp->certLists;
- signerinfos = sdp->signerInfos;
- }
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- if (saedp != NULL) {
- certs = saedp->certs;
- certlists = saedp->certLists;
- recipientinfos = saedp->recipientInfos;
- signerinfos = saedp->signerInfos;
- if (saedp->sigKey != NULL)
- PK11_FreeSymKey (saedp->sigKey);
- }
- }
- break;
- default:
- /* XXX Anything else that needs to be "manually" freed/destroyed? */
- break;
- }
-
- if (certs != NULL) {
- CERTCertificate *cert;
-
- while ((cert = *certs++) != NULL) {
- CERT_DestroyCertificate (cert);
- }
- }
-
- if (certlists != NULL) {
- CERTCertificateList *certlist;
-
- while ((certlist = *certlists++) != NULL) {
- CERT_DestroyCertificateList (certlist);
- }
- }
-
- if (recipientinfos != NULL) {
- SEC_PKCS7RecipientInfo *ri;
-
- while ((ri = *recipientinfos++) != NULL) {
- if (ri->cert != NULL)
- CERT_DestroyCertificate (ri->cert);
- }
- }
-
- if (signerinfos != NULL) {
- SEC_PKCS7SignerInfo *si;
-
- while ((si = *signerinfos++) != NULL) {
- if (si->cert != NULL)
- CERT_DestroyCertificate (si->cert);
- if (si->certList != NULL)
- CERT_DestroyCertificateList (si->certList);
- }
- }
-
- if (cinfo->poolp != NULL) {
- PORT_FreeArena (cinfo->poolp, PR_FALSE); /* XXX clear it? */
- }
-}
-
-
-/*
- * Return a copy of the given contentInfo. The copy may be virtual
- * or may be real -- either way, the result needs to be passed to
- * SEC_PKCS7DestroyContentInfo later (as does the original).
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CopyContentInfo(SEC_PKCS7ContentInfo *cinfo)
-{
- if (cinfo == NULL)
- return NULL;
-
- PORT_Assert (cinfo->refCount > 0);
-
- if (cinfo->created) {
- /*
- * Want to do a real copy of these; otherwise subsequent
- * changes made to either copy are likely to be a surprise.
- * XXX I suspect that this will not actually be called for yet,
- * which is why the assert, so to notice if it is...
- */
- PORT_Assert (0);
- /*
- * XXX Create a new pool here, and copy everything from
- * within. For cert stuff, need to call the appropriate
- * copy functions, etc.
- */
- }
-
- cinfo->refCount++;
- return cinfo;
-}
-
-
-/*
- * Return a pointer to the actual content. In the case of those types
- * which are encrypted, this returns the *plain* content.
- * XXX Needs revisiting if/when we handle nested encrypted types.
- */
-SECItem *
-SEC_PKCS7GetContent(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_DATA:
- return cinfo->content.data;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- {
- SEC_PKCS7DigestedData *digd;
-
- digd = cinfo->content.digestedData;
- if (digd == NULL)
- break;
- return SEC_PKCS7GetContent (&(digd->contentInfo));
- }
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- {
- SEC_PKCS7EncryptedData *encd;
-
- encd = cinfo->content.encryptedData;
- if (encd == NULL)
- break;
- return &(encd->encContentInfo.plainContent);
- }
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *envd;
-
- envd = cinfo->content.envelopedData;
- if (envd == NULL)
- break;
- return &(envd->encContentInfo.plainContent);
- }
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sigd;
-
- sigd = cinfo->content.signedData;
- if (sigd == NULL)
- break;
- return SEC_PKCS7GetContent (&(sigd->contentInfo));
- }
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saed;
-
- saed = cinfo->content.signedAndEnvelopedData;
- if (saed == NULL)
- break;
- return &(saed->encContentInfo.plainContent);
- }
- default:
- PORT_Assert(0);
- break;
- }
-
- return NULL;
-}
-
-
-/*
- * XXX Fix the placement and formatting of the
- * following routines (i.e. make them consistent with the rest of
- * the pkcs7 code -- I think some/many belong in other files and
- * they all need a formatting/style rehaul)
- */
-
-/* retrieve the algorithm identifier for encrypted data.
- * the identifier returned is a copy of the algorithm identifier
- * in the content info and needs to be freed after being used.
- *
- * cinfo is the content info for which to retrieve the
- * encryption algorithm.
- *
- * if the content info is not encrypted data or an error
- * occurs NULL is returned.
- */
-SECAlgorithmID *
-SEC_PKCS7GetEncryptionAlgorithm(SEC_PKCS7ContentInfo *cinfo)
-{
- SECAlgorithmID *alg = 0;
- switch (SEC_PKCS7ContentType(cinfo))
- {
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- alg = &cinfo->content.encryptedData->encContentInfo.contentEncAlg;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- alg = &cinfo->content.envelopedData->encContentInfo.contentEncAlg;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- alg = &cinfo->content.signedAndEnvelopedData
- ->encContentInfo.contentEncAlg;
- break;
- default:
- alg = 0;
- break;
- }
-
- return alg;
-}
-
-/* set the content of the content info. For data content infos,
- * the data is set. For encrytped content infos, the plainContent
- * is set, and is expected to be encrypted later.
- *
- * cinfo is the content info where the data will be set
- *
- * buf is a buffer of the data to set
- *
- * len is the length of the data being set.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates the content was successfully set.
- */
-SECStatus
-SEC_PKCS7SetContent(SEC_PKCS7ContentInfo *cinfo,
- const char *buf,
- unsigned long len)
-{
- SECOidTag cinfo_type;
- SECStatus rv;
- SECItem content;
- SECOidData *contentTypeTag = NULL;
-
- content.data = (unsigned char *)buf;
- content.len = len;
-
- cinfo_type = SEC_PKCS7ContentType(cinfo);
-
- /* set inner content */
- switch(cinfo_type)
- {
- case SEC_OID_PKCS7_SIGNED_DATA:
- if(content.len > 0) {
- /* we "leak" the old content here, but as it's all in the pool */
- /* it does not really matter */
-
- /* create content item if necessary */
- if (cinfo->content.signedData->contentInfo.content.data == NULL)
- cinfo->content.signedData->contentInfo.content.data = SECITEM_AllocItem(cinfo->poolp, NULL, 0);
- rv = SECITEM_CopyItem(cinfo->poolp,
- cinfo->content.signedData->contentInfo.content.data,
- &content);
- } else {
- cinfo->content.signedData->contentInfo.content.data->data = NULL;
- cinfo->content.signedData->contentInfo.content.data->len = 0;
- rv = SECSuccess;
- }
- if(rv == SECFailure)
- goto loser;
-
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- /* XXX this forces the inner content type to be "data" */
- /* do we really want to override without asking or reason? */
- contentTypeTag = SECOID_FindOIDByTag(SEC_OID_PKCS7_DATA);
- if(contentTypeTag == NULL)
- goto loser;
- rv = SECITEM_CopyItem(cinfo->poolp,
- &(cinfo->content.encryptedData->encContentInfo.contentType),
- &(contentTypeTag->oid));
- if(rv == SECFailure)
- goto loser;
- if(content.len > 0) {
- rv = SECITEM_CopyItem(cinfo->poolp,
- &(cinfo->content.encryptedData->encContentInfo.plainContent),
- &content);
- } else {
- cinfo->content.encryptedData->encContentInfo.plainContent.data = NULL;
- cinfo->content.encryptedData->encContentInfo.encContent.data = NULL;
- cinfo->content.encryptedData->encContentInfo.plainContent.len = 0;
- cinfo->content.encryptedData->encContentInfo.encContent.len = 0;
- rv = SECSuccess;
- }
- if(rv == SECFailure)
- goto loser;
- break;
- case SEC_OID_PKCS7_DATA:
- cinfo->content.data = (SECItem *)PORT_ArenaZAlloc(cinfo->poolp,
- sizeof(SECItem));
- if(cinfo->content.data == NULL)
- goto loser;
- if(content.len > 0) {
- rv = SECITEM_CopyItem(cinfo->poolp,
- cinfo->content.data, &content);
- } else {
- /* handle case with NULL content */
- rv = SECSuccess;
- }
- if(rv == SECFailure)
- goto loser;
- break;
- default:
- goto loser;
- }
-
- return SECSuccess;
-
-loser:
-
- return SECFailure;
-}
-
-/* the content of an encrypted data content info is encrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "plainContent" field of the content info.
- *
- * cinfo is the content info to encrypt
- *
- * key is the key with which to perform the encryption. if the
- * algorithm is a password based encryption algorithm, the
- * key is actually a password which will be processed per
- * PKCS #5.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates a success.
- */
-SECStatus
-SEC_PKCS7EncryptContents(PRArenaPool *poolp,
- SEC_PKCS7ContentInfo *cinfo,
- SECItem *key,
- void *wincx)
-{
- SECAlgorithmID *algid = NULL;
- SECItem * result = NULL;
- SECItem * src;
- SECItem * dest;
- SECItem * blocked_data = NULL;
- void * mark;
- void * cx;
- PK11SymKey * eKey = NULL;
- PK11SlotInfo * slot = NULL;
-
- CK_MECHANISM pbeMech;
- CK_MECHANISM cryptoMech;
- int bs;
- SECOidTag algtag;
- SECStatus rv = SECFailure;
- SECItem c_param;
-
- if((cinfo == NULL) || (key == NULL))
- return SECFailure;
-
- if(SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_ENCRYPTED_DATA)
- return SECFailure;
-
- algid = SEC_PKCS7GetEncryptionAlgorithm(cinfo);
- if(algid == NULL)
- return SECFailure;
-
- if(poolp == NULL)
- poolp = cinfo->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- src = &cinfo->content.encryptedData->encContentInfo.plainContent;
- dest = &cinfo->content.encryptedData->encContentInfo.encContent;
- algtag = SECOID_GetAlgorithmTag(algid);
- c_param.data = NULL;
- dest->data = (unsigned char*)PORT_ArenaZAlloc(poolp, (src->len + 64));
- dest->len = (src->len + 64);
- if(dest->data == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- slot = PK11_GetInternalKeySlot();
- if(slot == NULL) {
- rv = SECFailure;
- goto loser;
- }
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- result = PK11_ParamFromAlgid(algid);
- if (result == NULL) {
- rv = SECFailure;
- goto loser;
- }
- pbeMech.pParameter = result->data;
- pbeMech.ulParameterLen = result->len;
-
- eKey = PK11_RawPBEKeyGen(slot, pbeMech.mechanism, result, key, PR_FALSE,
- wincx);
- if(eKey == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- if(PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, key,
- PR_FALSE) != CKR_OK) {
- rv = SECFailure;
- goto loser;
- }
- c_param.data = (unsigned char *)cryptoMech.pParameter;
- c_param.len = cryptoMech.ulParameterLen;
-
- /* block according to PKCS 8 */
- bs = PK11_GetBlockSize(cryptoMech.mechanism, &c_param);
- rv = SECSuccess;
- if(bs) {
- char pad_char;
- pad_char = (char)(bs - (src->len % bs));
- if(src->len % bs) {
- rv = SECSuccess;
- blocked_data = PK11_BlockData(src, bs);
- if(blocked_data) {
- PORT_Memset((blocked_data->data + blocked_data->len - (int)pad_char),
- pad_char, (int)pad_char);
- } else {
- rv = SECFailure;
- goto loser;
- }
- } else {
- blocked_data = SECITEM_DupItem(src);
- if(blocked_data) {
- blocked_data->data = (unsigned char*)PORT_Realloc(
- blocked_data->data,
- blocked_data->len + bs);
- if(blocked_data->data) {
- blocked_data->len += bs;
- PORT_Memset((blocked_data->data + src->len), (char)bs, bs);
- } else {
- rv = SECFailure;
- goto loser;
- }
- } else {
- rv = SECFailure;
- goto loser;
- }
- }
- } else {
- blocked_data = SECITEM_DupItem(src);
- if(!blocked_data) {
- rv = SECFailure;
- goto loser;
- }
- }
-
- cx = PK11_CreateContextBySymKey(cryptoMech.mechanism, CKA_ENCRYPT,
- eKey, &c_param);
- if(cx == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = PK11_CipherOp((PK11Context*)cx, dest->data, (int *)(&dest->len),
- (int)(src->len + 64), blocked_data->data,
- (int)blocked_data->len);
- PK11_DestroyContext((PK11Context*)cx, PR_TRUE);
-
-loser:
- /* let success fall through */
- if(blocked_data != NULL)
- SECITEM_ZfreeItem(blocked_data, PR_TRUE);
-
- if(result != NULL)
- SECITEM_ZfreeItem(result, PR_TRUE);
-
- if(rv == SECFailure)
- PORT_ArenaRelease(poolp, mark);
- else
- PORT_ArenaUnmark(poolp, mark);
-
- if(eKey != NULL)
- PK11_FreeSymKey(eKey);
-
- if(slot != NULL)
- PK11_FreeSlot(slot);
-
- if(c_param.data != NULL)
- SECITEM_ZfreeItem(&c_param, PR_FALSE);
-
- return rv;
-}
-
-/* the content of an encrypted data content info is decrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "encContent" field of the content info.
- *
- * cinfo is the content info to decrypt
- *
- * key is the key with which to perform the decryption. if the
- * algorithm is a password based encryption algorithm, the
- * key is actually a password which will be processed per
- * PKCS #5.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates a success.
- */
-SECStatus
-SEC_PKCS7DecryptContents(PRArenaPool *poolp,
- SEC_PKCS7ContentInfo *cinfo,
- SECItem *key,
- void *wincx)
-{
- SECAlgorithmID *algid = NULL;
- SECOidTag algtag;
- SECStatus rv = SECFailure;
- SECItem *result = NULL, *dest, *src;
- void *mark;
-
- PK11SymKey *eKey = NULL;
- PK11SlotInfo *slot = NULL;
- CK_MECHANISM pbeMech, cryptoMech;
- void *cx;
- SECItem c_param;
- int bs;
-
- if((cinfo == NULL) || (key == NULL))
- return SECFailure;
-
- if(SEC_PKCS7ContentType(cinfo) != SEC_OID_PKCS7_ENCRYPTED_DATA)
- return SECFailure;
-
- algid = SEC_PKCS7GetEncryptionAlgorithm(cinfo);
- if(algid == NULL)
- return SECFailure;
-
- if(poolp == NULL)
- poolp = cinfo->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- src = &cinfo->content.encryptedData->encContentInfo.encContent;
- dest = &cinfo->content.encryptedData->encContentInfo.plainContent;
- algtag = SECOID_GetAlgorithmTag(algid);
- c_param.data = NULL;
- dest->data = (unsigned char*)PORT_ArenaZAlloc(poolp, (src->len + 64));
- dest->len = (src->len + 64);
- if(dest->data == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- slot = PK11_GetInternalKeySlot();
- if(slot == NULL) {
- rv = SECFailure;
- goto loser;
- }
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- result = PK11_ParamFromAlgid(algid);
- if (result == NULL) {
- rv = SECFailure;
- goto loser;
- }
- pbeMech.pParameter = result->data;
- pbeMech.ulParameterLen = result->len;
- eKey = PK11_RawPBEKeyGen(slot,pbeMech.mechanism,result,key,PR_FALSE,wincx);
- if(eKey == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- if(PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, key,
- PR_FALSE) != CKR_OK) {
- rv = SECFailure;
- goto loser;
- }
- c_param.data = (unsigned char *)cryptoMech.pParameter;
- c_param.len = cryptoMech.ulParameterLen;
-
- cx = PK11_CreateContextBySymKey(cryptoMech.mechanism, CKA_DECRYPT,
- eKey, &c_param);
- if(cx == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = PK11_CipherOp((PK11Context*)cx, dest->data, (int *)(&dest->len),
- (int)(src->len + 64), src->data, (int)src->len);
- PK11_DestroyContext((PK11Context *)cx, PR_TRUE);
-
- bs = PK11_GetBlockSize(cryptoMech.mechanism, &c_param);
- if(bs) {
- /* check for proper badding in block algorithms. this assumes
- * RC2 cbc or a DES cbc variant. and the padding is thus defined
- */
- if(((int)dest->data[dest->len-1] <= bs) &&
- ((int)dest->data[dest->len-1] > 0)) {
- dest->len -= (int)dest->data[dest->len-1];
- } else {
- rv = SECFailure;
- /* set an error ? */
- }
- }
-
-loser:
- /* let success fall through */
- if(result != NULL)
- SECITEM_ZfreeItem(result, PR_TRUE);
-
- if(rv == SECFailure)
- PORT_ArenaRelease(poolp, mark);
- else
- PORT_ArenaUnmark(poolp, mark);
-
- if(eKey != NULL)
- PK11_FreeSymKey(eKey);
-
- if(slot != NULL)
- PK11_FreeSlot(slot);
-
- if(c_param.data != NULL)
- SECITEM_ZfreeItem(&c_param, PR_FALSE);
-
- return rv;
-}
-
-SECItem **
-SEC_PKCS7GetCertificateList(SEC_PKCS7ContentInfo *cinfo)
-{
- switch(SEC_PKCS7ContentType(cinfo))
- {
- case SEC_OID_PKCS7_SIGNED_DATA:
- return cinfo->content.signedData->rawCerts;
- break;
- default:
- return NULL;
- break;
- }
-}
-
-
-int
-SEC_PKCS7GetKeyLength(SEC_PKCS7ContentInfo *cinfo)
-{
- if (cinfo->contentTypeTag->offset == SEC_OID_PKCS7_ENVELOPED_DATA)
- return cinfo->content.envelopedData->encContentInfo.keysize;
- else
- return 0;
-}
-
diff --git a/security/nss/lib/pkcs7/p7create.c b/security/nss/lib/pkcs7/p7create.c
deleted file mode 100644
index 47bdee60c..000000000
--- a/security/nss/lib/pkcs7/p7create.c
+++ /dev/null
@@ -1,1320 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 creation.
- *
- * $Id$
- */
-
-#include "p7local.h"
-
-#include "cert.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "secder.h"
-
-static SECStatus
-sec_pkcs7_init_content_info (SEC_PKCS7ContentInfo *cinfo, PRArenaPool *poolp,
- SECOidTag kind, PRBool detached)
-{
- void *thing;
- int version;
- SECItem *versionp;
- SECStatus rv;
-
- PORT_Assert (cinfo != NULL && poolp != NULL);
- if (cinfo == NULL || poolp == NULL)
- return SECFailure;
-
- cinfo->contentTypeTag = SECOID_FindOIDByTag (kind);
- PORT_Assert (cinfo->contentTypeTag
- && cinfo->contentTypeTag->offset == kind);
-
- rv = SECITEM_CopyItem (poolp, &(cinfo->contentType),
- &(cinfo->contentTypeTag->oid));
- if (rv != SECSuccess)
- return rv;
-
- if (detached)
- return SECSuccess;
-
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SECItem));
- cinfo->content.data = (SECItem*)thing;
- versionp = NULL;
- version = -1;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7DigestedData));
- cinfo->content.digestedData = (SEC_PKCS7DigestedData*)thing;
- versionp = &(cinfo->content.digestedData->version);
- version = SEC_PKCS7_DIGESTED_DATA_VERSION;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7EncryptedData));
- cinfo->content.encryptedData = (SEC_PKCS7EncryptedData*)thing;
- versionp = &(cinfo->content.encryptedData->version);
- version = SEC_PKCS7_ENCRYPTED_DATA_VERSION;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7EnvelopedData));
- cinfo->content.envelopedData =
- (SEC_PKCS7EnvelopedData*)thing;
- versionp = &(cinfo->content.envelopedData->version);
- version = SEC_PKCS7_ENVELOPED_DATA_VERSION;
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- thing = PORT_ArenaZAlloc (poolp, sizeof(SEC_PKCS7SignedData));
- cinfo->content.signedData =
- (SEC_PKCS7SignedData*)thing;
- versionp = &(cinfo->content.signedData->version);
- version = SEC_PKCS7_SIGNED_DATA_VERSION;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- thing = PORT_ArenaZAlloc(poolp,sizeof(SEC_PKCS7SignedAndEnvelopedData));
- cinfo->content.signedAndEnvelopedData =
- (SEC_PKCS7SignedAndEnvelopedData*)thing;
- versionp = &(cinfo->content.signedAndEnvelopedData->version);
- version = SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION;
- break;
- }
-
- if (thing == NULL)
- return SECFailure;
-
- if (versionp != NULL) {
- SECItem *dummy;
-
- PORT_Assert (version >= 0);
- dummy = SEC_ASN1EncodeInteger (poolp, versionp, version);
- if (dummy == NULL)
- return SECFailure;
- PORT_Assert (dummy == versionp);
- }
-
- return SECSuccess;
-}
-
-
-static SEC_PKCS7ContentInfo *
-sec_pkcs7_create_content_info (SECOidTag kind, PRBool detached,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- PRArenaPool *poolp;
- SECStatus rv;
-
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- return NULL;
-
- cinfo = (SEC_PKCS7ContentInfo*)PORT_ArenaZAlloc (poolp, sizeof(*cinfo));
- if (cinfo == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- cinfo->poolp = poolp;
- cinfo->pwfn = pwfn;
- cinfo->pwfn_arg = pwfn_arg;
- cinfo->created = PR_TRUE;
- cinfo->refCount = 1;
-
- rv = sec_pkcs7_init_content_info (cinfo, poolp, kind, detached);
- if (rv != SECSuccess) {
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- return cinfo;
-}
-
-
-/*
- * Add a signer to a PKCS7 thing, verifying the signature cert first.
- * Any error returns SECFailure.
- *
- * XXX Right now this only adds the *first* signer. It fails if you try
- * to add a second one -- this needs to be fixed.
- */
-static SECStatus
-sec_pkcs7_add_signer (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate * cert,
- SECCertUsage certusage,
- CERTCertDBHandle * certdb,
- SECOidTag digestalgtag,
- SECItem * digestdata)
-{
- SEC_PKCS7SignerInfo *signerinfo, **signerinfos, ***signerinfosp;
- SECAlgorithmID *digestalg, **digestalgs, ***digestalgsp;
- SECItem *digest, **digests, ***digestsp;
- SECItem * dummy;
- void * mark;
- SECStatus rv;
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- digestalgsp = &(sdp->digestAlgorithms);
- digestsp = &(sdp->digests);
- signerinfosp = &(sdp->signerInfos);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- digestalgsp = &(saedp->digestAlgorithms);
- digestsp = &(saedp->digests);
- signerinfosp = &(saedp->signerInfos);
- }
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- /*
- * XXX I think that CERT_VerifyCert should do this if *it* is passed
- * a NULL database.
- */
- if (certdb == NULL) {
- certdb = CERT_GetDefaultCertDB();
- if (certdb == NULL)
- return SECFailure; /* XXX set an error? */
- }
-
- if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage, PR_Now(),
- cinfo->pwfn_arg, NULL) != SECSuccess)
- {
- /* XXX Did CERT_VerifyCert set an error? */
- return SECFailure;
- }
-
- /*
- * XXX This is the check that we do not already have a signer.
- * This is not what we really want -- we want to allow this
- * and *add* the new signer.
- */
- PORT_Assert (*signerinfosp == NULL
- && *digestalgsp == NULL && *digestsp == NULL);
- if (*signerinfosp != NULL || *digestalgsp != NULL || *digestsp != NULL)
- return SECFailure;
-
- mark = PORT_ArenaMark (cinfo->poolp);
-
- signerinfo = (SEC_PKCS7SignerInfo*)PORT_ArenaZAlloc (cinfo->poolp,
- sizeof(SEC_PKCS7SignerInfo));
- if (signerinfo == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- dummy = SEC_ASN1EncodeInteger (cinfo->poolp, &signerinfo->version,
- SEC_PKCS7_SIGNER_INFO_VERSION);
- if (dummy == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- PORT_Assert (dummy == &signerinfo->version);
-
- signerinfo->cert = CERT_DupCertificate (cert);
- if (signerinfo->cert == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- signerinfo->issuerAndSN = CERT_GetCertIssuerAndSN (cinfo->poolp, cert);
- if (signerinfo->issuerAndSN == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- rv = SECOID_SetAlgorithmID (cinfo->poolp, &signerinfo->digestAlg,
- digestalgtag, NULL);
- if (rv != SECSuccess) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- /*
- * Okay, now signerinfo is all set. We just need to put it and its
- * companions (another copy of the digest algorithm, and the digest
- * itself if given) into the main structure.
- *
- * XXX If we are handling more than one signer, the following code
- * needs to look through the digest algorithms already specified
- * and see if the same one is there already. If it is, it does not
- * need to be added again. Also, if it is there *and* the digest
- * is not null, then the digest given should match the digest already
- * specified -- if not, that is an error. Finally, the new signerinfo
- * should be *added* to the set already found.
- */
-
- signerinfos = (SEC_PKCS7SignerInfo**)PORT_ArenaAlloc (cinfo->poolp,
- 2 * sizeof(SEC_PKCS7SignerInfo *));
- if (signerinfos == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- signerinfos[0] = signerinfo;
- signerinfos[1] = NULL;
-
- digestalg = PORT_ArenaZAlloc (cinfo->poolp, sizeof(SECAlgorithmID));
- digestalgs = PORT_ArenaAlloc (cinfo->poolp, 2 * sizeof(SECAlgorithmID *));
- if (digestalg == NULL || digestalgs == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- rv = SECOID_SetAlgorithmID (cinfo->poolp, digestalg, digestalgtag, NULL);
- if (rv != SECSuccess) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- digestalgs[0] = digestalg;
- digestalgs[1] = NULL;
-
- if (digestdata != NULL) {
- digest = (SECItem*)PORT_ArenaAlloc (cinfo->poolp, sizeof(SECItem));
- digests = (SECItem**)PORT_ArenaAlloc (cinfo->poolp,
- 2 * sizeof(SECItem *));
- if (digest == NULL || digests == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- rv = SECITEM_CopyItem (cinfo->poolp, digest, digestdata);
- if (rv != SECSuccess) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- digests[0] = digest;
- digests[1] = NULL;
- } else {
- digests = NULL;
- }
-
- *signerinfosp = signerinfos;
- *digestalgsp = digestalgs;
- *digestsp = digests;
-
- PORT_ArenaUnmark(cinfo->poolp, mark);
- return SECSuccess;
-}
-
-
-/*
- * Helper function for creating an empty signedData.
- */
-static SEC_PKCS7ContentInfo *
-sec_pkcs7_create_signed_data (SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7SignedData *sigd;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_content_info (SEC_OID_PKCS7_SIGNED_DATA, PR_FALSE,
- pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- sigd = cinfo->content.signedData;
- PORT_Assert (sigd != NULL);
-
- /*
- * XXX Might we want to allow content types other than data?
- * If so, via what interface?
- */
- rv = sec_pkcs7_init_content_info (&(sigd->contentInfo), cinfo->poolp,
- SEC_OID_PKCS7_DATA, PR_TRUE);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- return cinfo;
-}
-
-
-/*
- * Start a PKCS7 signing context.
- *
- * "cert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "certusage" describes the signing usage (e.g. certUsageEmailSigner)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "signing" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * The return value can be passed to functions which add things to
- * it like attributes, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateSignedData (CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb,
- SECOidTag digestalg,
- SECItem *digest,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_signed_data (pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- rv = sec_pkcs7_add_signer (cinfo, cert, certusage, certdb,
- digestalg, digest);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- return cinfo;
-}
-
-
-static SEC_PKCS7Attribute *
-sec_pkcs7_create_attribute (PRArenaPool *poolp, SECOidTag oidtag,
- SECItem *value, PRBool encoded)
-{
- SEC_PKCS7Attribute *attr;
- SECItem **values;
- void *mark;
-
- PORT_Assert (poolp != NULL);
- mark = PORT_ArenaMark (poolp);
-
- attr = (SEC_PKCS7Attribute*)PORT_ArenaAlloc (poolp,
- sizeof(SEC_PKCS7Attribute));
- if (attr == NULL)
- goto loser;
-
- attr->typeTag = SECOID_FindOIDByTag (oidtag);
- if (attr->typeTag == NULL)
- goto loser;
-
- if (SECITEM_CopyItem (poolp, &(attr->type),
- &(attr->typeTag->oid)) != SECSuccess)
- goto loser;
-
- values = (SECItem**)PORT_ArenaAlloc (poolp, 2 * sizeof(SECItem *));
- if (values == NULL)
- goto loser;
-
- if (value != NULL) {
- SECItem *copy;
-
- copy = (SECItem*)PORT_ArenaAlloc (poolp, sizeof(SECItem));
- if (copy == NULL)
- goto loser;
-
- if (SECITEM_CopyItem (poolp, copy, value) != SECSuccess)
- goto loser;
-
- value = copy;
- }
-
- values[0] = value;
- values[1] = NULL;
- attr->values = values;
- attr->encoded = encoded;
-
- PORT_ArenaUnmark (poolp, mark);
- return attr;
-
-loser:
- PORT_Assert (mark != NULL);
- PORT_ArenaRelease (poolp, mark);
- return NULL;
-}
-
-
-static SECStatus
-sec_pkcs7_add_attribute (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7Attribute ***attrsp,
- SEC_PKCS7Attribute *attr)
-{
- SEC_PKCS7Attribute **attrs;
- SECItem *ct_value;
- void *mark;
-
- PORT_Assert (SEC_PKCS7ContentType (cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
- if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- return SECFailure;
-
- attrs = *attrsp;
- if (attrs != NULL) {
- int count;
-
- /*
- * We already have some attributes, and just need to add this
- * new one.
- */
-
- /*
- * We should already have the *required* attributes, which were
- * created/added at the same time the first attribute was added.
- */
- PORT_Assert (sec_PKCS7FindAttribute (attrs,
- SEC_OID_PKCS9_CONTENT_TYPE,
- PR_FALSE) != NULL);
- PORT_Assert (sec_PKCS7FindAttribute (attrs,
- SEC_OID_PKCS9_MESSAGE_DIGEST,
- PR_FALSE) != NULL);
-
- for (count = 0; attrs[count] != NULL; count++)
- ;
- attrs = (SEC_PKCS7Attribute**)PORT_ArenaGrow (cinfo->poolp, attrs,
- (count + 1) * sizeof(SEC_PKCS7Attribute *),
- (count + 2) * sizeof(SEC_PKCS7Attribute *));
- if (attrs == NULL)
- return SECFailure;
-
- attrs[count] = attr;
- attrs[count+1] = NULL;
- *attrsp = attrs;
-
- return SECSuccess;
- }
-
- /*
- * This is the first time an attribute is going in.
- * We need to create and add the required attributes, and then
- * we will also add in the one our caller gave us.
- */
-
- /*
- * There are 2 required attributes, plus the one our caller wants
- * to add, plus we always end with a NULL one. Thus, four slots.
- */
- attrs = (SEC_PKCS7Attribute**)PORT_ArenaAlloc (cinfo->poolp,
- 4 * sizeof(SEC_PKCS7Attribute *));
- if (attrs == NULL)
- return SECFailure;
-
- mark = PORT_ArenaMark (cinfo->poolp);
-
- /*
- * First required attribute is the content type of the data
- * being signed.
- */
- ct_value = &(cinfo->content.signedData->contentInfo.contentType);
- attrs[0] = sec_pkcs7_create_attribute (cinfo->poolp,
- SEC_OID_PKCS9_CONTENT_TYPE,
- ct_value, PR_FALSE);
- /*
- * Second required attribute is the message digest of the data
- * being signed; we leave the value NULL for now (just create
- * the place for it to go), and the encoder will fill it in later.
- */
- attrs[1] = sec_pkcs7_create_attribute (cinfo->poolp,
- SEC_OID_PKCS9_MESSAGE_DIGEST,
- NULL, PR_FALSE);
- if (attrs[0] == NULL || attrs[1] == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- attrs[2] = attr;
- attrs[3] = NULL;
- *attrsp = attrs;
-
- PORT_ArenaUnmark (cinfo->poolp, mark);
- return SECSuccess;
-}
-
-
-/*
- * Add the signing time to the authenticated (i.e. signed) attributes
- * of "cinfo". This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will either do
- * nothing or replace an old signing time with a newer one.
- *
- * XXX This will probably just shove the current time into "cinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding. Is this (expected to be small) delay okay?
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-SECStatus
-SEC_PKCS7AddSigningTime (SEC_PKCS7ContentInfo *cinfo)
-{
- SEC_PKCS7SignerInfo **signerinfos;
- SEC_PKCS7Attribute *attr;
- SECItem stime;
- SECStatus rv;
- int si;
-
- PORT_Assert (SEC_PKCS7ContentType (cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
- if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- return SECFailure;
-
- signerinfos = cinfo->content.signedData->signerInfos;
-
- /* There has to be a signer, or it makes no sense. */
- if (signerinfos == NULL || signerinfos[0] == NULL)
- return SECFailure;
-
- rv = DER_TimeToUTCTime (&stime, PR_Now());
- if (rv != SECSuccess)
- return rv;
-
- attr = sec_pkcs7_create_attribute (cinfo->poolp,
- SEC_OID_PKCS9_SIGNING_TIME,
- &stime, PR_FALSE);
- SECITEM_FreeItem (&stime, PR_FALSE);
-
- if (attr == NULL)
- return SECFailure;
-
- rv = SECSuccess;
- for (si = 0; signerinfos[si] != NULL; si++) {
- SEC_PKCS7Attribute *oattr;
-
- oattr = sec_PKCS7FindAttribute (signerinfos[si]->authAttr,
- SEC_OID_PKCS9_SIGNING_TIME, PR_FALSE);
- PORT_Assert (oattr == NULL);
- if (oattr != NULL)
- continue; /* XXX or would it be better to replace it? */
-
- rv = sec_pkcs7_add_attribute (cinfo, &(signerinfos[si]->authAttr),
- attr);
- if (rv != SECSuccess)
- break; /* could try to continue, but may as well give up now */
- }
-
- return rv;
-}
-
-
-/*
- * Add the specified attribute to the authenticated (i.e. signed) attributes
- * of "cinfo" -- "oidtag" describes the attribute and "value" is the
- * value to be associated with it. NOTE! "value" must already be encoded;
- * no interpretation of "oidtag" is done. Also, it is assumed that this
- * signedData has only one signer -- if we ever need to add attributes
- * when there is more than one signature, we need a way to specify *which*
- * signature should get the attribute.
- *
- * XXX Technically, a signed attribute can have multiple values; if/when
- * we ever need to support an attribute which takes multiple values, we
- * either need to change this interface or create an AddSignedAttributeValue
- * which can be called subsequently, and would then append a value.
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-SECStatus
-SEC_PKCS7AddSignedAttribute (SEC_PKCS7ContentInfo *cinfo,
- SECOidTag oidtag,
- SECItem *value)
-{
- SEC_PKCS7SignerInfo **signerinfos;
- SEC_PKCS7Attribute *attr;
-
- PORT_Assert (SEC_PKCS7ContentType (cinfo) == SEC_OID_PKCS7_SIGNED_DATA);
- if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- return SECFailure;
-
- signerinfos = cinfo->content.signedData->signerInfos;
-
- /*
- * No signature or more than one means no deal.
- */
- if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL)
- return SECFailure;
-
- attr = sec_pkcs7_create_attribute (cinfo->poolp, oidtag, value, PR_TRUE);
- if (attr == NULL)
- return SECFailure;
-
- return sec_pkcs7_add_attribute (cinfo, &(signerinfos[0]->authAttr), attr);
-}
-
-
-/*
- * Mark that the signer certificates and their issuing chain should
- * be included in the encoded data. This is expected to be used
- * in outgoing signed messages for email (S/MIME).
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-SECStatus
-SEC_PKCS7IncludeCertChain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertDBHandle *certdb)
-{
- SECOidTag kind;
- SEC_PKCS7SignerInfo *signerinfo, **signerinfos;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- signerinfos = cinfo->content.signedData->signerInfos;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- signerinfos = cinfo->content.signedAndEnvelopedData->signerInfos;
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- if (signerinfos == NULL) /* no signer, no certs? */
- return SECFailure; /* XXX set an error? */
-
- if (certdb == NULL) {
- certdb = CERT_GetDefaultCertDB();
- if (certdb == NULL) {
- PORT_SetError (SEC_ERROR_BAD_DATABASE);
- return SECFailure;
- }
- }
-
- /* XXX Should it be an error if we find no signerinfo or no certs? */
- while ((signerinfo = *signerinfos++) != NULL) {
- if (signerinfo->cert != NULL)
- /* get the cert chain. don't send the root to avoid contamination
- * of old clients with a new root that they don't trust
- */
- signerinfo->certList = CERT_CertChainFromCert (signerinfo->cert,
- certUsageEmailSigner,
- PR_FALSE);
- }
-
- return SECSuccess;
-}
-
-
-/*
- * Helper function to add a certificate chain for inclusion in the
- * bag of certificates in a signedData.
- */
-static SECStatus
-sec_pkcs7_add_cert_chain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- CERTCertDBHandle *certdb)
-{
- SECOidTag kind;
- CERTCertificateList *certlist, **certlists, ***certlistsp;
- int count;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- certlistsp = &(sdp->certLists);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- certlistsp = &(saedp->certLists);
- }
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- if (certdb == NULL) {
- certdb = CERT_GetDefaultCertDB();
- if (certdb == NULL) {
- PORT_SetError (SEC_ERROR_BAD_DATABASE);
- return SECFailure;
- }
- }
-
- certlist = CERT_CertChainFromCert (cert, certUsageEmailSigner, PR_FALSE);
- if (certlist == NULL)
- return SECFailure;
-
- certlists = *certlistsp;
- if (certlists == NULL) {
- count = 0;
- certlists = (CERTCertificateList**)PORT_ArenaAlloc (cinfo->poolp,
- 2 * sizeof(CERTCertificateList *));
- } else {
- for (count = 0; certlists[count] != NULL; count++)
- ;
- PORT_Assert (count); /* should be at least one already */
- certlists = (CERTCertificateList**)PORT_ArenaGrow (cinfo->poolp,
- certlists,
- (count + 1) * sizeof(CERTCertificateList *),
- (count + 2) * sizeof(CERTCertificateList *));
- }
-
- if (certlists == NULL) {
- CERT_DestroyCertificateList (certlist);
- return SECFailure;
- }
-
- certlists[count] = certlist;
- certlists[count + 1] = NULL;
-
- *certlistsp = certlists;
-
- return SECSuccess;
-}
-
-
-/*
- * Helper function to add a certificate for inclusion in the bag of
- * certificates in a signedData.
- */
-static SECStatus
-sec_pkcs7_add_certificate (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert)
-{
- SECOidTag kind;
- CERTCertificate **certs, ***certsp;
- int count;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- certsp = &(sdp->certs);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- certsp = &(saedp->certs);
- }
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- cert = CERT_DupCertificate (cert);
- if (cert == NULL)
- return SECFailure;
-
- certs = *certsp;
- if (certs == NULL) {
- count = 0;
- certs = (CERTCertificate**)PORT_ArenaAlloc (cinfo->poolp,
- 2 * sizeof(CERTCertificate *));
- } else {
- for (count = 0; certs[count] != NULL; count++)
- ;
- PORT_Assert (count); /* should be at least one already */
- certs = (CERTCertificate**)PORT_ArenaGrow (cinfo->poolp, certs,
- (count + 1) * sizeof(CERTCertificate *),
- (count + 2) * sizeof(CERTCertificate *));
- }
-
- if (certs == NULL) {
- CERT_DestroyCertificate (cert);
- return SECFailure;
- }
-
- certs[count] = cert;
- certs[count + 1] = NULL;
-
- *certsp = certs;
-
- return SECSuccess;
-}
-
-
-/*
- * Create a PKCS7 certs-only container.
- *
- * "cert" is the (first) cert that will be included.
- *
- * "include_chain" specifies whether the entire chain for "cert" should
- * be included.
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL in when "include_chain" is false, or when meaning
- * use the default database.
- *
- * More certs and chains can be added via AddCertificate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateCertsOnly (CERTCertificate *cert,
- PRBool include_chain,
- CERTCertDBHandle *certdb)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_signed_data (NULL, NULL);
- if (cinfo == NULL)
- return NULL;
-
- if (include_chain)
- rv = sec_pkcs7_add_cert_chain (cinfo, cert, certdb);
- else
- rv = sec_pkcs7_add_certificate (cinfo, cert);
-
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- return cinfo;
-}
-
-
-/*
- * Add "cert" and its entire chain to the set of certs included in "cinfo".
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-SECStatus
-SEC_PKCS7AddCertChain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- CERTCertDBHandle *certdb)
-{
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- if (kind != SEC_OID_PKCS7_SIGNED_DATA
- && kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
- return SECFailure; /* XXX set an error? */
-
- return sec_pkcs7_add_cert_chain (cinfo, cert, certdb);
-}
-
-
-/*
- * Add "cert" to the set of certs included in "cinfo".
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-SECStatus
-SEC_PKCS7AddCertificate (SEC_PKCS7ContentInfo *cinfo, CERTCertificate *cert)
-{
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- if (kind != SEC_OID_PKCS7_SIGNED_DATA
- && kind != SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA)
- return SECFailure; /* XXX set an error? */
-
- return sec_pkcs7_add_certificate (cinfo, cert);
-}
-
-
-static SECStatus
-sec_pkcs7_init_encrypted_content_info (SEC_PKCS7EncryptedContentInfo *enccinfo,
- PRArenaPool *poolp,
- SECOidTag kind, PRBool detached,
- SECOidTag encalg, int keysize)
-{
- SECStatus rv;
-
- PORT_Assert (enccinfo != NULL && poolp != NULL);
- if (enccinfo == NULL || poolp == NULL)
- return SECFailure;
-
- /*
- * XXX Some day we may want to allow for other kinds. That needs
- * more work and modifications to the creation interface, etc.
- * For now, allow but notice callers who pass in other kinds.
- * They are responsible for creating the inner type and encoding,
- * if it is other than DATA.
- */
- PORT_Assert (kind == SEC_OID_PKCS7_DATA);
-
- enccinfo->contentTypeTag = SECOID_FindOIDByTag (kind);
- PORT_Assert (enccinfo->contentTypeTag
- && enccinfo->contentTypeTag->offset == kind);
-
- rv = SECITEM_CopyItem (poolp, &(enccinfo->contentType),
- &(enccinfo->contentTypeTag->oid));
- if (rv != SECSuccess)
- return rv;
-
- /* Save keysize and algorithm for later. */
- enccinfo->keysize = keysize;
- enccinfo->encalg = encalg;
-
- return SECSuccess;
-}
-
-
-/*
- * Add a recipient to a PKCS7 thing, verifying their cert first.
- * Any error returns SECFailure.
- */
-static SECStatus
-sec_pkcs7_add_recipient (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb)
-{
- SECOidTag kind;
- SEC_PKCS7RecipientInfo *recipientinfo, **recipientinfos, ***recipientinfosp;
- SECItem *dummy;
- void *mark;
- int count;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *edp;
-
- edp = cinfo->content.envelopedData;
- recipientinfosp = &(edp->recipientInfos);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- recipientinfosp = &(saedp->recipientInfos);
- }
- break;
- default:
- return SECFailure; /* XXX set an error? */
- }
-
- /*
- * XXX I think that CERT_VerifyCert should do this if *it* is passed
- * a NULL database.
- */
- if (certdb == NULL) {
- certdb = CERT_GetDefaultCertDB();
- if (certdb == NULL)
- return SECFailure; /* XXX set an error? */
- }
-
- if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage, PR_Now(),
- cinfo->pwfn_arg, NULL) != SECSuccess)
- {
- /* XXX Did CERT_VerifyCert set an error? */
- return SECFailure;
- }
-
- mark = PORT_ArenaMark (cinfo->poolp);
-
- recipientinfo = (SEC_PKCS7RecipientInfo*)PORT_ArenaZAlloc (cinfo->poolp,
- sizeof(SEC_PKCS7RecipientInfo));
- if (recipientinfo == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- dummy = SEC_ASN1EncodeInteger (cinfo->poolp, &recipientinfo->version,
- SEC_PKCS7_RECIPIENT_INFO_VERSION);
- if (dummy == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
- PORT_Assert (dummy == &recipientinfo->version);
-
- recipientinfo->cert = CERT_DupCertificate (cert);
- if (recipientinfo->cert == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- recipientinfo->issuerAndSN = CERT_GetCertIssuerAndSN (cinfo->poolp, cert);
- if (recipientinfo->issuerAndSN == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- /*
- * Okay, now recipientinfo is all set. We just need to put it into
- * the main structure.
- *
- * If this is the first recipient, allocate a new recipientinfos array;
- * otherwise, reallocate the array, making room for the new entry.
- */
- recipientinfos = *recipientinfosp;
- if (recipientinfos == NULL) {
- count = 0;
- recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaAlloc (
- cinfo->poolp,
- 2 * sizeof(SEC_PKCS7RecipientInfo *));
- } else {
- for (count = 0; recipientinfos[count] != NULL; count++)
- ;
- PORT_Assert (count); /* should be at least one already */
- recipientinfos = (SEC_PKCS7RecipientInfo **)PORT_ArenaGrow (
- cinfo->poolp, recipientinfos,
- (count + 1) * sizeof(SEC_PKCS7RecipientInfo *),
- (count + 2) * sizeof(SEC_PKCS7RecipientInfo *));
- }
-
- if (recipientinfos == NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- return SECFailure;
- }
-
- recipientinfos[count] = recipientinfo;
- recipientinfos[count + 1] = NULL;
-
- *recipientinfosp = recipientinfos;
-
- PORT_ArenaUnmark (cinfo->poolp, mark);
- return SECSuccess;
-}
-
-
-/*
- * Start a PKCS7 enveloping context.
- *
- * "cert" is the cert for the recipient. It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "encalg" specifies the bulk encryption algorithm to use (e.g. SEC_OID_RC2).
- *
- * "keysize" specifies the bulk encryption key size, in bits.
- *
- * The return value can be passed to functions which add things to
- * it like more recipients, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEnvelopedData (CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb,
- SECOidTag encalg,
- int keysize,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7EnvelopedData *envd;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_content_info (SEC_OID_PKCS7_ENVELOPED_DATA,
- PR_FALSE, pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- rv = sec_pkcs7_add_recipient (cinfo, cert, certusage, certdb);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- envd = cinfo->content.envelopedData;
- PORT_Assert (envd != NULL);
-
- /*
- * XXX Might we want to allow content types other than data?
- * If so, via what interface?
- */
- rv = sec_pkcs7_init_encrypted_content_info (&(envd->encContentInfo),
- cinfo->poolp,
- SEC_OID_PKCS7_DATA, PR_FALSE,
- encalg, keysize);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- /* XXX Anything more to do here? */
-
- return cinfo;
-}
-
-
-/*
- * Add another recipient to an encrypted message.
- *
- * "cinfo" should be of type envelopedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- *
- * "cert" is the cert for the recipient. It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- */
-SECStatus
-SEC_PKCS7AddRecipient (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb)
-{
- return sec_pkcs7_add_recipient (cinfo, cert, certusage, certdb);
-}
-
-
-/*
- * Create an empty PKCS7 data content info.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateData (void)
-{
- return sec_pkcs7_create_content_info (SEC_OID_PKCS7_DATA, PR_FALSE,
- NULL, NULL);
-}
-
-
-/*
- * Create an empty PKCS7 encrypted content info.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEncryptedData (SECOidTag algorithm, int keysize,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SECAlgorithmID *algid;
- SEC_PKCS7EncryptedData *enc_data;
- SECStatus rv;
-
- cinfo = sec_pkcs7_create_content_info (SEC_OID_PKCS7_ENCRYPTED_DATA,
- PR_FALSE, pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- enc_data = cinfo->content.encryptedData;
- algid = &(enc_data->encContentInfo.contentEncAlg);
-
- switch (algorithm) {
- case SEC_OID_RC2_CBC:
- case SEC_OID_DES_EDE3_CBC:
- case SEC_OID_DES_CBC:
- rv = SECOID_SetAlgorithmID (cinfo->poolp, algid, algorithm, NULL);
- break;
- default:
- {
- /*
- * Assume password-based-encryption. At least, try that.
- */
- SECAlgorithmID *pbe_algid;
- pbe_algid = PK11_CreatePBEAlgorithmID (algorithm, 1, NULL);
- if (pbe_algid == NULL) {
- rv = SECFailure;
- } else {
- rv = SECOID_CopyAlgorithmID (cinfo->poolp, algid, pbe_algid);
- SECOID_DestroyAlgorithmID (pbe_algid, PR_TRUE);
- }
- }
- break;
- }
-
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- rv = sec_pkcs7_init_encrypted_content_info (&(enc_data->encContentInfo),
- cinfo->poolp,
- SEC_OID_PKCS7_DATA, PR_FALSE,
- algorithm, keysize);
- if (rv != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- return cinfo;
-}
-
diff --git a/security/nss/lib/pkcs7/p7decode.c b/security/nss/lib/pkcs7/p7decode.c
deleted file mode 100644
index 0df147a3f..000000000
--- a/security/nss/lib/pkcs7/p7decode.c
+++ /dev/null
@@ -1,2085 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 decoding, verification.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-
-#include "p7local.h"
-
-#include "cert.h"
- /* XXX do not want to have to include */
-#include "certdb.h" /* certdb.h -- the trust stuff needed by */
- /* the add certificate code needs to get */
- /* rewritten/abstracted and then this */
- /* include should be removed! */
-/*#include "cdbhdl.h" */
-#include "cryptohi.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-#include "secder.h"
-/*#include "secpkcs5.h" */
-
-struct sec_pkcs7_decoder_worker {
- int depth;
- int digcnt;
- void **digcxs;
- const SECHashObject **digobjs;
- sec_PKCS7CipherObject *decryptobj;
- PRBool saw_contents;
-};
-
-struct SEC_PKCS7DecoderContextStr {
- SEC_ASN1DecoderContext *dcx;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7DecoderContentCallback cb;
- void *cb_arg;
- SECKEYGetPasswordKey pwfn;
- void *pwfn_arg;
- struct sec_pkcs7_decoder_worker worker;
- PRArenaPool *tmp_poolp;
- int error;
- SEC_PKCS7GetDecryptKeyCallback dkcb;
- void *dkcb_arg;
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb;
-};
-
-/*
- * Handle one worker, decrypting and digesting the data as necessary.
- *
- * XXX If/when we support nested contents, this probably needs to be
- * revised somewhat to get passed the content-info (which unfortunately
- * can be two different types depending on whether it is encrypted or not)
- * corresponding to the given worker.
- */
-static void
-sec_pkcs7_decoder_work_data (SEC_PKCS7DecoderContext *p7dcx,
- struct sec_pkcs7_decoder_worker *worker,
- const unsigned char *data, unsigned long len,
- PRBool final)
-{
- unsigned char *buf = NULL;
- SECStatus rv;
- int i;
-
- /*
- * We should really have data to process, or we should be trying
- * to finish/flush the last block. (This is an overly paranoid
- * check since all callers are in this file and simple inspection
- * proves they do it right. But it could find a bug in future
- * modifications/development, that is why it is here.)
- */
- PORT_Assert ((data != NULL && len) || final);
-
- /*
- * Decrypt this chunk.
- *
- * XXX If we get an error, we do not want to do the digest or callback,
- * but we want to keep decoding. Or maybe we want to stop decoding
- * altogether if there is a callback, because obviously we are not
- * sending the data back and they want to know that.
- */
- if (worker->decryptobj != NULL) {
- /* XXX the following lengths should all be longs? */
- unsigned int inlen; /* length of data being decrypted */
- unsigned int outlen; /* length of decrypted data */
- unsigned int buflen; /* length available for decrypted data */
- SECItem *plain;
-
- inlen = len;
- buflen = sec_PKCS7DecryptLength (worker->decryptobj, inlen, final);
- if (buflen == 0) {
- if (inlen == 0) /* no input and no output */
- return;
- /*
- * No output is expected, but the input data may be buffered
- * so we still have to call Decrypt.
- */
- rv = sec_PKCS7Decrypt (worker->decryptobj, NULL, NULL, 0,
- data, inlen, final);
- if (rv != SECSuccess) {
- p7dcx->error = PORT_GetError();
- return; /* XXX indicate error? */
- }
- return;
- }
-
- if (p7dcx->cb != NULL) {
- buf = (unsigned char *) PORT_Alloc (buflen);
- plain = NULL;
- } else {
- unsigned long oldlen;
-
- /*
- * XXX This assumes one level of content only.
- * See comment above about nested content types.
- * XXX Also, it should work for signedAndEnvelopedData, too!
- */
- plain = &(p7dcx->cinfo->
- content.envelopedData->encContentInfo.plainContent);
-
- oldlen = plain->len;
- if (oldlen == 0) {
- buf = (unsigned char*)PORT_ArenaAlloc (p7dcx->cinfo->poolp,
- buflen);
- } else {
- buf = (unsigned char*)PORT_ArenaGrow (p7dcx->cinfo->poolp,
- plain->data,
- oldlen, oldlen + buflen);
- if (buf != NULL)
- buf += oldlen;
- }
- plain->data = buf;
- }
- if (buf == NULL) {
- p7dcx->error = SEC_ERROR_NO_MEMORY;
- return; /* XXX indicate error? */
- }
- rv = sec_PKCS7Decrypt (worker->decryptobj, buf, &outlen, buflen,
- data, inlen, final);
- if (rv != SECSuccess) {
- p7dcx->error = PORT_GetError();
- return; /* XXX indicate error? */
- }
- if (plain != NULL) {
- PORT_Assert (final || outlen == buflen);
- plain->len += outlen;
- }
- data = buf;
- len = outlen;
- }
-
- /*
- * Update the running digests.
- */
- if (len) {
- for (i = 0; i < worker->digcnt; i++) {
- (* worker->digobjs[i]->update) (worker->digcxs[i], data, len);
- }
- }
-
- /*
- * Pass back the contents bytes, and free the temporary buffer.
- */
- if (p7dcx->cb != NULL) {
- if (len)
- (* p7dcx->cb) (p7dcx->cb_arg, (const char *)data, len);
- if (worker->decryptobj != NULL) {
- PORT_Assert (buf != NULL);
- PORT_Free (buf);
- }
- }
-}
-
-static void
-sec_pkcs7_decoder_filter (void *arg, const char *data, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- SEC_PKCS7DecoderContext *p7dcx;
- struct sec_pkcs7_decoder_worker *worker;
-
- /*
- * Since we do not handle any nested contents, the only bytes we
- * are really interested in are the actual contents bytes (not
- * the identifier, length, or end-of-contents bytes). If we were
- * handling nested types we would probably need to do something
- * smarter based on depth and data_kind.
- */
- if (data_kind != SEC_ASN1_Contents)
- return;
-
- /*
- * The ASN.1 decoder should not even call us with a length of 0.
- * Just being paranoid.
- */
- PORT_Assert (len);
- if (len == 0)
- return;
-
- p7dcx = (SEC_PKCS7DecoderContext*)arg;
-
- /*
- * Handling nested contents would mean that there is a chain
- * of workers -- one per each level of content. The following
- * would start with the first worker and loop over them.
- */
- worker = &(p7dcx->worker);
-
- worker->saw_contents = PR_TRUE;
-
- sec_pkcs7_decoder_work_data (p7dcx, worker,
- (const unsigned char *) data, len, PR_FALSE);
-}
-
-
-/*
- * Create digest contexts for each algorithm in "digestalgs".
- * No algorithms is not an error, we just do not do anything.
- * An error (like trouble allocating memory), marks the error
- * in "p7dcx" and returns SECFailure, which means that our caller
- * should just give up altogether.
- */
-static SECStatus
-sec_pkcs7_decoder_start_digests (SEC_PKCS7DecoderContext *p7dcx, int depth,
- SECAlgorithmID **digestalgs)
-{
- SECAlgorithmID *algid;
- SECOidData *oiddata;
- const SECHashObject *digobj;
- void *digcx;
- int i, digcnt;
-
- if (digestalgs == NULL)
- return SECSuccess;
-
- /*
- * Count the algorithms.
- */
- digcnt = 0;
- while (digestalgs[digcnt] != NULL)
- digcnt++;
-
- /*
- * No algorithms means no work to do.
- * This is not expected, so cause an assert.
- * But if it does happen, just act as if there were
- * no algorithms specified.
- */
- PORT_Assert (digcnt != 0);
- if (digcnt == 0)
- return SECSuccess;
-
- p7dcx->worker.digcxs = (void**)PORT_ArenaAlloc (p7dcx->tmp_poolp,
- digcnt * sizeof (void *));
- p7dcx->worker.digobjs = (const SECHashObject**)PORT_ArenaAlloc (p7dcx->tmp_poolp,
- digcnt * sizeof (SECHashObject *));
- if (p7dcx->worker.digcxs == NULL || p7dcx->worker.digobjs == NULL) {
- p7dcx->error = SEC_ERROR_NO_MEMORY;
- return SECFailure;
- }
-
- p7dcx->worker.depth = depth;
- p7dcx->worker.digcnt = 0;
-
- /*
- * Create a digest context for each algorithm.
- */
- for (i = 0; i < digcnt; i++) {
- algid = digestalgs[i];
- oiddata = SECOID_FindOID(&(algid->algorithm));
- if (oiddata == NULL) {
- digobj = NULL;
- } else {
- switch (oiddata->offset) {
- case SEC_OID_MD2:
- digobj = HASH_GetHashObject(HASH_AlgMD2);
- break;
- case SEC_OID_MD5:
- digobj = HASH_GetHashObject(HASH_AlgMD5);
- break;
- case SEC_OID_SHA1:
- digobj = HASH_GetHashObject(HASH_AlgSHA1);
- break;
- default:
- digobj = NULL;
- break;
- }
- }
-
- /*
- * Skip any algorithm we do not even recognize; obviously,
- * this could be a problem, but if it is critical then the
- * result will just be that the signature does not verify.
- * We do not necessarily want to error out here, because
- * the particular algorithm may not actually be important,
- * but we cannot know that until later.
- */
- if (digobj == NULL) {
- p7dcx->worker.digcnt--;
- continue;
- }
-
- digcx = (* digobj->create)();
- if (digcx != NULL) {
- (* digobj->begin) (digcx);
- p7dcx->worker.digobjs[p7dcx->worker.digcnt] = digobj;
- p7dcx->worker.digcxs[p7dcx->worker.digcnt] = digcx;
- p7dcx->worker.digcnt++;
- }
- }
-
- if (p7dcx->worker.digcnt != 0)
- SEC_ASN1DecoderSetFilterProc (p7dcx->dcx,
- sec_pkcs7_decoder_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
- return SECSuccess;
-}
-
-
-/*
- * Close out all of the digest contexts, storing the results in "digestsp".
- */
-static SECStatus
-sec_pkcs7_decoder_finish_digests (SEC_PKCS7DecoderContext *p7dcx,
- PRArenaPool *poolp,
- SECItem ***digestsp)
-{
- struct sec_pkcs7_decoder_worker *worker;
- const SECHashObject *digobj;
- void *digcx;
- SECItem **digests, *digest;
- int i;
- void *mark;
-
- /*
- * XXX Handling nested contents would mean that there is a chain
- * of workers -- one per each level of content. The following
- * would want to find the last worker in the chain.
- */
- worker = &(p7dcx->worker);
-
- /*
- * If no digests, then we have nothing to do.
- */
- if (worker->digcnt == 0)
- return SECSuccess;
-
- /*
- * No matter what happens after this, we want to stop filtering.
- * XXX If we handle nested contents, we only want to stop filtering
- * if we are finishing off the *last* worker.
- */
- SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
-
- /*
- * If we ended up with no contents, just destroy each
- * digest context -- they are meaningless and potentially
- * confusing, because their presence would imply some content
- * was digested.
- */
- if (! worker->saw_contents) {
- for (i = 0; i < worker->digcnt; i++) {
- digcx = worker->digcxs[i];
- digobj = worker->digobjs[i];
- (* digobj->destroy) (digcx, PR_TRUE);
- }
- return SECSuccess;
- }
-
- mark = PORT_ArenaMark (poolp);
-
- /*
- * Close out each digest context, saving digest away.
- */
- digests =
- (SECItem**)PORT_ArenaAlloc (poolp,(worker->digcnt+1)*sizeof(SECItem *));
- digest = (SECItem*)PORT_ArenaAlloc (poolp, worker->digcnt*sizeof(SECItem));
- if (digests == NULL || digest == NULL) {
- p7dcx->error = PORT_GetError();
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
- }
-
- for (i = 0; i < worker->digcnt; i++, digest++) {
- digcx = worker->digcxs[i];
- digobj = worker->digobjs[i];
-
- digest->data = (unsigned char*)PORT_ArenaAlloc (poolp, digobj->length);
- if (digest->data == NULL) {
- p7dcx->error = PORT_GetError();
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
- }
-
- digest->len = digobj->length;
- (* digobj->end) (digcx, digest->data, &(digest->len), digest->len);
- (* digobj->destroy) (digcx, PR_TRUE);
-
- digests[i] = digest;
- }
- digests[i] = NULL;
- *digestsp = digests;
-
- PORT_ArenaUnmark (poolp, mark);
- return SECSuccess;
-}
-
-/*
- * XXX Need comment explaining following helper function (which is used
- * by sec_pkcs7_decoder_start_decrypt).
- */
-extern const SEC_ASN1Template SEC_SMIMEKEAParamTemplateAllParams[];
-
-static PK11SymKey *
-sec_pkcs7_decoder_get_recipient_key (SEC_PKCS7DecoderContext *p7dcx,
- SEC_PKCS7RecipientInfo **recipientinfos,
- SEC_PKCS7EncryptedContentInfo *enccinfo)
-{
- SEC_PKCS7RecipientInfo *ri;
- CERTCertificate *cert = NULL;
- SECKEYPrivateKey *privkey = NULL;
- PK11SymKey *bulkkey;
- SECOidTag keyalgtag, bulkalgtag, encalgtag;
- PK11SlotInfo *slot;
- int bulkLength = 0;
-
- if (recipientinfos == NULL || recipientinfos[0] == NULL) {
- p7dcx->error = SEC_ERROR_NOT_A_RECIPIENT;
- goto no_key_found;
- }
-
- cert = PK11_FindCertAndKeyByRecipientList(&slot,recipientinfos,&ri,
- &privkey, p7dcx->pwfn_arg);
- if (cert == NULL) {
- p7dcx->error = SEC_ERROR_NOT_A_RECIPIENT;
- goto no_key_found;
- }
-
- ri->cert = cert; /* so we can find it later */
- PORT_Assert(privkey != NULL);
-
- keyalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
- encalgtag = SECOID_GetAlgorithmTag (&(ri->keyEncAlg));
- if ((encalgtag != SEC_OID_NETSCAPE_SMIME_KEA) && (keyalgtag != encalgtag)) {
- p7dcx->error = SEC_ERROR_PKCS7_KEYALG_MISMATCH;
- goto no_key_found;
- }
- bulkalgtag = SECOID_GetAlgorithmTag (&(enccinfo->contentEncAlg));
-
- switch (encalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- bulkkey = PK11_PubUnwrapSymKey (privkey, &ri->encKey,
- PK11_AlgtagToMechanism (bulkalgtag),
- CKA_DECRYPT, 0);
- if (bulkkey == NULL) {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_key_found;
- }
- break;
- /* ### mwelch -- KEA */
- case SEC_OID_NETSCAPE_SMIME_KEA:
- {
- SECStatus err;
- CK_MECHANISM_TYPE bulkType;
- PK11SymKey *tek;
- SECKEYPublicKey *senderPubKey;
- SEC_PKCS7SMIMEKEAParameters keaParams;
-
- (void) memset(&keaParams, 0, sizeof(keaParams));
-
- /* Decode the KEA algorithm parameters. */
- err = SEC_ASN1DecodeItem(NULL,
- &keaParams,
- SEC_SMIMEKEAParamTemplateAllParams,
- &(ri->keyEncAlg.parameters));
- if (err != SECSuccess)
- {
- p7dcx->error = err;
- PORT_SetError(0);
- goto no_key_found;
- }
-
-
- /* We just got key data, no key structure. So, we
- create one. */
- senderPubKey =
- PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
- keaParams.originatorKEAKey.len);
- if (senderPubKey == NULL)
- {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_key_found;
- }
-
- /* Generate the TEK (token exchange key) which we use
- to unwrap the bulk encryption key. */
- tek = PK11_PubDerive(privkey, senderPubKey,
- PR_FALSE,
- &keaParams.originatorRA,
- NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, p7dcx->pwfn_arg);
- SECKEY_DestroyPublicKey(senderPubKey);
-
- if (tek == NULL)
- {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_key_found;
- }
-
- /* Now that we have the TEK, unwrap the bulk key
- with which to decrypt the message. We have to
- do one of two different things depending on
- whether Skipjack was used for bulk encryption
- of the message. */
- bulkType = PK11_AlgtagToMechanism (bulkalgtag);
- switch(bulkType)
- {
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- /* Skipjack is being used as the bulk encryption algorithm.*/
- /* Unwrap the bulk key. */
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP,
- NULL, &ri->encKey,
- CKM_SKIPJACK_CBC64,
- CKA_DECRYPT, 0);
- break;
- default:
- /* Skipjack was not used for bulk encryption of this
- message. Use Skipjack CBC64, with the nonSkipjackIV
- part of the KEA key parameters, to decrypt
- the bulk key. If we got a parameter indicating that the
- bulk key size is different than the encrypted key size,
- pass in the real key size. */
-
- /* Check for specified bulk key length (unspecified implies
- that the bulk key length is the same as encrypted length) */
- if (keaParams.bulkKeySize.len > 0)
- {
- p7dcx->error = SEC_ASN1DecodeItem(NULL, &bulkLength,
- SEC_ASN1_GET(SEC_IntegerTemplate),
- &keaParams.bulkKeySize);
- }
-
- if (p7dcx->error != SECSuccess)
- goto no_key_found;
-
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64,
- &keaParams.nonSkipjackIV,
- &ri->encKey,
- bulkType,
- CKA_DECRYPT, bulkLength);
- }
-
-
- if (bulkkey == NULL)
- {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_key_found;
- }
- break;
- }
- default:
- p7dcx->error = SEC_ERROR_UNSUPPORTED_KEYALG;
- goto no_key_found;
- }
-
- return bulkkey;
-
-no_key_found:
- if (privkey != NULL)
- SECKEY_DestroyPrivateKey (privkey);
-
- return NULL;
-}
-
-/*
- * XXX The following comment is old -- the function used to only handle
- * EnvelopedData or SignedAndEnvelopedData but now handles EncryptedData
- * as well (and it had all of the code of the helper function above
- * built into it), though the comment was left as is. Fix it...
- *
- * We are just about to decode the content of an EnvelopedData.
- * Set up a decryption context so we can decrypt as we go.
- * Presumably we are one of the recipients listed in "recipientinfos".
- * (XXX And if we are not, or if we have trouble, what should we do?
- * It would be nice to let the decoding still work. Maybe it should
- * be an error if there is a content callback, but not an error otherwise?)
- * The encryption key and related information can be found in "enccinfo".
- */
-static SECStatus
-sec_pkcs7_decoder_start_decrypt (SEC_PKCS7DecoderContext *p7dcx, int depth,
- SEC_PKCS7RecipientInfo **recipientinfos,
- SEC_PKCS7EncryptedContentInfo *enccinfo,
- PK11SymKey **copy_key_for_signature)
-{
- PK11SymKey *bulkkey = NULL;
- sec_PKCS7CipherObject *decryptobj;
-
- /*
- * If a callback is supplied to retrieve the encryption key,
- * for instance, for Encrypted Content infos, then retrieve
- * the bulkkey from the callback. Otherwise, assume that
- * we are processing Enveloped or SignedAndEnveloped data
- * content infos.
- *
- * XXX Put an assert here?
- */
- if (SEC_PKCS7ContentType(p7dcx->cinfo) == SEC_OID_PKCS7_ENCRYPTED_DATA) {
- if (p7dcx->dkcb != NULL) {
- bulkkey = (*p7dcx->dkcb)(p7dcx->dkcb_arg,
- &(enccinfo->contentEncAlg));
- }
- enccinfo->keysize = 0;
- } else {
- bulkkey = sec_pkcs7_decoder_get_recipient_key (p7dcx, recipientinfos,
- enccinfo);
- if (bulkkey == NULL) goto no_decryption;
- enccinfo->keysize = PK11_GetKeyStrength(bulkkey,
- &(enccinfo->contentEncAlg));
-
- }
-
- /*
- * XXX I think following should set error in p7dcx and clear set error
- * (as used to be done here, or as is done in get_receipient_key above.
- */
- if(bulkkey == NULL) {
- goto no_decryption;
- }
-
- /*
- * We want to make sure decryption is allowed. This is done via
- * a callback specified in SEC_PKCS7DecoderStart().
- */
- if (p7dcx->decrypt_allowed_cb) {
- if ((*p7dcx->decrypt_allowed_cb) (&(enccinfo->contentEncAlg),
- bulkkey) == PR_FALSE) {
- p7dcx->error = SEC_ERROR_DECRYPTION_DISALLOWED;
- goto no_decryption;
- }
- } else {
- p7dcx->error = SEC_ERROR_DECRYPTION_DISALLOWED;
- goto no_decryption;
- }
-
- /*
- * When decrypting a signedAndEnvelopedData, the signature also has
- * to be decrypted with the bulk encryption key; to avoid having to
- * get it all over again later (and do another potentially expensive
- * RSA operation), copy it for later signature verification to use.
- */
- if (copy_key_for_signature != NULL)
- *copy_key_for_signature = PK11_ReferenceSymKey (bulkkey);
-
- /*
- * Now we have the bulk encryption key (in bulkkey) and the
- * the algorithm (in enccinfo->contentEncAlg). Using those,
- * create a decryption context.
- */
- decryptobj = sec_PKCS7CreateDecryptObject (bulkkey,
- &(enccinfo->contentEncAlg));
-
- /*
- * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
- * structure. Therefore, we need to set the bulkkey to the actual key
- * prior to freeing it.
- */
- if ( SEC_PKCS5IsAlgorithmPBEAlg(&(enccinfo->contentEncAlg)) && bulkkey ) {
- SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
- bulkkey = keyPwd->key;
- }
-
- /*
- * We are done with (this) bulkkey now.
- */
- PK11_FreeSymKey (bulkkey);
-
- if (decryptobj == NULL) {
- p7dcx->error = PORT_GetError();
- PORT_SetError(0);
- goto no_decryption;
- }
-
- SEC_ASN1DecoderSetFilterProc (p7dcx->dcx,
- sec_pkcs7_decoder_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
-
- p7dcx->worker.depth = depth;
- p7dcx->worker.decryptobj = decryptobj;
-
- return SECSuccess;
-
-no_decryption:
- /*
- * For some reason (error set already, if appropriate), we cannot
- * decrypt the content. I am not sure what exactly is the right
- * thing to do here; in some cases we want to just stop, and in
- * others we want to let the decoding finish even though we cannot
- * decrypt the content. My current thinking is that if the caller
- * set up a content callback, then they are really interested in
- * getting (decrypted) content, and if they cannot they will want
- * to know about it. However, if no callback was specified, then
- * maybe it is not important that the decryption failed.
- */
- if (p7dcx->cb != NULL)
- return SECFailure;
- else
- return SECSuccess; /* Let the decoding continue. */
-}
-
-
-static SECStatus
-sec_pkcs7_decoder_finish_decrypt (SEC_PKCS7DecoderContext *p7dcx,
- PRArenaPool *poolp,
- SEC_PKCS7EncryptedContentInfo *enccinfo)
-{
- struct sec_pkcs7_decoder_worker *worker;
-
- /*
- * XXX Handling nested contents would mean that there is a chain
- * of workers -- one per each level of content. The following
- * would want to find the last worker in the chain.
- */
- worker = &(p7dcx->worker);
-
- /*
- * If no decryption context, then we have nothing to do.
- */
- if (worker->decryptobj == NULL)
- return SECSuccess;
-
- /*
- * No matter what happens after this, we want to stop filtering.
- * XXX If we handle nested contents, we only want to stop filtering
- * if we are finishing off the *last* worker.
- */
- SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
-
- /*
- * Handle the last block.
- */
- sec_pkcs7_decoder_work_data (p7dcx, worker, NULL, 0, PR_TRUE);
-
- /*
- * All done, destroy it.
- */
- sec_PKCS7DestroyDecryptObject (worker->decryptobj);
-
- return SECSuccess;
-}
-
-
-static void
-sec_pkcs7_decoder_notify (void *arg, PRBool before, void *dest, int depth)
-{
- SEC_PKCS7DecoderContext *p7dcx;
- SEC_PKCS7ContentInfo *cinfo;
- SEC_PKCS7SignedData *sigd;
- SEC_PKCS7EnvelopedData *envd;
- SEC_PKCS7SignedAndEnvelopedData *saed;
- SEC_PKCS7EncryptedData *encd;
- SEC_PKCS7DigestedData *digd;
- PRBool after;
- SECStatus rv;
-
- /*
- * Just to make the code easier to read, create an "after" variable
- * that is equivalent to "not before".
- * (This used to be just the statement "after = !before", but that
- * causes a warning on the mac; to avoid that, we do it the long way.)
- */
- if (before)
- after = PR_FALSE;
- else
- after = PR_TRUE;
-
- p7dcx = (SEC_PKCS7DecoderContext*)arg;
- cinfo = p7dcx->cinfo;
-
- if (cinfo->contentTypeTag == NULL) {
- if (after && dest == &(cinfo->contentType))
- cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
- return;
- }
-
- switch (cinfo->contentTypeTag->offset) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- sigd = cinfo->content.signedData;
- if (sigd == NULL)
- break;
-
- if (sigd->contentInfo.contentTypeTag == NULL) {
- if (after && dest == &(sigd->contentInfo.contentType))
- sigd->contentInfo.contentTypeTag =
- SECOID_FindOID(&(sigd->contentInfo.contentType));
- break;
- }
-
- /*
- * We only set up a filtering digest if the content is
- * plain DATA; anything else needs more work because a
- * second pass is required to produce a DER encoding from
- * an input that can be BER encoded. (This is a requirement
- * of PKCS7 that is unfortunate, but there you have it.)
- *
- * XXX Also, since we stop here if this is not DATA, the
- * inner content is not getting processed at all. Someday
- * we may want to fix that.
- */
- if (sigd->contentInfo.contentTypeTag->offset != SEC_OID_PKCS7_DATA) {
- /* XXX Set an error in p7dcx->error */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- break;
- }
-
- /*
- * Just before the content, we want to set up a digest context
- * for each digest algorithm listed, and start a filter which
- * will run all of the contents bytes through that digest.
- */
- if (before && dest == &(sigd->contentInfo.content)) {
- rv = sec_pkcs7_decoder_start_digests (p7dcx, depth,
- sigd->digestAlgorithms);
- if (rv != SECSuccess)
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
- break;
- }
-
- /*
- * XXX To handle nested types, here is where we would want
- * to check for inner boundaries that need handling.
- */
-
- /*
- * Are we done?
- */
- if (after && dest == &(sigd->contentInfo.content)) {
- /*
- * Close out the digest contexts. We ignore any error
- * because we are stopping anyway; the error status left
- * behind in p7dcx will be seen by outer functions.
- */
- (void) sec_pkcs7_decoder_finish_digests (p7dcx, cinfo->poolp,
- &(sigd->digests));
-
- /*
- * XXX To handle nested contents, we would need to remove
- * the worker from the chain (and free it).
- */
-
- /*
- * Stop notify.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- envd = cinfo->content.envelopedData;
- if (envd == NULL)
- break;
-
- if (envd->encContentInfo.contentTypeTag == NULL) {
- if (after && dest == &(envd->encContentInfo.contentType))
- envd->encContentInfo.contentTypeTag =
- SECOID_FindOID(&(envd->encContentInfo.contentType));
- break;
- }
-
- /*
- * Just before the content, we want to set up a decryption
- * context, and start a filter which will run all of the
- * contents bytes through it to determine the plain content.
- */
- if (before && dest == &(envd->encContentInfo.encContent)) {
- rv = sec_pkcs7_decoder_start_decrypt (p7dcx, depth,
- envd->recipientInfos,
- &(envd->encContentInfo),
- NULL);
- if (rv != SECSuccess)
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
- break;
- }
-
- /*
- * Are we done?
- */
- if (after && dest == &(envd->encContentInfo.encContent)) {
- /*
- * Close out the decryption context. We ignore any error
- * because we are stopping anyway; the error status left
- * behind in p7dcx will be seen by outer functions.
- */
- (void) sec_pkcs7_decoder_finish_decrypt (p7dcx, cinfo->poolp,
- &(envd->encContentInfo));
-
- /*
- * XXX To handle nested contents, we would need to remove
- * the worker from the chain (and free it).
- */
-
- /*
- * Stop notify.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- saed = cinfo->content.signedAndEnvelopedData;
- if (saed == NULL)
- break;
-
- if (saed->encContentInfo.contentTypeTag == NULL) {
- if (after && dest == &(saed->encContentInfo.contentType))
- saed->encContentInfo.contentTypeTag =
- SECOID_FindOID(&(saed->encContentInfo.contentType));
- break;
- }
-
- /*
- * Just before the content, we want to set up a decryption
- * context *and* digest contexts, and start a filter which
- * will run all of the contents bytes through both.
- */
- if (before && dest == &(saed->encContentInfo.encContent)) {
- rv = sec_pkcs7_decoder_start_decrypt (p7dcx, depth,
- saed->recipientInfos,
- &(saed->encContentInfo),
- &(saed->sigKey));
- if (rv == SECSuccess)
- rv = sec_pkcs7_decoder_start_digests (p7dcx, depth,
- saed->digestAlgorithms);
- if (rv != SECSuccess)
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
- break;
- }
-
- /*
- * Are we done?
- */
- if (after && dest == &(saed->encContentInfo.encContent)) {
- /*
- * Close out the decryption and digests contexts.
- * We ignore any errors because we are stopping anyway;
- * the error status left behind in p7dcx will be seen by
- * outer functions.
- *
- * Note that the decrypt stuff must be called first;
- * it may have a last buffer to do which in turn has
- * to be added to the digest.
- */
- (void) sec_pkcs7_decoder_finish_decrypt (p7dcx, cinfo->poolp,
- &(saed->encContentInfo));
- (void) sec_pkcs7_decoder_finish_digests (p7dcx, cinfo->poolp,
- &(saed->digests));
-
- /*
- * XXX To handle nested contents, we would need to remove
- * the worker from the chain (and free it).
- */
-
- /*
- * Stop notify.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_DIGESTED_DATA:
- digd = cinfo->content.digestedData;
-
- /*
- * XXX Want to do the digest or not? Maybe future enhancement...
- */
- if (before && dest == &(digd->contentInfo.content.data)) {
- SEC_ASN1DecoderSetFilterProc (p7dcx->dcx, sec_pkcs7_decoder_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
- break;
- }
-
- /*
- * Are we done?
- */
- if (after && dest == &(digd->contentInfo.content.data)) {
- SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- encd = cinfo->content.encryptedData;
-
- /*
- * XXX If the decryption key callback is set, we want to start
- * the decryption. If the callback is not set, we will treat the
- * content as plain data, since we do not have the key.
- *
- * Is this the proper thing to do?
- */
- if (before && dest == &(encd->encContentInfo.encContent)) {
- /*
- * Start the encryption process if the decryption key callback
- * is present. Otherwise, treat the content like plain data.
- */
- rv = SECSuccess;
- if (p7dcx->dkcb != NULL) {
- rv = sec_pkcs7_decoder_start_decrypt (p7dcx, depth, NULL,
- &(encd->encContentInfo),
- NULL);
- }
-
- if (rv != SECSuccess)
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
-
- break;
- }
-
- /*
- * Are we done?
- */
- if (after && dest == &(encd->encContentInfo.encContent)) {
- /*
- * Close out the decryption context. We ignore any error
- * because we are stopping anyway; the error status left
- * behind in p7dcx will be seen by outer functions.
- */
- (void) sec_pkcs7_decoder_finish_decrypt (p7dcx, cinfo->poolp,
- &(encd->encContentInfo));
-
- /*
- * Stop notify.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_DATA:
- /*
- * If a output callback has been specified, we want to set the filter
- * to call the callback. This is taken care of in
- * sec_pkcs7_decoder_start_decrypt() or
- * sec_pkcs7_decoder_start_digests() for the other content types.
- */
-
- if (before && dest == &(cinfo->content.data)) {
-
- /*
- * Set the filter proc up.
- */
- SEC_ASN1DecoderSetFilterProc (p7dcx->dcx,
- sec_pkcs7_decoder_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
- break;
- }
-
- if (after && dest == &(cinfo->content.data)) {
- /*
- * Time to clean up after ourself, stop the Notify and Filter
- * procedures.
- */
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- SEC_ASN1DecoderClearFilterProc (p7dcx->dcx);
- }
- break;
-
- default:
- SEC_ASN1DecoderClearNotifyProc (p7dcx->dcx);
- break;
- }
-}
-
-
-SEC_PKCS7DecoderContext *
-SEC_PKCS7DecoderStart(SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg,
- SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
- void *decrypt_key_cb_arg,
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb)
-{
- SEC_PKCS7DecoderContext *p7dcx;
- SEC_ASN1DecoderContext *dcx;
- SEC_PKCS7ContentInfo *cinfo;
- PRArenaPool *poolp;
-
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- return NULL;
-
- cinfo = (SEC_PKCS7ContentInfo*)PORT_ArenaZAlloc (poolp, sizeof(*cinfo));
- if (cinfo == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- cinfo->poolp = poolp;
- cinfo->pwfn = pwfn;
- cinfo->pwfn_arg = pwfn_arg;
- cinfo->created = PR_FALSE;
- cinfo->refCount = 1;
-
- p7dcx =
- (SEC_PKCS7DecoderContext*)PORT_ZAlloc (sizeof(SEC_PKCS7DecoderContext));
- if (p7dcx == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- p7dcx->tmp_poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (p7dcx->tmp_poolp == NULL) {
- PORT_Free (p7dcx);
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- dcx = SEC_ASN1DecoderStart (poolp, cinfo, sec_PKCS7ContentInfoTemplate);
- if (dcx == NULL) {
- PORT_FreeArena (p7dcx->tmp_poolp, PR_FALSE);
- PORT_Free (p7dcx);
- PORT_FreeArena (poolp, PR_FALSE);
- return NULL;
- }
-
- SEC_ASN1DecoderSetNotifyProc (dcx, sec_pkcs7_decoder_notify, p7dcx);
-
- p7dcx->dcx = dcx;
- p7dcx->cinfo = cinfo;
- p7dcx->cb = cb;
- p7dcx->cb_arg = cb_arg;
- p7dcx->pwfn = pwfn;
- p7dcx->pwfn_arg = pwfn_arg;
- p7dcx->dkcb = decrypt_key_cb;
- p7dcx->dkcb_arg = decrypt_key_cb_arg;
- p7dcx->decrypt_allowed_cb = decrypt_allowed_cb;
-
- return p7dcx;
-}
-
-
-/*
- * Do the next chunk of PKCS7 decoding. If there is a problem, set
- * an error and return a failure status. Note that in the case of
- * an error, this routine is still prepared to be called again and
- * again in case that is the easiest route for our caller to take.
- * We simply detect it and do not do anything except keep setting
- * that error in case our caller has not noticed it yet...
- */
-SECStatus
-SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
- const char *buf, unsigned long len)
-{
- if (p7dcx->cinfo != NULL && p7dcx->dcx != NULL) {
- PORT_Assert (p7dcx->error == 0);
- if (p7dcx->error == 0) {
- if (SEC_ASN1DecoderUpdate (p7dcx->dcx, buf, len) != SECSuccess) {
- p7dcx->error = PORT_GetError();
- PORT_Assert (p7dcx->error);
- if (p7dcx->error == 0)
- p7dcx->error = -1;
- }
- }
- }
-
- if (p7dcx->error) {
- if (p7dcx->dcx != NULL) {
- (void) SEC_ASN1DecoderFinish (p7dcx->dcx);
- p7dcx->dcx = NULL;
- }
- if (p7dcx->cinfo != NULL) {
- SEC_PKCS7DestroyContentInfo (p7dcx->cinfo);
- p7dcx->cinfo = NULL;
- }
- PORT_SetError (p7dcx->error);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-SEC_PKCS7ContentInfo *
-SEC_PKCS7DecoderFinish(SEC_PKCS7DecoderContext *p7dcx)
-{
- SEC_PKCS7ContentInfo *cinfo;
-
- cinfo = p7dcx->cinfo;
- if (p7dcx->dcx != NULL) {
- if (SEC_ASN1DecoderFinish (p7dcx->dcx) != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- cinfo = NULL;
- }
- }
- PORT_FreeArena (p7dcx->tmp_poolp, PR_FALSE);
- PORT_Free (p7dcx);
- return cinfo;
-}
-
-
-SEC_PKCS7ContentInfo *
-SEC_PKCS7DecodeItem(SECItem *p7item,
- SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg,
- SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
- void *decrypt_key_cb_arg,
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb)
-{
- SEC_PKCS7DecoderContext *p7dcx;
-
- p7dcx = SEC_PKCS7DecoderStart(cb, cb_arg, pwfn, pwfn_arg, decrypt_key_cb,
- decrypt_key_cb_arg, decrypt_allowed_cb);
- (void) SEC_PKCS7DecoderUpdate(p7dcx, (char *) p7item->data, p7item->len);
- return SEC_PKCS7DecoderFinish(p7dcx);
-}
-
-
-/*
- * If the thing contains any certs or crls return true; false otherwise.
- */
-PRBool
-SEC_PKCS7ContainsCertsOrCrls(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
- SECItem **certs;
- CERTSignedCrl **crls;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return PR_FALSE;
- case SEC_OID_PKCS7_SIGNED_DATA:
- certs = cinfo->content.signedData->rawCerts;
- crls = cinfo->content.signedData->crls;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- certs = cinfo->content.signedAndEnvelopedData->rawCerts;
- crls = cinfo->content.signedAndEnvelopedData->crls;
- break;
- }
-
- /*
- * I know this could be collapsed, but I was in a mood to be explicit.
- */
- if (certs != NULL && certs[0] != NULL)
- return PR_TRUE;
- else if (crls != NULL && crls[0] != NULL)
- return PR_TRUE;
- else
- return PR_FALSE;
-}
-
-/* return the content length...could use GetContent, however we
- * need the encrypted content length
- */
-PRBool
-SEC_PKCS7IsContentEmpty(SEC_PKCS7ContentInfo *cinfo, unsigned int minLen)
-{
- SECItem *item = NULL;
-
- if(cinfo == NULL) {
- return PR_TRUE;
- }
-
- switch(SEC_PKCS7ContentType(cinfo))
- {
- case SEC_OID_PKCS7_DATA:
- item = cinfo->content.data;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- item = &cinfo->content.encryptedData->encContentInfo.encContent;
- break;
- default:
- /* add other types */
- return PR_FALSE;
- }
-
- if(!item) {
- return PR_TRUE;
- } else if(item->len <= minLen) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
-
-
-PRBool
-SEC_PKCS7ContentIsEncrypted(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_SIGNED_DATA:
- return PR_FALSE;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- return PR_TRUE;
- }
-}
-
-
-/*
- * If the PKCS7 content has a signature (not just *could* have a signature)
- * return true; false otherwise. This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-PRBool
-SEC_PKCS7ContentIsSigned(SEC_PKCS7ContentInfo *cinfo)
-{
- SECOidTag kind;
- SEC_PKCS7SignerInfo **signerinfos;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return PR_FALSE;
- case SEC_OID_PKCS7_SIGNED_DATA:
- signerinfos = cinfo->content.signedData->signerInfos;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- signerinfos = cinfo->content.signedAndEnvelopedData->signerInfos;
- break;
- }
-
- /*
- * I know this could be collapsed; but I kind of think it will get
- * more complicated before I am finished, so...
- */
- if (signerinfos != NULL && signerinfos[0] != NULL)
- return PR_TRUE;
- else
- return PR_FALSE;
-}
-
-
-/*
- * SEC_PKCS7ContentVerifySignature
- * Look at a PKCS7 contentInfo and check if the signature is good.
- * The digest was either calculated earlier (and is stored in the
- * contentInfo itself) or is passed in via "detached_digest".
- *
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- *
- * XXX Each place which returns PR_FALSE should be sure to have a good
- * error set for inspection by the caller. Alternatively, we could create
- * an enumeration of success and each type of failure and return that
- * instead of a boolean. For now, the default in a bad situation is to
- * set the error to SEC_ERROR_PKCS7_BAD_SIGNATURE. But this should be
- * reviewed; better (more specific) errors should be possible (to distinguish
- * a signature failure from a badly-formed pkcs7 signedData, for example).
- * Some of the errors should probably just be SEC_ERROR_BAD_SIGNATURE,
- * but that has a less helpful error string associated with it right now;
- * if/when that changes, review and change these as needed.
- *
- * XXX This is broken wrt signedAndEnvelopedData. In that case, the
- * message digest is doubly encrypted -- first encrypted with the signer
- * private key but then again encrypted with the bulk encryption key used
- * to encrypt the content. So before we can pass the digest to VerifyDigest,
- * we need to decrypt it with the bulk encryption key. Also, in this case,
- * there should be NO authenticatedAttributes (signerinfo->authAttr should
- * be NULL).
- */
-static PRBool
-sec_pkcs7_verify_signature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts)
-{
- SECAlgorithmID **digestalgs, *bulkid;
- SECItem *digest;
- SECItem **digests;
- SECItem **rawcerts;
- CERTSignedCrl **crls;
- SEC_PKCS7SignerInfo **signerinfos, *signerinfo;
- CERTCertificate *cert, **certs;
- PRBool goodsig;
- CERTCertDBHandle *certdb, *defaultdb;
- SECOidData *algiddata;
- int i, certcount;
- SECKEYPublicKey *publickey;
- SECItem *content_type;
- PK11SymKey *sigkey;
- SECItem *utc_stime;
- int64 stime;
- SECStatus rv;
-
- /*
- * Everything needed in order to "goto done" safely.
- */
- goodsig = PR_FALSE;
- certcount = 0;
- cert = NULL;
- certs = NULL;
- certdb = NULL;
- defaultdb = CERT_GetDefaultCertDB();
- publickey = NULL;
-
- if (! SEC_PKCS7ContentIsSigned(cinfo)) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- PORT_Assert (cinfo->contentTypeTag != NULL);
-
- switch (cinfo->contentTypeTag->offset) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- /* Could only get here if SEC_PKCS7ContentIsSigned is broken. */
- PORT_Assert (0);
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- digestalgs = sdp->digestAlgorithms;
- digests = sdp->digests;
- rawcerts = sdp->rawCerts;
- crls = sdp->crls;
- signerinfos = sdp->signerInfos;
- content_type = &(sdp->contentInfo.contentType);
- sigkey = NULL;
- bulkid = NULL;
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- digestalgs = saedp->digestAlgorithms;
- digests = saedp->digests;
- rawcerts = saedp->rawCerts;
- crls = saedp->crls;
- signerinfos = saedp->signerInfos;
- content_type = &(saedp->encContentInfo.contentType);
- sigkey = saedp->sigKey;
- bulkid = &(saedp->encContentInfo.contentEncAlg);
- }
- break;
- }
-
- if ((signerinfos == NULL) || (signerinfos[0] == NULL)) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- /*
- * XXX Need to handle multiple signatures; checking them is easy,
- * but what should be the semantics here (like, return value)?
- */
- if (signerinfos[1] != NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- signerinfo = signerinfos[0];
-
- /*
- * XXX I would like to just pass the issuerAndSN, along with the rawcerts
- * and crls, to some function that did all of this certificate stuff
- * (open/close the database if necessary, verifying the certs, etc.)
- * and gave me back a cert pointer if all was good.
- */
- certdb = defaultdb;
- if (certdb == NULL) {
- goto done;
- }
-
- certcount = 0;
- if (rawcerts != NULL) {
- for (; rawcerts[certcount] != NULL; certcount++) {
- /* just counting */
- }
- }
-
- /*
- * Note that the result of this is that each cert in "certs"
- * needs to be destroyed.
- */
- rv = CERT_ImportCerts(certdb, certusage, certcount, rawcerts, &certs,
- keepcerts, PR_FALSE, NULL);
- if ( rv != SECSuccess ) {
- goto done;
- }
-
- /*
- * This cert will also need to be freed, but since we save it
- * in signerinfo for later, we do not want to destroy it when
- * we leave this function -- we let the clean-up of the entire
- * cinfo structure later do the destroy of this cert.
- */
- cert = CERT_FindCertByIssuerAndSN(certdb, signerinfo->issuerAndSN);
- if (cert == NULL) {
- goto done;
- }
-
- signerinfo->cert = cert;
-
- /*
- * Get and convert the signing time; if available, it will be used
- * both on the cert verification and for importing the sender
- * email profile.
- */
- utc_stime = SEC_PKCS7GetSigningTime (cinfo);
- if (utc_stime != NULL) {
- if (DER_UTCTimeToTime (&stime, utc_stime) != SECSuccess)
- utc_stime = NULL; /* conversion failed, so pretend none */
- }
-
- /*
- * XXX This uses the signing time, if available. Additionally, we
- * might want to, if there is no signing time, get the message time
- * from the mail header itself, and use that. That would require
- * a change to our interface though, and for S/MIME callers to pass
- * in a time (and for non-S/MIME callers to pass in nothing, or
- * maybe make them pass in the current time, always?).
- */
- if (CERT_VerifyCert (certdb, cert, PR_TRUE, certusage,
- utc_stime != NULL ? stime : PR_Now(),
- cinfo->pwfn_arg, NULL) != SECSuccess)
- {
- /*
- * XXX Give the user an option to check the signature anyway?
- * If we want to do this, need to give a way to leave and display
- * some dialog and get the answer and come back through (or do
- * the rest of what we do below elsewhere, maybe by putting it
- * in a function that we call below and could call from a dialog
- * finish handler).
- */
- goto savecert;
- }
-
- publickey = CERT_ExtractPublicKey (cert);
- if (publickey == NULL)
- goto done;
-
- /*
- * XXX No! If digests is empty, see if we can create it now by
- * digesting the contents. This is necessary if we want to allow
- * somebody to do a simple decode (without filtering, etc.) and
- * then later call us here to do the verification.
- * OR, we can just specify that the interface to this routine
- * *requires* that the digest(s) be done before calling and either
- * stashed in the struct itself or passed in explicitly (as would
- * be done for detached contents).
- */
- if ((digests == NULL || digests[0] == NULL)
- && (detached_digest == NULL || detached_digest->data == NULL))
- goto done;
-
- /*
- * Find and confirm digest algorithm.
- */
- algiddata = SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
-
- if (detached_digest != NULL) {
- switch (digest_type) {
- default:
- case HASH_AlgNULL:
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- case HASH_AlgMD2:
- PORT_Assert (detached_digest->len == MD2_LENGTH);
- if (algiddata->offset != SEC_OID_MD2) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- break;
- case HASH_AlgMD5:
- PORT_Assert (detached_digest->len == MD5_LENGTH);
- if (algiddata->offset != SEC_OID_MD5) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- break;
- case HASH_AlgSHA1:
- PORT_Assert (detached_digest->len == SHA1_LENGTH);
- if (algiddata->offset != SEC_OID_SHA1) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- break;
- }
- digest = detached_digest;
- } else {
- PORT_Assert (digestalgs != NULL && digestalgs[0] != NULL);
- if (digestalgs == NULL || digestalgs[0] == NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- /*
- * pick digest matching signerinfo->digestAlg from digests
- */
- if (algiddata == NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- for (i = 0; digestalgs[i] != NULL; i++) {
- if (SECOID_FindOID (&(digestalgs[i]->algorithm)) == algiddata)
- break;
- }
- if (digestalgs[i] == NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- digest = digests[i];
- }
-
- /*
- * XXX This may not be the right set of algorithms to check.
- * I'd prefer to trust that just calling VFY_Verify{Data,Digest}
- * would do the right thing (and set an error if it could not);
- * then additional algorithms could be handled by that code
- * and we would Just Work. So this check should just be removed,
- * but not until the VFY code is better at setting errors.
- */
- algiddata = SECOID_FindOID (&(signerinfo->digestEncAlg.algorithm));
- if (algiddata == NULL ||
- ((algiddata->offset != SEC_OID_PKCS1_RSA_ENCRYPTION) &&
- (algiddata->offset != SEC_OID_ANSIX9_DSA_SIGNATURE))) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- if (signerinfo->authAttr != NULL) {
- SEC_PKCS7Attribute *attr;
- SECItem *value;
- SECItem encoded_attrs;
-
- /*
- * We have a sigkey only for signedAndEnvelopedData, which is
- * not supposed to have any authenticated attributes.
- */
- if (sigkey != NULL) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- /*
- * PKCS #7 says that if there are any authenticated attributes,
- * then there must be one for content type which matches the
- * content type of the content being signed, and there must
- * be one for message digest which matches our message digest.
- * So check these things first.
- * XXX Might be nice to have a compare-attribute-value function
- * which could collapse the following nicely.
- */
- attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
- SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE);
- value = sec_PKCS7AttributeValue (attr);
- if (value == NULL || value->len != content_type->len) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- if (PORT_Memcmp (value->data, content_type->data, value->len) != 0) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
- SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE);
- value = sec_PKCS7AttributeValue (attr);
- if (value == NULL || value->len != digest->len) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
- if (PORT_Memcmp (value->data, digest->data, value->len) != 0) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- /*
- * Okay, we met the constraints of the basic attributes.
- * Now check the signature, which is based on a digest of
- * the DER-encoded authenticated attributes. So, first we
- * encode and then we digest/verify.
- */
- encoded_attrs.data = NULL;
- encoded_attrs.len = 0;
- if (sec_PKCS7EncodeAttributes (NULL, &encoded_attrs,
- &(signerinfo->authAttr)) == NULL)
- goto done;
-
- if (encoded_attrs.data == NULL || encoded_attrs.len == 0) {
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- goodsig = (PRBool)(VFY_VerifyData (encoded_attrs.data,
- encoded_attrs.len,
- publickey, &(signerinfo->encDigest),
- SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
- cinfo->pwfn_arg) == SECSuccess);
- PORT_Free (encoded_attrs.data);
- } else {
- SECItem *sig;
- SECItem holder;
- SECStatus rv;
-
- /*
- * No authenticated attributes.
- * The signature is based on the plain message digest.
- */
-
- sig = &(signerinfo->encDigest);
- if (sig->len == 0) { /* bad signature */
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- goto done;
- }
-
- if (sigkey != NULL) {
- sec_PKCS7CipherObject *decryptobj;
- unsigned int buflen;
-
- /*
- * For signedAndEnvelopedData, we first must decrypt the encrypted
- * digest with the bulk encryption key. The result is the normal
- * encrypted digest (aka the signature).
- */
- decryptobj = sec_PKCS7CreateDecryptObject (sigkey, bulkid);
- if (decryptobj == NULL)
- goto done;
-
- buflen = sec_PKCS7DecryptLength (decryptobj, sig->len, PR_TRUE);
- PORT_Assert (buflen);
- if (buflen == 0) { /* something is wrong */
- sec_PKCS7DestroyDecryptObject (decryptobj);
- goto done;
- }
-
- holder.data = (unsigned char*)PORT_Alloc (buflen);
- if (holder.data == NULL) {
- sec_PKCS7DestroyDecryptObject (decryptobj);
- goto done;
- }
-
- rv = sec_PKCS7Decrypt (decryptobj, holder.data, &holder.len, buflen,
- sig->data, sig->len, PR_TRUE);
- if (rv != SECSuccess) {
- sec_PKCS7DestroyDecryptObject (decryptobj);
- goto done;
- }
-
- sig = &holder;
- }
-
- goodsig = (PRBool)(VFY_VerifyDigest (digest, publickey, sig,
- SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
- cinfo->pwfn_arg)
- == SECSuccess);
-
- if (sigkey != NULL) {
- PORT_Assert (sig == &holder);
- PORT_ZFree (holder.data, holder.len);
- }
- }
-
- if (! goodsig) {
- /*
- * XXX Change the generic error into our specific one, because
- * in that case we get a better explanation out of the Security
- * Advisor. This is really a bug in our error strings (the
- * "generic" error has a lousy/wrong message associated with it
- * which assumes the signature verification was done for the
- * purposes of checking the issuer signature on a certificate)
- * but this is at least an easy workaround and/or in the
- * Security Advisor, which specifically checks for the error
- * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation
- * in that case but does not similarly check for
- * SEC_ERROR_BAD_SIGNATURE. It probably should, but then would
- * probably say the wrong thing in the case that it *was* the
- * certificate signature check that failed during the cert
- * verification done above. Our error handling is really a mess.
- */
- if (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE)
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- }
-
-savecert:
- /*
- * Only save the smime profile if we are checking an email message and
- * the cert has an email address in it.
- */
- if ( ( cert->emailAddr != NULL ) &&
- ( ( certusage == certUsageEmailSigner ) ||
- ( certusage == certUsageEmailRecipient ) ) ) {
- SECItem *profile = NULL;
- int save_error;
-
- /*
- * Remember the current error set because we do not care about
- * anything set by the functions we are about to call.
- */
- save_error = PORT_GetError();
-
- if (goodsig && (signerinfo->authAttr != NULL)) {
- /*
- * If the signature is good, then we can save the S/MIME profile,
- * if we have one.
- */
- SEC_PKCS7Attribute *attr;
-
- attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
- SEC_OID_PKCS9_SMIME_CAPABILITIES,
- PR_TRUE);
- profile = sec_PKCS7AttributeValue (attr);
- }
-
- rv = CERT_SaveSMimeProfile (cert, profile, utc_stime);
-
- /*
- * Restore the saved error in case the calls above set a new
- * one that we do not actually care about.
- */
- PORT_SetError (save_error);
-
- /*
- * XXX Failure is not indicated anywhere -- the signature
- * verification itself is unaffected by whether or not the
- * profile was successfully saved.
- */
- }
-
-
-done:
-
- /*
- * See comment above about why we do not want to destroy cert
- * itself here.
- */
-
- if (certs != NULL)
- CERT_DestroyCertArray (certs, certcount);
-
- if (publickey != NULL)
- SECKEY_DestroyPublicKey (publickey);
-
- return goodsig;
-}
-
-/*
- * SEC_PKCS7VerifySignature
- * Look at a PKCS7 contentInfo and check if the signature is good.
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- */
-PRBool
-SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- PRBool keepcerts)
-{
- return sec_pkcs7_verify_signature (cinfo, certusage,
- NULL, HASH_AlgNULL, keepcerts);
-}
-
-/*
- * SEC_PKCS7VerifyDetachedSignature
- * Look at a PKCS7 contentInfo and check if the signature matches
- * a passed-in digest (calculated, supposedly, from detached contents).
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- */
-PRBool
-SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts)
-{
- return sec_pkcs7_verify_signature (cinfo, certusage,
- detached_digest, digest_type,
- keepcerts);
-}
-
-
-/*
- * Return the asked-for portion of the name of the signer of a PKCS7
- * signed object.
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A NULL return value is an error.
- */
-
-#define sec_common_name 1
-#define sec_email_address 2
-
-static char *
-sec_pkcs7_get_signer_cert_info(SEC_PKCS7ContentInfo *cinfo, int selector)
-{
- SECOidTag kind;
- SEC_PKCS7SignerInfo **signerinfos;
- CERTCertificate *signercert;
- char *container;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- PORT_Assert (0);
- return NULL;
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- signerinfos = sdp->signerInfos;
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- signerinfos = saedp->signerInfos;
- }
- break;
- }
-
- if (signerinfos == NULL || signerinfos[0] == NULL)
- return NULL;
-
- signercert = signerinfos[0]->cert;
-
- /*
- * No cert there; see if we can find one by calling verify ourselves.
- */
- if (signercert == NULL) {
- /*
- * The cert usage does not matter in this case, because we do not
- * actually care about the verification itself, but we have to pick
- * some valid usage to pass in.
- */
- (void) sec_pkcs7_verify_signature (cinfo, certUsageEmailSigner,
- NULL, HASH_AlgNULL, PR_FALSE);
- signercert = signerinfos[0]->cert;
- if (signercert == NULL)
- return NULL;
- }
-
- switch (selector) {
- case sec_common_name:
- container = CERT_GetCommonName (&signercert->subject);
- break;
- case sec_email_address:
- if(signercert->emailAddr) {
- container = PORT_Strdup(signercert->emailAddr);
- } else {
- container = NULL;
- }
- break;
- default:
- PORT_Assert (0);
- container = NULL;
- break;
- }
-
- return container;
-}
-
-char *
-SEC_PKCS7GetSignerCommonName(SEC_PKCS7ContentInfo *cinfo)
-{
- return sec_pkcs7_get_signer_cert_info(cinfo, sec_common_name);
-}
-
-char *
-SEC_PKCS7GetSignerEmailAddress(SEC_PKCS7ContentInfo *cinfo)
-{
- return sec_pkcs7_get_signer_cert_info(cinfo, sec_email_address);
-}
-
-
-/*
- * Return the signing time, in UTCTime format, of a PKCS7 contentInfo.
- */
-SECItem *
-SEC_PKCS7GetSigningTime(SEC_PKCS7ContentInfo *cinfo)
-{
- SEC_PKCS7SignerInfo **signerinfos;
- SEC_PKCS7Attribute *attr;
-
- if (SEC_PKCS7ContentType (cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- return NULL;
-
- signerinfos = cinfo->content.signedData->signerInfos;
-
- /*
- * No signature, or more than one, means no deal.
- */
- if (signerinfos == NULL || signerinfos[0] == NULL || signerinfos[1] != NULL)
- return NULL;
-
- attr = sec_PKCS7FindAttribute (signerinfos[0]->authAttr,
- SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE);
- return sec_PKCS7AttributeValue (attr);
-}
diff --git a/security/nss/lib/pkcs7/p7encode.c b/security/nss/lib/pkcs7/p7encode.c
deleted file mode 100644
index 879a1b286..000000000
--- a/security/nss/lib/pkcs7/p7encode.c
+++ /dev/null
@@ -1,1333 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * PKCS7 encoding.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-
-#include "p7local.h"
-
-#include "cert.h"
-#include "cryptohi.h"
-#include "keyhi.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "sechash.h" /* for HASH_GetHashObject() */
-
-struct sec_pkcs7_encoder_output {
- SEC_PKCS7EncoderOutputCallback outputfn;
- void *outputarg;
-};
-
-struct SEC_PKCS7EncoderContextStr {
- SEC_ASN1EncoderContext *ecx;
- SEC_PKCS7ContentInfo *cinfo;
- struct sec_pkcs7_encoder_output output;
- sec_PKCS7CipherObject *encryptobj;
- const SECHashObject *digestobj;
- void *digestcx;
-};
-
-
-/*
- * The little output function that the ASN.1 encoder calls to hand
- * us bytes which we in turn hand back to our caller (via the callback
- * they gave us).
- */
-static void
-sec_pkcs7_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct sec_pkcs7_encoder_output *output;
-
- output = (struct sec_pkcs7_encoder_output*)arg;
- output->outputfn (output->outputarg, buf, len);
-}
-
-static sec_PKCS7CipherObject *
-sec_pkcs7_encoder_start_encrypt (SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *orig_bulkkey)
-{
- SECOidTag kind;
- sec_PKCS7CipherObject *encryptobj;
- SEC_PKCS7RecipientInfo **recipientinfos, *ri;
- SEC_PKCS7EncryptedContentInfo *enccinfo;
- SEC_PKCS7SMIMEKEAParameters keaParams;
- SECKEYPublicKey *publickey = NULL;
- SECKEYPrivateKey *ourPrivKey = NULL;
- PK11SymKey *bulkkey;
- void *mark, *wincx;
- int i;
- PRArenaPool *arena = NULL;
-
- /* Get the context in case we need it below. */
- wincx = cinfo->pwfn_arg;
-
- /* Clear keaParams, since cleanup code checks the lengths */
- (void) memset(&keaParams, 0, sizeof(keaParams));
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_SIGNED_DATA:
- recipientinfos = NULL;
- enccinfo = NULL;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- {
- SEC_PKCS7EncryptedData *encdp;
-
- /* To do EncryptedData we *must* be given a bulk key. */
- PORT_Assert (orig_bulkkey != NULL);
- if (orig_bulkkey == NULL) {
- /* XXX error? */
- return NULL;
- }
-
- encdp = cinfo->content.encryptedData;
- recipientinfos = NULL;
- enccinfo = &(encdp->encContentInfo);
- }
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *envdp;
-
- envdp = cinfo->content.envelopedData;
- recipientinfos = envdp->recipientInfos;
- enccinfo = &(envdp->encContentInfo);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- recipientinfos = saedp->recipientInfos;
- enccinfo = &(saedp->encContentInfo);
- }
- break;
- }
-
- if (enccinfo == NULL)
- return NULL;
-
- bulkkey = orig_bulkkey;
- if (bulkkey == NULL) {
- CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(enccinfo->encalg);
- PK11SlotInfo *slot;
-
-
- slot = PK11_GetBestSlot(type,cinfo->pwfn_arg);
- if (slot == NULL) {
- return NULL;
- }
- bulkkey = PK11_KeyGen(slot,type,NULL, enccinfo->keysize/8,
- cinfo->pwfn_arg);
- PK11_FreeSlot(slot);
- if (bulkkey == NULL) {
- return NULL;
- }
- }
-
- encryptobj = NULL;
- mark = PORT_ArenaMark (cinfo->poolp);
-
- /*
- * Encrypt the bulk key with the public key of each recipient.
- */
- for (i = 0; recipientinfos && (ri = recipientinfos[i]) != NULL; i++) {
- CERTCertificate *cert;
- SECOidTag certalgtag, encalgtag;
- SECStatus rv;
- int data_len;
- SECItem *params = NULL;
-
- cert = ri->cert;
- PORT_Assert (cert != NULL);
- if (cert == NULL)
- continue;
-
- /*
- * XXX Want an interface that takes a cert and some data and
- * fills in an algorithmID and encrypts the data with the public
- * key from the cert. Or, give me two interfaces -- one which
- * gets the algorithm tag from a cert (I should not have to go
- * down into the subjectPublicKeyInfo myself) and another which
- * takes a public key and algorithm tag and data and encrypts
- * the data. Or something like that. The point is that all
- * of the following hardwired RSA and KEA stuff should be done
- * elsewhere.
- */
-
- certalgtag=SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
- switch (certalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- encalgtag = certalgtag;
- publickey = CERT_ExtractPublicKey (cert);
- if (publickey == NULL) goto loser;
-
- data_len = SECKEY_PublicKeyStrength(publickey);
- ri->encKey.data =
- (unsigned char*)PORT_ArenaAlloc(cinfo->poolp ,data_len);
- ri->encKey.len = data_len;
- if (ri->encKey.data == NULL) goto loser;
-
- rv = PK11_PubWrapSymKey(PK11_AlgtagToMechanism(certalgtag),publickey,
- bulkkey,&ri->encKey);
-
- SECKEY_DestroyPublicKey(publickey);
- publickey = NULL;
- if (rv != SECSuccess) goto loser;
- params = NULL; /* paranoia */
- break;
- /* ### mwelch -- KEA */
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA:
- {
-#define SMIME_FORTEZZA_RA_LENGTH 128
-#define SMIME_FORTEZZA_IV_LENGTH 24
-#define SMIME_FORTEZZA_MAX_KEY_SIZE 256
- SECStatus err;
- PK11SymKey *tek;
- CERTCertificate *ourCert;
- SECKEYPublicKey *ourPubKey;
- SECKEATemplateSelector whichKEA = SECKEAInvalid;
-
- /* We really want to show our KEA tag as the
- key exchange algorithm tag. */
- encalgtag = SEC_OID_NETSCAPE_SMIME_KEA;
-
- /* Get the public key of the recipient. */
- publickey = CERT_ExtractPublicKey(cert);
- if (publickey == NULL) goto loser;
-
- /* Find our own cert, and extract its keys. */
- ourCert = PK11_FindBestKEAMatch(cert,wincx);
- if (ourCert == NULL) goto loser;
-
- arena = PORT_NewArena(1024);
- if (arena == NULL) goto loser;
-
- ourPubKey = CERT_ExtractPublicKey(ourCert);
- if (ourPubKey == NULL)
- {
- CERT_DestroyCertificate(ourCert);
- goto loser;
- }
-
- /* While we're here, copy the public key into the outgoing
- * KEA parameters. */
- SECITEM_CopyItem(arena, &(keaParams.originatorKEAKey),
- &(ourPubKey->u.fortezza.KEAKey));
- SECKEY_DestroyPublicKey(ourPubKey);
- ourPubKey = NULL;
-
- /* Extract our private key in order to derive the
- * KEA key. */
- ourPrivKey = PK11_FindKeyByAnyCert(ourCert,wincx);
- CERT_DestroyCertificate(ourCert); /* we're done with this */
- if (!ourPrivKey) goto loser;
-
- /* Prepare raItem with 128 bytes (filled with zeros). */
- keaParams.originatorRA.data =
- (unsigned char*)PORT_ArenaAlloc(arena,SMIME_FORTEZZA_RA_LENGTH);
- keaParams.originatorRA.len = SMIME_FORTEZZA_RA_LENGTH;
-
-
- /* Generate the TEK (token exchange key) which we use
- * to wrap the bulk encryption key. (raItem) will be
- * filled with a random seed which we need to send to
- * the recipient. */
- tek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
- &keaParams.originatorRA, NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, wincx);
-
- SECKEY_DestroyPublicKey(publickey);
- SECKEY_DestroyPrivateKey(ourPrivKey);
- publickey = NULL;
- ourPrivKey = NULL;
-
- if (!tek)
- goto loser;
-
- ri->encKey.data = (unsigned char*)PORT_ArenaAlloc(cinfo->poolp,
- SMIME_FORTEZZA_MAX_KEY_SIZE);
- ri->encKey.len = SMIME_FORTEZZA_MAX_KEY_SIZE;
-
- if (ri->encKey.data == NULL)
- {
- PK11_FreeSymKey(tek);
- goto loser;
- }
-
- /* Wrap the bulk key. What we do with the resulting data
- depends on whether we're using Skipjack to wrap the key. */
- switch(PK11_AlgtagToMechanism(enccinfo->encalg))
- {
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- /* do SKIPJACK, we use the wrap mechanism */
- err = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL,
- tek, bulkkey, &ri->encKey);
- whichKEA = SECKEAUsesSkipjack;
- break;
- default:
- /* Not SKIPJACK, we encrypt the raw key data */
- keaParams.nonSkipjackIV .data =
- (unsigned char*)PORT_ArenaAlloc(arena,
- SMIME_FORTEZZA_IV_LENGTH);
- keaParams.nonSkipjackIV.len = SMIME_FORTEZZA_IV_LENGTH;
- err = PK11_WrapSymKey(CKM_SKIPJACK_CBC64,
- &keaParams.nonSkipjackIV,
- tek, bulkkey, &ri->encKey);
- if (err != SECSuccess)
- goto loser;
-
- if (ri->encKey.len != PK11_GetKeyLength(bulkkey))
- {
- /* The size of the encrypted key is not the same as
- that of the original bulk key, presumably due to
- padding. Encode and store the real size of the
- bulk key. */
- if (SEC_ASN1EncodeInteger(arena,
- &keaParams.bulkKeySize,
- PK11_GetKeyLength(bulkkey))
- == NULL)
- err = (SECStatus)PORT_GetError();
- else
- /* use full template for encoding */
- whichKEA = SECKEAUsesNonSkipjackWithPaddedEncKey;
- }
- else
- /* enc key length == bulk key length */
- whichKEA = SECKEAUsesNonSkipjack;
- break;
- }
-
- PK11_FreeSymKey(tek);
- if (err != SECSuccess)
- goto loser;
-
- PORT_Assert( whichKEA != SECKEAInvalid);
-
- /* Encode the KEA parameters into the recipient info. */
- params = SEC_ASN1EncodeItem(arena,NULL, &keaParams,
- sec_pkcs7_get_kea_template(whichKEA));
- if (params == NULL) goto loser;
- break;
- }
- default:
- PORT_SetError (SEC_ERROR_INVALID_ALGORITHM);
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(cinfo->poolp, &ri->keyEncAlg, encalgtag,
- params);
- if (rv != SECSuccess)
- goto loser;
- if (arena) PORT_FreeArena(arena,PR_FALSE);
- arena = NULL;
- }
-
- encryptobj = sec_PKCS7CreateEncryptObject (cinfo->poolp, bulkkey,
- enccinfo->encalg,
- &(enccinfo->contentEncAlg));
- if (encryptobj != NULL) {
- PORT_ArenaUnmark (cinfo->poolp, mark);
- mark = NULL; /* good one; do not want to release */
- }
- /* fallthru */
-
-loser:
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if (publickey) {
- SECKEY_DestroyPublicKey(publickey);
- }
- if (ourPrivKey) {
- SECKEY_DestroyPrivateKey(ourPrivKey);
- }
- if (mark != NULL) {
- PORT_ArenaRelease (cinfo->poolp, mark);
- }
- if (orig_bulkkey == NULL) {
- if (bulkkey) PK11_FreeSymKey(bulkkey);
- }
-
- return encryptobj;
-}
-
-
-static void
-sec_pkcs7_encoder_notify (void *arg, PRBool before, void *dest, int depth)
-{
- SEC_PKCS7EncoderContext *p7ecx;
- SEC_PKCS7ContentInfo *cinfo;
- SECOidTag kind;
- PRBool before_content;
-
- /*
- * We want to notice just before the content field. After fields are
- * not interesting to us.
- */
- if (!before)
- return;
-
- p7ecx = (SEC_PKCS7EncoderContext*)arg;
- cinfo = p7ecx->cinfo;
-
- before_content = PR_FALSE;
-
- /*
- * Watch for the content field, at which point we want to instruct
- * the ASN.1 encoder to start taking bytes from the buffer.
- *
- * XXX The following assumes the inner content type is data;
- * if/when we want to handle fully nested types, this will have
- * to recurse until reaching the innermost data content.
- */
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- if (dest == &(cinfo->content.data))
- before_content = PR_TRUE;
- break;
-
- case SEC_OID_PKCS7_DIGESTED_DATA:
- {
- SEC_PKCS7DigestedData *digd;
-
- digd = cinfo->content.digestedData;
- if (digd == NULL)
- break;
-
- if (dest == &(digd->contentInfo.content))
- before_content = PR_TRUE;
- }
- break;
-
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- {
- SEC_PKCS7EncryptedData *encd;
-
- encd = cinfo->content.encryptedData;
- if (encd == NULL)
- break;
-
- if (dest == &(encd->encContentInfo.encContent))
- before_content = PR_TRUE;
- }
- break;
-
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- {
- SEC_PKCS7EnvelopedData *envd;
-
- envd = cinfo->content.envelopedData;
- if (envd == NULL)
- break;
-
- if (dest == &(envd->encContentInfo.encContent))
- before_content = PR_TRUE;
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sigd;
-
- sigd = cinfo->content.signedData;
- if (sigd == NULL)
- break;
-
- if (dest == &(sigd->contentInfo.content))
- before_content = PR_TRUE;
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saed;
-
- saed = cinfo->content.signedAndEnvelopedData;
- if (saed == NULL)
- break;
-
- if (dest == &(saed->encContentInfo.encContent))
- before_content = PR_TRUE;
- }
- break;
- }
-
- if (before_content) {
- /*
- * This will cause the next SEC_ASN1EncoderUpdate to take the
- * contents bytes from the passed-in buffer.
- */
- SEC_ASN1EncoderSetTakeFromBuf (p7ecx->ecx);
- /*
- * And that is all we needed this notify function for.
- */
- SEC_ASN1EncoderClearNotifyProc (p7ecx->ecx);
- }
-}
-
-
-static SEC_PKCS7EncoderContext *
-sec_pkcs7_encoder_start_contexts (SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey)
-{
- SEC_PKCS7EncoderContext *p7ecx;
- SECOidTag kind;
- PRBool encrypt;
- SECItem **digests;
- SECAlgorithmID *digestalg, **digestalgs;
-
- p7ecx =
- (SEC_PKCS7EncoderContext*)PORT_ZAlloc (sizeof(SEC_PKCS7EncoderContext));
- if (p7ecx == NULL)
- return NULL;
-
- digests = NULL;
- digestalg = NULL;
- digestalgs = NULL;
- encrypt = PR_FALSE;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- digestalg = &(cinfo->content.digestedData->digestAlg);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- digests = cinfo->content.signedData->digests;
- digestalgs = cinfo->content.signedData->digestAlgorithms;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- encrypt = PR_TRUE;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- digests = cinfo->content.signedAndEnvelopedData->digests;
- digestalgs = cinfo->content.signedAndEnvelopedData->digestAlgorithms;
- encrypt = PR_TRUE;
- break;
- }
-
- if (encrypt) {
- p7ecx->encryptobj = sec_pkcs7_encoder_start_encrypt (cinfo, bulkkey);
- if (p7ecx->encryptobj == NULL) {
- PORT_Free (p7ecx);
- return NULL;
- }
- }
-
- if (digestalgs != NULL) {
- if (digests != NULL) {
- /* digests already created (probably for detached data) */
- digestalg = NULL;
- } else {
- /*
- * XXX Some day we should handle multiple digests; for now,
- * assume only one will be done.
- */
- PORT_Assert (digestalgs[0] != NULL && digestalgs[1] == NULL);
- digestalg = digestalgs[0];
- }
- }
-
- if (digestalg != NULL) {
- SECOidData *oiddata;
-
- oiddata = SECOID_FindOID (&(digestalg->algorithm));
- if (oiddata != NULL) {
- switch (oiddata->offset) {
- case SEC_OID_MD2:
- p7ecx->digestobj = HASH_GetHashObject(HASH_AlgMD2);
- break;
- case SEC_OID_MD5:
- p7ecx->digestobj = HASH_GetHashObject(HASH_AlgMD5);
- break;
- case SEC_OID_SHA1:
- p7ecx->digestobj = HASH_GetHashObject(HASH_AlgSHA1);
- break;
- default:
- /* XXX right error? */
- PORT_SetError (SEC_ERROR_INVALID_ALGORITHM);
- break;
- }
- }
- if (p7ecx->digestobj != NULL) {
- p7ecx->digestcx = (* p7ecx->digestobj->create) ();
- if (p7ecx->digestcx == NULL)
- p7ecx->digestobj = NULL;
- else
- (* p7ecx->digestobj->begin) (p7ecx->digestcx);
- }
- if (p7ecx->digestobj == NULL) {
- if (p7ecx->encryptobj != NULL)
- sec_PKCS7DestroyEncryptObject (p7ecx->encryptobj);
- PORT_Free (p7ecx);
- return NULL;
- }
- }
-
- p7ecx->cinfo = cinfo;
- return p7ecx;
-}
-
-
-SEC_PKCS7EncoderContext *
-SEC_PKCS7EncoderStart (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey)
-{
- SEC_PKCS7EncoderContext *p7ecx;
- SECStatus rv;
-
- p7ecx = sec_pkcs7_encoder_start_contexts (cinfo, bulkkey);
- if (p7ecx == NULL)
- return NULL;
-
- p7ecx->output.outputfn = outputfn;
- p7ecx->output.outputarg = outputarg;
-
- /*
- * Initialize the BER encoder.
- */
- p7ecx->ecx = SEC_ASN1EncoderStart (cinfo, sec_PKCS7ContentInfoTemplate,
- sec_pkcs7_encoder_out, &(p7ecx->output));
- if (p7ecx->ecx == NULL) {
- PORT_Free (p7ecx);
- return NULL;
- }
-
- /*
- * Indicate that we are streaming. We will be streaming until we
- * get past the contents bytes.
- */
- SEC_ASN1EncoderSetStreaming (p7ecx->ecx);
-
- /*
- * The notify function will watch for the contents field.
- */
- SEC_ASN1EncoderSetNotifyProc (p7ecx->ecx, sec_pkcs7_encoder_notify, p7ecx);
-
- /*
- * This will encode everything up to the content bytes. (The notify
- * function will then cause the encoding to stop there.) Then our
- * caller can start passing contents bytes to our Update, which we
- * will pass along.
- */
- rv = SEC_ASN1EncoderUpdate (p7ecx->ecx, NULL, 0);
- if (rv != SECSuccess) {
- PORT_Free (p7ecx);
- return NULL;
- }
-
- return p7ecx;
-}
-
-
-/*
- * XXX If/when we support nested contents, this needs to be revised.
- */
-static SECStatus
-sec_pkcs7_encoder_work_data (SEC_PKCS7EncoderContext *p7ecx, SECItem *dest,
- const unsigned char *data, unsigned long len,
- PRBool final)
-{
- unsigned char *buf = NULL;
- SECStatus rv;
-
-
- rv = SECSuccess; /* may as well be optimistic */
-
- /*
- * We should really have data to process, or we should be trying
- * to finish/flush the last block. (This is an overly paranoid
- * check since all callers are in this file and simple inspection
- * proves they do it right. But it could find a bug in future
- * modifications/development, that is why it is here.)
- */
- PORT_Assert ((data != NULL && len) || final);
-
- /*
- * Update the running digest.
- * XXX This needs modification if/when we handle multiple digests.
- */
- if (len && p7ecx->digestobj != NULL) {
- (* p7ecx->digestobj->update) (p7ecx->digestcx, data, len);
- }
-
- /*
- * Encrypt this chunk.
- */
- if (p7ecx->encryptobj != NULL) {
- /* XXX the following lengths should all be longs? */
- unsigned int inlen; /* length of data being encrypted */
- unsigned int outlen; /* length of encrypted data */
- unsigned int buflen; /* length available for encrypted data */
-
- inlen = len;
- buflen = sec_PKCS7EncryptLength (p7ecx->encryptobj, inlen, final);
- if (buflen == 0) {
- /*
- * No output is expected, but the input data may be buffered
- * so we still have to call Encrypt.
- */
- rv = sec_PKCS7Encrypt (p7ecx->encryptobj, NULL, NULL, 0,
- data, inlen, final);
- if (final) {
- len = 0;
- goto done;
- }
- return rv;
- }
-
- if (dest != NULL)
- buf = (unsigned char*)PORT_ArenaAlloc(p7ecx->cinfo->poolp, buflen);
- else
- buf = (unsigned char*)PORT_Alloc (buflen);
-
- if (buf == NULL) {
- rv = SECFailure;
- } else {
- rv = sec_PKCS7Encrypt (p7ecx->encryptobj, buf, &outlen, buflen,
- data, inlen, final);
- data = buf;
- len = outlen;
- }
- if (rv != SECSuccess) {
- if (final)
- goto done;
- return rv;
- }
- }
-
- if (p7ecx->ecx != NULL) {
- /*
- * Encode the contents bytes.
- */
- if(len) {
- rv = SEC_ASN1EncoderUpdate (p7ecx->ecx, (const char *)data, len);
- }
- }
-
-done:
- if (p7ecx->encryptobj != NULL) {
- if (final)
- sec_PKCS7DestroyEncryptObject (p7ecx->encryptobj);
- if (dest != NULL) {
- dest->data = buf;
- dest->len = len;
- } else if (buf != NULL) {
- PORT_Free (buf);
- }
- }
-
- if (final && p7ecx->digestobj != NULL) {
- SECItem *digest, **digests, ***digestsp;
- unsigned char *digdata;
- SECOidTag kind;
-
- kind = SEC_PKCS7ContentType (p7ecx->cinfo);
- switch (kind) {
- default:
- PORT_Assert (0);
- return SECFailure;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- digest = &(p7ecx->cinfo->content.digestedData->digest);
- digestsp = NULL;
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- digest = NULL;
- digestsp = &(p7ecx->cinfo->content.signedData->digests);
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- digest = NULL;
- digestsp = &(p7ecx->cinfo->content.signedAndEnvelopedData->digests);
- break;
- }
-
- digdata = (unsigned char*)PORT_ArenaAlloc (p7ecx->cinfo->poolp,
- p7ecx->digestobj->length);
- if (digdata == NULL)
- return SECFailure;
-
- if (digestsp != NULL) {
- PORT_Assert (digest == NULL);
-
- digest = (SECItem*)PORT_ArenaAlloc (p7ecx->cinfo->poolp,
- sizeof(SECItem));
- digests = (SECItem**)PORT_ArenaAlloc (p7ecx->cinfo->poolp,
- 2 * sizeof(SECItem *));
- if (digests == NULL || digest == NULL)
- return SECFailure;
-
- digests[0] = digest;
- digests[1] = NULL;
-
- *digestsp = digests;
- }
-
- PORT_Assert (digest != NULL);
-
- digest->data = digdata;
- digest->len = p7ecx->digestobj->length;
-
- (* p7ecx->digestobj->end) (p7ecx->digestcx, digest->data,
- &(digest->len), digest->len);
- (* p7ecx->digestobj->destroy) (p7ecx->digestcx, PR_TRUE);
- }
-
- return rv;
-}
-
-
-SECStatus
-SEC_PKCS7EncoderUpdate (SEC_PKCS7EncoderContext *p7ecx,
- const char *data, unsigned long len)
-{
- /* XXX Error handling needs help. Return what? Do "Finish" on failure? */
- return sec_pkcs7_encoder_work_data (p7ecx, NULL,
- (const unsigned char *)data, len,
- PR_FALSE);
-}
-
-
-/*
- * XXX I would *really* like to not have to do this, but the current
- * signing interface gives me little choice.
- */
-static SECOidTag
-sec_pkcs7_pick_sign_alg (SECOidTag hashalg, SECOidTag encalg)
-{
- switch (encalg) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- switch (hashalg) {
- case SEC_OID_MD2:
- return SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
- case SEC_OID_MD5:
- return SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA1:
- return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
- default:
- return SEC_OID_UNKNOWN;
- }
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS:
- switch (hashalg) {
- case SEC_OID_SHA1:
- return SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- default:
- return SEC_OID_UNKNOWN;
- }
- default:
- break;
- }
-
- return encalg; /* maybe it is already the right algid */
-}
-
-
-static SECStatus
-sec_pkcs7_encoder_sig_and_certs (SEC_PKCS7ContentInfo *cinfo,
- SECKEYGetPasswordKey pwfn, void *pwfnarg)
-{
- SECOidTag kind;
- CERTCertificate **certs;
- CERTCertificateList **certlists;
- SECAlgorithmID **digestalgs;
- SECItem **digests;
- SEC_PKCS7SignerInfo *signerinfo, **signerinfos;
- SECItem **rawcerts, ***rawcertsp;
- PRArenaPool *poolp;
- int certcount;
- int ci, cli, rci, si;
-
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- certs = NULL;
- certlists = NULL;
- digestalgs = NULL;
- digests = NULL;
- signerinfos = NULL;
- rawcertsp = NULL;
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- {
- SEC_PKCS7SignedData *sdp;
-
- sdp = cinfo->content.signedData;
- certs = sdp->certs;
- certlists = sdp->certLists;
- digestalgs = sdp->digestAlgorithms;
- digests = sdp->digests;
- signerinfos = sdp->signerInfos;
- rawcertsp = &(sdp->rawCerts);
- }
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- {
- SEC_PKCS7SignedAndEnvelopedData *saedp;
-
- saedp = cinfo->content.signedAndEnvelopedData;
- certs = saedp->certs;
- certlists = saedp->certLists;
- digestalgs = saedp->digestAlgorithms;
- digests = saedp->digests;
- signerinfos = saedp->signerInfos;
- rawcertsp = &(saedp->rawCerts);
- }
- break;
- }
-
- if (certs == NULL && certlists == NULL && signerinfos == NULL)
- return SECSuccess; /* nothing for us to do! */
-
- poolp = cinfo->poolp;
- certcount = 0;
-
- if (signerinfos != NULL) {
- SECOidTag digestalgtag;
- int di;
- SECStatus rv;
- CERTCertificate *cert;
- SECKEYPrivateKey *privkey;
- SECItem signature;
- SECOidTag signalgtag;
-
- PORT_Assert (digestalgs != NULL && digests != NULL);
-
- /*
- * If one fails, we bail right then. If we want to continue and
- * try to do subsequent signatures, this loop, and the departures
- * from it, will need to be reworked.
- */
- for (si = 0; signerinfos[si] != NULL; si++) {
-
- signerinfo = signerinfos[si];
-
- /* find right digest */
- digestalgtag = SECOID_GetAlgorithmTag (&(signerinfo->digestAlg));
- for (di = 0; digestalgs[di] != NULL; di++) {
- /* XXX Should I be comparing more than the tag? */
- if (digestalgtag == SECOID_GetAlgorithmTag (digestalgs[di]))
- break;
- }
- if (digestalgs[di] == NULL) {
- /* XXX oops; do what? set an error? */
- return SECFailure;
- }
- PORT_Assert (digests[di] != NULL);
-
- cert = signerinfo->cert;
- privkey = PK11_FindKeyByAnyCert (cert, pwfnarg);
- if (privkey == NULL)
- return SECFailure;
-
- /*
- * XXX I think there should be a cert-level interface for this,
- * so that I do not have to know about subjectPublicKeyInfo...
- */
- signalgtag = SECOID_GetAlgorithmTag (&(cert->subjectPublicKeyInfo.algorithm));
-
- /* Fortezza MISSI have weird signature formats. Map them
- * to standard DSA formats */
- signalgtag = PK11_FortezzaMapSig(signalgtag);
-
- if (signerinfo->authAttr != NULL) {
- SEC_PKCS7Attribute *attr;
- SECItem encoded_attrs;
- SECItem *dummy;
-
- /*
- * First, find and fill in the message digest attribute.
- */
- attr = sec_PKCS7FindAttribute (signerinfo->authAttr,
- SEC_OID_PKCS9_MESSAGE_DIGEST,
- PR_TRUE);
- PORT_Assert (attr != NULL);
- if (attr == NULL) {
- SECKEY_DestroyPrivateKey (privkey);
- return SECFailure;
- }
-
- /*
- * XXX The second half of the following assertion prevents
- * the encoder from being called twice on the same content.
- * Either just remove the second half the assertion, or
- * change the code to check if the value already there is
- * the same as digests[di], whichever seems more right.
- */
- PORT_Assert (attr->values != NULL && attr->values[0] == NULL);
- attr->values[0] = digests[di];
-
- /*
- * Before encoding, reorder the attributes so that when they
- * are encoded, they will be conforming DER, which is required
- * to have a specific order and that is what must be used for
- * the hash/signature. We do this here, rather than building
- * it into EncodeAttributes, because we do not want to do
- * such reordering on incoming messages (which also uses
- * EncodeAttributes) or our old signatures (and other "broken"
- * implementations) will not verify. So, we want to guarantee
- * that we send out good DER encodings of attributes, but not
- * to expect to receive them.
- */
- rv = sec_PKCS7ReorderAttributes (signerinfo->authAttr);
- if (rv != SECSuccess) {
- SECKEY_DestroyPrivateKey (privkey);
- return SECFailure;
- }
-
- encoded_attrs.data = NULL;
- encoded_attrs.len = 0;
- dummy = sec_PKCS7EncodeAttributes (NULL, &encoded_attrs,
- &(signerinfo->authAttr));
- if (dummy == NULL) {
- SECKEY_DestroyPrivateKey (privkey);
- return SECFailure;
- }
-
- rv = SEC_SignData (&signature,
- encoded_attrs.data, encoded_attrs.len,
- privkey,
- sec_pkcs7_pick_sign_alg (digestalgtag,
- signalgtag));
- SECITEM_FreeItem (&encoded_attrs, PR_FALSE);
- } else {
- rv = SGN_Digest (privkey, digestalgtag, &signature,
- digests[di]);
- }
-
- SECKEY_DestroyPrivateKey (privkey);
-
- if (rv != SECSuccess)
- return rv;
-
- rv = SECITEM_CopyItem (poolp, &(signerinfo->encDigest), &signature);
- if (rv != SECSuccess)
- return rv;
-
- SECITEM_FreeItem (&signature, PR_FALSE);
-
- rv = SECOID_SetAlgorithmID (poolp, &(signerinfo->digestEncAlg),
- signalgtag, NULL);
- if (rv != SECSuccess)
- return SECFailure;
-
- /*
- * Count the cert chain for this signer.
- */
- if (signerinfo->certList != NULL)
- certcount += signerinfo->certList->len;
- }
- }
-
- if (certs != NULL) {
- for (ci = 0; certs[ci] != NULL; ci++)
- certcount++;
- }
-
- if (certlists != NULL) {
- for (cli = 0; certlists[cli] != NULL; cli++)
- certcount += certlists[cli]->len;
- }
-
- if (certcount == 0)
- return SECSuccess; /* signing done; no certs */
-
- /*
- * Combine all of the certs and cert chains into rawcerts.
- * Note: certcount is an upper bound; we may not need that many slots
- * but we will allocate anyway to avoid having to do another pass.
- * (The temporary space saving is not worth it.)
- */
- rawcerts = (SECItem**)PORT_ArenaAlloc (poolp,
- (certcount + 1) * sizeof(SECItem *));
- if (rawcerts == NULL)
- return SECFailure;
-
- /*
- * XXX Want to check for duplicates and not add *any* cert that is
- * already in the set. This will be more important when we start
- * dealing with larger sets of certs, dual-key certs (signing and
- * encryption), etc. For the time being we can slide by...
- */
- rci = 0;
- if (signerinfos != NULL) {
- for (si = 0; signerinfos[si] != NULL; si++) {
- signerinfo = signerinfos[si];
- for (ci = 0; ci < signerinfo->certList->len; ci++)
- rawcerts[rci++] = &(signerinfo->certList->certs[ci]);
- }
-
- }
-
- if (certs != NULL) {
- for (ci = 0; certs[ci] != NULL; ci++)
- rawcerts[rci++] = &(certs[ci]->derCert);
- }
-
- if (certlists != NULL) {
- for (cli = 0; certlists[cli] != NULL; cli++) {
- for (ci = 0; ci < certlists[cli]->len; ci++)
- rawcerts[rci++] = &(certlists[cli]->certs[ci]);
- }
- }
-
- rawcerts[rci] = NULL;
- *rawcertsp = rawcerts;
-
- return SECSuccess;
-}
-
-
-SECStatus
-SEC_PKCS7EncoderFinish (SEC_PKCS7EncoderContext *p7ecx,
- SECKEYGetPasswordKey pwfn, void *pwfnarg)
-{
- SECStatus rv;
-
- /*
- * Flush out any remaining data.
- */
- rv = sec_pkcs7_encoder_work_data (p7ecx, NULL, NULL, 0, PR_TRUE);
-
- /*
- * Turn off streaming stuff.
- */
- SEC_ASN1EncoderClearTakeFromBuf (p7ecx->ecx);
- SEC_ASN1EncoderClearStreaming (p7ecx->ecx);
-
- if (rv != SECSuccess)
- goto loser;
-
- rv = sec_pkcs7_encoder_sig_and_certs (p7ecx->cinfo, pwfn, pwfnarg);
- if (rv != SECSuccess)
- goto loser;
-
- rv = SEC_ASN1EncoderUpdate (p7ecx->ecx, NULL, 0);
-
-loser:
- SEC_ASN1EncoderFinish (p7ecx->ecx);
- PORT_Free (p7ecx);
- return rv;
-}
-
-
-/*
- * After this routine is called, the entire PKCS7 contentInfo is ready
- * to be encoded. This is used internally, but can also be called from
- * elsewhere for those who want to be able to just have pointers to
- * the ASN1 template for pkcs7 contentInfo built into their own encodings.
- */
-SECStatus
-SEC_PKCS7PrepareForEncode (SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg)
-{
- SEC_PKCS7EncoderContext *p7ecx;
- SECItem *content, *enc_content;
- SECStatus rv;
-
- p7ecx = sec_pkcs7_encoder_start_contexts (cinfo, bulkkey);
- if (p7ecx == NULL)
- return SECFailure;
-
- content = SEC_PKCS7GetContent (cinfo);
-
- if (p7ecx->encryptobj != NULL) {
- SECOidTag kind;
- SEC_PKCS7EncryptedContentInfo *enccinfo;
-
- kind = SEC_PKCS7ContentType (p7ecx->cinfo);
- switch (kind) {
- default:
- PORT_Assert (0);
- rv = SECFailure;
- goto loser;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- enccinfo = &(p7ecx->cinfo->content.encryptedData->encContentInfo);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- enccinfo = &(p7ecx->cinfo->content.envelopedData->encContentInfo);
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- enccinfo = &(p7ecx->cinfo->content.signedAndEnvelopedData->encContentInfo);
- break;
- }
- enc_content = &(enccinfo->encContent);
- } else {
- enc_content = NULL;
- }
-
- if (content != NULL && content->data != NULL && content->len) {
- rv = sec_pkcs7_encoder_work_data (p7ecx, enc_content,
- content->data, content->len, PR_TRUE);
- if (rv != SECSuccess)
- goto loser;
- }
-
- rv = sec_pkcs7_encoder_sig_and_certs (cinfo, pwfn, pwfnarg);
-
-loser:
- PORT_Free (p7ecx);
- return rv;
-}
-
-
-/*
- * Encode a PKCS7 object, in one shot. All necessary components
- * of the object must already be specified. Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only).
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "outputfn" is where the encoded bytes will be passed.
- *
- * "outputarg" is an opaque argument to the above callback.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-SECStatus
-SEC_PKCS7Encode (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg)
-{
- SECStatus rv;
-
- rv = SEC_PKCS7PrepareForEncode (cinfo, bulkkey, pwfn, pwfnarg);
- if (rv == SECSuccess) {
- struct sec_pkcs7_encoder_output outputcx;
-
- outputcx.outputfn = outputfn;
- outputcx.outputarg = outputarg;
-
- rv = SEC_ASN1Encode (cinfo, sec_PKCS7ContentInfoTemplate,
- sec_pkcs7_encoder_out, &outputcx);
- }
-
- return rv;
-}
-
-
-/*
- * Encode a PKCS7 object, in one shot. All necessary components
- * of the object must already be specified. Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only). The output, rather than
- * being passed to an output function as is done above, is all put
- * into a SECItem.
- *
- * "pool" specifies a pool from which to allocate the result.
- * It can be NULL, in which case memory is allocated generically.
- *
- * "dest" specifies a SECItem in which to put the result data.
- * It can be NULL, in which case the entire item is allocated, too.
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-SECItem *
-SEC_PKCS7EncodeItem (PRArenaPool *pool,
- SECItem *dest,
- SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg)
-{
- SECStatus rv;
-
- rv = SEC_PKCS7PrepareForEncode (cinfo, bulkkey, pwfn, pwfnarg);
- if (rv != SECSuccess)
- return NULL;
-
- return SEC_ASN1EncodeItem (pool, dest, cinfo, sec_PKCS7ContentInfoTemplate);
-}
-
diff --git a/security/nss/lib/pkcs7/p7local.c b/security/nss/lib/pkcs7/p7local.c
deleted file mode 100644
index 114bf73eb..000000000
--- a/security/nss/lib/pkcs7/p7local.c
+++ /dev/null
@@ -1,1442 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for PKCS7 implementation, none of which are exported.
- * This file should only contain things that are needed by both the
- * encoding/creation side *and* the decoding/decryption side. Anything
- * else should be static routines in the appropriate file.
- *
- * $Id$
- */
-
-#include "p7local.h"
-
-#include "cryptohi.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "pk11func.h"
-/*#include "secpkcs5.h" */
-#include "secerr.h"
-
-/*
- * -------------------------------------------------------------------
- * Cipher stuff.
- */
-
-typedef SECStatus (*sec_pkcs7_cipher_function) (void *,
- unsigned char *,
- unsigned *,
- unsigned int,
- const unsigned char *,
- unsigned int);
-typedef SECStatus (*sec_pkcs7_cipher_destroy) (void *, PRBool);
-
-#define BLOCK_SIZE 4096
-
-struct sec_pkcs7_cipher_object {
- void *cx;
- sec_pkcs7_cipher_function doit;
- sec_pkcs7_cipher_destroy destroy;
- PRBool encrypt;
- int block_size;
- int pad_size;
- int pending_count;
- unsigned char pending_buf[BLOCK_SIZE];
-};
-
-SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
-SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
-
-/*
- * Create a cipher object to do decryption, based on the given bulk
- * encryption key and algorithm identifier (which may include an iv).
- *
- * XXX This interface, or one similar, would be really nice available
- * in general... I tried to keep the pkcs7-specific stuff (mostly
- * having to do with padding) out of here.
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function below (for starting up encryption) into one routine, and just
- * have two simple cover functions which call it.
- */
-sec_PKCS7CipherObject *
-sec_PKCS7CreateDecryptObject (PK11SymKey *key, SECAlgorithmID *algid)
-{
- sec_PKCS7CipherObject *result;
- SECOidTag algtag;
- void *ciphercx;
- CK_MECHANISM_TYPE mechanism;
- SECItem *param;
- PK11SlotInfo *slot;
-
- result = (struct sec_pkcs7_cipher_object*)
- PORT_ZAlloc (sizeof(struct sec_pkcs7_cipher_object));
- if (result == NULL)
- return NULL;
-
- ciphercx = NULL;
- algtag = SECOID_GetAlgorithmTag (algid);
-
- if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- CK_MECHANISM pbeMech, cryptoMech;
- SECItem *pbeParams, *pwitem;
- SEC_PKCS5KeyAndPassword *keyPwd;
-
- keyPwd = (SEC_PKCS5KeyAndPassword *)key;
- key = keyPwd->key;
- pwitem = keyPwd->pwitem;
-
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- pbeParams = PK11_ParamFromAlgid(algid);
- if (!pbeParams) {
- PORT_Free(result);
- return NULL;
- }
-
- pbeMech.pParameter = pbeParams->data;
- pbeMech.ulParameterLen = pbeParams->len;
- if (PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, pwitem,
- PR_FALSE) != CKR_OK) {
- PORT_Free(result);
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
- return NULL;
- }
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
- param = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(!param) {
- PORT_Free(result);
- return NULL;
- }
- param->data = (unsigned char *)cryptoMech.pParameter;
- param->len = cryptoMech.ulParameterLen;
- mechanism = cryptoMech.mechanism;
- } else {
- mechanism = PK11_AlgtagToMechanism(algtag);
- param = PK11_ParamFromAlgid(algid);
- if (param == NULL) {
- PORT_Free(result);
- return NULL;
- }
- }
-
- result->pad_size = PK11_GetBlockSize(mechanism,param);
- slot = PK11_GetSlotFromKey(key);
- result->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : result->pad_size;
- PK11_FreeSlot(slot);
- ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_DECRYPT, key, param);
- SECITEM_FreeItem(param,PR_TRUE);
- if (ciphercx == NULL) {
- PORT_Free (result);
- return NULL;
- }
-
- result->cx = ciphercx;
- result->doit = (sec_pkcs7_cipher_function) PK11_CipherOp;
- result->destroy = (sec_pkcs7_cipher_destroy) PK11_DestroyContext;
- result->encrypt = PR_FALSE;
- result->pending_count = 0;
-
- return result;
-}
-
-/*
- * Create a cipher object to do encryption, based on the given bulk
- * encryption key and algorithm tag. Fill in the algorithm identifier
- * (which may include an iv) appropriately.
- *
- * XXX This interface, or one similar, would be really nice available
- * in general... I tried to keep the pkcs7-specific stuff (mostly
- * having to do with padding) out of here.
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function above (for starting up decryption) into one routine, and just
- * have two simple cover functions which call it.
- */
-sec_PKCS7CipherObject *
-sec_PKCS7CreateEncryptObject (PRArenaPool *poolp, PK11SymKey *key,
- SECOidTag algtag, SECAlgorithmID *algid)
-{
- sec_PKCS7CipherObject *result;
- void *ciphercx;
- SECItem *param;
- SECStatus rv;
- CK_MECHANISM_TYPE mechanism;
- PRBool needToEncodeAlgid = PR_FALSE;
- PK11SlotInfo *slot;
-
- result = (struct sec_pkcs7_cipher_object*)
- PORT_ZAlloc (sizeof(struct sec_pkcs7_cipher_object));
- if (result == NULL)
- return NULL;
-
- ciphercx = NULL;
- if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- CK_MECHANISM pbeMech, cryptoMech;
- SECItem *pbeParams;
- SEC_PKCS5KeyAndPassword *keyPwd;
-
- PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM));
- PORT_Memset(&cryptoMech, 0, sizeof(CK_MECHANISM));
-
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- pbeParams = PK11_ParamFromAlgid(algid);
- if(!pbeParams) {
- PORT_Free(result);
- return NULL;
- }
- keyPwd = (SEC_PKCS5KeyAndPassword *)key;
- key = keyPwd->key;
-
- pbeMech.pParameter = pbeParams->data;
- pbeMech.ulParameterLen = pbeParams->len;
- if(PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech,
- keyPwd->pwitem, PR_FALSE) != CKR_OK) {
- PORT_Free(result);
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
- return NULL;
- }
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
- param = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(!param) {
- PORT_Free(result);
- return NULL;
- }
- param->data = (unsigned char *)cryptoMech.pParameter;
- param->len = cryptoMech.ulParameterLen;
- mechanism = cryptoMech.mechanism;
- } else {
- mechanism = PK11_AlgtagToMechanism(algtag);
- param = PK11_GenerateNewParam(mechanism,key);
- if (param == NULL) {
- PORT_Free(result);
- return NULL;
- }
- needToEncodeAlgid = PR_TRUE;
- }
-
- result->pad_size = PK11_GetBlockSize(mechanism,param);
- slot = PK11_GetSlotFromKey(key);
- result->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : result->pad_size;
- PK11_FreeSlot(slot);
- ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_ENCRYPT,
- key, param);
- if (ciphercx == NULL) {
- PORT_Free (result);
- SECITEM_FreeItem(param,PR_TRUE);
- return NULL;
- }
-
- /*
- * These are placed after the CreateContextBySymKey() because some
- * mechanisms have to generate their IVs from their card (i.e. FORTEZZA).
- * Don't move it from here.
- */
- if (needToEncodeAlgid) {
- rv = PK11_ParamToAlgid(algtag,param,poolp,algid);
- if(rv != SECSuccess) {
- return NULL;
- }
- }
- SECITEM_FreeItem(param,PR_TRUE);
-
- result->cx = ciphercx;
- result->doit = (sec_pkcs7_cipher_function) PK11_CipherOp;
- result->destroy = (sec_pkcs7_cipher_destroy) PK11_DestroyContext;
- result->encrypt = PR_TRUE;
- result->pending_count = 0;
-
- return result;
-}
-
-
-/*
- * Destroy the cipher object.
- */
-static void
-sec_pkcs7_destroy_cipher (sec_PKCS7CipherObject *obj)
-{
- (* obj->destroy) (obj->cx, PR_TRUE);
- PORT_Free (obj);
-}
-
-void
-sec_PKCS7DestroyDecryptObject (sec_PKCS7CipherObject *obj)
-{
- PORT_Assert (obj != NULL);
- if (obj == NULL)
- return;
- PORT_Assert (! obj->encrypt);
- sec_pkcs7_destroy_cipher (obj);
-}
-
-void
-sec_PKCS7DestroyEncryptObject (sec_PKCS7CipherObject *obj)
-{
- PORT_Assert (obj != NULL);
- if (obj == NULL)
- return;
- PORT_Assert (obj->encrypt);
- sec_pkcs7_destroy_cipher (obj);
-}
-
-
-/*
- * XXX I think all of the following lengths should be longs instead
- * of ints, but our current crypto interface uses ints, so I did too.
- */
-
-
-/*
- * What will be the output length of the next call to decrypt?
- * Result can be used to perform memory allocations. Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and bsize).
- *
- * Note that this can return zero, which does not mean that the decrypt
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent decrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-sec_PKCS7DecryptLength (sec_PKCS7CipherObject *obj, unsigned int input_len,
- PRBool final)
-{
- int blocks, block_size;
-
- PORT_Assert (! obj->encrypt);
-
- block_size = obj->block_size;
-
- /*
- * If this is not a block cipher, then we always have the same
- * number of output bytes as we had input bytes.
- */
- if (block_size == 0)
- return input_len;
-
- /*
- * On the final call, we will always use up all of the pending
- * bytes plus all of the input bytes, *but*, there will be padding
- * at the end and we cannot predict how many bytes of padding we
- * will end up removing. The amount given here is actually known
- * to be at least 1 byte too long (because we know we will have
- * at least 1 byte of padding), but seemed clearer/better to me.
- */
- if (final)
- return obj->pending_count + input_len;
-
- /*
- * Okay, this amount is exactly what we will output on the
- * next cipher operation. We will always hang onto the last
- * 1 - block_size bytes for non-final operations. That is,
- * we will do as many complete blocks as we can *except* the
- * last block (complete or partial). (This is because until
- * we know we are at the end, we cannot know when to interpret
- * and removing the padding byte(s), which are guaranteed to
- * be there.)
- */
- blocks = (obj->pending_count + input_len - 1) / block_size;
- return blocks * block_size;
-}
-
-/*
- * What will be the output length of the next call to encrypt?
- * Result can be used to perform memory allocations.
- *
- * Note that this can return zero, which does not mean that the encrypt
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent encrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-sec_PKCS7EncryptLength (sec_PKCS7CipherObject *obj, unsigned int input_len,
- PRBool final)
-{
- int blocks, block_size;
- int pad_size;
-
- PORT_Assert (obj->encrypt);
-
- block_size = obj->block_size;
- pad_size = obj->pad_size;
-
- /*
- * If this is not a block cipher, then we always have the same
- * number of output bytes as we had input bytes.
- */
- if (block_size == 0)
- return input_len;
-
- /*
- * On the final call, we only send out what we need for
- * remaining bytes plus the padding. (There is always padding,
- * so even if we have an exact number of blocks as input, we
- * will add another full block that is just padding.)
- */
- if (final) {
- if (pad_size == 0) {
- return obj->pending_count + input_len;
- } else {
- blocks = (obj->pending_count + input_len) / pad_size;
- blocks++;
- return blocks*pad_size;
- }
- }
-
- /*
- * Now, count the number of complete blocks of data we have.
- */
- blocks = (obj->pending_count + input_len) / block_size;
-
-
- return blocks * block_size;
-}
-
-
-/*
- * Decrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateDecryptObject.
- * When "final" is true, this is the last of the data to be decrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the decryption function will only
- * operate on whole blocks. But our caller is operating stream-wise,
- * and can pass in any number of bytes. So we need to keep track
- * of block boundaries. We save excess bytes between calls in "obj".
- * We also need to determine which bytes are padding, and remove
- * them from the output. We can only do this step when we know we
- * have the final block of data. PKCS #7 specifies that the padding
- * used for a block cipher is a string of bytes, each of whose value is
- * the same as the length of the padding, and that all data is padded.
- * (Even data that starts out with an exact multiple of blocks gets
- * added to it another block, all of which is padding.)
- */
-SECStatus
-sec_PKCS7Decrypt (sec_PKCS7CipherObject *obj, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final)
-{
- int blocks, bsize, pcount, padsize;
- unsigned int max_needed, ifraglen, ofraglen, output_len;
- unsigned char *pbuf;
- SECStatus rv;
-
- PORT_Assert (! obj->encrypt);
-
- /*
- * Check that we have enough room for the output. Our caller should
- * already handle this; failure is really an internal error (i.e. bug).
- */
- max_needed = sec_PKCS7DecryptLength (obj, input_len, final);
- PORT_Assert (max_output_len >= max_needed);
- if (max_output_len < max_needed) {
- /* PORT_SetError (XXX); */
- return SECFailure;
- }
-
- /*
- * hardware encryption does not like small decryption sizes here, so we
- * allow both blocking and padding.
- */
- bsize = obj->block_size;
- padsize = obj->pad_size;
-
- /*
- * When no blocking or padding work to do, we can simply call the
- * cipher function and we are done.
- */
- if (bsize == 0) {
- return (* obj->doit) (obj->cx, output, output_len_p, max_output_len,
- input, input_len);
- }
-
- pcount = obj->pending_count;
- pbuf = obj->pending_buf;
-
- output_len = 0;
-
- if (pcount) {
- /*
- * Try to fill in an entire block, starting with the bytes
- * we already have saved away.
- */
- while (input_len && pcount < bsize) {
- pbuf[pcount++] = *input++;
- input_len--;
- }
- /*
- * If we have at most a whole block and this is not our last call,
- * then we are done for now. (We do not try to decrypt a lone
- * single block because we cannot interpret the padding bytes
- * until we know we are handling the very last block of all input.)
- */
- if (input_len == 0 && !final) {
- obj->pending_count = pcount;
- if (output_len_p)
- *output_len_p = 0;
- return SECSuccess;
- }
- /*
- * Given the logic above, we expect to have a full block by now.
- * If we do not, there is something wrong, either with our own
- * logic or with (length of) the data given to us.
- */
- PORT_Assert ((padsize == 0) || (pcount % padsize) == 0);
- if ((padsize != 0) && (pcount % padsize) != 0) {
- PORT_Assert (final);
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- /*
- * Decrypt the block.
- */
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- pbuf, pcount);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7DecryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == pcount);
-
- /*
- * Account for the bytes now in output.
- */
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
- }
-
- /*
- * If this is our last call, we expect to have an exact number of
- * blocks left to be decrypted; we will decrypt them all.
- *
- * If not our last call, we always save between 1 and bsize bytes
- * until next time. (We must do this because we cannot be sure
- * that none of the decrypted bytes are padding bytes until we
- * have at least another whole block of data. You cannot tell by
- * looking -- the data could be anything -- you can only tell by
- * context, knowing you are looking at the last block.) We could
- * decrypt a whole block now but it is easier if we just treat it
- * the same way we treat partial block bytes.
- */
- if (final) {
- if (padsize) {
- blocks = input_len / padsize;
- ifraglen = blocks * padsize;
- } else ifraglen = input_len;
- PORT_Assert (ifraglen == input_len);
-
- if (ifraglen != input_len) {
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- } else {
- blocks = (input_len - 1) / bsize;
- ifraglen = blocks * bsize;
- PORT_Assert (ifraglen < input_len);
-
- pcount = input_len - ifraglen;
- PORT_Memcpy (pbuf, input + ifraglen, pcount);
- obj->pending_count = pcount;
- }
-
- if (ifraglen) {
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- input, ifraglen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7DecryptLength needs to be made smarter!
- */
- PORT_Assert (ifraglen == ofraglen);
- if (ifraglen != ofraglen) {
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
-
- output_len += ofraglen;
- } else {
- ofraglen = 0;
- }
-
- /*
- * If we just did our very last block, "remove" the padding by
- * adjusting the output length.
- */
- if (final && (padsize != 0)) {
- unsigned int padlen = *(output + ofraglen - 1);
- PORT_Assert (padlen > 0 && padlen <= padsize);
- if (padlen == 0 || padlen > padsize) {
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- output_len -= padlen;
- }
-
- PORT_Assert (output_len_p != NULL || output_len == 0);
- if (output_len_p != NULL)
- *output_len_p = output_len;
-
- return SECSuccess;
-}
-
-/*
- * Encrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateEncryptObject.
- * When "final" is true, this is the last of the data to be encrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the encryption function will only
- * operate on whole blocks. But our caller is operating stream-wise,
- * and can pass in any number of bytes. So we need to keep track
- * of block boundaries. We save excess bytes between calls in "obj".
- * We also need to add padding bytes at the end. PKCS #7 specifies
- * that the padding used for a block cipher is a string of bytes,
- * each of whose value is the same as the length of the padding,
- * and that all data is padded. (Even data that starts out with
- * an exact multiple of blocks gets added to it another block,
- * all of which is padding.)
- *
- * XXX I would kind of like to combine this with the function above
- * which does decryption, since they have a lot in common. But the
- * tricky parts about padding and filling blocks would be much
- * harder to read that way, so I left them separate. At least for
- * now until it is clear that they are right.
- */
-SECStatus
-sec_PKCS7Encrypt (sec_PKCS7CipherObject *obj, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final)
-{
- int blocks, bsize, padlen, pcount, padsize;
- unsigned int max_needed, ifraglen, ofraglen, output_len;
- unsigned char *pbuf;
- SECStatus rv;
-
- PORT_Assert (obj->encrypt);
-
- /*
- * Check that we have enough room for the output. Our caller should
- * already handle this; failure is really an internal error (i.e. bug).
- */
- max_needed = sec_PKCS7EncryptLength (obj, input_len, final);
- PORT_Assert (max_output_len >= max_needed);
- if (max_output_len < max_needed) {
- /* PORT_SetError (XXX); */
- return SECFailure;
- }
-
- bsize = obj->block_size;
- padsize = obj->pad_size;
-
- /*
- * When no blocking and padding work to do, we can simply call the
- * cipher function and we are done.
- */
- if (bsize == 0) {
- return (* obj->doit) (obj->cx, output, output_len_p, max_output_len,
- input, input_len);
- }
-
- pcount = obj->pending_count;
- pbuf = obj->pending_buf;
-
- output_len = 0;
-
- if (pcount) {
- /*
- * Try to fill in an entire block, starting with the bytes
- * we already have saved away.
- */
- while (input_len && pcount < bsize) {
- pbuf[pcount++] = *input++;
- input_len--;
- }
- /*
- * If we do not have a full block and we know we will be
- * called again, then we are done for now.
- */
- if (pcount < bsize && !final) {
- obj->pending_count = pcount;
- if (output_len_p != NULL)
- *output_len_p = 0;
- return SECSuccess;
- }
- /*
- * If we have a whole block available, encrypt it.
- */
- if ((padsize == 0) || (pcount % padsize) == 0) {
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- pbuf, pcount);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == pcount);
-
- /*
- * Account for the bytes now in output.
- */
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
-
- pcount = 0;
- }
- }
-
- if (input_len) {
- PORT_Assert (pcount == 0);
-
- blocks = input_len / bsize;
- ifraglen = blocks * bsize;
-
- if (ifraglen) {
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- input, ifraglen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ifraglen == ofraglen);
-
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
- }
-
- pcount = input_len - ifraglen;
- PORT_Assert (pcount < bsize);
- if (pcount)
- PORT_Memcpy (pbuf, input + ifraglen, pcount);
- }
-
- if (final) {
- padlen = padsize - (pcount % padsize);
- PORT_Memset (pbuf + pcount, padlen, padlen);
- rv = (* obj->doit) (obj->cx, output, &ofraglen, max_output_len,
- pbuf, pcount+padlen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == (pcount+padlen));
- output_len += ofraglen;
- } else {
- obj->pending_count = pcount;
- }
-
- PORT_Assert (output_len_p != NULL || output_len == 0);
- if (output_len_p != NULL)
- *output_len_p = output_len;
-
- return SECSuccess;
-}
-
-/*
- * End of cipher stuff.
- * -------------------------------------------------------------------
- */
-
-
-/*
- * -------------------------------------------------------------------
- * XXX The following Attribute stuff really belongs elsewhere.
- * The Attribute type is *not* part of pkcs7 but rather X.501.
- * But for now, since PKCS7 is the only customer of attributes,
- * we define them here. Once there is a use outside of PKCS7,
- * then change the attribute types and functions from internal
- * to external naming convention, and move them elsewhere!
- */
-
-/*
- * Look through a set of attributes and find one that matches the
- * specified object ID. If "only" is true, then make sure that
- * there is not more than one attribute of the same type. Otherwise,
- * just return the first one found. (XXX Does anybody really want
- * that first-found behavior? It was like that when I found it...)
- */
-SEC_PKCS7Attribute *
-sec_PKCS7FindAttribute (SEC_PKCS7Attribute **attrs, SECOidTag oidtag,
- PRBool only)
-{
- SECOidData *oid;
- SEC_PKCS7Attribute *attr1, *attr2;
-
- if (attrs == NULL)
- return NULL;
-
- oid = SECOID_FindOIDByTag(oidtag);
- if (oid == NULL)
- return NULL;
-
- while ((attr1 = *attrs++) != NULL) {
- if (attr1->type.len == oid->oid.len && PORT_Memcmp (attr1->type.data,
- oid->oid.data,
- oid->oid.len) == 0)
- break;
- }
-
- if (attr1 == NULL)
- return NULL;
-
- if (!only)
- return attr1;
-
- while ((attr2 = *attrs++) != NULL) {
- if (attr2->type.len == oid->oid.len && PORT_Memcmp (attr2->type.data,
- oid->oid.data,
- oid->oid.len) == 0)
- break;
- }
-
- if (attr2 != NULL)
- return NULL;
-
- return attr1;
-}
-
-
-/*
- * Return the single attribute value, doing some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-SECItem *
-sec_PKCS7AttributeValue(SEC_PKCS7Attribute *attr)
-{
- SECItem *value;
-
- if (attr == NULL)
- return NULL;
-
- value = attr->values[0];
-
- if (value == NULL || value->data == NULL || value->len == 0)
- return NULL;
-
- if (attr->values[1] != NULL)
- return NULL;
-
- return value;
-}
-
-static const SEC_ASN1Template *
-sec_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS7Attribute *attribute;
- SECOidData *oiddata;
- PRBool encoded;
-
- PORT_Assert (src_or_dest != NULL);
- if (src_or_dest == NULL)
- return NULL;
-
- attribute = (SEC_PKCS7Attribute*)src_or_dest;
-
- if (encoding && attribute->encoded)
- return SEC_ASN1_GET(SEC_AnyTemplate);
-
- oiddata = attribute->typeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&attribute->type);
- attribute->typeTag = oiddata;
- }
-
- if (oiddata == NULL) {
- encoded = PR_TRUE;
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- } else {
- switch (oiddata->offset) {
- default:
- encoded = PR_TRUE;
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- case SEC_OID_RFC1274_MAIL:
- case SEC_OID_PKCS9_UNSTRUCTURED_NAME:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
- break;
- case SEC_OID_PKCS9_CONTENT_TYPE:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate);
- break;
- case SEC_OID_PKCS9_MESSAGE_DIGEST:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- case SEC_OID_PKCS9_SIGNING_TIME:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_UTCTimeTemplate);
- break;
- /* XXX Want other types here, too */
- }
- }
-
- if (encoding) {
- /*
- * If we are encoding and we think we have an already-encoded value,
- * then the code which initialized this attribute should have set
- * the "encoded" property to true (and we would have returned early,
- * up above). No devastating error, but that code should be fixed.
- * (It could indicate that the resulting encoded bytes are wrong.)
- */
- PORT_Assert (!encoded);
- } else {
- /*
- * We are decoding; record whether the resulting value is
- * still encoded or not.
- */
- attribute->encoded = encoded;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1TemplateChooserPtr sec_attr_chooser
- = sec_attr_choose_attr_value_template;
-
-static const SEC_ASN1Template sec_pkcs7_attribute_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7Attribute) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS7Attribute,type) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7Attribute,values),
- &sec_attr_chooser },
- { 0 }
-};
-
-static const SEC_ASN1Template sec_pkcs7_set_of_attribute_template[] = {
- { SEC_ASN1_SET_OF, 0, sec_pkcs7_attribute_template },
-};
-
-/*
- * If you are wondering why this routine does not reorder the attributes
- * first, and might be tempted to make it do so, see the comment by the
- * call to ReorderAttributes in p7encode.c. (Or, see who else calls this
- * and think long and hard about the implications of making it always
- * do the reordering.)
- */
-SECItem *
-sec_PKCS7EncodeAttributes (PRArenaPool *poolp, SECItem *dest, void *src)
-{
- return SEC_ASN1EncodeItem (poolp, dest, src,
- sec_pkcs7_set_of_attribute_template);
-}
-
-/*
- * Make sure that the order of the attributes guarantees valid DER
- * (which must be in lexigraphically ascending order for a SET OF);
- * if reordering is necessary it will be done in place (in attrs).
- */
-SECStatus
-sec_PKCS7ReorderAttributes (SEC_PKCS7Attribute **attrs)
-{
- PRArenaPool *poolp;
- int num_attrs, i, j, pass, besti;
- SECItem **enc_attrs;
- SEC_PKCS7Attribute **new_attrs;
-
- /*
- * I think we should not be called with NULL. But if we are,
- * call it a success anyway, because the order *is* okay.
- */
- PORT_Assert (attrs != NULL);
- if (attrs == NULL)
- return SECSuccess;
-
- /*
- * Count how many attributes we are dealing with here.
- */
- num_attrs = 0;
- while (attrs[num_attrs] != NULL)
- num_attrs++;
-
- /*
- * Again, I think we should have some attributes here.
- * But if we do not, or if there is only one, then call it
- * a success because it also already has a fine order.
- */
- PORT_Assert (num_attrs);
- if (num_attrs == 0 || num_attrs == 1)
- return SECSuccess;
-
- /*
- * Allocate an arena for us to work with, so it is easy to
- * clean up all of the memory (fairly small pieces, really).
- */
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- return SECFailure; /* no memory; nothing we can do... */
-
- /*
- * Allocate arrays to hold the individual encodings which we will use
- * for comparisons and the reordered attributes as they are sorted.
- */
- enc_attrs=(SECItem**)PORT_ArenaZAlloc(poolp, num_attrs*sizeof(SECItem *));
- new_attrs = (SEC_PKCS7Attribute**)PORT_ArenaZAlloc (poolp,
- num_attrs * sizeof(SEC_PKCS7Attribute *));
- if (enc_attrs == NULL || new_attrs == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return SECFailure;
- }
-
- /*
- * DER encode each individual attribute.
- */
- for (i = 0; i < num_attrs; i++) {
- enc_attrs[i] = SEC_ASN1EncodeItem (poolp, NULL, attrs[i],
- sec_pkcs7_attribute_template);
- if (enc_attrs[i] == NULL) {
- PORT_FreeArena (poolp, PR_FALSE);
- return SECFailure;
- }
- }
-
- /*
- * Now compare and sort them; this is not the most efficient sorting
- * method, but it is just fine for the problem at hand, because the
- * number of attributes is (always) going to be small.
- */
- for (pass = 0; pass < num_attrs; pass++) {
- /*
- * Find the first not-yet-accepted attribute. (Once one is
- * sorted into the other array, it is cleared from enc_attrs.)
- */
- for (i = 0; i < num_attrs; i++) {
- if (enc_attrs[i] != NULL)
- break;
- }
- PORT_Assert (i < num_attrs);
- besti = i;
-
- /*
- * Find the lowest (lexigraphically) encoding. One that is
- * shorter than all the rest is known to be "less" because each
- * attribute is of the same type (a SEQUENCE) and so thus the
- * first octet of each is the same, and the second octet is
- * the length (or the length of the length with the high bit
- * set, followed by the length, which also works out to always
- * order the shorter first). Two (or more) that have the
- * same length need to be compared byte by byte until a mismatch
- * is found.
- */
- for (i = besti + 1; i < num_attrs; i++) {
- if (enc_attrs[i] == NULL) /* slot already handled */
- continue;
-
- if (enc_attrs[i]->len != enc_attrs[besti]->len) {
- if (enc_attrs[i]->len < enc_attrs[besti]->len)
- besti = i;
- continue;
- }
-
- for (j = 0; j < enc_attrs[i]->len; j++) {
- if (enc_attrs[i]->data[j] < enc_attrs[besti]->data[j]) {
- besti = i;
- break;
- }
- }
-
- /*
- * For this not to be true, we would have to have encountered
- * two *identical* attributes, which I think we should not see.
- * So assert if it happens, but even if it does, let it go
- * through; the ordering of the two does not matter.
- */
- PORT_Assert (j < enc_attrs[i]->len);
- }
-
- /*
- * Now we have found the next-lowest one; copy it over and
- * remove it from enc_attrs.
- */
- new_attrs[pass] = attrs[besti];
- enc_attrs[besti] = NULL;
- }
-
- /*
- * Now new_attrs has the attributes in the order we want;
- * copy them back into the attrs array we started with.
- */
- for (i = 0; i < num_attrs; i++)
- attrs[i] = new_attrs[i];
-
- PORT_FreeArena (poolp, PR_FALSE);
- return SECSuccess;
-}
-
-/*
- * End of attribute stuff.
- * -------------------------------------------------------------------
- */
-
-
-/*
- * Templates and stuff. Keep these at the end of the file.
- */
-
-/* forward declaration */
-static const SEC_ASN1Template *
-sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding);
-
-static const SEC_ASN1TemplateChooserPtr sec_pkcs7_chooser
- = sec_pkcs7_choose_content_template;
-
-const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7ContentInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS7ContentInfo,contentType) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS7ContentInfo,content),
- &sec_pkcs7_chooser },
- { 0 }
-};
-
-/* XXX These names should change from external to internal convention. */
-
-static const SEC_ASN1Template SEC_PKCS7SignerInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7SignerInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7SignerInfo,version) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignerInfo,issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignerInfo,digestAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(SEC_PKCS7SignerInfo,authAttr),
- sec_pkcs7_set_of_attribute_template },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignerInfo,digestEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7SignerInfo,encDigest) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(SEC_PKCS7SignerInfo,unAuthAttr),
- sec_pkcs7_set_of_attribute_template },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PKCS7SignedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7SignedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7SignedData,version) },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignedData,digestAlgorithms),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7SignedData,contentInfo),
- sec_PKCS7ContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(SEC_PKCS7SignedData,rawCerts),
- SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(SEC_PKCS7SignedData,crls),
- SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7SignedData,signerInfos),
- SEC_PKCS7SignerInfoTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7SignedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7SignedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7RecipientInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7RecipientInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7RecipientInfo,version) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7RecipientInfo,issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7RecipientInfo,keyEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7RecipientInfo,encKey) },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PKCS7EncryptedContentInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7EncryptedContentInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SEC_PKCS7EncryptedContentInfo,contentType) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7EncryptedContentInfo,contentEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_MAY_STREAM | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(SEC_PKCS7EncryptedContentInfo,encContent),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PKCS7EnvelopedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7EnvelopedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7EnvelopedData,version) },
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7EnvelopedData,recipientInfos),
- SEC_PKCS7RecipientInfoTemplate },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7EnvelopedData,encContentInfo),
- SEC_PKCS7EncryptedContentInfoTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7EnvelopedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7EnvelopedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7SignedAndEnvelopedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7SignedAndEnvelopedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,version) },
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,recipientInfos),
- SEC_PKCS7RecipientInfoTemplate },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,digestAlgorithms),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,encContentInfo),
- SEC_PKCS7EncryptedContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,rawCerts),
- SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,crls),
- SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
- { SEC_ASN1_SET_OF,
- offsetof(SEC_PKCS7SignedAndEnvelopedData,signerInfos),
- SEC_PKCS7SignerInfoTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template
-SEC_PointerToPKCS7SignedAndEnvelopedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7SignedAndEnvelopedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7DigestedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7DigestedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7DigestedData,version) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(SEC_PKCS7DigestedData,digestAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7DigestedData,contentInfo),
- sec_PKCS7ContentInfoTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7DigestedData,digest) },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7DigestedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7DigestedDataTemplate }
-};
-
-static const SEC_ASN1Template SEC_PKCS7EncryptedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(SEC_PKCS7EncryptedData) },
- { SEC_ASN1_INTEGER,
- offsetof(SEC_PKCS7EncryptedData,version) },
- { SEC_ASN1_INLINE,
- offsetof(SEC_PKCS7EncryptedData,encContentInfo),
- SEC_PKCS7EncryptedContentInfoTemplate },
- { 0 }
-};
-
-static const SEC_ASN1Template SEC_PointerToPKCS7EncryptedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PKCS7EncryptedDataTemplate }
-};
-
-const SEC_ASN1Template SEC_SMIMEKEAParamTemplateSkipjack[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_SMIMEKEAParamTemplateNoSkipjack[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(SEC_PKCS7SMIMEKEAParameters,nonSkipjackIV) },
- { 0 }
-};
-
-const SEC_ASN1Template SEC_SMIMEKEAParamTemplateAllParams[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(SEC_PKCS7SMIMEKEAParameters,nonSkipjackIV) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(SEC_PKCS7SMIMEKEAParameters,bulkKeySize) },
- { 0 }
-};
-
-const SEC_ASN1Template*
-sec_pkcs7_get_kea_template(SECKEATemplateSelector whichTemplate)
-{
- const SEC_ASN1Template *returnVal = NULL;
-
- switch(whichTemplate)
- {
- case SECKEAUsesNonSkipjack:
- returnVal = SEC_SMIMEKEAParamTemplateNoSkipjack;
- break;
- case SECKEAUsesSkipjack:
- returnVal = SEC_SMIMEKEAParamTemplateSkipjack;
- break;
- case SECKEAUsesNonSkipjackWithPaddedEncKey:
- default:
- returnVal = SEC_SMIMEKEAParamTemplateAllParams;
- break;
- }
- return returnVal;
-}
-
-static const SEC_ASN1Template *
-sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- SEC_PKCS7ContentInfo *cinfo;
- SECOidTag kind;
-
- PORT_Assert (src_or_dest != NULL);
- if (src_or_dest == NULL)
- return NULL;
-
- cinfo = (SEC_PKCS7ContentInfo*)src_or_dest;
- kind = SEC_PKCS7ContentType (cinfo);
- switch (kind) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS7_DATA:
- theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- theTemplate = SEC_PointerToPKCS7SignedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- theTemplate = SEC_PointerToPKCS7EnvelopedDataTemplate;
- break;
- case SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA:
- theTemplate = SEC_PointerToPKCS7SignedAndEnvelopedDataTemplate;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- theTemplate = SEC_PointerToPKCS7DigestedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- theTemplate = SEC_PointerToPKCS7EncryptedDataTemplate;
- break;
- }
- return theTemplate;
-}
-
-/*
- * End of templates. Do not add stuff after this; put new code
- * up above the start of the template definitions.
- */
diff --git a/security/nss/lib/pkcs7/p7local.h b/security/nss/lib/pkcs7/p7local.h
deleted file mode 100644
index 80640c930..000000000
--- a/security/nss/lib/pkcs7/p7local.h
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for PKCS7 implementation, none of which are exported.
- * This file should only contain things that are needed by both the
- * encoding/creation side *and* the decoding/decryption side. Anything
- * else should just be static routines in the appropriate file.
- *
- * Do not export this file! If something in here is really needed outside
- * of pkcs7 code, first try to add a PKCS7 interface which will do it for
- * you. If that has a problem, then just move out what you need, changing
- * its name as appropriate!
- *
- * $Id$
- */
-
-#ifndef _P7LOCAL_H_
-#define _P7LOCAL_H_
-
-#include "secpkcs7.h"
-#include "secasn1t.h"
-
-extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[];
-
-/* opaque objects */
-typedef struct sec_pkcs7_cipher_object sec_PKCS7CipherObject;
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * Look through a set of attributes and find one that matches the
- * specified object ID. If "only" is true, then make sure that
- * there is not more than one attribute of the same type. Otherwise,
- * just return the first one found. (XXX Does anybody really want
- * that first-found behavior? It was like that when I found it...)
- */
-extern SEC_PKCS7Attribute *sec_PKCS7FindAttribute (SEC_PKCS7Attribute **attrs,
- SECOidTag oidtag,
- PRBool only);
-/*
- * Return the single attribute value, doing some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-extern SECItem *sec_PKCS7AttributeValue (SEC_PKCS7Attribute *attr);
-
-/*
- * Encode a set of attributes (found in "src").
- */
-extern SECItem *sec_PKCS7EncodeAttributes (PRArenaPool *poolp,
- SECItem *dest, void *src);
-
-/*
- * Make sure that the order of the attributes guarantees valid DER
- * (which must be in lexigraphically ascending order for a SET OF);
- * if reordering is necessary it will be done in place (in attrs).
- */
-extern SECStatus sec_PKCS7ReorderAttributes (SEC_PKCS7Attribute **attrs);
-
-
-/*
- * Create a context for decrypting, based on the given key and algorithm.
- */
-extern sec_PKCS7CipherObject *
-sec_PKCS7CreateDecryptObject (PK11SymKey *key, SECAlgorithmID *algid);
-
-/*
- * Create a context for encrypting, based on the given key and algorithm,
- * and fill in the algorithm id.
- */
-extern sec_PKCS7CipherObject *
-sec_PKCS7CreateEncryptObject (PRArenaPool *poolp, PK11SymKey *key,
- SECOidTag algtag, SECAlgorithmID *algid);
-
-/*
- * Destroy the given decryption or encryption object.
- */
-extern void sec_PKCS7DestroyDecryptObject (sec_PKCS7CipherObject *obj);
-extern void sec_PKCS7DestroyEncryptObject (sec_PKCS7CipherObject *obj);
-
-/*
- * What will be the output length of the next call to encrypt/decrypt?
- * Result can be used to perform memory allocations. Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and the cipher block size).
- *
- * Note that this can return zero, which does not mean that the cipher
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent cipher operation, as no output bytes
- * will be stored.
- */
-extern unsigned int sec_PKCS7DecryptLength (sec_PKCS7CipherObject *obj,
- unsigned int input_len,
- PRBool final);
-extern unsigned int sec_PKCS7EncryptLength (sec_PKCS7CipherObject *obj,
- unsigned int input_len,
- PRBool final);
-
-/*
- * Decrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateDecryptObject.
- * When "final" is true, this is the last of the data to be decrypted.
- */
-extern SECStatus sec_PKCS7Decrypt (sec_PKCS7CipherObject *obj,
- unsigned char *output,
- unsigned int *output_len_p,
- unsigned int max_output_len,
- const unsigned char *input,
- unsigned int input_len,
- PRBool final);
-
-/*
- * Encrypt a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "obj" is the return value from sec_PKCS7CreateEncryptObject.
- * When "final" is true, this is the last of the data to be encrypted.
- */
-extern SECStatus sec_PKCS7Encrypt (sec_PKCS7CipherObject *obj,
- unsigned char *output,
- unsigned int *output_len_p,
- unsigned int max_output_len,
- const unsigned char *input,
- unsigned int input_len,
- PRBool final);
-
-/* return the correct kea template based on the template selector. skipjack
- * does not have the extra IV.
- */
-const SEC_ASN1Template *
-sec_pkcs7_get_kea_template(SECKEATemplateSelector whichTemplate);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _P7LOCAL_H_ */
diff --git a/security/nss/lib/pkcs7/pkcs7t.h b/security/nss/lib/pkcs7/pkcs7t.h
deleted file mode 100644
index 251d917b7..000000000
--- a/security/nss/lib/pkcs7/pkcs7t.h
+++ /dev/null
@@ -1,296 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header for pkcs7 types.
- *
- * $Id$
- */
-
-#ifndef _PKCS7T_H_
-#define _PKCS7T_H_
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "certt.h"
-#include "secmodt.h"
-
-/* Opaque objects */
-typedef struct SEC_PKCS7DecoderContextStr SEC_PKCS7DecoderContext;
-typedef struct SEC_PKCS7EncoderContextStr SEC_PKCS7EncoderContext;
-
-/* legacy defines that haven't been active for years */
-typedef void *(*SECKEYGetPasswordKey)(void *arg, void *handle);
-
-
-/* Non-opaque objects. NOTE, though: I want them to be treated as
- * opaque as much as possible. If I could hide them completely,
- * I would. (I tried, but ran into trouble that was taking me too
- * much time to get out of.) I still intend to try to do so.
- * In fact, the only type that "outsiders" should even *name* is
- * SEC_PKCS7ContentInfo, and they should not reference its fields.
- */
-/* rjr: PKCS #11 cert handling (pk11cert.c) does use SEC_PKCS7RecipientInfo's.
- * This is because when we search the recipient list for the cert and key we
- * want, we need to invert the order of the loops we used to have. The old
- * loops were:
- *
- * For each recipient {
- * find_cert = PK11_Find_AllCert(recipient->issuerSN);
- * [which unrolls to... ]
- * For each slot {
- * Log into slot;
- * search slot for cert;
- * }
- * }
- *
- * the new loop searchs all the recipients at once on a slot. this allows
- * PKCS #11 to order slots in such a way that logout slots don't get checked
- * if we can find the cert on a logged in slot. This eliminates lots of
- * spurious password prompts when smart cards are installed... so why this
- * comment? If you make SEC_PKCS7RecipientInfo completely opaque, you need
- * to provide a non-opaque list of issuerSN's (the only field PKCS#11 needs
- * and fix up pk11cert.c first. NOTE: Only S/MIME calls this special PKCS #11
- * function.
- */
-typedef struct SEC_PKCS7ContentInfoStr SEC_PKCS7ContentInfo;
-typedef struct SEC_PKCS7SignedDataStr SEC_PKCS7SignedData;
-typedef struct SEC_PKCS7EncryptedContentInfoStr SEC_PKCS7EncryptedContentInfo;
-typedef struct SEC_PKCS7EnvelopedDataStr SEC_PKCS7EnvelopedData;
-typedef struct SEC_PKCS7SignedAndEnvelopedDataStr
- SEC_PKCS7SignedAndEnvelopedData;
-typedef struct SEC_PKCS7SignerInfoStr SEC_PKCS7SignerInfo;
-typedef struct SEC_PKCS7RecipientInfoStr SEC_PKCS7RecipientInfo;
-typedef struct SEC_PKCS7DigestedDataStr SEC_PKCS7DigestedData;
-typedef struct SEC_PKCS7EncryptedDataStr SEC_PKCS7EncryptedData;
-typedef struct SEC_PKCS7SMIMEKEAParametersStr SEC_PKCS7SMIMEKEAParameters;
-/*
- * The following is not actually a PKCS7 type, but for now it is only
- * used by PKCS7, so we have adopted it. If someone else *ever* needs
- * it, its name should be changed and it should be moved out of here.
- * Do not dare to use it without doing so!
- */
-typedef struct SEC_PKCS7AttributeStr SEC_PKCS7Attribute;
-
-struct SEC_PKCS7ContentInfoStr {
- PRArenaPool *poolp; /* local; not part of encoding */
- PRBool created; /* local; not part of encoding */
- int refCount; /* local; not part of encoding */
- SECOidData *contentTypeTag; /* local; not part of encoding */
- SECKEYGetPasswordKey pwfn; /* local; not part of encoding */
- void *pwfn_arg; /* local; not part of encoding */
- SECItem contentType;
- union {
- SECItem *data;
- SEC_PKCS7DigestedData *digestedData;
- SEC_PKCS7EncryptedData *encryptedData;
- SEC_PKCS7EnvelopedData *envelopedData;
- SEC_PKCS7SignedData *signedData;
- SEC_PKCS7SignedAndEnvelopedData *signedAndEnvelopedData;
- } content;
-};
-
-struct SEC_PKCS7SignedDataStr {
- SECItem version;
- SECAlgorithmID **digestAlgorithms;
- SEC_PKCS7ContentInfo contentInfo;
- SECItem **rawCerts;
- CERTSignedCrl **crls;
- SEC_PKCS7SignerInfo **signerInfos;
- SECItem **digests; /* local; not part of encoding */
- CERTCertificate **certs; /* local; not part of encoding */
- CERTCertificateList **certLists; /* local; not part of encoding */
-};
-#define SEC_PKCS7_SIGNED_DATA_VERSION 1 /* what we *create* */
-
-struct SEC_PKCS7EncryptedContentInfoStr {
- SECOidData *contentTypeTag; /* local; not part of encoding */
- SECItem contentType;
- SECAlgorithmID contentEncAlg;
- SECItem encContent;
- SECItem plainContent; /* local; not part of encoding */
- /* bytes not encrypted, but encoded */
- int keysize; /* local; not part of encoding */
- /* size of bulk encryption key
- * (only used by creation code) */
- SECOidTag encalg; /* local; not part of encoding */
- /* oid tag of encryption algorithm
- * (only used by creation code) */
-};
-
-struct SEC_PKCS7EnvelopedDataStr {
- SECItem version;
- SEC_PKCS7RecipientInfo **recipientInfos;
- SEC_PKCS7EncryptedContentInfo encContentInfo;
-};
-#define SEC_PKCS7_ENVELOPED_DATA_VERSION 0 /* what we *create* */
-
-struct SEC_PKCS7SignedAndEnvelopedDataStr {
- SECItem version;
- SEC_PKCS7RecipientInfo **recipientInfos;
- SECAlgorithmID **digestAlgorithms;
- SEC_PKCS7EncryptedContentInfo encContentInfo;
- SECItem **rawCerts;
- CERTSignedCrl **crls;
- SEC_PKCS7SignerInfo **signerInfos;
- SECItem **digests; /* local; not part of encoding */
- CERTCertificate **certs; /* local; not part of encoding */
- CERTCertificateList **certLists; /* local; not part of encoding */
- PK11SymKey *sigKey; /* local; not part of encoding */
-};
-#define SEC_PKCS7_SIGNED_AND_ENVELOPED_DATA_VERSION 1 /* what we *create* */
-
-struct SEC_PKCS7SignerInfoStr {
- SECItem version;
- CERTIssuerAndSN *issuerAndSN;
- SECAlgorithmID digestAlg;
- SEC_PKCS7Attribute **authAttr;
- SECAlgorithmID digestEncAlg;
- SECItem encDigest;
- SEC_PKCS7Attribute **unAuthAttr;
- CERTCertificate *cert; /* local; not part of encoding */
- CERTCertificateList *certList; /* local; not part of encoding */
-};
-#define SEC_PKCS7_SIGNER_INFO_VERSION 1 /* what we *create* */
-
-struct SEC_PKCS7RecipientInfoStr {
- SECItem version;
- CERTIssuerAndSN *issuerAndSN;
- SECAlgorithmID keyEncAlg;
- SECItem encKey;
- CERTCertificate *cert; /* local; not part of encoding */
-};
-#define SEC_PKCS7_RECIPIENT_INFO_VERSION 0 /* what we *create* */
-
-struct SEC_PKCS7DigestedDataStr {
- SECItem version;
- SECAlgorithmID digestAlg;
- SEC_PKCS7ContentInfo contentInfo;
- SECItem digest;
-};
-#define SEC_PKCS7_DIGESTED_DATA_VERSION 0 /* what we *create* */
-
-struct SEC_PKCS7EncryptedDataStr {
- SECItem version;
- SEC_PKCS7EncryptedContentInfo encContentInfo;
-};
-#define SEC_PKCS7_ENCRYPTED_DATA_VERSION 0 /* what we *create* */
-
-/*
- * See comment above about this type not really belonging to PKCS7.
- */
-struct SEC_PKCS7AttributeStr {
- /* The following fields make up an encoded Attribute: */
- SECItem type;
- SECItem **values; /* data may or may not be encoded */
- /* The following fields are not part of an encoded Attribute: */
- SECOidData *typeTag;
- PRBool encoded; /* when true, values are encoded */
-};
-
-/* An enumerated type used to select templates based on the encryption
- scenario and data specifics. */
-typedef enum
-{
- SECKEAUsesSkipjack = 0,
- SECKEAUsesNonSkipjack = 1,
- SECKEAUsesNonSkipjackWithPaddedEncKey = 2,
- SECKEAInvalid = -1
-} SECKEATemplateSelector;
-
-/* ### mwelch - S/MIME KEA parameters. These don't really fit here,
- but I cannot think of a more appropriate place at this time. */
-struct SEC_PKCS7SMIMEKEAParametersStr {
- SECItem originatorKEAKey; /* sender KEA key (encrypted?) */
- SECItem originatorRA; /* random number generated by sender */
- SECItem nonSkipjackIV; /* init'n vector for SkipjackCBC64
- decryption of KEA key if Skipjack
- is not the bulk algorithm used on
- the message */
- SECItem bulkKeySize; /* if Skipjack is not the bulk
- algorithm used on the message,
- and the size of the bulk encryption
- key is not the same as that of
- originatorKEAKey (due to padding
- perhaps), this field will contain
- the real size of the bulk encryption
- key. */
-};
-
-/*
- * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.
- * If specified, this is where the content bytes (only) will be "sent"
- * as they are recovered during the decoding.
- *
- * XXX Should just combine this with SEC_PKCS7EncoderContentCallback type
- * and use a simpler, common name.
- */
-typedef void (* SEC_PKCS7DecoderContentCallback)(void *arg,
- const char *buf,
- unsigned long len);
-
-/*
- * Type of function passed to SEC_PKCS7Encode or SEC_PKCS7EncoderStart.
- * This is where the encoded bytes will be "sent".
- *
- * XXX Should just combine this with SEC_PKCS7DecoderContentCallback type
- * and use a simpler, common name.
- */
-typedef void (* SEC_PKCS7EncoderOutputCallback)(void *arg,
- const char *buf,
- unsigned long len);
-
-
-/*
- * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart
- * to retrieve the decryption key. This function is inteded to be
- * used for EncryptedData content info's which do not have a key available
- * in a certificate, etc.
- */
-typedef PK11SymKey * (* SEC_PKCS7GetDecryptKeyCallback)(void *arg,
- SECAlgorithmID *algid);
-
-/*
- * Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.
- * This function in intended to be used to verify that decrypting a
- * particular crypto algorithm is allowed. Content types which do not
- * require decryption will not need the callback. If the callback
- * is not specified for content types which require decryption, the
- * decryption will be disallowed.
- */
-typedef PRBool (* SEC_PKCS7DecryptionAllowedCallback)(SECAlgorithmID *algid,
- PK11SymKey *bulkkey);
-
-#endif /* _PKCS7T_H_ */
diff --git a/security/nss/lib/pkcs7/secmime.c b/security/nss/lib/pkcs7/secmime.c
deleted file mode 100644
index 017896bd7..000000000
--- a/security/nss/lib/pkcs7/secmime.c
+++ /dev/null
@@ -1,901 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Stuff specific to S/MIME policy and interoperability.
- * Depends on PKCS7, but there should be no dependency the other way around.
- *
- * $Id$
- */
-
-#include "secmime.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "ciferfam.h" /* for CIPHER_FAMILY symbols */
-#include "secasn1.h"
-#include "secitem.h"
-#include "cert.h"
-#include "key.h"
-#include "secerr.h"
-
-typedef struct smime_cipher_map_struct {
- unsigned long cipher;
- SECOidTag algtag;
- SECItem *parms;
-} smime_cipher_map;
-
-/*
- * These are macros because I think some subsequent parameters,
- * like those for RC5, will want to use them, too, separately.
- */
-#define SMIME_DER_INTVAL_16 SEC_ASN1_INTEGER, 0x01, 0x10
-#define SMIME_DER_INTVAL_40 SEC_ASN1_INTEGER, 0x01, 0x28
-#define SMIME_DER_INTVAL_64 SEC_ASN1_INTEGER, 0x01, 0x40
-#define SMIME_DER_INTVAL_128 SEC_ASN1_INTEGER, 0x02, 0x00, 0x80
-
-#ifdef SMIME_DOES_RC5 /* will be needed; quiet unused warning for now */
-static unsigned char smime_int16[] = { SMIME_DER_INTVAL_16 };
-#endif
-static unsigned char smime_int40[] = { SMIME_DER_INTVAL_40 };
-static unsigned char smime_int64[] = { SMIME_DER_INTVAL_64 };
-static unsigned char smime_int128[] = { SMIME_DER_INTVAL_128 };
-
-static SECItem smime_rc2p40 = { siBuffer, smime_int40, sizeof(smime_int40) };
-static SECItem smime_rc2p64 = { siBuffer, smime_int64, sizeof(smime_int64) };
-static SECItem smime_rc2p128 = { siBuffer, smime_int128, sizeof(smime_int128) };
-
-static smime_cipher_map smime_cipher_maps[] = {
- { SMIME_RC2_CBC_40, SEC_OID_RC2_CBC, &smime_rc2p40 },
- { SMIME_RC2_CBC_64, SEC_OID_RC2_CBC, &smime_rc2p64 },
- { SMIME_RC2_CBC_128, SEC_OID_RC2_CBC, &smime_rc2p128 },
-#ifdef SMIME_DOES_RC5
- { SMIME_RC5PAD_64_16_40, SEC_OID_RC5_CBC_PAD, &smime_rc5p40 },
- { SMIME_RC5PAD_64_16_64, SEC_OID_RC5_CBC_PAD, &smime_rc5p64 },
- { SMIME_RC5PAD_64_16_128, SEC_OID_RC5_CBC_PAD, &smime_rc5p128 },
-#endif
- { SMIME_DES_CBC_56, SEC_OID_DES_CBC, NULL },
- { SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL },
- { SMIME_FORTEZZA, SEC_OID_FORTEZZA_SKIPJACK, NULL}
-};
-
-/*
- * Note, the following value really just needs to be an upper bound
- * on the ciphers.
- */
-static const int smime_symmetric_count = sizeof(smime_cipher_maps)
- / sizeof(smime_cipher_map);
-
-static unsigned long *smime_prefs, *smime_newprefs;
-static int smime_current_pref_index = 0;
-static PRBool smime_prefs_complete = PR_FALSE;
-static PRBool smime_prefs_changed = PR_TRUE;
-
-static unsigned long smime_policy_bits = 0;
-
-
-static int
-smime_mapi_by_cipher (unsigned long cipher)
-{
- int i;
-
- for (i = 0; i < smime_symmetric_count; i++) {
- if (smime_cipher_maps[i].cipher == cipher)
- break;
- }
-
- if (i == smime_symmetric_count)
- return -1;
-
- return i;
-}
-
-
-/*
- * this function locally records the user's preference
- */
-SECStatus
-SECMIME_EnableCipher(long which, int on)
-{
- unsigned long mask;
-
- if (smime_newprefs == NULL || smime_prefs_complete) {
- /*
- * This is either the very first time, or we are starting over.
- */
- smime_newprefs = (unsigned long*)PORT_ZAlloc (smime_symmetric_count
- * sizeof(*smime_newprefs));
- if (smime_newprefs == NULL)
- return SECFailure;
- smime_current_pref_index = 0;
- smime_prefs_complete = PR_FALSE;
- }
-
- mask = which & CIPHER_FAMILYID_MASK;
- if (mask == CIPHER_FAMILYID_MASK) {
- /*
- * This call signifies that all preferences have been set.
- * Move "newprefs" over, after checking first whether or
- * not the new ones are different from the old ones.
- */
- if (smime_prefs != NULL) {
- if (PORT_Memcmp (smime_prefs, smime_newprefs,
- smime_symmetric_count * sizeof(*smime_prefs)) == 0)
- smime_prefs_changed = PR_FALSE;
- else
- smime_prefs_changed = PR_TRUE;
- PORT_Free (smime_prefs);
- }
-
- smime_prefs = smime_newprefs;
- smime_prefs_complete = PR_TRUE;
- return SECSuccess;
- }
-
- PORT_Assert (mask == CIPHER_FAMILYID_SMIME);
- if (mask != CIPHER_FAMILYID_SMIME) {
- /* XXX set an error! */
- return SECFailure;
- }
-
- if (on) {
- PORT_Assert (smime_current_pref_index < smime_symmetric_count);
- if (smime_current_pref_index >= smime_symmetric_count) {
- /* XXX set an error! */
- return SECFailure;
- }
-
- smime_newprefs[smime_current_pref_index++] = which;
- }
-
- return SECSuccess;
-}
-
-
-/*
- * this function locally records the export policy
- */
-SECStatus
-SECMIME_SetPolicy(long which, int on)
-{
- unsigned long mask;
-
- PORT_Assert ((which & CIPHER_FAMILYID_MASK) == CIPHER_FAMILYID_SMIME);
- if ((which & CIPHER_FAMILYID_MASK) != CIPHER_FAMILYID_SMIME) {
- /* XXX set an error! */
- return SECFailure;
- }
-
- which &= ~CIPHER_FAMILYID_MASK;
-
- PORT_Assert (which < 32); /* bits in the long */
- if (which >= 32) {
- /* XXX set an error! */
- return SECFailure;
- }
-
- mask = 1UL << which;
-
- if (on) {
- smime_policy_bits |= mask;
- } else {
- smime_policy_bits &= ~mask;
- }
-
- return SECSuccess;
-}
-
-
-/*
- * Based on the given algorithm (including its parameters, in some cases!)
- * and the given key (may or may not be inspected, depending on the
- * algorithm), find the appropriate policy algorithm specification
- * and return it. If no match can be made, -1 is returned.
- */
-static long
-smime_policy_algorithm (SECAlgorithmID *algid, PK11SymKey *key)
-{
- SECOidTag algtag;
-
- algtag = SECOID_GetAlgorithmTag (algid);
- switch (algtag) {
- case SEC_OID_RC2_CBC:
- {
- unsigned int keylen_bits;
-
- keylen_bits = PK11_GetKeyStrength (key, algid);
- switch (keylen_bits) {
- case 40:
- return SMIME_RC2_CBC_40;
- case 64:
- return SMIME_RC2_CBC_64;
- case 128:
- return SMIME_RC2_CBC_128;
- default:
- break;
- }
- }
- break;
- case SEC_OID_DES_CBC:
- return SMIME_DES_CBC_56;
- case SEC_OID_DES_EDE3_CBC:
- return SMIME_DES_EDE3_168;
- case SEC_OID_FORTEZZA_SKIPJACK:
- return SMIME_FORTEZZA;
-#ifdef SMIME_DOES_RC5
- case SEC_OID_RC5_CBC_PAD:
- PORT_Assert (0); /* XXX need to pull out parameters and match */
- break;
-#endif
- default:
- break;
- }
-
- return -1;
-}
-
-
-static PRBool
-smime_cipher_allowed (unsigned long which)
-{
- unsigned long mask;
-
- which &= ~CIPHER_FAMILYID_MASK;
- PORT_Assert (which < 32); /* bits per long (min) */
- if (which >= 32)
- return PR_FALSE;
-
- mask = 1UL << which;
- if ((mask & smime_policy_bits) == 0)
- return PR_FALSE;
-
- return PR_TRUE;
-}
-
-
-PRBool
-SECMIME_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key)
-{
- long which;
-
- which = smime_policy_algorithm (algid, key);
- if (which < 0)
- return PR_FALSE;
-
- return smime_cipher_allowed ((unsigned long)which);
-}
-
-
-/*
- * Does the current policy allow *any* S/MIME encryption (or decryption)?
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy. Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments. The return value is a simple boolean:
- * PR_TRUE means encryption (or decryption) is *possible*
- * (but may still fail due to other reasons, like because we cannot
- * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- * PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-PRBool
-SECMIME_EncryptionPossible (void)
-{
- if (smime_policy_bits != 0)
- return PR_TRUE;
-
- return PR_FALSE;
-}
-
-
-/*
- * XXX Would like the "parameters" field to be a SECItem *, but the
- * encoder is having trouble with optional pointers to an ANY. Maybe
- * once that is fixed, can change this back...
- */
-typedef struct smime_capability_struct {
- unsigned long cipher; /* local; not part of encoding */
- SECOidTag capIDTag; /* local; not part of encoding */
- SECItem capabilityID;
- SECItem parameters;
-} smime_capability;
-
-static const SEC_ASN1Template smime_capability_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(smime_capability) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(smime_capability,capabilityID), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(smime_capability,parameters), },
- { 0, }
-};
-
-static const SEC_ASN1Template smime_capabilities_template[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, smime_capability_template }
-};
-
-
-
-static void
-smime_fill_capability (smime_capability *cap)
-{
- unsigned long cipher;
- SECOidTag algtag;
- int i;
-
- algtag = SECOID_FindOIDTag (&(cap->capabilityID));
-
- for (i = 0; i < smime_symmetric_count; i++) {
- if (smime_cipher_maps[i].algtag != algtag)
- continue;
- /*
- * XXX If SECITEM_CompareItem allowed NULLs as arguments (comparing
- * 2 NULLs as equal and NULL and non-NULL as not equal), we could
- * use that here instead of all of the following comparison code.
- */
- if (cap->parameters.data != NULL) {
- if (smime_cipher_maps[i].parms == NULL)
- continue;
- if (cap->parameters.len != smime_cipher_maps[i].parms->len)
- continue;
- if (PORT_Memcmp (cap->parameters.data,
- smime_cipher_maps[i].parms->data,
- cap->parameters.len) == 0)
- break;
- } else if (smime_cipher_maps[i].parms == NULL) {
- break;
- }
- }
-
- if (i == smime_symmetric_count)
- cipher = 0;
- else
- cipher = smime_cipher_maps[i].cipher;
-
- cap->cipher = cipher;
- cap->capIDTag = algtag;
-}
-
-
-static long
-smime_choose_cipher (CERTCertificate *scert, CERTCertificate **rcerts)
-{
- PRArenaPool *poolp;
- long chosen_cipher;
- int *cipher_abilities;
- int *cipher_votes;
- int strong_mapi;
- int rcount, mapi, max, i;
- PRBool isFortezza = PK11_FortezzaHasKEA(scert);
-
- if (smime_policy_bits == 0) {
- PORT_SetError (SEC_ERROR_BAD_EXPORT_ALGORITHM);
- return -1;
- }
-
- chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */
-
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- goto done;
-
- cipher_abilities = (int*)PORT_ArenaZAlloc (poolp,
- smime_symmetric_count * sizeof(int));
- if (cipher_abilities == NULL)
- goto done;
-
- cipher_votes = (int*)PORT_ArenaZAlloc (poolp,
- smime_symmetric_count * sizeof(int));
- if (cipher_votes == NULL)
- goto done;
-
- /*
- * XXX Should have a #define somewhere which specifies default
- * strong cipher. (Or better, a way to configure, which would
- * take Fortezza into account as well.)
- */
-
- /* If the user has the Fortezza preference turned on, make
- * that the strong cipher. Otherwise, use triple-DES. */
- strong_mapi = -1;
- if (isFortezza) {
- for(i=0;i < smime_current_pref_index && strong_mapi < 0;i++)
- {
- if (smime_prefs[i] == SMIME_FORTEZZA)
- strong_mapi = smime_mapi_by_cipher(SMIME_FORTEZZA);
- }
- }
-
- if (strong_mapi == -1)
- strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168);
-
- PORT_Assert (strong_mapi >= 0);
-
- for (rcount = 0; rcerts[rcount] != NULL; rcount++) {
- SECItem *profile;
- smime_capability **caps;
- int capi, pref;
- SECStatus dstat;
-
- pref = smime_symmetric_count;
- profile = CERT_FindSMimeProfile (rcerts[rcount]);
- if (profile != NULL && profile->data != NULL && profile->len > 0) {
- caps = NULL;
- dstat = SEC_ASN1DecodeItem (poolp, &caps,
- smime_capabilities_template,
- profile);
- if (dstat == SECSuccess && caps != NULL) {
- for (capi = 0; caps[capi] != NULL; capi++) {
- smime_fill_capability (caps[capi]);
- mapi = smime_mapi_by_cipher (caps[capi]->cipher);
- if (mapi >= 0) {
- cipher_abilities[mapi]++;
- cipher_votes[mapi] += pref;
- --pref;
- }
- }
- }
- } else {
- SECKEYPublicKey *key;
- unsigned int pklen_bits;
-
- /*
- * XXX This is probably only good for RSA keys. What I would
- * really like is a function to just say; Is the public key in
- * this cert an export-length key? Then I would not have to
- * know things like the value 512, or the kind of key, or what
- * a subjectPublicKeyInfo is, etc.
- */
- key = CERT_ExtractPublicKey (rcerts[rcount]);
- if (key != NULL) {
- pklen_bits = SECKEY_PublicKeyStrength (key) * 8;
- SECKEY_DestroyPublicKey (key);
-
- if (pklen_bits > 512) {
- cipher_abilities[strong_mapi]++;
- cipher_votes[strong_mapi] += pref;
- }
- }
- }
- if (profile != NULL)
- SECITEM_FreeItem (profile, PR_TRUE);
- }
-
- max = 0;
- for (mapi = 0; mapi < smime_symmetric_count; mapi++) {
- if (cipher_abilities[mapi] != rcount)
- continue;
- if (! smime_cipher_allowed (smime_cipher_maps[mapi].cipher))
- continue;
- if (!isFortezza && (smime_cipher_maps[mapi].cipher == SMIME_FORTEZZA))
- continue;
- if (cipher_votes[mapi] > max) {
- chosen_cipher = smime_cipher_maps[mapi].cipher;
- max = cipher_votes[mapi];
- } /* XXX else if a tie, let scert break it? */
- }
-
-done:
- if (poolp != NULL)
- PORT_FreeArena (poolp, PR_FALSE);
-
- return chosen_cipher;
-}
-
-
-/*
- * XXX This is a hack for now to satisfy our current interface.
- * Eventually, with more parameters needing to be specified, just
- * looking up the keysize is not going to be sufficient.
- */
-static int
-smime_keysize_by_cipher (unsigned long which)
-{
- int keysize;
-
- switch (which) {
- case SMIME_RC2_CBC_40:
- keysize = 40;
- break;
- case SMIME_RC2_CBC_64:
- keysize = 64;
- break;
- case SMIME_RC2_CBC_128:
- keysize = 128;
- break;
-#ifdef SMIME_DOES_RC5
- case SMIME_RC5PAD_64_16_40:
- case SMIME_RC5PAD_64_16_64:
- case SMIME_RC5PAD_64_16_128:
- /* XXX See comment above; keysize is not enough... */
- PORT_Assert (0);
- PORT_SetError (SEC_ERROR_INVALID_ALGORITHM);
- keysize = -1;
- break;
-#endif
- case SMIME_DES_CBC_56:
- case SMIME_DES_EDE3_168:
- case SMIME_FORTEZZA:
- /*
- * These are special; since the key size is fixed, we actually
- * want to *avoid* specifying a key size.
- */
- keysize = 0;
- break;
- default:
- keysize = -1;
- break;
- }
-
- return keysize;
-}
-
-
-/*
- * Start an S/MIME encrypting context.
- *
- * "scert" is the cert for the sender. It will be checked for validity.
- * "rcerts" are the certs for the recipients. They will also be checked.
- *
- * "certdb" is the cert database to use for verifying the certs.
- * It can be NULL if a default database is available (like in the client).
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-SEC_PKCS7ContentInfo *
-SECMIME_CreateEncrypted(CERTCertificate *scert,
- CERTCertificate **rcerts,
- CERTCertDBHandle *certdb,
- SECKEYGetPasswordKey pwfn,
- void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- long cipher;
- SECOidTag encalg;
- int keysize;
- int mapi, rci;
-
- cipher = smime_choose_cipher (scert, rcerts);
- if (cipher < 0)
- return NULL;
-
- mapi = smime_mapi_by_cipher (cipher);
- if (mapi < 0)
- return NULL;
-
- /*
- * XXX This is stretching it -- CreateEnvelopedData should probably
- * take a cipher itself of some sort, because we cannot know what the
- * future will bring in terms of parameters for each type of algorithm.
- * For example, just an algorithm and keysize is *not* sufficient to
- * fully specify the usage of RC5 (which also needs to know rounds and
- * block size). Work this out into a better API!
- */
- encalg = smime_cipher_maps[mapi].algtag;
- keysize = smime_keysize_by_cipher (cipher);
- if (keysize < 0)
- return NULL;
-
- cinfo = SEC_PKCS7CreateEnvelopedData (scert, certUsageEmailRecipient,
- certdb, encalg, keysize,
- pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- for (rci = 0; rcerts[rci] != NULL; rci++) {
- if (rcerts[rci] == scert)
- continue;
- if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient,
- NULL) != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
- }
-
- return cinfo;
-}
-
-
-static smime_capability **smime_capabilities;
-static SECItem *smime_encoded_caps;
-static PRBool lastUsedFortezza;
-
-
-static SECStatus
-smime_init_caps (PRBool isFortezza)
-{
- smime_capability *cap;
- smime_cipher_map *map;
- SECOidData *oiddata;
- SECStatus rv;
- int i, capIndex;
-
- if (smime_encoded_caps != NULL
- && (! smime_prefs_changed)
- && lastUsedFortezza == isFortezza)
- return SECSuccess;
-
- if (smime_encoded_caps != NULL) {
- SECITEM_FreeItem (smime_encoded_caps, PR_TRUE);
- smime_encoded_caps = NULL;
- }
-
- if (smime_capabilities == NULL) {
- smime_capabilities = (smime_capability**)PORT_ZAlloc (
- (smime_symmetric_count + 1)
- * sizeof(smime_capability *));
- if (smime_capabilities == NULL)
- return SECFailure;
- }
-
- rv = SECFailure;
-
- /*
- The process of creating the encoded PKCS7 cipher capability list
- involves two basic steps:
-
- (a) Convert our internal representation of cipher preferences
- (smime_prefs) into an array containing cipher OIDs and
- parameter data (smime_capabilities). This step is
- performed here.
-
- (b) Encode, using ASN.1, the cipher information in
- smime_capabilities, leaving the encoded result in
- smime_encoded_caps.
-
- (In the process of performing (a), Lisa put in some optimizations
- which allow us to avoid needlessly re-populating elements in
- smime_capabilities as we walk through smime_prefs.)
-
- We want to use separate loop variables for smime_prefs and
- smime_capabilities because in the case where the Skipjack cipher
- is turned on in the prefs, but where we don't want to include
- Skipjack in the encoded capabilities (presumably due to using a
- non-fortezza cert when sending a message), we want to avoid creating
- an empty element in smime_capabilities. This would otherwise cause
- the encoding step to produce an empty set, since Skipjack happens
- to be the first cipher in smime_prefs, if it is turned on.
- */
- for (i = 0, capIndex = 0; i < smime_current_pref_index; i++, capIndex++) {
- int mapi;
-
- /* Get the next cipher preference in smime_prefs. */
- mapi = smime_mapi_by_cipher (smime_prefs[i]);
- if (mapi < 0)
- break;
-
- /* Find the corresponding entry in the cipher map. */
- PORT_Assert (mapi < smime_symmetric_count);
- map = &(smime_cipher_maps[mapi]);
-
- /* If we're using a non-Fortezza cert, only advertise non-Fortezza
- capabilities. (We advertise all capabilities if we have a
- Fortezza cert.) */
- if ((!isFortezza) && (map->cipher == SMIME_FORTEZZA))
- {
- capIndex--; /* we want to visit the same caps index entry next time */
- continue;
- }
-
- /*
- * Convert the next preference found in smime_prefs into an
- * smime_capability.
- */
-
- cap = smime_capabilities[capIndex];
- if (cap == NULL) {
- cap = (smime_capability*)PORT_ZAlloc (sizeof(smime_capability));
- if (cap == NULL)
- break;
- smime_capabilities[capIndex] = cap;
- } else if (cap->cipher == smime_prefs[i]) {
- continue; /* no change to this one */
- }
-
- cap->capIDTag = map->algtag;
- oiddata = SECOID_FindOIDByTag (map->algtag);
- if (oiddata == NULL)
- break;
-
- if (cap->capabilityID.data != NULL) {
- SECITEM_FreeItem (&(cap->capabilityID), PR_FALSE);
- cap->capabilityID.data = NULL;
- cap->capabilityID.len = 0;
- }
-
- rv = SECITEM_CopyItem (NULL, &(cap->capabilityID), &(oiddata->oid));
- if (rv != SECSuccess)
- break;
-
- if (map->parms == NULL) {
- cap->parameters.data = NULL;
- cap->parameters.len = 0;
- } else {
- cap->parameters.data = map->parms->data;
- cap->parameters.len = map->parms->len;
- }
-
- cap->cipher = smime_prefs[i];
- }
-
- if (i != smime_current_pref_index)
- return rv;
-
- while (capIndex < smime_symmetric_count) {
- cap = smime_capabilities[capIndex];
- if (cap != NULL) {
- SECITEM_FreeItem (&(cap->capabilityID), PR_FALSE);
- PORT_Free (cap);
- }
- smime_capabilities[capIndex] = NULL;
- capIndex++;
- }
- smime_capabilities[capIndex] = NULL;
-
- smime_encoded_caps = SEC_ASN1EncodeItem (NULL, NULL, &smime_capabilities,
- smime_capabilities_template);
- if (smime_encoded_caps == NULL)
- return SECFailure;
-
- lastUsedFortezza = isFortezza;
-
- return SECSuccess;
-}
-
-
-static SECStatus
-smime_add_profile (CERTCertificate *cert, SEC_PKCS7ContentInfo *cinfo)
-{
- PRBool isFortezza = PR_FALSE;
-
- PORT_Assert (smime_prefs_complete);
- if (! smime_prefs_complete)
- return SECFailure;
-
- /* See if the sender's cert specifies Fortezza key exchange. */
- if (cert != NULL)
- isFortezza = PK11_FortezzaHasKEA(cert);
-
- /* For that matter, if capabilities haven't been initialized yet,
- do so now. */
- if (isFortezza != lastUsedFortezza || smime_encoded_caps == NULL || smime_prefs_changed) {
- SECStatus rv;
-
- rv = smime_init_caps(isFortezza);
- if (rv != SECSuccess)
- return rv;
-
- PORT_Assert (smime_encoded_caps != NULL);
- }
-
- return SEC_PKCS7AddSignedAttribute (cinfo, SEC_OID_PKCS9_SMIME_CAPABILITIES,
- smime_encoded_caps);
-}
-
-
-/*
- * Start an S/MIME signing context.
- *
- * "scert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "ecert" is the signer's encryption cert. If it is different from
- * scert, then it will be included in the signed message so that the
- * recipient can save it for future encryptions.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- * XXX There should be SECMIME functions for hashing, or the hashing should
- * be built into this interface, which we would like because we would
- * support more smartcards that way, and then this argument should go away.)
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-
-SEC_PKCS7ContentInfo *
-SECMIME_CreateSigned (CERTCertificate *scert,
- CERTCertificate *ecert,
- CERTCertDBHandle *certdb,
- SECOidTag digestalg,
- SECItem *digest,
- SECKEYGetPasswordKey pwfn,
- void *pwfn_arg)
-{
- SEC_PKCS7ContentInfo *cinfo;
- SECStatus rv;
-
- /* See note in header comment above about digestalg. */
- PORT_Assert (digestalg == SEC_OID_SHA1);
-
- cinfo = SEC_PKCS7CreateSignedData (scert, certUsageEmailSigner,
- certdb, digestalg, digest,
- pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- if (SEC_PKCS7IncludeCertChain (cinfo, NULL) != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
-
- /* if the encryption cert and the signing cert differ, then include
- * the encryption cert too.
- */
- /* it is ok to compare the pointers since we ref count, and the same
- * cert will always have the same pointer
- */
- if ( ( ecert != NULL ) && ( ecert != scert ) ) {
- rv = SEC_PKCS7AddCertificate(cinfo, ecert);
- if ( rv != SECSuccess ) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
- }
- /*
- * Add the signing time. But if it fails for some reason,
- * may as well not give up altogether -- just assert.
- */
- rv = SEC_PKCS7AddSigningTime (cinfo);
- PORT_Assert (rv == SECSuccess);
-
- /*
- * Add the email profile. Again, if it fails for some reason,
- * may as well not give up altogether -- just assert.
- */
- rv = smime_add_profile (ecert, cinfo);
- PORT_Assert (rv == SECSuccess);
-
- return cinfo;
-}
diff --git a/security/nss/lib/pkcs7/secmime.h b/security/nss/lib/pkcs7/secmime.h
deleted file mode 100644
index 6950e416f..000000000
--- a/security/nss/lib/pkcs7/secmime.h
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header file for routines specific to S/MIME. Keep things that are pure
- * pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc.
- *
- * $Id$
- */
-
-#ifndef _SECMIME_H_
-#define _SECMIME_H_ 1
-
-#include "secpkcs7.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * Initialize the local recording of the user S/MIME cipher preferences.
- * This function is called once for each cipher, the order being
- * important (first call records greatest preference, and so on).
- * When finished, it is called with a "which" of CIPHER_FAMILID_MASK.
- * If the function is called again after that, it is assumed that
- * the preferences are being reset, and the old preferences are
- * discarded.
- *
- * XXX This is for a particular user, and right now the storage is
- * XXX local, static. The preference should be stored elsewhere to allow
- * XXX for multiple uses of one library? How does SSL handle this;
- * XXX it has something similar?
- *
- * - The "which" values are defined in ciferfam.h (the SMIME_* values,
- * for example SMIME_DES_CBC_56).
- * - If "on" is non-zero then the named cipher is enabled, otherwise
- * it is disabled. (It is not necessary to call the function for
- * ciphers that are disabled, however, as that is the default.)
- *
- * If the cipher preference is successfully recorded, SECSuccess
- * is returned. Otherwise SECFailure is returned. The only errors
- * are due to failure allocating memory or bad parameters/calls:
- * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
- * SEC_ERROR_XXX (function is being called more times than there
- * are known/expected ciphers)
- */
-extern SECStatus SECMIME_EnableCipher(long which, int on);
-
-/*
- * Initialize the local recording of the S/MIME policy.
- * This function is called to enable/disable a particular cipher.
- * (S/MIME encryption or decryption using a particular cipher is only
- * allowed if that cipher is currently enabled.) At startup, all S/MIME
- * ciphers are disabled. From that point, this function can be called
- * to enable a cipher -- it is not necessary to call this to disable
- * a cipher unless that cipher was previously, explicitly enabled via
- * this function.
- *
- * XXX This is for a the current module, I think, so local, static storage
- * XXX is okay. Is that correct, or could multiple uses of the same
- * XXX library expect to operate under different policies?
- *
- * - The "which" values are defined in ciferfam.h (the SMIME_* values,
- * for example SMIME_DES_CBC_56).
- * - If "on" is non-zero then the named cipher is enabled, otherwise
- * it is disabled.
- *
- * If the cipher is successfully enabled/disabled, SECSuccess is
- * returned. Otherwise SECFailure is returned. The only errors
- * are due to bad parameters:
- * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
- * SEC_ERROR_XXX ("which" exceeds expected maximum cipher; this is
- * really an internal error)
- */
-extern SECStatus SECMIME_SetPolicy(long which, int on);
-
-/*
- * Does the current policy allow S/MIME decryption of this particular
- * algorithm and keysize?
- */
-extern PRBool SECMIME_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key);
-
-/*
- * Does the current policy allow *any* S/MIME encryption (or decryption)?
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy. Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments. The return value is a simple boolean:
- * PR_TRUE means encryption (or decryption) is *possible*
- * (but may still fail due to other reasons, like because we cannot
- * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- * PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-extern PRBool SECMIME_EncryptionPossible(void);
-
-/*
- * Start an S/MIME encrypting context.
- *
- * "scert" is the cert for the sender. It will be checked for validity.
- * "rcerts" are the certs for the recipients. They will also be checked.
- *
- * "certdb" is the cert database to use for verifying the certs.
- * It can be NULL if a default database is available (like in the client).
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *SECMIME_CreateEncrypted(CERTCertificate *scert,
- CERTCertificate **rcerts,
- CERTCertDBHandle *certdb,
- SECKEYGetPasswordKey pwfn,
- void *pwfn_arg);
-
-/*
- * Start an S/MIME signing context.
- *
- * "scert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm. (It should be SEC_OID_SHA1;
- * XXX There should be SECMIME functions for hashing, or the hashing should
- * be built into this interface, which we would like because we would
- * support more smartcards that way, and then this argument should go away.)
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *SECMIME_CreateSigned(CERTCertificate *scert,
- CERTCertificate *ecert,
- CERTCertDBHandle *certdb,
- SECOidTag digestalg,
- SECItem *digest,
- SECKEYGetPasswordKey pwfn,
- void *pwfn_arg);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _SECMIME_H_ */
diff --git a/security/nss/lib/pkcs7/secpkcs7.h b/security/nss/lib/pkcs7/secpkcs7.h
deleted file mode 100644
index 8c210225b..000000000
--- a/security/nss/lib/pkcs7/secpkcs7.h
+++ /dev/null
@@ -1,616 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Interface to the PKCS7 implementation.
- *
- * $Id$
- */
-
-#ifndef _SECPKCS7_H_
-#define _SECPKCS7_H_
-
-#include "seccomon.h"
-
-#include "secoidt.h"
-#include "certt.h"
-#include "keyt.h"
-#include "hasht.h"
-#include "pkcs7t.h"
-
-extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[];
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/************************************************************************
- * Miscellaneous
- ************************************************************************/
-
-/*
- * Returns the content type of the given contentInfo.
- */
-extern SECOidTag SEC_PKCS7ContentType (SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Destroy a PKCS7 contentInfo and all of its sub-pieces.
- */
-extern void SEC_PKCS7DestroyContentInfo(SEC_PKCS7ContentInfo *contentInfo);
-
-/*
- * Copy a PKCS7 contentInfo. A Destroy is needed on *each* copy.
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CopyContentInfo(SEC_PKCS7ContentInfo *contentInfo);
-
-/*
- * Return a pointer to the actual content. In the case of those types
- * which are encrypted, this returns the *plain* content.
- */
-extern SECItem *SEC_PKCS7GetContent(SEC_PKCS7ContentInfo *cinfo);
-
-/************************************************************************
- * PKCS7 Decoding, Verification, etc..
- ************************************************************************/
-
-extern SEC_PKCS7DecoderContext *
-SEC_PKCS7DecoderStart(SEC_PKCS7DecoderContentCallback callback,
- void *callback_arg,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg,
- SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
- void *decrypt_key_cb_arg,
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb);
-
-extern SECStatus
-SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
- const char *buf, unsigned long len);
-
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7DecoderFinish(SEC_PKCS7DecoderContext *p7dcx);
-
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7DecodeItem(SECItem *p7item,
- SEC_PKCS7DecoderContentCallback cb, void *cb_arg,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg,
- SEC_PKCS7GetDecryptKeyCallback decrypt_key_cb,
- void *decrypt_key_cb_arg,
- SEC_PKCS7DecryptionAllowedCallback decrypt_allowed_cb);
-
-extern PRBool SEC_PKCS7ContainsCertsOrCrls(SEC_PKCS7ContentInfo *cinfo);
-
-/* checks to see if the contents of the content info is
- * empty. it so, PR_TRUE is returned. PR_FALSE, otherwise.
- *
- * minLen is used to specify a minimum size. if content size <= minLen,
- * content is assumed empty.
- */
-extern PRBool
-SEC_PKCS7IsContentEmpty(SEC_PKCS7ContentInfo *cinfo, unsigned int minLen);
-
-extern PRBool SEC_PKCS7ContentIsEncrypted(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * If the PKCS7 content has a signature (not just *could* have a signature)
- * return true; false otherwise. This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-extern PRBool SEC_PKCS7ContentIsSigned(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * SEC_PKCS7VerifySignature
- * Look at a PKCS7 contentInfo and check if the signature is good.
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- */
-extern PRBool SEC_PKCS7VerifySignature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- PRBool keepcerts);
-
-/*
- * SEC_PKCS7VerifyDetachedSignature
- * Look at a PKCS7 contentInfo and check if the signature matches
- * a passed-in digest (calculated, supposedly, from detached contents).
- * The verification checks that the signing cert is valid and trusted
- * for the purpose specified by "certusage".
- *
- * In addition, if "keepcerts" is true, add any new certificates found
- * into our local database.
- */
-extern PRBool SEC_PKCS7VerifyDetachedSignature(SEC_PKCS7ContentInfo *cinfo,
- SECCertUsage certusage,
- SECItem *detached_digest,
- HASH_HashType digest_type,
- PRBool keepcerts);
-
-/*
- * SEC_PKCS7GetSignerCommonName, SEC_PKCS7GetSignerEmailAddress
- * The passed-in contentInfo is espected to be Signed, and these
- * functions return the specified portion of the full signer name.
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A NULL return value is an error.
- */
-extern char *SEC_PKCS7GetSignerCommonName(SEC_PKCS7ContentInfo *cinfo);
-extern char *SEC_PKCS7GetSignerEmailAddress(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Return the the signing time, in UTCTime format, of a PKCS7 contentInfo.
- */
-extern SECItem *SEC_PKCS7GetSigningTime(SEC_PKCS7ContentInfo *cinfo);
-
-
-/************************************************************************
- * PKCS7 Creation and Encoding.
- ************************************************************************/
-
-/*
- * Start a PKCS7 signing context.
- *
- * "cert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "certusage" describes the signing usage (e.g. certUsageEmailSigner)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "signing" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * The return value can be passed to functions which add things to
- * it like attributes, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateSignedData (CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb,
- SECOidTag digestalg,
- SECItem *digest,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg);
-
-/*
- * Create a PKCS7 certs-only container.
- *
- * "cert" is the (first) cert that will be included.
- *
- * "include_chain" specifies whether the entire chain for "cert" should
- * be included.
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL in when "include_chain" is false, or when meaning
- * use the default database.
- *
- * More certs and chains can be added via AddCertficate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateCertsOnly (CERTCertificate *cert,
- PRBool include_chain,
- CERTCertDBHandle *certdb);
-
-/*
- * Start a PKCS7 enveloping context.
- *
- * "cert" is the cert for the recipient. It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "encalg" specifies the bulk encryption algorithm to use (e.g. SEC_OID_RC2).
- *
- * "keysize" specifies the bulk encryption key size, in bits.
- *
- * The return value can be passed to functions which add things to
- * it like more recipients, then eventually to SEC_PKCS7Encode() or to
- * SEC_PKCS7EncoderStart() to create the encoded data, and finally to
- * SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEnvelopedData (CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb,
- SECOidTag encalg,
- int keysize,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg);
-
-/*
- * XXX There will be a similar routine for creating signedAndEnvelopedData.
- * But its parameters will be different and I have no plans to implement
- * it any time soon because we have no current need for it.
- */
-
-/*
- * Create an empty PKCS7 data content info.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *SEC_PKCS7CreateData (void);
-
-/*
- * Create an empty PKCS7 encrypted content info.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern SEC_PKCS7ContentInfo *
-SEC_PKCS7CreateEncryptedData (SECOidTag algorithm, int keysize,
- SECKEYGetPasswordKey pwfn, void *pwfn_arg);
-
-/*
- * All of the following things return SECStatus to signal success or failure.
- * Failure should have a more specific error status available via
- * PORT_GetError()/XP_GetError().
- */
-
-/*
- * Add the specified attribute to the authenticated (i.e. signed) attributes
- * of "cinfo" -- "oidtag" describes the attribute and "value" is the
- * value to be associated with it. NOTE! "value" must already be encoded;
- * no interpretation of "oidtag" is done. Also, it is assumed that this
- * signedData has only one signer -- if we ever need to add attributes
- * when there is more than one signature, we need a way to specify *which*
- * signature should get the attribute.
- *
- * XXX Technically, a signed attribute can have multiple values; if/when
- * we ever need to support an attribute which takes multiple values, we
- * either need to change this interface or create an AddSignedAttributeValue
- * which can be called subsequently, and would then append a value.
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-extern SECStatus SEC_PKCS7AddSignedAttribute (SEC_PKCS7ContentInfo *cinfo,
- SECOidTag oidtag,
- SECItem *value);
-
-/*
- * Add "cert" and its entire chain to the set of certs included in "cinfo".
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7AddCertChain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- CERTCertDBHandle *certdb);
-
-/*
- * Add "cert" to the set of certs included in "cinfo".
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7AddCertificate (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert);
-
-/*
- * Add another recipient to an encrypted message.
- *
- * "cinfo" should be of type envelopedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- *
- * "cert" is the cert for the recipient. It will be checked for validity.
- *
- * "certusage" describes the encryption usage (e.g. certUsageEmailRecipient)
- * XXX Maybe SECCertUsage should be split so that our caller just says
- * "email" and *we* add the "recipient" part -- otherwise our caller
- * could be lying about the usage; we do not want to allow encryption
- * certs for signing or vice versa.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- */
-extern SECStatus SEC_PKCS7AddRecipient (SEC_PKCS7ContentInfo *cinfo,
- CERTCertificate *cert,
- SECCertUsage certusage,
- CERTCertDBHandle *certdb);
-
-/*
- * Add the signing time to the authenticated (i.e. signed) attributes
- * of "cinfo". This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will either do
- * nothing or replace an old signing time with a newer one.
- *
- * XXX This will probably just shove the current time into "cinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding. Is this (expected to be small) delay okay?
- *
- * "cinfo" should be of type signedData (the only kind of pkcs7 data
- * that is allowed authenticated attributes); SECFailure will be returned
- * if it is not.
- */
-extern SECStatus SEC_PKCS7AddSigningTime (SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Add the signer's symmetric capabilities to the authenticated
- * (i.e. signed) attributes of "cinfo". This is expected to be
- * included in outgoing signed messages for email (S/MIME).
- *
- * This can only be added once; a second call will return SECFailure.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7AddSymmetricCapabilities(SEC_PKCS7ContentInfo *cinfo);
-
-/*
- * Mark that the signer's certificate and its issuing chain should
- * be included in the encoded data. This is expected to be used
- * in outgoing signed messages for email (S/MIME).
- *
- * "certdb" is the cert database to use for finding the chain.
- * It can be NULL, meaning use the default database.
- *
- * "cinfo" should be of type signedData or signedAndEnvelopedData;
- * SECFailure will be returned if it is not.
- */
-extern SECStatus SEC_PKCS7IncludeCertChain (SEC_PKCS7ContentInfo *cinfo,
- CERTCertDBHandle *certdb);
-
-
-/*
- * Set the content; it will be included and also hashed and/or encrypted
- * as appropriate. This is for in-memory content (expected to be "small")
- * that will be included in the PKCS7 object. All others should stream the
- * content through when encoding (see SEC_PKCS7Encoder{Start,Update,Finish}).
- *
- * "buf" points to data of length "len"; it will be copied.
- */
-extern SECStatus SEC_PKCS7SetContent (SEC_PKCS7ContentInfo *cinfo,
- const char *buf, unsigned long len);
-
-/*
- * Encode a PKCS7 object, in one shot. All necessary components
- * of the object must already be specified. Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only).
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "outputfn" is where the encoded bytes will be passed.
- *
- * "outputarg" is an opaque argument to the above callback.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-extern SECStatus SEC_PKCS7Encode (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg);
-
-/*
- * Encode a PKCS7 object, in one shot. All necessary components
- * of the object must already be specified. Either the data has
- * already been included (via SetContent), or the data is detached,
- * or there is no data at all (certs-only). The output, rather than
- * being passed to an output function as is done above, is all put
- * into a SECItem.
- *
- * "pool" specifies a pool from which to allocate the result.
- * It can be NULL, in which case memory is allocated generically.
- *
- * "dest" specifies a SECItem in which to put the result data.
- * It can be NULL, in which case the entire item is allocated, too.
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * "pwfn" is a callback for getting the password which protects the
- * private key of the signer. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-extern SECItem *SEC_PKCS7EncodeItem (PRArenaPool *pool,
- SECItem *dest,
- SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg);
-
-/*
- * For those who want to simply point to the pkcs7 contentInfo ASN.1
- * template, and *not* call the encoding functions directly, the
- * following function can be used -- after it is called, the entire
- * PKCS7 contentInfo is ready to be encoded.
- */
-extern SECStatus SEC_PKCS7PrepareForEncode (SEC_PKCS7ContentInfo *cinfo,
- PK11SymKey *bulkkey,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg);
-
-/*
- * Start the process of encoding a PKCS7 object. The first part of
- * the encoded object will be passed to the output function right away;
- * after that it is expected that SEC_PKCS7EncoderUpdate will be called,
- * streaming in the actual content that is getting included as well as
- * signed or encrypted (or both).
- *
- * "cinfo" specifies the object to be encoded.
- *
- * "outputfn" is where the encoded bytes will be passed.
- *
- * "outputarg" is an opaque argument to the above callback.
- *
- * "bulkkey" specifies the bulk encryption key to use. This argument
- * can be NULL if no encryption is being done, or if the bulk key should
- * be generated internally (usually the case for EnvelopedData but never
- * for EncryptedData, which *must* provide a bulk encryption key).
- *
- * Returns an object to be passed to EncoderUpdate and EncoderFinish.
- */
-extern SEC_PKCS7EncoderContext *
-SEC_PKCS7EncoderStart (SEC_PKCS7ContentInfo *cinfo,
- SEC_PKCS7EncoderOutputCallback outputfn,
- void *outputarg,
- PK11SymKey *bulkkey);
-
-/*
- * Encode more contents, hashing and/or encrypting along the way.
- */
-extern SECStatus SEC_PKCS7EncoderUpdate (SEC_PKCS7EncoderContext *p7ecx,
- const char *buf,
- unsigned long len);
-
-/*
- * No more contents; finish the signature creation, if appropriate,
- * and then the encoding.
- *
- * "pwfn" is a callback for getting the password which protects the
- * signer's private key. This argument can be NULL if it is known
- * that no signing is going to be done.
- *
- * "pwfnarg" is an opaque argument to the above callback.
- */
-extern SECStatus SEC_PKCS7EncoderFinish (SEC_PKCS7EncoderContext *p7ecx,
- SECKEYGetPasswordKey pwfn,
- void *pwfnarg);
-
-/* retrieve the algorithm ID used to encrypt the content info
- * for encrypted and enveloped data. The SECAlgorithmID pointer
- * returned needs to be freed as it is a copy of the algorithm
- * id in the content info.
- */
-extern SECAlgorithmID *
-SEC_PKCS7GetEncryptionAlgorithm(SEC_PKCS7ContentInfo *cinfo);
-
-/* the content of an encrypted data content info is encrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "plainContent" field of the content info.
- *
- * cinfo is the content info to encrypt
- *
- * key is the key with which to perform the encryption. if the
- * algorithm is a password based encryption algorithm, the
- * key is actually a password which will be processed per
- * PKCS #5.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates a success.
- */
-extern SECStatus
-SEC_PKCS7EncryptContents(PRArenaPool *poolp,
- SEC_PKCS7ContentInfo *cinfo,
- SECItem *key,
- void *wincx);
-
-/* the content of an encrypted data content info is decrypted.
- * it is assumed that for encrypted data, that the data has already
- * been set and is in the "encContent" field of the content info.
- *
- * cinfo is the content info to decrypt
- *
- * key is the key with which to perform the decryption. if the
- * algorithm is a password based encryption algorithm, the
- * key is actually a password which will be processed per
- * PKCS #5.
- *
- * in the event of an error, SECFailure is returned. SECSuccess
- * indicates a success.
- */
-extern SECStatus
-SEC_PKCS7DecryptContents(PRArenaPool *poolp,
- SEC_PKCS7ContentInfo *cinfo,
- SECItem *key,
- void *wincx);
-
-/* retrieve the certificate list from the content info. the list
- * is a pointer to the list in the content info. this should not
- * be deleted or freed in any way short of calling
- * SEC_PKCS7DestroyContentInfo
- */
-extern SECItem **
-SEC_PKCS7GetCertificateList(SEC_PKCS7ContentInfo *cinfo);
-
-/* Returns the key length (in bits) of the algorithm used to encrypt
- this object. Returns 0 if it's not encrypted, or the key length is
- irrelevant. */
-extern int
-SEC_PKCS7GetKeyLength(SEC_PKCS7ContentInfo *cinfo);
-
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _SECPKCS7_H_ */
diff --git a/security/nss/lib/pki/Makefile b/security/nss/lib/pki/Makefile
deleted file mode 100644
index bfe27629c..000000000
--- a/security/nss/lib/pki/Makefile
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-ifdef PURE_STAN_BUILD
-include config.mk
-else
-include config34.mk
-endif
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-export:: private_export
diff --git a/security/nss/lib/pki/asymmkey.c b/security/nss/lib/pki/asymmkey.c
deleted file mode 100644
index 1ad65f051..000000000
--- a/security/nss/lib/pki/asymmkey.c
+++ /dev/null
@@ -1,465 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT PRStatus
-NSSPrivateKey_Destroy
-(
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPrivateKey_DeleteStoredObject
-(
- NSSPrivateKey *vk,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSPrivateKey_GetSignatureLength
-(
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSPrivateKey_GetPrivateModulusLength
-(
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
-
-NSS_IMPLEMENT PRBool
-NSSPrivateKey_IsStillPresent
-(
- NSSPrivateKey *vk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FALSE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_Encode
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *ap,
- NSSItem *passwordOpt, /* NULL will cause a callback; "" for no password */
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSPrivateKey_GetTrustDomain
-(
- NSSPrivateKey *vk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSPrivateKey_GetToken
-(
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSPrivateKey_GetSlot
-(
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSPrivateKey_GetModule
-(
- NSSPrivateKey *vk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_Decrypt
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_Sign
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPrivateKey_SignRecover
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSPrivateKey_UnwrapSymmetricKey
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSPrivateKey_DeriveSymmetricKey
-(
- NSSPrivateKey *vk,
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPublicKey *
-NSSPrivateKey_FindPublicKey
-(
- NSSPrivateKey *vk
- /* { don't need the callback here, right? } */
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSPrivateKey_CreateCryptoContext
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSPrivateKey_FindCertificates
-(
- NSSPrivateKey *vk,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSPrivateKey_FindBestCertificate
-(
- NSSPrivateKey *vk,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPublicKey_Destroy
-(
- NSSPublicKey *bk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPublicKey_DeleteStoredObject
-(
- NSSPublicKey *bk,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_Encode
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *ap,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSPublicKey_GetTrustDomain
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSPublicKey_GetToken
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSPublicKey_GetSlot
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSPublicKey_GetModule
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_Encrypt
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSPublicKey_Verify
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_VerifyRecover
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSPublicKey_WrapSymmetricKey
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSPublicKey_CreateCryptoContext
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSPublicKey_FindCertificates
-(
- NSSPublicKey *bk,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSPublicKey_FindBestCertificate
-(
- NSSPublicKey *bk,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSPublicKey_FindPrivateKey
-(
- NSSPublicKey *bk,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
diff --git a/security/nss/lib/pki/certdecode.c b/security/nss/lib/pki/certdecode.c
deleted file mode 100644
index 0182216ee..000000000
--- a/security/nss/lib/pki/certdecode.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-/* XXX
- * move this to a more appropriate location
- */
-NSS_IMPLEMENT PRStatus
-nssPKIObject_Destroy
-(
- nssPKIObject *object
-)
-{
- nssList_Destroy(object->instanceList);
- nssArena_Destroy(object->arena);
-}
-
-#ifdef NSS_3_4_CODE
-/* This is defined in nss3hack.c */
-NSS_EXTERN nssDecodedCert *
-nssDecodedPKIXCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSDER *encoding
-);
-
-NSS_IMPLEMENT PRStatus
-nssDecodedPKIXCertificate_Destroy
-(
- nssDecodedCert *dc
-);
-#else /* NSS_4_0_CODE */
-/* This is where 4.0 PKIX code will handle the decoding */
-static nssDecodedCert *
-nssDecodedPKIXCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSDER *encoding
-)
-{
- return (nssDecodedCert *)NULL;
-}
-
-static PRStatus
-nssDecodedPKIXCertificate_Destroy
-(
- nssDecodedCert *dc
-)
-{
- return PR_FAILURE;
-}
-#endif /* not NSS_3_4_CODE */
-
-NSS_IMPLEMENT nssDecodedCert *
-nssDecodedCert_Create
-(
- NSSArena *arenaOpt,
- NSSDER *encoding,
- NSSCertificateType type
-)
-{
- nssDecodedCert *rvDC = NULL;
- switch(type) {
- case NSSCertificateType_PKIX:
- rvDC = nssDecodedPKIXCertificate_Create(arenaOpt, encoding);
- break;
- default:
-#if 0
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-#endif
- return (nssDecodedCert *)NULL;
- }
- return rvDC;
-}
-
-NSS_IMPLEMENT PRStatus
-nssDecodedCert_Destroy
-(
- nssDecodedCert *dc
-)
-{
- switch(dc->type) {
- case NSSCertificateType_PKIX:
- return nssDecodedPKIXCertificate_Destroy(dc);
- default:
-#if 0
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
-#endif
- break;
- }
- return PR_FAILURE;
-}
-
-/* Of course none of this belongs here */
-
-struct NSSTimeStr {
- PRTime prTime;
-};
-
-/* how bad would it be to have a static now sitting around, updated whenever
- * this was called? would avoid repeated allocs...
- */
-NSS_IMPLEMENT NSSTime *
-NSSTime_Now
-(
- NSSTime *timeOpt
-)
-{
- return NSSTime_SetPRTime(timeOpt, PR_Now());
-}
-
-NSS_IMPLEMENT NSSTime *
-NSSTime_SetPRTime
-(
- NSSTime *timeOpt,
- PRTime prTime
-)
-{
- NSSTime *rvTime;
- rvTime = (timeOpt) ? timeOpt : nss_ZNEW(NULL, NSSTime);
- rvTime->prTime = prTime;
- return rvTime;
-}
-
-NSS_IMPLEMENT PRTime
-NSSTime_GetPRTime
-(
- NSSTime *time
-)
-{
- return time->prTime;
-}
-
diff --git a/security/nss/lib/pki/certificate.c b/security/nss/lib/pki/certificate.c
deleted file mode 100644
index b1fe10885..000000000
--- a/security/nss/lib/pki/certificate.c
+++ /dev/null
@@ -1,605 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifdef NSS_3_4_CODE
-#include "pki3hack.h"
-#endif
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT NSSCertificate *
-nssCertificate_AddRef
-(
- NSSCertificate *c
-)
-{
-#ifdef NSS_3_4_CODE
- /*
- CERTCertificate *cc = STAN_GetCERTCertificate(c);
- CERT_DupCertificate(cc);
- */
-#else
- c->refCount++;
-#endif
- return c;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_Destroy
-(
- NSSCertificate *c
-)
-{
-#ifdef NSS_3_4_CODE
- return nssPKIObject_Destroy(&c->object);
-#else
- if (--c->refCount == 0) {
- return nssPKIObject_Destroy(&c->object);
- }
-#endif
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_DeleteStoredObject
-(
- NSSCertificate *c,
- NSSCallback *uhh
-)
-{
- /* this needs more thought on what will happen when there are multiple
- * instances
- */
- /* XXX use callback to log in if neccessary */
- PRStatus nssrv = PR_SUCCESS;
- nssPKIObjectInstance *instance;
- nssListIterator *instances = c->object.instances;
- for (instance = (nssPKIObjectInstance *)nssListIterator_Start(instances);
- instance != (nssPKIObjectInstance *)NULL;
- instance = (nssPKIObjectInstance *)nssListIterator_Next(instances))
- {
- nssrv = nssToken_DeleteStoredObject(&instance->cryptoki);
- if (nssrv != PR_SUCCESS) {
- break;
- }
- }
- nssListIterator_Finish(instances);
- return nssrv;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_Validate
-(
- NSSCertificate *c,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT void ** /* void *[] */
-NSSCertificate_ValidateCompletely
-(
- NSSCertificate *c,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt, /* NULL for none */
- void **rvOpt, /* NULL for allocate */
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt /* NULL for heap */
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
-(
- NSSCertificate *c,
- NSSTime **notBeforeOutOpt,
- NSSTime **notAfterOutOpt,
- void *allowedUsages,
- void *disallowedUsages,
- void *allowedPolicies,
- void *disallowedPolicies,
- /* more args.. work on this fgmr */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSDER *
-NSSCertificate_Encode
-(
- NSSCertificate *c,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- /* Item, DER, BER are all typedefs now... */
- return nssItem_Duplicate((NSSItem *)&c->encoding, arenaOpt, rvOpt);
-}
-
-NSS_IMPLEMENT nssDecodedCert *
-nssCertificate_GetDecoding
-(
- NSSCertificate *c
-)
-{
- if (!c->decoding) {
- c->decoding = nssDecodedCert_Create(c->object.arena,
- &c->encoding, c->type);
- }
- return c->decoding;
-}
-
-static NSSCertificate *
-find_issuer_cert_for_identifier(NSSCertificate *c, NSSItem *id)
-{
- NSSCertificate *rvCert = NULL;
- NSSCertificate **subjectCerts;
- NSSTrustDomain *td;
- td = NSSCertificate_GetTrustDomain(c);
- /* Find all certs with this cert's issuer as the subject */
- subjectCerts = NSSTrustDomain_FindCertificatesBySubject(td,
- &c->issuer,
- NULL,
- 0,
- NULL);
- if (subjectCerts) {
- NSSCertificate *p;
- nssDecodedCert *dcp;
- int i = 0;
- /* walk the subject certs */
- while ((p = subjectCerts[i++])) {
- dcp = nssCertificate_GetDecoding(p);
- if (dcp->matchIdentifier(dcp, id)) {
- /* this cert has the correct identifier */
- rvCert = p;
- /* now free all the remaining subject certs */
- while ((p = subjectCerts[i++])) {
- NSSCertificate_Destroy(p);
- }
- /* and exit */
- break;
- } else {
- /* cert didn't have the correct identifier, so free it */
- NSSCertificate_Destroy(p);
- }
- }
- nss_ZFreeIf(subjectCerts);
- }
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCertificate_BuildChain
-(
- NSSCertificate *c,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt,
- PRStatus *statusOpt
-)
-{
- PRStatus nssrv;
- nssList *chain;
- NSSItem *issuerID;
- NSSCertificate **rvChain;
- NSSTrustDomain *td;
- nssDecodedCert *dc;
- td = NSSCertificate_GetTrustDomain(c);
-#ifdef NSS_3_4_CODE
- /* This goes down as a 3.4 hack. This function will need to be able to
- * search both crypto contexts and trust domains for the chain.
- */
- if (!td) {
- td = STAN_GetDefaultTrustDomain();
- }
-#endif
- chain = nssList_Create(NULL, PR_FALSE);
- nssList_Add(chain, c);
- if (statusOpt) *statusOpt = PR_SUCCESS;
- if (rvLimit == 1) goto finish;
- while (!nssItem_Equal(&c->subject, &c->issuer, &nssrv)) {
- dc = nssCertificate_GetDecoding(c);
- issuerID = dc->getIssuerIdentifier(dc);
- if (issuerID) {
- c = find_issuer_cert_for_identifier(c, issuerID);
- nss_ZFreeIf(issuerID);
- if (!c) {
- nss_SetError(NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND);
- if (statusOpt) *statusOpt = PR_FAILURE;
- goto finish;
- }
- } else {
-#ifdef NSS_3_4_CODE
- PRBool tmpca = usage->nss3lookingForCA;
- usage->nss3lookingForCA = PR_TRUE;
-#endif
- c = NSSTrustDomain_FindBestCertificateBySubject(td,
- &c->issuer,
- timeOpt,
- usage,
- policiesOpt);
-#ifdef NSS_3_4_CODE
- usage->nss3lookingForCA = tmpca;
-#endif
- if (!c) {
- nss_SetError(NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND);
- if (statusOpt) *statusOpt = PR_FAILURE;
- goto finish;
- }
- }
- nssList_Add(chain, c);
- if (nssList_Count(chain) == rvLimit) goto finish;
- }
-finish:
- if (rvOpt) {
- rvChain = rvOpt;
- } else {
- rvLimit = nssList_Count(chain);
- rvChain = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, rvLimit + 1);
- }
- nssList_GetArray(chain, (void **)rvChain, rvLimit);
- nssList_Destroy(chain);
- /* XXX now, the question is, cache all certs in the chain? */
- return rvChain;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSCertificate_GetTrustDomain
-(
- NSSCertificate *c
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- nssPKIObjectInstance *instance;
- nssList *instances = c->object.instanceList;
- nssrv = nssList_GetArray(instances, (void **)&instance, 1);
- if (nssrv == PR_SUCCESS) {
- return instance->trustDomain;
- } else {
- return (NSSTrustDomain *)NULL;
- }
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSCertificate_GetToken
-(
- NSSCertificate *c,
- PRStatus *statusOpt
-)
-{
- return (NSSToken *)NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSCertificate_GetSlot
-(
- NSSCertificate *c,
- PRStatus *statusOpt
-)
-{
- return (NSSSlot *)NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSCertificate_GetModule
-(
- NSSCertificate *c,
- PRStatus *statusOpt
-)
-{
- return (NSSModule *)NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCertificate_Encrypt
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCertificate_Verify
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCertificate_VerifyRecover
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCertificate_WrapSymmetricKey
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSCertificate_CreateCryptoContext
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPublicKey *
-NSSCertificate_GetPublicKey
-(
- NSSCertificate *c
-)
-{
-#if 0
- CK_ATTRIBUTE pubktemplate[] = {
- { CKA_CLASS, NULL, 0 },
- { CKA_ID, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 }
- };
- PRStatus nssrv;
- CK_ULONG count = sizeof(pubktemplate) / sizeof(pubktemplate[0]);
- NSS_CK_SET_ATTRIBUTE_ITEM(pubktemplate, 0, &g_ck_class_pubkey);
- if (c->id.size > 0) {
- /* CKA_ID */
- NSS_CK_ITEM_TO_ATTRIBUTE(&c->id, &pubktemplate[1]);
- } else {
- /* failure, yes? */
- return (NSSPublicKey *)NULL;
- }
- if (c->subject.size > 0) {
- /* CKA_SUBJECT */
- NSS_CK_ITEM_TO_ATTRIBUTE(&c->subject, &pubktemplate[2]);
- } else {
- /* failure, yes? */
- return (NSSPublicKey *)NULL;
- }
- /* Try the cert's token first */
- if (c->token) {
- nssrv = nssToken_FindObjectByTemplate(c->token, pubktemplate, count);
- }
-#endif
- /* Try all other key tokens */
- return (NSSPublicKey *)NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSCertificate_FindPrivateKey
-(
- NSSCertificate *c,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRBool
-NSSCertificate_IsPrivateKeyAvailable
-(
- NSSCertificate *c,
- NSSCallback *uhh,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FALSE;
-}
-
-NSS_IMPLEMENT PRBool
-NSSUserCertificate_IsStillPresent
-(
- NSSUserCertificate *uc,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FALSE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_Decrypt
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_Sign
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSUserCertificate_SignRecover
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSUserCertificate_UnwrapSymmetricKey
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSUserCertificate_DeriveSymmetricKey
-(
- NSSUserCertificate *uc, /* provides private key */
- NSSCertificate *c, /* provides public key */
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
diff --git a/security/nss/lib/pki/config.mk b/security/nss/lib/pki/config.mk
deleted file mode 100644
index bace96690..000000000
--- a/security/nss/lib/pki/config.mk
+++ /dev/null
@@ -1,154 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-#TARGETS = $(LIBRARY)
-#SHARED_LIBRARY =
-#IMPORT_LIBRARY =
-#PROGRAM =
-
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib
-
-DLLFLAGS += -DEF:nsspki.def
-RES = $(OBJDIR)/nsspki.res
-RESNAME = nsspki.rc
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-
-SHARED_LIBRARY_LIBS = \
- $(DIST)/lib/nssb.lib \
- $(DIST)/lib/nssdev.lib \
- $(DIST)/lib/nsspki.lib \
- $(NULL)
-
-SHARED_LIBRARY_DIRS = \
- ../base \
- ../dev \
- $(NULL)
-
-EXTRA_LIBS += \
- $(NULL)
-
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(OS_LIBS)
-#OS_LIBS += \
-# wsock32.lib \
-# winmm.lib \
-# $(NULL)
-else
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-SHARED_LIBRARY_LIBS = \
- $(DIST)/lib/libnssb.$(LIB_SUFFIX) \
- $(DIST)/lib/libnssdev.$(LIB_SUFFIX) \
- $(DIST)/lib/libnsspki.$(LIB_SUFFIX) \
- $(NULL)
-
-EXTRA_LIBS += \
- $(NULL)
-
-SHARED_LIBRARY_DIRS = \
- ../base \
- ../dev \
- $(NULL)
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-endif
-
-ifeq ($(OS_ARCH),SunOS)
-MAPFILE = $(OBJDIR)/nsspkimap.sun
-ALL_TRASH += $(MAPFILE)
-MKSHLIB += -M $(MAPFILE)
-ifndef USE_64
-ifeq ($(CPU_ARCH),sparc)
-# The -R '$ORIGIN' linker option instructs libnss3.so to search for its
-# dependencies (libfreebl_*.so) in the same directory where it resides.
-MKSHLIB += -R '$$ORIGIN'
-endif
-endif
-endif
-
-ifeq ($(OS_ARCH),AIX)
-MAPFILE = $(OBJDIR)/nsspkimap.aix
-ALL_TRASH += $(MAPFILE)
-EXPORT_RULES = -bexport:$(MAPFILE)
-endif
-
-ifeq ($(OS_ARCH),HP-UX)
-MAPFILE = $(OBJDIR)/nsspkimap.hp
-ALL_TRASH += $(MAPFILE)
-MKSHLIB += -c $(MAPFILE)
-endif
-
-ifeq ($(OS_ARCH), OSF1)
-MAPFILE = $(OBJDIR)/nsspkimap.osf
-ALL_TRASH += $(MAPFILE)
-MKSHLIB += -hidden -input $(MAPFILE)
-endif
-
-ifeq ($(OS_ARCH),Linux)
-MAPFILE = $(OBJDIR)/nsspkimap.linux
-ALL_TRASH += $(MAPFILE)
-MKSHLIB += -Wl,--version-script,$(MAPFILE)
-endif
-
-
-
-
diff --git a/security/nss/lib/pki/config34.mk b/security/nss/lib/pki/config34.mk
deleted file mode 100644
index 4a9ed7dda..000000000
--- a/security/nss/lib/pki/config34.mk
+++ /dev/null
@@ -1,48 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/pki/cryptocontext.c b/security/nss/lib/pki/cryptocontext.c
deleted file mode 100644
index bd10ad80e..000000000
--- a/security/nss/lib/pki/cryptocontext.c
+++ /dev/null
@@ -1,952 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifdef NSS_3_4_CODE
-#include "pk11func.h"
-#include "dev3hack.h"
-#endif
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_Destroy
-(
- NSSCryptoContext *cc
-)
-{
- nssArena_Destroy(cc->arena);
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_SetDefaultCallback
-(
- NSSCryptoContext *td,
- NSSCallback *newCallback,
- NSSCallback **oldCallbackOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSCallback *
-NSSCryptoContext_GetDefaultCallback
-(
- NSSCryptoContext *td,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSCryptoContext_GetTrustDomain
-(
- NSSCryptoContext *td
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ImportCertificate
-(
- NSSCryptoContext *cc,
- NSSCertificate *c
-)
-{
- NSSToken *token;
- nssSession *session = NULL;
-#ifdef NSS_3_4_CODE
- /* XXX hack alert - what this needs to do is find the preferred
- * token for cert storage
- */
- if (PR_TRUE) {
- PK11SlotInfo *slot = PK11_GetInternalSlot();
- token = PK11Slot_GetNSSToken(slot);
- }
-#endif
- /*
- * question - are there multiple available tokens for the crypto context?
- * in that case, it needs to store a session for each one
- */
-#ifdef nodef
- session = get_token_session(cc, tok);
- if (!session) {
- return PR_FAILURE;
- }
-#endif
- return nssToken_ImportCertificate(token, session, c, NULL, cc);
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_ImportPKIXCertificate
-(
- NSSCryptoContext *cc,
- struct NSSPKIXCertificateStr *pc
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_ImportEncodedCertificate
-(
- NSSCryptoContext *cc,
- NSSBER *ber
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ImportEncodedPKIXCertificateChain
-(
- NSSCryptoContext *cc,
- NSSBER *ber
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNickname
-(
- NSSCryptoContext *cc,
- NSSUTF8 *name,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesByNickname
-(
- NSSCryptoContext *cc,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
-(
- NSSCryptoContext *cc,
- NSSDER *issuer,
- NSSDER *serialNumber
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateBySubject
-(
- NSSCryptoContext *cc,
- NSSUTF8 *subject,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesBySubject
-(
- NSSCryptoContext *cc,
- NSSUTF8 *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNameComponents
-(
- NSSCryptoContext *cc,
- NSSUTF8 *nameComponents,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindCertificatesByNameComponents
-(
- NSSCryptoContext *cc,
- NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificateByEncodedCertificate
-(
- NSSCryptoContext *cc,
- NSSBER *encodedCertificate
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestCertificateByEmail
-(
- NSSCryptoContext *cc,
- NSSASCII7 *email
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificatesByEmail
-(
- NSSCryptoContext *cc,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindCertificateByOCSPHash
-(
- NSSCryptoContext *cc,
- NSSItem *hash
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestUserCertificate
-(
- NSSCryptoContext *cc,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindUserCertificates
-(
- NSSCryptoContext *cc,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
-(
- NSSCryptoContext *cc,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSCryptoContext_FindUserCertificatesForSSLClientAuth
-(
- NSSCryptoContext *cc,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForEmailSigning
-(
- NSSCryptoContext *cc,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSCryptoContext_FindUserCertificatesForEmailSigning
-(
- NSSCryptoContext *cc,
- NSSASCII7 *signerOpt, /* fgmr or a more general name? */
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_GenerateKeyPair
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- NSSPrivateKey **pvkOpt,
- NSSPublicKey **pbkOpt,
- PRBool privateKeyIsSensitive,
- NSSToken *destination,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- PRUint32 keysize,
- NSSToken *destination,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKeyFromPassword
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- NSSUTF8 *passwordOpt, /* if null, prompt */
- NSSToken *destinationOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
-(
- NSSCryptoContext *cc,
- NSSOID *algorithm,
- NSSItem *keyID,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-struct token_session_str {
- NSSToken *token;
- nssSession *session;
-};
-
-#ifdef nodef
-static nssSession *
-get_token_session(NSSCryptoContext *cc, NSSToken *tok)
-{
- struct token_session_str *ts;
- for (ts = (struct token_session_str *)nssListIterator_Start(cc->sessions);
- ts != (struct token_session_str *)NULL;
- ts = (struct token_session_str *)nssListIterator_Next(cc->sessions))
- {
- if (ts->token == tok) { /* will this need to be more general? */
- break;
- }
- }
- nssListIterator_Finish(cc->sessions);
- if (!ts) {
- /* need to create a session for this token. */
- ts = nss_ZNEW(NULL, struct token_session_str);
- ts->token = nssToken_AddRef(tok);
- ts->session = nssSlot_CreateSession(tok->slot, cc->arena, PR_FALSE);
- nssList_AddElement(cc->sessionList, (void *)ts);
- }
- return ts->session;
-}
-#endif
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Decrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
-#if 0
- NSSToken *tok;
- nssSession *session;
- NSSItem *rvData;
- PRUint32 dataLen;
- NSSAlgorithmAndParameters *ap;
- CK_RV ckrv;
- ap = (apOpt) ? apOpt : cc->defaultAlgorithm;
- /* Get the token for this operation */
- tok = nssTrustDomain_GetCryptoToken(cc->trustDomain, ap);
- if (!tok) {
- return (NSSItem *)NULL;
- }
- /* Get the local session for this token */
- session = get_token_session(cc, tok);
- /* Get the key needed to decrypt */
- keyHandle = get_decrypt_key(cc, ap);
- /* Set up the decrypt operation */
- ckrv = CKAPI(tok)->C_DecryptInit(session->handle,
- &ap->mechanism, keyHandle);
- if (ckrv != CKR_OK) {
- /* handle PKCS#11 error */
- return (NSSItem *)NULL;
- }
- /* Get the length of the output buffer */
- ckrv = CKAPI(tok)->C_Decrypt(session->handle,
- (CK_BYTE_PTR)encryptedData->data,
- (CK_ULONG)encryptedData->size,
- (CK_BYTE_PTR)NULL,
- (CK_ULONG_PTR)&dataLen);
- if (ckrv != CKR_OK) {
- /* handle PKCS#11 error */
- return (NSSItem *)NULL;
- }
- /* Alloc return value memory */
- rvData = nssItem_Create(NULL, NULL, dataLen, NULL);
- if (!rvItem) {
- return (NSSItem *)NULL;
- }
- /* Do the decryption */
- ckrv = CKAPI(tok)->C_Decrypt(cc->session->handle,
- (CK_BYTE_PTR)encryptedData->data,
- (CK_ULONG)encryptedData->size,
- (CK_BYTE_PTR)rvData->data,
- (CK_ULONG_PTR)&dataLen);
- if (ckrv != CKR_OK) {
- /* handle PKCS#11 error */
- nssItem_ZFreeIf(rvData);
- return (NSSItem *)NULL;
- }
- return rvData;
-#endif
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginDecrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueDecrypt
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishDecrypt
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Sign
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginSign
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ContinueSign
-(
- NSSCryptoContext *cc,
- NSSItem *data
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishSign
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_SignRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginSignRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueSignRecover
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishSignRecover
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_UnwrapSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSCryptoContext_DeriveSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Encrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginEncrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueEncrypt
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishEncrypt
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_Verify
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginVerify
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ContinueVerify
-(
- NSSCryptoContext *cc,
- NSSItem *data
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_FinishVerify
-(
- NSSCryptoContext *cc
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_VerifyRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginVerifyRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_ContinueVerifyRecover
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishVerifyRecover
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_WrapSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_Digest
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- return nssToken_Digest(cc->token, cc->session, apOpt,
- data, rvOpt, arenaOpt);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_BeginDigest
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-)
-{
- return nssToken_BeginDigest(cc->token, cc->session, apOpt);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSCryptoContext_ContinueDigest
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *item
-)
-{
- /*
- NSSAlgorithmAndParameters *ap;
- ap = (apOpt) ? apOpt : cc->ap;
- */
- /* why apOpt? can't change it at this point... */
- return nssToken_ContinueDigest(cc->token, cc->session, item);
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSCryptoContext_FinishDigest
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- return nssToken_FinishDigest(cc->token, cc->session, rvOpt, arenaOpt);
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSCryptoContext_Clone
-(
- NSSCryptoContext *cc
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
diff --git a/security/nss/lib/pki/doc/standiag.png b/security/nss/lib/pki/doc/standiag.png
deleted file mode 100644
index fe1aca389..000000000
--- a/security/nss/lib/pki/doc/standiag.png
+++ /dev/null
Binary files differ
diff --git a/security/nss/lib/pki/doc/standoc.html b/security/nss/lib/pki/doc/standoc.html
deleted file mode 100644
index 43eb3a3cf..000000000
--- a/security/nss/lib/pki/doc/standoc.html
+++ /dev/null
@@ -1,471 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
- <!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-
-
- <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
- <title>Stan Design - Work In Progress</title>
-</head>
- <body>
- <br>
- This is a working document for progress on Stan design/development.<br>
- <br>
- Current <a href="#build">build</a>
- and <a href="#test">test</a>
- instructions.<br>
- <br>
- The current set of Stan libraries.<br>
- <a href="#asn1">asn1</a>
- <br>
- <a href="#base">base</a>
- <br>
- <a href="#ckfw">ckfw</a>
- <br>
- <a href="#dev">dev</a>
- <br>
- <a href="#pki">pki</a>
- <br>
- <a href="#pki1">pki1</a>
- <br>
- <a href="#pkix">pkix</a>
- <br>
- <br>
- "Public" types below (those available to consumers of
- NSS) begin with "NSS". &nbsp;"Protected" types (those only available
- within NSS) begin with "nss".<br>
- <br>
- Open issues appears as numbered indents.<br>
- <br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="asn1"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/asn1/">
- ASN.1</a>
- </h3>
- ASN.1 encoder/decoder wrapping around the current
- ASN.1 implementation.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSASN1EncodingType"> NSSASN1EncodingType</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Item">nssASN1Item</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Template">nssASN1Template</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1ChooseTemplateFunction">
- nssASN1ChooseTemplateFunction</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Encoder">nssASN1Encoder</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1Decoder">nssASN1Decoder</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1EncodingPart"> nssASN1EncodingPart</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1NotifyFunction">
- nssASN1NotifyFunction</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1EncoderWriteFunction">
- nssASN1EncoderWriteFunction</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssASN1DecoderFilterFunction">
- nssASN1DecoderFilterFunction</a>
- <br>
- <br>
-
-<hr width="100%" size="2" align="Left">
-<h3><a name="base"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/base/">
- Base</a>
- </h3>
- Set of base utilities for Stan implementation.
-&nbsp;These are all fairly straightforward, except for nssPointerTracker.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSError">NSSError</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSArena">NSSArena</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSItem">NSSItem</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSBER">NSSBER</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSDER">NSSDER</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSBitString">NSSBitString</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUTF8">NSSUTF8</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSASCII7">NSSASCII7</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssArenaMark">nssArenaMark</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssPointerTracker">nssPointerTracker</a>
- <br>
- This is intended for debug builds only.<br>
-
-<ol>
- <li>Ignored for now.<br>
- </li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssStringType">nssStringType</a>
- <br>
- <br>
- Suggested additions:<br>
-
-<ol>
- <li>nssList - A list that optionally uses a lock. &nbsp;This list would
- manage the currently loaded modules in a trust domain, etc.</li>
-
- <ul>
- <li>SECMODListLock kept track of the number of waiting threads. &nbsp;Will
- this be needed in the trust domain?</li>
-
- </ul>
-
-</ol>
- <br>
-
-<hr width="100%" size="2" align="Left">
-<h3><a name="ckfw"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/">
- CKFW</a>
- </h3>
- The cryptoki framework, used for building cryptoki tokens.
- &nbsp;This needs to be described in a separate document showing how
- to set up a token using CKFW. &nbsp;This code only relates to tokens,
- so it is not relevant here.<br>
- <br>
- <br>
-
-<hr width="100%" size="2" align="Left">
-<h3><a name="dev"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/dev/">
- Device</a>
- </h3>
- Defines cryptoki devices used in NSS. &nbsp;This
- is not part of the exposed API. &nbsp;It is a low-level API allowing
-NSS to manage cryptoki devices.<br>
- <br>
- The relationship is like this:<br>
- <br>
- libpki --&gt; libdev --&gt; cryptoki<br>
- <br>
- As an example,<br>
- <br>
- NSSTrustDomain_FindCertificate --&gt; NSSToken_FindCertificate --&gt;
- C_FindObjects<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSModule">NSSModule</a>
- <br>
- Replaces the SECMOD API. &nbsp;The module manages a
-PRLibrary that holds a cryptoki implementation via a number of slots.
-&nbsp;The API should provide the ability to Load and Unload a module,
-Login and Logout to the module (through its slots), and to locate a
-particular slot/token.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSSlot">NSSSlot</a>
- <br>
- This and NSSToken combine to replace the PK11 API parts
- that relate to slot and token management. &nbsp;The slot API should
- provide the ability to Login/Logout to a slot, check the login status,
- determine basic configuration information about the slot, and modify
- the password settings.<br>
-
-<ol>
- <li>Should slots also maintain a default session? &nbsp;This session would
- be used for slot management calls (sections 9.5 and9.6 of PKCS#11). &nbsp;Or
- is the token session sufficient (this would not work if C_GetTokenInfo and
- C_InitToken need to be wrapped in a threadsafe session).<br>
- </li>
-
-</ol>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSToken">NSSToken</a>
- <br>
- Fills in the gaps left by NSSSlot. &nbsp;Much of the
-cryptoki API is directed towards slots. &nbsp;However, some functionality
- clearly belongs with a token type. &nbsp;For example, a certificate
- lives on a token, not a slot, so one would expect a function NSSToken_FindCertificate.
- &nbsp;Thus functions that deal with importing/exporting an object
-and performing actual cryptographic operations belong here.<br>
-
-<ol>
- <li>The distinction between a slot and a token is not clear. &nbsp;Most
- functions take a slotID as an argument, even though it is obvious that
- the event is intended to occur on a token. &nbsp;That leaves various
- possibilities:</li>
-
- <ol>
- <li>Implement the API entirely as NSSToken. &nbsp;If the token is not
- present, some calls will simply fail.</li>
- <li>Divide the API between NSSToken and NSSSlot, as described above.
-&nbsp;NSSSlot would handle cryptoki calls specified as "slot management",
- while NSSToken handles actual token operations.</li>
- <li>Others?</li>
-
- </ol>
- <li>Session management. &nbsp;Tokens needs a threadsafe session handle
- to perform operations. &nbsp;CryptoContexts are meant to provide such sessions,
- but other objects will need access to token functions as well (examples:
-the TrustDomain_Find functions, _Login, _Logout, and others that do not exist
- such as NSSToken_ChangePassword). &nbsp;For those functions, the token could
- maintain a default session. &nbsp;Thus all NSSToken API functions would take
- sessionOpt as an argument. &nbsp;If the caller is going to provide a session,
- it sends an NSSSession there, otherwise it sends NULL and the default session
- is utilized.<br>
- </li>
-
-</ol>
- Proposed:<br>
- NSSSession<br>
- Wraps a Cryptoki session. &nbsp;Created from a slot. &nbsp;Used to manage
- sessions for crypto contexts. &nbsp;Has a lock field, which locks the session
- if the slot is not threadsafe.<br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="pki"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/">
- PKI</a>
- </h3>
- The NSS PKI library.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCertificate">NSS</a>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCertificate">Certificate</a>
- <br>
-
-<ol>
- <li>The API leaves open the possibility of NSSCertificate meaning various
- certificate types, not just X.509. &nbsp;The way to keep open this possibility
- is to keep only generally useful information in the NSSCertificate type.
-&nbsp;Examples would be the certificate encoding, label, trust (obtained
- from cryptoki calls), an email address, etc. &nbsp;Some type of generic
-reference should be kept to the decoded certificate, which would then be
-accessed by a type-specific API (e.g., NSSX509_GetSubjectName).</li>
-
-</ol>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUserCertificate">NSSUserCertificate</a>
- <br>
-
-<ol>
- <li>Should this be a typedef of NSSCertificate?&nbsp; This implies that
- any function that requires an NSSUserCertificate would fail when called
- with a certificate lacking a private key. </li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPrivateKey">NSSPrivateKey</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPublicKey">NSSPublicKey</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSSymmetricKey">NSSSymmetricKey</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSTrustDomain">NSSTrustDomain</a>
- <br>
- A trust domain is "the field in which certificates may
- be validated." &nbsp;It is a collection of modules capable of performing
- cryptographic operations and storing certs and keys. &nbsp;This collection
- is managed by NSS in a manner opaque to the consumer. &nbsp;The slots
- will have various orderings determining which has preference for a
-given operation. &nbsp;For example, the trust domain may order the storage
- of user certificates one way, and the storage of email certificates in
- another way [is that a good example?].<br>
- <br>
-
-<ol>
- <li> How will ordering work? &nbsp;We already have the suggestion
- that there be two kinds of ordering: storage and search. &nbsp;How
-will they be constructed/managed? &nbsp;Do we want to expose access
-to a token that overrides this ordering (i.e., the download of updated
-root certs may need to override storage order)</li>
- <li>How are certs cached? &nbsp;Nelson wonders what it means to Stan
- when a cert does not live on a token yet. &nbsp;Bob, Terry, and I discussed
- this. &nbsp;My conclusion is that there should be a type, separate
-from NSSCertificate, that holds the decoded cert parts (e.g., NSSX509Certificate,
- or to avoid confusion, NSSX509DecodedParts). &nbsp;NSSCertificate would
- keep a handle to this type, so that it only needs to decode the cert
-once. &nbsp;The NSSTrustDomain would keep a hash table of cached certs,
-some of which may not live on a token yet (i.e., they are only NSSX509DecodedParts).
- &nbsp;This cache could be accessed in the same way the temp db was,
-and when the cert is ready to be moved onto a token a call to NSSTrustDomain_ImportCertificate
- is made. &nbsp;Note that this is essentially the same as CERT_TempCertToPerm.</li>
-
- <ul>
- <li>The hashtable in lib/base (copied from ckfw/hash.c) uses the identity
-hash. &nbsp;Therefore, in a hash of certificates, the key is the certificate
-pointer itself. &nbsp;One possibility is to store the decoded cert (NSSX509DecodedParts
-above) as the value in the {key, value} pair. &nbsp;When a cert is decoded,
-the cert pointer and decoding pointer are added to the hash. &nbsp;Subsequent
-lookups have access to one or both of these pointers. &nbsp;This keeps NSSCertificate
-separate from its decoding, while providing a way to locate it.</li>
-
- </ul>
- <li>The API is designed to keep token details hidden from the user. &nbsp;However,
- it has already been realized that PSM and CMS may need special access to
-tokens. &nbsp;Is this part of the TrustDomain API, or should PSM and CMS
-be allowed to use "friend" headers from the Token API?</li>
- <li>Do we want to allow traversal via NSSTrustDomain_TraverseXXXX?<br>
- </li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCryptoContext"><br>
- NSSCryptoContext</a>
- <br>
- Analgous to a Cryptoki session. &nbsp;Manages session objects only.<br>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSTime">NSSTime</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSUsage">NSSUsage</a>
- <br>
-
-<ol>
- <li> See Fred's <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/nsspkit.h#187">
- comments</a>
- .</li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSPolicies">NSSPolicies</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSAlgorithmAndParameters">
- NSSAlgorithmAndParameters</a>
- <br>
-
-<ol>
- <li> Again, Fred's <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki/nsspkit.h#215">
- comments</a>
- . &nbsp;The old NSS code had various types related to algorithms
- running around in it. &nbsp;We had SECOidTag, SECAlgorithmID, SECItem's
- for parameters, CK_MECHANISM for cryptoki, etc. &nbsp;This type should
- be able to encapsulate all of those.</li>
-
-</ol>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSCallback">NSSCallback</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSOperations">NSSOperations</a>
- <br>
- <br>
- <br>
-
-<hr width="100%" size="2"><br>
- <br>
- A diagram to suggest a possible TrustDomain architecture.<br>
- <br>
- <img src="./standiag.png" alt="Trust Domain Diagram" width="748" height="367">
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="pki1"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pki1/">
- PKI1</a>
- </h3>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSOID">NSSOID</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSATAV">NSSATAV</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSRDN">NSSRDN</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSRDNSeq">NSSRDNSeq</a>
- <br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=NSSName">NSSName</a>
- <br>
- NSSNameChoice<br>
- NSSGeneralName<br>
- NSSGeneralNameChoice<br>
- NSSOtherName<br>
- NSSRFC822Name<br>
- NSSDNSName<br>
- NSSX400Address<br>
- NSSEdiParityAddress<br>
- NSSURI<br>
- NSSIPAddress<br>
- NSSRegisteredID<br>
- NSSGeneralNameSeq<br>
- <a href="http://lxr.mozilla.org/mozilla/ident?i=nssAttributeTypeAliasTable">
- nssAttributeTypeAliasTable</a>
- <br>
- <br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="pkix"></a>
- <a href="http://lxr.mozilla.org/mozilla/source/security/nss/lib/pkix/">
- PKIX&nbsp;</a>
- </h3>
- There is a plethora of PKIX related types here.<br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="build"></a>
- Building Stan</h3>
- <br>
- From nss/lib, run "make BUILD_STAN=1"<br>
- <br>
-
-<hr width="100%" size="2" align="Left"><br>
-
-<h3><a name="test"></a>
- Testing Stan</h3>
- A&nbsp;new command line tool, pkiutil, has been created to use only
- the Stan API. &nbsp;It depends on a new library, cmdlib, meant to replace
- the old secutil library. &nbsp;The old library had code used by products
- that needed to be integrated into the main library codebase somehow. &nbsp;The
- goal of the new cmdlib is to have functionality needed strictly for NSS
- tools.<br>
- <br>
- How to build:<br>
-
-<ol>
- <li>cd nss/cmd/cmdlib; make</li>
- <li>cd ../pkiutil; make</li>
-
-</ol>
- pkiutil will give detailed help with either "pkiutil -?" or "pkiutil
- --help".<br>
- <br>
- So far, the only available test is to list certs on the builtins token.
- &nbsp;Copy "libnssckbi.so" (or whatever it is) to cmd/pkiutil. &nbsp;Then
- run "pkiutil -L" or "pkiutil --list". &nbsp;The list of certificate nicknames
- should be displayed.<br>
- <br>
- <br>
-
-</body>
-</html>
diff --git a/security/nss/lib/pki/manifest.mn b/security/nss/lib/pki/manifest.mn
deleted file mode 100644
index e52c8d146..000000000
--- a/security/nss/lib/pki/manifest.mn
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- pki.h \
- pkit.h \
- $(NULL)
-
-EXPORTS = \
- nsspkit.h \
- nsspki.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- asymmkey.c \
- certificate.c \
- cryptocontext.c \
- symmkey.c \
- trustdomain.c \
- tdcache.c \
- certdecode.c \
- $(NULL)
-
-ifndef PURE_STAN_BUILD
-CSRCS += pki3hack.c
-PRIVATE_EXPORTS += pki3hack.h pkitm.h pkim.h
-DEFINES = -DNSS_3_4_CODE
-endif
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = nsspki
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/pki/nsspki.def b/security/nss/lib/pki/nsspki.def
deleted file mode 100644
index d32a4d1e6..000000000
--- a/security/nss/lib/pki/nsspki.def
+++ /dev/null
@@ -1,249 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation. Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation. All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above. If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL. If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+# 1. For all unix platforms, the string ";-" means "remove this line"
-;+# 2. For all unix platforms, the string " DATA " will be removed from any
-;+# line on which it occurs.
-;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+# On AIX, lines containing ";+" will be removed.
-;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+# 5. For all unix platforms, after the above processing has taken place,
-;+# all characters after the first ";" on the line will be removed.
-;+# And for AIX, the first ";" will also be removed.
-;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+# directives are hidden behind ";", ";+", and ";-"
-;+#
-;+#
-;+# This file contains the complete Stan API to date. Functions that are
-;+# not yet implemented are commented out.
-;+
-;+NSS_3.4 { # NSS 3.4 release
-;+ global:
-LIBRARY nsspki3 ;-
-EXPORTS ;-
-NSSArena_Create
-NSSArena_Destroy
-NSS_GetError
-NSS_GetErrorStack
-;NSSCertificate_Destroy;
-;NSSCertificate_DeleteStoredObject;
-;NSSCertificate_Validate;
-;NSSCertificate_ValidateCompletely;
-;NSSCertificate_ValidateAndDiscoverUsagesAndPolicies;
-;NSSCertificate_Encode;
-;NSSCertificate_BuildChain;
-;NSSCertificate_GetTrustDomain;
-;NSSCertificate_GetToken;
-;NSSCertificate_GetSlot;
-;NSSCertificate_GetModule;
-;NSSCertificate_Encrypt;
-;NSSCertificate_Verify;
-;NSSCertificate_VerifyRecover;
-;NSSCertificate_WrapSymmetricKey;
-;NSSCertificate_CreateCryptoContext;
-;NSSCertificate_GetPublicKey;
-;NSSCertificate_FindPrivateKey;
-;NSSCertificate_IsPrivateKeyAvailable;
-;NSSUserCertificate_IsStillPresent;
-;NSSUserCertificate_Decrypt;
-;NSSUserCertificate_Sign;
-;NSSUserCertificate_SignRecover;
-;NSSUserCertificate_UnwrapSymmetricKey;
-;NSSUserCertificate_DeriveSymmetricKey;
-;NSSPrivateKey_Destroy;
-;NSSPrivateKey_DeleteStoredObject;
-;NSSPrivateKey_GetSignatureLength;
-;NSSPrivateKey_GetPrivateModulusLength;
-;NSSPrivateKey_IsStillPresent;
-;NSSPrivateKey_Encode;
-;NSSPrivateKey_GetTrustDomain;
-;NSSPrivateKey_GetToken;
-;NSSPrivateKey_GetSlot;
-;NSSPrivateKey_GetModule;
-;NSSPrivateKey_Decrypt;
-;NSSPrivateKey_Sign;
-;NSSPrivateKey_SignRecover;
-;NSSPrivateKey_UnwrapSymmetricKey;
-;NSSPrivateKey_DeriveSymmetricKey;
-;NSSPrivateKey_FindPublicKey;
-;NSSPrivateKey_CreateCryptoContext;
-;NSSPrivateKey_FindCertificates;
-;NSSPrivateKey_FindBestCertificate;
-;NSSPublicKey_Destroy;
-;NSSPublicKey_DeleteStoredObject;
-;NSSPublicKey_Encode;
-;NSSPublicKey_GetTrustDomain;
-;NSSPublicKey_GetToken;
-;NSSPublicKey_GetSlot;
-;NSSPublicKey_GetModule;
-;NSSPublicKey_Encrypt;
-;NSSPublicKey_Verify;
-;NSSPublicKey_VerifyRecover;
-;NSSPublicKey_WrapSymmetricKey;
-;NSSPublicKey_CreateCryptoContext;
-;NSSPublicKey_FindCertificates;
-;NSSPublicKey_FindBestCertificate;
-;NSSPublicKey_FindPrivateKey;
-;NSSSymmetricKey_Destroy;
-;NSSSymmetricKey_DeleteStoredObject;
-;NSSSymmetricKey_GetKeyLength;
-;NSSSymmetricKey_GetKeyStrength;
-;NSSSymmetricKey_IsStillPresent;
-;NSSSymmetricKey_GetTrustDomain;
-;NSSSymmetricKey_GetToken;
-;NSSSymmetricKey_GetSlot;
-;NSSSymmetricKey_GetModule;
-;NSSSymmetricKey_Encrypt;
-;NSSSymmetricKey_Decrypt;
-;NSSSymmetricKey_Sign;
-;NSSSymmetricKey_SignRecover;
-;NSSSymmetricKey_Verify;
-;NSSSymmetricKey_VerifyRecover;
-;NSSSymmetricKey_WrapSymmetricKey;
-;NSSSymmetricKey_WrapPrivateKey;
-;NSSSymmetricKey_UnwrapSymmetricKey;
-;NSSSymmetricKey_UnwrapPrivateKey;
-;NSSSymmetricKey_DeriveSymmetricKey;
-;NSSSymmetricKey_CreateCryptoContext;
-NSSTrustDomain_Create;
-;NSSTrustDomain_Destroy;
-;NSSTrustDomain_SetDefaultCallback;
-;NSSTrustDomain_GetDefaultCallback;
-NSSTrustDomain_LoadModule;
-;NSSTrustDomain_DisableToken;
-;NSSTrustDomain_EnableToken;
-;NSSTrustDomain_IsTokenEnabled;
-;NSSTrustDomain_FindSlotByName;
-;NSSTrustDomain_FindTokenByName;
-;NSSTrustDomain_FindTokenBySlotName;
-;NSSTrustDomain_FindTokenForAlgorithm;
-;NSSTrustDomain_FindBestTokenForAlgorithms;
-;NSSTrustDomain_Login;
-;NSSTrustDomain_Logout;
-;NSSTrustDomain_ImportCertificate;
-;NSSTrustDomain_ImportPKIXCertificate;
-;NSSTrustDomain_ImportEncodedCertificate;
-;NSSTrustDomain_ImportEncodedCertificateChain;
-;NSSTrustDomain_ImportEncodedPrivateKey;
-;NSSTrustDomain_ImportEncodedPublicKey;
-;NSSTrustDomain_FindBestCertificateByNickname;
-NSSTrustDomain_FindCertificatesByNickname
-;NSSTrustDomain_FindCertificateByIssuerAndSerialNumber;
-;NSSTrustDomain_FindBestCertificateBySubject;
-;NSSTrustDomain_FindCertificatesBySubject;
-;NSSTrustDomain_FindBestCertificateByNameComponents;
-;NSSTrustDomain_FindCertificatesByNameComponents;
-;NSSTrustDomain_FindCertificateByEncodedCertificate;
-;NSSTrustDomain_FindCertificateByEmail;
-;NSSTrustDomain_FindCertificatesByEmail;
-;NSSTrustDomain_FindCertificateByOCSPHash;
-;NSSTrustDomain_FindBestUserCertificate;
-;NSSTrustDomain_FindUserCertificates;
-;NSSTrustDomain_FindBestUserCertificateForSSLClientAuth;
-;NSSTrustDomain_FindUserCertificatesForSSLClientAuth;
-;NSSTrustDomain_FindBestUserCertificateForEmailSigning;
-;NSSTrustDomain_FindUserCertificatesForEmailSigning;
-;NSSTrustDomain_GenerateKeyPair;
-;NSSTrustDomain_GenerateSymmetricKey;
-;NSSTrustDomain_GenerateSymmetricKeyFromPassword;
-;NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID;
-;NSSTrustDomain_CreateCryptoContext;
-;NSSTrustDomain_CreateCryptoContextForAlgorithm;
-;NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters;
-;NSSCryptoContext_Destroy;
-;NSSCryptoContext_SetDefaultCallback;
-;NSSCryptoContext_GetDefaultCallback;
-;NSSCryptoContext_GetTrustDomain;
-;NSSCryptoContext_ImportCertificate;
-;NSSCryptoContext_ImportPKIXCertificate;
-;NSSCryptoContext_ImportEncodedCertificate;
-;NSSCryptoContext_ImportEncodedPKIXCertificateChain;
-;NSSCryptoContext_FindBestCertificateByNickname;
-;NSSCryptoContext_FindCertificatesByNickname;
-;NSSCryptoContext_FindCertificateByIssuerAndSerialNumber;
-;NSSCryptoContext_FindBestCertificateBySubject;
-;NSSCryptoContext_FindCertificatesBySubject;
-;NSSCryptoContext_FindBestCertificateByNameComponents;
-;NSSCryptoContext_FindCertificatesByNameComponents;
-;NSSCryptoContext_FindCertificateByEncodedCertificate;
-;NSSCryptoContext_FindBestCertificateByEmail;
-;NSSCryptoContext_FindCertificatesByEmail;
-;NSSCryptoContext_FindCertificateByOCSPHash;
-;NSSCryptoContext_FindBestUserCertificate;
-;NSSCryptoContext_FindUserCertificates;
-;NSSCryptoContext_FindBestUserCertificateForSSLClientAuth;
-;NSSCryptoContext_FindUserCertificatesForSSLClientAuth;
-;NSSCryptoContext_FindBestUserCertificateForEmailSigning;
-;NSSCryptoContext_FindUserCertificatesForEmailSigning;
-;NSSCryptoContext_GenerateKeyPair;
-;NSSCryptoContext_GenerateSymmetricKey;
-;NSSCryptoContext_GenerateSymmetricKeyFromPassword;
-;NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID;
-;NSSCryptoContext_Decrypt;
-;NSSCryptoContext_BeginDecrypt;
-;NSSCryptoContext_ContinueDecrypt;
-;NSSCryptoContext_FinishDecrypt;
-;NSSCryptoContext_Sign;
-;NSSCryptoContext_BeginSign;
-;NSSCryptoContext_ContinueSign;
-;NSSCryptoContext_FinishSign;
-;NSSCryptoContext_SignRecover;
-;NSSCryptoContext_BeginSignRecover;
-;NSSCryptoContext_ContinueSignRecover;
-;NSSCryptoContext_FinishSignRecover;
-;NSSCryptoContext_UnwrapSymmetricKey;
-;NSSCryptoContext_DeriveSymmetricKey;
-;NSSCryptoContext_Encrypt;
-;NSSCryptoContext_BeginEncrypt;
-;NSSCryptoContext_ContinueEncrypt;
-;NSSCryptoContext_FinishEncrypt;
-;NSSCryptoContext_Verify;
-;NSSCryptoContext_BeginVerify;
-;NSSCryptoContext_ContinueVerify;
-;NSSCryptoContext_FinishVerify;
-;NSSCryptoContext_VerifyRecover;
-;NSSCryptoContext_BeginVerifyRecover;
-;NSSCryptoContext_ContinueVerifyRecover;
-;NSSCryptoContext_FinishVerifyRecover;
-;NSSCryptoContext_WrapSymmetricKey;
-;NSSCryptoContext_Digest;
-;NSSCryptoContext_BeginDigest;
-;NSSCryptoContext_ContinueDigest;
-;NSSCryptoContext_FinishDigest;
-;NSSCryptoContext_Clone;
-;+ local:
-NSSTrustDomain_TraverseCertificates;
-NSSCertificate_GetID;
-NSSCertificate_GetLabel;
-;+ *;
-;+};
diff --git a/security/nss/lib/pki/nsspki.h b/security/nss/lib/pki/nsspki.h
deleted file mode 100644
index 5d0617261..000000000
--- a/security/nss/lib/pki/nsspki.h
+++ /dev/null
@@ -1,3187 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKI_H
-#define NSSPKI_H
-
-#ifdef DEBUG
-static const char NSSPKI_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspki.h
- *
- * This file prototypes the methods of the top-level PKI objects.
- */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef NSSPKI1_H
-#include "nsspki1.h"
-#endif /* NSSPKI1_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A note about interfaces
- *
- * Although these APIs are specified in C, a language which does
- * not have fancy support for abstract interfaces, this library
- * was designed from an object-oriented perspective. It may be
- * useful to consider the standard interfaces which went into
- * the writing of these APIs.
- *
- * Basic operations on all objects:
- * Destroy -- free a pointer to an object
- * DeleteStoredObject -- delete an object permanently
- *
- * Public Key cryptographic operations:
- * Encrypt
- * Verify
- * VerifyRecover
- * Wrap
- * Derive
- *
- * Private Key cryptographic operations:
- * IsStillPresent
- * Decrypt
- * Sign
- * SignRecover
- * Unwrap
- * Derive
- *
- * Symmetric Key cryptographic operations:
- * IsStillPresent
- * Encrypt
- * Decrypt
- * Sign
- * SignRecover
- * Verify
- * VerifyRecover
- * Wrap
- * Unwrap
- * Derive
- *
- */
-
-/*
- * NSSCertificate
- *
- * These things can do crypto ops like public keys, except that the trust,
- * usage, and other constraints are checked. These objects are "high-level,"
- * so trust, usages, etc. are in the form we throw around (client auth,
- * email signing, etc.). Remember that theoretically another implementation
- * (think PGP) could be beneath this object.
- */
-
-/*
- * NSSCertificate_Destroy
- *
- * Free a pointer to a certificate object.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_Destroy
-(
- NSSCertificate *c
-);
-
-/*
- * NSSCertificate_DeleteStoredObject
- *
- * Permanently remove this certificate from storage. If this is the
- * only (remaining) certificate corresponding to a private key,
- * public key, and/or other object; then that object (those objects)
- * are deleted too.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_DeleteStoredObject
-(
- NSSCertificate *c,
- NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_Validate
- *
- * Verify that this certificate is trusted, for the specified usage(s),
- * at the specified time, {word word} the specified policies.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_Validate
-(
- NSSCertificate *c,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/*
- * NSSCertificate_ValidateCompletely
- *
- * Verify that this certificate is trusted. The difference between
- * this and the previous call is that NSSCertificate_Validate merely
- * returns success or failure with an appropriate error stack.
- * However, there may be (and often are) multiple problems with a
- * certificate. This routine returns an array of errors, specifying
- * every problem.
- */
-
-/*
- * Return value must be an array of objects, each of which has
- * an NSSError, and any corresponding certificate (in the chain)
- * and/or policy.
- */
-
-NSS_EXTERN void ** /* void *[] */
-NSSCertificate_ValidateCompletely
-(
- NSSCertificate *c,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt, /* NULL for none */
- void **rvOpt, /* NULL for allocate */
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt /* NULL for heap */
-);
-
-/*
- * NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
- *
- * Returns PR_SUCCESS if the certificate is valid for at least something.
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
-(
- NSSCertificate *c,
- NSSTime **notBeforeOutOpt,
- NSSTime **notAfterOutOpt,
- void *allowedUsages,
- void *disallowedUsages,
- void *allowedPolicies,
- void *disallowedPolicies,
- /* more args.. work on this fgmr */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_Encode
- *
- */
-
-NSS_EXTERN NSSDER *
-NSSCertificate_Encode
-(
- NSSCertificate *c,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_BuildChain
- *
- * This routine returns NSSCertificate *'s for each certificate
- * in the "chain" starting from the specified one up to and
- * including the root. The zeroth element in the array is the
- * specified ("leaf") certificate.
- *
- * If statusOpt is supplied, and is returned as PR_FAILURE, possible
- * error values are:
- *
- * NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND - the chain is incomplete
- *
- */
-
-extern const NSSError NSS_ERROR_CERTIFICATE_ISSUER_NOT_FOUND;
-
-NSS_EXTERN NSSCertificate **
-NSSCertificate_BuildChain
-(
- NSSCertificate *c,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_GetTrustDomain
- *
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSCertificate_GetTrustDomain
-(
- NSSCertificate *c
-);
-
-/*
- * NSSCertificate_GetToken
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSToken *
-NSSCertificate_GetToken
-(
- NSSCertificate *c,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_GetSlot
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSSlot *
-NSSCertificate_GetSlot
-(
- NSSCertificate *c,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_GetModule
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSModule *
-NSSCertificate_GetModule
-(
- NSSCertificate *c,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCertificate_Encrypt
- *
- * Encrypt a single chunk of data with the public key corresponding to
- * this certificate.
- */
-
-NSS_EXTERN NSSItem *
-NSSCertificate_Encrypt
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCertificate_Verify
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCertificate_VerifyRecover
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_WrapSymmetricKey
- *
- * This method tries very hard to to succeed, even in situations
- * involving sensitive keys and multiple modules.
- * { relyea: want to add verbiage? }
- */
-
-NSS_EXTERN NSSItem *
-NSSCertificate_WrapSymmetricKey
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCertificate_CreateCryptoContext
- *
- * Create a crypto context, in this certificate's trust domain, with this
- * as the distinguished certificate.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSCertificate_CreateCryptoContext
-(
- NSSCertificate *c,
- NSSAlgorithmAndParameters *apOpt,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_GetPublicKey
- *
- * Returns the public key corresponding to this certificate.
- */
-
-NSS_EXTERN NSSPublicKey *
-NSSCertificate_GetPublicKey
-(
- NSSCertificate *c
-);
-
-/*
- * NSSCertificate_FindPrivateKey
- *
- * Finds and returns the private key corresponding to this certificate,
- * if it is available.
- *
- * { Should this hang off of NSSUserCertificate? }
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSCertificate_FindPrivateKey
-(
- NSSCertificate *c,
- NSSCallback *uhh
-);
-
-/*
- * NSSCertificate_IsPrivateKeyAvailable
- *
- * Returns success if the private key corresponding to this certificate
- * is available to be used.
- *
- * { Should *this* hang off of NSSUserCertificate?? }
- */
-
-NSS_EXTERN PRBool
-NSSCertificate_IsPrivateKeyAvailable
-(
- NSSCertificate *c,
- NSSCallback *uhh,
- PRStatus *statusOpt
-);
-
-/*
- * If we make NSSUserCertificate not a typedef of NSSCertificate,
- * then we'll need implementations of the following:
- *
- * NSSUserCertificate_Destroy
- * NSSUserCertificate_DeleteStoredObject
- * NSSUserCertificate_Validate
- * NSSUserCertificate_ValidateCompletely
- * NSSUserCertificate_ValidateAndDiscoverUsagesAndPolicies
- * NSSUserCertificate_Encode
- * NSSUserCertificate_BuildChain
- * NSSUserCertificate_GetTrustDomain
- * NSSUserCertificate_GetToken
- * NSSUserCertificate_GetSlot
- * NSSUserCertificate_GetModule
- * NSSUserCertificate_GetCryptoContext
- * NSSUserCertificate_GetPublicKey
- */
-
-/*
- * NSSUserCertificate_IsStillPresent
- *
- * Verify that if this certificate lives on a token, that the token
- * is still present and the certificate still exists. This is a
- * lightweight call which should be used whenever it should be
- * verified that the user hasn't perhaps popped out his or her
- * token and strolled away.
- */
-
-NSS_EXTERN PRBool
-NSSUserCertificate_IsStillPresent
-(
- NSSUserCertificate *uc,
- PRStatus *statusOpt
-);
-
-/*
- * NSSUserCertificate_Decrypt
- *
- * Decrypt a single chunk of data with the private key corresponding
- * to this certificate.
- */
-
-NSS_EXTERN NSSItem *
-NSSUserCertificate_Decrypt
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSUserCertificate_Sign
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSUserCertificate_SignRecover
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSUserCertificate_UnwrapSymmetricKey
-(
- NSSUserCertificate *uc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSUserCertificate_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSUserCertificate_DeriveSymmetricKey
-(
- NSSUserCertificate *uc, /* provides private key */
- NSSCertificate *c, /* provides public key */
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhh
-);
-
-/* filter-certs function(s) */
-
-/**
- ** fgmr -- trust objects
- **/
-
-/*
- * NSSPrivateKey
- *
- */
-
-/*
- * NSSPrivateKey_Destroy
- *
- * Free a pointer to a private key object.
- */
-
-NSS_EXTERN PRStatus
-NSSPrivateKey_Destroy
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_DeleteStoredObject
- *
- * Permanently remove this object, and any related objects (such as the
- * certificates corresponding to this key).
- */
-
-NSS_EXTERN PRStatus
-NSSPrivateKey_DeleteStoredObject
-(
- NSSPrivateKey *vk,
- NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_GetSignatureLength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSPrivateKey_GetSignatureLength
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_GetPrivateModulusLength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSPrivateKey_GetPrivateModulusLength
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_IsStillPresent
- *
- */
-
-NSS_EXTERN PRBool
-NSSPrivateKey_IsStillPresent
-(
- NSSPrivateKey *vk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPrivateKey_Encode
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_Encode
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *ap,
- NSSItem *passwordOpt, /* NULL will cause a callback; "" for no password */
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_GetTrustDomain
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSPrivateKey_GetTrustDomain
-(
- NSSPrivateKey *vk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPrivateKey_GetToken
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSPrivateKey_GetToken
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_GetSlot
- *
- */
-
-NSS_EXTERN NSSSlot *
-NSSPrivateKey_GetSlot
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_GetModule
- *
- */
-
-NSS_EXTERN NSSModule *
-NSSPrivateKey_GetModule
-(
- NSSPrivateKey *vk
-);
-
-/*
- * NSSPrivateKey_Decrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_Decrypt
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_Sign
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPrivateKey_SignRecover
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSPrivateKey_UnwrapSymmetricKey
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSPrivateKey_DeriveSymmetricKey
-(
- NSSPrivateKey *vk,
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_FindPublicKey
- *
- */
-
-NSS_EXTERN NSSPublicKey *
-NSSPrivateKey_FindPublicKey
-(
- NSSPrivateKey *vk
- /* { don't need the callback here, right? } */
-);
-
-/*
- * NSSPrivateKey_CreateCryptoContext
- *
- * Create a crypto context, in this key's trust domain,
- * with this as the distinguished private key.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSPrivateKey_CreateCryptoContext
-(
- NSSPrivateKey *vk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSPrivateKey_FindCertificates
- *
- * Note that there may be more than one certificate for this
- * private key. { FilterCertificates function to further
- * reduce the list. }
- */
-
-NSS_EXTERN NSSCertificate **
-NSSPrivateKey_FindCertificates
-(
- NSSPrivateKey *vk,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_FindBestCertificate
- *
- * The parameters for this function will depend on what the users
- * need. This is just a starting point.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSPrivateKey_FindBestCertificate
-(
- NSSPrivateKey *vk,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSPublicKey
- *
- * Once you generate, find, or derive one of these, you can use it
- * to perform (simple) cryptographic operations. Though there may
- * be certificates associated with these public keys, they are not
- * verified.
- */
-
-/*
- * NSSPublicKey_Destroy
- *
- * Free a pointer to a public key object.
- */
-
-NSS_EXTERN PRStatus
-NSSPublicKey_Destroy
-(
- NSSPublicKey *bk
-);
-
-/*
- * NSSPublicKey_DeleteStoredObject
- *
- * Permanently remove this object, and any related objects (such as the
- * corresponding private keys and certificates).
- */
-
-NSS_EXTERN PRStatus
-NSSPublicKey_DeleteStoredObject
-(
- NSSPublicKey *bk,
- NSSCallback *uhh
-);
-
-/*
- * NSSPublicKey_Encode
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_Encode
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *ap,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_GetTrustDomain
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSPublicKey_GetTrustDomain
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_GetToken
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSToken *
-NSSPublicKey_GetToken
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_GetSlot
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSSlot *
-NSSPublicKey_GetSlot
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_GetModule
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSModule *
-NSSPublicKey_GetModule
-(
- NSSPublicKey *bk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPublicKey_Encrypt
- *
- * Encrypt a single chunk of data with the public key corresponding to
- * this certificate.
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_Encrypt
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSPublicKey_Verify
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhh
-);
-
-/*
- * NSSPublicKey_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_VerifyRecover
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_WrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSPublicKey_WrapSymmetricKey
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPublicKey_CreateCryptoContext
- *
- * Create a crypto context, in this key's trust domain, with this
- * as the distinguished public key.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSPublicKey_CreateCryptoContext
-(
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSPublicKey_FindCertificates
- *
- * Note that there may be more than one certificate for this
- * public key. The current implementation may not find every
- * last certificate available for this public key: that would
- * involve trolling e.g. huge ldap databases, which will be
- * grossly inefficient and not generally useful.
- * { FilterCertificates function to further reduce the list }
- */
-
-NSS_EXTERN NSSCertificate **
-NSSPublicKey_FindCertificates
-(
- NSSPublicKey *bk,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPrivateKey_FindBestCertificate
- *
- * The parameters for this function will depend on what the users
- * need. This is just a starting point.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSPublicKey_FindBestCertificate
-(
- NSSPublicKey *bk,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSPublicKey_FindPrivateKey
- *
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSPublicKey_FindPrivateKey
-(
- NSSPublicKey *bk,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey
- *
- */
-
-/*
- * NSSSymmetricKey_Destroy
- *
- * Free a pointer to a symmetric key object.
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_Destroy
-(
- NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_DeleteStoredObject
- *
- * Permanently remove this object.
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_DeleteStoredObject
-(
- NSSSymmetricKey *mk,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_GetKeyLength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSSymmetricKey_GetKeyLength
-(
- NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_GetKeyStrength
- *
- */
-
-NSS_EXTERN PRUint32
-NSSSymmetricKey_GetKeyStrength
-(
- NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_IsStillPresent
- *
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_IsStillPresent
-(
- NSSSymmetricKey *mk
-);
-
-/*
- * NSSSymmetricKey_GetTrustDomain
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSSymmetricKey_GetTrustDomain
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_GetToken
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSToken *
-NSSSymmetricKey_GetToken
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_GetSlot
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSSlot *
-NSSSymmetricKey_GetSlot
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_GetModule
- *
- * There doesn't have to be one.
- */
-
-NSS_EXTERN NSSModule *
-NSSSymmetricKey_GetModule
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-);
-
-/*
- * NSSSymmetricKey_Encrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_Encrypt
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_Decrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_Decrypt
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_Sign
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_SignRecover
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSSymmetricKey_Verify
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_VerifyRecover
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_WrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_WrapSymmetricKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_WrapPrivateKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSSymmetricKey_WrapPrivateKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSPrivateKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSSymmetricKey_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSSymmetricKey_UnwrapSymmetricKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSOID *target,
- PRUint32 keySizeOpt,
- NSSOperations operations,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_UnwrapPrivateKey
- *
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSSymmetricKey_UnwrapPrivateKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSUTF8 *labelOpt,
- NSSItem *keyIDOpt,
- PRBool persistant,
- PRBool sensitive,
- NSSToken *destinationOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSSymmetricKey_DeriveSymmetricKey
-(
- NSSSymmetricKey *originalKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt,
- NSSOperations operations,
- NSSCallback *uhh
-);
-
-/*
- * NSSSymmetricKey_CreateCryptoContext
- *
- * Create a crypto context, in this key's trust domain,
- * with this as the distinguished symmetric key.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSSymmetricKey_CreateCryptoContext
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-);
-
-/*
- * NSSTrustDomain
- *
- */
-
-/*
- * NSSTrustDomain_Create
- *
- * This creates a trust domain, optionally with an initial cryptoki
- * module. If the module name is not null, the module is loaded if
- * needed (using the uriOpt argument), and initialized with the
- * opaqueOpt argument. If mumble mumble priority settings, then
- * module-specification objects in the module can cause the loading
- * and initialization of further modules.
- *
- * The uriOpt is defined to take a URI. At present, we only
- * support file: URLs pointing to platform-native shared libraries.
- * However, by specifying this as a URI, this keeps open the
- * possibility of supporting other, possibly remote, resources.
- *
- * The "reserved" arguments is held for when we figure out the
- * module priority stuff.
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSTrustDomain_Create
-(
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-);
-
-/*
- * NSSTrustDomain_Destroy
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_Destroy
-(
- NSSTrustDomain *td
-);
-
-/*
- * NSSTrustDomain_SetDefaultCallback
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_SetDefaultCallback
-(
- NSSTrustDomain *td,
- NSSCallback *newCallback,
- NSSCallback **oldCallbackOpt
-);
-
-/*
- * NSSTrustDomain_GetDefaultCallback
- *
- */
-
-NSS_EXTERN NSSCallback *
-NSSTrustDomain_GetDefaultCallback
-(
- NSSTrustDomain *td,
- PRStatus *statusOpt
-);
-
-/*
- * Default policies?
- * Default usage?
- * Default time, for completeness?
- */
-
-/*
- * NSSTrustDomain_LoadModule
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_LoadModule
-(
- NSSTrustDomain *td,
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-);
-
-/*
- * NSSTrustDomain_AddModule
- * NSSTrustDomain_AddSlot
- * NSSTrustDomain_UnloadModule
- * Managing modules, slots, tokens; priorities;
- * Traversing all of the above
- * this needs more work
- */
-
-/*
- * NSSTrustDomain_DisableToken
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_DisableToken
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSError why
-);
-
-/*
- * NSSTrustDomain_EnableToken
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_EnableToken
-(
- NSSTrustDomain *td,
- NSSToken *token
-);
-
-/*
- * NSSTrustDomain_IsTokenEnabled
- *
- * If disabled, "why" is always on the error stack.
- * The optional argument is just for convenience.
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_IsTokenEnabled
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSError *whyOpt
-);
-
-/*
- * NSSTrustDomain_FindSlotByName
- *
- */
-
-NSS_EXTERN NSSSlot *
-NSSTrustDomain_FindSlotByName
-(
- NSSTrustDomain *td,
- NSSUTF8 *slotName
-);
-
-/*
- * NSSTrustDomain_FindTokenByName
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindTokenByName
-(
- NSSTrustDomain *td,
- NSSUTF8 *tokenName
-);
-
-/*
- * NSSTrustDomain_FindTokenBySlotName
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindTokenBySlotName
-(
- NSSTrustDomain *td,
- NSSUTF8 *slotName
-);
-
-/*
- * NSSTrustDomain_FindBestTokenForAlgorithm
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindTokenForAlgorithm
-(
- NSSTrustDomain *td,
- NSSOID *algorithm
-);
-
-/*
- * NSSTrustDomain_FindBestTokenForAlgorithms
- *
- */
-
-NSS_EXTERN NSSToken *
-NSSTrustDomain_FindBestTokenForAlgorithms
-(
- NSSTrustDomain *td,
- NSSOID *algorithms[], /* may be null-terminated */
- PRUint32 nAlgorithmsOpt /* limits the array if nonzero */
-);
-
-/*
- * NSSTrustDomain_Login
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_Login
-(
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_Logout
- *
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_Logout
-(
- NSSTrustDomain *td
-);
-
-/* Importing things */
-
-/*
- * NSSTrustDomain_ImportCertificate
- *
- * The implementation will pull some data out of the certificate
- * (e.g. e-mail address) for use in pkcs#11 object attributes.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportCertificate
-(
- NSSTrustDomain *td,
- NSSCertificate *c
-);
-
-/*
- * NSSTrustDomain_ImportPKIXCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportPKIXCertificate
-(
- NSSTrustDomain *td,
- /* declared as a struct until these "data types" are defined */
- struct NSSPKIXCertificateStr *pc
-);
-
-/*
- * NSSTrustDomain_ImportEncodedCertificate
- *
- * Imports any type of certificate we support.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_ImportEncodedCertificate
-(
- NSSTrustDomain *td,
- NSSBER *ber
-);
-
-/*
- * NSSTrustDomain_ImportEncodedCertificateChain
- *
- * If you just want the leaf, pass in a maximum of one.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_ImportEncodedCertificateChain
-(
- NSSTrustDomain *td,
- NSSBER *ber,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_ImportEncodedPrivateKey
- *
- */
-
-NSS_EXTERN NSSPrivateKey *
-NSSTrustDomain_ImportEncodedPrivateKey
-(
- NSSTrustDomain *td,
- NSSBER *ber,
- NSSItem *passwordOpt, /* NULL will cause a callback */
- NSSCallback *uhhOpt,
- NSSToken *destination
-);
-
-/*
- * NSSTrustDomain_ImportEncodedPublicKey
- *
- */
-
-NSS_EXTERN NSSPublicKey *
-NSSTrustDomain_ImportEncodedPublicKey
-(
- NSSTrustDomain *td,
- NSSBER *ber
-);
-
-/* Other importations: S/MIME capabilities */
-
-/*
- * NSSTrustDomain_FindBestCertificateByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNickname
-(
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByNickname
-(
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
-(
- NSSTrustDomain *td,
- NSSDER *issuer,
- NSSDER *serialNumber
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByIssuerAndSerialNumber
- *
- * Theoretically, this should never happen. However, some companies
- * we know have issued duplicate certificates with the same issuer
- * and serial number. Do we just ignore them? I'm thinking yes.
- */
-
-/*
- * NSSTrustDomain_FindBestCertificateBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateBySubject
-(
- NSSTrustDomain *td,
- NSSDER /*NSSUTF8*/ *subject,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificatesBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesBySubject
-(
- NSSTrustDomain *td,
- NSSDER /*NSSUTF8*/ *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindBestCertificateByNameComponents
- *
- * This call does try several tricks, including a pseudo pkcs#11
- * attribute for the ldap module to try as a query. Eventually
- * this call falls back to a traversal if that's what's required.
- * It will search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNameComponents
-(
- NSSTrustDomain *td,
- NSSUTF8 *nameComponents,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByNameComponents
- *
- * This call, too, tries several tricks. It will stop on the first
- * attempt that generates results, so it won't e.g. traverse the
- * entire ldap database.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByNameComponents
-(
- NSSTrustDomain *td,
- NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificateByEncodedCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByEncodedCertificate
-(
- NSSTrustDomain *td,
- NSSBER *encodedCertificate
-);
-
-/*
- * NSSTrustDomain_FindBestCertificateByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByEmail
-(
- NSSTrustDomain *td,
- NSSASCII7 *email,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificatesByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindCertificatesByEmail
-(
- NSSTrustDomain *td,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindCertificateByOCSPHash
- *
- * There can be only one.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindCertificateByOCSPHash
-(
- NSSTrustDomain *td,
- NSSItem *hash
-);
-
-/*
- * NSSTrustDomain_TraverseCertificates
- *
- * This function descends from one in older versions of NSS which
- * traverses the certs in the permanent database. That function
- * was used to implement selection routines, but was directly
- * available too. Trust domains are going to contain a lot more
- * certs now (e.g., an ldap server), so we'd really like to
- * discourage traversal. Thus for now, this is commented out.
- * If it's needed, let's look at the situation more closely to
- * find out what the actual requirements are.
- */
-
-/* For now, adding this function. This may only be for debugging
- * purposes.
- * Perhaps some equivalent function, on a specified token, will be
- * needed in a "friend" header file?
- */
-NSS_EXTERN PRStatus *
-NSSTrustDomain_TraverseCertificates
-(
- NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-/*
- * NSSTrustDomain_FindBestUserCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificate
-(
- NSSTrustDomain *td,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindUserCertificates
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificates
-(
- NSSTrustDomain *td,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
-(
- NSSTrustDomain *td,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindUserCertificatesForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForSSLClientAuth
-(
- NSSTrustDomain *td,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSTrustDomain_FindBestUserCertificateForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForEmailSigning
-(
- NSSTrustDomain *td,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSTrustDomain_FindUserCertificatesForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForEmailSigning
-(
- NSSTrustDomain *td,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * Here is where we'd add more Find[Best]UserCertificate[s]For<usage>
- * routines.
- */
-
-/* Private Keys */
-
-/*
- * NSSTrustDomain_GenerateKeyPair
- *
- * Creates persistant objects. If you want session objects, use
- * NSSCryptoContext_GenerateKeyPair. The destination token is where
- * the keys are stored. If that token can do the required math, then
- * that's where the keys are generated too. Otherwise, the keys are
- * generated elsewhere and moved to that token.
- */
-
-NSS_EXTERN PRStatus
-NSSTrustDomain_GenerateKeyPair
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- NSSPrivateKey **pvkOpt,
- NSSPublicKey **pbkOpt,
- PRBool privateKeyIsSensitive,
- NSSToken *destination,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_TraversePrivateKeys
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSTrustDomain_TraversePrivateKeys
- * (
- * NSSTrustDomain *td,
- * PRStatus (*callback)(NSSPrivateKey *vk, void *arg),
- * void *arg
- * );
- */
-
-/* Symmetric Keys */
-
-/*
- * NSSTrustDomain_GenerateSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKey
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- PRUint32 keysize,
- NSSToken *destination,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_GenerateSymmetricKeyFromPassword
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKeyFromPassword
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- NSSUTF8 *passwordOpt, /* if null, prompt */
- NSSToken *destinationOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_FindSymmetricKeyByAlgorithm
- *
- * Is this still needed?
- *
- * NSS_EXTERN NSSSymmetricKey *
- * NSSTrustDomain_FindSymmetricKeyByAlgorithm
- * (
- * NSSTrustDomain *td,
- * NSSOID *algorithm,
- * NSSCallback *uhhOpt
- * );
- */
-
-/*
- * NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
-(
- NSSTrustDomain *td,
- NSSOID *algorithm,
- NSSItem *keyID,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_TraverseSymmetricKeys
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSTrustDomain_TraverseSymmetricKeys
- * (
- * NSSTrustDomain *td,
- * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
- * void *arg
- * );
- */
-
-/*
- * NSSTrustDomain_CreateCryptoContext
- *
- * If a callback object is specified, it becomes the for the crypto
- * context; otherwise, this trust domain's default (if any) is
- * inherited.
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContext
-(
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSTrustDomain_CreateCryptoContextForAlgorithm
- *
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithm
-(
- NSSTrustDomain *td,
- NSSOID *algorithm
-);
-
-/*
- * NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
- *
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap
-);
-
-/* find/traverse other objects, e.g. s/mime profiles */
-
-/*
- * NSSCryptoContext
- *
- * A crypto context is sort of a short-term snapshot of a trust domain,
- * used for the life of "one crypto operation." You can also think of
- * it as a "temporary database."
- *
- * Just about all of the things you can do with a trust domain -- importing
- * or creating certs, keys, etc. -- can be done with a crypto context.
- * The difference is that the objects will be temporary ("session") objects.
- *
- * Also, if the context was created for a key, cert, and/or algorithm; or
- * if such objects have been "associated" with the context, then the context
- * can do everything the keys can, like crypto operations.
- *
- * And finally, because it keeps the state of the crypto operations, it
- * can do streaming crypto ops.
- */
-
-/*
- * NSSTrustDomain_Destroy
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_Destroy
-(
- NSSCryptoContext *cc
-);
-
-/* establishing a default callback */
-
-/*
- * NSSCryptoContext_SetDefaultCallback
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_SetDefaultCallback
-(
- NSSCryptoContext *cc,
- NSSCallback *newCallback,
- NSSCallback **oldCallbackOpt
-);
-
-/*
- * NSSCryptoContext_GetDefaultCallback
- *
- */
-
-NSS_EXTERN NSSCallback *
-NSSCryptoContext_GetDefaultCallback
-(
- NSSCryptoContext *cc,
- PRStatus *statusOpt
-);
-
-/*
- * NSSCryptoContext_GetTrustDomain
- *
- */
-
-NSS_EXTERN NSSTrustDomain *
-NSSCryptoContext_GetTrustDomain
-(
- NSSCryptoContext *cc
-);
-
-/* AddModule, etc: should we allow "temporary" changes here? */
-/* DisableToken, etc: ditto */
-/* Ordering of tokens? */
-/* Finding slots+token etc. */
-/* login+logout */
-
-/* Importing things */
-
-/*
- * NSSCryptoContext_ImportCertificate
- *
- * If there's not a "distinguished certificate" for this context, this
- * sets the specified one to be it.
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ImportCertificate
-(
- NSSCryptoContext *cc,
- NSSCertificate *c
-);
-
-/*
- * NSSCryptoContext_ImportPKIXCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_ImportPKIXCertificate
-(
- NSSCryptoContext *cc,
- struct NSSPKIXCertificateStr *pc
-);
-
-/*
- * NSSCryptoContext_ImportEncodedCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_ImportEncodedCertificate
-(
- NSSCryptoContext *cc,
- NSSBER *ber
-);
-
-/*
- * NSSCryptoContext_ImportEncodedPKIXCertificateChain
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ImportEncodedPKIXCertificateChain
-(
- NSSCryptoContext *cc,
- NSSBER *ber
-);
-
-/* Other importations: S/MIME capabilities
- */
-
-/*
- * NSSCryptoContext_FindBestCertificateByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNickname
-(
- NSSCryptoContext *cc,
- NSSUTF8 *name,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/*
- * NSSCryptoContext_FindCertificatesByNickname
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesByNickname
-(
- NSSCryptoContext *cc,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
-(
- NSSCryptoContext *cc,
- NSSDER *issuer,
- NSSDER *serialNumber
-);
-
-/*
- * NSSCryptoContext_FindBestCertificateBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateBySubject
-(
- NSSCryptoContext *cc,
- NSSUTF8 *subject,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificatesBySubject
- *
- * This does not search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesBySubject
-(
- NSSCryptoContext *cc,
- NSSUTF8 *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindBestCertificateByNameComponents
- *
- * This call does try several tricks, including a pseudo pkcs#11
- * attribute for the ldap module to try as a query. Eventually
- * this call falls back to a traversal if that's what's required.
- * It will search through alternate names hidden in extensions.
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateByNameComponents
-(
- NSSCryptoContext *cc,
- NSSUTF8 *nameComponents,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificatesByNameComponents
- *
- * This call, too, tries several tricks. It will stop on the first
- * attempt that generates results, so it won't e.g. traverse the
- * entire ldap database.
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindCertificatesByNameComponents
-(
- NSSCryptoContext *cc,
- NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificateByEncodedCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificateByEncodedCertificate
-(
- NSSCryptoContext *cc,
- NSSBER *encodedCertificate
-);
-
-/*
- * NSSCryptoContext_FindBestCertificateByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestCertificateByEmail
-(
- NSSCryptoContext *cc,
- NSSASCII7 *email
-);
-
-/*
- * NSSCryptoContext_FindCertificatesByEmail
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificatesByEmail
-(
- NSSCryptoContext *cc,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindCertificateByOCSPHash
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindCertificateByOCSPHash
-(
- NSSCryptoContext *cc,
- NSSItem *hash
-);
-
-/*
- * NSSCryptoContext_TraverseCertificates
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSCryptoContext_TraverseCertificates
- * (
- * NSSCryptoContext *cc,
- * PRStatus (*callback)(NSSCertificate *c, void *arg),
- * void *arg
- * );
- */
-
-/*
- * NSSCryptoContext_FindBestUserCertificate
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestUserCertificate
-(
- NSSCryptoContext *cc,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindUserCertificates
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindUserCertificates
-(
- NSSCryptoContext *cc,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
-(
- NSSCryptoContext *cc,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindUserCertificatesForSSLClientAuth
- *
- */
-
-NSS_EXTERN NSSCertificate **
-NSSCryptoContext_FindUserCertificatesForSSLClientAuth
-(
- NSSCryptoContext *cc,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FindBestUserCertificateForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindBestUserCertificateForEmailSigning
-(
- NSSCryptoContext *cc,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-);
-
-/*
- * NSSCryptoContext_FindUserCertificatesForEmailSigning
- *
- */
-
-NSS_EXTERN NSSCertificate *
-NSSCryptoContext_FindUserCertificatesForEmailSigning
-(
- NSSCryptoContext *cc,
- NSSASCII7 *signerOpt, /* fgmr or a more general name? */
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-);
-
-/* Private Keys */
-
-/*
- * NSSCryptoContext_GenerateKeyPair
- *
- * Creates session objects. If you want persistant objects, use
- * NSSTrustDomain_GenerateKeyPair. The destination token is where
- * the keys are stored. If that token can do the required math, then
- * that's where the keys are generated too. Otherwise, the keys are
- * generated elsewhere and moved to that token.
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_GenerateKeyPair
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- NSSPrivateKey **pvkOpt,
- NSSPublicKey **pbkOpt,
- PRBool privateKeyIsSensitive,
- NSSToken *destination,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_TraversePrivateKeys
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSCryptoContext_TraversePrivateKeys
- * (
- * NSSCryptoContext *cc,
- * PRStatus (*callback)(NSSPrivateKey *vk, void *arg),
- * void *arg
- * );
- */
-
-/* Symmetric Keys */
-
-/*
- * NSSCryptoContext_GenerateSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- PRUint32 keysize,
- NSSToken *destination,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_GenerateSymmetricKeyFromPassword
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_GenerateSymmetricKeyFromPassword
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *ap,
- NSSUTF8 *passwordOpt, /* if null, prompt */
- NSSToken *destinationOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_FindSymmetricKeyByAlgorithm
- *
- *
- * NSS_EXTERN NSSSymmetricKey *
- * NSSCryptoContext_FindSymmetricKeyByType
- * (
- * NSSCryptoContext *cc,
- * NSSOID *type,
- * NSSCallback *uhhOpt
- * );
- */
-
-/*
- * NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
-(
- NSSCryptoContext *cc,
- NSSOID *algorithm,
- NSSItem *keyID,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_TraverseSymmetricKeys
- *
- *
- * NSS_EXTERN PRStatus *
- * NSSCryptoContext_TraverseSymmetricKeys
- * (
- * NSSCryptoContext *cc,
- * PRStatus (*callback)(NSSSymmetricKey *mk, void *arg),
- * void *arg
- * );
- */
-
-/* Crypto ops on distinguished keys */
-
-/*
- * NSSCryptoContext_Decrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Decrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginDecrypt
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginDecrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueDecrypt
- *
- */
-
-/*
- * NSSItem semantics:
- *
- * If rvOpt is NULL, a new NSSItem and buffer are allocated.
- * If rvOpt is not null, but the buffer pointer is null,
- * then rvOpt is returned but a new buffer is allocated.
- * In this case, if the length value is not zero, then
- * no more than that much space will be allocated.
- * If rvOpt is not null and the buffer pointer is not null,
- * then that buffer is re-used. No more than the buffer
- * length value will be used; if it's not enough, an
- * error is returned. If less is used, the number is
- * adjusted downwards.
- *
- * Note that although this is short of some ideal "Item"
- * definition, we can usually tell how big these buffers
- * have to be.
- *
- * Feedback is requested; and earlier is better than later.
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueDecrypt
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishDecrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishDecrypt
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_Sign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Sign
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginSign
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginSign
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueSign
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ContinueSign
-(
- NSSCryptoContext *cc,
- NSSItem *data
-);
-
-/*
- * NSSCryptoContext_FinishSign
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishSign
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_SignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_SignRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginSignRecover
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginSignRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueSignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueSignRecover
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishSignRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishSignRecover
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_UnwrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_UnwrapSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_DeriveSymmetricKey
- *
- */
-
-NSS_EXTERN NSSSymmetricKey *
-NSSCryptoContext_DeriveSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSPublicKey *bk,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt, /* zero for best allowed */
- NSSOperations operations,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_Encrypt
- *
- * Encrypt a single chunk of data with the distinguished public key
- * of this crypto context.
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Encrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginEncrypt
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginEncrypt
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueEncrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueEncrypt
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishEncrypt
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishEncrypt
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_Verify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_Verify
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_BeginVerify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginVerify
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueVerify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ContinueVerify
-(
- NSSCryptoContext *cc,
- NSSItem *data
-);
-
-/*
- * NSSCryptoContext_FinishVerify
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_FinishVerify
-(
- NSSCryptoContext *cc
-);
-
-/*
- * NSSCryptoContext_VerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_VerifyRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginVerifyRecover
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginVerifyRecover
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueVerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_ContinueVerifyRecover
-(
- NSSCryptoContext *cc,
- NSSItem *data,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_FinishVerifyRecover
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishVerifyRecover
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_WrapSymmetricKey
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_WrapSymmetricKey
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_Digest
- *
- * Digest a single chunk of data with the distinguished digest key
- * of this crypto context.
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_Digest
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhhOpt,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSCryptoContext_BeginDigest
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_BeginDigest
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhhOpt
-);
-
-/*
- * NSSCryptoContext_ContinueDigest
- *
- */
-
-NSS_EXTERN PRStatus
-NSSCryptoContext_ContinueDigest
-(
- NSSCryptoContext *cc,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *item
-);
-
-/*
- * NSSCryptoContext_FinishDigest
- *
- */
-
-NSS_EXTERN NSSItem *
-NSSCryptoContext_FinishDigest
-(
- NSSCryptoContext *cc,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * tbd: Combination ops
- */
-
-/*
- * NSSCryptoContext_Clone
- *
- */
-
-NSS_EXTERN NSSCryptoContext *
-NSSCryptoContext_Clone
-(
- NSSCryptoContext *cc
-);
-
-/*
- * NSSCryptoContext_Save
- * NSSCryptoContext_Restore
- *
- * We need to be able to save and restore the state of contexts.
- * Perhaps a mark-and-release mechanism would be better?
- */
-
-/*
- * ..._SignTBSCertificate
- *
- * This requires feedback from the cert server team.
- */
-
-/*
- * PRBool NSSCertificate_GetIsTrustedFor{xxx}(NSSCertificate *c);
- * PRStatus NSSCertificate_SetIsTrustedFor{xxx}(NSSCertificate *c, PRBool trusted);
- *
- * These will be helper functions which get the trust object for a cert,
- * and then call the corresponding function(s) on it.
- *
- * PKIX trust objects will have methods to manipulate the low-level trust
- * bits (which are based on key usage and extended key usage), and also the
- * conceptual high-level usages (e.g. ssl client auth, email encryption, etc.)
- *
- * Other types of trust objects (if any) might have different low-level
- * representations, but hopefully high-level concepts would map.
- *
- * Only these high-level general routines would be promoted to the
- * general certificate level here. Hence the {xxx} above would be things
- * like "EmailSigning."
- *
- *
- * NSSPKIXTrust *NSSCertificate_GetPKIXTrustObject(NSSCertificate *c);
- * PRStatus NSSCertificate_SetPKIXTrustObject(NSSCertificate *c, NSPKIXTrust *t);
- *
- * I want to hold off on any general trust object until we've investigated
- * other models more thoroughly.
- */
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKI_H */
diff --git a/security/nss/lib/pki/nsspki.rc b/security/nss/lib/pki/nsspki.rc
deleted file mode 100644
index 5228cefb3..000000000
--- a/security/nss/lib/pki/nsspki.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "nsspki"
-#define MY_FILEDESCRIPTION "NSS PKI Base Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904B0" // Lang=US English, CharSet=Unicode
- BEGIN
- VALUE "CompanyName", "Netscape Communications Corporation\0"
- VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
- VALUE "FileVersion", NSS_VERSION "\0"
- VALUE "InternalName", MY_INTERNAL_NAME "\0"
- VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
- VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
- VALUE "ProductName", "Network Security Services\0"
- VALUE "ProductVersion", NSS_VERSION "\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 1200
- END
-END
diff --git a/security/nss/lib/pki/nsspkit.h b/security/nss/lib/pki/nsspkit.h
deleted file mode 100644
index 6083ac0f8..000000000
--- a/security/nss/lib/pki/nsspkit.h
+++ /dev/null
@@ -1,271 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKIT_H
-#define NSSPKIT_H
-
-#ifdef DEBUG
-static const char NSSPKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspkit.h
- *
- * This file defines the types of the top-level PKI objects.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSCertificate
- *
- * This is the public representation of a Certificate. The certificate
- * may be one found on a smartcard or other token, one decoded from data
- * received as part of a protocol, one constructed from constituent
- * parts, etc. Usually it is associated with ("in") a trust domain; as
- * it can be verified only within a trust domain. The underlying type
- * of certificate may be of any supported standard, e.g. PKIX, PGP, etc.
- *
- * People speak of "verifying (with) the server's, or correspondant's,
- * certificate"; for simple operations we support that simplification
- * by implementing public-key crypto operations as methods on this type.
- */
-
-struct NSSCertificateStr;
-typedef struct NSSCertificateStr NSSCertificate;
-
-/*
- * NSSUserCertificate
- *
- * A ``User'' certificate is one for which the private key is available.
- * People speak of "using my certificate to sign my email" and "using
- * my certificate to authenticate to (or login to) the server"; for
- * simple operations, we support that simplification by implementing
- * private-key crypto operations as methods on this type.
- *
- * The current design only weakly distinguishes between certificates
- * and user certificates: as far as the compiler goes they're
- * interchangable; debug libraries only have one common pointer-tracker;
- * etc. However, attempts to do private-key operations on a certificate
- * for which the private key is not available will fail.
- *
- * Open design question: should these types be more firmly separated?
- */
-
-typedef NSSCertificate NSSUserCertificate;
-
-/*
- * NSSPrivateKey
- *
- * This is the public representation of a Private Key. In general,
- * the actual value of the key is not available, but operations may
- * be performed with it.
- */
-
-struct NSSPrivateKeyStr;
-typedef struct NSSPrivateKeyStr NSSPrivateKey;
-
-/*
- * NSSPublicKey
- *
- */
-
-struct NSSPublicKeyStr;
-typedef struct NSSPublicKeyStr NSSPublicKey;
-
-/*
- * NSSSymmetricKey
- *
- */
-
-struct NSSSymmetricKeyStr;
-typedef struct NSSSymmetricKeyStr NSSSymmetricKey;
-
-/*
- * NSSTrustDomain
- *
- * A Trust Domain is the field in which certificates may be validated.
- * A trust domain will generally have one or more cryptographic modules
- * open; these modules perform the cryptographic operations, and
- * provide the basic "root" trust information from which the trust in
- * a specific certificate or key depends.
- *
- * A client program, or a simple server, would typically have one
- * trust domain. A server supporting multiple "virtual servers" might
- * have a separate trust domain for each virtual server. The separate
- * trust domains might share some modules (e.g., a hardware crypto
- * accelerator) but not others (e.g., the tokens storing the different
- * servers' private keys, or the databases with each server's trusted
- * root certificates).
- *
- * This object descends from the "permananet database" in the old code.
- */
-
-struct NSSTrustDomainStr;
-typedef struct NSSTrustDomainStr NSSTrustDomain;
-
-/*
- * NSSCryptoContext
- *
- * A Crypto Context is a short-term, "helper" object which is used
- * for the lifetime of one ongoing "crypto operation." Such an
- * operation may be the creation of a signed message, the use of an
- * TLS socket connection, etc. Each crypto context is "in" a
- * specific trust domain, and it may have associated with it a
- * distinguished certificate, public key, private key, and/or
- * symmetric key. It can also temporarily hold and use temporary
- * data (e.g. intermediate certificates) which is not stored
- * permanently in the trust domain.
- *
- * In OO terms, this interface inherits interfaces from the trust
- * domain, the certificates, and the keys. It also provides
- * streaming crypto operations.
- *
- * This object descends from the "temporary database" concept in the
- * old code, but it has changed a lot as a result of what we've
- * learned.
- */
-
-typedef struct NSSCryptoContextStr NSSCryptoContext;
-
-/*
- * fgmr others
- */
-
-/*
- * NSSTime
- *
- * Unfortunately, we need an "exceptional" value to indicate
- * an error upon return, or "no value" on input. Note that zero
- * is a perfectly valid value for both time_t and PRTime.
- *
- * If we were to create a "range" object, with two times for
- * Not Before and Not After, we would have an obvious place for
- * the somewhat arbitrary logic involved in comparing them.
- *
- * Failing that, let's have an NSSTime_CompareRanges function.
- */
-
-struct NSSTimeStr;
-typedef struct NSSTimeStr NSSTime;
-
-struct NSSTrustStr;
-typedef struct NSSTrustStr NSSTrust;
-
-/*
- * NSSUsage
- *
- * This is trickier than originally planned; I'll write up a
- * doc on it.
- *
- * We'd still like nsspki.h to have a list of common usages,
- * e.g.:
- *
- * extern const NSSUsage *NSSUsage_ClientAuth;
- * extern const NSSUsage *NSSUsage_ServerAuth;
- * extern const NSSUsage *NSSUsage_SignEmail;
- * extern const NSSUsage *NSSUsage_EncryptEmail;
- * etc.
- */
-
-struct NSSUsageStr;
-typedef struct NSSUsageStr NSSUsage;
-
-/*
- * NSSPolicies
- *
- * Placeholder, for now.
- */
-
-struct NSSPoliciesStr;
-typedef struct NSSPoliciesStr NSSPolicies;
-
-/*
- * NSSAlgorithmAndParameters
- *
- * Algorithm is an OID
- * Parameters depend on the algorithm
- */
-
-struct NSSAlgorithmAndParametersStr;
-typedef struct NSSAlgorithmAndParametersStr NSSAlgorithmAndParameters;
-
-/*
- * NSSCallback
- *
- * At minimum, a "challenge" method and a closure argument.
- * Usually the challenge will just be prompting for a password.
- * How OO do we want to make it?
- */
-
-typedef struct NSSCallbackStr NSSCallback;
-
-struct NSSCallbackStr {
- /* Prompt for a password to initialize a slot. */
- PRStatus (* getInitPW)(NSSUTF8 *slotName, void *arg,
- NSSUTF8 **ssoPW, NSSUTF8 **userPW);
- /* Prompt for oldPW and newPW in order to change the
- * password on a slot.
- */
- PRStatus (* getNewPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg,
- NSSUTF8 **oldPW, NSSUTF8 **newPW);
- /* Prompt for slot password. */
- PRStatus (* getPW)(NSSUTF8 *slotName, PRUint32 *retries, void *arg,
- NSSUTF8 **password);
- void *arg;
-};
-
-/* set errors - user cancelled, ... */
-
-typedef PRUint32 NSSOperations;
-/* 1) Do we want these to be preprocessor definitions or constants? */
-/* 2) What is the correct and complete list? */
-
-#define NSSOperations_ENCRYPT 0x0001
-#define NSSOperations_DECRYPT 0x0002
-#define NSSOperations_WRAP 0x0004
-#define NSSOperations_UNWRAP 0x0008
-#define NSSOperations_SIGN 0x0010
-#define NSSOperations_SIGN_RECOVER 0x0020
-#define NSSOperations_VERIFY 0x0040
-#define NSSOperations_VERIFY_RECOVER 0x0080
-
-struct NSSPKIXCertificateStr;
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIT_H */
diff --git a/security/nss/lib/pki/pki.h b/security/nss/lib/pki/pki.h
deleted file mode 100644
index f9b02640e..000000000
--- a/security/nss/lib/pki/pki.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKI_H
-#define PKI_H
-
-#ifdef DEBUG
-static const char PKI_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-NSS_EXTERN NSSCertificate *
-nssCertificate_AddRef
-(
- NSSCertificate *c
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKI_H */
diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c
deleted file mode 100644
index c7d39561e..000000000
--- a/security/nss/lib/pki/pki3hack.c
+++ /dev/null
@@ -1,744 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * Hacks to integrate NSS 3.4 and NSS 4.0 certificates.
- */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef DEVNSS3HACK_H
-#include "dev3hack.h"
-#endif /* DEVNSS3HACK_H */
-
-#ifndef PKINSS3HACK_H
-#include "pki3hack.h"
-#endif /* PKINSS3HACK_H */
-
-#include "secitem.h"
-#include "certdb.h"
-#include "certt.h"
-#include "cert.h"
-#include "pk11func.h"
-
-NSSTrustDomain *g_default_trust_domain = NULL;
-
-NSSCryptoContext *g_default_crypto_context = NULL;
-
-NSSTrustDomain *
-STAN_GetDefaultTrustDomain()
-{
- return g_default_trust_domain;
-}
-
-NSSCryptoContext *
-STAN_GetDefaultCryptoContext()
-{
- return g_default_crypto_context;
-}
-
-NSS_IMPLEMENT void
-STAN_LoadDefaultNSS3TrustDomain
-(
- void
-)
-{
- NSSTrustDomain *td;
- NSSToken *token;
- PK11SlotList *list;
- PK11SlotListElement *le;
- td = NSSTrustDomain_Create(NULL, NULL, NULL, NULL);
- if (!td) {
- /* um, some kind a fatal here */
- return;
- }
- td->tokenList = nssList_Create(td->arena, PR_TRUE);
- list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_FALSE, NULL);
- if (list) {
- for (le = list->head; le; le = le->next) {
- token = nssToken_CreateFromPK11SlotInfo(td, le->slot);
- PK11Slot_SetNSSToken(le->slot, token);
- nssList_Add(td->tokenList, token);
- }
- }
- td->tokens = nssList_CreateIterator(td->tokenList);
- g_default_trust_domain = td;
- g_default_crypto_context = NSSTrustDomain_CreateCryptoContext(td, NULL);
-}
-
-NSS_IMPLEMENT void
-STAN_Shutdown()
-{
- if (g_default_trust_domain) {
- NSSTrustDomain_Destroy(g_default_trust_domain);
- }
- if (g_default_crypto_context) {
- NSSCryptoContext_Destroy(g_default_crypto_context);
- }
-}
-
-NSS_IMPLEMENT PRStatus
-STAN_AddNewSlotToDefaultTD
-(
- PK11SlotInfo *sl
-)
-{
- NSSToken *token;
- token = nssToken_CreateFromPK11SlotInfo(g_default_trust_domain, sl);
- PK11Slot_SetNSSToken(sl, token);
- nssList_Add(g_default_trust_domain->tokenList, token);
- return PR_SUCCESS;
-}
-
-/* this function should not be a hack; it will be needed in 4.0 (rename) */
-NSS_IMPLEMENT NSSItem *
-STAN_GetCertIdentifierFromDER(NSSArena *arenaOpt, NSSDER *der)
-{
- NSSItem *rvKey;
- SECItem secDER;
- SECItem secKey = { 0 };
- SECStatus secrv;
- PRArenaPool *arena;
-
- SECITEM_FROM_NSSITEM(&secDER, der);
-
- /* nss3 call uses nss3 arena's */
- arena = PORT_NewArena(256);
- if (!arena) {
- return NULL;
- }
- secrv = CERT_KeyFromDERCert(arena, &secDER, &secKey);
- if (secrv != SECSuccess) {
- return NULL;
- }
- rvKey = nssItem_Create(arenaOpt, NULL, secKey.len, (void *)secKey.data);
- PORT_FreeArena(arena,PR_FALSE);
- return rvKey;
-}
-
-static NSSItem *
-nss3certificate_getIdentifier(nssDecodedCert *dc)
-{
- NSSItem *rvID;
- CERTCertificate *c = (CERTCertificate *)dc->data;
- rvID = nssItem_Create(NULL, NULL, c->certKey.len, c->certKey.data);
- return rvID;
-}
-
-static NSSItem *
-nss3certificate_getIssuerIdentifier(nssDecodedCert *dc)
-{
- CERTCertificate *c = (CERTCertificate *)dc->data;
- CERTAuthKeyID *cAuthKeyID;
- PRArenaPool *tmpArena = NULL;
- SECItem issuerCertKey;
- SECItem *identifier = NULL;
- NSSItem *rvID = NULL;
- SECStatus secrv;
- tmpArena = PORT_NewArena(512);
- cAuthKeyID = CERT_FindAuthKeyIDExten(tmpArena, c);
- if (cAuthKeyID) {
- if (cAuthKeyID->keyID.data) {
- identifier = &cAuthKeyID->keyID;
- } else if (cAuthKeyID->authCertIssuer) {
- SECItem *caName;
- caName = (SECItem *)CERT_GetGeneralNameByType(
- cAuthKeyID->authCertIssuer,
- certDirectoryName, PR_TRUE);
- if (caName) {
- secrv = CERT_KeyFromIssuerAndSN(tmpArena, caName,
- &cAuthKeyID->authCertSerialNumber,
- &issuerCertKey);
- if (secrv == SECSuccess) {
- identifier = &issuerCertKey;
- }
- }
- }
- }
- if (identifier) {
- rvID = nssItem_Create(NULL, NULL, identifier->len, identifier->data);
- }
- if (tmpArena) PORT_FreeArena(tmpArena, PR_FALSE);
- return rvID;
-}
-
-static PRBool
-nss3certificate_matchIdentifier(nssDecodedCert *dc, NSSItem *id)
-{
- CERTCertificate *c = (CERTCertificate *)dc->data;
- SECItem *subjectKeyID, authKeyID;
- subjectKeyID = &c->subjectKeyID;
- SECITEM_FROM_NSSITEM(&authKeyID, id);
- if (SECITEM_CompareItem(subjectKeyID, &authKeyID) == SECEqual) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static NSSUsage *
-nss3certificate_getUsage(nssDecodedCert *dc)
-{
- CERTCertificate *c = (CERTCertificate *)dc->data;
- return NULL;
-}
-
-static PRBool
-nss3certificate_isValidAtTime(nssDecodedCert *dc, NSSTime *time)
-{
- SECCertTimeValidity validity;
- CERTCertificate *c = (CERTCertificate *)dc->data;
- validity = CERT_CheckCertValidTimes(c, NSSTime_GetPRTime(time), PR_TRUE);
- if (validity == secCertTimeValid) {
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static PRBool
-nss3certificate_isNewerThan(nssDecodedCert *dc, nssDecodedCert *cmpdc)
-{
- /* I know this isn't right, but this is glue code anyway */
- if (cmpdc->type == dc->type) {
- CERTCertificate *certa = (CERTCertificate *)dc->data;
- CERTCertificate *certb = (CERTCertificate *)cmpdc->data;
- return CERT_IsNewer(certa, certb);
- }
- return PR_FALSE;
-}
-
-/* CERT_FilterCertListByUsage */
-static PRBool
-nss3certificate_matchUsage(nssDecodedCert *dc, NSSUsage *usage)
-{
- SECStatus secrv;
- unsigned int requiredKeyUsage;
- unsigned int requiredCertType;
- unsigned int certType;
- PRBool match;
- CERTCertificate *cc = (CERTCertificate *)dc->data;
- SECCertUsage secUsage = usage->nss3usage;
- PRBool ca = usage->nss3lookingForCA;
- secrv = CERT_KeyUsageAndTypeForCertUsage(secUsage, ca,
- &requiredKeyUsage,
- &requiredCertType);
- if (secrv != SECSuccess) {
- return PR_FALSE;
- }
- match = PR_TRUE;
- secrv = CERT_CheckKeyUsage(cc, requiredKeyUsage);
- if (secrv != SECSuccess) {
- match = PR_FALSE;
- }
- if (ca) {
- (void)CERT_IsCACert(cc, &certType);
- } else {
- certType = cc->nsCertType;
- }
- if (!(certType & requiredCertType)) {
- match = PR_FALSE;
- }
- return match;
-}
-
-static NSSASCII7 *
-nss3certificate_getEmailAddress(nssDecodedCert *dc)
-{
- CERTCertificate *cc = (CERTCertificate *)dc->data;
- return (NSSASCII7 *)cc->emailAddr;
-}
-
-NSS_IMPLEMENT nssDecodedCert *
-nssDecodedPKIXCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSDER *encoding
-)
-{
- nssDecodedCert *rvDC;
- SECItem secDER;
- rvDC = nss_ZNEW(arenaOpt, nssDecodedCert);
- rvDC->type = NSSCertificateType_PKIX;
- SECITEM_FROM_NSSITEM(&secDER, encoding);
- rvDC->data = (void *)CERT_DecodeDERCertificate(&secDER, PR_TRUE, NULL);
- rvDC->getIdentifier = nss3certificate_getIdentifier;
- rvDC->getIssuerIdentifier = nss3certificate_getIssuerIdentifier;
- rvDC->matchIdentifier = nss3certificate_matchIdentifier;
- rvDC->getUsage = nss3certificate_getUsage;
- rvDC->isValidAtTime = nss3certificate_isValidAtTime;
- rvDC->isNewerThan = nss3certificate_isNewerThan;
- rvDC->matchUsage = nss3certificate_matchUsage;
- rvDC->getEmailAddress = nss3certificate_getEmailAddress;
- return rvDC;
-}
-
-static nssDecodedCert *
-create_decoded_pkix_cert_from_nss3cert
-(
- NSSArena *arenaOpt,
- CERTCertificate *cc
-)
-{
- nssDecodedCert *rvDC;
- rvDC = nss_ZNEW(arenaOpt, nssDecodedCert);
- rvDC->type = NSSCertificateType_PKIX;
- rvDC->data = (void *)cc;
- rvDC->getIdentifier = nss3certificate_getIdentifier;
- rvDC->getIssuerIdentifier = nss3certificate_getIssuerIdentifier;
- rvDC->matchIdentifier = nss3certificate_matchIdentifier;
- rvDC->getUsage = nss3certificate_getUsage;
- rvDC->isValidAtTime = nss3certificate_isValidAtTime;
- rvDC->isNewerThan = nss3certificate_isNewerThan;
- rvDC->matchUsage = nss3certificate_matchUsage;
- rvDC->getEmailAddress = nss3certificate_getEmailAddress;
- return rvDC;
-}
-
-NSS_IMPLEMENT PRStatus
-nssDecodedPKIXCertificate_Destroy
-(
- nssDecodedCert *dc
-)
-{
- /*CERT_DestroyCertificate((CERTCertificate *)dc->data);*/
- nss_ZFreeIf(dc);
- return PR_SUCCESS;
-}
-
-/* From pk11cert.c */
-extern PRBool
-PK11_IsUserCert(PK11SlotInfo *, CERTCertificate *, CK_OBJECT_HANDLE);
-
-/* see pk11cert.c:pk11_HandleTrustObject */
-static unsigned int
-get_nss3trust_from_cktrust(CK_TRUST t)
-{
- unsigned int rt = 0;
- if (t == CKT_NETSCAPE_TRUSTED) {
- rt |= CERTDB_VALID_PEER | CERTDB_TRUSTED;
- }
- if (t == CKT_NETSCAPE_TRUSTED_DELEGATOR) {
- rt |= CERTDB_VALID_CA | CERTDB_TRUSTED_CA | CERTDB_NS_TRUSTED_CA;
- }
- if (t == CKT_NETSCAPE_VALID) {
- rt |= CERTDB_VALID_PEER;
- }
- if (t == CKT_NETSCAPE_VALID_DELEGATOR) {
- rt |= CERTDB_VALID_CA;
- }
- /* user */
- return rt;
-}
-
-static CERTCertTrust *
-nssTrust_GetCERTCertTrustForCert(NSSCertificate *c, NSSToken *token,
- CERTCertificate *cc)
-{
- CERTCertTrust *rvTrust = PORT_ArenaAlloc(cc->arena, sizeof(CERTCertTrust));
- unsigned int client;
- NSSTrust *t = nssToken_FindTrustForCert(token, NULL, c);
- if (!t) {
- return NULL;
- }
- rvTrust->sslFlags = get_nss3trust_from_cktrust(t->serverAuth);
- client = get_nss3trust_from_cktrust(t->clientAuth);
- if (client & (CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA)) {
- client &= ~(CERTDB_TRUSTED_CA|CERTDB_NS_TRUSTED_CA);
- rvTrust->sslFlags |= CERTDB_TRUSTED_CLIENT_CA;
- }
- rvTrust->sslFlags |= client;
- rvTrust->emailFlags = get_nss3trust_from_cktrust(t->emailProtection);
- rvTrust->objectSigningFlags = get_nss3trust_from_cktrust(t->codeSigning);
- if (PK11_IsUserCert(cc->slot, cc, cc->pkcs11ID)) {
- rvTrust->sslFlags |= CERTDB_USER;
- rvTrust->emailFlags |= CERTDB_USER;
- rvTrust->objectSigningFlags |= CERTDB_USER;
- }
- (void)nssPKIObject_Destroy(&t->object);
- return rvTrust;
-}
-
-static nssPKIObjectInstance *
-get_cert_instance(NSSCertificate *c)
-{
- nssPKIObjectInstance *instance;
- instance = NULL;
- nssList_GetArray(c->object.instanceList, (void **)&instance, 1);
- return instance;
-}
-
-static void
-fill_CERTCertificateFields(NSSCertificate *c, CERTCertificate *cc)
-{
- nssPKIObjectInstance *instance = get_cert_instance(c);
- /* fill other fields needed by NSS3 functions using CERTCertificate */
- if (!cc->nickname && c->nickname) {
- PRStatus nssrv;
- int len = nssUTF8_Size(c->nickname, &nssrv);
- cc->nickname = PORT_ArenaAlloc(cc->arena, len);
- memcpy(cc->nickname, c->nickname, len-1);
- cc->nickname[len-1] = '\0';
- }
- if (instance) {
- nssCryptokiInstance *cryptoki = &instance->cryptoki;
- /* slot (ownSlot ?) (addref ?) */
- cc->slot = cryptoki->token->pk11slot;
- /* pkcs11ID */
- cc->pkcs11ID = cryptoki->handle;
- /* trust */
- cc->trust = nssTrust_GetCERTCertTrustForCert(c, cryptoki->token, cc);
- /* database handle is now the trust domain */
- cc->dbhandle = instance->trustDomain;
- }
- /* subjectList ? */
- /* pointer back */
- cc->nssCertificate = c;
-}
-
-NSS_EXTERN CERTCertificate *
-STAN_GetCERTCertificate(NSSCertificate *c)
-{
- nssDecodedCert *dc;
- CERTCertificate *cc;
- if (!c->decoding) {
- dc = nssDecodedPKIXCertificate_Create(NULL, &c->encoding);
- if (!dc) return NULL;
- c->decoding = dc;
- } else {
- dc = c->decoding;
- }
- cc = (CERTCertificate *)dc->data;
- if (!cc->nssCertificate) {
- fill_CERTCertificateFields(c, cc);
- } else if (!cc->trust) {
- nssPKIObjectInstance *instance = get_cert_instance(c);
- cc->trust = nssTrust_GetCERTCertTrustForCert(c,
- instance->cryptoki.token,
- cc);
- }
- return cc;
-}
-
-static CK_TRUST
-get_stan_trust(unsigned int t, PRBool isClientAuth)
-{
- if (isClientAuth) {
- if (t & CERTDB_TRUSTED_CLIENT_CA) {
- return CKT_NETSCAPE_TRUSTED_DELEGATOR;
- }
- } else {
- if (t & CERTDB_TRUSTED_CA || t & CERTDB_NS_TRUSTED_CA) {
- return CKT_NETSCAPE_TRUSTED_DELEGATOR;
- }
- }
- if (t & CERTDB_TRUSTED) {
- return CKT_NETSCAPE_TRUSTED;
- }
- if (t & CERTDB_VALID_CA) {
- return CKT_NETSCAPE_VALID_DELEGATOR;
- }
- if (t & CERTDB_VALID_PEER) {
- return CKT_NETSCAPE_VALID;
- }
- return CKT_NETSCAPE_UNTRUSTED;
-}
-
-NSS_EXTERN NSSCertificate *
-STAN_GetNSSCertificate(CERTCertificate *cc)
-{
- NSSCertificate *c;
- nssPKIObject *object;
- nssPKIObjectInstance *instance;
- NSSArena *arena;
- c = cc->nssCertificate;
- if (c) {
- return c;
- }
- /* i don't think this should happen. but if it can, need to create
- * NSSCertificate from CERTCertificate values here. */
- /* Yup, it can happen. */
- arena = NSSArena_Create();
- if (!arena) {
- return NULL;
- }
- c = nss_ZNEW(arena, NSSCertificate);
- if (!c) {
- goto loser;
- }
- object = &c->object;
- NSSITEM_FROM_SECITEM(&c->encoding, &cc->derCert);
- c->type = NSSCertificateType_PKIX;
- object->arena = arena;
- object->refCount = 1;
- object->instanceList = nssList_Create(arena, PR_TRUE);
- object->instances = nssList_CreateIterator(object->instanceList);
- nssItem_Create(arena,
- &c->issuer, cc->derIssuer.len, cc->derIssuer.data);
- nssItem_Create(arena,
- &c->subject, cc->derSubject.len, cc->derSubject.data);
- if (PR_TRUE) {
- /* CERTCertificate stores serial numbers decoded. I need the DER
- * here. sigh.
- */
- SECItem derSerial;
- CERT_SerialNumberFromDERCert(&cc->derCert, &derSerial);
- nssItem_Create(arena, &c->serial, derSerial.len, derSerial.data);
- PORT_Free(derSerial.data);
- }
- if (cc->nickname) {
- c->nickname = nssUTF8_Create(arena,
- nssStringType_UTF8String,
- (NSSUTF8 *)cc->nickname,
- PORT_Strlen(cc->nickname));
- }
- if (cc->emailAddr) {
- c->email = nssUTF8_Create(arena,
- nssStringType_PrintableString,
- (NSSUTF8 *)cc->emailAddr,
- PORT_Strlen(cc->emailAddr));
- }
- instance = nss_ZNEW(arena, nssPKIObjectInstance);
- instance->trustDomain = (NSSTrustDomain *)cc->dbhandle;
- if (cc->slot) {
- instance->cryptoki.token = PK11Slot_GetNSSToken(cc->slot);
- instance->cryptoki.handle = cc->pkcs11ID;
- }
- nssList_Add(object->instanceList, instance);
- c->decoding = create_decoded_pkix_cert_from_nss3cert(arena, cc);
- cc->nssCertificate = c;
- return c;
-loser:
- nssArena_Destroy(arena);
- return NULL;
-}
-
-NSS_EXTERN PRStatus
-STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust)
-{
- PRStatus nssrv;
- NSSCertificate *c = STAN_GetNSSCertificate(cc);
- nssPKIObjectInstance *instance;
- NSSTrust nssTrust;
- /* Set the CERTCertificate's trust */
- cc->trust = trust;
- /* Set the NSSCerticate's trust */
- nssTrust.certificate = c;
- nssTrust.object.arena = nssArena_Create();
- nssTrust.object.instanceList = nssList_Create(nssTrust.object.arena,
- PR_FALSE);
- nssTrust.object.instances = nssList_CreateIterator(
- nssTrust.object.instanceList);
- nssTrust.serverAuth = get_stan_trust(trust->sslFlags, PR_FALSE);
- nssTrust.clientAuth = get_stan_trust(trust->sslFlags, PR_TRUE);
- nssTrust.emailProtection = get_stan_trust(trust->emailFlags, PR_FALSE);
- nssTrust.codeSigning = get_stan_trust(trust->objectSigningFlags, PR_FALSE);
- instance = get_cert_instance(c);
- /* maybe GetDefaultTrustToken()? */
- nssrv = nssToken_ImportTrust(instance->cryptoki.token, NULL, &nssTrust,
- instance->trustDomain, instance->cryptoContext);
- (void)nssPKIObject_Destroy(&nssTrust.object);
- return nssrv;
-}
-
-/* CERT_TraversePermCertsForSubject */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_TraverseCertificatesBySubject
-(
- NSSTrustDomain *td,
- NSSDER *subject,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- PRStatus nssrv;
- NSSArena *tmpArena;
- NSSCertificate **subjectCerts;
- NSSCertificate *c;
- PRIntn i;
- tmpArena = NSSArena_Create();
- subjectCerts = NSSTrustDomain_FindCertificatesBySubject(td, subject, NULL,
- 0, tmpArena);
- if (subjectCerts) {
- for (i=0, c = subjectCerts[i]; c; i++) {
- nssrv = callback(c, arg);
- if (nssrv != PR_SUCCESS) break;
- }
- }
- nssArena_Destroy(tmpArena);
- return nssrv;
-}
-
-/* CERT_TraversePermCertsForNickname */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_TraverseCertificatesByNickname
-(
- NSSTrustDomain *td,
- NSSUTF8 *nickname,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- PRStatus nssrv;
- NSSArena *tmpArena;
- NSSCertificate **nickCerts;
- NSSCertificate *c;
- PRIntn i;
- tmpArena = NSSArena_Create();
- nickCerts = NSSTrustDomain_FindCertificatesByNickname(td, nickname, NULL,
- 0, tmpArena);
- if (nickCerts) {
- for (i=0, c = nickCerts[i]; c; i++) {
- nssrv = callback(c, arg);
- if (nssrv != PR_SUCCESS) break;
- }
- }
- nssArena_Destroy(tmpArena);
- return nssrv;
-}
-
-/* SEC_TraversePermCerts */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_TraverseCertificates
-(
- NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- PRStatus nssrv;
- NSSToken *token;
- nssList *certList;
- nssTokenCertSearch search;
- /* grab all cache certs (XXX please only do this here...)
- * the alternative is to provide a callback through search that allows
- * the token to query the cache for the cert during traversal.
- */
- certList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsFromCache(td, certList);
- /* set the search criteria */
- search.callback = callback;
- search.cbarg = arg;
- search.cached = certList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- for (token = (NSSToken *)nssListIterator_Start(td->tokens);
- token != (NSSToken *)NULL;
- token = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- nssrv = nssToken_TraverseCertificates(token, NULL, &search);
- }
- nssListIterator_Finish(td->tokens);
- nssList_Destroy(certList);
- return nssrv;
-}
-
-#if 0
-static CK_CERTIFICATE_TYPE
-get_cert_type(NSSCertificateType nssType)
-{
- switch (nssType) {
- case NSSCertificateType_PKIX:
- return CKC_X_509;
- default:
- return CK_INVALID_HANDLE; /* Not really! CK_INVALID_HANDLE is not a
- * type CK_CERTIFICATE_TYPE */
- }
-}
-#endif
-
-NSS_IMPLEMENT NSSToken *
-STAN_GetInternalToken(void)
-{
- return NULL;
-}
-
-/* CERT_AddTempCertToPerm */
-NSS_EXTERN PRStatus
-nssTrustDomain_AddTempCertToPerm
-(
- NSSCertificate *c
-)
-{
-#if 0
- NSSToken *token;
- CK_CERTIFICATE_TYPE cert_type;
- CK_ATTRIBUTE cert_template[] =
- {
- { CKA_CLASS, NULL, 0 },
- { CKA_CERTIFICATE_TYPE, NULL, 0 },
- { CKA_ID, NULL, 0 },
- { CKA_VALUE, NULL, 0 },
- { CKA_LABEL, NULL, 0 },
- { CKA_ISSUER, NULL, 0 },
- { CKA_SUBJECT, NULL, 0 },
- { CKA_SERIAL_NUMBER, NULL, 0 }
- };
- CK_ULONG ctsize;
- ctsize = (CK_ULONG)(sizeof(cert_template) / sizeof(cert_template[0]));
- /* XXX sanity checking needed */
- cert_type = get_cert_type(c->type);
- /* Set up the certificate object */
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 0, &g_ck_class_cert);
- NSS_CK_SET_ATTRIBUTE_VAR( cert_template, 1, cert_type);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 2, &c->id);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 3, &c->encoding);
- NSS_CK_SET_ATTRIBUTE_UTF8(cert_template, 4, c->nickname);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 5, &c->issuer);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 6, &c->subject);
- NSS_CK_SET_ATTRIBUTE_ITEM(cert_template, 7, &c->serial);
- /* This is a hack, ignoring the 4.0 token ordering scheme */
- token = STAN_GetInternalToken();
- c->handle = nssToken_ImportObject(token, NULL, cert_template, ctsize);
- if (c->handle == CK_INVALID_HANDLE) {
- return PR_FAILURE;
- }
- c->token = token;
- c->slot = token->slot;
- /* Do the trust object */
- return PR_SUCCESS;
-#endif
- return PR_FAILURE;
-}
diff --git a/security/nss/lib/pki/pki3hack.h b/security/nss/lib/pki/pki3hack.h
deleted file mode 100644
index 1472c2ae0..000000000
--- a/security/nss/lib/pki/pki3hack.h
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKINSS3HACK_H
-#define PKINSS3HACK_H
-
-#ifdef DEBUG
-static const char PKINSS3HACK_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#include "cert.h"
-
-PR_BEGIN_EXTERN_C
-
-#define NSSITEM_FROM_SECITEM(nssit, secit) \
- (nssit)->data = (void *)(secit)->data; \
- (nssit)->size = (PRUint32)(secit)->len;
-
-#define SECITEM_FROM_NSSITEM(secit, nssit) \
- (secit)->data = (unsigned char *)(nssit)->data; \
- (secit)->len = (unsigned int)(nssit)->size;
-
-NSS_EXTERN NSSTrustDomain *
-STAN_GetDefaultTrustDomain();
-
-NSS_EXTERN NSSCryptoContext *
-STAN_GetDefaultCryptoContext();
-
-NSS_EXTERN void
-STAN_LoadDefaultNSS3TrustDomain
-(
- void
-);
-
-NSS_EXTERN void
-STAN_Shutdown();
-
-NSS_EXTERN PRStatus
-STAN_AddNewSlotToDefaultTD
-(
- PK11SlotInfo *sl
-);
-
-NSS_EXTERN CERTCertificate *
-STAN_GetCERTCertificate(NSSCertificate *c);
-
-NSS_EXTERN NSSCertificate *
-STAN_GetNSSCertificate(CERTCertificate *c);
-
-NSS_EXTERN PRStatus
-STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust);
-
-/* exposing this */
-NSS_EXTERN NSSCertificate *
-NSSCertificate_Create
-(
- NSSArena *arenaOpt
-);
-
-/* This function is being put here because it is a hack for
- * PK11_FindCertFromNickname.
- */
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_FindBestCertificateByNicknameForToken
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSUTF8 *name,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-);
-
-/* This function is being put here because it is a hack for
- * PK11_FindCertsFromNickname.
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_FindCertificatesByNicknameForToken
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-);
-
-/* CERT_TraversePermCertsForSubject */
-NSS_EXTERN PRStatus
-nssTrustDomain_TraverseCertificatesBySubject
-(
- NSSTrustDomain *td,
- NSSDER *subject,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-/* CERT_TraversePermCertsForNickname */
-NSS_EXTERN PRStatus
-nssTrustDomain_TraverseCertificatesByNickname
-(
- NSSTrustDomain *td,
- NSSUTF8 *nickname,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-/* SEC_TraversePermCerts */
-NSS_EXTERN PRStatus
-nssTrustDomain_TraverseCertificates
-(
- NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-);
-
-/* CERT_AddTempCertToPerm */
-NSS_EXTERN PRStatus
-nssTrustDomain_AddTempCertToPerm
-(
- NSSCertificate *c
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKINSS3HACK_H */
diff --git a/security/nss/lib/pki/pkim.h b/security/nss/lib/pki/pkim.h
deleted file mode 100644
index 5f2651f86..000000000
--- a/security/nss/lib/pki/pkim.h
+++ /dev/null
@@ -1,276 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIM_H
-#define PKIM_H
-
-#ifdef DEBUG
-static const char PKIM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef PKITM_H
-#include "pkitm.h"
-#endif /* PKITM_H */
-
-PR_BEGIN_EXTERN_C
-
-/* Token ordering routines */
-
-/*
- * Given a crypto algorithm, return the preferred token for performing
- * the crypto operation.
- */
-NSS_EXTERN NSSToken *
-nssTrustDomain_GetCryptoToken
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap
-);
-
-/* The following routines are used to obtain the preferred token on which
- * to store particular objects.
- */
-
-/*
- * Find the preferred token for storing user certificates.
- */
-NSS_EXTERN NSSToken *
-nssTrustDomain_GetUserCertToken
-(
- NSSTrustDomain *td
-);
-
-/*
- * Find the preferred token for storing email certificates.
- */
-NSS_EXTERN NSSToken *
-nssTrustDomain_GetEmailCertToken
-(
- NSSTrustDomain *td
-);
-
-/*
- * Find the preferred token for storing SSL certificates.
- */
-NSS_EXTERN NSSToken *
-nssTrustDomain_GetSSLCertToken
-(
- NSSTrustDomain *td
-);
-
-/*
- * Find the preferred token for storing root certificates.
- */
-NSS_EXTERN NSSToken *
-nssTrustDomain_GetRootCertToken
-(
- NSSTrustDomain *td
-);
-
-/*
- * Find the preferred token for storing private keys.
- */
-NSS_EXTERN NSSToken *
-nssTrustDomain_GetPrivateKeyToken
-(
- NSSTrustDomain *td
-);
-
-/*
- * Find the preferred token for storing symmetric keys.
- */
-NSS_EXTERN NSSToken *
-nssTrustDomain_GetSymmetricKeyToken
-(
- NSSTrustDomain *td
-);
-
-/* Certificate cache routines */
-
-NSS_EXTERN PRStatus
-nssTrustDomain_AddCertsToCache
-(
- NSSTrustDomain *td,
- NSSCertificate **certs,
- PRUint32 numCerts
-);
-
-NSS_EXTERN void
-nssTrustDomain_RemoveCertFromCache
-(
- NSSTrustDomain *td,
- NSSCertificate *cert
-);
-
-NSS_EXTERN void
-nssTrustDomain_FlushCache
-(
- NSSTrustDomain *td,
- PRFloat64 threshold
-);
-
-/*
- * Remove all certs for the given token from the cache. This is
- * needed if the token is removed.
- */
-NSS_EXTERN PRStatus
-nssTrustDomain_RemoveTokenCertsFromCache
-(
- NSSTrustDomain *td,
- NSSToken *token
-);
-
-/*
- * Find all cached certs with this nickname (label).
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsForNicknameFromCache
-(
- NSSTrustDomain *td,
- NSSUTF8 *nickname,
- nssList *certListOpt
-);
-
-/*
- * Find all cached certs with this email address.
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsForEmailAddressFromCache
-(
- NSSTrustDomain *td,
- NSSASCII7 *email,
- nssList *certListOpt
-);
-
-/*
- * Find all cached certs with this subject.
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsForSubjectFromCache
-(
- NSSTrustDomain *td,
- NSSDER *subject,
- nssList *certListOpt
-);
-
-/*
- * Look for a specific cert in the cache.
- */
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_GetCertForIssuerAndSNFromCache
-(
- NSSTrustDomain *td,
- NSSDER *issuer,
- NSSDER *serialNum
-);
-
-/*
- * Look for a specific cert in the cache.
- */
-NSS_EXTERN NSSCertificate *
-nssTrustDomain_GetCertByDERFromCache
-(
- NSSTrustDomain *td,
- NSSDER *der
-);
-
-/* Get all certs from the cache */
-/* XXX this is being included to make some old-style calls word, not to
- * say we should keep it
- */
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsFromCache
-(
- NSSTrustDomain *td,
- nssList *certListOpt
-);
-
-NSS_EXTERN PRStatus
-nssCertificate_SetCertTrust
-(
- NSSCertificate *c,
- NSSTrust *trust
-);
-
-NSS_EXTERN nssDecodedCert *
-nssCertificate_GetDecoding
-(
- NSSCertificate *c
-);
-
-NSS_EXTERN nssDecodedCert *
-nssDecodedCert_Create
-(
- NSSArena *arenaOpt,
- NSSDER *encoding,
- NSSCertificateType type
-);
-
-NSS_EXTERN PRStatus
-nssDecodedCert_Destroy
-(
- nssDecodedCert *dc
-);
-
-NSS_EXTERN PRStatus
-nssPKIObject_Destroy
-(
- nssPKIObject *object
-);
-
-NSS_EXTERN NSSTime *
-NSSTime_Now
-(
- NSSTime *timeOpt
-);
-
-NSS_EXTERN NSSTime *
-NSSTime_SetPRTime
-(
- NSSTime *timeOpt,
- PRTime prTime
-);
-
-NSS_EXTERN PRTime
-NSSTime_GetPRTime
-(
- NSSTime *time
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKIM_H */
diff --git a/security/nss/lib/pki/pkit.h b/security/nss/lib/pki/pkit.h
deleted file mode 100644
index 22623f285..000000000
--- a/security/nss/lib/pki/pkit.h
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIT_H
-#define PKIT_H
-
-#ifdef DEBUG
-static const char PKIT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkit.h
- *
- * This file contains definitions for the types of the top-level PKI objects.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifdef NSS_3_4_CODE
-#include "certt.h"
-#include "pkcs11t.h"
-#endif /* NSS_3_4_CODE */
-
-#ifndef NSSPKIT_H
-#include "nsspkit.h"
-#endif /* NSSPKIT_H */
-
-#ifndef NSSDEVT_H
-#include "nssdevt.h"
-#endif /* NSSDEVT_H */
-
-#ifndef DEVT_H
-#include "devt.h"
-#endif /* DEVT_H */
-
-PR_BEGIN_EXTERN_C
-
-typedef struct nssDecodedCertStr nssDecodedCert;
-
-typedef struct nssPKIObjectInstanceStr nssPKIObjectInstance;
-
-typedef struct nssPKIObjectStr nssPKIObject;
-
-struct nssPKIObjectInstanceStr
-{
- nssCryptokiInstance cryptoki;
- NSSTrustDomain *trustDomain;
- NSSCryptoContext *cryptoContext;
-};
-
-struct nssPKIObjectStr
-{
- PRInt32 refCount;
- NSSArena *arena;
- nssList *instanceList; /* list of nssPKIObjectInstance */
- nssListIterator *instances;
-};
-
-struct NSSTrustStr
-{
- struct nssPKIObjectStr object;
- NSSCertificate *certificate;
- nssTrustLevel serverAuth;
- nssTrustLevel clientAuth;
- nssTrustLevel emailProtection;
- nssTrustLevel codeSigning;
-};
-
-struct NSSCertificateStr
-{
- struct nssPKIObjectStr object;
- NSSCertificateType type;
- NSSItem id;
- NSSBER encoding;
- NSSDER issuer;
- NSSDER subject;
- NSSDER serial;
- NSSUTF8 *nickname;
- NSSASCII7 *email;
- nssDecodedCert *decoding;
-};
-
-struct NSSPrivateKeyStr;
-
-struct NSSPublicKeyStr;
-
-struct NSSSymmetricKeyStr;
-
-typedef struct nssTDCertificateCacheStr nssTDCertificateCache;
-
-struct NSSTrustDomainStr {
- PRInt32 refCount;
- NSSArena *arena;
- NSSCallback defaultCallback;
- nssList *tokenList;
- nssListIterator *tokens;
- nssTDCertificateCache *cache;
-#ifdef NSS_3_4_CODE
- void *spkDigestInfo;
- CERTStatusConfig *statusConfig;
-#endif
-};
-
-struct NSSCryptoContextStr
-{
- PRInt32 refCount;
- NSSArena *arena;
- NSSTrustDomain *td;
- NSSToken *token;
- nssSession *session;
-};
-
-struct NSSTimeStr;
-
-struct NSSPoliciesStr;
-
-struct NSSAlgorithmAndParametersStr;
-
-struct NSSPKIXCertificateStr;
-
-PR_END_EXTERN_C
-
-#endif /* PKIT_H */
diff --git a/security/nss/lib/pki/pkitm.h b/security/nss/lib/pki/pkitm.h
deleted file mode 100644
index 991054c2a..000000000
--- a/security/nss/lib/pki/pkitm.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKITM_H
-#define PKITM_H
-
-#ifdef DEBUG
-static const char PKITM_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkitm.h
- *
- * This file contains PKI-module specific types.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nssDecodedCert
- *
- * This is an interface to allow the PKI module access to certificate
- * information that can only be found by decoding. The interface is
- * generic, allowing each certificate type its own way of providing
- * the information
- */
-struct nssDecodedCertStr {
- NSSCertificateType type;
- void *data;
- /* returns the unique identifier for the cert */
- NSSItem * (*getIdentifier)(nssDecodedCert *dc);
- /* returns the unique identifier for this cert's issuer */
- NSSItem * (*getIssuerIdentifier)(nssDecodedCert *dc);
- /* is id the identifier for this cert? */
- PRBool (*matchIdentifier)(nssDecodedCert *dc, NSSItem *id);
- /* returns the cert usage */
- NSSUsage * (*getUsage)(nssDecodedCert *dc);
- /* is time within the validity period of the cert? */
- PRBool (*isValidAtTime)(nssDecodedCert *dc, NSSTime *time);
- /* is the validity period of this cert newer than cmpdc? */
- PRBool (*isNewerThan)(nssDecodedCert *dc, nssDecodedCert *cmpdc);
- /* does the usage for this cert match the requested usage? */
- PRBool (*matchUsage)(nssDecodedCert *dc, NSSUsage *usage);
- /* extract the email address */
- NSSASCII7 *(*getEmailAddress)(nssDecodedCert *dc);
-};
-
-struct NSSUsageStr {
- PRBool anyUsage;
-#ifdef NSS_3_4_CODE
- SECCertUsage nss3usage;
- PRBool nss3lookingForCA;
-#endif
-};
-
-PR_END_EXTERN_C
-
-#endif /* PKITM_H */
diff --git a/security/nss/lib/pki/symmkey.c b/security/nss/lib/pki/symmkey.c
deleted file mode 100644
index 773bdc246..000000000
--- a/security/nss/lib/pki/symmkey.c
+++ /dev/null
@@ -1,318 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_Destroy
-(
- NSSSymmetricKey *mk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_DeleteStoredObject
-(
- NSSSymmetricKey *mk,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSSymmetricKey_GetKeyLength
-(
- NSSSymmetricKey *mk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
-
-NSS_IMPLEMENT PRUint32
-NSSSymmetricKey_GetKeyStrength
-(
- NSSSymmetricKey *mk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_IsStillPresent
-(
- NSSSymmetricKey *mk
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSSymmetricKey_GetTrustDomain
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSSymmetricKey_GetToken
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSSymmetricKey_GetSlot
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSModule *
-NSSSymmetricKey_GetModule
-(
- NSSSymmetricKey *mk,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Encrypt
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Decrypt
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *encryptedData,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_Sign
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_SignRecover
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSSymmetricKey_Verify
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *data,
- NSSItem *signature,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_VerifyRecover
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *signature,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_WrapSymmetricKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSSymmetricKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSItem *
-NSSSymmetricKey_WrapPrivateKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSPrivateKey *keyToWrap,
- NSSCallback *uhh,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSSymmetricKey_UnwrapSymmetricKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSOID *target,
- PRUint32 keySizeOpt,
- NSSOperations operations,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSSymmetricKey_UnwrapPrivateKey
-(
- NSSSymmetricKey *wrappingKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSItem *wrappedKey,
- NSSUTF8 *labelOpt,
- NSSItem *keyIDOpt,
- PRBool persistant,
- PRBool sensitive,
- NSSToken *destinationOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSSymmetricKey_DeriveSymmetricKey
-(
- NSSSymmetricKey *originalKey,
- NSSAlgorithmAndParameters *apOpt,
- NSSOID *target,
- PRUint32 keySizeOpt,
- NSSOperations operations,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSSymmetricKey_CreateCryptoContext
-(
- NSSSymmetricKey *mk,
- NSSAlgorithmAndParameters *apOpt,
- NSSCallback *uhh
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
diff --git a/security/nss/lib/pki/tdcache.c b/security/nss/lib/pki/tdcache.c
deleted file mode 100644
index cc4612f41..000000000
--- a/security/nss/lib/pki/tdcache.c
+++ /dev/null
@@ -1,996 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef PKIT_H
-#include "pkit.h"
-#endif /* PKIT_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifdef DEBUG_CACHE
-static PRLogModuleInfo *s_log = NULL;
-#endif
-
-#ifdef DEBUG_CACHE
-static void log_item_dump(const char *msg, NSSItem *it)
-{
- char buf[33];
- int i, j;
- for (i=0; i<10 && i<it->size; i++) {
- sprintf(&buf[2*i], "%02X", ((PRUint8 *)it->data)[i]);
- }
- if (it->size>10) {
- sprintf(&buf[2*i], "..");
- i += 1;
- for (j=it->size-1; i<=16 && j>10; i++, j--) {
- sprintf(&buf[2*i], "%02X", ((PRUint8 *)it->data)[j]);
- }
- }
- PR_LOG(s_log, PR_LOG_DEBUG, ("%s: %s", msg, buf));
-}
-#endif
-
-#ifdef DEBUG_CACHE
-static void log_cert_ref(const char *msg, NSSCertificate *c)
-{
- PR_LOG(s_log, PR_LOG_DEBUG, ("%s: %s", msg,
- (c->nickname) ? c->nickname : c->email));
- log_item_dump("\tserial", &c->serial);
- log_item_dump("\tsubject", &c->subject);
-}
-#endif
-
-/* Certificate cache routines */
-
-/* XXX
- * Locking is not handled well at all. A single, global lock with sub-locks
- * in the collection types. Cleanup needed.
- */
-
-/* should it live in its own arena? */
-struct nssTDCertificateCacheStr
-{
- PZLock *lock;
- NSSArena *arena;
- nssHash *issuerAndSN;
- nssHash *subject;
- nssHash *nickname;
- nssHash *email;
-};
-
-struct cache_entry_str
-{
- union {
- NSSCertificate *cert;
- nssList *list;
- void *value;
- } entry;
- PRUint32 hits;
- PRTime lastHit;
-};
-
-typedef struct cache_entry_str cache_entry;
-
-static cache_entry *
-new_cache_entry(NSSArena *arena, void *value)
-{
- cache_entry *ce = nss_ZNEW(arena, cache_entry);
- if (ce) {
- ce->entry.value = value;
- ce->hits = 1;
- ce->lastHit = PR_Now();
- }
- return ce;
-}
-
-static PLHashNumber
-nss_certificate_hash
-(
- const void *key
-)
-{
- int i;
- PLHashNumber h;
- NSSCertificate *c = (NSSCertificate *)key;
- h = 0;
- for (i=0; i<c->issuer.size; i++)
- h = (h >> 28) ^ (h << 4) ^ ((unsigned char *)c->issuer.data)[i];
- for (i=0; i<c->serial.size; i++)
- h = (h >> 28) ^ (h << 4) ^ ((unsigned char *)c->serial.data)[i];
- return h;
-}
-
-static int
-nss_compare_certs(const void *v1, const void *v2)
-{
- PRStatus ignore;
- NSSCertificate *c1 = (NSSCertificate *)v1;
- NSSCertificate *c2 = (NSSCertificate *)v2;
- return (int)(nssItem_Equal(&c1->issuer, &c2->issuer, &ignore) &&
- nssItem_Equal(&c1->serial, &c2->serial, &ignore));
-}
-
-/* sort the subject list from newest to oldest */
-static PRIntn subject_list_sort(void *v1, void *v2)
-{
- NSSCertificate *c1 = (NSSCertificate *)v1;
- NSSCertificate *c2 = (NSSCertificate *)v2;
- nssDecodedCert *dc1 = nssCertificate_GetDecoding(c1);
- nssDecodedCert *dc2 = nssCertificate_GetDecoding(c2);
- if (dc1->isNewerThan(dc1, dc2)) {
- return -1;
- } else {
- return 1;
- }
-}
-
-/* this should not be exposed in a header, but is here to keep the above
- * types/functions static
- */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_InitializeCache
-(
- NSSTrustDomain *td,
- PRUint32 cacheSize
-)
-{
- NSSArena *arena;
- nssTDCertificateCache *cache = td->cache;
-#ifdef DEBUG_CACHE
- s_log = PR_NewLogModule("nss_cache");
- PR_ASSERT(s_log);
-#endif
- PR_ASSERT(!cache);
- arena = nssArena_Create();
- if (!arena) {
- return PR_FAILURE;
- }
- cache = nss_ZNEW(arena, nssTDCertificateCache);
- if (!cache) {
- nssArena_Destroy(arena);
- return PR_FAILURE;
- }
- cache->lock = PZ_NewLock(nssILockCache);
- if (!cache->lock) {
- nssArena_Destroy(arena);
- return PR_FAILURE;
- }
- PZ_Lock(cache->lock);
- /* Create the issuer and serial DER --> certificate hash */
- cache->issuerAndSN = nssHash_Create(arena, cacheSize,
- nss_certificate_hash,
- nss_compare_certs,
- PL_CompareValues);
- if (!cache->issuerAndSN) {
- goto loser;
- }
- /* Create the subject DER --> subject list hash */
- cache->subject = nssHash_CreateItem(arena, cacheSize);
- if (!cache->subject) {
- goto loser;
- }
- /* Create the nickname --> subject list hash */
- cache->nickname = nssHash_CreateString(arena, cacheSize);
- if (!cache->nickname) {
- goto loser;
- }
- /* Create the email --> list of subject lists hash */
- cache->email = nssHash_CreateString(arena, cacheSize);
- if (!cache->email) {
- goto loser;
- }
- cache->arena = arena;
- PZ_Unlock(cache->lock);
- td->cache = cache;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialized."));
-#endif
- return PR_SUCCESS;
-loser:
- PZ_Unlock(cache->lock);
- PZ_DestroyLock(cache->lock);
- nssArena_Destroy(arena);
- td->cache = NULL;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("Cache initialization failed."));
-#endif
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_DestroyCache
-(
- NSSTrustDomain *td
-)
-{
- if (!td->cache) {
- return PR_FAILURE;
- }
- PZ_DestroyLock(td->cache->lock);
- nssHash_Destroy(td->cache->issuerAndSN);
- nssHash_Destroy(td->cache->subject);
- nssHash_Destroy(td->cache->nickname);
- nssHash_Destroy(td->cache->email);
- nssArena_Destroy(td->cache->arena);
- td->cache = NULL;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("Cache destroyed."));
-#endif
- return PR_SUCCESS;
-}
-
-static PRStatus
-remove_issuer_and_serial_entry
-(
- nssTDCertificateCache *cache,
- NSSCertificate *cert
-)
-{
- /* Remove the cert from the issuer/serial hash */
- nssHash_Remove(cache->issuerAndSN, cert);
-#ifdef DEBUG_CACHE
- log_cert_ref("removed issuer/sn", cert);
-#endif
- return PR_SUCCESS;
-}
-
-static PRStatus
-remove_subject_entry
-(
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- nssList **subjectList
-)
-{
- PRStatus nssrv;
- cache_entry *ce;
- *subjectList = NULL;
- /* Get the subject list for the cert's subject */
- ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject);
- if (ce) {
- /* Remove the cert from the subject hash */
- nssList_Remove(ce->entry.list, cert);
- *subjectList = ce->entry.list;
- nssrv = PR_SUCCESS;
-#ifdef DEBUG_CACHE
- log_cert_ref("removed cert", cert);
- log_item_dump("from subject list", &cert->subject);
-#endif
- } else {
- nssrv = PR_FAILURE;
- }
- return nssrv;
-}
-
-static PRStatus
-remove_nickname_entry
-(
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- nssList *subjectList
-)
-{
- PRStatus nssrv;
- if (cert->nickname) {
- nssHash_Remove(cache->nickname, cert->nickname);
- nssrv = PR_SUCCESS;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("removed nickname %s", cert->nickname));
-#endif
- } else {
- nssrv = PR_FAILURE;
- }
- return nssrv;
-}
-
-static PRStatus
-remove_email_entry
-(
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- nssList *subjectList
-)
-{
- PRStatus nssrv = PR_FAILURE;
- cache_entry *ce;
- /* Find the subject list in the email hash */
- if (cert->email) {
- ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email);
- if (ce) {
- nssList *subjects = ce->entry.list;
- /* Remove the subject list from the email hash */
- nssList_Remove(subjects, subjectList);
-#ifdef DEBUG_CACHE
- log_item_dump("removed subject list", &cert->subject);
- PR_LOG(s_log, PR_LOG_DEBUG, ("for email %s", cert->email));
-#endif
- if (nssList_Count(subjects) == 0) {
- /* No more subject lists for email, delete list and
- * remove hash entry
- */
- (void)nssList_Destroy(subjects);
- nssHash_Remove(cache->email, cert->email);
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("removed email %s", cert->email));
-#endif
- }
- nssrv = PR_SUCCESS;
- }
- }
- return nssrv;
-}
-
-NSS_IMPLEMENT void
-nssTrustDomain_RemoveCertFromCache
-(
- NSSTrustDomain *td,
- NSSCertificate *cert
-)
-{
- nssList *subjectList;
- PRStatus nssrv;
-#ifdef DEBUG_CACHE
- log_cert_ref("attempt to remove cert", cert);
-#endif
- PZ_Lock(td->cache->lock);
- if (!nssHash_Exists(td->cache->issuerAndSN, cert)) {
- PZ_Unlock(td->cache->lock);
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("but it wasn't in the cache"));
-#endif
- return;
- }
- nssrv = remove_issuer_and_serial_entry(td->cache, cert);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- nssrv = remove_subject_entry(td->cache, cert, &subjectList);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- if (nssList_Count(subjectList) == 0) {
- PRStatus nssrv2;
- nssrv = remove_nickname_entry(td->cache, cert, subjectList);
- nssrv2 = remove_email_entry(td->cache, cert, subjectList);
-#ifndef NSS_3_4_CODE
- /* XXX Again, 3.4 allows for certs w/o either nickname or email */
- if (nssrv != PR_SUCCESS && nssrv2 != PR_SUCCESS) {
- goto loser;
- }
-#endif
- (void)nssList_Destroy(subjectList);
- nssHash_Remove(td->cache->subject, &cert->subject);
- }
- PZ_Unlock(td->cache->lock);
- return;
-loser:
- /* if here, then the cache is inconsistent. For now, flush it. */
- PZ_Unlock(td->cache->lock);
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("remove cert failed, flushing"));
-#endif
- nssTrustDomain_FlushCache(td, -1.0);
-}
-
-/* This is used to remove all certs below a certain threshold, where
- * the value is determined by how many times the cert has been requested
- * and when the last request was.
- */
-NSS_IMPLEMENT void
-nssTrustDomain_FlushCache
-(
- NSSTrustDomain *td,
- PRFloat64 threshold
-)
-{
-}
-
-struct token_cert_destructor {
- nssTDCertificateCache *cache;
- NSSToken *token;
-};
-
-static void
-remove_token_certs(const void *k, void *v, void *a)
-{
-#if 0
- struct NSSItem *identifier = (struct NSSItem *)k;
- NSSCertificate *c = (NSSCertificate *)v;
- struct token_cert_destructor *tcd = (struct token_cert_destructor *)a;
- if (c->token == tcd->token) {
- nssHash_Remove(tcd->cache->issuerAndSN, identifier);
- /* remove from the other hashes */
- }
-#endif
-}
-
-/*
- * Remove all certs for the given token from the cache. This is
- * needed if the token is removed.
- */
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_RemoveTokenCertsFromCache
-(
- NSSTrustDomain *td,
- NSSToken *token
-)
-{
- struct token_cert_destructor tcd;
- tcd.cache = td->cache;
- tcd.token = token;
- PZ_Lock(td->cache->lock);
- nssHash_Iterate(td->cache->issuerAndSN, remove_token_certs, (void *)&tcd);
- PZ_Unlock(td->cache->lock);
- return PR_SUCCESS;
-}
-
-static PRStatus
-add_issuer_and_serial_entry
-(
- NSSArena *arena,
- nssTDCertificateCache *cache,
- NSSCertificate *cert
-)
-{
- cache_entry *ce;
- ce = new_cache_entry(arena, (void *)cert);
-#ifdef DEBUG_CACHE
- log_cert_ref("added to issuer/sn", cert);
-#endif
- return nssHash_Add(cache->issuerAndSN, cert, (void *)ce);
-}
-
-static PRStatus
-add_subject_entry
-(
- NSSArena *arena,
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- nssList **subjectList
-)
-{
- PRStatus nssrv;
- nssList *list;
- cache_entry *ce;
- *subjectList = NULL; /* this is only set if a new one is created */
- ce = (cache_entry *)nssHash_Lookup(cache->subject, &cert->subject);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
- /* The subject is already in, add this cert to the list */
- nssrv = nssList_AddUnique(ce->entry.list, cert);
-#ifdef DEBUG_CACHE
- log_cert_ref("added to existing subject list", cert);
-#endif
- } else {
- /* Create a new subject list for the subject */
- list = nssList_Create(arena, PR_FALSE);
- if (!list) {
- return PR_FAILURE;
- }
- ce = new_cache_entry(arena, (void *)list);
- if (!ce) {
- return PR_FAILURE;
- }
- nssList_SetSortFunction(list, subject_list_sort);
- /* Add the cert entry to this list of subjects */
- nssrv = nssList_AddUnique(list, cert);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
- /* Add the subject list to the cache */
- nssrv = nssHash_Add(cache->subject, &cert->subject, ce);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
- *subjectList = list;
-#ifdef DEBUG_CACHE
- log_cert_ref("created subject list", cert);
-#endif
- }
- return nssrv;
-}
-
-static PRStatus
-add_nickname_entry
-(
- NSSArena *arena,
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- nssList *subjectList
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- cache_entry *ce;
- ce = (cache_entry *)nssHash_Lookup(cache->nickname, cert->nickname);
- if (ce) {
- /* This is a collision. A nickname entry already exists for this
- * subject, but a subject entry didn't. This would imply there are
- * two subjects using the same nickname, which is not allowed.
- */
- return PR_FAILURE;
- } else {
- ce = new_cache_entry(arena, subjectList);
- if (!ce) {
- return PR_FAILURE;
- }
- nssrv = nssHash_Add(cache->nickname, cert->nickname, ce);
-#ifdef DEBUG_CACHE
- log_cert_ref("created nickname for", cert);
-#endif
- }
- return nssrv;
-}
-
-static PRStatus
-add_email_entry
-(
- NSSArena *arena,
- nssTDCertificateCache *cache,
- NSSCertificate *cert,
- nssList *subjectList
-)
-{
- PRStatus nssrv = PR_SUCCESS;
- nssList *subjects;
- cache_entry *ce;
- ce = (cache_entry *)nssHash_Lookup(cache->email, cert->email);
- if (ce) {
- /* Already have an entry for this email address, but not subject */
- subjects = ce->entry.list;
- nssrv = nssList_AddUnique(subjects, subjectList);
- ce->hits++;
- ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
- log_cert_ref("added subject to email for", cert);
-#endif
- } else {
- /* Create a new list of subject lists, add this subject */
- subjects = nssList_Create(arena, PR_TRUE);
- if (!subjects) {
- return PR_FAILURE;
- }
- /* Add the new subject to the list */
- nssrv = nssList_AddUnique(subjects, subjectList);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
- /* Add the new entry to the cache */
- ce = new_cache_entry(arena, (void *)subjects);
- if (!ce) {
- return PR_FAILURE;
- }
- nssrv = nssHash_Add(cache->email, &cert->email, ce);
- if (nssrv != PR_SUCCESS) {
- return nssrv;
- }
-#ifdef DEBUG_CACHE
- log_cert_ref("created email for", cert);
-#endif
- }
- return nssrv;
-}
-
-static PRStatus
-add_cert_to_cache
-(
- NSSTrustDomain *td,
- NSSCertificate *cert
-)
-{
- NSSArena *arena;
- nssList *subjectList;
- PRStatus nssrv;
- PRUint32 added = 0;
- arena = td->cache->arena;
- PZ_Lock(td->cache->lock);
- /* If it exists in the issuer/serial hash, it's already in all */
- if (nssHash_Exists(td->cache->issuerAndSN, cert)) {
-#ifdef DEBUG_CACHE
- log_cert_ref("attempted to add cert already in cache", cert);
-#endif
- PZ_Unlock(td->cache->lock);
- return PR_SUCCESS;
- }
- /* create a new cache entry for this cert */
- nssrv = add_issuer_and_serial_entry(arena, td->cache, cert);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- added++;
- /* create a new subject list for this cert, or add to existing */
- nssrv = add_subject_entry(arena, td->cache, cert, &subjectList);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- added++;
- /* If a new subject entry was created, also need nickname and/or email */
- if (subjectList != NULL) {
- PRBool handle = PR_FALSE;
- if (cert->nickname) {
- nssrv = add_nickname_entry(arena, td->cache, cert, subjectList);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- handle = PR_TRUE;
- added++;
- }
- if (cert->email) {
- nssrv = add_email_entry(arena, td->cache, cert, subjectList);
- if (nssrv != PR_SUCCESS) {
- goto loser;
- }
- handle = PR_TRUE;
- added += 2;
- }
-#ifdef nodef
- /* I think either a nickname or email address must be associated
- * with the cert. However, certs are passed to NewTemp without
- * either. This worked in the old code, so it must work now.
- */
- if (!handle) {
- /* Require either nickname or email handle */
- nssrv = PR_FAILURE;
- goto loser;
- }
-#endif
- }
- PZ_Unlock(td->cache->lock);
- return nssrv;
-loser:
- /* Remove any handles that have been created */
- if (added >= 1) {
- (void)remove_issuer_and_serial_entry(td->cache, cert);
- }
- if (added >= 2) {
- (void)remove_subject_entry(td->cache, cert, &subjectList);
- }
- if (added == 3 || added == 5) {
- (void)remove_nickname_entry(td->cache, cert, subjectList);
- }
- if (added >= 4) {
- (void)remove_email_entry(td->cache, cert, subjectList);
- }
- PZ_Unlock(td->cache->lock);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-nssTrustDomain_AddCertsToCache
-(
- NSSTrustDomain *td,
- NSSCertificate **certs,
- PRUint32 numCerts
-)
-{
- PRUint32 i;
- for (i=0; i<numCerts && certs[i]; i++) {
- if (add_cert_to_cache(td, certs[i]) != PR_SUCCESS) {
- return PR_FAILURE;
- }
- }
- return PR_SUCCESS;
-}
-
-static NSSCertificate **
-collect_subject_certs
-(
- nssList *subjectList,
- nssList *rvCertListOpt
-)
-{
- NSSCertificate *c;
- NSSCertificate **rvArray = NULL;
- PRUint32 count;
- if (rvCertListOpt) {
- nssListIterator *iter = nssList_CreateIterator(subjectList);
- for (c = (NSSCertificate *)nssListIterator_Start(iter);
- c != (NSSCertificate *)NULL;
- c = (NSSCertificate *)nssListIterator_Next(iter)) {
- nssList_Add(rvCertListOpt, c);
- }
- nssListIterator_Finish(iter);
- nssListIterator_Destroy(iter);
- } else {
- count = nssList_Count(subjectList);
- rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count + 1);
- if (!rvArray) {
- return (NSSCertificate **)NULL;
- }
- nssList_GetArray(subjectList, (void **)rvArray, count);
- }
- return rvArray;
-}
-
-/*
- * Find all cached certs with this subject.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_GetCertsForSubjectFromCache
-(
- NSSTrustDomain *td,
- NSSDER *subject,
- nssList *certListOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- cache_entry *ce;
-#ifdef DEBUG_CACHE
- log_item_dump("looking for cert by subject", subject);
-#endif
- PZ_Lock(td->cache->lock);
- ce = (cache_entry *)nssHash_Lookup(td->cache->subject, subject);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
- }
- PZ_Unlock(td->cache->lock);
- if (ce) {
- rvArray = collect_subject_certs(ce->entry.list, certListOpt);
- }
- return rvArray;
-}
-
-/*
- * Find all cached certs with this label.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_GetCertsForNicknameFromCache
-(
- NSSTrustDomain *td,
- NSSUTF8 *nickname,
- nssList *certListOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- cache_entry *ce;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("looking for cert by nick %s", nickname));
-#endif
- PZ_Lock(td->cache->lock);
- ce = (cache_entry *)nssHash_Lookup(td->cache->nickname, nickname);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
- }
- PZ_Unlock(td->cache->lock);
- if (ce) {
- rvArray = collect_subject_certs(ce->entry.list, certListOpt);
- }
- return rvArray;
-}
-
-/*
- * Find all cached certs with this email address.
- */
-NSS_IMPLEMENT NSSCertificate **
-nssTrustDomain_GetCertsForEmailAddressFromCache
-(
- NSSTrustDomain *td,
- NSSASCII7 *email,
- nssList *certListOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- cache_entry *ce;
- nssList *collectList;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("looking for cert by email %s", email));
-#endif
- PZ_Lock(td->cache->lock);
- ce = (cache_entry *)nssHash_Lookup(td->cache->email, email);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
- }
- PZ_Unlock(td->cache->lock);
- if (ce) {
- nssListIterator *iter;
- nssList *subjectList;
- if (certListOpt) {
- collectList = certListOpt;
- } else {
- collectList = nssList_Create(NULL, PR_FALSE);
- }
- iter = nssList_CreateIterator(ce->entry.list);
- for (subjectList = (nssList *)nssListIterator_Start(iter);
- subjectList != (nssList *)NULL;
- subjectList = (nssList *)nssListIterator_Next(iter)) {
- (void)collect_subject_certs(subjectList, collectList);
- }
- nssListIterator_Finish(iter);
- nssListIterator_Destroy(iter);
- }
- if (!certListOpt) {
- PRUint32 count = nssList_Count(collectList);
- rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
- if (rvArray) {
- nssList_GetArray(collectList, (void **)rvArray, count);
- }
- nssList_Destroy(collectList);
- }
- return rvArray;
-}
-
-/*
- * Look for a specific cert in the cache
- */
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_GetCertForIssuerAndSNFromCache
-(
- NSSTrustDomain *td,
- NSSDER *issuer,
- NSSDER *serial
-)
-{
- NSSCertificate certkey;
- NSSCertificate *rvCert = NULL;
- cache_entry *ce;
- certkey.issuer.data = issuer->data;
- certkey.issuer.size = issuer->size;
- certkey.serial.data = serial->data;
- certkey.serial.size = serial->size;
-#ifdef DEBUG_CACHE
- log_item_dump("looking for cert by issuer/sn, issuer", issuer);
- log_item_dump(" serial", serial);
-#endif
- PZ_Lock(td->cache->lock);
- ce = (cache_entry *)nssHash_Lookup(td->cache->issuerAndSN, &certkey);
- if (ce) {
- ce->hits++;
- ce->lastHit = PR_Now();
- rvCert = ce->entry.cert;
-#ifdef DEBUG_CACHE
- PR_LOG(s_log, PR_LOG_DEBUG, ("... found, %d hits", ce->hits));
-#endif
- }
- PZ_Unlock(td->cache->lock);
- return rvCert;
-}
-
-#ifdef NSS_3_4_CODE
-static PRStatus
-issuer_and_serial_from_encoding
-(
- NSSBER *encoding,
- NSSDER *issuer,
- NSSDER *serial
-)
-{
- SECItem derCert, derIssuer, derSerial;
- SECStatus secrv;
- derCert.data = (unsigned char *)encoding->data;
- derCert.len = encoding->size;
- secrv = CERT_IssuerNameFromDERCert(&derCert, &derIssuer);
- if (secrv != SECSuccess) {
- return PR_FAILURE;
- }
- secrv = CERT_SerialNumberFromDERCert(&derCert, &derSerial);
- if (secrv != SECSuccess) {
- return PR_FAILURE;
- }
- issuer->data = derIssuer.data;
- issuer->size = derIssuer.len;
- serial->data = derSerial.data;
- serial->size = derSerial.len;
- return PR_SUCCESS;
-}
-#endif
-
-/*
- * Look for a specific cert in the cache
- */
-NSS_IMPLEMENT NSSCertificate *
-nssTrustDomain_GetCertByDERFromCache
-(
- NSSTrustDomain *td,
- NSSDER *der
-)
-{
- PRStatus nssrv = PR_FAILURE;
- NSSDER issuer, serial;
- NSSCertificate *rvCert;
-#ifdef NSS_3_4_CODE
- nssrv = issuer_and_serial_from_encoding(der, &issuer, &serial);
-#endif
- if (nssrv != PR_SUCCESS) {
- return NULL;
- }
-#ifdef DEBUG_CACHE
- log_item_dump("looking for cert by DER", der);
-#endif
- rvCert = nssTrustDomain_GetCertForIssuerAndSNFromCache(td,
- &issuer, &serial);
-#ifdef NSS_3_4_CODE
- PORT_Free(issuer.data);
- PORT_Free(serial.data);
-#endif
- return rvCert;
-}
-
-static void cert_iter(const void *k, void *v, void *a)
-{
- nssList *certList = (nssList *)a;
- NSSCertificate *c = (NSSCertificate *)v;
- nssList_Add(certList, c);
-}
-
-NSS_EXTERN NSSCertificate **
-nssTrustDomain_GetCertsFromCache
-(
- NSSTrustDomain *td,
- nssList *certListOpt
-)
-{
- NSSCertificate **rvArray = NULL;
- nssList *certList;
- if (certListOpt) {
- certList = certListOpt;
- } else {
- certList = nssList_Create(NULL, PR_FALSE);
- }
- PZ_Lock(td->cache->lock);
- nssHash_Iterate(td->cache->issuerAndSN, cert_iter, (void *)certList);
- PZ_Unlock(td->cache->lock);
- if (!certListOpt) {
- PRUint32 count = nssList_Count(certList);
- rvArray = nss_ZNEWARRAY(NULL, NSSCertificate *, count);
- nssList_GetArray(certList, (void **)rvArray, count);
- nssList_Destroy(certList);
- }
- return rvArray;
-}
-
diff --git a/security/nss/lib/pki/trustdomain.c b/security/nss/lib/pki/trustdomain.c
deleted file mode 100644
index 3b6cd1c47..000000000
--- a/security/nss/lib/pki/trustdomain.c
+++ /dev/null
@@ -1,1012 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef NSSPKI_H
-#include "nsspki.h"
-#endif /* NSSPKI_H */
-
-#ifndef PKI_H
-#include "pki.h"
-#endif /* PKI_H */
-
-#ifndef PKIM_H
-#include "pkim.h"
-#endif /* PKIM_H */
-
-#ifndef DEV_H
-#include "dev.h"
-#endif /* DEV_H */
-
-#ifndef CKHELPER_H
-#include "ckhelper.h"
-#endif /* CKHELPER_H */
-
-extern const NSSError NSS_ERROR_NOT_FOUND;
-
-#define NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE 32
-
-NSS_EXTERN PRStatus
-nssTrustDomain_InitializeCache
-(
- NSSTrustDomain *td,
- PRUint32 cacheSize
-);
-
-NSS_IMPLEMENT NSSTrustDomain *
-NSSTrustDomain_Create
-(
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-)
-{
- NSSArena *arena;
- NSSTrustDomain *rvTD;
- arena = NSSArena_Create();
- if(!arena) {
- return (NSSTrustDomain *)NULL;
- }
- rvTD = nss_ZNEW(arena, NSSTrustDomain);
- if (!rvTD) {
- goto loser;
- }
- rvTD->arena = arena;
- rvTD->refCount = 1;
- nssTrustDomain_InitializeCache(rvTD, NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE);
- return rvTD;
-loser:
- nssArena_Destroy(arena);
- return (NSSTrustDomain *)NULL;
-}
-
-static void
-token_destructor(void *t)
-{
- NSSToken *tok = (NSSToken *)t;
-#ifdef NSS_3_4_CODE
- /* in 3.4, also destroy the slot (managed separately) */
- (void)nssSlot_Destroy(tok->slot);
-#endif
- (void)nssToken_Destroy(tok);
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_Destroy
-(
- NSSTrustDomain *td
-)
-{
- if (--td->refCount == 0) {
- /* Destroy each token in the list of tokens */
- if (td->tokens) {
- nssList_Clear(td->tokenList, token_destructor);
- nssList_Destroy(td->tokenList);
- }
- nssTrustDomain_DestroyCache(td);
- /* Destroy the trust domain */
- nssArena_Destroy(td->arena);
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_SetDefaultCallback
-(
- NSSTrustDomain *td,
- NSSCallback *newCallback,
- NSSCallback **oldCallbackOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSCallback *
-NSSTrustDomain_GetDefaultCallback
-(
- NSSTrustDomain *td,
- PRStatus *statusOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_LoadModule
-(
- NSSTrustDomain *td,
- NSSUTF8 *moduleOpt,
- NSSUTF8 *uriOpt,
- NSSUTF8 *opaqueOpt,
- void *reserved
-)
-{
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_DisableToken
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSError why
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_EnableToken
-(
- NSSTrustDomain *td,
- NSSToken *token
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_IsTokenEnabled
-(
- NSSTrustDomain *td,
- NSSToken *token,
- NSSError *whyOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSlot *
-NSSTrustDomain_FindSlotByName
-(
- NSSTrustDomain *td,
- NSSUTF8 *slotName
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindTokenByName
-(
- NSSTrustDomain *td,
- NSSUTF8 *tokenName
-)
-{
- PRStatus nssrv;
- NSSUTF8 *myName;
- NSSToken *tok = NULL;
- for (tok = (NSSToken *)nssListIterator_Start(td->tokens);
- tok != (NSSToken *)NULL;
- tok = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- myName = nssToken_GetName(tok);
- if (nssUTF8_Equal(tokenName, myName, &nssrv)) break;
- }
- nssListIterator_Finish(td->tokens);
- return tok;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindTokenBySlotName
-(
- NSSTrustDomain *td,
- NSSUTF8 *slotName
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindTokenForAlgorithm
-(
- NSSTrustDomain *td,
- NSSOID *algorithm
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSToken *
-NSSTrustDomain_FindBestTokenForAlgorithms
-(
- NSSTrustDomain *td,
- NSSOID *algorithms[], /* may be null-terminated */
- PRUint32 nAlgorithmsOpt /* limits the array if nonzero */
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_Login
-(
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_Logout
-(
- NSSTrustDomain *td
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportCertificate
-(
- NSSTrustDomain *td,
- NSSCertificate *c
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportPKIXCertificate
-(
- NSSTrustDomain *td,
- /* declared as a struct until these "data types" are defined */
- struct NSSPKIXCertificateStr *pc
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_ImportEncodedCertificate
-(
- NSSTrustDomain *td,
- NSSBER *ber
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_ImportEncodedCertificateChain
-(
- NSSTrustDomain *td,
- NSSBER *ber,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPrivateKey *
-NSSTrustDomain_ImportEncodedPrivateKey
-(
- NSSTrustDomain *td,
- NSSBER *ber,
- NSSItem *passwordOpt, /* NULL will cause a callback */
- NSSCallback *uhhOpt,
- NSSToken *destination
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSPublicKey *
-NSSTrustDomain_ImportEncodedPublicKey
-(
- NSSTrustDomain *td,
- NSSBER *ber
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-struct get_best_cert_arg_str {
- NSSCertificate *cert;
- NSSTime *time;
- NSSUsage *usage;
- NSSPolicies *policies;
-};
-
-static PRStatus
-get_best_cert(NSSCertificate *c, void *arg)
-{
- struct get_best_cert_arg_str *best = (struct get_best_cert_arg_str *)arg;
- nssDecodedCert *dc, *bestdc;
- dc = nssCertificate_GetDecoding(c);
- if (!best->cert) {
- /* usage */
- if (best->usage->anyUsage || dc->matchUsage(dc, best->usage)) {
- best->cert = c;
- }
- return PR_SUCCESS;
- }
- bestdc = nssCertificate_GetDecoding(best->cert);
- /* time */
- if (bestdc->isValidAtTime(bestdc, best->time)) {
- /* The current best cert is valid at time */
- if (!dc->isValidAtTime(dc, best->time)) {
- /* If the new cert isn't valid at time, it's not better */
- return PR_SUCCESS;
- }
- } else {
- /* The current best cert is not valid at time */
- if (dc->isValidAtTime(dc, best->time)) {
- /* If the new cert is valid at time, it's better */
- best->cert = c;
- return PR_SUCCESS;
- }
- }
- /* either they are both valid at time, or neither valid; take the newer */
- /* XXX later -- defer to policies */
- if (!bestdc->isNewerThan(bestdc, dc)) {
- best->cert = c;
- }
- /* policies */
- return PR_SUCCESS;
-}
-
-struct collect_arg_str {
- nssList *list;
- PRUint32 maximum;
-};
-
-extern const NSSError NSS_ERROR_MAXIMUM_FOUND;
-
-static PRStatus
-collect_certs(NSSCertificate *c, void *arg)
-{
- struct collect_arg_str *ca = (struct collect_arg_str *)arg;
- /* Add the cert to the return list */
- nssList_AddUnique(ca->list, (void *)c);
- if (ca->maximum > 0 && nssList_Count(ca->list) >= ca->maximum) {
- /* signal the end of collection) */
- nss_SetError(NSS_ERROR_MAXIMUM_FOUND);
- return PR_FAILURE;
- }
- return PR_SUCCESS;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNickname
-(
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSTime *timeOpt, /* NULL for "now" */
- NSSUsage *usage,
- NSSPolicies *policiesOpt /* NULL for none */
-)
-{
- PRStatus nssrv;
- NSSToken *token;
- nssTokenCertSearch search;
- struct get_best_cert_arg_str best;
- nssList *nameList;
- /* set the criteria for determining the best cert */
- best.cert = NULL;
- best.time = (timeOpt) ? timeOpt : NSSTime_Now(NULL);
- best.usage = usage;
- best.policies = policiesOpt;
- /* find all matching certs in the cache */
- nameList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForNicknameFromCache(td, name, nameList);
- /* set the search criteria */
- search.callback = get_best_cert;
- search.cbarg = &best;
- search.cached = nameList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- /* traverse the tokens */
- for (token = (NSSToken *)nssListIterator_Start(td->tokens);
- token != (NSSToken *)NULL;
- token = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- nssrv = nssToken_TraverseCertificatesByNickname(token, NULL,
- name, &search);
- }
- nssListIterator_Finish(td->tokens);
- nssList_Destroy(nameList);
- if (best.cert) {
- nssTrustDomain_AddCertsToCache(td, &best.cert, 1);
- }
- return best.cert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByNickname
-(
- NSSTrustDomain *td,
- NSSUTF8 *name,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- NSSCertificate **rvCerts = NULL;
- NSSToken *token;
- PRUint32 count;
- PRStatus nssrv;
- nssList *nameList;
- struct collect_arg_str ca;
- nssTokenCertSearch search;
- /* set up the collection */
- nameList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForNicknameFromCache(td, name, nameList);
- ca.list = nameList;
- ca.maximum = maximumOpt;
- /* set the search criteria */
- search.callback = collect_certs;
- search.cbarg = &ca;
- search.cached = nameList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- /* traverse the tokens */
- for (token = (NSSToken *)nssListIterator_Start(td->tokens);
- token != (NSSToken *)NULL;
- token = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- nssrv = nssToken_TraverseCertificatesByNickname(token, NULL,
- name, &search);
- }
- nssListIterator_Finish(td->tokens);
- count = nssList_Count(nameList);
- if (maximumOpt > 0 && count > maximumOpt) count = maximumOpt;
- if (count > 0) {
- if (rvOpt) {
- nssList_GetArray(nameList, (void **)rvOpt, count);
- rvOpt[count] = NULL;
- } else {
- rvCerts = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, count + 1);
- nssList_GetArray(nameList, (void **)rvCerts, count);
- }
- nssTrustDomain_AddCertsToCache(td, rvCerts, count);
- }
- nssList_Destroy(nameList);
- return rvCerts;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
-(
- NSSTrustDomain *td,
- NSSDER *issuer,
- NSSDER *serialNumber
-)
-{
- NSSCertificate *rvCert = NULL;
- NSSToken *tok;
- /* Try the cache */
- rvCert = nssTrustDomain_GetCertForIssuerAndSNFromCache(td,
- issuer,
- serialNumber);
- if (rvCert) {
- return rvCert;
- }
- /* Not cached, look for it on tokens */
- for (tok = (NSSToken *)nssListIterator_Start(td->tokens);
- tok != (NSSToken *)NULL;
- tok = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- rvCert = nssToken_FindCertificateByIssuerAndSerialNumber(tok,
- NULL,
- issuer,
- serialNumber);
- if (rvCert) {
- /* cache it */
- nssTrustDomain_AddCertsToCache(td, &rvCert, 1);
- break;
- }
- }
- nssListIterator_Finish(td->tokens);
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateBySubject
-(
- NSSTrustDomain *td,
- NSSDER *subject,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- PRStatus nssrv;
- NSSToken *token;
- nssList *subjectList;
- struct get_best_cert_arg_str best;
- nssTokenCertSearch search;
- /* set the criteria for determining the best cert */
- best.cert = NULL;
- best.time = (timeOpt) ? timeOpt : NSSTime_Now(NULL);
- best.usage = usage;
- best.policies = policiesOpt;
- /* find all matching certs in the cache */
- subjectList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForSubjectFromCache(td, subject, subjectList);
- /* set the search criteria */
- search.callback = get_best_cert;
- search.cbarg = &best;
- search.cached = subjectList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- /* traverse the tokens */
- for (token = (NSSToken *)nssListIterator_Start(td->tokens);
- token != (NSSToken *)NULL;
- token = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- nssrv = nssToken_TraverseCertificatesBySubject(token, NULL,
- subject, &search);
- }
- nssListIterator_Finish(td->tokens);
- nssList_Destroy(subjectList);
- if (best.cert) {
- nssTrustDomain_AddCertsToCache(td, &best.cert, 1);
- }
- return best.cert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesBySubject
-(
- NSSTrustDomain *td,
- NSSDER *subject,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- PRStatus nssrv;
- NSSCertificate **rvCerts = NULL;
- NSSToken *token;
- PRUint32 count;
- nssList *subjectList;
- struct collect_arg_str ca;
- nssTokenCertSearch search;
- /* set up the collection */
- subjectList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForSubjectFromCache(td, subject, subjectList);
- ca.list = subjectList;
- ca.maximum = maximumOpt;
- /* set the search criteria */
- search.callback = collect_certs;
- search.cbarg = &ca;
- search.cached = subjectList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- /* traverse the tokens */
- for (token = (NSSToken *)nssListIterator_Start(td->tokens);
- token != (NSSToken *)NULL;
- token = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- nssrv = nssToken_TraverseCertificatesBySubject(token, NULL,
- subject, &search);
- }
- nssListIterator_Finish(td->tokens);
- count = nssList_Count(subjectList);
- if (maximumOpt > 0 && count > maximumOpt) count = maximumOpt;
- if (count > 0) {
- if (rvOpt) {
- nssList_GetArray(subjectList, (void **)rvOpt, count);
- rvOpt[count] = NULL;
- } else {
- rvCerts = nss_ZNEWARRAY(arenaOpt, NSSCertificate *, count + 1);
- nssList_GetArray(subjectList, (void **)rvCerts, count);
- }
- nssTrustDomain_AddCertsToCache(td, rvCerts, count);
- }
- nssList_Destroy(subjectList);
- return rvCerts;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestCertificateByNameComponents
-(
- NSSTrustDomain *td,
- NSSUTF8 *nameComponents,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByNameComponents
-(
- NSSTrustDomain *td,
- NSSUTF8 *nameComponents,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByEncodedCertificate
-(
- NSSTrustDomain *td,
- NSSBER *encodedCertificate
-)
-{
- NSSCertificate *rvCert = NULL;
- NSSToken *tok;
- /* Try the cache */
- rvCert = nssTrustDomain_GetCertByDERFromCache(td, encodedCertificate);
- if (rvCert) {
- return rvCert;
- }
- /* Not cached, look for it on tokens */
- for (tok = (NSSToken *)nssListIterator_Start(td->tokens);
- tok != (NSSToken *)NULL;
- tok = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- rvCert = nssToken_FindCertificateByEncodedCertificate(tok, NULL,
- encodedCertificate);
- if (rvCert) {
- /* cache it */
- nssTrustDomain_AddCertsToCache(td, &rvCert, 1);
- break;
- }
- }
- nssListIterator_Finish(td->tokens);
- return rvCert;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByEmail
-(
- NSSTrustDomain *td,
- NSSASCII7 *email,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- PRStatus nssrv;
- NSSToken *token;
- struct get_best_cert_arg_str best;
- nssTokenCertSearch search;
- nssList *emailList;
- /* set the criteria for determining the best cert */
- best.cert = NULL;
- best.time = (timeOpt) ? timeOpt : NSSTime_Now(NULL);
- best.usage = usage;
- best.policies = policiesOpt;
- /* find all matching certs in the cache */
- emailList = nssList_Create(NULL, PR_FALSE);
- (void)nssTrustDomain_GetCertsForEmailAddressFromCache(td, email, emailList);
- /* set the search criteria */
- search.callback = get_best_cert;
- search.cbarg = &best;
- search.cached = emailList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- /* traverse the tokens */
- for (token = (NSSToken *)nssListIterator_Start(td->tokens);
- token != (NSSToken *)NULL;
- token = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- nssrv = nssToken_TraverseCertificatesByEmail(token, NULL,
- email, &search);
- }
- nssListIterator_Finish(td->tokens);
- nssList_Destroy(emailList);
- if (best.cert) {
- nssTrustDomain_AddCertsToCache(td, &best.cert, 1);
- }
- return best.cert;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindCertificatesByEmail
-(
- NSSTrustDomain *td,
- NSSASCII7 *email,
- NSSCertificate *rvOpt[],
- PRUint32 maximumOpt, /* 0 for no max */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindCertificateByOCSPHash
-(
- NSSTrustDomain *td,
- NSSItem *hash
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificate
-(
- NSSTrustDomain *td,
- NSSTime *timeOpt,
- NSSUsage *usage,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificates
-(
- NSSTrustDomain *td,
- NSSTime *timeOpt,
- NSSUsage *usageOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
-(
- NSSTrustDomain *td,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForSSLClientAuth
-(
- NSSTrustDomain *td,
- NSSUTF8 *sslHostOpt,
- NSSDER *rootCAsOpt[], /* null pointer for none */
- PRUint32 rootCAsMaxOpt, /* zero means list is null-terminated */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate *
-NSSTrustDomain_FindBestUserCertificateForEmailSigning
-(
- NSSTrustDomain *td,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCertificate **
-NSSTrustDomain_FindUserCertificatesForEmailSigning
-(
- NSSTrustDomain *td,
- NSSASCII7 *signerOpt,
- NSSASCII7 *recipientOpt,
- /* anything more here? */
- NSSAlgorithmAndParameters *apOpt,
- NSSPolicies *policiesOpt,
- NSSCertificate **rvOpt,
- PRUint32 rvLimit, /* zero for no limit */
- NSSArena *arenaOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus *
-NSSTrustDomain_TraverseCertificates
-(
- NSSTrustDomain *td,
- PRStatus (*callback)(NSSCertificate *c, void *arg),
- void *arg
-)
-{
- PRStatus nssrv;
- NSSToken *token;
- nssList *certList;
- nssTokenCertSearch search;
- certList = nssList_Create(NULL, PR_FALSE);
- (void *)nssTrustDomain_GetCertsFromCache(td, certList);
- /* set the search criteria */
- search.callback = callback;
- search.cbarg = arg;
- search.cached = certList;
- search.trustDomain = td;
- search.cryptoContext = NULL;
- /* traverse the tokens */
- for (token = (NSSToken *)nssListIterator_Start(td->tokens);
- token != (NSSToken *)NULL;
- token = (NSSToken *)nssListIterator_Next(td->tokens))
- {
- nssrv = nssToken_TraverseCertificates(token, NULL, &search);
- }
- nssListIterator_Finish(td->tokens);
- nssList_Destroy(certList);
- return NULL;
-}
-
-NSS_IMPLEMENT PRStatus
-NSSTrustDomain_GenerateKeyPair
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- NSSPrivateKey **pvkOpt,
- NSSPublicKey **pbkOpt,
- PRBool privateKeyIsSensitive,
- NSSToken *destination,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return PR_FAILURE;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKey
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- PRUint32 keysize,
- NSSToken *destination,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_GenerateSymmetricKeyFromPassword
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap,
- NSSUTF8 *passwordOpt, /* if null, prompt */
- NSSToken *destinationOpt,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSSymmetricKey *
-NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
-(
- NSSTrustDomain *td,
- NSSOID *algorithm,
- NSSItem *keyID,
- NSSCallback *uhhOpt
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContext
-(
- NSSTrustDomain *td,
- NSSCallback *uhhOpt
-)
-{
- NSSArena *arena;
- NSSCryptoContext *rvCC;
- arena = NSSArena_Create();
- if (!arena) {
- return NULL;
- }
- rvCC = nss_ZNEW(arena, NSSCryptoContext);
- if (!rvCC) {
- return NULL;
- }
- rvCC->td = td;
- rvCC->arena = arena;
- return rvCC;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithm
-(
- NSSTrustDomain *td,
- NSSOID *algorithm
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
-NSS_IMPLEMENT NSSCryptoContext *
-NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
-(
- NSSTrustDomain *td,
- NSSAlgorithmAndParameters *ap
-)
-{
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return NULL;
-}
-
diff --git a/security/nss/lib/pki1/.cvsignore b/security/nss/lib/pki1/.cvsignore
deleted file mode 100644
index 12bfbfc7c..000000000
--- a/security/nss/lib/pki1/.cvsignore
+++ /dev/null
@@ -1,3 +0,0 @@
-oiddata.c
-oiddata.h
-
diff --git a/security/nss/lib/pki1/Makefile b/security/nss/lib/pki1/Makefile
deleted file mode 100644
index 3207c6bbf..000000000
--- a/security/nss/lib/pki1/Makefile
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MAKEFILE_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-include manifest.mn
-include $(CORE_DEPTH)/coreconf/config.mk
-include config.mk
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-# Generate oiddata.h and oiddata.c.
-$(OBJDIR)/oiddata.c $(OBJDIR)/oiddata.h: oidgen.perl oids.txt
- @$(MAKE_OBJDIR)
- rm -f $(OBJDIR)/oiddata.c $(OBJDIR)/oiddata.h
- perl oidgen.perl $(OBJDIR)/oiddata.c $(OBJDIR)/oiddata.h oids.txt
-
-export:: private_export
-
diff --git a/security/nss/lib/pki1/atav.c b/security/nss/lib/pki1/atav.c
deleted file mode 100644
index 5d87efaf6..000000000
--- a/security/nss/lib/pki1/atav.c
+++ /dev/null
@@ -1,1821 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * atav.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * AttributeTypeAndValue.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * AttributeTypeAndValue
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type ATTRIBUTE.&id ({SupportedAttributes}),
- * value ATTRIBUTE.&Type ({SupportedAttributes}{@type})}
- *
- * -- ATTRIBUTE information object class specification
- * -- Note: This has been greatly simplified for PKIX !!
- *
- * ATTRIBUTE ::= CLASS {
- * &Type,
- * &id OBJECT IDENTIFIER UNIQUE }
- * WITH SYNTAX {
- * WITH SYNTAX &Type ID &id }
- *
- * What this means is that the "type" of the value is determined by
- * the value of the oid. If we hide the structure, our accessors
- * can (at least in debug builds) assert value semantics beyond what
- * the compiler can provide. Since these things are only used in
- * RelativeDistinguishedNames, and since RDNs always contain a SET
- * of these things, we don't lose anything by hiding the structure
- * (and its size).
- */
-
-struct NSSATAVStr {
- NSSBER ber;
- const NSSOID *oid;
- NSSUTF8 *value;
- nssStringType stringForm;
-};
-
-/*
- * NSSATAV
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSATAV_CreateFromBER -- constructor
- * NSSATAV_CreateFromUTF8 -- constructor
- * NSSATAV_Create -- constructor
- *
- * NSSATAV_Destroy
- * NSSATAV_GetDEREncoding
- * NSSATAV_GetUTF8Encoding
- * NSSATAV_GetType
- * NSSATAV_GetValue
- * NSSATAV_Compare
- * NSSATAV_Duplicate
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssATAV_CreateFromBER -- constructor
- * nssATAV_CreateFromUTF8 -- constructor
- * nssATAV_Create -- constructor
- *
- * nssATAV_Destroy
- * nssATAV_GetDEREncoding
- * nssATAV_GetUTF8Encoding
- * nssATAV_GetType
- * nssATAV_GetValue
- * nssATAV_Compare
- * nssATAV_Duplicate
- *
- * In debug builds, the following non-public call is also available:
- *
- * nssATAV_verifyPointer
- */
-
-/*
- * NSSATAV_CreateFromBER
- *
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berATAV
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- /*
- * NSSBERs can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSBER *)NULL == berATAV ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSATAV *)NULL;
- }
-
- if( (void *)NULL == berATAV->data ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSATAV *)NULL;
- }
-#endif /* DEBUG */
-
- return nssATAV_CreateFromBER(arenaOpt, berATAV);
-}
-
-/*
- * NSSATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US." If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringATAV
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- /*
- * NSSUTF8s can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSUTF8 *)NULL == stringATAV ) {
- nss_SetError(NSS_ERROR_INVALID_UTF8);
- return (NSSATAV *)NULL;
- }
-#endif /* DEBUG */
-
- return nssATAV_CreateFromUTF8(arenaOpt, stringATAV);
-}
-
-/*
- * NSSATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero,
- * the data is assumed to be terminated by first zero byte; this allows
- * UTF8 strings to be easily specified. This routine may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_Create
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- const void *data,
- PRUint32 length
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSATAV *)NULL;
- }
-
- if( (const void *)NULL == data ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSATAV *)NULL;
- }
-#endif /* DEBUG */
-
- return nssATAV_Create(arenaOpt, oid, data, length);
-}
-
-/*
- * NSSATAV_Destroy
- *
- * This routine will destroy an ATAV object. It should eventually be
- * called on all ATAVs created without an arena. While it is not
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-NSSATAV_Destroy
-(
- NSSATAV *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssATAV_Destroy(atav);
-}
-
-/*
- * NSSATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSATAV
- */
-
-NSS_IMPLEMENT NSSDER *
-NSSATAV_GetDEREncoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssATAV_GetDEREncoding(atav, arenaOpt);
-}
-
-/*
- * NSSATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the "equals" encoding of the
- * ATAV
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSATAV_GetUTF8Encoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssATAV_GetUTF8Encoding(atav, arenaOpt);
-}
-
-/*
- * NSSATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV. This routine may return NSS_OID_UNKNOWN
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An element of enum NSSOIDenum upon success
- */
-
-NSS_IMPLEMENT const NSSOID *
-NSSATAV_GetType
-(
- NSSATAV *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSOID *)NULL;
- }
-#endif /* DEBUG */
-
- return nssATAV_GetType(atav);
-}
-
-/*
- * NSSATAV_GetValue
- *
- * This routine returns a string containing the attribute value
- * in the specified ATAV. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSATAV_GetValue
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssATAV_GetValue(atav, arenaOpt);
-}
-
-/*
- * NSSATAV_Compare
- *
- * This routine compares two ATAVs for equality. For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute
- * values must have equal length and contents. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_IMPLEMENT PRStatus
-NSSATAV_Compare
-(
- NSSATAV *atav1,
- NSSATAV *atav2,
- PRBool *equalp
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav1) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssATAV_verifyPointer(atav2) ) {
- return PR_FAILURE;
- }
-
- if( (PRBool *)NULL == equalp ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssATAV_Compare(atav1, atav2, equalp);
-}
-
-/*
- * NSSATAV_Duplicate
- *
- * This routine duplicates the specified ATAV. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new ATAV
- */
-
-NSS_IMPLEMENT NSSATAV *
-NSSATAV_Duplicate
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSATAV *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssATAV_Duplicate(atav, arenaOpt);
-}
-
-/*
- * The pointer-tracking code
- */
-
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker atav_pointer_tracker;
-
-static PRStatus
-atav_add_pointer
-(
- const NSSATAV *atav
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&atav_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&atav_pointer_tracker, atav);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-atav_remove_pointer
-(
- const NSSATAV *atav
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&atav_pointer_tracker, atav);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssATAV_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSATAV object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILRUE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssATAV_verifyPointer
-(
- NSSATAV *atav
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&atav_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&atav_pointer_tracker, atav);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_ATAV);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-typedef struct {
- NSSBER oid;
- NSSBER value;
-} atav_holder;
-
-static const nssASN1Template nss_atav_template[] = {
- { nssASN1_SEQUENCE, 0, NULL, sizeof(atav_holder) },
- { nssASN1_OBJECT_ID, nsslibc_offsetof(atav_holder, oid), NULL, 0 },
- { nssASN1_ANY, nsslibc_offsetof(atav_holder, value), NULL, 0 },
- { 0, 0, NULL, 0 }
-};
-
-/*
- * There are several common attributes, with well-known type aliases
- * and value semantics. This table lists the ones we recognize.
- */
-
-struct nss_attribute_data_str {
- const NSSOID **oid;
- nssStringType stringType;
- PRUint32 minStringLength;
- PRUint32 maxStringLength; /* zero for no limit */
-};
-
-static const struct nss_attribute_data_str nss_attribute_data[] = {
- { &NSS_OID_X520_NAME,
- nssStringType_DirectoryString, 1, 32768 },
- { &NSS_OID_X520_COMMON_NAME,
- nssStringType_DirectoryString, 1, 64 },
- { &NSS_OID_X520_SURNAME,
- nssStringType_DirectoryString, 1, 40 },
- { &NSS_OID_X520_GIVEN_NAME,
- nssStringType_DirectoryString, 1, 16 },
- { &NSS_OID_X520_INITIALS,
- nssStringType_DirectoryString, 1, 5 },
- { &NSS_OID_X520_GENERATION_QUALIFIER,
- nssStringType_DirectoryString, 1, 3 },
- { &NSS_OID_X520_DN_QUALIFIER,
- nssStringType_PrintableString, 1, 0 },
- { &NSS_OID_X520_COUNTRY_NAME,
- nssStringType_PrintableString, 2, 2 },
- { &NSS_OID_X520_LOCALITY_NAME,
- nssStringType_DirectoryString, 1, 128 },
- { &NSS_OID_X520_STATE_OR_PROVINCE_NAME,
- nssStringType_DirectoryString, 1, 128 },
- { &NSS_OID_X520_ORGANIZATION_NAME,
- nssStringType_DirectoryString, 1, 64 },
- { &NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME,
- nssStringType_DirectoryString, 1,
- /*
- * Note, draft #11 defines both "32" and "64" for this maximum,
- * in two separate places. Until it's settled, "conservative
- * in what you send." We're always liberal in what we accept.
- */
- 32 },
- { &NSS_OID_X520_TITLE,
- nssStringType_DirectoryString, 1, 64 },
- { &NSS_OID_RFC1274_EMAIL,
- nssStringType_PHGString, 1, 128 }
-};
-
-PRUint32 nss_attribute_data_quantity =
- (sizeof(nss_attribute_data)/sizeof(nss_attribute_data[0]));
-
-static nssStringType
-nss_attr_underlying_string_form
-(
- nssStringType type,
- void *data
-)
-{
- if( nssStringType_DirectoryString == type ) {
- PRUint8 tag = *(PRUint8 *)data;
- switch( tag & nssASN1_TAGNUM_MASK ) {
- case 20:
- /*
- * XXX fgmr-- we have to accept Latin-1 for Teletex; (see
- * below) but is T61 a suitable value for "Latin-1"?
- */
- return nssStringType_TeletexString;
- case 19:
- return nssStringType_PrintableString;
- case 28:
- return nssStringType_UniversalString;
- case 30:
- return nssStringType_BMPString;
- case 12:
- return nssStringType_UTF8String;
- default:
- return nssStringType_Unknown;
- }
- }
-
- return type;
-}
-
-
-/*
- * This routine decodes the attribute value, in a type-specific way.
- *
- */
-
-static NSSUTF8 *
-nss_attr_to_utf8
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- NSSItem *item,
- nssStringType *stringForm
-)
-{
- NSSUTF8 *rv = (NSSUTF8 *)NULL;
- PRUint32 i;
- const struct nss_attribute_data_str *which =
- (struct nss_attribute_data_str *)NULL;
- PRUint32 len = 0;
-
- for( i = 0; i < nss_attribute_data_quantity; i++ ) {
- if( *(nss_attribute_data[ i ].oid) == oid ) {
- which = &nss_attribute_data[i];
- break;
- }
- }
-
- if( (struct nss_attribute_data_str *)NULL == which ) {
- /* Unknown OID. Encode it as hex. */
- PRUint8 *c;
- PRUint8 *d = (PRUint8 *)item->data;
- PRUint32 amt = item->size;
-
- if( item->size >= 0x7FFFFFFF ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSUTF8 *)NULL;
- }
-
- len = 1 + (item->size * 2) + 1; /* '#' + hex + '\0' */
- rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len);
- if( (NSSUTF8 *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- c = (PRUint8 *)rv;
- *c++ = '#'; /* XXX fgmr check this */
- while( amt > 0 ) {
- static char hex[16] = "0123456789ABCDEF";
- *c++ = hex[ ((*d) & 0xf0) >> 4 ];
- *c++ = hex[ ((*d) & 0x0f) ];
- }
-
- /* *c = '\0'; nss_ZAlloc, remember */
-
- *stringForm = nssStringType_Unknown; /* force exact comparison */
- } else {
- PRStatus status;
- rv = nssUTF8_CreateFromBER(arenaOpt, which->stringType,
- (NSSBER *)item);
-
- if( (NSSUTF8 *)NULL == rv ) {
- return (NSSUTF8 *)NULL;
- }
-
- len = nssUTF8_Length(rv, &status);
- if( PR_SUCCESS != status || len == 0 ) {
- nss_ZFreeIf(rv);
- return (NSSUTF8 *)NULL;
- }
-
- *stringForm = nss_attr_underlying_string_form(which->stringType,
- item->data);
- }
-
- return rv;
-}
-
-/*
- * nssATAV_CreateFromBER
- *
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_CreateFromBER
-(
- NSSArena *arenaOpt,
- const NSSBER *berATAV
-)
-{
- atav_holder holder;
- PRStatus status;
- NSSATAV *rv;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- /*
- * NSSBERs can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSBER *)NULL == berATAV ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSATAV *)NULL;
- }
-
- if( (void *)NULL == berATAV->data ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSATAV *)NULL;
- }
-#endif /* NSSDEBUG */
-
- status = nssASN1_DecodeBER(arenaOpt, &holder,
- nss_atav_template, berATAV);
- if( PR_SUCCESS != status ) {
- return (NSSATAV *)NULL;
- }
-
- rv = nss_ZNEW(arenaOpt, NSSATAV);
- if( (NSSATAV *)NULL == rv ) {
- nss_ZFreeIf(holder.oid.data);
- nss_ZFreeIf(holder.value.data);
- return (NSSATAV *)NULL;
- }
-
- rv->oid = nssOID_CreateFromBER(&holder.oid);
- if( (NSSOID *)NULL == rv->oid ) {
- nss_ZFreeIf(rv);
- nss_ZFreeIf(holder.oid.data);
- nss_ZFreeIf(holder.value.data);
- return (NSSATAV *)NULL;
- }
-
- nss_ZFreeIf(holder.oid.data);
-
- rv->ber.data = nss_ZAlloc(arenaOpt, berATAV->size);
- if( (void *)NULL == rv->ber.data ) {
- nss_ZFreeIf(rv);
- nss_ZFreeIf(holder.value.data);
- return (NSSATAV *)NULL;
- }
-
- rv->ber.size = berATAV->size;
- (void)nsslibc_memcpy(rv->ber.data, berATAV->data, berATAV->size);
-
- rv->value = nss_attr_to_utf8(arenaOpt, rv->oid, &holder.value,
- &rv->stringForm);
- if( (NSSUTF8 *)NULL == rv->value ) {
- nss_ZFreeIf(rv->ber.data);
- nss_ZFreeIf(rv);
- nss_ZFreeIf(holder.value.data);
- return (NSSATAV *)NULL;
- }
-
- nss_ZFreeIf(holder.value.data);
-
-#ifdef DEBUG
- if( PR_SUCCESS != atav_add_pointer(rv) ) {
- nss_ZFreeIf(rv->ber.data);
- nss_ZFreeIf(rv->value);
- nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-static PRBool
-nss_atav_utf8_string_is_hex
-(
- const NSSUTF8 *s
-)
-{
- /* All hex digits are ASCII, so this works */
- PRUint8 *p = (PRUint8 *)s;
-
- for( ; (PRUint8)0 != *p; p++ ) {
- if( (('0' <= *p) && (*p <= '9')) ||
- (('A' <= *p) && (*p <= 'F')) ||
- (('a' <= *p) && (*p <= 'f')) ) {
- continue;
- } else {
- return PR_FALSE;
- }
- }
-
- return PR_TRUE;
-}
-
-static NSSUTF8
-nss_atav_fromhex
-(
- NSSUTF8 *d
-)
-{
- NSSUTF8 rv;
-
- if( d[0] <= '9' ) {
- rv = (d[0] - '0') * 16;
- } else if( d[0] >= 'a' ) {
- rv = (d[0] - 'a' + 10) * 16;
- } else {
- rv = (d[0] - 'A' + 10);
- }
-
- if( d[1] <= '9' ) {
- rv += (d[1] - '0');
- } else if( d[1] >= 'a' ) {
- rv += (d[1] - 'a' + 10);
- } else {
- rv += (d[1] - 'A' + 10);
- }
-
- return rv;
-}
-
-/*
- * nssATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US." If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- const NSSUTF8 *stringATAV
-)
-{
- char *c;
- NSSUTF8 *type;
- NSSUTF8 *value;
- PRUint32 i;
- const NSSOID *oid = (NSSOID *)NULL;
- NSSATAV *rv;
- NSSItem xitem;
-
- xitem.data = (void *)NULL;
-
- for( c = (char *)stringATAV; '\0' != *c; c++ ) {
- if( '=' == *c ) {
-#ifdef PEDANTIC
- /*
- * Theoretically, one could have an '=' in an
- * attribute string alias. We don't, yet, though.
- */
- if( (char *)stringATAV == c ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSATAV *)NULL;
- } else {
- if( '\\' == c[-1] ) {
- continue;
- }
- }
-#endif /* PEDANTIC */
- break;
- }
- }
-
- if( '\0' == *c ) {
- nss_SetError(NSS_ERROR_INVALID_UTF8);
- return (NSSATAV *)NULL;
- } else {
- c++;
- value = (NSSUTF8 *)c;
- }
-
- i = ((NSSUTF8 *)c - stringATAV);
- type = (NSSUTF8 *)nss_ZAlloc((NSSArena *)NULL, i);
- if( (NSSUTF8 *)NULL == type ) {
- return (NSSATAV *)NULL;
- }
-
- (void)nsslibc_memcpy(type, stringATAV, i-1);
-
- c = (char *)stringATAV;
- if( (('0' <= *c) && (*c <= '9')) || ('#' == *c) ) {
- oid = nssOID_CreateFromUTF8(type);
- if( (NSSOID *)NULL == oid ) {
- nss_ZFreeIf(type);
- return (NSSATAV *)NULL;
- }
- } else {
- for( i = 0; i < nss_attribute_type_alias_count; i++ ) {
- PRStatus status;
- const nssAttributeTypeAliasTable *e = &nss_attribute_type_aliases[i];
- PRBool match = nssUTF8_CaseIgnoreMatch(type, e->alias, &status);
- if( PR_SUCCESS != status ) {
- nss_ZFreeIf(type);
- return (NSSATAV *)NULL;
- }
- if( PR_TRUE == match ) {
- oid = *(e->oid);
- break;
- }
- }
-
- if( (NSSOID *)NULL == oid ) {
- nss_ZFreeIf(type);
- nss_SetError(NSS_ERROR_UNKNOWN_ATTRIBUTE);
- return (NSSATAV *)NULL;
- }
- }
-
- nss_ZFreeIf(type);
- type = (NSSUTF8 *)NULL;
-
- rv = nss_ZNEW(arenaOpt, NSSATAV);
- if( (NSSATAV *)NULL == rv ) {
- return (NSSATAV *)NULL;
- }
-
- rv->oid = oid;
-
- if( '#' == *value ) { /* XXX fgmr.. was it '#'? or backslash? */
- PRUint32 size;
- PRUint32 len;
- NSSUTF8 *c;
- NSSUTF8 *d;
- PRStatus status;
- /* It's in hex */
-
- value++;
- if( PR_TRUE != nss_atav_utf8_string_is_hex(value) ) {
- (void)nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSATAV *)NULL;
- }
-
- size = nssUTF8_Size(value, &status);
- if( PR_SUCCESS != status ) {
- /*
- * Only returns an error on bad pointer (nope) or string
- * too long. The defined limits for known attributes are
- * small enough to fit in PRUint32, and when undefined we
- * get to apply our own practical limits. Ergo, I say the
- * string is invalid.
- */
- (void)nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSATAV *)NULL;
- }
-
- if( ((size-1) & 1) ) {
- /* odd length */
- (void)nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSATAV *)NULL;
- }
-
- len = (size-1)/2;
-
- rv->value = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len+1);
- if( (NSSUTF8 *)NULL == rv->value ) {
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- xitem.size = len;
- xitem.data = (void *)rv->value;
-
- for( c = rv->value, d = value; len--; c++, d += 2 ) {
- *c = nss_atav_fromhex(d);
- }
-
- *c = 0;
- } else {
- PRStatus status;
- PRUint32 i, len;
- PRUint8 *s;
-
- /*
- * XXX fgmr-- okay, this is a little wasteful, and should
- * probably be abstracted out a bit. Later.
- */
-
- rv->value = nssUTF8_Duplicate(value, arenaOpt);
- if( (NSSUTF8 *)NULL == rv->value ) {
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- len = nssUTF8_Size(rv->value, &status);
- if( PR_SUCCESS != status ) {
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- s = (PRUint8 *)rv->value;
- for( i = 0; i < len; i++ ) {
- if( '\\' == s[i] ) {
- (void)nsslibc_memcpy(&s[i], &s[i+1], len-i-1);
- }
- }
- }
-
- /* Now just BER-encode the baby and we're through.. */
- {
- const struct nss_attribute_data_str *which =
- (struct nss_attribute_data_str *)NULL;
- PRUint32 i;
- NSSArena *a;
- NSSDER *oidder;
- NSSItem *vitem;
- atav_holder ah;
- NSSDER *status;
-
- for( i = 0; i < nss_attribute_data_quantity; i++ ) {
- if( *(nss_attribute_data[ i ].oid) == rv->oid ) {
- which = &nss_attribute_data[i];
- break;
- }
- }
-
- a = NSSArena_Create();
- if( (NSSArena *)NULL == a ) {
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- oidder = nssOID_GetDEREncoding(rv->oid, (NSSDER *)NULL, a);
- if( (NSSDER *)NULL == oidder ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- if( (struct nss_attribute_data_str *)NULL == which ) {
- /*
- * We'll just have to take the user data as an octet stream.
- */
- if( (void *)NULL == xitem.data ) {
- /*
- * This means that an ATTR entry has been added to oids.txt,
- * but no corresponding entry has been added to the array
- * ns_attribute_data[] above.
- */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- vitem = nssASN1_EncodeItem(a, (NSSDER *)NULL, &xitem,
- nssASN1Template_OctetString, NSSASN1DER);
- if( (NSSItem *)NULL == vitem ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- rv->stringForm = nssStringType_Unknown;
- } else {
- PRUint32 length = 0;
- PRStatus stat;
-
- length = nssUTF8_Length(rv->value, &stat);
- if( PR_SUCCESS != stat ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- if( ((0 != which->minStringLength) &&
- (length < which->minStringLength)) ||
- ((0 != which->maxStringLength) &&
- (length > which->maxStringLength)) ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- vitem = nssUTF8_GetDEREncoding(a, which->stringType, rv->value);
- if( (NSSItem *)NULL == vitem ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- if( nssStringType_DirectoryString == which->stringType ) {
- rv->stringForm = nssStringType_UTF8String;
- } else {
- rv->stringForm = which->stringType;
- }
- }
-
- ah.oid = *oidder;
- ah.value = *vitem;
-
- status = nssASN1_EncodeItem(arenaOpt, &rv->ber, &ah,
- nss_atav_template, NSSASN1DER);
-
- if( (NSSDER *)NULL == status ) {
- (void)NSSArena_Destroy(a);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- (void)NSSArena_Destroy(a);
- }
-
- return rv;
-}
-
-/*
- * nssATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero,
- * the data is assumed to be terminated by first zero byte; this allows
- * UTF8 strings to be easily specified. This routine may return NULL
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_Create
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- const void *data,
- PRUint32 length
-)
-{
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSATAV *)NULL;
- }
-
- if( (const void *)NULL == data ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return (NSSATAV *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /* XXX fgmr-- oops, forgot this one */
- return (NSSATAV *)NULL;
-}
-
-/*
- * nssATAV_Destroy
- *
- * This routine will destroy an ATAV object. It should eventually be
- * called on all ATAVs created without an arena. While it is not
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_IMPLEMENT PRStatus
-nssATAV_Destroy
-(
- NSSATAV *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- (void)nss_ZFreeIf(atav->ber.data);
- (void)nss_ZFreeIf(atav->value);
-
-#ifdef DEBUG
- if( PR_SUCCESS != atav_remove_pointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return PR_SUCCESS;
-}
-
-/*
- * nssATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSATAV
- */
-
-NSS_IMPLEMENT NSSDER *
-nssATAV_GetDEREncoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- NSSDER *rv;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSDER *)NULL;
- }
-#endif /* NSSDEBUG */
-
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
-
- rv->data = nss_ZAlloc(arenaOpt, atav->ber.size);
- if( (void *)NULL == rv->data ) {
- (void)nss_ZFreeIf(rv);
- return (NSSDER *)NULL;
- }
-
- rv->size = atav->ber.size;
- if( PR_SUCCESS != nsslibc_memcpy(rv->data, atav->ber.data,
- rv->size) ) {
- (void)nss_ZFreeIf(rv->data);
- (void)nss_ZFreeIf(rv);
- return (NSSDER *)NULL;
- }
-
- return rv;
-}
-
-/*
- * nssATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the "equals" encoding of the
- * ATAV
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssATAV_GetUTF8Encoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- NSSUTF8 *rv;
- PRUint32 i;
- const NSSUTF8 *alias = (NSSUTF8 *)NULL;
- NSSUTF8 *oid;
- NSSUTF8 *value;
- PRUint32 oidlen;
- PRUint32 valuelen;
- PRUint32 totallen;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- for( i = 0; i < nss_attribute_type_alias_count; i++ ) {
- if( *(nss_attribute_type_aliases[i].oid) == atav->oid ) {
- alias = nss_attribute_type_aliases[i].alias;
- break;
- }
- }
-
- if( (NSSUTF8 *)NULL == alias ) {
- oid = nssOID_GetUTF8Encoding(atav->oid, (NSSArena *)NULL);
- if( (NSSUTF8 *)NULL == oid ) {
- return (NSSUTF8 *)NULL;
- }
-
- oidlen = nssUTF8_Size(oid, &status);
- if( PR_SUCCESS != status ) {
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
- } else {
- oidlen = nssUTF8_Size(alias, &status);
- if( PR_SUCCESS != status ) {
- return (NSSUTF8 *)NULL;
- }
- oid = (NSSUTF8 *)NULL;
- }
-
- value = nssATAV_GetValue(atav, (NSSArena *)NULL);
- if( (NSSUTF8 *)NULL == value ) {
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
-
- valuelen = nssUTF8_Size(value, &status);
- if( PR_SUCCESS != status ) {
- (void)nss_ZFreeIf(value);
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
-
- totallen = oidlen + valuelen - 1 + 1;
- rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, totallen);
- if( (NSSUTF8 *)NULL == rv ) {
- (void)nss_ZFreeIf(value);
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSUTF8 *)NULL == alias ) {
- if( (void *)NULL == nsslibc_memcpy(rv, oid, oidlen-1) ) {
- (void)nss_ZFreeIf(rv);
- (void)nss_ZFreeIf(value);
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
- } else {
- if( (void *)NULL == nsslibc_memcpy(rv, alias, oidlen-1) ) {
- (void)nss_ZFreeIf(rv);
- (void)nss_ZFreeIf(value);
- return (NSSUTF8 *)NULL;
- }
- }
-
- rv[ oidlen-1 ] = '=';
-
- if( (void *)NULL == nsslibc_memcpy(&rv[oidlen], value, valuelen) ) {
- (void)nss_ZFreeIf(rv);
- (void)nss_ZFreeIf(value);
- (void)nss_ZFreeIf(oid);
- return (NSSUTF8 *)NULL;
- }
-
- return rv;
-}
-
-/*
- * nssATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV. This routine may return NSS_OID_UNKNOWN
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * A valid NSSOID pointer upon success
- */
-
-NSS_IMPLEMENT const NSSOID *
-nssATAV_GetType
-(
- NSSATAV *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSOID *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return atav->oid;
-}
-
-/*
- * nssATAV_GetValue
- *
- * This routine returns a NSSUTF8 string containing the attribute value
- * in the specified ATAV. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error upon the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssATAV_GetValue
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return nssUTF8_Duplicate(atav->value, arenaOpt);
-}
-
-/*
- * nssATAV_Compare
- *
- * This routine compares two ATAVs for equality. For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute
- * values must have equal length and contents. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have set an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_IMPLEMENT PRStatus
-nssATAV_Compare
-(
- NSSATAV *atav1,
- NSSATAV *atav2,
- PRBool *equalp
-)
-{
- nssStringType comparison;
- PRUint32 len1;
- PRUint32 len2;
- PRStatus status;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav1) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssATAV_verifyPointer(atav2) ) {
- return PR_FAILURE;
- }
-
- if( (PRBool *)NULL == equalp ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- if( atav1->oid != atav2->oid ) {
- *equalp = PR_FALSE;
- return PR_SUCCESS;
- }
-
- if( atav1->stringForm != atav2->stringForm ) {
- if( (nssStringType_PrintableString == atav1->stringForm) ||
- (nssStringType_PrintableString == atav2->stringForm) ) {
- comparison = nssStringType_PrintableString;
- } else if( (nssStringType_PHGString == atav1->stringForm) ||
- (nssStringType_PHGString == atav2->stringForm) ) {
- comparison = nssStringType_PHGString;
- } else {
- comparison = atav1->stringForm;
- }
- } else {
- comparison = atav1->stringForm;
- }
-
- switch( comparison ) {
- case nssStringType_DirectoryString:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- case nssStringType_TeletexString:
- break;
- case nssStringType_PrintableString:
- *equalp = nssUTF8_PrintableMatch(atav1->value, atav2->value, &status);
- return status;
- /* Case-insensitive, with whitespace reduction */
- break;
- case nssStringType_UniversalString:
- break;
- case nssStringType_BMPString:
- break;
- case nssStringType_GeneralString:
- /* what to do here? */
- break;
- case nssStringType_UTF8String:
- break;
- case nssStringType_PHGString:
- /* Case-insensitive (XXX fgmr, actually see draft-11 pg. 21) */
- *equalp = nssUTF8_CaseIgnoreMatch(atav1->value, atav2->value, &status);
- return status;
- case nssStringType_Unknown:
- break;
- }
-
- len1 = nssUTF8_Size(atav1->value, &status);
- if( PR_SUCCESS != status ) {
- return PR_FAILURE;
- }
-
- len2 = nssUTF8_Size(atav2->value, &status);
- if( PR_SUCCESS != status ) {
- return PR_FAILURE;
- }
-
- if( len1 != len2 ) {
- *equalp = PR_FALSE;
- return PR_SUCCESS;
- }
-
- return nsslibc_compare(atav1->value, atav2->value, len1, equalp);
-}
-
-
-/*
- * nssATAV_Duplicate
- *
- * This routine duplicates the specified ATAV. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new ATAV
- */
-
-NSS_IMPLEMENT NSSATAV *
-nssATAV_Duplicate
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-)
-{
- NSSATAV *rv;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssATAV_verifyPointer(atav) ) {
- return (NSSATAV *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSATAV *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- rv = nss_ZNEW(arenaOpt, NSSATAV);
- if( (NSSATAV *)NULL == rv ) {
- return (NSSATAV *)NULL;
- }
-
- rv->oid = atav->oid;
- rv->stringForm = atav->stringForm;
- rv->value = nssUTF8_Duplicate(atav->value, arenaOpt);
- if( (NSSUTF8 *)NULL == rv->value ) {
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- rv->ber.data = nss_ZAlloc(arenaOpt, atav->ber.size);
- if( (void *)NULL == rv->ber.data ) {
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- rv->ber.size = atav->ber.size;
- if( PR_SUCCESS != nsslibc_memcpy(rv->ber.data, atav->ber.data,
- atav->ber.size) ) {
- (void)nss_ZFreeIf(rv->ber.data);
- (void)nss_ZFreeIf(rv->value);
- (void)nss_ZFreeIf(rv);
- return (NSSATAV *)NULL;
- }
-
- return rv;
-}
diff --git a/security/nss/lib/pki1/config.mk b/security/nss/lib/pki1/config.mk
deleted file mode 100644
index 4d255c57b..000000000
--- a/security/nss/lib/pki1/config.mk
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CONFIG_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-ifdef BUILD_IDG
-DEFINES += -DNSSDEBUG
-endif
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
diff --git a/security/nss/lib/pki1/genname.c b/security/nss/lib/pki1/genname.c
deleted file mode 100644
index e7b12806a..000000000
--- a/security/nss/lib/pki1/genname.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * genname.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * GeneralName.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * GeneralName
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] INSTANCE OF OTHER-NAME,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- * OTHER-NAME ::= TYPE-IDENTIFIER
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString {ub-name} OPTIONAL,
- * partyName [1] DirectoryString {ub-name} }
- *
- */
-
-struct nssGeneralNameStr {
- NSSGeneralNameChoice choice;
- union {
- /* OTHER-NAME otherName */
- NSSUTF8 *rfc822Name;
- NSSUTF8 *dNSName;
- /* ORAddress x400Address */
- NSSName *directoryName;
- /* EDIPartyName ediPartyName */
- NSSUTF8 *uniformResourceIdentifier;
- NSSItem *iPAddress;
- NSSOID *registeredID;
- } u;
-};
diff --git a/security/nss/lib/pki1/gnseq.c b/security/nss/lib/pki1/gnseq.c
deleted file mode 100644
index e56ec93b9..000000000
--- a/security/nss/lib/pki1/gnseq.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * gnseq.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * GeneralNames (note the ending 's').
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * GeneralNames (or, as we call it, GeneralNameSeq)
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * A GeneralNames is simply an (ordered) sequence of General Names.
- * The seqSize variable is "helper" kept for simplicity.
- */
-
-struct nssGeneralNameSeqStr {
- PRUint32 seqSize;
- NSSGeneralName **generalNames;
-};
diff --git a/security/nss/lib/pki1/manifest.mn b/security/nss/lib/pki1/manifest.mn
deleted file mode 100644
index a5b4ef80f..000000000
--- a/security/nss/lib/pki1/manifest.mn
+++ /dev/null
@@ -1,66 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-MANIFEST_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-CORE_DEPTH = ../../..
-
-PRIVATE_EXPORTS = \
- $(OBJDIR)/oiddata.h \
- pki1.h \
- pki1t.h \
- $(NULL)
-
-EXPORTS = \
- nsspki1.h \
- nsspki1t.h \
- $(NULL)
-
-MODULE = security
-
-BUILT_CSRCS = oiddata.c \
- $(NULL)
-
-CSRCS = \
- atav.c \
- genname.c \
- gnseq.c \
- name.c \
- oid.c \
- oiddata.c \
- rdn.c \
- rdnseq.c \
- $(NULL)
-
-REQUIRES = security nspr
-
-LIBRARY_NAME = pki1
diff --git a/security/nss/lib/pki1/name.c b/security/nss/lib/pki1/name.c
deleted file mode 100644
index 558e1142f..000000000
--- a/security/nss/lib/pki1/name.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * name.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * Name.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * Name
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * -- naming data types --
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- * A name is basically a union of the possible names. At the moment,
- * there is only one type of name: an RDNSequence.
- */
-
-struct nssNameStr {
- PRUint32 tagPlaceHolder;
- union {
- NSSRDNSeq *rdnSequence;
- } n;
-};
-
diff --git a/security/nss/lib/pki1/nsspki1.h b/security/nss/lib/pki1/nsspki1.h
deleted file mode 100644
index 3498ab520..000000000
--- a/security/nss/lib/pki1/nsspki1.h
+++ /dev/null
@@ -1,2869 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKI1_H
-#define NSSPKI1_H
-
-#ifdef DEBUG
-static const char NSSPKI1_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspki1.h
- *
- * This file contains the prototypes of the public NSS routines
- * dealing with the PKIX part-1 definitions.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-#ifndef OIDDATA_H
-#include "oiddata.h"
-#endif /* OIDDATA_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSOID
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSOID_CreateFromBER -- constructor
- * NSSOID_CreateFromUTF8 -- constructor
- * (there is no explicit destructor)
- *
- * NSSOID_GetDEREncoding
- * NSSOID_GetUTF8Encoding
- */
-
-extern const NSSOID *NSS_OID_UNKNOWN;
-
-/*
- * NSSOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID. It may return NSS_OID_UNKNOWN upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromBER
-(
- NSSBER *berOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_BER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string
- * representation of an OID in dotted-number format. The string may
- * optionally begin with an octothorpe. It may return NSS_OID_UNKNOWN
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromUTF8
-(
- NSSUTF8 *stringOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_STRING;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return return null upon error, in
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-NSSOID_GetDEREncoding
-(
- const NSSOID *oid,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number
- * encoding of the specified NSSOID. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return null upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the dotted-digit encoding of
- * this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSOID_GetUTF8Encoding
-(
- const NSSOID *oid,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSATAV_CreateFromBER -- constructor
- * NSSATAV_CreateFromUTF8 -- constructor
- * NSSATAV_Create -- constructor
- *
- * NSSATAV_Destroy
- * NSSATAV_GetDEREncoding
- * NSSATAV_GetUTF8Encoding
- * NSSATAV_GetType
- * NSSATAV_GetValue
- * NSSATAV_Compare
- * NSSATAV_Duplicate
- */
-
-/*
- * NSSATAV_CreateFromBER
- *
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *derATAV
-);
-
-extern const NSSError NSS_ERROR_INVALID_BER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US." If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringATAV
-);
-
-extern const NSSError NSS_ERROR_UNKNOWN_ATTRIBUTE;
-extern const NSSError NSS_ERROR_INVALID_STRING;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero,
- * the data is assumed to be terminated by first zero byte; this allows
- * UTF8 strings to be easily specified. This routine may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_Create
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- const void *data,
- PRUint32 length
-);
-
-extern const NSSError NSS_ERROR_INVALID_ARENA;
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_INVALID_POINTER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_Destroy
- *
- * This routine will destroy an ATAV object. It should eventually be
- * called on all ATAVs created without an arena. While it is not
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSATAV_Destroy
-(
- NSSATAV *atav
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-
-/*
- * NSSATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSATAV
- */
-
-NSS_EXTERN NSSDER *
-NSSATAV_GetDEREncoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the "equals" encoding of the
- * ATAV
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSATAV_GetUTF8Encoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV. This routine may return NSS_OID_UNKNOWN
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An element of enum NSSOIDenum upon success
- */
-
-NSS_EXTERN const NSSOID *
-NSSATAV_GetType
-(
- NSSATAV *atav
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-
-/*
- * NSSATAV_GetValue
- *
- * This routine returns an NSSItem containing the attribute value
- * in the specified ATAV. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSATAV_GetValue
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSATAV_Compare
- *
- * This routine compares two ATAVs for equality. For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute
- * values must have equal length and contents. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSATAV_Compare
-(
- NSSATAV *atav1,
- NSSATAV *atav2,
- PRBool *equalp
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_INVALID_ARGUMENT;
-
-/*
- * NSSATAV_Duplicate
- *
- * This routine duplicates the specified ATAV. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new ATAV
- */
-
-NSS_EXTERN NSSATAV *
-NSSATAV_Duplicate
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_ATAV;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * NSSRDN
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSRDN_CreateFromBER -- constructor
- * NSSRDN_CreateFromUTF8 -- constructor
- * NSSRDN_Create -- constructor
- * NSSRDN_CreateSimple -- constructor
- *
- * NSSRDN_Destroy
- * NSSRDN_GetDEREncoding
- * NSSRDN_GetUTF8Encoding
- * NSSRDN_AddATAV
- * NSSRDN_GetATAVCount
- * NSSRDN_GetATAV
- * NSSRDN_GetSimpleATAV
- * NSSRDN_Compare
- * NSSRDN_Duplicate
- */
-
-/*
- * NSSRDN_CreateFromBER
- *
- * This routine creates an NSSRDN by decoding a BER- or DER-encoded
- * RDN. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berRDN
-);
-
-/*
- * NSSRDN_CreateFromUTF8
- *
- * This routine creates an NSSRDN by decoding an UTF8 string
- * consisting of either a single ATAV in the "equals" format, e.g.,
- * "uid=smith," or one or more such ATAVs in parentheses, e.g.,
- * "(sn=Smith,ou=Sales)." If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringRDN
-);
-
-/*
- * NSSRDN_Create
- *
- * This routine creates an NSSRDN from one or more NSSATAVs. The
- * final argument to this routine must be NULL. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_Create
-(
- NSSArena *arenaOpt,
- NSSATAV *atav1,
- ...
-);
-
-/*
- * NSSRDN_CreateSimple
- *
- * This routine creates a simple NSSRDN from a single NSSATAV. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_CreateSimple
-(
- NSSArena *arenaOpt,
- NSSATAV *atav
-);
-
-/*
- * NSSRDN_Destroy
- *
- * This routine will destroy an RDN object. It should eventually be
- * called on all RDNs created without an arena. While it is not
- * necessary to call it on RDNs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * PR_FAILURE upon failure
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSRDN_Destroy
-(
- NSSRDN *rdn
-);
-
-/*
- * NSSRDN_GetDEREncoding
- *
- * This routine will DER-encode an RDN object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSRDN
- */
-
-NSS_EXTERN NSSDER *
-NSSRDN_GetDEREncoding
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDN_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the RDN. A simple (one-ATAV) RDN will be simply
- * the string representation of that ATAV; a non-simple RDN will be in
- * parenthesised form. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * null upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSRDN_GetUTF8Encoding
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDN_AddATAV
- *
- * This routine adds an ATAV to the set of ATAVs in the specified RDN.
- * Remember that RDNs consist of an unordered set of ATAVs. If the
- * RDN was created with a non-null arena argument, that same arena
- * will be used for any additional required memory. If the RDN was
- * created with a NULL arena argument, any additional memory will
- * be obtained from the heap. This routine returns a PRStatus value;
- * it will return PR_SUCCESS upon success, and upon failure it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSRDN_AddATAV
-(
- NSSRDN *rdn,
- NSSATAV *atav
-);
-
-/*
- * NSSRDN_GetATAVCount
- *
- * This routine returns the cardinality of the set of ATAVs within
- * the specified RDN. This routine may return 0 upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-NSSRDN_GetATAVCount
-(
- NSSRDN *rdn
-);
-
-/*
- * NSSRDN_GetATAV
- *
- * This routine returns a pointer to an ATAV that is a member of
- * the set of ATAVs within the specified RDN. While the set of
- * ATAVs within an RDN is unordered, this routine will return
- * distinct values for distinct values of 'i' as long as the RDN
- * is not changed in any way. The RDN may be changed by calling
- * NSSRDN_AddATAV. The value of the variable 'i' is on the range
- * [0,c) where c is the cardinality returned from NSSRDN_GetATAVCount.
- * The caller owns the ATAV the pointer to which is returned. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-NSSRDN_GetATAV
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * NSSRDN_GetSimpleATAV
- *
- * Most RDNs are actually very simple, with a single ATAV. This
- * routine will return the single ATAV from such an RDN. The caller
- * owns the ATAV the pointer to which is returned. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, including the case where
- * the set of ATAVs in the RDN is nonsingular. Upon error, this
- * routine will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_RDN_NOT_SIMPLE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-NSSRDN_GetSimpleATAV
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDN_Compare
- *
- * This routine compares two RDNs for equality. For two RDNs to be
- * equal, they must have the same number of ATAVs, and every ATAV in
- * one must be equal to an ATAV in the other. (Note that the sets
- * of ATAVs are unordered.) The result of the comparison will be
- * stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSRDN_Compare
-(
- NSSRDN *rdn1,
- NSSRDN *rdn2,
- PRBool *equalp
-);
-
-/*
- * NSSRDN_Duplicate
- *
- * This routine duplicates the specified RDN. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new RDN
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDN_Duplicate
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSRDNSeq_CreateFromBER -- constructor
- * NSSRDNSeq_CreateFromUTF8 -- constructor
- * NSSRDNSeq_Create -- constructor
- *
- * NSSRDNSeq_Destroy
- * NSSRDNSeq_GetDEREncoding
- * NSSRDNSeq_GetUTF8Encoding
- * NSSRDNSeq_AppendRDN
- * NSSRDNSeq_GetRDNCount
- * NSSRDNSeq_GetRDN
- * NSSRDNSeq_Compare
- * NSSRDNSeq_Duplicate
- */
-
-/*
- * NSSRDNSeq_CreateFromBER
- *
- * This routine creates an NSSRDNSeq by decoding a BER- or DER-encoded
- * sequence of RDNs. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berRDNSeq
-);
-
-/*
- * NSSRDNSeq_CreateFromUTF8
- *
- * This routine creates an NSSRDNSeq by decoding a UTF8 string
- * consisting of a comma-separated sequence of RDNs, such as
- * "(sn=Smith,ou=Sales),o=Acme,c=US." If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringRDNSeq
-);
-
-/*
- * NSSRDNSeq_Create
- *
- * This routine creates an NSSRDNSeq from one or more NSSRDNs. The
- * final argument to this routine must be NULL. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * NULL upon error
- * A pointero to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_Create
-(
- NSSArena *arenaOpt,
- NSSRDN *rdn1,
- ...
-);
-
-/*
- * NSSRDNSeq_Destroy
- *
- * This routine will destroy an RDNSeq object. It should eventually
- * be called on all RDNSeqs created without an arena. While it is not
- * necessary to call it on RDNSeqs created within an arena, it is not
- * an error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSRDNSeq_Destroy
-(
- NSSRDNSeq *rdnseq
-);
-
-/*
- * NSSRDNSeq_GetDEREncoding
- *
- * This routine will DER-encode an RDNSeq object. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSRDNSeq
- */
-
-NSS_EXTERN NSSDER *
-NSSRDNSeq_GetDEREncoding
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the RDNSeq as a comma-separated sequence of RDNs.
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSRDNSeq_GetUTF8Encoding
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq_AppendRDN
- *
- * This routine appends an RDN to the end of the existing RDN
- * sequence. If the RDNSeq was created with a non-null arena
- * argument, that same arena will be used for any additional required
- * memory. If the RDNSeq was created with a NULL arena argument, any
- * additional memory will be obtained from the heap. This routine
- * returns a PRStatus value; it will return PR_SUCCESS upon success,
- * and upon failure it will create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSRDNSeq_AppendRDN
-(
- NSSRDNSeq *rdnseq,
- NSSRDN *rdn
-);
-
-/*
- * NSSRDNSeq_GetRDNCount
- *
- * This routine returns the cardinality of the sequence of RDNs within
- * the specified RDNSeq. This routine may return 0 upon error, in
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-NSSRDNSeq_GetRDNCount
-(
- NSSRDNSeq *rdnseq
-);
-
-/*
- * NSSRDNSeq_GetRDN
- *
- * This routine returns a pointer to the i'th RDN in the sequence of
- * RDNs that make up the specified RDNSeq. The sequence begins with
- * the top-level (e.g., "c=US") RDN. The value of the variable 'i'
- * is on the range [0,c) where c is the cardinality returned from
- * NSSRDNSeq_GetRDNCount. The caller owns the RDN the pointer to which
- * is returned. If the optional arena argument is non-null, the memory
- * used will be obtained from that areana; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack. Note that the
- * usual string representation of RDN Sequences is from last to first.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRDN
- */
-
-NSS_EXTERN NSSRDN *
-NSSRDNSeq_GetRDN
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * NSSRDNSeq_Compare
- *
- * This routine compares two RDNSeqs for equality. For two RDNSeqs to
- * be equal, they must have the same number of RDNs, and each RDN in
- * one sequence must be equal to the corresponding RDN in the other
- * sequence. The result of the comparison will be stored at the
- * location pointed to by the "equalp" variable, which must point to a
- * valid PRBool. This routine may return PR_FAILURE upon error, in
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSRDNSeq_Compare
-(
- NSSRDNSeq *rdnseq1,
- NSSRDNSeq *rdnseq2,
- PRBool *equalp
-);
-
-/*
- * NSSRDNSeq_Duplicate
- *
- * This routine duplicates the specified RDNSeq. If the optional arena
- * argument is non-null, the memory required will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new RDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSRDNSeq_Duplicate
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSName_CreateFromBER -- constructor
- * NSSName_CreateFromUTF8 -- constructor
- * NSSName_Create -- constructor
- *
- * NSSName_Destroy
- * NSSName_GetDEREncoding
- * NSSName_GetUTF8Encoding
- * NSSName_GetChoice
- * NSSName_GetRDNSequence
- * NSSName_GetSpecifiedChoice
- * NSSName_Compare
- * NSSName_Duplicate
- *
- * NSSName_GetUID
- * NSSName_GetEmail
- * NSSName_GetCommonName
- * NSSName_GetOrganization
- * NSSName_GetOrganizationalUnits
- * NSSName_GetStateOrProvince
- * NSSName_GetLocality
- * NSSName_GetCountry
- * NSSName_GetAttribute
- */
-
-/*
- * NSSName_CreateFromBER
- *
- * This routine creates an NSSName by decoding a BER- or DER-encoded
- * (directory) Name. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have created an error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-NSSName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berName
-);
-
-/*
- * NSSName_CreateFromUTF8
- *
- * This routine creates an NSSName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * (directory) names. Currently the only choice is an RDNSeq. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. The routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-NSSName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringName
-);
-
-/*
- * NSSName_Create
- *
- * This routine creates an NSSName with the specified choice of
- * underlying name types. The value of the choice variable must be
- * one of the values of the NSSNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- * Choice Type
- * ======================== ===========
- * NSSNameChoiceRdnSequence NSSRDNSeq *
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-NSSName_Create
-(
- NSSArena *arenaOpt,
- NSSNameChoice choice,
- void *arg
-);
-
-/*
- * NSSName_Destroy
- *
- * This routine will destroy a Name object. It should eventually be
- * called on all Names created without an arena. While it is not
- * necessary to call it on Names created within an arena, it is not
- * an error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSName_Destroy
-(
- NSSName *name
-);
-
-/*
- * NSSName_GetDEREncoding
- *
- * This routine will DER-encode a name object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSName
- */
-
-NSS_EXTERN NSSDER *
-NSSName_GetDEREncoding
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the Name in the format specified by the
- * underlying name choice. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSName_GetUTF8Encoding
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetChoice
- *
- * This routine returns the type of the choice underlying the specified
- * name. The return value will be a member of the NSSNameChoice
- * enumeration. This routine may return NSSNameChoiceInvalid upon
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- *
- * Return value:
- * NSSNameChoiceInvalid upon error
- * An other member of the NSSNameChoice enumeration upon success
- */
-
-NSS_EXTERN NSSNameChoice
-NSSName_GetChoice
-(
- NSSName *name
-);
-
-/*
- * NSSName_GetRDNSequence
- *
- * If the choice underlying the specified NSSName is that of an
- * RDNSequence, this routine will return a pointer to that RDN
- * sequence. Otherwise, this routine will place an error on the
- * error stack, and return NULL. If the optional arena argument is
- * non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. The
- * caller owns the returned pointer. This routine may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-NSSName_GetRDNSequence
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSName matches the specified
- * choice, a caller-owned pointer to that underlying object will be
- * returned. Otherwise, an error will be placed on the error stack and
- * NULL will be returned. If the optional arena argument is non-null,
- * the memory required will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-NSSName_GetSpecifiedChoice
-(
- NSSName *name,
- NSSNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_Compare
- *
- * This routine compares two Names for equality. For two Names to be
- * equal, they must have the same choice of underlying types, and the
- * underlying values must be equal. The result of the comparison will
- * be stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSName_Compare
-(
- NSSName *name1,
- NSSName *name2,
- PRBool *equalp
-);
-
-/*
- * NSSName_Duplicate
- *
- * This routine duplicates the specified nssname. If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new NSSName
- */
-
-NSS_EXTERN NSSName *
-NSSName_Duplicate
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing a UID attribute, the UID will be the value of
- * that attribute. Note that no UID attribute is defined in either
- * PKIX or PKCS#9; rather, this seems to derive from RFC 1274, which
- * defines the type as a caseIgnoreString. We'll return a Directory
- * String. If the optional arena argument is non-null, the memory
- * used will be obtained from that arena; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_UID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetUID
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing either a PKIX email address or a PKCS#9 email
- * address, the result will be the value of that attribute. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_EMAIL
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5 String */
-NSSName_GetEmail
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a PKIX Common Name, the result will be that name. If
- * the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetCommonName
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified name, if the choices and content of the name permit.
- * If Name consists of a Sequence of Relative Distinguished names
- * containing a PKIX Organization, the result will be the value of
- * that attribute. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. This routine may return NULL upon
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ORGANIZATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetOrganization
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational
- * unit names from the specified name, if the choices and content of
- * the name permit. If the Name consists of a Sequence of Relative
- * Distinguished Names containing one or more organisational units,
- * the result will be the values of those attributes. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-NSSName_GetOrganizationalUnits
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from
- * the specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a state or province, the result will be the value of
- * that attribute. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. This routine may return NULL upon
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_STATE_OR_PROVINCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetStateOrProvince
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetLocality
- *
- * This routine will attempt to derive a locality name from the
- * specified name, if the choices and content of the name permit. If
- * the Name consists of a Sequence of Relative Distinguished names
- * containing a Locality, the result will be the value of that
- * attribute. If the optional arena argument is non-null, the memory
- * used will be obtained from that arena; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_LOCALITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetLocality
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetCountry
- *
- * This routine will attempt to derive a country name from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing a Country, the result will be the value of
- * that attribute.. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_COUNTRY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-NSSName_GetCountry
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSName_GetAttribute
- *
- * If the specified name consists of a Sequence of Relative
- * Distinguished Names containing an attribute with the specified
- * type, and the actual value of that attribute may be expressed
- * with a Directory String, then the value of that attribute will
- * be returned as a Directory String. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ATTRIBUTE
- * NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSName_GetAttribute
-(
- NSSName *name,
- NSSOID *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSGeneralName_CreateFromBER -- constructor
- * NSSGeneralName_CreateFromUTF8 -- constructor
- * NSSGeneralName_Create -- constructor
- *
- * NSSGeneralName_Destroy
- * NSSGeneralName_GetDEREncoding
- * NSSGeneralName_GetUTF8Encoding
- * NSSGeneralName_GetChoice
- * NSSGeneralName_GetOtherName
- * NSSGeneralName_GetRfc822Name
- * NSSGeneralName_GetDNSName
- * NSSGeneralName_GetX400Address
- * NSSGeneralName_GetDirectoryName
- * NSSGeneralName_GetEdiPartyName
- * NSSGeneralName_GetUniformResourceIdentifier
- * NSSGeneralName_GetIPAddress
- * NSSGeneralName_GetRegisteredID
- * NSSGeneralName_GetSpecifiedChoice
- * NSSGeneralName_Compare
- * NSSGeneralName_Duplicate
- *
- * NSSGeneralName_GetUID
- * NSSGeneralName_GetEmail
- * NSSGeneralName_GetCommonName
- * NSSGeneralName_GetOrganization
- * NSSGeneralName_GetOrganizationalUnits
- * NSSGeneralName_GetStateOrProvince
- * NSSGeneralName_GetLocality
- * NSSGeneralName_GetCountry
- * NSSGeneralName_GetAttribute
- */
-
-/*
- * NSSGeneralName_CreateFromBER
- *
- * This routine creates an NSSGeneralName by decoding a BER- or DER-
- * encoded general name. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berGeneralName
-);
-
-/*
- * NSSGeneralName_CreateFromUTF8
- *
- * This routine creates an NSSGeneralName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * general names. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The routine may return NULL upon
- * error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringGeneralName
-);
-
-/*
- * NSSGeneralName_Create
- *
- * This routine creates an NSSGeneralName with the specified choice of
- * underlying name types. The value of the choice variable must be one
- * of the values of the NSSGeneralNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- * Choice Type
- * ============================================ =========
- * NSSGeneralNameChoiceOtherName
- * NSSGeneralNameChoiceRfc822Name
- * NSSGeneralNameChoiceDNSName
- * NSSGeneralNameChoiceX400Address
- * NSSGeneralNameChoiceDirectoryName NSSName *
- * NSSGeneralNameChoiceEdiPartyName
- * NSSGeneralNameChoiceUniformResourceIdentifier
- * NSSGeneralNameChoiceIPAddress
- * NSSGeneralNameChoiceRegisteredID
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one fo the following values:
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_Create
-(
- NSSGeneralNameChoice choice,
- void *arg
-);
-
-/*
- * NSSGeneralName_Destroy
- *
- * This routine will destroy a General Name object. It should
- * eventually be called on all General Names created without an arena.
- * While it is not necessary to call it on General Names created within
- * an arena, it is not an error to do so. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * usuccessful, it will create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * PR_FAILURE upon failure
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralName_Destroy
-(
- NSSGeneralName *generalName
-);
-
-/*
- * NSSGeneralName_GetDEREncoding
- *
- * This routine will DER-encode a name object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSGeneralName
- */
-
-NSS_EXTERN NSSDER *
-NSSGeneralName_GetDEREncoding
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the General Name in the format specified by the
- * underlying name choice. If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSGeneralName_GetUTF8Encoding
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetChoice
- *
- * This routine returns the type of choice underlying the specified
- * general name. The return value will be a member of the
- * NSSGeneralNameChoice enumeration. This routine may return
- * NSSGeneralNameChoiceInvalid upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * NSSGeneralNameChoiceInvalid upon error
- * An other member of the NSSGeneralNameChoice enumeration
- */
-
-NSS_EXTERN NSSGeneralNameChoice
-NSSGeneralName_GetChoice
-(
- NSSGeneralName *generalName
-);
-
-/*
- * NSSGeneralName_GetOtherName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * Other Name, this routine will return a pointer to that Other name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSOtherName
- */
-
-NSS_EXTERN NSSOtherName *
-NSSGeneralName_GetOtherName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetRfc822Name
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * RFC 822 Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRFC822Name
- */
-
-NSS_EXTERN NSSRFC822Name *
-NSSGeneralName_GetRfc822Name
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetDNSName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * DNS Name, this routine will return a pointer to that DNS name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSDNSName
- */
-
-NSS_EXTERN NSSDNSName *
-NSSGeneralName_GetDNSName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetX400Address
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * X.400 Address, this routine will return a pointer to that Address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSX400Address
- */
-
-NSS_EXTERN NSSX400Address *
-NSSGeneralName_GetX400Address
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetDirectoryName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * (directory) Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSName
- */
-
-NSS_EXTERN NSSName *
-NSSGeneralName_GetName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetEdiPartyName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * EDI Party Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSEdiPartyName
- */
-
-NSS_EXTERN NSSEdiPartyName *
-NSSGeneralName_GetEdiPartyName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetUniformResourceIdentifier
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * URI, this routine will return a pointer to that URI.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSURI
- */
-
-NSS_EXTERN NSSURI *
-NSSGeneralName_GetUniformResourceIdentifier
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetIPAddress
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * IP Address , this routine will return a pointer to that address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSIPAddress
- */
-
-NSS_EXTERN NSSIPAddress *
-NSSGeneralName_GetIPAddress
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetRegisteredID
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * Registered ID, this routine will return a pointer to that ID.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRegisteredID
- */
-
-NSS_EXTERN NSSRegisteredID *
-NSSGeneralName_GetRegisteredID
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSGeneralName matches the
- * specified choice, a caller-owned pointer to that underlying object
- * will be returned. Otherwise, an error will be placed on the error
- * stack and NULL will be returned. If the optional arena argument
- * is non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. The caller
- * owns the returned pointer. This routine may return NULL upon
- * error, in which caes it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-NSSGeneralName_GetSpecifiedChoice
-(
- NSSGeneralName *generalName,
- NSSGeneralNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_Compare
- *
- * This routine compares two General Names for equality. For two
- * General Names to be equal, they must have the same choice of
- * underlying types, and the underlying values must be equal. The
- * result of the comparison will be stored at the location pointed
- * to by the "equalp" variable, which must point to a valid PRBool.
- * This routine may return PR_FAILURE upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following value:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralName_Compare
-(
- NSSGeneralName *generalName1,
- NSSGeneralName *generalName2,
- PRBool *equalp
-);
-
-/*
- * NSSGeneralName_Duplicate
- *
- * This routine duplicates the specified General Name. If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap. This routine may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new NSSGeneralName
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralName_Duplicate
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished Names containing a UID
- * attribute, the UID will be the value of that attribute. Note
- * that no UID attribute is defined in either PKIX or PKCS#9;
- * rather, this seems to derive from RFC 1274, which defines the
- * type as a caseIgnoreString. We'll return a Directory String.
- * If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_UID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetUID
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing either
- * a PKIX email address or a PKCS#9 email address, the result will
- * be the value of that attribute. If the General Name is an RFC 822
- * Name, the result will be the string form of that name. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_EMAIL
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5String */
-NSSGeneralName_GetEmail
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a PKIX
- * Common Name, the result will be that name. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetCommonName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing an
- * Organization, the result will be the value of that attribute.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ORGANIZATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetOrganization
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational
- * unit names from the specified general name, if the choices and
- * content of the name permit. If the General Name is a (directory)
- * Name consisting of a Sequence of Relative Distinguished names
- * containing one or more organisational units, the result will
- * consist of those units. If the optional arena argument is non-
- * null, the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-NSSGeneralName_GetOrganizationalUnits
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from
- * the specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a state or
- * province, the result will be the value of that attribute. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_STATE_OR_PROVINCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetStateOrProvince
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetLocality
- *
- * This routine will attempt to derive a locality name from
- * the specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a Locality,
- * the result will be the value of that attribute. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_LOCALITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetLocality
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetCountry
- *
- * This routine will attempt to derive a country name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting of a
- * Sequence of Relative Distinguished names containing a Country, the
- * result will be the value of that attribute. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_COUNTRY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-NSSGeneralName_GetCountry
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralName_GetAttribute
- *
- * If the specified general name is a (directory) name consisting
- * of a Sequence of Relative Distinguished Names containing an
- * attribute with the specified type, and the actual value of that
- * attribute may be expressed with a Directory String, then the
- * value of that attribute will be returned as a Directory String.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ATTRIBUTE
- * NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-NSSGeneralName_GetAttribute
-(
- NSSGeneralName *generalName,
- NSSOID *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralNameSeq
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSGeneralNameSeq_CreateFromBER -- constructor
- * NSSGeneralNameSeq_Create -- constructor
- *
- * NSSGeneralNameSeq_Destroy
- * NSSGeneralNameSeq_GetDEREncoding
- * NSSGeneralNameSeq_AppendGeneralName
- * NSSGeneralNameSeq_GetGeneralNameCount
- * NSSGeneralNameSeq_GetGeneralName
- * NSSGeneralNameSeq_Compare
- * NSSGeneralnameSeq_Duplicate
- */
-
-/*
- * NSSGeneralNameSeq_CreateFromBER
- *
- * This routine creates a general name sequence by decoding a BER-
- * or DER-encoded GeneralNames. If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-NSSGeneralNameSeq_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berGeneralNameSeq
-);
-
-/*
- * NSSGeneralNameSeq_Create
- *
- * This routine creates an NSSGeneralNameSeq from one or more General
- * Names. The final argument to this routine must be NULL. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-NSSGeneralNameSeq_Create
-(
- NSSArena *arenaOpt,
- NSSGeneralName *generalName1,
- ...
-);
-
-/*
- * NSSGeneralNameSeq_Destroy
- *
- * This routine will destroy an NSSGeneralNameSeq object. It should
- * eventually be called on all NSSGeneralNameSeqs created without an
- * arena. While it is not necessary to call it on NSSGeneralNameSeq's
- * created within an arena, it is not an error to do so. This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will create an error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralNameSeq_Destroy
-(
- NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * NSSGeneralNameSeq_GetDEREncoding
- *
- * This routine will DER-encode an NSSGeneralNameSeq object. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSGeneralNameSeq
- */
-
-NSS_EXTERN NSSDER *
-NSSGeneralNameSeq_GetDEREncoding
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralNameSeq_AppendGeneralName
- *
- * This routine appends a General Name to the end of the existing
- * General Name Sequence. If the sequence was created with a non-null
- * arena argument, that same arena will be used for any additional
- * required memory. If the sequence was created with a NULL arena
- * argument, any additional memory will be obtained from the heap.
- * This routine returns a PRStatus value; it will return PR_SUCCESS
- * upon success, and upon failure it will create an error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure.
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralNameSeq_AppendGeneralName
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSGeneralName *generalName
-);
-
-/*
- * NSSGeneralNameSeq_GetGeneralNameCount
- *
- * This routine returns the cardinality of the specified General name
- * Sequence. This routine may return 0 upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value;
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-NSSGeneralNameSeq_GetGeneralNameCount
-(
- NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * NSSGeneralNameSeq_GetGeneralName
- *
- * This routine returns a pointer to the i'th General Name in the
- * specified General Name Sequence. The value of the variable 'i' is
- * on the range [0,c) where c is the cardinality returned from
- * NSSGeneralNameSeq_GetGeneralNameCount. The caller owns the General
- * Name the pointer to which is returned. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to a General Name.
- */
-
-NSS_EXTERN NSSGeneralName *
-NSSGeneralNameSeq_GetGeneralName
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * NSSGeneralNameSeq_Compare
- *
- * This routine compares two General Name Sequences for equality. For
- * two General Name Sequences to be equal, they must have the same
- * cardinality, and each General Name in one sequence must be equal to
- * the corresponding General Name in the other. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-NSSGeneralNameSeq_Compare
-(
- NSSGeneralNameSeq *generalNameSeq1,
- NSSGeneralNameSeq *generalNameSeq2,
- PRBool *equalp
-);
-
-/*
- * NSSGeneralNameSeq_Duplicate
- *
- * This routine duplicates the specified sequence of general names. If
- * the optional arena argument is non-null, the memory required will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new General Name Sequence.
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-NSSGeneralNameSeq_Duplicate
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* NSSPT1M_H */
diff --git a/security/nss/lib/pki1/nsspki1t.h b/security/nss/lib/pki1/nsspki1t.h
deleted file mode 100644
index 8765a3ad3..000000000
--- a/security/nss/lib/pki1/nsspki1t.h
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKI1T_H
-#define NSSPKI1T_H
-
-#ifdef DEBUG
-static const char NSSPKI1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspki1t.h
- *
- * This file contains the public type definitions for the PKIX part-1
- * objects.
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * OBJECT IDENTIFIER
- *
- * This is the basic OID that crops up everywhere.
- */
-
-struct NSSOIDStr;
-typedef struct NSSOIDStr NSSOID;
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNamess consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- */
-
-struct NSSATAVStr;
-typedef struct NSSATAVStr NSSATAV;
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- */
-
-struct NSSRDNStr;
-typedef struct NSSRDNStr NSSRDN;
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- */
-
-struct NSSRDNSeqStr;
-typedef struct NSSRDNSeqStr NSSRDNSeq;
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- */
-
-struct NSSNameStr;
-typedef struct NSSNameStr NSSName;
-
-/*
- * NameChoice
- *
- * This enumeration is used to specify choice within a name.
- */
-
-enum NSSNameChoiceEnum {
- NSSNameChoiceInvalid = -1,
- NSSNameChoiceRdnSequence
-};
-typedef enum NSSNameChoiceEnum NSSNameChoice;
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- */
-
-struct NSSGeneralNameStr;
-typedef struct NSSGeneralNameStr NSSGeneralName;
-
-/*
- * GeneralNameChoice
- *
- * This enumerates the possible general name types.
- */
-
-enum NSSGeneralNameChoiceEnum {
- NSSGeneralNameChoiceInvalid = -1,
- NSSGeneralNameChoiceOtherName = 0,
- NSSGeneralNameChoiceRfc822Name = 1,
- NSSGeneralNameChoiceDNSName = 2,
- NSSGeneralNameChoiceX400Address = 3,
- NSSGeneralNameChoiceDirectoryName = 4,
- NSSGeneralNameChoiceEdiPartyName = 5,
- NSSGeneralNameChoiceUniformResourceIdentifier = 6,
- NSSGeneralNameChoiceIPAddress = 7,
- NSSGeneralNameChoiceRegisteredID = 8
-};
-typedef enum NSSGeneralNameChoiceEnum NSSGeneralNameChoice;
-
-/*
- * The "other" types of general names.
- */
-
-struct NSSOtherNameStr;
-typedef struct NSSOtherNameStr NSSOtherName;
-
-struct NSSRFC822NameStr;
-typedef struct NSSRFC822NameStr NSSRFC822Name;
-
-struct NSSDNSNameStr;
-typedef struct NSSDNSNameStr NSSDNSName;
-
-struct NSSX400AddressStr;
-typedef struct NSSX400AddressStr NSSX400Address;
-
-struct NSSEdiPartyNameStr;
-typedef struct NSSEdiPartyNameStr NSSEdiPartyName;
-
-struct NSSURIStr;
-typedef struct NSSURIStr NSSURI;
-
-struct NSSIPAddressStr;
-typedef struct NSSIPAddressStr NSSIPAddress;
-
-struct NSSRegisteredIDStr;
-typedef struct NSSRegisteredIDStr NSSRegisteredID;
-
-/*
- * GeneralNameSeq
- *
- * This structure contains a sequence of GeneralName objects.
- * Note that the PKIX documents refer to this as "GeneralNames,"
- * which differs from "GeneralName" by only one letter. To
- * try to reduce confusion, we expand the name slightly to
- * "GeneralNameSeq."
- */
-
-struct NSSGeneralNameSeqStr;
-typedef struct NSSGeneralNameSeqStr NSSGeneralNameSeq;
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKI1T_H */
diff --git a/security/nss/lib/pki1/oid.c b/security/nss/lib/pki1/oid.c
deleted file mode 100644
index 2631682d4..000000000
--- a/security/nss/lib/pki1/oid.c
+++ /dev/null
@@ -1,1615 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * oid.c
- *
- * This file contains the implementation of the basic OID routines.
- */
-
-#ifndef BASE_H
-#include "base.h"
-#endif /* BASE_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-#include "plhash.h"
-#include "plstr.h"
-
-/*
- * NSSOID
- *
- * The public "methods" regarding this "object" are:
- *
- * NSSOID_CreateFromBER -- constructor
- * NSSOID_CreateFromUTF8 -- constructor
- * (there is no explicit destructor)
- *
- * NSSOID_GetDEREncoding
- * NSSOID_GetUTF8Encoding
-
- * The non-public "methods" regarding this "object" are:
- *
- * nssOID_CreateFromBER -- constructor
- * nssOID_CreateFromUTF8 -- constructor
- * (there is no explicit destructor)
- *
- * nssOID_GetDEREncoding
- * nssOID_GetUTF8Encoding
- *
- * In debug builds, the following non-public calls are also available:
- *
- * nssOID_verifyPointer
- * nssOID_getExplanation
- * nssOID_getTaggedUTF8
- */
-
-const NSSOID *NSS_OID_UNKNOWN = (NSSOID *)NULL;
-
-/*
- * First, the public "wrappers"
- */
-
-/*
- * NSSOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID. It may return NULL upon error, in which case it
- * will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromBER
-(
- NSSBER *berOid
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- /*
- * NSSBERs can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSBER *)NULL == berOid ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSOID *)NULL;
- }
-
- if( (void *)NULL == berOid->data ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSOID *)NULL;
- }
-#endif /* DEBUG */
-
- return nssOID_CreateFromBER(berOid);
-}
-
-/*
- * NSSOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string
- * representation of an OID in dotted-number format. The string may
- * optionally begin with an octothorpe. It may return NULL
- * upon error, in which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-NSSOID_CreateFromUTF8
-(
- NSSUTF8 *stringOid
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- /*
- * NSSUTF8s can be created by the user,
- * so no pointer-tracking can be checked.
- */
-
- if( (NSSUTF8 *)NULL == stringOid ) {
- nss_SetError(NSS_ERROR_INVALID_UTF8);
- return (NSSOID *)NULL;
- }
-#endif /* DEBUG */
-
- return nssOID_CreateFromUTF8(stringOid);
-}
-
-/*
- * NSSOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return return null upon error, in
- * which case it will have created an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-NSSOID_GetDEREncoding
-(
- const NSSOID *oid,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssOID_GetDEREncoding(oid, rvOpt, arenaOpt);
-}
-
-/*
- * NSSOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number
- * encoding of the specified NSSOID. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return null upon error, in which case it will have created an
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the dotted-digit encoding of
- * this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSOID_GetUTF8Encoding
-(
- const NSSOID *oid,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssOID_GetUTF8Encoding(oid, arenaOpt);
-}
-
-/*
- * Next, some internal bookkeeping; including the OID "tag" table
- * and the debug-version pointer tracker.
- */
-
-/*
- * For implementation reasons (so NSSOIDs can be compared with ==),
- * we hash all NSSOIDs. This is the hash table.
- */
-
-static PLHashTable *oid_hash_table;
-
-/*
- * And this is its lock.
- */
-
-static PZLock *oid_hash_lock;
-
-/*
- * This is the hash function. We simply XOR the encoded form with
- * itself in sizeof(PLHashNumber)-byte chunks. Improving this
- * routine is left as an excercise for the more mathematically
- * inclined student.
- */
-
-static PLHashNumber PR_CALLBACK
-oid_hash
-(
- const void *key
-)
-{
- const NSSItem *item = (const NSSItem *)key;
- PLHashNumber rv = 0;
-
- PRUint8 *data = (PRUint8 *)item->data;
- PRUint32 i;
- PRUint8 *rvc = (PRUint8 *)&rv;
-
- for( i = 0; i < item->size; i++ ) {
- rvc[ i % sizeof(rv) ] ^= *data;
- data++;
- }
-
- return rv;
-}
-
-/*
- * This is the key-compare function. It simply does a lexical
- * comparison on the encoded OID form. This does not result in
- * quite the same ordering as the "sequence of numbers" order,
- * but heck it's only used internally by the hash table anyway.
- */
-
-static PRIntn PR_CALLBACK
-oid_hash_compare
-(
- const void *k1,
- const void *k2
-)
-{
- PRIntn rv;
-
- const NSSItem *i1 = (const NSSItem *)k1;
- const NSSItem *i2 = (const NSSItem *)k2;
-
- PRUint32 size = (i1->size < i2->size) ? i1->size : i2->size;
-
- rv = (PRIntn)nsslibc_memcmp(i1->data, i2->data, size, (PRStatus *)NULL);
- if( 0 == rv ) {
- rv = i1->size - i2->size;
- }
-
- return !rv;
-}
-
-/*
- * The pointer-tracking code
- */
-
-#ifdef DEBUG
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker oid_pointer_tracker;
-
-static PRStatus
-oid_add_pointer
-(
- const NSSOID *oid
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&oid_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&oid_pointer_tracker, oid);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-#if defined(CAN_DELETE_OIDS)
-/*
- * We actually don't define NSSOID deletion, since we keep OIDs
- * in a hash table for easy comparison. Were we to, this is
- * what the pointer-removal function would look like.
- */
-
-static PRStatus
-oid_remove_pointer
-(
- const NSSOID *oid
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&oid_pointer_tracker, oid);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-#endif /* CAN_DELETE_OIDS */
-
-#endif /* DEBUG */
-
-/*
- * All dynamically-added OIDs get their memory from one statically-
- * declared arena here, merely so that any cleanup code will have
- * an easier time of it.
- */
-
-static NSSArena *oid_arena;
-
-/*
- * This is the call-once function which initializes the hashtable.
- * It creates it, then prepopulates it with all of the builtin OIDs.
- * It also creates the aforementioned NSSArena.
- */
-
-static PRStatus PR_CALLBACK
-oid_once_func
-(
- void
-)
-{
- PRUint32 i;
-
- /* Initialize the arena */
- oid_arena = nssArena_Create();
- if( (NSSArena *)NULL == oid_arena ) {
- goto loser;
- }
-
- /* Create the hash table lock */
- oid_hash_lock = PZ_NewLock(nssILockOID);
- if( (PZLock *)NULL == oid_hash_lock ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* Create the hash table */
- oid_hash_table = PL_NewHashTable(0, oid_hash, oid_hash_compare,
- PL_CompareValues,
- (PLHashAllocOps *)0,
- (void *)0);
- if( (PLHashTable *)NULL == oid_hash_table ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* And populate it with all the builtins */
- for( i = 0; i < nss_builtin_oid_count; i++ ) {
- NSSOID *oid = (NSSOID *)&nss_builtin_oids[i];
- PLHashEntry *e = PL_HashTableAdd(oid_hash_table, &oid->data, oid);
- if( (PLHashEntry *)NULL == e ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- goto loser;
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != oid_add_pointer(oid) ) {
- goto loser;
- }
-#endif /* DEBUG */
- }
-
- return PR_SUCCESS;
-
- loser:
- if( (PLHashTable *)NULL != oid_hash_table ) {
- PL_HashTableDestroy(oid_hash_table);
- oid_hash_table = (PLHashTable *)NULL;
- }
-
- if( (PZLock *)NULL != oid_hash_lock ) {
- PZ_DestroyLock(oid_hash_lock);
- oid_hash_lock = (PZLock *)NULL;
- }
-
- if( (NSSArena *)NULL != oid_arena ) {
- (void)nssArena_Destroy(oid_arena);
- oid_arena = (NSSArena *)NULL;
- }
-
- return PR_FAILURE;
-}
-
-/*
- * This is NSPR's once-block.
- */
-
-static PRCallOnceType oid_call_once;
-
-/*
- * And this is our multiply-callable internal init routine, which
- * will call-once our call-once function.
- */
-
-static PRStatus
-oid_init
-(
- void
-)
-{
- return PR_CallOnce(&oid_call_once, oid_once_func);
-}
-
-#ifdef DEBUG
-
-/*
- * nssOID_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSOID object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssOID_verifyPointer
-(
- const NSSOID *oid
-)
-{
- PRStatus rv;
-
- rv = oid_init();
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_initialize(&oid_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&oid_pointer_tracker, oid);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_NSSOID);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-#endif /* DEBUG */
-
-/*
- * oid_sanity_check_ber
- *
- * This routine merely applies some sanity-checking to the BER-encoded
- * OID.
- */
-
-static PRStatus
-oid_sanity_check_ber
-(
- NSSBER *berOid
-)
-{
- PRUint32 i;
- PRUint8 *data = (PRUint8 *)berOid->data;
-
- /*
- * The size must be longer than zero bytes.
- */
-
- if( berOid->size <= 0 ) {
- return PR_FAILURE;
- }
-
- /*
- * In general, we can't preclude any number from showing up
- * someday. We could probably guess that top-level numbers
- * won't get very big (beyond the current ccitt(0), iso(1),
- * or joint-ccitt-iso(2)). However, keep in mind that the
- * encoding rules wrap the first two numbers together, as
- *
- * (first * 40) + second
- *
- * Also, it is noted in the specs that this implies that the
- * second number won't go above forty.
- *
- * 128 encodes 3.8, which seems pretty safe for now. Let's
- * check that the first byte is less than that.
- *
- * XXX This is a "soft check" -- we may want to exclude it.
- */
-
- if( data[0] >= 0x80 ) {
- return PR_FAILURE;
- }
-
- /*
- * In a normalised format, leading 0x80s will never show up.
- * This means that no 0x80 will be preceeded by the final
- * byte of a sequence, which would naturaly be less than 0x80.
- * Our internal encoding for the single-digit OIDs uses 0x80,
- * but the only places we use them (loading the builtin table,
- * and adding a UTF8-encoded OID) bypass this check.
- */
-
- for( i = 1; i < berOid->size; i++ ) {
- if( (0x80 == data[i]) && (data[i-1] < 0x80) ) {
- return PR_FAILURE;
- }
- }
-
- /*
- * The high bit of each octet indicates that following octets
- * are included in the current number. Thus the last byte can't
- * have the high bit set.
- */
-
- if( data[ berOid->size-1 ] >= 0x80 ) {
- return PR_FAILURE;
- }
-
- /*
- * Other than that, any byte sequence is legit.
- */
- return PR_SUCCESS;
-}
-
-/*
- * nssOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID. It may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromBER
-(
- NSSBER *berOid
-)
-{
- NSSOID *rv;
- PLHashEntry *e;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSOID *)NULL;
- }
-
- if( PR_SUCCESS != oid_sanity_check_ber(berOid) ) {
- nss_SetError(NSS_ERROR_INVALID_BER);
- return (NSSOID *)NULL;
- }
-
- /*
- * Does it exist?
- */
- PZ_Lock(oid_hash_lock);
- rv = (NSSOID *)PL_HashTableLookup(oid_hash_table, berOid);
- (void)PZ_Unlock(oid_hash_lock);
- if( (NSSOID *)NULL != rv ) {
- /* Found it! */
- return rv;
- }
-
- /*
- * Doesn't exist-- create it.
- */
- rv = nss_ZNEW(oid_arena, NSSOID);
- if( (NSSOID *)NULL == rv ) {
- return (NSSOID *)NULL;
- }
-
- rv->data.data = nss_ZAlloc(oid_arena, berOid->size);
- if( (void *)NULL == rv->data.data ) {
- return (NSSOID *)NULL;
- }
-
- rv->data.size = berOid->size;
- nsslibc_memcpy(rv->data.data, berOid->data, berOid->size);
-
-#ifdef DEBUG
- rv->tag = "<runtime>";
- rv->expl = "(OID registered at runtime)";
-#endif /* DEBUG */
-
- PZ_Lock(oid_hash_lock);
- e = PL_HashTableAdd(oid_hash_table, &rv->data, rv);
- (void)PZ_Unlock(oid_hash_lock);
- if( (PLHashEntry *)NULL == e ) {
- nss_ZFreeIf(rv->data.data);
- nss_ZFreeIf(rv);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSOID *)NULL;
- }
-
-#ifdef DEBUG
- {
- PRStatus st;
- st = oid_add_pointer(rv);
- if( PR_SUCCESS != st ) {
- PZ_Lock(oid_hash_lock);
- (void)PL_HashTableRemove(oid_hash_table, &rv->data);
- (void)PZ_Unlock(oid_hash_lock);
- (void)nss_ZFreeIf(rv->data.data);
- (void)nss_ZFreeIf(rv);
- return (NSSOID *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-}
-
-/*
- * oid_sanity_check_utf8
- *
- * This routine merely applies some sanity-checking to the
- * UTF8-encoded OID.
- */
-
-static PRStatus
-oid_sanity_check_utf8
-(
- NSSUTF8 *s
-)
-{
- /*
- * It may begin with an octothorpe, which we skip.
- */
-
- if( '#' == *s ) {
- s++;
- }
-
- /*
- * It begins with a number
- */
-
- if( (*s < '0') || (*s > '9') ) {
- return PR_FAILURE;
- }
-
- /*
- * First number is only one digit long
- *
- * XXX This is a "soft check" -- we may want to exclude it
- */
-
- if( (s[1] != '.') && (s[1] != '\0') ) {
- return PR_FAILURE;
- }
-
- /*
- * Every character is either a digit or a period
- */
-
- for( ; '\0' != *s; s++ ) {
- if( ('.' != *s) && ((*s < '0') || (*s > '9')) ) {
- return PR_FAILURE;
- }
-
- /* No two consecutive periods */
- if( ('.' == *s) && ('.' == s[1]) ) {
- return PR_FAILURE;
- }
- }
-
- /*
- * The last character isn't a period
- */
-
- if( '.' == *--s ) {
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-static PRUint32
-oid_encode_number
-(
- PRUint32 n,
- PRUint8 *dp,
- PRUint32 nb
-)
-{
- PRUint32 a[5];
- PRUint32 i;
- PRUint32 rv;
-
- a[0] = (n >> 28) & 0x7f;
- a[1] = (n >> 21) & 0x7f;
- a[2] = (n >> 14) & 0x7f;
- a[3] = (n >> 7) & 0x7f;
- a[4] = n & 0x7f;
-
- for( i = 0; i < 5; i++ ) {
- if( 0 != a[i] ) {
- break;
- }
- }
-
- if( 5 == i ) {
- i--;
- }
-
- rv = 5-i;
- if( rv > nb ) {
- return rv;
- }
-
- for( ; i < 4; i++ ) {
- *dp = 0x80 | a[i];
- dp++;
- }
-
- *dp = a[4];
-
- return rv;
-}
-
-/*
- * oid_encode_huge
- *
- * This routine will convert a huge decimal number into the DER
- * encoding for oid numbers. It is not limited to numbers that will
- * fit into some wordsize, like oid_encode_number. But it's not
- * necessarily very fast, either. This is here in case some joker
- * throws us an ASCII oid like 1.2.3.99999999999999999999999999.
- */
-
-static PRUint32
-oid_encode_huge
-(
- NSSUTF8 *s,
- NSSUTF8 *e,
- PRUint8 *dp,
- PRUint32 nb
-)
-{
- PRUint32 slen = (e-s);
- PRUint32 blen = (slen+1)/2;
- PRUint8 *st = (PRUint8 *)NULL;
- PRUint8 *bd = (PRUint8 *)NULL;
- PRUint32 i;
- PRUint32 bitno;
- PRUint8 *last;
- PRUint8 *first;
- PRUint32 byteno;
- PRUint8 mask;
-
- /* We'll be munging the data, so duplicate it */
- st = (PRUint8 *)nss_ZAlloc((NSSArena *)NULL, slen);
- if( (PRUint8 *)NULL == st ) {
- return 0;
- }
-
- /* Don't know ahead of time exactly how long we'll need */
- bd = (PRUint8 *)nss_ZAlloc((NSSArena *)NULL, blen);
- if( (PRUint8 *)NULL == bd ) {
- (void)nss_ZFreeIf(st);
- return 0;
- }
-
- /* Copy the original, and convert ASCII to numbers */
- for( i = 0; i < slen; i++ ) {
- st[i] = (PRUint8)(s[i] - '0');
- }
-
- last = &st[slen-1];
- first = &st[0];
-
- /*
- * The way we create the binary version is by looking at it
- * bit by bit. Start with the least significant bit. If the
- * number is odd, set that bit. Halve the number (with integer
- * division), and go to the next least significant bit. Keep
- * going until the number goes to zero.
- */
- for( bitno = 0; ; bitno++ ) {
- PRUint8 *d;
-
- byteno = bitno/7;
- mask = (PRUint8)(1 << (bitno%7));
-
- /* Skip leading zeroes */
- for( ; first < last; first ++ ) {
- if( 0 != *first ) {
- break;
- }
- }
-
- /* Down to one number and it's a zero? Done. */
- if( (first == last) && (0 == *last) ) {
- break;
- }
-
- /* Last digit is odd? Set the bit */
- if( *last & 1 ) {
- bd[ byteno ] |= mask;
- }
-
-
- /*
- * Divide the number in half. This is just a matter
- * of going from the least significant digit upwards,
- * halving each one. If any digit is odd (other than
- * the last, which has already been handled), add five
- * to the digit to its right.
- */
- *last /= 2;
-
- for( d = &last[-1]; d >= first; d-- ) {
- if( *d & 1 ) {
- d[1] += 5;
- }
-
- *d /= 2;
- }
- }
-
- /* Is there room to write the encoded data? */
- if( (byteno+1) > nb ) {
- return (byteno+1);
- }
-
- /* Trim any leading zero that crept in there */
- for( ; byteno > 0; byteno-- ) {
- if( 0 != bd[ byteno ] ) {
- break;
- }
- }
-
- /* Copy all but the last, marking the "continue" bit */
- for( i = 0; i < byteno; i++ ) {
- dp[i] = bd[ byteno-i ] | 0x80;
- }
- /* And the last with the "continue" bit clear */
- dp[byteno] = bd[0];
-
- (void)nss_ZFreeIf(bd);
- (void)nss_ZFreeIf(st);
- return (byteno+1);
-}
-
-/*
- * oid_encode_string
- *
- * This routine converts a dotted-number OID into a DER-encoded
- * one. It assumes we've already sanity-checked the string.
- */
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static NSSOID *
-oid_encode_string
-(
- NSSUTF8 *s
-)
-{
- PRUint32 nn = 0; /* number of numbers */
- PRUint32 nb = 0; /* number of bytes (estimated) */
- NSSUTF8 *t;
- PRUint32 nd = 0; /* number of digits */
- NSSOID *rv;
- PRUint8 *dp;
- PRUint32 a, b;
- PRUint32 inc;
-
- /* Dump any octothorpe */
- if( '#' == *s ) {
- s++;
- }
-
- /* Count up the bytes needed */
- for( t = s; '\0' != *t; t++ ) {
- if( '.' == *t ) {
- nb += (nd+1)/2; /* errs on the big side */
- nd = 0;
- nn++;
- } else {
- nd++;
- }
- }
- nb += (nd+1)/2;
- nn++;
-
- if( 1 == nn ) {
- /*
- * We have our own "denormalised" encoding for these,
- * which is only used internally.
- */
- nb++;
- }
-
- /*
- * Allocate. Note that we don't use the oid_arena here.. this is
- * because there really isn't a "free()" for stuff allocated out of
- * arenas (at least with the current implementation), so this would
- * keep using up memory each time a UTF8-encoded OID were added.
- * If need be (if this is the first time this oid has been seen),
- * we'll copy it.
- */
- rv = nss_ZNEW((NSSArena *)NULL, NSSOID);
- if( (NSSOID *)NULL == rv ) {
- return (NSSOID *)NULL;
- }
-
- rv->data.data = nss_ZAlloc((NSSArena *)NULL, nb);
- if( (void *)NULL == rv->data.data ) {
- (void)nss_ZFreeIf(rv);
- return (NSSOID *)NULL;
- }
-
- dp = (PRUint8 *)rv->data.data;
-
- a = atoi(s);
-
- if( 1 == nn ) {
- dp[0] = '\x80';
- inc = oid_encode_number(a, &dp[1], nb-1);
- if( inc >= nb ) {
- goto loser;
- }
- } else {
- for( t = s; '.' != *t; t++ ) {
- ;
- }
-
- t++;
- b = atoi(t);
- inc = oid_encode_number(a*40+b, dp, nb);
- if( inc > nb ) {
- goto loser;
- }
- dp += inc;
- nb -= inc;
- nn -= 2;
-
- while( nn-- > 0 ) {
- NSSUTF8 *u;
-
- for( ; '.' != *t; t++ ) {
- ;
- }
-
- t++;
-
- for( u = t; ('\0' != *u) && ('.' != *u); u++ ) {
- ;
- }
-
- if( (u-t > 9) ) {
- /* In the billions. Rats. */
- inc = oid_encode_huge(t, u, dp, nb);
- } else {
- b = atoi(t);
- inc = oid_encode_number(b, dp, nb);
- }
-
- if( inc > nb ) {
- goto loser;
- }
- dp += inc;
- nb -= inc;
- }
- }
-
- return rv;
-
- loser:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return (NSSOID *)NULL;
-}
-
-/*
- * nssOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string
- * representation of an OID in dotted-number format. The string may
- * optionally begin with an octothorpe. It may return NULL
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromUTF8
-(
- NSSUTF8 *stringOid
-)
-{
- NSSOID *rv = (NSSOID *)NULL;
- NSSOID *candidate = (NSSOID *)NULL;
- PLHashEntry *e;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSOID *)NULL;
- }
-
- if( PR_SUCCESS != oid_sanity_check_utf8(stringOid) ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSOID *)NULL;
- }
-
- candidate = oid_encode_string(stringOid);
- if( (NSSOID *)NULL == candidate ) {
- /* Internal error only */
- return rv;
- }
-
- /*
- * Does it exist?
- */
- PZ_Lock(oid_hash_lock);
- rv = (NSSOID *)PL_HashTableLookup(oid_hash_table, &candidate->data);
- (void)PZ_Unlock(oid_hash_lock);
- if( (NSSOID *)NULL != rv ) {
- /* Already exists. Delete my copy and return the original. */
- (void)nss_ZFreeIf(candidate->data.data);
- (void)nss_ZFreeIf(candidate);
- return rv;
- }
-
- /*
- * Nope. Add it. Remember to allocate it out of the oid arena.
- */
-
- rv = nss_ZNEW(oid_arena, NSSOID);
- if( (NSSOID *)NULL == rv ) {
- goto loser;
- }
-
- rv->data.data = nss_ZAlloc(oid_arena, candidate->data.size);
- if( (void *)NULL == rv->data.data ) {
- goto loser;
- }
-
- rv->data.size = candidate->data.size;
- nsslibc_memcpy(rv->data.data, candidate->data.data, rv->data.size);
-
- (void)nss_ZFreeIf(candidate->data.data);
- (void)nss_ZFreeIf(candidate);
-
-#ifdef DEBUG
- rv->tag = "<runtime>";
- rv->expl = "(OID registered at runtime)";
-#endif /* DEBUG */
-
- PZ_Lock(oid_hash_lock);
- e = PL_HashTableAdd(oid_hash_table, &rv->data, rv);
- (void)PZ_Unlock(oid_hash_lock);
- if( (PLHashEntry *)NULL == e ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- goto loser;
- }
-
-#ifdef DEBUG
- {
- PRStatus st;
- st = oid_add_pointer(rv);
- if( PR_SUCCESS != st ) {
- PZ_Lock(oid_hash_lock);
- (void)PL_HashTableRemove(oid_hash_table, &rv->data);
- (void)PZ_Unlock(oid_hash_lock);
- goto loser;
- }
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (NSSOID *)NULL != candidate ) {
- (void)nss_ZFreeIf(candidate->data.data);
- }
- (void)nss_ZFreeIf(candidate);
-
- if( (NSSOID *)NULL != rv ) {
- (void)nss_ZFreeIf(rv->data.data);
- }
- (void)nss_ZFreeIf(rv);
-
- return (NSSOID *)NULL;
-}
-
-/*
- * nssOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return return null upon error, in
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-nssOID_GetDEREncoding
-(
- const NSSOID *oid,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- const NSSItem *it;
- NSSDER *rv;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSDER *)NULL;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- it = &oid->data;
-
- if( (NSSDER *)NULL == rvOpt ) {
- rv = nss_ZNEW(arenaOpt, NSSDER);
- if( (NSSDER *)NULL == rv ) {
- return (NSSDER *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- rv->data = nss_ZAlloc(arenaOpt, it->size);
- if( (void *)NULL == rv->data ) {
- if( rv != rvOpt ) {
- (void)nss_ZFreeIf(rv);
- }
- return (NSSDER *)NULL;
- }
-
- rv->size = it->size;
- nsslibc_memcpy(rv->data, it->data, it->size);
-
- return rv;
-}
-
-/*
- * nssOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number
- * encoding of the specified NSSOID. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return null upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the dotted-digit encoding of
- * this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-nssOID_GetUTF8Encoding
-(
- const NSSOID *oid,
- NSSArena *arenaOpt
-)
-{
- NSSUTF8 *rv;
- PRUint8 *end;
- PRUint8 *d;
- PRUint8 *e;
- char *a;
- char *b;
- PRUint32 len;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSUTF8 *)NULL;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- a = (char *)NULL;
-
- /* d will point to the next sequence of bytes to decode */
- d = (PRUint8 *)oid->data.data;
- /* end points to one past the legitimate data */
- end = &d[ oid->data.size ];
-
-#ifdef NSSDEBUG
- /*
- * Guarantee that the for(e=d;e<end;e++) loop below will
- * terminate. Our BER sanity-checking code above will prevent
- * such a BER from being registered, so the only other way one
- * might show up is if our dotted-decimal encoder above screws
- * up or our generated list is wrong. So I'll wrap it with
- * #ifdef NSSDEBUG and #endif.
- */
- if( end[-1] & 0x80 ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- /*
- * Check for our pseudo-encoded single-digit OIDs
- */
- if( (*d == 0x80) && (2 == oid->data.size) ) {
- /* Funky encoding. The second byte is the number */
- a = PR_smprintf("%lu", (PRUint32)d[1]);
- if( (char *)NULL == a ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
- goto done;
- }
-
- for( ; d < end; d = &e[1] ) {
-
- for( e = d; e < end; e++ ) {
- if( 0 == (*e & 0x80) ) {
- break;
- }
- }
-
- if( ((e-d) > 4) || (((e-d) == 4) && (*d & 0x70)) ) {
- /* More than a 32-bit number */
- } else {
- PRUint32 n = 0;
-
- switch( e-d ) {
- case 4:
- n |= ((PRUint32)(e[-4] & 0x0f)) << 28;
- case 3:
- n |= ((PRUint32)(e[-3] & 0x7f)) << 21;
- case 2:
- n |= ((PRUint32)(e[-2] & 0x7f)) << 14;
- case 1:
- n |= ((PRUint32)(e[-1] & 0x7f)) << 7;
- case 0:
- n |= ((PRUint32)(e[-0] & 0x7f)) ;
- }
-
- if( (char *)NULL == a ) {
- /* This is the first number.. decompose it */
- PRUint32 one = (n/40), two = (n%40);
-
- a = PR_smprintf("%lu.%lu", one, two);
- if( (char *)NULL == a ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
- } else {
- b = PR_smprintf("%s.%lu", a, n);
- if( (char *)NULL == b ) {
- PR_smprintf_free(a);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- PR_smprintf_free(a);
- a = b;
- }
- }
- }
-
- done:
- /*
- * Even if arenaOpt is NULL, we have to copy the data so that
- * it'll be freed with the right version of free: ours, not
- * PR_smprintf_free's.
- */
- len = PL_strlen(a);
- rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len);
- if( (NSSUTF8 *)NULL == rv ) {
- PR_smprintf_free(a);
- return (NSSUTF8 *)NULL;
- }
-
- nsslibc_memcpy(rv, a, len);
- PR_smprintf_free(a);
-
- return rv;
-}
-
-/*
- * nssOID_getExplanation
- *
- * This method is only present in debug builds.
- *
- * This routine will return a static pointer to a UTF8-encoded string
- * describing (in English) the specified OID. The memory pointed to
- * by the return value is not owned by the caller, and should not be
- * freed or modified. Note that explanations are only provided for
- * the OIDs built into the NSS library; there is no way to specify an
- * explanation for dynamically created OIDs. This routine is intended
- * only for use in debugging tools such as "derdump." This routine
- * may return null upon error, in which case it will have placed an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- *
- * Return value:
- * NULL upon error
- * A static pointer to a readonly, non-caller-owned UTF8-encoded
- * string explaining the specified OID.
- */
-
-#ifdef DEBUG
-NSS_EXTERN const NSSUTF8 *
-nssOID_getExplanation
-(
- NSSOID *oid
-)
-{
- if( PR_SUCCESS != oid_init() ) {
- return (const NSSUTF8 *)NULL;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSUTF8 *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return oid->expl;
-}
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-#endif /* DEBUG */
-
-/*
- * nssOID_getTaggedUTF8
- *
- * This method is only present in debug builds.
- *
- * This routine will return a pointer to a caller-owned UTF8-encoded
- * string containing a tagged encoding of the specified OID. Note
- * that OID (component) tags are only provided for the OIDs built
- * into the NSS library; there is no way to specify tags for
- * dynamically created OIDs. This routine is intended for use in
- * debugging tools such as "derdump." If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the tagged encoding of
- * this NSSOID
- */
-
-#ifdef DEBUG
-NSS_EXTERN NSSUTF8 *
-nssOID_getTaggedUTF8
-(
- NSSOID *oid,
- NSSArena *arenaOpt
-)
-{
- NSSUTF8 *rv;
- char *raw;
- char *c;
- char *a = (char *)NULL;
- char *b;
- PRBool done = PR_FALSE;
- PRUint32 len;
-
- if( PR_SUCCESS != oid_init() ) {
- return (NSSUTF8 *)NULL;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssOID_verifyPointer(oid) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- a = PR_smprintf("{");
- if( (char *)NULL == a ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- /*
- * What I'm doing here is getting the text version of the OID,
- * e.g. 1.2.12.92, then looking up each set of leading numbers
- * as oids.. e.g. "1," then "1.2," then "1.2.12," etc. Each of
- * those will have the leaf tag, and I just build up the string.
- * I never said this was the most efficient way of doing it,
- * but hey it's a debug-build thing, and I'm getting really tired
- * of writing this stupid low-level PKI code.
- */
-
- /* I know it's all ASCII, so I can use char */
- raw = (char *)nssOID_GetUTF8Encoding(oid, (NSSArena *)NULL);
- if( (char *)NULL == raw ) {
- return (NSSUTF8 *)NULL;
- }
-
- for( c = raw; !done; c++ ) {
- NSSOID *lead;
- char *lastdot;
-
- for( ; '.' != *c; c++ ) {
- if( '\0' == *c ) {
- done = PR_TRUE;
- break;
- }
- }
-
- *c = '\0';
- lead = nssOID_CreateFromUTF8((NSSUTF8 *)raw);
- if( (NSSOID *)NULL == lead ) {
- PR_smprintf_free(a);
- nss_ZFreeIf(raw);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- lastdot = PL_strrchr(raw, '.');
- if( (char *)NULL == lastdot ) {
- lastdot = raw;
- }
-
- b = PR_smprintf("%s %s(%s) ", a, lead->tag, &lastdot[1]);
- if( (char *)NULL == b ) {
- PR_smprintf_free(a);
- nss_ZFreeIf(raw);
- /* drop the OID reference on the floor */
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- PR_smprintf_free(a);
- a = b;
-
- if( !done ) {
- *c = '.';
- }
- }
-
- nss_ZFreeIf(raw);
-
- b = PR_smprintf("%s }", a);
- if( (char *)NULL == b ) {
- PR_smprintf_free(a);
- nss_SetError(NSS_ERROR_NO_MEMORY);
- return (NSSUTF8 *)NULL;
- }
-
- len = PL_strlen(b);
-
- rv = (NSSUTF8 *)nss_ZAlloc(arenaOpt, len+1);
- if( (NSSUTF8 *)NULL == rv ) {
- PR_smprintf_free(b);
- return (NSSUTF8 *)NULL;
- }
-
- nsslibc_memcpy(rv, b, len);
- PR_smprintf_free(b);
-
- return rv;
-}
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-#endif /* DEBUG */
diff --git a/security/nss/lib/pki1/oidgen.perl b/security/nss/lib/pki1/oidgen.perl
deleted file mode 100755
index 2d644481e..000000000
--- a/security/nss/lib/pki1/oidgen.perl
+++ /dev/null
@@ -1,313 +0,0 @@
-#!perl
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-$cvs_id = '@(#) $RCSfile$ $Revision$ $Date$ $Name$';
-$cfile = shift;
-$hfile = shift;
-$count = -1;
-while(<>) {
- s/^((?:[^"#]+|"[^"]*")*)(\s*#.*$)/$1/;
- next if (/^\s*$/);
-
- /^([\S]+)\s+([^"][\S]*|"[^"]*")/;
- $name = $1;
- $value = $2;
- # This is certainly not the best way to dequote the data.
- $value =~ s/"//g;
-
- if( $name =~ "OID" ) {
- $count++;
- $x[$count]{$name} = $value;
- $enc = encodeoid($value);
- $x[$count]{" encoding"} = escapeoid($enc);
- $x[$count]{" encoding length"} = length($enc);
- } else {
- if( $count < 0 ) {
- $g{$name} = $value;
- } else {
- $x[$count]{$name} = $value;
- }
- }
-}
-
-# dodump();
-
-doprint($cfile,$hfile);
-
-sub dodump {
-for( $i = 0; $i <= $count; $i++ ) {
- print "number $i:\n";
- %y = %{$x[$i]};
- while(($n,$v) = each(%y)) {
- print "\t$n ==> $v\n";
- }
-}
-}
-
-sub doprint {
-open(CFILE, "> $cfile") || die "Can't open $cfile: $!";
-open(HFILE, "> $hfile") || die "Can't open $hfile: $!";
-
-print CFILE <<EOD
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifdef DEBUG
-static const char CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-const NSSOID nss_builtin_oids[] = {
-EOD
- ;
-
-for( $i = 0; $i <= $count; $i++ ) {
- %y = %{$x[$i]};
- print CFILE " {\n";
- print CFILE "#ifdef DEBUG\n";
- print CFILE " \"$y{TAG}\",\n";
- print CFILE " \"$y{EXPL}\",\n";
- print CFILE "#endif /* DEBUG */\n";
- print CFILE " { \"", $y{" encoding"};
- print CFILE "\", ", $y{" encoding length"}, " }\n";
-
- if( $i == $count ) {
- print CFILE " }\n";
- } else {
- print CFILE " },\n";
- }
-}
-
-print CFILE "};\n\n";
-
-print CFILE "const PRUint32 nss_builtin_oid_count = ", ($count+1), ";\n\n";
-
-for( $i = 0; $i <= $count; $i++ ) {
- %y = %{$x[$i]};
- if( defined($y{NAME}) ) {
- print CFILE "const NSSOID *$y{NAME} = (NSSOID *)&nss_builtin_oids[$i];\n";
- }
-}
-
-print CFILE "\n";
-
-$attrcount = -1;
-for( $i = 0; $i <= $count; $i++ ) {
- %y = %{$x[$i]};
- if( defined($y{ATTR}) ) {
- if( defined($y{NAME}) ) {
- $attrcount++;
- $attr[$attrcount]{ATTR} = $y{ATTR};
- $attr[$attrcount]{NAME} = $y{NAME};
- } else {
- warn "Attribute $y{ATTR} has no name, and will be omitted!";
- }
- }
-}
-
-print CFILE "const nssAttributeTypeAliasTable nss_attribute_type_aliases[] = {\n";
-
-for( $i = 0; $i <= $attrcount; $i++ ) {
- %y = %{$attr[$i]};
- print CFILE " {\n";
- print CFILE " \"$y{ATTR}\",\n";
- print CFILE " &$y{NAME}\n";
-
- if( $i == $attrcount ) {
- print CFILE " }\n";
- } else {
- print CFILE " },\n";
- }
-}
-
-print CFILE "};\n\n";
-
-print CFILE "const PRUint32 nss_attribute_type_alias_count = ", ($attrcount+1), ";\n\n";
-
-print HFILE <<EOD
-/* THIS IS A GENERATED FILE */
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef OIDDATA_H
-#define OIDDATA_H
-
-#ifdef DEBUG
-static const char OIDDATA_CVS_ID[] = "$g{CVS_ID} ; $cvs_id";
-#endif /* DEBUG */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-extern const NSSOID nss_builtin_oids[];
-extern const PRUint32 nss_builtin_oid_count;
-
-/*extern const nssAttributeTypeAliasTable nss_attribute_type_aliases[];*/
-/*extern const PRUint32 nss_attribute_type_alias_count;*/
-
-EOD
- ;
-
-for( $i = 0; $i <= $count; $i++ ) {
- %y = %{$x[$i]};
- if( defined($y{NAME}) ) {
- print HFILE "extern const NSSOID *$y{NAME};\n";
- }
-}
-
-print HFILE <<EOD
-
-#endif /* OIDDATA_H */
-EOD
- ;
-
-close CFILE;
-close HFILE;
-}
-
-sub encodenum {
- my $v = $_[0];
- my @d;
- my $i;
- my $rv = "";
-
- while( $v > 128 ) {
- push @d, ($v % 128);
- $v /= 128;
- };
- push @d, ($v%128);
-
- for( $i = @d-1; $i > 0; $i-- ) {
- $rv = $rv . chr(128 + $d[$i]);
- }
-
- $rv = $rv . chr($d[0]);
-
- return $rv;
-}
-
-sub encodeoid {
- my @o = split(/\./, $_[0]);
- my $rv = "";
- my $i;
-
- if( @o < 2 ) {
- # NSS's special "illegal" encoding
- return chr(128) . encodenum($o[0]);
- }
-
- $rv = encodenum($o[0] * 40 + $o[1]);
- shift @o; shift @o;
-
- foreach $i (@o) {
- $rv = $rv . encodenum($i);
- }
-
- return $rv;
-}
-
-sub escapeoid {
- my @v = unpack("C*", $_[0]);
- my $a;
- my $rv = "";
-
- foreach $a (@v) {
- $rv = $rv . sprintf("\\x%02x", $a);
- }
-
- return $rv;
-}
diff --git a/security/nss/lib/pki1/oids.txt b/security/nss/lib/pki1/oids.txt
deleted file mode 100644
index df7b3ab28..000000000
--- a/security/nss/lib/pki1/oids.txt
+++ /dev/null
@@ -1,2115 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-# Fields
-# OID -- the OID data itself, in dotted-number format
-# TAG -- the unofficial but common name. e.g., when written like
-# { joint-iso-ccitt(2) country(16) US(840) company(1) netscape(113730) }
-# those words ("joint-iso-ccitt," "country," etc.) are the tags.
-# EXPL -- a textual explanation, that should stand by itself
-# NAME -- the name we use in our code. If no NAME is given, it won't be included
-#
-# Additionally, some sets of OIDs map to some other spaces..
-# additional fields capture that data:
-#
-# CKM -- the corresponding Cryptoki Mechanism, if any
-# CKK -- the corresponding Cryptoki Key type, if any
-# ATTR -- the UTF-8 attribute type encoding, if applicable
-# it should be in the standard presentation style (e.g., lowercase),
-# already-escaped a la RFC 2253 if necessary (which would only
-# be necessary if some idiot defined an attribute with, say,
-# an equals sign in it)
-# CERT_EXTENSION -- SUPPORTED or UNSUPPORTED certificate extension, if applicable
-
-# Top of the OID tree -- see http://www.alvestrand.no/objectid/top.html
-#
-OID 0
-TAG ccitt # ITU-T used to be called CCITT
-EXPL "ITU-T"
-
-# See X.208 Annex C for an explanation of the OIDs below ccitt/itu-t
-
-OID 0.0
-TAG recommendation
-EXPL "ITU-T Recommendation"
-
-OID 0.1
-TAG question
-EXPL "ITU-T Question"
-
-OID 0.2
-TAG administration
-EXPL "ITU-T Administration"
-
-OID 0.3
-TAG network-operator
-EXPL "ITU-T Network Operator"
-
-OID 0.4
-TAG identified-organization
-EXPL "ITU-T Identified Organization"
-
-OID 0.9 # used in some RFCs (unofficial!)
-TAG data
-EXPL "RFC Data"
-
-OID 0.9.2342
-TAG pss
-EXPL "PSS British Telecom X.25 Network"
-
-OID 0.9.2342.19200300
-TAG ucl
-EXPL "RFC 1274 UCL Data networks"
-
-OID 0.9.2342.19200300.100
-TAG pilot
-EXPL "RFC 1274 pilot"
-
-OID 0.9.2342.19200300.100.1
-TAG attributeType
-EXPL "RFC 1274 Attribute Type"
-
-OID 0.9.2342.19200300.100.1.1
-TAG uid
-EXPL "RFC 1274 User Id"
-NAME NSS_OID_RFC1274_UID
-ATTR "uid"
-
-OID 0.9.2342.19200300.100.1.3
-TAG mail
-EXPL "RFC 1274 E-mail Addres"
-NAME NSS_OID_RFC1274_EMAIL
-ATTR "mail" # XXX fgmr
-
-OID 0.9.2342.19200300.100.1.25
-TAG dc
-EXPL "RFC 2247 Domain Component"
-NAME NSS_OID_RFC2247_DC
-ATTR "dc"
-
-OID 0.9.2342.19200300.100.3
-TAG attributeSyntax
-EXPL "RFC 1274 Attribute Syntax"
-
-OID 0.9.2342.19200300.100.3.4
-TAG iA5StringSyntax
-EXPL "RFC 1274 IA5 String Attribute Syntax"
-
-OID 0.9.2342.19200300.100.3.5
-TAG caseIgnoreIA5StringSyntax
-EXPL "RFC 1274 Case-Ignore IA5 String Attribute Syntax"
-
-OID 0.9.2342.19200300.100.4
-TAG objectClass
-EXPL "RFC 1274 Object Class"
-
-OID 0.9.2342.19200300.100.10
-TAG groups
-EXPL "RFC 1274 Groups"
-
-OID 0.9.2342.234219200300
-TAG ucl
-EXPL "RFC 1327 ucl"
-
-OID 1
-TAG iso
-EXPL "ISO"
-
-# See X.208 Annex B for an explanation of the OIDs below iso
-
-OID 1.0
-TAG standard
-EXPL "ISO Standard"
-
-OID 1.1
-TAG registration-authority
-EXPL "ISO Registration Authority"
-
-OID 1.2
-TAG member-body
-EXPL "ISO Member Body"
-
-OID 1.2.36
-TAG australia
-EXPL "Australia (ISO)"
-
-OID 1.2.158
-TAG taiwan
-EXPL "Taiwan (ISO)"
-
-OID 1.2.372
-TAG ireland
-EXPL "Ireland (ISO)"
-
-OID 1.2.578
-TAG norway
-EXPL "Norway (ISO)"
-
-OID 1.2.752
-TAG sweden
-EXPL "Sweden (ISO)"
-
-OID 1.2.826
-TAG great-britain
-EXPL "Great Britain (ISO)"
-
-OID 1.2.840
-TAG us
-EXPL "United States (ISO)"
-
-OID 1.2.840.1
-TAG organization
-EXPL "US (ISO) organization"
-
-OID 1.2.840.10003
-TAG ansi-z30-50
-EXPL "ANSI Z39.50"
-
-OID 1.2.840.10008
-TAG dicom
-EXPL "DICOM"
-
-OID 1.2.840.10017
-TAG ieee-1224
-EXPL "IEEE 1224"
-
-OID 1.2.840.10022
-TAG ieee-802-10
-EXPL "IEEE 802.10"
-
-OID 1.2.840.10036
-TAG ieee-802-11
-EXPL "IEEE 802.11"
-
-OID 1.2.840.10040
-TAG x9-57
-EXPL "ANSI X9.57"
-
-# RFC 2459:
-#
-# holdInstruction OBJECT IDENTIFIER ::=
-# {iso(1) member-body(2) us(840) x9cm(10040) 2}
-#
-# Note that the appendices of RFC 2459 define the (wrong) value
-# of 2.2.840.10040.2 for this oid.
-OID 1.2.840.10040.2
-TAG holdInstruction
-EXPL "ANSI X9.57 Hold Instruction"
-
-# RFC 2459:
-#
-# id-holdinstruction-none OBJECT IDENTIFIER ::=
-# {holdInstruction 1} -- deprecated
-OID 1.2.840.10040.2.1
-TAG id-holdinstruction-none
-EXPL "ANSI X9.57 Hold Instruction: None"
-
-# RFC 2459:
-#
-# id-holdinstruction-callissuer OBJECT IDENTIFIER ::=
-# {holdInstruction 2}
-OID 1.2.840.10040.2.2
-TAG id-holdinstruction-callissuer
-EXPL "ANSI X9.57 Hold Instruction: Call Issuer"
-
-# RFC 2459:
-#
-# id-holdinstruction-reject OBJECT IDENTIFIER ::=
-# {holdInstruction 3}
-OID 1.2.840.10040.2.3
-TAG id-holdinstruction-reject
-EXPL "ANSI X9.57 Hold Instruction: Reject"
-
-OID 1.2.840.10040.4
-TAG x9algorithm
-EXPL "ANSI X9.57 Algorithm"
-
-# RFC 2459:
-#
-# id-dsa OBJECT IDENTIFIER ::= {
-# iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 }
-OID 1.2.840.10040.4.1
-TAG id-dsa
-EXPL "ANSI X9.57 DSA Signature"
-NAME NSS_OID_ANSIX9_DSA_SIGNATURE
-CKM CKM_DSA
-CKK CKK_DSA
-
-# RFC 2459:
-#
-# id-dsa-with-sha1 OBJECT IDENTIFIER ::= {
-# iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 }
-OID 1.2.840.10040.4.3
-TAG id-dsa-with-sha1
-EXPL "ANSI X9.57 Algorithm DSA Signature with SHA-1 Digest"
-NAME NSS_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST
-CKM CKM_DSA_SHA1
-
-OID 1.2.840.10046
-TAG x942
-EXPL "ANSI X9.42"
-
-OID 1.2.840.10046.2
-TAG algorithm
-EXPL "ANSI X9.42 Algorithm"
-
-# RFC 2459:
-#
-# dhpublicnumber OBJECT IDENTIFIER ::= {
-# iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 }
-OID 1.2.840.10046.2.1
-TAG dhpublicnumber
-EXPL "Diffie-Hellman Public Key Algorithm"
-NAME NSS_OID_X942_DIFFIE_HELMAN_KEY
-CKM CKM_DH_PKCS_DERIVE
-CKK CKK_DH
-
-OID 1.2.840.113533
-TAG entrust
-EXPL "Entrust Technologies"
-
-OID 1.2.840.113549
-TAG rsadsi
-EXPL "RSA Data Security Inc."
-
-OID 1.2.840.113549.1
-# http://www.rsa.com/rsalabs/pubs/PKCS/
-TAG pkcs
-EXPL "PKCS"
-
-# RFC 2459:
-#
-# pkcs-1 OBJECT IDENTIFIER ::= {
-# iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
-OID 1.2.840.113549.1.1
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-1.asc
-TAG pkcs-1
-EXPL "PKCS #1"
-
-# RFC 2459:
-#
-# rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
-OID 1.2.840.113549.1.1.1
-TAG rsaEncryption
-EXPL "PKCS #1 RSA Encryption"
-NAME NSS_OID_PKCS1_RSA_ENCRYPTION
-CKM CKM_RSA_PKCS
-CKK CKK_RSA
-
-# RFC 2459:
-#
-# md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 }
-OID 1.2.840.113549.1.1.2
-TAG md2WithRSAEncryption
-EXPL "PKCS #1 MD2 With RSA Encryption"
-NAME NSS_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION
-CKM CKM_MD2_RSA_PKCS
-
-OID 1.2.840.113549.1.1.3
-TAG md4WithRSAEncryption
-EXPL "PKCS #1 MD4 With RSA Encryption"
-NAME NSS_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION
-# No CKM!
-
-# RFC 2459:
-#
-# md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 }
-OID 1.2.840.113549.1.1.4
-TAG md5WithRSAEncryption
-EXPL "PKCS #1 MD5 With RSA Encryption"
-NAME NSS_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION
-CKM CKM_MD5_RSA_PKCS
-
-# RFC 2459:
-#
-# sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 }
-OID 1.2.840.113549.1.1.5
-TAG sha1WithRSAEncryption
-EXPL "PKCS #1 SHA-1 With RSA Encryption"
-NAME NSS_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION
-CKM CKM_SHA1_RSA_PKCS
-
-OID 1.2.840.113549.1.5
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-5.asc
-TAG pkcs-5
-EXPL "PKCS #5"
-
-OID 1.2.840.113549.1.5.1
-TAG pbeWithMD2AndDES-CBC
-EXPL "PKCS #5 Password Based Encryption With MD2 and DES-CBC"
-NAME NSS_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC
-CKM CKM_PBE_MD2_DES_CBC
-
-OID 1.2.840.113549.1.5.3
-TAG pbeWithMD5AndDES-CBC
-EXPL "PKCS #5 Password Based Encryption With MD5 and DES-CBC"
-NAME NSS_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC
-CKM CKM_PBE_MD5_DES_CBC
-
-OID 1.2.840.113549.1.5.10
-TAG pbeWithSha1AndDES-CBC
-EXPL "PKCS #5 Password Based Encryption With SHA-1 and DES-CBC"
-NAME NSS_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_DES_CBC
-
-OID 1.2.840.113549.1.7
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-7.asc
-TAG pkcs-7
-EXPL "PKCS #7"
-NAME NSS_OID_PKCS7
-
-OID 1.2.840.113549.1.7.1
-TAG data
-EXPL "PKCS #7 Data"
-NAME NSS_OID_PKCS7_DATA
-
-OID 1.2.840.113549.1.7.2
-TAG signedData
-EXPL "PKCS #7 Signed Data"
-NAME NSS_OID_PKCS7_SIGNED_DATA
-
-OID 1.2.840.113549.1.7.3
-TAG envelopedData
-EXPL "PKCS #7 Enveloped Data"
-NAME NSS_OID_PKCS7_ENVELOPED_DATA
-
-OID 1.2.840.113549.1.7.4
-TAG signedAndEnvelopedData
-EXPL "PKCS #7 Signed and Enveloped Data"
-NAME NSS_OID_PKCS7_SIGNED_ENVELOPED_DATA
-
-OID 1.2.840.113549.1.7.5
-TAG digestedData
-EXPL "PKCS #7 Digested Data"
-NAME NSS_OID_PKCS7_DIGESTED_DATA
-
-OID 1.2.840.113549.1.7.6
-TAG encryptedData
-EXPL "PKCS #7 Encrypted Data"
-NAME NSS_OID_PKCS7_ENCRYPTED_DATA
-
-# RFC 2459:
-#
-# pkcs-9 OBJECT IDENTIFIER ::=
-# { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 }
-OID 1.2.840.113549.1.9
-# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-9.asc
-TAG pkcs-9
-EXPL "PKCS #9"
-
-# RFC 2459:
-#
-# emailAddress AttributeType ::= { pkcs-9 1 }
-OID 1.2.840.113549.1.9.1
-TAG emailAddress
-EXPL "PKCS #9 Email Address"
-NAME NSS_OID_PKCS9_EMAIL_ADDRESS
-
-OID 1.2.840.113549.1.9.2
-TAG unstructuredName
-EXPL "PKCS #9 Unstructured Name"
-NAME NSS_OID_PKCS9_UNSTRUCTURED_NAME
-
-OID 1.2.840.113549.1.9.3
-TAG contentType
-EXPL "PKCS #9 Content Type"
-NAME NSS_OID_PKCS9_CONTENT_TYPE
-
-OID 1.2.840.113549.1.9.4
-TAG messageDigest
-EXPL "PKCS #9 Message Digest"
-NAME NSS_OID_PKCS9_MESSAGE_DIGEST
-
-OID 1.2.840.113549.1.9.5
-TAG signingTime
-EXPL "PKCS #9 Signing Time"
-NAME NSS_OID_PKCS9_SIGNING_TIME
-
-OID 1.2.840.113549.1.9.6
-TAG counterSignature
-EXPL "PKCS #9 Counter Signature"
-NAME NSS_OID_PKCS9_COUNTER_SIGNATURE
-
-OID 1.2.840.113549.1.9.7
-TAG challengePassword
-EXPL "PKCS #9 Challenge Password"
-NAME NSS_OID_PKCS9_CHALLENGE_PASSWORD
-
-OID 1.2.840.113549.1.9.8
-TAG unstructuredAddress
-EXPL "PKCS #9 Unstructured Address"
-NAME NSS_OID_PKCS9_UNSTRUCTURED_ADDRESS
-
-OID 1.2.840.113549.1.9.9
-TAG extendedCertificateAttributes
-EXPL "PKCS #9 Extended Certificate Attributes"
-NAME NSS_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES
-
-OID 1.2.840.113549.1.9.15
-TAG sMIMECapabilities
-EXPL "PKCS #9 S/MIME Capabilities"
-NAME NSS_OID_PKCS9_SMIME_CAPABILITIES
-
-OID 1.2.840.113549.1.9.20
-TAG friendlyName
-EXPL "PKCS #9 Friendly Name"
-NAME NSS_OID_PKCS9_FRIENDLY_NAME
-
-OID 1.2.840.113549.1.9.21
-TAG localKeyID
-EXPL "PKCS #9 Local Key ID"
-NAME NSS_OID_PKCS9_LOCAL_KEY_ID
-
-OID 1.2.840.113549.1.9.22
-TAG certTypes
-EXPL "PKCS #9 Certificate Types"
-
-OID 1.2.840.113549.1.9.22.1
-TAG x509Certificate
-EXPL "PKCS #9 Certificate Type = X.509"
-NAME NSS_OID_PKCS9_X509_CERT
-
-OID 1.2.840.113549.1.9.22.2
-TAG sdsiCertificate
-EXPL "PKCS #9 Certificate Type = SDSI"
-NAME NSS_OID_PKCS9_SDSI_CERT
-
-OID 1.2.840.113549.1.9.23
-TAG crlTypes
-EXPL "PKCS #9 Certificate Revocation List Types"
-
-OID 1.2.840.113549.1.9.23.1
-TAG x509Crl
-EXPL "PKCS #9 CRL Type = X.509"
-NAME NSS_OID_PKCS9_X509_CRL
-
-OID 1.2.840.113549.1.12
-# http://www.rsa.com/rsalabs/pubs/PKCS/html/pkcs-12.html
-# NOTE -- PKCS #12 multiple contradictory
-# documents exist. Somebody go figure out the canonical
-# OID list, keeping in mind backwards-compatability..
-TAG pkcs-12
-EXPL "PKCS #12"
-NAME NSS_OID_PKCS12
-
-OID 1.2.840.113549.1.12.1
-TAG pkcs-12PbeIds
-EXPL "PKCS #12 Password Based Encryption IDs"
-NAME NSS_OID_PKCS12_PBE_IDS
-# We called it SEC_OID_PKCS12_MODE_IDS
-
-OID 1.2.840.113549.1.12.1.1
-TAG pbeWithSHA1And128BitRC4
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC4"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4
-
-OID 1.2.840.113549.1.12.1.2
-TAG pbeWithSHA1And40BitRC4
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC4"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4
-
-OID 1.2.840.113549.1.12.1.3
-TAG pbeWithSHA1And3-KeyTripleDES-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 3-key Triple DES-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_3_KEY_TRIPLE_DES_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC
-
-OID 1.2.840.113549.1.12.1.4
-TAG pbeWithSHA1And2-KeyTripleDES-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 2-key Triple DES-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_2_KEY_TRIPLE_DES_CBC
-CKM CKM_PBE_SHA1_DES2_EDE_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC
-
-OID 1.2.840.113549.1.12.1.5
-TAG pbeWithSHA1And128BitRC2-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC2-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.1.6
-TAG pbeWithSHA1And40BitRC2-CBC
-EXPL "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC2-CBC"
-NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.2
-TAG pkcs-12EspvkIds
-EXPL "PKCS #12 ESPVK IDs"
-# We called it SEC_OID_PKCS12_ESPVK_IDS
-
-OID 1.2.840.113549.1.12.2.1
-TAG pkcs8-key-shrouding
-EXPL "PKCS #12 Key Shrouding"
-# We called it SEC_OID_PKCS12_PKCS8_KEY_SHROUDING
-
-OID 1.2.840.113549.1.12.3
-TAG draft1Pkcs-12Bag-ids
-EXPL "Draft 1.0 PKCS #12 Bag IDs"
-# We called it SEC_OID_PKCS12_BAG_IDS
-
-OID 1.2.840.113549.1.12.3.1
-TAG keyBag
-EXPL "Draft 1.0 PKCS #12 Key Bag"
-# We called it SEC_OID_PKCS12_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.3.2
-TAG certAndCRLBagId
-EXPL "Draft 1.0 PKCS #12 Cert and CRL Bag ID"
-# We called it SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID
-
-OID 1.2.840.113549.1.12.3.3
-TAG secretBagId
-EXPL "Draft 1.0 PKCS #12 Secret Bag ID"
-# We called it SEC_OID_PKCS12_SECRET_BAG_ID
-
-OID 1.2.840.113549.1.12.3.4
-TAG safeContentsId
-EXPL "Draft 1.0 PKCS #12 Safe Contents Bag ID"
-# We called it SEC_OID_PKCS12_SAFE_CONTENTS_ID
-
-OID 1.2.840.113549.1.12.3.5
-TAG pkcs-8ShroudedKeyBagId
-EXPL "Draft 1.0 PKCS #12 PKCS #8-shrouded Key Bag ID"
-# We called it SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.4
-TAG pkcs-12CertBagIds
-EXPL "PKCS #12 Certificate Bag IDs"
-# We called it SEC_OID_PKCS12_CERT_BAG_IDS
-
-OID 1.2.840.113549.1.12.4.1
-TAG x509CertCRLBagId
-EXPL "PKCS #12 X.509 Certificate and CRL Bag"
-# We called it SEC_OID_PKCS12_X509_CERT_CRL_BAG
-
-OID 1.2.840.113549.1.12.4.2
-TAG SDSICertBagID
-EXPL "PKCS #12 SDSI Certificate Bag"
-# We called it SEC_OID_PKCS12_SDSI_CERT_BAG
-
-OID 1.2.840.113549.1.12.5
-TAG pkcs-12Oids
-EXPL "PKCS #12 OIDs (XXX)"
-# We called it SEC_OID_PKCS12_OIDS
-
-OID 1.2.840.113549.1.12.5.1
-TAG pkcs-12PbeIds
-EXPL "PKCS #12 OIDs PBE IDs (XXX)"
-# We called it SEC_OID_PKCS12_PBE_IDS
-
-OID 1.2.840.113549.1.12.5.1.1
-TAG pbeWithSha1And128BitRC4
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC4 (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.1.2
-TAG pbeWithSha1And40BitRC4
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC4 (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.1.3
-TAG pbeWithSha1AndTripleDES-CBC
-EXPL "PKCS #12 OIDs PBE with SHA-1 and Triple DES-CBC (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC
-
-OID 1.2.840.113549.1.12.5.1.4
-TAG pbeWithSha1And128BitRC2-CBC
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC2-CBC (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.5.1.5
-TAG pbeWithSha1And40BitRC2-CBC
-EXPL "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC2-CBC (XXX)"
-CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC
-# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC
-
-OID 1.2.840.113549.1.12.5.2
-TAG pkcs-12EnvelopingIds
-EXPL "PKCS #12 OIDs Enveloping IDs (XXX)"
-# We called it SEC_OID_PKCS12_ENVELOPING_IDS
-
-OID 1.2.840.113549.1.12.5.2.1
-TAG rsaEncryptionWith128BitRC4
-EXPL "PKCS #12 OIDs Enveloping RSA Encryption with 128-bit RC4"
-# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.2.2
-TAG rsaEncryptionWith40BitRC4
-EXPL "PKCS #12 OIDs Enveloping RSA Encryption with 40-bit RC4"
-# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4
-
-OID 1.2.840.113549.1.12.5.2.3
-TAG rsaEncryptionWithTripleDES
-EXPL "PKCS #12 OIDs Enveloping RSA Encryption with Triple DES"
-# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES
-
-OID 1.2.840.113549.1.12.5.3
-TAG pkcs-12SignatureIds
-EXPL "PKCS #12 OIDs Signature IDs (XXX)"
-# We called it SEC_OID_PKCS12_SIGNATURE_IDS
-
-OID 1.2.840.113549.1.12.5.3.1
-TAG rsaSignatureWithSHA1Digest
-EXPL "PKCS #12 OIDs RSA Signature with SHA-1 Digest"
-# We called it SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST
-
-OID 1.2.840.113549.1.12.10
-TAG pkcs-12Version1
-EXPL "PKCS #12 Version 1"
-
-OID 1.2.840.113549.1.12.10.1
-TAG pkcs-12BagIds
-EXPL "PKCS #12 Bag IDs"
-
-OID 1.2.840.113549.1.12.10.1.1
-TAG keyBag
-EXPL "PKCS #12 Key Bag"
-NAME NSS_OID_PKCS12_KEY_BAG
-# We called it SEC_OID_PKCS12_V1_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.2
-TAG pkcs-8ShroudedKeyBag
-EXPL "PKCS #12 PKCS #8-shrouded Key Bag"
-NAME NSS_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG
-# We called it SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.3
-TAG certBag
-EXPL "PKCS #12 Certificate Bag"
-NAME NSS_OID_PKCS12_CERT_BAG
-# We called it SEC_OID_PKCS12_V1_CERT_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.4
-TAG crlBag
-EXPL "PKCS #12 CRL Bag"
-NAME NSS_OID_PKCS12_CRL_BAG
-# We called it SEC_OID_PKCS12_V1_CRL_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.5
-TAG secretBag
-EXPL "PKCS #12 Secret Bag"
-NAME NSS_OID_PKCS12_SECRET_BAG
-# We called it SEC_OID_PKCS12_V1_SECRET_BAG_ID
-
-OID 1.2.840.113549.1.12.10.1.6
-TAG safeContentsBag
-EXPL "PKCS #12 Safe Contents Bag"
-NAME NSS_OID_PKCS12_SAFE_CONTENTS_BAG
-# We called it SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID
-
-OID 1.2.840.113549.2
-TAG digest
-EXPL "RSA digest algorithm"
-
-OID 1.2.840.113549.2.2
-TAG md2
-EXPL "MD2"
-NAME NSS_OID_MD2
-CKM CKM_MD2
-
-OID 1.2.840.113549.2.4
-TAG md4
-EXPL "MD4"
-NAME NSS_OID_MD4
-# No CKM
-
-OID 1.2.840.113549.2.5
-TAG md5
-EXPL "MD5"
-NAME NSS_OID_MD5
-CKM CKM_MD5
-
-OID 1.2.840.113549.3
-TAG cipher
-EXPL "RSA cipher algorithm"
-
-OID 1.2.840.113549.3.2
-TAG rc2cbc
-EXPL "RC2-CBC"
-NAME NSS_OID_RC2_CBC
-CKM_RC2_CBC
-
-OID 1.2.840.113549.3.4
-TAG rc4
-EXPL "RC4"
-NAME NSS_OID_RC4
-CKM CKM_RC4
-
-OID 1.2.840.113549.3.7
-TAG desede3cbc
-EXPL "DES-EDE3-CBC"
-NAME NSS_OID_DES_EDE3_CBC
-CKM CKM_DES3_CBC
-
-OID 1.2.840.113549.3.9
-TAG rc5cbcpad
-EXPL "RC5-CBCPad"
-NAME NSS_OID_RC5_CBC_PAD
-CKM CKM_RC5_CBC
-
-OID 1.2.840.113556
-TAG microsoft
-EXPL "Microsoft"
-
-OID 1.2.840.113560
-TAG columbia-university
-EXPL "Columbia University"
-
-OID 1.2.840.113572
-TAG unisys
-EXPL "Unisys"
-
-OID 1.2.840.113658
-TAG xapia
-EXPL "XAPIA"
-
-OID 1.2.840.113699
-TAG wordperfect
-EXPL "WordPerfect"
-
-OID 1.3
-TAG identified-organization
-EXPL "ISO identified organizations"
-
-OID 1.3.6
-TAG us-dod
-EXPL "United States Department of Defense"
-
-OID 1.3.6.1
-TAG internet # See RFC 1065
-EXPL "The Internet"
-
-OID 1.3.6.1.1
-TAG directory
-EXPL "Internet: Directory"
-
-OID 1.3.6.1.2
-TAG management
-EXPL "Internet: Management"
-
-OID 1.3.6.1.3
-TAG experimental
-EXPL "Internet: Experimental"
-
-OID 1.3.6.1.4
-TAG private
-EXPL "Internet: Private"
-
-OID 1.3.6.1.5
-TAG security
-EXPL "Internet: Security"
-
-OID 1.3.6.1.5.5
-
-# RFC 2459:
-#
-# id-pkix OBJECT IDENTIFIER ::=
-# { iso(1) identified-organization(3) dod(6) internet(1)
-# security(5) mechanisms(5) pkix(7) }
-OID 1.3.6.1.5.5.7
-TAG id-pkix
-EXPL "Public Key Infrastructure"
-
-# RFC 2459:
-#
-# PKIX1Explicit88 {iso(1) identified-organization(3) dod(6) internet(1)
-# security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-88(1)}
-OID 1.3.6.1.5.5.7.0.1
-TAG PKIX1Explicit88
-EXPL "RFC 2459 Explicitly Tagged Module, 1988 Syntax"
-
-# RFC 2459:
-#
-# PKIX1Implicit88 {iso(1) identified-organization(3) dod(6) internet(1)
-# security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-88(2)}
-OID 1.3.6.1.5.5.7.0.2
-TAG PKIXImplicit88
-EXPL "RFC 2459 Implicitly Tagged Module, 1988 Syntax"
-
-# RFC 2459:
-#
-# PKIX1Explicit93 {iso(1) identified-organization(3) dod(6) internet(1)
-# security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-93(3)}
-OID 1.3.6.1.5.5.7.0.3
-TAG PKIXExplicit93
-EXPL "RFC 2459 Explicitly Tagged Module, 1993 Syntax"
-
-# RFC 2459:
-#
-# id-pe OBJECT IDENTIFIER ::= { id-pkix 1 }
-# -- arc for private certificate extensions
-OID 1.3.6.1.5.5.7.1
-TAG id-pe
-EXPL "PKIX Private Certificate Extensions"
-
-# RFC 2459:
-#
-# id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
-OID 1.3.6.1.5.5.7.1.1
-TAG id-pe-authorityInfoAccess
-EXPL "Certificate Authority Information Access"
-NAME NSS_OID_X509_AUTH_INFO_ACCESS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-qt OBJECT IDENTIFIER ::= { id-pkix 2 }
-# -- arc for policy qualifier types
-OID 1.3.6.1.5.5.7.2
-TAG id-qt
-EXPL "PKIX Policy Qualifier Types"
-
-# RFC 2459:
-#
-# id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 }
-# -- OID for CPS qualifier
-OID 1.3.6.1.5.5.7.2.1
-TAG id-qt-cps
-EXPL "PKIX CPS Pointer Qualifier"
-NAME NSS_OID_PKIX_CPS_POINTER_QUALIFIER
-
-# RFC 2459:
-#
-# id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 }
-# -- OID for user notice qualifier
-OID 1.3.6.1.5.5.7.2.2
-TAG id-qt-unotice
-EXPL "PKIX User Notice Qualifier"
-NAME NSS_OID_PKIX_USER_NOTICE_QUALIFIER
-
-# RFC 2459:
-#
-# id-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
-# -- arc for extended key purpose OIDS
-OID 1.3.6.1.5.5.7.3
-TAG id-kp
-EXPL "PKIX Key Purpose"
-
-# RFC 2459:
-#
-# id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 }
-OID 1.3.6.1.5.5.7.3.1
-TAG id-kp-serverAuth
-EXPL "TLS Web Server Authentication Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_SERVER_AUTH
-
-# RFC 2459:
-#
-# id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 }
-OID 1.3.6.1.5.5.7.3.2
-TAG id-kp-clientAuth
-EXPL "TLS Web Client Authentication Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_CLIENT_AUTH
-
-# RFC 2459:
-#
-# id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 }
-OID 1.3.6.1.5.5.7.3.3
-TAG id-kp-codeSigning
-EXPL "Code Signing Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_CODE_SIGN
-
-# RFC 2459:
-#
-# id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 }
-OID 1.3.6.1.5.5.7.3.4
-TAG id-kp-emailProtection
-EXPL "E-Mail Protection Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_EMAIL_PROTECTION
-
-# RFC 2459:
-#
-# id-kp-ipsecEndSystem OBJECT IDENTIFIER ::= { id-kp 5 }
-OID 1.3.6.1.5.5.7.3.5
-TAG id-kp-ipsecEndSystem
-EXPL "IPSEC End System Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_IPSEC_END_SYSTEM
-
-# RFC 2459:
-#
-# id-kp-ipsecTunnel OBJECT IDENTIFIER ::= { id-kp 6 }
-OID 1.3.6.1.5.5.7.3.6
-TAG id-kp-ipsecTunnel
-EXPL "IPSEC Tunnel Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_IPSEC_TUNNEL
-
-# RFC 2459:
-#
-# id-kp-ipsecUser OBJECT IDENTIFIER ::= { id-kp 7 }
-OID 1.3.6.1.5.5.7.3.7
-TAG id-kp-ipsecUser
-EXPL "IPSEC User Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_IPSEC_USER
-
-# RFC 2459:
-#
-# id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 }
-OID 1.3.6.1.5.5.7.3.8
-TAG id-kp-timeStamping
-EXPL "Time Stamping Certificate"
-NAME NSS_OID_EXT_KEY_USAGE_TIME_STAMP
-
-OID 1.3.6.1.5.5.7.3.9
-TAG ocsp-responder
-EXPL "OCSP Responder Certificate"
-NAME NSS_OID_OCSP_RESPONDER
-
-OID 1.3.6.1.5.5.7.7
-TAG pkix-id-pkix
-
-OID 1.3.6.1.5.5.7.7.5
-TAG pkix-id-pkip
-
-OID 1.3.6.1.5.5.7.7.5.1
-TAG pkix-id-regctrl
-EXPL "CRMF Registration Control"
-
-OID 1.3.6.1.5.5.7.7.5.1.1
-TAG regtoken
-EXPL "CRMF Registration Control, Registration Token"
-NAME NSS_OID_PKIX_REGCTRL_REGTOKEN
-
-OID 1.3.6.1.5.5.7.7.5.1.2
-TAG authenticator
-EXPL "CRMF Registration Control, Registration Authenticator"
-NAME NSS_OID_PKIX_REGCTRL_AUTHENTICATOR
-
-OID 1.3.6.1.5.5.7.7.5.1.3
-TAG pkipubinfo
-EXPL "CRMF Registration Control, PKI Publication Info"
-NAME NSS_OID_PKIX_REGCTRL_PKIPUBINFO
-
-OID 1.3.6.1.5.5.7.7.5.1.4
-TAG pki-arch-options
-EXPL "CRMF Registration Control, PKI Archive Options"
-NAME NSS_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS
-
-OID 1.3.6.1.5.5.7.7.5.1.5
-TAG old-cert-id
-EXPL "CRMF Registration Control, Old Certificate ID"
-NAME NSS_OID_PKIX_REGCTRL_OLD_CERT_ID
-
-OID 1.3.6.1.5.5.7.7.5.1.6
-TAG protocol-encryption-key
-EXPL "CRMF Registration Control, Protocol Encryption Key"
-NAME NSS_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY
-
-OID 1.3.6.1.5.5.7.7.5.2
-TAG pkix-id-reginfo
-EXPL "CRMF Registration Info"
-
-OID 1.3.6.1.5.5.7.7.5.2.1
-TAG utf8-pairs
-EXPL "CRMF Registration Info, UTF8 Pairs"
-NAME NSS_OID_PKIX_REGINFO_UTF8_PAIRS
-
-OID 1.3.6.1.5.5.7.7.5.2.2
-TAG cert-request
-EXPL "CRMF Registration Info, Certificate Request"
-NAME NSS_OID_PKIX_REGINFO_CERT_REQUEST
-
-# RFC 2549:
-#
-# id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
-# -- arc for access descriptors
-OID 1.3.6.1.5.5.7.48
-TAG id-ad
-EXPL "PKIX Access Descriptors"
-
-# RFC 2549:
-#
-# id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
-OID 1.3.6.1.5.5.7.48.1
-TAG id-ad-ocsp
-EXPL "PKIX Online Certificate Status Protocol"
-NAME NSS_OID_OID_PKIX_OCSP
-
-OID 1.3.6.1.5.5.7.48.1.1
-TAG basic-response
-EXPL "OCSP Basic Response"
-NAME NSS_OID_PKIX_OCSP_BASIC_RESPONSE
-
-OID 1.3.6.1.5.5.7.48.1.2
-TAG nonce-extension
-EXPL "OCSP Nonce Extension"
-NAME NSS_OID_PKIX_OCSP_NONCE
-
-OID 1.3.6.1.5.5.7.48.1.3
-TAG response
-EXPL "OCSP Response Types Extension"
-NAME NSS_OID_PKIX_OCSP_RESPONSE
-
-OID 1.3.6.1.5.5.7.48.1.4
-TAG crl
-EXPL "OCSP CRL Reference Extension"
-NAME NSS_OID_PKIX_OCSP_CRL
-
-OID 1.3.6.1.5.5.7.48.1.5
-TAG no-check
-EXPL "OCSP No Check Extension"
-NAME NSS_OID_X509_OCSP_NO_CHECK # X509_... ?
-
-OID 1.3.6.1.5.5.7.48.1.6
-TAG archive-cutoff
-EXPL "OCSP Archive Cutoff Extension"
-NAME NSS_OID_PKIX_OCSP_ARCHIVE_CUTOFF
-
-OID 1.3.6.1.5.5.7.48.1.7
-TAG service-locator
-EXPL "OCSP Service Locator Extension"
-NAME NSS_OID_PKIX_OCSP_SERVICE_LOCATOR
-
-# RFC 2549:
-#
-# id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
-OID 1.3.6.1.5.5.7.48.2
-TAG id-ad-caIssuers
-EXPL "Certificate Authority Issuers"
-
-OID 1.3.6.1.6
-TAG snmpv2
-EXPL "Internet: SNMPv2"
-
-OID 1.3.6.1.7
-TAG mail
-EXPL "Internet: mail"
-
-OID 1.3.6.1.7.1
-TAG mime-mhs
-EXPL "Internet: mail MIME mhs"
-
-OID 1.3.12
-TAG ecma
-EXPL "European Computers Manufacturing Association"
-
-OID 1.3.14
-TAG oiw
-EXPL "Open Systems Implementors Workshop"
-
-OID 1.3.14.3 secsig
-TAG secsig
-EXPL "Open Systems Implementors Workshop Security Special Interest Group"
-
-OID 1.3.14.3.1
-TAG oIWSECSIGAlgorithmObjectIdentifiers
-EXPL "OIW SECSIG Algorithm OIDs"
-
-OID 1.3.14.3.2
-TAG algorithm
-EXPL "OIW SECSIG Algorithm"
-
-OID 1.3.14.3.2.6
-TAG desecb
-EXPL "DES-ECB"
-NAME NSS_OID_DES_ECB
-CKM CKM_DES_ECB
-
-OID 1.3.14.3.2.7
-TAG descbc
-EXPL "DES-CBC"
-NAME NSS_OID_DES_CBC
-CKM CKM_DES_CBC
-
-OID 1.3.14.3.2.8
-TAG desofb
-EXPL "DES-OFB"
-NAME NSS_OID_DES_OFB
-# No CKM..
-
-OID 1.3.14.3.2.9
-TAG descfb
-EXPL "DES-CFB"
-NAME NSS_OID_DES_CFB
-# No CKM..
-
-OID 1.3.14.3.2.10
-TAG desmac
-EXPL "DES-MAC"
-NAME NSS_OID_DES_MAC
-CKM CKM_DES_MAC
-
-OID 1.3.14.3.2.15
-TAG isoSHAWithRSASignature
-EXPL "ISO SHA with RSA Signature"
-NAME NSS_OID_ISO_SHA_WITH_RSA_SIGNATURE
-# No CKM..
-
-OID 1.3.14.3.2.17
-TAG desede
-EXPL "DES-EDE"
-NAME NSS_OID_DES_EDE
-# No CKM..
-
-OID 1.3.14.3.2.26
-TAG sha1
-EXPL "SHA-1"
-NAME NSS_OID_SHA1
-CKM CKM_SHA_1
-
-OID 1.3.14.3.2.27
-TAG bogusDSASignatureWithSHA1Digest
-EXPL "Forgezza DSA Signature with SHA-1 Digest"
-NAME NSS_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST
-CKM CKM_DSA_SHA1
-
-OID 1.3.14.3.3
-TAG authentication-mechanism
-EXPL "OIW SECSIG Authentication Mechanisms"
-
-OID 1.3.14.3.4
-TAG security-attribute
-EXPL "OIW SECSIG Security Attributes"
-
-OID 1.3.14.3.5
-TAG document-definition
-EXPL "OIW SECSIG Document Definitions used in security"
-
-OID 1.3.14.7
-TAG directory-services-sig
-EXPL "OIW directory services sig"
-
-OID 1.3.16
-TAG ewos
-EXPL "European Workshop on Open Systems"
-
-OID 1.3.22
-TAG osf
-EXPL "Open Software Foundation"
-
-OID 1.3.23
-TAG nordunet
-EXPL "Nordunet"
-
-OID 1.3.26
-TAG nato-id-org
-EXPL "NATO identified organisation"
-
-OID 1.3.36
-TAG teletrust
-EXPL "Teletrust"
-
-OID 1.3.52
-TAG smpte
-EXPL "Society of Motion Picture and Television Engineers"
-
-OID 1.3.69
-TAG sita
-EXPL "Societe Internationale de Telecommunications Aeronautiques"
-
-OID 1.3.90
-TAG iana
-EXPL "Internet Assigned Numbers Authority"
-
-OID 1.3.101
-TAG thawte
-EXPL "Thawte"
-
-OID 2
-TAG joint-iso-ccitt
-EXPL "Joint ISO/ITU-T assignment"
-
-OID 2.0
-TAG presentation
-EXPL "Joint ISO/ITU-T Presentation"
-
-OID 2.1
-TAG asn-1
-EXPL "Abstract Syntax Notation One"
-
-OID 2.2
-TAG acse
-EXPL "Association Control"
-
-OID 2.3
-TAG rtse
-EXPL "Reliable Transfer"
-
-OID 2.4
-TAG rose
-EXPL "Remote Operations"
-
-OID 2.5
-TAG x500
-EXPL "Directory"
-
-OID 2.5.1
-TAG modules
-EXPL "X.500 modules"
-
-OID 2.5.2
-TAG service-environment
-EXPL "X.500 service environment"
-
-OID 2.5.3
-TAG application-context
-EXPL "X.500 application context"
-
-# RFC 2459:
-#
-# id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4}
-OID 2.5.4
-TAG id-at
-EXPL "X.520 attribute types"
-
-# RFC 2459:
-#
-# id-at-commonName AttributeType ::= {id-at 3}
-OID 2.5.4.3
-TAG id-at-commonName
-EXPL "X.520 Common Name"
-NAME NSS_OID_X520_COMMON_NAME
-ATTR "cn"
-
-# RFC 2459:
-#
-# id-at-surname AttributeType ::= {id-at 4}
-OID 2.5.4.4
-TAG id-at-surname
-EXPL "X.520 Surname"
-NAME NSS_OID_X520_SURNAME
-ATTR "sn"
-
-# RFC 2459:
-#
-# id-at-countryName AttributeType ::= {id-at 6}
-OID 2.5.4.6
-TAG id-at-countryName
-EXPL "X.520 Country Name"
-NAME NSS_OID_X520_COUNTRY_NAME
-ATTR "c"
-
-# RFC 2459:
-#
-# id-at-localityName AttributeType ::= {id-at 7}
-OID 2.5.4.7
-TAG id-at-localityName
-EXPL "X.520 Locality Name"
-NAME NSS_OID_X520_LOCALITY_NAME
-ATTR "l"
-
-# RFC 2459:
-#
-# id-at-stateOrProvinceName AttributeType ::= {id-at 8}
-OID 2.5.4.8
-TAG id-at-stateOrProvinceName
-EXPL "X.520 State or Province Name"
-NAME NSS_OID_X520_STATE_OR_PROVINCE_NAME
-ATTR "s"
-
-# RFC 2459:
-#
-# id-at-organizationName AttributeType ::= {id-at 10}
-OID 2.5.4.10
-TAG id-at-organizationName
-EXPL "X.520 Organization Name"
-NAME NSS_OID_X520_ORGANIZATION_NAME
-ATTR "o"
-
-# RFC 2459:
-#
-# id-at-organizationalUnitName AttributeType ::= {id-at 11}
-OID 2.5.4.11
-TAG id-at-organizationalUnitName
-EXPL "X.520 Organizational Unit Name"
-NAME NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME
-ATTR "ou"
-
-# RFC 2459:
-#
-# id-at-title AttributeType ::= {id-at 12}
-OID 2.5.4.12
-TAG id-at-title
-EXPL "X.520 Title"
-NAME NSS_OID_X520_TITLE
-ATTR "title"
-
-# RFC 2459:
-#
-# id-at-name AttributeType ::= {id-at 41}
-OID 2.5.4.41
-TAG id-at-name
-EXPL "X.520 Name"
-NAME NSS_OID_X520_NAME
-ATTR "name"
-
-# RFC 2459:
-#
-# id-at-givenName AttributeType ::= {id-at 42}
-OID 2.5.4.42
-TAG id-at-givenName
-EXPL "X.520 Given Name"
-NAME NSS_OID_X520_GIVEN_NAME
-ATTR "givenName"
-
-# RFC 2459:
-#
-# id-at-initials AttributeType ::= {id-at 43}
-OID 2.5.4.43
-TAG id-at-initials
-EXPL "X.520 Initials"
-NAME NSS_OID_X520_INITIALS
-ATTR "initials"
-
-# RFC 2459:
-#
-# id-at-generationQualifier AttributeType ::= {id-at 44}
-OID 2.5.4.44
-TAG id-at-generationQualifier
-EXPL "X.520 Generation Qualifier"
-NAME NSS_OID_X520_GENERATION_QUALIFIER
-ATTR "generationQualifier"
-
-# RFC 2459:
-#
-# id-at-dnQualifier AttributeType ::= {id-at 46}
-OID 2.5.4.46
-TAG id-at-dnQualifier
-EXPL "X.520 DN Qualifier"
-NAME NSS_OID_X520_DN_QUALIFIER
-ATTR "dnQualifier"
-
-OID 2.5.5
-TAG attribute-syntax
-EXPL "X.500 attribute syntaxes"
-
-OID 2.5.6
-TAG object-classes
-EXPL "X.500 standard object classes"
-
-OID 2.5.7
-TAG attribute-set
-EXPL "X.500 attribute sets"
-
-OID 2.5.8
-TAG algorithms
-EXPL "X.500-defined algorithms"
-
-OID 2.5.8.1
-TAG encryption
-EXPL "X.500-defined encryption algorithms"
-
-OID 2.5.8.1.1
-TAG rsa
-EXPL "RSA Encryption Algorithm"
-NAME NSS_OID_X500_RSA_ENCRYPTION
-CKM CKM_RSA_X_509
-
-OID 2.5.9
-TAG abstract-syntax
-EXPL "X.500 abstract syntaxes"
-
-OID 2.5.12
-TAG operational-attribute
-EXPL "DSA Operational Attributes"
-
-OID 2.5.13
-TAG matching-rule
-EXPL "Matching Rule"
-
-OID 2.5.14
-TAG knowledge-matching-rule
-EXPL "X.500 knowledge Matching Rules"
-
-OID 2.5.15
-TAG name-form
-EXPL "X.500 name forms"
-
-OID 2.5.16
-TAG group
-EXPL "X.500 groups"
-
-OID 2.5.17
-TAG subentry
-EXPL "X.500 subentry"
-
-OID 2.5.18
-TAG operational-attribute-type
-EXPL "X.500 operational attribute type"
-
-OID 2.5.19
-TAG operational-binding
-EXPL "X.500 operational binding"
-
-OID 2.5.20
-TAG schema-object-class
-EXPL "X.500 schema Object class"
-
-OID 2.5.21
-TAG schema-operational-attribute
-EXPL "X.500 schema operational attributes"
-
-OID 2.5.23
-TAG administrative-role
-EXPL "X.500 administrative roles"
-
-OID 2.5.24
-TAG access-control-attribute
-EXPL "X.500 access control attribute"
-
-OID 2.5.25
-TAG ros
-EXPL "X.500 ros object"
-
-OID 2.5.26
-TAG contract
-EXPL "X.500 contract"
-
-OID 2.5.27
-TAG package
-EXPL "X.500 package"
-
-OID 2.5.28
-TAG access-control-schema
-EXPL "X.500 access control schema"
-
-# RFC 2459:
-#
-# id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29}
-OID 2.5.29
-TAG id-ce
-EXPL "X.500 Certificate Extension"
-
-OID 2.5.29.5
-TAG subject-directory-attributes
-EXPL "Certificate Subject Directory Attributes"
-NAME NSS_OID_X509_SUBJECT_DIRECTORY_ATTR
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 }
-OID 2.5.29.9
-TAG id-ce-subjectDirectoryAttributes
-EXPL "Certificate Subject Directory Attributes"
-NAME NSS_OID_X509_SUBJECT_DIRECTORY_ATTRIBUTES
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 }
-OID 2.5.29.14
-TAG id-ce-subjectKeyIdentifier
-EXPL "Certificate Subject Key ID"
-NAME NSS_OID_X509_SUBJECT_KEY_ID
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
-OID 2.5.29.15
-TAG id-ce-keyUsage
-EXPL "Certificate Key Usage"
-NAME NSS_OID_X509_KEY_USAGE
-CERT_EXTENSION SUPPORTED
-# We called it PKCS12_KEY_USAGE
-
-# RFC 2459:
-#
-# id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16 }
-OID 2.5.29.16
-TAG id-ce-privateKeyUsagePeriod
-EXPL "Certificate Private Key Usage Period"
-NAME NSS_OID_X509_PRIVATE_KEY_USAGE_PERIOD
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 }
-OID 2.5.29.17
-TAG id-ce-subjectAltName
-EXPL "Certificate Subject Alternate Name"
-NAME NSS_OID_X509_SUBJECT_ALT_NAME
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 }
-OID 2.5.29.18
-TAG id-ce-issuerAltName
-EXPL "Certificate Issuer Alternate Name"
-NAME NSS_OID_X509_ISSUER_ALT_NAME
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 }
-OID 2.5.29.19
-TAG id-ce-basicConstraints
-EXPL "Certificate Basic Constraints"
-NAME NSS_OID_X509_BASIC_CONSTRAINTS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 }
-OID 2.5.29.20
-TAG id-ce-cRLNumber
-EXPL "CRL Number"
-NAME NSS_OID_X509_CRL_NUMBER
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-cRLReasons OBJECT IDENTIFIER ::= { id-ce 21 }
-OID 2.5.29.21
-TAG id-ce-cRLReasons
-EXPL "CRL Reason Code"
-NAME NSS_OID_X509_REASON_CODE
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-ce 23 }
-OID 2.5.29.23
-TAG id-ce-holdInstructionCode
-EXPL "Hold Instruction Code"
-NAME NSS_OID_X509_HOLD_INSTRUCTION_CODE
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-invalidityDate OBJECT IDENTIFIER ::= { id-ce 24 }
-OID 2.5.29.24
-TAG id-ce-invalidityDate
-EXPL "Invalid Date"
-NAME NSS_OID_X509_INVALID_DATE
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27 }
-OID 2.5.29.27
-TAG id-ce-deltaCRLIndicator
-EXPL "Delta CRL Indicator"
-NAME NSS_OID_X509_DELTA_CRL_INDICATOR
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28 }
-OID 2.5.29.28
-TAG id-ce-issuingDistributionPoint
-EXPL "Issuing Distribution Point"
-NAME NSS_OID_X509_ISSUING_DISTRIBUTION_POINT
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29 }
-OID 2.5.29.29
-TAG id-ce-certificateIssuer
-EXPL "Certificate Issuer"
-NAME NSS_OID_X509_CERTIFICATE_ISSUER
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 }
-OID 2.5.29.30
-TAG id-ce-nameConstraints
-EXPL "Certificate Name Constraints"
-NAME NSS_OID_X509_NAME_CONSTRAINTS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31}
-OID 2.5.29.31
-TAG id-ce-cRLDistributionPoints
-EXPL "CRL Distribution Points"
-NAME NSS_OID_X509_CRL_DIST_POINTS
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 }
-OID 2.5.29.32
-TAG id-ce-certificatePolicies
-EXPL "Certificate Policies"
-NAME NSS_OID_X509_CERTIFICATE_POLICIES
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 }
-OID 2.5.29.33
-TAG id-ce-policyMappings
-EXPL "Certificate Policy Mappings"
-NAME NSS_OID_X509_POLICY_MAPPINGS
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.5.29.34
-TAG policy-constraints
-EXPL "Certificate Policy Constraints (old)"
-CERT_EXTENSION UNSUPPORTED
-
-# RFC 2459:
-#
-# id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 }
-OID 2.5.29.35
-TAG id-ce-authorityKeyIdentifier
-EXPL "Certificate Authority Key Identifier"
-NAME NSS_OID_X509_AUTH_KEY_ID
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 }
-OID 2.5.29.36
-TAG id-ce-policyConstraints
-EXPL "Certificate Policy Constraints"
-NAME NSS_OID_X509_POLICY_CONSTRAINTS
-CERT_EXTENSION SUPPORTED
-
-# RFC 2459:
-#
-# id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37}
-OID 2.5.29.37
-TAG id-ce-extKeyUsage
-EXPL "Extended Key Usage"
-NAME NSS_OID_X509_EXT_KEY_USAGE
-CERT_EXTENSION SUPPORTED
-
-OID 2.5.30
-TAG id-mgt
-EXPL "X.500 Management Object"
-
-OID 2.6
-TAG x400
-EXPL "X.400 MHS"
-
-OID 2.7
-TAG ccr
-EXPL "Committment, Concurrency and Recovery"
-
-OID 2.8
-TAG oda
-EXPL "Office Document Architecture"
-
-OID 2.9
-TAG osi-management
-EXPL "OSI management"
-
-OID 2.10
-TAG tp
-EXPL "Transaction Processing"
-
-OID 2.11
-TAG dor
-EXPL "Distinguished Object Reference"
-
-OID 2.12
-TAG rdt
-EXPL "Referenced Data Transfer"
-
-OID 2.13
-TAG nlm
-EXPL "Network Layer Management"
-
-OID 2.14
-TAG tlm
-EXPL "Transport Layer Management"
-
-OID 2.15
-TAG llm
-EXPL "Link Layer Management"
-
-OID 2.16
-TAG country
-EXPL "Country Assignments"
-
-OID 2.16.124
-TAG canada
-EXPL "Canada"
-
-OID 2.16.158
-TAG taiwan
-EXPL "Taiwan"
-
-OID 2.16.578
-TAG norway
-EXPL "Norway"
-
-OID 2.16.756
-TAG switzerland
-EXPL "Switzerland"
-
-OID 2.16.840
-TAG us
-EXPL "United States"
-
-OID 2.16.840.1
-TAG us-company
-EXPL "United States Company"
-
-OID 2.16.840.1.101
-TAG us-government
-EXPL "United States Government (1.101)"
-
-OID 2.16.840.1.101.2
-TAG us-dod
-EXPL "United States Department of Defense"
-
-OID 2.16.840.1.101.2.1
-TAG id-infosec
-EXPL "US DOD Infosec"
-
-OID 2.16.840.1.101.2.1.0
-TAG id-modules
-EXPL "US DOD Infosec modules"
-
-OID 2.16.840.1.101.2.1.1
-TAG id-algorithms
-EXPL "US DOD Infosec algorithms (MISSI)"
-
-OID 2.16.840.1.101.2.1.1.2
-TAG old-dss
-EXPL "MISSI DSS Algorithm (Old)"
-NAME NSS_OID_MISSI_DSS_OLD
-
-# This is labeled as "### mwelch temporary"
-# Is it official?? XXX fgmr
-OID 2.16.840.1.101.2.1.1.4
-TAG skipjack-cbc-64
-EXPL "Skipjack CBC64"
-NAME NSS_OID_FORTEZZA_SKIPJACK
-CKM CKM_SKIPJACK_CBC64
-
-OID 2.16.840.1.101.2.1.1.10
-TAG kea
-EXPL "MISSI KEA Algorithm"
-NAME NSS_OID_MISSI_KEA
-
-OID 2.16.840.1.101.2.1.1.12
-TAG old-kea-dss
-EXPL "MISSI KEA and DSS Algorithm (Old)"
-NAME NSS_OID_MISSI_KEA_DSS_OLD
-
-OID 2.16.840.1.101.2.1.1.19
-TAG dss
-EXPL "MISSI DSS Algorithm"
-NAME NSS_OID_MISSI_DSS
-
-OID 2.16.840.1.101.2.1.1.20
-TAG kea-dss
-EXPL "MISSI KEA and DSS Algorithm"
-NAME NSS_OID_MISSI_KEA_DSS
-
-OID 2.16.840.1.101.2.1.1.22
-TAG alt-kea
-EXPL "MISSI Alternate KEA Algorithm"
-NAME NSS_OID_MISSI_ALT_KEY
-
-OID 2.16.840.1.101.2.1.2
-TAG id-formats
-EXPL "US DOD Infosec formats"
-
-OID 2.16.840.1.101.2.1.3
-TAG id-policy
-EXPL "US DOD Infosec policy"
-
-OID 2.16.840.1.101.2.1.4
-TAG id-object-classes
-EXPL "US DOD Infosec object classes"
-
-OID 2.16.840.1.101.2.1.5
-TAG id-attributes
-EXPL "US DOD Infosec attributes"
-
-OID 2.16.840.1.101.2.1.6
-TAG id-attribute-syntax
-EXPL "US DOD Infosec attribute syntax"
-
-OID 2.16.840.1.113730
-# The Netscape OID space
-TAG netscape
-EXPL "Netscape Communications Corp."
-
-OID 2.16.840.1.113730.1
-TAG cert-ext
-EXPL "Netscape Cert Extensions"
-
-OID 2.16.840.1.113730.1.1
-TAG cert-type
-EXPL "Certificate Type"
-NAME NSS_OID_NS_CERT_EXT_CERT_TYPE
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.2
-TAG base-url
-EXPL "Certificate Extension Base URL"
-NAME NSS_OID_NS_CERT_EXT_BASE_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.3
-TAG revocation-url
-EXPL "Certificate Revocation URL"
-NAME NSS_OID_NS_CERT_EXT_REVOCATION_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.4
-TAG ca-revocation-url
-EXPL "Certificate Authority Revocation URL"
-NAME NSS_OID_NS_CERT_EXT_CA_REVOCATION_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.5
-TAG ca-crl-download-url
-EXPL "Certificate Authority CRL Download URL"
-NAME NSS_OID_NS_CERT_EXT_CA_CRL_URL
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.6
-TAG ca-cert-url
-EXPL "Certificate Authority Certificate Download URL"
-NAME NSS_OID_NS_CERT_EXT_CA_CERT_URL
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.7
-TAG renewal-url
-EXPL "Certificate Renewal URL"
-NAME NSS_OID_NS_CERT_EXT_CERT_RENEWAL_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.8
-TAG ca-policy-url
-EXPL "Certificate Authority Policy URL"
-NAME NSS_OID_NS_CERT_EXT_CA_POLICY_URL
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.9
-TAG homepage-url
-EXPL "Certificate Homepage URL"
-NAME NSS_OID_NS_CERT_EXT_HOMEPAGE_URL
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.10
-TAG entity-logo
-EXPL "Certificate Entity Logo"
-NAME NSS_OID_NS_CERT_EXT_ENTITY_LOGO
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.11
-TAG user-picture
-EXPL "Certificate User Picture"
-NAME NSS_OID_NS_CERT_EXT_USER_PICTURE
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.1.12
-TAG ssl-server-name
-EXPL "Certificate SSL Server Name"
-NAME NSS_OID_NS_CERT_EXT_SSL_SERVER_NAME
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.13
-TAG comment
-EXPL "Certificate Comment"
-NAME NSS_OID_NS_CERT_EXT_COMMENT
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.1.14
-TAG thayes
-EXPL ""
-NAME NSS_OID_NS_CERT_EXT_THAYES
-CERT_EXTENSION SUPPORTED
-
-OID 2.16.840.1.113730.2
-TAG data-type
-EXPL "Netscape Data Types"
-
-OID 2.16.840.1.113730.2.1
-TAG gif
-EXPL "image/gif"
-NAME NSS_OID_NS_TYPE_GIF
-
-OID 2.16.840.1.113730.2.2
-TAG jpeg
-EXPL "image/jpeg"
-NAME NSS_OID_NS_TYPE_JPEG
-
-OID 2.16.840.1.113730.2.3
-TAG url
-EXPL "URL"
-NAME NSS_OID_NS_TYPE_URL
-
-OID 2.16.840.1.113730.2.4
-TAG html
-EXPL "text/html"
-NAME NSS_OID_NS_TYPE_HTML
-
-OID 2.16.840.1.113730.2.5
-TAG cert-sequence
-EXPL "Certificate Sequence"
-NAME NSS_OID_NS_TYPE_CERT_SEQUENCE
-
-OID 2.16.840.1.113730.3
-# The Netscape Directory OID space
-TAG directory
-EXPL "Netscape Directory"
-
-OID 2.16.840.1.113730.4
-TAG policy
-EXPL "Netscape Policy Type OIDs"
-
-OID 2.16.840.1.113730.4.1
-TAG export-approved
-EXPL "Strong Crypto Export Approved"
-NAME NSS_OID_NS_KEY_USAGE_GOVT_APPROVED
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.1.113730.5
-TAG cert-server
-EXPL "Netscape Certificate Server"
-
-OID 2.16.840.1.113730.5.1
-
-OID 2.16.840.1.113730.5.1.1
-TAG recovery-request
-EXPL "Netscape Cert Server Recovery Request"
-NAME NSS_OID_NETSCAPE_RECOVERY_REQUEST
-
-OID 2.16.840.1.113730.6
-TAG algs
-EXPL "Netscape algorithm OIDs"
-
-OID 2.16.840.1.113730.6.1
-TAG smime-kea
-EXPL "Netscape S/MIME KEA"
-NAME NSS_OID_NETSCAPE_SMIME_KEA
-
-OID 2.16.840.1.113730.7
-TAG name-components
-EXPL "Netscape Name Components"
-
-OID 2.16.840.1.113730.7.1
-TAG nickname
-EXPL "Netscape Nickname"
-NAME NSS_OID_NETSCAPE_NICKNAME
-
-OID 2.16.840.1.113733
-TAG verisign
-EXPL "Verisign"
-
-OID 2.16.840.1.113733.1
-
-OID 2.16.840.1.113733.1.7
-
-OID 2.16.840.1.113733.1.7.1
-
-OID 2.16.840.1.113733.1.7.1.1
-TAG verisign-user-notices
-EXPL "Verisign User Notices"
-NAME NSS_OID_VERISIGN_USER_NOTICES
-
-OID 2.16.840.101
-TAG us-government
-EXPL "US Government (101)"
-
-OID 2.16.840.102
-TAG us-government2
-EXPL "US Government (102)"
-
-OID 2.16.840.11370
-TAG old-netscape
-EXPL "Netscape Communications Corp. (Old)"
-
-OID 2.16.840.11370.1
-TAG ns-cert-ext
-EXPL "Netscape Cert Extensions (Old NS)"
-
-OID 2.16.840.11370.1.1
-TAG netscape-ok
-EXPL "Netscape says this cert is ok (Old NS)"
-NAME NSS_OID_NS_CERT_EXT_NETSCAPE_OK
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.11370.1.2
-TAG issuer-logo
-EXPL "Certificate Issuer Logo (Old NS)"
-NAME NSS_OID_NS_CERT_EXT_ISSUER_LOGO
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.11370.1.3
-TAG subject-logo
-EXPL "Certificate Subject Logo (Old NS)"
-NAME NSS_OID_NS_CERT_EXT_SUBJECT_LOGO
-CERT_EXTENSION UNSUPPORTED
-
-OID 2.16.840.11370.2
-TAG ns-file-type
-EXPL "Netscape File Type"
-
-OID 2.16.840.11370.3
-TAG ns-image-type
-EXPL "Netscape Image Type"
-
-OID 2.17
-TAG registration-procedures
-EXPL "Registration procedures"
-
-OID 2.18
-TAG physical-layer-management
-EXPL "Physical layer Management"
-
-OID 2.19
-TAG mheg
-EXPL "MHEG"
-
-OID 2.20
-TAG guls
-EXPL "Generic Upper Layer Security"
-
-OID 2.21
-TAG tls
-EXPL "Transport Layer Security Protocol"
-
-OID 2.22
-TAG nls
-EXPL "Network Layer Security Protocol"
-
-OID 2.23
-TAG organization
-EXPL "International organizations"
diff --git a/security/nss/lib/pki1/pki1.h b/security/nss/lib/pki1/pki1.h
deleted file mode 100644
index 15d29685d..000000000
--- a/security/nss/lib/pki1/pki1.h
+++ /dev/null
@@ -1,3032 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKI1_H
-#define PKI1_H
-
-#ifdef DEBUG
-static const char PKI1_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pki1.h
- *
- * This file contains the prototypes to the non-public NSS routines
- * relating to the PKIX part-1 objects.
- */
-
-#ifndef PKI1T_H
-#include "pki1t.h"
-#endif /* PKI1T_H */
-
-#ifndef NSSPKI1_H
-#include "nsspki1.h"
-#endif /* NSSPKI1_H */
-
-PR_BEGIN_EXTERN_C
-
-/* fgmr 19990505 moved these here from oiddata.h */
-extern const nssAttributeTypeAliasTable nss_attribute_type_aliases[];
-extern const PRUint32 nss_attribute_type_alias_count;
-
-/*
- * NSSOID
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssOID_CreateFromBER -- constructor
- * nssOID_CreateFromUTF8 -- constructor
- * (there is no explicit destructor)
- *
- * nssOID_GetDEREncoding
- * nssOID_GetUTF8Encoding
- *
- * In debug builds, the following non-public calls are also available:
- *
- * nssOID_verifyPointer
- * nssOID_getExplanation
- * nssOID_getTaggedUTF8
- */
-
-/*
- * nssOID_CreateFromBER
- *
- * This routine creates an NSSOID by decoding a BER- or DER-encoded
- * OID. It may return NSS_OID_UNKNOWN upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromBER
-(
- NSSBER *berOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_BER;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssOID_CreateFromUTF8
- *
- * This routine creates an NSSOID by decoding a UTF8 string
- * representation of an OID in dotted-number format. The string may
- * optionally begin with an octothorpe. It may return NSS_OID_UNKNOWN
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An NSSOID upon success
- */
-
-NSS_EXTERN NSSOID *
-nssOID_CreateFromUTF8
-(
- NSSUTF8 *stringOid
-);
-
-extern const NSSError NSS_ERROR_INVALID_UTF8;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-
-/*
- * nssOID_GetDEREncoding
- *
- * This routine returns the DER encoding of the specified NSSOID.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return return null upon error, in
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSOID
- */
-
-NSS_EXTERN NSSDER *
-nssOID_GetDEREncoding
-(
- const NSSOID *oid,
- NSSDER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssOID_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing the dotted-number
- * encoding of the specified NSSOID. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return null upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the dotted-digit encoding of
- * this NSSOID
- */
-
-NSS_EXTERN NSSUTF8 *
-nssOID_GetUTF8Encoding
-(
- const NSSOID *oid,
- NSSArena *arenaOpt
-);
-
-/*
- * nssOID_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid poitner to an NSSOID object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssOID_verifyPointer
-(
- const NSSOID *oid
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-#endif /* DEBUG */
-
-/*
- * nssOID_getExplanation
- *
- * This method is only present in debug builds.
- *
- * This routine will return a static pointer to a UTF8-encoded string
- * describing (in English) the specified OID. The memory pointed to
- * by the return value is not owned by the caller, and should not be
- * freed or modified. Note that explanations are only provided for
- * the OIDs built into the NSS library; there is no way to specify an
- * explanation for dynamically created OIDs. This routine is intended
- * only for use in debugging tools such as "derdump." This routine
- * may return null upon error, in which case it will have placed an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSOID
- *
- * Return value:
- * NULL upon error
- * A static pointer to a readonly, non-caller-owned UTF8-encoded
- * string explaining the specified OID.
- */
-
-#ifdef DEBUG
-NSS_EXTERN const NSSUTF8 *
-nssOID_getExplanation
-(
- NSSOID *oid
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-#endif /* DEBUG */
-
-/*
- * nssOID_getTaggedUTF8
- *
- * This method is only present in debug builds.
- *
- * This routine will return a pointer to a caller-owned UTF8-encoded
- * string containing a tagged encoding of the specified OID. Note
- * that OID (component) tags are only provided for the OIDs built
- * into the NSS library; there is no way to specify tags for
- * dynamically created OIDs. This routine is intended for use in
- * debugging tools such as "derdump." If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the tagged encoding of
- * this NSSOID
- */
-
-#ifdef DEBUG
-NSS_EXTERN NSSUTF8 *
-nssOID_getTaggedUTF8
-(
- NSSOID *oid,
- NSSArena *arenaOpt
-);
-
-extern const NSSError NSS_ERROR_INVALID_NSSOID;
-extern const NSSError NSS_ERROR_NO_MEMORY;
-#endif /* DEBUG */
-
-/*
- * NSSATAV
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssATAV_CreateFromBER -- constructor
- * nssATAV_CreateFromUTF8 -- constructor
- * nssATAV_Create -- constructor
- *
- * nssATAV_Destroy
- * nssATAV_GetDEREncoding
- * nssATAV_GetUTF8Encoding
- * nssATAV_GetType
- * nssATAV_GetValue
- * nssATAV_Compare
- * nssATAV_Duplicate
- *
- * In debug builds, the following non-public call is also available:
- *
- * nssATAV_verifyPointer
- */
-
-/*
- * nssATAV_CreateFromBER
- *
- * This routine creates an NSSATAV by decoding a BER- or DER-encoded
- * ATAV. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_CreateFromBER
-(
- NSSArena *arenaOpt,
- const NSSBER *berATAV
-);
-
-/*
- * nssATAV_CreateFromUTF8
- *
- * This routine creates an NSSATAV by decoding a UTF8 string in the
- * "equals" format, e.g., "c=US." If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- const NSSUTF8 *stringATAV
-);
-
-/*
- * nssATAV_Create
- *
- * This routine creates an NSSATAV from the specified NSSOID and the
- * specified data. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap.If the specified data length is zero,
- * the data is assumed to be terminated by first zero byte; this allows
- * UTF8 strings to be easily specified. This routine may return NULL
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_NSSOID
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSATAV upon success
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_Create
-(
- NSSArena *arenaOpt,
- const NSSOID *oid,
- const void *data,
- PRUint32 length
-);
-
-/*
- * nssATAV_Destroy
- *
- * This routine will destroy an ATAV object. It should eventually be
- * called on all ATAVs created without an arena. While it is not
- * necessary to call it on ATAVs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssATAV_Destroy
-(
- NSSATAV *atav
-);
-
-/*
- * nssATAV_GetDEREncoding
- *
- * This routine will DER-encode an ATAV object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSATAV
- */
-
-NSS_EXTERN NSSDER *
-nssATAV_GetDEREncoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the ATAV in "equals" notation (e.g., "o=Acme").
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string containing the "equals" encoding of the
- * ATAV
- */
-
-NSS_EXTERN NSSUTF8 *
-nssATAV_GetUTF8Encoding
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_GetType
- *
- * This routine returns the NSSOID corresponding to the attribute type
- * in the specified ATAV. This routine may return NSS_OID_UNKNOWN
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NSS_OID_UNKNOWN upon error
- * An element of enum NSSOIDenum upon success
- */
-
-NSS_EXTERN const NSSOID *
-nssATAV_GetType
-(
- NSSATAV *atav
-);
-
-/*
- * nssATAV_GetValue
- *
- * This routine returns a string containing the attribute value
- * in the specified ATAV. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error upon the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSItem containing the attribute value.
- */
-
-NSS_EXTERN NSSUTF8 *
-nssATAV_GetValue
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_Compare
- *
- * This routine compares two ATAVs for equality. For two ATAVs to be
- * equal, the attribute types must be the same, and the attribute
- * values must have equal length and contents. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have set an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssATAV_Compare
-(
- NSSATAV *atav1,
- NSSATAV *atav2,
- PRBool *equalp
-);
-
-/*
- * nssATAV_Duplicate
- *
- * This routine duplicates the specified ATAV. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new ATAV
- */
-
-NSS_EXTERN NSSATAV *
-nssATAV_Duplicate
-(
- NSSATAV *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssATAV_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSATAV object,
- * this routine will return PR_SUCCESS. Otherwise, it will put an
- * error on the error stack and return PR_FAILRUE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NSSATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-#ifdef DEBUG
-NSS_EXTERN PRStatus
-nssATAV_verifyPointer
-(
- NSSATAV *atav
-);
-#endif /* DEBUG */
-
-/*
- * NSSRDN
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssRDN_CreateFromBER -- constructor
- * nssRDN_CreateFromUTF8 -- constructor
- * nssRDN_Create -- constructor
- * nssRDN_CreateSimple -- constructor
- *
- * nssRDN_Destroy
- * nssRDN_GetDEREncoding
- * nssRDN_GetUTF8Encoding
- * nssRDN_AddATAV
- * nssRDN_GetATAVCount
- * nssRDN_GetATAV
- * nssRDN_GetSimpleATAV
- * nssRDN_Compare
- * nssRDN_Duplicate
- */
-
-/*
- * nssRDN_CreateFromBER
- *
- * This routine creates an NSSRDN by decoding a BER- or DER-encoded
- * RDN. If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berRDN
-);
-
-/*
- * nssRDN_CreateFromUTF8
- *
- * This routine creates an NSSRDN by decoding an UTF8 string
- * consisting of either a single ATAV in the "equals" format, e.g.,
- * "uid=smith," or one or more such ATAVs in parentheses, e.g.,
- * "(sn=Smith,ou=Sales)." If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringRDN
-);
-
-/*
- * nssRDN_Create
- *
- * This routine creates an NSSRDN from one or more NSSATAVs. The
- * final argument to this routine must be NULL. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_Create
-(
- NSSArena *arenaOpt,
- NSSATAV *atav1,
- ...
-);
-
-/*
- * nssRDN_CreateSimple
- *
- * This routine creates a simple NSSRDN from a single NSSATAV. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDN upon success
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_CreateSimple
-(
- NSSArena *arenaOpt,
- NSSATAV *atav
-);
-
-/*
- * nssRDN_Destroy
- *
- * This routine will destroy an RDN object. It should eventually be
- * called on all RDNs created without an arena. While it is not
- * necessary to call it on RDNs created within an arena, it is not an
- * error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * PR_FAILURE upon failure
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssRDN_Destroy
-(
- NSSRDN *rdn
-);
-
-/*
- * nssRDN_GetDEREncoding
- *
- * This routine will DER-encode an RDN object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSRDN
- */
-
-NSS_EXTERN NSSDER *
-nssRDN_GetDEREncoding
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDN_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the RDN. A simple (one-ATAV) RDN will be simply
- * the string representation of that ATAV; a non-simple RDN will be in
- * parenthesised form. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * null upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssRDN_GetUTF8Encoding
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDN_AddATAV
- *
- * This routine adds an ATAV to the set of ATAVs in the specified RDN.
- * Remember that RDNs consist of an unordered set of ATAVs. If the
- * RDN was created with a non-null arena argument, that same arena
- * will be used for any additional required memory. If the RDN was
- * created with a NULL arena argument, any additional memory will
- * be obtained from the heap. This routine returns a PRStatus value;
- * it will return PR_SUCCESS upon success, and upon failure it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_INVALID_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssRDN_AddATAV
-(
- NSSRDN *rdn,
- NSSATAV *atav
-);
-
-/*
- * nssRDN_GetATAVCount
- *
- * This routine returns the cardinality of the set of ATAVs within
- * the specified RDN. This routine may return 0 upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-nssRDN_GetATAVCount
-(
- NSSRDN *rdn
-);
-
-/*
- * nssRDN_GetATAV
- *
- * This routine returns a pointer to an ATAV that is a member of
- * the set of ATAVs within the specified RDN. While the set of
- * ATAVs within an RDN is unordered, this routine will return
- * distinct values for distinct values of 'i' as long as the RDN
- * is not changed in any way. The RDN may be changed by calling
- * NSSRDN_AddATAV. The value of the variable 'i' is on the range
- * [0,c) where c is the cardinality returned from NSSRDN_GetATAVCount.
- * The caller owns the ATAV the pointer to which is returned. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-nssRDN_GetATAV
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * nssRDN_GetSimpleATAV
- *
- * Most RDNs are actually very simple, with a single ATAV. This
- * routine will return the single ATAV from such an RDN. The caller
- * owns the ATAV the pointer to which is returned. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, including the case where
- * the set of ATAVs in the RDN is nonsingular. Upon error, this
- * routine will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_RDN_NOT_SIMPLE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSATAV
- */
-
-NSS_EXTERN NSSATAV *
-nssRDN_GetSimpleATAV
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDN_Compare
- *
- * This routine compares two RDNs for equality. For two RDNs to be
- * equal, they must have the same number of ATAVs, and every ATAV in
- * one must be equal to an ATAV in the other. (Note that the sets
- * of ATAVs are unordered.) The result of the comparison will be
- * stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssRDN_Compare
-(
- NSSRDN *rdn1,
- NSSRDN *rdn2,
- PRBool *equalp
-);
-
-/*
- * nssRDN_Duplicate
- *
- * This routine duplicates the specified RDN. If the optional arena
- * argument is non-null, the memory required will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL on error
- * A pointer to a new RDN
- */
-
-NSS_EXTERN NSSRDN *
-nssRDN_Duplicate
-(
- NSSRDN *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSRDNSeq
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssRDNSeq_CreateFromBER -- constructor
- * nssRDNSeq_CreateFromUTF8 -- constructor
- * nssRDNSeq_Create -- constructor
- *
- * nssRDNSeq_Destroy
- * nssRDNSeq_GetDEREncoding
- * nssRDNSeq_GetUTF8Encoding
- * nssRDNSeq_AppendRDN
- * nssRDNSeq_GetRDNCount
- * nssRDNSeq_GetRDN
- * nssRDNSeq_Compare
- * nssRDNSeq_Duplicate
- *
- * nssRDNSeq_EvaluateUTF8 -- not an object method
- */
-
-/*
- * nssRDNSeq_CreateFromBER
- *
- * This routine creates an NSSRDNSeq by decoding a BER- or DER-encoded
- * sequence of RDNs. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berRDNSeq
-);
-
-/*
- * nssRDNSeq_CreateFromUTF8
- *
- * This routine creates an NSSRDNSeq by decoding a UTF8 string
- * consisting of a comma-separated sequence of RDNs, such as
- * "(sn=Smith,ou=Sales),o=Acme,c=US." If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringRDNSeq
-);
-
-/*
- * nssRDNSeq_Create
- *
- * This routine creates an NSSRDNSeq from one or more NSSRDNs. The
- * final argument to this routine must be NULL. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_RDN
- *
- * Return value:
- * NULL upon error
- * A pointero to an NSSRDNSeq upon success
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_Create
-(
- NSSArena *arenaOpt,
- NSSRDN *rdn1,
- ...
-);
-
-/*
- * nssRDNSeq_Destroy
- *
- * This routine will destroy an RDNSeq object. It should eventually
- * be called on all RDNSeqs created without an arena. While it is not
- * necessary to call it on RDNSeqs created within an arena, it is not
- * an error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssRDNSeq_Destroy
-(
- NSSRDNSeq *rdnseq
-);
-
-/*
- * nssRDNSeq_GetDEREncoding
- *
- * This routine will DER-encode an RDNSeq object. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return null upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSRDNSeq
- */
-
-NSS_EXTERN NSSDER *
-nssRDNSeq_GetDEREncoding
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDNSeq_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the RDNSeq as a comma-separated sequence of RDNs.
- * If the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssRDNSeq_GetUTF8Encoding
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDNSeq_AppendRDN
- *
- * This routine appends an RDN to the end of the existing RDN
- * sequence. If the RDNSeq was created with a non-null arena
- * argument, that same arena will be used for any additional required
- * memory. If the RDNSeq was created with a NULL arena argument, any
- * additional memory will be obtained from the heap. This routine
- * returns a PRStatus value; it will return PR_SUCCESS upon success,
- * and upon failure it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_INVALID_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssRDNSeq_AppendRDN
-(
- NSSRDNSeq *rdnseq,
- NSSRDN *rdn
-);
-
-/*
- * nssRDNSeq_GetRDNCount
- *
- * This routine returns the cardinality of the sequence of RDNs within
- * the specified RDNSeq. This routine may return 0 upon error, in
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- *
- * Return value:
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-nssRDNSeq_GetRDNCount
-(
- NSSRDNSeq *rdnseq
-);
-
-/*
- * nssRDNSeq_GetRDN
- *
- * This routine returns a pointer to the i'th RDN in the sequence of
- * RDNs that make up the specified RDNSeq. The sequence begins with
- * the top-level (e.g., "c=US") RDN. The value of the variable 'i'
- * is on the range [0,c) where c is the cardinality returned from
- * NSSRDNSeq_GetRDNCount. The caller owns the RDN the pointer to which
- * is returned. If the optional arena argument is non-null, the memory
- * used will be obtained from that areana; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error upon the error stack. Note
- * that the usual UTF8 representation of RDN Sequences is from last
- * to first.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRDN
- */
-
-NSS_EXTERN NSSRDN *
-nssRDNSeq_GetRDN
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * nssRDNSeq_Compare
- *
- * This routine compares two RDNSeqs for equality. For two RDNSeqs to
- * be equal, they must have the same number of RDNs, and each RDN in
- * one sequence must be equal to the corresponding RDN in the other
- * sequence. The result of the comparison will be stored at the
- * location pointed to by the "equalp" variable, which must point to a
- * valid PRBool. This routine may return PR_FAILURE upon error, in
- * which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssRDNSeq_Compare
-(
- NSSRDNSeq *rdnseq1,
- NSSRDNSeq *rdnseq2,
- PRBool *equalp
-);
-
-/*
- * nssRDNSeq_Duplicate
- *
- * This routine duplicates the specified RDNSeq. If the optional arena
- * argument is non-null, the memory required will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have
- * placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_RDNSEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new RDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssRDNSeq_Duplicate
-(
- NSSRDNSeq *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssRDNSeq_EvaluateUTF8
- *
- * This routine evaluates a UTF8 string, and returns PR_TRUE if the
- * string contains the string representation of an RDNSeq. This
- * routine is used by the (directory) Name routines
- * nssName_CreateFromUTF8 and nssName_EvaluateUTF8 to determine which
- * choice of directory name the string may encode. This routine may
- * return PR_FALSE upon error, but it subsumes that condition under the
- * general "string does not evaluate as an RDNSeq" state, and does not
- * set an error on the error stack.
- *
- * Return value:
- * PR_TRUE if the string represents an RDNSeq
- * PR_FALSE if otherwise
- */
-
-NSS_EXTERN PRBool
-nssRDNSeq_EvaluateUTF8
-(
- NSSUTF8 *str
-);
-
-/*
- * NSSName
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssName_CreateFromBER -- constructor
- * nssName_CreateFromUTF8 -- constructor
- * nssName_Create -- constructor
- *
- * nssName_Destroy
- * nssName_GetDEREncoding
- * nssName_GetUTF8Encoding
- * nssName_GetChoice
- * nssName_GetRDNSequence
- * nssName_GetSpecifiedChoice
- * nssName_Compare
- * nssName_Duplicate
- *
- * nssName_GetUID
- * nssName_GetEmail
- * nssName_GetCommonName
- * nssName_GetOrganization
- * nssName_GetOrganizationalUnits
- * nssName_GetStateOrProvince
- * nssName_GetLocality
- * nssName_GetCountry
- * nssName_GetAttribute
- *
- * nssName_EvaluateUTF8 -- not an object method
- */
-
-/*
- * nssName_CreateFromBER
- *
- * This routine creates an NSSName by decoding a BER- or DER-encoded
- * (directory) Name. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-nssName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berName
-);
-
-/*
- * nssName_CreateFromUTF8
- *
- * This routine creates an NSSName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * (directory) names. Currently the only choice is an RDNSeq. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. The routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-nssName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringName
-);
-
-/*
- * nssName_Create
- *
- * This routine creates an NSSName with the specified choice of
- * underlying name types. The value of the choice variable must be
- * one of the values of the NSSNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- * Choice Type
- * ======================== ===========
- * NSSNameChoiceRdnSequence NSSRDNSeq *
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSName upon success
- */
-
-NSS_EXTERN NSSName *
-nssName_Create
-(
- NSSArena *arenaOpt,
- NSSNameChoice choice,
- void *arg
-);
-
-/*
- * nssName_Destroy
- *
- * This routine will destroy a Name object. It should eventually be
- * called on all Names created without an arena. While it is not
- * necessary to call it on Names created within an arena, it is not
- * an error to do so. This routine returns a PRStatus value; if
- * successful, it will return PR_SUCCESS. If unsuccessful, it will
- * set an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssName_Destroy
-(
- NSSName *name
-);
-
-/*
- * nssName_GetDEREncoding
- *
- * This routine will DER-encode a name object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSName
- */
-
-NSS_EXTERN NSSDER *
-nssName_GetDEREncoding
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the Name in the format specified by the
- * underlying name choice. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to the UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssName_GetUTF8Encoding
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetChoice
- *
- * This routine returns the type of the choice underlying the specified
- * name. The return value will be a member of the NSSNameChoice
- * enumeration. This routine may return NSSNameChoiceInvalid upon
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- *
- * Return value:
- * NSSNameChoiceInvalid upon error
- * An other member of the NSSNameChoice enumeration upon success
- */
-
-NSS_EXTERN NSSNameChoice
-nssName_GetChoice
-(
- NSSName *name
-);
-
-/*
- * nssName_GetRDNSequence
- *
- * If the choice underlying the specified NSSName is that of an
- * RDNSequence, this routine will return a pointer to that RDN
- * sequence. Otherwise, this routine will place an error on the
- * error stack, and return NULL. If the optional arena argument is
- * non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. The
- * caller owns the returned pointer. This routine may return NULL
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRDNSeq
- */
-
-NSS_EXTERN NSSRDNSeq *
-nssName_GetRDNSequence
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSName matches the specified
- * choice, a caller-owned pointer to that underlying object will be
- * returned. Otherwise, an error will be placed on the error stack and
- * NULL will be returned. If the optional arena argument is non-null,
- * the memory required will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-nssName_GetSpecifiedChoice
-(
- NSSName *name,
- NSSNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_Compare
- *
- * This routine compares two Names for equality. For two Names to be
- * equal, they must have the same choice of underlying types, and the
- * underlying values must be equal. The result of the comparison will
- * be stored at the location pointed to by the "equalp" variable, which
- * must point to a valid PRBool. This routine may return PR_FAILURE
- * upon error, in which case it will have set an error on the error
- * stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE on error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssName_Compare
-(
- NSSName *name1,
- NSSName *name2,
- PRBool *equalp
-);
-
-/*
- * nssName_Duplicate
- *
- * This routine duplicates the specified nssname. If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap. This routine may return NULL upon error, in which case it
- * will have placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new NSSName
- */
-
-NSS_EXTERN NSSName *
-nssName_Duplicate
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing a UID attribute, the UID will be the value of
- * that attribute. Note that no UID attribute is defined in either
- * PKIX or PKCS#9; rather, this seems to derive from RFC 1274, which
- * defines the type as a caseIgnoreString. We'll return a Directory
- * String. If the optional arena argument is non-null, the memory
- * used will be obtained from that arena; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_UID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetUID
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing either a PKIX email address or a PKCS#9 email
- * address, the result will be the value of that attribute. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_EMAIL
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5 String */
-nssName_GetEmail
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a PKIX Common Name, the result will be that name. If
- * the optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetCommonName
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified name, if the choices and content of the name permit.
- * If Name consists of a Sequence of Relative Distinguished names
- * containing a PKIX Organization, the result will be the value of
- * that attribute. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. This routine may return NULL upon
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ORGANIZATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetOrganization
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational
- * unit names from the specified name, if the choices and content of
- * the name permit. If the Name consists of a Sequence of Relative
- * Distinguished Names containing one or more organisational units,
- * the result will be the values of those attributes. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-nssName_GetOrganizationalUnits
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from
- * the specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished Names
- * containing a state or province, the result will be the value of
- * that attribute. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. This routine may return NULL upon
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_STATE_OR_PROVINCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetStateOrProvince
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetLocality
- *
- * This routine will attempt to derive a locality name from the
- * specified name, if the choices and content of the name permit. If
- * the Name consists of a Sequence of Relative Distinguished names
- * containing a Locality, the result will be the value of that
- * attribute. If the optional arena argument is non-null, the memory
- * used will be obtained from that arena; otherwise, the memory will
- * be obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_LOCALITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetLocality
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetCountry
- *
- * This routine will attempt to derive a country name from the
- * specified name, if the choices and content of the name permit.
- * If the Name consists of a Sequence of Relative Distinguished
- * Names containing a Country, the result will be the value of
- * that attribute.. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may
- * return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_COUNTRY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-nssName_GetCountry
-(
- NSSName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_GetAttribute
- *
- * If the specified name consists of a Sequence of Relative
- * Distinguished Names containing an attribute with the specified
- * type, and the actual value of that attribute may be expressed
- * with a Directory String, then the value of that attribute will
- * be returned as a Directory String. If the optional arena argument
- * is non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_NAME
- * NSS_ERROR_NO_ATTRIBUTE
- * NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssName_GetAttribute
-(
- NSSName *name,
- NSSOID *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * nssName_EvaluateUTF8
- *
- * This routine evaluates a UTF8 string, and returns PR_TRUE if the
- * string contains the string representation of an NSSName. This
- * routine is used by the GeneralName routine
- * nssGeneralName_CreateFromUTF8 to determine which choice of
- * general name the string may encode. This routine may return
- * PR_FALSE upon error, but it subsumes that condition under the
- * general "string does not evaluate as a Name" state, and does not
- * set an error on the error stack.
- *
- * Return value:
- * PR_TRUE if the string represents a Name
- * PR_FALSE otherwise
- */
-
-NSS_EXTERN PRBool
-nssName_EvaluateUTF8
-(
- NSSUTF8 *str
-);
-
-/*
- * NSSGeneralName
- *
- * The non-public "methods" regarding this "object" are:
- *
- * nssGeneralName_CreateFromBER -- constructor
- * nssGeneralName_CreateFromUTF8 -- constructor
- * nssGeneralName_Create -- constructor
- *
- * nssGeneralName_Destroy
- * nssGeneralName_GetDEREncoding
- * nssGeneralName_GetUTF8Encoding
- * nssGeneralName_GetChoice
- * nssGeneralName_GetOtherName
- * nssGeneralName_GetRfc822Name
- * nssGeneralName_GetDNSName
- * nssGeneralName_GetX400Address
- * nssGeneralName_GetDirectoryName
- * nssGeneralName_GetEdiPartyName
- * nssGeneralName_GetUniformResourceIdentifier
- * nssGeneralName_GetIPAddress
- * nssGeneralName_GetRegisteredID
- * nssGeneralName_GetSpecifiedChoice
- * nssGeneralName_Compare
- * nssGeneralName_Duplicate
- *
- * nssGeneralName_GetUID
- * nssGeneralName_GetEmail
- * nssGeneralName_GetCommonName
- * nssGeneralName_GetOrganization
- * nssGeneralName_GetOrganizationalUnits
- * nssGeneralName_GetStateOrProvince
- * nssGeneralName_GetLocality
- * nssGeneralName_GetCountry
- * nssGeneralName_GetAttribute
- */
-
-/*
- * nssGeneralName_CreateFromBER
- *
- * This routine creates an NSSGeneralName by decoding a BER- or DER-
- * encoded general name. If the optional arena argument is non-null,
- * the memory used will be obtained from that arena; otherwise, the
- * memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berGeneralName
-);
-
-/*
- * nssGeneralName_CreateFromUTF8
- *
- * This routine creates an NSSGeneralName by decoding a UTF8 string
- * consisting of the string representation of one of the choices of
- * general names. If the optional arena argument is non-null, the
- * memory used will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The routine may return NULL upon
- * error, in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *stringGeneralName
-);
-
-/*
- * nssGeneralName_Create
- *
- * This routine creates an NSSGeneralName with the specified choice of
- * underlying name types. The value of the choice variable must be one
- * of the values of the NSSGeneralNameChoice enumeration, and the type
- * of the arg variable must be as specified in the following table:
- *
- * Choice Type
- * ============================================ =========
- * NSSGeneralNameChoiceOtherName
- * NSSGeneralNameChoiceRfc822Name
- * NSSGeneralNameChoiceDNSName
- * NSSGeneralNameChoiceX400Address
- * NSSGeneralNameChoiceDirectoryName NSSName *
- * NSSGeneralNameChoiceEdiPartyName
- * NSSGeneralNameChoiceUniformResourceIdentifier
- * NSSGeneralNameChoiceIPAddress
- * NSSGeneralNameChoiceRegisteredID
- *
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one fo the following values:
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralName upon success
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_Create
-(
- NSSGeneralNameChoice choice,
- void *arg
-);
-
-/*
- * nssGeneralName_Destroy
- *
- * This routine will destroy a General Name object. It should
- * eventually be called on all General Names created without an arena.
- * While it is not necessary to call it on General Names created within
- * an arena, it is not an error to do so. This routine returns a
- * PRStatus value; if successful, it will return PR_SUCCESS. If
- * usuccessful, it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * PR_FAILURE upon failure
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssGeneralName_Destroy
-(
- NSSGeneralName *generalName
-);
-
-/*
- * nssGeneralName_GetDEREncoding
- *
- * This routine will DER-encode a name object. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return null upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSGeneralName
- */
-
-NSS_EXTERN NSSDER *
-nssGeneralName_GetDEREncoding
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetUTF8Encoding
- *
- * This routine returns a UTF8 string containing a string
- * representation of the General Name in the format specified by the
- * underlying name choice. If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 string
- */
-
-NSS_EXTERN NSSUTF8 *
-nssGeneralName_GetUTF8Encoding
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetChoice
- *
- * This routine returns the type of choice underlying the specified
- * general name. The return value will be a member of the
- * NSSGeneralNameChoice enumeration. This routine may return
- * NSSGeneralNameChoiceInvalid upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * NSSGeneralNameChoiceInvalid upon error
- * An other member of the NSSGeneralNameChoice enumeration
- */
-
-NSS_EXTERN NSSGeneralNameChoice
-nssGeneralName_GetChoice
-(
- NSSGeneralName *generalName
-);
-
-/*
- * nssGeneralName_GetOtherName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * Other Name, this routine will return a pointer to that Other name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSOtherName
- */
-
-NSS_EXTERN NSSOtherName *
-nssGeneralName_GetOtherName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetRfc822Name
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * RFC 822 Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRFC822Name
- */
-
-NSS_EXTERN NSSRFC822Name *
-nssGeneralName_GetRfc822Name
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetDNSName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * DNS Name, this routine will return a pointer to that DNS name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSDNSName
- */
-
-NSS_EXTERN NSSDNSName *
-nssGeneralName_GetDNSName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetX400Address
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * X.400 Address, this routine will return a pointer to that Address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSX400Address
- */
-
-NSS_EXTERN NSSX400Address *
-nssGeneralName_GetX400Address
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetDirectoryName
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * (directory) Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSName
- */
-
-NSS_EXTERN NSSName *
-nssGeneralName_GetName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetEdiPartyName
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * EDI Party Name, this routine will return a pointer to that name.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSEdiPartyName
- */
-
-NSS_EXTERN NSSEdiPartyName *
-nssGeneralName_GetEdiPartyName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetUniformResourceIdentifier
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * URI, this routine will return a pointer to that URI.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSURI
- */
-
-NSS_EXTERN NSSURI *
-nssGeneralName_GetUniformResourceIdentifier
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetIPAddress
- *
- * If the choice underlying the specified NSSGeneralName is that of an
- * IP Address , this routine will return a pointer to that address.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSIPAddress
- */
-
-NSS_EXTERN NSSIPAddress *
-nssGeneralName_GetIPAddress
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetRegisteredID
- *
- * If the choice underlying the specified NSSGeneralName is that of a
- * Registered ID, this routine will return a pointer to that ID.
- * Otherwise, this routine will place an error on the error stack, and
- * return NULL. If the optional arena argument is non-null, the memory
- * required will be obtained from that arena; otherwise, the memory
- * will be obtained from the heap. The caller owns the returned
- * pointer. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to an NSSRegisteredID
- */
-
-NSS_EXTERN NSSRegisteredID *
-nssGeneralName_GetRegisteredID
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetSpecifiedChoice
- *
- * If the choice underlying the specified NSSGeneralName matches the
- * specified choice, a caller-owned pointer to that underlying object
- * will be returned. Otherwise, an error will be placed on the error
- * stack and NULL will be returned. If the optional arena argument
- * is non-null, the memory required will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. The caller
- * owns the returned pointer. This routine may return NULL upon
- * error, in which caes it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer, which must be typecast
- */
-
-NSS_EXTERN void *
-nssGeneralName_GetSpecifiedChoice
-(
- NSSGeneralName *generalName,
- NSSGeneralNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_Compare
- *
- * This routine compares two General Names for equality. For two
- * General Names to be equal, they must have the same choice of
- * underlying types, and the underlying values must be equal. The
- * result of the comparison will be stored at the location pointed
- * to by the "equalp" variable, which must point to a valid PRBool.
- * This routine may return PR_FAILURE upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following value:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssGeneralName_Compare
-(
- NSSGeneralName *generalName1,
- NSSGeneralName *generalName2,
- PRBool *equalp
-);
-
-/*
- * nssGeneralName_Duplicate
- *
- * This routine duplicates the specified General Name. If the optional
- * arena argument is non-null, the memory required will be obtained
- * from that arena; otherwise, the memory will be obtained from the
- * heap. This routine may return NULL upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new NSSGeneralName
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralName_Duplicate
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetUID
- *
- * This routine will attempt to derive a user identifier from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished Names containing a UID
- * attribute, the UID will be the value of that attribute. Note
- * that no UID attribute is defined in either PKIX or PKCS#9;
- * rather, this seems to derive from RFC 1274, which defines the
- * type as a caseIgnoreString. We'll return a Directory String.
- * If the optional arena argument is non-null, the memory used
- * will be obtained from that arena; otherwise, the memory will be
- * obtained from the heap. This routine may return NULL upon error,
- * in which case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_UID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String.
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetUID
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetEmail
- *
- * This routine will attempt to derive an email address from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing either
- * a PKIX email address or a PKCS#9 email address, the result will
- * be the value of that attribute. If the General Name is an RFC 822
- * Name, the result will be the string form of that name. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_EMAIL
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr IA5String */
-nssGeneralName_GetEmail
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetCommonName
- *
- * This routine will attempt to derive a common name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a PKIX
- * Common Name, the result will be that name. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have set
- * an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetCommonName
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetOrganization
- *
- * This routine will attempt to derive an organisation name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing an
- * Organization, the result will be the value of that attribute.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ORGANIZATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetOrganization
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetOrganizationalUnits
- *
- * This routine will attempt to derive a sequence of organisational
- * unit names from the specified general name, if the choices and
- * content of the name permit. If the General Name is a (directory)
- * Name consisting of a Sequence of Relative Distinguished names
- * containing one or more organisational units, the result will
- * consist of those units. If the optional arena argument is non-
- * null, the memory used will be obtained from that arena; otherwise,
- * the memory will be obtained from the heap. This routine may return
- * NULL upon error, in which case it will have set an error on the
- * error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ORGANIZATIONAL_UNITS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a null-terminated array of UTF8 Strings
- */
-
-NSS_EXTERN NSSUTF8 ** /* XXX fgmr DirectoryString */
-nssGeneralName_GetOrganizationalUnits
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetStateOrProvince
- *
- * This routine will attempt to derive a state or province name from
- * the specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a state or
- * province, the result will be the value of that attribute. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_STATE_OR_PROVINCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetStateOrProvince
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetLocality
- *
- * This routine will attempt to derive a locality name from
- * the specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting
- * of a Sequence of Relative Distinguished names containing a Locality,
- * the result will be the value of that attribute. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_LOCALITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetLocality
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetCountry
- *
- * This routine will attempt to derive a country name from the
- * specified general name, if the choices and content of the name
- * permit. If the General Name is a (directory) Name consisting of a
- * Sequence of Relative Distinguished names containing a Country, the
- * result will be the value of that attribute. If the optional
- * arena argument is non-null, the memory used will be obtained from
- * that arena; otherwise, the memory will be obtained from the heap.
- * This routine may return NULL upon error, in which case it will have
- * set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_COUNTRY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr PrintableString */
-nssGeneralName_GetCountry
-(
- NSSGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralName_GetAttribute
- *
- * If the specified general name is a (directory) name consisting
- * of a Sequence of Relative Distinguished Names containing an
- * attribute with the specified type, and the actual value of that
- * attribute may be expressed with a Directory String, then the
- * value of that attribute will be returned as a Directory String.
- * If the optional arena argument is non-null, the memory used will
- * be obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_ATTRIBUTE
- * NSS_ERROR_ATTRIBUTE_VALUE_NOT_STRING
- *
- * Return value:
- * NULL upon error
- * A pointer to a UTF8 String
- */
-
-NSS_EXTERN NSSUTF8 * /* XXX fgmr DirectoryString */
-nssGeneralName_GetAttribute
-(
- NSSGeneralName *generalName,
- NSSOID *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSGeneralNameSeq
- *
- * The public "methods" regarding this "object" are:
- *
- * nssGeneralNameSeq_CreateFromBER -- constructor
- * nssGeneralNameSeq_Create -- constructor
- *
- * nssGeneralNameSeq_Destroy
- * nssGeneralNameSeq_GetDEREncoding
- * nssGeneralNameSeq_AppendGeneralName
- * nssGeneralNameSeq_GetGeneralNameCount
- * nssGeneralNameSeq_GetGeneralName
- * nssGeneralNameSeq_Compare
- * nssGeneralnameSeq_Duplicate
- */
-
-/*
- * nssGeneralNameSeq_CreateFromBER
- *
- * This routine creates a general name sequence by decoding a BER-
- * or DER-encoded GeneralNames. If the optional arena argument is
- * non-null, the memory used will be obtained from that arena;
- * otherwise, the memory will be obtained from the heap. This routine
- * may return NULL upon error, in which case it will have set an error
- * on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-nssGeneralNameSeq_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *berGeneralNameSeq
-);
-
-/*
- * nssGeneralNameSeq_Create
- *
- * This routine creates an NSSGeneralNameSeq from one or more General
- * Names. The final argument to this routine must be NULL. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_GENERAL_NAME
- *
- * Return value:
- * NULL upon error
- * A pointer to an NSSGeneralNameSeq upon success
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-nssGeneralNameSeq_Create
-(
- NSSArena *arenaOpt,
- NSSGeneralName *generalName1,
- ...
-);
-
-/*
- * nssGeneralNameSeq_Destroy
- *
- * This routine will destroy an NSSGeneralNameSeq object. It should
- * eventually be called on all NSSGeneralNameSeqs created without an
- * arena. While it is not necessary to call it on NSSGeneralNameSeq's
- * created within an arena, it is not an error to do so. This routine
- * returns a PRStatus value; if successful, it will return PR_SUCCESS.
- * If unsuccessful, it will set an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon success
- */
-
-NSS_EXTERN PRStatus
-nssGeneralNameSeq_Destroy
-(
- NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * nssGeneralNameSeq_GetDEREncoding
- *
- * This routine will DER-encode an NSSGeneralNameSeq object. If the
- * optional arena argument is non-null, the memory used will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return null upon error, in which
- * case it will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * The DER encoding of this NSSGeneralNameSeq
- */
-
-NSS_EXTERN NSSDER *
-nssGeneralNameSeq_GetDEREncoding
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssGeneralNameSeq_AppendGeneralName
- *
- * This routine appends a General Name to the end of the existing
- * General Name Sequence. If the sequence was created with a non-null
- * arena argument, that same arena will be used for any additional
- * required memory. If the sequence was created with a NULL arena
- * argument, any additional memory will be obtained from the heap.
- * This routine returns a PRStatus value; it will return PR_SUCCESS
- * upon success, and upon failure it will set an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_INVALID_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure.
- */
-
-NSS_EXTERN PRStatus
-nssGeneralNameSeq_AppendGeneralName
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSGeneralName *generalName
-);
-
-/*
- * nssGeneralNameSeq_GetGeneralNameCount
- *
- * This routine returns the cardinality of the specified General name
- * Sequence. This routine may return 0 upon error, in which case it
- * will have set an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- *
- * Return value;
- * 0 upon error
- * A positive number upon success
- */
-
-NSS_EXTERN PRUint32
-nssGeneralNameSeq_GetGeneralNameCount
-(
- NSSGeneralNameSeq *generalNameSeq
-);
-
-/*
- * nssGeneralNameSeq_GetGeneralName
- *
- * This routine returns a pointer to the i'th General Name in the
- * specified General Name Sequence. The value of the variable 'i' is
- * on the range [0,c) where c is the cardinality returned from
- * NSSGeneralNameSeq_GetGeneralNameCount. The caller owns the General
- * Name the pointer to which is returned. If the optional arena
- * argument is non-null, the memory used will be obtained from that
- * arena; otherwise, the memory will be obtained from the heap. This
- * routine may return NULL upon error, in which case it will have set
- * an error upon the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A caller-owned pointer to a General Name.
- */
-
-NSS_EXTERN NSSGeneralName *
-nssGeneralNameSeq_GetGeneralName
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt,
- PRUint32 i
-);
-
-/*
- * nssGeneralNameSeq_Compare
- *
- * This routine compares two General Name Sequences for equality. For
- * two General Name Sequences to be equal, they must have the same
- * cardinality, and each General Name in one sequence must be equal to
- * the corresponding General Name in the other. The result of the
- * comparison will be stored at the location pointed to by the "equalp"
- * variable, which must point to a valid PRBool. This routine may
- * return PR_FAILURE upon error, in which case it will have set an
- * error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * PR_FAILURE upon error
- * PR_SUCCESS upon a successful comparison (equal or not)
- */
-
-NSS_EXTERN PRStatus
-nssGeneralNameSeq_Compare
-(
- NSSGeneralNameSeq *generalNameSeq1,
- NSSGeneralNameSeq *generalNameSeq2,
- PRBool *equalp
-);
-
-/*
- * nssGeneralNameSeq_Duplicate
- *
- * This routine duplicates the specified sequence of general names. If
- * the optional arena argument is non-null, the memory required will be
- * obtained from that arena; otherwise, the memory will be obtained
- * from the heap. This routine may return NULL upon error, in which
- * case it will have placed an error on the error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_GENERAL_NAME_SEQ
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * NULL upon error
- * A pointer to a new General Name Sequence.
- */
-
-NSS_EXTERN NSSGeneralNameSeq *
-nssGeneralNameSeq_Duplicate
-(
- NSSGeneralNameSeq *generalNameSeq,
- NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* PKI1_H */
diff --git a/security/nss/lib/pki1/pki1t.h b/security/nss/lib/pki1/pki1t.h
deleted file mode 100644
index de6e5c835..000000000
--- a/security/nss/lib/pki1/pki1t.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKI1T_H
-#define PKI1T_H
-
-#ifdef DEBUG
-static const char PKI1T_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pki1t.h
- *
- * This file contains definitions for the types used in the PKIX part-1
- * code, but not available publicly.
- */
-
-#ifndef BASET_H
-#include "baset.h"
-#endif /* BASET_H */
-
-#ifndef NSSPKI1T_H
-#include "nsspki1t.h"
-#endif /* NSSPKI1T_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * NSSOID
- *
- * This structure is used to hold our internal table of built-in OID
- * data. The fields are as follows:
- *
- * NSSItem data -- this is the actual DER-encoded multinumber oid
- * const char *expl -- this explains the derivation, and is checked
- * in a unit test. While the field always exists,
- * it is only populated or used in debug builds.
- *
- */
-
-struct NSSOIDStr {
-#ifdef DEBUG
- const NSSUTF8 *tag;
- const NSSUTF8 *expl;
-#endif /* DEBUG */
- NSSItem data;
-};
-
-/*
- * nssAttributeTypeAliasTable
- *
- * Attribute types are passed around as oids (at least in the X.500
- * and PKI worlds, as opposed to ldap). However, when written as
- * strings they usually have well-known aliases, e.g., "ou" or "c."
- *
- * This type defines a table, populated in the generated oiddata.c
- * file, of the aliases we recognize.
- *
- * The fields are as follows:
- *
- * NSSUTF8 *alias -- a well-known string alias for an oid
- * NSSOID *oid -- the oid to which the alias corresponds
- *
- */
-
-struct nssAttributeTypeAliasTableStr {
- const NSSUTF8 *alias;
- const NSSOID **oid;
-};
-typedef struct nssAttributeTypeAliasTableStr nssAttributeTypeAliasTable;
-
-PR_END_EXTERN_C
-
-#endif /* PKI1T_H */
diff --git a/security/nss/lib/pki1/rdn.c b/security/nss/lib/pki1/rdn.c
deleted file mode 100644
index f778de22c..000000000
--- a/security/nss/lib/pki1/rdn.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * rdn.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * RelativeDistinguishedName.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * RelativeDistinguishedName
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- * An RDN is merely an (unordered) set of ATAV's. The setSize (that's
- * a noun, not a verb) variable is a "helper" variable kept for
- * convenience.
- */
-
-struct nssRDNStr {
- PRUint32 setSize;
- NSSATAV **atavs;
-};
diff --git a/security/nss/lib/pki1/rdnseq.c b/security/nss/lib/pki1/rdnseq.c
deleted file mode 100644
index bbd4dfe4b..000000000
--- a/security/nss/lib/pki1/rdnseq.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * rdnseq.c
- *
- * This file contains the implementation of the PKIX part-1 object
- * RDNSequence.
- */
-
-#ifndef NSSBASE_H
-#include "nssbase.h"
-#endif /* NSSBASE_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-#ifndef PKI1_H
-#include "pki1.h"
-#endif /* PKI1_H */
-
-/*
- * RDNSequence
- *
- * From draft-ietf-pkix-ipki-part1-10:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- * An RDNSequence is simply an (ordered) sequence of RDN's. The
- * seqSize variable is a "helper" kept for simplicity.
- */
-
-struct nssRDNSeqStr {
- PRUint32 seqSize;
- NSSRDN **rdns;
-};
diff --git a/security/nss/lib/pkix/doc/name_rules.html b/security/nss/lib/pkix/doc/name_rules.html
deleted file mode 100644
index 70f9dd72e..000000000
--- a/security/nss/lib/pkix/doc/name_rules.html
+++ /dev/null
@@ -1,178 +0,0 @@
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<!--
- - The contents of this file are subject to the Mozilla Public
- - License Version 1.1 (the "License"); you may not use this file
- - except in compliance with the License. You may obtain a copy of
- - the License at http://www.mozilla.org/MPL/
- -
- - Software distributed under the License is distributed on an "AS
- - IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- - implied. See the License for the specific language governing
- - rights and limitations under the License.
- -
- - The Original Code is the Netscape security libraries.
- -
- - The Initial Developer of the Original Code is Netscape
- - Communications Corporation. Portions created by Netscape are
- - Copyright (C) 1994-2000 Netscape Communications Corporation. All
- - Rights Reserved.
- -
- - Contributor(s):
- -
- - Alternatively, the contents of this file may be used under the
- - terms of the GNU General Public License Version 2 or later (the
- - "GPL"), in which case the provisions of the GPL are applicable
- - instead of those above. If you wish to allow use of your
- - version of this file only under the terms of the GPL and not to
- - allow others to use your version of this file under the MPL,
- - indicate your decision by deleting the provisions above and
- - replace them with the notice and other provisions required by
- - the GPL. If you do not delete the provisions above, a recipient
- - may use your version of this file under either the MPL or the
- - GPL.
- -->
-<html>
-<head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <meta name="GENERATOR" content="Mozilla/4.6 [en] (X11; U; IRIX 6.3 IP32) [Netscape]">
-</head>
-<body>
-
-<h1>
-Notes on libpkix name rules</h1>
-&nbsp;
-<h2>
-Types</h2>
-Every type mentioned in RFC 2459 is reflected in libpkix.&nbsp; The type
-names, defined in <tt>nsspkix.h</tt>, are exactly the names used in the
-RFC with the added prefix of ``<tt>NSSPKIX</tt>.''&nbsp; The <tt>PKIX</tt>
-part of the name is to distinguish between these specifically defined types
-and more general reflections that are used in higher-level trust domains,
-crypto contexts, etc.&nbsp; For example, <tt>NSSPKIXCertificate</tt> is
-a type with specific properties defined in RFC 2459, while <tt>NSSCertificate</tt>
-is a general type, not necessarily based on an X.509 certificate, that
-has additional associated information.
-<p>Additionally, libpkix defines some "helper"&nbsp;types, usually when
-a type definition in the RFC&nbsp;was unusually complex.&nbsp; These types
-are prefixed with <tt>NSSPKIX</tt> as above, but the next letter is lowercase.&nbsp;
-Examples of these types include <tt>NSSPKIXrevokedCertificates</tt> and
-<tt>NSSPKIXpolicyMapping</tt>.
-<br>&nbsp;
-<h2>
-Simple types</h2>
-Many types used in or defined by RFC 2459 have more-or-less equivalent
-``natural'' types.&nbsp; These include <tt>BOOLEAN</tt>, <tt>INTEGER</tt>,
-the string types, and the date types.
-<p><tt>BOOLEAN</tt> values are always automatically converted to and from
-<tt>PRBool</tt> types.
-<p><tt>INTEGER</tt> types are used in two ways: as a ``small integer,''
-typically a quantity, and as an identification value (e.g., the serial
-number of a certificate).&nbsp; In the former situation, the RFC usually
-states that the values may be limited by the application to some value.&nbsp;
-We reflect these integers as <tt>PRInt32</tt> values, which is limited
-to about two billion.&nbsp; (The reason an unsigned integer wasn't used
-is that we use -1 as an error value; while admittedly reserving one half
-of the number space merely to indicate an error is perhaps wasteful, reducing
-the count limit from four billion to two isn't that unreasonable.)&nbsp;
-``Large integer'' uses are reflected as <tt>NSSItem</tt>s.
-<p>String types -- even complicated <tt>CHOICE</tt>s of strings -- are
-always converted to and from <tt>NSSUTF8</tt> strings.&nbsp; Most of the
-string types can handle any UTF-8 string; the few that don't will check
-the <tt>NSSUTF8</tt> string for invalid characters and return an error
-if any are found.
-<p>Date types are always converted to and from <tt>PRTime</tt> values.
-<font color="#FF0000">***FGMR*** or whatever.</font><font color="#000000">&nbsp;
-The RFC-defined types may contain values that may not be represented as
-<tt>PRTime</tt>s; when conversion of such a value is attempted, the error
-<tt>NSS_ERROR_VALUE_OUT_OF_RANGE</tt> will be returned.&nbsp; However,
-types that contain time values have comparator methods defined, so that
-valid comparisons may be made, even if the time is out of the range of
-<tt>PRTime</tt>.</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Function names</font></h2>
-<font color="#000000">All function names are created by catenating the
-type name, an underscore, and the name of a method defined on that type.&nbsp;
-In some situations, this does create rather long function names; however,
-since these are usually assocated with the more obscure types, we felt
-that sticking to a common naming system was preferable to inventing new
-names.&nbsp; (The Principle of Least Surprise.)</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Universal methods</font></h2>
-<font color="#000000">Every type has a few standard methods:</font>
-<ul>
-<li>
-<tt><font color="#000000">&lt;typename>_CreateFromBER</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Create</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Destroy</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_GetDEREncoding</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Equal</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Duplicate</font></tt></li>
-</ul>
-<font color="#000000">For types for which a BER encoding can be created
-which is not the DER&nbsp;encoding, there is a method <tt>&lt;typename>_GetBEREncoding</tt>.</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Accessors</font></h2>
-<font color="#000000">Simple accessor method names are constructed with
-``<tt>Get</tt>'' and ``<tt>Set</tt>'' followed by the field name:</font>
-<ul>
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;fieldname></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Set&lt;fieldname></font></tt></li>
-</ul>
-<font color="#000000">Optional fields also have ``<tt>Has</tt>'' and ``<tt>Remove</tt>''
-methods, constructed in the same way.</font>
-<br><font color="#000000"></font>&nbsp;
-<h2>
-<font color="#000000">Sequences</font></h2>
-<font color="#000000">Sequences have the following accessors:</font>
-<ul>
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;name>Count</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;name>s</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Set&lt;name>s</font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Get&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Set&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Append&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Insert&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Remove&lt;name></font></tt></li>
-
-<li>
-<tt><font color="#000000">&lt;typename>_Find&lt;name></font></tt></li>
-</ul>
-<font color="#000000">Sets (unordered sequences) replace the <tt>Append</tt>
-and <tt>Insert</tt> methods with <tt>Add</tt>.&nbsp; The plural Get and
-Set methods operate on arrays of the subtype.</font>
-<br><font color="#000000"></font>&nbsp;
-<br><font color="#000000"></font>&nbsp;
-<br><font color="#000000"></font>&nbsp;
-</body>
-</html>
diff --git a/security/nss/lib/pkix/include/nsspkix.h b/security/nss/lib/pkix/include/nsspkix.h
deleted file mode 100644
index 6e55be3a9..000000000
--- a/security/nss/lib/pkix/include/nsspkix.h
+++ /dev/null
@@ -1,24377 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKIX_H
-#define NSSPKIX_H
-
-#ifdef DEBUG
-static const char NSSPKIX_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspkix.h
- *
- * This file contains the prototypes for the public methods defined
- * for the PKIX part-1 objects.
- */
-
-#ifndef NSSPKIXT_H
-#include "nsspkixt.h"
-#endif /* NSSPKIXT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Attribute ::= SEQUENCE {
- * type AttributeType,
- * values SET OF AttributeValue
- * -- at least one value is required -- }
- *
- * The public calls for the type:
- *
- * NSSPKIXAttribute_Decode
- * NSSPKIXAttribute_Create
- * NSSPKIXAttribute_CreateFromArray
- * NSSPKIXAttribute_Destroy
- * NSSPKIXAttribute_Encode
- * NSSPKIXAttribute_GetType
- * NSSPKIXAttribute_SetType
- * NSSPKIXAttribute_GetValueCount
- * NSSPKIXAttribute_GetValues
- * NSSPKIXAttribute_SetValues
- * NSSPKIXAttribute_GetValue
- * NSSPKIXAttribute_SetValue
- * NSSPKIXAttribute_AddValue
- * NSSPKIXAttribute_RemoveValue
- * NSSPKIXAttribute_FindValue
- * NSSPKIXAttribute_Equal
- * NSSPKIXAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459. This
- * routine may return NULL upon error, in which case it will
- * have created an error stack. If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value1,
- ...
-);
-
-/*
- * NSSPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_CreateFromArray
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- NSSPKIXAttributeValue values[]
-);
-
-/*
- * NSSPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute. It should be called on
- * all such objects created without an arena. It does not need to be
- * called for objects created with an arena, but it may be. This
- * routine returns a PRStatus value. Upon error, it will create an
- * error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_Destroy
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXAttribute_Encode
- *
- * This routine returns the BER encoding of the specified
- * NSSPKIXAttribute. {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA)
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAttribute_Encode
-(
- NSSPKIXAttribute *attribute,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-NSSPKIXAttribute_GetType
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value. Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_SetType
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeType *attributeType
-);
-
-/*
- * NSSPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute. This routine returns a PRInt32.
- * Upon error, this routine returns -1. This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAttribute_GetValueCount
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute. If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned. If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSItem's upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_SetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue values[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute. Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed. {usual comments about
- * itemOpt and arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_SetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_AddValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute. An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_RemoveValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i
-);
-
-/*
- * NSSPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data. If an exact match is found,
- * then that value's index is returned. If an exact match is not
- * found, -1 is returned. If there is more than one exact match, one
- * index will be returned. {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAttribute_FindValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *attributeValue
-);
-
-/*
- * NSSPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAttribute_Equal
-(
- NSSPKIXAttribute *one,
- NSSPKIXAttribute *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute. {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXAttribute_Duplicate
-(
- NSSPKIXAttribute *attribute,
- NSSArena *arenaOpt
-);
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNames consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type AttributeType,
- * value AttributeValue }
- *
- * The public calls for the type:
- *
- * NSSPKIXAttributeTypeAndValue_Decode
- * NSSPKIXAttributeTypeAndValue_CreateFromUTF8
- * NSSPKIXAttributeTypeAndValue_Create
- * NSSPKIXAttributeTypeAndValue_Destroy
- * NSSPKIXAttributeTypeAndValue_Encode
- * NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
- * NSSPKIXAttributeTypeAndValue_GetType
- * NSSPKIXAttributeTypeAndValue_SetType
- * NSSPKIXAttributeTypeAndValue_GetValue
- * NSSPKIXAttributeTypeAndValue_SetValue
- * NSSPKIXAttributeTypeAndValue_Equal
- * NSSPKIXAttributeTypeAndValue_Duplicate
- */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttributeTypeAndValue_Destroy
-(
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAttributeTypeAndValue_Encode
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-NSSPKIXAttributeTypeAndValue_GetType
-(
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttributeTypeAndValue_SetType
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeType *attributeType
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-NSSPKIXAttributeTypeAndValue_GetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttributeTypeAndValue_SetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAttributeTypeAndValue_Equal
-(
- NSSPKIXAttributeTypeAndValue *atav1,
- NSSPKIXAttributeTypeAndValue *atav2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAttributeTypeAndValue_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Duplicate
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * X520Name
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520name ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-name)),
- * printableString PrintableString (SIZE (1..ub-name)),
- * universalString UniversalString (SIZE (1..ub-name)),
- * utf8String UTF8String (SIZE (1..ub-name)),
- * bmpString BMPString (SIZE(1..ub-name)) }
- *
- * ub-name INTEGER ::= 32768
- *
- * The public calls for this type:
- *
- * NSSPKIXX520Name_Decode
- * NSSPKIXX520Name_CreateFromUTF8
- * NSSPKIXX520Name_Create (?)
- * NSSPKIXX520Name_Destroy
- * NSSPKIXX520Name_Encode
- * NSSPKIXX520Name_GetUTF8Encoding
- * NSSPKIXX520Name_Equal
- * NSSPKIXX520Name_Duplicate
- *
- * The public data for this type:
- *
- * NSSPKIXX520Name_MAXIMUM_LENGTH
- *
- */
-
-/*
- * NSSPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-NSSPKIXX520Name_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-NSSPKIXX520Name_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520Name_Create
- *
- * XXX fgmr: currently nssStringType is a private type. Thus,
- * this public method should not exist. I'm leaving this here
- * to remind us later what we want to decide.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-/*
- * NSS_EXTERN NSSPKIXX520Name *
- * NSSPKIXX520Name_Create
- * (
- * NSSArena *arenaOpt,
- * nssStringType type,
- * NSSItem *data
- * );
- */
-
-/*
- * NSSPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520Name_Destroy
-(
- NSSPKIXX520Name *name
-);
-
-/*
- * NSSPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520Name_Encode
-(
- NSSPKIXX520Name *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXX520Name_GetUTF8Encoding
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXX520Name_Equal
-(
- NSSPKIXX520Name *name1,
- NSSPKIXX520Name *name2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXX520Name_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-NSSPKIXX520Name_Duplicate
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520Name_MAXIMUM_LENGTH
- *
- * From RFC 2459:
- *
- * ub-name INTEGER ::= 32768
- */
-
-extern const PRUint32 NSSPKIXX520Name_MAXIMUM_LENGTH;
-
-/*
- * X520CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520CommonName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-common-name)),
- * printableString PrintableString (SIZE (1..ub-common-name)),
- * universalString UniversalString (SIZE (1..ub-common-name)),
- * utf8String UTF8String (SIZE (1..ub-common-name)),
- * bmpString BMPString (SIZE(1..ub-common-name)) }
- *
- * ub-common-name INTEGER ::= 64
- *
- * The public calls for this type:
- *
- * NSSPKIXX520CommonName_Decode
- * NSSPKIXX520CommonName_CreateFromUTF8
- * NSSPKIXX520CommonName_Create (?)
- * NSSPKIXX520CommonName_Destroy
- * NSSPKIXX520CommonName_Encode
- * NSSPKIXX520CommonName_GetUTF8Encoding
- * NSSPKIXX520CommonName_Equal
- * NSSPKIXX520CommonName_Duplicate
- *
- * The public data for this type:
- *
- * NSSPKIXX520CommonName_MAXIMUM_LENGTH
- *
- */
-
-/*
- * NSSPKIXX520CommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-NSSPKIXX520CommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520CommonName_Create
- *
- * XXX fgmr: currently nssStringType is a private type. Thus,
- * this public method should not exist. I'm leaving this here
- * to remind us later what we want to decide.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-/*
- * NSS_EXTERN NSSPKIXX520CommonName *
- * NSSPKIXX520CommonName_Create
- * (
- * NSSArena *arenaOpt,
- * nssStringType type,
- * NSSItem *data
- * );
- */
-
-/*
- * NSSPKIXX520CommonName_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520CommonName_Destroy
-(
- NSSPKIXX520CommonName *name
-);
-
-/*
- * NSSPKIXX520CommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-NSSPKIXX520CommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520CommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520CommonName_Encode
-(
- NSSPKIXX520CommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520CommonName_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXX520CommonName_GetUTF8Encoding
-(
- NSSPKIXX520CommonName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520CommonName_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXX520CommonName_Equal
-(
- NSSPKIXX520CommonName *name1,
- NSSPKIXX520CommonName *name2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXX520CommonName_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-NSSPKIXX520CommonName_Duplicate
-(
- NSSPKIXX520CommonName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXX520CommonName_MAXIMUM_LENGTH
- *
- * From RFC 2459:
- *
- * ub-common-name INTEGER ::= 64
- */
-
-extern const PRUint32 NSSPKIXX520CommonName_MAXIMUM_LENGTH;
-
-/*
- * X520LocalityName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520LocalityName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-locality-name)),
- * printableString PrintableString (SIZE (1..ub-locality-name)),
- * universalString UniversalString (SIZE (1..ub-locality-name)),
- * utf8String UTF8String (SIZE (1..ub-locality-name)),
- * bmpString BMPString (SIZE(1..ub-locality-name)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520LocalityName_Decode
- * NSSPKIXX520LocalityName_CreateFromUTF8
- * NSSPKIXX520LocalityName_Encode
- *
- */
-
-/*
- * NSSPKIXX520LocalityName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520LocalityName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-NSSPKIXX520LocalityName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520LocalityName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520LocalityName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-NSSPKIXX520LocalityName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520LocalityName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520LocalityName_Encode
-(
- NSSPKIXX520LocalityName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520StateOrProvinceName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520StateOrProvinceName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-state-name)),
- * printableString PrintableString (SIZE (1..ub-state-name)),
- * universalString UniversalString (SIZE (1..ub-state-name)),
- * utf8String UTF8String (SIZE (1..ub-state-name)),
- * bmpString BMPString (SIZE(1..ub-state-name)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520StateOrProvinceName_Decode
- * NSSPKIXX520StateOrProvinceName_CreateFromUTF8
- * NSSPKIXX520StateOrProvinceName_Encode
- *
- */
-
-/*
- * NSSPKIXX520StateOrProvinceName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-NSSPKIXX520StateOrProvinceName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520StateOrProvinceName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-NSSPKIXX520StateOrProvinceName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520StateOrProvinceName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520StateOrProvinceName_Encode
-(
- NSSPKIXX520StateOrProvinceName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organization-name)),
- * printableString PrintableString (SIZE (1..ub-organization-name)),
- * universalString UniversalString (SIZE (1..ub-organization-name)),
- * utf8String UTF8String (SIZE (1..ub-organization-name)),
- * bmpString BMPString (SIZE(1..ub-organization-name)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520OrganizationName_Decode
- * NSSPKIXX520OrganizationName_CreateFromUTF8
- * NSSPKIXX520OrganizationName_Encode
- *
- */
-
-/*
- * NSSPKIXX520OrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-NSSPKIXX520OrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520OrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-NSSPKIXX520OrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520OrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520OrganizationName_Encode
-(
- NSSPKIXX520OrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationalUnitName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organizational-unit-name)),
- * printableString PrintableString
- * (SIZE (1..ub-organizational-unit-name)),
- * universalString UniversalString
- * (SIZE (1..ub-organizational-unit-name)),
- * utf8String UTF8String (SIZE (1..ub-organizational-unit-name)),
- * bmpString BMPString (SIZE(1..ub-organizational-unit-name)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520OrganizationalUnitName_Decode
- * NSSPKIXX520OrganizationalUnitName_CreateFromUTF8
- * NSSPKIXX520OrganizationalUnitName_Encode
- *
- */
-
-/*
- * NSSPKIXX520OrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-NSSPKIXX520OrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520OrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-NSSPKIXX520OrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520OrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520OrganizationalUnitName_Encode
-(
- NSSPKIXX520OrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520Title
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520Title ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-title)),
- * printableString PrintableString (SIZE (1..ub-title)),
- * universalString UniversalString (SIZE (1..ub-title)),
- * utf8String UTF8String (SIZE (1..ub-title)),
- * bmpString BMPString (SIZE(1..ub-title)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXX520Title_Decode
- * NSSPKIXX520Title_CreateFromUTF8
- * NSSPKIXX520Title_Encode
- *
- */
-
-/*
- * NSSPKIXX520Title_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Title upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-NSSPKIXX520Title_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520Title_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Title upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-NSSPKIXX520Title_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520Title_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520Title_Encode
-(
- NSSPKIXX520Title *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520dnQualifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520dnQualifier ::= PrintableString
- *
- * The public calls for this type:
- *
- * NSSPKIXX520dnQualifier_Decode
- * NSSPKIXX520dnQualifier_CreateFromUTF8
- * NSSPKIXX520dnQualifier_Encode
- *
- */
-
-/*
- * NSSPKIXX520dnQualifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520dnQualifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-NSSPKIXX520dnQualifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520dnQualifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520dnQualifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-NSSPKIXX520dnQualifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520dnQualifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520dnQualifier_Encode
-(
- NSSPKIXX520dnQualifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520countryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes
- *
- * The public calls for this type:
- *
- * NSSPKIXX520countryName_Decode
- * NSSPKIXX520countryName_CreateFromUTF8
- * NSSPKIXX520countryName_Encode
- *
- */
-
-/*
- * NSSPKIXX520countryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520countryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-NSSPKIXX520countryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX520countryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520countryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-NSSPKIXX520countryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX520countryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX520countryName_Encode
-(
- NSSPKIXX520countryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Pkcs9email
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXPkcs9email_Decode
- * NSSPKIXPkcs9email_CreateFromUTF8
- * NSSPKIXPkcs9email_Encode
- *
- */
-
-/*
- * NSSPKIXPkcs9email_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPkcs9email upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-NSSPKIXPkcs9email_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPkcs9email_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPkcs9email upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-NSSPKIXPkcs9email_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPkcs9email_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPkcs9email_Encode
-(
- NSSPKIXPkcs9email *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- * The public calls for this type:
- *
- * NSSPKIXName_Decode
- * NSSPKIXName_CreateFromUTF8
- * NSSPKIXName_Create
- * NSSPKIXName_CreateFromRDNSequence
- * NSSPKIXName_Destroy
- * NSSPKIXName_Encode
- * NSSPKIXName_GetUTF8Encoding
- * NSSPKIXName_GetChoice
- * NSSPKIXName_GetRDNSequence
- * NSSPKIXName_GetSpecifiedChoice {fgmr remove this}
- * NSSPKIXName_SetRDNSequence
- * NSSPKIXName_SetSpecifiedChoice
- * NSSPKIXName_Equal
- * NSSPKIXName_Duplicate
- *
- * (here is where I had specific attribute value gettors in pki1)
- *
- */
-
-/*
- * NSSPKIXName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * NSSPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNameChoice choice,
- void *arg
-);
-
-/*
- * NSSPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_CreateFromRDNSequence
-(
- NSSArena *arenaOpt,
- NSSPKIXRDNSequence *rdnSequence
-);
-
-/*
- * NSSPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXName_Destroy
-(
- NSSPKIXName *name
-);
-
-/*
- * NSSPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXName_Encode
-(
- NSSPKIXName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXName_GetUTF8Encoding
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid element of the NSSPKIXNameChoice enumeration upon success
- * The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_EXTERN NSSPKIXNameChoice
-NSSPKIXName_GetChoice
-(
- NSSPKIXName *name
-);
-
-/*
- * NSSPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer to a valid NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXName_GetRDNSequence
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer ...
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-NSSPKIXName_GetSpecifiedChoice
-(
- NSSPKIXName *name,
- NSSPKIXNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXName_Equal
-(
- NSSPKIXName *name1,
- NSSPKIXName *name2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXName_Duplicate
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- * The public calls for this type:
- *
- * NSSPKIXRDNSequence_Decode
- * NSSPKIXRDNSequence_CreateFromUTF8
- * NSSPKIXRDNSequence_Create
- * NSSPKIXRDNSequence_CreateFromArray
- * NSSPKIXRDNSequence_Destroy
- * NSSPKIXRDNSequence_Encode
- * NSSPKIXRDNSequence_GetUTF8Encoding
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNames
- * NSSPKIXRDNSequence_SetRelativeDistinguishedNames
- * NSSPKIXRDNSequence_GetRelativeDistinguishedName
- * NSSPKIXRDNSequence_SetRelativeDistinguishedName
- * NSSPKIXRDNSequence_AppendRelativeDistinguishedName
- * NSSPKIXRDNSequence_InsertRelativeDistinguishedName
- * NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
- * NSSPKIXRDNSequence_FindRelativeDistinguishedName
- * NSSPKIXRDNSequence_Equal
- * NSSPKIXRDNSequence_Duplicate
- *
- */
-
-/*
- * NSSPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * NSSPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *rdn1,
- ...
-);
-
-/*
- * NSSPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXRelativeDistinguishedName *rdns[]
-);
-
-/*
- * NSSPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_Destroy
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * NSSPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXRDNSequence_Encode
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXRDNSequence_GetUTF8Encoding
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence. {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXRelativeDistinguishedName
- * pointers upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName **
-NSSPKIXRDNSequence_GetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdns[],
- PRInt32 countOpt
-);
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRDNSequence_GetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_AppendRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_InsertRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i
-);
-
-/*
- * NSSPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRDNSequence_FindRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXRDNSequence_Equal
-(
- NSSPKIXRDNSequence *one,
- NSSPKIXRDNSequence *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Duplicate
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * DistinguishedName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistinguishedName ::= RDNSequence
- *
- * This is just a public typedef; no new methods are required. {fgmr-- right?}
- */
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- * The public calls for this type:
- *
- * NSSPKIXRelativeDistinguishedName_Decode
- * NSSPKIXRelativeDistinguishedName_CreateFromUTF8
- * NSSPKIXRelativeDistinguishedName_Create
- * NSSPKIXRelativeDistinguishedName_CreateFromArray
- * NSSPKIXRelativeDistinguishedName_Destroy
- * NSSPKIXRelativeDistinguishedName_Encode
- * NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_Equal
- * NSSPKIXRelativeDistinguishedName_Duplicate
- *
- * fgmr: Logical additional functions include
- *
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValueByType
- * returns PRInt32
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValuesByType
- * returns array of PRInt32
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueForType
- * returns NSSPKIXAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValuesForType
- * returns array of NSSPKIXAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeValueForType
- * returns NSSPKIXAttributeValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeValuesForType
- * returns array of NSSPKIXAttributeValue
- *
- * NOTE: the "return array" versions are only meaningful if an RDN may
- * contain multiple ATAVs with the same type. Verify in the RFC if
- * this is possible or not. If not, nuke those three functions.
- *
- */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeTypeAndValue *atav1,
- ...
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXAttributeTypeAndValue *atavs[]
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_Destroy
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXRelativeDistinguishedName_Encode
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttributeTypeAndValue
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue **
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atavs[],
- PRInt32 countOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXRelativeDistinguishedName_Equal
-(
- NSSPKIXRelativeDistinguishedName *one,
- NSSPKIXRelativeDistinguishedName *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Duplicate
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * DirectoryString
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DirectoryString ::= CHOICE {
- * teletexString TeletexString (SIZE (1..MAX)),
- * printableString PrintableString (SIZE (1..MAX)),
- * universalString UniversalString (SIZE (1..MAX)),
- * utf8String UTF8String (SIZE (1..MAX)),
- * bmpString BMPString (SIZE(1..MAX)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXDirectoryString_Decode
- * NSSPKIXDirectoryString_CreateFromUTF8
- * NSSPKIXDirectoryString_Encode
- *
- */
-
-/*
- * NSSPKIXDirectoryString_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDirectoryString upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-NSSPKIXDirectoryString_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXDirectoryString_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDirectoryString upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-NSSPKIXDirectoryString_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXDirectoryString_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_DIRECTORY_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDirectoryString_Encode
-(
- NSSPKIXDirectoryString *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Certificate ::= SEQUENCE {
- * tbsCertificate TBSCertificate,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- * The public calls for this type:
- *
- * NSSPKIXCertificate_Decode
- * NSSPKIXCertificate_Create
- * NSSPKIXCertificate_Destroy
- * NSSPKIXCertificate_Encode
- * NSSPKIXCertificate_GetTBSCertificate
- * NSSPKIXCertificate_SetTBSCertificate
- * NSSPKIXCertificate_GetAlgorithmIdentifier
- * NSSPKIXCertificate_SetAlgorithmIdentifier
- * NSSPKIXCertificate_GetSignature
- * NSSPKIXCertificate_SetSignature
- * NSSPKIXCertificate_Equal
- * NSSPKIXCertificate_Duplicate
- *
- * { inherit TBSCertificate gettors? }
- *
- */
-
-/*
- * NSSPKIXCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-NSSPKIXCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCertificate_Create
- *
- * -- fgmr comments --
- * { at this level we'll have to just accept a specified signature }
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_ALGID
- * NSS_ERROR_INVALID_PKIX_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-NSSPKIXCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXAlgorithmIdentifier *algID,
- NSSItem *signature
-);
-
-/*
- * NSSPKIXCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_Destroy
-(
- NSSPKIXCertificate *cert
-);
-
-/*
- * NSSPKIXCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCertificate_Encode
-(
- NSSPKIXCertificate *cert,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_GetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXCertificate_GetTBSCertificate
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_SetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_SetTBSCertificate
-(
- NSSPKIXCertificate *cert,
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXCertificate_GetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXCertificate_GetAlgorithmIdentifier
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_SetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_SetAlgorithmIdentifier
-(
- NSSPKIXCertificate *cert,
- NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * NSSPKIXCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXCertificate_GetSignature
-(
- NSSPKIXCertificate *cert,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificate_SetSignature
-(
- NSSPKIXCertificate *cert,
- NSSItem *signature
-);
-
-/*
- * NSSPKIXCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCertificate_Equal
-(
- NSSPKIXCertificate *one,
- NSSPKIXCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-NSSPKIXCertificate_Duplicate
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertificate ::= SEQUENCE {
- * version [0] Version DEFAULT v1,
- * serialNumber CertificateSerialNumber,
- * signature AlgorithmIdentifier,
- * issuer Name,
- * validity Validity,
- * subject Name,
- * subjectPublicKeyInfo SubjectPublicKeyInfo,
- * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * extensions [3] Extensions OPTIONAL
- * -- If present, version shall be v3 -- }
- *
- * The public calls for this type:
- *
- * NSSPKIXTBSCertificate_Decode
- * NSSPKIXTBSCertificate_Create
- * NSSPKIXTBSCertificate_Destroy
- * NSSPKIXTBSCertificate_Encode
- * NSSPKIXTBSCertificate_GetVersion
- * NSSPKIXTBSCertificate_SetVersion
- * NSSPKIXTBSCertificate_GetSerialNumber
- * NSSPKIXTBSCertificate_SetSerialNumber
- * NSSPKIXTBSCertificate_GetSignature
- * NSSPKIXTBSCertificate_SetSignature
- * { inherit algid gettors? }
- * NSSPKIXTBSCertificate_GetIssuer
- * NSSPKIXTBSCertificate_SetIssuer
- * { inherit "helper" issuer gettors? }
- * NSSPKIXTBSCertificate_GetValidity
- * NSSPKIXTBSCertificate_SetValidity
- * { inherit validity accessors }
- * NSSPKIXTBSCertificate_GetSubject
- * NSSPKIXTBSCertificate_SetSubject
- * NSSPKIXTBSCertificate_GetSubjectPublicKeyInfo
- * NSSPKIXTBSCertificate_SetSubjectPublicKeyInfo
- * NSSPKIXTBSCertificate_HasIssuerUniqueID
- * NSSPKIXTBSCertificate_GetIssuerUniqueID
- * NSSPKIXTBSCertificate_SetIssuerUniqueID
- * NSSPKIXTBSCertificate_RemoveIssuerUniqueID
- * NSSPKIXTBSCertificate_HasSubjectUniqueID
- * NSSPKIXTBSCertificate_GetSubjectUniqueID
- * NSSPKIXTBSCertificate_SetSubjectUniqueID
- * NSSPKIXTBSCertificate_RemoveSubjectUniqueID
- * NSSPKIXTBSCertificate_HasExtensions
- * NSSPKIXTBSCertificate_GetExtensions
- * NSSPKIXTBSCertificate_SetExtensions
- * NSSPKIXTBSCertificate_RemoveExtensions
- * { extension accessors }
- * NSSPKIXTBSCertificate_Equal
- * NSSPKIXTBSCertificate_Duplicate
- */
-
-/*
- * NSSPKIXTBSCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXTBSCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTBSCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_VERSION
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ISSUER_NAME
- * NSS_ERROR_INVALID_VALIDITY
- * NSS_ERROR_INVALID_SUBJECT_NAME
- * NSS_ERROR_INVALID_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ISSUER_UNIQUE_IDENTIFIER
- * NSS_ERROR_INVALID_SUBJECT_UNIQUE_IDENTIFIER
- * NSS_ERROR_INVALID_EXTENSION
- *
- * Return value:
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXTBSCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXVersion version,
- NSSPKIXCertificateSerialNumber *serialNumber,
- NSSPKIXAlgorithmIdentifier *signature,
- NSSPKIXName *issuer,
- NSSPKIXValidity *validity,
- NSSPKIXName *subject,
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSPKIXUniqueIdentifier *issuerUniqueID,
- NSSPKIXUniqueIdentifier *subjectUniqueID,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * NSSPKIXTBSCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_Destroy
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTBSCertificate_Encode
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid element of the NSSPKIXVersion enumeration upon success
- * NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-NSSPKIXTBSCertificate_GetVersion
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetVersion
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXVersion version
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-NSSPKIXTBSCertificate_GetSerialNumber
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXCertificateSerialNumber *snOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSerialNumber
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXCertificateSerialNumber *sn
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXTBSCertificate_GetSignature
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSignature
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXAlgorithmIdentifier *algID
-);
-
-/*
- * { fgmr inherit algid gettors? }
- */
-
-/*
- * NSSPKIXTBSCertificate_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXTBSCertificate_GetIssuer
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetIssuer
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXName *issuer
-);
-
-/*
- * { inherit "helper" issuer gettors? }
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *
- * Return value:
- */
-
-/*
- * NSSPKIXTBSCertificate_GetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXTBSCertificate_GetValidity
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetValidity
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXValidity *validity
-);
-
-/*
- * { fgmr inherit validity accessors }
- */
-
-/*
- * NSSPKIXTBSCertificate_GetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXTBSCertificate_GetSubject
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSubject
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXName *subject
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXTBSCertificate_GetSubjectPublicKeyInfo
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSubjectPublicKeyInfo
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * NSSPKIXTBSCertificate_HasIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_HasIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXUniqueIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-NSSPKIXTBSCertificate_GetIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uidOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * NSSPKIXTBSCertificate_RemoveIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_RemoveIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_HasSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_HasSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXUniqueIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-NSSPKIXTBSCertificate_GetSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uidOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * NSSPKIXTBSCertificate_RemoveSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_RemoveSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * NSSPKIXTBSCertificate_HasExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_HasExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_GetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-NSSPKIXTBSCertificate_GetExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_SetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_SetExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * NSSPKIXTBSCertificate_RemoveExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertificate_RemoveExtensions
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * { extension accessors }
- */
-
-/*
- * NSSPKIXTBSCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertificate_Equal
-(
- NSSPKIXTBSCertificate *one,
- NSSPKIXTBSCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-NSSPKIXTBSCertificate_Duplicate
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * CertificateSerialNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateSerialNumber ::= INTEGER
- *
- * This is just a typedef'd NSSBER; no methods are required.
- * {fgmr -- the asn.1 stuff should have routines to convert
- * integers to natural types when possible and vv. we can
- * refer to them here..}
- */
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Validity ::= SEQUENCE {
- * notBefore Time,
- * notAfter Time }
- *
- * The public calls for the type:
- *
- * NSSPKIXValidity_Decode
- * NSSPKIXValidity_Create
- * NSSPKIXValidity_Encode
- * NSSPKIXValidity_Destroy
- * NSSPKIXValidity_GetNotBefore
- * NSSPKIXValidity_SetNotBefore
- * NSSPKIXValidity_GetNotAfter
- * NSSPKIXValidity_SetNotAfter
- * NSSPKIXValidity_Equal
- * NSSPKIXValidity_Compare
- * NSSPKIXValidity_Duplicate
- *
- */
-
-/*
- * NSSPKIXValidity_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXValidity_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXValidity_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXValidity_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTime notBefore,
- NSSPKIXTime notAfter
-);
-
-/*
- * NSSPKIXValidity_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXValidity_Destroy
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * NSSPKIXValidity_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXValidity_Encode
-(
- NSSPKIXValidity *validity,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXValidity_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXValidity_GetNotBefore
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * NSSPKIXValidity_SetNotBefore
- *
- * -- fgmr comments --
- * {do we require that it be before the "notAfter" value?}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXValidity_SetNotBefore
-(
- NSSPKIXValidity *validity,
- NSSPKIXTime notBefore
-);
-
-/*
- * NSSPKIXValidity_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXValidity_GetNotAfter
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * NSSPKIXValidity_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXValidity_SetNotAfter
-(
- NSSPKIXValidity *validity,
- NSSPKIXTime notAfter
-);
-
-/*
- * NSSPKIXValidity_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXValidity_Equal
-(
- NSSPKIXValidity *one,
- NSSPKIXValidity *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXValidity_Compare
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * 1 if the second is "greater" or later than the first
- * 0 if they are equal
- * -1 if the first is "greater" or later than the first
- * -2 upon failure
- */
-
-NSS_EXTERN PRIntn
-NSSPKIXValidity_Compare
-(
- NSSPKIXValidity *one,
- NSSPKIXValidity *two
-);
-
-/*
- * NSSPKIXValidity_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-NSSPKIXValidity_Duplicate
-(
- NSSPKIXValidity *validity,
- NSSArena *arenaOpt
-);
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Time ::= CHOICE {
- * utcTime UTCTime,
- * generalTime GeneralizedTime }
- *
- * The public calls for the type:
- *
- * NSSPKIXTime_Decode
- * NSSPKIXTime_CreateFromPRTime
- * NSSPKIXTime_CreateFromUTF8
- * NSSPKIXTime_Destroy
- * NSSPKIXTime_Encode
- * NSSPKIXTime_GetPRTime
- * NSSPKIXTime_GetUTF8Encoding
- * NSSPKIXTime_Equal
- * NSSPKIXTime_Duplicate
- * NSSPKIXTime_Compare
- *
- */
-
-/*
- * NSSPKIXTime_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_CreateFromPRTime
-(
- NSSArena *arenaOpt,
- PRTime prTime
-);
-
-/*
- * NSSPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTime_Destroy
- *
- */
-
-NSS_EXTERN PR_STATUS
-NSSPKIXTime_Destroy
-(
- NSSPKIXTime *time
-);
-
-/*
- * NSSPKIXTime_Encode
- *
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTime_Encode
-(
- NSSPKIXTime *time,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTime_GetPRTime
- *
- * Returns a zero on error
- */
-
-NSS_EXTERN PRTime
-NSSPKIXTime_GetPRTime
-(
- NSSPKIXTime *time,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTime_GetUTF8Encoding
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKXITime_GetUTF8Encoding
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTime_Equal
- *
- */
-
-NSS_EXTERN PRBool
-NSSPKXITime_Equal
-(
- NSSPKXITime *time1,
- NSSPKXITime *time2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTime_Duplicate
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKXITime_Duplicate
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTime_Compare
- *
- * Usual result: -1, 0, 1
- * Returns 0 on error
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTime_Compare
-(
- NSSPKIXTime *time1,
- NSSPKIXTime *tiem2,
- PRStatus *statusOpt
-);
-
-/*
- * UniqueIdentifier
- *
- * -- fgmr comments --
- * Should we distinguish bitstrings from "regular" items/BERs?
- * It could be another typedef, but with a separate type to help
- * remind users about the factor of 8. OR we could make it a
- * hard type, and require the use of some (trivial) converters.
- *
- * From RFC 2459:
- *
- * UniqueIdentifier ::= BIT STRING
- *
- */
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- *
- * The public calls for the type:
- *
- * NSSPKIXSubjectPublicKeyInfo_Decode
- * NSSPKIXSubjectPublicKeyInfo_Create
- * NSSPKIXSubjectPublicKeyInfo_Encode
- * NSSPKIXSubjectPublicKeyInfo_Destroy
- * NSSPKIXSubjectPublicKeyInfo_GetAlgorithm
- * NSSPKIXSubjectPublicKeyInfo_SetAlgorithm
- * NSSPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- * NSSPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- * NSSPKIXSubjectPublicKeyInfo_Equal
- * NSSPKIXSubjectPublicKeyInfo_Duplicate
- *
- */
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXSubjectPublicKeyInfo_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXSubjectPublicKeyInfo_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *subjectPublicKey
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectPublicKeyInfo_Destroy
-(
- NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXSubjectPublicKeyInfo_Encode
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXSubjectPublicKeyInfo_GetAlgorithm
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectPublicKeyInfo_SetAlgorithm
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSItem *spkOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSItem *spk
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXSubjectPublicKeyInfo_Equal
-(
- NSSPKIXSubjectPublicKeyInfo *one,
- NSSPKIXSubjectPublicKeyInfo *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXSubjectPublicKeyInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-NSSPKIXSubjectPublicKeyInfo_Duplicate
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSArena *arenaOpt
-);
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-/* { FGMR } */
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extension ::= SEQUENCE {
- * extnID OBJECT IDENTIFIER,
- * critical BOOLEAN DEFAULT FALSE,
- * extnValue OCTET STRING }
- *
- */
-
-/* { FGMR } */
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateList ::= SEQUENCE {
- * tbsCertList TBSCertList,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- * The public calls for the type:
- *
- * NSSPKIXCertificateList_Decode
- * NSSPKIXCertificateList_Create
- * NSSPKIXCertificateList_Encode
- * NSSPKIXCertificateList_Destroy
- * NSSPKIXCertificateList_GetTBSCertList
- * NSSPKIXCertificateList_SetTBSCertList
- * NSSPKIXCertificateList_GetSignatureAlgorithm
- * NSSPKIXCertificateList_SetSignatureAlgorithm
- * NSSPKIXCertificateList_GetSignature
- * NSSPKIXCertificateList_SetSignature
- * NSSPKIXCertificateList_Equal
- * NSSPKIXCertificateList_Duplicate
- *
- */
-
-/*
- * NSSPKIXCertificateList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-NSSPKIXCertificateList_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCertificateList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-NSSPKIXCertificateList_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTBSCertList *tbsCertList,
- NSSPKIXAlgorithmIdentifier *sigAlg,
- NSSItem *signature
-);
-
-/*
- * NSSPKIXCertificateList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_Destroy
-(
- NSSPKIXCertificateList *certList
-);
-
-/*
- * NSSPKIXCertificateList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCertificateList_Encode
-(
- NSSPKIXCertificateList *certList,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_GetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXCertificateList_GetTBSCertList
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_SetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_SetTBSCertList
-(
- NSSPKIXCertificateList *certList,
- NSSPKIXTBSCertList *tbsCertList
-);
-
-/*
- * NSSPKIXCertificateList_GetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXCertificateList_GetSignatureAlgorithm
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_SetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_SetSignatureAlgorithm
-(
- NSSPKIXCertificateList *certList,
- NSSPKIXAlgorithmIdentifier *sigAlg
-);
-
-/*
- * NSSPKIXCertificateList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXCertificateList_GetSignature
-(
- NSSPKIXCertificateList *certList,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificateList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificateList_SetSignature
-(
- NSSPKIXCertificateList *certList,
- NSSItem *sig
-);
-
-/*
- * NSSPKIXCertificateList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCertificateList_Equal
-(
- NSSPKIXCertificateList *one,
- NSSPKIXCertificateList *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCertificateList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-NSSPKIXCertificateList_Duplicate
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertList ::= SEQUENCE {
- * version Version OPTIONAL,
- * -- if present, shall be v2
- * signature AlgorithmIdentifier,
- * issuer Name,
- * thisUpdate Time,
- * nextUpdate Time OPTIONAL,
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- * crlExtensions [0] Extensions OPTIONAL
- * -- if present, shall be v2 -- }
- *
- * The public calls for the type:
- *
- * NSSPKIXTBSCertList_Decode
- * NSSPKIXTBSCertList_Create
- * NSSPKIXTBSCertList_Destroy
- * NSSPKIXTBSCertList_Encode
- * NSSPKIXTBSCertList_GetVersion
- * NSSPKIXTBSCertList_SetVersion
- * NSSPKIXTBSCertList_GetSignature
- * NSSPKIXTBSCertList_SetSignature
- * NSSPKIXTBSCertList_GetIssuer
- * NSSPKIXTBSCertList_SetIssuer
- * NSSPKIXTBSCertList_GetThisUpdate
- * NSSPKIXTBSCertList_SetThisUpdate
- * NSSPKIXTBSCertList_HasNextUpdate
- * NSSPKIXTBSCertList_GetNextUpdate
- * NSSPKIXTBSCertList_SetNextUpdate
- * NSSPKIXTBSCertList_RemoveNextUpdate
- * NSSPKIXTBSCertList_GetRevokedCertificates
- * NSSPKIXTBSCertList_SetRevokedCertificates
- * NSSPKIXTBSCertList_HasCrlExtensions
- * NSSPKIXTBSCertList_GetCrlExtensions
- * NSSPKIXTBSCertList_SetCrlExtensions
- * NSSPKIXTBSCertList_RemoveCrlExtensions
- * NSSPKIXTBSCertList_Equal
- * NSSPKIXTBSCertList_Duplicate
- *
- */
-
-/*
- * NSSPKIXTBSCertList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXTBSCertList_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTBSCertList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_VERSION
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_PKIX_TIME
- * (something for the times being out of order?)
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXTBSCertList_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXVersion version,
- NSSPKIXAlgorithmIdentifier *signature,
- NSSPKIXName *issuer,
- NSSPKIXTime thisUpdate,
- NSSPKIXTime nextUpdateOpt,
- NSSPKIXrevokedCertificates *revokedCerts,
- NSSPKIXExtensions *crlExtensionsOpt
-);
-
-/*
- * NSSPKIXTBSCertList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_Destroy
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTBSCertList_Encode
-(
- NSSPKIXTBSCertList *certList,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid element of the NSSPKIXVersion enumeration upon success
- * NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-NSSPKIXTBSCertList_GetVersion
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetVersion
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXVersion version
-);
-
-/*
- * NSSPKIXTBSCertList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXTBSCertList_GetSignature
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetSignature
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * NSSPKIXTBSCertList_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXTBSCertList_GetIssuer
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetIssuer
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXName *issuer
-);
-
-/*
- * NSSPKIXTBSCertList_GetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXTBSCertList_GetThisUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_SetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetThisUpdate
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXTime thisUpdate
-);
-
-/*
- * NSSPKIXTBSCertList_HasNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertList_HasNextUpdate
-(
- NSSPKIXTBSCertList *certList,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertList_GetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-NSSPKIXTBSCertList_GetNextUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_SetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetNextUpdate
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXTime nextUpdate
-);
-
-/*
- * NSSPKIXTBSCertList_RemoveNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_HAS_NO_NEXT_UPDATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_RemoveNextUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon succes
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXTBSCertList_GetRevokedCertificates
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetRevokedCertificates
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXrevokedCertificates *revoked
-);
-
-/*
- * NSSPKIXTBSCertList_HasCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertList_HasCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertList_GetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-NSSPKIXTBSCertList_GetCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTBSCertList_SetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_SetCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * NSSPKIXTBSCertList_RemoveCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_HAS_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTBSCertList_RemoveCrlExtensions
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * NSSPKIXTBSCertList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTBSCertList_Equal
-(
- NSSPKIXTBSCertList *one,
- NSSPKIXTBSCertList *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTBSCertList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-NSSPKIXTBSCertList_Duplicate
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- * The public calls for the type:
- *
- * NSSPKIXrevokedCertificates_Decode
- * NSSPKIXrevokedCertificates_Create
- * NSSPKIXrevokedCertificates_Encode
- * NSSPKIXrevokedCertificates_Destroy
- * NSSPKIXrevokedCertificates_GetRevokedCertificateCount
- * NSSPKIXrevokedCertificates_GetRevokedCertificates
- * NSSPKIXrevokedCertificates_SetRevokedCertificates
- * NSSPKIXrevokedCertificates_GetRevokedCertificate
- * NSSPKIXrevokedCertificates_SetRevokedCertificate
- * NSSPKIXrevokedCertificates_InsertRevokedCertificate
- * NSSPKIXrevokedCertificates_AppendRevokedCertificate
- * NSSPKIXrevokedCertificates_RemoveRevokedCertificate
- * NSSPKIXrevokedCertificates_Equal
- * NSSPKIXrevokedCertificates_Duplicate
- *
- */
-
-/*
- * NSSPKIXrevokedCertificates_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXrevokedCertificates_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXrevokedCertificates_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXrevokedCertificates_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXrevokedCertificate *rc1,
- ...
-);
-
-/*
- * NSSPKIXrevokedCertificates_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_Destroy
-(
- NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * NSSPKIXrevokedCertificates_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXrevokedCertificates_Encode
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_GetRevokedCertificateCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXrevokedCertificates_GetRevokedCertificateCount
-(
- NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * NSSPKIXrevokedCertificates_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXrevokedCertificate pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate **
-NSSPKIXrevokedCertificates_GetRevokedCertificates
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_SetRevokedCertificates
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rc[],
- PRInt32 countOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_GetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificates_GetRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_SetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_SetRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_InsertRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_InsertRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_AppendRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_AppendRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_RemoveRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificates_RemoveRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i
-);
-
-/*
- * NSSPKIXrevokedCertificates_FindRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXrevokedCertificates_FindRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificates_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXrevokedCertificates_Equal
-(
- NSSPKIXrevokedCertificates *one,
- NSSPKIXrevokedCertificates *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXrevokedCertificates_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-NSSPKIXrevokedCertificates_Duplicate
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSArena *arenaOpt
-);
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- * The public calls for this type:
- *
- * NSSPKIXrevokedCertificate_Decode
- * NSSPKIXrevokedCertificate_Create
- * NSSPKIXrevokedCertificate_Encode
- * NSSPKIXrevokedCertificate_Destroy
- * NSSPKIXrevokedCertificate_GetUserCertificate
- * NSSPKIXrevokedCertificate_SetUserCertificate
- * NSSPKIXrevokedCertificate_GetRevocationDate
- * NSSPKIXrevokedCertificate_SetRevocationDate
- * NSSPKIXrevokedCertificate_HasCrlEntryExtensions
- * NSSPKIXrevokedCertificate_GetCrlEntryExtensions
- * NSSPKIXrevokedCertificate_SetCrlEntryExtensions
- * NSSPKIXrevokedCertificate_RemoveCrlEntryExtensions
- * NSSPKIXrevokedCertificate_Equal
- * NSSPKIXrevokedCertificate_Duplicate
- *
- */
-
-
-/*
- * NSSPKIXrevokedCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXrevokedCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- * NSS_ERROR_INVALID_PKIX_TIME
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertificateSerialNumber *userCertificate,
- NSSPKIXTime *revocationDate,
- NSSPKIXExtensions *crlEntryExtensionsOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_Destroy
-(
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXrevokedCertificate_Encode
-(
- NSSPKIXrevokedCertificate *rc,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_GetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-NSSPKIXrevokedCertificate_GetUserCertificate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_SetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_SetUserCertificate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXCertificateSerialNumber *csn
-);
-
-/*
- * NSSPKIXrevokedCertificate_GetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXrevokedCertificate_GetRevocationDate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_SetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_SetRevocationDate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXTime *revocationDate
-);
-
-/*
- * NSSPKIXrevokedCertificate_HasCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXrevokedCertificate_HasCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_GetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-NSSPKIXrevokedCertificate_GetCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_SetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_SetCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXExtensions *crlEntryExtensions
-);
-
-/*
- * NSSPKIXrevokedCertificate_RemoveCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXrevokedCertificate_RemoveCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * NSSPKIXrevokedCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXrevokedCertificate_Equal
-(
- NSSPKIXrevokedCertificate *one,
- NSSPKIXrevokedCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXrevokedCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-NSSPKIXrevokedCertificate_Duplicate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL }
- * -- contains a value of the type
- * -- registered for use with the
- * -- algorithm object identifier value
- *
- * The public calls for this type:
- *
- * NSSPKIXAlgorithmIdentifier_Decode
- * NSSPKIXAlgorithmIdentifier_Create
- * NSSPKIXAlgorithmIdentifier_Encode
- * NSSPKIXAlgorithmIdentifier_Destroy
- * NSSPKIXAlgorithmIdentifier_GetAlgorithm
- * NSSPKIXAlgorithmIdentifier_SetAlgorithm
- * NSSPKIXAlgorithmIdentifier_GetParameters
- * NSSPKIXAlgorithmIdentifier_SetParameters
- * NSSPKIXAlgorithmIdentifier_Compare
- * NSSPKIXAlgorithmIdentifier_Duplicate
- * { algorithm-specific parameter types and accessors ? }
- *
- */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSOID *algorithm,
- NSSItem *parameters
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAlgorithmIdentifier_Destroy
-(
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAlgorithmIdentifier_Encode
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXAlgorithmIdentifier_GetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAlgorithmIdentifier_SetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSOID *algorithm
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXAlgorithmIdentifier_GetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAlgorithmIdentifier_SetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *parameters
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAlgorithmIdentifier_Equal
-(
- NSSPKIXAlgorithmIdentifier *algid1,
- NSSPKIXAlgorithmIdentifier *algid2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Duplicate
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSArena *arenaOpt
-);
-
-/*
- * { algorithm-specific parameter types and accessors ? }
- */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ORAddress ::= SEQUENCE {
- * built-in-standard-attributes BuiltInStandardAttributes,
- * built-in-domain-defined-attributes
- * BuiltInDomainDefinedAttributes OPTIONAL,
- * -- see also teletex-domain-defined-attributes
- * extension-attributes ExtensionAttributes OPTIONAL }
- * -- The OR-address is semantically absent from the OR-name if the
- * -- built-in-standard-attribute sequence is empty and the
- * -- built-in-domain-defined-attributes and extension-attributes are
- * -- both omitted.
- *
- * The public calls for this type:
- *
- * NSSPKIXORAddress_Decode
- * NSSPKIXORAddress_Create
- * NSSPKIXORAddress_Destroy
- * NSSPKIXORAddress_Encode
- * NSSPKIXORAddress_GetBuiltInStandardAttributes
- * NSSPKIXORAddress_SetBuiltInStandardAttributes
- * NSSPKIXORAddress_HasBuiltInDomainDefinedAttributes
- * NSSPKIXORAddress_GetBuiltInDomainDefinedAttributes
- * NSSPKIXORAddress_SetBuiltInDomainDefinedAttributes
- * NSSPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- * NSSPKIXORAddress_HasExtensionsAttributes
- * NSSPKIXORAddress_GetExtensionsAttributes
- * NSSPKIXORAddress_SetExtensionsAttributes
- * NSSPKIXORAddress_RemoveExtensionsAttributes
- * NSSPKIXORAddress_Equal
- * NSSPKIXORAddress_Duplicate
- *
- */
-
-/*
- * NSSPKIXORAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXORAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXORAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXORAddress_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXBuiltInDomainDefinedAttributes *biddaOpt,
- NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * NSSPKIXORAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_Destroy
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * NSSPKIXORAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXORAddress_Encode
-(
- NSSPKIXORAddress *ora,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_GetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXORAddress_GetBuiltInStandardAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_SetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_SetBuiltInStandardAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXORAddress_HasBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXORAddress_HasBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXORAddress_GetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXORAddress_GetBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_SetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_SetBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * NSSPKIXORAddress_HasExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXORAddress_HasExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXORAddress_GetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXORAddress_GetExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXORAddress_SetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_SetExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * NSSPKIXORAddress_RemoveExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXORAddress_RemoveExtensionsAttributes
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * NSSPKIXORAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXORAddress_Equal
-(
- NSSPKIXORAddress *ora1,
- NSSPKIXORAddress *ora2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXORAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXORAddress_Duplicate
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInStandardAttributes ::= SEQUENCE {
- * country-name CountryName OPTIONAL,
- * administration-domain-name AdministrationDomainName OPTIONAL,
- * network-address [0] NetworkAddress OPTIONAL,
- * -- see also extended-network-address
- * terminal-identifier [1] TerminalIdentifier OPTIONAL,
- * private-domain-name [2] PrivateDomainName OPTIONAL,
- * organization-name [3] OrganizationName OPTIONAL,
- * -- see also teletex-organization-name
- * numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
- * personal-name [5] PersonalName OPTIONAL,
- * -- see also teletex-personal-name
- * organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
- * -- see also teletex-organizational-unit-names -- }
- *
- * The public calls for this type:
- *
- * NSSPKIXBuiltInStandardAttributes_Decode
- * NSSPKIXBuiltInStandardAttributes_Create
- * NSSPKIXBuiltInStandardAttributes_Destroy
- * NSSPKIXBuiltInStandardAttributes_Encode
- * NSSPKIXBuiltInStandardAttributes_HasCountryName
- * NSSPKIXBuiltInStandardAttributes_GetCountryName
- * NSSPKIXBuiltInStandardAttributes_SetCountryName
- * NSSPKIXBuiltInStandardAttributes_RemoveCountryName
- * NSSPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- * NSSPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- * NSSPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- * NSSPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- * NSSPKIXBuiltInStandardAttributes_HasNetworkAddress
- * NSSPKIXBuiltInStandardAttributes_GetNetworkAddress
- * NSSPKIXBuiltInStandardAttributes_SetNetworkAddress
- * NSSPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- * NSSPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- * NSSPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- * NSSPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- * NSSPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- * NSSPKIXBuiltInStandardAttributes_HasPrivateDomainName
- * NSSPKIXBuiltInStandardAttributes_GetPrivateDomainName
- * NSSPKIXBuiltInStandardAttributes_SetPrivateDomainName
- * NSSPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationName
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationName
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationName
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationName
- * NSSPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- * NSSPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- * NSSPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- * NSSPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- * NSSPKIXBuiltInStandardAttributes_HasPersonalName
- * NSSPKIXBuiltInStandardAttributes_GetPersonalName
- * NSSPKIXBuiltInStandardAttributes_SetPersonalName
- * NSSPKIXBuiltInStandardAttributes_RemovePersonalName
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- * NSSPKIXBuiltInStandardAttributes_Equal
- * NSSPKIXBuiltInStandardAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXBuiltInStandardAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXBuiltInStandardAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCountryName *countryNameOpt,
- NSSPKIXAdministrationDomainName *administrationDomainNameOpt,
- NSSPKIXNetworkAddress *networkAddressOpt,
- NSSPKIXTerminalIdentifier *terminalIdentifierOpt,
- NSSPKIXPrivateDomainName *privateDomainNameOpt,
- NSSPKIXOrganizationName *organizationNameOpt,
- NSSPKIXNumericUserIdentifier *numericUserIdentifierOpt,
- NSSPKIXPersonalName *personalNameOpt,
- NSSPKIXOrganizationalUnitNames *organizationalUnitNamesOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_Destroy
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBuiltInStandardAttributes_Encode
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-NSSPKIXBuiltInStandardAttributes_GetCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXCountryName *countryName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_COUNTRY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-NSSPKIXBuiltInStandardAttributes_GetAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXAdministrationDomainName *administrationDomainName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-NSSPKIXBuiltInStandardAttributes_GetNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXNetworkAddress *networkAddress
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-NSSPKIXBuiltInStandardAttributes_GetTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXTerminalIdentifier *terminalIdentifier
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_TERMINAL_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-NSSPKIXBuiltInStandardAttributes_GetPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXPrivateDomainName *privateDomainName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemovePrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-NSSPKIXBuiltInStandardAttributes_GetOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXOrganizationName *organizationName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ORGANIZATION_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-NSSPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXNumericUserIdentifier *numericUserIdentifier
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXBuiltInStandardAttributes_GetPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemovePersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemovePersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXOrganizationalUnitNames *organizationalUnitNames
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInStandardAttributes_Equal
-(
- NSSPKIXBuiltInStandardAttributes *bisa1,
- NSSPKIXBuiltInStandardAttributes *bisa2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInStandardAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-NSSPKIXBuiltInStandardAttributes_Duplicate
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * CountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CountryName ::= [APPLICATION 1] CHOICE {
- * x121-dcc-code NumericString
- * (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXCountryName_Decode
- * NSSPKIXCountryName_CreateFromUTF8
- * NSSPKIXCountryName_Encode
- *
- */
-
-/*
- * NSSPKIXCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-NSSPKIXCountryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-NSSPKIXCountryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCountryName_Encode
-(
- NSSPKIXCountryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * AdministrationDomainName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AdministrationDomainName ::= [APPLICATION 2] CHOICE {
- * numeric NumericString (SIZE (0..ub-domain-name-length)),
- * printable PrintableString (SIZE (0..ub-domain-name-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXAdministrationDomainName_Decode
- * NSSPKIXAdministrationDomainName_CreateFromUTF8
- * NSSPKIXAdministrationDomainName_Encode
- *
- */
-
-/*
- * NSSPKIXAdministrationDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-NSSPKIXAdministrationDomainName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAdministrationDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-NSSPKIXAdministrationDomainName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXAdministrationDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAdministrationDomainName_Encode
-(
- NSSPKIXAdministrationDomainName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X121Address
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXX121Address_Decode
- * NSSPKIXX121Address_CreateFromUTF8
- * NSSPKIXX121Address_Encode
- *
- */
-
-/*
- * NSSPKIXX121Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX121Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-NSSPKIXX121Address_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXX121Address_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX121Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-NSSPKIXX121Address_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXX121Address_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X121_ADDRESS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXX121Address_Encode
-(
- NSSPKIXX121Address *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NetworkAddress ::= X121Address -- see also extended-network-address
- *
- * The public calls for this type:
- *
- * NSSPKIXNetworkAddress_Decode
- * NSSPKIXNetworkAddress_CreateFromUTF8
- * NSSPKIXNetworkAddress_Encode
- *
- */
-
-/*
- * NSSPKIXNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-NSSPKIXNetworkAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXNetworkAddress_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-NSSPKIXNetworkAddress_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXNetworkAddress_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNetworkAddress_Encode
-(
- NSSPKIXNetworkAddress *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TerminalIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXTerminalIdentifier_Decode
- * NSSPKIXTerminalIdentifier_CreateFromUTF8
- * NSSPKIXTerminalIdentifier_Encode
- *
- */
-
-/*
- * NSSPKIXTerminalIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-NSSPKIXTerminalIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTerminalIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-NSSPKIXTerminalIdentifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTerminalIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTerminalIdentifier_Encode
-(
- NSSPKIXTerminalIdentifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PrivateDomainName
- *
- * -- fgmr comments --
- *
- * PrivateDomainName ::= CHOICE {
- * numeric NumericString (SIZE (1..ub-domain-name-length)),
- * printable PrintableString (SIZE (1..ub-domain-name-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXPrivateDomainName_Decode
- * NSSPKIXPrivateDomainName_CreateFromUTF8
- * NSSPKIXPrivateDomainName_Encode
- *
- */
-
-/*
- * NSSPKIXPrivateDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-NSSPKIXPrivateDomainName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPrivateDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-NSSPKIXPrivateDomainName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPrivateDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPrivateDomainName_Encode
-(
- NSSPKIXPrivateDomainName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * OrganizationName
- *
- * -- fgmr comments --
- *
- * OrganizationName ::= PrintableString
- * (SIZE (1..ub-organization-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXOrganizationName_Decode
- * NSSPKIXOrganizationName_CreateFromUTF8
- * NSSPKIXOrganizationName_Encode
- *
- */
-
-/*
- * NSSPKIXOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-NSSPKIXOrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-NSSPKIXOrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXOrganizationName_Encode
-(
- NSSPKIXOrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NumericUserIdentifier ::= NumericString
- * (SIZE (1..ub-numeric-user-id-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXNumericUserIdentifier_Decode
- * NSSPKIXNumericUserIdentifier_CreateFromUTF8
- * NSSPKIXNumericUserIdentifier_Encode
- *
- */
-
-/*
- * NSSPKIXNumericUserIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-NSSPKIXNumericUserIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXNumericUserIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-NSSPKIXNumericUserIdentifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXNumericUserIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNumericUserIdentifier_Encode
-(
- NSSPKIXNumericUserIdentifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PersonalName ::= SET {
- * surname [0] PrintableString (SIZE (1..ub-surname-length)),
- * given-name [1] PrintableString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] PrintableString
- * (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXPersonalName_Decode
- * NSSPKIXPersonalName_Create
- * NSSPKIXPersonalName_Destroy
- * NSSPKIXPersonalName_Encode
- * NSSPKIXPersonalName_GetSurname
- * NSSPKIXPersonalName_SetSurname
- * NSSPKIXPersonalName_HasGivenName
- * NSSPKIXPersonalName_GetGivenName
- * NSSPKIXPersonalName_SetGivenName
- * NSSPKIXPersonalName_RemoveGivenName
- * NSSPKIXPersonalName_HasInitials
- * NSSPKIXPersonalName_GetInitials
- * NSSPKIXPersonalName_SetInitials
- * NSSPKIXPersonalName_RemoveInitials
- * NSSPKIXPersonalName_HasGenerationQualifier
- * NSSPKIXPersonalName_GetGenerationQualifier
- * NSSPKIXPersonalName_SetGenerationQualifier
- * NSSPKIXPersonalName_RemoveGenerationQualifier
- * NSSPKIXPersonalName_Equal
- * NSSPKIXPersonalName_Duplicate
- *
- */
-
-/*
- * NSSPKIXPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXPersonalName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXPersonalName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *surname,
- NSSUTF8 *givenNameOpt,
- NSSUTF8 *initialsOpt,
- NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * NSSPKIXPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_Destroy
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPersonalName_Encode
-(
- NSSPKIXPersonalName *personalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetSurname
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetSurname
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *surname
-);
-
-/*
- * NSSPKIXPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_HasGivenName
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetGivenName
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetGivenName
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *givenName
-);
-
-/*
- * NSSPKIXPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_RemoveGivenName
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_HasInitials
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetInitials
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetInitials
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *initials
-);
-
-/*
- * NSSPKIXPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_RemoveInitials
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_HasGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPersonalName_GetGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_SetGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *generationQualifier
-);
-
-/*
- * NSSPKIXPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPersonalName_RemoveGenerationQualifier
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * NSSPKIXPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPersonalName_Equal
-(
- NSSPKIXPersonalName *personalName1,
- NSSPKIXPersonalName *personalName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-NSSPKIXPersonalName_Duplicate
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- * OF OrganizationalUnitName
- *
- * The public calls for the type:
- *
- * NSSPKIXOrganizationalUnitNames_Decode
- * NSSPKIXOrganizationalUnitNames_Create
- * NSSPKIXOrganizationalUnitNames_Destroy
- * NSSPKIXOrganizationalUnitNames_Encode
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- * NSSPKIXOrganizationalUnitNames_Equal
- * NSSPKIXOrganizationalUnitNames_Duplicate
- *
- */
-
-/*
- * NSSPKIXOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXOrganizationalUnitNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXOrganizationalUnitNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXOrganizationalUnitName *ou1,
- ...
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_Destroy
-(
- NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXOrganizationalUnitNames_Encode
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
-(
- NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXOrganizationalUnitName
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName **
-NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-NSSPKIXOrganizationalUnitNames_GetOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_SetOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRIntn
-NSSPKIXOrganizationalUnitNames_FindOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXOrganizationalUnitNames_Equal
-(
- NSSPKIXOrganizationalUnitNames *ous1,
- NSSPKIXOrganizationalUnitNames *ous2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-NSSPKIXOrganizationalUnitNames_Duplicate
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSArena *arenaOpt
-);
-
-/*
- * OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitName ::= PrintableString (SIZE
- * (1..ub-organizational-unit-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXOrganizationalUnitName_Decode
- * NSSPKIXOrganizationalUnitName_CreateFromUTF8
- * NSSPKIXOrganizationalUnitName_Encode
- *
- */
-
-/*
- * NSSPKIXOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-NSSPKIXOrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-NSSPKIXOrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXOrganizationalUnitName_Encode
-(
- NSSPKIXOrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF
- * BuiltInDomainDefinedAttribute
- *
- * The public calls for this type:
- *
- * NSSPKIXBuiltInDomainDefinedAttributes_Decode
- * NSSPKIXBuiltInDomainDefinedAttributes_Create
- * NSSPKIXBuiltInDomainDefinedAttributes_Destroy
- * NSSPKIXBuiltInDomainDefinedAttributes_Encode
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- * NSSPKIXBuiltInDomainDefinedAttributes_Equal
- * NSSPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXBuiltInDomainDefinedAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXBuiltInDomainDefinedAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
- ...
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_Destroy
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBuiltInDomainDefinedAttributes_Encode
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXBuiltInDomainDefinedAttribute
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute **
-NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribut *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribut *bidda[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInDomainDefinedAttributes_Equal
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas1,
- NSSPKIXBuiltInDomainDefinedAttributes *biddas2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-NSSPKIXBuiltInDomainDefinedAttributes_Duplicate
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSArena *arenaOpt
-);
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttribute ::= SEQUENCE {
- * type PrintableString (SIZE
- * (1..ub-domain-defined-attribute-type-length)),
- * value PrintableString (SIZE
- * (1..ub-domain-defined-attribute-value-length))}
- *
- * The public calls for this type:
- *
- * NSSPKIXBuiltInDomainDefinedAttribute_Decode
- * NSSPKIXBuiltInDomainDefinedAttribute_Create
- * NSSPKIXBuiltInDomainDefinedAttribute_Destroy
- * NSSPKIXBuiltInDomainDefinedAttribute_Encode
- * NSSPKIXBuiltInDomainDefinedAttribute_GetType
- * NSSPKIXBuiltInDomainDefinedAttribute_SetType
- * NSSPKIXBuiltInDomainDefinedAttribute_GetValue
- * NSSPKIXBuiltInDomainDefinedAttribute_SetValue
- * NSSPKIXBuiltInDomainDefinedAttribute_Equal
- * NSSPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *type,
- NSSUTF8 *value
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttribute_Destroy
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBuiltInDomainDefinedAttribute_Encode
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXBuiltInDomainDefinedAttribute_GetType
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttribute_SetType
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSUTF8 *type
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXBuiltInDomainDefinedAttribute_GetValue
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBuiltInDomainDefinedAttribute_SetValue
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSUTF8 *value
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBuiltInDomainDefinedAttribute_Equal
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-NSSPKIXBuiltInDomainDefinedAttribute_Duplicate
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- * ExtensionAttribute
- *
- * The public calls for this type:
- *
- * NSSPKIXExtensionAttributes_Decode
- * NSSPKIXExtensionAttributes_Create
- * NSSPKIXExtensionAttributes_Destroy
- * NSSPKIXExtensionAttributes_Encode
- * NSSPKIXExtensionAttributes_GetExtensionAttributeCount
- * NSSPKIXExtensionAttributes_GetExtensionAttributes
- * NSSPKIXExtensionAttributes_SetExtensionAttributes
- * NSSPKIXExtensionAttributes_GetExtensionAttribute
- * NSSPKIXExtensionAttributes_SetExtensionAttribute
- * NSSPKIXExtensionAttributes_InsertExtensionAttribute
- * NSSPKIXExtensionAttributes_AppendExtensionAttribute
- * NSSPKIXExtensionAttributes_RemoveExtensionAttribute
- * NSSPKIXExtensionAttributes_FindExtensionAttribute
- * NSSPKIXExtensionAttributes_Equal
- * NSSPKIXExtensionAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtensionAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXExtensionAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXExtensionAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXExtensionAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtensionAttribute ea1,
- ...
-);
-
-/*
- * NSSPKIXExtensionAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_Destroy
-(
- NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * NSSPKIXExtensionAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtensionAttributes_Encode
-(
- NSSPKIXExtensionAttributes *eas
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_GetExtensionAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtensionAttributes_GetExtensionAttributeCount
-(
- NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * NSSPKIXExtensionAttributes_GetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXExtensionAttribute pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute **
-NSSPKIXExtensionAttributes_GetExtensionAttributes
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_SetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_SetExtensionAttributes
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXExtensionAttributes_GetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttributes_GetExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_SetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_SetExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_InsertExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_InsertExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_AppendExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_AppendExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_RemoveExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttributes_RemoveExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
-);
-
-/*
- * NSSPKIXExtensionAttributes_FindExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtensionAttributes_FindExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtensionAttributes_Equal
-(
- NSSPKIXExtensionAttributes *eas1,
- NSSPKIXExtensionAttributes *eas2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtensionAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-NSSPKIXExtensionAttributes_Duplicate
-(
- NSSPKIXExtensionAttributes *eas,
- NSSArena *arenaOpt
-);
-
-/*
- * fgmr
- * There should be accessors to search the ExtensionAttributes and
- * return the value for a specific value, etc.
- */
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttribute ::= SEQUENCE {
- * extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- * extension-attribute-value [1]
- * ANY DEFINED BY extension-attribute-type }
- *
- * The public calls for this type:
- *
- * NSSPKIXExtensionAttribute_Decode
- * NSSPKIXExtensionAttribute_Create
- * NSSPKIXExtensionAttribute_Destroy
- * NSSPKIXExtensionAttribute_Encode
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeType
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeType
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeValue
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeValue
- * NSSPKIXExtensionAttribute_Equal
- * NSSPKIXExtensionAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtensionAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXExtensionAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE_TYPE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtensionAttributeType type,
- NSSItem *value
-);
-
-/*
- * NSSPKIXExtensionAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttribute_Destroy
-(
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtensionAttribute_Encode
-(
- NSSPKIXExtensionAttribute *ea,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeType
- *
- * -- fgmr comments --
- * {One of these objects created from BER generated by a program
- * adhering to a later version of the PKIX standards might have
- * a value not mentioned in the enumeration definition. This isn't
- * a bug.}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A member of the NSSPKIXExtensionAttributeType enumeration
- * upon success
- * NSSPKIXExtensionAttributeType_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributeType
-NSSPKIXExtensionAttribute_GetExtensionsAttributeType
-(
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttribute_SetExtensionsAttributeType
-(
- NSSPKIXExtensionAttribute *ea,
- NSSPKIXExtensionAttributeType type
-);
-
-/*
- * NSSPKIXExtensionAttribute_GetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXExtensionAttribute_GetExtensionsAttributeValue
-(
- NSSPKIXExtensionAttribute *ea,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtensionAttribute_SetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtensionAttribute_SetExtensionsAttributeValue
-(
- NSSPKIXExtensionAttribute *ea,
- NSSItem *value
-);
-
-/*
- * NSSPKIXExtensionAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtensionAttribute_Equal
-(
- NSSPKIXExtensionAttribute *ea1,
- NSSPKIXExtensionAttribute *ea2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtensionAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-NSSPKIXExtensionAttribute_Duplicate
-(
- NSSPKIXExtensionAttribute *ea,
- NSSArena *arenaOpt
-);
-
-/*
- * CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXCommonName_Decode
- * NSSPKIXCommonName_CreateFromUTF8
- * NSSPKIXCommonName_Encode
- *
- */
-
-/*
- * NSSPKIXCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-NSSPKIXCommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-NSSPKIXCommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCommonName_Encode
-(
- NSSPKIXCommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexCommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXTeletexCommonName_Decode
- * NSSPKIXTeletexCommonName_CreateFromUTF8
- * NSSPKIXTeletexCommonName_Encode
- *
- */
-
-/*
- * NSSPKIXTeletexCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-NSSPKIXTeletexCommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-NSSPKIXTeletexCommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexCommonName_Encode
-(
- NSSPKIXTeletexCommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationName ::=
- * TeletexString (SIZE (1..ub-organization-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXTeletexOrganizationName_Decode
- * NSSPKIXTeletexOrganizationName_CreateFromUTF8
- * NSSPKIXTeletexOrganizationName_Encode
- *
- */
-
-/*
- * NSSPKIXTeletexOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-NSSPKIXTeletexOrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-NSSPKIXTeletexOrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATION_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexOrganizationName_Encode
-(
- NSSPKIXTeletexOrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexPersonalName ::= SET {
- * surname [0] TeletexString (SIZE (1..ub-surname-length)),
- * given-name [1] TeletexString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] TeletexString (SIZE
- * (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXTeletexPersonalName_Decode
- * NSSPKIXTeletexPersonalName_Create
- * NSSPKIXTeletexPersonalName_Destroy
- * NSSPKIXTeletexPersonalName_Encode
- * NSSPKIXTeletexPersonalName_GetSurname
- * NSSPKIXTeletexPersonalName_SetSurname
- * NSSPKIXTeletexPersonalName_HasGivenName
- * NSSPKIXTeletexPersonalName_GetGivenName
- * NSSPKIXTeletexPersonalName_SetGivenName
- * NSSPKIXTeletexPersonalName_RemoveGivenName
- * NSSPKIXTeletexPersonalName_HasInitials
- * NSSPKIXTeletexPersonalName_GetInitials
- * NSSPKIXTeletexPersonalName_SetInitials
- * NSSPKIXTeletexPersonalName_RemoveInitials
- * NSSPKIXTeletexPersonalName_HasGenerationQualifier
- * NSSPKIXTeletexPersonalName_GetGenerationQualifier
- * NSSPKIXTeletexPersonalName_SetGenerationQualifier
- * NSSPKIXTeletexPersonalName_RemoveGenerationQualifier
- * NSSPKIXTeletexPersonalName_Equal
- * NSSPKIXTeletexPersonalName_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-NSSPKIXTeletexPersonalName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-NSSPKIXTeletexPersonalName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *surname,
- NSSUTF8 *givenNameOpt,
- NSSUTF8 *initialsOpt,
- NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_Destroy
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexPersonalName_Encode
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetSurname
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetSurname
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *surname
-);
-
-/*
- * NSSPKIXTeletexPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_HasGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *givenName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_RemoveGivenName
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_HasInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *initials
-);
-
-/*
- * NSSPKIXTeletexPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_RemoveInitials
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_HasGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexPersonalName_GetGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_SetGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *generationQualifier
-);
-
-/*
- * NSSPKIXTeletexPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexPersonalName_RemoveGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexPersonalName_Equal
-(
- NSSPKIXTeletexPersonalName *personalName1,
- NSSPKIXTeletexPersonalName *personalName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-NSSPKIXTeletexPersonalName_Duplicate
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- * (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- * The public calls for the type:
- *
- * NSSPKIXTeletexOrganizationalUnitNames_Decode
- * NSSPKIXTeletexOrganizationalUnitNames_Create
- * NSSPKIXTeletexOrganizationalUnitNames_Destroy
- * NSSPKIXTeletexOrganizationalUnitNames_Encode
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- * NSSPKIXTeletexOrganizationalUnitNames_Equal
- * NSSPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-NSSPKIXTeletexOrganizationalUnitNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-NSSPKIXTeletexOrganizationalUnitNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTeletexOrganizationalUnitName *ou1,
- ...
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_Destroy
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexOrganizationalUnitNames_Encode
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXTeletexOrganizationalUnitName
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName **
-NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-NSSPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexOrganizationalUnitNames_Equal
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous1,
- NSSPKIXTeletexOrganizationalUnitNames *ous2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-NSSPKIXTeletexOrganizationalUnitNames_Duplicate
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitName ::= TeletexString
- * (SIZE (1..ub-organizational-unit-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXTeletexOrganizationalUnitName_Decode
- * NSSPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- * NSSPKIXTeletexOrganizationalUnitName_Encode
- *
- */
-
-/*
- * NSSPKIXTeletexOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-NSSPKIXTeletexOrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-NSSPKIXTeletexOrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexOrganizationalUnitName_Encode
-(
- NSSPKIXTeletexOrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PDSName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
- *
- * The public calls for this type:
- *
- * NSSPKIXPDSName_Decode
- * NSSPKIXPDSName_CreateFromUTF8
- * NSSPKIXPDSName_Encode
- *
- */
-
-/*
- * NSSPKIXPDSName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-NSSPKIXPDSName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPDSName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-NSSPKIXPDSName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPDSName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPDSName_Encode
-(
- NSSPKIXPDSName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PhysicalDeliveryCountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryCountryName ::= CHOICE {
- * x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXPhysicalDeliveryCountryName_Decode
- * NSSPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- * NSSPKIXPhysicalDeliveryCountryName_Encode
- *
- */
-
-/*
- * NSSPKIXPhysicalDeliveryCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-NSSPKIXPhysicalDeliveryCountryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-NSSPKIXPhysicalDeliveryCountryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPhysicalDeliveryCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PHYSICAL_DELIVERY_COUNTRY_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPhysicalDeliveryCountryName_Encode
-(
- NSSPKIXPhysicalDeliveryCountryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PostalCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PostalCode ::= CHOICE {
- * numeric-code NumericString (SIZE (1..ub-postal-code-length)),
- * printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXPostalCode_Decode
- * NSSPKIXPostalCode_CreateFromUTF8
- * NSSPKIXPostalCode_Encode
- *
- */
-
-/*
- * NSSPKIXPostalCode_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPostalCode upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-NSSPKIXPostalCode_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPostalCode_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPostalCode upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-NSSPKIXPostalCode_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPostalCode_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POSTAL_CODE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPostalCode_Encode
-(
- NSSPKIXPostalCode *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSParameter ::= SET {
- * printable-string PrintableString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXPDSParameter_Decode
- * NSSPKIXPDSParameter_CreateFromUTF8
- * NSSPKIXPDSParameter_Create
- * NSSPKIXPDSParameter_Delete
- * NSSPKIXPDSParameter_Encode
- * NSSPKIXPDSParameter_GetUTF8Encoding
- * NSSPKIXPDSParameter_HasPrintableString
- * NSSPKIXPDSParameter_GetPrintableString
- * NSSPKIXPDSParameter_SetPrintableString
- * NSSPKIXPDSParameter_RemovePrintableString
- * NSSPKIXPDSParameter_HasTeletexString
- * NSSPKIXPDSParameter_GetTeletexString
- * NSSPKIXPDSParameter_SetTeletexString
- * NSSPKIXPDSParameter_RemoveTeletexString
- * NSSPKIXPDSParameter_Equal
- * NSSPKIXPDSParameter_Duplicate
- */
-
-/*
- * NSSPKIXPDSParameter_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPDSParameter_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXPDSParameter_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *printableStringOpt,
- NSSUTF8 *teletexStringOpt
-);
-
-/*
- * NSSPKIXPDSParameter_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_Destroy
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * NSSPKIXPDSParameter_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPDSParameter_Encode
-(
- NSSPKIXPDSParameter *p,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPDSParameter_GetUTF8Encoding
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_HasPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPDSParameter_HasPrintableString
-(
- NSSPKIXPDSParameter *p,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPDSParameter_GetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPDSParameter_GetPrintableString
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_SetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_SetPrintableString
-(
- NSSPKIXPDSParameter *p,
- NSSUTF8 *printableString
-);
-
-/*
- * NSSPKIXPDSParameter_RemovePrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_RemovePrintableString
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * NSSPKIXPDSParameter_HasTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPDSParameter_HasTeletexString
-(
- NSSPKIXPDSParameter *p,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPDSParameter_GetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXPDSParameter_GetTeletexString
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPDSParameter_SetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_SetTeletexString
-(
- NSSPKIXPDSParameter *p,
- NSSUTF8 *teletexString
-);
-
-/*
- * NSSPKIXPDSParameter_RemoveTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPDSParameter_RemoveTeletexString
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * NSSPKIXPDSParameter_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPDSParameter_Equal
-(
- NSSPKIXPDSParameter *p1,
- NSSPKIXPDSParameter *p2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPDSParameter_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-NSSPKIXPDSParameter_Duplicate
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * fgmr: what about these PDS types?
- *
- * PhysicalDeliveryOfficeName
- *
- * PhysicalDeliveryOfficeNumber
- *
- * ExtensionORAddressComponents
- *
- * PhysicalDeliveryPersonalName
- *
- * PhysicalDeliveryOrganizationName
- *
- * ExtensionPhysicalDeliveryAddressComponents
- *
- * StreetAddress
- *
- * PostOfficeBoxAddress
- *
- * PosteRestanteAddress
- *
- * UniquePostalName
- *
- * LocalPostalAttributes
- *
- */
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UnformattedPostalAddress ::= SET {
- * printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- * PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- * The public calls for the type:
- *
- *
- */
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtendedNetworkAddress ::= CHOICE {
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * psap-address [0] PresentationAddress }
- *
- * The public calls for the type:
- *
- * NSSPKIXExtendedNetworkAddress_Decode
- * NSSPKIXExtendedNetworkAddress_Create
- * NSSPKIXExtendedNetworkAddress_Destroy
- * NSSPKIXExtendedNetworkAddress_Encode
- * NSSPKIXExtendedNetworkAddress_GetChoice
- * NSSPKIXExtendedNetworkAddress_Get
- * NSSPKIXExtendedNetworkAddress_GetE1634Address
- * NSSPKIXExtendedNetworkAddress_GetPsapAddress
- * NSSPKIXExtendedNetworkAddress_Set
- * NSSPKIXExtendedNetworkAddress_SetE163Address
- * NSSPKIXExtendedNetworkAddress_SetPsapAddress
- * NSSPKIXExtendedNetworkAddress_Equal
- * NSSPKIXExtendedNetworkAddress_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtendedNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtendedNetworkAddressChoice choice,
- void *address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_CreateFromE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_CreateFromE1634Address
-(
- NSSArena *arenaOpt,
- NSSPKIXe1634Address *e1634address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_CreateFromPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_CreateFromPresentationAddress
-(
- NSSArena *arenaOpt,
- NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_Destroy
-(
- NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtendedNetworkAddress_Encode
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * A valid element of the NSSPKIXExtendedNetworkAddressChoice upon
- * success
- * The value NSSPKIXExtendedNetworkAddress_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddressChoice
-NSSPKIXExtendedNetworkAddress_GetChoice
-(
- NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer...
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-NSSPKIXExtendedNetworkAddress_GetSpecifiedChoice
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXExtendedNetworkAddressChoice which,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1643Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1643Address *
-NSSPKIXExtendedNetworkAddress_GetE1634Address
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_GetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer to an NSSPKIXPresentationAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPresentationAddress *
-NSSPKIXExtendedNetworkAddress_GetPresentationAddress
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_SetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_SetSpecifiedChoice
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXExtendedNetworkAddressChoice which,
- void *address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_SetE163Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_SetE163Address
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXe1634Address *e1634address
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_SetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtendedNetworkAddress_SetPresentationAddress
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtendedNetworkAddress_Equal
-(
- NSSPKIXExtendedNetworkAddress *ena1,
- NSSPKIXExtendedNetworkAddress *ena2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtendedNetworkAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-NSSPKIXExtendedNetworkAddress_Duplicate
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *
- * The public calls for the type:
- *
- * NSSPKIXe1634Address_Decode
- * NSSPKIXe1634Address_Create
- * NSSPKIXe1634Address_Destroy
- * NSSPKIXe1634Address_Encode
- * NSSPKIXe1634Address_GetNumber
- * NSSPKIXe1634Address_SetNumber
- * NSSPKIXe1634Address_HasSubAddress
- * NSSPKIXe1634Address_GetSubAddress
- * NSSPKIXe1634Address_SetSubAddress
- * NSSPKIXe1634Address_RemoveSubAddress
- * NSSPKIXe1634Address_Equal
- * NSSPKIXe1634Address_Duplicate
- *
- */
-
-/*
- * NSSPKIXe1634Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-NSSPKIXe1634Address_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXe1634Address_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-NSSPKIXe1634Address_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *number,
- NSSUTF8 *subAddressOpt
-);
-
-/*
- * NSSPKIXe1634Address_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_Destroy
-(
- NSSPKIXe1634Address *e
-);
-
-/*
- * NSSPKIXe1634Address_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXe1634Address_Encode
-(
- NSSPKIXe1634Address *e,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXe1634Address_GetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXe1634Address_GetNumber
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXe1634Address_SetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_SetNumber
-(
- NSSPKIXe1634Address *e,
- NSSUTF8 *number
-);
-
-/*
- * NSSPKIXe1634Address_HasSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXe1634Address_HasSubAddress
-(
- NSSPKIXe1634Address *e,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXe1634Address_GetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXe1634Address_GetSubAddress
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXe1634Address_SetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_SetSubAddress
-(
- NSSPKIXe1634Address *e,
- NSSUTF8 *subAddress
-);
-
-/*
- * NSSPKIXe1634Address_RemoveSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXe1634Address_RemoveSubAddress
-(
- NSSPKIXe1634Address *e
-);
-
-/*
- * NSSPKIXe1634Address_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXe1634Address_Equal
-(
- NSSPKIXe1634Address *e1,
- NSSPKIXe1634Address *e2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXe1634Address_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-NSSPKIXe1634Address_Duplicate
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PresentationAddress ::= SEQUENCE {
- * pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
- * sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
- * tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
- * nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- * The public calls for the type:
- *
- * NSSPKIXPresentationAddress_Decode
- * NSSPKIXPresentationAddress_Create
- * NSSPKIXPresentationAddress_Destroy
- * NSSPKIXPresentationAddress_Encode
- * NSSPKIXPresentationAddress_HasPSelector
- * NSSPKIXPresentationAddress_GetPSelector
- * NSSPKIXPresentationAddress_SetPSelector
- * NSSPKIXPresentationAddress_RemovePSelector
- * NSSPKIXPresentationAddress_HasSSelector
- * NSSPKIXPresentationAddress_GetSSelector
- * NSSPKIXPresentationAddress_SetSSelector
- * NSSPKIXPresentationAddress_RemoveSSelector
- * NSSPKIXPresentationAddress_HasTSelector
- * NSSPKIXPresentationAddress_GetTSelector
- * NSSPKIXPresentationAddress_SetTSelector
- * NSSPKIXPresentationAddress_RemoveTSelector
- * NSSPKIXPresentationAddress_HasNAddresses
- * NSSPKIXPresentationAddress_GetNAddresses
- * NSSPKIXPresentationAddress_SetNAddresses
- * NSSPKIXPresentationAddress_RemoveNAddresses
- *{NAddresses must be more complex than that}
- * NSSPKIXPresentationAddress_Compare
- * NSSPKIXPresentationAddress_Duplicate
- *
- */
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- *
- * The public calls for the type:
- *
- * NSSPKIXTeletexDomainDefinedAttributes_Decode
- * NSSPKIXTeletexDomainDefinedAttributes_Create
- * NSSPKIXTeletexDomainDefinedAttributes_Destroy
- * NSSPKIXTeletexDomainDefinedAttributes_Encode
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- * NSSPKIXTeletexDomainDefinedAttributes_Equal
- * NSSPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-NSSPKIXTeletexDomainDefinedAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-NSSPKIXTeletexDomainDefinedAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTeletexDomainDefinedAttribute *tdda1,
- ...
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_Destroy
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexDomainDefinedAttributes_Encode
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXTeletexDomainDefinedAttribute
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute **
-NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * The nonnegative integer upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexDomainDefinedAttributes_Equal
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas1,
- NSSPKIXTeletexDomainDefinedAttributes *tddas2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-NSSPKIXTeletexDomainDefinedAttributes_Duplicate
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttribute ::= SEQUENCE {
- * type TeletexString
- * (SIZE (1..ub-domain-defined-attribute-type-length)),
- * value TeletexString
- * (SIZE (1..ub-domain-defined-attribute-value-length)) }
- *
- * The public calls for the type:
- *
- * NSSPKIXTeletexDomainDefinedAttribute_Decode
- * NSSPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- * NSSPKIXTeletexDomainDefinedAttribute_Create
- * NSSPKIXTeletexDomainDefinedAttribute_Destroy
- * NSSPKIXTeletexDomainDefinedAttribute_Encode
- * NSSPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- * NSSPKIXTeletexDomainDefinedAttribute_GetType
- * NSSPKIXTeletexDomainDefinedAttribute_SetType
- * NSSPKIXTeletexDomainDefinedAttribute_GetValue
- * NSSPKIXTeletexDomainDefinedAttribute_GetValue
- * NSSPKIXTeletexDomainDefinedAttribute_Equal
- * NSSPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- */
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *type,
- NSSUTF8 *value
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttribute_Destroy
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXTeletexDomainDefinedAttribute_Encode
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexDomainDefinedAttribute_GetType
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttribute_SetType
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSUTF8 *type
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXTeletexDomainDefinedAttribute_GetValue
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXTeletexDomainDefinedAttribute_SetValue
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSUTF8 *value
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXTeletexDomainDefinedAttribute_Equal
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda1,
- NSSPKIXTeletexDomainDefinedAttribute *tdda2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-NSSPKIXTeletexDomainDefinedAttribute_Duplicate
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityKeyIdentifier ::= SEQUENCE {
- * keyIdentifier [0] KeyIdentifier OPTIONAL,
- * authorityCertIssuer [1] GeneralNames OPTIONAL,
- * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
- * -- authorityCertIssuer and authorityCertSerialNumber shall both
- * -- be present or both be absent
- *
- * The public calls for the type:
- *
- * NSSPKIXAuthorityKeyIdentifier_Decode
- * NSSPKIXAuthorityKeyIdentifier_Create
- * NSSPKIXAuthorityKeyIdentifier_Destroy
- * NSSPKIXAuthorityKeyIdentifier_Encode
- * NSSPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- * NSSPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- * NSSPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- * NSSPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- * NSSPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- * NSSPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- * NSSPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- * NSSPKIXAuthorityKeyIdentifier_Equal
- * NSSPKIXAuthorityKeyIdentifier_Duplicate
- *
- */
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyIdentifier *keyIdentifierOpt,
- NSSPKIXGeneralNames *authorityCertIssuerOpt,
- NSSPKIXCertificateSerialNumber *authorityCertSerialNumberOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_Destroy
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAuthorityKeyIdentifier_Encode
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityKeyIdentifier_HasKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_GetKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXKeyIdentifier *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_SetKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXKeyIdentifier *keyIdentifier
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if it has them
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-NSSPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXCertificateSerialNumber *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXGeneralNames *issuer,
- NSSPKIXCertificateSerialNumber *serialNumber
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityKeyIdentifier_Equal
-(
- NSSPKIXAuthorityKeyIdentifier *aki1,
- NSSPKIXAuthorityKeyIdentifier *aki2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityKeyIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-NSSPKIXAuthorityKeyIdentifier_Duplicate
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSArena *arenaOpt
-);
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyUsage ::= BIT STRING {
- * digitalSignature (0),
- * nonRepudiation (1),
- * keyEncipherment (2),
- * dataEncipherment (3),
- * keyAgreement (4),
- * keyCertSign (5),
- * cRLSign (6),
- * encipherOnly (7),
- * decipherOnly (8) }
- *
- * The public calls for the type:
- *
- * NSSPKIXKeyUsage_Decode
- * NSSPKIXKeyUsage_CreateFromUTF8
- * NSSPKIXKeyUsage_CreateFromValue
- * NSSPKIXKeyUsage_Destroy
- * NSSPKIXKeyUsage_Encode
- * NSSPKIXKeyUsage_GetUTF8Encoding
- * NSSPKIXKeyUsage_GetValue
- * NSSPKIXKeyUsage_SetValue
- * { bitwise accessors? }
- * NSSPKIXKeyUsage_Equal
- * NSSPKIXKeyUsage_Duplicate
- *
- */
-
-/*
- * NSSPKIXKeyUsage_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXKeyUsage_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXKeyUsage_CreateFromValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_CreateFromValue
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyUsageValue value
-);
-
-/*
- * NSSPKIXKeyUsage_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXKeyUsage_Destroy
-(
- NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * NSSPKIXKeyUsage_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXKeyUsage_Encode
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXKeyUsage_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXKeyUsage_GetUTF8Encoding
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXKeyUsage_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * A set of NSSKeyUsageValue values OR-d together upon success
- * NSSKeyUsage_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSKeyUsageValue
-NSSPKIXKeyUsage_GetValue
-(
- NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * NSSPKIXKeyUsage_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXKeyUsage_SetValue
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSPKIXKeyUsageValue value
-);
-
-/*
- * NSSPKIXKeyUsage_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXKeyUsage_Equal
-(
- NSSPKIXKeyUsage *keyUsage1,
- NSSPKIXKeyUsage *keyUsage2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXKeyUsage_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-NSSPKIXKeyUsage_Duplicate
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSArena *arenaOpt
-);
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PrivateKeyUsagePeriod ::= SEQUENCE {
- * notBefore [0] GeneralizedTime OPTIONAL,
- * notAfter [1] GeneralizedTime OPTIONAL }
- * -- either notBefore or notAfter shall be present
- *
- * The public calls for the type:
- *
- * NSSPKIXPrivateKeyUsagePeriod_Decode
- * NSSPKIXPrivateKeyUsagePeriod_Create
- * NSSPKIXPrivateKeyUsagePeriod_Destroy
- * NSSPKIXPrivateKeyUsagePeriod_Encode
- * NSSPKIXPrivateKeyUsagePeriod_HasNotBefore
- * NSSPKIXPrivateKeyUsagePeriod_GetNotBefore
- * NSSPKIXPrivateKeyUsagePeriod_SetNotBefore
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- * NSSPKIXPrivateKeyUsagePeriod_HasNotAfter
- * NSSPKIXPrivateKeyUsagePeriod_GetNotAfter
- * NSSPKIXPrivateKeyUsagePeriod_SetNotAfter
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- * NSSPKIXPrivateKeyUsagePeriod_Equal
- * NSSPKIXPrivateKeyUsagePeriod_Duplicate
- *
- */
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-NSSPKIXPrivateKeyUsagePeriod_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-NSSPKIXPrivateKeyUsagePeriod_Create
-(
- NSSArena *arenaOpt,
- NSSTime *notBeforeOpt,
- NSSTime *notAfterOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_Destroy
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPrivateKeyUsagePeriod_Encode
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_HasNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPrivateKeyUsagePeriod_HasNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- * NSSTime {fgmr!}
- * NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-NSSPKIXPrivateKeyUsagePeriod_GetNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_SetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_SetNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSTime *notBefore
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_RemoveNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_HasNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPrivateKeyUsagePeriod_HasNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- * NSSTime {fgmr!}
- * NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-NSSPKIXPrivateKeyUsagePeriod_GetNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_SetNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSTime *notAfter
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPrivateKeyUsagePeriod_RemoveNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPrivateKeyUsagePeriod_Equal
-(
- NSSPKIXPrivateKeyUsagePeriod *period1,
- NSSPKIXPrivateKeyUsagePeriod *period2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPrivateKeyUsagePeriod_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-NSSPKIXPrivateKeyUsagePeriod_Duplicate
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- * The public calls for the type:
- *
- * NSSPKIXCertificatePolicies_Decode
- * NSSPKIXCertificatePolicies_Create
- * NSSPKIXCertificatePolicies_Destroy
- * NSSPKIXCertificatePolicies_Encode
- * NSSPKIXCertificatePolicies_GetPolicyInformationCount
- * NSSPKIXCertificatePolicies_GetPolicyInformations
- * NSSPKIXCertificatePolicies_SetPolicyInformations
- * NSSPKIXCertificatePolicies_GetPolicyInformation
- * NSSPKIXCertificatePolicies_SetPolicyInformation
- * NSSPKIXCertificatePolicies_InsertPolicyInformation
- * NSSPKIXCertificatePolicies_AppendPolicyInformation
- * NSSPKIXCertificatePolicies_RemovePolicyInformation
- * NSSPKIXCertificatePolicies_FindPolicyInformation
- * NSSPKIXCertificatePolicies_Equal
- * NSSPKIXCertificatePolicies_Duplicate
- *
- */
-
-/*
- * NSSPKIXCertificatePolicies_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-NSSPKIXCertificatePolicies_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCertificatePolicies_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-NSSPKIXCertificatePolicies_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXPolicyInformation *pi1,
- ...
-);
-
-/*
- * NSSPKIXCertificatePolicies_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_Destroy
-(
- NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * NSSPKIXCertificatePolicies_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCertificatePolicies_Encode
-(
- NSSPKIXCertificatePolicies *cp,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_GetPolicyInformationCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCertificatePolicies_GetPolicyInformationCount
-(
- NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * NSSPKIXCertificatePolicies_GetPolicyInformations
- *
- * We regret the function name.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXPolicyInformation pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation **
-NSSPKIXCertificatePolicies_GetPolicyInformations
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_SetPolicyInformations
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_SetPolicyInformations
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXCertificatePolicies_GetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXCertificatePolicies_GetPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_SetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_SetPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_InsertPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_InsertPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_AppendPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_AppendPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_RemovePolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCertificatePolicies_RemovePolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i
-);
-
-/*
- * NSSPKIXCertificatePolicies_FindPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * The nonnegative integer upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCertificatePolicies_FindPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXCertificatePolicies_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCertificatePolicies_Equal
-(
- NSSPKIXCertificatePolicies *cp1,
- NSSPKIXCertificatePolicies *cp2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCertificatePolicies_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-NSSPKIXCertificatePolicies_Duplicate
-(
- NSSPKIXCertificatePolicies *cp,
- NSSArena *arenaOpt
-);
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyInformation ::= SEQUENCE {
- * policyIdentifier CertPolicyId,
- * policyQualifiers SEQUENCE SIZE (1..MAX) OF
- * PolicyQualifierInfo OPTIONAL }
- *
- * The public calls for the type:
- *
- * NSSPKIXPolicyInformation_Decode
- * NSSPKIXPolicyInformation_Create
- * NSSPKIXPolicyInformation_Destroy
- * NSSPKIXPolicyInformation_Encode
- * NSSPKIXPolicyInformation_GetPolicyIdentifier
- * NSSPKIXPolicyInformation_SetPolicyIdentifier
- * NSSPKIXPolicyInformation_GetPolicyQualifierCount
- * NSSPKIXPolicyInformation_GetPolicyQualifiers
- * NSSPKIXPolicyInformation_SetPolicyQualifiers
- * NSSPKIXPolicyInformation_GetPolicyQualifier
- * NSSPKIXPolicyInformation_SetPolicyQualifier
- * NSSPKIXPolicyInformation_InsertPolicyQualifier
- * NSSPKIXPolicyInformation_AppendPolicyQualifier
- * NSSPKIXPolicyInformation_RemovePolicyQualifier
- * NSSPKIXPolicyInformation_Equal
- * NSSPKIXPolicyInformation_Duplicate
- * { and accessors by specific policy qualifier ID }
- *
- */
-
-/*
- * NSSPKIXPolicyInformation_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXPolicyInformation_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyInformation_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXPolicyInformation_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertPolicyId *id,
- NSSPKIXPolicyQualifierInfo *pqi1,
- ...
-);
-
-/*
- * NSSPKIXPolicyInformation_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_Destroy
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXPolicyInformation_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyInformation_Encode
-(
- NSSPKIXPolicyInformation *pi,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid OID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXPolicyInformation_GetPolicyIdentifier
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXPolicyInformation_SetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_SetPolicyIdentifier
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXCertPolicyIdentifier *cpi
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyQualifierCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyInformation_GetPolicyQualifierCount
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXPolicyQualifierInfo pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo **
-NSSPKIXPolicyInformation_GetPolicyQualifiers
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXPolicyQualifierInfo *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_SetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_SetPolicyQualifiers
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXPolicyQualifierInfo *pqi[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXPolicyInformation_GetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyInformation_GetPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_SetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_SetPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyInformation_InsertPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_InsertPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyInformation_AppendPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_AppendPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyInformation_RemovePolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyInformation_RemovePolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i
-);
-
-/*
- * NSSPKIXPolicyInformation_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyInformation_Equal
-(
- NSSPKIXPolicyInformation *pi1,
- NSSPKIXPolicyInformation *pi2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyInformation_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-NSSPKIXPolicyInformation_Duplicate
-(
- NSSPKIXPolicyInformation *pi,
- NSSArena *arenaOpt
-);
-
-/*
- * { and accessors by specific policy qualifier ID }
- *
- */
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierInfo ::= SEQUENCE {
- * policyQualifierId PolicyQualifierId,
- * qualifier ANY DEFINED BY policyQualifierId }
- *
- * The public calls for the type:
- *
- * NSSPKIXPolicyQualifierInfo_Decode
- * NSSPKIXPolicyQualifierInfo_Create
- * NSSPKIXPolicyQualifierInfo_Destroy
- * NSSPKIXPolicyQualifierInfo_Encode
- * NSSPKIXPolicyQualifierInfo_GetPolicyQualifierID
- * NSSPKIXPolicyQualifierInfo_SetPolicyQualifierID
- * NSSPKIXPolicyQualifierInfo_GetQualifier
- * NSSPKIXPolicyQualifierInfo_SetQualifier
- * NSSPKIXPolicyQualifierInfo_Equal
- * NSSPKIXPolicyQualifierInfo_Duplicate
- * { and accessors by specific qualifier id/type }
- *
- */
-
-/*
- * NSSPKIXPolicyQualifierInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyQualifierInfo_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyQualifierInfo_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXPolicyQualifierId *policyQualifierId,
- NSSItem *qualifier
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyQualifierInfo_Destroy
-(
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyQualifierInfo_Encode
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_GetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierId (an NSSOID) upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierId *
-NSSPKIXPolicyQualifierInfo_GetPolicyQualifierId
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_SetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyQualifierInfo_SetPolicyQualifierId
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSPKIXPolicyQualifierId *pqid
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_GetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXPolicyQualifierInfo_GetQualifier
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_SetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyQualifierInfo_SetQualifier
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSItem *qualifier
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyQualifierInfo_Equal
-(
- NSSPKIXPolicyQualifierInfo *pqi1,
- NSSPKIXPolicyQualifierInfo *pqi2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyQualifierInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-NSSPKIXPolicyQualifierInfo_Duplicate
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSArena *arenaOpt
-);
-
-/*
- * { and accessors by specific qualifier id/type }
- *
- */
-
-/*
- * CPSuri
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CPSuri ::= IA5String
- *
- * The public calls for this type:
- *
- * NSSPKIXCPSuri_Decode
- * NSSPKIXCPSuri_CreateFromUTF8
- * NSSPKIXCPSuri_Encode
- *
- */
-
-/*
- * NSSPKIXCPSuri_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCPSuri upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-NSSPKIXCPSuri_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCPSuri_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCPSuri upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-NSSPKIXCPSuri_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXCPSuri_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CPS_URI
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCPSuri_Encode
-(
- NSSPKIXCPSuri *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UserNotice ::= SEQUENCE {
- * noticeRef NoticeReference OPTIONAL,
- * explicitText DisplayText OPTIONAL}
- *
- * The public calls for this type:
- *
- * NSSPKIXUserNotice_Decode
- * NSSPKIXUserNotice_Create
- * NSSPKIXUserNotice_Destroy
- * NSSPKIXUserNotice_Encode
- * NSSPKIXUserNotice_HasNoticeRef
- * NSSPKIXUserNotice_GetNoticeRef
- * NSSPKIXUserNotice_SetNoticeRef
- * NSSPKIXUserNotice_RemoveNoticeRef
- * NSSPKIXUserNotice_HasExplicitText
- * NSSPKIXUserNotice_GetExplicitText
- * NSSPKIXUserNotice_SetExplicitText
- * NSSPKIXUserNotice_RemoveExplicitText
- * NSSPKIXUserNotice_Equal
- * NSSPKIXUserNotice_Duplicate
- *
- */
-
-
-/*
- * NSSPKIXUserNotice_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-NSSPKIXUserNotice_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXUserNotice_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-NSSPKIXUserNotice_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNoticeReference *noticeRef,
- NSSPKIXDisplayText *explicitText
-);
-
-/*
- * NSSPKIXUserNotice_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_Destroy
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * NSSPKIXUserNotice_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXUserNotice_Encode
-(
- NSSPKIXUserNotice *userNotice,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXUserNotice_HasNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXUserNotice_HasNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXUserNotice_GetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOTICE_REF
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXUserNotice_GetNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXUserNotice_SetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_SetNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- NSSPKIXNoticeReference *noticeRef
-);
-
-/*
- * NSSPKIXUserNotice_RemoveNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_HAS_NO_NOTICE_REF
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_RemoveNoticeRef
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * NSSPKIXUserNotice_HasExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if it has some
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXUserNotice_HasExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXUserNotice_GetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXUserNotice_GetExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXUserNotice_SetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_SetExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- NSSPKIXDisplayText *explicitText
-);
-
-/*
- * NSSPKIXUserNotice_RemoveExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXUserNotice_RemoveExplicitText
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * NSSPKIXUserNotice_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXUserNotice_Equal
-(
- NSSPKIXUserNotice *userNotice1,
- NSSPKIXUserNotice *userNotice2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXUserNotice_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-NSSPKIXUserNotice_Duplicate
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NoticeReference ::= SEQUENCE {
- * organization DisplayText,
- * noticeNumbers SEQUENCE OF INTEGER }
- *
- * The public calls for this type:
- *
- * NSSPKIXNoticeReference_Decode
- * NSSPKIXNoticeReference_Create
- * NSSPKIXNoticeReference_Destroy
- * NSSPKIXNoticeReference_Encode
- * NSSPKIXNoticeReference_GetOrganization
- * NSSPKIXNoticeReference_SetOrganization
- * NSSPKIXNoticeReference_GetNoticeNumberCount
- * NSSPKIXNoticeReference_GetNoticeNumbers
- * NSSPKIXNoticeReference_SetNoticeNumbers
- * NSSPKIXNoticeReference_GetNoticeNumber
- * NSSPKIXNoticeReference_SetNoticeNumber
- * NSSPKIXNoticeReference_InsertNoticeNumber
- * NSSPKIXNoticeReference_AppendNoticeNumber
- * NSSPKIXNoticeReference_RemoveNoticeNumber
- * { maybe number-exists-p gettor? }
- * NSSPKIXNoticeReference_Equal
- * NSSPKIXNoticeReference_Duplicate
- *
- */
-
-/*
- * NSSPKIXNoticeReference_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXNoticeReference_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXNoticeReference_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXNoticeReference_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDisplayText *organization,
- PRUint32 noticeCount,
- PRInt32 noticeNumber1,
- ...
-);
-
-/*
- * { fgmr -- or should the call that takes PRInt32 be _CreateFromValues,
- * and the _Create call take NSSBER integers? }
- */
-
-/*
- * NSSPKIXNoticeReference_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_Destroy
-(
- NSSPKIXNoticeReference *nr
-);
-
-/*
- * NSSPKIXNoticeReference_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNoticeReference_Encode
-(
- NSSPKIXNoticeReference *nr,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNoticeReference_GetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXNoticeReference_GetOrganization
-(
- NSSPKIXNoticeReference *nr,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNoticeReference_SetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_SetOrganization
-(
- NSSPKIXNoticeReference *nr,
- NSSPKIXDisplayText *organization
-);
-
-/*
- * NSSPKIXNoticeReference_GetNoticeNumberCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXNoticeReference_GetNoticeNumberCount
-(
- NSSPKIXNoticeReference *nr
-);
-
-/*
- * NSSPKIXNoticeReference_GetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of PRInt32 values upon success
- * NULL upon failure
- */
-
-NSS_EXTERN PRInt32 *
-NSSPKIXNoticeReference_GetNoticeNumbers
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNoticeReference_SetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_SetNoticeNumbers
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 noticeNumbers[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXNoticeReference_GetNoticeNumber
- *
- * -- fgmr comments --
- * Because there is no natural "invalid" notice number value, we must
- * pass the number by reference, and return an explicit status value.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_GetNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 *noticeNumberP
-);
-
-/*
- * NSSPKIXNoticeReference_SetNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_SetNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 noticeNumber
-);
-
-/*
- * NSSPKIXNoticeReference_InsertNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_InsertNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 noticeNumber
-);
-
-/*
- * NSSPKIXNoticeReference_AppendNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_AppendNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 noticeNumber
-);
-
-/*
- * NSSPKIXNoticeReference_RemoveNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNoticeReference_RemoveNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i
-);
-
-/*
- * { maybe number-exists-p gettor? }
- */
-
-/*
- * NSSPKIXNoticeReference_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNoticeReference_Equal
-(
- NSSPKIXNoticeReference *nr1,
- NSSPKIXNoticeReference *nr2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNoticeReference_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-NSSPKIXNoticeReference_Duplicate
-(
- NSSPKIXNoticeReference *nr,
- NSSArena *arenaOpt
-);
-
-/*
- * DisplayText
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DisplayText ::= CHOICE {
- * visibleString VisibleString (SIZE (1..200)),
- * bmpString BMPString (SIZE (1..200)),
- * utf8String UTF8String (SIZE (1..200)) }
- *
- * The public calls for this type:
- *
- * NSSPKIXDisplayText_Decode
- * NSSPKIXDisplayText_CreateFromUTF8
- * NSSPKIXDisplayText_Encode
- *
- */
-
-/*
- * NSSPKIXDisplayText_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXDisplayText_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXDisplayText_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-NSSPKIXDisplayText_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXDisplayText_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDisplayText_Encode
-(
- NSSPKIXDisplayText *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- * The public calls for this type:
- *
- * NSSPKIXPolicyMappings_Decode
- * NSSPKIXPolicyMappings_Create
- * NSSPKIXPolicyMappings_Destroy
- * NSSPKIXPolicyMappings_Encode
- * NSSPKIXPolicyMappings_GetPolicyMappingCount
- * NSSPKIXPolicyMappings_GetPolicyMappings
- * NSSPKIXPolicyMappings_SetPolicyMappings
- * NSSPKIXPolicyMappings_GetPolicyMapping
- * NSSPKIXPolicyMappings_SetPolicyMapping
- * NSSPKIXPolicyMappings_InsertPolicyMapping
- * NSSPKIXPolicyMappings_AppendPolicyMapping
- * NSSPKIXPolicyMappings_RemovePolicyMapping
- * NSSPKIXPolicyMappings_FindPolicyMapping
- * NSSPKIXPolicyMappings_Equal
- * NSSPKIXPolicyMappings_Duplicate
- * NSSPKIXPolicyMappings_IssuerDomainPolicyExists
- * NSSPKIXPolicyMappings_SubjectDomainPolicyExists
- * NSSPKIXPolicyMappings_FindIssuerDomainPolicy
- * NSSPKIXPolicyMappings_FindSubjectDomainPolicy
- * NSSPKIXPolicyMappings_MapIssuerToSubject
- * NSSPKIXPolicyMappings_MapSubjectToIssuer
- * { find's and map's: what if there's more than one? }
- *
- */
-
-/*
- * NSSPKIXPolicyMappings_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-NSSPKIXPolicyMappings_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyMappings_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-NSSPKIXPolicyMappings_Decode
-(
- NSSArena *arenaOpt,
- NSSPKIXpolicyMapping *policyMapping1,
- ...
-);
-
-/*
- * NSSPKIXPolicyMappings_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_Destroy
-(
- NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * NSSPKIXPolicyMappings_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyMappings_Encode
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_GetPolicyMappingCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_GetPolicyMappingCount
-(
- NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * NSSPKIXPolicyMappings_GetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXpolicyMapping pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping **
-NSSPKIXPolicyMappings_GetPolicyMappings
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_SetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_SetPolicyMappings
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping[]
- PRInt32 count
-);
-
-/*
- * NSSPKIXPolicyMappings_GetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXPolicyMappings_GetPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_SetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_SetPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_InsertPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_InsertPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_AppendPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_AppendPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_RemovePolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyMappings_RemovePolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i
-);
-
-/*
- * NSSPKIXPolicyMappings_FindPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_FindPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXPolicyMappings_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyMappings_Equal
-(
- NSSPKIXPolicyMappings *policyMappings1,
- NSSPKIXpolicyMappings *policyMappings2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-NSSPKIXPolicyMappings_Duplicate
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_IssuerDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_TRUE if the specified domain policy OID exists
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyMappings_IssuerDomainPolicyExists
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_SubjectDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_TRUE if the specified domain policy OID exists
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyMappings_SubjectDomainPolicyExists
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *subjectDomainPolicy,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyMappings_FindIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_FindIssuerDomainPolicy
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXPolicyMappings_FindSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyMappings_FindSubjectDomainPolicy
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXPolicyMappings_MapIssuerToSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXPolicyMappings_MapIssuerToSubject
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXPolicyMappings_MapSubjectToIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXPolicyMappings_MapSubjectToIssuer
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- * SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- * The public calls for this type:
- *
- * NSSPKIXpolicyMapping_Decode
- * NSSPKIXpolicyMapping_Create
- * NSSPKIXpolicyMapping_Destroy
- * NSSPKIXpolicyMapping_Encode
- * NSSPKIXpolicyMapping_GetIssuerDomainPolicy
- * NSSPKIXpolicyMapping_SetIssuerDomainPolicy
- * NSSPKIXpolicyMapping_GetSubjectDomainPolicy
- * NSSPKIXpolicyMapping_SetSubjectDomainPolicy
- * NSSPKIXpolicyMapping_Equal
- * NSSPKIXpolicyMapping_Duplicate
- *
- */
-
-/*
- * NSSPKIXpolicyMapping_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXpolicyMapping_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXpolicyMapping_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXpolicyMapping_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertPolicyId *issuerDomainPolicy,
- NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * NSSPKIXpolicyMapping_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXpolicyMapping_Destroy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXpolicyMapping_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXpolicyMapping_Encode
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXpolicyMapping_GetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId OID upon success
- * NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXpolicyMapping_GetIssuerDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXpolicyMapping_SetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXpolicyMapping_SetIssuerDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * NSSPKIXpolicyMapping_GetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId OID upon success
- * NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-NSSPKIXpolicyMapping_GetSubjectDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * NSSPKIXpolicyMapping_SetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXpolicyMapping_SetSubjectDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * NSSPKIXpolicyMapping_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXpolicyMapping_Equal
-(
- NSSPKIXpolicyMapping *policyMapping1,
- NSSPKIXpolicyMapping *policyMapping2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXpolicyMapping_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-NSSPKIXpolicyMapping_Duplicate
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSArena *arenaOpt
-);
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] AnotherName,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- * The public calls for this type:
- *
- * NSSPKIXGeneralName_Decode
- * NSSPKIXGeneralName_CreateFromUTF8
- * NSSPKIXGeneralName_Create
- * NSSPKIXGeneralName_CreateFromOtherName
- * NSSPKIXGeneralName_CreateFromRfc822Name
- * NSSPKIXGeneralName_CreateFromDNSName
- * NSSPKIXGeneralName_CreateFromX400Address
- * NSSPKIXGeneralName_CreateFromDirectoryName
- * NSSPKIXGeneralName_CreateFromEDIPartyName
- * NSSPKIXGeneralName_CreateFromUniformResourceIdentifier
- * NSSPKIXGeneralName_CreateFromIPAddress
- * NSSPKIXGeneralName_CreateFromRegisteredID
- * NSSPKIXGeneralName_Destroy
- * NSSPKIXGeneralName_Encode
- * NSSPKIXGeneralName_GetUTF8Encoding
- * NSSPKIXGeneralName_GetChoice
- * NSSPKIXGeneralName_GetOtherName
- * NSSPKIXGeneralName_GetRfc822Name
- * NSSPKIXGeneralName_GetDNSName
- * NSSPKIXGeneralName_GetX400Address
- * NSSPKIXGeneralName_GetDirectoryName
- * NSSPKIXGeneralName_GetEDIPartyName
- * NSSPKIXGeneralName_GetUniformResourceIdentifier
- * NSSPKIXGeneralName_GetIPAddress
- * NSSPKIXGeneralName_GetRegisteredID
- * NSSPKIXGeneralName_GetSpecifiedChoice
- * NSSPKIXGeneralName_Equal
- * NSSPKIXGeneralName_Duplicate
- * (in pki1 I had specific attribute value gettors here too)
- *
- */
-
-/*
- * NSSPKIXGeneralName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * NSSPKIXGeneralName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralNameChoice choice,
- void *content
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromOtherName
-(
- NSSArena *arenaOpt,
- NSSPKIXAnotherName *otherName
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromRfc822Name
-(
- NSSArena *arenaOpt,
- NSSUTF8 *rfc822Name
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromDNSName
-(
- NSSArena *arenaOpt,
- NSSUTF8 *dNSName
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromX400Address
-(
- NSSArena *arenaOpt,
- NSSPKIXORAddress *x400Address
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromDirectoryName
-(
- NSSArena *arenaOpt,
- NSSPKIXName *directoryName
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromEDIPartyName
-(
- NSSArena *arenaOpt,
- NSSPKIXEDIPartyName *ediPartyname
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromUniformResourceIdentifier
-(
- NSSArena *arenaOpt,
- NSSUTF8 *uniformResourceIdentifier
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromIPAddress
-(
- NSSArena *arenaOpt,
- NSSItem *iPAddress
-);
-
-/*
- * NSSPKIXGeneralName_CreateFromRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_CreateFromRegisteredID
-(
- NSSArena *arenaOpt,
- NSSOID *registeredID
-);
-
-/*
- * NSSPKIXGeneralName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralName_Destroy
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralName_Encode
-(
- NSSPKIXGeneralName *generalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetUTF8Encoding
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid NSSPKIXGeneralNameChoice value upon success
- * NSSPKIXGeneralNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNameChoice
-NSSPKIXGeneralName_GetChoice
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralName_GetOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXGeneralName_GetOtherName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetRfc822Name
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetDNSName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-NSSPKIXGeneralName_GetX400Address
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-NSSPKIXGeneralName_GetDirectoryName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXGeneralName_GetEDIPartyName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXGeneralName_GetUniformResourceIdentifier
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXGeneralName_GetIPAddress
-(
- NSSPKIXGeneralName *generalName,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_GetRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSOID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXGeneralName_GetRegisteredID
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-NSSPKIXGeneralName_GetSpecifiedChoice
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralName_Equal
-(
- NSSPKIXGeneralName *generalName1,
- NSSPKIXGeneralName *generalName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralName_Duplicate
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * (in pki1 I had specific attribute value gettors here too)
- *
- */
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * The public calls for this type:
- *
- * NSSPKIXGeneralNames_Decode
- * NSSPKIXGeneralNames_Create
- * NSSPKIXGeneralNames_Destroy
- * NSSPKIXGeneralNames_Encode
- * NSSPKIXGeneralNames_GetGeneralNameCount
- * NSSPKIXGeneralNames_GetGeneralNames
- * NSSPKIXGeneralNames_SetGeneralNames
- * NSSPKIXGeneralNames_GetGeneralName
- * NSSPKIXGeneralNames_SetGeneralName
- * NSSPKIXGeneralNames_InsertGeneralName
- * NSSPKIXGeneralNames_AppendGeneralName
- * NSSPKIXGeneralNames_RemoveGeneralName
- * NSSPKIXGeneralNames_FindGeneralName
- * NSSPKIXGeneralNames_Equal
- * NSSPKIXGeneralNames_Duplicate
- *
- */
-
-/*
- * NSSPKIXGeneralNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXGeneralNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXGeneralNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralName *generalName1,
- ...
-);
-
-/*
- * NSSPKIXGeneralNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_Destroy
-(
- NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * NSSPKIXGeneralNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralNames_Encode
-(
- NSSPKIXGeneralNames *generalNames,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralNames_GetGeneralNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralNames_GetGeneralNameCount
-(
- NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * NSSPKIXGeneralNames_GetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXGeneralName pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName **
-NSSPKIXGeneralNames_GetGeneralNames
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralNames_SetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_SetGeneralNames
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXGeneralNames_GetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralNames_GetGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralNames_SetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_SetGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_InsertGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_InsertGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_AppendGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_AppendGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_RemoveGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralNames_RemoveGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i
-);
-
-/*
- * NSSPKIXGeneralNames_FindGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralNames_FindGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * NSSPKIXGeneralNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralNames_Equal
-(
- NSSPKIXGeneralNames *generalNames1,
- NSSPKIXGeneralNames *generalNames2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXGeneralNames_Duplicate
-(
- NSSPKIXGeneralNames *generalNames,
- NSSArena *arenaOpt
-);
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AnotherName ::= SEQUENCE {
- * type-id OBJECT IDENTIFIER,
- * value [0] EXPLICIT ANY DEFINED BY type-id }
- *
- * The public calls for this type:
- *
- * NSSPKIXAnotherName_Decode
- * NSSPKIXAnotherName_Create
- * NSSPKIXAnotherName_Destroy
- * NSSPKIXAnotherName_Encode
- * NSSPKIXAnotherName_GetTypeId
- * NSSPKIXAnotherName_SetTypeId
- * NSSPKIXAnotherName_GetValue
- * NSSPKIXAnotherName_SetValue
- * NSSPKIXAnotherName_Equal
- * NSSPKIXAnotherName_Duplicate
- *
- */
-
-/*
- * NSSPKIXAnotherName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXAnotherName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAnotherName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXAnotherName_Create
-(
- NSSArena *arenaOpt,
- NSSOID *typeId,
- NSSItem *value
-);
-
-/*
- * NSSPKIXAnotherName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAnotherName_Destroy
-(
- NSSPKIXAnotherName *anotherName
-);
-
-/*
- * NSSPKIXAnotherName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAnotherName_Encode
-(
- NSSPKIXAnotherName *anotherName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAnotherName_GetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSOID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXAnotherName_GetTypeId
-(
- NSSPKIXAnotherName *anotherName
-);
-
-/*
- * NSSPKIXAnotherName_SetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAnotherName_SetTypeId
-(
- NSSPKIXAnotherName *anotherName,
- NSSOID *typeId
-);
-
-/*
- * NSSPKIXAnotherName_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-NSSPKIXAnotherName_GetValue
-(
- NSSPKIXAnotherName *anotherName,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAnotherName_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAnotherName_SetValue
-(
- NSSPKIXAnotherName *anotherName,
- NSSItem *value
-);
-
-/*
- * NSSPKIXAnotherName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAnotherName_Equal
-(
- NSSPKIXAnotherName *anotherName1,
- NSSPKIXAnotherName *anotherName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAnotherName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-NSSPKIXAnotherName_Duplicate
-(
- NSSPKIXAnotherName *anotherName,
- NSSArena *arenaOpt
-);
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString OPTIONAL,
- * partyName [1] DirectoryString }
- *
- * The public calls for this type:
- *
- * NSSPKIXEDIPartyName_Decode
- * NSSPKIXEDIPartyName_Create
- * NSSPKIXEDIPartyName_Destroy
- * NSSPKIXEDIPartyName_Encode
- * NSSPKIXEDIPartyName_HasNameAssigner
- * NSSPKIXEDIPartyName_GetNameAssigner
- * NSSPKIXEDIPartyName_SetNameAssigner
- * NSSPKIXEDIPartyName_RemoveNameAssigner
- * NSSPKIXEDIPartyName_GetPartyName
- * NSSPKIXEDIPartyName_SetPartyName
- * NSSPKIXEDIPartyName_Equal
- * NSSPKIXEDIPartyName_Duplicate
- *
- */
-
-/*
- * NSSPKIXEDIPartyName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXEDIPartyName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXEDIPartyName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXEDIPartyName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *nameAssignerOpt,
- NSSUTF8 *partyName
-);
-
-/*
- * NSSPKIXEDIPartyName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_Destroy
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * NSSPKIXEDIPartyName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXEDIPartyName_Encode
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_HasNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXEDIPartyName_HasNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * NSSPKIXEDIPartyName_GetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NAME_ASSIGNER
- *
- * Return value:
- * A valid pointer to an NSSUTF8 string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXEDIPartyName_GetNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_SetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_SetNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSUTF8 *nameAssigner
-);
-
-/*
- * NSSPKIXEDIPartyName_RemoveNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_HAS_NO_NAME_ASSIGNER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_RemoveNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * NSSPKIXEDIPartyName_GetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-NSSPKIXEDIPartyName_GetPartyName
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_SetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXEDIPartyName_SetPartyName
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSUTF8 *partyName
-);
-
-/*
- * NSSPKIXEDIPartyName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXEDIPartyName_Equal
-(
- NSSPKIXEDIPartyName *ediPartyName1,
- NSSPKIXEDIPartyName *ediPartyName2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXEDIPartyName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-NSSPKIXEDIPartyName_Duplicate
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- * The public calls for this type:
- *
- * NSSPKIXSubjectDirectoryAttributes_Decode
- * NSSPKIXSubjectDirectoryAttributes_Create
- * NSSPKIXSubjectDirectoryAttributes_Destroy
- * NSSPKIXSubjectDirectoryAttributes_Encode
- * NSSPKIXSubjectDirectoryAttributes_GetAttributeCount
- * NSSPKIXSubjectDirectoryAttributes_GetAttributes
- * NSSPKIXSubjectDirectoryAttributes_SetAttributes
- * NSSPKIXSubjectDirectoryAttributes_GetAttribute
- * NSSPKIXSubjectDirectoryAttributes_SetAttribute
- * NSSPKIXSubjectDirectoryAttributes_InsertAttribute
- * NSSPKIXSubjectDirectoryAttributes_AppendAttribute
- * NSSPKIXSubjectDirectoryAttributes_RemoveAttribute
- * NSSPKIXSubjectDirectoryAttributes_FindAttribute
- * NSSPKIXSubjectDirectoryAttributes_Equal
- * NSSPKIXSubjectDirectoryAttributes_Duplicate
- *
- */
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-NSSPKIXSubjectDirectoryAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-NSSPKIXSubjectDirectoryAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttribute *attribute1,
- ...
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_Destroy
-(
- NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXSubjectDirectoryAttributes_Encode
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_GetAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXSubjectDirectoryAttributes_GetAttributeCount
-(
- NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_GetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttribute pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttribute **
-NSSPKIXSubjectDirectoryAttributes_GetAttributes
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_SetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_SetAttributes
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSAttribute *attributes[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_GetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon error
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-NSSPKIXSubjectDirectoryAttributes_GetAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_SetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_SetAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_InsertAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_InsertAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_AppendAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_AppendAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_RemoveAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXSubjectDirectoryAttributes_RemoveAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_FindAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ATTRIBUTE
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXSubjectDirectoryAttributes_FindAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXSubjectDirectoryAttributes_Equal
-(
- NSSPKIXSubjectDirectoryAttributes *sda1,
- NSSPKIXSubjectDirectoryAttributes *sda2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXSubjectDirectoryAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-NSSPKIXSubjectDirectoryAttributes_Duplicate
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSArena *arenaOpt
-);
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BasicConstraints ::= SEQUENCE {
- * cA BOOLEAN DEFAULT FALSE,
- * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXBasicConstraints_Decode
- * NSSPKIXBasicConstraints_Create
- * NSSPKIXBasicConstraints_Destroy
- * NSSPKIXBasicConstraints_Encode
- * NSSPKIXBasicConstraints_GetCA
- * NSSPKIXBasicConstraints_SetCA
- * NSSPKIXBasicConstraints_HasPathLenConstraint
- * NSSPKIXBasicConstraints_GetPathLenConstraint
- * NSSPKIXBasicConstraints_SetPathLenConstraint
- * NSSPKIXBasicConstraints_RemovePathLenConstraint
- * NSSPKIXBasicConstraints_Equal
- * NSSPKIXBasicConstraints_Duplicate
- * NSSPKIXBasicConstraints_CompareToPathLenConstraint
- *
- */
-
-/*
- * NSSPKIXBasicConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-NSSPKIXBasicConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXBasicConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-NSSPKIXBasicConstraints_Create
-(
- NSSArena *arenaOpt,
- PRBool ca,
- PRInt32 pathLenConstraint
-);
-
-/*
- * NSSPKIXBasicConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_Destroy
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * NSSPKIXBasicConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXBasicConstraints_Encode
-(
- NSSPKIXBasicConstraints *basicConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_GetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the CA bit is true
- * PR_FALSE if it isn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBasicConstraints_GetCA
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_SetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_SetCA
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRBool ca
-);
-
-/*
- * NSSPKIXBasicConstraints_HasPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBasicConstraints_HasPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_GetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBasicConstraints_GetPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * NSSPKIXBasicConstraints_SetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_SetPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRInt32 pathLenConstraint
-);
-
-/*
- * NSSPKIXBasicConstraints_RemovePathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXBasicConstraints_RemovePathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * NSSPKIXBasicConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXBasicConstraints_Equal
-(
- NSSPKIXBasicConstraints *basicConstraints1,
- NSSPKIXBasicConstraints *basicConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-NSSPKIXBasicConstraints_Duplicate
-(
- NSSPKIXBasicConstraints *basicConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXBasicConstraints_CompareToPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *
- * Return value:
- * 1 if the specified value is greater than the pathLenConstraint
- * 0 if the specified value equals the pathLenConstraint
- * -1 if the specified value is less than the pathLenConstraint
- * -2 upon error
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXBasicConstraints_CompareToPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRInt32 value
-);
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NameConstraints ::= SEQUENCE {
- * permittedSubtrees [0] GeneralSubtrees OPTIONAL,
- * excludedSubtrees [1] GeneralSubtrees OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXNameConstraints_Decode
- * NSSPKIXNameConstraints_Create
- * NSSPKIXNameConstraints_Destroy
- * NSSPKIXNameConstraints_Encode
- * NSSPKIXNameConstraints_HasPermittedSubtrees
- * NSSPKIXNameConstraints_GetPermittedSubtrees
- * NSSPKIXNameConstraints_SetPermittedSubtrees
- * NSSPKIXNameConstraints_RemovePermittedSubtrees
- * NSSPKIXNameConstraints_HasExcludedSubtrees
- * NSSPKIXNameConstraints_GetExcludedSubtrees
- * NSSPKIXNameConstraints_SetExcludedSubtrees
- * NSSPKIXNameConstraints_RemoveExcludedSubtrees
- * NSSPKIXNameConstraints_Equal
- * NSSPKIXNameConstraints_Duplicate
- * { and the comparator functions }
- *
- */
-
-/*
- * NSSPKIXNameConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-NSSPKIXNameConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXNameConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-NSSPKIXNameConstraints_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralSubtrees *permittedSubtrees,
- NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * NSSPKIXNameConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_Destroy
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * NSSPKIXNameConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXNameConstraints_Encode
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNameConstraints_HasPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNameConstraints_HasPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNameConstraints_GetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXNameConstraints_GetPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNameConstraints_SetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_SetPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSPKIXGeneralSubtrees *permittedSubtrees
-);
-
-/*
- * NSSPKIXNameConstraints_RemovePermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_RemovePermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * NSSPKIXNameConstraints_HasExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNameConstraints_HasExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNameConstraints_GetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXNameConstraints_GetExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXNameConstraints_SetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_SetExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * NSSPKIXNameConstraints_RemoveExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXNameConstraints_RemoveExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * NSSPKIXNameConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXNameConstraints_Equal
-(
- NSSPKIXNameConstraints *nameConstraints1,
- NSSPKIXNameConstraints *nameConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXNameConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-NSSPKIXNameConstraints_Duplicate
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * { and the comparator functions }
- *
- */
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- * The public calls for this type:
- *
- * NSSPKIXGeneralSubtrees_Decode
- * NSSPKIXGeneralSubtrees_Create
- * NSSPKIXGeneralSubtrees_Destroy
- * NSSPKIXGeneralSubtrees_Encode
- * NSSPKIXGeneralSubtrees_GetGeneralSubtreeCount
- * NSSPKIXGeneralSubtrees_GetGeneralSubtrees
- * NSSPKIXGeneralSubtrees_SetGeneralSubtrees
- * NSSPKIXGeneralSubtrees_GetGeneralSubtree
- * NSSPKIXGeneralSubtrees_SetGeneralSubtree
- * NSSPKIXGeneralSubtrees_InsertGeneralSubtree
- * NSSPKIXGeneralSubtrees_AppendGeneralSubtree
- * NSSPKIXGeneralSubtrees_RemoveGeneralSubtree
- * NSSPKIXGeneralSubtrees_FindGeneralSubtree
- * NSSPKIXGeneralSubtrees_Equal
- * NSSPKIXGeneralSubtrees_Duplicate
- * { and finders and comparators }
- *
- */
-
-/*
- * NSSPKIXGeneralSubtrees_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXGeneralSubtrees_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXGeneralSubtrees_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralSubtree *generalSubtree1,
- ...
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_Destroy
-(
- NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralSubtrees_Encode
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_GetGeneralSubtreeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralSubtrees_GetGeneralSubtreeCount
-(
- NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * NSSPKIXGeneralSubtrees_GetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXGeneralSubtree pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree **
-NSSPKIXGeneralSubtrees_GetGeneralSubtrees
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_SetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_SetGeneralSubtrees
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXGeneralSubtrees_GetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtrees_GetGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_SetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_SetGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_InsertGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_InsertGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_AppendGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_AppendGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_RemoveGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtrees_RemoveGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i
-);
-
-/*
- * NSSPKIXGeneralSubtrees_FindGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXGeneralSubtrees_FindGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtrees_Equal
-(
- NSSPKIXGeneralSubtrees *generalSubtrees1,
- NSSPKIXGeneralSubtrees *generalSubtrees2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralSubtrees_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-NSSPKIXGeneralSubtrees_Duplicate
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSArena *arenaOpt
-);
-
-/*
- * { and finders and comparators }
- *
- */
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtree ::= SEQUENCE {
- * base GeneralName,
- * minimum [0] BaseDistance DEFAULT 0,
- * maximum [1] BaseDistance OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXGeneralSubtree_Decode
- * NSSPKIXGeneralSubtree_Create
- * NSSPKIXGeneralSubtree_Destroy
- * NSSPKIXGeneralSubtree_Encode
- * NSSPKIXGeneralSubtree_GetBase
- * NSSPKIXGeneralSubtree_SetBase
- * NSSPKIXGeneralSubtree_GetMinimum
- * NSSPKIXGeneralSubtree_SetMinimum
- * NSSPKIXGeneralSubtree_HasMaximum
- * NSSPKIXGeneralSubtree_GetMaximum
- * NSSPKIXGeneralSubtree_SetMaximum
- * NSSPKIXGeneralSubtree_RemoveMaximum
- * NSSPKIXGeneralSubtree_Equal
- * NSSPKIXGeneralSubtree_Duplicate
- * NSSPKIXGeneralSubtree_DistanceInRange
- * {other tests and comparators}
- *
- */
-
-/*
- * NSSPKIXGeneralSubtree_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtree_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXGeneralSubtree_Create
- *
- * -- fgmr comments --
- * The optional maximum value may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtree_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBaseDistance minimum,
- NSSPKIXBaseDistance maximumOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_Destroy
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXGeneralSubtree_Encode
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_GetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXGeneralSubtree_GetBase
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_SetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_SetBase
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXGeneralName *base
-);
-
-/*
- * NSSPKIXGeneralSubtree_GetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-NSSPKIXGeneralSubtree_GetMinimum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_SetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_SetMinimum
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance *minimum
-);
-
-/*
- * NSSPKIXGeneralSubtree_HasMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtree_HasMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_GetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-NSSPKIXGeneralSubtree_GetMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_SetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_SetMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance *maximum
-);
-
-/*
- * NSSPKIXGeneralSubtree_RemoveMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXGeneralSubtree_RemoveMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * NSSPKIXGeneralSubtree_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtree_Equal
-(
- NSSPKIXGeneralSubtree *generalSubtree1,
- NSSPKIXGeneralSubtree *generalSubtree2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-NSSPKIXGeneralSubtree_Duplicate
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXGeneralSubtree_DistanceInRange
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_TRUE if the specified value is within the minimum and maximum
- * base distances
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXGeneralSubtree_DistanceInRange
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance value,
- PRStatus *statusOpt
-);
-
-/*
- * {other tests and comparators}
- *
- */
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyConstraints ::= SEQUENCE {
- * requireExplicitPolicy [0] SkipCerts OPTIONAL,
- * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXPolicyConstraints_Decode
- * NSSPKIXPolicyConstraints_Create
- * NSSPKIXPolicyConstraints_Destroy
- * NSSPKIXPolicyConstraints_Encode
- * NSSPKIXPolicyConstraints_HasRequireExplicitPolicy
- * NSSPKIXPolicyConstraints_GetRequireExplicitPolicy
- * NSSPKIXPolicyConstraints_SetRequireExplicitPolicy
- * NSSPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- * NSSPKIXPolicyConstraints_HasInhibitPolicyMapping
- * NSSPKIXPolicyConstraints_GetInhibitPolicyMapping
- * NSSPKIXPolicyConstraints_SetInhibitPolicyMapping
- * NSSPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- * NSSPKIXPolicyConstraints_Equal
- * NSSPKIXPolicyConstraints_Duplicate
- *
- */
-
-/*
- * NSSPKIXPolicyConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-NSSPKIXPolicyConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXPolicyConstraints_Create
- *
- * -- fgmr comments --
- * The optional values may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-NSSPKIXPolicyConstraints_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXSkipCerts requireExplicitPolicy,
- NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * NSSPKIXPolicyConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_Destroy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXPolicyConstraints_Encode
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXPolicyConstraints_HasRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyConstraints_HasRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_GetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyConstraints_GetRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_SetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_SetRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSPKIXSkipCerts requireExplicitPolicy
-);
-
-/*
- * NSSPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_RemoveRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_HasInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyConstraints_HasInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_GetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXPolicyConstraints_GetInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_SetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_SetInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * NSSPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXPolicyConstraints_RemoveInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * NSSPKIXPolicyConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXPolicyConstraints_Equal
-(
- NSSPKIXPolicyConstraints *policyConstraints1,
- NSSPKIXPolicyConstraints *policyConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXPolicyConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-NSSPKIXPolicyConstraints_Duplicate
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- * The public calls for this type:
- *
- * NSSPKIXCRLDistPointsSyntax_Decode
- * NSSPKIXCRLDistPointsSyntax_Create
- * NSSPKIXCRLDistPointsSyntax_Destroy
- * NSSPKIXCRLDistPointsSyntax_Encode
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPointCount
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoints
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoints
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_InsertDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_AppendDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_FindDistributionPoint
- * NSSPKIXCRLDistPointsSyntax_Equal
- * NSSPKIXCRLDistPointsSyntax_Duplicate
- *
- */
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-NSSPKIXCRLDistPointsSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-NSSPKIXCRLDistPointsSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPoint *distributionPoint1,
- ...
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_Destroy
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXCRLDistPointsSyntax_Encode
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPointCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCRLDistPointsSyntax_GetDistributionPointCount
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXDistributionPoint pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoints **
-NSSPKIXCRLDistPointsSyntax_GetDistributionPoints
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSDistributionPoint *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_SetDistributionPoints
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSDistributionPoint *distributionPoint[]
- PRInt32 count
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXCRLDistPointsSyntax_GetDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_SetDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_InsertDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_InsertDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_AppendDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_AppendDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXCRLDistPointsSyntax_RemoveDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_FindDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXCRLDistPointsSyntax_FindDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXCRLDistPointsSyntax_Equal
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax1,
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXCRLDistPointsSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-NSSPKIXCRLDistPointsSyntax_Duplicate
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSArena *arenaOpt
-);
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * reasons [1] ReasonFlags OPTIONAL,
- * cRLIssuer [2] GeneralNames OPTIONAL }
- *
- * The public calls for this type:
- *
- * NSSPKIXDistributionPoint_Decode
- * NSSPKIXDistributionPoint_Create
- * NSSPKIXDistributionPoint_Destroy
- * NSSPKIXDistributionPoint_Encode
- * NSSPKIXDistributionPoint_HasDistributionPoint
- * NSSPKIXDistributionPoint_GetDistributionPoint
- * NSSPKIXDistributionPoint_SetDistributionPoint
- * NSSPKIXDistributionPoint_RemoveDistributionPoint
- * NSSPKIXDistributionPoint_HasReasons
- * NSSPKIXDistributionPoint_GetReasons
- * NSSPKIXDistributionPoint_SetReasons
- * NSSPKIXDistributionPoint_RemoveReasons
- * NSSPKIXDistributionPoint_HasCRLIssuer
- * NSSPKIXDistributionPoint_GetCRLIssuer
- * NSSPKIXDistributionPoint_SetCRLIssuer
- * NSSPKIXDistributionPoint_RemoveCRLIssuer
- * NSSPKIXDistributionPoint_Equal
- * NSSPKIXDistributionPoint_Duplicate
- *
- */
-
-/*
- * NSSPKIXDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXDistributionPoint_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXDistributionPoint_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointName *distributionPoint,
- NSSPKIXReasonFlags reasons,
- NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * NSSPKIXDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_Destroy
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDistributionPoint_Encode
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_HasDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPoint_GetDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_SetDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXDistributionPointName *name
-);
-
-/*
- * NSSPKIXDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_RemoveDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_HasReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_HasReasons
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_GetReasons
- *
- * It is unlikely that the reason flags are all zero; so zero is
- * returned in error situations.
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_REASONS
- *
- * Return value:
- * A valid nonzero NSSPKIXReasonFlags value upon success
- * A valid zero NSSPKIXReasonFlags if the value is indeed zero
- * Zero upon error
- */
-
-NSS_EXTERN NSSPKIXReasonFlags
-NSSPKIXDistributionPoint_GetReasons
-(
- NSSPKIXDistributionPoint *distributionPoint,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_SetReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_SetReasons
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXReasonFlags reasons
-);
-
-/*
- * NSSPKIXDistributionPoint_RemoveReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_REASONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_RemoveReasons
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_HasCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_HasCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_GetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_CRL_ISSUER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-NSSPKIXDistributionPoint_GetCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_SetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_SetCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * NSSPKIXDistributionPoint_RemoveCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_CRL_ISSUER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPoint_RemoveCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * NSSPKIXDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPoint_Equal
-(
- NSSPKIXDistributionPoint *distributionPoint1,
- NSSPKIXDistributionPoint *distributionPoint2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-NSSPKIXDistributionPoint_Duplicate
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPointName ::= CHOICE {
- * fullName [0] GeneralNames,
- * nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
- *
- * The public calls for this type:
- *
- * NSSPKIXDistributionPointName_Decode
- * NSSPKIXDistributionPointName_Create
- * NSSPKIXDistributionPointName_CreateFromFullName
- * NSSPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- * NSSPKIXDistributionPointName_Destroy
- * NSSPKIXDistributionPointName_Encode
- * NSSPKIXDistributionPointName_GetChoice
- * NSSPKIXDistributionPointName_GetFullName
- * NSSPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- * NSSPKIXDistributionPointName_Equal
- * NSSPKIXDistributionPointName_Duplicate
- *
- */
-
-/*
- * NSSPKIXDistributionPointName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXDistributionPointName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME_CHOICE
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointNameChoice which,
- void *name
-);
-
-/*
- * NSSPKIXDistributionPointName_CreateFromFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_CreateFromFullName
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralNames *fullName
-);
-
-/*
- * NSSPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *nameRelativeToCRLIssuer
-);
-
-/*
- * NSSPKIXDistributionPointName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXDistributionPointName_Destroy
-(
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * NSSPKIXDistributionPointName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXDistributionPointName_Encode
-(
- NSSPKIXDistributionPointName *dpn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * A valid NSSPKIXDistributionPointNameChoice value upon success
- * NSSPKIXDistributionPointNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointNameChoice
-NSSPKIXDistributionPointName_GetChoice
-(
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * NSSPKIXDistributionPointName_GetFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralnames *
-NSSPKIXDistributionPointName_GetFullName
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXDistributionPointName_GetNameRelativeToCRLIssuer
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXDistributionPointName_Equal
-(
- NSSPKIXDistributionPointName *dpn1,
- NSSPKIXDistributionPointName *dpn2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXDistributionPointName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXDistributionPointName_Duplicate
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ReasonFlags ::= BIT STRING {
- * unused (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6) }
- *
- * The public calls for this type:
- *
- * NSSPKIXReasonFlags_Decode
- * NSSPKIXReasonFlags_Create
- * NSSPKIXReasonFlags_CreateFromMask
- * NSSPKIXReasonFlags_Destroy
- * NSSPKIXReasonFlags_Encode
- * NSSPKIXReasonFlags_GetMask
- * NSSPKIXReasonFlags_SetMask
- * NSSPKIXReasonFlags_Equal
- * NSSPKIXReasonFlags_Duplicate
- * { bitwise accessors? }
- *
- */
-
-/*
- * NSSPKIXReasonFlags_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXReasonFlags_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_Create
-(
- NSSArena *arenaOpt,
- PRBool keyCompromise,
- PRBool cACompromise,
- PRBool affiliationChanged,
- PRBool superseded,
- PRBool cessationOfOperation,
- PRBool certificateHold
-);
-
-/*
- * NSSPKIXReasonFlags_CreateFromMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_CreateFromMask
-(
- NSSArena *arenaOpt,
- NSSPKIXReasonFlagsMask why
-);
-
-/*
- * NSSPKIXReasonFlags_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXReasonFlags_Destroy
-(
- NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * NSSPKIXReasonFlags_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXReasonFlags_Encode
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXReasonFlags_GetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * A valid mask of NSSPKIXReasonFlagsMask values upon success
- * NSSPKIXReasonFlagsMask_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlagsMask
-NSSPKIXReasonFlags_GetMask
-(
- NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * NSSPKIXReasonFlags_SetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXReasonFlags_SetMask
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSPKIXReasonFlagsMask mask
-);
-
-/*
- * NSSPKIXReasonFlags_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXReasonFlags_Equal
-(
- NSSPKIXReasonFlags *reasonFlags1,
- NSSPKIXReasonFlags *reasonFlags2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXReasonFlags_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXReasonFlags_Duplicate
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSArena *arenaOpt
-);
-
-/*
- * { bitwise accessors? }
- *
- */
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- * The public calls for this type:
- *
- * NSSPKIXExtKeyUsageSyntax_Decode
- * NSSPKIXExtKeyUsageSyntax_Create
- * NSSPKIXExtKeyUsageSyntax_Destroy
- * NSSPKIXExtKeyUsageSyntax_Encode
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_FindKeyPurposeId
- * NSSPKIXExtKeyUsageSyntax_Equal
- * NSSPKIXExtKeyUsageSyntax_Duplicate
- *
- */
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-NSSPKIXExtKeyUsageSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-NSSPKIXExtKeyUsageSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyPurposeId *kpid1,
- ...
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_Destroy
-(
- NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXExtKeyUsageSyntax_Encode
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
-(
- NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXKeyPurposeId pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId **
-NSSPKIXExtKeyUsageSyntax_GetKeyPurposeIds
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_SetKeyPurposeIds
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *ids[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_GetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyPurposeId upon success
- * NULL upon error
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId *
-NSSPKIXExtKeyUsageSyntax_GetKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_SetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_SetKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_InsertKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_AppendKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_FindKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified key purpose id upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXExtKeyUsageSyntax_FindKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXExtKeyUsageSyntax_Equal
-(
- NSSPKIXExtKeyUsageSyntax *eku1,
- NSSPKIXExtKeyUsageSyntax *eku2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXExtKeyUsageSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-NSSPKIXExtKeyUsageSyntax_Duplicate
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSArena *arenaOpt
-);
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityInfoAccessSyntax ::=
- * SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- * The public calls for this type:
- *
- * NSSPKIXAuthorityInfoAccessSyntax_Decode
- * NSSPKIXAuthorityInfoAccessSyntax_Create
- * NSSPKIXAuthorityInfoAccessSyntax_Destroy
- * NSSPKIXAuthorityInfoAccessSyntax_Encode
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- * NSSPKIXAuthorityInfoAccessSyntax_Equal
- * NSSPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- */
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-NSSPKIXAuthorityInfoAccessSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-NSSPKIXAuthorityInfoAccessSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAccessDescription *ad1,
- ...
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_Destroy
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAuthorityInfoAccessSyntax_Encode
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAccessDescription pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription **
-NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad[],
- PRInt32 count
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAuthorityInfoAccessSyntax_GetAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_SetAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXAuthorityInfoAccessSyntax_FindAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAuthorityInfoAccessSyntax_Equal
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias1,
- NSSPKIXAuthorityInfoAccessSyntax *aias2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-NSSPKIXAuthorityInfoAccessSyntax_Duplicate
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSArena *arenaOpt
-);
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AccessDescription ::= SEQUENCE {
- * accessMethod OBJECT IDENTIFIER,
- * accessLocation GeneralName }
- *
- * The public calls for this type:
- *
- * NSSPKIXAccessDescription_Decode
- * NSSPKIXAccessDescription_Create
- * NSSPKIXAccessDescription_Destroy
- * NSSPKIXAccessDescription_Encode
- * NSSPKIXAccessDescription_GetAccessMethod
- * NSSPKIXAccessDescription_SetAccessMethod
- * NSSPKIXAccessDescription_GetAccessLocation
- * NSSPKIXAccessDescription_SetAccessLocation
- * NSSPKIXAccessDescription_Equal
- * NSSPKIXAccessDescription_Duplicate
- *
- */
-
-/*
- * NSSPKIXAccessDescription_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAccessDescription_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXAccessDescription_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAccessDescription_Create
-(
- NSSArena *arenaOpt,
- NSSOID *accessMethod,
- NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * NSSPKIXAccessDescription_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAccessDescription_Destroy
-(
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAccessDescription_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXAccessDescription_Encode
-(
- NSSPKIXAccessDescription *ad,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAccessDescription_GetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-NSSPKIXAccessDescription_GetAccessMethod
-(
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * NSSPKIXAccessDescription_SetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAccessDescription_SetAccessMethod
-(
- NSSPKIXAccessDescription *ad,
- NSSOID *accessMethod
-);
-
-/*
- * NSSPKIXAccessDescription_GetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-NSSPKIXAccessDescription_GetAccessLocation
-(
- NSSPKIXAccessDescription *ad,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXAccessDescription_SetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAccessDescription_SetAccessLocation
-(
- NSSPKIXAccessDescription *ad,
- NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * NSSPKIXAccessDescription_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXAccessDescription_Equal
-(
- NSSPKIXAccessDescription *ad1,
- NSSPKIXAccessDescription *ad2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXAccessDescription_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-NSSPKIXAccessDescription_Duplicate
-(
- NSSPKIXAccessDescription *ad,
- NSSArena *arenaOpt
-);
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuingDistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
- * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
- * onlySomeReasons [3] ReasonFlags OPTIONAL,
- * indirectCRL [4] BOOLEAN DEFAULT FALSE }
- *
- * The public calls for this type:
- *
- * NSSPKIXIssuingDistributionPoint_Decode
- * NSSPKIXIssuingDistributionPoint_Create
- * NSSPKIXIssuingDistributionPoint_Destroy
- * NSSPKIXIssuingDistributionPoint_Encode
- * NSSPKIXIssuingDistributionPoint_HasDistributionPoint
- * NSSPKIXIssuingDistributionPoint_GetDistributionPoint
- * NSSPKIXIssuingDistributionPoint_SetDistributionPoint
- * NSSPKIXIssuingDistributionPoint_RemoveDistributionPoint
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- * NSSPKIXIssuingDistributionPoint_HasOnlySomeReasons
- * NSSPKIXIssuingDistributionPoint_GetOnlySomeReasons
- * NSSPKIXIssuingDistributionPoint_SetOnlySomeReasons
- * NSSPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- * NSSPKIXIssuingDistributionPoint_GetIndirectCRL
- * NSSPKIXIssuingDistributionPoint_SetIndirectCRL
- * NSSPKIXIssuingDistributionPoint_Equal
- * NSSPKIXIssuingDistributionPoint_Duplicate
- *
- */
-
-/*
- * NSSPKIXIssuingDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-NSSPKIXIssuingDistributionPoint_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-NSSPKIXIssuingDistributionPoint_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointName *distributionPointOpt,
- PRBool onlyContainsUserCerts,
- PRBool onlyContainsCACerts,
- NSSPKIXReasonFlags *onlySomeReasons
- PRBool indirectCRL
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_Destroy
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-NSSPKIXIssuingDistributionPoint_Encode
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_HasDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-NSSPKIXIssuingDistributionPoint_GetDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_RemoveDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the onlyContainsUserCerts value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool onlyContainsUserCerts
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the onlyContainsCACerts value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool onlyContainsCACerts
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_HasOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_HasOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-NSSPKIXIssuingDistributionPoint_GetOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSPKIXReasonFlags *onlySomeReasons
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_GetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the indirectCRL value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_GetIndirectCRL
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_SetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXIssuingDistributionPoint_SetIndirectCRL
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool indirectCRL
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXIssuingDistributionPoint_Equal
-(
- NSSPKIXIssuingDistributionPoint *idp1,
- NSSPKIXIssuingDistributionPoint *idp2,
- PRStatus *statusOpt
-);
-
-/*
- * NSSPKIXIssuingDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-NSSPKIXIssuingDistributionPoint_Duplicate
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIX_H */
diff --git a/security/nss/lib/pkix/include/nsspkixt.h b/security/nss/lib/pkix/include/nsspkixt.h
deleted file mode 100644
index ea35269ff..000000000
--- a/security/nss/lib/pkix/include/nsspkixt.h
+++ /dev/null
@@ -1,2281 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef NSSPKIXT_H
-#define NSSPKIXT_H
-
-#ifdef DEBUG
-static const char NSSPKIXT_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * nsspkixt.h
- *
- * This file contains the public type definitions for the PKIX part-1
- * objects. The contents are strongly based on the types defined in
- * RFC 2459 {fgmr: and others, e.g., s/mime?}. The type names have
- * been prefixed with "NSSPKIX."
- */
-
-#ifndef NSSBASET_H
-#include "nssbaset.h"
-#endif /* NSSBASET_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A Note About Strings
- *
- * RFC 2459 refers to several types of strings, including UniversalString,
- * BMPString, UTF8String, TeletexString, PrintableString, IA5String, and
- * more. As with the rest of the NSS libraries, all strings are converted
- * to UTF8 form as soon as possible, and dealt with in that form from
- * then on.
- *
- */
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Attribute ::= SEQUENCE {
- * type AttributeType,
- * values SET OF AttributeValue
- * -- at least one value is required -- }
- *
- */
-
-struct NSSPKIXAttributeStr;
-typedef struct NSSPKIXAttributeStr NSSPKIXAttribute;
-
-/*
- * AttributeType
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AttributeType ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXAttributeType;
-
-/*
- * AttributeValue
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AttributeValue ::= ANY
- *
- */
-
-typedef NSSItem NSSPKIXAttributeValue;
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNamess consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type AttributeType,
- * value AttributeValue }
- *
- */
-
-struct NSSPKIXAttributeTypeAndValueStr;
-typedef struct NSSPKIXAttributeTypeAndValueStr NSSPKIXAttributeTypeAndValue;
-
-/*
- * X520Name
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520name ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-name)),
- * printableString PrintableString (SIZE (1..ub-name)),
- * universalString UniversalString (SIZE (1..ub-name)),
- * utf8String UTF8String (SIZE (1..ub-name)),
- * bmpString BMPString (SIZE(1..ub-name)) }
- *
- */
-
-struct NSSPKIXX520NameStr;
-typedef struct NSSPKIXX520NameStr NSSPKIXX520Name;
-
-/*
- * X520CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520CommonName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-common-name)),
- * printableString PrintableString (SIZE (1..ub-common-name)),
- * universalString UniversalString (SIZE (1..ub-common-name)),
- * utf8String UTF8String (SIZE (1..ub-common-name)),
- * bmpString BMPString (SIZE(1..ub-common-name)) }
- *
- */
-
-struct NSSPKIXX520CommonNameStr;
-typedef struct NSSPKIXX520CommonNameStr NSSPKIXX520CommonName;
-
-/*
- * X520LocalityName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520LocalityName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-locality-name)),
- * printableString PrintableString (SIZE (1..ub-locality-name)),
- * universalString UniversalString (SIZE (1..ub-locality-name)),
- * utf8String UTF8String (SIZE (1..ub-locality-name)),
- * bmpString BMPString (SIZE(1..ub-locality-name)) }
- *
- */
-
-struct NSSPKIXX520LocalityNameStr;
-typedef struct NSSPKIXX520LocalityNameStr NSSPKIXX520LocalityName;
-
-/*
- * X520StateOrProvinceName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520StateOrProvinceName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-state-name)),
- * printableString PrintableString (SIZE (1..ub-state-name)),
- * universalString UniversalString (SIZE (1..ub-state-name)),
- * utf8String UTF8String (SIZE (1..ub-state-name)),
- * bmpString BMPString (SIZE(1..ub-state-name)) }
- *
- */
-
-struct NSSPKIXX520StateOrProvinceNameStr;
-typedef struct NSSPKIXX520StateOrProvinceNameStr NSSPKIXX520StateOrProvinceName;
-
-/*
- * X520OrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organization-name)),
- * printableString PrintableString (SIZE (1..ub-organization-name)),
- * universalString UniversalString (SIZE (1..ub-organization-name)),
- * utf8String UTF8String (SIZE (1..ub-organization-name)),
- * bmpString BMPString (SIZE(1..ub-organization-name)) }
- *
- */
-
-struct NSSPKIXX520OrganizationNameStr;
-typedef struct NSSPKIXX520OrganizationNameStr NSSPKIXX520OrganizationName;
-
-/*
- * X520OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationalUnitName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organizational-unit-name)),
- * printableString PrintableString
- * (SIZE (1..ub-organizational-unit-name)),
- * universalString UniversalString
- * (SIZE (1..ub-organizational-unit-name)),
- * utf8String UTF8String (SIZE (1..ub-organizational-unit-name)),
- * bmpString BMPString (SIZE(1..ub-organizational-unit-name)) }
- *
- */
-
-struct NSSPKIXX520OrganizationalUnitNameStr;
-typedef struct NSSPKIXX520OrganizationalUnitNameStr NSSPKIXX520OrganizationalUnitName;
-
-/*
- * X520Title
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520Title ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-title)),
- * printableString PrintableString (SIZE (1..ub-title)),
- * universalString UniversalString (SIZE (1..ub-title)),
- * utf8String UTF8String (SIZE (1..ub-title)),
- * bmpString BMPString (SIZE(1..ub-title)) }
- *
- */
-
-struct NSSPKIXX520TitleStr;
-typedef struct NSSPKIXX520TitleStr NSSPKIXX520Title;
-
-/*
- * X520dnQualifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520dnQualifier ::= PrintableString
- *
- */
-
-struct NSSPKIXX520dnQualifierStr;
-typedef struct NSSPKIXX520dnQualifierStr NSSPKIXX520dnQualifier;
-
-/*
- * X520countryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes
- *
- */
-
-struct NSSPKIXX520countryNameStr;
-typedef struct NSSPKIXX520countryNameStr NSSPKIXX520countryName;
-
-/*
- * Pkcs9email
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
- *
- */
-
-struct NSSPKIXPkcs9emailStr;
-typedef struct NSSPKIXPkcs9emailStr NSSPKIXPkcs9email;
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- */
-
-struct NSSPKIXNameStr;
-typedef struct NSSPKIXNameStr NSSPKIXName;
-
-/*
- * NameChoice
- *
- * This enumeration is used to specify choice within a name.
- */
-
-enum NSSPKIXNameChoiceEnum {
- NSSPKIXNameChoice_NSSinvalid = -1,
- NSSPKIXNameChoice_rdnSequence
-};
-typedef enum NSSPKIXNameChoiceEnum NSSPKIXNameChoice;
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- */
-
-struct NSSPKIXRDNSequenceStr;
-typedef struct NSSPKIXRDNSequenceStr NSSPKIXRDNSequence;
-
-/*
- * DistinguishedName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistinguishedName ::= RDNSequence
- *
- */
-
-typedef NSSPKIXRDNSequence NSSPKIXDistinguishedName;
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- */
-
-struct NSSPKIXRelativeDistinguishedNameStr;
-typedef struct NSSPKIXRelativeDistinguishedNameStr NSSPKIXRelativeDistinguishedName;
-
-/*
- * DirectoryString
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DirectoryString ::= CHOICE {
- * teletexString TeletexString (SIZE (1..MAX)),
- * printableString PrintableString (SIZE (1..MAX)),
- * universalString UniversalString (SIZE (1..MAX)),
- * utf8String UTF8String (SIZE (1..MAX)),
- * bmpString BMPString (SIZE(1..MAX)) }
- *
- */
-
-struct NSSPKIXDirectoryStringStr;
-typedef struct NSSPKIXDirectoryStringStr NSSPKIXDirectoryString;
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Certificate ::= SEQUENCE {
- * tbsCertificate TBSCertificate,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- */
-
-struct NSSPKIXCertificateStr;
-typedef struct NSSPKIXCertificateStr NSSPKIXCertificate;
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertificate ::= SEQUENCE {
- * version [0] Version DEFAULT v1,
- * serialNumber CertificateSerialNumber,
- * signature AlgorithmIdentifier,
- * issuer Name,
- * validity Validity,
- * subject Name,
- * subjectPublicKeyInfo SubjectPublicKeyInfo,
- * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * extensions [3] Extensions OPTIONAL
- * -- If present, version shall be v3 -- }
- *
- */
-
-struct NSSPKIXTBSCertificateStr;
-typedef struct NSSPKIXTBSCertificateStr NSSPKIXTBSCertificate;
-
-/*
- * Version
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Version ::= INTEGER { v1(0), v2(1), v3(2) }
- *
- */
-
-enum NSSPKIXVersionEnum {
- NSSPKIXVersion_NSSinvalid = -1,
- NSSPKIXVersion_v1 = 0,
- NSSPKIXVersion_v2 = 1,
- NSSPKIXVersion_v3 = 2
-};
-typedef enum NSSPKIXVersionEnum NSSPKIXVersion;
-
-/*
- * CertificateSerialNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateSerialNumber ::= INTEGER
- *
- */
-
-typedef NSSBER NSSPKIXCertificateSerialNumber;
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Validity ::= SEQUENCE {
- * notBefore Time,
- * notAfter Time }
- *
- */
-
-struct NSSPKIXValidityStr;
-typedef struct NSSPKIXValidityStr NSSPKIXValidity;
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Time ::= CHOICE {
- * utcTime UTCTime,
- * generalTime GeneralizedTime }
- *
- */
-
-struct NSSPKIXTimeStr;
-typedef struct NSSPKIXTimeStr NSSPKIXTime;
-
-/*
- * UniqueIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UniqueIdentifier ::= BIT STRING
- *
- */
-
-typedef NSSBitString NSSPKIXUniqueIdentifier;
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- *
- */
-
-struct NSSPKIXSubjectPublicKeyInfoStr;
-typedef NSSPKIXSubjectPublicKeyInfoStr NSSPKIXSubjectPublicKeyInfo;
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-struct NSSPKIXExtensionsStr;
-typedef struct NSSPKIXExtensionsStr NSSPKIXExtensions;
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extension ::= SEQUENCE {
- * extnID OBJECT IDENTIFIER,
- * critical BOOLEAN DEFAULT FALSE,
- * extnValue OCTET STRING }
- *
- */
-
-struct NSSPKIXExtensionStr;
-typedef struct NSSPKIXExtensionStr NSSPKIXExtension;
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateList ::= SEQUENCE {
- * tbsCertList TBSCertList,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- */
-
-struct NSSPKIXCertificateListStr;
-typedef struct NSSPKIXCertificateListStr NSSPKIXCertificateList;
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertList ::= SEQUENCE {
- * version Version OPTIONAL,
- * -- if present, shall be v2
- * signature AlgorithmIdentifier,
- * issuer Name,
- * thisUpdate Time,
- * nextUpdate Time OPTIONAL,
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- * crlExtensions [0] Extensions OPTIONAL
- * -- if present, shall be v2 -- }
- *
- */
-
-struct NSSPKIXTBSCertListStr;
-typedef struct NSSPKIXTBSCertListStr NSSPKIXTBSCertList;
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificatesStr;
-typedef struct NSSPKIXrevokedCertificatesStr NSSPKIXrevokedCertificates;
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificateStr;
-typedef struct NSSPKIXrevokedCertificateStr NSSPKIXrevokedCertificate;
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL }
- * -- contains a value of the type
- * -- registered for use with the
- * -- algorithm object identifier value
- *
- *
- */
-
-struct NSSPKIXAlgorithmIdentifierStr;
-typedef NSSPKIXAlgorithmIdentifierStr NSSPKIXAlgorithmIdentifier;
-
-/*
- * -- types related to NSSPKIXAlgorithmIdentifiers:
- *
- * Dss-Sig-Value ::= SEQUENCE {
- * r INTEGER,
- * s INTEGER }
- *
- * DomainParameters ::= SEQUENCE {
- * p INTEGER, -- odd prime, p=jq +1
- * g INTEGER, -- generator, g
- * q INTEGER, -- factor of p-1
- * j INTEGER OPTIONAL, -- subgroup factor, j>= 2
- * validationParms ValidationParms OPTIONAL }
- *
- * ValidationParms ::= SEQUENCE {
- * seed BIT STRING,
- * pgenCounter INTEGER }
- *
- * Dss-Parms ::= SEQUENCE {
- * p INTEGER,
- * q INTEGER,
- * g INTEGER }
- *
- */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ORAddress ::= SEQUENCE {
- * built-in-standard-attributes BuiltInStandardAttributes,
- * built-in-domain-defined-attributes
- * BuiltInDomainDefinedAttributes OPTIONAL,
- * -- see also teletex-domain-defined-attributes
- * extension-attributes ExtensionAttributes OPTIONAL }
- * -- The OR-address is semantically absent from the OR-name if the
- * -- built-in-standard-attribute sequence is empty and the
- * -- built-in-domain-defined-attributes and extension-attributes are
- * -- both omitted.
- *
- */
-
-struct NSSPKIXORAddressStr;
-typedef struct NSSPKIXORAddressStr NSSPKIXORAddress;
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInStandardAttributes ::= SEQUENCE {
- * country-name CountryName OPTIONAL,
- * administration-domain-name AdministrationDomainName OPTIONAL,
- * network-address [0] NetworkAddress OPTIONAL,
- * -- see also extended-network-address
- * terminal-identifier [1] TerminalIdentifier OPTIONAL,
- * private-domain-name [2] PrivateDomainName OPTIONAL,
- * organization-name [3] OrganizationName OPTIONAL,
- * -- see also teletex-organization-name
- * numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
- * personal-name [5] PersonalName OPTIONAL,
- * -- see also teletex-personal-name
- * organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
- * -- see also teletex-organizational-unit-names -- }
- *
- */
-
-struct NSSPKIXBuiltInStandardAttributesStr;
-typedef struct NSSPKIXBuiltInStandardAttributesStr NSSPKIXBuiltInStandardAttributes;
-
-/*
- * CountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CountryName ::= [APPLICATION 1] CHOICE {
- * x121-dcc-code NumericString
- * (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- */
-
-struct NSSPKIXCountryNameStr;
-typedef struct NSSPKIXCountryNameStr NSSPKIXCountryName;
-
-/*
- * AdministrationDomainName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AdministrationDomainName ::= [APPLICATION 2] CHOICE {
- * numeric NumericString (SIZE (0..ub-domain-name-length)),
- * printable PrintableString (SIZE (0..ub-domain-name-length)) }
- *
- */
-
-struct NSSPKIXAdministrationDomainNameStr;
-typedef struct NSSPKIXAdministrationDomainNameStr NSSPKIXAdministrationDomainName;
-
-/*
- * X121Address
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
- *
- */
-
-struct NSSPKIXX121AddressStr;
-typedef struct NSSPKIXX121AddressStr NSSPKIXX121Address;
-
-/*
- * NetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NetworkAddress ::= X121Address -- see also extended-network-address
- *
- */
-
-struct NSSPKIXNetworkAddressStr;
-typedef struct NSSPKIXNetworkAddressStr NSSPKIXNetworkAddress;
-
-/*
- * TerminalIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
- *
- */
-
-struct NSSPKIXTerminalIdentifierStr;
-typedef struct NSSPKIXTerminalIdentifierStr NSSPKIXTerminalIdentifier;
-
-/*
- * PrivateDomainName
- *
- * -- fgmr comments --
- *
- * PrivateDomainName ::= CHOICE {
- * numeric NumericString (SIZE (1..ub-domain-name-length)),
- * printable PrintableString (SIZE (1..ub-domain-name-length)) }
- *
- */
-
-struct NSSPKIXPrivateDomainNameStr;
-typedef struct NSSPKIXPrivateDomainNameStr NSSPKIXPrivateDomainName;
-
-/*
- * OrganizationName
- *
- * -- fgmr comments --
- *
- * OrganizationName ::= PrintableString
- * (SIZE (1..ub-organization-name-length))
- *
- */
-
-struct NSSPKIXOrganizationNameStr;
-typedef struct NSSPKIXOrganizationNameStr NSSPKIXOrganizationName;
-
-/*
- * NumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NumericUserIdentifier ::= NumericString
- * (SIZE (1..ub-numeric-user-id-length))
- *
- */
-
-struct NSSPKIXNumericUserIdentifierStr;
-typedef struct NSSPKIXNumericUserIdentifierStr NSSPKIXNumericUserIdentifier;
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PersonalName ::= SET {
- * surname [0] PrintableString (SIZE (1..ub-surname-length)),
- * given-name [1] PrintableString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] PrintableString
- * (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPersonalNameStr;
-typedef NSSPKIXPersonalNameStr NSSPKIXPersonalName;
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- * OF OrganizationalUnitName
- *
- */
-
-struct NSSPKIXOrganizationalUnitNamesStr;
-typedef NSSPKIXOrganizationalUnitNamesStr NSSPKIXOrganizationalUnitNames;
-
-/*
- * OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitName ::= PrintableString (SIZE
- * (1..ub-organizational-unit-name-length))
- *
- */
-
-struct NSSPKIXOrganizationalUnitNameStr;
-typedef struct NSSPKIXOrganizationalUnitNameStr NSSPKIXOrganizationalUnitName;
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF
- * BuiltInDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributesStr;
-typedef struct NSSPKIXBuiltInDomainDefinedAttributesStr NSSPKIXBuiltInDomainDefinedAttributes;
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttribute ::= SEQUENCE {
- * type PrintableString (SIZE
- * (1..ub-domain-defined-attribute-type-length)),
- * value PrintableString (SIZE
- * (1..ub-domain-defined-attribute-value-length))}
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributeStr;
-typedef struct NSSPKIXBuiltInDomainDefinedAttributeStr NSSPKIXBuiltInDomainDefinedAttribute;
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- * ExtensionAttribute
- *
- */
-
-struct NSSPKIXExtensionAttributesStr;
-typedef struct NSSPKIXExtensionAttributesStr NSSPKIXExtensionAttributes;
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttribute ::= SEQUENCE {
- * extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- * extension-attribute-value [1]
- * ANY DEFINED BY extension-attribute-type }
- *
- */
-
-struct NSSPKIXExtensionAttributeStr;
-typedef struct NSSPKIXExtensionAttributeStr NSSPKIXExtensionAttribute;
-
-/*
- * ExtensionAttributeType
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * common-name INTEGER ::= 1
- * teletex-common-name INTEGER ::= 2
- * teletex-organization-name INTEGER ::= 3
- * teletex-personal-name INTEGER ::= 4
- * teletex-organizational-unit-names INTEGER ::= 5
- * teletex-domain-defined-attributes INTEGER ::= 6
- * pds-name INTEGER ::= 7
- * physical-delivery-country-name INTEGER ::= 8
- * postal-code INTEGER ::= 9
- * physical-delivery-office-name INTEGER ::= 10
- * physical-delivery-office-number INTEGER ::= 11
- * extension-OR-address-components INTEGER ::= 12
- * physical-delivery-personal-name INTEGER ::= 13
- * physical-delivery-organization-name INTEGER ::= 14
- * extension-physical-delivery-address-components INTEGER ::= 15
- * unformatted-postal-address INTEGER ::= 16
- * street-address INTEGER ::= 17
- * post-office-box-address INTEGER ::= 18
- * poste-restante-address INTEGER ::= 19
- * unique-postal-name INTEGER ::= 20
- * local-postal-attributes INTEGER ::= 21
- * extended-network-address INTEGER ::= 22
- * terminal-type INTEGER ::= 23
- *
- */
-
-enum NSSPKIXExtensionAttributeTypeEnum {
- NSSPKIXExtensionAttributeType_NSSinvalid = -1,
- NSSPKIXExtensionAttributeType_CommonName = 1,
- NSSPKIXExtensionAttributeType_TeletexCommonName = 2,
- NSSPKIXExtensionAttributeType_TeletexOrganizationName = 3,
- NSSPKIXExtensionAttributeType_TeletexPersonalName = 4,
- NSSPKIXExtensionAttributeType_TeletexOrganizationalUnitNames = 5,
- NSSPKIXExtensionAttributeType_TeletexDomainDefinedAttributes = 6,
- NSSPKIXExtensionAttributeType_PdsName = 7,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryCountryName = 8,
- NSSPKIXExtensionAttributeType_PostalCode = 9,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryOfficeName = 10,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryOfficeNumber = 11,
- NSSPKIXExtensionAttributeType_ExtensionOrAddressComponents = 12,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryPersonalName = 13,
- NSSPKIXExtensionAttributeType_PhysicalDeliveryOrganizationName = 14,
- NSSPKIXExtensionAttributeType_ExtensionPhysicalDeliveryAddressComponents = 15,
- NSSPKIXExtensionAttributeType_UnformattedPostalAddress = 16,
- NSSPKIXExtensionAttributeType_StreetAddress = 17,
- NSSPKIXExtensionAttributeType_PostOfficeBoxAddress = 18,
- NSSPKIXExtensionAttributeType_PosteRestanteAddress = 19,
- NSSPKIXExtensionAttributeType_UniquePostalName = 20,
- NSSPKIXExtensionAttributeType_LocalPostalAttributes = 21,
- NSSPKIXExtensionAttributeType_ExtendedNetworkAddress = 22,
- NSSPKIXExtensionAttributeType_TerminalType = 23
-};
-typedef enum NSSPKIXExtensionAttributeTypeEnum NSSPKIXExtensionAttributeType;
-
-/*
- * CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
- *
- */
-
-struct NSSPKIXCommonNameStr;
-typedef struct NSSPKIXCommonNameStr NSSPKIXCommonName;
-
-/*
- * TeletexCommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
- *
- */
-
-struct NSSPKIXTeletexCommonNameStr;
-typedef struct NSSPKIXTeletexCommonNameStr NSSPKIXTeletexCommonName;
-
-/*
- * TeletexOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationName ::=
- * TeletexString (SIZE (1..ub-organization-name-length))
- *
- */
-
-struct NSSPKIXTeletexOrganizationNameStr;
-typedef struct NSSPKIXTeletexOrganizationNameStr NSSPKIXTeletexOrganizationName;
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexPersonalName ::= SET {
- * surname [0] TeletexString (SIZE (1..ub-surname-length)),
- * given-name [1] TeletexString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] TeletexString (SIZE
- * (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXTeletexPersonalNameStr;
-typedef struct NSSPKIXTeletexPersonalNameStr NSSPKIXTeletexPersonalName;
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- * (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- */
-
-struct NSSPKIXTeletexOrganizationalUnitNamesStr;
-typedef struct NSSPKIXTeletexOrganizationalUnitNamesStr NSSPKIXTeletexOrganizationalUnitNames;
-
-/*
- * TeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitName ::= TeletexString
- * (SIZE (1..ub-organizational-unit-name-length))
- *
- */
-
-struct NSSPKIXTeletexOrganizationalUnitNameStr;
-typedef struct NSSPKIXTeletexOrganizationalUnitNameStr NSSPKIXTeletexOrganizationalUnitName;
-
-/*
- * PDSName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
- *
- */
-
-struct NSSPKIXPDSNameStr;
-typedef struct NSSPKIXPDSNameStr NSSPKIXPDSName;
-
-/*
- * PhysicalDeliveryCountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryCountryName ::= CHOICE {
- * x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- */
-
-struct NSSPKIXPhysicalDeliveryCountryNameStr;
-typedef struct NSSPKIXPhysicalDeliveryCountryNameStr NSSPKIXPhysicalDeliveryCountryName;
-
-/*
- * PostalCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PostalCode ::= CHOICE {
- * numeric-code NumericString (SIZE (1..ub-postal-code-length)),
- * printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
- *
- */
-
-struct NSSPKIXPostalCodeStr;
-typedef struct NSSPKIXPostalCodeStr NSSPKIXPostalCode;
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSParameter ::= SET {
- * printable-string PrintableString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPDSParameterStr;
-typedef struct NSSPKIXPDSParameterStr NSSPKIXPDSParameter;
-
-/*
- * PhysicalDeliveryOfficeName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryOfficeName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryOfficeName;
-
-/*
- * PhysicalDeliveryOfficeNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryOfficeNumber ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryOfficeNumber;
-
-/*
- * ExtensionORAddressComponents
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionORAddressComponents ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXExtensionORAddressComponents;
-
-/*
- * PhysicalDeliveryPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryPersonalName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryPersonalName;
-
-/*
- * PhysicalDeliveryOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryOrganizationName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPhysicalDeliveryOrganizationName;
-
-/*
- * ExtensionPhysicalDeliveryAddressComponents
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXExtensionPhysicalDeliveryAddressComponents;
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UnformattedPostalAddress ::= SET {
- * printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- * PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXUnformattedPostalAddressStr;
-typedef struct NSSPKIXUnformattedPostalAddressStr NSSPKIXUnformattedPostalAddress;
-
-/*
- * StreetAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * StreetAddress ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXStreetAddress;
-
-/*
- * PostOfficeBoxAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PostOfficeBoxAddress ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPostOfficeBoxAddress;
-
-/*
- * PosteRestanteAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PosteRestanteAddress ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXPosteRestanteAddress;
-
-/*
- * UniquePostalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UniquePostalName ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXUniquePostalName;
-
-/*
- * LocalPostalAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * LocalPostalAttributes ::= PDSParameter
- *
- */
-
-typedef NSSPKIXPDSParameter NSSPKIXLocalPostalAttributes;
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtendedNetworkAddress ::= CHOICE {
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * psap-address [0] PresentationAddress }
- *
- */
-
-struct NSSPKIXExtendedNetworkAddressStr;
-typedef struct NSSPKIXExtendedNetworkAddressStr NSSPKIXExtendedNetworkAddress;
-
-/*
- * NSSPKIXExtendedNetworkAddressChoice
- *
- * Helper enumeration for ExtendedNetworkAddress
- * -- fgmr comments --
- *
- */
-
-enum NSSPKIXExtendedNetworkAddressEnum {
- NSSPKIXExtendedNetworkAddress_NSSinvalid = -1,
- NSSPKIXExtendedNetworkAddress_e1634Address,
- NSSPKIXExtendedNetworkAddress_psapAddress
-};
-typedef enum NSSPKIXExtendedNetworkAddressEnum NSSPKIXExtendedNetworkAddressChoice;
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *
- */
-
-struct NSSe1634addressStr;
-typedef struct NSSe1634addressStr NSSe1634address;
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PresentationAddress ::= SEQUENCE {
- * pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
- * sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
- * tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
- * nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- */
-
-struct NSSPKIXPresentationAddressStr;
-typedef struct NSSPKIXPresentationAddressStr NSSPKIXPresentationAddress;
-
-/*
- * TerminalType
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TerminalType ::= INTEGER {
- * telex (3),
- * teletex (4),
- * g3-facsimile (5),
- * g4-facsimile (6),
- * ia5-terminal (7),
- * videotex (8) } (0..ub-integer-options)
- *
- */
-
-enum NSSPKIXTerminalTypeEnum {
- NSSPKIXTerminalType_NSSinvalid = -1,
- NSSPKIXTerminalType_telex = 3,
- NSSPKIXTerminalType_teletex = 4,
- NSSPKIXTerminalType_g3Facsimile = 5,
- NSSPKIXTerminalType_g4Facsimile = 6,
- NSSPKIXTerminalType_iA5Terminal = 7,
- NSSPKIXTerminalType_videotex = 8
-};
-typedef enum NSSPKIXTerminalTypeEnum NSSPKIXTerminalType;
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributesStr;
-typedef struct NSSPKIXTeletexDomainDefinedAttributesStr NSSPKIXTeletexDomainDefinedAttributes;
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttribute ::= SEQUENCE {
- * type TeletexString
- * (SIZE (1..ub-domain-defined-attribute-type-length)),
- * value TeletexString
- * (SIZE (1..ub-domain-defined-attribute-value-length)) }
- *
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributeStr;
-typedef struct NSSPKIXTeletexDomainDefinedAttributeStr NSSPKIXTeletexDomainDefinedAttribute;
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityKeyIdentifier ::= SEQUENCE {
- * keyIdentifier [0] KeyIdentifier OPTIONAL,
- * authorityCertIssuer [1] GeneralNames OPTIONAL,
- * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
- * -- authorityCertIssuer and authorityCertSerialNumber shall both
- * -- be present or both be absent
- *
- */
-
-struct NSSPKIXAuthorityKeyIdentifierStr;
-typedef struct NSSPKIXAuthorityKeyIdentifierStr NSSPKIXAuthorityKeyIdentifier;
-
-/*
- * KeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyIdentifier ::= OCTET STRING
- *
- */
-
-typedef NSSItem NSSPKIXKeyIdentifier;
-
-/*
- * SubjectKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectKeyIdentifier ::= KeyIdentifier
- *
- */
-
-typedef NSSPKIXKeyIdentifier NSSPKIXSubjectKeyIdentifier;
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyUsage ::= BIT STRING {
- * digitalSignature (0),
- * nonRepudiation (1),
- * keyEncipherment (2),
- * dataEncipherment (3),
- * keyAgreement (4),
- * keyCertSign (5),
- * cRLSign (6),
- * encipherOnly (7),
- * decipherOnly (8) }
- *
- */
-
-struct NSSPKIXKeyUsageStr;
-typedef struct NSSPKIXKeyUsageStr NSSPKIXKeyUsage;
-
-/*
- * KeyUsageValue
- *
- * -- helper for testing many key usages at once
- *
- */
-
-enum NSSPKIXKeyUsageValueEnum {
- NSSPKIXKeyUsage_NSSinvalid = 0,
- NSSPKIXKeyUsage_DigitalSignature = 0x001,
- NSSPKIXKeyUsage_NonRepudiation = 0x002,
- NSSPKIXKeyUsage_KeyEncipherment = 0x004,
- NSSPKIXKeyUsage_DataEncipherment = 0x008,
- NSSPKIXKeyUsage_KeyAgreement = 0x010,
- NSSPKIXKeyUsage_KeyCertSign = 0x020,
- NSSPKIXKeyUsage_CRLSign = 0x040,
- NSSPKIXKeyUsage_EncipherOnly = 0x080,
- NSSPKIXKeyUsage_DecipherOnly = 0x100
-};
-typedef enum NSSPKIXKeyUsageValueEnum NSSPKIXKeyUsageValue;
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PrivateKeyUsagePeriod ::= SEQUENCE {
- * notBefore [0] GeneralizedTime OPTIONAL,
- * notAfter [1] GeneralizedTime OPTIONAL }
- * -- either notBefore or notAfter shall be present
- *
- */
-
-struct NSSPKIXPrivateKeyUsagePeriodStr;
-typedef struct NSSPKIXPrivateKeyUsagePeriodStr NSSPKIXPrivateKeyUsagePeriod;
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- */
-
-struct NSSPKIXCertificatePoliciesStr;
-typedef struct NSSPKIXCertificatePoliciesStr NSSPKIXCertificatePolicies;
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyInformation ::= SEQUENCE {
- * policyIdentifier CertPolicyId,
- * policyQualifiers SEQUENCE SIZE (1..MAX) OF
- * PolicyQualifierInfo OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyInformationStr;
-typedef struct NSSPKIXPolicyInformationStr NSSPKIXPolicyInformation;
-
-/*
- * CertPolicyId
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertPolicyId ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXCertPolicyId;
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierInfo ::= SEQUENCE {
- * policyQualifierId PolicyQualifierId,
- * qualifier ANY DEFINED BY policyQualifierId }
- *
- */
-
-struct NSSPKIXPolicyQualifierInfoStr;
-typedef NSSPKIXPolicyQualifierInfoStr NSSPKIXPolicyQualifierInfo;
-
-/*
- * PolicyQualifierId
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierId ::=
- * OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
- *
- */
-
-typedef NSSOID NSSPKIXPolicyQualifierId;
-
-/*
- * CPSuri
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CPSuri ::= IA5String
- *
- */
-
-struct NSSPKIXCPSuriStr;
-typedef struct NSSPKIXCPSuriStr NSSPKIXCPSuri;
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UserNotice ::= SEQUENCE {
- * noticeRef NoticeReference OPTIONAL,
- * explicitText DisplayText OPTIONAL}
- *
- */
-
-struct NSSPKIXUserNoticeStr;
-typedef struct NSSPKIXUserNoticeStr NSSPKIXUserNotice;
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NoticeReference ::= SEQUENCE {
- * organization DisplayText,
- * noticeNumbers SEQUENCE OF INTEGER }
- *
- */
-
-struct NSSPKIXNoticeReferenceStr;
-typedef struct NSSPKIXNoticeReferenceStr NSSPKIXNoticeReference;
-
-/*
- * DisplayText
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DisplayText ::= CHOICE {
- * visibleString VisibleString (SIZE (1..200)),
- * bmpString BMPString (SIZE (1..200)),
- * utf8String UTF8String (SIZE (1..200)) }
- *
- */
-
-struct NSSPKIXDisplayTextStr;
-typedef struct NSSPKIXDisplayTextStr NSSPKIXDisplayText;
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- */
-
-struct NSSPKIXPolicyMappingsStr;
-typedef struct NSSPKIXPolicyMappingsStr NSSPKIXPolicyMappings;
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- * SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- */
-
-struct NSSPKIXpolicyMappingStr;
-typedef struct NSSPKIXpolicyMappingStr NSSPKIXpolicyMapping;
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] AnotherName,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- */
-
-struct NSSPKIXGeneralNameStr;
-typedef struct NSSPKIXGeneralNameStr NSSPKIXGeneralName;
-
-/*
- * GeneralNameChoice
- *
- * This enumerates the possible general name types.
- */
-
-enum NSSPKIXGeneralNameChoiceEnum {
- NSSPKIXGeneralNameChoice_NSSinvalid = -1,
- NSSPKIXGeneralNameChoice_otherName = 0,
- NSSPKIXGeneralNameChoice_rfc822Name = 1,
- NSSPKIXGeneralNameChoice_dNSName = 2,
- NSSPKIXGeneralNameChoice_x400Address = 3,
- NSSPKIXGeneralNameChoice_directoryName = 4,
- NSSPKIXGeneralNameChoice_ediPartyName = 5,
- NSSPKIXGeneralNameChoice_uniformResourceIdentifier = 6,
- NSSPKIXGeneralNameChoice_iPAddress = 7,
- NSSPKIXGeneralNameChoice_registeredID = 8
-};
-typedef enum NSSPKIXGeneralNameChoiceEnum NSSPKIXGeneralNameChoice;
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- */
-
-struct NSSPKIXGeneralNamesStr;
-typedef struct NSSPKIXGeneralNamesStr NSSPKIXGeneralNames;
-
-/*
- * SubjectAltName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectAltName ::= GeneralNames
- *
- */
-
-typedef NSSPKIXGeneralNames NSSPKIXSubjectAltName;
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AnotherName ::= SEQUENCE {
- * type-id OBJECT IDENTIFIER,
- * value [0] EXPLICIT ANY DEFINED BY type-id }
- *
- */
-
-struct NSSPKIXAnotherNameStr;
-typedef struct NSSPKIXAnotherNameStr NSSPKIXAnotherName;
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString OPTIONAL,
- * partyName [1] DirectoryString }
- *
- */
-
-struct NSSPKIXEDIPartyNameStr;
-typedef struct NSSPKIXEDIPartyNameStr NSSPKIXEDIPartyName;
-
-/*
- * IssuerAltName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuerAltName ::= GeneralNames
- *
- */
-
-typedef NSSPKIXGeneralNames NSSPKIXIssuerAltName;
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- */
-
-struct NSSPKIXSubjectDirectoryAttributesStr;
-typedef struct NSSPKIXSubjectDirectoryAttributesStr NSSPKIXSubjectDirectoryAttributes;
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BasicConstraints ::= SEQUENCE {
- * cA BOOLEAN DEFAULT FALSE,
- * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
- *
- */
-
-struct NSSPKIXBasicConstraintsStr;
-typedef struct NSSPKIXBasicConstraintsStr NSSPKIXBasicConstraints;
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NameConstraints ::= SEQUENCE {
- * permittedSubtrees [0] GeneralSubtrees OPTIONAL,
- * excludedSubtrees [1] GeneralSubtrees OPTIONAL }
- *
- */
-
-struct NSSPKIXNameConstraintsStr;
-typedef struct NSSPKIXNameConstraintsStr NSSPKIXNameConstraints;
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- */
-
-struct NSSPKIXGeneralSubtreesStr;
-typedef struct NSSPKIXGeneralSubtreesStr NSSPKIXGeneralSubtrees;
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtree ::= SEQUENCE {
- * base GeneralName,
- * minimum [0] BaseDistance DEFAULT 0,
- * maximum [1] BaseDistance OPTIONAL }
- *
- */
-
-struct NSSPKIXGeneralSubtreeStr;
-typedef struct NSSPKIXGeneralSubtreeStr NSSPKIXGeneralSubtree;
-
-/*
- * BaseDistance
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BaseDistance ::= INTEGER (0..MAX)
- *
- */
-
-typedef PRInt32 NSSPKIXBaseDistance;
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyConstraints ::= SEQUENCE {
- * requireExplicitPolicy [0] SkipCerts OPTIONAL,
- * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyConstraintsStr;
-typedef NSSPKIXPolicyConstraintsStr NSSPKIXPolicyConstraints;
-
-/*
- * SkipCerts
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SkipCerts ::= INTEGER (0..MAX)
- *
- */
-
-typedef NSSItem NSSPKIXSkipCerts;
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- */
-
-struct NSSPKIXCRLDistPointsSyntaxStr;
-typedef struct NSSPKIXCRLDistPointsSyntaxStr NSSPKIXCRLDistPointsSyntax;
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * reasons [1] ReasonFlags OPTIONAL,
- * cRLIssuer [2] GeneralNames OPTIONAL }
- *
- */
-
-struct NSSPKIXDistributionPointStr;
-typedef struct NSSPKIXDistributionPointStr NSSPKIXDistributionPoint;
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPointName ::= CHOICE {
- * fullName [0] GeneralNames,
- * nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
- *
- */
-
-struct NSSPKIXDistributionPointNameStr;
-typedef struct NSSPKIXDistributionPointNameStr NSSPKIXDistributionPointName;
-
-/*
- * DistributionPointNameChoice
- *
- * -- fgmr comments --
- *
- */
-
-enum NSSPKIXDistributionPointNameChoiceEnum {
- NSSDistributionPointNameChoice_NSSinvalid = -1,
- NSSDistributionPointNameChoice_FullName = 0,
- NSSDistributionPointNameChoice_NameRelativeToCRLIssuer = 1
-};
-typedef enum NSSPKIXDistributionPointNameChoiceEnum NSSPKIXDistributionPointNameChoice;
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ReasonFlags ::= BIT STRING {
- * unused (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6) }
- *
- */
-
-struct NSSPKIXReasonFlagsStr;
-typedef struct NSSPKIXReasonFlagsStr NSSPKIXReasonFlags;
-
-/*
- * ReasonFlagsMask
- *
- * -- fgmr comments --
- *
- */
-
-typedef PRInt32 NSSPKIXReasonFlagsMask;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_NSSinvalid = -1;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_KeyCompromise = 0x02;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_CACompromise = 0x04;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_AffiliationChanged = 0x08;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_Superseded = 0x10;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_CessationOfOperation= 0x20;
-const NSSPKIXReasonFlagsMask NSSPKIXReasonFlagsMask_CertificateHold = 0x40;
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- */
-
-struct NSSPKIXExtKeyUsageSyntaxStr;
-typedef struct NSSPKIXExtKeyUsageSyntaxStr NSSPKIXExtKeyUsageSyntax;
-
-/*
- * KeyPurposeId
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyPurposeId ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXKeyPurposeId;
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityInfoAccessSyntax ::=
- * SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- */
-
-struct NSSPKIXAuthorityInfoAccessSyntaxStr;
-typedef struct NSSPKIXAuthorityInfoAccessSyntaxStr NSSPKIXAuthorityInfoAccessSyntax;
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AccessDescription ::= SEQUENCE {
- * accessMethod OBJECT IDENTIFIER,
- * accessLocation GeneralName }
- *
- */
-
-struct NSSPKIXAccessDescriptionStr;
-typedef struct NSSPKIXAccessDescriptionStr NSSPKIXAccessDescription;
-
-/*
- * CRLNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLNumber ::= INTEGER (0..MAX)
- *
- */
-
-typedef NSSItem NSSPKIXCRLNumber;
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuingDistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
- * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
- * onlySomeReasons [3] ReasonFlags OPTIONAL,
- * indirectCRL [4] BOOLEAN DEFAULT FALSE }
- *
- */
-
-struct NSSPKIXIssuingDistributionPointStr;
-typedef struct NSSPKIXIssuingDistributionPointStr NSSPKIXIssuingDistributionPoint;
-
-/*
- * BaseCRLNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BaseCRLNumber ::= CRLNumber
- *
- */
-
-typedef NSSPKIXCRLNumber NSSPKIXBaseCRLNumber;
-
-/*
- * CRLReason
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLReason ::= ENUMERATED {
- * unspecified (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6),
- * removeFromCRL (8) }
- *
- */
-
-enum NSSPKIXCRLReasonEnum {
- NSSPKIXCRLReasonEnum_NSSinvalid = -1,
- NSSPKIXCRLReasonEnum_unspecified = 0,
- NSSPKIXCRLReasonEnum_keyCompromise = 1,
- NSSPKIXCRLReasonEnum_cACompromise = 2,
- NSSPKIXCRLReasonEnum_affiliationChanged = 3,
- NSSPKIXCRLReasonEnum_superseded = 4,
- NSSPKIXCRLReasonEnum_cessationOfOperation = 5,
- NSSPKIXCRLReasonEnum_certificateHold = 6,
- NSSPKIXCRLReasonEnum_removeFromCRL = 8
-};
-typedef enum NSSPKIXCRLReasonEnum NSSPKIXCRLReason;
-
-/*
- * CertificateIssuer
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateIssuer ::= GeneralNames
- *
- */
-
-typedef NSSPKIXGeneralNames NSSPKIXCertificateIssuer;
-
-/*
- * HoldInstructionCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * HoldInstructionCode ::= OBJECT IDENTIFIER
- *
- */
-
-typedef NSSOID NSSPKIXHoldInstructionCode;
-
-/*
- * InvalidityDate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * InvalidityDate ::= GeneralizedTime
- *
- */
-
-typedef PRTime NSSPKIXInvalidityDate;
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIXT_H */
diff --git a/security/nss/lib/pkix/include/pkix.h b/security/nss/lib/pkix/include/pkix.h
deleted file mode 100644
index 8ebe95595..000000000
--- a/security/nss/lib/pkix/include/pkix.h
+++ /dev/null
@@ -1,26086 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIX_H
-#define PKIX_H
-
-#ifdef DEBUG
-static const char PKIX_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkix.h
- *
- * This file contains the prototypes for the private methods defined
- * for the PKIX part-1 objects.
- */
-
-#ifndef NSSPKIX_H
-#include "nsspkix.h"
-#endif /* NSSPKIX_H */
-
-#ifndef PKIXT_H
-#include "pkixt.h"
-#endif /* PKIXT_H */
-
-#ifndef ASN1T_H
-#include "asn1t.h"
-#endif /* ASN1T_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Attribute ::= SEQUENCE {
- * type AttributeType,
- * values SET OF AttributeValue
- * -- at least one value is required -- }
- *
- * The private calls for the type:
- *
- * nssPKIXAttribute_Decode
- * nssPKIXAttribute_Create
- * nssPKIXAttribute_CreateFromArray
- * nssPKIXAttribute_Destroy
- * nssPKIXAttribute_Encode
- * nssPKIXAttribute_GetType
- * nssPKIXAttribute_SetType
- * nssPKIXAttribute_GetValueCount
- * nssPKIXAttribute_GetValues
- * nssPKIXAttribute_SetValues
- * nssPKIXAttribute_GetValue
- * nssPKIXAttribute_SetValue
- * nssPKIXAttribute_AddValue
- * nssPKIXAttribute_RemoveValue
- * nssPKIXAttribute_FindValue
- * nssPKIXAttribute_Equal
- * nssPKIXAttribute_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAttribute_verifyPointer
- */
-
-/*
- * nssPKIXAttribute_template
- *
- *
- */
-
-extern const nssASN1Template nssPKIXAttribute_template[];
-
-/*
- * nssPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459. This
- * routine may return NULL upon error, in which case it will
- * have created an error stack. If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value1,
- ...
-);
-
-/*
- * nssPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_CreateFromArray
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- NSSPKIXAttributeValue values[]
-);
-
-/*
- * nssPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute. It should be called on
- * all such objects created without an arena. It does not need to be
- * called for objects created with an arena, but it may be. This
- * routine returns a PRStatus value. Upon error, it will create an
- * error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_Destroy
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXAttribute_Encode
- *
- * This routine returns the BER encoding of the specified
- * NSSPKIXAttribute. {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA)
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAttribute_Encode
-(
- NSSPKIXAttribute *attribute,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-nssPKIXAttribute_GetType
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value. Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_SetType
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeType *attributeType
-);
-
-/*
- * nssPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute. This routine returns a PRInt32.
- * Upon error, this routine returns -1. This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAttribute_GetValueCount
-(
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute. If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned. If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSItem's upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_SetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue values[],
- PRInt32 count
-);
-
-/*
- * nssPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute. Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed. {usual comments about
- * itemOpt and arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_SetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_AddValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute. An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_RemoveValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i
-);
-
-/*
- * nssPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data. If an exact match is found,
- * then that value's index is returned. If an exact match is not
- * found, -1 is returned. If there is more than one exact match, one
- * index will be returned. {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAttribute_FindValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *attributeValue
-);
-
-/*
- * nssPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAttribute_Equal
-(
- NSSPKIXAttribute *one,
- NSSPKIXAttribute *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute. {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Duplicate
-(
- NSSPKIXAttribute *attribute,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttribute_verifyPointer
-(
- NSSPKIXAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNames consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type AttributeType,
- * value AttributeValue }
- *
- * The private calls for the type:
- *
- * nssPKIXAttributeTypeAndValue_Decode
- * nssPKIXAttributeTypeAndValue_CreateFromUTF8
- * nssPKIXAttributeTypeAndValue_Create
- * nssPKIXAttributeTypeAndValue_Destroy
- * nssPKIXAttributeTypeAndValue_Encode
- * nssPKIXAttributeTypeAndValue_GetUTF8Encoding
- * nssPKIXAttributeTypeAndValue_GetType
- * nssPKIXAttributeTypeAndValue_SetType
- * nssPKIXAttributeTypeAndValue_GetValue
- * nssPKIXAttributeTypeAndValue_SetValue
- * nssPKIXAttributeTypeAndValue_Equal
- * nssPKIXAttributeTypeAndValue_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAttributeTypeAndValue_verifyPointer
- */
-
-/*
- * nssPKIXAttributeTypeAndValue_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_Destroy
-(
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAttributeTypeAndValue_Encode
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_GetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeType *
-nssPKIXAttributeTypeAndValue_GetType
-(
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_SetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_SetType
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeType *attributeType
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_GetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttributeTypeAndValue_GetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_SetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_SetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *value
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAttributeTypeAndValue_Equal
-(
- NSSPKIXAttributeTypeAndValue *atav1,
- NSSPKIXAttributeTypeAndValue *atav2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAttributeTypeAndValue_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Duplicate
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAttributeTypeAndValue_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAttributeTypeAndValue
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE_TYPE_AND_VALUE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_verifyPointer
-(
- NSSPKIXAttributeTypeAndValue *p
-);
-#endif /* DEBUG */
-
-/*
- * X520Name
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520name ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-name)),
- * printableString PrintableString (SIZE (1..ub-name)),
- * universalString UniversalString (SIZE (1..ub-name)),
- * utf8String UTF8String (SIZE (1..ub-name)),
- * bmpString BMPString (SIZE(1..ub-name)) }
- *
- *
- * ub-name INTEGER ::= 32768
- *
- * The private calls for this type:
- *
- * nssPKIXX520Name_Decode
- * nssPKIXX520Name_CreateFromUTF8
- * nssPKIXX520Name_Create
- * nssPKIXX520Name_Destroy
- * nssPKIXX520Name_Encode
- * nssPKIXX520Name_GetUTF8Encoding
- * nssPKIXX520Name_Equal
- * nssPKIXX520Name_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXX520Name_verifyPointer
- */
-
-/*
- * nssPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520Name_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSItem *data
-);
-
-/*
- * nssPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520Name_Destroy
-(
- NSSPKIXX520Name *name
-);
-
-/*
- * nssPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520Name_Encode
-(
- NSSPKIXX520Name *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXX520Name_GetUTF8Encoding
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXX520Name_Equal
-(
- NSSPKIXX520Name *name1,
- NSSPKIXX520Name *name2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXX520Name_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Name *
-nssPKIXX520Name_Duplicate
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-
-/*
- * nssPKIXX520Name_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXX520Name
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X520_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXX520Name_verifyPointer
-(
- NSSPKIXX520Name *p
-);
-
-#endif /* DEBUG */
-
-/*
- * X520CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520CommonName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-common-name)),
- * printableString PrintableString (SIZE (1..ub-common-name)),
- * universalString UniversalString (SIZE (1..ub-common-name)),
- * utf8String UTF8String (SIZE (1..ub-common-name)),
- * bmpString BMPString (SIZE(1..ub-common-name)) }
- *
- *
- * ub-common-name INTEGER ::= 64
- *
- * The private calls for this type:
- *
- *
- * nssPKIXX520CommonName_Decode
- * nssPKIXX520CommonName_CreateFromUTF8
- * nssPKIXX520CommonName_Create
- * nssPKIXX520CommonName_Destroy
- * nssPKIXX520CommonName_Encode
- * nssPKIXX520CommonName_GetUTF8Encoding
- * nssPKIXX520CommonName_Equal
- * nssPKIXX520CommonName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXX520CommonName_verifyPointer
- */
-
-/*
- * nssPKIXX520CommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520CommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520CommonName_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSItem *data
-);
-
-/*
- * nssPKIXX520CommonName_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520CommonName_Destroy
-(
- NSSPKIXX520CommonName *name
-);
-
-/*
- * nssPKIXX520CommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520CommonName_Encode
-(
- NSSPKIXX520CommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520CommonName_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXX520CommonName_GetUTF8Encoding
-(
- NSSPKIXX520CommonName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXX520CommonName_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXX520CommonName_Equal
-(
- NSSPKIXX520CommonName *name1,
- NSSPKIXX520CommonName *name2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXX520CommonName_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520CommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520CommonName *
-nssPKIXX520CommonName_Duplicate
-(
- NSSPKIXX520CommonName *name,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-
-/*
- * nssPKIXX520CommonName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXX520CommonName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X520_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXX520CommonName_verifyPointer
-(
- NSSPKIXX520CommonName *p
-);
-
-#endif /* DEBUG */
-
-/*
- * X520LocalityName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520LocalityName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-locality-name)),
- * printableString PrintableString (SIZE (1..ub-locality-name)),
- * universalString UniversalString (SIZE (1..ub-locality-name)),
- * utf8String UTF8String (SIZE (1..ub-locality-name)),
- * bmpString BMPString (SIZE(1..ub-locality-name)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520LocalityName_Decode
- * nssPKIXX520LocalityName_CreateFromUTF8
- * nssPKIXX520LocalityName_Encode
- *
- */
-
-/*
- * nssPKIXX520LocalityName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520LocalityName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-nssPKIXX520LocalityName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520LocalityName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520LocalityName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520LocalityName *
-nssPKIXX520LocalityName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520LocalityName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520LocalityName_Encode
-(
- NSSPKIXX520LocalityName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520StateOrProvinceName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520StateOrProvinceName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-state-name)),
- * printableString PrintableString (SIZE (1..ub-state-name)),
- * universalString UniversalString (SIZE (1..ub-state-name)),
- * utf8String UTF8String (SIZE (1..ub-state-name)),
- * bmpString BMPString (SIZE(1..ub-state-name)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520StateOrProvinceName_Decode
- * nssPKIXX520StateOrProvinceName_CreateFromUTF8
- * nssPKIXX520StateOrProvinceName_Encode
- *
- */
-
-/*
- * nssPKIXX520StateOrProvinceName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-nssPKIXX520StateOrProvinceName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520StateOrProvinceName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520StateOrProvinceName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520StateOrProvinceName *
-nssPKIXX520StateOrProvinceName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520StateOrProvinceName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520StateOrProvinceName_Encode
-(
- NSSPKIXX520StateOrProvinceName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organization-name)),
- * printableString PrintableString (SIZE (1..ub-organization-name)),
- * universalString UniversalString (SIZE (1..ub-organization-name)),
- * utf8String UTF8String (SIZE (1..ub-organization-name)),
- * bmpString BMPString (SIZE(1..ub-organization-name)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520OrganizationName_Decode
- * nssPKIXX520OrganizationName_CreateFromUTF8
- * nssPKIXX520OrganizationName_Encode
- *
- */
-
-/*
- * nssPKIXX520OrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-nssPKIXX520OrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520OrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationName *
-nssPKIXX520OrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520OrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520OrganizationName_Encode
-(
- NSSPKIXX520OrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520OrganizationalUnitName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-organizational-unit-name)),
- * printableString PrintableString
- * (SIZE (1..ub-organizational-unit-name)),
- * universalString UniversalString
- * (SIZE (1..ub-organizational-unit-name)),
- * utf8String UTF8String (SIZE (1..ub-organizational-unit-name)),
- * bmpString BMPString (SIZE(1..ub-organizational-unit-name)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520OrganizationalUnitName_Decode
- * nssPKIXX520OrganizationalUnitName_CreateFromUTF8
- * nssPKIXX520OrganizationalUnitName_Encode
- *
- */
-
-/*
- * nssPKIXX520OrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-nssPKIXX520OrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520OrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520OrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520OrganizationalUnitName *
-nssPKIXX520OrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520OrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520OrganizationalUnitName_Encode
-(
- NSSPKIXX520OrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520Title
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520Title ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-title)),
- * printableString PrintableString (SIZE (1..ub-title)),
- * universalString UniversalString (SIZE (1..ub-title)),
- * utf8String UTF8String (SIZE (1..ub-title)),
- * bmpString BMPString (SIZE(1..ub-title)) }
- *
- * The private calls for this type:
- *
- * nssPKIXX520Title_Decode
- * nssPKIXX520Title_CreateFromUTF8
- * nssPKIXX520Title_Encode
- *
- */
-
-/*
- * nssPKIXX520Title_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Title upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-nssPKIXX520Title_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520Title_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Title upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520Title *
-nssPKIXX520Title_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520Title_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520Title_Encode
-(
- NSSPKIXX520Title *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520dnQualifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520dnQualifier ::= PrintableString
- *
- * The private calls for this type:
- *
- * nssPKIXX520dnQualifier_Decode
- * nssPKIXX520dnQualifier_CreateFromUTF8
- * nssPKIXX520dnQualifier_Encode
- *
- */
-
-/*
- * nssPKIXX520dnQualifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520dnQualifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-nssPKIXX520dnQualifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520dnQualifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520dnQualifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520dnQualifier *
-nssPKIXX520dnQualifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520dnQualifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520dnQualifier_Encode
-(
- NSSPKIXX520dnQualifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X520countryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes
- *
- * The private calls for this type:
- *
- * nssPKIXX520countryName_Decode
- * nssPKIXX520countryName_CreateFromUTF8
- * nssPKIXX520countryName_Encode
- *
- */
-
-/*
- * nssPKIXX520countryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520countryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-nssPKIXX520countryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX520countryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520countryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX520countryName *
-nssPKIXX520countryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX520countryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX520countryName_Encode
-(
- NSSPKIXX520countryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Pkcs9email
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
- *
- * The private calls for this type:
- *
- * nssPKIXPkcs9email_Decode
- * nssPKIXPkcs9email_CreateFromUTF8
- * nssPKIXPkcs9email_Encode
- *
- */
-
-/*
- * nssPKIXPkcs9email_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPkcs9email upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-nssPKIXPkcs9email_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPkcs9email_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPkcs9email upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPkcs9email *
-nssPKIXPkcs9email_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPkcs9email_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPkcs9email_Encode
-(
- NSSPKIXPkcs9email *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- * The private calls for this type:
- *
- * nssPKIXName_Decode
- * nssPKIXName_CreateFromUTF8
- * nssPKIXName_Create
- * nssPKIXName_CreateFromRDNSequence
- * nssPKIXName_Destroy
- * nssPKIXName_Encode
- * nssPKIXName_GetUTF8Encoding
- * nssPKIXName_GetChoice
- * nssPKIXName_GetRDNSequence
- * nssPKIXName_GetSpecifiedChoice {fgmr remove this}
-{fgmr} _SetRDNSequence
-{fgmr} _SetSpecifiedChoice
- * nssPKIXName_Equal
- * nssPKIXName_Duplicate
- *
- * (here is where I had specific attribute value gettors in pki1)
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXName_verifyPointer
- *
- */
-
-/*
- * nssPKIXName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * nssPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNameChoice choice,
- void *arg
-);
-
-/*
- * nssPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_CreateFromRDNSequence
-(
- NSSArena *arenaOpt,
- NSSPKIXRDNSequence *rdnSequence
-);
-
-/*
- * nssPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXName_Destroy
-(
- NSSPKIXName *name
-);
-
-/*
- * nssPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXName_Encode
-(
- NSSPKIXName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXName_GetUTF8Encoding
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid element of the NSSPKIXNameChoice enumeration upon success
- * The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_EXTERN NSSPKIXNameChoice
-nssPKIXName_GetChoice
-(
- NSSPKIXName *name
-);
-
-/*
- * nssPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer to a valid NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXName_GetRDNSequence
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer ...
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-nssPKIXName_GetSpecifiedChoice
-(
- NSSPKIXName *name,
- NSSPKIXNameChoice choice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXName_Equal
-(
- NSSPKIXName *name1,
- NSSPKIXName *name2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXName_Duplicate
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXName_verifyPointer
-(
- NSSPKIXName *p
-);
-#endif /* DEBUG */
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- * The private calls for this type:
- *
- * nssPKIXRDNSequence_Decode
- * nssPKIXRDNSequence_CreateFromUTF8
- * nssPKIXRDNSequence_Create
- * nssPKIXRDNSequence_CreateFromArray
- * nssPKIXRDNSequence_Destroy
- * nssPKIXRDNSequence_Encode
- * nssPKIXRDNSequence_GetUTF8Encoding
- * nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
- * nssPKIXRDNSequence_GetRelativeDistinguishedNames
- * nssPKIXRDNSequence_SetRelativeDistinguishedNames
- * nssPKIXRDNSequence_GetRelativeDistinguishedName
- * nssPKIXRDNSequence_SetRelativeDistinguishedName
- * nssPKIXRDNSequence_AppendRelativeDistinguishedName
- * nssPKIXRDNSequence_InsertRelativeDistinguishedName
- * nssPKIXRDNSequence_RemoveRelativeDistinguishedName
- * nssPKIXRDNSequence_FindRelativeDistinguishedName
- * nssPKIXRDNSequence_Equal
- * nssPKIXRDNSequence_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXRDNSequence_verifyPointer
- *
- */
-
-/*
- * nssPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * nssPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXRelativeDistinguishedName *rdn1
-);
-
-/*
- * nssPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *rdn1,
- ...
-);
-
-/*
- * nssPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_Destroy
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * nssPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXRDNSequence_Encode
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXRDNSequence_GetUTF8Encoding
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence. {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXRelativeDistinguishedName
- * pointers upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName **
-nssPKIXRDNSequence_GetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdns[],
- PRInt32 countOpt
-);
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRDNSequence_GetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_AppendRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_InsertRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i
-);
-
-/*
- * nssPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRDNSequence_FindRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXRDNSequence_Equal
-(
- NSSPKIXRDNSequence *one,
- NSSPKIXRDNSequence *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Duplicate
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXRDNSequence_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRDNSequence
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRDNSequence_verifyPointer
-(
- NSSPKIXRDNSequence *p
-);
-#endif /* DEBUG */
-
-/*
- * DistinguishedName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistinguishedName ::= RDNSequence
- *
- * This is just a public typedef; no new methods are required. {fgmr-- right?}
- */
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- * The private calls for this type:
- *
- * nssPKIXRelativeDistinguishedName_Decode
- * nssPKIXRelativeDistinguishedName_CreateFromUTF8
- * nssPKIXRelativeDistinguishedName_Create
- * nssPKIXRelativeDistinguishedName_CreateFromArray
- * nssPKIXRelativeDistinguishedName_Destroy
- * nssPKIXRelativeDistinguishedName_Encode
- * nssPKIXRelativeDistinguishedName_GetUTF8Encoding
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- * nssPKIXRelativeDistinguishedName_Equal
- * nssPKIXRelativeDistinguishedName_Duplicate
- *
- * fgmr: Logical additional functions include
- *
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValueByType
- * returns PRInt32
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValuesByType
- * returns array of PRInt32
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueForType
- * returns NSSPKIXAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValuesForType
- * returns array of NSSPKIXAttributeTypeAndValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeValueForType
- * returns NSSPKIXAttributeValue
- * NSSPKIXRelativeDistinguishedName_GetAttributeValuesForType
- * returns array of NSSPKIXAttributeValue
- *
- * NOTE: the "return array" versions are only meaningful if an RDN may
- * contain multiple ATAVs with the same type. Verify in the RFC if
- * this is possible or not. If not, nuke those three functions.
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXRelativeDistinguishedName_verifyPointer
- *
- */
-
-/*
- * nssPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeTypeAndValue *atav1,
- ...
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXAttributeTypeAndValue *atavs
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_Destroy
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXRelativeDistinguishedName_Encode
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttributeTypeAndValue
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue **
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atavs[],
- PRInt32 countOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeTypeAndValue *
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXRelativeDistinguishedName_Equal
-(
- NSSPKIXRelativeDistinguishedName *one,
- NSSPKIXRelativeDistinguishedName *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Duplicate
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXRelativeDistinguishedName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRelativeDistinguishedName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXRelativeDistinguishedName_verifyPointer
-(
- NSSPKIXRelativeDistinguishedName *p
-);
-#endif /* DEBUG */
-
-/*
- * DirectoryString
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DirectoryString ::= CHOICE {
- * teletexString TeletexString (SIZE (1..MAX)),
- * printableString PrintableString (SIZE (1..MAX)),
- * universalString UniversalString (SIZE (1..MAX)),
- * utf8String UTF8String (SIZE (1..MAX)),
- * bmpString BMPString (SIZE(1..MAX)) }
- *
- * The private calls for this type:
- *
- * nssPKIXDirectoryString_Decode
- * nssPKIXDirectoryString_CreateFromUTF8
- * nssPKIXDirectoryString_Encode
- *
- */
-
-/*
- * nssPKIXDirectoryString_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDirectoryString upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-nssPKIXDirectoryString_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXDirectoryString_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDirectoryString upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDirectoryString *
-nssPKIXDirectoryString_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXDirectoryString_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_DIRECTORY_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDirectoryString_Encode
-(
- NSSPKIXDirectoryString *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Certificate ::= SEQUENCE {
- * tbsCertificate TBSCertificate,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- * The private calls for this type:
- *
- * nssPKIXCertificate_Decode
- * nssPKIXCertificate_Create
- * nssPKIXCertificate_Destroy
- * nssPKIXCertificate_Encode
- * nssPKIXCertificate_GetTBSCertificate
- * nssPKIXCertificate_SetTBSCertificate
- * nssPKIXCertificate_GetAlgorithmIdentifier
- * nssPKIXCertificate_SetAlgorithmIdentifier
- * nssPKIXCertificate_GetSignature
- * nssPKIXCertificate_SetSignature
- * nssPKIXCertificate_Equal
- * nssPKIXCertificate_Duplicate
- *
- * { inherit TBSCertificate gettors? }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXCertificate_verifyPointer
- *
- */
-
-/*
- * nssPKIXCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-nssPKIXCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCertificate_Create
- *
- * -- fgmr comments --
- * { at this level we'll have to just accept a specified signature }
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_ALGID
- * NSS_ERROR_INVALID_PKIX_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-nssPKIXCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXAlgorithmIdentifier *algID,
- NSSItem *signature
-);
-
-/*
- * nssPKIXCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_Destroy
-(
- NSSPKIXCertificate *cert
-);
-
-/*
- * nssPKIXCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCertificate_Encode
-(
- NSSPKIXCertificate *cert,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_GetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXCertificate_GetTBSCertificate
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_SetTBSCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_SetTBSCertificate
-(
- NSSPKIXCertificate *cert,
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXCertificate_GetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXCertificate_GetAlgorithmIdentifier
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_SetAlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_SetAlgorithmIdentifier
-(
- NSSPKIXCertificate *cert,
- NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * nssPKIXCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXCertificate_GetSignature
-(
- NSSPKIXCertificate *cert,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_SetSignature
-(
- NSSPKIXCertificate *cert,
- NSSItem *signature
-);
-
-/*
- * nssPKIXCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCertificate_Equal
-(
- NSSPKIXCertificate *one,
- NSSPKIXCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificate *
-nssPKIXCertificate_Duplicate
-(
- NSSPKIXCertificate *cert,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCertificate_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCertificate
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificate_verifyPointer
-(
- NSSPKIXCertificate *p
-);
-#endif /* DEBUG */
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertificate ::= SEQUENCE {
- * version [0] Version DEFAULT v1,
- * serialNumber CertificateSerialNumber,
- * signature AlgorithmIdentifier,
- * issuer Name,
- * validity Validity,
- * subject Name,
- * subjectPublicKeyInfo SubjectPublicKeyInfo,
- * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * extensions [3] Extensions OPTIONAL
- * -- If present, version shall be v3 -- }
- *
- * The private calls for this type:
- *
- * nssPKIXTBSCertificate_Decode
- * nssPKIXTBSCertificate_Create
- * nssPKIXTBSCertificate_Destroy
- * nssPKIXTBSCertificate_Encode
- * nssPKIXTBSCertificate_GetVersion
- * nssPKIXTBSCertificate_SetVersion
- * nssPKIXTBSCertificate_GetSerialNumber
- * nssPKIXTBSCertificate_SetSerialNumber
- * nssPKIXTBSCertificate_GetSignature
- * nssPKIXTBSCertificate_SetSignature
- * { inherit algid gettors? }
- * nssPKIXTBSCertificate_GetIssuer
- * nssPKIXTBSCertificate_SetIssuer
- * { inherit "helper" issuer gettors? }
- * nssPKIXTBSCertificate_GetValidity
- * nssPKIXTBSCertificate_SetValidity
- * { inherit validity accessors }
- * nssPKIXTBSCertificate_GetSubject
- * nssPKIXTBSCertificate_SetSubject
- * nssPKIXTBSCertificate_GetSubjectPublicKeyInfo
- * nssPKIXTBSCertificate_SetSubjectPublicKeyInfo
- * nssPKIXTBSCertificate_HasIssuerUniqueID
- * nssPKIXTBSCertificate_GetIssuerUniqueID
- * nssPKIXTBSCertificate_SetIssuerUniqueID
- * nssPKIXTBSCertificate_RemoveIssuerUniqueID
- * nssPKIXTBSCertificate_HasSubjectUniqueID
- * nssPKIXTBSCertificate_GetSubjectUniqueID
- * nssPKIXTBSCertificate_SetSubjectUniqueID
- * nssPKIXTBSCertificate_RemoveSubjectUniqueID
- * nssPKIXTBSCertificate_HasExtensions
- * nssPKIXTBSCertificate_GetExtensions
- * nssPKIXTBSCertificate_SetExtensions
- * nssPKIXTBSCertificate_RemoveExtensions
- * { extension accessors }
- * nssPKIXTBSCertificate_Equal
- * nssPKIXTBSCertificate_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTBSCertificate_verifyPointer
- */
-
-/*
- * nssPKIXTBSCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXTBSCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTBSCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_VERSION
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ISSUER_NAME
- * NSS_ERROR_INVALID_VALIDITY
- * NSS_ERROR_INVALID_SUBJECT_NAME
- * NSS_ERROR_INVALID_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ISSUER_UNIQUE_IDENTIFIER
- * NSS_ERROR_INVALID_SUBJECT_UNIQUE_IDENTIFIER
- * NSS_ERROR_INVALID_EXTENSION
- *
- * Return value:
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXTBSCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXVersion version,
- NSSPKIXCertificateSerialNumber *serialNumber,
- NSSPKIXAlgorithmIdentifier *signature,
- NSSPKIXName *issuer,
- NSSPKIXValidity *validity,
- NSSPKIXName *subject,
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSPKIXUniqueIdentifier *issuerUniqueID,
- NSSPKIXUniqueIdentifier *subjectUniqueID,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * nssPKIXTBSCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_Destroy
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTBSCertificate_Encode
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid element of the NSSPKIXVersion enumeration upon success
- * NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-nssPKIXTBSCertificate_GetVersion
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetVersion
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXVersion version
-);
-
-/*
- * nssPKIXTBSCertificate_GetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-nssPKIXTBSCertificate_GetSerialNumber
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXCertificateSerialNumber *snOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSerialNumber
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXCertificateSerialNumber *sn
-);
-
-/*
- * nssPKIXTBSCertificate_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXTBSCertificate_GetSignature
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSignature
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXAlgorithmIdentifier *algID
-);
-
-/*
- * { fgmr inherit algid gettors? }
- */
-
-/*
- * nssPKIXTBSCertificate_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXTBSCertificate_GetIssuer
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetIssuer
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXName *issuer
-);
-
-/*
- * { inherit "helper" issuer gettors? }
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- *
- * Return value:
- */
-
-/*
- * nssPKIXTBSCertificate_GetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXTBSCertificate_GetValidity
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetValidity
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetValidity
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXValidity *validity
-);
-
-/*
- * { fgmr inherit validity accessors }
- */
-
-/*
- * nssPKIXTBSCertificate_GetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXTBSCertificate_GetSubject
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSubject
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXName *subject
-);
-
-/*
- * nssPKIXTBSCertificate_GetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXTBSCertificate_GetSubjectPublicKeyInfo
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSubjectPublicKeyInfo
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * nssPKIXTBSCertificate_HasIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_HasIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXUniqueIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-nssPKIXTBSCertificate_GetIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uidOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * nssPKIXTBSCertificate_RemoveIssuerUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_ISSUER_UNIQUE_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_RemoveIssuerUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_HasSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_HasSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXUniqueIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUniqueIdentifier *
-nssPKIXTBSCertificate_GetSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uidOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXUniqueIdentifier *uid
-);
-
-/*
- * nssPKIXTBSCertificate_RemoveSubjectUniqueID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_SUBJECT_UNIQUE_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_RemoveSubjectUniqueID
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * nssPKIXTBSCertificate_HasExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_HasExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_GetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-nssPKIXTBSCertificate_GetExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertificate_SetExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_SetExtensions
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * nssPKIXTBSCertificate_RemoveExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_CERT_HAS_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_RemoveExtensions
-(
- NSSPKIXTBSCertificate *tbsCert
-);
-
-/*
- * { extension accessors }
- */
-
-/*
- * nssPKIXTBSCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertificate_Equal
-(
- NSSPKIXTBSCertificate *one,
- NSSPKIXTBSCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertificate *
-nssPKIXTBSCertificate_Duplicate
-(
- NSSPKIXTBSCertificate *tbsCert,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTBSCertificate_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTBSCertificate
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertificate_verifyPointer
-(
- NSSPKIXTBSCertificate *p
-);
-#endif /* DEBUG */
-
-/*
- * CertificateSerialNumber
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateSerialNumber ::= INTEGER
- *
- * This is just a typedef'd NSSBER; no methods are required.
- * {fgmr -- the asn.1 stuff should have routines to convert
- * integers to natural types when possible and vv. we can
- * refer to them here..}
- */
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Validity ::= SEQUENCE {
- * notBefore Time,
- * notAfter Time }
- *
- * The private calls for the type:
- *
- * nssPKIXValidity_Decode
- * nssPKIXValidity_Create
- * nssPKIXValidity_Encode
- * nssPKIXValidity_Destroy
- * nssPKIXValidity_GetNotBefore
- * nssPKIXValidity_SetNotBefore
- * nssPKIXValidity_GetNotAfter
- * nssPKIXValidity_SetNotAfter
- * nssPKIXValidity_Equal
- * nssPKIXValidity_Compare
- * nssPKIXValidity_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXValidity_verifyPointer
- *
- */
-
-/*
- * nssPKIXValidity_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXValidity_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXValidity_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXValidity_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTime notBefore,
- NSSPKIXTime notAfter
-);
-
-/*
- * nssPKIXValidity_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_Destroy
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * nssPKIXValidity_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXValidity_Encode
-(
- NSSPKIXValidity *validity,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXValidity_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXValidity_GetNotBefore
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * nssPKIXValidity_SetNotBefore
- *
- * -- fgmr comments --
- * {do we require that it be before the "notAfter" value?}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_SetNotBefore
-(
- NSSPKIXValidity *validity,
- NSSPKIXTime notBefore
-);
-
-/*
- * nssPKIXValidity_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXValidity_GetNotAfter
-(
- NSSPKIXValidity *validity
-);
-
-/*
- * nssPKIXValidity_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_SetNotAfter
-(
- NSSPKIXValidity *validity,
- NSSPKIXTime notAfter
-);
-
-/*
- * nssPKIXValidity_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXValidity_Equal
-(
- NSSPKIXValidity *one,
- NSSPKIXValidity *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXValidity_Compare
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * 1 if the second is "greater" or later than the first
- * 0 if they are equal
- * -1 if the first is "greater" or later than the first
- * -2 upon failure
- */
-
-NSS_EXTERN PRIntn
-nssPKIXValidity_Compare
-(
- NSSPKIXValidity *one,
- NSSPKIXValidity *two
-);
-
-/*
- * nssPKIXValidity_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXValidity upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXValidity *
-nssPKIXValidity_Duplicate
-(
- NSSPKIXValidity *validity,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXValidity_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXValidity
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_VALIDITY
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXValidity_verifyPointer
-(
- NSSPKIXValidity *p
-);
-#endif /* DEBUG */
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Time ::= CHOICE {
- * utcTime UTCTime,
- * generalTime GeneralizedTime }
- *
- * The private calls for the type:
- *
- * nssPKIXTime_Decode
- * nssPKIXTime_CreateFromPRTime
- * nssPKIXTime_CreateFromUTF8
- * nssPKIXTime_Destroy
- * nssPKIXTime_Encode
- * nssPKIXTime_GetPRTime
- * nssPKIXTime_GetUTF8Encoding
- * nssPKIXTime_Equal
- * nssPKIXTime_Duplicate
- * nssPKIXTime_Compare
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTime_verifyPointer
- *
- */
-
-/*
- * nssPKIXTime_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXTime_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXTime_CreateFromPRTime
-(
- NSSArena *arenaOpt,
- PRTime prTime
-);
-
-/*
- * nssPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXTime_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTime_Destroy
- *
- */
-
-NSS_EXTERN PR_STATUS
-nssPKIXTime_Destroy
-(
- NSSPKIXTime *time
-);
-
-/*
- * nssPKIXTime_Encode
- *
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTime_Encode
-(
- NSSPKIXTime *time,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTime_GetPRTime
- *
- * Returns a zero on error
- */
-
-NSS_EXTERN PRTime
-nssPKIXTime_GetPRTime
-(
- NSSPKIXTime *time,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTime_GetUTF8Encoding
- *
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKXITime_GetUTF8Encoding
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTime_Equal
- *
- */
-
-NSS_EXTERN PRBool
-nssPKXITime_Equal
-(
- NSSPKXITime *time1,
- NSSPKXITime *time2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTime_Duplicate
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKXITime_Duplicate
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTime_Compare
- *
- * Usual result: -1, 0, 1
- * Returns 0 on error
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTime_Compare
-(
- NSSPKIXTime *time1,
- NSSPKIXTime *tiem2,
- PRStatus *statusOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTime_verifyPointer
- *
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTime_verifyPointer
-(
- NSSPKIXTime *time
-);
-#endif /* DEBUG */
-
-/*
- * UniqueIdentifier
- *
- * From RFC 2459:
- *
- * UniqueIdentifier ::= BIT STRING
- *
- */
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- *
- * The private calls for the type:
- *
- * nssPKIXSubjectPublicKeyInfo_Decode
- * nssPKIXSubjectPublicKeyInfo_Create
- * nssPKIXSubjectPublicKeyInfo_Encode
- * nssPKIXSubjectPublicKeyInfo_Destroy
- * nssPKIXSubjectPublicKeyInfo_GetAlgorithm
- * nssPKIXSubjectPublicKeyInfo_SetAlgorithm
- * nssPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- * nssPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- * nssPKIXSubjectPublicKeyInfo_Equal
- * nssPKIXSubjectPublicKeyInfo_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXSubjectPublicKeyInfo_verifyPointer
- *
- */
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXSubjectPublicKeyInfo_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXSubjectPublicKeyInfo_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *subjectPublicKey
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_Destroy
-(
- NSSPKIXSubjectPublicKeyInfo *spki
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXSubjectPublicKeyInfo_Encode
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXSubjectPublicKeyInfo_GetAlgorithm
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_SetAlgorithm
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXSubjectPublicKeyInfo_GetSubjectPublicKey
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSItem *spkOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_SetSubjectPublicKey
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSItem *spk
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXSubjectPublicKeyInfo_Equal
-(
- NSSPKIXSubjectPublicKeyInfo *one,
- NSSPKIXSubjectPublicKeyInfo *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXSubjectPublicKeyInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectPublicKeyInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectPublicKeyInfo *
-nssPKIXSubjectPublicKeyInfo_Duplicate
-(
- NSSPKIXSubjectPublicKeyInfo *spki,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXSubjectPublicKeyInfo_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXSubjectPublicKeyInfo
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_PUBLIC_KEY_INFO
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectPublicKeyInfo_verifyPointer
-(
- NSSPKIXSubjectPublicKeyInfo *p
-);
-#endif /* DEBUG */
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-/* { FGMR } */
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extension ::= SEQUENCE {
- * extnID OBJECT IDENTIFIER,
- * critical BOOLEAN DEFAULT FALSE,
- * extnValue OCTET STRING }
- *
- */
-
-/* { FGMR } */
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateList ::= SEQUENCE {
- * tbsCertList TBSCertList,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- * The private calls for the type:
- *
- * nssPKIXCertificateList_Decode
- * nssPKIXCertificateList_Create
- * nssPKIXCertificateList_Encode
- * nssPKIXCertificateList_Destroy
- * nssPKIXCertificateList_GetTBSCertList
- * nssPKIXCertificateList_SetTBSCertList
- * nssPKIXCertificateList_GetSignatureAlgorithm
- * nssPKIXCertificateList_SetSignatureAlgorithm
- * nssPKIXCertificateList_GetSignature
- * nssPKIXCertificateList_SetSignature
- * nssPKIXCertificateList_Equal
- * nssPKIXCertificateList_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXCertificateList_verifyPointer
- *
- */
-
-/*
- * nssPKIXCertificateList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-nssPKIXCertificateList_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCertificateList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-nssPKIXCertificateList_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTBSCertList *tbsCertList,
- NSSPKIXAlgorithmIdentifier *sigAlg,
- NSSItem *signature
-);
-
-/*
- * nssPKIXCertificateList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_Destroy
-(
- NSSPKIXCertificateList *certList
-);
-
-/*
- * nssPKIXCertificateList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCertificateList_Encode
-(
- NSSPKIXCertificateList *certList,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_GetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXCertificateList_GetTBSCertList
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_SetTBSCertList
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_SetTBSCertList
-(
- NSSPKIXCertificateList *certList,
- NSSPKIXTBSCertList *tbsCertList
-);
-
-/*
- * nssPKIXCertificateList_GetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXCertificateList_GetSignatureAlgorithm
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_SetSignatureAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_SetSignatureAlgorithm
-(
- NSSPKIXCertificateList *certList,
- NSSPKIXAlgorithmIdentifier *sigAlg
-);
-
-/*
- * nssPKIXCertificateList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXCertificateList_GetSignature
-(
- NSSPKIXCertificateList *certList,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificateList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_SetSignature
-(
- NSSPKIXCertificateList *certList,
- NSSItem *sig
-);
-
-/*
- * nssPKIXCertificateList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCertificateList_Equal
-(
- NSSPKIXCertificateList *one,
- NSSPKIXCertificateList *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCertificateList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateList *
-nssPKIXCertificateList_Duplicate
-(
- NSSPKIXCertificateList *certList,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCertificateList_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCertificateList
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_LIST
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificateList_verifyPointer
-(
- NSSPKIXCertificateList *p
-);
-#endif /* DEBUG */
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertList ::= SEQUENCE {
- * version Version OPTIONAL,
- * -- if present, shall be v2
- * signature AlgorithmIdentifier,
- * issuer Name,
- * thisUpdate Time,
- * nextUpdate Time OPTIONAL,
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- * crlExtensions [0] Extensions OPTIONAL
- * -- if present, shall be v2 -- }
- *
- * The private calls for the type:
- *
- * nssPKIXTBSCertList_Decode
- * nssPKIXTBSCertList_Create
- * nssPKIXTBSCertList_Destroy
- * nssPKIXTBSCertList_Encode
- * nssPKIXTBSCertList_GetVersion
- * nssPKIXTBSCertList_SetVersion
- * nssPKIXTBSCertList_GetSignature
- * nssPKIXTBSCertList_SetSignature
- * nssPKIXTBSCertList_GetIssuer
- * nssPKIXTBSCertList_SetIssuer
- * nssPKIXTBSCertList_GetThisUpdate
- * nssPKIXTBSCertList_SetThisUpdate
- * nssPKIXTBSCertList_HasNextUpdate
- * nssPKIXTBSCertList_GetNextUpdate
- * nssPKIXTBSCertList_SetNextUpdate
- * nssPKIXTBSCertList_RemoveNextUpdate
- * nssPKIXTBSCertList_GetRevokedCertificates
- * nssPKIXTBSCertList_SetRevokedCertificates
- * nssPKIXTBSCertList_HasCrlExtensions
- * nssPKIXTBSCertList_GetCrlExtensions
- * nssPKIXTBSCertList_SetCrlExtensions
- * nssPKIXTBSCertList_RemoveCrlExtensions
- * nssPKIXTBSCertList_Equal
- * nssPKIXTBSCertList_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTBSCertList_verifyPointer
- *
- */
-
-/*
- * nssPKIXTBSCertList_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXTBSCertList_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTBSCertList_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_VERSION
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_PKIX_TIME
- * (something for the times being out of order?)
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXTBSCertList_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXVersion version,
- NSSPKIXAlgorithmIdentifier *signature,
- NSSPKIXName *issuer,
- NSSPKIXTime thisUpdate,
- NSSPKIXTime nextUpdateOpt,
- NSSPKIXrevokedCertificates *revokedCerts,
- NSSPKIXExtensions *crlExtensionsOpt
-);
-
-/*
- * nssPKIXTBSCertList_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_Destroy
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTBSCertList_Encode
-(
- NSSPKIXTBSCertList *certList,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_GetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid element of the NSSPKIXVersion enumeration upon success
- * NSSPKIXVersion_NSSinvalid (-1) upon failure
- */
-
-NSS_EXTERN NSSPKIXVersion
-nssPKIXTBSCertList_GetVersion
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_SetVersion
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_VERSION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetVersion
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXVersion version
-);
-
-/*
- * nssPKIXTBSCertList_GetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXTBSCertList_GetSignature
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetSignature
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetSignature
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXAlgorithmIdentifier *algid,
-);
-
-/*
- * nssPKIXTBSCertList_GetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXTBSCertList_GetIssuer
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetIssuer
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXName *issuer
-);
-
-/*
- * nssPKIXTBSCertList_GetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXTBSCertList_GetThisUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_SetThisUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_TOO_LARGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetThisUpdate
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXTime thisUpdate
-);
-
-/*
- * nssPKIXTBSCertList_HasNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertList_HasNextUpdate
-(
- NSSPKIXTBSCertList *certList,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertList_GetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid NSSPKIXTime upon success
- * {we need to rethink NSSPKIXTime}
- */
-
-NSS_EXTERN NSSPKIXTime
-nssPKIXTBSCertList_GetNextUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_SetNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_VALUE_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetNextUpdate
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXTime nextUpdate
-);
-
-/*
- * nssPKIXTBSCertList_RemoveNextUpdate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_HAS_NO_NEXT_UPDATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_RemoveNextUpdate
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon succes
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXTBSCertList_GetRevokedCertificates
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetRevokedCertificates
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXrevokedCertificates *revoked
-);
-
-/*
- * nssPKIXTBSCertList_HasCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertList_HasCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertList_GetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-nssPKIXTBSCertList_GetCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTBSCertList_SetCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_SetCrlExtensions
-(
- NSSPKIXTBSCertList *certList,
- NSSPKIXExtensions *extensions
-);
-
-/*
- * nssPKIXTBSCertList_RemoveCrlExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_HAS_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_RemoveCrlExtensions
-(
- NSSPKIXTBSCertList *certList
-);
-
-/*
- * nssPKIXTBSCertList_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTBSCertList_Equal
-(
- NSSPKIXTBSCertList *one,
- NSSPKIXTBSCertList *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTBSCertList_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTBSCertList upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTBSCertList *
-nssPKIXTBSCertList_Duplicate
-(
- NSSPKIXTBSCertList *certList,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTBSCertList_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTBSCertList
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TBS_CERT_LIST
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTBSCertList_verifyPointer
-(
- NSSPKIXTBSCertList *p
-);
-#endif /* DEBUG */
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- * The private calls for the type:
- *
- * nssPKIXrevokedCertificates_Decode
- * nssPKIXrevokedCertificates_Create
- * nssPKIXrevokedCertificates_Encode
- * nssPKIXrevokedCertificates_Destroy
- * nssPKIXrevokedCertificates_GetRevokedCertificateCount
- * nssPKIXrevokedCertificates_GetRevokedCertificates
- * nssPKIXrevokedCertificates_SetRevokedCertificates
- * nssPKIXrevokedCertificates_GetRevokedCertificate
- * nssPKIXrevokedCertificates_SetRevokedCertificate
- * nssPKIXrevokedCertificates_InsertRevokedCertificate
- * nssPKIXrevokedCertificates_AppendRevokedCertificate
- * nssPKIXrevokedCertificates_RemoveRevokedCertificate
- * nssPKIXrevokedCertificates_Equal
- * nssPKIXrevokedCertificates_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXrevokedCertificates_verifyPointer
- *
- */
-
-/*
- * nssPKIXrevokedCertificates_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXrevokedCertificates_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXrevokedCertificates_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXrevokedCertificates_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXrevokedCertificate *rc1,
- ...
-);
-
-/*
- * nssPKIXrevokedCertificates_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_Destroy
-(
- NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * nssPKIXrevokedCertificates_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXrevokedCertificates_Encode
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_GetRevokedCertificateCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXrevokedCertificates_GetRevokedCertificateCount
-(
- NSSPKIXrevokedCertificates *rcs
-);
-
-/*
- * nssPKIXrevokedCertificates_GetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXrevokedCertificate pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate **
-nssPKIXrevokedCertificates_GetRevokedCertificates
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_SetRevokedCertificates
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_SetRevokedCertificates
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rc[],
- PRInt32 countOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_GetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificates_GetRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_SetRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_SetRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_InsertRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_InsertRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_AppendRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_AppendRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_RemoveRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_RemoveRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- PRInt32 i
-);
-
-/*
- * nssPKIXrevokedCertificates_FindRevokedCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATE
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXrevokedCertificates_FindRevokedCertificate
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificates_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXrevokedCertificates_Equal
-(
- NSSPKIXrevokedCertificates *one,
- NSSPKIXrevokedCertificates *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXrevokedCertificates_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_REVOKED_CERTIFICATES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificates upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificates *
-nssPKIXrevokedCertificates_Duplicate
-(
- NSSPKIXrevokedCertificates *rcs,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXrevokedCertificates_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXrevokedCertificates
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificates_verifyPointer
-(
- NSSPKIXrevokedCertificates *p
-);
-#endif /* DEBUG */
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- * The private calls for this type:
- *
- * nssPKIXrevokedCertificate_Decode
- * nssPKIXrevokedCertificate_Create
- * nssPKIXrevokedCertificate_Encode
- * nssPKIXrevokedCertificate_Destroy
- * nssPKIXrevokedCertificate_GetUserCertificate
- * nssPKIXrevokedCertificate_SetUserCertificate
- * nssPKIXrevokedCertificate_GetRevocationDate
- * nssPKIXrevokedCertificate_SetRevocationDate
- * nssPKIXrevokedCertificate_HasCrlEntryExtensions
- * nssPKIXrevokedCertificate_GetCrlEntryExtensions
- * nssPKIXrevokedCertificate_SetCrlEntryExtensions
- * nssPKIXrevokedCertificate_RemoveCrlEntryExtensions
- * nssPKIXrevokedCertificate_Equal
- * nssPKIXrevokedCertificate_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXrevokedCertificate_verifyPointer
- *
- */
-
-
-/*
- * nssPKIXrevokedCertificate_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificate_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXrevokedCertificate_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- * NSS_ERROR_INVALID_PKIX_TIME
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificate_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertificateSerialNumber *userCertificate,
- NSSPKIXTime *revocationDate,
- NSSPKIXExtensions *crlEntryExtensionsOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_Destroy
-(
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificate_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXrevokedCertificate_Encode
-(
- NSSPKIXrevokedCertificate *rc,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_GetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-nssPKIXrevokedCertificate_GetUserCertificate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_SetUserCertificate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_SERIAL_NUMBER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_SetUserCertificate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXCertificateSerialNumber *csn
-);
-
-/*
- * nssPKIXrevokedCertificate_GetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTime *
-nssPKIXrevokedCertificate_GetRevocationDate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_SetRevocationDate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_TIME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_SetRevocationDate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXTime *revocationDate
-);
-
-/*
- * nssPKIXrevokedCertificate_HasCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXrevokedCertificate_HasCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_GetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensions upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensions *
-nssPKIXrevokedCertificate_GetCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_SetCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_SetCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc,
- NSSPKIXExtensions *crlEntryExtensions
-);
-
-/*
- * nssPKIXrevokedCertificate_RemoveCrlEntryExtensions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- * NSS_ERROR_NO_EXTENSIONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_RemoveCrlEntryExtensions
-(
- NSSPKIXrevokedCertificate *rc
-);
-
-/*
- * nssPKIXrevokedCertificate_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXrevokedCertificate_Equal
-(
- NSSPKIXrevokedCertificate *one,
- NSSPKIXrevokedCertificate *two,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXrevokedCertificate_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * A valid pointer to an NSSPKIXrevokedCertificate upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXrevokedCertificate *
-nssPKIXrevokedCertificate_Duplicate
-(
- NSSPKIXrevokedCertificate *rc,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXrevokedCertificate_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXrevokedCertificate
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REVOKED_CERTIFICATE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXrevokedCertificate_verifyPointer
-(
- NSSPKIXrevokedCertificate *p
-);
-#endif /* DEBUG */
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL }
- * -- contains a value of the type
- * -- registered for use with the
- * -- algorithm object identifier value
- *
- * The private calls for this type:
- *
- * nssPKIXAlgorithmIdentifier_Decode
- * nssPKIXAlgorithmIdentifier_Create
- * nssPKIXAlgorithmIdentifier_Encode
- * nssPKIXAlgorithmIdentifier_Destroy
- * nssPKIXAlgorithmIdentifier_GetAlgorithm
- * nssPKIXAlgorithmIdentifier_SetAlgorithm
- * nssPKIXAlgorithmIdentifier_GetParameters
- * nssPKIXAlgorithmIdentifier_SetParameters
- * nssPKIXAlgorithmIdentifier_Compare
- * nssPKIXAlgorithmIdentifier_Duplicate
- * { algorithm-specific parameter types and accessors ? }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAlgorithmIdentifier_verifyPointer
- *
- */
-
-/*
- * nssPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSOID *algorithm,
- NSSItem *parameters
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_Destroy
-(
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAlgorithmIdentifier_Encode
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXAlgorithmIdentifier_GetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_SetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSOID *algorithm
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXAlgorithmIdentifier_GetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_SetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *parameters
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAlgorithmIdentifier_Equal
-(
- NSSPKIXAlgorithmIdentifier *algid1,
- NSSPKIXAlgorithmIdentifier *algid2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Duplicate
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSArena *arenaOpt
-);
-
-/*
- * { algorithm-specific parameter types and accessors ? }
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXAlgorithmIdentifier_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAlgorithmIdentifier
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAlgorithmIdentifier_verifyPointer
-(
- NSSPKIXAlgorithmIdentifier *p
-);
-#endif /* DEBUG */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ORAddress ::= SEQUENCE {
- * built-in-standard-attributes BuiltInStandardAttributes,
- * built-in-domain-defined-attributes
- * BuiltInDomainDefinedAttributes OPTIONAL,
- * -- see also teletex-domain-defined-attributes
- * extension-attributes ExtensionAttributes OPTIONAL }
- * -- The OR-address is semantically absent from the OR-name if the
- * -- built-in-standard-attribute sequence is empty and the
- * -- built-in-domain-defined-attributes and extension-attributes are
- * -- both omitted.
- *
- * The private calls for this type:
- *
- * nssPKIXORAddress_Decode
- * nssPKIXORAddress_Create
- * nssPKIXORAddress_Destroy
- * nssPKIXORAddress_Encode
- * nssPKIXORAddress_GetBuiltInStandardAttributes
- * nssPKIXORAddress_SetBuiltInStandardAttributes
- * nssPKIXORAddress_HasBuiltInDomainDefinedAttributes
- * nssPKIXORAddress_GetBuiltInDomainDefinedAttributes
- * nssPKIXORAddress_SetBuiltInDomainDefinedAttributes
- * nssPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- * nssPKIXORAddress_HasExtensionsAttributes
- * nssPKIXORAddress_GetExtensionsAttributes
- * nssPKIXORAddress_SetExtensionsAttributes
- * nssPKIXORAddress_RemoveExtensionsAttributes
- * nssPKIXORAddress_Equal
- * nssPKIXORAddress_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXORAddress_verifyPointer
- *
- */
-
-/*
- * nssPKIXORAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXORAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXORAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSIONS_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXORAddress_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXBuiltInDomainDefinedAttributes *biddaOpt,
- NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * nssPKIXORAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_Destroy
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * nssPKIXORAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXORAddress_Encode
-(
- NSSPKIXORAddress *ora,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_GetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXORAddress_GetBuiltInStandardAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_SetBuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_SetBuiltInStandardAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXORAddress_HasBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXORAddress_HasBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXORAddress_GetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXORAddress_GetBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_SetBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_SetBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_RemoveBuiltInDomainDefinedAttributes
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * nssPKIXORAddress_HasExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXORAddress_HasExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXORAddress_GetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXORAddress_GetExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXORAddress_SetExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_SetExtensionsAttributes
-(
- NSSPKIXORAddress *ora,
- NSSPKIXExtensionAttributes *eaOpt
-);
-
-/*
- * nssPKIXORAddress_RemoveExtensionsAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_NO_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_RemoveExtensionsAttributes
-(
- NSSPKIXORAddress *ora
-);
-
-/*
- * nssPKIXORAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXORAddress_Equal
-(
- NSSPKIXORAddress *ora1,
- NSSPKIXORAddress *ora2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXORAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddres upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXORAddress_Duplicate
-(
- NSSPKIXORAddress *ora,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXORAddress_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXORAddress
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXORAddress_verifyPointer
-(
- NSSPKIXORAddress *p
-);
-#endif /* DEBUG */
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInStandardAttributes ::= SEQUENCE {
- * country-name CountryName OPTIONAL,
- * administration-domain-name AdministrationDomainName OPTIONAL,
- * network-address [0] NetworkAddress OPTIONAL,
- * -- see also extended-network-address
- * terminal-identifier [1] TerminalIdentifier OPTIONAL,
- * private-domain-name [2] PrivateDomainName OPTIONAL,
- * organization-name [3] OrganizationName OPTIONAL,
- * -- see also teletex-organization-name
- * numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
- * personal-name [5] PersonalName OPTIONAL,
- * -- see also teletex-personal-name
- * organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
- * -- see also teletex-organizational-unit-names -- }
- *
- * The private calls for this type:
- *
- * nssPKIXBuiltInStandardAttributes_Decode
- * nssPKIXBuiltInStandardAttributes_Create
- * nssPKIXBuiltInStandardAttributes_Destroy
- * nssPKIXBuiltInStandardAttributes_Encode
- * nssPKIXBuiltInStandardAttributes_HasCountryName
- * nssPKIXBuiltInStandardAttributes_GetCountryName
- * nssPKIXBuiltInStandardAttributes_SetCountryName
- * nssPKIXBuiltInStandardAttributes_RemoveCountryName
- * nssPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- * nssPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- * nssPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- * nssPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- * nssPKIXBuiltInStandardAttributes_HasNetworkAddress
- * nssPKIXBuiltInStandardAttributes_GetNetworkAddress
- * nssPKIXBuiltInStandardAttributes_SetNetworkAddress
- * nssPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- * nssPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- * nssPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- * nssPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- * nssPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- * nssPKIXBuiltInStandardAttributes_HasPrivateDomainName
- * nssPKIXBuiltInStandardAttributes_GetPrivateDomainName
- * nssPKIXBuiltInStandardAttributes_SetPrivateDomainName
- * nssPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- * nssPKIXBuiltInStandardAttributes_HasOrganizationName
- * nssPKIXBuiltInStandardAttributes_GetOrganizationName
- * nssPKIXBuiltInStandardAttributes_SetOrganizationName
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationName
- * nssPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- * nssPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- * nssPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- * nssPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- * nssPKIXBuiltInStandardAttributes_HasPersonalName
- * nssPKIXBuiltInStandardAttributes_GetPersonalName
- * nssPKIXBuiltInStandardAttributes_SetPersonalName
- * nssPKIXBuiltInStandardAttributes_RemovePersonalName
- * nssPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- * nssPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- * nssPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- * nssPKIXBuiltInStandardAttributes_Equal
- * nssPKIXBuiltInStandardAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXBuiltInStandardAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXBuiltInStandardAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXBuiltInStandardAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXBuiltInStandardAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCountryName *countryNameOpt,
- NSSPKIXAdministrationDomainName *administrationDomainNameOpt,
- NSSPKIXNetworkAddress *networkAddressOpt,
- NSSPKIXTerminalIdentifier *terminalIdentifierOpt,
- NSSPKIXPrivateDomainName *privateDomainNameOpt,
- NSSPKIXOrganizationName *organizationNameOpt,
- NSSPKIXNumericUserIdentifier *numericUserIdentifierOpt,
- NSSPKIXPersonalName *personalNameOpt,
- NSSPKIXOrganizationalUnitNames *organizationalUnitNamesOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_Destroy
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBuiltInStandardAttributes_Encode
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-nssPKIXBuiltInStandardAttributes_GetCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXCountryName *countryName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveCountryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_COUNTRY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveCountryName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-nssPKIXBuiltInStandardAttributes_GetAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXAdministrationDomainName *administrationDomainName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ADMINISTRATION_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveAdministrationDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-nssPKIXBuiltInStandardAttributes_GetNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXNetworkAddress *networkAddress
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveNetworkAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveNetworkAddress
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-nssPKIXBuiltInStandardAttributes_GetTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXTerminalIdentifier *terminalIdentifier
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_TERMINAL_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveTerminalIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-nssPKIXBuiltInStandardAttributes_GetPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetPrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetPrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXPrivateDomainName *privateDomainName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemovePrivateDomainName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_PRIVATE_DOMAIN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemovePrivateDomainName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-nssPKIXBuiltInStandardAttributes_GetOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXOrganizationName *organizationName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ORGANIZATION_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveOrganizationName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-nssPKIXBuiltInStandardAttributes_GetNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXNumericUserIdentifier *numericUserIdentifier
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_NUMERIC_USER_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveNumericUserIdentifier
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXBuiltInStandardAttributes_GetPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetPersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetPersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemovePersonalName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemovePersonalName
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_HasOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXBuiltInStandardAttributes_GetOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_SetOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSPKIXOrganizationalUnitNames *organizationalUnitNames
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_RemoveOrganizationLUnitNames
-(
- NSSPKIXBuiltInStandardAttributes *bisa
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInStandardAttributes_Equal
-(
- NSSPKIXBuiltInStandardAttributes *bisa1,
- NSSPKIXBuiltInStandardAttributes *bisa2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInStandardAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInStandardAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInStandardAttributes *
-nssPKIXBuiltInStandardAttributes_Duplicate
-(
- NSSPKIXBuiltInStandardAttributes *bisa,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBuiltInStandardAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBuiltInStandardAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_STANDARD_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInStandardAttributes_verifyPointer
-(
- NSSPKIXBuiltInStandardAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * CountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CountryName ::= [APPLICATION 1] CHOICE {
- * x121-dcc-code NumericString
- * (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXCountryName_Decode
- * nssPKIXCountryName_CreateFromUTF8
- * nssPKIXCountryName_Encode
- *
- */
-
-/*
- * nssPKIXCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-nssPKIXCountryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCountryName *
-nssPKIXCountryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_COUNTRY_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCountryName_Encode
-(
- NSSPKIXCountryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * AdministrationDomainName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AdministrationDomainName ::= [APPLICATION 2] CHOICE {
- * numeric NumericString (SIZE (0..ub-domain-name-length)),
- * printable PrintableString (SIZE (0..ub-domain-name-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXAdministrationDomainName_Decode
- * nssPKIXAdministrationDomainName_CreateFromUTF8
- * nssPKIXAdministrationDomainName_Encode
- *
- */
-
-/*
- * nssPKIXAdministrationDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-nssPKIXAdministrationDomainName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAdministrationDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAdministrationDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAdministrationDomainName *
-nssPKIXAdministrationDomainName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXAdministrationDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ADMINISTRATION_DOMAIN_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAdministrationDomainName_Encode
-(
- NSSPKIXAdministrationDomainName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * X121Address
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
- *
- * The private calls for this type:
- *
- * nssPKIXX121Address_Decode
- * nssPKIXX121Address_CreateFromUTF8
- * nssPKIXX121Address_Encode
- *
- */
-
-/*
- * nssPKIXX121Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX121Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-nssPKIXX121Address_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXX121Address_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX121Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXX121Address *
-nssPKIXX121Address_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXX121Address_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X121_ADDRESS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXX121Address_Encode
-(
- NSSPKIXX121Address *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NetworkAddress ::= X121Address -- see also extended-network-address
- *
- * The private calls for this type:
- *
- * nssPKIXNetworkAddress_Decode
- * nssPKIXNetworkAddress_CreateFromUTF8
- * nssPKIXNetworkAddress_Encode
- *
- */
-
-/*
- * nssPKIXNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-nssPKIXNetworkAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXNetworkAddress_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNetworkAddress *
-nssPKIXNetworkAddress_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXNetworkAddress_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNetworkAddress_Encode
-(
- NSSPKIXNetworkAddress *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TerminalIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
- *
- * The private calls for this type:
- *
- * nssPKIXTerminalIdentifier_Decode
- * nssPKIXTerminalIdentifier_CreateFromUTF8
- * nssPKIXTerminalIdentifier_Encode
- *
- */
-
-/*
- * nssPKIXTerminalIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-nssPKIXTerminalIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTerminalIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTerminalIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTerminalIdentifier *
-nssPKIXTerminalIdentifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTerminalIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TERMINAL_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTerminalIdentifier_Encode
-(
- NSSPKIXTerminalIdentifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PrivateDomainName
- *
- * -- fgmr comments --
- *
- * PrivateDomainName ::= CHOICE {
- * numeric NumericString (SIZE (1..ub-domain-name-length)),
- * printable PrintableString (SIZE (1..ub-domain-name-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXPrivateDomainName_Decode
- * nssPKIXPrivateDomainName_CreateFromUTF8
- * nssPKIXPrivateDomainName_Encode
- *
- */
-
-/*
- * nssPKIXPrivateDomainName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-nssPKIXPrivateDomainName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPrivateDomainName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateDomainName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateDomainName *
-nssPKIXPrivateDomainName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPrivateDomainName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_DOMAIN_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPrivateDomainName_Encode
-(
- NSSPKIXPrivateDomainName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * OrganizationName
- *
- * -- fgmr comments --
- *
- * OrganizationName ::= PrintableString
- * (SIZE (1..ub-organization-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXOrganizationName_Decode
- * nssPKIXOrganizationName_CreateFromUTF8
- * nssPKIXOrganizationName_Encode
- *
- */
-
-/*
- * nssPKIXOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-nssPKIXOrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationName *
-nssPKIXOrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATION_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXOrganizationName_Encode
-(
- NSSPKIXOrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * NumericUserIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NumericUserIdentifier ::= NumericString
- * (SIZE (1..ub-numeric-user-id-length))
- *
- * The private calls for this type:
- *
- * nssPKIXNumericUserIdentifier_Decode
- * nssPKIXNumericUserIdentifier_CreateFromUTF8
- * nssPKIXNumericUserIdentifier_Encode
- *
- */
-
-/*
- * nssPKIXNumericUserIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-nssPKIXNumericUserIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXNumericUserIdentifier_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_UTF8
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNumericUserIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNumericUserIdentifier *
-nssPKIXNumericUserIdentifier_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXNumericUserIdentifier_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NUMERIC_USER_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNumericUserIdentifier_Encode
-(
- NSSPKIXNumericUserIdentifier *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PersonalName ::= SET {
- * surname [0] PrintableString (SIZE (1..ub-surname-length)),
- * given-name [1] PrintableString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] PrintableString
- * (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXPersonalName_Decode
- * nssPKIXPersonalName_Create
- * nssPKIXPersonalName_Destroy
- * nssPKIXPersonalName_Encode
- * nssPKIXPersonalName_GetSurname
- * nssPKIXPersonalName_SetSurname
- * nssPKIXPersonalName_HasGivenName
- * nssPKIXPersonalName_GetGivenName
- * nssPKIXPersonalName_SetGivenName
- * nssPKIXPersonalName_RemoveGivenName
- * nssPKIXPersonalName_HasInitials
- * nssPKIXPersonalName_GetInitials
- * nssPKIXPersonalName_SetInitials
- * nssPKIXPersonalName_RemoveInitials
- * nssPKIXPersonalName_HasGenerationQualifier
- * nssPKIXPersonalName_GetGenerationQualifier
- * nssPKIXPersonalName_SetGenerationQualifier
- * nssPKIXPersonalName_RemoveGenerationQualifier
- * nssPKIXPersonalName_Equal
- * nssPKIXPersonalName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPersonalName_verifyPointer
- *
- */
-
-/*
- * nssPKIXPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXPersonalName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXPersonalName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *surname,
- NSSUTF8 *givenNameOpt,
- NSSUTF8 *initialsOpt,
- NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * nssPKIXPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_Destroy
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPersonalName_Encode
-(
- NSSPKIXPersonalName *personalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetSurname
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetSurname
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *surname
-);
-
-/*
- * nssPKIXPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_HasGivenName
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetGivenName
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetGivenName
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *givenName
-);
-
-/*
- * nssPKIXPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_HAS_NO_GIVEN_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_RemoveGivenName
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_HasInitials
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetInitials
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetInitials
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *initials
-);
-
-/*
- * nssPKIXPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_RemoveInitials
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_HasGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPersonalName_GetGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_SetGenerationQualifier
-(
- NSSPKIXPersonalName *personalName,
- NSSUTF8 *generationQualifier
-);
-
-/*
- * nssPKIXPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_RemoveGenerationQualifier
-(
- NSSPKIXPersonalName *personalName
-);
-
-/*
- * nssPKIXPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPersonalName_Equal
-(
- NSSPKIXPersonalName *personalName1,
- NSSPKIXPersonalName *personalName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPersonalName *
-nssPKIXPersonalName_Duplicate
-(
- NSSPKIXPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPersonalName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPersonalName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPersonalName_verifyPointer
-(
- NSSPKIXPersonalName *p
-);
-#endif /* DEBUG */
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- * OF OrganizationalUnitName
- *
- * The private calls for the type:
- *
- * nssPKIXOrganizationalUnitNames_Decode
- * nssPKIXOrganizationalUnitNames_Create
- * nssPKIXOrganizationalUnitNames_Destroy
- * nssPKIXOrganizationalUnitNames_Encode
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- * nssPKIXOrganizationalUnitNames_Equal
- * nssPKIXOrganizationalUnitNames_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXOrganizationalUnitNames_verifyPointer
- *
- */
-
-/*
- * nssPKIXOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXOrganizationalUnitNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXOrganizationalUnitNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXOrganizationalUnitName *ou1,
- ...
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_Destroy
-(
- NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXOrganizationalUnitNames_Encode
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNameCount
-(
- NSSPKIXOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXOrganizationalUnitName
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName **
-nssPKIXOrganizationalUnitNames_GetOrganizationalUnitNames
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_SetOrganizationalUnitNames
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou[],
- PRInt32 count
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_GetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-nssPKIXOrganizationalUnitNames_GetOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_SetOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_SetOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_InsertOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_AppendOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_RemoveOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- PRInt32 i
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_FindOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRIntn
-nssPKIXOrganizationalUnitNames_FindOrganizationalUnitName
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSPKIXOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXOrganizationalUnitNames_Equal
-(
- NSSPKIXOrganizationalUnitNames *ous1,
- NSSPKIXOrganizationalUnitNames *ous2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitNames *
-nssPKIXOrganizationalUnitNames_Duplicate
-(
- NSSPKIXOrganizationalUnitNames *ous,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXOrganizationalUnitNames_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXOrganizationalUnitNames
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXOrganizationalUnitNames_verifyPointer
-(
- NSSPKIXOrganizationalUnitNames *p
-);
-#endif /* DEBUG */
-
-/*
- * OrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitName ::= PrintableString (SIZE
- * (1..ub-organizational-unit-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXOrganizationalUnitName_Decode
- * nssPKIXOrganizationalUnitName_CreateFromUTF8
- * nssPKIXOrganizationalUnitName_Encode
- *
- */
-
-/*
- * nssPKIXOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-nssPKIXOrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXOrganizationalUnitName *
-nssPKIXOrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXOrganizationalUnitName_Encode
-(
- NSSPKIXOrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF
- * BuiltInDomainDefinedAttribute
- *
- * The private calls for this type:
- *
- * nssPKIXBuiltInDomainDefinedAttributes_Decode
- * nssPKIXBuiltInDomainDefinedAttributes_Create
- * nssPKIXBuiltInDomainDefinedAttributes_Destroy
- * nssPKIXBuiltInDomainDefinedAttributes_Encode
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- * nssPKIXBuiltInDomainDefinedAttributes_Equal
- * nssPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXBuiltInDomainDefinedAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXBuiltInDomainDefinedAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXBuiltInDomainDefinedAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
- ...
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_Destroy
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBuiltInDomainDefinedAttributes_Encode
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributeCount
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXBuiltInDomainDefinedAttribute
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute **
-nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttributes
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribut *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttributes
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribut *bidda[],
- PRInt32 count
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttributes_GetBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_SetBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_InsertBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_AppendBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_RemoveBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- PRInt32 i
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBuiltInDomainDefinedAttributes_FindBuiltIndomainDefinedAttribute
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInDomainDefinedAttributes_Equal
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas1,
- NSSPKIXBuiltInDomainDefinedAttributes *biddas2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttributes *
-nssPKIXBuiltInDomainDefinedAttributes_Duplicate
-(
- NSSPKIXBuiltInDomainDefinedAttributes *biddas,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBuiltInDomainDefinedAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBuiltInDomainDefinedAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttributes_verifyPointer
-(
- NSSPKIXBuiltInDomainDefinedAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttribute ::= SEQUENCE {
- * type PrintableString (SIZE
- * (1..ub-domain-defined-attribute-type-length)),
- * value PrintableString (SIZE
- * (1..ub-domain-defined-attribute-value-length))}
- *
- * The private calls for this type:
- *
- * nssPKIXBuiltInDomainDefinedAttribute_Decode
- * nssPKIXBuiltInDomainDefinedAttribute_Create
- * nssPKIXBuiltInDomainDefinedAttribute_Destroy
- * nssPKIXBuiltInDomainDefinedAttribute_Encode
- * nssPKIXBuiltInDomainDefinedAttribute_GetType
- * nssPKIXBuiltInDomainDefinedAttribute_SetType
- * nssPKIXBuiltInDomainDefinedAttribute_GetValue
- * nssPKIXBuiltInDomainDefinedAttribute_SetValue
- * nssPKIXBuiltInDomainDefinedAttribute_Equal
- * nssPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXBuiltInDomainDefinedAttribute_verifyPointer
- *
- */
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *type,
- NSSUTF8 *value
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_Destroy
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBuiltInDomainDefinedAttribute_Encode
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXBuiltInDomainDefinedAttribute_GetType
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_SetType
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSUTF8 *type
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXBuiltInDomainDefinedAttribute_GetValue
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_SetValue
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSUTF8 *value
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBuiltInDomainDefinedAttribute_Equal
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda1,
- NSSPKIXBuiltInDomainDefinedAttribute *bidda2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBuiltInDomainDefinedAttribute *
-nssPKIXBuiltInDomainDefinedAttribute_Duplicate
-(
- NSSPKIXBuiltInDomainDefinedAttribute *bidda,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBuiltInDomainDefinedAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBuiltInDomainDefinedAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BUILT_IN_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBuiltInDomainDefinedAttribute_verifyPointer
-(
- NSSPKIXBuiltInDomainDefinedAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- * ExtensionAttribute
- *
- * The private calls for this type:
- *
- * nssPKIXExtensionAttributes_Decode
- * nssPKIXExtensionAttributes_Create
- * nssPKIXExtensionAttributes_Destroy
- * nssPKIXExtensionAttributes_Encode
- * nssPKIXExtensionAttributes_GetExtensionAttributeCount
- * nssPKIXExtensionAttributes_GetExtensionAttributes
- * nssPKIXExtensionAttributes_SetExtensionAttributes
- * nssPKIXExtensionAttributes_GetExtensionAttribute
- * nssPKIXExtensionAttributes_SetExtensionAttribute
- * nssPKIXExtensionAttributes_InsertExtensionAttribute
- * nssPKIXExtensionAttributes_AppendExtensionAttribute
- * nssPKIXExtensionAttributes_RemoveExtensionAttribute
- * nssPKIXExtensionAttributes_FindExtensionAttribute
- * nssPKIXExtensionAttributes_Equal
- * nssPKIXExtensionAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXExtensionAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtensionAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXExtensionAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXExtensionAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXExtensionAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtensionAttribute ea1,
- ...
-);
-
-/*
- * nssPKIXExtensionAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_Destroy
-(
- NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * nssPKIXExtensionAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtensionAttributes_Encode
-(
- NSSPKIXExtensionAttributes *eas
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_GetExtensionAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtensionAttributes_GetExtensionAttributeCount
-(
- NSSPKIXExtensionAttributes *eas
-);
-
-/*
- * nssPKIXExtensionAttributes_GetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXExtensionAttribute pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute **
-nssPKIXExtensionAttributes_GetExtensionAttributes
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_SetExtensionAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_SetExtensionAttributes
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea[],
- PRInt32 count
-);
-
-/*
- * nssPKIXExtensionAttributes_GetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttributes_GetExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_SetExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_SetExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_InsertExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_InsertExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_AppendExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_AppendExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_RemoveExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_RemoveExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- PRInt32 i,
-);
-
-/*
- * nssPKIXExtensionAttributes_FindExtensionAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtensionAttributes_FindExtensionAttribute
-(
- NSSPKIXExtensionAttributes *eas,
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtensionAttributes_Equal
-(
- NSSPKIXExtensionAttributes *eas1,
- NSSPKIXExtensionAttributes *eas2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtensionAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttributes upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributes *
-nssPKIXExtensionAttributes_Duplicate
-(
- NSSPKIXExtensionAttributes *eas,
- NSSArena *arenaOpt
-);
-
-/*
- * fgmr
- * There should be accessors to search the ExtensionAttributes and
- * return the value for a specific value, etc.
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXExtensionAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtensionAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttributes_verifyPointer
-(
- NSSPKIXExtensionAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttribute ::= SEQUENCE {
- * extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- * extension-attribute-value [1]
- * ANY DEFINED BY extension-attribute-type }
- *
- * The private calls for this type:
- *
- * nssPKIXExtensionAttribute_Decode
- * nssPKIXExtensionAttribute_Create
- * nssPKIXExtensionAttribute_Destroy
- * nssPKIXExtensionAttribute_Encode
- * nssPKIXExtensionAttribute_GetExtensionsAttributeType
- * nssPKIXExtensionAttribute_SetExtensionsAttributeType
- * nssPKIXExtensionAttribute_GetExtensionsAttributeValue
- * nssPKIXExtensionAttribute_SetExtensionsAttributeValue
- * nssPKIXExtensionAttribute_Equal
- * nssPKIXExtensionAttribute_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXExtensionAttribute_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtensionAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXExtensionAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE_TYPE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtensionAttributeType type,
- NSSItem *value
-);
-
-/*
- * nssPKIXExtensionAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_Destroy
-(
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtensionAttribute_Encode
-(
- NSSPKIXExtensionAttribute *ea,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttribute_GetExtensionsAttributeType
- *
- * -- fgmr comments --
- * {One of these objects created from BER generated by a program
- * adhering to a later version of the PKIX standards might have
- * a value not mentioned in the enumeration definition. This isn't
- * a bug.}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * A member of the NSSPKIXExtensionAttributeType enumeration
- * upon success
- * NSSPKIXExtensionAttributeType_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttributeType
-nssPKIXExtensionAttribute_GetExtensionsAttributeType
-(
- NSSPKIXExtensionAttribute *ea
-);
-
-/*
- * nssPKIXExtensionAttribute_SetExtensionsAttributeType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_SetExtensionsAttributeType
-(
- NSSPKIXExtensionAttribute *ea,
- NSSPKIXExtensionAttributeType type
-);
-
-/*
- * nssPKIXExtensionAttribute_GetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXExtensionAttribute_GetExtensionsAttributeValue
-(
- NSSPKIXExtensionAttribute *ea,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtensionAttribute_SetExtensionsAttributeValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_SetExtensionsAttributeValue
-(
- NSSPKIXExtensionAttribute *ea,
- NSSItem *value
-);
-
-/*
- * nssPKIXExtensionAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtensionAttribute_Equal
-(
- NSSPKIXExtensionAttribute *ea1,
- NSSPKIXExtensionAttribute *ea2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtensionAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtensionAttribute upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtensionAttribute *
-nssPKIXExtensionAttribute_Duplicate
-(
- NSSPKIXExtensionAttribute *ea,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXExtensionAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtensionAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENSION_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtensionAttribute_verifyPointer
-(
- NSSPKIXExtensionAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * CommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXCommonName_Decode
- * nssPKIXCommonName_CreateFromUTF8
- * nssPKIXCommonName_Encode
- *
- */
-
-/*
- * nssPKIXCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-nssPKIXCommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCommonName *
-nssPKIXCommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCommonName_Encode
-(
- NSSPKIXCommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexCommonName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXTeletexCommonName_Decode
- * nssPKIXTeletexCommonName_CreateFromUTF8
- * nssPKIXTeletexCommonName_Encode
- *
- */
-
-/*
- * nssPKIXTeletexCommonName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-nssPKIXTeletexCommonName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexCommonName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexCommonName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexCommonName *
-nssPKIXTeletexCommonName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexCommonName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_COMMON_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexCommonName_Encode
-(
- NSSPKIXTeletexCommonName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexOrganizationName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationName ::=
- * TeletexString (SIZE (1..ub-organization-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXTeletexOrganizationName_Decode
- * nssPKIXTeletexOrganizationName_CreateFromUTF8
- * nssPKIXTeletexOrganizationName_Encode
- *
- */
-
-/*
- * nssPKIXTeletexOrganizationName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-nssPKIXTeletexOrganizationName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexOrganizationName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationName *
-nssPKIXTeletexOrganizationName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexOrganizationName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATION_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexOrganizationName_Encode
-(
- NSSPKIXTeletexOrganizationName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexPersonalName ::= SET {
- * surname [0] TeletexString (SIZE (1..ub-surname-length)),
- * given-name [1] TeletexString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] TeletexString (SIZE
- * (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXTeletexPersonalName_Decode
- * nssPKIXTeletexPersonalName_Create
- * nssPKIXTeletexPersonalName_Destroy
- * nssPKIXTeletexPersonalName_Encode
- * nssPKIXTeletexPersonalName_GetSurname
- * nssPKIXTeletexPersonalName_SetSurname
- * nssPKIXTeletexPersonalName_HasGivenName
- * nssPKIXTeletexPersonalName_GetGivenName
- * nssPKIXTeletexPersonalName_SetGivenName
- * nssPKIXTeletexPersonalName_RemoveGivenName
- * nssPKIXTeletexPersonalName_HasInitials
- * nssPKIXTeletexPersonalName_GetInitials
- * nssPKIXTeletexPersonalName_SetInitials
- * nssPKIXTeletexPersonalName_RemoveInitials
- * nssPKIXTeletexPersonalName_HasGenerationQualifier
- * nssPKIXTeletexPersonalName_GetGenerationQualifier
- * nssPKIXTeletexPersonalName_SetGenerationQualifier
- * nssPKIXTeletexPersonalName_RemoveGenerationQualifier
- * nssPKIXTeletexPersonalName_Equal
- * nssPKIXTeletexPersonalName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTeletexPersonalName_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexPersonalName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-nssPKIXTeletexPersonalName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexPersonalName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-nssPKIXTeletexPersonalName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *surname,
- NSSUTF8 *givenNameOpt,
- NSSUTF8 *initialsOpt,
- NSSUTF8 *generationQualifierOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_Destroy
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexPersonalName_Encode
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetSurname
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetSurname
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetSurname
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *surname
-);
-
-/*
- * nssPKIXTeletexPersonalName_HasGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_HasGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetGivenName
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *givenName
-);
-
-/*
- * nssPKIXTeletexPersonalName_RemoveGivenName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_RemoveGivenName
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_HasInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_HasInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetInitials
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *initials
-);
-
-/*
- * nssPKIXTeletexPersonalName_RemoveInitials
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_RemoveInitials
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_HasGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_HasGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_GetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexPersonalName_GetGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_SetGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_SetGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSUTF8 *generationQualifier
-);
-
-/*
- * nssPKIXTeletexPersonalName_RemoveGenerationQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_RemoveGenerationQualifier
-(
- NSSPKIXTeletexPersonalName *personalName
-);
-
-/*
- * nssPKIXTeletexPersonalName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexPersonalName_Equal
-(
- NSSPKIXTeletexPersonalName *personalName1,
- NSSPKIXTeletexPersonalName *personalName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexPersonalName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexPersonalName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexPersonalName *
-nssPKIXTeletexPersonalName_Duplicate
-(
- NSSPKIXTeletexPersonalName *personalName,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexPersonalName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexPersonalName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_PERSONAL_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexPersonalName_verifyPointer
-(
- NSSPKIXTeletexPersonalName *p
-);
-#endif /* DEBUG */
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- * (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- * The private calls for the type:
- *
- * nssPKIXTeletexOrganizationalUnitNames_Decode
- * nssPKIXTeletexOrganizationalUnitNames_Create
- * nssPKIXTeletexOrganizationalUnitNames_Destroy
- * nssPKIXTeletexOrganizationalUnitNames_Encode
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- * nssPKIXTeletexOrganizationalUnitNames_Equal
- * nssPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTeletexOrganizationalUnitNames_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-nssPKIXTeletexOrganizationalUnitNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-nssPKIXTeletexOrganizationalUnitNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTeletexOrganizationalUnitName *ou1,
- ...
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_Destroy
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexOrganizationalUnitNames_Encode
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNameCount
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXTeletexOrganizationalUnitName
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName **
-nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitNames
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitNames
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou[],
- PRInt32 count
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-nssPKIXTeletexOrganizationalUnitNames_GetTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_SetTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_InsertTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_AppendTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_RemoveTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- PRInt32 i
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * The index of the specified revoked certificate upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexOrganizationalUnitNames_FindTeletexOrganizationalUnitName
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSPKIXTeletexOrganizationalUnitName *ou
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexOrganizationalUnitNames_Equal
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous1,
- NSSPKIXTeletexOrganizationalUnitNames *ous2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitNames *
-nssPKIXTeletexOrganizationalUnitNames_Duplicate
-(
- NSSPKIXTeletexOrganizationalUnitNames *ous,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexOrganizationalUnitNames_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexOrganizationalUnitNames
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexOrganizationalUnitNames_verifyPointer
-(
- NSSPKIXTeletexOrganizationalUnitNames *p
-);
-#endif /* DEBUG */
-
-/*
- * TeletexOrganizationalUnitName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitName ::= TeletexString
- * (SIZE (1..ub-organizational-unit-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXTeletexOrganizationalUnitName_Decode
- * nssPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- * nssPKIXTeletexOrganizationalUnitName_Encode
- *
- */
-
-/*
- * nssPKIXTeletexOrganizationalUnitName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-nssPKIXTeletexOrganizationalUnitName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexOrganizationalUnitName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexOrganizationalUnitName *
-nssPKIXTeletexOrganizationalUnitName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexOrganizationalUnitName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_ORGANIZATIONAL_UNIT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexOrganizationalUnitName_Encode
-(
- NSSPKIXTeletexOrganizationalUnitName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PDSName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
- *
- * The private calls for this type:
- *
- * nssPKIXPDSName_Decode
- * nssPKIXPDSName_CreateFromUTF8
- * nssPKIXPDSName_Encode
- *
- */
-
-/*
- * nssPKIXPDSName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-nssPKIXPDSName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPDSName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSName *
-nssPKIXPDSName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPDSName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPDSName_Encode
-(
- NSSPKIXPDSName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PhysicalDeliveryCountryName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PhysicalDeliveryCountryName ::= CHOICE {
- * x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
- * iso-3166-alpha2-code PrintableString
- * (SIZE (ub-country-name-alpha-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXPhysicalDeliveryCountryName_Decode
- * nssPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- * nssPKIXPhysicalDeliveryCountryName_Encode
- *
- */
-
-/*
- * nssPKIXPhysicalDeliveryCountryName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-nssPKIXPhysicalDeliveryCountryName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPhysicalDeliveryCountryName_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPhysicalDeliveryCountryName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPhysicalDeliveryCountryName *
-nssPKIXPhysicalDeliveryCountryName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPhysicalDeliveryCountryName_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PHYSICAL_DELIVERY_COUNTRY_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPhysicalDeliveryCountryName_Encode
-(
- NSSPKIXPhysicalDeliveryCountryName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PostalCode
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PostalCode ::= CHOICE {
- * numeric-code NumericString (SIZE (1..ub-postal-code-length)),
- * printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
- *
- * The private calls for this type:
- *
- * nssPKIXPostalCode_Decode
- * nssPKIXPostalCode_CreateFromUTF8
- * nssPKIXPostalCode_Encode
- *
- */
-
-/*
- * nssPKIXPostalCode_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPostalCode upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-nssPKIXPostalCode_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPostalCode_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPostalCode upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPostalCode *
-nssPKIXPostalCode_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPostalCode_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POSTAL_CODE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPostalCode_Encode
-(
- NSSPKIXPostalCode *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSParameter ::= SET {
- * printable-string PrintableString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXPDSParameter_Decode
- * nssPKIXPDSParameter_CreateFromUTF8
- * nssPKIXPDSParameter_Create
- * nssPKIXPDSParameter_Delete
- * nssPKIXPDSParameter_Encode
- * nssPKIXPDSParameter_GetUTF8Encoding
- * nssPKIXPDSParameter_HasPrintableString
- * nssPKIXPDSParameter_GetPrintableString
- * nssPKIXPDSParameter_SetPrintableString
- * nssPKIXPDSParameter_RemovePrintableString
- * nssPKIXPDSParameter_HasTeletexString
- * nssPKIXPDSParameter_GetTeletexString
- * nssPKIXPDSParameter_SetTeletexString
- * nssPKIXPDSParameter_RemoveTeletexString
- * nssPKIXPDSParameter_Equal
- * nssPKIXPDSParameter_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPDSParameter_verifyPointer
- */
-
-/*
- * nssPKIXPDSParameter_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPDSParameter_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXPDSParameter_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *printableStringOpt,
- NSSUTF8 *teletexStringOpt
-);
-
-/*
- * nssPKIXPDSParameter_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_Destroy
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * nssPKIXPDSParameter_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPDSParameter_Encode
-(
- NSSPKIXPDSParameter *p,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPDSParameter_GetUTF8Encoding
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_HasPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPDSParameter_HasPrintableString
-(
- NSSPKIXPDSParameter *p,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPDSParameter_GetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPDSParameter_GetPrintableString
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_SetPrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_SetPrintableString
-(
- NSSPKIXPDSParameter *p,
- NSSUTF8 *printableString
-);
-
-/*
- * nssPKIXPDSParameter_RemovePrintableString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_RemovePrintableString
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * nssPKIXPDSParameter_HasTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPDSParameter_HasTeletexString
-(
- NSSPKIXPDSParameter *p,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPDSParameter_GetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXPDSParameter_GetTeletexString
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPDSParameter_SetTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_SetTeletexString
-(
- NSSPKIXPDSParameter *p,
- NSSUTF8 *teletexString
-);
-
-/*
- * nssPKIXPDSParameter_RemoveTeletexString
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_RemoveTeletexString
-(
- NSSPKIXPDSParameter *p
-);
-
-/*
- * nssPKIXPDSParameter_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPDSParameter_Equal
-(
- NSSPKIXPDSParameter *p1,
- NSSPKIXPDSParameter *p2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPDSParameter_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPDSParameter upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPDSParameter *
-nssPKIXPDSParameter_Duplicate
-(
- NSSPKIXPDSParameter *p,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPDSParameter_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPDSParameter
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PDS_PARAMETER
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPDSParameter_verifyPointer
-(
- NSSPKIXPDSParameter *p
-);
-#endif /* DEBUG */
-
-/*
- * fgmr: what about these PDS types?
- *
- * PhysicalDeliveryOfficeName
- *
- * PhysicalDeliveryOfficeNumber
- *
- * ExtensionORAddressComponents
- *
- * PhysicalDeliveryPersonalName
- *
- * PhysicalDeliveryOrganizationName
- *
- * ExtensionPhysicalDeliveryAddressComponents
- *
- * StreetAddress
- *
- * PostOfficeBoxAddress
- *
- * PosteRestanteAddress
- *
- * UniquePostalName
- *
- * LocalPostalAttributes
- *
- */
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UnformattedPostalAddress ::= SET {
- * printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- * PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- * The private calls for the type:
- *
- *
- */
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtendedNetworkAddress ::= CHOICE {
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * psap-address [0] PresentationAddress }
- *
- * The private calls for the type:
- *
- * nssPKIXExtendedNetworkAddress_Decode
- * nssPKIXExtendedNetworkAddress_Create
- * nssPKIXExtendedNetworkAddress_Encode
- * nssPKIXExtendedNetworkAddress_Destroy
- * nssPKIXExtendedNetworkAddress_GetChoice
- * nssPKIXExtendedNetworkAddress_Get
- * nssPKIXExtendedNetworkAddress_GetE1634Address
- * nssPKIXExtendedNetworkAddress_GetPsapAddress
- * nssPKIXExtendedNetworkAddress_Set
- * nssPKIXExtendedNetworkAddress_SetE163Address
- * nssPKIXExtendedNetworkAddress_SetPsapAddress
- * nssPKIXExtendedNetworkAddress_Equal
- * nssPKIXExtendedNetworkAddress_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXExtendedNetworkAddress_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtendedNetworkAddress_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXExtendedNetworkAddressChoice choice,
- void *address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_CreateFromE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_CreateFromE1634Address
-(
- NSSArena *arenaOpt,
- NSSPKIXe1634Address *e1634address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_CreateFromPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_CreateFromPresentationAddress
-(
- NSSArena *arenaOpt,
- NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_Destroy
-(
- NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtendedNetworkAddress_Encode
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * A valid element of the NSSPKIXExtendedNetworkAddressChoice upon
- * success
- * The value nssPKIXExtendedNetworkAddress_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddressChoice
-nssPKIXExtendedNetworkAddress_GetChoice
-(
- NSSPKIXExtendedNetworkAddress *ena
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer...
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-nssPKIXExtendedNetworkAddress_GetSpecifiedChoice
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXExtendedNetworkAddressChoice which,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetE1634Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1643Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1643Address *
-nssPKIXExtendedNetworkAddress_GetE1634Address
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_GetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer to an NSSPKIXPresentationAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPresentationAddress *
-nssPKIXExtendedNetworkAddress_GetPresentationAddress
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_SetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_SetSpecifiedChoice
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXExtendedNetworkAddressChoice which,
- void *address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_SetE163Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_SetE163Address
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXe1634Address *e1634address
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_SetPresentationAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_PRESENTATION_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_SetPresentationAddress
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSPKIXPresentationAddress *presentationAddress
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtendedNetworkAddress_Equal
-(
- NSSPKIXExtendedNetworkAddress *ena1,
- NSSPKIXExtendedNetworkAddress *ena2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtendedNetworkAddress_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtendedNetworkAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtendedNetworkAddress *
-nssPKIXExtendedNetworkAddress_Duplicate
-(
- NSSPKIXExtendedNetworkAddress *ena,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXExtendedNetworkAddress_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtendedNetworkAddress
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXTENDED_NETWORK_ADDRESS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtendedNetworkAddress_verifyPointer
-(
- NSSPKIXExtendedNetworkAddress *p
-);
-#endif /* DEBUG */
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *
- * The private calls for the type:
- *
- * nssPKIXe1634Address_Decode
- * nssPKIXe1634Address_Create
- * nssPKIXe1634Address_Destroy
- * nssPKIXe1634Address_Encode
- * nssPKIXe1634Address_GetNumber
- * nssPKIXe1634Address_SetNumber
- * nssPKIXe1634Address_HasSubAddress
- * nssPKIXe1634Address_GetSubAddress
- * nssPKIXe1634Address_SetSubAddress
- * nssPKIXe1634Address_RemoveSubAddress
- * nssPKIXe1634Address_Equal
- * nssPKIXe1634Address_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXe1634Address_verifyPointer
- *
- */
-
-/*
- * nssPKIXe1634Address_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-nssPKIXe1634Address_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXe1634Address_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-nssPKIXe1634Address_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *number,
- NSSUTF8 *subAddressOpt
-);
-
-/*
- * nssPKIXe1634Address_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_Destroy
-(
- NSSPKIXe1634Address *e
-);
-
-/*
- * nssPKIXe1634Address_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXe1634Address_Encode
-(
- NSSPKIXe1634Address *e,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXe1634Address_GetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXe1634Address_GetNumber
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXe1634Address_SetNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_SetNumber
-(
- NSSPKIXe1634Address *e,
- NSSUTF8 *number
-);
-
-/*
- * nssPKIXe1634Address_HasSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXe1634Address_HasSubAddress
-(
- NSSPKIXe1634Address *e,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXe1634Address_GetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXe1634Address_GetSubAddress
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXe1634Address_SetSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_SetSubAddress
-(
- NSSPKIXe1634Address *e,
- NSSUTF8 *subAddress
-);
-
-/*
- * nssPKIXe1634Address_RemoveSubAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_RemoveSubAddress
-(
- NSSPKIXe1634Address *e
-);
-
-/*
- * nssPKIXe1634Address_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXe1634Address_Equal
-(
- NSSPKIXe1634Address *e1,
- NSSPKIXe1634Address *e2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXe1634Address_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXe1634Address upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXe1634Address *
-nssPKIXe1634Address_Duplicate
-(
- NSSPKIXe1634Address *e,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXe1634Address_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXe1634Address
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_E163_4_ADDRESS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXe1634Address_verifyPointer
-(
- NSSPKIXe1634Address *p
-);
-#endif /* DEBUG */
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PresentationAddress ::= SEQUENCE {
- * pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
- * sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
- * tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
- * nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- * The private calls for the type:
- *
- * nssPKIXPresentationAddress_Decode
- * nssPKIXPresentationAddress_Create
- * nssPKIXPresentationAddress_Destroy
- * nssPKIXPresentationAddress_Encode
- * nssPKIXPresentationAddress_HasPSelector
- * nssPKIXPresentationAddress_GetPSelector
- * nssPKIXPresentationAddress_SetPSelector
- * nssPKIXPresentationAddress_RemovePSelector
- * nssPKIXPresentationAddress_HasSSelector
- * nssPKIXPresentationAddress_GetSSelector
- * nssPKIXPresentationAddress_SetSSelector
- * nssPKIXPresentationAddress_RemoveSSelector
- * nssPKIXPresentationAddress_HasTSelector
- * nssPKIXPresentationAddress_GetTSelector
- * nssPKIXPresentationAddress_SetTSelector
- * nssPKIXPresentationAddress_RemoveTSelector
- * nssPKIXPresentationAddress_HasNAddresses
- * nssPKIXPresentationAddress_GetNAddresses
- * nssPKIXPresentationAddress_SetNAddresses
- * nssPKIXPresentationAddress_RemoveNAddresses
- *{NAddresses must be more complex than that}
- * nssPKIXPresentationAddress_Compare
- * nssPKIXPresentationAddress_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * _verifyPointer
- *
- */
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- *
- * The private calls for the type:
- *
- * nssPKIXTeletexDomainDefinedAttributes_Decode
- * nssPKIXTeletexDomainDefinedAttributes_Create
- * nssPKIXTeletexDomainDefinedAttributes_Destroy
- * nssPKIXTeletexDomainDefinedAttributes_Encode
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- * nssPKIXTeletexDomainDefinedAttributes_Equal
- * nssPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTeletexDomainDefinedAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-nssPKIXTeletexDomainDefinedAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-nssPKIXTeletexDomainDefinedAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXTeletexDomainDefinedAttribute *tdda1,
- ...
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_Destroy
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexDomainDefinedAttributes_Encode
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributeCount
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXTeletexDomainDefinedAttribute
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute **
-nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttributes
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttributes
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda[],
- PRInt32 count
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttributes_GetTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_SetTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_InsertTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_AppendTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_RemoveTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- PRInt32 i
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * The nonnegative integer upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXTeletexDomainDefinedAttributes_FindTeletexDomainDefinedAttribute
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexDomainDefinedAttributes_Equal
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas1,
- NSSPKIXTeletexDomainDefinedAttributes *tddas2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttributes *
-nssPKIXTeletexDomainDefinedAttributes_Duplicate
-(
- NSSPKIXTeletexDomainDefinedAttributes *tddas,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexDomainDefinedAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexDomainDefinedAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttributes_verifyPointer
-(
- NSSPKIXTeletexDomainDefinedAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttribute ::= SEQUENCE {
- * type TeletexString
- * (SIZE (1..ub-domain-defined-attribute-type-length)),
- * value TeletexString
- * (SIZE (1..ub-domain-defined-attribute-value-length)) }
- *
- * The private calls for the type:
- *
- * nssPKIXTeletexDomainDefinedAttribute_Decode
- * nssPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- * nssPKIXTeletexDomainDefinedAttribute_Create
- * nssPKIXTeletexDomainDefinedAttribute_Destroy
- * nssPKIXTeletexDomainDefinedAttribute_Encode
- * nssPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- * nssPKIXTeletexDomainDefinedAttribute_GetType
- * nssPKIXTeletexDomainDefinedAttribute_SetType
- * nssPKIXTeletexDomainDefinedAttribute_GetValue
- * nssPKIXTeletexDomainDefinedAttribute_GetValue
- * nssPKIXTeletexDomainDefinedAttribute_Equal
- * nssPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXTeletexDomainDefinedAttribute_verifyPointer
- *
- */
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *type,
- NSSUTF8 *value
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_Destroy
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXTeletexDomainDefinedAttribute_Encode
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexDomainDefinedAttribute_GetUTF8Encoding
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_GetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexDomainDefinedAttribute_GetType
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_SetType
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_SetType
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSUTF8 *type
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXTeletexDomainDefinedAttribute_GetValue
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_SetValue
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSUTF8 *value
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXTeletexDomainDefinedAttribute_Equal
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda1,
- NSSPKIXTeletexDomainDefinedAttribute *tdda2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXTeletexDomainDefinedAttribute_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXTeletexDomainDefinedAttribute *
-nssPKIXTeletexDomainDefinedAttribute_Duplicate
-(
- NSSPKIXTeletexDomainDefinedAttribute *tdda,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXTeletexDomainDefinedAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXTeletexDomainDefinedAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_TELETEX_DOMAIN_DEFINED_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXTeletexDomainDefinedAttribute_verifyPointer
-(
- NSSPKIXTeletexDomainDefinedAttribute *p
-);
-#endif /* DEBUG */
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityKeyIdentifier ::= SEQUENCE {
- * keyIdentifier [0] KeyIdentifier OPTIONAL,
- * authorityCertIssuer [1] GeneralNames OPTIONAL,
- * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
- * -- authorityCertIssuer and authorityCertSerialNumber shall both
- * -- be present or both be absent
- *
- * The private calls for the type:
- *
- * nssPKIXAuthorityKeyIdentifier_Decode
- * nssPKIXAuthorityKeyIdentifier_Create
- * nssPKIXAuthorityKeyIdentifier_Destroy
- * nssPKIXAuthorityKeyIdentifier_Encode
- * nssPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- * nssPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- * nssPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- * nssPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- * nssPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- * nssPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- * nssPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- * nssPKIXAuthorityKeyIdentifier_Equal
- * nssPKIXAuthorityKeyIdentifier_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAuthorityKeyIdentifier_verifyPointer
- *
- */
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyIdentifier *keyIdentifierOpt,
- NSSPKIXGeneralNames *authorityCertIssuerOpt,
- NSSPKIXCertificateSerialNumber *authorityCertSerialNumberOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_Destroy
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAuthorityKeyIdentifier_Encode
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_HasKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityKeyIdentifier_HasKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_GetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_GetKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXKeyIdentifier *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_SetKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_SetKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXKeyIdentifier *keyIdentifier
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_HAS_NO_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_RemoveKeyIdentifier
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if it has them
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityKeyIdentifier_HasAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_RemoveAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXAuthorityKeyIdentifier_GetAuthorityCertIssuer
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_AUTHORITY_CERT_ISSUER_AND_SERIAL_NUMBER
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificateSerialNumber upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificateSerialNumber *
-nssPKIXAuthorityKeyIdentifier_GetAuthorityCertSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXCertificateSerialNumber *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_SetAuthorityCertIssuerAndSerialNumber
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSPKIXGeneralNames *issuer,
- NSSPKIXCertificateSerialNumber *serialNumber
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityKeyIdentifier_Equal
-(
- NSSPKIXAuthorityKeyIdentifier *aki1,
- NSSPKIXAuthorityKeyIdentifier *aki2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityKeyIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityKeyIdentifier upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityKeyIdentifier *
-nssPKIXAuthorityKeyIdentifier_Duplicate
-(
- NSSPKIXAuthorityKeyIdentifier *aki,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAuthorityKeyIdentifier_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAuthorityKeyIdentifier
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_KEY_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityKeyIdentifier_verifyPointer
-(
- NSSPKIXAuthorityKeyIdentifier *p
-);
-#endif /* DEBUG */
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyUsage ::= BIT STRING {
- * digitalSignature (0),
- * nonRepudiation (1),
- * keyEncipherment (2),
- * dataEncipherment (3),
- * keyAgreement (4),
- * keyCertSign (5),
- * cRLSign (6),
- * encipherOnly (7),
- * decipherOnly (8) }
- *
- * The private calls for the type:
- *
- * nssPKIXKeyUsage_Decode
- * nssPKIXKeyUsage_CreateFromUTF8
- * nssPKIXKeyUsage_CreateFromValue
- * nssPKIXKeyUsage_Destroy
- * nssPKIXKeyUsage_Encode
- * nssPKIXKeyUsage_GetUTF8Encoding
- * nssPKIXKeyUsage_GetValue
- * nssPKIXKeyUsage_SetValue
- * { bitwise accessors? }
- * nssPKIXKeyUsage_Equal
- * nssPKIXKeyUsage_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXKeyUsage_verifyPointer
- *
- */
-
-/*
- * nssPKIXKeyUsage_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXKeyUsage_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXKeyUsage_CreateFromValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_CreateFromValue
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyUsageValue value
-);
-
-/*
- * nssPKIXKeyUsage_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXKeyUsage_Destroy
-(
- NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * nssPKIXKeyUsage_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXKeyUsage_Encode
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXKeyUsage_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXKeyUsage_GetUTF8Encoding
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXKeyUsage_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * A set of NSSKeyUsageValue values OR-d together upon success
- * NSSKeyUsage_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSKeyUsageValue
-nssPKIXKeyUsage_GetValue
-(
- NSSPKIXKeyUsage *keyUsage
-);
-
-/*
- * nssPKIXKeyUsage_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXKeyUsage_SetValue
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSPKIXKeyUsageValue value
-);
-
-/*
- * nssPKIXKeyUsage_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXKeyUsage_Equal
-(
- NSSPKIXKeyUsage *keyUsage1,
- NSSPKIXKeyUsage *keyUsage2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXKeyUsage_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyUsage upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyUsage *
-nssPKIXKeyUsage_Duplicate
-(
- NSSPKIXKeyUsage *keyUsage,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXKeyUsage_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXKeyUsage
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_KEY_USAGE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXKeyUsage_verifyPointer
-(
- NSSPKIXKeyUsage *p
-);
-#endif /* DEBUG */
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PrivateKeyUsagePeriod ::= SEQUENCE {
- * notBefore [0] GeneralizedTime OPTIONAL,
- * notAfter [1] GeneralizedTime OPTIONAL }
- * -- either notBefore or notAfter shall be present
- *
- * The private calls for the type:
- *
- * nssPKIXPrivateKeyUsagePeriod_Decode
- * nssPKIXPrivateKeyUsagePeriod_Create
- * nssPKIXPrivateKeyUsagePeriod_Destroy
- * nssPKIXPrivateKeyUsagePeriod_Encode
- * nssPKIXPrivateKeyUsagePeriod_HasNotBefore
- * nssPKIXPrivateKeyUsagePeriod_GetNotBefore
- * nssPKIXPrivateKeyUsagePeriod_SetNotBefore
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- * nssPKIXPrivateKeyUsagePeriod_HasNotAfter
- * nssPKIXPrivateKeyUsagePeriod_GetNotAfter
- * nssPKIXPrivateKeyUsagePeriod_SetNotAfter
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- * nssPKIXPrivateKeyUsagePeriod_Equal
- * nssPKIXPrivateKeyUsagePeriod_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPrivateKeyUsagePeriod_verifyPointer
- *
- */
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-nssPKIXPrivateKeyUsagePeriod_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_INVALID_ARGUMENTS
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-nssPKIXPrivateKeyUsagePeriod_Create
-(
- NSSArena *arenaOpt,
- NSSTime *notBeforeOpt,
- NSSTime *notAfterOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_Destroy
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPrivateKeyUsagePeriod_Encode
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_HasNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPrivateKeyUsagePeriod_HasNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_GetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- * NSSTime {fgmr!}
- * NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-nssPKIXPrivateKeyUsagePeriod_GetNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_SetNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_SetNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSTime *notBefore
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotBefore
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_HAS_NO_NOT_BEFORE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_RemoveNotBefore
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_HasNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPrivateKeyUsagePeriod_HasNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_GetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- * NSSTime {fgmr!}
- * NULL upon failure
- */
-
-NSS_EXTERN NSSTime *
-nssPKIXPrivateKeyUsagePeriod_GetNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_SetNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_INVALID_TIME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_SetNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSTime *notAfter
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_RemoveNotAfter
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_HAS_NO_NOT_AFTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_RemoveNotAfter
-(
- NSSPKIXPrivateKeyUsagePeriod *period
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPrivateKeyUsagePeriod_Equal
-(
- NSSPKIXPrivateKeyUsagePeriod *period1,
- NSSPKIXPrivateKeyUsagePeriod *period2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPrivateKeyUsagePeriod_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPrivateKeyUsagePeriod upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPrivateKeyUsagePeriod *
-nssPKIXPrivateKeyUsagePeriod_Duplicate
-(
- NSSPKIXPrivateKeyUsagePeriod *period,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPrivateKeyUsagePeriod_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPrivateKeyUsagePeriod
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_PRIVATE_KEY_USAGE_PERIOD
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPrivateKeyUsagePeriod_verifyPointer
-(
- NSSPKIXPrivateKeyUsagePeriod *p
-);
-#endif /* DEBUG */
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- * The private calls for the type:
- *
- * nssPKIXCertificatePolicies_Decode
- * nssPKIXCertificatePolicies_Create
- * nssPKIXCertificatePolicies_Destroy
- * nssPKIXCertificatePolicies_Encode
- * nssPKIXCertificatePolicies_GetPolicyInformationCount
- * nssPKIXCertificatePolicies_GetPolicyInformations
- * nssPKIXCertificatePolicies_SetPolicyInformations
- * nssPKIXCertificatePolicies_GetPolicyInformation
- * nssPKIXCertificatePolicies_SetPolicyInformation
- * nssPKIXCertificatePolicies_InsertPolicyInformation
- * nssPKIXCertificatePolicies_AppendPolicyInformation
- * nssPKIXCertificatePolicies_RemovePolicyInformation
- * nssPKIXCertificatePolicies_FindPolicyInformation
- * nssPKIXCertificatePolicies_Equal
- * nssPKIXCertificatePolicies_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXCertificatePolicies_verifyPointer
- *
- */
-
-/*
- * nssPKIXCertificatePolicies_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-nssPKIXCertificatePolicies_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCertificatePolicies_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-nssPKIXCertificatePolicies_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXPolicyInformation *pi1,
- ...
-);
-
-/*
- * nssPKIXCertificatePolicies_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_Destroy
-(
- NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * nssPKIXCertificatePolicies_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCertificatePolicies_Encode
-(
- NSSPKIXCertificatePolicies *cp,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_GetPolicyInformationCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCertificatePolicies_GetPolicyInformationCount
-(
- NSSPKIXCertificatePolicies *cp
-);
-
-/*
- * nssPKIXCertificatePolicies_GetPolicyInformations
- *
- * We regret the function name.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXPolicyInformation pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation **
-nssPKIXCertificatePolicies_GetPolicyInformations
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_SetPolicyInformations
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_SetPolicyInformations
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi[],
- PRInt32 count
-);
-
-/*
- * nssPKIXCertificatePolicies_GetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXCertificatePolicies_GetPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_SetPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_SetPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_InsertPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_InsertPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_AppendPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_AppendPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_RemovePolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_RemovePolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- PRInt32 i
-);
-
-/*
- * nssPKIXCertificatePolicies_FindPolicyInformation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * The nonnegative integer upon success
- * -1 upon failure
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCertificatePolicies_FindPolicyInformation
-(
- NSSPKIXCertificatePolicies *cp,
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXCertificatePolicies_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCertificatePolicies_Equal
-(
- NSSPKIXCertificatePolicies *cp1,
- NSSPKIXCertificatePolicies *cp2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCertificatePolicies_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertificatePolicies upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertificatePolicies *
-nssPKIXCertificatePolicies_Duplicate
-(
- NSSPKIXCertificatePolicies *cp,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCertificatePolicies_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCertificatePolicies
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CERTIFICATE_POLICIES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCertificatePolicies_verifyPointer
-(
- NSSPKIXCertificatePolicies *p
-);
-#endif /* DEBUG */
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyInformation ::= SEQUENCE {
- * policyIdentifier CertPolicyId,
- * policyQualifiers SEQUENCE SIZE (1..MAX) OF
- * PolicyQualifierInfo OPTIONAL }
- *
- * The private calls for the type:
- *
- * nssPKIXPolicyInformation_Decode
- * nssPKIXPolicyInformation_Create
- * nssPKIXPolicyInformation_Destroy
- * nssPKIXPolicyInformation_Encode
- * nssPKIXPolicyInformation_GetPolicyIdentifier
- * nssPKIXPolicyInformation_SetPolicyIdentifier
- * nssPKIXPolicyInformation_GetPolicyQualifierCount
- * nssPKIXPolicyInformation_GetPolicyQualifiers
- * nssPKIXPolicyInformation_SetPolicyQualifiers
- * nssPKIXPolicyInformation_GetPolicyQualifier
- * nssPKIXPolicyInformation_SetPolicyQualifier
- * nssPKIXPolicyInformation_InsertPolicyQualifier
- * nssPKIXPolicyInformation_AppendPolicyQualifier
- * nssPKIXPolicyInformation_RemovePolicyQualifier
- * nssPKIXPolicyInformation_Equal
- * nssPKIXPolicyInformation_Duplicate
- * { and accessors by specific policy qualifier ID }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPolicyInformation_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyInformation_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXPolicyInformation_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyInformation_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXPolicyInformation_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertPolicyId *id,
- NSSPKIXPolicyQualifierInfo *pqi1,
- ...
-);
-
-/*
- * nssPKIXPolicyInformation_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_Destroy
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXPolicyInformation_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyInformation_Encode
-(
- NSSPKIXPolicyInformation *pi,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid OID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXPolicyInformation_GetPolicyIdentifier
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXPolicyInformation_SetPolicyIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_SetPolicyIdentifier
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXCertPolicyIdentifier *cpi
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyQualifierCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyInformation_GetPolicyQualifierCount
-(
- NSSPKIXPolicyInformation *pi
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXPolicyQualifierInfo pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo **
-nssPKIXPolicyInformation_GetPolicyQualifiers
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXPolicyQualifierInfo *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyInformation_SetPolicyQualifiers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_SetPolicyQualifiers
-(
- NSSPKIXPolicyInformation *pi,
- NSSPKIXPolicyQualifierInfo *pqi[],
- PRInt32 count
-);
-
-/*
- * nssPKIXPolicyInformation_GetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyInformation_GetPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyInformation_SetPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_SetPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyInformation_InsertPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_InsertPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyInformation_AppendPolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_AppendPolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i,
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyInformation_RemovePolicyQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_RemovePolicyQualifier
-(
- NSSPKIXPolicyInformation *pi,
- PRInt32 i
-);
-
-/*
- * nssPKIXPolicyInformation_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyInformation_Equal
-(
- NSSPKIXPolicyInformation *pi1,
- NSSPKIXPolicyInformation *pi2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyInformation_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyInformation upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyInformation *
-nssPKIXPolicyInformation_Duplicate
-(
- NSSPKIXPolicyInformation *pi,
- NSSArena *arenaOpt
-);
-
-/*
- * { and accessors by specific policy qualifier ID }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXPolicyInformation_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyInformation
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_INFORMATION
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyInformation_verifyPointer
-(
- NSSPKIXPolicyInformation *p
-);
-#endif /* DEBUG */
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierInfo ::= SEQUENCE {
- * policyQualifierId PolicyQualifierId,
- * qualifier ANY DEFINED BY policyQualifierId }
- *
- * The private calls for the type:
- *
- * nssPKIXPolicyQualifierInfo_Decode
- * nssPKIXPolicyQualifierInfo_Create
- * nssPKIXPolicyQualifierInfo_Destroy
- * nssPKIXPolicyQualifierInfo_Encode
- * nssPKIXPolicyQualifierInfo_GetPolicyQualifierID
- * nssPKIXPolicyQualifierInfo_SetPolicyQualifierID
- * nssPKIXPolicyQualifierInfo_GetQualifier
- * nssPKIXPolicyQualifierInfo_SetQualifier
- * nssPKIXPolicyQualifierInfo_Equal
- * nssPKIXPolicyQualifierInfo_Duplicate
- * { and accessors by specific qualifier id/type }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPolicyQualifierInfo_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyQualifierInfo_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyQualifierInfo_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyQualifierInfo_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXPolicyQualifierId *policyQualifierId,
- NSSItem *qualifier
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_Destroy
-(
- NSSPKIXPolicyQualifierInfo *pqi
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyQualifierInfo_Encode
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_GetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierId (an NSSOID) upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierId *
-nssPKIXPolicyQualifierInfo_GetPolicyQualifierId
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_SetPolicyQualifierId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_SetPolicyQualifierId
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSPKIXPolicyQualifierId *pqid
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_GetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXPolicyQualifierInfo_GetQualifier
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_SetQualifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_SetQualifier
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSItem *qualifier
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyQualifierInfo_Equal
-(
- NSSPKIXPolicyQualifierInfo *pqi1,
- NSSPKIXPolicyQualifierInfo *pqi2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyQualifierInfo_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyQualifierInfo upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyQualifierInfo *
-nssPKIXPolicyQualifierInfo_Duplicate
-(
- NSSPKIXPolicyQualifierInfo *pqi,
- NSSArena *arenaOpt
-);
-
-/*
- * { and accessors by specific qualifier id/type }
- *
- */
-#ifdef DEBUG
-/*
- * nssPKIXPolicyQualifierInfo_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyQualifierInfo
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_QUALIFIER_INFO
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyQualifierInfo_verifyPointer
-(
- NSSPKIXPolicyQualifierInfo *p
-);
-#endif /* DEBUG */
-
-/*
- * CPSuri
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CPSuri ::= IA5String
- *
- * The private calls for this type:
- *
- * nssPKIXCPSuri_Decode
- * nssPKIXCPSuri_CreateFromUTF8
- * nssPKIXCPSuri_Encode
- *
- */
-
-/*
- * nssPKIXCPSuri_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCPSuri upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-nssPKIXCPSuri_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCPSuri_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCPSuri upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCPSuri *
-nssPKIXCPSuri_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXCPSuri_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CPS_URI
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCPSuri_Encode
-(
- NSSPKIXCPSuri *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UserNotice ::= SEQUENCE {
- * noticeRef NoticeReference OPTIONAL,
- * explicitText DisplayText OPTIONAL}
- *
- * The private calls for this type:
- *
- * nssPKIXUserNotice_Decode
- * nssPKIXUserNotice_Create
- * nssPKIXUserNotice_Destroy
- * nssPKIXUserNotice_Encode
- * nssPKIXUserNotice_HasNoticeRef
- * nssPKIXUserNotice_GetNoticeRef
- * nssPKIXUserNotice_SetNoticeRef
- * nssPKIXUserNotice_RemoveNoticeRef
- * nssPKIXUserNotice_HasExplicitText
- * nssPKIXUserNotice_GetExplicitText
- * nssPKIXUserNotice_SetExplicitText
- * nssPKIXUserNotice_RemoveExplicitText
- * nssPKIXUserNotice_Equal
- * nssPKIXUserNotice_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXUserNotice_verifyPointer
- *
- */
-
-
-/*
- * nssPKIXUserNotice_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-nssPKIXUserNotice_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXUserNotice_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-nssPKIXUserNotice_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNoticeReference *noticeRef,
- NSSPKIXDisplayText *explicitText
-);
-
-/*
- * nssPKIXUserNotice_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_Destroy
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * nssPKIXUserNotice_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXUserNotice_Encode
-(
- NSSPKIXUserNotice *userNotice,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXUserNotice_HasNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXUserNotice_HasNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXUserNotice_GetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NOTICE_REF
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXUserNotice_GetNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXUserNotice_SetNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_SetNoticeRef
-(
- NSSPKIXUserNotice *userNotice,
- NSSPKIXNoticeReference *noticeRef
-);
-
-/*
- * nssPKIXUserNotice_RemoveNoticeRef
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_HAS_NO_NOTICE_REF
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_RemoveNoticeRef
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * nssPKIXUserNotice_HasExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if it has some
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXUserNotice_HasExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXUserNotice_GetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXUserNotice_GetExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXUserNotice_SetExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_SetExplicitText
-(
- NSSPKIXUserNotice *userNotice,
- NSSPKIXDisplayText *explicitText
-);
-
-/*
- * nssPKIXUserNotice_RemoveExplicitText
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_HAS_NO_EXPLICIT_TEXT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_RemoveExplicitText
-(
- NSSPKIXUserNotice *userNotice
-);
-
-/*
- * nssPKIXUserNotice_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXUserNotice_Equal
-(
- NSSPKIXUserNotice *userNotice1,
- NSSPKIXUserNotice *userNotice2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXUserNotice_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXUserNotice upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXUserNotice *
-nssPKIXUserNotice_Duplicate
-(
- NSSPKIXUserNotice *userNotice,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXUserNotice_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXUserNotice
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_USER_NOTICE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXUserNotice_verifyPointer
-(
- NSSPKIXUserNotice *p
-);
-#endif /* DEBUG */
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NoticeReference ::= SEQUENCE {
- * organization DisplayText,
- * noticeNumbers SEQUENCE OF INTEGER }
- *
- * The private calls for this type:
- *
- * nssPKIXNoticeReference_Decode
- * nssPKIXNoticeReference_Create
- * nssPKIXNoticeReference_Destroy
- * nssPKIXNoticeReference_Encode
- * nssPKIXNoticeReference_GetOrganization
- * nssPKIXNoticeReference_SetOrganization
- * nssPKIXNoticeReference_GetNoticeNumberCount
- * nssPKIXNoticeReference_GetNoticeNumbers
- * nssPKIXNoticeReference_SetNoticeNumbers
- * nssPKIXNoticeReference_GetNoticeNumber
- * nssPKIXNoticeReference_SetNoticeNumber
- * nssPKIXNoticeReference_InsertNoticeNumber
- * nssPKIXNoticeReference_AppendNoticeNumber
- * nssPKIXNoticeReference_RemoveNoticeNumber
- * { maybe number-exists-p gettor? }
- * nssPKIXNoticeReference_Equal
- * nssPKIXNoticeReference_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXNoticeReference_verifyPointer
- *
- */
-
-/*
- * nssPKIXNoticeReference_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXNoticeReference_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXNoticeReference_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXNoticeReference_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDisplayText *organization,
- PRUint32 noticeCount,
- PRInt32 noticeNumber1,
- ...
-);
-
-/*
- * { fgmr -- or should the call that takes PRInt32 be _CreateFromValues,
- * and the _Create call take NSSBER integers? }
- */
-
-/*
- * nssPKIXNoticeReference_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_Destroy
-(
- NSSPKIXNoticeReference *nr
-);
-
-/*
- * nssPKIXNoticeReference_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNoticeReference_Encode
-(
- NSSPKIXNoticeReference *nr,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNoticeReference_GetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXNoticeReference_GetOrganization
-(
- NSSPKIXNoticeReference *nr,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNoticeReference_SetOrganization
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_SetOrganization
-(
- NSSPKIXNoticeReference *nr,
- NSSPKIXDisplayText *organization
-);
-
-/*
- * nssPKIXNoticeReference_GetNoticeNumberCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXNoticeReference_GetNoticeNumberCount
-(
- NSSPKIXNoticeReference *nr
-);
-
-/*
- * nssPKIXNoticeReference_GetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of PRInt32 values upon success
- * NULL upon failure
- */
-
-NSS_EXTERN PRInt32 *
-nssPKIXNoticeReference_GetNoticeNumbers
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNoticeReference_SetNoticeNumbers
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_SetNoticeNumbers
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 noticeNumbers[],
- PRInt32 count
-);
-
-/*
- * nssPKIXNoticeReference_GetNoticeNumber
- *
- * -- fgmr comments --
- * Because there is no natural "invalid" notice number value, we must
- * pass the number by reference, and return an explicit status value.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_GetNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 *noticeNumberP
-);
-
-/*
- * nssPKIXNoticeReference_SetNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_SetNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 noticeNumber
-);
-
-/*
- * nssPKIXNoticeReference_InsertNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_InsertNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i,
- PRInt32 noticeNumber
-);
-
-/*
- * nssPKIXNoticeReference_AppendNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_AppendNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 noticeNumber
-);
-
-/*
- * nssPKIXNoticeReference_RemoveNoticeNumber
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_RemoveNoticeNumber
-(
- NSSPKIXNoticeReference *nr,
- PRInt32 i
-);
-
-/*
- * { maybe number-exists-p gettor? }
- */
-
-/*
- * nssPKIXNoticeReference_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXNoticeReference_Equal
-(
- NSSPKIXNoticeReference *nr1,
- NSSPKIXNoticeReference *nr2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNoticeReference_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNoticeReference upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNoticeReference *
-nssPKIXNoticeReference_Duplicate
-(
- NSSPKIXNoticeReference *nr,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXNoticeReference_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXNoticeReference
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NOTICE_REFERENCE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNoticeReference_verifyPointer
-(
- NSSPKIXNoticeReference *p
-);
-#endif /* DEBUG */
-
-/*
- * DisplayText
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DisplayText ::= CHOICE {
- * visibleString VisibleString (SIZE (1..200)),
- * bmpString BMPString (SIZE (1..200)),
- * utf8String UTF8String (SIZE (1..200)) }
- *
- * The private calls for this type:
- *
- * nssPKIXDisplayText_Decode
- * nssPKIXDisplayText_CreateFromUTF8
- * nssPKIXDisplayText_Encode
- *
- */
-
-/*
- * nssPKIXDisplayText_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXDisplayText_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXDisplayText_CreateFromUTF8
- *
- * { basically just enforces the length and charset limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDisplayText upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDisplayText *
-nssPKIXDisplayText_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXDisplayText_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISPLAY_TEXT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDisplayText_Encode
-(
- NSSPKIXDisplayText *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- * The private calls for this type:
- *
- * nssPKIXPolicyMappings_Decode
- * nssPKIXPolicyMappings_Create
- * nssPKIXPolicyMappings_Destroy
- * nssPKIXPolicyMappings_Encode
- * nssPKIXPolicyMappings_GetPolicyMappingCount
- * nssPKIXPolicyMappings_GetPolicyMappings
- * nssPKIXPolicyMappings_SetPolicyMappings
- * nssPKIXPolicyMappings_GetPolicyMapping
- * nssPKIXPolicyMappings_SetPolicyMapping
- * nssPKIXPolicyMappings_InsertPolicyMapping
- * nssPKIXPolicyMappings_AppendPolicyMapping
- * nssPKIXPolicyMappings_RemovePolicyMapping
- * nssPKIXPolicyMappings_FindPolicyMapping
- * nssPKIXPolicyMappings_Equal
- * nssPKIXPolicyMappings_Duplicate
- * nssPKIXPolicyMappings_IssuerDomainPolicyExists
- * nssPKIXPolicyMappings_SubjectDomainPolicyExists
- * nssPKIXPolicyMappings_FindIssuerDomainPolicy
- * nssPKIXPolicyMappings_FindSubjectDomainPolicy
- * nssPKIXPolicyMappings_MapIssuerToSubject
- * nssPKIXPolicyMappings_MapSubjectToIssuer
- * { find's and map's: what if there's more than one? }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPolicyMappings_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyMappings_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-nssPKIXPolicyMappings_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyMappings_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-nssPKIXPolicyMappings_Decode
-(
- NSSArena *arenaOpt,
- NSSPKIXpolicyMapping *policyMapping1,
- ...
-);
-
-/*
- * nssPKIXPolicyMappings_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_Destroy
-(
- NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * nssPKIXPolicyMappings_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyMappings_Encode
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyMappings_GetPolicyMappingCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_GetPolicyMappingCount
-(
- NSSPKIXPolicyMappings *policyMappings
-);
-
-/*
- * nssPKIXPolicyMappings_GetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXpolicyMapping pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping **
-nssPKIXPolicyMappings_GetPolicyMappings
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyMappings_SetPolicyMappings
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_SetPolicyMappings
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping[]
- PRInt32 count
-);
-
-/*
- * nssPKIXPolicyMappings_GetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXPolicyMappings_GetPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyMappings_SetPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_SetPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_InsertPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_InsertPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i,
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_AppendPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_AppendPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_RemovePolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_RemovePolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- PRInt32 i
-);
-
-/*
- * nssPKIXPolicyMappings_FindPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_FindPolicyMapping
-(
- NSSPKIXPolicyMappings *policyMappings
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXPolicyMappings_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyMappings_Equal
-(
- NSSPKIXPolicyMappings *policyMappings1,
- NSSPKIXpolicyMappings *policyMappings2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyMappings_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyMappings upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyMappings *
-nssPKIXPolicyMappings_Duplicate
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPolicyMappings_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyMappings
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyMappings_verifyPointer
-(
- NSSPKIXPolicyMappings *p
-);
-#endif /* DEBUG */
-
-/*
- * nssPKIXPolicyMappings_IssuerDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_TRUE if the specified domain policy OID exists
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyMappings_IssuerDomainPolicyExists
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyMappings_SubjectDomainPolicyExists
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * PR_TRUE if the specified domain policy OID exists
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyMappings_SubjectDomainPolicyExists
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *subjectDomainPolicy,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyMappings_FindIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_FindIssuerDomainPolicy
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXPolicyMappings_FindSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyMappings_FindSubjectDomainPolicy
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXPolicyMappings_MapIssuerToSubject
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXPolicyMappings_MapIssuerToSubject
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXPolicyMappings_MapSubjectToIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPINGS
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NOT_FOUND
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXPolicyMappings_MapSubjectToIssuer
-(
- NSSPKIXPolicyMappings *policyMappings,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- * SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- * The private calls for this type:
- *
- * nssPKIXpolicyMapping_Decode
- * nssPKIXpolicyMapping_Create
- * nssPKIXpolicyMapping_Destroy
- * nssPKIXpolicyMapping_Encode
- * nssPKIXpolicyMapping_GetIssuerDomainPolicy
- * nssPKIXpolicyMapping_SetIssuerDomainPolicy
- * nssPKIXpolicyMapping_GetSubjectDomainPolicy
- * nssPKIXpolicyMapping_SetSubjectDomainPolicy
- * nssPKIXpolicyMapping_Equal
- * nssPKIXpolicyMapping_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXpolicyMapping_verifyPointer
- *
- */
-
-/*
- * nssPKIXpolicyMapping_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXpolicyMapping_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXpolicyMapping_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXpolicyMapping_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXCertPolicyId *issuerDomainPolicy,
- NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * nssPKIXpolicyMapping_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_Destroy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXpolicyMapping_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXpolicyMapping_Encode
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXpolicyMapping_GetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId OID upon success
- * NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXpolicyMapping_GetIssuerDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXpolicyMapping_SetIssuerDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_SetIssuerDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSPKIXCertPolicyId *issuerDomainPolicy
-);
-
-/*
- * nssPKIXpolicyMapping_GetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXCertPolicyId OID upon success
- * NULL upon faliure
- */
-
-NSS_EXTERN NSSPKIXCertPolicyId *
-nssPKIXpolicyMapping_GetSubjectDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping
-);
-
-/*
- * nssPKIXpolicyMapping_SetSubjectDomainPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_PKIX_CERT_POLICY_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_SetSubjectDomainPolicy
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSPKIXCertPolicyId *subjectDomainPolicy
-);
-
-/*
- * nssPKIXpolicyMapping_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXpolicyMapping_Equal
-(
- NSSPKIXpolicyMapping *policyMapping1,
- NSSPKIXpolicyMapping *policyMapping2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXpolicyMapping_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXpolicyMapping upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXpolicyMapping *
-nssPKIXpolicyMapping_Duplicate
-(
- NSSPKIXpolicyMapping *policyMapping,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXpolicyMapping_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXpolicyMapping
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXpolicyMapping_verifyPointer
-(
- NSSPKIXpolicyMapping *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] AnotherName,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- * The private calls for this type:
- *
- * nssPKIXGeneralName_Decode
- * nssPKIXGeneralName_CreateFromUTF8
- * nssPKIXGeneralName_Create
- * nssPKIXGeneralName_CreateFromOtherName
- * nssPKIXGeneralName_CreateFromRfc822Name
- * nssPKIXGeneralName_CreateFromDNSName
- * nssPKIXGeneralName_CreateFromX400Address
- * nssPKIXGeneralName_CreateFromDirectoryName
- * nssPKIXGeneralName_CreateFromEDIPartyName
- * nssPKIXGeneralName_CreateFromUniformResourceIdentifier
- * nssPKIXGeneralName_CreateFromIPAddress
- * nssPKIXGeneralName_CreateFromRegisteredID
- * nssPKIXGeneralName_Destroy
- * nssPKIXGeneralName_Encode
- * nssPKIXGeneralName_GetUTF8Encoding
- * nssPKIXGeneralName_GetChoice
- * nssPKIXGeneralName_GetOtherName
- * nssPKIXGeneralName_GetRfc822Name
- * nssPKIXGeneralName_GetDNSName
- * nssPKIXGeneralName_GetX400Address
- * nssPKIXGeneralName_GetDirectoryName
- * nssPKIXGeneralName_GetEDIPartyName
- * nssPKIXGeneralName_GetUniformResourceIdentifier
- * nssPKIXGeneralName_GetIPAddress
- * nssPKIXGeneralName_GetRegisteredID
- * nssPKIXGeneralName_GetSpecifiedChoice
- * nssPKIXGeneralName_Equal
- * nssPKIXGeneralName_Duplicate
- * (in pki1 I had specific attribute value gettors here too)
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXGeneralName_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-);
-
-/*
- * nssPKIXGeneralName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralNameChoice choice,
- void *content
-);
-
-/*
- * nssPKIXGeneralName_CreateFromOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromOtherName
-(
- NSSArena *arenaOpt,
- NSSPKIXAnotherName *otherName
-);
-
-/*
- * nssPKIXGeneralName_CreateFromRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromRfc822Name
-(
- NSSArena *arenaOpt,
- NSSUTF8 *rfc822Name
-);
-
-/*
- * nssPKIXGeneralName_CreateFromDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromDNSName
-(
- NSSArena *arenaOpt,
- NSSUTF8 *dNSName
-);
-
-/*
- * nssPKIXGeneralName_CreateFromX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_OR_ADDRESS
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromX400Address
-(
- NSSArena *arenaOpt,
- NSSPKIXORAddress *x400Address
-);
-
-/*
- * nssPKIXGeneralName_CreateFromDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromDirectoryName
-(
- NSSArena *arenaOpt,
- NSSPKIXName *directoryName
-);
-
-/*
- * nssPKIXGeneralName_CreateFromEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromEDIPartyName
-(
- NSSArena *arenaOpt,
- NSSPKIXEDIPartyName *ediPartyname
-);
-
-/*
- * nssPKIXGeneralName_CreateFromUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_IA5_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromUniformResourceIdentifier
-(
- NSSArena *arenaOpt,
- NSSUTF8 *uniformResourceIdentifier
-);
-
-/*
- * nssPKIXGeneralName_CreateFromIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromIPAddress
-(
- NSSArena *arenaOpt,
- NSSItem *iPAddress
-);
-
-/*
- * nssPKIXGeneralName_CreateFromRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_CreateFromRegisteredID
-(
- NSSArena *arenaOpt,
- NSSOID *registeredID
-);
-
-/*
- * nssPKIXGeneralName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralName_Destroy
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralName_Encode
-(
- NSSPKIXGeneralName *generalName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetUTF8Encoding
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid NSSPKIXGeneralNameChoice value upon success
- * NSSPKIXGeneralNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNameChoice
-nssPKIXGeneralName_GetChoice
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralName_GetOtherName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXGeneralName_GetOtherName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetRfc822Name
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetRfc822Name
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetDNSName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetDNSName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetX400Address
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXORAddress upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXORAddress *
-nssPKIXGeneralName_GetX400Address
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetDirectoryName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXName *
-nssPKIXGeneralName_GetDirectoryName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetEDIPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXGeneralName_GetEDIPartyName
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetUniformResourceIdentifier
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXGeneralName_GetUniformResourceIdentifier
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetIPAddress
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXGeneralName_GetIPAddress
-(
- NSSPKIXGeneralName *generalName,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_GetRegisteredID
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSOID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXGeneralName_GetRegisteredID
-(
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN void *
-nssPKIXGeneralName_GetSpecifiedChoice
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralName_Equal
-(
- NSSPKIXGeneralName *generalName1,
- NSSPKIXGeneralName *generalName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralName_Duplicate
-(
- NSSPKIXGeneralName *generalName,
- NSSArena *arenaOpt
-);
-
-/*
- * (in pki1 I had specific attribute value gettors here too)
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralName_verifyPointer
-(
- NSSPKIXGeneralName *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- * The private calls for this type:
- *
- * nssPKIXGeneralNames_Decode
- * nssPKIXGeneralNames_Create
- * nssPKIXGeneralNames_Destroy
- * nssPKIXGeneralNames_Encode
- * nssPKIXGeneralNames_GetGeneralNameCount
- * nssPKIXGeneralNames_GetGeneralNames
- * nssPKIXGeneralNames_SetGeneralNames
- * nssPKIXGeneralNames_GetGeneralName
- * nssPKIXGeneralNames_SetGeneralName
- * nssPKIXGeneralNames_InsertGeneralName
- * nssPKIXGeneralNames_AppendGeneralName
- * nssPKIXGeneralNames_RemoveGeneralName
- * nssPKIXGeneralNames_FindGeneralName
- * nssPKIXGeneralNames_Equal
- * nssPKIXGeneralNames_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXGeneralNames_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralNames_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXGeneralNames_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralNames_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXGeneralNames_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralName *generalName1,
- ...
-);
-
-/*
- * nssPKIXGeneralNames_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_Destroy
-(
- NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * nssPKIXGeneralNames_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralNames_Encode
-(
- NSSPKIXGeneralNames *generalNames,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralNames_GetGeneralNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralNames_GetGeneralNameCount
-(
- NSSPKIXGeneralNames *generalNames
-);
-
-/*
- * nssPKIXGeneralNames_GetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXGeneralName pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName **
-nssPKIXGeneralNames_GetGeneralNames
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralNames_SetGeneralNames
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_SetGeneralNames
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName[],
- PRInt32 count
-);
-
-/*
- * nssPKIXGeneralNames_GetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralNames_GetGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralNames_SetGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_SetGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_InsertGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_InsertGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_AppendGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_AppendGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_RemoveGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_RemoveGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- PRInt32 i
-);
-
-/*
- * nssPKIXGeneralNames_FindGeneralName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralNames_FindGeneralName
-(
- NSSPKIXGeneralNames *generalNames,
- NSSPKIXGeneralName *generalName
-);
-
-/*
- * nssPKIXGeneralNames_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralNames_Equal
-(
- NSSPKIXGeneralNames *generalNames1,
- NSSPKIXGeneralNames *generalNames2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralNames_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXGeneralNames_Duplicate
-(
- NSSPKIXGeneralNames *generalNames,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralNames_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralNames
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralNames_verifyPointer
-(
- NSSPKIXGeneralNames *p
-);
-#endif /* DEBUG */
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AnotherName ::= SEQUENCE {
- * type-id OBJECT IDENTIFIER,
- * value [0] EXPLICIT ANY DEFINED BY type-id }
- *
- * The private calls for this type:
- *
- * nssPKIXAnotherName_Decode
- * nssPKIXAnotherName_Create
- * nssPKIXAnotherName_Destroy
- * nssPKIXAnotherName_Encode
- * nssPKIXAnotherName_GetTypeId
- * nssPKIXAnotherName_SetTypeId
- * nssPKIXAnotherName_GetValue
- * nssPKIXAnotherName_SetValue
- * nssPKIXAnotherName_Equal
- * nssPKIXAnotherName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAnotherName_verifyPointer
- *
- */
-
-/*
- * nssPKIXAnotherName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXAnotherName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAnotherName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXAnotherName_Create
-(
- NSSArena *arenaOpt,
- NSSOID *typeId,
- NSSItem *value
-);
-
-/*
- * nssPKIXAnotherName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_Destroy
-(
- NSSPKIXAnotherName *anotherName
-);
-
-/*
- * nssPKIXAnotherName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAnotherName_Encode
-(
- NSSPKIXAnotherName *anotherName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAnotherName_GetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSOID upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXAnotherName_GetTypeId
-(
- NSSPKIXAnotherName *anotherName
-);
-
-/*
- * nssPKIXAnotherName_SetTypeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_SetTypeId
-(
- NSSPKIXAnotherName *anotherName,
- NSSOID *typeId
-);
-
-/*
- * nssPKIXAnotherName_GetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSItem *
-nssPKIXAnotherName_GetValue
-(
- NSSPKIXAnotherName *anotherName,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAnotherName_SetValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_SetValue
-(
- NSSPKIXAnotherName *anotherName,
- NSSItem *value
-);
-
-/*
- * nssPKIXAnotherName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAnotherName_Equal
-(
- NSSPKIXAnotherName *anotherName1,
- NSSPKIXAnotherName *anotherName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAnotherName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAnotherName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAnotherName *
-nssPKIXAnotherName_Duplicate
-(
- NSSPKIXAnotherName *anotherName,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAnotherName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAnotherName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ANOTHER_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAnotherName_verifyPointer
-(
- NSSPKIXAnotherName *p
-);
-#endif /* DEBUG */
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString OPTIONAL,
- * partyName [1] DirectoryString }
- *
- * The private calls for this type:
- *
- * nssPKIXEDIPartyName_Decode
- * nssPKIXEDIPartyName_Create
- * nssPKIXEDIPartyName_Destroy
- * nssPKIXEDIPartyName_Encode
- * nssPKIXEDIPartyName_HasNameAssigner
- * nssPKIXEDIPartyName_GetNameAssigner
- * nssPKIXEDIPartyName_SetNameAssigner
- * nssPKIXEDIPartyName_RemoveNameAssigner
- * nssPKIXEDIPartyName_GetPartyName
- * nssPKIXEDIPartyName_SetPartyName
- * nssPKIXEDIPartyName_Equal
- * nssPKIXEDIPartyName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXEDIPartyName_verifyPointer
- *
- */
-
-/*
- * nssPKIXEDIPartyName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXEDIPartyName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXEDIPartyName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXEDIPartyName_Create
-(
- NSSArena *arenaOpt,
- NSSUTF8 *nameAssignerOpt,
- NSSUTF8 *partyName
-);
-
-/*
- * nssPKIXEDIPartyName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_Destroy
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * nssPKIXEDIPartyName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXEDIPartyName_Encode
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXEDIPartyName_HasNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXEDIPartyName_HasNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * nssPKIXEDIPartyName_GetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_HAS_NO_NAME_ASSIGNER
- *
- * Return value:
- * A valid pointer to an NSSUTF8 string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXEDIPartyName_GetNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXEDIPartyName_SetNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_SetNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSUTF8 *nameAssigner
-);
-
-/*
- * nssPKIXEDIPartyName_RemoveNameAssigner
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_HAS_NO_NAME_ASSIGNER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_RemoveNameAssigner
-(
- NSSPKIXEDIPartyName *ediPartyName
-);
-
-/*
- * nssPKIXEDIPartyName_GetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSUTF8 string upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSUTF8 *
-nssPKIXEDIPartyName_GetPartyName
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXEDIPartyName_SetPartyName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_STRING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_SetPartyName
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSUTF8 *partyName
-);
-
-/*
- * nssPKIXEDIPartyName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXEDIPartyName_Equal
-(
- NSSPKIXEDIPartyName *ediPartyName1,
- NSSPKIXEDIPartyName *ediPartyName2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXEDIPartyName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXEDIPartyName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXEDIPartyName *
-nssPKIXEDIPartyName_Duplicate
-(
- NSSPKIXEDIPartyName *ediPartyName,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXEDIPartyName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXEDIPartyName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EDI_PARTY_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXEDIPartyName_verifyPointer
-(
- NSSPKIXEDIPartyName *p
-);
-#endif /* DEBUG */
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- * The private calls for this type:
- *
- * nssPKIXSubjectDirectoryAttributes_Decode
- * nssPKIXSubjectDirectoryAttributes_Create
- * nssPKIXSubjectDirectoryAttributes_Destroy
- * nssPKIXSubjectDirectoryAttributes_Encode
- * nssPKIXSubjectDirectoryAttributes_GetAttributeCount
- * nssPKIXSubjectDirectoryAttributes_GetAttributes
- * nssPKIXSubjectDirectoryAttributes_SetAttributes
- * nssPKIXSubjectDirectoryAttributes_GetAttribute
- * nssPKIXSubjectDirectoryAttributes_SetAttribute
- * nssPKIXSubjectDirectoryAttributes_InsertAttribute
- * nssPKIXSubjectDirectoryAttributes_AppendAttribute
- * nssPKIXSubjectDirectoryAttributes_RemoveAttribute
- * nssPKIXSubjectDirectoryAttributes_FindAttribute
- * nssPKIXSubjectDirectoryAttributes_Equal
- * nssPKIXSubjectDirectoryAttributes_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXSubjectDirectoryAttributes_verifyPointer
- *
- */
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-nssPKIXSubjectDirectoryAttributes_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-nssPKIXSubjectDirectoryAttributes_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttribute *attribute1,
- ...
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_Destroy
-(
- NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXSubjectDirectoryAttributes_Encode
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_GetAttributeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXSubjectDirectoryAttributes_GetAttributeCount
-(
- NSSPKIXSubjectDirectoryAttributes *sda
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_GetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttribute pointers upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttribute **
-nssPKIXSubjectDirectoryAttributes_GetAttributes
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_SetAttributes
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_SetAttributes
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSAttribute *attributes[],
- PRInt32 count
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_GetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon error
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXSubjectDirectoryAttributes_GetAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_SetAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_SetAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_InsertAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_InsertAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_AppendAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_AppendAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_RemoveAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_RemoveAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- PRInt32 i
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_FindAttribute
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ATTRIBUTE
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXSubjectDirectoryAttributes_FindAttribute
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSPKIXAttribute *attribute
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXSubjectDirectoryAttributes_Equal
-(
- NSSPKIXSubjectDirectoryAttributes *sda1,
- NSSPKIXSubjectDirectoryAttributes *sda2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXSubjectDirectoryAttributes_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXSubjectDirectoryAttributes upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXSubjectDirectoryAttributes *
-nssPKIXSubjectDirectoryAttributes_Duplicate
-(
- NSSPKIXSubjectDirectoryAttributes *sda,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXSubjectDirectoryAttributes_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXSubjectDirectoryAttributes
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_SUBJECT_DIRECTORY_ATTRIBUTES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXSubjectDirectoryAttributes_verifyPointer
-(
- NSSPKIXSubjectDirectoryAttributes *p
-);
-#endif /* DEBUG */
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BasicConstraints ::= SEQUENCE {
- * cA BOOLEAN DEFAULT FALSE,
- * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXBasicConstraints_Decode
- * nssPKIXBasicConstraints_Create
- * nssPKIXBasicConstraints_Destroy
- * nssPKIXBasicConstraints_Encode
- * nssPKIXBasicConstraints_GetCA
- * nssPKIXBasicConstraints_SetCA
- * nssPKIXBasicConstraints_HasPathLenConstraint
- * nssPKIXBasicConstraints_GetPathLenConstraint
- * nssPKIXBasicConstraints_SetPathLenConstraint
- * nssPKIXBasicConstraints_RemovePathLenConstraint
- * nssPKIXBasicConstraints_Equal
- * nssPKIXBasicConstraints_Duplicate
- * nssPKIXBasicConstraints_CompareToPathLenConstraint
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXBasicConstraints_verifyPointer
- *
- */
-
-/*
- * nssPKIXBasicConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-nssPKIXBasicConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXBasicConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-nssPKIXBasicConstraints_Create
-(
- NSSArena *arenaOpt,
- PRBool ca,
- PRInt32 pathLenConstraint
-);
-
-/*
- * nssPKIXBasicConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_Destroy
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * nssPKIXBasicConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXBasicConstraints_Encode
-(
- NSSPKIXBasicConstraints *basicConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXBasicConstraints_GetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the CA bit is true
- * PR_FALSE if it isn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBasicConstraints_GetCA
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBasicConstraints_SetCA
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_SetCA
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRBool ca
-);
-
-/*
- * nssPKIXBasicConstraints_HasPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXBasicConstraints_HasPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBasicConstraints_GetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBasicConstraints_GetPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * nssPKIXBasicConstraints_SetPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_SetPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRInt32 pathLenConstraint
-);
-
-/*
- * nssPKIXBasicConstraints_RemovePathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_RemovePathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints
-);
-
-/*
- * nssPKIXBasicConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXBasicConstraints_Equal
-(
- NSSPKIXBasicConstraints *basicConstraints1,
- NSSPKIXBasicConstraints *basicConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXBasicConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXBasicConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXBasicConstraints *
-nssPKIXBasicConstraints_Duplicate
-(
- NSSPKIXBasicConstraints *basicConstraints,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXBasicConstraints_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXBasicConstraints
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXBasicConstraints_verifyPointer
-(
- NSSPKIXBasicConstraints *p
-);
-#endif /* DEBUG */
-
-/*
- * nssPKIXBasicConstraints_CompareToPathLenConstraint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_BASIC_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PATH_LEN_CONSTRAINT
- *
- * Return value:
- * 1 if the specified value is greater than the pathLenConstraint
- * 0 if the specified value equals the pathLenConstraint
- * -1 if the specified value is less than the pathLenConstraint
- * -2 upon error
- */
-
-NSS_EXTERN PRInt32
-nssPKIXBasicConstraints_CompareToPathLenConstraint
-(
- NSSPKIXBasicConstraints *basicConstraints,
- PRInt32 value
-);
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NameConstraints ::= SEQUENCE {
- * permittedSubtrees [0] GeneralSubtrees OPTIONAL,
- * excludedSubtrees [1] GeneralSubtrees OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXNameConstraints_Decode
- * nssPKIXNameConstraints_Create
- * nssPKIXNameConstraints_Destroy
- * nssPKIXNameConstraints_Encode
- * nssPKIXNameConstraints_HasPermittedSubtrees
- * nssPKIXNameConstraints_GetPermittedSubtrees
- * nssPKIXNameConstraints_SetPermittedSubtrees
- * nssPKIXNameConstraints_RemovePermittedSubtrees
- * nssPKIXNameConstraints_HasExcludedSubtrees
- * nssPKIXNameConstraints_GetExcludedSubtrees
- * nssPKIXNameConstraints_SetExcludedSubtrees
- * nssPKIXNameConstraints_RemoveExcludedSubtrees
- * nssPKIXNameConstraints_Equal
- * nssPKIXNameConstraints_Duplicate
- * { and the comparator functions }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXNameConstraints_verifyPointer
- *
- */
-
-/*
- * nssPKIXNameConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-nssPKIXNameConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXNameConstraints_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-nssPKIXNameConstraints_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralSubtrees *permittedSubtrees,
- NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * nssPKIXNameConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_Destroy
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * nssPKIXNameConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXNameConstraints_Encode
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNameConstraints_HasPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXNameConstraints_HasPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNameConstraints_GetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXNameConstraints_GetPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNameConstraints_SetPermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_SetPermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSPKIXGeneralSubtrees *permittedSubtrees
-);
-
-/*
- * nssPKIXNameConstraints_RemovePermittedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_PERMITTED_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_RemovePermittedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * nssPKIXNameConstraints_HasExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXNameConstraints_HasExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNameConstraints_GetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXNameConstraints_GetExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXNameConstraints_SetExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_SetExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSPKIXGeneralSubtrees *excludedSubtrees
-);
-
-/*
- * nssPKIXNameConstraints_RemoveExcludedSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_HAS_NO_EXCLUDED_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_RemoveExcludedSubtrees
-(
- NSSPKIXNameConstraints *nameConstraints
-);
-
-/*
- * nssPKIXNameConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXNameConstraints_Equal
-(
- NSSPKIXNameConstraints *nameConstraints1,
- NSSPKIXNameConstraints *nameConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXNameConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXNameConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXNameConstraints *
-nssPKIXNameConstraints_Duplicate
-(
- NSSPKIXNameConstraints *nameConstraints,
- NSSArena *arenaOpt
-);
-
-/*
- * { and the comparator functions }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXNameConstraints_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXNameConstraints
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXNameConstraints_verifyPointer
-(
- NSSPKIXNameConstraints *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- * The private calls for this type:
- *
- * nssPKIXGeneralSubtrees_Decode
- * nssPKIXGeneralSubtrees_Create
- * nssPKIXGeneralSubtrees_Destroy
- * nssPKIXGeneralSubtrees_Encode
- * nssPKIXGeneralSubtrees_GetGeneralSubtreeCount
- * nssPKIXGeneralSubtrees_GetGeneralSubtrees
- * nssPKIXGeneralSubtrees_SetGeneralSubtrees
- * nssPKIXGeneralSubtrees_GetGeneralSubtree
- * nssPKIXGeneralSubtrees_SetGeneralSubtree
- * nssPKIXGeneralSubtrees_InsertGeneralSubtree
- * nssPKIXGeneralSubtrees_AppendGeneralSubtree
- * nssPKIXGeneralSubtrees_RemoveGeneralSubtree
- * nssPKIXGeneralSubtrees_FindGeneralSubtree
- * nssPKIXGeneralSubtrees_Equal
- * nssPKIXGeneralSubtrees_Duplicate
- * { and finders and comparators }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXGeneralSubtrees_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralSubtrees_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXGeneralSubtrees_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralSubtrees_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXGeneralSubtrees_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralSubtree *generalSubtree1,
- ...
-);
-
-/*
- * nssPKIXGeneralSubtrees_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_Destroy
-(
- NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * nssPKIXGeneralSubtrees_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralSubtrees_Encode
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_GetGeneralSubtreeCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralSubtrees_GetGeneralSubtreeCount
-(
- NSSPKIXGeneralSubtrees *generalSubtrees
-);
-
-/*
- * nssPKIXGeneralSubtrees_GetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXGeneralSubtree pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree **
-nssPKIXGeneralSubtrees_GetGeneralSubtrees
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_SetGeneralSubtrees
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_SetGeneralSubtrees
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree[],
- PRInt32 count
-);
-
-/*
- * nssPKIXGeneralSubtrees_GetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtrees_GetGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_SetGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_SetGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_InsertGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_InsertGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_AppendGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_AppendGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_RemoveGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_RemoveGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- PRInt32 i
-);
-
-/*
- * nssPKIXGeneralSubtrees_FindGeneralSubtree
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXGeneralSubtrees_FindGeneralSubtree
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtrees_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtrees_Equal
-(
- NSSPKIXGeneralSubtrees *generalSubtrees1,
- NSSPKIXGeneralSubtrees *generalSubtrees2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralSubtrees_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtrees upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtrees *
-nssPKIXGeneralSubtrees_Duplicate
-(
- NSSPKIXGeneralSubtrees *generalSubtrees,
- NSSArena *arenaOpt
-);
-
-/*
- * { and finders and comparators }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralSubtrees_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralSubtrees
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREES
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtrees_verifyPointer
-(
- NSSPKIXGeneralSubtrees *p
-);
-#endif /* DEBUG */
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtree ::= SEQUENCE {
- * base GeneralName,
- * minimum [0] BaseDistance DEFAULT 0,
- * maximum [1] BaseDistance OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXGeneralSubtree_Decode
- * nssPKIXGeneralSubtree_Create
- * nssPKIXGeneralSubtree_Destroy
- * nssPKIXGeneralSubtree_Encode
- * nssPKIXGeneralSubtree_GetBase
- * nssPKIXGeneralSubtree_SetBase
- * nssPKIXGeneralSubtree_GetMinimum
- * nssPKIXGeneralSubtree_SetMinimum
- * nssPKIXGeneralSubtree_HasMaximum
- * nssPKIXGeneralSubtree_GetMaximum
- * nssPKIXGeneralSubtree_SetMaximum
- * nssPKIXGeneralSubtree_RemoveMaximum
- * nssPKIXGeneralSubtree_Equal
- * nssPKIXGeneralSubtree_Duplicate
- * nssPKIXGeneralSubtree_DistanceInRange
- * {other tests and comparators}
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXGeneralSubtree_verifyPointer
- *
- */
-
-/*
- * nssPKIXGeneralSubtree_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtree_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXGeneralSubtree_Create
- *
- * -- fgmr comments --
- * The optional maximum value may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtree_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXBaseDistance minimum,
- NSSPKIXBaseDistance maximumOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_Destroy
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXGeneralSubtree_Encode
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_GetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXGeneralSubtree_GetBase
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_SetBase
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_SetBase
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXGeneralName *base
-);
-
-/*
- * nssPKIXGeneralSubtree_GetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-nssPKIXGeneralSubtree_GetMinimum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_SetMinimum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_SetMinimum
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance *minimum
-);
-
-/*
- * nssPKIXGeneralSubtree_HasMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtree_HasMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_GetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN NSSPKIXBaseDistance
-nssPKIXGeneralSubtree_GetMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_SetMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_SetMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance *maximum
-);
-
-/*
- * nssPKIXGeneralSubtree_RemoveMaximum
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_HAS_NO_MAXIMUM_BASE_DISTANCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_RemoveMaximum
-(
- NSSPKIXGeneralSubtree *generalSubtree
-);
-
-/*
- * nssPKIXGeneralSubtree_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtree_Equal
-(
- NSSPKIXGeneralSubtree *generalSubtree1,
- NSSPKIXGeneralSubtree *generalSubtree2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXGeneralSubtree_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralSubtree upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralSubtree *
-nssPKIXGeneralSubtree_Duplicate
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXGeneralSubtree_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXGeneralSubtree
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXGeneralSubtree_verifyPointer
-(
- NSSPKIXGeneralSubtree *p
-);
-#endif /* DEBUG */
-
-/*
- * nssPKIXGeneralSubtree_DistanceInRange
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_GENERAL_SUBTREE
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_TRUE if the specified value is within the minimum and maximum
- * base distances
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXGeneralSubtree_DistanceInRange
-(
- NSSPKIXGeneralSubtree *generalSubtree,
- NSSPKIXBaseDistance value,
- PRStatus *statusOpt
-);
-
-/*
- * {other tests and comparators}
- *
- */
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyConstraints ::= SEQUENCE {
- * requireExplicitPolicy [0] SkipCerts OPTIONAL,
- * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXPolicyConstraints_Decode
- * nssPKIXPolicyConstraints_Create
- * nssPKIXPolicyConstraints_Destroy
- * nssPKIXPolicyConstraints_Encode
- * nssPKIXPolicyConstraints_HasRequireExplicitPolicy
- * nssPKIXPolicyConstraints_GetRequireExplicitPolicy
- * nssPKIXPolicyConstraints_SetRequireExplicitPolicy
- * nssPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- * nssPKIXPolicyConstraints_HasInhibitPolicyMapping
- * nssPKIXPolicyConstraints_GetInhibitPolicyMapping
- * nssPKIXPolicyConstraints_SetInhibitPolicyMapping
- * nssPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- * nssPKIXPolicyConstraints_Equal
- * nssPKIXPolicyConstraints_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXPolicyConstraints_verifyPointer
- *
- */
-
-/*
- * nssPKIXPolicyConstraints_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-nssPKIXPolicyConstraints_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXPolicyConstraints_Create
- *
- * -- fgmr comments --
- * The optional values may be omitted by specifying -1.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-nssPKIXPolicyConstraints_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXSkipCerts requireExplicitPolicy,
- NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * nssPKIXPolicyConstraints_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_Destroy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXPolicyConstraints_Encode
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXPolicyConstraints_HasRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyConstraints_HasRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_GetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyConstraints_GetRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_SetRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_SetRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSPKIXSkipCerts requireExplicitPolicy
-);
-
-/*
- * nssPKIXPolicyConstraints_RemoveRequireExplicitPolicy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_REQUIRE_EXPLICIT_POLICY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_RemoveRequireExplicitPolicy
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_HasInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyConstraints_HasInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_GetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXPolicyConstraints_GetInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_SetInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_INVALID_VALUE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_SetInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSPKIXSkipCerts inhibitPolicyMapping
-);
-
-/*
- * nssPKIXPolicyConstraints_RemoveInhibitPolicyMapping
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_HAS_NO_INHIBIT_POLICY_MAPPING
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_RemoveInhibitPolicyMapping
-(
- NSSPKIXPolicyConstraints *policyConstraints
-);
-
-/*
- * nssPKIXPolicyConstraints_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXPolicyConstraints_Equal
-(
- NSSPKIXPolicyConstraints *policyConstraints1,
- NSSPKIXPolicyConstraints *policyConstraints2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXPolicyConstraints_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXPolicyConstraints upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXPolicyConstraints *
-nssPKIXPolicyConstraints_Duplicate
-(
- NSSPKIXPolicyConstraints *policyConstraints,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXPolicyConstraints_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXPolicyConstraints
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_POLICY_CONSTRAINTS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXPolicyConstraints_verifyPointer
-(
- NSSPKIXPolicyConstraints *p
-);
-#endif /* DEBUG */
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- * The private calls for this type:
- *
- * nssPKIXCRLDistPointsSyntax_Decode
- * nssPKIXCRLDistPointsSyntax_Create
- * nssPKIXCRLDistPointsSyntax_Destroy
- * nssPKIXCRLDistPointsSyntax_Encode
- * nssPKIXCRLDistPointsSyntax_GetDistributionPointCount
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoints
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoints
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoint
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoint
- * nssPKIXCRLDistPointsSyntax_InsertDistributionPoint
- * nssPKIXCRLDistPointsSyntax_AppendDistributionPoint
- * nssPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- * nssPKIXCRLDistPointsSyntax_FindDistributionPoint
- * nssPKIXCRLDistPointsSyntax_Equal
- * nssPKIXCRLDistPointsSyntax_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXCRLDistPointsSyntax_verifyPointer
- *
- */
-
-/*
- * nssPKIXCRLDistPointsSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-nssPKIXCRLDistPointsSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-nssPKIXCRLDistPointsSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPoint *distributionPoint1,
- ...
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_Destroy
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXCRLDistPointsSyntax_Encode
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_GetDistributionPointCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCRLDistPointsSyntax_GetDistributionPointCount
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXDistributionPoint pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoints **
-nssPKIXCRLDistPointsSyntax_GetDistributionPoints
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSDistributionPoint *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoints
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_SetDistributionPoints
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSDistributionPoint *distributionPoint[]
- PRInt32 count
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXCRLDistPointsSyntax_GetDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_SetDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_InsertDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_InsertDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_AppendDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_AppendDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_RemoveDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- PRInt32 i
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_FindDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXCRLDistPointsSyntax_FindDistributionPoint
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXCRLDistPointsSyntax_Equal
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax1,
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXCRLDistPointsSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXCRLDistPointsSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXCRLDistPointsSyntax *
-nssPKIXCRLDistPointsSyntax_Duplicate
-(
- NSSPKIXCRLDistPointsSyntax *crlDistPointsSyntax,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXCRLDistPointsSyntax_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXCRLDistPointsSyntax
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_CRL_DIST_POINTS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXCRLDistPointsSyntax_verifyPointer
-(
- NSSPKIXCRLDistPointsSyntax *p
-);
-#endif /* DEBUG */
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * reasons [1] ReasonFlags OPTIONAL,
- * cRLIssuer [2] GeneralNames OPTIONAL }
- *
- * The private calls for this type:
- *
- * nssPKIXDistributionPoint_Decode
- * nssPKIXDistributionPoint_Create
- * nssPKIXDistributionPoint_Destroy
- * nssPKIXDistributionPoint_Encode
- * nssPKIXDistributionPoint_HasDistributionPoint
- * nssPKIXDistributionPoint_GetDistributionPoint
- * nssPKIXDistributionPoint_SetDistributionPoint
- * nssPKIXDistributionPoint_RemoveDistributionPoint
- * nssPKIXDistributionPoint_HasReasons
- * nssPKIXDistributionPoint_GetReasons
- * nssPKIXDistributionPoint_SetReasons
- * nssPKIXDistributionPoint_RemoveReasons
- * nssPKIXDistributionPoint_HasCRLIssuer
- * nssPKIXDistributionPoint_GetCRLIssuer
- * nssPKIXDistributionPoint_SetCRLIssuer
- * nssPKIXDistributionPoint_RemoveCRLIssuer
- * nssPKIXDistributionPoint_Equal
- * nssPKIXDistributionPoint_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXDistributionPoint_verifyPointer
- *
- */
-
-/*
- * nssPKIXDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXDistributionPoint_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXDistributionPoint_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointName *distributionPoint,
- NSSPKIXReasonFlags reasons,
- NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * nssPKIXDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_Destroy
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDistributionPoint_Encode
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_HasDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPoint_GetDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_SetDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXDistributionPointName *name
-);
-
-/*
- * nssPKIXDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_RemoveDistributionPoint
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_HasReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_HasReasons
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_GetReasons
- *
- * It is unlikely that the reason flags are all zero; so zero is
- * returned in error situations.
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_REASONS
- *
- * Return value:
- * A valid nonzero NSSPKIXReasonFlags value upon success
- * A valid zero NSSPKIXReasonFlags if the value is indeed zero
- * Zero upon error
- */
-
-NSS_EXTERN NSSPKIXReasonFlags
-nssPKIXDistributionPoint_GetReasons
-(
- NSSPKIXDistributionPoint *distributionPoint,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXDistributionPoint_SetReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_SetReasons
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXReasonFlags reasons
-);
-
-/*
- * nssPKIXDistributionPoint_RemoveReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_REASONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_RemoveReasons
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_HasCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_HasCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_GetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_CRL_ISSUER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralNames *
-nssPKIXDistributionPoint_GetCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPoint_SetCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_SetCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSPKIXGeneralNames *cRLIssuer
-);
-
-/*
- * nssPKIXDistributionPoint_RemoveCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_CRL_ISSUER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_RemoveCRLIssuer
-(
- NSSPKIXDistributionPoint *distributionPoint
-);
-
-/*
- * nssPKIXDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPoint_Equal
-(
- NSSPKIXDistributionPoint *distributionPoint1,
- NSSPKIXDistributionPoint *distributionPoint2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPoint *
-nssPKIXDistributionPoint_Duplicate
-(
- NSSPKIXDistributionPoint *distributionPoint,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXDistributionPoint_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXDistributionPoint
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPoint_verifyPointer
-(
- NSSPKIXDistributionPoint *p
-);
-#endif /* DEBUG */
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPointName ::= CHOICE {
- * fullName [0] GeneralNames,
- * nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
- *
- * The private calls for this type:
- *
- * nssPKIXDistributionPointName_Decode
- * nssPKIXDistributionPointName_Create
- * nssPKIXDistributionPointName_CreateFromFullName
- * nssPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- * nssPKIXDistributionPointName_Destroy
- * nssPKIXDistributionPointName_Encode
- * nssPKIXDistributionPointName_GetChoice
- * nssPKIXDistributionPointName_GetFullName
- * nssPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- * nssPKIXDistributionPointName_Equal
- * nssPKIXDistributionPointName_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXDistributionPointName_verifyPointer
- *
- */
-
-/*
- * nssPKIXDistributionPointName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXDistributionPointName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME_CHOICE
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointNameChoice which,
- void *name
-);
-
-/*
- * nssPKIXDistributionPointName_CreateFromFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAMES
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_CreateFromFullName
-(
- NSSArena *arenaOpt,
- NSSPKIXGeneralNames *fullName
-);
-
-/*
- * nssPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RELATIVE_DISTINGUISHED_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_CreateFromNameRelativeToCRLIssuer
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *nameRelativeToCRLIssuer
-);
-
-/*
- * nssPKIXDistributionPointName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPointName_Destroy
-(
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * nssPKIXDistributionPointName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXDistributionPointName_Encode
-(
- NSSPKIXDistributionPointName *dpn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPointName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * A valid NSSPKIXDistributionPointNameChoice value upon success
- * NSSPKIXDistributionPointNameChoice_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointNameChoice
-nssPKIXDistributionPointName_GetChoice
-(
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * nssPKIXDistributionPointName_GetFullName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralNames upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralnames *
-nssPKIXDistributionPointName_GetFullName
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPointName_GetNameRelativeToCRLIssuer
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_WRONG_CHOICE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nssPKIXDistributionPointName_GetNameRelativeToCRLIssuer
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXDistributionPointName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXDistributionPointName_Equal
-(
- NSSPKIXDistributionPointName *dpn1,
- NSSPKIXDistributionPointName *dpn2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXDistributionPointName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXDistributionPointName_Duplicate
-(
- NSSPKIXDistributionPointName *dpn,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXDistributionPointName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXDistributionPointName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXDistributionPointName_verifyPointer
-(
- NSSPKIXDistributionPointName *p
-);
-#endif /* DEBUG */
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ReasonFlags ::= BIT STRING {
- * unused (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6) }
- *
- * The private calls for this type:
- *
- * nssPKIXReasonFlags_Decode
- * nssPKIXReasonFlags_Create
- * nssPKIXReasonFlags_CreateFromMask
- * nssPKIXReasonFlags_Destroy
- * nssPKIXReasonFlags_Encode
- * nssPKIXReasonFlags_GetMask
- * nssPKIXReasonFlags_SetMask
- * nssPKIXReasonFlags_Equal
- * nssPKIXReasonFlags_Duplicate
- * { bitwise accessors? }
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXReasonFlags_verifyPointer
- *
- */
-
-/*
- * nssPKIXReasonFlags_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXReasonFlags_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_Create
-(
- NSSArena *arenaOpt,
- PRBool keyCompromise,
- PRBool cACompromise,
- PRBool affiliationChanged,
- PRBool superseded,
- PRBool cessationOfOperation,
- PRBool certificateHold
-);
-
-/*
- * nssPKIXReasonFlags_CreateFromMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_CreateFromMask
-(
- NSSArena *arenaOpt,
- NSSPKIXReasonFlagsMask why
-);
-
-/*
- * nssPKIXReasonFlags_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXReasonFlags_Destroy
-(
- NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * nssPKIXReasonFlags_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXReasonFlags_Encode
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXReasonFlags_GetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * A valid mask of NSSPKIXReasonFlagsMask values upon success
- * NSSPKIXReasonFlagsMask_NSSinvalid upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlagsMask
-nssPKIXReasonFlags_GetMask
-(
- NSSPKIXReasonFlags *reasonFlags
-);
-
-/*
- * nssPKIXReasonFlags_SetMask
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS_MASK
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXReasonFlags_SetMask
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSPKIXReasonFlagsMask mask
-);
-
-/*
- * nssPKIXReasonFlags_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXReasonFlags_Equal
-(
- NSSPKIXReasonFlags *reasonFlags1,
- NSSPKIXReasonFlags *reasonFlags2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXReasonFlags_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXReasonFlags_Duplicate
-(
- NSSPKIXReasonFlags *reasonFlags,
- NSSArena *arenaOpt
-);
-
-/*
- * { bitwise accessors? }
- *
- */
-
-#ifdef DEBUG
-/*
- * nssPKIXReasonFlags_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXReasonFlags
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXReasonFlags_verifyPointer
-(
- NSSPKIXReasonFlags *p
-);
-#endif /* DEBUG */
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- * The private calls for this type:
- *
- * nssPKIXExtKeyUsageSyntax_Decode
- * nssPKIXExtKeyUsageSyntax_Create
- * nssPKIXExtKeyUsageSyntax_Destroy
- * nssPKIXExtKeyUsageSyntax_Encode
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_FindKeyPurposeId
- * nssPKIXExtKeyUsageSyntax_Equal
- * nssPKIXExtKeyUsageSyntax_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXExtKeyUsageSyntax_verifyPointer
- *
- */
-
-/*
- * nssPKIXExtKeyUsageSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-nssPKIXExtKeyUsageSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-nssPKIXExtKeyUsageSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXKeyPurposeId *kpid1,
- ...
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_Destroy
-(
- NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXExtKeyUsageSyntax_Encode
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtKeyUsageSyntax_GetKeyPurposeIdCount
-(
- NSSPKIXExtKeyUsageSyntax *eku
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXKeyPurposeId pointers upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId **
-nssPKIXExtKeyUsageSyntax_GetKeyPurposeIds
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeIds
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_SetKeyPurposeIds
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *ids[],
- PRInt32 count
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_GetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXKeyPurposeId upon success
- * NULL upon error
- */
-
-NSS_EXTERN NSSPKIXKeyPurposeId *
-nssPKIXExtKeyUsageSyntax_GetKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_SetKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_SetKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_InsertKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_InsertKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_AppendKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_AppendKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_RemoveKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- PRInt32 i
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_FindKeyPurposeId
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_PKIX_KEY_PURPOSE_ID
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified key purpose id upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXExtKeyUsageSyntax_FindKeyPurposeId
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSPKIXKeyPurposeId *id
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXExtKeyUsageSyntax_Equal
-(
- NSSPKIXExtKeyUsageSyntax *eku1,
- NSSPKIXExtKeyUsageSyntax *eku2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXExtKeyUsageSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXExtKeyUsageSyntax upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXExtKeyUsageSyntax *
-nssPKIXExtKeyUsageSyntax_Duplicate
-(
- NSSPKIXExtKeyUsageSyntax *eku,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXExtKeyUsageSyntax_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXExtKeyUsageSyntax
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_EXT_KEY_USAGE_SYNTAX
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXExtKeyUsageSyntax_verifyPointer
-(
- NSSPKIXExtKeyUsageSyntax *p
-);
-#endif /* DEBUG */
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityInfoAccessSyntax ::=
- * SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- * The private calls for this type:
- *
- * nssPKIXAuthorityInfoAccessSyntax_Decode
- * nssPKIXAuthorityInfoAccessSyntax_Create
- * nssPKIXAuthorityInfoAccessSyntax_Destroy
- * nssPKIXAuthorityInfoAccessSyntax_Encode
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- * nssPKIXAuthorityInfoAccessSyntax_Equal
- * nssPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAuthorityInfoAccessSyntax_verifyPointer
- *
- */
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-nssPKIXAuthorityInfoAccessSyntax_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-nssPKIXAuthorityInfoAccessSyntax_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAccessDescription *ad1,
- ...
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_Destroy
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAuthorityInfoAccessSyntax_Encode
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptionCount
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAccessDescription pointers
- * upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription **
-nssPKIXAuthorityInfoAccessSyntax_GetAccessDescriptions
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_SetAccessDescriptions
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad[],
- PRInt32 count
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_GetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAuthorityInfoAccessSyntax_GetAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_SetAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_SetAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_InsertAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_AppendAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_RemoveAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- PRInt32 i
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_FindAccessDescription
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified policy mapping upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-nssPKIXAuthorityInfoAccessSyntax_FindAccessDescription
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAuthorityInfoAccessSyntax_Equal
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias1,
- NSSPKIXAuthorityInfoAccessSyntax *aias2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAuthorityInfoAccessSyntax_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAuthorityInfoAccessSyntax upon
- * success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAuthorityInfoAccessSyntax *
-nssPKIXAuthorityInfoAccessSyntax_Duplicate
-(
- NSSPKIXAuthorityInfoAccessSyntax *aias,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAuthorityInfoAccessSyntax_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAuthorityInfoAccessSyntax
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_AUTHORITY_INFO_ACCESS_SYNTAX
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAuthorityInfoAccessSyntax_verifyPointer
-(
- NSSPKIXAuthorityInfoAccessSyntax *p
-);
-#endif /* DEBUG */
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AccessDescription ::= SEQUENCE {
- * accessMethod OBJECT IDENTIFIER,
- * accessLocation GeneralName }
- *
- * The private calls for this type:
- *
- * nssPKIXAccessDescription_Decode
- * nssPKIXAccessDescription_Create
- * nssPKIXAccessDescription_Destroy
- * nssPKIXAccessDescription_Encode
- * nssPKIXAccessDescription_GetAccessMethod
- * nssPKIXAccessDescription_SetAccessMethod
- * nssPKIXAccessDescription_GetAccessLocation
- * nssPKIXAccessDescription_SetAccessLocation
- * nssPKIXAccessDescription_Equal
- * nssPKIXAccessDescription_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXAccessDescription_verifyPointer
- *
- */
-
-/*
- * nssPKIXAccessDescription_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAccessDescription_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXAccessDescription_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAccessDescription_Create
-(
- NSSArena *arenaOpt,
- NSSOID *accessMethod,
- NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * nssPKIXAccessDescription_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_Destroy
-(
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAccessDescription_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAccessDescription_Encode
-(
- NSSPKIXAccessDescription *ad,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAccessDescription_GetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSOID *
-nssPKIXAccessDescription_GetAccessMethod
-(
- NSSPKIXAccessDescription *ad
-);
-
-/*
- * nssPKIXAccessDescription_SetAccessMethod
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_SetAccessMethod
-(
- NSSPKIXAccessDescription *ad,
- NSSOID *accessMethod
-);
-
-/*
- * nssPKIXAccessDescription_GetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXGeneralName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXGeneralName *
-nssPKIXAccessDescription_GetAccessLocation
-(
- NSSPKIXAccessDescription *ad,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXAccessDescription_SetAccessLocation
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_INVALID_PKIX_GENERAL_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_SetAccessLocation
-(
- NSSPKIXAccessDescription *ad,
- NSSPKIXGeneralName *accessLocation
-);
-
-/*
- * nssPKIXAccessDescription_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXAccessDescription_Equal
-(
- NSSPKIXAccessDescription *ad1,
- NSSPKIXAccessDescription *ad2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXAccessDescription_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAccessDescription upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAccessDescription *
-nssPKIXAccessDescription_Duplicate
-(
- NSSPKIXAccessDescription *ad,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXAccessDescription_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAccessDescription
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ACCESS_DESCRIPTION
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAccessDescription_verifyPointer
-(
- NSSPKIXAccessDescription *p
-);
-#endif /* DEBUG */
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuingDistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
- * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
- * onlySomeReasons [3] ReasonFlags OPTIONAL,
- * indirectCRL [4] BOOLEAN DEFAULT FALSE }
- *
- * The private calls for this type:
- *
- * nssPKIXIssuingDistributionPoint_Decode
- * nssPKIXIssuingDistributionPoint_Create
- * nssPKIXIssuingDistributionPoint_Destroy
- * nssPKIXIssuingDistributionPoint_Encode
- * nssPKIXIssuingDistributionPoint_HasDistributionPoint
- * nssPKIXIssuingDistributionPoint_GetDistributionPoint
- * nssPKIXIssuingDistributionPoint_SetDistributionPoint
- * nssPKIXIssuingDistributionPoint_RemoveDistributionPoint
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- * nssPKIXIssuingDistributionPoint_HasOnlySomeReasons
- * nssPKIXIssuingDistributionPoint_GetOnlySomeReasons
- * nssPKIXIssuingDistributionPoint_SetOnlySomeReasons
- * nssPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- * nssPKIXIssuingDistributionPoint_GetIndirectCRL
- * nssPKIXIssuingDistributionPoint_SetIndirectCRL
- * nssPKIXIssuingDistributionPoint_Equal
- * nssPKIXIssuingDistributionPoint_Duplicate
- *
- * In debug builds, the following call is available:
- *
- * nssPKIXIssuingDistributionPoint_verifyPointer
- *
- */
-
-/*
- * nssPKIXIssuingDistributionPoint_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-nssPKIXIssuingDistributionPoint_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-nssPKIXIssuingDistributionPoint_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXDistributionPointName *distributionPointOpt,
- PRBool onlyContainsUserCerts,
- PRBool onlyContainsCACerts,
- NSSPKIXReasonFlags *onlySomeReasons
- PRBool indirectCRL
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_Destroy
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXIssuingDistributionPoint_Encode
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_HasDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_HasDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXDistributionPointName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXDistributionPointName *
-nssPKIXIssuingDistributionPoint_GetDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_DISTRIBUTION_POINT_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSPKIXDistributionPointName *dpn
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_RemoveDistributionPoint
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_RemoveDistributionPoint
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the onlyContainsUserCerts value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_GetOnlyContainsUserCerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetOnlyContainsUserCerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool onlyContainsUserCerts
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the onlyContainsCACerts value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_GetOnlyContainsCACerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetOnlyContainsCACerts
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool onlyContainsCACerts
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_HasOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if it has one
- * PR_FALSE if it doesn't
- * PR_FALSE upon failure
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_HasOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXReasonFlags upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXReasonFlags *
-nssPKIXIssuingDistributionPoint_GetOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_INVALID_PKIX_REASON_FLAGS
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSPKIXReasonFlags *onlySomeReasons
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_HAS_NO_ONLY_SOME_REASONS
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_RemoveOnlySomeReasons
-(
- NSSPKIXIssuingDistributionPoint *idp
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_GetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the indirectCRL value is true
- * PR_FALSE if it isn't
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_GetIndirectCRL
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_SetIndirectCRL
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_SetIndirectCRL
-(
- NSSPKIXIssuingDistributionPoint *idp,
- PRBool indirectCRL
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-nssPKIXIssuingDistributionPoint_Equal
-(
- NSSPKIXIssuingDistributionPoint *idp1,
- NSSPKIXIssuingDistributionPoint *idp2,
- PRStatus *statusOpt
-);
-
-/*
- * nssPKIXIssuingDistributionPoint_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXIssuingDistributionPoint upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXIssuingDistributionPoint *
-nssPKIXIssuingDistributionPoint_Duplicate
-(
- NSSPKIXIssuingDistributionPoint *idp,
- NSSArena *arenaOpt
-);
-
-#ifdef DEBUG
-/*
- * nssPKIXIssuingDistributionPoint_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXIssuingDistributionPoint
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ISSUING_DISTRIBUTION_POINT
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_EXTERN PRStatus
-nssPKIXIssuingDistributionPoint_verifyPointer
-(
- NSSPKIXIssuingDistributionPoint *p
-);
-#endif /* DEBUG */
-
-PR_END_EXTERN_C
-
-#endif /* NSSPKIX_H */
diff --git a/security/nss/lib/pkix/include/pkixm.h b/security/nss/lib/pkix/include/pkixm.h
deleted file mode 100644
index c273848b5..000000000
--- a/security/nss/lib/pkix/include/pkixm.h
+++ /dev/null
@@ -1,969 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIXM_H
-#define PKIXM_H
-
-#ifdef DEBUG
-static const char PKIXM_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkixm.h
- *
- * This file contains the private type definitions for the
- * PKIX part-1 objects. Mostly, this file contains the actual
- * structure definitions for the NSSPKIX types declared in nsspkixt.h.
- */
-
-#ifndef PKIXTM_H
-#include "pkixtm.h"
-#endif /* PKIXTM_H */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * nss_pkix_Attribute_v_create
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nss_pkix_Attribute_v_create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- va_list ap
-);
-
-#ifdef DEBUG
-
-/*
- * nss_pkix_Attribute_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAttribute pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_Attribute_add_pointer
-(
- const NSSPKIXAttribute *p
-);
-
-/*
- * nss_pkix_Attribute_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXAttribute
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_Attribute_remove_pointer
-(
- const NSSPKIXAttribute *p
-);
-
-#endif /* DEBUG */
-
-
-#ifdef DEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_AttributeTypeAndValue_add_pointer
-(
- const NSSPKIXAttributeTypeAndValue *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AttributeTypeAndValue_remove_pointer
-(
- const NSSPKIXAttributeTypeAndValue *p
-);
-
-#endif /* DEBUG */
-
-/*
- * nss_pkix_X520Name_DoUTF8
- *
- */
-
-NSS_EXTERN PR_STATUS
-nss_pkix_X520Name_DoUTF8
-(
- NSSPKIXX520Name *name
-);
-
-#ifdef DEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_X520Name_add_pointer
-(
- const NSSPKIXX520Name *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_X520Name_remove_pointer
-(
- const NSSPKIXX520Name *p
-);
-
-#endif /* DEBUG */
-
-/*
- * nss_pkix_X520CommonName_DoUTF8
- *
- */
-
-NSS_EXTERN PR_STATUS
-nss_pkix_X520CommonName_DoUTF8
-(
- NSSPKIXX520CommonName *name
-);
-
-#ifdef DEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_X520CommonName_add_pointer
-(
- const NSSPKIXX520CommonName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_X520CommonName_remove_pointer
-(
- const NSSPKIXX520CommonName *p
-);
-
-
-NSS_EXTERN PRStatus
-nss_pkix_Name_add_pointer
-(
- const NSSPKIXName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Name_remove_pointer
-(
- const NSSPKIXName *p
-);
-
-/*
- * nss_pkix_RDNSequence_v_create
- */
-
-NSS_EXTERN NSSPKIXRDNSequence *
-nss_pkix_RDNSequence_v_create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- va_list ap
-);
-
-/*
- * nss_pkix_RDNSequence_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_Clear
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-#ifdef DEBUG
-
-#ifdef NSSDEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_register
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_deregister
-(
- NSSPKIXRDNSequence *rdnseq
-);
-
-#endif /* NSSDEBUG */
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_add_pointer
-(
- const NSSPKIXRDNSequence *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RDNSequence_remove_pointer
-(
- const NSSPKIXRDNSequence *p
-);
-
-#endif /* DEBUG */
-
-/*
- * nss_pkix_RelativeDistinguishedName_v_create
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nss_pkix_RelativeDistinguishedName_V_Create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- va_list ap
-);
-
-/*
- * nss_pkix_RelativeDistinguishedName_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_Clear
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-#ifdef DEBUG
-
-#ifdef NSSDEBUG
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_register
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_deregister
-(
- NSSPKIXRelativeDistinguishedName *rdn
-);
-
-#endif /* NSSDEBUG */
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_add_pointer
-(
- const NSSPKIXRelativeDistinguishedName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_RelativeDistinguishedName_remove_pointer
-(
- const NSSPKIXRelativeDistinguishedName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Certificate_add_pointer
-(
- const NSSPKIXCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Certificate_remove_pointer
-(
- const NSSPKIXCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertificate_add_pointer
-(
- const NSSPKIXTBSCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertificate_remove_pointer
-(
- const NSSPKIXTBSCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Validity_add_pointer
-(
- const NSSPKIXValidity *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_Validity_remove_pointer
-(
- const NSSPKIXValidity *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectPublicKeyInfo_add_pointer
-(
- const NSSPKIXSubjectPublicKeyInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectPublicKeyInfo_remove_pointer
-(
- const NSSPKIXSubjectPublicKeyInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificateList_add_pointer
-(
- const NSSPKIXCertificateList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificateList_remove_pointer
-(
- const NSSPKIXCertificateList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertList_add_pointer
-(
- const NSSPKIXTBSCertList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TBSCertList_remove_pointer
-(
- const NSSPKIXTBSCertList *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificates_add_pointer
-(
- const NSSPKIXrevokedCertificates *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificates_remove_pointer
-(
- const NSSPKIXrevokedCertificates *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificate_add_pointer
-(
- const NSSPKIXrevokedCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_revokedCertificate_remove_pointer
-(
- const NSSPKIXrevokedCertificate *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AlgorithmIdentifier_add_pointer
-(
- const NSSPKIXAlgorithmIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AlgorithmIdentifier_remove_pointer
-(
- const NSSPKIXAlgorithmIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ORAddress_add_pointer
-(
- const NSSPKIXORAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ORAddress_remove_pointer
-(
- const NSSPKIXORAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInStandardAttributes_add_pointer
-(
- const NSSPKIXBuiltInStandardAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInStandardAttributes_remove_pointer
-(
- const NSSPKIXBuiltInStandardAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PersonalName_add_pointer
-(
- const NSSPKIXPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PersonalName_remove_pointer
-(
- const NSSPKIXPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_OrganizationalUnitNames_add_pointer
-(
- const NSSPKIXOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_OrganizationalUnitNames_remove_pointer
-(
- const NSSPKIXOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttributes_add_pointer
-(
- const NSSPKIXBuiltInDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttributes_remove_pointer
-(
- const NSSPKIXBuiltInDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttribute_add_pointer
-(
- const NSSPKIXBuiltInDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BuiltInDomainDefinedAttribute_remove_pointer
-(
- const NSSPKIXBuiltInDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttributes_add_pointer
-(
- const NSSPKIXExtensionAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttributes_remove_pointer
-(
- const NSSPKIXExtensionAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttribute_add_pointer
-(
- const NSSPKIXExtensionAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtensionAttribute_remove_pointer
-(
- const NSSPKIXExtensionAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexPersonalName_add_pointer
-(
- const NSSPKIXTeletexPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexPersonalName_remove_pointer
-(
- const NSSPKIXTeletexPersonalName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexOrganizationalUnitNames_add_pointer
-(
- const NSSPKIXTeletexOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexOrganizationalUnitNames_remove_pointer
-(
- const NSSPKIXTeletexOrganizationalUnitNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PDSParameter_add_pointer
-(
- const NSSPKIXPDSParameter *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PDSParameter_remove_pointer
-(
- const NSSPKIXPDSParameter *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtendedNetworkAddress_add_pointer
-(
- const NSSPKIXExtendedNetworkAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtendedNetworkAddress_remove_pointer
-(
- const NSSPKIXExtendedNetworkAddress *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_e1634Address_add_pointer
-(
- const NSSPKIXe1634Address *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_e1634Address_remove_pointer
-(
- const NSSPKIXe1634Address *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttributes_add_pointer
-(
- const NSSPKIXTeletexDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttributes_remove_pointer
-(
- const NSSPKIXTeletexDomainDefinedAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttribute_add_pointer
-(
- const NSSPKIXTeletexDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_TeletexDomainDefinedAttribute_remove_pointer
-(
- const NSSPKIXTeletexDomainDefinedAttribute *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityKeyIdentifier_add_pointer
-(
- const NSSPKIXAuthorityKeyIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityKeyIdentifier_remove_pointer
-(
- const NSSPKIXAuthorityKeyIdentifier *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_KeyUsage_add_pointer
-(
- const NSSPKIXKeyUsage *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_KeyUsage_remove_pointer
-(
- const NSSPKIXKeyUsage *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PrivateKeyUsagePeriod_add_pointer
-(
- const NSSPKIXPrivateKeyUsagePeriod *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PrivateKeyUsagePeriod_remove_pointer
-(
- const NSSPKIXPrivateKeyUsagePeriod *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificatePolicies_add_pointer
-(
- const NSSPKIXCertificatePolicies *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CertificatePolicies_remove_pointer
-(
- const NSSPKIXCertificatePolicies *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyInformation_add_pointer
-(
- const NSSPKIXPolicyInformation *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyInformation_remove_pointer
-(
- const NSSPKIXPolicyInformation *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyQualifierInfo_add_pointer
-(
- const NSSPKIXPolicyQualifierInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyQualifierInfo_remove_pointer
-(
- const NSSPKIXPolicyQualifierInfo *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_UserNotice_add_pointer
-(
- const NSSPKIXUserNotice *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_UserNotice_remove_pointer
-(
- const NSSPKIXUserNotice *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NoticeReference_add_pointer
-(
- const NSSPKIXNoticeReference *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NoticeReference_remove_pointer
-(
- const NSSPKIXNoticeReference *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyMappings_add_pointer
-(
- const NSSPKIXPolicyMappings *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyMappings_remove_pointer
-(
- const NSSPKIXPolicyMappings *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_policyMapping_add_pointer
-(
- const NSSPKIXpolicyMapping *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_policyMapping_remove_pointer
-(
- const NSSPKIXpolicyMapping *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralName_add_pointer
-(
- const NSSPKIXGeneralName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralName_remove_pointer
-(
- const NSSPKIXGeneralName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralNames_add_pointer
-(
- const NSSPKIXGeneralNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralNames_remove_pointer
-(
- const NSSPKIXGeneralNames *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AnotherName_add_pointer
-(
- const NSSPKIXAnotherName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AnotherName_remove_pointer
-(
- const NSSPKIXAnotherName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_EDIPartyName_add_pointer
-(
- const NSSPKIXEDIPartyName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_EDIPartyName_remove_pointer
-(
- const NSSPKIXEDIPartyName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectDirectoryAttributes_add_pointer
-(
- const NSSPKIXSubjectDirectoryAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_SubjectDirectoryAttributes_remove_pointer
-(
- const NSSPKIXSubjectDirectoryAttributes *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BasicConstraints_add_pointer
-(
- const NSSPKIXBasicConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_BasicConstraints_remove_pointer
-(
- const NSSPKIXBasicConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NameConstraints_add_pointer
-(
- const NSSPKIXNameConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_NameConstraints_remove_pointer
-(
- const NSSPKIXNameConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtrees_add_pointer
-(
- const NSSPKIXGeneralSubtrees *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtrees_remove_pointer
-(
- const NSSPKIXGeneralSubtrees *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtree_add_pointer
-(
- const NSSPKIXGeneralSubtree *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_GeneralSubtree_remove_pointer
-(
- const NSSPKIXGeneralSubtree *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyConstraints_add_pointer
-(
- const NSSPKIXPolicyConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_PolicyConstraints_remove_pointer
-(
- const NSSPKIXPolicyConstraints *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CRLDistPointsSyntax_add_pointer
-(
- const NSSPKIXCRLDistPointsSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_CRLDistPointsSyntax_remove_pointer
-(
- const NSSPKIXCRLDistPointsSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPoint_add_pointer
-(
- const NSSPKIXDistributionPoint *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPoint_remove_pointer
-(
- const NSSPKIXDistributionPoint *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPointName_add_pointer
-(
- const NSSPKIXDistributionPointName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_DistributionPointName_remove_pointer
-(
- const NSSPKIXDistributionPointName *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ReasonFlags_add_pointer
-(
- const NSSPKIXReasonFlags *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ReasonFlags_remove_pointer
-(
- const NSSPKIXReasonFlags *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtKeyUsageSyntax_add_pointer
-(
- const NSSPKIXExtKeyUsageSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_ExtKeyUsageSyntax_remove_pointer
-(
- const NSSPKIXExtKeyUsageSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityInfoAccessSyntax_add_pointer
-(
- const NSSPKIXAuthorityInfoAccessSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AuthorityInfoAccessSyntax_remove_pointer
-(
- const NSSPKIXAuthorityInfoAccessSyntax *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AccessDescription_add_pointer
-(
- const NSSPKIXAccessDescription *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_AccessDescription_remove_pointer
-(
- const NSSPKIXAccessDescription *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_IssuingDistributionPoint_add_pointer
-(
- const NSSPKIXIssuingDistributionPoint *p
-);
-
-NSS_EXTERN PRStatus
-nss_pkix_IssuingDistributionPoint_remove_pointer
-(
- const NSSPKIXIssuingDistributionPoint *p
-);
-
-#endif /* DEBUG */
-
-PR_END_EXTERN_C
-
-#endif /* PKIXM_H */
diff --git a/security/nss/lib/pkix/include/pkixt.h b/security/nss/lib/pkix/include/pkixt.h
deleted file mode 100644
index b620cfb8c..000000000
--- a/security/nss/lib/pkix/include/pkixt.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIXT_H
-#define PKIXT_H
-
-#ifdef DEBUG
-static const char PKIXT_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkixt.h
- *
- * This file contains the private type definitions for the
- * PKIX part-1 objects. Mostly, this file contains the actual
- * structure definitions for the NSSPKIX types declared in nsspkixt.h.
- */
-
-#ifndef NSSPKIXT_H
-#include "nsspkixt.h"
-#endif /* NSSPKIXT_H */
-
-PR_BEGIN_EXTERN_C
-
-PR_END_EXTERN_C
-
-#endif /* PKIXT_H */
diff --git a/security/nss/lib/pkix/include/pkixtm.h b/security/nss/lib/pkix/include/pkixtm.h
deleted file mode 100644
index 1a9e57af0..000000000
--- a/security/nss/lib/pkix/include/pkixtm.h
+++ /dev/null
@@ -1,1581 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef PKIXTM_H
-#define PKIXTM_H
-
-#ifdef DEBUG
-static const char PKIXTM_CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkixtm.h
- *
- * This file contains the module-private type definitions for the
- * PKIX part-1 objects. Mostly, this file contains the actual
- * structure definitions for the NSSPKIX types declared in nsspkixt.h.
- */
-
-#ifndef NSSPKIXT_H
-#include "nsspkixt.h"
-#endif /* NSSPKIXT_H */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Attribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Attribute ::= SEQUENCE {
- * type AttributeType,
- * values SET OF AttributeValue
- * -- at least one value is required -- }
- *
- */
-
-struct NSSPKIXAttributeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSBER *ber;
- NSSDER *der;
- nssASN1Item asn1type;
- nssASN1Item **asn1values;
- NSSPKIXAttributeType *type;
- PRUint32 valuesCount;
-};
-
-/*
- * AttributeTypeAndValue
- *
- * This structure contains an attribute type (indicated by an OID),
- * and the type-specific value. RelativeDistinguishedNamess consist
- * of a set of these. These are distinct from Attributes (which have
- * SET of values), from AttributeDescriptions (which have qualifiers
- * on the types), and from AttributeValueAssertions (which assert a
- * a value comparison under some matching rule).
- *
- * From RFC 2459:
- *
- * AttributeTypeAndValue ::= SEQUENCE {
- * type AttributeType,
- * value AttributeValue }
- *
- */
-
-struct NSSPKIXAttributeTypeAndValueStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- nssASN1Item asn1type;
- nssASN1Item asn1value;
- NSSPKIXAttributeType *type;
- NSSUTF8 *utf8;
-};
-
-/*
- * X520Name
- *
- * From RFC 2459:
- *
- * X520name ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-name)),
- * printableString PrintableString (SIZE (1..ub-name)),
- * universalString UniversalString (SIZE (1..ub-name)),
- * utf8String UTF8String (SIZE (1..ub-name)),
- * bmpString BMPString (SIZE(1..ub-name)) }
- *
- *
- * ub-name INTEGER ::= 32768
- *
- */
-
-struct NSSPKIXX520NameStr {
- nssASN1Item string;
- NSSUTF8 *utf8;
- NSSDER *der;
- PRBool wasPrintable;
- PRBool inArena;
-};
-
-/*
- * From RFC 2459:
- *
- * X520CommonName ::= CHOICE {
- * teletexString TeletexString (SIZE (1..ub-common-name)),
- * printableString PrintableString (SIZE (1..ub-common-name)),
- * universalString UniversalString (SIZE (1..ub-common-name)),
- * utf8String UTF8String (SIZE (1..ub-common-name)),
- * bmpString BMPString (SIZE(1..ub-common-name)) }
- *
- * ub-common-name INTEGER ::= 64
- *
- */
-
-struct NSSPKIXX520CommonNameStr {
-};
-
-/*
- * Name
- *
- * This structure contains a union of the possible name formats,
- * which at the moment is limited to an RDNSequence.
- *
- * From RFC 2459:
- *
- * Name ::= CHOICE { -- only one possibility for now --
- * rdnSequence RDNSequence }
- *
- */
-
-struct NSSPKIXNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *ber;
- NSSDER *der;
- NSSUTF8 *utf;
- NSSPKIXNameChoice choice;
- union {
- NSSPKIXRDNSequence *rdnSequence;
- } u;
-};
-
-/*
- * RDNSequence
- *
- * This structure contains a sequence of RelativeDistinguishedName
- * objects.
- *
- * From RFC 2459:
- *
- * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
- *
- */
-
-struct NSSPKIXRDNSequenceStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSBER *ber;
- NSSDER *der;
- NSSUTF8 *utf8;
- PRUint32 count;
- NSSPKIXRelativeDistinguishedName **rdns;
-};
-
-/*
- * RelativeDistinguishedName
- *
- * This structure contains an unordered set of AttributeTypeAndValue
- * objects. RDNs are used to distinguish a set of objects underneath
- * a common object.
- *
- * Often, a single ATAV is sufficient to make a unique distinction.
- * For example, if a company assigns its people unique uid values,
- * then in the Name "uid=smith,ou=People,o=Acme,c=US" the "uid=smith"
- * ATAV by itself forms an RDN. However, sometimes a set of ATAVs is
- * needed. For example, if a company needed to distinguish between
- * two Smiths by specifying their corporate divisions, then in the
- * Name "(cn=Smith,ou=Sales),ou=People,o=Acme,c=US" the parenthesised
- * set of ATAVs forms the RDN.
- *
- * From RFC 2459:
- *
- * RelativeDistinguishedName ::=
- * SET SIZE (1 .. MAX) OF AttributeTypeAndValue
- *
- */
-
-struct NSSPKIXRelativeDistinguishedNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSBER *ber;
- NSSUTF8 *utf8;
- PRUint32 count;
- NSSPKIXAttributeTypeAndValue **atavs;
-};
-
-/*
- * Certificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Certificate ::= SEQUENCE {
- * tbsCertificate TBSCertificate,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- */
-
-struct NSSPKIXCertificateStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXTBSCertificate *tbsCertificate;
- NSSPKIXAlgorithmIdentifier *signatureAlgorithm;
- NSSItem *signature;
-};
-
-/*
- * TBSCertificate
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertificate ::= SEQUENCE {
- * version [0] Version DEFAULT v1,
- * serialNumber CertificateSerialNumber,
- * signature AlgorithmIdentifier,
- * issuer Name,
- * validity Validity,
- * subject Name,
- * subjectPublicKeyInfo SubjectPublicKeyInfo,
- * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
- * -- If present, version shall be v2 or v3
- * extensions [3] Extensions OPTIONAL
- * -- If present, version shall be v3 -- }
- *
- */
-
-struct NSSPKIXTBSCertificateStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXVersion version;
- NSSPKIXCertificateSerialNumber serialNumber;
- NSSPKIXAlgorithmIdentifier *signature;
- NSSPKIXName *issuer;
- NSSPKIXValidity *validity;
- NSSPKIXName *subject;
- NSSPKIXSubjectPublicKeyInfo *subjectPublicKeyInfo;
- NSSPKIXUniqueIdentifier *issuerUniqueID;
- NSSPKIXUniqueIdentifier *subjectUniqueID;
- NSSPKIXExtensions *extensions;
-};
-
-/*
- * Validity
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Validity ::= SEQUENCE {
- * notBefore Time,
- * notAfter Time }
- *
- */
-
-struct NSSPKIXValidityStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * Time
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Time ::= CHOICE {
- * utcTime UTCTime,
- * generalTime GeneralizedTime }
- *
- */
-
-struct NSSPKIXTimeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSBER *ber;
- nssASN1Item asn1item;
- PRTime prTime;
- PRBool prTimeValid;
-};
-
-/*
- * SubjectPublicKeyInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectPublicKeyInfo ::= SEQUENCE {
- * algorithm AlgorithmIdentifier,
- * subjectPublicKey BIT STRING }
- *
- */
-
-struct NSSPKIXSubjectPublicKeyInfoStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXAlgorithmIdentifier *algorithm;
- NSSItem *subjectPublicKey;
-};
-
-/*
- * Extensions
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
- *
- */
-
-struct NSSPKIXExtensionsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * Extension
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * Extension ::= SEQUENCE {
- * extnID OBJECT IDENTIFIER,
- * critical BOOLEAN DEFAULT FALSE,
- * extnValue OCTET STRING }
- *
- */
-
-struct NSSPKIXExtensionStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSOID *extnID;
- PRBool critical;
- NSSItem *extnValue;
-};
-
-/*
- * CertificateList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificateList ::= SEQUENCE {
- * tbsCertList TBSCertList,
- * signatureAlgorithm AlgorithmIdentifier,
- * signature BIT STRING }
- *
- */
-
-struct NSSPKIXCertificateListStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXTBSCertList *tbsCertList;
- NSSPKIXAlgorithmIdentifier *signatureAlgorithm;
- NSSItem *signature;
-};
-
-/*
- * TBSCertList
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TBSCertList ::= SEQUENCE {
- * version Version OPTIONAL,
- * -- if present, shall be v2
- * signature AlgorithmIdentifier,
- * issuer Name,
- * thisUpdate Time,
- * nextUpdate Time OPTIONAL,
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- * crlExtensions [0] Extensions OPTIONAL
- * -- if present, shall be v2 -- }
- *
- */
-
-struct NSSPKIXTBSCertListStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXVersion version;
- NSSPKIXAlgorithmIdentifier *signature;
- NSSPKIXName *issuer;
- -time- thisUpdate;
- -time- nextUpdate;
- NSSPKIXrevokedCertificates *revokedCertificates;
- NSSPKIXExtensions *crlExtensions;
-};
-
-/*
- * revokedCertificates
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * revokedCertificates SEQUENCE OF SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificatesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * revokedCertificate
- *
- * This is a "helper type" to simplify handling of TBSCertList objects.
- *
- * SEQUENCE {
- * userCertificate CertificateSerialNumber,
- * revocationDate Time,
- * crlEntryExtensions Extensions OPTIONAL
- * -- if present, shall be v2
- * } OPTIONAL,
- *
- */
-
-struct NSSPKIXrevokedCertificateStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXCertificateSerialNumber *userCertificate;
- -time- revocationDate;
- NSSPKIXExtensions *crlEntryExtensions;
-};
-
-/*
- * AlgorithmIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * (1988 syntax)
- *
- * AlgorithmIdentifier ::= SEQUENCE {
- * algorithm OBJECT IDENTIFIER,
- * parameters ANY DEFINED BY algorithm OPTIONAL }
- * -- contains a value of the type
- * -- registered for use with the
- * -- algorithm object identifier value
- *
- *
- */
-
-struct NSSPKIXAlgorithmIdentifierStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSBER *ber;
- NSSOID *algorithm;
- NSSItem *parameters;
-};
-
-/*
- * -- types related to NSSPKIXAlgorithmIdentifiers:
- *
- * Dss-Sig-Value ::= SEQUENCE {
- * r INTEGER,
- * s INTEGER }
- *
- * DomainParameters ::= SEQUENCE {
- * p INTEGER, -- odd prime, p=jq +1
- * g INTEGER, -- generator, g
- * q INTEGER, -- factor of p-1
- * j INTEGER OPTIONAL, -- subgroup factor, j>= 2
- * validationParms ValidationParms OPTIONAL }
- *
- * ValidationParms ::= SEQUENCE {
- * seed BIT STRING,
- * pgenCounter INTEGER }
- *
- * Dss-Parms ::= SEQUENCE {
- * p INTEGER,
- * q INTEGER,
- * g INTEGER }
- *
- */
-
-/*
- * ORAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ORAddress ::= SEQUENCE {
- * built-in-standard-attributes BuiltInStandardAttributes,
- * built-in-domain-defined-attributes
- * BuiltInDomainDefinedAttributes OPTIONAL,
- * -- see also teletex-domain-defined-attributes
- * extension-attributes ExtensionAttributes OPTIONAL }
- * -- The OR-address is semantically absent from the OR-name if the
- * -- built-in-standard-attribute sequence is empty and the
- * -- built-in-domain-defined-attributes and extension-attributes are
- * -- both omitted.
- *
- */
-
-struct NSSPKIXORAddressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXBuiltInStandardAttributes *builtInStandardAttributes;
- NSSPKIXBuiltInDomainDefinedAttributes *builtInDomainDefinedAttributes;
- NSSPKIXExtensionsAttributes *extensionAttributes;
-};
-
-/*
- * BuiltInStandardAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInStandardAttributes ::= SEQUENCE {
- * country-name CountryName OPTIONAL,
- * administration-domain-name AdministrationDomainName OPTIONAL,
- * network-address [0] NetworkAddress OPTIONAL,
- * -- see also extended-network-address
- * terminal-identifier [1] TerminalIdentifier OPTIONAL,
- * private-domain-name [2] PrivateDomainName OPTIONAL,
- * organization-name [3] OrganizationName OPTIONAL,
- * -- see also teletex-organization-name
- * numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
- * personal-name [5] PersonalName OPTIONAL,
- * -- see also teletex-personal-name
- * organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
- * -- see also teletex-organizational-unit-names -- }
- *
- */
-
-struct NSSPKIXBuiltInStandardAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXCountryName *countryName;
- NSSPKIXAdministrationDomainName *administrationDomainName;
- NSSPKIXNetworkAddress *networkAddress;
- NSSPKIXTerminalIdentifier *terminalIdentifier;
- NSSPKIXPrivateDomainName *privateDomainName;
- NSSPKIXOrganizationName *organizationName;
- NSSPKIXNumericUserIdentifier *numericUserIdentifier;
- NSSPKIXPersonalName *personalName;
- NSSPKIXOrganizationalUnitNames *organizationalUnitNames;
-};
-
-/*
- * PersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PersonalName ::= SET {
- * surname [0] PrintableString (SIZE (1..ub-surname-length)),
- * given-name [1] PrintableString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] PrintableString
- * (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPersonalNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *surname;
- NSSUTF8 *givenName;
- NSSUTF8 *initials;
- NSSUTF8 *generationQualifier;
-};
-
-/*
- * OrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
- * OF OrganizationalUnitName
- *
- */
-
-struct NSSPKIXOrganizationalUnitNamesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * BuiltInDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF
- * BuiltInDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * BuiltInDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BuiltInDomainDefinedAttribute ::= SEQUENCE {
- * type PrintableString (SIZE
- * (1..ub-domain-defined-attribute-type-length)),
- * value PrintableString (SIZE
- * (1..ub-domain-defined-attribute-value-length))}
- *
- */
-
-struct NSSPKIXBuiltInDomainDefinedAttributeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *type;
- NSSUTF8 *value;
-};
-
-/*
- * ExtensionAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
- * ExtensionAttribute
- *
- */
-
-struct NSSPKIXExtensionAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * ExtensionAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtensionAttribute ::= SEQUENCE {
- * extension-attribute-type [0] INTEGER (0..ub-extension-attributes),
- * extension-attribute-value [1]
- * ANY DEFINED BY extension-attribute-type }
- *
- */
-
-struct NSSPKIXExtensionAttributeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXExtensionsAttributeType extensionAttributeType;
- NSSItem *extensionAttributeValue;
-};
-
-/*
- * TeletexPersonalName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexPersonalName ::= SET {
- * surname [0] TeletexString (SIZE (1..ub-surname-length)),
- * given-name [1] TeletexString
- * (SIZE (1..ub-given-name-length)) OPTIONAL,
- * initials [2] TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
- * generation-qualifier [3] TeletexString (SIZE
- * (1..ub-generation-qualifier-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXTeletexPersonalNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *surname;
- NSSUTF8 *givenName;
- NSSUTF8 *initials;
- NSSUTF8 *generationQualifier;
-};
-
-/*
- * TeletexOrganizationalUnitNames
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
- * (1..ub-organizational-units) OF TeletexOrganizationalUnitName
- *
- */
-
-struct NSSPKIXTeletexOrganizationalUnitNamesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * PDSParameter
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PDSParameter ::= SET {
- * printable-string PrintableString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXPDSParameterStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *printableString;
- NSSTUF8 *teletexString;
-};
-
-/*
- * UnformattedPostalAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UnformattedPostalAddress ::= SET {
- * printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
- * PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
- * teletex-string TeletexString
- * (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
- *
- */
-
-struct NSSPKIXUnformattedPostalAddressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
- NSSUTF8 *teletexString;
-};
-
-/*
- * ExtendedNetworkAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtendedNetworkAddress ::= CHOICE {
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- * psap-address [0] PresentationAddress }
- *
- */
-
-struct NSSPKIXExtendedNetworkAddressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXExtendedNetworkAddressChoice choice;
- union {
- NSSe1634address *e1634Address;
- NSSPKIXPresentationAddress *psapAddress;
- } u;
-};
-
-/*
- * e163-4-address
- *
- * Helper structure for ExtendedNetworkAddress.
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * e163-4-address SEQUENCE {
- * number [0] NumericString (SIZE (1..ub-e163-4-number-length)),
- * sub-address [1] NumericString
- * (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
- *
- */
-
-struct NSSe1634addressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *number;
- NSSUTF8 *subAddress;
-};
-
-/*
- * PresentationAddress
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PresentationAddress ::= SEQUENCE {
- * pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
- * sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
- * tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
- * nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
- *
- */
-
-struct NSSPKIXPresentationAddressStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSItem *pSelector;
- NSSItem *sSelector;
- NSSItem *tSelector;
- NSSItem *nAddresses[]; --fgmr--
-};
-
-/*
- * TeletexDomainDefinedAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
- * (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
- *
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * TeletexDomainDefinedAttribute
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * TeletexDomainDefinedAttribute ::= SEQUENCE {
- * type TeletexString
- * (SIZE (1..ub-domain-defined-attribute-type-length)),
- * value TeletexString
- * (SIZE (1..ub-domain-defined-attribute-value-length)) }
- *
- */
-
-struct NSSPKIXTeletexDomainDefinedAttributeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSUTF8 *type;
- NSSUTF8 *value;
-};
-
-/*
- * AuthorityKeyIdentifier
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityKeyIdentifier ::= SEQUENCE {
- * keyIdentifier [0] KeyIdentifier OPTIONAL,
- * authorityCertIssuer [1] GeneralNames OPTIONAL,
- * authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
- * -- authorityCertIssuer and authorityCertSerialNumber shall both
- * -- be present or both be absent
- *
- */
-
-struct NSSPKIXAuthorityKeyIdentifierStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXKeyIdentifier *keyIdentifier;
- NSSPKIXGeneralNames *authorityCertIssuer;
- NSSPKIXCertificateSerialNumber *authorityCertSerialNumber;
-};
-
-/*
- * KeyUsage
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * KeyUsage ::= BIT STRING {
- * digitalSignature (0),
- * nonRepudiation (1),
- * keyEncipherment (2),
- * dataEncipherment (3),
- * keyAgreement (4),
- * keyCertSign (5),
- * cRLSign (6),
- * encipherOnly (7),
- * decipherOnly (8) }
- *
- */
-
-struct NSSPKIXKeyUsageStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXKeyUsageValue keyUsage;
-};
-
-/*
- * PrivateKeyUsagePeriod
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PrivateKeyUsagePeriod ::= SEQUENCE {
- * notBefore [0] GeneralizedTime OPTIONAL,
- * notAfter [1] GeneralizedTime OPTIONAL }
- * -- either notBefore or notAfter shall be present
- *
- */
-
-struct NSSPKIXPrivateKeyUsagePeriodStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- --time--
- --time--
-};
-
-/*
- * CertificatePolicies
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
- *
- */
-
-struct NSSPKIXCertificatePoliciesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * PolicyInformation
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyInformation ::= SEQUENCE {
- * policyIdentifier CertPolicyId,
- * policyQualifiers SEQUENCE SIZE (1..MAX) OF
- * PolicyQualifierInfo OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyInformationStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXCertPolicyId *policyIdentifier;
- NSSPKIXPolicyQualifierInfo *policyQualifiers[];
- --fgmr--
-};
-
-/*
- * PolicyQualifierInfo
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyQualifierInfo ::= SEQUENCE {
- * policyQualifierId PolicyQualifierId,
- * qualifier ANY DEFINED BY policyQualifierId }
- *
- */
-
-struct NSSPKIXPolicyQualifierInfoStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXPolicyQualifierId *policyQualifierId;
- NSSItem *qualifier;
-};
-
-/*
- * UserNotice
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * UserNotice ::= SEQUENCE {
- * noticeRef NoticeReference OPTIONAL,
- * explicitText DisplayText OPTIONAL}
- *
- */
-
-struct NSSPKIXUserNoticeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXNoticeReference *noticeRef;
- NSSPKIXDisplayText *explicitText;
-};
-
-/*
- * NoticeReference
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NoticeReference ::= SEQUENCE {
- * organization DisplayText,
- * noticeNumbers SEQUENCE OF INTEGER }
- *
- */
-
-struct NSSPKIXNoticeReferenceStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDisplayText *organization;
- NSSItem *noticeNumbers[]; --fgmr--
- ...
-};
-
-/*
- * PolicyMappings
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- */
-
-struct NSSPKIXPolicyMappingsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXpolicyMapping *policyMappings[]; --fgmr--
- ...
-};
-
-/*
- * policyMapping
- *
- * Helper structure for PolicyMappings
- *
- * SEQUENCE {
- * issuerDomainPolicy CertPolicyId,
- * subjectDomainPolicy CertPolicyId }
- *
- */
-
-struct NSSPKIXpolicyMappingStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXCertPolicyId *issuerDomainPolicy;
- NSSPKIXCertPolicyId *subjectDomainPolicy;
-};
-
-/*
- * GeneralName
- *
- * This structure contains a union of the possible general names,
- * of which there are several.
- *
- * From RFC 2459:
- *
- * GeneralName ::= CHOICE {
- * otherName [0] AnotherName,
- * rfc822Name [1] IA5String,
- * dNSName [2] IA5String,
- * x400Address [3] ORAddress,
- * directoryName [4] Name,
- * ediPartyName [5] EDIPartyName,
- * uniformResourceIdentifier [6] IA5String,
- * iPAddress [7] OCTET STRING,
- * registeredID [8] OBJECT IDENTIFIER }
- *
- */
-
-struct NSSPKIXGeneralNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXGeneralNameChoice choice;
- union {
- NSSPKIXAnotherName *otherName;
- NSSUTF8 *rfc822Name;
- NSSUTF8 *dNSName;
- NSSPKIXORAddress *x400Address;
- NSSPKIXName *directoryName;
- NSSEDIPartyName *ediPartyName;
- NSSUTF8 *uniformResourceIdentifier;
- NSSItem *iPAddress;
- NSSOID *registeredID;
- } u;
-};
-
-/*
- * GeneralNames
- *
- * This structure contains a sequence of GeneralName objects.
- *
- * From RFC 2459:
- *
- * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
- *
- */
-
-struct NSSPKIXGeneralNamesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * AnotherName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AnotherName ::= SEQUENCE {
- * type-id OBJECT IDENTIFIER,
- * value [0] EXPLICIT ANY DEFINED BY type-id }
- *
- */
-
-struct NSSPKIXAnotherNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSOID *typeId;
- NSSItem *value;
-};
-
-/*
- * EDIPartyName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- *
- * EDIPartyName ::= SEQUENCE {
- * nameAssigner [0] DirectoryString OPTIONAL,
- * partyName [1] DirectoryString }
- *
- */
-
-struct NSSPKIXEDIPartyNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDirectoryString *nameAssigner;
- NSSPKIXDirectoryString *partyname;
-};
-
-/*
- * SubjectDirectoryAttributes
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *
- */
-
-struct NSSPKIXSubjectDirectoryAttributesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * BasicConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * BasicConstraints ::= SEQUENCE {
- * cA BOOLEAN DEFAULT FALSE,
- * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
- *
- */
-
-struct NSSPKIXBasicConstraintsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- PRBool cA;
- PRInt32 pathLenConstraint; --fgmr--
-};
-
-/*
- * NameConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * NameConstraints ::= SEQUENCE {
- * permittedSubtrees [0] GeneralSubtrees OPTIONAL,
- * excludedSubtrees [1] GeneralSubtrees OPTIONAL }
- *
- */
-
-struct NSSPKIXNameConstraintsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXGeneralSubtrees *permittedSubtrees;
- NSSPKIXGeneralSubtrees *excludedSubtrees;
-};
-
-/*
- * GeneralSubtrees
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
- *
- */
-
-struct NSSPKIXGeneralSubtreesStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * GeneralSubtree
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * GeneralSubtree ::= SEQUENCE {
- * base GeneralName,
- * minimum [0] BaseDistance DEFAULT 0,
- * maximum [1] BaseDistance OPTIONAL }
- *
- */
-
-struct NSSPKIXGeneralSubtreeStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXGeneralName;
- NSSPKIXBaseDistance minimum;
- NSSPKIXBaseDistance maximum;
-};
-
-/*
- * PolicyConstraints
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * PolicyConstraints ::= SEQUENCE {
- * requireExplicitPolicy [0] SkipCerts OPTIONAL,
- * inhibitPolicyMapping [1] SkipCerts OPTIONAL }
- *
- */
-
-struct NSSPKIXPolicyConstraintsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXSkipCerts *requireExplicitPolicy;
- NSSPKIXSkipCerts *inhibitPolicyMapping;
-};
-
-/*
- * CRLDistPointsSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
- *
- */
-
-struct NSSPKIXCRLDistPointsSyntaxStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * DistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * reasons [1] ReasonFlags OPTIONAL,
- * cRLIssuer [2] GeneralNames OPTIONAL }
- *
- */
-
-struct NSSPKIXDistributionPointStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDistributionPointName *distributionPoint;
- NSSPKIXReasonFlags *reasons;
- NSSPKIXGeneralNames *cRLIssuer;
-};
-
-/*
- * DistributionPointName
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * DistributionPointName ::= CHOICE {
- * fullName [0] GeneralNames,
- * nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
- *
- */
-
-struct NSSPKIXDistributionPointNameStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDistributionPointNameChoice choice;
- union {
- NSSPKIXGeneralNames *fullName;
- NSSPKIXRelativeDistinguishedName *nameRelativeToCRLIssuer;
- } u;
-};
-
-/*
- * ReasonFlags
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ReasonFlags ::= BIT STRING {
- * unused (0),
- * keyCompromise (1),
- * cACompromise (2),
- * affiliationChanged (3),
- * superseded (4),
- * cessationOfOperation (5),
- * certificateHold (6) }
- *
- */
-
-struct NSSPKIXReasonFlagsStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXReasonFlagsMask reasonFlags;
-};
-
-/*
- * ExtKeyUsageSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
- *
- */
-
-struct NSSPKIXExtKeyUsageSyntaxStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * AuthorityInfoAccessSyntax
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AuthorityInfoAccessSyntax ::=
- * SEQUENCE SIZE (1..MAX) OF AccessDescription
- *
- */
-
-struct NSSPKIXAuthorityInfoAccessSyntaxStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- ...
-};
-
-/*
- * AccessDescription
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * AccessDescription ::= SEQUENCE {
- * accessMethod OBJECT IDENTIFIER,
- * accessLocation GeneralName }
- *
- */
-
-struct NSSPKIXAccessDescriptionStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSOID *accessMethod;
- NSSPKIXGeneralName *accessLocation;
-};
-
-/*
- * IssuingDistributionPoint
- *
- * -- fgmr comments --
- *
- * From RFC 2459:
- *
- * IssuingDistributionPoint ::= SEQUENCE {
- * distributionPoint [0] DistributionPointName OPTIONAL,
- * onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
- * onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
- * onlySomeReasons [3] ReasonFlags OPTIONAL,
- * indirectCRL [4] BOOLEAN DEFAULT FALSE }
- *
- */
-
-struct NSSPKIXIssuingDistributionPointStr {
- NSSArena *arena;
- PRBool i_allocated_arena;
- NSSDER *der;
- NSSPKIXDistributionPointName *distributionPoint;
- PRBool onlyContainsUserCerts;
- PRBool onlyContainsCACerts;
- NSSPKIXReasonFlags onlySomeReasons;
- PRBool indirectCRL;
-};
-
-PR_END_EXTERN_C
-
-#endif /* PKIXTM_H */
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c
deleted file mode 100644
index cf95b4e26..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Create.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSOID *algorithm,
- NSSItem *parameters
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Create(arenaOpt, algorithm, parameters);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c
deleted file mode 100644
index 1e4e47b03..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c
deleted file mode 100644
index f2a901151..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Destroy.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAlgorithmIdentifier_Destroy
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Destroy(algid);
-}
-
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c
deleted file mode 100644
index 186ab49bc..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-NSSPKIXAlgorithmIdentifier_Duplicate
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Duplicate(algid, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c
deleted file mode 100644
index d390b3595..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXAlgorithmIdentifier_Encode
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Encode(algid, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c
deleted file mode 100644
index 65c52a2ba..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/Equal.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXAlgorithmIdentifier_Equal
-(
- NSSPKIXAlgorithmIdentifier *algid1,
- NSSPKIXAlgorithmIdentifier *algid2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_Equal(algid1, algid2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c
deleted file mode 100644
index be7493a66..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetAlgorithm.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSOID *
-NSSPKIXAlgorithmIdentifier_GetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSOID *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_GetAlgorithm(algid);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c
deleted file mode 100644
index e94622e23..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/GetParameters.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-NSSPKIXAlgorithmIdentifier_GetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSItem *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_GetParameters(algid, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c
deleted file mode 100644
index 0797fbd49..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/MClear.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_AlgorithmIdentifier_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AlgorithmIdentifier_Clear
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != algid->ber ) {
- nss_ZFreeIf(algid->ber->data);
- nss_ZFreeIf(algid->ber);
- }
-
- if( (NSSDER *)NULL != algid->der ) {
- nss_ZFreeIf(algid->der->data);
- nss_ZFreeIf(algid->der);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c
deleted file mode 100644
index c527a6a56..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PCreate.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_POINTER
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Create
-(
- NSSArena *arenaOpt,
- NSSOID *algorithm,
- NSSItem *parameters
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAlgorithmIdentifier *rv = (NSSPKIXAlgorithmIdentifier *)NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAlgorithmIdentifier);
- if( (NSSPKIXAlgorithmIdentifier *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->algorithm = algorithm;
- rv->parameters = nssItem_Duplicate(parameters, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->parameters ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AlgorithmIdentifier_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAlgorithmIdentifier *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c
deleted file mode 100644
index 9713d34db..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDecode.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAlgorithmIdentifier *rv = (NSSPKIXAlgorithmIdentifier *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAlgorithmIdentifier);
- if( (NSSPKIXAlgorithmIdentifier *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXAlgorithmIdentifier_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AlgorithmIdentifier_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAlgorithmIdentifier *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c
deleted file mode 100644
index 7ef4d1fe1..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_Destroy
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_AlgorithmIdentifier_remove_pointer(algid);
-#endif /* DEBUG */
-
- if( PR_TRUE == algid->i_allocated_arena ) {
- return nssArena_Destroy(algid->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c
deleted file mode 100644
index ae3cf72b2..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PDuplicate.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAlgorithmIdentifier upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAlgorithmIdentifier *
-nssPKIXAlgorithmIdentifier_Duplicate
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAlgorithmIdentifier *rv = (NSSPKIXAlgorithmIdentifier *)NULL;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAlgorithmIdentifier *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAlgorithmIdentifier);
- if( (NSSPKIXAlgorithmIdentifier *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- rv->ber = nssItem_Duplicate(algid->ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- rv->der = nssItem_Duplicate(algid->der, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->der ) {
- goto loser;
- }
-
- rv->algorithm = algid->algorithm;
-
- rv->parameters = nssItem_Duplicate(algid->parameters, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->parameters ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AlgorithmIdentifier_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAlgorithmIdentifier *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c
deleted file mode 100644
index c9939350a..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEncode.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXAlgorithmIdentifier_Encode
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != algid->ber ) {
- it = algid->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != algid->der ) {
- it = algid->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(algid->arena, (NSSItem *)NULL, algid,
- nssPKIXAlgorithmIdentifier_template, encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- algid->ber = it;
- break;
- case NSSASN1DER:
- algid->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c
deleted file mode 100644
index 423dfdb74..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PEqual.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXAlgorithmIdentifier_Equal
-(
- NSSPKIXAlgorithmIdentifier *algid1,
- NSSPKIXAlgorithmIdentifier *algid2,
- PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( algid1->algorithm != algid2->algorithm ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
- return PR_FALSE;
- }
-
- return nssItem_Equal(algid1->parameters, algid2->parameters, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c
deleted file mode 100644
index 4c7c37b6e..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetAlgorithm.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_GetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSOID pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSOID *
-nssPKIXAlgorithmIdentifier_GetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSOID *)NULL;
- }
-#endif /* NSSDEBUG */
-
- return algid->algorithm;
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c
deleted file mode 100644
index 5d6f1decb..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PGetParameters.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_GetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSItem upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSItem *
-nssPKIXAlgorithmIdentifier_GetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *rvOpt,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return (NSSItem *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSItem *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- return nssItem_Duplicate(algid->parameters, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c
deleted file mode 100644
index ccf9f23e2..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetAlgorithm.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_SetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSOID *algorithm
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- algid->algorithm = algorithm;
- return nss_pkix_AlgorithmIdentifier_Clear(algid);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c
deleted file mode 100644
index d5a7e8424..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/PSetParameters.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_SetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *parameters
-)
-{
- NSSItem *prev;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- prev = algid->parameters;
-
- algid->parameters = nssItem_Duplicate(parameters, algid->arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == algid->parameters ) {
- algid->parameters = prev;
- return PR_FAILURE;
- }
-
- (void)nssItem_Destroy(prev);
- return nss_pkix_AlgorithmIdentifier_Clear(algid);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c
deleted file mode 100644
index d829643e0..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetAlgorithm.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetAlgorithm
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAlgorithmIdentifier_SetAlgorithm
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSOID *algorithm
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(algorithm) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_SetAlgorithm(algid, algorithm);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c
deleted file mode 100644
index d751fb689..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/SetParameters.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAlgorithmIdentifier_SetParameters
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ALGORITHM_IDENTIFIER
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAlgorithmIdentifier_SetParameters
-(
- NSSPKIXAlgorithmIdentifier *algid,
- NSSItem *parameters
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAlgorithmIdentifier_verifyPointer(algid) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(parameters) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAlgorithmIdentifier_SetParameters(algid, parameters);
-}
diff --git a/security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c b/security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c
deleted file mode 100644
index c9a9f8072..000000000
--- a/security/nss/lib/pkix/src/AlgorithmIdentifier/verifyPointer.c
+++ /dev/null
@@ -1,182 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_algid_pointer_tracker;
-
-/*
- * nss_pkix_AlgorithmIdentifier_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAlgorithmIdentifier pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AlgorithmIdentifier_add_pointer
-(
- const NSSPKIXAlgorithmIdentifier *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_algid_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_algid_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(p->arena,
- nss_pkix_AlgorithmIdentifier_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_AlgorithmIdentifier_remove_pointer(p);
- return rv;
- }
-
- return rv;
-}
-
-/*
- * nss_pkix_AlgorithmIdentifier_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXAlgorithmIdentifier
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AlgorithmIdentifier_remove_pointer
-(
- const NSSPKIXAlgorithmIdentifier *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_algid_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_AlgorithmIdentifier_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXAlgorithmIdentifier_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAlgorithmIdentifier
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAlgorithmIdentifier_verifyPointer
-(
- NSSPKIXAlgorithmIdentifier *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_algid_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_algid_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/Attribute/AddValue.c b/security/nss/lib/pkix/src/Attribute/AddValue.c
deleted file mode 100644
index aad082c50..000000000
--- a/security/nss/lib/pkix/src/Attribute/AddValue.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_AddValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_AddValue(attribute, value);
-}
-
diff --git a/security/nss/lib/pkix/src/Attribute/Create.c b/security/nss/lib/pkix/src/Attribute/Create.c
deleted file mode 100644
index 9fe406b2d..000000000
--- a/security/nss/lib/pkix/src/Attribute/Create.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INSUFFICIENT_VALUES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value1,
- ...
-)
-{
- va_list ap;
- NSSPKIXAttribute *rv;
- PRUint32 count;
-
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSPKIXAttributeValue *)NULL == value1 ) {
- nss_SetError(NSS_ERROR_INSUFFICIENT_VALUES);
- return (NSSPKIXAttribute *)NULL;
- }
-
- {
- va_start(ap, typeOid);
-
- while( 1 ) {
- NSSPKIXAttributeValue *v;
- v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
- if( (NSSPKIXAttributeValue *)NULL == v ) {
- break;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(v) ) {
- va_end(ap);
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* DEBUG */
-
- va_start(ap, typeOid);
-
- for( count = 0; ; count++ ) {
- NSSPKIXAttributeValue *v;
- v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
- if( (NSSPKIXAttributeValue *)NULL == v ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, typeOid);
- rv = nss_pkix_Attribute_V_Create(arenaOpt, typeOid, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/CreateFromArray.c b/security/nss/lib/pkix/src/Attribute/CreateFromArray.c
deleted file mode 100644
index 2928c3bcc..000000000
--- a/security/nss/lib/pkix/src/Attribute/CreateFromArray.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_CreateFromArray
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- NSSPKIXAttributeValue values[]
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssItem_verifyPointer(&values[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_CreateFromArray(arenaOpt, typeOid, count, values);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Decode.c b/security/nss/lib/pkix/src/Attribute/Decode.c
deleted file mode 100644
index a16f195cd..000000000
--- a/security/nss/lib/pkix/src/Attribute/Decode.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459. This
- * routine may return NULL upon error, in which case it will
- * have created an error stack. If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Destroy.c b/security/nss/lib/pkix/src/Attribute/Destroy.c
deleted file mode 100644
index bd9454fca..000000000
--- a/security/nss/lib/pkix/src/Attribute/Destroy.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute. It should be called on
- * all such objects created without an arena. It does not need to be
- * called for objects created with an arena, but it may be. This
- * routine returns a PRStatus value. Upon error, it will create an
- * error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-NSSPKIXAttribute_Destroy
-(
- NSSPKIXAttribute *attribute
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Destroy(attribute);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Duplicate.c b/security/nss/lib/pkix/src/Attribute/Duplicate.c
deleted file mode 100644
index 146a49610..000000000
--- a/security/nss/lib/pkix/src/Attribute/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute. {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-NSSPKIXAttribute_Duplicate
-(
- NSSPKIXAttribute *attribute,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Duplicate(attribute, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Encode.c b/security/nss/lib/pkix/src/Attribute/Encode.c
deleted file mode 100644
index 179bd3d68..000000000
--- a/security/nss/lib/pkix/src/Attribute/Encode.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Encode
- *
- * This routine returns an ASN.1 encoding of the specified
- * NSSPKIXAttribute. {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA)
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXAttribute_Encode
-(
- NSSPKIXAttribute *attribute,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Encode(attribute, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/Equal.c b/security/nss/lib/pkix/src/Attribute/Equal.c
deleted file mode 100644
index d91782aea..000000000
--- a/security/nss/lib/pkix/src/Attribute/Equal.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXAttribute_Equal
-(
- NSSPKIXAttribute *one,
- NSSPKIXAttribute *two,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_Equal(one, two);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/FindValue.c b/security/nss/lib/pkix/src/Attribute/FindValue.c
deleted file mode 100644
index ba725051f..000000000
--- a/security/nss/lib/pkix/src/Attribute/FindValue.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data. If an exact match is found,
- * then that value's index is returned. If an exact match is not
- * found, -1 is returned. If there is more than one exact match, one
- * index will be returned. {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXAttribute_FindValue
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_FindValue(attribute, value);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/GetType.c b/security/nss/lib/pkix/src/Attribute/GetType.c
deleted file mode 100644
index 0bae2b988..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetType.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-NSSPKIXAttribute_GetType
-(
- NSSPKIXAttribute *attribute
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeType *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_GetType(attribute);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/GetValue.c b/security/nss/lib/pkix/src/Attribute/GetValue.c
deleted file mode 100644
index afce8d135..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetValue.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute. Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed. {usual comments about
- * itemOpt and arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_GetValue(attribute, i, itemOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/GetValueCount.c b/security/nss/lib/pkix/src/Attribute/GetValueCount.c
deleted file mode 100644
index 0cdc36b60..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetValueCount.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute. This routine returns a PRInt32.
- * Upon error, this routine returns -1. This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXAttribute_GetValueCount
-(
- NSSPKIXAttribute *attribute
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return -1;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_GetValueCount(attribute);
-}
-
diff --git a/security/nss/lib/pkix/src/Attribute/GetValues.c b/security/nss/lib/pkix/src/Attribute/GetValues.c
deleted file mode 100644
index 986af03d1..000000000
--- a/security/nss/lib/pkix/src/Attribute/GetValues.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute. If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned. If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSItem's upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-NSSPKIXAttribute_GetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_GetValues(attribute, rvOpt, limit, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/MClear.c b/security/nss/lib/pkix/src/Attribute/MClear.c
deleted file mode 100644
index 6fb77ba7d..000000000
--- a/security/nss/lib/pkix/src/Attribute/MClear.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_Attribute_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Attribute_Clear
-(
- NSSPKIXAttribute *a
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != a->ber ) {
- nss_ZFreeIf(a->ber->data);
- nss_ZFreeIf(a->ber);
- }
-
- if( (NSSDER *)NULL != a->der ) {
- nss_ZFreeIf(a->der->data);
- nss_ZFreeIf(a->der);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/MCount.c b/security/nss/lib/pkix/src/Attribute/MCount.c
deleted file mode 100644
index abb0831cb..000000000
--- a/security/nss/lib/pkix/src/Attribute/MCount.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_Attribute_Count
- *
- * This module-private routine sets the valuesCount part of the
- * NSSPKIXAttribute argument. It does no checking, and is intended
- * only for use inside the NSSPKIXAttribute implementation itself.
- * There is no error return. There is no return value.
- */
-
-NSS_IMPLEMENT void
-nss_pkix_Attribute_Count
-(
- NSSPKIXAttribute *a
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
- if( (nssASN1Item *)NULL == a->asn1values ) {
- nss_SetError(NSS_ERROR_ASSERTION_FAILED);
- return;
- }
-
- if( 0 == a->valuesCount ) {
- PRUint32 i;
- for( i = 0; i < 0xFFFFFFFF; i++ ) {
- if( (nssASN1Item *)NULL == a->asn1values[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xFFFFFFFF == i ) {
- return;
- }
-#endif /* PEDANTIC */
-
- a->valuesCount = i;
- }
-
- return;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/MVCreate.c b/security/nss/lib/pkix/src/Attribute/MVCreate.c
deleted file mode 100644
index 1a54026d4..000000000
--- a/security/nss/lib/pkix/src/Attribute/MVCreate.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_Attribute_V_Create
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INTERNAL_ERROR;
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nss_pkix_Attribute_V_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- va_list ap
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
- PRStatus status;
- PRUint32 i;
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttribute);
- if( (NSSPKIXAttribute *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- rv->type = typeOid;
- {
- NSSItem typeder;
- NSSItem *x = nssOID_GetDEREncoding(rv->type, &typeder, arena);
- if( (NSSItem *)NULL == x ) {
- goto loser;
- }
-
- rv->asn1type.size = typeder.size;
- rv->asn1type.data = typeder.data;
- }
-
- rv->valuesCount = count;
-
- rv->asn1values = nss_ZNEWARRAY(arena, nssASN1Item *, count);
- if( (nssASN1Item **)NULL == rv->asn1values ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSItem tmp;
- NSSPKIXAttributeValue *v = (NSSPKIXAttributeValue *)
- va_arg(ap, NSSPKIXAttributeValue *);
-
- rv->asn1values[i] = nss_ZNEW(arena, nssASN1Item);
- if( (nssASN1Item *)NULL == rv->asn1values[i] ) {
- goto loser;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(v, arena, &tmp) ) {
- goto loser;
- }
-
- rv->asn1values[i].size = tmp.size;
- rv->asn1values[i].data = tmp.data;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS !=
- nssArena_registerDestructor(arena,
- nss_pkix_Attribute_remove_pointer,
- rv) ) {
- (void)nss_pkix_Attribute_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PAddValue.c b/security/nss/lib/pkix/src/Attribute/PAddValue.c
deleted file mode 100644
index 732845490..000000000
--- a/security/nss/lib/pkix/src/Attribute/PAddValue.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_AddValue
- *
- * This routine adds the specified attribute value to the set in
- * the specified NSSPKIXAttribute.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_AddValue
-(
- NSSPKIXAttribute *a,
- NSSPKIXAttributeValue *value
-)
-{
- PRUint32 newcount;
- nssASN1Item **new_asn1_items = (nssASN1Item **)NULL;
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
- if( (nssASN1Item **)NULL == a->asn1values ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == a->valuesCount ) {
- PRUint32 i;
-
- for( i = 0; i < 0xFFFFFFFF; i++ ) {
- if( (nssASN1Item *)NULL == a->asn1values[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xFFFFFFFF == i ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- /* Internal error is that we don't handle them this big */
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- a->valuesCount = i;
- }
-
- newcount = a->valuesCount + 1;
- /* Check newcount for a rollover. */
-
- /* Remember that our asn1values array is NULL-terminated */
- new_asn1_items = (nssASN1Item **)nss_ZRealloc(a->asn1values,
- ((newcount+1) * sizeof(nssASN1Item *)));
- if( (nssASN1Item **)NULL == new_asn1_items ) {
- goto loser;
- }
-
- new_asn1_items[ a->valuesCount ] = nss_ZNEW(a->arena, nssASN1Item);
- if( (nssASN1Item *)NULL == new_asn1_items[ a->valuesCount ] ) {
- goto loser;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(value, a->arena, &tmp) ) {
- goto loser;
- }
-
- new_asn1_items[ a->valuesCount ]->size = tmp.size;
- new_asn1_items[ a->valuesCount ]->data = tmp.data;
-
- a->valuesCount++;
- a->asn1values = new_asn1_items;
-
- return nss_pkix_Attribute_Clear(a);
-
- loser:
- if( (nssASN1Item **)NULL != new_asn1_items ) {
- nss_ZFreeIf(new_asn1_items[ newcount-1 ]);
- /* We could realloc back down, but we actually know it's a no-op */
- a->asn1values = new_asn1_items;
- }
-
- return PR_FAILURE;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PCreate.c b/security/nss/lib/pkix/src/Attribute/PCreate.c
deleted file mode 100644
index 40dc5c07c..000000000
--- a/security/nss/lib/pkix/src/Attribute/PCreate.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Create
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_INSUFFICIENT_VALUES
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXAttribute *
-nssPKIXAttribute_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value1,
- ...
-)
-{
- va_list ap;
- NSSPKIXAttribute *rv;
- PRUint32 count;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSPKIXAttributeValue *)NULL == value1 ) {
- nss_SetError(NSS_ERROR_INSUFFICIENT_VALUES);
- return (NSSPKIXAttribute *)NULL;
- }
-
- {
- va_start(ap, typeOid);
-
- while( 1 ) {
- NSSPKIXAttributeValue *v;
- v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
- if( (NSSPKIXAttributeValue *)NULL == v ) {
- break;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(v) ) {
- va_end(ap);
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* NSSDEBUG */
-
- va_start(ap, typeOid);
-
- for( count = 0; ; count++ ) {
- NSSPKIXAttributeValue *v;
- v = (NSSPKIXAttributeValue *)va_arg(ap, NSSPKIXAttributeValue *);
- if( (NSSPKIXAttributeValue *)NULL == v ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, typeOid);
- rv = nss_pkix_Attribute_V_Create(arenaOpt, typeOid, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PCreateFromArray.c b/security/nss/lib/pkix/src/Attribute/PCreateFromArray.c
deleted file mode 100644
index c2d301d12..000000000
--- a/security/nss/lib/pkix/src/Attribute/PCreateFromArray.c
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_CreateFromArray
- *
- * This routine creates an NSSPKIXAttribute from specified components.
- * This routine may return NULL upon error, in which case it will have
- * created an error stack. If the optional arena argument is non-NULL,
- * that arena will be used for the required memory. There must be at
- * least one attribute value specified. The final argument must be
- * NULL, to indicate the end of the set of attribute values.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nssPKIXAttribute_CreateFromArray
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- PRUint32 count,
- NSSPKIXAttributeValue values[]
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssItem_verifyPointer(&values[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttribute);
- if( (NSSPKIXAttribute *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- rv->type = typeOid;
- {
- NSSItem typeder;
- NSSItem *x = nssOID_GetDEREncoding(rv->type, &typeder, arena);
- if( (NSSItem *)NULL == x ) {
- goto loser;
- }
-
- rv->asn1type.size = typeder.size;
- rv->asn1type.data = typeder.data;
- }
-
- rv->valuesCount = count;
-
- rv->asn1values = nss_ZNEWARRAY(arena, nssASN1Item *, count);
- if( (nssASN1Item **)NULL == rv->asn1values ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSItem tmp;
- NSSPKIXAttributeValue *v = &values[i];
-
- rv->asn1values[i] = nss_ZNEW(arena, nssASN1Item);
- if( (nssASN1Item *)NULL == rv->asn1values[i] ) {
- goto loser;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(v, arena, &tmp) ) {
- goto loser;
- }
-
- rv->asn1values[i].size = tmp.size;
- rv->asn1values[i].data = tmp.data;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS !=
- nssArena_registerDestructor(arena,
- nss_pkix_Attribute_remove_pointer,
- rv) ) {
- (void)nss_pkix_Attribute_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PDecode.c b/security/nss/lib/pkix/src/Attribute/PDecode.c
deleted file mode 100644
index 49a059404..000000000
--- a/security/nss/lib/pkix/src/Attribute/PDecode.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_Decode
- *
- * This routine creates an NSSPKIXAttribute by decoding a BER-
- * or DER-encoded Attribute as defined in RFC 2459. This
- * routine may return NULL upon error, in which case it will
- * have created an error stack. If the optional arena argument
- * is non-NULL, that arena will be used for the required memory.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nssPKIXAttribute_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttribute);
- if( (NSSPKIXAttribute *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXAttribute_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Attribute_remove_pointer, rv) ) {
- (void)nss_pkix_Attribute_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PDestroy.c b/security/nss/lib/pkix/src/Attribute/PDestroy.c
deleted file mode 100644
index 5f2b5a135..000000000
--- a/security/nss/lib/pkix/src/Attribute/PDestroy.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Destroy
- *
- * This routine destroys an NSSPKIXAttribute. It should be called on
- * all such objects created without an arena. It does not need to be
- * called for objects created with an arena, but it may be. This
- * routine returns a PRStatus value. Upon error, it place an error on
- * the error stack and return PR_FAILURE.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_Destroy
-(
- NSSPKIXAttribute *attribute
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_Attribute_remove_pointer(attribute);
- (void)nssArena_RemoveDestructor(arena, nss_pkix_Attribute_remove_pointer,
- attribute);
-#endif /* DEBUG */
-
- if( PR_TRUE == attribute->i_allocated_arena ) {
- return nssArena_Destroy(attribute->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PDuplicate.c b/security/nss/lib/pkix/src/Attribute/PDuplicate.c
deleted file mode 100644
index 765510e59..000000000
--- a/security/nss/lib/pkix/src/Attribute/PDuplicate.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Duplicate
- *
- * This routine duplicates an NSSPKIXAttribute. {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttribute upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttribute *
-nssPKIXAttribute_Duplicate
-(
- NSSPKIXAttribute *attribute,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttribute *rv = (NSSPKIXAttribute *)NULL;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return PR_FAILURE;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttribute);
- if( (NSSPKIXAttribute *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSBER *)NULL != attribute->ber ) {
- rv->ber = nssItem_Duplicate(arena, attribute->ber, (NSSItem *)NULL);
- if( (NSSBER *)NULL == rv->ber ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL != attribute->der ) {
- rv->der = nssItem_Duplicate(arena, attribute->der, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- if( (void *)NULL != attribute->asn1type.data ) {
- rv->asn1type.size = attribute->asn1type.size;
- rv->asn1type.data = nss_ZAlloc(arena, attribute->asn1type.size);
- if( (void *)NULL == rv->asn1type.data ) {
- goto loser;
- }
- (void)nsslibc_memcpy(rv->asn1type.data, attribute->asn1type.data,
- rv->asn1type.size);
- }
-
- if( (nssASN1Item **)NULL != attribute->asn1values ) {
- rv->asn1values = nss_ZNEWARRAY(arena, nssASN1Item *, attribute->valuesCount);
- if( (nssASN1Item **)NULL == rv->asn1values ) {
- goto loser;
- }
-
- for( i = 0; i < attribute->valuesCount; i++ ) {
- nssASN1Item *src;
- nssASN1Item *dst;
-
- src = attribute->asn1values[i];
- dst = nss_ZNEW(arena, nssASN1Item);
- if( (nssASN1Item *)NULL == dst ) {
- goto loser;
- }
-
- rv->asn1values[i] = dst;
-
- dst->size = src->size;
- dst->data = nss_ZAlloc(arena, dst->size);
- if( (void *)NULL == dst->data ) {
- goto loser;
- }
- (void)nsslibc_memcpy(dst->data, src->data, src->size);
- }
- }
-
- rv->type = attribute->type; /* NULL or otherwise */
- rv->valuescount = attribute->valuesCount;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Attribute_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS !=
- nssArena_registerDestructor(arena,
- nss_pkix_Attribute_remove_pointer,
- rv) ) {
- (void)nss_pkix_Attribute_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttribute *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PEncode.c b/security/nss/lib/pkix/src/Attribute/PEncode.c
deleted file mode 100644
index 7fc647ed2..000000000
--- a/security/nss/lib/pkix/src/Attribute/PEncode.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_Encode
- *
- * This routine returns an ASN.1 encoding of the specified
- * NSSPKIXAttribute. {usual rules about itemOpt and arenaOpt}
- * This routine indicates an error (NSS_ERROR_INVALID_DATA)
- * if there are no attribute values (i.e., the last one was removed).
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_DATA
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXAttribute_Encode
-(
- NSSPKIXAttribute *a,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSBER *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != a->ber ) {
- it = a->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != a->der ) {
- it = a->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(a->arena, (NSSItem *)NULL, a,
- nssPKIXAttribute_template, encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- a->ber = it;
- break;
- case NSSASN1DER:
- a->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PEqual.c b/security/nss/lib/pkix/src/Attribute/PEqual.c
deleted file mode 100644
index 247bfd575..000000000
--- a/security/nss/lib/pkix/src/Attribute/PEqual.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_Equal
- *
- * This routine compares two NSSPKIXAttribute's for equality.
- * It returns PR_TRUE if they are equal, PR_FALSE otherwise.
- * This routine also returns PR_FALSE upon error; if you're
- * that worried about it, check for an error stack.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXAttribute_Equal
-(
- NSSPKIXAttribute *one,
- NSSPKIXAttribute *two,
- PRStatus *statusOpt
-)
-{
- PRStatus dummyStatus = PR_SUCCESS; /* quiet warnings */
- PRStatus *status;
- PRUint32 i;
-
- if( (PRStatus *)NULL != statusOpt ) {
- status = statusOpt;
- *status = PR_SUCCESS;
- } else {
- status = &dummyStatus;
- }
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(one) ) {
- *status = PR_FAILURE;
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(two) ) {
- *status = PR_FAILURE;
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( ((NSSDER *)NULL != one->der) && ((NSSDER *)NULL != two->der) ) {
- return nssItem_Equal(one->der, two->der, statusOpt);
- }
-
- if( (NSSPKIXAttributeType *)NULL == one->type ) {
- NSSItem berOid;
- berOid.size = one->asn1type.size;
- berOid.data = one->asn1type.data;
- one->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&berOid);
- }
-
- if( (NSSPKIXAttributeType *)NULL == two->type ) {
- NSSItem berOid;
- berOid.size = two->asn1type.size;
- berOid.data = two->asn1type.data;
- two->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&berOid);
- }
-
- if( one->type != two->type ) {
- return PR_FALSE;
- }
-
- if( 0 == one->valuesCount ) {
- nss_pkix_Attribute_Count(one);
- }
-
-#ifdef PEDANTIC
- if( 0 == one->valuesCount ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- *statusOpt = PR_FAILURE;
- return PR_FALSE;
- }
-#endif /* PEDANTIC */
-
- if( 0 == two->valuesCount ) {
- nss_pkix_Attribute_Count(two);
- }
-
-#ifdef PEDANTIC
- if( 0 == two->valuesCount ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- *statusOpt = PR_FAILURE;
- return PR_FALSE;
- }
-#endif /* PEDANTIC */
-
- if( one->valuesCount != two->valuesCount ) {
- return PR_FALSE;
- }
-
- *status = nss_pkix_Attribute_Distinguish(one);
- if( PR_FAILURE == *status ) {
- return PR_FALSE;
- }
-
- *status = nss_pkix_Attribute_Distinguish(two);
- if( PR_FAILURE == *status ) {
- return PR_FALSE;
- }
-
- for( i == 0; i < one->valuesCount; i++ ) {
- NSSItem onetmp, twotmp;
-
- onetmp.size = one->asn1values[i]->size;
- onetmp.data = one->asn1values[i]->data;
- twotmp.size = two->asn1values[i]->size;
- twotmp.data = two->asn1values[i]->data;
-
- if( PR_FALSE == nssItem_Equal(&one, &two, statusOpt) ) {
- return PR_FALSE;
- }
- }
-
- return PR_TRUE;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PFindValue.c b/security/nss/lib/pkix/src/Attribute/PFindValue.c
deleted file mode 100644
index 0f1095f0c..000000000
--- a/security/nss/lib/pkix/src/Attribute/PFindValue.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_FindValue
- *
- * This routine searches the set of attribute values in the specified
- * NSSPKIXAttribute for the provided data. If an exact match is found,
- * then that value's index is returned. If an exact match is not
- * found, -1 is returned. If there is more than one exact match, one
- * index will be returned. {notes about unorderdness of SET, etc}
- * If the index may not be represented as an integer, an error is
- * indicated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXAttribute_FindValue
-(
- NSSPKIXAttribute *a,
- NSSPKIXAttributeValue *attributeValue
-)
-{
- PRUint32 i;
- nssASN1Item **a;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
- if( (nssASN1Item **)NULL == a->asn1values ) {
- nss_SetError(NSS_ERROR_ASSERTION_FAILED);
- return -1;
- }
-
- for( i = 0, a = &a->asn1values[0]; *a; a++, (i > 0x7fffffff) || i++ ) {
- NSSItem tmp;
-
- tmp.size = (*a)->size;
- tmp.data = (*a)->data;
-
- if( PR_TRUE == nssItem_Equal(attributeValue, &tmp, (PRStatus *)NULL) ) {
- if( i > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
- return (PRInt32)i;
- }
- }
-
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetType.c b/security/nss/lib/pkix/src/Attribute/PGetType.c
deleted file mode 100644
index 4b61431b8..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetType.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetType
- *
- * This routine returns the attribute type oid of the specified
- * NSSPKIXAttribute.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-nssPKIXAttribute_GetType
-(
- NSSPKIXAttribute *a
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return (NSSPKIXAttributeType *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSPKIXAttributeType *)NULL == a->type ) {
- NSSItem ber;
-
- ber.size = a->asn1type.size;
- ber.data = a->asn1type.data;
-
- a->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&ber);
- }
-
- return a->type;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetValue.c b/security/nss/lib/pkix/src/Attribute/PGetValue.c
deleted file mode 100644
index bbf12ca67..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetValue.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetValue
- *
- * This routine returns the i'th attribute value of the set of
- * values in the specified NSSPKIXAttribute. Although the set
- * is unordered, an arbitrary ordering will be maintained until
- * the data in the attribute is changed. {usual comments about
- * itemOpt and arenaOpt} [0,valueCount)
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-)
-{
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == attribute->valuesCount ) {
- nss_pkix_Attribute_Count(attribute);
- }
-
- if( (i < 0) || (i >= attribute->valuesCount) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- tmp.size = attribute->asn1values[i]->size;
- tmp.data = attribute->asn1values[i]->data;
-
- return nssItem_Duplicate(&tmp, arenaOpt, itemOpt);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetValueCount.c b/security/nss/lib/pkix/src/Attribute/PGetValueCount.c
deleted file mode 100644
index ada1d403d..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetValueCount.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetValueCount
- *
- * This routine returns the number of attribute values present in
- * the specified NSSPKIXAttribute. This routine returns a PRInt32.
- * Upon error, this routine returns -1. This routine indicates an
- * error if the number of values cannot be expressed as a PRInt32.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXAttribute_GetValueCount
-(
- NSSPKIXAttribute *attribute
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return -1;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == attribute->valuesCount ) {
- nss_pkix_Attribute_Count(attribute);
- }
-
-#ifdef PEDANTIC
- if( 0 == attribute->valuesCount ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-#endif /* PEDANTIC */
-
- if( attribute->valuesCount > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-
- return (PRInt32)(attribute->valuesCount);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PGetValues.c b/security/nss/lib/pkix/src/Attribute/PGetValues.c
deleted file mode 100644
index ccc11dbe0..000000000
--- a/security/nss/lib/pkix/src/Attribute/PGetValues.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_GetValues
- *
- * This routine returns all of the attribute values in the specified
- * NSSPKIXAttribute. If the optional pointer to an array of NSSItems
- * is non-null, then that array will be used and returned; otherwise,
- * an array will be allocated and returned. If the limit is nonzero
- * (which is must be if the specified array is nonnull), then an
- * error is indicated if it is smaller than the value count.
- * {arenaOpt}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSItem's upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-nssPKIXAttribute_GetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- NSSPKIXAttributeValue *rv = (NSSPKIXAttributeValue *)NULL;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == attribute->valuesCount ) {
- nss_pkix_Attribute_Count(attribute);
- }
-
-#ifdef PEDANTIC
- if( 0 == attribute->valuesCount ) {
- if( 0 == limit ) {
- nss_SetError(NSS_ERROR_NO_MEMORY);
- } else {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- }
- return (NSSPKIXAttributeValue *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (limit < attribute->valuesCount) &&
- !((0 == limit) && ((NSSPKIXAttributeValue *)NULL == rvOpt)) ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- limit = attribute->valuesCount;
- if( (NSSPKIXAttributeValue *)NULL == rvOpt ) {
- rv = nss_ZNEWARRAY(arenaOpt, NSSPKIXAttributeValue, limit);
- if( (NSSPKIXAttributeValue *)NULL == rv ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- for( i = 0; i < limit; i++ ) {
- NSSAttributeValue tmp;
- nssASN1Item *p = attribute->asn1values[i];
- NSSAttributeValue *r = &rv[i];
-
- tmp.size = p->size;
- tmp.data = p->data;
-
- if( (NSSItem *)NULL == nssItem_Duplicate(&tmp, arenaOpt, r) ) {
- goto loser;
- }
- }
-
- return rv;
-
- loser:
- for( i = 0; i < limit; i++ ) {
- NSSAttributeValue *r = &rv[i];
- nss_ZFreeIf(r->data);
- }
-
- if( rv != rvOpt ) {
- nss_ZFreeIf(rv);
- }
-
- return (NSSAttributeValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PRemoveValue.c b/security/nss/lib/pkix/src/Attribute/PRemoveValue.c
deleted file mode 100644
index 6da2ebc07..000000000
--- a/security/nss/lib/pkix/src/Attribute/PRemoveValue.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute. An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-PR_IMPLEMENET(PRStatus)
-nssPKIXAttribute_RemoveValue
-(
- NSSPKIXAttribute *a,
- PRInt32 i
-)
-{
- nssASN1Item **ip;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == a->valuesCount ) {
- nss_pkix_Attribute_Count(a);
- }
-
- if( i < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- if( 1 == a->valuesCount ) {
- nss_SetError(NSS_ERROR_AT_MINIMUM);
- return PR_FAILURE;
- }
-
-#ifdef PEDANTIC
- if( 0 == a->valuesCount ) {
- /* Too big.. but we can still remove one */
- nss_ZFreeIf(a->asn1values[i].data);
- for( ip = &a->asn1values[i]; *ip; ip++ ) {
- ip[0] = ip[1];
- }
- } else
-#endif /* PEDANTIC */
-
- {
- nssASN1Item *si;
- PRUint32 end;
-
- if( i >= a->valueCount ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- end = a->valuesCount - 1;
-
- si = a->asn1values[i];
- a->asn1values[i] = a->asn1values[ end ];
- a->asn1values[ end ] = (nssASN1Item *)NULL;
-
- nss_ZFreeIf(si->data);
- nss_ZFreeIf(si);
-
- /* We could realloc down, but we know it's a no-op */
- a->valuesCount = end;
- }
-
- return nss_pkix_Attribute_Clear(a);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PSetType.c b/security/nss/lib/pkix/src/Attribute/PSetType.c
deleted file mode 100644
index 8f430aab3..000000000
--- a/security/nss/lib/pkix/src/Attribute/PSetType.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value. Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_SetType
-(
- NSSPKIXAttribute *a,
- NSSPKIXAttributeType *attributeType
-)
-{
- NSSDER tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- a->type = attributeType;
-
- nss_ZFreeIf(a->asn1type.data);
- if( (NSSDER *)NULL == nssOID_GetDEREncoding(a->type, &tmp, a->arena) ) {
- return PR_FAILURE;
- }
-
- a->asn1type.size = tmp.size;
- a->asn1type.data = tmp.data;
-
- return nss_pkix_Attribute_Clear(a);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PSetValue.c b/security/nss/lib/pkix/src/Attribute/PSetValue.c
deleted file mode 100644
index 4fd490a6a..000000000
--- a/security/nss/lib/pkix/src/Attribute/PSetValue.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_SetValue
-(
- NSSPKIXAttribute *a,
- PRInt32 i,
- NSSPKIXAttributeValue *value
-)
-{
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( i < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- if( 0 == a->valuesCount ) {
- nss_pkix_Attribute_Count(a);
- }
-
- if( (0 != a->valuesCount) && (i > a->valuesCount) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(value, a->arena, &tmp) ) {
- return PR_FAILURE;
- }
-
- nss_ZFreeIf(a->asn1values[i]->data);
- a->asn1values[i]->size = tmp.size;
- a->asn1values[i]->data = tmp.data;
-
- return nss_pkix_Attribute_Clear(a);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/PSetValues.c b/security/nss/lib/pkix/src/Attribute/PSetValues.c
deleted file mode 100644
index 64df8eb55..000000000
--- a/security/nss/lib/pkix/src/Attribute/PSetValues.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_SetValues
-(
- NSSPKIXAttribute *a,
- NSSPKIXAttributeValue values[],
- PRInt32 count
-)
-{
- nssASN1Item **ip;
- nssASN1Item *newarray;
- PRUint32 i;
- nssArenaMark *mark;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(a) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXAttributeValue *)NULL == values ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( count < 1 ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((nssASN1Item **)NULL != a->asn1values);
- if( (nssASN1Item **)NULL == a->asn1values ) {
- nss_SetError(NSS_ERROR_ASSERTION_FAILED);
- return PR_FAILURE;
- }
-
- mark = nssArena_Mark(a->arena);
- if( (nssArenaMark *)NULL == mark ) {
- return PR_FAILURE;
- }
-
- newarray = nss_ZNEWARRAY(a->arena, nssASN1Item *, count);
- if( (nssASN1Item *)NULL == newarray ) {
- return PR_FAILURE;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSItem tmp;
-
- newarray[i] = nss_ZNEW(a->arena, nssASN1Item);
- if( (nssASN1Item *)NULL == newarray[i] ) {
- goto loser;
- }
-
- if( (NSSItem *)NULL == nssItem_Duplicate(&values[i], a->arena, &tmp) ) {
- goto loser;
- }
-
- newarray[i]->size = tmp.size;
- newarray[i]->data = tmp.data;
- }
-
- for( ip = &a->asn1values[0]; *ip; ip++ ) {
- nss_ZFreeIf((*ip)->data);
- nss_ZFreeIf(*ip);
- }
-
- nss_ZFreeIf(a->asn1values);
-
- a->asn1values = newarray;
- a->valuesCount = count;
-
- (void)nss_pkix_Attribute_Clear(a);
- return nssArena_Unmark(a->arena, mark);
-
- loser:
- (void)nssArena_Release(a->arena, mark);
- return PR_FAILURE;
-}
diff --git a/security/nss/lib/pkix/src/Attribute/RemoveValue.c b/security/nss/lib/pkix/src/Attribute/RemoveValue.c
deleted file mode 100644
index e869fd96a..000000000
--- a/security/nss/lib/pkix/src/Attribute/RemoveValue.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_RemoveValue
- *
- * This routine removes the i'th attribute value of the set in the
- * specified NSSPKIXAttribute. An attempt to remove the last value
- * will fail.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_RemoveValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_RemoveValue(attribute, i);
-}
-
diff --git a/security/nss/lib/pkix/src/Attribute/SetType.c b/security/nss/lib/pkix/src/Attribute/SetType.c
deleted file mode 100644
index 4975c8f8a..000000000
--- a/security/nss/lib/pkix/src/Attribute/SetType.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_SetType
- *
- * This routine sets the attribute type oid of the indicated
- * NSSPKIXAttribute to the specified value. Since attributes
- * may be application-defined, no checking can be done on
- * either the correctness of the attribute type oid value nor
- * the suitability of the set of attribute values.
- *
- * The error value may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_SetType
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeType *attributeType
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_SetType(attribute, attributeType);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/SetValue.c b/security/nss/lib/pkix/src/Attribute/SetValue.c
deleted file mode 100644
index 43f74ad26..000000000
--- a/security/nss/lib/pkix/src/Attribute/SetValue.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_SetValue
- *
- * This routine sets the i'th attribute value {blah blah; copies
- * memory contents over..}
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_SetValue
-(
- NSSPKIXAttribute *attribute,
- PRInt32 i,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttribute_SetValue(attribute, i, value);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/SetValues.c b/security/nss/lib/pkix/src/Attribute/SetValues.c
deleted file mode 100644
index 7c3645cf7..000000000
--- a/security/nss/lib/pkix/src/Attribute/SetValues.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttribute_SetValues
- *
- * This routine sets all of the values of the specified
- * NSSPKIXAttribute to the values in the specified NSSItem array.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttribute_SetValues
-(
- NSSPKIXAttribute *attribute,
- NSSPKIXAttributeValue values[],
- PRInt32 count
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttribute_verifyPointer(attribute) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXAttributeValue *)NULL == values ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- if( count < 1 ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKXIAttribute_SetValues(attribute, values, count);
-}
diff --git a/security/nss/lib/pkix/src/Attribute/template.c b/security/nss/lib/pkix/src/Attribute/template.c
deleted file mode 100644
index 850b6a9b0..000000000
--- a/security/nss/lib/pkix/src/Attribute/template.c
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttribute_template
- *
- *
- */
-
-const nssASN1Template nssPKIXAttribute_template[] = {
- { nssASN1_SEQUENCE, 0, NULL, sizeof(NSSPKIXAttribute) },
- { nssASN1_OBJECT_ID, offsetof(NSSPKIXAttribute, asn1type) },
- { nssASN1_SET_OF, offsetof(NSSPKIXAttribute, asn1values),
- nssASN1Template_Any },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/Attribute/verifyPointer.c b/security/nss/lib/pkix/src/Attribute/verifyPointer.c
deleted file mode 100644
index c0ae3ed84..000000000
--- a/security/nss/lib/pkix/src/Attribute/verifyPointer.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_attribute_pointer_tracker;
-
-/*
- * nss_pkix_Attribute_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAttribute pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Attribute_add_pointer
-(
- const NSSPKIXAttribute *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_attribute_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_attribute_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_Attribute_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXAttribute
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Attribute_remove_pointer
-(
- const NSSPKIXAttribute *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_attribute_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssPKIXAttribute_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXAttribute
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttribute_verifyPointer
-(
- NSSPKIXAttribute *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_attribute_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_attribute_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c
deleted file mode 100644
index 84e721f80..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Create.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue(arenaOpt, typeOid, value);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c
deleted file mode 100644
index 72e0a3114..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c
deleted file mode 100644
index 33b657303..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c
deleted file mode 100644
index b3c28a03f..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttributeTypeAndValue_Destroy
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Destroy(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c
deleted file mode 100644
index 09d1f27c3..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXAttributeTypeAndValue_Duplicate
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Duplicate(atav, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c
deleted file mode 100644
index 1b67be84d..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXAttributeTypeAndValue_Encode
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Encode(atav, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c
deleted file mode 100644
index 0cbf06eca..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXAttributeTypeAndValue_Equal
-(
- NSSPKIXAttributeTypeAndValue *atav1,
- NSSPKIXAttributeTypeAndValue *atav2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_Equal(atav1, atav2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c
deleted file mode 100644
index 68e2f48f6..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetType.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-NSSPKIXAttributeTypeAndValue_GetType
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSPKIXAttributeType *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_GetType(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c
deleted file mode 100644
index 611e4bcb9..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_GetUTF8Encoding(atav, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c
deleted file mode 100644
index 5516c63ea..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/GetValue.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_GetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeValue *
-NSSPKIXAttributeTypeAndValue_GetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *itemOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_GetValue(atav, itemOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c
deleted file mode 100644
index eeae7db86..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_AttributeTypeAndValue_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AttributeTypeAndValue_Clear
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != atav->ber ) {
- nss_ZFreeIf(atav->ber->data);
- nss_ZFreeIf(atav->ber);
- }
-
- if( (NSSDER *)NULL != atav->der ) {
- nss_ZFreeIf(atav->der->data);
- nss_ZFreeIf(atav->der);
- }
-
- nss_ZFreeIf(atav->utf8);
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c
deleted file mode 100644
index 2dc6d8ac5..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreate.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeType *typeOid,
- NSSPKIXAttributeValue *value
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(typeOid) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* DEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->type = typeOid;
-
- {
- NSSItem tmp;
- if( (NSSItem *)NULL == nssOID_GetDEREncoding(typeOid, arena, &tmp) ) {
- goto loser;
- }
-
- rv->asn1type.size = tmp.size;
- rv->asn1type.data = tmp.data;
- }
-
- {
- NSSItem tmp;
- if( (NSSItem *)NULL == nssItem_Duplicate(value, arena, &tmp) ) {
- goto loser;
- }
-
- rv->asn1value.size = tmp.size;
- rv->asn1value.data = tmp.data;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c
deleted file mode 100644
index a2fa289ea..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PCreateFromUTF8.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_CreateFromUTF8
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /* Fill this in later from ../pki1/atav.c implementation */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c
deleted file mode 100644
index 9e017526c..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDecode.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- /* For this object, BER is DER */
- rv->der = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv,
- nssPKIXAttributeTypeAndValue_template,
- ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c
deleted file mode 100644
index 47242f545..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDestroy.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttributeTypeAndValue_Destroy
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_AttributeTypeAndValue_remove_pointer(atav);
- (void)nssArena_RemoveDestructor(arena,
- nss_pkix_AttributeTypeAndValue_remove_pointer, atav);
-#endif /* DEBUG */
-
- if( PR_TRUE == atav->i_allocated_arena ) {
- return nssArena_Destroy(atav->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c
deleted file mode 100644
index 53fc85171..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PDuplicate.c
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXAttributeTypeAndValue_Duplicate
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXAttributeTypeAndValue *rv = (NSSPKIXAttributeTypeAndValue *)NULL;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXAttributeTypeAndValue);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSDER *)NULL != atav->der ) {
- rv->der = nssItem_Duplicate(atav->der, arena, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser; /* actually, this isn't fatal */
- }
- }
-
- {
- NSSItem src, dst;
- src.size = atav->asn1type.size;
- src.data = atav->asn1type.data;
- if( (NSSItem *)NULL == nssItem_Duplicate(&src, arena, &dst) ) {
- goto loser;
- }
- rv->asn1type.size = dst.size;
- rv->asn1type.data = dst.data;
- }
-
- {
- NSSItem src, dst;
- src.size = atav->asn1value.size;
- src.data = atav->asn1value.data;
- if( (NSSItem *)NULL == nssItem_Duplicate(&src, arena, &dst) ) {
- goto loser;
- }
- rv->asn1value.size = dst.size;
- rv->asn1value.data = dst.data;
- }
-
- rv->type = atav->type;
-
- if( (NSSUTF8 *)NULL != atav->utf8 ) {
- rv->utf8 = nssUTF8_Duplicate(atav->utf8, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser; /* actually, this isn't fatal */
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXAttributeTypeAndValue *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c
deleted file mode 100644
index 64a77e590..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEncode.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSBER *
-nssPKIXAttributeTypeAndValue_Encode
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- case NSSASN1DER:
- break;
- case NSSASN1CER:
- case NSSASN1LWER:
- case NSSASN1PER:
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- /* For this item its DER is BER */
-
- if( (NSSDER *)NULL == atav->der ) {
- atav->der = nssASN1_EncodeDER(atav->arena, (NSSItem *)NULL, a,
- nssPKIXAtributeTypeAndValue_template, NSSASN1DER);
- if( (NSSDER *)NULL == atav->der ) {
- return (NSSBER *)NULL;
- }
- }
-
- return nssItem_Duplicate(a->der, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c
deleted file mode 100644
index 67dc970f1..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PEqual.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXAttributeTypeAndValue_Equal
-(
- NSSPKIXAttributeTypeAndValue *atav1,
- NSSPKIXAttributeTypeAndValue *atav2,
- PRStatus *statusOpt
-)
-{
- NSSItem one, two;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav1) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav2) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- one.size = atav1->asn1type.size;
- one.data = atav1->asn1type.data;
- two.size = atav2->asn1type.size;
- two.data = atav2->asn1type.data;
-
- if( PR_FALSE == nssItem_Equal(&one, &two, statusOpt) ) {
- return PR_FALSE;
- }
-
- one.size = atav1->asn1value.size;
- one.data = atav1->asn1value.data;
- two.size = atav2->asn1value.size;
- two.data = atav2->asn1value.data;
-
- return nssItem_Equal(&one, &two, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c
deleted file mode 100644
index 20411e8ee..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetType.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_GetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSPKIXAttributeType pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeType *
-nssPKIXAttributeTypeAndValue_GetType
-(
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSPKIXAttributeType *)NULL == atav->type ) {
- NSSItem ber;
-
- ber.size = atav->asn1type.size;
- ber.data = atav->asn1type.data;
-
- atav->type = (NSSPKIXAttributeType *)NSSOID_CreateFromBER(&ber);
- }
-
- return atav->type;
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c
deleted file mode 100644
index 41145b3cf..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXAttributeTypeAndValue_GetUTF8Encoding
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == atav->utf8 ) {
- /* xxx fgmr fill this in from the ../pki1/atav.c implementation */
- }
-
- return nssUTF8_Duplicate(atav->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c
deleted file mode 100644
index 33f9e5b2b..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PGetValue.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_GetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSAttributeValue upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXAttributeValue *
-nssPKIXAttributeTypeAndValue_GetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- tmp.size = atav->asn1value.size;
- tmp.data = atav->asn1value.data;
-
- return nssItem_Duplicate(&tmp, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c
deleted file mode 100644
index 4e25b88cc..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetType.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_SetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN PRStatus
-nssPKIXAttributeTypeAndValue_SetType
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeType *attributeType
-)
-{
- NSSDER tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- atav->type = attributeType;
-
- nss_ZFreeIf(atav->asn1type.data);
- if( (NSSDER *)NULL == nssOID_GetDEREncoding(atav->type, &tmp, atav->arena) ) {
- return PR_FAILURE;
- }
-
- atav->asn1type.size = tmp.size;
- atav->asn1type.data = tmp.data;
-
- return nss_pkix_AttributeTypeAndValue_Clear(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c
deleted file mode 100644
index 82de4db00..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/PSetValue.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_SetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttributeTypeAndValue_SetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *value
-)
-{
- NSSItem tmp;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSItem *)NULL == nssItem_Duplicate(value, atav->arena, &tmp) ) {
- return PR_FAILURE;
- }
-
- nss_ZFreeIf(atav->asn1value.data);
- atav->asn1value.size = tmp.size;
- atav->asn1value.data = tmp.data;
-
- return nss_pkix_AttributeTypeAndValue_Clear(atav);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c
deleted file mode 100644
index 672b7b738..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetType.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetType
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_OID
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttributeTypeAndValue_SetType
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeType *attributeType
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssOID_verifyPointer(attributeType) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_SetType(atav, attributeType);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c
deleted file mode 100644
index fafc54d6c..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/SetValue.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXAttributeTypeAndValue_SetValue
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXAttributeTypeAndValue_SetValue
-(
- NSSPKIXAttributeTypeAndValue *atav,
- NSSPKIXAttributeValue *value
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(value) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXAttributeTypeAndValue_SetValue(atav, value);
-}
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/template.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/template.c
deleted file mode 100644
index 548a4fac9..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/template.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXAttributeTypeAndValue_template
- *
- */
-
-const nssASN1Template nssPKIXAttributeTypeAndValue_template[] = {
- { nssASN1_SEQUENCE, 0, NULL, sizeof(NSSPKIXAttributeTypeAndValue) },
- { nssASN1_OBJECT_ID, offsetof(NSSPKIXAttributeTypeAndValue, asn1type) },
- { nssASN1_ANY, offsetof(NSSPKIXAttributeTypeAndValue, asn1value) },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c b/security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c
deleted file mode 100644
index 340e19c1b..000000000
--- a/security/nss/lib/pkix/src/AttributeTypeAndValue/verifyPointer.c
+++ /dev/null
@@ -1,184 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_atav_pointer_tracker;
-
-/*
- * nss_pkix_AttributeTypeAndValue_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXAttributeTypeAndValue
- * pointer to the internal pointer-tracker. This routine should only
- * be used by the NSSPKIX module. This routine returns a PRStatus
- * value; upon error it will place an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AttributeTypeAndValue_add_pointer
-(
- const NSSPKIXAttributeTypeAndValue *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_atav_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_atav_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(arena,
- nss_pkix_AttributeTypeAndValue_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_AttributeTypeAndValue_remove_pointer(p);
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_AttributeTypeAndValue_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid
- * NSSPKIXAttributeTypeAndValue pointer from the internal
- * pointer-tracker. This routine should only be used by the
- * NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and
- * return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_AttributeTypeAndValue_remove_pointer
-(
- const NSSPKIXAttributeTypeAndValue *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_atav_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_AttributeTypeAndValue_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXAttributeTypeAndValue_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an
- * NSSPKIXAttributeTypeAndValue object, this routine will return
- * PR_SUCCESS. Otherwise, it will put an error on the error stack
- * and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXAttributeTypeAndValue_verifyPointer
-(
- NSSPKIXAttributeTypeAndValue *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_atav_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_atav_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/Name/Create.c b/security/nss/lib/pkix/src/Name/Create.c
deleted file mode 100644
index dc9059f0b..000000000
--- a/security/nss/lib/pkix/src/Name/Create.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNameChoice choice,
- void *arg
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- {
- NSSPKIXRDNSequence *r = (NSSPKIXRDNSequence *)arg;
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(r) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- return (NSSPKIXName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_Create(arenaOpt, choice, arg);
-}
diff --git a/security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c b/security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c
deleted file mode 100644
index da07742cc..000000000
--- a/security/nss/lib/pkix/src/Name/CreateFromRDNSequence.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_CreateFromRDNSequence
-(
- NSSArena *arenaOpt,
- NSSPKIXRDNSequence *rdnSequence
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnSequence) ) {
- return (NSSPKIXName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_CreateFromRDNSequence(arenaOpt, rdnSequence);
-}
diff --git a/security/nss/lib/pkix/src/Name/CreateFromUTF8.c b/security/nss/lib/pkix/src/Name/CreateFromUTF8.c
deleted file mode 100644
index f2111ea75..000000000
--- a/security/nss/lib/pkix/src/Name/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/Name/Decode.c b/security/nss/lib/pkix/src/Name/Decode.c
deleted file mode 100644
index b30fac01e..000000000
--- a/security/nss/lib/pkix/src/Name/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_CreateFromBER
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_CreateFromBER(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/Name/Destroy.c b/security/nss/lib/pkix/src/Name/Destroy.c
deleted file mode 100644
index c8c2bc9f2..000000000
--- a/security/nss/lib/pkix/src/Name/Destroy.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXName_Destroy
-(
- NSSPKIXName *name
-)
-{
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_Destroy(name);
-}
diff --git a/security/nss/lib/pkix/src/Name/Duplicate.c b/security/nss/lib/pkix/src/Name/Duplicate.c
deleted file mode 100644
index 6c8831729..000000000
--- a/security/nss/lib/pkix/src/Name/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-NSSPKIXName_Duplicate
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSDER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSDER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_Duplicate(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/Encode.c b/security/nss/lib/pkix/src/Name/Encode.c
deleted file mode 100644
index 344a53724..000000000
--- a/security/nss/lib/pkix/src/Name/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXName_Encode
-(
- NSSPKIXName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_Encode(name, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/Equal.c b/security/nss/lib/pkix/src/Name/Equal.c
deleted file mode 100644
index 9a74eef94..000000000
--- a/security/nss/lib/pkix/src/Name/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXName_Equal
-(
- NSSPKIXName *name1,
- NSSPKIXName *name2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(name1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(name2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIX_Equal(name1, name2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetChoice.c b/security/nss/lib/pkix/src/Name/GetChoice.c
deleted file mode 100644
index 8a36ada00..000000000
--- a/security/nss/lib/pkix/src/Name/GetChoice.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid element of the NSSPKIXNameChoice enumeration upon success
- * The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_IMPLEMENT NSSPKIXNameChoice
-NSSPKIXName_GetChoice
-(
- NSSPKIXName *name
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return NSSPKIXNameChoice_NSSinvalid;
- }
-#endif /* DEBUG */
-
- return nssPKIXName_GetChoice(name);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetRDNSequence.c b/security/nss/lib/pkix/src/Name/GetRDNSequence.c
deleted file mode 100644
index 94562ae3c..000000000
--- a/security/nss/lib/pkix/src/Name/GetRDNSequence.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer to a valid NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXName_GetRDNSequence
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_GetRDNSequence(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c b/security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c
deleted file mode 100644
index 3de2d5b84..000000000
--- a/security/nss/lib/pkix/src/Name/GetSpecifiedChoice.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer ...
- * NULL upon failure
- */
-
-NSS_IMPLEMENT void *
-NSSPKIXName_GetSpecifiedChoice
-(
- NSSPKIXName *name,
- NSSPKIXNameChoice choice,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(name) ) {
- return (void *)NULL;
- }
-
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- return (void *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (void *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_GetSpecifiedChoice(name, choice, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/GetUTF8Encoding.c b/security/nss/lib/pkix/src/Name/GetUTF8Encoding.c
deleted file mode 100644
index c86dd94b2..000000000
--- a/security/nss/lib/pkix/src/Name/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXName_GetUTF8Encoding
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXName_GetUTF8Encoding(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/MClear.c b/security/nss/lib/pkix/src/Name/MClear.c
deleted file mode 100644
index e8d6b1961..000000000
--- a/security/nss/lib/pkix/src/Name/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_Name_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_Clear
-(
- NSSPKIXName *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != name->ber ) {
- nss_ZFreeIf(name->ber->data);
- nss_ZFreeIf(name->ber);
- }
-
- if( (NSSDER *)NULL != name->der ) {
- nss_ZFreeIf(name->der->data);
- nss_ZFreeIf(name->der);
- }
-
- nss_ZFreeIf(name->utf8);
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Name/Mregister.c b/security/nss/lib/pkix/src/Name/Mregister.c
deleted file mode 100644
index 09ddb9d99..000000000
--- a/security/nss/lib/pkix/src/Name/Mregister.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifdef NSSDEBUG
-/*
- * nss_pkix_Name_register
- *
- * Registers whatever sub-component exists within this Name.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_register
-(
- NSSPKIXName *name
-)
-{
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-
- switch( name->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- /* add pointer */
- /* (sub-)register pointer */
- /* add destructor to arena */
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Name/PCreate.c b/security/nss/lib/pkix/src/Name/PCreate.c
deleted file mode 100644
index e93737599..000000000
--- a/security/nss/lib/pkix/src/Name/PCreate.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_CHOICE
- * NSS_ERROR_INVALID_ARGUMENT
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXNameChoice choice,
- void *arg
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- if( (PR_SUCCESS != nssPKIXRDNSequence_verifyPointer((NSSPKIXRDNSequence *)arg) ) ) {
- nss_SetError(NSS_ERROR_INVALID_ARGUMENT);
- return (NSSPKIXName *)NULL;
- }
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- return (NSSPKIXName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- goto loser;
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- rv->choice = choice;
- switch( choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- rv->u.rdnSequence = nssPKIXRDNSequence_Duplicate((NSSPKIXRDNSequence *)arg, arena);
- if( (NSSPKIXRDNSequence *)NULL == rv->u.rdnSequence ) {
- goto loser;
- }
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INVALID_CHOICE);
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Name_remove_pointer, rv) ) {
- (void)nss_pkix_Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c b/security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c
deleted file mode 100644
index 169e409a3..000000000
--- a/security/nss/lib/pkix/src/Name/PCreateFromRDNSequence.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_CreateFromRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_CreateFromRDNSequence
-(
- NSSArena *arenaOpt,
- NSSPKIXRDNSequence *rdnSequence
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( (PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnSequence) ) ) {
- return (NSSPKIXName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- rv->choice = NSSPKIXNameChoice_rdnSequence;
- rv->u.rdnSequence = nssPKIXRDNSequence_Duplicate(rdnSequence, arena);
- if( (NSSPKIXRDNSequence *)NULL == rv->u.rdnSequence ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Name_remove_pointer, rv) ) {
- (void)nss_pkix_Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PCreateFromUTF8.c b/security/nss/lib/pkix/src/Name/PCreateFromUTF8.c
deleted file mode 100644
index 0939a19e3..000000000
--- a/security/nss/lib/pkix/src/Name/PCreateFromUTF8.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /* Insert intelligence here -- fgmr */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Name_remove_pointer, rv) ) {
- (void)nss_pkix_Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PDecode.c b/security/nss/lib/pkix/src/Name/PDecode.c
deleted file mode 100644
index d3f20d473..000000000
--- a/security/nss/lib/pkix/src/Name/PDecode.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_CreateFromBER
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_CreateFromBER
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXName_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PDestroy.c b/security/nss/lib/pkix/src/Name/PDestroy.c
deleted file mode 100644
index f1fd41721..000000000
--- a/security/nss/lib/pkix/src/Name/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXName_Destroy
-(
- NSSPKIXName *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_Name_remove_pointer(name);
-#endif /* DEBUG */
-
- if( PR_TRUE == name->i_allocated_arena ) {
- return nssArena_Destroy(name->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Name/PDuplicate.c b/security/nss/lib/pkix/src/Name/PDuplicate.c
deleted file mode 100644
index c5788a0f1..000000000
--- a/security/nss/lib/pkix/src/Name/PDuplicate.c
+++ /dev/null
@@ -1,172 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXName *
-nssPKIXName_Duplicate
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXName *rv = (NSSPKIXName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXName *)NULL;
- }
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXName);
- if( (NSSPKIXName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSBER *)NULL != name->ber ) {
- rv->ber = nssItem_Duplicate(name->ber, arena, (NSSItem *)NULL);
- if( (NSSBER *)NULL == rv->ber ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL != name->der ) {
- rv->der = nssItem_Duplicate(name->der, arena, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- if( (NSSUTF8 *)NULL != name->utf8 ) {
- rv->utf8 = nssUTF8_duplicate(name->utf8, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
- }
-
- rv->choice = name->choice;
- switch( name->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- rv->u.rdnSequence = nssPKIXRDNSequence_Duplicate(name->u.rdnSequence, arena);
- if( (NSSPKIXRDNSequence *)NULL == rv->u.rdnSequence ) {
- goto loser;
- }
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_Name_remove_pointer, rv) ) {
- (void)nss_pkix_Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PEncode.c b/security/nss/lib/pkix/src/Name/PEncode.c
deleted file mode 100644
index 469b528fb..000000000
--- a/security/nss/lib/pkix/src/Name/PEncode.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXName_Encode
-(
- NSSPKIXName *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSBER *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != name->ber ) {
- it = name->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != name->der ) {
- it = name->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(name->arena, (NSSItem *)NULL, name,
- nssPKIXName_template, encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- name->ber = it;
- break;
- case NSSASN1DER:
- name->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/PEqual.c b/security/nss/lib/pkix/src/Name/PEqual.c
deleted file mode 100644
index 5ad91dd2a..000000000
--- a/security/nss/lib/pkix/src/Name/PEqual.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXName_Equal
-(
- NSSPKIXName *one,
- NSSPKIXName *two,
- PRStatus *statusOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXName_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( ((NSSDER *)NULL != one->der) && ((NSSDER *)NULL != two->der) ) {
- return nssItem_Equal(one->der, two->der, statusOpt);
- }
-
- if( one->choice != two->choice ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
- return PR_FALSE;
- }
-
- switch( one->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- return nssPKIXRDNSequence_Equal(one->u.rdnSequence, two->u.rdnSequence, statusOpt);
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- break;
- }
-
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetChoice.c b/security/nss/lib/pkix/src/Name/PGetChoice.c
deleted file mode 100644
index f34a93908..000000000
--- a/security/nss/lib/pkix/src/Name/PGetChoice.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- *
- * Return value:
- * A valid element of the NSSPKIXNameChoice enumeration upon success
- * The value NSSPKIXNameChoice_NSSinvalid (-1) upon error
- */
-
-NSS_IMPLEMENT NSSPKIXNameChoice
-nssPKIXName_GetChoice
-(
- NSSPKIXName *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return NSSPKIXNameChoice_NSSinvalid;
- }
-#endif /* NSSDEBUG */
-
- return name->choice;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetRDNSequence.c b/security/nss/lib/pkix/src/Name/PGetRDNSequence.c
deleted file mode 100644
index 0899e550d..000000000
--- a/security/nss/lib/pkix/src/Name/PGetRDNSequence.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetRDNSequence
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A pointer to a valid NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXName_GetRDNSequence
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( name->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- return nssPKIXRDNSequence_Duplicate(name->u.rdnSequence, arenaOpt);
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- break;
- }
-
- nss_SetError(NSS_ERROR_WRONG_CHOICE);
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c b/security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c
deleted file mode 100644
index a24c8ea86..000000000
--- a/security/nss/lib/pkix/src/Name/PGetSpecifiedChoice.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetSpecifiedChoice
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_WRONG_CHOICE
- *
- * Return value:
- * A valid pointer ...
- * NULL upon failure
- */
-
-NSS_IMPLEMENT void *
-nssPKIXName_GetSpecifiedChoice
-(
- NSSPKIXName *name,
- NSSPKIXNameChoice choice,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (void *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (void *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( choice != name->choice ) {
- nss_SetError(NSS_ERROR_WRONG_CHOICE);
- return (void *)NULL;
- }
-
- switch( name->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- return (void *)nssPKIXRDNSequence_Duplicate(name->u.rdnSequence, arenaOpt);
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- break;
- }
-
- nss_SetError(NSS_ERROR_WRONG_CHOICE);
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c
deleted file mode 100644
index 164229277..000000000
--- a/security/nss/lib/pkix/src/Name/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_NAME
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXName_GetUTF8Encoding
-(
- NSSPKIXName *name,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXName_verifyPointer(name) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- /* xxx fgmr fill this in from pki1 implementation */
- }
-
- return nssUTF8_Duplicate(name->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Name/template.c b/security/nss/lib/pkix/src/Name/template.c
deleted file mode 100644
index 72ac85466..000000000
--- a/security/nss/lib/pkix/src/Name/template.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXName_template
- *
- */
-
-const nssASN1Template nssPKIXName_template[] = {
- { nssASN1_CHOICE, offsetof(NSSPKIXName, choice), 0, sizeof(NSSPKIXName) },
- { nssASN1_POINTER, offsetof(NSSPKIXName, u.rdnSequence),
- nssPKIXRDNSequence_template, NSSPKIXNameChoice_rdnSequence },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/Name/verifyPointer.c b/security/nss/lib/pkix/src/Name/verifyPointer.c
deleted file mode 100644
index 6c27e5910..000000000
--- a/security/nss/lib/pkix/src/Name/verifyPointer.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_name_pointer_tracker;
-
-/*
- * nss_pkix_Name_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXName pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_add_pointer
-(
- const NSSPKIXName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_name_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(p->arena,
- nss_pkix_Name_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_Name_remove_pointer(p);
- return rv;
- }
-
-#ifdef NSSDEBUG
- switch( p->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- rv = nss_pkix_RDNSequence_register(p->u.rdnSequence);
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- rv = PR_FAILURE;
- break;
- }
-
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_Name_remove_pointer(p);
- }
-#endif /* NSSDEBUG */
-
- return rv;
-}
-
-/*
- * nss_pkix_Name_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXName
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_Name_remove_pointer
-(
- const NSSPKIXName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
-#ifdef NSSDEBUG
- switch( p->choice ) {
- case NSSPKIXNameChoice_rdnSequence:
- (void)nss_pkix_RDNSequence_register(p->u.rdnSequence);
- break;
- case NSSPKIXNameChoice_NSSinvalid:
- default:
- break;
- }
-#endif /* NSSDEBUG */
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_Name_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXName_verifyPointer
-(
- NSSPKIXName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_name_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c
deleted file mode 100644
index 4e0d0d018..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/AppendRelativeDistinguishedName.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_AppendRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_AppendRelativeDistinguishedName(rdnseq, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Create.c b/security/nss/lib/pkix/src/RDNSequence/Create.c
deleted file mode 100644
index 52b8a851c..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Create.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *rdn1,
- ...
-)
-{
- va_list ap;
- NSSPKIXRDNSequence *rv;
- PRUint32 count;
-
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- /* Is there a nonzero minimum number of RDNs required? */
-
- {
- va_start(ap, arenaOpt);
-
- while( 1 ) {
- NSSPKIXRelativeDistinguishedName *rdn;
- rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
- break;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- va_end(ap);
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* DEBUG */
-
- va_start(ap, arenaOpt);
-
- for( count = 0; ; count++ ) {
- NSSPKIXRelativeDistinguishedName *rdn;
- rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, arenaOpt);
- rv = nss_pkix_RDNSequence_V_Create(arenaOpt, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c b/security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c
deleted file mode 100644
index b6412187c..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/CreateFromArray.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXRelativeDistinguishedName *rdns[]
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(&rdns[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_CreateFromArray(arenaOpt, count, rnds);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c b/security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c
deleted file mode 100644
index dcdbc54a2..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRDNSequence *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Decode.c b/security/nss/lib/pkix/src/RDNSequence/Decode.c
deleted file mode 100644
index ebbad116a..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Destroy.c b/security/nss/lib/pkix/src/RDNSequence/Destroy.c
deleted file mode 100644
index 5962364e5..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_Destroy
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Destroy(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Duplicate.c b/security/nss/lib/pkix/src/RDNSequence/Duplicate.c
deleted file mode 100644
index 2bf53ba59..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-NSSPKIXRDNSequence_Duplicate
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Duplicate(rdnseq, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Encode.c b/security/nss/lib/pkix/src/RDNSequence/Encode.c
deleted file mode 100644
index 84ab4db67..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXRDNSequence_Encode
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Encode(rdnseq, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/Equal.c b/security/nss/lib/pkix/src/RDNSequence/Equal.c
deleted file mode 100644
index fe0fa0f07..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXRDNSequence_Equal
-(
- NSSPKIXRDNSequence *one,
- NSSPKIXRDNSequence *two,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_Equal(one, two, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c
deleted file mode 100644
index cb04286d3..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/FindRelativeDistinguishedName.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXRDNSequence_FindRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_FindRelativeDistinguishedName(rdnseq, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c
deleted file mode 100644
index 9b152f4da..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRDNSequence_GetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_GetRelativeDistinguishedName(rdnseq, i, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c b/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c
deleted file mode 100644
index 05b5e89b4..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNameCount.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return -1;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_GetRelativeDistinguishedNameCount(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c
deleted file mode 100644
index 06d419bed..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence. {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXRelativeDistinguishedName
- * pointers upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName **
-NSSPKIXRDNSequence_GetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_GetRelativeDistinguishedNames(rdnseq, rvOpt, limit, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c b/security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c
deleted file mode 100644
index 4519a5ba4..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXRDNSequence_GetUTF8Encoding
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_GetUTF8Encoding(rdnseq, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c
deleted file mode 100644
index 433c2a315..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/InsertRelativeDistinguishedName.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_InsertRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_InsertRelativeDistinguishedName(rdnseq, i, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/MClear.c b/security/nss/lib/pkix/src/RDNSequence/MClear.c
deleted file mode 100644
index 7df7eb099..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_RDNSequence_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RDNSequence_Clear
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != rdnseq->ber ) {
- nss_ZFreeIf(rdnseq->ber->data);
- nss_ZFreeIf(rdnseq->ber);
- }
-
- if( (NSSDER *)NULL != rdnseq->der ) {
- nss_ZFreeIf(rdnseq->der->data);
- nss_ZFreeIf(rdnseq->der);
- }
-
- nss_ZFreeIf(rdnseq->utf8);
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/MCount.c b/security/nss/lib/pkix/src/RDNSequence/MCount.c
deleted file mode 100644
index 649721c9f..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/MCount.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_RDNSequence_Count
- */
-
-NSS_IMPLEMENT void
-nss_pkix_RDNSequence_Count
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXRelativeDistinguishedName **)NULL != rdnseq->rdns);
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rdnseq->rdns ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == rdnseq->count ) {
- PRUint32 i;
- for( i = 0; i < 0xFFFFFFFF; i++ ) {
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdnseq->rdns[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xFFFFFFFF == i ) {
- return;
- }
-#endif /* PEDANTIC */
-
- rdnseq->count = i;
- }
-
- return;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/MVCreate.c b/security/nss/lib/pkix/src/RDNSequence/MVCreate.c
deleted file mode 100644
index caeb1995f..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/MVCreate.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_RDNSequence_v_create
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nss_pkix_RDNSequence_v_create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- va_list ap
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->count = count;
-
- rv->rdns = nss_ZNEWARRAY(arena, NSSPKIXRelativeDistinguishedName *, count);
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rv->rdns ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXRelativeDistinguishedName *v = (NSSPKIXRelativeDistinguishedName *)
- va_arg(ap, NSSPKIXRelativeDistinguishedName *);
-
-#ifdef NSSDEBUG
- /*
- * It's okay to test this down here, since
- * supposedly these have already been checked.
- */
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(v) ) {
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- rv->rdns[i] = nssPKIXRelativeDistinguishedName_Duplicate(v, arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv->rdns[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c
deleted file mode 100644
index 9d1ea4875..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PAppendRelativeDistinguishedName.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_AppendRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_AppendRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- NSSPKIXRelativeDistinguishedName **na;
- NSSPKIXRelativeDistinguishedName *dup;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- na = (NSSPKIXRelativeDistinguishedName **)
- nss_ZRealloc(rdnseq->rdns, ((rdnseq->count+2) *
- sizeof(NSSPKIXRelativeDistinguishedName *)));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == na ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- rdnseq->rdns = na;
-
- dup = nssPKIXRelativeDistinguishedName_Duplicate(rdn, rdnseq->arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == dup ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- na[ rdnseq->count++ ] = dup;
-
- return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PCreate.c b/security/nss/lib/pkix/src/RDNSequence/PCreate.c
deleted file mode 100644
index 0fdc6848f..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PCreate.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXRelativeDistinguishedName *rdn1,
- ...
-)
-{
- va_list ap;
- NSSPKIXRDNSequence *rv;
- PRUint32 count;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- /* Is there a nonzero minimum number of RDNs required? */
-
- {
- va_start(ap, arenaOpt);
-
- while( 1 ) {
- NSSPKIXRelativeDistinguishedName *rdn;
- rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
- break;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- va_end(ap);
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* NSSDEBUG */
-
- va_start(ap, arenaOpt);
-
- for( count = 0; ; count++ ) {
- NSSPKIXRelativeDistinguishedName *rdn;
- rdn = (NSSPKIXRelativeDistinguishedName *)va_arg(ap, NSSPKIXRelativeDistinguishedName *);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdn ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, arenaOpt);
- rv = nss_pkix_RDNSequence_V_Create(arenaOpt, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c b/security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c
deleted file mode 100644
index 0e244cb73..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PCreateFromArray.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXRelativeDistinguishedName *rdns[]
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(&rdns[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->count = count;
-
- rv->rdns = nss_ZNEWARRAY(arena, NSSPKIXRelativeDistinguishedName *, (count+1));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rv->rdns ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXRelativeDistinguishedName *v = rdns[i];
-
- rv->rdns[i] = nssPKIXRelativeDistinguishedName_Duplicate(v, arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv->rdns[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c b/security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c
deleted file mode 100644
index 196332665..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PCreateFromUTF8.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRDNSequence *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /* Insert intelligence here -- fgmr */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PDecode.c b/security/nss/lib/pkix/src/RDNSequence/PDecode.c
deleted file mode 100644
index 557f5bc32..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PDecode.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXRDNSequence *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXRDNSequence_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PDestroy.c b/security/nss/lib/pkix/src/RDNSequence/PDestroy.c
deleted file mode 100644
index 17cc846cf..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_Destroy
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_RDNSequence_remove_pointer(rdnseq);
-#endif /* DEBUG */
-
- if( PR_TRUE == rdnseq->i_allocated_arena ) {
- return nssArena_Destroy(rdnseq->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PDuplicate.c b/security/nss/lib/pkix/src/RDNSequence/PDuplicate.c
deleted file mode 100644
index a57828692..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PDuplicate.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRDNSequence upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRDNSequence *
-nssPKIXRDNSequence_Duplicate
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRDNSequence *rv = (NSSPKIXRDNSequence *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRDNSequence);
- if( (NSSPKIXRDNSequence *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSBER *)NULL != rdnseq->ber ) {
- rv->ber = nssItem_Duplicate(rdnseq->ber, arena, (NSSItem *)NULL);
- if( (NSSBER *)NULL == rv->ber ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL != rdnseq->der ) {
- rv->der = nssItem_Duplicate(rdnseq->der, arena, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- if( (NSSUTF8 *)NULL != rdnseq->utf8 ) {
- rv->utf8 = nssUTF8_duplicate(rdnseq->utf8, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
- }
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- rv->count = rdnseq->count;
-
- rv->rdns = nss_ZNEWARRAY(arena, NSSPKIXRelativeDistinguishedName *, (rv->count+1));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rv->rdns ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXRelativeDistinguishedName *v = rdnseq->rdns[i];
-
- rv->rdns[i] = nssPKIXRelativeDistinguishedName_Duplicate(v, arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv->rdns[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RDNSequence_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRDNSequence *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PEncode.c b/security/nss/lib/pkix/src/RDNSequence/PEncode.c
deleted file mode 100644
index 5700fa099..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PEncode.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXRDNSequence_Encode
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSBER *it;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != rdnseq->ber ) {
- it = rdnseq->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != rdnseq->der ) {
- it = rdnseq->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(rdnseq->arena, (NSSItem *)NULL, rdnseq,
- nssPKIXRDNSequence_template, encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- rdnseq->ber = it;
- break;
- case NSSASN1DER:
- rdnseq->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PEqual.c b/security/nss/lib/pkix/src/RDNSequence/PEqual.c
deleted file mode 100644
index a1dd5af53..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PEqual.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXRDNSequence_Equal
-(
- NSSPKIXRDNSequence *one,
- NSSPKIXRDNSequence *two,
- PRStatus *statusOpt
-)
-{
- NSSPKIXRelativeDistinguishedName **a;
- NSSPKIXRelativeDistinguishedName **b;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* NSSDEBUG */
-
- if( ((NSSDER *)NULL != one->der) && ((NSSDER *)NULL != two->der) ) {
- return nssItem_Equal(one->der, two->der, statusOpt);
- }
-
- /*
- * Since this is a sequence, the order is significant.
- * So we just walk down both lists, comparing.
- */
-
- for( a = one->rdns, b = two->rdns; *a && *b; a++, b++ ) {
- if( PR_FALSE == nssPKIXRelativeDistinguishedName_Equal(*a, *b, statusOpt) ) {
- return PR_FALSE;
- }
- }
-
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_SUCCESS;
- }
-
- if( *a || *b ) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c
deleted file mode 100644
index 8064b9636..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PFindRelativeDistinguishedName.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_FindRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRDNSequence_FindRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- PRUint32 i;
- NSSPKIXRelativeDistinguishedName **a;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- for( i = 0, a = rdnseq->rdns; *a; a++, (i > 0x7fffffff) || i++ ) {
- if( PR_TRUE == nssPKIXRelativeDistinguishedName_Equal(*a, rdn) ) {
- if( i > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
- return (PRInt32)i;
- }
- }
-
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c
deleted file mode 100644
index 7ea20d259..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRDNSequence_GetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (i < 0) || (i >= rdnseq->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- return nssPKIXRelativeDistinguishedName_Duplicate(rdnseq->rdns[i], arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c b/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c
deleted file mode 100644
index a01077db1..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNameCount.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRDNSequence_GetRelativeDistinguishedNameCount
-(
- NSSPKIXRDNSequence *rdnseq
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return -1;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-#endif /* PEDANTIC */
-
- if( rdnseq->count > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-
- return (PRInt32)(rdnseq->count);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c
deleted file mode 100644
index 115480dfd..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetRelativeDistinguishedNames
- *
- * This routine returns all of the relative distinguished names in the
- * specified RDN Sequence. {...} If the array is allocated, or if the
- * specified one has extra space, the array will be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXRelativeDistinguishedName
- * pointers upon success
- * NULL upon failure.
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName **
-nssPKIXRDNSequence_GetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- NSSPKIXRelativeDistinguishedName **rv = (NSSPKIXRelativeDistinguishedName **)NULL;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (limit < rdnseq->count) &&
- !((0 == limit) && ((NSSPKIXRelativeDistinguishedName **)NULL == rvOpt)) ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
-
- limit = rdnseq->count;
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rvOpt ) {
- rv = nss_ZNEWARRAY(arenaOpt, NSSPKIXRelativeDistinguishedName *, limit);
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rv ) {
- return (NSSPKIXRelativeDistinguishedName **)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- for( i = 0; i < limit; i++ ) {
- rv[i] = nssPKIXRelativedistinguishedName_Duplicate(rdnseq->rdns[i], arenaOpt);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv[i] ) {
- goto loser;
- }
- }
-
- return rv;
-
- loser:
- for( i = 0; i < limit; i++ ) {
- NSSPKIXRelativeDistinguishedName *x = rv[i];
- if( (NSSPKIXRelativeDistinguishedName *)NULL == x ) {
- break;
- }
- (void)nssPKIXRelativeDistinguishedName_Destroy(x);
- }
-
- if( rv != rvOpt ) {
- nss_ZFreeIf(rv);
- }
-
- return (NSSPKIXRelativeDistinguishedName **)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c
deleted file mode 100644
index 2250bf960..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXRDNSequence_GetUTF8Encoding
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == rdnseq->utf8 ) {
- /* xxx fgmr fill this in from pki1 implementation */
- }
-
- return nssUTF8_Duplicate(rdnseq->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c
deleted file mode 100644
index 213866694..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PInsertRelativeDistinguishedName.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_InsertRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_InsertRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- NSSPKIXRelativeDistinguishedName **na;
- NSSPKIXRelativeDistinguishedName *dup;
- PRInt32 c;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (i < 0) || (i >= rdnseq->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- na = (NSSPKIXRelativeDistinguishedName **)
- nss_ZRealloc(rdnseq->rdns, ((rdnseq->count+2) *
- sizeof(NSSPKIXRelativeDistinguishedName *)));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == na ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- rdnseq->rdns = na;
-
- dup = nssPKIXRelativeDistinguishedName_Duplicate(rdn, rdnseq->arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == dup ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- for( c = rdnseq->count; c > i; c-- ) {
- na[ c ] = na[ c-1 ];
- }
-
- na[ i ] = dup;
- rdnseq->count++;
-
- return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c
deleted file mode 100644
index 447620c77..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PRemoveRelativeDistinguishedName.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i
-)
-{
- NSSPKIXRelativeDistinguishedName **na;
- PRInt32 c;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (i < 0) || (i >= rdnseq->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- nssPKIXRelativeDistinguishedName_Destroy(rdnseq->rdns[i]);
-
- rdnseq->rdns[i] = rdnseq->rdns[ rdnseq->count ];
- rdnseq->rdns[ rdnseq->count ] = (NSSPKIXRelativeDistinguishedName *)NULL;
- rdnseq->count--;
-
- na = (NSSPKIXRelativeDistinguishedName **)
- nss_ZRealloc(rdnseq->rdns, ((rdnseq->count) *
- sizeof(NSSPKIXRelativeDistinguishedName *)));
- if( (NSSPKIXRelativeDistinguishedName **)NULL == na ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- rdnseq->rdns = na;
-
- return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c
deleted file mode 100644
index 5c8123266..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- NSSPKIXRelativeDistinguishedName *dup;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdnseq->count ) {
- nss_pkix_RDNSequence_Count(rdnseq);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdnseq->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (i < 0) || (i >= rdnseq->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- dup = nssPKIXRelativeDistinguishedName_Duplicate(rdn, rdnseq->arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == dup ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- nssPKIXRelativeDistinguishedName_Destroy(rdnseq->rdns[i]);
- rdnseq->rdns[i] = dup;
-
- return nss_pkix_RDNSequence_Clear(rdnseq);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c
deleted file mode 100644
index b0320a4b7..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/PSetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_SetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdns[],
- PRInt32 countOpt
-)
-{
- NSSPKIXRelativeDistinguishedName **ip;
- NSSPKIXRelativeDistinguishedName **newarray;
- PRUint32 i;
- nssArenaMark *mark;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rdns ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- {
- PRUint32 i, count;
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0x80000000; i++ ) {
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdns[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0x80000000 == i ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- count = (PRUint32)i;
- } else {
- if( countOpt < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- count = (PRUint32)countOpt;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdns[i]) ) {
- return PR_FAILURE;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- mark = nssArena_Mark(rdnseq->mark);
- if( (nssArenaMark *)NULL == mark ) {
- return PR_FAILURE;
- }
-
- newarray = nss_ZNEWARRAY(rdnseq->arena, NSSPKIXRelativeDistinguishedName *, countOpt);
- if( (NSSPKIXRelativeDistinguishedName **)NULL == newarray ) {
- goto loser;
- }
-
- for( i = 0; i < countOpt; i++ ) {
- newarray[i] = nssPKIXRelativeDistinguishedName_Duplicate(rdns[i], rdnseq->arena);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == newarray[i] ) {
- goto loser;
- }
- }
-
- for( i = 0; i < rdnseq->count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_Destroy(rdnseq->rdns[i]) ) {
- goto loser;
- }
- }
-
- nss_ZFreeIf(rdnseq->rdns);
-
- rdnseq->count = countOpt;
- rdnseq->rdns = newarray;
-
- (void)nss_pkix_RDNSequence_Clear(rdnseq);
-
- return nssArena_Unmark(rdnseq->arena, mark);
-
- loser:
- (void)nssArena_Release(a->arena, mark);
- return PR_FAILURE;
-}
-
diff --git a/security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c
deleted file mode 100644
index 141ab7f37..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/RemoveRelativeDistinguishedName.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_RemoveRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_RemoveRelativeDistinguishedName(rdnseq, i);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c b/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c
deleted file mode 100644
index 7484eb55d..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedName.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedName
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedName
-(
- NSSPKIXRDNSequence *rdnseq,
- PRInt32 i,
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_SetRelativeDistinguishedName(rdnseq, i, rdn);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c b/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c
deleted file mode 100644
index 40e7c8247..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/SetRelativeDistinguishedNames.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRDNSequence_SetRelativeDistinguishedNames
- *
- * -- fgmr comments --
- * If the array pointer itself is null, the set is considered empty.
- * If the count is zero but the pointer nonnull, the array will be
- * assumed to be null-terminated.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN_SEQUENCE
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRDNSequence_SetRelativeDistinguishedNames
-(
- NSSPKIXRDNSequence *rdnseq,
- NSSPKIXRelativeDistinguishedName *rdns[],
- PRInt32 countOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRDNSequence_verifyPointer(rdnseq) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXRelativeDistinguishedName **)NULL == rdns ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- {
- PRUint32 i, count;
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0x80000000; i++ ) {
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rdns[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0x80000000 == i ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- count = (PRUint32)i;
- } else {
- if( countOpt < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- count = (PRUint32)countOpt;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdns[i]) ) {
- return PR_FAILURE;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRDNSequence_SetRelativeDistinguishedNames(rdnseq, rdns, countOpt);
-}
diff --git a/security/nss/lib/pkix/src/RDNSequence/template.c b/security/nss/lib/pkix/src/RDNSequence/template.c
deleted file mode 100644
index ff5bbc0ba..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/template.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRDNSequence_template
- *
- */
-
-const nssASN1Template nssPKIXRDNSequence_template[] = {
- { nssASN1_SEQUENCE_OF, offsetof(NSSPKIXRDNSequence, rdns),
- nssPKIXRelativeDistinguishedName_template },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/RDNSequence/verifyPointer.c b/security/nss/lib/pkix/src/RDNSequence/verifyPointer.c
deleted file mode 100644
index 47a53a5c4..000000000
--- a/security/nss/lib/pkix/src/RDNSequence/verifyPointer.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_rdnseq_pointer_tracker;
-
-/*
- * nss_pkix_RDNSequence_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXRDNSequence pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RDNSequence_add_pointer
-(
- const NSSPKIXRDNSequence *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_rdnseq_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_rdnseq_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(arena,
- nss_pkix_RDNSequence_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_RDNSequence_remove_pointer(p);
- return rv;
- }
-
-#ifdef NSSDEBUG
- {
- NSSPKIXRelativeDistinguishedName *r;
-
- for( r = p->rdns; *r; r++ ) {
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(*r) ) {
- (void)nss_pkix_RDNSequence_remove_pointer(p);
- return PR_FAILURE;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_RDNSequence_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXRDNSequence
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RDNSequence_remove_pointer
-(
- const NSSPKIXRDNSequence *p
-)
-{
- PRStatus rv;
-
-#ifdef NSSDEBUG
- {
- NSSPKIXRelativeDistinguishedName *r;
-
- for( r = p->rdns; *r; r++ ) {
- (void)nss_pkix_RelativeDistinguishedName_remove_pointer(*r);
- }
- }
-#endif /* NSSDEBUG */
-
- rv = nssPointerTracker_remove(&pkix_rdnseq_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_RDNSequence_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXRDNSequence_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRDNSequence
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRDNSequence_verifyPointer
-(
- NSSPKIXRDNSequence *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_rdnseq_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_rdnseq_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c
deleted file mode 100644
index efb142396..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/AddAttributeTypeAndValue.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue(rdn, atav);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c
deleted file mode 100644
index 52e139c69..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Create.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeTypeAndValue *atav1,
- ...
-)
-{
- va_list ap;
- NSSPKIXRelativeDistinguishedName *rv;
- PRUint32 count;
-
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- /* Is there a nonzero minimum number of ATAVs required? */
-
- {
- va_start(ap, arenaOpt);
-
- while( 1 ) {
- NSSPKIXAttributeTypeAndValue *atav;
- atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
- break;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- va_end(ap);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* DEBUG */
-
- va_start(ap, arenaOpt);
-
- for( count = 0; ; count++ ) {
- NSSPKIXAttributeTypeAndValue *atav;
- atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, arenaOpt);
- rv = nss_pkix_RelativeDistinguishedName_V_Create(arenaOpt, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c
deleted file mode 100644
index 0c01be4da..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromArray.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXAttributeTypeAndValue *atavs[]
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssAttributeTypeAndValue_verifyPointer(&atavs[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_CreateFromArray(arenaOpt, count, atavs);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c
deleted file mode 100644
index 990b7acd2..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/CreateFromUTF8.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_CreateFromUTF8(arenaOpt, string);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c
deleted file mode 100644
index b8d0b243a..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c
deleted file mode 100644
index ca8b1e85f..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_Destroy
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Destroy(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c
deleted file mode 100644
index 416b405e8..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Duplicate.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-NSSPKIXRelativeDistinguishedName_Duplicate
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Duplicate(rdn, arenaOpt);
-}
-
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c
deleted file mode 100644
index ea6b82a55..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Encode.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXRelativeDistinguishedName_Encode
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Encode(rdn, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c
deleted file mode 100644
index 3e4a3fc3e..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/Equal.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_EXTERN PRBool
-NSSPKIXRelativeDistinguishedName_Equal
-(
- NSSPKIXRelativeDistinguishedName *one,
- NSSPKIXRelativeDistinguishedName *two,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(one) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(two) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_Equal(one, two, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c
deleted file mode 100644
index 65032b1c1..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/FindAttributeTypeAndValue.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_EXTERN PRInt32
-NSSPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue(rdn, atav);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c
deleted file mode 100644
index 1a58bd132..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue(rdn, i, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c
deleted file mode 100644
index 1209e726c..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValueCount.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return -1;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount(rdn);
-}
-
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c
deleted file mode 100644
index 7efc30173..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttributeTypeAndValue
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue **
-NSSPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues(rdn, rvOpt, limit, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c
deleted file mode 100644
index 9c428ae40..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/GetUTF8Encoding.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_GetUTF8Encoding(rdn, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c
deleted file mode 100644
index 2b1a93820..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/MClear.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nss_pkix_RelativeDistinguishedName_Clear
- *
- * Wipes out cached data.
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RelativeDistinguishedName_Clear
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSBER *)NULL != rdn->ber ) {
- nss_ZFreeIf(rdn->ber->data);
- nss_ZFreeIf(rdn->ber);
- }
-
- if( (NSSDER *)NULL != rdn->der ) {
- nss_ZFreeIf(rdn->der->data);
- nss_ZFreeIf(rdn->der);
- }
-
- nss_ZFreeIf(rdn->utf8);
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c
deleted file mode 100644
index 23d976160..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/MCount.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_RelativeDistinguishedName_Count
- */
-
-NSS_IMPLEMENT void
-nss_pkix_RelativeDistinguishedName_Count
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == rdn->count ) {
- PRUint32 i;
- for( i = 0; i < 0xFFFFFFFF; i++ ) {
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rdn->atavs[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xFFFFFFFF == i ) {
- return;
- }
-#endif /* PEDANTIC */
-
- rdn->count = i;
- }
-
- return;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c
deleted file mode 100644
index c40a4b6e7..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/MVCreate.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_RelativeDistinguishedName_v_create
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_OID
- * NSS_ERROR_INVALID_ITEM
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure.
- */
-
-NSS_EXTERN NSSPKIXRelativeDistinguishedName *
-nss_pkix_RelativeDistinguishedName_V_Create
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- va_list ap
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->count = count;
-
- rv->atav = nss_ZNEWARRAY(arena, NSSPKIXAttributeTypeAndValue *, count);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rv->atav ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXAttributeTypeAndValue *v = (NSSPKIXAttributeTypeAndValue *)
- va_arg(ap, NSSPKIXAttributeTypeAndValue *);
-
-#ifdef NSSDEBUG
- /*
- * It's okay to test this down here, since
- * supposedly these have already been checked.
- */
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(v) ) {
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- rv->atav[i] = nssPKIXAttributeTypeAndValue_Duplicate(v, arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv->atav[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_RelativeDistinguishedName_remove_pointer, rv) ) {
- (void)nss_pkix_RelativeDistinguishedName_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c
deleted file mode 100644
index 68541d17e..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PAddAttributeTypeAndValue.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_AddAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- PRUint32 newcount;
- NSSPKIXAttributeTypeAndValue **newarray;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
- newcount = rdn->count+1;
- /* Check newcount for a rollover. */
-
- /* Remember that our atavs array is NULL-terminated */
- newarray = (NSSPKIXAttributeTypeAndValue **)nss_ZRealloc(rdn->atavs,
- ((newcount+1) * sizeof(NSSPKIXAttributeTypeAndValue *)));
- if( (NSSPKIXAttributeTypeAndValue **)NULL == newarray ) {
- return PR_FAILURE;
- }
-
- rdn->atavs = newarray;
-
- rdn->atavs[ rdn->count ] = nssPKIXAttributeTypeAndValue_Duplicate(atav, rdn->arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rdn->atavs[ rdn->count ] ) {
- return PR_FAILURE; /* array is "too big" but whatever */
- }
-
- rdn->count = newcount;
-
- return nss_pkix_RelativeDistinguishedName_Clear(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c
deleted file mode 100644
index a3a1f7315..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreate.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Create
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Create
-(
- NSSArena *arenaOpt,
- NSSPKIXAttributeTypeAndValue *atav1,
- ...
-)
-{
- va_list ap;
- NSSPKIXRelativeDistinguishedName *rv;
- PRUint32 count;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- /* Is there a nonzero minimum number of ATAVs required? */
-
- {
- va_start(ap, arenaOpt);
-
- while( 1 ) {
- NSSPKIXAttributeTypeAndValue *atav;
- atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
- break;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- va_end(ap);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- va_end(ap);
- }
-#endif /* NSSDEBUG */
-
- va_start(ap, arenaOpt);
-
- for( count = 0; ; count++ ) {
- NSSPKIXAttributeTypeAndValue *atav;
- atav = (NSSPKIXAttributeTypeAndValue *)va_arg(ap, NSSPKIXAttributeTypeAndValue *);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav ) {
- break;
- }
-
-#ifdef PEDANTIC
- if( count == 0xFFFFFFFF ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- va_end(ap);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-#endif /* PEDANTIC */
- }
-
- va_end(ap);
-
- va_start(ap, arenaOpt);
- rv = nss_pkix_RelativeDistinguishedName_V_Create(arenaOpt, count, ap);
- va_end(ap);
-
- return rv;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c
deleted file mode 100644
index fa7e27eed..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromArray.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromArray
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromArray
-(
- NSSArena *arenaOpt,
- PRUint32 count,
- NSSPKIXAttributeTypeAndValue *atavs
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- {
- PRUint32 i;
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssAttributeTypeAndValue_verifyPointer(&atavs[i]) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->count = count;
-
- rv->atav = nss_ZNEWARRAY(arena, NSSPKIXAttributeTypeAndValue *, count);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rv->atav ) {
- goto loser;
- }
-
- for( i = 0; i < count; i++ ) {
- NSSPKIXAttributeTypeAndValue *v = atavs[i];
-
- rv->atav[i] = nssPKIXAttributeTypeAndValue_Duplicate(v, arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv->atav[i] ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c
deleted file mode 100644
index 2f2f995be..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PCreateFromUTF8.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_CreateFromUTF8
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_UNKNOWN_ATTRIBUTE
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *string
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == string ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->utf8 = nssUTF8_Duplicate(string, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /* Insert intelligence here -- fgmr */
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c
deleted file mode 100644
index ad1766280..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDecode.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXRelativeDistinguishedName_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c
deleted file mode 100644
index 94b8fcf00..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDestroy.c
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Destroy
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_Destroy
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_RelativeDistinguishedName_remove_pointer(rdn);
-#endif /* DEBUG */
-
- if( PR_TRUE == rdn->i_allocated_arena ) {
- return nssArena_Destroy(rdn->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c
deleted file mode 100644
index 0277b7b01..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PDuplicate.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Duplicate
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXRelativeDistinguishedName upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXRelativeDistinguishedName *
-nssPKIXRelativeDistinguishedName_Duplicate
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXRelativeDistinguishedName *rv = (NSSPKIXRelativeDistinguishedName *)NULL;
- PRStatus status;
- PRUint32 i;
- NSSPKIXAttributeTypeAndValue **from, **to;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXRelativeDistinguishedName *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXRelativeDistinguishedName);
- if( (NSSPKIXRelativeDistinguishedName *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- if( (NSSDER *)NULL != rdn->der ) {
- rv->der = nssItem_Duplicate(rdn->der, arena, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- if( (NSSBER *)NULL != rdn->ber ) {
- rv->ber = nssItem_Duplicate(rdn->ber, arena, (NSSItem *)NULL);
- if( (NSSBER *)NULL == rv->ber ) {
- goto loser;
- }
- }
-
- if( (NSSUTF8 *)NULL != rdn->utf8 ) {
- rv->utf8 = nssUTF8_Duplicate(rdn->utf8, arena);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
- }
-
- rv->count = rdn->count;
-
- {
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- if( 0 == rdn->count ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- goto loser;
- }
-
- rv->count = rdn->count; /* might as well save it */
- }
-
- rv->atavs = nss_ZNEWARRAY(arena, NSSPKIXAttributeTypeAndValue *, rdn->count + 1);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv->atavs ) {
- goto loser;
- }
- }
-
- for( from = &rdn->atavs[0], to = &rv->atavs[0]; *from; from++, to++ ) {
- *to = nssPKIXAttributeTypeAndValue_Duplicate(*from, arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == *to ) {
- goto loser;
- }
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_RelativeDistinguishedName_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXRelativeDistinguishedName *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c
deleted file mode 100644
index d2af9470b..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEncode.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Encode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXRelativeDistinguishedName_Encode
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- NSSBER *it;
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- switch( encoding ) {
- case NSSASN1BER:
- if( (NSSBER *)NULL != rdn->ber ) {
- it = rdn->ber;
- goto done;
- }
- /*FALLTHROUGH*/
- case NSSASN1DER:
- if( (NSSDER *)NULL != rdn->der ) {
- it = rdn->der;
- goto done;
- }
- break;
- default:
- nss_SetError(NSS_ERROR_UNSUPPORTED_ENCODING);
- return (NSSBER *)NULL;
- }
-
- it = nssASN1_EncodeItem(rdn->arena, (NSSItem *)NULL, rdn,
- nssPKIXRelativeDistinguishedName_template,
- encoding);
- if( (NSSBER *)NULL == it ) {
- return (NSSBER *)NULL;
- }
-
- switch( encoding ) {
- case NSSASN1BER:
- rdn->ber = it;
- break;
- case NSSASN1DER:
- rdn->der = it;
- break;
- default:
- PR_ASSERT(0);
- break;
- }
-
- done:
- return nssItem_Duplicate(it, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c
deleted file mode 100644
index 2ac566a8b..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PEqual.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_Equal
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXRelativeDistinguishedName_Equal
-(
- NSSPKIXRelativeDistinguishedName *one,
- NSSPKIXRelativeDistinguishedName *two,
- PRStatus *statusOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(one) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(two) ) {
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSDER *)NULL == one->der ) {
- one->der = nssASN1_EncodeItem(one->arena, (NSSItem *)NULL, one,
- nssPKIXRelativeDistinguishedName_template,
- NSSASN1DER);
- if( (NSSDER *)NULL == one->der ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL == two->der ) {
- two->der = nssASN1_EncodeItem(two->arena, (NSSItem *)NULL, two,
- nssPKIXRelativeDistinguishedName_template,
- NSSASN1DER);
- if( (NSSDER *)NULL == two->der ) {
- goto loser;
- }
- }
-
- return nssItem_Equal(one->der, two->der, statusOpt);
-
- loser:
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c
deleted file mode 100644
index ee7c55e10..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PFindAttributeTypeAndValue.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NOT_FOUND
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * The index of the specified attribute value upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRelativeDistinguishedName_FindAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- PRUint32 i;
- NSSPKIXAttributeTypeAndValue **a;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return -1;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return -1;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return -1;
- }
-
- for( i = 0, a = rdn->atavs; *a; a++, (i > 0x7fffffff) || i++ ) {
- if( PR_TRUE == nssPKIXAttributeTypeAndValue_Equal(*a, atav) ) {
- if( i > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
- return (PRInt32)i;
- }
- }
-
- nss_SetError(NSS_ERROR_NOT_FOUND);
- return -1;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c
deleted file mode 100644
index 22c3abac6..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXAttributeTypeAndValue upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue *
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
- if( (i < 0) || (i >= rdn->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXAttributeTypeAndValue *)NULL;
- }
-
- return nssPKIXAttributeTypeAndValue_Duplicate(rdn->atavs[i], arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c
deleted file mode 100644
index df8e1b48e..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValueCount.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- *
- * Return value:
- * Nonnegative integer upon success
- * -1 upon failure.
- */
-
-NSS_IMPLEMENT PRInt32
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValueCount
-(
- NSSPKIXRelativeDistinguishedName *rdn
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return -1;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdn->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-#endif /* PEDANTIC */
-
- if( rdn->count > 0x7fffffff ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return -1;
- }
-
- return (PRInt32)(rdn->count);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c
deleted file mode 100644
index 7675d5ad3..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_ARRAY_TOO_SMALL
- *
- * Return value:
- * A valid pointer to an array of NSSPKIXAttributeTypeAndValue
- * pointers upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXAttributeTypeAndValue **
-nssPKIXRelativeDistinguishedName_GetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *rvOpt[],
- PRInt32 limit,
- NSSArena *arenaOpt
-)
-{
- NSSPKIXAttributeTypeAndValue **rv = (NSSPKIXAttributeTypeAndValue **)NULL;
- PRUint32 i;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyOpt(attribute) ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
-#ifdef PEDANTIC
- if( 0 == rdn->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
-#endif /* PEDANTIC */
-
- if( (limit < rdn->count) &&
- !((0 == limit) && ((NSSPKIXAttributeTypeAndValue **)NULL == rvOpt)) ) {
- nss_SetError(NSS_ERROR_ARRAY_TOO_SMALL);
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
-
- limit = rdn->count;
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rvOpt ) {
- rv = nss_ZNEWARRAY(arenaOpt, NSSPKIXAttributeTypeAndValue *, limit);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rv ) {
- return (NSSPKIXAttributeTypeAndValue **)NULL;
- }
- } else {
- rv = rvOpt;
- }
-
- for( i = 0; i < limit; i++ ) {
- rv[i] = nssPKIXAttributeTypeAndValue_Duplicate(rdn->atav[i], arenaOpt);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == rv[i] ) {
- goto loser;
- }
- }
-
- return rv;
-
- loser:
- for( i = 0; i < limit; i++ ) {
- NSSPKIXAttributeTypeAndValue *x = rv[i];
- if( (NSSPKIXAttributeTypeAndValue *)NULL == x ) {
- break;
- }
- (void)nssPKIXAttributeTypeAndValue_Destroy(x);
- }
-
- if( rv != rvOpt ) {
- nss_ZFreeIf(rv);
- }
-
- return (NSSPKIXAttributeTypeAndValue **)NULL;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c
deleted file mode 100644
index 01abf228c..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_GetUTF8Encoding
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ARENA
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSUTF8 pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXRelativeDistinguishedName_GetUTF8Encoding
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == rdn->utf8 ) {
- /* xxx fgmr fill this in from pki1 implementation */
- }
-
- return nssUTF8_Duplicate(rdn->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c
deleted file mode 100644
index 84b5cc819..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PRemoveAttributeTypeAndValue.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
- if( i < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- /* Is there a technical minimum? */
- /*
- * if( 1 == rdn->count ) {
- * nss_SetError(NSS_ERROR_AT_MINIMUM);
- * return PR_FAILURE;
- * }
- */
-
-#ifdef PEDANTIC
- if( 0 == rdn->count ) {
- NSSPKIXAttributeTypeAndValue **ip;
- /* Too big.. but we can still remove one */
- nssPKIXAttributeTypeAndValue_Destroy(rdn->atavs[i]);
- for( ip = &rdn->atavs[i]; *ip; ip++ ) {
- ip[0] = ip[1];
- }
- } else
-#endif /* PEDANTIC */
-
- {
- NSSPKIXAttributeTypeAndValue *si;
- PRUint32 end;
-
- if( i >= rdn->count ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- end = rdn->count - 1;
-
- si = rdn->atavs[i];
- rdn->atavs[i] = rdn->atavs[end];
- rdn->atavs[end] = (NSSPKIXAttributeTypeAndValue *)NULL;
-
- nssPKIXAttributeTypeAndValue_Destroy(si);
-
- /* We could realloc down, but we know it's a no-op */
- rdn->count = end;
- }
-
- return nss_pkix_RelativeDistinguishedName_Clear(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c
deleted file mode 100644
index 01439e2e7..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- NSSPKIXAttributeTypeAndValue *dup;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- PR_ASSERT((NSSPKIXAttributeTypeAndValue **)NULL != rdn->atavs);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == rdn->atavs ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- return PR_FAILURE;
- }
-
- if( 0 == rdn->count ) {
- nss_pkix_RelativeDistinguishedName_Count(rdn);
- }
-
- if( (i < 0) || (i >= rdn->count) ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- dup = nssPKIXAttributeTypeAndValue_Duplicate(atav, rdn->arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == dup ) {
- return PR_FAILURE;
- }
-
- nssPKIXAttributeTypeAndValue_Destroy(rdn->atavs[i]);
- rdn->atavs[i] = dup;
-
- return nss_pkix_RelativeDistinguishedName_Clear(rdn);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c
deleted file mode 100644
index 839839ea2..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/PSetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atavs[],
- PRInt32 countOpt
-)
-{
- NSSPKIXAttributeTypeAndValue **ip;
- NSSPKIXAttributeTypeAndValue **newarray;
- PRUint32 i;
- nssArenaMark *mark;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXAttributeTypeAndValues **)NULL == atavs ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- {
- PRUint32 i, count;
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0x80000000; i++ ) {
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atav[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0x80000000 == i ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- count = (PRUint32)i;
- } else {
- if( countOpt < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- count = (PRUint32)countOpt;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav[i]) ) {
- return PR_FAILURE;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0xffffffff; i++ ) {
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atavs[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0xffffffff == 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- reutrn PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- countOpt = i;
- }
-
- mark = nssArena_Mark(rdn->mark);
- if( (nssArenaMark *)NULL == mark ) {
- return PR_FAILURE;
- }
-
- newarray = nss_ZNEWARRAY(rdn->arena, NSSPKIXAttributeTypeAndValue *, countOpt);
- if( (NSSPKIXAttributeTypeAndValue **)NULL == newarray ) {
- goto loser;
- }
-
- for( i = 0; i < countOpt; i++ ) {
- newarray[i] = nssPKIXAttributeTypeAndValue_Duplicate(atavs[i], rdn->arena);
- if( (NSSPKIXAttributeTypeAndValue *)NULL == newarray[i] ) {
- goto loser;
- }
- }
-
- for( i = 0; i < rdn->count; i++ ) {
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_Destroy(rdn->atavs[i]) ) {
- goto loser;
- }
- }
-
- nss_ZFreeIf(rdn->atavs);
-
- rdn->count = countOpt;
- rdn->atavs = newarray;
-
- (void)nss_pkix_RelativeDistinguishedName_Clear(rdn);
-
- return nssArena_Unmark(rdn->arena, mark);
-
- loser:
- (void)nssArena_Release(a->arena, mark);
- return PR_FAILURE;
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c
deleted file mode 100644
index b9f1deb66..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/RemoveAttributeTypeAndValue.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_AT_MINIMUM
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_RemoveAttributeTypeAndValue(rdn, i);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c
deleted file mode 100644
index fa2224a6b..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValue.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_VALUE_OUT_OF_RANGE
- * NSS_ERROR_INVALID_PKIX_ATAV
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValue
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- PRInt32 i,
- NSSPKIXAttributeTypeAndValue *atav
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atav) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValue(rdn, i, atav);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c
deleted file mode 100644
index c6a8f0434..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/SetAttributeTypeAndValues.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_RDN
- * NSS_ERROR_INVALID_POINTER
- * NSS_ERROR_INVALID_ATAV
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-NSSPKIXRelativeDistinguishedName_SetAttributeTypeAndValues
-(
- NSSPKIXRelativeDistinguishedName *rdn,
- NSSPKIXAttributeTypeAndValue *atavs[],
- PRInt32 countOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXRelativeDistinguishedName_verifyPointer(rdn) ) {
- return PR_FAILURE;
- }
-
- if( (NSSPKIXAttributeTypeAndValue **)NULL == atavs ) {
- nss_SetError(NSS_ERROR_INVALID_POINTER);
- return PR_FAILURE;
- }
-
- {
- PRUint32 i, count;
-
- if( 0 == countOpt ) {
- for( i = 0; i < 0x80000000; i++ ) {
- if( (NSSPKIXAttributeTypeAndValue *)NULL == atavs[i] ) {
- break;
- }
- }
-
-#ifdef PEDANTIC
- if( 0x80000000 == i ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-#endif /* PEDANTIC */
-
- count = (PRUint32)i;
- } else {
- if( countOpt < 0 ) {
- nss_SetError(NSS_ERROR_VALUE_OUT_OF_RANGE);
- return PR_FAILURE;
- }
-
- count = (PRUint32)countOpt;
- }
-
- for( i = 0; i < count; i++ ) {
- if( PR_SUCCESS != nssPKIXAttributeTypeAndValue_verifyPointer(atavs[i]) ) {
- return PR_FAILURE;
- }
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXRelativeDistinguishedName_SetAttributeTypeAndValues(rdn, atavs, countOpt);
-}
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/template.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/template.c
deleted file mode 100644
index fff01836a..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/template.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXRelativeDistinguishedName_template
- *
- */
-
-const nssASN1Template nssPKIXRelativeDistinguishedName_template[] = {
- { nssASN1_SET_OF, offsetof(NSSPKIXRelativeDistinguishedName, atavs),
- nssPKIXAttributeTypeAndValue_template,
- sizeof(NSSPKIXRelativeDistinguishedName) }
-};
diff --git a/security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c b/security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c
deleted file mode 100644
index d7274abae..000000000
--- a/security/nss/lib/pkix/src/RelativeDistinguishedName/verifyPointer.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_rdn_pointer_tracker;
-
-/*
- * nss_pkix_RelativeDistinguishedName_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXRelativeDistinguishedName pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RelativeDistinguishedName_add_pointer
-(
- const NSSPKIXRelativeDistinguishedName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_rdn_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_rdn_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- rv = nssArena_registerDestructor(p->arena,
- nss_pkix_RelativeDistinguishedName_remove_pointer, p);
- if( PR_SUCCESS != rv ) {
- (void)nss_pkix_RelativeDistinguishedName_remove_pointer(p);
- return rv;
- }
-
-#ifdef NSSDEBUG
- {
- NSSPKIXAttributeTypeAndValue *a;
-
- for( a = p->atavs; *a; a++ ) {
- if( PR_SUCCESS != nss_pkix_AttributeTypeAndValue_add_pointer(*a) ) {
- nss_pkix_RelativeDistinguishedName_remove_pointer(p);
- return PR_FAILURE;
- }
- }
- }
-#endif /* NSSDEBUG */
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_RelativeDistinguishedName_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXRelativeDistinguishedName
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_RelativeDistinguishedName_remove_pointer
-(
- const NSSPKIXRelativeDistinguishedName *p
-)
-{
- PRStatus rv;
-
-#ifdef NSSDEBUG
- {
- NSSPKIXAttributeTypeAndValue *a;
-
- for( a = p->atavs; *a; a++ ) {
- (void)nss_pkix_AttributeTypeAndValue_remove_pointer(*a);
- }
- }
-#endif /* NSSDEBUG */
-
- rv = nssPointerTracker_remove(&pkix_rdn_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- /*
- * nssArena_deregisterDestructor(p->arena,
- * nss_pkix_RelativeDistinguishedName_remove_pointer, p);
- */
-
- return rv;
-}
-
-/*
- * nssPKIXRelativeDistinguishedName_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXRelativeDistinguishedName
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_ATTRIBUTE
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXRelativeDistinguishedName_verifyPointer
-(
- NSSPKIXRelativeDistinguishedName *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_rdn_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_rdn_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_ATTRIBUTE);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
-
diff --git a/security/nss/lib/pkix/src/Time/Compare.c b/security/nss/lib/pkix/src/Time/Compare.c
deleted file mode 100644
index 6a125d6c6..000000000
--- a/security/nss/lib/pkix/src/Time/Compare.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Compare
- *
- * Usual result: -1, 0, 1
- * Returns 0 on error
- */
-
-NSS_IMPLEMENT PRInt32
-NSSPKIXTime_Compare
-(
- NSSPKIXTime *time1,
- NSSPKIXTime *tiem2,
- PRStatus *statusOpt
-)
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return 0;
- }
-
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return 0;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Compare(time1, time2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/CreateFromPRTime.c b/security/nss/lib/pkix/src/Time/CreateFromPRTime.c
deleted file mode 100644
index 909adb14e..000000000
--- a/security/nss/lib/pkix/src/Time/CreateFromPRTime.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-NSSPKIXTime_CreateFromPRTime
-(
- NSSArena *arenaOpt,
- PRTime prTime
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_CreateFromPRTime(arenaOpt, prTime);
-}
diff --git a/security/nss/lib/pkix/src/Time/CreateFromUTF8.c b/security/nss/lib/pkix/src/Time/CreateFromUTF8.c
deleted file mode 100644
index 469741ac6..000000000
--- a/security/nss/lib/pkix/src/Time/CreateFromUTF8.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_EXTERN NSSPKIXTime *
-NSSPKIXTime_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == utf8 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXTime *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_CreateFromUTF8(arenaOpt, utf8);
-}
diff --git a/security/nss/lib/pkix/src/Time/Decode.c b/security/nss/lib/pkix/src/Time/Decode.c
deleted file mode 100644
index 948dc0b93..000000000
--- a/security/nss/lib/pkix/src/Time/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-NSSPKIXTime_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXTime *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/Time/Destroy.c b/security/nss/lib/pkix/src/Time/Destroy.c
deleted file mode 100644
index d694850ef..000000000
--- a/security/nss/lib/pkix/src/Time/Destroy.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Destroy
- *
- */
-
-NSS_IMPLEMENT PR_STATUS
-NSSPKIXTime_Destroy
-(
- NSSPKIXTime *time
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return PR_FAILURE;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Destroy(time);
-}
diff --git a/security/nss/lib/pkix/src/Time/Duplicate.c b/security/nss/lib/pkix/src/Time/Duplicate.c
deleted file mode 100644
index dee6f61e9..000000000
--- a/security/nss/lib/pkix/src/Time/Duplicate.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Duplicate
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-NSSPKXITime_Duplicate
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (NSSPKXITime *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Duplicate(time, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/Encode.c b/security/nss/lib/pkix/src/Time/Encode.c
deleted file mode 100644
index 9063e4f3a..000000000
--- a/security/nss/lib/pkix/src/Time/Encode.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Encode
- *
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXTime_Encode
-(
- NSSPKIXTime *time,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Encode(time, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/Equal.c b/security/nss/lib/pkix/src/Time/Equal.c
deleted file mode 100644
index 4ed05acd5..000000000
--- a/security/nss/lib/pkix/src/Time/Equal.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_Equal
- *
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKXITime_Equal
-(
- NSSPKXITime *time1,
- NSSPKXITime *time2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_Equal(time1, time2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/GetPRTime.c b/security/nss/lib/pkix/src/Time/GetPRTime.c
deleted file mode 100644
index 5871a482d..000000000
--- a/security/nss/lib/pkix/src/Time/GetPRTime.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_GetPRTime
- *
- * Returns a zero on error
- */
-
-NSS_IMPLEMENT PRTime
-NSSPKIXTime_GetPRTime
-(
- NSSPKIXTime *time,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (PRTime)0;
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_GetPRTime(time, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/GetUTF8Encoding.c b/security/nss/lib/pkix/src/Time/GetUTF8Encoding.c
deleted file mode 100644
index 7fc383b81..000000000
--- a/security/nss/lib/pkix/src/Time/GetUTF8Encoding.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXTime_GetUTF8Encoding
- *
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKXITime_GetUTF8Encoding
-(
- NSSPKIXTime *time,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXTime_GetUTF8Encoding(time, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/Time/PCreateFromPRTime.c b/security/nss/lib/pkix/src/Time/PCreateFromPRTime.c
deleted file mode 100644
index 13805e65d..000000000
--- a/security/nss/lib/pkix/src/Time/PCreateFromPRTime.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_CreateFromPRTime
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-nssPKIXTime_CreateFromPRTime
-(
- NSSArena *arenaOpt,
- PRTime prTime
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXTime *rv = (NSSPKIXTime *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXTime);
- if( (NSSPKIXTime *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- rv->prTime = prTime;
- rv->prTimeValid = PR_TRUE;
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Time_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXTime *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Time/PCreateFromUTF8.c b/security/nss/lib/pkix/src/Time/PCreateFromUTF8.c
deleted file mode 100644
index 1a15639ed..000000000
--- a/security/nss/lib/pkix/src/Time/PCreateFromUTF8.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_CreateFromUTF8
- *
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-nssPKIXTime_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXTime *rv = (NSSPKIXTime *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == utf8 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXTime *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXTime);
- if( (NSSPKIXTime *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
-
- /* fgmr base on nspr's pl implementation? */
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Time_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXTime *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Time/PDecode.c b/security/nss/lib/pkix/src/Time/PDecode.c
deleted file mode 100644
index 385665468..000000000
--- a/security/nss/lib/pkix/src/Time/PDecode.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_Decode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXTime upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXTime *
-nssPKIXTime_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSArena *arena;
- PRBool arena_allocated = PR_FALSE;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- NSSPKIXTime *rv = (NSSPKIXTime *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXTime *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXTime *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL == arenaOpt ) {
- arena = nssArena_Create();
- if( (NSSArena *)NULL == arena ) {
- goto loser;
- }
- arena_allocated = PR_TRUE;
- } else {
- arena = arenaOpt;
- mark = nssArena_Mark(arena);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arena, NSSPKIXTime);
- if( (NSSPKIXTime *)NULL == rv ) {
- goto loser;
- }
-
- rv->arena = arena;
- rv->i_allocated_arena = arena_allocated;
- rv->ber = nssItem_Duplicate(ber, arena, (NSSItem *)NULL);
- if( (NSSItem *)NULL == rv->ber ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arena, rv, nssPKIXTime_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arena, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_Time_add_pointer(rv) ) {
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arena, mark);
- }
-
- if( PR_TRUE == arena_allocated ) {
- (void)nssArena_Destroy(arena);
- }
-
- return (NSSPKIXTime *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/Time/PDestroy.c b/security/nss/lib/pkix/src/Time/PDestroy.c
deleted file mode 100644
index 973974b51..000000000
--- a/security/nss/lib/pkix/src/Time/PDestroy.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_Destroy
- *
- */
-
-NSS_IMPLEMENT PR_STATUS
-nssPKIXTime_Destroy
-(
- NSSPKIXTime *time
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
-#ifdef DEBUG
- (void)nss_pkix_Time_remove_pointer(time);
-#endif /* DEBUG */
-
- if( PR_TRUE == time->i_allocated_arena ) {
- return nssArena_Destroy(time->arena);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/Time/PEncode.c b/security/nss/lib/pkix/src/Time/PEncode.c
deleted file mode 100644
index 8904fac50..000000000
--- a/security/nss/lib/pkix/src/Time/PEncode.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXTime_Encode
- *
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXTime_Encode
-(
- NSSPKIXTime *time,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXTime_verifyPointer(time) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
diff --git a/security/nss/lib/pkix/src/Time/template.c b/security/nss/lib/pkix/src/Time/template.c
deleted file mode 100644
index 38c4f3c78..000000000
--- a/security/nss/lib/pkix/src/Time/template.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXTime_template
- *
- */
-
-const nssASN1Template nssPKIXTime_template[] = {
- { nssASN1_INLINE, offsetof(NSSPKIXTime, asn1item),
- nssASN1Template_Any, sizeof(NSSPKIXTime) }
-};
diff --git a/security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c b/security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c
deleted file mode 100644
index 84df20054..000000000
--- a/security/nss/lib/pkix/src/X520Name/CreateFromUTF8.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-NSSPKIXX520Name_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-)
-{
- PRStatus status = PR_SUCCESS;
- PRUint32 length;
- nss_ClearErrorStack();
-
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXX520Name *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == utf8 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXX520Name *)NULL;
- }
-#endif /* DEBUG */
-
- length = nssUTF8_Length(utf8, &status);
- if( PR_SUCCESS != status ) {
- if( NSS_ERROR_VALUE_TOO_LARGE == NSS_GetError() ) {
- nss_SetError(NSS_ERROR_STRING_TOO_LONG);
- }
- return (NSSPKIXX520Name *)NULL;
- }
-
- if( (length < 1 ) || (length > NSSPKIXX520Name_MAXIMUM_LENGTH) ) {
- nss_SetError(NSS_ERROR_STRING_TOO_LONG);
- }
-
- return nssPKIXX520Name_CreateFromUTF8(arenaOpt, utf8);
-}
-
-/*
- * NSSPKIXX520Name_MAXIMUM_LENGTH
- *
- * From RFC 2459:
- *
- * ub-name INTEGER ::= 32768
- */
-
-const PRUint32 NSSPKIXX520Name_MAXIMUM_LENGTH = 32768;
diff --git a/security/nss/lib/pkix/src/X520Name/Decode.c b/security/nss/lib/pkix/src/X520Name/Decode.c
deleted file mode 100644
index ac59d5598..000000000
--- a/security/nss/lib/pkix/src/X520Name/Decode.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-NSSPKIXX520Name_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Decode(arenaOpt, ber);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Destroy.c b/security/nss/lib/pkix/src/X520Name/Destroy.c
deleted file mode 100644
index 49037d3b4..000000000
--- a/security/nss/lib/pkix/src/X520Name/Destroy.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT NSSDER *
-NSSPKIXX520Name_Destroy
-(
- NSSPKIXX520Name *name
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSDER *)NULL;
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Destroy(name);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Duplicate.c b/security/nss/lib/pkix/src/X520Name/Duplicate.c
deleted file mode 100644
index bcb4b5a2b..000000000
--- a/security/nss/lib/pkix/src/X520Name/Duplicate.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-NSSPKIXX520Name_Duplicate
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Duplicate(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Encode.c b/security/nss/lib/pkix/src/X520Name/Encode.c
deleted file mode 100644
index 83cfd5442..000000000
--- a/security/nss/lib/pkix/src/X520Name/Encode.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-NSSPKIXX520Name_Encode
-(
- NSSPKIXX520Name *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Encode(name, encoding, rvOpt, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/Equal.c b/security/nss/lib/pkix/src/X520Name/Equal.c
deleted file mode 100644
index 75842e8f5..000000000
--- a/security/nss/lib/pkix/src/X520Name/Equal.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-NSSPKIXX520Name_Equal
-(
- NSSPKIXX520Name *name1,
- NSSPKIXX520Name *name2,
- PRStatus *statusOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name1) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name2) ) {
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
- return PR_FALSE;
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_Equal(name1, name2, statusOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c b/security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c
deleted file mode 100644
index 2e42124eb..000000000
--- a/security/nss/lib/pkix/src/X520Name/GetUTF8Encoding.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * NSSPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSDER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-NSSPKIXX520Name_GetUTF8Encoding
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-)
-{
- nss_ClearErrorStack();
-
-#ifdef DEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* DEBUG */
-
- return nssPKIXX520Name_GetUTF8Encoding(name, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/MDoUTF8.c b/security/nss/lib/pkix/src/X520Name/MDoUTF8.c
deleted file mode 100644
index 69cbf691e..000000000
--- a/security/nss/lib/pkix/src/X520Name/MDoUTF8.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-/*
- * nss_pkix_X520Name_DoUTF8
- *
- */
-
-NSS_IMPLEMENT PR_STATUS
-nss_pkix_X520Name_DoUTF8
-(
- NSSPKIXX520Name *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- PRUint8 tag = (*(PRUint8 *)name->string.data) & nssASN1_TAG_MASK;
- nssStringType type;
- void *data = (void *)&((PRUint8 *)name->string.data)[1];
- PRUint32 size = name->string.size-1;
-
- switch( tag ) {
- case nssASN1_TELETEX_STRING:
- type = nssStringType_TeletexString;
- break;
- case nssASN1_PRINTABLE_STRING:
- type = nssStringType_PrintableString;
- break;
- case nssASN1_UNIVERSAL_STRING:
- type = nssStringType_UniversalString;
- break;
- case nssASN1_BMP_STRING:
- type = nssStringType_BMPString;
- break;
- case nssASN1_UTF8_STRING:
- type = nssStringType_UTF8String;
- break;
- default:
- nss_SetError(NSS_ERROR_INVALID_BER);
- return PR_FAILURE;
- }
-
- name->utf8 = nssUTF8_Create(arenaOpt, type, data, size);
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- return PR_FAILURE;
- }
-
- if( nssASN1_PRINTABLE_STRING == tag ) {
- name->wasPrintable = PR_TRUE;
- }
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PCreate.c b/security/nss/lib/pkix/src/X520Name/PCreate.c
deleted file mode 100644
index c507a8f75..000000000
--- a/security/nss/lib/pkix/src/X520Name/PCreate.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Create
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_STRING_TYPE
- * NSS_ERROR_INVALID_ITEM
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_Create
-(
- NSSArena *arenaOpt,
- nssStringType type,
- NSSItem *data
-)
-{
- NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
- nssArenaMark *mark = (nssArenaMark *)NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXX520Name *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(data) ) {
- return (NSSPKIXX520Name *)NULL;
- }
-#endif /* NSSDEBUG */
-
- switch( type ) {
- case nssStringType_TeletexString:
- case nssStringType_PrintableString:
- case nssStringType_UniversalString:
- case nssStringType_UTF8String:
- case nssStringType_BMPString:
- break;
- default:
- nss_SetError(NSS_ERROR_INVALID_STRING_TYPE);
- goto loser;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- mark = nssArena_Mark(arenaOpt);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
- if( (NSSPKIXX520Name *)NULL == rv ) {
- goto loser;
- }
-
- rv->utf8 = nssUTF8_Create(arenaOpt, type, data->data, data->size);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- if( nssStringType_PrintableString == type ) {
- rv->wasPrintable = PR_TRUE;
- }
-
- rv->der = nssUTF8_GetDEREncoding(arenaOpt, type, rv->utf8);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
-
- rv->string.size = rv->der->size;
- rv->string.data = nss_ZAlloc(arenaOpt, rv->string.size);
- if( (void *)NULL == rv->string.data ) {
- goto loser;
- }
-
- (void)nsslibc_memcpy(rv->string.data, rv->der->data, rv->string.size);
-
- if( (NSSArena *)NULL != arenaOpt ) {
- rv->inArena = PR_TRUE;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_X520Name_remove_pointer, rv) ) {
- (void)nss_pkix_X520Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arenaOpt, mark);
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- if( (NSSPKIXX520Name *)NULL != rv ) {
- if( (NSSDER *)NULL != rv->der ) {
- nss_ZFreeIf(rv->der->data);
- nss_ZFreeIf(rv->der);
- }
-
- nss_ZFreeIf(rv->string.data);
- nss_ZFreeIf(rv->utf8);
- nss_ZFreeIf(rv);
- }
- }
-
- return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c b/security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c
deleted file mode 100644
index 0459f8c51..000000000
--- a/security/nss/lib/pkix/src/X520Name/PCreateFromUTF8.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_CreateFromUTF8
- *
- * { basically just enforces the length limit }
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_CreateFromUTF8
-(
- NSSArena *arenaOpt,
- NSSUTF8 *utf8
-)
-{
- NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
- nssArenaMark *mark = (nssArenaMark *)NULL;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXX520Name *)NULL;
- }
- }
-
- if( (NSSUTF8 *)NULL == utf8 ) {
- nss_SetError(NSS_ERROR_INVALID_STRING);
- return (NSSPKIXX520Name *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL != arenaOpt ) {
- mark = nssArena_Mark(arenaOpt);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
- if( (NSSPKIXX520Name *)NULL == rv ) {
- goto loser;
- }
-
- rv->utf8 = nssUTF8_Duplicate(utf8, arenaOpt);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
-
- /*
- * RFC 2459 states (s. 4.1.2.4) that certificates issued after
- * 2003-12-31 MUST encode strings as UTF8Strings, and until
- * then they may be encoded as PrintableStrings, BMPStrings,
- * or UTF8Strings (when the character sets allow). However, it
- * specifically notes that even before 2003-12-31, strings may
- * be encoded as UTF8Strings. So unless something important
- * breaks, I'll do UTF8Strings.
- */
-
- rv->der = nssUTF8_GetDEREncoding(arenaOpt, nssStringType_UTF8String,
- utf8);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
-
- rv->string.size = rv->der->size;
- rv->string.data = nss_ZAlloc(arenaOpt, rv->string.size);
- if( (void *)NULL == rv->string.data ) {
- goto loser;
- }
-
- (void)nsslibc_memcpy(rv->string.data, rv->der->size, rv->string.size);
-
- if( (NSSArena *)NULL != arenaOpt ) {
- rv->inArena = PR_TRUE;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_X520Name_remove_pointer, rv) ) {
- (void)nss_pkix_X520Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arenaOpt, mark);
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- if( (NSSPKIXX520Name *)NULL != rv ) {
- if( (NSSDER *)NULL != rv->der ) {
- nss_ZFreeIf(rv->der->data);
- nss_ZFreeIf(rv->der);
- }
-
- nss_ZFreeIf(rv->string.data);
- nss_ZFreeIf(rv->utf8);
- nss_ZFreeIf(rv);
- }
- }
-
- return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PDecode.c b/security/nss/lib/pkix/src/X520Name/PDecode.c
deleted file mode 100644
index 8228c8db4..000000000
--- a/security/nss/lib/pkix/src/X520Name/PDecode.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Decode
- *
- * -- fgmr comments --
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_BER
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_Decode
-(
- NSSArena *arenaOpt,
- NSSBER *ber
-)
-{
- NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
- nssArenaMark *mark = (nssArenaMark *)NULL;
- PRStatus status;
-
-#ifdef NSSDEBUG
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-
- if( PR_SUCCESS != nssItem_verifyPointer(ber) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL != arenaOpt ) {
- mark = nssArena_Mark(arenaOpt);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
- if( (NSSPKIXX520Name *)NULL == rv ) {
- goto loser;
- }
-
- status = nssASN1_DecodeBER(arenaOpt, rv, nssPKIXX520_template, ber);
- if( PR_SUCCESS != status ) {
- goto loser;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- rv->inArena = PR_TRUE;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_X520Name_remove_pointer, rv) ) {
- (void)nss_pkix_X520Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arenaOpt, mark);
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- if( (NSSPKIXX520Name *)NULL != rv ) {
- nss_ZFreeIf(rv->string.data);
- nss_ZFreeIf(rv->utf8);
- nss_ZFreeIf(rv);
- }
- }
-
- return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PDestroy.c b/security/nss/lib/pkix/src/X520Name/PDestroy.c
deleted file mode 100644
index 9a9bdaaa2..000000000
--- a/security/nss/lib/pkix/src/X520Name/PDestroy.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Destroy
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_EXTERN NSSDER *
-nssPKIXX520Name_Destroy
-(
- NSSPKIXX520Name *name
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return PR_FAILURE;
- }
-#endif /* NSSDEBUG */
-
- if( PR_TRUE != name->inArena ) {
- /*
- * Note that inArena is merely a hint. If this object was
- * created passively, this flag will be NULL no matter if
- * it was in an arena or not. However, you may safely
- * (try to) free memory in an NSSArena, so this isn't a
- * problem.
- */
-
- if( (NSSDER *)NULL != name->der ) {
- nss_ZFreeIf(name->der->data);
- nss_ZFreeIf(name->der);
- }
-
- nss_ZFreeIf(name->utf8);
- nss_ZFreeIf(name->string.data);
- nss_ZFreeIf(name);
- }
-
- return PR_SUCCESS;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PDuplicate.c b/security/nss/lib/pkix/src/X520Name/PDuplicate.c
deleted file mode 100644
index a2b6d7e53..000000000
--- a/security/nss/lib/pkix/src/X520Name/PDuplicate.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Duplicate
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INVALID_ARENA
- *
- * Return value:
- * A valid pointer to an NSSPKIXX520Name upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSPKIXX520Name *
-nssPKIXX520Name_Duplicate
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-)
-{
- NSSPKIXX520Name *rv = (NSSPKIXX520Name *)NULL;
- nssArenaMark *mark = (nssArenaMark *)NULL;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSPKIXAttribute *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSPKIXAttribute *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSArena *)NULL != arenaOpt ) {
- mark = nssArena_Mark(arenaOpt);
- if( (nssArenaMark *)NULL == mark ) {
- goto loser;
- }
- }
-
- rv = nss_ZNEW(arenaOpt, NSSPKIXX520Name);
- if( (NSSPKIXX520Name *)NULL == rv ) {
- goto loser;
- }
-
- rv->string.size = name->string.size;
- rv->string.data = nss_ZAlloc(arenaOpt, name->string.size);
- if( (void *)NULL == rv->string.data ) {
- goto loser;
- }
-
- (void)nsslibc_memcpy(rv->string.data, name->string.data, name->string.size);
-
- if( (NSSUTF8 *)NULL != name->utf8 ) {
- rv->utf8 = nssUTF8_Duplicate(name->utf8, arenaOpt);
- if( (NSSUTF8 *)NULL == rv->utf8 ) {
- goto loser;
- }
- }
-
- if( (NSSDER *)NULL != name->der ) {
- rv->der = nssItem_Duplicate(name->der, arenaOpt, (NSSItem *)NULL);
- if( (NSSDER *)NULL == rv->der ) {
- goto loser;
- }
- }
-
- rv->wasPrintable = name->wasPrintable;
-
- if( (NSSArena *)NULL != arenaOpt ) {
- rv->inArena = PR_TRUE;
- }
-
- if( (nssArenaMark *)NULL != mark ) {
- if( PR_SUCCESS != nssArena_Unmark(arenaOpt, mark) ) {
- goto loser;
- }
- }
-
-#ifdef DEBUG
- if( PR_SUCCESS != nss_pkix_X520Name_add_pointer(rv) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssArena_registerDestructor(arena,
- nss_pkix_X520Name_remove_pointer, rv) ) {
- (void)nss_pkix_X520Name_remove_pointer(rv);
- goto loser;
- }
-#endif /* DEBUG */
-
- return rv;
-
- loser:
- if( (nssArenaMark *)NULL != mark ) {
- (void)nssArena_Release(arenaOpt, mark);
- }
-
- if( (NSSArena *)NULL == arenaOpt ) {
- if( (NSSPKIXX520Name *)NULL != rv ) {
- if( (NSSDER *)NULL != rv->der ) {
- nss_ZFreeIf(rv->der->data);
- nss_ZFreeIf(rv->der);
- }
-
- nss_ZFreeIf(rv->string.data);
- nss_ZFreeIf(rv->utf8);
- nss_ZFreeIf(rv);
- }
- }
-
- return (NSSPKIXX520Name *)NULL;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PEncode.c b/security/nss/lib/pkix/src/X520Name/PEncode.c
deleted file mode 100644
index d9f001bae..000000000
--- a/security/nss/lib/pkix/src/X520Name/PEncode.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Encode
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSBER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSBER *
-nssPKIXX520Name_Encode
-(
- NSSPKIXX520Name *name,
- NSSASN1EncodingType encoding,
- NSSBER *rvOpt,
- NSSArena *arenaOpt
-)
-{
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSBER *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSBER *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSDER *)NULL == name->der ) {
- /* XXX fgmr */
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name) ) {
- return (NSSBER *)NULL;
- }
- }
-
- rv->der = nssUTF8_GetDEREncoding(arenaOpt, type, rv->utf8);
- if( (NSSDER *)NULL == rv->der ) {
- return (NSSBER *)NULL;
- }
- }
-
- return nssItem_Duplicate(name->der, arenaOpt, rvOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PEqual.c b/security/nss/lib/pkix/src/X520Name/PEqual.c
deleted file mode 100644
index 9ebe75005..000000000
--- a/security/nss/lib/pkix/src/X520Name/PEqual.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_Equal
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- *
- * Return value:
- * PR_TRUE if the two objects have equal values
- * PR_FALSE otherwise
- * PR_FALSE upon error
- */
-
-NSS_IMPLEMENT PRBool
-nssPKIXX520Name_Equal
-(
- NSSPKIXX520Name *name1,
- NSSPKIXX520Name *name2,
- PRStatus *statusOpt
-)
-{
- PRBool rv;
-
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name1) ) {
- goto loser;
- }
-
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name2) ) {
- goto loser;
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == name1->utf8 ) {
- if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name1) ) {
- goto loser;
- }
- }
-
- if( (NSSUTF8 *)NULL == name2->utf8 ) {
- if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name2) ) {
- goto loser;
- }
- }
-
- if( (PR_TRUE == name1->wasPrintable) && (PR_TRUE == name2->wasPrintable) ) {
- return nssUTF8_PrintableMatch(name1->utf8, name2->utf8, statusOpt);
- }
-
- return nssUTF8_Equal(name1->utf8, name2->utf8, statusOpt);
-
- loser:
- if( (PRStatus *)NULL != statusOpt ) {
- *statusOpt = PR_FAILURE;
- }
-
- return PR_FALSE;
-}
diff --git a/security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c b/security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c
deleted file mode 100644
index b023b1fea..000000000
--- a/security/nss/lib/pkix/src/X520Name/PGetUTF8Encoding.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-/*
- * nssPKIXX520Name_GetUTF8Encoding
- *
- *
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_X520_NAME
- * NSS_ERROR_NO_MEMORY
- *
- * Return value:
- * A valid NSSDER pointer upon success
- * NULL upon failure
- */
-
-NSS_IMPLEMENT NSSUTF8 *
-nssPKIXX520Name_GetUTF8Encoding
-(
- NSSPKIXX520Name *name,
- NSSArena *arenaOpt
-)
-{
-#ifdef NSSDEBUG
- if( PR_SUCCESS != nssPKIXX520Name_verifyPointer(name) ) {
- return (NSSUTF8 *)NULL;
- }
-
- if( (NSSArena *)NULL != arenaOpt ) {
- if( PR_SUCCESS != nssArena_verifyPointer(arenaOpt) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-#endif /* NSSDEBUG */
-
- if( (NSSUTF8 *)NULL == name->utf8 ) {
- if( PR_SUCCESS != nss_pkix_X520Name_DoUTF8(name) ) {
- return (NSSUTF8 *)NULL;
- }
- }
-
- return nssUTF8_Duplicate(rv->utf8, arenaOpt);
-}
diff --git a/security/nss/lib/pkix/src/X520Name/template.c b/security/nss/lib/pkix/src/X520Name/template.c
deleted file mode 100644
index 63f18e724..000000000
--- a/security/nss/lib/pkix/src/X520Name/template.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIX_H
-#include "pkix.h"
-#endif /* PKIX_H */
-
-#ifndef ASN1_H
-#include "asn1.h"
-#endif /* ASN1_H */
-
-/*
- * nssPKIXX520Name_template
- *
- *
- */
-
-const nssASN1Template nssPKIXX520Name_template[] = {
- { nssASN1_ANY, offsetof(NSSPKIXX520Name, string), NULL,
- sizeof(NSSPKIXX520Name) },
- { 0 }
-};
diff --git a/security/nss/lib/pkix/src/X520Name/verifyPointer.c b/security/nss/lib/pkix/src/X520Name/verifyPointer.c
deleted file mode 100644
index 9e447797d..000000000
--- a/security/nss/lib/pkix/src/X520Name/verifyPointer.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $Source$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#ifndef PKIXM_H
-#include "pkixm.h"
-#endif /* PKIXM_H */
-
-#ifdef DEBUG
-
-extern const NSSError NSS_ERROR_INTERNAL_ERROR;
-
-static nssPointerTracker pkix_x520_name_pointer_tracker;
-
-/*
- * nss_pkix_X520Name_add_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine adds an NSSPKIXX520Name pointer to
- * the internal pointer-tracker. This routine should only be used
- * by the NSSPKIX module. This routine returns a PRStatus value;
- * upon error it will place an error on the error stack and return
- * PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_NO_MEMORY
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_X520Name_add_pointer
-(
- const NSSPKIXX520Name *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_x520_name_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- return rv;
- }
-
- rv = nssPointerTracker_add(&pkix_x520_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- NSSError e = NSS_GetError();
- if( NSS_ERROR_NO_MEMORY != e ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
- }
-
- return PR_SUCCESS;
-}
-
-/*
- * nss_pkix_X520Name_remove_pointer
- *
- * This method is only present in debug builds.
- *
- * This module-private routine removes a valid NSSPKIXX520Name
- * pointer from the internal pointer-tracker. This routine should
- * only be used by the NSSPKIX module. This routine returns a
- * PRStatus value; upon error it will place an error on the error
- * stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INTERNAL_ERROR
- *
- * Return value:
- * PR_SUCCESS upon success
- * PR_FAILURE upon failure
- */
-
-NSS_IMPLEMENT PRStatus
-nss_pkix_X520Name_remove_pointer
-(
- const NSSPKIXX520Name *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_remove(&pkix_x520_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INTERNAL_ERROR);
- }
-
- return rv;
-}
-
-/*
- * nssPKIXX520Name_verifyPointer
- *
- * This method is only present in debug builds.
- *
- * If the specified pointer is a valid pointer to an NSSPKIXX520Name
- * object, this routine will return PR_SUCCESS. Otherwise, it will
- * put an error on the error stack and return PR_FAILURE.
- *
- * The error may be one of the following values:
- * NSS_ERROR_INVALID_PKIX_X520_NAME
- *
- * Return value:
- * PR_SUCCESS if the pointer is valid
- * PR_FAILURE if it isn't
- */
-
-NSS_IMPLEMENT PRStatus
-nssPKIXX520Name_verifyPointer
-(
- NSSPKIXX520Name *p
-)
-{
- PRStatus rv;
-
- rv = nssPointerTracker_initialize(&pkix_x520_name_pointer_tracker);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_X520_NAME);
- return PR_FAILURE;
- }
-
- rv = nssPointerTracker_verify(&pkix_x520_name_pointer_tracker, p);
- if( PR_SUCCESS != rv ) {
- nss_SetError(NSS_ERROR_INVALID_PKIX_X520_NAME);
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-#endif /* DEBUG */
diff --git a/security/nss/lib/smime/Makefile b/security/nss/lib/smime/Makefile
deleted file mode 100644
index cb85677bc..000000000
--- a/security/nss/lib/smime/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/lib/smime/cms.h b/security/nss/lib/smime/cms.h
deleted file mode 100644
index f2f50a654..000000000
--- a/security/nss/lib/smime/cms.h
+++ /dev/null
@@ -1,1082 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Interfaces of the CMS implementation.
- *
- * $Id$
- */
-
-#ifndef _CMS_H_
-#define _CMS_H_
-
-#include "seccomon.h"
-
-#include "secoidt.h"
-#include "certt.h"
-#include "keyt.h"
-#include "hasht.h"
-#include "cmst.h"
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/************************************************************************
- * cmsdecode.c - CMS decoding
- ************************************************************************/
-
-/*
- * NSS_CMSDecoder_Start - set up decoding of a DER-encoded CMS message
- *
- * "poolp" - pointer to arena for message, or NULL if new pool should be created
- * "cb", "cb_arg" - callback function and argument for delivery of inner content
- * inner content will be stored in the message if cb is NULL.
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- */
-extern NSSCMSDecoderContext *
-NSS_CMSDecoder_Start(PRArenaPool *poolp,
- NSSCMSContentCallback cb, void *cb_arg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg);
-
-/*
- * NSS_CMSDecoder_Update - feed DER-encoded data to decoder
- */
-extern SECStatus
-NSS_CMSDecoder_Update(NSSCMSDecoderContext *p7dcx, const char *buf, unsigned long len);
-
-/*
- * NSS_CMSDecoder_Cancel - cancel a decoding process
- */
-extern void
-NSS_CMSDecoder_Cancel(NSSCMSDecoderContext *p7dcx);
-
-/*
- * NSS_CMSDecoder_Finish - mark the end of inner content and finish decoding
- */
-extern NSSCMSMessage *
-NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx);
-
-/*
- * NSS_CMSMessage_CreateFromDER - decode a CMS message from DER encoded data
- */
-extern NSSCMSMessage *
-NSS_CMSMessage_CreateFromDER(SECItem *DERmessage,
- NSSCMSContentCallback cb, void *cb_arg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg);
-
-/************************************************************************
- * cmsencode.c - CMS encoding
- ************************************************************************/
-
-/*
- * NSS_CMSEncoder_Start - set up encoding of a CMS message
- *
- * "cmsg" - message to encode
- * "outputfn", "outputarg" - callback function for delivery of DER-encoded output
- * will not be called if NULL.
- * "dest" - if non-NULL, pointer to SECItem that will hold the DER-encoded output
- * "destpoolp" - pool to allocate DER-encoded output in
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- */
-extern NSSCMSEncoderContext *
-NSS_CMSEncoder_Start(NSSCMSMessage *cmsg,
- NSSCMSContentCallback outputfn, void *outputarg,
- SECItem *dest, PLArenaPool *destpoolp,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
- SECAlgorithmID **detached_digestalgs, SECItem **detached_digests);
-
-/*
- * NSS_CMSEncoder_Update - take content data delivery from the user
- *
- * "p7ecx" - encoder context
- * "data" - content data
- * "len" - length of content data
- */
-extern SECStatus
-NSS_CMSEncoder_Update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len);
-
-/*
- * NSS_CMSEncoder_Finish - signal the end of data
- *
- * we need to walk down the chain of encoders and the finish them from the innermost out
- */
-extern SECStatus
-NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx);
-
-/************************************************************************
- * cmsmessage.c - CMS message object
- ************************************************************************/
-
-/*
- * NSS_CMSMessage_Create - create a CMS message object
- *
- * "poolp" - arena to allocate memory from, or NULL if new arena should be created
- */
-extern NSSCMSMessage *
-NSS_CMSMessage_Create(PLArenaPool *poolp);
-
-/*
- * NSS_CMSMessage_SetEncodingParams - set up a CMS message object for encoding or decoding
- *
- * "cmsg" - message object
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- *
- * used internally.
- */
-extern void
-NSS_CMSMessage_SetEncodingParams(NSSCMSMessage *cmsg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
- SECAlgorithmID **detached_digestalgs, SECItem **detached_digests);
-
-/*
- * NSS_CMSMessage_Destroy - destroy a CMS message and all of its sub-pieces.
- */
-extern void
-NSS_CMSMessage_Destroy(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_Copy - return a copy of the given message.
- *
- * The copy may be virtual or may be real -- either way, the result needs
- * to be passed to NSS_CMSMessage_Destroy later (as does the original).
- */
-extern NSSCMSMessage *
-NSS_CMSMessage_Copy(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_GetArena - return a pointer to the message's arena pool
- */
-extern PLArenaPool *
-NSS_CMSMessage_GetArena(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_GetContentInfo - return a pointer to the top level contentInfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSMessage_GetContentInfo(NSSCMSMessage *cmsg);
-
-/*
- * Return a pointer to the actual content.
- * In the case of those types which are encrypted, this returns the *plain* content.
- * In case of nested contentInfos, this descends and retrieves the innermost content.
- */
-extern SECItem *
-NSS_CMSMessage_GetContent(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_ContentLevelCount - count number of levels of CMS content objects in this message
- *
- * CMS data content objects do not count.
- */
-extern int
-NSS_CMSMessage_ContentLevelCount(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_ContentLevel - find content level #n
- *
- * CMS data content objects do not count.
- */
-extern NSSCMSContentInfo *
-NSS_CMSMessage_ContentLevel(NSSCMSMessage *cmsg, int n);
-
-/*
- * NSS_CMSMessage_ContainsCertsOrCrls - see if message contains certs along the way
- */
-extern PRBool
-NSS_CMSMessage_ContainsCertsOrCrls(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_IsEncrypted - see if message contains a encrypted submessage
- */
-extern PRBool
-NSS_CMSMessage_IsEncrypted(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_IsSigned - see if message contains a signed submessage
- *
- * If the CMS message has a SignedData with a signature (not just a SignedData)
- * return true; false otherwise. This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-extern PRBool
-NSS_CMSMessage_IsSigned(NSSCMSMessage *cmsg);
-
-/*
- * NSS_CMSMessage_IsContentEmpty - see if content is empty
- *
- * returns PR_TRUE is innermost content length is < minLen
- * XXX need the encrypted content length (why?)
- */
-extern PRBool
-NSS_CMSMessage_IsContentEmpty(NSSCMSMessage *cmsg, unsigned int minLen);
-
-/************************************************************************
- * cmscinfo.c - CMS contentInfo methods
- ************************************************************************/
-
-/*
- * NSS_CMSContentInfo_Destroy - destroy a CMS contentInfo and all of its sub-pieces.
- */
-extern void
-NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetChildContentInfo - get content's contentInfo (if it exists)
- */
-extern NSSCMSContentInfo *
-NSS_CMSContentInfo_GetChildContentInfo(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_SetContent - set cinfo's content type & content to CMS object
- */
-extern SECStatus
-NSS_CMSContentInfo_SetContent(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECOidTag type, void *ptr);
-
-/*
- * NSS_CMSContentInfo_SetContent_XXXX - typesafe wrappers for NSS_CMSContentInfo_SetType
- * set cinfo's content type & content to CMS object
- */
-extern SECStatus
-NSS_CMSContentInfo_SetContent_Data(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECItem *data, PRBool detached);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_SignedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_EnvelopedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEnvelopedData *envd);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_DigestedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSDigestedData *digd);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContent_EncryptedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSContentInfo_GetContent - get pointer to inner content
- *
- * needs to be casted...
- */
-extern void *
-NSS_CMSContentInfo_GetContent(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetInnerContent - get pointer to innermost content
- *
- * this is typically only called by NSS_CMSMessage_GetContent()
- */
-extern SECItem *
-NSS_CMSContentInfo_GetInnerContent(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetContentType{Tag,OID} - find out (saving pointer to lookup result
- * for future reference) and return the inner content type.
- */
-extern SECOidTag
-NSS_CMSContentInfo_GetContentTypeTag(NSSCMSContentInfo *cinfo);
-
-extern SECItem *
-NSS_CMSContentInfo_GetContentTypeOID(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlgTag - find out (saving pointer to lookup result
- * for future reference) and return the content encryption algorithm tag.
- */
-extern SECOidTag
-NSS_CMSContentInfo_GetContentEncAlgTag(NSSCMSContentInfo *cinfo);
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlg - find out and return the content encryption algorithm tag.
- */
-extern SECAlgorithmID *
-NSS_CMSContentInfo_GetContentEncAlg(NSSCMSContentInfo *cinfo);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContentEncAlg(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
- SECOidTag bulkalgtag, SECItem *parameters, int keysize);
-
-extern SECStatus
-NSS_CMSContentInfo_SetContentEncAlgID(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
- SECAlgorithmID *algid, int keysize);
-
-extern void
-NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey);
-
-extern PK11SymKey *
-NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo *cinfo);
-
-extern int
-NSS_CMSContentInfo_GetBulkKeySize(NSSCMSContentInfo *cinfo);
-
-/************************************************************************
- * cmsutil.c - CMS misc utility functions
- ************************************************************************/
-
-/*
- * NSS_CMSArray_SortByDER - sort array of objects by objects' DER encoding
- *
- * make sure that the order of the objects guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in objs).
- */
-extern SECStatus
-NSS_CMSArray_SortByDER(void **objs, const SEC_ASN1Template *objtemplate, void **objs2);
-
-/*
- * NSS_CMSUtil_DERCompare - for use with NSS_CMSArray_Sort to
- * sort arrays of SECItems containing DER
- */
-extern int
-NSS_CMSUtil_DERCompare(void *a, void *b);
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algid - algorithmid of algorithm to pick
- *
- * Returns:
- * An integer containing the index of the algorithm in the array or -1 if
- * algorithm was not found.
- */
-extern int
-NSS_CMSAlgArray_GetIndexByAlgID(SECAlgorithmID **algorithmArray, SECAlgorithmID *algid);
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algiddata - id of algorithm to pick
- *
- * Returns:
- * An integer containing the index of the algorithm in the array or -1 if
- * algorithm was not found.
- */
-extern int
-NSS_CMSAlgArray_GetIndexByAlgTag(SECAlgorithmID **algorithmArray, SECOidTag algtag);
-
-extern const SECHashObject *
-NSS_CMSUtil_GetHashObjByAlgID(SECAlgorithmID *algid);
-
-/*
- * XXX I would *really* like to not have to do this, but the current
- * signing interface gives me little choice.
- */
-extern SECOidTag
-NSS_CMSUtil_MakeSignatureAlgorithm(SECOidTag hashalg, SECOidTag encalg);
-
-extern const SEC_ASN1Template *
-NSS_CMSUtil_GetTemplateByTypeTag(SECOidTag type);
-
-extern size_t
-NSS_CMSUtil_GetSizeByTypeTag(SECOidTag type);
-
-extern NSSCMSContentInfo *
-NSS_CMSContent_GetContentInfo(void *msg, SECOidTag type);
-
-extern const char *
-NSS_CMSUtil_VerificationStatusToString(NSSCMSVerificationStatus vs);
-
-/************************************************************************
- * cmssigdata.c - CMS signedData methods
- ************************************************************************/
-
-extern NSSCMSSignedData *
-NSS_CMSSignedData_Create(NSSCMSMessage *cmsg);
-
-extern void
-NSS_CMSSignedData_Destroy(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Encode_BeforeStart - do all the necessary things to a SignedData
- * before start of encoding.
- *
- * In detail:
- * - find out about the right value to put into sigd->version
- * - come up with a list of digestAlgorithms (which should be the union of the algorithms
- * in the signerinfos).
- * If we happen to have a pre-set list of algorithms (and digest values!), we
- * check if we have all the signerinfos' algorithms. If not, this is an error.
- */
-extern SECStatus
-NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_Encode_BeforeData(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Encode_AfterData - do all the necessary things to a SignedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - create the signatures in all the SignerInfos
- *
- * Please note that nothing is done to the Certificates and CRLs in the message - this
- * is entirely the responsibility of our callers.
- */
-extern SECStatus
-NSS_CMSSignedData_Encode_AfterData(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Decode_AfterData - do all the necessary things to a SignedData
- * after all the encapsulated data was passed through the decoder.
- */
-extern SECStatus
-NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_Decode_AfterEnd - do all the necessary things to a SignedData
- * after all decoding is finished.
- */
-extern SECStatus
-NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_GetSignerInfos - retrieve the SignedData's signer list
- */
-extern NSSCMSSignerInfo **
-NSS_CMSSignedData_GetSignerInfos(NSSCMSSignedData *sigd);
-
-extern int
-NSS_CMSSignedData_SignerInfoCount(NSSCMSSignedData *sigd);
-
-extern NSSCMSSignerInfo *
-NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i);
-
-/*
- * NSS_CMSSignedData_GetDigestAlgs - retrieve the SignedData's digest algorithm list
- */
-extern SECAlgorithmID **
-NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_GetContentInfo - return pointer to this signedData's contentinfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_GetCertificateList - retrieve the SignedData's certificate list
- */
-extern SECItem **
-NSS_CMSSignedData_GetCertificateList(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
- SECCertUsage certusage, PRBool keepcerts);
-
-/*
- * NSS_CMSSignedData_HasDigests - see if we have digests in place
- */
-extern PRBool
-NSS_CMSSignedData_HasDigests(NSSCMSSignedData *sigd);
-
-/*
- * NSS_CMSSignedData_VerifySignerInfo - check a signature.
- *
- * The digests were either calculated during decoding (and are stored in the
- * signedData itself) or set after decoding using NSS_CMSSignedData_SetDigests.
- *
- * The verification checks if the signing cert is valid and has a trusted chain
- * for the purpose specified by "certusage".
- */
-extern SECStatus
-NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i, CERTCertDBHandle *certdb,
- SECCertUsage certusage);
-
-/*
- * NSS_CMSSignedData_VerifyCertsOnly - verify the certs in a certs-only message
-*/
-extern SECStatus
-NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
- CERTCertDBHandle *certdb,
- SECCertUsage usage);
-
-extern SECStatus
-NSS_CMSSignedData_AddCertList(NSSCMSSignedData *sigd, CERTCertificateList *certlist);
-
-/*
- * NSS_CMSSignedData_AddCertChain - add cert and its entire chain to the set of certs
- */
-extern SECStatus
-NSS_CMSSignedData_AddCertChain(NSSCMSSignedData *sigd, CERTCertificate *cert);
-
-extern SECStatus
-NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert);
-
-extern PRBool
-NSS_CMSSignedData_ContainsCertsOrCrls(NSSCMSSignedData *sigd);
-
-extern SECStatus
-NSS_CMSSignedData_AddSignerInfo(NSSCMSSignedData *sigd,
- NSSCMSSignerInfo *signerinfo);
-
-extern SECItem *
-NSS_CMSSignedData_GetDigestByAlgTag(NSSCMSSignedData *sigd, SECOidTag algtag);
-
-extern SECStatus
-NSS_CMSSignedData_SetDigests(NSSCMSSignedData *sigd,
- SECAlgorithmID **digestalgs,
- SECItem **digests);
-
-extern SECStatus
-NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd,
- SECOidTag digestalgtag,
- SECItem *digestdata);
-
-extern SECStatus
-NSS_CMSSignedData_AddDigest(PRArenaPool *poolp,
- NSSCMSSignedData *sigd,
- SECOidTag digestalgtag,
- SECItem *digest);
-
-extern SECItem *
-NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag);
-
-/*
- * NSS_CMSSignedData_CreateCertsOnly - create a certs-only SignedData.
- *
- * cert - base certificates that will be included
- * include_chain - if true, include the complete cert chain for cert
- *
- * More certs and chains can be added via AddCertificate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- */
-extern NSSCMSSignedData *
-NSS_CMSSignedData_CreateCertsOnly(NSSCMSMessage *cmsg, CERTCertificate *cert, PRBool include_chain);
-
-/************************************************************************
- * cmssiginfo.c - signerinfo methods
- ************************************************************************/
-
-extern NSSCMSSignerInfo *
-NSS_CMSSignerInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert, SECOidTag digestalgtag);
-
-/*
- * NSS_CMSSignerInfo_Destroy - destroy a SignerInfo data structure
- */
-extern void
-NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si);
-
-/*
- * NSS_CMSSignerInfo_Sign - sign something
- *
- */
-extern SECStatus
-NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType);
-
-extern SECStatus
-NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb,
- SECCertUsage certusage);
-
-/*
- * NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo
- *
- * Just verifies the signature. The assumption is that verification of the certificate
- * is done already.
- */
-extern SECStatus
-NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType);
-
-extern NSSCMSVerificationStatus
-NSS_CMSSignerInfo_GetVerificationStatus(NSSCMSSignerInfo *signerinfo);
-
-extern SECOidData *
-NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo);
-
-extern SECOidTag
-NSS_CMSSignerInfo_GetDigestAlgTag(NSSCMSSignerInfo *signerinfo);
-
-extern int
-NSS_CMSSignerInfo_GetVersion(NSSCMSSignerInfo *signerinfo);
-
-extern CERTCertificateList *
-NSS_CMSSignerInfo_GetCertList(NSSCMSSignerInfo *signerinfo);
-
-/*
- * NSS_CMSSignerInfo_GetSigningTime - return the signing time,
- * in UTCTime format, of a CMS signerInfo.
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to XXXX (what?)
- * A return value of NULL is an error.
- */
-extern SECStatus
-NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime);
-
-/*
- * Return the signing cert of a CMS signerInfo.
- *
- * the certs in the enclosing SignedData must have been imported already
- */
-extern CERTCertificate *
-NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb);
-
-/*
- * NSS_CMSSignerInfo_GetSignerCommonName - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-extern char *
-NSS_CMSSignerInfo_GetSignerCommonName(NSSCMSSignerInfo *sinfo);
-
-/*
- * NSS_CMSSignerInfo_GetSignerEmailAddress - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-extern char *
-NSS_CMSSignerInfo_GetSignerEmailAddress(NSSCMSSignerInfo *sinfo);
-
-/*
- * NSS_CMSSignerInfo_AddAuthAttr - add an attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSSignerInfo_AddUnauthAttr - add an attribute to the
- * unauthenticated attributes of "signerinfo".
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSSignerInfo_AddSigningTime - add the signing time to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will do nothing.
- *
- * XXX This will probably just shove the current time into "signerinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding. Is this (expected to be small) delay okay?
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t);
-
-/*
- * NSS_CMSSignerInfo_AddSMIMECaps - add a SMIMECapabilities attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME).
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo);
-
-/*
- * NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed messages for email (S/MIME).
- */
-SECStatus
-NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb);
-
-/*
- * NSS_CMSSignerInfo_AddCounterSignature - countersign a signerinfo
- */
-extern SECStatus
-NSS_CMSSignerInfo_AddCounterSignature(NSSCMSSignerInfo *signerinfo,
- SECOidTag digestalg, CERTCertificate signingcert);
-
-/*
- * XXXX the following needs to be done in the S/MIME layer code
- * after signature of a signerinfo is verified
- */
-extern SECStatus
-NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo);
-
-/*
- * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer
- */
-extern SECStatus
-NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, NSSCMSCertChainMode cm, SECCertUsage usage);
-
-/************************************************************************
- * cmsenvdata.c - CMS envelopedData methods
- ************************************************************************/
-
-/*
- * NSS_CMSEnvelopedData_Create - create an enveloped data message
- */
-extern NSSCMSEnvelopedData *
-NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize);
-
-/*
- * NSS_CMSEnvelopedData_Destroy - destroy an enveloped data message
- */
-extern void
-NSS_CMSEnvelopedData_Destroy(NSSCMSEnvelopedData *edp);
-
-/*
- * NSS_CMSEnvelopedData_GetContentInfo - return pointer to this envelopedData's contentinfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSEnvelopedData_GetContentInfo(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_AddRecipient - add a recipientinfo to the enveloped data msg
- *
- * rip must be created on the same pool as edp - this is not enforced, though.
- */
-extern SECStatus
-NSS_CMSEnvelopedData_AddRecipient(NSSCMSEnvelopedData *edp, NSSCMSRecipientInfo *rip);
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeStart - prepare this envelopedData for encoding
- *
- * at this point, we need
- * - recipientinfos set up with recipient's certificates
- * - a content encryption algorithm (if none, 3DES will be used)
- *
- * this function will generate a random content encryption key (aka bulk key),
- * initialize the recipientinfos with certificate identification and wrap the bulk key
- * using the proper algorithm for every certificiate.
- * it will finally set the bulk algorithm and key so that the encode step can find it.
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeStart(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeData - set up encryption
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Encode_AfterData - finalize this envelopedData for encoding
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Encode_AfterData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo,
- * derive bulk key & set up our contentinfo
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterData - finish decrypting this envelopedData's content
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Decode_AfterData(NSSCMSEnvelopedData *envd);
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterEnd - finish decoding this envelopedData
- */
-extern SECStatus
-NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd);
-
-
-/************************************************************************
- * cmsrecinfo.c - CMS recipientInfo methods
- ************************************************************************/
-
-/*
- * NSS_CMSRecipientInfo_Create - create a recipientinfo
- *
- * we currently do not create KeyAgreement recipientinfos with multiple recipientEncryptedKeys
- * the certificate is supposed to have been verified by the caller
- */
-extern NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert);
-
-extern void
-NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri);
-
-extern int
-NSS_CMSRecipientInfo_GetVersion(NSSCMSRecipientInfo *ri);
-
-extern SECItem *
-NSS_CMSRecipientInfo_GetEncryptedKey(NSSCMSRecipientInfo *ri, int subIndex);
-
-
-extern SECOidTag
-NSS_CMSRecipientInfo_GetKeyEncryptionAlgorithmTag(NSSCMSRecipientInfo *ri);
-
-extern SECStatus
-NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey, SECOidTag bulkalgtag);
-
-extern PK11SymKey *
-NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
- CERTCertificate *cert, SECKEYPrivateKey *privkey, SECOidTag bulkalgtag);
-
-/************************************************************************
- * cmsencdata.c - CMS encryptedData methods
- ************************************************************************/
-/*
- * NSS_CMSEncryptedData_Create - create an empty encryptedData object.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- * "keysize" is the key size.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-extern NSSCMSEncryptedData *
-NSS_CMSEncryptedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize);
-
-/*
- * NSS_CMSEncryptedData_Destroy - destroy an encryptedData object
- */
-extern void
-NSS_CMSEncryptedData_Destroy(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_GetContentInfo - return pointer to encryptedData object's contentInfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSEncryptedData_GetContentInfo(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeStart - do all the necessary things to a EncryptedData
- * before encoding begins.
- *
- * In particular:
- * - set the correct version value.
- * - get the encryption key
- */
-extern SECStatus
-NSS_CMSEncryptedData_Encode_BeforeStart(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeData - set up encryption
- */
-extern SECStatus
-NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Encode_AfterData - finalize this encryptedData for encoding
- */
-extern SECStatus
-NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Decode_BeforeData - find bulk key & set up decryption
- */
-extern SECStatus
-NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterData - finish decrypting this encryptedData's content
- */
-extern SECStatus
-NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd);
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterEnd - finish decoding this encryptedData
- */
-extern SECStatus
-NSS_CMSEncryptedData_Decode_AfterEnd(NSSCMSEncryptedData *encd);
-
-/************************************************************************
- * cmsdigdata.c - CMS encryptedData methods
- ************************************************************************/
-/*
- * NSS_CMSDigestedData_Create - create a digestedData object (presumably for encoding)
- *
- * version will be set by NSS_CMSDigestedData_Encode_BeforeStart
- * digestAlg is passed as parameter
- * contentInfo must be filled by the user
- * digest will be calculated while encoding
- */
-extern NSSCMSDigestedData *
-NSS_CMSDigestedData_Create(NSSCMSMessage *cmsg, SECAlgorithmID *digestalg);
-
-/*
- * NSS_CMSDigestedData_Destroy - destroy a digestedData object
- */
-extern void
-NSS_CMSDigestedData_Destroy(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_GetContentInfo - return pointer to digestedData object's contentInfo
- */
-extern NSSCMSContentInfo *
-NSS_CMSDigestedData_GetContentInfo(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeStart - do all the necessary things to a DigestedData
- * before encoding begins.
- *
- * In particular:
- * - set the right version number. The contentInfo's content type must be set up already.
- */
-extern SECStatus
-NSS_CMSDigestedData_Encode_BeforeStart(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeData - do all the necessary things to a DigestedData
- * before the encapsulated data is passed through the encoder.
- *
- * In detail:
- * - set up the digests if necessary
- */
-extern SECStatus
-NSS_CMSDigestedData_Encode_BeforeData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Encode_AfterData - do all the necessary things to a DigestedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - finish the digests
- */
-extern SECStatus
-NSS_CMSDigestedData_Encode_AfterData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Decode_BeforeData - do all the necessary things to a DigestedData
- * before the encapsulated data is passed through the encoder.
- *
- * In detail:
- * - set up the digests if necessary
- */
-extern SECStatus
-NSS_CMSDigestedData_Decode_BeforeData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Decode_AfterData - do all the necessary things to a DigestedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - finish the digests
- */
-extern SECStatus
-NSS_CMSDigestedData_Decode_AfterData(NSSCMSDigestedData *digd);
-
-/*
- * NSS_CMSDigestedData_Decode_AfterEnd - finalize a digestedData.
- *
- * In detail:
- * - check the digests for equality
- */
-extern SECStatus
-NSS_CMSDigestedData_Decode_AfterEnd(NSSCMSDigestedData *digd);
-
-/************************************************************************
- * cmsdigest.c - digestion routines
- ************************************************************************/
-
-/*
- * NSS_CMSDigestContext_StartMultiple - start digest calculation using all the
- * digest algorithms in "digestalgs" in parallel.
- */
-extern NSSCMSDigestContext *
-NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs);
-
-/*
- * NSS_CMSDigestContext_StartSingle - same as NSS_CMSDigestContext_StartMultiple, but
- * only one algorithm.
- */
-extern NSSCMSDigestContext *
-NSS_CMSDigestContext_StartSingle(SECAlgorithmID *digestalg);
-
-/*
- * NSS_CMSDigestContext_Update - feed more data into the digest machine
- */
-extern void
-NSS_CMSDigestContext_Update(NSSCMSDigestContext *cmsdigcx, const unsigned char *data, int len);
-
-/*
- * NSS_CMSDigestContext_Cancel - cancel digesting operation
- */
-extern void
-NSS_CMSDigestContext_Cancel(NSSCMSDigestContext *cmsdigcx);
-
-/*
- * NSS_CMSDigestContext_FinishMultiple - finish the digests and put them
- * into an array of SECItems (allocated on poolp)
- */
-extern SECStatus
-NSS_CMSDigestContext_FinishMultiple(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
- SECItem ***digestsp);
-
-/*
- * NSS_CMSDigestContext_FinishSingle - same as NSS_CMSDigestContext_FinishMultiple,
- * but for one digest.
- */
-extern SECStatus
-NSS_CMSDigestContext_FinishSingle(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
- SECItem *digest);
-
-/************************************************************************
- *
- ************************************************************************/
-
-/* shortcuts for basic use */
-
-/*
- * NSS_CMSDEREncode - DER Encode a CMS message, with input being
- * the plaintext message and derOut being the output,
- * stored in arena's pool.
- */
-extern SECStatus
-NSS_CMSDEREncode(NSSCMSMessage *cmsg, SECItem *input, SECItem *derOut,
- PLArenaPool *arena);
-
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _CMS_H_ */
diff --git a/security/nss/lib/smime/cmsarray.c b/security/nss/lib/smime/cmsarray.c
deleted file mode 100644
index 68d7e1963..000000000
--- a/security/nss/lib/smime/cmsarray.c
+++ /dev/null
@@ -1,212 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS array functions.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secerr.h"
-
-/*
- * ARRAY FUNCTIONS
- *
- * In NSS, arrays are rather primitive arrays of pointers.
- * Makes it easy to walk the array, but hard to count elements
- * and manage the storage.
- *
- * This is a feeble attempt to encapsulate the functionality
- * and get rid of hundreds of lines of similar code
- */
-
-/*
- * NSS_CMSArray_Alloc - allocate an array in an arena
- *
- * This allocates space for the array of pointers
- */
-void **
-NSS_CMSArray_Alloc(PRArenaPool *poolp, int n)
-{
- return (void **)PORT_ArenaZAlloc(poolp, n * sizeof(void *));
-}
-
-/*
- * NSS_CMSArray_Add - add an element to the end of an array
- *
- * The array of pointers is either created (if array was empty before) or grown.
- */
-SECStatus
-NSS_CMSArray_Add(PRArenaPool *poolp, void ***array, void *obj)
-{
- void **p;
- int n;
- void **dest;
-
- PORT_Assert(array != NULL);
- if (array == NULL)
- return SECFailure;
-
- if (*array == NULL) {
- dest = (void **)PORT_ArenaAlloc(poolp, 2 * sizeof(void *));
- n = 0;
- } else {
- n = 0; p = *array;
- while (*p++)
- n++;
- dest = (void **)PORT_ArenaGrow (poolp,
- *array,
- (n + 1) * sizeof(void *),
- (n + 2) * sizeof(void *));
- }
- dest[n] = obj;
- dest[n+1] = NULL;
- *array = dest;
- return SECSuccess;
-}
-
-/*
- * NSS_CMSArray_IsEmpty - check if array is empty
- */
-PRBool
-NSS_CMSArray_IsEmpty(void **array)
-{
- return (array == NULL || array[0] == NULL);
-}
-
-/*
- * NSS_CMSArray_Count - count number of elements in array
- */
-int
-NSS_CMSArray_Count(void **array)
-{
- int n = 0;
-
- if (array == NULL)
- return 0;
-
- while (*array++ != NULL)
- n++;
-
- return n;
-}
-
-/*
- * NSS_CMSArray_Sort - sort an array in place
- *
- * If "secondary" or "tertiary are not NULL, it must be arrays with the same
- * number of elements as "primary". The same reordering will get applied to it.
- *
- * "compare" is a function that returns
- * < 0 when the first element is less than the second
- * = 0 when the first element is equal to the second
- * > 0 when the first element is greater than the second
- * to acheive ascending ordering.
- */
-void
-NSS_CMSArray_Sort(void **primary, int (*compare)(void *,void *), void **secondary, void **tertiary)
-{
- int n, i, limit, lastxchg;
- void *tmp;
-
- n = NSS_CMSArray_Count(primary);
-
- PORT_Assert(secondary == NULL || NSS_CMSArray_Count(secondary) == n);
- PORT_Assert(tertiary == NULL || NSS_CMSArray_Count(tertiary) == n);
-
- if (n <= 1) /* ordering is fine */
- return;
-
- /* yes, ladies and gentlemen, it's BUBBLE SORT TIME! */
- limit = n - 1;
- while (1) {
- lastxchg = 0;
- for (i = 0; i < limit; i++) {
- if ((*compare)(primary[i], primary[i+1]) > 0) {
- /* exchange the neighbours */
- tmp = primary[i+1];
- primary[i+1] = primary[i];
- primary[i] = tmp;
- if (secondary) { /* secondary array? */
- tmp = secondary[i+1]; /* exchange there as well */
- secondary[i+1] = secondary[i];
- secondary[i] = tmp;
- }
- if (tertiary) { /* tertiary array? */
- tmp = tertiary[i+1]; /* exchange there as well */
- tertiary[i+1] = tertiary[i];
- tertiary[i] = tmp;
- }
- lastxchg = i+1; /* index of the last element bubbled up */
- }
- }
- if (lastxchg == 0) /* no exchanges, so array is sorted */
- break; /* we're done */
- limit = lastxchg; /* array is sorted up to [limit] */
- }
-}
-
-#if 0
-
-/* array iterator stuff... not used */
-
-typedef void **NSSCMSArrayIterator;
-
-/* iterator */
-NSSCMSArrayIterator
-NSS_CMSArray_First(void **array)
-{
- if (array == NULL || array[0] == NULL)
- return NULL;
- return (NSSCMSArrayIterator)&(array[0]);
-}
-
-void *
-NSS_CMSArray_Obj(NSSCMSArrayIterator iter)
-{
- void **p = (void **)iter;
-
- return *iter; /* which is NULL if we are at the end of the array */
-}
-
-NSSCMSArrayIterator
-NSS_CMSArray_Next(NSSCMSArrayIterator iter)
-{
- void **p = (void **)iter;
-
- return (NSSCMSArrayIterator)(p + 1);
-}
-
-#endif
diff --git a/security/nss/lib/smime/cmsasn1.c b/security/nss/lib/smime/cmsasn1.c
deleted file mode 100644
index be44c7524..000000000
--- a/security/nss/lib/smime/cmsasn1.c
+++ /dev/null
@@ -1,575 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS ASN.1 templates
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "prtime.h"
-#include "secerr.h"
-
-
-extern const SEC_ASN1Template nss_cms_set_of_attribute_template[];
-
-SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
-SEC_ASN1_MKSUB(CERT_SetOfSignedCrlTemplate)
-SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
-SEC_ASN1_MKSUB(SEC_BitStringTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_PointerToOctetStringTemplate)
-SEC_ASN1_MKSUB(SEC_SetOfAnyTemplate)
-
-/* -----------------------------------------------------------------------------
- * MESSAGE
- * (uses NSSCMSContentInfo)
- */
-
-/* forward declaration */
-static const SEC_ASN1Template *
-nss_cms_choose_content_template(void *src_or_dest, PRBool encoding);
-
-static const SEC_ASN1TemplateChooserPtr nss_cms_chooser
- = nss_cms_choose_content_template;
-
-const SEC_ASN1Template NSSCMSMessageTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSMessage) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSCMSMessage,contentInfo.contentType) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSMessage,contentInfo.content),
- &nss_cms_chooser },
- { 0 }
-};
-
-static const SEC_ASN1Template NSS_PointerToCMSMessageTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSMessageTemplate }
-};
-
-/* -----------------------------------------------------------------------------
- * ENCAPSULATED & ENCRYPTED CONTENTINFO
- * (both use a NSSCMSContentInfo)
- */
-static const SEC_ASN1Template NSSCMSEncapsulatedContentInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSContentInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSCMSContentInfo,contentType) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | SEC_ASN1_MAY_STREAM |
- SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSContentInfo,rawContent),
- SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSEncryptedContentInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSContentInfo) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSCMSContentInfo,contentType) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSContentInfo,contentEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSContentInfo,rawContent),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * SIGNED DATA
- */
-
-const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
-
-const SEC_ASN1Template NSSCMSSignedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSSignedData) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSSignedData,version) },
- { SEC_ASN1_SET_OF | SEC_ASN1_XTRN,
- offsetof(NSSCMSSignedData,digestAlgorithms),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSSignedData,contentInfo),
- NSSCMSEncapsulatedContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSSignedData,rawCerts),
- SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(NSSCMSSignedData,crls),
- SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
- { SEC_ASN1_SET_OF,
- offsetof(NSSCMSSignedData,signerInfos),
- NSSCMSSignerInfoTemplate },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSSignedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSSignedDataTemplate }
-};
-
-/* -----------------------------------------------------------------------------
- * signeridentifier
- */
-
-static const SEC_ASN1Template NSSCMSSignerIdentifierTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSSignerIdentifier,identifierType), NULL,
- sizeof(NSSCMSSignerIdentifier) },
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSSignerIdentifier,id.subjectKeyID),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) ,
- NSSCMSRecipientID_SubjectKeyID },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(NSSCMSSignerIdentifier,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSCMSRecipientID_IssuerSN },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * signerinfo
- */
-
-const SEC_ASN1Template NSSCMSSignerInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSSignerInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSSignerInfo,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSSignerInfo,signerIdentifier),
- NSSCMSSignerIdentifierTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSSignerInfo,digestAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSSignerInfo,authAttr),
- nss_cms_set_of_attribute_template },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSSignerInfo,digestEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSSignerInfo,encDigest) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSCMSSignerInfo,unAuthAttr),
- nss_cms_set_of_attribute_template },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * ENVELOPED DATA
- */
-
-static const SEC_ASN1Template NSSCMSOriginatorInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSOriginatorInfo) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSOriginatorInfo,rawCerts),
- SEC_ASN1_SUB(SEC_SetOfAnyTemplate) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(NSSCMSOriginatorInfo,crls),
- SEC_ASN1_SUB(CERT_SetOfSignedCrlTemplate) },
- { 0 }
-};
-
-const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
-
-const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSEnvelopedData) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSEnvelopedData,version) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSEnvelopedData,originatorInfo),
- NSSCMSOriginatorInfoTemplate },
- { SEC_ASN1_SET_OF,
- offsetof(NSSCMSEnvelopedData,recipientInfos),
- NSSCMSRecipientInfoTemplate },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSEnvelopedData,contentInfo),
- NSSCMSEncryptedContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSCMSEnvelopedData,unprotectedAttr),
- nss_cms_set_of_attribute_template },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSEnvelopedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSEnvelopedDataTemplate }
-};
-
-/* here come the 15 gazillion templates for all the v3 varieties of RecipientInfo */
-
-/* -----------------------------------------------------------------------------
- * key transport recipient info
- */
-
-static const SEC_ASN1Template NSSCMSRecipientIdentifierTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSRecipientIdentifier,identifierType), NULL,
- sizeof(NSSCMSRecipientIdentifier) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 0,
- offsetof(NSSCMSRecipientIdentifier,id.subjectKeyID),
- SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
- NSSCMSRecipientID_SubjectKeyID },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(NSSCMSRecipientIdentifier,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSCMSRecipientID_IssuerSN },
- { 0 }
-};
-
-
-static const SEC_ASN1Template NSSCMSKeyTransRecipientInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSKeyTransRecipientInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSKeyTransRecipientInfo,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSKeyTransRecipientInfo,recipientIdentifier),
- NSSCMSRecipientIdentifierTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSKeyTransRecipientInfo,keyEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKeyTransRecipientInfo,encKey) },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * key agreement recipient info
- */
-
-static const SEC_ASN1Template NSSCMSOriginatorPublicKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSOriginatorPublicKey) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSOriginatorPublicKey,algorithmIdentifier),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSOriginatorPublicKey,publicKey),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-
-static const SEC_ASN1Template NSSCMSOriginatorIdentifierOrKeyTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSOriginatorIdentifierOrKey,identifierType), NULL,
- sizeof(NSSCMSOriginatorIdentifierOrKey) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(NSSCMSOriginatorIdentifierOrKey,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSCMSOriginatorIDOrKey_IssuerSN },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
- SEC_ASN1_XTRN | 1,
- offsetof(NSSCMSOriginatorIdentifierOrKey,id.subjectKeyID),
- SEC_ASN1_SUB(SEC_PointerToOctetStringTemplate) ,
- NSSCMSOriginatorIDOrKey_SubjectKeyID },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(NSSCMSOriginatorIdentifierOrKey,id.originatorPublicKey),
- NSSCMSOriginatorPublicKeyTemplate,
- NSSCMSOriginatorIDOrKey_OriginatorPublicKey },
- { 0 }
-};
-
-const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSRecipientKeyIdentifier) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSRecipientKeyIdentifier,subjectKeyIdentifier) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSRecipientKeyIdentifier,date) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSRecipientKeyIdentifier,other) },
- { 0 }
-};
-
-
-static const SEC_ASN1Template NSSCMSKeyAgreeRecipientIdentifierTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSKeyAgreeRecipientIdentifier,identifierType), NULL,
- sizeof(NSSCMSKeyAgreeRecipientIdentifier) },
- { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
- offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSCMSKeyAgreeRecipientID_IssuerSN },
- { SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSKeyAgreeRecipientIdentifier,id.recipientKeyIdentifier),
- NSSCMSRecipientKeyIdentifierTemplate,
- NSSCMSKeyAgreeRecipientID_RKeyID },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSRecipientEncryptedKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSRecipientEncryptedKey) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSRecipientEncryptedKey,recipientIdentifier),
- NSSCMSKeyAgreeRecipientIdentifierTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSRecipientEncryptedKey,encKey),
- SEC_ASN1_SUB(SEC_BitStringTemplate) },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSKeyAgreeRecipientInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSKeyAgreeRecipientInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSKeyAgreeRecipientInfo,version) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
- offsetof(NSSCMSKeyAgreeRecipientInfo,originatorIdentifierOrKey),
- NSSCMSOriginatorIdentifierOrKeyTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT |
- SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
- offsetof(NSSCMSKeyAgreeRecipientInfo,ukm),
- SEC_ASN1_SUB(SEC_OctetStringTemplate) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSKeyAgreeRecipientInfo,keyEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_SEQUENCE_OF,
- offsetof(NSSCMSKeyAgreeRecipientInfo,recipientEncryptedKeys),
- NSSCMSRecipientEncryptedKeyTemplate },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * KEK recipient info
- */
-
-static const SEC_ASN1Template NSSCMSKEKIdentifierTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSKEKIdentifier) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKEKIdentifier,keyIdentifier) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKEKIdentifier,date) },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKEKIdentifier,other) },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSCMSKEKRecipientInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSKEKRecipientInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSKEKRecipientInfo,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSKEKRecipientInfo,kekIdentifier),
- NSSCMSKEKIdentifierTemplate },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSKEKRecipientInfo,keyEncAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSKEKRecipientInfo,encKey) },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- * recipient info
- */
-const SEC_ASN1Template NSSCMSRecipientInfoTemplate[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSCMSRecipientInfo,recipientInfoType), NULL,
- sizeof(NSSCMSRecipientInfo) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSCMSRecipientInfo,ri.keyAgreeRecipientInfo),
- NSSCMSKeyAgreeRecipientInfoTemplate,
- NSSCMSRecipientInfoID_KeyAgree },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
- offsetof(NSSCMSRecipientInfo,ri.kekRecipientInfo),
- NSSCMSKEKRecipientInfoTemplate,
- NSSCMSRecipientInfoID_KEK },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSRecipientInfo,ri.keyTransRecipientInfo),
- NSSCMSKeyTransRecipientInfoTemplate,
- NSSCMSRecipientInfoID_KeyTrans },
- { 0 }
-};
-
-/* -----------------------------------------------------------------------------
- *
- */
-
-const SEC_ASN1Template NSSCMSDigestedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSDigestedData) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSDigestedData,version) },
- { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
- offsetof(NSSCMSDigestedData,digestAlg),
- SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSDigestedData,contentInfo),
- NSSCMSEncapsulatedContentInfoTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSDigestedData,digest) },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSDigestedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSDigestedDataTemplate }
-};
-
-const SEC_ASN1Template NSSCMSEncryptedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE | SEC_ASN1_MAY_STREAM,
- 0, NULL, sizeof(NSSCMSEncryptedData) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSCMSEncryptedData,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSCMSEncryptedData,contentInfo),
- NSSCMSEncryptedContentInfoTemplate },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSCMSEncryptedData,unprotectedAttr),
- nss_cms_set_of_attribute_template },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_PointerToCMSEncryptedDataTemplate[] = {
- { SEC_ASN1_POINTER, 0, NSSCMSEncryptedDataTemplate }
-};
-
-/* -----------------------------------------------------------------------------
- * FORTEZZA KEA
- */
-const SEC_ASN1Template NSS_SMIMEKEAParamTemplateSkipjack[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_SMIMEKEAParamTemplateNoSkipjack[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
- { 0 }
-};
-
-const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
- { SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
- offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
- offsetof(NSSCMSSMIMEKEAParameters,bulkKeySize) },
- { 0 }
-};
-
-const SEC_ASN1Template *
-nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate)
-{
- const SEC_ASN1Template *returnVal = NULL;
-
- switch(whichTemplate)
- {
- case NSSCMSKEAUsesNonSkipjack:
- returnVal = NSS_SMIMEKEAParamTemplateNoSkipjack;
- break;
- case NSSCMSKEAUsesSkipjack:
- returnVal = NSS_SMIMEKEAParamTemplateSkipjack;
- break;
- case NSSCMSKEAUsesNonSkipjackWithPaddedEncKey:
- default:
- returnVal = NSS_SMIMEKEAParamTemplateAllParams;
- break;
- }
- return returnVal;
-}
-
-/* -----------------------------------------------------------------------------
- *
- */
-static const SEC_ASN1Template *
-nss_cms_choose_content_template(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- NSSCMSContentInfo *cinfo;
-
- PORT_Assert (src_or_dest != NULL);
- if (src_or_dest == NULL)
- return NULL;
-
- cinfo = (NSSCMSContentInfo *)src_or_dest;
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- default:
- theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate);
- break;
- case SEC_OID_PKCS7_DATA:
- theTemplate = SEC_ASN1_GET(SEC_PointerToOctetStringTemplate);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- theTemplate = NSS_PointerToCMSSignedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- theTemplate = NSS_PointerToCMSEnvelopedDataTemplate;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- theTemplate = NSS_PointerToCMSDigestedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- theTemplate = NSS_PointerToCMSEncryptedDataTemplate;
- break;
- }
- return theTemplate;
-}
diff --git a/security/nss/lib/smime/cmsattr.c b/security/nss/lib/smime/cmsattr.c
deleted file mode 100644
index 4217e6c78..000000000
--- a/security/nss/lib/smime/cmsattr.c
+++ /dev/null
@@ -1,453 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS attributes.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-/*
- * -------------------------------------------------------------------
- * XXX The following Attribute stuff really belongs elsewhere.
- * The Attribute type is *not* part of CMS but rather X.501.
- * But for now, since CMS is the only customer of attributes,
- * we define them here. Once there is a use outside of CMS,
- * then change the attribute types and functions from internal
- * to external naming convention, and move them elsewhere!
- */
-
-
-/*
- * NSS_CMSAttribute_Create - create an attribute
- *
- * if value is NULL, the attribute won't have a value. It can be added later
- * with NSS_CMSAttribute_AddValue.
- */
-NSSCMSAttribute *
-NSS_CMSAttribute_Create(PRArenaPool *poolp, SECOidTag oidtag, SECItem *value, PRBool encoded)
-{
- NSSCMSAttribute *attr;
- SECItem *copiedvalue;
- void *mark;
-
- PORT_Assert (poolp != NULL);
-
- mark = PORT_ArenaMark (poolp);
-
- attr = (NSSCMSAttribute *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSAttribute));
- if (attr == NULL)
- goto loser;
-
- attr->typeTag = SECOID_FindOIDByTag(oidtag);
- if (attr->typeTag == NULL)
- goto loser;
-
- if (SECITEM_CopyItem(poolp, &(attr->type), &(attr->typeTag->oid)) != SECSuccess)
- goto loser;
-
- if (value != NULL) {
- if ((copiedvalue = SECITEM_AllocItem(poolp, NULL, value->len)) == NULL)
- goto loser;
-
- if (SECITEM_CopyItem(poolp, copiedvalue, value) != SECSuccess)
- goto loser;
-
- NSS_CMSArray_Add(poolp, (void ***)&(attr->values), (void *)copiedvalue);
- }
-
- attr->encoded = encoded;
-
- PORT_ArenaUnmark (poolp, mark);
-
- return attr;
-
-loser:
- PORT_Assert (mark != NULL);
- PORT_ArenaRelease (poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSAttribute_AddValue - add another value to an attribute
- */
-SECStatus
-NSS_CMSAttribute_AddValue(PLArenaPool *poolp, NSSCMSAttribute *attr, SECItem *value)
-{
- SECItem copiedvalue;
- void *mark;
-
- PORT_Assert (poolp != NULL);
-
- mark = PORT_ArenaMark(poolp);
-
- /* XXX we need an object memory model #$%#$%! */
- if (SECITEM_CopyItem(poolp, &copiedvalue, value) != SECSuccess)
- goto loser;
-
- if (NSS_CMSArray_Add(poolp, (void ***)&(attr->values), (void *)&copiedvalue) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_Assert (mark != NULL);
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSAttribute_GetType - return the OID tag
- */
-SECOidTag
-NSS_CMSAttribute_GetType(NSSCMSAttribute *attr)
-{
- SECOidData *typetag;
-
- typetag = SECOID_FindOID(&(attr->type));
- if (typetag == NULL)
- return SEC_OID_UNKNOWN;
-
- return typetag->offset;
-}
-
-/*
- * NSS_CMSAttribute_GetValue - return the first attribute value
- *
- * We do some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-SECItem *
-NSS_CMSAttribute_GetValue(NSSCMSAttribute *attr)
-{
- SECItem *value;
-
- if (attr == NULL)
- return NULL;
-
- value = attr->values[0];
-
- if (value == NULL || value->data == NULL || value->len == 0)
- return NULL;
-
- if (attr->values[1] != NULL)
- return NULL;
-
- return value;
-}
-
-/*
- * NSS_CMSAttribute_CompareValue - compare the attribute's first value against data
- */
-PRBool
-NSS_CMSAttribute_CompareValue(NSSCMSAttribute *attr, SECItem *av)
-{
- SECItem *value;
-
- if (attr == NULL)
- return PR_FALSE;
-
- value = NSS_CMSAttribute_GetValue(attr);
-
- return (value != NULL && value->len == av->len &&
- PORT_Memcmp (value->data, av->data, value->len) == 0);
-}
-
-/*
- * templates and functions for separate ASN.1 encoding of attributes
- *
- * used in NSS_CMSAttributeArray_Reorder
- */
-
-/*
- * helper function for dynamic template determination of the attribute value
- */
-static const SEC_ASN1Template *
-cms_attr_choose_attr_value_template(void *src_or_dest, PRBool encoding)
-{
- const SEC_ASN1Template *theTemplate;
- NSSCMSAttribute *attribute;
- SECOidData *oiddata;
- PRBool encoded;
-
- PORT_Assert (src_or_dest != NULL);
- if (src_or_dest == NULL)
- return NULL;
-
- attribute = (NSSCMSAttribute *)src_or_dest;
-
- if (encoding && attribute->encoded)
- /* we're encoding, and the attribute value is already encoded. */
- return SEC_ASN1_GET(SEC_AnyTemplate);
-
- /* get attribute's typeTag */
- oiddata = attribute->typeTag;
- if (oiddata == NULL) {
- oiddata = SECOID_FindOID(&attribute->type);
- attribute->typeTag = oiddata;
- }
-
- if (oiddata == NULL) {
- /* still no OID tag? OID is unknown then. en/decode value as ANY. */
- encoded = PR_TRUE;
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- } else {
- switch (oiddata->offset) {
- case SEC_OID_PKCS9_SMIME_CAPABILITIES:
- case SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE:
- /* these guys need to stay DER-encoded */
- default:
- /* same goes for OIDs that are not handled here */
- encoded = PR_TRUE;
- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate);
- break;
- /* otherwise choose proper template */
- case SEC_OID_PKCS9_EMAIL_ADDRESS:
- case SEC_OID_RFC1274_MAIL:
- case SEC_OID_PKCS9_UNSTRUCTURED_NAME:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_IA5StringTemplate);
- break;
- case SEC_OID_PKCS9_CONTENT_TYPE:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_ObjectIDTemplate);
- break;
- case SEC_OID_PKCS9_MESSAGE_DIGEST:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_OctetStringTemplate);
- break;
- case SEC_OID_PKCS9_SIGNING_TIME:
- encoded = PR_FALSE;
- theTemplate = SEC_ASN1_GET(SEC_UTCTimeTemplate);
- break;
- /* XXX Want other types here, too */
- }
- }
-
- if (encoding) {
- /*
- * If we are encoding and we think we have an already-encoded value,
- * then the code which initialized this attribute should have set
- * the "encoded" property to true (and we would have returned early,
- * up above). No devastating error, but that code should be fixed.
- * (It could indicate that the resulting encoded bytes are wrong.)
- */
- PORT_Assert (!encoded);
- } else {
- /*
- * We are decoding; record whether the resulting value is
- * still encoded or not.
- */
- attribute->encoded = encoded;
- }
- return theTemplate;
-}
-
-static const SEC_ASN1TemplateChooserPtr cms_attr_chooser
- = cms_attr_choose_attr_value_template;
-
-const SEC_ASN1Template nss_cms_attribute_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSCMSAttribute) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSCMSAttribute,type) },
- { SEC_ASN1_DYNAMIC | SEC_ASN1_SET_OF,
- offsetof(NSSCMSAttribute,values),
- &cms_attr_chooser },
- { 0 }
-};
-
-const SEC_ASN1Template nss_cms_set_of_attribute_template[] = {
- { SEC_ASN1_SET_OF, 0, nss_cms_attribute_template },
-};
-
-/* =============================================================================
- * Attribute Array methods
- */
-
-/*
- * NSS_CMSAttributeArray_Encode - encode an Attribute array as SET OF Attributes
- *
- * If you are wondering why this routine does not reorder the attributes
- * first, and might be tempted to make it do so, see the comment by the
- * call to ReorderAttributes in cmsencode.c. (Or, see who else calls this
- * and think long and hard about the implications of making it always
- * do the reordering.)
- */
-SECItem *
-NSS_CMSAttributeArray_Encode(PRArenaPool *poolp, NSSCMSAttribute ***attrs, SECItem *dest)
-{
- return SEC_ASN1EncodeItem (poolp, dest, (void *)attrs, nss_cms_set_of_attribute_template);
-}
-
-/*
- * NSS_CMSAttributeArray_Reorder - sort attribute array by attribute's DER encoding
- *
- * make sure that the order of the attributes guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in attrs).
- */
-SECStatus
-NSS_CMSAttributeArray_Reorder(NSSCMSAttribute **attrs)
-{
- return NSS_CMSArray_SortByDER((void **)attrs, nss_cms_attribute_template, NULL);
-}
-
-/*
- * NSS_CMSAttributeArray_FindAttrByOidTag - look through a set of attributes and
- * find one that matches the specified object ID.
- *
- * If "only" is true, then make sure that there is not more than one attribute
- * of the same type. Otherwise, just return the first one found. (XXX Does
- * anybody really want that first-found behavior? It was like that when I found it...)
- */
-NSSCMSAttribute *
-NSS_CMSAttributeArray_FindAttrByOidTag(NSSCMSAttribute **attrs, SECOidTag oidtag, PRBool only)
-{
- SECOidData *oid;
- NSSCMSAttribute *attr1, *attr2;
-
- if (attrs == NULL)
- return NULL;
-
- oid = SECOID_FindOIDByTag(oidtag);
- if (oid == NULL)
- return NULL;
-
- while ((attr1 = *attrs++) != NULL) {
- if (attr1->type.len == oid->oid.len && PORT_Memcmp (attr1->type.data,
- oid->oid.data,
- oid->oid.len) == 0)
- break;
- }
-
- if (attr1 == NULL)
- return NULL;
-
- if (!only)
- return attr1;
-
- while ((attr2 = *attrs++) != NULL) {
- if (attr2->type.len == oid->oid.len && PORT_Memcmp (attr2->type.data,
- oid->oid.data,
- oid->oid.len) == 0)
- break;
- }
-
- if (attr2 != NULL)
- return NULL;
-
- return attr1;
-}
-
-/*
- * NSS_CMSAttributeArray_AddAttr - add an attribute to an
- * array of attributes.
- */
-SECStatus
-NSS_CMSAttributeArray_AddAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, NSSCMSAttribute *attr)
-{
- NSSCMSAttribute *oattr;
- void *mark;
- SECOidTag type;
-
- mark = PORT_ArenaMark(poolp);
-
- /* find oidtag of attr */
- type = NSS_CMSAttribute_GetType(attr);
-
- /* see if we have one already */
- oattr = NSS_CMSAttributeArray_FindAttrByOidTag(*attrs, type, PR_FALSE);
- PORT_Assert (oattr == NULL);
- if (oattr != NULL)
- goto loser; /* XXX or would it be better to replace it? */
-
- /* no, shove it in */
- if (NSS_CMSArray_Add(poolp, (void ***)attrs, (void *)attr) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSAttributeArray_SetAttr - set an attribute's value in a set of attributes
- */
-SECStatus
-NSS_CMSAttributeArray_SetAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, SECOidTag type, SECItem *value, PRBool encoded)
-{
- NSSCMSAttribute *attr;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
-
- /* see if we have one already */
- attr = NSS_CMSAttributeArray_FindAttrByOidTag(*attrs, type, PR_FALSE);
- if (attr == NULL) {
- /* not found? create one! */
- attr = NSS_CMSAttribute_Create(poolp, type, value, encoded);
- if (attr == NULL)
- goto loser;
- /* and add it to the list */
- if (NSS_CMSArray_Add(poolp, (void ***)attrs, (void *)attr) != SECSuccess)
- goto loser;
- } else {
- /* found, shove it in */
- /* XXX we need a decent memory model @#$#$!#!!! */
- attr->values[0] = value;
- attr->encoded = encoded;
- }
-
- PORT_ArenaUnmark (poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
diff --git a/security/nss/lib/smime/cmscinfo.c b/security/nss/lib/smime/cmscinfo.c
deleted file mode 100644
index 9e4a2dc5e..000000000
--- a/security/nss/lib/smime/cmscinfo.c
+++ /dev/null
@@ -1,327 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS contentInfo methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "pk11func.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSContentInfo_Create - create a content info
- *
- * version is set in the _Finalize procedures for each content type
- */
-
-/*
- * NSS_CMSContentInfo_Destroy - destroy a CMS contentInfo and all of its sub-pieces.
- */
-void
-NSS_CMSContentInfo_Destroy(NSSCMSContentInfo *cinfo)
-{
- SECOidTag kind;
-
- kind = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
- switch (kind) {
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- NSS_CMSEnvelopedData_Destroy(cinfo->content.envelopedData);
- break;
- case SEC_OID_PKCS7_SIGNED_DATA:
- NSS_CMSSignedData_Destroy(cinfo->content.signedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- NSS_CMSEncryptedData_Destroy(cinfo->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- NSS_CMSDigestedData_Destroy(cinfo->content.digestedData);
- break;
- default:
- /* XXX Anything else that needs to be "manually" freed/destroyed? */
- break;
- }
- if (cinfo->bulkkey)
- PK11_FreeSymKey(cinfo->bulkkey);
-
- /* we live in a pool, so no need to worry about storage */
-}
-
-/*
- * NSS_CMSContentInfo_GetChildContentInfo - get content's contentInfo (if it exists)
- */
-NSSCMSContentInfo *
-NSS_CMSContentInfo_GetChildContentInfo(NSSCMSContentInfo *cinfo)
-{
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_DATA:
- return NULL;
- case SEC_OID_PKCS7_SIGNED_DATA:
- return &(cinfo->content.signedData->contentInfo);
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- return &(cinfo->content.envelopedData->contentInfo);
- case SEC_OID_PKCS7_DIGESTED_DATA:
- return &(cinfo->content.digestedData->contentInfo);
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return &(cinfo->content.encryptedData->contentInfo);
- default:
- return NULL;
- }
-}
-
-/*
- * NSS_CMSContentInfo_SetContent - set content type & content
- */
-SECStatus
-NSS_CMSContentInfo_SetContent(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECOidTag type, void *ptr)
-{
- SECStatus rv;
-
- cinfo->contentTypeTag = SECOID_FindOIDByTag(type);
- if (cinfo->contentTypeTag == NULL)
- return SECFailure;
-
- /* do not copy the oid, just create a reference */
- rv = SECITEM_CopyItem (cmsg->poolp, &(cinfo->contentType), &(cinfo->contentTypeTag->oid));
- if (rv != SECSuccess)
- return SECFailure;
-
- cinfo->content.pointer = ptr;
-
- if (type != SEC_OID_PKCS7_DATA) {
- /* as we always have some inner data,
- * we need to set it to something, just to fool the encoder enough to work on it
- * and get us into nss_cms_encoder_notify at that point */
- cinfo->rawContent = SECITEM_AllocItem(cmsg->poolp, NULL, 1);
- if (cinfo->rawContent == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSContentInfo_SetContent_XXXX - typesafe wrappers for NSS_CMSContentInfo_SetContent
- */
-
-/*
- * data == NULL -> pass in data via NSS_CMSEncoder_Update
- * data != NULL -> take this data
- */
-SECStatus
-NSS_CMSContentInfo_SetContent_Data(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, SECItem *data, PRBool detached)
-{
- if (NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_DATA, (void *)data) != SECSuccess)
- return SECFailure;
- cinfo->rawContent = (detached) ?
- NULL : (data) ?
- data : SECITEM_AllocItem(cmsg->poolp, NULL, 1);
- return SECSuccess;
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_SignedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSSignedData *sigd)
-{
- return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_SIGNED_DATA, (void *)sigd);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_EnvelopedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEnvelopedData *envd)
-{
- return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_ENVELOPED_DATA, (void *)envd);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_DigestedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSDigestedData *digd)
-{
- return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_DIGESTED_DATA, (void *)digd);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContent_EncryptedData(NSSCMSMessage *cmsg, NSSCMSContentInfo *cinfo, NSSCMSEncryptedData *encd)
-{
- return NSS_CMSContentInfo_SetContent(cmsg, cinfo, SEC_OID_PKCS7_ENCRYPTED_DATA, (void *)encd);
-}
-
-/*
- * NSS_CMSContentInfo_GetContent - get pointer to inner content
- *
- * needs to be casted...
- */
-void *
-NSS_CMSContentInfo_GetContent(NSSCMSContentInfo *cinfo)
-{
- switch (cinfo->contentTypeTag->offset) {
- case SEC_OID_PKCS7_DATA:
- case SEC_OID_PKCS7_SIGNED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return cinfo->content.pointer;
- default:
- return NULL;
- }
-}
-
-/*
- * NSS_CMSContentInfo_GetInnerContent - get pointer to innermost content
- *
- * this is typically only called by NSS_CMSMessage_GetContent()
- */
-SECItem *
-NSS_CMSContentInfo_GetInnerContent(NSSCMSContentInfo *cinfo)
-{
- NSSCMSContentInfo *ccinfo;
-
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_DATA:
- return cinfo->content.data; /* end of recursion - every message has to have a data cinfo */
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_SIGNED_DATA:
- if ((ccinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) == NULL)
- break;
- return NSS_CMSContentInfo_GetContent(ccinfo);
- default:
- PORT_Assert(0);
- break;
- }
- return NULL;
-}
-
-/*
- * NSS_CMSContentInfo_GetContentType{Tag,OID} - find out (saving pointer to lookup result
- * for future reference) and return the inner content type.
- */
-SECOidTag
-NSS_CMSContentInfo_GetContentTypeTag(NSSCMSContentInfo *cinfo)
-{
- if (cinfo->contentTypeTag == NULL)
- cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-
- if (cinfo->contentTypeTag == NULL)
- return SEC_OID_UNKNOWN;
-
- return cinfo->contentTypeTag->offset;
-}
-
-SECItem *
-NSS_CMSContentInfo_GetContentTypeOID(NSSCMSContentInfo *cinfo)
-{
- if (cinfo->contentTypeTag == NULL)
- cinfo->contentTypeTag = SECOID_FindOID(&(cinfo->contentType));
-
- if (cinfo->contentTypeTag == NULL)
- return NULL;
-
- return &(cinfo->contentTypeTag->oid);
-}
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlgTag - find out (saving pointer to lookup result
- * for future reference) and return the content encryption algorithm tag.
- */
-SECOidTag
-NSS_CMSContentInfo_GetContentEncAlgTag(NSSCMSContentInfo *cinfo)
-{
- if (cinfo->contentEncAlgTag == SEC_OID_UNKNOWN)
- cinfo->contentEncAlgTag = SECOID_GetAlgorithmTag(&(cinfo->contentEncAlg));
-
- return cinfo->contentEncAlgTag;
-}
-
-/*
- * NSS_CMSContentInfo_GetContentEncAlg - find out and return the content encryption algorithm tag.
- */
-SECAlgorithmID *
-NSS_CMSContentInfo_GetContentEncAlg(NSSCMSContentInfo *cinfo)
-{
- return &(cinfo->contentEncAlg);
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContentEncAlg(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
- SECOidTag bulkalgtag, SECItem *parameters, int keysize)
-{
- SECStatus rv;
-
- rv = SECOID_SetAlgorithmID(poolp, &(cinfo->contentEncAlg), bulkalgtag, parameters);
- if (rv != SECSuccess)
- return SECFailure;
- cinfo->keysize = keysize;
- return SECSuccess;
-}
-
-SECStatus
-NSS_CMSContentInfo_SetContentEncAlgID(PLArenaPool *poolp, NSSCMSContentInfo *cinfo,
- SECAlgorithmID *algid, int keysize)
-{
- SECStatus rv;
-
- rv = SECOID_CopyAlgorithmID(poolp, &(cinfo->contentEncAlg), algid);
- if (rv != SECSuccess)
- return SECFailure;
- if (keysize >= 0)
- cinfo->keysize = keysize;
- return SECSuccess;
-}
-
-void
-NSS_CMSContentInfo_SetBulkKey(NSSCMSContentInfo *cinfo, PK11SymKey *bulkkey)
-{
- cinfo->bulkkey = PK11_ReferenceSymKey(bulkkey);
- cinfo->keysize = PK11_GetKeyStrength(cinfo->bulkkey, &(cinfo->contentEncAlg));
-}
-
-PK11SymKey *
-NSS_CMSContentInfo_GetBulkKey(NSSCMSContentInfo *cinfo)
-{
- if (cinfo->bulkkey == NULL)
- return NULL;
-
- return PK11_ReferenceSymKey(cinfo->bulkkey);
-}
-
-int
-NSS_CMSContentInfo_GetBulkKeySize(NSSCMSContentInfo *cinfo)
-{
- return cinfo->keysize;
-}
diff --git a/security/nss/lib/smime/cmscipher.c b/security/nss/lib/smime/cmscipher.c
deleted file mode 100644
index 8ad4efcc5..000000000
--- a/security/nss/lib/smime/cmscipher.c
+++ /dev/null
@@ -1,792 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Encryption/decryption routines for CMS implementation, none of which are exported.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secoid.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secerr.h"
-/*#include "secpkcs5.h" */
-
-/*
- * -------------------------------------------------------------------
- * Cipher stuff.
- */
-
-typedef SECStatus (*nss_cms_cipher_function) (void *, unsigned char *, unsigned int *,
- unsigned int, const unsigned char *, unsigned int);
-typedef SECStatus (*nss_cms_cipher_destroy) (void *, PRBool);
-
-#define BLOCK_SIZE 4096
-
-struct NSSCMSCipherContextStr {
- void * cx; /* PK11 cipher context */
- nss_cms_cipher_function doit;
- nss_cms_cipher_destroy destroy;
- PRBool encrypt; /* encrypt / decrypt switch */
- int block_size; /* block & pad sizes for cipher */
- int pad_size;
- int pending_count; /* pending data (not yet en/decrypted */
- unsigned char pending_buf[BLOCK_SIZE];/* because of blocking */
-};
-
-/*
- * NSS_CMSCipherContext_StartDecrypt - create a cipher context to do decryption
- * based on the given bulk * encryption key and algorithm identifier (which may include an iv).
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function below (for starting up encryption) into one routine, and just
- * have two simple cover functions which call it.
- */
-NSSCMSCipherContext *
-NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid)
-{
- NSSCMSCipherContext *cc;
- void *ciphercx;
- CK_MECHANISM_TYPE mechanism;
- SECItem *param;
- PK11SlotInfo *slot;
- SECOidTag algtag;
-
- algtag = SECOID_GetAlgorithmTag(algid);
-
- /* set param and mechanism */
- if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- CK_MECHANISM pbeMech, cryptoMech;
- SECItem *pbeParams;
- SEC_PKCS5KeyAndPassword *keyPwd;
-
- PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM));
- PORT_Memset(&cryptoMech, 0, sizeof(CK_MECHANISM));
-
- /* HACK ALERT!
- * in this case, key is not actually a PK11SymKey *, but a SEC_PKCS5KeyAndPassword *
- */
- keyPwd = (SEC_PKCS5KeyAndPassword *)key;
- key = keyPwd->key;
-
- /* find correct PK11 mechanism and parameters to initialize pbeMech */
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- pbeParams = PK11_ParamFromAlgid(algid);
- if (!pbeParams)
- return NULL;
- pbeMech.pParameter = pbeParams->data;
- pbeMech.ulParameterLen = pbeParams->len;
-
- /* now map pbeMech to cryptoMech */
- if (PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, keyPwd->pwitem,
- PR_FALSE) != CKR_OK) {
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
- return NULL;
- }
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
- /* and use it to initialize param & mechanism */
- if ((param = (SECItem *)PORT_ZAlloc(sizeof(SECItem))) == NULL)
- return NULL;
-
- param->data = (unsigned char *)cryptoMech.pParameter;
- param->len = cryptoMech.ulParameterLen;
- mechanism = cryptoMech.mechanism;
- } else {
- mechanism = PK11_AlgtagToMechanism(algtag);
- if ((param = PK11_ParamFromAlgid(algid)) == NULL)
- return NULL;
- }
-
- cc = (NSSCMSCipherContext *)PORT_ZAlloc(sizeof(NSSCMSCipherContext));
- if (cc == NULL) {
- SECITEM_FreeItem(param,PR_TRUE);
- return NULL;
- }
-
- /* figure out pad and block sizes */
- cc->pad_size = PK11_GetBlockSize(mechanism, param);
- slot = PK11_GetSlotFromKey(key);
- cc->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : cc->pad_size;
- PK11_FreeSlot(slot);
-
- /* create PK11 cipher context */
- ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_DECRYPT, key, param);
- SECITEM_FreeItem(param, PR_TRUE);
- if (ciphercx == NULL) {
- PORT_Free (cc);
- return NULL;
- }
-
- cc->cx = ciphercx;
- cc->doit = (nss_cms_cipher_function) PK11_CipherOp;
- cc->destroy = (nss_cms_cipher_destroy) PK11_DestroyContext;
- cc->encrypt = PR_FALSE;
- cc->pending_count = 0;
-
- return cc;
-}
-
-/*
- * NSS_CMSCipherContext_StartEncrypt - create a cipher object to do encryption,
- * based on the given bulk encryption key and algorithm tag. Fill in the algorithm
- * identifier (which may include an iv) appropriately.
- *
- * XXX Once both are working, it might be nice to combine this and the
- * function above (for starting up decryption) into one routine, and just
- * have two simple cover functions which call it.
- */
-NSSCMSCipherContext *
-NSS_CMSCipherContext_StartEncrypt(PRArenaPool *poolp, PK11SymKey *key, SECAlgorithmID *algid)
-{
- NSSCMSCipherContext *cc;
- void *ciphercx;
- SECItem *param;
- SECStatus rv;
- CK_MECHANISM_TYPE mechanism;
- PK11SlotInfo *slot;
- PRBool needToEncodeAlgid = PR_FALSE;
- SECOidTag algtag = SECOID_GetAlgorithmTag(algid);
-
- /* set param and mechanism */
- if (SEC_PKCS5IsAlgorithmPBEAlg(algid)) {
- CK_MECHANISM pbeMech, cryptoMech;
- SECItem *pbeParams;
- SEC_PKCS5KeyAndPassword *keyPwd;
-
- PORT_Memset(&pbeMech, 0, sizeof(CK_MECHANISM));
- PORT_Memset(&cryptoMech, 0, sizeof(CK_MECHANISM));
-
- /* HACK ALERT!
- * in this case, key is not actually a PK11SymKey *, but a SEC_PKCS5KeyAndPassword *
- */
- keyPwd = (SEC_PKCS5KeyAndPassword *)key;
- key = keyPwd->key;
-
- /* find correct PK11 mechanism and parameters to initialize pbeMech */
- pbeMech.mechanism = PK11_AlgtagToMechanism(algtag);
- pbeParams = PK11_ParamFromAlgid(algid);
- if (!pbeParams)
- return NULL;
- pbeMech.pParameter = pbeParams->data;
- pbeMech.ulParameterLen = pbeParams->len;
-
- /* now map pbeMech to cryptoMech */
- if (PK11_MapPBEMechanismToCryptoMechanism(&pbeMech, &cryptoMech, keyPwd->pwitem,
- PR_FALSE) != CKR_OK) {
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
- return NULL;
- }
- SECITEM_ZfreeItem(pbeParams, PR_TRUE);
-
- /* and use it to initialize param & mechanism */
- if ((param = (SECItem *)PORT_ZAlloc(sizeof(SECItem))) == NULL)
- return NULL;
-
- param->data = (unsigned char *)cryptoMech.pParameter;
- param->len = cryptoMech.ulParameterLen;
- mechanism = cryptoMech.mechanism;
- } else {
- mechanism = PK11_AlgtagToMechanism(algtag);
- if ((param = PK11_GenerateNewParam(mechanism, key)) == NULL)
- return NULL;
- needToEncodeAlgid = PR_TRUE;
- }
-
- cc = (NSSCMSCipherContext *)PORT_ZAlloc(sizeof(NSSCMSCipherContext));
- if (cc == NULL)
- return NULL;
-
- /* now find pad and block sizes for our mechanism */
- cc->pad_size = PK11_GetBlockSize(mechanism,param);
- slot = PK11_GetSlotFromKey(key);
- cc->block_size = PK11_IsHW(slot) ? BLOCK_SIZE : cc->pad_size;
- PK11_FreeSlot(slot);
-
- /* and here we go, creating a PK11 cipher context */
- ciphercx = PK11_CreateContextBySymKey(mechanism, CKA_ENCRYPT, key, param);
- if (ciphercx == NULL) {
- PORT_Free(cc);
- cc = NULL;
- goto loser;
- }
-
- /*
- * These are placed after the CreateContextBySymKey() because some
- * mechanisms have to generate their IVs from their card (i.e. FORTEZZA).
- * Don't move it from here.
- * XXX is that right? the purpose of this is to get the correct algid
- * containing the IVs etc. for encoding. this means we need to set this up
- * BEFORE encoding the algid in the contentInfo, right?
- */
- if (needToEncodeAlgid) {
- rv = PK11_ParamToAlgid(algtag, param, poolp, algid);
- if(rv != SECSuccess) {
- PORT_Free(cc);
- cc = NULL;
- goto loser;
- }
- }
-
- cc->cx = ciphercx;
- cc->doit = (nss_cms_cipher_function)PK11_CipherOp;
- cc->destroy = (nss_cms_cipher_destroy)PK11_DestroyContext;
- cc->encrypt = PR_TRUE;
- cc->pending_count = 0;
-
-loser:
- SECITEM_FreeItem(param, PR_TRUE);
-
- return cc;
-}
-
-void
-NSS_CMSCipherContext_Destroy(NSSCMSCipherContext *cc)
-{
- PORT_Assert(cc != NULL);
- if (cc == NULL)
- return;
- (*cc->destroy)(cc->cx, PR_TRUE);
- PORT_Free(cc);
-}
-
-/*
- * NSS_CMSCipherContext_DecryptLength - find the output length of the next call to decrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations. Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and bsize).
- *
- * Note that this can return zero, which does not mean that the decrypt
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent decrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-NSS_CMSCipherContext_DecryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final)
-{
- int blocks, block_size;
-
- PORT_Assert (! cc->encrypt);
-
- block_size = cc->block_size;
-
- /*
- * If this is not a block cipher, then we always have the same
- * number of output bytes as we had input bytes.
- */
- if (block_size == 0)
- return input_len;
-
- /*
- * On the final call, we will always use up all of the pending
- * bytes plus all of the input bytes, *but*, there will be padding
- * at the end and we cannot predict how many bytes of padding we
- * will end up removing. The amount given here is actually known
- * to be at least 1 byte too long (because we know we will have
- * at least 1 byte of padding), but seemed clearer/better to me.
- */
- if (final)
- return cc->pending_count + input_len;
-
- /*
- * Okay, this amount is exactly what we will output on the
- * next cipher operation. We will always hang onto the last
- * 1 - block_size bytes for non-final operations. That is,
- * we will do as many complete blocks as we can *except* the
- * last block (complete or partial). (This is because until
- * we know we are at the end, we cannot know when to interpret
- * and removing the padding byte(s), which are guaranteed to
- * be there.)
- */
- blocks = (cc->pending_count + input_len - 1) / block_size;
- return blocks * block_size;
-}
-
-/*
- * NSS_CMSCipherContext_EncryptLength - find the output length of the next call to encrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations.
- *
- * Note that this can return zero, which does not mean that the encrypt
- * operation can be skipped! (It simply means that there are not enough
- * bytes to make up an entire block; the bytes will be reserved until
- * there are enough to encrypt/decrypt at least one block.) However,
- * if zero is returned it *does* mean that no output buffer need be
- * passed in to the subsequent encrypt operation, as no output bytes
- * will be stored.
- */
-unsigned int
-NSS_CMSCipherContext_EncryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final)
-{
- int blocks, block_size;
- int pad_size;
-
- PORT_Assert (cc->encrypt);
-
- block_size = cc->block_size;
- pad_size = cc->pad_size;
-
- /*
- * If this is not a block cipher, then we always have the same
- * number of output bytes as we had input bytes.
- */
- if (block_size == 0)
- return input_len;
-
- /*
- * On the final call, we only send out what we need for
- * remaining bytes plus the padding. (There is always padding,
- * so even if we have an exact number of blocks as input, we
- * will add another full block that is just padding.)
- */
- if (final) {
- if (pad_size == 0) {
- return cc->pending_count + input_len;
- } else {
- blocks = (cc->pending_count + input_len) / pad_size;
- blocks++;
- return blocks*pad_size;
- }
- }
-
- /*
- * Now, count the number of complete blocks of data we have.
- */
- blocks = (cc->pending_count + input_len) / block_size;
-
-
- return blocks * block_size;
-}
-
-
-/*
- * NSS_CMSCipherContext_Decrypt - do the decryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Decrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartDecrypt.
- * When "final" is true, this is the last of the data to be decrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the decryption function will only
- * operate on whole blocks. But our caller is operating stream-wise,
- * and can pass in any number of bytes. So we need to keep track
- * of block boundaries. We save excess bytes between calls in "cc".
- * We also need to determine which bytes are padding, and remove
- * them from the output. We can only do this step when we know we
- * have the final block of data. PKCS #7 specifies that the padding
- * used for a block cipher is a string of bytes, each of whose value is
- * the same as the length of the padding, and that all data is padded.
- * (Even data that starts out with an exact multiple of blocks gets
- * added to it another block, all of which is padding.)
- */
-SECStatus
-NSS_CMSCipherContext_Decrypt(NSSCMSCipherContext *cc, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final)
-{
- int blocks, bsize, pcount, padsize;
- unsigned int max_needed, ifraglen, ofraglen, output_len;
- unsigned char *pbuf;
- SECStatus rv;
-
- PORT_Assert (! cc->encrypt);
-
- /*
- * Check that we have enough room for the output. Our caller should
- * already handle this; failure is really an internal error (i.e. bug).
- */
- max_needed = NSS_CMSCipherContext_DecryptLength(cc, input_len, final);
- PORT_Assert (max_output_len >= max_needed);
- if (max_output_len < max_needed) {
- /* PORT_SetError (XXX); */
- return SECFailure;
- }
-
- /*
- * hardware encryption does not like small decryption sizes here, so we
- * allow both blocking and padding.
- */
- bsize = cc->block_size;
- padsize = cc->pad_size;
-
- /*
- * When no blocking or padding work to do, we can simply call the
- * cipher function and we are done.
- */
- if (bsize == 0) {
- return (* cc->doit) (cc->cx, output, output_len_p, max_output_len,
- input, input_len);
- }
-
- pcount = cc->pending_count;
- pbuf = cc->pending_buf;
-
- output_len = 0;
-
- if (pcount) {
- /*
- * Try to fill in an entire block, starting with the bytes
- * we already have saved away.
- */
- while (input_len && pcount < bsize) {
- pbuf[pcount++] = *input++;
- input_len--;
- }
- /*
- * If we have at most a whole block and this is not our last call,
- * then we are done for now. (We do not try to decrypt a lone
- * single block because we cannot interpret the padding bytes
- * until we know we are handling the very last block of all input.)
- */
- if (input_len == 0 && !final) {
- cc->pending_count = pcount;
- if (output_len_p)
- *output_len_p = 0;
- return SECSuccess;
- }
- /*
- * Given the logic above, we expect to have a full block by now.
- * If we do not, there is something wrong, either with our own
- * logic or with (length of) the data given to us.
- */
- PORT_Assert ((padsize == 0) || (pcount % padsize) == 0);
- if ((padsize != 0) && (pcount % padsize) != 0) {
- PORT_Assert (final);
- PORT_SetError (SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- /*
- * Decrypt the block.
- */
- rv = (*cc->doit)(cc->cx, output, &ofraglen, max_output_len,
- pbuf, pcount);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then NSS_CMSCipherContext_DecryptLength needs to be made smarter!
- */
- PORT_Assert(ofraglen == pcount);
-
- /*
- * Account for the bytes now in output.
- */
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
- }
-
- /*
- * If this is our last call, we expect to have an exact number of
- * blocks left to be decrypted; we will decrypt them all.
- *
- * If not our last call, we always save between 1 and bsize bytes
- * until next time. (We must do this because we cannot be sure
- * that none of the decrypted bytes are padding bytes until we
- * have at least another whole block of data. You cannot tell by
- * looking -- the data could be anything -- you can only tell by
- * context, knowing you are looking at the last block.) We could
- * decrypt a whole block now but it is easier if we just treat it
- * the same way we treat partial block bytes.
- */
- if (final) {
- if (padsize) {
- blocks = input_len / padsize;
- ifraglen = blocks * padsize;
- } else ifraglen = input_len;
- PORT_Assert (ifraglen == input_len);
-
- if (ifraglen != input_len) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- } else {
- blocks = (input_len - 1) / bsize;
- ifraglen = blocks * bsize;
- PORT_Assert (ifraglen < input_len);
-
- pcount = input_len - ifraglen;
- PORT_Memcpy (pbuf, input + ifraglen, pcount);
- cc->pending_count = pcount;
- }
-
- if (ifraglen) {
- rv = (* cc->doit)(cc->cx, output, &ofraglen, max_output_len,
- input, ifraglen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7DecryptLength needs to be made smarter!
- */
- PORT_Assert (ifraglen == ofraglen);
- if (ifraglen != ofraglen) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
-
- output_len += ofraglen;
- } else {
- ofraglen = 0;
- }
-
- /*
- * If we just did our very last block, "remove" the padding by
- * adjusting the output length.
- */
- if (final && (padsize != 0)) {
- unsigned int padlen = *(output + ofraglen - 1);
- PORT_Assert (padlen > 0 && padlen <= padsize);
- if (padlen == 0 || padlen > padsize) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- return SECFailure;
- }
- output_len -= padlen;
- }
-
- PORT_Assert (output_len_p != NULL || output_len == 0);
- if (output_len_p != NULL)
- *output_len_p = output_len;
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSCipherContext_Encrypt - do the encryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Encrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartEncrypt.
- * When "final" is true, this is the last of the data to be encrypted.
- *
- * This is much more complicated than it sounds when the cipher is
- * a block-type, meaning that the encryption function will only
- * operate on whole blocks. But our caller is operating stream-wise,
- * and can pass in any number of bytes. So we need to keep track
- * of block boundaries. We save excess bytes between calls in "cc".
- * We also need to add padding bytes at the end. PKCS #7 specifies
- * that the padding used for a block cipher is a string of bytes,
- * each of whose value is the same as the length of the padding,
- * and that all data is padded. (Even data that starts out with
- * an exact multiple of blocks gets added to it another block,
- * all of which is padding.)
- *
- * XXX I would kind of like to combine this with the function above
- * which does decryption, since they have a lot in common. But the
- * tricky parts about padding and filling blocks would be much
- * harder to read that way, so I left them separate. At least for
- * now until it is clear that they are right.
- */
-SECStatus
-NSS_CMSCipherContext_Encrypt(NSSCMSCipherContext *cc, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final)
-{
- int blocks, bsize, padlen, pcount, padsize;
- unsigned int max_needed, ifraglen, ofraglen, output_len;
- unsigned char *pbuf;
- SECStatus rv;
-
- PORT_Assert (cc->encrypt);
-
- /*
- * Check that we have enough room for the output. Our caller should
- * already handle this; failure is really an internal error (i.e. bug).
- */
- max_needed = NSS_CMSCipherContext_EncryptLength (cc, input_len, final);
- PORT_Assert (max_output_len >= max_needed);
- if (max_output_len < max_needed) {
- /* PORT_SetError (XXX); */
- return SECFailure;
- }
-
- bsize = cc->block_size;
- padsize = cc->pad_size;
-
- /*
- * When no blocking and padding work to do, we can simply call the
- * cipher function and we are done.
- */
- if (bsize == 0) {
- return (*cc->doit)(cc->cx, output, output_len_p, max_output_len,
- input, input_len);
- }
-
- pcount = cc->pending_count;
- pbuf = cc->pending_buf;
-
- output_len = 0;
-
- if (pcount) {
- /*
- * Try to fill in an entire block, starting with the bytes
- * we already have saved away.
- */
- while (input_len && pcount < bsize) {
- pbuf[pcount++] = *input++;
- input_len--;
- }
- /*
- * If we do not have a full block and we know we will be
- * called again, then we are done for now.
- */
- if (pcount < bsize && !final) {
- cc->pending_count = pcount;
- if (output_len_p != NULL)
- *output_len_p = 0;
- return SECSuccess;
- }
- /*
- * If we have a whole block available, encrypt it.
- */
- if ((padsize == 0) || (pcount % padsize) == 0) {
- rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
- pbuf, pcount);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == pcount);
-
- /*
- * Account for the bytes now in output.
- */
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
-
- pcount = 0;
- }
- }
-
- if (input_len) {
- PORT_Assert (pcount == 0);
-
- blocks = input_len / bsize;
- ifraglen = blocks * bsize;
-
- if (ifraglen) {
- rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
- input, ifraglen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ifraglen == ofraglen);
-
- max_output_len -= ofraglen;
- output_len += ofraglen;
- output += ofraglen;
- }
-
- pcount = input_len - ifraglen;
- PORT_Assert (pcount < bsize);
- if (pcount)
- PORT_Memcpy (pbuf, input + ifraglen, pcount);
- }
-
- if (final) {
- padlen = padsize - (pcount % padsize);
- PORT_Memset (pbuf + pcount, padlen, padlen);
- rv = (* cc->doit) (cc->cx, output, &ofraglen, max_output_len,
- pbuf, pcount+padlen);
- if (rv != SECSuccess)
- return rv;
-
- /*
- * For now anyway, all of our ciphers have the same number of
- * bytes of output as they do input. If this ever becomes untrue,
- * then sec_PKCS7EncryptLength needs to be made smarter!
- */
- PORT_Assert (ofraglen == (pcount+padlen));
- output_len += ofraglen;
- } else {
- cc->pending_count = pcount;
- }
-
- PORT_Assert (output_len_p != NULL || output_len == 0);
- if (output_len_p != NULL)
- *output_len_p = output_len;
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmsdecode.c b/security/nss/lib/smime/cmsdecode.c
deleted file mode 100644
index 3c95656eb..000000000
--- a/security/nss/lib/smime/cmsdecode.c
+++ /dev/null
@@ -1,691 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS decoding.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "prtime.h"
-#include "secerr.h"
-
-struct NSSCMSDecoderContextStr {
- SEC_ASN1DecoderContext * dcx; /* ASN.1 decoder context */
- NSSCMSMessage * cmsg; /* backpointer to the root message */
- SECOidTag type; /* type of message */
- NSSCMSContent content; /* pointer to message */
- NSSCMSDecoderContext * childp7dcx; /* inner CMS decoder context */
- PRBool saw_contents;
- int error;
- NSSCMSContentCallback cb;
- void * cb_arg;
-};
-
-static void nss_cms_decoder_update_filter (void *arg, const char *data, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind);
-static SECStatus nss_cms_before_data(NSSCMSDecoderContext *p7dcx);
-static SECStatus nss_cms_after_data(NSSCMSDecoderContext *p7dcx);
-static SECStatus nss_cms_after_end(NSSCMSDecoderContext *p7dcx);
-static void nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx,
- const unsigned char *data, unsigned long len, PRBool final);
-
-extern const SEC_ASN1Template NSSCMSMessageTemplate[];
-
-/*
- * nss_cms_decoder_notify -
- * this is the driver of the decoding process. It gets called by the ASN.1
- * decoder before and after an object is decoded.
- * at various points in the decoding process, we intercept to set up and do
- * further processing.
- */
-static void
-nss_cms_decoder_notify(void *arg, PRBool before, void *dest, int depth)
-{
- NSSCMSDecoderContext *p7dcx;
- NSSCMSContentInfo *rootcinfo, *cinfo;
- PRBool after = !before;
-
- p7dcx = (NSSCMSDecoderContext *)arg;
- rootcinfo = &(p7dcx->cmsg->contentInfo);
-
- /* XXX error handling: need to set p7dcx->error */
-
-#ifdef CMSDEBUG
- fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before" : "after", dest, depth);
-#endif
-
- /* so what are we working on right now? */
- switch (p7dcx->type) {
- case SEC_OID_UNKNOWN:
- /*
- * right now, we are still decoding the OUTER (root) cinfo
- * As soon as we know the inner content type, set up the info,
- * but NO inner decoder or filter. The root decoder handles the first
- * level children by itself - only for encapsulated contents (which
- * are encoded as DER inside of an OCTET STRING) we need to set up a
- * child decoder...
- */
- if (after && dest == &(rootcinfo->contentType)) {
- p7dcx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo);
- p7dcx->content = rootcinfo->content; /* is this ready already ? need to alloc? */
- /* XXX yes we need to alloc -- continue here */
- }
- break;
- case SEC_OID_PKCS7_DATA:
- /* this can only happen if the outermost cinfo has DATA in it */
- /* otherwise, we handle this type implicitely in the inner decoders */
-
- if (before && dest == &(rootcinfo->content)) {
- /* fake it to cause the filter to put the data in the right place... */
- /* we want the ASN.1 decoder to deliver the decoded bytes to us from now on */
- SEC_ASN1DecoderSetFilterProc(p7dcx->dcx,
- nss_cms_decoder_update_filter,
- p7dcx,
- (PRBool)(p7dcx->cb != NULL));
- break;
- }
-
- if (after && dest == &(rootcinfo->content.data)) {
- /* remove the filter */
- SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
-
- if (before && dest == &(rootcinfo->content))
- break; /* we're not there yet */
-
- if (p7dcx->content.pointer == NULL)
- p7dcx->content = rootcinfo->content;
-
- /* get this data type's inner contentInfo */
- cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
-
- if (before && dest == &(cinfo->contentType)) {
- /* at this point, set up the &%$&$ back pointer */
- /* we cannot do it later, because the content itself is optional! */
- /* please give me C++ */
- switch (p7dcx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- p7dcx->content.signedData->cmsg = p7dcx->cmsg;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- p7dcx->content.digestedData->cmsg = p7dcx->cmsg;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- p7dcx->content.envelopedData->cmsg = p7dcx->cmsg;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- p7dcx->content.encryptedData->cmsg = p7dcx->cmsg;
- break;
- default:
- PORT_Assert(0);
- break;
- }
- }
-
- if (before && dest == &(cinfo->rawContent)) {
- /* we want the ASN.1 decoder to deliver the decoded bytes to us from now on */
- SEC_ASN1DecoderSetFilterProc(p7dcx->dcx, nss_cms_decoder_update_filter,
- p7dcx, (PRBool)(p7dcx->cb != NULL));
-
-
- /* we're right in front of the data */
- if (nss_cms_before_data(p7dcx) != SECSuccess) {
- SEC_ASN1DecoderClearFilterProc(p7dcx->dcx); /* stop all processing */
- p7dcx->error = PORT_GetError();
- }
- }
- if (after && dest == &(cinfo->rawContent)) {
- /* we're right after of the data */
- if (nss_cms_after_data(p7dcx) != SECSuccess)
- p7dcx->error = PORT_GetError();
-
- /* we don't need to see the contents anymore */
- SEC_ASN1DecoderClearFilterProc(p7dcx->dcx);
- }
- break;
-
-#if 0 /* NIH */
- case SEC_OID_PKCS7_AUTHENTICATED_DATA:
-#endif
- default:
- /* unsupported or unknown message type - fail (more or less) gracefully */
- p7dcx->error = SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE;
- break;
- }
-}
-
-/*
- * nss_cms_before_data - set up the current encoder to receive data
- */
-static SECStatus
-nss_cms_before_data(NSSCMSDecoderContext *p7dcx)
-{
- SECStatus rv;
- SECOidTag childtype;
- PLArenaPool *poolp;
- NSSCMSDecoderContext *childp7dcx;
- NSSCMSContentInfo *cinfo;
- const SEC_ASN1Template *template;
- void *mark = NULL;
- size_t size;
-
- poolp = p7dcx->cmsg->poolp;
-
- /* call _Decode_BeforeData handlers */
- switch (p7dcx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- /* we're decoding a signedData, so set up the digests */
- rv = NSS_CMSSignedData_Decode_BeforeData(p7dcx->content.signedData);
- if (rv != SECSuccess)
- return SECFailure;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- /* we're encoding a digestedData, so set up the digest */
- rv = NSS_CMSDigestedData_Decode_BeforeData(p7dcx->content.digestedData);
- if (rv != SECSuccess)
- return SECFailure;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Decode_BeforeData(p7dcx->content.envelopedData);
- if (rv != SECSuccess)
- return SECFailure;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Decode_BeforeData(p7dcx->content.encryptedData);
- if (rv != SECSuccess)
- return SECFailure;
- break;
- default:
- return SECFailure;
- }
-
- /* ok, now we have a pointer to cinfo */
- /* find out what kind of data is encapsulated */
-
- cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
- if (childtype == SEC_OID_PKCS7_DATA) {
- cinfo->content.data = SECITEM_AllocItem(poolp, NULL, 0);
- if (cinfo->content.data == NULL)
- /* set memory error */
- return SECFailure;
-
- p7dcx->childp7dcx = NULL;
- return SECSuccess;
- }
-
- /* set up inner decoder */
-
- if ((template = NSS_CMSUtil_GetTemplateByTypeTag(childtype)) == NULL)
- return SECFailure;
-
- childp7dcx = (NSSCMSDecoderContext *)PORT_ZAlloc(sizeof(NSSCMSDecoderContext));
- if (childp7dcx == NULL)
- return SECFailure;
-
- mark = PORT_ArenaMark(poolp);
-
- /* allocate space for the stuff we're creating */
- size = NSS_CMSUtil_GetSizeByTypeTag(childtype);
- childp7dcx->content.pointer = (void *)PORT_ArenaZAlloc(poolp, size);
- if (childp7dcx->content.pointer == NULL)
- goto loser;
-
- /* start the child decoder */
- childp7dcx->dcx = SEC_ASN1DecoderStart(poolp, childp7dcx->content.pointer, template);
- if (childp7dcx->dcx == NULL)
- goto loser;
-
- /* the new decoder needs to notify, too */
- SEC_ASN1DecoderSetNotifyProc(childp7dcx->dcx, nss_cms_decoder_notify, childp7dcx);
-
- /* tell the parent decoder that it needs to feed us the content data */
- p7dcx->childp7dcx = childp7dcx;
-
- childp7dcx->type = childtype; /* our type */
-
- childp7dcx->cmsg = p7dcx->cmsg; /* backpointer to root message */
-
- /* should the child decoder encounter real data, it needs to give it to the caller */
- childp7dcx->cb = p7dcx->cb;
- childp7dcx->cb_arg = p7dcx->cb_arg;
-
- /* now set up the parent to hand decoded data to the next level decoder */
- p7dcx->cb = (NSSCMSContentCallback)NSS_CMSDecoder_Update;
- p7dcx->cb_arg = childp7dcx;
-
- PORT_ArenaUnmark(poolp, mark);
-
- return SECSuccess;
-
-loser:
- if (mark)
- PORT_ArenaRelease(poolp, mark);
- if (childp7dcx)
- PORT_Free(childp7dcx);
- p7dcx->childp7dcx = NULL;
- return SECFailure;
-}
-
-static SECStatus
-nss_cms_after_data(NSSCMSDecoderContext *p7dcx)
-{
- PLArenaPool *poolp;
- NSSCMSDecoderContext *childp7dcx;
- SECStatus rv = SECFailure;
-
- poolp = p7dcx->cmsg->poolp;
-
- /* Handle last block. This is necessary to flush out the last bytes
- * of a possibly incomplete block */
- nss_cms_decoder_work_data(p7dcx, NULL, 0, PR_TRUE);
-
- /* finish any "inner" decoders - there's no more data coming... */
- if (p7dcx->childp7dcx != NULL) {
- childp7dcx = p7dcx->childp7dcx;
- if (childp7dcx->dcx != NULL) {
- if (SEC_ASN1DecoderFinish(childp7dcx->dcx) != SECSuccess) {
- /* do what? free content? */
- rv = SECFailure;
- } else {
- rv = nss_cms_after_end(childp7dcx);
- }
- if (rv != SECSuccess)
- goto done;
- }
- PORT_Free(p7dcx->childp7dcx);
- p7dcx->childp7dcx = NULL;
- }
-
- switch (p7dcx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- /* this will finish the digests and verify */
- rv = NSS_CMSSignedData_Decode_AfterData(p7dcx->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Decode_AfterData(p7dcx->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Decode_AfterData(p7dcx->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Decode_AfterData(p7dcx->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DATA:
- /* do nothing */
- break;
- default:
- rv = SECFailure;
- break;
- }
-done:
- return rv;
-}
-
-static SECStatus
-nss_cms_after_end(NSSCMSDecoderContext *p7dcx)
-{
- SECStatus rv;
- PLArenaPool *poolp;
-
- poolp = p7dcx->cmsg->poolp;
-
- switch (p7dcx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- rv = NSS_CMSSignedData_Decode_AfterEnd(p7dcx->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Decode_AfterEnd(p7dcx->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Decode_AfterEnd(p7dcx->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Decode_AfterEnd(p7dcx->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DATA:
- rv = SECSuccess;
- break;
- default:
- rv = SECFailure; /* we should not have got that far... */
- break;
- }
- return rv;
-}
-
-/*
- * nss_cms_decoder_work_data - handle decoded data bytes.
- *
- * This function either decrypts the data if needed, and/or calculates digests
- * on it, then either stores it or passes it on to the next level decoder.
- */
-static void
-nss_cms_decoder_work_data(NSSCMSDecoderContext *p7dcx,
- const unsigned char *data, unsigned long len,
- PRBool final)
-{
- NSSCMSContentInfo *cinfo;
- unsigned char *buf = NULL;
- unsigned char *dest;
- unsigned int offset;
- SECStatus rv;
- SECItem *storage;
-
- /*
- * We should really have data to process, or we should be trying
- * to finish/flush the last block. (This is an overly paranoid
- * check since all callers are in this file and simple inspection
- * proves they do it right. But it could find a bug in future
- * modifications/development, that is why it is here.)
- */
- PORT_Assert ((data != NULL && len) || final);
-
- cinfo = NSS_CMSContent_GetContentInfo(p7dcx->content.pointer, p7dcx->type);
-
- if (cinfo->ciphcx != NULL) {
- /*
- * we are decrypting.
- *
- * XXX If we get an error, we do not want to do the digest or callback,
- * but we want to keep decoding. Or maybe we want to stop decoding
- * altogether if there is a callback, because obviously we are not
- * sending the data back and they want to know that.
- */
-
- unsigned int outlen = 0; /* length of decrypted data */
- unsigned int buflen; /* length available for decrypted data */
-
- /* find out about the length of decrypted data */
- buflen = NSS_CMSCipherContext_DecryptLength(cinfo->ciphcx, len, final);
-
- /*
- * it might happen that we did not provide enough data for a full
- * block (decryption unit), and that there is no output available
- */
-
- /* no output available, AND no input? */
- if (buflen == 0 && len == 0)
- goto loser; /* bail out */
-
- /*
- * have inner decoder: pass the data on (means inner content type is NOT data)
- * no inner decoder: we have DATA in here: either call callback or store
- */
- if (buflen != 0) {
- /* there will be some output - need to make room for it */
- /* allocate buffer from the heap */
- buf = (unsigned char *)PORT_Alloc(buflen);
- if (buf == NULL) {
- p7dcx->error = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
- }
-
- /*
- * decrypt incoming data
- * buf can still be NULL here (and buflen == 0) here if we don't expect
- * any output (see above), but we still need to call NSS_CMSCipherContext_Decrypt to
- * keep track of incoming data
- */
- rv = NSS_CMSCipherContext_Decrypt(cinfo->ciphcx, buf, &outlen, buflen,
- data, len, final);
- if (rv != SECSuccess) {
- p7dcx->error = PORT_GetError();
- goto loser;
- }
-
- PORT_Assert (final || outlen == buflen);
-
- /* swap decrypted data in */
- data = buf;
- len = outlen;
- }
-
- if (len == 0)
- return; /* nothing more to do */
-
- /*
- * Update the running digests with plaintext bytes (if we need to).
- */
- if (cinfo->digcx)
- NSS_CMSDigestContext_Update(cinfo->digcx, data, len);
-
- /* at this point, we have the plain decoded & decrypted data */
- /* which is either more encoded DER which we need to hand to the child decoder */
- /* or data we need to hand back to our caller */
-
- /* pass the content back to our caller or */
- /* feed our freshly decrypted and decoded data into child decoder */
- if (p7dcx->cb != NULL) {
- (*p7dcx->cb)(p7dcx->cb_arg, (const char *)data, len);
- }
-#if 1
- else
-#endif
- if (NSS_CMSContentInfo_GetContentTypeTag(cinfo) == SEC_OID_PKCS7_DATA) {
- /* store it in "inner" data item as well */
- /* find the DATA item in the encapsulated cinfo and store it there */
- storage = cinfo->content.data;
-
- offset = storage->len;
- if (storage->len == 0) {
- dest = (unsigned char *)PORT_ArenaAlloc(p7dcx->cmsg->poolp, len);
- } else {
- dest = (unsigned char *)PORT_ArenaGrow(p7dcx->cmsg->poolp,
- storage->data,
- storage->len,
- storage->len + len);
- }
- if (dest == NULL) {
- p7dcx->error = SEC_ERROR_NO_MEMORY;
- goto loser;
- }
-
- storage->data = dest;
- storage->len += len;
-
- /* copy it in */
- PORT_Memcpy(storage->data + offset, data, len);
- }
-
-loser:
- if (buf)
- PORT_Free (buf);
-}
-
-/*
- * nss_cms_decoder_update_filter - process ASN.1 data
- *
- * once we have set up a filter in nss_cms_decoder_notify(),
- * all data processed by the ASN.1 decoder is also passed through here.
- * we pass the content bytes (as opposed to length and tag bytes) on to
- * nss_cms_decoder_work_data().
- */
-static void
-nss_cms_decoder_update_filter (void *arg, const char *data, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- NSSCMSDecoderContext *p7dcx;
-
- PORT_Assert (len); /* paranoia */
- if (len == 0)
- return;
-
- p7dcx = (NSSCMSDecoderContext*)arg;
-
- p7dcx->saw_contents = PR_TRUE;
-
- /* pass on the content bytes only */
- if (data_kind == SEC_ASN1_Contents)
- nss_cms_decoder_work_data(p7dcx, (const unsigned char *) data, len, PR_FALSE);
-}
-
-/*
- * NSS_CMSDecoder_Start - set up decoding of a DER-encoded CMS message
- *
- * "poolp" - pointer to arena for message, or NULL if new pool should be created
- * "cb", "cb_arg" - callback function and argument for delivery of inner content
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- */
-NSSCMSDecoderContext *
-NSS_CMSDecoder_Start(PRArenaPool *poolp,
- NSSCMSContentCallback cb, void *cb_arg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg)
-{
- NSSCMSDecoderContext *p7dcx;
- NSSCMSMessage *cmsg;
-
- cmsg = NSS_CMSMessage_Create(poolp);
- if (cmsg == NULL)
- return NULL;
-
- NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg,
- NULL, NULL);
-
- p7dcx = (NSSCMSDecoderContext*)PORT_ZAlloc(sizeof(NSSCMSDecoderContext));
- if (p7dcx == NULL) {
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
- }
-
- p7dcx->dcx = SEC_ASN1DecoderStart(cmsg->poolp, cmsg, NSSCMSMessageTemplate);
- if (p7dcx->dcx == NULL) {
- PORT_Free (p7dcx);
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
- }
-
- SEC_ASN1DecoderSetNotifyProc (p7dcx->dcx, nss_cms_decoder_notify, p7dcx);
-
- p7dcx->cmsg = cmsg;
- p7dcx->type = SEC_OID_UNKNOWN;
-
- p7dcx->cb = cb;
- p7dcx->cb_arg = cb_arg;
-
- return p7dcx;
-}
-
-/*
- * NSS_CMSDecoder_Update - feed DER-encoded data to decoder
- */
-SECStatus
-NSS_CMSDecoder_Update(NSSCMSDecoderContext *p7dcx, const char *buf, unsigned long len)
-{
- if (p7dcx->dcx != NULL && p7dcx->error == 0) { /* if error is set already, don't bother */
- if (SEC_ASN1DecoderUpdate (p7dcx->dcx, buf, len) != SECSuccess) {
- p7dcx->error = PORT_GetError();
- PORT_Assert (p7dcx->error);
- if (p7dcx->error == 0)
- p7dcx->error = -1;
- }
- }
-
- if (p7dcx->error == 0)
- return SECSuccess;
-
- /* there has been a problem, let's finish the decoder */
- if (p7dcx->dcx != NULL) {
- (void) SEC_ASN1DecoderFinish (p7dcx->dcx);
- p7dcx->dcx = NULL;
- }
- PORT_SetError (p7dcx->error);
-
- return SECFailure;
-}
-
-/*
- * NSS_CMSDecoder_Cancel - stop decoding in case of error
- */
-void
-NSS_CMSDecoder_Cancel(NSSCMSDecoderContext *p7dcx)
-{
- /* XXXX what about inner decoders? running digests? decryption? */
- /* XXXX there's a leak here! */
- NSS_CMSMessage_Destroy(p7dcx->cmsg);
- (void)SEC_ASN1DecoderFinish(p7dcx->dcx);
- PORT_Free(p7dcx);
-}
-
-/*
- * NSS_CMSDecoder_Finish - mark the end of inner content and finish decoding
- */
-NSSCMSMessage *
-NSS_CMSDecoder_Finish(NSSCMSDecoderContext *p7dcx)
-{
- NSSCMSMessage *cmsg;
-
- cmsg = p7dcx->cmsg;
-
- if (p7dcx->dcx == NULL || SEC_ASN1DecoderFinish(p7dcx->dcx) != SECSuccess ||
- nss_cms_after_end(p7dcx) != SECSuccess)
- {
- NSS_CMSMessage_Destroy(cmsg); /* needs to get rid of pool if it's ours */
- cmsg = NULL;
- }
-
- PORT_Free(p7dcx);
- return cmsg;
-}
-
-NSSCMSMessage *
-NSS_CMSMessage_CreateFromDER(SECItem *DERmessage,
- NSSCMSContentCallback cb, void *cb_arg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg)
-{
- NSSCMSDecoderContext *p7dcx;
-
- /* first arg(poolp) == NULL => create our own pool */
- p7dcx = NSS_CMSDecoder_Start(NULL, cb, cb_arg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg);
- (void) NSS_CMSDecoder_Update(p7dcx, (char *)DERmessage->data, DERmessage->len);
- return NSS_CMSDecoder_Finish(p7dcx);
-}
-
diff --git a/security/nss/lib/smime/cmsdigdata.c b/security/nss/lib/smime/cmsdigdata.c
deleted file mode 100644
index 04a670b68..000000000
--- a/security/nss/lib/smime/cmsdigdata.c
+++ /dev/null
@@ -1,223 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS digestedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "secitem.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSDigestedData_Create - create a digestedData object (presumably for encoding)
- *
- * version will be set by NSS_CMSDigestedData_Encode_BeforeStart
- * digestAlg is passed as parameter
- * contentInfo must be filled by the user
- * digest will be calculated while encoding
- */
-NSSCMSDigestedData *
-NSS_CMSDigestedData_Create(NSSCMSMessage *cmsg, SECAlgorithmID *digestalg)
-{
- void *mark;
- NSSCMSDigestedData *digd;
- PLArenaPool *poolp;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- digd = (NSSCMSDigestedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSDigestedData));
- if (digd == NULL)
- goto loser;
-
- digd->cmsg = cmsg;
-
- if (SECOID_CopyAlgorithmID (poolp, &(digd->digestAlg), digestalg) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return digd;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSDigestedData_Destroy - destroy a digestedData object
- */
-void
-NSS_CMSDigestedData_Destroy(NSSCMSDigestedData *digd)
-{
- /* everything's in a pool, so don't worry about the storage */
- return;
-}
-
-/*
- * NSS_CMSDigestedData_GetContentInfo - return pointer to digestedData object's contentInfo
- */
-NSSCMSContentInfo *
-NSS_CMSDigestedData_GetContentInfo(NSSCMSDigestedData *digd)
-{
- return &(digd->contentInfo);
-}
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeStart - do all the necessary things to a DigestedData
- * before encoding begins.
- *
- * In particular:
- * - set the right version number. The contentInfo's content type must be set up already.
- */
-SECStatus
-NSS_CMSDigestedData_Encode_BeforeStart(NSSCMSDigestedData *digd)
-{
- unsigned long version;
- SECItem *dummy;
-
- version = NSS_CMS_DIGESTED_DATA_VERSION_DATA;
- if (NSS_CMSContentInfo_GetContentTypeTag(&(digd->contentInfo)) != SEC_OID_PKCS7_DATA)
- version = NSS_CMS_DIGESTED_DATA_VERSION_ENCAP;
-
- dummy = SEC_ASN1EncodeInteger(digd->cmsg->poolp, &(digd->version), version);
- return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Encode_BeforeData - do all the necessary things to a DigestedData
- * before the encapsulated data is passed through the encoder.
- *
- * In detail:
- * - set up the digests if necessary
- */
-SECStatus
-NSS_CMSDigestedData_Encode_BeforeData(NSSCMSDigestedData *digd)
-{
- /* set up the digests */
- if (digd->digestAlg.algorithm.len != 0 && digd->digest.len == 0) {
- /* if digest is already there, do nothing */
- digd->contentInfo.digcx = NSS_CMSDigestContext_StartSingle(&(digd->digestAlg));
- if (digd->contentInfo.digcx == NULL)
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Encode_AfterData - do all the necessary things to a DigestedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - finish the digests
- */
-SECStatus
-NSS_CMSDigestedData_Encode_AfterData(NSSCMSDigestedData *digd)
-{
- /* did we have digest calculation going on? */
- if (digd->contentInfo.digcx) {
- if (NSS_CMSDigestContext_FinishSingle(digd->contentInfo.digcx,
- digd->cmsg->poolp, &(digd->digest)) != SECSuccess)
- return SECFailure; /* error has been set by NSS_CMSDigestContext_FinishSingle */
- digd->contentInfo.digcx = NULL;
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Decode_BeforeData - do all the necessary things to a DigestedData
- * before the encapsulated data is passed through the encoder.
- *
- * In detail:
- * - set up the digests if necessary
- */
-SECStatus
-NSS_CMSDigestedData_Decode_BeforeData(NSSCMSDigestedData *digd)
-{
- /* is there a digest algorithm yet? */
- if (digd->digestAlg.algorithm.len == 0)
- return SECFailure;
-
- digd->contentInfo.digcx = NSS_CMSDigestContext_StartSingle(&(digd->digestAlg));
- if (digd->contentInfo.digcx == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Decode_AfterData - do all the necessary things to a DigestedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - finish the digests
- */
-SECStatus
-NSS_CMSDigestedData_Decode_AfterData(NSSCMSDigestedData *digd)
-{
- /* did we have digest calculation going on? */
- if (digd->contentInfo.digcx) {
- if (NSS_CMSDigestContext_FinishSingle(digd->contentInfo.digcx,
- digd->cmsg->poolp, &(digd->cdigest)) != SECSuccess)
- return SECFailure; /* error has been set by NSS_CMSDigestContext_FinishSingle */
- digd->contentInfo.digcx = NULL;
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSDigestedData_Decode_AfterEnd - finalize a digestedData.
- *
- * In detail:
- * - check the digests for equality
- */
-SECStatus
-NSS_CMSDigestedData_Decode_AfterEnd(NSSCMSDigestedData *digd)
-{
- /* did we have digest calculation going on? */
- if (digd->cdigest.len != 0) {
- /* XXX comparision btw digest & cdigest */
- /* XXX set status */
- /* TODO!!!! */
- }
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmsdigest.c b/security/nss/lib/smime/cmsdigest.c
deleted file mode 100644
index 6c7bd918b..000000000
--- a/security/nss/lib/smime/cmsdigest.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS digesting.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-
-struct NSSCMSDigestContextStr {
- PRBool saw_contents;
- int digcnt;
- void ** digcxs;
-const SECHashObject ** digobjs;
-};
-
-/*
- * NSS_CMSDigestContext_StartMultiple - start digest calculation using all the
- * digest algorithms in "digestalgs" in parallel.
- */
-NSSCMSDigestContext *
-NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs)
-{
- NSSCMSDigestContext *cmsdigcx;
- const SECHashObject *digobj;
- void *digcx;
- int digcnt;
- int i;
-
- digcnt = (digestalgs == NULL) ? 0 : NSS_CMSArray_Count((void **)digestalgs);
-
- cmsdigcx = (NSSCMSDigestContext *)PORT_Alloc(sizeof(NSSCMSDigestContext));
- if (cmsdigcx == NULL)
- return NULL;
-
- if (digcnt > 0) {
- cmsdigcx->digcxs = (void **)PORT_Alloc(digcnt * sizeof (void *));
- cmsdigcx->digobjs = (const SECHashObject **)PORT_Alloc(digcnt * sizeof(SECHashObject *));
- if (cmsdigcx->digcxs == NULL || cmsdigcx->digobjs == NULL)
- goto loser;
- }
-
- cmsdigcx->digcnt = 0;
-
- /*
- * Create a digest object context for each algorithm.
- */
- for (i = 0; i < digcnt; i++) {
- digobj = NSS_CMSUtil_GetHashObjByAlgID(digestalgs[i]);
- /*
- * Skip any algorithm we do not even recognize; obviously,
- * this could be a problem, but if it is critical then the
- * result will just be that the signature does not verify.
- * We do not necessarily want to error out here, because
- * the particular algorithm may not actually be important,
- * but we cannot know that until later.
- */
- if (digobj == NULL)
- continue;
-
- digcx = (*digobj->create)();
- if (digcx != NULL) {
- (*digobj->begin) (digcx);
- cmsdigcx->digobjs[cmsdigcx->digcnt] = digobj;
- cmsdigcx->digcxs[cmsdigcx->digcnt] = digcx;
- cmsdigcx->digcnt++;
- }
- }
-
- cmsdigcx->saw_contents = PR_FALSE;
-
- return cmsdigcx;
-
-loser:
- if (cmsdigcx) {
- if (cmsdigcx->digobjs)
- PORT_Free(cmsdigcx->digobjs);
- if (cmsdigcx->digcxs)
- PORT_Free(cmsdigcx->digcxs);
- }
- return NULL;
-}
-
-/*
- * NSS_CMSDigestContext_StartSingle - same as NSS_CMSDigestContext_StartMultiple, but
- * only one algorithm.
- */
-NSSCMSDigestContext *
-NSS_CMSDigestContext_StartSingle(SECAlgorithmID *digestalg)
-{
- SECAlgorithmID *digestalgs[] = { NULL, NULL }; /* fake array */
-
- digestalgs[0] = digestalg;
- return NSS_CMSDigestContext_StartMultiple(digestalgs);
-}
-
-/*
- * NSS_CMSDigestContext_Update - feed more data into the digest machine
- */
-void
-NSS_CMSDigestContext_Update(NSSCMSDigestContext *cmsdigcx, const unsigned char *data, int len)
-{
- int i;
-
- cmsdigcx->saw_contents = PR_TRUE;
-
- for (i = 0; i < cmsdigcx->digcnt; i++)
- (*cmsdigcx->digobjs[i]->update)(cmsdigcx->digcxs[i], data, len);
-}
-
-/*
- * NSS_CMSDigestContext_Cancel - cancel digesting operation
- */
-void
-NSS_CMSDigestContext_Cancel(NSSCMSDigestContext *cmsdigcx)
-{
- int i;
-
- for (i = 0; i < cmsdigcx->digcnt; i++)
- (*cmsdigcx->digobjs[i]->destroy)(cmsdigcx->digcxs[i], PR_TRUE);
-}
-
-/*
- * NSS_CMSDigestContext_FinishMultiple - finish the digests and put them
- * into an array of SECItems (allocated on poolp)
- */
-SECStatus
-NSS_CMSDigestContext_FinishMultiple(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
- SECItem ***digestsp)
-{
- const SECHashObject *digobj;
- void *digcx;
- SECItem **digests, *digest;
- int i;
- void *mark;
- SECStatus rv = SECFailure;
-
- /* no contents? do not update digests */
- if (digestsp == NULL || !cmsdigcx->saw_contents) {
- for (i = 0; i < cmsdigcx->digcnt; i++)
- (*cmsdigcx->digobjs[i]->destroy)(cmsdigcx->digcxs[i], PR_TRUE);
- rv = SECSuccess;
- goto cleanup;
- }
-
- mark = PORT_ArenaMark (poolp);
-
- /* allocate digest array & SECItems on arena */
- digests = (SECItem **)PORT_ArenaAlloc(poolp, (cmsdigcx->digcnt+1) * sizeof(SECItem *));
- digest = (SECItem *)PORT_ArenaZAlloc(poolp, cmsdigcx->digcnt * sizeof(SECItem));
- if (digests == NULL || digest == NULL) {
- goto loser;
- }
-
- for (i = 0; i < cmsdigcx->digcnt; i++, digest++) {
- digcx = cmsdigcx->digcxs[i];
- digobj = cmsdigcx->digobjs[i];
-
- digest->data = (unsigned char*)PORT_ArenaAlloc(poolp, digobj->length);
- if (digest->data == NULL)
- goto loser;
- digest->len = digobj->length;
- (* digobj->end)(digcx, digest->data, &(digest->len), digest->len);
- digests[i] = digest;
- (* digobj->destroy)(digcx, PR_TRUE);
- }
- digests[i] = NULL;
- *digestsp = digests;
-
- rv = SECSuccess;
-
-loser:
- if (rv == SECSuccess)
- PORT_ArenaUnmark(poolp, mark);
- else
- PORT_ArenaRelease(poolp, mark);
-
-cleanup:
- if (cmsdigcx->digcnt > 0) {
- PORT_Free(cmsdigcx->digcxs);
- PORT_Free(cmsdigcx->digobjs);
- }
- PORT_Free(cmsdigcx);
-
- return rv;
-}
-
-/*
- * NSS_CMSDigestContext_FinishSingle - same as NSS_CMSDigestContext_FinishMultiple,
- * but for one digest.
- */
-SECStatus
-NSS_CMSDigestContext_FinishSingle(NSSCMSDigestContext *cmsdigcx, PLArenaPool *poolp,
- SECItem *digest)
-{
- SECStatus rv = SECFailure;
- SECItem **dp;
- PLArenaPool *arena = NULL;
-
- if ((arena = PORT_NewArena(1024)) == NULL)
- goto loser;
-
- /* get the digests into arena, then copy the first digest into poolp */
- if (NSS_CMSDigestContext_FinishMultiple(cmsdigcx, arena, &dp) != SECSuccess)
- goto loser;
-
- /* now copy it into poolp */
- if (SECITEM_CopyItem(poolp, digest, dp[0]) != SECSuccess)
- goto loser;
-
- rv = SECSuccess;
-
-loser:
- if (arena)
- PORT_FreeArena(arena, PR_FALSE);
-
- return rv;
-}
diff --git a/security/nss/lib/smime/cmsencdata.c b/security/nss/lib/smime/cmsencdata.c
deleted file mode 100644
index 0dc23a317..000000000
--- a/security/nss/lib/smime/cmsencdata.c
+++ /dev/null
@@ -1,279 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS encryptedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSEncryptedData_Create - create an empty encryptedData object.
- *
- * "algorithm" specifies the bulk encryption algorithm to use.
- * "keysize" is the key size.
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-NSSCMSEncryptedData *
-NSS_CMSEncryptedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize)
-{
- void *mark;
- NSSCMSEncryptedData *encd;
- PLArenaPool *poolp;
- SECAlgorithmID *pbe_algid;
- SECStatus rv;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- encd = (NSSCMSEncryptedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSEncryptedData));
- if (encd == NULL)
- goto loser;
-
- encd->cmsg = cmsg;
-
- /* version is set in NSS_CMSEncryptedData_Encode_BeforeStart() */
-
- switch (algorithm) {
- /* XXX hmmm... hardcoded algorithms? */
- case SEC_OID_RC2_CBC:
- case SEC_OID_DES_EDE3_CBC:
- case SEC_OID_DES_CBC:
- rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, &(encd->contentInfo), algorithm, NULL, keysize);
- break;
- default:
- /* Assume password-based-encryption. At least, try that. */
- pbe_algid = PK11_CreatePBEAlgorithmID(algorithm, 1, NULL);
- if (pbe_algid == NULL) {
- rv = SECFailure;
- break;
- }
- rv = NSS_CMSContentInfo_SetContentEncAlgID(poolp, &(encd->contentInfo), pbe_algid, keysize);
- SECOID_DestroyAlgorithmID (pbe_algid, PR_TRUE);
- break;
- }
- if (rv != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return encd;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSEncryptedData_Destroy - destroy an encryptedData object
- */
-void
-NSS_CMSEncryptedData_Destroy(NSSCMSEncryptedData *encd)
-{
- /* everything's in a pool, so don't worry about the storage */
- return;
-}
-
-/*
- * NSS_CMSEncryptedData_GetContentInfo - return pointer to encryptedData object's contentInfo
- */
-NSSCMSContentInfo *
-NSS_CMSEncryptedData_GetContentInfo(NSSCMSEncryptedData *encd)
-{
- return &(encd->contentInfo);
-}
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeStart - do all the necessary things to a EncryptedData
- * before encoding begins.
- *
- * In particular:
- * - set the correct version value.
- * - get the encryption key
- */
-SECStatus
-NSS_CMSEncryptedData_Encode_BeforeStart(NSSCMSEncryptedData *encd)
-{
- int version;
- PK11SymKey *bulkkey = NULL;
- SECItem *dummy;
- NSSCMSContentInfo *cinfo = &(encd->contentInfo);
-
- if (NSS_CMSArray_IsEmpty((void **)encd->unprotectedAttr))
- version = NSS_CMS_ENCRYPTED_DATA_VERSION;
- else
- version = NSS_CMS_ENCRYPTED_DATA_VERSION_UPATTR;
-
- dummy = SEC_ASN1EncodeInteger (encd->cmsg->poolp, &(encd->version), version);
- if (dummy == NULL)
- return SECFailure;
-
- /* now get content encryption key (bulk key) by using our cmsg callback */
- if (encd->cmsg->decrypt_key_cb)
- bulkkey = (*encd->cmsg->decrypt_key_cb)(encd->cmsg->decrypt_key_cb_arg,
- NSS_CMSContentInfo_GetContentEncAlg(cinfo));
- if (bulkkey == NULL)
- return SECFailure;
-
- /* store the bulk key in the contentInfo so that the encoder can find it */
- NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEncryptedData_Encode_BeforeData - set up encryption
- */
-SECStatus
-NSS_CMSEncryptedData_Encode_BeforeData(NSSCMSEncryptedData *encd)
-{
- NSSCMSContentInfo *cinfo;
- PK11SymKey *bulkkey;
- SECAlgorithmID *algid;
-
- cinfo = &(encd->contentInfo);
-
- /* find bulkkey and algorithm - must have been set by NSS_CMSEncryptedData_Encode_BeforeStart */
- bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
- if (bulkkey == NULL)
- return SECFailure;
- algid = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
- if (algid == NULL)
- return SECFailure;
-
- /* this may modify algid (with IVs generated in a token).
- * it is therefore essential that algid is a pointer to the "real" contentEncAlg,
- * not just to a copy */
- cinfo->ciphcx = NSS_CMSCipherContext_StartEncrypt(encd->cmsg->poolp, bulkkey, algid);
- PK11_FreeSymKey(bulkkey);
- if (cinfo->ciphcx == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEncryptedData_Encode_AfterData - finalize this encryptedData for encoding
- */
-SECStatus
-NSS_CMSEncryptedData_Encode_AfterData(NSSCMSEncryptedData *encd)
-{
- if (encd->contentInfo.ciphcx)
- NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx);
-
- /* nothing to do after data */
- return SECSuccess;
-}
-
-
-/*
- * NSS_CMSEncryptedData_Decode_BeforeData - find bulk key & set up decryption
- */
-SECStatus
-NSS_CMSEncryptedData_Decode_BeforeData(NSSCMSEncryptedData *encd)
-{
- PK11SymKey *bulkkey = NULL;
- NSSCMSContentInfo *cinfo;
- SECAlgorithmID *bulkalg;
- SECStatus rv = SECFailure;
-
- cinfo = &(encd->contentInfo);
-
- bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
-
- if (encd->cmsg->decrypt_key_cb == NULL) /* no callback? no key../ */
- goto loser;
-
- bulkkey = (*encd->cmsg->decrypt_key_cb)(encd->cmsg->decrypt_key_cb_arg, bulkalg);
- if (bulkkey == NULL)
- /* no success finding a bulk key */
- goto loser;
-
- NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
- cinfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
- if (cinfo->ciphcx == NULL)
- goto loser; /* error has been set by NSS_CMSCipherContext_StartDecrypt */
-
- /*
- * HACK ALERT!!
- * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
- * structure. Therefore, we need to set the bulkkey to the actual key
- * prior to freeing it.
- */
- if (SEC_PKCS5IsAlgorithmPBEAlg(bulkalg)) {
- SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
- bulkkey = keyPwd->key;
- }
-
- /* we are done with (this) bulkkey now. */
- PK11_FreeSymKey(bulkkey);
-
- rv = SECSuccess;
-
-loser:
- return rv;
-}
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterData - finish decrypting this encryptedData's content
- */
-SECStatus
-NSS_CMSEncryptedData_Decode_AfterData(NSSCMSEncryptedData *encd)
-{
- NSS_CMSCipherContext_Destroy(encd->contentInfo.ciphcx);
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEncryptedData_Decode_AfterEnd - finish decoding this encryptedData
- */
-SECStatus
-NSS_CMSEncryptedData_Decode_AfterEnd(NSSCMSEncryptedData *encd)
-{
- /* apply final touches */
- return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmsencode.c b/security/nss/lib/smime/cmsencode.c
deleted file mode 100644
index 978f02a55..000000000
--- a/security/nss/lib/smime/cmsencode.c
+++ /dev/null
@@ -1,743 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS encoding.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "secrng.h"
-#include "secitem.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-struct nss_cms_encoder_output {
- NSSCMSContentCallback outputfn;
- void *outputarg;
- PLArenaPool *destpoolp;
- SECItem *dest;
-};
-
-struct NSSCMSEncoderContextStr {
- SEC_ASN1EncoderContext * ecx; /* ASN.1 encoder context */
- PRBool ecxupdated; /* true if data was handed in */
- NSSCMSMessage * cmsg; /* pointer to the root message */
- SECOidTag type; /* type tag of the current content */
- NSSCMSContent content; /* pointer to current content */
- struct nss_cms_encoder_output output; /* output function */
- int error; /* error code */
- NSSCMSEncoderContext * childp7ecx; /* link to child encoder context */
-};
-
-static SECStatus nss_cms_before_data(NSSCMSEncoderContext *p7ecx);
-static SECStatus nss_cms_after_data(NSSCMSEncoderContext *p7ecx);
-static SECStatus nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len);
-static SECStatus nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
- const unsigned char *data, unsigned long len,
- PRBool final, PRBool innermost);
-
-extern const SEC_ASN1Template NSSCMSMessageTemplate[];
-
-/*
- * The little output function that the ASN.1 encoder calls to hand
- * us bytes which we in turn hand back to our caller (via the callback
- * they gave us).
- */
-static void
-nss_cms_encoder_out(void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- struct nss_cms_encoder_output *output = (struct nss_cms_encoder_output *)arg;
- unsigned char *dest;
- unsigned long offset;
-
-#ifdef CMSDEBUG
- int i;
-
- fprintf(stderr, "kind = %d, depth = %d, len = %d\n", data_kind, depth, len);
- for (i=0; i < len; i++) {
- fprintf(stderr, " %02x%s", (unsigned int)buf[i] & 0xff, ((i % 16) == 15) ? "\n" : "");
- }
- if ((i % 16) != 0)
- fprintf(stderr, "\n");
-#endif
-
- if (output->outputfn != NULL)
- /* call output callback with DER data */
- output->outputfn(output->outputarg, buf, len);
-
- if (output->dest != NULL) {
- /* store DER data in SECItem */
- offset = output->dest->len;
- if (offset == 0) {
- dest = (unsigned char *)PORT_ArenaAlloc(output->destpoolp, len);
- } else {
- dest = (unsigned char *)PORT_ArenaGrow(output->destpoolp,
- output->dest->data,
- output->dest->len,
- output->dest->len + len);
- }
- if (dest == NULL)
- /* oops */
- return;
-
- output->dest->data = dest;
- output->dest->len += len;
-
- /* copy it in */
- PORT_Memcpy(output->dest->data + offset, buf, len);
- }
-}
-
-/*
- * nss_cms_encoder_notify - ASN.1 encoder callback
- *
- * this function is called by the ASN.1 encoder before and after the encoding of
- * every object. here, it is used to keep track of data structures, set up
- * encryption and/or digesting and possibly set up child encoders.
- */
-static void
-nss_cms_encoder_notify(void *arg, PRBool before, void *dest, int depth)
-{
- NSSCMSEncoderContext *p7ecx;
- NSSCMSContentInfo *rootcinfo, *cinfo;
- PRBool after = !before;
- PLArenaPool *poolp;
- SECOidTag childtype;
- SECItem *item;
-
- p7ecx = (NSSCMSEncoderContext *)arg;
- PORT_Assert(p7ecx != NULL);
-
- rootcinfo = &(p7ecx->cmsg->contentInfo);
- poolp = p7ecx->cmsg->poolp;
-
-#ifdef CMSDEBUG
- fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before" : "after", dest, depth);
-#endif
-
- /*
- * Watch for the content field, at which point we want to instruct
- * the ASN.1 encoder to start taking bytes from the buffer.
- */
- switch (p7ecx->type) {
- default:
- case SEC_OID_UNKNOWN:
- /* we're still in the root message */
- if (after && dest == &(rootcinfo->contentType)) {
- /* got the content type OID now - so find out the type tag */
- p7ecx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo);
- /* set up a pointer to our current content */
- p7ecx->content = rootcinfo->content;
- }
- break;
-
- case SEC_OID_PKCS7_DATA:
- if (before && dest == &(rootcinfo->rawContent)) {
- /* just set up encoder to grab from user - no encryption or digesting */
- if ((item = rootcinfo->content.data) != NULL)
- (void)nss_cms_encoder_work_data(p7ecx, NULL, item->data, item->len, PR_TRUE, PR_TRUE);
- else
- SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
- SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx); /* no need to get notified anymore */
- }
- break;
-
- case SEC_OID_PKCS7_SIGNED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
-
- /* when we know what the content is, we encode happily until we reach the inner content */
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
- if (after && dest == &(cinfo->contentType)) {
- /* we're right before encoding the data (if we have some or not) */
- /* (for encrypted data, we're right before the contentEncAlg which may change */
- /* in nss_cms_before_data because of IV calculation when setting up encryption) */
- if (nss_cms_before_data(p7ecx) != SECSuccess)
- p7ecx->error = PORT_GetError();
- }
- if (before && dest == &(cinfo->rawContent)) {
- if (childtype == SEC_OID_PKCS7_DATA && (item = cinfo->content.data) != NULL)
- /* we have data - feed it in */
- (void)nss_cms_encoder_work_data(p7ecx, NULL, item->data, item->len, PR_TRUE, PR_TRUE);
- else
- /* else try to get it from user */
- SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
- }
- if (after && dest == &(cinfo->rawContent)) {
- if (nss_cms_after_data(p7ecx) != SECSuccess)
- p7ecx->error = PORT_GetError();
- SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx); /* no need to get notified anymore */
- }
- break;
- }
-}
-
-/*
- * nss_cms_before_data - setup the current encoder to receive data
- */
-static SECStatus
-nss_cms_before_data(NSSCMSEncoderContext *p7ecx)
-{
- SECStatus rv;
- SECOidTag childtype;
- NSSCMSContentInfo *cinfo;
- PLArenaPool *poolp;
- NSSCMSEncoderContext *childp7ecx;
- const SEC_ASN1Template *template;
-
- poolp = p7ecx->cmsg->poolp;
-
- /* call _Encode_BeforeData handlers */
- switch (p7ecx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- /* we're encoding a signedData, so set up the digests */
- rv = NSS_CMSSignedData_Encode_BeforeData(p7ecx->content.signedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- /* we're encoding a digestedData, so set up the digest */
- rv = NSS_CMSDigestedData_Encode_BeforeData(p7ecx->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Encode_BeforeData(p7ecx->content.envelopedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Encode_BeforeData(p7ecx->content.encryptedData);
- break;
- default:
- rv = SECFailure;
- }
- if (rv != SECSuccess)
- return SECFailure;
-
- /* ok, now we have a pointer to cinfo */
- /* find out what kind of data is encapsulated */
-
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
-
- switch (childtype) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- case SEC_OID_PKCS7_DIGESTED_DATA:
-#if 0
- case SEC_OID_PKCS7_DATA: /* XXX here also??? maybe yes! */
-#endif
- /* in these cases, we need to set up a child encoder! */
- /* create new encoder context */
- childp7ecx = PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
- if (childp7ecx == NULL)
- return SECFailure;
-
- /* the CHILD encoder needs to hand its encoded data to the CURRENT encoder
- * (which will encrypt and/or digest it)
- * this needs to route back into our update function
- * which finds the lowest encoding context & encrypts and computes digests */
- childp7ecx->type = childtype;
- childp7ecx->content = cinfo->content;
- /* use the non-recursive update function here, of course */
- childp7ecx->output.outputfn = (NSSCMSContentCallback)nss_cms_encoder_update;
- childp7ecx->output.outputarg = p7ecx;
- childp7ecx->output.destpoolp = NULL;
- childp7ecx->output.dest = NULL;
- childp7ecx->cmsg = p7ecx->cmsg;
-
- template = NSS_CMSUtil_GetTemplateByTypeTag(childtype);
- if (template == NULL)
- goto loser; /* cannot happen */
-
- /* now initialize the data for encoding the first third */
- switch (childp7ecx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DATA:
- rv = SECSuccess;
- break;
- default:
- PORT_Assert(0);
- break;
- }
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * Initialize the BER encoder.
- */
- childp7ecx->ecx = SEC_ASN1EncoderStart(cinfo->content.pointer, template,
- nss_cms_encoder_out, &(childp7ecx->output));
- if (childp7ecx->ecx == NULL)
- goto loser;
-
- childp7ecx->ecxupdated = PR_FALSE;
-
- /*
- * Indicate that we are streaming. We will be streaming until we
- * get past the contents bytes.
- */
- SEC_ASN1EncoderSetStreaming(childp7ecx->ecx);
-
- /*
- * The notify function will watch for the contents field.
- */
- SEC_ASN1EncoderSetNotifyProc(childp7ecx->ecx, nss_cms_encoder_notify, childp7ecx);
-
- /* please note that we are NOT calling SEC_ASN1EncoderUpdate here to kick off the */
- /* encoding process - we'll do that from the update function instead */
- /* otherwise we'd be encoding data from a call of the notify function of the */
- /* parent encoder (which would not work) */
-
- /* this will kick off the encoding process & encode everything up to the content bytes,
- * at which point the notify function sets streaming mode (and possibly creates
- * another child encoder). */
- if (SEC_ASN1EncoderUpdate(childp7ecx->ecx, NULL, 0) != SECSuccess)
- goto loser;
-
- p7ecx->childp7ecx = childp7ecx;
- break;
-
- case SEC_OID_PKCS7_DATA:
- p7ecx->childp7ecx = NULL;
- break;
- default:
- /* we do not know this type */
- p7ecx->error = SEC_ERROR_BAD_DER;
- break;
- }
-
- return SECSuccess;
-
-loser:
- if (childp7ecx) {
- if (childp7ecx->ecx)
- SEC_ASN1EncoderFinish(childp7ecx->ecx);
- PORT_Free(childp7ecx);
- }
- return SECFailure;
-}
-
-static SECStatus
-nss_cms_after_data(NSSCMSEncoderContext *p7ecx)
-{
- SECStatus rv = SECFailure;
-
- switch (p7ecx->type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- /* this will finish the digests and sign */
- rv = NSS_CMSSignedData_Encode_AfterData(p7ecx->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Encode_AfterData(p7ecx->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Encode_AfterData(p7ecx->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Encode_AfterData(p7ecx->content.encryptedData);
- break;
- case SEC_OID_PKCS7_DATA:
- /* do nothing */
- break;
- default:
- rv = SECFailure;
- break;
- }
- return rv;
-}
-
-/*
- * nss_cms_encoder_work_data - process incoming data
- *
- * (from the user or the next encoding layer)
- * Here, we need to digest and/or encrypt, then pass it on
- */
-static SECStatus
-nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
- const unsigned char *data, unsigned long len,
- PRBool final, PRBool innermost)
-{
- unsigned char *buf = NULL;
- SECStatus rv;
- NSSCMSContentInfo *cinfo;
-
- rv = SECSuccess; /* may as well be optimistic */
-
- /*
- * We should really have data to process, or we should be trying
- * to finish/flush the last block. (This is an overly paranoid
- * check since all callers are in this file and simple inspection
- * proves they do it right. But it could find a bug in future
- * modifications/development, that is why it is here.)
- */
- PORT_Assert ((data != NULL && len) || final);
-
- /* we got data (either from the caller, or from a lower level encoder) */
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
-
- /* Update the running digest. */
- if (len && cinfo->digcx != NULL)
- NSS_CMSDigestContext_Update(cinfo->digcx, data, len);
-
- /* Encrypt this chunk. */
- if (cinfo->ciphcx != NULL) {
- unsigned int inlen; /* length of data being encrypted */
- unsigned int outlen; /* length of encrypted data */
- unsigned int buflen; /* length available for encrypted data */
-
- inlen = len;
- buflen = NSS_CMSCipherContext_EncryptLength(cinfo->ciphcx, inlen, final);
- if (buflen == 0) {
- /*
- * No output is expected, but the input data may be buffered
- * so we still have to call Encrypt.
- */
- rv = NSS_CMSCipherContext_Encrypt(cinfo->ciphcx, NULL, NULL, 0,
- data, inlen, final);
- if (final) {
- len = 0;
- goto done;
- }
- return rv;
- }
-
- if (dest != NULL)
- buf = (unsigned char*)PORT_ArenaAlloc(p7ecx->cmsg->poolp, buflen);
- else
- buf = (unsigned char*)PORT_Alloc(buflen);
-
- if (buf == NULL) {
- rv = SECFailure;
- } else {
- rv = NSS_CMSCipherContext_Encrypt(cinfo->ciphcx, buf, &outlen, buflen,
- data, inlen, final);
- data = buf;
- len = outlen;
- }
- if (rv != SECSuccess)
- /* encryption or malloc failed? */
- return rv;
- }
-
-
- /*
- * at this point (data,len) has everything we'd like to give to the CURRENT encoder
- * (which will encode it, then hand it back to the user or the parent encoder)
- * We don't encode the data if we're innermost and we're told not to include the data
- */
- if (p7ecx->ecx != NULL && len && (!innermost || cinfo->rawContent != NULL))
- rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, (const char *)data, len);
-
-done:
-
- if (cinfo->ciphcx != NULL) {
- if (dest != NULL) {
- dest->data = buf;
- dest->len = len;
- } else if (buf != NULL) {
- PORT_Free (buf);
- }
- }
- return rv;
-}
-
-/*
- * nss_cms_encoder_update - deliver encoded data to the next higher level
- *
- * no recursion here because we REALLY want to end up at the next higher encoder!
- */
-static SECStatus
-nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
-{
- /* XXX Error handling needs help. Return what? Do "Finish" on failure? */
- return nss_cms_encoder_work_data (p7ecx, NULL, (const unsigned char *)data, len, PR_FALSE, PR_FALSE);
-}
-
-/*
- * NSS_CMSEncoder_Start - set up encoding of a CMS message
- *
- * "cmsg" - message to encode
- * "outputfn", "outputarg" - callback function for delivery of DER-encoded output
- * will not be called if NULL.
- * "dest" - if non-NULL, pointer to SECItem that will hold the DER-encoded output
- * "destpoolp" - pool to allocate DER-encoded output in
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- */
-NSSCMSEncoderContext *
-NSS_CMSEncoder_Start(NSSCMSMessage *cmsg,
- NSSCMSContentCallback outputfn, void *outputarg,
- SECItem *dest, PLArenaPool *destpoolp,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
- SECAlgorithmID **detached_digestalgs, SECItem **detached_digests)
-{
- NSSCMSEncoderContext *p7ecx;
- SECStatus rv;
- NSSCMSContentInfo *cinfo;
-
- NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg,
- detached_digestalgs, detached_digests);
-
- p7ecx = (NSSCMSEncoderContext *)PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
- if (p7ecx == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- p7ecx->cmsg = cmsg;
- p7ecx->output.outputfn = outputfn;
- p7ecx->output.outputarg = outputarg;
- p7ecx->output.dest = dest;
- p7ecx->output.destpoolp = destpoolp;
- p7ecx->type = SEC_OID_UNKNOWN;
-
- cinfo = NSS_CMSMessage_GetContentInfo(cmsg);
-
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
- break;
- default:
- rv = SECFailure;
- break;
- }
- if (rv != SECSuccess)
- return NULL;
-
- /* Initialize the BER encoder.
- * Note that this will not encode anything until the first call to SEC_ASN1EncoderUpdate */
- p7ecx->ecx = SEC_ASN1EncoderStart(cmsg, NSSCMSMessageTemplate,
- nss_cms_encoder_out, &(p7ecx->output));
- if (p7ecx->ecx == NULL) {
- PORT_Free (p7ecx);
- return NULL;
- }
- p7ecx->ecxupdated = PR_FALSE;
-
- /*
- * Indicate that we are streaming. We will be streaming until we
- * get past the contents bytes.
- */
- SEC_ASN1EncoderSetStreaming(p7ecx->ecx);
-
- /*
- * The notify function will watch for the contents field.
- */
- SEC_ASN1EncoderSetNotifyProc(p7ecx->ecx, nss_cms_encoder_notify, p7ecx);
-
- /* this will kick off the encoding process & encode everything up to the content bytes,
- * at which point the notify function sets streaming mode (and possibly creates
- * a child encoder). */
- if (SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0) != SECSuccess) {
- PORT_Free (p7ecx);
- return NULL;
- }
-
- return p7ecx;
-}
-
-/*
- * NSS_CMSEncoder_Update - take content data delivery from the user
- *
- * "p7ecx" - encoder context
- * "data" - content data
- * "len" - length of content data
- *
- * need to find the lowest level (and call SEC_ASN1EncoderUpdate on the way down),
- * then hand the data to the work_data fn
- */
-SECStatus
-NSS_CMSEncoder_Update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
-{
- SECStatus rv;
- NSSCMSContentInfo *cinfo;
- SECOidTag childtype;
-
- if (p7ecx->error)
- return SECFailure;
-
- /* hand data to the innermost decoder */
- if (p7ecx->childp7ecx) {
- /* recursion here */
- rv = NSS_CMSEncoder_Update(p7ecx->childp7ecx, data, len);
- } else {
- /* we are at innermost decoder */
- /* find out about our inner content type - must be data */
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
- if (childtype != SEC_OID_PKCS7_DATA)
- return SECFailure;
- /* and we must not have preset data */
- if (cinfo->content.data != NULL)
- return SECFailure;
-
- /* hand it the data so it can encode it (let DER trickle up the chain) */
- rv = nss_cms_encoder_work_data(p7ecx, NULL, (const unsigned char *)data, len, PR_FALSE, PR_TRUE);
- }
- return rv;
-}
-
-/*
- * NSS_CMSEncoder_Cancel - stop all encoding
- *
- * we need to walk down the chain of encoders and the finish them from the innermost out
- */
-SECStatus
-NSS_CMSEncoder_Cancel(NSSCMSEncoderContext *p7ecx)
-{
- SECStatus rv = SECFailure;
-
- /* XXX do this right! */
-
- /*
- * Finish any inner decoders before us so that all the encoded data is flushed
- * This basically finishes all the decoders from the innermost to the outermost.
- * Finishing an inner decoder may result in data being updated to the outer decoder
- * while we are already in NSS_CMSEncoder_Finish, but that's allright.
- */
- if (p7ecx->childp7ecx) {
- rv = NSS_CMSEncoder_Cancel(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
- /* remember rv for now */
- }
-
- /*
- * On the way back up, there will be no more data (if we had an
- * inner encoder, it is done now!)
- * Flush out any remaining data and/or finish digests.
- */
- rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
- if (rv != SECSuccess)
- goto loser;
-
- p7ecx->childp7ecx = NULL;
-
- /* kick the encoder back into working mode again.
- * We turn off streaming stuff (which will cause the encoder to continue
- * encoding happily, now that we have all the data (like digests) ready for it).
- */
- SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
- SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
-
- /* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
- rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
-
-loser:
- SEC_ASN1EncoderFinish(p7ecx->ecx);
- PORT_Free (p7ecx);
- return rv;
-}
-
-/*
- * NSS_CMSEncoder_Finish - signal the end of data
- *
- * we need to walk down the chain of encoders and the finish them from the innermost out
- */
-SECStatus
-NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx)
-{
- SECStatus rv = SECFailure;
- NSSCMSContentInfo *cinfo;
- SECOidTag childtype;
-
- /*
- * Finish any inner decoders before us so that all the encoded data is flushed
- * This basically finishes all the decoders from the innermost to the outermost.
- * Finishing an inner decoder may result in data being updated to the outer decoder
- * while we are already in NSS_CMSEncoder_Finish, but that's allright.
- */
- if (p7ecx->childp7ecx) {
- rv = NSS_CMSEncoder_Finish(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
- if (rv != SECSuccess)
- goto loser;
- }
-
- /*
- * On the way back up, there will be no more data (if we had an
- * inner encoder, it is done now!)
- * Flush out any remaining data and/or finish digests.
- */
- rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
- if (rv != SECSuccess)
- goto loser;
-
- p7ecx->childp7ecx = NULL;
-
- /* find out about our inner content type - must be data */
- cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
- childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
- if (childtype == SEC_OID_PKCS7_DATA && cinfo->content.data == NULL) {
- SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
- /* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
- rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);
- }
-
- SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
-
- if (p7ecx->error)
- rv = SECFailure;
-
-loser:
- SEC_ASN1EncoderFinish(p7ecx->ecx);
- PORT_Free (p7ecx);
- return rv;
-}
diff --git a/security/nss/lib/smime/cmsenvdata.c b/security/nss/lib/smime/cmsenvdata.c
deleted file mode 100644
index fdd3d821a..000000000
--- a/security/nss/lib/smime/cmsenvdata.c
+++ /dev/null
@@ -1,423 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS envelopedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-/*#include "secpkcs5.h" */
-
-/*
- * NSS_CMSEnvelopedData_Create - create an enveloped data message
- */
-NSSCMSEnvelopedData *
-NSS_CMSEnvelopedData_Create(NSSCMSMessage *cmsg, SECOidTag algorithm, int keysize)
-{
- void *mark;
- NSSCMSEnvelopedData *envd;
- PLArenaPool *poolp;
- SECStatus rv;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- envd = (NSSCMSEnvelopedData *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSEnvelopedData));
- if (envd == NULL)
- goto loser;
-
- envd->cmsg = cmsg;
-
- /* version is set in NSS_CMSEnvelopedData_Encode_BeforeStart() */
-
- rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, &(envd->contentInfo), algorithm, NULL, keysize);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return envd;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSEnvelopedData_Destroy - destroy an enveloped data message
- */
-void
-NSS_CMSEnvelopedData_Destroy(NSSCMSEnvelopedData *edp)
-{
- NSSCMSRecipientInfo **recipientinfos;
- NSSCMSRecipientInfo *ri;
-
- if (edp == NULL)
- return;
-
- recipientinfos = edp->recipientInfos;
- if (recipientinfos == NULL)
- return;
-
- while ((ri = *recipientinfos++) != NULL)
- NSS_CMSRecipientInfo_Destroy(ri);
-
- /* XXX storage ??? */
-}
-
-/*
- * NSS_CMSEnvelopedData_GetContentInfo - return pointer to this envelopedData's contentinfo
- */
-NSSCMSContentInfo *
-NSS_CMSEnvelopedData_GetContentInfo(NSSCMSEnvelopedData *envd)
-{
- return &(envd->contentInfo);
-}
-
-/*
- * NSS_CMSEnvelopedData_AddRecipient - add a recipientinfo to the enveloped data msg
- *
- * rip must be created on the same pool as edp - this is not enforced, though.
- */
-SECStatus
-NSS_CMSEnvelopedData_AddRecipient(NSSCMSEnvelopedData *edp, NSSCMSRecipientInfo *rip)
-{
- void *mark;
- SECStatus rv;
-
- /* XXX compare pools, if not same, copy rip into edp's pool */
-
- PR_ASSERT(edp != NULL);
- PR_ASSERT(rip != NULL);
-
- mark = PORT_ArenaMark(edp->cmsg->poolp);
-
- rv = NSS_CMSArray_Add(edp->cmsg->poolp, (void ***)&(edp->recipientInfos), (void *)rip);
- if (rv != SECSuccess) {
- PORT_ArenaRelease(edp->cmsg->poolp, mark);
- return SECFailure;
- }
-
- PORT_ArenaUnmark (edp->cmsg->poolp, mark);
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeStart - prepare this envelopedData for encoding
- *
- * at this point, we need
- * - recipientinfos set up with recipient's certificates
- * - a content encryption algorithm (if none, 3DES will be used)
- *
- * this function will generate a random content encryption key (aka bulk key),
- * initialize the recipientinfos with certificate identification and wrap the bulk key
- * using the proper algorithm for every certificiate.
- * it will finally set the bulk algorithm and key so that the encode step can find it.
- */
-SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeStart(NSSCMSEnvelopedData *envd)
-{
- int version;
- NSSCMSRecipientInfo **recipientinfos;
- NSSCMSContentInfo *cinfo;
- PK11SymKey *bulkkey = NULL;
- SECOidTag bulkalgtag;
- CK_MECHANISM_TYPE type;
- PK11SlotInfo *slot;
- SECStatus rv;
- SECItem *dummy;
- PLArenaPool *poolp;
- extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[];
- void *mark = NULL;
- int i;
-
- poolp = envd->cmsg->poolp;
- cinfo = &(envd->contentInfo);
-
- recipientinfos = envd->recipientInfos;
- if (recipientinfos == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
-#if 0
- PORT_SetErrorString("Cannot find recipientinfos to encode.");
-#endif
- goto loser;
- }
-
- version = NSS_CMS_ENVELOPED_DATA_VERSION_REG;
- if (envd->originatorInfo != NULL || envd->unprotectedAttr != NULL) {
- version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
- } else {
- for (i = 0; recipientinfos[i] != NULL; i++) {
- if (NSS_CMSRecipientInfo_GetVersion(recipientinfos[i]) != 0) {
- version = NSS_CMS_ENVELOPED_DATA_VERSION_ADV;
- break;
- }
- }
- }
- dummy = SEC_ASN1EncodeInteger(poolp, &(envd->version), version);
- if (dummy == NULL)
- goto loser;
-
- /* now we need to have a proper content encryption algorithm
- * on the SMIME level, we would figure one out by looking at SMIME capabilities
- * we cannot do that on our level, so if none is set already, we'll just go
- * with one of the mandatory algorithms (3DES) */
- if ((bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo)) == SEC_OID_UNKNOWN) {
- rv = NSS_CMSContentInfo_SetContentEncAlg(poolp, cinfo, SEC_OID_DES_EDE3_CBC, NULL, 168);
- if (rv != SECSuccess)
- goto loser;
- bulkalgtag = SEC_OID_DES_EDE3_CBC;
- }
-
- /* generate a random bulk key suitable for content encryption alg */
- type = PK11_AlgtagToMechanism(bulkalgtag);
- slot = PK11_GetBestSlot(type, envd->cmsg->pwfn_arg);
- if (slot == NULL)
- goto loser; /* error has been set by PK11_GetBestSlot */
-
- /* this is expensive... */
- bulkkey = PK11_KeyGen(slot, type, NULL, NSS_CMSContentInfo_GetBulkKeySize(cinfo) / 8, envd->cmsg->pwfn_arg);
- PK11_FreeSlot(slot);
- if (bulkkey == NULL)
- goto loser; /* error has been set by PK11_KeyGen */
-
- mark = PORT_ArenaMark(poolp);
-
- /* Encrypt the bulk key with the public key of each recipient. */
- for (i = 0; recipientinfos[i] != NULL; i++) {
- rv = NSS_CMSRecipientInfo_WrapBulkKey(recipientinfos[i], bulkkey, bulkalgtag);
- if (rv != SECSuccess)
- goto loser; /* error has been set by NSS_CMSRecipientInfo_EncryptBulkKey */
- /* could be: alg not supported etc. */
- }
-
- /* the recipientinfos are all finished. now sort them by DER for SET OF encoding */
- rv = NSS_CMSArray_SortByDER((void **)envd->recipientInfos, NSSCMSRecipientInfoTemplate, NULL);
- if (rv != SECSuccess)
- goto loser; /* error has been set by NSS_CMSArray_SortByDER */
-
- /* store the bulk key in the contentInfo so that the encoder can find it */
- NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
- PORT_ArenaUnmark(poolp, mark);
-
- PK11_FreeSymKey(bulkkey);
-
- return SECSuccess;
-
-loser:
- if (mark != NULL)
- PORT_ArenaRelease (poolp, mark);
- if (bulkkey)
- PK11_FreeSymKey(bulkkey);
-
- return SECFailure;
-}
-
-/*
- * NSS_CMSEnvelopedData_Encode_BeforeData - set up encryption
- *
- * it is essential that this is called before the contentEncAlg is encoded, because
- * setting up the encryption may generate IVs and thus change it!
- */
-SECStatus
-NSS_CMSEnvelopedData_Encode_BeforeData(NSSCMSEnvelopedData *envd)
-{
- NSSCMSContentInfo *cinfo;
- PK11SymKey *bulkkey;
- SECAlgorithmID *algid;
-
- cinfo = &(envd->contentInfo);
-
- /* find bulkkey and algorithm - must have been set by NSS_CMSEnvelopedData_Encode_BeforeStart */
- bulkkey = NSS_CMSContentInfo_GetBulkKey(cinfo);
- if (bulkkey == NULL)
- return SECFailure;
- algid = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
- if (algid == NULL)
- return SECFailure;
-
- /* this may modify algid (with IVs generated in a token).
- * it is essential that algid is a pointer to the contentEncAlg data, not a
- * pointer to a copy! */
- cinfo->ciphcx = NSS_CMSCipherContext_StartEncrypt(envd->cmsg->poolp, bulkkey, algid);
- PK11_FreeSymKey(bulkkey);
- if (cinfo->ciphcx == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Encode_AfterData - finalize this envelopedData for encoding
- */
-SECStatus
-NSS_CMSEnvelopedData_Encode_AfterData(NSSCMSEnvelopedData *envd)
-{
- if (envd->contentInfo.ciphcx) {
- NSS_CMSCipherContext_Destroy(envd->contentInfo.ciphcx);
- envd->contentInfo.ciphcx = NULL;
- }
-
- /* nothing else to do after data */
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Decode_BeforeData - find our recipientinfo,
- * derive bulk key & set up our contentinfo
- */
-SECStatus
-NSS_CMSEnvelopedData_Decode_BeforeData(NSSCMSEnvelopedData *envd)
-{
- NSSCMSRecipientInfo *ri;
- PK11SymKey *bulkkey = NULL;
- SECOidTag bulkalgtag;
- SECAlgorithmID *bulkalg;
- SECStatus rv = SECFailure;
- NSSCMSContentInfo *cinfo;
- NSSCMSRecipient **recipient_list = NULL;
- NSSCMSRecipient *recipient;
- int rlIndex;
-
- if (NSS_CMSArray_Count((void **)envd->recipientInfos) == 0) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
-#if 0
- PORT_SetErrorString("No recipient data in envelope.");
-#endif
- goto loser;
- }
-
- /* look if one of OUR cert's issuerSN is on the list of recipients, and if so, */
- /* get the cert and private key for it right away */
- recipient_list = nss_cms_recipient_list_create(envd->recipientInfos);
- if (recipient_list == NULL)
- goto loser;
-
- /* what about multiple recipientInfos that match?
- * especially if, for some reason, we could not produce a bulk key with the first match?!
- * we could loop & feed partial recipient_list to PK11_FindCertAndKeyByRecipientList...
- * maybe later... */
- rlIndex = PK11_FindCertAndKeyByRecipientListNew(recipient_list, envd->cmsg->pwfn_arg);
-
- /* if that fails, then we're not an intended recipient and cannot decrypt */
- if (rlIndex < 0) {
- PORT_SetError(SEC_ERROR_NOT_A_RECIPIENT);
-#if 0
- PORT_SetErrorString("Cannot decrypt data because proper key cannot be found.");
-#endif
- goto loser;
- }
-
- recipient = recipient_list[rlIndex];
- if (!recipient->cert || !recipient->privkey) {
- /* XXX should set an error code ?!? */
- goto loser;
- }
- /* get a pointer to "our" recipientinfo */
- ri = envd->recipientInfos[recipient->riIndex];
-
- cinfo = &(envd->contentInfo);
- bulkalgtag = NSS_CMSContentInfo_GetContentEncAlgTag(cinfo);
- bulkkey = NSS_CMSRecipientInfo_UnwrapBulkKey(ri,recipient->subIndex,
- recipient->cert,
- recipient->privkey,
- bulkalgtag);
- if (bulkkey == NULL) {
- /* no success finding a bulk key */
- goto loser;
- }
-
- NSS_CMSContentInfo_SetBulkKey(cinfo, bulkkey);
-
- bulkalg = NSS_CMSContentInfo_GetContentEncAlg(cinfo);
-
- cinfo->ciphcx = NSS_CMSCipherContext_StartDecrypt(bulkkey, bulkalg);
- if (cinfo->ciphcx == NULL)
- goto loser; /* error has been set by NSS_CMSCipherContext_StartDecrypt */
-
- /*
- * HACK ALERT!!
- * For PKCS5 Encryption Algorithms, the bulkkey is actually a different
- * structure. Therefore, we need to set the bulkkey to the actual key
- * prior to freeing it.
- */
- if (SEC_PKCS5IsAlgorithmPBEAlg(bulkalg)) {
- SEC_PKCS5KeyAndPassword *keyPwd = (SEC_PKCS5KeyAndPassword *)bulkkey;
- bulkkey = keyPwd->key;
- }
-
- rv = SECSuccess;
-
-loser:
- if (bulkkey)
- PK11_FreeSymKey(bulkkey);
- if (recipient_list != NULL)
- nss_cms_recipient_list_destroy(recipient_list);
- return rv;
-}
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterData - finish decrypting this envelopedData's content
- */
-SECStatus
-NSS_CMSEnvelopedData_Decode_AfterData(NSSCMSEnvelopedData *envd)
-{
- if (envd->contentInfo.ciphcx) {
- NSS_CMSCipherContext_Destroy(envd->contentInfo.ciphcx);
- envd->contentInfo.ciphcx = NULL;
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSEnvelopedData_Decode_AfterEnd - finish decoding this envelopedData
- */
-SECStatus
-NSS_CMSEnvelopedData_Decode_AfterEnd(NSSCMSEnvelopedData *envd)
-{
- /* apply final touches */
- return SECSuccess;
-}
-
diff --git a/security/nss/lib/smime/cmslocal.h b/security/nss/lib/smime/cmslocal.h
deleted file mode 100644
index e7f15c4e1..000000000
--- a/security/nss/lib/smime/cmslocal.h
+++ /dev/null
@@ -1,330 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for CMS implementation, none of which are exported.
- *
- * Do not export this file! If something in here is really needed outside
- * of smime code, first try to add a CMS interface which will do it for
- * you. If that has a problem, then just move out what you need, changing
- * its name as appropriate!
- *
- * $Id$
- */
-
-#ifndef _CMSLOCAL_H_
-#define _CMSLOCAL_H_
-
-#include "cms.h"
-#include "cmsreclist.h"
-#include "secasn1t.h"
-
-extern const SEC_ASN1Template NSSCMSContentInfoTemplate[];
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/***********************************************************************
- * cmscipher.c - en/decryption routines
- ***********************************************************************/
-
-/*
- * NSS_CMSCipherContext_StartDecrypt - create a cipher context to do decryption
- * based on the given bulk * encryption key and algorithm identifier (which may include an iv).
- */
-extern NSSCMSCipherContext *
-NSS_CMSCipherContext_StartDecrypt(PK11SymKey *key, SECAlgorithmID *algid);
-
-/*
- * NSS_CMSCipherContext_StartEncrypt - create a cipher object to do encryption,
- * based on the given bulk encryption key and algorithm tag. Fill in the algorithm
- * identifier (which may include an iv) appropriately.
- */
-extern NSSCMSCipherContext *
-NSS_CMSCipherContext_StartEncrypt(PRArenaPool *poolp, PK11SymKey *key, SECAlgorithmID *algid);
-
-extern void
-NSS_CMSCipherContext_Destroy(NSSCMSCipherContext *cc);
-
-/*
- * NSS_CMSCipherContext_DecryptLength - find the output length of the next call to decrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations. Note that the amount
- * is exactly accurate only when not doing a block cipher or when final
- * is false, otherwise it is an upper bound on the amount because until
- * we see the data we do not know how many padding bytes there are
- * (always between 1 and bsize).
- */
-extern unsigned int
-NSS_CMSCipherContext_DecryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final);
-
-/*
- * NSS_CMSCipherContext_EncryptLength - find the output length of the next call to encrypt.
- *
- * cc - the cipher context
- * input_len - number of bytes used as input
- * final - true if this is the final chunk of data
- *
- * Result can be used to perform memory allocations.
- */
-extern unsigned int
-NSS_CMSCipherContext_EncryptLength(NSSCMSCipherContext *cc, unsigned int input_len, PRBool final);
-
-/*
- * NSS_CMSCipherContext_Decrypt - do the decryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Decrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the decrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartDecrypt.
- * When "final" is true, this is the last of the data to be decrypted.
- */
-extern SECStatus
-NSS_CMSCipherContext_Decrypt(NSSCMSCipherContext *cc, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final);
-
-/*
- * NSS_CMSCipherContext_Encrypt - do the encryption
- *
- * cc - the cipher context
- * output - buffer for decrypted result bytes
- * output_len_p - number of bytes in output
- * max_output_len - upper bound on bytes to put into output
- * input - pointer to input bytes
- * input_len - number of input bytes
- * final - true if this is the final chunk of data
- *
- * Encrypts a given length of input buffer (starting at "input" and
- * containing "input_len" bytes), placing the encrypted bytes in
- * "output" and storing the output length in "*output_len_p".
- * "cc" is the return value from NSS_CMSCipher_StartEncrypt.
- * When "final" is true, this is the last of the data to be encrypted.
- */
-extern SECStatus
-NSS_CMSCipherContext_Encrypt(NSSCMSCipherContext *cc, unsigned char *output,
- unsigned int *output_len_p, unsigned int max_output_len,
- const unsigned char *input, unsigned int input_len,
- PRBool final);
-
-/************************************************************************
- * cmspubkey.c - public key operations
- ************************************************************************/
-
-/*
- * NSS_CMSUtil_EncryptSymKey_RSA - wrap a symmetric key with RSA
- *
- * this function takes a symmetric key and encrypts it using an RSA public key
- * according to PKCS#1 and RFC2633 (S/MIME)
- */
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_RSA(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
- SECItem *encKey);
-
-/*
- * NSS_CMSUtil_DecryptSymKey_RSA - unwrap a RSA-wrapped symmetric key
- *
- * this function takes an RSA-wrapped symmetric key and unwraps it, returning a symmetric
- * key handle. Please note that the actual unwrapped key data may not be allowed to leave
- * a hardware token...
- */
-extern PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOidTag bulkalgtag);
-
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_MISSI(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
- SECOidTag symalgtag, SECItem *encKey, SECItem **pparams, void *pwfn_arg);
-
-extern PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_MISSI(SECKEYPrivateKey *privkey, SECItem *encKey,
- SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg);
-
-extern SECStatus
-NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
- SECItem *encKey, SECItem **ukm, SECAlgorithmID *keyEncAlg,
- SECItem *originatorPubKey);
-
-extern PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_ESDH(SECKEYPrivateKey *privkey, SECItem *encKey,
- SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg);
-
-/************************************************************************
- * cmsreclist.c - recipient list stuff
- ************************************************************************/
-extern NSSCMSRecipient **nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos);
-extern void nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list);
-extern NSSCMSRecipientEncryptedKey *NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp);
-
-/************************************************************************
- * cmsarray.c - misc array functions
- ************************************************************************/
-/*
- * NSS_CMSArray_Alloc - allocate an array in an arena
- */
-extern void **
-NSS_CMSArray_Alloc(PRArenaPool *poolp, int n);
-
-/*
- * NSS_CMSArray_Add - add an element to the end of an array
- */
-extern SECStatus
-NSS_CMSArray_Add(PRArenaPool *poolp, void ***array, void *obj);
-
-/*
- * NSS_CMSArray_IsEmpty - check if array is empty
- */
-extern PRBool
-NSS_CMSArray_IsEmpty(void **array);
-
-/*
- * NSS_CMSArray_Count - count number of elements in array
- */
-extern int
-NSS_CMSArray_Count(void **array);
-
-/*
- * NSS_CMSArray_Sort - sort an array ascending, in place
- *
- * If "secondary" is not NULL, the same reordering gets applied to it.
- * If "tertiary" is not NULL, the same reordering gets applied to it.
- * "compare" is a function that returns
- * < 0 when the first element is less than the second
- * = 0 when the first element is equal to the second
- * > 0 when the first element is greater than the second
- */
-extern void
-NSS_CMSArray_Sort(void **primary, int (*compare)(void *,void *), void **secondary, void **tertiary);
-
-/************************************************************************
- * cmsattr.c - misc attribute functions
- ************************************************************************/
-/*
- * NSS_CMSAttribute_Create - create an attribute
- *
- * if value is NULL, the attribute won't have a value. It can be added later
- * with NSS_CMSAttribute_AddValue.
- */
-extern NSSCMSAttribute *
-NSS_CMSAttribute_Create(PRArenaPool *poolp, SECOidTag oidtag, SECItem *value, PRBool encoded);
-
-/*
- * NSS_CMSAttribute_AddValue - add another value to an attribute
- */
-extern SECStatus
-NSS_CMSAttribute_AddValue(PLArenaPool *poolp, NSSCMSAttribute *attr, SECItem *value);
-
-/*
- * NSS_CMSAttribute_GetType - return the OID tag
- */
-extern SECOidTag
-NSS_CMSAttribute_GetType(NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSAttribute_GetValue - return the first attribute value
- *
- * We do some sanity checking first:
- * - Multiple values are *not* expected.
- * - Empty values are *not* expected.
- */
-extern SECItem *
-NSS_CMSAttribute_GetValue(NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSAttribute_CompareValue - compare the attribute's first value against data
- */
-extern PRBool
-NSS_CMSAttribute_CompareValue(NSSCMSAttribute *attr, SECItem *av);
-
-/*
- * NSS_CMSAttributeArray_Encode - encode an Attribute array as SET OF Attributes
- *
- * If you are wondering why this routine does not reorder the attributes
- * first, and might be tempted to make it do so, see the comment by the
- * call to ReorderAttributes in cmsencode.c. (Or, see who else calls this
- * and think long and hard about the implications of making it always
- * do the reordering.)
- */
-extern SECItem *
-NSS_CMSAttributeArray_Encode(PRArenaPool *poolp, NSSCMSAttribute ***attrs, SECItem *dest);
-
-/*
- * NSS_CMSAttributeArray_Reorder - sort attribute array by attribute's DER encoding
- *
- * make sure that the order of the attributes guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in attrs).
- */
-extern SECStatus
-NSS_CMSAttributeArray_Reorder(NSSCMSAttribute **attrs);
-
-/*
- * NSS_CMSAttributeArray_FindAttrByOidTag - look through a set of attributes and
- * find one that matches the specified object ID.
- *
- * If "only" is true, then make sure that there is not more than one attribute
- * of the same type. Otherwise, just return the first one found. (XXX Does
- * anybody really want that first-found behavior? It was like that when I found it...)
- */
-extern NSSCMSAttribute *
-NSS_CMSAttributeArray_FindAttrByOidTag(NSSCMSAttribute **attrs, SECOidTag oidtag, PRBool only);
-
-/*
- * NSS_CMSAttributeArray_AddAttr - add an attribute to an
- * array of attributes.
- */
-extern SECStatus
-NSS_CMSAttributeArray_AddAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, NSSCMSAttribute *attr);
-
-/*
- * NSS_CMSAttributeArray_SetAttr - set an attribute's value in a set of attributes
- */
-extern SECStatus
-NSS_CMSAttributeArray_SetAttr(PLArenaPool *poolp, NSSCMSAttribute ***attrs, SECOidTag type, SECItem *value, PRBool encoded);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _CMSLOCAL_H_ */
diff --git a/security/nss/lib/smime/cmsmessage.c b/security/nss/lib/smime/cmsmessage.c
deleted file mode 100644
index 21a730e6f..000000000
--- a/security/nss/lib/smime/cmsmessage.c
+++ /dev/null
@@ -1,315 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS message methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSMessage_Create - create a CMS message object
- *
- * "poolp" - arena to allocate memory from, or NULL if new arena should be created
- */
-NSSCMSMessage *
-NSS_CMSMessage_Create(PLArenaPool *poolp)
-{
- void *mark = NULL;
- NSSCMSMessage *cmsg;
- PRBool poolp_is_ours = PR_FALSE;
-
- if (poolp == NULL) {
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- return NULL;
- poolp_is_ours = PR_TRUE;
- }
-
- if (!poolp_is_ours)
- mark = PORT_ArenaMark(poolp);
-
- cmsg = (NSSCMSMessage *)PORT_ArenaZAlloc (poolp, sizeof(NSSCMSMessage));
- if (cmsg == NULL) {
- if (!poolp_is_ours) {
- if (mark) {
- PORT_ArenaRelease(poolp, mark);
- }
- } else
- PORT_FreeArena(poolp, PR_FALSE);
- return NULL;
- }
-
- cmsg->poolp = poolp;
- cmsg->poolp_is_ours = poolp_is_ours;
- cmsg->refCount = 1;
-
- if (mark)
- PORT_ArenaUnmark(poolp, mark);
-
- return cmsg;
-}
-
-/*
- * NSS_CMSMessage_SetEncodingParams - set up a CMS message object for encoding or decoding
- *
- * "cmsg" - message object
- * "pwfn", pwfn_arg" - callback function for getting token password
- * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
- * "detached_digestalgs", "detached_digests" - digests from detached content
- */
-void
-NSS_CMSMessage_SetEncodingParams(NSSCMSMessage *cmsg,
- PK11PasswordFunc pwfn, void *pwfn_arg,
- NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
- SECAlgorithmID **detached_digestalgs, SECItem **detached_digests)
-{
- if (pwfn)
- PK11_SetPasswordFunc(pwfn);
- cmsg->pwfn_arg = pwfn_arg;
- cmsg->decrypt_key_cb = decrypt_key_cb;
- cmsg->decrypt_key_cb_arg = decrypt_key_cb_arg;
- cmsg->detached_digestalgs = detached_digestalgs;
- cmsg->detached_digests = detached_digests;
-}
-
-/*
- * NSS_CMSMessage_Destroy - destroy a CMS message and all of its sub-pieces.
- */
-void
-NSS_CMSMessage_Destroy(NSSCMSMessage *cmsg)
-{
- PORT_Assert (cmsg->refCount > 0);
- if (cmsg->refCount <= 0) /* oops */
- return;
-
- cmsg->refCount--; /* thread safety? */
- if (cmsg->refCount > 0)
- return;
-
- NSS_CMSContentInfo_Destroy(&(cmsg->contentInfo));
-
- /* if poolp is not NULL, cmsg is the owner of its arena */
- if (cmsg->poolp_is_ours)
- PORT_FreeArena (cmsg->poolp, PR_FALSE); /* XXX clear it? */
-}
-
-/*
- * NSS_CMSMessage_Copy - return a copy of the given message.
- *
- * The copy may be virtual or may be real -- either way, the result needs
- * to be passed to NSS_CMSMessage_Destroy later (as does the original).
- */
-NSSCMSMessage *
-NSS_CMSMessage_Copy(NSSCMSMessage *cmsg)
-{
- if (cmsg == NULL)
- return NULL;
-
- PORT_Assert (cmsg->refCount > 0);
-
- cmsg->refCount++; /* XXX chrisk thread safety? */
- return cmsg;
-}
-
-/*
- * NSS_CMSMessage_GetArena - return a pointer to the message's arena pool
- */
-PLArenaPool *
-NSS_CMSMessage_GetArena(NSSCMSMessage *cmsg)
-{
- return cmsg->poolp;
-}
-
-/*
- * NSS_CMSMessage_GetContentInfo - return a pointer to the top level contentInfo
- */
-NSSCMSContentInfo *
-NSS_CMSMessage_GetContentInfo(NSSCMSMessage *cmsg)
-{
- return &(cmsg->contentInfo);
-}
-
-/*
- * Return a pointer to the actual content.
- * In the case of those types which are encrypted, this returns the *plain* content.
- * In case of nested contentInfos, this descends and retrieves the innermost content.
- */
-SECItem *
-NSS_CMSMessage_GetContent(NSSCMSMessage *cmsg)
-{
- /* this is a shortcut */
- return NSS_CMSContentInfo_GetInnerContent(NSS_CMSMessage_GetContentInfo(cmsg));
-}
-
-/*
- * NSS_CMSMessage_ContentLevelCount - count number of levels of CMS content objects in this message
- *
- * CMS data content objects do not count.
- */
-int
-NSS_CMSMessage_ContentLevelCount(NSSCMSMessage *cmsg)
-{
- int count = 0;
- NSSCMSContentInfo *cinfo;
-
- /* walk down the chain of contentinfos */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
- count++;
- }
- return count;
-}
-
-/*
- * NSS_CMSMessage_ContentLevel - find content level #n
- *
- * CMS data content objects do not count.
- */
-NSSCMSContentInfo *
-NSS_CMSMessage_ContentLevel(NSSCMSMessage *cmsg, int n)
-{
- int count = 0;
- NSSCMSContentInfo *cinfo;
-
- /* walk down the chain of contentinfos */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL && count < n; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
- count++;
- }
-
- return cinfo;
-}
-
-/*
- * NSS_CMSMessage_ContainsCertsOrCrls - see if message contains certs along the way
- */
-PRBool
-NSS_CMSMessage_ContainsCertsOrCrls(NSSCMSMessage *cmsg)
-{
- NSSCMSContentInfo *cinfo;
-
- /* descend into CMS message */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo)) {
- if (NSS_CMSContentInfo_GetContentTypeTag(cinfo) != SEC_OID_PKCS7_SIGNED_DATA)
- continue; /* next level */
-
- if (NSS_CMSSignedData_ContainsCertsOrCrls(cinfo->content.signedData))
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-/*
- * NSS_CMSMessage_IsEncrypted - see if message contains a encrypted submessage
- */
-PRBool
-NSS_CMSMessage_IsEncrypted(NSSCMSMessage *cmsg)
-{
- NSSCMSContentInfo *cinfo;
-
- /* walk down the chain of contentinfos */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo))
- {
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- return PR_TRUE;
- default:
- break;
- }
- }
- return PR_FALSE;
-}
-
-/*
- * NSS_CMSMessage_IsSigned - see if message contains a signed submessage
- *
- * If the CMS message has a SignedData with a signature (not just a SignedData)
- * return true; false otherwise. This can/should be called before calling
- * VerifySignature, which will always indicate failure if no signature is
- * present, but that does not mean there even was a signature!
- * Note that the content itself can be empty (detached content was sent
- * another way); it is the presence of the signature that matters.
- */
-PRBool
-NSS_CMSMessage_IsSigned(NSSCMSMessage *cmsg)
-{
- NSSCMSContentInfo *cinfo;
-
- /* walk down the chain of contentinfos */
- for (cinfo = &(cmsg->contentInfo); cinfo != NULL; cinfo = NSS_CMSContentInfo_GetChildContentInfo(cinfo))
- {
- switch (NSS_CMSContentInfo_GetContentTypeTag(cinfo)) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- if (!NSS_CMSArray_IsEmpty((void **)cinfo->content.signedData->signerInfos))
- return PR_TRUE;
- break;
- default:
- break;
- }
- }
- return PR_FALSE;
-}
-
-/*
- * NSS_CMSMessage_IsContentEmpty - see if content is empty
- *
- * returns PR_TRUE is innermost content length is < minLen
- * XXX need the encrypted content length (why?)
- */
-PRBool
-NSS_CMSMessage_IsContentEmpty(NSSCMSMessage *cmsg, unsigned int minLen)
-{
- SECItem *item = NULL;
-
- if (cmsg == NULL)
- return PR_TRUE;
-
- item = NSS_CMSContentInfo_GetContent(NSS_CMSMessage_GetContentInfo(cmsg));
-
- if (!item) {
- return PR_TRUE;
- } else if(item->len <= minLen) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
diff --git a/security/nss/lib/smime/cmspubkey.c b/security/nss/lib/smime/cmspubkey.c
deleted file mode 100644
index 043b6cfc1..000000000
--- a/security/nss/lib/smime/cmspubkey.c
+++ /dev/null
@@ -1,531 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS public key crypto
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-/* ====== RSA ======================================================================= */
-
-/*
- * NSS_CMSUtil_EncryptSymKey_RSA - wrap a symmetric key with RSA
- *
- * this function takes a symmetric key and encrypts it using an RSA public key
- * according to PKCS#1 and RFC2633 (S/MIME)
- */
-SECStatus
-NSS_CMSUtil_EncryptSymKey_RSA(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *bulkkey,
- SECItem *encKey)
-{
- SECOidTag certalgtag; /* the certificate's encryption algorithm */
- SECOidTag encalgtag; /* the algorithm used for key exchange/agreement */
- SECStatus rv;
- SECKEYPublicKey *publickey;
- int data_len;
- void *mark;
-
- /* sanity check */
- certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
- PORT_Assert(certalgtag == SEC_OID_PKCS1_RSA_ENCRYPTION);
-
- encalgtag = SEC_OID_PKCS1_RSA_ENCRYPTION;
- publickey = CERT_ExtractPublicKey(cert);
- if (publickey == NULL)
- goto loser;
-
- mark = PORT_ArenaMark(poolp);
-
- /* allocate memory for the encrypted key */
- data_len = SECKEY_PublicKeyStrength(publickey); /* block size (assumed to be > keylen) */
- encKey->data = (unsigned char*)PORT_ArenaAlloc(poolp, data_len);
- encKey->len = data_len;
- if (encKey->data == NULL)
- goto loser;
-
- /* encrypt the key now */
- rv = PK11_PubWrapSymKey(PK11_AlgtagToMechanism(SEC_OID_PKCS1_RSA_ENCRYPTION),
- publickey, bulkkey, encKey);
-
- SECKEY_DestroyPublicKey(publickey);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSUtil_DecryptSymKey_RSA - unwrap a RSA-wrapped symmetric key
- *
- * this function takes an RSA-wrapped symmetric key and unwraps it, returning a symmetric
- * key handle. Please note that the actual unwrapped key data may not be allowed to leave
- * a hardware token...
- */
-PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOidTag bulkalgtag)
-{
- /* that's easy */
- return PK11_PubUnwrapSymKey(privkey, encKey, PK11_AlgtagToMechanism(bulkalgtag), CKA_DECRYPT, 0);
-}
-
-/* ====== MISSI (Fortezza) ========================================================== */
-
-extern const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[];
-
-SECStatus
-NSS_CMSUtil_EncryptSymKey_MISSI(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *bulkkey,
- SECOidTag symalgtag, SECItem *encKey, SECItem **pparams, void *pwfn_arg)
-{
- SECOidTag certalgtag; /* the certificate's encryption algorithm */
- SECOidTag encalgtag; /* the algorithm used for key exchange/agreement */
- SECStatus rv = SECFailure;
- SECItem *params = NULL;
- SECStatus err;
- PK11SymKey *tek;
- CERTCertificate *ourCert;
- SECKEYPublicKey *ourPubKey, *publickey = NULL;
- SECKEYPrivateKey *ourPrivKey = NULL;
- NSSCMSKEATemplateSelector whichKEA;
- NSSCMSSMIMEKEAParameters keaParams;
- PLArenaPool *arena;
- extern const SEC_ASN1Template *nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate);
-
- /* Clear keaParams, since cleanup code checks the lengths */
- (void) memset(&keaParams, 0, sizeof(keaParams));
-
- certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
- PORT_Assert(certalgtag == SEC_OID_MISSI_KEA_DSS_OLD ||
- certalgtag == SEC_OID_MISSI_KEA_DSS ||
- certalgtag == SEC_OID_MISSI_KEA);
-
-#define SMIME_FORTEZZA_RA_LENGTH 128
-#define SMIME_FORTEZZA_IV_LENGTH 24
-#define SMIME_FORTEZZA_MAX_KEY_SIZE 256
-
- /* We really want to show our KEA tag as the key exchange algorithm tag. */
- encalgtag = SEC_OID_NETSCAPE_SMIME_KEA;
-
- /* Get the public key of the recipient. */
- publickey = CERT_ExtractPublicKey(cert);
- if (publickey == NULL) goto loser;
-
- /* Find our own cert, and extract its keys. */
- ourCert = PK11_FindBestKEAMatch(cert, pwfn_arg);
- if (ourCert == NULL) goto loser;
-
- arena = PORT_NewArena(1024);
- if (arena == NULL)
- goto loser;
-
- ourPubKey = CERT_ExtractPublicKey(ourCert);
- if (ourPubKey == NULL) {
- CERT_DestroyCertificate(ourCert);
- goto loser;
- }
-
- /* While we're here, copy the public key into the outgoing
- * KEA parameters. */
- SECITEM_CopyItem(arena, &(keaParams.originatorKEAKey), &(ourPubKey->u.fortezza.KEAKey));
- SECKEY_DestroyPublicKey(ourPubKey);
- ourPubKey = NULL;
-
- /* Extract our private key in order to derive the KEA key. */
- ourPrivKey = PK11_FindKeyByAnyCert(ourCert, pwfn_arg);
- CERT_DestroyCertificate(ourCert); /* we're done with this */
- if (!ourPrivKey)
- goto loser;
-
- /* Prepare raItem with 128 bytes (filled with zeros). */
- keaParams.originatorRA.data = (unsigned char *)PORT_ArenaAlloc(arena,SMIME_FORTEZZA_RA_LENGTH);
- keaParams.originatorRA.len = SMIME_FORTEZZA_RA_LENGTH;
-
- /* Generate the TEK (token exchange key) which we use
- * to wrap the bulk encryption key. (keaparams.originatorRA) will be
- * filled with a random seed which we need to send to
- * the recipient. (user keying material in RFC2630/DSA speak) */
- tek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
- &keaParams.originatorRA, NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, pwfn_arg);
-
- SECKEY_DestroyPublicKey(publickey);
- SECKEY_DestroyPrivateKey(ourPrivKey);
- publickey = NULL;
- ourPrivKey = NULL;
-
- if (!tek)
- goto loser;
-
- /* allocate space for the wrapped key data */
- encKey->data = (unsigned char *)PORT_ArenaAlloc(poolp, SMIME_FORTEZZA_MAX_KEY_SIZE);
- encKey->len = SMIME_FORTEZZA_MAX_KEY_SIZE;
-
- if (encKey->data == NULL) {
- PK11_FreeSymKey(tek);
- goto loser;
- }
-
- /* Wrap the bulk key. What we do with the resulting data
- depends on whether we're using Skipjack to wrap the key. */
- switch (PK11_AlgtagToMechanism(symalgtag)) {
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- /* SKIPJACK, we use the wrap mechanism because we can do it on the hardware */
- err = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, bulkkey, encKey);
- whichKEA = NSSCMSKEAUsesSkipjack;
- break;
- default:
- /* Not SKIPJACK, we encrypt the raw key data */
- keaParams.nonSkipjackIV.data =
- (unsigned char *)PORT_ArenaAlloc(arena, SMIME_FORTEZZA_IV_LENGTH);
- keaParams.nonSkipjackIV.len = SMIME_FORTEZZA_IV_LENGTH;
- err = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &keaParams.nonSkipjackIV, tek, bulkkey, encKey);
- if (err != SECSuccess)
- goto loser;
-
- if (encKey->len != PK11_GetKeyLength(bulkkey)) {
- /* The size of the encrypted key is not the same as
- that of the original bulk key, presumably due to
- padding. Encode and store the real size of the
- bulk key. */
- if (SEC_ASN1EncodeInteger(arena, &keaParams.bulkKeySize, PK11_GetKeyLength(bulkkey)) == NULL)
- err = (SECStatus)PORT_GetError();
- else
- /* use full template for encoding */
- whichKEA = NSSCMSKEAUsesNonSkipjackWithPaddedEncKey;
- }
- else
- /* enc key length == bulk key length */
- whichKEA = NSSCMSKEAUsesNonSkipjack;
- break;
- }
-
- PK11_FreeSymKey(tek);
- if (err != SECSuccess)
- goto loser;
-
- /* Encode the KEA parameters into the recipient info. */
- params = SEC_ASN1EncodeItem(poolp, NULL, &keaParams, nss_cms_get_kea_template(whichKEA));
- if (params == NULL)
- goto loser;
-
- /* pass back the algorithm params */
- *pparams = params;
-
- rv = SECSuccess;
-
-loser:
- if (arena)
- PORT_FreeArena(arena, PR_FALSE);
- if (publickey)
- SECKEY_DestroyPublicKey(publickey);
- if (ourPrivKey)
- SECKEY_DestroyPrivateKey(ourPrivKey);
- return rv;
-}
-
-PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_MISSI(SECKEYPrivateKey *privkey, SECItem *encKey, SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg)
-{
- /* fortezza: do a key exchange */
- SECStatus err;
- CK_MECHANISM_TYPE bulkType;
- PK11SymKey *tek;
- SECKEYPublicKey *originatorPubKey;
- NSSCMSSMIMEKEAParameters keaParams;
- PK11SymKey *bulkkey;
- int bulkLength;
-
- (void) memset(&keaParams, 0, sizeof(keaParams));
-
- /* NOTE: this uses the SMIME v2 recipientinfo for compatibility.
- All additional KEA parameters are DER-encoded in the encryption algorithm parameters */
-
- /* Decode the KEA algorithm parameters. */
- err = SEC_ASN1DecodeItem(NULL, &keaParams, NSS_SMIMEKEAParamTemplateAllParams,
- &(keyEncAlg->parameters));
- if (err != SECSuccess)
- goto loser;
-
- /* get originator's public key */
- originatorPubKey = PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
- keaParams.originatorKEAKey.len);
- if (originatorPubKey == NULL)
- goto loser;
-
- /* Generate the TEK (token exchange key) which we use to unwrap the bulk encryption key.
- The Derive function generates a shared secret and combines it with the originatorRA
- data to come up with an unique session key */
- tek = PK11_PubDerive(privkey, originatorPubKey, PR_FALSE,
- &keaParams.originatorRA, NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, pwfn_arg);
- SECKEY_DestroyPublicKey(originatorPubKey); /* not needed anymore */
- if (tek == NULL)
- goto loser;
-
- /* Now that we have the TEK, unwrap the bulk key
- with which to decrypt the message. We have to
- do one of two different things depending on
- whether Skipjack was used for *bulk* encryption
- of the message. */
- bulkType = PK11_AlgtagToMechanism(bulkalgtag);
- switch (bulkType) {
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- /* Skipjack is being used as the bulk encryption algorithm.*/
- /* Unwrap the bulk key. */
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL,
- encKey, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- break;
- default:
- /* Skipjack was not used for bulk encryption of this
- message. Use Skipjack CBC64, with the nonSkipjackIV
- part of the KEA key parameters, to decrypt
- the bulk key. If the optional parameter bulkKeySize is present,
- bulk key size is different than the encrypted key size */
- if (keaParams.bulkKeySize.len > 0) {
- err = SEC_ASN1DecodeItem(NULL, &bulkLength,
- SEC_ASN1_GET(SEC_IntegerTemplate),
- &keaParams.bulkKeySize);
- if (err != SECSuccess)
- goto loser;
- }
-
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64, &keaParams.nonSkipjackIV,
- encKey, bulkType, CKA_DECRYPT, bulkLength);
- break;
- }
- return bulkkey;
-loser:
- return NULL;
-}
-
-/* ====== ESDH (Ephemeral-Static Diffie-Hellman) ==================================== */
-
-SECStatus
-NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
- SECItem *encKey, SECItem **ukm, SECAlgorithmID *keyEncAlg,
- SECItem *pubKey)
-{
-#if 0 /* not yet done */
- SECOidTag certalgtag; /* the certificate's encryption algorithm */
- SECOidTag encalgtag; /* the algorithm used for key exchange/agreement */
- SECStatus rv;
- SECItem *params = NULL;
- int data_len;
- SECStatus err;
- PK11SymKey *tek;
- CERTCertificate *ourCert;
- SECKEYPublicKey *ourPubKey;
- NSSCMSKEATemplateSelector whichKEA;
-
- certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
- PORT_Assert(certalgtag == SEC_OID_X942_DIFFIE_HELMAN_KEY);
-
- /* We really want to show our KEA tag as the key exchange algorithm tag. */
- encalgtag = SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN;
-
- /* Get the public key of the recipient. */
- publickey = CERT_ExtractPublicKey(cert);
- if (publickey == NULL) goto loser;
-
- /* XXXX generate a DH key pair on a PKCS11 module (XXX which parameters?) */
- /* XXXX */ourCert = PK11_FindBestKEAMatch(cert, wincx);
- if (ourCert == NULL) goto loser;
-
- arena = PORT_NewArena(1024);
- if (arena == NULL) goto loser;
-
- /* While we're here, extract the key pair's public key data and copy it into */
- /* the outgoing parameters. */
- /* XXXX */ourPubKey = CERT_ExtractPublicKey(ourCert);
- if (ourPubKey == NULL)
- {
- goto loser;
- }
- SECITEM_CopyItem(arena, pubKey, /* XXX */&(ourPubKey->u.fortezza.KEAKey));
- SECKEY_DestroyPublicKey(ourPubKey); /* we only need the private key from now on */
- ourPubKey = NULL;
-
- /* Extract our private key in order to derive the KEA key. */
- ourPrivKey = PK11_FindKeyByAnyCert(ourCert,wincx);
- CERT_DestroyCertificate(ourCert); /* we're done with this */
- if (!ourPrivKey) goto loser;
-
- /* If ukm desired, prepare it - allocate enough space (filled with zeros). */
- if (ukm) {
- ukm->data = (unsigned char*)PORT_ArenaZAlloc(arena,/* XXXX */);
- ukm->len = /* XXXX */;
- }
-
- /* Generate the KEK (key exchange key) according to RFC2631 which we use
- * to wrap the bulk encryption key. */
- kek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
- ukm, NULL,
- /* XXXX */CKM_KEA_KEY_DERIVE, /* XXXX */CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, wincx);
-
- SECKEY_DestroyPublicKey(publickey);
- SECKEY_DestroyPrivateKey(ourPrivKey);
- publickey = NULL;
- ourPrivKey = NULL;
-
- if (!kek)
- goto loser;
-
- /* allocate space for the encrypted CEK (bulk key) */
- encKey->data = (unsigned char*)PORT_ArenaAlloc(poolp, SMIME_FORTEZZA_MAX_KEY_SIZE);
- encKey->len = SMIME_FORTEZZA_MAX_KEY_SIZE;
-
- if (encKey->data == NULL)
- {
- PK11_FreeSymKey(kek);
- goto loser;
- }
-
-
- /* Wrap the bulk key using CMSRC2WRAP or CMS3DESWRAP, depending on the */
- /* bulk encryption algorithm */
- switch (/* XXXX */PK11_AlgtagToMechanism(enccinfo->encalg))
- {
- case /* XXXX */CKM_SKIPJACK_CFB8:
- err = PK11_WrapSymKey(/* XXXX */CKM_CMS3DES_WRAP, NULL, kek, bulkkey, encKey);
- whichKEA = NSSCMSKEAUsesSkipjack;
- break;
- case /* XXXX */CKM_SKIPJACK_CFB8:
- err = PK11_WrapSymKey(/* XXXX */CKM_CMSRC2_WRAP, NULL, kek, bulkkey, encKey);
- whichKEA = NSSCMSKEAUsesSkipjack;
- break;
- default:
- /* XXXX what do we do here? Neither RC2 nor 3DES... */
- break;
- }
-
- PK11_FreeSymKey(kek); /* we do not need the KEK anymore */
- if (err != SECSuccess)
- goto loser;
-
- /* see RFC2630 12.3.1.1 "keyEncryptionAlgorithm must be ..." */
- /* params is the DER encoded key wrap algorithm (with parameters!) (XXX) */
- params = SEC_ASN1EncodeItem(arena, NULL, &keaParams, sec_pkcs7_get_kea_template(whichKEA));
- if (params == NULL)
- goto loser;
-
- /* now set keyEncAlg */
- rv = SECOID_SetAlgorithmID(poolp, keyEncAlg, SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN, params);
- if (rv != SECSuccess)
- goto loser;
-
- /* XXXXXXX this is not right yet */
-loser:
- if (arena) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if (publickey) {
- SECKEY_DestroyPublicKey(publickey);
- }
- if (ourPrivKey) {
- SECKEY_DestroyPrivateKey(ourPrivKey);
- }
-#endif
- return SECFailure;
-}
-
-PK11SymKey *
-NSS_CMSUtil_DecryptSymKey_ESDH(SECKEYPrivateKey *privkey, SECItem *encKey, SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg)
-{
-#if 0 /* not yet done */
- SECStatus err;
- CK_MECHANISM_TYPE bulkType;
- PK11SymKey *tek;
- SECKEYPublicKey *originatorPubKey;
- NSSCMSSMIMEKEAParameters keaParams;
-
- /* XXXX get originator's public key */
- originatorPubKey = PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
- keaParams.originatorKEAKey.len);
- if (originatorPubKey == NULL)
- goto loser;
-
- /* Generate the TEK (token exchange key) which we use to unwrap the bulk encryption key.
- The Derive function generates a shared secret and combines it with the originatorRA
- data to come up with an unique session key */
- tek = PK11_PubDerive(privkey, originatorPubKey, PR_FALSE,
- &keaParams.originatorRA, NULL,
- CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
- CKA_WRAP, 0, pwfn_arg);
- SECKEY_DestroyPublicKey(originatorPubKey); /* not needed anymore */
- if (tek == NULL)
- goto loser;
-
- /* Now that we have the TEK, unwrap the bulk key
- with which to decrypt the message. */
- /* Skipjack is being used as the bulk encryption algorithm.*/
- /* Unwrap the bulk key. */
- bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL,
- encKey, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
-
- return bulkkey;
-
-loser:
-#endif
- return NULL;
-}
-
diff --git a/security/nss/lib/smime/cmsrecinfo.c b/security/nss/lib/smime/cmsrecinfo.c
deleted file mode 100644
index 8fe5d9887..000000000
--- a/security/nss/lib/smime/cmsrecinfo.c
+++ /dev/null
@@ -1,423 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS recipientInfo methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-/*
- * NSS_CMSRecipientInfo_Create - create a recipientinfo
- *
- * we currently do not create KeyAgreement recipientinfos with multiple recipientEncryptedKeys
- * the certificate is supposed to have been verified by the caller
- */
-NSSCMSRecipientInfo *
-NSS_CMSRecipientInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert)
-{
- NSSCMSRecipientInfo *ri;
- void *mark;
- SECOidTag certalgtag;
- SECStatus rv = SECSuccess;
- NSSCMSRecipientEncryptedKey *rek;
- NSSCMSOriginatorIdentifierOrKey *oiok;
- unsigned long version;
- SECItem *dummy;
- PLArenaPool *poolp;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- ri = (NSSCMSRecipientInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientInfo));
- if (ri == NULL)
- goto loser;
-
- ri->cmsg = cmsg;
- ri->cert = CERT_DupCertificate(cert);
- if (ri->cert == NULL)
- goto loser;
-
- certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
- switch (certalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- ri->recipientInfoType = NSSCMSRecipientInfoID_KeyTrans;
- /* hardcoded issuerSN choice for now */
- ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType = NSSCMSRecipientID_IssuerSN;
- ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert);
- if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) {
- rv = SECFailure;
- break;
- }
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA:
- /* backward compatibility - this is not really a keytrans operation */
- ri->recipientInfoType = NSSCMSRecipientInfoID_KeyTrans;
- /* hardcoded issuerSN choice for now */
- ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType = NSSCMSRecipientID_IssuerSN;
- ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert);
- if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) {
- rv = SECFailure;
- break;
- }
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */
- /* a key agreement op */
- ri->recipientInfoType = NSSCMSRecipientInfoID_KeyAgree;
-
- if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) {
- rv = SECFailure;
- break;
- }
- /* we do not support the case where multiple recipients
- * share the same KeyAgreeRecipientInfo and have multiple RecipientEncryptedKeys
- * in this case, we would need to walk all the recipientInfos, take the
- * ones that do KeyAgreement algorithms and join them, algorithm by algorithm
- * Then, we'd generate ONE ukm and OriginatorIdentifierOrKey */
-
- /* only epheremal-static Diffie-Hellman is supported for now
- * this is the only form of key agreement that provides potential anonymity
- * of the sender, plus we do not have to include certs in the message */
-
- /* force single recipientEncryptedKey for now */
- if ((rek = NSS_CMSRecipientEncryptedKey_Create(poolp)) == NULL) {
- rv = SECFailure;
- break;
- }
-
- /* hardcoded IssuerSN choice for now */
- rek->recipientIdentifier.identifierType = NSSCMSKeyAgreeRecipientID_IssuerSN;
- if ((rek->recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL) {
- rv = SECFailure;
- break;
- }
-
- oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
-
- /* see RFC2630 12.3.1.1 */
- oiok->identifierType = NSSCMSOriginatorIDOrKey_OriginatorPublicKey;
-
- rv = NSS_CMSArray_Add(poolp, (void ***)&ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys,
- (void *)rek);
-
- break;
- default:
- /* other algorithms not supported yet */
- /* NOTE that we do not support any KEK algorithm */
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- rv = SECFailure;
- break;
- }
-
- if (rv == SECFailure)
- goto loser;
-
- /* set version */
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- if (ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType == NSSCMSRecipientID_IssuerSN)
- version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_ISSUERSN;
- else
- version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_SUBJKEY;
- dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyTransRecipientInfo.version), version);
- if (dummy == NULL)
- goto loser;
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyAgreeRecipientInfo.version),
- NSS_CMS_KEYAGREE_RECIPIENT_INFO_VERSION);
- if (dummy == NULL)
- goto loser;
- break;
- case NSSCMSRecipientInfoID_KEK:
- /* NOTE: this cannot happen as long as we do not support any KEK algorithm */
- dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.kekRecipientInfo.version),
- NSS_CMS_KEK_RECIPIENT_INFO_VERSION);
- if (dummy == NULL)
- goto loser;
- break;
-
- }
-
- PORT_ArenaUnmark (poolp, mark);
- return ri;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return NULL;
-}
-
-void
-NSS_CMSRecipientInfo_Destroy(NSSCMSRecipientInfo *ri)
-{
- /* version was allocated on the pool, so no need to destroy it */
- /* issuerAndSN was allocated on the pool, so no need to destroy it */
- if (ri->cert != NULL)
- CERT_DestroyCertificate(ri->cert);
- /* recipientInfo structure itself was allocated on the pool, so no need to destroy it */
- /* we're done. */
-}
-
-int
-NSS_CMSRecipientInfo_GetVersion(NSSCMSRecipientInfo *ri)
-{
- unsigned long version;
- SECItem *versionitem;
-
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- /* ignore subIndex */
- versionitem = &(ri->ri.keyTransRecipientInfo.version);
- break;
- case NSSCMSRecipientInfoID_KEK:
- /* ignore subIndex */
- versionitem = &(ri->ri.kekRecipientInfo.version);
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- versionitem = &(ri->ri.keyAgreeRecipientInfo.version);
- break;
- }
- /* always take apart the SECItem */
- if (SEC_ASN1DecodeInteger(versionitem, &version) != SECSuccess)
- return 0;
- else
- return (int)version;
-}
-
-SECItem *
-NSS_CMSRecipientInfo_GetEncryptedKey(NSSCMSRecipientInfo *ri, int subIndex)
-{
- SECItem *enckey;
-
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- /* ignore subIndex */
- enckey = &(ri->ri.keyTransRecipientInfo.encKey);
- break;
- case NSSCMSRecipientInfoID_KEK:
- /* ignore subIndex */
- enckey = &(ri->ri.kekRecipientInfo.encKey);
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- enckey = &(ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[subIndex]->encKey);
- break;
- }
- return enckey;
-}
-
-
-SECOidTag
-NSS_CMSRecipientInfo_GetKeyEncryptionAlgorithmTag(NSSCMSRecipientInfo *ri)
-{
- SECOidTag encalgtag;
-
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyTransRecipientInfo.keyEncAlg));
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyAgreeRecipientInfo.keyEncAlg));
- break;
- case NSSCMSRecipientInfoID_KEK:
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
- break;
- }
- return encalgtag;
-}
-
-SECStatus
-NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey, SECOidTag bulkalgtag)
-{
- CERTCertificate *cert;
- SECOidTag certalgtag;
- SECStatus rv = SECSuccess;
- SECItem *params = NULL;
- NSSCMSRecipientEncryptedKey *rek;
- NSSCMSOriginatorIdentifierOrKey *oiok;
- PLArenaPool *poolp;
-
- poolp = ri->cmsg->poolp;
- cert = ri->cert;
- PORT_Assert (cert != NULL);
- if (cert == NULL)
- return SECFailure;
-
- /* XXX set ri->recipientInfoType to the proper value here */
- /* or should we look if it's been set already ? */
-
- certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
- switch (certalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- /* wrap the symkey */
- if (NSS_CMSUtil_EncryptSymKey_RSA(poolp, cert, bulkkey, &ri->ri.keyTransRecipientInfo.encKey) != SECSuccess) {
- rv = SECFailure;
- break;
- }
-
- rv = SECOID_SetAlgorithmID(poolp, &(ri->ri.keyTransRecipientInfo.keyEncAlg), certalgtag, NULL);
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_KEA:
- rv = NSS_CMSUtil_EncryptSymKey_MISSI(poolp, cert, bulkkey,
- bulkalgtag,
- &ri->ri.keyTransRecipientInfo.encKey,
- &params, ri->cmsg->pwfn_arg);
- if (rv != SECSuccess)
- break;
-
- /* here, we DO need to pass the params to the wrap function because, with
- * RSA, there is no funny stuff going on with generation of IV vectors or so */
- rv = SECOID_SetAlgorithmID(poolp, &(ri->ri.keyTransRecipientInfo.keyEncAlg), certalgtag, params);
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */
- rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[0];
- if (rek == NULL) {
- rv = SECFailure;
- break;
- }
-
- oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
- PORT_Assert(oiok->identifierType == NSSCMSOriginatorIDOrKey_OriginatorPublicKey);
-
- /* see RFC2630 12.3.1.1 */
- if (SECOID_SetAlgorithmID(poolp, &oiok->id.originatorPublicKey.algorithmIdentifier,
- SEC_OID_X942_DIFFIE_HELMAN_KEY, NULL) != SECSuccess) {
- rv = SECFailure;
- break;
- }
-
- /* this will generate a key pair, compute the shared secret, */
- /* derive a key and ukm for the keyEncAlg out of it, encrypt the bulk key with */
- /* the keyEncAlg, set encKey, keyEncAlg, publicKey etc. */
- rv = NSS_CMSUtil_EncryptSymKey_ESDH(poolp, cert, bulkkey,
- &rek->encKey,
- &ri->ri.keyAgreeRecipientInfo.ukm,
- &ri->ri.keyAgreeRecipientInfo.keyEncAlg,
- &oiok->id.originatorPublicKey.publicKey);
-
- break;
- default:
- /* other algorithms not supported yet */
- /* NOTE that we do not support any KEK algorithm */
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- rv = SECFailure;
- break;
- }
- return rv;
-}
-
-PK11SymKey *
-NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
- CERTCertificate *cert, SECKEYPrivateKey *privkey, SECOidTag bulkalgtag)
-{
- PK11SymKey *bulkkey = NULL;
- SECAlgorithmID *encalg;
- SECOidTag encalgtag;
- SECItem *enckey;
- int error;
-
- ri->cert = CERT_DupCertificate(cert);
- /* mark the recipientInfo so we can find it later */
-
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- encalg = &(ri->ri.keyTransRecipientInfo.keyEncAlg);
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyTransRecipientInfo.keyEncAlg));
- enckey = &(ri->ri.keyTransRecipientInfo.encKey); /* ignore subIndex */
- switch (encalgtag) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- /* RSA encryption algorithm: */
- /* get the symmetric (bulk) key by unwrapping it using our private key */
- bulkkey = NSS_CMSUtil_DecryptSymKey_RSA(privkey, enckey, bulkalgtag);
- break;
- case SEC_OID_NETSCAPE_SMIME_KEA:
- /* FORTEZZA key exchange algorithm */
- /* the supplemental data is in the parameters of encalg */
- bulkkey = NSS_CMSUtil_DecryptSymKey_MISSI(privkey, enckey, encalg, bulkalgtag, ri->cmsg->pwfn_arg);
- break;
- default:
- error = SEC_ERROR_UNSUPPORTED_KEYALG;
- goto loser;
- }
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- encalg = &(ri->ri.keyAgreeRecipientInfo.keyEncAlg);
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.keyAgreeRecipientInfo.keyEncAlg));
- enckey = &(ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[subIndex]->encKey);
- switch (encalgtag) {
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- /* Diffie-Helman key exchange */
- /* XXX not yet implemented */
- /* XXX problem: SEC_OID_X942_DIFFIE_HELMAN_KEY points to a PKCS3 mechanism! */
- /* we support ephemeral-static DH only, so if the recipientinfo */
- /* has originator stuff in it, we punt (or do we? shouldn't be that hard...) */
- /* first, we derive the KEK (a symkey!) using a Derive operation, then we get the */
- /* content encryption key using a Unwrap op */
- /* the derive operation has to generate the key using the algorithm in RFC2631 */
- error = SEC_ERROR_UNSUPPORTED_KEYALG;
- break;
- default:
- error = SEC_ERROR_UNSUPPORTED_KEYALG;
- goto loser;
- }
- break;
- case NSSCMSRecipientInfoID_KEK:
- encalg = &(ri->ri.kekRecipientInfo.keyEncAlg);
- encalgtag = SECOID_GetAlgorithmTag(&(ri->ri.kekRecipientInfo.keyEncAlg));
- enckey = &(ri->ri.kekRecipientInfo.encKey);
- /* not supported yet */
- error = SEC_ERROR_UNSUPPORTED_KEYALG;
- goto loser;
- break;
- }
- /* XXXX continue here */
- return bulkkey;
-
-loser:
- return NULL;
-}
diff --git a/security/nss/lib/smime/cmsreclist.c b/security/nss/lib/smime/cmsreclist.c
deleted file mode 100644
index b6fc62ee4..000000000
--- a/security/nss/lib/smime/cmsreclist.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS recipient list functions
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-static int
-nss_cms_recipients_traverse(NSSCMSRecipientInfo **recipientinfos, NSSCMSRecipient **recipient_list)
-{
- int count = 0;
- int rlindex = 0;
- int i, j;
- NSSCMSRecipient *rle;
- NSSCMSRecipientInfo *ri;
- NSSCMSRecipientEncryptedKey *rek;
-
- for (i = 0; recipientinfos[i] != NULL; i++) {
- ri = recipientinfos[i];
- switch (ri->recipientInfoType) {
- case NSSCMSRecipientInfoID_KeyTrans:
- if (recipient_list) {
- /* alloc one & fill it out */
- rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
- if (rle == NULL)
- return -1;
-
- rle->riIndex = i;
- rle->subIndex = -1;
- switch (ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType) {
- case NSSCMSRecipientID_IssuerSN:
- rle->kind = RLIssuerSN;
- rle->id.issuerAndSN = ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN;
- break;
- case NSSCMSRecipientID_SubjectKeyID:
- rle->kind = RLSubjKeyID;
- rle->id.subjectKeyID = ri->ri.keyTransRecipientInfo.recipientIdentifier.id.subjectKeyID;
- break;
- }
- recipient_list[rlindex++] = rle;
- } else {
- count++;
- }
- break;
- case NSSCMSRecipientInfoID_KeyAgree:
- if (ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys == NULL)
- break;
- for (j=0; ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j] != NULL; j++) {
- if (recipient_list) {
- rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[j];
- /* alloc one & fill it out */
- rle = (NSSCMSRecipient *)PORT_ZAlloc(sizeof(NSSCMSRecipient));
- if (rle == NULL)
- return -1;
-
- rle->riIndex = i;
- rle->subIndex = j;
- switch (rek->recipientIdentifier.identifierType) {
- case NSSCMSKeyAgreeRecipientID_IssuerSN:
- rle->kind = RLIssuerSN;
- rle->id.issuerAndSN = rek->recipientIdentifier.id.issuerAndSN;
- break;
- case NSSCMSKeyAgreeRecipientID_RKeyID:
- rle->kind = RLSubjKeyID;
- rle->id.subjectKeyID = rek->recipientIdentifier.id.recipientKeyIdentifier.subjectKeyIdentifier;
- break;
- }
- recipient_list[rlindex++] = rle;
- } else {
- count++;
- }
- }
- break;
- case NSSCMSRecipientInfoID_KEK:
- /* KEK is not implemented */
- break;
- }
- }
- /* if we have a recipient list, we return on success (-1, above, on failure) */
- /* otherwise, we return the count. */
- if (recipient_list) {
- recipient_list[rlindex] = NULL;
- return 0;
- } else {
- return count;
- }
-}
-
-NSSCMSRecipient **
-nss_cms_recipient_list_create(NSSCMSRecipientInfo **recipientinfos)
-{
- int count, rv;
- NSSCMSRecipient **recipient_list;
-
- /* count the number of recipient identifiers */
- count = nss_cms_recipients_traverse(recipientinfos, NULL);
- if (count <= 0) {
- /* no recipients? */
- PORT_SetError(SEC_ERROR_BAD_DATA);
-#if 0
- PORT_SetErrorString("Cannot find recipient data in envelope.");
-#endif
- return NULL;
- }
-
- /* allocate an array of pointers */
- recipient_list = (NSSCMSRecipient **)
- PORT_ZAlloc((count + 1) * sizeof(NSSCMSRecipient *));
- if (recipient_list == NULL)
- return NULL;
-
- /* now fill in the recipient_list */
- rv = nss_cms_recipients_traverse(recipientinfos, recipient_list);
- if (rv < 0) {
- nss_cms_recipient_list_destroy(recipient_list);
- return NULL;
- }
- return recipient_list;
-}
-
-void
-nss_cms_recipient_list_destroy(NSSCMSRecipient **recipient_list)
-{
- int i;
- NSSCMSRecipient *recipient;
-
- for (i=0; recipient_list[i] != NULL; i++) {
- recipient = recipient_list[i];
- if (recipient->cert)
- CERT_DestroyCertificate(recipient->cert);
- if (recipient->privkey)
- SECKEY_DestroyPrivateKey(recipient->privkey);
- if (recipient->slot)
- PK11_FreeSlot(recipient->slot);
- PORT_Free(recipient);
- }
- PORT_Free(recipient_list);
-}
-
-NSSCMSRecipientEncryptedKey *
-NSS_CMSRecipientEncryptedKey_Create(PLArenaPool *poolp)
-{
- return (NSSCMSRecipientEncryptedKey *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientEncryptedKey));
-}
diff --git a/security/nss/lib/smime/cmsreclist.h b/security/nss/lib/smime/cmsreclist.h
deleted file mode 100644
index 19b13e115..000000000
--- a/security/nss/lib/smime/cmsreclist.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * $Id$
- */
-
-#ifndef _CMSRECLIST_H
-#define _CMSRECLIST_H
-
-struct NSSCMSRecipientStr {
- int riIndex; /* this recipient's index in recipientInfo array */
- int subIndex; /* index into recipientEncryptedKeys */
- /* (only in NSSCMSKeyAgreeRecipientInfoStr) */
- enum {RLIssuerSN=0, RLSubjKeyID=1} kind; /* for conversion recipientinfos -> recipientlist */
- union {
- CERTIssuerAndSN * issuerAndSN;
- SECItem * subjectKeyID;
- } id;
-
- /* result data (filled out for each recipient that's us) */
- CERTCertificate * cert;
- SECKEYPrivateKey * privkey;
- PK11SlotInfo * slot;
-};
-
-typedef struct NSSCMSRecipientStr NSSCMSRecipient;
-
-#endif /* _CMSRECLIST_H */
diff --git a/security/nss/lib/smime/cmssigdata.c b/security/nss/lib/smime/cmssigdata.c
deleted file mode 100644
index 1af54fc9b..000000000
--- a/security/nss/lib/smime/cmssigdata.c
+++ /dev/null
@@ -1,900 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS signedData methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-/*#include "cdbhdl.h"*/
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-
-NSSCMSSignedData *
-NSS_CMSSignedData_Create(NSSCMSMessage *cmsg)
-{
- void *mark;
- NSSCMSSignedData *sigd;
- PLArenaPool *poolp;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- sigd = (NSSCMSSignedData *)PORT_ArenaZAlloc (poolp, sizeof(NSSCMSSignedData));
- if (sigd == NULL)
- goto loser;
-
- sigd->cmsg = cmsg;
-
- /* signerInfos, certs, certlists, crls are all empty */
- /* version is set in NSS_CMSSignedData_Finalize() */
-
- PORT_ArenaUnmark(poolp, mark);
- return sigd;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-void
-NSS_CMSSignedData_Destroy(NSSCMSSignedData *sigd)
-{
- CERTCertificate **certs, *cert;
- CERTCertificateList **certlists, *certlist;
- NSSCMSSignerInfo **signerinfos, *si;
-
- if (sigd == NULL)
- return;
-
- certs = sigd->certs;
- certlists = sigd->certLists;
- signerinfos = sigd->signerInfos;
-
- if (certs != NULL) {
- while ((cert = *certs++) != NULL)
- CERT_DestroyCertificate (cert);
- }
-
- if (certlists != NULL) {
- while ((certlist = *certlists++) != NULL)
- CERT_DestroyCertificateList (certlist);
- }
-
- if (signerinfos != NULL) {
- while ((si = *signerinfos++) != NULL)
- NSS_CMSSignerInfo_Destroy(si);
- }
-
- /* everything's in a pool, so don't worry about the storage */
-}
-
-/*
- * NSS_CMSSignedData_Encode_BeforeStart - do all the necessary things to a SignedData
- * before start of encoding.
- *
- * In detail:
- * - find out about the right value to put into sigd->version
- * - come up with a list of digestAlgorithms (which should be the union of the algorithms
- * in the signerinfos).
- * If we happen to have a pre-set list of algorithms (and digest values!), we
- * check if we have all the signerinfos' algorithms. If not, this is an error.
- */
-SECStatus
-NSS_CMSSignedData_Encode_BeforeStart(NSSCMSSignedData *sigd)
-{
- NSSCMSSignerInfo *signerinfo;
- SECOidTag digestalgtag;
- SECItem *dummy;
- int version;
- SECStatus rv;
- PRBool haveDigests = PR_FALSE;
- int n, i;
- PLArenaPool *poolp;
-
- poolp = sigd->cmsg->poolp;
-
- /* we assume that we have precomputed digests if there is a list of algorithms, and */
- /* a chunk of data for each of those algorithms */
- if (sigd->digestAlgorithms != NULL && sigd->digests != NULL) {
- for (i=0; sigd->digestAlgorithms[i] != NULL; i++) {
- if (sigd->digests[i] == NULL)
- break;
- }
- if (sigd->digestAlgorithms[i] == NULL) /* reached the end of the array? */
- haveDigests = PR_TRUE; /* yes: we must have all the digests */
- }
-
- version = NSS_CMS_SIGNED_DATA_VERSION_BASIC;
-
- /* RFC2630 5.1 "version is the syntax version number..." */
- if (NSS_CMSContentInfo_GetContentTypeTag(&(sigd->contentInfo)) != SEC_OID_PKCS7_DATA)
- version = NSS_CMS_SIGNED_DATA_VERSION_EXT;
-
- /* prepare all the SignerInfos (there may be none) */
- for (i=0; i < NSS_CMSSignedData_SignerInfoCount(sigd); i++) {
- signerinfo = NSS_CMSSignedData_GetSignerInfo(sigd, i);
-
- /* RFC2630 5.1 "version is the syntax version number..." */
- if (NSS_CMSSignerInfo_GetVersion(signerinfo) != NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN)
- version = NSS_CMS_SIGNED_DATA_VERSION_EXT;
-
- /* collect digestAlgorithms from SignerInfos */
- /* (we need to know which algorithms we have when the content comes in) */
- /* do not overwrite any existing digestAlgorithms (and digest) */
- digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
- n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
- if (n < 0 && haveDigests) {
- /* oops, there is a digestalg we do not have a digest for */
- /* but we were supposed to have all the digests already... */
- goto loser;
- } else if (n < 0) {
- /* add the digestAlgorithm & a NULL digest */
- rv = NSS_CMSSignedData_AddDigest(poolp, sigd, digestalgtag, NULL);
- if (rv != SECSuccess)
- goto loser;
- } else {
- /* found it, nothing to do */
- }
- }
-
- dummy = SEC_ASN1EncodeInteger(poolp, &(sigd->version), (long)version);
- if (dummy == NULL)
- return SECFailure;
-
- /* this is a SET OF, so we need to sort them guys */
- rv = NSS_CMSArray_SortByDER((void **)sigd->digestAlgorithms,
- SEC_ASN1_GET(SECOID_AlgorithmIDTemplate),
- (void **)sigd->digests);
- if (rv != SECSuccess)
- return SECFailure;
-
- return SECSuccess;
-
-loser:
- return SECFailure;
-}
-
-SECStatus
-NSS_CMSSignedData_Encode_BeforeData(NSSCMSSignedData *sigd)
-{
- /* set up the digests */
- if (sigd->digestAlgorithms != NULL) {
- sigd->contentInfo.digcx = NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
- if (sigd->contentInfo.digcx == NULL)
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_Encode_AfterData - do all the necessary things to a SignedData
- * after all the encapsulated data was passed through the encoder.
- *
- * In detail:
- * - create the signatures in all the SignerInfos
- *
- * Please note that nothing is done to the Certificates and CRLs in the message - this
- * is entirely the responsibility of our callers.
- */
-SECStatus
-NSS_CMSSignedData_Encode_AfterData(NSSCMSSignedData *sigd)
-{
- NSSCMSSignerInfo **signerinfos, *signerinfo;
- NSSCMSContentInfo *cinfo;
- SECOidTag digestalgtag;
- SECStatus ret = SECFailure;
- SECStatus rv;
- SECItem *contentType;
- int certcount;
- int i, ci, cli, n, rci, si;
- PLArenaPool *poolp;
- CERTCertificateList *certlist;
- extern const SEC_ASN1Template NSSCMSSignerInfoTemplate[];
-
- poolp = sigd->cmsg->poolp;
- cinfo = &(sigd->contentInfo);
-
- /* did we have digest calculation going on? */
- if (cinfo->digcx) {
- rv = NSS_CMSDigestContext_FinishMultiple(cinfo->digcx, poolp, &(sigd->digests));
- if (rv != SECSuccess)
- goto loser; /* error has been set by NSS_CMSDigestContext_FinishMultiple */
- cinfo->digcx = NULL;
- }
-
- signerinfos = sigd->signerInfos;
- certcount = 0;
-
- /* prepare all the SignerInfos (there may be none) */
- for (i=0; i < NSS_CMSSignedData_SignerInfoCount(sigd); i++) {
- signerinfo = NSS_CMSSignedData_GetSignerInfo(sigd, i);
-
- /* find correct digest for this signerinfo */
- digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
- n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
- if (n < 0 || sigd->digests == NULL || sigd->digests[n] == NULL) {
- /* oops - digest not found */
- PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
- goto loser;
- }
-
- /* XXX if our content is anything else but data, we need to force the
- * presence of signed attributes (RFC2630 5.3 "signedAttributes is a
- * collection...") */
-
- /* pass contentType here as we want a contentType attribute */
- if ((contentType = NSS_CMSContentInfo_GetContentTypeOID(cinfo)) == NULL)
- goto loser;
-
- /* sign the thing */
- rv = NSS_CMSSignerInfo_Sign(signerinfo, sigd->digests[n], contentType);
- if (rv != SECSuccess)
- goto loser;
-
- /* while we're at it, count number of certs in certLists */
- certlist = NSS_CMSSignerInfo_GetCertList(signerinfo);
- if (certlist)
- certcount += certlist->len;
- }
-
- /* this is a SET OF, so we need to sort them guys */
- rv = NSS_CMSArray_SortByDER((void **)signerinfos, NSSCMSSignerInfoTemplate, NULL);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * now prepare certs & crls
- */
-
- /* count the rest of the certs */
- if (sigd->certs != NULL) {
- for (ci = 0; sigd->certs[ci] != NULL; ci++)
- certcount++;
- }
-
- if (sigd->certLists != NULL) {
- for (cli = 0; sigd->certLists[cli] != NULL; cli++)
- certcount += sigd->certLists[cli]->len;
- }
-
- if (certcount == 0) {
- sigd->rawCerts = NULL;
- } else {
- /*
- * Combine all of the certs and cert chains into rawcerts.
- * Note: certcount is an upper bound; we may not need that many slots
- * but we will allocate anyway to avoid having to do another pass.
- * (The temporary space saving is not worth it.)
- *
- * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
- * SetOfDERcertficates implementation
- */
- sigd->rawCerts = (SECItem **)PORT_ArenaAlloc(poolp, (certcount + 1) * sizeof(SECItem *));
- if (sigd->rawCerts == NULL)
- return SECFailure;
-
- /*
- * XXX Want to check for duplicates and not add *any* cert that is
- * already in the set. This will be more important when we start
- * dealing with larger sets of certs, dual-key certs (signing and
- * encryption), etc. For the time being we can slide by...
- *
- * XXX ARGH - this NEEDS to be fixed. need to come up with a decent
- * SetOfDERcertficates implementation
- */
- rci = 0;
- if (signerinfos != NULL) {
- for (si = 0; signerinfos[si] != NULL; si++) {
- signerinfo = signerinfos[si];
- for (ci = 0; ci < signerinfo->certList->len; ci++)
- sigd->rawCerts[rci++] = &(signerinfo->certList->certs[ci]);
- }
- }
-
- if (sigd->certs != NULL) {
- for (ci = 0; sigd->certs[ci] != NULL; ci++)
- sigd->rawCerts[rci++] = &(sigd->certs[ci]->derCert);
- }
-
- if (sigd->certLists != NULL) {
- for (cli = 0; sigd->certLists[cli] != NULL; cli++) {
- for (ci = 0; ci < sigd->certLists[cli]->len; ci++)
- sigd->rawCerts[rci++] = &(sigd->certLists[cli]->certs[ci]);
- }
- }
-
- sigd->rawCerts[rci] = NULL;
-
- /* this is a SET OF, so we need to sort them guys - we have the DER already, though */
- NSS_CMSArray_Sort((void **)sigd->rawCerts, NSS_CMSUtil_DERCompare, NULL, NULL);
- }
-
- ret = SECSuccess;
-
-loser:
- return ret;
-}
-
-SECStatus
-NSS_CMSSignedData_Decode_BeforeData(NSSCMSSignedData *sigd)
-{
- /* set up the digests */
- if (sigd->digestAlgorithms != NULL && sigd->digests == NULL) {
- /* if digests are already there, do nothing */
- sigd->contentInfo.digcx = NSS_CMSDigestContext_StartMultiple(sigd->digestAlgorithms);
- if (sigd->contentInfo.digcx == NULL)
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_Decode_AfterData - do all the necessary things to a SignedData
- * after all the encapsulated data was passed through the decoder.
- */
-SECStatus
-NSS_CMSSignedData_Decode_AfterData(NSSCMSSignedData *sigd)
-{
- /* did we have digest calculation going on? */
- if (sigd->contentInfo.digcx) {
- if (NSS_CMSDigestContext_FinishMultiple(sigd->contentInfo.digcx, sigd->cmsg->poolp, &(sigd->digests)) != SECSuccess)
- return SECFailure; /* error has been set by NSS_CMSDigestContext_FinishMultiple */
- sigd->contentInfo.digcx = NULL;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_Decode_AfterEnd - do all the necessary things to a SignedData
- * after all decoding is finished.
- */
-SECStatus
-NSS_CMSSignedData_Decode_AfterEnd(NSSCMSSignedData *sigd)
-{
- NSSCMSSignerInfo **signerinfos;
- int i;
-
- /* set cmsg for all the signerinfos */
- signerinfos = sigd->signerInfos;
-
- /* set cmsg for all the signerinfos */
- if (signerinfos) {
- for (i = 0; signerinfos[i] != NULL; i++)
- signerinfos[i]->cmsg = sigd->cmsg;
- }
-
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignedData_GetSignerInfos - retrieve the SignedData's signer list
- */
-NSSCMSSignerInfo **
-NSS_CMSSignedData_GetSignerInfos(NSSCMSSignedData *sigd)
-{
- return sigd->signerInfos;
-}
-
-int
-NSS_CMSSignedData_SignerInfoCount(NSSCMSSignedData *sigd)
-{
- return NSS_CMSArray_Count((void **)sigd->signerInfos);
-}
-
-NSSCMSSignerInfo *
-NSS_CMSSignedData_GetSignerInfo(NSSCMSSignedData *sigd, int i)
-{
- return sigd->signerInfos[i];
-}
-
-/*
- * NSS_CMSSignedData_GetDigestAlgs - retrieve the SignedData's digest algorithm list
- */
-SECAlgorithmID **
-NSS_CMSSignedData_GetDigestAlgs(NSSCMSSignedData *sigd)
-{
- return sigd->digestAlgorithms;
-}
-
-/*
- * NSS_CMSSignedData_GetContentInfo - return pointer to this signedData's contentinfo
- */
-NSSCMSContentInfo *
-NSS_CMSSignedData_GetContentInfo(NSSCMSSignedData *sigd)
-{
- return &(sigd->contentInfo);
-}
-
-/*
- * NSS_CMSSignedData_GetCertificateList - retrieve the SignedData's certificate list
- */
-SECItem **
-NSS_CMSSignedData_GetCertificateList(NSSCMSSignedData *sigd)
-{
- return sigd->rawCerts;
-}
-
-SECStatus
-NSS_CMSSignedData_ImportCerts(NSSCMSSignedData *sigd, CERTCertDBHandle *certdb,
- SECCertUsage certusage, PRBool keepcerts)
-{
- int certcount;
- SECStatus rv;
- int i;
-
- certcount = NSS_CMSArray_Count((void **)sigd->rawCerts);
-
- rv = CERT_ImportCerts(certdb, certusage, certcount, sigd->rawCerts, NULL,
- keepcerts, PR_FALSE, NULL);
-
- /* XXX CRL handling */
-
- if (sigd->signerInfos != NULL) {
- /* fill in all signerinfo's certs */
- for (i = 0; sigd->signerInfos[i] != NULL; i++)
- (void)NSS_CMSSignerInfo_GetSigningCertificate(sigd->signerInfos[i], certdb);
- }
-
- return rv;
-}
-
-/*
- * XXX the digests need to be passed in BETWEEN the decoding and the verification in case
- * of external signatures!
- */
-
-/*
- * NSS_CMSSignedData_VerifySignerInfo - check the signatures.
- *
- * The digests were either calculated during decoding (and are stored in the
- * signedData itself) or set after decoding using NSS_CMSSignedData_SetDigests.
- *
- * The verification checks if the signing cert is valid and has a trusted chain
- * for the purpose specified by "certusage".
- */
-SECStatus
-NSS_CMSSignedData_VerifySignerInfo(NSSCMSSignedData *sigd, int i,
- CERTCertDBHandle *certdb, SECCertUsage certusage)
-{
- NSSCMSSignerInfo *signerinfo;
- NSSCMSContentInfo *cinfo;
- SECOidData *algiddata;
- SECItem *contentType, *digest;
-
- cinfo = &(sigd->contentInfo);
-
- signerinfo = sigd->signerInfos[i];
-
- /* verify certificate */
- if (NSS_CMSSignerInfo_VerifyCertificate(signerinfo, certdb, certusage) != SECSuccess)
- return SECFailure; /* error is set by NSS_CMSSignerInfo_VerifyCertificate */
-
- /* find digest and contentType for signerinfo */
- algiddata = NSS_CMSSignerInfo_GetDigestAlg(signerinfo);
- digest = NSS_CMSSignedData_GetDigestByAlgTag(sigd, algiddata->offset);
- contentType = NSS_CMSContentInfo_GetContentTypeOID(cinfo);
-
- /* now verify signature */
- return NSS_CMSSignerInfo_Verify(signerinfo, digest, contentType);
-}
-
-/*
- * NSS_CMSSignedData_VerifyCertsOnly - verify the certs in a certs-only message
- */
-SECStatus
-NSS_CMSSignedData_VerifyCertsOnly(NSSCMSSignedData *sigd,
- CERTCertDBHandle *certdb,
- SECCertUsage usage)
-{
- CERTCertificate *cert;
- SECStatus rv = SECSuccess;
- int i;
- int count;
-
- if (!sigd || !certdb || !sigd->rawCerts) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- count = NSS_CMSArray_Count((void**)sigd->rawCerts);
- for (i=0; i < count; i++) {
- if (sigd->certs && sigd->certs[i]) {
- cert = sigd->certs[i];
- } else {
- cert = CERT_FindCertByDERCert(certdb, sigd->rawCerts[i]);
- if (!cert) {
- rv = SECFailure;
- break;
- }
- }
- rv |= CERT_VerifyCert(certdb, cert, PR_TRUE, usage, PR_Now(),
- NULL, NULL);
- }
-
- return rv;
-}
-
-/*
- * NSS_CMSSignedData_HasDigests - see if we have digests in place
- */
-PRBool
-NSS_CMSSignedData_HasDigests(NSSCMSSignedData *sigd)
-{
- return (sigd->digests != NULL);
-}
-
-SECStatus
-NSS_CMSSignedData_AddCertList(NSSCMSSignedData *sigd, CERTCertificateList *certlist)
-{
- SECStatus rv;
-
- PORT_Assert(certlist != NULL);
-
- if (certlist == NULL)
- return SECFailure;
-
- /* XXX memory?? a certlist has an arena of its own and is not refcounted!?!? */
- rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certLists), (void *)certlist);
-
- return rv;
-}
-
-/*
- * NSS_CMSSignedData_AddCertChain - add cert and its entire chain to the set of certs
- */
-SECStatus
-NSS_CMSSignedData_AddCertChain(NSSCMSSignedData *sigd, CERTCertificate *cert)
-{
- CERTCertificateList *certlist;
- SECCertUsage usage;
- SECStatus rv;
-
- usage = certUsageEmailSigner;
-
- /* do not include root */
- certlist = CERT_CertChainFromCert(cert, usage, PR_FALSE);
- if (certlist == NULL)
- return SECFailure;
-
- rv = NSS_CMSSignedData_AddCertList(sigd, certlist);
-
- return rv;
-}
-
-SECStatus
-NSS_CMSSignedData_AddCertificate(NSSCMSSignedData *sigd, CERTCertificate *cert)
-{
- CERTCertificate *c;
- SECStatus rv;
-
- PORT_Assert(cert != NULL);
-
- if (cert == NULL)
- return SECFailure;
-
- c = CERT_DupCertificate(cert);
- rv = NSS_CMSArray_Add(sigd->cmsg->poolp, (void ***)&(sigd->certs), (void *)c);
- return rv;
-}
-
-PRBool
-NSS_CMSSignedData_ContainsCertsOrCrls(NSSCMSSignedData *sigd)
-{
- if (sigd->rawCerts != NULL && sigd->rawCerts[0] != NULL)
- return PR_TRUE;
- else if (sigd->crls != NULL && sigd->crls[0] != NULL)
- return PR_TRUE;
- else
- return PR_FALSE;
-}
-
-SECStatus
-NSS_CMSSignedData_AddSignerInfo(NSSCMSSignedData *sigd,
- NSSCMSSignerInfo *signerinfo)
-{
- void *mark;
- SECStatus rv;
- SECOidTag digestalgtag;
- PLArenaPool *poolp;
-
- poolp = sigd->cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- /* add signerinfo */
- rv = NSS_CMSArray_Add(poolp, (void ***)&(sigd->signerInfos), (void *)signerinfo);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * add empty digest
- * Empty because we don't have it yet. Either it gets created during encoding
- * (if the data is present) or has to be set externally.
- * XXX maybe pass it in optionally?
- */
- digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
- rv = NSS_CMSSignedData_SetDigestValue(sigd, digestalgtag, NULL);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * The last thing to get consistency would be adding the digest.
- */
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-SECItem *
-NSS_CMSSignedData_GetDigestByAlgTag(NSSCMSSignedData *sigd, SECOidTag algtag)
-{
- int idx;
-
- idx = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, algtag);
- return sigd->digests[idx];
-}
-
-/*
- * NSS_CMSSignedData_SetDigests - set a signedData's digests member
- *
- * "digestalgs" - array of digest algorithm IDs
- * "digests" - array of digests corresponding to the digest algorithms
- */
-SECStatus
-NSS_CMSSignedData_SetDigests(NSSCMSSignedData *sigd,
- SECAlgorithmID **digestalgs,
- SECItem **digests)
-{
- int cnt, i, idx;
-
- if (sigd->digestAlgorithms == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /* we assume that the digests array is just not there yet */
- PORT_Assert(sigd->digests == NULL);
- if (sigd->digests != NULL) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return SECFailure;
- }
-
- /* now allocate one (same size as digestAlgorithms) */
- cnt = NSS_CMSArray_Count((void **)sigd->digestAlgorithms);
- sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(SECItem *));
- if (sigd->digests == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- for (i = 0; sigd->digestAlgorithms[i] != NULL; i++) {
- /* try to find the sigd's i'th digest algorithm in the array we passed in */
- idx = NSS_CMSAlgArray_GetIndexByAlgID(digestalgs, sigd->digestAlgorithms[i]);
- if (idx < 0) {
- PORT_SetError(SEC_ERROR_DIGEST_NOT_FOUND);
- return SECFailure;
- }
-
- /* found it - now set it */
- if ((sigd->digests[i] = SECITEM_AllocItem(sigd->cmsg->poolp, NULL, 0)) == NULL ||
- SECITEM_CopyItem(sigd->cmsg->poolp, sigd->digests[i], digests[idx]) != SECSuccess)
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-NSS_CMSSignedData_SetDigestValue(NSSCMSSignedData *sigd,
- SECOidTag digestalgtag,
- SECItem *digestdata)
-{
- SECItem *digest = NULL;
- PLArenaPool *poolp;
- void *mark;
- int n, cnt;
-
- poolp = sigd->cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
-
- if (digestdata) {
- digest = (SECItem *) PORT_ArenaZAlloc(poolp,sizeof(SECItem));
-
- /* copy digestdata item to arena (in case we have it and are not only making room) */
- if (SECITEM_CopyItem(poolp, digest, digestdata) != SECSuccess)
- goto loser;
- }
-
- /* now allocate one (same size as digestAlgorithms) */
- if (sigd->digests == NULL) {
- cnt = NSS_CMSArray_Count((void **)sigd->digestAlgorithms);
- sigd->digests = PORT_ArenaZAlloc(sigd->cmsg->poolp, (cnt + 1) * sizeof(SECItem *));
- if (sigd->digests == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- }
-
- n = -1;
- if (sigd->digestAlgorithms != NULL)
- n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
-
- /* if not found, add a digest */
- if (n < 0) {
- if (NSS_CMSSignedData_AddDigest(poolp, sigd, digestalgtag, digest) != SECSuccess)
- goto loser;
- } else {
- /* replace NULL pointer with digest item (and leak previous value) */
- sigd->digests[n] = digest;
- }
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECStatus
-NSS_CMSSignedData_AddDigest(PRArenaPool *poolp,
- NSSCMSSignedData *sigd,
- SECOidTag digestalgtag,
- SECItem *digest)
-{
- SECAlgorithmID *digestalg;
- void *mark;
-
- mark = PORT_ArenaMark(poolp);
-
- digestalg = PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
- if (digestalg == NULL)
- goto loser;
-
- if (SECOID_SetAlgorithmID (poolp, digestalg, digestalgtag, NULL) != SECSuccess) /* no params */
- goto loser;
-
- if (NSS_CMSArray_Add(poolp, (void ***)&(sigd->digestAlgorithms), (void *)digestalg) != SECSuccess ||
- /* even if digest is NULL, add dummy to have same-size array */
- NSS_CMSArray_Add(poolp, (void ***)&(sigd->digests), (void *)digest) != SECSuccess)
- {
- goto loser;
- }
-
- PORT_ArenaUnmark(poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return SECFailure;
-}
-
-SECItem *
-NSS_CMSSignedData_GetDigestValue(NSSCMSSignedData *sigd, SECOidTag digestalgtag)
-{
- int n;
-
- if (sigd->digestAlgorithms == NULL)
- return NULL;
-
- n = NSS_CMSAlgArray_GetIndexByAlgTag(sigd->digestAlgorithms, digestalgtag);
-
- return (n < 0) ? NULL : sigd->digests[n];
-}
-
-/* =============================================================================
- * Misc. utility functions
- */
-
-/*
- * NSS_CMSSignedData_CreateCertsOnly - create a certs-only SignedData.
- *
- * cert - base certificates that will be included
- * include_chain - if true, include the complete cert chain for cert
- *
- * More certs and chains can be added via AddCertificate and AddCertChain.
- *
- * An error results in a return value of NULL and an error set.
- *
- * XXXX CRLs
- */
-NSSCMSSignedData *
-NSS_CMSSignedData_CreateCertsOnly(NSSCMSMessage *cmsg, CERTCertificate *cert, PRBool include_chain)
-{
- NSSCMSSignedData *sigd;
- void *mark;
- PLArenaPool *poolp;
- SECStatus rv;
-
- poolp = cmsg->poolp;
- mark = PORT_ArenaMark(poolp);
-
- sigd = NSS_CMSSignedData_Create(cmsg);
- if (sigd == NULL)
- goto loser;
-
- /* no signerinfos, thus no digestAlgorithms */
-
- /* but certs */
- if (include_chain) {
- rv = NSS_CMSSignedData_AddCertChain(sigd, cert);
- } else {
- rv = NSS_CMSSignedData_AddCertificate(sigd, cert);
- }
- if (rv != SECSuccess)
- goto loser;
-
- /* RFC2630 5.2 sez:
- * In the degenerate case where there are no signers, the
- * EncapsulatedContentInfo value being "signed" is irrelevant. In this
- * case, the content type within the EncapsulatedContentInfo value being
- * "signed" should be id-data (as defined in section 4), and the content
- * field of the EncapsulatedContentInfo value should be omitted.
- */
- rv = NSS_CMSContentInfo_SetContent_Data(cmsg, &(sigd->contentInfo), NULL, PR_TRUE);
- if (rv != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return sigd;
-
-loser:
- if (sigd)
- NSS_CMSSignedData_Destroy(sigd);
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/* TODO:
- * NSS_CMSSignerInfo_GetReceiptRequest()
- * NSS_CMSSignedData_HasReceiptRequest()
- * easy way to iterate over signers
- */
-
diff --git a/security/nss/lib/smime/cmssiginfo.c b/security/nss/lib/smime/cmssiginfo.c
deleted file mode 100644
index 659c88773..000000000
--- a/security/nss/lib/smime/cmssiginfo.c
+++ /dev/null
@@ -1,872 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS signerInfo methods.
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-#include "secder.h"
-#include "cryptohi.h"
-
-#include "smime.h"
-
-/* =============================================================================
- * SIGNERINFO
- */
-
-NSSCMSSignerInfo *
-NSS_CMSSignerInfo_Create(NSSCMSMessage *cmsg, CERTCertificate *cert, SECOidTag digestalgtag)
-{
- void *mark;
- NSSCMSSignerInfo *signerinfo;
- int version;
- PLArenaPool *poolp;
-
- poolp = cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- signerinfo = (NSSCMSSignerInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSSignerInfo));
- if (signerinfo == NULL) {
- PORT_ArenaRelease(poolp, mark);
- return NULL;
- }
-
- if ((signerinfo->cert = CERT_DupCertificate(cert)) == NULL)
- goto loser;
-
- signerinfo->cmsg = cmsg;
-
- signerinfo->signerIdentifier.identifierType = NSSCMSSignerID_IssuerSN; /* hardcoded for now */
- if ((signerinfo->signerIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL)
- goto loser;
-
- /* set version right now */
- version = NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN;
- /* RFC2630 5.3 "version is the syntax version number. If the .... " */
- if (signerinfo->signerIdentifier.identifierType == NSSCMSSignerID_SubjectKeyID)
- version = NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY;
- (void)SEC_ASN1EncodeInteger(poolp, &(signerinfo->version), (long)version);
-
- if (SECOID_SetAlgorithmID(poolp, &signerinfo->digestAlg, digestalgtag, NULL) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark(poolp, mark);
- return signerinfo;
-
-loser:
- PORT_ArenaRelease(poolp, mark);
- return NULL;
-}
-
-/*
- * NSS_CMSSignerInfo_Destroy - destroy a SignerInfo data structure
- */
-void
-NSS_CMSSignerInfo_Destroy(NSSCMSSignerInfo *si)
-{
- if (si->cert != NULL)
- CERT_DestroyCertificate(si->cert);
-
- /* XXX storage ??? */
-}
-
-/*
- * NSS_CMSSignerInfo_Sign - sign something
- *
- */
-SECStatus
-NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType)
-{
- CERTCertificate *cert;
- SECKEYPrivateKey *privkey = NULL;
- SECOidTag digestalgtag;
- SECOidTag signalgtag;
- SECItem signature = { 0 };
- SECStatus rv;
- PLArenaPool *poolp, *tmppoolp;
-
- PORT_Assert (digest != NULL);
-
- poolp = signerinfo->cmsg->poolp;
-
- cert = signerinfo->cert;
-
- if ((privkey = PK11_FindKeyByAnyCert(cert, signerinfo->cmsg->pwfn_arg)) == NULL)
- goto loser;
-
- digestalgtag = NSS_CMSSignerInfo_GetDigestAlgTag(signerinfo);
- /*
- * XXX I think there should be a cert-level interface for this,
- * so that I do not have to know about subjectPublicKeyInfo...
- */
- signalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
- /* Fortezza MISSI have weird signature formats. Map them to standard DSA formats */
- signalgtag = PK11_FortezzaMapSig(signalgtag);
-
- if (signerinfo->authAttr != NULL) {
- SECItem encoded_attrs;
-
- /* find and fill in the message digest attribute. */
- rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr), SEC_OID_PKCS9_MESSAGE_DIGEST, digest, PR_FALSE);
- if (rv != SECSuccess)
- goto loser;
-
- if (contentType != NULL) {
- /* if the caller wants us to, find and fill in the content type attribute. */
- rv = NSS_CMSAttributeArray_SetAttr(poolp, &(signerinfo->authAttr), SEC_OID_PKCS9_CONTENT_TYPE, contentType, PR_FALSE);
- if (rv != SECSuccess)
- goto loser;
- }
-
- if ((tmppoolp = PORT_NewArena (1024)) == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /*
- * Before encoding, reorder the attributes so that when they
- * are encoded, they will be conforming DER, which is required
- * to have a specific order and that is what must be used for
- * the hash/signature. We do this here, rather than building
- * it into EncodeAttributes, because we do not want to do
- * such reordering on incoming messages (which also uses
- * EncodeAttributes) or our old signatures (and other "broken"
- * implementations) will not verify. So, we want to guarantee
- * that we send out good DER encodings of attributes, but not
- * to expect to receive them.
- */
- if (NSS_CMSAttributeArray_Reorder(signerinfo->authAttr) != SECSuccess)
- goto loser;
-
- encoded_attrs.data = NULL;
- encoded_attrs.len = 0;
- if (NSS_CMSAttributeArray_Encode(tmppoolp, &(signerinfo->authAttr), &encoded_attrs) == NULL)
- goto loser;
-
- rv = SEC_SignData(&signature, encoded_attrs.data, encoded_attrs.len, privkey,
- NSS_CMSUtil_MakeSignatureAlgorithm(digestalgtag, signalgtag));
- PORT_FreeArena(tmppoolp, PR_FALSE); /* awkward memory management :-( */
- } else {
- rv = SGN_Digest(privkey, digestalgtag, &signature, digest);
- }
-
- SECKEY_DestroyPrivateKey(privkey);
- privkey = NULL;
-
- if (rv != SECSuccess)
- goto loser;
-
- if (SECITEM_CopyItem(poolp, &(signerinfo->encDigest), &signature) != SECSuccess)
- goto loser;
-
- SECITEM_FreeItem(&signature, PR_FALSE);
-
- if (SECOID_SetAlgorithmID(poolp, &(signerinfo->digestEncAlg), signalgtag, NULL) != SECSuccess)
- goto loser;
-
- return SECSuccess;
-
-loser:
- if (signature.len != 0)
- SECITEM_FreeItem (&signature, PR_FALSE);
- if (privkey)
- SECKEY_DestroyPrivateKey(privkey);
- return SECFailure;
-}
-
-SECStatus
-NSS_CMSSignerInfo_VerifyCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb,
- SECCertUsage certusage)
-{
- CERTCertificate *cert;
- int64 stime;
-
- if ((cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb)) == NULL) {
- signerinfo->verificationStatus = NSSCMSVS_SigningCertNotFound;
- return SECFailure;
- }
-
- /*
- * Get and convert the signing time; if available, it will be used
- * both on the cert verification and for importing the sender
- * email profile.
- */
- if (NSS_CMSSignerInfo_GetSigningTime (signerinfo, &stime) != SECSuccess)
- stime = PR_Now(); /* not found or conversion failed, so check against now */
-
- /*
- * XXX This uses the signing time, if available. Additionally, we
- * might want to, if there is no signing time, get the message time
- * from the mail header itself, and use that. That would require
- * a change to our interface though, and for S/MIME callers to pass
- * in a time (and for non-S/MIME callers to pass in nothing, or
- * maybe make them pass in the current time, always?).
- */
- if (CERT_VerifyCert(certdb, cert, PR_TRUE, certusage, stime, signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
- signerinfo->verificationStatus = NSSCMSVS_SigningCertNotTrusted;
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * NSS_CMSSignerInfo_Verify - verify the signature of a single SignerInfo
- *
- * Just verifies the signature. The assumption is that verification of the certificate
- * is done already.
- */
-SECStatus
-NSS_CMSSignerInfo_Verify(NSSCMSSignerInfo *signerinfo, SECItem *digest, SECItem *contentType)
-{
- SECKEYPublicKey *publickey = NULL;
- NSSCMSAttribute *attr;
- SECItem encoded_attrs;
- CERTCertificate *cert;
- NSSCMSVerificationStatus vs = NSSCMSVS_Unverified;
- PLArenaPool *poolp;
-
- if (signerinfo == NULL)
- return SECFailure;
-
- /* NSS_CMSSignerInfo_GetSigningCertificate will fail if 2nd parm is NULL and */
- /* cert has not been verified */
- if ((cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, NULL)) == NULL) {
- vs = NSSCMSVS_SigningCertNotFound;
- goto loser;
- }
-
- if ((publickey = CERT_ExtractPublicKey(cert)) == NULL) {
- vs = NSSCMSVS_ProcessingError;
- goto loser;
- }
-
- /*
- * XXX This may not be the right set of algorithms to check.
- * I'd prefer to trust that just calling VFY_Verify{Data,Digest}
- * would do the right thing (and set an error if it could not);
- * then additional algorithms could be handled by that code
- * and we would Just Work. So this check should just be removed,
- * but not until the VFY code is better at setting errors.
- */
- switch (SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg))) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- /* ok */
- break;
- case SEC_OID_UNKNOWN:
- vs = NSSCMSVS_SignatureAlgorithmUnknown;
- goto loser;
- default:
- vs = NSSCMSVS_SignatureAlgorithmUnsupported;
- goto loser;
- }
-
- if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) {
- if (contentType) {
- /*
- * Check content type
- *
- * RFC2630 sez that if there are any authenticated attributes,
- * then there must be one for content type which matches the
- * content type of the content being signed, and there must
- * be one for message digest which matches our message digest.
- * So check these things first.
- */
- if ((attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
- SEC_OID_PKCS9_CONTENT_TYPE, PR_TRUE)) == NULL)
- {
- vs = NSSCMSVS_MalformedSignature;
- goto loser;
- }
-
- if (NSS_CMSAttribute_CompareValue(attr, contentType) == PR_FALSE) {
- vs = NSSCMSVS_MalformedSignature;
- goto loser;
- }
- }
-
- /*
- * Check digest
- */
- if ((attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr, SEC_OID_PKCS9_MESSAGE_DIGEST, PR_TRUE)) == NULL)
- {
- vs = NSSCMSVS_MalformedSignature;
- goto loser;
- }
- if (NSS_CMSAttribute_CompareValue(attr, digest) == PR_FALSE) {
- vs = NSSCMSVS_DigestMismatch;
- goto loser;
- }
-
- if ((poolp = PORT_NewArena (1024)) == NULL) {
- vs = NSSCMSVS_ProcessingError;
- goto loser;
- }
-
- /*
- * Check signature
- *
- * The signature is based on a digest of the DER-encoded authenticated
- * attributes. So, first we encode and then we digest/verify.
- * we trust the decoder to have the attributes in the right (sorted) order
- */
- encoded_attrs.data = NULL;
- encoded_attrs.len = 0;
-
- if (NSS_CMSAttributeArray_Encode(poolp, &(signerinfo->authAttr), &encoded_attrs) == NULL ||
- encoded_attrs.data == NULL || encoded_attrs.len == 0)
- {
- vs = NSSCMSVS_ProcessingError;
- goto loser;
- }
-
- vs = (VFY_VerifyData (encoded_attrs.data, encoded_attrs.len,
- publickey, &(signerinfo->encDigest),
- SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
- signerinfo->cmsg->pwfn_arg) != SECSuccess) ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
-
- PORT_FreeArena(poolp, PR_FALSE); /* awkward memory management :-( */
-
- } else {
- SECItem *sig;
-
- /* No authenticated attributes. The signature is based on the plain message digest. */
- sig = &(signerinfo->encDigest);
- if (sig->len == 0)
- goto loser;
-
- vs = (VFY_VerifyDigest(digest, publickey, sig,
- SECOID_GetAlgorithmTag(&(signerinfo->digestEncAlg)),
- signerinfo->cmsg->pwfn_arg) != SECSuccess) ? NSSCMSVS_BadSignature : NSSCMSVS_GoodSignature;
- }
-
- if (vs == NSSCMSVS_BadSignature) {
- /*
- * XXX Change the generic error into our specific one, because
- * in that case we get a better explanation out of the Security
- * Advisor. This is really a bug in our error strings (the
- * "generic" error has a lousy/wrong message associated with it
- * which assumes the signature verification was done for the
- * purposes of checking the issuer signature on a certificate)
- * but this is at least an easy workaround and/or in the
- * Security Advisor, which specifically checks for the error
- * SEC_ERROR_PKCS7_BAD_SIGNATURE and gives more explanation
- * in that case but does not similarly check for
- * SEC_ERROR_BAD_SIGNATURE. It probably should, but then would
- * probably say the wrong thing in the case that it *was* the
- * certificate signature check that failed during the cert
- * verification done above. Our error handling is really a mess.
- */
- if (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE)
- PORT_SetError(SEC_ERROR_PKCS7_BAD_SIGNATURE);
- }
-
- if (publickey != NULL)
- SECKEY_DestroyPublicKey (publickey);
-
- signerinfo->verificationStatus = vs;
-
- return (vs == NSSCMSVS_GoodSignature) ? SECSuccess : SECFailure;
-
-loser:
- if (publickey != NULL)
- SECKEY_DestroyPublicKey (publickey);
-
- signerinfo->verificationStatus = vs;
-
- PORT_SetError (SEC_ERROR_PKCS7_BAD_SIGNATURE);
- return SECFailure;
-}
-
-NSSCMSVerificationStatus
-NSS_CMSSignerInfo_GetVerificationStatus(NSSCMSSignerInfo *signerinfo)
-{
- return signerinfo->verificationStatus;
-}
-
-SECOidData *
-NSS_CMSSignerInfo_GetDigestAlg(NSSCMSSignerInfo *signerinfo)
-{
- return SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
-}
-
-SECOidTag
-NSS_CMSSignerInfo_GetDigestAlgTag(NSSCMSSignerInfo *signerinfo)
-{
- SECOidData *algdata;
-
- algdata = SECOID_FindOID (&(signerinfo->digestAlg.algorithm));
- if (algdata != NULL)
- return algdata->offset;
- else
- return SEC_OID_UNKNOWN;
-}
-
-CERTCertificateList *
-NSS_CMSSignerInfo_GetCertList(NSSCMSSignerInfo *signerinfo)
-{
- return signerinfo->certList;
-}
-
-int
-NSS_CMSSignerInfo_GetVersion(NSSCMSSignerInfo *signerinfo)
-{
- unsigned long version;
-
- /* always take apart the SECItem */
- if (SEC_ASN1DecodeInteger(&(signerinfo->version), &version) != SECSuccess)
- return 0;
- else
- return (int)version;
-}
-
-/*
- * NSS_CMSSignerInfo_GetSigningTime - return the signing time,
- * in UTCTime format, of a CMS signerInfo.
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to XXXX (what?)
- * A return value of NULL is an error.
- */
-SECStatus
-NSS_CMSSignerInfo_GetSigningTime(NSSCMSSignerInfo *sinfo, PRTime *stime)
-{
- NSSCMSAttribute *attr;
- SECItem *value;
-
- if (sinfo == NULL)
- return SECFailure;
-
- if (sinfo->signingTime != 0) {
- *stime = sinfo->signingTime; /* cached copy */
- return SECSuccess;
- }
-
- attr = NSS_CMSAttributeArray_FindAttrByOidTag(sinfo->authAttr, SEC_OID_PKCS9_SIGNING_TIME, PR_TRUE);
- /* XXXX multi-valued attributes NIH */
- if (attr == NULL || (value = NSS_CMSAttribute_GetValue(attr)) == NULL)
- return SECFailure;
- if (DER_UTCTimeToTime(stime, value) != SECSuccess)
- return SECFailure;
- sinfo->signingTime = *stime; /* make cached copy */
- return SECSuccess;
-}
-
-/*
- * Return the signing cert of a CMS signerInfo.
- *
- * the certs in the enclosing SignedData must have been imported already
- */
-CERTCertificate *
-NSS_CMSSignerInfo_GetSigningCertificate(NSSCMSSignerInfo *signerinfo, CERTCertDBHandle *certdb)
-{
- CERTCertificate *cert;
-
- if (signerinfo->cert != NULL)
- return signerinfo->cert;
-
- /* no certdb, and cert hasn't been set yet? */
- if (certdb == NULL)
- return NULL;
-
- /*
- * This cert will also need to be freed, but since we save it
- * in signerinfo for later, we do not want to destroy it when
- * we leave this function -- we let the clean-up of the entire
- * cinfo structure later do the destroy of this cert.
- */
- switch (signerinfo->signerIdentifier.identifierType) {
- case NSSCMSSignerID_IssuerSN:
- cert = CERT_FindCertByIssuerAndSN(certdb, signerinfo->signerIdentifier.id.issuerAndSN);
- break;
- case NSSCMSSignerID_SubjectKeyID:
-#if 0 /* not yet implemented */
- cert = CERT_FindCertBySubjectKeyID(certdb, signerinfo->signerIdentifier.id.subjectKeyID);
-#else
- cert = NULL;
-#endif
- break;
- default:
- cert = NULL;
- break;
- }
-
- /* cert can be NULL at that point */
- signerinfo->cert = cert; /* earmark it */
-
- return cert;
-}
-
-/*
- * NSS_CMSSignerInfo_GetSignerCommonName - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-char *
-NSS_CMSSignerInfo_GetSignerCommonName(NSSCMSSignerInfo *sinfo)
-{
- CERTCertificate *signercert;
-
- /* will fail if cert is not verified */
- if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL)
- return NULL;
-
- return (CERT_GetCommonName(&signercert->subject));
-}
-
-/*
- * NSS_CMSSignerInfo_GetSignerEmailAddress - return the common name of the signer
- *
- * sinfo - signerInfo data for this signer
- *
- * Returns a pointer to allocated memory, which must be freed.
- * A return value of NULL is an error.
- */
-char *
-NSS_CMSSignerInfo_GetSignerEmailAddress(NSSCMSSignerInfo *sinfo)
-{
- CERTCertificate *signercert;
-
- if ((signercert = NSS_CMSSignerInfo_GetSigningCertificate(sinfo, NULL)) == NULL)
- return NULL;
-
- if (signercert->emailAddr == NULL)
- return NULL;
-
- return (PORT_Strdup(signercert->emailAddr));
-}
-
-/*
- * NSS_CMSSignerInfo_AddAuthAttr - add an attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- */
-SECStatus
-NSS_CMSSignerInfo_AddAuthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr)
-{
- return NSS_CMSAttributeArray_AddAttr(signerinfo->cmsg->poolp, &(signerinfo->authAttr), attr);
-}
-
-/*
- * NSS_CMSSignerInfo_AddUnauthAttr - add an attribute to the
- * unauthenticated attributes of "signerinfo".
- */
-SECStatus
-NSS_CMSSignerInfo_AddUnauthAttr(NSSCMSSignerInfo *signerinfo, NSSCMSAttribute *attr)
-{
- return NSS_CMSAttributeArray_AddAttr(signerinfo->cmsg->poolp, &(signerinfo->unAuthAttr), attr);
-}
-
-/*
- * NSS_CMSSignerInfo_AddSigningTime - add the signing time to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME) but is likely useful in other situations.
- *
- * This should only be added once; a second call will do nothing.
- *
- * XXX This will probably just shove the current time into "signerinfo"
- * but it will not actually get signed until the entire item is
- * processed for encoding. Is this (expected to be small) delay okay?
- */
-SECStatus
-NSS_CMSSignerInfo_AddSigningTime(NSSCMSSignerInfo *signerinfo, PRTime t)
-{
- NSSCMSAttribute *attr;
- SECItem stime;
- void *mark;
- PLArenaPool *poolp;
-
- poolp = signerinfo->cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- /* create new signing time attribute */
- if (DER_TimeToUTCTime(&stime, t) != SECSuccess)
- goto loser;
-
- if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SIGNING_TIME, &stime, PR_FALSE)) == NULL) {
- SECITEM_FreeItem (&stime, PR_FALSE);
- goto loser;
- }
-
- SECITEM_FreeItem (&stime, PR_FALSE);
-
- if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark (poolp, mark);
-
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSSignerInfo_AddSMIMECaps - add a SMIMECapabilities attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed
- * messages for email (S/MIME).
- */
-SECStatus
-NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo)
-{
- NSSCMSAttribute *attr;
- SECItem *smimecaps = NULL;
- void *mark;
- PLArenaPool *poolp;
-
- poolp = signerinfo->cmsg->poolp;
-
- mark = PORT_ArenaMark(poolp);
-
- smimecaps = SECITEM_AllocItem(poolp, NULL, 0);
- if (smimecaps == NULL)
- goto loser;
-
- /* create new signing time attribute */
- if (NSS_SMIMEUtil_CreateSMIMECapabilities(poolp, smimecaps,
- PK11_FortezzaHasKEA(signerinfo->cert)) != SECSuccess)
- goto loser;
-
- if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SMIME_CAPABILITIES, smimecaps, PR_TRUE)) == NULL)
- goto loser;
-
- if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark (poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs - add a SMIMEEncryptionKeyPreferences attribute to the
- * authenticated (i.e. signed) attributes of "signerinfo".
- *
- * This is expected to be included in outgoing signed messages for email (S/MIME).
- */
-SECStatus
-NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs(NSSCMSSignerInfo *signerinfo, CERTCertificate *cert, CERTCertDBHandle *certdb)
-{
- NSSCMSAttribute *attr;
- SECItem *smimeekp = NULL;
- void *mark;
- PLArenaPool *poolp;
-
- /* verify this cert for encryption */
- if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
- return SECFailure;
- }
-
- poolp = signerinfo->cmsg->poolp;
- mark = PORT_ArenaMark(poolp);
-
- smimeekp = SECITEM_AllocItem(poolp, NULL, 0);
- if (smimeekp == NULL)
- goto loser;
-
- /* create new signing time attribute */
- if (NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(poolp, smimeekp, cert) != SECSuccess)
- goto loser;
-
- if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, smimeekp, PR_TRUE)) == NULL)
- goto loser;
-
- if (NSS_CMSSignerInfo_AddAuthAttr(signerinfo, attr) != SECSuccess)
- goto loser;
-
- PORT_ArenaUnmark (poolp, mark);
- return SECSuccess;
-
-loser:
- PORT_ArenaRelease (poolp, mark);
- return SECFailure;
-}
-
-/*
- * NSS_CMSSignerInfo_AddCounterSignature - countersign a signerinfo
- *
- * 1. digest the DER-encoded signature value of the original signerinfo
- * 2. create new signerinfo with correct version, sid, digestAlg
- * 3. add message-digest authAttr, but NO content-type
- * 4. sign the authAttrs
- * 5. DER-encode the new signerInfo
- * 6. add the whole thing to original signerInfo's unAuthAttrs
- * as a SEC_OID_PKCS9_COUNTER_SIGNATURE attribute
- *
- * XXXX give back the new signerinfo?
- */
-SECStatus
-NSS_CMSSignerInfo_AddCounterSignature(NSSCMSSignerInfo *signerinfo,
- SECOidTag digestalg, CERTCertificate signingcert)
-{
- /* XXXX TBD XXXX */
- return SECFailure;
-}
-
-/*
- * XXXX the following needs to be done in the S/MIME layer code
- * after signature of a signerinfo is verified
- */
-SECStatus
-NSS_SMIMESignerInfo_SaveSMIMEProfile(NSSCMSSignerInfo *signerinfo)
-{
- CERTCertificate *cert = NULL;
- SECItem *profile = NULL;
- NSSCMSAttribute *attr;
- SECItem *utc_stime = NULL;
- SECItem *ekp;
- CERTCertDBHandle *certdb;
- int save_error;
- SECStatus rv;
-
- certdb = CERT_GetDefaultCertDB();
-
- /* sanity check - see if verification status is ok (unverified does not count...) */
- if (signerinfo->verificationStatus != NSSCMSVS_GoodSignature)
- return SECFailure;
-
- /* find preferred encryption cert */
- if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr) &&
- (attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
- SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE, PR_TRUE)) != NULL)
- { /* we have a SMIME_ENCRYPTION_KEY_PREFERENCE attribute! */
- ekp = NSS_CMSAttribute_GetValue(attr);
- if (ekp == NULL)
- return SECFailure;
-
- /* we assume that all certs coming with the message have been imported to the */
- /* temporary database */
- cert = NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(certdb, ekp);
- if (cert == NULL)
- return SECFailure;
- }
-
- if (cert == NULL) {
- /* no preferred cert found?
- * find the cert the signerinfo is signed with instead */
- cert = NSS_CMSSignerInfo_GetSigningCertificate(signerinfo, certdb);
- if (cert == NULL || cert->emailAddr == NULL)
- return SECFailure;
- }
-
- /* verify this cert for encryption (has been verified for signing so far) */
- if (CERT_VerifyCert(certdb, cert, PR_TRUE, certUsageEmailRecipient, PR_Now(), signerinfo->cmsg->pwfn_arg, NULL) != SECSuccess) {
- return SECFailure;
- }
-
- /* XXX store encryption cert permanently? */
-
- /*
- * Remember the current error set because we do not care about
- * anything set by the functions we are about to call.
- */
- save_error = PORT_GetError();
-
- if (!NSS_CMSArray_IsEmpty((void **)signerinfo->authAttr)) {
- attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
- SEC_OID_PKCS9_SMIME_CAPABILITIES,
- PR_TRUE);
- profile = NSS_CMSAttribute_GetValue(attr);
- attr = NSS_CMSAttributeArray_FindAttrByOidTag(signerinfo->authAttr,
- SEC_OID_PKCS9_SIGNING_TIME,
- PR_TRUE);
- utc_stime = NSS_CMSAttribute_GetValue(attr);
- }
-
- rv = CERT_SaveSMimeProfile (cert, profile, utc_stime);
-
- /*
- * Restore the saved error in case the calls above set a new
- * one that we do not actually care about.
- */
- PORT_SetError (save_error);
-
- return rv;
-}
-
-/*
- * NSS_CMSSignerInfo_IncludeCerts - set cert chain inclusion mode for this signer
- */
-SECStatus
-NSS_CMSSignerInfo_IncludeCerts(NSSCMSSignerInfo *signerinfo, NSSCMSCertChainMode cm, SECCertUsage usage)
-{
- if (signerinfo->cert == NULL)
- return SECFailure;
-
- switch (cm) {
- case NSSCMSCM_None:
- signerinfo->certList = NULL;
- break;
- case NSSCMSCM_CertOnly:
- signerinfo->certList = CERT_CertListFromCert(signerinfo->cert);
- break;
- case NSSCMSCM_CertChain:
- signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_FALSE);
- break;
- case NSSCMSCM_CertChainWithRoot:
- signerinfo->certList = CERT_CertChainFromCert(signerinfo->cert, usage, PR_TRUE);
- break;
- }
-
- if (cm != NSSCMSCM_None && signerinfo->certList == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/smime/cmst.h b/security/nss/lib/smime/cmst.h
deleted file mode 100644
index 3872489b7..000000000
--- a/security/nss/lib/smime/cmst.h
+++ /dev/null
@@ -1,489 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header for CMS types.
- *
- * $Id$
- */
-
-#ifndef _CMST_H_
-#define _CMST_H_
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "certt.h"
-#include "secmodt.h"
-#include "secmodt.h"
-
-#include "plarena.h"
-
-/* Non-opaque objects. NOTE, though: I want them to be treated as
- * opaque as much as possible. If I could hide them completely,
- * I would. (I tried, but ran into trouble that was taking me too
- * much time to get out of.) I still intend to try to do so.
- * In fact, the only type that "outsiders" should even *name* is
- * NSSCMSMessage, and they should not reference its fields.
- */
-/* rjr: PKCS #11 cert handling (pk11cert.c) does use NSSCMSRecipientInfo's.
- * This is because when we search the recipient list for the cert and key we
- * want, we need to invert the order of the loops we used to have. The old
- * loops were:
- *
- * For each recipient {
- * find_cert = PK11_Find_AllCert(recipient->issuerSN);
- * [which unrolls to... ]
- * For each slot {
- * Log into slot;
- * search slot for cert;
- * }
- * }
- *
- * the new loop searchs all the recipients at once on a slot. this allows
- * PKCS #11 to order slots in such a way that logout slots don't get checked
- * if we can find the cert on a logged in slot. This eliminates lots of
- * spurious password prompts when smart cards are installed... so why this
- * comment? If you make NSSCMSRecipientInfo completely opaque, you need
- * to provide a non-opaque list of issuerSN's (the only field PKCS#11 needs
- * and fix up pk11cert.c first. NOTE: Only S/MIME calls this special PKCS #11
- * function.
- */
-
-typedef struct NSSCMSMessageStr NSSCMSMessage;
-
-typedef union NSSCMSContentUnion NSSCMSContent;
-typedef struct NSSCMSContentInfoStr NSSCMSContentInfo;
-
-typedef struct NSSCMSSignedDataStr NSSCMSSignedData;
-typedef struct NSSCMSSignerInfoStr NSSCMSSignerInfo;
-typedef struct NSSCMSSignerIdentifierStr NSSCMSSignerIdentifier;
-
-typedef struct NSSCMSEnvelopedDataStr NSSCMSEnvelopedData;
-typedef struct NSSCMSOriginatorInfoStr NSSCMSOriginatorInfo;
-typedef struct NSSCMSRecipientInfoStr NSSCMSRecipientInfo;
-
-typedef struct NSSCMSDigestedDataStr NSSCMSDigestedData;
-typedef struct NSSCMSEncryptedDataStr NSSCMSEncryptedData;
-
-typedef struct NSSCMSSMIMEKEAParametersStr NSSCMSSMIMEKEAParameters;
-
-typedef struct NSSCMSAttributeStr NSSCMSAttribute;
-
-typedef struct NSSCMSDecoderContextStr NSSCMSDecoderContext;
-typedef struct NSSCMSEncoderContextStr NSSCMSEncoderContext;
-
-typedef struct NSSCMSCipherContextStr NSSCMSCipherContext;
-typedef struct NSSCMSDigestContextStr NSSCMSDigestContext;
-
-/*
- * Type of function passed to NSSCMSDecode or NSSCMSDecoderStart.
- * If specified, this is where the content bytes (only) will be "sent"
- * as they are recovered during the decoding.
- * And:
- * Type of function passed to NSSCMSEncode or NSSCMSEncoderStart.
- * This is where the DER-encoded bytes will be "sent".
- *
- * XXX Should just combine this with NSSCMSEncoderContentCallback type
- * and use a simpler, common name.
- */
-typedef void (*NSSCMSContentCallback)(void *arg, const char *buf, unsigned long len);
-
-/*
- * Type of function passed to NSSCMSDecode or NSSCMSDecoderStart
- * to retrieve the decryption key. This function is intended to be
- * used for EncryptedData content info's which do not have a key available
- * in a certificate, etc.
- */
-typedef PK11SymKey *(*NSSCMSGetDecryptKeyCallback)(void *arg, SECAlgorithmID *algid);
-
-
-/* =============================================================================
- * ENCAPSULATED CONTENTINFO & CONTENTINFO
- */
-
-union NSSCMSContentUnion {
- /* either unstructured */
- SECItem * data;
- /* or structured data */
- NSSCMSDigestedData * digestedData;
- NSSCMSEncryptedData * encryptedData;
- NSSCMSEnvelopedData * envelopedData;
- NSSCMSSignedData * signedData;
- /* or anonymous pointer to something */
- void * pointer;
-};
-
-struct NSSCMSContentInfoStr {
- SECItem contentType;
- NSSCMSContent content;
- /* --------- local; not part of encoding --------- */
- SECOidData * contentTypeTag;
-
- /* additional info for encryptedData and envelopedData */
- /* we waste this space for signedData and digestedData. sue me. */
-
- SECAlgorithmID contentEncAlg;
- SECItem * rawContent; /* encrypted DER, optional */
- /* XXXX bytes not encrypted, but encoded? */
- /* --------- local; not part of encoding --------- */
- PK11SymKey * bulkkey; /* bulk encryption key */
- int keysize; /* size of bulk encryption key
- * (only used by creation code) */
- SECOidTag contentEncAlgTag; /* oid tag of encryption algorithm
- * (only used by creation code) */
- NSSCMSCipherContext *ciphcx; /* context for en/decryption going on */
- NSSCMSDigestContext *digcx; /* context for digesting going on */
-};
-
-/* =============================================================================
- * MESSAGE
- */
-
-struct NSSCMSMessageStr {
- NSSCMSContentInfo contentInfo; /* "outer" cinfo */
- /* --------- local; not part of encoding --------- */
- PLArenaPool * poolp;
- PRBool poolp_is_ours;
- int refCount;
- /* properties of the "inner" data */
- SECAlgorithmID ** detached_digestalgs;
- SECItem ** detached_digests;
- void * pwfn_arg;
- NSSCMSGetDecryptKeyCallback decrypt_key_cb;
- void * decrypt_key_cb_arg;
-};
-
-/* =============================================================================
- * SIGNEDDATA
- */
-
-struct NSSCMSSignedDataStr {
- SECItem version;
- SECAlgorithmID ** digestAlgorithms;
- NSSCMSContentInfo contentInfo;
- SECItem ** rawCerts;
- CERTSignedCrl ** crls;
- NSSCMSSignerInfo ** signerInfos;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer to message */
- SECItem ** digests;
- CERTCertificate ** certs;
- CERTCertificateList ** certLists;
-};
-#define NSS_CMS_SIGNED_DATA_VERSION_BASIC 1 /* what we *create* */
-#define NSS_CMS_SIGNED_DATA_VERSION_EXT 3 /* what we *create* */
-
-typedef enum {
- NSSCMSVS_Unverified = 0,
- NSSCMSVS_GoodSignature = 1,
- NSSCMSVS_BadSignature = 2,
- NSSCMSVS_DigestMismatch = 3,
- NSSCMSVS_SigningCertNotFound = 4,
- NSSCMSVS_SigningCertNotTrusted = 5,
- NSSCMSVS_SignatureAlgorithmUnknown = 6,
- NSSCMSVS_SignatureAlgorithmUnsupported = 7,
- NSSCMSVS_MalformedSignature = 8,
- NSSCMSVS_ProcessingError = 9
-} NSSCMSVerificationStatus;
-
-typedef enum {
- NSSCMSSignerID_IssuerSN = 0,
- NSSCMSSignerID_SubjectKeyID = 1
-} NSSCMSSignerIDSelector;
-
-struct NSSCMSSignerIdentifierStr {
- NSSCMSSignerIDSelector identifierType;
- union {
- CERTIssuerAndSN *issuerAndSN;
- SECItem *subjectKeyID;
- } id;
-};
-
-struct NSSCMSSignerInfoStr {
- SECItem version;
- NSSCMSSignerIdentifier signerIdentifier;
- SECAlgorithmID digestAlg;
- NSSCMSAttribute ** authAttr;
- SECAlgorithmID digestEncAlg;
- SECItem encDigest;
- NSSCMSAttribute ** unAuthAttr;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer to message */
- CERTCertificate * cert;
- CERTCertificateList * certList;
- PRTime signingTime;
- NSSCMSVerificationStatus verificationStatus;
-};
-#define NSS_CMS_SIGNER_INFO_VERSION_ISSUERSN 1 /* what we *create* */
-#define NSS_CMS_SIGNER_INFO_VERSION_SUBJKEY 3 /* what we *create* */
-
-typedef enum {
- NSSCMSCM_None = 0,
- NSSCMSCM_CertOnly = 1,
- NSSCMSCM_CertChain = 2,
- NSSCMSCM_CertChainWithRoot = 3
-} NSSCMSCertChainMode;
-
-/* =============================================================================
- * ENVELOPED DATA
- */
-struct NSSCMSEnvelopedDataStr {
- SECItem version;
- NSSCMSOriginatorInfo * originatorInfo; /* optional */
- NSSCMSRecipientInfo ** recipientInfos;
- NSSCMSContentInfo contentInfo;
- NSSCMSAttribute ** unprotectedAttr;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer to message */
-};
-#define NSS_CMS_ENVELOPED_DATA_VERSION_REG 0 /* what we *create* */
-#define NSS_CMS_ENVELOPED_DATA_VERSION_ADV 2 /* what we *create* */
-
-struct NSSCMSOriginatorInfoStr {
- SECItem ** rawCerts;
- CERTSignedCrl ** crls;
- /* --------- local; not part of encoding --------- */
- CERTCertificate ** certs;
-};
-
-/* -----------------------------------------------------------------------------
- * key transport recipient info
- */
-typedef enum {
- NSSCMSRecipientID_IssuerSN = 0,
- NSSCMSRecipientID_SubjectKeyID = 1
-} NSSCMSRecipientIDSelector;
-
-struct NSSCMSRecipientIdentifierStr {
- NSSCMSRecipientIDSelector identifierType;
- union {
- CERTIssuerAndSN *issuerAndSN;
- SECItem *subjectKeyID;
- } id;
-};
-typedef struct NSSCMSRecipientIdentifierStr NSSCMSRecipientIdentifier;
-
-struct NSSCMSKeyTransRecipientInfoStr {
- SECItem version;
- NSSCMSRecipientIdentifier recipientIdentifier;
- SECAlgorithmID keyEncAlg;
- SECItem encKey;
-};
-typedef struct NSSCMSKeyTransRecipientInfoStr NSSCMSKeyTransRecipientInfo;
-
-#define NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_ISSUERSN 0 /* what we *create* */
-#define NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_SUBJKEY 2 /* what we *create* */
-
-/* -----------------------------------------------------------------------------
- * key agreement recipient info
- */
-struct NSSCMSOriginatorPublicKeyStr {
- SECAlgorithmID algorithmIdentifier;
- SECItem publicKey; /* bit string! */
-};
-typedef struct NSSCMSOriginatorPublicKeyStr NSSCMSOriginatorPublicKey;
-
-typedef enum {
- NSSCMSOriginatorIDOrKey_IssuerSN = 0,
- NSSCMSOriginatorIDOrKey_SubjectKeyID = 1,
- NSSCMSOriginatorIDOrKey_OriginatorPublicKey = 2
-} NSSCMSOriginatorIDOrKeySelector;
-
-struct NSSCMSOriginatorIdentifierOrKeyStr {
- NSSCMSOriginatorIDOrKeySelector identifierType;
- union {
- CERTIssuerAndSN *issuerAndSN; /* static-static */
- SECItem *subjectKeyID; /* static-static */
- NSSCMSOriginatorPublicKey originatorPublicKey; /* ephemeral-static */
- } id;
-};
-typedef struct NSSCMSOriginatorIdentifierOrKeyStr NSSCMSOriginatorIdentifierOrKey;
-
-struct NSSCMSRecipientKeyIdentifierStr {
- SECItem * subjectKeyIdentifier;
- SECItem * date; /* optional */
- SECItem * other; /* optional */
-};
-typedef struct NSSCMSRecipientKeyIdentifierStr NSSCMSRecipientKeyIdentifier;
-
-typedef enum {
- NSSCMSKeyAgreeRecipientID_IssuerSN = 0,
- NSSCMSKeyAgreeRecipientID_RKeyID = 1
-} NSSCMSKeyAgreeRecipientIDSelector;
-
-struct NSSCMSKeyAgreeRecipientIdentifierStr {
- NSSCMSKeyAgreeRecipientIDSelector identifierType;
- union {
- CERTIssuerAndSN *issuerAndSN;
- NSSCMSRecipientKeyIdentifier recipientKeyIdentifier;
- } id;
-};
-typedef struct NSSCMSKeyAgreeRecipientIdentifierStr NSSCMSKeyAgreeRecipientIdentifier;
-
-struct NSSCMSRecipientEncryptedKeyStr {
- NSSCMSKeyAgreeRecipientIdentifier recipientIdentifier;
- SECItem encKey;
-};
-typedef struct NSSCMSRecipientEncryptedKeyStr NSSCMSRecipientEncryptedKey;
-
-struct NSSCMSKeyAgreeRecipientInfoStr {
- SECItem version;
- NSSCMSOriginatorIdentifierOrKey originatorIdentifierOrKey;
- SECItem * ukm; /* optional */
- SECAlgorithmID keyEncAlg;
- NSSCMSRecipientEncryptedKey ** recipientEncryptedKeys;
-};
-typedef struct NSSCMSKeyAgreeRecipientInfoStr NSSCMSKeyAgreeRecipientInfo;
-
-#define NSS_CMS_KEYAGREE_RECIPIENT_INFO_VERSION 3 /* what we *create* */
-
-/* -----------------------------------------------------------------------------
- * KEK recipient info
- */
-struct NSSCMSKEKIdentifierStr {
- SECItem keyIdentifier;
- SECItem * date; /* optional */
- SECItem * other; /* optional */
-};
-typedef struct NSSCMSKEKIdentifierStr NSSCMSKEKIdentifier;
-
-struct NSSCMSKEKRecipientInfoStr {
- SECItem version;
- NSSCMSKEKIdentifier kekIdentifier;
- SECAlgorithmID keyEncAlg;
- SECItem encKey;
-};
-typedef struct NSSCMSKEKRecipientInfoStr NSSCMSKEKRecipientInfo;
-
-#define NSS_CMS_KEK_RECIPIENT_INFO_VERSION 4 /* what we *create* */
-
-/* -----------------------------------------------------------------------------
- * recipient info
- */
-
-typedef enum {
- NSSCMSRecipientInfoID_KeyTrans = 0,
- NSSCMSRecipientInfoID_KeyAgree = 1,
- NSSCMSRecipientInfoID_KEK = 2
-} NSSCMSRecipientInfoIDSelector;
-
-struct NSSCMSRecipientInfoStr {
- NSSCMSRecipientInfoIDSelector recipientInfoType;
- union {
- NSSCMSKeyTransRecipientInfo keyTransRecipientInfo;
- NSSCMSKeyAgreeRecipientInfo keyAgreeRecipientInfo;
- NSSCMSKEKRecipientInfo kekRecipientInfo;
- } ri;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer to message */
- CERTCertificate * cert; /* recipient's certificate */
-};
-
-/* =============================================================================
- * DIGESTED DATA
- */
-struct NSSCMSDigestedDataStr {
- SECItem version;
- SECAlgorithmID digestAlg;
- NSSCMSContentInfo contentInfo;
- SECItem digest;
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer */
- SECItem cdigest; /* calculated digest */
-};
-#define NSS_CMS_DIGESTED_DATA_VERSION_DATA 0 /* what we *create* */
-#define NSS_CMS_DIGESTED_DATA_VERSION_ENCAP 2 /* what we *create* */
-
-/* =============================================================================
- * ENCRYPTED DATA
- */
-struct NSSCMSEncryptedDataStr {
- SECItem version;
- NSSCMSContentInfo contentInfo;
- NSSCMSAttribute ** unprotectedAttr; /* optional */
- /* --------- local; not part of encoding --------- */
- NSSCMSMessage * cmsg; /* back pointer */
-};
-#define NSS_CMS_ENCRYPTED_DATA_VERSION 0 /* what we *create* */
-#define NSS_CMS_ENCRYPTED_DATA_VERSION_UPATTR 2 /* what we *create* */
-
-/* =============================================================================
- * FORTEZZA KEA
- */
-
-/* An enumerated type used to select templates based on the encryption
- scenario and data specifics. */
-typedef enum {
- NSSCMSKEAUsesSkipjack = 0,
- NSSCMSKEAUsesNonSkipjack = 1,
- NSSCMSKEAUsesNonSkipjackWithPaddedEncKey = 2
-} NSSCMSKEATemplateSelector;
-
-/* ### mwelch - S/MIME KEA parameters. These don't really fit here,
- but I cannot think of a more appropriate place at this time. */
-struct NSSCMSSMIMEKEAParametersStr {
- SECItem originatorKEAKey; /* sender KEA key (encrypted?) */
- SECItem originatorRA; /* random number generated by sender */
- SECItem nonSkipjackIV; /* init'n vector for SkipjackCBC64
- decryption of KEA key if Skipjack
- is not the bulk algorithm used on
- the message */
- SECItem bulkKeySize; /* if Skipjack is not the bulk
- algorithm used on the message,
- and the size of the bulk encryption
- key is not the same as that of
- originatorKEAKey (due to padding
- perhaps), this field will contain
- the real size of the bulk encryption
- key. */
-};
-
-/*
- * *****************************************************************************
- * *****************************************************************************
- * *****************************************************************************
- */
-
-/*
- * See comment above about this type not really belonging to CMS.
- */
-struct NSSCMSAttributeStr {
- /* The following fields make up an encoded Attribute: */
- SECItem type;
- SECItem ** values; /* data may or may not be encoded */
- /* The following fields are not part of an encoded Attribute: */
- SECOidData * typeTag;
- PRBool encoded; /* when true, values are encoded */
-};
-
-#endif /* _CMST_H_ */
diff --git a/security/nss/lib/smime/cmsutil.c b/security/nss/lib/smime/cmsutil.c
deleted file mode 100644
index f7899d881..000000000
--- a/security/nss/lib/smime/cmsutil.c
+++ /dev/null
@@ -1,393 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * CMS miscellaneous utility functions.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-
-#include "cmslocal.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "secerr.h"
-#include "sechash.h"
-
-/*
- * NSS_CMSArray_SortByDER - sort array of objects by objects' DER encoding
- *
- * make sure that the order of the objects guarantees valid DER (which must be
- * in lexigraphically ascending order for a SET OF); if reordering is necessary it
- * will be done in place (in objs).
- */
-SECStatus
-NSS_CMSArray_SortByDER(void **objs, const SEC_ASN1Template *objtemplate, void **objs2)
-{
- PRArenaPool *poolp;
- int num_objs;
- SECItem **enc_objs;
- SECStatus rv = SECFailure;
- int i;
-
- if (objs == NULL) /* already sorted */
- return SECSuccess;
-
- num_objs = NSS_CMSArray_Count((void **)objs);
- if (num_objs == 0 || num_objs == 1) /* already sorted. */
- return SECSuccess;
-
- poolp = PORT_NewArena (1024); /* arena for temporaries */
- if (poolp == NULL)
- return SECFailure; /* no memory; nothing we can do... */
-
- /*
- * Allocate arrays to hold the individual encodings which we will use
- * for comparisons and the reordered attributes as they are sorted.
- */
- enc_objs = (SECItem **)PORT_ArenaZAlloc(poolp, (num_objs + 1) * sizeof(SECItem *));
- if (enc_objs == NULL)
- goto loser;
-
- /* DER encode each individual object. */
- for (i = 0; i < num_objs; i++) {
- enc_objs[i] = SEC_ASN1EncodeItem(poolp, NULL, objs[i], objtemplate);
- if (enc_objs[i] == NULL)
- goto loser;
- }
- enc_objs[num_objs] = NULL;
-
- /* now compare and sort objs by the order of enc_objs */
- NSS_CMSArray_Sort((void **)enc_objs, NSS_CMSUtil_DERCompare, objs, objs2);
-
- rv = SECSuccess;
-
-loser:
- PORT_FreeArena (poolp, PR_FALSE);
- return rv;
-}
-
-/*
- * NSS_CMSUtil_DERCompare - for use with NSS_CMSArray_Sort to
- * sort arrays of SECItems containing DER
- */
-int
-NSS_CMSUtil_DERCompare(void *a, void *b)
-{
- SECItem *der1 = (SECItem *)a;
- SECItem *der2 = (SECItem *)b;
- int j;
-
- /*
- * Find the lowest (lexigraphically) encoding. One that is
- * shorter than all the rest is known to be "less" because each
- * attribute is of the same type (a SEQUENCE) and so thus the
- * first octet of each is the same, and the second octet is
- * the length (or the length of the length with the high bit
- * set, followed by the length, which also works out to always
- * order the shorter first). Two (or more) that have the
- * same length need to be compared byte by byte until a mismatch
- * is found.
- */
- if (der1->len != der2->len)
- return (der1->len < der2->len) ? -1 : 1;
-
- for (j = 0; j < der1->len; j++) {
- if (der1->data[j] == der2->data[j])
- continue;
- return (der1->data[j] < der2->data[j]) ? -1 : 1;
- }
- return 0;
-}
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgID - find a specific algorithm in an array of
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algid - algorithmid of algorithm to pick
- *
- * Returns:
- * An integer containing the index of the algorithm in the array or -1 if
- * algorithm was not found.
- */
-int
-NSS_CMSAlgArray_GetIndexByAlgID(SECAlgorithmID **algorithmArray, SECAlgorithmID *algid)
-{
- int i;
-
- if (algorithmArray == NULL || algorithmArray[0] == NULL)
- return -1;
-
- for (i = 0; algorithmArray[i] != NULL; i++) {
- if (SECOID_CompareAlgorithmID(algorithmArray[i], algid) == SECEqual)
- break; /* bingo */
- }
-
- if (algorithmArray[i] == NULL)
- return -1; /* not found */
-
- return i;
-}
-
-/*
- * NSS_CMSAlgArray_GetIndexByAlgTag - find a specific algorithm in an array of
- * algorithms.
- *
- * algorithmArray - array of algorithm IDs
- * algtag - algorithm tag of algorithm to pick
- *
- * Returns:
- * An integer containing the index of the algorithm in the array or -1 if
- * algorithm was not found.
- */
-int
-NSS_CMSAlgArray_GetIndexByAlgTag(SECAlgorithmID **algorithmArray, SECOidTag algtag)
-{
- SECOidData *algid;
- int i;
-
- if (algorithmArray == NULL || algorithmArray[0] == NULL)
- return -1;
-
- for (i = 0; algorithmArray[i] != NULL; i++) {
- algid = SECOID_FindOID(&(algorithmArray[i]->algorithm));
- if (algid->offset == algtag)
- break; /* bingo */
- }
-
- if (algorithmArray[i] == NULL)
- return -1; /* not found */
-
- return i;
-}
-
-const SECHashObject *
-NSS_CMSUtil_GetHashObjByAlgID(SECAlgorithmID *algid)
-{
- SECOidData *oiddata;
- const SECHashObject *digobj;
-
- /* here are the algorithms we know */
- oiddata = SECOID_FindOID(&(algid->algorithm));
- if (oiddata == NULL) {
- digobj = NULL;
- } else {
- switch (oiddata->offset) {
- case SEC_OID_MD2:
- digobj = HASH_GetHashObject(HASH_AlgMD2);
- break;
- case SEC_OID_MD5:
- digobj = HASH_GetHashObject(HASH_AlgMD5);
- break;
- case SEC_OID_SHA1:
- digobj = HASH_GetHashObject(HASH_AlgSHA1);
- break;
- default:
- digobj = NULL;
- break;
- }
- }
- return digobj;
-}
-
-/*
- * XXX I would *really* like to not have to do this, but the current
- * signing interface gives me little choice.
- */
-SECOidTag
-NSS_CMSUtil_MakeSignatureAlgorithm(SECOidTag hashalg, SECOidTag encalg)
-{
- switch (encalg) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- switch (hashalg) {
- case SEC_OID_MD2:
- return SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
- case SEC_OID_MD5:
- return SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
- case SEC_OID_SHA1:
- return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
- default:
- return SEC_OID_UNKNOWN;
- }
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS:
- switch (hashalg) {
- case SEC_OID_SHA1:
- return SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
- default:
- return SEC_OID_UNKNOWN;
- }
- default:
- break;
- }
-
- return encalg; /* maybe it is already the right algid */
-}
-
-const SEC_ASN1Template *
-NSS_CMSUtil_GetTemplateByTypeTag(SECOidTag type)
-{
- const SEC_ASN1Template *template;
- extern const SEC_ASN1Template NSSCMSSignedDataTemplate[];
- extern const SEC_ASN1Template NSSCMSEnvelopedDataTemplate[];
- extern const SEC_ASN1Template NSSCMSEncryptedDataTemplate[];
- extern const SEC_ASN1Template NSSCMSDigestedDataTemplate[];
-
- switch (type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- template = NSSCMSSignedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- template = NSSCMSEnvelopedDataTemplate;
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- template = NSSCMSEncryptedDataTemplate;
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- template = NSSCMSDigestedDataTemplate;
- break;
- default:
- case SEC_OID_PKCS7_DATA:
- template = NULL;
- break;
- }
- return template;
-}
-
-size_t
-NSS_CMSUtil_GetSizeByTypeTag(SECOidTag type)
-{
- size_t size;
-
- switch (type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- size = sizeof(NSSCMSSignedData);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- size = sizeof(NSSCMSEnvelopedData);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- size = sizeof(NSSCMSEncryptedData);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- size = sizeof(NSSCMSDigestedData);
- break;
- default:
- case SEC_OID_PKCS7_DATA:
- size = 0;
- break;
- }
- return size;
-}
-
-NSSCMSContentInfo *
-NSS_CMSContent_GetContentInfo(void *msg, SECOidTag type)
-{
- NSSCMSContent c;
- NSSCMSContentInfo *cinfo;
-
- PORT_Assert(msg != NULL);
-
- c.pointer = msg;
- switch (type) {
- case SEC_OID_PKCS7_SIGNED_DATA:
- cinfo = &(c.signedData->contentInfo);
- break;
- case SEC_OID_PKCS7_ENVELOPED_DATA:
- cinfo = &(c.envelopedData->contentInfo);
- break;
- case SEC_OID_PKCS7_ENCRYPTED_DATA:
- cinfo = &(c.encryptedData->contentInfo);
- break;
- case SEC_OID_PKCS7_DIGESTED_DATA:
- cinfo = &(c.digestedData->contentInfo);
- break;
- default:
- cinfo = NULL;
- }
- return cinfo;
-}
-
-const char *
-NSS_CMSUtil_VerificationStatusToString(NSSCMSVerificationStatus vs)
-{
- switch (vs) {
- case NSSCMSVS_Unverified: return "Unverified";
- case NSSCMSVS_GoodSignature: return "GoodSignature";
- case NSSCMSVS_BadSignature: return "BadSignature";
- case NSSCMSVS_DigestMismatch: return "DigestMismatch";
- case NSSCMSVS_SigningCertNotFound: return "SigningCertNotFound";
- case NSSCMSVS_SigningCertNotTrusted: return "SigningCertNotTrusted";
- case NSSCMSVS_SignatureAlgorithmUnknown: return "SignatureAlgorithmUnknown";
- case NSSCMSVS_SignatureAlgorithmUnsupported: return "SignatureAlgorithmUnsupported";
- case NSSCMSVS_MalformedSignature: return "MalformedSignature";
- case NSSCMSVS_ProcessingError: return "ProcessingError";
- default: return "Unknown";
- }
-}
-
-SECStatus
-NSS_CMSDEREncode(NSSCMSMessage *cmsg, SECItem *input, SECItem *derOut,
- PLArenaPool *arena)
-{
- NSSCMSEncoderContext *ecx;
- SECStatus rv = SECSuccess;
- if (!cmsg || !derOut || !arena) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ecx = NSS_CMSEncoder_Start(cmsg, 0, 0, derOut, arena, 0, 0, 0, 0, 0, 0);
- if (!ecx) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return SECFailure;
- }
- if (input) {
- rv = NSS_CMSEncoder_Update(ecx, (const char*)input->data, input->len);
- if (rv) {
- PORT_SetError(SEC_ERROR_BAD_DATA);
- }
- }
- rv |= NSS_CMSEncoder_Finish(ecx);
- if (rv) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- }
- return rv;
-}
diff --git a/security/nss/lib/smime/config.mk b/security/nss/lib/smime/config.mk
deleted file mode 100644
index b700ed6a2..000000000
--- a/security/nss/lib/smime/config.mk
+++ /dev/null
@@ -1,93 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-#TARGETS = $(LIBRARY)
-#SHARED_LIBRARY =
-#IMPORT_LIBRARY =
-#PROGRAM =
-
-RELEASE_LIBS = $(TARGETS)
-
-ifeq ($(OS_ARCH), WINNT)
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib
-
-RES = $(OBJDIR)/smime.res
-RESNAME = smime.rc
-
-SHARED_LIBRARY_LIBS = \
- $(DIST)/lib/pkcs12.lib \
- $(DIST)/lib/pkcs7.lib \
- $(NULL)
-
-SHARED_LIBRARY_DIRS = \
- ../pkcs12 \
- ../pkcs7 \
- $(NULL)
-
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/nss3.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-else
-
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-SHARED_LIBRARY_LIBS = \
- $(DIST)/lib/libpkcs12.${LIB_SUFFIX} \
- $(DIST)/lib/libpkcs7.${LIB_SUFFIX} \
- $(NULL)
-
-SHARED_LIBRARY_DIRS = \
- ../pkcs12 \
- ../pkcs7 \
- $(NULL)
-
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-endif
diff --git a/security/nss/lib/smime/manifest.mn b/security/nss/lib/smime/manifest.mn
deleted file mode 100644
index 328a55e25..000000000
--- a/security/nss/lib/smime/manifest.mn
+++ /dev/null
@@ -1,77 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- cms.h \
- cmst.h \
- smime.h \
- cmsreclist.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- cmslocal.h \
- $(NULL)
-
-MODULE = security
-MAPFILE = $(OBJDIR)/smime.def
-
-CSRCS = \
- cmsarray.c \
- cmsasn1.c \
- cmsattr.c \
- cmscinfo.c \
- cmscipher.c \
- cmsdecode.c \
- cmsdigdata.c \
- cmsdigest.c \
- cmsencdata.c \
- cmsencode.c \
- cmsenvdata.c \
- cmsmessage.c \
- cmspubkey.c \
- cmsrecinfo.c \
- cmsreclist.c \
- cmssigdata.c \
- cmssiginfo.c \
- cmsutil.c \
- smimemessage.c \
- smimeutil.c \
- smimever.c \
- $(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = smime
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/smime/smime.def b/security/nss/lib/smime/smime.def
deleted file mode 100644
index 1657a3061..000000000
--- a/security/nss/lib/smime/smime.def
+++ /dev/null
@@ -1,198 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation. Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation. All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above. If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL. If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+# 1. For all unix platforms, the string ";-" means "remove this line"
-;+# 2. For all unix platforms, the string " DATA " will be removed from any
-;+# line on which it occurs.
-;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+# On AIX, lines containing ";+" will be removed.
-;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+# 5. For all unix platforms, after the above processing has taken place,
-;+# all characters after the first ";" on the line will be removed.
-;+# And for AIX, the first ";" will also be removed.
-;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+# directives are hidden behind ";", ";+", and ";-"
-;+
-;+NSS_3.2 { # NSS 3.2 release
-;+ global:
-LIBRARY smime3 ;-
-EXPORTS ;-
-NSS_CMSContentInfo_GetBulkKey;
-NSS_CMSContentInfo_GetBulkKeySize;
-NSS_CMSContentInfo_GetContent;
-NSS_CMSContentInfo_GetContentEncAlgTag;
-NSS_CMSContentInfo_GetContentTypeTag;
-NSS_CMSContentInfo_SetBulkKey;
-NSS_CMSContentInfo_SetContent;
-NSS_CMSContentInfo_SetContentEncAlg;
-NSS_CMSContentInfo_SetContent_Data;
-NSS_CMSContentInfo_SetContent_DigestedData;
-NSS_CMSContentInfo_SetContent_EncryptedData;
-NSS_CMSContentInfo_SetContent_EnvelopedData;
-NSS_CMSContentInfo_SetContent_SignedData;
-NSS_CMSDEREncode;
-NSS_CMSDecoder_Cancel;
-NSS_CMSDecoder_Finish;
-NSS_CMSDecoder_Start;
-NSS_CMSDecoder_Update;
-NSS_CMSDigestContext_Cancel;
-NSS_CMSDigestContext_FinishMultiple;
-NSS_CMSDigestContext_FinishSingle;
-NSS_CMSDigestContext_StartMultiple;
-NSS_CMSDigestContext_StartSingle;
-NSS_CMSDigestContext_Update;
-NSS_CMSDigestedData_Create;
-NSS_CMSDigestedData_Destroy;
-NSS_CMSDigestedData_GetContentInfo;
-NSS_CMSEncoder_Cancel;
-NSS_CMSEncoder_Finish;
-NSS_CMSEncoder_Start;
-NSS_CMSEncoder_Update;
-NSS_CMSEncryptedData_Create;
-NSS_CMSEncryptedData_Destroy;
-NSS_CMSEncryptedData_GetContentInfo;
-NSS_CMSEnvelopedData_AddRecipient;
-NSS_CMSEnvelopedData_Create;
-NSS_CMSEnvelopedData_Destroy;
-NSS_CMSEnvelopedData_GetContentInfo;
-NSS_CMSMessage_ContentLevel;
-NSS_CMSMessage_ContentLevelCount;
-NSS_CMSMessage_Copy;
-NSS_CMSMessage_Create;
-NSS_CMSMessage_CreateFromDER;
-NSS_CMSMessage_Destroy;
-NSS_CMSMessage_GetContent;
-NSS_CMSMessage_GetContentInfo;
-NSS_CMSRecipientInfo_Create;
-NSS_CMSRecipientInfo_Destroy;
-NSS_CMSSignedData_AddCertChain;
-NSS_CMSSignedData_AddCertList;
-NSS_CMSSignedData_AddCertificate;
-NSS_CMSSignedData_AddDigest;
-NSS_CMSSignedData_AddSignerInfo;
-NSS_CMSSignedData_Create;
-NSS_CMSSignedData_CreateCertsOnly;
-NSS_CMSSignedData_Destroy;
-NSS_CMSSignedData_GetContentInfo;
-NSS_CMSSignedData_GetDigestAlgs;
-NSS_CMSSignedData_GetSignerInfo;
-NSS_CMSSignedData_HasDigests;
-NSS_CMSSignedData_ImportCerts;
-NSS_CMSSignedData_SetDigests;
-NSS_CMSSignedData_SignerInfoCount;
-NSS_CMSSignedData_VerifyCertsOnly;
-NSS_CMSSignedData_VerifySignerInfo;
-NSS_CMSSignerInfo_AddSMIMECaps;
-NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs;
-NSS_CMSSignerInfo_AddSigningTime;
-NSS_CMSSignerInfo_Create;
-NSS_CMSSignerInfo_Destroy;
-NSS_CMSSignerInfo_GetCertList;
-NSS_CMSSignerInfo_GetSignerCommonName;
-NSS_CMSSignerInfo_GetSignerEmailAddress;
-NSS_CMSSignerInfo_GetSigningCertificate;
-NSS_CMSSignerInfo_GetSigningTime;
-NSS_CMSSignerInfo_GetVerificationStatus;
-NSS_CMSSignerInfo_GetVersion;
-NSS_CMSSignerInfo_IncludeCerts;
-NSS_CMSUtil_VerificationStatusToString;
-NSS_SMIMEUtil_FindBulkAlgForRecipients;
-CERT_DecodeCertPackage;
-SEC_PKCS7AddRecipient;
-SEC_PKCS7AddSigningTime;
-SEC_PKCS7ContentType;
-SEC_PKCS7CreateData;
-SEC_PKCS7CreateEncryptedData;
-SEC_PKCS7CreateEnvelopedData;
-SEC_PKCS7CreateSignedData;
-SEC_PKCS7DecodeItem;
-SEC_PKCS7DecoderFinish;
-SEC_PKCS7DecoderStart;
-SEC_PKCS7DecoderUpdate;
-SEC_PKCS7DecryptContents;
-SEC_PKCS7DestroyContentInfo;
-SEC_PKCS7EncoderFinish;
-SEC_PKCS7EncoderStart;
-SEC_PKCS7EncoderUpdate;
-SEC_PKCS7GetCertificateList;
-SEC_PKCS7GetContent;
-SEC_PKCS7GetEncryptionAlgorithm;
-SEC_PKCS7IncludeCertChain;
-SEC_PKCS7IsContentEmpty;
-SEC_PKCS7VerifySignature;
-SEC_PKCS12AddCertAndKey;
-SEC_PKCS12AddPasswordIntegrity;
-SEC_PKCS12CreateExportContext;
-SEC_PKCS12CreatePasswordPrivSafe;
-SEC_PKCS12CreateUnencryptedSafe;
-SEC_PKCS12EnableCipher;
-SEC_PKCS12Encode;
-SEC_PKCS12DecoderImportBags;
-SEC_PKCS12DecoderFinish;
-SEC_PKCS12DecoderStart;
-SEC_PKCS12DecoderUpdate;
-SEC_PKCS12DecoderValidateBags;
-SEC_PKCS12DecoderVerify;
-SEC_PKCS12DestroyExportContext;
-SEC_PKCS12IsEncryptionAllowed;
-SEC_PKCS12SetPreferredCipher;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.2.1 { # NSS 3.2.1 release
-;+ global:
-NSSSMIME_VersionCheck;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.3 { # NSS 3.3. release
-;+ global:
-SEC_PKCS7AddCertificate;
-SEC_PKCS7CreateCertsOnly;
-SEC_PKCS7Encode;
-;+ local:
-;+ *;
-;+};
-;+NSS_3.4 { # NSS 3.4. release
-;+ global:
-;+# FOR PSM
-CERT_DecodeCertFromPackage;
-NSS_CMSSignedData_SetDigestValue;
-NSS_CMSMessage_IsSigned;
-NSS_SMIMESignerInfo_SaveSMIMEProfile;
-SEC_PKCS7CopyContentInfo;
-SEC_PKCS7VerifyDetachedSignature;
-SECMIME_DecryptionAllowed;
-;+ local:
-;+ *;
-;+};
diff --git a/security/nss/lib/smime/smime.h b/security/nss/lib/smime/smime.h
deleted file mode 100644
index 1832634f7..000000000
--- a/security/nss/lib/smime/smime.h
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Header file for routines specific to S/MIME. Keep things that are pure
- * pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc.
- *
- * $Id$
- */
-
-#ifndef _SECMIME_H_
-#define _SECMIME_H_ 1
-
-#include "cms.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * Initialize the local recording of the user S/MIME cipher preferences.
- * This function is called once for each cipher, the order being
- * important (first call records greatest preference, and so on).
- * When finished, it is called with a "which" of CIPHER_FAMILID_MASK.
- * If the function is called again after that, it is assumed that
- * the preferences are being reset, and the old preferences are
- * discarded.
- *
- * XXX This is for a particular user, and right now the storage is
- * XXX local, static. The preference should be stored elsewhere to allow
- * XXX for multiple uses of one library? How does SSL handle this;
- * XXX it has something similar?
- *
- * - The "which" values are defined in ciferfam.h (the SMIME_* values,
- * for example SMIME_DES_CBC_56).
- * - If "on" is non-zero then the named cipher is enabled, otherwise
- * it is disabled. (It is not necessary to call the function for
- * ciphers that are disabled, however, as that is the default.)
- *
- * If the cipher preference is successfully recorded, SECSuccess
- * is returned. Otherwise SECFailure is returned. The only errors
- * are due to failure allocating memory or bad parameters/calls:
- * SEC_ERROR_XXX ("which" is not in the S/MIME cipher family)
- * SEC_ERROR_XXX (function is being called more times than there
- * are known/expected ciphers)
- */
-extern SECStatus NSS_SMIMEUtil_EnableCipher(long which, int on);
-
-/*
- * Initialize the local recording of the S/MIME policy.
- * This function is called to allow/disallow a particular cipher.
- *
- * XXX This is for a the current module, I think, so local, static storage
- * XXX is okay. Is that correct, or could multiple uses of the same
- * XXX library expect to operate under different policies?
- *
- * - The "which" values are defined in ciferfam.h (the SMIME_* values,
- * for example SMIME_DES_CBC_56).
- * - If "on" is non-zero then the named cipher is enabled, otherwise
- * it is disabled.
- */
-extern SECStatus NSS_SMIMEUtils_AllowCipher(long which, int on);
-
-/*
- * Does the current policy allow S/MIME decryption of this particular
- * algorithm and keysize?
- */
-extern PRBool NSS_SMIMEUtil_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key);
-
-/*
- * Does the current policy allow *any* S/MIME encryption (or decryption)?
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy. Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments. The return value is a simple boolean:
- * PR_TRUE means encryption (or decryption) is *possible*
- * (but may still fail due to other reasons, like because we cannot
- * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- * PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-extern PRBool NSS_SMIMEUtil_EncryptionPossible(void);
-
-/*
- * NSS_SMIMEUtil_CreateSMIMECapabilities - get S/MIME capabilities attr value
- *
- * scans the list of allowed and enabled ciphers and construct a PKCS9-compliant
- * S/MIME capabilities attribute value.
- */
-extern SECStatus NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest, PRBool includeFortezzaCiphers);
-
-/*
- * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value
- */
-extern SECStatus NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert);
-
-/*
- * NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference - find cert marked by EncryptionKeyPreference
- * attribute
- */
-extern CERTCertificate *NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(CERTCertDBHandle *certdb, SECItem *DERekp);
-
-/*
- * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients
- */
-extern SECStatus
-NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulkalgtag, int *keysize);
-
-/************************************************************************/
-SEC_END_PROTOS
-
-#endif /* _SECMIME_H_ */
diff --git a/security/nss/lib/smime/smime.rc b/security/nss/lib/smime/smime.rc
deleted file mode 100644
index f75da062d..000000000
--- a/security/nss/lib/smime/smime.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "smime"
-#define MY_FILEDESCRIPTION "NSS S/MIME Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904B0" // Lang=US English, CharSet=Unicode
- BEGIN
- VALUE "CompanyName", "Netscape Communications Corporation\0"
- VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
- VALUE "FileVersion", NSS_VERSION "\0"
- VALUE "InternalName", MY_INTERNAL_NAME "\0"
- VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
- VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
- VALUE "ProductName", "Network Security Services\0"
- VALUE "ProductVersion", NSS_VERSION "\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 1200
- END
-END
diff --git a/security/nss/lib/smime/smimemessage.c b/security/nss/lib/smime/smimemessage.c
deleted file mode 100644
index 81c1f9d4d..000000000
--- a/security/nss/lib/smime/smimemessage.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * SMIME message methods
- *
- * $Id$
- */
-
-#include "cmslocal.h"
-#include "smime.h"
-
-#include "cert.h"
-#include "key.h"
-#include "secasn1.h"
-#include "secitem.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "prtime.h"
-#include "secerr.h"
-
-
-#if 0
-/*
- * NSS_SMIMEMessage_CreateEncrypted - start an S/MIME encrypting context.
- *
- * "scert" is the cert for the sender. It will be checked for validity.
- * "rcerts" are the certs for the recipients. They will also be checked.
- *
- * "certdb" is the cert database to use for verifying the certs.
- * It can be NULL if a default database is available (like in the client).
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-NSSCMSMessage *
-NSS_SMIMEMessage_CreateEncrypted(CERTCertificate *scert,
- CERTCertificate **rcerts,
- CERTCertDBHandle *certdb,
- PK11PasswordFunc pwfn,
- void *pwfn_arg)
-{
- NSSCMSMessage *cmsg;
- long cipher;
- SECOidTag encalg;
- int keysize;
- int mapi, rci;
-
- cipher = smime_choose_cipher (scert, rcerts);
- if (cipher < 0)
- return NULL;
-
- mapi = smime_mapi_by_cipher (cipher);
- if (mapi < 0)
- return NULL;
-
- /*
- * XXX This is stretching it -- CreateEnvelopedData should probably
- * take a cipher itself of some sort, because we cannot know what the
- * future will bring in terms of parameters for each type of algorithm.
- * For example, just an algorithm and keysize is *not* sufficient to
- * fully specify the usage of RC5 (which also needs to know rounds and
- * block size). Work this out into a better API!
- */
- encalg = smime_cipher_map[mapi].algtag;
- keysize = smime_keysize_by_cipher (cipher);
- if (keysize < 0)
- return NULL;
-
- cinfo = SEC_PKCS7CreateEnvelopedData (scert, certUsageEmailRecipient,
- certdb, encalg, keysize,
- pwfn, pwfn_arg);
- if (cinfo == NULL)
- return NULL;
-
- for (rci = 0; rcerts[rci] != NULL; rci++) {
- if (rcerts[rci] == scert)
- continue;
- if (SEC_PKCS7AddRecipient (cinfo, rcerts[rci], certUsageEmailRecipient,
- NULL) != SECSuccess) {
- SEC_PKCS7DestroyContentInfo (cinfo);
- return NULL;
- }
- }
-
- return cinfo;
-}
-
-
-/*
- * Start an S/MIME signing context.
- *
- * "scert" is the cert that will be used to sign the data. It will be
- * checked for validity.
- *
- * "ecert" is the signer's encryption cert. If it is different from
- * scert, then it will be included in the signed message so that the
- * recipient can save it for future encryptions.
- *
- * "certdb" is the cert database to use for verifying the cert.
- * It can be NULL if a default database is available (like in the client).
- *
- * "digestalg" names the digest algorithm (e.g. SEC_OID_SHA1).
- * XXX There should be SECMIME functions for hashing, or the hashing should
- * be built into this interface, which we would like because we would
- * support more smartcards that way, and then this argument should go away.)
- *
- * "digest" is the actual digest of the data. It must be provided in
- * the case of detached data or NULL if the content will be included.
- *
- * This function already does all of the stuff specific to S/MIME protocol
- * and local policy; the return value just needs to be passed to
- * SEC_PKCS7Encode() or to SEC_PKCS7EncoderStart() to create the encoded data,
- * and finally to SEC_PKCS7DestroyContentInfo().
- *
- * An error results in a return value of NULL and an error set.
- * (Retrieve specific errors via PORT_GetError()/XP_GetError().)
- */
-
-NSSCMSMessage *
-NSS_SMIMEMessage_CreateSigned(CERTCertificate *scert,
- CERTCertificate *ecert,
- CERTCertDBHandle *certdb,
- SECOidTag digestalgtag,
- SECItem *digest,
- PK11PasswordFunc pwfn,
- void *pwfn_arg)
-{
- NSSCMSMessage *cmsg;
- NSSCMSSignedData *sigd;
- NSSCMSSignerInfo *signerinfo;
-
- /* See note in header comment above about digestalg. */
- PORT_Assert (digestalgtag == SEC_OID_SHA1);
-
- cmsg = NSS_CMSMessage_Create(NULL);
- if (cmsg == NULL)
- return NULL;
-
- sigd = NSS_CMSSignedData_Create(cmsg);
- if (sigd == NULL)
- goto loser;
-
- /* create just one signerinfo */
- signerinfo = NSS_CMSSignerInfo_Create(cmsg, scert, digestalgtag);
- if (signerinfo == NULL)
- goto loser;
-
- /* Add the signing time to the signerinfo. */
- if (NSS_CMSSignerInfo_AddSigningTime(signerinfo, PR_Now()) != SECSuccess)
- goto loser;
-
- /* and add the SMIME profile */
- if (NSS_SMIMESignerInfo_AddSMIMEProfile(signerinfo, scert) != SECSuccess)
- goto loser;
-
- /* now add the signerinfo to the signeddata */
- if (NSS_CMSSignedData_AddSignerInfo(sigd, signerinfo) != SECSuccess)
- goto loser;
-
- /* include the signing cert and its entire chain */
- /* note that there are no checks for duplicate certs in place, as all the */
- /* essential data structures (like set of certificate) are not there */
- if (NSS_CMSSignedData_AddCertChain(sigd, scert) != SECSuccess)
- goto loser;
-
- /* If the encryption cert and the signing cert differ, then include
- * the encryption cert too. */
- if ( ( ecert != NULL ) && ( ecert != scert ) ) {
- if (NSS_CMSSignedData_AddCertificate(sigd, ecert) != SECSuccess)
- goto loser;
- }
-
- return cmsg;
-loser:
- if (cmsg)
- NSS_CMSMessage_Destroy(cmsg);
- return NULL;
-}
-#endif
diff --git a/security/nss/lib/smime/smimesym.c b/security/nss/lib/smime/smimesym.c
deleted file mode 100644
index e7bb771e5..000000000
--- a/security/nss/lib/smime/smimesym.c
+++ /dev/null
@@ -1,8 +0,0 @@
-extern void SEC_PKCS7DecodeItem();
-extern void SEC_PKCS7DestroyContentInfo();
-
-smime_CMDExports() {
- SEC_PKCS7DecodeItem();
- SEC_PKCS7DestroyContentInfo();
-}
-
diff --git a/security/nss/lib/smime/smimeutil.c b/security/nss/lib/smime/smimeutil.c
deleted file mode 100644
index c137ca1e0..000000000
--- a/security/nss/lib/smime/smimeutil.c
+++ /dev/null
@@ -1,741 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Stuff specific to S/MIME policy and interoperability.
- *
- * $Id$
- */
-
-#include "secmime.h"
-#include "secoid.h"
-#include "pk11func.h"
-#include "ciferfam.h" /* for CIPHER_FAMILY symbols */
-#include "secasn1.h"
-#include "secitem.h"
-#include "cert.h"
-#include "key.h"
-#include "secerr.h"
-#include "cms.h"
-#include "nss.h"
-
-SEC_ASN1_MKSUB(CERT_IssuerAndSNTemplate)
-SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
-
-/* various integer's ASN.1 encoding */
-static unsigned char asn1_int40[] = { SEC_ASN1_INTEGER, 0x01, 0x28 };
-static unsigned char asn1_int64[] = { SEC_ASN1_INTEGER, 0x01, 0x40 };
-static unsigned char asn1_int128[] = { SEC_ASN1_INTEGER, 0x02, 0x00, 0x80 };
-
-/* RC2 algorithm parameters (used in smime_cipher_map) */
-static SECItem param_int40 = { siBuffer, asn1_int40, sizeof(asn1_int40) };
-static SECItem param_int64 = { siBuffer, asn1_int64, sizeof(asn1_int64) };
-static SECItem param_int128 = { siBuffer, asn1_int128, sizeof(asn1_int128) };
-
-/*
- * XXX Would like the "parameters" field to be a SECItem *, but the
- * encoder is having trouble with optional pointers to an ANY. Maybe
- * once that is fixed, can change this back...
- */
-typedef struct {
- SECItem capabilityID;
- SECItem parameters;
- long cipher; /* optimization */
-} NSSSMIMECapability;
-
-static const SEC_ASN1Template NSSSMIMECapabilityTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSSMIMECapability) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(NSSSMIMECapability,capabilityID), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(NSSSMIMECapability,parameters), },
- { 0, }
-};
-
-static const SEC_ASN1Template NSSSMIMECapabilitiesTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, NSSSMIMECapabilityTemplate }
-};
-
-/*
- * NSSSMIMEEncryptionKeyPreference - if we find one of these, it needs to prompt us
- * to store this and only this certificate permanently for the sender email address.
- */
-typedef enum {
- NSSSMIMEEncryptionKeyPref_IssuerSN,
- NSSSMIMEEncryptionKeyPref_RKeyID,
- NSSSMIMEEncryptionKeyPref_SubjectKeyID
-} NSSSMIMEEncryptionKeyPrefSelector;
-
-typedef struct {
- NSSSMIMEEncryptionKeyPrefSelector selector;
- union {
- CERTIssuerAndSN *issuerAndSN;
- NSSCMSRecipientKeyIdentifier *recipientKeyID;
- SECItem *subjectKeyID;
- } id;
-} NSSSMIMEEncryptionKeyPreference;
-
-extern const SEC_ASN1Template NSSCMSRecipientKeyIdentifierTemplate[];
-
-static const SEC_ASN1Template smime_encryptionkeypref_template[] = {
- { SEC_ASN1_CHOICE,
- offsetof(NSSSMIMEEncryptionKeyPreference,selector), NULL,
- sizeof(NSSSMIMEEncryptionKeyPreference) },
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
- offsetof(NSSSMIMEEncryptionKeyPreference,id.issuerAndSN),
- SEC_ASN1_SUB(CERT_IssuerAndSNTemplate),
- NSSSMIMEEncryptionKeyPref_IssuerSN },
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | 1,
- offsetof(NSSSMIMEEncryptionKeyPreference,id.recipientKeyID),
- NSSCMSRecipientKeyIdentifierTemplate,
- NSSSMIMEEncryptionKeyPref_IssuerSN },
- { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
- offsetof(NSSSMIMEEncryptionKeyPreference,id.subjectKeyID),
- SEC_ASN1_SUB(SEC_OctetStringTemplate),
- NSSSMIMEEncryptionKeyPref_SubjectKeyID },
- { 0, }
-};
-
-/* smime_cipher_map - map of SMIME symmetric "ciphers" to algtag & parameters */
-typedef struct {
- unsigned long cipher;
- SECOidTag algtag;
- SECItem *parms;
- PRBool enabled; /* in the user's preferences */
- PRBool allowed; /* per export policy */
-} smime_cipher_map_entry;
-
-/* global: list of supported SMIME symmetric ciphers, ordered roughly by increasing strength */
-static smime_cipher_map_entry smime_cipher_map[] = {
-/* cipher algtag parms enabled allowed */
-/* ---------------------------------------------------------------------------------- */
- { SMIME_RC2_CBC_40, SEC_OID_RC2_CBC, &param_int40, PR_TRUE, PR_TRUE },
- { SMIME_DES_CBC_56, SEC_OID_DES_CBC, NULL, PR_TRUE, PR_TRUE },
- { SMIME_RC2_CBC_64, SEC_OID_RC2_CBC, &param_int64, PR_TRUE, PR_TRUE },
- { SMIME_RC2_CBC_128, SEC_OID_RC2_CBC, &param_int128, PR_TRUE, PR_TRUE },
- { SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL, PR_TRUE, PR_TRUE },
- { SMIME_FORTEZZA, SEC_OID_FORTEZZA_SKIPJACK, NULL, PR_TRUE, PR_TRUE }
-};
-static const int smime_cipher_map_count = sizeof(smime_cipher_map) / sizeof(smime_cipher_map_entry);
-
-/*
- * smime_mapi_by_cipher - find index into smime_cipher_map by cipher
- */
-static int
-smime_mapi_by_cipher(unsigned long cipher)
-{
- int i;
-
- for (i = 0; i < smime_cipher_map_count; i++) {
- if (smime_cipher_map[i].cipher == cipher)
- return i; /* bingo */
- }
- return -1; /* should not happen if we're consistent, right? */
-}
-
-/*
- * NSS_SMIME_EnableCipher - this function locally records the user's preference
- */
-SECStatus
-NSS_SMIMEUtil_EnableCipher(unsigned long which, PRBool on)
-{
- unsigned long mask;
- int mapi;
-
- mask = which & CIPHER_FAMILYID_MASK;
-
- PORT_Assert (mask == CIPHER_FAMILYID_SMIME);
- if (mask != CIPHER_FAMILYID_SMIME)
- /* XXX set an error! */
- return SECFailure;
-
- mapi = smime_mapi_by_cipher(which);
- if (mapi < 0)
- /* XXX set an error */
- return SECFailure;
-
- /* do we try to turn on a forbidden cipher? */
- if (!smime_cipher_map[mapi].allowed && on) {
- PORT_SetError (SEC_ERROR_BAD_EXPORT_ALGORITHM);
- return SECFailure;
- }
-
- if (smime_cipher_map[mapi].enabled != on)
- smime_cipher_map[mapi].enabled = on;
-
- return SECSuccess;
-}
-
-
-/*
- * this function locally records the export policy
- */
-SECStatus
-NSS_SMIMEUtil_AllowCipher(unsigned long which, PRBool on)
-{
- unsigned long mask;
- int mapi;
-
- mask = which & CIPHER_FAMILYID_MASK;
-
- PORT_Assert (mask == CIPHER_FAMILYID_SMIME);
- if (mask != CIPHER_FAMILYID_SMIME)
- /* XXX set an error! */
- return SECFailure;
-
- mapi = smime_mapi_by_cipher(which);
- if (mapi < 0)
- /* XXX set an error */
- return SECFailure;
-
- if (smime_cipher_map[mapi].allowed != on)
- smime_cipher_map[mapi].allowed = on;
-
- return SECSuccess;
-}
-
-/*
- * Based on the given algorithm (including its parameters, in some cases!)
- * and the given key (may or may not be inspected, depending on the
- * algorithm), find the appropriate policy algorithm specification
- * and return it. If no match can be made, -1 is returned.
- */
-static SECStatus
-nss_smime_get_cipher_for_alg_and_key(SECAlgorithmID *algid, PK11SymKey *key, unsigned long *cipher)
-{
- SECOidTag algtag;
- unsigned int keylen_bits;
- SECStatus rv = SECSuccess;
- unsigned long c;
-
- algtag = SECOID_GetAlgorithmTag(algid);
- switch (algtag) {
- case SEC_OID_RC2_CBC:
- keylen_bits = PK11_GetKeyStrength(key, algid);
- switch (keylen_bits) {
- case 40:
- c = SMIME_RC2_CBC_40;
- case 64:
- c = SMIME_RC2_CBC_64;
- case 128:
- c = SMIME_RC2_CBC_128;
- default:
- rv = SECFailure;
- break;
- }
- break;
- case SEC_OID_DES_CBC:
- c = SMIME_DES_CBC_56;
- case SEC_OID_DES_EDE3_CBC:
- c = SMIME_DES_EDE3_168;
- case SEC_OID_FORTEZZA_SKIPJACK:
- c = SMIME_FORTEZZA;
- default:
- rv = SECFailure;
- }
- if (rv == SECSuccess)
- *cipher = c;
- return rv;
-}
-
-static PRBool
-nss_smime_cipher_allowed(unsigned long which)
-{
- int mapi;
-
- mapi = smime_mapi_by_cipher(which);
- if (mapi < 0)
- return PR_FALSE;
- return smime_cipher_map[mapi].allowed;
-}
-
-PRBool
-NSS_SMIMEUtil_DecryptionAllowed(SECAlgorithmID *algid, PK11SymKey *key)
-{
- unsigned long which;
-
- if (nss_smime_get_cipher_for_alg_and_key(algid, key, &which) != SECSuccess)
- return PR_FALSE;
-
- return nss_smime_cipher_allowed(which);
-}
-
-
-/*
- * NSS_SMIME_EncryptionPossible - check if any encryption is allowed
- *
- * This tells whether or not *any* S/MIME encryption can be done,
- * according to policy. Callers may use this to do nicer user interface
- * (say, greying out a checkbox so a user does not even try to encrypt
- * a message when they are not allowed to) or for any reason they want
- * to check whether S/MIME encryption (or decryption, for that matter)
- * may be done.
- *
- * It takes no arguments. The return value is a simple boolean:
- * PR_TRUE means encryption (or decryption) is *possible*
- * (but may still fail due to other reasons, like because we cannot
- * find all the necessary certs, etc.; PR_TRUE is *not* a guarantee)
- * PR_FALSE means encryption (or decryption) is not permitted
- *
- * There are no errors from this routine.
- */
-PRBool
-NSS_SMIMEUtil_EncryptionPossible(void)
-{
- int i;
-
- for (i = 0; i < smime_cipher_map_count; i++) {
- if (smime_cipher_map[i].allowed)
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-
-static int
-nss_SMIME_FindCipherForSMIMECap(NSSSMIMECapability *cap)
-{
- int i;
- SECOidTag capIDTag;
-
- /* we need the OIDTag here */
- capIDTag = SECOID_FindOIDTag(&(cap->capabilityID));
-
- /* go over all the SMIME ciphers we know and see if we find a match */
- for (i = 0; i < smime_cipher_map_count; i++) {
- if (smime_cipher_map[i].algtag != capIDTag)
- continue;
- /*
- * XXX If SECITEM_CompareItem allowed NULLs as arguments (comparing
- * 2 NULLs as equal and NULL and non-NULL as not equal), we could
- * use that here instead of all of the following comparison code.
- */
- if (cap->parameters.data == NULL && smime_cipher_map[i].parms == NULL)
- break; /* both empty: bingo */
-
- if (cap->parameters.data != NULL && smime_cipher_map[i].parms != NULL &&
- cap->parameters.len == smime_cipher_map[i].parms->len &&
- PORT_Memcmp (cap->parameters.data, smime_cipher_map[i].parms->data,
- cap->parameters.len) == 0)
- {
- break; /* both not empty, same length & equal content: bingo */
- }
- }
-
- if (i == smime_cipher_map_count)
- return 0; /* no match found */
- else
- return smime_cipher_map[i].cipher; /* match found, point to cipher */
-}
-
-/*
- * smime_choose_cipher - choose a cipher that works for all the recipients
- *
- * "scert" - sender's certificate
- * "rcerts" - recipient's certificates
- */
-static long
-smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts)
-{
- PRArenaPool *poolp;
- long cipher;
- long chosen_cipher;
- int *cipher_abilities;
- int *cipher_votes;
- int weak_mapi;
- int strong_mapi;
- int rcount, mapi, max, i;
- PRBool scert_is_fortezza = (scert == NULL) ? PR_FALSE : PK11_FortezzaHasKEA(scert);
-
- chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */
- weak_mapi = smime_mapi_by_cipher(chosen_cipher);
-
- poolp = PORT_NewArena (1024); /* XXX what is right value? */
- if (poolp == NULL)
- goto done;
-
- cipher_abilities = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int));
- cipher_votes = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int));
- if (cipher_votes == NULL || cipher_abilities == NULL)
- goto done;
-
- /* If the user has the Fortezza preference turned on, make
- * that the strong cipher. Otherwise, use triple-DES. */
- strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168);
- if (scert_is_fortezza) {
- mapi = smime_mapi_by_cipher(SMIME_FORTEZZA);
- if (mapi >= 0 && smime_cipher_map[mapi].enabled)
- strong_mapi = mapi;
- }
-
- /* walk all the recipient's certs */
- for (rcount = 0; rcerts[rcount] != NULL; rcount++) {
- SECItem *profile;
- NSSSMIMECapability **caps;
- int pref;
-
- /* the first cipher that matches in the user's SMIME profile gets
- * "smime_cipher_map_count" votes; the next one gets "smime_cipher_map_count" - 1
- * and so on. If every cipher matches, the last one gets 1 (one) vote */
- pref = smime_cipher_map_count;
-
- /* find recipient's SMIME profile */
- profile = CERT_FindSMimeProfile(rcerts[rcount]);
-
- if (profile != NULL && profile->data != NULL && profile->len > 0) {
- /* we have a profile (still DER-encoded) */
- caps = NULL;
- /* decode it */
- if (SEC_ASN1DecodeItem(poolp, &caps, NSSSMIMECapabilitiesTemplate, profile) == SECSuccess &&
- caps != NULL)
- {
- /* walk the SMIME capabilities for this recipient */
- for (i = 0; caps[i] != NULL; i++) {
- cipher = nss_SMIME_FindCipherForSMIMECap(caps[i]);
- mapi = smime_mapi_by_cipher(cipher);
- if (mapi >= 0) {
- /* found the cipher */
- cipher_abilities[mapi]++;
- cipher_votes[mapi] += pref;
- --pref;
- }
- }
- }
- } else {
- /* no profile found - so we can only assume that the user can do
- * the mandatory algorithms which is RC2-40 (weak crypto) and 3DES (strong crypto) */
- SECKEYPublicKey *key;
- unsigned int pklen_bits;
-
- /*
- * if recipient's public key length is > 512, vote for a strong cipher
- * please not that the side effect of this is that if only one recipient
- * has an export-level public key, the strong cipher is disabled.
- *
- * XXX This is probably only good for RSA keys. What I would
- * really like is a function to just say; Is the public key in
- * this cert an export-length key? Then I would not have to
- * know things like the value 512, or the kind of key, or what
- * a subjectPublicKeyInfo is, etc.
- */
- key = CERT_ExtractPublicKey(rcerts[rcount]);
- pklen_bits = 0;
- if (key != NULL) {
- pklen_bits = SECKEY_PublicKeyStrength (key) * 8;
- SECKEY_DestroyPublicKey (key);
- }
-
- if (pklen_bits > 512) {
- /* cast votes for the strong algorithm */
- cipher_abilities[strong_mapi]++;
- cipher_votes[strong_mapi] += pref;
- pref--;
- }
-
- /* always cast (possibly less) votes for the weak algorithm */
- cipher_abilities[weak_mapi]++;
- cipher_votes[weak_mapi] += pref;
- }
- if (profile != NULL)
- SECITEM_FreeItem(profile, PR_TRUE);
- }
-
- /* find cipher that is agreeable by all recipients and that has the most votes */
- max = 0;
- for (mapi = 0; mapi < smime_cipher_map_count; mapi++) {
- /* if not all of the recipients can do this, forget it */
- if (cipher_abilities[mapi] != rcount)
- continue;
- /* if cipher is not enabled or not allowed by policy, forget it */
- if (!smime_cipher_map[mapi].enabled || !smime_cipher_map[mapi].allowed)
- continue;
- /* if we're not doing fortezza, but the cipher is fortezza, forget it */
- if (!scert_is_fortezza && (smime_cipher_map[mapi].cipher == SMIME_FORTEZZA))
- continue;
- /* now see if this one has more votes than the last best one */
- if (cipher_votes[mapi] >= max) {
- /* if equal number of votes, prefer the ones further down in the list */
- /* with the expectation that these are higher rated ciphers */
- chosen_cipher = smime_cipher_map[mapi].cipher;
- max = cipher_votes[mapi];
- }
- }
- /* if no common cipher was found, chosen_cipher stays at the default */
-
-done:
- if (poolp != NULL)
- PORT_FreeArena (poolp, PR_FALSE);
-
- return chosen_cipher;
-}
-
-/*
- * XXX This is a hack for now to satisfy our current interface.
- * Eventually, with more parameters needing to be specified, just
- * looking up the keysize is not going to be sufficient.
- */
-static int
-smime_keysize_by_cipher (unsigned long which)
-{
- int keysize;
-
- switch (which) {
- case SMIME_RC2_CBC_40:
- keysize = 40;
- break;
- case SMIME_RC2_CBC_64:
- keysize = 64;
- break;
- case SMIME_RC2_CBC_128:
- keysize = 128;
- break;
- case SMIME_DES_CBC_56:
- case SMIME_DES_EDE3_168:
- case SMIME_FORTEZZA:
- /*
- * These are special; since the key size is fixed, we actually
- * want to *avoid* specifying a key size.
- */
- keysize = 0;
- break;
- default:
- keysize = -1;
- break;
- }
-
- return keysize;
-}
-
-/*
- * NSS_SMIMEUtil_FindBulkAlgForRecipients - find bulk algorithm suitable for all recipients
- *
- * it would be great for UI purposes if there would be a way to find out which recipients
- * prevented a strong cipher from being used...
- */
-SECStatus
-NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulkalgtag, int *keysize)
-{
- unsigned long cipher;
- int mapi;
-
- cipher = smime_choose_cipher(NULL, rcerts);
- mapi = smime_mapi_by_cipher(cipher);
-
- *bulkalgtag = smime_cipher_map[mapi].algtag;
- *keysize = smime_keysize_by_cipher(smime_cipher_map[mapi].algtag);
-
- return SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_CreateSMIMECapabilities - get S/MIME capabilities for this instance of NSS
- *
- * scans the list of allowed and enabled ciphers and construct a PKCS9-compliant
- * S/MIME capabilities attribute value.
- *
- * XXX Please note that, in contradiction to RFC2633 2.5.2, the capabilities only include
- * symmetric ciphers, NO signature algorithms or key encipherment algorithms.
- *
- * "poolp" - arena pool to create the S/MIME capabilities data on
- * "dest" - SECItem to put the data in
- * "includeFortezzaCiphers" - PR_TRUE if fortezza ciphers should be included
- */
-SECStatus
-NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest, PRBool includeFortezzaCiphers)
-{
- NSSSMIMECapability *cap;
- NSSSMIMECapability **smime_capabilities;
- smime_cipher_map_entry *map;
- SECOidData *oiddata;
- SECItem *dummy;
- int i, capIndex;
-
- /* if we have an old NSSSMIMECapability array, we'll reuse it (has the right size) */
- /* smime_cipher_map_count + 1 is an upper bound - we might end up with less */
- smime_capabilities = (NSSSMIMECapability **)PORT_ZAlloc((smime_cipher_map_count + 1)
- * sizeof(NSSSMIMECapability *));
- if (smime_capabilities == NULL)
- return SECFailure;
-
- capIndex = 0;
-
- /* Add all the symmetric ciphers
- * We walk the cipher list backwards, as it is ordered by increasing strength,
- * we prefer the stronger cipher over a weaker one, and we have to list the
- * preferred algorithm first */
- for (i = smime_cipher_map_count - 1; i >= 0; i--) {
- /* Find the corresponding entry in the cipher map. */
- map = &(smime_cipher_map[i]);
- if (!map->enabled)
- continue;
-
- /* If we're using a non-Fortezza cert, only advertise non-Fortezza
- capabilities. (We advertise all capabilities if we have a
- Fortezza cert.) */
- if ((!includeFortezzaCiphers) && (map->cipher == SMIME_FORTEZZA))
- continue;
-
- /* get next SMIME capability */
- cap = (NSSSMIMECapability *)PORT_ZAlloc(sizeof(NSSSMIMECapability));
- if (cap == NULL)
- break;
- smime_capabilities[capIndex++] = cap;
-
- oiddata = SECOID_FindOIDByTag(map->algtag);
- if (oiddata == NULL)
- break;
-
- cap->capabilityID.data = oiddata->oid.data;
- cap->capabilityID.len = oiddata->oid.len;
- cap->parameters.data = map->parms ? map->parms->data : NULL;
- cap->parameters.len = map->parms ? map->parms->len : 0;
- cap->cipher = smime_cipher_map[i].cipher;
- }
-
- /* XXX add signature algorithms */
- /* XXX add key encipherment algorithms */
-
- smime_capabilities[capIndex] = NULL; /* last one - now encode */
- dummy = SEC_ASN1EncodeItem(poolp, dest, &smime_capabilities, NSSSMIMECapabilitiesTemplate);
-
- /* now that we have the proper encoded SMIMECapabilities (or not),
- * free the work data */
- for (i = 0; smime_capabilities[i] != NULL; i++)
- PORT_Free(smime_capabilities[i]);
- PORT_Free(smime_capabilities);
-
- return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value
- *
- * "poolp" - arena pool to create the attr value on
- * "dest" - SECItem to put the data in
- * "cert" - certificate that should be marked as preferred encryption key
- * cert is expected to have been verified for EmailRecipient usage.
- */
-SECStatus
-NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs(PLArenaPool *poolp, SECItem *dest, CERTCertificate *cert)
-{
- NSSSMIMEEncryptionKeyPreference ekp;
- SECItem *dummy = NULL;
- PLArenaPool *tmppoolp = NULL;
-
- if (cert == NULL)
- goto loser;
-
- tmppoolp = PORT_NewArena(1024);
- if (tmppoolp == NULL)
- goto loser;
-
- /* XXX hardcoded IssuerSN choice for now */
- ekp.selector = NSSSMIMEEncryptionKeyPref_IssuerSN;
- ekp.id.issuerAndSN = CERT_GetCertIssuerAndSN(tmppoolp, cert);
- if (ekp.id.issuerAndSN == NULL)
- goto loser;
-
- dummy = SEC_ASN1EncodeItem(poolp, dest, &ekp, smime_encryptionkeypref_template);
-
-loser:
- if (tmppoolp) PORT_FreeArena(tmppoolp, PR_FALSE);
-
- return (dummy == NULL) ? SECFailure : SECSuccess;
-}
-
-/*
- * NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference -
- * find cert marked by EncryptionKeyPreference attribute
- *
- * "certdb" - handle for the cert database to look in
- * "DERekp" - DER-encoded value of S/MIME Encryption Key Preference attribute
- *
- * if certificate is supposed to be found among the message's included certificates,
- * they are assumed to have been imported already.
- */
-CERTCertificate *
-NSS_SMIMEUtil_GetCertFromEncryptionKeyPreference(CERTCertDBHandle *certdb, SECItem *DERekp)
-{
- PLArenaPool *tmppoolp = NULL;
- CERTCertificate *cert = NULL;
- NSSSMIMEEncryptionKeyPreference ekp;
-
- tmppoolp = PORT_NewArena(1024);
- if (tmppoolp == NULL)
- return NULL;
-
- /* decode DERekp */
- if (SEC_ASN1DecodeItem(tmppoolp, &ekp, smime_encryptionkeypref_template, DERekp) != SECSuccess)
- goto loser;
-
- /* find cert */
- switch (ekp.selector) {
- case NSSSMIMEEncryptionKeyPref_IssuerSN:
- cert = CERT_FindCertByIssuerAndSN(certdb, ekp.id.issuerAndSN);
- break;
- case NSSSMIMEEncryptionKeyPref_RKeyID:
- case NSSSMIMEEncryptionKeyPref_SubjectKeyID:
- /* XXX not supported yet - we need to be able to look up certs by SubjectKeyID */
- break;
- default:
- PORT_Assert(0);
- }
-loser:
- if (tmppoolp) PORT_FreeArena(tmppoolp, PR_FALSE);
-
- return cert;
-}
-
-extern const char __nss_smime_rcsid[];
-extern const char __nss_smime_sccsid[];
-
-PRBool
-NSSSMIME_VersionCheck(const char *importedVersion)
-{
- /*
- * This is the secret handshake algorithm.
- *
- * This release has a simple version compatibility
- * check algorithm. This release is not backward
- * compatible with previous major releases. It is
- * not compatible with future major, minor, or
- * patch releases.
- */
- volatile char c; /* force a reference that won't get optimized away */
-
- c = __nss_smime_rcsid[0] + __nss_smime_sccsid[0];
-
- return NSS_VersionCheck(importedVersion);
-}
-
diff --git a/security/nss/lib/smime/smimever.c b/security/nss/lib/smime/smimever.c
deleted file mode 100644
index d10e7a6a3..000000000
--- a/security/nss/lib/smime/smimever.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_smime_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__ " $";
-const char __nss_smime_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/softoken/Makefile b/security/nss/lib/softoken/Makefile
deleted file mode 100644
index 02e3d5079..000000000
--- a/security/nss/lib/softoken/Makefile
+++ /dev/null
@@ -1,93 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
-# On AIX 4.3, IBM xlC_r compiler (version 3.6.6) cannot compile
-# pkcs11c.c in 64-bit mode for unknown reasons. A workaround is
-# to compile it with optimizations turned on. (Bugzilla bug #63815)
-ifeq ($(OS_ARCH),AIX)
-ifeq ($(OS_RELEASE),4.3)
-ifeq ($(USE_64),1)
-ifndef BUILD_OPT
-$(OBJDIR)/pkcs11.o: pkcs11.c
- @$(MAKE_OBJDIR)
- $(CC) -o $@ -c -O2 $(CFLAGS) $<
-$(OBJDIR)/pkcs11c.o: pkcs11c.c
- @$(MAKE_OBJDIR)
- $(CC) -o $@ -c -O2 $(CFLAGS) $<
-endif
-endif
-endif
-endif
diff --git a/security/nss/lib/softoken/alghmac.c b/security/nss/lib/softoken/alghmac.c
deleted file mode 100644
index 60abd73d0..000000000
--- a/security/nss/lib/softoken/alghmac.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "sechash.h"
-#include "secport.h"
-#include "alghmac.h"
-/*#include "secoid.h"*/
-
-#define HMAC_PAD_SIZE 64
-
-struct HMACContextStr {
- void *hash;
- const SECHashObject *hashobj;
- unsigned char ipad[HMAC_PAD_SIZE];
- unsigned char opad[HMAC_PAD_SIZE];
-};
-
-void
-HMAC_Destroy(HMACContext *cx)
-{
- if (cx == NULL)
- return;
-
- if (cx->hash != NULL)
- cx->hashobj->destroy(cx->hash, PR_TRUE);
- PORT_ZFree(cx, sizeof(HMACContext));
-}
-
-HMACContext *
-HMAC_Create(const SECHashObject *hash_obj, const unsigned char *secret,
- unsigned int secret_len)
-{
- HMACContext *cx;
- int i;
- unsigned char hashed_secret[SHA1_LENGTH];
-
- cx = (HMACContext*)PORT_ZAlloc(sizeof(HMACContext));
- if (cx == NULL)
- return NULL;
- cx->hashobj = hash_obj;
-
- cx->hash = cx->hashobj->create();
- if (cx->hash == NULL)
- goto loser;
-
- if (secret_len > HMAC_PAD_SIZE) {
- cx->hashobj->begin( cx->hash);
- cx->hashobj->update(cx->hash, secret, secret_len);
- cx->hashobj->end( cx->hash, hashed_secret, &secret_len,
- sizeof hashed_secret);
- if (secret_len != cx->hashobj->length)
- goto loser;
- secret = (const unsigned char *)&hashed_secret[0];
- }
-
- PORT_Memset(cx->ipad, 0x36, sizeof cx->ipad);
- PORT_Memset(cx->opad, 0x5c, sizeof cx->opad);
-
- /* fold secret into padding */
- for (i = 0; i < secret_len; i++) {
- cx->ipad[i] ^= secret[i];
- cx->opad[i] ^= secret[i];
- }
- PORT_Memset(hashed_secret, 0, sizeof hashed_secret);
- return cx;
-
-loser:
- PORT_Memset(hashed_secret, 0, sizeof hashed_secret);
- HMAC_Destroy(cx);
- return NULL;
-}
-
-void
-HMAC_Begin(HMACContext *cx)
-{
- /* start inner hash */
- cx->hashobj->begin(cx->hash);
- cx->hashobj->update(cx->hash, cx->ipad, sizeof(cx->ipad));
-}
-
-void
-HMAC_Update(HMACContext *cx, const unsigned char *data, unsigned int data_len)
-{
- cx->hashobj->update(cx->hash, data, data_len);
-}
-
-SECStatus
-HMAC_Finish(HMACContext *cx, unsigned char *result, unsigned int *result_len,
- unsigned int max_result_len)
-{
- if (max_result_len < cx->hashobj->length)
- return SECFailure;
-
- cx->hashobj->end(cx->hash, result, result_len, max_result_len);
- if (*result_len != cx->hashobj->length)
- return SECFailure;
-
- cx->hashobj->begin(cx->hash);
- cx->hashobj->update(cx->hash, cx->opad, sizeof(cx->opad));
- cx->hashobj->update(cx->hash, result, *result_len);
- cx->hashobj->end(cx->hash, result, result_len, max_result_len);
- return SECSuccess;
-}
-
-HMACContext *
-HMAC_Clone(HMACContext *cx)
-{
- HMACContext *newcx;
-
- newcx = (HMACContext*)PORT_ZAlloc(sizeof(HMACContext));
- if (newcx == NULL)
- goto loser;
-
- newcx->hashobj = cx->hashobj;
- newcx->hash = cx->hashobj->clone(cx->hash);
- if (newcx->hash == NULL)
- goto loser;
- PORT_Memcpy(newcx->ipad, cx->ipad, sizeof(cx->ipad));
- PORT_Memcpy(newcx->opad, cx->opad, sizeof(cx->opad));
- return newcx;
-
-loser:
- HMAC_Destroy(newcx);
- return NULL;
-}
diff --git a/security/nss/lib/softoken/alghmac.h b/security/nss/lib/softoken/alghmac.h
deleted file mode 100644
index 3cb1a74dc..000000000
--- a/security/nss/lib/softoken/alghmac.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _ALGHMAC_H_
-#define _ALGHMAC_H_
-
-typedef struct HMACContextStr HMACContext;
-
-SEC_BEGIN_PROTOS
-
-/* destroy HMAC context */
-extern void
-HMAC_Destroy(HMACContext *cx);
-
-/* create HMAC context
- * hash_alg the algorithm with which the HMAC is performed. This
- * should be, SEC_OID_MD5, SEC_OID_SHA1, or SEC_OID_MD2.
- * secret the secret with which the HMAC is performed.
- * secret_len the length of the secret, limited to at most 64 bytes.
- *
- * NULL is returned if an error occurs or the secret is > 64 bytes.
- */
-extern HMACContext *
-HMAC_Create(const SECHashObject *hashObj, const unsigned char *secret,
- unsigned int secret_len);
-
-/* reset HMAC for a fresh round */
-extern void
-HMAC_Begin(HMACContext *cx);
-
-/* update HMAC
- * cx HMAC Context
- * data the data to perform HMAC on
- * data_len the length of the data to process
- */
-extern void
-HMAC_Update(HMACContext *cx, const unsigned char *data, unsigned int data_len);
-
-/* Finish HMAC -- place the results within result
- * cx HMAC context
- * result buffer for resulting hmac'd data
- * result_len where the resultant hmac length is stored
- * max_result_len maximum possible length that can be stored in result
- */
-extern SECStatus
-HMAC_Finish(HMACContext *cx, unsigned char *result, unsigned int *result_len,
- unsigned int max_result_len);
-
-/* clone a copy of the HMAC state. this is usefult when you would
- * need to keep a running hmac but also need to extract portions
- * partway through the process.
- */
-extern HMACContext *
-HMAC_Clone(HMACContext *cx);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/softoken/cdbhdl.h b/security/nss/lib/softoken/cdbhdl.h
deleted file mode 100644
index b606e9876..000000000
--- a/security/nss/lib/softoken/cdbhdl.h
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * cdbhdl.h - certificate database handle
- * private to the certdb module
- *
- * $Id$
- */
-#ifndef _CDBHDL_H_
-#define _CDBHDL_H_
-
-#include "nspr.h"
-#include "mcom_db.h"
-#include "pcertt.h"
-
-/*
- * Handle structure for open certificate databases
- */
-struct NSSLOWCERTCertDBHandleStr {
- DB *permCertDB;
- PZMonitor *dbMon;
-};
-
-#endif
diff --git a/security/nss/lib/softoken/config.mk b/security/nss/lib/softoken/config.mk
deleted file mode 100644
index f59687af5..000000000
--- a/security/nss/lib/softoken/config.mk
+++ /dev/null
@@ -1,118 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-#TARGETS = $(LIBRARY)
-#SHARED_LIBRARY =
-#IMPORT_LIBRARY =
-#PROGRAM =
-
-
-ifdef MOZILLA_CLIENT
-DEFINES += -DMOZ_CLIENT
-endif
-
-# can't do this in manifest.mn because OS_ARCH isn't defined there.
-ifeq ($(OS_ARCH), WINNT)
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib
-
-RES = $(OBJDIR)/$(LIBRARY_NAME).res
-RESNAME = $(LIBRARY_NAME).rc
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/freebl.lib
-CRYPTODIR=../freebl
-ifdef MOZILLA_SECURITY_BUILD
- CRYPTOLIB=$(DIST)/lib/crypto.lib
- CRYPTODIR=../crypto
-endif
-
-EXTRA_LIBS += \
- $(CRYPTOLIB) \
- $(DIST)/lib/secutil.lib \
- $(DIST)/lib/dbm.lib \
- $(NULL)
-
-ifdef MOZILLA_BSAFE_BUILD
- EXTRA_LIBS+=$(DIST)/lib/bsafe$(BSAFEVER).lib
-endif
-
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-else
-
-# $(PROGRAM) has explicit dependencies on $(EXTRA_LIBS)
-CRYPTOLIB=$(DIST)/lib/libfreebl.$(LIB_SUFFIX)
-CRYPTODIR=../freebl
-ifdef MOZILLA_SECURITY_BUILD
- CRYPTOLIB=$(DIST)/lib/libcrypto.$(LIB_SUFFIX)
- CRYPTODIR=../crypto
-endif
-EXTRA_LIBS += \
- $(CRYPTOLIB) \
- $(DIST)/lib/libsecutil.$(LIB_SUFFIX) \
- $(DIST)/lib/libdbm.$(LIB_SUFFIX) \
- $(NULL)
-ifdef MOZILLA_BSAFE_BUILD
- EXTRA_LIBS+=$(DIST)/lib/libbsafe.$(LIB_SUFFIX)
-endif
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-endif
-
-ifeq ($(OS_ARCH),SunOS)
-ifndef USE_64
-ifeq ($(CPU_ARCH),sparc)
-# The -R '$ORIGIN' linker option instructs libnss3.so to search for its
-# dependencies (libfreebl_*.so) in the same directory where it resides.
-MKSHLIB += -R '$$ORIGIN'
-endif
-endif
-endif
diff --git a/security/nss/lib/softoken/dbinit.c b/security/nss/lib/softoken/dbinit.c
deleted file mode 100644
index 87dc9676c..000000000
--- a/security/nss/lib/softoken/dbinit.c
+++ /dev/null
@@ -1,226 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- # $Id$
- */
-
-#include <ctype.h>
-#include "seccomon.h"
-#include "prinit.h"
-#include "prprf.h"
-#include "prmem.h"
-#include "pcertt.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-/*#include "secmodi.h" */
-#include "secrng.h"
-#include "cdbhdl.h"
-/*#include "pk11func.h" */
-#include "pkcs11i.h"
-
-static char *
-pk11_certdb_name_cb(void *arg, int dbVersion)
-{
- const char *configdir = (const char *)arg;
- const char *dbver;
-
- switch (dbVersion) {
- case 7:
- dbver = "7";
- break;
- case 6:
- dbver = "6";
- break;
- case 5:
- dbver = "5";
- break;
- case 4:
- default:
- dbver = "";
- break;
- }
-
- return PR_smprintf(CERT_DB_FMT, configdir, dbver);
-}
-
-static char *
-pk11_keydb_name_cb(void *arg, int dbVersion)
-{
- const char *configdir = (const char *)arg;
- const char *dbver;
-
- switch (dbVersion) {
- case 4:
- dbver = "4";
- break;
- case 3:
- dbver = "3";
- break;
- case 1:
- dbver = "1";
- break;
- case 2:
- default:
- dbver = "";
- break;
- }
-
- return PR_smprintf(KEY_DB_FMT, configdir, dbver);
-}
-
-/* for now... we need to define vendor specific codes here.
- */
-#define CKR_CERTDB_FAILED CKR_DEVICE_ERROR
-#define CKR_KEYDB_FAILED CKR_DEVICE_ERROR
-
-static CK_RV
-pk11_OpenCertDB(const char * configdir, const char *prefix, PRBool readOnly,
- NSSLOWCERTCertDBHandle **certdbPtr)
-{
- NSSLOWCERTCertDBHandle *certdb;
- CK_RV crv = CKR_CERTDB_FAILED;
- SECStatus rv;
- char * name = NULL;
-
- if (prefix == NULL) {
- prefix = "";
- }
-
- name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
- if (name == NULL) goto loser;
-
- certdb = (NSSLOWCERTCertDBHandle*)PORT_ZAlloc(sizeof(NSSLOWCERTCertDBHandle));
- if (certdb == NULL)
- goto loser;
-
-/* fix when we get the DB in */
- rv = nsslowcert_OpenCertDB(certdb, readOnly,
- pk11_certdb_name_cb, (void *)name, PR_FALSE);
- if (rv == SECSuccess) {
- crv = CKR_OK;
- *certdbPtr = certdb;
- certdb = NULL;
- }
-loser:
- if (certdb) PR_Free(certdb);
- if (name) PORT_Free(name);
- return crv;
-}
-
-static CK_RV
-pk11_OpenKeyDB(const char * configdir, const char *prefix, PRBool readOnly,
- NSSLOWKEYDBHandle **keydbPtr)
-{
- NSSLOWKEYDBHandle *keydb;
- char * name = NULL;
-
- if (prefix == NULL) {
- prefix = "";
- }
- name = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,prefix);
- if (name == NULL)
- return SECFailure;
- keydb = nsslowkey_OpenKeyDB(readOnly, pk11_keydb_name_cb, (void *)name);
- PORT_Free(name);
- if (keydb == NULL)
- return CKR_KEYDB_FAILED;
- *keydbPtr = keydb;
-
- return CKR_OK;
-}
-
-
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the
- * Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the
- * PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- * be opened.
- */
-CK_RV
-pk11_DBInit(const char *configdir, const char *certPrefix,
- const char *keyPrefix, PRBool readOnly,
- PRBool noCertDB, PRBool noKeyDB, PRBool forceOpen,
- NSSLOWCERTCertDBHandle **certdbPtr, NSSLOWKEYDBHandle **keydbPtr)
-{
- CK_RV crv = CKR_OK;
-
-
- if (!noCertDB) {
- crv = pk11_OpenCertDB(configdir, certPrefix, readOnly, certdbPtr);
- if (crv != CKR_OK) {
- if (!forceOpen) goto loser;
- crv = CKR_OK;
- }
- }
- if (!noKeyDB) {
-
- crv = pk11_OpenKeyDB(configdir, keyPrefix, readOnly, keydbPtr);
- if (crv != CKR_OK) {
- if (!forceOpen) goto loser;
- crv = CKR_OK;
- }
- }
-
-
-loser:
- return crv;
-}
-
-
-void
-pk11_DBShutdown(NSSLOWCERTCertDBHandle *certHandle,
- NSSLOWKEYDBHandle *keyHandle)
-{
- if (certHandle) {
- nsslowcert_ClosePermCertDB(certHandle);
- PORT_Free(certHandle);
- certHandle= NULL;
- }
-
- if (keyHandle) {
- nsslowkey_CloseKeyDB(keyHandle);
- keyHandle= NULL;
- }
-}
diff --git a/security/nss/lib/softoken/fipstest.c b/security/nss/lib/softoken/fipstest.c
deleted file mode 100644
index 15e490090..000000000
--- a/security/nss/lib/softoken/fipstest.c
+++ /dev/null
@@ -1,1093 +0,0 @@
-/*
- * PKCS #11 FIPS Power-Up Self Test.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "softoken.h" /* Required for RC2-ECB, RC2-CBC, RC4, DES-ECB, */
- /* DES-CBC, DES3-ECB, DES3-CBC, RSA */
- /* and DSA. */
-#include "seccomon.h" /* Required for RSA and DSA. */
-#include "lowkeyi.h" /* Required for RSA and DSA. */
-#include "pkcs11.h" /* Required for PKCS #11. */
-#include "secerr.h"
-
-/* FIPS preprocessor directives for RC2-ECB and RC2-CBC. */
-#define FIPS_RC2_KEY_LENGTH 5 /* 40-bits */
-#define FIPS_RC2_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_RC2_DECRYPT_LENGTH 8 /* 64-bits */
-
-
-/* FIPS preprocessor directives for RC4. */
-#define FIPS_RC4_KEY_LENGTH 5 /* 40-bits */
-#define FIPS_RC4_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_RC4_DECRYPT_LENGTH 8 /* 64-bits */
-
-
-/* FIPS preprocessor directives for DES-ECB and DES-CBC. */
-#define FIPS_DES_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_DES_DECRYPT_LENGTH 8 /* 64-bits */
-
-
-/* FIPS preprocessor directives for DES3-CBC and DES3-ECB. */
-#define FIPS_DES3_ENCRYPT_LENGTH 8 /* 64-bits */
-#define FIPS_DES3_DECRYPT_LENGTH 8 /* 64-bits */
-
-
-/* FIPS preprocessor directives for MD2. */
-#define FIPS_MD2_HASH_MESSAGE_LENGTH 64 /* 512-bits */
-
-
-/* FIPS preprocessor directives for MD5. */
-#define FIPS_MD5_HASH_MESSAGE_LENGTH 64 /* 512-bits */
-
-
-/* FIPS preprocessor directives for SHA-1. */
-#define FIPS_SHA1_HASH_MESSAGE_LENGTH 64 /* 512-bits */
-
-
-/* FIPS preprocessor directives for RSA. */
-#define FIPS_RSA_TYPE siBuffer
-#define FIPS_RSA_PUBLIC_EXPONENT_LENGTH 1 /* 8-bits */
-#define FIPS_RSA_PRIVATE_VERSION_LENGTH 1 /* 8-bits */
-#define FIPS_RSA_MESSAGE_LENGTH 16 /* 128-bits */
-#define FIPS_RSA_COEFFICIENT_LENGTH 32 /* 256-bits */
-#define FIPS_RSA_PRIME0_LENGTH 33 /* 264-bits */
-#define FIPS_RSA_PRIME1_LENGTH 33 /* 264-bits */
-#define FIPS_RSA_EXPONENT0_LENGTH 33 /* 264-bits */
-#define FIPS_RSA_EXPONENT1_LENGTH 33 /* 264-bits */
-#define FIPS_RSA_PRIVATE_EXPONENT_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_ENCRYPT_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_DECRYPT_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_CRYPTO_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_SIGNATURE_LENGTH 64 /* 512-bits */
-#define FIPS_RSA_MODULUS_LENGTH 65 /* 520-bits */
-
-
-/* FIPS preprocessor directives for DSA. */
-#define FIPS_DSA_TYPE siBuffer
-#define FIPS_DSA_DIGEST_LENGTH 20 /* 160-bits */
-#define FIPS_DSA_SUBPRIME_LENGTH 20 /* 160-bits */
-#define FIPS_DSA_SIGNATURE_LENGTH 40 /* 320-bits */
-#define FIPS_DSA_PRIME_LENGTH 64 /* 512-bits */
-#define FIPS_DSA_BASE_LENGTH 64 /* 512-bits */
-
-static CK_RV
-pk11_fips_RC2_PowerUpSelfTest( void )
-{
- /* RC2 Known Key (40-bits). */
- static PRUint8 rc2_known_key[] = { "RSARC" };
-
- /* RC2-CBC Known Initialization Vector (64-bits). */
- static PRUint8 rc2_cbc_known_initialization_vector[] = {"Security"};
-
- /* RC2 Known Plaintext (64-bits). */
- static PRUint8 rc2_ecb_known_plaintext[] = {"Netscape"};
- static PRUint8 rc2_cbc_known_plaintext[] = {"Netscape"};
-
- /* RC2 Known Ciphertext (64-bits). */
- static PRUint8 rc2_ecb_known_ciphertext[] = {
- 0x1a,0x71,0x33,0x54,0x8d,0x5c,0xd2,0x30};
- static PRUint8 rc2_cbc_known_ciphertext[] = {
- 0xff,0x41,0xdb,0x94,0x8a,0x4c,0x33,0xb3};
-
- /* RC2 variables. */
- PRUint8 rc2_computed_ciphertext[FIPS_RC2_ENCRYPT_LENGTH];
- PRUint8 rc2_computed_plaintext[FIPS_RC2_DECRYPT_LENGTH];
- RC2Context * rc2_context;
- unsigned int rc2_bytes_encrypted;
- unsigned int rc2_bytes_decrypted;
- SECStatus rc2_status;
-
-
- /******************************************************/
- /* RC2-ECB Single-Round Known Answer Encryption Test: */
- /******************************************************/
-
- rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
- NULL, NSS_RC2,
- FIPS_RC2_KEY_LENGTH );
-
- if( rc2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc2_status = RC2_Encrypt( rc2_context, rc2_computed_ciphertext,
- &rc2_bytes_encrypted, FIPS_RC2_ENCRYPT_LENGTH,
- rc2_ecb_known_plaintext,
- FIPS_RC2_DECRYPT_LENGTH );
-
- RC2_DestroyContext( rc2_context, PR_TRUE );
-
- if( ( rc2_status != SECSuccess ) ||
- ( rc2_bytes_encrypted != FIPS_RC2_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc2_computed_ciphertext, rc2_ecb_known_ciphertext,
- FIPS_RC2_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* RC2-ECB Single-Round Known Answer Decryption Test: */
- /******************************************************/
-
- rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
- NULL, NSS_RC2,
- FIPS_RC2_KEY_LENGTH );
-
- if( rc2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc2_status = RC2_Decrypt( rc2_context, rc2_computed_plaintext,
- &rc2_bytes_decrypted, FIPS_RC2_DECRYPT_LENGTH,
- rc2_ecb_known_ciphertext,
- FIPS_RC2_ENCRYPT_LENGTH );
-
- RC2_DestroyContext( rc2_context, PR_TRUE );
-
- if( ( rc2_status != SECSuccess ) ||
- ( rc2_bytes_decrypted != FIPS_RC2_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc2_computed_plaintext, rc2_ecb_known_plaintext,
- FIPS_RC2_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* RC2-CBC Single-Round Known Answer Encryption Test: */
- /******************************************************/
-
- rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
- rc2_cbc_known_initialization_vector,
- NSS_RC2_CBC, FIPS_RC2_KEY_LENGTH );
-
- if( rc2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc2_status = RC2_Encrypt( rc2_context, rc2_computed_ciphertext,
- &rc2_bytes_encrypted, FIPS_RC2_ENCRYPT_LENGTH,
- rc2_cbc_known_plaintext,
- FIPS_RC2_DECRYPT_LENGTH );
-
- RC2_DestroyContext( rc2_context, PR_TRUE );
-
- if( ( rc2_status != SECSuccess ) ||
- ( rc2_bytes_encrypted != FIPS_RC2_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc2_computed_ciphertext, rc2_cbc_known_ciphertext,
- FIPS_RC2_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* RC2-CBC Single-Round Known Answer Decryption Test: */
- /******************************************************/
-
- rc2_context = RC2_CreateContext( rc2_known_key, FIPS_RC2_KEY_LENGTH,
- rc2_cbc_known_initialization_vector,
- NSS_RC2_CBC, FIPS_RC2_KEY_LENGTH );
-
- if( rc2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc2_status = RC2_Decrypt( rc2_context, rc2_computed_plaintext,
- &rc2_bytes_decrypted, FIPS_RC2_DECRYPT_LENGTH,
- rc2_cbc_known_ciphertext,
- FIPS_RC2_ENCRYPT_LENGTH );
-
- RC2_DestroyContext( rc2_context, PR_TRUE );
-
- if( ( rc2_status != SECSuccess ) ||
- ( rc2_bytes_decrypted != FIPS_RC2_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc2_computed_plaintext, rc2_ecb_known_plaintext,
- FIPS_RC2_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_RC4_PowerUpSelfTest( void )
-{
- /* RC4 Known Key (40-bits). */
- static PRUint8 rc4_known_key[] = { "RSARC" };
-
- /* RC4 Known Plaintext (64-bits). */
- static PRUint8 rc4_known_plaintext[] = { "Netscape" };
-
- /* RC4 Known Ciphertext (64-bits). */
- static PRUint8 rc4_known_ciphertext[] = {
- 0x29,0x33,0xc7,0x9a,0x9d,0x6c,0x09,0xdd};
-
- /* RC4 variables. */
- PRUint8 rc4_computed_ciphertext[FIPS_RC4_ENCRYPT_LENGTH];
- PRUint8 rc4_computed_plaintext[FIPS_RC4_DECRYPT_LENGTH];
- RC4Context * rc4_context;
- unsigned int rc4_bytes_encrypted;
- unsigned int rc4_bytes_decrypted;
- SECStatus rc4_status;
-
-
- /**************************************************/
- /* RC4 Single-Round Known Answer Encryption Test: */
- /**************************************************/
-
- rc4_context = RC4_CreateContext( rc4_known_key, FIPS_RC4_KEY_LENGTH );
-
- if( rc4_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc4_status = RC4_Encrypt( rc4_context, rc4_computed_ciphertext,
- &rc4_bytes_encrypted, FIPS_RC4_ENCRYPT_LENGTH,
- rc4_known_plaintext, FIPS_RC4_DECRYPT_LENGTH );
-
- RC4_DestroyContext( rc4_context, PR_TRUE );
-
- if( ( rc4_status != SECSuccess ) ||
- ( rc4_bytes_encrypted != FIPS_RC4_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc4_computed_ciphertext, rc4_known_ciphertext,
- FIPS_RC4_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /**************************************************/
- /* RC4 Single-Round Known Answer Decryption Test: */
- /**************************************************/
-
- rc4_context = RC4_CreateContext( rc4_known_key, FIPS_RC4_KEY_LENGTH );
-
- if( rc4_context == NULL )
- return( CKR_HOST_MEMORY );
-
- rc4_status = RC4_Decrypt( rc4_context, rc4_computed_plaintext,
- &rc4_bytes_decrypted, FIPS_RC4_DECRYPT_LENGTH,
- rc4_known_ciphertext, FIPS_RC4_ENCRYPT_LENGTH );
-
- RC4_DestroyContext( rc4_context, PR_TRUE );
-
- if( ( rc4_status != SECSuccess ) ||
- ( rc4_bytes_decrypted != FIPS_RC4_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( rc4_computed_plaintext, rc4_known_plaintext,
- FIPS_RC4_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_DES_PowerUpSelfTest( void )
-{
- /* DES Known Key (56-bits). */
- static PRUint8 des_known_key[] = { "ANSI DES" };
-
- /* DES-CBC Known Initialization Vector (64-bits). */
- static PRUint8 des_cbc_known_initialization_vector[] = { "Security" };
-
- /* DES Known Plaintext (64-bits). */
- static PRUint8 des_ecb_known_plaintext[] = { "Netscape" };
- static PRUint8 des_cbc_known_plaintext[] = { "Netscape" };
-
- /* DES Known Ciphertext (64-bits). */
- static PRUint8 des_ecb_known_ciphertext[] = {
- 0x26,0x14,0xe9,0xc3,0x28,0x80,0x50,0xb0};
- static PRUint8 des_cbc_known_ciphertext[] = {
- 0x5e,0x95,0x94,0x5d,0x76,0xa2,0xd3,0x7d};
-
- /* DES variables. */
- PRUint8 des_computed_ciphertext[FIPS_DES_ENCRYPT_LENGTH];
- PRUint8 des_computed_plaintext[FIPS_DES_DECRYPT_LENGTH];
- DESContext * des_context;
- unsigned int des_bytes_encrypted;
- unsigned int des_bytes_decrypted;
- SECStatus des_status;
-
-
- /******************************************************/
- /* DES-ECB Single-Round Known Answer Encryption Test: */
- /******************************************************/
-
- des_context = DES_CreateContext( des_known_key, NULL, NSS_DES, PR_TRUE );
-
- if( des_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des_status = DES_Encrypt( des_context, des_computed_ciphertext,
- &des_bytes_encrypted, FIPS_DES_ENCRYPT_LENGTH,
- des_ecb_known_plaintext,
- FIPS_DES_DECRYPT_LENGTH );
-
- DES_DestroyContext( des_context, PR_TRUE );
-
- if( ( des_status != SECSuccess ) ||
- ( des_bytes_encrypted != FIPS_DES_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( des_computed_ciphertext, des_ecb_known_ciphertext,
- FIPS_DES_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* DES-ECB Single-Round Known Answer Decryption Test: */
- /******************************************************/
-
- des_context = DES_CreateContext( des_known_key, NULL, NSS_DES, PR_FALSE );
-
- if( des_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des_status = DES_Decrypt( des_context, des_computed_plaintext,
- &des_bytes_decrypted, FIPS_DES_DECRYPT_LENGTH,
- des_ecb_known_ciphertext,
- FIPS_DES_ENCRYPT_LENGTH );
-
- DES_DestroyContext( des_context, PR_TRUE );
-
- if( ( des_status != SECSuccess ) ||
- ( des_bytes_decrypted != FIPS_DES_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( des_computed_plaintext, des_ecb_known_plaintext,
- FIPS_DES_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* DES-CBC Single-Round Known Answer Encryption Test. */
- /******************************************************/
-
- des_context = DES_CreateContext( des_known_key,
- des_cbc_known_initialization_vector,
- NSS_DES_CBC, PR_TRUE );
-
- if( des_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des_status = DES_Encrypt( des_context, des_computed_ciphertext,
- &des_bytes_encrypted, FIPS_DES_ENCRYPT_LENGTH,
- des_cbc_known_plaintext,
- FIPS_DES_DECRYPT_LENGTH );
-
- DES_DestroyContext( des_context, PR_TRUE );
-
- if( ( des_status != SECSuccess ) ||
- ( des_bytes_encrypted != FIPS_DES_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( des_computed_ciphertext, des_cbc_known_ciphertext,
- FIPS_DES_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /******************************************************/
- /* DES-CBC Single-Round Known Answer Decryption Test. */
- /******************************************************/
-
- des_context = DES_CreateContext( des_known_key,
- des_cbc_known_initialization_vector,
- NSS_DES_CBC, PR_FALSE );
-
- if( des_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des_status = DES_Decrypt( des_context, des_computed_plaintext,
- &des_bytes_decrypted, FIPS_DES_DECRYPT_LENGTH,
- des_cbc_known_ciphertext,
- FIPS_DES_ENCRYPT_LENGTH );
-
- DES_DestroyContext( des_context, PR_TRUE );
-
- if( ( des_status != SECSuccess ) ||
- ( des_bytes_decrypted != FIPS_DES_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( des_computed_plaintext, des_cbc_known_plaintext,
- FIPS_DES_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_DES3_PowerUpSelfTest( void )
-{
- /* DES3 Known Key (56-bits). */
- static PRUint8 des3_known_key[] = { "ANSI Triple-DES Key Data" };
-
- /* DES3-CBC Known Initialization Vector (64-bits). */
- static PRUint8 des3_cbc_known_initialization_vector[] = { "Security" };
-
- /* DES3 Known Plaintext (64-bits). */
- static PRUint8 des3_ecb_known_plaintext[] = { "Netscape" };
- static PRUint8 des3_cbc_known_plaintext[] = { "Netscape" };
-
- /* DES3 Known Ciphertext (64-bits). */
- static PRUint8 des3_ecb_known_ciphertext[] = {
- 0x55,0x8e,0xad,0x3c,0xee,0x49,0x69,0xbe};
- static PRUint8 des3_cbc_known_ciphertext[] = {
- 0x43,0xdc,0x6a,0xc1,0xaf,0xa6,0x32,0xf5};
-
- /* DES3 variables. */
- PRUint8 des3_computed_ciphertext[FIPS_DES3_ENCRYPT_LENGTH];
- PRUint8 des3_computed_plaintext[FIPS_DES3_DECRYPT_LENGTH];
- DESContext * des3_context;
- unsigned int des3_bytes_encrypted;
- unsigned int des3_bytes_decrypted;
- SECStatus des3_status;
-
-
- /*******************************************************/
- /* DES3-ECB Single-Round Known Answer Encryption Test. */
- /*******************************************************/
-
- des3_context = DES_CreateContext( des3_known_key, NULL,
- NSS_DES_EDE3, PR_TRUE );
-
- if( des3_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des3_status = DES_Encrypt( des3_context, des3_computed_ciphertext,
- &des3_bytes_encrypted, FIPS_DES3_ENCRYPT_LENGTH,
- des3_ecb_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH );
-
- DES_DestroyContext( des3_context, PR_TRUE );
-
- if( ( des3_status != SECSuccess ) ||
- ( des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( des3_computed_ciphertext, des3_ecb_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /*******************************************************/
- /* DES3-ECB Single-Round Known Answer Decryption Test. */
- /*******************************************************/
-
- des3_context = DES_CreateContext( des3_known_key, NULL,
- NSS_DES_EDE3, PR_FALSE );
-
- if( des3_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des3_status = DES_Decrypt( des3_context, des3_computed_plaintext,
- &des3_bytes_decrypted, FIPS_DES3_DECRYPT_LENGTH,
- des3_ecb_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH );
-
- DES_DestroyContext( des3_context, PR_TRUE );
-
- if( ( des3_status != SECSuccess ) ||
- ( des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( des3_computed_plaintext, des3_ecb_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /*******************************************************/
- /* DES3-CBC Single-Round Known Answer Encryption Test. */
- /*******************************************************/
-
- des3_context = DES_CreateContext( des3_known_key,
- des3_cbc_known_initialization_vector,
- NSS_DES_EDE3_CBC, PR_TRUE );
-
- if( des3_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des3_status = DES_Encrypt( des3_context, des3_computed_ciphertext,
- &des3_bytes_encrypted, FIPS_DES3_ENCRYPT_LENGTH,
- des3_cbc_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH );
-
- DES_DestroyContext( des3_context, PR_TRUE );
-
- if( ( des3_status != SECSuccess ) ||
- ( des3_bytes_encrypted != FIPS_DES3_ENCRYPT_LENGTH ) ||
- ( PORT_Memcmp( des3_computed_ciphertext, des3_cbc_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
-
- /*******************************************************/
- /* DES3-CBC Single-Round Known Answer Decryption Test. */
- /*******************************************************/
-
- des3_context = DES_CreateContext( des3_known_key,
- des3_cbc_known_initialization_vector,
- NSS_DES_EDE3_CBC, PR_FALSE );
-
- if( des3_context == NULL )
- return( CKR_HOST_MEMORY );
-
- des3_status = DES_Decrypt( des3_context, des3_computed_plaintext,
- &des3_bytes_decrypted, FIPS_DES3_DECRYPT_LENGTH,
- des3_cbc_known_ciphertext,
- FIPS_DES3_ENCRYPT_LENGTH );
-
- DES_DestroyContext( des3_context, PR_TRUE );
-
- if( ( des3_status != SECSuccess ) ||
- ( des3_bytes_decrypted != FIPS_DES3_DECRYPT_LENGTH ) ||
- ( PORT_Memcmp( des3_computed_plaintext, des3_cbc_known_plaintext,
- FIPS_DES3_DECRYPT_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_MD2_PowerUpSelfTest( void )
-{
- /* MD2 Known Hash Message (512-bits). */
- static PRUint8 md2_known_hash_message[] = {
- "The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
- /* MD2 Known Digest Message (128-bits). */
- static PRUint8 md2_known_digest[] = {
- 0x41,0x5a,0x12,0xb2,0x3f,0x28,0x97,0x17,
- 0x0c,0x71,0x4e,0xcc,0x40,0xc8,0x1d,0x1b};
-
- /* MD2 variables. */
- MD2Context * md2_context;
- unsigned int md2_bytes_hashed;
- PRUint8 md2_computed_digest[MD2_LENGTH];
-
-
- /***********************************************/
- /* MD2 Single-Round Known Answer Hashing Test. */
- /***********************************************/
-
- md2_context = MD2_NewContext();
-
- if( md2_context == NULL )
- return( CKR_HOST_MEMORY );
-
- MD2_Begin( md2_context );
-
- MD2_Update( md2_context, md2_known_hash_message,
- FIPS_MD2_HASH_MESSAGE_LENGTH );
-
- MD2_End( md2_context, md2_computed_digest, &md2_bytes_hashed, MD2_LENGTH );
-
- MD2_DestroyContext( md2_context , PR_TRUE );
-
- if( ( md2_bytes_hashed != MD2_LENGTH ) ||
- ( PORT_Memcmp( md2_computed_digest, md2_known_digest,
- MD2_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_MD5_PowerUpSelfTest( void )
-{
- /* MD5 Known Hash Message (512-bits). */
- static PRUint8 md5_known_hash_message[] = {
- "The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
- /* MD5 Known Digest Message (128-bits). */
- static PRUint8 md5_known_digest[] = {
- 0x25,0xc8,0xc0,0x10,0xc5,0x6e,0x68,0x28,
- 0x28,0xa4,0xa5,0xd2,0x98,0x9a,0xea,0x2d};
-
- /* MD5 variables. */
- PRUint8 md5_computed_digest[MD5_LENGTH];
- SECStatus md5_status;
-
-
- /***********************************************/
- /* MD5 Single-Round Known Answer Hashing Test. */
- /***********************************************/
-
- md5_status = MD5_HashBuf( md5_computed_digest, md5_known_hash_message,
- FIPS_MD5_HASH_MESSAGE_LENGTH );
-
- if( ( md5_status != SECSuccess ) ||
- ( PORT_Memcmp( md5_computed_digest, md5_known_digest,
- MD5_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_SHA1_PowerUpSelfTest( void )
-{
- /* SHA-1 Known Hash Message (512-bits). */
- static PRUint8 sha1_known_hash_message[] = {
- "The test message for the MD2, MD5, and SHA-1 hashing algorithms." };
-
- /* SHA-1 Known Digest Message (160-bits). */
- static PRUint8 sha1_known_digest[] = {
- 0x0a,0x6d,0x07,0xba,0x1e,0xbd,0x8a,0x1b,
- 0x72,0xf6,0xc7,0x22,0xf1,0x27,0x9f,0xf0,
- 0xe0,0x68,0x47,0x7a};
-
- /* SHA-1 variables. */
- PRUint8 sha1_computed_digest[SHA1_LENGTH];
- SECStatus sha1_status;
-
-
- /*************************************************/
- /* SHA-1 Single-Round Known Answer Hashing Test. */
- /*************************************************/
-
- sha1_status = SHA1_HashBuf( sha1_computed_digest, sha1_known_hash_message,
- FIPS_SHA1_HASH_MESSAGE_LENGTH );
-
- if( ( sha1_status != SECSuccess ) ||
- ( PORT_Memcmp( sha1_computed_digest, sha1_known_digest,
- SHA1_LENGTH ) != 0 ) )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-}
-
-
-static CK_RV
-pk11_fips_RSA_PowerUpSelfTest( void )
-{
- /* RSA Known Modulus used in both Public/Private Key Values (520-bits). */
- static PRUint8 rsa_modulus[FIPS_RSA_MODULUS_LENGTH] = {
- 0x00,0xa1,0xe9,0x5e,0x66,0x88,0xe2,0xf2,
- 0x2b,0xe7,0x70,0x36,0x33,0xbc,0xeb,0x55,
- 0x55,0xf1,0x60,0x18,0x3c,0xfb,0xd2,0x79,
- 0xf6,0xc4,0xb8,0x09,0xe3,0x12,0xf6,0x63,
- 0x6d,0xc7,0x8e,0x19,0xc0,0x0e,0x10,0x78,
- 0xc1,0xfe,0x2a,0x41,0x74,0x2d,0xf7,0xc4,
- 0x69,0xa7,0x3c,0xbc,0x8a,0xc8,0x31,0x2b,
- 0x4f,0x60,0xf0,0xf1,0xec,0x5a,0x29,0xec,
- 0x6b};
-
- /* RSA Known Public Key Values (8-bits). */
- static PRUint8 rsa_public_exponent[] = { 0x03 };
-
- /* RSA Known Private Key Values (version is 8-bits), */
- /* (private exponent is 512-bits), */
- /* (private prime0 is 264-bits), */
- /* (private prime1 is 264-bits), */
- /* (private prime exponent0 is 264-bits), */
- /* (private prime exponent1 is 264-bits), */
- /* and (private coefficient is 256-bits). */
- static PRUint8 rsa_version[] = { 0x00 };
- static PRUint8 rsa_private_exponent[FIPS_RSA_PRIVATE_EXPONENT_LENGTH] = {
- 0x6b,0xf0,0xe9,0x99,0xb0,0x97,0x4c,0x1d,
- 0x44,0xf5,0x79,0x77,0xd3,0x47,0x8e,0x39,
- 0x4b,0x95,0x65,0x7d,0xfd,0x36,0xfb,0xf9,
- 0xd8,0x7a,0xb1,0x42,0x0c,0xa4,0x42,0x48,
- 0x20,0x1c,0x6b,0x7d,0x5d,0xa3,0x58,0xd6,
- 0x95,0xd6,0x41,0xe3,0xd6,0x73,0xad,0xdb,
- 0x3b,0x89,0x00,0x8a,0xcd,0x1d,0xb9,0x06,
- 0xac,0xac,0x0e,0x02,0x72,0x1c,0xf8,0xab };
- static PRUint8 rsa_prime0[FIPS_RSA_PRIME0_LENGTH] = {
- 0x00,0xd2,0x2c,0x9d,0xef,0x7c,0x8f,0x58,
- 0x93,0x19,0xa1,0x77,0x0e,0x38,0x3e,0x85,
- 0xb4,0xaf,0xcc,0x99,0xa5,0x43,0xbf,0x97,
- 0xdc,0x46,0xb8,0x3f,0x6e,0x85,0x18,0x00,
- 0x81};
- static PRUint8 rsa_prime1[FIPS_RSA_PRIME1_LENGTH] = {
- 0x00,0xc5,0x36,0xda,0x94,0x85,0x0c,0x1a,
- 0xed,0x03,0xc7,0x67,0x90,0x34,0x0b,0xb9,
- 0xec,0x1e,0x22,0xa2,0x15,0x50,0xc4,0xfd,
- 0xe9,0x17,0x36,0x9d,0x7a,0x29,0xe6,0x76,
- 0xeb};
- static PRUint8 rsa_exponent0[FIPS_RSA_EXPONENT0_LENGTH] = {
- 0x00,0x8c,0x1d,0xbe,0x9f,0xa8,
- 0x5f,0x90,0x62,0x11,0x16,0x4f,
- 0x5e,0xd0,0x29,0xae,0x78,0x75,
- 0x33,0x11,0x18,0xd7,0xd5,0x0f,
- 0xe8,0x2f,0x25,0x7f,0x9f,0x03,
- 0x65,0x55,0xab};
- static PRUint8 rsa_exponent1[FIPS_RSA_EXPONENT1_LENGTH] = {
- 0x00,0x83,0x79,0xe7,0x0d,0xae,
- 0x08,0x11,0xf3,0x57,0xda,0x45,
- 0x0a,0xcd,0x5d,0x26,0x9d,0x69,
- 0x6c,0x6c,0x0e,0x35,0xd8,0xa9,
- 0x46,0x0f,0x79,0xbe,0x51,0x71,
- 0x44,0x4f,0x47};
- static PRUint8 rsa_coefficient[FIPS_RSA_COEFFICIENT_LENGTH] = {
- 0x54,0x8d,0xb8,0xdc,0x8b,0xde,0xbb,
- 0x08,0xc9,0x67,0xb7,0xa9,0x5f,0xa5,
- 0xc4,0x5e,0x67,0xaa,0xfe,0x1a,0x08,
- 0xeb,0x48,0x43,0xcb,0xb0,0xb9,0x38,
- 0x3a,0x31,0x39,0xde};
-
-
- /* RSA Known Plaintext (512-bits). */
- static PRUint8 rsa_known_plaintext[] = {
- "Known plaintext utilized for RSA"
- " Encryption and Decryption test." };
-
- /* RSA Known Ciphertext (512-bits). */
- static PRUint8 rsa_known_ciphertext[] = {
- 0x12,0x80,0x3a,0x53,0xee,0x93,0x81,0xa5,
- 0xf7,0x40,0xc5,0xb1,0xef,0xd9,0x27,0xaf,
- 0xef,0x4b,0x87,0x44,0x00,0xd0,0xda,0xcf,
- 0x10,0x57,0x4c,0xd5,0xc3,0xed,0x84,0xdc,
- 0x74,0x03,0x19,0x69,0x2c,0xd6,0x54,0x3e,
- 0xd2,0xe3,0x90,0xb6,0x67,0x91,0x2f,0x1f,
- 0x54,0x13,0x99,0x00,0x0b,0xfd,0x52,0x7f,
- 0xd8,0xc6,0xdb,0x8a,0xfe,0x06,0xf3,0xb1};
-
- /* RSA Known Message (128-bits). */
- static PRUint8 rsa_known_message[] = { "Netscape Forever" };
-
- /* RSA Known Signed Hash (512-bits). */
- static PRUint8 rsa_known_signature[] = {
- 0x27,0x23,0xa6,0x71,0x57,0xc8,0x70,0x5f,
- 0x70,0x0e,0x06,0x7b,0x96,0x6a,0xaa,0x41,
- 0x6e,0xab,0x67,0x4b,0x5f,0x76,0xc4,0x53,
- 0x23,0xd7,0x57,0x7a,0x3a,0xbc,0x4c,0x27,
- 0x65,0xca,0xde,0x9f,0xd3,0x1d,0xa4,0x5a,
- 0xf9,0x8f,0xb2,0x05,0xa3,0x86,0xf9,0x66,
- 0x55,0x4c,0x68,0x50,0x66,0xa4,0xe9,0x17,
- 0x45,0x11,0xb8,0x1a,0xfc,0xbc,0x79,0x3b};
-
-
- static RSAPublicKey bl_public_key = { NULL,
- { FIPS_RSA_TYPE, rsa_modulus, FIPS_RSA_MODULUS_LENGTH },
- { FIPS_RSA_TYPE, rsa_public_exponent, FIPS_RSA_PUBLIC_EXPONENT_LENGTH }
- };
- static RSAPrivateKey bl_private_key = { NULL,
- { FIPS_RSA_TYPE, rsa_version, FIPS_RSA_PRIVATE_VERSION_LENGTH },
- { FIPS_RSA_TYPE, rsa_modulus, FIPS_RSA_MODULUS_LENGTH },
- { FIPS_RSA_TYPE, rsa_public_exponent, FIPS_RSA_PUBLIC_EXPONENT_LENGTH },
- { FIPS_RSA_TYPE, rsa_private_exponent, FIPS_RSA_PRIVATE_EXPONENT_LENGTH },
- { FIPS_RSA_TYPE, rsa_prime0, FIPS_RSA_PRIME0_LENGTH },
- { FIPS_RSA_TYPE, rsa_prime1, FIPS_RSA_PRIME1_LENGTH },
- { FIPS_RSA_TYPE, rsa_exponent0, FIPS_RSA_EXPONENT0_LENGTH },
- { FIPS_RSA_TYPE, rsa_exponent1, FIPS_RSA_EXPONENT1_LENGTH },
- { FIPS_RSA_TYPE, rsa_coefficient, FIPS_RSA_COEFFICIENT_LENGTH }
- };
-
- /* RSA variables. */
-#ifdef CREATE_TEMP_ARENAS
- PLArenaPool * rsa_public_arena;
- PLArenaPool * rsa_private_arena;
-#endif
- NSSLOWKEYPublicKey * rsa_public_key;
- NSSLOWKEYPrivateKey * rsa_private_key;
- unsigned int rsa_bytes_signed;
- SECStatus rsa_status;
-
- NSSLOWKEYPublicKey low_public_key = { NULL, NSSLOWKEYRSAKey, };
- NSSLOWKEYPrivateKey low_private_key = { NULL, NSSLOWKEYRSAKey, };
- PRUint8 rsa_computed_ciphertext[FIPS_RSA_ENCRYPT_LENGTH];
- PRUint8 rsa_computed_plaintext[FIPS_RSA_DECRYPT_LENGTH];
- PRUint8 rsa_computed_signature[FIPS_RSA_SIGNATURE_LENGTH];
-
- /****************************************/
- /* Compose RSA Public/Private Key Pair. */
- /****************************************/
-
- low_public_key.u.rsa = bl_public_key;
- low_private_key.u.rsa = bl_private_key;
-
- rsa_public_key = &low_public_key;
- rsa_private_key = &low_private_key;
-
-#ifdef CREATE_TEMP_ARENAS
- /* Create some space for the RSA public key. */
- rsa_public_arena = PORT_NewArena( NSS_SOFTOKEN_DEFAULT_CHUNKSIZE );
-
- if( rsa_public_arena == NULL ) {
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- return( CKR_HOST_MEMORY );
- }
-
- /* Create some space for the RSA private key. */
- rsa_private_arena = PORT_NewArena( NSS_SOFTOKEN_DEFAULT_CHUNKSIZE );
-
- if( rsa_private_arena == NULL ) {
- PORT_FreeArena( rsa_public_arena, PR_TRUE );
- PORT_SetError( SEC_ERROR_NO_MEMORY );
- return( CKR_HOST_MEMORY );
- }
-
- rsa_public_key->arena = rsa_public_arena;
- rsa_private_key->arena = rsa_private_arena;
-#endif
-
- /**************************************************/
- /* RSA Single-Round Known Answer Encryption Test. */
- /**************************************************/
-
- /* Perform RSA Public Key Encryption. */
- rsa_status = RSA_PublicKeyOp(&rsa_public_key->u.rsa,
- rsa_computed_ciphertext, rsa_known_plaintext);
-
- if( ( rsa_status != SECSuccess ) ||
- ( PORT_Memcmp( rsa_computed_ciphertext, rsa_known_ciphertext,
- FIPS_RSA_ENCRYPT_LENGTH ) != 0 ) )
- goto rsa_loser;
-
- /**************************************************/
- /* RSA Single-Round Known Answer Decryption Test. */
- /**************************************************/
-
- /* Perform RSA Private Key Decryption. */
- rsa_status = RSA_PrivateKeyOp(&rsa_private_key->u.rsa,
- rsa_computed_plaintext, rsa_known_ciphertext);
-
- if( ( rsa_status != SECSuccess ) ||
- ( PORT_Memcmp( rsa_computed_plaintext, rsa_known_plaintext,
- FIPS_RSA_DECRYPT_LENGTH ) != 0 ) )
- goto rsa_loser;
-
-
- /*************************************************/
- /* RSA Single-Round Known Answer Signature Test. */
- /*************************************************/
-
- /* Perform RSA signature with the RSA private key. */
- rsa_status = RSA_Sign( rsa_private_key, rsa_computed_signature,
- &rsa_bytes_signed,
- FIPS_RSA_SIGNATURE_LENGTH, rsa_known_message,
- FIPS_RSA_MESSAGE_LENGTH );
-
- if( ( rsa_status != SECSuccess ) ||
- ( rsa_bytes_signed != FIPS_RSA_SIGNATURE_LENGTH ) ||
- ( PORT_Memcmp( rsa_computed_signature, rsa_known_signature,
- FIPS_RSA_SIGNATURE_LENGTH ) != 0 ) )
- goto rsa_loser;
-
-
- /****************************************************/
- /* RSA Single-Round Known Answer Verification Test. */
- /****************************************************/
-
- /* Perform RSA verification with the RSA public key. */
- rsa_status = RSA_CheckSign( rsa_public_key,
- rsa_computed_signature,
- FIPS_RSA_SIGNATURE_LENGTH,
- rsa_known_message,
- FIPS_RSA_MESSAGE_LENGTH );
-
- if( rsa_status != SECSuccess )
- goto rsa_loser;
-
- /* Dispose of all RSA key material. */
- nsslowkey_DestroyPublicKey( rsa_public_key );
- nsslowkey_DestroyPrivateKey( rsa_private_key );
-
- return( CKR_OK );
-
-
-rsa_loser:
-
- nsslowkey_DestroyPublicKey( rsa_public_key );
- nsslowkey_DestroyPrivateKey( rsa_private_key );
-
- return( CKR_DEVICE_ERROR );
-}
-
-
-static CK_RV
-pk11_fips_DSA_PowerUpSelfTest( void )
-{
- /* DSA Known P (512-bits), Q (160-bits), and G (512-bits) Values. */
- static PRUint8 dsa_P[] = {
- 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
- 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
- 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
- 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
- 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
- 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
- 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
- 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91};
- static PRUint8 dsa_Q[] = {
- 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
- 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
- 0xda,0xce,0x91,0x5f};
- static PRUint8 dsa_G[] = {
- 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
- 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
- 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
- 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
- 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
- 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
- 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
- 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02};
-
- /* DSA Known Random Values (known random key block is 160-bits) */
- /* and (known random signature block is 160-bits). */
- static PRUint8 dsa_known_random_key_block[] = {
- "Mozilla Rules World!"};
- static PRUint8 dsa_known_random_signature_block[] = {
- "Random DSA Signature"};
-
- /* DSA Known Digest (160-bits) */
- static PRUint8 dsa_known_digest[] = { "DSA Signature Digest" };
-
- /* DSA Known Signature (320-bits). */
- static PRUint8 dsa_known_signature[] = {
- 0x39,0x0d,0x84,0xb1,0xf7,0x52,0x89,0xba,
- 0xec,0x1e,0xa8,0xe2,0x00,0x8e,0x37,0x8f,
- 0xc2,0xf5,0xf8,0x70,0x11,0xa8,0xc7,0x02,
- 0x0e,0x75,0xcf,0x6b,0x54,0x4a,0x52,0xe8,
- 0xd8,0x6d,0x4a,0xe8,0xee,0x56,0x8e,0x59};
-
- /* DSA variables. */
- DSAPrivateKey * dsa_private_key;
- SECStatus dsa_status;
- SECItem dsa_signature_item;
- SECItem dsa_digest_item;
- DSAPublicKey dsa_public_key;
- PRUint8 dsa_computed_signature[FIPS_DSA_SIGNATURE_LENGTH];
- static PQGParams dsa_pqg = { NULL,
- { FIPS_DSA_TYPE, dsa_P, FIPS_DSA_PRIME_LENGTH },
- { FIPS_DSA_TYPE, dsa_Q, FIPS_DSA_SUBPRIME_LENGTH },
- { FIPS_DSA_TYPE, dsa_G, FIPS_DSA_BASE_LENGTH }};
-
- /*******************************************/
- /* Generate a DSA public/private key pair. */
- /*******************************************/
-
- /* Generate a DSA public/private key pair. */
-
- dsa_status = DSA_NewKeyFromSeed(&dsa_pqg, dsa_known_random_key_block,
- &dsa_private_key);
-
- if( dsa_status != SECSuccess )
- return( CKR_HOST_MEMORY );
-
- /* construct public key from private key. */
- dsa_public_key.params = dsa_private_key->params;
- dsa_public_key.publicValue = dsa_private_key->publicValue;
-
- /*************************************************/
- /* DSA Single-Round Known Answer Signature Test. */
- /*************************************************/
-
- dsa_signature_item.data = dsa_computed_signature;
- dsa_signature_item.len = sizeof dsa_computed_signature;
-
- dsa_digest_item.data = dsa_known_digest;
- dsa_digest_item.len = SHA1_LENGTH;
-
- /* Perform DSA signature process. */
- dsa_status = DSA_SignDigestWithSeed( dsa_private_key,
- &dsa_signature_item,
- &dsa_digest_item,
- dsa_known_random_signature_block );
-
- if( ( dsa_status != SECSuccess ) ||
- ( dsa_signature_item.len != FIPS_DSA_SIGNATURE_LENGTH ) ||
- ( PORT_Memcmp( dsa_computed_signature, dsa_known_signature,
- FIPS_DSA_SIGNATURE_LENGTH ) != 0 ) ) {
- dsa_status = SECFailure;
- } else {
-
- /****************************************************/
- /* DSA Single-Round Known Answer Verification Test. */
- /****************************************************/
-
- /* Perform DSA verification process. */
- dsa_status = DSA_VerifyDigest( &dsa_public_key,
- &dsa_signature_item,
- &dsa_digest_item);
- }
-
- PORT_FreeArena(dsa_private_key->params.arena, PR_TRUE);
- /* Don't free public key, it uses same arena as private key */
-
- /* Verify DSA signature. */
- if( dsa_status != SECSuccess )
- return( CKR_DEVICE_ERROR );
-
- return( CKR_OK );
-
-
-}
-
-
-CK_RV
-pk11_fipsPowerUpSelfTest( void )
-{
- CK_RV rv;
-
- /* RC2 Power-Up SelfTest(s). */
- rv = pk11_fips_RC2_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* RC4 Power-Up SelfTest(s). */
- rv = pk11_fips_RC4_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* DES Power-Up SelfTest(s). */
- rv = pk11_fips_DES_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* DES3 Power-Up SelfTest(s). */
- rv = pk11_fips_DES3_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* MD2 Power-Up SelfTest(s). */
- rv = pk11_fips_MD2_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* MD5 Power-Up SelfTest(s). */
- rv = pk11_fips_MD5_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* SHA-1 Power-Up SelfTest(s). */
- rv = pk11_fips_SHA1_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* RSA Power-Up SelfTest(s). */
- rv = pk11_fips_RSA_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* DSA Power-Up SelfTest(s). */
- rv = pk11_fips_DSA_PowerUpSelfTest();
-
- if( rv != CKR_OK )
- return rv;
-
- /* Passed Power-Up SelfTest(s). */
- return( CKR_OK );
-}
-
diff --git a/security/nss/lib/softoken/fipstokn.c b/security/nss/lib/softoken/fipstokn.c
deleted file mode 100644
index b547a93e4..000000000
--- a/security/nss/lib/softoken/fipstokn.c
+++ /dev/null
@@ -1,908 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- * This implementation has two slots:
- * slot 1 is our generic crypto support. It does not require login
- * (unless you've enabled FIPS). It supports Public Key ops, and all they
- * bulk ciphers and hashes. It can also support Private Key ops for imported
- * Private keys. It does not have any token storage.
- * slot 2 is our private key support. It requires a login before use. It
- * can store Private Keys and Certs as token objects. Currently only private
- * keys and their associated Certificates are saved on the token.
- *
- * In this implementation, session objects are only visible to the session
- * that created or generated them.
- */
-#include "seccomon.h"
-#include "softoken.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "pkcs11.h"
-#include "pkcs11i.h"
-
-
-/*
- * ******************** Password Utilities *******************************
- */
-static PRBool isLoggedIn = PR_FALSE;
-static PRBool fatalError = PR_FALSE;
-
-/* Fips required checks before any useful crypto graphic services */
-static CK_RV pk11_fipsCheck(void) {
- if (isLoggedIn != PR_TRUE)
- return CKR_USER_NOT_LOGGED_IN;
- if (fatalError)
- return CKR_DEVICE_ERROR;
- return CKR_OK;
-}
-
-
-#define PK11_FIPSCHECK() \
- CK_RV rv; \
- if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
-
-#define PK11_FIPSFATALCHECK() \
- if (fatalError) return CKR_DEVICE_ERROR;
-
-
-/* grab an attribute out of a raw template */
-void *
-fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,
- CK_ULONG ulCount, CK_ATTRIBUTE_TYPE type)
-{
- int i;
-
- for (i=0; i < (int) ulCount; i++) {
- if (pTemplate[i].type == type) {
- return pTemplate[i].pValue;
- }
- }
- return NULL;
-}
-
-
-#define __PASTE(x,y) x##y
-
-/* ------------- forward declare all the NSC_ functions ------------- */
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(NS,name)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-/* ------------- forward declare all the FIPS functions ------------- */
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F,name)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-/* ------------- build the CK_CRYPTO_TABLE ------------------------- */
-static CK_FUNCTION_LIST pk11_fipsTable = {
- { 1, 10 },
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-#define CK_PKCS11_FUNCTION_INFO(name) __PASTE(F,name),
-
-
-#include "pkcs11f.h"
-
-};
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-#undef __PASTE
-
-
-/**********************************************************************
- *
- * Start of PKCS 11 functions
- *
- **********************************************************************/
-/* return the function list */
-CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
- *pFunctionList = &pk11_fipsTable;
- return CKR_OK;
-}
-
-
-/* FC_Initialize initializes the PKCS #11 library. */
-CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
- CK_RV crv;
-
- crv = nsc_CommonInitialize(pReserved, PR_TRUE);
-
- /* not an 'else' rv can be set by either PK11_LowInit or PK11_SlotInit*/
- if (crv != CKR_OK) {
- fatalError = PR_TRUE;
- return crv;
- }
-
- fatalError = PR_FALSE; /* any error has been reset */
-
- crv = pk11_fipsPowerUpSelfTest();
- if (crv != CKR_OK) {
- fatalError = PR_TRUE;
- return crv;
- }
-
- return CKR_OK;
-}
-
-/*FC_Finalize indicates that an application is done with the PKCS #11 library.*/
-CK_RV FC_Finalize (CK_VOID_PTR pReserved) {
- /* this should free up FIPS Slot */
- return NSC_Finalize (pReserved);
-}
-
-
-/* FC_GetInfo returns general information about PKCS #11. */
-CK_RV FC_GetInfo(CK_INFO_PTR pInfo) {
- return NSC_GetInfo(pInfo);
-}
-
-/* FC_GetSlotList obtains a list of slots in the system. */
-CK_RV FC_GetSlotList(CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) {
- return NSC_GetSlotList(tokenPresent,pSlotList,pulCount);
-}
-
-/* FC_GetSlotInfo obtains information about a particular slot in the system. */
-CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
-
- CK_RV crv;
-
- crv = NSC_GetSlotInfo(slotID,pInfo);
- if (crv != CKR_OK) {
- return crv;
- }
-
- return CKR_OK;
-}
-
-
-/*FC_GetTokenInfo obtains information about a particular token in the system.*/
- CK_RV FC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo) {
- CK_RV crv;
-
- crv = NSC_GetTokenInfo(slotID,pInfo);
- pInfo->flags |= CKF_RNG | CKF_LOGIN_REQUIRED;
- return crv;
-
-}
-
-
-
-/*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
- CK_RV FC_GetMechanismList(CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount) {
- PK11_FIPSFATALCHECK();
- if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
- /* FIPS Slot supports all functions */
- return NSC_GetMechanismList(slotID,pMechanismList,pusCount);
-}
-
-
-/* FC_GetMechanismInfo obtains information about a particular mechanism
- * possibly supported by a token. */
- CK_RV FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo) {
- PK11_FIPSFATALCHECK();
- if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
- /* FIPS Slot supports all functions */
- return NSC_GetMechanismInfo(slotID,type,pInfo);
-}
-
-
-/* FC_InitToken initializes a token. */
- CK_RV FC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,
- CK_ULONG usPinLen,CK_CHAR_PTR pLabel) {
- return CKR_HOST_MEMORY; /*is this the right function for not implemented*/
-}
-
-
-/* FC_InitPIN initializes the normal user's PIN. */
- CK_RV FC_InitPIN(CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin, CK_ULONG ulPinLen) {
- return NSC_InitPIN(hSession,pPin,ulPinLen);
-}
-
-
-/* FC_SetPIN modifies the PIN of user that is currently logged in. */
-/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
- CK_RV FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
- CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen) {
- CK_RV rv;
- if ((rv = pk11_fipsCheck()) != CKR_OK) return rv;
- return NSC_SetPIN(hSession,pOldPin,usOldLen,pNewPin,usNewLen);
-}
-
-/* FC_OpenSession opens a session between an application and a token. */
- CK_RV FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
- CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession) {
- PK11_FIPSFATALCHECK();
- return NSC_OpenSession(slotID,flags,pApplication,Notify,phSession);
-}
-
-
-/* FC_CloseSession closes a session between an application and a token. */
- CK_RV FC_CloseSession(CK_SESSION_HANDLE hSession) {
- return NSC_CloseSession(hSession);
-}
-
-
-/* FC_CloseAllSessions closes all sessions with a token. */
- CK_RV FC_CloseAllSessions (CK_SLOT_ID slotID) {
- return NSC_CloseAllSessions (slotID);
-}
-
-
-/* FC_GetSessionInfo obtains information about the session. */
- CK_RV FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo) {
- CK_RV rv;
- PK11_FIPSFATALCHECK();
-
- rv = NSC_GetSessionInfo(hSession,pInfo);
- if (rv == CKR_OK) {
- if ((isLoggedIn) && (pInfo->state == CKS_RO_PUBLIC_SESSION)) {
- pInfo->state = CKS_RO_USER_FUNCTIONS;
- }
- if ((isLoggedIn) && (pInfo->state == CKS_RW_PUBLIC_SESSION)) {
- pInfo->state = CKS_RW_USER_FUNCTIONS;
- }
- }
- return rv;
-}
-
-/* FC_Login logs a user into a token. */
- CK_RV FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
- CK_CHAR_PTR pPin, CK_ULONG usPinLen) {
- CK_RV rv;
- PK11_FIPSFATALCHECK();
- rv = NSC_Login(hSession,userType,pPin,usPinLen);
- if (rv == CKR_OK)
- isLoggedIn = PR_TRUE;
- else if (rv == CKR_USER_ALREADY_LOGGED_IN)
- {
- isLoggedIn = PR_TRUE;
-
- /* Provide FIPS PUB 140-1 power-up self-tests on demand. */
- rv = pk11_fipsPowerUpSelfTest();
- if (rv == CKR_OK)
- return CKR_USER_ALREADY_LOGGED_IN;
- else
- fatalError = PR_TRUE;
- }
- return rv;
-}
-
-/* FC_Logout logs a user out from a token. */
- CK_RV FC_Logout(CK_SESSION_HANDLE hSession) {
- PK11_FIPSCHECK();
-
- rv = NSC_Logout(hSession);
- isLoggedIn = PR_FALSE;
- return rv;
-}
-
-
-/* FC_CreateObject creates a new object. */
- CK_RV FC_CreateObject(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject) {
- CK_OBJECT_CLASS * classptr;
- PK11_FIPSCHECK();
- classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS);
- if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE;
-
- /* FIPS can't create keys from raw key material */
- if ((*classptr == CKO_SECRET_KEY) || (*classptr == CKO_PRIVATE_KEY)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- return NSC_CreateObject(hSession,pTemplate,ulCount,phObject);
-}
-
-
-
-
-
-/* FC_CopyObject copies an object, creating a new object for the copy. */
- CK_RV FC_CopyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount,
- CK_OBJECT_HANDLE_PTR phNewObject) {
- PK11_FIPSCHECK();
- return NSC_CopyObject(hSession,hObject,pTemplate,usCount,phNewObject);
-}
-
-
-/* FC_DestroyObject destroys an object. */
- CK_RV FC_DestroyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject) {
- PK11_FIPSCHECK();
- return NSC_DestroyObject(hSession,hObject);
-}
-
-
-/* FC_GetObjectSize gets the size of an object in bytes. */
- CK_RV FC_GetObjectSize(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pusSize) {
- PK11_FIPSCHECK();
- return NSC_GetObjectSize(hSession, hObject, pusSize);
-}
-
-
-/* FC_GetAttributeValue obtains the value of one or more object attributes. */
- CK_RV FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
- PK11_FIPSCHECK();
- return NSC_GetAttributeValue(hSession,hObject,pTemplate,usCount);
-}
-
-
-/* FC_SetAttributeValue modifies the value of one or more object attributes */
- CK_RV FC_SetAttributeValue (CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
- PK11_FIPSCHECK();
- return NSC_SetAttributeValue(hSession,hObject,pTemplate,usCount);
-}
-
-
-
-/* FC_FindObjectsInit initializes a search for token and session objects
- * that match a template. */
- CK_RV FC_FindObjectsInit(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
- PK11_FIPSCHECK();
- return NSC_FindObjectsInit(hSession,pTemplate,usCount);
-}
-
-
-/* FC_FindObjects continues a search for token and session objects
- * that match a template, obtaining additional object handles. */
- CK_RV FC_FindObjects(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount,
- CK_ULONG_PTR pusObjectCount) {
- PK11_FIPSCHECK();
- return NSC_FindObjects(hSession,phObject,usMaxObjectCount,
- pusObjectCount);
-}
-
-
-/*
- ************** Crypto Functions: Encrypt ************************
- */
-
-/* FC_EncryptInit initializes an encryption operation. */
- CK_RV FC_EncryptInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_EncryptInit(hSession,pMechanism,hKey);
-}
-
-/* FC_Encrypt encrypts single-part data. */
- CK_RV FC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pusEncryptedDataLen) {
- PK11_FIPSCHECK();
- return NSC_Encrypt(hSession,pData,usDataLen,pEncryptedData,
- pusEncryptedDataLen);
-}
-
-
-/* FC_EncryptUpdate continues a multiple-part encryption operation. */
- CK_RV FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pusEncryptedPartLen) {
- PK11_FIPSCHECK();
- return NSC_EncryptUpdate(hSession,pPart,usPartLen,pEncryptedPart,
- pusEncryptedPartLen);
-}
-
-
-/* FC_EncryptFinal finishes a multiple-part encryption operation. */
- CK_RV FC_EncryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen) {
-
- PK11_FIPSCHECK();
- return NSC_EncryptFinal(hSession,pLastEncryptedPart,
- pusLastEncryptedPartLen);
-}
-
-/*
- ************** Crypto Functions: Decrypt ************************
- */
-
-
-/* FC_DecryptInit initializes a decryption operation. */
- CK_RV FC_DecryptInit( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_DecryptInit(hSession,pMechanism,hKey);
-}
-
-/* FC_Decrypt decrypts encrypted data in a single part. */
- CK_RV FC_Decrypt(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData,
- CK_ULONG_PTR pusDataLen) {
- PK11_FIPSCHECK();
- return NSC_Decrypt(hSession,pEncryptedData,usEncryptedDataLen,pData,
- pusDataLen);
-}
-
-
-/* FC_DecryptUpdate continues a multiple-part decryption operation. */
- CK_RV FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
- CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen) {
- PK11_FIPSCHECK();
- return NSC_DecryptUpdate(hSession,pEncryptedPart,usEncryptedPartLen,
- pPart,pusPartLen);
-}
-
-
-/* FC_DecryptFinal finishes a multiple-part decryption operation. */
- CK_RV FC_DecryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen) {
- PK11_FIPSCHECK();
- return NSC_DecryptFinal(hSession,pLastPart,pusLastPartLen);
-}
-
-
-/*
- ************** Crypto Functions: Digest (HASH) ************************
- */
-
-/* FC_DigestInit initializes a message-digesting operation. */
- CK_RV FC_DigestInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism) {
- PK11_FIPSFATALCHECK();
- return NSC_DigestInit(hSession, pMechanism);
-}
-
-
-/* FC_Digest digests data in a single part. */
- CK_RV FC_Digest(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pusDigestLen) {
- PK11_FIPSFATALCHECK();
- return NSC_Digest(hSession,pData,usDataLen,pDigest,pusDigestLen);
-}
-
-
-/* FC_DigestUpdate continues a multiple-part message-digesting operation. */
- CK_RV FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG usPartLen) {
- PK11_FIPSFATALCHECK();
- return NSC_DigestUpdate(hSession,pPart,usPartLen);
-}
-
-
-/* FC_DigestFinal finishes a multiple-part message-digesting operation. */
- CK_RV FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pusDigestLen) {
- PK11_FIPSFATALCHECK();
- return NSC_DigestFinal(hSession,pDigest,pusDigestLen);
-}
-
-
-/*
- ************** Crypto Functions: Sign ************************
- */
-
-/* FC_SignInit initializes a signature (private key encryption) operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_SignInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_SignInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_Sign(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pusSignatureLen) {
- PK11_FIPSCHECK();
- return NSC_Sign(hSession,pData,usDataLen,pSignature,pusSignatureLen);
-}
-
-
-/* FC_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG usPartLen) {
- PK11_FIPSCHECK();
- return NSC_SignUpdate(hSession,pPart,usPartLen);
-}
-
-
-/* FC_SignFinal finishes a multiple-part signature operation,
- * returning the signature. */
- CK_RV FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pusSignatureLen) {
- PK11_FIPSCHECK();
- return NSC_SignFinal(hSession,pSignature,pusSignatureLen);
-}
-
-/*
- ************** Crypto Functions: Sign Recover ************************
- */
-/* FC_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
- CK_RV FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_SignRecoverInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
- CK_RV FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen) {
- PK11_FIPSCHECK();
- return NSC_SignRecover(hSession,pData,usDataLen,pSignature,pusSignatureLen);
-}
-
-/*
- ************** Crypto Functions: verify ************************
- */
-
-/* FC_VerifyInit initializes a verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
- CK_RV FC_VerifyInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_VerifyInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen) {
- /* make sure we're legal */
- PK11_FIPSCHECK();
- return NSC_Verify(hSession,pData,usDataLen,pSignature,usSignatureLen);
-}
-
-
-/* FC_VerifyUpdate continues a multiple-part verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
- CK_RV FC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG usPartLen) {
- PK11_FIPSCHECK();
- return NSC_VerifyUpdate(hSession,pPart,usPartLen);
-}
-
-
-/* FC_VerifyFinal finishes a multiple-part verification operation,
- * checking the signature. */
- CK_RV FC_VerifyFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen) {
- PK11_FIPSCHECK();
- return NSC_VerifyFinal(hSession,pSignature,usSignatureLen);
-}
-
-/*
- ************** Crypto Functions: Verify Recover ************************
- */
-
-/* FC_VerifyRecoverInit initializes a signature verification operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
- CK_RV FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_VerifyRecoverInit(hSession,pMechanism,hKey);
-}
-
-
-/* FC_VerifyRecover verifies a signature in a single-part operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
- CK_RV FC_VerifyRecover(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen,
- CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen) {
- PK11_FIPSCHECK();
- return NSC_VerifyRecover(hSession,pSignature,usSignatureLen,pData,
- pusDataLen);
-}
-
-/*
- **************************** Key Functions: ************************
- */
-
-/* FC_GenerateKey generates a secret key, creating a new key object. */
- CK_RV FC_GenerateKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- CK_BBOOL *boolptr;
-
- PK11_FIPSCHECK();
-
- /* all secret keys must be sensitive, if the upper level code tries to say
- * otherwise, reject it. */
- boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate, ulCount, CKA_SENSITIVE);
- if (boolptr != NULL) {
- if (!(*boolptr)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- }
-
- return NSC_GenerateKey(hSession,pMechanism,pTemplate,ulCount,phKey);
-}
-
-
-/* FC_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
- CK_RV FC_GenerateKeyPair (CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG usPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG usPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
- CK_OBJECT_HANDLE_PTR phPrivateKey) {
- CK_BBOOL *boolptr;
-
- PK11_FIPSCHECK();
-
- /* all private keys must be sensitive, if the upper level code tries to say
- * otherwise, reject it. */
- boolptr = (CK_BBOOL *) fc_getAttribute(pPrivateKeyTemplate,
- usPrivateKeyAttributeCount, CKA_SENSITIVE);
- if (boolptr != NULL) {
- if (!(*boolptr)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- }
- return NSC_GenerateKeyPair (hSession,pMechanism,pPublicKeyTemplate,
- usPublicKeyAttributeCount,pPrivateKeyTemplate,
- usPrivateKeyAttributeCount,phPublicKey,phPrivateKey);
-}
-
-
-/* FC_WrapKey wraps (i.e., encrypts) a key. */
- CK_RV FC_WrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pusWrappedKeyLen) {
- PK11_FIPSCHECK();
- return NSC_WrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
- pusWrappedKeyLen);
-}
-
-
-/* FC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
- CK_RV FC_UnwrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey, CK_ULONG usWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- CK_BBOOL *boolptr;
-
- PK11_FIPSCHECK();
-
- /* all secret keys must be sensitive, if the upper level code tries to say
- * otherwise, reject it. */
- boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
- usAttributeCount, CKA_SENSITIVE);
- if (boolptr != NULL) {
- if (!(*boolptr)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- }
- return NSC_UnwrapKey(hSession,pMechanism,hUnwrappingKey,pWrappedKey,
- usWrappedKeyLen,pTemplate,usAttributeCount,phKey);
-}
-
-
-/* FC_DeriveKey derives a key from a base key, creating a new key object. */
- CK_RV FC_DeriveKey( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey) {
- CK_BBOOL *boolptr;
-
- PK11_FIPSCHECK();
-
- /* all secret keys must be sensitive, if the upper level code tries to say
- * otherwise, reject it. */
- boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
- usAttributeCount, CKA_SENSITIVE);
- if (boolptr != NULL) {
- if (!(*boolptr)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- }
- return NSC_DeriveKey(hSession,pMechanism,hBaseKey,pTemplate,
- usAttributeCount, phKey);
-}
-
-/*
- **************************** Radom Functions: ************************
- */
-
-/* FC_SeedRandom mixes additional seed material into the token's random number
- * generator. */
- CK_RV FC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
- CK_ULONG usSeedLen) {
- CK_RV crv;
-
- PK11_FIPSFATALCHECK();
- crv = NSC_SeedRandom(hSession,pSeed,usSeedLen);
- if (crv != CKR_OK) {
- fatalError = PR_TRUE;
- }
- return crv;
-}
-
-
-/* FC_GenerateRandom generates random data. */
- CK_RV FC_GenerateRandom(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData, CK_ULONG usRandomLen) {
- CK_RV crv;
-
- PK11_FIPSFATALCHECK();
- crv = NSC_GenerateRandom(hSession,pRandomData,usRandomLen);
- if (crv != CKR_OK) {
- fatalError = PR_TRUE;
- }
- return crv;
-}
-
-
-/* FC_GetFunctionStatus obtains an updated status of a function running
- * in parallel with an application. */
- CK_RV FC_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
- PK11_FIPSCHECK();
- return NSC_GetFunctionStatus(hSession);
-}
-
-
-/* FC_CancelFunction cancels a function running in parallel */
- CK_RV FC_CancelFunction(CK_SESSION_HANDLE hSession) {
- PK11_FIPSCHECK();
- return NSC_CancelFunction(hSession);
-}
-
-/*
- **************************** Version 1.1 Functions: ************************
- */
-
-/* FC_GetOperationState saves the state of the cryptographic
- *operation in a session. */
-CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) {
- PK11_FIPSFATALCHECK();
- return NSC_GetOperationState(hSession,pOperationState,pulOperationStateLen);
-}
-
-
-/* FC_SetOperationState restores the state of the cryptographic operation
- * in a session. */
-CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) {
- PK11_FIPSFATALCHECK();
- return NSC_SetOperationState(hSession,pOperationState,ulOperationStateLen,
- hEncryptionKey,hAuthenticationKey);
-}
-
-/* FC_FindObjectsFinal finishes a search for token and session objects. */
-CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
- PK11_FIPSCHECK();
- return NSC_FindObjectsFinal(hSession);
-}
-
-
-/* Dual-function cryptographic operations */
-
-/* FC_DigestEncryptUpdate continues a multiple-part digesting and encryption
- * operation. */
-CK_RV FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen) {
- PK11_FIPSCHECK();
- return NSC_DigestEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
- pulEncryptedPartLen);
-}
-
-
-/* FC_DecryptDigestUpdate continues a multiple-part decryption and digesting
- * operation. */
-CK_RV FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) {
-
- PK11_FIPSCHECK();
- return NSC_DecryptDigestUpdate(hSession, pEncryptedPart,ulEncryptedPartLen,
- pPart,pulPartLen);
-}
-
-/* FC_SignEncryptUpdate continues a multiple-part signing and encryption
- * operation. */
-CK_RV FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen) {
-
- PK11_FIPSCHECK();
- return NSC_SignEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
- pulEncryptedPartLen);
-}
-
-/* FC_DecryptVerifyUpdate continues a multiple-part decryption and verify
- * operation. */
-CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) {
-
- PK11_FIPSCHECK();
- return NSC_DecryptVerifyUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
- pData,pulDataLen);
-}
-
-
-/* FC_DigestKey continues a multi-part message-digesting operation,
- * by digesting the value of a secret key as part of the data already digested.
- */
-CK_RV FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) {
- PK11_FIPSCHECK();
- return NSC_DigestKey(hSession,hKey);
-}
-
-
-CK_RV FC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved)
-{
- return NSC_WaitForSlotEvent(flags, pSlot, pReserved);
-}
diff --git a/security/nss/lib/softoken/keydb.c b/security/nss/lib/softoken/keydb.c
deleted file mode 100644
index 059115741..000000000
--- a/security/nss/lib/softoken/keydb.c
+++ /dev/null
@@ -1,2563 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * Private Key Database code
- *
- * $Id$
- */
-
-#include "lowkeyi.h"
-#include "seccomon.h"
-#include "sechash.h"
-#include "secder.h"
-#include "secasn1.h"
-#include "secoid.h"
-#include "blapi.h"
-#include "secitem.h"
-#include "pcert.h"
-#include "mcom_db.h"
-#include "lowpbe.h"
-#include "secerr.h"
-
-#include "keydbi.h"
-
-/*
- * Record keys for keydb
- */
-#define SALT_STRING "global-salt"
-#define VERSION_STRING "Version"
-#define KEYDB_PW_CHECK_STRING "password-check"
-#define KEYDB_PW_CHECK_LEN 14
-#define KEYDB_FAKE_PW_CHECK_STRING "fake-password-check"
-#define KEYDB_FAKE_PW_CHECK_LEN 19
-
-/* Size of the global salt for key database */
-#define SALT_LENGTH 16
-
-/* ASN1 Templates for new decoder/encoder */
-const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSLOWKEYPrivateKeyInfo) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSLOWKEYPrivateKeyInfo,version) },
- { SEC_ASN1_INLINE,
- offsetof(NSSLOWKEYPrivateKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSLOWKEYPrivateKeyInfo,privateKey) },
- { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_PointerToPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_POINTER, 0, nsslowkey_PrivateKeyInfoTemplate }
-};
-
-const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSLOWKEYEncryptedPrivateKeyInfo) },
- { SEC_ASN1_INLINE,
- offsetof(NSSLOWKEYEncryptedPrivateKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSLOWKEYEncryptedPrivateKeyInfo,encryptedData) },
- { 0 }
-};
-
-const SEC_ASN1Template nsslowkey_PointerToEncryptedPrivateKeyInfoTemplate[] = {
- { SEC_ASN1_POINTER, 0, nsslowkey_EncryptedPrivateKeyInfoTemplate }
-};
-
-
-/* ====== Default key databse encryption algorithm ====== */
-
-static SECOidTag defaultKeyDBAlg = SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC;
-
-/*
- * Default algorithm for encrypting data in the key database
- */
-SECOidTag
-nsslowkey_GetDefaultKeyDBAlg(void)
-{
- return(defaultKeyDBAlg);
-}
-
-void
-nsslowkey_SetDefaultKeyDBAlg(SECOidTag alg)
-{
- defaultKeyDBAlg = alg;
-
- return;
-}
-
-static void
-sec_destroy_dbkey(NSSLOWKEYDBKey *dbkey)
-{
- if ( dbkey && dbkey->arena ) {
- PORT_FreeArena(dbkey->arena, PR_FALSE);
- }
-}
-
-static void
-free_dbt(DBT *dbt)
-{
- if ( dbt ) {
- PORT_Free(dbt->data);
- PORT_Free(dbt);
- }
-
- return;
-}
-
-/*
- * format of key database entries for version 3 of database:
- * byte offset field
- * ----------- -----
- * 0 version
- * 1 salt-len
- * 2 nn-len
- * 3.. salt-data
- * ... nickname
- * ... encrypted-key-data
- */
-static DBT *
-encode_dbkey(NSSLOWKEYDBKey *dbkey,unsigned char version)
-{
- DBT *bufitem = NULL;
- unsigned char *buf;
- int nnlen;
- char *nn;
-
- bufitem = (DBT *)PORT_ZAlloc(sizeof(DBT));
- if ( bufitem == NULL ) {
- goto loser;
- }
-
- if ( dbkey->nickname ) {
- nn = dbkey->nickname;
- nnlen = PORT_Strlen(nn) + 1;
- } else {
- nn = "";
- nnlen = 1;
- }
-
- /* compute the length of the record */
- /* 1 + 1 + 1 == version number header + salt length + nn len */
- bufitem->size = dbkey->salt.len + nnlen + dbkey->derPK.len + 1 + 1 + 1;
-
- bufitem->data = (void *)PORT_ZAlloc(bufitem->size);
- if ( bufitem->data == NULL ) {
- goto loser;
- }
-
- buf = (unsigned char *)bufitem->data;
-
- /* set version number */
- buf[0] = version;
-
- /* set length of salt */
- PORT_Assert(dbkey->salt.len < 256);
- buf[1] = dbkey->salt.len;
-
- /* set length of nickname */
- PORT_Assert(nnlen < 256);
- buf[2] = nnlen;
-
- /* copy salt */
- PORT_Memcpy(&buf[3], dbkey->salt.data, dbkey->salt.len);
-
- /* copy nickname */
- PORT_Memcpy(&buf[3 + dbkey->salt.len], nn, nnlen);
-
- /* copy encrypted key */
- PORT_Memcpy(&buf[3 + dbkey->salt.len + nnlen], dbkey->derPK.data,
- dbkey->derPK.len);
-
- return(bufitem);
-
-loser:
- if ( bufitem ) {
- free_dbt(bufitem);
- }
-
- return(NULL);
-}
-
-static NSSLOWKEYDBKey *
-decode_dbkey(DBT *bufitem, int expectedVersion)
-{
- NSSLOWKEYDBKey *dbkey;
- PLArenaPool *arena = NULL;
- unsigned char *buf;
- int version;
- int keyoff;
- int nnlen;
- int saltoff;
-
- buf = (unsigned char *)bufitem->data;
-
- version = buf[0];
-
- if ( version != expectedVersion ) {
- goto loser;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYDBKey));
- if ( dbkey == NULL ) {
- goto loser;
- }
-
- dbkey->arena = arena;
- dbkey->salt.data = NULL;
- dbkey->derPK.data = NULL;
-
- dbkey->salt.len = buf[1];
- dbkey->salt.data = (unsigned char *)PORT_ArenaZAlloc(arena, dbkey->salt.len);
- if ( dbkey->salt.data == NULL ) {
- goto loser;
- }
-
- saltoff = 2;
- keyoff = 2 + dbkey->salt.len;
-
- if ( expectedVersion >= 3 ) {
- nnlen = buf[2];
- if ( nnlen ) {
- dbkey->nickname = (char *)PORT_ArenaZAlloc(arena, nnlen + 1);
- if ( dbkey->nickname ) {
- PORT_Memcpy(dbkey->nickname, &buf[keyoff+1], nnlen);
- }
- }
- keyoff += ( nnlen + 1 );
- saltoff = 3;
- }
-
- PORT_Memcpy(dbkey->salt.data, &buf[saltoff], dbkey->salt.len);
-
- dbkey->derPK.len = bufitem->size - keyoff;
- dbkey->derPK.data = (unsigned char *)PORT_ArenaZAlloc(arena,dbkey->derPK.len);
- if ( dbkey->derPK.data == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(dbkey->derPK.data, &buf[keyoff], dbkey->derPK.len);
-
- return(dbkey);
-
-loser:
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-static NSSLOWKEYDBKey *
-get_dbkey(NSSLOWKEYDBHandle *handle, DBT *index)
-{
- NSSLOWKEYDBKey *dbkey;
- DBT entry;
- int ret;
-
- /* get it from the database */
- ret = (* handle->db->get)(handle->db, index, &entry, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return NULL;
- }
-
- /* set up dbkey struct */
-
- dbkey = decode_dbkey(&entry, handle->version);
-
- return(dbkey);
-}
-
-static SECStatus
-put_dbkey(NSSLOWKEYDBHandle *handle, DBT *index, NSSLOWKEYDBKey *dbkey, PRBool update)
-{
- DBT *keydata = NULL;
- int status;
-
- keydata = encode_dbkey(dbkey, handle->version);
- if ( keydata == NULL ) {
- goto loser;
- }
-
- /* put it in the database */
- if ( update ) {
- status = (* handle->db->put)(handle->db, index, keydata, 0);
- } else {
- status = (* handle->db->put)(handle->db, index, keydata,
- R_NOOVERWRITE);
- }
-
- if ( status ) {
- goto loser;
- }
-
- /* sync the database */
- status = (* handle->db->sync)(handle->db, 0);
- if ( status ) {
- goto loser;
- }
-
- free_dbt(keydata);
- return(SECSuccess);
-
-loser:
- if ( keydata ) {
- free_dbt(keydata);
- }
-
- return(SECFailure);
-}
-
-SECStatus
-nsslowkey_TraverseKeys(NSSLOWKEYDBHandle *handle,
- SECStatus (* keyfunc)(DBT *k, DBT *d, void *pdata),
- void *udata )
-{
- DBT data;
- DBT key;
- SECStatus status;
- int ret;
-
- if (handle == NULL) {
- return(SECFailure);
- }
-
- ret = (* handle->db->seq)(handle->db, &key, &data, R_FIRST);
- if ( ret ) {
- return(SECFailure);
- }
-
- do {
- /* skip version record */
- if ( data.size > 1 ) {
- if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
- if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
- continue;
- }
- }
-
- /* skip password check */
- if ( key.size == KEYDB_PW_CHECK_LEN ) {
- if ( PORT_Memcmp(key.data, KEYDB_PW_CHECK_STRING,
- KEYDB_PW_CHECK_LEN) == 0 ) {
- continue;
- }
- }
-
- status = (* keyfunc)(&key, &data, udata);
- if (status != SECSuccess) {
- return(status);
- }
- }
- } while ( (* handle->db->seq)(handle->db, &key, &data, R_NEXT) == 0 );
-
- return(SECSuccess);
-}
-
-typedef struct keyNode {
- struct keyNode *next;
- DBT key;
-} keyNode;
-
-typedef struct {
- PLArenaPool *arena;
- keyNode *head;
-} keyList;
-
-static SECStatus
-sec_add_key_to_list(DBT *key, DBT *data, void *arg)
-{
- keyList *keylist;
- keyNode *node;
- void *keydata;
-
- keylist = (keyList *)arg;
-
- /* allocate the node struct */
- node = (keyNode*)PORT_ArenaZAlloc(keylist->arena, sizeof(keyNode));
- if ( node == NULL ) {
- return(SECFailure);
- }
-
- /* allocate room for key data */
- keydata = PORT_ArenaZAlloc(keylist->arena, key->size);
- if ( keydata == NULL ) {
- return(SECFailure);
- }
-
- /* link node into list */
- node->next = keylist->head;
- keylist->head = node;
-
- /* copy key into node */
- PORT_Memcpy(keydata, key->data, key->size);
- node->key.size = key->size;
- node->key.data = keydata;
-
- return(SECSuccess);
-}
-
-static SECItem *
-decodeKeyDBGlobalSalt(DBT *saltData)
-{
- SECItem *saltitem;
-
- saltitem = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if ( saltitem == NULL ) {
- return(NULL);
- }
-
- saltitem->data = (unsigned char *)PORT_ZAlloc(saltData->size);
- if ( saltitem->data == NULL ) {
- PORT_Free(saltitem);
- return(NULL);
- }
-
- saltitem->len = saltData->size;
- PORT_Memcpy(saltitem->data, saltData->data, saltitem->len);
-
- return(saltitem);
-}
-
-static SECItem *
-GetKeyDBGlobalSalt(NSSLOWKEYDBHandle *handle)
-{
- DBT saltKey;
- DBT saltData;
- int ret;
-
- saltKey.data = SALT_STRING;
- saltKey.size = sizeof(SALT_STRING) - 1;
-
- ret = (* handle->db->get)(handle->db, &saltKey, &saltData, 0);
- if ( ret ) {
- return(NULL);
- }
-
- return(decodeKeyDBGlobalSalt(&saltData));
-}
-
-static SECStatus
-makeGlobalVersion(NSSLOWKEYDBHandle *handle)
-{
- unsigned char version;
- DBT versionData;
- DBT versionKey;
- int status;
-
- version = NSSLOWKEY_DB_FILE_VERSION;
- versionData.data = &version;
- versionData.size = 1;
- versionKey.data = VERSION_STRING;
- versionKey.size = sizeof(VERSION_STRING)-1;
-
- /* put version string into the database now */
- status = (* handle->db->put)(handle->db, &versionKey, &versionData, 0);
- if ( status ) {
- return(SECFailure);
- }
- handle->version = version;
-
- return(SECSuccess);
-}
-
-
-static SECStatus
-makeGlobalSalt(NSSLOWKEYDBHandle *handle)
-{
- DBT saltKey;
- DBT saltData;
- unsigned char saltbuf[16];
- int status;
-
- saltKey.data = SALT_STRING;
- saltKey.size = sizeof(SALT_STRING) - 1;
-
- saltData.data = (void *)saltbuf;
- saltData.size = sizeof(saltbuf);
- RNG_GenerateGlobalRandomBytes(saltbuf, sizeof(saltbuf));
-
- /* put global salt into the database now */
- status = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
- if ( status ) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-static char *
-keyDBFilenameCallback(void *arg, int dbVersion)
-{
- return(PORT_Strdup((char *)arg));
-}
-
-NSSLOWKEYDBHandle *
-nsslowkey_OpenKeyDBFilename(char *dbname, PRBool readOnly)
-{
- return(nsslowkey_OpenKeyDB(readOnly, keyDBFilenameCallback,
- (void *)dbname));
-}
-
-static SECStatus
-ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem, SECItem *newpwitem,
- SECOidTag new_algorithm);
-/*
- * Second pass of updating the key db. This time we have a password.
- */
-static SECStatus
-nsslowkey_UpdateKeyDBPass2(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
- SECStatus rv;
-
- rv = ChangeKeyDBPasswordAlg(handle, pwitem, pwitem,
- nsslowkey_GetDefaultKeyDBAlg());
-
- return(rv);
-}
-
-static SECStatus
-encodePWCheckEntry(PLArenaPool *arena, SECItem *entry, SECOidTag alg,
- SECItem *encCheck);
-
-static unsigned char
-nsslowkey_version(DB *db)
-{
- DBT versionKey;
- DBT versionData;
- int ret;
- versionKey.data = VERSION_STRING;
- versionKey.size = sizeof(VERSION_STRING)-1;
-
- /* lookup version string in database */
- ret = (* db->get)( db, &versionKey, &versionData, 0 );
-
- /* error accessing the database */
- if ( ret < 0 ) {
- return 255;
- }
-
- if ( ret == 1 ) {
- return 0;
- }
- return *( (unsigned char *)versionData.data);
-}
-
-#ifdef NSS_USE_KEY4_DB
-nsslowkey_UpdateKey3DBPass1(NSSLOWKEYDBHandle *handle)
-{
- SECStatus rv;
- DBT checkKey;
- DBT checkData;
- DBT saltKey;
- DBT saltData;
- DBT key;
- DBT data;
- DBT newKey;
- unsigned char buf[SHA1_LENGTH];
- unsigned char version;
- SECItem *rc4key = NULL;
- NSSLOWKEYDBKey *dbkey = NULL;
- SECItem *oldSalt = NULL;
- int ret;
- SECItem checkitem;
-
- if ( handle->updatedb == NULL ) {
- return(SECSuccess);
- }
-
- /*
- * check the version record
- */
- version = nsslowkey_version(handle->updatedb);
- if (version != 3) {
- goto done;
- }
-
- saltKey.data = SALT_STRING;
- saltKey.size = sizeof(SALT_STRING) - 1;
-
- ret = (* handle->updatedb->get)(handle->updatedb, &saltKey, &saltData, 0);
- if ( ret ) {
- /* no salt in old db, so it is corrupted */
- goto done;
- }
-
- oldSalt = decodeKeyDBGlobalSalt(&saltData);
- if ( oldSalt == NULL ) {
- /* bad salt in old db, so it is corrupted */
- goto done;
- }
-
- /*
- * look for a pw check entry
- */
- checkKey.data = KEYDB_PW_CHECK_STRING;
- checkKey.size = KEYDB_PW_CHECK_LEN;
-
- ret = (* handle->updatedb->get)(handle->updatedb, &checkKey,
- &checkData, 0 );
- if (ret) {
- checkKey.data = KEYDB_FAKE_PW_CHECK_STRING;
- checkKey.size = KEYDB_FAKE_PW_CHECK_LEN;
- ret = (* handle->updatedb->get)(handle->updatedb, &checkKey,
- &checkData, 0 );
- if (ret) {
- goto done;
- }
- }
-
- /* put global salt into the new database now */
- ret = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
- if ( ret ) {
- goto done;
- }
-
- if (checkKey.size == KEYDB_PW_CHECK_LEN) {
- dbkey = decode_dbkey(&checkData, 3);
- if ( dbkey == NULL ) {
- goto done;
- }
- rv = put_dbkey(handle, &checkKey, dbkey, PR_FALSE);
- ret = (rv != SECSuccess);
- } else {
- ret = (* handle->db->put)(handle->db, &checkKey, &checkData, 0);
- }
- if ( ret ) {
- goto done;
- }
-
- /* now traverse the database */
- ret = (* handle->updatedb->seq)(handle->updatedb, &key, &data, R_FIRST);
- if ( ret ) {
- goto done;
- }
-
- do {
-
- /* skip version record */
- if ( data.size > 1 ) {
- /* skip salt */
- if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
- if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
- continue;
- }
- }
- /* skip pw check entry */
- if ( key.size == checkKey.size ) {
- if ( PORT_Memcmp(key.data, checkKey.data, key.size) == 0 ) {
- continue;
- }
- }
- dbkey = decode_dbkey(&data, 3);
- if ( dbkey == NULL ) {
- continue;
- }
- SHA1_HashBuf(buf,key.data,key.size);
- newKey.data = buf;
- newKey.size = SHA1_LENGTH;
-
- rv = put_dbkey(handle, &newKey, dbkey, PR_FALSE);
-
- sec_destroy_dbkey(dbkey);
-
- }
- } while ( (* handle->updatedb->seq)(handle->updatedb, &key, &data,
- R_NEXT) == 0 );
-
-done:
- /* sync the database */
- ret = (* handle->db->sync)(handle->db, 0);
-
- (* handle->updatedb->close)(handle->updatedb);
- handle->updatedb = NULL;
-
- if ( oldSalt ) {
- SECITEM_FreeItem(oldSalt, PR_TRUE);
- }
- return(SECSuccess);
-}
-#endif
-
-/*
- * currently updates key database from v2 to v3
- */
-static SECStatus
-nsslowkey_UpdateKeyDBPass1(NSSLOWKEYDBHandle *handle)
-{
- SECStatus rv;
- DBT checkKey;
- DBT checkData;
- DBT saltKey;
- DBT saltData;
- DBT key;
- DBT data;
- unsigned char version;
- SECItem *rc4key = NULL;
- NSSLOWKEYDBKey *dbkey = NULL;
- SECItem *oldSalt = NULL;
- int ret;
- SECItem checkitem;
-
- if ( handle->updatedb == NULL ) {
- return(SECSuccess);
- }
-
- /*
- * check the version record
- */
- version = nsslowkey_version(handle->updatedb);
- if (version != 2) {
- goto done;
- }
-
- saltKey.data = SALT_STRING;
- saltKey.size = sizeof(SALT_STRING) - 1;
-
- ret = (* handle->updatedb->get)(handle->updatedb, &saltKey, &saltData, 0);
- if ( ret ) {
- /* no salt in old db, so it is corrupted */
- goto done;
- }
-
- oldSalt = decodeKeyDBGlobalSalt(&saltData);
- if ( oldSalt == NULL ) {
- /* bad salt in old db, so it is corrupted */
- goto done;
- }
-
- /*
- * look for a pw check entry
- */
- checkKey.data = KEYDB_PW_CHECK_STRING;
- checkKey.size = KEYDB_PW_CHECK_LEN;
-
- ret = (* handle->updatedb->get)(handle->updatedb, &checkKey,
- &checkData, 0 );
- if (ret) {
- /*
- * if we have a key, but no KEYDB_PW_CHECK_STRING, then this must
- * be an old server database, and it does have a password associated
- * with it. Put a fake entry in so we can identify this db when we do
- * get the password for it.
- */
- if (seckey_HasAServerKey(handle->updatedb)) {
- DBT fcheckKey;
- DBT fcheckData;
-
- /*
- * include a fake string
- */
- fcheckKey.data = KEYDB_FAKE_PW_CHECK_STRING;
- fcheckKey.size = KEYDB_FAKE_PW_CHECK_LEN;
- fcheckData.data = "1";
- fcheckData.size = 1;
- /* put global salt into the new database now */
- ret = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
- if ( ret ) {
- goto done;
- }
- ret = (* handle->db->put)( handle->db, &fcheckKey, &fcheckData, 0);
- if ( ret ) {
- goto done;
- }
- } else {
- goto done;
- }
- } else {
- /* put global salt into the new database now */
- ret = (* handle->db->put)( handle->db, &saltKey, &saltData, 0);
- if ( ret ) {
- goto done;
- }
-
- dbkey = decode_dbkey(&checkData, 2);
- if ( dbkey == NULL ) {
- goto done;
- }
- checkitem = dbkey->derPK;
- dbkey->derPK.data = NULL;
-
- /* format the new pw check entry */
- rv = encodePWCheckEntry(NULL, &dbkey->derPK, SEC_OID_RC4, &checkitem);
- if ( rv != SECSuccess ) {
- goto done;
- }
-
- rv = put_dbkey(handle, &checkKey, dbkey, PR_TRUE);
- if ( rv != SECSuccess ) {
- goto done;
- }
-
- /* free the dbkey */
- sec_destroy_dbkey(dbkey);
- dbkey = NULL;
- }
-
-
- /* now traverse the database */
- ret = (* handle->updatedb->seq)(handle->updatedb, &key, &data, R_FIRST);
- if ( ret ) {
- goto done;
- }
-
- do {
- /* skip version record */
- if ( data.size > 1 ) {
- /* skip salt */
- if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
- if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
- continue;
- }
- }
- /* skip pw check entry */
- if ( key.size == checkKey.size ) {
- if ( PORT_Memcmp(key.data, checkKey.data, key.size) == 0 ) {
- continue;
- }
- }
-
- /* keys stored by nickname will have 0 as the last byte of the
- * db key. Other keys must be stored by modulus. We will not
- * update those because they are left over from a keygen that
- * never resulted in a cert.
- */
- if ( ((unsigned char *)key.data)[key.size-1] != 0 ) {
- continue;
- }
-
- dbkey = decode_dbkey(&data, 2);
- if ( dbkey == NULL ) {
- continue;
- }
-
- /* This puts the key into the new database with the same
- * index (nickname) that it had before. The second pass
- * of the update will have the password. It will decrypt
- * and re-encrypt the entries using a new algorithm.
- */
- dbkey->nickname = (char *)key.data;
- rv = put_dbkey(handle, &key, dbkey, PR_FALSE);
- dbkey->nickname = NULL;
-
- sec_destroy_dbkey(dbkey);
- }
- } while ( (* handle->updatedb->seq)(handle->updatedb, &key, &data,
- R_NEXT) == 0 );
-
- dbkey = NULL;
-
-done:
- /* sync the database */
- ret = (* handle->db->sync)(handle->db, 0);
-
- (* handle->updatedb->close)(handle->updatedb);
- handle->updatedb = NULL;
-
- if ( rc4key ) {
- SECITEM_FreeItem(rc4key, PR_TRUE);
- }
-
- if ( oldSalt ) {
- SECITEM_FreeItem(oldSalt, PR_TRUE);
- }
-
- if ( dbkey ) {
- sec_destroy_dbkey(dbkey);
- }
-
- return(SECSuccess);
-}
-
-
-
-
-NSSLOWKEYDBHandle *
-nsslowkey_OpenKeyDB(PRBool readOnly, NSSLOWKEYDBNameFunc namecb, void *cbarg)
-{
- NSSLOWKEYDBHandle *handle;
- int ret;
- SECStatus rv;
- int openflags;
- char *dbname = NULL;
- PRBool updated = PR_FALSE;
-
- handle = (NSSLOWKEYDBHandle *)PORT_ZAlloc (sizeof(NSSLOWKEYDBHandle));
- if (handle == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- if ( readOnly ) {
- openflags = O_RDONLY;
- } else {
- openflags = O_RDWR;
- }
-
- dbname = (*namecb)(cbarg, NSSLOWKEY_DB_FILE_VERSION);
- if ( dbname == NULL ) {
- goto loser;
- }
-
- handle->dbname = PORT_Strdup(dbname);
- handle->readOnly = readOnly;
-
- handle->db = dbopen( dbname, openflags, 0600, DB_HASH, 0 );
-
- /* check for correct version number */
- if (handle->db != NULL) {
- handle->version = nsslowkey_version(handle->db);
- if (handle->version == 255) {
- goto loser;
- }
- if (handle->version != NSSLOWKEY_DB_FILE_VERSION ) {
- /* bogus version number record, reset the database */
- (* handle->db->close)( handle->db );
- handle->db = NULL;
-
- goto newdb;
- }
-
- }
-
-newdb:
-
- /* if first open fails, try to create a new DB */
- if ( handle->db == NULL ) {
-#ifdef NSS_USE_KEY4_DB
- char *dbname3 = (*namecb)(cbarg, 3);
-
- if ( readOnly ) {
- if (dbname3 == NULL) {
- goto loser;
- }
- handle->db = dbopen( dbname3, O_RDONLY, 0600, DB_HASH, 0 );
- PORT_Free(handle->dbname);
- handle->dbname = dbname3;
- dbname3 = NULL;
- if (handle->db == NULL) {
- goto loser;
- }
- handle->version = nsslowkey_version(handle->db);
- if (handle->version != 3) {
- /* bogus version number record, reset the database */
- (* handle->db->close)( handle->db );
- handle->db = NULL;
- goto loser;
- }
- goto done;
- }
-#else
- if ( readOnly ) {
- goto loser;
- }
-#endif
-
- handle->db = dbopen( dbname,
- O_RDWR | O_CREAT | O_TRUNC, 0600, DB_HASH, 0 );
-
- PORT_Free( dbname );
- dbname = NULL;
-
- /* if create fails then we lose */
- if ( handle->db == NULL ) {
- goto loser;
- }
-
- rv = makeGlobalVersion(handle);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
-#ifdef NSS_USE_KEY4_DB
- handle->updatedb = dbopen( dbname3, O_RDONLY, 0600, DB_HASH, 0 );
- PORT_Free(dbname3);
- dbname3 = NULL;
- if (handle->updatedb) {
- /*
- * copy the key data, all the real work happens in pass2
- */
- rv = nsslowkey_UpdateKey3DBPass1(handle);
- if ( rv == SECSuccess ) {
- updated = PR_TRUE;
- }
- goto skip_v2_db;
- }
-#endif /* NSS_USE_KEY4_DB */
- /*
- * try to update from v2 db
- */
- dbname = (*namecb)(cbarg, 2);
- if ( dbname != NULL ) {
- handle->updatedb = dbopen( dbname, O_RDONLY, 0600, DB_HASH, 0 );
- PORT_Free( dbname );
- dbname = NULL;
-
- if ( handle->updatedb ) {
- /*
- * Try to update the db using a null password. If the db
- * doesn't have a password, then this will work. If it does
- * have a password, then this will fail and we will do the
- * update later
- */
- rv = nsslowkey_UpdateKeyDBPass1(handle);
- if ( rv == SECSuccess ) {
- updated = PR_TRUE;
- }
- }
-
- }
-
-skip_v2_db:
- /* we are using the old salt if we updated from an old db */
- if ( ! updated ) {
- rv = makeGlobalSalt(handle);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- /* sync the database */
- ret = (* handle->db->sync)(handle->db, 0);
- if ( ret ) {
- goto loser;
- }
- }
-
-done:
- handle->global_salt = GetKeyDBGlobalSalt(handle);
- if ( dbname )
- PORT_Free( dbname );
- return handle;
-
-loser:
-
- if ( dbname )
- PORT_Free( dbname );
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
-
- if ( handle->db ) {
- (* handle->db->close)(handle->db);
- }
- if ( handle->updatedb ) {
- (* handle->updatedb->close)(handle->updatedb);
- }
- PORT_Free(handle);
- return NULL;
-}
-
-/*
- * Close the database
- */
-void
-nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle)
-{
- if (handle != NULL) {
- if (handle->db != NULL) {
- (* handle->db->close)(handle->db);
- }
- if (handle->dbname) PORT_Free(handle->dbname);
- if (handle->global_salt) {
- SECITEM_FreeItem(handle->global_salt,PR_TRUE);
- }
-
- PORT_Free(handle);
- }
-}
-
-/* Get the key database version */
-int
-nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle)
-{
- PORT_Assert(handle != NULL);
-
- return handle->version;
-}
-
-/*
- * Delete a private key that was stored in the database
- */
-SECStatus
-nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle, SECItem *pubkey)
-{
- DBT namekey;
- int ret;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
- }
-
- /* set up db key and data */
- namekey.data = pubkey->data;
- namekey.size = pubkey->len;
-
- /* delete it from the database */
- ret = (* handle->db->del)(handle->db, &namekey, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
- }
-
- /* sync the database */
- ret = (* handle->db->sync)(handle->db, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-/*
- * Store a key in the database, indexed by its public key modulus.(value!)
- */
-SECStatus
-nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg)
-{
- return nsslowkey_StoreKeyByPublicKeyAlg(handle, privkey, pubKeyData,
- nickname, arg, nsslowkey_GetDefaultKeyDBAlg(),PR_FALSE);
-}
-
-SECStatus
-nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg)
-{
- return nsslowkey_StoreKeyByPublicKeyAlg(handle, privkey, pubKeyData,
- nickname, arg, nsslowkey_GetDefaultKeyDBAlg(),PR_TRUE);
-}
-
-/* see if the public key for this cert is in the database filed
- * by modulus
- */
-PRBool
-nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle, NSSLOWCERTCertificate *cert)
-{
- NSSLOWKEYPublicKey *pubkey = NULL;
- DBT namekey;
- DBT dummy;
- int status;
-
- /* get cert's public key */
- pubkey = nsslowcert_ExtractPublicKey(cert);
- if ( pubkey == NULL ) {
- return PR_FALSE;
- }
-
- /* TNH - make key from NSSLOWKEYPublicKey */
- switch (pubkey->keyType) {
- case NSSLOWKEYRSAKey:
- namekey.data = pubkey->u.rsa.modulus.data;
- namekey.size = pubkey->u.rsa.modulus.len;
- break;
- case NSSLOWKEYDSAKey:
- namekey.data = pubkey->u.dsa.publicValue.data;
- namekey.size = pubkey->u.dsa.publicValue.len;
- break;
- case NSSLOWKEYDHKey:
- namekey.data = pubkey->u.dh.publicValue.data;
- namekey.size = pubkey->u.dh.publicValue.len;
- break;
- default:
- /* XXX We don't do Fortezza or DH yet. */
- return PR_FALSE;
- }
-
- if (handle->version != 3) {
- unsigned char buf[SHA1_LENGTH];
- SHA1_HashBuf(buf,namekey.data,namekey.size);
- /* NOTE: don't use pubkey after this! it's now thrashed */
- PORT_Memcpy(namekey.data,buf,sizeof(buf));
- namekey.size = sizeof(buf);
- }
-
- status = (* handle->db->get)(handle->db, &namekey, &dummy, 0);
- nsslowkey_DestroyPublicKey(pubkey);
- if ( status ) {
- return PR_FALSE;
- }
-
- return PR_TRUE;
-}
-
-/*
- * check to see if the user has a password
- */
-SECStatus
-nsslowkey_HasKeyDBPassword(NSSLOWKEYDBHandle *handle)
-{
- DBT checkkey, checkdata;
- int ret;
-
- if (handle == NULL) {
- return(SECFailure);
- }
-
- checkkey.data = KEYDB_PW_CHECK_STRING;
- checkkey.size = KEYDB_PW_CHECK_LEN;
-
- ret = (* handle->db->get)(handle->db, &checkkey, &checkdata, 0 );
- if ( ret ) {
- /* see if this was an updated DB first */
- checkkey.data = KEYDB_FAKE_PW_CHECK_STRING;
- checkkey.size = KEYDB_FAKE_PW_CHECK_LEN;
- ret = (* handle->db->get)(handle->db, &checkkey, &checkdata, 0 );
- if ( ret ) {
- return(SECFailure);
- }
- }
-
- return(SECSuccess);
-}
-
-/*
- * Set up the password checker in the key database.
- * This is done by encrypting a known plaintext with the user's key.
- */
-SECStatus
-nsslowkey_SetKeyDBPassword(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
- return nsslowkey_SetKeyDBPasswordAlg(handle, pwitem,
- nsslowkey_GetDefaultKeyDBAlg());
-}
-
-static SECStatus
-HashPassword(unsigned char *hashresult, char *pw, SECItem *salt)
-{
- SHA1Context *cx;
- unsigned int outlen;
- cx = SHA1_NewContext();
- if ( cx == NULL ) {
- return(SECFailure);
- }
-
- SHA1_Begin(cx);
- if ( ( salt != NULL ) && ( salt->data != NULL ) ) {
- SHA1_Update(cx, salt->data, salt->len);
- }
-
- SHA1_Update(cx, (unsigned char *)pw, PORT_Strlen(pw));
- SHA1_End(cx, hashresult, &outlen, SHA1_LENGTH);
-
- SHA1_DestroyContext(cx, PR_TRUE);
-
- return(SECSuccess);
-}
-
-SECItem *
-nsslowkey_HashPassword(char *pw, SECItem *salt)
-{
- SECItem *pwitem;
- SECStatus rv;
-
- pwitem = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if ( pwitem == NULL ) {
- return(NULL);
- }
- pwitem->len = SHA1_LENGTH;
- pwitem->data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
- if ( pwitem->data == NULL ) {
- PORT_Free(pwitem);
- return(NULL);
- }
- if ( pw ) {
- rv = HashPassword(pwitem->data, pw, salt);
- if ( rv != SECSuccess ) {
- SECITEM_ZfreeItem(pwitem, PR_TRUE);
- return(NULL);
- }
- }
-
- return(pwitem);
-}
-
-/* Derive the actual password value for the database from a pw string */
-SECItem *
-nsslowkey_DeriveKeyDBPassword(NSSLOWKEYDBHandle *keydb, char *pw)
-{
- PORT_Assert(keydb != NULL);
- PORT_Assert(pw != NULL);
- if (keydb == NULL || pw == NULL) return(NULL);
-
- return nsslowkey_HashPassword(pw, keydb->global_salt);
-}
-
-#if 0
-/* Appears obsolete - TNH */
-/* get the algorithm with which a private key
- * is encrypted.
- */
-SECOidTag
-seckey_get_private_key_algorithm(NSSLOWKEYDBHandle *keydb, DBT *index)
-{
- NSSLOWKEYDBKey *dbkey = NULL;
- SECOidTag algorithm = SEC_OID_UNKNOWN;
- NSSLOWKEYEncryptedPrivateKeyInfo *epki = NULL;
- PLArenaPool *poolp = NULL;
- SECStatus rv;
-
- poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(poolp == NULL)
- return (SECOidTag)SECFailure; /* TNH - this is bad */
-
- dbkey = get_dbkey(keydb, index);
- if(dbkey == NULL)
- return (SECOidTag)SECFailure;
-
- epki = (NSSLOWKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(poolp,
- sizeof(NSSLOWKEYEncryptedPrivateKeyInfo));
- if(epki == NULL)
- goto loser;
- rv = SEC_ASN1DecodeItem(poolp, epki,
- nsslowkey_EncryptedPrivateKeyInfoTemplate, &dbkey->derPK);
- if(rv == SECFailure)
- goto loser;
-
- algorithm = SECOID_GetAlgorithmTag(&epki->algorithm);
-
- /* let success fall through */
-loser:
- if(poolp != NULL)
- PORT_FreeArena(poolp, PR_TRUE);\
- if(dbkey != NULL)
- sec_destroy_dbkey(dbkey);
-
- return algorithm;
-}
-#endif
-
-/*
- * Derive an RC4 key from a password key and a salt. This
- * was the method to used to encrypt keys in the version 2?
- * database
- */
-SECItem *
-seckey_create_rc4_key(SECItem *pwitem, SECItem *salt)
-{
- MD5Context *md5 = NULL;
- unsigned int part;
- SECStatus rv = SECFailure;
- SECItem *key = NULL;
-
- key = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(key != NULL)
- {
- key->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- MD5_LENGTH);
- key->len = MD5_LENGTH;
- if(key->data != NULL)
- {
- md5 = MD5_NewContext();
- if ( md5 != NULL )
- {
- MD5_Begin(md5);
- MD5_Update(md5, salt->data, salt->len);
- MD5_Update(md5, pwitem->data, pwitem->len);
- MD5_End(md5, key->data, &part, MD5_LENGTH);
- MD5_DestroyContext(md5, PR_TRUE);
- rv = SECSuccess;
- }
- }
-
- if(rv != SECSuccess)
- {
- SECITEM_FreeItem(key, PR_TRUE);
- key = NULL;
- }
- }
-
- return key;
-}
-
-SECItem *
-seckey_create_rc4_salt(void)
-{
- SECItem *salt = NULL;
- SECStatus rv = SECFailure;
-
- salt = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(salt == NULL)
- return NULL;
-
- salt->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- SALT_LENGTH);
- if(salt->data != NULL)
- {
- salt->len = SALT_LENGTH;
- RNG_GenerateGlobalRandomBytes(salt->data, salt->len);
- rv = SECSuccess;
- }
-
- if(rv == SECFailure)
- {
- SECITEM_FreeItem(salt, PR_TRUE);
- salt = NULL;
- }
-
- return salt;
-}
-
-SECItem *
-seckey_rc4_decode(SECItem *key, SECItem *src)
-{
- SECItem *dest = NULL;
- RC4Context *ctxt = NULL;
- SECStatus rv = SECFailure;
-
- if((key == NULL) || (src == NULL))
- return NULL;
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest == NULL)
- return NULL;
-
- dest->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- (src->len + 64)); /* TNH - padding? */
- if(dest->data != NULL)
- {
- ctxt = RC4_CreateContext(key->data, key->len);
- if(ctxt != NULL)
- {
- rv = RC4_Decrypt(ctxt, dest->data, &dest->len,
- src->len + 64, src->data, src->len);
- RC4_DestroyContext(ctxt, PR_TRUE);
- }
- }
-
- if(rv == SECFailure)
- if(dest != NULL)
- {
- SECITEM_FreeItem(dest, PR_TRUE);
- dest = NULL;
- }
-
- return dest;
-}
-
-/* TNH - keydb is unused */
-/* TNH - the pwitem should be the derived key for RC4 */
-NSSLOWKEYEncryptedPrivateKeyInfo *
-seckey_encrypt_private_key(
- NSSLOWKEYPrivateKey *pk, SECItem *pwitem, NSSLOWKEYDBHandle *keydb,
- SECOidTag algorithm, SECItem **salt)
-{
- NSSLOWKEYEncryptedPrivateKeyInfo *epki = NULL;
- NSSLOWKEYPrivateKeyInfo *pki = NULL;
- SECStatus rv = SECFailure;
- PLArenaPool *temparena = NULL, *permarena = NULL;
- SECItem *der_item = NULL;
- NSSPKCS5PBEParameter *param;
- SECItem *dummy = NULL, *dest = NULL;
- SECAlgorithmID *algid;
-
- *salt = NULL;
- permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(permarena == NULL)
- return NULL;
-
- temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(temparena == NULL)
- goto loser;
-
- /* allocate structures */
- epki = (NSSLOWKEYEncryptedPrivateKeyInfo *)PORT_ArenaZAlloc(permarena,
- sizeof(NSSLOWKEYEncryptedPrivateKeyInfo));
- pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(temparena,
- sizeof(NSSLOWKEYPrivateKeyInfo));
- der_item = (SECItem *)PORT_ArenaZAlloc(temparena, sizeof(SECItem));
- if((epki == NULL) || (pki == NULL) || (der_item == NULL))
- goto loser;
-
- epki->arena = permarena;
-
- /* setup private key info */
- dummy = SEC_ASN1EncodeInteger(temparena, &(pki->version),
- NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
- if(dummy == NULL)
- goto loser;
-
- /* Encode the key, and set the algorithm (with params) */
- switch (pk->keyType) {
- case NSSLOWKEYRSAKey:
- dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
- nsslowkey_RSAPrivateKeyTemplate);
- if (dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
- SEC_OID_PKCS1_RSA_ENCRYPTION, 0);
- if (rv == SECFailure) {
- goto loser;
- }
-
- break;
- case NSSLOWKEYDSAKey:
- dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
- nsslowkey_DSAPrivateKeyTemplate);
- if (dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- dummy = SEC_ASN1EncodeItem(temparena, NULL, &pk->u.dsa.params,
- nsslowkey_PQGParamsTemplate);
- if (dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
- SEC_OID_ANSIX9_DSA_SIGNATURE, dummy);
- if (rv == SECFailure) {
- goto loser;
- }
-
- break;
- case NSSLOWKEYDHKey:
- dummy = SEC_ASN1EncodeItem(temparena, &(pki->privateKey), pk,
- nsslowkey_DHPrivateKeyTemplate);
- if (dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(temparena, &(pki->algorithm),
- SEC_OID_X942_DIFFIE_HELMAN_KEY, dummy);
- if (rv == SECFailure) {
- goto loser;
- }
- break;
- default:
- /* We don't support DH or Fortezza private keys yet */
- PORT_Assert(PR_FALSE);
- break;
- }
-
- /* setup encrypted private key info */
- dummy = SEC_ASN1EncodeItem(temparena, der_item, pki,
- nsslowkey_PrivateKeyInfoTemplate);
- if(dummy == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECFailure; /* assume failure */
- *salt = seckey_create_rc4_salt();
- if (*salt == NULL) {
- goto loser;
- }
-
- param = nsspkcs5_NewParam(algorithm,*salt,1);
- if (param == NULL) {
- goto loser;
- }
-
- dest = nsspkcs5_CipherData(param, pwitem, der_item, PR_TRUE, NULL);
- if (dest == NULL) {
- goto loser;
- }
-
- rv = SECITEM_CopyItem(permarena, &epki->encryptedData, dest);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- algid = nsspkcs5_CreateAlgorithmID(permarena, algorithm, param);
- if (algid == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECOID_CopyAlgorithmID(permarena, &epki->algorithm, algid);
- SECOID_DestroyAlgorithmID(algid, PR_TRUE);
-
-loser:
- if(dest != NULL)
- SECITEM_FreeItem(dest, PR_TRUE);
-
- if(param != NULL)
- nsspkcs5_DestroyPBEParameter(param);
-
- /* let success fall through */
-
- if(rv == SECFailure)
- {
- PORT_FreeArena(permarena, PR_TRUE);
- epki = NULL;
- if(*salt != NULL)
- SECITEM_FreeItem(*salt, PR_TRUE);
- }
-
- if(temparena != NULL)
- PORT_FreeArena(temparena, PR_TRUE);
-
- return epki;
-}
-
-static SECStatus
-seckey_put_private_key(NSSLOWKEYDBHandle *keydb, DBT *index, SECItem *pwitem,
- NSSLOWKEYPrivateKey *pk, char *nickname, PRBool update,
- SECOidTag algorithm)
-{
- NSSLOWKEYDBKey *dbkey = NULL;
- NSSLOWKEYEncryptedPrivateKeyInfo *epki = NULL;
- PLArenaPool *temparena = NULL, *permarena = NULL;
- SECItem *dummy = NULL;
- SECItem *salt = NULL;
- SECStatus rv = SECFailure;
-
- if((keydb == NULL) || (index == NULL) || (pwitem == NULL) ||
- (pk == NULL))
- return SECFailure;
-
- permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(permarena == NULL)
- return SECFailure;
-
- dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(permarena, sizeof(NSSLOWKEYDBKey));
- if(dbkey == NULL)
- goto loser;
- dbkey->arena = permarena;
- dbkey->nickname = nickname;
-
- /* TNH - for RC4, the salt should be created here */
-
- epki = seckey_encrypt_private_key(pk, pwitem, keydb, algorithm, &salt);
- if(epki == NULL)
- goto loser;
- temparena = epki->arena;
-
- if(salt != NULL)
- {
- rv = SECITEM_CopyItem(permarena, &(dbkey->salt), salt);
- SECITEM_ZfreeItem(salt, PR_TRUE);
- }
-
- dummy = SEC_ASN1EncodeItem(permarena, &(dbkey->derPK), epki,
- nsslowkey_EncryptedPrivateKeyInfoTemplate);
- if(dummy == NULL)
- rv = SECFailure;
- else
- rv = put_dbkey(keydb, index, dbkey, update);
-
- /* let success fall through */
-loser:
- if(rv != SECSuccess)
- if(permarena != NULL)
- PORT_FreeArena(permarena, PR_TRUE);
- if(temparena != NULL)
- PORT_FreeArena(temparena, PR_TRUE);
-
- return rv;
-}
-
-/*
- * Store a key in the database, indexed by its public key modulus.
- * Note that the nickname is optional. It was only used by keyutil.
- */
-SECStatus
-nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *pwitem,
- SECOidTag algorithm,
- PRBool update)
-{
- DBT namekey;
- SECStatus rv;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
- }
-
- /* set up db key and data */
- namekey.data = pubKeyData->data;
- namekey.size = pubKeyData->len;
-
- /* encrypt the private key */
- rv = seckey_put_private_key(handle, &namekey, pwitem, privkey, nickname,
- update, algorithm);
-
- return(rv);
-}
-
-NSSLOWKEYPrivateKey *
-seckey_decrypt_private_key(NSSLOWKEYEncryptedPrivateKeyInfo *epki,
- SECItem *pwitem)
-{
- NSSLOWKEYPrivateKey *pk = NULL;
- NSSLOWKEYPrivateKeyInfo *pki = NULL;
- SECStatus rv = SECFailure;
- SECOidTag algorithm;
- PLArenaPool *temparena = NULL, *permarena = NULL;
- SECItem *salt = NULL, *dest = NULL, *key = NULL;
- NSSPKCS5PBEParameter *param;
-
- if((epki == NULL) || (pwitem == NULL))
- goto loser;
-
- temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- permarena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if((temparena == NULL) || (permarena == NULL))
- goto loser;
-
- /* allocate temporary items */
- pki = (NSSLOWKEYPrivateKeyInfo *)PORT_ArenaZAlloc(temparena,
- sizeof(NSSLOWKEYPrivateKeyInfo));
-
- /* allocate permanent arena items */
- pk = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc(permarena,
- sizeof(NSSLOWKEYPrivateKey));
-
- if((pk == NULL) || (pki == NULL))
- goto loser;
-
- pk->arena = permarena;
-
- algorithm = SECOID_GetAlgorithmTag(&(epki->algorithm));
- switch(algorithm)
- {
- case SEC_OID_RC4:
- salt = SECITEM_DupItem(&epki->algorithm.parameters);
- if(salt != NULL)
- {
- key = seckey_create_rc4_key(pwitem, salt);
- if(key != NULL)
- {
- dest = seckey_rc4_decode(key, &epki->encryptedData);
- }
- }
- if(salt != NULL)
- SECITEM_ZfreeItem(salt, PR_TRUE);
- if(key != NULL)
- SECITEM_ZfreeItem(key, PR_TRUE);
- break;
- default:
- /* we depend on the fact that if this key was encoded with
- * DES, that the pw was also encoded with DES, so we don't have
- * to do the update here, the password code will handle it. */
- param = nsspkcs5_AlgidToParam(&epki->algorithm);
- if (param == NULL) {
- break;
- }
- dest = nsspkcs5_CipherData(param, pwitem, &epki->encryptedData,
- PR_FALSE, NULL);
- nsspkcs5_DestroyPBEParameter(param);
- break;
- }
-
- if(dest != NULL)
- {
- rv = SEC_ASN1DecodeItem(temparena, pki,
- nsslowkey_PrivateKeyInfoTemplate, dest);
- if(rv == SECSuccess)
- {
- switch(SECOID_GetAlgorithmTag(&pki->algorithm)) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- pk->keyType = NSSLOWKEYRSAKey;
- rv = SEC_ASN1DecodeItem(permarena, pk,
- nsslowkey_RSAPrivateKeyTemplate,
- &pki->privateKey);
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- pk->keyType = NSSLOWKEYDSAKey;
- rv = SEC_ASN1DecodeItem(permarena, pk,
- nsslowkey_DSAPrivateKeyTemplate,
- &pki->privateKey);
- if (rv != SECSuccess)
- goto loser;
- rv = SEC_ASN1DecodeItem(permarena, &pk->u.dsa.params,
- nsslowkey_PQGParamsTemplate,
- &pki->algorithm.parameters);
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- pk->keyType = NSSLOWKEYDHKey;
- rv = SEC_ASN1DecodeItem(permarena, pk,
- nsslowkey_DHPrivateKeyTemplate,
- &pki->privateKey);
- break;
- default:
- rv = SECFailure;
- break;
- }
- }
- else if(PORT_GetError() == SEC_ERROR_BAD_DER)
- {
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- goto loser;
- }
- }
-
- /* let success fall through */
-loser:
- if(temparena != NULL)
- PORT_FreeArena(temparena, PR_TRUE);
- if(dest != NULL)
- SECITEM_ZfreeItem(dest, PR_TRUE);
-
- if(rv != SECSuccess)
- {
- if(permarena != NULL)
- PORT_FreeArena(permarena, PR_TRUE);
- pk = NULL;
- }
-
- return pk;
-}
-
-static NSSLOWKEYPrivateKey *
-seckey_decode_encrypted_private_key(NSSLOWKEYDBKey *dbkey, SECItem *pwitem)
-{
- NSSLOWKEYPrivateKey *pk = NULL;
- NSSLOWKEYEncryptedPrivateKeyInfo *epki;
- PLArenaPool *temparena = NULL;
- SECStatus rv;
- SECOidTag algorithm;
-
- if( ( dbkey == NULL ) || ( pwitem == NULL ) ) {
- return NULL;
- }
-
- temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(temparena == NULL) {
- return NULL;
- }
-
- epki = (NSSLOWKEYEncryptedPrivateKeyInfo *)
- PORT_ArenaZAlloc(temparena, sizeof(NSSLOWKEYEncryptedPrivateKeyInfo));
-
- if(epki == NULL) {
- goto loser;
- }
-
- rv = SEC_ASN1DecodeItem(temparena, epki,
- nsslowkey_EncryptedPrivateKeyInfoTemplate,
- &(dbkey->derPK));
- if(rv != SECSuccess) {
- goto loser;
- }
-
- algorithm = SECOID_GetAlgorithmTag(&(epki->algorithm));
- switch(algorithm)
- {
- case SEC_OID_RC4:
- /* TNH - this code should derive the actual RC4 key from salt and
- pwitem */
- rv = SECITEM_CopyItem(temparena, &(epki->algorithm.parameters),
- &(dbkey->salt));
- break;
- default:
- break;
- }
-
- pk = seckey_decrypt_private_key(epki, pwitem);
-
- /* let success fall through */
-loser:
-
- PORT_FreeArena(temparena, PR_TRUE);
- return pk;
-}
-
-NSSLOWKEYPrivateKey *
-seckey_get_private_key(NSSLOWKEYDBHandle *keydb, DBT *index, char **nickname,
- SECItem *pwitem)
-{
- NSSLOWKEYDBKey *dbkey = NULL;
- NSSLOWKEYPrivateKey *pk = NULL;
-
- if( ( keydb == NULL ) || ( index == NULL ) || ( pwitem == NULL ) ) {
- return NULL;
- }
-
- dbkey = get_dbkey(keydb, index);
- if(dbkey == NULL) {
- goto loser;
- }
-
- if ( nickname ) {
- if ( dbkey->nickname && ( dbkey->nickname[0] != 0 ) ) {
- *nickname = PORT_Strdup(dbkey->nickname);
- } else {
- *nickname = NULL;
- }
- }
-
- pk = seckey_decode_encrypted_private_key(dbkey, pwitem);
-
- /* let success fall through */
-loser:
-
- if ( dbkey != NULL ) {
- sec_destroy_dbkey(dbkey);
- }
-
- return pk;
-}
-
-/*
- * used by pkcs11 to import keys into it's object format... In the future
- * we really need a better way to tie in...
- */
-NSSLOWKEYPrivateKey *
-nsslowkey_DecryptKey(DBT *key, SECItem *pwitem,
- NSSLOWKEYDBHandle *handle) {
- return seckey_get_private_key(handle,key,NULL,pwitem);
-}
-
-/*
- * Find a key in the database, indexed by its public key modulus
- * This is used to find keys that have been stored before their
- * certificate arrives. Once the certificate arrives the key
- * is looked up by the public modulus in the certificate, and the
- * re-stored by its nickname.
- */
-NSSLOWKEYPrivateKey *
-nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus,
- SECItem *pwitem)
-{
- DBT namekey;
- NSSLOWKEYPrivateKey *pk = NULL;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return NULL;
- }
-
- /* set up db key */
- namekey.data = modulus->data;
- namekey.size = modulus->len;
-
- pk = seckey_get_private_key(handle, &namekey, NULL, pwitem);
-
- /* no need to free dbkey, since its on the stack, and the data it
- * points to is owned by the database
- */
- return(pk);
-}
-
-char *
-nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle,
- SECItem *modulus, SECItem *pwitem)
-{
- DBT namekey;
- NSSLOWKEYPrivateKey *pk = NULL;
- char *nickname = NULL;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return NULL;
- }
-
- /* set up db key */
- namekey.data = modulus->data;
- namekey.size = modulus->len;
-
- pk = seckey_get_private_key(handle, &namekey, &nickname, pwitem);
- if (pk) {
- nsslowkey_DestroyPrivateKey(pk);
- }
-
- /* no need to free dbkey, since its on the stack, and the data it
- * points to is owned by the database
- */
- return(nickname);
-}
-/* ===== ENCODING ROUTINES ===== */
-
-static SECStatus
-encodePWCheckEntry(PLArenaPool *arena, SECItem *entry, SECOidTag alg,
- SECItem *encCheck)
-{
- SECOidData *oidData;
- SECStatus rv;
-
- oidData = SECOID_FindOIDByTag(alg);
- if ( oidData == NULL ) {
- rv = SECFailure;
- goto loser;
- }
-
- entry->len = 1 + oidData->oid.len + encCheck->len;
- if ( arena ) {
- entry->data = (unsigned char *)PORT_ArenaAlloc(arena, entry->len);
- } else {
- entry->data = (unsigned char *)PORT_Alloc(entry->len);
- }
-
- if ( entry->data == NULL ) {
- goto loser;
- }
-
- /* first length of oid */
- entry->data[0] = (unsigned char)oidData->oid.len;
- /* next oid itself */
- PORT_Memcpy(&entry->data[1], oidData->oid.data, oidData->oid.len);
- /* finally the encrypted check string */
- PORT_Memcpy(&entry->data[1+oidData->oid.len], encCheck->data,
- encCheck->len);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Set up the password checker in the key database.
- * This is done by encrypting a known plaintext with the user's key.
- */
-SECStatus
-nsslowkey_SetKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem, SECOidTag algorithm)
-{
- DBT checkkey;
- NSSPKCS5PBEParameter *param = NULL;
- SECStatus rv = SECFailure;
- NSSLOWKEYDBKey *dbkey = NULL;
- PLArenaPool *arena;
- SECItem *salt = NULL;
- SECItem *dest = NULL, test_key;
-
- if (handle == NULL) {
- return(SECFailure);
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- rv = SECFailure;
- goto loser;
- }
-
- dbkey = (NSSLOWKEYDBKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYDBKey));
- if ( dbkey == NULL ) {
- rv = SECFailure;
- goto loser;
- }
-
- dbkey->arena = arena;
-
- /* encrypt key */
- checkkey.data = test_key.data = (unsigned char *)KEYDB_PW_CHECK_STRING;
- checkkey.size = test_key.len = KEYDB_PW_CHECK_LEN;
-
- salt = seckey_create_rc4_salt();
- if(salt == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- param = nsspkcs5_NewParam(algorithm, salt, 1);
- if (param == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- dest = nsspkcs5_CipherData(param, pwitem, &test_key, PR_TRUE, NULL);
- if (dest == NULL)
- {
- rv = SECFailure;
- goto loser;
- }
-
- rv = SECITEM_CopyItem(arena, &dbkey->salt, salt);
- if (rv == SECFailure) {
- goto loser;
- }
-
- rv = encodePWCheckEntry(arena, &dbkey->derPK, algorithm, dest);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = put_dbkey(handle, &checkkey, dbkey, PR_TRUE);
-
- /* let success fall through */
-loser:
- if ( arena != NULL ) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- if ( dest != NULL ) {
- SECITEM_ZfreeItem(dest, PR_TRUE);
- }
-
- if ( salt != NULL ) {
- SECITEM_ZfreeItem(salt, PR_TRUE);
- }
-
- if (param != NULL) {
- nsspkcs5_DestroyPBEParameter(param);
- }
-
- return(rv);
-}
-
-static PRBool
-seckey_HasAServerKey(DB *db)
-{
- DBT key;
- DBT data;
- int ret;
- PRBool found = PR_FALSE;
-
- ret = (* db->seq)(db, &key, &data, R_FIRST);
- if ( ret ) {
- return PR_FALSE;
- }
-
- do {
- /* skip version record */
- if ( data.size > 1 ) {
- /* skip salt */
- if ( key.size == ( sizeof(SALT_STRING) - 1 ) ) {
- if ( PORT_Memcmp(key.data, SALT_STRING, key.size) == 0 ) {
- continue;
- }
- }
- /* skip pw check entry */
- if ( key.size == KEYDB_PW_CHECK_LEN ) {
- if ( PORT_Memcmp(key.data, KEYDB_PW_CHECK_STRING,
- KEYDB_PW_CHECK_LEN) == 0 ) {
- continue;
- }
- }
-
- /* keys stored by nickname will have 0 as the last byte of the
- * db key. Other keys must be stored by modulus. We will not
- * update those because they are left over from a keygen that
- * never resulted in a cert.
- */
- if ( ((unsigned char *)key.data)[key.size-1] != 0 ) {
- continue;
- }
-
- if (PORT_Strcmp(key.data,"Server-Key") == 0) {
- found = PR_TRUE;
- break;
- }
-
- }
- } while ( (* db->seq)(db, &key, &data, R_NEXT) == 0 );
-
- return found;
-}
-
-static SECStatus
-seckey_CheckKeyDB1Password(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
- SECStatus rv = SECFailure;
- keyList keylist;
- keyNode *node = NULL;
- NSSLOWKEYPrivateKey *privkey = NULL;
-
-
- /*
- * first find a key
- */
-
- /* traverse the database, collecting the keys of all records */
- keylist.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( keylist.arena == NULL )
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(SECFailure);
- }
- keylist.head = NULL;
-
- /* TNH - TraverseKeys should not be public, since it exposes
- the underlying DBT data type. */
- rv = nsslowkey_TraverseKeys(handle, sec_add_key_to_list, (void *)&keylist);
- if ( rv != SECSuccess )
- goto done;
-
- /* just get the first key from the list */
- node = keylist.head;
-
- /* no private keys, accept any password */
- if (node == NULL) {
- rv = SECSuccess;
- goto done;
- }
- privkey = seckey_get_private_key(handle, &node->key, NULL, pwitem);
- if (privkey == NULL) {
- rv = SECFailure;
- goto done;
- }
-
- /* if we can decrypt the private key, then we had the correct password */
- rv = SECSuccess;
- nsslowkey_DestroyPrivateKey(privkey);
-
-done:
-
- /* free the arena */
- if ( keylist.arena ) {
- PORT_FreeArena(keylist.arena, PR_FALSE);
- }
-
- return(rv);
-}
-
-/*
- * check to see if the user has typed the right password
- */
-SECStatus
-nsslowkey_CheckKeyDBPassword(NSSLOWKEYDBHandle *handle, SECItem *pwitem)
-{
- DBT checkkey;
- DBT checkdata;
- NSSPKCS5PBEParameter *param = NULL;
- SECStatus rv = SECFailure;
- NSSLOWKEYDBKey *dbkey = NULL;
- SECItem *key = NULL;
- SECItem *dest = NULL;
- SECOidTag algorithm;
- SECItem oid;
- SECItem encstring;
- PRBool update = PR_FALSE;
- int ret;
-
- if (handle == NULL) {
- goto loser;
- }
-
- checkkey.data = KEYDB_PW_CHECK_STRING;
- checkkey.size = KEYDB_PW_CHECK_LEN;
-
- dbkey = get_dbkey(handle, &checkkey);
-
- if ( dbkey == NULL ) {
- checkkey.data = KEYDB_FAKE_PW_CHECK_STRING;
- checkkey.size = KEYDB_FAKE_PW_CHECK_LEN;
- ret = (* handle->db->get)(handle->db, &checkkey,
- &checkdata, 0 );
- if (ret) {
- goto loser;
- }
- /* if we have the fake PW_CHECK, then try to decode the key
- * rather than the pwcheck item.
- */
- rv = seckey_CheckKeyDB1Password(handle,pwitem);
- if (rv == SECSuccess) {
- /* OK we have enough to complete our conversion */
- nsslowkey_UpdateKeyDBPass2(handle,pwitem);
- }
- return rv;
- }
-
- /* build the oid item */
- oid.len = dbkey->derPK.data[0];
- oid.data = &dbkey->derPK.data[1];
-
- /* make sure entry is the correct length
- * since we are probably using a block cipher, the block will be
- * padded, so we may get a bit more than the exact size we need.
- */
- if ( dbkey->derPK.len < (KEYDB_PW_CHECK_LEN + 1 + oid.len ) ) {
- goto loser;
- }
-
- /* find the algorithm tag */
- algorithm = SECOID_FindOIDTag(&oid);
-
- /* make a secitem of the encrypted check string */
- encstring.len = dbkey->derPK.len - ( oid.len + 1 );
- encstring.data = &dbkey->derPK.data[oid.len+1];
-
- switch(algorithm)
- {
- case SEC_OID_RC4:
- key = seckey_create_rc4_key(pwitem, &dbkey->salt);
- if(key != NULL) {
- dest = seckey_rc4_decode(key, &encstring);
- SECITEM_FreeItem(key, PR_TRUE);
- }
- break;
- default:
- param = nsspkcs5_NewParam(algorithm, &dbkey->salt, 1);
- if (param != NULL) {
- /* Decrypt - this function implements a workaround for
- * a previous coding error. It will decrypt values using
- * DES rather than 3DES, if the initial try at 3DES
- * decryption fails. In this case, the update flag is
- * set to TRUE. This indication is used later to force
- * an update of the database to "real" 3DES encryption.
- */
- dest = nsspkcs5_CipherData(param, pwitem,
- &encstring, PR_FALSE, &update);
- nsspkcs5_DestroyPBEParameter(param);
- }
- break;
- }
-
- if(dest == NULL) {
- goto loser;
- }
-
- if ((dest->len == KEYDB_PW_CHECK_LEN) &&
- (PORT_Memcmp(dest->data,
- KEYDB_PW_CHECK_STRING, KEYDB_PW_CHECK_LEN) == 0)) {
- rv = SECSuccess;
- /* we succeeded */
- if ( algorithm == SEC_OID_RC4 ) {
- /* partially updated database */
- nsslowkey_UpdateKeyDBPass2(handle, pwitem);
- }
- /* Force an update of the password to remove the incorrect DES
- * encryption (see the note above)
- */
- if (update &&
- (algorithm == SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC)) {
- /* data base was encoded with DES not triple des, fix it */
- nsslowkey_UpdateKeyDBPass2(handle,pwitem);
- }
- }
-
-loser:
- sec_destroy_dbkey(dbkey);
- if(dest != NULL) {
- SECITEM_ZfreeItem(dest, PR_TRUE);
- }
-
- return(rv);
-}
-
-/*
- * Change the database password and/or algorithm. This internal
- * routine does not check the old password. That must be done by
- * the caller.
- */
-static SECStatus
-ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem, SECItem *newpwitem,
- SECOidTag new_algorithm)
-{
- SECStatus rv;
- keyList keylist;
- keyNode *node = NULL;
- NSSLOWKEYPrivateKey *privkey = NULL;
- char *nickname;
- DBT newkey;
- int ret;
-
- /* traverse the database, collecting the keys of all records */
- keylist.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( keylist.arena == NULL )
- {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(SECFailure);
- }
- keylist.head = NULL;
-
- /* TNH - TraverseKeys should not be public, since it exposes
- the underlying DBT data type. */
- rv = nsslowkey_TraverseKeys(handle, sec_add_key_to_list, (void *)&keylist);
- if ( rv != SECSuccess )
- goto loser;
-
- /* walk the list, re-encrypting each entry */
- node = keylist.head;
- while ( node != NULL )
- {
- privkey = seckey_get_private_key(handle, &node->key, &nickname,
- oldpwitem);
-
- if (privkey == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- rv = SECFailure;
- goto loser;
- }
-
- /* delete the old record */
- ret = (* handle->db->del)(handle->db, &node->key, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- rv = SECFailure;
- goto loser;
- }
-
- /* get the public key, which we use as the database index */
-
- switch (privkey->keyType) {
- case NSSLOWKEYRSAKey:
- newkey.data = privkey->u.rsa.modulus.data;
- newkey.size = privkey->u.rsa.modulus.len;
- break;
- case NSSLOWKEYDSAKey:
- newkey.data = privkey->u.dsa.publicValue.data;
- newkey.size = privkey->u.dsa.publicValue.len;
- break;
- case NSSLOWKEYDHKey:
- newkey.data = privkey->u.dh.publicValue.data;
- newkey.size = privkey->u.dh.publicValue.len;
- break;
- default:
- return SECFailure;
- }
-
- rv = seckey_put_private_key(handle, &newkey, newpwitem, privkey,
- nickname, PR_TRUE, new_algorithm);
-
- if ( rv != SECSuccess )
- {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- rv = SECFailure;
- goto loser;
- }
-
- /* next node */
- node = node->next;
- }
-
- rv = nsslowkey_SetKeyDBPasswordAlg(handle, newpwitem, new_algorithm);
-
-loser:
-
- /* free the arena */
- if ( keylist.arena ) {
- PORT_FreeArena(keylist.arena, PR_FALSE);
- }
-
- return(rv);
-}
-
-/*
- * Re-encrypt the entire key database with a new password.
- * NOTE: The really should create a new database rather than doing it
- * in place in the original
- */
-SECStatus
-nsslowkey_ChangeKeyDBPassword(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem, SECItem *newpwitem)
-{
- SECStatus rv;
-
- if (handle == NULL) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- rv = SECFailure;
- goto loser;
- }
-
- rv = nsslowkey_CheckKeyDBPassword(handle, oldpwitem);
- if ( rv != SECSuccess ) {
- return(SECFailure); /* return rv? */
- }
-
- rv = ChangeKeyDBPasswordAlg(handle, oldpwitem, newpwitem,
- nsslowkey_GetDefaultKeyDBAlg());
-
-loser:
- return(rv);
-}
-
-
-#define MAX_DB_SIZE 0xffff
-/*
- * Clear out all the keys in the existing database
- */
-SECStatus
-nsslowkey_ResetKeyDB(NSSLOWKEYDBHandle *handle)
-{
- SECStatus rv;
- int ret;
- int errors = 0;
-
- if ( handle->db == NULL ) {
- return(SECSuccess);
- }
-
- if (handle->readOnly) {
- /* set an error code */
- return SECFailure;
- }
-
- PORT_Assert(handle->dbname != NULL);
- if (handle->dbname == NULL) {
- return SECFailure;
- }
-
- (* handle->db->close)(handle->db);
- handle->db = dbopen( handle->dbname,
- O_RDWR | O_CREAT | O_TRUNC, 0600, DB_HASH, 0 );
- if (handle->db == NULL) {
- /* set an error code */
- return SECFailure;
- }
-
- rv = makeGlobalVersion(handle);
- if ( rv != SECSuccess ) {
- errors++;
- goto done;
- }
-
- rv = makeGlobalSalt(handle);
- if ( rv != SECSuccess ) {
- errors++;
- goto done;
- }
-
- if (handle->global_salt) {
- SECITEM_FreeItem(handle->global_salt,PR_TRUE);
- }
- handle->global_salt = GetKeyDBGlobalSalt(handle);
-
-done:
- /* sync the database */
- ret = (* handle->db->sync)(handle->db, 0);
-
- return (errors == 0 ? SECSuccess : SECFailure);
-}
diff --git a/security/nss/lib/softoken/keydbi.h b/security/nss/lib/softoken/keydbi.h
deleted file mode 100644
index 28eb962ad..000000000
--- a/security/nss/lib/softoken/keydbi.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * private.h - Private data structures for the software token library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _KEYDBI_H_
-#define _KEYDBI_H_
-
-#include "nspr.h"
-#include "seccomon.h"
-#include "mcom_db.h"
-
-/*
- * Handle structure for open key databases
- */
-struct NSSLOWKEYDBHandleStr {
- DB *db;
- DB *updatedb; /* used when updating an old version */
- SECItem *global_salt; /* password hashing salt for this db */
- int version; /* version of the database */
- char *dbname; /* name of the openned DB */
- PRBool readOnly; /* is the DB read only */
-};
-
-/*
-** Typedef for callback for traversing key database.
-** "key" is the key used to index the data in the database (nickname)
-** "data" is the key data
-** "pdata" is the user's data
-*/
-typedef SECStatus (* NSSLOWKEYTraverseKeysFunc)(DBT *key, DBT *data, void *pdata);
-
-
-SEC_BEGIN_PROTOS
-
-/*
-** Traverse the entire key database, and pass the nicknames and keys to a
-** user supplied function.
-** "f" is the user function to call for each key
-** "udata" is the user's data, which is passed through to "f"
-*/
-extern SECStatus NSSLOWKEY_TraverseKeys(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYTraverseKeysFunc f,
- void *udata);
-
-SEC_END_PROTOS
-
-#endif /* _KEYDBI_H_ */
diff --git a/security/nss/lib/softoken/lowcert.c b/security/nss/lib/softoken/lowcert.c
deleted file mode 100644
index 917eb4e5d..000000000
--- a/security/nss/lib/softoken/lowcert.c
+++ /dev/null
@@ -1,470 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Certificate handling code
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secder.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "prtime.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "secasn1.h"
-#include "secoid.h"
-
-/* should have been in a 'util' header */
-extern const SEC_ASN1Template CERT_ValidityTemplate[];
-
-static const SEC_ASN1Template nsslowcert_CertKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSLOWCERTCertKey) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0, 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_INTEGER, offsetof(NSSLOWCERTCertKey,serialNumber) },
- { SEC_ASN1_SKIP }, /* signature algorithm */
- { SEC_ASN1_ANY, offsetof(NSSLOWCERTCertKey,derIssuer) },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-
-const SEC_ASN1Template nsslowcert_SubjectPublicKeyInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWCERTSubjectPublicKeyInfo) },
- { SEC_ASN1_INLINE, offsetof(NSSLOWCERTSubjectPublicKeyInfo,algorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_BIT_STRING,
- offsetof(NSSLOWCERTSubjectPublicKeyInfo,subjectPublicKey), },
- { 0, }
-};
-
-const SEC_ASN1Template nsslowcert_CertificateTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSLOWCERTCertificate) },
- { SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED |
- SEC_ASN1_CONTEXT_SPECIFIC | 0, 0, SEC_SkipTemplate }, /* version */
- { SEC_ASN1_INTEGER, offsetof(NSSLOWCERTCertificate,serialNumber) },
- { SEC_ASN1_SKIP }, /* Signature algorithm */
- { SEC_ASN1_ANY, offsetof(NSSLOWCERTCertificate,derIssuer) },
- { SEC_ASN1_INLINE,
- offsetof(NSSLOWCERTCertificate,validity),
- CERT_ValidityTemplate },
- { SEC_ASN1_ANY, offsetof(NSSLOWCERTCertificate,derSubject) },
- { SEC_ASN1_INLINE,
- offsetof(NSSLOWCERTCertificate,subjectPublicKeyInfo),
- nsslowcert_SubjectPublicKeyInfoTemplate },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-const SEC_ASN1Template nsslowcert_SignedCertificateTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWCERTCertificate) },
- { SEC_ASN1_INLINE, 0, nsslowcert_CertificateTemplate },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-};
-const SEC_ASN1Template nsslowcert_SignedDataTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWCERTSignedData) },
- { SEC_ASN1_ANY, offsetof(NSSLOWCERTSignedData,data), },
- { SEC_ASN1_SKIP_REST },
- { 0, }
-};
-const SEC_ASN1Template nsslowcert_RSAPublicKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPublicKey) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.rsa.modulus), },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.rsa.publicExponent), },
- { 0, }
-};
-const SEC_ASN1Template nsslowcert_DSAPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.dsa.publicValue), },
- { 0, }
-};
-const SEC_ASN1Template nsslowcert_DHPublicKeyTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey,u.dh.publicValue), },
- { 0, }
-};
-
-
-NSSLOWCERTCertificate *
-nsslowcert_DupCertificate(NSSLOWCERTCertificate *c)
-{
- if (c) {
- nsslowcert_LockCertRefCount(c);
- ++c->referenceCount;
- nsslowcert_UnlockCertRefCount(c);
- }
- return c;
-}
-
-/*
- * Allow use of default cert database, so that apps(such as mozilla) don't
- * have to pass the handle all over the place.
- */
-static NSSLOWCERTCertDBHandle *default_pcert_db_handle = 0;
-
-void
-nsslowcert_SetDefaultCertDB(NSSLOWCERTCertDBHandle *handle)
-{
- default_pcert_db_handle = handle;
-
- return;
-}
-
-NSSLOWCERTCertDBHandle *
-nsslowcert_GetDefaultCertDB(void)
-{
- return(default_pcert_db_handle);
-}
-
-
-SECStatus
-nsslowcert_GetCertTimes(NSSLOWCERTCertificate *c, PRTime *notBefore, PRTime *notAfter)
-{
- int rv;
-
- /* convert DER not-before time */
- rv = DER_UTCTimeToTime(notBefore, &c->validity.notBefore);
- if (rv) {
- return(SECFailure);
- }
-
- /* convert DER not-after time */
- rv = DER_UTCTimeToTime(notAfter, &c->validity.notAfter);
- if (rv) {
- return(SECFailure);
- }
-
- return(SECSuccess);
-}
-
-/*
- * is certa newer than certb? If one is expired, pick the other one.
- */
-PRBool
-nsslowcert_IsNewer(NSSLOWCERTCertificate *certa, NSSLOWCERTCertificate *certb)
-{
- PRTime notBeforeA, notAfterA, notBeforeB, notAfterB, now;
- SECStatus rv;
- PRBool newerbefore, newerafter;
-
- rv = nsslowcert_GetCertTimes(certa, &notBeforeA, &notAfterA);
- if ( rv != SECSuccess ) {
- return(PR_FALSE);
- }
-
- rv = nsslowcert_GetCertTimes(certb, &notBeforeB, &notAfterB);
- if ( rv != SECSuccess ) {
- return(PR_TRUE);
- }
-
- newerbefore = PR_FALSE;
- if ( LL_CMP(notBeforeA, >, notBeforeB) ) {
- newerbefore = PR_TRUE;
- }
-
- newerafter = PR_FALSE;
- if ( LL_CMP(notAfterA, >, notAfterB) ) {
- newerafter = PR_TRUE;
- }
-
- if ( newerbefore && newerafter ) {
- return(PR_TRUE);
- }
-
- if ( ( !newerbefore ) && ( !newerafter ) ) {
- return(PR_FALSE);
- }
-
- /* get current UTC time */
- now = PR_Now();
-
- if ( newerbefore ) {
- /* cert A was issued after cert B, but expires sooner */
- /* if A is expired, then pick B */
- if ( LL_CMP(notAfterA, <, now ) ) {
- return(PR_FALSE);
- }
- return(PR_TRUE);
- } else {
- /* cert B was issued after cert A, but expires sooner */
- /* if B is expired, then pick A */
- if ( LL_CMP(notAfterB, <, now ) ) {
- return(PR_TRUE);
- }
- return(PR_FALSE);
- }
-}
-
-#define SOFT_DEFAULT_CHUNKSIZE 2048
-
-/*
- * take a DER certificate and decode it into a certificate structure
- */
-NSSLOWCERTCertificate *
-nsslowcert_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER,
- char *nickname)
-{
- NSSLOWCERTCertificate *cert;
- PRArenaPool *arena;
- void *data;
- int rv;
- int len;
-
- /* make a new arena */
- arena = PORT_NewArena(SOFT_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- return 0;
- }
-
- /* allocate the certificate structure */
- cert = (NSSLOWCERTCertificate *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWCERTCertificate));
-
- if ( !cert ) {
- goto loser;
- }
-
- cert->arena = arena;
-
- if ( copyDER ) {
- /* copy the DER data for the cert into this arena */
- data = (void *)PORT_ArenaAlloc(arena, derSignedCert->len);
- if ( !data ) {
- goto loser;
- }
- cert->derCert.data = (unsigned char *)data;
- cert->derCert.len = derSignedCert->len;
- PORT_Memcpy(data, derSignedCert->data, derSignedCert->len);
- } else {
- /* point to passed in DER data */
- cert->derCert = *derSignedCert;
- }
-
- /* decode the certificate info */
- rv = SEC_ASN1DecodeItem(arena, cert, nsslowcert_SignedCertificateTemplate,
- &cert->derCert);
-
- /* cert->subjectKeyID; x509v3 subject key identifier */
- cert->dbEntry = NULL;
- cert ->trust = NULL;
-
- /* generate and save the database key for the cert */
- rv = nsslowcert_KeyFromDERCert(arena, &cert->derCert, &cert->certKey);
- if ( rv ) {
- goto loser;
- }
-
- /* set the nickname */
- if ( nickname == NULL ) {
- cert->nickname = NULL;
- } else {
- /* copy and install the nickname */
- len = PORT_Strlen(nickname) + 1;
- cert->nickname = (char*)PORT_ArenaAlloc(arena, len);
- if ( cert->nickname == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(cert->nickname, nickname, len);
- }
-
-#ifdef FIXME
- /* initialize the subjectKeyID */
- rv = cert_GetKeyID(cert);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* set the email address */
- cert->emailAddr = CERT_GetCertificateEmailAddress(cert);
-
-#endif
-
- cert->referenceCount = 1;
-
- return(cert);
-
-loser:
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(0);
-}
-
-char *
-nsslowcert_FixupEmailAddr(char *emailAddr)
-{
- char *retaddr;
- char *str;
-
- if ( emailAddr == NULL ) {
- return(NULL);
- }
-
- /* copy the string */
- str = retaddr = PORT_Strdup(emailAddr);
- if ( str == NULL ) {
- return(NULL);
- }
-
- /* make it lower case */
- while ( *str ) {
- *str = tolower( *str );
- str++;
- }
-
- return(retaddr);
-}
-
-static SECStatus
-nsslowcert_KeyFromIssuerAndSN(PRArenaPool *arena, SECItem *issuer, SECItem *sn,
- SECItem *key)
-{
- key->len = sn->len + issuer->len;
-
- key->data = (unsigned char*)PORT_ArenaAlloc(arena, key->len);
- if ( !key->data ) {
- goto loser;
- }
-
- /* copy the serialNumber */
- PORT_Memcpy(key->data, sn->data, sn->len);
-
- /* copy the issuer */
- PORT_Memcpy(&key->data[sn->len], issuer->data, issuer->len);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-
-
-/*
- * Generate a database key, based on serial number and issuer, from a
- * DER certificate.
- */
-SECStatus
-nsslowcert_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key)
-{
- int rv;
- NSSLOWCERTSignedData sd;
- NSSLOWCERTCertKey certkey;
-
- PORT_Memset(&sd, 0, sizeof(NSSLOWCERTSignedData));
- PORT_Memset(&certkey, 0, sizeof(NSSLOWCERTCertKey));
-
- rv = SEC_ASN1DecodeItem(arena, &sd, nsslowcert_SignedDataTemplate, derCert);
-
- if ( rv ) {
- goto loser;
- }
-
- PORT_Memset(&certkey, 0, sizeof(NSSLOWCERTCertKey));
- rv = SEC_ASN1DecodeItem(arena, &certkey,
- nsslowcert_CertKeyTemplate, &sd.data);
-
- if ( rv ) {
- goto loser;
- }
-
- return(nsslowcert_KeyFromIssuerAndSN(arena, &certkey.derIssuer,
- &certkey.serialNumber, key));
-loser:
- return(SECFailure);
-}
-
-NSSLOWKEYPublicKey *
-nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *cert)
-{
- NSSLOWCERTSubjectPublicKeyInfo *spki = &cert->subjectPublicKeyInfo;
- NSSLOWKEYPublicKey *pubk;
- SECItem os;
- SECStatus rv;
- PRArenaPool *arena;
- SECOidTag tag;
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- return NULL;
-
- pubk = (NSSLOWKEYPublicKey *)
- PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPublicKey));
- if (pubk == NULL) {
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
- }
-
- pubk->arena = arena;
-
- /* Convert bit string length from bits to bytes */
- os = spki->subjectPublicKey;
- DER_ConvertBitString (&os);
-
- tag = SECOID_GetAlgorithmTag(&spki->algorithm);
- switch ( tag ) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- pubk->keyType = NSSLOWKEYRSAKey;
- rv = SEC_ASN1DecodeItem(arena, pubk,
- nsslowcert_RSAPublicKeyTemplate, &os);
- if (rv == SECSuccess)
- return pubk;
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- pubk->keyType = NSSLOWKEYDSAKey;
- rv = SEC_ASN1DecodeItem(arena, pubk,
- nsslowcert_DSAPublicKeyTemplate, &os);
- if (rv == SECSuccess) return pubk;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- pubk->keyType = NSSLOWKEYDHKey;
- rv = SEC_ASN1DecodeItem(arena, pubk,
- nsslowcert_DHPublicKeyTemplate, &os);
- if (rv == SECSuccess) return pubk;
- break;
- default:
- rv = SECFailure;
- break;
- }
-
- nsslowkey_DestroyPublicKey (pubk);
- return NULL;
-}
-
diff --git a/security/nss/lib/softoken/lowkey.c b/security/nss/lib/softoken/lowkey.c
deleted file mode 100644
index 3d7cfa94a..000000000
--- a/security/nss/lib/softoken/lowkey.c
+++ /dev/null
@@ -1,323 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "lowkeyi.h"
-#include "secoid.h"
-#include "secitem.h"
-#include "secder.h"
-#include "base64.h"
-#include "secasn1.h"
-#include "pcert.h"
-#include "secerr.h"
-
-
-const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) },
- { SEC_ASN1_INTEGER, offsetof(PQGParams,prime) },
- { SEC_ASN1_INTEGER, offsetof(PQGParams,subPrime) },
- { SEC_ASN1_INTEGER, offsetof(PQGParams,base) },
- { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.version) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.modulus) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.publicExponent) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.privateExponent) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime1) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime2) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent1) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent2) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.coefficient) },
- { 0 }
-};
-
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.publicValue) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
- { 0, }
-};
-
-const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) },
-};
-
-const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.publicValue) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.privateValue) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.base) },
- { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.prime) },
- { 0, }
-};
-
-void
-nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk)
-{
- if (privk && privk->arena) {
- PORT_FreeArena(privk->arena, PR_TRUE);
- }
-}
-
-void
-nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk)
-{
- if (pubk && pubk->arena) {
- PORT_FreeArena(pubk->arena, PR_FALSE);
- }
-}
-unsigned
-nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubk)
-{
- unsigned char b0;
-
- /* interpret modulus length as key strength... in
- * fortezza that's the public key length */
-
- switch (pubk->keyType) {
- case NSSLOWKEYRSAKey:
- b0 = pubk->u.rsa.modulus.data[0];
- return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
- default:
- break;
- }
- return 0;
-}
-
-unsigned
-nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privk)
-{
-
- unsigned char b0;
-
- switch (privk->keyType) {
- case NSSLOWKEYRSAKey:
- b0 = privk->u.rsa.modulus.data[0];
- return b0 ? privk->u.rsa.modulus.len : privk->u.rsa.modulus.len - 1;
- default:
- break;
- }
- return 0;
-}
-
-NSSLOWKEYPublicKey *
-nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk)
-{
- NSSLOWKEYPublicKey *pubk;
- PLArenaPool *arena;
-
-
- arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- switch(privk->keyType) {
- case NSSLOWKEYRSAKey:
- case NSSLOWKEYNullKey:
- pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
- sizeof (NSSLOWKEYPublicKey));
- if (pubk != NULL) {
- SECStatus rv;
-
- pubk->arena = arena;
- pubk->keyType = privk->keyType;
- if (privk->keyType == NSSLOWKEYNullKey) return pubk;
- rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus,
- &privk->u.rsa.modulus);
- if (rv == SECSuccess) {
- rv = SECITEM_CopyItem (arena, &pubk->u.rsa.publicExponent,
- &privk->u.rsa.publicExponent);
- if (rv == SECSuccess)
- return pubk;
- }
- nsslowkey_DestroyPublicKey (pubk);
- } else {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- }
- break;
- case NSSLOWKEYDSAKey:
- pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPublicKey));
- if (pubk != NULL) {
- SECStatus rv;
-
- pubk->arena = arena;
- pubk->keyType = privk->keyType;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue,
- &privk->u.dsa.publicValue);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
- &privk->u.dsa.params.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
- &privk->u.dsa.params.subPrime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
- &privk->u.dsa.params.base);
- if (rv == SECSuccess) return pubk;
- }
- break;
- case NSSLOWKEYDHKey:
- pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPublicKey));
- if (pubk != NULL) {
- SECStatus rv;
-
- pubk->arena = arena;
- pubk->keyType = privk->keyType;
- rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue,
- &privk->u.dh.publicValue);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime,
- &privk->u.dh.prime);
- if (rv != SECSuccess) break;
- rv = SECITEM_CopyItem(arena, &pubk->u.dh.base,
- &privk->u.dh.base);
- if (rv == SECSuccess) return pubk;
- }
- break;
- /* No Fortezza in Low Key implementations (Fortezza keys aren't
- * stored in our data base */
- default:
- break;
- }
-
- PORT_FreeArena (arena, PR_FALSE);
- return NULL;
-}
-
-NSSLOWKEYPrivateKey *
-nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey)
-{
- NSSLOWKEYPrivateKey *returnKey = NULL;
- SECStatus rv = SECFailure;
- PLArenaPool *poolp;
-
- if(!privKey) {
- return NULL;
- }
-
- poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(!poolp) {
- return NULL;
- }
-
- returnKey = (NSSLOWKEYPrivateKey*)PORT_ArenaZAlloc(poolp, sizeof(NSSLOWKEYPrivateKey));
- if(!returnKey) {
- rv = SECFailure;
- goto loser;
- }
-
- returnKey->keyType = privKey->keyType;
- returnKey->arena = poolp;
-
- switch(privKey->keyType) {
- case NSSLOWKEYRSAKey:
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.modulus),
- &(privKey->u.rsa.modulus));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.version),
- &(privKey->u.rsa.version));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.publicExponent),
- &(privKey->u.rsa.publicExponent));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.privateExponent),
- &(privKey->u.rsa.privateExponent));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime1),
- &(privKey->u.rsa.prime1));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime2),
- &(privKey->u.rsa.prime2));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent1),
- &(privKey->u.rsa.exponent1));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent2),
- &(privKey->u.rsa.exponent2));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.coefficient),
- &(privKey->u.rsa.coefficient));
- if(rv != SECSuccess) break;
- break;
- case NSSLOWKEYDSAKey:
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.publicValue),
- &(privKey->u.dsa.publicValue));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.privateValue),
- &(privKey->u.dsa.privateValue));
- if(rv != SECSuccess) break;
- returnKey->u.dsa.params.arena = poolp;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.prime),
- &(privKey->u.dsa.params.prime));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.subPrime),
- &(privKey->u.dsa.params.subPrime));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.base),
- &(privKey->u.dsa.params.base));
- if(rv != SECSuccess) break;
- break;
- case NSSLOWKEYDHKey:
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.publicValue),
- &(privKey->u.dh.publicValue));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.privateValue),
- &(privKey->u.dh.privateValue));
- if(rv != SECSuccess) break;
- returnKey->u.dsa.params.arena = poolp;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime),
- &(privKey->u.dh.prime));
- if(rv != SECSuccess) break;
- rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base),
- &(privKey->u.dh.base));
- if(rv != SECSuccess) break;
- break;
- default:
- rv = SECFailure;
- }
-
-loser:
-
- if(rv != SECSuccess) {
- PORT_FreeArena(poolp, PR_TRUE);
- returnKey = NULL;
- }
-
- return returnKey;
-}
diff --git a/security/nss/lib/softoken/lowkeyi.h b/security/nss/lib/softoken/lowkeyi.h
deleted file mode 100644
index dd3fda6cc..000000000
--- a/security/nss/lib/softoken/lowkeyi.h
+++ /dev/null
@@ -1,259 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * key.h - public data structures and prototypes for the private key library
- *
- * $Id$
- */
-
-#ifndef _LOWKEYI_H_
-#define _LOWKEYI_H_
-
-#include "prtypes.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "pcertt.h"
-#include "lowkeyti.h"
-
-SEC_BEGIN_PROTOS
-
-typedef char * (* NSSLOWKEYDBNameFunc)(void *arg, int dbVersion);
-
-/*
-** Open a key database.
-*/
-extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDB(PRBool readOnly,
- NSSLOWKEYDBNameFunc namecb,
- void *cbarg);
-
-extern NSSLOWKEYDBHandle *nsslowkey_OpenKeyDBFilename(char *filename,
- PRBool readOnly);
-
-/*
-** Update the database
-*/
-extern SECStatus nsslowkey_UpdateKeyDBPass1(NSSLOWKEYDBHandle *handle);
-extern SECStatus nsslowkey_UpdateKeyDBPass2(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem);
-
-/*
- * Clear out all the keys in the existing database
- */
-extern SECStatus nsslowkey_ResetKeyDB(NSSLOWKEYDBHandle *handle);
-
-/*
-** Close the specified key database.
-*/
-extern void nsslowkey_CloseKeyDB(NSSLOWKEYDBHandle *handle);
-
-/*
- * Get the version number of the database
- */
-extern int nsslowkey_GetKeyDBVersion(NSSLOWKEYDBHandle *handle);
-
-/*
-** Support a default key database.
-*/
-extern void nsslowkey_SetDefaultKeyDB(NSSLOWKEYDBHandle *handle);
-extern NSSLOWKEYDBHandle *nsslowkey_GetDefaultKeyDB(void);
-
-/* set the alg id of the key encryption algorithm */
-extern void nsslowkey_SetDefaultKeyDBAlg(SECOidTag alg);
-
-/*
- * given a password and salt, produce a hash of the password
- */
-extern SECItem *nsslowkey_HashPassword(char *pw, SECItem *salt);
-
-/*
- * Derive the actual password value for a key database from the
- * password string value. The derivation uses global salt value
- * stored in the key database.
- */
-extern SECItem *
-nsslowkey_DeriveKeyDBPassword(NSSLOWKEYDBHandle *handle, char *pw);
-
-/*
-** Delete a key from the database
-*/
-extern SECStatus nsslowkey_DeleteKey(NSSLOWKEYDBHandle *handle,
- SECItem *pubkey);
-
-/*
-** Store a key in the database, indexed by its public key modulus.
-** "pk" is the private key to store
-** "f" is a the callback function for getting the password
-** "arg" is the argument for the callback
-*/
-extern SECStatus nsslowkey_StoreKeyByPublicKey(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *pk,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg);
-
-/* does the key for this cert exist in the database filed by modulus */
-extern PRBool nsslowkey_KeyForCertExists(NSSLOWKEYDBHandle *handle,
- NSSLOWCERTCertificate *cert);
-
-extern SECStatus nsslowkey_HasKeyDBPassword(NSSLOWKEYDBHandle *handle);
-extern SECStatus nsslowkey_SetKeyDBPassword(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem);
-extern SECStatus nsslowkey_CheckKeyDBPassword(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem);
-extern SECStatus nsslowkey_ChangeKeyDBPassword(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem,
- SECItem *newpwitem);
-
-/*
-** Destroy a private key object.
-** "key" the object
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *key);
-
-/*
-** Destroy a public key object.
-** "key" the object
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *key);
-
-/*
-** Return the modulus length of "pubKey".
-*/
-extern unsigned int nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubKey);
-
-
-/*
-** Return the modulus length of "privKey".
-*/
-extern unsigned int nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privKey);
-
-
-/*
-** Convert a low private key "privateKey" into a public low key
-*/
-extern NSSLOWKEYPublicKey
- *nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privateKey);
-
-/*
- * Set the Key Database password.
- * handle is a handle to the key database
- * pwitem is the new password
- * algorithm is the algorithm by which the key database
- * password is to be encrypted.
- * On failure, SECFailure is returned, otherwise SECSuccess is
- * returned.
- */
-extern SECStatus
-nsslowkey_SetKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem,
- SECOidTag algorithm);
-
-/* Check the key database password.
- * handle is a handle to the key database
- * pwitem is the suspect password
- * algorithm is the algorithm by which the key database
- * password is to be encrypted.
- * The password is checked against plaintext to see if it is the
- * actual password. If it is not, SECFailure is returned.
- */
-extern SECStatus
-nsslowkey_CheckKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *pwitem,
- SECOidTag algorithm);
-
-/* Change the key database password and/or algorithm by which
- * the password is stored with.
- * handle is a handle to the key database
- * old_pwitem is the current password
- * new_pwitem is the new password
- * old_algorithm is the algorithm by which the key database
- * password is currently encrypted.
- * new_algorithm is the algorithm with which the new password
- * is to be encrypted.
- * A return of anything but SECSuccess indicates failure.
- */
-extern SECStatus
-nsslowkey_ChangeKeyDBPasswordAlg(NSSLOWKEYDBHandle *handle,
- SECItem *oldpwitem, SECItem *newpwitem,
- SECOidTag old_algorithm);
-
-SECStatus
-nsslowkey_UpdateNickname(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg);
-
-/* Store key by modulus and specify an encryption algorithm to use.
- * handle is the pointer to the key database,
- * privkey is the private key to be stored,
- * f and arg are the function and arguments to the callback
- * to get a password,
- * algorithm is the algorithm which the privKey is to be stored.
- * A return of anything but SECSuccess indicates failure.
- */
-extern SECStatus
-nsslowkey_StoreKeyByPublicKeyAlg(NSSLOWKEYDBHandle *handle,
- NSSLOWKEYPrivateKey *privkey,
- SECItem *pubKeyData,
- char *nickname,
- SECItem *arg,
- SECOidTag algorithm,
- PRBool update);
-
-/* Find key by modulus. This function is the inverse of store key
- * by modulus. An attempt to locate the key with "modulus" is
- * performed. If the key is found, the private key is returned,
- * else NULL is returned.
- * modulus is the modulus to locate
- */
-extern NSSLOWKEYPrivateKey *
-nsslowkey_FindKeyByPublicKey(NSSLOWKEYDBHandle *handle, SECItem *modulus,
- SECItem *arg);
-
-extern char *
-nsslowkey_FindKeyNicknameByPublicKey(NSSLOWKEYDBHandle *handle,
- SECItem *modulus, SECItem *pwitem);
-
-
-/* Make a copy of a low private key in it's own arena.
- * a return of NULL indicates an error.
- */
-extern NSSLOWKEYPrivateKey *
-nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey);
-
-
-SEC_END_PROTOS
-
-#endif /* _LOWKEYI_H_ */
diff --git a/security/nss/lib/softoken/lowkeyti.h b/security/nss/lib/softoken/lowkeyti.h
deleted file mode 100644
index dc03c4cdf..000000000
--- a/security/nss/lib/softoken/lowkeyti.h
+++ /dev/null
@@ -1,142 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _LOWKEYTI_H_
-#define _LOWKEYTI_H_ 1
-
-#include "blapit.h"
-#include "prtypes.h"
-#include "plarena.h"
-#include "secitem.h"
-#include "secasn1t.h"
-#include "secoidt.h"
-/*#include "secmodt.h"
-#include "pkcs11t.h" */
-
-
-/*
- * a key in/for the data base
- */
-struct NSSLOWKEYDBKeyStr {
- PLArenaPool *arena;
- int version;
- char *nickname;
- SECItem salt;
- SECItem derPK;
-};
-typedef struct NSSLOWKEYDBKeyStr NSSLOWKEYDBKey;
-
-typedef struct NSSLOWKEYDBHandleStr NSSLOWKEYDBHandle;
-
-#ifdef NSS_USE_KEY4_DB
-#define NSSLOWKEY_DB_FILE_VERSION 4
-#else
-#define NSSLOWKEY_DB_FILE_VERSION 3
-#endif
-
-#define NSSLOWKEY_VERSION 0 /* what we *create* */
-
-/*
-** Typedef for callback to get a password "key".
-*/
-extern const SEC_ASN1Template nsslowkey_PQGParamsTemplate[];
-extern const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[];
-extern const SEC_ASN1Template nsslowkey_DHPrivateKeyExportTemplate[];
-
-extern const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[];
-extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[];
-
-
-/*
-** A PKCS#8 private key info object
-*/
-struct NSSLOWKEYPrivateKeyInfoStr {
- PLArenaPool *arena;
- SECItem version;
- SECAlgorithmID algorithm;
- SECItem privateKey;
-};
-typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo;
-#define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION 0 /* what we *create* */
-
-/*
-** A PKCS#8 private key info object
-*/
-struct NSSLOWKEYEncryptedPrivateKeyInfoStr {
- PLArenaPool *arena;
- SECAlgorithmID algorithm;
- SECItem encryptedData;
-};
-typedef struct NSSLOWKEYEncryptedPrivateKeyInfoStr NSSLOWKEYEncryptedPrivateKeyInfo;
-
-
-typedef enum {
- NSSLOWKEYNullKey = 0,
- NSSLOWKEYRSAKey = 1,
- NSSLOWKEYDSAKey = 2,
- NSSLOWKEYDHKey = 4
-} NSSLOWKEYType;
-
-/*
-** An RSA public key object.
-*/
-struct NSSLOWKEYPublicKeyStr {
- PLArenaPool *arena;
- NSSLOWKEYType keyType ;
- union {
- RSAPublicKey rsa;
- DSAPublicKey dsa;
- DHPublicKey dh;
- } u;
-};
-typedef struct NSSLOWKEYPublicKeyStr NSSLOWKEYPublicKey;
-
-/*
-** Low Level private key object
-** This is only used by the raw Crypto engines (crypto), keydb (keydb),
-** and PKCS #11. Everyone else uses the high level key structure.
-*/
-struct NSSLOWKEYPrivateKeyStr {
- PLArenaPool *arena;
- NSSLOWKEYType keyType;
- union {
- RSAPrivateKey rsa;
- DSAPrivateKey dsa;
- DHPrivateKey dh;
- } u;
-};
-typedef struct NSSLOWKEYPrivateKeyStr NSSLOWKEYPrivateKey;
-
-#endif /* _LOWKEYTI_H_ */
diff --git a/security/nss/lib/softoken/lowpbe.c b/security/nss/lib/softoken/lowpbe.c
deleted file mode 100644
index 6c9824ea6..000000000
--- a/security/nss/lib/softoken/lowpbe.c
+++ /dev/null
@@ -1,1188 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "secport.h"
-#include "hasht.h"
-#include "pkcs11t.h"
-#include "blapi.h"
-#include "hasht.h"
-#include "secasn1.h"
-#include "secder.h"
-#include "lowpbe.h"
-#include "secoid.h"
-#include "alghmac.h"
-#include "softoken.h"
-#include "secerr.h"
-
-/* template for PKCS 5 PBE Parameter. This template has been expanded
- * based upon the additions in PKCS 12. This should eventually be moved
- * if RSA updates PKCS 5.
- */
-static const SEC_ASN1Template NSSPKCS5PBEParameterTemplate[] =
-{
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(NSSPKCS5PBEParameter) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(NSSPKCS5PBEParameter, salt) },
- { SEC_ASN1_INTEGER,
- offsetof(NSSPKCS5PBEParameter, iteration) },
- { 0 }
-};
-
-static const SEC_ASN1Template NSSPKCS5PKCS12V2PBEParameterTemplate[] =
-{
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSPKCS5PBEParameter) },
- { SEC_ASN1_OCTET_STRING, offsetof(NSSPKCS5PBEParameter, salt) },
- { SEC_ASN1_INTEGER, offsetof(NSSPKCS5PBEParameter, iteration) },
- { 0 }
-};
-
-SECStatus
-nsspkcs5_HashBuf(const SECHashObject *hashObj, unsigned char *dest,
- unsigned char *src, int len)
-{
- void *ctx;
- unsigned int retLen;
-
- ctx = hashObj->create();
- if(ctx == NULL) {
- return SECFailure;
- }
- hashObj->begin(ctx);
- hashObj->update(ctx, src, len);
- hashObj->end(ctx, dest, &retLen, hashObj->length);
- hashObj->destroy(ctx, PR_TRUE);
- return SECSuccess;
-}
-
-/* generate bits using any hash
- */
-static SECItem *
-nsspkcs5_PBKDF1(const SECHashObject *hashObj, SECItem *salt, SECItem *pwd,
- int iter, PRBool faulty3DES)
-{
- SECItem *hash = NULL, *pre_hash = NULL;
- SECStatus rv = SECFailure;
-
- if((salt == NULL) || (pwd == NULL) || (iter < 0)) {
- return NULL;
- }
-
- hash = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- pre_hash = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
-
- if((hash != NULL) && (pre_hash != NULL)) {
- int i, ph_len;
-
- ph_len = hashObj->length;
- if((salt->len + pwd->len) > hashObj->length) {
- ph_len = salt->len + pwd->len;
- }
-
- rv = SECFailure;
-
- /* allocate buffers */
- hash->data = (unsigned char *)PORT_ZAlloc(SHA1_LENGTH);
- hash->len = hashObj->length;
- pre_hash->data = (unsigned char *)PORT_ZAlloc(ph_len);
-
- /* in pbeSHA1TripleDESCBC there was an allocation error that made
- * it into the caller. We do not want to propagate those errors
- * further, so we are doing it correctly, but reading the old method.
- */
- if (faulty3DES) {
- pre_hash->len = ph_len;
- } else {
- pre_hash->len = salt->len + pwd->len;
- }
-
- /* preform hash */
- if ((hash->data != NULL) && (pre_hash->data != NULL)) {
- rv = SECSuccess;
- /* check for 0 length password */
- if(pwd->len > 0) {
- PORT_Memcpy(pre_hash->data, pwd->data, pwd->len);
- }
- if(salt->len > 0) {
- PORT_Memcpy((pre_hash->data+pwd->len), salt->data, salt->len);
- }
- for(i = 0; ((i < iter) && (rv == SECSuccess)); i++) {
- rv = nsspkcs5_HashBuf(hashObj, hash->data,
- pre_hash->data, pre_hash->len);
- if(rv != SECFailure) {
- pre_hash->len = hashObj->length;
- PORT_Memcpy(pre_hash->data, hash->data, hashObj->length);
- }
- }
- }
- }
-
- if(pre_hash != NULL) {
- SECITEM_FreeItem(pre_hash, PR_TRUE);
- }
-
- if((rv != SECSuccess) && (hash != NULL)) {
- SECITEM_FreeItem(hash, PR_TRUE);
- hash = NULL;
- }
-
- return hash;
-}
-
-/* this bit generation routine is described in PKCS 12 and the proposed
- * extensions to PKCS 5. an initial hash is generated following the
- * instructions laid out in PKCS 5. If the number of bits generated is
- * insufficient, then the method discussed in the proposed extensions to
- * PKCS 5 in PKCS 12 are used. This extension makes use of the HMAC
- * function. And the P_Hash function from the TLS standard.
- */
-static SECItem *
-nsspkcs5_PFXPBE(const SECHashObject *hashObj, NSSPKCS5PBEParameter *pbe_param,
- SECItem *init_hash, unsigned int bytes_needed)
-{
- SECItem *ret_bits = NULL;
- int hash_size = 0;
- unsigned int i;
- unsigned int hash_iter;
- unsigned int dig_len;
- SECStatus rv = SECFailure;
- unsigned char *state = NULL;
- unsigned int state_len;
- HMACContext *cx = NULL;
-
- hash_size = hashObj->length;
- hash_iter = (bytes_needed + (unsigned int)hash_size - 1) / hash_size;
-
- /* allocate return buffer */
- ret_bits = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(ret_bits == NULL)
- return NULL;
- ret_bits->data = (unsigned char *)PORT_ZAlloc((hash_iter * hash_size) + 1);
- ret_bits->len = (hash_iter * hash_size);
- if(ret_bits->data == NULL) {
- PORT_Free(ret_bits);
- return NULL;
- }
-
- /* allocate intermediate hash buffer. 8 is for the 8 bytes of
- * data which are added based on iteration number
- */
-
- if ((unsigned int)hash_size > pbe_param->salt.len) {
- state_len = hash_size;
- } else {
- state_len = pbe_param->salt.len;
- }
- state = (unsigned char *)PORT_ZAlloc(state_len);
- if(state == NULL) {
- rv = SECFailure;
- goto loser;
- }
- if(pbe_param->salt.len > 0) {
- PORT_Memcpy(state, pbe_param->salt.data, pbe_param->salt.len);
- }
-
- cx = HMAC_Create(hashObj, init_hash->data, init_hash->len);
- if (cx == NULL) {
- rv = SECFailure;
- goto loser;
- }
-
- for(i = 0; i < hash_iter; i++) {
-
- /* generate output bits */
- HMAC_Begin(cx);
- HMAC_Update(cx, state, state_len);
- HMAC_Update(cx, pbe_param->salt.data, pbe_param->salt.len);
- rv = HMAC_Finish(cx, ret_bits->data + (i * hash_size),
- &dig_len, hash_size);
- if (rv != SECSuccess)
- goto loser;
- PORT_Assert((unsigned int)hash_size == dig_len);
-
- /* generate new state */
- HMAC_Begin(cx);
- HMAC_Update(cx, state, state_len);
- rv = HMAC_Finish(cx, state, &state_len, state_len);
- if (rv != SECSuccess)
- goto loser;
- PORT_Assert(state_len == dig_len);
- }
-
-loser:
- if (state != NULL)
- PORT_ZFree(state, state_len);
- HMAC_Destroy(cx);
-
- if(rv != SECSuccess) {
- SECITEM_ZfreeItem(ret_bits, PR_TRUE);
- ret_bits = NULL;
- }
-
- return ret_bits;
-}
-
-/* generate bits for the key and iv determination. if enough bits
- * are not generated using PKCS 5, then we need to generate more bits
- * based on the extension proposed in PKCS 12
- */
-static SECItem *
-nsspkcs5_PBKDF1Extended(const SECHashObject *hashObj,
- NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem, PRBool faulty3DES)
-{
- SECItem * hash = NULL;
- SECItem * newHash = NULL;
- int bytes_needed;
- int bytes_available;
-
- bytes_needed = pbe_param->ivLen + pbe_param->keyLen;
- bytes_available = hashObj->length;
-
- hash = nsspkcs5_PBKDF1(hashObj, &pbe_param->salt, pwitem,
- pbe_param->iter, faulty3DES);
-
- if(hash == NULL) {
- return NULL;
- }
-
- if(bytes_needed <= bytes_available) {
- return hash;
- }
-
- newHash = nsspkcs5_PFXPBE(hashObj, pbe_param, hash, bytes_needed);
- if (hash != newHash)
- SECITEM_FreeItem(hash, PR_TRUE);
- return newHash;
-}
-
-#ifdef PBKDF2
-
-/*
- * PBDKDF2 is PKCS #5 v2.0 it's currently not used by NSS
- */
-/*
- * We This is safe because hLen for all our
- * HMAC algorithms are multiples of 4.
- */
-static void
-xorbytes(unsigned char *dest, unsigned char *src, int len)
-{
-#ifdef PARANOIA
- while (len--) {
- *dest = *dest ^ *src;
- dest++;
- src++;
- }
-#else
- PRUInt32 dest32 = (PRUInt32 *)dest;
- PRUInt32 src32 = (PRUInt32 *)dest;
- while (len -= sizeof(PRUInt32)) {
- *dest32 = *dest32 ^ *src32;
- dest++;
- src++;
- }
-#endif
-}
-
-static SECStatus
-nsspkcs5_PBKFD2_F(const SECHashObject *hashobj, SECItem *pwitem, SECItem *salt,
- int iterations, unsigned int i, unsigned char *T)
-{
- int j;
- HMACContext *cx = NULL;
- unsigned int hLen = hashObject->length
- SECStatus rv = SECFailure;
- unsigned char *last = NULL;
- int lastLength = salt->len + 4;
-
- cx=HMAC_Create(hashobj,pwitem->data,pwitem->len);
- if (cx == NULL) {
- goto loser;
- }
- PORT_Memset(T,0,hLen);
- realLastLength= MAX(lastLength,hLen);
- last = PORT_Alloc(realLastLength);
- if (last == NULL) {
- goto loser;
- }
- PORT_Memcpy(last,salt.data,salt.len);
- last[salt->len ] = (i >> 24) & 0xff;
- last[salt->len+1] = (i >> 16) & 0xff;
- last[salt->len+2] = (i >> 8) & 0xff;
- last[salt->len+3] = i & 0xff;
-
- /* NOTE: we need at least one iteration to return success! */
- for (j=0; j < interations; j++) {
- rv =HMAC_Begin(cx);
- if (rv !=SECSuccess) {
- break;
- }
- HMAC_Update(cx,last,lastLength);
- rv =HMAC_Finish(cx,last,&lastLength,hLen);
- if (rv !=SECSuccess) {
- break;
- }
- do_xor(T,last,hLen);
- }
-loser:
- if (cx) {
- HMAC_DestroyContext(cx);
- }
- if (last) {
- PORT_ZFree(last,reaLastLength);
- }
- return rv;
-}
-
-static SECItem *
-nsspkcs5_PBKFD2(const SECHashObject *hashObj, NSSPKCS5PBEParameter *pbe_param,
- SECItem *pwitem)
-{
- unsigned int dkLen = bytesNeeded;
- unsigned int hLen = hashObject->length
- unsigned int l = (dkLen+hLen-1) / hLen;
- unsigned char *rp;
- SECItem *result;
- SECItem *salt = pbe_param->salt;
- int interations = pbe_param->iter;
- int bytesNeeded = pbe_param->keyLen;
-
- result = SECITEM_AllocItem(NULL,NULL,l*hLen);
- if (result == NULL) {
- return NULL;
- }
-
- T = PORT_Alloc(hLen);
- if (T == NULL) {
- goto loser;
- }
-
- for (i=0,rp=results->data; i < l ; i++, rp +=hLen) {
- rv = nsspkcs5_PBKFD2_F(hashobj,pwitem,salt,iterations,i,T);
- if (rv != SECSuccess) {
- break;
- }
- PORT_Memcpy(rp,T,hLen);
- }
-
-loser:
- if (T) {
- PORT_ZFree(T);
- }
- if (rv != SECSuccess) {
- SECITEM_FreeITEM(result,PR_TRUE);
- result = NULL;
- } else {
- result->len = dkLen;
- }
-
- return result;
-}
-#endif
-
-#define HMAC_BUFFER 64
-#define ROUNDUP(x,y) ((((x)+((y)-1))/(y))*(y))
-/*
- * This is the extended PBE function defined by the final PKCS #12 spec.
- */
-static SECItem *
-nsspkcs5_PKCS12PBE(const SECHashObject *hashObject,
- NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
- PBEBitGenID bitGenPurpose, unsigned int bytesNeeded)
-{
- PRArenaPool *arena = NULL;
- unsigned int SLen,PLen;
- unsigned int hashLength = hashObject->length;
- unsigned char *S, *P;
- SECItem *A = NULL, B, D, I;
- SECItem *salt = &pbe_param->salt;
- unsigned int c,i = 0;
- unsigned int hashLen, iter;
- unsigned char *iterBuf;
- void *hash = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if(!arena) {
- return NULL;
- }
-
- /* how many hash object lengths are needed */
- c = (bytesNeeded + (hashLength-1))/hashLength;
-
- /* initialize our buffers */
- D.len = HMAC_BUFFER;
- /* B and D are the same length, use one alloc go get both */
- D.data = (unsigned char*)PORT_ArenaZAlloc(arena, D.len*2);
- B.len = D.len;
- B.data = D.data + D.len;
-
- /* if all goes well, A will be returned, so don't use our temp arena */
- A = SECITEM_AllocItem(NULL,NULL,c*hashLength);
- if (A == NULL) {
- goto loser;
- }
-
- SLen = ROUNDUP(salt->len,HMAC_BUFFER);
- PLen = ROUNDUP(pwitem->len,HMAC_BUFFER);
- I.len = SLen+PLen;
- I.data = (unsigned char*)PORT_ArenaZAlloc(arena, I.len);
- if (I.data == NULL) {
- goto loser;
- }
-
- /* S & P are only used to initialize I */
- S = I.data;
- P = S + SLen;
-
- PORT_Memset(D.data, (char)bitGenPurpose, D.len);
- if (SLen) {
- unsigned int z = 0;
- while (z < SLen) {
- int amount = (z + salt->len > SLen) ? SLen - z : salt->len;
- PORT_Memcpy(S, salt->data, amount);
- z += salt->len;
- }
- }
- if (PLen) {
- unsigned int z = 0;
- while (z < PLen) {
- int amount = (z + pwitem->len > PLen) ? PLen - z : pwitem->len;
- PORT_Memcpy(P, pwitem->data, amount);
- z += pwitem->len;
- }
- }
-
- iterBuf = (unsigned char*)PORT_ArenaZAlloc(arena,hashLength);
- if (iterBuf == NULL) {
- goto loser;
- }
-
- hash = hashObject->create();
- if(!hash) {
- goto loser;
- }
- /* calculate the PBE now */
- for(i = 0; i < c; i++) {
- int Bidx; /* must be signed or the for loop won't terminate */
- unsigned int k, j;
- unsigned char *Ai = A->data+i*hashLength;
-
-
- for(iter = 0; iter < pbe_param->iter; iter++) {
- hashObject->begin(hash);
-
- if (iter) {
- hashObject->update(hash, iterBuf, hashLen);
- } else {
- hashObject->update(hash, D.data, D.len);
- hashObject->update(hash, I.data, I.len);
- }
-
- hashObject->end(hash, iterBuf, &hashLen, hashObject->length);
- if(hashLen != hashObject->length) {
- break;
- }
- }
-
- PORT_Memcpy(Ai, iterBuf, hashLength);
- for (Bidx = 0; Bidx < B.len; Bidx += hashLength) {
- PORT_Memcpy(B.data +Bidx, iterBuf,
- (((Bidx + hashLength) > B.len) ? (B.len - Bidx) :
- hashLength));
- }
-
- k = I.len/B.len;
- for(j = 0; j < k; j++) {
- unsigned int q, carryBit;
- unsigned char *Ij = I.data + j*B.len;
-
- /* (Ij = Ij+B+1) */
- for (Bidx = (B.len-1), q=1, carryBit=0; Bidx >= 0; Bidx--,q=0) {
- q += (unsigned int)Ij[Bidx];
- q += (unsigned int)B.data[Bidx];
- q += carryBit;
-
- carryBit = (q > 0xff);
- Ij[Bidx] = (unsigned char)(q & 0xff);
- }
- }
- }
-loser:
- if (hash) {
- hashObject->destroy(hash, PR_TRUE);
- }
- if(arena) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- /* if i != c, then we didn't complete the loop above and must of failed
- * somwhere along the way */
- if (i != c) {
- SECITEM_ZfreeItem(A,PR_TRUE);
- A = NULL;
- } else {
- A->len = bytesNeeded;
- }
-
- return A;
-}
-
-/*
- * generate key as per PKCS 5
- */
-SECItem *
-nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
- SECItem *iv, PRBool faulty3DES)
-{
- SECItem *hash = NULL, *key = NULL;
- const SECHashObject *hashObj;
- PRBool getIV = PR_FALSE;
-
- if((pbe_param == NULL) || (pwitem == NULL)) {
- return NULL;
- }
-
- key = SECITEM_AllocItem(NULL,NULL,pbe_param->keyLen);
- if (key == NULL) {
- return NULL;
- }
-
- if ((pbe_param->ivLen) && (iv->data == NULL)) {
- getIV = PR_TRUE;
- iv->data = (unsigned char *)PORT_Alloc(pbe_param->ivLen);
- if (iv->data == NULL) {
- goto loser;
- }
- iv->len = pbe_param->ivLen;
- }
-
- hashObj = &SECRawHashObjects[pbe_param->hashType];
- switch (pbe_param->pbeType) {
- case NSSPKCS5_PBKDF1:
- hash = nsspkcs5_PBKDF1Extended(hashObj,pbe_param,pwitem,faulty3DES);
- if (hash == NULL) {
- goto loser;
- }
- PORT_Assert(hash->len >= key->len+iv->len);
- if (getIV) {
- PORT_Memcpy(iv->data, hash->data+(hash->len - iv->len),iv->len);
- }
- break;
-#ifdef PBKDF2
- case NSSPKCS5_PBKDF2:
- hash = nsspkcs5_PBKDF2(hashObj,pbe_param,pwitem);
- PORT_Assert(!getIV);
- break;
-#endif
- case NSSPKCS5_PKCS12_V2:
- if (getIV) {
- hash = nsspkcs5_PKCS12PBE(hashObj,pbe_param,pwitem,
- pbeBitGenCipherIV,iv->len);
- if (hash == NULL) {
- goto loser;
- }
- PORT_Memcpy(iv->data,hash->data,iv->len);
- SECITEM_ZfreeItem(hash,PR_TRUE);
- hash = NULL;
- }
- hash = nsspkcs5_PKCS12PBE(hashObj,pbe_param,pwitem,
- pbe_param->keyID,key->len);
- default:
- break;
- }
-
- if (hash == NULL) {
- goto loser;
- }
-
- if (pbe_param->is2KeyDES) {
- PORT_Memcpy(key->data, hash->data, (key->len * 2) / 3);
- PORT_Memcpy(&(key->data[(key->len * 2) / 3]), key->data,
- key->len / 3);
- } else {
- PORT_Memcpy(key->data, hash->data, key->len);
- }
-
- SECITEM_FreeItem(hash, PR_TRUE);
- return key;
-
-loser:
- if (getIV && iv->data) {
- PORT_ZFree(iv->data,iv->len);
- iv->data = NULL;
- }
-
- SECITEM_ZfreeItem(key, PR_TRUE);
- return NULL;
-}
-
-static SECStatus
-nsspkcs5_FillInParam(SECOidTag algorithm, NSSPKCS5PBEParameter *pbe_param)
-{
- PRBool skipType = PR_FALSE;
-
- pbe_param->keyLen = 5;
- pbe_param->ivLen = 8;
- pbe_param->hashType = HASH_AlgSHA1;
- pbe_param->pbeType = NSSPKCS5_PBKDF1;
- pbe_param->encAlg = SEC_OID_RC2_CBC;
- pbe_param->is2KeyDES = PR_FALSE;
- switch(algorithm) {
- /* DES3 Algorithms */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC:
- pbe_param->is2KeyDES = PR_TRUE;
- /* fall through */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC:
- pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
- /* fall through */
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC:
- pbe_param->keyLen = 24;
- pbe_param->encAlg = SEC_OID_DES_EDE3_CBC;
- break;
-
- /* DES Algorithms */
- case SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC:
- pbe_param->hashType = HASH_AlgMD2;
- goto finish_des;
- case SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC:
- pbe_param->hashType = HASH_AlgMD5;
- /* fall through */
- case SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC:
-finish_des:
- pbe_param->keyLen = 8;
- pbe_param->encAlg = SEC_OID_DES_CBC;
- break;
-
- /* RC2 Algorithms */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- pbe_param->keyLen = 16;
- /* fall through */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
- break;
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC:
- pbe_param->keyLen = 16;
- /* fall through */
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC:
- break;
-
- /* RC4 algorithms */
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4:
- skipType = PR_TRUE;
- /* fall through */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4:
- pbe_param->keyLen = 16;
- /* fall through */
- case SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4:
- if (!skipType) {
- pbe_param->pbeType = NSSPKCS5_PKCS12_V2;
- }
- /* fall through */
- case SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4:
- pbe_param->ivLen = 0;
- pbe_param->encAlg = SEC_OID_RC4;
- break;
- default:
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/* decode the algid and generate a PKCS 5 parameter from it
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_NewParam(SECOidTag alg, SECItem *salt, int iterator)
-{
- PRArenaPool *arena = NULL;
- NSSPKCS5PBEParameter *pbe_param = NULL;
- SECStatus rv = SECFailure;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL)
- return NULL;
-
- /* allocate memory for the parameter */
- pbe_param = (NSSPKCS5PBEParameter *)PORT_ArenaZAlloc(arena,
- sizeof(NSSPKCS5PBEParameter));
-
- if (pbe_param == NULL) {
- goto loser;
- }
-
- pbe_param->poolp = arena;
-
- rv = nsspkcs5_FillInParam(alg, pbe_param);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- pbe_param->iter = iterator;
- if (salt) {
- rv = SECITEM_CopyItem(arena,&pbe_param->salt,salt);
- }
-
- /* default key gen */
- pbe_param->keyID = pbeBitGenCipherKey;
-
-loser:
- if (rv != SECSuccess) {
- PORT_FreeArena(arena, PR_TRUE);
- pbe_param = NULL;
- }
-
- return pbe_param;
-}
-
-/* decode the algid and generate a PKCS 5 parameter from it
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_AlgidToParam(SECAlgorithmID *algid)
-{
- NSSPKCS5PBEParameter *pbe_param = NULL;
- SECOidTag algorithm;
- SECStatus rv = SECFailure;
-
- if (algid == NULL) {
- return NULL;
- }
-
- algorithm = SECOID_GetAlgorithmTag(algid);
- if (algorithm == SEC_OID_UNKNOWN) {
- goto loser;
- }
-
- pbe_param = nsspkcs5_NewParam(algorithm, NULL, 1);
- if (pbe_param == NULL) {
- goto loser;
- }
-
- /* decode parameter */
- rv = SECFailure;
- switch (pbe_param->pbeType) {
- case NSSPKCS5_PBKDF1:
- rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param,
- NSSPKCS5PBEParameterTemplate, &algid->parameters);
- break;
- case NSSPKCS5_PKCS12_V2:
- rv = SEC_ASN1DecodeItem(pbe_param->poolp, pbe_param,
- NSSPKCS5PKCS12V2PBEParameterTemplate, &algid->parameters);
- break;
- case NSSPKCS5_PBKDF2:
- break;
- }
-
-loser:
- if (rv == SECSuccess) {
- pbe_param->iter = DER_GetInteger(&pbe_param->iteration);
- } else {
- nsspkcs5_DestroyPBEParameter(pbe_param);
- pbe_param = NULL;
- }
-
- return pbe_param;
-}
-
-/* destroy a pbe parameter. it assumes that the parameter was
- * generated using the appropriate create function and therefor
- * contains an arena pool.
- */
-void
-nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *pbe_param)
-{
- if (pbe_param != NULL) {
- PORT_FreeArena(pbe_param->poolp, PR_TRUE);
- }
-}
-
-
-/* crypto routines */
-/* perform DES encryption and decryption. these routines are called
- * by nsspkcs5_CipherData. In the case of an error, NULL is returned.
- */
-static SECItem *
-sec_pkcs5_des(SECItem *key, SECItem *iv, SECItem *src, PRBool triple_des,
- PRBool encrypt)
-{
- SECItem *dest;
- SECItem *dup_src;
- SECStatus rv = SECFailure;
- int pad;
-
- if((src == NULL) || (key == NULL) || (iv == NULL))
- return NULL;
-
- dup_src = SECITEM_DupItem(src);
- if(dup_src == NULL) {
- return NULL;
- }
-
- if(encrypt != PR_FALSE) {
- void *dummy;
-
- dummy = DES_PadBuffer(NULL, dup_src->data,
- dup_src->len, &dup_src->len);
- if(dummy == NULL) {
- SECITEM_FreeItem(dup_src, PR_TRUE);
- return NULL;
- }
- dup_src->data = (unsigned char*)dummy;
- }
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest != NULL) {
- /* allocate with over flow */
- dest->data = (unsigned char *)PORT_ZAlloc(dup_src->len + 64);
- if(dest->data != NULL) {
- DESContext *ctxt;
- ctxt = DES_CreateContext(key->data, iv->data,
- (triple_des ? NSS_DES_EDE3_CBC : NSS_DES_CBC),
- encrypt);
-
- if(ctxt != NULL) {
- rv = ((encrypt != PR_TRUE) ? DES_Decrypt : DES_Encrypt)(
- ctxt, dest->data, &dest->len,
- dup_src->len + 64, dup_src->data, dup_src->len);
-
- /* remove padding -- assumes 64 bit blocks */
- if((encrypt == PR_FALSE) && (rv == SECSuccess)) {
- pad = dest->data[dest->len-1];
- if((pad > 0) && (pad <= 8)) {
- if(dest->data[dest->len-pad] != pad) {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- } else {
- dest->len -= pad;
- }
- } else {
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- }
- }
- DES_DestroyContext(ctxt, PR_TRUE);
- }
- }
- }
-
- if(rv == SECFailure) {
- if(dest != NULL) {
- SECITEM_FreeItem(dest, PR_TRUE);
- }
- dest = NULL;
- }
-
- if(dup_src != NULL) {
- SECITEM_FreeItem(dup_src, PR_TRUE);
- }
-
- return dest;
-}
-
-/* perform rc2 encryption/decryption if an error occurs, NULL is returned
- */
-static SECItem *
-sec_pkcs5_rc2(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy,
- PRBool encrypt)
-{
- SECItem *dest;
- SECItem *dup_src;
- SECStatus rv = SECFailure;
- int pad;
-
- if((src == NULL) || (key == NULL) || (iv == NULL)) {
- return NULL;
- }
-
- dup_src = SECITEM_DupItem(src);
- if(dup_src == NULL) {
- return NULL;
- }
-
- if(encrypt != PR_FALSE) {
- void *dummy;
-
- dummy = DES_PadBuffer(NULL, dup_src->data,
- dup_src->len, &dup_src->len);
- if(dummy == NULL) {
- SECITEM_FreeItem(dup_src, PR_TRUE);
- return NULL;
- }
- dup_src->data = (unsigned char*)dummy;
- }
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest != NULL) {
- dest->data = (unsigned char *)PORT_ZAlloc(dup_src->len + 64);
- if(dest->data != NULL) {
- RC2Context *ctxt;
-
- ctxt = RC2_CreateContext(key->data, key->len, iv->data,
- NSS_RC2_CBC, key->len);
-
- if(ctxt != NULL) {
- rv = ((encrypt != PR_TRUE) ? RC2_Decrypt : RC2_Encrypt)(
- ctxt, dest->data, &dest->len,
- dup_src->len + 64, dup_src->data, dup_src->len);
-
- /* assumes 8 byte blocks -- remove padding */
- if((rv == SECSuccess) && (encrypt != PR_TRUE)) {
- pad = dest->data[dest->len-1];
- if((pad > 0) && (pad <= 8)) {
- if(dest->data[dest->len-pad] != pad) {
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECFailure;
- } else {
- dest->len -= pad;
- }
- } else {
- PORT_SetError(SEC_ERROR_BAD_PASSWORD);
- rv = SECFailure;
- }
- }
-
- }
- }
- }
-
- if((rv != SECSuccess) && (dest != NULL)) {
- SECITEM_FreeItem(dest, PR_TRUE);
- dest = NULL;
- }
-
- if(dup_src != NULL) {
- SECITEM_FreeItem(dup_src, PR_TRUE);
- }
-
- return dest;
-}
-
-/* perform rc4 encryption and decryption */
-static SECItem *
-sec_pkcs5_rc4(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy_op,
- PRBool encrypt)
-{
- SECItem *dest;
- SECStatus rv = SECFailure;
-
- if((src == NULL) || (key == NULL) || (iv == NULL)) {
- return NULL;
- }
-
- dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem));
- if(dest != NULL) {
- dest->data = (unsigned char *)PORT_ZAlloc(sizeof(unsigned char) *
- (src->len + 64));
- if(dest->data != NULL) {
- RC4Context *ctxt;
-
- ctxt = RC4_CreateContext(key->data, key->len);
- if(ctxt) {
- rv = ((encrypt != PR_FALSE) ? RC4_Decrypt : RC4_Encrypt)(
- ctxt, dest->data, &dest->len,
- src->len + 64, src->data, src->len);
- RC4_DestroyContext(ctxt, PR_TRUE);
- }
- }
- }
-
- if((rv != SECSuccess) && (dest)) {
- SECITEM_FreeItem(dest, PR_TRUE);
- dest = NULL;
- }
-
- return dest;
-}
-/* function pointer template for crypto functions */
-typedef SECItem *(* pkcs5_crypto_func)(SECItem *key, SECItem *iv,
- SECItem *src, PRBool op1, PRBool op2);
-
-/* performs the cipher operation on the src and returns the result.
- * if an error occurs, NULL is returned.
- *
- * a null length password is allowed. this corresponds to encrypting
- * the data with ust the salt.
- */
-/* change this to use PKCS 11? */
-SECItem *
-nsspkcs5_CipherData(NSSPKCS5PBEParameter *pbe_param, SECItem *pwitem,
- SECItem *src, PRBool encrypt, PRBool *update)
-{
- SECItem *key = NULL, iv;
- SECItem *dest = NULL;
- PRBool tripleDES = PR_TRUE;
- pkcs5_crypto_func cryptof;
-
- iv.data = NULL;
-
- if (update) {
- *update = PR_FALSE;
- }
-
- if ((pwitem == NULL) || (src == NULL)) {
- return NULL;
- }
-
- /* get key, and iv */
- key = nsspkcs5_ComputeKeyAndIV(pbe_param, pwitem, &iv, PR_FALSE);
- if(key == NULL) {
- return NULL;
- }
-
- switch(pbe_param->encAlg) {
- case SEC_OID_DES_EDE3_CBC:
- cryptof = sec_pkcs5_des;
- tripleDES = PR_TRUE;
- break;
- case SEC_OID_DES_CBC:
- cryptof = sec_pkcs5_des;
- tripleDES = PR_FALSE;
- break;
- case SEC_OID_RC2_CBC:
- cryptof = sec_pkcs5_rc2;
- break;
- case SEC_OID_RC4:
- cryptof = sec_pkcs5_rc4;
- break;
- default:
- cryptof = NULL;
- break;
- }
-
- if (cryptof == NULL) {
- goto loser;
- }
-
- dest = (*cryptof)(key, &iv, src, tripleDES, encrypt);
- /*
- * it's possible for some keys and keydb's to claim to
- * be triple des when they're really des. In this case
- * we simply try des. If des works we set the update flag
- * so the key db knows it needs to update all it's entries.
- * The case can only happen on decrypted of a
- * SEC_OID_DES_EDE3_CBD.
- */
- if ((dest == NULL) && (encrypt == PR_FALSE) &&
- (pbe_param->encAlg == SEC_OID_DES_EDE3_CBC)) {
- dest = (*cryptof)(key, &iv, src, PR_FALSE, encrypt);
- if (update && (dest != NULL)) *update = PR_TRUE;
- }
-
-loser:
- if (key != NULL) {
- SECITEM_ZfreeItem(key, PR_TRUE);
- }
- if (iv.data != NULL) {
- SECITEM_ZfreeItem(&iv, PR_FALSE);
- }
-
- return dest;
-}
-
-/* creates a algorithm ID containing the PBE algorithm and appropriate
- * parameters. the required parameter is the algorithm. if salt is
- * not specified, it is generated randomly. if IV is specified, it overrides
- * the PKCS 5 generation of the IV.
- *
- * the returned SECAlgorithmID should be destroyed using
- * SECOID_DestroyAlgorithmID
- */
-SECAlgorithmID *
-nsspkcs5_CreateAlgorithmID(PRArenaPool *arena, SECOidTag algorithm,
- NSSPKCS5PBEParameter *pbe_param)
-{
- SECAlgorithmID *algid, *ret_algid;
- SECItem der_param;
- SECStatus rv = SECFailure;
- void *dummy = NULL;
-
- if (arena == NULL) {
- return NULL;
- }
-
- der_param.data = NULL;
- der_param.len = 0;
-
- /* generate the algorithm id */
- algid = (SECAlgorithmID *)PORT_ArenaZAlloc(arena, sizeof(SECAlgorithmID));
- if (algid == NULL) {
- goto loser;
- }
-
- if (pbe_param->iteration.data == NULL) {
- dummy = SEC_ASN1EncodeInteger(pbe_param->poolp,&pbe_param->iteration,
- pbe_param->iter);
- if (dummy == NULL) {
- goto loser;
- }
- }
- switch (pbe_param->pbeType) {
- case NSSPKCS5_PBKDF1:
- dummy = SEC_ASN1EncodeItem(arena, &der_param, pbe_param,
- NSSPKCS5PBEParameterTemplate);
- break;
- case NSSPKCS5_PKCS12_V2:
- dummy = SEC_ASN1EncodeItem(arena, &der_param, pbe_param,
- NSSPKCS5PKCS12V2PBEParameterTemplate);
- break;
- default:
- break;
- }
-
- if (dummy == NULL) {
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(arena, algid, algorithm, &der_param);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- ret_algid = (SECAlgorithmID *)PORT_ZAlloc(sizeof(SECAlgorithmID));
- if (ret_algid == NULL) {
- goto loser;
- }
-
- rv = SECOID_CopyAlgorithmID(NULL, ret_algid, algid);
- if (rv != SECSuccess) {
- SECOID_DestroyAlgorithmID(ret_algid, PR_TRUE);
- ret_algid = NULL;
- }
-
-loser:
-
- return ret_algid;
-}
diff --git a/security/nss/lib/softoken/lowpbe.h b/security/nss/lib/softoken/lowpbe.h
deleted file mode 100644
index 8ddee11a6..000000000
--- a/security/nss/lib/softoken/lowpbe.h
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECPKCS5_H_
-#define _SECPKCS5_H_
-
-#include "plarena.h"
-#include "secitem.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "hasht.h"
-
-typedef SECItem * (* SEC_PKCS5GetPBEPassword)(void *arg);
-
-/* used for V2 PKCS 12 Draft Spec */
-typedef enum {
- pbeBitGenIDNull = 0,
- pbeBitGenCipherKey = 0x01,
- pbeBitGenCipherIV = 0x02,
- pbeBitGenIntegrityKey = 0x03
-} PBEBitGenID;
-
-typedef enum {
- NSSPKCS5_PBKDF1 = 0,
- NSSPKCS5_PBKDF2 = 1,
- NSSPKCS5_PKCS12_V2 = 2
-} NSSPKCS5PBEType;
-
-typedef struct NSSPKCS5PBEParameterStr NSSPKCS5PBEParameter;
-
-struct NSSPKCS5PBEParameterStr {
- PRArenaPool *poolp;
- SECItem salt; /* octet string */
- SECItem iteration; /* integer */
-
- /* used locally */
- int iter;
- int keyLen;
- int ivLen;
- HASH_HashType hashType;
- NSSPKCS5PBEType pbeType;
- PBEBitGenID keyID;
- SECOidTag encAlg;
- PRBool is2KeyDES;
-};
-
-
-SEC_BEGIN_PROTOS
-/* Create a PKCS5 Algorithm ID
- * The algorithm ID is set up using the PKCS #5 parameter structure
- * algorithm is the PBE algorithm ID for the desired algorithm
- * pbe is a pbe param block with all the info needed to create the
- * algorithm id.
- * If an error occurs or the algorithm specified is not supported
- * or is not a password based encryption algorithm, NULL is returned.
- * Otherwise, a pointer to the algorithm id is returned.
- */
-extern SECAlgorithmID *
-nsspkcs5_CreateAlgorithmID(PRArenaPool *arena, SECOidTag algorithm,
- NSSPKCS5PBEParameter *pbe);
-
-/*
- * Convert an Algorithm ID to a PBE Param.
- * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
- * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_AlgidToParam(SECAlgorithmID *algid);
-
-/*
- * Convert an Algorithm ID to a PBE Param.
- * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
- * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
- */
-NSSPKCS5PBEParameter *
-nsspkcs5_NewParam(SECOidTag alg, SECItem *salt, int iterator);
-
-
-/* Encrypt/Decrypt data using password based encryption.
- * algid is the PBE algorithm identifier,
- * pwitem is the password,
- * src is the source for encryption/decryption,
- * encrypt is PR_TRUE for encryption, PR_FALSE for decryption.
- * The key and iv are generated based upon PKCS #5 then the src
- * is either encrypted or decrypted. If an error occurs, NULL
- * is returned, otherwise the ciphered contents is returned.
- */
-extern SECItem *
-nsspkcs5_CipherData(NSSPKCS5PBEParameter *, SECItem *pwitem,
- SECItem *src, PRBool encrypt, PRBool *update);
-
-extern SECItem *
-nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *, SECItem *pwitem,
- SECItem *iv, PRBool faulty3DES);
-
-/* Destroys PBE parameter */
-extern void
-nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *param);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/softoken/manifest.mn b/security/nss/lib/softoken/manifest.mn
deleted file mode 100644
index d93f11515..000000000
--- a/security/nss/lib/softoken/manifest.mn
+++ /dev/null
@@ -1,86 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-MODULE = security
-
-REQUIRES = dbm
-
-LIBRARY_NAME = softokn
-LIBRARY_VERSION = 3
-MAPFILE = $(OBJDIR)/softokn.def
-
-#
-# turn this on to get key4 generation and use.
-#
-# key4.db is properly indexed so we don't have to do db traversals to find keys.
-# turning on key4.db will automatically upgrade to key4 on startup if we open
-# the directory R/W and key4.db doesn't exist. If we open the directory up
-# R/O it opens and used the old key3.db without any update at all.
-#
-#DEFINES += -DNSS_USE_KEY4_DB
-
-
-EXPORTS = \
- pkcs11.h \
- pkcs11f.h \
- pkcs11p.h \
- pkcs11t.h \
- pkcs11n.h \
- pkcs11u.h \
- $(NULL)
-
-PRIVATE_EXPORTS = \
- alghmac.h \
- pk11pars.h \
- pkcs11i.h \
- $(NULL)
-
-CSRCS = \
- alghmac.c \
- dbinit.c \
- fipstest.c \
- fipstokn.c \
- keydb.c \
- lowcert.c \
- lowkey.c \
- lowpbe.c \
- padbuf.c \
- pcertdb.c \
- pk11db.c \
- pkcs11.c \
- pkcs11c.c \
- pkcs11u.c \
- rawhash.c \
- rsawrapr.c \
- $(NULL)
diff --git a/security/nss/lib/softoken/padbuf.c b/security/nss/lib/softoken/padbuf.c
deleted file mode 100644
index a4e28947a..000000000
--- a/security/nss/lib/softoken/padbuf.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "blapit.h"
-#include "secport.h"
-#include "secerr.h"
-
-/*
- * Prepare a buffer for DES encryption, growing to the appropriate boundary,
- * filling with the appropriate padding.
- *
- * NOTE: If arena is non-NULL, we re-allocate from there, otherwise
- * we assume (and use) XP memory (re)allocation.
- */
-unsigned char *
-DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf, unsigned int inlen,
- unsigned int *outlen)
-{
- unsigned char *outbuf;
- unsigned int des_len;
- unsigned int i;
- unsigned char des_pad_len;
-
- /*
- * We need from 1 to DES_KEY_LENGTH bytes -- we *always* grow.
- * The extra bytes contain the value of the length of the padding:
- * if we have 2 bytes of padding, then the padding is "0x02, 0x02".
- */
- des_len = (inlen + DES_KEY_LENGTH) & ~(DES_KEY_LENGTH - 1);
-
- if (arena != NULL) {
- outbuf = (unsigned char*)PORT_ArenaGrow (arena, inbuf, inlen, des_len);
- } else {
- outbuf = (unsigned char*)PORT_Realloc (inbuf, des_len);
- }
-
- if (outbuf == NULL) {
- PORT_SetError (SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- des_pad_len = des_len - inlen;
- for (i = inlen; i < des_len; i++)
- outbuf[i] = des_pad_len;
-
- *outlen = des_len;
- return outbuf;
-}
diff --git a/security/nss/lib/softoken/pcert.h b/security/nss/lib/softoken/pcert.h
deleted file mode 100644
index 51a969f1a..000000000
--- a/security/nss/lib/softoken/pcert.h
+++ /dev/null
@@ -1,147 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _PCERTDB_H_
-#define _PCERTDB_H_
-
-#include "plarena.h"
-#include "prlong.h"
-#include "pcertt.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Add a DER encoded certificate to the permanent database.
-** "derCert" is the DER encoded certificate.
-** "nickname" is the nickname to use for the cert
-** "trust" is the trust parameters for the cert
-*/
-SECStatus nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *handle,
- NSSLOWCERTCertificate *cert,
- char *nickname, NSSLOWCERTCertTrust *trust);
-
-SECStatus nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert);
-
-typedef SECStatus (PR_CALLBACK * PermCertCallback)(NSSLOWCERTCertificate *cert,
- SECItem *k, void *pdata);
-/*
-** Traverse the entire permanent database, and pass the certs off to a
-** user supplied function.
-** "certfunc" is the user function to call for each certificate
-** "udata" is the user's data, which is passed through to "certfunc"
-*/
-SECStatus
-nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
- PermCertCallback certfunc,
- void *udata );
-
-PRBool
-nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle);
-
-SECItem *
-nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle, SECItem *crlKey,
- char **urlp, PRBool isKRL);
-
-SECStatus
-nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle,SECItem *derName,
- PRBool isKRL);
-SECStatus
-nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl ,
- SECItem *derKey, char *url, PRBool isKRL);
-
-NSSLOWCERTCertDBHandle *nsslowcert_GetDefaultCertDB();
-NSSLOWKEYPublicKey *nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *);
-
-NSSLOWCERTCertificate *
-nsslowcert_NewTempCertificate(NSSLOWCERTCertDBHandle *handle, SECItem *derCert,
- char *nickname, PRBool isperm, PRBool copyDER);
-NSSLOWCERTCertificate *
-nsslowcert_DupCertificate(NSSLOWCERTCertificate *cert);
-void nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert);
-
-/*
- * Lookup a certificate in the databases without locking
- * "certKey" is the database key to look for
- *
- * XXX - this should be internal, but pkcs 11 needs to call it during a
- * traversal.
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey);
-
-/*
-** Generate a certificate key from the issuer and serialnumber, then look it
-** up in the database. Return the cert if found.
-** "issuerAndSN" is the issuer and serial number to look for
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_FindCertByIssuerAndSN (NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN);
-
-/*
-** Find a certificate in the database by a DER encoded certificate
-** "derCert" is the DER encoded certificate
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
-
-/* convert an email address to lower case */
-char *nsslowcert_FixupEmailAddr(char *emailAddr);
-
-/*
-** Decode a DER encoded certificate into an NSSLOWCERTCertificate structure
-** "derSignedCert" is the DER encoded signed certificate
-** "copyDER" is true if the DER should be copied, false if the
-** existing copy should be referenced
-** "nickname" is the nickname to use in the database. If it is NULL
-** then a temporary nickname is generated.
-*/
-extern NSSLOWCERTCertificate *
-nsslowcert_DecodeDERCertificate (SECItem *derSignedCert, PRBool copyDER, char *nickname);
-
-SECStatus
-nsslowcert_KeyFromDERCert(PRArenaPool *arena, SECItem *derCert, SECItem *key);
-
-certDBEntrySMime *
-nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *certHandle,
- char *emailAddr);
-void
-nsslowcert_DestroyDBEntry(certDBEntry *entry);
-
-SECStatus
-nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
- NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile);
-
-
-SEC_END_PROTOS
-
- #endif /* _PCERTDB_H_ */
diff --git a/security/nss/lib/softoken/pcertdb.c b/security/nss/lib/softoken/pcertdb.c
deleted file mode 100644
index 8d62ffd5e..000000000
--- a/security/nss/lib/softoken/pcertdb.c
+++ /dev/null
@@ -1,4472 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Permanent Certificate database handling code
- *
- * $Id$
- */
-#include "prtime.h"
-
-#include "lowkeyti.h"
-#include "pcert.h"
-#include "mcom_db.h"
-#include "pcert.h"
-#include "secitem.h"
-#include "secder.h"
-
-/* Call to PK11_FreeSlot below */
-
-#include "secasn1.h"
-#include "secerr.h"
-#include "nssilock.h"
-#include "prmon.h"
-#include "nsslocks.h"
-#include "base64.h"
-#include "sechash.h"
-#include "plhash.h"
-
-#include "cdbhdl.h"
-
-/* forward declaration */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCertNoLocking(NSSLOWCERTCertDBHandle *handle, SECItem *derCert);
-
-/*
- * the following functions are wrappers for the db library that implement
- * a global lock to make the database thread safe.
- */
-static PZLock *dbLock = NULL;
-
-void
-certdb_InitDBLock(NSSLOWCERTCertDBHandle *handle)
-{
- if (dbLock == NULL) {
- nss_InitLock(&dbLock, nssILockCertDB);
- PORT_Assert(dbLock != NULL);
- }
-
- return;
-}
-
-/*
- * Acquire the global lock on the cert database.
- * This lock is currently used for the following operations:
- * adding or deleting a cert to either the temp or perm databases
- * converting a temp to perm or perm to temp
- * changing(maybe just adding????) the trust of a cert
- * chaning the DB status checking Configuration
- */
-static void
-nsslowcert_LockDB(NSSLOWCERTCertDBHandle *handle)
-{
- PZ_EnterMonitor(handle->dbMon);
- return;
-}
-
-/*
- * Free the global cert database lock.
- */
-static void
-nsslowcert_UnlockDB(NSSLOWCERTCertDBHandle *handle)
-{
- PRStatus prstat;
-
- prstat = PZ_ExitMonitor(handle->dbMon);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-static PZLock *certRefCountLock = NULL;
-
-/*
- * Acquire the cert reference count lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-nsslowcert_LockCertRefCount(NSSLOWCERTCertificate *cert)
-{
- if ( certRefCountLock == NULL ) {
- nss_InitLock(&certRefCountLock, nssILockRefLock);
- PORT_Assert(certRefCountLock != NULL);
- }
-
- PZ_Lock(certRefCountLock);
- return;
-}
-
-/*
- * Free the cert reference count lock
- */
-void
-nsslowcert_UnlockCertRefCount(NSSLOWCERTCertificate *cert)
-{
- PRStatus prstat;
-
- PORT_Assert(certRefCountLock != NULL);
-
- prstat = PZ_Unlock(certRefCountLock);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-static PZLock *certTrustLock = NULL;
-
-/*
- * Acquire the cert trust lock
- * There is currently one global lock for all certs, but I'm putting a cert
- * arg here so that it will be easy to make it per-cert in the future if
- * that turns out to be necessary.
- */
-void
-nsslowcert_LockCertTrust(NSSLOWCERTCertificate *cert)
-{
- if ( certTrustLock == NULL ) {
- nss_InitLock(&certTrustLock, nssILockCertDB);
- PORT_Assert(certTrustLock != NULL);
- }
-
- PZ_Lock(certTrustLock);
- return;
-}
-
-/*
- * Free the cert trust lock
- */
-void
-nsslowcert_UnlockCertTrust(NSSLOWCERTCertificate *cert)
-{
- PRStatus prstat;
-
- PORT_Assert(certTrustLock != NULL);
-
- prstat = PZ_Unlock(certTrustLock);
-
- PORT_Assert(prstat == PR_SUCCESS);
-
- return;
-}
-
-
-static int
-certdb_Get(DB *db, DBT *key, DBT *data, unsigned int flags)
-{
- PRStatus prstat;
- int ret;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->get)(db, key, data, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- return(ret);
-}
-
-static int
-certdb_Put(DB *db, DBT *key, DBT *data, unsigned int flags)
-{
- PRStatus prstat;
- int ret;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->put)(db, key, data, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- return(ret);
-}
-
-static int
-certdb_Sync(DB *db, unsigned int flags)
-{
- PRStatus prstat;
- int ret;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->sync)(db, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- return(ret);
-}
-
-static int
-certdb_Del(DB *db, DBT *key, unsigned int flags)
-{
- PRStatus prstat;
- int ret;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->del)(db, key, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- return(ret);
-}
-
-static int
-certdb_Seq(DB *db, DBT *key, DBT *data, unsigned int flags)
-{
- PRStatus prstat;
- int ret;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- ret = (* db->seq)(db, key, data, flags);
-
- prstat = PZ_Unlock(dbLock);
-
- return(ret);
-}
-
-static void
-certdb_Close(DB *db)
-{
- PRStatus prstat;
-
- PORT_Assert(dbLock != NULL);
- PZ_Lock(dbLock);
-
- (* db->close)(db);
-
- prstat = PZ_Unlock(dbLock);
-
- return;
-}
-
-/* forward references */
-static void nsslowcert_DestroyCertificateNoLocking(NSSLOWCERTCertificate *cert);
-
-static SECStatus
-DeleteDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryType type, SECItem *dbkey)
-{
- DBT key;
- int ret;
-
- /* init the database key */
- key.data = dbkey->data;
- key.size = dbkey->len;
-
- dbkey->data[0] = (unsigned char)type;
-
- /* delete entry from database */
- ret = certdb_Del(handle->permCertDB, &key, 0 );
- if ( ret != 0 ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- ret = certdb_Sync(handle->permCertDB, 0);
- if ( ret ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-ReadDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCommon *entry,
- SECItem *dbkey, SECItem *dbentry, PRArenaPool *arena)
-{
- DBT data, key;
- int ret;
- unsigned char *buf;
-
- /* init the database key */
- key.data = dbkey->data;
- key.size = dbkey->len;
-
- dbkey->data[0] = (unsigned char)entry->type;
-
- /* read entry from database */
- ret = certdb_Get(handle->permCertDB, &key, &data, 0 );
- if ( ret != 0 ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* validate the entry */
- if ( data.size < SEC_DB_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
- buf = (unsigned char *)data.data;
- if ( buf[0] != (unsigned char)CERT_DB_FILE_VERSION ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
- if ( buf[1] != (unsigned char)entry->type ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* copy out header information */
- entry->version = (unsigned int)buf[0];
- entry->type = (certDBEntryType)buf[1];
- entry->flags = (unsigned int)buf[2];
-
- /* format body of entry for return to caller */
- dbentry->len = data.size - SEC_DB_ENTRY_HEADER_LEN;
- if ( dbentry->len ) {
- dbentry->data = (unsigned char *)PORT_ArenaAlloc(arena, dbentry->len);
- if ( dbentry->data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- PORT_Memcpy(dbentry->data, &buf[SEC_DB_ENTRY_HEADER_LEN],
- dbentry->len);
- } else {
- dbentry->data = NULL;
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/**
- ** Implement low level database access
- **/
-static SECStatus
-WriteDBEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCommon *entry,
- SECItem *dbkey, SECItem *dbentry)
-{
- int ret;
- DBT data, key;
- unsigned char *buf;
-
- data.data = dbentry->data;
- data.size = dbentry->len;
-
- buf = (unsigned char*)data.data;
-
- buf[0] = (unsigned char)entry->version;
- buf[1] = (unsigned char)entry->type;
- buf[2] = (unsigned char)entry->flags;
-
- key.data = dbkey->data;
- key.size = dbkey->len;
-
- dbkey->data[0] = (unsigned char)entry->type;
-
- /* put the record into the database now */
- ret = certdb_Put(handle->permCertDB, &key, &data, 0);
-
- if ( ret != 0 ) {
- goto loser;
- }
-
- ret = certdb_Sync( handle->permCertDB, 0 );
-
- if ( ret ) {
- goto loser;
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * encode a database cert record
- */
-static SECStatus
-EncodeDBCertEntry(certDBEntryCert *entry, PRArenaPool *arena, SECItem *dbitem)
-{
- unsigned int nnlen;
- unsigned char *buf;
- char *nn;
- char zbuf = 0;
-
- if ( entry->nickname ) {
- nn = entry->nickname;
- } else {
- nn = &zbuf;
- }
- nnlen = PORT_Strlen(nn) + 1;
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = entry->derCert.len + nnlen + DB_CERT_ENTRY_HEADER_LEN +
- SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( entry->trust.sslFlags >> 8 ) & 0xff;
- buf[1] = entry->trust.sslFlags & 0xff;
- buf[2] = ( entry->trust.emailFlags >> 8 ) & 0xff;
- buf[3] = entry->trust.emailFlags & 0xff;
- buf[4] = ( entry->trust.objectSigningFlags >> 8 ) & 0xff;
- buf[5] = entry->trust.objectSigningFlags & 0xff;
- buf[6] = ( entry->derCert.len >> 8 ) & 0xff;
- buf[7] = entry->derCert.len & 0xff;
- buf[8] = ( nnlen >> 8 ) & 0xff;
- buf[9] = nnlen & 0xff;
-
- PORT_Memcpy(&buf[DB_CERT_ENTRY_HEADER_LEN], entry->derCert.data,
- entry->derCert.len);
-
- PORT_Memcpy(&buf[DB_CERT_ENTRY_HEADER_LEN + entry->derCert.len],
- nn, nnlen);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * encode a database key for a cert record
- */
-static SECStatus
-EncodeDBCertKey(SECItem *certKey, PRArenaPool *arena, SECItem *dbkey)
-{
- dbkey->len = certKey->len + SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN],
- certKey->data, certKey->len);
- dbkey->data[0] = certDBEntryTypeCert;
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-EncodeDBGenericKey(SECItem *certKey, PRArenaPool *arena, SECItem *dbkey,
- certDBEntryType entryType)
-{
- /*
- * we only allow _one_ KRL key!
- */
- if (entryType == certDBEntryTypeKeyRevocation) {
- dbkey->len = SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- dbkey->data[0] = (unsigned char) entryType;
- return(SECSuccess);
- }
-
-
- dbkey->len = certKey->len + SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN],
- certKey->data, certKey->len);
- dbkey->data[0] = (unsigned char) entryType;
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-DecodeDBCertEntry(certDBEntryCert *entry, SECItem *dbentry)
-{
- unsigned int nnlen;
- int headerlen;
- int lenoff;
-
- /* allow updates of old versions of the database */
- switch ( entry->common.version ) {
- case 5:
- headerlen = DB_CERT_V5_ENTRY_HEADER_LEN;
- lenoff = 3;
- break;
- case 6:
- /* should not get here */
- PORT_Assert(0);
- headerlen = DB_CERT_V6_ENTRY_HEADER_LEN;
- lenoff = 3;
- break;
- case 7:
- headerlen = DB_CERT_ENTRY_HEADER_LEN;
- lenoff = 6;
- break;
- default:
- /* better not get here */
- PORT_Assert(0);
- headerlen = DB_CERT_V5_ENTRY_HEADER_LEN;
- lenoff = 3;
- break;
- }
-
- /* is record long enough for header? */
- if ( dbentry->len < headerlen ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* is database entry correct length? */
- entry->derCert.len = ( ( dbentry->data[lenoff] << 8 ) |
- dbentry->data[lenoff+1] );
- nnlen = ( ( dbentry->data[lenoff+2] << 8 ) | dbentry->data[lenoff+3] );
- if ( ( entry->derCert.len + nnlen + headerlen )
- != dbentry->len) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* copy the dercert */
- entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->derCert.len);
- if ( entry->derCert.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->derCert.data, &dbentry->data[headerlen],
- entry->derCert.len);
-
- /* copy the nickname */
- if ( nnlen > 1 ) {
- entry->nickname = (char *)PORT_ArenaAlloc(entry->common.arena, nnlen);
- if ( entry->nickname == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->nickname,
- &dbentry->data[headerlen +
- entry->derCert.len],
- nnlen);
- } else {
- entry->nickname = NULL;
- }
-
- if ( entry->common.version < 7 ) {
- /* allow updates of v5 db */
- entry->trust.sslFlags = dbentry->data[0];
- entry->trust.emailFlags = dbentry->data[1];
- entry->trust.objectSigningFlags = dbentry->data[2];
- } else {
- entry->trust.sslFlags = ( dbentry->data[0] << 8 ) | dbentry->data[1];
- entry->trust.emailFlags = ( dbentry->data[2] << 8 ) | dbentry->data[3];
- entry->trust.objectSigningFlags =
- ( dbentry->data[4] << 8 ) | dbentry->data[5];
- }
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-
-/*
- * Create a new certDBEntryCert from existing data
- */
-static certDBEntryCert *
-NewDBCertEntry(SECItem *derCert, char *nickname,
- NSSLOWCERTCertTrust *trust, int flags)
-{
- certDBEntryCert *entry;
- PRArenaPool *arena = NULL;
- int nnlen;
-
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
-
- if ( !arena ) {
- goto loser;
- }
-
- entry = (certDBEntryCert *)PORT_ArenaZAlloc(arena, sizeof(certDBEntryCert));
-
- if ( entry == NULL ) {
- goto loser;
- }
-
- /* fill in the dbCert */
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeCert;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- if ( trust ) {
- entry->trust = *trust;
- }
-
- entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(arena, derCert->len);
- if ( !entry->derCert.data ) {
- goto loser;
- }
- entry->derCert.len = derCert->len;
- PORT_Memcpy(entry->derCert.data, derCert->data, derCert->len);
-
- nnlen = ( nickname ? strlen(nickname) + 1 : 0 );
-
- if ( nnlen ) {
- entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
- if ( !entry->nickname ) {
- goto loser;
- }
- PORT_Memcpy(entry->nickname, nickname, nnlen);
-
- } else {
- entry->nickname = 0;
- }
-
- return(entry);
-
-loser:
-
- /* allocation error, free arena and return */
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(0);
-}
-
-/*
- * Decode a version 4 DBCert from the byte stream database format
- * and construct a current database entry struct
- */
-static certDBEntryCert *
-DecodeV4DBCertEntry(unsigned char *buf, int len)
-{
- certDBEntryCert *entry;
- int certlen;
- int nnlen;
- PRArenaPool *arena;
-
- /* make sure length is at least long enough for the header */
- if ( len < DBCERT_V4_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(0);
- }
-
- /* get other lengths */
- certlen = buf[3] << 8 | buf[4];
- nnlen = buf[5] << 8 | buf[6];
-
- /* make sure DB entry is the right size */
- if ( ( certlen + nnlen + DBCERT_V4_HEADER_LEN ) != len ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(0);
- }
-
- /* allocate arena */
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
-
- if ( !arena ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(0);
- }
-
- /* allocate structure and members */
- entry = (certDBEntryCert *) PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
-
- if ( !entry ) {
- goto loser;
- }
-
- entry->derCert.data = (unsigned char *)PORT_ArenaAlloc(arena, certlen);
- if ( !entry->derCert.data ) {
- goto loser;
- }
- entry->derCert.len = certlen;
-
- if ( nnlen ) {
- entry->nickname = (char *) PORT_ArenaAlloc(arena, nnlen);
- if ( !entry->nickname ) {
- goto loser;
- }
- } else {
- entry->nickname = 0;
- }
-
- entry->common.arena = arena;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.type = certDBEntryTypeCert;
- entry->common.flags = 0;
- entry->trust.sslFlags = buf[0];
- entry->trust.emailFlags = buf[1];
- entry->trust.objectSigningFlags = buf[2];
-
- PORT_Memcpy(entry->derCert.data, &buf[DBCERT_V4_HEADER_LEN], certlen);
- PORT_Memcpy(entry->nickname, &buf[DBCERT_V4_HEADER_LEN + certlen], nnlen);
-
- if (PORT_Strcmp(entry->nickname,"Server-Cert") == 0) {
- entry->trust.sslFlags |= CERTDB_USER;
- }
-
- return(entry);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(0);
-}
-
-/*
- * Encode a Certificate database entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBCertEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECItem tmpitem;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBCertEntry(entry, tmparena, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* get the database key and format it */
- rv = nsslowcert_KeyFromDERCert(tmparena, &entry->derCert, &tmpitem);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = EncodeDBCertKey(&tmpitem, tmparena, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-}
-
-
-/*
- * delete a certificate entry
- */
-static SECStatus
-DeleteDBCertEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
- SECItem dbkey;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBCertKey(certKey, arena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, certDBEntryTypeCert, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(SECFailure);
-}
-
-/*
- * Read a certificate entry
- */
-static certDBEntryCert *
-ReadDBCertEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntryCert *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryCert *)PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeCert;
-
- rv = EncodeDBCertKey(certKey, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = DecodeDBCertEntry(entry, &dbentry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * encode a database cert record
- */
-static SECStatus
-EncodeDBCrlEntry(certDBEntryRevocation *entry, PRArenaPool *arena, SECItem *dbitem)
-{
- unsigned int nnlen = 0;
- unsigned char *buf;
-
- if (entry->url) {
- nnlen = PORT_Strlen(entry->url) + 1;
- }
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = entry->derCrl.len + nnlen
- + SEC_DB_ENTRY_HEADER_LEN + DB_CRL_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( entry->derCrl.len >> 8 ) & 0xff;
- buf[1] = entry->derCrl.len & 0xff;
- buf[2] = ( nnlen >> 8 ) & 0xff;
- buf[3] = nnlen & 0xff;
-
- PORT_Memcpy(&buf[DB_CRL_ENTRY_HEADER_LEN], entry->derCrl.data,
- entry->derCrl.len);
-
- if (nnlen != 0) {
- PORT_Memcpy(&buf[DB_CRL_ENTRY_HEADER_LEN + entry->derCrl.len],
- entry->url, nnlen);
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-DecodeDBCrlEntry(certDBEntryRevocation *entry, SECItem *dbentry)
-{
- unsigned int nnlen;
-
- /* is record long enough for header? */
- if ( dbentry->len < DB_CRL_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* is database entry correct length? */
- entry->derCrl.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
- nnlen = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
- if ( ( entry->derCrl.len + nnlen + DB_CRL_ENTRY_HEADER_LEN )
- != dbentry->len) {
- /* CRL entry is greater than 64 K. Hack to make this continue to work */
- if (dbentry->len >= (0xffff - DB_CRL_ENTRY_HEADER_LEN) - nnlen) {
- entry->derCrl.len =
- (dbentry->len - DB_CRL_ENTRY_HEADER_LEN) - nnlen;
- } else {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
- }
-
- /* copy the dercert */
- entry->derCrl.data = (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->derCrl.len);
- if ( entry->derCrl.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->derCrl.data, &dbentry->data[DB_CRL_ENTRY_HEADER_LEN],
- entry->derCrl.len);
-
- /* copy the url */
- entry->url = NULL;
- if (nnlen != 0) {
- entry->url = (char *)PORT_ArenaAlloc(entry->common.arena, nnlen);
- if ( entry->url == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->url,
- &dbentry->data[DB_CRL_ENTRY_HEADER_LEN + entry->derCrl.len],
- nnlen);
- }
-
- return(SECSuccess);
-loser:
- return(SECFailure);
-}
-
-/*
- * Create a new certDBEntryRevocation from existing data
- */
-static certDBEntryRevocation *
-NewDBCrlEntry(SECItem *derCrl, char * url, certDBEntryType crlType, int flags)
-{
- certDBEntryRevocation *entry;
- PRArenaPool *arena = NULL;
- int nnlen;
-
- arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
-
- if ( !arena ) {
- goto loser;
- }
-
- entry = (certDBEntryRevocation*)
- PORT_ArenaZAlloc(arena, sizeof(certDBEntryRevocation));
-
- if ( entry == NULL ) {
- goto loser;
- }
-
- /* fill in the dbRevolcation */
- entry->common.arena = arena;
- entry->common.type = crlType;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
-
- entry->derCrl.data = (unsigned char *)PORT_ArenaAlloc(arena, derCrl->len);
- if ( !entry->derCrl.data ) {
- goto loser;
- }
-
- if (url) {
- nnlen = PORT_Strlen(url) + 1;
- entry->url = (char *)PORT_ArenaAlloc(arena, nnlen);
- if ( !entry->url ) {
- goto loser;
- }
- PORT_Memcpy(entry->url, url, nnlen);
- } else {
- entry->url = NULL;
- }
-
-
- entry->derCrl.len = derCrl->len;
- PORT_Memcpy(entry->derCrl.data, derCrl->data, derCrl->len);
-
- return(entry);
-
-loser:
-
- /* allocation error, free arena and return */
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return(0);
-}
-
-
-static SECStatus
-WriteDBCrlEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryRevocation *entry,
- SECItem *crlKey )
-{
- SECItem dbkey;
- PRArenaPool *tmparena = NULL;
- SECItem encodedEntry;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBCrlEntry(entry, tmparena, &encodedEntry);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = EncodeDBGenericKey(crlKey, tmparena, &dbkey, entry->common.type);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &encodedEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-}
-/*
- * delete a crl entry
- */
-static SECStatus
-DeleteDBCrlEntry(NSSLOWCERTCertDBHandle *handle, SECItem *crlKey,
- certDBEntryType crlType)
-{
- SECItem dbkey;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBGenericKey(crlKey, arena, &dbkey, crlType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, crlType, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(SECFailure);
-}
-
-/*
- * Read a certificate entry
- */
-static certDBEntryRevocation *
-ReadDBCrlEntry(NSSLOWCERTCertDBHandle *handle, SECItem *certKey,
- certDBEntryType crlType)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntryRevocation *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryRevocation *)
- PORT_ArenaAlloc(arena, sizeof(certDBEntryRevocation));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = crlType;
-
- rv = EncodeDBGenericKey(certKey, tmparena, &dbkey, crlType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = DecodeDBCrlEntry(entry, &dbentry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * destroy a database entry
- */
-static void
-DestroyDBEntry(certDBEntry *entry)
-{
- PRArenaPool *arena = entry->common.arena;
-
- /* Zero out the entry struct, so that any further attempts to use it
- * will cause an exception (e.g. null pointer reference). */
- PORT_Memset(&entry->common, 0, sizeof entry->common);
- PORT_FreeArena(arena, PR_FALSE);
-
- return;
-}
-
-void
-nsslowcert_DestroyDBEntry(certDBEntry *entry)
-{
- DestroyDBEntry(entry);
- return;
-}
-
-/*
- * Encode a database nickname record
- */
-static SECStatus
-EncodeDBNicknameEntry(certDBEntryNickname *entry, PRArenaPool *arena,
- SECItem *dbitem)
-{
- unsigned char *buf;
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN +
- SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( entry->subjectName.len >> 8 ) & 0xff;
- buf[1] = entry->subjectName.len & 0xff;
-
- PORT_Memcpy(&buf[DB_NICKNAME_ENTRY_HEADER_LEN], entry->subjectName.data,
- entry->subjectName.len);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Encode a database key for a nickname record
- */
-static SECStatus
-EncodeDBNicknameKey(char *nickname, PRArenaPool *arena,
- SECItem *dbkey)
-{
- unsigned int nnlen;
-
- nnlen = PORT_Strlen(nickname) + 1; /* includes null */
-
- /* now get the database key and format it */
- dbkey->len = nnlen + SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], nickname, nnlen);
- dbkey->data[0] = certDBEntryTypeNickname;
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-DecodeDBNicknameEntry(certDBEntryNickname *entry, SECItem *dbentry,
- char *nickname)
-{
- /* is record long enough for header? */
- if ( dbentry->len < DB_NICKNAME_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* is database entry correct length? */
- entry->subjectName.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
- if (( entry->subjectName.len + DB_NICKNAME_ENTRY_HEADER_LEN ) !=
- dbentry->len ){
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* copy the certkey */
- entry->subjectName.data =
- (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->subjectName.len);
- if ( entry->subjectName.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->subjectName.data,
- &dbentry->data[DB_NICKNAME_ENTRY_HEADER_LEN],
- entry->subjectName.len);
-
- entry->nickname = (char *)PORT_ArenaAlloc(entry->common.arena,
- PORT_Strlen(nickname)+1);
- if ( entry->nickname ) {
- PORT_Strcpy(entry->nickname, nickname);
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * create a new nickname entry
- */
-static certDBEntryNickname *
-NewDBNicknameEntry(char *nickname, SECItem *subjectName, unsigned int flags)
-{
- PRArenaPool *arena = NULL;
- certDBEntryNickname *entry;
- int nnlen;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryNickname *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntryNickname));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* init common fields */
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeNickname;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- /* copy the nickname */
- nnlen = PORT_Strlen(nickname) + 1;
-
- entry->nickname = (char*)PORT_ArenaAlloc(arena, nnlen);
- if ( entry->nickname == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(entry->nickname, nickname, nnlen);
-
- rv = SECITEM_CopyItem(arena, &entry->subjectName, subjectName);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- return(entry);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * delete a nickname entry
- */
-static SECStatus
-DeleteDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, char *nickname)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- SECItem dbkey;
-
- if ( nickname == NULL ) {
- return(SECSuccess);
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBNicknameKey(nickname, arena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, certDBEntryTypeNickname, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(SECFailure);
-}
-
-/*
- * Read a nickname entry
- */
-static certDBEntryNickname *
-ReadDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, char *nickname)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntryNickname *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryNickname *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntryNickname));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeNickname;
-
- rv = EncodeDBNicknameKey(nickname, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- /* is record long enough for header? */
- if ( dbentry.len < DB_NICKNAME_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- rv = DecodeDBNicknameEntry(entry, &dbentry, nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * Encode a nickname entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBNicknameEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryNickname *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBNicknameEntry(entry, tmparena, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = EncodeDBNicknameKey(entry->nickname, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-
-}
-
-SECStatus
-EncodeDBSMimeEntry(certDBEntrySMime *entry, PRArenaPool *arena,
- SECItem *dbitem)
-{
- unsigned char *buf;
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = entry->subjectName.len + entry->smimeOptions.len +
- entry->optionsDate.len +
- DB_SMIME_ENTRY_HEADER_LEN + SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( entry->subjectName.len >> 8 ) & 0xff;
- buf[1] = entry->subjectName.len & 0xff;
- buf[2] = ( entry->smimeOptions.len >> 8 ) & 0xff;
- buf[3] = entry->smimeOptions.len & 0xff;
- buf[4] = ( entry->optionsDate.len >> 8 ) & 0xff;
- buf[5] = entry->optionsDate.len & 0xff;
-
- /* if no smime options, then there should not be an options date either */
- PORT_Assert( ! ( ( entry->smimeOptions.len == 0 ) &&
- ( entry->optionsDate.len != 0 ) ) );
-
- PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN], entry->subjectName.data,
- entry->subjectName.len);
- if ( entry->smimeOptions.len ) {
- PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN+entry->subjectName.len],
- entry->smimeOptions.data,
- entry->smimeOptions.len);
- PORT_Memcpy(&buf[DB_SMIME_ENTRY_HEADER_LEN + entry->subjectName.len +
- entry->smimeOptions.len],
- entry->optionsDate.data,
- entry->optionsDate.len);
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Encode a database key for a SMIME record
- */
-static SECStatus
-EncodeDBSMimeKey(char *emailAddr, PRArenaPool *arena,
- SECItem *dbkey)
-{
- unsigned int addrlen;
-
- addrlen = PORT_Strlen(emailAddr) + 1; /* includes null */
-
- /* now get the database key and format it */
- dbkey->len = addrlen + SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], emailAddr, addrlen);
- dbkey->data[0] = certDBEntryTypeSMimeProfile;
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Decode a database SMIME record
- */
-static SECStatus
-DecodeDBSMimeEntry(certDBEntrySMime *entry, SECItem *dbentry, char *emailAddr)
-{
- /* is record long enough for header? */
- if ( dbentry->len < DB_SMIME_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* is database entry correct length? */
- entry->subjectName.len = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
- entry->smimeOptions.len = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
- entry->optionsDate.len = ( ( dbentry->data[4] << 8 ) | dbentry->data[5] );
- if (( entry->subjectName.len + entry->smimeOptions.len +
- entry->optionsDate.len + DB_SMIME_ENTRY_HEADER_LEN ) != dbentry->len){
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- /* copy the subject name */
- entry->subjectName.data =
- (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->subjectName.len);
- if ( entry->subjectName.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->subjectName.data,
- &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN],
- entry->subjectName.len);
-
- /* copy the smime options */
- if ( entry->smimeOptions.len ) {
- entry->smimeOptions.data =
- (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->smimeOptions.len);
- if ( entry->smimeOptions.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->smimeOptions.data,
- &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN +
- entry->subjectName.len],
- entry->smimeOptions.len);
- }
- if ( entry->optionsDate.len ) {
- entry->optionsDate.data =
- (unsigned char *)PORT_ArenaAlloc(entry->common.arena,
- entry->optionsDate.len);
- if ( entry->optionsDate.data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->optionsDate.data,
- &dbentry->data[DB_SMIME_ENTRY_HEADER_LEN +
- entry->subjectName.len +
- entry->smimeOptions.len],
- entry->optionsDate.len);
- }
-
- /* both options and options date must either exist or not exist */
- if ( ( ( entry->optionsDate.len == 0 ) ||
- ( entry->smimeOptions.len == 0 ) ) &&
- entry->smimeOptions.len != entry->optionsDate.len ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- entry->emailAddr = (char *)PORT_Alloc(PORT_Strlen(emailAddr)+1);
- if ( entry->emailAddr ) {
- PORT_Strcpy(entry->emailAddr, emailAddr);
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * create a new SMIME entry
- */
-static certDBEntrySMime *
-NewDBSMimeEntry(char *emailAddr, SECItem *subjectName, SECItem *smimeOptions,
- SECItem *optionsDate, unsigned int flags)
-{
- PRArenaPool *arena = NULL;
- certDBEntrySMime *entry;
- int addrlen;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntrySMime *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntrySMime));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* init common fields */
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeSMimeProfile;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- /* copy the email addr */
- addrlen = PORT_Strlen(emailAddr) + 1;
-
- entry->emailAddr = (char*)PORT_ArenaAlloc(arena, addrlen);
- if ( entry->emailAddr == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(entry->emailAddr, emailAddr, addrlen);
-
- /* copy the subject name */
- rv = SECITEM_CopyItem(arena, &entry->subjectName, subjectName);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* copy the smime options */
- if ( smimeOptions ) {
- rv = SECITEM_CopyItem(arena, &entry->smimeOptions, smimeOptions);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- } else {
- PORT_Assert(optionsDate == NULL);
- entry->smimeOptions.data = NULL;
- entry->smimeOptions.len = 0;
- }
-
- /* copy the options date */
- if ( optionsDate ) {
- rv = SECITEM_CopyItem(arena, &entry->optionsDate, optionsDate);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- } else {
- PORT_Assert(smimeOptions == NULL);
- entry->optionsDate.data = NULL;
- entry->optionsDate.len = 0;
- }
-
- return(entry);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * delete a SMIME entry
- */
-static SECStatus
-DeleteDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, char *emailAddr)
-{
- PRArenaPool *arena = NULL;
- SECStatus rv;
- SECItem dbkey;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBSMimeKey(emailAddr, arena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, certDBEntryTypeSMimeProfile, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(SECFailure);
-}
-
-/*
- * Read a SMIME entry
- */
-certDBEntrySMime *
-nsslowcert_ReadDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, char *emailAddr)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntrySMime *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntrySMime *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntrySMime));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeSMimeProfile;
-
- rv = EncodeDBSMimeKey(emailAddr, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- /* is record long enough for header? */
- if ( dbentry.len < DB_SMIME_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- rv = DecodeDBSMimeEntry(entry, &dbentry, emailAddr);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * Encode a SMIME entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBSMimeEntry(NSSLOWCERTCertDBHandle *handle, certDBEntrySMime *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBSMimeEntry(entry, tmparena, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = EncodeDBSMimeKey(entry->emailAddr, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-
-}
-
-/*
- * Encode a database subject record
- */
-static SECStatus
-EncodeDBSubjectEntry(certDBEntrySubject *entry, PRArenaPool *arena,
- SECItem *dbitem)
-{
- unsigned char *buf;
- int len;
- unsigned int ncerts;
- unsigned int i;
- unsigned char *tmpbuf;
- unsigned int nnlen = 0;
- unsigned int eaddrlen = 0;
- int keyidoff;
- SECItem *certKeys;
- SECItem *keyIDs;
-
- if ( entry->nickname ) {
- nnlen = PORT_Strlen(entry->nickname) + 1;
- }
- if ( entry->emailAddr ) {
- eaddrlen = PORT_Strlen(entry->emailAddr) + 1;
- }
-
- ncerts = entry->ncerts;
-
- /* compute the length of the entry */
- keyidoff = DB_SUBJECT_ENTRY_HEADER_LEN + nnlen + eaddrlen;
- len = keyidoff + 4 * ncerts;
- for ( i = 0; i < ncerts; i++ ) {
- len += entry->certKeys[i].len;
- len += entry->keyIDs[i].len;
- }
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem->len = len + SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem->data = (unsigned char *)PORT_ArenaAlloc(arena, dbitem->len);
- if ( dbitem->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* fill in database record */
- buf = &dbitem->data[SEC_DB_ENTRY_HEADER_LEN];
-
- buf[0] = ( ncerts >> 8 ) & 0xff;
- buf[1] = ncerts & 0xff;
- buf[2] = ( nnlen >> 8 ) & 0xff;
- buf[3] = nnlen & 0xff;
- buf[4] = ( eaddrlen >> 8 ) & 0xff;
- buf[5] = eaddrlen & 0xff;
-
- PORT_Memcpy(&buf[DB_SUBJECT_ENTRY_HEADER_LEN], entry->nickname, nnlen);
- PORT_Memcpy(&buf[DB_SUBJECT_ENTRY_HEADER_LEN+nnlen], entry->emailAddr,
- eaddrlen);
-
- for ( i = 0; i < ncerts; i++ ) {
-
- certKeys = entry->certKeys;
- keyIDs = entry->keyIDs;
-
- buf[keyidoff+i*2] = ( certKeys[i].len >> 8 ) & 0xff;
- buf[keyidoff+1+i*2] = certKeys[i].len & 0xff;
- buf[keyidoff+ncerts*2+i*2] = ( keyIDs[i].len >> 8 ) & 0xff;
- buf[keyidoff+1+ncerts*2+i*2] = keyIDs[i].len & 0xff;
- }
-
- /* temp pointer used to stuff certkeys and keyids into the buffer */
- tmpbuf = &buf[keyidoff+ncerts*4];
-
- for ( i = 0; i < ncerts; i++ ) {
- certKeys = entry->certKeys;
- PORT_Memcpy(tmpbuf, certKeys[i].data, certKeys[i].len);
- tmpbuf = tmpbuf + certKeys[i].len;
- }
-
- for ( i = 0; i < ncerts; i++ ) {
- keyIDs = entry->keyIDs;
- PORT_Memcpy(tmpbuf, keyIDs[i].data, keyIDs[i].len);
- tmpbuf = tmpbuf + keyIDs[i].len;
- }
-
- PORT_Assert(tmpbuf == &buf[len]);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * Encode a database key for a subject record
- */
-static SECStatus
-EncodeDBSubjectKey(SECItem *derSubject, PRArenaPool *arena,
- SECItem *dbkey)
-{
- dbkey->len = derSubject->len + SEC_DB_KEY_HEADER_LEN;
- dbkey->data = (unsigned char *)PORT_ArenaAlloc(arena, dbkey->len);
- if ( dbkey->data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey->data[SEC_DB_KEY_HEADER_LEN], derSubject->data,
- derSubject->len);
- dbkey->data[0] = certDBEntryTypeSubject;
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-static SECStatus
-DecodeDBSubjectEntry(certDBEntrySubject *entry, SECItem *dbentry,
- SECItem *derSubject)
-{
- unsigned int ncerts;
- PRArenaPool *arena;
- unsigned int len, itemlen;
- unsigned char *tmpbuf;
- unsigned int i;
- SECStatus rv;
- unsigned int keyidoff;
- unsigned int nnlen, eaddrlen;
-
- arena = entry->common.arena;
-
- rv = SECITEM_CopyItem(arena, &entry->derSubject, derSubject);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* is record long enough for header? */
- if ( dbentry->len < DB_SUBJECT_ENTRY_HEADER_LEN ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- entry->ncerts = ncerts = ( ( dbentry->data[0] << 8 ) | dbentry->data[1] );
- nnlen = ( ( dbentry->data[2] << 8 ) | dbentry->data[3] );
- eaddrlen = ( ( dbentry->data[4] << 8 ) | dbentry->data[5] );
- if ( dbentry->len < ( ncerts * 4 + DB_SUBJECT_ENTRY_HEADER_LEN +
- nnlen + eaddrlen) ) {
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- entry->certKeys = (SECItem *)PORT_ArenaAlloc(arena,
- sizeof(SECItem) * ncerts);
- entry->keyIDs = (SECItem *)PORT_ArenaAlloc(arena,
- sizeof(SECItem) * ncerts);
-
- if ( ( entry->certKeys == NULL ) || ( entry->keyIDs == NULL ) ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- if ( nnlen > 1 ) { /* null terminator is stored */
- entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
- if ( entry->nickname == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->nickname,
- &dbentry->data[DB_SUBJECT_ENTRY_HEADER_LEN],
- nnlen);
- } else {
- entry->nickname = NULL;
- }
-
- if ( eaddrlen > 1 ) { /* null terminator is stored */
- entry->emailAddr = (char *)PORT_ArenaAlloc(arena, eaddrlen);
- if ( entry->emailAddr == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->emailAddr,
- &dbentry->data[DB_SUBJECT_ENTRY_HEADER_LEN+nnlen],
- eaddrlen);
- } else {
- entry->emailAddr = NULL;
- }
-
- /* collect the lengths of the certKeys and keyIDs, and total the
- * overall length.
- */
- keyidoff = DB_SUBJECT_ENTRY_HEADER_LEN + nnlen + eaddrlen;
- len = keyidoff + 4 * ncerts;
-
- tmpbuf = &dbentry->data[0];
-
- for ( i = 0; i < ncerts; i++ ) {
-
- itemlen = ( tmpbuf[keyidoff + 2*i] << 8 ) | tmpbuf[keyidoff + 1 + 2*i] ;
- len += itemlen;
- entry->certKeys[i].len = itemlen;
-
- itemlen = ( tmpbuf[keyidoff + 2*ncerts + 2*i] << 8 ) |
- tmpbuf[keyidoff + 1 + 2*ncerts + 2*i] ;
- len += itemlen;
- entry->keyIDs[i].len = itemlen;
- }
-
- /* is database entry correct length? */
- if ( len != dbentry->len ){
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- goto loser;
- }
-
- tmpbuf = &tmpbuf[keyidoff + 4*ncerts];
- for ( i = 0; i < ncerts; i++ ) {
- entry->certKeys[i].data =
- (unsigned char *)PORT_ArenaAlloc(arena, entry->certKeys[i].len);
- if ( entry->certKeys[i].data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->certKeys[i].data, tmpbuf, entry->certKeys[i].len);
- tmpbuf = &tmpbuf[entry->certKeys[i].len];
- }
-
- for ( i = 0; i < ncerts; i++ ) {
- entry->keyIDs[i].data =
- (unsigned char *)PORT_ArenaAlloc(arena, entry->keyIDs[i].len);
- if ( entry->keyIDs[i].data == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- PORT_Memcpy(entry->keyIDs[i].data, tmpbuf, entry->keyIDs[i].len);
- tmpbuf = &tmpbuf[entry->keyIDs[i].len];
- }
-
- PORT_Assert(tmpbuf == &dbentry->data[dbentry->len]);
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * create a new subject entry with a single cert
- */
-static certDBEntrySubject *
-NewDBSubjectEntry(SECItem *derSubject, SECItem *certKey,
- SECItem *keyID, char *nickname, char *emailAddr,
- unsigned int flags)
-{
- PRArenaPool *arena = NULL;
- certDBEntrySubject *entry;
- SECStatus rv;
- unsigned int nnlen;
- unsigned int eaddrlen;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntrySubject));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* init common fields */
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeSubject;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- /* copy the subject */
- rv = SECITEM_CopyItem(arena, &entry->derSubject, derSubject);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- entry->ncerts = 1;
- /* copy nickname */
- if ( nickname && ( *nickname != '\0' ) ) {
- nnlen = PORT_Strlen(nickname) + 1;
- entry->nickname = (char *)PORT_ArenaAlloc(arena, nnlen);
- if ( entry->nickname == NULL ) {
- goto loser;
- }
-
- PORT_Memcpy(entry->nickname, nickname, nnlen);
- } else {
- entry->nickname = NULL;
- }
-
- /* copy email addr */
- if ( emailAddr && ( *emailAddr != '\0' ) ) {
- emailAddr = nsslowcert_FixupEmailAddr(emailAddr);
- if ( emailAddr == NULL ) {
- entry->emailAddr = NULL;
- goto loser;
- }
-
- eaddrlen = PORT_Strlen(emailAddr) + 1;
- entry->emailAddr = (char *)PORT_ArenaAlloc(arena, eaddrlen);
- if ( entry->emailAddr == NULL ) {
- PORT_Free(emailAddr);
- goto loser;
- }
-
- PORT_Memcpy(entry->emailAddr, emailAddr, eaddrlen);
- PORT_Free(emailAddr);
- } else {
- entry->emailAddr = NULL;
- }
-
- /* allocate space for certKeys and keyIDs */
- entry->certKeys = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
- entry->keyIDs = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
- if ( ( entry->certKeys == NULL ) || ( entry->keyIDs == NULL ) ) {
- goto loser;
- }
-
- /* copy the certKey and keyID */
- rv = SECITEM_CopyItem(arena, &entry->certKeys[0], certKey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- rv = SECITEM_CopyItem(arena, &entry->keyIDs[0], keyID);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- return(entry);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * delete a subject entry
- */
-static SECStatus
-DeleteDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
-{
- SECItem dbkey;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBSubjectKey(derSubject, arena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = DeleteDBEntry(handle, certDBEntryTypeSubject, &dbkey);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(SECFailure);
-}
-
-/*
- * Read the subject entry
- */
-static certDBEntrySubject *
-ReadDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntrySubject *entry;
- SECItem dbkey;
- SECItem dbentry;
- SECStatus rv;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntrySubject));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeSubject;
-
- rv = EncodeDBSubjectKey(derSubject, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- rv = DecodeDBSubjectEntry(entry, &dbentry, derSubject);
- if ( rv == SECFailure ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * Encode a subject name entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, certDBEntrySubject *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBSubjectEntry(entry, tmparena, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = EncodeDBSubjectKey(&entry->derSubject, tmparena, &dbkey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-
-}
-
-static SECStatus
-UpdateSubjectWithEmailAddr(NSSLOWCERTCertDBHandle *dbhandle,
- SECItem *derSubject, char *emailAddr)
-{
- PRBool save = PR_FALSE, delold = PR_FALSE;
- certDBEntrySubject *entry;
- SECStatus rv;
-
- if (emailAddr) {
- emailAddr = nsslowcert_FixupEmailAddr(emailAddr);
- if (emailAddr == NULL) {
- return SECFailure;
- }
- }
-
- entry = ReadDBSubjectEntry(dbhandle,derSubject);
-
- if ( entry->emailAddr ) {
- if ( (emailAddr == NULL) ||
- (PORT_Strcmp(entry->emailAddr, emailAddr) != 0) ) {
- save = PR_TRUE;
- delold = PR_TRUE;
- }
- } else if (emailAddr) {
- save = PR_TRUE;
- }
-
- if ( delold ) {
- /* delete the old smime entry, because this cert now has a new
- * smime entry pointing to it
- */
- PORT_Assert(save);
- PORT_Assert(entry->emailAddr != NULL);
- DeleteDBSMimeEntry(dbhandle, entry->emailAddr);
- }
-
- if ( save ) {
- unsigned int len;
-
- PORT_Assert(entry != NULL);
- if (emailAddr) {
- len = PORT_Strlen(emailAddr) + 1;
- entry->emailAddr = (char *)PORT_ArenaAlloc(entry->common.arena, len);
- if ( entry->emailAddr == NULL ) {
- goto loser;
- }
- PORT_Memcpy(entry->emailAddr, emailAddr, len);
- } else {
- entry->emailAddr = NULL;
- }
-
- /* delete the subject entry */
- DeleteDBSubjectEntry(dbhandle, derSubject);
-
- /* write the new one */
- rv = WriteDBSubjectEntry(dbhandle, entry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- if (emailAddr) PORT_Free(emailAddr);
- return(SECSuccess);
-
-loser:
- if (emailAddr) PORT_Free(emailAddr);
- return(SECFailure);
-}
-
-/*
- * writes a nickname to an existing subject entry that does not currently
- * have one
- */
-static SECStatus
-AddNicknameToSubject(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname)
-{
- certDBEntrySubject *entry;
- SECStatus rv;
-
- if ( nickname == NULL ) {
- return(SECFailure);
- }
-
- entry = ReadDBSubjectEntry(dbhandle,&cert->derSubject);
- PORT_Assert(entry != NULL);
- if ( entry == NULL ) {
- goto loser;
- }
-
- PORT_Assert(entry->nickname == NULL);
- if ( entry->nickname != NULL ) {
- goto loser;
- }
-
- entry->nickname = (nickname) ?
- PORT_ArenaStrdup(entry->common.arena, nickname) : NULL;
-
- if ( entry->nickname == NULL ) {
- goto loser;
- }
-
- /* delete the subject entry */
- DeleteDBSubjectEntry(dbhandle, &cert->derSubject);
-
- /* write the new one */
- rv = WriteDBSubjectEntry(dbhandle, entry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * create a new version entry
- */
-static certDBEntryVersion *
-NewDBVersionEntry(unsigned int flags)
-{
- PRArenaPool *arena = NULL;
- certDBEntryVersion *entry;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryVersion *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntryVersion));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeVersion;
- entry->common.version = CERT_DB_FILE_VERSION;
- entry->common.flags = flags;
-
- return(entry);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-/*
- * Read the version entry
- */
-static certDBEntryVersion *
-ReadDBVersionEntry(NSSLOWCERTCertDBHandle *handle)
-{
- PRArenaPool *arena = NULL;
- PRArenaPool *tmparena = NULL;
- certDBEntryVersion *entry;
- SECItem dbkey;
- SECItem dbentry;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- entry = (certDBEntryVersion *)PORT_ArenaAlloc(arena,
- sizeof(certDBEntryVersion));
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
- entry->common.arena = arena;
- entry->common.type = certDBEntryTypeVersion;
-
- /* now get the database key and format it */
- dbkey.len = SEC_DB_VERSION_KEY_LEN + SEC_DB_KEY_HEADER_LEN;
- dbkey.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbkey.len);
- if ( dbkey.data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
- SEC_DB_VERSION_KEY_LEN);
-
- ReadDBEntry(handle, &entry->common, &dbkey, &dbentry, tmparena);
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(entry);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(NULL);
-}
-
-
-/*
- * Encode a version entry into byte stream suitable for
- * the database
- */
-static SECStatus
-WriteDBVersionEntry(NSSLOWCERTCertDBHandle *handle, certDBEntryVersion *entry)
-{
- SECItem dbitem, dbkey;
- PRArenaPool *tmparena = NULL;
- SECStatus rv;
-
- tmparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( tmparena == NULL ) {
- goto loser;
- }
-
- /* allocate space for encoded database record, including space
- * for low level header
- */
- dbitem.len = SEC_DB_ENTRY_HEADER_LEN;
-
- dbitem.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbitem.len);
- if ( dbitem.data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto loser;
- }
-
- /* now get the database key and format it */
- dbkey.len = SEC_DB_VERSION_KEY_LEN + SEC_DB_KEY_HEADER_LEN;
- dbkey.data = (unsigned char *)PORT_ArenaAlloc(tmparena, dbkey.len);
- if ( dbkey.data == NULL ) {
- goto loser;
- }
- PORT_Memcpy(&dbkey.data[SEC_DB_KEY_HEADER_LEN], SEC_DB_VERSION_KEY,
- SEC_DB_VERSION_KEY_LEN);
-
- /* now write it to the database */
- rv = WriteDBEntry(handle, &entry->common, &dbkey, &dbitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- PORT_FreeArena(tmparena, PR_FALSE);
- return(SECSuccess);
-
-loser:
- if ( tmparena ) {
- PORT_FreeArena(tmparena, PR_FALSE);
- }
- return(SECFailure);
-}
-
-/*
- * cert is no longer a perm cert, but will remain a temp cert
- */
-static SECStatus
-RemovePermSubjectNode(NSSLOWCERTCertificate *cert)
-{
- certDBEntrySubject *entry;
- unsigned int i;
- SECStatus rv;
-
- entry = ReadDBSubjectEntry(cert->dbhandle,&cert->derSubject);
- PORT_Assert(entry);
- if ( entry == NULL ) {
- return(SECFailure);
- }
-
- PORT_Assert(entry->ncerts);
- rv = SECFailure;
-
- if ( entry->ncerts > 1 ) {
- for ( i = 0; i < entry->ncerts; i++ ) {
- if ( SECITEM_CompareItem(&entry->certKeys[i], &cert->certKey) ==
- SECEqual ) {
- /* copy rest of list forward one entry */
- for ( i = i + 1; i < entry->ncerts; i++ ) {
- entry->certKeys[i-1] = entry->certKeys[i];
- entry->keyIDs[i-1] = entry->keyIDs[i];
- }
- entry->ncerts--;
- DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
- rv = WriteDBSubjectEntry(cert->dbhandle, entry);
- break;
- }
- }
- } else {
- /* no entries left, delete the perm entry in the DB */
- if ( entry->emailAddr ) {
- /* if the subject had an email record, then delete it too */
- DeleteDBSMimeEntry(cert->dbhandle, entry->emailAddr);
- }
-
- DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
- }
- DestroyDBEntry((certDBEntry *)entry);
-
- return(rv);
-}
-
-/*
- * add a cert to the perm subject list
- */
-static SECStatus
-AddPermSubjectNode(certDBEntrySubject *entry, NSSLOWCERTCertificate *cert,
- char *nickname)
-{
- SECItem *newCertKeys, *newKeyIDs;
- int i;
- SECStatus rv;
- NSSLOWCERTCertificate *cmpcert;
- unsigned int nnlen;
- int ncerts;
-
-
- PORT_Assert(entry);
- ncerts = entry->ncerts;
-
- if ( nickname && entry->nickname ) {
- /* nicknames must be the same */
- PORT_Assert(PORT_Strcmp(nickname, entry->nickname) == 0);
- }
-
- if ( ( entry->nickname == NULL ) && ( nickname != NULL ) ) {
- /* copy nickname into the entry */
- nnlen = PORT_Strlen(nickname) + 1;
- entry->nickname = (char *)PORT_ArenaAlloc(entry->common.arena,nnlen);
- if ( entry->nickname == NULL ) {
- return(SECFailure);
- }
- PORT_Memcpy(entry->nickname, nickname, nnlen);
- }
-
- /* a DB entry already exists, so add this cert */
- newCertKeys = (SECItem *)PORT_ArenaAlloc(entry->common.arena,
- sizeof(SECItem) * ( ncerts + 1 ) );
- newKeyIDs = (SECItem *)PORT_ArenaAlloc(entry->common.arena,
- sizeof(SECItem) * ( ncerts + 1 ) );
-
- if ( ( newCertKeys == NULL ) || ( newKeyIDs == NULL ) ) {
- return(SECFailure);
- }
-
- for ( i = 0; i < ncerts; i++ ) {
- cmpcert = nsslowcert_FindCertByKey(cert->dbhandle,
- &entry->certKeys[i]);
- PORT_Assert(cmpcert);
- if ( nsslowcert_IsNewer(cert, cmpcert) ) {
- /* insert before cmpcert */
- rv = SECITEM_CopyItem(entry->common.arena, &newCertKeys[i],
- &cert->certKey);
- if ( rv != SECSuccess ) {
- return(SECFailure);
- }
- rv = SECITEM_CopyItem(entry->common.arena, &newKeyIDs[i],
- &cert->subjectKeyID);
- if ( rv != SECSuccess ) {
- return(SECFailure);
- }
- /* copy the rest of the entry */
- for ( ; i < ncerts; i++ ) {
- newCertKeys[i+1] = entry->certKeys[i];
- newKeyIDs[i+1] = entry->keyIDs[i];
- }
-
- /* update certKeys and keyIDs */
- entry->certKeys = newCertKeys;
- entry->keyIDs = newKeyIDs;
-
- /* increment count */
- entry->ncerts++;
- break;
- }
- /* copy this cert entry */
- newCertKeys[i] = entry->certKeys[i];
- newKeyIDs[i] = entry->keyIDs[i];
- }
-
- if ( entry->ncerts == ncerts ) {
- /* insert new one at end */
- rv = SECITEM_CopyItem(entry->common.arena, &newCertKeys[ncerts],
- &cert->certKey);
- if ( rv != SECSuccess ) {
- return(SECFailure);
- }
- rv = SECITEM_CopyItem(entry->common.arena, &newKeyIDs[ncerts],
- &cert->subjectKeyID);
- if ( rv != SECSuccess ) {
- return(SECFailure);
- }
-
- /* update certKeys and keyIDs */
- entry->certKeys = newCertKeys;
- entry->keyIDs = newKeyIDs;
-
- /* increment count */
- entry->ncerts++;
- }
- DeleteDBSubjectEntry(cert->dbhandle, &cert->derSubject);
- rv = WriteDBSubjectEntry(cert->dbhandle, entry);
- return(rv);
-}
-
-
-SECStatus
-nsslowcert_TraversePermCertsForSubject(NSSLOWCERTCertDBHandle *handle,
- SECItem *derSubject,
- NSSLOWCERTCertCallback cb, void *cbarg)
-{
- certDBEntrySubject *entry;
- int i;
- NSSLOWCERTCertificate *cert;
- SECStatus rv = SECSuccess;
-
- entry = ReadDBSubjectEntry(handle, derSubject);
-
- if ( entry == NULL ) {
- return(SECFailure);
- }
-
- for( i = 0; i < entry->ncerts; i++ ) {
- cert = nsslowcert_FindCertByKey(handle, &entry->certKeys[i]);
- rv = (* cb)(cert, cbarg);
- nsslowcert_DestroyCertificate(cert);
- if ( rv == SECFailure ) {
- break;
- }
- }
-
- DestroyDBEntry((certDBEntry *)entry);
-
- return(rv);
-}
-
-int
-nsslowcert_NumPermCertsForSubject(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject)
-{
- certDBEntrySubject *entry;
- int ret;
-
- entry = ReadDBSubjectEntry(handle, derSubject);
-
- if ( entry == NULL ) {
- return(SECFailure);
- }
-
- ret = entry->ncerts;
-
- DestroyDBEntry((certDBEntry *)entry);
-
- return(ret);
-}
-
-SECStatus
-nsslowcert_TraversePermCertsForNickname(NSSLOWCERTCertDBHandle *handle, char *nickname,
- NSSLOWCERTCertCallback cb, void *cbarg)
-{
- certDBEntryNickname *nnentry = NULL;
- certDBEntrySMime *smentry = NULL;
- SECStatus rv;
- SECItem *derSubject = NULL;
-
- nnentry = ReadDBNicknameEntry(handle, nickname);
- if ( nnentry ) {
- derSubject = &nnentry->subjectName;
- } else {
- smentry = nsslowcert_ReadDBSMimeEntry(handle, nickname);
- if ( smentry ) {
- derSubject = &smentry->subjectName;
- }
- }
-
- if ( derSubject ) {
- rv = nsslowcert_TraversePermCertsForSubject(handle, derSubject,
- cb, cbarg);
- } else {
- rv = SECFailure;
- }
-
- if ( nnentry ) {
- DestroyDBEntry((certDBEntry *)nnentry);
- }
- if ( smentry ) {
- DestroyDBEntry((certDBEntry *)smentry);
- }
-
- return(rv);
-}
-
-
-int
-nsslowcert_NumPermCertsForNickname(NSSLOWCERTCertDBHandle *handle, char *nickname)
-{
- certDBEntryNickname *entry;
- int ret;
-
- entry = ReadDBNicknameEntry(handle, nickname);
-
- if ( entry ) {
- ret = nsslowcert_NumPermCertsForSubject(handle, &entry->subjectName);
- DestroyDBEntry((certDBEntry *)entry);
- } else {
- ret = 0;
- }
- return(ret);
-}
-
-/*
- * add a nickname to a cert that doesn't have one
- */
-static SECStatus
-AddNicknameToPermCert(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname)
-{
- certDBEntryCert *entry;
- int rv;
-
- entry = cert->dbEntry;
- PORT_Assert(entry != NULL);
- if ( entry == NULL ) {
- goto loser;
- }
-
- entry->nickname = PORT_ArenaStrdup(entry->common.arena, nickname);
-
- rv = WriteDBCertEntry(dbhandle, entry);
- if ( rv ) {
- goto loser;
- }
-
- cert->nickname = PORT_ArenaStrdup(cert->arena, nickname);
- return(SECSuccess);
-
-loser:
- return(SECFailure);
-}
-
-/*
- * add a nickname to a cert that is already in the perm database, but doesn't
- * have one yet (it is probably an e-mail cert).
- */
-SECStatus
-nsslowcert_AddPermNickname(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname)
-{
- SECStatus rv = SECFailure;
- certDBEntrySubject *entry = NULL;
-
- nsslowcert_LockDB(dbhandle);
-
- PORT_Assert(cert->nickname == NULL);
-
- if ( cert->nickname != NULL ) {
- rv = SECSuccess;
- goto loser;
- }
-
- entry = ReadDBSubjectEntry(dbhandle, &cert->derSubject);
- if (entry == NULL) goto loser;
-
- if ( entry->nickname == NULL ) {
- /* no nickname for subject */
- rv = AddNicknameToSubject(dbhandle, cert, nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- rv = AddNicknameToPermCert(dbhandle, cert, nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- } else {
- /* subject already has a nickname */
- rv = AddNicknameToPermCert(dbhandle, cert, entry->nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
- rv = SECSuccess;
-
-loser:
- if (entry) {
- DestroyDBEntry((certDBEntry *)entry);
- }
- nsslowcert_UnlockDB(dbhandle);
- return(rv);
-}
-
-static certDBEntryCert *
-AddCertToPermDB(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTCertificate *cert,
- char *nickname, NSSLOWCERTCertTrust *trust)
-{
- certDBEntryCert *certEntry = NULL;
- certDBEntryNickname *nicknameEntry = NULL;
- certDBEntrySubject *subjectEntry = NULL;
- int state = 0;
- SECStatus rv;
- PRBool donnentry = PR_FALSE;
-
- if ( nickname ) {
- donnentry = PR_TRUE;
- }
-
- subjectEntry = ReadDBSubjectEntry(handle, &cert->derSubject);
-
- if ( subjectEntry ) {
- donnentry = PR_FALSE;
- nickname = subjectEntry->nickname;
- }
-
- certEntry = NewDBCertEntry(&cert->derCert, nickname, trust, 0);
- if ( certEntry == NULL ) {
- goto loser;
- }
-
- if ( donnentry ) {
- nicknameEntry = NewDBNicknameEntry(nickname, &cert->derSubject, 0);
- if ( nicknameEntry == NULL ) {
- goto loser;
- }
- }
-
- rv = WriteDBCertEntry(handle, certEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- state = 1;
-
- if ( nicknameEntry ) {
- rv = WriteDBNicknameEntry(handle, nicknameEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- state = 2;
-
- /* add to or create new subject entry */
- if ( subjectEntry ) {
- /* REWRITE BASED ON SUBJECT ENTRY */
- rv = AddPermSubjectNode(subjectEntry, cert, nickname);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- } else {
- /* make a new subject entry - this case is only used when updating
- * an old version of the database. This is OK because the oldnickname
- * db format didn't allow multiple certs with the same subject.
- */
- /* where does subjectKeyID and certKey come from? */
- subjectEntry = NewDBSubjectEntry(&cert->derSubject, &cert->certKey,
- &cert->subjectKeyID, nickname,
- NULL, 0);
- if ( subjectEntry == NULL ) {
- goto loser;
- }
- rv = WriteDBSubjectEntry(handle, subjectEntry);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- }
-
- state = 3;
-
- if ( nicknameEntry ) {
- DestroyDBEntry((certDBEntry *)nicknameEntry);
- }
-
- if ( subjectEntry ) {
- DestroyDBEntry((certDBEntry *)subjectEntry);
- }
-
- return(certEntry);
-
-loser:
- /* don't leave partial entry in the database */
- if ( state > 0 ) {
- rv = DeleteDBCertEntry(handle, &cert->certKey);
- }
- if ( ( state > 1 ) && donnentry ) {
- rv = DeleteDBNicknameEntry(handle, nickname);
- }
- if ( state > 2 ) {
- rv = DeleteDBSubjectEntry(handle, &cert->derSubject);
- }
- if ( certEntry ) {
- DestroyDBEntry((certDBEntry *)certEntry);
- }
- if ( nicknameEntry ) {
- DestroyDBEntry((certDBEntry *)nicknameEntry);
- }
- if ( subjectEntry ) {
- DestroyDBEntry((certDBEntry *)subjectEntry);
- }
-
- return(NULL);
-}
-
-/*
- * NOTE - Version 6 DB did not go out to the real world in a release,
- * so we can remove this function in a later release.
- */
-static SECStatus
-UpdateV6DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
- int ret;
- DBT key, data;
- unsigned char *buf, *tmpbuf = NULL;
- certDBEntryType type;
- certDBEntryNickname *nnEntry = NULL;
- certDBEntrySubject *subjectEntry = NULL;
- certDBEntrySMime *emailEntry = NULL;
- char *nickname;
- char *emailAddr;
- SECStatus rv;
-
- /*
- * Sequence through the old database and copy all of the entries
- * to the new database. Subject name entries will have the new
- * fields inserted into them (with zero length).
- */
- ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
- if ( ret ) {
- return(SECFailure);
- }
-
- do {
- buf = (unsigned char *)data.data;
-
- if ( data.size >= 3 ) {
- if ( buf[0] == 6 ) { /* version number */
- type = (certDBEntryType)buf[1];
- if ( type == certDBEntryTypeSubject ) {
- /* expando subjecto entrieo */
- tmpbuf = (unsigned char *)PORT_Alloc(data.size + 4);
- if ( tmpbuf ) {
- /* copy header stuff */
- PORT_Memcpy(tmpbuf, buf, SEC_DB_ENTRY_HEADER_LEN + 2);
- /* insert 4 more bytes of zero'd header */
- PORT_Memset(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 2],
- 0, 4);
- /* copy rest of the data */
- PORT_Memcpy(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 6],
- &buf[SEC_DB_ENTRY_HEADER_LEN + 2],
- data.size - (SEC_DB_ENTRY_HEADER_LEN + 2));
-
- data.data = (void *)tmpbuf;
- data.size += 4;
- buf = tmpbuf;
- }
- } else if ( type == certDBEntryTypeCert ) {
- /* expando certo entrieo */
- tmpbuf = (unsigned char *)PORT_Alloc(data.size + 3);
- if ( tmpbuf ) {
- /* copy header stuff */
- PORT_Memcpy(tmpbuf, buf, SEC_DB_ENTRY_HEADER_LEN);
-
- /* copy trust flage, setting msb's to 0 */
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN] = 0;
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+1] =
- buf[SEC_DB_ENTRY_HEADER_LEN];
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+2] = 0;
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+3] =
- buf[SEC_DB_ENTRY_HEADER_LEN+1];
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+4] = 0;
- tmpbuf[SEC_DB_ENTRY_HEADER_LEN+5] =
- buf[SEC_DB_ENTRY_HEADER_LEN+2];
-
- /* copy rest of the data */
- PORT_Memcpy(&tmpbuf[SEC_DB_ENTRY_HEADER_LEN + 6],
- &buf[SEC_DB_ENTRY_HEADER_LEN + 3],
- data.size - (SEC_DB_ENTRY_HEADER_LEN + 3));
-
- data.data = (void *)tmpbuf;
- data.size += 3;
- buf = tmpbuf;
- }
-
- }
-
- /* update the record version number */
- buf[0] = CERT_DB_FILE_VERSION;
-
- /* copy to the new database */
- ret = certdb_Put(handle->permCertDB, &key, &data, 0);
- if ( tmpbuf ) {
- PORT_Free(tmpbuf);
- tmpbuf = NULL;
- }
- }
- }
- } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
- ret = certdb_Sync(handle->permCertDB, 0);
-
- ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
- if ( ret ) {
- return(SECFailure);
- }
-
- do {
- buf = (unsigned char *)data.data;
-
- if ( data.size >= 3 ) {
- if ( buf[0] == CERT_DB_FILE_VERSION ) { /* version number */
- type = (certDBEntryType)buf[1];
- if ( type == certDBEntryTypeNickname ) {
- nickname = &((char *)key.data)[1];
-
- /* get the matching nickname entry in the new DB */
- nnEntry = ReadDBNicknameEntry(handle, nickname);
- if ( nnEntry == NULL ) {
- goto endloop;
- }
-
- /* find the subject entry pointed to by nickname */
- subjectEntry = ReadDBSubjectEntry(handle,
- &nnEntry->subjectName);
- if ( subjectEntry == NULL ) {
- goto endloop;
- }
-
- subjectEntry->nickname =
- (char *)PORT_ArenaAlloc(subjectEntry->common.arena,
- key.size - 1);
- if ( subjectEntry->nickname ) {
- PORT_Memcpy(subjectEntry->nickname, nickname,
- key.size - 1);
- rv = WriteDBSubjectEntry(handle, subjectEntry);
- }
- } else if ( type == certDBEntryTypeSMimeProfile ) {
- emailAddr = &((char *)key.data)[1];
-
- /* get the matching smime entry in the new DB */
- emailEntry = nsslowcert_ReadDBSMimeEntry(handle, emailAddr);
- if ( emailEntry == NULL ) {
- goto endloop;
- }
-
- /* find the subject entry pointed to by nickname */
- subjectEntry = ReadDBSubjectEntry(handle,
- &emailEntry->subjectName);
- if ( subjectEntry == NULL ) {
- goto endloop;
- }
-
- subjectEntry->nickname =
- (char *)PORT_ArenaAlloc(subjectEntry->common.arena,
- key.size - 1);
- if ( subjectEntry->emailAddr ) {
- PORT_Memcpy(subjectEntry->emailAddr, emailAddr,
- key.size - 1);
- rv = WriteDBSubjectEntry(handle, subjectEntry);
- }
- }
-
-endloop:
- if ( subjectEntry ) {
- DestroyDBEntry((certDBEntry *)subjectEntry);
- subjectEntry = NULL;
- }
- if ( nnEntry ) {
- DestroyDBEntry((certDBEntry *)nnEntry);
- nnEntry = NULL;
- }
- if ( emailEntry ) {
- DestroyDBEntry((certDBEntry *)emailEntry);
- emailEntry = NULL;
- }
- }
- }
- } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
- ret = certdb_Sync(handle->permCertDB, 0);
-
- (* updatedb->close)(updatedb);
- return(SECSuccess);
-}
-
-
-static SECStatus
-updateV5Callback(NSSLOWCERTCertificate *cert, SECItem *k, void *pdata)
-{
- NSSLOWCERTCertDBHandle *handle;
- certDBEntryCert *entry;
- NSSLOWCERTCertTrust *trust;
-
- handle = (NSSLOWCERTCertDBHandle *)pdata;
- trust = &cert->dbEntry->trust;
-
- /* SSL user certs can be used for email if they have an email addr */
- if ( cert->emailAddr && ( trust->sslFlags & CERTDB_USER ) &&
- ( trust->emailFlags == 0 ) ) {
- trust->emailFlags = CERTDB_USER;
- }
- /* servers didn't set the user flags on the server cert.. */
- if (PORT_Strcmp(cert->dbEntry->nickname,"Server-Cert") == 0) {
- trust->sslFlags |= CERTDB_USER;
- }
-
- entry = AddCertToPermDB(handle, cert, cert->dbEntry->nickname,
- &cert->dbEntry->trust);
- if ( entry ) {
- DestroyDBEntry((certDBEntry *)entry);
- }
-
- return(SECSuccess);
-}
-
-static SECStatus
-UpdateV5DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
- NSSLOWCERTCertDBHandle updatehandle;
- SECStatus rv;
-
- updatehandle.permCertDB = updatedb;
- updatehandle.dbMon = PZ_NewMonitor(nssILockCertDB);
-
- rv = nsslowcert_TraversePermCerts(&updatehandle, updateV5Callback,
- (void *)handle);
-
- PZ_DestroyMonitor(updatehandle.dbMon);
-
- (* updatedb->close)(updatedb);
- return(SECSuccess);
-}
-
-static PRBool
-isV4DB(DB *db) {
- DBT key,data;
- int ret;
-
- key.data = "Version";
- key.size = 7;
-
- ret = (*db->get)(db, &key, &data, 0);
- if (ret) {
- return PR_FALSE;
- }
-
- if ((data.size == 1) && (*(unsigned char *)data.data <= 4)) {
- return PR_TRUE;
- }
-
- return PR_FALSE;
-}
-
-static SECStatus
-UpdateV4DB(NSSLOWCERTCertDBHandle *handle, DB *updatedb)
-{
- DBT key, data;
- certDBEntryCert *entry, *entry2;
- SECItem derSubject;
- int ret;
- PRArenaPool *arena = NULL;
- NSSLOWCERTCertificate *cert;
-
- ret = (* updatedb->seq)(updatedb, &key, &data, R_FIRST);
-
- if ( ret ) {
- return(SECFailure);
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- return(SECFailure);
- }
-
- do {
- if ( data.size != 1 ) { /* skip version number */
-
- /* decode the old DB entry */
- entry = (certDBEntryCert *)DecodeV4DBCertEntry((unsigned char*)data.data, data.size);
- derSubject.data = NULL;
-
- if ( entry ) {
- cert = nsslowcert_DecodeDERCertificate(&entry->derCert, PR_TRUE,
- entry->nickname);
-
- if ( cert != NULL ) {
- /* add to new database */
- entry2 = AddCertToPermDB(handle, cert, entry->nickname,
- &entry->trust);
-
- nsslowcert_DestroyCertificate(cert);
- if ( entry2 ) {
- DestroyDBEntry((certDBEntry *)entry2);
- }
- }
- DestroyDBEntry((certDBEntry *)entry);
- }
- }
- } while ( (* updatedb->seq)(updatedb, &key, &data, R_NEXT) == 0 );
-
- PORT_FreeArena(arena, PR_FALSE);
- (* updatedb->close)(updatedb);
- return(SECSuccess);
-}
-
-
-/*
- * return true if a database key conflict exists
- */
-PRBool
-nsslowcert_CertDBKeyConflict(SECItem *derCert, NSSLOWCERTCertDBHandle *handle)
-{
- SECStatus rv;
- DBT tmpdata;
- DBT namekey;
- int ret;
- SECItem keyitem;
- PRArenaPool *arena = NULL;
- SECItem derKey;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- /* get the db key of the cert */
- rv = nsslowcert_KeyFromDERCert(arena, derCert, &derKey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- rv = EncodeDBCertKey(&derKey, arena, &keyitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- namekey.data = keyitem.data;
- namekey.size = keyitem.len;
-
- ret = certdb_Get(handle->permCertDB, &namekey, &tmpdata, 0);
- if ( ret == 0 ) {
- goto loser;
- }
-
- PORT_FreeArena(arena, PR_FALSE);
-
- return(PR_FALSE);
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(PR_TRUE);
-}
-
-/*
- * return true if a nickname conflict exists
- * NOTE: caller must have already made sure that this exact cert
- * doesn't exist in the DB
- */
-static PRBool
-nsslowcert_CertNicknameConflict(char *nickname, SECItem *derSubject,
- NSSLOWCERTCertDBHandle *handle)
-{
- PRBool rv;
- certDBEntryNickname *entry;
-
- if ( nickname == NULL ) {
- return(PR_FALSE);
- }
-
- entry = ReadDBNicknameEntry(handle, nickname);
-
- if ( entry == NULL ) {
- /* no entry for this nickname, so no conflict */
- return(PR_FALSE);
- }
-
- rv = PR_TRUE;
- if ( SECITEM_CompareItem(derSubject, &entry->subjectName) == SECEqual ) {
- /* if subject names are the same, then no conflict */
- rv = PR_FALSE;
- }
-
- DestroyDBEntry((certDBEntry *)entry);
- return(rv);
-}
-
-/*
- * Open the certificate database and index databases. Create them if
- * they are not there or bad.
- */
-static SECStatus
-nsslowcert_OpenPermCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
- NSSLOWCERTDBNameFunc namecb, void *cbarg)
-{
- SECStatus rv;
- int openflags;
- certDBEntryVersion *versionEntry = NULL;
- DB *updatedb = NULL;
- char *tmpname;
- char *certdbname;
- PRBool updated = PR_FALSE;
- PRBool forceUpdate = PR_FALSE;
-
- certdbname = (* namecb)(cbarg, CERT_DB_FILE_VERSION);
- if ( certdbname == NULL ) {
- return(SECFailure);
- }
-
- if ( readOnly ) {
- openflags = O_RDONLY;
- } else {
- openflags = O_RDWR;
- }
-
- /*
- * first open the permanent file based database.
- */
- handle->permCertDB = dbopen( certdbname, openflags, 0600, DB_HASH, 0 );
-
- /* check for correct version number */
- if ( handle->permCertDB ) {
- versionEntry = ReadDBVersionEntry(handle);
-
- if ( versionEntry == NULL ) {
- /* no version number */
- certdb_Close(handle->permCertDB);
- handle->permCertDB = 0;
- } else if ( versionEntry->common.version != CERT_DB_FILE_VERSION ) {
- /* wrong version number, can't update in place */
- DestroyDBEntry((certDBEntry *)versionEntry);
- PORT_Free(certdbname);
- return(SECFailure);
- } else {
- DestroyDBEntry((certDBEntry *)versionEntry);
- versionEntry = NULL;
- }
- }
-
-
- /* if first open fails, try to create a new DB */
- if ( handle->permCertDB == NULL ) {
-
- /* don't create if readonly */
- if ( readOnly ) {
- goto loser;
- }
-
- handle->permCertDB = dbopen(certdbname,
- O_RDWR | O_CREAT | O_TRUNC,
- 0600, DB_HASH, 0);
-
- /* if create fails then we lose */
- if ( handle->permCertDB == 0 ) {
- goto loser;
- }
-
- versionEntry = NewDBVersionEntry(0);
- if ( versionEntry == NULL ) {
- goto loser;
- }
-
- rv = WriteDBVersionEntry(handle, versionEntry);
-
- DestroyDBEntry((certDBEntry *)versionEntry);
-
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* try to upgrade old db here */
- tmpname = (* namecb)(cbarg, 6); /* get v6 db name */
- if ( tmpname ) {
- updatedb = dbopen( tmpname, O_RDONLY, 0600, DB_HASH, 0 );
- PORT_Free(tmpname);
- if ( updatedb ) {
- rv = UpdateV6DB(handle, updatedb);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- updated = PR_TRUE;
- } else { /* no v6 db, so try v5 db */
- tmpname = (* namecb)(cbarg, 5); /* get v5 db name */
- if ( tmpname ) {
- updatedb = dbopen( tmpname, O_RDONLY, 0600, DB_HASH, 0 );
- PORT_Free(tmpname);
- if ( updatedb ) {
- rv = UpdateV5DB(handle, updatedb);
- if ( rv != SECSuccess ) {
- goto loser;
- }
- updated = PR_TRUE;
- } else { /* no v5 db, so try v4 db */
- /* try to upgrade v4 db */
- tmpname = (* namecb)(cbarg, 4); /* get v4 db name */
- if ( tmpname ) {
- updatedb = dbopen( tmpname, O_RDONLY, 0600,
- DB_HASH, 0 );
- PORT_Free(tmpname);
- if ( updatedb ) {
- /* NES has v5 db's with v4 db names! */
- if (isV4DB(updatedb)) {
- rv = UpdateV4DB(handle, updatedb);
- } else {
- rv = UpdateV5DB(handle, updatedb);
- }
- if ( rv != SECSuccess ) {
- goto loser;
- }
- forceUpdate = PR_TRUE;
- updated = PR_TRUE;
- }
- }
- }
- }
- }
- }
-
- /* Root certs are no longer automatically added to the DB. They
- * come from and external PKCS #11 file.
- */
- }
-
- PORT_Free(certdbname);
-
- return (SECSuccess);
-
-loser:
-
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
-
- if ( handle->permCertDB ) {
- certdb_Close(handle->permCertDB);
- handle->permCertDB = 0;
- }
-
- PORT_Free(certdbname);
-
- return(SECFailure);
-}
-
-/*
- * delete all DB records associated with a particular certificate
- */
-static SECStatus
-DeletePermCert(NSSLOWCERTCertificate *cert)
-{
- SECStatus rv;
- SECStatus ret;
-
- ret = SECSuccess;
-
- rv = DeleteDBCertEntry(cert->dbhandle, &cert->certKey);
- if ( rv != SECSuccess ) {
- ret = SECFailure;
- }
-
- if ( cert->nickname ) {
- rv = DeleteDBNicknameEntry(cert->dbhandle, cert->nickname);
- if ( rv != SECSuccess ) {
- ret = SECFailure;
- }
- }
-
- rv = RemovePermSubjectNode(cert);
-
- return(ret);
-}
-
-/*
- * Delete a certificate from the permanent database.
- */
-SECStatus
-nsslowcert_DeletePermCertificate(NSSLOWCERTCertificate *cert)
-{
- SECStatus rv;
-
- nsslowcert_LockDB(cert->dbhandle);
- /* delete the records from the permanent database */
- rv = DeletePermCert(cert);
-
- /* get rid of dbcert and stuff pointing to it */
- DestroyDBEntry((certDBEntry *)cert->dbEntry);
- cert->dbEntry = NULL;
- cert->trust = NULL;
-
- nsslowcert_UnlockDB(cert->dbhandle);
- return(rv);
-}
-
-/*
- * Traverse all of the entries in the database of a particular type
- * call the given function for each one.
- */
-SECStatus
-nsslowcert_TraverseDBEntries(NSSLOWCERTCertDBHandle *handle,
- certDBEntryType type,
- SECStatus (* callback)(SECItem *data, SECItem *key,
- certDBEntryType type, void *pdata),
- void *udata )
-{
- DBT data;
- DBT key;
- SECStatus rv;
- int ret;
- SECItem dataitem;
- SECItem keyitem;
- unsigned char *buf;
- unsigned char *keybuf;
-
- ret = certdb_Seq(handle->permCertDB, &key, &data, R_FIRST);
-
- if ( ret ) {
- return(SECFailure);
- }
-
- do {
- buf = (unsigned char *)data.data;
-
- if ( buf[1] == (unsigned char)type ) {
- dataitem.len = data.size;
- dataitem.data = buf;
- dataitem.type = siBuffer;
- keyitem.len = key.size - SEC_DB_KEY_HEADER_LEN;
- keybuf = (unsigned char *)key.data;
- keyitem.data = &keybuf[SEC_DB_KEY_HEADER_LEN];
- keyitem.type = siBuffer;
-
- rv = (* callback)(&dataitem, &keyitem, type, udata);
- if ( rv != SECSuccess ) {
- return(rv);
- }
- }
- } while ( certdb_Seq(handle->permCertDB, &key, &data, R_NEXT) == 0 );
-
- return(SECSuccess);
-}
-/*
- * Decode a certificate and enter it into the temporary certificate database.
- * Deal with nicknames correctly
- *
- * This is the private entry point.
- */
-static NSSLOWCERTCertificate *
-DecodeACert(NSSLOWCERTCertDBHandle *handle, certDBEntryCert *entry)
-{
- NSSLOWCERTCertificate *cert = NULL;
-
- cert = nsslowcert_DecodeDERCertificate(&entry->derCert, PR_TRUE,
- entry->nickname );
-
- if ( cert == NULL ) {
- goto loser;
- }
-
- cert->dbhandle = handle;
- cert->dbEntry = entry;
- cert->trust = &entry->trust;
-
- return(cert);
-
-loser:
- return(0);
-}
-
-typedef struct {
- PermCertCallback certfunc;
- NSSLOWCERTCertDBHandle *handle;
- void *data;
-} PermCertCallbackState;
-
-/*
- * traversal callback to decode certs and call callers callback
- */
-static SECStatus
-certcallback(SECItem *dbdata, SECItem *dbkey, certDBEntryType type, void *data)
-{
- PermCertCallbackState *mystate;
- SECStatus rv;
- certDBEntryCert *entry;
- SECItem entryitem;
- NSSLOWCERTCertificate *cert;
- PRArenaPool *arena = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- entry = (certDBEntryCert *)PORT_ArenaAlloc(arena, sizeof(certDBEntryCert));
- mystate = (PermCertCallbackState *)data;
- entry->common.version = (unsigned int)dbdata->data[0];
- entry->common.type = (certDBEntryType)dbdata->data[1];
- entry->common.flags = (unsigned int)dbdata->data[2];
- entry->common.arena = arena;
-
- entryitem.len = dbdata->len - SEC_DB_ENTRY_HEADER_LEN;
- entryitem.data = &dbdata->data[SEC_DB_ENTRY_HEADER_LEN];
-
- rv = DecodeDBCertEntry(entry, &entryitem);
- if (rv != SECSuccess ) {
- goto loser;
- }
- entry->derCert.type = siBuffer;
-
- /* note: Entry is 'inheritted'. */
- cert = DecodeACert(mystate->handle, entry);
-
- rv = (* mystate->certfunc)(cert, dbkey, mystate->data);
-
- /* arena stored in entry destroyed by nsslowcert_DestroyCertificate */
- nsslowcert_DestroyCertificateNoLocking(cert);
-
- return(rv);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return(SECFailure);
-}
-
-/*
- * Traverse all of the certificates in the permanent database and
- * call the given function for each one; expect the caller to have lock.
- */
-static SECStatus
-TraversePermCertsNoLocking(NSSLOWCERTCertDBHandle *handle,
- SECStatus (* certfunc)(NSSLOWCERTCertificate *cert,
- SECItem *k,
- void *pdata),
- void *udata )
-{
- SECStatus rv;
- PermCertCallbackState mystate;
-
- mystate.certfunc = certfunc;
- mystate.handle = handle;
- mystate.data = udata;
- rv = nsslowcert_TraverseDBEntries(handle, certDBEntryTypeCert, certcallback,
- (void *)&mystate);
-
- return(rv);
-}
-
-/*
- * Traverse all of the certificates in the permanent database and
- * call the given function for each one.
- */
-SECStatus
-nsslowcert_TraversePermCerts(NSSLOWCERTCertDBHandle *handle,
- SECStatus (* certfunc)(NSSLOWCERTCertificate *cert, SECItem *k,
- void *pdata),
- void *udata )
-{
- SECStatus rv;
-
- nsslowcert_LockDB(handle);
- rv = TraversePermCertsNoLocking(handle, certfunc, udata);
- nsslowcert_UnlockDB(handle);
-
- return(rv);
-}
-
-
-
-/*
- * Close the database
- */
-void
-nsslowcert_ClosePermCertDB(NSSLOWCERTCertDBHandle *handle)
-{
- if ( handle ) {
- if ( handle->permCertDB ) {
- certdb_Close( handle->permCertDB );
- handle->permCertDB = NULL;
- }
- if (handle->dbMon) {
- PZ_DestroyMonitor(handle->dbMon);
- handle->dbMon = NULL;
- }
- }
- return;
-}
-
-/*
- * Get the trust attributes from a certificate
- */
-SECStatus
-nsslowcert_GetCertTrust(NSSLOWCERTCertificate *cert, NSSLOWCERTCertTrust *trust)
-{
- SECStatus rv;
-
- nsslowcert_LockCertTrust(cert);
-
- if ( cert->trust == NULL ) {
- rv = SECFailure;
- } else {
- *trust = *cert->trust;
- rv = SECSuccess;
- }
-
- nsslowcert_UnlockCertTrust(cert);
- return(rv);
-}
-
-/*
- * Change the trust attributes of a certificate and make them permanent
- * in the database.
- */
-SECStatus
-nsslowcert_ChangeCertTrust(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTCertificate *cert,
- NSSLOWCERTCertTrust *trust)
-{
- certDBEntryCert *entry;
- int rv;
- SECStatus ret;
-
- nsslowcert_LockDB(handle);
- nsslowcert_LockCertTrust(cert);
- /* only set the trust on permanent certs */
- if ( cert->trust == NULL ) {
- ret = SECFailure;
- goto done;
- }
-
- *cert->trust = *trust;
- if ( cert->dbEntry == NULL ) {
- ret = SECSuccess; /* not in permanent database */
- goto done;
- }
-
- entry = cert->dbEntry;
- entry->trust = *trust;
-
- rv = WriteDBCertEntry(handle, entry);
- if ( rv ) {
- ret = SECFailure;
- goto done;
- }
-
- ret = SECSuccess;
-
-done:
- nsslowcert_UnlockCertTrust(cert);
- nsslowcert_UnlockDB(handle);
- return(ret);
-}
-
-
-SECStatus
-nsslowcert_AddPermCert(NSSLOWCERTCertDBHandle *dbhandle,
- NSSLOWCERTCertificate *cert, char *nickname, NSSLOWCERTCertTrust *trust)
-{
- char *oldnn;
- certDBEntryCert *entry;
- PRBool conflict;
- SECStatus ret;
-
- nsslowcert_LockDB(dbhandle);
-
- PORT_Assert(!cert->dbEntry);
-
- /* don't add a conflicting nickname */
- conflict = nsslowcert_CertNicknameConflict(nickname, &cert->derSubject,
- dbhandle);
- if ( conflict ) {
- ret = SECFailure;
- goto done;
- }
-
- /* save old nickname so that we can delete it */
- oldnn = cert->nickname;
-
- entry = AddCertToPermDB(dbhandle, cert, nickname, trust);
-
- if ( entry == NULL ) {
- ret = SECFailure;
- goto done;
- }
-
- cert->nickname = (entry->nickname) ? PORT_ArenaStrdup(cert->arena,entry->nickname) : NULL;
- cert->trust = &entry->trust;
- cert->dbEntry = entry;
-
- ret = SECSuccess;
-done:
- nsslowcert_UnlockDB(dbhandle);
- return(ret);
-}
-
-/*
- * Open the certificate database and index databases. Create them if
- * they are not there or bad.
- */
-SECStatus
-nsslowcert_OpenCertDB(NSSLOWCERTCertDBHandle *handle, PRBool readOnly,
- NSSLOWCERTDBNameFunc namecb, void *cbarg, PRBool openVolatile)
-{
- int rv;
-
- certdb_InitDBLock(handle);
-
- handle->dbMon = PZ_NewMonitor(nssILockCertDB);
- PORT_Assert(handle->dbMon != NULL);
-
- rv = nsslowcert_OpenPermCertDB(handle, readOnly, namecb, cbarg);
- if ( rv ) {
- goto loser;
- }
-
- return (SECSuccess);
-
-loser:
-
- PORT_SetError(SEC_ERROR_BAD_DATABASE);
- return(SECFailure);
-}
-
-
-/*
- * Lookup a certificate in the databases.
- */
-static NSSLOWCERTCertificate *
-FindCertByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey, PRBool lockdb)
-{
- SECItem keyitem;
- DBT key;
- SECStatus rv;
- NSSLOWCERTCertificate *cert = NULL;
- PRArenaPool *arena = NULL;
- certDBEntryCert *entry;
- PRBool locked = PR_FALSE;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBCertKey(certKey, arena, &keyitem);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- key.data = keyitem.data;
- key.size = keyitem.len;
-
- if ( lockdb ) {
- locked = PR_TRUE;
- nsslowcert_LockDB(handle);
- }
-
- /* find in perm database */
- entry = ReadDBCertEntry(handle, certKey);
-
- if ( entry == NULL ) {
- goto loser;
- }
-
- /* inherit entry */
- cert = DecodeACert(handle, entry);
-
-loser:
- if ( locked ) {
- nsslowcert_UnlockDB(handle);
- }
-
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
-
- return(cert);
-}
-
-/*
- * Lookup a certificate in the databases without locking
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByKey(NSSLOWCERTCertDBHandle *handle, SECItem *certKey)
-{
- return(FindCertByKey(handle, certKey, PR_FALSE));
-}
-
-/*
- * Generate a key from an issuerAndSerialNumber, and find the
- * associated cert in the database.
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByIssuerAndSN(NSSLOWCERTCertDBHandle *handle, NSSLOWCERTIssuerAndSN *issuerAndSN)
-{
- SECItem certKey;
- SECItem *sn = &issuerAndSN->serialNumber;
- SECItem *issuer = &issuerAndSN->derIssuer;
- NSSLOWCERTCertificate *cert;
- int data_left = sn->len-1;
- int data_len = sn->len;
- int index = 0;
-
- /* automatically detect DER encoded serial numbers and remove the der
- * encoding since the database expects unencoded data.
- * if it's DER encoded, there must be at least 3 bytes, tag, len, data */
- if ((sn->len >= 3) && (sn->data[0] == 0x2)) {
- /* remove the der encoding of the serial number before generating the
- * key.. */
- data_left = sn->len-2;
- data_len = sn->data[1];
- index = 2;
-
- /* extended length ? (not very likely for a serial number) */
- if (data_len & 0x80) {
- int len_count = data_len & 0x7f;
-
- data_len = 0;
- data_left -= len_count;
- if (data_left > 0) {
- while (len_count --) {
- data_len = (data_len << 8) | sn->data[index++];
- }
- }
- }
- /* not a valid der, must be just an unlucky serial number value */
- if (data_len != data_left) {
- data_len = sn->len;
- index = 0;
- }
- }
-
- certKey.data = (unsigned char*)PORT_Alloc(sn->len + issuer->len);
- certKey.len = data_len + issuer->len;
-
- if ( certKey.data == NULL ) {
- return(0);
- }
-
- /* first try the der encoded serial number */
- /* copy the serialNumber */
- PORT_Memcpy(certKey.data, &sn->data[index], data_len);
-
- /* copy the issuer */
- PORT_Memcpy( &certKey.data[data_len],issuer->data,issuer->len);
-
- cert = nsslowcert_FindCertByKey(handle, &certKey);
- if (cert) {
- PORT_Free(certKey.data);
- return (cert);
- }
-
- /* didn't find it, try by old serial number */
- /* copy the serialNumber */
- PORT_Memcpy(certKey.data, sn->data, sn->len);
-
- /* copy the issuer */
- PORT_Memcpy( &certKey.data[sn->len], issuer->data, issuer->len);
- certKey.len = sn->len + issuer->len;
-
- cert = nsslowcert_FindCertByKey(handle, &certKey);
-
- PORT_Free(certKey.data);
-
- return(cert);
-}
-
-/*
- * look for the given DER certificate in the database
- */
-NSSLOWCERTCertificate *
-nsslowcert_FindCertByDERCert(NSSLOWCERTCertDBHandle *handle, SECItem *derCert)
-{
- PRArenaPool *arena;
- SECItem certKey;
- SECStatus rv;
- NSSLOWCERTCertificate *cert = NULL;
-
- /* create a scratch arena */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- return(NULL);
- }
-
- /* extract the database key from the cert */
- rv = nsslowcert_KeyFromDERCert(arena, derCert, &certKey);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- /* find the certificate */
- cert = nsslowcert_FindCertByKey(handle, &certKey);
-
-loser:
- PORT_FreeArena(arena, PR_FALSE);
- return(cert);
-}
-
-static void
-DestroyCertificate(NSSLOWCERTCertificate *cert, PRBool lockdb)
-{
- int refCount;
- NSSLOWCERTCertDBHandle *handle;
-
- if ( cert ) {
-
- handle = cert->dbhandle;
-
- /*
- * handle may be NULL, for example if the cert was created with
- * nsslowcert_DecodeDERCertificate.
- */
- if ( lockdb && handle ) {
- nsslowcert_LockDB(handle);
- }
-
- nsslowcert_LockCertRefCount(cert);
- PORT_Assert(cert->referenceCount > 0);
- refCount = --cert->referenceCount;
- nsslowcert_UnlockCertRefCount(cert);
-
- if ( ( refCount == 0 ) ) {
- certDBEntryCert *entry = cert->dbEntry;
- PRArenaPool * arena = cert->arena;
-
- if ( entry ) {
- DestroyDBEntry((certDBEntry *)entry);
- }
-
- /* zero cert before freeing. Any stale references to this cert
- * after this point will probably cause an exception. */
- PORT_Memset(cert, 0, sizeof *cert);
-
- cert = NULL;
-
- /* free the arena that contains the cert. */
- PORT_FreeArena(arena, PR_FALSE);
- }
- if ( lockdb && handle ) {
- nsslowcert_UnlockDB(handle);
- }
- }
-
- return;
-}
-
-void
-nsslowcert_DestroyCertificate(NSSLOWCERTCertificate *cert)
-{
- DestroyCertificate(cert, PR_TRUE);
- return;
-}
-
-static void
-nsslowcert_DestroyCertificateNoLocking(NSSLOWCERTCertificate *cert)
-{
- DestroyCertificate(cert, PR_FALSE);
- return;
-}
-
-/*
- * Lookup a CRL in the databases. We mirror the same fast caching data base
- * caching stuff used by certificates....?
- */
-SECItem *
-nsslowcert_FindCrlByKey(NSSLOWCERTCertDBHandle *handle, SECItem *crlKey,
- char **url, PRBool isKRL)
-{
- SECItem keyitem;
- DBT key;
- SECStatus rv;
- SECItem *crl = NULL;
- PRArenaPool *arena = NULL;
- certDBEntryRevocation *entry;
- certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation
- : certDBEntryTypeRevocation;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser;
- }
-
- rv = EncodeDBGenericKey(crlKey, arena, &keyitem, crlType);
- if ( rv != SECSuccess ) {
- goto loser;
- }
-
- key.data = keyitem.data;
- key.size = keyitem.len;
-
- /* find in perm database */
- entry = ReadDBCrlEntry(handle, crlKey, crlType);
-
- if ( entry == NULL ) {
- goto loser;
- }
-
- if (entry->url) {
- *url = PORT_Strdup(entry->url);
- }
- crl = SECITEM_DupItem(&entry->derCrl);
-
-loser:
- if ( arena ) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- if (entry) {
- DestroyDBEntry((certDBEntry *)entry);
- }
-
- return(crl);
-}
-
-/*
- * replace the existing URL in the data base with a new one
- */
-SECStatus
-nsslowcert_AddCrl(NSSLOWCERTCertDBHandle *handle, SECItem *derCrl,
- SECItem *crlKey, char *url, PRBool isKRL)
-{
- SECStatus rv = SECFailure;
- certDBEntryRevocation *entry = NULL;
- certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation
- : certDBEntryTypeRevocation;
- DeleteDBCrlEntry(handle, crlKey, crlType);
-
- /* Write the new entry into the data base */
- entry = NewDBCrlEntry(derCrl, url, crlType, 0);
- if (entry == NULL) goto done;
-
- rv = WriteDBCrlEntry(handle, entry, crlKey);
- if (rv != SECSuccess) goto done;
-
-done:
- if (entry) {
- DestroyDBEntry((certDBEntry *)entry);
- }
- return rv;
-}
-
-SECStatus
-nsslowcert_DeletePermCRL(NSSLOWCERTCertDBHandle *handle, SECItem *derName,
- PRBool isKRL)
-{
- SECStatus rv;
- certDBEntryType crlType = isKRL ? certDBEntryTypeKeyRevocation
- : certDBEntryTypeRevocation;
-
- rv = DeleteDBCrlEntry(handle, derName, crlType);
- if (rv != SECSuccess) goto done;
-
-done:
- return rv;
-}
-
-
-PRBool
-nsslowcert_hasTrust(NSSLOWCERTCertificate *cert)
-{
- NSSLOWCERTCertTrust *trust;
-
- if (cert->trust == NULL) {
- return PR_FALSE;
- }
- trust = cert->trust;
- return !((trust->sslFlags & CERTDB_TRUSTED_UNKNOWN) &&
- (trust->emailFlags & CERTDB_TRUSTED_UNKNOWN) &&
- (trust->objectSigningFlags & CERTDB_TRUSTED_UNKNOWN));
-}
-
-/*
- * This function has the logic that decides if another person's cert and
- * email profile from an S/MIME message should be saved. It can deal with
- * the case when there is no profile.
- */
-SECStatus
-nsslowcert_SaveSMimeProfile(NSSLOWCERTCertDBHandle *dbhandle, char *emailAddr,
- SECItem *derSubject, SECItem *emailProfile, SECItem *profileTime)
-{
- certDBEntrySMime *entry = NULL;
- SECStatus rv = SECFailure;;
-
- /* find our existing entry */
- entry = nsslowcert_ReadDBSMimeEntry(dbhandle, emailAddr);
-
- if ( entry ) {
- /* keep our old db entry consistant for old applications. */
- if (!SECITEM_ItemsAreEqual(derSubject, &entry->subjectName)) {
- UpdateSubjectWithEmailAddr(dbhandle, &entry->subjectName, NULL);
- }
- DestroyDBEntry((certDBEntry *)entry);
- entry = NULL;
- }
-
- /* now save the entry */
- entry = NewDBSMimeEntry(emailAddr, derSubject, emailProfile,
- profileTime, 0);
- if ( entry == NULL ) {
- rv = SECFailure;
- goto loser;
- }
-
- nsslowcert_LockDB(dbhandle);
-
- rv = DeleteDBSMimeEntry(dbhandle, emailAddr);
- /* if delete fails, try to write new entry anyway... */
-
- /* link subject entry back here */
- rv = UpdateSubjectWithEmailAddr(dbhandle, derSubject, emailAddr);
- if ( rv != SECSuccess ) {
- nsslowcert_UnlockDB(dbhandle);
- goto loser;
- }
-
- rv = WriteDBSMimeEntry(dbhandle, entry);
- if ( rv != SECSuccess ) {
- nsslowcert_UnlockDB(dbhandle);
- goto loser;
- }
-
- nsslowcert_UnlockDB(dbhandle);
-
- rv = SECSuccess;
-
-loser:
- if ( entry ) {
- DestroyDBEntry((certDBEntry *)entry);
- }
- return(rv);
-}
-
-void
-nsslowcert_DestroyGlobalLocks()
-{
- if (dbLock) {
- PZ_DestroyLock(dbLock);
- dbLock = NULL;
- }
- if (certRefCountLock) {
- PZ_DestroyLock(certRefCountLock);
- certRefCountLock = NULL;
- }
- if (certTrustLock) {
- PZ_DestroyLock(certTrustLock);
- certTrustLock = NULL;
- }
-}
diff --git a/security/nss/lib/softoken/pcertt.h b/security/nss/lib/softoken/pcertt.h
deleted file mode 100644
index 0170de389..000000000
--- a/security/nss/lib/softoken/pcertt.h
+++ /dev/null
@@ -1,432 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * certt.h - public data structures for the certificate library
- *
- * $Id$
- */
-#ifndef _PCERTT_H_
-#define _PCERTT_H_
-
-#include "prclist.h"
-#include "pkcs11t.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "plarena.h"
-#include "prcvar.h"
-#include "nssilock.h"
-#include "prio.h"
-#include "prmon.h"
-
-
-/* Non-opaque objects */
-typedef struct NSSLOWCERTCertDBHandleStr NSSLOWCERTCertDBHandle;
-typedef struct NSSLOWCERTCertKeyStr NSSLOWCERTCertKey;
-
-typedef struct NSSLOWCERTCertTrustStr NSSLOWCERTCertTrust;
-typedef struct NSSLOWCERTCertificateStr NSSLOWCERTCertificate;
-typedef struct NSSLOWCERTCertificateListStr NSSLOWCERTCertificateList;
-typedef struct NSSLOWCERTIssuerAndSNStr NSSLOWCERTIssuerAndSN;
-typedef struct NSSLOWCERTSignedDataStr NSSLOWCERTSignedData;
-typedef struct NSSLOWCERTSubjectPublicKeyInfoStr NSSLOWCERTSubjectPublicKeyInfo;
-typedef struct NSSLOWCERTValidityStr NSSLOWCERTValidity;
-
-/*
-** An X.509 validity object
-*/
-struct NSSLOWCERTValidityStr {
- PRArenaPool *arena;
- SECItem notBefore;
- SECItem notAfter;
-};
-
-/*
- * A serial number and issuer name, which is used as a database key
- */
-struct NSSLOWCERTCertKeyStr {
- SECItem serialNumber;
- SECItem derIssuer;
-};
-
-/*
-** A signed data object. Used to implement the "signed" macro used
-** in the X.500 specs.
-*/
-struct NSSLOWCERTSignedDataStr {
- SECItem data;
- SECAlgorithmID signatureAlgorithm;
- SECItem signature;
-};
-
-/*
-** An X.509 subject-public-key-info object
-*/
-struct NSSLOWCERTSubjectPublicKeyInfoStr {
- PRArenaPool *arena;
- SECAlgorithmID algorithm;
- SECItem subjectPublicKey;
-};
-
-typedef struct _certDBEntryCert certDBEntryCert;
-typedef struct _certDBEntryRevocation certDBEntryRevocation;
-
-struct NSSLOWCERTCertTrustStr {
- unsigned int sslFlags;
- unsigned int emailFlags;
- unsigned int objectSigningFlags;
-};
-
-/*
-** An X.509 certificate object (the unsigned form)
-*/
-struct NSSLOWCERTCertificateStr {
- /* the arena is used to allocate any data structures that have the same
- * lifetime as the cert. This is all stuff that hangs off of the cert
- * structure, and is all freed at the same time. I is used when the
- * cert is decoded, destroyed, and at some times when it changes
- * state
- */
- PRArenaPool *arena;
- NSSLOWCERTCertDBHandle *dbhandle;
-
- SECItem derCert; /* original DER for the cert */
- SECItem derIssuer; /* DER for issuer name */
- SECItem serialNumber;
- SECItem derSubject; /* DER for subject name */
- NSSLOWCERTSubjectPublicKeyInfo subjectPublicKeyInfo;
- SECItem certKey; /* database key for this cert */
- NSSLOWCERTValidity validity;
- certDBEntryCert *dbEntry; /* database entry struct */
- SECItem subjectKeyID; /* x509v3 subject key identifier */
- char *nickname;
- char *emailAddr;
- NSSLOWCERTCertTrust *trust;
-
- /* the reference count is modified whenever someone looks up, dups
- * or destroys a certificate
- */
- int referenceCount;
-};
-#define SEC_CERTIFICATE_VERSION_1 0 /* default created */
-#define SEC_CERTIFICATE_VERSION_2 1 /* v2 */
-#define SEC_CERTIFICATE_VERSION_3 2 /* v3 extensions */
-
-#define SEC_CRL_VERSION_1 0 /* default */
-#define SEC_CRL_VERSION_2 1 /* v2 extensions */
-
-struct NSSLOWCERTIssuerAndSNStr {
- SECItem derIssuer;
- SECItem serialNumber;
-};
-
-typedef SECStatus (* NSSLOWCERTCertCallback)(NSSLOWCERTCertificate *cert, void *arg);
-
-/* This is the typedef for the callback passed to nsslowcert_OpenCertDB() */
-/* callback to return database name based on version number */
-typedef char * (*NSSLOWCERTDBNameFunc)(void *arg, int dbVersion);
-
-/* XXX Lisa thinks the template declarations belong in cert.h, not here? */
-
-#include "secasn1t.h" /* way down here because I expect template stuff to
- * move out of here anyway */
-
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template nsslowcert_CertificateTemplate[];
-extern const SEC_ASN1Template nsslowcert_SignedDataTemplate[];
-extern const SEC_ASN1Template NSSLOWKEY_PublicKeyTemplate[];
-extern const SEC_ASN1Template nsslowcert_SubjectPublicKeyInfoTemplate[];
-extern const SEC_ASN1Template nsslowcert_ValidityTemplate[];
-
-SEC_END_PROTOS
-
-/*
- * Certificate Database related definitions and data structures
- */
-
-/* version number of certificate database */
-#define CERT_DB_FILE_VERSION 7
-#ifdef USE_NS_ROOTS
-#define CERT_DB_CONTENT_VERSION 28
-#else
-#define CERT_DB_CONTENT_VERSION 2
-#endif
-
-#define SEC_DB_ENTRY_HEADER_LEN 3
-#define SEC_DB_KEY_HEADER_LEN 1
-
-/* All database entries have this form:
- *
- * byte offset field
- * ----------- -----
- * 0 version
- * 1 type
- * 2 flags
- */
-
-/* database entry types */
-typedef enum {
- certDBEntryTypeVersion = 0,
- certDBEntryTypeCert = 1,
- certDBEntryTypeNickname = 2,
- certDBEntryTypeSubject = 3,
- certDBEntryTypeRevocation = 4,
- certDBEntryTypeKeyRevocation = 5,
- certDBEntryTypeSMimeProfile = 6,
- certDBEntryTypeContentVersion = 7
-} certDBEntryType;
-
-typedef struct {
- certDBEntryType type;
- unsigned int version;
- unsigned int flags;
- PRArenaPool *arena;
-} certDBEntryCommon;
-
-/*
- * Certificate entry:
- *
- * byte offset field
- * ----------- -----
- * 0 sslFlags-msb
- * 1 sslFlags-lsb
- * 2 emailFlags-msb
- * 3 emailFlags-lsb
- * 4 objectSigningFlags-msb
- * 5 objectSigningFlags-lsb
- * 6 derCert-len-msb
- * 7 derCert-len-lsb
- * 8 nickname-len-msb
- * 9 nickname-len-lsb
- * ... derCert
- * ... nickname
- *
- * NOTE: the nickname string as stored in the database is null terminated,
- * in other words, the last byte of the db entry is always 0
- * if a nickname is present.
- * NOTE: if nickname is not present, then nickname-len-msb and
- * nickname-len-lsb will both be zero.
- */
-struct _certDBEntryCert {
- certDBEntryCommon common;
- NSSLOWCERTCertTrust trust;
- SECItem derCert;
- char *nickname;
-};
-
-/*
- * Certificate Nickname entry:
- *
- * byte offset field
- * ----------- -----
- * 0 subjectname-len-msb
- * 1 subjectname-len-lsb
- * 2... subjectname
- *
- * The database key for this type of entry is a nickname string
- * The "subjectname" value is the DER encoded DN of the identity
- * that matches this nickname.
- */
-typedef struct {
- certDBEntryCommon common;
- char *nickname;
- SECItem subjectName;
-} certDBEntryNickname;
-
-#define DB_NICKNAME_ENTRY_HEADER_LEN 2
-
-/*
- * Certificate Subject entry:
- *
- * byte offset field
- * ----------- -----
- * 0 ncerts-msb
- * 1 ncerts-lsb
- * 2 nickname-msb
- * 3 nickname-lsb
- * 4 emailAddr-msb
- * 5 emailAddr-lsb
- * ... nickname
- * ... emailAddr
- * ...+2*i certkey-len-msb
- * ...+1+2*i certkey-len-lsb
- * ...+2*ncerts+2*i keyid-len-msb
- * ...+1+2*ncerts+2*i keyid-len-lsb
- * ... certkeys
- * ... keyids
- *
- * The database key for this type of entry is the DER encoded subject name
- * The "certkey" value is an array of certificate database lookup keys that
- * points to the database entries for the certificates that matche
- * this subject.
- *
- */
-typedef struct _certDBEntrySubject {
- certDBEntryCommon common;
- SECItem derSubject;
- unsigned int ncerts;
- char *nickname;
- char *emailAddr;
- SECItem *certKeys;
- SECItem *keyIDs;
-} certDBEntrySubject;
-
-#define DB_SUBJECT_ENTRY_HEADER_LEN 6
-
-/*
- * Certificate SMIME profile entry:
- *
- * byte offset field
- * ----------- -----
- * 0 subjectname-len-msb
- * 1 subjectname-len-lsb
- * 2 smimeoptions-len-msb
- * 3 smimeoptions-len-lsb
- * 4 options-date-len-msb
- * 5 options-date-len-lsb
- * 6... subjectname
- * ... smimeoptions
- * ... options-date
- *
- * The database key for this type of entry is the email address string
- * The "subjectname" value is the DER encoded DN of the identity
- * that matches this nickname.
- * The "smimeoptions" value is a string that represents the algorithm
- * capabilities on the remote user.
- * The "options-date" is the date that the smime options value was created.
- * This is generally the signing time of the signed message that contained
- * the options. It is a UTCTime value.
- */
-typedef struct {
- certDBEntryCommon common;
- char *emailAddr;
- SECItem subjectName;
- SECItem smimeOptions;
- SECItem optionsDate;
-} certDBEntrySMime;
-
-#define DB_SMIME_ENTRY_HEADER_LEN 6
-
-/*
- * Crl/krl entry:
- *
- * byte offset field
- * ----------- -----
- * 0 derCert-len-msb
- * 1 derCert-len-lsb
- * 2 url-len-msb
- * 3 url-len-lsb
- * ... derCert
- * ... url
- *
- * NOTE: the url string as stored in the database is null terminated,
- * in other words, the last byte of the db entry is always 0
- * if a nickname is present.
- * NOTE: if url is not present, then url-len-msb and
- * url-len-lsb will both be zero.
- */
-#define DB_CRL_ENTRY_HEADER_LEN 4
-struct _certDBEntryRevocation {
- certDBEntryCommon common;
- SECItem derCrl;
- char *url; /* where to load the crl from */
-};
-
-/*
- * Database Version Entry:
- *
- * byte offset field
- * ----------- -----
- * only the low level header...
- *
- * The database key for this type of entry is the string "Version"
- */
-typedef struct {
- certDBEntryCommon common;
-} certDBEntryVersion;
-
-#define SEC_DB_VERSION_KEY "Version"
-#define SEC_DB_VERSION_KEY_LEN sizeof(SEC_DB_VERSION_KEY)
-
-/*
- * Database Content Version Entry:
- *
- * byte offset field
- * ----------- -----
- * 0 contentVersion
- *
- * The database key for this type of entry is the string "ContentVersion"
- */
-typedef struct {
- certDBEntryCommon common;
- char contentVersion;
-} certDBEntryContentVersion;
-
-#define SEC_DB_CONTENT_VERSION_KEY "ContentVersion"
-#define SEC_DB_CONTENT_VERSION_KEY_LEN sizeof(SEC_DB_CONTENT_VERSION_KEY)
-
-typedef union {
- certDBEntryCommon common;
- certDBEntryVersion version;
- certDBEntryCert cert;
- certDBEntryNickname nickname;
- certDBEntrySubject subject;
- certDBEntryRevocation revocation;
-} certDBEntry;
-
-/* length of the fixed part of a database entry */
-#define DBCERT_V4_HEADER_LEN 7
-#define DB_CERT_V5_ENTRY_HEADER_LEN 7
-#define DB_CERT_V6_ENTRY_HEADER_LEN 7
-#define DB_CERT_ENTRY_HEADER_LEN 10
-
-/* common flags for all types of certificates */
-#define CERTDB_VALID_PEER (1<<0)
-#define CERTDB_TRUSTED (1<<1)
-#define CERTDB_SEND_WARN (1<<2)
-#define CERTDB_VALID_CA (1<<3)
-#define CERTDB_TRUSTED_CA (1<<4) /* trusted for issuing server certs */
-#define CERTDB_NS_TRUSTED_CA (1<<5)
-#define CERTDB_USER (1<<6)
-#define CERTDB_TRUSTED_CLIENT_CA (1<<7) /* trusted for issuing client certs */
-#define CERTDB_INVISIBLE_CA (1<<8) /* don't show in UI */
-#define CERTDB_GOVT_APPROVED_CA (1<<9) /* can do strong crypto in export ver */
-#define CERTDB_NOT_TRUSTED (1<<10) /* explicitly don't trust this cert */
-#define CERTDB_TRUSTED_UNKNOWN (1<<11) /* accept trust from another source */
-
-/* bits not affected by the CKO_NETSCAPE_TRUST object */
-#define CERTDB_PRESERVE_TRUST_BITS (CERTDB_USER | CERTDB_VALID_PEER | \
- CERTDB_NS_TRUSTED_CA | CERTDB_VALID_CA | CERTDB_INVISIBLE_CA | \
- CERTDB_GOVT_APPROVED_CA)
-
-#endif /* _PCERTT_H_ */
diff --git a/security/nss/lib/softoken/pk11db.c b/security/nss/lib/softoken/pk11db.c
deleted file mode 100644
index 24c601a01..000000000
--- a/security/nss/lib/softoken/pk11db.c
+++ /dev/null
@@ -1,776 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following code handles the storage of PKCS 11 modules used by the
- * NSS. This file is written to abstract away how the modules are
- * stored so we can deside that later.
- */
-
-#include "pk11pars.h"
-#include "pkcs11i.h"
-#include "mcom_db.h"
-
-#define FREE_CLEAR(p) if (p) { PORT_Free(p); p = NULL; }
-
-static void
-secmod_parseTokenFlags(char *tmp, pk11_token_parameters *parsed) {
- parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp);
- parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp);
- parsed->noKeyDB = pk11_argHasFlag("flags","noKeyDB",tmp);
- parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp);
- parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp);
- return;
-}
-
-static void
-secmod_parseFlags(char *tmp, pk11_parameters *parsed) {
- parsed->noModDB = pk11_argHasFlag("flags","noModDB",tmp);
- parsed->readOnly = pk11_argHasFlag("flags","readOnly",tmp);
- /* keep legacy interface working */
- parsed->noCertDB = pk11_argHasFlag("flags","noCertDB",tmp);
- parsed->forceOpen = pk11_argHasFlag("flags","forceOpen",tmp);
- parsed->pwRequired = pk11_argHasFlag("flags","passwordRequired",tmp);
- return;
-}
-
-CK_RV
-secmod_parseTokenParameters(char *param, pk11_token_parameters *parsed)
-{
- int next;
- char *tmp;
- char *index;
- index = pk11_argStrip(param);
-
- while (*index) {
- PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configdir=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->certPrefix,"certprefix=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->keyPrefix,"keyprefix=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->tokdes,"tokenDescription=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->slotdes,"slotDescription=",;)
- PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=",
- if(tmp) { parsed->minPW=atoi(tmp); PORT_Free(tmp); })
- PK11_HANDLE_STRING_ARG(index,tmp,"flags=",
- if(tmp) { secmod_parseTokenFlags(param,parsed); PORT_Free(tmp); })
- PK11_HANDLE_FINAL_ARG(index)
- }
- return CKR_OK;
-}
-
-static void
-secmod_parseTokens(char *tokenParams, pk11_parameters *parsed)
-{
- char *tokenIndex;
- pk11_token_parameters *tokens = NULL;
- int i=0,count = 0,next;
-
- if ((tokenParams == NULL) || (*tokenParams == 0)) return;
-
- /* first count the number of slots */
- for (tokenIndex = pk11_argStrip(tokenParams); *tokenIndex;
- tokenIndex = pk11_argStrip(pk11_argSkipParameter(tokenIndex))) {
- count++;
- }
-
- /* get the data structures */
- tokens = (pk11_token_parameters *)
- PORT_ZAlloc(count*sizeof(pk11_token_parameters));
- if (tokens == NULL) return;
-
- for (tokenIndex = pk11_argStrip(tokenParams), i = 0;
- *tokenIndex && i < count ; i++ ) {
- char *name;
- name = pk11_argGetName(tokenIndex,&next);
- tokenIndex += next;
-
- tokens[i].slotID = pk11_argDecodeNumber(name);
- tokens[i].readOnly = PR_TRUE;
- tokens[i].noCertDB = PR_TRUE;
- tokens[i].noKeyDB = PR_TRUE;
- if (!pk11_argIsBlank(*tokenIndex)) {
- char *args = pk11_argFetchValue(tokenIndex,&next);
- tokenIndex += next;
- if (args) {
- secmod_parseTokenParameters(args,&tokens[i]);
- PORT_Free(args);
- }
- }
- if (name) PORT_Free(name);
- tokenIndex = pk11_argStrip(tokenIndex);
- }
- parsed->token_count = i;
- parsed->tokens = tokens;
- return;
-}
-
-CK_RV
-secmod_parseParameters(char *param, pk11_parameters *parsed, PRBool isFIPS)
-{
- int next;
- char *tmp;
- char *index;
- char *certPrefix = NULL, *keyPrefix = NULL;
- char *tokdes = NULL, *ptokdes = NULL;
- char *slotdes = NULL, *pslotdes = NULL;
- char *fslotdes = NULL, *fpslotdes = NULL;
- char *minPW = NULL;
- index = pk11_argStrip(param);
-
- PORT_Memset(parsed, 0, sizeof(pk11_parameters));
-
- while (*index) {
- PK11_HANDLE_STRING_ARG(index,parsed->configdir,"configdir=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->secmodName,"secmod=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->man,"manufactureID=",;)
- PK11_HANDLE_STRING_ARG(index,parsed->libdes,"libraryDescription=",;)
- /* constructed values, used so legacy interfaces still work */
- PK11_HANDLE_STRING_ARG(index,certPrefix,"certprefix=",;)
- PK11_HANDLE_STRING_ARG(index,keyPrefix,"keyprefix=",;)
- PK11_HANDLE_STRING_ARG(index,tokdes,"cryptoTokenDescription=",;)
- PK11_HANDLE_STRING_ARG(index,ptokdes,"dbTokenDescription=",;)
- PK11_HANDLE_STRING_ARG(index,slotdes,"cryptoSlotDescription=",;)
- PK11_HANDLE_STRING_ARG(index,pslotdes,"dbSlotDescription=",;)
- PK11_HANDLE_STRING_ARG(index,fslotdes,"FIPSSlotDescription=",;)
- PK11_HANDLE_STRING_ARG(index,minPW,"FIPSTokenDescription=",;)
- PK11_HANDLE_STRING_ARG(index,tmp,"minPWLen=",;)
-
- PK11_HANDLE_STRING_ARG(index,tmp,"flags=",
- if(tmp) { secmod_parseFlags(param,parsed); PORT_Free(tmp); })
- PK11_HANDLE_STRING_ARG(index,tmp,"tokens=",
- if(tmp) { secmod_parseTokens(tmp,parsed); PORT_Free(tmp); })
- PK11_HANDLE_FINAL_ARG(index)
- }
- if (parsed->tokens == NULL) {
- int count = isFIPS ? 1 : 2;
- int index = count-1;
- pk11_token_parameters *tokens = NULL;
-
- tokens = (pk11_token_parameters *)
- PORT_ZAlloc(count*sizeof(pk11_token_parameters));
- if (tokens == NULL) {
- goto loser;
- }
- parsed->tokens = tokens;
- parsed->token_count = count;
- tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID;
- tokens[index].certPrefix = certPrefix;
- tokens[index].keyPrefix = keyPrefix;
- tokens[index].minPW = minPW ? atoi(minPW) : 0;
- tokens[index].readOnly = parsed->readOnly;
- tokens[index].noCertDB = parsed->noCertDB;
- tokens[index].forceOpen = parsed->forceOpen;
- tokens[index].pwRequired = parsed->pwRequired;
- certPrefix = NULL;
- keyPrefix = NULL;
- if (isFIPS) {
- tokens[index].tokdes = fslotdes;
- tokens[index].slotdes = fpslotdes;
- fslotdes = NULL;
- fpslotdes = NULL;
- } else {
- tokens[index].tokdes = ptokdes;
- tokens[index].slotdes = pslotdes;
- tokens[0].slotID = NETSCAPE_SLOT_ID;
- tokens[0].tokdes = tokdes;
- tokens[0].slotdes = slotdes;
- tokens[0].noCertDB = PR_TRUE;
- tokens[0].noKeyDB = PR_TRUE;
- ptokdes = NULL;
- pslotdes = NULL;
- tokdes = NULL;
- slotdes = NULL;
- }
- }
-
-loser:
- FREE_CLEAR(certPrefix);
- FREE_CLEAR(keyPrefix);
- FREE_CLEAR(tokdes);
- FREE_CLEAR(ptokdes);
- FREE_CLEAR(slotdes);
- FREE_CLEAR(pslotdes);
- FREE_CLEAR(fslotdes);
- FREE_CLEAR(fpslotdes);
- FREE_CLEAR(minPW);
- return CKR_OK;
-}
-
-void
-secmod_freeParams(pk11_parameters *params)
-{
- int i;
-
- for (i=0; i < params->token_count; i++) {
- FREE_CLEAR(params->tokens[i].configdir);
- FREE_CLEAR(params->tokens[i].certPrefix);
- FREE_CLEAR(params->tokens[i].keyPrefix);
- FREE_CLEAR(params->tokens[i].tokdes);
- FREE_CLEAR(params->tokens[i].slotdes);
- }
-
- FREE_CLEAR(params->configdir);
- FREE_CLEAR(params->secmodName);
- FREE_CLEAR(params->man);
- FREE_CLEAR(params->libdes);
- FREE_CLEAR(params->tokens);
-}
-
-
-char *
-secmod_getSecmodName(char *param, PRBool *rw)
-{
- int next;
- char *configdir = NULL;
- char *secmodName = NULL;
- char *value = NULL;
- char *save_params = param;
- param = pk11_argStrip(param);
-
-
- while (*param) {
- PK11_HANDLE_STRING_ARG(param,configdir,"configdir=",;)
- PK11_HANDLE_STRING_ARG(param,secmodName,"secmod=",;)
- PK11_HANDLE_FINAL_ARG(param)
- }
-
- *rw = PR_TRUE;
- if (pk11_argHasFlag("flags","readOnly",save_params) ||
- pk11_argHasFlag("flags","noModDB",save_params)) *rw = PR_FALSE;
-
- if (!secmodName || *secmodName == '\0') secmodName = PORT_Strdup(SECMOD_DB);
-
- if (configdir) {
- value = PR_smprintf("%s" PATH_SEPARATOR "%s",configdir,secmodName);
- } else {
- value = PORT_Strdup(secmodName);
- }
- PORT_Free(secmodName);
- if (configdir) PORT_Free(configdir);
- return value;
-}
-
-/* Construct a database key for a given module */
-static SECStatus secmod_MakeKey(DBT *key, char * module) {
- int len = 0;
- char *commonName;
-
- commonName = pk11_argGetParamValue("name",module);
- if (commonName == NULL) {
- commonName = pk11_argGetParamValue("library",module);
- }
- if (commonName == NULL) return SECFailure;
- len = PORT_Strlen(commonName);
- key->data = commonName;
- key->size = len;
- return SECSuccess;
-}
-
-/* free out constructed database key */
-static void secmod_FreeKey(DBT *key) {
- if (key->data) {
- PORT_Free(key->data);
- }
- key->data = NULL;
- key->size = 0;
-}
-
-typedef struct secmodDataStr secmodData;
-typedef struct secmodSlotDataStr secmodSlotData;
-struct secmodDataStr {
- unsigned char major;
- unsigned char minor;
- unsigned char nameStart[2];
- unsigned char slotOffset[2];
- unsigned char internal;
- unsigned char fips;
- unsigned char ssl[8];
- unsigned char trustOrder[4];
- unsigned char cipherOrder[4];
- unsigned char reserved1;
- unsigned char isModuleDB;
- unsigned char isModuleDBOnly;
- unsigned char isCritical;
- unsigned char reserved[4];
- unsigned char names[6]; /* enough space for the length fields */
-};
-
-struct secmodSlotDataStr {
- unsigned char slotID[4];
- unsigned char defaultFlags[4];
- unsigned char timeout[4];
- unsigned char askpw;
- unsigned char hasRootCerts;
- unsigned char reserved[18]; /* this makes it a round 32 bytes */
-};
-
-#define SECMOD_DB_VERSION_MAJOR 0
-#define SECMOD_DB_VERSION_MINOR 6
-#define SECMOD_DB_EXT1_VERSION_MAJOR 0
-#define SECMOD_DB_EXT1_VERSION_MINOR 6
-#define SECMOD_DB_NOUI_VERSION_MAJOR 0
-#define SECMOD_DB_NOUI_VERSION_MINOR 4
-
-#define SECMOD_PUTSHORT(dest,src) \
- (dest)[1] = (unsigned char) ((src)&0xff); \
- (dest)[0] = (unsigned char) (((src) >> 8) & 0xff);
-#define SECMOD_PUTLONG(dest,src) \
- (dest)[3] = (unsigned char) ((src)&0xff); \
- (dest)[2] = (unsigned char) (((src) >> 8) & 0xff); \
- (dest)[1] = (unsigned char) (((src) >> 16) & 0xff); \
- (dest)[0] = (unsigned char) (((src) >> 24) & 0xff);
-#define SECMOD_GETSHORT(src) \
- ((unsigned short) (((src)[0] << 8) | (src)[1]))
-#define SECMOD_GETLONG(src) \
- ((unsigned long) (( (unsigned long) (src)[0] << 24) | \
- ( (unsigned long) (src)[1] << 16) | \
- ( (unsigned long) (src)[2] << 8) | \
- (unsigned long) (src)[3]))
-
-/*
- * build a data base entry from a module
- */
-static SECStatus secmod_EncodeData(DBT *data, char * module) {
- secmodData *encoded = NULL;
- secmodSlotData *slot;
- unsigned char *dataPtr;
- unsigned short len, len2 = 0, len3 = 0;
- int count = 0;
- unsigned short offset;
- int dataLen, i;
- unsigned long order;
- unsigned long ssl[2];
- char *commonName = NULL , *dllName = NULL, *param = NULL, *nss = NULL;
- char *slotParams, *ciphers;
- PK11PreSlotInfo *slotInfo = NULL;
- SECStatus rv = SECFailure;
-
- rv = pk11_argParseModuleSpec(module,&dllName,&commonName,&param,&nss);
- if (rv != SECSuccess) return rv;
- rv = SECFailure;
-
- if (commonName == NULL) {
- /* set error */
- goto loser;
- }
-
- len = PORT_Strlen(commonName);
- if (dllName) {
- len2 = PORT_Strlen(dllName);
- }
- if (param) {
- len3 = PORT_Strlen(param);
- }
-
- slotParams = pk11_argGetParamValue("slotParams",nss);
- slotInfo = pk11_argParseSlotInfo(NULL,slotParams,&count);
- if (slotParams) PORT_Free(slotParams);
-
- if (count && slotInfo == NULL) {
- /* set error */
- goto loser;
- }
-
- dataLen = sizeof(secmodData) + len + len2 + len3 + sizeof(unsigned short) +
- count*sizeof(secmodSlotData);
-
- data->data = (unsigned char *) PORT_ZAlloc(dataLen);
- encoded = (secmodData *)data->data;
- dataPtr = (unsigned char *) data->data;
- data->size = dataLen;
-
- if (encoded == NULL) {
- /* set error */
- goto loser;
- }
-
- encoded->major = SECMOD_DB_VERSION_MAJOR;
- encoded->minor = SECMOD_DB_VERSION_MINOR;
- encoded->internal = (unsigned char)
- (pk11_argHasFlag("flags","internal",nss) ? 1 : 0);
- encoded->fips = (unsigned char)
- (pk11_argHasFlag("flags","FIPS",nss) ? 1 : 0);
- encoded->isModuleDB = (unsigned char)
- (pk11_argHasFlag("flags","isModuleDB",nss) ? 1 : 0);
- encoded->isModuleDBOnly = (unsigned char)
- (pk11_argHasFlag("flags","isModuleDBOnly",nss) ? 1 : 0);
- encoded->isCritical = (unsigned char)
- (pk11_argHasFlag("flags","critical",nss) ? 1 : 0);
-
- order = pk11_argReadLong("trustOrder",nss);
- SECMOD_PUTLONG(encoded->trustOrder,order);
- order = pk11_argReadLong("cipherOrder",nss);
- SECMOD_PUTLONG(encoded->cipherOrder,order);
-
-
- ciphers = pk11_argGetParamValue("ciphers",nss);
- pk11_argSetNewCipherFlags(&ssl[0], ciphers);
- SECMOD_PUTLONG(encoded->ssl,ssl[0]);
- SECMOD_PUTLONG(&encoded->ssl[4],ssl[1]);
-
- offset = (unsigned long) &(((secmodData *)0)->names[0]);
- SECMOD_PUTSHORT(encoded->nameStart,offset);
- offset = offset + len + len2 + len3 + 3*sizeof(unsigned short);
- SECMOD_PUTSHORT(encoded->slotOffset,offset);
-
-
- SECMOD_PUTSHORT(&dataPtr[offset],((unsigned short)count));
- slot = (secmodSlotData *)(dataPtr+offset+sizeof(unsigned short));
-
- offset = 0;
- SECMOD_PUTSHORT(encoded->names,len);
- offset += sizeof(unsigned short);
- PORT_Memcpy(&encoded->names[offset],commonName,len);
- offset += len;
-
-
- SECMOD_PUTSHORT(&encoded->names[offset],len2);
- offset += sizeof(unsigned short);
- if (len2) PORT_Memcpy(&encoded->names[offset],dllName,len2);
- offset += len2;
-
- SECMOD_PUTSHORT(&encoded->names[offset],len3);
- offset += sizeof(unsigned short);
- if (len3) PORT_Memcpy(&encoded->names[offset],param,len3);
- offset += len3;
-
- if (count) {
- for (i=0; i < count; i++) {
- SECMOD_PUTLONG(slot[i].slotID, slotInfo[i].slotID);
- SECMOD_PUTLONG(slot[i].defaultFlags,
- slotInfo[i].defaultFlags);
- SECMOD_PUTLONG(slot[i].timeout,slotInfo[i].timeout);
- slot[i].askpw = slotInfo[i].askpw;
- slot[i].hasRootCerts = slotInfo[i].hasRootCerts;
- PORT_Memset(slot[i].reserved, 0, sizeof(slot[i].reserved));
- }
- }
- rv = SECSuccess;
-
-loser:
- if (commonName) PORT_Free(commonName);
- if (dllName) PORT_Free(dllName);
- if (param) PORT_Free(param);
- if (slotInfo) PORT_Free(slotInfo);
- return rv;
-
-}
-
-static void
-secmod_FreeData(DBT *data)
-{
- if (data->data) {
- PORT_Free(data->data);
- }
-}
-
-/*
- * build a module from the data base entry.
- */
-static char *
-secmod_DecodeData(char *defParams, DBT *data, PRBool *retInternal)
-{
- secmodData *encoded;
- secmodSlotData *slots;
- char *commonName = NULL,*dllName = NULL,*parameters = NULL;
- unsigned char *names;
- unsigned short len;
- unsigned long slotCount;
- unsigned short offset;
- PRBool isOldVersion = PR_FALSE;
- PRBool internal, isFIPS, isModuleDB=PR_FALSE, isModuleDBOnly=PR_FALSE;
- PRBool extended=PR_FALSE;
- PRBool hasRootCerts=PR_FALSE,hasRootTrust=PR_FALSE;
- unsigned long trustOrder=0, cipherOrder=0;
- unsigned long ssl0=0, ssl1=0;
- char **slotStrings = NULL;
- unsigned long slotID,defaultFlags,timeout;
- char *nss,*moduleSpec;
- int i;
-
- PLArenaPool *arena;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL) return NULL;
-
- encoded = (secmodData *)data->data;
- names = (unsigned char *)data->data;
- offset = SECMOD_GETSHORT(encoded->slotOffset);
- slots = (secmodSlotData *) (names + offset + 2);
- slotCount = SECMOD_GETSHORT(names + offset);
- names += SECMOD_GETSHORT(encoded->nameStart);
-
- * retInternal = internal = (encoded->internal != 0) ? PR_TRUE: PR_FALSE;
- isFIPS = (encoded->fips != 0) ? PR_TRUE: PR_FALSE;
- len = SECMOD_GETSHORT(names);
-
- if (internal && (encoded->major == SECMOD_DB_NOUI_VERSION_MAJOR) &&
- (encoded->minor <= SECMOD_DB_NOUI_VERSION_MINOR)) {
- isOldVersion = PR_TRUE;
- }
-
- if ((encoded->major == SECMOD_DB_EXT1_VERSION_MAJOR) &&
- (encoded->minor >= SECMOD_DB_EXT1_VERSION_MINOR)) {
- trustOrder = SECMOD_GETLONG(encoded->trustOrder);
- cipherOrder = SECMOD_GETLONG(encoded->cipherOrder);
- isModuleDB = (encoded->isModuleDB != 0) ? PR_TRUE: PR_FALSE;
- isModuleDBOnly = (encoded->isModuleDBOnly != 0) ? PR_TRUE: PR_FALSE;
- extended = PR_TRUE;
- }
-
- /* decode the common name */
- commonName = (char*)PORT_ArenaAlloc(arena,len+1);
- if (commonName == NULL) {
- PORT_FreeArena(arena,PR_TRUE);
- return NULL;
- }
- PORT_Memcpy(commonName,&names[2],len);
- commonName[len] = 0;
-
- /* decode the DLL name */
- names += len+2;
- len = SECMOD_GETSHORT(names);
- if (len) {
- dllName = (char*)PORT_ArenaAlloc(arena,len + 1);
- if (dllName == NULL) {
- PORT_FreeArena(arena,PR_TRUE);
- return NULL;
- }
- PORT_Memcpy(dllName,&names[2],len);
- dllName[len] = 0;
- }
- if (!internal && extended) {
- names += len+2;
- len = SECMOD_GETSHORT(names);
- if (len) {
- parameters = (char*)PORT_ArenaAlloc(arena,len + 1);
- if (parameters == NULL) {
- PORT_FreeArena(arena,PR_TRUE);
- return NULL;
- }
- PORT_Memcpy(parameters,&names[2],len);
- parameters[len] = 0;
- }
- }
- if (internal) {
- parameters = PORT_ArenaStrdup(arena,defParams);
- }
-
- /* decode SSL cipher enable flags */
- ssl0 = SECMOD_GETLONG(encoded->ssl);
- ssl1 = SECMOD_GETLONG(&encoded->ssl[4]);
-
- /* slotCount; */
- slotStrings = (char **)PORT_ArenaAlloc(arena, slotCount * sizeof(char *));
- for (i=0; i < (int) slotCount; i++) {
- slotID = SECMOD_GETLONG(slots[i].slotID);
- defaultFlags = SECMOD_GETLONG(slots[i].defaultFlags);
- if (isOldVersion && internal && (slotID != 2)) {
- unsigned long internalFlags=
- pk11_argSlotFlags("slotFlags",SECMOD_SLOT_FLAGS);
- defaultFlags |= internalFlags;
- }
- timeout = SECMOD_GETLONG(slots[i].timeout);
- hasRootCerts = slots[i].hasRootCerts;
- if (hasRootCerts && !extended) {
- trustOrder = 20;
- }
-
- slotStrings[i] = pk11_mkSlotString(slotID,defaultFlags,
- timeout,slots[i].askpw,hasRootCerts,hasRootTrust);
- }
-
- nss = pk11_mkNSS(slotStrings, slotCount, internal, isFIPS, isModuleDB,
- isModuleDBOnly, internal, trustOrder, cipherOrder, ssl0, ssl1);
- moduleSpec = pk11_mkNewModuleSpec(dllName,commonName,parameters,nss);
- PR_smprintf_free(nss);
- PORT_FreeArena(arena,PR_TRUE);
-
- return (moduleSpec);
-}
-
-
-
-static DB *secmod_OpenDB(char *dbName, PRBool readOnly) {
- DB *pkcs11db = NULL;
-
- /* I'm sure we should do more checks here sometime... */
- pkcs11db = dbopen(dbName, readOnly ? O_RDONLY : O_RDWR, 0600, DB_HASH, 0);
-
- /* didn't exist? create it */
- if (pkcs11db == NULL) {
- if (readOnly) return NULL;
-
- pkcs11db = dbopen( dbName,
- O_RDWR | O_CREAT | O_TRUNC, 0600, DB_HASH, 0 );
- if (pkcs11db) (* pkcs11db->sync)(pkcs11db, 0);
- }
- return pkcs11db;
-}
-
-static void secmod_CloseDB(DB *pkcs11db) {
- (*pkcs11db->close)(pkcs11db);
-}
-
-
-#define SECMOD_STEP 10
-#define PK11_DEFAULT_INTERNAL_INIT "library= name=\"NSS Internal PKCS #11 Module\" parameters=\"%s\" NSS=\"Flags=internal,critical slotParams=(1={%s askpw=any timeout=30})\""
-/*
- * Read all the existing modules in
- */
-char **
-secmod_ReadPermDB(char *dbname, char *params, PRBool rw) {
- DBT key,data;
- int ret;
- DB *pkcs11db = NULL;
- char **moduleList = NULL;
- int moduleCount = 1;
- int useCount = SECMOD_STEP;
-
- moduleList = (char **) PORT_ZAlloc(useCount*sizeof(char **));
- if (moduleList == NULL) return NULL;
-
- pkcs11db = secmod_OpenDB(dbname,PR_TRUE);
- if (pkcs11db == NULL) goto done;
-
- /* read and parse the file or data base */
- ret = (*pkcs11db->seq)(pkcs11db, &key, &data, R_FIRST);
- if (ret) goto done;
-
-
- do {
- char *moduleString;
- PRBool internal = PR_FALSE;
- if ((moduleCount+1) >= useCount) {
- useCount += SECMOD_STEP;
- moduleList =
- (char **)PORT_Realloc(moduleList,useCount*sizeof(char *));
- if (moduleList == NULL) goto done;
- PORT_Memset(&moduleList[moduleCount+1],0,
- sizeof(char *)*SECMOD_STEP);
- }
- moduleString = secmod_DecodeData(params,&data,&internal);
- if (internal) {
- moduleList[0] = moduleString;
- } else {
- moduleList[moduleCount] = moduleString;
- moduleCount++;
- }
- } while ( (*pkcs11db->seq)(pkcs11db, &key, &data, R_NEXT) == 0);
-
-done:
- if (!moduleList[0]) {
- moduleList[0] = PR_smprintf(PK11_DEFAULT_INTERNAL_INIT,params,
- SECMOD_SLOT_FLAGS);
- }
- /* deal with trust cert db here */
-
- if (pkcs11db) {
- secmod_CloseDB(pkcs11db);
- } else {
- secmod_AddPermDB(dbname,moduleList[0], rw) ;
- }
- return moduleList;
-}
-
-/*
- * Delete a module from the Data Base
- */
-SECStatus
-secmod_DeletePermDB(char *dbname, char *args, PRBool rw) {
- DBT key;
- SECStatus rv = SECFailure;
- DB *pkcs11db = NULL;
- int ret;
-
- if (!rw) return SECFailure;
-
- /* make sure we have a db handle */
- pkcs11db = secmod_OpenDB(dbname,PR_FALSE);
- if (pkcs11db == NULL) {
- return SECFailure;
- }
-
- rv = secmod_MakeKey(&key,args);
- if (rv != SECSuccess) goto done;
- rv = SECFailure;
- ret = (*pkcs11db->del)(pkcs11db, &key, 0);
- secmod_FreeKey(&key);
- if (ret != 0) goto done;
-
-
- ret = (*pkcs11db->sync)(pkcs11db, 0);
- if (ret == 0) rv = SECSuccess;
-
-done:
- secmod_CloseDB(pkcs11db);
- return rv;
-}
-
-/*
- * Add a module to the Data base
- */
-SECStatus
-secmod_AddPermDB(char *dbname, char *module, PRBool rw) {
- DBT key,data;
- SECStatus rv = SECFailure;
- DB *pkcs11db = NULL;
- int ret;
-
-
- if (!rw) return SECFailure;
-
- /* make sure we have a db handle */
- pkcs11db = secmod_OpenDB(dbname,PR_FALSE);
- if (pkcs11db == NULL) {
- return SECFailure;
- }
-
- rv = secmod_MakeKey(&key,module);
- if (rv != SECSuccess) goto done;
- rv = secmod_EncodeData(&data,module);
- if (rv != SECSuccess) {
- secmod_FreeKey(&key);
- goto done;
- }
- rv = SECFailure;
- ret = (*pkcs11db->put)(pkcs11db, &key, &data, 0);
- secmod_FreeKey(&key);
- secmod_FreeData(&data);
- if (ret != 0) goto done;
-
- ret = (*pkcs11db->sync)(pkcs11db, 0);
- if (ret == 0) rv = SECSuccess;
-
-done:
- secmod_CloseDB(pkcs11db);
- return rv;
-}
diff --git a/security/nss/lib/softoken/pk11pars.h b/security/nss/lib/softoken/pk11pars.h
deleted file mode 100644
index 7a00dc4f0..000000000
--- a/security/nss/lib/softoken/pk11pars.h
+++ /dev/null
@@ -1,841 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * The following handles the loading, unloading and management of
- * various PCKS #11 modules
- */
-
-
-/*
- * this header file contains routines for parsing PKCS #11 module spec
- * strings. It contains 'C' code and should only be included in one module.
- * Currently it is included in both softoken and the wrapper.
- */
-#include <ctype.h>
-#include "pkcs11.h"
-#include "seccomon.h"
-#include "prprf.h"
-#include "secmodt.h"
-#include "pk11init.h"
-
-#define PK11_ARG_LIBRARY_PARAMETER "library="
-#define PK11_ARG_NAME_PARAMETER "name="
-#define PK11_ARG_MODULE_PARAMETER "parameters="
-#define PK11_ARG_NSS_PARAMETER "NSS="
-#define PK11_ARG_FORTEZZA_FLAG "FORTEZZA"
-#define PK11_ARG_ESCAPE '\\'
-
-struct pk11argSlotFlagTable {
- char *name;
- int len;
- unsigned long value;
-};
-
-
-#define PK11_ARG_ENTRY(arg,flag) \
-{ #arg , sizeof(#arg)-1, flag }
-static struct pk11argSlotFlagTable pk11_argSlotFlagTable[] = {
- PK11_ARG_ENTRY(RSA,SECMOD_RSA_FLAG),
- PK11_ARG_ENTRY(DSA,SECMOD_RSA_FLAG),
- PK11_ARG_ENTRY(RC2,SECMOD_RC4_FLAG),
- PK11_ARG_ENTRY(RC4,SECMOD_RC2_FLAG),
- PK11_ARG_ENTRY(DES,SECMOD_DES_FLAG),
- PK11_ARG_ENTRY(DH,SECMOD_DH_FLAG),
- PK11_ARG_ENTRY(FORTEZZA,SECMOD_FORTEZZA_FLAG),
- PK11_ARG_ENTRY(RC5,SECMOD_RC5_FLAG),
- PK11_ARG_ENTRY(SHA1,SECMOD_SHA1_FLAG),
- PK11_ARG_ENTRY(MD5,SECMOD_MD5_FLAG),
- PK11_ARG_ENTRY(MD2,SECMOD_MD2_FLAG),
- PK11_ARG_ENTRY(SSL,SECMOD_SSL_FLAG),
- PK11_ARG_ENTRY(TLS,SECMOD_TLS_FLAG),
- PK11_ARG_ENTRY(AES,SECMOD_AES_FLAG),
- PK11_ARG_ENTRY(PublicCerts,SECMOD_FRIENDLY_FLAG),
- PK11_ARG_ENTRY(RANDOM,SECMOD_RANDOM_FLAG),
-};
-
-#define PK11_HANDLE_STRING_ARG(param,target,value,command) \
- if (PORT_Strncasecmp(param,value,sizeof(value)-1) == 0) { \
- param += sizeof(value)-1; \
- target = pk11_argFetchValue(param,&next); \
- param += next; \
- command ;\
- } else
-
-#define PK11_HANDLE_FINAL_ARG(param) \
- { param = pk11_argSkipParameter(param); } param = pk11_argStrip(param);
-
-
-static int pk11_argSlotFlagTableSize =
- sizeof(pk11_argSlotFlagTable)/sizeof(pk11_argSlotFlagTable[0]);
-
-
-static PRBool pk11_argGetPair(char c) {
- switch (c) {
- case '\'': return c;
- case '\"': return c;
- case '<': return '>';
- case '{': return '}';
- case '[': return ']';
- case '(': return ')';
- default: break;
- }
- return ' ';
-}
-
-static PRBool pk11_argIsBlank(char c) {
- return isspace(c);
-}
-
-static PRBool pk11_argIsEscape(char c) {
- return c == '\\';
-}
-
-static PRBool pk11_argIsQuote(char c) {
- switch (c) {
- case '\'':
- case '\"':
- case '<':
- case '{': /* } end curly to keep vi bracket matching working */
- case '(': /* ) */
- case '[': /* ] */ return PR_TRUE;
- default: break;
- }
- return PR_FALSE;
-}
-
-static PRBool pk11_argHasChar(char *v, char c)
-{
- for ( ;*v; v++) {
- if (*v == c) return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static PRBool pk11_argHasBlanks(char *v)
-{
- for ( ;*v; v++) {
- if (pk11_argIsBlank(*v)) return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-static char *pk11_argStrip(char *c) {
- while (*c && pk11_argIsBlank(*c)) c++;
- return c;
-}
-
-static char *
-pk11_argFindEnd(char *string) {
- char endChar = ' ';
- PRBool lastEscape = PR_FALSE;
-
- if (pk11_argIsQuote(*string)) {
- endChar = pk11_argGetPair(*string);
- string++;
- }
-
- for (;*string; string++) {
- if (lastEscape) {
- lastEscape = PR_FALSE;
- continue;
- }
- if (pk11_argIsEscape(*string) && !lastEscape) {
- lastEscape = PR_TRUE;
- continue;
- }
- if ((endChar == ' ') && pk11_argIsBlank(*string)) break;
- if (*string == endChar) {
- break;
- }
- }
-
- return string;
-}
-
-static char *
-pk11_argFetchValue(char *string, int *pcount)
-{
- char *end = pk11_argFindEnd(string);
- char *retString, *copyString;
- PRBool lastEscape = PR_FALSE;
-
- *pcount = (end - string)+1;
-
- if (*pcount == 0) return NULL;
-
- copyString = retString = (char *)PORT_Alloc(*pcount);
- if (retString == NULL) return NULL;
-
- if (pk11_argIsQuote(*string)) string++;
- for (; string < end; string++) {
- if (pk11_argIsEscape(*string) && !lastEscape) {
- lastEscape = PR_TRUE;
- continue;
- }
- lastEscape = PR_FALSE;
- *copyString++ = *string;
- }
- *copyString = 0;
- return retString;
-}
-
-static char *
-pk11_argSkipParameter(char *string)
-{
- char *end;
- /* look for the end of the <name>= */
- for (;*string; string++) {
- if (*string == '=') { string++; break; }
- if (pk11_argIsBlank(*string)) return(string);
- }
-
- end = pk11_argFindEnd(string);
- if (*end) end++;
- return end;
-}
-
-
-static SECStatus
-pk11_argParseModuleSpec(char *modulespec, char **lib, char **mod,
- char **parameters, char **nss)
-{
- int next;
- modulespec = pk11_argStrip(modulespec);
-
- *lib = *mod = *parameters = 0;
-
- while (*modulespec) {
- PK11_HANDLE_STRING_ARG(modulespec,*lib,PK11_ARG_LIBRARY_PARAMETER,;)
- PK11_HANDLE_STRING_ARG(modulespec,*mod,PK11_ARG_NAME_PARAMETER,;)
- PK11_HANDLE_STRING_ARG(modulespec,*parameters,
- PK11_ARG_MODULE_PARAMETER,;)
- PK11_HANDLE_STRING_ARG(modulespec,*nss,PK11_ARG_NSS_PARAMETER,;)
- PK11_HANDLE_FINAL_ARG(modulespec)
- }
- return SECSuccess;
-}
-
-
-static char *
-pk11_argGetParamValue(char *paramName,char *parameters)
-{
- char searchValue[256];
- int paramLen = strlen(paramName);
- char *returnValue = NULL;
- int next;
-
- if ((parameters == NULL) || (*parameters == 0)) return NULL;
-
- PORT_Assert(paramLen+2 < sizeof(searchValue));
-
- PORT_Strcpy(searchValue,paramName);
- PORT_Strcat(searchValue,"=");
- while (*parameters) {
- if (PORT_Strncasecmp(parameters,searchValue,paramLen+1) == 0) {
- parameters += paramLen+1;
- returnValue = pk11_argFetchValue(parameters,&next);
- break;
- } else {
- parameters = pk11_argSkipParameter(parameters);
- }
- parameters = pk11_argStrip(parameters);
- }
- return returnValue;
-}
-
-
-static char *
-pk11_argNextFlag(char *flags)
-{
- for (; *flags ; flags++) {
- if (*flags == ',') {
- flags++;
- break;
- }
- }
- return flags;
-}
-
-static PRBool
-pk11_argHasFlag(char *label, char *flag, char *parameters)
-{
- char *flags,*index;
- int len = strlen(flag);
- PRBool found = PR_FALSE;
-
- flags = pk11_argGetParamValue(label,parameters);
- if (flags == NULL) return PR_FALSE;
-
- for (index=flags; *index; index=pk11_argNextFlag(index)) {
- if (PORT_Strncasecmp(index,flag,len) == 0) {
- found=PR_TRUE;
- break;
- }
- }
- PORT_Free(flags);
- return found;
-}
-
-static void
-pk11_argSetNewCipherFlags(unsigned long *newCiphers,char *cipherList)
-{
- newCiphers[0] = newCiphers[1] = 0;
- if ((cipherList == NULL) || (*cipherList == 0)) return;
-
- for (;*cipherList; cipherList=pk11_argNextFlag(cipherList)) {
- if (PORT_Strncasecmp(cipherList,PK11_ARG_FORTEZZA_FLAG,
- sizeof(PK11_ARG_FORTEZZA_FLAG)-1) == 0) {
- newCiphers[0] |= SECMOD_FORTEZZA_FLAG;
- }
-
- /* add additional flags here as necessary */
- /* direct bit mapping escape */
- if (*cipherList == 0) {
- if (cipherList[1] == 'l') {
- newCiphers[1] |= atoi(&cipherList[2]);
- } else {
- newCiphers[0] |= atoi(&cipherList[2]);
- }
- }
- }
-}
-
-
-/*
- * decode a number. handle octal (leading '0'), hex (leading '0x') or decimal
- */
-static long
-pk11_argDecodeNumber(char *num)
-{
- int radix = 10;
- unsigned long value = 0;
- long retValue = 0;
- int sign = 1;
- int digit;
-
- if (num == NULL) return retValue;
-
- num = pk11_argStrip(num);
-
- if (*num == '-') {
- sign = -1;
- num++;
- }
-
- if (*num == '0') {
- radix = 8;
- num++;
- if ((*num == 'x') || (*num == 'X')) {
- radix = 16;
- num++;
- }
- }
-
-
- for ( ;*num; num++ ) {
- if (isdigit(*num)) {
- digit = *num - '0';
- } else if ((*num >= 'a') && (*num <= 'f')) {
- digit = *num - 'a' + 10;
- } else if ((*num >= 'A') && (*num <= 'F')) {
- digit = *num - 'A' + 10;
- } else {
- break;
- }
- if (digit >= radix) break;
- value = value*radix + digit;
- }
-
- retValue = ((int) value) * sign;
- return retValue;
-}
-
-static long
-pk11_argReadLong(char *label,char *params)
-{
- char *value;
- long retValue;
-
- value = pk11_argGetParamValue(label,params);
- retValue = pk11_argDecodeNumber(value);
- if (value) PORT_Free(value);
-
- return retValue;
-}
-
-
-static unsigned long
-pk11_argSlotFlags(char *label,char *params)
-{
- char *flags,*index;
- unsigned long retValue = 0;
- int i;
- PRBool all = PR_FALSE;
-
- flags = pk11_argGetParamValue(label,params);
- if (flags == NULL) return 0;
-
- if (PORT_Strcasecmp(flags,"all") == 0) all = PR_TRUE;
-
- for (index=flags; *index; index=pk11_argNextFlag(index)) {
- for (i=0; i < pk11_argSlotFlagTableSize; i++) {
- if (all || (PORT_Strncasecmp(index, pk11_argSlotFlagTable[i].name,
- pk11_argSlotFlagTable[i].len) == 0)) {
- retValue |= pk11_argSlotFlagTable[i].value;
- }
- }
- }
- PORT_Free(flags);
- return retValue;
-}
-
-
-static void
-pk11_argDecodeSingleSlotInfo(char *name,char *params,PK11PreSlotInfo *slotInfo)
-{
- char *askpw;
-
- slotInfo->slotID=pk11_argDecodeNumber(name);
- slotInfo->defaultFlags=pk11_argSlotFlags("slotFlags",params);
- slotInfo->timeout=pk11_argReadLong("timeout",params);
-
- askpw = pk11_argGetParamValue("askpw",params);
- slotInfo->askpw = 0;
-
- if (askpw) {
- if (PORT_Strcasecmp(askpw,"every") == 0) {
- slotInfo->askpw = -1;
- } else if (PORT_Strcasecmp(askpw,"timeout") == 0) {
- slotInfo->askpw = 1;
- }
- PORT_Free(askpw);
- slotInfo->defaultFlags |= PK11_OWN_PW_DEFAULTS;
- }
- slotInfo->hasRootCerts = pk11_argHasFlag("rootFlags","hasRootCerts",params);
- slotInfo->hasRootTrust = pk11_argHasFlag("rootFlags","hasRootTrust",params);
-}
-
-static char *
-pk11_argGetName(char *inString, int *next)
-{
- char *name=NULL;
- char *string;
- int len;
-
- /* look for the end of the <name>= */
- for (string = inString;*string; string++) {
- if (*string == '=') { break; }
- if (pk11_argIsBlank(*string)) break;
- }
-
- len = string - inString;
-
- *next = len;
- if (*string == '=') (*next) += 1;
- if (len > 0) {
- name = PORT_Alloc(len+1);
- PORT_Strncpy(name,inString,len);
- name[len] = 0;
- }
- return name;
-}
-
-static PK11PreSlotInfo *
-pk11_argParseSlotInfo(PRArenaPool *arena, char *slotParams, int *retCount)
-{
- char *slotIndex;
- PK11PreSlotInfo *slotInfo = NULL;
- int i=0,count = 0,next;
-
- *retCount = 0;
- if ((slotParams == NULL) || (*slotParams == 0)) return NULL;
-
- /* first count the number of slots */
- for (slotIndex = pk11_argStrip(slotParams); *slotIndex;
- slotIndex = pk11_argStrip(pk11_argSkipParameter(slotIndex))) {
- count++;
- }
-
- /* get the data structures */
- if (arena) {
- slotInfo = (PK11PreSlotInfo *)
- PORT_ArenaAlloc(arena,count*sizeof(PK11PreSlotInfo));
- PORT_Memset(slotInfo,0,count*sizeof(PK11PreSlotInfo));
- } else {
- slotInfo = (PK11PreSlotInfo *)
- PORT_ZAlloc(count*sizeof(PK11PreSlotInfo));
- }
- if (slotInfo == NULL) return NULL;
-
- for (slotIndex = pk11_argStrip(slotParams), i = 0;
- *slotIndex && i < count ; ) {
- char *name;
- name = pk11_argGetName(slotIndex,&next);
- slotIndex += next;
-
- if (!pk11_argIsBlank(*slotIndex)) {
- char *args = pk11_argFetchValue(slotIndex,&next);
- slotIndex += next;
- if (args) {
- pk11_argDecodeSingleSlotInfo(name,args,&slotInfo[i]);
- i++;
- PORT_Free(args);
- }
- }
- if (name) PORT_Free(name);
- slotIndex = pk11_argStrip(slotIndex);
- }
- *retCount = i;
- return slotInfo;
-}
-
-static char *pk11_nullString = "";
-
-static char *
-pk11_formatValue(PRArenaPool *arena, char *value, char quote)
-{
- char *vp,*vp2,*retval;
- int size = 0, escapes = 0;
-
- for (vp=value; *vp ;vp++) {
- if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE)) escapes++;
- size++;
- }
- if (arena) {
- retval = PORT_ArenaZAlloc(arena,size+escapes+1);
- } else {
- retval = PORT_ZAlloc(size+escapes+1);
- }
- if (retval == NULL) return NULL;
- vp2 = retval;
- for (vp=value; *vp; vp++) {
- if ((*vp == quote) || (*vp == PK11_ARG_ESCAPE))
- *vp2++ = PK11_ARG_ESCAPE;
- *vp2++ = *vp;
- }
- return retval;
-}
-
-static char *pk11_formatPair(char *name,char *value, char quote)
-{
- char openQuote = quote;
- char closeQuote = pk11_argGetPair(quote);
- char *newValue = NULL;
- char *returnValue;
- PRBool need_quote = PR_FALSE;
-
- if (!value || (*value == 0)) return pk11_nullString;
-
- if (pk11_argHasBlanks(value) || pk11_argIsQuote(value[0]))
- need_quote=PR_TRUE;
-
- if ((need_quote && pk11_argHasChar(value,closeQuote))
- || pk11_argHasChar(value,PK11_ARG_ESCAPE)) {
- value = newValue = pk11_formatValue(NULL, value,quote);
- if (newValue == NULL) return pk11_nullString;
- }
- if (need_quote) {
- returnValue = PR_smprintf("%s=%c%s%c",name,openQuote,value,closeQuote);
- } else {
- returnValue = PR_smprintf("%s=%s",name,value);
- }
- if (returnValue == NULL) returnValue = pk11_nullString;
-
- if (newValue) PORT_Free(newValue);
-
- return returnValue;
-}
-
-static char *pk11_formatIntPair(char *name,unsigned long value, unsigned long def)
-{
- char *returnValue;
-
- if (value == def) return pk11_nullString;
-
- returnValue = PR_smprintf("%s=%d",name,value);
-
- return returnValue;
-}
-
-static void
-pk11_freePair(char *pair)
-{
- if (pair && pair != pk11_nullString) {
- PR_smprintf_free(pair);
- }
-}
-
-#define MAX_FLAG_SIZE sizeof("internal")+sizeof("FIPS")+sizeof("moduleDB")+\
- sizeof("moduleDBOnly")+sizeof("critical")
-static char *
-pk11_mkNSSFlags(PRBool internal, PRBool isFIPS,
- PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical)
-{
- char *flags = (char *)PORT_ZAlloc(MAX_FLAG_SIZE);
- PRBool first = PR_TRUE;
-
- PORT_Memset(flags,0,MAX_FLAG_SIZE);
- if (internal) {
- PORT_Strcat(flags,"internal");
- first = PR_FALSE;
- }
- if (isFIPS) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"FIPS");
- first = PR_FALSE;
- }
- if (isModuleDB) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"moduleDB");
- first = PR_FALSE;
- }
- if (isModuleDBOnly) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"moduleDBOnly");
- first = PR_FALSE;
- }
- if (isCritical) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"critical");
- first = PR_FALSE;
- }
- return flags;
-}
-
-static char *
-pk11_mkCipherFlags(unsigned long ssl0, unsigned long ssl1)
-{
- char *cipher = NULL;
- int i;
-
- for (i=0; i < sizeof(ssl0)*8; i++) {
- if (ssl0 & (1<<i)) {
- char *string;
- if ((1<<i) == SECMOD_FORTEZZA_FLAG) {
- string = PR_smprintf("%s","FORTEZZA");
- } else {
- string = PR_smprintf("0h0x%08x",1<<i);
- }
- if (cipher) {
- char *tmp;
- tmp = PR_smprintf("%s,%s",cipher,string);
- PR_smprintf_free(cipher);
- PR_smprintf_free(string);
- tmp = cipher;
- } else {
- cipher = string;
- }
- }
- }
- for (i=0; i < sizeof(ssl0)*8; i++) {
- if (ssl1 & (1<<i)) {
- if (cipher) {
- char *tmp;
- tmp = PR_smprintf("%s,0l0x%08",cipher,1<<i);
- PR_smprintf_free(cipher);
- tmp = cipher;
- } else {
- cipher = PR_smprintf("0l0x%08x",1<<i);
- }
- }
- }
-
- return cipher;
-}
-
-static char *
-pk11_mkSlotFlags(unsigned long defaultFlags)
-{
- char *flags=NULL;
- int i,j;
-
- for (i=0; i < sizeof(defaultFlags)*8; i++) {
- if (defaultFlags & (1<<i)) {
- char *string = NULL;
-
- for (j=0; j < pk11_argSlotFlagTableSize; j++) {
- if (pk11_argSlotFlagTable[j].value == (1<<i)) {
- string = pk11_argSlotFlagTable[j].name;
- break;
- }
- }
- if (string) {
- if (flags) {
- char *tmp;
- tmp = PR_smprintf("%s,%s",flags,string);
- PR_smprintf_free(flags);
- flags = tmp;
- } else {
- flags = PR_smprintf("%s",string);
- }
- }
- }
- }
-
- return flags;
-}
-
-#define PK11_MAX_ROOT_FLAG_SIZE sizeof("hasRootCerts")+sizeof("hasRootTrust")
-
-static char *
-pk11_mkRootFlags(PRBool hasRootCerts, PRBool hasRootTrust)
-{
- char *flags= (char *)PORT_ZAlloc(PK11_MAX_ROOT_FLAG_SIZE);
- PRBool first = PR_TRUE;
-
- PORT_Memset(flags,0,PK11_MAX_ROOT_FLAG_SIZE);
- if (hasRootCerts) {
- PORT_Strcat(flags,"hasRootCerts");
- first = PR_FALSE;
- }
- if (hasRootTrust) {
- if (!first) PORT_Strcat(flags,",");
- PORT_Strcat(flags,"hasRootTrust");
- first = PR_FALSE;
- }
- return flags;
-}
-
-static char *
-pk11_mkSlotString(unsigned long slotID, unsigned long defaultFlags,
- unsigned long timeout, unsigned char askpw_in,
- unsigned char hasRootCerts, unsigned char hasRootTrust) {
- char *askpw,*flags,*rootFlags,*slotString;
- char *flagPair,*rootFlagsPair;
-
- switch (askpw_in) {
- case 0xff:
- askpw = "every";
- break;
- case 1:
- askpw = "timeout";
- break;
- default:
- askpw = "any";
- break;
- }
- flags = pk11_mkSlotFlags(defaultFlags);
- rootFlags = pk11_mkRootFlags(hasRootCerts,hasRootTrust);
- flagPair=pk11_formatPair("slotFlags",flags,'\'');
- rootFlagsPair=pk11_formatPair("rootFlags",rootFlags,'\'');
- if (flags) PR_smprintf_free(flags);
- if (rootFlags) PORT_Free(rootFlags);
- if (defaultFlags & PK11_OWN_PW_DEFAULTS) {
- slotString = PR_smprintf("0x%08x=[%s askpw=%s timeout=%d %s]",slotID,flagPair,askpw,timeout,rootFlagsPair);
- } else {
- slotString = PR_smprintf("0x%08x=[%s %s]",slotID,flagPair,rootFlagsPair);
- }
- pk11_freePair(flagPair);
- pk11_freePair(rootFlagsPair);
- return slotString;
-}
-
-static char *
-pk11_mkNSS(char **slotStrings, int slotCount, PRBool internal, PRBool isFIPS,
- PRBool isModuleDB, PRBool isModuleDBOnly, PRBool isCritical,
- unsigned long trustOrder, unsigned long cipherOrder,
- unsigned long ssl0, unsigned long ssl1) {
- int slotLen, i;
- char *slotParams, *ciphers, *nss, *nssFlags, *tmp;
- char *trustOrderPair,*cipherOrderPair,*slotPair,*cipherPair,*flagPair;
-
-
- /* now let's build up the string
- * first the slot infos
- */
- slotLen=0;
- for (i=0; i < (int)slotCount; i++) {
- slotLen += PORT_Strlen(slotStrings[i])+1;
- }
- slotLen += 1; /* space for the final NULL */
-
- slotParams = (char *)PORT_ZAlloc(slotLen);
- PORT_Memset(slotParams,0,slotLen);
- for (i=0; i < (int)slotCount; i++) {
- PORT_Strcat(slotParams,slotStrings[i]);
- PORT_Strcat(slotParams," ");
- PR_smprintf_free(slotStrings[i]);
- slotStrings[i]=NULL;
- }
-
- /*
- * now the NSS structure
- */
- nssFlags = pk11_mkNSSFlags(internal,isFIPS,isModuleDB,isModuleDBOnly,
- isCritical);
- /* for now only the internal module is critical */
- ciphers = pk11_mkCipherFlags(ssl0, ssl1);
-
- trustOrderPair=pk11_formatIntPair("trustOrder",trustOrder,0);
- cipherOrderPair=pk11_formatIntPair("cipherOrder",cipherOrder,0);
- slotPair=pk11_formatPair("slotParams",slotParams,'{'); /* } */
- cipherPair=pk11_formatPair("ciphers",ciphers,'\'');
- if (ciphers) PR_smprintf_free(ciphers);
- flagPair=pk11_formatPair("Flags",nssFlags,'\'');
- if (nssFlags) PORT_Free(nssFlags);
- nss = PR_smprintf("%s %s %s %s %s",trustOrderPair,
- cipherOrderPair,slotPair,cipherPair,flagPair);
- pk11_freePair(trustOrderPair);
- pk11_freePair(cipherOrderPair);
- pk11_freePair(slotPair);
- pk11_freePair(cipherPair);
- pk11_freePair(flagPair);
- tmp = pk11_argStrip(nss);
- if (*tmp == '\0') {
- PR_smprintf_free(nss);
- nss = NULL;
- }
- return nss;
-}
-
-static char *
-pk11_mkNewModuleSpec(char *dllName, char *commonName, char *parameters,
- char *NSS) {
- char *moduleSpec;
- char *lib,*name,*param,*nss;
-
- /*
- * now the final spec
- */
- lib = pk11_formatPair("library",dllName,'\"');
- name = pk11_formatPair("name",commonName,'\"');
- param = pk11_formatPair("parameters",parameters,'\"');
- nss = pk11_formatPair("NSS",NSS,'\"');
- moduleSpec = PR_smprintf("%s %s %s %s", lib,name,param,nss);
- pk11_freePair(lib);
- pk11_freePair(name);
- pk11_freePair(param);
- pk11_freePair(nss);
- return (moduleSpec);
-}
-
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c
deleted file mode 100644
index fb31e9801..000000000
--- a/security/nss/lib/softoken/pkcs11.c
+++ /dev/null
@@ -1,4040 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- * This implementation has two slots:
- * slot 1 is our generic crypto support. It does not require login.
- * It supports Public Key ops, and all they bulk ciphers and hashes.
- * It can also support Private Key ops for imported Private keys. It does
- * not have any token storage.
- * slot 2 is our private key support. It requires a login before use. It
- * can store Private Keys and Certs as token objects. Currently only private
- * keys and their associated Certificates are saved on the token.
- *
- * In this implementation, session objects are only visible to the session
- * that created or generated them.
- */
-#include "seccomon.h"
-#include "secitem.h"
-#include "pkcs11.h"
-#include "pkcs11i.h"
-#include "softoken.h"
-#include "lowkeyi.h"
-#include "blapi.h"
-#include "secder.h"
-#include "secport.h"
-#include "pcert.h"
-
-#include "keydbi.h"
-
-
-/*
- * ******************** Static data *******************************
- */
-
-/* The next three strings must be exactly 32 characters long */
-static char *manufacturerID = "mozilla.org ";
-static char manufacturerID_space[33];
-static char *libraryDescription = "NSS Internal Crypto Services ";
-static char libraryDescription_space[33];
-
-#define __PASTE(x,y) x##y
-
-/*
- * we renamed all our internal functions, get the correct
- * definitions for them...
- */
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-#define CK_EXTERN extern
-#define CK_PKCS11_FUNCTION_INFO(func) \
- CK_RV __PASTE(NS,func)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-
-
-/* build the crypto module table */
-static const CK_FUNCTION_LIST pk11_funcList = {
- { 1, 10 },
-
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-#define CK_PKCS11_FUNCTION_INFO(func) \
- __PASTE(NS,func),
-#include "pkcs11f.h"
-
-};
-
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-
-#undef __PASTE
-
-/* List of DES Weak Keys */
-typedef unsigned char desKey[8];
-static const desKey pk11_desWeakTable[] = {
-#ifdef noParity
- /* weak */
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
- { 0x1e, 0x1e, 0x1e, 0x1e, 0x0e, 0x0e, 0x0e, 0x0e },
- { 0xe0, 0xe0, 0xe0, 0xe0, 0xf0, 0xf0, 0xf0, 0xf0 },
- { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
- /* semi-weak */
- { 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe },
- { 0xfe, 0x00, 0xfe, 0x00, 0x00, 0xfe, 0x00, 0xfe },
-
- { 0x1e, 0xe0, 0x1e, 0xe0, 0x0e, 0xf0, 0x0e, 0xf0 },
- { 0xe0, 0x1e, 0xe0, 0x1e, 0xf0, 0x0e, 0xf0, 0x0e },
-
- { 0x00, 0xe0, 0x00, 0xe0, 0x00, 0x0f, 0x00, 0x0f },
- { 0xe0, 0x00, 0xe0, 0x00, 0xf0, 0x00, 0xf0, 0x00 },
-
- { 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
- { 0xfe, 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e },
-
- { 0x00, 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e },
- { 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e, 0x00 },
-
- { 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0, 0xfe },
- { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0 },
-#else
- /* weak */
- { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
- { 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e },
- { 0xe0, 0xe0, 0xe0, 0xe0, 0xf1, 0xf1, 0xf1, 0xf1 },
- { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
-
- /* semi-weak */
- { 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe },
- { 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01 },
-
- { 0x1f, 0xe0, 0x1f, 0xe0, 0x0e, 0xf1, 0x0e, 0xf1 },
- { 0xe0, 0x1f, 0xe0, 0x1f, 0xf1, 0x0e, 0xf1, 0x0e },
-
- { 0x01, 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1 },
- { 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1, 0x01 },
-
- { 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
- { 0xfe, 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e },
-
- { 0x01, 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e },
- { 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e, 0x01 },
-
- { 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1, 0xfe },
- { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1 }
-#endif
-};
-
-
-static const int pk11_desWeakTableSize = sizeof(pk11_desWeakTable)/
- sizeof(pk11_desWeakTable[0]);
-
-/* DES KEY Parity conversion table. Takes each byte/2 as an index, returns
- * that byte with the proper parity bit set */
-static const unsigned char parityTable[256] = {
-/* Even...0x00,0x02,0x04,0x06,0x08,0x0a,0x0c,0x0e */
-/* E */ 0x01,0x02,0x04,0x07,0x08,0x0b,0x0d,0x0e,
-/* Odd....0x10,0x12,0x14,0x16,0x18,0x1a,0x1c,0x1e */
-/* O */ 0x10,0x13,0x15,0x16,0x19,0x1a,0x1c,0x1f,
-/* Odd....0x20,0x22,0x24,0x26,0x28,0x2a,0x2c,0x2e */
-/* O */ 0x20,0x23,0x25,0x26,0x29,0x2a,0x2c,0x2f,
-/* Even...0x30,0x32,0x34,0x36,0x38,0x3a,0x3c,0x3e */
-/* E */ 0x31,0x32,0x34,0x37,0x38,0x3b,0x3d,0x3e,
-/* Odd....0x40,0x42,0x44,0x46,0x48,0x4a,0x4c,0x4e */
-/* O */ 0x40,0x43,0x45,0x46,0x49,0x4a,0x4c,0x4f,
-/* Even...0x50,0x52,0x54,0x56,0x58,0x5a,0x5c,0x5e */
-/* E */ 0x51,0x52,0x54,0x57,0x58,0x5b,0x5d,0x5e,
-/* Even...0x60,0x62,0x64,0x66,0x68,0x6a,0x6c,0x6e */
-/* E */ 0x61,0x62,0x64,0x67,0x68,0x6b,0x6d,0x6e,
-/* Odd....0x70,0x72,0x74,0x76,0x78,0x7a,0x7c,0x7e */
-/* O */ 0x70,0x73,0x75,0x76,0x79,0x7a,0x7c,0x7f,
-/* Odd....0x80,0x82,0x84,0x86,0x88,0x8a,0x8c,0x8e */
-/* O */ 0x80,0x83,0x85,0x86,0x89,0x8a,0x8c,0x8f,
-/* Even...0x90,0x92,0x94,0x96,0x98,0x9a,0x9c,0x9e */
-/* E */ 0x91,0x92,0x94,0x97,0x98,0x9b,0x9d,0x9e,
-/* Even...0xa0,0xa2,0xa4,0xa6,0xa8,0xaa,0xac,0xae */
-/* E */ 0xa1,0xa2,0xa4,0xa7,0xa8,0xab,0xad,0xae,
-/* Odd....0xb0,0xb2,0xb4,0xb6,0xb8,0xba,0xbc,0xbe */
-/* O */ 0xb0,0xb3,0xb5,0xb6,0xb9,0xba,0xbc,0xbf,
-/* Even...0xc0,0xc2,0xc4,0xc6,0xc8,0xca,0xcc,0xce */
-/* E */ 0xc1,0xc2,0xc4,0xc7,0xc8,0xcb,0xcd,0xce,
-/* Odd....0xd0,0xd2,0xd4,0xd6,0xd8,0xda,0xdc,0xde */
-/* O */ 0xd0,0xd3,0xd5,0xd6,0xd9,0xda,0xdc,0xdf,
-/* Odd....0xe0,0xe2,0xe4,0xe6,0xe8,0xea,0xec,0xee */
-/* O */ 0xe0,0xe3,0xe5,0xe6,0xe9,0xea,0xec,0xef,
-/* Even...0xf0,0xf2,0xf4,0xf6,0xf8,0xfa,0xfc,0xfe */
-/* E */ 0xf1,0xf2,0xf4,0xf7,0xf8,0xfb,0xfd,0xfe,
-};
-
-/* Mechanisms */
-struct mechanismList {
- CK_MECHANISM_TYPE type;
- CK_MECHANISM_INFO domestic;
- PRBool privkey;
-};
-
-/*
- * the following table includes a complete list of mechanism defined by
- * PKCS #11 version 2.01. Those Mechanisms not supported by this PKCS #11
- * module are ifdef'ed out.
- */
-#define CKF_EN_DE CKF_ENCRYPT | CKF_DECRYPT
-#define CKF_WR_UN CKF_WRAP | CKF_UNWRAP
-#define CKF_SN_VR CKF_SIGN | CKF_VERIFY
-#define CKF_SN_RE CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER
-
-#define CKF_EN_DE_WR_UN CKF_EN_DE | CKF_WR_UN
-#define CKF_SN_VR_RE CKF_SN_VR | CKF_SN_RE
-#define CKF_DUZ_IT_ALL CKF_EN_DE_WR_UN | CKF_SN_VR_RE
-
-#define CK_MAX 0xffffffff
-
-static const struct mechanismList mechanisms[] = {
-
- /*
- * PKCS #11 Mechanism List.
- *
- * The first argument is the PKCS #11 Mechanism we support.
- * The second argument is Mechanism info structure. It includes:
- * The minimum key size,
- * in bits for RSA, DSA, DH, KEA, RC2 and RC4 * algs.
- * in bytes for RC5, AES, and CAST*
- * ignored for DES*, IDEA and FORTEZZA based
- * The maximum key size,
- * in bits for RSA, DSA, DH, KEA, RC2 and RC4 * algs.
- * in bytes for RC5, AES, and CAST*
- * ignored for DES*, IDEA and FORTEZZA based
- * Flags
- * What operations are supported by this mechanism.
- * The third argument is a bool which tells if this mechanism is
- * supported in the database token.
- *
- */
-
- /* ------------------------- RSA Operations ---------------------------*/
- {CKM_RSA_PKCS_KEY_PAIR_GEN,{128,CK_MAX,CKF_GENERATE_KEY_PAIR},PR_TRUE},
- {CKM_RSA_PKCS, {128,CK_MAX,CKF_DUZ_IT_ALL}, PR_TRUE},
-#ifdef PK11_RSA9796_SUPPORTED
- {CKM_RSA_9796, {128,CK_MAX,CKF_DUZ_IT_ALL}, PR_TRUE},
-#endif
- {CKM_RSA_X_509, {128,CK_MAX,CKF_DUZ_IT_ALL}, PR_TRUE},
- /* -------------- RSA Multipart Signing Operations -------------------- */
- {CKM_MD2_RSA_PKCS, {128,CK_MAX,CKF_SN_VR}, PR_TRUE},
- {CKM_MD5_RSA_PKCS, {128,CK_MAX,CKF_SN_VR}, PR_TRUE},
- {CKM_SHA1_RSA_PKCS, {128,CK_MAX,CKF_SN_VR}, PR_TRUE},
- /* ------------------------- DSA Operations --------------------------- */
- {CKM_DSA_KEY_PAIR_GEN, {512, 1024, CKF_GENERATE_KEY_PAIR}, PR_TRUE},
- {CKM_DSA, {512, 1024, CKF_SN_VR}, PR_TRUE},
- {CKM_DSA_SHA1, {512, 1024, CKF_SN_VR}, PR_TRUE},
- /* -------------------- Diffie Hellman Operations --------------------- */
- /* no diffie hellman yet */
- {CKM_DH_PKCS_KEY_PAIR_GEN, {128, 1024, CKF_GENERATE_KEY_PAIR}, PR_TRUE},
- {CKM_DH_PKCS_DERIVE, {128, 1024, CKF_DERIVE}, PR_TRUE},
- /* ------------------------- RC2 Operations --------------------------- */
- {CKM_RC2_KEY_GEN, {1, 128, CKF_GENERATE}, PR_FALSE},
- {CKM_RC2_ECB, {1, 128, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_RC2_CBC, {1, 128, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_RC2_MAC, {1, 128, CKF_SN_VR}, PR_FALSE},
- {CKM_RC2_MAC_GENERAL, {1, 128, CKF_SN_VR}, PR_FALSE},
- {CKM_RC2_CBC_PAD, {1, 128, CKF_EN_DE_WR_UN}, PR_FALSE},
- /* ------------------------- RC4 Operations --------------------------- */
- {CKM_RC4_KEY_GEN, {1, 256, CKF_GENERATE}, PR_FALSE},
- {CKM_RC4, {1, 256, CKF_EN_DE_WR_UN}, PR_FALSE},
- /* ------------------------- DES Operations --------------------------- */
- {CKM_DES_KEY_GEN, { 8, 8, CKF_GENERATE}, PR_FALSE},
- {CKM_DES_ECB, { 8, 8, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_DES_CBC, { 8, 8, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_DES_MAC, { 8, 8, CKF_SN_VR}, PR_FALSE},
- {CKM_DES_MAC_GENERAL, { 8, 8, CKF_SN_VR}, PR_FALSE},
- {CKM_DES_CBC_PAD, { 8, 8, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_DES2_KEY_GEN, {24, 24, CKF_GENERATE}, PR_FALSE},
- {CKM_DES3_KEY_GEN, {24, 24, CKF_GENERATE}, PR_TRUE },
- {CKM_DES3_ECB, {24, 24, CKF_EN_DE_WR_UN}, PR_TRUE },
- {CKM_DES3_CBC, {24, 24, CKF_EN_DE_WR_UN}, PR_TRUE },
- {CKM_DES3_MAC, {24, 24, CKF_SN_VR}, PR_TRUE },
- {CKM_DES3_MAC_GENERAL, {24, 24, CKF_SN_VR}, PR_TRUE },
- {CKM_DES3_CBC_PAD, {24, 24, CKF_EN_DE_WR_UN}, PR_TRUE },
- /* ------------------------- CDMF Operations --------------------------- */
- {CKM_CDMF_KEY_GEN, {8, 8, CKF_GENERATE}, PR_FALSE},
- {CKM_CDMF_ECB, {8, 8, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CDMF_CBC, {8, 8, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CDMF_MAC, {8, 8, CKF_SN_VR}, PR_FALSE},
- {CKM_CDMF_MAC_GENERAL, {8, 8, CKF_SN_VR}, PR_FALSE},
- {CKM_CDMF_CBC_PAD, {8, 8, CKF_EN_DE_WR_UN}, PR_FALSE},
- /* ------------------------- AES Operations --------------------------- */
- {CKM_AES_KEY_GEN, {16, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_AES_ECB, {16, 32, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_AES_CBC, {16, 32, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_AES_MAC, {16, 32, CKF_SN_VR}, PR_FALSE},
- {CKM_AES_MAC_GENERAL, {16, 32, CKF_SN_VR}, PR_FALSE},
- {CKM_AES_CBC_PAD, {16, 32, CKF_EN_DE_WR_UN}, PR_FALSE},
- /* ------------------------- Hashing Operations ----------------------- */
- {CKM_MD2, {0, 0, CKF_DIGEST}, PR_FALSE},
- {CKM_MD2_HMAC, {1, 128, CKF_SN_VR}, PR_FALSE},
- {CKM_MD2_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_FALSE},
- {CKM_MD5, {0, 0, CKF_DIGEST}, PR_FALSE},
- {CKM_MD5_HMAC, {1, 128, CKF_SN_VR}, PR_FALSE},
- {CKM_MD5_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_FALSE},
- {CKM_SHA_1, {0, 0, CKF_DIGEST}, PR_FALSE},
- {CKM_SHA_1_HMAC, {1, 128, CKF_SN_VR}, PR_FALSE},
- {CKM_SHA_1_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_FALSE},
- {CKM_TLS_PRF_GENERAL, {0, 512, CKF_SN_VR}, PR_FALSE},
- /* ------------------------- CAST Operations --------------------------- */
-#ifdef NSS_SOFTOKEN_DOES_CAST
- /* Cast operations are not supported ( yet? ) */
- {CKM_CAST_KEY_GEN, {1, 8, CKF_GENERATE}, PR_FALSE},
- {CKM_CAST_ECB, {1, 8, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CAST_CBC, {1, 8, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CAST_MAC, {1, 8, CKF_SN_VR}, PR_FALSE},
- {CKM_CAST_MAC_GENERAL, {1, 8, CKF_SN_VR}, PR_FALSE},
- {CKM_CAST_CBC_PAD, {1, 8, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CAST3_KEY_GEN, {1, 16, CKF_GENERATE}, PR_FALSE},
- {CKM_CAST3_ECB, {1, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CAST3_CBC, {1, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CAST3_MAC, {1, 16, CKF_SN_VR}, PR_FALSE},
- {CKM_CAST3_MAC_GENERAL, {1, 16, CKF_SN_VR}, PR_FALSE},
- {CKM_CAST3_CBC_PAD, {1, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CAST5_KEY_GEN, {1, 16, CKF_GENERATE}, PR_FALSE},
- {CKM_CAST5_ECB, {1, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CAST5_CBC, {1, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_CAST5_MAC, {1, 16, CKF_SN_VR}, PR_FALSE},
- {CKM_CAST5_MAC_GENERAL, {1, 16, CKF_SN_VR}, PR_FALSE},
- {CKM_CAST5_CBC_PAD, {1, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
-#endif
-#if NSS_SOFTOKEN_DOES_RC5
- /* ------------------------- RC5 Operations --------------------------- */
- {CKM_RC5_KEY_GEN, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_RC5_ECB, {1, 32, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_RC5_CBC, {1, 32, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_RC5_MAC, {1, 32, CKF_SN_VR}, PR_FALSE},
- {CKM_RC5_MAC_GENERAL, {1, 32, CKF_SN_VR}, PR_FALSE},
- {CKM_RC5_CBC_PAD, {1, 32, CKF_EN_DE_WR_UN}, PR_FALSE},
-#endif
-#ifdef NSS_SOFTOKEN_DOES_IDEA
- /* ------------------------- IDEA Operations -------------------------- */
- {CKM_IDEA_KEY_GEN, {16, 16, CKF_GENERATE}, PR_FALSE},
- {CKM_IDEA_ECB, {16, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_IDEA_CBC, {16, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
- {CKM_IDEA_MAC, {16, 16, CKF_SN_VR}, PR_FALSE},
- {CKM_IDEA_MAC_GENERAL, {16, 16, CKF_SN_VR}, PR_FALSE},
- {CKM_IDEA_CBC_PAD, {16, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
-#endif
- /* --------------------- Secret Key Operations ------------------------ */
- {CKM_GENERIC_SECRET_KEY_GEN, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_CONCATENATE_BASE_AND_KEY, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_CONCATENATE_BASE_AND_DATA, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_CONCATENATE_DATA_AND_BASE, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_XOR_BASE_AND_DATA, {1, 32, CKF_GENERATE}, PR_FALSE},
- {CKM_EXTRACT_KEY_FROM_KEY, {1, 32, CKF_DERIVE}, PR_FALSE},
- /* ---------------------- SSL Key Derivations ------------------------- */
- {CKM_SSL3_PRE_MASTER_KEY_GEN, {48, 48, CKF_GENERATE}, PR_FALSE},
- {CKM_SSL3_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
- {CKM_SSL3_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE},
- {CKM_SSL3_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
- {CKM_SSL3_MD5_MAC, { 0, 16, CKF_DERIVE}, PR_FALSE},
- {CKM_SSL3_SHA1_MAC, { 0, 20, CKF_DERIVE}, PR_FALSE},
- {CKM_MD5_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE},
- {CKM_MD2_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE},
- {CKM_SHA1_KEY_DERIVATION, { 0, 20, CKF_DERIVE}, PR_FALSE},
- {CKM_TLS_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
- {CKM_TLS_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE},
- {CKM_TLS_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
- /* ---------------------- PBE Key Derivations ------------------------ */
- {CKM_PBE_MD2_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE},
- {CKM_PBE_MD5_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE},
- /* ------------------ NETSCAPE PBE Key Derivations ------------------- */
- {CKM_NETSCAPE_PBE_SHA1_DES_CBC, { 8, 8, CKF_GENERATE}, PR_TRUE},
- {CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_DES3_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_DES2_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_RC2_40_CBC, {40,40, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_RC2_128_CBC, {128,128, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_RC4_40, {40,40, CKF_GENERATE}, PR_TRUE},
- {CKM_PBE_SHA1_RC4_128, {128,128, CKF_GENERATE}, PR_TRUE},
- {CKM_PBA_SHA1_WITH_SHA1_HMAC, {20,20, CKF_GENERATE}, PR_TRUE},
- {CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN, {20,20, CKF_GENERATE}, PR_TRUE},
- {CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN, {16,16, CKF_GENERATE}, PR_TRUE},
- {CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN, {16,16, CKF_GENERATE}, PR_TRUE},
-};
-static CK_ULONG mechanismCount = sizeof(mechanisms)/sizeof(mechanisms[0]);
-
-static char *
-pk11_setStringName(const char *inString, char *buffer, int buffer_length) {
- int full_length, string_length;
-
- full_length = buffer_length -1;
- string_length = PORT_Strlen(inString);
- if (string_length > full_length) string_length = full_length;
- PORT_Memset(buffer,' ',full_length);
- buffer[full_length] = 0;
- PORT_Memcpy(buffer,inString,string_length);
- return buffer;
-}
-/*
- * Configuration utils
- */
-static CK_RV
-pk11_configure(const char *man, const char *libdes)
-{
-
- /* make sure the internationalization was done correctly... */
- if (man) {
- manufacturerID = pk11_setStringName(man,manufacturerID_space,
- sizeof(manufacturerID_space));
- }
- if (libdes) {
- libraryDescription = pk11_setStringName(libdes,
- libraryDescription_space, sizeof(libraryDescription_space));
- }
-
- return CKR_OK;
-}
-
-/*
- * ******************** Password Utilities *******************************
- */
-
-/*
- * see if the key DB password is enabled
- */
-PRBool
-pk11_hasNullPassword(NSSLOWKEYDBHandle *keydb,SECItem **pwitem)
-{
- PRBool pwenabled;
-
- pwenabled = PR_FALSE;
- *pwitem = NULL;
- if (nsslowkey_HasKeyDBPassword (keydb) == SECSuccess) {
- *pwitem = nsslowkey_HashPassword("", keydb->global_salt);
- if ( *pwitem ) {
- if (nsslowkey_CheckKeyDBPassword (keydb, *pwitem) == SECSuccess) {
- pwenabled = PR_TRUE;
- } else {
- SECITEM_ZfreeItem(*pwitem, PR_TRUE);
- *pwitem = NULL;
- }
- }
- }
-
- return pwenabled;
-}
-
-/*
- * ******************** Object Creation Utilities ***************************
- */
-
-
-/* Make sure a given attribute exists. If it doesn't, initialize it to
- * value and len
- */
-CK_RV
-pk11_defaultAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *value,
- unsigned int len)
-{
- if ( !pk11_hasAttribute(object, type)) {
- return pk11_AddAttributeType(object,type,value,len);
- }
- return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Data Object
- */
-static CK_RV
-pk11_handleDataObject(PK11Session *session,PK11Object *object)
-{
- CK_RV crv;
-
- /* first reject private and token data objects */
- if (pk11_isTrue(object,CKA_PRIVATE) || pk11_isTrue(object,CKA_TOKEN)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* now just verify the required date fields */
- crv = pk11_defaultAttribute(object,CKA_APPLICATION,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_VALUE,NULL,0);
- if (crv != CKR_OK) return crv;
-
- return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Certificate Object
- */
-static CK_RV
-pk11_handleCertObject(PK11Session *session,PK11Object *object)
-{
- CK_CERTIFICATE_TYPE type;
- PK11Attribute *attribute;
- CK_RV crv;
- PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
- PORT_Assert(sessObject);
-
- /* certificates must have a type */
- if ( !pk11_hasAttribute(object,CKA_CERTIFICATE_TYPE) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* we can't store any certs private */
- if (pk11_isTrue(object,CKA_PRIVATE)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* We only support X.509 Certs for now */
- attribute = pk11_FindAttribute(object,CKA_CERTIFICATE_TYPE);
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
- type = *(CK_CERTIFICATE_TYPE *)attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
-
- if (type != CKC_X_509) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* X.509 Certificate */
-
- /* make sure we have a cert */
- if ( !pk11_hasAttribute(object,CKA_VALUE) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* in PKCS #11, Subject is a required field */
- if ( !pk11_hasAttribute(object,CKA_SUBJECT) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* in PKCS #11, Issuer is a required field */
- if ( !pk11_hasAttribute(object,CKA_ISSUER) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* in PKCS #11, Serial is a required field */
- if ( !pk11_hasAttribute(object,CKA_SERIAL_NUMBER) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* add it to the object */
- object->objectInfo = NULL;
- object->infoFree = (PK11Free) NULL;
-
- /* now just verify the required date fields */
- crv = pk11_defaultAttribute(object, CKA_ID, NULL, 0);
- if (crv != CKR_OK) { return crv; }
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- SECItem derCert;
- NSSLOWCERTCertificate *cert;
- NSSLOWCERTCertTrust *trust = NULL;
- NSSLOWCERTCertTrust userTrust =
- { CERTDB_USER, CERTDB_USER, CERTDB_USER };
- NSSLOWCERTCertTrust defTrust =
- { CERTDB_TRUSTED_UNKNOWN,
- CERTDB_TRUSTED_UNKNOWN, CERTDB_TRUSTED_UNKNOWN };
- char *label;
- SECStatus rv;
- PRBool inDB = PR_TRUE;
-
- if (slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* get the der cert */
- attribute = pk11_FindAttribute(object,CKA_VALUE);
- PORT_Assert(attribute);
-
- derCert.data = (unsigned char *)attribute->attrib.pValue;
- derCert.len = attribute->attrib.ulValueLen ;
-
- label = pk11_getString(object,CKA_LABEL);
-
- cert = nsslowcert_FindCertByDERCert(slot->certDB, &derCert);
- if (cert == NULL) {
- cert = nsslowcert_DecodeDERCertificate(&derCert,PR_FALSE,label);
- inDB = PR_FALSE;
- }
- if (cert == NULL) {
- if (label) PORT_Free(label);
- pk11_FreeAttribute(attribute);
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- if (slot->keyDB && nsslowkey_KeyForCertExists(slot->keyDB,cert)) {
- trust = &userTrust;
- }
- if (!inDB) {
- if (!trust) trust = &defTrust;
- rv = nsslowcert_AddPermCert(slot->certDB, cert, label, trust);
- } else {
- rv = trust ? nsslowcert_ChangeCertTrust(slot->certDB,cert,trust) :
- SECSuccess;
- }
-
- if (label) PORT_Free(label);
- pk11_FreeAttribute(attribute);
- if (rv != SECSuccess) {
- nsslowcert_DestroyCertificate(cert);
- return CKR_DEVICE_ERROR;
- }
- object->handle=pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_CERT);
- nsslowcert_DestroyCertificate(cert);
- }
-
- return CKR_OK;
-}
-unsigned int
-pk11_MapTrust(CK_TRUST trust, PRBool clientAuth)
-{
- unsigned int trustCA = clientAuth ? CERTDB_TRUSTED_CLIENT_CA :
- CERTDB_TRUSTED_CA;
- switch (trust) {
- case CKT_NETSCAPE_TRUSTED:
- return CERTDB_VALID_PEER|CERTDB_TRUSTED;
- case CKT_NETSCAPE_TRUSTED_DELEGATOR:
- return CERTDB_VALID_CA|trustCA;
- case CKT_NETSCAPE_UNTRUSTED:
- return CERTDB_NOT_TRUSTED;
- case CKT_NETSCAPE_MUST_VERIFY:
- return 0;
- case CKT_NETSCAPE_VALID: /* implies must verify */
- return CERTDB_VALID_PEER;
- case CKT_NETSCAPE_VALID_DELEGATOR: /* implies must verify */
- return CERTDB_VALID_CA;
- default:
- break;
- }
- return CERTDB_TRUSTED_UNKNOWN;
-}
-
-
-/*
- * check the consistancy and initialize a Trust Object
- */
-static CK_RV
-pk11_handleTrustObject(PK11Session *session,PK11Object *object)
-{
- NSSLOWCERTIssuerAndSN issuerSN;
-
- /* we can't store any certs private */
- if (pk11_isTrue(object,CKA_PRIVATE)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* certificates must have a type */
- if ( !pk11_hasAttribute(object,CKA_ISSUER) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_SERIAL_NUMBER) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_CERT_SHA1_HASH) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_CERT_MD5_HASH) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- PK11Attribute *issuer = NULL;
- PK11Attribute *serial = NULL;
- NSSLOWCERTCertificate *cert = NULL;
- PK11Attribute *trust;
- CK_TRUST sslTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
- CK_TRUST clientTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
- CK_TRUST emailTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
- CK_TRUST signTrust = CKT_NETSCAPE_TRUST_UNKNOWN;
- NSSLOWCERTCertTrust dbTrust;
- SECStatus rv;
-
-
- if (slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- issuer = pk11_FindAttribute(object,CKA_ISSUER);
- PORT_Assert(issuer);
- issuerSN.derIssuer.data = (unsigned char *)issuer->attrib.pValue;
- issuerSN.derIssuer.len = issuer->attrib.ulValueLen ;
-
- serial = pk11_FindAttribute(object,CKA_SERIAL_NUMBER);
- PORT_Assert(serial);
- issuerSN.serialNumber.data = (unsigned char *)serial->attrib.pValue;
- issuerSN.serialNumber.len = serial->attrib.ulValueLen ;
-
- cert = nsslowcert_FindCertByIssuerAndSN(slot->certDB,&issuerSN);
- pk11_FreeAttribute(serial);
- pk11_FreeAttribute(issuer);
-
- if (cert == NULL) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- trust = pk11_FindAttribute(object,CKA_TRUST_SERVER_AUTH);
- if (trust) {
- if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
- PORT_Memcpy(&sslTrust,trust->attrib.pValue, sizeof(sslTrust));
- }
- pk11_FreeAttribute(trust);
- }
- trust = pk11_FindAttribute(object,CKA_TRUST_CLIENT_AUTH);
- if (trust) {
- if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
- PORT_Memcpy(&clientTrust,trust->attrib.pValue,
- sizeof(clientTrust));
- }
- pk11_FreeAttribute(trust);
- }
- trust = pk11_FindAttribute(object,CKA_TRUST_EMAIL_PROTECTION);
- if (trust) {
- if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
- PORT_Memcpy(&emailTrust,trust->attrib.pValue,
- sizeof(emailTrust));
- }
- pk11_FreeAttribute(trust);
- }
- trust = pk11_FindAttribute(object,CKA_TRUST_CODE_SIGNING);
- if (trust) {
- if (trust->attrib.ulValueLen == sizeof(CK_TRUST)) {
- PORT_Memcpy(&signTrust,trust->attrib.pValue,
- sizeof(signTrust));
- }
- pk11_FreeAttribute(trust);
- }
-
- /* preserve certain old fields */
- if (cert->trust) {
- dbTrust.sslFlags =
- cert->trust->sslFlags & CERTDB_PRESERVE_TRUST_BITS;
- dbTrust.emailFlags=
- cert->trust->emailFlags & CERTDB_PRESERVE_TRUST_BITS;
- dbTrust.objectSigningFlags =
- cert->trust->objectSigningFlags & CERTDB_PRESERVE_TRUST_BITS;
- }
-
- dbTrust.sslFlags = pk11_MapTrust(sslTrust,PR_FALSE);
- dbTrust.sslFlags |= pk11_MapTrust(clientTrust,PR_TRUE);
- dbTrust.emailFlags = pk11_MapTrust(emailTrust,PR_FALSE);
- dbTrust.objectSigningFlags = pk11_MapTrust(signTrust,PR_FALSE);
-
- rv = nsslowcert_ChangeCertTrust(slot->certDB,cert,&dbTrust);
- object->handle=pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_TRUST);
- nsslowcert_DestroyCertificate(cert);
- if (rv != SECSuccess) {
- return CKR_DEVICE_ERROR;
- }
- }
-
- return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Trust Object
- */
-static CK_RV
-pk11_handleSMimeObject(PK11Session *session,PK11Object *object)
-{
-
- /* we can't store any certs private */
- if (pk11_isTrue(object,CKA_PRIVATE)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* certificates must have a type */
- if ( !pk11_hasAttribute(object,CKA_SUBJECT) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_NETSCAPE_EMAIL) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- SECItem derSubj,rawProfile,rawTime,emailKey;
- SECItem *pRawProfile = NULL;
- SECItem *pRawTime = NULL;
- char *email = NULL;
- PK11Attribute *subject,*profile,*time;
- SECStatus rv;
-
- PORT_Assert(slot);
- if (slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* lookup SUBJECT */
- subject = pk11_FindAttribute(object,CKA_SUBJECT);
- PORT_Assert(subject);
- derSubj.data = (unsigned char *)subject->attrib.pValue;
- derSubj.len = subject->attrib.ulValueLen ;
-
- /* lookup VALUE */
- profile = pk11_FindAttribute(object,CKA_VALUE);
- if (profile) {
- rawProfile.data = (unsigned char *)profile->attrib.pValue;
- rawProfile.len = profile->attrib.ulValueLen ;
- pRawProfile = &rawProfile;
- }
-
- /* lookup Time */
- time = pk11_FindAttribute(object,CKA_NETSCAPE_SMIME_TIMESTAMP);
- if (time) {
- rawTime.data = (unsigned char *)time->attrib.pValue;
- rawTime.len = time->attrib.ulValueLen ;
- pRawTime = &rawTime;
- }
-
-
- email = pk11_getString(object,CKA_NETSCAPE_EMAIL);
-
- /* Store CRL by SUBJECT */
- rv = nsslowcert_SaveSMimeProfile(slot->certDB, email, &derSubj,
- pRawProfile,pRawTime);
-
- pk11_FreeAttribute(subject);
- if (profile) pk11_FreeAttribute(profile);
- if (time) pk11_FreeAttribute(time);
- if (rv != SECSuccess) {
- PORT_Free(email);
- return CKR_DEVICE_ERROR;
- }
- emailKey.data = (unsigned char *)email;
- emailKey.len = PORT_Strlen(email)+1;
-
- object->handle = pk11_mkHandle(slot, &emailKey, PK11_TOKEN_TYPE_SMIME);
- PORT_Free(email);
- }
-
- return CKR_OK;
-}
-
-/*
- * check the consistancy and initialize a Trust Object
- */
-static CK_RV
-pk11_handleCrlObject(PK11Session *session,PK11Object *object)
-{
-
- /* we can't store any certs private */
- if (pk11_isTrue(object,CKA_PRIVATE)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* certificates must have a type */
- if ( !pk11_hasAttribute(object,CKA_SUBJECT) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object,CKA_VALUE) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- PRBool isKRL = PR_FALSE;
- SECItem derSubj,derCrl;
- char *url = NULL;
- PK11Attribute *subject,*crl;
- SECStatus rv;
-
- PORT_Assert(slot);
- if (slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* lookup SUBJECT */
- subject = pk11_FindAttribute(object,CKA_SUBJECT);
- PORT_Assert(subject);
- derSubj.data = (unsigned char *)subject->attrib.pValue;
- derSubj.len = subject->attrib.ulValueLen ;
-
- /* lookup VALUE */
- crl = pk11_FindAttribute(object,CKA_VALUE);
- PORT_Assert(crl);
- derCrl.data = (unsigned char *)crl->attrib.pValue;
- derCrl.len = crl->attrib.ulValueLen ;
-
-
- url = pk11_getString(object,CKA_NETSCAPE_URL);
- isKRL = pk11_isTrue(object,CKA_NETSCAPE_KRL);
-
- /* Store CRL by SUBJECT */
- rv = nsslowcert_AddCrl(slot->certDB, &derCrl, &derSubj, url, isKRL);
-
- if (url) {
- PORT_Free(url);
- }
- pk11_FreeAttribute(crl);
- if (rv != SECSuccess) {
- pk11_FreeAttribute(subject);
- return CKR_DEVICE_ERROR;
- }
-
- object->handle = pk11_mkHandle(slot,&derSubj,
- isKRL ? PK11_TOKEN_KRL_HANDLE : PK11_TOKEN_TYPE_CRL);
- pk11_FreeAttribute(subject);
- }
-
- return CKR_OK;
-}
-
-NSSLOWKEYPublicKey * pk11_GetPubKey(PK11Object *object,CK_KEY_TYPE key);
-/*
- * check the consistancy and initialize a Public Key Object
- */
-static CK_RV
-pk11_handlePublicKeyObject(PK11Session *session, PK11Object *object,
- CK_KEY_TYPE key_type)
-{
- CK_BBOOL encrypt = CK_TRUE;
- CK_BBOOL recover = CK_TRUE;
- CK_BBOOL wrap = CK_TRUE;
- CK_BBOOL derive = CK_FALSE;
- CK_BBOOL verify = CK_TRUE;
- CK_ATTRIBUTE_TYPE pubKeyAttr = CKA_VALUE;
- CK_RV crv;
-
- switch (key_type) {
- case CKK_RSA:
- if ( !pk11_hasAttribute(object, CKA_MODULUS)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- pubKeyAttr = CKA_MODULUS;
- break;
- case CKK_DSA:
- if ( !pk11_hasAttribute(object, CKA_SUBPRIME)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- case CKK_DH:
- if ( !pk11_hasAttribute(object, CKA_PRIME)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_BASE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_VALUE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if (key_type == CKK_DH) {
- verify = CK_FALSE;
- derive = CK_TRUE;
- }
- encrypt = CK_FALSE;
- recover = CK_FALSE;
- wrap = CK_FALSE;
- break;
- default:
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
-
- /* make sure the required fields exist */
- crv = pk11_defaultAttribute(object,CKA_SUBJECT,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_ENCRYPT,&encrypt,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_VERIFY,&verify,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_VERIFY_RECOVER,
- &recover,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_WRAP,&wrap,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_DERIVE,&derive,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- object->objectInfo = pk11_GetPubKey(object,key_type);
- object->infoFree = (PK11Free) nsslowkey_DestroyPublicKey;
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- NSSLOWKEYPrivateKey *priv;
- SECItem pubKey;
-
- crv = pk11_Attribute2SSecItem(NULL,&pubKey,object,pubKeyAttr);
- if (crv != CKR_OK) return crv;
-
- PORT_Assert(pubKey.data);
- if (slot->keyDB == NULL) {
- PORT_Free(pubKey.data);
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- if (slot->keyDB->version != 3) {
- unsigned char buf[SHA1_LENGTH];
- SHA1_HashBuf(buf,pubKey.data,pubKey.len);
- PORT_Memcpy(pubKey.data,buf,sizeof(buf));
- pubKey.len = sizeof(buf);
- }
- /* make sure the associated private key already exists */
- /* only works if we are logged in */
- priv = nsslowkey_FindKeyByPublicKey(slot->keyDB, &pubKey,
- slot->password);
- if (priv == NULL) {
- PORT_Free(pubKey.data);
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- nsslowkey_DestroyPrivateKey(priv);
-
- object->handle = pk11_mkHandle(slot, &pubKey, PK11_TOKEN_TYPE_PUB);
- PORT_Free(pubKey.data);
- }
-
- return CKR_OK;
-}
-
-static NSSLOWKEYPrivateKey * pk11_mkPrivKey(PK11Object *object,CK_KEY_TYPE key);
-/*
- * check the consistancy and initialize a Private Key Object
- */
-static CK_RV
-pk11_handlePrivateKeyObject(PK11Session *session,PK11Object *object,CK_KEY_TYPE key_type)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL encrypt = CK_TRUE;
- CK_BBOOL recover = CK_TRUE;
- CK_BBOOL wrap = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- SECItem mod;
- CK_RV crv;
-
- switch (key_type) {
- case CKK_RSA:
- if ( !pk11_hasAttribute(object, CKA_MODULUS)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PRIVATE_EXPONENT)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PRIME_1)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_PRIME_2)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_EXPONENT_1)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_EXPONENT_2)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_COEFFICIENT)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- /* make sure Netscape DB attribute is set correctly */
- crv = pk11_Attribute2SSecItem(NULL, &mod, object, CKA_MODULUS);
- if (crv != CKR_OK) return crv;
- crv = pk11_forceAttribute(object, CKA_NETSCAPE_DB,
- pk11_item_expand(&mod));
- if (mod.data) PORT_Free(mod.data);
- if (crv != CKR_OK) return crv;
-
- break;
- case CKK_DSA:
- if ( !pk11_hasAttribute(object, CKA_SUBPRIME)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_NETSCAPE_DB)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- case CKK_DH:
- if ( !pk11_hasAttribute(object, CKA_PRIME)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_BASE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if ( !pk11_hasAttribute(object, CKA_VALUE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- encrypt = CK_FALSE;
- recover = CK_FALSE;
- wrap = CK_FALSE;
- break;
- default:
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- crv = pk11_defaultAttribute(object,CKA_SUBJECT,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_SENSITIVE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_EXTRACTABLE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_DECRYPT,&encrypt,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_SIGN,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_SIGN_RECOVER,&recover,
- sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_UNWRAP,&wrap,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- /* the next two bits get modified only in the key gen and token cases */
- crv = pk11_forceAttribute(object,CKA_ALWAYS_SENSITIVE,
- &ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_forceAttribute(object,CKA_NEVER_EXTRACTABLE,
- &ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- /* should we check the non-token RSA private keys? */
-
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- NSSLOWKEYPrivateKey *privKey;
- char *label;
- SECStatus rv = SECSuccess;
- SECItem pubKey;
-
- if (slot->keyDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- privKey=pk11_mkPrivKey(object,key_type);
- if (privKey == NULL) return CKR_HOST_MEMORY;
- label = pk11_getString(object,CKA_LABEL);
-
- crv = pk11_Attribute2SSecItem(NULL,&pubKey,object,CKA_NETSCAPE_DB);
- if (crv != CKR_OK) {
- if (label) PORT_Free(label);
- nsslowkey_DestroyPrivateKey(privKey);
- return CKR_TEMPLATE_INCOMPLETE;
- }
- if (slot->keyDB->version != 3) {
- unsigned char buf[SHA1_LENGTH];
- SHA1_HashBuf(buf,pubKey.data,pubKey.len);
- PORT_Memcpy(pubKey.data,buf,sizeof(buf));
- pubKey.len = sizeof(buf);
- }
-
- if (key_type == CKK_RSA) {
- rv = RSA_PrivateKeyCheck(&privKey->u.rsa);
- if (rv == SECFailure) {
- goto fail;
- }
- }
- rv = nsslowkey_StoreKeyByPublicKey(object->slot->keyDB,
- privKey, &pubKey, label, object->slot->password);
-
-fail:
- if (label) PORT_Free(label);
- object->handle = pk11_mkHandle(slot,&pubKey,PK11_TOKEN_TYPE_PRIV);
- if (pubKey.data) PORT_Free(pubKey.data);
- nsslowkey_DestroyPrivateKey(privKey);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- } else {
- object->objectInfo = pk11_mkPrivKey(object,key_type);
- if (object->objectInfo == NULL) return CKR_HOST_MEMORY;
- object->infoFree = (PK11Free) nsslowkey_DestroyPrivateKey;
- /* now NULL out the sensitive attributes */
- if (pk11_isTrue(object,CKA_SENSITIVE)) {
- pk11_nullAttribute(object,CKA_PRIVATE_EXPONENT);
- pk11_nullAttribute(object,CKA_PRIME_1);
- pk11_nullAttribute(object,CKA_PRIME_2);
- pk11_nullAttribute(object,CKA_EXPONENT_1);
- pk11_nullAttribute(object,CKA_EXPONENT_2);
- pk11_nullAttribute(object,CKA_COEFFICIENT);
- }
- }
- return CKR_OK;
-}
-
-/* forward delcare the DES formating function for handleSecretKey */
-void pk11_FormatDESKey(unsigned char *key, int length);
-static NSSLOWKEYPrivateKey *pk11_mkSecretKeyRep(PK11Object *object);
-
-/* Validate secret key data, and set defaults */
-static CK_RV
-validateSecretKey(PK11Session *session, PK11Object *object,
- CK_KEY_TYPE key_type, PRBool isFIPS)
-{
- CK_RV crv;
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- PK11Attribute *attribute = NULL;
- crv = pk11_defaultAttribute(object,CKA_SENSITIVE,
- isFIPS?&cktrue:&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_EXTRACTABLE,
- &cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_ENCRYPT,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_DECRYPT,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_SIGN,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_VERIFY,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_WRAP,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_UNWRAP,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- if ( !pk11_hasAttribute(object, CKA_VALUE)) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- /* the next two bits get modified only in the key gen and token cases */
- crv = pk11_forceAttribute(object,CKA_ALWAYS_SENSITIVE,
- &ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_forceAttribute(object,CKA_NEVER_EXTRACTABLE,
- &ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- /* some types of keys have a value length */
- crv = CKR_OK;
- switch (key_type) {
- /* force CKA_VALUE_LEN to be set */
- case CKK_GENERIC_SECRET:
- case CKK_RC2:
- case CKK_RC4:
-#if NSS_SOFTOKEN_DOES_RC5
- case CKK_RC5:
-#endif
-#ifdef NSS_SOFTOKEN_DOES_CAST
- case CKK_CAST:
- case CKK_CAST3:
- case CKK_CAST5:
-#endif
-#if NSS_SOFTOKEN_DOES_IDEA
- case CKK_IDEA:
-#endif
- attribute = pk11_FindAttribute(object,CKA_VALUE);
- /* shouldn't happen */
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
- crv = pk11_forceAttribute(object, CKA_VALUE_LEN,
- &attribute->attrib.ulValueLen, sizeof(CK_ULONG));
- pk11_FreeAttribute(attribute);
- break;
- /* force the value to have the correct parity */
- case CKK_DES:
- case CKK_DES2:
- case CKK_DES3:
- case CKK_CDMF:
- attribute = pk11_FindAttribute(object,CKA_VALUE);
- /* shouldn't happen */
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
- pk11_FormatDESKey((unsigned char*)attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- pk11_FreeAttribute(attribute);
- break;
- default:
- break;
- }
-
- return crv;
-}
-/*
- * check the consistancy and initialize a Secret Key Object
- */
-static CK_RV
-pk11_handleSecretKeyObject(PK11Session *session,PK11Object *object,
- CK_KEY_TYPE key_type, PRBool isFIPS)
-{
- CK_RV crv;
- NSSLOWKEYPrivateKey *privKey = NULL;
- SECItem pubKey;
- char *label = NULL;
-
- pubKey.data = 0;
-
- /* First validate and set defaults */
- crv = validateSecretKey(session, object, key_type, isFIPS);
- if (crv != CKR_OK) goto loser;
-
- /* If the object is a TOKEN object, store in the database */
- if (pk11_isTrue(object,CKA_TOKEN)) {
- PK11Slot *slot = session->slot;
- SECStatus rv = SECSuccess;
-
- if (slot->keyDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- privKey=pk11_mkSecretKeyRep(object);
- if (privKey == NULL) return CKR_HOST_MEMORY;
-
- label = pk11_getString(object,CKA_LABEL);
-
- crv = pk11_Attribute2SecItem(NULL, &pubKey, object, CKA_ID);
- /* Should this be ID? */
- if (crv != CKR_OK) goto loser;
-
- PORT_Assert(slot->keyDB);
- rv = nsslowkey_StoreKeyByPublicKey(slot->keyDB,
- privKey, &pubKey, label, slot->password);
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- goto loser;
- }
-
- object->handle = pk11_mkHandle(slot,&pubKey,PK11_TOKEN_TYPE_KEY);
- }
-
-loser:
- if (label) PORT_Free(label);
- if (privKey) nsslowkey_DestroyPrivateKey(privKey);
- if (pubKey.data) PORT_Free(pubKey.data);
-
- return crv;
-}
-
-/*
- * check the consistancy and initialize a Key Object
- */
-static CK_RV
-pk11_handleKeyObject(PK11Session *session, PK11Object *object)
-{
- PK11Attribute *attribute;
- CK_KEY_TYPE key_type;
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_RV crv;
-
- /* verify the required fields */
- if ( !pk11_hasAttribute(object,CKA_KEY_TYPE) ) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
-
- /* now verify the common fields */
- crv = pk11_defaultAttribute(object,CKA_ID,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_START_DATE,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_END_DATE,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_DERIVE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_LOCAL,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- /* get the key type */
- attribute = pk11_FindAttribute(object,CKA_KEY_TYPE);
- key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
-
- switch (object->objclass) {
- case CKO_PUBLIC_KEY:
- return pk11_handlePublicKeyObject(session,object,key_type);
- case CKO_PRIVATE_KEY:
- return pk11_handlePrivateKeyObject(session,object,key_type);
- case CKO_SECRET_KEY:
- /* make sure the required fields exist */
- return pk11_handleSecretKeyObject(session,object,key_type,
- (PRBool)(session->slot->slotID == FIPS_SLOT_ID));
- default:
- break;
- }
- return CKR_ATTRIBUTE_VALUE_INVALID;
-}
-
-/*
- * Handle Object does all the object consistancy checks, automatic attribute
- * generation, attribute defaulting, etc. If handleObject succeeds, the object
- * will be assigned an object handle, and the object installed in the session
- * or stored in the DB.
- */
-CK_RV
-pk11_handleObject(PK11Object *object, PK11Session *session)
-{
- PK11Slot *slot = session->slot;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_BBOOL cktrue = CK_TRUE;
- PK11Attribute *attribute;
- CK_RV crv;
-
- /* make sure all the base object types are defined. If not set the
- * defaults */
- crv = pk11_defaultAttribute(object,CKA_TOKEN,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_PRIVATE,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_LABEL,NULL,0);
- if (crv != CKR_OK) return crv;
- crv = pk11_defaultAttribute(object,CKA_MODIFIABLE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) return crv;
-
- /* don't create a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (pk11_isTrue(object,CKA_PRIVATE))) {
- return CKR_USER_NOT_LOGGED_IN;
- }
-
-
- if (((session->info.flags & CKF_RW_SESSION) == 0) &&
- (pk11_isTrue(object,CKA_TOKEN))) {
- return CKR_SESSION_READ_ONLY;
- }
-
- /* PKCS #11 object ID's are unique for all objects on a
- * token */
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
- object->handle = slot->tokenIDCount++;
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-
- /* get the object class */
- attribute = pk11_FindAttribute(object,CKA_CLASS);
- if (attribute == NULL) {
- return CKR_TEMPLATE_INCOMPLETE;
- }
- object->objclass = *(CK_OBJECT_CLASS *)attribute->attrib.pValue;
- pk11_FreeAttribute(attribute);
-
- /* now handle the specific. Get a session handle for these functions
- * to use */
- switch (object->objclass) {
- case CKO_DATA:
- crv = pk11_handleDataObject(session,object);
- break;
- case CKO_CERTIFICATE:
- crv = pk11_handleCertObject(session,object);
- break;
- case CKO_NETSCAPE_TRUST:
- crv = pk11_handleTrustObject(session,object);
- break;
- case CKO_NETSCAPE_CRL:
- crv = pk11_handleCrlObject(session,object);
- break;
- case CKO_NETSCAPE_SMIME:
- crv = pk11_handleSMimeObject(session,object);
- break;
- case CKO_PRIVATE_KEY:
- case CKO_PUBLIC_KEY:
- case CKO_SECRET_KEY:
- crv = pk11_handleKeyObject(session,object);
- break;
- default:
- crv = CKR_ATTRIBUTE_VALUE_INVALID;
- break;
- }
-
- /* can't fail from here on out unless the pk_handlXXX functions have
- * failed the request */
- if (crv != CKR_OK) {
- return crv;
- }
-
- /* now link the object into the slot and session structures */
- if (pk11_isToken(object->handle)) {
- pk11_convertSessionToToken(object);
- } else {
- object->slot = slot;
- pk11_AddObject(session,object);
- }
-
- return CKR_OK;
-}
-
-/*
- * ******************** Public Key Utilities ***************************
- */
-/* Generate a low public key structure from an object */
-NSSLOWKEYPublicKey *pk11_GetPubKey(PK11Object *object,CK_KEY_TYPE key_type)
-{
- NSSLOWKEYPublicKey *pubKey;
- PLArenaPool *arena;
- CK_RV crv;
-
- if (object->objclass != CKO_PUBLIC_KEY) {
- return NULL;
- }
-
- if (pk11_isToken(object->handle)) {
-/* ferret out the token object handle */
- }
-
- /* If we already have a key, use it */
- if (object->objectInfo) {
- return (NSSLOWKEYPublicKey *)object->objectInfo;
- }
-
- /* allocate the structure */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return NULL;
-
- pubKey = (NSSLOWKEYPublicKey *)
- PORT_ArenaAlloc(arena,sizeof(NSSLOWKEYPublicKey));
- if (pubKey == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
-
- /* fill in the structure */
- pubKey->arena = arena;
- switch (key_type) {
- case CKK_RSA:
- pubKey->keyType = NSSLOWKEYRSAKey;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.rsa.modulus,
- object,CKA_MODULUS);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.rsa.publicExponent,
- object,CKA_PUBLIC_EXPONENT);
- break;
- case CKK_DSA:
- pubKey->keyType = NSSLOWKEYDSAKey;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.params.prime,
- object,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.params.subPrime,
- object,CKA_SUBPRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.params.base,
- object,CKA_BASE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.publicValue,
- object,CKA_VALUE);
- break;
- case CKK_DH:
- pubKey->keyType = NSSLOWKEYDHKey;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dh.prime,
- object,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dh.base,
- object,CKA_BASE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&pubKey->u.dsa.publicValue,
- object,CKA_VALUE);
- break;
- default:
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
-
- object->objectInfo = pubKey;
- object->infoFree = (PK11Free) nsslowkey_DestroyPublicKey;
- return pubKey;
-}
-
-/* make a private key from a verified object */
-static NSSLOWKEYPrivateKey *
-pk11_mkPrivKey(PK11Object *object,CK_KEY_TYPE key_type)
-{
- NSSLOWKEYPrivateKey *privKey;
- PLArenaPool *arena;
- CK_RV crv = CKR_OK;
- SECStatus rv;
-
- PORT_Assert(!pk11_isToken(object->handle));
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) return NULL;
-
- privKey = (NSSLOWKEYPrivateKey *)
- PORT_ArenaAlloc(arena,sizeof(NSSLOWKEYPrivateKey));
- if (privKey == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
-
- /* in future this would be a switch on key_type */
- privKey->arena = arena;
- switch (key_type) {
- case CKK_RSA:
- privKey->keyType = NSSLOWKEYRSAKey;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.modulus,
- object,CKA_MODULUS);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.publicExponent,object,
- CKA_PUBLIC_EXPONENT);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.privateExponent,object,
- CKA_PRIVATE_EXPONENT);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.prime1,object,
- CKA_PRIME_1);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.prime2,object,
- CKA_PRIME_2);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.exponent1,
- object, CKA_EXPONENT_1);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.exponent2,
- object, CKA_EXPONENT_2);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(arena,&privKey->u.rsa.coefficient,object,
- CKA_COEFFICIENT);
- if (crv != CKR_OK) break;
- rv = DER_SetUInteger(privKey->arena, &privKey->u.rsa.version,
- NSSLOWKEY_VERSION);
- if (rv != SECSuccess) crv = CKR_HOST_MEMORY;
- break;
-
- case CKK_DSA:
- privKey->keyType = NSSLOWKEYDSAKey;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.params.prime,
- object,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.params.subPrime,
- object,CKA_SUBPRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.params.base,
- object,CKA_BASE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.privateValue,
- object,CKA_VALUE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dsa.publicValue,
- object,CKA_NETSCAPE_DB);
- /* can't set the public value.... */
- break;
-
- case CKK_DH:
- privKey->keyType = NSSLOWKEYDHKey;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.prime,
- object,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.base,
- object,CKA_BASE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.privateValue,
- object,CKA_VALUE);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(arena,&privKey->u.dh.publicValue,
- object,CKA_NETSCAPE_DB);
- break;
- default:
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
- return privKey;
-}
-
-
-/* Generate a low private key structure from an object */
-NSSLOWKEYPrivateKey *
-pk11_GetPrivKey(PK11Object *object,CK_KEY_TYPE key_type)
-{
- NSSLOWKEYPrivateKey *priv = NULL;
-
- if (object->objclass != CKO_PRIVATE_KEY) {
- return NULL;
- }
- if (object->objectInfo) {
- return (NSSLOWKEYPrivateKey *)object->objectInfo;
- }
-
- if (pk11_isToken(object->handle)) {
- /* grab it from the data base */
- PK11TokenObject *to = pk11_narrowToTokenObject(object);
-
- PORT_Assert(to);
- PORT_Assert(object->slot->keyDB);
- priv = nsslowkey_FindKeyByPublicKey(object->slot->keyDB, &to->dbKey,
- object->slot->password);
- } else {
- priv = pk11_mkPrivKey(object, key_type);
- }
- object->objectInfo = priv;
- object->infoFree = (PK11Free) nsslowkey_DestroyPrivateKey;
- return priv;
-}
-
-/*
- **************************** Symetric Key utils ************************
- */
-/*
- * set the DES key with parity bits correctly
- */
-void
-pk11_FormatDESKey(unsigned char *key, int length)
-{
- int i;
-
- /* format the des key */
- for (i=0; i < length; i++) {
- key[i] = parityTable[key[i]>>1];
- }
-}
-
-/*
- * check a des key (des2 or des3 subkey) for weak keys.
- */
-PRBool
-pk11_CheckDESKey(unsigned char *key)
-{
- int i;
-
- /* format the des key with parity */
- pk11_FormatDESKey(key, 8);
-
- for (i=0; i < pk11_desWeakTableSize; i++) {
- if (PORT_Memcmp(key,pk11_desWeakTable[i],8) == 0) {
- return PR_TRUE;
- }
- }
- return PR_FALSE;
-}
-
-/*
- * check if a des or triple des key is weak.
- */
-PRBool
-pk11_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type)
-{
-
- switch(key_type) {
- case CKK_DES:
- return pk11_CheckDESKey(key);
- case CKM_DES2_KEY_GEN:
- if (pk11_CheckDESKey(key)) return PR_TRUE;
- return pk11_CheckDESKey(&key[8]);
- case CKM_DES3_KEY_GEN:
- if (pk11_CheckDESKey(key)) return PR_TRUE;
- if (pk11_CheckDESKey(&key[8])) return PR_TRUE;
- return pk11_CheckDESKey(&key[16]);
- default:
- break;
- }
- return PR_FALSE;
-}
-
-
-/* make a fake private key representing a symmetric key */
-static NSSLOWKEYPrivateKey *
-pk11_mkSecretKeyRep(PK11Object *object)
-{
- NSSLOWKEYPrivateKey *privKey;
- PLArenaPool *arena = 0;
- CK_RV crv;
- SECStatus rv;
- static unsigned char derZero[1] = { 0 };
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) { crv = CKR_HOST_MEMORY; goto loser; }
-
- privKey = (NSSLOWKEYPrivateKey *)
- PORT_ArenaAlloc(arena,sizeof(NSSLOWKEYPrivateKey));
- if (privKey == NULL) { crv = CKR_HOST_MEMORY; goto loser; }
-
- privKey->arena = arena;
-
- /* Secret keys are represented in the database as "fake" RSA keys. The RSA key
- * is marked as a secret key representation by setting the public exponent field
- * to 0, which is an invalid RSA exponent. The other fields are set as follows:
- * modulus - CKA_ID value for the secret key
- * private exponent - CKA_VALUE (the key itself)
- * coefficient - CKA_KEY_TYPE, which indicates what encryption algorithm
- * is used for the key.
- * all others - set to integer 0
- */
- privKey->keyType = NSSLOWKEYRSAKey;
-
- /* The modulus is set to the key id of the symmetric key */
- crv=pk11_Attribute2SecItem(arena,&privKey->u.rsa.modulus,object,CKA_ID);
- if (crv != CKR_OK) goto loser;
-
- /* The public exponent is set to 0 length to indicate a special key */
- privKey->u.rsa.publicExponent.len = sizeof derZero;
- privKey->u.rsa.publicExponent.data = derZero;
-
- /* The private exponent is the actual key value */
- crv=pk11_Attribute2SecItem(arena,&privKey->u.rsa.privateExponent,object,CKA_VALUE);
- if (crv != CKR_OK) goto loser;
-
- /* All other fields empty - needs testing */
- privKey->u.rsa.prime1.len = sizeof derZero;
- privKey->u.rsa.prime1.data = derZero;
-
- privKey->u.rsa.prime2.len = sizeof derZero;
- privKey->u.rsa.prime2.data = derZero;
-
- privKey->u.rsa.exponent1.len = sizeof derZero;
- privKey->u.rsa.exponent1.data = derZero;
-
- privKey->u.rsa.exponent2.len = sizeof derZero;
- privKey->u.rsa.exponent2.data = derZero;
-
- /* Coeficient set to KEY_TYPE */
- crv=pk11_Attribute2SecItem(arena,&privKey->u.rsa.coefficient,object,CKA_KEY_TYPE);
- if (crv != CKR_OK) goto loser;
-
- /* Private key version field set normally for compatibility */
- rv = DER_SetUInteger(privKey->arena,
- &privKey->u.rsa.version, NSSLOWKEY_VERSION);
- if (rv != SECSuccess) { crv = CKR_HOST_MEMORY; goto loser; }
-
-loser:
- if (crv != CKR_OK) {
- PORT_FreeArena(arena,PR_FALSE);
- privKey = 0;
- }
-
- return privKey;
-}
-
-static PRBool
-isSecretKey(NSSLOWKEYPrivateKey *privKey)
-{
- if (privKey->keyType == NSSLOWKEYRSAKey &&
- privKey->u.rsa.publicExponent.len == 1 &&
- privKey->u.rsa.publicExponent.data[0] == 0)
- return PR_TRUE;
-
- return PR_FALSE;
-}
-
-/**********************************************************************
- *
- * Start of PKCS 11 functions
- *
- **********************************************************************/
-
-
-/* return the function list */
-CK_RV NSC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
-{
- *pFunctionList = (CK_FUNCTION_LIST_PTR) &pk11_funcList;
- return CKR_OK;
-}
-
-/* return the function list */
-CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
-{
- return NSC_GetFunctionList(pFunctionList);
-}
-
-static PLHashNumber
-pk11_HashNumber(const void *key)
-{
- return (PLHashNumber) key;
-}
-
-/*
- * eventually I'd like to expunge all occurances of XXX_SLOT_ID and
- * just go with the info in the slot. This is one place, however,
- * where it might be a little difficult.
- */
-const char *
-pk11_getDefTokName(CK_SLOT_ID slotID)
-{
- static char buf[33];
-
- switch (slotID) {
- case NETSCAPE_SLOT_ID:
- return "NSS Generic Crypto Services ";
- case PRIVATE_KEY_SLOT_ID:
- return "NSS Certificate DB ";
- case FIPS_SLOT_ID:
- return "NSS FIPS-140-1 Cerificate DB ";
- default:
- break;
- }
- sprintf(buf,"NSS Application Token %08x ",(unsigned int) slotID);
- return buf;
-}
-
-const char *
-pk11_getDefSlotName(CK_SLOT_ID slotID)
-{
- static char buf[65];
-
- switch (slotID) {
- case NETSCAPE_SLOT_ID:
- return
- "NSS Internal Cryptographic Services Version 3.4 ";
- case PRIVATE_KEY_SLOT_ID:
- return
- "NSS User Private Key and Certificate Services ";
- case FIPS_SLOT_ID:
- return
- "Netscape FIPS-140-1 User Private Key Services ";
- default:
- break;
- }
- sprintf(buf,
- "NSS Application Slot %08x ",
- (unsigned int) slotID);
- return buf;
-}
-
-static CK_ULONG nscSlotCount = 0;
-static CK_SLOT_ID_PTR nscSlotList = NULL;
-static CK_ULONG nscSlotListSize = 0;
-static PLHashTable *nscSlotHashTable = NULL;
-
-/* look up a slot structure from the ID (used to be a macro when we only
- * had two slots) */
-PK11Slot *
-pk11_SlotFromID(CK_SLOT_ID slotID)
-{
- return (PK11Slot *)PL_HashTableLookup(nscSlotHashTable, (void *)slotID);
-}
-
-PK11Slot *
-pk11_SlotFromSessionHandle(CK_SESSION_HANDLE handle)
-{
- int slotIDIndex = (handle >> 24) & 0xff;
-
- if (slotIDIndex >= nscSlotCount) {
- return NULL;
- }
-
- return pk11_SlotFromID(nscSlotList[slotIDIndex]);
-}
-
-PK11Slot * pk11_NewSlotFromID(CK_SLOT_ID slotID)
-{
- PK11Slot *slot = NULL;
- PLHashEntry *entry;
-
- if (nscSlotList == NULL) {
- nscSlotListSize = NSC_SLOT_LIST_BLOCK_SIZE;
- nscSlotList = (CK_SLOT_ID *)
- PORT_ZAlloc(nscSlotListSize*sizeof(CK_SLOT_ID));
- if (nscSlotList == NULL) {
- return NULL;
- }
- }
- if (nscSlotCount >= nscSlotListSize) {
- nscSlotListSize += NSC_SLOT_LIST_BLOCK_SIZE;
- nscSlotList = (CK_SLOT_ID *) PORT_Realloc(nscSlotList,
- nscSlotListSize*sizeof(CK_SLOT_ID));
- if (nscSlotList == NULL) {
- return NULL;
- }
- }
-
- if (nscSlotHashTable == NULL) {
- nscSlotHashTable = PL_NewHashTable(64,pk11_HashNumber,PL_CompareValues,
- PL_CompareValues, NULL, 0);
- if (nscSlotHashTable == NULL) {
- return NULL;
- }
- }
-
- slot = (PK11Slot *) PORT_ZAlloc(sizeof(PK11Slot));
- if (slot == NULL) {
- return NULL;
- }
-
- entry = PL_HashTableAdd(nscSlotHashTable,(void *)slotID,slot);
- if (entry == NULL) {
- PORT_Free(slot);
- return NULL;
- }
- slot->index = nscSlotCount;
- nscSlotList[nscSlotCount++] = slotID;
-
- return slot;
-}
-
-/*
- * initialize one of the slot structures. figure out which by the ID
- */
-CK_RV
-PK11_SlotInit(char *configdir,pk11_token_parameters *params)
-{
- int i;
- CK_SLOT_ID slotID = params->slotID;
- PK11Slot *slot = pk11_NewSlotFromID(slotID);
- PRBool needLogin = !params->noKeyDB;
- CK_RV crv;
-
- if (slot == NULL) {
- return CKR_HOST_MEMORY;
- }
-
-#ifdef PKCS11_USE_THREADS
- slot->sessionLock = PZ_NewLock(nssILockSession);
- if (slot->sessionLock == NULL) return CKR_HOST_MEMORY;
- slot->objectLock = PZ_NewLock(nssILockObject);
- if (slot->objectLock == NULL) return CKR_HOST_MEMORY;
-#else
- slot->sessionLock = NULL;
- slot->objectLock = NULL;
-#endif
- for(i=0; i < SESSION_HASH_SIZE; i++) {
- slot->head[i] = NULL;
- }
- for(i=0; i < TOKEN_OBJECT_HASH_SIZE; i++) {
- slot->tokObjects[i] = NULL;
- }
- slot->tokenHashTable = PL_NewHashTable(64,pk11_HashNumber,PL_CompareValues,
- SECITEM_HashCompare, NULL, 0);
- if (slot->tokenHashTable == NULL) {
- return CKR_HOST_MEMORY;
- }
- slot->password = NULL;
- slot->hasTokens = PR_FALSE;
- slot->sessionIDCount = 1;
- slot->sessionCount = 0;
- slot->rwSessionCount = 0;
- slot->tokenIDCount = 1;
- slot->needLogin = PR_FALSE;
- slot->isLoggedIn = PR_FALSE;
- slot->ssoLoggedIn = PR_FALSE;
- slot->DB_loaded = PR_FALSE;
- slot->slotID = slotID;
- slot->certDB = NULL;
- slot->keyDB = NULL;
- slot->minimumPinLen = 0;
- slot->readOnly = params->readOnly;
- pk11_setStringName(params->tokdes ? params->tokdes :
- pk11_getDefTokName(slotID), slot->tokDescription,
- sizeof(slot->tokDescription));
- pk11_setStringName(params->slotdes ? params->slotdes :
- pk11_getDefSlotName(slotID), slot->slotDescription,
- sizeof(slot->slotDescription));
-
- if ((!params->noCertDB) || (!params->noKeyDB)) {
- crv = pk11_DBInit(params->configdir ? params->configdir : configdir,
- params->certPrefix, params->keyPrefix, params->readOnly,
- params->noCertDB, params->noKeyDB, params->forceOpen,
- &slot->certDB, &slot->keyDB);
- if (crv != CKR_OK) {
- /* shoutdown slot? */
- return crv;
- }
- }
- if (needLogin) {
- /* if the data base is initialized with a null password,remember that */
- slot->needLogin =
- (PRBool)!pk11_hasNullPassword(slot->keyDB,&slot->password);
- if (params->minPW <= PK11_MAX_PIN) {
- slot->minimumPinLen = params->minPW;
- }
- if ((slot->minimumPinLen == 0) && (params->pwRequired) &&
- (slot->minimumPinLen <= PK11_MAX_PIN)) {
- slot->minimumPinLen = 1;
- }
- }
- return CKR_OK;
-}
-
-static PRIntn
-pk11_freeHashItem(PLHashEntry* entry, PRIntn index, void *arg)
-{
- SECItem *item = (SECItem *)entry->value;
-
- SECITEM_FreeItem(item, PR_TRUE);
- return HT_ENUMERATE_NEXT;
-}
-
-/*
- * initialize one of the slot structures. figure out which by the ID
- */
-static CK_RV
-pk11_DestroySlotData(PK11Slot *slot)
-{
- int i;
-
-#ifdef PKCS11_USE_THREADS
- if (slot->sessionLock) {
- PZ_DestroyLock(slot->sessionLock);
- slot->sessionLock = NULL;
- }
- if (slot->objectLock) {
- PZ_DestroyLock(slot->objectLock);
- slot->objectLock = NULL;
- }
-#endif
-
- PL_HashTableEnumerateEntries(slot->tokenHashTable,pk11_freeHashItem,NULL);
- PL_HashTableDestroy(slot->tokenHashTable);
-
- for(i=0; i < TOKEN_OBJECT_HASH_SIZE; i++) {
- PK11Object *object = slot->tokObjects[i];
- slot->tokObjects[i] = NULL;
- pk11_FreeObject(object);
- }
-
- for(i=0; i < SESSION_HASH_SIZE; i++) {
- PK11Session *session = slot->head[i];
- slot->head[i] = NULL;
- pk11_FreeSession(session);
- }
- pk11_DBShutdown(slot->certDB,slot->keyDB);
-
- PORT_Free(slot);
- return CKR_OK;
-}
-
-/*
- * handle the SECMOD.db
- */
-char **
-NSC_ModuleDBFunc(unsigned long function,char *parameters, char *args)
-{
- char *secmod;
- PRBool rw;
- static char *success="Success";
-
- secmod = secmod_getSecmodName(parameters,&rw);
-
- switch (function) {
- case SECMOD_MODULE_DB_FUNCTION_FIND:
- return secmod_ReadPermDB(secmod,parameters,rw);
- case SECMOD_MODULE_DB_FUNCTION_ADD:
- return (secmod_AddPermDB(secmod,args,rw) == SECSuccess)
- ? &success: NULL;
- case SECMOD_MODULE_DB_FUNCTION_DEL:
- return (secmod_DeletePermDB(secmod,args,rw) == SECSuccess)
- ? &success: NULL;
- }
- return NULL;
-}
-
-
-static PRBool nsc_init = PR_FALSE;
-/* NSC_Initialize initializes the Cryptoki library. */
-CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS)
-{
- CK_RV crv = CKR_OK;
- SECStatus rv;
- CK_C_INITIALIZE_ARGS *init_args = (CK_C_INITIALIZE_ARGS *) pReserved;
- int i;
-
- if (nsc_init) {
- return crv;
- }
-
- rv = RNG_RNGInit(); /* initialize random number generator */
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- goto loser;
- }
- RNG_SystemInfoForRNG();
-
-
- /* NOTE:
- * we should be getting out mutexes from this list, not statically binding
- * them from NSPR. This should happen before we allow the internal to split
- * off from the rest on NSS.
- */
-
- /* initialize the key and cert db's */
- nsslowkey_SetDefaultKeyDBAlg
- (SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC);
- crv = CKR_ARGUMENTS_BAD;
- if ((init_args && init_args->LibraryParameters)) {
- pk11_parameters paramStrings;
-
- crv = secmod_parseParameters
- ((char *)init_args->LibraryParameters, &paramStrings, isFIPS);
- if (crv != CKR_OK) {
- return crv;
- }
- crv = pk11_configure(paramStrings.man, paramStrings.libdes);
- if (crv != CKR_OK) {
- goto loser;
- }
-
- for (i=0; i < paramStrings.token_count; i++) {
- crv =
- PK11_SlotInit(paramStrings.configdir, &paramStrings.tokens[i]);
- if (crv != CKR_OK) break;
- }
-loser:
- secmod_freeParams(&paramStrings);
- }
- nsc_init = (PRBool) (crv == CKR_OK);
-
- return crv;
-}
-
-CK_RV NSC_Initialize(CK_VOID_PTR pReserved)
-{
- return nsc_CommonInitialize(pReserved,PR_FALSE);
-}
-
-/* NSC_Finalize indicates that an application is done with the
- * Cryptoki library.*/
-CK_RV NSC_Finalize (CK_VOID_PTR pReserved)
-{
- PK11Slot *slot = NULL;
- CK_SLOT_ID slotID;
- int i;
-
- if (!nsc_init) {
- return CKR_OK;
- }
-
- /* free all the slots */
- if (nscSlotList) {
- CK_ULONG tmpSlotCount = nscSlotCount;
- CK_ULONG tmpSlotListSize = nscSlotListSize;
- CK_SLOT_ID_PTR tmpSlotList = nscSlotList;
- PLHashTable *tmpSlotHashTable = nscSlotHashTable;
-
- /* now clear out the statics */
- nscSlotList = NULL;
- nscSlotCount = 0;
- nscSlotHashTable = NULL;
- nscSlotListSize = 0;
-
- for (i=0; i < tmpSlotCount; i++) {
- slotID = tmpSlotList[i];
- slot = (PK11Slot *)
- PL_HashTableLookup(tmpSlotHashTable, (void *)slotID);
- PORT_Assert(slot);
- if (!slot) continue;
- pk11_DestroySlotData(slot);
- PL_HashTableRemove(tmpSlotHashTable, (void *)slotID);
- }
- PORT_Free(tmpSlotList);
- PL_HashTableDestroy(tmpSlotHashTable);
- }
-
- nsslowcert_DestroyGlobalLocks();
-
-#ifdef LEAK_TEST
- /*
- * do we really want to throw away all our hard earned entropy here!!?
- * No we don't! Not calling RNG_RNGShutdown only 'leaks' data on the
- * initial call to RNG_Init(). So the only reason to call this is to clean
- * up leak detection warnings on shutdown. In many cases we *don't* want
- * to free up the global RNG context because the application has Finalized
- * simply to swap profiles. We don't want to loose the entropy we've
- * already collected.
- */
- RNG_RNGShutdown();
-#endif
-
- pk11_CleanupFreeLists();
- /* tell freeBL to clean up after itself */
- BL_Cleanup();
- nsc_init = PR_FALSE;
-
- return CKR_OK;
-}
-
-
-/* NSC_GetInfo returns general information about Cryptoki. */
-CK_RV NSC_GetInfo(CK_INFO_PTR pInfo)
-{
- pInfo->cryptokiVersion.major = 2;
- pInfo->cryptokiVersion.minor = 11;
- PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
- pInfo->libraryVersion.major = 3;
- pInfo->libraryVersion.minor = 2;
- PORT_Memcpy(pInfo->libraryDescription,libraryDescription,32);
- pInfo->flags = 0;
- return CKR_OK;
-}
-
-/* NSC_GetSlotList obtains a list of slots in the system. */
-CK_RV NSC_GetSlotList(CK_BBOOL tokenPresent,
- CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
-{
- *pulCount = nscSlotCount;
- if (pSlotList != NULL) {
- PORT_Memcpy(pSlotList,nscSlotList,nscSlotCount*sizeof(CK_SLOT_ID));
- }
- return CKR_OK;
-}
-
-/* NSC_GetSlotInfo obtains information about a particular slot in the system. */
-CK_RV NSC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
-{
- PK11Slot *slot = pk11_SlotFromID(slotID);
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- pInfo->firmwareVersion.major = 0;
- pInfo->firmwareVersion.minor = 0;
- PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
- PORT_Memcpy(pInfo->slotDescription,slot->slotDescription,64);
- pInfo->flags = CKF_TOKEN_PRESENT;
- /* ok we really should read it out of the keydb file. */
- /* pInfo->hardwareVersion.major = NSSLOWKEY_DB_FILE_VERSION; */
- pInfo->hardwareVersion.major = 3;
- pInfo->hardwareVersion.minor = 4;
- return CKR_OK;
-}
-
-#define CKF_THREAD_SAFE 0x8000 /* for now */
-
-/* NSC_GetTokenInfo obtains information about a particular token in
- * the system. */
-CK_RV NSC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo)
-{
- PK11Slot *slot = pk11_SlotFromID(slotID);
- NSSLOWKEYDBHandle *handle;
-
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- PORT_Memcpy(pInfo->manufacturerID,manufacturerID,32);
- PORT_Memcpy(pInfo->model,"NSS 3 ",16);
- PORT_Memcpy(pInfo->serialNumber,"0000000000000000",16);
- pInfo->ulMaxSessionCount = 0; /* arbitrarily large */
- pInfo->ulSessionCount = slot->sessionCount;
- pInfo->ulMaxRwSessionCount = 0; /* arbitarily large */
- pInfo->ulRwSessionCount = slot->rwSessionCount;
- pInfo->firmwareVersion.major = 0;
- pInfo->firmwareVersion.minor = 0;
- PORT_Memcpy(pInfo->label,slot->tokDescription,32);
- handle = slot->keyDB;
- if (handle == NULL) {
- pInfo->flags= CKF_RNG | CKF_WRITE_PROTECTED | CKF_THREAD_SAFE;
- pInfo->ulMaxPinLen = 0;
- pInfo->ulMinPinLen = 0;
- pInfo->ulTotalPublicMemory = 0;
- pInfo->ulFreePublicMemory = 0;
- pInfo->ulTotalPrivateMemory = 0;
- pInfo->ulFreePrivateMemory = 0;
- pInfo->hardwareVersion.major = 4;
- pInfo->hardwareVersion.minor = 0;
- } else {
- /*
- * we have three possible states which we may be in:
- * (1) No DB password has been initialized. This also means we
- * have no keys in the key db.
- * (2) Password initialized to NULL. This means we have keys, but
- * the user has chosen not use a password.
- * (3) Finally we have an initialized password whicn is not NULL, and
- * we will need to prompt for it.
- */
- if (nsslowkey_HasKeyDBPassword(handle) == SECFailure) {
- pInfo->flags = CKF_THREAD_SAFE | CKF_LOGIN_REQUIRED;
- } else if (!slot->needLogin) {
- pInfo->flags = CKF_THREAD_SAFE | CKF_USER_PIN_INITIALIZED;
- } else {
- pInfo->flags = CKF_THREAD_SAFE |
- CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED;
- }
- pInfo->ulMaxPinLen = PK11_MAX_PIN;
- pInfo->ulMinPinLen = 0;
- if (slot->minimumPinLen > 0) {
- pInfo->ulMinPinLen = (CK_ULONG)slot->minimumPinLen;
- }
- pInfo->ulTotalPublicMemory = 1;
- pInfo->ulFreePublicMemory = 1;
- pInfo->ulTotalPrivateMemory = 1;
- pInfo->ulFreePrivateMemory = 1;
- pInfo->hardwareVersion.major = CERT_DB_FILE_VERSION;
- pInfo->hardwareVersion.minor = handle->version;
- }
- return CKR_OK;
-}
-
-
-
-/* NSC_GetMechanismList obtains a list of mechanism types
- * supported by a token. */
-CK_RV NSC_GetMechanismList(CK_SLOT_ID slotID,
- CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount)
-{
- int i;
-
- switch (slotID) {
- case NETSCAPE_SLOT_ID:
- *pulCount = mechanismCount;
- if (pMechanismList != NULL) {
- for (i=0; i < (int) mechanismCount; i++) {
- pMechanismList[i] = mechanisms[i].type;
- }
- }
- break;
- default:
- *pulCount = 0;
- for (i=0; i < (int) mechanismCount; i++) {
- if (mechanisms[i].privkey) {
- (*pulCount)++;
- if (pMechanismList != NULL) {
- *pMechanismList++ = mechanisms[i].type;
- }
- }
- }
- break;
- }
- return CKR_OK;
-}
-
-
-/* NSC_GetMechanismInfo obtains information about a particular mechanism
- * possibly supported by a token. */
-CK_RV NSC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
- CK_MECHANISM_INFO_PTR pInfo)
-{
- PRBool isPrivateKey;
- int i;
-
- switch (slotID) {
- case NETSCAPE_SLOT_ID:
- isPrivateKey = PR_FALSE;
- break;
- default:
- isPrivateKey = PR_TRUE;
- break;
- }
- for (i=0; i < (int) mechanismCount; i++) {
- if (type == mechanisms[i].type) {
- if (isPrivateKey && !mechanisms[i].privkey) {
- return CKR_MECHANISM_INVALID;
- }
- PORT_Memcpy(pInfo,&mechanisms[i].domestic,
- sizeof(CK_MECHANISM_INFO));
- return CKR_OK;
- }
- }
- return CKR_MECHANISM_INVALID;
-}
-
-static SECStatus
-pk11_TurnOffUser(NSSLOWCERTCertificate *cert, SECItem *k, void *arg)
-{
- NSSLOWCERTCertTrust trust;
- SECStatus rv;
-
- rv = nsslowcert_GetCertTrust(cert,&trust);
- if (rv == SECSuccess && ((trust.emailFlags & CERTDB_USER) ||
- (trust.sslFlags & CERTDB_USER) ||
- (trust.objectSigningFlags & CERTDB_USER))) {
- trust.emailFlags &= ~CERTDB_USER;
- trust.sslFlags &= ~CERTDB_USER;
- trust.objectSigningFlags &= ~CERTDB_USER;
- nsslowcert_ChangeCertTrust(cert->dbhandle,cert,&trust);
- }
- return SECSuccess;
-}
-
-/* NSC_InitToken initializes a token. */
-CK_RV NSC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,
- CK_ULONG ulPinLen,CK_CHAR_PTR pLabel) {
- PK11Slot *slot = pk11_SlotFromID(slotID);
- NSSLOWKEYDBHandle *handle;
- NSSLOWCERTCertDBHandle *certHandle;
- SECStatus rv;
- int i;
- PK11Object *object;
-
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- /* don't initialize the database if we aren't talking to a token
- * that uses the key database.
- */
- if (slotID == NETSCAPE_SLOT_ID) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* first, delete all our loaded key and cert objects from our
- * internal list. */
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
- for (i=0; i < TOKEN_OBJECT_HASH_SIZE; i++) {
- do {
- object = slot->tokObjects[i];
- /* hand deque */
- /* this duplicates function of NSC_close session functions, but
- * because we know that we are freeing all the sessions, we can
- * do more efficient processing */
- if (object) {
- slot->tokObjects[i] = object->next;
-
- if (object->next) object->next->prev = NULL;
- object->next = object->prev = NULL;
- }
- if (object) pk11_FreeObject(object);
- } while (object != NULL);
- }
- slot->DB_loaded = PR_FALSE;
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-
- /* then clear out the key database */
- handle = slot->keyDB;
- if (handle == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
-
- /* what to do on an error here? */
- rv = nsslowkey_ResetKeyDB(handle);
-
- /* finally mark all the user certs as non-user certs */
- certHandle = slot->certDB;
- if (certHandle == NULL) return CKR_OK;
-
- nsslowcert_TraversePermCerts(certHandle,pk11_TurnOffUser, NULL);
-
- return CKR_OK; /*is this the right function for not implemented*/
-}
-
-
-/* NSC_InitPIN initializes the normal user's PIN. */
-CK_RV NSC_InitPIN(CK_SESSION_HANDLE hSession,
- CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
-{
- PK11Session *sp;
- PK11Slot *slot;
- NSSLOWKEYDBHandle *handle;
- SECItem *newPin;
- char newPinStr[PK11_MAX_PIN+1];
- SECStatus rv;
-
-
- sp = pk11_SessionFromHandle(hSession);
- if (sp == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- slot = pk11_SlotFromSession(sp);
- if (slot == NULL) {
- pk11_FreeSession(sp);
- return CKR_SESSION_HANDLE_INVALID;;
- }
-
- handle = slot->keyDB;
- if (handle == NULL) {
- pk11_FreeSession(sp);
- return CKR_PIN_LEN_RANGE;
- }
-
-
- if (sp->info.state != CKS_RW_SO_FUNCTIONS) {
- pk11_FreeSession(sp);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- pk11_FreeSession(sp);
-
- /* make sure the pins aren't too long */
- if (ulPinLen > PK11_MAX_PIN) {
- return CKR_PIN_LEN_RANGE;
- }
- if (ulPinLen < slot->minimumPinLen) {
- return CKR_PIN_LEN_RANGE;
- }
-
- if (nsslowkey_HasKeyDBPassword(handle) != SECFailure) {
- return CKR_DEVICE_ERROR;
- }
-
- /* convert to null terminated string */
- PORT_Memcpy(newPinStr,pPin,ulPinLen);
- newPinStr[ulPinLen] = 0;
-
- /* build the hashed pins which we pass around */
- newPin = nsslowkey_HashPassword(newPinStr,handle->global_salt);
- PORT_Memset(newPinStr,0,sizeof(newPinStr));
-
- /* change the data base */
- rv = nsslowkey_SetKeyDBPassword(handle,newPin);
-
- /* Now update our local copy of the pin */
- if (rv == SECSuccess) {
- if (slot->password) {
- SECITEM_ZfreeItem(slot->password, PR_TRUE);
- }
- slot->password = newPin;
- if (ulPinLen == 0) slot->needLogin = PR_FALSE;
- return CKR_OK;
- }
- SECITEM_ZfreeItem(newPin, PR_TRUE);
- return CKR_PIN_INCORRECT;
-}
-
-
-/* NSC_SetPIN modifies the PIN of user that is currently logged in. */
-/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
-CK_RV NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
- CK_ULONG ulOldLen, CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
-{
- PK11Session *sp;
- PK11Slot *slot;
- NSSLOWKEYDBHandle *handle;
- SECItem *newPin;
- SECItem *oldPin;
- char newPinStr[PK11_MAX_PIN+1],oldPinStr[PK11_MAX_PIN+1];
- SECStatus rv;
-
-
- sp = pk11_SessionFromHandle(hSession);
- if (sp == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- slot = pk11_SlotFromSession(sp);
- if (!slot) {
- pk11_FreeSession(sp);
- return CKR_SESSION_HANDLE_INVALID;;
- }
-
- handle = slot->keyDB;
- if (handle == NULL) {
- pk11_FreeSession(sp);
- return CKR_PIN_LEN_RANGE;
- }
-
- if (slot->needLogin && sp->info.state != CKS_RW_USER_FUNCTIONS) {
- pk11_FreeSession(sp);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- pk11_FreeSession(sp);
-
- /* make sure the pins aren't too long */
- if ((ulNewLen > PK11_MAX_PIN) || (ulOldLen > PK11_MAX_PIN)) {
- return CKR_PIN_LEN_RANGE;
- }
- if (ulNewLen < slot->minimumPinLen) {
- return CKR_PIN_LEN_RANGE;
- }
-
-
- /* convert to null terminated string */
- PORT_Memcpy(newPinStr,pNewPin,ulNewLen);
- newPinStr[ulNewLen] = 0;
- PORT_Memcpy(oldPinStr,pOldPin,ulOldLen);
- oldPinStr[ulOldLen] = 0;
-
- /* build the hashed pins which we pass around */
- newPin = nsslowkey_HashPassword(newPinStr,handle->global_salt);
- oldPin = nsslowkey_HashPassword(oldPinStr,handle->global_salt);
- PORT_Memset(newPinStr,0,sizeof(newPinStr));
- PORT_Memset(oldPinStr,0,sizeof(oldPinStr));
-
- /* change the data base */
- rv = nsslowkey_ChangeKeyDBPassword(handle,oldPin,newPin);
-
- /* Now update our local copy of the pin */
- SECITEM_ZfreeItem(oldPin, PR_TRUE);
- if (rv == SECSuccess) {
- if (slot->password) {
- SECITEM_ZfreeItem(slot->password, PR_TRUE);
- }
- slot->password = newPin;
- slot->needLogin = (PRBool)(ulNewLen != 0);
- return CKR_OK;
- }
- SECITEM_ZfreeItem(newPin, PR_TRUE);
- return CKR_PIN_INCORRECT;
-}
-
-/* NSC_OpenSession opens a session between an application and a token. */
-CK_RV NSC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
- CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession)
-{
- PK11Slot *slot;
- CK_SESSION_HANDLE sessionID;
- PK11Session *session;
-
- slot = pk11_SlotFromID(slotID);
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- /* new session (we only have serial sessions) */
- session = pk11_NewSession(slotID, Notify, pApplication,
- flags | CKF_SERIAL_SESSION);
- if (session == NULL) return CKR_HOST_MEMORY;
-
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- sessionID = slot->sessionIDCount++ | (slot->index << 24);
- if (slot->readOnly && (flags & CKF_RW_SESSION)) {
- /* NETSCAPE_SLOT_ID is Read ONLY */
- session->info.flags &= ~CKF_RW_SESSION;
- }
-
- session->handle = sessionID;
- pk11_update_state(slot, session);
- pk11queue_add(session, sessionID, slot->head, SESSION_HASH_SIZE);
- slot->sessionCount++;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount++;
- }
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
-
- *phSession = sessionID;
- return CKR_OK;
-}
-
-
-/* NSC_CloseSession closes a session between an application and a token. */
-CK_RV NSC_CloseSession(CK_SESSION_HANDLE hSession)
-{
- PK11Slot *slot;
- PK11Session *session;
- SECItem *pw = NULL;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- slot = pk11_SlotFromSession(session);
-
- /* lock */
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- if (pk11queue_is_queued(session,hSession,slot->head,SESSION_HASH_SIZE)) {
- pk11queue_delete(session,hSession,slot->head,SESSION_HASH_SIZE);
- session->refCount--; /* can't go to zero while we hold the reference */
- slot->sessionCount--;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount--;
- }
- }
- if (slot->sessionCount == 0) {
- pw = slot->password;
- slot->isLoggedIn = PR_FALSE;
- slot->password = NULL;
- }
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
-
- pk11_FreeSession(session);
- if (pw) SECITEM_ZfreeItem(pw, PR_TRUE);
- return CKR_OK;
-}
-
-
-/* NSC_CloseAllSessions closes all sessions with a token. */
-CK_RV NSC_CloseAllSessions (CK_SLOT_ID slotID)
-{
- PK11Slot *slot;
- SECItem *pw = NULL;
- PK11Session *session;
- int i;
-
- slot = pk11_SlotFromID(slotID);
- if (slot == NULL) return CKR_SLOT_ID_INVALID;
-
- /* first log out the card */
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- pw = slot->password;
- slot->isLoggedIn = PR_FALSE;
- slot->password = NULL;
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
- if (pw) SECITEM_ZfreeItem(pw, PR_TRUE);
-
- /* now close all the current sessions */
- /* NOTE: If you try to open new sessions before NSC_CloseAllSessions
- * completes, some of those new sessions may or may not be closed by
- * NSC_CloseAllSessions... but any session running when this code starts
- * will guarrenteed be close, and no session will be partially closed */
- for (i=0; i < SESSION_HASH_SIZE; i++) {
- do {
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- session = slot->head[i];
- /* hand deque */
- /* this duplicates function of NSC_close session functions, but
- * because we know that we are freeing all the sessions, we can
- * do more efficient processing */
- if (session) {
- slot->head[i] = session->next;
- if (session->next) session->next->prev = NULL;
- session->next = session->prev = NULL;
- slot->sessionCount--;
- if (session->info.flags & CKF_RW_SESSION) {
- slot->rwSessionCount--;
- }
- }
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
- if (session) pk11_FreeSession(session);
- } while (session != NULL);
- }
- return CKR_OK;
-}
-
-
-/* NSC_GetSessionInfo obtains information about the session. */
-CK_RV NSC_GetSessionInfo(CK_SESSION_HANDLE hSession,
- CK_SESSION_INFO_PTR pInfo)
-{
- PK11Session *session;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-
- PORT_Memcpy(pInfo,&session->info,sizeof(CK_SESSION_INFO));
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-/* NSC_Login logs a user into a token. */
-CK_RV NSC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
- CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
-{
- PK11Slot *slot;
- PK11Session *session;
- NSSLOWKEYDBHandle *handle;
- SECItem *pin;
- char pinStr[PK11_MAX_PIN+1];
-
-
- /* get the slot */
- slot = pk11_SlotFromSessionHandle(hSession);
-
- /* make sure the session is valid */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- }
- pk11_FreeSession(session);
-
- /* can't log into the Netscape Slot */
- if (slot->slotID == NETSCAPE_SLOT_ID)
- return CKR_USER_TYPE_INVALID;
-
- if (slot->isLoggedIn) return CKR_USER_ALREADY_LOGGED_IN;
- slot->ssoLoggedIn = PR_FALSE;
-
- if (ulPinLen > PK11_MAX_PIN) return CKR_PIN_LEN_RANGE;
-
- /* convert to null terminated string */
- PORT_Memcpy(pinStr,pPin,ulPinLen);
- pinStr[ulPinLen] = 0;
-
- handle = slot->keyDB;
- if (handle == NULL) {
- return CKR_USER_TYPE_INVALID;
- }
-
- /*
- * Deal with bootstrap. We allow the SSO to login in with a NULL
- * password if and only if we haven't initialized the KEY DB yet.
- * We only allow this on a RW session.
- */
- if (nsslowkey_HasKeyDBPassword(handle) == SECFailure) {
- /* allow SSO's to log in only if there is not password on the
- * key database */
- if (((userType == CKU_SO) && (session->info.flags & CKF_RW_SESSION))
- /* fips always needs to authenticate, even if there isn't a db */
- || (slot->slotID == FIPS_SLOT_ID)) {
- /* should this be a fixed password? */
- if (ulPinLen == 0) {
- SECItem *pw;
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- pw = slot->password;
- slot->password = NULL;
- slot->isLoggedIn = PR_TRUE;
- slot->ssoLoggedIn = (PRBool)(userType == CKU_SO);
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
- pk11_update_all_states(slot);
- SECITEM_ZfreeItem(pw,PR_TRUE);
- return CKR_OK;
- }
- return CKR_PIN_INCORRECT;
- }
- return CKR_USER_TYPE_INVALID;
- }
-
- /* don't allow the SSO to log in if the user is already initialized */
- if (userType != CKU_USER) { return CKR_USER_TYPE_INVALID; }
-
-
- /* build the hashed pins which we pass around */
- pin = nsslowkey_HashPassword(pinStr,handle->global_salt);
- if (pin == NULL) return CKR_HOST_MEMORY;
-
- if (nsslowkey_CheckKeyDBPassword(handle,pin) == SECSuccess) {
- SECItem *tmp;
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- tmp = slot->password;
- slot->isLoggedIn = PR_TRUE;
- slot->password = pin;
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
- if (tmp) SECITEM_ZfreeItem(tmp, PR_TRUE);
-
- /* update all sessions */
- pk11_update_all_states(slot);
- return CKR_OK;
- }
-
- SECITEM_ZfreeItem(pin, PR_TRUE);
- return CKR_PIN_INCORRECT;
-}
-
-/* NSC_Logout logs a user out from a token. */
-CK_RV NSC_Logout(CK_SESSION_HANDLE hSession)
-{
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- SECItem *pw = NULL;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- }
-
- if (!slot->isLoggedIn) return CKR_USER_NOT_LOGGED_IN;
-
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- pw = slot->password;
- slot->isLoggedIn = PR_FALSE;
- slot->ssoLoggedIn = PR_FALSE;
- slot->password = NULL;
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
- if (pw) SECITEM_ZfreeItem(pw, PR_TRUE);
-
- pk11_update_all_states(slot);
- return CKR_OK;
-}
-
-
-/* NSC_CreateObject creates a new object. */
-CK_RV NSC_CreateObject(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phObject)
-{
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- CK_RV crv;
- int i;
-
-
- /*
- * now lets create an object to hang the attributes off of
- */
- object = pk11_NewObject(slot); /* fill in the handle later */
- if (object == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulCount; i++) {
- crv = pk11_AddAttributeType(object,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) {
- pk11_FreeObject(object);
- return crv;
- }
- }
-
- /* get the session */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(object);
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- /*
- * handle the base object stuff
- */
- crv = pk11_handleObject(object,session);
- *phObject = object->handle;
- pk11_FreeSession(session);
- pk11_FreeObject(object);
-
- return crv;
-}
-
-
-/* NSC_CopyObject copies an object, creating a new object for the copy. */
-CK_RV NSC_CopyObject(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phNewObject)
-{
- PK11Object *destObject,*srcObject;
- PK11Session *session;
- CK_RV crv = CKR_OK;
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- int i;
-
- /* Get srcObject so we can find the class */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
- srcObject = pk11_ObjectFromHandle(hObject,session);
- if (srcObject == NULL) {
- pk11_FreeSession(session);
- return CKR_OBJECT_HANDLE_INVALID;
- }
- /*
- * create an object to hang the attributes off of
- */
- destObject = pk11_NewObject(slot); /* fill in the handle later */
- if (destObject == NULL) {
- pk11_FreeSession(session);
- pk11_FreeObject(srcObject);
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulCount; i++) {
- if (pk11_modifyType(pTemplate[i].type,srcObject->objclass) == PK11_NEVER) {
- crv = CKR_ATTRIBUTE_READ_ONLY;
- break;
- }
- crv = pk11_AddAttributeType(destObject,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) { break; }
- }
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- pk11_FreeObject(srcObject);
- pk11_FreeObject(destObject);
- return crv;
- }
-
- /* sensitive can only be changed to CK_TRUE */
- if (pk11_hasAttribute(destObject,CKA_SENSITIVE)) {
- if (!pk11_isTrue(destObject,CKA_SENSITIVE)) {
- pk11_FreeSession(session);
- pk11_FreeObject(srcObject);
- pk11_FreeObject(destObject);
- return CKR_ATTRIBUTE_READ_ONLY;
- }
- }
-
- /*
- * now copy the old attributes from the new attributes
- */
- /* don't create a token object if we aren't in a rw session */
- /* we need to hold the lock to copy a consistant version of
- * the object. */
- crv = pk11_CopyObject(destObject,srcObject);
-
- destObject->objclass = srcObject->objclass;
- pk11_FreeObject(srcObject);
- if (crv != CKR_OK) {
- pk11_FreeObject(destObject);
- pk11_FreeSession(session);
- }
-
- crv = pk11_handleObject(destObject,session);
- *phNewObject = destObject->handle;
- pk11_FreeSession(session);
- pk11_FreeObject(destObject);
-
- return crv;
-}
-
-
-/* NSC_GetObjectSize gets the size of an object in bytes. */
-CK_RV NSC_GetObjectSize(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize) {
- *pulSize = 0;
- return CKR_OK;
-}
-
-
-/* NSC_GetAttributeValue obtains the value of one or more object attributes. */
-CK_RV NSC_GetAttributeValue(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- PK11Attribute *attribute;
- PRBool sensitive;
- int i;
-
- /*
- * make sure we're allowed
- */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- object = pk11_ObjectFromHandle(hObject,session);
- pk11_FreeSession(session);
- if (object == NULL) {
- return CKR_OBJECT_HANDLE_INVALID;
- }
-
- /* don't read a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (pk11_isTrue(object,CKA_PRIVATE))) {
- pk11_FreeObject(object);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- sensitive = pk11_isTrue(object,CKA_SENSITIVE);
- for (i=0; i < (int) ulCount; i++) {
- /* Make sure that this attribute is retrievable */
- if (sensitive && pk11_isSensitive(pTemplate[i].type,object->objclass)) {
- pk11_FreeObject(object);
- return CKR_ATTRIBUTE_SENSITIVE;
- }
- attribute = pk11_FindAttribute(object,pTemplate[i].type);
- if (attribute == NULL) {
- pk11_FreeObject(object);
- return CKR_ATTRIBUTE_TYPE_INVALID;
- }
- if (pTemplate[i].pValue != NULL) {
- PORT_Memcpy(pTemplate[i].pValue,attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- }
- pTemplate[i].ulValueLen = attribute->attrib.ulValueLen;
- pk11_FreeAttribute(attribute);
- }
-
- pk11_FreeObject(object);
- return CKR_OK;
-}
-
-/* NSC_SetAttributeValue modifies the value of one or more object attributes */
-CK_RV NSC_SetAttributeValue (CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Attribute *attribute;
- PK11Object *object;
- PRBool isToken;
- CK_RV crv = CKR_OK;
- CK_BBOOL legal;
- int i;
-
- /*
- * make sure we're allowed
- */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- object = pk11_ObjectFromHandle(hObject,session);
- if (object == NULL) {
- pk11_FreeSession(session);
- return CKR_OBJECT_HANDLE_INVALID;
- }
-
- /* don't modify a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (pk11_isTrue(object,CKA_PRIVATE))) {
- pk11_FreeSession(session);
- pk11_FreeObject(object);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- /* don't modify a token object if we aren't in a rw session */
- isToken = pk11_isTrue(object,CKA_TOKEN);
- if (((session->info.flags & CKF_RW_SESSION) == 0) && isToken) {
- pk11_FreeSession(session);
- pk11_FreeObject(object);
- return CKR_SESSION_READ_ONLY;
- }
- pk11_FreeSession(session);
-
- /* only change modifiable objects */
- if (!pk11_isTrue(object,CKA_MODIFIABLE)) {
- pk11_FreeObject(object);
- return CKR_ATTRIBUTE_READ_ONLY;
- }
-
- for (i=0; i < (int) ulCount; i++) {
- /* Make sure that this attribute is changeable */
- switch (pk11_modifyType(pTemplate[i].type,object->objclass)) {
- case PK11_NEVER:
- case PK11_ONCOPY:
- default:
- crv = CKR_ATTRIBUTE_READ_ONLY;
- break;
-
- case PK11_SENSITIVE:
- legal = (pTemplate[i].type == CKA_EXTRACTABLE) ? CK_FALSE : CK_TRUE;
- if ((*(CK_BBOOL *)pTemplate[i].pValue) != legal) {
- crv = CKR_ATTRIBUTE_READ_ONLY;
- }
- break;
- case PK11_ALWAYS:
- break;
- }
- if (crv != CKR_OK) break;
-
- /* find the old attribute */
- attribute = pk11_FindAttribute(object,pTemplate[i].type);
- if (attribute == NULL) {
- crv =CKR_ATTRIBUTE_TYPE_INVALID;
- break;
- }
- pk11_FreeAttribute(attribute);
- crv = pk11_forceAttribute(object,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) break;
-
- }
-
- pk11_FreeObject(object);
- return crv;
-}
-
-/*
- * find any certs that may match the template and load them.
- */
-#define NSC_CERT 0x00000001
-#define NSC_TRUST 0x00000002
-#define NSC_CRL 0x00000004
-#define NSC_SMIME 0x00000008
-#define NSC_PRIVATE 0x00000010
-#define NSC_PUBLIC 0x00000020
-#define NSC_KEY 0x00000040
-
-/*
- * structure to collect key handles.
- */
-typedef struct pk11CrlDataStr {
- PK11Slot *slot;
- PK11SearchResults *searchHandles;
- CK_ATTRIBUTE *template;
- CK_ULONG templ_count;
-} pk11CrlData;
-
-
-static SECStatus
-pk11_crl_collect(SECItem *data, SECItem *key, certDBEntryType type, void *arg)
-{
- pk11CrlData *crlData;
- CK_OBJECT_HANDLE class_handle;
- PK11Slot *slot;
-
- crlData = (pk11CrlData *)arg;
- slot = crlData->slot;
-
- class_handle = (type == certDBEntryTypeRevocation) ? PK11_TOKEN_TYPE_CRL :
- PK11_TOKEN_KRL_HANDLE;
- if (pk11_tokenMatch(slot, key, class_handle,
- crlData->template, crlData->templ_count)) {
- pk11_addHandle(crlData->searchHandles,
- pk11_mkHandle(slot,key,class_handle));
- }
- return(SECSuccess);
-}
-
-static void
-pk11_searchCrls(PK11Slot *slot, SECItem *derSubject, PRBool isKrl,
- unsigned long classFlags, PK11SearchResults *search,
- CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
-{
- NSSLOWCERTCertDBHandle *certHandle = NULL;
-
- certHandle = slot->certDB;
- if (certHandle == NULL) {
- return;
- }
- if (derSubject->data != NULL) {
- SECItem *crl =
- nsslowcert_FindCrlByKey(certHandle,derSubject,NULL,isKrl);
-
- if (crl != NULL) {
- pk11_addHandle(search, pk11_mkHandle(slot,derSubject,
- isKrl ? PK11_TOKEN_KRL_HANDLE : PK11_TOKEN_TYPE_CRL));
- }
- } else {
- pk11CrlData crlData;
-
- /* traverse */
- crlData.slot = slot;
- crlData.searchHandles = search;
- crlData.template = pTemplate;
- crlData.templ_count = ulCount;
- nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeRevocation,
- pk11_crl_collect, (void *)&crlData);
- nsslowcert_TraverseDBEntries(certHandle, certDBEntryTypeKeyRevocation,
- pk11_crl_collect, (void *)&crlData);
- }
-}
-
-/*
- * structure to collect key handles.
- */
-typedef struct pk11KeyDataStr {
- PK11Slot *slot;
- PK11SearchResults *searchHandles;
- SECItem *id;
- CK_ATTRIBUTE *template;
- CK_ULONG templ_count;
- unsigned long classFlags;
- PRBool isLoggedIn;
- PRBool strict;
-} pk11KeyData;
-
-
-static SECStatus
-pk11_key_collect(DBT *key, DBT *data, void *arg)
-{
- pk11KeyData *keyData;
- NSSLOWKEYPrivateKey *privKey = NULL;
- SECItem tmpDBKey;
- PK11Slot *slot;
-
- keyData = (pk11KeyData *)arg;
- slot = keyData->slot;
-
- tmpDBKey.data = key->data;
- tmpDBKey.len = key->size;
-
- PORT_Assert(slot->keyDB);
- if (!keyData->strict && keyData->id) {
- SECItem result;
- unsigned char hashKey[SHA1_LENGTH];
- result.data = hashKey;
- result.len = sizeof(hashKey);
-
- SHA1_HashBuf( hashKey, key->data, key->size );
- if (SECITEM_ItemsAreEqual(keyData->id,&result)) {
- if (keyData->classFlags & NSC_PRIVATE) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(slot,&tmpDBKey,PK11_TOKEN_TYPE_PRIV));
- }
- if (keyData->classFlags & NSC_PUBLIC) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(slot,&tmpDBKey,PK11_TOKEN_TYPE_PUB));
- }
- /* NSC_KEY Already handled */
- }
- return SECSuccess;
- }
-
- privKey = nsslowkey_FindKeyByPublicKey(keyData->slot->keyDB, &tmpDBKey,
- keyData->slot->password);
- if ( privKey == NULL ) {
- goto loser;
- }
-
- if (isSecretKey(privKey)) {
- if ((keyData->classFlags & NSC_KEY) &&
- pk11_tokenMatch(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_KEY,
- keyData->template, keyData->templ_count)) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_KEY));
- }
- } else {
- if ((keyData->classFlags & NSC_PRIVATE) &&
- pk11_tokenMatch(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_PRIV,
- keyData->template, keyData->templ_count)) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(keyData->slot,&tmpDBKey,PK11_TOKEN_TYPE_PRIV));
- }
- if ((keyData->classFlags & NSC_PUBLIC) &&
- pk11_tokenMatch(keyData->slot, &tmpDBKey, PK11_TOKEN_TYPE_PUB,
- keyData->template, keyData->templ_count)) {
- pk11_addHandle(keyData->searchHandles,
- pk11_mkHandle(keyData->slot, &tmpDBKey,PK11_TOKEN_TYPE_PUB));
- }
- }
-
-loser:
- if ( privKey ) {
- nsslowkey_DestroyPrivateKey(privKey);
- }
- return(SECSuccess);
-}
-
-static void
-pk11_searchKeys(PK11Slot *slot, SECItem *key_id, PRBool isLoggedIn,
- unsigned long classFlags, PK11SearchResults *search,
- CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
-{
- NSSLOWKEYDBHandle *keyHandle = NULL;
- NSSLOWKEYPrivateKey *privKey;
- pk11KeyData keyData;
-
- keyHandle = slot->keyDB;
- if (keyHandle == NULL) {
- return;
- }
-
- if (key_id->data) {
- privKey = nsslowkey_FindKeyByPublicKey(keyHandle, key_id, slot->password);
- if (privKey) {
- if (classFlags & NSC_KEY) {
- pk11_addHandle(search,
- pk11_mkHandle(slot,key_id,PK11_TOKEN_TYPE_KEY));
- }
- if (classFlags & NSC_PRIVATE) {
- pk11_addHandle(search,
- pk11_mkHandle(slot,key_id,PK11_TOKEN_TYPE_PRIV));
- }
- if (classFlags & NSC_PUBLIC) {
- pk11_addHandle(search,
- pk11_mkHandle(slot,key_id,PK11_TOKEN_TYPE_PUB));
- }
- nsslowkey_DestroyPrivateKey(privKey);
- }
- /* don't do the traversal if we have an up to date db */
- if (keyHandle->version != 3) {
- return;
- }
- }
- keyData.slot = slot;
- keyData.searchHandles = search;
- keyData.id = key_id;
- keyData.template = pTemplate;
- keyData.templ_count = ulCount;
- keyData.isLoggedIn = isLoggedIn;
- keyData.classFlags = classFlags;
- keyData.strict = NSC_STRICT;
-
- nsslowkey_TraverseKeys(keyHandle, pk11_key_collect, &keyData);
-}
-
-/*
- * structure to collect certs into
- */
-typedef struct pk11CertDataStr {
- PK11Slot *slot;
- int cert_count;
- int max_cert_count;
- NSSLOWCERTCertificate **certs;
- CK_ATTRIBUTE *template;
- CK_ULONG templ_count;
- unsigned long classFlags;
- PRBool strict;
-} pk11CertData;
-
-/*
- * collect all the certs from the traverse call.
- */
-static SECStatus
-pk11_cert_collect(NSSLOWCERTCertificate *cert,void *arg)
-{
- pk11CertData *cd = (pk11CertData *)arg;
-
- if (cd->certs == NULL) {
- return SECFailure;
- }
-
- if (cd->strict) {
- if ((cd->classFlags & NSC_CERT) && !pk11_tokenMatch(cd->slot,
- &cert->certKey, PK11_TOKEN_TYPE_CERT, cd->template,cd->templ_count)) {
- return SECSuccess;
- }
- if ((cd->classFlags & NSC_TRUST) && !pk11_tokenMatch(cd->slot,
- &cert->certKey, PK11_TOKEN_TYPE_TRUST,
- cd->template, cd->templ_count)) {
- return SECSuccess;
- }
- }
-
- /* allocate more space if we need it. This should only happen in
- * the general traversal case */
- if (cd->cert_count >= cd->max_cert_count) {
- int size;
- cd->max_cert_count += NSC_CERT_BLOCK_SIZE;
- size = cd->max_cert_count * sizeof (NSSLOWCERTCertificate *);
- cd->certs = (NSSLOWCERTCertificate **)PORT_Realloc(cd->certs,size);
- if (cd->certs == NULL) {
- return SECFailure;
- }
- }
-
- cd->certs[cd->cert_count++] = nsslowcert_DupCertificate(cert);
- return SECSuccess;
-}
-
-/* provide impedence matching ... */
-static SECStatus
-pk11_cert_collect2(NSSLOWCERTCertificate *cert, SECItem *dymmy, void *arg)
-{
- return pk11_cert_collect(cert, arg);
-}
-
-static void
-pk11_searchSingleCert(pk11CertData *certData,NSSLOWCERTCertificate *cert)
-{
- if (cert == NULL) {
- return;
- }
- if (certData->strict &&
- !pk11_tokenMatch(certData->slot, &cert->certKey, PK11_TOKEN_TYPE_CERT,
- certData->template,certData->templ_count)) {
- nsslowcert_DestroyCertificate(cert);
- return;
- }
- certData->certs = (NSSLOWCERTCertificate **)
- PORT_Alloc(sizeof (NSSLOWCERTCertificate *));
- if (certData->certs == NULL) {
- nsslowcert_DestroyCertificate(cert);
- return;
- }
- certData->certs[0] = cert;
- certData->cert_count = 1;
-}
-
-static void
-pk11_CertSetupData(pk11CertData *certData,int count)
-{
- certData->max_cert_count = count;
-
- if (certData->max_cert_count <= 0) {
- return;
- }
- certData->certs = (NSSLOWCERTCertificate **)
- PORT_Alloc( count * sizeof(NSSLOWCERTCertificate *));
- return;
-}
-
-static void
-pk11_searchCertsAndTrust(PK11Slot *slot, SECItem *derCert, SECItem *name,
- SECItem *derSubject, NSSLOWCERTIssuerAndSN *issuerSN,
- SECItem *email,
- unsigned long classFlags, PK11SearchResults *handles,
- CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
- NSSLOWCERTCertDBHandle *certHandle = NULL;
- pk11CertData certData;
- int i;
-
- certHandle = slot->certDB;
- if (certHandle == NULL) return;
-
- certData.slot = slot;
- certData.max_cert_count = 0;
- certData.certs = NULL;
- certData.cert_count = 0;
- certData.template = pTemplate;
- certData.templ_count = ulCount;
- certData.classFlags = classFlags;
- certData.strict = NSC_STRICT;
-
-
- /*
- * Find the Cert.
- */
- if (derCert->data != NULL) {
- NSSLOWCERTCertificate *cert =
- nsslowcert_FindCertByDERCert(certHandle,derCert);
- pk11_searchSingleCert(&certData,cert);
- } else if (name->data != NULL) {
- char *tmp_name = (char*)PORT_Alloc(name->len+1);
- int count;
-
- if (tmp_name == NULL) {
- return;
- }
- PORT_Memcpy(tmp_name,name->data,name->len);
- tmp_name[name->len] = 0;
-
- count= nsslowcert_NumPermCertsForNickname(certHandle,tmp_name);
- pk11_CertSetupData(&certData,count);
- nsslowcert_TraversePermCertsForNickname(certHandle,tmp_name,
- pk11_cert_collect, &certData);
- PORT_Free(tmp_name);
- } else if (derSubject->data != NULL) {
- int count;
-
- count = nsslowcert_NumPermCertsForSubject(certHandle,derSubject);
- pk11_CertSetupData(&certData,count);
- nsslowcert_TraversePermCertsForSubject(certHandle,derSubject,
- pk11_cert_collect, &certData);
- } else if ((issuerSN->derIssuer.data != NULL) &&
- (issuerSN->serialNumber.data != NULL)) {
- NSSLOWCERTCertificate *cert =
- nsslowcert_FindCertByIssuerAndSN(certHandle,issuerSN);
-
- pk11_searchSingleCert(&certData,cert);
- } else if (email->data != NULL) {
- char *tmp_name = (char*)PORT_Alloc(email->len+1);
- certDBEntrySMime *entry = NULL;
-
- if (tmp_name == NULL) {
- return;
- }
- PORT_Memcpy(tmp_name,email->data,email->len);
- tmp_name[email->len] = 0;
-
- entry = nsslowcert_ReadDBSMimeEntry(certHandle,tmp_name);
- if (entry) {
- int count;
- SECItem *subjectName = &entry->subjectName;
-
- count = nsslowcert_NumPermCertsForSubject(certHandle, subjectName);
- pk11_CertSetupData(&certData,count);
- nsslowcert_TraversePermCertsForSubject(certHandle, subjectName,
- pk11_cert_collect, &certData);
-
- nsslowcert_DestroyDBEntry((certDBEntry *)entry);
- }
- PORT_Free(tmp_name);
- } else {
- /* we aren't filtering the certs, we are working on all, so turn
- * on the strict filters. */
- certData.strict = PR_TRUE;
- pk11_CertSetupData(&certData,NSC_CERT_BLOCK_SIZE);
- nsslowcert_TraversePermCerts(certHandle, pk11_cert_collect2, &certData);
- }
-
- /*
- * build the handles
- */
- for (i=0 ; i < certData.cert_count ; i++) {
- NSSLOWCERTCertificate *cert = certData.certs[i];
-
- /* if we filtered it would have been on the stuff above */
- if (classFlags & NSC_CERT) {
- pk11_addHandle(handles,
- pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_CERT));
- }
- if ((classFlags & NSC_TRUST) && nsslowcert_hasTrust(cert)) {
- pk11_addHandle(handles,
- pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_TRUST));
- }
- nsslowcert_DestroyCertificate(cert);
- }
-
- if (certData.certs) PORT_Free(certData.certs);
- return;
-}
-
-static void
-pk11_searchSMime(PK11Slot *slot, SECItem *email, PK11SearchResults *handles,
- CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
- NSSLOWCERTCertDBHandle *certHandle = NULL;
- certDBEntrySMime *entry;
-
- certHandle = slot->certDB;
- if (certHandle == NULL) return;
-
- if (email->data != NULL) {
- char *tmp_name = (char*)PORT_Alloc(email->len+1);
-
- if (tmp_name == NULL) {
- return;
- }
- PORT_Memcpy(tmp_name,email->data,email->len);
- tmp_name[email->len] = 0;
-
- entry = nsslowcert_ReadDBSMimeEntry(certHandle,tmp_name);
- if (entry) {
- SECItem emailKey;
-
- emailKey.data = (unsigned char *)tmp_name;
- emailKey.len = PORT_Strlen(tmp_name)+1;
- pk11_addHandle(handles,
- pk11_mkHandle(slot,&emailKey,PK11_TOKEN_TYPE_SMIME));
- nsslowcert_DestroyDBEntry((certDBEntry *)entry);
- }
- PORT_Free(tmp_name);
- }
- return;
-}
-
-static void
-pk11_searchSMimeForCert(PK11Slot *slot, SECItem *email,
- unsigned long classFlags,
- PK11SearchResults *handles,
- CK_ATTRIBUTE *pTemplate, CK_LONG ulCount)
-{
- NSSLOWCERTCertDBHandle *certHandle = NULL;
- certDBEntrySMime *entry;
- int i;
-
- certHandle = slot->certDB;
- if (certHandle == NULL) return;
-
- if (email->data != NULL) {
- char *tmp_name = (char*)PORT_Alloc(email->len+1);
-
- if (tmp_name == NULL) {
- return;
- }
- PORT_Memcpy(tmp_name,email->data,email->len);
- tmp_name[email->len] = 0;
-
- entry = nsslowcert_ReadDBSMimeEntry(certHandle,tmp_name);
- if (entry) {
- int count;
- pk11CertData certData;
- certData.slot = slot;
- certData.max_cert_count = 0;
- certData.certs = NULL;
- certData.cert_count = 0;
- certData.template = pTemplate;
- certData.templ_count = ulCount;
- certData.classFlags = classFlags;
- certData.strict = NSC_STRICT;
- count = nsslowcert_NumPermCertsForSubject(certHandle,&entry->subjectName);
- pk11_CertSetupData(&certData,count);
- nsslowcert_TraversePermCertsForSubject(certHandle,&entry->subjectName,
- pk11_cert_collect, &certData);
-
- /*
- * build the handles
- */
- for (i=0 ; i < certData.cert_count ; i++) {
- NSSLOWCERTCertificate *cert = certData.certs[i];
- pk11_addHandle(handles,
- pk11_mkHandle(slot,&cert->certKey,PK11_TOKEN_TYPE_CERT));
- nsslowcert_DestroyCertificate(cert);
- }
-
- nsslowcert_DestroyDBEntry((certDBEntry *)entry);
- if (certData.certs) PORT_Free(certData.certs);
- }
- PORT_Free(tmp_name);
- }
- return;
-}
-
-
-static CK_RV
-pk11_searchTokenList(PK11Slot *slot, PK11SearchResults *search,
- CK_ATTRIBUTE *pTemplate, CK_LONG ulCount,
- PRBool *tokenOnly, PRBool isLoggedIn)
-{
- int i;
- PRBool isKrl = PR_FALSE;
- SECItem derCert = { siBuffer, NULL, 0 };
- SECItem derSubject = { siBuffer, NULL, 0 };
- SECItem name = { siBuffer, NULL, 0 };
- SECItem email = { siBuffer, NULL, 0 };
- SECItem key_id = { siBuffer, NULL, 0 };
- SECItem cert_sha1_hash = { siBuffer, NULL, 0 };
- SECItem cert_md5_hash = { siBuffer, NULL, 0 };
- NSSLOWCERTIssuerAndSN issuerSN = {
- { siBuffer, NULL, 0 },
- { siBuffer, NULL, 0 }
- };
- SECItem *copy = NULL;
- unsigned long classFlags =
- NSC_CERT|NSC_TRUST|NSC_PRIVATE|NSC_PUBLIC|NSC_KEY|NSC_SMIME;
-
- /* if we aren't logged in, don't look for private or secret keys */
- if (!isLoggedIn) {
- classFlags &= ~(NSC_PRIVATE|NSC_KEY);
- }
-
- /*
- * look for things to search on token objects for. If the right options
- * are specified, we can use them as direct indeces into the database
- * (rather than using linear searches. We can also use the attributes to
- * limit the kinds of objects we are searching for. Later we can use this
- * array to filter the remaining objects more finely.
- */
- for (i=0 ;classFlags && i < (int)ulCount; i++) {
-
- switch (pTemplate[i].type) {
- case CKA_SUBJECT:
- copy = &derSubject;
- classFlags &= (NSC_CERT|NSC_PRIVATE|NSC_PUBLIC|NSC_SMIME);
- break;
- case CKA_ISSUER:
- copy = &issuerSN.derIssuer;
- classFlags &= (NSC_CERT|NSC_CRL|NSC_TRUST);
- break;
- case CKA_SERIAL_NUMBER:
- copy = &issuerSN.serialNumber;
- classFlags &= (NSC_CERT|NSC_TRUST);
- break;
- case CKA_VALUE:
- copy = &derCert;
- classFlags &= (NSC_CERT|NSC_CRL|NSC_SMIME);
- break;
- case CKA_LABEL:
- copy = &name;
- break;
- case CKA_NETSCAPE_EMAIL:
- copy = &email;
- classFlags &= NSC_SMIME|NSC_CERT;
- break;
- case CKA_NETSCAPE_SMIME_TIMESTAMP:
- classFlags &= NSC_SMIME;
- break;
- case CKA_CLASS:
- if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
- classFlags = 0;
- break;;
- }
- switch (*((CK_OBJECT_CLASS *)pTemplate[i].pValue)) {
- case CKO_CERTIFICATE:
- classFlags &= NSC_CERT;
- break;
- case CKO_NETSCAPE_TRUST:
- classFlags &= NSC_TRUST;
- break;
- case CKO_NETSCAPE_CRL:
- classFlags &= NSC_CRL;
- break;
- case CKO_NETSCAPE_SMIME:
- classFlags &= NSC_SMIME;
- break;
- case CKO_PRIVATE_KEY:
- classFlags &= NSC_PRIVATE;
- break;
- case CKO_PUBLIC_KEY:
- classFlags &= NSC_PUBLIC;
- break;
- case CKO_SECRET_KEY:
- classFlags &= NSC_KEY;
- break;
- default:
- classFlags = 0;
- break;
- }
- break;
- case CKA_PRIVATE:
- if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
- classFlags = 0;
- }
- if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
- classFlags &= (NSC_PRIVATE|NSC_KEY);
- } else {
- classFlags &= ~(NSC_PRIVATE|NSC_KEY);
- }
- break;
- case CKA_SENSITIVE:
- if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
- classFlags = 0;
- }
- if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
- classFlags &= (NSC_PRIVATE|NSC_KEY);
- } else {
- classFlags = 0;
- }
- break;
- case CKA_TOKEN:
- if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
- classFlags = 0;
- }
- if (*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE) {
- *tokenOnly = PR_TRUE;
- } else {
- classFlags = 0;
- }
- break;
- case CKA_CERT_SHA1_HASH:
- classFlags &= NSC_TRUST;
- copy = &cert_sha1_hash; break;
- case CKA_CERT_MD5_HASH:
- classFlags &= NSC_TRUST;
- copy = &cert_md5_hash; break;
- case CKA_CERTIFICATE_TYPE:
- if (pTemplate[i].ulValueLen != sizeof(CK_CERTIFICATE_TYPE)) {
- classFlags = 0;
- }
- classFlags &= NSC_CERT;
- if (*((CK_CERTIFICATE_TYPE *)pTemplate[i].pValue) != CKC_X_509) {
- classFlags = 0;
- }
- break;
- case CKA_ID:
- copy = &key_id;
- classFlags &= (NSC_CERT|NSC_PRIVATE|NSC_KEY|NSC_PUBLIC);
- break;
- case CKA_NETSCAPE_KRL:
- if (pTemplate[i].ulValueLen != sizeof(CK_BBOOL)) {
- classFlags = 0;
- }
- classFlags &= NSC_CRL;
- isKrl = (PRBool)(*((CK_BBOOL *)pTemplate[i].pValue) == CK_TRUE);
- break;
- case CKA_MODIFIABLE:
- break;
- case CKA_KEY_TYPE:
- case CKA_DERIVE:
- classFlags &= NSC_PUBLIC|NSC_PRIVATE|NSC_KEY;
- break;
- case CKA_VERIFY_RECOVER:
- classFlags &= NSC_PUBLIC;
- break;
- case CKA_SIGN_RECOVER:
- classFlags &= NSC_PRIVATE;
- break;
- case CKA_ENCRYPT:
- case CKA_VERIFY:
- case CKA_WRAP:
- classFlags &= NSC_PUBLIC|NSC_KEY;
- break;
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_UNWRAP:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_EXTRACTABLE:
- case CKA_NEVER_EXTRACTABLE:
- classFlags &= NSC_PRIVATE|NSC_KEY;
- break;
- /* can't be a certificate if it doesn't match one of the above
- * attributes */
- default:
- classFlags = 0;
- break;
- }
- if (copy) {
- copy->data = (unsigned char*)pTemplate[i].pValue;
- copy->len = pTemplate[i].ulValueLen;
- }
- copy = NULL;
- }
-
-
- /* certs */
- if (classFlags & (NSC_CERT|NSC_TRUST)) {
- pk11_searchCertsAndTrust(slot,&derCert,&name,&derSubject,
- &issuerSN, &email,classFlags,search,
- pTemplate, ulCount);
- }
-
- /* keys */
- if (classFlags & (NSC_PRIVATE|NSC_PUBLIC|NSC_KEY)) {
- pk11_searchKeys(slot, &key_id, isLoggedIn, classFlags, search,
- pTemplate, ulCount);
- }
-
- /* crl's */
- if (classFlags & NSC_CRL) {
- pk11_searchCrls(slot, &derSubject, isKrl, classFlags, search,
- pTemplate, ulCount);
- }
- /* Add S/MIME entry stuff */
- if (classFlags & NSC_SMIME) {
- pk11_searchSMime(slot, &email, search, pTemplate, ulCount);
- }
- return CKR_OK;
-}
-
-
-/* NSC_FindObjectsInit initializes a search for token and session objects
- * that match a template. */
-CK_RV NSC_FindObjectsInit(CK_SESSION_HANDLE hSession,
- CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount)
-{
- PK11SearchResults *search,*freeSearch;
- PK11Session *session = NULL;
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PRBool tokenOnly = PR_FALSE;
- CK_RV crv = CKR_OK;
- PRBool isLoggedIn;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- crv = CKR_SESSION_HANDLE_INVALID;
- goto loser;
- }
-
- search = (PK11SearchResults *)PORT_Alloc(sizeof(PK11SearchResults));
- if (search == NULL) {
- crv = CKR_HOST_MEMORY;
- goto loser;
- }
- search->handles = (CK_OBJECT_HANDLE *)
- PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * NSC_SEARCH_BLOCK_SIZE);
- if (search->handles == NULL) {
- crv = CKR_HOST_MEMORY;
- goto loser;
- }
- search->index = 0;
- search->size = 0;
- search->array_size = NSC_SEARCH_BLOCK_SIZE;
- isLoggedIn = (PRBool)((!slot->needLogin) || slot->isLoggedIn);
-
- crv = pk11_searchTokenList(slot, search, pTemplate, ulCount, &tokenOnly,
- isLoggedIn);
- if (crv != CKR_OK) {
- goto loser;
- }
-
- /* build list of found objects in the session */
- if (!tokenOnly) {
- crv = pk11_searchObjectList(search, slot->tokObjects,
- slot->objectLock, pTemplate, ulCount, isLoggedIn);
- }
- if (crv != CKR_OK) {
- goto loser;
- }
-
- if ((freeSearch = session->search) != NULL) {
- session->search = NULL;
- pk11_FreeSearch(freeSearch);
- }
- session->search = search;
- pk11_FreeSession(session);
- return CKR_OK;
-
-loser:
- if (freeSearch) {
- pk11_FreeSearch(freeSearch);
- }
- if (session) {
- pk11_FreeSession(session);
- }
- return crv;
-}
-
-
-/* NSC_FindObjects continues a search for token and session objects
- * that match a template, obtaining additional object handles. */
-CK_RV NSC_FindObjects(CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE_PTR phObject,CK_ULONG ulMaxObjectCount,
- CK_ULONG_PTR pulObjectCount)
-{
- PK11Session *session;
- PK11SearchResults *search;
- int transfer;
- int left;
-
- *pulObjectCount = 0;
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- if (session->search == NULL) {
- pk11_FreeSession(session);
- return CKR_OK;
- }
- search = session->search;
- left = session->search->size - session->search->index;
- transfer = ((int)ulMaxObjectCount > left) ? left : ulMaxObjectCount;
- if (transfer > 0) {
- PORT_Memcpy(phObject,&search->handles[search->index],
- transfer*sizeof(CK_OBJECT_HANDLE_PTR));
- } else {
- *phObject = CK_INVALID_HANDLE;
- }
-
- search->index += transfer;
- if (search->index == search->size) {
- session->search = NULL;
- pk11_FreeSearch(search);
- }
- *pulObjectCount = transfer;
- return CKR_OK;
-}
-
-/* NSC_FindObjectsFinal finishes a search for token and session objects. */
-CK_RV NSC_FindObjectsFinal(CK_SESSION_HANDLE hSession)
-{
- PK11Session *session;
- PK11SearchResults *search;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- search = session->search;
- session->search = NULL;
- if (search == NULL) {
- pk11_FreeSession(session);
- return CKR_OK;
- }
- pk11_FreeSearch(search);
- return CKR_OK;
-}
-
-
-
-CK_RV NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
- CK_VOID_PTR pReserved)
-{
- return CKR_FUNCTION_NOT_SUPPORTED;
-}
diff --git a/security/nss/lib/softoken/pkcs11.h b/security/nss/lib/softoken/pkcs11.h
deleted file mode 100644
index 9b54421e7..000000000
--- a/security/nss/lib/softoken/pkcs11.h
+++ /dev/null
@@ -1,319 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s): RSA Labs
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- *
- * The latest version of this header can be found at:
- * http://www.rsalabs.com/pkcs/pkcs-11/index.html
- */
-#ifndef _PKCS11_H_
-#define _PKCS11_H_ 1
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Before including this file (pkcs11.h) (or pkcs11t.h by
- * itself), 6 platform-specific macros must be defined. These
- * macros are described below, and typical definitions for them
- * are also given. Be advised that these definitions can depend
- * on both the platform and the compiler used (and possibly also
- * on whether a PKCS #11 library is linked statically or
- * dynamically).
- *
- * In addition to defining these 6 macros, the packing convention
- * for PKCS #11 structures should be set. The PKCS #11
- * convention on packing is that structures should be 1-byte
- * aligned.
- *
- * In a Win32 environment, this might be done by using the
- * following preprocessor directive before including pkcs11.h
- * or pkcs11t.h:
- *
- * #pragma pack(push, cryptoki, 1)
- *
- * and using the following preprocessor directive after including
- * pkcs11.h or pkcs11t.h:
- *
- * #pragma pack(pop, cryptoki)
- *
- * In a Win16 environment, this might be done by using the
- * following preprocessor directive before including pkcs11.h
- * or pkcs11t.h:
- *
- * #pragma pack(1)
- *
- * In a UNIX environment, you're on your own here. You might
- * not need to do anything.
- *
- *
- * Now for the macros:
- *
- *
- * 1. CK_PTR: The indirection string for making a pointer to an
- * object. It can be used like this:
- *
- * typedef CK_BYTE CK_PTR CK_BYTE_PTR;
- *
- * In a Win32 environment, it might be defined by
- *
- * #define CK_PTR *
- *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_PTR far *
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_PTR *
- *
- *
- * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
- * an exportable PKCS #11 library function definition out of a
- * return type and a function name. It should be used in the
- * following fashion to define the exposed PKCS #11 functions in
- * a PKCS #11 library:
- *
- * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
- * CK_VOID_PTR pReserved
- * )
- * {
- * ...
- * }
- *
- * For defining a function in a Win32 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- * returnType __declspec(dllexport) name
- *
- * For defining a function in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- * returnType __export _far _pascal name
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DEFINE_FUNCTION(returnType, name) \
- * returnType name
- *
- *
- * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
- * an importable PKCS #11 library function declaration out of a
- * return type and a function name. It should be used in the
- * following fashion:
- *
- * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
- * CK_VOID_PTR pReserved
- * );
- *
- * For declaring a function in a Win32 PKCS #11 .dll, it might
- * be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- * returnType __declspec(dllimport) name
- *
- * For declaring a function in a Win16 PKCS #11 .dll, it might
- * be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- * returnType __export _far _pascal name
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DECLARE_FUNCTION(returnType, name) \
- * returnType name
- *
- *
- * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
- * which makes a PKCS #11 API function pointer declaration or
- * function pointer type declaration out of a return type and a
- * function name. It should be used in the following fashion:
- *
- * // Define funcPtr to be a pointer to a PKCS #11 API function
- * // taking arguments args and returning CK_RV.
- * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
- *
- * or
- *
- * // Define funcPtrType to be the type of a pointer to a
- * // PKCS #11 API function taking arguments args and returning
- * // CK_RV, and then define funcPtr to be a variable of type
- * // funcPtrType.
- * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
- * funcPtrType funcPtr;
- *
- * For accessing functions in a Win32 PKCS #11 .dll, in might be
- * defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- * returnType __declspec(dllimport) (* name)
- *
- * For accessing functions in a Win16 PKCS #11 .dll, it might be
- * defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- * returnType __export _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
- * returnType (* name)
- *
- *
- * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
- * a function pointer type for an application callback out of
- * a return type for the callback and a name for the callback.
- * It should be used in the following fashion:
- *
- * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
- *
- * to declare a function pointer, myCallback, to a callback
- * which takes arguments args and returns a CK_RV. It can also
- * be used like this:
- *
- * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
- * myCallbackType myCallback;
- *
- * In a Win32 environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- * returnType (* name)
- *
- * In a Win16 environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- * returnType _far _pascal (* name)
- *
- * In a UNIX environment, it might be defined by
- *
- * #define CK_CALLBACK_FUNCTION(returnType, name) \
- * returnType (* name)
- *
- *
- * 6. NULL_PTR: This macro is the value of a NULL pointer.
- *
- * In any ANSI/ISO C environment (and in many others as well),
- * this should be defined by
- *
- * #ifndef NULL_PTR
- * #define NULL_PTR 0
- * #endif
- */
-
-
-/* All the various PKCS #11 types and #define'd values are in the
- * file pkcs11t.h. */
-#include "pkcs11t.h"
-
-#define __PASTE(x,y) x##y
-
-
-/* packing defines */
-#include "pkcs11p.h"
-/* ==============================================================
- * Define the "extern" form of all the entry points.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST 1
-#define CK_PKCS11_FUNCTION_INFO(name) \
- CK_DECLARE_FUNCTION(CK_RV, name)
-
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define the typedef form of all the entry points. That is, for
- * each PKCS #11 function C_XXX, define a type CK_C_XXX which is
- * a pointer to that kind of function.
- * ==============================================================
- */
-
-#define CK_NEED_ARG_LIST 1
-#define CK_PKCS11_FUNCTION_INFO(name) \
- typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
-
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-#undef CK_NEED_ARG_LIST
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-/* ==============================================================
- * Define structed vector of entry points. A CK_FUNCTION_LIST
- * contains a CK_VERSION indicating a library's PKCS #11 version
- * and then a whole slew of function pointers to the routines in
- * the library. This type was declared, but not defined, in
- * pkcs11t.h.
- * ==============================================================
- */
-
-#define CK_PKCS11_FUNCTION_INFO(name) \
- __PASTE(CK_,name) name;
-
-struct CK_FUNCTION_LIST {
-
- CK_VERSION version; /* PKCS #11 version */
-
-/* Pile all the function pointers into the CK_FUNCTION_LIST. */
-/* pkcs11f.h has all the information about the PKCS #11
- * function prototypes. */
-#include "pkcs11f.h"
-
-};
-
-#undef CK_PKCS11_FUNCTION_INFO
-
-
-#undef __PASTE
-
-/* unpack */
-#include "pkcs11u.h"
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c
deleted file mode 100644
index 997002c71..000000000
--- a/security/nss/lib/softoken/pkcs11c.c
+++ /dev/null
@@ -1,5177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * This file implements PKCS 11 on top of our existing security modules
- *
- * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
- * This implementation has two slots:
- * slot 1 is our generic crypto support. It does not require login.
- * It supports Public Key ops, and all they bulk ciphers and hashes.
- * It can also support Private Key ops for imported Private keys. It does
- * not have any token storage.
- * slot 2 is our private key support. It requires a login before use. It
- * can store Private Keys and Certs as token objects. Currently only private
- * keys and their associated Certificates are saved on the token.
- *
- * In this implementation, session objects are only visible to the session
- * that created or generated them.
- */
-#include "seccomon.h"
-#include "secitem.h"
-#include "secport.h"
-#include "blapi.h"
-#include "pkcs11.h"
-#include "pkcs11i.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "sechash.h"
-#include "secder.h"
-#include "secdig.h"
-#include "lowpbe.h" /* We do PBE below */
-#include "pkcs11t.h"
-#include "secoid.h"
-#include "alghmac.h"
-#include "softoken.h"
-#include "secasn1.h"
-/*#include "secmodi.h" */
-
-#include "pcert.h"
-#include "ssl3prot.h" /* for SSL3_RANDOM_LENGTH */
-
-#define __PASTE(x,y) x##y
-
-/*
- * we renamed all our internal functions, get the correct
- * definitions for them...
- */
-#undef CK_PKCS11_FUNCTION_INFO
-#undef CK_NEED_ARG_LIST
-
-#define CK_EXTERN extern
-#define CK_PKCS11_FUNCTION_INFO(func) \
- CK_RV __PASTE(NS,func)
-#define CK_NEED_ARG_LIST 1
-
-#include "pkcs11f.h"
-
-
-/* forward static declaration. */
-static SECStatus pk11_PRF(const SECItem *secret, const char *label,
- SECItem *seed, SECItem *result);
-
-#define PK11_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb)))
-
-static void pk11_Null(void *data, PRBool freeit)
-{
- return;
-}
-
-/*
- * free routines.... Free local type allocated data, and convert
- * other free routines to the destroy signature.
- */
-static void
-pk11_FreePrivKey(NSSLOWKEYPrivateKey *key, PRBool freeit)
-{
- nsslowkey_DestroyPrivateKey(key);
-}
-
-static void
-pk11_HMAC_Destroy(HMACContext *context, PRBool freeit)
-{
- HMAC_Destroy(context);
-}
-
-static void
-pk11_Space(void *data, PRBool freeit)
-{
- PORT_Free(data);
-}
-
-
-/*
- * turn a CDMF key into a des key. CDMF is an old IBM scheme to export DES by
- * Deprecating a full des key to 40 bit key strenth.
- */
-static CK_RV
-pk11_cdmf2des(unsigned char *cdmfkey, unsigned char *deskey)
-{
- unsigned char key1[8] = { 0xc4, 0x08, 0xb0, 0x54, 0x0b, 0xa1, 0xe0, 0xae };
- unsigned char key2[8] = { 0xef, 0x2c, 0x04, 0x1c, 0xe6, 0x38, 0x2f, 0xe6 };
- unsigned char enc_src[8];
- unsigned char enc_dest[8];
- unsigned int leng,i;
- DESContext *descx;
- SECStatus rv;
-
-
- /* zero the parity bits */
- for (i=0; i < 8; i++) {
- enc_src[i] = cdmfkey[i] & 0xfe;
- }
-
- /* encrypt with key 1 */
- descx = DES_CreateContext(key1, NULL, NSS_DES, PR_TRUE);
- if (descx == NULL) return CKR_HOST_MEMORY;
- rv = DES_Encrypt(descx, enc_dest, &leng, 8, enc_src, 8);
- DES_DestroyContext(descx,PR_TRUE);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-
- /* xor source with des, zero the parity bits and depricate the key*/
- for (i=0; i < 8; i++) {
- if (i & 1) {
- enc_src[i] = (enc_src[i] ^ enc_dest[i]) & 0xfe;
- } else {
- enc_src[i] = (enc_src[i] ^ enc_dest[i]) & 0x0e;
- }
- }
-
- /* encrypt with key 2 */
- descx = DES_CreateContext(key2, NULL, NSS_DES, PR_TRUE);
- if (descx == NULL) return CKR_HOST_MEMORY;
- rv = DES_Encrypt(descx, deskey, &leng, 8, enc_src, 8);
- DES_DestroyContext(descx,PR_TRUE);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
-
- /* set the corret parity on our new des key */
- pk11_FormatDESKey(deskey, 8);
- return CKR_OK;
-}
-
-
-static CK_RV
-pk11_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE etype,
- PK11ContextType contextType, PRBool isEncrypt);
-/*
- * Calculate a Lynx checksum for CKM_LYNX_WRAP mechanism.
- */
-static CK_RV
-pk11_calcLynxChecksum(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hWrapKey,
- unsigned char *checksum, unsigned char *key, CK_ULONG len)
-{
-
- CK_BYTE E[10];
- CK_ULONG Elen = sizeof (E);
- CK_BYTE C[8];
- CK_ULONG Clen = sizeof (C);
- unsigned short sum1 = 0, sum2 = 0;
- CK_MECHANISM mech = { CKM_DES_ECB, NULL, 0 };
- int i;
- CK_RV crv;
-
- if (len != 8) return CKR_WRAPPED_KEY_LEN_RANGE;
-
- /* zero the parity bits */
- for (i=0; i < 8; i++) {
- sum1 = sum1 + key[i];
- sum2 = sum2 + sum1;
- }
-
- /* encrypt with key 1 */
-
- crv = pk11_CryptInit(hSession,&mech,hWrapKey,CKA_WRAP, PK11_ENCRYPT,
- PR_TRUE);
- if (crv != CKR_OK) return crv;
-
- crv = NSC_Encrypt(hSession,key,len,E,&Elen);
- if (crv != CKR_OK) return crv;
-
- E[8] = (sum2 >> 8) & 0xff;
- E[9] = sum2 & 0xff;
-
- crv = pk11_CryptInit(hSession,&mech,hWrapKey,CKA_WRAP, PK11_ENCRYPT,
- PR_TRUE);
- if (crv != CKR_OK) return crv;
-
- crv = NSC_Encrypt(hSession,&E[2],len,C,&Clen);
- if (crv != CKR_OK) return crv;
-
- checksum[0] = C[6];
- checksum[1] = C[7];
-
- return CKR_OK;
-}
-/* NSC_DestroyObject destroys an object. */
-CK_RV
-NSC_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
-{
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- PK11Session *session;
- PK11Object *object;
- PK11FreeStatus status;
-
- /*
- * This whole block just makes sure we really can destroy the
- * requested object.
- */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- object = pk11_ObjectFromHandle(hObject,session);
- if (object == NULL) {
- pk11_FreeSession(session);
- return CKR_OBJECT_HANDLE_INVALID;
- }
-
- /* don't destroy a private object if we aren't logged in */
- if ((!slot->isLoggedIn) && (slot->needLogin) &&
- (pk11_isTrue(object,CKA_PRIVATE))) {
- pk11_FreeSession(session);
- pk11_FreeObject(object);
- return CKR_USER_NOT_LOGGED_IN;
- }
-
- /* don't destroy a token object if we aren't in a rw session */
-
- if (((session->info.flags & CKF_RW_SESSION) == 0) &&
- (pk11_isTrue(object,CKA_TOKEN))) {
- pk11_FreeSession(session);
- pk11_FreeObject(object);
- return CKR_SESSION_READ_ONLY;
- }
-
- pk11_DeleteObject(session,object);
-
- pk11_FreeSession(session);
-
- /*
- * get some indication if the object is destroyed. Note: this is not
- * 100%. Someone may have an object reference outstanding (though that
- * should not be the case by here. Also note that the object is "half"
- * destroyed. Our internal representation is destroyed, but it may still
- * be in the data base.
- */
- status = pk11_FreeObject(object);
-
- return (status != PK11_DestroyFailure) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/*
- ************** Crypto Functions: Utilities ************************
- */
-
-
-/*
- * return a context based on the PK11Context type.
- */
-PK11SessionContext *
-pk11_ReturnContextByType(PK11Session *session, PK11ContextType type)
-{
- switch (type) {
- case PK11_ENCRYPT:
- case PK11_DECRYPT:
- return session->enc_context;
- case PK11_HASH:
- return session->hash_context;
- case PK11_SIGN:
- case PK11_SIGN_RECOVER:
- case PK11_VERIFY:
- case PK11_VERIFY_RECOVER:
- return session->hash_context;
- }
- return NULL;
-}
-
-/*
- * change a context based on the PK11Context type.
- */
-void
-pk11_SetContextByType(PK11Session *session, PK11ContextType type,
- PK11SessionContext *context)
-{
- switch (type) {
- case PK11_ENCRYPT:
- case PK11_DECRYPT:
- session->enc_context = context;
- break;
- case PK11_HASH:
- session->hash_context = context;
- break;
- case PK11_SIGN:
- case PK11_SIGN_RECOVER:
- case PK11_VERIFY:
- case PK11_VERIFY_RECOVER:
- session->hash_context = context;
- break;
- }
- return;
-}
-
-/*
- * code to grab the context. Needed by every C_XXXUpdate, C_XXXFinal,
- * and C_XXX function. The function takes a session handle, the context type,
- * and wether or not the session needs to be multipart. It returns the context,
- * and optionally returns the session pointer (if sessionPtr != NULL) if session
- * pointer is returned, the caller is responsible for freeing it.
- */
-static CK_RV
-pk11_GetContext(CK_SESSION_HANDLE handle,PK11SessionContext **contextPtr,
- PK11ContextType type, PRBool needMulti, PK11Session **sessionPtr)
-{
- PK11Session *session;
- PK11SessionContext *context;
-
- session = pk11_SessionFromHandle(handle);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- context = pk11_ReturnContextByType(session,type);
- /* make sure the context is valid */
- if((context==NULL)||(context->type!=type)||(needMulti&&!(context->multi))){
- pk11_FreeSession(session);
- return CKR_OPERATION_NOT_INITIALIZED;
- }
- *contextPtr = context;
- if (sessionPtr != NULL) {
- *sessionPtr = session;
- } else {
- pk11_FreeSession(session);
- }
- return CKR_OK;
-}
-
-/*
- ************** Crypto Functions: Encrypt ************************
- */
-
-/*
- * All the NSC_InitXXX functions have a set of common checks and processing they
- * all need to do at the beginning. This is done here.
- */
-static CK_RV
-pk11_InitGeneric(PK11Session *session,PK11SessionContext **contextPtr,
- PK11ContextType ctype,PK11Object **keyPtr,
- CK_OBJECT_HANDLE hKey, CK_KEY_TYPE *keyTypePtr,
- CK_OBJECT_CLASS pubKeyType, CK_ATTRIBUTE_TYPE operation)
-{
- PK11Object *key = NULL;
- PK11Attribute *att;
- PK11SessionContext *context;
-
- /* We can only init if there is not current context active */
- if (pk11_ReturnContextByType(session,ctype) != NULL) {
- return CKR_OPERATION_ACTIVE;
- }
-
- /* find the key */
- if (keyPtr) {
- key = pk11_ObjectFromHandle(hKey,session);
- if (key == NULL) {
- return CKR_KEY_HANDLE_INVALID;
- }
-
- /* make sure it's a valid key for this operation */
- if (((key->objclass != CKO_SECRET_KEY) && (key->objclass != pubKeyType))
- || !pk11_isTrue(key,operation)) {
- pk11_FreeObject(key);
- return CKR_KEY_TYPE_INCONSISTENT;
- }
- /* get the key type */
- att = pk11_FindAttribute(key,CKA_KEY_TYPE);
- PORT_Assert(att != NULL);
- *keyTypePtr = *(CK_KEY_TYPE *)att->attrib.pValue;
- pk11_FreeAttribute(att);
- *keyPtr = key;
- }
-
- /* allocate the context structure */
- context = (PK11SessionContext *)PORT_Alloc(sizeof(PK11SessionContext));
- if (context == NULL) {
- if (key) pk11_FreeObject(key);
- return CKR_HOST_MEMORY;
- }
- context->type = ctype;
- context->multi = PR_TRUE;
- context->cipherInfo = NULL;
- context->hashInfo = NULL;
- context->doPad = PR_FALSE;
- context->padDataLength = 0;
- context->key = key;
-
- *contextPtr = context;
- return CKR_OK;
-}
-
-/* NSC_CryptInit initializes an encryption/Decryption operation. */
-/* This function is used by NSC_EncryptInit and NSC_WrapKey. The only difference
- * in their uses if whether or not etype is CKA_ENCRYPT or CKA_WRAP */
-static CK_RV
-pk11_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE etype,
- PK11ContextType contextType, PRBool isEncrypt)
-{
- PK11Session *session;
- PK11Object *key;
- PK11SessionContext *context;
- PK11Attribute *att;
- CK_RC2_CBC_PARAMS *rc2_param;
-#if NSS_SOFTOKEN_DOES_RC5
- CK_RC5_CBC_PARAMS *rc5_param;
- SECItem rc5Key;
-#endif
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- unsigned effectiveKeyLength;
- unsigned char newdeskey[8];
- PRBool useNewKey=PR_FALSE;
- int t;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-
- crv = pk11_InitGeneric(session,&context,contextType,&key,hKey,&key_type,
- isEncrypt ?CKO_PUBLIC_KEY:CKO_PRIVATE_KEY, etype);
-
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
- context->doPad = PR_FALSE;
- switch(pMechanism->mechanism) {
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- if (key_type != CKK_RSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- context->multi = PR_FALSE;
- context->cipherInfo = isEncrypt ?
- (void *)pk11_GetPubKey(key,CKK_RSA) :
- (void *)pk11_GetPrivKey(key,CKK_RSA);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- if (isEncrypt) {
- context->update = (PK11Cipher)
- (pMechanism->mechanism == CKM_RSA_X_509
- ? RSA_EncryptRaw : RSA_EncryptBlock);
- } else {
- context->update = (PK11Cipher)
- (pMechanism->mechanism == CKM_RSA_X_509
- ? RSA_DecryptRaw : RSA_DecryptBlock);
- }
- context->destroy = pk11_Null;
- break;
- case CKM_RC2_CBC_PAD:
- context->doPad = PR_TRUE;
- context->blockSize = 8;
- /* fall thru */
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- if (key_type != CKK_RC2) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- rc2_param = (CK_RC2_CBC_PARAMS *)pMechanism->pParameter;
- effectiveKeyLength = (rc2_param->ulEffectiveBits+7)/8;
- context->cipherInfo =
- RC2_CreateContext((unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen, rc2_param->iv,
- pMechanism->mechanism == CKM_RC2_ECB ? NSS_RC2 :
- NSS_RC2_CBC,effectiveKeyLength);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? RC2_Encrypt : RC2_Decrypt);
- context->destroy = (PK11Destroy) RC2_DestroyContext;
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case CKM_RC5_CBC_PAD:
- context->doPad = PR_TRUE;
- /* fall thru */
- case CKM_RC5_ECB:
- case CKM_RC5_CBC:
- if (key_type != CKK_RC5) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- rc5_param = (CK_RC5_CBC_PARAMS *)pMechanism->pParameter;
- if (context->doPad) {
- context->blockSize = rc5_param->ulWordsize*2;
- }
- rc5Key.data = (unsigned char*)att->attrib.pValue;
- rc5Key.len = att->attrib.ulValueLen;
- context->cipherInfo = RC5_CreateContext(&rc5Key,rc5_param->ulRounds,
- rc5_param->ulWordsize,rc5_param->pIv,
- pMechanism->mechanism == CKM_RC5_ECB ? NSS_RC5 : NSS_RC5_CBC);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? RC5_Encrypt : RC5_Decrypt);
- context->destroy = (PK11Destroy) RC5_DestroyContext;
- break;
-#endif
- case CKM_RC4:
- if (key_type != CKK_RC4) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- context->cipherInfo =
- RC4_CreateContext((unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY; /* WRONG !!! */
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? RC4_Encrypt : RC4_Decrypt);
- context->destroy = (PK11Destroy) RC4_DestroyContext;
- break;
- case CKM_CDMF_CBC_PAD:
- context->doPad = PR_TRUE;
- context->blockSize = 8;
- /* fall thru */
- case CKM_CDMF_ECB:
- case CKM_CDMF_CBC:
- if (key_type != CKK_CDMF) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = (pMechanism->mechanism == CKM_CDMF_ECB) ? NSS_DES : NSS_DES_CBC;
- useNewKey=PR_TRUE;
- if (crv != CKR_OK) break;
- goto finish_des;
- case CKM_DES_ECB:
- if (key_type != CKK_DES) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = NSS_DES;
- goto finish_des;
- case CKM_DES_CBC_PAD:
- context->doPad = PR_TRUE;
- context->blockSize = 8;
- /* fall thru */
- case CKM_DES_CBC:
- if (key_type != CKK_DES) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = NSS_DES_CBC;
- goto finish_des;
- case CKM_DES3_ECB:
- if ((key_type != CKK_DES2) && (key_type != CKK_DES3)) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = NSS_DES_EDE3;
- goto finish_des;
- case CKM_DES3_CBC_PAD:
- context->doPad = PR_TRUE;
- context->blockSize = 8;
- /* fall thru */
- case CKM_DES3_CBC:
- if ((key_type != CKK_DES2) && (key_type != CKK_DES3)) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- t = NSS_DES_EDE3_CBC;
-finish_des:
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- if (useNewKey) {
- crv = pk11_cdmf2des((unsigned char*)att->attrib.pValue,newdeskey);
- if (crv != CKR_OK) {
- pk11_FreeAttribute(att);
- break;
- }
- }
- context->cipherInfo = DES_CreateContext(
- useNewKey ? newdeskey : (unsigned char*)att->attrib.pValue,
- (unsigned char*)pMechanism->pParameter,t, isEncrypt);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? DES_Encrypt : DES_Decrypt);
- context->destroy = (PK11Destroy) DES_DestroyContext;
-
- break;
- case CKM_AES_CBC_PAD:
- context->doPad = PR_TRUE;
- context->blockSize = 16;
- /* fall thru */
- case CKM_AES_ECB:
- case CKM_AES_CBC:
- if (key_type != CKK_AES) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att = pk11_FindAttribute(key,CKA_VALUE);
- if (att == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- context->cipherInfo = AES_CreateContext(
- (unsigned char*)att->attrib.pValue,
- (unsigned char*)pMechanism->pParameter,
- pMechanism->mechanism == CKM_AES_ECB ? NSS_AES : NSS_AES_CBC,
- isEncrypt, att->attrib.ulValueLen, 16);
- pk11_FreeAttribute(att);
- if (context->cipherInfo == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->update = (PK11Cipher) (isEncrypt ? AES_Encrypt : AES_Decrypt);
- context->destroy = (PK11Destroy) AES_DestroyContext;
-
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, contextType, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-/* NSC_EncryptInit initializes an encryption operation. */
-CK_RV NSC_EncryptInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
-{
- return pk11_CryptInit(hSession, pMechanism, hKey, CKA_ENCRYPT,
- PK11_ENCRYPT, PR_TRUE);
-}
-
-/* NSC_EncryptUpdate continues a multiple-part encryption operation. */
-CK_RV NSC_EncryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen)
-{
- PK11SessionContext *context;
- unsigned int outlen,i;
- unsigned int padoutlen = 0;
- unsigned int maxout = *pulEncryptedPartLen;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_TRUE,NULL);
- if (crv != CKR_OK) return crv;
-
- /* do padding */
- if (context->doPad) {
- /* deal with previous buffered data */
- if (context->padDataLength != 0) {
- /* fill in the padded to a full block size */
- for (i=context->padDataLength;
- (ulPartLen != 0) && i < context->blockSize; i++) {
- context->padBuf[i] = *pPart++;
- ulPartLen--;
- context->padDataLength++;
- }
-
- /* not enough data to encrypt yet? then return */
- if (context->padDataLength != context->blockSize) {
- *pulEncryptedPartLen = 0;
- return CKR_OK;
- }
- /* encrypt the current padded data */
- rv = (*context->update)(context->cipherInfo,pEncryptedPart,
- &outlen,context->blockSize,context->padBuf,context->blockSize);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- pEncryptedPart += padoutlen;
- maxout -= padoutlen;
- }
- /* save the residual */
- context->padDataLength = ulPartLen % context->blockSize;
- if (context->padDataLength) {
- PORT_Memcpy(context->padBuf,
- &pPart[ulPartLen-context->padDataLength],
- context->padDataLength);
- ulPartLen -= context->padDataLength;
- }
- /* if we've exhausted our new buffer, we're done */
- if (ulPartLen == 0) {
- *pulEncryptedPartLen = padoutlen;
- return CKR_OK;
- }
- }
-
-
-
- /* do it: NOTE: this assumes buf size in is >= buf size out! */
- rv = (*context->update)(context->cipherInfo,pEncryptedPart,
- &outlen, maxout, pPart, ulPartLen);
- *pulEncryptedPartLen = (CK_ULONG) (outlen + padoutlen);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/* NSC_EncryptFinal finishes a multiple-part encryption operation. */
-CK_RV NSC_EncryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen,i;
- unsigned int maxout = *pulLastEncryptedPartLen;
- CK_RV crv;
- SECStatus rv = SECSuccess;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_TRUE,&session);
- if (crv != CKR_OK) return crv;
-
- *pulLastEncryptedPartLen = 0;
-
- /* do padding */
- if (context->doPad) {
- unsigned char padbyte = (unsigned char)
- (context->blockSize - context->padDataLength);
- /* fill out rest of pad buffer with pad magic*/
- for (i=context->padDataLength; i < context->blockSize; i++) {
- context->padBuf[i] = padbyte;
- }
- rv = (*context->update)(context->cipherInfo,pLastEncryptedPart,
- &outlen, maxout, context->padBuf, context->blockSize);
- if (rv == SECSuccess) *pulLastEncryptedPartLen = (CK_ULONG) outlen;
- }
-
- /* do it */
- pk11_SetContextByType(session, PK11_ENCRYPT, NULL);
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_Encrypt encrypts single-part data. */
-CK_RV NSC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData,
- CK_ULONG_PTR pulEncryptedDataLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxoutlen = *pulEncryptedDataLen;
- CK_RV crv;
- CK_RV crv2;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_ENCRYPT,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- if (context->doPad) {
- CK_ULONG finalLen;
- /* padding is fairly complicated, have the update and final
- * code deal with it */
- pk11_FreeSession(session);
- crv = NSC_EncryptUpdate(hSession,pData,ulDataLen,pEncryptedData,
- pulEncryptedDataLen);
- if (crv != CKR_OK) *pulEncryptedDataLen = 0;
- maxoutlen -= *pulEncryptedDataLen;
- pEncryptedData += *pulEncryptedDataLen;
- finalLen = maxoutlen;
- crv2 = NSC_EncryptFinal(hSession, pEncryptedData, &finalLen);
- if (crv2 == CKR_OK) { *pulEncryptedDataLen += finalLen; }
- return crv == CKR_OK ? crv2 :crv;
- }
-
-
- /* do it: NOTE: this assumes buf size is big enough. */
- rv = (*context->update)(context->cipherInfo, pEncryptedData,
- &outlen, maxoutlen, pData, ulDataLen);
- *pulEncryptedDataLen = (CK_ULONG) outlen;
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_ENCRYPT, NULL);
- pk11_FreeSession(session);
-
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/*
- ************** Crypto Functions: Decrypt ************************
- */
-
-/* NSC_DecryptInit initializes a decryption operation. */
-CK_RV NSC_DecryptInit( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
-{
- return pk11_CryptInit(hSession, pMechanism, hKey, CKA_DECRYPT,
- PK11_DECRYPT, PR_FALSE);
-}
-
-/* NSC_DecryptUpdate continues a multiple-part decryption operation. */
-CK_RV NSC_DecryptUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
-{
- PK11SessionContext *context;
- unsigned int padoutlen = 0;
- unsigned int outlen;
- unsigned int maxout = *pulPartLen;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_DECRYPT,PR_TRUE,NULL);
- if (crv != CKR_OK) return crv;
-
- if (context->doPad) {
- /* first decrypt our saved buffer */
- if (context->padDataLength != 0) {
- rv = (*context->update)(context->cipherInfo, pPart, &padoutlen,
- maxout, context->padBuf, context->blockSize);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- pPart += padoutlen;
- maxout -= padoutlen;
- }
- /* now save the final block for the next decrypt or the final */
- PORT_Memcpy(context->padBuf,&pEncryptedPart[ulEncryptedPartLen -
- context->blockSize], context->blockSize);
- context->padDataLength = context->blockSize;
- ulEncryptedPartLen -= context->padDataLength;
- }
-
- /* do it: NOTE: this assumes buf size in is >= buf size out! */
- rv = (*context->update)(context->cipherInfo,pPart, &outlen,
- maxout, pEncryptedPart, ulEncryptedPartLen);
- *pulPartLen = (CK_ULONG) (outlen + padoutlen);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/* NSC_DecryptFinal finishes a multiple-part decryption operation. */
-CK_RV NSC_DecryptFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxout = *pulLastPartLen;
- CK_RV crv;
- SECStatus rv = SECSuccess;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_DECRYPT,PR_TRUE,&session);
- if (crv != CKR_OK) return crv;
-
- *pulLastPartLen = 0;
- if (context->doPad) {
- /* decrypt our saved buffer */
- if (context->padDataLength != 0) {
- /* this assumes that pLastPart is big enough to hold the *whole*
- * buffer!!! */
- rv = (*context->update)(context->cipherInfo, pLastPart, &outlen,
- maxout, context->padBuf, context->blockSize);
- if (rv == SECSuccess) {
- unsigned int padSize =
- (unsigned int) pLastPart[context->blockSize-1];
- if ((padSize > context->blockSize) || (padSize == 0)) {
- rv = SECFailure;
- } else {
- *pulLastPartLen = outlen - padSize;
- }
- }
- }
- }
-
- /* do it */
- pk11_SetContextByType(session, PK11_DECRYPT, NULL);
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_Decrypt decrypts encrypted data in a single part. */
-CK_RV NSC_Decrypt(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData,CK_ULONG ulEncryptedDataLen,CK_BYTE_PTR pData,
- CK_ULONG_PTR pulDataLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxoutlen = *pulDataLen;
- CK_RV crv;
- CK_RV crv2;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_DECRYPT,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- if (context->doPad) {
- CK_ULONG finalLen;
- /* padding is fairly complicated, have the update and final
- * code deal with it */
- pk11_FreeSession(session);
- crv = NSC_DecryptUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
- pData, pulDataLen);
- if (crv != CKR_OK) *pulDataLen = 0;
- maxoutlen -= *pulDataLen;
- pData += *pulDataLen;
- finalLen = maxoutlen;
- crv2 = NSC_DecryptFinal(hSession, pData, &finalLen);
- if (crv2 == CKR_OK) { *pulDataLen += finalLen; }
- return crv == CKR_OK ? crv2 :crv;
- }
-
- rv = (*context->update)(context->cipherInfo, pData, &outlen, maxoutlen,
- pEncryptedData, ulEncryptedDataLen);
- *pulDataLen = (CK_ULONG) outlen;
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_DECRYPT, NULL);
- pk11_FreeSession(session);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-
-/*
- ************** Crypto Functions: Digest (HASH) ************************
- */
-
-/* NSC_DigestInit initializes a message-digesting operation. */
-CK_RV NSC_DigestInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism)
-{
- PK11Session *session;
- PK11SessionContext *context;
- MD2Context *md2_context;
- MD5Context *md5_context;
- SHA1Context *sha1_context;
- CK_RV crv = CKR_OK;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- crv = pk11_InitGeneric(session,&context,PK11_HASH,NULL,0,NULL, 0, 0);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
- switch(pMechanism->mechanism) {
- case CKM_MD2:
- md2_context = MD2_NewContext();
- context->cipherInfo = (void *)md2_context;
- context->cipherInfoLen = MD2_FlattenSize(md2_context);
- context->currentMech = CKM_MD2;
- if (context->cipherInfo == NULL) {
- crv= CKR_HOST_MEMORY;
-
- }
- context->hashUpdate = (PK11Hash) MD2_Update;
- context->end = (PK11End) MD2_End;
- context->destroy = (PK11Destroy) MD2_DestroyContext;
- MD2_Begin(md2_context);
- break;
- case CKM_MD5:
- md5_context = MD5_NewContext();
- context->cipherInfo = (void *)md5_context;
- context->cipherInfoLen = MD5_FlattenSize(md5_context);
- context->currentMech = CKM_MD5;
- if (context->cipherInfo == NULL) {
- crv= CKR_HOST_MEMORY;
-
- }
- context->hashUpdate = (PK11Hash) MD5_Update;
- context->end = (PK11End) MD5_End;
- context->destroy = (PK11Destroy) MD5_DestroyContext;
- MD5_Begin(md5_context);
- break;
- case CKM_SHA_1:
- sha1_context = SHA1_NewContext();
- context->cipherInfo = (void *)sha1_context;
- context->cipherInfoLen = SHA1_FlattenSize(sha1_context);
- context->currentMech = CKM_SHA_1;
- if (context->cipherInfo == NULL) {
- crv= CKR_HOST_MEMORY;
- break;
- }
- context->hashUpdate = (PK11Hash) SHA1_Update;
- context->end = (PK11End) SHA1_End;
- context->destroy = (PK11Destroy) SHA1_DestroyContext;
- SHA1_Begin(sha1_context);
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, PK11_HASH, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-/* NSC_Digest digests data in a single part. */
-CK_RV NSC_Digest(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int digestLen;
- unsigned int maxout = *pulDigestLen;
- CK_RV crv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_HASH,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- /* do it: */
- (*context->hashUpdate)(context->cipherInfo, pData, ulDataLen);
- /* NOTE: this assumes buf size is bigenough for the algorithm */
- (*context->end)(context->cipherInfo, pDigest, &digestLen,maxout);
- *pulDigestLen = digestLen;
-
- pk11_SetContextByType(session, PK11_HASH, NULL);
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-/* NSC_DigestUpdate continues a multiple-part message-digesting operation. */
-CK_RV NSC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen)
-{
- PK11SessionContext *context;
- CK_RV crv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_HASH,PR_TRUE,NULL);
- if (crv != CKR_OK) return crv;
- /* do it: */
- (*context->hashUpdate)(context->cipherInfo, pPart, ulPartLen);
- return CKR_OK;
-}
-
-
-/* NSC_DigestFinal finishes a multiple-part message-digesting operation. */
-CK_RV NSC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
- CK_ULONG_PTR pulDigestLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int maxout = *pulDigestLen;
- unsigned int digestLen;
- CK_RV crv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession, &context, PK11_HASH, PR_TRUE, &session);
- if (crv != CKR_OK) return crv;
-
- if (pDigest != NULL) {
- (*context->end)(context->cipherInfo, pDigest, &digestLen, maxout);
- *pulDigestLen = digestLen;
- } else {
- *pulDigestLen = 0;
- }
-
- pk11_SetContextByType(session, PK11_HASH, NULL);
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-/*
- * this helper functions are used by Generic Macing and Signing functions
- * that use hashes as part of their operations.
- */
-static CK_RV
-pk11_doSubMD2(PK11SessionContext *context) {
- MD2Context *md2_context = MD2_NewContext();
- context->hashInfo = (void *)md2_context;
- if (context->hashInfo == NULL) {
- return CKR_HOST_MEMORY;
- }
- context->hashUpdate = (PK11Hash) MD2_Update;
- context->end = (PK11End) MD2_End;
- context->hashdestroy = (PK11Destroy) MD2_DestroyContext;
- MD2_Begin(md2_context);
- return CKR_OK;
-}
-
-static CK_RV
-pk11_doSubMD5(PK11SessionContext *context) {
- MD5Context *md5_context = MD5_NewContext();
- context->hashInfo = (void *)md5_context;
- if (context->hashInfo == NULL) {
- return CKR_HOST_MEMORY;
- }
- context->hashUpdate = (PK11Hash) MD5_Update;
- context->end = (PK11End) MD5_End;
- context->hashdestroy = (PK11Destroy) MD5_DestroyContext;
- MD5_Begin(md5_context);
- return CKR_OK;
-}
-
-static CK_RV
-pk11_doSubSHA1(PK11SessionContext *context) {
- SHA1Context *sha1_context = SHA1_NewContext();
- context->hashInfo = (void *)sha1_context;
- if (context->hashInfo == NULL) {
- return CKR_HOST_MEMORY;
- }
- context->hashUpdate = (PK11Hash) SHA1_Update;
- context->end = (PK11End) SHA1_End;
- context->hashdestroy = (PK11Destroy) SHA1_DestroyContext;
- SHA1_Begin(sha1_context);
- return CKR_OK;
-}
-
-/*
- * HMAC General copies only a portion of the result. This update routine likes
- * the final HMAC output with the signature.
- */
-static SECStatus
-pk11_HMACCopy(CK_ULONG *copyLen,unsigned char *sig,unsigned int *sigLen,
- unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
-{
- if (maxLen < *copyLen) return SECFailure;
- PORT_Memcpy(sig,hash,*copyLen);
- *sigLen = *copyLen;
- return SECSuccess;
-}
-
-/* Verify is just a compare for HMAC */
-static SECStatus
-pk11_HMACCmp(CK_ULONG *copyLen,unsigned char *sig,unsigned int sigLen,
- unsigned char *hash, unsigned int hashLen)
-{
- return PORT_Memcmp(sig,hash,*copyLen) ? SECSuccess : SECFailure ;
-}
-
-/*
- * common HMAC initalization routine
- */
-static CK_RV
-pk11_doHMACInit(PK11SessionContext *context,HASH_HashType hash,
- PK11Object *key, CK_ULONG mac_size)
-{
- PK11Attribute *keyval;
- HMACContext *HMACcontext;
- CK_ULONG *intpointer;
- const SECHashObject *hashObj = &SECRawHashObjects[hash];
-
- keyval = pk11_FindAttribute(key,CKA_VALUE);
- if (keyval == NULL) return CKR_KEY_SIZE_RANGE;
-
- HMACcontext = HMAC_Create(hashObj,
- (const unsigned char*)keyval->attrib.pValue,
- keyval->attrib.ulValueLen);
- context->hashInfo = HMACcontext;
- context->multi = PR_TRUE;
- pk11_FreeAttribute(keyval);
- if (context->hashInfo == NULL) {
- return CKR_HOST_MEMORY;
- }
- context->hashUpdate = (PK11Hash) HMAC_Update;
- context->end = (PK11End) HMAC_Finish;
-
- context->hashdestroy = (PK11Destroy) pk11_HMAC_Destroy;
- intpointer = (CK_ULONG *) PORT_Alloc(sizeof(CK_ULONG));
- if (intpointer == NULL) {
- return CKR_HOST_MEMORY;
- }
- *intpointer = mac_size;
- context->cipherInfo = (void *) intpointer;
- context->destroy = (PK11Destroy) pk11_Space;
- context->update = (PK11Cipher) pk11_HMACCopy;
- context->verify = (PK11Verify) pk11_HMACCmp;
- HMAC_Begin(HMACcontext);
- return CKR_OK;
-}
-
-/*
- * SSL Macing support. SSL Macs are inited, then update with the base
- * hashing algorithm, then finalized in sign and verify
- */
-
-/*
- * FROM SSL:
- * 60 bytes is 3 times the maximum length MAC size that is supported.
- * We probably should have one copy of this table. We still need this table
- * in ssl to 'sign' the handshake hashes.
- */
-static unsigned char ssl_pad_1 [60] = {
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36
-};
-static unsigned char ssl_pad_2 [60] = {
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c
-};
-
-static SECStatus
-pk11_SSLMACSign(PK11SSLMACInfo *info,unsigned char *sig,unsigned int *sigLen,
- unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
-{
- unsigned char tmpBuf[PK11_MAX_MAC_LENGTH];
- unsigned int out;
-
- info->begin(info->hashContext);
- info->update(info->hashContext,info->key,info->keySize);
- info->update(info->hashContext,ssl_pad_2,info->padSize);
- info->update(info->hashContext,hash,hashLen);
- info->end(info->hashContext,tmpBuf,&out,PK11_MAX_MAC_LENGTH);
- PORT_Memcpy(sig,tmpBuf,info->macSize);
- *sigLen = info->macSize;
- return SECSuccess;
-}
-
-static SECStatus
-pk11_SSLMACVerify(PK11SSLMACInfo *info,unsigned char *sig,unsigned int sigLen,
- unsigned char *hash, unsigned int hashLen)
-{
- unsigned char tmpBuf[PK11_MAX_MAC_LENGTH];
- unsigned int out;
-
- info->begin(info->hashContext);
- info->update(info->hashContext,info->key,info->keySize);
- info->update(info->hashContext,ssl_pad_2,info->padSize);
- info->update(info->hashContext,hash,hashLen);
- info->end(info->hashContext,tmpBuf,&out,PK11_MAX_MAC_LENGTH);
- return (PORT_Memcmp(sig,tmpBuf,info->macSize) == 0) ?
- SECSuccess : SECFailure;
-}
-
-/*
- * common HMAC initalization routine
- */
-static CK_RV
-pk11_doSSLMACInit(PK11SessionContext *context,SECOidTag oid,
- PK11Object *key, CK_ULONG mac_size)
-{
- PK11Attribute *keyval;
- PK11Begin begin;
- int padSize;
- PK11SSLMACInfo *sslmacinfo;
- CK_RV crv = CKR_MECHANISM_INVALID;
-
- if (oid == SEC_OID_SHA1) {
- crv = pk11_doSubSHA1(context);
- begin = (PK11Begin) SHA1_Begin;
- if (crv != CKR_OK) return crv;
- padSize = 40;
- } else {
- crv = pk11_doSubMD5(context);
- if (crv != CKR_OK) return crv;
- begin = (PK11Begin) MD5_Begin;
- padSize = 48;
- }
- context->multi = PR_TRUE;
-
- keyval = pk11_FindAttribute(key,CKA_VALUE);
- if (keyval == NULL) return CKR_KEY_SIZE_RANGE;
-
- context->hashUpdate(context->hashInfo,keyval->attrib.pValue,
- keyval->attrib.ulValueLen);
- context->hashUpdate(context->hashInfo,ssl_pad_1,padSize);
- sslmacinfo = (PK11SSLMACInfo *) PORT_Alloc(sizeof(PK11SSLMACInfo));
- if (sslmacinfo == NULL) {
- pk11_FreeAttribute(keyval);
- return CKR_HOST_MEMORY;
- }
- sslmacinfo->macSize = mac_size;
- sslmacinfo->hashContext = context->hashInfo;
- PORT_Memcpy(sslmacinfo->key,keyval->attrib.pValue,
- keyval->attrib.ulValueLen);
- sslmacinfo->keySize = keyval->attrib.ulValueLen;
- sslmacinfo->begin = begin;
- sslmacinfo->end = context->end;
- sslmacinfo->update = context->hashUpdate;
- sslmacinfo->padSize = padSize;
- pk11_FreeAttribute(keyval);
- context->cipherInfo = (void *) sslmacinfo;
- context->destroy = (PK11Destroy) pk11_Space;
- context->update = (PK11Cipher) pk11_SSLMACSign;
- context->verify = (PK11Verify) pk11_SSLMACVerify;
- return CKR_OK;
-}
-
-typedef struct {
- PRUint32 cxSize; /* size of allocated block, in bytes. */
- PRUint32 cxKeyLen; /* number of bytes of cxBuf containing key. */
- PRUint32 cxDataLen; /* number of bytes of cxBuf containing data. */
- SECStatus cxRv; /* records failure of void functions. */
- unsigned char cxBuf[512]; /* actual size may be larger than 512. */
-} TLSPRFContext;
-
-static void
-pk11_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data,
- unsigned int data_len)
-{
- PRUint32 bytesUsed = PK11_OFFSETOF(TLSPRFContext, cxBuf) +
- cx->cxKeyLen + cx->cxDataLen;
-
- if (cx->cxRv != SECSuccess) /* function has previously failed. */
- return;
- if (bytesUsed + data_len > cx->cxSize) {
- /* We don't use realloc here because
- ** (a) realloc doesn't zero out the old block, and
- ** (b) if realloc fails, we lose the old block.
- */
- PRUint32 blockSize = bytesUsed + data_len + 512;
- TLSPRFContext *new_cx = (TLSPRFContext *)PORT_Alloc(blockSize);
- if (!new_cx) {
- cx->cxRv = SECFailure;
- return;
- }
- PORT_Memcpy(new_cx, cx, cx->cxSize);
- new_cx->cxSize = blockSize;
-
- PORT_ZFree(cx, cx->cxSize);
- cx = new_cx;
- }
- PORT_Memcpy(cx->cxBuf + cx->cxKeyLen + cx->cxDataLen, data, data_len);
- cx->cxDataLen += data_len;
-}
-
-static void
-pk11_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout,
- unsigned int *pDigestLen, unsigned int maxDigestLen)
-{
- *pDigestLen = 0; /* tells Verify that no data has been input yet. */
-}
-
-/* Compute the PRF values from the data previously input. */
-static SECStatus
-pk11_TLSPRFUpdate(TLSPRFContext *cx,
- unsigned char *sig, /* output goes here. */
- unsigned int * sigLen, /* how much output. */
- unsigned int maxLen, /* output buffer size */
- unsigned char *hash, /* unused. */
- unsigned int hashLen) /* unused. */
-{
- SECStatus rv;
- SECItem sigItem;
- SECItem seedItem;
- SECItem secretItem;
-
- if (cx->cxRv != SECSuccess)
- return cx->cxRv;
-
- secretItem.data = cx->cxBuf;
- secretItem.len = cx->cxKeyLen;
-
- seedItem.data = cx->cxBuf + cx->cxKeyLen;
- seedItem.len = cx->cxDataLen;
-
- sigItem.data = sig;
- sigItem.len = maxLen;
-
- rv = pk11_PRF(&secretItem, NULL, &seedItem, &sigItem);
- if (rv == SECSuccess && sigLen != NULL)
- *sigLen = sigItem.len;
- return rv;
-
-}
-
-static SECStatus
-pk11_TLSPRFVerify(TLSPRFContext *cx,
- unsigned char *sig, /* input, for comparison. */
- unsigned int sigLen, /* length of sig. */
- unsigned char *hash, /* data to be verified. */
- unsigned int hashLen) /* size of hash data. */
-{
- unsigned char * tmp = (unsigned char *)PORT_Alloc(sigLen);
- unsigned int tmpLen = sigLen;
- SECStatus rv;
-
- if (!tmp)
- return SECFailure;
- if (hashLen) {
- /* hashLen is non-zero when the user does a one-step verify.
- ** In this case, none of the data has been input yet.
- */
- pk11_TLSPRFHashUpdate(cx, hash, hashLen);
- }
- rv = pk11_TLSPRFUpdate(cx, tmp, &tmpLen, sigLen, NULL, 0);
- if (rv == SECSuccess) {
- rv = (SECStatus)(1 - !PORT_Memcmp(tmp, sig, sigLen));
- }
- PORT_ZFree(tmp, sigLen);
- return rv;
-}
-
-static void
-pk11_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit)
-{
- if (freeit)
- PORT_ZFree(cx, cx->cxSize);
-}
-
-static CK_RV
-pk11_TLSPRFInit(PK11SessionContext *context,
- PK11Object * key,
- CK_KEY_TYPE key_type)
-{
- PK11Attribute * keyVal;
- TLSPRFContext * prf_cx;
- CK_RV crv = CKR_HOST_MEMORY;
- PRUint32 keySize;
- PRUint32 blockSize;
-
- if (key_type != CKK_GENERIC_SECRET)
- return CKR_KEY_TYPE_INCONSISTENT; /* CKR_KEY_FUNCTION_NOT_PERMITTED */
-
- context->multi = PR_TRUE;
-
- keyVal = pk11_FindAttribute(key, CKA_VALUE);
- keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen;
- blockSize = keySize + sizeof(TLSPRFContext);
- prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize);
- if (!prf_cx)
- goto done;
- prf_cx->cxSize = blockSize;
- prf_cx->cxKeyLen = keySize;
- prf_cx->cxDataLen = 0;
- prf_cx->cxRv = SECSuccess;
- if (keySize)
- PORT_Memcpy(prf_cx->cxBuf, keyVal->attrib.pValue, keySize);
-
- context->hashInfo = (void *) prf_cx;
- context->cipherInfo = (void *) prf_cx;
- context->hashUpdate = (PK11Hash) pk11_TLSPRFHashUpdate;
- context->end = (PK11End) pk11_TLSPRFEnd;
- context->update = (PK11Cipher) pk11_TLSPRFUpdate;
- context->verify = (PK11Verify) pk11_TLSPRFVerify;
- context->destroy = (PK11Destroy) pk11_Null;
- context->hashdestroy = (PK11Destroy) pk11_TLSPRFHashDestroy;
- crv = CKR_OK;
-
-done:
- if (keyVal)
- pk11_FreeAttribute(keyVal);
- return crv;
-}
-
-/*
- ************** Crypto Functions: Sign ************************
- */
-
-/*
- * Check if We're using CBCMacing and initialize the session context if we are.
- */
-static CK_RV
-pk11_InitCBCMac(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
- CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE keyUsage,
- PK11ContextType contextType)
-
-{
- CK_MECHANISM cbc_mechanism;
- CK_ULONG mac_bytes = PK11_INVALID_MAC_SIZE;
- CK_RC2_CBC_PARAMS rc2_params;
-#if NSS_SOFTOKEN_DOES_RC5
- CK_RC5_CBC_PARAMS rc5_params;
- CK_RC5_MAC_GENERAL_PARAMS *rc5_mac;
-#endif
- unsigned char ivBlock[PK11_MAX_BLOCK_SIZE];
- PK11SessionContext *context;
- CK_RV crv;
- int blockSize;
-
- switch (pMechanism->mechanism) {
- case CKM_RC2_MAC_GENERAL:
- mac_bytes =
- ((CK_RC2_MAC_GENERAL_PARAMS *)pMechanism->pParameter)->ulMacLength;
- /* fall through */
- case CKM_RC2_MAC:
- /* this works because ulEffectiveBits is in the same place in both the
- * CK_RC2_MAC_GENERAL_PARAMS and CK_RC2_CBC_PARAMS */
- rc2_params.ulEffectiveBits = ((CK_RC2_MAC_GENERAL_PARAMS *)
- pMechanism->pParameter)->ulEffectiveBits;
- PORT_Memset(rc2_params.iv,0,sizeof(rc2_params.iv));
- cbc_mechanism.mechanism = CKM_RC2_CBC;
- cbc_mechanism.pParameter = &rc2_params;
- cbc_mechanism.ulParameterLen = sizeof(rc2_params);
- blockSize = 8;
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case CKM_RC5_MAC_GENERAL:
- mac_bytes =
- ((CK_RC5_MAC_GENERAL_PARAMS *)pMechanism->pParameter)->ulMacLength;
- /* fall through */
- case CKM_RC5_MAC:
- /* this works because ulEffectiveBits is in the same place in both the
- * CK_RC5_MAC_GENERAL_PARAMS and CK_RC5_CBC_PARAMS */
- rc5_mac = (CK_RC5_MAC_GENERAL_PARAMS *)pMechanism->pParameter;
- rc5_params.ulWordsize = rc5_mac->ulWordsize;
- rc5_params.ulRounds = rc5_mac->ulRounds;
- rc5_params.pIv = ivBlock;
- blockSize = rc5_mac->ulWordsize*2;
- rc5_params.ulIvLen = blockSize;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_RC5_CBC;
- cbc_mechanism.pParameter = &rc5_params;
- cbc_mechanism.ulParameterLen = sizeof(rc5_params);
- break;
-#endif
- /* add cast and idea later */
- case CKM_DES_MAC_GENERAL:
- mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
- /* fall through */
- case CKM_DES_MAC:
- blockSize = 8;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_DES_CBC;
- cbc_mechanism.pParameter = &ivBlock;
- cbc_mechanism.ulParameterLen = blockSize;
- break;
- case CKM_DES3_MAC_GENERAL:
- mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
- /* fall through */
- case CKM_DES3_MAC:
- blockSize = 8;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_DES3_CBC;
- cbc_mechanism.pParameter = &ivBlock;
- cbc_mechanism.ulParameterLen = blockSize;
- break;
- case CKM_CDMF_MAC_GENERAL:
- mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
- /* fall through */
- case CKM_CDMF_MAC:
- blockSize = 8;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_CDMF_CBC;
- cbc_mechanism.pParameter = &ivBlock;
- cbc_mechanism.ulParameterLen = blockSize;
- break;
- case CKM_AES_MAC_GENERAL:
- mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
- /* fall through */
- case CKM_AES_MAC:
- blockSize = 16;
- PORT_Memset(ivBlock,0,blockSize);
- cbc_mechanism.mechanism = CKM_AES_CBC;
- cbc_mechanism.pParameter = &ivBlock;
- cbc_mechanism.ulParameterLen = blockSize;
- break;
- default:
- return CKR_FUNCTION_NOT_SUPPORTED;
- }
-
- crv = pk11_CryptInit(hSession, &cbc_mechanism, hKey, keyUsage,
- contextType, PR_TRUE);
- if (crv != CKR_OK) return crv;
- crv = pk11_GetContext(hSession,&context,contextType,PR_TRUE,NULL);
-
- /* this shouldn't happen! */
- PORT_Assert(crv == CKR_OK);
- if (crv != CKR_OK) return crv;
- context->blockSize = blockSize;
- if (mac_bytes == PK11_INVALID_MAC_SIZE) mac_bytes = blockSize/2;
- context->macSize = mac_bytes;
- return CKR_OK;
-}
-
-/*
- * encode RSA PKCS #1 Signature data before signing...
- */
-static SECStatus
-pk11_HashSign(PK11HashSignInfo *info,unsigned char *sig,unsigned int *sigLen,
- unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
-{
-
- SECStatus rv = SECFailure;
- SECItem digder;
- PLArenaPool *arena = NULL;
- SGNDigestInfo *di = NULL;
-
- digder.data = NULL;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( !arena ) { goto loser; }
-
- /* Construct digest info */
- di = SGN_CreateDigestInfo(info->hashOid, hash, hashLen);
- if (!di) { goto loser; }
-
- /* Der encode the digest as a DigestInfo */
- rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate, di);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /*
- ** Encrypt signature after constructing appropriate PKCS#1 signature
- ** block
- */
- rv = RSA_Sign(info->key,sig,sigLen,maxLen,digder.data,digder.len);
-
- loser:
- SGN_DestroyDigestInfo(di);
- if (arena != NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- }
- return rv;
-}
-
-static SECStatus
-nsc_DSA_Verify_Stub(void *ctx, void *sigBuf, unsigned int sigLen,
- void *dataBuf, unsigned int dataLen)
-{
- SECItem signature, digest;
- NSSLOWKEYPublicKey *key = (NSSLOWKEYPublicKey *)ctx;
-
- signature.data = (unsigned char *)sigBuf;
- signature.len = sigLen;
- digest.data = (unsigned char *)dataBuf;
- digest.len = dataLen;
- return DSA_VerifyDigest(&(key->u.dsa), &signature, &digest);
-}
-
-static SECStatus
-nsc_DSA_Sign_Stub(void *ctx, void *sigBuf,
- unsigned int *sigLen, unsigned int maxSigLen,
- void *dataBuf, unsigned int dataLen)
-{
- SECItem signature = { 0 }, digest;
- SECStatus rv;
- NSSLOWKEYPrivateKey *key = (NSSLOWKEYPrivateKey *)ctx;
-
- (void)SECITEM_AllocItem(NULL, &signature, maxSigLen);
- digest.data = (unsigned char *)dataBuf;
- digest.len = dataLen;
- rv = DSA_SignDigest(&(key->u.dsa), &signature, &digest);
- *sigLen = signature.len;
- PORT_Memcpy(sigBuf, signature.data, signature.len);
- SECITEM_FreeItem(&signature, PR_FALSE);
- return rv;
-}
-
-/* NSC_SignInit setups up the signing operations. There are three basic
- * types of signing:
- * (1) the tradition single part, where "Raw RSA" or "Raw DSA" is applied
- * to data in a single Sign operation (which often looks a lot like an
- * encrypt, with data coming in and data going out).
- * (2) Hash based signing, where we continually hash the data, then apply
- * some sort of signature to the end.
- * (3) Block Encryption CBC MAC's, where the Data is encrypted with a key,
- * and only the final block is part of the mac.
- *
- * For case number 3, we initialize a context much like the Encryption Context
- * (in fact we share code). We detect case 3 in C_SignUpdate, C_Sign, and
- * C_Final by the following method... if it's not multi-part, and it's doesn't
- * have a hash context, it must be a block Encryption CBC MAC.
- *
- * For case number 2, we initialize a hash structure, as well as make it
- * multi-part. Updates are simple calls to the hash update function. Final
- * calls the hashend, then passes the result to the 'update' function (which
- * operates as a final signature function). In some hash based MAC'ing (as
- * opposed to hash base signatures), the update function is can be simply a
- * copy (as is the case with HMAC).
- */
-CK_RV NSC_SignInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
-{
- PK11Session *session;
- PK11Object *key;
- PK11SessionContext *context;
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- NSSLOWKEYPrivateKey *privKey;
- PK11HashSignInfo *info = NULL;
-
- /* Block Cipher MACing Algorithms use a different Context init method..*/
- crv = pk11_InitCBCMac(hSession, pMechanism, hKey, CKA_SIGN, PK11_SIGN);
- if (crv != CKR_FUNCTION_NOT_SUPPORTED) return crv;
-
- /* we're not using a block cipher mac */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- crv = pk11_InitGeneric(session,&context,PK11_SIGN,&key,hKey,&key_type,
- CKO_PRIVATE_KEY,CKA_SIGN);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
- context->multi = PR_FALSE;
-
- switch(pMechanism->mechanism) {
- case CKM_MD5_RSA_PKCS:
- context->multi = PR_TRUE;
- crv = pk11_doSubMD5(context);
- if (crv != CKR_OK) break;
- context->update = (PK11Cipher) pk11_HashSign;
- info = (PK11HashSignInfo *)PORT_Alloc(sizeof(PK11HashSignInfo));
- if (info == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- info->hashOid = SEC_OID_MD5;
- goto finish_rsa;
- case CKM_MD2_RSA_PKCS:
- context->multi = PR_TRUE;
- crv = pk11_doSubMD2(context);
- if (crv != CKR_OK) break;
- context->update = (PK11Cipher) pk11_HashSign;
- info = (PK11HashSignInfo *)PORT_Alloc(sizeof(PK11HashSignInfo));
- if (info == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- info->hashOid = SEC_OID_MD2;
- goto finish_rsa;
- case CKM_SHA1_RSA_PKCS:
- context->multi = PR_TRUE;
- crv = pk11_doSubSHA1(context);
- if (crv != CKR_OK) break;
- context->update = (PK11Cipher) pk11_HashSign;
- info = (PK11HashSignInfo *)PORT_Alloc(sizeof(PK11HashSignInfo));
- if (info == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- info->hashOid = SEC_OID_SHA1;
- goto finish_rsa;
- case CKM_RSA_PKCS:
- context->update = (PK11Cipher) RSA_Sign;
- goto finish_rsa;
- case CKM_RSA_X_509:
- context->update = (PK11Cipher) RSA_SignRaw;
-finish_rsa:
- if (key_type != CKK_RSA) {
- if (info) PORT_Free(info);
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- context->multi = PR_FALSE;
- privKey = pk11_GetPrivKey(key,CKK_RSA);
- if (privKey == NULL) {
- if (info) PORT_Free(info);
- crv = CKR_HOST_MEMORY;
- break;
- }
- /* OK, info is allocated only if we're doing hash and sign mechanism.
- * It's necessary to be able to set the correct OID in the final
- * signature.
- */
- if (info) {
- info->key = privKey;
- context->cipherInfo = info;
- context->destroy = (PK11Destroy)pk11_Space;
- } else {
- context->cipherInfo = privKey;
- context->destroy = (PK11Destroy)pk11_Null;
- }
- break;
-
- case CKM_DSA_SHA1:
- context->multi = PR_TRUE;
- crv = pk11_doSubSHA1(context);
- if (crv != CKR_OK) break;
- /* fall through */
- case CKM_DSA:
- if (key_type != CKK_DSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- privKey = pk11_GetPrivKey(key,CKK_DSA);
- if (privKey == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->cipherInfo = privKey;
- context->update = (PK11Cipher) nsc_DSA_Sign_Stub;
- context->destroy = (privKey == key->objectInfo) ?
- (PK11Destroy) pk11_Null:(PK11Destroy)pk11_FreePrivKey;
-
- break;
- case CKM_MD2_HMAC_GENERAL:
- crv = pk11_doHMACInit(context,HASH_AlgMD2,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_MD2_HMAC:
- crv = pk11_doHMACInit(context,HASH_AlgMD2,key,MD2_LENGTH);
- break;
- case CKM_MD5_HMAC_GENERAL:
- crv = pk11_doHMACInit(context,HASH_AlgMD5,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_MD5_HMAC:
- crv = pk11_doHMACInit(context,HASH_AlgMD5,key,MD5_LENGTH);
- break;
- case CKM_SHA_1_HMAC_GENERAL:
- crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_SHA_1_HMAC:
- crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,SHA1_LENGTH);
- break;
- case CKM_SSL3_MD5_MAC:
- crv = pk11_doSSLMACInit(context,SEC_OID_MD5,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_SSL3_SHA1_MAC:
- crv = pk11_doSSLMACInit(context,SEC_OID_SHA1,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_TLS_PRF_GENERAL:
- crv = pk11_TLSPRFInit(context, key, key_type);
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeContext(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, PK11_SIGN, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-/* MACUpdate is the common implementation for SignUpdate and VerifyUpdate.
- * (sign and verify only very in their setup and final operations) */
-static CK_RV
-pk11_MACUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen,PK11ContextType type)
-{
- unsigned int outlen;
- PK11SessionContext *context;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,type,PR_FALSE,NULL);
- if (crv != CKR_OK) return crv;
-
- if (context->hashInfo) {
- (*context->hashUpdate)(context->hashInfo, pPart, ulPartLen);
- return CKR_OK;
- }
-
- /* must be block cipher macing */
-
- /* deal with previous buffered data */
- if (context->padDataLength != 0) {
- int i;
- /* fill in the padded to a full block size */
- for (i=context->padDataLength; (ulPartLen != 0) &&
- i < (int)context->blockSize; i++) {
- context->padBuf[i] = *pPart++;
- ulPartLen--;
- context->padDataLength++;
- }
-
- /* not enough data to encrypt yet? then return */
- if (context->padDataLength != context->blockSize) return CKR_OK;
- /* encrypt the current padded data */
- rv = (*context->update)(context->cipherInfo,context->macBuf,&outlen,
- PK11_MAX_BLOCK_SIZE,context->padBuf,context->blockSize);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- }
-
- /* save the residual */
- context->padDataLength = ulPartLen % context->blockSize;
- if (context->padDataLength) {
- PORT_Memcpy(context->padBuf,
- &pPart[ulPartLen-context->padDataLength],
- context->padDataLength);
- ulPartLen -= context->padDataLength;
- }
-
- /* if we've exhausted our new buffer, we're done */
- if (ulPartLen == 0) { return CKR_OK; }
-
- /* run the data through out encrypter */
- while (ulPartLen) {
- rv = (*context->update)(context->cipherInfo, context->padBuf, &outlen,
- PK11_MAX_BLOCK_SIZE, pPart, context->blockSize);
- if (rv != SECSuccess) return CKR_DEVICE_ERROR;
- /* paranoia.. make sure we exit the loop */
- PORT_Assert(ulPartLen >= context->blockSize);
- if (ulPartLen < context->blockSize) break;
- ulPartLen -= context->blockSize;
- }
-
- return CKR_OK;
-
-}
-
-/* NSC_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen)
-{
- return pk11_MACUpdate(hSession, pPart, ulPartLen, PK11_SIGN);
-}
-
-
-/* NSC_SignFinal finishes a multiple-part signature operation,
- * returning the signature. */
-CK_RV NSC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int digestLen;
- unsigned int maxoutlen = *pulSignatureLen;
- unsigned char tmpbuf[PK11_MAX_MAC_LENGTH];
- CK_RV crv;
- SECStatus rv = SECSuccess;
-
- /* make sure we're legal */
- *pulSignatureLen = 0;
- crv = pk11_GetContext(hSession,&context,PK11_SIGN,PR_TRUE,&session);
- if (crv != CKR_OK) return crv;
-
- if (context->hashInfo) {
- (*context->end)(context->hashInfo, tmpbuf, &digestLen, sizeof(tmpbuf));
- rv = (*context->update)(context->cipherInfo, pSignature,
- &outlen, maxoutlen, tmpbuf, digestLen);
- *pulSignatureLen = (CK_ULONG) outlen;
- } else {
- /* deal with the last block if any residual */
- if (context->padDataLength) {
- /* fill out rest of pad buffer with pad magic*/
- int i;
- for (i=context->padDataLength; i < (int)context->blockSize; i++) {
- context->padBuf[i] = 0;
- }
- rv = (*context->update)(context->cipherInfo,context->macBuf,
- &outlen,PK11_MAX_BLOCK_SIZE,context->padBuf,context->blockSize);
- }
- if (rv == SECSuccess) {
- PORT_Memcpy(pSignature,context->macBuf,context->macSize);
- *pulSignatureLen = context->macSize;
- }
- }
-
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_SIGN, NULL);
- pk11_FreeSession(session);
-
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_Sign signs (encrypts with private key) data in a single part,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_Sign(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pData,CK_ULONG ulDataLen,CK_BYTE_PTR pSignature,
- CK_ULONG_PTR pulSignatureLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxoutlen = *pulSignatureLen;
- CK_RV crv,crv2;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_SIGN,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- /* multi part Signing are completely implemented by SignUpdate and
- * sign Final */
- if (context->multi) {
- pk11_FreeSession(session);
- crv = NSC_SignUpdate(hSession,pData,ulDataLen);
- if (crv != CKR_OK) *pulSignatureLen = 0;
- crv2 = NSC_SignFinal(hSession, pSignature, pulSignatureLen);
- return crv == CKR_OK ? crv2 :crv;
- }
-
- rv = (*context->update)(context->cipherInfo, pSignature,
- &outlen, maxoutlen, pData, ulDataLen);
- *pulSignatureLen = (CK_ULONG) outlen;
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_SIGN, NULL);
- pk11_FreeSession(session);
-
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-
-/*
- ************** Crypto Functions: Sign Recover ************************
- */
-/* NSC_SignRecoverInit initializes a signature operation,
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-CK_RV NSC_SignRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)
-{
- switch (pMechanism->mechanism) {
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- return NSC_SignInit(hSession,pMechanism,hKey);
- default:
- break;
- }
- return CKR_MECHANISM_INVALID;
-}
-
-
-/* NSC_SignRecover signs data in a single operation
- * where the (digest) data can be recovered from the signature.
- * E.g. encryption with the user's private key */
-CK_RV NSC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
-{
- return NSC_Sign(hSession,pData,ulDataLen,pSignature,pulSignatureLen);
-}
-
-/*
- ************** Crypto Functions: verify ************************
- */
-
-/* Handle RSA Signature formating */
-static SECStatus
-pk11_hashCheckSign(PK11HashVerifyInfo *info, unsigned char *sig,
- unsigned int sigLen, unsigned char *digest, unsigned int digestLen)
-{
-
- SECItem it;
- SGNDigestInfo *di = NULL;
- SECStatus rv = SECSuccess;
-
- it.data = NULL;
-
- if (info->key == NULL) goto loser;
-
- it.len = nsslowkey_PublicModulusLen(info->key);
- if (!it.len) goto loser;
-
- it.data = (unsigned char *) PORT_Alloc(it.len);
- if (it.data == NULL) goto loser;
-
- /* decrypt the block */
- rv = RSA_CheckSignRecover(info->key, it.data, &it.len, it.len, sig, sigLen);
- if (rv != SECSuccess) goto loser;
-
- di = SGN_DecodeDigestInfo(&it);
- if (di == NULL) goto loser;
- if (di->digest.len != digestLen) goto loser;
-
- /* make sure the tag is OK */
- if (SECOID_GetAlgorithmTag(&di->digestAlgorithm) != info->hashOid) {
- goto loser;
- }
- /* Now check the signature */
- if (PORT_Memcmp(digest, di->digest.data, di->digest.len) == 0) {
- goto done;
- }
-
- loser:
- rv = SECFailure;
-
- done:
- if (it.data != NULL) PORT_Free(it.data);
- if (di != NULL) SGN_DestroyDigestInfo(di);
-
- return rv;
-}
-
-/* NSC_VerifyInit initializes a verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature (e.g. DSA) */
-CK_RV NSC_VerifyInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)
-{
- PK11Session *session;
- PK11Object *key;
- PK11SessionContext *context;
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- NSSLOWKEYPublicKey *pubKey;
- PK11HashVerifyInfo *info = NULL;
-
- /* Block Cipher MACing Algorithms use a different Context init method..*/
- crv = pk11_InitCBCMac(hSession, pMechanism, hKey, CKA_VERIFY, PK11_VERIFY);
- if (crv != CKR_FUNCTION_NOT_SUPPORTED) return crv;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- crv = pk11_InitGeneric(session,&context,PK11_VERIFY,&key,hKey,&key_type,
- CKO_PUBLIC_KEY,CKA_VERIFY);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
- context->multi = PR_FALSE;
-
- switch(pMechanism->mechanism) {
- case CKM_MD5_RSA_PKCS:
- context->multi = PR_TRUE;
- crv = pk11_doSubMD5(context);
- if (crv != CKR_OK) break;
- context->verify = (PK11Verify) pk11_hashCheckSign;
- info = (PK11HashVerifyInfo *)PORT_Alloc(sizeof(PK11HashVerifyInfo));
- if (info == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- info->hashOid = SEC_OID_MD5;
- goto finish_rsa;
- case CKM_MD2_RSA_PKCS:
- context->multi = PR_TRUE;
- crv = pk11_doSubMD2(context);
- if (crv != CKR_OK) break;
- context->verify = (PK11Verify) pk11_hashCheckSign;
- info = (PK11HashVerifyInfo *)PORT_Alloc(sizeof(PK11HashVerifyInfo));
- if (info == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- info->hashOid = SEC_OID_MD2;
- goto finish_rsa;
- case CKM_SHA1_RSA_PKCS:
- context->multi = PR_TRUE;
- crv = pk11_doSubSHA1(context);
- if (crv != CKR_OK) break;
- context->verify = (PK11Verify) pk11_hashCheckSign;
- info = (PK11HashVerifyInfo *)PORT_Alloc(sizeof(PK11HashVerifyInfo));
- if (info == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- info->hashOid = SEC_OID_SHA1;
- goto finish_rsa;
- case CKM_RSA_PKCS:
- context->verify = (PK11Verify) RSA_CheckSign;
- goto finish_rsa;
- case CKM_RSA_X_509:
- context->verify = (PK11Verify) RSA_CheckSignRaw;
-finish_rsa:
- if (key_type != CKK_RSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- pubKey = pk11_GetPubKey(key,CKK_RSA);
- if (pubKey == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- if (info) {
- info->key = pubKey;
- context->cipherInfo = info;
- context->destroy = pk11_Space;
- } else {
- context->cipherInfo = pubKey;
- context->destroy = pk11_Null;
- }
- break;
- case CKM_DSA_SHA1:
- context->multi = PR_TRUE;
- crv = pk11_doSubSHA1(context);
- if (crv != CKR_OK) break;
- /* fall through */
- case CKM_DSA:
- if (key_type != CKK_DSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- context->multi = PR_FALSE;
- pubKey = pk11_GetPubKey(key,CKK_DSA);
- if (pubKey == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->cipherInfo = pubKey;
- context->verify = (PK11Verify) nsc_DSA_Verify_Stub;
- context->destroy = pk11_Null;
- break;
-
- case CKM_MD2_HMAC_GENERAL:
- crv = pk11_doHMACInit(context,HASH_AlgMD2,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_MD2_HMAC:
- crv = pk11_doHMACInit(context,HASH_AlgMD2,key,MD2_LENGTH);
- break;
- case CKM_MD5_HMAC_GENERAL:
- crv = pk11_doHMACInit(context,HASH_AlgMD5,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_MD5_HMAC:
- crv = pk11_doHMACInit(context,HASH_AlgMD5,key,MD5_LENGTH);
- break;
- case CKM_SHA_1_HMAC_GENERAL:
- crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_SHA_1_HMAC:
- crv = pk11_doHMACInit(context,HASH_AlgSHA1,key,SHA1_LENGTH);
- break;
- case CKM_SSL3_MD5_MAC:
- crv = pk11_doSSLMACInit(context,SEC_OID_MD5,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_SSL3_SHA1_MAC:
- crv = pk11_doSSLMACInit(context,SEC_OID_SHA1,key,
- *(CK_ULONG *)pMechanism->pParameter);
- break;
- case CKM_TLS_PRF_GENERAL:
- crv = pk11_TLSPRFInit(context, key, key_type);
-
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_Free(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, PK11_VERIFY, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-/* NSC_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
- CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_VERIFY,PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- rv = (*context->verify)(context->cipherInfo,pSignature, ulSignatureLen,
- pData, ulDataLen);
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_VERIFY, NULL);
- pk11_FreeSession(session);
-
- return (rv == SECSuccess) ? CKR_OK : CKR_SIGNATURE_INVALID;
-
-}
-
-
-/* NSC_VerifyUpdate continues a multiple-part verification operation,
- * where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature */
-CK_RV NSC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen)
-{
- return pk11_MACUpdate(hSession, pPart, ulPartLen, PK11_VERIFY);
-}
-
-
-/* NSC_VerifyFinal finishes a multiple-part verification operation,
- * checking the signature. */
-CK_RV NSC_VerifyFinal(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int digestLen;
- unsigned char tmpbuf[PK11_MAX_MAC_LENGTH];
- CK_RV crv;
- SECStatus rv = SECSuccess;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_VERIFY,PR_TRUE,&session);
- if (crv != CKR_OK) return crv;
-
- if (context->hashInfo) {
- (*context->end)(context->hashInfo, tmpbuf, &digestLen, sizeof(tmpbuf));
- rv = (*context->verify)(context->cipherInfo, pSignature,
- ulSignatureLen, tmpbuf, digestLen);
- } else {
- if (context->padDataLength) {
- /* fill out rest of pad buffer with pad magic*/
- int i;
- for (i=context->padDataLength; i < (int)context->blockSize; i++) {
- context->padBuf[i] = 0;
- }
- rv = (*context->update)(context->cipherInfo,context->macBuf,
- &outlen,PK11_MAX_BLOCK_SIZE,context->padBuf,context->blockSize);
- }
- if (rv == SECSuccess) {
- rv =(PORT_Memcmp(pSignature,context->macBuf,context->macSize) == 0)
- ? SECSuccess : SECFailure;
- }
- }
-
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_VERIFY, NULL);
- pk11_FreeSession(session);
- return (rv == SECSuccess) ? CKR_OK : CKR_SIGNATURE_INVALID;
-
-}
-
-/*
- ************** Crypto Functions: Verify Recover ************************
- */
-
-/* NSC_VerifyRecoverInit initializes a signature verification operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-CK_RV NSC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)
-{
- PK11Session *session;
- PK11Object *key;
- PK11SessionContext *context;
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- NSSLOWKEYPublicKey *pubKey;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- crv = pk11_InitGeneric(session,&context,PK11_VERIFY_RECOVER,
- &key,hKey,&key_type,CKO_PUBLIC_KEY,CKA_VERIFY_RECOVER);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- return crv;
- }
-
- context->multi = PR_TRUE;
-
- switch(pMechanism->mechanism) {
- case CKM_RSA_PKCS:
- case CKM_RSA_X_509:
- if (key_type != CKK_RSA) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- context->multi = PR_FALSE;
- pubKey = pk11_GetPubKey(key,CKK_RSA);
- if (pubKey == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- context->cipherInfo = pubKey;
- context->update = (PK11Cipher) (pMechanism->mechanism == CKM_RSA_X_509
- ? RSA_CheckSignRecoverRaw : RSA_CheckSignRecover);
- context->destroy = pk11_Null;
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- if (crv != CKR_OK) {
- PORT_Free(context);
- pk11_FreeSession(session);
- return crv;
- }
- pk11_SetContextByType(session, PK11_VERIFY_RECOVER, context);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-/* NSC_VerifyRecover verifies a signature in a single-part operation,
- * where the data is recovered from the signature.
- * E.g. Decryption with the user's public key */
-CK_RV NSC_VerifyRecover(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen,
- CK_BYTE_PTR pData,CK_ULONG_PTR pulDataLen)
-{
- PK11Session *session;
- PK11SessionContext *context;
- unsigned int outlen;
- unsigned int maxoutlen = *pulDataLen;
- CK_RV crv;
- SECStatus rv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession,&context,PK11_VERIFY_RECOVER,
- PR_FALSE,&session);
- if (crv != CKR_OK) return crv;
-
- rv = (*context->update)(context->cipherInfo, pData, &outlen, maxoutlen,
- pSignature, ulSignatureLen);
- *pulDataLen = (CK_ULONG) outlen;
- pk11_FreeContext(context);
- pk11_SetContextByType(session, PK11_VERIFY_RECOVER, NULL);
- pk11_FreeSession(session);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/*
- **************************** Random Functions: ************************
- */
-
-/* NSC_SeedRandom mixes additional seed material into the token's random number
- * generator. */
-CK_RV NSC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
- CK_ULONG ulSeedLen)
-{
- SECStatus rv;
-
- rv = RNG_RandomUpdate(pSeed, ulSeedLen);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/* NSC_GenerateRandom generates random data. */
-CK_RV NSC_GenerateRandom(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
-{
- SECStatus rv;
-
- rv = RNG_GenerateGlobalRandomBytes(pRandomData, ulRandomLen);
- return (rv == SECSuccess) ? CKR_OK : CKR_DEVICE_ERROR;
-}
-
-/*
- **************************** Key Functions: ************************
- */
-
-
-/*
- * generate a password based encryption key. This code uses
- * PKCS5 to do the work.
- */
-static CK_RV
-nsc_pbe_key_gen(NSSPKCS5PBEParameter *pkcs5_pbe, CK_MECHANISM_PTR pMechanism,
- char *buf, CK_ULONG *key_length, PRBool faulty3DES)
-{
- SECItem *pbe_key = NULL, iv, pwitem;
- CK_PBE_PARAMS *pbe_params = NULL;
-
- *key_length = 0;
- iv.data = NULL; iv.len = 0;
-
- pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
-
- pwitem.data = (unsigned char *)pbe_params->pPassword;
- pwitem.len = (unsigned int)pbe_params->ulPasswordLen;
- pbe_key = nsspkcs5_ComputeKeyAndIV(pkcs5_pbe, &pwitem, &iv, faulty3DES);
- if (pbe_key == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- PORT_Memcpy(buf, pbe_key->data, pbe_key->len);
- *key_length = pbe_key->len;
- SECITEM_ZfreeItem(pbe_key, PR_TRUE);
- pbe_key = NULL;
-
- if (iv.data && pbe_params->pInitVector == NULL) {
- pbe_params->pInitVector = (CK_CHAR_PTR)PORT_ZAlloc(pbe_key->len);
- if (pbe_params->pInitVector == NULL) {
- return CKR_HOST_MEMORY;
- }
- PORT_Memcpy(pbe_params->pInitVector, iv.data, iv.len);
- }
- return CKR_OK;
-}
-
-
-static CK_RV
-nsc_SetupBulkKeyGen(CK_MECHANISM_TYPE mechanism, CK_KEY_TYPE *key_type,
- CK_ULONG *key_length)
-{
- CK_RV crv = CKR_OK;
-
- switch (mechanism) {
- case CKM_RC2_KEY_GEN:
- *key_type = CKK_RC2;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
-#if NSS_SOFTOKEN_DOES_RC5
- case CKM_RC5_KEY_GEN:
- *key_type = CKK_RC5;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
-#endif
- case CKM_RC4_KEY_GEN:
- *key_type = CKK_RC4;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- case CKM_GENERIC_SECRET_KEY_GEN:
- *key_type = CKK_GENERIC_SECRET;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- case CKM_CDMF_KEY_GEN:
- *key_type = CKK_CDMF;
- *key_length = 8;
- break;
- case CKM_DES_KEY_GEN:
- *key_type = CKK_DES;
- *key_length = 8;
- break;
- case CKM_DES2_KEY_GEN:
- *key_type = CKK_DES2;
- *key_length = 16;
- break;
- case CKM_DES3_KEY_GEN:
- *key_type = CKK_DES3;
- *key_length = 24;
- break;
- case CKM_AES_KEY_GEN:
- *key_type = CKK_AES;
- if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- default:
- PORT_Assert(0);
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- return crv;
-}
-
-CK_RV
-nsc_SetupHMACKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter **pbe)
-{
- SECItem salt;
- CK_PBE_PARAMS *pbe_params = NULL;
- NSSPKCS5PBEParameter *params;
- PRArenaPool *arena = NULL;
- SECStatus rv;
-
- *pbe = NULL;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (arena == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- params = (NSSPKCS5PBEParameter *) PORT_ArenaZAlloc(arena,
- sizeof(NSSPKCS5PBEParameter));
- if (params == NULL) {
- PORT_FreeArena(arena,PR_TRUE);
- return CKR_HOST_MEMORY;
- }
-
- params->poolp = arena;
- params->ivLen = 0;
- params->pbeType = NSSPKCS5_PKCS12_V2;
- params->hashType = HASH_AlgSHA1;
- params->encAlg = SEC_OID_SHA1; /* any invalid value */
- params->is2KeyDES = PR_FALSE;
- params->keyID = pbeBitGenIntegrityKey;
- pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
- params->iter = pbe_params->ulIteration;
-
- salt.data = (unsigned char *)pbe_params->pSalt;
- salt.len = (unsigned int)pbe_params->ulSaltLen;
- rv = SECITEM_CopyItem(arena,&params->salt,&salt);
- if (rv != SECSuccess) {
- PORT_FreeArena(arena,PR_TRUE);
- return CKR_HOST_MEMORY;
- }
- switch (pMechanism->mechanism) {
- case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
- case CKM_PBA_SHA1_WITH_SHA1_HMAC:
- params->hashType = HASH_AlgSHA1;
- params->keyLen = 20;
- break;
- case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
- params->hashType = HASH_AlgMD5;
- params->keyLen = 16;
- break;
- case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
- params->hashType = HASH_AlgMD2;
- params->keyLen = 16;
- break;
- default:
- PORT_FreeArena(arena,PR_TRUE);
- return CKR_MECHANISM_INVALID;
- }
- *pbe = params;
- return CKR_OK;
-}
-/* maybe this should be table driven? */
-static CK_RV
-nsc_SetupPBEKeyGen(CK_MECHANISM_PTR pMechanism, NSSPKCS5PBEParameter **pbe,
- CK_KEY_TYPE *key_type)
-{
- CK_RV crv = CKR_OK;
- SECOidData *oid;
- CK_PBE_PARAMS *pbe_params;
- NSSPKCS5PBEParameter *params;
- SECItem salt;
-
- *pbe = NULL;
-
- oid = SECOID_FindOIDByMechanism(pMechanism->mechanism);
- if (oid == NULL) {
- return CKR_MECHANISM_INVALID;
- }
-
- pbe_params = (CK_PBE_PARAMS *)pMechanism->pParameter;
- salt.data = (unsigned char *)pbe_params->pSalt;
- salt.len = (unsigned int)pbe_params->ulSaltLen;
-
- params=nsspkcs5_NewParam(oid->offset, &salt, pbe_params->ulIteration);
- if (params == NULL) {
- return CKR_MECHANISM_INVALID;
- }
-
-
- switch (params->encAlg) {
- case SEC_OID_DES_CBC:
- *key_type = CKK_DES;
- break;
- case SEC_OID_DES_EDE3_CBC:
- *key_type = params->is2KeyDES ? CKK_DES2 : CKK_DES3;
- break;
- case SEC_OID_RC2_CBC:
- *key_type = CKK_RC2;
- break;
- case SEC_OID_RC4:
- *key_type = CKK_RC4;
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- nsspkcs5_DestroyPBEParameter(params);
- break;
- }
- if (crv == CKR_OK) {
- *pbe = params;
- }
- return crv;
-}
-
-/* NSC_GenerateKey generates a secret key, creating a new key object. */
-CK_RV NSC_GenerateKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,
- CK_OBJECT_HANDLE_PTR phKey)
-{
- PK11Object *key;
- PK11Session *session;
- PRBool checkWeak = PR_FALSE;
- CK_ULONG key_length = 0;
- CK_KEY_TYPE key_type = CKK_INVALID_KEY_TYPE;
- CK_OBJECT_CLASS objclass = CKO_SECRET_KEY;
- CK_RV crv = CKR_OK;
- CK_BBOOL cktrue = CK_TRUE;
- int i;
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- char buf[MAX_KEY_LEN];
- enum {nsc_pbe, nsc_ssl, nsc_bulk} key_gen_type;
- NSSPKCS5PBEParameter *pbe_param;
- SSL3RSAPreMasterSecret *rsa_pms;
- CK_VERSION *version;
- /* in very old versions of NSS, there were implementation errors with key
- * generation methods. We want to beable to read these, but not
- * produce them any more. The affected algorithm was 3DES.
- */
- PRBool faultyPBE3DES = PR_FALSE;
-
-
- /*
- * now lets create an object to hang the attributes off of
- */
- key = pk11_NewObject(slot); /* fill in the handle later */
- if (key == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulCount; i++) {
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG *)pTemplate[i].pValue;
- continue;
- }
-
- crv = pk11_AddAttributeType(key,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) break;
- }
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- return crv;
- }
-
- /* make sure we don't have any class, key_type, or value fields */
- pk11_DeleteAttributeType(key,CKA_CLASS);
- pk11_DeleteAttributeType(key,CKA_KEY_TYPE);
- pk11_DeleteAttributeType(key,CKA_VALUE);
-
- /* Now Set up the parameters to generate the key (based on mechanism) */
- key_gen_type = nsc_bulk; /* bulk key by default */
- switch (pMechanism->mechanism) {
- case CKM_CDMF_KEY_GEN:
- case CKM_DES_KEY_GEN:
- case CKM_DES2_KEY_GEN:
- case CKM_DES3_KEY_GEN:
- checkWeak = PR_TRUE;
- case CKM_RC2_KEY_GEN:
- case CKM_RC4_KEY_GEN:
- case CKM_GENERIC_SECRET_KEY_GEN:
- case CKM_AES_KEY_GEN:
-#if NSS_SOFTOKEN_DOES_RC5
- case CKM_RC5_KEY_GEN:
-#endif
- crv = nsc_SetupBulkKeyGen(pMechanism->mechanism,&key_type,&key_length);
- break;
- case CKM_SSL3_PRE_MASTER_KEY_GEN:
- key_type = CKK_GENERIC_SECRET;
- key_length = 48;
- key_gen_type = nsc_ssl;
- break;
- case CKM_PBA_SHA1_WITH_SHA1_HMAC:
- case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
- case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
- key_gen_type = nsc_pbe;
- key_type = CKK_GENERIC_SECRET;
- crv = nsc_SetupHMACKeyGen(pMechanism, &pbe_param);
- break;
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- faultyPBE3DES = PR_TRUE;
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- case CKM_PBE_SHA1_RC2_128_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- case CKM_PBE_SHA1_RC4_128:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_PBE_MD2_DES_CBC:
- key_gen_type = nsc_pbe;
- crv = nsc_SetupPBEKeyGen(pMechanism,&pbe_param, &key_type);
- break;
- default:
- crv = CKR_MECHANISM_INVALID;
- break;
- }
-
- /* make sure we aren't going to overflow the buffer */
- if (sizeof(buf) < key_length) {
- /* someone is getting pretty optimistic about how big their key can
- * be... */
- crv = CKR_TEMPLATE_INCONSISTENT;
- }
-
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
- /* if there was no error,
- * key_type *MUST* be set in the switch statement above */
- PORT_Assert( key_type != CKK_INVALID_KEY_TYPE );
-
- /*
- * now to the actual key gen.
- */
- switch (key_gen_type) {
- case nsc_pbe:
- crv = nsc_pbe_key_gen(pbe_param, pMechanism, buf, &key_length,
- faultyPBE3DES);
- nsspkcs5_DestroyPBEParameter(pbe_param);
- break;
- case nsc_ssl:
- rsa_pms = (SSL3RSAPreMasterSecret *)buf;
- version = (CK_VERSION *)pMechanism->pParameter;
- rsa_pms->client_version[0] = version->major;
- rsa_pms->client_version[1] = version->minor;
- crv =
- NSC_GenerateRandom(0,&rsa_pms->random[0], sizeof(rsa_pms->random));
- break;
- case nsc_bulk:
- /* get the key, check for weak keys and repeat if found */
- do {
- crv = NSC_GenerateRandom(0, (unsigned char *)buf, key_length);
- } while (crv == CKR_OK && checkWeak &&
- pk11_IsWeakKey((unsigned char *)buf,key_type));
- break;
- }
-
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
- /* Add the class, key_type, and value */
- crv = pk11_AddAttributeType(key,CKA_CLASS,&objclass,sizeof(CK_OBJECT_CLASS));
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
- crv = pk11_AddAttributeType(key,CKA_KEY_TYPE,&key_type,sizeof(CK_KEY_TYPE));
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
- crv = pk11_AddAttributeType(key,CKA_CLASS,&objclass,sizeof(CK_OBJECT_CLASS));
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
- crv = pk11_AddAttributeType(key,CKA_VALUE,buf,key_length);
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
- /* get the session */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(key);
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- /*
- * handle the base object stuff
- */
- crv = pk11_handleObject(key,session);
- pk11_FreeSession(session);
- if (pk11_isTrue(key,CKA_SENSITIVE)) {
- pk11_forceAttribute(key,CKA_ALWAYS_SENSITIVE,&cktrue,sizeof(CK_BBOOL));
- }
- if (!pk11_isTrue(key,CKA_EXTRACTABLE)) {
- pk11_forceAttribute(key,CKA_NEVER_EXTRACTABLE,&cktrue,sizeof(CK_BBOOL));
- }
-
- *phKey = key->handle;
- pk11_FreeObject(key);
- return crv;
-}
-
-
-
-/* NSC_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
-CK_RV NSC_GenerateKeyPair (CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
- CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
- CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPrivateKey,
- CK_OBJECT_HANDLE_PTR phPublicKey)
-{
- PK11Object * publicKey,*privateKey;
- PK11Session * session;
- CK_KEY_TYPE key_type;
- CK_RV crv = CKR_OK;
- CK_BBOOL cktrue = CK_TRUE;
- SECStatus rv;
- CK_OBJECT_CLASS pubClass = CKO_PUBLIC_KEY;
- CK_OBJECT_CLASS privClass = CKO_PRIVATE_KEY;
- int i;
- PK11Slot * slot = pk11_SlotFromSessionHandle(hSession);
-
- /* RSA */
- int public_modulus_bits = 0;
- SECItem pubExp;
- RSAPrivateKey * rsaPriv;
-
- /* DSA */
- PQGParams pqgParam;
- DHParams dhParam;
- DSAPrivateKey * dsaPriv;
-
- /* Diffie Hellman */
- int private_value_bits = 0;
- DHPrivateKey * dhPriv;
-
- /*
- * now lets create an object to hang the attributes off of
- */
- publicKey = pk11_NewObject(slot); /* fill in the handle later */
- if (publicKey == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the publicKey
- */
- for (i=0; i < (int) ulPublicKeyAttributeCount; i++) {
- if (pPublicKeyTemplate[i].type == CKA_MODULUS_BITS) {
- public_modulus_bits = *(CK_ULONG *)pPublicKeyTemplate[i].pValue;
- continue;
- }
-
- crv = pk11_AddAttributeType(publicKey,
- pk11_attr_expand(&pPublicKeyTemplate[i]));
- if (crv != CKR_OK) break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeObject(publicKey);
- return CKR_HOST_MEMORY;
- }
-
- privateKey = pk11_NewObject(slot); /* fill in the handle later */
- if (privateKey == NULL) {
- pk11_FreeObject(publicKey);
- return CKR_HOST_MEMORY;
- }
- /*
- * now load the private key template
- */
- for (i=0; i < (int) ulPrivateKeyAttributeCount; i++) {
- if (pPrivateKeyTemplate[i].type == CKA_VALUE_BITS) {
- private_value_bits = *(CK_ULONG *)pPrivateKeyTemplate[i].pValue;
- continue;
- }
-
- crv = pk11_AddAttributeType(privateKey,
- pk11_attr_expand(&pPrivateKeyTemplate[i]));
- if (crv != CKR_OK) break;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeObject(publicKey);
- pk11_FreeObject(privateKey);
- return CKR_HOST_MEMORY;
- }
- pk11_DeleteAttributeType(privateKey,CKA_CLASS);
- pk11_DeleteAttributeType(privateKey,CKA_KEY_TYPE);
- pk11_DeleteAttributeType(privateKey,CKA_VALUE);
- pk11_DeleteAttributeType(publicKey,CKA_CLASS);
- pk11_DeleteAttributeType(publicKey,CKA_KEY_TYPE);
- pk11_DeleteAttributeType(publicKey,CKA_VALUE);
-
- /* Now Set up the parameters to generate the key (based on mechanism) */
- switch (pMechanism->mechanism) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- /* format the keys */
- pk11_DeleteAttributeType(publicKey,CKA_MODULUS);
- pk11_DeleteAttributeType(privateKey,CKA_NETSCAPE_DB);
- pk11_DeleteAttributeType(privateKey,CKA_MODULUS);
- pk11_DeleteAttributeType(privateKey,CKA_PRIVATE_EXPONENT);
- pk11_DeleteAttributeType(privateKey,CKA_PUBLIC_EXPONENT);
- pk11_DeleteAttributeType(privateKey,CKA_PRIME_1);
- pk11_DeleteAttributeType(privateKey,CKA_PRIME_2);
- pk11_DeleteAttributeType(privateKey,CKA_EXPONENT_1);
- pk11_DeleteAttributeType(privateKey,CKA_EXPONENT_2);
- pk11_DeleteAttributeType(privateKey,CKA_COEFFICIENT);
- key_type = CKK_RSA;
- if (public_modulus_bits == 0) {
- crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- }
-
- /* extract the exponent */
- crv=pk11_Attribute2SSecItem(NULL,&pubExp,publicKey,CKA_PUBLIC_EXPONENT);
- if (crv != CKR_OK) break;
- crv = pk11_AddAttributeType(privateKey,CKA_PUBLIC_EXPONENT,
- pk11_item_expand(&pubExp));
- if (crv != CKR_OK) {
- PORT_Free(pubExp.data);
- break;
- }
-
- rsaPriv = RSA_NewKey(public_modulus_bits, &pubExp);
- PORT_Free(pubExp.data);
- if (rsaPriv == NULL) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
- /* now fill in the RSA dependent paramenters in the public key */
- crv = pk11_AddAttributeType(publicKey,CKA_MODULUS,
- pk11_item_expand(&rsaPriv->modulus));
- if (crv != CKR_OK) goto kpg_done;
- /* now fill in the RSA dependent paramenters in the private key */
- crv = pk11_AddAttributeType(privateKey,CKA_NETSCAPE_DB,
- pk11_item_expand(&rsaPriv->modulus));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_MODULUS,
- pk11_item_expand(&rsaPriv->modulus));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_PRIVATE_EXPONENT,
- pk11_item_expand(&rsaPriv->privateExponent));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_PRIME_1,
- pk11_item_expand(&rsaPriv->prime1));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_PRIME_2,
- pk11_item_expand(&rsaPriv->prime2));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_EXPONENT_1,
- pk11_item_expand(&rsaPriv->exponent1));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_EXPONENT_2,
- pk11_item_expand(&rsaPriv->exponent2));
- if (crv != CKR_OK) goto kpg_done;
- crv = pk11_AddAttributeType(privateKey,CKA_COEFFICIENT,
- pk11_item_expand(&rsaPriv->coefficient));
-kpg_done:
- /* Should zeroize the contents first, since this func doesn't. */
- PORT_FreeArena(rsaPriv->arena, PR_TRUE);
- break;
- case CKM_DSA_KEY_PAIR_GEN:
- pk11_DeleteAttributeType(publicKey,CKA_VALUE);
- pk11_DeleteAttributeType(privateKey,CKA_NETSCAPE_DB);
- pk11_DeleteAttributeType(privateKey,CKA_PRIME);
- pk11_DeleteAttributeType(privateKey,CKA_SUBPRIME);
- pk11_DeleteAttributeType(privateKey,CKA_BASE);
- key_type = CKK_DSA;
-
- /* extract the necessary paramters and copy them to the private key */
- crv=pk11_Attribute2SSecItem(NULL,&pqgParam.prime,publicKey,CKA_PRIME);
- if (crv != CKR_OK) break;
- crv=pk11_Attribute2SSecItem(NULL,&pqgParam.subPrime,publicKey,
- CKA_SUBPRIME);
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- break;
- }
- crv=pk11_Attribute2SSecItem(NULL,&pqgParam.base,publicKey,CKA_BASE);
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey,CKA_PRIME,
- pk11_item_expand(&pqgParam.prime));
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- PORT_Free(pqgParam.base.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey,CKA_SUBPRIME,
- pk11_item_expand(&pqgParam.subPrime));
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- PORT_Free(pqgParam.base.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey,CKA_BASE,
- pk11_item_expand(&pqgParam.base));
- if (crv != CKR_OK) {
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- PORT_Free(pqgParam.base.data);
- break;
- }
-
- /* Generate the key */
- rv = DSA_NewKey(&pqgParam, &dsaPriv);
-
- PORT_Free(pqgParam.prime.data);
- PORT_Free(pqgParam.subPrime.data);
- PORT_Free(pqgParam.base.data);
-
- if (rv != SECSuccess) { crv = CKR_DEVICE_ERROR; break; }
-
- /* store the generated key into the attributes */
- crv = pk11_AddAttributeType(publicKey,CKA_VALUE,
- pk11_item_expand(&dsaPriv->publicValue));
- if (crv != CKR_OK) goto dsagn_done;
-
- /* now fill in the RSA dependent paramenters in the private key */
- crv = pk11_AddAttributeType(privateKey,CKA_NETSCAPE_DB,
- pk11_item_expand(&dsaPriv->publicValue));
- if (crv != CKR_OK) goto dsagn_done;
- crv = pk11_AddAttributeType(privateKey,CKA_VALUE,
- pk11_item_expand(&dsaPriv->privateValue));
-
-dsagn_done:
- /* should zeroize, since this function doesn't. */
- PORT_FreeArena(dsaPriv->params.arena, PR_TRUE);
- break;
-
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- pk11_DeleteAttributeType(privateKey,CKA_PRIME);
- pk11_DeleteAttributeType(privateKey,CKA_BASE);
- pk11_DeleteAttributeType(privateKey,CKA_VALUE);
- key_type = CKK_DH;
-
- /* extract the necessary parameters and copy them to private keys */
- crv = pk11_Attribute2SSecItem(NULL, &dhParam.prime, publicKey,
- CKA_PRIME);
- if (crv != CKR_OK) break;
- crv = pk11_Attribute2SSecItem(NULL, &dhParam.base, publicKey, CKA_BASE);
- if (crv != CKR_OK) {
- PORT_Free(dhParam.prime.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey, CKA_PRIME,
- pk11_item_expand(&dhParam.prime));
- if (crv != CKR_OK) {
- PORT_Free(dhParam.prime.data);
- PORT_Free(dhParam.base.data);
- break;
- }
- crv = pk11_AddAttributeType(privateKey, CKA_BASE,
- pk11_item_expand(&dhParam.base));
- if (crv != CKR_OK) goto dhgn_done;
-
- rv = DH_NewKey(&dhParam, &dhPriv);
- PORT_Free(dhParam.prime.data);
- PORT_Free(dhParam.base.data);
- if (rv != SECSuccess) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
-
- crv=pk11_AddAttributeType(publicKey, CKA_VALUE,
- pk11_item_expand(&dhPriv->publicValue));
- if (crv != CKR_OK) goto dhgn_done;
-
- crv=pk11_AddAttributeType(privateKey, CKA_VALUE,
- pk11_item_expand(&dhPriv->privateValue));
-
-dhgn_done:
- /* should zeroize, since this function doesn't. */
- PORT_FreeArena(dhPriv->arena, PR_TRUE);
- break;
-
- default:
- crv = CKR_MECHANISM_INVALID;
- }
-
- if (crv != CKR_OK) {
- pk11_FreeObject(privateKey);
- pk11_FreeObject(publicKey);
- return crv;
- }
-
-
- /* Add the class, key_type The loop lets us check errors blow out
- * on errors and clean up at the bottom */
- session = NULL; /* make pedtantic happy... session cannot leave the*/
- /* loop below NULL unless an error is set... */
- do {
- crv = pk11_AddAttributeType(privateKey,CKA_CLASS,&privClass,
- sizeof(CK_OBJECT_CLASS));
- if (crv != CKR_OK) break;
- crv = pk11_AddAttributeType(publicKey,CKA_CLASS,&pubClass,
- sizeof(CK_OBJECT_CLASS));
- if (crv != CKR_OK) break;
- crv = pk11_AddAttributeType(privateKey,CKA_KEY_TYPE,&key_type,
- sizeof(CK_KEY_TYPE));
- if (crv != CKR_OK) break;
- crv = pk11_AddAttributeType(publicKey,CKA_KEY_TYPE,&key_type,
- sizeof(CK_KEY_TYPE));
- if (crv != CKR_OK) break;
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) crv = CKR_SESSION_HANDLE_INVALID;
- } while (0);
-
- if (crv != CKR_OK) {
- pk11_FreeObject(privateKey);
- pk11_FreeObject(publicKey);
- return crv;
- }
-
- /*
- * handle the base object cleanup for the public Key
- */
- crv = pk11_handleObject(privateKey,session);
- if (crv != CKR_OK) {
- pk11_FreeSession(session);
- pk11_FreeObject(privateKey);
- pk11_FreeObject(publicKey);
- return crv;
- }
-
- /*
- * handle the base object cleanup for the private Key
- * If we have any problems, we destroy the public Key we've
- * created and linked.
- */
- crv = pk11_handleObject(publicKey,session);
- pk11_FreeSession(session);
- if (crv != CKR_OK) {
- pk11_FreeObject(publicKey);
- NSC_DestroyObject(hSession,privateKey->handle);
- pk11_FreeObject(privateKey);
- return crv;
- }
- if (pk11_isTrue(privateKey,CKA_SENSITIVE)) {
- pk11_forceAttribute(privateKey,CKA_ALWAYS_SENSITIVE,
- &cktrue,sizeof(CK_BBOOL));
- }
- if (pk11_isTrue(publicKey,CKA_SENSITIVE)) {
- pk11_forceAttribute(publicKey,CKA_ALWAYS_SENSITIVE,
- &cktrue,sizeof(CK_BBOOL));
- }
- if (!pk11_isTrue(privateKey,CKA_EXTRACTABLE)) {
- pk11_forceAttribute(privateKey,CKA_NEVER_EXTRACTABLE,
- &cktrue,sizeof(CK_BBOOL));
- }
- if (!pk11_isTrue(publicKey,CKA_EXTRACTABLE)) {
- pk11_forceAttribute(publicKey,CKA_NEVER_EXTRACTABLE,
- &cktrue,sizeof(CK_BBOOL));
- }
- *phPrivateKey = privateKey->handle;
- *phPublicKey = publicKey->handle;
- pk11_FreeObject(publicKey);
- pk11_FreeObject(privateKey);
-
- return CKR_OK;
-}
-
-static SECItem *pk11_PackagePrivateKey(PK11Object *key)
-{
- NSSLOWKEYPrivateKey *lk = NULL;
- NSSLOWKEYPrivateKeyInfo *pki = NULL;
- PK11Attribute *attribute = NULL;
- PLArenaPool *arena = NULL;
- SECOidTag algorithm = SEC_OID_UNKNOWN;
- void *dummy, *param = NULL;
- SECStatus rv = SECSuccess;
- SECItem *encodedKey = NULL;
-
- if(!key) {
- return NULL;
- }
-
- attribute = pk11_FindAttribute(key, CKA_KEY_TYPE);
- if(!attribute) {
- return NULL;
- }
-
- lk = pk11_GetPrivKey(key, *(CK_KEY_TYPE *)attribute->attrib.pValue);
- pk11_FreeAttribute(attribute);
- if(!lk) {
- return NULL;
- }
-
- arena = PORT_NewArena(2048); /* XXX different size? */
- if(!arena) {
- rv = SECFailure;
- goto loser;
- }
-
- pki = (NSSLOWKEYPrivateKeyInfo*)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPrivateKeyInfo));
- if(!pki) {
- rv = SECFailure;
- goto loser;
- }
- pki->arena = arena;
-
- param = NULL;
- switch(lk->keyType) {
- case NSSLOWKEYRSAKey:
- dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
- nsslowkey_RSAPrivateKeyTemplate);
- algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION;
- break;
- case NSSLOWKEYDSAKey:
- dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk,
- nsslowkey_DSAPrivateKeyExportTemplate);
- param = SEC_ASN1EncodeItem(NULL, NULL, &(lk->u.dsa.params),
- nsslowkey_PQGParamsTemplate);
- algorithm = SEC_OID_ANSIX9_DSA_SIGNATURE;
- break;
- case NSSLOWKEYDHKey:
- default:
- dummy = NULL;
- break;
- }
-
- if(!dummy || ((lk->keyType == NSSLOWKEYDSAKey) && !param)) {
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &pki->algorithm, algorithm,
- (SECItem*)param);
- if(rv != SECSuccess) {
- rv = SECFailure;
- goto loser;
- }
-
- dummy = SEC_ASN1EncodeInteger(arena, &pki->version,
- NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
- if(!dummy) {
- rv = SECFailure;
- goto loser;
- }
-
- encodedKey = SEC_ASN1EncodeItem(NULL, NULL, pki,
- nsslowkey_PrivateKeyInfoTemplate);
-
-loser:
- if(arena) {
- PORT_FreeArena(arena, PR_TRUE);
- }
-
- if(lk && (lk != key->objectInfo)) {
- nsslowkey_DestroyPrivateKey(lk);
- }
-
- if(param) {
- SECITEM_ZfreeItem((SECItem*)param, PR_TRUE);
- }
-
- if(rv != SECSuccess) {
- return NULL;
- }
-
- return encodedKey;
-}
-
-/* it doesn't matter yet, since we colapse error conditions in the
- * level above, but we really should map those few key error differences */
-CK_RV pk11_mapWrap(CK_RV crv) { return crv; }
-
-/* NSC_WrapKey wraps (i.e., encrypts) a key. */
-CK_RV NSC_WrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
- CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
- CK_ULONG_PTR pulWrappedKeyLen)
-{
- PK11Session *session;
- PK11Attribute *attribute;
- PK11Object *key;
- CK_RV crv;
- PRBool isLynks = PR_FALSE;
- CK_ULONG len = 0;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- key = pk11_ObjectFromHandle(hKey,session);
- pk11_FreeSession(session);
- if (key == NULL) {
- return CKR_KEY_HANDLE_INVALID;
- }
-
- switch(key->objclass) {
- case CKO_SECRET_KEY:
- attribute = pk11_FindAttribute(key,CKA_VALUE);
-
- if (attribute == NULL) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- if (pMechanism->mechanism == CKM_KEY_WRAP_LYNKS) {
- isLynks = PR_TRUE;
- pMechanism->mechanism = CKM_DES_ECB;
- len = *pulWrappedKeyLen;
- }
-
- crv = pk11_CryptInit(hSession, pMechanism, hWrappingKey,
- CKA_WRAP, PK11_ENCRYPT, PR_TRUE);
- if (crv != CKR_OK) {
- pk11_FreeAttribute(attribute);
- break;
- }
- crv = NSC_Encrypt(hSession, (CK_BYTE_PTR)attribute->attrib.pValue,
- attribute->attrib.ulValueLen,pWrappedKey,pulWrappedKeyLen);
-
- if (isLynks && (crv == CKR_OK)) {
- unsigned char buf[2];
- crv = pk11_calcLynxChecksum(hSession,hWrappingKey,buf,
- (unsigned char*)attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- if (len >= 10) {
- pWrappedKey[8] = buf[0];
- pWrappedKey[9] = buf[1];
- *pulWrappedKeyLen = 10;
- }
- }
- pk11_FreeAttribute(attribute);
- break;
-
- case CKO_PRIVATE_KEY:
- {
- SECItem *bpki = pk11_PackagePrivateKey(key);
-
- if(!bpki) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
-
- crv = pk11_CryptInit(hSession, pMechanism, hWrappingKey,
- CKA_WRAP, PK11_ENCRYPT, PR_TRUE);
- if(crv != CKR_OK) {
- SECITEM_ZfreeItem(bpki, PR_TRUE);
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
-
- crv = NSC_Encrypt(hSession, bpki->data, bpki->len,
- pWrappedKey, pulWrappedKeyLen);
- SECITEM_ZfreeItem(bpki, PR_TRUE);
- break;
- }
-
- default:
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- pk11_FreeObject(key);
-
- return pk11_mapWrap(crv);
-}
-
-/*
- * import a pprivate key info into the desired slot
- */
-static SECStatus
-pk11_unwrapPrivateKey(PK11Object *key, SECItem *bpki)
-{
- CK_BBOOL cktrue = CK_TRUE;
- CK_KEY_TYPE keyType = CKK_RSA;
- SECStatus rv = SECFailure;
- const SEC_ASN1Template *keyTemplate, *paramTemplate;
- void *paramDest = NULL;
- PLArenaPool *arena;
- NSSLOWKEYPrivateKey *lpk = NULL;
- NSSLOWKEYPrivateKeyInfo *pki = NULL;
- SECItem *ck_id = NULL;
- CK_RV crv = CKR_KEY_TYPE_INCONSISTENT;
-
- arena = PORT_NewArena(2048);
- if(!arena) {
- return SECFailure;
- }
-
- pki = (NSSLOWKEYPrivateKeyInfo*)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPrivateKeyInfo));
- if(!pki) {
- PORT_FreeArena(arena, PR_TRUE);
- return SECFailure;
- }
-
- if(SEC_ASN1DecodeItem(arena, pki, nsslowkey_PrivateKeyInfoTemplate, bpki)
- != SECSuccess) {
- PORT_FreeArena(arena, PR_FALSE);
- return SECFailure;
- }
-
- lpk = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc(arena,
- sizeof(NSSLOWKEYPrivateKey));
- if(lpk == NULL) {
- goto loser;
- }
- lpk->arena = arena;
-
- switch(SECOID_GetAlgorithmTag(&pki->algorithm)) {
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- keyTemplate = nsslowkey_RSAPrivateKeyTemplate;
- paramTemplate = NULL;
- paramDest = NULL;
- lpk->keyType = NSSLOWKEYRSAKey;
- break;
- case SEC_OID_ANSIX9_DSA_SIGNATURE:
- keyTemplate = nsslowkey_DSAPrivateKeyExportTemplate;
- paramTemplate = nsslowkey_PQGParamsTemplate;
- paramDest = &(lpk->u.dsa.params);
- lpk->keyType = NSSLOWKEYDSAKey;
- break;
- /* case NSSLOWKEYDHKey: */
- default:
- keyTemplate = NULL;
- paramTemplate = NULL;
- paramDest = NULL;
- break;
- }
-
- if(!keyTemplate) {
- goto loser;
- }
-
- /* decode the private key and any algorithm parameters */
- rv = SEC_ASN1DecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
- if(rv != SECSuccess) {
- goto loser;
- }
- if(paramDest && paramTemplate) {
- rv = SEC_ASN1DecodeItem(arena, paramDest, paramTemplate,
- &(pki->algorithm.parameters));
- if(rv != SECSuccess) {
- goto loser;
- }
- }
-
- rv = SECFailure;
-
- switch (lpk->keyType) {
- case NSSLOWKEYRSAKey:
- keyType = CKK_RSA;
- if(pk11_hasAttribute(key, CKA_NETSCAPE_DB)) {
- pk11_DeleteAttributeType(key, CKA_NETSCAPE_DB);
- }
- crv = pk11_AddAttributeType(key, CKA_KEY_TYPE, &keyType,
- sizeof(keyType));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_UNWRAP, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_DECRYPT, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SIGN, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SIGN_RECOVER, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_MODULUS,
- pk11_item_expand(&lpk->u.rsa.modulus));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PUBLIC_EXPONENT,
- pk11_item_expand(&lpk->u.rsa.publicExponent));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PRIVATE_EXPONENT,
- pk11_item_expand(&lpk->u.rsa.privateExponent));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PRIME_1,
- pk11_item_expand(&lpk->u.rsa.prime1));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PRIME_2,
- pk11_item_expand(&lpk->u.rsa.prime2));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_EXPONENT_1,
- pk11_item_expand(&lpk->u.rsa.exponent1));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_EXPONENT_2,
- pk11_item_expand(&lpk->u.rsa.exponent2));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_COEFFICIENT,
- pk11_item_expand(&lpk->u.rsa.coefficient));
- break;
- case NSSLOWKEYDSAKey:
- keyType = CKK_DSA;
- crv = (pk11_hasAttribute(key, CKA_NETSCAPE_DB)) ? CKR_OK :
- CKR_KEY_TYPE_INCONSISTENT;
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_KEY_TYPE, &keyType,
- sizeof(keyType));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SIGN, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SIGN_RECOVER, &cktrue,
- sizeof(CK_BBOOL));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_PRIME,
- pk11_item_expand(&lpk->u.dsa.params.prime));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_SUBPRIME,
- pk11_item_expand(&lpk->u.dsa.params.subPrime));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_BASE,
- pk11_item_expand(&lpk->u.dsa.params.base));
- if(crv != CKR_OK) break;
- crv = pk11_AddAttributeType(key, CKA_VALUE,
- pk11_item_expand(&lpk->u.dsa.privateValue));
- if(crv != CKR_OK) break;
- break;
-#ifdef notdef
- case NSSLOWKEYDHKey:
- template = dhTemplate;
- templateCount = sizeof(dhTemplate)/sizeof(CK_ATTRIBUTE);
- keyType = CKK_DH;
- break;
-#endif
- /* what about fortezza??? */
- default:
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
-
-loser:
- if(ck_id) {
- SECITEM_ZfreeItem(ck_id, PR_TRUE);
- }
-
- if(lpk) {
- nsslowkey_DestroyPrivateKey(lpk);
- }
-
- if(crv != CKR_OK) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-/* NSC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
-CK_RV NSC_UnwrapKey(CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
- CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey)
-{
- PK11Object *key = NULL;
- PK11Session *session;
- int key_length = 0;
- unsigned char * buf = NULL;
- CK_RV crv = CKR_OK;
- int i;
- CK_ULONG bsize = ulWrappedKeyLen;
- PK11Slot *slot = pk11_SlotFromSessionHandle(hSession);
- SECItem bpki;
- CK_OBJECT_CLASS target_type = CKO_SECRET_KEY;
- PRBool isLynks = PR_FALSE;
-
- /*
- * now lets create an object to hang the attributes off of
- */
- key = pk11_NewObject(slot); /* fill in the handle later */
- if (key == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulAttributeCount; i++) {
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- key_length = *(CK_ULONG *)pTemplate[i].pValue;
- continue;
- }
- if (pTemplate[i].type == CKA_CLASS) {
- target_type = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
- }
- crv = pk11_AddAttributeType(key,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) break;
- }
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- return crv;
- }
-
- /* LYNKS is a special key wrapping mechanism */
- if (pMechanism->mechanism == CKM_KEY_WRAP_LYNKS) {
- isLynks = PR_TRUE;
- pMechanism->mechanism = CKM_DES_ECB;
- ulWrappedKeyLen -= 2; /* don't decrypt the checksum */
- }
-
- crv = pk11_CryptInit(hSession,pMechanism,hUnwrappingKey,CKA_UNWRAP,
- PK11_DECRYPT, PR_FALSE);
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- return pk11_mapWrap(crv);
- }
-
- /* allocate the buffer to decrypt into
- * this assumes the unwrapped key is never larger than the
- * wrapped key. For all the mechanisms we support this is true */
- buf = (unsigned char *)PORT_Alloc( ulWrappedKeyLen);
- bsize = ulWrappedKeyLen;
-
- crv = NSC_Decrypt(hSession, pWrappedKey, ulWrappedKeyLen, buf, &bsize);
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- PORT_Free(buf);
- return pk11_mapWrap(crv);
- }
-
- switch(target_type) {
- case CKO_SECRET_KEY:
- if (!pk11_hasAttribute(key,CKA_KEY_TYPE)) {
- crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- }
-
- /* verify the Lynx checksum */
- if (isLynks) {
- unsigned char checkSum[2];
- crv = pk11_calcLynxChecksum(hSession,hUnwrappingKey,checkSum,
- buf,bsize);
- if (crv != CKR_OK) break;
- if ((ulWrappedKeyLen != 8) || (pWrappedKey[8] != checkSum[0])
- || (pWrappedKey[9] != checkSum[1])) {
- crv = CKR_WRAPPED_KEY_INVALID;
- break;
- }
- }
-
- if(key_length == 0) {
- key_length = bsize;
- }
- if (key_length > MAX_KEY_LEN) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
-
- /* add the value */
- crv = pk11_AddAttributeType(key,CKA_VALUE,buf,key_length);
- break;
- case CKO_PRIVATE_KEY:
- bpki.data = (unsigned char *)buf;
- bpki.len = bsize;
- crv = CKR_OK;
- if(pk11_unwrapPrivateKey(key, &bpki) != SECSuccess) {
- crv = CKR_TEMPLATE_INCOMPLETE;
- }
- break;
- default:
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
-
- PORT_ZFree(buf, bsize);
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
- /* get the session */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(key);
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- /*
- * handle the base object stuff
- */
- crv = pk11_handleObject(key,session);
- *phKey = key->handle;
- pk11_FreeSession(session);
- pk11_FreeObject(key);
-
- return crv;
-
-}
-
-/*
- * The SSL key gen mechanism create's lots of keys. This function handles the
- * details of each of these key creation.
- */
-static CK_RV
-pk11_buildSSLKey(CK_SESSION_HANDLE hSession, PK11Object *baseKey,
- PRBool isMacKey, unsigned char *keyBlock, unsigned int keySize,
- CK_OBJECT_HANDLE *keyHandle)
-{
- PK11Object *key;
- PK11Session *session;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_BBOOL cktrue = CK_TRUE;
- CK_BBOOL ckfalse = CK_FALSE;
- CK_RV crv = CKR_HOST_MEMORY;
-
- /*
- * now lets create an object to hang the attributes off of
- */
- *keyHandle = CK_INVALID_HANDLE;
- key = pk11_NewObject(baseKey->slot);
- if (key == NULL) return CKR_HOST_MEMORY;
- pk11_narrowToSessionObject(key)->wasDerived = PR_TRUE;
-
- crv = pk11_CopyObject(key,baseKey);
- if (crv != CKR_OK) goto loser;
- if (isMacKey) {
- crv = pk11_forceAttribute(key,CKA_KEY_TYPE,&keyType,sizeof(keyType));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_DERIVE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_ENCRYPT,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_DECRYPT,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_SIGN,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_VERIFY,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_WRAP,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- crv = pk11_forceAttribute(key,CKA_UNWRAP,&ckfalse,sizeof(CK_BBOOL));
- if (crv != CKR_OK) goto loser;
- }
- crv = pk11_forceAttribute(key,CKA_VALUE,keyBlock,keySize);
- if (crv != CKR_OK) goto loser;
-
- /* get the session */
- crv = CKR_HOST_MEMORY;
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) { goto loser; }
-
- crv = pk11_handleObject(key,session);
- pk11_FreeSession(session);
- *keyHandle = key->handle;
-loser:
- if (key) pk11_FreeObject(key);
- return crv;
-}
-
-/*
- * if there is an error, we need to free the keys we already created in SSL
- * This is the routine that will do it..
- */
-static void
-pk11_freeSSLKeys(CK_SESSION_HANDLE session,
- CK_SSL3_KEY_MAT_OUT *returnedMaterial ) {
- if (returnedMaterial->hClientMacSecret != CK_INVALID_HANDLE) {
- NSC_DestroyObject(session,returnedMaterial->hClientMacSecret);
- }
- if (returnedMaterial->hServerMacSecret != CK_INVALID_HANDLE) {
- NSC_DestroyObject(session, returnedMaterial->hServerMacSecret);
- }
- if (returnedMaterial->hClientKey != CK_INVALID_HANDLE) {
- NSC_DestroyObject(session, returnedMaterial->hClientKey);
- }
- if (returnedMaterial->hServerKey != CK_INVALID_HANDLE) {
- NSC_DestroyObject(session, returnedMaterial->hServerKey);
- }
-}
-
-/*
- * when deriving from sensitive and extractable keys, we need to preserve some
- * of the semantics in the derived key. This helper routine maintains these
- * semantics.
- */
-static CK_RV
-pk11_DeriveSensitiveCheck(PK11Object *baseKey,PK11Object *destKey) {
- PRBool hasSensitive;
- PRBool sensitive = PR_FALSE;
- PRBool hasExtractable;
- PRBool extractable = PR_TRUE;
- CK_RV crv = CKR_OK;
- PK11Attribute *att;
-
- hasSensitive = PR_FALSE;
- att = pk11_FindAttribute(destKey,CKA_SENSITIVE);
- if (att) {
- hasSensitive = PR_TRUE;
- sensitive = (PRBool) *(CK_BBOOL *)att->attrib.pValue;
- pk11_FreeAttribute(att);
- }
-
- hasExtractable = PR_FALSE;
- att = pk11_FindAttribute(destKey,CKA_EXTRACTABLE);
- if (att) {
- hasExtractable = PR_TRUE;
- extractable = (PRBool) *(CK_BBOOL *)att->attrib.pValue;
- pk11_FreeAttribute(att);
- }
-
-
- /* don't make a key more accessible */
- if (pk11_isTrue(baseKey,CKA_SENSITIVE) && hasSensitive &&
- (sensitive == PR_FALSE)) {
- return CKR_KEY_FUNCTION_NOT_PERMITTED;
- }
- if (!pk11_isTrue(baseKey,CKA_EXTRACTABLE) && hasExtractable &&
- (extractable == PR_TRUE)) {
- return CKR_KEY_FUNCTION_NOT_PERMITTED;
- }
-
- /* inherit parent's sensitivity */
- if (!hasSensitive) {
- att = pk11_FindAttribute(baseKey,CKA_SENSITIVE);
- if (att == NULL) return CKR_KEY_TYPE_INCONSISTENT;
- crv = pk11_defaultAttribute(destKey,pk11_attr_expand(&att->attrib));
- pk11_FreeAttribute(att);
- if (crv != CKR_OK) return crv;
- }
- if (!hasExtractable) {
- att = pk11_FindAttribute(baseKey,CKA_EXTRACTABLE);
- if (att == NULL) return CKR_KEY_TYPE_INCONSISTENT;
- crv = pk11_defaultAttribute(destKey,pk11_attr_expand(&att->attrib));
- pk11_FreeAttribute(att);
- if (crv != CKR_OK) return crv;
- }
-
- /* we should inherit the parent's always extractable/ never sensitive info,
- * but handleObject always forces this attributes, so we would need to do
- * something special. */
- return CKR_OK;
-}
-
-/*
- * make known fixed PKCS #11 key types to their sizes in bytes
- */
-static unsigned long
-pk11_MapKeySize(CK_KEY_TYPE keyType) {
- switch (keyType) {
- case CKK_CDMF:
- return 8;
- case CKK_DES:
- return 8;
- case CKK_DES2:
- return 16;
- case CKK_DES3:
- return 24;
- /* IDEA and CAST need to be added */
- default:
- break;
- }
- return 0;
-}
-
-#define PHASH_STATE_MAX_LEN 20
-
-/* TLS P_hash function */
-static SECStatus
-pk11_P_hash(HASH_HashType hashType, const SECItem *secret, const char *label,
- SECItem *seed, SECItem *result)
-{
- unsigned char state[PHASH_STATE_MAX_LEN];
- unsigned char outbuf[PHASH_STATE_MAX_LEN];
- unsigned int state_len = 0, label_len = 0, outbuf_len = 0, chunk_size;
- unsigned int remaining;
- unsigned char *res;
- SECStatus status;
- HMACContext *cx;
- SECStatus rv = SECFailure;
- const SECHashObject *hashObj = &SECRawHashObjects[hashType];
-
- PORT_Assert((secret != NULL) && (secret->data != NULL || !secret->len));
- PORT_Assert((seed != NULL) && (seed->data != NULL));
- PORT_Assert((result != NULL) && (result->data != NULL));
-
- remaining = result->len;
- res = result->data;
-
- if (label != NULL)
- label_len = PORT_Strlen(label);
-
- cx = HMAC_Create(hashObj, secret->data, secret->len);
- if (cx == NULL)
- goto loser;
-
- /* initialize the state = A(1) = HMAC_hash(secret, seed) */
- HMAC_Begin(cx);
- HMAC_Update(cx, (unsigned char *)label, label_len);
- HMAC_Update(cx, seed->data, seed->len);
- status = HMAC_Finish(cx, state, &state_len, PHASH_STATE_MAX_LEN);
- if (status != SECSuccess)
- goto loser;
-
- /* generate a block at a time until we're done */
- while (remaining > 0) {
-
- HMAC_Begin(cx);
- HMAC_Update(cx, state, state_len);
- if (label_len)
- HMAC_Update(cx, (unsigned char *)label, label_len);
- HMAC_Update(cx, seed->data, seed->len);
- status = HMAC_Finish(cx, outbuf, &outbuf_len, PHASH_STATE_MAX_LEN);
- if (status != SECSuccess)
- goto loser;
-
- /* Update the state = A(i) = HMAC_hash(secret, A(i-1)) */
- HMAC_Begin(cx);
- HMAC_Update(cx, state, state_len);
- status = HMAC_Finish(cx, state, &state_len, PHASH_STATE_MAX_LEN);
- if (status != SECSuccess)
- goto loser;
-
- chunk_size = PR_MIN(outbuf_len, remaining);
- PORT_Memcpy(res, &outbuf, chunk_size);
- res += chunk_size;
- remaining -= chunk_size;
- }
-
- rv = SECSuccess;
-
-loser:
- /* if (cx) HMAC_Destroy(cx); */
- /* clear out state so it's not left on the stack */
- if (cx) HMAC_Destroy(cx);
- PORT_Memset(state, 0, sizeof(state));
- PORT_Memset(outbuf, 0, sizeof(outbuf));
- return rv;
-}
-
-static SECStatus
-pk11_PRF(const SECItem *secret, const char *label, SECItem *seed,
- SECItem *result)
-{
- SECStatus rv = SECFailure, status;
- unsigned int i;
- SECItem tmp = { siBuffer, NULL, 0};
- SECItem S1;
- SECItem S2;
-
- PORT_Assert((secret != NULL) && (secret->data != NULL || !secret->len));
- PORT_Assert((seed != NULL) && (seed->data != NULL));
- PORT_Assert((result != NULL) && (result->data != NULL));
-
- S1.type = siBuffer;
- S1.len = (secret->len / 2) + (secret->len & 1);
- S1.data = secret->data;
-
- S2.type = siBuffer;
- S2.len = S1.len;
- S2.data = secret->data + (secret->len - S2.len);
-
- tmp.data = (unsigned char*)PORT_Alloc(result->len);
- if (tmp.data == NULL)
- goto loser;
- tmp.len = result->len;
-
- status = pk11_P_hash(HASH_AlgMD5, &S1, label, seed, result);
- if (status != SECSuccess)
- goto loser;
-
- status = pk11_P_hash(HASH_AlgSHA1, &S2, label, seed, &tmp);
- if (status != SECSuccess)
- goto loser;
-
- for (i = 0; i < result->len; i++)
- result->data[i] ^= tmp.data[i];
-
- rv = SECSuccess;
-
-loser:
- if (tmp.data != NULL)
- PORT_ZFree(tmp.data, tmp.len);
- return rv;
-}
-
-/*
- * SSL Key generation given pre master secret
- */
-#define NUM_MIXERS 9
-static const char * const mixers[NUM_MIXERS] = {
- "A",
- "BB",
- "CCC",
- "DDDD",
- "EEEEE",
- "FFFFFF",
- "GGGGGGG",
- "HHHHHHHH",
- "IIIIIIIII" };
-#define SSL3_PMS_LENGTH 48
-#define SSL3_MASTER_SECRET_LENGTH 48
-
-
-/* NSC_DeriveKey derives a key from a base key, creating a new key object. */
-CK_RV NSC_DeriveKey( CK_SESSION_HANDLE hSession,
- CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
- CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
- CK_OBJECT_HANDLE_PTR phKey)
-{
- PK11Session * session;
- PK11Slot * slot = pk11_SlotFromSessionHandle(hSession);
- PK11Object * key;
- PK11Object * sourceKey;
- PK11Attribute * att;
- PK11Attribute * att2;
- unsigned char * buf;
- SHA1Context * sha;
- MD5Context * md5;
- MD2Context * md2;
- CK_ULONG macSize;
- CK_ULONG tmpKeySize;
- CK_ULONG IVSize;
- CK_ULONG keySize = 0;
- CK_RV crv = CKR_OK;
- CK_BBOOL cktrue = CK_TRUE;
- CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
- CK_OBJECT_CLASS classType = CKO_SECRET_KEY;
- CK_KEY_DERIVATION_STRING_DATA *stringPtr;
- PRBool isTLS = PR_FALSE;
- PRBool isDH = PR_FALSE;
- SECStatus rv;
- int i;
- unsigned int outLen;
- unsigned char sha_out[SHA1_LENGTH];
- unsigned char key_block[NUM_MIXERS * MD5_LENGTH];
- unsigned char key_block2[MD5_LENGTH];
-
- /*
- * now lets create an object to hang the attributes off of
- */
- if (phKey) *phKey = CK_INVALID_HANDLE;
-
- key = pk11_NewObject(slot); /* fill in the handle later */
- if (key == NULL) {
- return CKR_HOST_MEMORY;
- }
-
- /*
- * load the template values into the object
- */
- for (i=0; i < (int) ulAttributeCount; i++) {
- crv = pk11_AddAttributeType(key,pk11_attr_expand(&pTemplate[i]));
- if (crv != CKR_OK) break;
-
- if (pTemplate[i].type == CKA_KEY_TYPE) {
- keyType = *(CK_KEY_TYPE *)pTemplate[i].pValue;
- }
- if (pTemplate[i].type == CKA_VALUE_LEN) {
- keySize = *(CK_ULONG *)pTemplate[i].pValue;
- }
- }
- if (crv != CKR_OK) { pk11_FreeObject(key); return crv; }
-
- if (keySize == 0) {
- keySize = pk11_MapKeySize(keyType);
- }
-
- /* Derive can only create SECRET KEY's currently... */
- classType = CKO_SECRET_KEY;
- crv = pk11_forceAttribute (key,CKA_CLASS,&classType,sizeof(classType));
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- return crv;
- }
-
- /* look up the base key we're deriving with */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(key);
- return CKR_SESSION_HANDLE_INVALID;
- }
-
- sourceKey = pk11_ObjectFromHandle(hBaseKey,session);
- pk11_FreeSession(session);
- if (sourceKey == NULL) {
- pk11_FreeObject(key);
- return CKR_KEY_HANDLE_INVALID;
- }
-
- /* don't use key derive to expose sensitive keys */
- crv = pk11_DeriveSensitiveCheck(sourceKey,key);
- if (crv != CKR_OK) {
- pk11_FreeObject(key);
- pk11_FreeObject(sourceKey);
- return crv;
- }
-
- /* get the value of the base key */
- att = pk11_FindAttribute(sourceKey,CKA_VALUE);
- if (att == NULL) {
- pk11_FreeObject(key);
- pk11_FreeObject(sourceKey);
- return CKR_KEY_HANDLE_INVALID;
- }
-
- switch (pMechanism->mechanism) {
- /*
- * generate the master secret
- */
- case CKM_TLS_MASTER_KEY_DERIVE:
- case CKM_TLS_MASTER_KEY_DERIVE_DH:
- isTLS = PR_TRUE;
- /* fall thru */
- case CKM_SSL3_MASTER_KEY_DERIVE:
- case CKM_SSL3_MASTER_KEY_DERIVE_DH:
- {
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS *ssl3_master;
- SSL3RSAPreMasterSecret *rsa_pms;
- if ((pMechanism->mechanism == CKM_SSL3_MASTER_KEY_DERIVE_DH) ||
- (pMechanism->mechanism == CKM_TLS_MASTER_KEY_DERIVE_DH))
- isDH = PR_TRUE;
-
- /* first do the consistancy checks */
- if (!isDH && (att->attrib.ulValueLen != SSL3_PMS_LENGTH)) {
- crv = CKR_KEY_TYPE_INCONSISTENT;
- break;
- }
- att2 = pk11_FindAttribute(sourceKey,CKA_KEY_TYPE);
- if ((att2 == NULL) || (*(CK_KEY_TYPE *)att2->attrib.pValue !=
- CKK_GENERIC_SECRET)) {
- if (att2) pk11_FreeAttribute(att2);
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
- pk11_FreeAttribute(att2);
- if (keyType != CKK_GENERIC_SECRET) {
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
- if ((keySize != 0) && (keySize != SSL3_MASTER_SECRET_LENGTH)) {
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
-
-
- /* finally do the key gen */
- ssl3_master = (CK_SSL3_MASTER_KEY_DERIVE_PARAMS *)
- pMechanism->pParameter;
- if (ssl3_master->pVersion) {
- PK11SessionObject *sessKey = pk11_narrowToSessionObject(key);
- rsa_pms = (SSL3RSAPreMasterSecret *) att->attrib.pValue;
- /* don't leak more key material then necessary for SSL to work */
- if ((sessKey == NULL) || sessKey->wasDerived) {
- ssl3_master->pVersion->major = 0xff;
- ssl3_master->pVersion->minor = 0xff;
- } else {
- ssl3_master->pVersion->major = rsa_pms->client_version[0];
- ssl3_master->pVersion->minor = rsa_pms->client_version[1];
- }
- }
- if (ssl3_master->RandomInfo.ulClientRandomLen != SSL3_RANDOM_LENGTH) {
- crv = CKR_MECHANISM_PARAM_INVALID;
- break;
- }
- if (ssl3_master->RandomInfo.ulServerRandomLen != SSL3_RANDOM_LENGTH) {
- crv = CKR_MECHANISM_PARAM_INVALID;
- break;
- }
-
- if (isTLS) {
- unsigned char crsrdata[SSL3_RANDOM_LENGTH * 2];
- SECItem crsr = { siBuffer, NULL, 0 };
- SECItem master = { siBuffer, NULL, 0 };
- SECItem pms = { siBuffer, NULL, 0 };
- SECStatus status;
-
- pms.data = (unsigned char*)att->attrib.pValue;
- pms.len = att->attrib.ulValueLen;
- master.data = key_block;
- master.len = SSL3_MASTER_SECRET_LENGTH;
- crsr.data = crsrdata;
- crsr.len = sizeof(crsrdata);
-
- PORT_Memcpy(crsrdata, ssl3_master->RandomInfo.pClientRandom,
- SSL3_RANDOM_LENGTH);
- PORT_Memcpy(crsrdata + SSL3_RANDOM_LENGTH,
- ssl3_master->RandomInfo.pServerRandom, SSL3_RANDOM_LENGTH);
-
- status = pk11_PRF(&pms, "master secret", &crsr, &master);
- if (status != SECSuccess) {
- crv = CKR_FUNCTION_FAILED;
- break;
- }
- } else {
- /* now allocate the hash contexts */
- md5 = MD5_NewContext();
- if (md5 == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- sha = SHA1_NewContext();
- if (sha == NULL) {
- PORT_Free(md5);
- crv = CKR_HOST_MEMORY;
- break;
- }
- for (i = 0; i < 3; i++) {
- SHA1_Begin(sha);
- SHA1_Update(sha, (unsigned char*) mixers[i], strlen(mixers[i]));
- SHA1_Update(sha, (const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- SHA1_Update(sha, ssl3_master->RandomInfo.pClientRandom,
- ssl3_master->RandomInfo.ulClientRandomLen);
- SHA1_Update(sha, ssl3_master->RandomInfo.pServerRandom,
- ssl3_master->RandomInfo.ulServerRandomLen);
- SHA1_End(sha, sha_out, &outLen, SHA1_LENGTH);
- PORT_Assert(outLen == SHA1_LENGTH);
- MD5_Begin(md5);
- MD5_Update(md5, (const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- MD5_Update(md5, sha_out, outLen);
- MD5_End(md5, &key_block[i*MD5_LENGTH], &outLen, MD5_LENGTH);
- PORT_Assert(outLen == MD5_LENGTH);
- }
- PORT_Free(md5);
- PORT_Free(sha);
- }
-
- /* store the results */
- crv = pk11_forceAttribute
- (key,CKA_VALUE,key_block,SSL3_MASTER_SECRET_LENGTH);
- if (crv != CKR_OK) break;
- keyType = CKK_GENERIC_SECRET;
- crv = pk11_forceAttribute (key,CKA_KEY_TYPE,&keyType,sizeof(keyType));
- if (isTLS) {
- /* TLS's master secret is used to "sign" finished msgs with PRF. */
- /* XXX This seems like a hack. But PK11_Derive only accepts
- * one "operation" argument. */
- crv = pk11_forceAttribute(key,CKA_SIGN, &cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) break;
- crv = pk11_forceAttribute(key,CKA_VERIFY,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) break;
- /* While we're here, we might as well force this, too. */
- crv = pk11_forceAttribute(key,CKA_DERIVE,&cktrue,sizeof(CK_BBOOL));
- if (crv != CKR_OK) break;
- }
- break;
- }
-
- case CKM_TLS_KEY_AND_MAC_DERIVE:
- isTLS = PR_TRUE;
- /* fall thru */
- case CKM_SSL3_KEY_AND_MAC_DERIVE:
- {
- CK_SSL3_KEY_MAT_PARAMS *ssl3_keys;
- CK_SSL3_KEY_MAT_OUT * ssl3_keys_out;
- CK_ULONG effKeySize;
-
- crv = pk11_DeriveSensitiveCheck(sourceKey,key);
- if (crv != CKR_OK) break;
-
- if (att->attrib.ulValueLen != SSL3_MASTER_SECRET_LENGTH) {
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
- att2 = pk11_FindAttribute(sourceKey,CKA_KEY_TYPE);
- if ((att2 == NULL) || (*(CK_KEY_TYPE *)att2->attrib.pValue !=
- CKK_GENERIC_SECRET)) {
- if (att2) pk11_FreeAttribute(att2);
- crv = CKR_KEY_FUNCTION_NOT_PERMITTED;
- break;
- }
- pk11_FreeAttribute(att2);
- md5 = MD5_NewContext();
- if (md5 == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- sha = SHA1_NewContext();
- if (sha == NULL) {
- PORT_Free(md5);
- crv = CKR_HOST_MEMORY;
- break;
- }
- ssl3_keys = (CK_SSL3_KEY_MAT_PARAMS *) pMechanism->pParameter;
- /*
- * clear out our returned keys so we can recover on failure
- */
- ssl3_keys_out = ssl3_keys->pReturnedKeyMaterial;
- ssl3_keys_out->hClientMacSecret = CK_INVALID_HANDLE;
- ssl3_keys_out->hServerMacSecret = CK_INVALID_HANDLE;
- ssl3_keys_out->hClientKey = CK_INVALID_HANDLE;
- ssl3_keys_out->hServerKey = CK_INVALID_HANDLE;
-
- /*
- * generate the key material: This looks amazingly similar to the
- * PMS code, and is clearly crying out for a function to provide it.
- */
- if (isTLS) {
- SECStatus status;
- SECItem master = { siBuffer, NULL, 0 };
- SECItem srcr = { siBuffer, NULL, 0 };
- SECItem keyblk = { siBuffer, NULL, 0 };
- unsigned char srcrdata[SSL3_RANDOM_LENGTH * 2];
-
- master.data = (unsigned char*)att->attrib.pValue;
- master.len = att->attrib.ulValueLen;
- srcr.data = srcrdata;
- srcr.len = sizeof srcrdata;
- keyblk.data = key_block;
- keyblk.len = sizeof key_block;
-
- PORT_Memcpy(srcrdata,
- ssl3_keys->RandomInfo.pServerRandom,
- SSL3_RANDOM_LENGTH);
- PORT_Memcpy(srcrdata + SSL3_RANDOM_LENGTH,
- ssl3_keys->RandomInfo.pClientRandom,
- SSL3_RANDOM_LENGTH);
-
- status = pk11_PRF(&master, "key expansion", &srcr, &keyblk);
- if (status != SECSuccess) {
- goto key_and_mac_derive_fail;
- }
- } else {
- /* key_block =
- * MD5(master_secret + SHA('A' + master_secret +
- * ServerHello.random + ClientHello.random)) +
- * MD5(master_secret + SHA('BB' + master_secret +
- * ServerHello.random + ClientHello.random)) +
- * MD5(master_secret + SHA('CCC' + master_secret +
- * ServerHello.random + ClientHello.random)) +
- * [...];
- */
- for (i = 0; i < NUM_MIXERS; i++) {
- SHA1_Begin(sha);
- SHA1_Update(sha, (unsigned char*) mixers[i], strlen(mixers[i]));
- SHA1_Update(sha, (const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- SHA1_Update(sha, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- SHA1_Update(sha, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- SHA1_End(sha, sha_out, &outLen, SHA1_LENGTH);
- PORT_Assert(outLen == SHA1_LENGTH);
- MD5_Begin(md5);
- MD5_Update(md5, (const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- MD5_Update(md5, sha_out, outLen);
- MD5_End(md5, &key_block[i*MD5_LENGTH], &outLen, MD5_LENGTH);
- PORT_Assert(outLen == MD5_LENGTH);
- }
- }
-
- /*
- * Put the key material where it goes.
- */
- i = 0; /* now shows how much consumed */
- macSize = ssl3_keys->ulMacSizeInBits/8;
- effKeySize = ssl3_keys->ulKeySizeInBits/8;
- IVSize = ssl3_keys->ulIVSizeInBits/8;
- if (keySize == 0) {
- effKeySize = keySize;
- }
-
- /*
- * The key_block is partitioned as follows:
- * client_write_MAC_secret[CipherSpec.hash_size]
- */
- crv = pk11_buildSSLKey(hSession,key,PR_TRUE,&key_block[i],macSize,
- &ssl3_keys_out->hClientMacSecret);
- if (crv != CKR_OK)
- goto key_and_mac_derive_fail;
-
- i += macSize;
-
- /*
- * server_write_MAC_secret[CipherSpec.hash_size]
- */
- crv = pk11_buildSSLKey(hSession,key,PR_TRUE,&key_block[i],macSize,
- &ssl3_keys_out->hServerMacSecret);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
- i += macSize;
-
- if (keySize) {
- if (!ssl3_keys->bIsExport) {
- /*
- ** Generate Domestic write keys and IVs.
- ** client_write_key[CipherSpec.key_material]
- */
- crv = pk11_buildSSLKey(hSession,key,PR_FALSE,&key_block[i],
- keySize, &ssl3_keys_out->hClientKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
- i += keySize;
-
- /*
- ** server_write_key[CipherSpec.key_material]
- */
- crv = pk11_buildSSLKey(hSession,key,PR_FALSE,&key_block[i],
- keySize, &ssl3_keys_out->hServerKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
- i += keySize;
-
- /*
- ** client_write_IV[CipherSpec.IV_size]
- */
- PORT_Memcpy(ssl3_keys_out->pIVClient, &key_block[i], IVSize);
- i += IVSize;
-
- /*
- ** server_write_IV[CipherSpec.IV_size]
- */
- PORT_Memcpy(ssl3_keys_out->pIVServer, &key_block[i], IVSize);
- i += IVSize;
- PORT_Assert(i <= sizeof key_block);
-
- } else if (!isTLS) {
-
- /*
- ** Generate SSL3 Export write keys and IVs.
- ** client_write_key[CipherSpec.key_material]
- ** final_client_write_key = MD5(client_write_key +
- ** ClientHello.random + ServerHello.random);
- */
- MD5_Begin(md5);
- MD5_Update(md5, &key_block[i], effKeySize);
- MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
- i += effKeySize;
- crv = pk11_buildSSLKey(hSession,key,PR_FALSE,key_block2,
- keySize,&ssl3_keys_out->hClientKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
-
- /*
- ** server_write_key[CipherSpec.key_material]
- ** final_server_write_key = MD5(server_write_key +
- ** ServerHello.random + ClientHello.random);
- */
- MD5_Begin(md5);
- MD5_Update(md5, &key_block[i], effKeySize);
- MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
- i += effKeySize;
- crv = pk11_buildSSLKey(hSession,key,PR_FALSE,key_block2,
- keySize,&ssl3_keys_out->hServerKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
-
- /*
- ** client_write_IV =
- ** MD5(ClientHello.random + ServerHello.random);
- */
- MD5_Begin(md5);
- MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
- PORT_Memcpy(ssl3_keys_out->pIVClient, key_block2, IVSize);
-
- /*
- ** server_write_IV =
- ** MD5(ServerHello.random + ClientHello.random);
- */
- MD5_Begin(md5);
- MD5_Update(md5, ssl3_keys->RandomInfo.pServerRandom,
- ssl3_keys->RandomInfo.ulServerRandomLen);
- MD5_Update(md5, ssl3_keys->RandomInfo.pClientRandom,
- ssl3_keys->RandomInfo.ulClientRandomLen);
- MD5_End(md5, key_block2, &outLen, MD5_LENGTH);
- PORT_Memcpy(ssl3_keys_out->pIVServer, key_block2, IVSize);
-
- } else {
-
- /*
- ** Generate TLS Export write keys and IVs.
- */
- SECStatus status;
- SECItem secret = { siBuffer, NULL, 0 };
- SECItem crsr = { siBuffer, NULL, 0 };
- SECItem keyblk = { siBuffer, NULL, 0 };
- unsigned char crsrdata[SSL3_RANDOM_LENGTH * 2];
-
- crsr.data = crsrdata;
- crsr.len = sizeof crsrdata;
-
- PORT_Memcpy(crsrdata,
- ssl3_keys->RandomInfo.pClientRandom,
- SSL3_RANDOM_LENGTH);
- PORT_Memcpy(crsrdata + SSL3_RANDOM_LENGTH,
- ssl3_keys->RandomInfo.pServerRandom,
- SSL3_RANDOM_LENGTH);
-
-
- /*
- ** client_write_key[CipherSpec.key_material]
- ** final_client_write_key = PRF(client_write_key,
- ** "client write key",
- ** client_random + server_random);
- */
- secret.data = &key_block[i];
- secret.len = effKeySize;
- i += effKeySize;
- keyblk.data = key_block2;
- keyblk.len = sizeof key_block2;
- status = pk11_PRF(&secret, "client write key", &crsr, &keyblk);
- if (status != SECSuccess) {
- goto key_and_mac_derive_fail;
- }
- crv = pk11_buildSSLKey(hSession, key, PR_FALSE, key_block2,
- keySize, &ssl3_keys_out->hClientKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
-
- /*
- ** server_write_key[CipherSpec.key_material]
- ** final_server_write_key = PRF(server_write_key,
- ** "server write key",
- ** client_random + server_random);
- */
- secret.data = &key_block[i];
- secret.len = effKeySize;
- i += effKeySize;
- keyblk.data = key_block2;
- keyblk.len = sizeof key_block2;
- status = pk11_PRF(&secret, "server write key", &crsr, &keyblk);
- if (status != SECSuccess) {
- goto key_and_mac_derive_fail;
- }
- crv = pk11_buildSSLKey(hSession, key, PR_FALSE, key_block2,
- keySize, &ssl3_keys_out->hServerKey);
- if (crv != CKR_OK) {
- goto key_and_mac_derive_fail;
- }
-
- /*
- ** iv_block = PRF("", "IV block",
- ** client_random + server_random);
- ** client_write_IV[SecurityParameters.IV_size]
- ** server_write_IV[SecurityParameters.IV_size]
- */
- if (IVSize) {
- secret.data = NULL;
- secret.len = 0;
- keyblk.data = &key_block[i];
- keyblk.len = 2 * IVSize;
- status = pk11_PRF(&secret, "IV block", &crsr, &keyblk);
- if (status != SECSuccess) {
- goto key_and_mac_derive_fail;
- }
- PORT_Memcpy(ssl3_keys_out->pIVClient, keyblk.data, IVSize);
- PORT_Memcpy(ssl3_keys_out->pIVServer, keyblk.data + IVSize,
- IVSize);
- }
- }
- }
-
- crv = CKR_OK;
-
- if (0) {
-key_and_mac_derive_fail:
- if (crv == CKR_OK)
- crv = CKR_FUNCTION_FAILED;
- pk11_freeSSLKeys(hSession, ssl3_keys_out);
- }
- MD5_DestroyContext(md5, PR_TRUE);
- SHA1_DestroyContext(sha, PR_TRUE);
- pk11_FreeObject(key);
- key = NULL;
- break;
- }
-
- case CKM_CONCATENATE_BASE_AND_KEY:
- {
- PK11Object *newKey;
-
- crv = pk11_DeriveSensitiveCheck(sourceKey,key);
- if (crv != CKR_OK) break;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- crv = CKR_SESSION_HANDLE_INVALID;
- break;
- }
-
- newKey = pk11_ObjectFromHandle(*(CK_OBJECT_HANDLE *)
- pMechanism->pParameter,session);
- pk11_FreeSession(session);
- if ( newKey == NULL) {
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
-
- if (pk11_isTrue(newKey,CKA_SENSITIVE)) {
- crv = pk11_forceAttribute(newKey,CKA_SENSITIVE,&cktrue,
- sizeof(CK_BBOOL));
- if (crv != CKR_OK) {
- pk11_FreeObject(newKey);
- break;
- }
- }
-
- att2 = pk11_FindAttribute(newKey,CKA_VALUE);
- if (att2 == NULL) {
- pk11_FreeObject(newKey);
- crv = CKR_KEY_HANDLE_INVALID;
- break;
- }
- tmpKeySize = att->attrib.ulValueLen+att2->attrib.ulValueLen;
- if (keySize == 0) keySize = tmpKeySize;
- if (keySize > tmpKeySize) {
- pk11_FreeObject(newKey);
- pk11_FreeAttribute(att2);
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(tmpKeySize);
- if (buf == NULL) {
- pk11_FreeAttribute(att2);
- pk11_FreeObject(newKey);
- crv = CKR_HOST_MEMORY;
- break;
- }
-
- PORT_Memcpy(buf,att->attrib.pValue,att->attrib.ulValueLen);
- PORT_Memcpy(buf+att->attrib.ulValueLen,
- att2->attrib.pValue,att2->attrib.ulValueLen);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,tmpKeySize);
- pk11_FreeAttribute(att2);
- pk11_FreeObject(newKey);
- break;
- }
-
- case CKM_CONCATENATE_BASE_AND_DATA:
- stringPtr = (CK_KEY_DERIVATION_STRING_DATA *) pMechanism->pParameter;
- tmpKeySize = att->attrib.ulValueLen+stringPtr->ulLen;
- if (keySize == 0) keySize = tmpKeySize;
- if (keySize > tmpKeySize) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(tmpKeySize);
- if (buf == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
-
- PORT_Memcpy(buf,att->attrib.pValue,att->attrib.ulValueLen);
- PORT_Memcpy(buf+att->attrib.ulValueLen,stringPtr->pData,
- stringPtr->ulLen);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,tmpKeySize);
- break;
- case CKM_CONCATENATE_DATA_AND_BASE:
- stringPtr = (CK_KEY_DERIVATION_STRING_DATA *)pMechanism->pParameter;
- tmpKeySize = att->attrib.ulValueLen+stringPtr->ulLen;
- if (keySize == 0) keySize = tmpKeySize;
- if (keySize > tmpKeySize) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(tmpKeySize);
- if (buf == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
-
- PORT_Memcpy(buf,stringPtr->pData,stringPtr->ulLen);
- PORT_Memcpy(buf+stringPtr->ulLen,att->attrib.pValue,
- att->attrib.ulValueLen);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,tmpKeySize);
- break;
- case CKM_XOR_BASE_AND_DATA:
- stringPtr = (CK_KEY_DERIVATION_STRING_DATA *)pMechanism->pParameter;
- tmpKeySize = PR_MIN(att->attrib.ulValueLen,stringPtr->ulLen);
- if (keySize == 0) keySize = tmpKeySize;
- if (keySize > tmpKeySize) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(keySize);
- if (buf == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
-
-
- PORT_Memcpy(buf,att->attrib.pValue,keySize);
- for (i=0; i < (int)keySize; i++) {
- buf[i] ^= stringPtr->pData[i];
- }
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,keySize);
- break;
-
- case CKM_EXTRACT_KEY_FROM_KEY:
- {
- /* the following assumes 8 bits per byte */
- CK_ULONG extract = *(CK_EXTRACT_PARAMS *)pMechanism->pParameter;
- CK_ULONG shift = extract & 0x7; /* extract mod 8 the fast way */
- CK_ULONG offset = extract >> 3; /* extract div 8 the fast way */
-
- if (keySize == 0) {
- crv = CKR_TEMPLATE_INCOMPLETE;
- break;
- }
- /* make sure we have enough bits in the original key */
- if (att->attrib.ulValueLen <
- (offset + keySize + ((shift != 0)? 1 :0)) ) {
- crv = CKR_MECHANISM_PARAM_INVALID;
- break;
- }
- buf = (unsigned char*)PORT_Alloc(keySize);
- if (buf == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
-
- /* copy the bits we need into the new key */
- for (i=0; i < (int)keySize; i++) {
- unsigned char *value =
- ((unsigned char *)att->attrib.pValue)+offset+i;
- if (shift) {
- buf[i] = (value[0] << (shift)) | (value[1] >> (8 - shift));
- } else {
- buf[i] = value[0];
- }
- }
-
- crv = pk11_forceAttribute (key,CKA_VALUE,buf,keySize);
- PORT_ZFree(buf,keySize);
- break;
- }
- case CKM_MD2_KEY_DERIVATION:
- if (keySize == 0) keySize = MD2_LENGTH;
- if (keySize > MD2_LENGTH) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- /* now allocate the hash contexts */
- md2 = MD2_NewContext();
- if (md2 == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- MD2_Begin(md2);
- MD2_Update(md2,(const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- MD2_End(md2,key_block,&outLen,MD2_LENGTH);
- MD2_DestroyContext(md2, PR_TRUE);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,key_block,keySize);
- break;
- case CKM_MD5_KEY_DERIVATION:
- if (keySize == 0) keySize = MD5_LENGTH;
- if (keySize > MD5_LENGTH) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- /* now allocate the hash contexts */
- md5 = MD5_NewContext();
- if (md5 == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- MD5_Begin(md5);
- MD5_Update(md5,(const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- MD5_End(md5,key_block,&outLen,MD5_LENGTH);
- MD5_DestroyContext(md5, PR_TRUE);
-
- crv = pk11_forceAttribute (key,CKA_VALUE,key_block,keySize);
- break;
- case CKM_SHA1_KEY_DERIVATION:
- if (keySize == 0) keySize = SHA1_LENGTH;
- if (keySize > SHA1_LENGTH) {
- crv = CKR_TEMPLATE_INCONSISTENT;
- break;
- }
- /* now allocate the hash contexts */
- sha = SHA1_NewContext();
- if (sha == NULL) {
- crv = CKR_HOST_MEMORY;
- break;
- }
- SHA1_Begin(sha);
- SHA1_Update(sha,(const unsigned char*)att->attrib.pValue,
- att->attrib.ulValueLen);
- SHA1_End(sha,key_block,&outLen,SHA1_LENGTH);
- SHA1_DestroyContext(sha, PR_TRUE);
-
- crv = pk11_forceAttribute(key,CKA_VALUE,key_block,keySize);
- break;
-
- case CKM_DH_PKCS_DERIVE:
- {
- SECItem derived, dhPublic;
- SECItem dhPrime, dhValue;
- /* sourceKey - values for the local existing low key */
- /* get prime and value attributes */
- crv = pk11_Attribute2SecItem(NULL, &dhPrime, sourceKey, CKA_PRIME);
- if (crv != SECSuccess) break;
- crv = pk11_Attribute2SecItem(NULL, &dhValue, sourceKey, CKA_VALUE);
- if (crv != SECSuccess) {
- PORT_Free(dhPrime.data);
- break;
- }
-
- dhPublic.data = pMechanism->pParameter;
- dhPublic.len = pMechanism->ulParameterLen;
-
- /* calculate private value - oct */
- rv = DH_Derive(&dhPublic, &dhPrime, &dhValue, &derived, keySize);
-
- PORT_Free(dhPrime.data);
- PORT_Free(dhValue.data);
-
- if (rv == SECSuccess) {
- pk11_forceAttribute(key, CKA_VALUE, derived.data, derived.len);
- PORT_ZFree(derived.data, derived.len);
- } else
- crv = CKR_HOST_MEMORY;
-
- break;
- }
-
- default:
- crv = CKR_MECHANISM_INVALID;
- }
- pk11_FreeAttribute(att);
- pk11_FreeObject(sourceKey);
- if (crv != CKR_OK) {
- if (key) pk11_FreeObject(key);
- return crv;
- }
-
- /* link the key object into the list */
- if (key) {
- PK11SessionObject *sessKey = pk11_narrowToSessionObject(key);
- PORT_Assert(sessKey);
- /* get the session */
- sessKey->wasDerived = PR_TRUE;
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) {
- pk11_FreeObject(key);
- return CKR_HOST_MEMORY;
- }
-
- crv = pk11_handleObject(key,session);
- pk11_FreeSession(session);
- *phKey = key->handle;
- pk11_FreeObject(key);
- }
- return crv;
-}
-
-
-/* NSC_GetFunctionStatus obtains an updated status of a function running
- * in parallel with an application. */
-CK_RV NSC_GetFunctionStatus(CK_SESSION_HANDLE hSession)
-{
- return CKR_FUNCTION_NOT_PARALLEL;
-}
-
-/* NSC_CancelFunction cancels a function running in parallel */
-CK_RV NSC_CancelFunction(CK_SESSION_HANDLE hSession)
-{
- return CKR_FUNCTION_NOT_PARALLEL;
-}
-
-/* NSC_GetOperationState saves the state of the cryptographic
- *operation in a session.
- * NOTE: This code only works for digest functions for now. eventually need
- * to add full flatten/resurect to our state stuff so that all types of state
- * can be saved */
-CK_RV NSC_GetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen)
-{
- PK11SessionContext *context;
- PK11Session *session;
- CK_RV crv;
-
- /* make sure we're legal */
- crv = pk11_GetContext(hSession, &context, PK11_HASH, PR_TRUE, &session);
- if (crv != CKR_OK) return crv;
-
- *pulOperationStateLen = context->cipherInfoLen + sizeof(CK_MECHANISM_TYPE)
- + sizeof(PK11ContextType);
- if (pOperationState == NULL) {
- pk11_FreeSession(session);
- return CKR_OK;
- }
- PORT_Memcpy(pOperationState,&context->type,sizeof(PK11ContextType));
- pOperationState += sizeof(PK11ContextType);
- PORT_Memcpy(pOperationState,&context->currentMech,
- sizeof(CK_MECHANISM_TYPE));
- pOperationState += sizeof(CK_MECHANISM_TYPE);
- PORT_Memcpy(pOperationState,context->cipherInfo,context->cipherInfoLen);
- pk11_FreeSession(session);
- return CKR_OK;
-}
-
-
-#define pk11_Decrement(stateSize,len) \
- stateSize = ((stateSize) > (CK_ULONG)(len)) ? \
- ((stateSize) - (CK_ULONG)(len)) : 0;
-
-/* NSC_SetOperationState restores the state of the cryptographic
- * operation in a session. This is coded like it can restore lots of
- * states, but it only works for truly flat cipher structures. */
-CK_RV NSC_SetOperationState(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
- CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey)
-{
- PK11SessionContext *context;
- PK11Session *session;
- PK11ContextType type;
- CK_MECHANISM mech;
- CK_RV crv = CKR_OK;
-
- while (ulOperationStateLen != 0) {
- /* get what type of state we're dealing with... */
- PORT_Memcpy(&type,pOperationState, sizeof(PK11ContextType));
-
- /* fix up session contexts based on type */
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
- context = pk11_ReturnContextByType(session, type);
- pk11_SetContextByType(session, type, NULL);
- if (context) {
- pk11_FreeContext(context);
- }
- pOperationState += sizeof(PK11ContextType);
- pk11_Decrement(ulOperationStateLen,sizeof(PK11ContextType));
-
-
- /* get the mechanism structure */
- PORT_Memcpy(&mech.mechanism,pOperationState,sizeof(CK_MECHANISM_TYPE));
- pOperationState += sizeof(CK_MECHANISM_TYPE);
- pk11_Decrement(ulOperationStateLen, sizeof(CK_MECHANISM_TYPE));
- /* should be filled in... but not necessary for hash */
- mech.pParameter = NULL;
- mech.ulParameterLen = 0;
- switch (type) {
- case PK11_HASH:
- crv = NSC_DigestInit(hSession,&mech);
- if (crv != CKR_OK) break;
- crv = pk11_GetContext(hSession, &context, PK11_HASH, PR_TRUE,
- NULL);
- if (crv != CKR_OK) break;
- PORT_Memcpy(context->cipherInfo,pOperationState,
- context->cipherInfoLen);
- pOperationState += context->cipherInfoLen;
- pk11_Decrement(ulOperationStateLen,context->cipherInfoLen);
- break;
- default:
- /* do sign/encrypt/decrypt later */
- crv = CKR_SAVED_STATE_INVALID;
- }
- pk11_FreeSession(session);
- if (crv != CKR_OK) break;
- }
- return crv;
-}
-
-/* Dual-function cryptographic operations */
-
-/* NSC_DigestEncryptUpdate continues a multiple-part digesting and encryption
- * operation. */
-CK_RV NSC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen)
-{
- CK_RV crv;
-
- crv = NSC_EncryptUpdate(hSession,pPart,ulPartLen, pEncryptedPart,
- pulEncryptedPartLen);
- if (crv != CKR_OK) return crv;
- crv = NSC_DigestUpdate(hSession,pPart,ulPartLen);
-
- return crv;
-}
-
-
-/* NSC_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation. */
-CK_RV NSC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
- CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
-{
- CK_RV crv;
-
- crv = NSC_DecryptUpdate(hSession,pEncryptedPart, ulEncryptedPartLen,
- pPart, pulPartLen);
- if (crv != CKR_OK) return crv;
- crv = NSC_DigestUpdate(hSession,pPart,*pulPartLen);
-
- return crv;
-}
-
-
-/* NSC_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation. */
-CK_RV NSC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
- CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
- CK_ULONG_PTR pulEncryptedPartLen)
-{
- CK_RV crv;
-
- crv = NSC_EncryptUpdate(hSession,pPart,ulPartLen, pEncryptedPart,
- pulEncryptedPartLen);
- if (crv != CKR_OK) return crv;
- crv = NSC_SignUpdate(hSession,pPart,ulPartLen);
-
- return crv;
-}
-
-
-/* NSC_DecryptVerifyUpdate continues a multiple-part decryption
- * and verify operation. */
-CK_RV NSC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
- CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
- CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
-{
- CK_RV crv;
-
- crv = NSC_DecryptUpdate(hSession,pEncryptedData, ulEncryptedDataLen,
- pData, pulDataLen);
- if (crv != CKR_OK) return crv;
- crv = NSC_VerifyUpdate(hSession, pData, *pulDataLen);
-
- return crv;
-}
-
-/* NSC_DigestKey continues a multi-part message-digesting operation,
- * by digesting the value of a secret key as part of the data already digested.
- */
-CK_RV NSC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
-{
- PK11Session *session = NULL;
- PK11Object *key = NULL;
- PK11Attribute *att;
- CK_RV crv;
-
- session = pk11_SessionFromHandle(hSession);
- if (session == NULL) return CKR_SESSION_HANDLE_INVALID;
-
- key = pk11_ObjectFromHandle(hKey,session);
- pk11_FreeSession(session);
- if (key == NULL) return CKR_KEY_HANDLE_INVALID;
-
- /* PUT ANY DIGEST KEY RESTRICTION CHECKS HERE */
-
- /* make sure it's a valid key for this operation */
- if (key->objclass != CKO_SECRET_KEY) {
- pk11_FreeObject(key);
- return CKR_KEY_TYPE_INCONSISTENT;
- }
- /* get the key value */
- att = pk11_FindAttribute(key,CKA_VALUE);
- pk11_FreeObject(key);
-
- crv = NSC_DigestUpdate(hSession,(CK_BYTE_PTR)att->attrib.pValue,
- att->attrib.ulValueLen);
- pk11_FreeAttribute(att);
- return crv;
-}
diff --git a/security/nss/lib/softoken/pkcs11f.h b/security/nss/lib/softoken/pkcs11f.h
deleted file mode 100644
index 70d34da5e..000000000
--- a/security/nss/lib/softoken/pkcs11f.h
+++ /dev/null
@@ -1,934 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* This function contains pretty much everything about all the */
-/* PKCS #11 function prototypes. Because this information is */
-/* used for more than just declaring function prototypes, the */
-/* order of the functions appearing herein is important, and */
-/* should not be altered. */
-
-
-
-/* General-purpose */
-
-/* C_Initialize initializes the PKCS #11 library. */
-CK_PKCS11_FUNCTION_INFO(C_Initialize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets
- * cast to CK_C_INITIALIZE_ARGS_PTR
- * and dereferenced */
-);
-#endif
-
-
-/* C_Finalize indicates that an application is done with the
- * PKCS #11 library. */
-CK_PKCS11_FUNCTION_INFO(C_Finalize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */
-);
-#endif
-
-
-/* C_GetInfo returns general information about PKCS #11. */
-CK_PKCS11_FUNCTION_INFO(C_GetInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_INFO_PTR pInfo /* location that receives information */
-);
-#endif
-
-
-/* C_GetFunctionList returns the function list. */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to
- * function list */
-);
-#endif
-
-
-
-/* Slot and token management */
-
-/* C_GetSlotList obtains a list of slots in the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_BBOOL tokenPresent, /* only slots with tokens? */
- CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */
- CK_ULONG_PTR pulCount /* receives number of slots */
-);
-#endif
-
-
-/* C_GetSlotInfo obtains information about a particular slot in
- * the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the ID of the slot */
- CK_SLOT_INFO_PTR pInfo /* receives the slot information */
-);
-#endif
-
-
-/* C_GetTokenInfo obtains information about a particular token
- * in the system. */
-CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_TOKEN_INFO_PTR pInfo /* receives the token information */
-);
-#endif
-
-
-/* C_GetMechanismList obtains a list of mechanism types
- * supported by a token. */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismList)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of token's slot */
- CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */
- CK_ULONG_PTR pulCount /* gets # of mechs. */
-);
-#endif
-
-
-/* C_GetMechanismInfo obtains information about a particular
- * mechanism possibly supported by a token. */
-CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_MECHANISM_TYPE type, /* type of mechanism */
- CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */
-);
-#endif
-
-
-/* C_InitToken initializes a token. */
-CK_PKCS11_FUNCTION_INFO(C_InitToken)
-#ifdef CK_NEED_ARG_LIST
-(
-/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */
- CK_SLOT_ID slotID, /* ID of the token's slot */
- CK_CHAR_PTR pPin, /* the SO's initial PIN */
- CK_ULONG ulPinLen, /* length in bytes of the PIN */
- CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */
-);
-#endif
-
-
-/* C_InitPIN initializes the normal user's PIN. */
-CK_PKCS11_FUNCTION_INFO(C_InitPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_CHAR_PTR pPin, /* the normal user's PIN */
- CK_ULONG ulPinLen /* length in bytes of the PIN */
-);
-#endif
-
-
-/* C_SetPIN modifies the PIN of the user who is logged in. */
-CK_PKCS11_FUNCTION_INFO(C_SetPIN)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_CHAR_PTR pOldPin, /* the old PIN */
- CK_ULONG ulOldLen, /* length of the old PIN */
- CK_CHAR_PTR pNewPin, /* the new PIN */
- CK_ULONG ulNewLen /* length of the new PIN */
-);
-#endif
-
-
-
-/* Session management */
-
-/* C_OpenSession opens a session between an application and a
- * token. */
-CK_PKCS11_FUNCTION_INFO(C_OpenSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID, /* the slot's ID */
- CK_FLAGS flags, /* from CK_SESSION_INFO */
- CK_VOID_PTR pApplication, /* passed to callback */
- CK_NOTIFY Notify, /* callback function */
- CK_SESSION_HANDLE_PTR phSession /* gets session handle */
-);
-#endif
-
-
-/* C_CloseSession closes a session between an application and a
- * token. */
-CK_PKCS11_FUNCTION_INFO(C_CloseSession)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CloseAllSessions closes all sessions with a token. */
-CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SLOT_ID slotID /* the token's slot */
-);
-#endif
-
-
-/* C_GetSessionInfo obtains information about the session. */
-CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_SESSION_INFO_PTR pInfo /* receives session info */
-);
-#endif
-
-
-/* C_GetOperationState obtains the state of the cryptographic operation
- * in a session. */
-CK_PKCS11_FUNCTION_INFO(C_GetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pOperationState, /* gets state */
- CK_ULONG_PTR pulOperationStateLen /* gets state length */
-);
-#endif
-
-
-/* C_SetOperationState restores the state of the cryptographic
- * operation in a session. */
-CK_PKCS11_FUNCTION_INFO(C_SetOperationState)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pOperationState, /* holds state */
- CK_ULONG ulOperationStateLen, /* holds state length */
- CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */
- CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */
-);
-#endif
-
-
-/* C_Login logs a user into a token. */
-CK_PKCS11_FUNCTION_INFO(C_Login)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_USER_TYPE userType, /* the user type */
- CK_CHAR_PTR pPin, /* the user's PIN */
- CK_ULONG ulPinLen /* the length of the PIN */
-);
-#endif
-
-
-/* C_Logout logs a user out from a token. */
-CK_PKCS11_FUNCTION_INFO(C_Logout)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Object management */
-
-/* C_CreateObject creates a new object. */
-CK_PKCS11_FUNCTION_INFO(C_CreateObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* the object's template */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */
-);
-#endif
-
-
-/* C_CopyObject copies an object, creating a new object for the
- * copy. */
-CK_PKCS11_FUNCTION_INFO(C_CopyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* template for new object */
- CK_ULONG ulCount, /* attributes in template */
- CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */
-);
-#endif
-
-
-/* C_DestroyObject destroys an object. */
-CK_PKCS11_FUNCTION_INFO(C_DestroyObject)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject /* the object's handle */
-);
-#endif
-
-
-/* C_GetObjectSize gets the size of an object in bytes. */
-CK_PKCS11_FUNCTION_INFO(C_GetObjectSize)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ULONG_PTR pulSize /* receives size of object */
-);
-#endif
-
-
-/* C_GetAttributeValue obtains the value of one or more object
- * attributes. */
-CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_SetAttributeValue modifies the value of one or more object
- * attributes */
-CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hObject, /* the object's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */
- CK_ULONG ulCount /* attributes in template */
-);
-#endif
-
-
-/* C_FindObjectsInit initializes a search for token and session
- * objects that match a template. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */
- CK_ULONG ulCount /* attrs in search template */
-);
-#endif
-
-
-/* C_FindObjects continues a search for token and session
- * objects that match a template, obtaining additional object
- * handles. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjects)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */
- CK_ULONG ulMaxObjectCount, /* max handles to get */
- CK_ULONG_PTR pulObjectCount /* actual # returned */
-);
-#endif
-
-
-/* C_FindObjectsFinal finishes a search for token and session
- * objects. */
-CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Encryption and decryption */
-
-/* C_EncryptInit initializes an encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of encryption key */
-);
-#endif
-
-
-/* C_Encrypt encrypts single-part data. */
-CK_PKCS11_FUNCTION_INFO(C_Encrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pData, /* the plaintext data */
- CK_ULONG ulDataLen, /* bytes of plaintext */
- CK_BYTE_PTR pEncryptedData, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptUpdate continues a multiple-part encryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* plaintext data len */
- CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */
-);
-#endif
-
-
-/* C_EncryptFinal finishes a multiple-part encryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_EncryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session handle */
- CK_BYTE_PTR pLastEncryptedPart, /* last c-text */
- CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */
-);
-#endif
-
-
-/* C_DecryptInit initializes a decryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */
- CK_OBJECT_HANDLE hKey /* handle of decryption key */
-);
-#endif
-
-
-/* C_Decrypt decrypts encrypted data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Decrypt)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedData, /* ciphertext */
- CK_ULONG ulEncryptedDataLen, /* ciphertext length */
- CK_BYTE_PTR pData, /* gets plaintext */
- CK_ULONG_PTR pulDataLen /* gets p-text size */
-);
-#endif
-
-
-/* C_DecryptUpdate continues a multiple-part decryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedPart, /* encrypted data */
- CK_ULONG ulEncryptedPartLen, /* input length */
- CK_BYTE_PTR pPart, /* gets plaintext */
- CK_ULONG_PTR pulPartLen /* p-text size */
-);
-#endif
-
-
-/* C_DecryptFinal finishes a multiple-part decryption
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pLastPart, /* gets plaintext */
- CK_ULONG_PTR pulLastPartLen /* p-text size */
-);
-#endif
-
-
-
-/* Message digesting */
-
-/* C_DigestInit initializes a message-digesting operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism /* the digesting mechanism */
-);
-#endif
-
-
-/* C_Digest digests data in a single part. */
-CK_PKCS11_FUNCTION_INFO(C_Digest)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* data to be digested */
- CK_ULONG ulDataLen, /* bytes of data to digest */
- CK_BYTE_PTR pDigest, /* gets the message digest */
- CK_ULONG_PTR pulDigestLen /* gets digest length */
-);
-#endif
-
-
-/* C_DigestUpdate continues a multiple-part message-digesting
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* data to be digested */
- CK_ULONG ulPartLen /* bytes of data to be digested */
-);
-#endif
-
-
-/* C_DigestKey continues a multi-part message-digesting
- * operation, by digesting the value of a secret key as part of
- * the data already digested. */
-CK_PKCS11_FUNCTION_INFO(C_DigestKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_OBJECT_HANDLE hKey /* secret key to digest */
-);
-#endif
-
-
-/* C_DigestFinal finishes a multiple-part message-digesting
- * operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pDigest, /* gets the message digest */
- CK_ULONG_PTR pulDigestLen /* gets byte count of digest */
-);
-#endif
-
-
-
-/* Signing and MACing */
-
-/* C_SignInit initializes a signature (private key encryption)
- * operation, where the signature is (will be) an appendix to
- * the data, and plaintext cannot be recovered from the
- *signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of signature key */
-);
-#endif
-
-
-/* C_Sign signs (encrypts with private key) data in a single
- * part, where the signature is (will be) an appendix to the
- * data, and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_Sign)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data to sign */
- CK_ULONG ulDataLen, /* count of bytes to sign */
- CK_BYTE_PTR pSignature, /* gets the signature */
- CK_ULONG_PTR pulSignatureLen /* gets signature length */
-);
-#endif
-
-
-/* C_SignUpdate continues a multiple-part signature operation,
- * where the signature is (will be) an appendix to the data,
- * and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* the data to sign */
- CK_ULONG ulPartLen /* count of bytes to sign */
-);
-#endif
-
-
-/* C_SignFinal finishes a multiple-part signature operation,
- * returning the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* gets the signature */
- CK_ULONG_PTR pulSignatureLen /* gets signature length */
-);
-#endif
-
-
-/* C_SignRecoverInit initializes a signature operation, where
- * the data can be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the signature mechanism */
- CK_OBJECT_HANDLE hKey /* handle of the signature key */
-);
-#endif
-
-
-/* C_SignRecover signs data in a single operation, where the
- * data can be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_SignRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* the data to sign */
- CK_ULONG ulDataLen, /* count of bytes to sign */
- CK_BYTE_PTR pSignature, /* gets the signature */
- CK_ULONG_PTR pulSignatureLen /* gets signature length */
-);
-#endif
-
-
-
-/* Verifying signatures and MACs */
-
-/* C_VerifyInit initializes a verification operation, where the
- * signature is an appendix to the data, and plaintext cannot
- * cannot be recovered from the signature (e.g. DSA). */
-CK_PKCS11_FUNCTION_INFO(C_VerifyInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* verification key */
-);
-#endif
-
-
-/* C_Verify verifies a signature in a single-part operation,
- * where the signature is an appendix to the data, and plaintext
- * cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_Verify)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pData, /* signed data */
- CK_ULONG ulDataLen, /* length of signed data */
- CK_BYTE_PTR pSignature, /* signature */
- CK_ULONG ulSignatureLen /* signature length*/
-);
-#endif
-
-
-/* C_VerifyUpdate continues a multiple-part verification
- * operation, where the signature is an appendix to the data,
- * and plaintext cannot be recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pPart, /* signed data */
- CK_ULONG ulPartLen /* length of signed data */
-);
-#endif
-
-
-/* C_VerifyFinal finishes a multiple-part verification
- * operation, checking the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyFinal)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* signature to verify */
- CK_ULONG ulSignatureLen /* signature length */
-);
-#endif
-
-
-/* C_VerifyRecoverInit initializes a signature verification
- * operation, where the data is recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the verification mechanism */
- CK_OBJECT_HANDLE hKey /* verification key */
-);
-#endif
-
-
-/* C_VerifyRecover verifies a signature in a single-part
- * operation, where the data is recovered from the signature. */
-CK_PKCS11_FUNCTION_INFO(C_VerifyRecover)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSignature, /* signature to verify */
- CK_ULONG ulSignatureLen, /* signature length */
- CK_BYTE_PTR pData, /* gets signed data */
- CK_ULONG_PTR pulDataLen /* gets signed data len */
-);
-#endif
-
-
-
-/* Dual-function cryptographic operations */
-
-/* C_DigestEncryptUpdate continues a multiple-part digesting
- * and encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* plaintext length */
- CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptDigestUpdate continues a multiple-part decryption and
- * digesting operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedPart, /* ciphertext */
- CK_ULONG ulEncryptedPartLen, /* ciphertext length */
- CK_BYTE_PTR pPart, /* gets plaintext */
- CK_ULONG_PTR pulPartLen /* gets plaintext len */
-);
-#endif
-
-
-/* C_SignEncryptUpdate continues a multiple-part signing and
- * encryption operation. */
-CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pPart, /* the plaintext data */
- CK_ULONG ulPartLen, /* plaintext length */
- CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */
- CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */
-);
-#endif
-
-
-/* C_DecryptVerifyUpdate continues a multiple-part decryption and
- * verify operation. */
-CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_BYTE_PTR pEncryptedPart, /* ciphertext */
- CK_ULONG ulEncryptedPartLen, /* ciphertext length */
- CK_BYTE_PTR pPart, /* gets plaintext */
- CK_ULONG_PTR pulPartLen /* gets p-text length */
-);
-#endif
-
-
-
-/* Key management */
-
-/* C_GenerateKey generates a secret key, creating a new key
- * object. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* key generation mech. */
- CK_ATTRIBUTE_PTR pTemplate, /* template for new key */
- CK_ULONG ulCount, /* # of attrs in template */
- CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */
-);
-#endif
-
-
-/* C_GenerateKeyPair generates a public-key/private-key pair,
- * creating new key objects. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session
- * handle */
- CK_MECHANISM_PTR pMechanism, /* key-gen
- * mech. */
- CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template
- * for pub.
- * key */
- CK_ULONG ulPublicKeyAttributeCount, /* # pub.
- * attrs. */
- CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template
- * for priv.
- * key */
- CK_ULONG ulPrivateKeyAttributeCount, /* # priv.
- * attrs. */
- CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub.
- * key
- * handle */
- CK_OBJECT_HANDLE_PTR phPrivateKey /* gets
- * priv. key
- * handle */
-);
-#endif
-
-
-/* C_WrapKey wraps (i.e., encrypts) a key. */
-CK_PKCS11_FUNCTION_INFO(C_WrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */
- CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */
- CK_OBJECT_HANDLE hKey, /* key to be wrapped */
- CK_BYTE_PTR pWrappedKey, /* gets wrapped key */
- CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */
-);
-#endif
-
-
-/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new
- * key object. */
-CK_PKCS11_FUNCTION_INFO(C_UnwrapKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */
- CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */
- CK_BYTE_PTR pWrappedKey, /* the wrapped key */
- CK_ULONG ulWrappedKeyLen, /* wrapped key len */
- CK_ATTRIBUTE_PTR pTemplate, /* new key template */
- CK_ULONG ulAttributeCount, /* template length */
- CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
-);
-#endif
-
-
-/* C_DeriveKey derives a key from a base key, creating a new key
- * object. */
-CK_PKCS11_FUNCTION_INFO(C_DeriveKey)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* session's handle */
- CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */
- CK_OBJECT_HANDLE hBaseKey, /* base key */
- CK_ATTRIBUTE_PTR pTemplate, /* new key template */
- CK_ULONG ulAttributeCount, /* template length */
- CK_OBJECT_HANDLE_PTR phKey /* gets new handle */
-);
-#endif
-
-
-
-/* Random number generation */
-
-/* C_SeedRandom mixes additional seed material into the token's
- * random number generator. */
-CK_PKCS11_FUNCTION_INFO(C_SeedRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR pSeed, /* the seed material */
- CK_ULONG ulSeedLen /* length of seed material */
-);
-#endif
-
-
-/* C_GenerateRandom generates random data. */
-CK_PKCS11_FUNCTION_INFO(C_GenerateRandom)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_BYTE_PTR RandomData, /* receives the random data */
- CK_ULONG ulRandomLen /* # of bytes to generate */
-);
-#endif
-
-
-
-/* Parallel function management */
-
-/* C_GetFunctionStatus is a legacy function; it obtains an
- * updated status of a function running in parallel with an
- * application. */
-CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-/* C_CancelFunction is a legacy function; it cancels a function
- * running in parallel. */
-CK_PKCS11_FUNCTION_INFO(C_CancelFunction)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_SESSION_HANDLE hSession /* the session's handle */
-);
-#endif
-
-
-
-/* Functions added in for PKCS #11 Version 2.01 or later */
-
-/* C_WaitForSlotEvent waits for a slot event (token insertion,
- * removal, etc.) to occur. */
-CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent)
-#ifdef CK_NEED_ARG_LIST
-(
- CK_FLAGS flags, /* blocking/nonblocking flag */
- CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */
- CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */
-);
-#endif
diff --git a/security/nss/lib/softoken/pkcs11i.h b/security/nss/lib/softoken/pkcs11i.h
deleted file mode 100644
index 5056cc035..000000000
--- a/security/nss/lib/softoken/pkcs11i.h
+++ /dev/null
@@ -1,597 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal data structures and functions used by pkcs11.c
- */
-#ifndef _PKCS11I_H_
-#define _PKCS11I_H_ 1
-
-#include "nssilock.h"
-#include "seccomon.h"
-#include "secoidt.h"
-#include "lowkeyti.h"
-#include "pkcs11t.h"
-#include "pcertt.h"
-
-
-/*
- * Configuration Defines
- *
- * The following defines affect the space verse speed trade offs of
- * the PKCS #11 module. For the most part the current settings are optimized
- * for web servers, where we want faster speed and lower lock contention at
- * the expense of space.
- */
-
-#define PKCS11_USE_THREADS /* set to true of you are need threads */
-/*
- * Attribute Allocation strategy:
- *
- * 1) static allocation (PKCS11_STATIC_ATTRIBUTES set
- * PKCS11_REF_COUNT_ATTRIBUTES not set)
- * Attributes are pre-allocated as part of the session object and used from
- * the object array.
- *
- * 2) heap allocation with ref counting (PKCS11_STATIC_ATTRIBUTES not set
- * PKCS11_REF_COUNT_ATTRIBUTES set)
- * Attributes are allocated from the heap when needed and freed when their
- * reference count goes to zero.
- *
- * 3) arena allocation (PKCS11_STATIC_ATTRIBUTES not set
- * PKCS11_REF_COUNT_ATTRIBUTE not set)
- * Attributes are allocated from the arena when needed and freed only when
- * the object goes away.
- */
-#define PKCS11_STATIC_ATTRIBUTES
-/*#define PKCS11_REF_COUNT_ATTRIBUTES */
-/* the next two are only active if PKCS11_STATIC_ATTRIBUTES is set */
-#define MAX_OBJS_ATTRS 45 /* number of attributes to preallocate in
- * the object (must me the absolute max) */
-#define ATTR_SPACE 50 /* Maximum size of attribute data before extra
- * data needs to be allocated. This is set to
- * enough space to hold an SSL MASTER secret */
-
-#define NSC_STRICT PR_FALSE /* forces the code to do strict template
- * matching when doing C_FindObject on token
- * objects. This will slow down search in
- * NSS. */
-/* default search block allocations and increments */
-#define NSC_CERT_BLOCK_SIZE 50
-#define NSC_SEARCH_BLOCK_SIZE 5
-#define NSC_SLOT_LIST_BLOCK_SIZE 10
-
-/* these are data base storage hashes, not cryptographic hashes.. The define
- * the effective size of the various object hash tables */
-#ifdef MOZ_CLIENT
-/* clients care more about memory usage than lookup performance on
- * cyrptographic objects. Clients also have less objects around to play with */
- *
- * we eventually should make this configurable at runtime! Especially now that
- * NSS is a shared library.
- */
-#define ATTRIBUTE_HASH_SIZE 32
-#define SESSION_OBJECT_HASH_SIZE 16
-#define TOKEN_OBJECT_HASH_SIZE 32
-#define SESSION_HASH_SIZE 32
-#else
-#define ATTRIBUTE_HASH_SIZE 32
-#define SESSION_OBJECT_HASH_SIZE 32
-#define TOKEN_OBJECT_HASH_SIZE 1024
-#define SESSION_HASH_SIZE 512
-#define MAX_OBJECT_LIST_SIZE 800 /* how many objects to keep on the free list
- * before we start freeing them */
-#endif
-#define MAX_KEY_LEN 256
-
-
-
-#ifdef PKCS11_USE_THREADS
-#define PK11_USE_THREADS(x) x
-#else
-#define PK11_USE_THREADS(x)
-#endif
-
-/* define typedefs, double as forward declarations as well */
-typedef struct PK11AttributeStr PK11Attribute;
-typedef struct PK11ObjectListStr PK11ObjectList;
-typedef struct PK11ObjectListElementStr PK11ObjectListElement;
-typedef struct PK11ObjectStr PK11Object;
-typedef struct PK11SessionObjectStr PK11SessionObject;
-typedef struct PK11TokenObjectStr PK11TokenObject;
-typedef struct PK11SessionStr PK11Session;
-typedef struct PK11SlotStr PK11Slot;
-typedef struct PK11SessionContextStr PK11SessionContext;
-typedef struct PK11SearchResultsStr PK11SearchResults;
-typedef struct PK11HashVerifyInfoStr PK11HashVerifyInfo;
-typedef struct PK11HashSignInfoStr PK11HashSignInfo;
-typedef struct PK11SSLMACInfoStr PK11SSLMACInfo;
-
-/* define function pointer typdefs for pointer tables */
-typedef void (*PK11Destroy)(void *, PRBool);
-typedef void (*PK11Begin)(void *);
-typedef SECStatus (*PK11Cipher)(void *,void *,unsigned int *,unsigned int,
- void *, unsigned int);
-typedef SECStatus (*PK11Verify)(void *,void *,unsigned int,void *,unsigned int);
-typedef void (*PK11Hash)(void *,void *,unsigned int);
-typedef void (*PK11End)(void *,void *,unsigned int *,unsigned int);
-typedef void (*PK11Free)(void *);
-
-/* Value to tell if an attribute is modifiable or not.
- * NEVER: attribute is only set on creation.
- * ONCOPY: attribute is set on creation and can only be changed on copy.
- * SENSITIVE: attribute can only be changed to TRUE.
- * ALWAYS: attribute can always be changed.
- */
-typedef enum {
- PK11_NEVER = 0,
- PK11_ONCOPY = 1,
- PK11_SENSITIVE = 2,
- PK11_ALWAYS = 3
-} PK11ModifyType;
-
-/*
- * Free Status Enum... tell us more information when we think we're
- * deleting an object.
- */
-typedef enum {
- PK11_DestroyFailure,
- PK11_Destroyed,
- PK11_Busy
-} PK11FreeStatus;
-
-/*
- * attribute values of an object.
- */
-struct PK11AttributeStr {
- PK11Attribute *next;
- PK11Attribute *prev;
- PRBool freeAttr;
- PRBool freeData;
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- int refCount;
- PZLock *refLock;
-#endif
- /*must be called handle to make pk11queue_find work */
- CK_ATTRIBUTE_TYPE handle;
- CK_ATTRIBUTE attrib;
-#ifdef PKCS11_STATIC_ATTRIBUTES
- unsigned char space[ATTR_SPACE];
-#endif
-};
-
-
-/*
- * doubly link list of objects
- */
-struct PK11ObjectListStr {
- PK11ObjectList *next;
- PK11ObjectList *prev;
- PK11Object *parent;
-};
-
-/*
- * PKCS 11 crypto object structure
- */
-struct PK11ObjectStr {
- PK11Object *next;
- PK11Object *prev;
- CK_OBJECT_CLASS objclass;
- CK_OBJECT_HANDLE handle;
- int refCount;
- PZLock *refLock;
- PK11Slot *slot;
- void *objectInfo;
- PK11Free infoFree;
-#ifndef PKCS11_STATIC_ATTRIBUTES
- PLArenaPool *arena;
-#endif
-};
-
-struct PK11TokenObjectStr {
- PK11Object obj;
- SECItem dbKey;
-};
-
-struct PK11SessionObjectStr {
- PK11Object obj;
- PK11ObjectList sessionList;
- PZLock *attributeLock;
- PK11Session *session;
- PRBool wasDerived;
- PK11Attribute *head[ATTRIBUTE_HASH_SIZE];
-#ifdef PKCS11_STATIC_ATTRIBUTES
- int nextAttr;
- PK11Attribute attrList[MAX_OBJS_ATTRS];
-#endif
-};
-
-/*
- * struct to deal with a temparary list of objects
- */
-struct PK11ObjectListElementStr {
- PK11ObjectListElement *next;
- PK11Object *object;
-};
-
-/*
- * Area to hold Search results
- */
-struct PK11SearchResultsStr {
- CK_OBJECT_HANDLE *handles;
- int size;
- int index;
- int array_size;
-};
-
-
-/*
- * the universal crypto/hash/sign/verify context structure
- */
-typedef enum {
- PK11_ENCRYPT,
- PK11_DECRYPT,
- PK11_HASH,
- PK11_SIGN,
- PK11_SIGN_RECOVER,
- PK11_VERIFY,
- PK11_VERIFY_RECOVER
-} PK11ContextType;
-
-
-#define PK11_MAX_BLOCK_SIZE 16
-/* currently SHA1 is the biggest hash length */
-#define PK11_MAX_MAC_LENGTH 20
-#define PK11_INVALID_MAC_SIZE 0xffffffff
-
-struct PK11SessionContextStr {
- PK11ContextType type;
- PRBool multi; /* is multipart */
- PRBool doPad; /* use PKCS padding for block ciphers */
- unsigned int blockSize; /* blocksize for padding */
- unsigned int padDataLength; /* length of the valid data in padbuf */
- unsigned char padBuf[PK11_MAX_BLOCK_SIZE];
- unsigned char macBuf[PK11_MAX_BLOCK_SIZE];
- CK_ULONG macSize; /* size of a general block cipher mac*/
- void *cipherInfo;
- void *hashInfo;
- unsigned int cipherInfoLen;
- CK_MECHANISM_TYPE currentMech;
- PK11Cipher update;
- PK11Hash hashUpdate;
- PK11End end;
- PK11Destroy destroy;
- PK11Destroy hashdestroy;
- PK11Verify verify;
- unsigned int maxLen;
- PK11Object *key;
-};
-
-/*
- * Sessions (have objects)
- */
-struct PK11SessionStr {
- PK11Session *next;
- PK11Session *prev;
- CK_SESSION_HANDLE handle;
- int refCount;
- PZLock *refLock;
- PZLock *objectLock;
- int objectIDCount;
- CK_SESSION_INFO info;
- CK_NOTIFY notify;
- CK_VOID_PTR appData;
- PK11Slot *slot;
- PK11SearchResults *search;
- PK11SessionContext *enc_context;
- PK11SessionContext *hash_context;
- PK11SessionContext *sign_context;
- PK11ObjectList *objects[1];
-};
-
-/*
- * slots (have sessions and objects)
- */
-struct PK11SlotStr {
- CK_SLOT_ID slotID;
- PZLock *sessionLock;
- PZLock *objectLock;
- SECItem *password;
- PRBool hasTokens;
- PRBool isLoggedIn;
- PRBool ssoLoggedIn;
- PRBool needLogin;
- PRBool DB_loaded;
- PRBool readOnly;
- NSSLOWCERTCertDBHandle *certDB;
- NSSLOWKEYDBHandle *keyDB;
- int minimumPinLen;
- int sessionIDCount;
- int sessionCount;
- int rwSessionCount;
- int tokenIDCount;
- int index;
- PLHashTable *tokenHashTable;
- PK11Object *tokObjects[TOKEN_OBJECT_HASH_SIZE];
- PK11Session *head[SESSION_HASH_SIZE];
- char tokDescription[33];
- char slotDescription[64];
-};
-
-/*
- * special joint operations Contexts
- */
-struct PK11HashVerifyInfoStr {
- SECOidTag hashOid;
- NSSLOWKEYPublicKey *key;
-};
-
-struct PK11HashSignInfoStr {
- SECOidTag hashOid;
- NSSLOWKEYPrivateKey *key;
-};
-
-/* context for the Final SSLMAC message */
-struct PK11SSLMACInfoStr {
- void *hashContext;
- PK11Begin begin;
- PK11Hash update;
- PK11End end;
- CK_ULONG macSize;
- int padSize;
- unsigned char key[MAX_KEY_LEN];
- unsigned int keySize;
-};
-
-/*
- * session handle modifiers
- */
-#define PK11_SESSION_SLOT_MASK 0xff000000L
-
-/*
- * object handle modifiers
- */
-#define PK11_TOKEN_MASK 0x80000000L
-#define PK11_TOKEN_MAGIC 0x80000000L
-#define PK11_TOKEN_TYPE_MASK 0x70000000L
-/* keydb (high bit == 0) */
-#define PK11_TOKEN_TYPE_PRIV 0x10000000L
-#define PK11_TOKEN_TYPE_PUB 0x20000000L
-#define PK11_TOKEN_TYPE_KEY 0x30000000L
-/* certdb (high bit == 1) */
-#define PK11_TOKEN_TYPE_TRUST 0x40000000L
-#define PK11_TOKEN_TYPE_CRL 0x50000000L
-#define PK11_TOKEN_TYPE_SMIME 0x60000000L
-#define PK11_TOKEN_TYPE_CERT 0x70000000L
-
-#define PK11_TOKEN_KRL_HANDLE (PK11_TOKEN_MAGIC|PK11_TOKEN_TYPE_CRL|0)
-/* how big a password/pin we can deal with */
-#define PK11_MAX_PIN 255
-
-/* slot ID's */
-#define NETSCAPE_SLOT_ID 1
-#define PRIVATE_KEY_SLOT_ID 2
-#define FIPS_SLOT_ID 3
-
-/* slot helper macros */
-#define pk11_SlotFromSession(sp) ((sp)->slot)
-#define pk11_isToken(id) (((id) & PK11_TOKEN_MASK) == PK11_TOKEN_MAGIC)
-
-/* queueing helper macros */
-#define pk11_hash(value,size) ((value) & (size-1))/*size must be a power of 2*/
-#define pk11queue_add(element,id,head,hash_size) \
- { int tmp = pk11_hash(id,hash_size); \
- (element)->next = (head)[tmp]; \
- (element)->prev = NULL; \
- if ((head)[tmp]) (head)[tmp]->prev = (element); \
- (head)[tmp] = (element); }
-#define pk11queue_find(element,id,head,hash_size) \
- for( (element) = (head)[pk11_hash(id,hash_size)]; (element) != NULL; \
- (element) = (element)->next) { \
- if ((element)->handle == (id)) { break; } }
-#define pk11queue_is_queued(element,id,head,hash_size) \
- ( ((element)->next) || ((element)->prev) || \
- ((head)[pk11_hash(id,hash_size)] == (element)) )
-#define pk11queue_delete(element,id,head,hash_size) \
- if ((element)->next) (element)->next->prev = (element)->prev; \
- if ((element)->prev) (element)->prev->next = (element)->next; \
- else (head)[pk11_hash(id,hash_size)] = ((element)->next); \
- (element)->next = NULL; \
- (element)->prev = NULL; \
-
-/* expand an attribute & secitem structures out */
-#define pk11_attr_expand(ap) (ap)->type,(ap)->pValue,(ap)->ulValueLen
-#define pk11_item_expand(ip) (ip)->data,(ip)->len
-
-typedef struct pk11_token_parametersStr {
- CK_SLOT_ID slotID;
- char *configdir;
- char *certPrefix;
- char *keyPrefix;
- char *tokdes;
- char *slotdes;
- int minPW;
- PRBool readOnly;
- PRBool noCertDB;
- PRBool noKeyDB;
- PRBool forceOpen;
- PRBool pwRequired;
-} pk11_token_parameters;
-
-typedef struct pk11_parametersStr {
- char *configdir;
- char *secmodName;
- char *man;
- char *libdes;
- PRBool readOnly;
- PRBool noModDB;
- PRBool noCertDB;
- PRBool forceOpen;
- PRBool pwRequired;
- pk11_token_parameters *tokens;
- int token_count;
-} pk11_parameters;
-
-
-/* machine dependent path stuff used by dbinit.c and pk11db.c */
-#ifdef macintosh
-#define PATH_SEPARATOR ":"
-#define SECMOD_DB "Security Modules"
-#define CERT_DB_FMT "%sCertificates%s"
-#define KEY_DB_FMT "%sKey Database%s"
-#else
-#define PATH_SEPARATOR "/"
-#define SECMOD_DB "secmod.db"
-#define CERT_DB_FMT "%scert%s.db"
-#define KEY_DB_FMT "%skey%s.db"
-#endif
-
-SEC_BEGIN_PROTOS
-
-extern CK_RV nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS);
-/* shared functions between PKCS11.c and PK11FIPS.c */
-extern CK_RV PK11_SlotInit(char *configdir,pk11_token_parameters *params);
-
-/* internal utility functions used by pkcs11.c */
-extern PK11Attribute *pk11_FindAttribute(PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-extern void pk11_FreeAttribute(PK11Attribute *attribute);
-extern CK_RV pk11_AddAttributeType(PK11Object *object, CK_ATTRIBUTE_TYPE type,
- void *valPtr,
- CK_ULONG length);
-extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
- PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern PRBool pk11_hasAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern PRBool pk11_isTrue(PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern void pk11_DeleteAttributeType(PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-extern CK_RV pk11_Attribute2SecItem(PLArenaPool *arena, SECItem *item,
- PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern CK_RV pk11_Attribute2SSecItem(PLArenaPool *arena, SECItem *item,
- PK11Object *object,
- CK_ATTRIBUTE_TYPE type);
-extern PK11ModifyType pk11_modifyType(CK_ATTRIBUTE_TYPE type,
- CK_OBJECT_CLASS inClass);
-extern PRBool pk11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass);
-extern char *pk11_getString(PK11Object *object, CK_ATTRIBUTE_TYPE type);
-extern void pk11_nullAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type);
-extern CK_RV pk11_forceAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len);
-extern CK_RV pk11_defaultAttribute(PK11Object *object, CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len);
-
-extern PK11Object *pk11_NewObject(PK11Slot *slot);
-extern CK_RV pk11_CopyObject(PK11Object *destObject, PK11Object *srcObject);
-extern PK11FreeStatus pk11_FreeObject(PK11Object *object);
-extern CK_RV pk11_DeleteObject(PK11Session *session, PK11Object *object);
-extern void pk11_ReferenceObject(PK11Object *object);
-extern PK11Object *pk11_ObjectFromHandle(CK_OBJECT_HANDLE handle,
- PK11Session *session);
-extern void pk11_AddSlotObject(PK11Slot *slot, PK11Object *object);
-extern void pk11_AddObject(PK11Session *session, PK11Object *object);
-
-extern CK_RV pk11_searchObjectList(PK11SearchResults *search,
- PK11Object **head, PZLock *lock,
- CK_ATTRIBUTE_PTR inTemplate, int count,
- PRBool isLoggedIn);
-extern PK11ObjectListElement *pk11_FreeObjectListElement(
- PK11ObjectListElement *objectList);
-extern void pk11_FreeObjectList(PK11ObjectListElement *objectList);
-extern void pk11_FreeSearch(PK11SearchResults *search);
-extern CK_RV pk11_handleObject(PK11Object *object, PK11Session *session);
-
-extern PK11Slot *pk11_SlotFromID(CK_SLOT_ID slotID);
-extern PK11Slot *pk11_SlotFromSessionHandle(CK_SESSION_HANDLE handle);
-extern PK11Session *pk11_SessionFromHandle(CK_SESSION_HANDLE handle);
-extern void pk11_FreeSession(PK11Session *session);
-extern PK11Session *pk11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify,
- CK_VOID_PTR pApplication, CK_FLAGS flags);
-extern void pk11_update_state(PK11Slot *slot,PK11Session *session);
-extern void pk11_update_all_states(PK11Slot *slot);
-extern void pk11_FreeContext(PK11SessionContext *context);
-
-extern NSSLOWKEYPublicKey *pk11_GetPubKey(PK11Object *object,
- CK_KEY_TYPE key_type);
-extern NSSLOWKEYPrivateKey *pk11_GetPrivKey(PK11Object *object,
- CK_KEY_TYPE key_type);
-extern void pk11_FormatDESKey(unsigned char *key, int length);
-extern PRBool pk11_CheckDESKey(unsigned char *key);
-extern PRBool pk11_IsWeakKey(unsigned char *key,CK_KEY_TYPE key_type);
-
-extern CK_RV secmod_parseParameters(char *param, pk11_parameters *parsed,
- PRBool isFIPS);
-extern void secmod_freeParams(pk11_parameters *params);
-extern char *secmod_getSecmodName(char *params, PRBool *rw);
-extern char ** secmod_ReadPermDB(char *dbname, char *params, PRBool rw);
-extern SECStatus secmod_DeletePermDB(char *dbname,char *args, PRBool rw);
-extern SECStatus secmod_AddPermDB(char *dbname, char *module, PRBool rw);
-/*
- * OK there are now lots of options here, lets go through them all:
- *
- * configdir - base directory where all the cert, key, and module datbases live.
- * certPrefix - prefix added to the beginning of the cert database example: "
- * "https-server1-"
- * keyPrefix - prefix added to the beginning of the key database example: "
- * "https-server1-"
- * secmodName - name of the security module database (usually "secmod.db").
- * readOnly - Boolean: true if the databases are to be openned read only.
- * nocertdb - Don't open the cert DB and key DB's, just initialize the
- * Volatile certdb.
- * nomoddb - Don't open the security module DB, just initialize the
- * PKCS #11 module.
- * forceOpen - Continue to force initializations even if the databases cannot
- * be opened.
- */
-CK_RV pk11_DBInit(const char *configdir, const char *certPrefix,
- const char *keyPrefix, PRBool readOnly, PRBool noCertDB,
- PRBool noKeyDB, PRBool forceOpen,
- NSSLOWCERTCertDBHandle **certDB, NSSLOWKEYDBHandle **keyDB);
-
-/*
- * narrow objects
- */
-PK11SessionObject * pk11_narrowToSessionObject(PK11Object *);
-PK11TokenObject * pk11_narrowToTokenObject(PK11Object *);
-
-/*
- * token object utilities
- */
-void pk11_addHandle(PK11SearchResults *search, CK_OBJECT_HANDLE handle);
-PRBool pk11_tokenMatch(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class,
- CK_ATTRIBUTE_PTR theTemplate,int count);
-CK_OBJECT_HANDLE pk11_mkHandle(PK11Slot *slot,
- SECItem *dbKey, CK_OBJECT_HANDLE class);
-PK11Object * pk11_NewTokenObject(PK11Slot *slot, SECItem *dbKey,
- CK_OBJECT_HANDLE handle);
-SEC_END_PROTOS
-
-#endif /* _PKCS11I_H_ */
diff --git a/security/nss/lib/softoken/pkcs11n.h b/security/nss/lib/softoken/pkcs11n.h
deleted file mode 100644
index 8ad69a3da..000000000
--- a/security/nss/lib/softoken/pkcs11n.h
+++ /dev/null
@@ -1,218 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _PKCS11N_H_
-#define _PKCS11N_H_
-
-#ifdef DEBUG
-static const char CKT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * pkcs11n.h
- *
- * This file contains the NSS-specific type definitions for Cryptoki
- * (PKCS#11).
- */
-
-/*
- * NSSCK_VENDOR_NETSCAPE
- *
- * Cryptoki reserves the high half of all the number spaces for
- * vendor-defined use. I'd like to keep all of our Netscape-
- * specific values together, but not in the oh-so-obvious
- * 0x80000001, 0x80000002, etc. area. So I've picked an offset,
- * and constructed values for the beginnings of our spaces.
- *
- * Note that some "historical" Netscape values don't fall within
- * this range.
- */
-#define NSSCK_VENDOR_NETSCAPE 0x4E534350 /* NSCP */
-
-/*
- * Netscape-defined object classes
- *
- */
-#define CKO_NETSCAPE (CKO_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKO_NETSCAPE_CRL (CKO_NETSCAPE + 1)
-#define CKO_NETSCAPE_SMIME (CKO_NETSCAPE + 2)
-#define CKO_NETSCAPE_TRUST (CKO_NETSCAPE + 3)
-#define CKO_NETSCAPE_BUILTIN_ROOT_LIST (CKO_NETSCAPE + 4)
-
-/*
- * Netscape-defined key types
- *
- */
-#define CKK_NETSCAPE (CKK_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKK_NETSCAPE_PKCS8 (CKK_NETSCAPE + 1)
-/*
- * Netscape-defined certificate types
- *
- */
-#define CKC_NETSCAPE (CKC_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-/*
- * Netscape-defined object attributes
- *
- */
-#define CKA_NETSCAPE (CKA_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-#define CKA_NETSCAPE_URL (CKA_NETSCAPE + 1)
-#define CKA_NETSCAPE_EMAIL (CKA_NETSCAPE + 2)
-#define CKA_NETSCAPE_SMIME_INFO (CKA_NETSCAPE + 3)
-#define CKA_NETSCAPE_SMIME_TIMESTAMP (CKA_NETSCAPE + 4)
-#define CKA_NETSCAPE_PKCS8_SALT (CKA_NETSCAPE + 5)
-#define CKA_NETSCAPE_PASSWORD_CHECK (CKA_NETSCAPE + 6)
-#define CKA_NETSCAPE_EXPIRES (CKA_NETSCAPE + 7)
-#define CKA_NETSCAPE_KRL (CKA_NETSCAPE + 7)
-
-/*
- * Trust attributes:
- *
- * If trust goes standard, these probably will too. So I'll
- * put them all in one place.
- */
-
-#define CKA_TRUST (CKA_NETSCAPE + 0x2000)
-
-/* "Usage" key information */
-#define CKA_TRUST_DIGITAL_SIGNATURE (CKA_TRUST + 1)
-#define CKA_TRUST_NON_REPUDIATION (CKA_TRUST + 2)
-#define CKA_TRUST_KEY_ENCIPHERMENT (CKA_TRUST + 3)
-#define CKA_TRUST_DATA_ENCIPHERMENT (CKA_TRUST + 4)
-#define CKA_TRUST_KEY_AGREEMENT (CKA_TRUST + 5)
-#define CKA_TRUST_KEY_CERT_SIGN (CKA_TRUST + 6)
-#define CKA_TRUST_CRL_SIGN (CKA_TRUST + 7)
-
-/* "Purpose" trust information */
-#define CKA_TRUST_SERVER_AUTH (CKA_TRUST + 8)
-#define CKA_TRUST_CLIENT_AUTH (CKA_TRUST + 9)
-#define CKA_TRUST_CODE_SIGNING (CKA_TRUST + 10)
-#define CKA_TRUST_EMAIL_PROTECTION (CKA_TRUST + 11)
-#define CKA_TRUST_IPSEC_END_SYSTEM (CKA_TRUST + 12)
-#define CKA_TRUST_IPSEC_TUNNEL (CKA_TRUST + 13)
-#define CKA_TRUST_IPSEC_USER (CKA_TRUST + 14)
-#define CKA_TRUST_TIME_STAMPING (CKA_TRUST + 15)
-#define CKA_CERT_SHA1_HASH (CKA_TRUST + 100)
-#define CKA_CERT_MD5_HASH (CKA_TRUST + 101)
-
-/* Netscape trust stuff */
-/* XXX fgmr new ones here-- step-up, etc. */
-
-/* HISTORICAL: define used to pass in the database key for DSA private keys */
-#define CKA_NETSCAPE_DB 0xD5A0DB00L
-#define CKA_NETSCAPE_TRUST 0x80000001L
-
-/*
- * Netscape-defined crypto mechanisms
- *
- */
-#define CKM_NETSCAPE (CKM_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-/*
- * HISTORICAL:
- * Do not attempt to use these. They are only used by NETSCAPE's internal
- * PKCS #11 interface. Most of these are place holders for other mechanism
- * and will change in the future.
- */
-#define CKM_NETSCAPE_PBE_SHA1_DES_CBC 0x80000002L
-#define CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC 0x80000003L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC 0x80000004L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC 0x80000005L
-#define CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4 0x80000006L
-#define CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4 0x80000007L
-#define CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC 0x80000008L
-#define CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN 0x80000009L
-#define CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN 0x8000000aL
-#define CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN 0x8000000bL
-
-#define CKM_TLS_PRF_GENERAL 0x80000373L
-
-
-/*
- * Netscape-defined return values
- *
- */
-#define CKR_NETSCAPE (CKM_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-/*
- * Trust info
- *
- * This isn't part of the Cryptoki standard (yet), so I'm putting
- * all the definitions here. Some of this would move to nssckt.h
- * if trust info were made part of the standard. In view of this
- * possibility, I'm putting my (Netscape) values in the netscape
- * vendor space, like everything else.
- */
-
-typedef CK_ULONG CK_TRUST;
-
-/* The following trust types are defined: */
-#define CKT_VENDOR_DEFINED 0x80000000
-
-#define CKT_NETSCAPE (CKT_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE)
-
-/* If trust goes standard, these'll probably drop out of vendor space. */
-#define CKT_NETSCAPE_TRUSTED (CKT_NETSCAPE + 1)
-#define CKT_NETSCAPE_TRUSTED_DELEGATOR (CKT_NETSCAPE + 2)
-#define CKT_NETSCAPE_UNTRUSTED (CKT_NETSCAPE + 3)
-#define CKT_NETSCAPE_MUST_VERIFY (CKT_NETSCAPE + 4)
-#define CKT_NETSCAPE_TRUST_UNKNOWN (CKT_NETSCAPE + 5) /* default */
-
-/*
- * These may well remain Netscape-specific; I'm only using them
- * to cache resolution data.
- */
-#define CKT_NETSCAPE_VALID (CKT_NETSCAPE + 10)
-#define CKT_NETSCAPE_VALID_DELEGATOR (CKT_NETSCAPE + 11)
-
-
-/*
- * These are not really PKCS #11 values specifically. They are the 'loadable'
- * module spec NSS uses. The are available for others to use as well, but not
- * part of the formal PKCS #11 spec.
- *
- * The function 'FIND' returns an array of PKCS #11 initialization strings
- * The function 'ADD' takes a PKCS #11 initialization string and stores it.
- * The function 'DEL' takes a 'name= library=' value and deletes the associated
- * string.
- */
-#define SECMOD_MODULE_DB_FUNCTION_FIND 0
-#define SECMOD_MODULE_DB_FUNCTION_ADD 1
-#define SECMOD_MODULE_DB_FUNCTION_DEL 2
-typedef char ** (PR_CALLBACK *SECMODModuleDBFunc)(unsigned long function,
- char *parameters, char *moduleSpec);
-
-#endif /* _PKCS11N_H_ */
diff --git a/security/nss/lib/softoken/pkcs11p.h b/security/nss/lib/softoken/pkcs11p.h
deleted file mode 100644
index 0a30e8ee4..000000000
--- a/security/nss/lib/softoken/pkcs11p.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security Inc. Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* these data types are platform/implementation dependent. */
-/*
- * Packing was removed from the shipped RSA header files, even
- * though it's still needed. put in a central file to help merging..
- */
-
-#if defined(_WIN32)
-#pragma warning(disable:4103)
-#pragma pack(push, cryptoki, 1)
-#endif
-
diff --git a/security/nss/lib/softoken/pkcs11t.h b/security/nss/lib/softoken/pkcs11t.h
deleted file mode 100644
index 124a1bb27..000000000
--- a/security/nss/lib/softoken/pkcs11t.h
+++ /dev/null
@@ -1,1365 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security In.c Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/* See top of pkcs11.h for information about the macros that
- * must be defined and the structure-packing conventions that
- * must be set before including this file.
- */
-
-#ifndef _PKCS11T_H_
-#define _PKCS11T_H_ 1
-
-#ifndef CK_FALSE
-#define CK_FALSE 0
-#endif
-
-#ifndef CK_TRUE
-#define CK_TRUE (!CK_FALSE)
-#endif
-
-#include "prtypes.h"
-
-#define CK_PTR *
-#define CK_NULL_PTR 0
-#define CK_CALLBACK_FUNCTION(rv,func) rv (PR_CALLBACK * func)
-#define CK_DECLARE_FUNCTION(rv,func) PR_EXTERN(rv) func
-#define CK_DECLARE_FUNCTION_POINTER(rv,func) rv (PR_CALLBACK * func)
-
-#define CK_INVALID_SESSION 0
-
-/* an unsigned 8-bit value */
-typedef unsigned char CK_BYTE;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE CK_CHAR;
-
-/* an unsigned 8-bit character */
-typedef CK_BYTE CK_UTF8CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef CK_BYTE CK_BBOOL;
-
-/* an unsigned value, at least 32 bits long */
-typedef unsigned long int CK_ULONG;
-
-/* a signed value, the same size as a CK_ULONG */
-/* CK_LONG is new for v2.0 */
-typedef long int CK_LONG;
-
-/* at least 32 bits; each bit is a Boolean flag */
-typedef CK_ULONG CK_FLAGS;
-
-
-/* some special values for certain CK_ULONG variables */
-#define CK_UNAVAILABLE_INFORMATION (~0UL)
-#define CK_EFFECTIVELY_INFINITE 0
-
-
-typedef CK_BYTE CK_PTR CK_BYTE_PTR;
-typedef CK_CHAR CK_PTR CK_CHAR_PTR;
-typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR;
-typedef CK_ULONG CK_PTR CK_ULONG_PTR;
-typedef void CK_PTR CK_VOID_PTR;
-
-/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */
-typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR;
-
-
-/* The following value is always invalid if used as a session */
-/* handle or object handle */
-#define CK_INVALID_HANDLE 0
-
-
-/* pack */
-#include "pkcs11p.h"
-
-typedef struct CK_VERSION {
- CK_BYTE major; /* integer portion of version number */
- CK_BYTE minor; /* 1/100ths portion of version number */
-} CK_VERSION;
-
-typedef CK_VERSION CK_PTR CK_VERSION_PTR;
-
-
-typedef struct CK_INFO {
- /* manufacturerID and libraryDecription have been changed from
- * CK_CHAR to CK_UTF8CHAR for v2.10 */
- CK_VERSION cryptokiVersion; /* PKCS #11 interface ver */
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags; /* must be zero */
-
- /* libraryDescription and libraryVersion are new for v2.0 */
- CK_UTF8CHAR libraryDescription[32]; /* blank padded */
- CK_VERSION libraryVersion; /* version of library */
-} CK_INFO;
-
-typedef CK_INFO CK_PTR CK_INFO_PTR;
-
-
-/* CK_NOTIFICATION enumerates the types of notifications that
- * PKCS #11 provides to an application */
-/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG
- * for v2.0 */
-typedef CK_ULONG CK_NOTIFICATION;
-#define CKN_SURRENDER 0
-
-
-typedef CK_ULONG CK_SLOT_ID;
-
-typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR;
-
-
-/* CK_SLOT_INFO provides information about a slot */
-typedef struct CK_SLOT_INFO {
- /* slotDescription and manufacturerID have been changed from
- * CK_CHAR to CK_UTF8CHAR for v2.10 */
- CK_UTF8CHAR slotDescription[64]; /* blank padded */
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
- CK_FLAGS flags;
-
- /* hardwareVersion and firmwareVersion are new for v2.0 */
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
-} CK_SLOT_INFO;
-
-/* flags: bit flags that provide capabilities of the slot
- * Bit Flag Mask Meaning
- */
-#define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */
-#define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/
-#define CKF_HW_SLOT 0x00000004 /* hardware slot */
-
-typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR;
-
-
-/* CK_TOKEN_INFO provides information about a token */
-typedef struct CK_TOKEN_INFO {
- /* label, manufacturerID, and model have been changed from
- * CK_CHAR to CK_UTF8CHAR for v2.10 */
- CK_UTF8CHAR label[32]; /* blank padded */
- CK_UTF8CHAR manufacturerID[32]; /* blank padded */
- CK_UTF8CHAR model[16]; /* blank padded */
- CK_CHAR serialNumber[16]; /* blank padded */
- CK_FLAGS flags; /* see below */
-
- /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount,
- * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been
- * changed from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulMaxSessionCount; /* max open sessions */
- CK_ULONG ulSessionCount; /* sess. now open */
- CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */
- CK_ULONG ulRwSessionCount; /* R/W sess. now open */
- CK_ULONG ulMaxPinLen; /* in bytes */
- CK_ULONG ulMinPinLen; /* in bytes */
- CK_ULONG ulTotalPublicMemory; /* in bytes */
- CK_ULONG ulFreePublicMemory; /* in bytes */
- CK_ULONG ulTotalPrivateMemory; /* in bytes */
- CK_ULONG ulFreePrivateMemory; /* in bytes */
-
- /* hardwareVersion, firmwareVersion, and time are new for
- * v2.0 */
- CK_VERSION hardwareVersion; /* version of hardware */
- CK_VERSION firmwareVersion; /* version of firmware */
- CK_CHAR utcTime[16]; /* time */
-} CK_TOKEN_INFO;
-
-/* The flags parameter is defined as follows:
- * Bit Flag Mask Meaning
- */
-#define CKF_RNG 0x00000001 /* has random #
- * generator */
-#define CKF_WRITE_PROTECTED 0x00000002 /* token is
- * write-
- * protected */
-#define CKF_LOGIN_REQUIRED 0x00000004 /* user must
- * login */
-#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's
- * PIN is set */
-
-/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set,
- * that means that *every* time the state of cryptographic
- * operations of a session is successfully saved, all keys
- * needed to continue those operations are stored in the state */
-#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020
-
-/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means
- * that the token has some sort of clock. The time on that
- * clock is returned in the token info structure */
-#define CKF_CLOCK_ON_TOKEN 0x00000040
-
-/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is
- * set, that means that there is some way for the user to login
- * without sending a PIN through the PKCS #11 library itself */
-#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100
-
-/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true,
- * that means that a single session with the token can perform
- * dual simultaneous cryptographic operations (digest and
- * encrypt; decrypt and digest; sign and encrypt; and decrypt
- * and sign) */
-#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200
-
-/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the
- * token has been initialized using C_InitializeToken or an
- * equivalent mechanism outside the scope of PKCS #11.
- * Calling C_InitializeToken when this flag is set will cause
- * the token to be reinitialized. */
-#define CKF_TOKEN_INITIALIZED 0x00000400
-
-/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is
- * true, the token supports secondary authentication for
- * private key objects. */
-/* DEPRICATED in v2.11 */
-#define CKF_SECONDARY_AUTHENTICATION 0x00000800
-
-/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an
- * incorrect user login PIN has been entered at least once
- * since the last successful authentication. */
-#define CKF_USER_PIN_COUNT_LOW 0x00010000
-
-/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true,
- * supplying an incorrect user PIN will it to become locked. */
-#define CKF_USER_PIN_FINAL_TRY 0x00020000
-
-/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the
- * user PIN has been locked. User login to the token is not
- * possible. */
-#define CKF_USER_PIN_LOCKED 0x00040000
-
-/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
- * the user PIN value is the default value set by token
- * initialization or manufacturing. */
-#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000
-
-/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an
- * incorrect SO login PIN has been entered at least once since
- * the last successful authentication. */
-#define CKF_SO_PIN_COUNT_LOW 0x00100000
-
-/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true,
- * supplying an incorrect SO PIN will it to become locked. */
-#define CKF_SO_PIN_FINAL_TRY 0x00200000
-
-/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO
- * PIN has been locked. SO login to the token is not possible.
- */
-#define CKF_SO_PIN_LOCKED 0x00400000
-
-/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true,
- * the SO PIN value is the default value set by token
- * initialization or manufacturing. */
-#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000
-
-typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
-
-
-/* CK_SESSION_HANDLE is a PKCS #11-assigned value that
- * identifies a session */
-typedef CK_ULONG CK_SESSION_HANDLE;
-
-typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR;
-
-
-/* CK_USER_TYPE enumerates the types of PKCS #11 users */
-/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_USER_TYPE;
-/* Security Officer */
-#define CKU_SO 0
-/* Normal user */
-#define CKU_USER 1
-
-
-/* CK_STATE enumerates the session states */
-/* CK_STATE has been changed from an enum to a CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_STATE;
-#define CKS_RO_PUBLIC_SESSION 0
-#define CKS_RO_USER_FUNCTIONS 1
-#define CKS_RW_PUBLIC_SESSION 2
-#define CKS_RW_USER_FUNCTIONS 3
-#define CKS_RW_SO_FUNCTIONS 4
-
-
-/* CK_SESSION_INFO provides information about a session */
-typedef struct CK_SESSION_INFO {
- CK_SLOT_ID slotID;
- CK_STATE state;
- CK_FLAGS flags; /* see below */
-
- /* ulDeviceError was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
- CK_ULONG ulDeviceError; /* device-dependent error code */
-} CK_SESSION_INFO;
-
-/* The flags are defined in the following table:
- * Bit Flag Mask Meaning
- */
-#define CKF_RW_SESSION 0x00000002 /* session is r/w */
-#define CKF_SERIAL_SESSION 0x00000004 /* no parallel */
-
-typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR;
-
-
-/* CK_OBJECT_HANDLE is a token-specific identifier for an
- * object */
-typedef CK_ULONG CK_OBJECT_HANDLE;
-
-typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR;
-
-
-/* CK_OBJECT_CLASS is a value that identifies the classes (or
- * types) of objects that PKCS #11 recognizes. It is defined
- * as follows: */
-/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_OBJECT_CLASS;
-
-/* The following classes of objects are defined: */
-/* CKO_HW_FEATURE is new for v2.10 */
-/* CKO_DOMAIN_PARAMETERS is new for v2.11 */
-#define CKO_DATA 0x00000000
-#define CKO_CERTIFICATE 0x00000001
-#define CKO_PUBLIC_KEY 0x00000002
-#define CKO_PRIVATE_KEY 0x00000003
-#define CKO_SECRET_KEY 0x00000004
-#define CKO_HW_FEATURE 0x00000005
-#define CKO_DOMAIN_PARAMETERS 0x00000006
-#define CKO_VENDOR_DEFINED 0x80000000
-
-typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR;
-
-/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a
- * value that identifies the hardware feature type of an object
- * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */
-typedef CK_ULONG CK_HW_FEATURE_TYPE;
-
-/* The following hardware feature types are defined */
-#define CKH_MONOTONIC_COUNTER 0x00000001
-#define CKH_CLOCK 0x00000002
-#define CKH_VENDOR_DEFINED 0x80000000
-
-/* CK_KEY_TYPE is a value that identifies a key type */
-/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_KEY_TYPE;
-
-/* the following key types are defined: */
-#define CKK_RSA 0x00000000
-#define CKK_DSA 0x00000001
-#define CKK_DH 0x00000002
-
-/* CKK_ECDSA and CKK_KEA are new for v2.0 */
-/* CKK_X9_42_DH is new for v2.11 */
-#define CKK_ECDSA 0x00000003 /* deprecated in v2.11 */
-#define CKK_EC 0x00000003
-#define CKK_X9_42_DH 0x00000004
-#define CKK_KEA 0x00000005
-
-#define CKK_GENERIC_SECRET 0x00000010
-#define CKK_RC2 0x00000011
-#define CKK_RC4 0x00000012
-#define CKK_DES 0x00000013
-#define CKK_DES2 0x00000014
-#define CKK_DES3 0x00000015
-
-/* all these key types are new for v2.0 */
-#define CKK_CAST 0x00000016
-#define CKK_CAST3 0x00000017
-#define CKK_CAST5 0x00000018 /* deprecated in v2.11 */
-#define CKK_CAST128 0x00000018
-#define CKK_RC5 0x00000019
-#define CKK_IDEA 0x0000001A
-#define CKK_SKIPJACK 0x0000001B
-#define CKK_BATON 0x0000001C
-#define CKK_JUNIPER 0x0000001D
-#define CKK_CDMF 0x0000001E
-
-/* all these key types are new for v2.11 */
-#define CKK_AES 0x0000001F
-
-#define CKK_VENDOR_DEFINED 0x80000000
-#define CKK_INVALID_KEY_TYPE 0xffffffff
-
-
-/* CK_CERTIFICATE_TYPE is a value that identifies a certificate
- * type */
-/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG
- * for v2.0 */
-typedef CK_ULONG CK_CERTIFICATE_TYPE;
-
-/* The following certificate types are defined: */
-/* CKC_X_509_ATTR_CERT is new for v2.10 */
-#define CKC_X_509 0x00000000
-#define CKC_X_509_ATTR_CERT 0x00000001
-#define CKC_VENDOR_DEFINED 0x80000000
-
-
-/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute
- * type */
-/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_ATTRIBUTE_TYPE;
-
-/* The following attribute types are defined: */
-#define CKA_CLASS 0x00000000
-#define CKA_TOKEN 0x00000001
-#define CKA_PRIVATE 0x00000002
-#define CKA_LABEL 0x00000003
-#define CKA_APPLICATION 0x00000010
-#define CKA_VALUE 0x00000011
-
-/* CKA_OBJECT_ID is new for v2.10 */
-#define CKA_OBJECT_ID 0x00000012
-
-#define CKA_CERTIFICATE_TYPE 0x00000080
-#define CKA_ISSUER 0x00000081
-#define CKA_SERIAL_NUMBER 0x00000082
-
-/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new
- * for v2.10 */
-#define CKA_AC_ISSUER 0x00000083
-#define CKA_OWNER 0x00000084
-#define CKA_ATTR_TYPES 0x00000085
-/* CKA_TRUSTED is new for v2.11 */
-#define CKA_TRUSTED 0x00000086
-
-#define CKA_KEY_TYPE 0x00000100
-#define CKA_SUBJECT 0x00000101
-#define CKA_ID 0x00000102
-#define CKA_SENSITIVE 0x00000103
-#define CKA_ENCRYPT 0x00000104
-#define CKA_DECRYPT 0x00000105
-#define CKA_WRAP 0x00000106
-#define CKA_UNWRAP 0x00000107
-#define CKA_SIGN 0x00000108
-#define CKA_SIGN_RECOVER 0x00000109
-#define CKA_VERIFY 0x0000010A
-#define CKA_VERIFY_RECOVER 0x0000010B
-#define CKA_DERIVE 0x0000010C
-#define CKA_START_DATE 0x00000110
-#define CKA_END_DATE 0x00000111
-#define CKA_MODULUS 0x00000120
-#define CKA_MODULUS_BITS 0x00000121
-#define CKA_PUBLIC_EXPONENT 0x00000122
-#define CKA_PRIVATE_EXPONENT 0x00000123
-#define CKA_PRIME_1 0x00000124
-#define CKA_PRIME_2 0x00000125
-#define CKA_EXPONENT_1 0x00000126
-#define CKA_EXPONENT_2 0x00000127
-#define CKA_COEFFICIENT 0x00000128
-#define CKA_PRIME 0x00000130
-#define CKA_SUBPRIME 0x00000131
-#define CKA_BASE 0x00000132
-/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */
-#define CKA_PRIME_BITS 0x00000133
-#define CKA_SUB_PRIME_BITS 0x00000134
-#define CKA_VALUE_BITS 0x00000160
-#define CKA_VALUE_LEN 0x00000161
-
-/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE,
- * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS,
- * and CKA_EC_POINT are new for v2.0 */
-#define CKA_EXTRACTABLE 0x00000162
-#define CKA_LOCAL 0x00000163
-#define CKA_NEVER_EXTRACTABLE 0x00000164
-#define CKA_ALWAYS_SENSITIVE 0x00000165
-/* CKA_KEY_GEN_MECHANISM is new for v2.11 */
-#define CKA_KEY_GEN_MECHANISM 0x00000166
-#define CKA_MODIFIABLE 0x00000170
-#define CKA_ECDSA_PARAMS 0x00000180 /* depricated v2.11 */
-#define CKA_EC_PARAMS 0x00000180
-#define CKA_EC_POINT 0x00000181
-
-/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS,
- * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET
- * are new for v2.10 */
-#define CKA_SECONDARY_AUTH 0x00000200 /* depricated v2.11 */
-#define CKA_AUTH_PIN_FLAGS 0x00000201 /* depricated v2.11 */
-#define CKA_HW_FEATURE_TYPE 0x00000300
-#define CKA_RESET_ON_INIT 0x00000301
-#define CKA_HAS_RESET 0x00000302
-
-#define CKA_VENDOR_DEFINED 0x80000000
-
-
-/* CK_ATTRIBUTE is a structure that includes the type, length
- * and value of an attribute */
-typedef struct CK_ATTRIBUTE {
- CK_ATTRIBUTE_TYPE type;
- CK_VOID_PTR pValue;
-
- /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */
- CK_ULONG ulValueLen; /* in bytes */
-} CK_ATTRIBUTE;
-
-typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR;
-
-
-/* CK_DATE is a structure that defines a date */
-typedef struct CK_DATE{
- CK_CHAR year[4]; /* the year ("1900" - "9999") */
- CK_CHAR month[2]; /* the month ("01" - "12") */
- CK_CHAR day[2]; /* the day ("01" - "31") */
-} CK_DATE;
-
-
-/* CK_MECHANISM_TYPE is a value that identifies a mechanism
- * type */
-/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
-typedef CK_ULONG CK_MECHANISM_TYPE;
-
-/* the following mechanism types are defined: */
-#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
-#define CKM_RSA_PKCS 0x00000001
-#define CKM_RSA_9796 0x00000002
-#define CKM_RSA_X_509 0x00000003
-
-/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
- * are new for v2.0. They are mechanisms which hash and sign */
-#define CKM_MD2_RSA_PKCS 0x00000004
-#define CKM_MD5_RSA_PKCS 0x00000005
-#define CKM_SHA1_RSA_PKCS 0x00000006
-
-/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS & CKM_RSA_OAEP
- * are new for 2.10 */
-#define CKM_RIPEMD128_RSA_PKCS 0x00000007
-#define CKM_RIPEMD160_RSA_PKCS 0x00000008
-#define CKM_RSA_PKCS_OAEP 0x00000009
-
-/* CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31 & CKM_RSA_X9_31_KEY_PAIR_GEN
- * are new for 2.11 */
-#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A
-#define CKM_RSA_X9_31 0x0000000B
-#define CKM_SHA1_RSA_X9_31 0x0000000C
-
-#define CKM_DSA_KEY_PAIR_GEN 0x00000010
-#define CKM_DSA 0x00000011
-#define CKM_DSA_SHA1 0x00000012
-#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
-#define CKM_DH_PKCS_DERIVE 0x00000021
-
-/* CKM_X9_42_DH_PKCS_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE,
- * CKM_X9_42_DH_HYBRID_DERIVE, & CKM_X9_42_MQV_DERIVE
- * are new for v2.11 */
-#define CKM_X9_42_DH_PKCS_KEY_PAIR_GEN 0x00000030
-#define CKM_X9_42_DH_DERIVE 0x00000031
-#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032
-#define CKM_X9_42_MQV_DERIVE 0x00000033
-
-#define CKM_RC2_KEY_GEN 0x00000100
-#define CKM_RC2_ECB 0x00000101
-#define CKM_RC2_CBC 0x00000102
-#define CKM_RC2_MAC 0x00000103
-
-/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */
-#define CKM_RC2_MAC_GENERAL 0x00000104
-#define CKM_RC2_CBC_PAD 0x00000105
-
-#define CKM_RC4_KEY_GEN 0x00000110
-#define CKM_RC4 0x00000111
-#define CKM_DES_KEY_GEN 0x00000120
-#define CKM_DES_ECB 0x00000121
-#define CKM_DES_CBC 0x00000122
-#define CKM_DES_MAC 0x00000123
-
-/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */
-#define CKM_DES_MAC_GENERAL 0x00000124
-#define CKM_DES_CBC_PAD 0x00000125
-
-#define CKM_DES2_KEY_GEN 0x00000130
-#define CKM_DES3_KEY_GEN 0x00000131
-#define CKM_DES3_ECB 0x00000132
-#define CKM_DES3_CBC 0x00000133
-#define CKM_DES3_MAC 0x00000134
-
-/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN,
- * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC,
- * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */
-#define CKM_DES3_MAC_GENERAL 0x00000135
-#define CKM_DES3_CBC_PAD 0x00000136
-#define CKM_CDMF_KEY_GEN 0x00000140
-#define CKM_CDMF_ECB 0x00000141
-#define CKM_CDMF_CBC 0x00000142
-#define CKM_CDMF_MAC 0x00000143
-#define CKM_CDMF_MAC_GENERAL 0x00000144
-#define CKM_CDMF_CBC_PAD 0x00000145
-
-#define CKM_MD2 0x00000200
-
-/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */
-#define CKM_MD2_HMAC 0x00000201
-#define CKM_MD2_HMAC_GENERAL 0x00000202
-
-#define CKM_MD5 0x00000210
-
-/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */
-#define CKM_MD5_HMAC 0x00000211
-#define CKM_MD5_HMAC_GENERAL 0x00000212
-
-#define CKM_SHA_1 0x00000220
-
-/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */
-#define CKM_SHA_1_HMAC 0x00000221
-#define CKM_SHA_1_HMAC_GENERAL 0x00000222
-
-/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC,
- * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC,
- * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */
-#define CKM_RIPEMD128 0x00000230
-#define CKM_RIPEMD128_HMAC 0x00000231
-#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232
-#define CKM_RIPEMD160 0x00000240
-#define CKM_RIPEMD160_HMAC 0x00000241
-#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242
-
-/* All of the following mechanisms are new for v2.0 */
-/* Note that CAST128 and CAST5 are the same algorithm */
-#define CKM_CAST_KEY_GEN 0x00000300
-#define CKM_CAST_ECB 0x00000301
-#define CKM_CAST_CBC 0x00000302
-#define CKM_CAST_MAC 0x00000303
-#define CKM_CAST_MAC_GENERAL 0x00000304
-#define CKM_CAST_CBC_PAD 0x00000305
-#define CKM_CAST3_KEY_GEN 0x00000310
-#define CKM_CAST3_ECB 0x00000311
-#define CKM_CAST3_CBC 0x00000312
-#define CKM_CAST3_MAC 0x00000313
-#define CKM_CAST3_MAC_GENERAL 0x00000314
-#define CKM_CAST3_CBC_PAD 0x00000315
-#define CKM_CAST5_KEY_GEN 0x00000320
-#define CKM_CAST128_KEY_GEN 0x00000320
-#define CKM_CAST5_ECB 0x00000321
-#define CKM_CAST128_ECB 0x00000321
-#define CKM_CAST5_CBC 0x00000322
-#define CKM_CAST128_CBC 0x00000322
-#define CKM_CAST5_MAC 0x00000323
-#define CKM_CAST128_MAC 0x00000323
-#define CKM_CAST5_MAC_GENERAL 0x00000324
-#define CKM_CAST128_MAC_GENERAL 0x00000324
-#define CKM_CAST5_CBC_PAD 0x00000325
-#define CKM_CAST128_CBC_PAD 0x00000325
-#define CKM_RC5_KEY_GEN 0x00000330
-#define CKM_RC5_ECB 0x00000331
-#define CKM_RC5_CBC 0x00000332
-#define CKM_RC5_MAC 0x00000333
-#define CKM_RC5_MAC_GENERAL 0x00000334
-#define CKM_RC5_CBC_PAD 0x00000335
-#define CKM_IDEA_KEY_GEN 0x00000340
-#define CKM_IDEA_ECB 0x00000341
-#define CKM_IDEA_CBC 0x00000342
-#define CKM_IDEA_MAC 0x00000343
-#define CKM_IDEA_MAC_GENERAL 0x00000344
-#define CKM_IDEA_CBC_PAD 0x00000345
-#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350
-#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360
-#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362
-#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363
-#define CKM_XOR_BASE_AND_DATA 0x00000364
-#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365
-#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370
-#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371
-#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372
-
-/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN,
- * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE,
- * CKM_TLS_MASTER_KEY_DERIVE_DH, & CKM_SSL3_MASTER_KEY_DERIVE_DH
- * are new for v2.11. */
-#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373
-#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374
-#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375
-#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376
-#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377
-
-#define CKM_SSL3_MD5_MAC 0x00000380
-#define CKM_SSL3_SHA1_MAC 0x00000381
-#define CKM_MD5_KEY_DERIVATION 0x00000390
-#define CKM_MD2_KEY_DERIVATION 0x00000391
-#define CKM_SHA1_KEY_DERIVATION 0x00000392
-#define CKM_PBE_MD2_DES_CBC 0x000003A0
-#define CKM_PBE_MD5_DES_CBC 0x000003A1
-#define CKM_PBE_MD5_CAST_CBC 0x000003A2
-#define CKM_PBE_MD5_CAST3_CBC 0x000003A3
-#define CKM_PBE_MD5_CAST5_CBC 0x000003A4
-#define CKM_PBE_MD5_CAST128_CBC 0x000003A4
-#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
-#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
-#define CKM_PBE_SHA1_RC4_128 0x000003A6
-#define CKM_PBE_SHA1_RC4_40 0x000003A7
-#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
-#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
-#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
-#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
-
-/* CKM_PKCS5_PBKD2 is new for v2.10 */
-#define CKM_PKCS5_PBKD2 0x000003B0
-
-#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
-#define CKM_KEY_WRAP_LYNKS 0x00000400
-#define CKM_KEY_WRAP_SET_OAEP 0x00000401
-
-/* Fortezza mechanisms */
-#define CKM_SKIPJACK_KEY_GEN 0x00001000
-#define CKM_SKIPJACK_ECB64 0x00001001
-#define CKM_SKIPJACK_CBC64 0x00001002
-#define CKM_SKIPJACK_OFB64 0x00001003
-#define CKM_SKIPJACK_CFB64 0x00001004
-#define CKM_SKIPJACK_CFB32 0x00001005
-#define CKM_SKIPJACK_CFB16 0x00001006
-#define CKM_SKIPJACK_CFB8 0x00001007
-#define CKM_SKIPJACK_WRAP 0x00001008
-#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009
-#define CKM_SKIPJACK_RELAYX 0x0000100a
-#define CKM_KEA_KEY_PAIR_GEN 0x00001010
-#define CKM_KEA_KEY_DERIVE 0x00001011
-#define CKM_FORTEZZA_TIMESTAMP 0x00001020
-#define CKM_BATON_KEY_GEN 0x00001030
-#define CKM_BATON_ECB128 0x00001031
-#define CKM_BATON_ECB96 0x00001032
-#define CKM_BATON_CBC128 0x00001033
-#define CKM_BATON_COUNTER 0x00001034
-#define CKM_BATON_SHUFFLE 0x00001035
-#define CKM_BATON_WRAP 0x00001036
-#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 /* depricated in v2.11 */
-#define CKM_EC_KEY_PAIR_GEN 0x00001040
-#define CKM_ECDSA 0x00001041
-#define CKM_ECDSA_SHA1 0x00001042
-
-/* ECDH1 is new for 2.11 */
-#define CKM_ECDH1_DERIVE 0x00001043
-#define CKM_ECDH1_COFACTOR_DERIVE 0x00001044
-#define CKM_ECMQV_DERIVE 0x00001045
-
-#define CKM_JUNIPER_KEY_GEN 0x00001060
-#define CKM_JUNIPER_ECB128 0x00001061
-#define CKM_JUNIPER_CBC128 0x00001062
-#define CKM_JUNIPER_COUNTER 0x00001063
-#define CKM_JUNIPER_SHUFFLE 0x00001064
-#define CKM_JUNIPER_WRAP 0x00001065
-#define CKM_FASTHASH 0x00001070
-
-/* AES is new for 2.11 */
-#define CKM_AES_KEY_GEN 0x00001080
-#define CKM_AES_ECB 0x00001081
-#define CKM_AES_CBC 0x00001082
-#define CKM_AES_MAC 0x00001083
-#define CKM_AES_MAC_GENERAL 0x00001084
-#define CKM_AES_CBC_PAD 0x00001085
-
-/* CKM_DSA_PARAMETER_GEN, CKM_DH_PKCS_PARAMETER_GEN,
- * and CKM_DH_X9_42_PARAMETER_GEN are new for 2.11 */
-#define CKM_DSA_PARAMETER_GEN 0x00002000
-#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001
-#define CKM_DH_X9_42_PARAMETER_GEN 0x00002002
-
-#define CKM_VENDOR_DEFINED 0x80000000
-
-typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR;
-
-
-/* CK_MECHANISM is a structure that specifies a particular
- * mechanism */
-typedef struct CK_MECHANISM {
- CK_MECHANISM_TYPE mechanism;
- CK_VOID_PTR pParameter;
-
- /* ulParameterLen was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
- CK_ULONG ulParameterLen; /* in bytes */
-} CK_MECHANISM;
-
-typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR;
-
-
-/* CK_MECHANISM_INFO provides information about a particular
- * mechanism */
-typedef struct CK_MECHANISM_INFO {
- CK_ULONG ulMinKeySize;
- CK_ULONG ulMaxKeySize;
- CK_FLAGS flags;
-} CK_MECHANISM_INFO;
-
-/* The flags are defined as follows:
- * Bit Flag Mask Meaning */
-#define CKF_HW 0x00000001 /* performed by HW */
-
-/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN,
- * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER,
- * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP,
- * and CKF_DERIVE are new for v2.0. They specify whether or not
- * a mechanism can be used for a particular task */
-/* The flags CKF_EC_FP, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE,
- * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11 */
-#define CKF_ENCRYPT 0x00000100
-#define CKF_DECRYPT 0x00000200
-#define CKF_DIGEST 0x00000400
-#define CKF_SIGN 0x00000800
-#define CKF_SIGN_RECOVER 0x00001000
-#define CKF_VERIFY 0x00002000
-#define CKF_VERIFY_RECOVER 0x00004000
-#define CKF_GENERATE 0x00008000
-#define CKF_GENERATE_KEY_PAIR 0x00010000
-#define CKF_WRAP 0x00020000
-#define CKF_UNWRAP 0x00040000
-#define CKF_DERIVE 0x00080000
-#define CKF_EC_FP 0x00100000
-#define CKF_EC_F_2M 0x00200000
-#define CKF_EC_ECPARAMETERS 0x00400000
-#define CKF_EC_NAMEDCURVE 0x00800000
-#define CKF_EC_UNCOMPRESS 0x01000000
-#define CKF_EC_COMPRESS 0x02000000
-
-#define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */
-
-typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR;
-
-
-/* CK_RV is a value that identifies the return value of a
- * PKCS #11 function */
-/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */
-typedef CK_ULONG CK_RV;
-
-#define CKR_OK 0x00000000
-#define CKR_CANCEL 0x00000001
-#define CKR_HOST_MEMORY 0x00000002
-#define CKR_SLOT_ID_INVALID 0x00000003
-
-/* CKR_FLAGS_INVALID was removed for v2.0 */
-
-/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */
-#define CKR_GENERAL_ERROR 0x00000005
-#define CKR_FUNCTION_FAILED 0x00000006
-
-/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS,
- * and CKR_CANT_LOCK are new for v2.01 */
-#define CKR_ARGUMENTS_BAD 0x00000007
-#define CKR_NO_EVENT 0x00000008
-#define CKR_NEED_TO_CREATE_THREADS 0x00000009
-#define CKR_CANT_LOCK 0x0000000A
-
-#define CKR_ATTRIBUTE_READ_ONLY 0x00000010
-#define CKR_ATTRIBUTE_SENSITIVE 0x00000011
-#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012
-#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013
-#define CKR_DATA_INVALID 0x00000020
-#define CKR_DATA_LEN_RANGE 0x00000021
-#define CKR_DEVICE_ERROR 0x00000030
-#define CKR_DEVICE_MEMORY 0x00000031
-#define CKR_DEVICE_REMOVED 0x00000032
-#define CKR_ENCRYPTED_DATA_INVALID 0x00000040
-#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041
-#define CKR_FUNCTION_CANCELED 0x00000050
-#define CKR_FUNCTION_NOT_PARALLEL 0x00000051
-
-/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */
-#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054
-
-#define CKR_KEY_HANDLE_INVALID 0x00000060
-
-/* CKR_KEY_SENSITIVE was removed for v2.0 */
-
-#define CKR_KEY_SIZE_RANGE 0x00000062
-#define CKR_KEY_TYPE_INCONSISTENT 0x00000063
-
-/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED,
- * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED,
- * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for
- * v2.0 */
-#define CKR_KEY_NOT_NEEDED 0x00000064
-#define CKR_KEY_CHANGED 0x00000065
-#define CKR_KEY_NEEDED 0x00000066
-#define CKR_KEY_INDIGESTIBLE 0x00000067
-#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068
-#define CKR_KEY_NOT_WRAPPABLE 0x00000069
-#define CKR_KEY_UNEXTRACTABLE 0x0000006A
-
-/* CKR_KEY_PARAMS_INVALID is new for v2.11 */
-#define CKR_KEY_PARAMS_INVALID 0x0000006B
-
-#define CKR_MECHANISM_INVALID 0x00000070
-#define CKR_MECHANISM_PARAM_INVALID 0x00000071
-
-/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID
- * were removed for v2.0 */
-#define CKR_OBJECT_HANDLE_INVALID 0x00000082
-#define CKR_OPERATION_ACTIVE 0x00000090
-#define CKR_OPERATION_NOT_INITIALIZED 0x00000091
-#define CKR_PIN_INCORRECT 0x000000A0
-#define CKR_PIN_INVALID 0x000000A1
-#define CKR_PIN_LEN_RANGE 0x000000A2
-
-/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */
-#define CKR_PIN_EXPIRED 0x000000A3
-#define CKR_PIN_LOCKED 0x000000A4
-
-#define CKR_SESSION_CLOSED 0x000000B0
-#define CKR_SESSION_COUNT 0x000000B1
-#define CKR_SESSION_HANDLE_INVALID 0x000000B3
-#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4
-#define CKR_SESSION_READ_ONLY 0x000000B5
-#define CKR_SESSION_EXISTS 0x000000B6
-
-/* CKR_SESSION_READ_ONLY_EXISTS and
- * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */
-#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7
-#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8
-
-#define CKR_SIGNATURE_INVALID 0x000000C0
-#define CKR_SIGNATURE_LEN_RANGE 0x000000C1
-#define CKR_TEMPLATE_INCOMPLETE 0x000000D0
-#define CKR_TEMPLATE_INCONSISTENT 0x000000D1
-#define CKR_TOKEN_NOT_PRESENT 0x000000E0
-#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1
-#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2
-#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0
-#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1
-#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2
-#define CKR_USER_ALREADY_LOGGED_IN 0x00000100
-#define CKR_USER_NOT_LOGGED_IN 0x00000101
-#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102
-#define CKR_USER_TYPE_INVALID 0x00000103
-
-/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES
- * are new to v2.01 */
-#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104
-#define CKR_USER_TOO_MANY_TYPES 0x00000105
-
-#define CKR_WRAPPED_KEY_INVALID 0x00000110
-#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112
-#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113
-#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114
-#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115
-#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120
-
-/* New for v2.0 */
-#define CKR_RANDOM_NO_RNG 0x00000121
-
-/* New for v2.11 */
-#define CKR_DOMAIN_PARAMS_INVALID 0x00000130
-
-/* These are new to v2.0 */
-#define CKR_BUFFER_TOO_SMALL 0x00000150
-#define CKR_SAVED_STATE_INVALID 0x00000160
-#define CKR_INFORMATION_SENSITIVE 0x00000170
-#define CKR_STATE_UNSAVEABLE 0x00000180
-
-/* These are new to v2.01 */
-#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190
-#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191
-#define CKR_MUTEX_BAD 0x000001A0
-#define CKR_MUTEX_NOT_LOCKED 0x000001A1
-
-#define CKR_VENDOR_DEFINED 0x80000000
-
-
-/* CK_NOTIFY is an application callback that processes events */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)(
- CK_SESSION_HANDLE hSession, /* the session's handle */
- CK_NOTIFICATION event,
- CK_VOID_PTR pApplication /* passed to C_OpenSession */
-);
-
-
-/* CK_FUNCTION_LIST is a structure holding a PKCS #11 spec
- * version and pointers of appropriate types to all the
- * PKCS #11 functions */
-/* CK_FUNCTION_LIST is new for v2.0 */
-typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST;
-
-typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR;
-
-typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR;
-
-
-/* CK_CREATEMUTEX is an application callback for creating a
- * mutex object */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)(
- CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */
-);
-
-
-/* CK_DESTROYMUTEX is an application callback for destroying a
- * mutex object */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_LOCKMUTEX is an application callback for locking a mutex */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_UNLOCKMUTEX is an application callback for unlocking a
- * mutex */
-typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)(
- CK_VOID_PTR pMutex /* pointer to mutex */
-);
-
-
-/* CK_C_INITIALIZE_ARGS provides the optional arguments to
- * C_Initialize */
-typedef struct CK_C_INITIALIZE_ARGS {
- CK_CREATEMUTEX CreateMutex;
- CK_DESTROYMUTEX DestroyMutex;
- CK_LOCKMUTEX LockMutex;
- CK_UNLOCKMUTEX UnlockMutex;
- CK_FLAGS flags;
- CK_CHAR_PTR *LibraryParameters;
- CK_VOID_PTR pReserved;
-} CK_C_INITIALIZE_ARGS;
-
-/* flags: bit flags that provide capabilities of the slot
- * Bit Flag Mask Meaning
- */
-#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
-#define CKF_OS_LOCKING_OK 0x00000002
-
-typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR;
-
-
-/* additional flags for parameters to functions */
-
-/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */
-#define CKF_DONT_BLOCK 1
-
-/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10.
- * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message
- * Generation Function (MGF) applied to a message block when
- * formatting a message block for the PKCS #1 OAEP encryption
- * scheme. */
-typedef CK_ULONG CK_RSA_PKCS_OAEP_MGF_TYPE;
-
-typedef CK_RSA_PKCS_OAEP_MGF_TYPE CK_PTR CK_RSA_PKCS_OAEP_MGF_TYPE_PTR;
-
-/* The following MGFs are defined */
-#define CKG_MGF1_SHA1 0x00000001
-
-/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10.
- * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source
- * of the encoding parameter when formatting a message block
- * for the PKCS #1 OAEP encryption scheme. */
-typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE;
-
-typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR;
-
-/* The following encoding parameter sources are defined */
-#define CKZ_DATA_SPECIFIED 0x00000001
-
-/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10.
- * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the
- * CKM_RSA_PKCS_OAEP mechanism. */
-typedef struct CK_RSA_PKCS_OAEP_PARAMS {
- CK_MECHANISM_TYPE hashAlg;
- CK_RSA_PKCS_OAEP_MGF_TYPE mgf;
- CK_RSA_PKCS_OAEP_SOURCE_TYPE source;
- CK_VOID_PTR pSourceData;
- CK_ULONG ulSourceDataLen;
-} CK_RSA_PKCS_OAEP_PARAMS;
-
-typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR;
-
-/* CK_KEA_DERIVE_PARAMS provides the parameters to the
- * CKM_KEA_DERIVE mechanism */
-/* CK_KEA_DERIVE_PARAMS is new for v2.0 */
-typedef struct CK_KEA_DERIVE_PARAMS {
- CK_BBOOL isSender;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pRandomB;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
-} CK_KEA_DERIVE_PARAMS;
-
-typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR;
-
-
-/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and
- * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just
- * holds the effective keysize */
-typedef CK_ULONG CK_RC2_PARAMS;
-
-typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR;
-
-
-/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC
- * mechanism */
-typedef struct CK_RC2_CBC_PARAMS {
- /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for
- * v2.0 */
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
-
- CK_BYTE iv[8]; /* IV for CBC mode */
-} CK_RC2_CBC_PARAMS;
-
-typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR;
-
-
-/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the
- * CKM_RC2_MAC_GENERAL mechanism */
-/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC2_MAC_GENERAL_PARAMS {
- CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC2_MAC_GENERAL_PARAMS;
-
-typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \
- CK_RC2_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and
- * CKM_RC5_MAC mechanisms */
-/* CK_RC5_PARAMS is new for v2.0 */
-typedef struct CK_RC5_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
-} CK_RC5_PARAMS;
-
-typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR;
-
-
-/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC
- * mechanism */
-/* CK_RC5_CBC_PARAMS is new for v2.0 */
-typedef struct CK_RC5_CBC_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_BYTE_PTR pIv; /* pointer to IV */
- CK_ULONG ulIvLen; /* length of IV in bytes */
-} CK_RC5_CBC_PARAMS;
-
-typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR;
-
-
-/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the
- * CKM_RC5_MAC_GENERAL mechanism */
-/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef struct CK_RC5_MAC_GENERAL_PARAMS {
- CK_ULONG ulWordsize; /* wordsize in bits */
- CK_ULONG ulRounds; /* number of rounds */
- CK_ULONG ulMacLength; /* Length of MAC in bytes */
-} CK_RC5_MAC_GENERAL_PARAMS;
-
-typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \
- CK_RC5_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_MAC_GENERAL_PARAMS provides the parameters to most block
- * ciphers' MAC_GENERAL mechanisms. Its value is the length of
- * the MAC */
-/* CK_MAC_GENERAL_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_MAC_GENERAL_PARAMS;
-
-typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR;
-
-
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the
- * CKM_SKIPJACK_PRIVATE_WRAP mechanism */
-/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS {
- CK_ULONG ulPasswordLen;
- CK_BYTE_PTR pPassword;
- CK_ULONG ulPublicDataLen;
- CK_BYTE_PTR pPublicData;
- CK_ULONG ulPAndGLen;
- CK_ULONG ulQLen;
- CK_ULONG ulRandomLen;
- CK_BYTE_PTR pRandomA;
- CK_BYTE_PTR pPrimeP;
- CK_BYTE_PTR pBaseG;
- CK_BYTE_PTR pSubprimeQ;
-} CK_SKIPJACK_PRIVATE_WRAP_PARAMS;
-
-typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \
- CK_SKIPJACK_PRIVATE_WRAP_PTR;
-
-
-/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the
- * CKM_SKIPJACK_RELAYX mechanism */
-/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */
-typedef struct CK_SKIPJACK_RELAYX_PARAMS {
- CK_ULONG ulOldWrappedXLen;
- CK_BYTE_PTR pOldWrappedX;
- CK_ULONG ulOldPasswordLen;
- CK_BYTE_PTR pOldPassword;
- CK_ULONG ulOldPublicDataLen;
- CK_BYTE_PTR pOldPublicData;
- CK_ULONG ulOldRandomLen;
- CK_BYTE_PTR pOldRandomA;
- CK_ULONG ulNewPasswordLen;
- CK_BYTE_PTR pNewPassword;
- CK_ULONG ulNewPublicDataLen;
- CK_BYTE_PTR pNewPublicData;
- CK_ULONG ulNewRandomLen;
- CK_BYTE_PTR pNewRandomA;
-} CK_SKIPJACK_RELAYX_PARAMS;
-
-typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \
- CK_SKIPJACK_RELAYX_PARAMS_PTR;
-
-
-typedef struct CK_PBE_PARAMS {
- CK_CHAR_PTR pInitVector;
- CK_CHAR_PTR pPassword;
- CK_ULONG ulPasswordLen;
- CK_CHAR_PTR pSalt;
- CK_ULONG ulSaltLen;
- CK_ULONG ulIteration;
-} CK_PBE_PARAMS;
-
-typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR;
-
-
-/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the
- * CKM_KEY_WRAP_SET_OAEP mechanism */
-/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */
-typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS {
- CK_BYTE bBC; /* block contents byte */
- CK_BYTE_PTR pX; /* extra data */
- CK_ULONG ulXLen; /* length of extra data in bytes */
-} CK_KEY_WRAP_SET_OAEP_PARAMS;
-
-typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \
- CK_KEY_WRAP_SET_OAEP_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_RANDOM_DATA {
- CK_BYTE_PTR pClientRandom;
- CK_ULONG ulClientRandomLen;
- CK_BYTE_PTR pServerRandom;
- CK_ULONG ulServerRandomLen;
-} CK_SSL3_RANDOM_DATA;
-
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS {
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_VERSION_PTR pVersion;
-} CK_SSL3_MASTER_KEY_DERIVE_PARAMS;
-
-typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_OUT {
- CK_OBJECT_HANDLE hClientMacSecret;
- CK_OBJECT_HANDLE hServerMacSecret;
- CK_OBJECT_HANDLE hClientKey;
- CK_OBJECT_HANDLE hServerKey;
- CK_BYTE_PTR pIVClient;
- CK_BYTE_PTR pIVServer;
-} CK_SSL3_KEY_MAT_OUT;
-
-typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR;
-
-
-typedef struct CK_SSL3_KEY_MAT_PARAMS {
- CK_ULONG ulMacSizeInBits;
- CK_ULONG ulKeySizeInBits;
- CK_ULONG ulIVSizeInBits;
- CK_BBOOL bIsExport;
- CK_SSL3_RANDOM_DATA RandomInfo;
- CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial;
-} CK_SSL3_KEY_MAT_PARAMS;
-
-typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR;
-
-
-typedef struct CK_KEY_DERIVATION_STRING_DATA {
- CK_BYTE_PTR pData;
- CK_ULONG ulLen;
-} CK_KEY_DERIVATION_STRING_DATA;
-
-typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \
- CK_KEY_DERIVATION_STRING_DATA_PTR;
-
-
-/* The CK_EXTRACT_PARAMS is used for the
- * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit
- * of the base key should be used as the first bit of the
- * derived key */
-/* CK_EXTRACT_PARAMS is new for v2.0 */
-typedef CK_ULONG CK_EXTRACT_PARAMS;
-
-typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR;
-
-/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10.
- * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to
- * indicate the Pseudo-Random Function (PRF) used to generate
- * key bits using PKCS #5 PBKDF2. */
-typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE;
-
-typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR;
-
-/* The following PRFs are defined in PKCS #5 v2.0. */
-#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
-
-
-/* CK_PKCS5_PBKD2_SALT_SOURCE_TYPE is new for v2.10.
- * CK_PKCS5_PBKD2_SALT_SOURCE_TYPE is used to indicate the
- * source of the salt value when deriving a key using PKCS #5
- * PBKDF2. */
-typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE;
-
-typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR;
-
-/* The following salt value sources are defined in PKCS #5 v2.0. */
-#define CKZ_SALT_SPECIFIED 0x00000001
-
-/* CK_PKCS5_PBKD2_PARAMS is new for v2.10.
- * CK_PKCS5_PBKD2_PARAMS is a structure that provides the
- * parameters to the CKM_PKCS5_PBKD2 mechanism. */
-typedef struct CK_PKCS5_PBKD2_PARAMS {
- CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource;
- CK_VOID_PTR pSaltSourceData;
- CK_ULONG ulSaltSourceDataLen;
- CK_ULONG iterations;
- CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf;
- CK_VOID_PTR pPrfData;
- CK_ULONG ulPrfDataLen;
-} CK_PKCS5_PBKD2_PARAMS;
-
-typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR;
-
-/* Netscape Specific defines */
-#include "pkcs11n.h"
-
-/* undo packing */
-#include "pkcs11u.h"
-
-#endif
diff --git a/security/nss/lib/softoken/pkcs11u.c b/security/nss/lib/softoken/pkcs11u.c
deleted file mode 100644
index 1ad205a2c..000000000
--- a/security/nss/lib/softoken/pkcs11u.c
+++ /dev/null
@@ -1,2653 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Internal PKCS #11 functions. Should only be called by pkcs11.c
- */
-#include "pkcs11.h"
-#include "pkcs11i.h"
-#include "pcertt.h"
-#include "lowkeyi.h"
-#include "pcert.h"
-#include "secasn1.h"
-
-/*
- * ******************** Attribute Utilities *******************************
- */
-
-/*
- * create a new attribute with type, value, and length. Space is allocated
- * to hold value.
- */
-static PK11Attribute *
-pk11_NewAttribute(PK11Object *object,
- CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value, CK_ULONG len)
-{
- PK11Attribute *attribute;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
- PK11SessionObject *so = pk11_narrowToSessionObject(object);
- int index;
-
- if (so == NULL) {
- /* allocate new attribute in a buffer */
- PORT_Assert(0);
- }
- /*
- * PKCS11_STATIC_ATTRIBUTES attempts to keep down contention on Malloc and Arena locks
- * by limiting the number of these calls on high traversed paths. this
- * is done for attributes by 'allocating' them from a pool already allocated
- * by the parent object.
- */
- PK11_USE_THREADS(PZ_Lock(so->attributeLock);)
- index = so->nextAttr++;
- PK11_USE_THREADS(PZ_Unlock(so->attributeLock);)
- PORT_Assert(index < MAX_OBJS_ATTRS);
- if (index >= MAX_OBJS_ATTRS) return NULL;
-
- attribute = &so->attrList[index];
- attribute->attrib.type = type;
- attribute->freeAttr = PR_FALSE;
- attribute->freeData = PR_FALSE;
- if (value) {
- if (len <= ATTR_SPACE) {
- attribute->attrib.pValue = attribute->space;
- } else {
- attribute->attrib.pValue = PORT_Alloc(len);
- attribute->freeData = PR_TRUE;
- }
- if (attribute->attrib.pValue == NULL) {
- return NULL;
- }
- PORT_Memcpy(attribute->attrib.pValue,value,len);
- attribute->attrib.ulValueLen = len;
- } else {
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
-#else
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- attribute = (PK11Attribute*)PORT_Alloc(sizeof(PK11Attribute));
- attribute->freeAttr = PR_TRUE;
-#else
- attribute = (PK11Attribute*)PORT_ArenaAlloc(object->arena,sizeof(PK11Attribute));
- attribute->freeAttr = PR_FALSE;
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- if (attribute == NULL) return NULL;
- attribute->freeData = PR_FALSE;
-
- if (value) {
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- attribute->attrib.pValue = PORT_Alloc(len);
- attribute->freeData = PR_TRUE;
-#else
- attribute->attrib.pValue = PORT_ArenaAlloc(object->arena,len);
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- if (attribute->attrib.pValue == NULL) {
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- PORT_Free(attribute);
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- return NULL;
- }
- PORT_Memcpy(attribute->attrib.pValue,value,len);
- attribute->attrib.ulValueLen = len;
- } else {
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
-#endif /* PKCS11_STATIC_ATTRIBUTES */
- attribute->attrib.type = type;
- attribute->handle = type;
- attribute->next = attribute->prev = NULL;
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- attribute->refCount = 1;
-#ifdef PKCS11_USE_THREADS
- attribute->refLock = PZ_NewLock(nssILockRefLock);
- if (attribute->refLock == NULL) {
- if (attribute->attrib.pValue) PORT_Free(attribute->attrib.pValue);
- PORT_Free(attribute);
- return NULL;
- }
-#else
- attribute->refLock = NULL;
-#endif
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- return attribute;
-}
-
-static PK11Attribute *
-pk11_NewTokenAttribute(CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value,
- CK_ULONG len, PRBool copy)
-{
- PK11Attribute *attribute;
-
- attribute = (PK11Attribute*)PORT_Alloc(sizeof(PK11Attribute));
-
- if (attribute == NULL) return NULL;
- attribute->attrib.type = type;
- attribute->handle = type;
- attribute->next = attribute->prev = NULL;
- attribute->freeAttr = PR_TRUE;
- attribute->freeData = PR_FALSE;
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- attribute->refCount = 1;
-#ifdef PKCS11_USE_THREADS
- attribute->refLock = PZ_NewLock(nssILockRefLock);
- if (attribute->refLock == NULL) {
- PORT_Free(attribute);
- return NULL;
- }
-#else
- attribute->refLock = NULL;
-#endif
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
- attribute->attrib.type = type;
- if (!copy) {
- attribute->attrib.pValue = value;
- attribute->attrib.ulValueLen = len;
- return attribute;
- }
-
- if (value) {
-#ifdef PKCS11_STATIC_ATTRIBUTES
- if (len <= ATTR_SPACE) {
- attribute->attrib.pValue = attribute->space;
- } else {
- attribute->attrib.pValue = PORT_Alloc(len);
- attribute->freeData = PR_TRUE;
- }
-#else
- attribute->attrib.pValue = PORT_Alloc(len);
- attribute->freeData = PR_TRUE;
-#endif
- if (attribute->attrib.pValue == NULL) {
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- if (attribute->refLock) {
- PK11_USE_THREADS(PZ_DestroyLock(attribute->refLock);)
- }
-#endif
- PORT_Free(attribute);
- return NULL;
- }
- PORT_Memcpy(attribute->attrib.pValue,value,len);
- attribute->attrib.ulValueLen = len;
- } else {
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
- return attribute;
-}
-
-static PK11Attribute *
-pk11_NewTokenAttributeSigned(CK_ATTRIBUTE_TYPE type, CK_VOID_PTR value,
- CK_ULONG len, PRBool copy)
-{
- unsigned char * dval = (unsigned char *)value;
- if (*dval == 0) {
- dval++;
- len--;
- }
- return pk11_NewTokenAttribute(type,dval,len,copy);
-}
-
-/*
- * Free up all the memory associated with an attribute. Reference count
- * must be zero to call this.
- */
-static void
-pk11_DestroyAttribute(PK11Attribute *attribute)
-{
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- PORT_Assert(attribute->refCount == 0);
- PK11_USE_THREADS(PZ_DestroyLock(attribute->refLock);)
-#endif
- if (attribute->freeData) {
- if (attribute->attrib.pValue) {
- /* clear out the data in the attribute value... it may have been
- * sensitive data */
- PORT_Memset(attribute->attrib.pValue, 0,
- attribute->attrib.ulValueLen);
- }
- PORT_Free(attribute->attrib.pValue);
- }
- PORT_Free(attribute);
-}
-
-/*
- * release a reference to an attribute structure
- */
-void
-pk11_FreeAttribute(PK11Attribute *attribute)
-{
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- PRBool destroy = PR_FALSE;
-#endif
-
- if (attribute->freeAttr) {
- pk11_DestroyAttribute(attribute);
- return;
- }
-
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- PK11_USE_THREADS(PZ_Lock(attribute->refLock);)
- if (attribute->refCount == 1) destroy = PR_TRUE;
- attribute->refCount--;
- PK11_USE_THREADS(PZ_Unlock(attribute->refLock);)
-
- if (destroy) pk11_DestroyAttribute(attribute);
-#endif
-}
-
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
-#define PK11_DEF_ATTRIBUTE(value,len) \
- { NULL, NULL, PR_FALSE, PR_FALSE, 1, NULL, 0, { 0, value, len } }
-
-#else
-#define PK11_DEF_ATTRIBUTE(value,len) \
- { NULL, NULL, PR_FALSE, PR_FALSE, 0, { 0, value, len } }
-#endif
-
-CK_BBOOL pk11_staticTrueValue = CK_TRUE;
-CK_BBOOL pk11_staticFalseValue = CK_FALSE;
-static const PK11Attribute pk11_StaticTrueAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticTrueValue,sizeof(pk11_staticTrueValue));
-static const PK11Attribute pk11_StaticFalseAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticFalseValue,sizeof(pk11_staticFalseValue));
-static const PK11Attribute pk11_StaticNullAttr = PK11_DEF_ATTRIBUTE(NULL,0);
-
-CK_CERTIFICATE_TYPE pk11_staticX509Value = CKC_X_509;
-static const PK11Attribute pk11_StaticX509Attr =
- PK11_DEF_ATTRIBUTE(&pk11_staticX509Value, sizeof(pk11_staticX509Value));
-CK_TRUST pk11_staticTrustedValue = CKT_NETSCAPE_TRUSTED;
-CK_TRUST pk11_staticTrustedDelegatorValue = CKT_NETSCAPE_TRUSTED_DELEGATOR;
-CK_TRUST pk11_staticUnTrustedValue = CKT_NETSCAPE_UNTRUSTED;
-CK_TRUST pk11_staticTrustUnknownValue = CKT_NETSCAPE_TRUST_UNKNOWN;
-CK_TRUST pk11_staticMustVerifyValue = CKT_NETSCAPE_MUST_VERIFY;
-static const PK11Attribute pk11_StaticTrustedAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticTrustedValue,
- sizeof(pk11_staticTrustedValue));
-static const PK11Attribute pk11_StaticTrustedDelegatorAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticTrustedDelegatorValue,
- sizeof(pk11_staticTrustedDelegatorValue));
-static const PK11Attribute pk11_StaticUnTrustedAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticUnTrustedValue,
- sizeof(pk11_staticUnTrustedValue));
-static const PK11Attribute pk11_StaticTrustUnknownAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticTrustUnknownValue,
- sizeof(pk11_staticTrustUnknownValue));
-static const PK11Attribute pk11_StaticMustVerifyAttr =
- PK11_DEF_ATTRIBUTE(&pk11_staticMustVerifyValue,
- sizeof(pk11_staticMustVerifyValue));
-
-static void pk11_FreeItem(SECItem *item)
-{
- SECITEM_FreeItem(item, PR_TRUE);
-}
-
-static certDBEntrySMime *
-pk11_getSMime(PK11TokenObject *object)
-{
- certDBEntrySMime *entry;
-
- if (object->obj.objclass != CKO_NETSCAPE_SMIME) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (certDBEntrySMime *)object->obj.objectInfo;
- }
-
- entry = nsslowcert_ReadDBSMimeEntry(object->obj.slot->certDB,
- (char *)object->dbKey.data);
- object->obj.objectInfo = (void *)entry;
- object->obj.infoFree = (PK11Free) nsslowcert_DestroyDBEntry;
- return entry;
-}
-
-static SECItem *
-pk11_getCrl(PK11TokenObject *object)
-{
- SECItem *crl;
- PRBool isKrl;
-
- if (object->obj.objclass != CKO_NETSCAPE_CRL) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (SECItem *)object->obj.objectInfo;
- }
-
- isKrl = (PRBool) object->obj.handle == PK11_TOKEN_KRL_HANDLE;
- crl = nsslowcert_FindCrlByKey(object->obj.slot->certDB,&object->dbKey,
- NULL,isKrl);
- object->obj.objectInfo = (void *)crl;
- object->obj.infoFree = (PK11Free) pk11_FreeItem;
- return crl;
-}
-
-static char *
-pk11_getUrl(PK11TokenObject *object)
-{
- SECItem *crl;
- PRBool isKrl;
- char *url = NULL;
-
- if (object->obj.objclass != CKO_NETSCAPE_CRL) {
- return NULL;
- }
-
- isKrl = (PRBool) object->obj.handle == PK11_TOKEN_KRL_HANDLE;
- crl = nsslowcert_FindCrlByKey(object->obj.slot->certDB,&object->dbKey,
- &url,isKrl);
- if (object->obj.objectInfo == NULL) {
- object->obj.objectInfo = (void *)crl;
- object->obj.infoFree = (PK11Free) pk11_FreeItem;
- } else {
- if (crl) SECITEM_FreeItem(crl,PR_TRUE);
- }
- return url;
-}
-
-static NSSLOWCERTCertificate *
-pk11_getCert(PK11TokenObject *object)
-{
- NSSLOWCERTCertificate *cert;
-
- if ((object->obj.objclass != CKO_CERTIFICATE) &&
- (object->obj.objclass != CKO_NETSCAPE_TRUST)) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (NSSLOWCERTCertificate *)object->obj.objectInfo;
- }
- cert = nsslowcert_FindCertByKey(object->obj.slot->certDB,&object->dbKey);
- object->obj.objectInfo = (void *)cert;
- object->obj.infoFree = (PK11Free) nsslowcert_DestroyCertificate ;
- return cert;
-}
-
-static NSSLOWKEYPublicKey *
-pk11_GetPublicKey(PK11TokenObject *object)
-{
- NSSLOWKEYPublicKey *pubKey;
- NSSLOWKEYPrivateKey *privKey;
-
- if (object->obj.objclass != CKO_PUBLIC_KEY) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (NSSLOWKEYPublicKey *)object->obj.objectInfo;
- }
- privKey = nsslowkey_FindKeyByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (privKey == NULL) {
- return NULL;
- }
- pubKey = nsslowkey_ConvertToPublicKey(privKey);
- nsslowkey_DestroyPrivateKey(privKey);
- object->obj.objectInfo = (void *) pubKey;
- object->obj.infoFree = (PK11Free) nsslowkey_DestroyPublicKey ;
- return pubKey;
-}
-
-static NSSLOWKEYPrivateKey *
-pk11_GetPrivateKey(PK11TokenObject *object)
-{
- NSSLOWKEYPrivateKey *privKey;
-
- if ((object->obj.objclass != CKO_PRIVATE_KEY) &&
- (object->obj.objclass != CKO_SECRET_KEY)) {
- return NULL;
- }
- if (object->obj.objectInfo) {
- return (NSSLOWKEYPrivateKey *)object->obj.objectInfo;
- }
- privKey = nsslowkey_FindKeyByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (privKey == NULL) {
- return NULL;
- }
- object->obj.objectInfo = (void *) privKey;
- object->obj.infoFree = (PK11Free) nsslowkey_DestroyPrivateKey ;
- return privKey;
-}
-
-/* pk11_GetPubItem returns data associated with the public key.
- * one only needs to free the public key. This comment is here
- * because this sematic would be non-obvious otherwise. All callers
- * should include this comment.
- */
-static SECItem *
-pk11_GetPubItem(NSSLOWKEYPublicKey *pubKey) {
- SECItem *pubItem = NULL;
- /* get value to compare from the cert's public key */
- switch ( pubKey->keyType ) {
- case NSSLOWKEYRSAKey:
- pubItem = &pubKey->u.rsa.modulus;
- break;
- case NSSLOWKEYDSAKey:
- pubItem = &pubKey->u.dsa.publicValue;
- break;
- case NSSLOWKEYDHKey:
- pubItem = &pubKey->u.dh.publicValue;
- break;
- default:
- break;
- }
- return pubItem;
-}
-
-static const SEC_ASN1Template pk11_SerialTemplate[] = {
- { SEC_ASN1_INTEGER, offsetof(NSSLOWCERTCertificate,serialNumber) },
- { 0 }
-};
-
-static PK11Attribute *
-pk11_FindRSAPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_RSA;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.rsa.modulus.data,key->u.rsa.modulus.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_ENCRYPT:
- case CKA_VERIFY:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_MODULUS:
- return pk11_NewTokenAttributeSigned(type,key->u.rsa.modulus.data,
- key->u.rsa.modulus.len, PR_FALSE);
- case CKA_PUBLIC_EXPONENT:
- return pk11_NewTokenAttributeSigned(type,key->u.rsa.publicExponent.data,
- key->u.rsa.publicExponent.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDSAPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_DSA;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.dsa.publicValue.data,
- key->u.dsa.publicValue.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- case CKA_ENCRYPT:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_VERIFY:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_VALUE:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.publicValue.data,
- key->u.dsa.publicValue.len, PR_FALSE);
- case CKA_PRIME:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.prime.data,
- key->u.dsa.params.prime.len, PR_FALSE);
- case CKA_SUBPRIME:
- return pk11_NewTokenAttributeSigned(type,
- key->u.dsa.params.subPrime.data,
- key->u.dsa.params.subPrime.len, PR_FALSE);
- case CKA_BASE:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.base.data,
- key->u.dsa.params.base.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDHPublicKeyAttribute(NSSLOWKEYPublicKey *key, CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_DH;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.dh.publicValue.data,key->u.dh.publicValue.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_ENCRYPT:
- case CKA_VERIFY:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_VALUE:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.publicValue.data,
- key->u.dh.publicValue.len, PR_FALSE);
- case CKA_PRIME:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.prime.data,
- key->u.dh.prime.len, PR_FALSE);
- case CKA_BASE:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.base.data,
- key->u.dh.base.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindPublicKeyAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWKEYPublicKey *key;
- PK11Attribute *att = NULL;
- char *label;
-
- switch (type) {
- case CKA_PRIVATE:
- case CKA_SENSITIVE:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_NEVER_EXTRACTABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_MODIFIABLE:
- case CKA_EXTRACTABLE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_LABEL:
- label = nsslowkey_FindKeyNicknameByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (label == NULL) {
- return (PK11Attribute *)&pk11_StaticNullAttr;
- }
- att = pk11_NewTokenAttribute(type,label,PORT_Strlen(label)+1, PR_TRUE);
- PORT_Free(label);
- return att;
- default:
- break;
- }
-
- key = pk11_GetPublicKey(object);
- if (key == NULL) {
- return NULL;
- }
-
- switch (key->keyType) {
- case NSSLOWKEYRSAKey:
- return pk11_FindRSAPublicKeyAttribute(key,type);
- case NSSLOWKEYDSAKey:
- return pk11_FindDSAPublicKeyAttribute(key,type);
- case NSSLOWKEYDHKey:
- return pk11_FindDHPublicKeyAttribute(key,type);
- default:
- break;
- }
-
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindSecretKeyAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWKEYPrivateKey *key;
- char *label;
- PK11Attribute *att;
-
- switch (type) {
- case CKA_PRIVATE:
- case CKA_SENSITIVE:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_EXTRACTABLE:
- case CKA_DERIVE:
- case CKA_ENCRYPT:
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_VERIFY:
- case CKA_WRAP:
- case CKA_UNWRAP:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_NEVER_EXTRACTABLE:
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_LABEL:
- label = nsslowkey_FindKeyNicknameByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (label == NULL) {
- return (PK11Attribute *)&pk11_StaticNullAttr;
- }
- att = pk11_NewTokenAttribute(type,label,PORT_Strlen(label)+1, PR_TRUE);
- PORT_Free(label);
- return att;
- default:
- break;
- }
-
- key = pk11_GetPrivateKey(object);
- if (key == NULL) {
- return NULL;
- }
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,key->u.rsa.coefficient.data,
- key->u.rsa.coefficient.len, PR_FALSE);
- case CKA_VALUE:
- return pk11_NewTokenAttribute(type,key->u.rsa.privateExponent.data,
- key->u.rsa.privateExponent.len, PR_FALSE);
- }
-
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindRSAPrivateKeyAttribute(NSSLOWKEYPrivateKey *key,
- CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_RSA;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.rsa.modulus.data,key->u.rsa.modulus.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_SIGN_RECOVER:
- case CKA_UNWRAP:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_MODULUS:
- return pk11_NewTokenAttributeSigned(type,key->u.rsa.modulus.data,
- key->u.rsa.modulus.len, PR_FALSE);
- case CKA_PUBLIC_EXPONENT:
- return pk11_NewTokenAttributeSigned(type,key->u.rsa.publicExponent.data,
- key->u.rsa.publicExponent.len, PR_FALSE);
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- return (PK11Attribute *) &pk11_StaticNullAttr;
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDSAPrivateKeyAttribute(NSSLOWKEYPrivateKey *key,
- CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_DSA;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.dsa.publicValue.data,
- key->u.dsa.publicValue.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- case CKA_DECRYPT:
- case CKA_SIGN_RECOVER:
- case CKA_UNWRAP:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_SIGN:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_VALUE:
- return (PK11Attribute *) &pk11_StaticNullAttr;
- case CKA_PRIME:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.prime.data,
- key->u.dsa.params.prime.len, PR_FALSE);
- case CKA_SUBPRIME:
- return pk11_NewTokenAttributeSigned(type,
- key->u.dsa.params.subPrime.data,
- key->u.dsa.params.subPrime.len, PR_FALSE);
- case CKA_BASE:
- return pk11_NewTokenAttributeSigned(type,key->u.dsa.params.base.data,
- key->u.dsa.params.base.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindDHPrivateKeyAttribute(NSSLOWKEYPrivateKey *key, CK_ATTRIBUTE_TYPE type)
-{
- unsigned char hash[SHA1_LENGTH];
- CK_KEY_TYPE keyType = CKK_DH;
-
- switch (type) {
- case CKA_KEY_TYPE:
- return pk11_NewTokenAttribute(type,&keyType,sizeof(keyType), PR_TRUE);
- case CKA_ID:
- SHA1_HashBuf(hash,key->u.dh.publicValue.data,key->u.dh.publicValue.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_DERIVE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_SIGN_RECOVER:
- case CKA_UNWRAP:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_VALUE:
- return (PK11Attribute *) &pk11_StaticNullAttr;
- case CKA_PRIME:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.prime.data,
- key->u.dh.prime.len, PR_FALSE);
- case CKA_BASE:
- return pk11_NewTokenAttributeSigned(type,key->u.dh.base.data,
- key->u.dh.base.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindPrivateKeyAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWKEYPrivateKey *key;
- char *label;
- PK11Attribute *att;
-
- switch (type) {
- case CKA_PRIVATE:
- case CKA_SENSITIVE:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_EXTRACTABLE:
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_NEVER_EXTRACTABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_SUBJECT:
- return (PK11Attribute *)&pk11_StaticNullAttr;
- case CKA_LABEL:
- label = nsslowkey_FindKeyNicknameByPublicKey(object->obj.slot->keyDB,
- &object->dbKey, object->obj.slot->password);
- if (label == NULL) {
- return (PK11Attribute *)&pk11_StaticNullAttr;
- }
- att = pk11_NewTokenAttribute(type,label,PORT_Strlen(label)+1, PR_TRUE);
- PORT_Free(label);
- return att;
- default:
- break;
- }
- key = pk11_GetPrivateKey(object);
- if (key == NULL) {
- return NULL;
- }
- switch (key->keyType) {
- case NSSLOWKEYRSAKey:
- return pk11_FindRSAPrivateKeyAttribute(key,type);
- case NSSLOWKEYDSAKey:
- return pk11_FindDSAPrivateKeyAttribute(key,type);
- case NSSLOWKEYDHKey:
- return pk11_FindDHPrivateKeyAttribute(key,type);
- default:
- break;
- }
-
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindSMIMEAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- certDBEntrySMime *entry;
- switch (type) {
- case CKA_PRIVATE:
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_NETSCAPE_EMAIL:
- return pk11_NewTokenAttribute(type,object->dbKey.data,
- object->dbKey.len, PR_FALSE);
- case CKA_SENSITIVE:
- return NULL;
- default:
- break;
- }
- entry = pk11_getSMime(object);
- if (entry == NULL) {
- return NULL;
- }
- switch (type) {
- case CKA_NETSCAPE_SMIME_TIMESTAMP:
- return pk11_NewTokenAttribute(type,entry->optionsDate.data,
- entry->optionsDate.len, PR_FALSE);
- case CKA_SUBJECT:
- return pk11_NewTokenAttribute(type,entry->subjectName.data,
- entry->subjectName.len, PR_FALSE);
- case CKA_VALUE:
- return pk11_NewTokenAttribute(type,entry->smimeOptions.data,
- entry->smimeOptions.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindTrustAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWCERTCertificate *cert;
- unsigned char hash[SHA1_LENGTH];
- SECItem *item;
- PK11Attribute *attr;
- unsigned int trustFlags;
-
- switch (type) {
- case CKA_PRIVATE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_SENSITIVE:
- return NULL;
- default:
- break;
- }
- cert = pk11_getCert(object);
- if (cert == NULL) {
- return NULL;
- }
- switch (type) {
- case CKA_CERT_SHA1_HASH:
- SHA1_HashBuf(hash,cert->derCert.data,cert->derCert.len);
- return pk11_NewTokenAttribute(type,hash,SHA1_LENGTH, PR_TRUE);
- case CKA_CERT_MD5_HASH:
- MD5_HashBuf(hash,cert->derCert.data,cert->derCert.len);
- return pk11_NewTokenAttribute(type,hash,MD5_LENGTH, PR_TRUE);
- case CKA_ISSUER:
- return pk11_NewTokenAttribute(type,cert->derIssuer.data,
- cert->derIssuer.len, PR_FALSE);
- case CKA_SERIAL_NUMBER:
- item = SEC_ASN1EncodeItem(NULL,NULL,cert,pk11_SerialTemplate);
- if (item == NULL) break;
- attr = pk11_NewTokenAttribute(type, item->data, item->len, PR_TRUE);
- SECITEM_FreeItem(item,PR_TRUE);
- return attr;
- case CKA_TRUST_CLIENT_AUTH:
- trustFlags = cert->trust->sslFlags & CERTDB_TRUSTED_CLIENT_CA ?
- cert->trust->sslFlags | CERTDB_TRUSTED_CA : 0 ;
- goto trust;
- case CKA_TRUST_SERVER_AUTH:
- trustFlags = cert->trust->sslFlags;
- goto trust;
- case CKA_TRUST_EMAIL_PROTECTION:
- trustFlags = cert->trust->emailFlags;
- goto trust;
- case CKA_TRUST_CODE_SIGNING:
- trustFlags = cert->trust->objectSigningFlags;
-trust:
- if (trustFlags & CERTDB_TRUSTED_CA ) {
- return (PK11Attribute *)&pk11_StaticTrustedDelegatorAttr;
- }
- if (trustFlags & CERTDB_TRUSTED) {
- return (PK11Attribute *)&pk11_StaticTrustedAttr;
- }
- if (trustFlags & CERTDB_NOT_TRUSTED) {
- return (PK11Attribute *)&pk11_StaticUnTrustedAttr;
- }
- if (trustFlags & CERTDB_TRUSTED_UNKNOWN) {
- return (PK11Attribute *)&pk11_StaticTrustUnknownAttr;
- }
- return (PK11Attribute *)&pk11_StaticMustVerifyAttr;
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindCrlAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- SECItem *crl;
- char *url;
-
- switch (type) {
- case CKA_PRIVATE:
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_NETSCAPE_KRL:
- return (PK11Attribute *) ((object->obj.handle == PK11_TOKEN_KRL_HANDLE)
- ? &pk11_StaticTrueAttr : &pk11_StaticFalseAttr);
- case CKA_NETSCAPE_URL:
- url = pk11_getUrl(object);
- if (url == NULL) {
- return (PK11Attribute *) &pk11_StaticNullAttr;
- }
- return pk11_NewTokenAttribute(type, url, PORT_Strlen(url)+1, PR_TRUE);
- case CKA_VALUE:
- crl = pk11_getCrl(object);
- if (crl == NULL) break;
- return pk11_NewTokenAttribute(type, crl->data, crl->len, PR_FALSE);
- case CKA_SUBJECT:
- return pk11_NewTokenAttribute(type,object->dbKey.data,
- object->dbKey.len, PR_FALSE);
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindCertAttribute(PK11TokenObject *object, CK_ATTRIBUTE_TYPE type)
-{
- NSSLOWCERTCertificate *cert;
- NSSLOWKEYPublicKey *pubKey;
- unsigned char hash[SHA1_LENGTH];
- SECItem *item;
- PK11Attribute *attr;
-
- switch (type) {
- case CKA_PRIVATE:
- return (PK11Attribute *) &pk11_StaticFalseAttr;
- case CKA_MODIFIABLE:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_CERTIFICATE_TYPE:
- /* hardcoding X.509 into here */
- return (PK11Attribute *)&pk11_StaticX509Attr;
- case CKA_SENSITIVE:
- return NULL;
- default:
- break;
- }
- cert = pk11_getCert(object);
- if (cert == NULL) {
- return NULL;
- }
- switch (type) {
- case CKA_VALUE:
- return pk11_NewTokenAttribute(type,cert->derCert.data,
- cert->derCert.len,PR_FALSE);
- case CKA_ID:
- pubKey = nsslowcert_ExtractPublicKey(cert);
- if (pubKey == NULL) break;
- item = pk11_GetPubItem(pubKey);
- if (item == NULL) {
- nsslowkey_DestroyPublicKey(pubKey);
- break;
- }
- SHA1_HashBuf(hash,item->data,item->len);
- /* item is imbedded in pubKey, just free the key */
- nsslowkey_DestroyPublicKey(pubKey);
- return pk11_NewTokenAttribute(type, hash, SHA1_LENGTH, PR_TRUE);
- case CKA_LABEL:
- return cert->nickname ? pk11_NewTokenAttribute(type, cert->nickname,
- PORT_Strlen(cert->nickname)+1, PR_FALSE) :
- (PK11Attribute *) &pk11_StaticNullAttr;
- case CKA_SUBJECT:
- return pk11_NewTokenAttribute(type,cert->derSubject.data,
- cert->derSubject.len, PR_FALSE);
- case CKA_ISSUER:
- return pk11_NewTokenAttribute(type,cert->derIssuer.data,
- cert->derIssuer.len, PR_FALSE);
- case CKA_SERIAL_NUMBER:
- item = SEC_ASN1EncodeItem(NULL,NULL,cert,pk11_SerialTemplate);
- if (item == NULL) break;
- attr = pk11_NewTokenAttribute(type, item->data, item->len, PR_TRUE);
- SECITEM_FreeItem(item,PR_TRUE);
- return attr;
- case CKA_NETSCAPE_EMAIL:
- return cert->emailAddr ? pk11_NewTokenAttribute(type, cert->emailAddr,
- PORT_Strlen(cert->emailAddr)+1, PR_FALSE) :
- (PK11Attribute *) &pk11_StaticNullAttr;
- default:
- break;
- }
- return NULL;
-}
-
-static PK11Attribute *
-pk11_FindTokenAttribute(PK11TokenObject *object,CK_ATTRIBUTE_TYPE type)
-{
- /* handle the common ones */
- switch (type) {
- case CKA_CLASS:
- return pk11_NewTokenAttribute(type,&object->obj.objclass,
- sizeof(object->obj.objclass),PR_FALSE);
- case CKA_TOKEN:
- return (PK11Attribute *) &pk11_StaticTrueAttr;
- case CKA_LABEL:
- if ( (object->obj.objclass == CKO_CERTIFICATE)
- || (object->obj.objclass == CKO_PRIVATE_KEY)
- || (object->obj.objclass == CKO_PUBLIC_KEY)
- || (object->obj.objclass == CKO_SECRET_KEY)) {
- break;
- }
- return (PK11Attribute *) &pk11_StaticNullAttr;
- default:
- break;
- }
- switch (object->obj.objclass) {
- case CKO_CERTIFICATE:
- return pk11_FindCertAttribute(object,type);
- case CKO_NETSCAPE_CRL:
- return pk11_FindCrlAttribute(object,type);
- case CKO_NETSCAPE_TRUST:
- return pk11_FindTrustAttribute(object,type);
- case CKO_NETSCAPE_SMIME:
- return pk11_FindSMIMEAttribute(object,type);
- case CKO_PUBLIC_KEY:
- return pk11_FindPublicKeyAttribute(object,type);
- case CKO_PRIVATE_KEY:
- return pk11_FindPrivateKeyAttribute(object,type);
- case CKO_SECRET_KEY:
- return pk11_FindSecretKeyAttribute(object,type);
- default:
- break;
- }
- PORT_Assert(0);
- return NULL;
-}
-
-/*
- * look up and attribute structure from a type and Object structure.
- * The returned attribute is referenced and needs to be freed when
- * it is no longer needed.
- */
-PK11Attribute *
-pk11_FindAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
- if (sessObject == NULL) {
- return pk11_FindTokenAttribute(pk11_narrowToTokenObject(object),type);
- }
-
- PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
- pk11queue_find(attribute,type,sessObject->head,ATTRIBUTE_HASH_SIZE);
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- if (attribute) {
- /* atomic increment would be nice here */
- PK11_USE_THREADS(PZ_Lock(attribute->refLock);)
- attribute->refCount++;
- PK11_USE_THREADS(PZ_Unlock(attribute->refLock);)
- }
-#endif
- PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-
- return(attribute);
-}
-
-
-
-PRBool
-pk11_hasAttributeToken(PK11TokenObject *object)
-{
- return PR_FALSE;
-}
-
-/*
- * return true if object has attribute
- */
-PRBool
-pk11_hasAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
- if (sessObject == NULL) {
- return pk11_hasAttributeToken(pk11_narrowToTokenObject(object));
- }
-
- PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
- pk11queue_find(attribute,type,sessObject->head,ATTRIBUTE_HASH_SIZE);
- PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-
- return (PRBool)(attribute != NULL);
-}
-
-/*
- * add an attribute to an object
- */
-static void
-pk11_AddAttribute(PK11Object *object,PK11Attribute *attribute)
-{
- PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
- if (sessObject == NULL) return;
- PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
- pk11queue_add(attribute,attribute->handle,
- sessObject->head,ATTRIBUTE_HASH_SIZE);
- PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
-}
-
-/*
- * copy an unsigned attribute into a 'signed' SECItem. Secitem is allocated in
- * the specified arena.
- */
-CK_RV
-pk11_Attribute2SSecItem(PLArenaPool *arena,SECItem *item,PK11Object *object,
- CK_ATTRIBUTE_TYPE type)
-{
- int len;
- PK11Attribute *attribute;
- unsigned char *start;
- int real_len;
-
- attribute = pk11_FindAttribute(object, type);
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
- real_len = len = attribute->attrib.ulValueLen;
- if ((*((unsigned char *)attribute->attrib.pValue) & 0x80) != 0) {
- real_len++;
- }
-
- if (arena) {
- start = item->data = (unsigned char *) PORT_ArenaAlloc(arena,real_len);
- } else {
- start = item->data = (unsigned char *) PORT_Alloc(real_len);
- }
- if (item->data == NULL) {
- pk11_FreeAttribute(attribute);
- return CKR_HOST_MEMORY;
- }
- item->len = real_len;
- if (real_len != len) {
- *start = 0;
- start++;
- }
- PORT_Memcpy(start, attribute->attrib.pValue, len);
- pk11_FreeAttribute(attribute);
- return CKR_OK;
-}
-
-
-/*
- * delete an attribute from an object
- */
-static void
-pk11_DeleteAttribute(PK11Object *object, PK11Attribute *attribute)
-{
- PK11SessionObject *sessObject = pk11_narrowToSessionObject(object);
-
- if (sessObject == NULL) {
- return ;
- }
- PK11_USE_THREADS(PZ_Lock(sessObject->attributeLock);)
- if (pk11queue_is_queued(attribute,attribute->handle,
- sessObject->head,ATTRIBUTE_HASH_SIZE)) {
- pk11queue_delete(attribute,attribute->handle,
- sessObject->head,ATTRIBUTE_HASH_SIZE);
- }
- PK11_USE_THREADS(PZ_Unlock(sessObject->attributeLock);)
- pk11_FreeAttribute(attribute);
-}
-
-/*
- * this is only valid for CK_BBOOL type attributes. Return the state
- * of that attribute.
- */
-PRBool
-pk11_isTrue(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- PRBool tok = PR_FALSE;
-
- attribute=pk11_FindAttribute(object,type);
- if (attribute == NULL) { return PR_FALSE; }
- tok = (PRBool)(*(CK_BBOOL *)attribute->attrib.pValue);
- pk11_FreeAttribute(attribute);
-
- return tok;
-}
-
-/*
- * force an attribute to null.
- * this is for sensitive keys which are stored in the database, we don't
- * want to keep this info around in memory in the clear.
- */
-void
-pk11_nullAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
-
- attribute=pk11_FindAttribute(object,type);
- if (attribute == NULL) return;
-
- if (attribute->attrib.pValue != NULL) {
- PORT_Memset(attribute->attrib.pValue,0,attribute->attrib.ulValueLen);
- if (attribute->freeData) {
- PORT_Free(attribute->attrib.pValue);
- }
- attribute->freeData = PR_FALSE;
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
- pk11_FreeAttribute(attribute);
-}
-static CK_RV
-pk11_SetPrivateKeyAttribute(PK11TokenObject *to, CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len)
-{
- NSSLOWKEYPrivateKey *privKey;
- char *nickname = NULL;
- SECStatus rv;
-
- /* we can't change the ID and we don't store the subject, but let the
- * upper layers feel better about the fact we tried to set these */
- if ((type == CKA_ID) || (type == CKA_SUBJECT)) {
- return CKR_OK;
- }
-
- if (to->obj.slot->keyDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- if (type != CKA_LABEL) {
- return CKR_ATTRIBUTE_READ_ONLY;
- }
-
- privKey = pk11_GetPrivateKey(to);
- if (privKey == NULL) {
- return CKR_OBJECT_HANDLE_INVALID;
- }
- if (value != NULL) {
- nickname = PORT_ZAlloc(len+1);
- if (nickname == NULL) {
- return CKR_HOST_MEMORY;
- }
- PORT_Memcpy(nickname,value,len);
- nickname[len] = 0;
- }
- rv = nsslowkey_UpdateNickname(to->obj.slot->keyDB, privKey, &to->dbKey,
- nickname, to->obj.slot->password);
- if (nickname) PORT_Free(nickname);
- if (rv != SECSuccess) {
- return CKR_DEVICE_ERROR;
- }
- return CKR_OK;
-}
-
-static CK_RV
-pk11_SetTrustAttribute(PK11TokenObject *to, CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len)
-{
- unsigned int flags;
- CK_TRUST trust;
- NSSLOWCERTCertificate *cert;
- NSSLOWCERTCertTrust dbTrust;
- SECStatus rv;
-
- if (to->obj.slot->certDB == NULL) {
- return CKR_TOKEN_WRITE_PROTECTED;
- }
- if (len != sizeof (CK_TRUST)) {
- return CKR_ATTRIBUTE_VALUE_INVALID;
- }
- trust = *(CK_TRUST *)value;
- flags = pk11_MapTrust(trust, (PRBool) (type == CKA_TRUST_SERVER_AUTH));
-
- cert = pk11_getCert(to);
- if (cert == NULL) {
- return CKR_OBJECT_HANDLE_INVALID;
- }
- dbTrust = *cert->trust;
-
- switch (type) {
- case CKA_TRUST_EMAIL_PROTECTION:
- dbTrust.emailFlags = flags |
- (cert->trust->emailFlags & CERTDB_PRESERVE_TRUST_BITS);
- break;
- case CKA_TRUST_CODE_SIGNING:
- dbTrust.objectSigningFlags = flags |
- (cert->trust->objectSigningFlags & CERTDB_PRESERVE_TRUST_BITS);
- break;
- case CKA_TRUST_CLIENT_AUTH:
- dbTrust.sslFlags = flags | (cert->trust->sslFlags &
- CERTDB_PRESERVE_TRUST_BITS|CERTDB_TRUSTED_CA);
- break;
- case CKA_TRUST_SERVER_AUTH:
- dbTrust.sslFlags = flags | (cert->trust->sslFlags &
- CERTDB_PRESERVE_TRUST_BITS|CERTDB_TRUSTED_CLIENT_CA);
- break;
- default:
- return CKR_ATTRIBUTE_READ_ONLY;
- }
-
- rv = nsslowcert_ChangeCertTrust(to->obj.slot->certDB,cert,&dbTrust);
- if (rv != SECSuccess) {
- return CKR_DEVICE_ERROR;
- }
- return CKR_OK;
-}
-
-static CK_RV
-pk11_forceTokenAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type,
- void *value, unsigned int len)
-{
- PK11Attribute *attribute;
- PK11TokenObject *to = pk11_narrowToTokenObject(object);
- CK_RV crv = CKR_ATTRIBUTE_READ_ONLY;
-
- PORT_Assert(to);
- if (to == NULL) {
- return CKR_DEVICE_ERROR;
- }
-
- /* if we are just setting it to the value we already have,
- * allow it to happen. */
- attribute=pk11_FindAttribute(object,type);
- if ((attribute->attrib.ulValueLen == len) &&
- PORT_Memcmp(attribute->attrib.pValue,value,len) == 0) {
- pk11_FreeAttribute(attribute);
- return CKR_OK;
- }
-
- switch (object->objclass) {
- case CKO_CERTIFICATE:
- /* change NICKNAME, EMAIL, */
- break;
- case CKO_NETSCAPE_CRL:
- /* change URL */
- break;
- case CKO_NETSCAPE_TRUST:
- crv = pk11_SetTrustAttribute(to,type,value,len);
- break;
- case CKO_PRIVATE_KEY:
- case CKO_SECRET_KEY:
- crv = pk11_SetPrivateKeyAttribute(to,type,value,len);
- break;
- }
- pk11_FreeAttribute(attribute);
- return crv;
-}
-
-/*
- * force an attribute to a spaecif value.
- */
-CK_RV
-pk11_forceAttribute(PK11Object *object,CK_ATTRIBUTE_TYPE type, void *value,
- unsigned int len)
-{
- PK11Attribute *attribute;
- void *att_val = NULL;
- PRBool freeData = PR_FALSE;
-
- if (pk11_isToken(object->handle)) {
- return pk11_forceTokenAttribute(object,type,value,len);
- }
- attribute=pk11_FindAttribute(object,type);
- if (attribute == NULL) return pk11_AddAttributeType(object,type,value,len);
-
-
- if (value) {
-#ifdef PKCS11_STATIC_ATTRIBUTES
- if (len <= ATTR_SPACE) {
- att_val = attribute->space;
- } else {
- att_val = PORT_Alloc(len);
- freeData = PR_TRUE;
- }
-#else
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- att_val = PORT_Alloc(len);
- freeData = PR_TRUE;
-#else
- att_val = PORT_ArenaAlloc(object->arena,len);
-#endif /* PKCS11_REF_COUNT_ATTRIBUTES */
-#endif /* PKCS11_STATIC_ATTRIBUTES */
- if (att_val == NULL) {
- return CKR_HOST_MEMORY;
- }
- if (attribute->attrib.pValue == att_val) {
- PORT_Memset(attribute->attrib.pValue,0,
- attribute->attrib.ulValueLen);
- }
- PORT_Memcpy(att_val,value,len);
- }
- if (attribute->attrib.pValue != NULL) {
- if (attribute->attrib.pValue != att_val) {
- PORT_Memset(attribute->attrib.pValue,0,
- attribute->attrib.ulValueLen);
- }
- if (attribute->freeData) {
- PORT_Free(attribute->attrib.pValue);
- }
- attribute->freeData = PR_FALSE;
- attribute->attrib.pValue = NULL;
- attribute->attrib.ulValueLen = 0;
- }
- if (att_val) {
- attribute->attrib.pValue = att_val;
- attribute->attrib.ulValueLen = len;
- attribute->freeData = freeData;
- }
- pk11_FreeAttribute(attribute);
- return CKR_OK;
-}
-
-/*
- * return a null terminated string from attribute 'type'. This string
- * is allocated and needs to be freed with PORT_Free() When complete.
- */
-char *
-pk11_getString(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- char *label = NULL;
-
- attribute=pk11_FindAttribute(object,type);
- if (attribute == NULL) return NULL;
-
- if (attribute->attrib.pValue != NULL) {
- label = (char *) PORT_Alloc(attribute->attrib.ulValueLen+1);
- if (label == NULL) {
- pk11_FreeAttribute(attribute);
- return NULL;
- }
-
- PORT_Memcpy(label,attribute->attrib.pValue,
- attribute->attrib.ulValueLen);
- label[attribute->attrib.ulValueLen] = 0;
- }
- pk11_FreeAttribute(attribute);
- return label;
-}
-
-/*
- * decode when a particular attribute may be modified
- * PK11_NEVER: This attribute must be set at object creation time and
- * can never be modified.
- * PK11_ONCOPY: This attribute may be modified only when you copy the
- * object.
- * PK11_SENSITIVE: The CKA_SENSITIVE attribute can only be changed from
- * CK_FALSE to CK_TRUE.
- * PK11_ALWAYS: This attribute can always be modified.
- * Some attributes vary their modification type based on the class of the
- * object.
- */
-PK11ModifyType
-pk11_modifyType(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass)
-{
- /* if we don't know about it, user user defined, always allow modify */
- PK11ModifyType mtype = PK11_ALWAYS;
-
- switch(type) {
- /* NEVER */
- case CKA_CLASS:
- case CKA_CERTIFICATE_TYPE:
- case CKA_KEY_TYPE:
- case CKA_MODULUS:
- case CKA_MODULUS_BITS:
- case CKA_PUBLIC_EXPONENT:
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME:
- case CKA_SUBPRIME:
- case CKA_BASE:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- case CKA_VALUE_LEN:
- case CKA_ALWAYS_SENSITIVE:
- case CKA_NEVER_EXTRACTABLE:
- case CKA_NETSCAPE_DB:
- mtype = PK11_NEVER;
- break;
-
- /* ONCOPY */
- case CKA_TOKEN:
- case CKA_PRIVATE:
- case CKA_MODIFIABLE:
- mtype = PK11_ONCOPY;
- break;
-
- /* SENSITIVE */
- case CKA_SENSITIVE:
- case CKA_EXTRACTABLE:
- mtype = PK11_SENSITIVE;
- break;
-
- /* ALWAYS */
- case CKA_LABEL:
- case CKA_APPLICATION:
- case CKA_ID:
- case CKA_SERIAL_NUMBER:
- case CKA_START_DATE:
- case CKA_END_DATE:
- case CKA_DERIVE:
- case CKA_ENCRYPT:
- case CKA_DECRYPT:
- case CKA_SIGN:
- case CKA_VERIFY:
- case CKA_SIGN_RECOVER:
- case CKA_VERIFY_RECOVER:
- case CKA_WRAP:
- case CKA_UNWRAP:
- mtype = PK11_ALWAYS;
- break;
-
- /* DEPENDS ON CLASS */
- case CKA_VALUE:
- mtype = (inClass == CKO_DATA) ? PK11_ALWAYS : PK11_NEVER;
- break;
-
- case CKA_SUBJECT:
- mtype = (inClass == CKO_CERTIFICATE) ? PK11_NEVER : PK11_ALWAYS;
- break;
- default:
- break;
- }
- return mtype;
-}
-
-/* decode if a particular attribute is sensitive (cannot be read
- * back to the user of if the object is set to SENSITIVE) */
-PRBool
-pk11_isSensitive(CK_ATTRIBUTE_TYPE type, CK_OBJECT_CLASS inClass)
-{
- switch(type) {
- /* ALWAYS */
- case CKA_PRIVATE_EXPONENT:
- case CKA_PRIME_1:
- case CKA_PRIME_2:
- case CKA_EXPONENT_1:
- case CKA_EXPONENT_2:
- case CKA_COEFFICIENT:
- return PR_TRUE;
-
- /* DEPENDS ON CLASS */
- case CKA_VALUE:
- /* PRIVATE and SECRET KEYS have SENSITIVE values */
- return (PRBool)((inClass == CKO_PRIVATE_KEY) || (inClass == CKO_SECRET_KEY));
-
- default:
- break;
- }
- return PR_FALSE;
-}
-
-/*
- * copy an attribute into a SECItem. Secitem is allocated in the specified
- * arena.
- */
-CK_RV
-pk11_Attribute2SecItem(PLArenaPool *arena,SECItem *item,PK11Object *object,
- CK_ATTRIBUTE_TYPE type)
-{
- int len;
- PK11Attribute *attribute;
-
- attribute = pk11_FindAttribute(object, type);
- if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
- len = attribute->attrib.ulValueLen;
-
- if (arena) {
- item->data = (unsigned char *) PORT_ArenaAlloc(arena,len);
- } else {
- item->data = (unsigned char *) PORT_Alloc(len);
- }
- if (item->data == NULL) {
- pk11_FreeAttribute(attribute);
- return CKR_HOST_MEMORY;
- }
- item->len = len;
- PORT_Memcpy(item->data,attribute->attrib.pValue, len);
- pk11_FreeAttribute(attribute);
- return CKR_OK;
-}
-
-void
-pk11_DeleteAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type)
-{
- PK11Attribute *attribute;
- attribute = pk11_FindAttribute(object, type);
- if (attribute == NULL) return ;
- pk11_DeleteAttribute(object,attribute);
- pk11_FreeAttribute(attribute);
-}
-
-CK_RV
-pk11_AddAttributeType(PK11Object *object,CK_ATTRIBUTE_TYPE type,void *valPtr,
- CK_ULONG length)
-{
- PK11Attribute *attribute;
- attribute = pk11_NewAttribute(object,type,valPtr,length);
- if (attribute == NULL) { return CKR_HOST_MEMORY; }
- pk11_AddAttribute(object,attribute);
- return CKR_OK;
-}
-
-/*
- * ******************** Object Utilities *******************************
- */
-
-static SECStatus
-pk11_deleteTokenKeyByHandle(PK11Slot *slot, CK_OBJECT_HANDLE handle)
-{
- SECItem *item;
- PRBool rem;
-
- item = (SECItem *)PL_HashTableLookup(slot->tokenHashTable, (void *)handle);
- if (item) {
- SECITEM_FreeItem(item,PR_TRUE);
- }
- rem = PL_HashTableRemove(slot->tokenHashTable,(void *)handle) ;
- return rem ? SECSuccess : SECFailure;
-}
-
-static SECStatus
-pk11_addTokenKeyByHandle(PK11Slot *slot, CK_OBJECT_HANDLE handle, SECItem *key)
-{
- PLHashEntry *entry;
- SECItem *item;
-
- item = SECITEM_DupItem(key);
- if (item == NULL) {
- return SECFailure;
- }
- entry = PL_HashTableAdd(slot->tokenHashTable,(void *)handle,item);
- if (entry == NULL) {
- SECITEM_FreeItem(item,PR_TRUE);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECItem *
-pk11_lookupTokenKeyByHandle(PK11Slot *slot, CK_OBJECT_HANDLE handle)
-{
- return (SECItem *)PL_HashTableLookup(slot->tokenHashTable, (void *)handle);
-}
-
-/*
- * use the refLock. This operations should be very rare, so the added
- * contention on the ref lock should be lower than the overhead of adding
- * a new lock. We use separate functions for this just in case I'm wrong.
- */
-static void
-pk11_tokenKeyLock(PK11Slot *slot) {
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
-}
-
-static void
-pk11_tokenKeyUnlock(PK11Slot *slot) {
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-}
-
-
-/* allocation hooks that allow us to recycle old object structures */
-#ifdef MAX_OBJECT_LIST_SIZE
-static PK11Object * objectFreeList = NULL;
-static PZLock *objectLock = NULL;
-static int object_count = 0;
-#endif
-PK11Object *
-pk11_GetObjectFromList(PRBool *hasLocks) {
- PK11Object *object;
-
-#if MAX_OBJECT_LIST_SIZE
- if (objectLock == NULL) {
- objectLock = PZ_NewLock(nssILockObject);
- }
-
- PK11_USE_THREADS(PZ_Lock(objectLock));
- object = objectFreeList;
- if (object) {
- objectFreeList = object->next;
- object_count--;
- }
- PK11_USE_THREADS(PZ_Unlock(objectLock));
- if (object) {
- object->next = object->prev = NULL;
- *hasLocks = PR_TRUE;
- return object;
- }
-#endif
-
- object = (PK11Object*)PORT_ZAlloc(sizeof(PK11SessionObject));
- *hasLocks = PR_FALSE;
- return object;
-}
-
-static void
-pk11_PutObjectToList(PK11SessionObject *object) {
-#ifdef MAX_OBJECT_LIST_SIZE
- if (object_count < MAX_OBJECT_LIST_SIZE) {
- PK11_USE_THREADS(PZ_Lock(objectLock));
- object->obj.next = objectFreeList;
- objectFreeList = &object->obj;
- object_count++;
- PK11_USE_THREADS(PZ_Unlock(objectLock));
- return;
- }
-#endif
- PK11_USE_THREADS(PZ_DestroyLock(object->attributeLock);)
- PK11_USE_THREADS(PZ_DestroyLock(object->obj.refLock);)
- object->attributeLock = object->obj.refLock = NULL;
- PORT_Free(object);
-}
-
-static PK11Object *
-pk11_freeObjectData(PK11Object *object) {
- PK11Object *next = object->next;
-
- PORT_Free(object);
- return next;
-}
-
-void
-pk11_CleanupFreeLists()
-{
-#ifdef MAX_OBJECT_LIST_SIZE
- PK11Object *object;
-
- if (!objectLock) {
- return;
- }
- PK11_USE_THREADS(PZ_Lock(objectLock));
- for (object= objectFreeList; object != NULL;
- object = pk11_freeObjectData(object)) {
-#ifdef PKCS11_USE_THREADS
- PZ_DestroyLock(object->refLock);
- PZ_DestroyLock(((PK11SessionObject *)object)->attributeLock);
-#endif
- }
- object_count = 0;
- objectFreeList = NULL;
- PK11_USE_THREADS(PZ_Unlock(objectLock));
- PZ_DestroyLock(objectLock);
- objectLock = NULL;
-#endif
-}
-
-
-/*
- * Create a new object
- */
-PK11Object *
-pk11_NewObject(PK11Slot *slot)
-{
- PK11Object *object;
- PK11SessionObject *sessObject;
- PRBool hasLocks = PR_FALSE;
- int i;
-
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
- object = pk11_GetObjectFromList(&hasLocks);
- if (object == NULL) {
- return NULL;
- }
- sessObject = (PK11SessionObject *)object;
- sessObject->nextAttr = 0;
-
- for (i=0; i < MAX_OBJS_ATTRS; i++) {
- sessObject->attrList[i].attrib.pValue = NULL;
- sessObject->attrList[i].freeData = PR_FALSE;
- }
-#else
- PRArenaPool *arena;
-
- arena = PORT_NewArena(2048);
- if (arena == NULL) return NULL;
-
- object = (PK11Object*)PORT_ArenaAlloc(arena,sizeof(PK11SessionObject));
- if (object == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
- object->arena = arena;
-
- sessObject = (PK11SessionObject *)object;
-#endif
-
- object->handle = 0;
- object->next = object->prev = NULL;
- object->slot = slot;
- object->objclass = 0xffff;
- object->refCount = 1;
- sessObject->sessionList.next = NULL;
- sessObject->sessionList.prev = NULL;
- sessObject->sessionList.parent = object;
- sessObject->session = NULL;
- sessObject->wasDerived = PR_FALSE;
-#ifdef PKCS11_USE_THREADS
- if (!hasLocks) object->refLock = PZ_NewLock(nssILockRefLock);
- if (object->refLock == NULL) {
-#ifdef PKCS11_STATIC_ATTRIBUTES
- PORT_Free(object);
-#else
- PORT_FreeArena(arena,PR_FALSE);
-#endif
- return NULL;
- }
- if (!hasLocks) sessObject->attributeLock = PZ_NewLock(nssILockAttribute);
- if (sessObject->attributeLock == NULL) {
- PK11_USE_THREADS(PZ_DestroyLock(object->refLock);)
-#ifdef PKCS11_STATIC_ATTRIBUTES
- PORT_Free(object);
-#else
- PORT_FreeArena(arena,PR_FALSE);
-#endif
- return NULL;
- }
-#else
- sessObject->attributeLock = NULL;
- object->refLock = NULL;
-#endif
- for (i=0; i < ATTRIBUTE_HASH_SIZE; i++) {
- sessObject->head[i] = NULL;
- }
- object->objectInfo = NULL;
- object->infoFree = NULL;
- return object;
-}
-
-static CK_RV
-pk11_DestroySessionObjectData(PK11SessionObject *so)
-{
- int i;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
- for (i=0; i < MAX_OBJS_ATTRS; i++) {
- unsigned char *value = so->attrList[i].attrib.pValue;
- if (value) {
- PORT_Memset(value,0,so->attrList[i].attrib.ulValueLen);
- if (so->attrList[i].freeData) {
- PORT_Free(value);
- }
- so->attrList[i].attrib.pValue = NULL;
- so->attrList[i].freeData = PR_FALSE;
- }
- }
-#endif
-
-#ifdef PKCS11_REF_COUNT_ATTRIBUTES
- /* clean out the attributes */
- /* since no one is referencing us, it's safe to walk the chain
- * without a lock */
- for (i=0; i < ATTRIBUTE_HASH_SIZE; i++) {
- PK11Attribute *ap,*next;
- for (ap = so->head[i]; ap != NULL; ap = next) {
- next = ap->next;
- /* paranoia */
- ap->next = ap->prev = NULL;
- pk11_FreeAttribute(ap);
- }
- so->head[i] = NULL;
- }
-#endif
-/* PK11_USE_THREADS(PZ_DestroyLock(so->attributeLock));*/
- return CKR_OK;
-}
-
-/*
- * free all the data associated with an object. Object reference count must
- * be 'zero'.
- */
-static CK_RV
-pk11_DestroyObject(PK11Object *object)
-{
- CK_RV crv = CKR_OK;
- PK11SessionObject *so = pk11_narrowToSessionObject(object);
- PK11TokenObject *to = pk11_narrowToTokenObject(object);
-
- PORT_Assert(object->refCount == 0);
-
- /* delete the database value */
- if (to) {
- if (to->dbKey.data) {
- PORT_Free(to->dbKey.data);
- to->dbKey.data = NULL;
- }
- }
- if (so) {
- pk11_DestroySessionObjectData(so);
- }
- if (object->objectInfo) {
- (*object->infoFree)(object->objectInfo);
- }
-#ifdef PKCS11_STATIC_ATTRIBUTES
- if (so) {
- pk11_PutObjectToList(so);
- } else {
- PK11_USE_THREADS(PZ_DestroyLock(object->refLock);)
- PORT_Free(to);;
- }
-#else
- PK11_USE_THREADS(PZ_DestroyLock(object->refLock);)
- arena = object->arena;
- PORT_FreeArena(arena,PR_FALSE);
-#endif
- return crv;
-}
-
-void
-pk11_ReferenceObject(PK11Object *object)
-{
- PK11_USE_THREADS(PZ_Lock(object->refLock);)
- object->refCount++;
- PK11_USE_THREADS(PZ_Unlock(object->refLock);)
-}
-
-static PK11Object *
-pk11_ObjectFromHandleOnSlot(CK_OBJECT_HANDLE handle, PK11Slot *slot)
-{
- PK11Object **head;
- PZLock *lock;
- PK11Object *object;
-
- if (pk11_isToken(handle)) {
- return pk11_NewTokenObject(slot, NULL, handle);
- }
-
- head = slot->tokObjects;
- lock = slot->objectLock;
-
- PK11_USE_THREADS(PZ_Lock(lock);)
- pk11queue_find(object,handle,head,TOKEN_OBJECT_HASH_SIZE);
- if (object) {
- pk11_ReferenceObject(object);
- }
- PK11_USE_THREADS(PZ_Unlock(lock);)
-
- return(object);
-}
-/*
- * look up and object structure from a handle. OBJECT_Handles only make
- * sense in terms of a given session. make a reference to that object
- * structure returned.
- */
-PK11Object *
-pk11_ObjectFromHandle(CK_OBJECT_HANDLE handle, PK11Session *session)
-{
- PK11Slot *slot = pk11_SlotFromSession(session);
-
- return pk11_ObjectFromHandleOnSlot(handle,slot);
-}
-
-
-/*
- * release a reference to an object handle
- */
-PK11FreeStatus
-pk11_FreeObject(PK11Object *object)
-{
- PRBool destroy = PR_FALSE;
- CK_RV crv;
-
- PK11_USE_THREADS(PZ_Lock(object->refLock);)
- if (object->refCount == 1) destroy = PR_TRUE;
- object->refCount--;
- PK11_USE_THREADS(PZ_Unlock(object->refLock);)
-
- if (destroy) {
- crv = pk11_DestroyObject(object);
- if (crv != CKR_OK) {
- return PK11_DestroyFailure;
- }
- return PK11_Destroyed;
- }
- return PK11_Busy;
-}
-
-/*
- * add an object to a slot and session queue. These two functions
- * adopt the object.
- */
-void
-pk11_AddSlotObject(PK11Slot *slot, PK11Object *object)
-{
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
- pk11queue_add(object,object->handle,slot->tokObjects,
- TOKEN_OBJECT_HASH_SIZE);
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
-}
-
-void
-pk11_AddObject(PK11Session *session, PK11Object *object)
-{
- PK11Slot *slot = pk11_SlotFromSession(session);
- PK11SessionObject *so = pk11_narrowToSessionObject(object);
-
- if (so) {
- PK11_USE_THREADS(PZ_Lock(session->objectLock);)
- pk11queue_add(&so->sessionList,0,session->objects,0);
- so->session = session;
- PK11_USE_THREADS(PZ_Unlock(session->objectLock);)
- }
- pk11_AddSlotObject(slot,object);
- pk11_ReferenceObject(object);
-}
-
-/*
- * add an object to a slot andsession queue
- */
-CK_RV
-pk11_DeleteObject(PK11Session *session, PK11Object *object)
-{
- PK11Slot *slot = pk11_SlotFromSession(session);
- PK11SessionObject *so = pk11_narrowToSessionObject(object);
- PK11TokenObject *to = pk11_narrowToTokenObject(object);
- CK_RV crv = CKR_OK;
- SECStatus rv;
- NSSLOWCERTCertificate *cert;
- NSSLOWCERTCertTrust tmptrust;
- PRBool isKrl;
-
- /* Handle Token case */
- if (so && so->session) {
- PK11Session *session = so->session;
- PK11_USE_THREADS(PZ_Lock(session->objectLock);)
- pk11queue_delete(&so->sessionList,0,session->objects,0);
- PK11_USE_THREADS(PZ_Unlock(session->objectLock);)
- PK11_USE_THREADS(PZ_Lock(slot->objectLock);)
- pk11queue_delete(object,object->handle,slot->tokObjects,
- TOKEN_OBJECT_HASH_SIZE);
- PK11_USE_THREADS(PZ_Unlock(slot->objectLock);)
- pk11_FreeObject(object); /* reduce it's reference count */
- } else {
- PORT_Assert(to);
- /* remove the objects from the real data base */
- switch (object->handle & PK11_TOKEN_TYPE_MASK) {
- case PK11_TOKEN_TYPE_PRIV:
- case PK11_TOKEN_TYPE_KEY:
- /* KEYID is the public KEY for DSA and DH, and the MODULUS for
- * RSA */
- PORT_Assert(slot->keyDB);
- rv = nsslowkey_DeleteKey(slot->keyDB, &to->dbKey);
- if (rv != SECSuccess) crv= CKR_DEVICE_ERROR;
- break;
- case PK11_TOKEN_TYPE_PUB:
- break; /* public keys only exist at the behest of the priv key */
- case PK11_TOKEN_TYPE_CERT:
- cert = nsslowcert_FindCertByKey(slot->certDB,&to->dbKey);
- if (cert == NULL) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
- rv = nsslowcert_DeletePermCertificate(cert);
- if (rv != SECSuccess) crv = CKR_DEVICE_ERROR;
- nsslowcert_DestroyCertificate(cert);
- break;
- case PK11_TOKEN_TYPE_CRL:
- isKrl = (PRBool) (object->handle == PK11_TOKEN_KRL_HANDLE);
- rv = nsslowcert_DeletePermCRL(slot->certDB,&to->dbKey,isKrl);
- if (rv == SECFailure) crv = CKR_DEVICE_ERROR;
- break;
- case PK11_TOKEN_TYPE_TRUST:
- cert = nsslowcert_FindCertByKey(slot->certDB,&to->dbKey);
- if (cert == NULL) {
- crv = CKR_DEVICE_ERROR;
- break;
- }
- tmptrust = *cert->trust;
- tmptrust.sslFlags &= CERTDB_PRESERVE_TRUST_BITS;
- tmptrust.emailFlags &= CERTDB_PRESERVE_TRUST_BITS;
- tmptrust.objectSigningFlags &= CERTDB_PRESERVE_TRUST_BITS;
- tmptrust.sslFlags |= CERTDB_TRUSTED_UNKNOWN;
- tmptrust.emailFlags |= CERTDB_TRUSTED_UNKNOWN;
- tmptrust.objectSigningFlags |= CERTDB_TRUSTED_UNKNOWN;
- rv = nsslowcert_ChangeCertTrust(slot->certDB,cert,&tmptrust);
- if (rv != SECSuccess) crv = CKR_DEVICE_ERROR;
- nsslowcert_DestroyCertificate(cert);
- break;
- default:
- break;
- }
- pk11_tokenKeyLock(object->slot);
- pk11_deleteTokenKeyByHandle(object->slot,object->handle);
- pk11_tokenKeyUnlock(object->slot);
- }
- return crv;
-}
-
-/*
- * copy the attributes from one object to another. Don't overwrite existing
- * attributes. NOTE: This is a pretty expensive operation since it
- * grabs the attribute locks for the src object for a *long* time.
- */
-CK_RV
-pk11_CopyObject(PK11Object *destObject,PK11Object *srcObject)
-{
- PK11Attribute *attribute;
- PK11SessionObject *src_so = pk11_narrowToSessionObject(srcObject);
- int i;
-
- if (src_so == NULL) {
- return CKR_DEVICE_ERROR; /* can't copy token objects yet */
- }
-
- PK11_USE_THREADS(PZ_Lock(src_so->attributeLock);)
- for(i=0; i < ATTRIBUTE_HASH_SIZE; i++) {
- attribute = src_so->head[i];
- do {
- if (attribute) {
- if (!pk11_hasAttribute(destObject,attribute->handle)) {
- /* we need to copy the attribute since each attribute
- * only has one set of link list pointers */
- PK11Attribute *newAttribute = pk11_NewAttribute(
- destObject,pk11_attr_expand(&attribute->attrib));
- if (newAttribute == NULL) {
- PK11_USE_THREADS(PZ_Unlock(src_so->attributeLock);)
- return CKR_HOST_MEMORY;
- }
- pk11_AddAttribute(destObject,newAttribute);
- }
- attribute=attribute->next;
- }
- } while (attribute != NULL);
- }
- PK11_USE_THREADS(PZ_Unlock(src_so->attributeLock);)
- return CKR_OK;
-}
-
-/*
- * ******************** Search Utilities *******************************
- */
-
-/* add an object to a search list */
-CK_RV
-AddToList(PK11ObjectListElement **list,PK11Object *object)
-{
- PK11ObjectListElement *newElem =
- (PK11ObjectListElement *)PORT_Alloc(sizeof(PK11ObjectListElement));
-
- if (newElem == NULL) return CKR_HOST_MEMORY;
-
- newElem->next = *list;
- newElem->object = object;
- pk11_ReferenceObject(object);
-
- *list = newElem;
- return CKR_OK;
-}
-
-
-/* return true if the object matches the template */
-PRBool
-pk11_objectMatch(PK11Object *object,CK_ATTRIBUTE_PTR theTemplate,int count)
-{
- int i;
-
- for (i=0; i < count; i++) {
- PK11Attribute *attribute = pk11_FindAttribute(object,theTemplate[i].type);
- if (attribute == NULL) {
- return PR_FALSE;
- }
- if (attribute->attrib.ulValueLen == theTemplate[i].ulValueLen) {
- if (PORT_Memcmp(attribute->attrib.pValue,theTemplate[i].pValue,
- theTemplate[i].ulValueLen) == 0) {
- pk11_FreeAttribute(attribute);
- continue;
- }
- }
- pk11_FreeAttribute(attribute);
- return PR_FALSE;
- }
- return PR_TRUE;
-}
-
-/* search through all the objects in the queue and return the template matches
- * in the object list.
- */
-CK_RV
-pk11_searchObjectList(PK11SearchResults *search,PK11Object **head,
- PZLock *lock, CK_ATTRIBUTE_PTR theTemplate, int count, PRBool isLoggedIn)
-{
- int i;
- PK11Object *object;
- CK_RV crv = CKR_OK;
-
- for(i=0; i < TOKEN_OBJECT_HASH_SIZE; i++) {
- /* We need to hold the lock to copy a consistant version of
- * the linked list. */
- PK11_USE_THREADS(PZ_Lock(lock);)
- for (object = head[i]; object != NULL; object= object->next) {
- if (pk11_objectMatch(object,theTemplate,count)) {
- /* don't return objects that aren't yet visible */
- if ((!isLoggedIn) && pk11_isTrue(object,CKA_PRIVATE)) continue;
- pk11_addHandle(search,object->handle);
- }
- }
- PK11_USE_THREADS(PZ_Unlock(lock);)
- }
- return crv;
-}
-
-/*
- * free a single list element. Return the Next object in the list.
- */
-PK11ObjectListElement *
-pk11_FreeObjectListElement(PK11ObjectListElement *objectList)
-{
- PK11ObjectListElement *ol = objectList->next;
-
- pk11_FreeObject(objectList->object);
- PORT_Free(objectList);
- return ol;
-}
-
-/* free an entire object list */
-void
-pk11_FreeObjectList(PK11ObjectListElement *objectList)
-{
- PK11ObjectListElement *ol;
-
- for (ol= objectList; ol != NULL; ol = pk11_FreeObjectListElement(ol)) {}
-}
-
-/*
- * free a search structure
- */
-void
-pk11_FreeSearch(PK11SearchResults *search)
-{
- if (search->handles) {
- PORT_Free(search->handles);
- }
- PORT_Free(search);
-}
-
-/*
- * ******************** Session Utilities *******************************
- */
-
-/* update the sessions state based in it's flags and wether or not it's
- * logged in */
-void
-pk11_update_state(PK11Slot *slot,PK11Session *session)
-{
- if (slot->isLoggedIn) {
- if (slot->ssoLoggedIn) {
- session->info.state = CKS_RW_SO_FUNCTIONS;
- } else if (session->info.flags & CKF_RW_SESSION) {
- session->info.state = CKS_RW_USER_FUNCTIONS;
- } else {
- session->info.state = CKS_RO_USER_FUNCTIONS;
- }
- } else {
- if (session->info.flags & CKF_RW_SESSION) {
- session->info.state = CKS_RW_PUBLIC_SESSION;
- } else {
- session->info.state = CKS_RO_PUBLIC_SESSION;
- }
- }
-}
-
-/* update the state of all the sessions on a slot */
-void
-pk11_update_all_states(PK11Slot *slot)
-{
- int i;
- PK11Session *session;
-
- for (i=0; i < SESSION_HASH_SIZE; i++) {
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- for (session = slot->head[i]; session; session = session->next) {
- pk11_update_state(slot,session);
- }
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
- }
-}
-
-/*
- * context are cipher and digest contexts that are associated with a session
- */
-void
-pk11_FreeContext(PK11SessionContext *context)
-{
- if (context->cipherInfo) {
- (*context->destroy)(context->cipherInfo,PR_TRUE);
- }
- if (context->hashInfo) {
- (*context->hashdestroy)(context->hashInfo,PR_TRUE);
- }
- if (context->key) {
- pk11_FreeObject(context->key);
- context->key = NULL;
- }
- PORT_Free(context);
-}
-
-/*
- * create a new nession. NOTE: The session handle is not set, and the
- * session is not added to the slot's session queue.
- */
-PK11Session *
-pk11_NewSession(CK_SLOT_ID slotID, CK_NOTIFY notify, CK_VOID_PTR pApplication,
- CK_FLAGS flags)
-{
- PK11Session *session;
- PK11Slot *slot = pk11_SlotFromID(slotID);
-
- if (slot == NULL) return NULL;
-
- session = (PK11Session*)PORT_Alloc(sizeof(PK11Session));
- if (session == NULL) return NULL;
-
- session->next = session->prev = NULL;
- session->refCount = 1;
- session->enc_context = NULL;
- session->hash_context = NULL;
- session->sign_context = NULL;
- session->search = NULL;
- session->objectIDCount = 1;
-#ifdef PKCS11_USE_THREADS
- session->refLock = PZ_NewLock(nssILockRefLock);
- if (session->refLock == NULL) {
- PORT_Free(session);
- return NULL;
- }
- session->objectLock = PZ_NewLock(nssILockObject);
- if (session->objectLock == NULL) {
- PK11_USE_THREADS(PZ_DestroyLock(session->refLock);)
- PORT_Free(session);
- return NULL;
- }
-#else
- session->refLock = NULL;
- session->objectLock = NULL;
-#endif
- session->objects[0] = NULL;
-
- session->slot = slot;
- session->notify = notify;
- session->appData = pApplication;
- session->info.flags = flags;
- session->info.slotID = slotID;
- pk11_update_state(slot,session);
- return session;
-}
-
-
-/* free all the data associated with a session. */
-static void
-pk11_DestroySession(PK11Session *session)
-{
- PK11ObjectList *op,*next;
- PORT_Assert(session->refCount == 0);
-
- /* clean out the attributes */
- /* since no one is referencing us, it's safe to walk the chain
- * without a lock */
- for (op = session->objects[0]; op != NULL; op = next) {
- next = op->next;
- /* paranoia */
- op->next = op->prev = NULL;
- pk11_DeleteObject(session,op->parent);
- }
- PK11_USE_THREADS(PZ_DestroyLock(session->objectLock);)
- PK11_USE_THREADS(PZ_DestroyLock(session->refLock);)
- if (session->enc_context) {
- pk11_FreeContext(session->enc_context);
- }
- if (session->hash_context) {
- pk11_FreeContext(session->hash_context);
- }
- if (session->sign_context) {
- pk11_FreeContext(session->sign_context);
- }
- if (session->search) {
- pk11_FreeSearch(session->search);
- }
- PORT_Free(session);
-}
-
-
-/*
- * look up a session structure from a session handle
- * generate a reference to it.
- */
-PK11Session *
-pk11_SessionFromHandle(CK_SESSION_HANDLE handle)
-{
- PK11Slot *slot = pk11_SlotFromSessionHandle(handle);
- PK11Session *session;
-
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- pk11queue_find(session,handle,slot->head,SESSION_HASH_SIZE);
- if (session) session->refCount++;
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
-
- return (session);
-}
-
-/*
- * release a reference to a session handle
- */
-void
-pk11_FreeSession(PK11Session *session)
-{
- PRBool destroy = PR_FALSE;
- PK11_USE_THREADS(PK11Slot *slot = pk11_SlotFromSession(session);)
-
- PK11_USE_THREADS(PZ_Lock(slot->sessionLock);)
- if (session->refCount == 1) destroy = PR_TRUE;
- session->refCount--;
- PK11_USE_THREADS(PZ_Unlock(slot->sessionLock);)
-
- if (destroy) pk11_DestroySession(session);
-}
-/*
- * handle Token Object stuff
- */
-
-/* Make a token handle for an object and record it so we can find it again */
-CK_OBJECT_HANDLE
-pk11_mkHandle(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class)
-{
- unsigned char hashBuf[SHA1_LENGTH];
- CK_OBJECT_HANDLE handle;
- SECItem *key;
-
- handle = class;
- /* there is only one KRL, use a fixed handle for it */
- if (handle != PK11_TOKEN_KRL_HANDLE) {
- SHA1_HashBuf(hashBuf,dbKey->data,dbKey->len);
- handle = (hashBuf[0] << 24) | (hashBuf[1] << 16) |
- (hashBuf[2] << 8) | hashBuf[3];
- handle = PK11_TOKEN_MAGIC | class |
- (handle & ~(PK11_TOKEN_TYPE_MASK|PK11_TOKEN_MASK));
- /* we have a CRL who's handle has randomly matched the reserved KRL
- * handle, increment it */
- if (handle == PK11_TOKEN_KRL_HANDLE) {
- handle++;
- }
- }
-
- pk11_tokenKeyLock(slot);
- while ((key = pk11_lookupTokenKeyByHandle(slot,handle)) != NULL) {
- if (SECITEM_ItemsAreEqual(key,dbKey)) {
- pk11_tokenKeyUnlock(slot);
- return handle;
- }
- handle++;
- }
- pk11_addTokenKeyByHandle(slot,handle,dbKey);
- pk11_tokenKeyUnlock(slot);
- return handle;
-}
-
-void
-pk11_addHandle(PK11SearchResults *search, CK_OBJECT_HANDLE handle)
-{
- if (search->handles == NULL) {
- return;
- }
- if (search->size >= search->array_size) {
- search->array_size += NSC_SEARCH_BLOCK_SIZE;
- search->handles = (CK_OBJECT_HANDLE *) PORT_Realloc(search->handles,
- sizeof(CK_OBJECT_HANDLE)* search->array_size);
- if (search->handles == NULL) {
- return;
- }
- }
- search->handles[search->size] = handle;
- search->size++;
-}
-
-static const CK_OBJECT_HANDLE pk11_classArray[] = {
- 0, CKO_PRIVATE_KEY, CKO_PUBLIC_KEY, CKO_SECRET_KEY,
- CKO_NETSCAPE_TRUST, CKO_NETSCAPE_CRL, CKO_NETSCAPE_SMIME,
- CKO_CERTIFICATE };
-
-#define handleToClass(handle) \
- pk11_classArray[((handle & PK11_TOKEN_TYPE_MASK))>>28]
-
-PK11Object *
-pk11_NewTokenObject(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE handle)
-{
- PK11Object *object = NULL;
- PK11TokenObject *tokObject = NULL;
- SECStatus rv;
-
-#ifdef PKCS11_STATIC_ATTRIBUTES
- object = (PK11Object *) PORT_ZAlloc(sizeof(PK11TokenObject));
- if (object == NULL) {
- return NULL;
- }
-#else
- PRArenaPool *arena;
-
- arena = PORT_NewArena(2048);
- if (arena == NULL) return NULL;
-
- object = (PK11Object*)PORT_ArenaAlloc(arena,sizeof(PK11TokenObject));
- if (object == NULL) {
- PORT_FreeArena(arena,PR_FALSE);
- return NULL;
- }
- object->arena = arena;
-#endif
- tokObject = (PK11TokenObject *) object;
-
- object->objclass = handleToClass(handle);
- object->handle = handle;
- object->refCount = 1;
- object->slot = slot;
- object->objectInfo = NULL;
- object->infoFree = NULL;
- if (dbKey == NULL) {
- pk11_tokenKeyLock(slot);
- dbKey = pk11_lookupTokenKeyByHandle(slot,handle);
- if (dbKey == NULL) {
- pk11_tokenKeyUnlock(slot);
- goto loser;
- }
- rv = SECITEM_CopyItem(NULL,&tokObject->dbKey,dbKey);
- pk11_tokenKeyUnlock(slot);
- } else {
- rv = SECITEM_CopyItem(NULL,&tokObject->dbKey,dbKey);
- }
- if (rv != SECSuccess) {
- goto loser;
- }
-#ifdef PKCS11_USE_THREADS
- object->refLock = PZ_NewLock(nssILockRefLock);
- if (object->refLock == NULL) {
- goto loser;
- }
-#endif
-
- return object;
-loser:
- if (object) {
- pk11_FreeObject(object);
- }
- return NULL;
-
-}
-
-PRBool
-pk11_tokenMatch(PK11Slot *slot, SECItem *dbKey, CK_OBJECT_HANDLE class,
- CK_ATTRIBUTE_PTR theTemplate,int count)
-{
- PK11Object *object;
- PRBool ret;
-
- object = pk11_NewTokenObject(slot,dbKey,PK11_TOKEN_MASK|class);
- if (object == NULL) {
- return PR_FALSE;
- }
-
- ret = pk11_objectMatch(object,theTemplate,count);
- pk11_FreeObject(object);
- return ret;
-}
-
-PK11TokenObject *
-pk11_convertSessionToToken(PK11SessionObject *so)
-{
- SECItem *key;
- PK11TokenObject *to = pk11_narrowToTokenObject(&so->obj);
- SECStatus rv;
-
- pk11_DestroySessionObjectData(so);
- PK11_USE_THREADS(PZ_DestroyLock(so->attributeLock));
- if (to == NULL) {
- return NULL;
- }
- pk11_tokenKeyLock(so->obj.slot);
- key = pk11_lookupTokenKeyByHandle(so->obj.slot,so->obj.handle);
- if (key == NULL) {
- pk11_tokenKeyUnlock(so->obj.slot);
- return NULL;
- }
- rv = SECITEM_CopyItem(NULL,&to->dbKey,key);
- pk11_tokenKeyUnlock(so->obj.slot);
- if (rv == SECFailure) {
- return NULL;
- }
-
- return to;
-
-}
-
-PK11SessionObject *
-pk11_narrowToSessionObject(PK11Object *obj)
-{
- return !pk11_isToken(obj->handle) ? (PK11SessionObject *)obj : NULL;
-}
-
-PK11TokenObject *
-pk11_narrowToTokenObject(PK11Object *obj)
-{
- return pk11_isToken(obj->handle) ? (PK11TokenObject *)obj : NULL;
-}
-
diff --git a/security/nss/lib/softoken/pkcs11u.h b/security/nss/lib/softoken/pkcs11u.h
deleted file mode 100644
index 0addf0f6f..000000000
--- a/security/nss/lib/softoken/pkcs11u.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-/*
- * Copyright (C) 1994-1999 RSA Security Inc. Licence to copy this document
- * is granted provided that it is identified as "RSA Security Inc. Public-Key
- * Cryptography Standards (PKCS)" in all material mentioning or referencing
- * this document.
- */
-/*
- * reset any packing set by pkcs11p.h
- */
-
-#if defined (_WIN32)
-#pragma warning(disable:4103)
-#pragma pack(pop, cryptoki)
-#endif
-
diff --git a/security/nss/lib/softoken/rawhash.c b/security/nss/lib/softoken/rawhash.c
deleted file mode 100644
index 9250bf62b..000000000
--- a/security/nss/lib/softoken/rawhash.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "sechash.h"
-#include "blapi.h" /* below the line */
-
-
-static void *
-null_hash_new_context(void)
-{
- return NULL;
-}
-
-static void *
-null_hash_clone_context(void *v)
-{
- PORT_Assert(v == NULL);
- return NULL;
-}
-
-static void
-null_hash_begin(void *v)
-{
-}
-
-static void
-null_hash_update(void *v, const unsigned char *input, unsigned int length)
-{
-}
-
-static void
-null_hash_end(void *v, unsigned char *output, unsigned int *outLen,
- unsigned int maxOut)
-{
- *outLen = 0;
-}
-
-static void
-null_hash_destroy_context(void *v, PRBool b)
-{
- PORT_Assert(v == NULL);
-}
-
-
-const SECHashObject SECRawHashObjects[] = {
- { 0,
- (void * (*)(void)) null_hash_new_context,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) null_hash_destroy_context,
- (void (*)(void *)) null_hash_begin,
- (void (*)(void *, const unsigned char *, unsigned int)) null_hash_update,
- (void (*)(void *, unsigned char *, unsigned int *,
- unsigned int)) null_hash_end
- },
- { MD2_LENGTH,
- (void * (*)(void)) MD2_NewContext,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) MD2_DestroyContext,
- (void (*)(void *)) MD2_Begin,
- (void (*)(void *, const unsigned char *, unsigned int)) MD2_Update,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) MD2_End
- },
- { MD5_LENGTH,
- (void * (*)(void)) MD5_NewContext,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) MD5_DestroyContext,
- (void (*)(void *)) MD5_Begin,
- (void (*)(void *, const unsigned char *, unsigned int)) MD5_Update,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) MD5_End
- },
- { SHA1_LENGTH,
- (void * (*)(void)) SHA1_NewContext,
- (void * (*)(void *)) null_hash_clone_context,
- (void (*)(void *, PRBool)) SHA1_DestroyContext,
- (void (*)(void *)) SHA1_Begin,
- (void (*)(void *, const unsigned char *, unsigned int)) SHA1_Update,
- (void (*)(void *, unsigned char *, unsigned int *, unsigned int)) SHA1_End
- },
-};
-
diff --git a/security/nss/lib/softoken/rsawrapr.c b/security/nss/lib/softoken/rsawrapr.c
deleted file mode 100644
index b17d4fc8e..000000000
--- a/security/nss/lib/softoken/rsawrapr.c
+++ /dev/null
@@ -1,865 +0,0 @@
-/*
- * PKCS#1 encoding and decoding functions.
- * This file is believed to contain no code licensed from other parties.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "blapi.h"
-#include "softoken.h"
-#include "sechash.h"
-
-#include "lowkeyi.h"
-#include "secerr.h"
-
-#define RSA_BLOCK_MIN_PAD_LEN 8
-#define RSA_BLOCK_FIRST_OCTET 0x00
-#define RSA_BLOCK_PRIVATE0_PAD_OCTET 0x00
-#define RSA_BLOCK_PRIVATE_PAD_OCTET 0xff
-#define RSA_BLOCK_AFTER_PAD_OCTET 0x00
-
-#define OAEP_SALT_LEN 8
-#define OAEP_PAD_LEN 8
-#define OAEP_PAD_OCTET 0x00
-
-#define FLAT_BUFSIZE 512 /* bytes to hold flattened SHA1Context. */
-
-static SHA1Context *
-SHA1_CloneContext(SHA1Context *original)
-{
- SHA1Context * clone = NULL;
- unsigned char *pBuf;
- int sha1ContextSize = SHA1_FlattenSize(original);
- SECStatus frv;
- unsigned char buf[FLAT_BUFSIZE];
-
- PORT_Assert(sizeof buf >= sha1ContextSize);
- if (sizeof buf >= sha1ContextSize) {
- pBuf = buf;
- } else {
- pBuf = PORT_Alloc(sha1ContextSize);
- if (!pBuf)
- goto done;
- }
-
- frv = SHA1_Flatten(original, pBuf);
- if (frv == SECSuccess) {
- clone = SHA1_Resurrect(pBuf, NULL);
- memset(pBuf, 0, sha1ContextSize);
- }
-done:
- if (pBuf != buf)
- PORT_Free(pBuf);
- return clone;
-}
-
-/*
- * Modify data by XORing it with a special hash of salt.
- */
-static SECStatus
-oaep_xor_with_h1(unsigned char *data, unsigned int datalen,
- unsigned char *salt, unsigned int saltlen)
-{
- SHA1Context *sha1cx;
- unsigned char *dp, *dataend;
- unsigned char end_octet;
-
- sha1cx = SHA1_NewContext();
- if (sha1cx == NULL) {
- return SECFailure;
- }
-
- /*
- * Get a hash of salt started; we will use it several times,
- * adding in a different end octet (x00, x01, x02, ...).
- */
- SHA1_Begin (sha1cx);
- SHA1_Update (sha1cx, salt, saltlen);
- end_octet = 0;
-
- dp = data;
- dataend = data + datalen;
-
- while (dp < dataend) {
- SHA1Context *sha1cx_h1;
- unsigned int sha1len, sha1off;
- unsigned char sha1[SHA1_LENGTH];
-
- /*
- * Create hash of (salt || end_octet)
- */
- sha1cx_h1 = SHA1_CloneContext (sha1cx);
- SHA1_Update (sha1cx_h1, &end_octet, 1);
- SHA1_End (sha1cx_h1, sha1, &sha1len, sizeof(sha1));
- SHA1_DestroyContext (sha1cx_h1, PR_TRUE);
- PORT_Assert (sha1len == SHA1_LENGTH);
-
- /*
- * XOR that hash with the data.
- * When we have fewer than SHA1_LENGTH octets of data
- * left to xor, use just the low-order ones of the hash.
- */
- sha1off = 0;
- if ((dataend - dp) < SHA1_LENGTH)
- sha1off = SHA1_LENGTH - (dataend - dp);
- while (sha1off < SHA1_LENGTH)
- *dp++ ^= sha1[sha1off++];
-
- /*
- * Bump for next hash chunk.
- */
- end_octet++;
- }
-
- return SECSuccess;
-}
-
-/*
- * Modify salt by XORing it with a special hash of data.
- */
-static SECStatus
-oaep_xor_with_h2(unsigned char *salt, unsigned int saltlen,
- unsigned char *data, unsigned int datalen)
-{
- unsigned char sha1[SHA1_LENGTH];
- unsigned char *psalt, *psha1, *saltend;
- SECStatus rv;
-
- /*
- * Create a hash of data.
- */
- rv = SHA1_HashBuf (sha1, data, datalen);
- if (rv != SECSuccess) {
- return rv;
- }
-
- /*
- * XOR the low-order octets of that hash with salt.
- */
- PORT_Assert (saltlen <= SHA1_LENGTH);
- saltend = salt + saltlen;
- psalt = salt;
- psha1 = sha1 + SHA1_LENGTH - saltlen;
- while (psalt < saltend) {
- *psalt++ ^= *psha1++;
- }
-
- return SECSuccess;
-}
-
-/*
- * Format one block of data for public/private key encryption using
- * the rules defined in PKCS #1.
- */
-static unsigned char *
-rsa_FormatOneBlock(unsigned modulusLen, RSA_BlockType blockType,
- SECItem *data)
-{
- unsigned char *block;
- unsigned char *bp;
- int padLen;
- int i;
-
- block = (unsigned char *) PORT_Alloc(modulusLen);
- if (block == NULL)
- return NULL;
-
- bp = block;
-
- /*
- * All RSA blocks start with two octets:
- * 0x00 || BlockType
- */
- *bp++ = RSA_BLOCK_FIRST_OCTET;
- *bp++ = (unsigned char) blockType;
-
- switch (blockType) {
-
- /*
- * Blocks intended for private-key operation.
- */
- case RSA_BlockPrivate0: /* essentially unused */
- case RSA_BlockPrivate: /* preferred method */
- /*
- * 0x00 || BT || Pad || 0x00 || ActualData
- * 1 1 padLen 1 data->len
- * Pad is either all 0x00 or all 0xff bytes, depending on blockType.
- */
- padLen = modulusLen - data->len - 3;
- PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
- PORT_Memset (bp,
- blockType == RSA_BlockPrivate0
- ? RSA_BLOCK_PRIVATE0_PAD_OCTET
- : RSA_BLOCK_PRIVATE_PAD_OCTET,
- padLen);
- bp += padLen;
- *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
- PORT_Memcpy (bp, data->data, data->len);
- break;
-
- /*
- * Blocks intended for public-key operation.
- */
- case RSA_BlockPublic:
-
- /*
- * 0x00 || BT || Pad || 0x00 || ActualData
- * 1 1 padLen 1 data->len
- * Pad is all non-zero random bytes.
- */
- padLen = modulusLen - data->len - 3;
- PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
- for (i = 0; i < padLen; i++) {
- /* Pad with non-zero random data. */
- do {
- RNG_GenerateGlobalRandomBytes(bp + i, 1);
- } while (bp[i] == RSA_BLOCK_AFTER_PAD_OCTET);
- }
- bp += padLen;
- *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
- PORT_Memcpy (bp, data->data, data->len);
-
- break;
-
- /*
- * Blocks intended for public-key operation, using
- * Optimal Asymmetric Encryption Padding (OAEP).
- */
- case RSA_BlockOAEP:
- /*
- * 0x00 || BT || Modified2(Salt) || Modified1(PaddedData)
- * 1 1 OAEP_SALT_LEN OAEP_PAD_LEN + data->len [+ N]
- *
- * where:
- * PaddedData is "Pad1 || ActualData [|| Pad2]"
- * Salt is random data.
- * Pad1 is all zeros.
- * Pad2, if present, is random data.
- * (The "modified" fields are all the same length as the original
- * unmodified values; they are just xor'd with other values.)
- *
- * Modified1 is an XOR of PaddedData with a special octet
- * string constructed of iterated hashing of Salt (see below).
- * Modified2 is an XOR of Salt with the low-order octets of
- * the hash of Modified1 (see farther below ;-).
- *
- * Whew!
- */
-
-
- /*
- * Salt
- */
- RNG_GenerateGlobalRandomBytes(bp, OAEP_SALT_LEN);
- bp += OAEP_SALT_LEN;
-
- /*
- * Pad1
- */
- PORT_Memset (bp, OAEP_PAD_OCTET, OAEP_PAD_LEN);
- bp += OAEP_PAD_LEN;
-
- /*
- * Data
- */
- PORT_Memcpy (bp, data->data, data->len);
- bp += data->len;
-
- /*
- * Pad2
- */
- if (bp < (block + modulusLen))
- RNG_GenerateGlobalRandomBytes(bp, block - bp + modulusLen);
-
- /*
- * Now we have the following:
- * 0x00 || BT || Salt || PaddedData
- * (From this point on, "Pad1 || Data [|| Pad2]" is treated
- * as the one entity PaddedData.)
- *
- * We need to turn PaddedData into Modified1.
- */
- if (oaep_xor_with_h1(block + 2 + OAEP_SALT_LEN,
- modulusLen - 2 - OAEP_SALT_LEN,
- block + 2, OAEP_SALT_LEN) != SECSuccess) {
- PORT_Free (block);
- return NULL;
- }
-
- /*
- * Now we have:
- * 0x00 || BT || Salt || Modified1(PaddedData)
- *
- * The remaining task is to turn Salt into Modified2.
- */
- if (oaep_xor_with_h2(block + 2, OAEP_SALT_LEN,
- block + 2 + OAEP_SALT_LEN,
- modulusLen - 2 - OAEP_SALT_LEN) != SECSuccess) {
- PORT_Free (block);
- return NULL;
- }
-
- break;
-
- default:
- PORT_Assert (0);
- PORT_Free (block);
- return NULL;
- }
-
- return block;
-}
-
-static SECStatus
-rsa_FormatBlock(SECItem *result, unsigned modulusLen,
- RSA_BlockType blockType, SECItem *data)
-{
- /*
- * XXX For now assume that the data length fits in a single
- * XXX encryption block; the ASSERTs below force this.
- * XXX To fix it, each case will have to loop over chunks whose
- * XXX lengths satisfy the assertions, until all data is handled.
- * XXX (Unless RSA has more to say about how to handle data
- * XXX which does not fit in a single encryption block?)
- * XXX And I do not know what the result is supposed to be,
- * XXX so the interface to this function may need to change
- * XXX to allow for returning multiple blocks, if they are
- * XXX not wanted simply concatenated one after the other.
- */
-
- switch (blockType) {
- case RSA_BlockPrivate0:
- case RSA_BlockPrivate:
- case RSA_BlockPublic:
- /*
- * 0x00 || BT || Pad || 0x00 || ActualData
- *
- * The "3" below is the first octet + the second octet + the 0x00
- * octet that always comes just before the ActualData.
- */
- PORT_Assert (data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
-
- result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
- if (result->data == NULL) {
- result->len = 0;
- return SECFailure;
- }
- result->len = modulusLen;
-
- break;
-
- case RSA_BlockOAEP:
- /*
- * 0x00 || BT || M1(Salt) || M2(Pad1||ActualData[||Pad2])
- *
- * The "2" below is the first octet + the second octet.
- * (The other fields do not contain the clear values, but are
- * the same length as the clear values.)
- */
- PORT_Assert (data->len <= (modulusLen - (2 + OAEP_SALT_LEN
- + OAEP_PAD_LEN)));
-
- result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
- if (result->data == NULL) {
- result->len = 0;
- return SECFailure;
- }
- result->len = modulusLen;
-
- break;
-
- case RSA_BlockRaw:
- /*
- * Pad || ActualData
- * Pad is zeros. The application is responsible for recovering
- * the actual data.
- */
- result->data = (unsigned char*)PORT_ZAlloc(modulusLen);
- result->len = modulusLen;
- PORT_Memcpy(result->data+(modulusLen-data->len),data->data,data->len);
- break;
-
- default:
- PORT_Assert (0);
- result->data = NULL;
- result->len = 0;
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_Sign(NSSLOWKEYPrivateKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int maxOutputLen,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv = SECSuccess;
- unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- if (maxOutputLen < modulus_len)
- return SECFailure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- return SECFailure;
-
- unformatted.len = input_len;
- unformatted.data = input;
- formatted.data = NULL;
- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPrivate,
- &unformatted);
- if (rv != SECSuccess)
- goto done;
-
- rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output, formatted.data);
- *output_len = modulus_len;
-
- goto done;
-
-done:
- if (formatted.data != NULL)
- PORT_ZFree(formatted.data, modulus_len);
- return rv;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSign(NSSLOWKEYPublicKey *key,
- unsigned char * sign,
- unsigned int sign_len,
- unsigned char * hash,
- unsigned int hash_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- unsigned int i;
- unsigned char * buffer;
-
- modulus_len = nsslowkey_PublicModulusLen(key);
- if (sign_len != modulus_len)
- goto failure;
- if (hash_len > modulus_len - 8)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
- if (!buffer)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * check the padding that was used
- */
- if (buffer[0] != 0 || buffer[1] != 1)
- goto loser;
- for (i = 2; i < modulus_len - hash_len - 1; i++) {
- if (buffer[i] == 0)
- break;
- if (buffer[i] != 0xff)
- goto loser;
- }
-
- /*
- * make sure we get the same results
- */
- if (PORT_Memcmp(buffer + modulus_len - hash_len, hash, hash_len) != 0)
- goto loser;
-
- PORT_Free(buffer);
- return SECSuccess;
-
-loser:
- PORT_Free(buffer);
-failure:
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRecover(NSSLOWKEYPublicKey *key,
- unsigned char * data,
- unsigned int * data_len,
- unsigned int max_output_len,
- unsigned char * sign,
- unsigned int sign_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- unsigned int i;
- unsigned char * buffer;
-
- if (sign_len != modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
- if (!buffer)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
- if (rv != SECSuccess)
- goto loser;
- *data_len = 0;
-
- /*
- * check the padding that was used
- */
- if (buffer[0] != 0 || buffer[1] != 1)
- goto loser;
- for (i = 2; i < modulus_len; i++) {
- if (buffer[i] == 0) {
- *data_len = modulus_len - i - 1;
- break;
- }
- if (buffer[i] != 0xff)
- goto loser;
- }
- if (*data_len == 0)
- goto loser;
- if (*data_len > max_output_len)
- goto loser;
-
- /*
- * make sure we get the same results
- */
- PORT_Memcpy(data,buffer + modulus_len - *data_len, *data_len);
-
- PORT_Free(buffer);
- return SECSuccess;
-
-loser:
- PORT_Free(buffer);
-failure:
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_EncryptBlock(NSSLOWKEYPublicKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int max_output_len,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- formatted.data = NULL;
- if (max_output_len < modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- unformatted.len = input_len;
- unformatted.data = input;
- formatted.data = NULL;
- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPublic,
- &unformatted);
- if (rv != SECSuccess)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, output, formatted.data);
- if (rv != SECSuccess)
- goto failure;
-
- PORT_ZFree(formatted.data, modulus_len);
- *output_len = modulus_len;
- return SECSuccess;
-
-failure:
- if (formatted.data != NULL)
- PORT_ZFree(formatted.data, modulus_len);
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_DecryptBlock(NSSLOWKEYPrivateKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int max_output_len,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
- unsigned int i;
- unsigned char * buffer;
-
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
- if (input_len != modulus_len)
- goto failure;
-
- buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
- if (!buffer)
- goto failure;
-
- rv = RSA_PrivateKeyOp(&key->u.rsa, buffer, input);
- if (rv != SECSuccess)
- goto loser;
-
- if (buffer[0] != 0 || buffer[1] != 2)
- goto loser;
- *output_len = 0;
- for (i = 2; i < modulus_len; i++) {
- if (buffer[i] == 0) {
- *output_len = modulus_len - i - 1;
- break;
- }
- }
- if (*output_len == 0)
- goto loser;
- if (*output_len > max_output_len)
- goto loser;
-
- PORT_Memcpy(output, buffer + modulus_len - *output_len, *output_len);
-
- PORT_Free(buffer);
- return SECSuccess;
-
-loser:
- PORT_Free(buffer);
-failure:
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-/*
- * added to make pkcs #11 happy
- * RAW is RSA_X_509
- */
-SECStatus
-RSA_SignRaw(NSSLOWKEYPrivateKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int maxOutputLen,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv = SECSuccess;
- unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- if (maxOutputLen < modulus_len)
- return SECFailure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- return SECFailure;
-
- unformatted.len = input_len;
- unformatted.data = input;
- formatted.data = NULL;
- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw, &unformatted);
- if (rv != SECSuccess)
- goto done;
-
- rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output, formatted.data);
- *output_len = modulus_len;
-
-done:
- if (formatted.data != NULL)
- PORT_ZFree(formatted.data, modulus_len);
- return rv;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRaw(NSSLOWKEYPublicKey *key,
- unsigned char * sign,
- unsigned int sign_len,
- unsigned char * hash,
- unsigned int hash_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- unsigned char * buffer;
-
- if (sign_len != modulus_len)
- goto failure;
- if (hash_len > modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- buffer = (unsigned char *)PORT_Alloc(modulus_len + 1);
- if (!buffer)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- * make sure we get the same results
- */
- /* NOTE: should we verify the leading zeros? */
- if (PORT_Memcmp(buffer + (modulus_len-hash_len), hash, hash_len) != 0)
- goto loser;
-
- PORT_Free(buffer);
- return SECSuccess;
-
-loser:
- PORT_Free(buffer);
-failure:
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_CheckSignRecoverRaw(NSSLOWKEYPublicKey *key,
- unsigned char * data,
- unsigned int * data_len,
- unsigned int max_output_len,
- unsigned char * sign,
- unsigned int sign_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
-
- if (sign_len != modulus_len)
- goto failure;
- if (max_output_len < modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, data, sign);
- if (rv != SECSuccess)
- goto failure;
-
- *data_len = modulus_len;
- return SECSuccess;
-
-failure:
- return SECFailure;
-}
-
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_EncryptRaw(NSSLOWKEYPublicKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int max_output_len,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PublicModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- formatted.data = NULL;
- if (max_output_len < modulus_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
-
- unformatted.len = input_len;
- unformatted.data = input;
- formatted.data = NULL;
- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw, &unformatted);
- if (rv != SECSuccess)
- goto failure;
-
- rv = RSA_PublicKeyOp(&key->u.rsa, output, formatted.data);
- if (rv != SECSuccess)
- goto failure;
-
- PORT_ZFree(formatted.data, modulus_len);
- *output_len = modulus_len;
- return SECSuccess;
-
-failure:
- if (formatted.data != NULL)
- PORT_ZFree(formatted.data, modulus_len);
- return SECFailure;
-}
-
-/* XXX Doesn't set error code */
-SECStatus
-RSA_DecryptRaw(NSSLOWKEYPrivateKey *key,
- unsigned char * output,
- unsigned int * output_len,
- unsigned int max_output_len,
- unsigned char * input,
- unsigned int input_len)
-{
- SECStatus rv;
- unsigned int modulus_len = nsslowkey_PrivateModulusLen(key);
-
- if (modulus_len <= 0)
- goto failure;
- if (modulus_len > max_output_len)
- goto failure;
- PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
- if (key->keyType != NSSLOWKEYRSAKey)
- goto failure;
- if (input_len != modulus_len)
- goto failure;
-
- rv = RSA_PrivateKeyOp(&key->u.rsa, output, input);
- if (rv != SECSuccess)
- goto failure;
-
- *output_len = modulus_len;
- return SECSuccess;
-
-failure:
- return SECFailure;
-}
diff --git a/security/nss/lib/softoken/softoken.h b/security/nss/lib/softoken/softoken.h
deleted file mode 100644
index f9fb06222..000000000
--- a/security/nss/lib/softoken/softoken.h
+++ /dev/null
@@ -1,157 +0,0 @@
-/*
- * softoken.h - private data structures and prototypes for the softoken lib
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SOFTOKEN_H_
-#define _SOFTOKEN_H_
-
-#include "blapi.h"
-#include "lowkeyti.h"
-#include "softoknt.h"
-#include "secoidt.h"
-
-#include "pkcs11t.h" /* CK_RV Required for pk11_fipsPowerUpSelfTest(). */
-
-SEC_BEGIN_PROTOS
-
-/*
-** RSA encryption/decryption. When encrypting/decrypting the output
-** buffer must be at least the size of the public key modulus.
-*/
-
-/*
-** Format some data into a PKCS#1 encryption block, preparing the
-** data for RSA encryption.
-** "result" where the formatted block is stored (memory is allocated)
-** "modulusLen" the size of the formatted block
-** "blockType" what block type to use (SEC_RSABlock*)
-** "data" the data to format
-*/
-extern SECStatus RSA_FormatBlock(SECItem *result,
- unsigned int modulusLen,
- RSA_BlockType blockType,
- SECItem *data);
-/*
-** Similar, but just returns a pointer to the allocated memory, *and*
-** will *only* format one block, even if we (in the future) modify
-** RSA_FormatBlock() to loop over multiples of modulusLen.
-*/
-extern unsigned char *RSA_FormatOneBlock(unsigned int modulusLen,
- RSA_BlockType blockType,
- SECItem *data);
-
-
-
-/*
- * convenience wrappers for doing single RSA operations. They create the
- * RSA context internally and take care of the formatting
- * requirements. Blinding happens automagically within RSA_SignHash and
- * RSA_DecryptBlock.
- */
-extern
-SECStatus RSA_Sign(NSSLOWKEYPrivateKey *key, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen);
-extern
-SECStatus RSA_CheckSign(NSSLOWKEYPublicKey *key, unsigned char *sign,
- unsigned int signLength, unsigned char *hash,
- unsigned int hashLength);
-extern
-SECStatus RSA_CheckSignRecover(NSSLOWKEYPublicKey *key, unsigned char *data,
- unsigned int *data_len,unsigned int max_output_len,
- unsigned char *sign, unsigned int sign_len);
-extern
-SECStatus RSA_EncryptBlock(NSSLOWKEYPublicKey *key, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen);
-extern
-SECStatus RSA_DecryptBlock(NSSLOWKEYPrivateKey *key, unsigned char *output,
- unsigned int *outputLen, unsigned int maxOutputLen,
- unsigned char *input, unsigned int inputLen);
-
-/*
- * added to make pkcs #11 happy
- * RAW is RSA_X_509
- */
-extern
-SECStatus RSA_SignRaw( NSSLOWKEYPrivateKey *key, unsigned char *output,
- unsigned int *output_len, unsigned int maxOutputLen,
- unsigned char *input, unsigned int input_len);
-extern
-SECStatus RSA_CheckSignRaw( NSSLOWKEYPublicKey *key, unsigned char *sign,
- unsigned int sign_len, unsigned char *hash,
- unsigned int hash_len);
-extern
-SECStatus RSA_CheckSignRecoverRaw( NSSLOWKEYPublicKey *key, unsigned char *data,
- unsigned int *data_len, unsigned int max_output_len,
- unsigned char *sign, unsigned int sign_len);
-extern
-SECStatus RSA_EncryptRaw( NSSLOWKEYPublicKey *key, unsigned char *output,
- unsigned int *output_len,
- unsigned int max_output_len,
- unsigned char *input, unsigned int input_len);
-extern
-SECStatus RSA_DecryptRaw(NSSLOWKEYPrivateKey *key, unsigned char *output,
- unsigned int *output_len,
- unsigned int max_output_len,
- unsigned char *input, unsigned int input_len);
-
-/*
-** Prepare a buffer for DES encryption, growing to the appropriate boundary,
-** filling with the appropriate padding.
-** We add from 1 to DES_KEY_LENGTH bytes -- we *always* grow.
-** The extra bytes contain the value of the length of the padding:
-** if we have 2 bytes of padding, then the padding is "0x02, 0x02".
-**
-** NOTE: If arena is non-NULL, we re-allocate from there, otherwise
-** we assume (and use) PR memory (re)allocation.
-** Maybe this belongs in util?
-*/
-extern unsigned char * DES_PadBuffer(PRArenaPool *arena, unsigned char *inbuf,
- unsigned int inlen, unsigned int *outlen);
-
-
-/****************************************/
-/*
-** Power-Up selftests required for FIPS and invoked only
-** under PKCS #11 FIPS mode.
-*/
-extern CK_RV pk11_fipsPowerUpSelfTest( void );
-
-
-SEC_END_PROTOS
-
-#endif /* _SOFTOKEN_H_ */
diff --git a/security/nss/lib/softoken/softokn.def b/security/nss/lib/softoken/softokn.def
deleted file mode 100644
index ef5e51e77..000000000
--- a/security/nss/lib/softoken/softokn.def
+++ /dev/null
@@ -1,57 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation. Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation. All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+# Dr Stephen Henson <stephen.henson@gemplus.com>
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above. If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL. If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+# 1. For all unix platforms, the string ";-" means "remove this line"
-;+# 2. For all unix platforms, the string " DATA " will be removed from any
-;+# line on which it occurs.
-;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+# On AIX, lines containing ";+" will be removed.
-;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+# 5. For all unix platforms, after the above processing has taken place,
-;+# all characters after the first ";" on the line will be removed.
-;+# And for AIX, the first ";" will also be removed.
-;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+# directives are hidden behind ";", ";+", and ";-"
-;+SOFTOKEN_3.4 { # Softoken 3.4 release
-;+ global:
-LIBRARY softokn3 ;-
-EXPORTS ;-
-NSC_GetFunctionList ;
-NSC_ModuleDBFunc ;
-FC_GetFunctionList ;
-C_GetFunctionList ; Make this function like a real PKCS #11 module as well
-;+ local:
-;+ *;
-;+};
diff --git a/security/nss/lib/softoken/softokn.rc b/security/nss/lib/softoken/softokn.rc
deleted file mode 100644
index 5f54d2b0a..000000000
--- a/security/nss/lib/softoken/softokn.rc
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "softoken"
-#ifdef MOZ_CLIENT
-#define MY_FILEDESCRIPTION "NSS Builtin Crypto PKCS #11 Library for Clients"
-#else
-#define MY_FILEDESCRIPTION "NSS Builtin Crypto PKCS #11 Library"
-#endif
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904B0" // Lang=US English, CharSet=Unicode
- BEGIN
- VALUE "CompanyName", "Netscape Communications Corporation\0"
- VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
- VALUE "FileVersion", NSS_VERSION "\0"
- VALUE "InternalName", MY_INTERNAL_NAME "\0"
- VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
- VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
- VALUE "ProductName", "Network Security Services\0"
- VALUE "ProductVersion", NSS_VERSION "\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 1200
- END
-END
diff --git a/security/nss/lib/softoken/softoknt.h b/security/nss/lib/softoken/softoknt.h
deleted file mode 100644
index da66c9042..000000000
--- a/security/nss/lib/softoken/softoknt.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * softoknt.h - public data structures for the software token library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SOFTOKNT_H_
-#define _SOFTOKNT_H_
-
-/*
- * RSA block types
- *
- * The actual values are important -- they are fixed, *not* arbitrary.
- * The explicit value assignments are not needed (because C would give
- * us those same values anyway) but are included as a reminder...
- */
-typedef enum {
- RSA_BlockPrivate0 = 0, /* unused, really */
- RSA_BlockPrivate = 1, /* pad for a private-key operation */
- RSA_BlockPublic = 2, /* pad for a public-key operation */
- RSA_BlockOAEP = 3, /* use OAEP padding */
- /* XXX is this only for a public-key
- operation? If so, add "Public" */
- RSA_BlockRaw = 4, /* simply justify the block appropriately */
- RSA_BlockTotal
-} RSA_BlockType;
-
-#define NSS_SOFTOKEN_DEFAULT_CHUNKSIZE 2048
-
-#endif /* _SOFTOKNT_H_ */
diff --git a/security/nss/lib/ssl/Makefile b/security/nss/lib/ssl/Makefile
deleted file mode 100644
index fff62966e..000000000
--- a/security/nss/lib/ssl/Makefile
+++ /dev/null
@@ -1,87 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-ifeq ($(OS_ARCH),WINNT)
-CSRCS += win32err.c
-DEFINES += -DIN_LIBSSL
-else
-ifeq ($(OS_ARCH),OS2)
-CSRCS += os2_err.c
-else
-CSRCS += unix_err.c
-endif
-endif
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-export:: private_export
-
diff --git a/security/nss/lib/ssl/authcert.c b/security/nss/lib/ssl/authcert.c
deleted file mode 100644
index 5a9c45e5a..000000000
--- a/security/nss/lib/ssl/authcert.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "prerror.h"
-#include "secitem.h"
-#include "prnetdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "secder.h"
-#include "key.h"
-#include "nss.h"
-#include "ssl.h"
-#include "pk11func.h" /* for PK11_ function calls */
-
-/*
- * This callback used by SSL to pull client sertificate upon
- * server request
- */
-SECStatus
-NSS_GetClientAuthData(void * arg,
- PRFileDesc * socket,
- struct CERTDistNamesStr * caNames,
- struct CERTCertificateStr ** pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey)
-{
- CERTCertificate * cert;
- SECKEYPrivateKey * privkey;
- char * chosenNickName = (char *)arg; /* CONST */
- void * proto_win = NULL;
- SECStatus rv = SECFailure;
-
- proto_win = SSL_RevealPinArg(socket);
-
- if (chosenNickName) {
- cert = PK11_FindCertFromNickname(chosenNickName, proto_win);
- if ( cert ) {
- privkey = PK11_FindKeyByAnyCert(cert, proto_win);
- if ( privkey ) {
- rv = SECSuccess;
- } else {
- CERT_DestroyCertificate(cert);
- }
- }
- } else { /* no name given, automatically find the right cert. */
- CERTCertNicknames * names;
- int i;
-
- names = CERT_GetCertNicknames(CERT_GetDefaultCertDB(),
- SEC_CERT_NICKNAMES_USER, proto_win);
- if (names != NULL) {
- for (i = 0; i < names->numnicknames; i++) {
- cert = PK11_FindCertFromNickname(names->nicknames[i],proto_win);
- if ( !cert )
- continue;
- /* Only check unexpired certs */
- if (CERT_CheckCertValidTimes(cert, PR_Now(), PR_TRUE) !=
- secCertTimeValid ) {
- CERT_DestroyCertificate(cert);
- continue;
- }
- rv = NSS_CmpCertChainWCANames(cert, caNames);
- if ( rv == SECSuccess ) {
- privkey = PK11_FindKeyByAnyCert(cert, proto_win);
- if ( privkey )
- break;
- }
- rv = SECFailure;
- CERT_DestroyCertificate(cert);
- }
- CERT_FreeNicknames(names);
- }
- }
- if (rv == SECSuccess) {
- *pRetCert = cert;
- *pRetKey = privkey;
- }
- return rv;
-}
-
diff --git a/security/nss/lib/ssl/cmpcert.c b/security/nss/lib/ssl/cmpcert.c
deleted file mode 100644
index 5e557828e..000000000
--- a/security/nss/lib/ssl/cmpcert.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/*
- * NSS utility functions
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "prerror.h"
-#include "secitem.h"
-#include "prnetdb.h"
-#include "cert.h"
-#include "nspr.h"
-#include "secder.h"
-#include "key.h"
-#include "nss.h"
-
-/*
- * Look to see if any of the signers in the cert chain for "cert" are found
- * in the list of caNames.
- * Returns SECSuccess if so, SECFailure if not.
- */
-SECStatus
-NSS_CmpCertChainWCANames(CERTCertificate *cert, CERTDistNames *caNames)
-{
- SECItem * caname;
- CERTCertificate * curcert;
- CERTCertificate * oldcert;
- PRInt32 contentlen;
- int j;
- int headerlen;
- int depth;
- SECStatus rv;
- SECItem issuerName;
- SECItem compatIssuerName;
-
- depth=0;
- curcert = CERT_DupCertificate(cert);
-
- while( curcert ) {
- issuerName = curcert->derIssuer;
-
- /* compute an alternate issuer name for compatibility with 2.0
- * enterprise server, which send the CA names without
- * the outer layer of DER hearder
- */
- rv = DER_Lengths(&issuerName, &headerlen, (uint32 *)&contentlen);
- if ( rv == SECSuccess ) {
- compatIssuerName.data = &issuerName.data[headerlen];
- compatIssuerName.len = issuerName.len - headerlen;
- } else {
- compatIssuerName.data = NULL;
- compatIssuerName.len = 0;
- }
-
- for (j = 0; j < caNames->nnames; j++) {
- caname = &caNames->names[j];
- if (SECITEM_CompareItem(&issuerName, caname) == SECEqual) {
- rv = SECSuccess;
- CERT_DestroyCertificate(curcert);
- goto done;
- } else if (SECITEM_CompareItem(&compatIssuerName, caname) == SECEqual) {
- rv = SECSuccess;
- CERT_DestroyCertificate(curcert);
- goto done;
- }
- }
- if ( ( depth <= 20 ) &&
- ( SECITEM_CompareItem(&curcert->derIssuer, &curcert->derSubject)
- != SECEqual ) ) {
- oldcert = curcert;
- curcert = CERT_FindCertByName(curcert->dbhandle,
- &curcert->derIssuer);
- CERT_DestroyCertificate(oldcert);
- depth++;
- } else {
- CERT_DestroyCertificate(curcert);
- curcert = NULL;
- }
- }
- rv = SECFailure;
-
-done:
- return rv;
-}
-
diff --git a/security/nss/lib/ssl/config.mk b/security/nss/lib/ssl/config.mk
deleted file mode 100644
index f26102698..000000000
--- a/security/nss/lib/ssl/config.mk
+++ /dev/null
@@ -1,71 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-#TARGETS = $(LIBRARY)
-#SHARED_LIBRARY =
-#IMPORT_LIBRARY =
-#PROGRAM =
-
-ifeq ($(OS_ARCH), WINNT)
-
-# don't want the 32 in the shared library name
-SHARED_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).dll
-IMPORT_LIBRARY = $(OBJDIR)/$(LIBRARY_NAME)$(LIBRARY_VERSION).lib
-
-RES = $(OBJDIR)/ssl.res
-RESNAME = ssl.rc
-
-EXTRA_SHARED_LIBS += \
- $(DIST)/lib/nss3.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plc4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)plds4.lib \
- $(DIST)/lib/$(NSPR31_LIB_PREFIX)nspr4.lib \
- $(NULL)
-else
-
-
-# $(PROGRAM) has NO explicit dependencies on $(EXTRA_SHARED_LIBS)
-# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
-EXTRA_SHARED_LIBS += \
- -L$(DIST)/lib/ \
- -lnss3 \
- -lplc4 \
- -lplds4 \
- -lnspr4 \
- $(NULL)
-endif
diff --git a/security/nss/lib/ssl/emulate.c b/security/nss/lib/ssl/emulate.c
deleted file mode 100644
index bb6efc140..000000000
--- a/security/nss/lib/ssl/emulate.c
+++ /dev/null
@@ -1,626 +0,0 @@
-/*
- * Functions that emulate PR_AcceptRead and PR_TransmitFile for SSL sockets.
- * Each Layered NSPR protocol (like SSL) must unfortunately contain its
- * own implementation of these functions. This code was taken from NSPR.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nspr.h"
-
-#if defined( XP_UNIX )
-#include <fcntl.h>
-#endif
-#if defined(WIN32)
-#include <windef.h>
-#include <winbase.h>
-#endif
-#include <string.h>
-
-#define AMASK 7 /* mask for alignment of PRNetAddr */
-
-/*
- * _PR_EmulateAcceptRead
- *
- * Accept an incoming connection on sd, set *nd to point to the
- * newly accepted socket, read 'amount' bytes from the accepted
- * socket.
- *
- * buf is a buffer of length = amount + (2 * sizeof(PRNetAddr)) + 32
- * *raddr points to the PRNetAddr of the accepted connection upon
- * return
- *
- * return number of bytes read or -1 on error
- *
- */
-PRInt32
-ssl_EmulateAcceptRead( PRFileDesc * sd,
- PRFileDesc ** nd,
- PRNetAddr ** raddr,
- void * buf,
- PRInt32 amount,
- PRIntervalTime timeout)
-{
- PRFileDesc * newsockfd;
- PRInt32 rv;
- PRNetAddr remote;
-
- if (!(newsockfd = PR_Accept(sd, &remote, PR_INTERVAL_NO_TIMEOUT))) {
- return -1;
- }
-
- rv = PR_Recv(newsockfd, buf, amount, 0, timeout);
- if (rv >= 0) {
- ptrdiff_t pNetAddr = (((ptrdiff_t)buf) + amount + AMASK) & ~AMASK;
-
- *nd = newsockfd;
- *raddr = (PRNetAddr *)pNetAddr;
- memcpy((void *)pNetAddr, &remote, sizeof(PRNetAddr));
- return rv;
- }
-
- PR_Close(newsockfd);
- return -1;
-}
-
-
-#if !defined( XP_UNIX ) && !defined( WIN32 )
-/*
- * _PR_EmulateTransmitFile
- *
- * Send file fd across socket sd. If headers is non-NULL, 'hlen'
- * bytes of headers is sent before sending the file.
- *
- * PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- * return number of bytes sent or -1 on error
- *
- */
-#define _TRANSMITFILE_BUFSIZE (16 * 1024)
-
-PRInt32
-ssl_EmulateTransmitFile( PRFileDesc * sd,
- PRFileDesc * fd,
- const void * headers,
- PRInt32 hlen,
- PRTransmitFileFlags flags,
- PRIntervalTime timeout)
-{
- char * buf = NULL;
- PRInt32 count = 0;
- PRInt32 rlen;
- PRInt32 rv;
-
- buf = PR_MALLOC(_TRANSMITFILE_BUFSIZE);
- if (buf == NULL) {
- PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
- return -1;
- }
-
- /*
- * send headers, first
- */
- while (hlen) {
- rv = PR_Send(sd, headers, hlen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- }
- count += rv;
- headers = (const void*) ((const char*)headers + rv);
- hlen -= rv;
- }
- /*
- * send file, next
- */
- while ((rlen = PR_Read(fd, buf, _TRANSMITFILE_BUFSIZE)) > 0) {
- while (rlen) {
- char *bufptr = buf;
-
- rv = PR_Send(sd, bufptr, rlen,0,PR_INTERVAL_NO_TIMEOUT);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- }
- count += rv;
- bufptr = ((char*)bufptr + rv);
- rlen -= rv;
- }
- }
- if (rlen == 0) {
- /*
- * end-of-file
- */
- if (flags & PR_TRANSMITFILE_CLOSE_SOCKET)
- PR_Close(sd);
- rv = count;
- } else {
- PR_ASSERT(rlen < 0);
- /* PR_Read() has invoked PR_SetError(). */
- rv = -1;
- }
-
-done:
- if (buf)
- PR_DELETE(buf);
- return rv;
-}
-#else
-
-#define TRANSMITFILE_MMAP_CHUNK (256 * 1024)
-
-/*
- * _PR_UnixTransmitFile
- *
- * Send file fd across socket sd. If headers is non-NULL, 'hlen'
- * bytes of headers is sent before sending the file.
- *
- * PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- * return number of bytes sent or -1 on error
- *
- */
-
-PRInt32
-ssl_EmulateTransmitFile( PRFileDesc * sd,
- PRFileDesc * fd,
- const void * headers,
- PRInt32 hlen,
- PRTransmitFileFlags flags,
- PRIntervalTime timeout)
-{
- void * addr;
- PRFileMap * mapHandle = NULL;
- PRInt32 count = 0;
- PRInt32 index = 0;
- PRInt32 len = 0;
- PRInt32 rv;
- struct PRFileInfo info;
- struct PRIOVec iov[2];
-
- /* Get file size */
- if (PR_SUCCESS != PR_GetOpenFileInfo(fd, &info)) {
- count = -1;
- goto done;
- }
- if (hlen) {
- iov[index].iov_base = (char *) headers;
- iov[index].iov_len = hlen;
- index++;
- }
- if (info.size > 0) {
- mapHandle = PR_CreateFileMap(fd, info.size, PR_PROT_READONLY);
- if (mapHandle == NULL) {
- count = -1;
- goto done;
- }
- /*
- * If the file is large, mmap and send the file in chunks so as
- * to not consume too much virtual address space
- */
- len = PR_MIN(info.size , TRANSMITFILE_MMAP_CHUNK );
- /*
- * Map in (part of) file. Take care of zero-length files.
- */
- if (len) {
- addr = PR_MemMap(mapHandle, 0, len);
- if (addr == NULL) {
- count = -1;
- goto done;
- }
- }
- iov[index].iov_base = (char*)addr;
- iov[index].iov_len = len;
- index++;
- }
- if (!index)
- goto done;
- rv = PR_Writev(sd, iov, index, timeout);
- if (len) {
- PR_MemUnmap(addr, len);
- }
- if (rv >= 0) {
- PR_ASSERT(rv == hlen + len);
- info.size -= len;
- count += rv;
- } else {
- count = -1;
- goto done;
- }
- /*
- * send remaining bytes of the file, if any
- */
- len = PR_MIN(info.size , TRANSMITFILE_MMAP_CHUNK );
- while (len > 0) {
- /*
- * Map in (part of) file
- */
- PR_ASSERT((count - hlen) % TRANSMITFILE_MMAP_CHUNK == 0);
- addr = PR_MemMap(mapHandle, count - hlen, len);
- if (addr == NULL) {
- count = -1;
- goto done;
- }
- rv = PR_Send(sd, addr, len, 0, timeout);
- PR_MemUnmap(addr, len);
- if (rv >= 0) {
- PR_ASSERT(rv == len);
- info.size -= rv;
- count += rv;
- len = PR_MIN(info.size , TRANSMITFILE_MMAP_CHUNK );
- } else {
- count = -1;
- goto done;
- }
- }
-done:
- if ((count >= 0) && (flags & PR_TRANSMITFILE_CLOSE_SOCKET))
- PR_Close(sd);
- if (mapHandle != NULL)
- PR_CloseFileMap(mapHandle);
- return count;
-}
-#endif /* XP_UNIX */
-
-
-
-
-#if !defined( XP_UNIX ) && !defined( WIN32 )
-/*
- * _PR_EmulateSendFile
- *
- * Send file sfd->fd across socket sd. The header and trailer buffers
- * specified in the 'sfd' argument are sent before and after the file,
- * respectively.
- *
- * PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- * return number of bytes sent or -1 on error
- *
- */
-
-PRInt32
-ssl_EmulateSendFile(PRFileDesc *sd, PRSendFileData *sfd,
- PRTransmitFileFlags flags, PRIntervalTime timeout)
-{
- char * buf = NULL;
- const void * buffer;
- PRInt32 rv;
- PRInt32 count = 0;
- PRInt32 rlen;
- PRInt32 buflen;
- PRInt32 sendbytes;
- PRInt32 readbytes;
-
-#define _SENDFILE_BUFSIZE (16 * 1024)
-
- buf = (char*)PR_MALLOC(_SENDFILE_BUFSIZE);
- if (buf == NULL) {
- PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
- return -1;
- }
-
- /*
- * send header, first
- */
- buflen = sfd->hlen;
- buffer = sfd->header;
- while (buflen) {
- rv = PR_Send(sd, buffer, buflen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else {
- count += rv;
- buffer = (const void*) ((const char*)buffer + rv);
- buflen -= rv;
- }
- }
- /*
- * send file, next
- */
-
- if (PR_Seek(sfd->fd, sfd->file_offset, PR_SEEK_SET) < 0) {
- rv = -1;
- goto done;
- }
- sendbytes = sfd->file_nbytes;
- if (sendbytes == 0) {
- /* send entire file */
- while ((rlen = PR_Read(sfd->fd, buf, _SENDFILE_BUFSIZE)) > 0) {
- while (rlen) {
- char *bufptr = buf;
-
- rv = PR_Send(sd, bufptr, rlen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else {
- count += rv;
- bufptr = ((char*)bufptr + rv);
- rlen -= rv;
- }
- }
- }
- if (rlen < 0) {
- /* PR_Read() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- }
- } else {
- readbytes = PR_MIN(sendbytes, _SENDFILE_BUFSIZE);
- while (readbytes && ((rlen = PR_Read(sfd->fd, buf, readbytes)) > 0)) {
- while (rlen) {
- char *bufptr = buf;
-
- rv = PR_Send(sd, bufptr, rlen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else {
- count += rv;
- sendbytes -= rv;
- bufptr = ((char*)bufptr + rv);
- rlen -= rv;
- }
- }
- readbytes = PR_MIN(sendbytes, _SENDFILE_BUFSIZE);
- }
- if (rlen < 0) {
- /* PR_Read() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else if (sendbytes != 0) {
- /*
- * there are fewer bytes in file to send than specified
- */
- PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
- rv = -1;
- goto done;
- }
- }
- /*
- * send trailer, last
- */
- buflen = sfd->tlen;
- buffer = sfd->trailer;
- while (buflen) {
- rv = PR_Send(sd, buffer, buflen, 0, timeout);
- if (rv < 0) {
- /* PR_Send() has invoked PR_SetError(). */
- rv = -1;
- goto done;
- } else {
- count += rv;
- buffer = (const void*) ((const char*)buffer + rv);
- buflen -= rv;
- }
- }
- rv = count;
-
-done:
- if (buf)
- PR_DELETE(buf);
- if ((rv >= 0) && (flags & PR_TRANSMITFILE_CLOSE_SOCKET))
- PR_Close(sd);
- return rv;
-}
-
-#else /* UNIX and NT handled below */
-
-/*
- * _PR_UnixSendFile
- *
- * Send file sfd->fd across socket sd. If header/trailer are specified
- * they are sent before and after the file, respectively.
- *
- * PR_TRANSMITFILE_CLOSE_SOCKET flag - close socket after sending file
- *
- * return number of bytes sent or -1 on error
- *
- */
-#define SENDFILE_MMAP_CHUNK (256 * 1024)
-
-PRInt32
-ssl_EmulateSendFile(PRFileDesc *sd, PRSendFileData *sfd,
- PRTransmitFileFlags flags, PRIntervalTime timeout)
-{
- void * addr;
- PRFileMap * mapHandle = NULL;
- PRInt32 count = 0;
- PRInt32 file_bytes;
- PRInt32 index = 0;
- PRInt32 len;
- PRInt32 rv;
- PRUint32 addr_offset;
- PRUint32 file_mmap_offset;
- PRUint32 mmap_len;
- PRUint32 pagesize;
- struct PRFileInfo info;
- struct PRIOVec iov[3];
-
- /* Get file size */
- if (PR_SUCCESS != PR_GetOpenFileInfo(sfd->fd, &info)) {
- count = -1;
- goto done;
- }
- if (sfd->file_nbytes &&
- (info.size < (sfd->file_offset + sfd->file_nbytes))) {
- /*
- * there are fewer bytes in file to send than specified
- */
- PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
- count = -1;
- goto done;
- }
- if (sfd->file_nbytes)
- file_bytes = sfd->file_nbytes;
- else
- file_bytes = info.size - sfd->file_offset;
-
-#if defined(WIN32)
- {
- SYSTEM_INFO sysinfo;
- GetSystemInfo(&sysinfo);
- pagesize = sysinfo.dwAllocationGranularity;
- }
-#else
- pagesize = PR_GetPageSize();
-#endif
- /*
- * If the file is large, mmap and send the file in chunks so as
- * to not consume too much virtual address space
- */
- if (!sfd->file_offset || !(sfd->file_offset & (pagesize - 1))) {
- /*
- * case 1: page-aligned file offset
- */
- mmap_len = PR_MIN(file_bytes, SENDFILE_MMAP_CHUNK);
- len = mmap_len;
- file_mmap_offset = sfd->file_offset;
- addr_offset = 0;
- } else {
- /*
- * case 2: non page-aligned file offset
- */
- /* find previous page boundary */
- file_mmap_offset = (sfd->file_offset & ~(pagesize - 1));
-
- /* number of initial bytes to skip in mmap'd segment */
- addr_offset = sfd->file_offset - file_mmap_offset;
- PR_ASSERT(addr_offset > 0);
- mmap_len = PR_MIN(file_bytes + addr_offset, SENDFILE_MMAP_CHUNK);
- len = mmap_len - addr_offset;
- }
- /*
- * Map in (part of) file. Take care of zero-length files.
- */
- if (len > 0) {
- mapHandle = PR_CreateFileMap(sfd->fd, info.size, PR_PROT_READONLY);
- if (!mapHandle) {
- count = -1;
- goto done;
- }
- addr = PR_MemMap(mapHandle, file_mmap_offset, mmap_len);
- if (!addr) {
- count = -1;
- goto done;
- }
- }
- /*
- * send headers, first, followed by the file
- */
- if (sfd->hlen) {
- iov[index].iov_base = (char *) sfd->header;
- iov[index].iov_len = sfd->hlen;
- index++;
- }
- if (len) {
- iov[index].iov_base = (char*)addr + addr_offset;
- iov[index].iov_len = len;
- index++;
- }
- if ((file_bytes == len) && (sfd->tlen)) {
- /*
- * all file data is mapped in; send the trailer too
- */
- iov[index].iov_base = (char *) sfd->trailer;
- iov[index].iov_len = sfd->tlen;
- index++;
- }
- rv = PR_Writev(sd, iov, index, timeout);
- if (len)
- PR_MemUnmap(addr, mmap_len);
- if (rv < 0) {
- count = -1;
- goto done;
- }
-
- PR_ASSERT(rv == sfd->hlen + len + ((len == file_bytes) ? sfd->tlen : 0));
-
- file_bytes -= len;
- count += rv;
- if (!file_bytes) /* header, file and trailer are sent */
- goto done;
-
- /*
- * send remaining bytes of the file, if any
- */
- len = PR_MIN(file_bytes, SENDFILE_MMAP_CHUNK);
- while (len > 0) {
- /*
- * Map in (part of) file
- */
- file_mmap_offset = sfd->file_offset + count - sfd->hlen;
- PR_ASSERT((file_mmap_offset % pagesize) == 0);
-
- addr = PR_MemMap(mapHandle, file_mmap_offset, len);
- if (!addr) {
- count = -1;
- goto done;
- }
- rv = PR_Send(sd, addr, len, 0, timeout);
- PR_MemUnmap(addr, len);
- if (rv < 0) {
- count = -1;
- goto done;
- }
-
- PR_ASSERT(rv == len);
- file_bytes -= rv;
- count += rv;
- len = PR_MIN(file_bytes, SENDFILE_MMAP_CHUNK);
- }
- PR_ASSERT(0 == file_bytes);
- if (sfd->tlen) {
- rv = PR_Send(sd, sfd->trailer, sfd->tlen, 0, timeout);
- if (rv >= 0) {
- PR_ASSERT(rv == sfd->tlen);
- count += rv;
- } else
- count = -1;
- }
-done:
- if (mapHandle)
- PR_CloseFileMap(mapHandle);
- if ((count >= 0) && (flags & PR_TRANSMITFILE_CLOSE_SOCKET))
- PR_Close(sd);
- return count;
-}
-#endif /* UNIX and NT */
diff --git a/security/nss/lib/ssl/manifest.mn b/security/nss/lib/ssl/manifest.mn
deleted file mode 100644
index 066c5620c..000000000
--- a/security/nss/lib/ssl/manifest.mn
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-# DEFINES = -DTRACE
-
-
-PRIVATE_EXPORTS = \
- ssl3prot.h \
- sslimpl.h \
- $(NULL)
-
-EXPORTS = \
- ssl.h \
- sslt.h \
- sslerr.h \
- sslproto.h \
- preenc.h \
- $(NULL)
-
-MODULE = security
-MAPFILE = $(OBJDIR)/ssl.def
-
-CSRCS = \
- emulate.c \
- prelib.c \
- ssl3con.c \
- ssl3gthr.c \
- sslauth.c \
- sslcon.c \
- ssldef.c \
- sslenum.c \
- sslerr.c \
- sslgathr.c \
- sslmutex.c \
- sslnonce.c \
- sslreveal.c \
- sslsecur.c \
- sslsnce.c \
- sslsock.c \
- ssltrace.c \
- sslver.c \
- authcert.c \
- cmpcert.c \
- nsskea.c \
- sslinfo.c \
- $(NULL)
-
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = ssl
-LIBRARY_VERSION = 3
diff --git a/security/nss/lib/ssl/notes.txt b/security/nss/lib/ssl/notes.txt
deleted file mode 100644
index a36f242ee..000000000
--- a/security/nss/lib/ssl/notes.txt
+++ /dev/null
@@ -1,161 +0,0 @@
-The contents of this file are subject to the Mozilla Public
-License Version 1.1 (the "License"); you may not use this file
-except in compliance with the License. You may obtain a copy of
-the License at http://www.mozilla.org/MPL/
-
-Software distributed under the License is distributed on an "AS
-IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-implied. See the License for the specific language governing
-rights and limitations under the License.
-
-The Original Code is the Netscape security libraries.
-
-The Initial Developer of the Original Code is Netscape
-Communications Corporation. Portions created by Netscape are
-Copyright (C) 1994-2000 Netscape Communications Corporation. All
-Rights Reserved.
-
-Contributor(s):
-
-Alternatively, the contents of this file may be used under the
-terms of the GNU General Public License Version 2 or later (the
-"GPL"), in which case the provisions of the GPL are applicable
-instead of those above. If you wish to allow use of your
-version of this file only under the terms of the GPL and not to
-allow others to use your version of this file under the MPL,
-indicate your decision by deleting the provisions above and
-replace them with the notice and other provisions required by
-the GPL. If you do not delete the provisions above, a recipient
-may use your version of this file under either the MPL or the
-GPL.
-
-SSL's Buffers: enumerated and explained.
-
----------------------------------------------------------------------------
-incoming:
-
-gs = ss->gather
-hs = ss->ssl3->hs
-
-gs->inbuf SSL3 only: incoming (encrypted) ssl records are placed here,
- and then decrypted (or copied) to gs->buf.
-
-gs->buf SSL2: incoming SSL records are put here, and then decrypted
- in place.
- SSL3: ssl3_HandleHandshake puts decrypted ssl records here.
-
-hs.msg_body (SSL3 only) When an incoming handshake message spans more
- than one ssl record, the first part(s) of it are accumulated
- here until it all arrives.
-
-hs.msgState (SSL3 only) an alternative set of pointers/lengths for gs->buf.
- Used only when a handleHandshake function returns SECWouldBlock.
- ssl3_HandleHandshake remembers how far it previously got by
- using these pointers instead of gs->buf when it is called
- after a previous SECWouldBlock return.
-
----------------------------------------------------------------------------
-outgoing:
-
-sec = ss->sec
-ci = ss->sec->ci /* connect info */
-
-ci->sendBuf Outgoing handshake messages are appended to this buffer.
- This buffer will then be sent as a single SSL record.
-
-sec->writeBuf outgoing ssl records are constructed here and encrypted in
- place before being written or copied to pendingBuf.
-
-ss->pendingBuf contains outgoing ciphertext that was saved after a write
- attempt to the socket failed, e.g. EWouldBlock.
- Generally empty with blocking sockets (should be no incomplete
- writes).
-
-ss->saveBuf Used only by socks code. Intended to be used to buffer
- outgoing data until a socks handshake completes. However,
- this buffer is always empty. There is no code to put
- anything into it.
-
----------------------------------------------------------------------------
-
-SECWouldBlock means that the function cannot make progress because it is
-waiting for some event OTHER THAN socket I/O completion (e.g. waiting for
-user dialog to finish). It is not the same as EWOULDBLOCK.
-
----------------------------------------------------------------------------
-
-Rank (order) of locks
-
-[ReadLock ->]\ [firstHandshake ->] [ssl3Handshake ->] recvbuf \ -> "spec"
-[WriteLock->]/ xmitbuf /
-
-crypto and hash Data that must be protected while turning plaintext into
-ciphertext:
-
-SSL2: (in ssl2_Send*)
- sec->hash*
- sec->hashcx (ptr and data)
- sec->enc
- sec->writecx* (ptr and content)
- sec->sendSecret*(ptr and content)
- sec->sendSequence locked by xmitBufLock
- sec->blockSize
- sec->writeBuf* (ptr & content) locked by xmitBufLock
- "in" locked by xmitBufLock
-
-SSl3: (in ssl3_SendPlainText)
- ss->ssl3 (the pointer)
- ss->ssl3->current_write* (the pointer and the data in the spec
- and any data referenced by the spec.
-
- ss->sec->isServer
- ss->sec->writebuf* (ptr & content) locked by xmitBufLock
- "buf" locked by xmitBufLock
-
-crypto and hash data that must be protected while turning ciphertext into
-plaintext:
-
-SSL2: (in ssl2_GatherData)
- gs->* (locked by recvBufLock )
- sec->dec
- sec->readcx
- sec->hash* (ptr and data)
- sec->hashcx (ptr and data)
-
-SSL3: (in ssl3_HandleRecord )
- ssl3->current_read* (the pointer and all data refernced)
- ss->sec->isServer
-
-
-Data that must be protected while being used by a "writer":
-
-ss->pendingBuf.*
-ss->saveBuf.* (which is dead)
-
-in ssl3_sendPlainText
-
-ss->ssl3->current_write-> (spec)
-ss->sec->writeBuf.*
-ss->sec->isServer
-
-in SendBlock
-
-ss->sec->hash->length
-ss->sec->blockSize
-ss->sec->writeBuf.*
-ss->sec->sendSecret
-ss->sec->sendSequence
-ss->sec->writecx *
-ss->pendingBuf
-
---------------------------------------------------------------------------
-
-Data variables (not const) protected by the "sslGlobalDataLock".
-Note, this really should be a reader/writer lock.
-
-allowedByPolicy sslcon.c
-maybeAllowedByPolicy sslcon.c
-chosenPreference sslcon.c
-policyWasSet sslcon.c
-
-cipherSuites[] ssl3con.c
diff --git a/security/nss/lib/ssl/nsskea.c b/security/nss/lib/ssl/nsskea.c
deleted file mode 100644
index ec7be1735..000000000
--- a/security/nss/lib/ssl/nsskea.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Return SSLKEAType derived from cert's Public Key algorithm info.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- # $Id$
- */
-
-#include "cert.h"
-#include "ssl.h" /* for SSLKEAType */
-#include "secoid.h"
-
-SSLKEAType
-NSS_FindCertKEAType(CERTCertificate * cert)
-{
- SSLKEAType keaType = kt_null;
- int tag;
-
- if (!cert) goto loser;
-
- tag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
- switch (tag) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- keaType = kt_rsa;
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_DSS:
- keaType = kt_fortezza;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- keaType = kt_dh;
- break;
- default:
- keaType = kt_null;
- }
-
- loser:
-
- return keaType;
-
-}
-
diff --git a/security/nss/lib/ssl/os2_err.c b/security/nss/lib/ssl/os2_err.c
deleted file mode 100644
index 77d49df2f..000000000
--- a/security/nss/lib/ssl/os2_err.c
+++ /dev/null
@@ -1,310 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "prlog.h"
-#include <errno.h>
-
-
-/*
- * Based on win32err.c
- * OS2TODO Stub everything for now to build. HCT
- */
-
-/* forward declaration. */
-void nss_MD_os2_map_default_error(PRInt32 err);
-
-void nss_MD_os2_map_opendir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_closedir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_readdir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_delete_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-/* The error code for stat() is in errno. */
-void nss_MD_os2_map_stat_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_fstat_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_rename_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-/* The error code for access() is in errno. */
-void nss_MD_os2_map_access_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_mkdir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_rmdir_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_read_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_transmitfile_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_write_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_lseek_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_fsync_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-/*
- * For both CloseHandle() and closesocket().
- */
-void nss_MD_os2_map_close_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_socket_error(PRInt32 err)
-{
-// PR_ASSERT(err != WSANOTINITIALISED);
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_recv_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_recvfrom_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_send_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_sendto_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_accept_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-// case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_acceptex_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_connect_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEWOULDBLOCK: prError = PR_IN_PROGRESS_ERROR; break;
-// case WSAEINVAL: prError = PR_ALREADY_INITIATED_ERROR; break;
-// case WSAETIMEDOUT: prError = PR_IO_TIMEOUT_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_bind_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEINVAL: prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_listen_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-// case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_shutdown_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_getsockname_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_getpeername_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_getsockopt_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_setsockopt_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_open_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-void nss_MD_os2_map_gethostname_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-/* Win32 select() only works on sockets. So in this
-** context, WSAENOTSOCK is equivalent to EBADF on Unix.
-*/
-void nss_MD_os2_map_select_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
-// case WSAENOTSOCK: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- default: nss_MD_os2_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_os2_map_lockf_error(PRInt32 err)
-{
- nss_MD_os2_map_default_error(err);
-}
-
-
-
-void nss_MD_os2_map_default_error(PRInt32 err)
-{
- PRErrorCode prError;
-
- switch (err) {
-// case ENOENT: prError = PR_FILE_NOT_FOUND_ERROR; break;
-// case ERROR_ACCESS_DENIED: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
-// case ERROR_ALREADY_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
-// case ERROR_DISK_CORRUPT: prError = PR_IO_ERROR; break;
-// case ERROR_DISK_FULL: prError = PR_NO_DEVICE_SPACE_ERROR; break;
-// case ERROR_DISK_OPERATION_FAILED: prError = PR_IO_ERROR; break;
-// case ERROR_DRIVE_LOCKED: prError = PR_FILE_IS_LOCKED_ERROR; break;
-// case ERROR_FILENAME_EXCED_RANGE: prError = PR_NAME_TOO_LONG_ERROR; break;
-// case ERROR_FILE_CORRUPT: prError = PR_IO_ERROR; break;
-// case ERROR_FILE_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
-// case ERROR_FILE_INVALID: prError = PR_BAD_DESCRIPTOR_ERROR; break;
-#if ERROR_FILE_NOT_FOUND != ENOENT
-// case ERROR_FILE_NOT_FOUND: prError = PR_FILE_NOT_FOUND_ERROR; break;
-#endif
- default: prError = PR_UNKNOWN_ERROR; break;
- }
- PR_SetError(prError, err);
-}
-
diff --git a/security/nss/lib/ssl/os2_err.h b/security/nss/lib/ssl/os2_err.h
deleted file mode 100644
index 7f80c0177..000000000
--- a/security/nss/lib/ssl/os2_err.h
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * This code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* NSPR doesn't make these functions public, so we have to duplicate
-** them in NSS.
-*/
-
-//HCT Based on Win32err.h
-extern void nss_MD_os2_map_accept_error(PRInt32 err);
-extern void nss_MD_os2_map_acceptex_error(PRInt32 err);
-extern void nss_MD_os2_map_access_error(PRInt32 err);
-extern void nss_MD_os2_map_bind_error(PRInt32 err);
-extern void nss_MD_os2_map_close_error(PRInt32 err);
-extern void nss_MD_os2_map_closedir_error(PRInt32 err);
-extern void nss_MD_os2_map_connect_error(PRInt32 err);
-extern void nss_MD_os2_map_default_error(PRInt32 err);
-extern void nss_MD_os2_map_delete_error(PRInt32 err);
-extern void nss_MD_os2_map_fstat_error(PRInt32 err);
-extern void nss_MD_os2_map_fsync_error(PRInt32 err);
-extern void nss_MD_os2_map_gethostname_error(PRInt32 err);
-extern void nss_MD_os2_map_getpeername_error(PRInt32 err);
-extern void nss_MD_os2_map_getsockname_error(PRInt32 err);
-extern void nss_MD_os2_map_getsockopt_error(PRInt32 err);
-extern void nss_MD_os2_map_listen_error(PRInt32 err);
-extern void nss_MD_os2_map_lockf_error(PRInt32 err);
-extern void nss_MD_os2_map_lseek_error(PRInt32 err);
-extern void nss_MD_os2_map_mkdir_error(PRInt32 err);
-extern void nss_MD_os2_map_open_error(PRInt32 err);
-extern void nss_MD_os2_map_opendir_error(PRInt32 err);
-extern void nss_MD_os2_map_read_error(PRInt32 err);
-extern void nss_MD_os2_map_readdir_error(PRInt32 err);
-extern void nss_MD_os2_map_recv_error(PRInt32 err);
-extern void nss_MD_os2_map_recvfrom_error(PRInt32 err);
-extern void nss_MD_os2_map_rename_error(PRInt32 err);
-extern void nss_MD_os2_map_rmdir_error(PRInt32 err);
-extern void nss_MD_os2_map_select_error(PRInt32 err);
-extern void nss_MD_os2_map_send_error(PRInt32 err);
-extern void nss_MD_os2_map_sendto_error(PRInt32 err);
-extern void nss_MD_os2_map_setsockopt_error(PRInt32 err);
-extern void nss_MD_os2_map_shutdown_error(PRInt32 err);
-extern void nss_MD_os2_map_socket_error(PRInt32 err);
-extern void nss_MD_os2_map_stat_error(PRInt32 err);
-extern void nss_MD_os2_map_transmitfile_error(PRInt32 err);
-extern void nss_MD_os2_map_write_error(PRInt32 err);
diff --git a/security/nss/lib/ssl/preenc.h b/security/nss/lib/ssl/preenc.h
deleted file mode 100644
index 3dfbe1e92..000000000
--- a/security/nss/lib/ssl/preenc.h
+++ /dev/null
@@ -1,161 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil -*- */
-
-/*
- * Functions and types used by https servers to send (download) pre-encrypted
- * files over SSL connections that use Fortezza ciphersuites.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prio.h"
-
-typedef struct PEHeaderStr PEHeader;
-
-#define PE_MIME_TYPE "application/pre-encrypted"
-
-
-/*
- * unencrypted header. The 'top' half of this header is generic. The union
- * is type specific, and may include bulk cipher type information
- * (Fortezza supports only Fortezza Bulk encryption). Only fortezza
- * pre-encrypted is defined.
- */
-typedef struct PEFortezzaHeaderStr PEFortezzaHeader;
-typedef struct PEFortezzaGeneratedHeaderStr PEFortezzaGeneratedHeader;
-typedef struct PEFixedKeyHeaderStr PEFixedKeyHeader;
-typedef struct PERSAKeyHeaderStr PERSAKeyHeader;
-
-struct PEFortezzaHeaderStr {
- unsigned char key[12]; /* Ks wrapped MEK */
- unsigned char iv[24]; /* iv for this MEK */
- unsigned char hash[20]; /* SHA hash of file */
- unsigned char serial[8]; /* serial number of the card that owns
- * Ks */
-};
-
-struct PEFortezzaGeneratedHeaderStr {
- unsigned char key[12]; /* TEK wrapped MEK */
- unsigned char iv[24]; /* iv for this MEK */
- unsigned char hash[20]; /* SHA hash of file */
- unsigned char Ra[128]; /* RA to generate TEK */
- unsigned char Y[128]; /* Y to generate TEK */
-};
-
-struct PEFixedKeyHeaderStr {
- unsigned char pkcs11Mech[4]; /* Symetric key operation */
- unsigned char labelLen[2]; /* length of the token label */
- unsigned char keyIDLen[2]; /* length of the token Key ID */
- unsigned char ivLen[2]; /* length of IV */
- unsigned char keyLen[2]; /* length of key (DES3_ECB encrypted) */
- unsigned char data[1]; /* start of data */
-};
-
-struct PERSAKeyHeaderStr {
- unsigned char pkcs11Mech[4]; /* Symetric key operation */
- unsigned char issuerLen[2]; /* length of cert issuer */
- unsigned char serialLen[2]; /* length of the cert serial */
- unsigned char ivLen[2]; /* length of IV */
- unsigned char keyLen[2]; /* length of key (RSA encrypted) */
- unsigned char data[1]; /* start of data */
-};
-
-/* macros to get at the variable length data fields */
-#define PEFIXED_Label(header) (header->data)
-#define PEFIXED_KeyID(header) (&header->data[GetInt2(header->labelLen)])
-#define PEFIXED_IV(header) (&header->data[GetInt2(header->labelLen)\
- +GetInt2(header->keyIDLen)])
-#define PEFIXED_Key(header) (&header->data[GetInt2(header->labelLen)\
- +GetInt2(header->keyIDLen)+GetInt2(header->keyLen)])
-#define PERSA_Issuer(header) (header->data)
-#define PERSA_Serial(header) (&header->data[GetInt2(header->issuerLen)])
-#define PERSA_IV(header) (&header->data[GetInt2(header->issuerLen)\
- +GetInt2(header->serialLen)])
-#define PERSA_Key(header) (&header->data[GetInt2(header->issuerLen)\
- +GetInt2(header->serialLen)+GetInt2(header->keyLen)])
-struct PEHeaderStr {
- unsigned char magic [2]; /* always 0xC0DE */
- unsigned char len [2]; /* length of PEHeader */
- unsigned char type [2]; /* FORTEZZA, DIFFIE-HELMAN, RSA */
- unsigned char version[2]; /* version number: 1.0 */
- union {
- PEFortezzaHeader fortezza;
- PEFortezzaGeneratedHeader g_fortezza;
- PEFixedKeyHeader fixed;
- PERSAKeyHeader rsa;
- } u;
-};
-
-#define PE_CRYPT_INTRO_LEN 8
-#define PE_INTRO_LEN 4
-#define PE_BASE_HEADER_LEN 8
-
-#define PRE_BLOCK_SIZE 8 /* for decryption blocks */
-
-
-/*
- * Platform neutral encode/decode macros.
- */
-#define GetInt2(c) ((c[0] << 8) | c[1])
-#define GetInt4(c) (((unsigned long)c[0] << 24)|((unsigned long)c[1] << 16)\
- |((unsigned long)c[2] << 8)| ((unsigned long)c[3]))
-#define PutInt2(c,i) ((c[1] = (i) & 0xff), (c[0] = ((i) >> 8) & 0xff))
-#define PutInt4(c,i) ((c[0]=((i) >> 24) & 0xff),(c[1]=((i) >> 16) & 0xff),\
- (c[2] = ((i) >> 8) & 0xff), (c[3] = (i) & 0xff))
-
-/*
- * magic numbers.
- */
-#define PRE_MAGIC 0xc0de
-#define PRE_VERSION 0x1010
-#define PRE_FORTEZZA_FILE 0x00ff /* pre-encrypted file on disk */
-#define PRE_FORTEZZA_STREAM 0x00f5 /* pre-encrypted file in stream */
-#define PRE_FORTEZZA_GEN_STREAM 0x00f6 /* Generated pre-encrypted file */
-#define PRE_FIXED_FILE 0x000f /* fixed key on disk */
-#define PRE_RSA_FILE 0x001f /* RSA in file */
-#define PRE_FIXED_STREAM 0x0005 /* fixed key in stream */
-
-/*
- * internal implementation info
- */
-
-
-/* convert an existing stream header to a version with local parameters */
-PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *,
- int *headerSize);
-
-/* convert an existing file header to one suitable for streaming out */
-PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *,
- int *headerSize);
-
diff --git a/security/nss/lib/ssl/prelib.c b/security/nss/lib/ssl/prelib.c
deleted file mode 100644
index 1c7351a39..000000000
--- a/security/nss/lib/ssl/prelib.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil -*- */
-
-/*
- * Functions used by https servers to send (download) pre-encrypted files
- * over SSL connections that use Fortezza ciphersuites.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "keyhi.h"
-#include "secitem.h"
-#include "sslimpl.h"
-#include "pkcs11t.h"
-#include "preenc.h"
-#include "pk11func.h"
-
-static unsigned char fromHex(char x) {
- if ((x >= '0') && (x <= '9')) return x-'0';
- if ((x >= 'a') && (x <= 'f')) return x-'a'+10;
- return x-'A'+10;
-}
-
-PEHeader *SSL_PreencryptedStreamToFile(PRFileDesc *fd, PEHeader *inHeader,
- int *headerSize)
-{
- PK11SymKey *key, *tek, *Ks;
- sslSocket *ss;
- PK11SlotInfo *slot;
- CK_TOKEN_INFO info;
- int oldHeaderSize;
- PEHeader *header;
- SECStatus rv;
- SECItem item;
- int i;
-
- if (fd == NULL) {
- /* XXX set an error */
- return NULL;
- }
-
- ss = ssl_FindSocket(fd);
- if (ss == NULL) {
- return NULL;
- }
-
- PORT_Assert(ss->ssl3 != NULL);
- if (ss->ssl3 == NULL) {
- return NULL;
- }
-
- if (GetInt2(inHeader->magic) != PRE_MAGIC) {
- return NULL;
- }
-
- oldHeaderSize = GetInt2(inHeader->len);
- header = (PEHeader *) PORT_ZAlloc(oldHeaderSize);
- if (header == NULL) {
- return NULL;
- }
-
- switch (GetInt2(inHeader->type)) {
- case PRE_FORTEZZA_FILE:
- case PRE_FORTEZZA_GEN_STREAM:
- case PRE_FIXED_FILE:
- case PRE_RSA_FILE:
- default:
- *headerSize = oldHeaderSize;
- PORT_Memcpy(header,inHeader,oldHeaderSize);
- return header;
-
- case PRE_FORTEZZA_STREAM:
- *headerSize = PE_BASE_HEADER_LEN + sizeof(PEFortezzaHeader);
- PutInt2(header->magic,PRE_MAGIC);
- PutInt2(header->len,*headerSize);
- PutInt2(header->type, PRE_FORTEZZA_FILE);
- PORT_Memcpy(header->version,inHeader->version,sizeof(header->version));
- PORT_Memcpy(header->u.fortezza.hash,inHeader->u.fortezza.hash,
- sizeof(header->u.fortezza.hash));
- PORT_Memcpy(header->u.fortezza.iv,inHeader->u.fortezza.iv,
- sizeof(header->u.fortezza.iv));
-
- /* get the kea context from the session */
- tek = ss->ssl3->fortezza.tek;
- if (tek == NULL) {
- PORT_Free(header);
- return NULL;
- }
-
-
- /* get the slot and the serial number */
- slot = PK11_GetSlotFromKey(tek);
- if (slot == NULL) {
- PORT_Free(header);
- return NULL;
- }
- rv = PK11_GetTokenInfo(slot,&info);
- if (rv != SECSuccess) {
- PORT_Free(header);
- PK11_FreeSlot(slot);
- return NULL;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL, ss->pkcs11PinArg);
- PK11_FreeSlot(slot);
- if (Ks == NULL) {
- PORT_Free(header);
- return NULL;
- }
-
- /* unwrap the key with the TEK */
- item.data = inHeader->u.fortezza.key;
- item.len = sizeof(inHeader->u.fortezza.key);
- key = PK11_UnwrapSymKey(tek,CKM_SKIPJACK_WRAP,
- NULL, &item, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- if (key == NULL) {
- PORT_Free(header);
- PK11_FreeSymKey(Ks);
- return NULL;
- }
-
- /* rewrap with the local Ks */
- item.data = header->u.fortezza.key;
- item.len = sizeof(header->u.fortezza.key);
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks, key, &item);
- PK11_FreeSymKey(Ks);
- PK11_FreeSymKey(key);
- if (rv != SECSuccess) {
- PORT_Free(header);
- return NULL;
- }
-
- /* copy our local serial number into header */
- for (i=0; i < sizeof(header->u.fortezza.serial); i++) {
- header->u.fortezza.serial[i] =
- (fromHex(info.serialNumber[i*2]) << 4) |
- fromHex(info.serialNumber[i*2 + 1]);
- }
- break;
- case PRE_FIXED_STREAM:
- /* not implemented yet */
- PORT_Free(header);
- return NULL;
- }
-
- return(header);
-}
-
-/*
- * this one needs to allocate space and work for RSA & FIXED key files as well
- */
-PEHeader *SSL_PreencryptedFileToStream(PRFileDesc *fd, PEHeader *header,
- int *headerSize)
-{
- PK11SymKey *key, *tek, *Ks;
- sslSocket *ss;
- PK11SlotInfo *slot;
- SECStatus rv;
- SECItem item;
-
- *headerSize = 0; /* hack */
-
- if (fd == NULL) {
- /* XXX set an error */
- return NULL;
- }
-
- ss = ssl_FindSocket(fd);
- if (ss == NULL) {
- return NULL;
- }
-
- PORT_Assert(ss->ssl3 != NULL);
- if (ss->ssl3 == NULL) {
- return NULL;
- }
-
- /* get the kea context from the session */
- tek = ss->ssl3->fortezza.tek;
- if (tek == NULL) {
- return NULL;
- }
-
- slot = PK11_GetSlotFromKey(tek);
- if (slot == NULL) return NULL;
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL, PK11_GetWindow(tek));
- PK11_FreeSlot(slot);
- if (Ks == NULL) return NULL;
-
-
- /* unwrap with the local Ks */
- item.data = header->u.fortezza.key;
- item.len = sizeof(header->u.fortezza.key);
- /* rewrap the key with the TEK */
- key = PK11_UnwrapSymKey(Ks,CKM_SKIPJACK_WRAP,
- NULL, &item, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- if (key == NULL) {
- PK11_FreeSymKey(Ks);
- return NULL;
- }
-
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, key, &item);
- PK11_FreeSymKey(Ks);
- PK11_FreeSymKey(key);
- if (rv != SECSuccess) {
- return NULL;
- }
-
- /* copy over our local serial number */
- PORT_Memset(header->u.fortezza.serial,0,sizeof(header->u.fortezza.serial));
-
- /* change type to stream */
- PutInt2(header->type, PRE_FORTEZZA_STREAM);
-
- return(header);
-}
-
-
diff --git a/security/nss/lib/ssl/ssl.def b/security/nss/lib/ssl/ssl.def
deleted file mode 100644
index 89e23dde3..000000000
--- a/security/nss/lib/ssl/ssl.def
+++ /dev/null
@@ -1,120 +0,0 @@
-;+#
-;+# The contents of this file are subject to the Mozilla Public
-;+# License Version 1.1 (the "License"); you may not use this file
-;+# except in compliance with the License. You may obtain a copy of
-;+# the License at http://www.mozilla.org/MPL/
-;+#
-;+# Software distributed under the License is distributed on an "AS
-;+# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-;+# implied. See the License for the specific language governing
-;+# rights and limitations under the License.
-;+#
-;+# The Original Code is the Netscape security libraries.
-;+#
-;+# The Initial Developer of the Original Code is Netscape
-;+# Communications Corporation. Portions created by Netscape are
-;+# Copyright (C) 2000 Netscape Communications Corporation. All
-;+# Rights Reserved.
-;+#
-;+# Contributor(s):
-;+#
-;+# Alternatively, the contents of this file may be used under the
-;+# terms of the GNU General Public License Version 2 or later (the
-;+# "GPL"), in which case the provisions of the GPL are applicable
-;+# instead of those above. If you wish to allow use of your
-;+# version of this file only under the terms of the GPL and not to
-;+# allow others to use your version of this file under the MPL,
-;+# indicate your decision by deleting the provisions above and
-;+# replace them with the notice and other provisions required by
-;+# the GPL. If you do not delete the provisions above, a recipient
-;+# may use your version of this file under either the MPL or the
-;+# GPL.
-;+#
-;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS
-;+# 1. For all unix platforms, the string ";-" means "remove this line"
-;+# 2. For all unix platforms, the string " DATA " will be removed from any
-;+# line on which it occurs.
-;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX.
-;+# On AIX, lines containing ";+" will be removed.
-;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed.
-;+# 5. For all unix platforms, after the above processing has taken place,
-;+# all characters after the first ";" on the line will be removed.
-;+# And for AIX, the first ";" will also be removed.
-;+# This file is passed directly to windows. Since ';' is a comment, all UNIX
-;+# directives are hidden behind ";", ";+", and ";-"
-;+
-;+NSS_3.2 { # NSS 3.2 release
-;+ global:
-LIBRARY ssl3 ;-
-EXPORTS ;-
-SSL_ImplementedCiphers DATA ;
-SSL_NumImplementedCiphers DATA ;
-NSS_CmpCertChainWCANames;
-NSS_FindCertKEAType;
-NSS_GetClientAuthData;
-NSS_SetDomesticPolicy;
-NSS_SetExportPolicy;
-NSS_SetFrancePolicy;
-SSL_AuthCertificate;
-SSL_AuthCertificateHook;
-SSL_BadCertHook;
-SSL_CertDBHandleSet;
-SSL_CipherPolicyGet;
-SSL_CipherPolicySet;
-SSL_CipherPrefGet;
-SSL_CipherPrefGetDefault;
-SSL_CipherPrefSet;
-SSL_CipherPrefSetDefault;
-SSL_ClearSessionCache;
-SSL_ConfigMPServerSIDCache;
-SSL_ConfigSecureServer;
-SSL_ConfigServerSessionIDCache;
-SSL_DataPending;
-SSL_ForceHandshake;
-SSL_GetClientAuthDataHook;
-SSL_GetSessionID;
-SSL_GetStatistics;
-SSL_HandshakeCallback;
-SSL_ImportFD;
-SSL_InheritMPServerSIDCache;
-SSL_InvalidateSession;
-SSL_OptionGet;
-SSL_OptionGetDefault;
-SSL_OptionSet;
-SSL_OptionSetDefault;
-SSL_PeerCertificate;
-SSL_PreencryptedFileToStream;
-SSL_PreencryptedStreamToFile;
-SSL_ReHandshake;
-SSL_ResetHandshake;
-SSL_RestartHandshakeAfterCertReq;
-SSL_RestartHandshakeAfterServerCert;
-SSL_RevealCert;
-SSL_RevealPinArg;
-SSL_RevealURL;
-SSL_SecurityStatus;
-SSL_SetPKCS11PinArg;
-SSL_SetSockPeerID;
-SSL_SetURL;
-;+ local:
-;+*;
-;+};
-;+NSS_3.2.1 { # NSS 3.2.1 release
-;+ global:
-NSSSSL_VersionCheck;
-;+ local:
-;+*;
-;+};
-;+NSS_3.4 { # NSS 3.4 release
-;+ global:
-;+# We have not yet decided whether these functions will be exported
-;+# in the final 3.4 release, so please treat them as exported private
-;+# functions for now.
-SSL_GetMaxServerCacheLocks;
-SSL_SetMaxServerCacheLocks;
-SSL_GetChannelInfo;
-SSL_GetCipherSuiteInfo;
-SSL_LocalCertificate;
-;+ local:
-;+*;
-;+};
diff --git a/security/nss/lib/ssl/ssl.h b/security/nss/lib/ssl/ssl.h
deleted file mode 100644
index 34f5cbf24..000000000
--- a/security/nss/lib/ssl/ssl.h
+++ /dev/null
@@ -1,439 +0,0 @@
-/*
- * This file contains prototypes for the public SSL functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __ssl_h_
-#define __ssl_h_
-
-#include "prtypes.h"
-#include "prerror.h"
-#include "prio.h"
-#include "seccomon.h"
-#include "cert.h"
-#include "keyt.h"
-
-#include "sslt.h" /* public ssl data types */
-
-#if defined(_WIN32) && !defined(IN_LIBSSL) && !defined(NSS_USE_STATIC_LIBS)
-#define SSL_IMPORT extern __declspec(dllimport)
-#else
-#define SSL_IMPORT extern
-#endif
-
-SEC_BEGIN_PROTOS
-
-/* constant table enumerating all implemented SSL 2 and 3 cipher suites. */
-SSL_IMPORT const PRUint16 SSL_ImplementedCiphers[];
-
-/* number of entries in the above table. */
-SSL_IMPORT const PRUint16 SSL_NumImplementedCiphers;
-
-/* Macro to tell which ciphers in table are SSL2 vs SSL3/TLS. */
-#define SSL_IS_SSL2_CIPHER(which) (((which) & 0xfff0) == 0xff00)
-
-/*
-** Imports fd into SSL, returning a new socket. Copies SSL configuration
-** from model.
-*/
-SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd);
-
-/*
-** Enable/disable an ssl mode
-**
-** SSL_SECURITY:
-** enable/disable use of SSL security protocol before connect
-**
-** SSL_SOCKS:
-** enable/disable use of socks before connect
-** (No longer supported).
-**
-** SSL_REQUEST_CERTIFICATE:
-** require a certificate during secure connect
-*/
-/* options */
-#define SSL_SECURITY 1
-#define SSL_SOCKS 2
-#define SSL_REQUEST_CERTIFICATE 3
-#define SSL_HANDSHAKE_AS_CLIENT 5 /* force accept to hs as client */
-#define SSL_HANDSHAKE_AS_SERVER 6 /* force connect to hs as server */
-#define SSL_ENABLE_SSL2 7 /* enable ssl v2 (on by default) */
-#define SSL_ENABLE_SSL3 8 /* enable ssl v3 (on by default) */
-#define SSL_NO_CACHE 9 /* don't use the session cache */
-#define SSL_REQUIRE_CERTIFICATE 10
-#define SSL_ENABLE_FDX 11 /* permit simultaneous read/write */
-#define SSL_V2_COMPATIBLE_HELLO 12 /* send v3 client hello in v2 fmt */
-#define SSL_ENABLE_TLS 13 /* enable TLS (off by default) */
-#define SSL_ROLLBACK_DETECTION 14 /* for compatibility, default: on */
-
-#ifdef SSL_DEPRECATED_FUNCTION
-/* Old deprecated function names */
-SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRBool on);
-SSL_IMPORT SECStatus SSL_EnableDefault(int option, PRBool on);
-#endif
-
-/* New function names */
-SSL_IMPORT SECStatus SSL_OptionSet(PRFileDesc *fd, PRInt32 option, PRBool on);
-SSL_IMPORT SECStatus SSL_OptionGet(PRFileDesc *fd, PRInt32 option, PRBool *on);
-SSL_IMPORT SECStatus SSL_OptionSetDefault(PRInt32 option, PRBool on);
-SSL_IMPORT SECStatus SSL_OptionGetDefault(PRInt32 option, PRBool *on);
-SSL_IMPORT SECStatus SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle);
-
-/*
-** Control ciphers that SSL uses. If on is non-zero then the named cipher
-** is enabled, otherwise it is disabled.
-** The "cipher" values are defined in sslproto.h (the SSL_EN_* values).
-** EnableCipher records user preferences.
-** SetPolicy sets the policy according to the policy module.
-*/
-#ifdef SSL_DEPRECATED_FUNCTION
-/* Old deprecated function names */
-SSL_IMPORT SECStatus SSL_EnableCipher(long which, PRBool enabled);
-SSL_IMPORT SECStatus SSL_SetPolicy(long which, int policy);
-#endif
-
-/* New function names */
-SSL_IMPORT SECStatus SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 cipher, PRBool enabled);
-SSL_IMPORT SECStatus SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 cipher, PRBool *enabled);
-SSL_IMPORT SECStatus SSL_CipherPrefSetDefault(PRInt32 cipher, PRBool enabled);
-SSL_IMPORT SECStatus SSL_CipherPrefGetDefault(PRInt32 cipher, PRBool *enabled);
-SSL_IMPORT SECStatus SSL_CipherPolicySet(PRInt32 cipher, PRInt32 policy);
-SSL_IMPORT SECStatus SSL_CipherPolicyGet(PRInt32 cipher, PRInt32 *policy);
-
-/* Values for "policy" argument to SSL_PolicySet */
-/* Values returned by SSL_CipherPolicyGet. */
-#define SSL_NOT_ALLOWED 0 /* or invalid or unimplemented */
-#define SSL_ALLOWED 1
-#define SSL_RESTRICTED 2 /* only with "Step-Up" certs. */
-
-/*
-** Reset the handshake state for fd. This will make the complete SSL
-** handshake protocol execute from the ground up on the next i/o
-** operation.
-*/
-SSL_IMPORT SECStatus SSL_ResetHandshake(PRFileDesc *fd, PRBool asServer);
-
-/*
-** Force the handshake for fd to complete immediately. This blocks until
-** the complete SSL handshake protocol is finished.
-*/
-SSL_IMPORT SECStatus SSL_ForceHandshake(PRFileDesc *fd);
-
-/*
-** Query security status of socket. *on is set to one if security is
-** enabled. *keySize will contain the stream key size used. *issuer will
-** contain the RFC1485 verison of the name of the issuer of the
-** certificate at the other end of the connection. For a client, this is
-** the issuer of the server's certificate; for a server, this is the
-** issuer of the client's certificate (if any). Subject is the subject of
-** the other end's certificate. The pointers can be zero if the desired
-** data is not needed. All strings returned by this function are owned
-** by SSL, and will be freed when the socket is closed.
-*/
-SSL_IMPORT SECStatus SSL_SecurityStatus(PRFileDesc *fd, int *on, char **cipher,
- int *keySize, int *secretKeySize,
- char **issuer, char **subject);
-
-/* Values for "on" */
-#define SSL_SECURITY_STATUS_NOOPT -1
-#define SSL_SECURITY_STATUS_OFF 0
-#define SSL_SECURITY_STATUS_ON_HIGH 1
-#define SSL_SECURITY_STATUS_ON_LOW 2
-#define SSL_SECURITY_STATUS_FORTEZZA 3
-
-/*
-** Return the certificate for our SSL peer. If the client calls this
-** it will always return the server's certificate. If the server calls
-** this, it may return NULL if client authentication is not enabled or
-** if the client had no certificate when asked.
-** "fd" the socket "file" descriptor
-*/
-SSL_IMPORT CERTCertificate *SSL_PeerCertificate(PRFileDesc *fd);
-
-/*
-** Authenticate certificate hook. Called when a certificate comes in
-** (because of SSL_REQUIRE_CERTIFICATE in SSL_Enable) to authenticate the
-** certificate.
-*/
-typedef SECStatus (PR_CALLBACK *SSLAuthCertificate)(void *arg, PRFileDesc *fd,
- PRBool checkSig,
- PRBool isServer);
-
-SSL_IMPORT SECStatus SSL_AuthCertificateHook(PRFileDesc *fd,
- SSLAuthCertificate f,
- void *arg);
-
-/* An implementation of the certificate authentication hook */
-SSL_IMPORT SECStatus SSL_AuthCertificate(void *arg, PRFileDesc *fd,
- PRBool checkSig, PRBool isServer);
-
-/*
- * Prototype for SSL callback to get client auth data from the application.
- * arg - application passed argument
- * caNames - pointer to distinguished names of CAs that the server likes
- * pRetCert - pointer to pointer to cert, for return of cert
- * pRetKey - pointer to key pointer, for return of key
- */
-typedef SECStatus (PR_CALLBACK *SSLGetClientAuthData)(void *arg,
- PRFileDesc *fd,
- CERTDistNames *caNames,
- CERTCertificate **pRetCert,/*return */
- SECKEYPrivateKey **pRetKey);/* return */
-
-/*
- * Set the client side callback for SSL to retrieve user's private key
- * and certificate.
- * fd - the file descriptor for the connection in question
- * f - the application's callback that delivers the key and cert
- * a - application specific data
- */
-SSL_IMPORT SECStatus SSL_GetClientAuthDataHook(PRFileDesc *fd,
- SSLGetClientAuthData f, void *a);
-
-
-/*
- * Set the client side argument for SSL to retrieve PKCS #11 pin.
- * fd - the file descriptor for the connection in question
- * a - pkcs11 application specific data
- */
-SSL_IMPORT SECStatus SSL_SetPKCS11PinArg(PRFileDesc *fd, void *a);
-
-/*
-** This is a callback for dealing with server certs that are not authenticated
-** by the client. The client app can decide that it actually likes the
-** cert by some external means and restart the connection.
-*/
-typedef SECStatus (PR_CALLBACK *SSLBadCertHandler)(void *arg, PRFileDesc *fd);
-SSL_IMPORT SECStatus SSL_BadCertHook(PRFileDesc *fd, SSLBadCertHandler f,
- void *arg);
-
-/*
-** Configure ssl for running a secure server. Needs the
-** certificate for the server and the servers private key. The arguments
-** are copied.
-*/
-SSL_IMPORT SECStatus SSL_ConfigSecureServer(
- PRFileDesc *fd, CERTCertificate *cert,
- SECKEYPrivateKey *key, SSLKEAType kea);
-
-/*
-** Configure a secure servers session-id cache. Define the maximum number
-** of entries in the cache, the longevity of the entires, and the directory
-** where the cache files will be placed. These values can be zero, and
-** if so, the implementation will choose defaults.
-** This version of the function is for use in applications that have only one
-** process that uses the cache (even if that process has multiple threads).
-*/
-SSL_IMPORT SECStatus SSL_ConfigServerSessionIDCache(int maxCacheEntries,
- PRUint32 timeout,
- PRUint32 ssl3_timeout,
- const char * directory);
-/*
-** Like SSL_ConfigServerSessionIDCache, with one important difference.
-** If the application will run multiple processes (as opposed to, or in
-** addition to multiple threads), then it must call this function, instead
-** of calling SSL_ConfigServerSessionIDCache().
-** This has nothing to do with the number of processORs, only processEs.
-** This function sets up a Server Session ID (SID) cache that is safe for
-** access by multiple processes on the same system.
-*/
-SSL_IMPORT SECStatus SSL_ConfigMPServerSIDCache(int maxCacheEntries,
- PRUint32 timeout,
- PRUint32 ssl3_timeout,
- const char * directory);
-
-/* Get and set the configured maximum number of mutexes used for the
-** server's store of SSL sessions. This value is used by the server
-** session ID cache initialization functions shown above. Note that on
-** some platforms, these mutexes are actually implemented with POSIX
-** semaphores, or with unnamed pipes. The default value varies by platform.
-** An attempt to set a too-low maximum will return an error and the
-** configured value will not be changed.
-*/
-SSL_IMPORT PRUint32 SSL_GetMaxServerCacheLocks(void);
-SSL_IMPORT SECStatus SSL_SetMaxServerCacheLocks(PRUint32 maxLocks);
-
-/* environment variable set by SSL_ConfigMPServerSIDCache, and queried by
- * SSL_InheritMPServerSIDCache when envString is NULL.
- */
-#define SSL_ENV_VAR_NAME "SSL_INHERITANCE"
-
-/* called in child to inherit SID Cache variables.
- * If envString is NULL, this function will use the value of the environment
- * variable "SSL_INHERITANCE", otherwise the string value passed in will be
- * used.
- */
-SSL_IMPORT SECStatus SSL_InheritMPServerSIDCache(const char * envString);
-
-/*
-** Set the callback on a particular socket that gets called when we finish
-** performing a handshake.
-*/
-typedef void (PR_CALLBACK *SSLHandshakeCallback)(PRFileDesc *fd,
- void *client_data);
-SSL_IMPORT SECStatus SSL_HandshakeCallback(PRFileDesc *fd,
- SSLHandshakeCallback cb, void *client_data);
-
-/*
-** For the server, request a new handshake. For the client, begin a new
-** handshake. If flushCache is non-zero, the SSL3 cache entry will be
-** flushed first, ensuring that a full SSL handshake will be done.
-** If flushCache is zero, and an SSL connection is established, it will
-** do the much faster session restart handshake. This will change the
-** session keys without doing another private key operation.
-*/
-SSL_IMPORT SECStatus SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache);
-
-#ifdef SSL_DEPRECATED_FUNCTION
-/* deprecated!
-** For the server, request a new handshake. For the client, begin a new
-** handshake. Flushes SSL3 session cache entry first, ensuring that a
-** full handshake will be done.
-** This call is equivalent to SSL_ReHandshake(fd, PR_TRUE)
-*/
-SSL_IMPORT SECStatus SSL_RedoHandshake(PRFileDesc *fd);
-#endif
-
-/*
- * Allow the application to pass a URL or hostname into the SSL library
- */
-SSL_IMPORT SECStatus SSL_SetURL(PRFileDesc *fd, const char *url);
-
-/*
-** Return the number of bytes that SSL has waiting in internal buffers.
-** Return 0 if security is not enabled.
-*/
-SSL_IMPORT int SSL_DataPending(PRFileDesc *fd);
-
-/*
-** Invalidate the SSL session associated with fd.
-*/
-SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd);
-
-/*
-** Return a SECItem containing the SSL session ID associated with the fd.
-*/
-SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd);
-
-/*
-** Clear out the client's SSL session cache, not the server's session cache.
-*/
-SSL_IMPORT void SSL_ClearSessionCache(void);
-
-/*
-** Set peer information so we can correctly look up SSL session later.
-** You only have to do this if you're tunneling through a proxy.
-*/
-SSL_IMPORT SECStatus SSL_SetSockPeerID(PRFileDesc *fd, char *peerID);
-
-/*
-** Reveal the security information for the peer.
-*/
-SSL_IMPORT CERTCertificate * SSL_RevealCert(PRFileDesc * socket);
-SSL_IMPORT void * SSL_RevealPinArg(PRFileDesc * socket);
-SSL_IMPORT char * SSL_RevealURL(PRFileDesc * socket);
-
-
-/* This callback may be passed to the SSL library via a call to
- * SSL_GetClientAuthDataHook() for each SSL client socket.
- * It will be invoked when SSL needs to know what certificate and private key
- * (if any) to use to respond to a request for client authentication.
- * If arg is non-NULL, it is a pointer to a NULL-terminated string containing
- * the nickname of the cert/key pair to use.
- * If arg is NULL, this function will search the cert and key databases for
- * a suitable match and send it if one is found.
- */
-SSL_IMPORT SECStatus
-NSS_GetClientAuthData(void * arg,
- PRFileDesc * socket,
- struct CERTDistNamesStr * caNames,
- struct CERTCertificateStr ** pRetCert,
- struct SECKEYPrivateKeyStr **pRetKey);
-
-/*
- * Look to see if any of the signers in the cert chain for "cert" are found
- * in the list of caNames.
- * Returns SECSuccess if so, SECFailure if not.
- * Used by NSS_GetClientAuthData. May be used by other callback functions.
- */
-SSL_IMPORT SECStatus NSS_CmpCertChainWCANames(CERTCertificate *cert,
- CERTDistNames *caNames);
-
-/*
- * Returns key exchange type of the keys in an SSL server certificate.
- */
-SSL_IMPORT SSLKEAType NSS_FindCertKEAType(CERTCertificate * cert);
-
-/* Set cipher policies to a predefined Domestic (U.S.A.) policy.
- * This essentially enables all supported ciphers.
- */
-SSL_IMPORT SECStatus NSS_SetDomesticPolicy(void);
-
-/* Set cipher policies to a predefined Policy that is exportable from the USA
- * according to present U.S. policies as we understand them.
- * See documentation for the list.
- * Note that your particular application program may be able to obtain
- * an export license with more or fewer capabilities than those allowed
- * by this function. In that case, you should use SSL_SetPolicy()
- * to explicitly allow those ciphers you may legally export.
- */
-SSL_IMPORT SECStatus NSS_SetExportPolicy(void);
-
-/* Set cipher policies to a predefined Policy that is exportable from the USA
- * according to present U.S. policies as we understand them, and that the
- * nation of France will permit to be imported into their country.
- * See documentation for the list.
- */
-SSL_IMPORT SECStatus NSS_SetFrancePolicy(void);
-
-SSL_IMPORT SSL3Statistics * SSL_GetStatistics(void);
-
-/* Report more information than SSL_SecurityStatus.
-** Caller supplies the info struct. Function fills it in.
-*/
-SSL_IMPORT SECStatus SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info,
- PRUintn len);
-SSL_IMPORT SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite,
- SSLCipherSuiteInfo *info, PRUintn len);
-
-/*
-** Return a new reference to the certificate that was most recently sent
-** to the peer on this SSL/TLS connection, or NULL if none has been sent.
-*/
-SSL_IMPORT CERTCertificate * SSL_LocalCertificate(PRFileDesc *fd);
-
-SEC_END_PROTOS
-
-#endif /* __ssl_h_ */
diff --git a/security/nss/lib/ssl/ssl.rc b/security/nss/lib/ssl/ssl.rc
deleted file mode 100644
index 864c94f94..000000000
--- a/security/nss/lib/ssl/ssl.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nss.h"
-#include <winver.h>
-
-#define MY_LIBNAME "ssl"
-#define MY_FILEDESCRIPTION "NSS SSL Library"
-
-#define STRINGIZE(x) #x
-#define STRINGIZE2(x) STRINGIZE(x)
-#define NSS_VMAJOR_STR STRINGIZE2(NSS_VMAJOR)
-
-#ifdef _DEBUG
-#define MY_DEBUG_STR " (debug)"
-#define MY_FILEFLAGS_1 VS_FF_DEBUG
-#else
-#define MY_DEBUG_STR ""
-#define MY_FILEFLAGS_1 0x0L
-#endif
-#if NSS_BETA
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1|VS_FF_PRERELEASE
-#else
-#define MY_FILEFLAGS_2 MY_FILEFLAGS_1
-#endif
-
-#ifdef WINNT
-#define MY_FILEOS VOS_NT_WINDOWS32
-#else
-#define MY_FILEOS VOS__WINDOWS32
-#endif
-
-#define MY_INTERNAL_NAME MY_LIBNAME NSS_VMAJOR_STR
-
-/////////////////////////////////////////////////////////////////////////////
-//
-// Version-information resource
-//
-
-VS_VERSION_INFO VERSIONINFO
- FILEVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- PRODUCTVERSION NSS_VMAJOR,NSS_VMINOR,NSS_VPATCH,0
- FILEFLAGSMASK VS_FFI_FILEFLAGSMASK
- FILEFLAGS MY_FILEFLAGS_2
- FILEOS MY_FILEOS
- FILETYPE VFT_DLL
- FILESUBTYPE 0x0L // not used
-
-BEGIN
- BLOCK "StringFileInfo"
- BEGIN
- BLOCK "040904B0" // Lang=US English, CharSet=Unicode
- BEGIN
- VALUE "CompanyName", "Netscape Communications Corporation\0"
- VALUE "FileDescription", MY_FILEDESCRIPTION MY_DEBUG_STR "\0"
- VALUE "FileVersion", NSS_VERSION "\0"
- VALUE "InternalName", MY_INTERNAL_NAME "\0"
- VALUE "LegalCopyright", "Copyright \251 1994-2001 Netscape Communications Corporation\0"
- VALUE "OriginalFilename", MY_INTERNAL_NAME ".dll\0"
- VALUE "ProductName", "Network Security Services\0"
- VALUE "ProductVersion", NSS_VERSION "\0"
- END
- END
- BLOCK "VarFileInfo"
- BEGIN
- VALUE "Translation", 0x409, 1200
- END
-END
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
deleted file mode 100644
index 191218c0a..000000000
--- a/security/nss/lib/ssl/ssl3con.c
+++ /dev/null
@@ -1,7967 +0,0 @@
-/*
- * SSL3 Protocol
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "ssl.h"
-#include "cryptohi.h" /* for DSAU_ stuff */
-#include "keyhi.h"
-#include "secder.h"
-#include "secitem.h"
-
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "sslerr.h"
-#include "prtime.h"
-#include "prinrval.h"
-#include "prerror.h"
-#include "pratom.h"
-#include "prthread.h"
-
-#include "pk11func.h"
-#include "secmod.h"
-#include "nsslocks.h"
-
-#include <stdio.h>
-
-#ifndef PK11_SETATTRS
-#define PK11_SETATTRS(x,id,v,l) (x)->type = (id); \
- (x)->pValue=(v); (x)->ulValueLen = (l);
-#endif
-
-static void ssl3_CleanupPeerCerts(ssl3State *ssl3);
-static PK11SymKey *ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
- PK11SlotInfo * serverKeySlot);
-static SECStatus ssl3_GenerateSessionKeys(sslSocket *ss, const PK11SymKey *pms);
-static SECStatus ssl3_HandshakeFailure( sslSocket *ss);
-static SECStatus ssl3_InitState( sslSocket *ss);
-static sslSessionID *ssl3_NewSessionID( sslSocket *ss, PRBool is_server);
-static SECStatus ssl3_SendCertificate( sslSocket *ss);
-static SECStatus ssl3_SendEmptyCertificate( sslSocket *ss);
-static SECStatus ssl3_SendCertificateRequest(sslSocket *ss);
-static SECStatus ssl3_SendFinished( sslSocket *ss, PRInt32 flags);
-static SECStatus ssl3_SendServerHello( sslSocket *ss);
-static SECStatus ssl3_SendServerHelloDone( sslSocket *ss);
-static SECStatus ssl3_SendServerKeyExchange( sslSocket *ss);
-
-static SECStatus Null_Cipher(void *ctx, unsigned char *output, int *outputLen,
- int maxOutputLen, const unsigned char *input,
- int inputLen);
-
-#define MAX_SEND_BUF_LENGTH 32000 /* watch for 16-bit integer overflow */
-#define MIN_SEND_BUF_LENGTH 4000
-
-#define MAX_CIPHER_SUITES 20
-
-/* This list of SSL3 cipher suites is sorted in descending order of
- * precedence (desirability). It only includes cipher suites we implement.
- * This table is modified by SSL3_SetPolicy().
- */
-static ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED] = {
- /* cipher_suite policy enabled is_present*/
- { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-
- { SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_RSA_WITH_RC4_128_MD5, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { TLS_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
-
- { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE},
- { SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
-
- { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_FORTEZZA_DMS_WITH_NULL_SHA, SSL_NOT_ALLOWED, PR_TRUE, PR_FALSE},
- { SSL_RSA_WITH_NULL_MD5, SSL_NOT_ALLOWED, PR_FALSE,PR_FALSE}
-};
-
-static const /*SSL3CompressionMethod*/ uint8 compressions [] = {
- compression_null
-};
-
-static const int compressionMethodsCount =
- sizeof(compressions) / sizeof(compressions[0]);
-
-static const /*SSL3ClientCertificateType */ uint8 certificate_types [] = {
- ct_RSA_sign,
- ct_DSS_sign,
-};
-
-static const /*SSL3ClientCertificateType */ uint8 fortezza_certificate_types [] = {
- ct_Fortezza,
-};
-
-/*
- * make sure there is room in the write buffer for padding and
- * other compression and cryptographic expansions
- */
-#define SSL3_BUFFER_FUDGE 100
-
-#define SET_ERROR_CODE /* reminder */
-#define SEND_ALERT /* reminder */
-#define TEST_FOR_FAILURE /* reminder */
-#define DEAL_WITH_FAILURE /* reminder */
-
-#define EXPORT_RSA_KEY_LENGTH 64 /* bytes */
-
-
-/* This is a hack to make sure we don't do double handshakes for US policy */
-PRBool ssl3_global_policy_some_restricted = PR_FALSE;
-
-/* This global item is used only in servers. It is is initialized by
-** SSL_ConfigSecureServer(), and is used in ssl3_SendCertificateRequest().
-*/
-CERTDistNames *ssl3_server_ca_list = NULL;
-static SSL3Statistics ssl3stats;
-
-/* indexed by SSL3BulkCipher */
-static const ssl3BulkCipherDef bulk_cipher_defs[] = {
- /* cipher calg keySz secretSz type ivSz BlkSz keygen */
- {cipher_null, calg_null, 0, 0, type_stream, 0, 0, kg_null},
- {cipher_rc4, calg_rc4, 16, 16, type_stream, 0, 0, kg_strong},
- {cipher_rc4_40, calg_rc4, 16, 5, type_stream, 0, 0, kg_export},
- {cipher_rc4_56, calg_rc4, 16, 7, type_stream, 0, 0, kg_export},
- {cipher_rc2, calg_rc2, 16, 16, type_block, 8, 8, kg_strong},
- {cipher_rc2_40, calg_rc2, 16, 5, type_block, 8, 8, kg_export},
- {cipher_des, calg_des, 8, 8, type_block, 8, 8, kg_strong},
- {cipher_3des, calg_3des, 24, 24, type_block, 8, 8, kg_strong},
- {cipher_des40, calg_des, 8, 5, type_block, 8, 8, kg_export},
- {cipher_idea, calg_idea, 16, 16, type_block, 8, 8, kg_strong},
- {cipher_fortezza, calg_fortezza, 10, 10, type_block, 24, 8, kg_null},
- {cipher_aes_128, calg_aes, 16, 16, type_block, 16,16, kg_strong},
- {cipher_aes_256, calg_aes, 32, 32, type_block, 16,16, kg_strong},
- {cipher_missing, calg_null, 0, 0, type_stream, 0, 0, kg_null},
-};
-
-static const ssl3KEADef kea_defs[] = { /* indexed by SSL3KeyExchangeAlgorithm */
- /* kea exchKeyType signKeyType is_limited limit tls_keygen */
- {kea_null, kt_null, sign_null, PR_FALSE, 0, PR_FALSE},
- {kea_rsa, kt_rsa, sign_rsa, PR_FALSE, 0, PR_FALSE},
- {kea_rsa_export, kt_rsa, sign_rsa, PR_TRUE, 512, PR_FALSE},
- {kea_rsa_export_1024,kt_rsa, sign_rsa, PR_TRUE, 1024, PR_FALSE},
- {kea_dh_dss, kt_dh, sign_dsa, PR_FALSE, 0, PR_FALSE},
- {kea_dh_dss_export, kt_dh, sign_dsa, PR_TRUE, 512, PR_FALSE},
- {kea_dh_rsa, kt_dh, sign_rsa, PR_FALSE, 0, PR_FALSE},
- {kea_dh_rsa_export, kt_dh, sign_rsa, PR_TRUE, 512, PR_FALSE},
- {kea_dhe_dss, kt_dh, sign_dsa, PR_FALSE, 0, PR_FALSE},
- {kea_dhe_dss_export, kt_dh, sign_dsa, PR_TRUE, 512, PR_FALSE},
- {kea_dhe_rsa, kt_dh, sign_rsa, PR_FALSE, 0, PR_FALSE},
- {kea_dhe_rsa_export, kt_dh, sign_rsa, PR_TRUE, 512, PR_FALSE},
- {kea_dh_anon, kt_dh, sign_null, PR_FALSE, 0, PR_FALSE},
- {kea_dh_anon_export, kt_dh, sign_null, PR_TRUE, 512, PR_FALSE},
- {kea_fortezza, kt_fortezza, sign_dsa, PR_FALSE, 0, PR_FALSE},
- {kea_rsa_fips, kt_rsa, sign_rsa, PR_FALSE, 0, PR_TRUE },
-};
-
-/* must use ssl_LookupCipherSuiteDef to access */
-static const ssl3CipherSuiteDef cipher_suite_defs[] = {
-/* cipher_suite bulk_cipher_alg mac_alg key_exchange_alg */
-
- {SSL_NULL_WITH_NULL_NULL, cipher_null, mac_null, kea_null},
- {SSL_RSA_WITH_NULL_MD5, cipher_null, mac_md5, kea_rsa},
- {SSL_RSA_WITH_NULL_SHA, cipher_null, mac_sha, kea_rsa},
- {SSL_RSA_EXPORT_WITH_RC4_40_MD5,cipher_rc4_40, mac_md5, kea_rsa_export},
- {SSL_RSA_WITH_RC4_128_MD5, cipher_rc4, mac_md5, kea_rsa},
- {SSL_RSA_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_rsa},
- {SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
- cipher_rc2_40, mac_md5, kea_rsa_export},
-#if 0 /* not implemented */
- {SSL_RSA_WITH_IDEA_CBC_SHA, cipher_idea, mac_sha, kea_rsa},
- {SSL_RSA_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_rsa_export},
-#endif
- {SSL_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa},
- {SSL_RSA_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa},
- {SSL_DHE_DSS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_dss},
- {SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
- cipher_3des, mac_sha, kea_dhe_dss},
- {TLS_DHE_DSS_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_dhe_dss},
-#if 0 /* not implemented */
- {SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_dss_export},
- {SSL_DH_DSS_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_dss},
- {SSL_DH_DSS_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_dss},
- {SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_rsa_export},
- {SSL_DH_RSA_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_rsa},
- {SSL_DH_RSA_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_rsa},
- {SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_dss_export},
- {SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_rsa_export},
-#endif
- {SSL_DHE_RSA_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_dhe_rsa},
- {SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
- cipher_3des, mac_sha, kea_dhe_rsa},
-#if 0
- {SSL_DH_ANON_EXPORT_RC4_40_MD5, cipher_rc4_40, mac_md5, kea_dh_anon_export},
- {SSL_DH_ANON_EXPORT_RC4_40_MD5, cipher_rc4, mac_md5, kea_dh_anon_export},
- {SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA,
- cipher_des40, mac_sha, kea_dh_anon_export},
- {SSL_DH_ANON_DES_CBC_SHA, cipher_des, mac_sha, kea_dh_anon},
- {SSL_DH_ANON_3DES_CBC_SHA, cipher_3des, mac_sha, kea_dh_anon},
-#endif
-
- {SSL_FORTEZZA_DMS_WITH_NULL_SHA, cipher_null, mac_sha, kea_fortezza},
- {SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA,
- cipher_fortezza, mac_sha, kea_fortezza},
- {SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, cipher_rc4, mac_sha, kea_fortezza},
-
-/* New TLS cipher suites */
- {TLS_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_rsa},
- {TLS_DHE_DSS_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dhe_dss},
- {TLS_DHE_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dhe_rsa},
- {TLS_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_rsa},
- {TLS_DHE_DSS_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dhe_dss},
- {TLS_DHE_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dhe_rsa},
-#if 0
- {TLS_DH_DSS_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_dss},
- {TLS_DH_RSA_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_rsa},
- {TLS_DH_ANON_WITH_AES_128_CBC_SHA, cipher_aes_128, mac_sha, kea_dh_anon},
- {TLS_DH_DSS_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_dss},
- {TLS_DH_RSA_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_rsa},
- {TLS_DH_ANON_WITH_AES_256_CBC_SHA, cipher_aes_256, mac_sha, kea_dh_anon},
-#endif
-
- {TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
- cipher_des, mac_sha,kea_rsa_export_1024},
- {TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
- cipher_rc4_56, mac_sha,kea_rsa_export_1024},
-
- {SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, cipher_3des, mac_sha, kea_rsa_fips},
- {SSL_RSA_FIPS_WITH_DES_CBC_SHA, cipher_des, mac_sha, kea_rsa_fips},
-
-};
-
-static const CK_MECHANISM_TYPE kea_alg_defs[] = {
- 0x80000000L,
- CKM_RSA_PKCS,
- CKM_DH_PKCS_DERIVE,
- CKM_KEA_KEY_DERIVE
-};
-
-typedef struct SSLCipher2MechStr {
- SSLCipherAlgorithm calg;
- CK_MECHANISM_TYPE cmech;
-} SSLCipher2Mech;
-
-static const SSLCipher2Mech alg2Mech[] = {
- { calg_null , (CK_MECHANISM_TYPE)0x80000000L },
- { calg_rc4 , CKM_RC4 },
- { calg_rc2 , CKM_RC2_CBC },
- { calg_des , CKM_DES_CBC },
- { calg_3des , CKM_DES3_CBC },
- { calg_idea , CKM_IDEA_CBC },
- { calg_fortezza , CKM_SKIPJACK_CBC64 },
- { calg_aes , CKM_AES_CBC },
-/* { calg_init , (CK_MECHANISM_TYPE)0x7fffffffL } */
-};
-
-#define mmech_null (CK_MECHANISM_TYPE)0x80000000L
-#define mmech_md5 CKM_SSL3_MD5_MAC
-#define mmech_sha CKM_SSL3_SHA1_MAC
-#define mmech_md5_hmac CKM_MD5_HMAC
-#define mmech_sha_hmac CKM_SHA_1_HMAC
-
-static const ssl3MACDef mac_defs[] = { /* indexed by SSL3MACAlgorithm */
- /* mac mmech pad_size mac_size */
- { mac_null, mmech_null, 0, 0 },
- { mac_md5, mmech_md5, 48, MD5_LENGTH },
- { mac_sha, mmech_sha, 40, SHA1_LENGTH},
- {hmac_md5, mmech_md5_hmac, 48, MD5_LENGTH },
- {hmac_sha, mmech_sha_hmac, 40, SHA1_LENGTH},
-};
-
-/* indexed by SSL3BulkCipher */
-const char * const ssl3_cipherName[] = {
- "NULL",
- "RC4",
- "RC4-40",
- "RC4-56",
- "RC2-CBC",
- "RC2-CBC-40",
- "DES-CBC",
- "3DES-EDE-CBC",
- "DES-CBC-40",
- "IDEA-CBC",
- "FORTEZZA",
- "missing"
-};
-
-#if defined(TRACE)
-
-static char *
-ssl3_DecodeHandshakeType(int msgType)
-{
- char * rv;
- static char line[40];
-
- switch(msgType) {
- case hello_request: rv = "hello_request (0)"; break;
- case client_hello: rv = "client_hello (1)"; break;
- case server_hello: rv = "server_hello (2)"; break;
- case certificate: rv = "certificate (11)"; break;
- case server_key_exchange: rv = "server_key_exchange (12)"; break;
- case certificate_request: rv = "certificate_request (13)"; break;
- case server_hello_done: rv = "server_hello_done (14)"; break;
- case certificate_verify: rv = "certificate_verify (15)"; break;
- case client_key_exchange: rv = "client_key_exchange (16)"; break;
- case finished: rv = "finished (20)"; break;
- default:
- sprintf(line, "*UNKNOWN* handshake type! (%d)", msgType);
- rv = line;
- }
- return rv;
-}
-
-static char *
-ssl3_DecodeContentType(int msgType)
-{
- char * rv;
- static char line[40];
-
- switch(msgType) {
- case content_change_cipher_spec:
- rv = "change_cipher_spec (20)"; break;
- case content_alert: rv = "alert (21)"; break;
- case content_handshake: rv = "handshake (22)"; break;
- case content_application_data:
- rv = "application_data (23)"; break;
- default:
- sprintf(line, "*UNKNOWN* record type! (%d)", msgType);
- rv = line;
- }
- return rv;
-}
-
-#endif
-
-SSL3Statistics *
-SSL_GetStatistics(void)
-{
- return &ssl3stats;
-}
-
-/* return pointer to ssl3CipherSuiteDef for suite, or NULL */
-/* XXX This does a linear search. A binary search would be better. */
-static const ssl3CipherSuiteDef *
-ssl_LookupCipherSuiteDef(ssl3CipherSuite suite)
-{
- int cipher_suite_def_len =
- sizeof(cipher_suite_defs) / sizeof(cipher_suite_defs[0]);
- int i;
-
- for (i = 0; i < cipher_suite_def_len; i++) {
- if (cipher_suite_defs[i].cipher_suite == suite)
- return &cipher_suite_defs[i];
- }
- PORT_Assert(PR_FALSE); /* We should never get here. */
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return NULL;
-}
-
-/* Find the cipher configuration struct associate with suite */
-/* XXX This does a linear search. A binary search would be better. */
-static ssl3CipherSuiteCfg *
-ssl_LookupCipherSuiteCfg(ssl3CipherSuite suite, ssl3CipherSuiteCfg *suites)
-{
- int i;
-
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- if (suites[i].cipher_suite == suite)
- return &suites[i];
- }
- /* return NULL and let the caller handle it. */
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return NULL;
-}
-
-
-/* Initialize the suite->isPresent value for config_match
- * Returns count of enabled ciphers supported by extant tokens,
- * regardless of policy or user preference.
- * If this returns zero, the user cannot do SSL v3.
- */
-int
-ssl3_config_match_init(sslSocket *ss)
-{
- ssl3CipherSuiteCfg * suite;
- const ssl3CipherSuiteDef *cipher_def;
- SSLCipherAlgorithm cipher_alg;
- CK_MECHANISM_TYPE cipher_mech;
- SSL3KEAType exchKeyType;
- int i;
- int numPresent = 0;
- int numEnabled = 0;
- PRBool isServer;
- sslServerCerts *svrAuth;
-
- if (!ss->enableSSL3 && !ss->enableTLS) {
- return 0;
- }
- isServer = (PRBool)( ss && ss->sec && ss->sec->isServer );
-
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- suite = &ss->cipherSuites[i];
- if (suite->enabled) {
- ++numEnabled;
- /* We need the cipher defs to see if we have a token that can handle
- * this cipher. It isn't part of the static definition.
- */
- cipher_def = ssl_LookupCipherSuiteDef(suite->cipher_suite);
- if (!cipher_def) {
- suite->isPresent = PR_FALSE;
- continue;
- }
- cipher_alg=bulk_cipher_defs[cipher_def->bulk_cipher_alg ].calg;
- PORT_Assert( alg2Mech[cipher_alg].calg == cipher_alg);
- cipher_mech = alg2Mech[cipher_alg].cmech;
- exchKeyType =
- kea_defs[cipher_def->key_exchange_alg].exchKeyType;
- svrAuth = ss->serverCerts + exchKeyType;
-
- /* Mark the suites that are backed by real tokens, certs and keys */
- suite->isPresent = (PRBool)
- (((exchKeyType == kt_null) ||
- (!isServer || (svrAuth->serverKey &&
- svrAuth->serverCertChain)) &&
- PK11_TokenExists(kea_alg_defs[exchKeyType])) &&
- ((cipher_alg == calg_null) || PK11_TokenExists(cipher_mech)));
- if (suite->isPresent)
- ++numPresent;
- }
- }
- PORT_Assert(numPresent > 0 || numEnabled == 0);
- if (numPresent <= 0) {
- PORT_SetError(SSL_ERROR_NO_CIPHERS_SUPPORTED);
- }
- return numPresent;
-}
-
-
-/* return PR_TRUE if suite matches policy and enabled state */
-/* It would be a REALLY BAD THING (tm) if we ever permitted the use
-** of a cipher that was NOT_ALLOWED. So, if this is ever called with
-** policy == SSL_NOT_ALLOWED, report no match.
-*/
-/* adjust suite enabled to the availability of a token that can do the
- * cipher suite. */
-static PRBool
-config_match(ssl3CipherSuiteCfg *suite, int policy, PRBool enabled)
-{
- PORT_Assert(policy != SSL_NOT_ALLOWED && enabled != PR_FALSE);
- if (policy == SSL_NOT_ALLOWED || !enabled)
- return PR_FALSE;
- return (PRBool)(suite->enabled &&
- suite->isPresent &&
- suite->policy != SSL_NOT_ALLOWED &&
- suite->policy <= policy);
-}
-
-/* return number of cipher suites that match policy and enabled state */
-/* called from ssl3_SendClientHello and ssl3_ConstructV2CipherSpecsHack */
-static int
-count_cipher_suites(sslSocket *ss, int policy, PRBool enabled)
-{
- int i, count = 0;
-
- if (!ss->enableSSL3 && !ss->enableTLS) {
- return 0;
- }
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- if (config_match(&ss->cipherSuites[i], policy, enabled))
- count++;
- }
- if (count <= 0) {
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- }
- return count;
-}
-
-static PRBool
-anyRestrictedEnabled(sslSocket *ss)
-{
- int i;
-
- if (!ss->enableSSL3 && !ss->enableTLS) {
- return PR_FALSE;
- }
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
- if (suite->policy == SSL_RESTRICTED &&
- suite->enabled &&
- suite->isPresent)
- return PR_TRUE;
- }
- return PR_FALSE;
-}
-
-/*
- * Null compression, mac and encryption functions
- */
-
-static SECStatus
-Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen,
- const unsigned char *input, int inputLen)
-{
- *outputLen = inputLen;
- if (input != output)
- PORT_Memcpy(output, input, inputLen);
- return SECSuccess;
-}
-
-
-/*
- * SSL3 Utility functions
- */
-
-SECStatus
-ssl3_NegotiateVersion(sslSocket *ss, SSL3ProtocolVersion peerVersion)
-{
- SSL3ProtocolVersion version;
- SSL3ProtocolVersion maxVersion;
-
- if (ss->enableTLS) {
- maxVersion = SSL_LIBRARY_VERSION_3_1_TLS;
- } else if (ss->enableSSL3) {
- maxVersion = SSL_LIBRARY_VERSION_3_0;
- } else {
- /* what are we doing here? */
- PORT_Assert(ss->enableSSL3 || ss->enableTLS);
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- return SECFailure;
- }
-
- ss->version = version = PR_MIN(maxVersion, peerVersion);
-
- if ((version == SSL_LIBRARY_VERSION_3_1_TLS && ss->enableTLS) ||
- (version == SSL_LIBRARY_VERSION_3_0 && ss->enableSSL3)) {
- return SECSuccess;
- }
-
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- return SECFailure;
-
-}
-
-static SECStatus
-ssl3_GetNewRandom(SSL3Random *random)
-{
- PRIntervalTime gmt = PR_IntervalToSeconds(PR_IntervalNow());
- SECStatus rv;
-
- random->rand[0] = (unsigned char)(gmt >> 24);
- random->rand[1] = (unsigned char)(gmt >> 16);
- random->rand[2] = (unsigned char)(gmt >> 8);
- random->rand[3] = (unsigned char)(gmt);
-
- /* first 4 bytes are reserverd for time */
- rv = PK11_GenerateRandom(&random->rand[4], SSL3_RANDOM_LENGTH - 4);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
- }
- return rv;
-}
-
-static SECStatus
-ssl3_SignHashes(SSL3Hashes *hash, SECKEYPrivateKey *key, SECItem *buf,
- PRBool isTLS)
-{
- SECStatus rv = SECFailure;
- PRBool doDerEncode = PR_FALSE;
- int signatureLen;
- SECItem hashItem;
-
- buf->data = NULL;
- signatureLen = PK11_SignatureLen(key);
- if (signatureLen <= 0) {
- PORT_SetError(SEC_ERROR_INVALID_KEY);
- goto done;
- }
-
- buf->len = (unsigned)signatureLen;
- buf->data = (unsigned char *)PORT_Alloc(signatureLen + 1);
- if (!buf->data)
- goto done; /* error code was set. */
-
- switch (key->keyType) {
- case rsaKey:
- hashItem.data = hash->md5;
- hashItem.len = sizeof(SSL3Hashes);
- break;
- case dsaKey:
- case fortezzaKey:
- doDerEncode = isTLS;
- hashItem.data = hash->sha;
- hashItem.len = sizeof(hash->sha);
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_KEY);
- goto done;
- }
- PRINT_BUF(60, (NULL, "hash(es) to be signed", hashItem.data, hashItem.len));
-
- rv = PK11_Sign(key, buf, &hashItem);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SIGN_HASHES_FAILURE);
- } else if (doDerEncode) {
- SECItem derSig = {siBuffer, NULL, 0};
-
- rv = DSAU_EncodeDerSig(&derSig, buf);
- if (rv == SECSuccess) {
- PORT_Free(buf->data); /* discard unencoded signature. */
- *buf = derSig; /* give caller encoded signature. */
- } else if (derSig.data) {
- PORT_Free(derSig.data);
- }
- }
-
- PRINT_BUF(60, (NULL, "signed hashes", (unsigned char*)buf->data, buf->len));
-done:
- if (rv != SECSuccess && buf->data) {
- PORT_Free(buf->data);
- buf->data = NULL;
- }
- return rv;
-}
-
-
-static SECStatus
-ssl3_VerifySignedHashes(SSL3Hashes *hash, CERTCertificate *cert,
- SECItem *buf, PRBool isTLS, void *pwArg)
-{
- SECKEYPublicKey * key;
- SECItem * signature = NULL;
- SECStatus rv;
- SECItem hashItem;
-
-
- PRINT_BUF(60, (NULL, "check signed hashes",
- buf->data, buf->len));
-
- key = CERT_ExtractPublicKey(cert);
- if (key == NULL) {
- /* CERT_ExtractPublicKey doesn't set error code */
- PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- return SECFailure;
- }
-
- switch (key->keyType) {
- case rsaKey:
- hashItem.data = hash->md5;
- hashItem.len = sizeof(SSL3Hashes);
- break;
- case dsaKey:
- case fortezzaKey:
- hashItem.data = hash->sha;
- hashItem.len = sizeof(hash->sha);
- if (isTLS) {
- signature = DSAU_DecodeDerSig(buf);
- if (!signature) {
- PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- return SECFailure;
- }
- buf = signature;
- }
- break;
- default:
- SECKEY_DestroyPublicKey(key);
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- return SECFailure;
- }
-
- PRINT_BUF(60, (NULL, "hash(es) to be verified",
- hashItem.data, hashItem.len));
-
- rv = PK11_Verify(key, buf, &hashItem, pwArg);
- SECKEY_DestroyPublicKey(key);
- if (signature) {
- SECITEM_FreeItem(signature, PR_TRUE);
- }
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- }
- return rv;
-}
-
-
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeExportRSAKeyHash(SECItem modulus, SECItem publicExponent,
- SSL3Random *client_rand, SSL3Random *server_rand,
- SSL3Hashes *hashes)
-{
- PK11Context * md5 = NULL;
- PK11Context * sha = NULL;
- PRUint8 * hashBuf;
- PRUint8 * pBuf;
- SECStatus rv = SECSuccess;
- unsigned int outLen;
- unsigned int bufLen;
- PRUint8 buf[2*SSL3_RANDOM_LENGTH + 2 + 4096/8 + 2 + 4096/8];
-
- bufLen = 2*SSL3_RANDOM_LENGTH + 2 + modulus.len + 2 + publicExponent.len;
- if (bufLen <= sizeof buf) {
- hashBuf = buf;
- } else {
- hashBuf = PORT_Alloc(bufLen);
- if (!hashBuf) {
- return SECFailure;
- }
- }
-
- md5 = PK11_CreateDigestContext(SEC_OID_MD5);
- if (md5 == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure; /* Caller must set hiLevel error code. */
- goto done;
- }
- sha = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (sha == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure; /* Caller must set hiLevel error code. */
- goto done;
- }
-
- memcpy(hashBuf, client_rand, SSL3_RANDOM_LENGTH);
- pBuf = hashBuf + SSL3_RANDOM_LENGTH;
- memcpy(pBuf, server_rand, SSL3_RANDOM_LENGTH);
- pBuf += SSL3_RANDOM_LENGTH;
- pBuf[0] = (PRUint8)(modulus.len >> 8);
- pBuf[1] = (PRUint8)(modulus.len);
- pBuf += 2;
- memcpy(pBuf, modulus.data, modulus.len);
- pBuf += modulus.len;
- pBuf[0] = (PRUint8)(publicExponent.len >> 8);
- pBuf[1] = (PRUint8)(publicExponent.len);
- pBuf += 2;
- memcpy(pBuf, publicExponent.data, publicExponent.len);
- pBuf += publicExponent.len;
- PORT_Assert(pBuf - hashBuf == bufLen);
-
- rv = PK11_DigestBegin(md5);
- rv |= PK11_DigestOp(md5, hashBuf, bufLen);
- rv |= PK11_DigestFinal(md5, hashes->md5, &outLen, MD5_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- rv = PK11_DigestBegin(sha);
- rv |= PK11_DigestOp(sha, hashBuf, bufLen);
- rv |= PK11_DigestFinal(sha, hashes->sha, &outLen, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == SHA1_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- PRINT_BUF(95, (NULL, "RSAkey hash: ", hashBuf, bufLen));
- PRINT_BUF(95, (NULL, "RSAkey hash: MD5 result", hashes->md5, MD5_LENGTH));
- PRINT_BUF(95, (NULL, "RSAkey hash: SHA1 result", hashes->sha, SHA1_LENGTH));
-
-done:
- if (md5 != NULL) PK11_DestroyContext(md5, PR_TRUE);
- if (sha != NULL) PK11_DestroyContext(sha, PR_TRUE);
- if (hashBuf != buf && hashBuf != NULL)
- PORT_Free(hashBuf);
- return rv;
-}
-
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeDHKeyHash(SECItem dh_p, SECItem dh_g, SECItem dh_Ys,
- SSL3Random *client_rand, SSL3Random *server_rand,
- SSL3Hashes *hashes)
-{
- PK11Context * md5 = NULL;
- PK11Context * sha = NULL;
- PRUint8 * hashBuf;
- PRUint8 * pBuf;
- SECStatus rv = SECSuccess;
- unsigned int outLen;
- unsigned int bufLen;
- PRUint8 buf[2*SSL3_RANDOM_LENGTH + 2 + 4096/8 + 2 + 4096/8];
-
- bufLen = 2*SSL3_RANDOM_LENGTH + 2 + dh_p.len + 2 + dh_g.len + 2 + dh_Ys.len;
- if (bufLen <= sizeof buf) {
- hashBuf = buf;
- } else {
- hashBuf = PORT_Alloc(bufLen);
- if (!hashBuf) {
- return SECFailure;
- }
- }
-
- md5 = PK11_CreateDigestContext(SEC_OID_MD5);
- if (md5 == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure; /* Caller must set hiLevel error code. */
- goto done;
- }
- sha = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (sha == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure; /* Caller must set hiLevel error code. */
- goto done;
- }
-
- memcpy(hashBuf, client_rand, SSL3_RANDOM_LENGTH);
- pBuf = hashBuf + SSL3_RANDOM_LENGTH;
- memcpy(pBuf, server_rand, SSL3_RANDOM_LENGTH);
- pBuf += SSL3_RANDOM_LENGTH;
- pBuf[0] = (PRUint8)(dh_p.len >> 8);
- pBuf[1] = (PRUint8)(dh_p.len);
- pBuf += 2;
- memcpy(pBuf, dh_p.data, dh_p.len);
- pBuf += dh_p.len;
- pBuf[0] = (PRUint8)(dh_g.len >> 8);
- pBuf[1] = (PRUint8)(dh_g.len);
- pBuf += 2;
- memcpy(pBuf, dh_g.data, dh_g.len);
- pBuf += dh_g.len;
- pBuf[0] = (PRUint8)(dh_Ys.len >> 8);
- pBuf[1] = (PRUint8)(dh_Ys.len);
- pBuf += 2;
- memcpy(pBuf, dh_Ys.data, dh_Ys.len);
- pBuf += dh_Ys.len;
- PORT_Assert(pBuf - hashBuf == bufLen);
-
- rv = PK11_DigestBegin(md5);
- rv |= PK11_DigestOp(md5, hashBuf, bufLen);
- rv |= PK11_DigestFinal(md5, hashes->md5, &outLen, MD5_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- rv = PK11_DigestBegin(sha);
- rv |= PK11_DigestOp(sha, hashBuf, bufLen);
- rv |= PK11_DigestFinal(sha, hashes->sha, &outLen, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == SHA1_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- goto done;
- }
-
- PRINT_BUF(95, (NULL, "DHkey hash: ", hashBuf, bufLen));
- PRINT_BUF(95, (NULL, "DHkey hash: MD5 result", hashes->md5, MD5_LENGTH));
- PRINT_BUF(95, (NULL, "DHkey hash: SHA1 result", hashes->sha, SHA1_LENGTH));
-
-done:
- if (md5 != NULL) PK11_DestroyContext(md5, PR_TRUE);
- if (sha != NULL) PK11_DestroyContext(sha, PR_TRUE);
- if (hashBuf != buf && hashBuf != NULL)
- PORT_Free(hashBuf);
- return rv;
-}
-/* Caller must set hiLevel error code. */
-static SECStatus
-ssl3_ComputeFortezzaPublicKeyHash(SECItem publicValue, unsigned char * hash)
-{
- PK11Context *sha = NULL;
- SECStatus rv = SECFailure;
- unsigned int outLen;
-
- sha = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (sha == NULL) {
- return rv; /* Caller must set hiLevel error code. */
- }
-
- rv = PK11_DigestBegin(sha);
- rv |= PK11_DigestOp(sha, (unsigned char *)publicValue.data, publicValue.len);
- rv |= PK11_DigestFinal(sha, hash, &outLen, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLen == SHA1_LENGTH);
- if (rv != SECSuccess)
- rv = SECFailure;
- PK11_DestroyContext(sha, PR_TRUE);
-
- return rv;
-}
-
-
-static void
-ssl3_BumpSequenceNumber(SSL3SequenceNumber *num)
-{
- num->low++;
- if (num->low == 0)
- num->high++;
-}
-
-/* Called only from ssl3_DestroyCipherSpec (immediately below). */
-static void
-ssl3_CleanupKeyMaterial(ssl3KeyMaterial *mat)
-{
- if (mat->write_key != NULL) {
- PK11_FreeSymKey(mat->write_key);
- mat->write_key = NULL;
- }
- if (mat->write_mac_key != NULL) {
- PK11_FreeSymKey(mat->write_mac_key);
- mat->write_mac_key = NULL;
- }
- if (mat->write_mac_context != NULL) {
- PK11_DestroyContext(mat->write_mac_context, PR_TRUE);
- mat->write_mac_context = NULL;
- }
-}
-
-/* Called from ssl3_SendChangeCipherSpecs() and ssl3_HandleChangeCipherSpecs()
-** Caller must hold SpecWriteLock.
-*/
-static void
-ssl3_DestroyCipherSpec(ssl3CipherSpec *spec)
-{
-
-/* PORT_Assert( ssl_HaveSpecWriteLock(ss)); Don't have ss! */
-
- if (spec->destroy) {
- spec->destroy(spec->encodeContext,PR_TRUE);
- spec->destroy(spec->decodeContext,PR_TRUE);
- spec->encodeContext = NULL; /* paranoia */
- spec->decodeContext = NULL;
- }
- if (spec->master_secret != NULL) {
- PK11_FreeSymKey(spec->master_secret);
- spec->master_secret = NULL;
- }
- ssl3_CleanupKeyMaterial(&spec->client);
- ssl3_CleanupKeyMaterial(&spec->server);
- spec->destroy=NULL;
-}
-
-/* Called from ssl3_HandleServerHello(), ssl3_SendServerHello()
-** Caller must hold the ssl3 handshake lock.
-** Acquires & releases SpecWriteLock.
-*/
-static SECStatus
-ssl3_SetupPendingCipherSpec(sslSocket *ss, ssl3State *ssl3)
-{
- ssl3CipherSpec * pwSpec;
- ssl3CipherSpec * cwSpec;
- ssl3CipherSuite suite = ssl3->hs.cipher_suite;
- sslSecurityInfo * sec = ss->sec;
- SSL3MACAlgorithm mac;
- SSL3BulkCipher cipher;
- SSL3KeyExchangeAlgorithm kea;
- const ssl3CipherSuiteDef *suite_def;
- PRBool isTLS;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- ssl_GetSpecWriteLock(ss); /*******************************/
-
- pwSpec = ssl3->pwSpec;
- PORT_Assert(pwSpec == ssl3->prSpec);
-
- /* This hack provides maximal interoperability with SSL 3 servers. */
- cwSpec = ss->ssl3->cwSpec;
- if (cwSpec->mac_def->mac == mac_null) {
- /* SSL records are not being MACed. */
- cwSpec->version = ss->version;
- }
-
- pwSpec->version = ss->version;
- isTLS = (PRBool)(pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- SSL_TRC(3, ("%d: SSL3[%d]: Set XXX Pending Cipher Suite to 0x%04x",
- SSL_GETPID(), ss->fd, suite));
-
- suite_def = ssl_LookupCipherSuiteDef(suite);
- if (suite_def == NULL) {
- ssl_ReleaseSpecWriteLock(ss);
- return SECFailure; /* error code set by ssl_LookupCipherSuiteDef */
- }
-
-
- cipher = suite_def->bulk_cipher_alg;
- kea = suite_def->key_exchange_alg;
- mac = suite_def->mac_alg;
- if (isTLS)
- mac += 2;
-
- ssl3->hs.suite_def = suite_def;
- ssl3->hs.kea_def = &kea_defs[kea];
- PORT_Assert(ssl3->hs.kea_def->kea == kea);
-
- pwSpec->cipher_def = &bulk_cipher_defs[cipher];
- PORT_Assert(pwSpec->cipher_def->cipher == cipher);
-
- pwSpec->mac_def = &mac_defs[mac];
- PORT_Assert(pwSpec->mac_def->mac == mac);
-
-
- sec->keyBits = pwSpec->cipher_def->key_size * BPB;
- sec->secretKeyBits = pwSpec->cipher_def->secret_key_size * BPB;
- sec->cipherType = cipher;
-
- pwSpec->encodeContext = NULL;
- pwSpec->decodeContext = NULL;
-
- pwSpec->mac_size = pwSpec->mac_def->mac_size;
-
- ssl_ReleaseSpecWriteLock(ss); /*******************************/
- return SECSuccess;
-}
-
-/*
- * Called from: ssl3_SendClientKeyExchange (for Full handshake)
- * ssl3_HandleClientKeyExchange (for Full handshake)
- * ssl3_HandleServerHello (for session restart)
- * ssl3_HandleClientHello (for session restart)
- * Sets error code, but caller probably should override to disambiguate.
- * NULL pms means re-use old master_secret.
- */
-static SECStatus
-ssl3_InitPendingCipherSpec(sslSocket *ss, PK11SymKey *pms)
-{
- ssl3CipherSpec * pwSpec;
- sslSecurityInfo * sec = ss->sec;
-const ssl3BulkCipherDef *cipher_def;
- PK11Context * serverContext = NULL;
- PK11Context * clientContext = NULL;
- SECItem * param;
- CK_ULONG macLength;
- SSLCipherAlgorithm calg;
- SECStatus rv;
- CK_MECHANISM_TYPE mechanism;
- CK_MECHANISM_TYPE mac_mech;
- SECItem iv;
- SECItem mac_param;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- ssl_GetSpecWriteLock(ss); /**************************************/
-
- PORT_Assert(ss->ssl3->prSpec == ss->ssl3->pwSpec);
-
- pwSpec = ss->ssl3->pwSpec;
- cipher_def = pwSpec->cipher_def;
- macLength = pwSpec->mac_size;
-
- /* generate session keys from pms (if pms is not NULL) or ms */
- rv = ssl3_GenerateSessionKeys(ss, pms);
- if (rv != SECSuccess) {
- goto bail_out; /* err code set by ssl3_GenerateSessionKeys */
- }
-
- pwSpec->client.write_mac_context = NULL;
- pwSpec->server.write_mac_context = NULL;
-
- mac_param.data = (unsigned char *)&macLength;
- mac_param.len = sizeof(macLength);
- mac_mech = pwSpec->mac_def->mmech;
-
- if (cipher_def->calg == calg_null) {
- pwSpec->encode = Null_Cipher;
- pwSpec->decode = Null_Cipher;
- pwSpec->destroy = NULL;
- pwSpec->client.write_mac_context = PK11_CreateContextBySymKey(
- mac_mech, CKA_SIGN, pwSpec->client.write_mac_key, &mac_param);
- if (pwSpec->client.write_mac_context == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
- pwSpec->server.write_mac_context = PK11_CreateContextBySymKey(
- mac_mech, CKA_SIGN, pwSpec->server.write_mac_key, &mac_param);
- if (pwSpec->server.write_mac_context == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
- goto success;
- }
-
- calg = cipher_def->calg;
- PORT_Assert(alg2Mech[calg].calg == calg);
- mechanism = alg2Mech[calg].cmech;
-
- /*
- * build the server context
- */
- iv.data = pwSpec->server.write_iv;
- iv.len = cipher_def->iv_size;
- param = PK11_ParamFromIV(mechanism, &iv);
- if (param == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
- goto fail;
- }
- serverContext = PK11_CreateContextBySymKey(mechanism,
- (sec->isServer ? CKA_ENCRYPT : CKA_DECRYPT),
- pwSpec->server.write_key, param);
- iv.data = PK11_IVFromParam(mechanism, param, (int *)&iv.len);
- if (iv.data)
- PORT_Memcpy(pwSpec->server.write_iv, iv.data, iv.len);
- SECITEM_FreeItem(param, PR_TRUE);
- if (serverContext == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
-
- /*
- * build the client context
- */
- iv.data = pwSpec->client.write_iv;
- iv.len = cipher_def->iv_size;
- param = PK11_ParamFromIV(mechanism, &iv);
- if (param == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
- goto fail;
- }
- clientContext = PK11_CreateContextBySymKey(mechanism,
- (sec->isServer ? CKA_DECRYPT : CKA_ENCRYPT),
- pwSpec->client.write_key, param);
- iv.data = PK11_IVFromParam(mechanism, param, (int *)&iv.len);
- if (iv.data)
- PORT_Memcpy(pwSpec->client.write_iv, iv.data, iv.len);
- SECITEM_FreeItem(param,PR_TRUE);
- if (clientContext == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
-
- pwSpec->encodeContext = (sec->isServer) ? serverContext : clientContext;
- pwSpec->decodeContext = (sec->isServer) ? clientContext : serverContext;
- pwSpec->encode = (SSLCipher) PK11_CipherOp;
- pwSpec->decode = (SSLCipher) PK11_CipherOp;
- pwSpec->destroy = (SSLDestroy) PK11_DestroyContext;
-
- serverContext = NULL;
- clientContext = NULL;
-
- pwSpec->client.write_mac_context = PK11_CreateContextBySymKey(
- mac_mech,CKA_SIGN, pwSpec->client.write_mac_key,&mac_param);
- if (pwSpec->client.write_mac_context == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
- pwSpec->server.write_mac_context = PK11_CreateContextBySymKey(
- mac_mech, CKA_SIGN, pwSpec->server.write_mac_key,&mac_param);
- if (pwSpec->server.write_mac_context == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_CONTEXT_FAILURE);
- goto fail;
- }
-success:
- ssl_ReleaseSpecWriteLock(ss); /******************************/
- return SECSuccess;
-
-fail:
- if (serverContext != NULL) PK11_DestroyContext(serverContext, PR_TRUE);
- if (clientContext != NULL) PK11_DestroyContext(clientContext, PR_TRUE);
- if (pwSpec->client.write_mac_context != NULL) {
- PK11_DestroyContext(pwSpec->client.write_mac_context,PR_TRUE);
- pwSpec->client.write_mac_context = NULL;
- }
- if (pwSpec->server.write_mac_context != NULL) {
- PK11_DestroyContext(pwSpec->server.write_mac_context,PR_TRUE);
- pwSpec->server.write_mac_context = NULL;
- }
-bail_out:
- ssl_ReleaseSpecWriteLock(ss);
- return SECFailure;
-}
-
-/*
- * 60 bytes is 3 times the maximum length MAC size that is supported.
- */
-static const unsigned char mac_pad_1 [60] = {
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36
-};
-static const unsigned char mac_pad_2 [60] = {
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c
-};
-
-/* Called from: ssl3_SendRecord()
-** ssl3_HandleRecord()
-** Caller must already hold the SpecReadLock. (wish we could assert that!)
-*/
-static SECStatus
-ssl3_ComputeRecordMAC(
- ssl3CipherSpec * spec,
- PK11Context * mac_context,
- SSL3ContentType type,
- SSL3ProtocolVersion version,
- SSL3SequenceNumber seq_num,
- SSL3Opaque * input,
- int inputLength,
- unsigned char * outbuf,
- unsigned int * outLength)
-{
- const ssl3MACDef * mac_def;
- SECStatus rv;
- unsigned int tempLen;
- unsigned char temp[MAX_MAC_LENGTH];
-
-/* ssl_GetSpecReadLock(ss); Don't have "ss"! */
-
- mac_def = spec->mac_def;
- if (mac_def->mac == mac_null) {
- *outLength = 0;
-/* ssl_ReleaseSpecReadLock(ss); */
- return SECSuccess;
- }
-
- temp[0] = (unsigned char)(seq_num.high >> 24);
- temp[1] = (unsigned char)(seq_num.high >> 16);
- temp[2] = (unsigned char)(seq_num.high >> 8);
- temp[3] = (unsigned char)(seq_num.high >> 0);
- temp[4] = (unsigned char)(seq_num.low >> 24);
- temp[5] = (unsigned char)(seq_num.low >> 16);
- temp[6] = (unsigned char)(seq_num.low >> 8);
- temp[7] = (unsigned char)(seq_num.low >> 0);
- temp[8] = type;
-
- /* TLS MAC includes the record's version field, SSL's doesn't.
- ** We decide which MAC defintion to use based on the version of
- ** the protocol that was negotiated when the spec became current,
- ** NOT based on the version value in the record itself.
- ** But, we use the record'v version value in the computation.
- */
- if (spec->version <= SSL_LIBRARY_VERSION_3_0) {
- temp[9] = MSB(inputLength);
- temp[10] = LSB(inputLength);
- tempLen = 11;
- } else {
- /* New TLS hash includes version. */
- temp[9] = MSB(version);
- temp[10] = LSB(version);
- temp[11] = MSB(inputLength);
- temp[12] = LSB(inputLength);
- tempLen = 13;
- }
-
- PRINT_BUF(95, (NULL, "frag hash1: temp", temp, tempLen));
- PRINT_BUF(95, (NULL, "frag hash1: input", input, inputLength));
-
- rv = PK11_DigestBegin(mac_context);
- rv |= PK11_DigestOp(mac_context, temp, tempLen);
- rv |= PK11_DigestOp(mac_context, input, inputLength);
-
- rv |= PK11_DigestFinal(mac_context, outbuf, outLength, spec->mac_size);
- PORT_Assert(rv != SECSuccess || *outLength == (unsigned)spec->mac_size);
-
-/* ssl_ReleaseSpecReadLock(ss); */
-
- PRINT_BUF(95, (NULL, "frag hash2: result", outbuf, *outLength));
-
- if (rv != SECSuccess) {
- rv = SECFailure;
- ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
- }
- return rv;
-}
-
-/* Process the plain text before sending it.
- * Returns the number of bytes of plaintext that were succesfully sent
- * plus the number of bytes of plaintext that were copied into the
- * output (write) buffer.
- * Returns SECFailure on a hard IO error, memory error, or crypto error.
- * Does NOT return SECWouldBlock.
- */
-static PRInt32
-ssl3_SendRecord( sslSocket * ss,
- SSL3ContentType type,
- const SSL3Opaque * buf,
- PRInt32 bytes,
- PRInt32 flags)
-{
- ssl3CipherSpec * cwSpec;
- sslBuffer * write = &ss->sec->writeBuf;
- const ssl3BulkCipherDef * cipher_def;
- SECStatus rv;
- PRUint32 bufSize = 0;
- PRInt32 sent = 0;
- PRInt32 cipherBytes = -1;
- PRBool isBlocking = ssl_SocketIsBlocking(ss);
- PRBool ssl3WasNull = PR_FALSE;
-
- SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s bytes=%d",
- SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type),
- bytes));
- PRINT_BUF(3, (ss, "Send record (plain text)", buf, bytes));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- if (ss->ssl3 == NULL) {
- /* This can happen on a server if the very first incoming record
- ** looks like a defective ssl3 record (e.g. too long), and we're
- ** trying to send an alert.
- */
- ssl3WasNull = PR_TRUE;
- PR_ASSERT(type == content_alert);
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- return SECFailure; /* ssl3_InitState has set the error code. */
- }
- }
-
- while (bytes > 0) {
- PRInt32 count;
- PRUint32 contentLen;
- PRUint32 fragLen;
- PRUint32 macLen;
-
- contentLen = PR_MIN(bytes, MAX_FRAGMENT_LENGTH);
- if (write->space < contentLen + SSL3_BUFFER_FUDGE) {
- rv = sslBuffer_Grow(write, contentLen + SSL3_BUFFER_FUDGE);
- if (rv != SECSuccess) {
- SSL_DBG(("%d: SSL3[%d]: SendRecord, tried to get %d bytes",
- SSL_GETPID(), ss->fd, contentLen + SSL3_BUFFER_FUDGE));
- return SECFailure; /* sslBuffer_Grow set a memory error code. */
- }
- }
-
- /* This variable records
- * the actual size of the buffer we allocated above. Some
- * algorithms (FORTEZZA) will expand the number of bytes it needs to
- * send data. If we only supply the output buffer with the same number
- * of bytes as the input buffer, we will fail.
- */
- bufSize = contentLen + SSL3_BUFFER_FUDGE;
-
- /*
- * null compression is easy to do
- */
- PORT_Memcpy(write->buf + SSL3_RECORD_HEADER_LENGTH, buf, contentLen);
- buf += contentLen;
- bytes -= contentLen;
- PORT_Assert( bytes >= 0 );
-
- ssl_GetSpecReadLock(ss); /********************************/
-
- cwSpec = ss->ssl3->cwSpec;
- cipher_def = cwSpec->cipher_def;
- /*
- * Add the MAC
- */
- rv = ssl3_ComputeRecordMAC(
- cwSpec, (ss->sec->isServer) ? cwSpec->server.write_mac_context
- : cwSpec->client.write_mac_context,
- type, cwSpec->version, cwSpec->write_seq_num,
- write->buf + SSL3_RECORD_HEADER_LENGTH, contentLen,
- write->buf + contentLen + SSL3_RECORD_HEADER_LENGTH, &macLen);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
- goto spec_locked_loser;
- }
- fragLen = contentLen + macLen; /* needs to be encrypted */
- PORT_Assert(fragLen <= MAX_FRAGMENT_LENGTH + 1024);
-
- /*
- * Pad the text (if we're doing a block cipher)
- * then Encrypt it
- */
- if (cipher_def->type == type_block) {
- int padding_length;
- int i;
- unsigned char * pBuf;
-
- /* Assume blockSize is a power of two */
- padding_length = cipher_def->block_size - 1 -
- ((fragLen) & (cipher_def->block_size - 1));
- fragLen += padding_length + 1;
- PORT_Assert((fragLen % cipher_def->block_size) == 0);
-
- /* Pad according to TLS rules (also acceptable to SSL3). */
- pBuf = &write->buf[fragLen + SSL3_RECORD_HEADER_LENGTH - 1];
- for (i = padding_length + 1; i > 0; --i) {
- *pBuf-- = padding_length;
- }
- }
- rv = cwSpec->encode(
- cwSpec->encodeContext, write->buf + SSL3_RECORD_HEADER_LENGTH,
- &cipherBytes, bufSize, write->buf + SSL3_RECORD_HEADER_LENGTH,
- fragLen);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_ENCRYPTION_FAILURE);
-spec_locked_loser:
- ssl_ReleaseSpecReadLock(ss);
- return SECFailure;
- }
- PORT_Assert(cipherBytes <= MAX_FRAGMENT_LENGTH + 1024);
-
- /*
- * XXX should we zero out our copy of the buffer after compressing
- * and encryption ??
- */
-
- ssl3_BumpSequenceNumber(&cwSpec->write_seq_num);
-
- ssl_ReleaseSpecReadLock(ss); /************************************/
-
- /* PORT_Assert(fragLen == cipherBytes); */
- write->len = cipherBytes + SSL3_RECORD_HEADER_LENGTH;
- write->buf[0] = type;
- write->buf[1] = MSB(cwSpec->version);
- write->buf[2] = LSB(cwSpec->version);
- write->buf[3] = MSB(cipherBytes);
- write->buf[4] = LSB(cipherBytes);
-
- PRINT_BUF(50, (ss, "send (encrypted) record data:", write->buf, write->len));
-
- /* If there's still some previously saved ciphertext,
- * or the caller doesn't want us to send the data yet,
- * then add all our new ciphertext to the amount previously saved.
- */
- if ((ss->pendingBuf.len > 0) ||
- (flags & ssl_SEND_FLAG_FORCE_INTO_BUFFER)) {
-
- rv = ssl_SaveWriteData(ss, &ss->pendingBuf,
- write->buf, write->len);
- if (rv != SECSuccess) {
- /* presumably a memory error, SEC_ERROR_NO_MEMORY */
- return SECFailure;
- }
- write->len = 0; /* All cipher text is saved away. */
-
- if (!(flags & ssl_SEND_FLAG_FORCE_INTO_BUFFER)) {
-
- ss->handshakeBegun = 1;
- count = ssl_SendSavedWriteData(ss, &ss->pendingBuf,
- &ssl_DefSend);
- if (count < 0 && PR_GetError() != PR_WOULD_BLOCK_ERROR) {
- ssl_MapLowLevelError(SSL_ERROR_SOCKET_WRITE_FAILURE);
- return SECFailure;
- }
- }
- } else if (write->len > 0) {
- ss->handshakeBegun = 1;
- count = ssl_DefSend(ss, write->buf, write->len,
- flags & ~ssl_SEND_FLAG_MASK);
- if (count < 0) {
- if (PR_GetError() != PR_WOULD_BLOCK_ERROR) {
- ssl_MapLowLevelError(SSL_ERROR_SOCKET_WRITE_FAILURE);
- return (sent > 0) ? sent : SECFailure;
- }
- /* we got PR_WOULD_BLOCK_ERROR, which means none was sent. */
- count = 0;
- }
- /* now take all the remaining unsent newly-generated ciphertext and
- * append it to the buffer of previously unsent ciphertext.
- */
- if ((unsigned)count < write->len) {
- rv = ssl_SaveWriteData(ss, &ss->pendingBuf,
- write->buf + (unsigned)count,
- write->len - (unsigned)count);
- if (rv != SECSuccess) {
- /* presumably a memory error, SEC_ERROR_NO_MEMORY */
- return SECFailure;
- }
- }
- write->len = 0;
- }
- sent += contentLen;
- if ((flags & ssl_SEND_FLAG_NO_BUFFER) &&
- (isBlocking || (ss->pendingBuf.len > 0))) {
- break;
- }
- }
- return sent;
-}
-
-/* Attempt to send the content of "in" in an SSL application_data record.
- * Returns "len" or SECFailure, never SECWouldBlock, nor SECSuccess.
- */
-int
-ssl3_SendApplicationData(sslSocket *ss, const unsigned char *in,
- PRInt32 len, PRInt32 flags)
-{
- PRInt32 sent = 0;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- while (len > 0) {
- PRInt32 count;
-
- if (sent > 0) {
- ssl_ReleaseXmitBufLock(ss);
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* PR_Yield(); */
- ssl_GetXmitBufLock(ss);
- }
- count = ssl3_SendRecord(ss, content_application_data, in, len,
- flags | ssl_SEND_FLAG_NO_BUFFER);
- if (count < 0) {
- return (sent > 0) ? sent : count;
- /* error code set by ssl3_SendRecord */
- }
- sent += count;
- len -= count;
- in += count;
- }
- return sent;
-}
-
-/* Attempt to send the content of sendBuf buffer in an SSL handshake record.
- * This function returns SECSuccess or SECFailure, never SECWouldBlock.
- * It used to always set sendBuf.len to 0, even when returning SECFailure.
- * Now it does not.
- *
- * Called from SSL3_SendAlert(), ssl3_SendChangeCipherSpecs(),
- * ssl3_AppendHandshake(), ssl3_SendClientHello(),
- * ssl3_SendHelloRequest(), ssl3_SendServerHelloDone(),
- * ssl3_SendFinished(),
- */
-static SECStatus
-ssl3_FlushHandshake(sslSocket *ss, PRInt32 flags)
-{
- PRInt32 rv;
- sslConnectInfo *ci;
-
- PORT_Assert(ss->sec != NULL);
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- ci = &ss->sec->ci;
-
- if (!ci->sendBuf.buf || !ci->sendBuf.len)
- return SECSuccess;
-
- rv = ssl3_SendRecord(ss, content_handshake, ci->sendBuf.buf,
- ci->sendBuf.len, flags);
- if (rv < 0) {
- return (SECStatus)rv; /* error code set by ssl3_SendRecord */
- }
- ci->sendBuf.len = 0;
- return SECSuccess;
-}
-
-/*
- * Called from ssl3_HandleAlert and from ssl3_HandleCertificate when
- * the remote client sends a negative response to our certificate request.
- * Returns SECFailure if the application has required client auth.
- * SECSuccess otherwise.
- */
-static SECStatus
-ssl3_HandleNoCertificate(sslSocket *ss)
-{
- if (ss->sec->peerCert != NULL) {
- if (ss->sec->peerKey != NULL) {
- SECKEY_DestroyPublicKey(ss->sec->peerKey);
- ss->sec->peerKey = NULL;
- }
- CERT_DestroyCertificate(ss->sec->peerCert);
- ss->sec->peerCert = NULL;
- }
- ssl3_CleanupPeerCerts(ss->ssl3);
-
- /* If the server has required client-auth blindly but doesn't
- * actually look at the certificate it won't know that no
- * certificate was presented so we shutdown the socket to ensure
- * an error. We only do this if we haven't already completed the
- * first handshake because if we're redoing the handshake we
- * know the server is paying attention to the certificate.
- */
- if ((ss->requireCertificate == 1) ||
- (!ss->firstHsDone && (ss->requireCertificate > 1))) {
- PRFileDesc * lower;
-
- ss->sec->uncache(ss->sec->ci.sid);
- SSL3_SendAlert(ss, alert_fatal, bad_certificate);
-
- lower = ss->fd->lower;
-#ifdef _WIN32
- lower->methods->shutdown(lower, PR_SHUTDOWN_SEND);
-#else
- lower->methods->shutdown(lower, PR_SHUTDOWN_BOTH);
-#endif
- PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/************************************************************************
- * Alerts
- */
-
-/*
-** Acquires both handshake and XmitBuf locks.
-** Called from: ssl3_IllegalParameter <-
-** ssl3_HandshakeFailure <-
-** ssl3_HandleAlert <- ssl3_HandleRecord.
-** ssl3_HandleChangeCipherSpecs <- ssl3_HandleRecord
-** ssl3_ConsumeHandshakeVariable <-
-** ssl3_HandleHelloRequest <-
-** ssl3_HandleServerHello <-
-** ssl3_HandleServerKeyExchange <-
-** ssl3_HandleCertificateRequest <-
-** ssl3_HandleServerHelloDone <-
-** ssl3_HandleClientHello <-
-** ssl3_HandleV2ClientHello <-
-** ssl3_HandleCertificateVerify <-
-** ssl3_HandleFortezzaClientKeyExchange <-
-** ssl3_HandleClientKeyExchange <-
-** ssl3_HandleCertificate <-
-** ssl3_HandleFinished <-
-** ssl3_HandleHandshakeMessage <-
-** ssl3_HandleRecord <-
-**
-*/
-SECStatus
-SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level, SSL3AlertDescription desc)
-{
- uint8 bytes[2];
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send alert record, level=%d desc=%d",
- SSL_GETPID(), ss->fd, level, desc));
-
- bytes[0] = level;
- bytes[1] = desc;
-
- ssl_GetSSL3HandshakeLock(ss);
- if (level == alert_fatal) {
- if (ss->sec->ci.sid) {
- ss->sec->uncache(ss->sec->ci.sid);
- }
- }
- ssl_GetXmitBufLock(ss);
- rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
- if (rv == SECSuccess) {
- PRInt32 sent;
- sent = ssl3_SendRecord(ss, content_alert, bytes, 2, 0);
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
- }
- ssl_ReleaseXmitBufLock(ss);
- ssl_ReleaseSSL3HandshakeLock(ss);
- return rv; /* error set by ssl3_FlushHandshake or ssl3_SendRecord */
-}
-
-/*
- * Send illegal_parameter alert. Set generic error number.
- */
-static SECStatus
-ssl3_IllegalParameter(sslSocket *ss)
-{
- PRBool isTLS;
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
- (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
- PORT_SetError(ss->sec->isServer ? SSL_ERROR_BAD_CLIENT
- : SSL_ERROR_BAD_SERVER );
- return SECFailure;
-}
-
-/*
- * Send handshake_Failure alert. Set generic error number.
- */
-static SECStatus
-ssl3_HandshakeFailure(sslSocket *ss)
-{
- (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
- PORT_SetError( ss->sec->isServer ? SSL_ERROR_BAD_CLIENT
- : SSL_ERROR_BAD_SERVER );
- return SECFailure;
-}
-
-/*
- * Send handshake_Failure alert. Set generic error number.
- */
-static SECStatus
-ssl3_DecodeError(sslSocket *ss)
-{
- (void)SSL3_SendAlert(ss, alert_fatal,
- ss->version > SSL_LIBRARY_VERSION_3_0 ? decode_error
- : illegal_parameter);
- PORT_SetError( ss->sec->isServer ? SSL_ERROR_BAD_CLIENT
- : SSL_ERROR_BAD_SERVER );
- return SECFailure;
-}
-
-/* Called from ssl3_HandleRecord.
-** Caller must hold both RecvBuf and Handshake locks.
-*/
-static SECStatus
-ssl3_HandleAlert(sslSocket *ss, sslBuffer *buf)
-{
- SSL3AlertLevel level;
- SSL3AlertDescription desc;
- int error;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle alert record", SSL_GETPID(), ss->fd));
-
- if (buf->len != 2) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_ALERT);
- return SECFailure;
- }
- level = (SSL3AlertLevel)buf->buf[0];
- desc = (SSL3AlertDescription)buf->buf[1];
- buf->len = 0;
- SSL_TRC(5, ("%d: SSL3[%d] received alert, level = %d, description = %d",
- SSL_GETPID(), ss->fd, level, desc));
-
- switch (desc) {
- case close_notify: ss->recvdCloseNotify = 1;
- error = SSL_ERROR_CLOSE_NOTIFY_ALERT; break;
- case unexpected_message: error = SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT;
- break;
- case bad_record_mac: error = SSL_ERROR_BAD_MAC_ALERT; break;
- case decryption_failed: error = SSL_ERROR_DECRYPTION_FAILED_ALERT;
- break;
- case record_overflow: error = SSL_ERROR_RECORD_OVERFLOW_ALERT; break;
- case decompression_failure: error = SSL_ERROR_DECOMPRESSION_FAILURE_ALERT;
- break;
- case handshake_failure: error = SSL_ERROR_HANDSHAKE_FAILURE_ALERT;
- break;
- case no_certificate: error = SSL_ERROR_NO_CERTIFICATE; break;
- case bad_certificate: error = SSL_ERROR_BAD_CERT_ALERT; break;
- case unsupported_certificate:error = SSL_ERROR_UNSUPPORTED_CERT_ALERT;break;
- case certificate_revoked: error = SSL_ERROR_REVOKED_CERT_ALERT; break;
- case certificate_expired: error = SSL_ERROR_EXPIRED_CERT_ALERT; break;
- case certificate_unknown: error = SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT;
- break;
- case illegal_parameter: error = SSL_ERROR_ILLEGAL_PARAMETER_ALERT;break;
-
- /* All alerts below are TLS only. */
- case unknown_ca: error = SSL_ERROR_UNKNOWN_CA_ALERT; break;
- case access_denied: error = SSL_ERROR_ACCESS_DENIED_ALERT; break;
- case decode_error: error = SSL_ERROR_DECODE_ERROR_ALERT; break;
- case decrypt_error: error = SSL_ERROR_DECRYPT_ERROR_ALERT; break;
- case export_restriction: error = SSL_ERROR_EXPORT_RESTRICTION_ALERT;
- break;
- case protocol_version: error = SSL_ERROR_PROTOCOL_VERSION_ALERT; break;
- case insufficient_security: error = SSL_ERROR_INSUFFICIENT_SECURITY_ALERT;
- break;
- case internal_error: error = SSL_ERROR_INTERNAL_ERROR_ALERT; break;
- case user_canceled: error = SSL_ERROR_USER_CANCELED_ALERT; break;
- case no_renegotiation: error = SSL_ERROR_NO_RENEGOTIATION_ALERT; break;
- default: error = SSL_ERROR_RX_UNKNOWN_ALERT; break;
- }
- if (level == alert_fatal) {
- ss->sec->uncache(ss->sec->ci.sid);
- if ((ss->ssl3->hs.ws == wait_server_hello) &&
- (desc == handshake_failure)) {
- /* XXX This is a hack. We're assuming that any handshake failure
- * XXX on the client hello is a failure to match ciphers.
- */
- error = SSL_ERROR_NO_CYPHER_OVERLAP;
- }
- PORT_SetError(error);
- return SECFailure;
- }
- if ((desc == no_certificate) && (ss->ssl3->hs.ws == wait_client_cert)) {
- /* I'm a server. I've requested a client cert. He hasn't got one. */
- SECStatus rv;
-
- PORT_Assert(ss->sec->isServer);
- ss->ssl3->hs.ws = wait_client_key;
- rv = ssl3_HandleNoCertificate(ss);
- return rv;
- }
- return SECSuccess;
-}
-
-/*
- * Change Cipher Specs
- * Called from ssl3_HandleServerHelloDone,
- * ssl3_HandleClientHello,
- * and ssl3_HandleFinished
- *
- * Acquires and releases spec write lock, to protect switching the current
- * and pending write spec pointers.
- */
-
-static SECStatus
-ssl3_SendChangeCipherSpecs(sslSocket *ss)
-{
- uint8 change = change_cipher_spec_choice;
- ssl3State * ssl3 = ss->ssl3;
- ssl3CipherSpec * pwSpec;
- SECStatus rv;
- PRInt32 sent;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send change_cipher_spec record",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
- sent = ssl3_SendRecord(ss, content_change_cipher_spec, &change, 1,
- ssl_SEND_FLAG_FORCE_INTO_BUFFER);
- if (sent < 0) {
- return (SECStatus)sent; /* error code set by ssl3_SendRecord */
- }
-
- /* swap the pending and current write specs. */
- ssl_GetSpecWriteLock(ss); /**************************************/
- pwSpec = ss->ssl3->pwSpec;
- pwSpec->write_seq_num.high = 0;
- pwSpec->write_seq_num.low = 0;
-
- ssl3->pwSpec = ssl3->cwSpec;
- ssl3->cwSpec = pwSpec;
-
- SSL_TRC(3, ("%d: SSL3[%d] Set Current Write Cipher Suite to Pending",
- SSL_GETPID(), ss->fd ));
-
- /* We need to free up the contexts, keys and certs ! */
- /* If we are really through with the old cipher spec
- * (Both the read and write sides have changed) destroy it.
- */
- if (ss->ssl3->prSpec == ss->ssl3->pwSpec) {
- ssl3_DestroyCipherSpec(ss->ssl3->pwSpec);
- }
- ssl_ReleaseSpecWriteLock(ss); /**************************************/
-
- return SECSuccess;
-}
-
-/* Called from ssl3_HandleRecord.
-** Caller must hold both RecvBuf and Handshake locks.
- *
- * Acquires and releases spec write lock, to protect switching the current
- * and pending write spec pointers.
-*/
-static SECStatus
-ssl3_HandleChangeCipherSpecs(sslSocket *ss, sslBuffer *buf)
-{
- ssl3CipherSpec * prSpec;
- SSL3WaitState ws = ss->ssl3->hs.ws;
- SSL3ChangeCipherSpecChoice change;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle change_cipher_spec record",
- SSL_GETPID(), ss->fd));
-
- if (ws != wait_change_cipher && ws != wait_cert_verify) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER);
- return SECFailure;
- }
-
- if(buf->len != 1) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
- return SECFailure;
- }
- change = (SSL3ChangeCipherSpecChoice)buf->buf[0];
- if (change != change_cipher_spec_choice) {
- /* illegal_parameter is correct here for both SSL3 and TLS. */
- (void)ssl3_IllegalParameter(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER);
- return SECFailure;
- }
- buf->len = 0;
-
- /* Swap the pending and current read specs. */
- ssl_GetSpecWriteLock(ss); /*************************************/
- prSpec = ss->ssl3->prSpec;
- prSpec->read_seq_num.high = prSpec->read_seq_num.low = 0;
-
- ss->ssl3->prSpec = ss->ssl3->crSpec;
- ss->ssl3->crSpec = prSpec;
- ss->ssl3->hs.ws = wait_finished;
-
- SSL_TRC(3, ("%d: SSL3[%d] Set Current Read Cipher Suite to Pending",
- SSL_GETPID(), ss->fd ));
-
- /* If we are really through with the old cipher prSpec
- * (Both the read and write sides have changed) destroy it.
- */
- if (ss->ssl3->prSpec == ss->ssl3->pwSpec) {
- ssl3_DestroyCipherSpec(ss->ssl3->prSpec);
- }
- ssl_ReleaseSpecWriteLock(ss); /*************************************/
- return SECSuccess;
-}
-
-/*
- * Key generation given pre master secret, or master secret (if !pms).
- * Sets a useful error code when returning SECFailure.
- *
- * Called only from ssl3_InitPendingCipherSpec(),
- *
- * which in turn is called from
- * ssl3_SendClientKeyExchange (for Full handshake)
- * ssl3_HandleClientKeyExchange (for Full handshake)
- * ssl3_HandleServerHello (for session restart)
- * ssl3_HandleClientHello (for session restart)
- * Caller MUST hold the specWriteLock, and SSL3HandshakeLock.
- * ssl3_InitPendingCipherSpec does that.
- */
-static SECStatus
-ssl3_GenerateSessionKeys(sslSocket *ss, const PK11SymKey *pms)
-{
- ssl3CipherSpec * pwSpec = ss->ssl3->pwSpec;
- const ssl3BulkCipherDef *cipher_def = pwSpec->cipher_def;
- const ssl3KEADef * kea_def = ss->ssl3->hs.kea_def;
- unsigned char * cr = (unsigned char *)&ss->ssl3->hs.client_random;
- unsigned char * sr = (unsigned char *)&ss->ssl3->hs.server_random;
- PK11SymKey * symKey = NULL;
- PK11SlotInfo * slot = NULL;
- void * pwArg = ss->pkcs11PinArg;
- PRBool isTLS = (PRBool)(kea_def->tls_keygen ||
- (pwSpec->version > SSL_LIBRARY_VERSION_3_0));
- PRBool skipKeysAndIVs = (PRBool)
- ((cipher_def->calg == calg_fortezza) ||
- (cipher_def->calg == calg_null));
- PRBool isDH = (PRBool) (ss->ssl3->hs.kea_def->exchKeyType == kt_dh);
- CK_MECHANISM_TYPE master_derive;
- CK_MECHANISM_TYPE key_derive;
- CK_MECHANISM_TYPE bulk_mechanism;
- SECItem params;
- int keySize;
- CK_FLAGS keyFlags;
- CK_VERSION pms_version;
- CK_SSL3_KEY_MAT_PARAMS key_material_params;
- CK_SSL3_KEY_MAT_OUT returnedKeys;
- CK_SSL3_MASTER_KEY_DERIVE_PARAMS master_params;
- SSLCipherAlgorithm calg;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
- PORT_Assert( ssl_HaveSpecWriteLock(ss));
- PORT_Assert(ss->ssl3->prSpec == ss->ssl3->pwSpec);
- if (isTLS) {
- if(isDH) master_derive = CKM_TLS_MASTER_KEY_DERIVE_DH;
- else master_derive = CKM_TLS_MASTER_KEY_DERIVE;
- key_derive = CKM_TLS_KEY_AND_MAC_DERIVE;
- keyFlags = CKF_SIGN | CKF_VERIFY;
- } else {
- if (isDH) master_derive = CKM_SSL3_MASTER_KEY_DERIVE_DH;
- else master_derive = CKM_SSL3_MASTER_KEY_DERIVE;
- key_derive = CKM_SSL3_KEY_AND_MAC_DERIVE;
- keyFlags = 0;
- }
-
- if (pms || !pwSpec->master_secret) {
- master_params.pVersion = &pms_version;
- master_params.RandomInfo.pClientRandom = cr;
- master_params.RandomInfo.ulClientRandomLen = SSL3_RANDOM_LENGTH;
- master_params.RandomInfo.pServerRandom = sr;
- master_params.RandomInfo.ulServerRandomLen = SSL3_RANDOM_LENGTH;
-
- params.data = (unsigned char *) &master_params;
- params.len = sizeof master_params;
- }
-
- if (pms != NULL) {
- pwSpec->master_secret = PK11_DeriveWithFlags((PK11SymKey *)pms,
- master_derive, &params, key_derive,
- CKA_DERIVE, 0, keyFlags);
- if (!isDH && pwSpec->master_secret && ss->detectRollBack) {
- SSL3ProtocolVersion client_version;
- client_version = pms_version.major << 8 | pms_version.minor;
- if (client_version != ss->clientHelloVersion) {
- /* Destroy it. Version roll-back detected. */
- PK11_FreeSymKey(pwSpec->master_secret);
- pwSpec->master_secret = NULL;
- }
- }
- if (pwSpec->master_secret == NULL) {
- /* Generate a faux master secret in the same slot as the old one. */
- PK11SlotInfo * slot = PK11_GetSlotFromKey((PK11SymKey *)pms);
- PK11SymKey * fpms = ssl3_GenerateRSAPMS(ss, pwSpec, slot);
-
- PK11_FreeSlot(slot);
- if (fpms != NULL) {
- pwSpec->master_secret = PK11_DeriveWithFlags(fpms,
- master_derive, &params, key_derive,
- CKA_DERIVE, 0, keyFlags);
- PK11_FreeSymKey(fpms);
- }
- }
- }
- if (pwSpec->master_secret == NULL) {
- /* Generate a faux master secret from the internal slot. */
- PK11SlotInfo * slot = PK11_GetInternalSlot();
- PK11SymKey * fpms = ssl3_GenerateRSAPMS(ss, pwSpec, slot);
-
- PK11_FreeSlot(slot);
- if (fpms != NULL) {
- pwSpec->master_secret = PK11_DeriveWithFlags(fpms,
- master_derive, &params, key_derive,
- CKA_DERIVE, 0, keyFlags);
- if (pwSpec->master_secret == NULL) {
- pwSpec->master_secret = fpms; /* use the fpms as the master. */
- fpms = NULL;
- }
- }
- if (fpms) {
- PK11_FreeSymKey(fpms);
- }
- }
- if (pwSpec->master_secret == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
- return SECFailure;
- }
-
- /*
- * generate the key material
- */
- key_material_params.ulMacSizeInBits = pwSpec->mac_size * BPB;
- key_material_params.ulKeySizeInBits = cipher_def->secret_key_size* BPB;
- key_material_params.ulIVSizeInBits = cipher_def->iv_size * BPB;
-
- key_material_params.bIsExport = (CK_BBOOL)(kea_def->is_limited);
- /* was: (CK_BBOOL)(cipher_def->keygen_mode != kg_strong); */
-
- key_material_params.RandomInfo.pClientRandom = cr;
- key_material_params.RandomInfo.ulClientRandomLen = SSL3_RANDOM_LENGTH;
- key_material_params.RandomInfo.pServerRandom = sr;
- key_material_params.RandomInfo.ulServerRandomLen = SSL3_RANDOM_LENGTH;
- key_material_params.pReturnedKeyMaterial = &returnedKeys;
-
- returnedKeys.pIVClient = pwSpec->client.write_iv;
- returnedKeys.pIVServer = pwSpec->server.write_iv;
- keySize = cipher_def->key_size;
-
- if (skipKeysAndIVs) {
- keySize = 0;
- key_material_params.ulKeySizeInBits = 0;
- key_material_params.ulIVSizeInBits = 0;
- returnedKeys.pIVClient = NULL;
- returnedKeys.pIVServer = NULL;
- }
-
- calg = cipher_def->calg;
- PORT_Assert( alg2Mech[calg].calg == calg);
- bulk_mechanism = alg2Mech[calg].cmech;
-
- params.data = (unsigned char *)&key_material_params;
- params.len = sizeof(key_material_params);
-
- /* CKM_SSL3_KEY_AND_MAC_DERIVE is defined to set ENCRYPT, DECRYPT, and
- * DERIVE by DEFAULT */
- symKey = PK11_Derive(pwSpec->master_secret, key_derive, &params,
- bulk_mechanism, CKA_ENCRYPT, keySize);
- if (!symKey) {
- ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
- return SECFailure;
- }
- /* we really should use the actual mac'ing mechanism here, but we
- * don't because these types are used to map keytype anyway and both
- * mac's map to the same keytype.
- */
- slot = PK11_GetSlotFromKey(symKey);
-
- PK11_FreeSlot(slot); /* slot is held until the key is freed */
- pwSpec->client.write_mac_key =
- PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
- CKM_SSL3_SHA1_MAC, returnedKeys.hClientMacSecret, PR_TRUE, pwArg);
- if (pwSpec->client.write_mac_key == NULL ) {
- goto loser; /* loser sets err */
- }
- pwSpec->server.write_mac_key =
- PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
- CKM_SSL3_SHA1_MAC, returnedKeys.hServerMacSecret, PR_TRUE, pwArg);
- if (pwSpec->server.write_mac_key == NULL ) {
- goto loser; /* loser sets err */
- }
- if (!skipKeysAndIVs) {
- pwSpec->client.write_key =
- PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
- bulk_mechanism, returnedKeys.hClientKey, PR_TRUE, pwArg);
- if (pwSpec->client.write_key == NULL ) {
- goto loser; /* loser sets err */
- }
- pwSpec->server.write_key =
- PK11_SymKeyFromHandle(slot, symKey, PK11_OriginDerive,
- bulk_mechanism, returnedKeys.hServerKey, PR_TRUE, pwArg);
- if (pwSpec->server.write_key == NULL ) {
- goto loser; /* loser sets err */
- }
- }
- PK11_FreeSymKey(symKey);
- return SECSuccess;
-
-
-loser:
- if (symKey) PK11_FreeSymKey(symKey);
- ssl_MapLowLevelError(SSL_ERROR_SESSION_KEY_GEN_FAILURE);
- return SECFailure;
-}
-
-/*
- * Handshake messages
- */
-/* Called from ssl3_AppendHandshake()
-** ssl3_StartHandshakeHash()
-** ssl3_HandleV2ClientHello()
-** ssl3_HandleHandshakeMessage()
-** Caller must hold the ssl3Handshake lock.
-*/
-static SECStatus
-ssl3_UpdateHandshakeHashes(sslSocket *ss, unsigned char *b, unsigned int l)
-{
- ssl3State *ssl3 = ss->ssl3;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- PRINT_BUF(90, (NULL, "MD5 & SHA handshake hash input:", b, l));
-
- rv = PK11_DigestOp(ssl3->hs.md5, b, l);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- return rv;
- }
- rv = PK11_DigestOp(ssl3->hs.sha, b, l);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- return rv;
- }
- return rv;
-}
-
-/**************************************************************************
- * Append Handshake functions.
- * All these functions set appropriate error codes.
- * Most rely on ssl3_AppendHandshake to set the error code.
- **************************************************************************/
-static SECStatus
-ssl3_AppendHandshake(sslSocket *ss, const void *void_src, PRInt32 bytes)
-{
- sslConnectInfo * ci = &ss->sec->ci;
- unsigned char * src = (unsigned char *)void_src;
- int room = ci->sendBuf.space - ci->sendBuf.len;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) ); /* protects sendBuf. */
-
- if (ci->sendBuf.space < MAX_SEND_BUF_LENGTH && room < bytes) {
- rv = sslBuffer_Grow(&ci->sendBuf, PR_MAX(MIN_SEND_BUF_LENGTH,
- PR_MIN(MAX_SEND_BUF_LENGTH,
- ci->sendBuf.len + bytes)));
- if (rv != SECSuccess)
- return rv; /* sslBuffer_Grow has set a memory error code. */
- room = ci->sendBuf.space - ci->sendBuf.len;
- }
-
- PRINT_BUF(60, (ss, "Append to Handshake", (unsigned char*)void_src, bytes));
- rv = ssl3_UpdateHandshakeHashes(ss, src, bytes);
- if (rv != SECSuccess)
- return rv; /* error code set by ssl3_UpdateHandshakeHashes */
-
- while (bytes > room) {
- if (room > 0)
- PORT_Memcpy(ci->sendBuf.buf + ci->sendBuf.len, src, room);
- ci->sendBuf.len += room;
- rv = ssl3_FlushHandshake(ss, ssl_SEND_FLAG_FORCE_INTO_BUFFER);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
- bytes -= room;
- src += room;
- room = ci->sendBuf.space;
- PORT_Assert(ci->sendBuf.len == 0);
- }
- PORT_Memcpy(ci->sendBuf.buf + ci->sendBuf.len, src, bytes);
- ci->sendBuf.len += bytes;
- return SECSuccess;
-}
-
-static SECStatus
-ssl3_AppendHandshakeNumber(sslSocket *ss, PRInt32 num, PRInt32 lenSize)
-{
- SECStatus rv;
- uint8 b[4];
- uint8 * p = b;
-
- switch (lenSize) {
- case 4:
- *p++ = (num >> 24) & 0xff;
- case 3:
- *p++ = (num >> 16) & 0xff;
- case 2:
- *p++ = (num >> 8) & 0xff;
- case 1:
- *p = num & 0xff;
- }
- SSL_TRC(60, ("%d: number:", SSL_GETPID()));
- rv = ssl3_AppendHandshake(ss, &b[0], lenSize);
- return rv; /* error code set by AppendHandshake, if applicable. */
-}
-
-static SECStatus
-ssl3_AppendHandshakeVariable(
- sslSocket *ss, const SSL3Opaque *src, PRInt32 bytes, PRInt32 lenSize)
-{
- SECStatus rv;
-
- PORT_Assert((bytes < (1<<8) && lenSize == 1) ||
- (bytes < (1L<<16) && lenSize == 2) ||
- (bytes < (1L<<24) && lenSize == 3));
-
- SSL_TRC(60,("%d: append variable:", SSL_GETPID()));
- rv = ssl3_AppendHandshakeNumber(ss, bytes, lenSize);
- if (rv != SECSuccess) {
- return rv; /* error code set by AppendHandshake, if applicable. */
- }
- SSL_TRC(60, ("data:"));
- rv = ssl3_AppendHandshake(ss, src, bytes);
- return rv; /* error code set by AppendHandshake, if applicable. */
-}
-
-static SECStatus
-ssl3_AppendHandshakeHeader(sslSocket *ss, SSL3HandshakeType t, PRUint32 length)
-{
- SECStatus rv;
-
- SSL_TRC(30,("%d: SSL3[%d]: append handshake header: type %s",
- SSL_GETPID(), ss->fd, ssl3_DecodeHandshakeType(t)));
- PRINT_BUF(60, (ss, "MD5 handshake hash:",
- (unsigned char*)ss->ssl3->hs.md5, MD5_LENGTH));
- PRINT_BUF(95, (ss, "SHA handshake hash:",
- (unsigned char*)ss->ssl3->hs.sha, SHA1_LENGTH));
-
- rv = ssl3_AppendHandshakeNumber(ss, t, 1);
- if (rv != SECSuccess) {
- return rv; /* error code set by AppendHandshake, if applicable. */
- }
- rv = ssl3_AppendHandshakeNumber(ss, length, 3);
- return rv; /* error code set by AppendHandshake, if applicable. */
-}
-
-/**************************************************************************
- * Consume Handshake functions.
- *
- * All data used in these functions is protected by two locks,
- * the RecvBufLock and the SSL3HandshakeLock
- **************************************************************************/
-
-/* Read up the next "bytes" number of bytes from the (decrypted) input
- * stream "b" (which is *length bytes long). Copy them into buffer "v".
- * Reduces *length by bytes. Advances *b by bytes.
- *
- * If this function returns SECFailure, it has already sent an alert,
- * and has set a generic error code. The caller should probably
- * override the generic error code by setting another.
- */
-static SECStatus
-ssl3_ConsumeHandshake(sslSocket *ss, void *v, PRInt32 bytes, SSL3Opaque **b,
- PRUint32 *length)
-{
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (bytes > *length) {
- return ssl3_DecodeError(ss);
- }
- PORT_Memcpy(v, *b, bytes);
- PRINT_BUF(60, (ss, "consume bytes:", *b, bytes));
- *b += bytes;
- *length -= bytes;
- return SECSuccess;
-}
-
-/* Read up the next "bytes" number of bytes from the (decrypted) input
- * stream "b" (which is *length bytes long), and interpret them as an
- * integer in network byte order. Returns the received value.
- * Reduces *length by bytes. Advances *b by bytes.
- *
- * Returns SECFailure (-1) on failure.
- * This value is indistinguishable from the equivalent received value.
- * Only positive numbers are to be received this way.
- * Thus, the largest value that may be sent this way is 0x7fffffff.
- * On error, an alert has been sent, and a generic error code has been set.
- */
-static PRInt32
-ssl3_ConsumeHandshakeNumber(sslSocket *ss, PRInt32 bytes, SSL3Opaque **b,
- PRUint32 *length)
-{
- PRInt32 num = 0;
- int i;
- SECStatus status;
- uint8 buf[4];
-
- status = ssl3_ConsumeHandshake(ss, buf, bytes, b, length);
- if (status != SECSuccess) {
- /* ssl3_DecodeError has already been called */
- return SECFailure;
- }
- for (i = 0; i < bytes; i++)
- num = (num << 8) + buf[i];
- return num;
-}
-
-/* Read in two values from the incoming decrypted byte stream "b", which is
- * *length bytes long. The first value is a number whose size is "bytes"
- * bytes long. The second value is a byte-string whose size is the value
- * of the first number received. The latter byte-string, and its length,
- * is returned in the SECItem i.
- *
- * Returns SECFailure (-1) on failure.
- * On error, an alert has been sent, and a generic error code has been set.
- */
-static SECStatus
-ssl3_ConsumeHandshakeVariable(sslSocket *ss, SECItem *i, PRInt32 bytes,
- SSL3Opaque **b, PRUint32 *length)
-{
- PRInt32 count;
- SECStatus rv;
-
- PORT_Assert(bytes <= 3);
- i->len = 0;
- i->data = NULL;
- count = ssl3_ConsumeHandshakeNumber(ss, bytes, b, length);
- if (count < 0) { /* Can't test for SECSuccess here. */
- return SECFailure;
- }
- if (count > 0) {
- i->data = (unsigned char*)PORT_Alloc(count);
- if (i->data == NULL) {
- /* XXX inconsistent. In other places, we don't send alerts for
- * our own memory failures. But here we do... */
- (void)SSL3_SendAlert(ss, alert_fatal, handshake_failure);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
- i->len = count;
- rv = ssl3_ConsumeHandshake(ss, i->data, i->len, b, length);
- if (rv != SECSuccess) {
- PORT_Free(i->data);
- i->data = NULL;
- return rv; /* alert has already been sent. */
- }
- }
- return SECSuccess;
-}
-
-/**************************************************************************
- * end of Consume Handshake functions.
- **************************************************************************/
-
-/* Extract the hashes of handshake messages to this point.
- * Called from ssl3_SendCertificateVerify
- * ssl3_SendFinished
- * ssl3_HandleHandshakeMessage
- *
- * Caller must hold the SSL3HandshakeLock.
- * Caller must hold a read or write lock on the Spec R/W lock.
- * (There is presently no way to assert on a Read lock.)
- */
-static SECStatus
-ssl3_ComputeHandshakeHashes(sslSocket * ss,
- ssl3CipherSpec *spec, /* uses ->master_secret */
- SSL3Hashes * hashes, /* output goes here. */
- uint32 sender)
-{
- ssl3State * ssl3 = ss->ssl3;
- PK11Context * md5;
- PK11Context * sha = NULL;
- SECStatus rv = SECSuccess;
- unsigned int outLength;
- PRBool isTLS;
- SSL3Opaque md5_inner[MAX_MAC_LENGTH];
- SSL3Opaque sha_inner[MAX_MAC_LENGTH];
- unsigned char s[4];
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- isTLS = (PRBool)(spec->version > SSL_LIBRARY_VERSION_3_0);
-
- md5 = PK11_CloneContext(ssl3->hs.md5);
- if (md5 == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- return SECFailure;
- }
-
- sha = PK11_CloneContext(ssl3->hs.sha);
- if (sha == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- goto loser;
- }
-
- if (!isTLS) {
- /* compute hashes for SSL3. */
-
- s[0] = (unsigned char)(sender >> 24);
- s[1] = (unsigned char)(sender >> 16);
- s[2] = (unsigned char)(sender >> 8);
- s[3] = (unsigned char)sender;
-
- if (sender != 0) {
- rv |= PK11_DigestOp(md5, s, 4);
- PRINT_BUF(95, (NULL, "MD5 inner: sender", s, 4));
- }
-
- PRINT_BUF(95, (NULL, "MD5 inner: MAC Pad 1", mac_pad_1, mac_defs[mac_md5].pad_size));
-
- rv |= PK11_DigestKey(md5,spec->master_secret);
- rv |= PK11_DigestOp(md5, mac_pad_1, mac_defs[mac_md5].pad_size);
- rv |= PK11_DigestFinal(md5, md5_inner, &outLength, MD5_LENGTH);
- PORT_Assert(rv != SECSuccess || outLength == MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
-
- PRINT_BUF(95, (NULL, "MD5 inner: result", md5_inner, outLength));
-
- if (sender != 0) {
- rv |= PK11_DigestOp(sha, s, 4);
- PRINT_BUF(95, (NULL, "SHA inner: sender", s, 4));
- }
-
- PRINT_BUF(95, (NULL, "SHA inner: MAC Pad 1", mac_pad_1, mac_defs[mac_sha].pad_size));
-
-
- rv |= PK11_DigestKey(sha, spec->master_secret);
- rv |= PK11_DigestOp(sha, mac_pad_1, mac_defs[mac_sha].pad_size);
- rv |= PK11_DigestFinal(sha, sha_inner, &outLength, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLength == SHA1_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
-
- PRINT_BUF(95, (NULL, "SHA inner: result", sha_inner, outLength));
-
- PRINT_BUF(95, (NULL, "MD5 outer: MAC Pad 2", mac_pad_2, mac_defs[mac_md5].pad_size));
- PRINT_BUF(95, (NULL, "MD5 outer: MD5 inner", md5_inner, MD5_LENGTH));
-
- rv |= PK11_DigestBegin(md5);
- rv |= PK11_DigestKey(md5, spec->master_secret);
- rv |= PK11_DigestOp(md5, mac_pad_2, mac_defs[mac_md5].pad_size);
- rv |= PK11_DigestOp(md5, md5_inner, MD5_LENGTH);
- }
- rv |= PK11_DigestFinal(md5, hashes->md5, &outLength, MD5_LENGTH);
- PORT_Assert(rv != SECSuccess || outLength == MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
-
- PRINT_BUF(60, (NULL, "MD5 outer: result", hashes->md5, MD5_LENGTH));
-
- if (!isTLS) {
- PRINT_BUF(95, (NULL, "SHA outer: MAC Pad 2", mac_pad_2, mac_defs[mac_sha].pad_size));
- PRINT_BUF(95, (NULL, "SHA outer: SHA inner", sha_inner, SHA1_LENGTH));
-
- rv |= PK11_DigestBegin(sha);
- rv |= PK11_DigestKey(sha,spec->master_secret);
- rv |= PK11_DigestOp(sha, mac_pad_2, mac_defs[mac_sha].pad_size);
- rv |= PK11_DigestOp(sha, sha_inner, SHA1_LENGTH);
- }
- rv |= PK11_DigestFinal(sha, hashes->sha, &outLength, SHA1_LENGTH);
- PORT_Assert(rv != SECSuccess || outLength == SHA1_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
-
- PRINT_BUF(60, (NULL, "SHA outer: result", hashes->sha, SHA1_LENGTH));
-
- rv = SECSuccess;
-
-loser:
- if (md5) PK11_DestroyContext(md5, PR_TRUE);
- if (sha) PK11_DestroyContext(sha, PR_TRUE);
-
- return rv;
-}
-
-/*
- * SSL 2 based implementations pass in the initial outbound buffer
- * so that the handshake hash can contain the included information.
- *
- * Called from ssl2_BeginClientHandshake() in sslcon.c
- */
-SECStatus
-ssl3_StartHandshakeHash(sslSocket *ss, unsigned char * buf, int length)
-{
- SECStatus rv;
-
- ssl_GetSSL3HandshakeLock(ss); /**************************************/
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- goto done; /* ssl3_InitState has set the error code. */
- }
-
- PORT_Memset(&ss->ssl3->hs.client_random, 0, SSL3_RANDOM_LENGTH);
- PORT_Memcpy(
- &ss->ssl3->hs.client_random.rand[SSL3_RANDOM_LENGTH - SSL_CHALLENGE_BYTES],
- &ss->sec->ci.clientChallenge,
- SSL_CHALLENGE_BYTES);
-
- rv = ssl3_UpdateHandshakeHashes(ss, buf, length);
- /* if it failed, ssl3_UpdateHandshakeHashes has set the error code. */
-
-done:
- ssl_ReleaseSSL3HandshakeLock(ss); /**************************************/
- return rv;
-}
-
-/**************************************************************************
- * end of Handshake Hash functions.
- * Begin Send and Handle functions for handshakes.
- **************************************************************************/
-
-/* Called from ssl3_HandleHelloRequest(),
- * ssl3_HandleFinished() (for step-up)
- * ssl3_RedoHandshake()
- * ssl2_BeginClientHandshake (when resuming ssl3 session)
- */
-SECStatus
-ssl3_SendClientHello(sslSocket *ss)
-{
- sslSecurityInfo *sec = ss->sec;
- sslSessionID * sid;
- ssl3CipherSpec * cwSpec;
- SECStatus rv;
- int i;
- int length;
- int num_suites;
- int actual_count = 0;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send client_hello handshake", SSL_GETPID(),
- ss->fd));
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- return rv; /* ssl3_InitState has set the error code. */
- }
-
- SSL_TRC(30,("%d: SSL3[%d]: reset handshake hashes",
- SSL_GETPID(), ss->fd ));
- rv = PK11_DigestBegin(ss->ssl3->hs.md5);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- return rv;
- }
- rv = PK11_DigestBegin(ss->ssl3->hs.sha);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- return rv;
- }
-
- PORT_Assert(sec);
-
- /* We ignore ss->sec->ci.sid here, and use ssl_Lookup because Lookup
- * handles expired entries and other details.
- * XXX If we've been called from ssl2_BeginClientHandshake, then
- * this lookup is duplicative and wasteful.
- */
- sid = (ss->noCache) ? NULL
- : ssl_LookupSID(&sec->ci.peer, sec->ci.port, ss->peerID, ss->url);
-
- /* We can't resume based on a different token. If the sid exists,
- * make sure the token that holds the master secret still exists ...
- * If we previously did client-auth, make sure that the token that holds
- * the private key still exists, is logged in, hasn't been removed, etc.
- * Also for fortezza, make sure that the card that holds the session keys
- * exist as well... */
- if (sid) {
- PK11SlotInfo *slot;
- PRBool sidOK = PR_TRUE;
- slot = (!sid->u.ssl3.masterValid) ? NULL :
- SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
- sid->u.ssl3.masterSlotID);
- if (slot == NULL) {
- sidOK = PR_FALSE;
- } else {
- PK11SymKey *wrapKey = NULL;
- if (!PK11_IsPresent(slot) ||
- ((wrapKey = PK11_GetWrapKey(slot, sid->u.ssl3.masterWrapIndex,
- sid->u.ssl3.masterWrapMech,
- sid->u.ssl3.masterWrapSeries,
- ss->pkcs11PinArg)) == NULL) ) {
- sidOK = PR_FALSE;
- }
- if (wrapKey) PK11_FreeSymKey(wrapKey);
- PK11_FreeSlot(slot);
- slot = NULL;
- }
- /* do sid-has-FORTEZZA-slot check */
- if (sid->u.ssl3.hasFortezza) {
- /* do has fortezza check */
- if (!PK11_VerifyKeyOK(sid->u.ssl3.tek))
- sidOK = PR_FALSE;
- }
-
- /* If we previously did client-auth, make sure that the token that
- ** holds the private key still exists, is logged in, hasn't been
- ** removed, etc.
- */
- if (sidOK && sid->u.ssl3.clAuthValid) {
- slot = SECMOD_LookupSlot(sid->u.ssl3.clAuthModuleID,
- sid->u.ssl3.clAuthSlotID);
- if (slot == NULL ||
- !PK11_IsPresent(slot) ||
- sid->u.ssl3.clAuthSeries != PK11_GetSlotSeries(slot) ||
- sid->u.ssl3.clAuthSlotID != PK11_GetSlotID(slot) ||
- sid->u.ssl3.clAuthModuleID != PK11_GetModuleID(slot) ||
- !PK11_IsLoggedIn(slot, NULL)) {
- sidOK = PR_FALSE;
- }
- if (slot) {
- PK11_FreeSlot(slot);
- slot = NULL;
- }
- }
-
- if (!sidOK) {
- ++ssl3stats.sch_sid_cache_not_ok;
- (*ss->sec->uncache)(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- }
- }
-
- if (sid) {
- ++ssl3stats.sch_sid_cache_hits;
-
- rv = ssl3_NegotiateVersion(ss, sid->version);
- if (rv != SECSuccess)
- return rv; /* error code was set */
-
- PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl3.sessionID,
- sid->u.ssl3.sessionIDLength));
-
- ss->ssl3->policy = sid->u.ssl3.policy;
- } else {
- ++ssl3stats.sch_sid_cache_misses;
-
- rv = ssl3_NegotiateVersion(ss, SSL_LIBRARY_VERSION_3_1_TLS);
- if (rv != SECSuccess)
- return rv; /* error code was set */
-
- sid = ssl3_NewSessionID(ss, PR_FALSE);
- if (!sid) {
- return SECFailure; /* memory error is set */
- }
- }
-
- ssl_GetSpecWriteLock(ss);
- cwSpec = ss->ssl3->cwSpec;
- if (cwSpec->mac_def->mac == mac_null) {
- /* SSL records are not being MACed. */
- cwSpec->version = ss->version;
- }
- ssl_ReleaseSpecWriteLock(ss);
-
- if (sec->ci.sid != NULL) {
- ssl_FreeSID(sec->ci.sid); /* decrement ref count, free if zero */
- }
- sec->ci.sid = sid;
-
- sec->send = ssl3_SendApplicationData;
-
- /* shouldn't get here if SSL3 is disabled, but ... */
- PORT_Assert(ss->enableSSL3 || ss->enableTLS);
- if (!ss->enableSSL3 && !ss->enableTLS) {
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- return SECFailure;
- }
-
- /* how many suites does our PKCS11 support (regardless of policy)? */
- num_suites = ssl3_config_match_init(ss);
- if (!num_suites)
- return SECFailure; /* ssl3_config_match_init has set error code. */
-
- /* how many suites are permitted by policy and user preference? */
- num_suites = count_cipher_suites(ss, ss->ssl3->policy, PR_TRUE);
- if (!num_suites)
- return SECFailure; /* count_cipher_suites has set error code. */
-
- length = sizeof(SSL3ProtocolVersion) + SSL3_RANDOM_LENGTH +
- 1 + ((sid == NULL) ? 0 : sid->u.ssl3.sessionIDLength) +
- 2 + num_suites*sizeof(ssl3CipherSuite) +
- 1 + compressionMethodsCount;
-
- rv = ssl3_AppendHandshakeHeader(ss, client_hello, length);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
-
- ss->clientHelloVersion = ss->version;
- rv = ssl3_AppendHandshakeNumber(ss, ss->clientHelloVersion, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
- rv = ssl3_GetNewRandom(&ss->ssl3->hs.client_random);
- if (rv != SECSuccess) {
- return rv; /* err set by GetNewRandom. */
- }
- rv = ssl3_AppendHandshake(ss, &ss->ssl3->hs.client_random,
- SSL3_RANDOM_LENGTH);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
-
- if (sid)
- rv = ssl3_AppendHandshakeVariable(
- ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1);
- else
- rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
-
- rv = ssl3_AppendHandshakeNumber(ss, num_suites*sizeof(ssl3CipherSuite), 2);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
-
-
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
- if (config_match(suite, ss->ssl3->policy, PR_TRUE)) {
- actual_count++;
- if (actual_count > num_suites) {
- /* set error card removal/insertion error */
- PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
- return SECFailure;
- }
- rv = ssl3_AppendHandshakeNumber(ss, suite->cipher_suite,
- sizeof(ssl3CipherSuite));
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
- }
- }
-
- /* if cards were removed or inserted between count_cipher_suites and
- * generating our list, detect the error here rather than send it off to
- * the server.. */
- if (actual_count != num_suites) {
- /* Card removal/insertion error */
- PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL);
- return SECFailure;
- }
-
- rv = ssl3_AppendHandshakeNumber(ss, compressionMethodsCount, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
- for (i = 0; i < compressionMethodsCount; i++) {
- rv = ssl3_AppendHandshakeNumber(ss, compressions[i], 1);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_AppendHandshake* */
- }
- }
-
- rv = ssl3_FlushHandshake(ss, 0);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
-
- ss->ssl3->hs.ws = wait_server_hello;
- return rv;
-}
-
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Hello Request.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleHelloRequest(sslSocket *ss)
-{
- sslSessionID *sid = ss->sec->ci.sid;
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle hello_request handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert(ss->ssl3);
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ss->ssl3->hs.ws == wait_server_hello)
- return SECSuccess;
- if (ss->ssl3->hs.ws != idle_handshake || ss->sec->isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
- return SECFailure;
- }
- if (sid) {
- ss->sec->uncache(sid);
- ssl_FreeSID(sid);
- ss->sec->ci.sid = NULL;
- }
-
- ssl_GetXmitBufLock(ss);
- rv = ssl3_SendClientHello(ss);
- ssl_ReleaseXmitBufLock(ss);
-
- return rv;
-}
-
-#define UNKNOWN_WRAP_MECHANISM 0x7fffffff
-
-static const CK_MECHANISM_TYPE wrapMechanismList[SSL_NUM_WRAP_MECHS] = {
- CKM_DES3_ECB,
- CKM_CAST5_ECB,
- CKM_DES_ECB,
- CKM_KEY_WRAP_LYNKS,
- CKM_IDEA_ECB,
- CKM_CAST3_ECB,
- CKM_CAST_ECB,
- CKM_RC5_ECB,
- CKM_RC2_ECB,
- CKM_CDMF_ECB,
- CKM_SKIPJACK_WRAP,
- CKM_SKIPJACK_CBC64,
- UNKNOWN_WRAP_MECHANISM
-};
-
-static int
-ssl_FindIndexByWrapMechanism(CK_MECHANISM_TYPE mech)
-{
- const CK_MECHANISM_TYPE *pMech = wrapMechanismList;
-
- while (mech != *pMech && *pMech != UNKNOWN_WRAP_MECHANISM) {
- ++pMech;
- }
- return (*pMech == UNKNOWN_WRAP_MECHANISM) ? -1
- : (pMech - wrapMechanismList);
-}
-
-static PK11SymKey *
-ssl_UnwrapSymWrappingKey(
- SSLWrappedSymWrappingKey *pWswk,
- SECKEYPrivateKey * svrPrivKey,
- SSL3KEAType exchKeyType,
- CK_MECHANISM_TYPE masterWrapMech,
- void * pwArg)
-{
- PK11SymKey * unwrappedWrappingKey = NULL;
- SECItem wrappedKey;
-
- /* found the wrapping key on disk. */
- PORT_Assert(pWswk->symWrapMechanism == masterWrapMech);
- PORT_Assert(pWswk->exchKeyType == exchKeyType);
- if (pWswk->symWrapMechanism != masterWrapMech ||
- pWswk->exchKeyType != exchKeyType) {
- goto loser;
- }
- wrappedKey.type = siBuffer;
- wrappedKey.data = pWswk->wrappedSymmetricWrappingkey;
- wrappedKey.len = pWswk->wrappedSymKeyLen;
- PORT_Assert(wrappedKey.len <= sizeof pWswk->wrappedSymmetricWrappingkey);
-
- switch (exchKeyType) {
- PK11SymKey * Ks;
- PK11SlotInfo * slot;
- SECItem param;
-
- case kt_fortezza:
- /* get the slot that the fortezza server private key is in. */
- slot = PK11_GetSlotFromPrivateKey(svrPrivKey);
- if (slot == NULL) {
- SET_ERROR_CODE
- goto loser;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_CBC64, NULL, pwArg);
- PK11_FreeSlot(slot);
- if (Ks == NULL) {
- SET_ERROR_CODE
- goto loser;
- }
-
- /* unwrap client write key with the local Ks and IV */
- param.type = siBuffer;
- param.data = pWswk->wrapIV;
- param.len = pWswk->wrapIVLen;
- unwrappedWrappingKey =
- PK11_UnwrapSymKey(Ks, CKM_SKIPJACK_CBC64, &param, &wrappedKey,
- masterWrapMech, CKA_UNWRAP, 0);
- PK11_FreeSymKey(Ks);
- break;
-
- case kt_rsa:
- unwrappedWrappingKey =
- PK11_PubUnwrapSymKey(svrPrivKey, &wrappedKey,
- masterWrapMech, CKA_UNWRAP, 0);
- break;
- }
-loser:
- return unwrappedWrappingKey;
-}
-
-/* Each process sharing the server session ID cache has its own array of
- * SymKey pointers for the symmetric wrapping keys that are used to wrap
- * the master secrets. There is one key for each KEA type. These Symkeys
- * correspond to the wrapped SymKeys kept in the server session cache.
- */
-
-typedef struct {
- PK11SymKey * symWrapKey[kt_kea_size];
-} ssl3SymWrapKey;
-
-/* Try to get wrapping key for mechanism from in-memory array.
- * If that fails, look for one on disk.
- * If that fails, generate a new one, put the new one on disk,
- * Put the new key in the in-memory array.
- */
-static PK11SymKey *
-getWrappingKey( sslSocket * ss,
- PK11SlotInfo * masterSecretSlot,
- SSL3KEAType exchKeyType,
- CK_MECHANISM_TYPE masterWrapMech,
- void * pwArg)
-{
- CERTCertificate * svrCert;
- SECKEYPrivateKey * svrPrivKey;
- SECKEYPublicKey * svrPubKey = NULL;
- PK11SymKey * unwrappedWrappingKey = NULL;
- PK11SymKey ** pSymWrapKey;
- CK_MECHANISM_TYPE asymWrapMechanism;
- int length;
- int symWrapMechIndex;
- SECStatus rv;
- SECItem wrappedKey;
- SSLWrappedSymWrappingKey wswk;
-
- static PZLock * symWrapKeysLock;
- static ssl3SymWrapKey symWrapKeys[SSL_NUM_WRAP_MECHS];
-
- svrPrivKey = ss->serverCerts[exchKeyType].serverKey;
- PORT_Assert(svrPrivKey != NULL);
- if (!svrPrivKey) {
- return NULL; /* why are we here?!? */
- }
-
- symWrapMechIndex = ssl_FindIndexByWrapMechanism(masterWrapMech);
- PORT_Assert(symWrapMechIndex >= 0);
- if (symWrapMechIndex < 0)
- return NULL; /* invalid masterWrapMech. */
-
- pSymWrapKey = &symWrapKeys[symWrapMechIndex].symWrapKey[exchKeyType];
-
- /* atomically initialize the lock */
- if (!symWrapKeysLock)
- nss_InitLock(&symWrapKeysLock, nssILockOther);
-
- PZ_Lock(symWrapKeysLock);
-
- unwrappedWrappingKey = *pSymWrapKey;
- if (unwrappedWrappingKey != NULL) {
- if (PK11_VerifyKeyOK(unwrappedWrappingKey)) {
- unwrappedWrappingKey = PK11_ReferenceSymKey(unwrappedWrappingKey);
- goto done;
- }
- /* slot series has changed, so this key is no good any more. */
- PK11_FreeSymKey(unwrappedWrappingKey);
- *pSymWrapKey = unwrappedWrappingKey = NULL;
- }
-
- /* Try to get wrapped SymWrapping key out of the (disk) cache. */
- /* Following call fills in wswk on success. */
- if (ssl_GetWrappingKey(symWrapMechIndex, exchKeyType, &wswk)) {
- /* found the wrapped sym wrapping key on disk. */
- unwrappedWrappingKey =
- ssl_UnwrapSymWrappingKey(&wswk, svrPrivKey, exchKeyType,
- masterWrapMech, pwArg);
- if (unwrappedWrappingKey) {
- goto install;
- }
- }
-
- if (!masterSecretSlot) /* caller doesn't want to create a new one. */
- goto loser;
-
- length = PK11_GetBestKeyLength(masterSecretSlot, masterWrapMech);
- /* Zero length means fixed key length algorithm, or error.
- * It's ambiguous.
- */
- unwrappedWrappingKey = PK11_KeyGen(masterSecretSlot, masterWrapMech, NULL,
- length, pwArg);
- if (!unwrappedWrappingKey) {
- goto loser;
- }
-
- /* Prepare the buffer to receive the wrappedWrappingKey,
- * the symmetric wrapping key wrapped using the server's pub key.
- */
- PORT_Memset(&wswk, 0, sizeof wswk); /* eliminate UMRs. */
-
- svrCert = ss->serverCerts[exchKeyType].serverCert;
- svrPubKey = CERT_ExtractPublicKey(svrCert);
- if (svrPubKey == NULL) {
- /* CERT_ExtractPublicKey doesn't set error code */
- PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- goto loser;
- }
- wrappedKey.type = siBuffer;
- wrappedKey.len = SECKEY_PublicKeyStrength(svrPubKey);
- wrappedKey.data = wswk.wrappedSymmetricWrappingkey;
-
- PORT_Assert(wrappedKey.len <= sizeof wswk.wrappedSymmetricWrappingkey);
- if (wrappedKey.len > sizeof wswk.wrappedSymmetricWrappingkey)
- goto loser;
-
- /* wrap symmetric wrapping key in server's public key. */
- switch (exchKeyType) {
- PK11SymKey * Ks;
- PK11SlotInfo * fSlot;
- SECItem param;
-
- case kt_fortezza:
- /* get the slot that the fortezza server private key is in. */
- fSlot = PK11_GetSlotFromPrivateKey(svrPrivKey);
- if (fSlot == NULL) {
- SET_ERROR_CODE
- goto loser;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(fSlot, CKM_SKIPJACK_CBC64, NULL, pwArg);
- PK11_FreeSlot(fSlot);
- if (Ks == NULL) {
- SET_ERROR_CODE
- goto loser;
- }
-
- /* wrap symmetricWrapping key with the local Ks */
- param.type = siBuffer;
- param.data = wswk.wrapIV;
- param.len = sizeof wswk.wrapIV;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &param, Ks,
- unwrappedWrappingKey, &wrappedKey);
- wswk.wrapIVLen = param.len;
- PK11_FreeSymKey(Ks);
- asymWrapMechanism = CKM_SKIPJACK_CBC64;
- break;
-
- case kt_rsa:
- asymWrapMechanism = CKM_RSA_PKCS;
- rv = PK11_PubWrapSymKey(asymWrapMechanism, svrPubKey,
- unwrappedWrappingKey, &wrappedKey);
- break;
-
- default:
- rv = SECFailure;
- break;
- }
-
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- wswk.symWrapMechanism = masterWrapMech;
- wswk.symWrapMechIndex = symWrapMechIndex;
- wswk.asymWrapMechanism = asymWrapMechanism;
- wswk.exchKeyType = exchKeyType;
- wswk.wrappedSymKeyLen = wrappedKey.len;
-
- /* put it on disk. */
- /* If the wrapping key for this KEA type has already been set,
- * then abandon the value we just computed and
- * use the one we got from the disk.
- */
- if (ssl_SetWrappingKey(&wswk)) {
- /* somebody beat us to it. The original contents of our wswk
- * has been replaced with the content on disk. Now, discard
- * the key we just created and unwrap this new one.
- */
- PK11_FreeSymKey(unwrappedWrappingKey);
-
- unwrappedWrappingKey =
- ssl_UnwrapSymWrappingKey(&wswk, svrPrivKey, exchKeyType,
- masterWrapMech, pwArg);
- }
-
-install:
- if (unwrappedWrappingKey) {
- *pSymWrapKey = PK11_ReferenceSymKey(unwrappedWrappingKey);
- }
-
-loser:
-done:
- if (svrPubKey) {
- SECKEY_DestroyPublicKey(svrPubKey);
- svrPubKey = NULL;
- }
- PZ_Unlock(symWrapKeysLock);
- return unwrappedWrappingKey;
-}
-
-
-static SECStatus
-ssl3_FortezzaAppendHandshake(sslSocket *ss, unsigned char * data, int len)
-{
- SSL3FortezzaKeys *fortezza_CKE = NULL;
- SECStatus rv = SECFailure;
-
- rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
- (sizeof(*fortezza_CKE)-sizeof(fortezza_CKE->y_c)) + 1 + len);
- if (rv == SECSuccess) {
- rv = ssl3_AppendHandshakeVariable(ss, data, len, 1);
- }
- return rv; /* err set by ssl3_AppendHandshake* */
-}
-
-/* Called from ssl3_SendClientKeyExchange(). */
-static SECStatus
-sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey * svrPubKey)
-{
- PK11SymKey * pms = NULL;
- SECStatus rv = SECFailure;
- SECItem enc_pms = {siBuffer, NULL, 0};
- PRBool isTLS;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss));
-
- /* Generate the pre-master secret ... */
- ssl_GetSpecWriteLock(ss);
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- pms = ssl3_GenerateRSAPMS(ss, ss->ssl3->pwSpec, NULL);
- ssl_ReleaseSpecWriteLock(ss);
- if (pms == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* Get the wrapped (encrypted) pre-master secret, enc_pms */
- enc_pms.len = SECKEY_PublicKeyStrength(svrPubKey);
- enc_pms.data = (unsigned char*)PORT_Alloc(enc_pms.len);
- if (enc_pms.data == NULL) {
- goto loser; /* err set by PORT_Alloc */
- }
-
- /* wrap pre-master secret in server's public key. */
- rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, pms, &enc_pms);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms); pms = NULL;
-
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
- isTLS ? enc_pms.len + 2 : enc_pms.len);
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
- if (isTLS) {
- rv = ssl3_AppendHandshakeVariable(ss, enc_pms.data, enc_pms.len, 2);
- } else {
- rv = ssl3_AppendHandshake(ss, enc_pms.data, enc_pms.len);
- }
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
-
- rv = SECSuccess;
-
-loser:
- if (enc_pms.data != NULL) {
- PORT_Free(enc_pms.data);
- }
- if (pms != NULL) {
- PK11_FreeSymKey(pms);
- }
- return rv;
-}
-
-/* Called from ssl3_SendClientKeyExchange(). */
-static SECStatus
-sendDHClientKeyExchange(sslSocket * ss, SECKEYPublicKey * svrPubKey)
-{
- PK11SymKey * pms = NULL;
- SECStatus rv = SECFailure;
- PRBool isTLS;
- CK_MECHANISM_TYPE target;
-
- SECKEYDHParams dhParam; /* DH parameters */
- SECKEYPublicKey *pubKey = NULL; /* Ephemeral DH key */
- SECKEYPrivateKey *privKey = NULL; /* Ephemeral DH key */
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss));
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- /* Copy DH parameters from server key */
-
- dhParam.prime.data = svrPubKey->u.dh.prime.data;
- dhParam.prime.len = svrPubKey->u.dh.prime.len;
- dhParam.base.data = svrPubKey->u.dh.base.data;
- dhParam.base.len = svrPubKey->u.dh.base.len;
-
- /* Generate ephemeral DH keypair */
- privKey = SECKEY_CreateDHPrivateKey(&dhParam, &pubKey, NULL);
- if (!privKey || !pubKey) {
- ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
- rv = SECFailure;
- goto loser;
- }
- PRINT_BUF(50, (ss, "DH public value:",
- pubKey->u.dh.publicValue.data,
- pubKey->u.dh.publicValue.len));
-
- if (isTLS) target = CKM_TLS_MASTER_KEY_DERIVE_DH;
- else target = CKM_SSL3_MASTER_KEY_DERIVE_DH;
-
- /* Determine the PMS */
-
- pms = PK11_PubDerive(privKey, svrPubKey, PR_FALSE, NULL, NULL,
- CKM_DH_PKCS_DERIVE, target, CKA_DERIVE, 0, NULL);
-
- if (pms == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- SECKEY_DestroyPrivateKey(privKey);
- privKey = NULL;
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms); pms = NULL;
-
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- rv = ssl3_AppendHandshakeHeader(ss, client_key_exchange,
- pubKey->u.dh.publicValue.len + 2);
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
- rv = ssl3_AppendHandshakeVariable(ss,
- pubKey->u.dh.publicValue.data,
- pubKey->u.dh.publicValue.len, 2);
- SECKEY_DestroyPublicKey(pubKey);
- pubKey = NULL;
-
- if (rv != SECSuccess) {
- goto loser; /* err set by ssl3_AppendHandshake* */
- }
-
- rv = SECSuccess;
-
-
-loser:
-
- if(pms) PK11_FreeSymKey(pms);
- if(privKey) SECKEY_DestroyPrivateKey(privKey);
- if(pubKey) SECKEY_DestroyPublicKey(pubKey);
- return rv;
-}
-
-/* fortezza client-auth portion of ClientKeyExchange message
- * This function appends the KEA public key from the client's V3 cert
- * (empty for a V1 cert) to the outgoing ClientKeyExchange message.
- * For a V3 cert, it also computes the Fortezza public key hash of that key
- * and signs that hash with the client's signing private key.
- * It also finds and returns the client's KEA private key.
- *
- * Called from sendFortezzaClientKeyExchange <- ssl3_SendClientKeyExchange()
- */
-static SECKEYPrivateKey *
-sendFortezzaCKXClientAuth(sslSocket *ss, SSL3FortezzaKeys * fortezza_CKE)
-{
- SECKEYPublicKey * pubKey = NULL;
- SECKEYPrivateKey * privKeaKey = NULL;
- CERTCertificate * peerCert = ss->sec->peerCert;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv = SECFailure;
- SECItem sigItem;
- SECItem hashItem;
-
- /* extract our own local public key. */
- pubKey = CERT_ExtractPublicKey(ss->ssl3->clientCertificate);
- if (!pubKey) {
- ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- goto loser;
- }
-
- if (pubKey->keyType == fortezzaKey) {
- /* fortezza clientauth with fortezza V1 certificate */
- rv = ssl3_FortezzaAppendHandshake(ss, NULL, 0);
- if (rv != SECSuccess) {
- goto loser; /* err was set by AppendHandshake. */
- }
- privKeaKey = PK11_FindKeyByAnyCert(ss->ssl3->clientCertificate, pwArg);
- if (!privKeaKey) {
- ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
- }
-
- } else {
- /* fortezza clientauth w/ V3 certificate or non fortezza cert*/
- CERTCertificate * ccert = NULL;
- SECKEYPublicKey * foundPubKey = NULL;
- unsigned char hash[SHA1_LENGTH];
-
- ccert = PK11_FindBestKEAMatch(peerCert, pwArg);
- if (ccert == NULL) {
- PORT_SetError(SSL_ERROR_FORTEZZA_PQG);
- goto v3_loser;
- }
-
- foundPubKey = CERT_ExtractPublicKey(ccert);
- if (foundPubKey == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- goto v3_loser;
- }
-
- if (foundPubKey->keyType == keaKey) {
- rv = ssl3_FortezzaAppendHandshake(ss,
- foundPubKey->u.kea.publicValue.data,
- foundPubKey->u.kea.publicValue.len);
- if (rv != SECSuccess) {
- goto v3_loser; /* err was set by AppendHandshake. */
- }
-
- rv = ssl3_ComputeFortezzaPublicKeyHash(
- foundPubKey->u.kea.publicValue, hash);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto v3_loser;
- }
- } else {
- rv = ssl3_FortezzaAppendHandshake(ss,
- foundPubKey->u.fortezza.KEAKey.data,
- foundPubKey->u.fortezza.KEAKey.len);
- if (rv != SECSuccess) {
- goto v3_loser; /* err was set by AppendHandshake. */
- }
-
- rv = ssl3_ComputeFortezzaPublicKeyHash(
- foundPubKey->u.fortezza.KEAKey, hash);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto v3_loser;
- }
- }
-
- hashItem.data = (unsigned char *) hash;
- hashItem.len = SHA1_LENGTH;
-
- sigItem.data = fortezza_CKE->y_signature;
- sigItem.len = sizeof fortezza_CKE->y_signature;
-
- rv = PK11_Sign(ss->ssl3->clientPrivateKey, &sigItem, &hashItem);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto v3_loser;
- }
-
- privKeaKey = PK11_FindKeyByAnyCert(ccert, pwArg);
- if (!privKeaKey) {
- ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
- }
-
-v3_loser:
- if (foundPubKey)
- SECKEY_DestroyPublicKey(foundPubKey);
- if (ccert)
- CERT_DestroyCertificate(ccert);
- } /* fortezza clientauth w/ V3 certificate or non fortezza cert*/
-
-loser:
-
- if (pubKey)
- SECKEY_DestroyPublicKey(pubKey);
- return privKeaKey;
-} /* End of fortezza client-auth. */
-
-
-/* fortezza without client-auth */
-/* fortezza client-auth portion of ClientKeyExchange message
- * This function appends the public KEA key from the client's cert
- * to the outgoing ClientKeyExchange message.
- * It also finds and returns the client's KEA private key.
- *
- * Called from sendFortezzaClientKeyExchange <- ssl3_SendClientKeyExchange()
- */
-static SECKEYPrivateKey *
-sendFortezzaCKXNoClientAuth(sslSocket *ss)
-{
- SECKEYPublicKey * foundPubKey = NULL;
- SECKEYPrivateKey * privKeaKey = NULL;
- CERTCertificate * ccert = NULL;
- CERTCertificate * peerCert = ss->sec->peerCert;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv = SECFailure;
-
- ccert = PK11_FindBestKEAMatch(peerCert, pwArg);
- if (ccert == NULL) {
- PORT_SetError(SSL_ERROR_FORTEZZA_PQG);
- goto loser;
- }
-
- foundPubKey = CERT_ExtractPublicKey(ccert);
- if (foundPubKey == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- goto loser;
- }
-
- if (foundPubKey->keyType == fortezzaKey) {
- /* fortezza V1 cert */
- rv = ssl3_FortezzaAppendHandshake(ss,
- foundPubKey->u.fortezza.KEAKey.data,
- foundPubKey->u.fortezza.KEAKey.len);
- if (rv != SECSuccess) {
- goto loser; /* err was set by AppendHandshake. */
- }
- privKeaKey = PK11_FindKeyByAnyCert(ccert, pwArg);
- if (!privKeaKey) {
- ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
- }
- } else {
- /* fortezza V3 cert */
- rv = ssl3_FortezzaAppendHandshake(ss,
- foundPubKey->u.kea.publicValue.data,
- foundPubKey->u.kea.publicValue.len);
- if (rv != SECSuccess) {
- goto loser; /* err was set by AppendHandshake. */
- }
- privKeaKey = PK11_FindKeyByAnyCert(ccert, pwArg);
- if (!privKeaKey) {
- ssl_MapLowLevelError(SEC_ERROR_NO_KEY);
- }
- }
-
-loser:
- if (foundPubKey)
- SECKEY_DestroyPublicKey(foundPubKey);
- if (ccert)
- CERT_DestroyCertificate(ccert);
- return privKeaKey;
-}
-
-/* Called from ssl3_SendClientKeyExchange(). */
-static SECStatus
-sendFortezzaClientKeyExchange(sslSocket * ss, SECKEYPublicKey * serverKey)
-{
- ssl3CipherSpec * pwSpec;
- sslSessionID * sid = ss->sec->ci.sid;
- PK11SlotInfo * slot = NULL;
- PK11SymKey * pms = NULL;
- PK11SymKey * tek = NULL;
- PK11SymKey * client_write_key = NULL;
- PK11SymKey * server_write_key = NULL;
- SECKEYPrivateKey * privKeaKey = NULL;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv = SECFailure;
- CK_VERSION version;
- SECItem param;
- SECItem raItem;
- SECItem rbItem;
- SECItem enc_pms;
- SECItem item;
- SSL3FortezzaKeys fortezza_CKE;
- PRBool releaseSpecWriteLock = PR_FALSE;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- /* first get an appropriate slot for doing MACing.
- * Note: This slot will NOT be a Fortezza slot because Fortezza
- * cannot generate an SSL3 pre-master-secret.
- */
- slot = PK11_GetBestSlot(CKM_SSL3_PRE_MASTER_KEY_GEN, pwArg);
- if (slot == NULL) {
- PORT_SetError(SSL_ERROR_TOKEN_SLOT_NOT_FOUND);
- goto loser;
- }
-
- /* create a pre-Master secret */
- version.major = MSB(ss->version);
- version.minor = LSB(ss->version);
-
- param.data = (unsigned char *)&version;
- param.len = sizeof version;
-
- pms = PK11_KeyGen(slot, CKM_SSL3_PRE_MASTER_KEY_GEN,
- &param, 0, pwArg);
- PK11_FreeSlot(slot);
- slot = NULL;
- if (pms == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* If we don't have a certificate, we need to read out your public key.
- * This changes a bit when we need to deal with the PQG stuff
- */
- PORT_Memset(fortezza_CKE.y_signature, 0, sizeof fortezza_CKE.y_signature);
-
- /* Send the KEA public key and get the KEA private key. */
- if (ss->ssl3->clientCertificate != NULL) {
- /* with client-auth */
- privKeaKey = sendFortezzaCKXClientAuth(ss, &fortezza_CKE);
- } else {
- /* without client-auth */
- privKeaKey = sendFortezzaCKXNoClientAuth(ss);
- }
- if (privKeaKey == NULL) {
- rv = SECFailure;
- goto loser; /* error was already set. */
- }
-
- /* Now we derive the TEK, and generate r_c the client's "random" public key.
- * r_c is generated and filled in by the PubDerive call below.
- */
- raItem.data = fortezza_CKE.r_c;
- raItem.len = sizeof fortezza_CKE.r_c;
-
- /* R_s == server's "random" public key, sent in the Server Key Exchange */
- rbItem.data = ss->ssl3->fortezza.R_s;
- rbItem.len = sizeof ss->ssl3->fortezza.R_s;
-
- tek = PK11_PubDerive(privKeaKey, serverKey, PR_TRUE, /* generate r_c */
- &raItem, &rbItem, CKM_KEA_KEY_DERIVE,
- CKM_SKIPJACK_WRAP, CKA_WRAP, 0, pwArg);
- SECKEY_DestroyPrivateKey(privKeaKey);
- privKeaKey = NULL;
- if (tek == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- ss->ssl3->fortezza.tek = PK11_ReferenceSymKey(tek); /* can't fail. */
-
- /* encrypt the pms with the TEK.
- * NB: PK11_WrapSymKey will generate and output the encrypted PMS
- * AND the IV for decrypting the PMS.
- */
- param.data = fortezza_CKE.master_secret_iv;
- param.len = sizeof fortezza_CKE.master_secret_iv;
-
- enc_pms.data = fortezza_CKE.encrypted_preMasterSecret;
- enc_pms.len = sizeof fortezza_CKE.encrypted_preMasterSecret;
-
- rv = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &param, tek, pms, &enc_pms);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- rv = SECFailure; /* not there yet. */
-
- slot = PK11_GetSlotFromKey(tek);
-
- ssl_GetSpecWriteLock(ss); releaseSpecWriteLock = PR_TRUE;
-
- pwSpec = ss->ssl3->pwSpec;
- pwSpec->client.write_key = client_write_key =
- PK11_KeyGen(slot, CKM_SKIPJACK_CBC64, NULL, 0, pwArg);
- if (client_write_key == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- /* the -1 is a hack. It's supposed to be key size, but we use it
- * to tell the wrapper that we're doing a weird PKCS #11 key gen.
- * Usually the result of key gen is an encrypt key. This is not
- * the case with SSL, where this key is a decrypt key.
- */
- pwSpec->server.write_key = server_write_key =
- PK11_KeyGen(slot, CKM_SKIPJACK_CBC64, NULL, -1, pwArg);
- if (server_write_key == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms); pms = NULL;
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* copy the keys and IVs out now */
- item.data = fortezza_CKE.wrapped_client_write_key;
- item.len = sizeof fortezza_CKE.wrapped_client_write_key;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, client_write_key, &item);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- item.data = fortezza_CKE.wrapped_server_write_key;
- item.len = sizeof fortezza_CKE.wrapped_server_write_key;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, server_write_key, &item);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* we only get the generated IV's if we're doing skipjack. */
- if (pwSpec->cipher_def->calg == calg_fortezza) {
- PORT_Memcpy(fortezza_CKE.client_write_iv, pwSpec->client.write_iv,
- sizeof fortezza_CKE.client_write_iv);
- PORT_Memcpy(fortezza_CKE.server_write_iv, pwSpec->server.write_iv,
- sizeof fortezza_CKE.server_write_iv);
- } else {
- /* generate IVs to make old servers happy */
- rv = PK11_GenerateFortezzaIV(client_write_key,
- fortezza_CKE.client_write_iv,
- sizeof fortezza_CKE.client_write_iv);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- rv = PK11_GenerateFortezzaIV(server_write_key,
- fortezza_CKE.server_write_iv,
- sizeof fortezza_CKE.server_write_iv);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- }
-
- /* NOTE: This technique of writing out the struct, rather than writing
- * out the individual members works only because all the rest of the
- * values are fixed-length strings of well-defined byte order.
- * Add one SECItem or one Number and we will need to break the elements out.
- */
- rv = ssl3_AppendHandshake(ss, &fortezza_CKE.r_c,
- (sizeof fortezza_CKE - sizeof fortezza_CKE.y_c));
- if (rv != SECSuccess) {
- goto loser; /* err was set by AppendHandshake. */
- }
-
- /* now we initialize our contexts */
- sid->u.ssl3.hasFortezza = PR_TRUE;
- sid->u.ssl3.tek = tek; tek = NULL; /* adopt.. */
-
- if (pwSpec->cipher_def->calg == calg_fortezza) {
- sid->u.ssl3.clientWriteKey =
- PK11_ReferenceSymKey(pwSpec->client.write_key);
- sid->u.ssl3.serverWriteKey=
- PK11_ReferenceSymKey(pwSpec->server.write_key);
-
- PORT_Memcpy(sid->u.ssl3.keys.client_write_iv,
- pwSpec->client.write_iv,
- sizeof sid->u.ssl3.keys.client_write_iv);
- PORT_Memcpy(sid->u.ssl3.keys.server_write_iv,
- pwSpec->server.write_iv,
- sizeof sid->u.ssl3.keys.server_write_iv);
-
- rv = PK11_SaveContext((PK11Context *)pwSpec->encodeContext,
- sid->u.ssl3.clientWriteSave,
- &sid->u.ssl3.clientWriteSaveLen,
- sizeof sid->u.ssl3.clientWriteSave);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- } else {
- PK11_FreeSymKey(client_write_key);
- pwSpec->client.write_key = client_write_key = NULL;
-
- PK11_FreeSymKey(server_write_key);
- pwSpec->server.write_key = server_write_key = NULL;
-
- rv = SECSuccess;
- }
- /* FALL THROUGH */
-
-loser:
- if (tek) PK11_FreeSymKey(tek);
- if (slot) PK11_FreeSlot(slot);
- if (pms) PK11_FreeSymKey(pms);
- if (rv != SECSuccess) {
- if (client_write_key) {
- PK11_FreeSymKey(client_write_key);
- pwSpec->client.write_key = client_write_key = NULL;
- }
- if (server_write_key) {
- PK11_FreeSymKey(server_write_key);
- pwSpec->server.write_key = server_write_key = NULL;
- }
- }
- if (releaseSpecWriteLock)
- ssl_GetSpecWriteLock(ss);
- return rv;
-}
-
-/* Called from ssl3_HandleServerHelloDone(). */
-static SECStatus
-ssl3_SendClientKeyExchange(sslSocket *ss)
-{
- SECKEYPublicKey * serverKey = NULL;
- SECStatus rv = SECFailure;
- PRBool isTLS;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send client_key_exchange handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- if (ss->sec->peerKey == NULL) {
- serverKey = CERT_ExtractPublicKey(ss->sec->peerCert);
- if (serverKey == NULL) {
- PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- return SECFailure;
- }
- } else {
- serverKey = ss->sec->peerKey;
- ss->sec->peerKey = NULL; /* we're done with it now */
- }
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
- /* enforce limits on kea key sizes. */
- if (ss->ssl3->hs.kea_def->is_limited) {
- int keyLen = SECKEY_PublicKeyStrength(serverKey); /* bytes */
-
- if (keyLen * BPB > ss->ssl3->hs.kea_def->key_size_limit) {
- if (isTLS)
- (void)SSL3_SendAlert(ss, alert_fatal, export_restriction);
- else
- (void)ssl3_HandshakeFailure(ss);
- PORT_SetError(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED);
- goto loser;
- }
- }
-
- ss->sec->keaType = ss->ssl3->hs.kea_def->exchKeyType;
- ss->sec->keaKeyBits = SECKEY_PublicKeyStrength(serverKey) * BPB;
-
- switch (ss->ssl3->hs.kea_def->exchKeyType) {
- case kt_rsa:
- rv = sendRSAClientKeyExchange(ss, serverKey);
- break;
-
- case kt_fortezza:
- rv = sendFortezzaClientKeyExchange(ss, serverKey);
- break;
-
- case kt_dh:
- rv = sendDHClientKeyExchange(ss, serverKey);
- break;
-
- default:
- /* got an unknown or unsupported Key Exchange Algorithm. */
- SEND_ALERT
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- break;
- }
-
- SSL_TRC(3, ("%d: SSL3[%d]: DONE sending client_key_exchange",
- SSL_GETPID(), ss->fd));
-
-loser:
- if (serverKey)
- SECKEY_DestroyPublicKey(serverKey);
- return rv; /* err code already set. */
-}
-
-/* Called from ssl3_HandleServerHelloDone(). */
-static SECStatus
-ssl3_SendCertificateVerify(sslSocket *ss)
-{
- ssl3State * ssl3 = ss->ssl3;
- SECStatus rv = SECFailure;
- PRBool isTLS;
- SECItem buf = {siBuffer, NULL, 0};
- SSL3Hashes hashes;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- SSL_TRC(3, ("%d: SSL3[%d]: send certificate_verify handshake",
- SSL_GETPID(), ss->fd));
-
- ssl_GetSpecReadLock(ss);
- rv = ssl3_ComputeHandshakeHashes(ss, ssl3->pwSpec, &hashes, 0);
- ssl_ReleaseSpecReadLock(ss);
- if (rv != SECSuccess) {
- goto done; /* err code was set by ssl3_ComputeHandshakeHashes */
- }
-
- isTLS = (PRBool)(ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
- rv = ssl3_SignHashes(&hashes, ssl3->clientPrivateKey, &buf, isTLS);
- if (rv == SECSuccess) {
- PK11SlotInfo * slot;
- sslSessionID * sid = ss->sec->ci.sid;
-
- /* Remember the info about the slot that did the signing.
- ** Later, when doing an SSL restart handshake, verify this.
- ** These calls are mere accessors, and can't fail.
- */
- slot = PK11_GetSlotFromPrivateKey(ss->ssl3->clientPrivateKey);
- sid->u.ssl3.clAuthSeries = PK11_GetSlotSeries(slot);
- sid->u.ssl3.clAuthSlotID = PK11_GetSlotID(slot);
- sid->u.ssl3.clAuthModuleID = PK11_GetModuleID(slot);
- sid->u.ssl3.clAuthValid = PR_TRUE;
- PK11_FreeSlot(slot);
- }
- /* If we're doing RSA key exchange, we're all done with the private key
- * here. Diffie-Hellman & Fortezza key exchanges need the client's
- * private key for the key exchange.
- */
- if (ssl3->hs.kea_def->exchKeyType == kt_rsa) {
- SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
- ssl3->clientPrivateKey = NULL;
- }
- if (rv != SECSuccess) {
- goto done; /* err code was set by ssl3_SignHashes */
- }
-
- rv = ssl3_AppendHandshakeHeader(ss, certificate_verify, buf.len + 2);
- if (rv != SECSuccess) {
- goto done; /* error code set by AppendHandshake */
- }
- rv = ssl3_AppendHandshakeVariable(ss, buf.data, buf.len, 2);
- if (rv != SECSuccess) {
- goto done; /* error code set by AppendHandshake */
- }
-
-done:
- if (buf.data)
- PORT_Free(buf.data);
- return rv;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 ServerHello message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleServerHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- sslSessionID *sid = ss->sec->ci.sid;
- PRInt32 temp; /* allow for consume number failure */
- PRBool suite_found = PR_FALSE;
- int i;
- int errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO;
- SECStatus rv;
- SECItem sidBytes = {siBuffer, NULL, 0};
- PRBool sid_match;
- PRBool isTLS = PR_FALSE;
- SSL3AlertDescription desc = illegal_parameter;
- SSL3ProtocolVersion version;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle server_hello handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError(); /* ssl3_InitState has set the error code. */
- goto alert_loser;
- }
- if (ss->ssl3->hs.ws != wait_server_hello) {
- errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO;
- desc = unexpected_message;
- goto alert_loser;
- }
-
- temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (temp < 0) {
- goto loser; /* alert has been sent */
- }
- version = (SSL3ProtocolVersion)temp;
-
- /* this is appropriate since the negotiation is complete, and we only
- ** know SSL 3.x.
- */
- if (MSB(version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
- desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
- goto alert_loser;
- }
-
- rv = ssl3_NegotiateVersion(ss, version);
- if (rv != SECSuccess) {
- desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
- }
- isTLS = (ss->version > SSL_LIBRARY_VERSION_3_0);
-
- rv = ssl3_ConsumeHandshake(
- ss, &ss->ssl3->hs.server_random, SSL3_RANDOM_LENGTH, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* alert has been sent */
- }
-
- rv = ssl3_ConsumeHandshakeVariable(ss, &sidBytes, 1, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* alert has been sent */
- }
- if (sidBytes.len > SSL3_SESSIONID_BYTES) {
- if (isTLS)
- desc = decode_error;
- goto alert_loser; /* malformed. */
- }
-
- /* find selected cipher suite in our list. */
- temp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (temp < 0) {
- goto loser; /* alert has been sent */
- }
- ssl3_config_match_init(ss);
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
- if ((temp == suite->cipher_suite) &&
- (config_match(suite, ss->ssl3->policy, PR_TRUE))) {
- suite_found = PR_TRUE;
- break; /* success */
- }
- }
- if (!suite_found) {
- desc = handshake_failure;
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
- }
- ss->ssl3->hs.cipher_suite = (ssl3CipherSuite)temp;
- ss->ssl3->hs.suite_def = ssl_LookupCipherSuiteDef((ssl3CipherSuite)temp);
- PORT_Assert(ss->ssl3->hs.suite_def);
- if (!ss->ssl3->hs.suite_def) {
- PORT_SetError(errCode = SEC_ERROR_LIBRARY_FAILURE);
- goto loser; /* we don't send alerts for our screw-ups. */
- }
-
- /* find selected compression method in our list. */
- temp = ssl3_ConsumeHandshakeNumber(ss, 1, &b, &length);
- if (temp < 0) {
- goto loser; /* alert has been sent */
- }
- suite_found = PR_FALSE;
- for (i = 0; i < compressionMethodsCount; i++) {
- if (temp == compressions[i]) {
- suite_found = PR_TRUE;
- break; /* success */
- }
- }
- if (!suite_found) {
- desc = handshake_failure;
- errCode = SSL_ERROR_NO_COMPRESSION_OVERLAP;
- goto alert_loser;
- }
- ss->ssl3->hs.compression = (SSL3CompressionMethod)temp;
-
- if (length != 0) { /* malformed */
- goto alert_loser;
- }
-
- /* Any errors after this point are not "malformed" errors. */
- desc = handshake_failure;
-
- /* we need to call ssl3_SetupPendingCipherSpec here so we can check the
- * key exchange algorithm. */
- rv = ssl3_SetupPendingCipherSpec(ss, ss->ssl3);
- if (rv != SECSuccess) {
- goto alert_loser; /* error code is set. */
- }
-
- /* We may or may not have sent a session id, we may get one back or
- * not and if so it may match the one we sent.
- * Attempt to restore the master secret to see if this is so...
- * Don't consider failure to find a matching SID an error.
- */
- sid_match = (PRBool)(sidBytes.len > 0 &&
- sidBytes.len == sid->u.ssl3.sessionIDLength &&
- !PORT_Memcmp(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len));
-
- if (sid_match &&
- sid->version == ss->version &&
- sid->u.ssl3.cipherSuite == ss->ssl3->hs.cipher_suite) do {
- PK11SlotInfo *slot;
- PK11SymKey * wrapKey; /* wrapping key */
- SECItem wrappedMS; /* wrapped master secret. */
- CK_FLAGS keyFlags = 0;
- sslSecurityInfo *sec = ss->sec;
-
- sec->authAlgorithm = sid->authAlgorithm;
- sec->authKeyBits = sid->authKeyBits;
- sec->keaType = sid->keaType;
- sec->keaKeyBits = sid->keaKeyBits;
-
- slot = SECMOD_LookupSlot(sid->u.ssl3.masterModuleID,
- sid->u.ssl3.masterSlotID);
- if (slot == NULL) {
- break; /* not considered an error. */
- }
- if (!PK11_IsPresent(slot)) {
- PK11_FreeSlot(slot);
- break; /* not considered an error. */
- }
- wrapKey = PK11_GetWrapKey(slot, sid->u.ssl3.masterWrapIndex,
- sid->u.ssl3.masterWrapMech,
- sid->u.ssl3.masterWrapSeries,
- ss->pkcs11PinArg);
- PK11_FreeSlot(slot);
- if (wrapKey == NULL) {
- break; /* not considered an error. */
- }
-
- if (ss->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
- keyFlags = CKF_SIGN | CKF_VERIFY;
- }
-
- wrappedMS.data = sid->u.ssl3.keys.wrapped_master_secret;
- wrappedMS.len = sid->u.ssl3.keys.wrapped_master_secret_len;
- ss->ssl3->pwSpec->master_secret =
- PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech,
- NULL, &wrappedMS, CKM_SSL3_MASTER_KEY_DERIVE,
- CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
- errCode = PORT_GetError();
- PK11_FreeSymKey(wrapKey);
- if (ss->ssl3->pwSpec->master_secret == NULL) {
- break; /* errorCode set just after call to UnwrapSymKey. */
- }
-
- /* Got a Match */
- ++ssl3stats.hsh_sid_cache_hits;
- ss->ssl3->hs.ws = wait_change_cipher;
- ss->ssl3->hs.isResuming = PR_TRUE;
-
- /* copy the peer cert from the SID */
- if (sid->peerCert != NULL) {
- ss->sec->peerCert = CERT_DupCertificate(sid->peerCert);
- }
-
- /* reload the FORTEZZA key material. These keys aren't generated
- * by the master secret, but by the key exchange. We restart by
- * reusing these keys. */
- if (sid->u.ssl3.hasFortezza) {
- ss->ssl3->fortezza.tek = PK11_ReferenceSymKey(sid->u.ssl3.tek);
- }
- if (ss->ssl3->hs.suite_def->bulk_cipher_alg == cipher_fortezza) {
- ss->ssl3->pwSpec->client.write_key =
- PK11_ReferenceSymKey(sid->u.ssl3.clientWriteKey);
- ss->ssl3->pwSpec->server.write_key =
- PK11_ReferenceSymKey(sid->u.ssl3.serverWriteKey);
- /* add the tek later for pre-encrypted files */
- PORT_Memcpy(ss->ssl3->pwSpec->client.write_iv,
- sid->u.ssl3.keys.client_write_iv,
- sizeof sid->u.ssl3.keys.client_write_iv);
- PORT_Memcpy(ss->ssl3->pwSpec->server.write_iv,
- sid->u.ssl3.keys.server_write_iv,
- sizeof sid->u.ssl3.keys.server_write_iv);
- }
-
- /* NULL value for PMS signifies re-use of the old MS */
- rv = ssl3_InitPendingCipherSpec(ss, NULL);
- if (rv != SECSuccess) {
- goto alert_loser; /* err code was set by ssl3_InitPendingCipherSpec */
- }
- if (ss->ssl3->hs.suite_def->bulk_cipher_alg == cipher_fortezza) {
- rv = PK11_RestoreContext(
- (PK11Context *)ss->ssl3->pwSpec->encodeContext,
- sid->u.ssl3.clientWriteSave,
- sid->u.ssl3.clientWriteSaveLen);
- if (rv != SECSuccess) {
- goto alert_loser; /* err is set. */
- }
- }
- SECITEM_ZfreeItem(&sidBytes, PR_FALSE);
- return SECSuccess;
- } while (0);
-
- if (sid_match)
- ++ssl3stats.hsh_sid_cache_not_ok;
- else
- ++ssl3stats.hsh_sid_cache_misses;
-
- /* throw the old one away */
- sid->u.ssl3.resumable = PR_FALSE;
- (*ss->sec->uncache)(sid);
- ssl_FreeSID(sid);
-
- /* get a new sid */
- ss->sec->ci.sid = sid = ssl3_NewSessionID(ss, PR_FALSE);
- if (sid == NULL) {
- goto alert_loser; /* memory error is set. */
- }
-
- sid->version = ss->version;
- sid->u.ssl3.sessionIDLength = sidBytes.len;
- PORT_Memcpy(sid->u.ssl3.sessionID, sidBytes.data, sidBytes.len);
- SECITEM_ZfreeItem(&sidBytes, PR_FALSE);
-
- ss->ssl3->hs.isResuming = PR_FALSE;
- ss->ssl3->hs.ws = wait_server_cert;
- return SECSuccess;
-
-alert_loser:
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
-
-loser:
- if (sidBytes.data != NULL)
- SECITEM_ZfreeItem(&sidBytes, PR_FALSE);
- errCode = ssl_MapLowLevelError(errCode);
- return SECFailure;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 ServerKeyExchange message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- PRArenaPool * arena = NULL;
- SECKEYPublicKey *peerKey = NULL;
- PRBool isTLS;
- SECStatus rv;
- int errCode = SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH;
- SSL3AlertDescription desc = illegal_parameter;
- SECItem modulus = {siBuffer, NULL, 0};
- SECItem exponent = {siBuffer, NULL, 0};
- SECItem signature = {siBuffer, NULL, 0};
- SECItem dh_p = {siBuffer, NULL, 0};
- SECItem dh_g = {siBuffer, NULL, 0};
- SECItem dh_Ys = {siBuffer, NULL, 0};
- SSL3Hashes hashes;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle server_key_exchange handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ss->ssl3->hs.ws != wait_server_key &&
- ss->ssl3->hs.ws != wait_server_cert) {
- errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
- desc = unexpected_message;
- goto alert_loser;
- }
- if (ss->sec->peerCert == NULL) {
- errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
- desc = unexpected_message;
- goto alert_loser;
- }
-
- isTLS = (PRBool)(ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- switch (ss->ssl3->hs.kea_def->exchKeyType) {
-
- case kt_rsa:
- rv = ssl3_ConsumeHandshakeVariable(ss, &modulus, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &exponent, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- if (length != 0) {
- if (isTLS)
- desc = decode_error;
- goto alert_loser; /* malformed. */
- }
-
- /* failures after this point are not malformed handshakes. */
- /* TLS: send decrypt_error if signature failed. */
- desc = isTLS ? decrypt_error : handshake_failure;
-
- /*
- * check to make sure the hash is signed by right guy
- */
- rv = ssl3_ComputeExportRSAKeyHash(modulus, exponent,
- &ss->ssl3->hs.client_random,
- &ss->ssl3->hs.server_random, &hashes);
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
- rv = ssl3_VerifySignedHashes(&hashes, ss->sec->peerCert, &signature,
- isTLS, ss->pkcs11PinArg);
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
-
- /*
- * we really need to build a new key here because we can no longer
- * ignore calling SECKEY_DestroyPublicKey. Using the key may allocate
- * pkcs11 slots and ID's.
- */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto no_memory;
- }
-
- peerKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
- if (peerKey == NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- goto no_memory;
- }
-
- peerKey->arena = arena;
- peerKey->keyType = rsaKey;
- peerKey->pkcs11Slot = NULL;
- peerKey->pkcs11ID = CK_INVALID_HANDLE;
- if (SECITEM_CopyItem(arena, &peerKey->u.rsa.modulus, &modulus) ||
- SECITEM_CopyItem(arena, &peerKey->u.rsa.publicExponent, &exponent))
- {
- PORT_FreeArena(arena, PR_FALSE);
- goto no_memory;
- }
- ss->sec->peerKey = peerKey;
- SECITEM_FreeItem(&modulus, PR_FALSE);
- SECITEM_FreeItem(&exponent, PR_FALSE);
- SECITEM_FreeItem(&signature, PR_FALSE);
- ss->ssl3->hs.ws = wait_cert_request;
- return SECSuccess;
-
- case kt_dh:
- rv = ssl3_ConsumeHandshakeVariable(ss, &dh_p, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &dh_g, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &dh_Ys, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
- if (length != 0) {
- if (isTLS)
- desc = decode_error;
- goto alert_loser; /* malformed. */
- }
-
- PRINT_BUF(60, (NULL, "Server DH p", dh_p.data, dh_p.len));
- PRINT_BUF(60, (NULL, "Server DH g", dh_g.data, dh_g.len));
- PRINT_BUF(60, (NULL, "Server DH Ys", dh_Ys.data, dh_Ys.len));
-
- /* failures after this point are not malformed handshakes. */
- /* TLS: send decrypt_error if signature failed. */
- desc = isTLS ? decrypt_error : handshake_failure;
-
- /*
- * check to make sure the hash is signed by right guy
- */
- rv = ssl3_ComputeDHKeyHash(dh_p, dh_g, dh_Ys,
- &ss->ssl3->hs.client_random,
- &ss->ssl3->hs.server_random, &hashes);
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
- rv = ssl3_VerifySignedHashes(&hashes, ss->sec->peerCert, &signature,
- isTLS, ss->pkcs11PinArg);
- if (rv != SECSuccess) {
- errCode =
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto alert_loser;
- }
-
- /*
- * we really need to build a new key here because we can no longer
- * ignore calling SECKEY_DestroyPublicKey. Using the key may allocate
- * pkcs11 slots and ID's.
- */
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- goto no_memory;
- }
-
- ss->sec->peerKey = peerKey = PORT_ArenaZNew(arena, SECKEYPublicKey);
- if (peerKey == NULL) {
- goto no_memory;
- }
-
- peerKey->arena = arena;
- peerKey->keyType = dhKey;
- peerKey->pkcs11Slot = NULL;
- peerKey->pkcs11ID = CK_INVALID_HANDLE;
-
- if (SECITEM_CopyItem(arena, &peerKey->u.dh.prime, &dh_p) ||
- SECITEM_CopyItem(arena, &peerKey->u.dh.base, &dh_g) ||
- SECITEM_CopyItem(arena, &peerKey->u.dh.publicValue, &dh_Ys))
- {
- PORT_FreeArena(arena, PR_FALSE);
- goto no_memory;
- }
- ss->sec->peerKey = peerKey;
- SECITEM_FreeItem(&dh_p, PR_FALSE);
- SECITEM_FreeItem(&dh_g, PR_FALSE);
- SECITEM_FreeItem(&dh_Ys, PR_FALSE);
- ss->ssl3->hs.ws = wait_cert_request;
- return SECSuccess;
-
- case kt_fortezza:
-
- /* Fortezza needs *BOTH* a server cert message
- * and a server key exchange message.
- */
- if (ss->ssl3->hs.ws == wait_server_cert) {
- errCode = SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH;
- desc = unexpected_message;
- goto alert_loser;
- }
- /* Get the server's "random" public key. */
- rv = ssl3_ConsumeHandshake(ss, ss->ssl3->fortezza.R_s,
- sizeof ss->ssl3->fortezza.R_s, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- ss->ssl3->hs.ws = wait_cert_request;
- return SECSuccess;
-
- default:
- desc = handshake_failure;
- errCode = SEC_ERROR_UNSUPPORTED_KEYALG;
- break; /* goto alert_loser; */
- }
-
-alert_loser:
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
- if (modulus.data != NULL) SECITEM_FreeItem(&modulus, PR_FALSE);
- if (exponent.data != NULL) SECITEM_FreeItem(&exponent, PR_FALSE);
- if (signature.data != NULL) SECITEM_FreeItem(&signature, PR_FALSE);
- if (dh_p.data != NULL) SECITEM_FreeItem(&dh_p, PR_FALSE);
- if (dh_g.data != NULL) SECITEM_FreeItem(&dh_g, PR_FALSE);
- if (dh_Ys.data != NULL) SECITEM_FreeItem(&dh_Ys, PR_FALSE);
- PORT_SetError( errCode );
- return SECFailure;
-
-no_memory: /* no-memory error has already been set. */
- if (modulus.data != NULL) SECITEM_FreeItem(&modulus, PR_FALSE);
- if (exponent.data != NULL) SECITEM_FreeItem(&exponent, PR_FALSE);
- if (signature.data != NULL) SECITEM_FreeItem(&signature, PR_FALSE);
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- return SECFailure;
-}
-
-
-typedef struct dnameNode {
- struct dnameNode *next;
- SECItem name;
-} dnameNode;
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate Request message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleCertificateRequest(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- ssl3State * ssl3 = ss->ssl3;
- PRArenaPool * arena = NULL;
- dnameNode * node;
- unsigned char * data;
- PRInt32 remaining;
- PRInt32 len;
- PRBool isTLS = PR_FALSE;
- int i;
- int errCode = SSL_ERROR_RX_MALFORMED_CERT_REQUEST;
- int nnames = 0;
- SECStatus rv;
- SSL3AlertDescription desc = illegal_parameter;
- SECItem cert_types = {siBuffer, NULL, 0};
- CERTDistNames ca_list;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle certificate_request handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ssl3->hs.ws != wait_cert_request &&
- ssl3->hs.ws != wait_server_key) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST;
- goto alert_loser;
- }
- isTLS = (PRBool)(ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
- rv = ssl3_ConsumeHandshakeVariable(ss, &cert_types, 1, &b, &length);
- if (rv != SECSuccess)
- goto loser; /* malformed, alert has been sent */
-
- arena = ca_list.arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto no_mem;
-
- remaining = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (remaining < 0)
- goto loser; /* malformed, alert has been sent */
-
- ca_list.head = node = PORT_ArenaZNew(arena, dnameNode);
- if (node == NULL)
- goto no_mem;
-
- while (remaining != 0) {
- if (remaining < 2)
- goto alert_loser; /* malformed */
-
- node->name.len = len = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (len < 0)
- goto loser; /* malformed, alert has been sent */
-
- remaining -= 2;
- if (remaining < len)
- goto alert_loser; /* malformed */
-
- data = node->name.data = (unsigned char*)PORT_ArenaAlloc(arena, len);
- if (data == NULL)
- goto no_mem;
-
- rv = ssl3_ConsumeHandshake(ss, data, len, &b, &length);
- if (rv != SECSuccess)
- goto loser; /* malformed, alert has been sent */
-
- remaining -= len;
- nnames++;
- if (remaining == 0)
- break; /* success */
-
- node->next = PORT_ArenaZNew(arena, dnameNode);
- node = node->next;
- if (node == NULL)
- goto no_mem;
- }
-
- ca_list.nnames = nnames;
- ca_list.names = (SECItem*)PORT_ArenaAlloc(arena, nnames * sizeof(SECItem));
- if (ca_list.names == NULL)
- goto no_mem;
-
- for(i = 0, node = (dnameNode*)ca_list.head;
- i < nnames;
- i++, node = node->next) {
- ca_list.names[i] = node->name;
- }
-
- if (length != 0)
- goto alert_loser; /* malformed */
-
- desc = no_certificate;
- ssl3->hs.ws = wait_hello_done;
-
- if (ss->getClientAuthData == NULL) {
- rv = SECFailure; /* force it to send a no_certificate alert */
- } else {
- /* XXX Should pass cert_types in this call!! */
- rv = (SECStatus)(*ss->getClientAuthData)(ss->getClientAuthDataArg,
- ss->fd, &ca_list,
- &ssl3->clientCertificate,
- &ssl3->clientPrivateKey);
- }
- switch (rv) {
- case SECWouldBlock: /* getClientAuthData has put up a dialog box. */
- ssl_SetAlwaysBlock(ss);
- break; /* not an error */
-
- case SECSuccess:
- /* Setting ssl3->clientCertChain non-NULL will cause
- * ssl3_HandleServerHelloDone to call SendCertificate.
- */
- ssl3->clientCertChain = CERT_CertChainFromCert(ssl3->clientCertificate,
- certUsageSSLClient, PR_FALSE);
- if (ssl3->clientCertChain == NULL) {
- if (ssl3->clientCertificate != NULL) {
- CERT_DestroyCertificate(ssl3->clientCertificate);
- ssl3->clientCertificate = NULL;
- }
- if (ssl3->clientPrivateKey != NULL) {
- SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
- ssl3->clientPrivateKey = NULL;
- }
- goto send_no_certificate;
- }
- break; /* not an error */
-
- case SECFailure:
- default:
-send_no_certificate:
- if (isTLS) {
- ssl3->sendEmptyCert = PR_TRUE;
- } else {
- (void)SSL3_SendAlert(ss, alert_warning, no_certificate);
- }
- rv = SECSuccess;
- break;
- }
- goto done;
-
-no_mem:
- rv = SECFailure;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- goto done;
-
-alert_loser:
- if (isTLS && desc == illegal_parameter)
- desc = decode_error;
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
- PORT_SetError(errCode);
- rv = SECFailure;
-done:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- if (cert_types.data != NULL)
- SECITEM_FreeItem(&cert_types, PR_FALSE);
- return rv;
-}
-
-/*
- * attempt to restart the handshake after asynchronously handling
- * a request for the client's certificate.
- *
- * inputs:
- * cert Client cert chosen by application.
- * Note: ssl takes this reference, and does not bump the
- * reference count. The caller should drop its reference
- * without calling CERT_DestroyCert after calling this function.
- *
- * key Private key associated with cert. This function makes a
- * copy of the private key, so the caller remains responsible
- * for destroying its copy after this function returns.
- *
- * certChain DER-encoded certs, client cert and its signers.
- * Note: ssl takes this reference, and does not copy the chain.
- * The caller should drop its reference without destroying the
- * chain. SSL will free the chain when it is done with it.
- *
- * Return value: XXX
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- * It does not work on a subsequent handshake (redo).
- *
- * Caller holds 1stHandshakeLock.
- */
-SECStatus
-ssl3_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key,
- CERTCertificateList *certChain)
-{
- SECStatus rv = SECSuccess;
-
- if (MSB(ss->version) == MSB(SSL_LIBRARY_VERSION_3_0)) {
- /* XXX This code only works on the initial handshake on a connection,
- ** XXX It does not work on a subsequent handshake (redo).
- */
- if (ss->handshake != 0) {
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->ssl3->clientCertificate = cert;
- ss->ssl3->clientCertChain = certChain;
- if (key == NULL) {
- (void)SSL3_SendAlert(ss, alert_warning, no_certificate);
- ss->ssl3->clientPrivateKey = NULL;
- } else {
- ss->ssl3->clientPrivateKey = SECKEY_CopyPrivateKey(key);
- }
- ssl_GetRecvBufLock(ss);
- if (ss->ssl3->hs.msgState.buf != NULL) {
- rv = ssl3_HandleRecord(ss, NULL, &ss->gather->buf);
- }
- ssl_ReleaseRecvBufLock(ss);
- }
- }
- return rv;
-}
-
-
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Server Hello Done message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleServerHelloDone(sslSocket *ss)
-{
- SECStatus rv;
- SSL3WaitState ws = ss->ssl3->hs.ws;
- PRBool send_verify = PR_FALSE;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle server_hello_done handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ws != wait_hello_done &&
- ws != wait_server_cert &&
- ws != wait_server_key &&
- ws != wait_cert_request) {
- SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
- return SECFailure;
- }
-
- ssl_GetXmitBufLock(ss); /*******************************/
-
- if (ss->ssl3->sendEmptyCert) {
- ss->ssl3->sendEmptyCert = PR_FALSE;
- rv = ssl3_SendEmptyCertificate(ss);
- /* Don't send verify */
- if (rv != SECSuccess) {
- goto loser; /* error code is set. */
- }
- } else
- if (ss->ssl3->clientCertChain != NULL &&
- ss->ssl3->clientPrivateKey != NULL) {
- send_verify = PR_TRUE;
- rv = ssl3_SendCertificate(ss);
- if (rv != SECSuccess) {
- goto loser; /* error code is set. */
- }
- }
-
- rv = ssl3_SendClientKeyExchange(ss);
- if (rv != SECSuccess) {
- goto loser; /* err is set. */
- }
-
- if (send_verify) {
- rv = ssl3_SendCertificateVerify(ss);
- if (rv != SECSuccess) {
- goto loser; /* err is set. */
- }
- }
- rv = ssl3_SendChangeCipherSpecs(ss);
- if (rv != SECSuccess) {
- goto loser; /* err code was set. */
- }
- rv = ssl3_SendFinished(ss, 0);
- if (rv != SECSuccess) {
- goto loser; /* err code was set. */
- }
-
- ssl_ReleaseXmitBufLock(ss); /*******************************/
-
- ss->ssl3->hs.ws = wait_change_cipher;
- return SECSuccess;
-
-loser:
- ssl_ReleaseXmitBufLock(ss);
- return rv;
-}
-
-/*
- * Routines used by servers
- */
-static SECStatus
-ssl3_SendHelloRequest(sslSocket *ss)
-{
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send hello_request handshake", SSL_GETPID(),
- ss->fd));
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- rv = ssl3_AppendHandshakeHeader(ss, hello_request, 0);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake */
- }
- rv = ssl3_FlushHandshake(ss, 0);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
- ss->ssl3->hs.ws = wait_client_hello;
- return SECSuccess;
-}
-
-/* Sets memory error when returning NULL.
- * Called from:
- * ssl3_SendClientHello()
- * ssl3_HandleServerHello()
- * ssl3_HandleClientHello()
- * ssl3_HandleV2ClientHello()
- */
-static sslSessionID *
-ssl3_NewSessionID(sslSocket *ss, PRBool is_server)
-{
- sslSessionID *sid;
-
- sid = PORT_ZNew(sslSessionID);
- if (sid == NULL)
- return sid;
-
- sid->peerID = (ss->peerID == NULL) ? NULL : PORT_Strdup(ss->peerID);
- sid->urlSvrName = (ss->url == NULL) ? NULL : PORT_Strdup(ss->url);
- sid->addr = ss->sec->ci.peer;
- sid->port = ss->sec->ci.port;
- sid->references = 1;
- sid->cached = never_cached;
- sid->version = ss->version;
-
- sid->u.ssl3.resumable = PR_TRUE;
- sid->u.ssl3.policy = SSL_ALLOWED;
- sid->u.ssl3.hasFortezza = PR_FALSE;
- sid->u.ssl3.clientWriteKey = NULL;
- sid->u.ssl3.serverWriteKey = NULL;
- sid->u.ssl3.tek = NULL;
-
- if (is_server) {
- SECStatus rv;
- int pid = SSL_GETPID();
-
- sid->u.ssl3.sessionIDLength = SSL3_SESSIONID_BYTES;
- sid->u.ssl3.sessionID[0] = (pid >> 8) & 0xff;
- sid->u.ssl3.sessionID[1] = pid & 0xff;
- rv = PK11_GenerateRandom(sid->u.ssl3.sessionID + 2,
- SSL3_SESSIONID_BYTES -2);
- if (rv != SECSuccess) {
- ssl_FreeSID(sid);
- ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
- return NULL;
- }
- }
- return sid;
-}
-
-/* Called from: ssl3_HandleClientHello, ssl3_HandleV2ClientHello */
-static SECStatus
-ssl3_SendServerHelloSequence(sslSocket *ss)
-{
- const ssl3KEADef *kea_def;
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: begin send server_hello sequence",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- rv = ssl3_SendServerHello(ss);
- if (rv != SECSuccess) {
- return rv; /* err code is set. */
- }
- rv = ssl3_SendCertificate(ss);
- if (rv != SECSuccess) {
- return rv; /* error code is set. */
- }
- /* We have to do this after the call to ssl3_SendServerHello,
- * because kea_def is set up by ssl3_SendServerHello().
- */
- kea_def = ss->ssl3->hs.kea_def;
- ss->ssl3->hs.usedStepDownKey = PR_FALSE;
- if (kea_def->kea == kea_fortezza) {
- rv = ssl3_SendServerKeyExchange(ss);
- if (rv != SECSuccess) {
- return rv; /* err code was set. */
- }
- } else if (kea_def->is_limited && kea_def->exchKeyType == kt_rsa) {
- /* see if we can legally use the key in the cert. */
- int keyLen; /* bytes */
-
- keyLen = PK11_GetPrivateModulusLen(
- ss->serverCerts[kea_def->exchKeyType].serverKey);
-
- if (keyLen > 0 &&
- keyLen * BPB <= kea_def->key_size_limit ) {
- /* XXX AND cert is not signing only!! */
- /* just fall through and use it. */
- } else if (ss->stepDownKeyPair != NULL) {
- ss->ssl3->hs.usedStepDownKey = PR_TRUE;
- rv = ssl3_SendServerKeyExchange(ss);
- if (rv != SECSuccess) {
- return rv; /* err code was set. */
- }
- } else {
-#ifndef HACKED_EXPORT_SERVER
- PORT_SetError(SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED);
- return rv;
-#endif
- }
- }
-
- if (ss->requestCertificate) {
- rv = ssl3_SendCertificateRequest(ss);
- if (rv != SECSuccess) {
- return rv; /* err code is set. */
- }
- }
- rv = ssl3_SendServerHelloDone(ss);
- if (rv != SECSuccess) {
- return rv; /* err code is set. */
- }
-
- ss->ssl3->hs.ws = (ss->requestCertificate) ? wait_client_cert
- : wait_client_key;
- return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Client Hello message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleClientHello(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- sslSessionID * sid = NULL;
- ssl3State * ssl3;
- sslConnectInfo * ci;
- PRInt32 tmp;
- unsigned int i;
- int j;
- SECStatus rv;
- int errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
- SSL3AlertDescription desc = illegal_parameter;
- SSL3ProtocolVersion version;
- SECItem sidBytes = {siBuffer, NULL, 0};
- SECItem suites = {siBuffer, NULL, 0};
- SECItem comps = {siBuffer, NULL, 0};
- PRBool haveSpecWriteLock = PR_FALSE;
- PRBool haveXmitBufLock = PR_FALSE;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle client_hello handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- /* Get peer name of client */
- rv = ssl_GetPeerInfo(ss);
- if (rv != SECSuccess) {
- return rv; /* error code is set. */
- }
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- return rv; /* ssl3_InitState has set the error code. */
- }
- ssl3 = ss->ssl3;
-
- if ((ssl3->hs.ws != wait_client_hello) &&
- (ssl3->hs.ws != idle_handshake)) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
- goto alert_loser;
- }
- ci = &ss->sec->ci;
-
- tmp = ssl3_ConsumeHandshakeNumber(ss, 2, &b, &length);
- if (tmp < 0)
- goto loser; /* malformed, alert already sent */
- ss->clientHelloVersion = version = (SSL3ProtocolVersion)tmp;
- rv = ssl3_NegotiateVersion(ss, version);
- if (rv != SECSuccess) {
- desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
- }
-
- /* grab the client random data. */
- rv = ssl3_ConsumeHandshake(
- ss, &ssl3->hs.client_random, SSL3_RANDOM_LENGTH, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- /* grab the client's SID, if present. */
- rv = ssl3_ConsumeHandshakeVariable(ss, &sidBytes, 1, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- if (sidBytes.len > 0) {
- SSL_TRC(7, ("%d: SSL3[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x",
- SSL_GETPID(), ss->fd, ci->peer.pr_s6_addr32[0],
- ci->peer.pr_s6_addr32[1], ci->peer.pr_s6_addr32[2],
- ci->peer.pr_s6_addr32[3]));
- sid = (*ssl_sid_lookup)(&ci->peer, sidBytes.data, sidBytes.len,
- ss->dbHandle);
- }
- SECITEM_FreeItem(&sidBytes, PR_FALSE);
-
- /* grab the list of cipher suites. */
- rv = ssl3_ConsumeHandshakeVariable(ss, &suites, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- /* grab the list of compression methods. */
- rv = ssl3_ConsumeHandshakeVariable(ss, &comps, 1, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed */
- }
-
- /* It's OK for length to be non-zero here.
- * Non-zero length means that some new protocol revision has extended
- * the client hello message.
- */
-
- desc = handshake_failure;
-
- if (sid != NULL) {
- /* We've found a session cache entry for this client.
- * Now, if we're going to require a client-auth cert,
- * and we don't already have this client's cert in the session cache,
- * and this is the first handshake on this connection (not a redo),
- * then drop this old cache entry and start a new session.
- */
- if ((sid->peerCert == NULL) && ss->requestCertificate &&
- ((ss->requireCertificate == 1) ||
- ((ss->requireCertificate == 2) && !ss->firstHsDone))) {
-
- ++ssl3stats.hch_sid_cache_not_ok;
- ss->sec->uncache(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- }
- }
-
- /* Look for a matching cipher suite. */
- j = ssl3_config_match_init(ss);
- if (j <= 0) { /* no ciphers are working/supported by PK11 */
- errCode = PORT_GetError(); /* error code is already set. */
- goto alert_loser;
- }
- /* If we already have a session for this client, be sure to pick the
- ** same cipher suite we picked before.
- ** This is not a loop, despite appearances.
- */
- if (sid) do {
- ssl3CipherSuiteCfg *suite = ss->cipherSuites;
- for (j = ssl_V3_SUITES_IMPLEMENTED; j > 0; --j, ++suite) {
- if (suite->cipher_suite == sid->u.ssl3.cipherSuite)
- break;
- }
- if (!j)
- break;
- if (!config_match(suite, ssl3->policy, PR_TRUE))
- break;
- for (i = 0; i < suites.len; i += 2) {
- if ((suites.data[i] == MSB(suite->cipher_suite)) &&
- (suites.data[i + 1] == LSB(suite->cipher_suite))) {
-
- ssl3->hs.cipher_suite = suite->cipher_suite;
- ssl3->hs.suite_def =
- ssl_LookupCipherSuiteDef(ssl3->hs.cipher_suite);
- goto suite_found;
- }
- }
- } while (0);
-
- /* Select a cipher suite.
- ** NOTE: This suite selection algorithm should be the same as the one in
- ** ssl3_HandleV2ClientHello().
- */
- for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
- if (!config_match(suite, ssl3->policy, PR_TRUE))
- continue;
- for (i = 0; i < suites.len; i += 2) {
- if ((suites.data[i] == MSB(suite->cipher_suite)) &&
- (suites.data[i + 1] == LSB(suite->cipher_suite))) {
-
- ssl3->hs.cipher_suite = suite->cipher_suite;
- ssl3->hs.suite_def =
- ssl_LookupCipherSuiteDef(ssl3->hs.cipher_suite);
- goto suite_found;
- }
- }
- }
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
-
-suite_found:
- /* Look for a matching compression algorithm. */
- for (i = 0; i < comps.len; i++) {
- for (j = 0; j < compressionMethodsCount; j++) {
- if (comps.data[i] == compressions[j]) {
- ssl3->hs.compression = (SSL3CompressionMethod)compressions[j];
- goto compression_found;
- }
- }
- }
- errCode = SSL_ERROR_NO_COMPRESSION_OVERLAP;
- /* null compression must be supported */
- goto alert_loser;
-
-compression_found:
- PORT_Free(suites.data);
- suites.data = NULL;
- PORT_Free(comps.data);
- comps.data = NULL;
-
- ss->sec->send = ssl3_SendApplicationData;
-
- /* If there are any failures while processing the old sid,
- * we don't consider them to be errors. Instead, We just behave
- * as if the client had sent us no sid to begin with, and make a new one.
- */
- if (sid != NULL) do {
- PK11SlotInfo * slot;
- PK11SymKey * wrapKey; /* wrapping key */
- SECItem wrappedKey; /* wrapped key */
- ssl3CipherSpec *pwSpec;
- CK_FLAGS keyFlags = 0;
-
- if (sid->version != ss->version ||
- sid->u.ssl3.cipherSuite != ssl3->hs.cipher_suite) {
- break; /* not an error */
- }
-
- if (ci->sid) {
- ss->sec->uncache(ci->sid);
- PORT_Assert(ci->sid != sid); /* should be impossible, but ... */
- if (ci->sid != sid) {
- ssl_FreeSID(ci->sid);
- }
- ci->sid = NULL;
- }
- /* we need to resurrect the master secret.... */
-
- ssl_GetSpecWriteLock(ss); haveSpecWriteLock = PR_TRUE;
- pwSpec = ssl3->pwSpec;
-
- wrapKey = getWrappingKey(ss, NULL, sid->u.ssl3.exchKeyType,
- sid->u.ssl3.masterWrapMech, ss->pkcs11PinArg);
- if (!wrapKey) {
- /* we have a SID cache entry, but no wrapping key for it??? */
- break;
- }
-
- if (ss->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
- keyFlags = CKF_SIGN | CKF_VERIFY;
- }
-
- wrappedKey.data = sid->u.ssl3.keys.wrapped_master_secret;
- wrappedKey.len = sid->u.ssl3.keys.wrapped_master_secret_len;
-
- /* unwrap the master secret. */
- pwSpec->master_secret =
- PK11_UnwrapSymKeyWithFlags(wrapKey, sid->u.ssl3.masterWrapMech,
- NULL, &wrappedKey, CKM_SSL3_MASTER_KEY_DERIVE,
- CKA_DERIVE, sizeof(SSL3MasterSecret), keyFlags);
- PK11_FreeSymKey(wrapKey);
- if (pwSpec->master_secret == NULL) {
- break; /* not an error */
- }
- ci->sid = sid;
- if (sid->peerCert != NULL) {
- ss->sec->peerCert = CERT_DupCertificate(sid->peerCert);
- }
-
- /*
- * Old SID passed all tests, so resume this old session.
- *
- * XXX make sure compression still matches
- */
- ++ssl3stats.hch_sid_cache_hits;
- ssl3->hs.isResuming = PR_TRUE;
-
- ss->sec->authAlgorithm = sid->authAlgorithm;
- ss->sec->authKeyBits = sid->authKeyBits;
- ss->sec->keaType = sid->keaType;
- ss->sec->keaKeyBits = sid->keaKeyBits;
-
- /* server sids don't remember the server cert we previously sent,
- ** but they do remember the kea type we originally used, so we
- ** can locate it again, provided that the current ssl socket
- ** has had its server certs configured the same as the previous one.
- */
- ss->sec->localCert =
- CERT_DupCertificate(ss->serverCerts[sid->keaType].serverCert);
-
- ssl_GetXmitBufLock(ss); haveXmitBufLock = PR_TRUE;
-
- rv = ssl3_SendServerHello(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- /* reload the FORTEZZA key material.
- * On Fortezza, the following keys & IVs are generated by the KEA,
- * not from the PMS. Since we're not going to redo the KEA, we
- * have to save & restore them for Fortezza.
- * use kea because we haven't call InitCipher Specs yet...?
- */
- if (ssl3->hs.suite_def->bulk_cipher_alg == cipher_fortezza) {
- PK11SymKey * Ks;
- SECItem item;
-
- PORT_Memcpy(pwSpec->client.write_iv,
- sid->u.ssl3.keys.client_write_iv,
- sizeof sid->u.ssl3.keys.client_write_iv);
- PORT_Memcpy(pwSpec->server.write_iv,
- sid->u.ssl3.keys.server_write_iv,
- sizeof sid->u.ssl3.keys.server_write_iv);
-
- /* Now, unwrap the client and server write keys with Ks */
-
- /* get the slot that the fortezza server private key is in. */
- slot = PK11_GetSlotFromPrivateKey(
- ss->serverCerts[kt_fortezza].serverKey);
- if (slot == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL,
- ss->pkcs11PinArg);
- PK11_FreeSlot(slot);
- if (Ks == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
-
- /* unwrap client write key with the local Ks */
- item.data = sid->u.ssl3.keys.wrapped_client_write_key;
- item.len = sizeof sid->u.ssl3.keys.wrapped_client_write_key;
-
- pwSpec->client.write_key =
- PK11_UnwrapSymKey(Ks, CKM_SKIPJACK_WRAP, NULL, &item,
- CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- if (pwSpec->client.write_key == NULL) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto loser;
- }
-
- /* unwrap server write key with the local Ks */
- item.data = sid->u.ssl3.keys.wrapped_server_write_key;
- item.len = sizeof sid->u.ssl3.keys.wrapped_server_write_key;
-
- pwSpec->server.write_key =
- PK11_UnwrapSymKey(Ks, CKM_SKIPJACK_WRAP, NULL, &item,
- CKM_SKIPJACK_CBC64, CKA_ENCRYPT, 0);
- if (pwSpec->server.write_key == NULL) {
- PK11_FreeSymKey(pwSpec->client.write_key);
- pwSpec->client.write_key = NULL;
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto loser;
- }
- /* Set flag that says "generate 8 byte random prefix plaintext." */
- PK11_SetFortezzaHack(pwSpec->server.write_key); /* can't fail */
-
- }
-
- if (haveSpecWriteLock) {
- ssl_ReleaseSpecWriteLock(ss);
- haveSpecWriteLock = PR_FALSE;
- }
-
- /* NULL value for PMS signifies re-use of the old MS */
- rv = ssl3_InitPendingCipherSpec(ss, NULL);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- rv = ssl3_SendChangeCipherSpecs(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
- rv = ssl3_SendFinished(ss, 0);
- ssl3->hs.ws = wait_change_cipher;
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- if (haveXmitBufLock) {
- ssl_ReleaseXmitBufLock(ss);
- haveXmitBufLock = PR_FALSE;
- }
-
- return SECSuccess;
- } while (0);
-
- if (haveSpecWriteLock) {
- ssl_ReleaseSpecWriteLock(ss);
- haveSpecWriteLock = PR_FALSE;
- }
-
- if (sid) { /* we had a sid, but it's no longer valid, free it */
- ++ssl3stats.hch_sid_cache_not_ok;
- ss->sec->uncache(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- }
- ++ssl3stats.hch_sid_cache_misses;
-
- sid = ssl3_NewSessionID(ss, PR_TRUE);
- if (sid == NULL) {
- errCode = PORT_GetError();
- goto loser; /* memory error is set. */
- }
- ci->sid = sid;
-
- ssl3->hs.isResuming = PR_FALSE;
- ssl_GetXmitBufLock(ss);
- rv = ssl3_SendServerHelloSequence(ss);
- ssl_ReleaseXmitBufLock(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- if (haveXmitBufLock) {
- ssl_ReleaseXmitBufLock(ss);
- haveXmitBufLock = PR_FALSE;
- }
-
- return SECSuccess;
-
-alert_loser:
- if (haveSpecWriteLock) {
- ssl_ReleaseSpecWriteLock(ss);
- haveSpecWriteLock = PR_FALSE;
- }
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
- /* FALLTHRU */
-loser:
- if (haveSpecWriteLock) {
- ssl_ReleaseSpecWriteLock(ss);
- haveSpecWriteLock = PR_FALSE;
- }
-
- if (sidBytes.data != NULL) SECITEM_FreeItem(&sidBytes, PR_FALSE);
- if (suites.data != NULL) SECITEM_FreeItem(&suites, PR_FALSE);
- if (comps.data != NULL) SECITEM_FreeItem(&comps, PR_FALSE);
-
- if (haveXmitBufLock) {
- ssl_ReleaseXmitBufLock(ss);
- haveXmitBufLock = PR_FALSE;
- }
-
- PORT_SetError(errCode);
- return SECFailure;
-}
-
-/*
- * ssl3_HandleV2ClientHello is used when a V2 formatted hello comes
- * in asking to use the V3 handshake.
- * Called from ssl2_HandleClientHelloMessage() in sslcon.c
- */
-SECStatus
-ssl3_HandleV2ClientHello(sslSocket *ss, unsigned char *buffer, int length)
-{
- sslSessionID * sid = NULL;
- unsigned char * suites;
- unsigned char * random;
- SSL3ProtocolVersion version;
- SECStatus rv;
- int i;
- int j;
- int sid_length;
- int suite_length;
- int rand_length;
- int errCode = SSL_ERROR_RX_MALFORMED_CLIENT_HELLO;
- SSL3AlertDescription desc = handshake_failure;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle v2 client_hello", SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- ssl_GetSSL3HandshakeLock(ss);
-
- rv = ssl3_InitState(ss);
- if (rv != SECSuccess) {
- ssl_ReleaseSSL3HandshakeLock(ss);
- return rv; /* ssl3_InitState has set the error code. */
- }
-
- if (ss->ssl3->hs.ws != wait_client_hello) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO;
- goto loser; /* alert_loser */
- }
-
- version = (buffer[1] << 8) | buffer[2];
- suite_length = (buffer[3] << 8) | buffer[4];
- sid_length = (buffer[5] << 8) | buffer[6];
- rand_length = (buffer[7] << 8) | buffer[8];
- ss->clientHelloVersion = version;
-
- rv = ssl3_NegotiateVersion(ss, version);
- if (rv != SECSuccess) {
- /* send back which ever alert client will understand. */
- desc = (version > SSL_LIBRARY_VERSION_3_0) ? protocol_version : handshake_failure;
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
- }
-
- /* if we get a non-zero SID, just ignore it. */
- if (length !=
- SSL_HL_CLIENT_HELLO_HBYTES + suite_length + sid_length + rand_length) {
- SSL_DBG(("%d: SSL3[%d]: bad v2 client hello message, len=%d should=%d",
- SSL_GETPID(), ss->fd, length,
- SSL_HL_CLIENT_HELLO_HBYTES + suite_length + sid_length +
- rand_length));
- goto loser; /* malformed */ /* alert_loser */
- }
-
- suites = buffer + SSL_HL_CLIENT_HELLO_HBYTES;
- random = suites + suite_length + sid_length;
-
- if (rand_length < SSL_MIN_CHALLENGE_BYTES ||
- rand_length > SSL_MAX_CHALLENGE_BYTES) {
- goto loser; /* malformed */ /* alert_loser */
- }
-
- PORT_Assert(SSL_MAX_CHALLENGE_BYTES == SSL3_RANDOM_LENGTH);
-
- PORT_Memset(&ss->ssl3->hs.client_random, 0, SSL3_RANDOM_LENGTH);
- PORT_Memcpy(
- &ss->ssl3->hs.client_random.rand[SSL3_RANDOM_LENGTH - rand_length],
- random, rand_length);
-
- PRINT_BUF(60, (ss, "client random:", &ss->ssl3->hs.client_random.rand[0],
- SSL3_RANDOM_LENGTH));
-
- i = ssl3_config_match_init(ss);
- if (i <= 0) {
- errCode = PORT_GetError(); /* error code is already set. */
- goto alert_loser;
- }
-
- /* Select a cipher suite.
- ** NOTE: This suite selection algorithm should be the same as the one in
- ** ssl3_HandleClientHello().
- */
- for (j = 0; j < ssl_V3_SUITES_IMPLEMENTED; j++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[j];
- if (!config_match(suite, ss->ssl3->policy, PR_TRUE))
- continue;
- for (i = 0; i < suite_length; i += 3) {
- if ((suites[i] == 0) &&
- (suites[i+1] == MSB(suite->cipher_suite)) &&
- (suites[i+2] == LSB(suite->cipher_suite))) {
-
- ss->ssl3->hs.cipher_suite = suite->cipher_suite;
- ss->ssl3->hs.suite_def =
- ssl_LookupCipherSuiteDef(ss->ssl3->hs.cipher_suite);
- goto suite_found;
- }
- }
- }
- errCode = SSL_ERROR_NO_CYPHER_OVERLAP;
- goto alert_loser;
-
-suite_found:
-
- ss->ssl3->hs.compression = compression_null;
- ss->sec->send = ssl3_SendApplicationData;
-
- /* we don't even search for a cache hit here. It's just a miss. */
- ++ssl3stats.hch_sid_cache_misses;
- sid = ssl3_NewSessionID(ss, PR_TRUE);
- if (sid == NULL) {
- errCode = PORT_GetError();
- goto loser; /* memory error is set. */
- }
- ss->sec->ci.sid = sid;
- /* do not worry about memory leak of sid since it now belongs to ci */
-
- /* We have to update the handshake hashes before we can send stuff */
- rv = ssl3_UpdateHandshakeHashes(ss, buffer, length);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- ssl_GetXmitBufLock(ss);
- rv = ssl3_SendServerHelloSequence(ss);
- ssl_ReleaseXmitBufLock(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
-
- /* XXX_1 The call stack to here is:
- * ssl_Do1stHandshake -> ssl2_HandleClientHelloMessage -> here.
- * ssl2_HandleClientHelloMessage returns whatever we return here.
- * ssl_Do1stHandshake will continue looping if it gets back either
- * SECSuccess or SECWouldBlock.
- * SECSuccess is preferable here. See XXX_1 in sslgathr.c.
- */
- ssl_ReleaseSSL3HandshakeLock(ss);
- return SECSuccess;
-
-alert_loser:
- SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
- ssl_ReleaseSSL3HandshakeLock(ss);
- PORT_SetError(errCode);
- return SECFailure;
-}
-
-/* The negotiated version number has been already placed in ss->version.
-**
-** Called from: ssl3_HandleClientHello (resuming session),
-** ssl3_SendServerHelloSequence <- ssl3_HandleClientHello (new session),
-** ssl3_SendServerHelloSequence <- ssl3_HandleV2ClientHello (new session)
-*/
-static SECStatus
-ssl3_SendServerHello(sslSocket *ss)
-{
- sslSessionID *sid;
- SECStatus rv;
- PRUint32 length;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send server_hello handshake", SSL_GETPID(),
- ss->fd));
-
- PORT_Assert(ss->sec);
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
- PORT_Assert( MSB(ss->version) == MSB(SSL_LIBRARY_VERSION_3_0));
-
- if (MSB(ss->version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- return SECFailure;
- }
-
- sid = ss->sec->ci.sid;
- length = sizeof(SSL3ProtocolVersion) + SSL3_RANDOM_LENGTH + 1 +
- ((sid == NULL) ? 0: SSL3_SESSIONID_BYTES) +
- sizeof(ssl3CipherSuite) + 1;
- rv = ssl3_AppendHandshakeHeader(ss, server_hello, length);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeNumber(ss, ss->version, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_GetNewRandom(&ss->ssl3->hs.server_random);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE);
- return rv;
- }
- rv = ssl3_AppendHandshake(
- ss, &ss->ssl3->hs.server_random, SSL3_RANDOM_LENGTH);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
-
- if (sid)
- rv = ssl3_AppendHandshakeVariable(
- ss, sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength, 1);
- else
- rv = ssl3_AppendHandshakeVariable(ss, NULL, 0, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3->hs.cipher_suite, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_AppendHandshakeNumber(ss, ss->ssl3->hs.compression, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_SetupPendingCipherSpec(ss, ss->ssl3);
- if (rv != SECSuccess) {
- return rv; /* err set by ssl3_SetupPendingCipherSpec */
- }
-
- return SECSuccess;
-}
-
-
-static SECStatus
-ssl3_SendServerKeyExchange(sslSocket *ss)
-{
-const ssl3KEADef * kea_def = ss->ssl3->hs.kea_def;
- SECStatus rv = SECFailure;
- int length;
- PRBool isTLS;
- SECItem signed_hash = {siBuffer, NULL, 0};
- SSL3Hashes hashes;
- SECKEYPublicKey * sdPub; /* public key for step-down */
-
- SSL_TRC(3, ("%d: SSL3[%d]: send server_key_exchange handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- switch (kea_def->exchKeyType) {
- case kt_rsa:
- /* Perform SSL Step-Down here. */
- sdPub = ss->stepDownKeyPair->pubKey;
- PORT_Assert(sdPub != NULL);
- if (!sdPub) {
- PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- return SECFailure;
- }
- rv = ssl3_ComputeExportRSAKeyHash(sdPub->u.rsa.modulus,
- sdPub->u.rsa.publicExponent,
- &ss->ssl3->hs.client_random,
- &ss->ssl3->hs.server_random,
- &hashes);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- return rv;
- }
-
- isTLS = (PRBool)(ss->ssl3->pwSpec->version > SSL_LIBRARY_VERSION_3_0);
- rv = ssl3_SignHashes(&hashes, ss->serverCerts[kt_rsa].serverKey,
- &signed_hash, isTLS);
- if (rv != SECSuccess) {
- goto loser; /* ssl3_SignHashes has set err. */
- }
- if (signed_hash.data == NULL) {
- /* how can this happen and rv == SECSuccess ?? */
- PORT_SetError(SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE);
- goto loser;
- }
- length = 2 + sdPub->u.rsa.modulus.len +
- 2 + sdPub->u.rsa.publicExponent.len +
- 2 + signed_hash.len;
-
- rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeVariable(ss, sdPub->u.rsa.modulus.data,
- sdPub->u.rsa.modulus.len, 2);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeVariable(
- ss, sdPub->u.rsa.publicExponent.data,
- sdPub->u.rsa.publicExponent.len, 2);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshakeVariable(ss, signed_hash.data,
- signed_hash.len, 2);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
- PORT_Free(signed_hash.data);
- return SECSuccess;
-
- case kt_fortezza:
-
- /* Set server's "random" public key R_s to the email value == 1 */
- PORT_Memset(ss->ssl3->fortezza.R_s, 0, sizeof(ss->ssl3->fortezza.R_s));
- ss->ssl3->fortezza.R_s[127] = 1;
-
- /* don't waste time signing the random number */
- length = sizeof (ss->ssl3->fortezza.R_s) /*+ 2 + signed_hash.len*/;
-
- rv = ssl3_AppendHandshakeHeader(ss, server_key_exchange, length);
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
-
- rv = ssl3_AppendHandshake( ss, &ss->ssl3->fortezza.R_s,
- sizeof(ss->ssl3->fortezza.R_s));
- if (rv != SECSuccess) {
- goto loser; /* err set by AppendHandshake. */
- }
- return SECSuccess;
-
- case kt_dh:
- case kt_null:
- default:
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- break;
- }
-loser:
- if (signed_hash.data != NULL)
- PORT_Free(signed_hash.data);
- return SECFailure;
-}
-
-
-static SECStatus
-ssl3_SendCertificateRequest(sslSocket *ss)
-{
- SECItem * name;
- CERTDistNames *ca_list;
-const uint8 * certTypes;
- SECItem * names = NULL;
- SECStatus rv;
- int length;
- int i;
- int calen = 0;
- int nnames = 0;
- int certTypesLength;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send certificate_request handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- /* ssl3->ca_list is initialized to NULL, and never changed. */
- ca_list = ss->ssl3->ca_list;
- if (!ca_list) {
- ca_list = ssl3_server_ca_list;
- }
-
- if (ca_list != NULL) {
- names = ca_list->names;
- nnames = ca_list->nnames;
- }
-
- if (!nnames) {
- PORT_SetError(SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA);
- return SECFailure;
- }
-
- for (i = 0, name = names; i < nnames; i++, name++) {
- calen += 2 + name->len;
- }
-
- if (ss->ssl3->hs.kea_def->exchKeyType == kt_fortezza) {
- certTypes = fortezza_certificate_types;
- certTypesLength = sizeof fortezza_certificate_types;
- } else {
- certTypes = certificate_types;
- certTypesLength = sizeof certificate_types;
- }
-
- length = 1 + certTypesLength + 2 + calen;
-
- rv = ssl3_AppendHandshakeHeader(ss, certificate_request, length);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_AppendHandshakeVariable(ss, certTypes, certTypesLength, 1);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_AppendHandshakeNumber(ss, calen, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- for (i = 0, name = names; i < nnames; i++, name++) {
- rv = ssl3_AppendHandshakeVariable(ss, name->data, name->len, 2);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- }
-
- return SECSuccess;
-}
-
-static SECStatus
-ssl3_SendServerHelloDone(sslSocket *ss)
-{
- SECStatus rv;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send server_hello_done handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- rv = ssl3_AppendHandshakeHeader(ss, server_hello_done, 0);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_FlushHandshake(ss, 0);
- if (rv != SECSuccess) {
- return rv; /* error code set by ssl3_FlushHandshake */
- }
- return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate Verify message
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleCertificateVerify(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
- SSL3Hashes *hashes)
-{
- SECItem signed_hash = {siBuffer, NULL, 0};
- SECStatus rv;
- int errCode = SSL_ERROR_RX_MALFORMED_CERT_VERIFY;
- SSL3AlertDescription desc = handshake_failure;
- PRBool isTLS;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle certificate_verify handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ss->ssl3->hs.ws != wait_cert_verify || ss->sec->peerCert == NULL) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY;
- goto alert_loser;
- }
-
- rv = ssl3_ConsumeHandshakeVariable(ss, &signed_hash, 2, &b, &length);
- if (rv != SECSuccess) {
- goto loser; /* malformed. */
- }
-
- isTLS = (PRBool)(ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- /* XXX verify that the key & kea match */
- rv = ssl3_VerifySignedHashes(hashes, ss->sec->peerCert, &signed_hash,
- isTLS, ss->pkcs11PinArg);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- desc = isTLS ? decrypt_error : handshake_failure;
- goto alert_loser;
- }
-
- PORT_Free(signed_hash.data);
- signed_hash.data = NULL;
-
- if (length != 0) {
- desc = isTLS ? decode_error : illegal_parameter;
- goto alert_loser; /* malformed */
- }
- ss->ssl3->hs.ws = wait_change_cipher;
- return SECSuccess;
-
-alert_loser:
- SSL3_SendAlert(ss, alert_fatal, desc);
-loser:
- if (signed_hash.data != NULL) SECITEM_FreeItem(&signed_hash, PR_FALSE);
- PORT_SetError(errCode);
- return SECFailure;
-}
-
-/*
-** Called from ssl3_HandleClientKeyExchange()
-*/
-static SECStatus
-ssl3_HandleFortezzaClientKeyExchange(sslSocket *ss, SSL3Opaque *b,
- PRUint32 length,
- SECKEYPrivateKey *serverKey)
-{
- SECKEYPublicKey * pubKey = NULL;
- PK11SymKey * tek = NULL;
- PK11SymKey * pms;
- PK11SymKey * Ks = NULL;
- sslSessionID * sid = ss->sec->ci.sid;
- ssl3CipherSpec * pwSpec = ss->ssl3->pwSpec;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv;
- SECItem raItem;
- SECItem rbItem;
- SECItem param;
- SECItem item;
- SECItem enc_pms;
- SSL3FortezzaKeys fortezza_CKE;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- fortezza_CKE.y_c.data = NULL;
- rv = ssl3_ConsumeHandshakeVariable(ss, &fortezza_CKE.y_c, 1, &b, &length);
- if (rv != SECSuccess) {
- PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH);
- goto fortezza_loser;
- }
- rv = ssl3_ConsumeHandshake(ss, &fortezza_CKE.r_c,
- sizeof fortezza_CKE - sizeof fortezza_CKE.y_c,
- &b, &length);
- if (rv != SECSuccess) {
- PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH);
- goto fortezza_loser;
- }
-
- /* Build a Token Encryption key (tek). TEK's can never be unloaded
- * from the card, but given these parameters, and *OUR* fortezza
- * card, we can always regenerate the same one on the fly.
- */
- if (ss->sec->peerCert != NULL) {
- /* client-auth case */
-
- pubKey = CERT_ExtractPublicKey(ss->sec->peerCert);
- if (pubKey == NULL) {
- SEND_ALERT
- PORT_SetError(SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE);
- rv = SECFailure;
- goto fortezza_loser;
- }
-
- if (pubKey->keyType != fortezzaKey) {
- /* handle V3 client-auth case */
- SECItem sigItem;
- SECItem hashItem;
- unsigned char hash[SHA1_LENGTH];
-
- rv = ssl3_ComputeFortezzaPublicKeyHash(fortezza_CKE.y_c, hash);
- if (rv != SECSuccess) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
- sigItem.data = fortezza_CKE.y_signature;
- sigItem.len = sizeof fortezza_CKE.y_signature;
-
- hashItem.data = hash;
- hashItem.len = sizeof hash;
-
- rv = PK11_Verify(pubKey, &sigItem, &hashItem, pwArg);
- if (rv != SECSuccess) {
- SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
- SECKEY_DestroyPublicKey(pubKey); pubKey = NULL;
- }
- }
- rv = SECFailure;
-
- /* Make the public key if necessary */
- if (fortezza_CKE.y_c.len != 0) {
- if (pubKey != NULL) {
- /* The client is not allowed to send the public key
- * if it can be extracted from the certificate. */
- SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
- PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
- pubKey = PK11_MakeKEAPubKey(fortezza_CKE.y_c.data,
- fortezza_CKE.y_c.len);
- }
- if (pubKey == NULL) {
- /* no public Key in either the cert or the protocol message*/
- SSL3_SendAlert(ss, alert_fatal, illegal_parameter);
- PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* Now we derive the TEK. r_c is the client's "random" public key. */
- raItem.data = fortezza_CKE.r_c;
- raItem.len = sizeof(fortezza_CKE.r_c);
-
- /* R_s == server's "random" public key, sent in the Server Key Exchange */
- rbItem.data = ss->ssl3->fortezza.R_s;
- rbItem.len = sizeof ss->ssl3->fortezza.R_s;
-
- tek = PK11_PubDerive(serverKey, pubKey, PR_FALSE, /* don't gen r_c */
- &raItem, &rbItem, CKM_KEA_KEY_DERIVE,
- CKM_SKIPJACK_WRAP, CKA_WRAP, 0, pwArg);
- SECKEY_DestroyPublicKey(pubKey); pubKey = NULL;
- if (tek == NULL) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- ss->ssl3->fortezza.tek = PK11_ReferenceSymKey(tek);
-
- if (pwSpec->cipher_def->calg == calg_fortezza) {
- item.data = fortezza_CKE.wrapped_client_write_key;
- item.len = sizeof fortezza_CKE.wrapped_client_write_key;
-
- pwSpec->client.write_key =
- PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL, &item,
- CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
- if (pwSpec->client.write_key == NULL) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto fortezza_loser;
- }
-
- item.data = fortezza_CKE.wrapped_server_write_key;
- item.len = sizeof fortezza_CKE.wrapped_server_write_key;
-
- pwSpec->server.write_key =
- PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL, &item,
- CKM_SKIPJACK_CBC64, CKA_ENCRYPT, 0);
- if (pwSpec->server.write_key == NULL) {
- PK11_FreeSymKey(pwSpec->client.write_key);
- pwSpec->client.write_key = NULL;
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto fortezza_loser;
- }
- /* Set a flag that says "generate 8 byte random prefix plaintext." */
- PK11_SetFortezzaHack(pwSpec->server.write_key); /* can't fail */
-
- PORT_Memcpy(pwSpec->client.write_iv, fortezza_CKE.client_write_iv,
- sizeof fortezza_CKE.client_write_iv);
- PORT_Memcpy(pwSpec->server.write_iv, fortezza_CKE.server_write_iv,
- sizeof fortezza_CKE.server_write_iv);
-
- }
-
- /* decrypt the pms with the TEK */
- enc_pms.data = fortezza_CKE.encrypted_preMasterSecret;
- enc_pms.len = sizeof fortezza_CKE.encrypted_preMasterSecret;
-
- param.data = fortezza_CKE.master_secret_iv;
- param.len = sizeof fortezza_CKE.master_secret_iv;
-
- pms = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64, &param, &enc_pms,
- CKM_SSL3_MASTER_KEY_DERIVE, CKA_DERIVE, 0);
- if (pms == NULL) {
- SEND_ALERT
- ssl_MapLowLevelError(SSL_ERROR_SYM_KEY_UNWRAP_FAILURE);
- goto fortezza_loser;
- }
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms);
- if (rv != SECSuccess) {
- SEND_ALERT
- goto fortezza_loser; /* err code is set. */
- }
-
- if (pwSpec->cipher_def->calg == calg_fortezza) {
- PK11SlotInfo * slot;
-
- sid->u.ssl3.clientWriteKey =
- PK11_ReferenceSymKey(pwSpec->client.write_key);
- sid->u.ssl3.serverWriteKey =
- PK11_ReferenceSymKey(pwSpec->server.write_key);
-
- PORT_Memcpy(sid->u.ssl3.keys.client_write_iv, pwSpec->client.write_iv,
- sizeof sid->u.ssl3.keys.client_write_iv);
- PORT_Memcpy(sid->u.ssl3.keys.server_write_iv, pwSpec->server.write_iv,
- sizeof sid->u.ssl3.keys.server_write_iv);
-
- /* Now, wrap the client and server write keys in Ks for storage
- * in the on-disk sid.
- */
-
- slot = PK11_GetSlotFromKey(tek); /* get ref to the slot */
- if (slot == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* Look up the Token Fixed Key */
- Ks = PK11_FindFixedKey(slot, CKM_SKIPJACK_WRAP, NULL, ss->pkcs11PinArg);
- PK11_FreeSlot(slot);
- if (Ks == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* rewrap server write key with the local Ks */
- item.data = sid->u.ssl3.keys.wrapped_server_write_key;
- item.len = sizeof sid->u.ssl3.keys.wrapped_server_write_key;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks,
- pwSpec->server.write_key, &item);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* rewrap client write key with the local Ks */
- item.data = sid->u.ssl3.keys.wrapped_client_write_key;
- item.len = sizeof sid->u.ssl3.keys.wrapped_client_write_key;
- rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, Ks,
- pwSpec->client.write_key, &item);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- goto fortezza_loser;
- }
-
- /* wrap the master secret later, when we handle the client's
- * finished message.
- */
- }
-
- sid->u.ssl3.hasFortezza = PR_TRUE;
- sid->u.ssl3.tek = tek; tek = NULL;
-
- rv = SECSuccess;
-
-fortezza_loser:
- if (Ks) PK11_FreeSymKey(Ks);
- if (tek) PK11_FreeSymKey(tek);
- if (pubKey) SECKEY_DestroyPublicKey(pubKey);
- if (fortezza_CKE.y_c.data != NULL)
- SECITEM_FreeItem(&fortezza_CKE.y_c, PR_FALSE);
- return rv;
-}
-
-/* find a slot that is able to generate a PMS and wrap it with RSA.
- * Then generate and return the PMS.
- * If the serverKeySlot parameter is non-null, this function will use
- * that slot to do the job, otherwise it will find a slot.
- *
- * Called from ssl3_GenerateSessionKeys() (above)
- * sendRSAClientKeyExchange() (above)
- * ssl3_HandleRSAClientKeyExchange() (below)
- * Caller must hold the SpecWriteLock, the SSL3HandshakeLock
- */
-static PK11SymKey *
-ssl3_GenerateRSAPMS(sslSocket *ss, ssl3CipherSpec *spec,
- PK11SlotInfo * serverKeySlot)
-{
- PK11SymKey * pms = NULL;
- PK11SlotInfo * slot = serverKeySlot;
- void * pwArg = ss->pkcs11PinArg;
- SECItem param;
- CK_VERSION version;
- CK_MECHANISM_TYPE mechanism_array[3];
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (slot == NULL) {
- SSLCipherAlgorithm calg;
- /* The specReadLock would suffice here, but we cannot assert on
- ** read locks. Also, all the callers who call with a non-null
- ** slot already hold the SpecWriteLock.
- */
- PORT_Assert( ssl_HaveSpecWriteLock(ss));
- PORT_Assert(ss->ssl3->prSpec == ss->ssl3->pwSpec);
-
- calg = spec->cipher_def->calg;
- PORT_Assert(alg2Mech[calg].calg == calg);
-
- /* First get an appropriate slot. */
- mechanism_array[0] = CKM_SSL3_PRE_MASTER_KEY_GEN;
- mechanism_array[1] = CKM_RSA_PKCS;
- mechanism_array[2] = alg2Mech[calg].cmech;
-
- slot = PK11_GetBestSlotMultiple(mechanism_array, 3, pwArg);
- if (slot == NULL) {
- /* can't find a slot with all three, find a slot with the minimum */
- slot = PK11_GetBestSlotMultiple(mechanism_array, 2, pwArg);
- if (slot == NULL) {
- PORT_SetError(SSL_ERROR_TOKEN_SLOT_NOT_FOUND);
- return pms; /* which is NULL */
- }
- }
- }
-
- /* Generate the pre-master secret ... */
- version.major = MSB(ss->clientHelloVersion);
- version.minor = LSB(ss->clientHelloVersion);
-
- param.data = (unsigned char *)&version;
- param.len = sizeof version;
-
- pms = PK11_KeyGen(slot, CKM_SSL3_PRE_MASTER_KEY_GEN, &param, 0, pwArg);
- if (!serverKeySlot)
- PK11_FreeSlot(slot);
- if (pms == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- }
- return pms;
-}
-
-/* Note: The Bleichenbacher attack on PKCS#1 necessitates that we NEVER
- * return any indication of failure of the Client Key Exchange message,
- * where that failure is caused by the content of the client's message.
- * This function must not return SECFailure for any reason that is directly
- * or indirectly caused by the content of the client's encrypted PMS.
- * We must not send an alert and also not drop the connection.
- * Instead, we generate a random PMS. This will cause a failure
- * in the processing the finished message, which is exactly where
- * the failure must occur.
- *
- * Called from ssl3_HandleClientKeyExchange
- */
-static SECStatus
-ssl3_HandleRSAClientKeyExchange(sslSocket *ss,
- SSL3Opaque *b,
- PRUint32 length,
- SECKEYPrivateKey *serverKey)
-{
- PK11SymKey * pms;
- SECStatus rv;
- SECItem enc_pms;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- enc_pms.data = b;
- enc_pms.len = length;
-
- if (ss->ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0) { /* isTLS */
- PRInt32 kLen;
- kLen = ssl3_ConsumeHandshakeNumber(ss, 2, &enc_pms.data, &enc_pms.len);
- if (kLen < 0) {
- PORT_SetError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- return SECFailure;
- }
- if ((unsigned)kLen < enc_pms.len) {
- enc_pms.len = kLen;
- }
- }
- /*
- * decrypt pms out of the incoming buffer
- * Note: CKM_SSL3_PRE_MASTER_KEY_GEN is NOT the mechanism used to do
- * the unwrap. Rather, it is the mechanism with which the unwrapped
- * pms will be used.
- */
- pms = PK11_PubUnwrapSymKey(serverKey, &enc_pms,
- CKM_SSL3_PRE_MASTER_KEY_GEN, CKA_DERIVE, 0);
- if (pms != NULL) {
- PRINT_BUF(60, (ss, "decrypted premaster secret:",
- PK11_GetKeyData(pms)->data,
- PK11_GetKeyData(pms)->len));
- } else {
- /* unwrap failed. Generate a bogus pre-master secret and carry on. */
- PK11SlotInfo * slot = PK11_GetSlotFromPrivateKey(serverKey);
-
- ssl_GetSpecWriteLock(ss);
- pms = ssl3_GenerateRSAPMS(ss, ss->ssl3->prSpec, slot);
- ssl_ReleaseSpecWriteLock(ss);
-
- PK11_FreeSlot(slot);
- }
-
- if (pms == NULL) {
- /* last gasp. */
- ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE);
- return SECFailure;
- }
-
- rv = ssl3_InitPendingCipherSpec(ss, pms);
- PK11_FreeSymKey(pms);
- if (rv != SECSuccess) {
- SEND_ALERT
- return SECFailure; /* error code set by ssl3_InitPendingCipherSpec */
- }
- return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 ClientKeyExchange message from the remote client
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleClientKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- SECKEYPrivateKey *serverKey = NULL;
- SECStatus rv;
-const ssl3KEADef * kea_def;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle client_key_exchange handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (ss->ssl3->hs.ws != wait_client_key) {
- SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH);
- return SECFailure;
- }
-
- kea_def = ss->ssl3->hs.kea_def;
-
- serverKey = (ss->ssl3->hs.usedStepDownKey
-#ifdef DEBUG
- && kea_def->is_limited /* XXX OR cert is signing only */
- && kea_def->exchKeyType == kt_rsa
- && ss->stepDownKeyPair != NULL
-#endif
- ) ? ss->stepDownKeyPair->privKey
- : ss->serverCerts[kea_def->exchKeyType].serverKey;
-
- if (ss->ssl3->hs.usedStepDownKey
-#ifdef DEBUG
- && kea_def->is_limited /* XXX OR cert is signing only */
- && kea_def->exchKeyType == kt_rsa
- && ss->stepDownKeyPair != NULL
-#endif
- ) {
- serverKey = ss->stepDownKeyPair->privKey;
- ss->sec->keaKeyBits = EXPORT_RSA_KEY_LENGTH * BPB;
- } else {
- sslServerCerts * sc = ss->serverCerts + kea_def->exchKeyType;
- serverKey = sc->serverKey;
- ss->sec->keaKeyBits = sc->serverKeyBits;
- }
-
- if (serverKey == NULL) {
- SEND_ALERT
- PORT_SetError(SSL_ERROR_NO_SERVER_KEY_FOR_ALG);
- return SECFailure;
- }
-
- ss->sec->keaType = kea_def->exchKeyType;
-
- switch (kea_def->exchKeyType) {
- case kt_rsa:
- rv = ssl3_HandleRSAClientKeyExchange(ss, b, length, serverKey);
- if (rv != SECSuccess) {
- SEND_ALERT
- return SECFailure; /* error code set by ssl3_InitPendingCipherSpec */
- }
- break;
-
- case kt_fortezza:
- rv = ssl3_HandleFortezzaClientKeyExchange(ss, b, length, serverKey);
- if (rv != SECSuccess) {
- return SECFailure; /* error code set */
- }
- break;
-
- default:
- (void) ssl3_HandshakeFailure(ss);
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- return SECFailure;
- }
- ss->ssl3->hs.ws = ss->sec->peerCert ? wait_cert_verify : wait_change_cipher;
- return SECSuccess;
-
-}
-
-/* This is TLS's equivalent of sending a no_certificate alert. */
-static SECStatus
-ssl3_SendEmptyCertificate(sslSocket *ss)
-{
- SECStatus rv;
-
- rv = ssl3_AppendHandshakeHeader(ss, certificate, 3);
- if (rv == SECSuccess) {
- rv = ssl3_AppendHandshakeNumber(ss, 0, 3);
- }
- return rv; /* error, if any, set by functions called above. */
-}
-
-/*
- * Used by both client and server.
- * Called from HandleServerHelloDone and from SendServerHelloSequence.
- */
-static SECStatus
-ssl3_SendCertificate(sslSocket *ss)
-{
- SECStatus rv;
- CERTCertificateList *certChain;
- int len = 0;
- int i;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send certificate handshake",
- SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- if (ss->sec->localCert)
- CERT_DestroyCertificate(ss->sec->localCert);
- if (ss->sec->isServer) {
- sslServerCerts * sc =
- ss->serverCerts + ss->ssl3->hs.kea_def->exchKeyType;
- certChain = sc->serverCertChain;
- ss->sec->authKeyBits = sc->serverKeyBits;
- ss->sec->authAlgorithm = ss->ssl3->hs.kea_def->signKeyType;
- ss->sec->localCert = CERT_DupCertificate(sc->serverCert);
- } else {
- certChain = ss->ssl3->clientCertChain;
- ss->sec->localCert = CERT_DupCertificate(ss->ssl3->clientCertificate);
- }
-
- if (certChain) {
- for (i = 0; i < certChain->len; i++) {
- len += certChain->certs[i].len + 3;
- }
- }
-
- rv = ssl3_AppendHandshakeHeader(ss, certificate, len + 3);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- rv = ssl3_AppendHandshakeNumber(ss, len, 3);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- for (i = 0; i < certChain->len; i++) {
- rv = ssl3_AppendHandshakeVariable(ss, certChain->certs[i].data,
- certChain->certs[i].len, 3);
- if (rv != SECSuccess) {
- return rv; /* err set by AppendHandshake. */
- }
- }
-
- return SECSuccess;
-}
-
-/* This is used to delete the CA certificates in the peer certificate chain
- * from the cert database after they've been validated.
- */
-static void
-ssl3_CleanupPeerCerts(ssl3State *ssl3)
-{
- PRArenaPool * arena = ssl3->peerCertArena;
- ssl3CertNode *certs = (ssl3CertNode *)ssl3->peerCertChain;
-
- for (; certs; certs = certs->next) {
- CERT_DestroyCertificate(certs->cert);
- }
- if (arena) PORT_FreeArena(arena, PR_FALSE);
- ssl3->peerCertArena = NULL;
- ssl3->peerCertChain = NULL;
-}
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Certificate message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleCertificate(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- ssl3CertNode * c;
- ssl3CertNode * certs = NULL;
- PRArenaPool * arena = NULL;
- ssl3State * ssl3 = ss->ssl3;
- sslSecurityInfo *sec = ss->sec;
- CERTCertificate *cert;
- PRInt32 remaining = 0;
- PRInt32 size;
- SECStatus rv;
- PRBool isServer = (PRBool)(!!sec->isServer);
- PRBool trusted = PR_FALSE;
- PRBool isTLS;
- SSL3AlertDescription desc = bad_certificate;
- int errCode = SSL_ERROR_RX_MALFORMED_CERTIFICATE;
- SECItem certItem;
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle certificate handshake",
- SSL_GETPID(), ss->fd));
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if ((ssl3->hs.ws != wait_server_cert) &&
- (ssl3->hs.ws != wait_client_cert)) {
- desc = unexpected_message;
- errCode = SSL_ERROR_RX_UNEXPECTED_CERTIFICATE;
- goto alert_loser;
- }
-
- PORT_Assert(ssl3->peerCertArena == NULL);
-
- if (sec->peerCert != NULL) {
- if (sec->peerKey) {
- SECKEY_DestroyPublicKey(sec->peerKey);
- sec->peerKey = NULL;
- }
- CERT_DestroyCertificate(sec->peerCert);
- sec->peerCert = NULL;
- }
-
- ssl3_CleanupPeerCerts(ssl3);
- isTLS = (PRBool)(ssl3->prSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- /* It is reported that some TLS client sends a Certificate message
- ** with a zero-length message body. We'll treat that case like a
- ** normal no_certificates message to maximize interoperability.
- */
- if (length) {
- remaining = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
- if (remaining < 0)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
- }
-
- if (!remaining) {
- if (!(isTLS && isServer))
- goto alert_loser;
- /* This is TLS's version of a no_certificate alert. */
- /* I'm a server. I've requested a client cert. He hasn't got one. */
- rv = ssl3_HandleNoCertificate(ss);
- if (rv != SECSuccess) {
- errCode = PORT_GetError();
- goto loser;
- }
- goto cert_block;
- }
-
- ssl3->peerCertArena = arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if ( arena == NULL ) {
- goto loser; /* don't send alerts on memory errors */
- }
-
- /* First get the peer cert. */
- remaining -= 3;
- if (remaining < 0)
- goto decode_loser;
-
- size = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
- if (size < 0)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
-
- remaining -= size;
- if (remaining < 0)
- goto decode_loser;
-
- certItem.data = (unsigned char*)PORT_ArenaAlloc(arena, size);
- if (certItem.data == NULL) {
- goto loser; /* don't send alerts on memory errors */
- }
-
- certItem.len = size;
- rv = ssl3_ConsumeHandshake(ss, certItem.data, certItem.len, &b, &length);
- if (rv != SECSuccess)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
-
- sec->peerCert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
- PR_FALSE, PR_TRUE);
- if (sec->peerCert == NULL) {
- /* We should report an alert if the cert was bad, but not if the
- * problem was just some local problem, like memory error.
- */
- goto ambiguous_err;
- }
-
- /* Now get all of the CA certs. */
- while (remaining != 0) {
- remaining -= 3;
- if (remaining < 0)
- goto decode_loser;
-
- size = ssl3_ConsumeHandshakeNumber(ss, 3, &b, &length);
- if (size < 0)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
-
- remaining -= size;
- if (remaining < 0)
- goto decode_loser;
-
- certItem.data = (unsigned char*)PORT_ArenaAlloc(arena, size);
- if (certItem.data == NULL) {
- goto loser; /* don't send alerts on memory errors */
- }
-
- certItem.len = size;
- rv = ssl3_ConsumeHandshake(ss, certItem.data, certItem.len,
- &b, &length);
- if (rv != SECSuccess)
- goto loser; /* fatal alert already sent by ConsumeHandshake. */
-
- c = PORT_ArenaNew(arena, ssl3CertNode);
- if (c == NULL) {
- goto loser; /* don't send alerts on memory errors */
- }
-
- c->cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
- PR_FALSE, PR_TRUE);
- if (c->cert == NULL) {
- goto ambiguous_err;
- }
-
- if (c->cert->trust)
- trusted = PR_TRUE;
-
- c->next = certs;
- certs = c;
- }
-
- if (remaining != 0)
- goto decode_loser;
-
- SECKEY_UpdateCertPQG(sec->peerCert);
-
- /*
- * We're making a fortezza connection, and the card hasn't unloaded it's
- * certs, try to unload those certs now.
- */
- if (!trusted) {
- CERTCertificate *ccert;
-
- ccert = PK11_FindBestKEAMatch(sec->peerCert, ss->pkcs11PinArg);
- if (ccert)
- CERT_DestroyCertificate(ccert);
- }
-
-
- rv = (SECStatus)(*ss->authCertificate)(ss->authCertificateArg, ss->fd,
- PR_TRUE, isServer);
- if (rv) {
- errCode = PORT_GetError();
- if (!ss->handleBadCert) {
- goto bad_cert;
- }
- rv = (SECStatus)(*ss->handleBadCert)(ss->badCertArg, ss->fd);
- if ( rv ) {
- if ( rv == SECWouldBlock ) {
- /* someone will handle this connection asynchronously*/
- SSL_DBG(("%d: SSL3[%d]: go to async cert handler",
- SSL_GETPID(), ss->fd));
- ssl3->peerCertChain = certs;
- certs = NULL;
- ssl_SetAlwaysBlock(ss);
- goto cert_block;
- }
- /* cert is bad */
- goto bad_cert;
- }
- /* cert is good */
- }
-
- /* start SSL Step Up, if appropriate */
- cert = sec->peerCert;
- if (!isServer &&
- ssl3_global_policy_some_restricted &&
- ssl3->policy == SSL_ALLOWED &&
- anyRestrictedEnabled(ss) &&
- SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert,
- PR_FALSE, /* checkSig */
- certUsageSSLServerWithStepUp,
-/*XXX*/ ss->authCertificateArg) ) {
- ssl3->policy = SSL_RESTRICTED;
- ssl3->hs.rehandshake = PR_TRUE;
- }
-
- sec->ci.sid->peerCert = CERT_DupCertificate(sec->peerCert);
-
- if (!sec->isServer) {
- /* set the server authentication and key exchange types and sizes
- ** from the value in the cert. If the key exchange key is different,
- ** it will get fixed when we handle the server key exchange message.
- */
- SECKEYPublicKey * pubKey = CERT_ExtractPublicKey(cert);
- sec->authAlgorithm = ssl3->hs.kea_def->signKeyType;
- sec->keaType = ssl3->hs.kea_def->exchKeyType;
- if (pubKey) {
- sec->keaKeyBits = sec->authKeyBits =
- SECKEY_PublicKeyStrength(pubKey) * BPB;
- SECKEY_DestroyPublicKey(pubKey);
- pubKey = NULL;
- }
- }
-
- ssl3->peerCertChain = certs; certs = NULL; arena = NULL;
-
-cert_block:
- if (sec->isServer) {
- ssl3->hs.ws = wait_client_key;
- } else {
- ssl3->hs.ws = wait_cert_request; /* disallow server_key_exchange */
- if (ssl3->hs.kea_def->is_limited ||
- /* XXX OR server cert is signing only. */
- ssl3->hs.kea_def->kea == kea_fortezza ||
- ssl3->hs.kea_def->exchKeyType == kt_dh) {
- ssl3->hs.ws = wait_server_key; /* allow server_key_exchange */
- }
- }
-
- /* rv must normally be equal to SECSuccess here. If we called
- * handleBadCert, it can also be SECWouldBlock.
- */
- return rv;
-
-ambiguous_err:
- errCode = PORT_GetError();
- switch (errCode) {
- case PR_OUT_OF_MEMORY_ERROR:
- case SEC_ERROR_BAD_DATABASE:
- case SEC_ERROR_NO_MEMORY:
- if (isTLS) {
- desc = internal_error;
- goto alert_loser;
- }
- goto loser;
- }
- /* fall through to bad_cert. */
-
-bad_cert: /* caller has set errCode. */
- switch (errCode) {
- case SEC_ERROR_LIBRARY_FAILURE: desc = unsupported_certificate; break;
- case SEC_ERROR_EXPIRED_CERTIFICATE: desc = certificate_expired; break;
- case SEC_ERROR_REVOKED_CERTIFICATE: desc = certificate_revoked; break;
- case SEC_ERROR_INADEQUATE_KEY_USAGE:
- case SEC_ERROR_INADEQUATE_CERT_TYPE:
- desc = certificate_unknown; break;
- case SEC_ERROR_UNTRUSTED_CERT:
- desc = isTLS ? access_denied : certificate_unknown; break;
- case SEC_ERROR_UNKNOWN_ISSUER:
- case SEC_ERROR_UNTRUSTED_ISSUER:
- desc = isTLS ? unknown_ca : certificate_unknown; break;
- case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
- desc = isTLS ? unknown_ca : certificate_expired; break;
-
- case SEC_ERROR_CERT_NOT_IN_NAME_SPACE:
- case SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID:
- case SEC_ERROR_CA_CERT_INVALID:
- case SEC_ERROR_BAD_SIGNATURE:
- default: desc = bad_certificate; break;
- }
- SSL_DBG(("%d: SSL3[%d]: peer certificate is no good: error=%d",
- SSL_GETPID(), ss->fd, errCode));
-
- goto alert_loser;
-
-decode_loser:
- desc = isTLS ? decode_error : bad_certificate;
-
-alert_loser:
- (void)SSL3_SendAlert(ss, alert_fatal, desc);
-
-loser:
- ssl3->peerCertChain = certs; certs = NULL; arena = NULL;
- ssl3_CleanupPeerCerts(ssl3);
-
- if (sec->peerCert != NULL) {
- CERT_DestroyCertificate(sec->peerCert);
- sec->peerCert = NULL;
- }
- (void)ssl_MapLowLevelError(errCode);
- return SECFailure;
-}
-
-
-/* restart an SSL connection that we stopped to run certificate dialogs
-** XXX Need to document here how an application marks a cert to show that
-** the application has accepted it (overridden CERT_VerifyCert).
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- * It does not work on a subsequent handshake (redo).
- *
- * Return value: XXX
- *
- * Caller holds 1stHandshakeLock.
-*/
-int
-ssl3_RestartHandshakeAfterServerCert(sslSocket *ss)
-{
- CERTCertificate * cert;
- ssl3State * ssl3 = ss->ssl3;
- int rv = SECSuccess;
-
- if (MSB(ss->version) != MSB(SSL_LIBRARY_VERSION_3_0)) {
- SET_ERROR_CODE
- return SECFailure;
- }
- if (!ss->sec || !ss->ssl3) {
- SET_ERROR_CODE
- return SECFailure;
- }
-
- cert = ss->sec->peerCert;
-
- /* Permit step up if user decided to accept the cert */
- if (!ss->sec->isServer &&
- ssl3_global_policy_some_restricted &&
- ssl3->policy == SSL_ALLOWED &&
- anyRestrictedEnabled(ss) &&
- (SECSuccess == CERT_VerifyCertNow(cert->dbhandle, cert,
- PR_FALSE, /* checksig */
- certUsageSSLServerWithStepUp,
-/*XXX*/ ss->authCertificateArg) )) {
- ssl3->policy = SSL_RESTRICTED;
- ssl3->hs.rehandshake = PR_TRUE;
- }
-
- if (ss->handshake != NULL) {
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->sec->ci.sid->peerCert = CERT_DupCertificate(ss->sec->peerCert);
-
- ssl_GetRecvBufLock(ss);
- if (ssl3->hs.msgState.buf != NULL) {
- rv = ssl3_HandleRecord(ss, NULL, &ss->gather->buf);
- }
- ssl_ReleaseRecvBufLock(ss);
- }
-
- return rv;
-}
-
-static SECStatus
-ssl3_ComputeTLSFinished(ssl3CipherSpec *spec,
- PRBool isServer,
- const SSL3Finished * hashes,
- TLSFinished * tlsFinished)
-{
- PK11Context *prf_context;
- const char * label;
- unsigned int len;
- SECStatus rv;
- SECItem param = {siBuffer, NULL, 0};
-
- label = isServer ? "server finished" : "client finished";
- len = 15;
-
- prf_context =
- PK11_CreateContextBySymKey(CKM_TLS_PRF_GENERAL, CKA_SIGN,
- spec->master_secret, &param);
- if (!prf_context)
- return SECFailure;
-
- rv = PK11_DigestBegin(prf_context);
- rv |= PK11_DigestOp(prf_context, (const unsigned char *) label, len);
- rv |= PK11_DigestOp(prf_context, hashes->md5, sizeof *hashes);
- rv |= PK11_DigestFinal(prf_context, tlsFinished->verify_data,
- &len, sizeof *tlsFinished);
- PORT_Assert(rv != SECSuccess || len == sizeof *tlsFinished);
-
- PK11_DestroyContext(prf_context, PR_TRUE);
- return rv;
-}
-
-/* called from ssl3_HandleServerHelloDone
- * ssl3_HandleClientHello
- * ssl3_HandleFinished
- */
-static SECStatus
-ssl3_SendFinished(sslSocket *ss, PRInt32 flags)
-{
- ssl3CipherSpec *cwSpec;
- PRBool isTLS;
- PRBool isServer = ss->sec->isServer;
- SECStatus rv;
- SSL3Sender sender = isServer ? sender_server : sender_client;
- SSL3Finished hashes;
- TLSFinished tlsFinished;
-
- SSL_TRC(3, ("%d: SSL3[%d]: send finished handshake", SSL_GETPID(), ss->fd));
-
- PORT_Assert( ssl_HaveXmitBufLock(ss));
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- ssl_GetSpecReadLock(ss);
- cwSpec = ss->ssl3->cwSpec;
- isTLS = (PRBool)(cwSpec->version > SSL_LIBRARY_VERSION_3_0);
- rv = ssl3_ComputeHandshakeHashes(ss, cwSpec, &hashes, sender);
- if (isTLS && rv == SECSuccess) {
- rv = ssl3_ComputeTLSFinished(cwSpec, isServer, &hashes, &tlsFinished);
- }
- ssl_ReleaseSpecReadLock(ss);
- if (rv != SECSuccess) {
- goto fail; /* err code was set by ssl3_ComputeHandshakeHashes */
- }
-
- if (isTLS) {
- rv = ssl3_AppendHandshakeHeader(ss, finished, sizeof tlsFinished);
- if (rv != SECSuccess)
- goto fail; /* err set by AppendHandshake. */
- rv = ssl3_AppendHandshake(ss, &tlsFinished, sizeof tlsFinished);
- if (rv != SECSuccess)
- goto fail; /* err set by AppendHandshake. */
- } else {
- rv = ssl3_AppendHandshakeHeader(ss, finished, sizeof hashes);
- if (rv != SECSuccess)
- goto fail; /* err set by AppendHandshake. */
- rv = ssl3_AppendHandshake(ss, &hashes, sizeof hashes);
- if (rv != SECSuccess)
- goto fail; /* err set by AppendHandshake. */
- }
- rv = ssl3_FlushHandshake(ss, flags);
- if (rv != SECSuccess) {
- goto fail; /* error code set by ssl3_FlushHandshake */
- }
- return SECSuccess;
-
-fail:
- return rv;
-}
-
-
-
-/* Called from ssl3_HandleHandshakeMessage() when it has deciphered a complete
- * ssl3 Finished message from the peer.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleFinished(sslSocket *ss, SSL3Opaque *b, PRUint32 length,
- const SSL3Hashes *hashes)
-{
- sslSecurityInfo * sec = ss->sec;
- ssl3State * ssl3 = ss->ssl3;
- sslSessionID * sid = sec->ci.sid;
- PK11SymKey * wrappingKey = NULL;
- PK11SlotInfo * symKeySlot;
- void * pwArg = ss->pkcs11PinArg;
- SECStatus rv;
- PRBool isServer = sec->isServer;
- PRBool isTLS;
- PRBool doStepUp;
- CK_MECHANISM_TYPE mechanism;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- SSL_TRC(3, ("%d: SSL3[%d]: handle finished handshake",
- SSL_GETPID(), ss->fd));
-
- if (ssl3->hs.ws != wait_finished) {
- SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_FINISHED);
- return SECFailure;
- }
-
- isTLS = (PRBool)(ssl3->crSpec->version > SSL_LIBRARY_VERSION_3_0);
- if (isTLS) {
- TLSFinished tlsFinished;
-
- if (length != sizeof tlsFinished) {
- (void)SSL3_SendAlert(ss, alert_fatal, decode_error);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_FINISHED);
- return SECFailure;
- }
- rv = ssl3_ComputeTLSFinished(ssl3->crSpec, !isServer,
- hashes, &tlsFinished);
- if (rv != SECSuccess ||
- 0 != PORT_Memcmp(&tlsFinished, b, length)) {
- (void)SSL3_SendAlert(ss, alert_fatal, decrypt_error);
- PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- return SECFailure;
- }
- } else {
- if (length != sizeof(SSL3Hashes)) {
- (void)ssl3_IllegalParameter(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_FINISHED);
- return SECFailure;
- }
-
- if (0 != PORT_Memcmp(hashes, b, length)) {
- (void)ssl3_HandshakeFailure(ss);
- PORT_SetError(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE);
- return SECFailure;
- }
- }
-
- doStepUp = (PRBool)(!isServer && ssl3->hs.rehandshake);
-
- ssl_GetXmitBufLock(ss); /*************************************/
-
- if ((isServer && !ssl3->hs.isResuming) ||
- (!isServer && ssl3->hs.isResuming)) {
- PRInt32 flags = 0;
-
- rv = ssl3_SendChangeCipherSpecs(ss);
- if (rv != SECSuccess) {
- goto xmit_loser; /* err is set. */
- }
- /* If this thread is in SSL_SecureSend (trying to write some data)
- ** or if it is going to step up,
- ** then set the ssl_SEND_FLAG_FORCE_INTO_BUFFER flag, so that the
- ** last two handshake messages (change cipher spec and finished)
- ** will be sent in the same send/write call as the application data.
- */
- if (doStepUp || ss->writerThread == PR_GetCurrentThread()) {
- flags = ssl_SEND_FLAG_FORCE_INTO_BUFFER;
- }
- rv = ssl3_SendFinished(ss, flags);
- if (rv != SECSuccess) {
- goto xmit_loser; /* err is set. */
- }
- }
-
- /* Optimization: don't cache this connection if we're going to step up. */
- if (doStepUp) {
- ssl_FreeSID(sid);
- ss->sec->ci.sid = sid = NULL;
- ssl3->hs.rehandshake = PR_FALSE;
- rv = ssl3_SendClientHello(ss);
-xmit_loser:
- ssl_ReleaseXmitBufLock(ss);
- return rv; /* err code is set if appropriate. */
- }
-
- ssl_ReleaseXmitBufLock(ss); /*************************************/
-
- /* The first handshake is now completed. */
- ss->handshake = NULL;
- ss->firstHsDone = PR_TRUE;
- ss->gather->writeOffset = 0;
- ss->gather->readOffset = 0;
-
- if (sid->cached == never_cached) {
-
- /* fill in the sid */
- sid->u.ssl3.cipherSuite = ssl3->hs.cipher_suite;
- sid->u.ssl3.compression = ssl3->hs.compression;
- sid->u.ssl3.policy = ssl3->policy;
- sid->u.ssl3.exchKeyType = ssl3->hs.kea_def->exchKeyType;
- sid->version = ss->version;
- sid->authAlgorithm = sec->authAlgorithm;
- sid->authKeyBits = sec->authKeyBits;
- sid->keaType = sec->keaType;
- sid->keaKeyBits = sec->keaKeyBits;
- sid->lastAccessTime = sid->creationTime = ssl_Time();
- sid->expirationTime = sid->creationTime + ssl3_sid_timeout;
- sid->localCert = CERT_DupCertificate(sec->localCert);
-
- ssl_GetSpecReadLock(ss); /*************************************/
- symKeySlot = PK11_GetSlotFromKey(ssl3->crSpec->master_secret);
- if (!isServer) {
- int wrapKeyIndex;
- int incarnation;
-
- /* these next few functions are mere accessors and don't fail. */
- sid->u.ssl3.masterWrapIndex = wrapKeyIndex =
- PK11_GetCurrentWrapIndex(symKeySlot);
- PORT_Assert(wrapKeyIndex == 0); /* array has only one entry! */
-
- sid->u.ssl3.masterWrapSeries = incarnation =
- PK11_GetSlotSeries(symKeySlot);
- sid->u.ssl3.masterSlotID = PK11_GetSlotID(symKeySlot);
- sid->u.ssl3.masterModuleID = PK11_GetModuleID(symKeySlot);
- sid->u.ssl3.masterValid = PR_TRUE;
-
- /* Get the default wrapping key, for wrapping the master secret before
- * placing it in the SID cache entry. */
- wrappingKey = PK11_GetWrapKey(symKeySlot, wrapKeyIndex,
- CKM_INVALID_MECHANISM, incarnation,
- pwArg);
- if (wrappingKey) {
- mechanism = PK11_GetMechanism(wrappingKey); /* can't fail. */
- } else {
- int keyLength;
- /* if the wrappingKey doesn't exist, attempt to create it.
- * Note: we intentionally ignore errors here. If we cannot
- * generate a wrapping key, it is not fatal to this SSL connection,
- * but we will not be able to restart this session.
- */
- mechanism = PK11_GetBestWrapMechanism(symKeySlot);
- keyLength = PK11_GetBestKeyLength(symKeySlot, mechanism);
- /* Zero length means fixed key length algorithm, or error.
- * It's ambiguous.
- */
- wrappingKey = PK11_KeyGen(symKeySlot, mechanism, NULL,
- keyLength, pwArg);
- if (wrappingKey) {
- PK11_SetWrapKey(symKeySlot, wrapKeyIndex, wrappingKey);
- }
- }
- } else {
- /* server. */
- mechanism = PK11_GetBestWrapMechanism(symKeySlot);
- if (mechanism != CKM_INVALID_MECHANISM) {
- wrappingKey =
- getWrappingKey(ss, symKeySlot, ssl3->hs.kea_def->exchKeyType,
- mechanism, pwArg);
- if (wrappingKey) {
- mechanism = PK11_GetMechanism(wrappingKey); /* can't fail. */
- }
- }
- }
-
- sid->u.ssl3.masterWrapMech = mechanism;
- PK11_FreeSlot(symKeySlot);
-
- rv = SECFailure;
- if (wrappingKey) {
- SECItem msItem;
-
- msItem.data = sid->u.ssl3.keys.wrapped_master_secret;
- msItem.len = sizeof sid->u.ssl3.keys.wrapped_master_secret;
- rv = PK11_WrapSymKey(mechanism, NULL, wrappingKey,
- ssl3->crSpec->master_secret, &msItem);
- /* rv is examined below. */
- sid->u.ssl3.keys.wrapped_master_secret_len = msItem.len;
- PK11_FreeSymKey(wrappingKey);
- }
- ssl_ReleaseSpecReadLock(ss); /*************************************/
-
- /* If the wrap failed, we don't cache the sid.
- * The connection continues normally however.
- */
- if (!ss->noCache && rv == SECSuccess) {
- (*sec->cache)(sid);
- }
- }
- ss->ssl3->hs.ws = idle_handshake;
-
- /* Do the handshake callback for sslv3 here. */
- if (ss->handshakeCallback != NULL) {
- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
- }
-
- return SECSuccess;
-}
-
-/* Called from ssl3_HandleHandshake() when it has gathered a complete ssl3
- * hanshake message.
- * Caller must hold Handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleHandshakeMessage(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
-{
- SECStatus rv = SECSuccess;
- SSL3HandshakeType type = ss->ssl3->hs.msg_type;
- SSL3Hashes hashes; /* computed hashes are put here. */
- PRUint8 hdr[4];
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
- /*
- * We have to compute the hashes before we update them with the
- * current message.
- */
- ssl_GetSpecReadLock(ss); /************************************/
- if((type == finished) || (type == certificate_verify)) {
- SSL3Sender sender = (SSL3Sender)0;
- ssl3CipherSpec *rSpec = ss->ssl3->prSpec;
-
- if (type == finished) {
- sender = ss->sec->isServer ? sender_client : sender_server;
- rSpec = ss->ssl3->crSpec;
- }
- rv = ssl3_ComputeHandshakeHashes(ss, rSpec, &hashes, sender);
- }
- ssl_ReleaseSpecReadLock(ss); /************************************/
- if (rv != SECSuccess) {
- return rv; /* error code was set by ssl3_ComputeHandshakeHashes*/
- }
- SSL_TRC(30,("%d: SSL3[%d]: handle handshake message: %s", SSL_GETPID(),
- ss->fd, ssl3_DecodeHandshakeType(ss->ssl3->hs.msg_type)));
- PRINT_BUF(60, (ss, "MD5 handshake hash:",
- (unsigned char*)ss->ssl3->hs.md5, MD5_LENGTH));
- PRINT_BUF(95, (ss, "SHA handshake hash:",
- (unsigned char*)ss->ssl3->hs.sha, SHA1_LENGTH));
-
- hdr[0] = (PRUint8)ss->ssl3->hs.msg_type;
- hdr[1] = (PRUint8)(length >> 16);
- hdr[2] = (PRUint8)(length >> 8);
- hdr[3] = (PRUint8)(length );
-
- /* Start new handshake hashes when we start a new handshake */
- if (ss->ssl3->hs.msg_type == client_hello) {
- SSL_TRC(30,("%d: SSL3[%d]: reset handshake hashes",
- SSL_GETPID(), ss->fd ));
- rv = PK11_DigestBegin(ss->ssl3->hs.md5);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- return rv;
- }
- rv = PK11_DigestBegin(ss->ssl3->hs.sha);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- return rv;
- }
- }
- /* We should not include hello_request messages in the handshake hashes */
- if (ss->ssl3->hs.msg_type != hello_request) {
- rv = ssl3_UpdateHandshakeHashes(ss, (unsigned char*) hdr, 4);
- if (rv != SECSuccess) return rv; /* err code already set. */
- rv = ssl3_UpdateHandshakeHashes(ss, b, length);
- if (rv != SECSuccess) return rv; /* err code already set. */
- }
-
- PORT_SetError(0); /* each message starts with no error. */
- switch (ss->ssl3->hs.msg_type) {
- case hello_request:
- if (length != 0) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_REQUEST);
- return SECFailure;
- }
- if (ss->sec->isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
- return SECFailure;
- }
- rv = ssl3_HandleHelloRequest(ss);
- break;
- case client_hello:
- if (!ss->sec->isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO);
- return SECFailure;
- }
- rv = ssl3_HandleClientHello(ss, b, length);
- break;
- case server_hello:
- if (ss->sec->isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO);
- return SECFailure;
- }
- rv = ssl3_HandleServerHello(ss, b, length);
- break;
- case certificate:
- rv = ssl3_HandleCertificate(ss, b, length);
- break;
- case server_key_exchange:
- if (ss->sec->isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH);
- return SECFailure;
- }
- rv = ssl3_HandleServerKeyExchange(ss, b, length);
- break;
- case certificate_request:
- if (ss->sec->isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST);
- return SECFailure;
- }
- rv = ssl3_HandleCertificateRequest(ss, b, length);
- break;
- case server_hello_done:
- if (length != 0) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_MALFORMED_HELLO_DONE);
- return SECFailure;
- }
- if (ss->sec->isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_DONE);
- return SECFailure;
- }
- rv = ssl3_HandleServerHelloDone(ss);
- break;
- case certificate_verify:
- if (!ss->sec->isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY);
- return SECFailure;
- }
- rv = ssl3_HandleCertificateVerify(ss, b, length, &hashes);
- break;
- case client_key_exchange:
- if (!ss->sec->isServer) {
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH);
- return SECFailure;
- }
- rv = ssl3_HandleClientKeyExchange(ss, b, length);
- break;
- case finished:
- rv = ssl3_HandleFinished(ss, b, length, &hashes);
- break;
- default:
- (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- PORT_SetError(SSL_ERROR_RX_UNKNOWN_HANDSHAKE);
- rv = SECFailure;
- }
- return rv;
-}
-
-/* Called only from ssl3_HandleRecord, for each (deciphered) ssl3 record.
- * origBuf is the decrypted ssl record content.
- * Caller must hold the handshake and RecvBuf locks.
- */
-static SECStatus
-ssl3_HandleHandshake(sslSocket *ss, sslBuffer *origBuf)
-{
- /*
- * There may be a partial handshake message already in the handshake
- * state. The incoming buffer may contain another portion, or a
- * complete message or several messages followed by another portion.
- *
- * Each message is made contiguous before being passed to the actual
- * message parser.
- */
- ssl3State *ssl3 = ss->ssl3;
- sslBuffer *buf = &ssl3->hs.msgState; /* do not lose the original buffer pointer */
- SECStatus rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (buf->buf == NULL) {
- *buf = *origBuf;
- }
- while (buf->len > 0) {
- while (ssl3->hs.header_bytes < 4) {
- uint8 t;
- t = *(buf->buf++);
- buf->len--;
- if (ssl3->hs.header_bytes++ == 0)
- ssl3->hs.msg_type = (SSL3HandshakeType)t;
- else
- ssl3->hs.msg_len = (ssl3->hs.msg_len << 8) + t;
-
-#define MAX_HANDSHAKE_MSG_LEN 0x1ffff /* 128k - 1 */
-
- if (ssl3->hs.header_bytes == 4) {
- if (ssl3->hs.msg_len > MAX_HANDSHAKE_MSG_LEN) {
- (void)ssl3_DecodeError(ss);
- PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
- return SECFailure;
- }
- }
-#undef MAX_HANDSHAKE_MSG_LEN
- if (buf->len == 0 && ssl3->hs.msg_len > 0) {
- buf->buf = NULL;
- return SECSuccess;
- }
- }
-
- /*
- * Header has been gathered and there is at least one byte of new
- * data available for this message. If it can be done right out
- * of the original buffer, then use it from there.
- */
- if (ssl3->hs.msg_body.len == 0 && buf->len >= ssl3->hs.msg_len) {
- /* handle it from input buffer */
- rv = ssl3_HandleHandshakeMessage(ss, buf->buf, ssl3->hs.msg_len);
- if (rv == SECFailure) {
- /* This test wants to fall through on either
- * SECSuccess or SECWouldBlock.
- * ssl3_HandleHandshakeMessage MUST set the error code.
- */
- return rv;
- }
- buf->buf += ssl3->hs.msg_len;
- buf->len -= ssl3->hs.msg_len;
- ssl3->hs.msg_len = 0;
- ssl3->hs.header_bytes = 0;
- if (rv != SECSuccess) { /* return if SECWouldBlock. */
- return rv;
- }
- } else {
- /* must be copied to msg_body and dealt with from there */
- unsigned int bytes;
-
- bytes = PR_MIN(buf->len, ssl3->hs.msg_len);
-
- /* Grow the buffer if needed */
- if (bytes > ssl3->hs.msg_body.space - ssl3->hs.msg_body.len) {
- rv = sslBuffer_Grow(&ssl3->hs.msg_body,
- ssl3->hs.msg_body.len + bytes);
- if (rv != SECSuccess) {
- /* sslBuffer_Grow has set a memory error code. */
- return SECFailure;
- }
- }
- PORT_Memcpy(ssl3->hs.msg_body.buf + ssl3->hs.msg_body.len,
- buf->buf, buf->len);
- buf->buf += bytes;
- buf->len -= bytes;
-
- /* should not be more than one message in msg_body */
- PORT_Assert(ssl3->hs.msg_body.len <= ssl3->hs.msg_len);
-
- /* if we have a whole message, do it */
- if (ssl3->hs.msg_body.len == ssl3->hs.msg_len) {
- rv = ssl3_HandleHandshakeMessage(
- ss, ssl3->hs.msg_body.buf, ssl3->hs.msg_len);
- /*
- * XXX This appears to be wrong. This error handling
- * should clean up after a SECWouldBlock return, like the
- * error handling used 40 lines before/above this one,
- */
- if (rv != SECSuccess) {
- /* ssl3_HandleHandshakeMessage MUST set error code. */
- return rv;
- }
- ssl3->hs.msg_body.len = 0;
- ssl3->hs.msg_len = 0;
- ssl3->hs.header_bytes = 0;
- } else {
- PORT_Assert(buf->len == 0);
- break;
- }
- }
- } /* end loop */
-
- origBuf->len = 0; /* So ssl3_GatherAppDataRecord will keep looping. */
- buf->buf = NULL; /* not a leak. */
- return SECSuccess;
-}
-
-/* if cText is non-null, then decipher, check MAC, and decompress the
- * SSL record from cText->buf (typically gs->inbuf)
- * into databuf (typically gs->buf), and any previous contents of databuf
- * is lost. Then handle databuf according to its SSL record type,
- * unless it's an application record.
- *
- * If cText is NULL, then the ciphertext has previously been deciphered and
- * checked, and is already sitting in databuf. It is processed as an SSL
- * Handshake message.
- *
- * DOES NOT process the decrypted/decompressed application data.
- * On return, databuf contains the decrypted/decompressed record.
- *
- * Called from ssl3_GatherCompleteHandshake
- * ssl3_RestartHandshakeAfterCertReq
- * ssl3_RestartHandshakeAfterServerCert
- *
- * Caller must hold the RecvBufLock.
- *
- * This function aquires and releases the SSL3Handshake Lock, holding the
- * lock around any calls to functions that handle records other than
- * Application Data records.
- */
-SECStatus
-ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf)
-{
-const ssl3BulkCipherDef *cipher_def;
- ssl3State * ssl3 = ss->ssl3;
- ssl3CipherSpec * crSpec;
- SECStatus rv;
- unsigned int hashBytes;
- unsigned int padding_length;
- PRBool isTLS;
- SSL3ContentType rType;
- SSL3Opaque hash[MAX_MAC_LENGTH];
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- if (ssl3 == NULL) {
- ssl_GetSSL3HandshakeLock(ss);
- rv = ssl3_InitState(ss);
- ssl_ReleaseSSL3HandshakeLock(ss);
- if (rv != SECSuccess) {
- return rv; /* ssl3_InitState has set the error code. */
- }
- }
-
- ssl3 = ss->ssl3;
-
- /* cText is NULL when we're called from ssl3_RestartHandshakeAfterXXX().
- * This implies that databuf holds a previously deciphered SSL Handshake
- * message.
- */
- if (cText == NULL) {
- SSL_DBG(("%d: SSL3[%d]: HandleRecord, resuming handshake",
- SSL_GETPID(), ss->fd));
- rType = content_handshake;
- goto process_it;
- }
-
- databuf->len = 0; /* filled in by decode call below. */
- if (databuf->space < MAX_FRAGMENT_LENGTH) {
- rv = sslBuffer_Grow(databuf, MAX_FRAGMENT_LENGTH + 2048);
- if (rv != SECSuccess) {
- SSL_DBG(("%d: SSL3[%d]: HandleRecord, tried to get %d bytes",
- SSL_GETPID(), ss->fd, MAX_FRAGMENT_LENGTH + 2048));
- /* sslBuffer_Grow has set a memory error code. */
- return SECFailure;
- }
- }
-
- PRINT_BUF(80, (ss, "ciphertext:", cText->buf->buf, cText->buf->len));
-
- ssl_GetSpecReadLock(ss); /******************************************/
-
- crSpec = ssl3->crSpec;
- cipher_def = crSpec->cipher_def;
- isTLS = (PRBool)(crSpec->version > SSL_LIBRARY_VERSION_3_0);
-
- if (isTLS && cText->buf->len > (MAX_FRAGMENT_LENGTH + 2048)) {
- ssl_ReleaseSpecReadLock(ss);
- SSL3_SendAlert(ss, alert_fatal, record_overflow);
- PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
- return SECFailure;
- }
- /* decrypt from cText buf to databuf. */
- rv = crSpec->decode(
- crSpec->decodeContext, databuf->buf, (int *)&databuf->len,
- databuf->space, cText->buf->buf, cText->buf->len);
-
- PRINT_BUF(80, (ss, "cleartext:", databuf->buf, databuf->len));
- if (rv != SECSuccess) {
- ssl_ReleaseSpecReadLock(ss);
- ssl_MapLowLevelError(SSL_ERROR_DECRYPTION_FAILURE);
- if (isTLS)
- (void)SSL3_SendAlert(ss, alert_fatal, decryption_failed);
- ssl_MapLowLevelError(SSL_ERROR_DECRYPTION_FAILURE);
- return SECFailure;
- }
-
- /* If it's a block cipher, check and strip the padding. */
- if (cipher_def->type == type_block) {
- padding_length = *(databuf->buf + databuf->len - 1);
- /* TLS permits padding to exceed the block size, up to 255 bytes. */
- if (padding_length + crSpec->mac_size >= databuf->len)
- goto bad_pad;
- /* if TLS, check value of first padding byte. */
- if (padding_length && isTLS && padding_length !=
- *(databuf->buf + databuf->len - 1 - padding_length))
- goto bad_pad;
- databuf->len -= padding_length + 1;
- if (databuf->len <= 0) {
-bad_pad:
- /* must not hold spec lock when calling SSL3_SendAlert. */
- ssl_ReleaseSpecReadLock(ss);
- /* SSL3 doesn't have an alert for bad padding, so use bad mac. */
- SSL3_SendAlert(ss, alert_fatal,
- isTLS ? decryption_failed : bad_record_mac);
- PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
- return SECFailure;
- }
- }
-
- /* Check the MAC. */
- if (databuf->len < crSpec->mac_size) {
- /* record is too short to have a valid mac. */
- goto bad_mac;
- }
- databuf->len -= crSpec->mac_size;
- rType = cText->type;
- rv = ssl3_ComputeRecordMAC(
- crSpec, (ss->sec->isServer) ? crSpec->client.write_mac_context
- : crSpec->server.write_mac_context,
- rType, cText->version, crSpec->read_seq_num,
- databuf->buf, databuf->len, hash, &hashBytes);
- if (rv != SECSuccess) {
- ssl_ReleaseSpecReadLock(ss);
- ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE);
- return rv;
- }
-
- if (hashBytes != (unsigned)crSpec->mac_size ||
- PORT_Memcmp(databuf->buf + databuf->len, hash, crSpec->mac_size) != 0) {
-bad_mac:
- /* must not hold spec lock when calling SSL3_SendAlert. */
- ssl_ReleaseSpecReadLock(ss);
- SSL3_SendAlert(ss, alert_fatal, bad_record_mac);
- PORT_SetError(SSL_ERROR_BAD_MAC_READ);
-
- SSL_DBG(("%d: SSL3[%d]: mac check failed", SSL_GETPID(), ss->fd));
-
- return SECFailure;
- }
-
- ssl3_BumpSequenceNumber(&crSpec->read_seq_num);
-
- ssl_ReleaseSpecReadLock(ss); /*****************************************/
-
- /*
- * The decrypted data is now in databuf.
- *
- * the null decompression routine is right here
- */
-
- /*
- ** Having completed the decompression, check the length again.
- */
- if (isTLS && databuf->len > (MAX_FRAGMENT_LENGTH + 1024)) {
- SSL3_SendAlert(ss, alert_fatal, record_overflow);
- PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
- return SECFailure;
- }
-
- /* Application data records are processed by the caller of this
- ** function, not by this function.
- */
- if (rType == content_application_data) {
- return SECSuccess;
- }
-
- /* It's a record that must be handled by ssl itself, not the application.
- */
-process_it:
- /* XXX Get the xmit lock here. Odds are very high that we'll be xmiting
- * data ang getting the xmit lock here prevents deadlocks.
- */
- ssl_GetSSL3HandshakeLock(ss);
-
- /* All the functions called in this switch MUST set error code if
- ** they return SECFailure or SECWouldBlock.
- */
- switch (rType) {
- case content_change_cipher_spec:
- rv = ssl3_HandleChangeCipherSpecs(ss, databuf);
- break;
- case content_alert:
- rv = ssl3_HandleAlert(ss, databuf);
- break;
- case content_handshake:
- rv = ssl3_HandleHandshake(ss, databuf);
- break;
- case content_application_data:
- rv = SECSuccess;
- break;
- default:
- SSL_DBG(("%d: SSL3[%d]: bogus content type=%d",
- SSL_GETPID(), ss->fd, cText->type));
- /* XXX Send an alert ??? */
- PORT_SetError(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE);
- rv = SECFailure;
- break;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- return rv;
-
-}
-
-/*
- * Initialization functions
- */
-
-/* Called from ssl3_InitState, immediately below. */
-/* Caller must hold the SpecWriteLock. */
-static void
-ssl3_InitCipherSpec(sslSocket *ss, ssl3CipherSpec *spec)
-{
- spec->cipher_def = &bulk_cipher_defs[cipher_null];
- PORT_Assert(spec->cipher_def->cipher == cipher_null);
- spec->mac_def = &mac_defs[mac_null];
- PORT_Assert(spec->mac_def->mac == mac_null);
- spec->encode = Null_Cipher;
- spec->decode = Null_Cipher;
- spec->destroy = NULL;
- spec->mac_size = 0;
- spec->master_secret = NULL;
-
- spec->client.write_key = NULL;
- spec->client.write_mac_key = NULL;
- spec->client.write_mac_context = NULL;
-
- spec->server.write_key = NULL;
- spec->server.write_mac_key = NULL;
- spec->server.write_mac_context = NULL;
-
- spec->write_seq_num.high = 0;
- spec->write_seq_num.low = 0;
-
- spec->read_seq_num.high = 0;
- spec->read_seq_num.low = 0;
-
- spec->version = ss->enableTLS
- ? SSL_LIBRARY_VERSION_3_1_TLS
- : SSL_LIBRARY_VERSION_3_0;
-}
-
-/* Called from: ssl3_SendRecord
-** ssl3_StartHandshakeHash() <- ssl2_BeginClientHandshake()
-** ssl3_SendClientHello()
-** ssl3_HandleServerHello()
-** ssl3_HandleClientHello()
-** ssl3_HandleV2ClientHello()
-** ssl3_HandleRecord()
-**
-** This function should perhaps acquire and release the SpecWriteLock.
-**
-**
-*/
-static SECStatus
-ssl3_InitState(sslSocket *ss)
-{
- ssl3State * ssl3 = NULL;
- PK11Context *md5 = NULL;
- PK11Context *sha = NULL;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss));
-
- /* reinitialization for renegotiated sessions XXX */
- if (ss->ssl3 != NULL)
- return SECSuccess;
-
- ssl3 = PORT_ZNew(ssl3State); /* zero on purpose */
- if (ssl3 == NULL)
- return SECFailure; /* PORT_ZAlloc has set memory error code. */
-
- /* note that entire HandshakeState is zero, including the buffer */
- ssl3->policy = SSL_ALLOWED;
-
- ssl_GetSpecWriteLock(ss);
- ssl3->crSpec = ssl3->cwSpec = &ssl3->specs[0];
- ssl3->prSpec = ssl3->pwSpec = &ssl3->specs[1];
- ssl3->hs.rehandshake = PR_FALSE;
- ssl3_InitCipherSpec(ss, ssl3->crSpec);
- ssl3_InitCipherSpec(ss, ssl3->prSpec);
- ssl3->fortezza.tek = NULL;
-
- ssl3->hs.ws = (ss->sec->isServer) ? wait_client_hello : wait_server_hello;
- ssl_ReleaseSpecWriteLock(ss);
-
- /*
- * note: We should probably lookup an SSL3 slot for these
- * handshake hashes in hopes that we wind up with the same slots
- * that the master secret will wind up in ...
- */
- SSL_TRC(30,("%d: SSL3[%d]: start handshake hashes", SSL_GETPID(), ss->fd));
- ssl3->hs.md5 = md5 = PK11_CreateDigestContext(SEC_OID_MD5);
- if (md5 == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- goto loser;
- }
- rv = PK11_DigestBegin(ssl3->hs.md5);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- goto loser;
- }
-
- sha = ssl3->hs.sha = PK11_CreateDigestContext(SEC_OID_SHA1);
- if (sha == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- goto loser;
- }
- rv = PK11_DigestBegin(ssl3->hs.sha);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_SHA_DIGEST_FAILURE);
- goto loser;
- }
-
- /* Don't hide this from the rest of the world any more. */
- ss->ssl3 = ssl3;
-
- return SECSuccess;
-
-loser:
- if (md5 != NULL) PK11_DestroyContext(md5, PR_TRUE);
- if (sha != NULL) PK11_DestroyContext(sha, PR_TRUE);
- if (ssl3 != NULL) PORT_Free(ssl3);
- return SECFailure;
-}
-
-/* Returns a reference counted object that contains a key pair.
- * Or NULL on failure. Initial ref count is 1.
- * Uses the keys in the pair as input.
- */
-ssl3KeyPair *
-ssl3_NewKeyPair( SECKEYPrivateKey * privKey, SECKEYPublicKey * pubKey)
-{
- ssl3KeyPair * pair;
-
- if (!privKey || !pubKey) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return NULL;
- }
- pair = PORT_ZNew(ssl3KeyPair);
- if (!pair)
- return NULL; /* error code is set. */
- pair->refCount = 1;
- pair->privKey = privKey;
- pair->pubKey = pubKey;
- return pair; /* success */
-}
-
-ssl3KeyPair *
-ssl3_GetKeyPairRef(ssl3KeyPair * keyPair)
-{
- PR_AtomicIncrement(&keyPair->refCount);
- return keyPair;
-}
-
-void
-ssl3_FreeKeyPair(ssl3KeyPair * keyPair)
-{
- PRInt32 newCount = PR_AtomicDecrement(&keyPair->refCount);
- if (!newCount) {
- SECKEY_DestroyPrivateKey(keyPair->privKey);
- SECKEY_DestroyPublicKey( keyPair->pubKey);
- PORT_Free(keyPair);
- }
-}
-
-
-
-/*
- * Creates the public and private RSA keys for SSL Step down.
- * Called from SSL_ConfigSecureServer in sslsecur.c
- */
-SECStatus
-ssl3_CreateRSAStepDownKeys(sslSocket *ss)
-{
- SECStatus rv = SECSuccess;
- SECKEYPrivateKey * privKey; /* RSA step down key */
- SECKEYPublicKey * pubKey; /* RSA step down key */
-
- if (ss->stepDownKeyPair)
- ssl3_FreeKeyPair(ss->stepDownKeyPair);
- ss->stepDownKeyPair = NULL;
-#ifndef HACKED_EXPORT_SERVER
- /* Sigh, should have a get key strength call for private keys */
- if (PK11_GetPrivateModulusLen(ss->serverCerts[kt_rsa].serverKey) >
- EXPORT_RSA_KEY_LENGTH) {
- /* need to ask for the key size in bits */
- privKey = SECKEY_CreateRSAPrivateKey(EXPORT_RSA_KEY_LENGTH * BPB,
- &pubKey, NULL);
- if (!privKey || !pubKey ||
- !(ss->stepDownKeyPair = ssl3_NewKeyPair(privKey, pubKey))) {
- ssl_MapLowLevelError(SEC_ERROR_KEYGEN_FAIL);
- rv = SECFailure;
- }
- }
-#endif
- return rv;
-}
-
-
-/* record the export policy for this cipher suite */
-SECStatus
-ssl3_SetPolicy(ssl3CipherSuite which, int policy)
-{
- ssl3CipherSuiteCfg *suite;
-
- suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
- if (suite == NULL) {
- return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
- }
- suite->policy = policy;
-
- if (policy == SSL_RESTRICTED) {
- ssl3_global_policy_some_restricted = PR_TRUE;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *oPolicy)
-{
- ssl3CipherSuiteCfg *suite;
- PRInt32 policy;
- SECStatus rv;
-
- suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
- if (suite) {
- policy = suite->policy;
- rv = SECSuccess;
- } else {
- policy = SSL_NOT_ALLOWED;
- rv = SECFailure; /* err code was set by Lookup. */
- }
- *oPolicy = policy;
- return rv;
-}
-
-/* record the user preference for this suite */
-SECStatus
-ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool enabled)
-{
- ssl3CipherSuiteCfg *suite;
-
- suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
- if (suite == NULL) {
- return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
- }
- suite->enabled = enabled;
- return SECSuccess;
-}
-
-/* return the user preference for this suite */
-SECStatus
-ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *enabled)
-{
- ssl3CipherSuiteCfg *suite;
- PRBool pref;
- SECStatus rv;
-
- suite = ssl_LookupCipherSuiteCfg(which, cipherSuites);
- if (suite) {
- pref = suite->enabled;
- rv = SECSuccess;
- } else {
- pref = SSL_NOT_ALLOWED;
- rv = SECFailure; /* err code was set by Lookup. */
- }
- *enabled = pref;
- return rv;
-}
-
-SECStatus
-ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool enabled)
-{
- ssl3CipherSuiteCfg *suite;
-
- suite = ssl_LookupCipherSuiteCfg(which, ss->cipherSuites);
- if (suite == NULL) {
- return SECFailure; /* err code was set by ssl_LookupCipherSuiteCfg */
- }
- suite->enabled = enabled;
- return SECSuccess;
-}
-
-SECStatus
-ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool *enabled)
-{
- ssl3CipherSuiteCfg *suite;
- PRBool pref;
- SECStatus rv;
-
- suite = ssl_LookupCipherSuiteCfg(which, ss->cipherSuites);
- if (suite) {
- pref = suite->enabled;
- rv = SECSuccess;
- } else {
- pref = SSL_NOT_ALLOWED;
- rv = SECFailure; /* err code was set by Lookup. */
- }
- *enabled = pref;
- return rv;
-}
-
-/* copy global default policy into socket. */
-void
-ssl3_InitSocketPolicy(sslSocket *ss)
-{
- PORT_Memcpy(ss->cipherSuites, cipherSuites, sizeof cipherSuites);
-}
-
-/* ssl3_config_match_init must have already been called by
- * the caller of this function.
- */
-SECStatus
-ssl3_ConstructV2CipherSpecsHack(sslSocket *ss, unsigned char *cs, int *size)
-{
- int i, count = 0;
-
- PORT_Assert(ss != 0);
- if (!ss) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- if (!ss->enableSSL3 && !ss->enableTLS) {
- *size = 0;
- return SECSuccess;
- }
- if (cs == NULL) {
- *size = count_cipher_suites(ss, SSL_ALLOWED, PR_TRUE);
- return SECSuccess;
- }
-
- /* ssl3_config_match_init was called by the caller of this function. */
- for (i = 0; i < ssl_V3_SUITES_IMPLEMENTED; i++) {
- ssl3CipherSuiteCfg *suite = &ss->cipherSuites[i];
- if (config_match(suite, SSL_ALLOWED, PR_TRUE)) {
- if (cs != NULL) {
- *cs++ = 0x00;
- *cs++ = (suite->cipher_suite >> 8) & 0xFF;
- *cs++ = suite->cipher_suite & 0xFF;
- }
- count++;
- }
- }
- *size = count;
- return SECSuccess;
-}
-
-/*
-** If ssl3 socket has completed the first handshake, and is in idle state,
-** then start a new handshake.
-** If flushCache is true, the SID cache will be flushed first, forcing a
-** "Full" handshake (not a session restart handshake), to be done.
-**
-** called from SSL_RedoHandshake(), which already holds the handshake locks.
-*/
-SECStatus
-ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache)
-{
- sslSecurityInfo *sec = ss->sec;
- sslSessionID * sid = ss->sec->ci.sid;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveSSL3HandshakeLock(ss) );
-
- if (!ss->firstHsDone ||
- ((ss->version >= SSL_LIBRARY_VERSION_3_0) &&
- ss->ssl3 && (ss->ssl3->hs.ws != idle_handshake))) {
- PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED);
- return SECFailure;
- }
- if (sid && flushCache) {
- sec->uncache(sid); /* remove it from whichever cache it's in. */
- ssl_FreeSID(sid); /* dec ref count and free if zero. */
- ss->sec->ci.sid = NULL;
- }
-
- ssl_GetXmitBufLock(ss); /**************************************/
-
- /* start off a new handshake. */
- rv = (sec->isServer) ? ssl3_SendHelloRequest(ss)
- : ssl3_SendClientHello(ss);
-
- ssl_ReleaseXmitBufLock(ss); /**************************************/
- return rv;
-}
-
-/* Called from ssl_FreeSocket() in sslsock.c */
-void
-ssl3_DestroySSL3Info(ssl3State *ssl3)
-{
- if (ssl3 == NULL)
- return; /* success the easy way. */
-
- if (ssl3->clientCertificate != NULL)
- CERT_DestroyCertificate(ssl3->clientCertificate);
-
- if (ssl3->clientPrivateKey != NULL)
- SECKEY_DestroyPrivateKey(ssl3->clientPrivateKey);
-
- if (ssl3->peerCertArena != NULL)
- ssl3_CleanupPeerCerts(ssl3);
-
- /* clean up handshake */
- if (ssl3->hs.md5) {
- PK11_DestroyContext(ssl3->hs.md5,PR_TRUE);
- }
- if (ssl3->hs.sha) {
- PK11_DestroyContext(ssl3->hs.sha,PR_TRUE);
- }
-
- if (ssl3->fortezza.tek != NULL) {
- PK11_FreeSymKey(ssl3->fortezza.tek);
- }
- /* free the SSL3Buffer (msg_body) */
- PORT_Free(ssl3->hs.msg_body.buf);
-
- /* free up the CipherSpecs */
- ssl3_DestroyCipherSpec(&ssl3->specs[0]);
- ssl3_DestroyCipherSpec(&ssl3->specs[1]);
-
- PORT_Free(ssl3);
-}
-
-/* End of ssl3con.c */
diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c
deleted file mode 100644
index 2937e6c3c..000000000
--- a/security/nss/lib/ssl/ssl3gthr.c
+++ /dev/null
@@ -1,238 +0,0 @@
-/*
- * Gather (Read) entire SSL3 records from socket into buffer.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "ssl3prot.h"
-
-/*
- * Attempt to read in an entire SSL3 record.
- * Blocks here for blocking sockets, otherwise returns -1 with
- * PR_WOULD_BLOCK_ERROR when socket would block.
- *
- * returns 1 if received a complete SSL3 record.
- * returns 0 if recv returns EOF
- * returns -1 if recv returns <0
- * (The error value may have already been set to PR_WOULD_BLOCK_ERROR)
- *
- * Caller must hold the recv buf lock.
- *
- * The Gather state machine has 3 states: GS_INIT, GS_HEADER, GS_DATA.
- * GS_HEADER: waiting for the 5-byte SSL3 record header to come in.
- * GS_DATA: waiting for the body of the SSL3 record to come in.
- *
- * This loop returns when either (a) an error or EOF occurs,
- * (b) PR_WOULD_BLOCK_ERROR,
- * (c) data (entire SSL3 record) has been received.
- */
-static int
-ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags)
-{
- unsigned char *bp;
- unsigned char *lbp;
- int nb;
- int err;
- int rv = 1;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- if (gs->state == GS_INIT) {
- gs->state = GS_HEADER;
- gs->remainder = 5;
- gs->offset = 0;
- gs->writeOffset = 0;
- gs->readOffset = 0;
- gs->inbuf.len = 0;
- }
-
- lbp = gs->inbuf.buf;
- for(;;) {
- SSL_TRC(30, ("%d: SSL3[%d]: gather state %d (need %d more)",
- SSL_GETPID(), ss->fd, gs->state, gs->remainder));
- bp = ((gs->state != GS_HEADER) ? lbp : gs->hdr) + gs->offset;
- nb = ssl_DefRecv(ss, bp, gs->remainder, flags);
-
- if (nb > 0) {
- PRINT_BUF(60, (ss, "raw gather data:", bp, nb));
- } else if (nb == 0) {
- /* EOF */
- SSL_TRC(30, ("%d: SSL3[%d]: EOF", SSL_GETPID(), ss->fd));
- rv = 0;
- break;
- } else /* if (nb < 0) */ {
- SSL_DBG(("%d: SSL3[%d]: recv error %d", SSL_GETPID(), ss->fd,
- PR_GetError()));
- rv = SECFailure;
- break;
- }
-
- PORT_Assert( nb <= gs->remainder );
- if (nb > gs->remainder) {
- /* ssl_DefRecv is misbehaving! this error is fatal to SSL. */
- gs->state = GS_INIT; /* so we don't crash next time */
- rv = SECFailure;
- break;
- }
-
- gs->offset += nb;
- gs->remainder -= nb;
- if (gs->state == GS_DATA)
- gs->inbuf.len += nb;
-
- /* if there's more to go, read some more. */
- if (gs->remainder > 0) {
- continue;
- }
-
- /* have received entire record header, or entire record. */
- switch (gs->state) {
- case GS_HEADER:
- /*
- ** Have received SSL3 record header in gs->hdr.
- ** Now extract the length of the following encrypted data,
- ** and then read in the rest of the SSL3 record into gs->inbuf.
- */
- gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4];
-
- /* This is the max fragment length for an encrypted fragment
- ** plus the size of the record header.
- */
- if(gs->remainder > (MAX_FRAGMENT_LENGTH + 2048 + 5)) {
- SSL3_SendAlert(ss, alert_fatal, unexpected_message);
- gs->state = GS_INIT;
- PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG);
- return SECFailure;
- }
-
- gs->state = GS_DATA;
- gs->offset = 0;
- gs->inbuf.len = 0;
-
- if (gs->remainder > gs->inbuf.space) {
- err = sslBuffer_Grow(&gs->inbuf, gs->remainder);
- if (err) { /* realloc has set error code to no mem. */
- return err;
- }
- lbp = gs->inbuf.buf;
- }
- break; /* End this case. Continue around the loop. */
-
-
- case GS_DATA:
- /*
- ** SSL3 record has been completely received.
- */
- gs->state = GS_INIT;
- return 1;
- }
- }
-
- return rv;
-}
-
-/* Gather in a record and when complete, Handle that record.
- * Repeat this until the handshake is complete,
- * or until application data is available.
- *
- * Returns 1 when the handshake is completed without error, or
- * application data is available.
- * Returns 0 if ssl3_GatherData hits EOF.
- * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
- * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
- *
- * Called from ssl_GatherRecord1stHandshake in sslcon.c,
- * and from SSL_ForceHandshake in sslsecur.c
- * and from ssl3_GatherAppDataRecord below (<- DoRecv in sslsecur.c).
- *
- * Caller must hold the recv buf lock.
- */
-int
-ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
-{
- sslGather * gs = ss->gather;
- SSL3Ciphertext cText;
- int rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- do {
- /* bring in the next sslv3 record. */
- rv = ssl3_GatherData(ss, gs, flags);
- if (rv <= 0) {
- return rv;
- }
-
- /* decipher it, and handle it if it's a handshake.
- * If it's application data, gs->buf will not be empty upon return.
- */
- cText.type = (SSL3ContentType)gs->hdr[0];
- cText.version = (gs->hdr[1] << 8) | gs->hdr[2];
- cText.buf = &gs->inbuf;
- rv = ssl3_HandleRecord(ss, &cText, &gs->buf);
- if (rv < 0) {
- return ss->recvdCloseNotify ? 0 : rv;
- }
- } while (ss->ssl3->hs.ws != idle_handshake && gs->buf.len == 0);
-
- gs->readOffset = 0;
- gs->writeOffset = gs->buf.len;
- return 1;
-}
-
-/* Repeatedly gather in a record and when complete, Handle that record.
- * Repeat this until some application data is received.
- *
- * Returns 1 when application data is available.
- * Returns 0 if ssl3_GatherData hits EOF.
- * Returns -1 on read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
- * Returns -2 on SECWouldBlock return from ssl3_HandleRecord.
- *
- * Called from DoRecv in sslsecur.c
- * Caller must hold the recv buf lock.
- */
-int
-ssl3_GatherAppDataRecord(sslSocket *ss, int flags)
-{
- sslGather * gs = ss->gather;
- int rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- do {
- rv = ssl3_GatherCompleteHandshake(ss, flags);
- } while (rv > 0 && gs->buf.len == 0);
-
- return rv;
-}
diff --git a/security/nss/lib/ssl/ssl3prot.h b/security/nss/lib/ssl/ssl3prot.h
deleted file mode 100644
index d4a603b05..000000000
--- a/security/nss/lib/ssl/ssl3prot.h
+++ /dev/null
@@ -1,305 +0,0 @@
-/*
- * Various and sundry protocol constants. DON'T CHANGE THESE. These
- * values are defined by the SSL 3.0 protocol specification.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __ssl3proto_h_
-#define __ssl3proto_h_
-
-typedef uint8 SSL3Opaque;
-
-typedef uint16 SSL3ProtocolVersion;
-/* version numbers are defined in sslproto.h */
-
-typedef uint16 ssl3CipherSuite;
-/* The cipher suites are defined in sslproto.h */
-
-#define MAX_CERT_TYPES 10
-#define MAX_COMPRESSION_METHODS 10
-#define MAX_MAC_LENGTH 64
-#define MAX_PADDING_LENGTH 64
-#define MAX_KEY_LENGTH 64
-#define EXPORT_KEY_LENGTH 5
-#define SSL3_RANDOM_LENGTH 32
-
-#define SSL3_RECORD_HEADER_LENGTH 5
-
-#define MAX_FRAGMENT_LENGTH 16384
-
-typedef enum {
- content_change_cipher_spec = 20,
- content_alert = 21,
- content_handshake = 22,
- content_application_data = 23
-} SSL3ContentType;
-
-typedef struct {
- SSL3ContentType type;
- SSL3ProtocolVersion version;
- uint16 length;
- SECItem fragment;
-} SSL3Plaintext;
-
-typedef struct {
- SSL3ContentType type;
- SSL3ProtocolVersion version;
- uint16 length;
- SECItem fragment;
-} SSL3Compressed;
-
-typedef struct {
- SECItem content;
- SSL3Opaque MAC[MAX_MAC_LENGTH];
-} SSL3GenericStreamCipher;
-
-typedef struct {
- SECItem content;
- SSL3Opaque MAC[MAX_MAC_LENGTH];
- uint8 padding[MAX_PADDING_LENGTH];
- uint8 padding_length;
-} SSL3GenericBlockCipher;
-
-typedef enum { change_cipher_spec_choice = 1 } SSL3ChangeCipherSpecChoice;
-
-typedef struct {
- SSL3ChangeCipherSpecChoice choice;
-} SSL3ChangeCipherSpec;
-
-typedef enum { alert_warning = 1, alert_fatal = 2 } SSL3AlertLevel;
-
-typedef enum {
- close_notify = 0,
- unexpected_message = 10,
- bad_record_mac = 20,
- decryption_failed = 21, /* TLS only */
- record_overflow = 22, /* TLS only */
- decompression_failure = 30,
- handshake_failure = 40,
- no_certificate = 41, /* SSL3 only, NOT TLS */
- bad_certificate = 42,
- unsupported_certificate = 43,
- certificate_revoked = 44,
- certificate_expired = 45,
- certificate_unknown = 46,
- illegal_parameter = 47,
-
-/* All alerts below are TLS only. */
- unknown_ca = 48,
- access_denied = 49,
- decode_error = 50,
- decrypt_error = 51,
- export_restriction = 60,
- protocol_version = 70,
- insufficient_security = 71,
- internal_error = 80,
- user_canceled = 90,
- no_renegotiation = 100
-
-} SSL3AlertDescription;
-
-typedef struct {
- SSL3AlertLevel level;
- SSL3AlertDescription description;
-} SSL3Alert;
-
-typedef enum {
- hello_request = 0,
- client_hello = 1,
- server_hello = 2,
- certificate = 11,
- server_key_exchange = 12,
- certificate_request = 13,
- server_hello_done = 14,
- certificate_verify = 15,
- client_key_exchange = 16,
- finished = 20
-} SSL3HandshakeType;
-
-typedef struct {
- uint8 empty;
-} SSL3HelloRequest;
-
-typedef struct {
- SSL3Opaque rand[SSL3_RANDOM_LENGTH];
-} SSL3Random;
-
-typedef struct {
- SSL3Opaque id[32];
- uint8 length;
-} SSL3SessionID;
-
-typedef enum { compression_null = 0 } SSL3CompressionMethod;
-
-typedef struct {
- SSL3ProtocolVersion client_version;
- SSL3Random random;
- SSL3SessionID session_id;
- SECItem cipher_suites;
- uint8 cm_count;
- SSL3CompressionMethod compression_methods[MAX_COMPRESSION_METHODS];
-} SSL3ClientHello;
-
-typedef struct {
- SSL3ProtocolVersion server_version;
- SSL3Random random;
- SSL3SessionID session_id;
- ssl3CipherSuite cipher_suite;
- SSL3CompressionMethod compression_method;
-} SSL3ServerHello;
-
-typedef struct {
- SECItem list;
-} SSL3Certificate;
-
-/* SSL3SignType moved to ssl.h */
-
-/* The SSL key exchange method used */
-typedef enum {
- kea_null,
- kea_rsa,
- kea_rsa_export,
- kea_rsa_export_1024,
- kea_dh_dss,
- kea_dh_dss_export,
- kea_dh_rsa,
- kea_dh_rsa_export,
- kea_dhe_dss,
- kea_dhe_dss_export,
- kea_dhe_rsa,
- kea_dhe_rsa_export,
- kea_dh_anon,
- kea_dh_anon_export,
- kea_fortezza,
- kea_rsa_fips
-} SSL3KeyExchangeAlgorithm;
-
-typedef struct {
- SECItem modulus;
- SECItem exponent;
-} SSL3ServerRSAParams;
-
-typedef struct {
- SECItem p;
- SECItem g;
- SECItem Ys;
-} SSL3ServerDHParams;
-
-typedef struct {
- union {
- SSL3ServerDHParams dh;
- SSL3ServerRSAParams rsa;
- } u;
-} SSL3ServerParams;
-
-typedef struct {
- uint8 md5[16];
- uint8 sha[20];
-} SSL3Hashes;
-
-typedef struct {
- union {
- SSL3Opaque anonymous;
- SSL3Hashes certified;
- } u;
-} SSL3ServerKeyExchange;
-
-typedef enum {
- ct_RSA_sign = 1,
- ct_DSS_sign = 2,
- ct_RSA_fixed_DH = 3,
- ct_DSS_fixed_DH = 4,
- ct_RSA_ephemeral_DH = 5,
- ct_DSS_ephemeral_DH = 6,
- ct_Fortezza = 20
-} SSL3ClientCertificateType;
-
-typedef SECItem *SSL3DistinquishedName;
-
-typedef struct {
- SSL3Opaque client_version[2];
- SSL3Opaque random[46];
-} SSL3RSAPreMasterSecret;
-
-typedef SECItem SSL3EncryptedPreMasterSecret;
-
-/* Following struct is the format of a Fortezza ClientKeyExchange message. */
-typedef struct {
- SECItem y_c;
- SSL3Opaque r_c [128];
- SSL3Opaque y_signature [40];
- SSL3Opaque wrapped_client_write_key [12];
- SSL3Opaque wrapped_server_write_key [12];
- SSL3Opaque client_write_iv [24];
- SSL3Opaque server_write_iv [24];
- SSL3Opaque master_secret_iv [24];
- SSL3Opaque encrypted_preMasterSecret[48];
-} SSL3FortezzaKeys;
-
-typedef SSL3Opaque SSL3MasterSecret[48];
-
-typedef enum { implicit, explicit } SSL3PublicValueEncoding;
-
-typedef struct {
- union {
- SSL3Opaque implicit;
- SECItem explicit;
- } dh_public;
-} SSL3ClientDiffieHellmanPublic;
-
-typedef struct {
- union {
- SSL3EncryptedPreMasterSecret rsa;
- SSL3ClientDiffieHellmanPublic diffie_helman;
- SSL3FortezzaKeys fortezza;
- } exchange_keys;
-} SSL3ClientKeyExchange;
-
-typedef SSL3Hashes SSL3PreSignedCertificateVerify;
-
-typedef SECItem SSL3CertificateVerify;
-
-typedef enum {
- sender_client = 0x434c4e54,
- sender_server = 0x53525652
-} SSL3Sender;
-
-typedef SSL3Hashes SSL3Finished;
-
-typedef struct {
- SSL3Opaque verify_data[12];
-} TLSFinished;
-
-#endif /* __ssl3proto_h_ */
diff --git a/security/nss/lib/ssl/sslauth.c b/security/nss/lib/ssl/sslauth.c
deleted file mode 100644
index f37b070ec..000000000
--- a/security/nss/lib/ssl/sslauth.c
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "cert.h"
-#include "secitem.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "pk11func.h"
-
-/* NEED LOCKS IN HERE. */
-CERTCertificate *
-SSL_PeerCertificate(PRFileDesc *fd)
-{
- sslSocket *ss;
- sslSecurityInfo *sec;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificate",
- SSL_GETPID(), fd));
- return 0;
- }
- sec = ss->sec;
- if (ss->useSecurity && sec && sec->peerCert) {
- return CERT_DupCertificate(sec->peerCert);
- }
- return 0;
-}
-
-/* NEED LOCKS IN HERE. */
-CERTCertificate *
-SSL_LocalCertificate(PRFileDesc *fd)
-{
- sslSocket *ss;
- sslSecurityInfo *sec;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in PeerCertificate",
- SSL_GETPID(), fd));
- return NULL;
- }
- sec = ss->sec;
- if (ss->useSecurity && sec ) {
- if (sec->localCert) {
- return CERT_DupCertificate(sec->localCert);
- }
- if (sec->ci.sid && sec->ci.sid->localCert) {
- return CERT_DupCertificate(sec->ci.sid->localCert);
- }
- }
- return NULL;
-}
-
-
-
-/* NEED LOCKS IN HERE. */
-SECStatus
-SSL_SecurityStatus(PRFileDesc *fd, int *op, char **cp, int *kp0, int *kp1,
- char **ip, char **sp)
-{
- sslSocket *ss;
- sslSecurityInfo *sec;
- const char *cipherName;
- PRBool isDes = PR_FALSE;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SecurityStatus",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- if (cp) *cp = 0;
- if (kp0) *kp0 = 0;
- if (kp1) *kp1 = 0;
- if (ip) *ip = 0;
- if (sp) *sp = 0;
- if (op) {
- *op = SSL_SECURITY_STATUS_OFF;
- }
-
- if (ss->useSecurity && ss->firstHsDone) {
- PORT_Assert(ss->sec != 0);
- sec = ss->sec;
-
- if (ss->version < SSL_LIBRARY_VERSION_3_0) {
- cipherName = ssl_cipherName[sec->cipherType];
- } else {
- cipherName = ssl3_cipherName[sec->cipherType];
- }
- if (cipherName && PORT_Strstr(cipherName, "DES")) isDes = PR_TRUE;
- /* do same key stuff for fortezza */
-
- if (cp) {
- *cp = PORT_Strdup(cipherName);
- }
-
- if (kp0) {
- *kp0 = sec->keyBits;
- if (isDes) *kp0 = (*kp0 * 7) / 8;
- }
- if (kp1) {
- *kp1 = sec->secretKeyBits;
- if (isDes) *kp1 = (*kp1 * 7) / 8;
- }
- if (op) {
- if (sec->keyBits == 0) {
- *op = SSL_SECURITY_STATUS_OFF;
- } else if (sec->secretKeyBits < 90) {
- *op = SSL_SECURITY_STATUS_ON_LOW;
-
- } else {
- *op = SSL_SECURITY_STATUS_ON_HIGH;
- }
- }
-
- if (ip || sp) {
- CERTCertificate *cert;
-
- cert = sec->peerCert;
- if (cert) {
- if (ip) {
- *ip = CERT_NameToAscii(&cert->issuer);
- }
- if (sp) {
- *sp = CERT_NameToAscii(&cert->subject);
- }
- } else {
- if (ip) {
- *ip = PORT_Strdup("no certificate");
- }
- if (sp) {
- *sp = PORT_Strdup("no certificate");
- }
- }
- }
- }
-
- return SECSuccess;
-}
-
-/************************************************************************/
-
-/* NEED LOCKS IN HERE. */
-SECStatus
-SSL_AuthCertificateHook(PRFileDesc *s, SSLAuthCertificate func, void *arg)
-{
- sslSocket *ss;
- SECStatus rv;
-
- ss = ssl_FindSocket(s);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in AuthCertificateHook",
- SSL_GETPID(), s));
- return SECFailure;
- }
-
- if ((rv = ssl_CreateSecurityInfo(ss)) != 0) {
- return rv;
- }
- ss->authCertificate = func;
- ss->authCertificateArg = arg;
-
- return SECSuccess;
-}
-
-/* NEED LOCKS IN HERE. */
-SECStatus
-SSL_GetClientAuthDataHook(PRFileDesc *s, SSLGetClientAuthData func,
- void *arg)
-{
- sslSocket *ss;
- SECStatus rv;
-
- ss = ssl_FindSocket(s);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
- SSL_GETPID(), s));
- return SECFailure;
- }
-
- if ((rv = ssl_CreateSecurityInfo(ss)) != 0) {
- return rv;
- }
- ss->getClientAuthData = func;
- ss->getClientAuthDataArg = arg;
- return SECSuccess;
-}
-
-/* NEED LOCKS IN HERE. */
-SECStatus
-SSL_SetPKCS11PinArg(PRFileDesc *s, void *arg)
-{
- sslSocket *ss;
- SECStatus rv;
-
- ss = ssl_FindSocket(s);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in GetClientAuthDataHook",
- SSL_GETPID(), s));
- return SECFailure;
- }
-
- if ((rv = ssl_CreateSecurityInfo(ss)) != 0) {
- return rv;
- }
- ss->pkcs11PinArg = arg;
- return SECSuccess;
-}
-
-
-/* This is the "default" authCert callback function. It is called when a
- * certificate message is received from the peer and the local application
- * has not registered an authCert callback function.
- */
-SECStatus
-SSL_AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
-{
- SECStatus rv;
- CERTCertDBHandle * handle;
- sslSocket * ss;
- SECCertUsage certUsage;
- const char * hostname = NULL;
-
- ss = ssl_FindSocket(fd);
- PORT_Assert(ss != NULL);
- if (!ss) {
- return SECFailure;
- }
-
- handle = (CERTCertDBHandle *)arg;
-
- /* this may seem backwards, but isn't. */
- certUsage = isServer ? certUsageSSLClient : certUsageSSLServer;
-
- rv = CERT_VerifyCertNow(handle, ss->sec->peerCert, checkSig, certUsage,
- ss->pkcs11PinArg);
-
- if ( rv != SECSuccess || isServer )
- return rv;
-
- /* cert is OK. This is the client side of an SSL connection.
- * Now check the name field in the cert against the desired hostname.
- * NB: This is our only defense against Man-In-The-Middle (MITM) attacks!
- */
- hostname = ss->url;
- if (hostname && hostname[0])
- rv = CERT_VerifyCertName(ss->sec->peerCert, hostname);
- else
- rv = SECFailure;
- if (rv != SECSuccess)
- PORT_SetError(SSL_ERROR_BAD_CERT_DOMAIN);
-
- return rv;
-}
diff --git a/security/nss/lib/ssl/sslcon.c b/security/nss/lib/ssl/sslcon.c
deleted file mode 100644
index 1cf901efa..000000000
--- a/security/nss/lib/ssl/sslcon.c
+++ /dev/null
@@ -1,3880 +0,0 @@
-/*
- * SSL v2 handshake functions, and functions common to SSL2 and SSL3.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "secitem.h"
-#include "sechash.h"
-#include "cryptohi.h" /* for SGN_ funcs */
-#include "keyhi.h" /* for SECKEY_ high level functions. */
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "ssl3prot.h"
-#include "sslerr.h"
-#include "pk11func.h"
-#include "prinit.h"
-#include "prtime.h" /* for PR_Now() */
-
-#define XXX
-static PRBool policyWasSet;
-
-/* This ordered list is indexed by (SSL_CK_xx * 3) */
-/* Second and third bytes are MSB and LSB of master key length. */
-static const PRUint8 allCipherSuites[] = {
- 0, 0, 0,
- SSL_CK_RC4_128_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC4_128_EXPORT40_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC2_128_CBC_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5, 0x00, 0x80,
- SSL_CK_IDEA_128_CBC_WITH_MD5, 0x00, 0x80,
- SSL_CK_DES_64_CBC_WITH_MD5, 0x00, 0x40,
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5, 0x00, 0xC0,
- 0, 0, 0
-};
-
-#define ssl2_NUM_SUITES_IMPLEMENTED 6
-
-/* This list is sent back to the client when the client-hello message
- * contains no overlapping ciphers, so the client can report what ciphers
- * are supported by the server. Unlike allCipherSuites (above), this list
- * is sorted by descending preference, not by cipherSuite number.
- */
-static const PRUint8 implementedCipherSuites[ssl2_NUM_SUITES_IMPLEMENTED * 3] = {
- SSL_CK_RC4_128_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC2_128_CBC_WITH_MD5, 0x00, 0x80,
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5, 0x00, 0xC0,
- SSL_CK_DES_64_CBC_WITH_MD5, 0x00, 0x40,
- SSL_CK_RC4_128_EXPORT40_WITH_MD5, 0x00, 0x80,
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5, 0x00, 0x80
-};
-
-typedef struct ssl2SpecsStr {
- PRUint8 nkm; /* do this many hashes to generate key material. */
- PRUint8 nkd; /* size of readKey and writeKey in bytes. */
- PRUint8 blockSize;
- PRUint8 blockShift;
- CK_MECHANISM_TYPE mechanism;
- PRUint8 keyLen; /* cipher symkey size in bytes. */
- PRUint8 pubLen; /* publicly reveal this many bytes of key. */
- PRUint8 ivLen; /* length of IV data at *ca. */
-} ssl2Specs;
-
-static const ssl2Specs ssl_Specs[] = {
-/* NONE */
- { 0, 0, 0, 0, },
-/* SSL_CK_RC4_128_WITH_MD5 */
- { 2, 16, 1, 0, CKM_RC4, 16, 0, 0, },
-/* SSL_CK_RC4_128_EXPORT40_WITH_MD5 */
- { 2, 16, 1, 0, CKM_RC4, 16, 11, 0, },
-/* SSL_CK_RC2_128_CBC_WITH_MD5 */
- { 2, 16, 8, 3, CKM_RC2_CBC, 16, 0, 8, },
-/* SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 */
- { 2, 16, 8, 3, CKM_RC2_CBC, 16, 11, 8, },
-/* SSL_CK_IDEA_128_CBC_WITH_MD5 */
- { 0, 0, 0, 0, },
-/* SSL_CK_DES_64_CBC_WITH_MD5 */
- { 1, 8, 8, 3, CKM_DES_CBC, 8, 0, 8, },
-/* SSL_CK_DES_192_EDE3_CBC_WITH_MD5 */
- { 3, 24, 8, 3, CKM_DES3_CBC, 24, 0, 8, },
-};
-
-#define SET_ERROR_CODE /* reminder */
-#define TEST_FOR_FAILURE /* reminder */
-
-/*
-** Put a string tag in the library so that we can examine an executable
-** and see what kind of security it supports.
-*/
-const char *ssl_version = "SECURITY_VERSION:"
- " +us"
- " +export"
-#ifdef TRACE
- " +trace"
-#endif
-#ifdef DEBUG
- " +debug"
-#endif
- ;
-
-const char * const ssl_cipherName[] = {
- "unknown",
- "RC4",
- "RC4-Export",
- "RC2-CBC",
- "RC2-CBC-Export",
- "IDEA-CBC",
- "DES-CBC",
- "DES-EDE3-CBC",
- "unknown",
- "Fortezza",
-};
-
-
-/* bit-masks, showing which SSLv2 suites are allowed.
- * lsb corresponds to first cipher suite in allCipherSuites[].
- */
-static PRUint16 allowedByPolicy; /* all off by default */
-static PRUint16 maybeAllowedByPolicy; /* all off by default */
-static PRUint16 chosenPreference = 0xff; /* all on by default */
-
-/* bit values for the above two bit masks */
-#define SSL_CB_RC4_128_WITH_MD5 (1 << SSL_CK_RC4_128_WITH_MD5)
-#define SSL_CB_RC4_128_EXPORT40_WITH_MD5 (1 << SSL_CK_RC4_128_EXPORT40_WITH_MD5)
-#define SSL_CB_RC2_128_CBC_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_WITH_MD5)
-#define SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5 (1 << SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5)
-#define SSL_CB_IDEA_128_CBC_WITH_MD5 (1 << SSL_CK_IDEA_128_CBC_WITH_MD5)
-#define SSL_CB_DES_64_CBC_WITH_MD5 (1 << SSL_CK_DES_64_CBC_WITH_MD5)
-#define SSL_CB_DES_192_EDE3_CBC_WITH_MD5 (1 << SSL_CK_DES_192_EDE3_CBC_WITH_MD5)
-#define SSL_CB_IMPLEMENTED \
- (SSL_CB_RC4_128_WITH_MD5 | \
- SSL_CB_RC4_128_EXPORT40_WITH_MD5 | \
- SSL_CB_RC2_128_CBC_WITH_MD5 | \
- SSL_CB_RC2_128_CBC_EXPORT40_WITH_MD5 | \
- SSL_CB_DES_64_CBC_WITH_MD5 | \
- SSL_CB_DES_192_EDE3_CBC_WITH_MD5)
-
-
-/* Construct a socket's list of cipher specs from the global default values.
- */
-static SECStatus
-ssl2_ConstructCipherSpecs(sslSocket *ss)
-{
- PRUint8 * cs = NULL;
- unsigned int allowed;
- unsigned int count;
- int ssl3_count = 0;
- int final_count;
- int i;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- count = 0;
- PORT_Assert(ss != 0);
- allowed = !ss->enableSSL2 ? 0 :
- (ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED);
- while (allowed) {
- if (allowed & 1)
- ++count;
- allowed >>= 1;
- }
-
- /* Call ssl3_config_match_init() once here,
- * instead of inside ssl3_ConstructV2CipherSpecsHack(),
- * because the latter gets called twice below,
- * and then again in ssl2_BeginClientHandshake().
- */
- ssl3_config_match_init(ss);
-
- /* ask SSL3 how many cipher suites it has. */
- rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3_count);
- if (rv < 0)
- return rv;
- count += ssl3_count;
-
- /* Allocate memory to hold cipher specs */
- if (count > 0)
- cs = (PRUint8*) PORT_Alloc(count * 3);
- else
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- if (cs == NULL)
- return SECFailure;
-
- if (ss->cipherSpecs != NULL) {
- PORT_Free(ss->cipherSpecs);
- }
- ss->cipherSpecs = cs;
- ss->sizeCipherSpecs = count * 3;
-
- /* fill in cipher specs for SSL2 cipher suites */
- allowed = !ss->enableSSL2 ? 0 :
- (ss->allowedByPolicy & ss->chosenPreference & SSL_CB_IMPLEMENTED);
- for (i = 0; i < ssl2_NUM_SUITES_IMPLEMENTED * 3; i += 3) {
- const PRUint8 * hs = implementedCipherSuites + i;
- int ok = allowed & (1U << hs[0]);
- if (ok) {
- cs[0] = hs[0];
- cs[1] = hs[1];
- cs[2] = hs[2];
- cs += 3;
- }
- }
-
- /* now have SSL3 add its suites onto the end */
- rv = ssl3_ConstructV2CipherSpecsHack(ss, cs, &final_count);
-
- /* adjust for any difference between first pass and second pass */
- ss->sizeCipherSpecs -= (ssl3_count - final_count) * 3;
-
- return rv;
-}
-
-/* This function is called immediately after ssl2_ConstructCipherSpecs()
-** at the beginning of a handshake. It detects cases where a protocol
-** (e.g. SSL2 or SSL3) is logically enabled, but all its cipher suites
-** for that protocol have been disabled. If such cases, it clears the
-** enable bit for the protocol. If no protocols remain enabled, or
-** if no cipher suites are found, it sets the error code and returns
-** SECFailure, otherwise it returns SECSuccess.
-*/
-static SECStatus
-ssl2_CheckConfigSanity(sslSocket *ss)
-{
- unsigned int allowed;
- int ssl3CipherCount = 0;
- SECStatus rv;
-
- /* count the SSL2 and SSL3 enabled ciphers.
- * if either is zero, clear the socket's enable for that protocol.
- */
- if (!ss->cipherSpecs)
- goto disabled;
-
- allowed = ss->allowedByPolicy & ss->chosenPreference;
- if (! allowed)
- ss->enableSSL2 = PR_FALSE; /* not really enabled if no ciphers */
-
- /* ssl3_config_match_init was called in ssl2_ConstructCipherSpecs(). */
- /* Ask how many ssl3 CipherSuites were enabled. */
- rv = ssl3_ConstructV2CipherSpecsHack(ss, NULL, &ssl3CipherCount);
- if (rv != SECSuccess || ssl3CipherCount <= 0) {
- ss->enableSSL3 = PR_FALSE; /* not really enabled if no ciphers */
- ss->enableTLS = PR_FALSE;
- }
-
- if (!ss->enableSSL2 && !ss->enableSSL3 && !ss->enableTLS) {
- SSL_DBG(("%d: SSL[%d]: Can't handshake! both v2 and v3 disabled.",
- SSL_GETPID(), ss->fd));
-disabled:
- PORT_SetError(SSL_ERROR_SSL_DISABLED);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/*
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this. Probably want a global lock.
- */
-SECStatus
-ssl2_SetPolicy(PRInt32 which, PRInt32 policy)
-{
- PRUint32 bitMask;
- SECStatus rv = SECSuccess;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return SECFailure;
- }
-
- if (policy == SSL_ALLOWED) {
- allowedByPolicy |= bitMask;
- maybeAllowedByPolicy |= bitMask;
- } else if (policy == SSL_RESTRICTED) {
- allowedByPolicy &= ~bitMask;
- maybeAllowedByPolicy |= bitMask;
- } else {
- allowedByPolicy &= ~bitMask;
- maybeAllowedByPolicy &= ~bitMask;
- }
- allowedByPolicy &= SSL_CB_IMPLEMENTED;
- maybeAllowedByPolicy &= SSL_CB_IMPLEMENTED;
-
- policyWasSet = PR_TRUE;
- return rv;
-}
-
-SECStatus
-ssl2_GetPolicy(PRInt32 which, PRInt32 *oPolicy)
-{
- PRUint32 bitMask;
- PRInt32 policy;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- /* Caller assures oPolicy is not null. */
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- *oPolicy = SSL_NOT_ALLOWED;
- return SECFailure;
- }
-
- if (maybeAllowedByPolicy & bitMask) {
- policy = (allowedByPolicy & bitMask) ? SSL_ALLOWED : SSL_RESTRICTED;
- } else {
- policy = SSL_NOT_ALLOWED;
- }
-
- *oPolicy = policy;
- return SECSuccess;
-}
-
-/*
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this. Probably want a global lock.
- * Called from SSL_CipherPrefSetDefault in sslsock.c
- * These changes have no effect on any sslSockets already created.
- */
-SECStatus
-ssl2_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
-{
- PRUint32 bitMask;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return SECFailure;
- }
-
- if (enabled)
- chosenPreference |= bitMask;
- else
- chosenPreference &= ~bitMask;
- chosenPreference &= SSL_CB_IMPLEMENTED;
-
- return SECSuccess;
-}
-
-SECStatus
-ssl2_CipherPrefGetDefault(PRInt32 which, PRBool *enabled)
-{
- PRBool rv = PR_FALSE;
- PRUint32 bitMask;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- *enabled = PR_FALSE;
- return SECFailure;
- }
-
- rv = (PRBool)((chosenPreference & bitMask) != 0);
- *enabled = rv;
- return SECSuccess;
-}
-
-SECStatus
-ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enabled)
-{
- PRUint32 bitMask;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- return SECFailure;
- }
-
- if (enabled)
- ss->chosenPreference |= bitMask;
- else
- ss->chosenPreference &= ~bitMask;
- ss->chosenPreference &= SSL_CB_IMPLEMENTED;
-
- return SECSuccess;
-}
-
-SECStatus
-ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabled)
-{
- PRBool rv = PR_FALSE;
- PRUint32 bitMask;
-
- which &= 0x000f;
- bitMask = 1 << which;
-
- if (!(bitMask & SSL_CB_IMPLEMENTED)) {
- PORT_SetError(SSL_ERROR_UNKNOWN_CIPHER_SUITE);
- *enabled = PR_FALSE;
- return SECFailure;
- }
-
- rv = (PRBool)((ss->chosenPreference & bitMask) != 0);
- *enabled = rv;
- return SECSuccess;
-}
-
-
-/* copy global default policy into socket. */
-void
-ssl2_InitSocketPolicy(sslSocket *ss)
-{
- ss->allowedByPolicy = allowedByPolicy;
- ss->maybeAllowedByPolicy = maybeAllowedByPolicy;
- ss->chosenPreference = chosenPreference;
-}
-
-
-/************************************************************************/
-
-/* Called from ssl2_CreateSessionCypher(), which already holds handshake lock.
- */
-static SECStatus
-ssl2_CreateMAC(sslSecurityInfo *sec, SECItem *readKey, SECItem *writeKey,
- int cipherChoice)
-{
- switch (cipherChoice) {
-
- case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
- case SSL_CK_RC2_128_CBC_WITH_MD5:
- case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
- case SSL_CK_RC4_128_WITH_MD5:
- case SSL_CK_DES_64_CBC_WITH_MD5:
- case SSL_CK_DES_192_EDE3_CBC_WITH_MD5:
- sec->hash = HASH_GetHashObject(HASH_AlgMD5);
- SECITEM_CopyItem(0, &sec->sendSecret, writeKey);
- SECITEM_CopyItem(0, &sec->rcvSecret, readKey);
- break;
-
- default:
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- return SECFailure;
- }
- sec->hashcx = (*sec->hash->create)();
- if (sec->hashcx == NULL)
- return SECFailure;
- return SECSuccess;
-}
-
-/************************************************************************
- * All the Send functions below must acquire and release the socket's
- * xmitBufLock.
- */
-
-/* Called from all the Send* functions below. */
-static SECStatus
-ssl2_GetSendBuffer(sslSocket *ss, unsigned int len)
-{
- sslConnectInfo *ci;
- SECStatus rv = SECSuccess;
-
- PORT_Assert((ss->sec != 0));
-
- PORT_Assert(ssl_HaveXmitBufLock(ss));
-
- ci = &ss->sec->ci;
-
- if (len < 128) {
- len = 128;
- }
- if (len > ci->sendBuf.space) {
- rv = sslBuffer_Grow(&ci->sendBuf, len);
- if (rv != SECSuccess) {
- SSL_DBG(("%d: SSL[%d]: ssl2_GetSendBuffer failed, tried to get %d bytes",
- SSL_GETPID(), ss->fd, len));
- rv = SECFailure;
- }
- }
- return rv;
-}
-
-/* Called from:
- * ssl2_ClientSetupSessionCypher() <- ssl2_HandleServerHelloMessage()
- * ssl2_HandleRequestCertificate() <- ssl2_HandleMessage() <-
- ssl_Do1stHandshake()
- * ssl2_HandleMessage() <- ssl_Do1stHandshake()
- * ssl2_HandleServerHelloMessage() <- ssl_Do1stHandshake()
- after ssl2_BeginClientHandshake()
- * ssl2_RestartHandshakeAfterCertReq() <- Called from certdlgs.c in nav.
- * ssl2_HandleClientHelloMessage() <- ssl_Do1stHandshake()
- after ssl2_BeginServerHandshake()
- *
- * Acquires and releases the socket's xmitBufLock.
- */
-int
-ssl2_SendErrorMessage(sslSocket *ss, int error)
-{
- sslSecurityInfo *sec;
- int rv;
- PRUint8 msg[SSL_HL_ERROR_HBYTES];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- msg[0] = SSL_MT_ERROR;
- msg[1] = MSB(error);
- msg[2] = LSB(error);
-
- ssl_GetXmitBufLock(ss); /***************************************/
- sec = ss->sec;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending error %d", SSL_GETPID(), ss->fd, error));
-
- ss->handshakeBegun = 1;
- rv = (*sec->send)(ss, msg, sizeof(msg), 0);
- if (rv >= 0) {
- rv = SECSuccess;
- }
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_TryToFinish().
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendClientFinishedMessage(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo * ci;
- SECStatus rv = SECSuccess;
- int sent;
- PRUint8 msg[1 + SSL_CONNECTIONID_BYTES];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- ssl_GetXmitBufLock(ss); /***************************************/
- sec = ss->sec;
- ci = &sec->ci;
-
- if (ci->sentFinished == 0) {
- ci->sentFinished = 1;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending client-finished",
- SSL_GETPID(), ss->fd));
-
- msg[0] = SSL_MT_CLIENT_FINISHED;
- PORT_Memcpy(msg+1, ci->connectionID, sizeof(ci->connectionID));
-
- DUMP_MSG(29, (ss, msg, 1 + sizeof(ci->connectionID)));
- sent = (*sec->send)(ss, msg, 1 + sizeof(ci->connectionID), 0);
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
- }
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from
- * ssl2_HandleClientSessionKeyMessage() <- ssl2_HandleClientHelloMessage()
- * ssl2_HandleClientHelloMessage() <- ssl_Do1stHandshake()
- after ssl2_BeginServerHandshake()
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendServerVerifyMessage(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo * ci;
- PRUint8 * msg;
- int sendLen;
- int sent;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- ssl_GetXmitBufLock(ss); /***************************************/
- sec = ss->sec;
- ci = &sec->ci;
-
- sendLen = 1 + SSL_CHALLENGE_BYTES;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess) {
- goto done;
- }
-
- msg = ci->sendBuf.buf;
- msg[0] = SSL_MT_SERVER_VERIFY;
- PORT_Memcpy(msg+1, ci->clientChallenge, SSL_CHALLENGE_BYTES);
-
- DUMP_MSG(29, (ss, msg, sendLen));
- sent = (*sec->send)(ss, msg, sendLen, 0);
-
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_TryToFinish().
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendServerFinishedMessage(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo * ci;
- sslSessionID * sid;
- PRUint8 * msg;
- int sendLen, sent;
- SECStatus rv = SECSuccess;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- ssl_GetXmitBufLock(ss); /***************************************/
- sec = ss->sec;
- ci = &sec->ci;
-
- if (ci->sentFinished == 0) {
- ci->sentFinished = 1;
- PORT_Assert(ci->sid != 0);
- sid = ci->sid;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending server-finished",
- SSL_GETPID(), ss->fd));
-
- sendLen = 1 + sizeof(sid->u.ssl2.sessionID);
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess) {
- goto done;
- }
-
- msg = ci->sendBuf.buf;
- msg[0] = SSL_MT_SERVER_FINISHED;
- PORT_Memcpy(msg+1, sid->u.ssl2.sessionID,
- sizeof(sid->u.ssl2.sessionID));
-
- DUMP_MSG(29, (ss, msg, sendLen));
- sent = (*sec->send)(ss, msg, sendLen, 0);
-
- if (sent < 0) {
- /* If send failed, it is now a bogus session-id */
- (*sec->uncache)(sid);
- rv = (SECStatus)sent;
- } else if (!ss->noCache) {
- /* Put the sid in session-id cache, (may already be there) */
- (*sec->cache)(sid);
- rv = SECSuccess;
- }
- ssl_FreeSID(sid);
- ci->sid = 0;
- }
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_ClientSetupSessionCypher() <-
- * ssl2_HandleServerHelloMessage()
- * after ssl2_BeginClientHandshake()
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendSessionKeyMessage(sslSocket *ss, int cipher, int keySize,
- PRUint8 *ca, int caLen,
- PRUint8 *ck, int ckLen,
- PRUint8 *ek, int ekLen)
-{
- sslSecurityInfo *sec;
- PRUint8 * msg;
- int sendLen;
- int sent;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- ssl_GetXmitBufLock(ss); /***************************************/
- sec = ss->sec;
-
- sendLen = SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen + ekLen + caLen;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess)
- goto done;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending client-session-key",
- SSL_GETPID(), ss->fd));
-
- msg = sec->ci.sendBuf.buf;
- msg[0] = SSL_MT_CLIENT_MASTER_KEY;
- msg[1] = cipher;
- msg[2] = MSB(keySize);
- msg[3] = LSB(keySize);
- msg[4] = MSB(ckLen);
- msg[5] = LSB(ckLen);
- msg[6] = MSB(ekLen);
- msg[7] = LSB(ekLen);
- msg[8] = MSB(caLen);
- msg[9] = LSB(caLen);
- PORT_Memcpy(msg+SSL_HL_CLIENT_MASTER_KEY_HBYTES, ck, ckLen);
- PORT_Memcpy(msg+SSL_HL_CLIENT_MASTER_KEY_HBYTES+ckLen, ek, ekLen);
- PORT_Memcpy(msg+SSL_HL_CLIENT_MASTER_KEY_HBYTES+ckLen+ekLen, ca, caLen);
-
- DUMP_MSG(29, (ss, msg, sendLen));
- sent = (*sec->send)(ss, msg, sendLen, 0);
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_TriggerNextMessage() <- ssl2_HandleMessage()
- * Acquires and releases the socket's xmitBufLock.
- */
-static SECStatus
-ssl2_SendCertificateRequestMessage(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo * ci;
- PRUint8 * msg;
- int sent;
- int sendLen;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- ssl_GetXmitBufLock(ss); /***************************************/
- sec = ss->sec;
- ci = &sec->ci;
-
- sendLen = SSL_HL_REQUEST_CERTIFICATE_HBYTES + SSL_CHALLENGE_BYTES;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess)
- goto done;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending certificate request",
- SSL_GETPID(), ss->fd));
-
- /* Generate random challenge for client to encrypt */
- PK11_GenerateRandom(ci->serverChallenge, SSL_CHALLENGE_BYTES);
-
- msg = ci->sendBuf.buf;
- msg[0] = SSL_MT_REQUEST_CERTIFICATE;
- msg[1] = SSL_AT_MD5_WITH_RSA_ENCRYPTION;
- PORT_Memcpy(msg + SSL_HL_REQUEST_CERTIFICATE_HBYTES, ci->serverChallenge,
- SSL_CHALLENGE_BYTES);
-
- DUMP_MSG(29, (ss, msg, sendLen));
- sent = (*sec->send)(ss, msg, sendLen, 0);
- rv = (sent >= 0) ? SECSuccess : (SECStatus)sent;
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/* Called from ssl2_HandleRequestCertificate() <- ssl2_HandleMessage()
- * ssl2_RestartHandshakeAfterCertReq() <- (application)
- * Acquires and releases the socket's xmitBufLock.
- */
-static int
-ssl2_SendCertificateResponseMessage(sslSocket *ss, SECItem *cert,
- SECItem *encCode)
-{
- sslSecurityInfo *sec;
- PRUint8 *msg;
- int rv, sendLen;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- ssl_GetXmitBufLock(ss); /***************************************/
- sec = ss->sec;
-
- sendLen = SSL_HL_CLIENT_CERTIFICATE_HBYTES + encCode->len + cert->len;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv)
- goto done;
-
- SSL_TRC(3, ("%d: SSL[%d]: sending certificate response",
- SSL_GETPID(), ss->fd));
-
- msg = sec->ci.sendBuf.buf;
- msg[0] = SSL_MT_CLIENT_CERTIFICATE;
- msg[1] = SSL_CT_X509_CERTIFICATE;
- msg[2] = MSB(cert->len);
- msg[3] = LSB(cert->len);
- msg[4] = MSB(encCode->len);
- msg[5] = LSB(encCode->len);
- PORT_Memcpy(msg + SSL_HL_CLIENT_CERTIFICATE_HBYTES, cert->data, cert->len);
- PORT_Memcpy(msg + SSL_HL_CLIENT_CERTIFICATE_HBYTES + cert->len,
- encCode->data, encCode->len);
-
- DUMP_MSG(29, (ss, msg, sendLen));
- rv = (*sec->send)(ss, msg, sendLen, 0);
- if (rv >= 0) {
- rv = SECSuccess;
- }
-done:
- ssl_ReleaseXmitBufLock(ss); /***************************************/
- return rv;
-}
-
-/********************************************************************
-** Send functions above this line must aquire & release the socket's
-** xmitBufLock.
-** All the ssl2_Send functions below this line are called vis ss->sec->send
-** and require that the caller hold the xmitBufLock.
-*/
-
-/*
-** Called from ssl2_SendStream, ssl2_SendBlock, but not from ssl2_SendClear.
-*/
-static SECStatus
-ssl2_CalcMAC(PRUint8 * result,
- sslSecurityInfo * sec,
- const PRUint8 * data,
- unsigned int dataLen,
- unsigned int paddingLen)
-{
- const PRUint8 * secret = sec->sendSecret.data;
- unsigned int secretLen = sec->sendSecret.len;
- unsigned long sequenceNumber = sec->sendSequence;
- unsigned int nout;
- PRUint8 seq[4];
- PRUint8 padding[32];/* XXX max blocksize? */
-
- if (!sec->hash || !sec->hash->length)
- return SECSuccess;
- if (!sec->hashcx)
- return SECFailure;
-
- /* Reset hash function */
- (*sec->hash->begin)(sec->hashcx);
-
- /* Feed hash the data */
- (*sec->hash->update)(sec->hashcx, secret, secretLen);
- (*sec->hash->update)(sec->hashcx, data, dataLen);
- PORT_Memset(padding, paddingLen, paddingLen);
- (*sec->hash->update)(sec->hashcx, padding, paddingLen);
-
- seq[0] = (PRUint8) (sequenceNumber >> 24);
- seq[1] = (PRUint8) (sequenceNumber >> 16);
- seq[2] = (PRUint8) (sequenceNumber >> 8);
- seq[3] = (PRUint8) (sequenceNumber);
-
- PRINT_BUF(60, (0, "calc-mac secret:", secret, secretLen));
- PRINT_BUF(60, (0, "calc-mac data:", data, dataLen));
- PRINT_BUF(60, (0, "calc-mac padding:", padding, paddingLen));
- PRINT_BUF(60, (0, "calc-mac seq:", seq, 4));
-
- (*sec->hash->update)(sec->hashcx, seq, 4);
-
- /* Get result */
- (*sec->hash->end)(sec->hashcx, result, &nout, sec->hash->length);
-
- return SECSuccess;
-}
-
-/*
-** Maximum transmission amounts. These are tiny bit smaller than they
-** need to be (they account for the MAC length plus some padding),
-** assuming the MAC is 16 bytes long and the padding is a max of 7 bytes
-** long. This gives an additional 9 bytes of slop to work within.
-*/
-#define MAX_STREAM_CYPHER_LEN 0x7fe0
-#define MAX_BLOCK_CYPHER_LEN 0x3fe0
-
-/*
-** Send some data in the clear.
-** Package up data with the length header and send it.
-**
-** Return count of bytes succesfully written, or negative number (failure).
-*/
-static PRInt32
-ssl2_SendClear(sslSocket *ss, const PRUint8 *in, PRInt32 len, PRInt32 flags)
-{
- sslSecurityInfo * sec = ss->sec;
- PRUint8 * out;
- int rv;
- int amount;
- int count = 0;
-
- PORT_Assert(sec != 0);
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- SSL_TRC(10, ("%d: SSL[%d]: sending %d bytes in the clear",
- SSL_GETPID(), ss->fd, len));
- PRINT_BUF(50, (ss, "clear data:", (PRUint8*) in, len));
-
- while (len) {
- amount = PR_MIN( len, MAX_STREAM_CYPHER_LEN );
- if (amount + 2 > sec->writeBuf.space) {
- rv = sslBuffer_Grow(&sec->writeBuf, amount + 2);
- if (rv != SECSuccess) {
- count = rv;
- break;
- }
- }
- out = sec->writeBuf.buf;
-
- /*
- ** Construct message.
- */
- out[0] = 0x80 | MSB(amount);
- out[1] = LSB(amount);
- PORT_Memcpy(&out[2], in, amount);
-
- /* Now send the data */
- rv = ssl_DefSend(ss, out, amount + 2, flags & ~ssl_SEND_FLAG_MASK);
- if (rv < 0) {
- if (PORT_GetError() == PR_WOULD_BLOCK_ERROR) {
- rv = 0;
- } else {
- /* Return short write if some data already went out... */
- if (count == 0)
- count = rv;
- break;
- }
- }
-
- if ((unsigned)rv < (amount + 2)) {
- /* Short write. Save the data and return. */
- if (ssl_SaveWriteData(ss, &ss->pendingBuf, out + rv,
- amount + 2 - rv) == SECFailure) {
- count = SECFailure;
- } else {
- count += amount;
- sec->sendSequence++;
- }
- break;
- }
-
- sec->sendSequence++;
- in += amount;
- count += amount;
- len -= amount;
- }
-
- return count;
-}
-
-/*
-** Send some data, when using a stream cipher. Stream ciphers have a
-** block size of 1. Package up the data with the length header
-** and send it.
-*/
-static PRInt32
-ssl2_SendStream(sslSocket *ss, const PRUint8 *in, PRInt32 len, PRInt32 flags)
-{
- sslSecurityInfo *sec = ss->sec;
- PRUint8 * out;
- int rv;
- int count = 0;
-
- int amount;
- PRUint8 macLen;
- int nout;
- int buflen;
-
- PORT_Assert(sec != 0);
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- SSL_TRC(10, ("%d: SSL[%d]: sending %d bytes using stream cipher",
- SSL_GETPID(), ss->fd, len));
- PRINT_BUF(50, (ss, "clear data:", (PRUint8*) in, len));
-
- while (len) {
- ssl_GetSpecReadLock(ss); /*************************************/
-
- macLen = sec->hash->length;
- amount = PR_MIN( len, MAX_STREAM_CYPHER_LEN );
- buflen = amount + 2 + macLen;
- if (buflen > sec->writeBuf.space) {
- rv = sslBuffer_Grow(&sec->writeBuf, buflen);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- out = sec->writeBuf.buf;
- nout = amount + macLen;
- out[0] = 0x80 | MSB(nout);
- out[1] = LSB(nout);
-
- /* Calculate MAC */
- rv = ssl2_CalcMAC(out+2, /* put MAC here */
- sec,
- in, amount, /* input addr & length */
- 0); /* no padding */
- if (rv != SECSuccess)
- goto loser;
-
- /* Encrypt MAC */
- rv = (*sec->enc)(sec->writecx, out+2, &nout, macLen, out+2, macLen);
- if (rv) goto loser;
-
- /* Encrypt data from caller */
- rv = (*sec->enc)(sec->writecx, out+2+macLen, &nout, amount, in, amount);
- if (rv) goto loser;
-
- ssl_ReleaseSpecReadLock(ss); /*************************************/
-
- PRINT_BUF(50, (ss, "encrypted data:", out, buflen));
-
- rv = ssl_DefSend(ss, out, buflen, flags & ~ssl_SEND_FLAG_MASK);
- if (rv < 0) {
- if (PORT_GetError() == PR_WOULD_BLOCK_ERROR) {
- SSL_TRC(50, ("%d: SSL[%d]: send stream would block, "
- "saving data", SSL_GETPID(), ss->fd));
- rv = 0;
- } else {
- SSL_TRC(10, ("%d: SSL[%d]: send stream error %d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- /* Return short write if some data already went out... */
- if (count == 0)
- count = rv;
- goto done;
- }
- }
-
- if ((unsigned)rv < buflen) {
- /* Short write. Save the data and return. */
- if (ssl_SaveWriteData(ss, &ss->pendingBuf, out + rv,
- buflen - rv) == SECFailure) {
- count = SECFailure;
- } else {
- count += amount;
- sec->sendSequence++;
- }
- goto done;
- }
-
- sec->sendSequence++;
- in += amount;
- count += amount;
- len -= amount;
- }
-
-done:
- return count;
-
-loser:
- ssl_ReleaseSpecReadLock(ss);
- return SECFailure;
-}
-
-/*
-** Send some data, when using a block cipher. Package up the data with
-** the length header and send it.
-*/
-/* XXX assumes blocksize is > 7 */
-static PRInt32
-ssl2_SendBlock(sslSocket *ss, const PRUint8 *in, PRInt32 len, PRInt32 flags)
-{
- sslSecurityInfo *sec = ss->sec;
- PRUint8 * out; /* begining of output buffer. */
- PRUint8 * op; /* next output byte goes here. */
- int rv; /* value from funcs we called. */
- int count = 0; /* this function's return value. */
-
- unsigned int hlen; /* output record hdr len, 2 or 3 */
- unsigned int macLen; /* MAC is this many bytes long. */
- int amount; /* of plaintext to go in record. */
- unsigned int padding; /* add this many padding byte. */
- int nout; /* ciphertext size after header. */
- int buflen; /* size of generated record. */
-
- PORT_Assert(sec != 0);
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
-
- SSL_TRC(10, ("%d: SSL[%d]: sending %d bytes using block cipher",
- SSL_GETPID(), ss->fd, len));
- PRINT_BUF(50, (ss, "clear data:", in, len));
-
- while (len) {
- ssl_GetSpecReadLock(ss); /*************************************/
-
- macLen = sec->hash->length;
- /* Figure out how much to send, including mac and padding */
- amount = PR_MIN( len, MAX_BLOCK_CYPHER_LEN );
- nout = amount + macLen;
- padding = nout & (sec->blockSize - 1);
- if (padding) {
- hlen = 3;
- padding = sec->blockSize - padding;
- nout += padding;
- } else {
- hlen = 2;
- }
- buflen = hlen + nout;
- if (buflen > sec->writeBuf.space) {
- rv = sslBuffer_Grow(&sec->writeBuf, buflen);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- out = sec->writeBuf.buf;
-
- /* Construct header */
- op = out;
- if (padding) {
- *op++ = MSB(nout);
- *op++ = LSB(nout);
- *op++ = padding;
- } else {
- *op++ = 0x80 | MSB(nout);
- *op++ = LSB(nout);
- }
-
- /* Calculate MAC */
- rv = ssl2_CalcMAC(op, /* MAC goes here. */
- sec,
- in, amount, /* intput addr, len */
- padding);
- if (rv != SECSuccess)
- goto loser;
- op += macLen;
-
- /* Copy in the input data */
- /* XXX could eliminate the copy by folding it into the encryption */
- PORT_Memcpy(op, in, amount);
- op += amount;
- if (padding) {
- PORT_Memset(op, padding, padding);
- op += padding;
- }
-
- /* Encrypt result */
- rv = (*sec->enc)(sec->writecx, out+hlen, &nout, buflen-hlen,
- out+hlen, op - (out + hlen));
- if (rv)
- goto loser;
-
- ssl_ReleaseSpecReadLock(ss); /*************************************/
-
- PRINT_BUF(50, (ss, "final xmit data:", out, op - out));
-
- rv = ssl_DefSend(ss, out, op - out, flags & ~ssl_SEND_FLAG_MASK);
- if (rv < 0) {
- if (PORT_GetError() == PR_WOULD_BLOCK_ERROR) {
- rv = 0;
- } else {
- SSL_TRC(10, ("%d: SSL[%d]: send block error %d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- /* Return short write if some data already went out... */
- if (count == 0)
- count = rv;
- goto done;
- }
- }
-
- if (rv < (op - out)) {
- /* Short write. Save the data and return. */
- if (ssl_SaveWriteData(ss, &ss->pendingBuf, out + rv,
- op - out - rv) == SECFailure) {
- count = SECFailure;
- } else {
- count += amount;
- sec->sendSequence++;
- }
- goto done;
- }
-
- sec->sendSequence++;
- in += amount;
- count += amount;
- len -= amount;
- }
-
-done:
- return count;
-
-loser:
- ssl_ReleaseSpecReadLock(ss);
- return SECFailure;
-}
-
-/*
-** Called from: ssl2_HandleServerHelloMessage,
-** ssl2_HandleClientSessionKeyMessage,
-** ssl2_RestartHandshakeAfterServerCert,
-** ssl2_HandleClientHelloMessage,
-**
-*/
-static void
-ssl2_UseEncryptedSendFunc(sslSocket *ss)
-{
- sslSecurityInfo *sec;
-
- ssl_GetXmitBufLock(ss);
- PORT_Assert(ss->sec != 0);
- sec = ss->sec;
- PORT_Assert(sec->hashcx != 0);
-
- ss->gather->encrypted = 1;
- sec->send = (sec->blockSize > 1) ? ssl2_SendBlock : ssl2_SendStream;
- ssl_ReleaseXmitBufLock(ss);
-}
-
-/* Called while initializing socket in ssl_CreateSecurityInfo().
-** This function allows us to keep the name of ssl2_SendClear static.
-*/
-void
-ssl2_UseClearSendFunc(sslSocket *ss)
-{
- ss->sec->send = ssl2_SendClear;
-}
-
-/************************************************************************
-** END of Send functions. *
-*************************************************************************/
-
-/***********************************************************************
- * For SSL3, this gathers in and handles records/messages until either
- * the handshake is complete or application data is available.
- *
- * For SSL2, this gathers in only the next SSLV2 record.
- *
- * Called from ssl_Do1stHandshake() via function pointer ss->handshake.
- * Caller must hold handshake lock.
- * This function acquires and releases the RecvBufLock.
- *
- * returns SECSuccess for success.
- * returns SECWouldBlock when that value is returned by ssl2_GatherRecord() or
- * ssl3_GatherCompleteHandshake().
- * returns SECFailure on all other errors.
- *
- * The gather functions called by ssl_GatherRecord1stHandshake are expected
- * to return values interpreted as follows:
- * 1 : the function completed without error.
- * 0 : the function read EOF.
- * -1 : read error, or PR_WOULD_BLOCK_ERROR, or handleRecord error.
- * -2 : the function wants ssl_GatherRecord1stHandshake to be called again
- * immediately, by ssl_Do1stHandshake.
- *
- * This code is similar to, and easily confused with, DoRecv() in sslsecur.c
- *
- * This function is called from ssl_Do1stHandshake().
- * The following functions put ssl_GatherRecord1stHandshake into ss->handshake:
- * ssl2_HandleMessage
- * ssl2_HandleVerifyMessage
- * ssl2_HandleServerHelloMessage
- * ssl2_BeginClientHandshake
- * ssl2_HandleClientSessionKeyMessage
- * ssl2_RestartHandshakeAfterCertReq
- * ssl3_RestartHandshakeAfterCertReq
- * ssl2_RestartHandshakeAfterServerCert
- * ssl3_RestartHandshakeAfterServerCert
- * ssl2_HandleClientHelloMessage
- * ssl2_BeginServerHandshake
- */
-SECStatus
-ssl_GatherRecord1stHandshake(sslSocket *ss)
-{
- int rv;
-
- PORT_Assert((ss->sec != 0) && (ss->gather != 0));
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- ssl_GetRecvBufLock(ss);
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- /* Wait for handshake to complete, or application data to arrive. */
- rv = ssl3_GatherCompleteHandshake(ss, 0);
- } else {
- /* See if we have a complete record */
- rv = ssl2_GatherRecord(ss, 0);
- }
- SSL_TRC(10, ("%d: SSL[%d]: handshake gathering, rv=%d",
- SSL_GETPID(), ss->fd, rv));
-
- ssl_ReleaseRecvBufLock(ss);
-
- if (rv <= 0) {
- if (rv == SECWouldBlock) {
- /* Progress is blocked waiting for callback completion. */
- SSL_TRC(10, ("%d: SSL[%d]: handshake blocked (need %d)",
- SSL_GETPID(), ss->fd, ss->gather->remainder));
- return SECWouldBlock;
- }
- if (rv == 0) {
- /* EOF. Loser */
- PORT_SetError(PR_END_OF_FILE_ERROR);
- }
- return SECFailure; /* rv is < 0 here. */
- }
-
- SSL_TRC(10, ("%d: SSL[%d]: got handshake record of %d bytes",
- SSL_GETPID(), ss->fd, ss->gather->recordLen));
-
- ss->handshake = 0; /* makes ssl_Do1stHandshake call ss->nextHandshake.*/
- return SECSuccess;
-}
-
-/************************************************************************/
-
-/* Called from ssl2_ServerSetupSessionCypher()
- * ssl2_ClientSetupSessionCypher()
- */
-static SECStatus
-ssl2_FillInSID(sslSessionID * sid,
- int cipher,
- PRUint8 *keyData,
- int keyLen,
- PRUint8 *ca,
- int caLen,
- int keyBits,
- int secretKeyBits,
- SSLSignType authAlgorithm,
- PRUint32 authKeyBits,
- SSLKEAType keaType,
- PRUint32 keaKeyBits)
-{
- PORT_Assert(sid->references == 1);
- PORT_Assert(sid->cached == never_cached);
- PORT_Assert(sid->u.ssl2.masterKey.data == 0);
- PORT_Assert(sid->u.ssl2.cipherArg.data == 0);
-
- sid->version = SSL_LIBRARY_VERSION_2;
-
- sid->u.ssl2.cipherType = cipher;
- sid->u.ssl2.masterKey.data = (PRUint8*) PORT_Alloc(keyLen);
- if (!sid->u.ssl2.masterKey.data) {
- return SECFailure;
- }
- PORT_Memcpy(sid->u.ssl2.masterKey.data, keyData, keyLen);
- sid->u.ssl2.masterKey.len = keyLen;
- sid->u.ssl2.keyBits = keyBits;
- sid->u.ssl2.secretKeyBits = secretKeyBits;
- sid->authAlgorithm = authAlgorithm;
- sid->authKeyBits = authKeyBits;
- sid->keaType = keaType;
- sid->keaKeyBits = keaKeyBits;
- sid->lastAccessTime = sid->creationTime = ssl_Time();
- sid->expirationTime = sid->creationTime + ssl_sid_timeout;
-
- if (caLen) {
- sid->u.ssl2.cipherArg.data = (PRUint8*) PORT_Alloc(caLen);
- if (!sid->u.ssl2.cipherArg.data) {
- return SECFailure;
- }
- sid->u.ssl2.cipherArg.len = caLen;
- PORT_Memcpy(sid->u.ssl2.cipherArg.data, ca, caLen);
- }
- return SECSuccess;
-}
-
-/*
-** Construct session keys given the masterKey (tied to the session-id),
-** the client's challenge and the server's nonce.
-**
-** Called from ssl2_CreateSessionCypher() <-
-*/
-static SECStatus
-ssl2_ProduceKeys(sslSocket * ss,
- SECItem * readKey,
- SECItem * writeKey,
- SECItem * masterKey,
- PRUint8 * challenge,
- PRUint8 * nonce,
- int cipherType)
-{
- PK11Context * cx = 0;
- unsigned nkm = 0; /* number of hashes to generate key mat. */
- unsigned nkd = 0; /* size of readKey and writeKey. */
- unsigned part;
- unsigned i;
- unsigned off;
- SECStatus rv;
- PRUint8 countChar;
- PRUint8 km[3*16]; /* buffer for key material. */
-
- readKey->data = 0;
- writeKey->data = 0;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- rv = SECSuccess;
- cx = PK11_CreateDigestContext(SEC_OID_MD5);
- if (cx == NULL) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- return SECFailure;
- }
-
- nkm = ssl_Specs[cipherType].nkm;
- nkd = ssl_Specs[cipherType].nkd;
-
- readKey->data = (PRUint8*) PORT_Alloc(nkd);
- if (!readKey->data)
- goto loser;
- readKey->len = nkd;
-
- writeKey->data = (PRUint8*) PORT_Alloc(nkd);
- if (!writeKey->data)
- goto loser;
- writeKey->len = nkd;
-
- /* Produce key material */
- countChar = '0';
- for (i = 0, off = 0; i < nkm; i++, off += 16) {
- rv = PK11_DigestBegin(cx);
- rv |= PK11_DigestOp(cx, masterKey->data, masterKey->len);
- rv |= PK11_DigestOp(cx, &countChar, 1);
- rv |= PK11_DigestOp(cx, challenge, SSL_CHALLENGE_BYTES);
- rv |= PK11_DigestOp(cx, nonce, SSL_CONNECTIONID_BYTES);
- rv |= PK11_DigestFinal(cx, km+off, &part, MD5_LENGTH);
- if (rv != SECSuccess) {
- ssl_MapLowLevelError(SSL_ERROR_MD5_DIGEST_FAILURE);
- rv = SECFailure;
- goto loser;
- }
- countChar++;
- }
-
- /* Produce keys */
- PORT_Memcpy(readKey->data, km, nkd);
- PORT_Memcpy(writeKey->data, km + nkd, nkd);
-
-loser:
- PK11_DestroyContext(cx, PR_TRUE);
- return rv;
-}
-
-/* Called from ssl2_ServerSetupSessionCypher()
-** <- ssl2_HandleClientSessionKeyMessage()
-** <- ssl2_HandleClientHelloMessage()
-** and from ssl2_ClientSetupSessionCypher()
-** <- ssl2_HandleServerHelloMessage()
-*/
-static SECStatus
-ssl2_CreateSessionCypher(sslSocket *ss, sslSessionID *sid, PRBool isClient)
-{
- sslSecurityInfo * sec;
- sslConnectInfo * ci;
- SECItem * rk;
- SECItem * wk;
- SECItem * param;
- SECStatus rv;
- int cipherType = sid->u.ssl2.cipherType;
- PK11SlotInfo * slot = NULL;
- CK_MECHANISM_TYPE mechanism;
- SECItem readKey;
- SECItem writeKey;
-
- void *readcx = 0;
- void *writecx = 0;
- readKey.data = 0;
- writeKey.data = 0;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
- if((ss->sec == 0) || (ss->sec->ci.sid == 0))
- goto sec_loser; /* don't crash if asserts are off */
-
- /* Trying to cut down on all these switch statements that should be tables.
- * So, test cipherType once, here, and then use tables below.
- */
- switch (cipherType) {
- case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
- case SSL_CK_RC4_128_WITH_MD5:
- case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
- case SSL_CK_RC2_128_CBC_WITH_MD5:
- case SSL_CK_DES_64_CBC_WITH_MD5:
- case SSL_CK_DES_192_EDE3_CBC_WITH_MD5:
- break;
-
- default:
- SSL_DBG(("%d: SSL[%d]: ssl2_CreateSessionCypher: unknown cipher=%d",
- SSL_GETPID(), ss->fd, cipherType));
- PORT_SetError(isClient ? SSL_ERROR_BAD_SERVER : SSL_ERROR_BAD_CLIENT);
- goto loser;
- }
-
- sec = ss->sec;
- ci = &sec->ci;
- rk = isClient ? &readKey : &writeKey;
- wk = isClient ? &writeKey : &readKey;
-
- /* Produce the keys for this session */
- rv = ssl2_ProduceKeys(ss, &readKey, &writeKey, &sid->u.ssl2.masterKey,
- ci->clientChallenge, ci->connectionID,
- cipherType);
- if (rv != SECSuccess)
- goto loser;
- PRINT_BUF(7, (ss, "Session read-key: ", rk->data, rk->len));
- PRINT_BUF(7, (ss, "Session write-key: ", wk->data, wk->len));
-
- PORT_Memcpy(ci->readKey, readKey.data, readKey.len);
- PORT_Memcpy(ci->writeKey, writeKey.data, writeKey.len);
- ci->keySize = readKey.len;
-
- /* Setup the MAC */
- rv = ssl2_CreateMAC(sec, rk, wk, cipherType);
- if (rv != SECSuccess)
- goto loser;
-
- /* First create the session key object */
- SSL_TRC(3, ("%d: SSL[%d]: using %s", SSL_GETPID(), ss->fd,
- ssl_cipherName[cipherType]));
-
-
- mechanism = ssl_Specs[cipherType].mechanism;
-
- /* set destructer before we call loser... */
- sec->destroy = (void (*)(void*, PRBool)) PK11_DestroyContext;
- slot = PK11_GetBestSlot(mechanism, ss->pkcs11PinArg);
- if (slot == NULL)
- goto loser;
-
- param = PK11_ParamFromIV(mechanism, &sid->u.ssl2.cipherArg);
- if (param == NULL)
- goto loser;
- readcx = PK11_CreateContextByRawKey(slot, mechanism, PK11_OriginUnwrap,
- CKA_DECRYPT, rk, param,
- ss->pkcs11PinArg);
- SECITEM_FreeItem(param, PR_TRUE);
- if (readcx == NULL)
- goto loser;
-
- /* build the client context */
- param = PK11_ParamFromIV(mechanism, &sid->u.ssl2.cipherArg);
- if (param == NULL)
- goto loser;
- writecx = PK11_CreateContextByRawKey(slot, mechanism, PK11_OriginUnwrap,
- CKA_ENCRYPT, wk, param,
- ss->pkcs11PinArg);
- SECITEM_FreeItem(param,PR_TRUE);
- if (writecx == NULL)
- goto loser;
- PK11_FreeSlot(slot);
-
- rv = SECSuccess;
- sec->enc = (SSLCipher) PK11_CipherOp;
- sec->dec = (SSLCipher) PK11_CipherOp;
- sec->readcx = (void *) readcx;
- sec->writecx = (void *) writecx;
- sec->blockSize = ssl_Specs[cipherType].blockSize;
- sec->blockShift = ssl_Specs[cipherType].blockShift;
- sec->cipherType = sid->u.ssl2.cipherType;
- sec->keyBits = sid->u.ssl2.keyBits;
- sec->secretKeyBits = sid->u.ssl2.secretKeyBits;
- goto done;
-
- loser:
- if (sec->destroy) {
- if (readcx) (*sec->destroy)(readcx, PR_TRUE);
- if (writecx) (*sec->destroy)(writecx, PR_TRUE);
- }
- sec->destroy = NULL;
- if (slot) PK11_FreeSlot(slot);
-
- sec_loser:
- rv = SECFailure;
-
- done:
- SECITEM_ZfreeItem(rk, PR_FALSE);
- SECITEM_ZfreeItem(wk, PR_FALSE);
- return rv;
-}
-
-/*
-** Setup the server ciphers given information from a CLIENT-MASTER-KEY
-** message.
-** "ss" pointer to the ssl-socket object
-** "cipher" the cipher type to use
-** "keyBits" the size of the final cipher key
-** "ck" the clear-key data
-** "ckLen" the number of bytes of clear-key data
-** "ek" the encrypted-key data
-** "ekLen" the number of bytes of encrypted-key data
-** "ca" the cipher-arg data
-** "caLen" the number of bytes of cipher-arg data
-**
-** The MASTER-KEY is constructed by first decrypting the encrypted-key
-** data. This produces the SECRET-KEY-DATA. The MASTER-KEY is composed by
-** concatenating the clear-key data with the SECRET-KEY-DATA. This code
-** checks to make sure that the client didn't send us an improper amount
-** of SECRET-KEY-DATA (it restricts the length of that data to match the
-** spec).
-**
-** Called from ssl2_HandleClientSessionKeyMessage().
-*/
-static SECStatus
-ssl2_ServerSetupSessionCypher(sslSocket *ss, int cipher, unsigned int keyBits,
- PRUint8 *ck, unsigned int ckLen,
- PRUint8 *ek, unsigned int ekLen,
- PRUint8 *ca, unsigned int caLen)
-{
- PRUint8 *kk;
- sslSecurityInfo * sec;
- sslSessionID * sid;
- PRUint8 * kbuf = 0; /* buffer for RSA decrypted data. */
- unsigned int el1; /* length of RSA decrypted data in kbuf */
- unsigned int keySize;
- unsigned int modulusLen;
- SECStatus rv;
- PRUint8 mkbuf[SSL_MAX_MASTER_KEY_BYTES];
- sslServerCerts * sc = ss->serverCerts + kt_rsa;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert((ss->sec != 0) && (sc->serverKey != 0));
- sec = ss->sec;
- PORT_Assert((sec->ci.sid != 0));
- sid = sec->ci.sid;
-
- keySize = (keyBits + 7) >> 3;
- /* Is the message just way too big? */
- if (keySize > SSL_MAX_MASTER_KEY_BYTES) {
- /* bummer */
- SSL_DBG(("%d: SSL[%d]: keySize=%d ckLen=%d max session key size=%d",
- SSL_GETPID(), ss->fd, keySize, ckLen,
- SSL_MAX_MASTER_KEY_BYTES));
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto loser;
- }
-
-
- /* Trying to cut down on all these switch statements that should be tables.
- * So, test cipherType once, here, and then use tables below.
- */
- switch (cipher) {
- case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
- case SSL_CK_RC4_128_WITH_MD5:
- case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
- case SSL_CK_RC2_128_CBC_WITH_MD5:
- case SSL_CK_DES_64_CBC_WITH_MD5:
- case SSL_CK_DES_192_EDE3_CBC_WITH_MD5:
- break;
-
- default:
- SSL_DBG(("%d: SSL[%d]: ssl2_ServerSetupSessionCypher: unknown cipher=%d",
- SSL_GETPID(), ss->fd, cipher));
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto loser;
- }
-
- /* For export ciphers, make sure they didn't send too much key data. */
- if (ckLen != ssl_Specs[cipher].pubLen) {
- SSL_DBG(("%d: SSL[%d]: odd secret key size, keySize=%d ckLen=%d!",
- SSL_GETPID(), ss->fd, keySize, ckLen));
- /* Somebody tried to sneak by a strange secret key */
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto loser;
- }
-
- /* allocate the buffer to hold the decrypted portion of the key. */
- /* XXX Haven't done any range check on ekLen. */
- kbuf = (PRUint8*) PORT_Alloc(ekLen);
- if (!kbuf) {
- goto loser;
- }
-
- /*
- ** Decrypt encrypted half of the key. Note that encrypted half has
- ** been made to match the modulus size of our public key using
- ** PKCS#1. keySize is the real size of the data that is interesting.
- ** NOTE: PK11_PubDecryptRaw will barf on a non-RSA key. This is
- ** desired behavior here.
- */
- rv = PK11_PubDecryptRaw(sc->serverKey, kbuf, &el1, ekLen, ek, ekLen);
- if (rv != SECSuccess)
- goto hide_loser;
-
- modulusLen = PK11_GetPrivateModulusLen(sc->serverKey);
- if (modulusLen == -1) {
- /* If the key was really bad, then PK11_pubDecryptRaw
- * would have failed, therefore the we must assume that the card
- * is just being a pain and not giving us the modulus... but it
- * should be the same size as the encrypted key length, so use it
- * and keep cranking */
- modulusLen = ekLen;
- }
- /* Is the length of the decrypted data (el1) the expected value? */
- if (modulusLen != el1)
- goto hide_loser;
-
- /* Cheaply verify that PKCS#1 was used to format the encryption block */
- kk = kbuf + modulusLen - (keySize - ckLen);
- if ((kbuf[0] != 0x00) || (kbuf[1] != 0x02) || (kk[-1] != 0x00)) {
- /* Tsk tsk. */
- SSL_DBG(("%d: SSL[%d]: strange encryption block",
- SSL_GETPID(), ss->fd));
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto hide_loser;
- }
-
- /* Make sure we're not subject to a version rollback attack. */
- if (ss->enableSSL3 || ss->enableTLS) {
- PRUint8 threes[8] = { 0x03, 0x03, 0x03, 0x03,
- 0x03, 0x03, 0x03, 0x03 };
-
- if (PORT_Memcmp(kk - 8 - 1, threes, 8) == 0) {
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- goto hide_loser;
- }
- }
- if (0) {
-hide_loser:
- /* Defense against the Bleichenbacher attack.
- * Provide the client with NO CLUES that the decrypted master key
- * was erroneous. Don't send any error messages.
- * Instead, Generate a completely bogus master key .
- */
- PK11_GenerateRandom(kbuf, ekLen);
- }
-
- /*
- ** Construct master key out of the pieces.
- */
- if (ckLen) {
- PORT_Memcpy(mkbuf, ck, ckLen);
- }
- PORT_Memcpy(mkbuf+ckLen, kk, keySize-ckLen);
-
- /* Fill in session-id */
- rv = ssl2_FillInSID(sid, cipher, mkbuf, keySize, ca, caLen,
- keyBits, keyBits - (ckLen<<3),
- sec->authAlgorithm, sec->authKeyBits,
- sec->keaType, sec->keaKeyBits);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* Create session ciphers */
- rv = ssl2_CreateSessionCypher(ss, sid, PR_FALSE);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- SSL_TRC(1, ("%d: SSL[%d]: server, using %s cipher, clear=%d total=%d",
- SSL_GETPID(), ss->fd, ssl_cipherName[cipher],
- ckLen<<3, keySize<<3));
- rv = SECSuccess;
- goto done;
-
- loser:
- rv = SECFailure;
-
- done:
- PORT_Free(kbuf);
- return rv;
-}
-
-/************************************************************************/
-
-/*
-** Rewrite the incoming cipher specs, comparing to list of specs we support,
-** (ss->cipherSpecs) and eliminating anything we don't support
-**
-* Note: Our list may contain SSL v3 ciphers.
-* We MUST NOT match on any of those.
-* Fortunately, this is easy to detect because SSLv3 ciphers have zero
-* in the first byte, and none of the SSLv2 ciphers do.
-*
-* Called from ssl2_HandleClientHelloMessage().
-*/
-static int
-ssl2_QualifyCypherSpecs(sslSocket *ss,
- PRUint8 * cs, /* cipher specs in client hello msg. */
- int csLen)
-{
- PRUint8 * ms;
- PRUint8 * hs;
- PRUint8 * qs;
- int mc;
- int hc;
- PRUint8 qualifiedSpecs[ssl2_NUM_SUITES_IMPLEMENTED * 3];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- if (!ss->cipherSpecs) {
- ssl2_ConstructCipherSpecs(ss);
- }
-
- PRINT_BUF(10, (ss, "specs from client:", cs, csLen));
- qs = qualifiedSpecs;
- ms = ss->cipherSpecs;
- for (mc = ss->sizeCipherSpecs; mc > 0; mc -= 3, ms += 3) {
- if (ms[0] == 0)
- continue;
- for (hs = cs, hc = csLen; hc > 0; hs += 3, hc -= 3) {
- if ((hs[0] == ms[0]) &&
- (hs[1] == ms[1]) &&
- (hs[2] == ms[2])) {
- /* Copy this cipher spec into the "keep" section */
- qs[0] = hs[0];
- qs[1] = hs[1];
- qs[2] = hs[2];
- qs += 3;
- break;
- }
- }
- }
- hc = qs - qualifiedSpecs;
- PRINT_BUF(10, (ss, "qualified specs from client:", qualifiedSpecs, hc));
- PORT_Memcpy(cs, qualifiedSpecs, hc);
- return hc;
-}
-
-/*
-** Pick the best cipher we can find, given the array of server cipher
-** specs. Returns cipher number (e.g. SSL_CK_*), or -1 for no overlap.
-** If succesful, stores the master key size (bytes) in *pKeyLen.
-**
-** This is correct only for the client side, but presently
-** this function is only called from
-** ssl2_ClientSetupSessionCypher() <- ssl2_HandleServerHelloMessage()
-**
-** Note that most servers only return a single cipher suite in their
-** ServerHello messages. So, the code below for finding the "best" cipher
-** suite usually has only one choice. The client and server should send
-** their cipher suite lists sorted in descending order by preference.
-*/
-static int
-ssl2_ChooseSessionCypher(sslSocket *ss,
- int hc, /* number of cs's in hs. */
- PRUint8 * hs, /* server hello's cipher suites. */
- int * pKeyLen) /* out: sym key size in bytes. */
-{
- PRUint8 * ms;
- unsigned int i;
- int bestKeySize;
- int bestRealKeySize;
- int bestCypher;
- int keySize;
- int realKeySize;
- PRUint8 * ohs = hs;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- if (!ss->cipherSpecs) {
- ssl2_ConstructCipherSpecs(ss);
- }
-
- if (!ss->preferredCipher) {
- const PRUint8 * preferred = implementedCipherSuites;
- unsigned int allowed = ss->allowedByPolicy & ss->chosenPreference &
- SSL_CB_IMPLEMENTED;
- if (allowed) {
- for (i = ssl2_NUM_SUITES_IMPLEMENTED; i > 0; --i) {
- if (0 != (allowed & (1U << preferred[0]))) {
- ss->preferredCipher = preferred;
- break;
- }
- preferred += 3;
- }
- }
- }
- /*
- ** Scan list of ciphers recieved from peer and look for a match in
- ** our list.
- * Note: Our list may contain SSL v3 ciphers.
- * We MUST NOT match on any of those.
- * Fortunately, this is easy to detect because SSLv3 ciphers have zero
- * in the first byte, and none of the SSLv2 ciphers do.
- */
- bestKeySize = bestRealKeySize = 0;
- bestCypher = -1;
- while (--hc >= 0) {
- for (i = 0, ms = ss->cipherSpecs; i < ss->sizeCipherSpecs; i += 3, ms += 3) {
- if ((hs[0] == ss->preferredCipher[0]) &&
- (hs[1] == ss->preferredCipher[1]) &&
- (hs[2] == ss->preferredCipher[2]) &&
- hs[0] != 0) {
- /* Pick this cipher immediately! */
- *pKeyLen = (((hs[1] << 8) | hs[2]) + 7) >> 3;
- return hs[0];
- }
- if ((hs[0] == ms[0]) && (hs[1] == ms[1]) && (hs[2] == ms[2]) &&
- hs[0] != 0) {
- /* Found a match */
-
- /* Use secret keySize to determine which cipher is best */
- realKeySize = (hs[1] << 8) | hs[2];
- switch (hs[0]) {
- case SSL_CK_RC4_128_EXPORT40_WITH_MD5:
- case SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5:
- keySize = 40;
- break;
- default:
- keySize = realKeySize;
- break;
- }
- if (keySize > bestKeySize) {
- bestCypher = hs[0];
- bestKeySize = keySize;
- bestRealKeySize = realKeySize;
- }
- }
- }
- hs += 3;
- }
- if (bestCypher < 0) {
- /*
- ** No overlap between server and client. Re-examine server list
- ** to see what kind of ciphers it does support so that we can set
- ** the error code appropriately.
- */
- if ((ohs[0] == SSL_CK_RC4_128_WITH_MD5) ||
- (ohs[0] == SSL_CK_RC2_128_CBC_WITH_MD5)) {
- PORT_SetError(SSL_ERROR_US_ONLY_SERVER);
- } else if ((ohs[0] == SSL_CK_RC4_128_EXPORT40_WITH_MD5) ||
- (ohs[0] == SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5)) {
- PORT_SetError(SSL_ERROR_EXPORT_ONLY_SERVER);
- } else {
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- }
- SSL_DBG(("%d: SSL[%d]: no cipher overlap", SSL_GETPID(), ss->fd));
- goto loser;
- }
- *pKeyLen = (bestRealKeySize + 7) >> 3;
- return bestCypher;
-
- loser:
- return -1;
-}
-
-static SECStatus
-ssl2_ClientHandleServerCert(sslSocket *ss, PRUint8 *certData, int certLen)
-{
- CERTCertificate *cert = NULL;
- SECItem certItem;
-
- PORT_Assert(ss->sec != 0);
-
- certItem.data = certData;
- certItem.len = certLen;
-
- /* decode the certificate */
- cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
- PR_FALSE, PR_TRUE);
-
- if (cert == NULL) {
- SSL_DBG(("%d: SSL[%d]: decode of server certificate fails",
- SSL_GETPID(), ss->fd));
- PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
- return SECFailure;
- }
-
-#ifdef TRACE
- {
- if (ssl_trace >= 1) {
- char *issuer;
- char *subject;
- issuer = CERT_NameToAscii(&cert->issuer);
- subject = CERT_NameToAscii(&cert->subject);
- SSL_TRC(1,("%d: server certificate issuer: '%s'",
- SSL_GETPID(), issuer ? issuer : "OOPS"));
- SSL_TRC(1,("%d: server name: '%s'",
- SSL_GETPID(), subject ? subject : "OOPS"));
- PORT_Free(issuer);
- PORT_Free(subject);
- }
- }
-#endif
-
- ss->sec->peerCert = cert;
- return SECSuccess;
-}
-
-
-/*
- * Format one block of data for public/private key encryption using
- * the rules defined in PKCS #1. SSL2 does this itself to handle the
- * rollback detection.
- */
-#define RSA_BLOCK_MIN_PAD_LEN 8
-#define RSA_BLOCK_FIRST_OCTET 0x00
-#define RSA_BLOCK_AFTER_PAD_OCTET 0x00
-#define RSA_BLOCK_PUBLIC_OCTET 0x02
-unsigned char *
-ssl_FormatSSL2Block(unsigned modulusLen, SECItem *data)
-{
- unsigned char *block;
- unsigned char *bp;
- int padLen;
- SECStatus rv;
- int i;
-
- PORT_Assert (data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
- block = (unsigned char *) PORT_Alloc(modulusLen);
- if (block == NULL)
- return NULL;
-
- bp = block;
-
- /*
- * All RSA blocks start with two octets:
- * 0x00 || BlockType
- */
- *bp++ = RSA_BLOCK_FIRST_OCTET;
- *bp++ = RSA_BLOCK_PUBLIC_OCTET;
-
- /*
- * 0x00 || BT || Pad || 0x00 || ActualData
- * 1 1 padLen 1 data->len
- * Pad is all non-zero random bytes.
- */
- padLen = modulusLen - data->len - 3;
- PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
- rv = PK11_GenerateRandom(bp, padLen);
- if (rv == SECFailure) goto loser;
- /* replace all the 'zero' bytes */
- for (i = 0; i < padLen; i++) {
- while (bp[i] == RSA_BLOCK_AFTER_PAD_OCTET) {
- rv = PK11_GenerateRandom(bp+i, 1);
- if (rv == SECFailure) goto loser;
- }
- }
- bp += padLen;
- *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
- PORT_Memcpy (bp, data->data, data->len);
-
- return block;
-loser:
- if (block) PORT_Free(block);
- return NULL;
-}
-
-/*
-** Given the server's public key and cipher specs, generate a session key
-** that is ready to use for encrypting/decrypting the byte stream. At
-** the same time, generate the SSL_MT_CLIENT_MASTER_KEY message and
-** send it to the server.
-**
-** Called from ssl2_HandleServerHelloMessage()
-*/
-static SECStatus
-ssl2_ClientSetupSessionCypher(sslSocket *ss, PRUint8 *cs, int csLen)
-{
- sslSessionID * sid;
- sslSecurityInfo * sec;
- PRUint8 * ca; /* points to iv data, or NULL if none. */
- PRUint8 * ekbuf = 0;
- CERTCertificate * cert = 0;
- SECKEYPublicKey * serverKey = 0;
- unsigned modulusLen = 0;
- SECStatus rv;
- int cipher;
- int keyLen; /* cipher symkey size in bytes. */
- int ckLen; /* publicly reveal this many bytes of key. */
- int caLen; /* length of IV data at *ca. */
- int nc;
-
- unsigned char *eblock; /* holds unencrypted PKCS#1 formatted key. */
- SECItem rek; /* holds portion of symkey to be encrypted. */
-
- PRUint8 keyData[SSL_MAX_MASTER_KEY_BYTES];
- PRUint8 iv [8];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- eblock = NULL;
-
- sec = ss->sec;
- sid = sec->ci.sid;
- PORT_Assert(sid != 0);
-
- cert = sec->peerCert;
-
- serverKey = CERT_ExtractPublicKey(cert);
- if (!serverKey) {
- SSL_DBG(("%d: SSL[%d]: extract public key failed: error=%d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- PORT_SetError(SSL_ERROR_BAD_CERTIFICATE);
- rv = SECFailure;
- goto loser2;
- }
-
- sec->authAlgorithm = ssl_sign_rsa;
- sec->keaType = ssl_kea_rsa;
- sec->keaKeyBits = \
- sec->authKeyBits = SECKEY_PublicKeyStrength(serverKey) * BPB;
-
- /* Choose a compatible cipher with the server */
- nc = csLen / 3;
- cipher = ssl2_ChooseSessionCypher(ss, nc, cs, &keyLen);
- if (cipher < 0) {
- /* ssl2_ChooseSessionCypher has set error code. */
- ssl2_SendErrorMessage(ss, SSL_PE_NO_CYPHERS);
- goto loser;
- }
-
- /* Generate the random keys */
- PK11_GenerateRandom(keyData, sizeof(keyData));
-
- /*
- ** Next, carve up the keys into clear and encrypted portions. The
- ** clear data is taken from the start of keyData and the encrypted
- ** portion from the remainder. Note that each of these portions is
- ** carved in half, one half for the read-key and one for the
- ** write-key.
- */
- ca = 0;
-
- /* We know that cipher is a legit value here, because
- * ssl2_ChooseSessionCypher doesn't return bogus values.
- */
- ckLen = ssl_Specs[cipher].pubLen; /* cleartext key length. */
- caLen = ssl_Specs[cipher].ivLen; /* IV length. */
- if (caLen) {
- PORT_Assert(sizeof iv >= caLen);
- PK11_GenerateRandom(iv, caLen);
- ca = iv;
- }
-
- /* Fill in session-id */
- rv = ssl2_FillInSID(sid, cipher, keyData, keyLen,
- ca, caLen, keyLen << 3, (keyLen - ckLen) << 3,
- sec->authAlgorithm, sec->authKeyBits,
- sec->keaType, sec->keaKeyBits);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- SSL_TRC(1, ("%d: SSL[%d]: client, using %s cipher, clear=%d total=%d",
- SSL_GETPID(), ss->fd, ssl_cipherName[cipher],
- ckLen<<3, keyLen<<3));
-
- /* Now setup read and write ciphers */
- rv = ssl2_CreateSessionCypher(ss, sid, PR_TRUE);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /*
- ** Fill in the encryption buffer with some random bytes. Then
- ** copy in the portion of the session key we are encrypting.
- */
- modulusLen = SECKEY_PublicKeyStrength(serverKey);
- rek.data = keyData + ckLen;
- rek.len = keyLen - ckLen;
- eblock = ssl_FormatSSL2Block(modulusLen, &rek);
- if (eblock == NULL)
- goto loser;
-
- /* Set up the padding for version 2 rollback detection. */
- /* XXX We should really use defines here */
- if (ss->enableSSL3 || ss->enableTLS) {
- PORT_Assert((modulusLen - rek.len) > 12);
- PORT_Memset(eblock + modulusLen - rek.len - 8 - 1, 0x03, 8);
- }
- ekbuf = (PRUint8*) PORT_Alloc(modulusLen);
- if (!ekbuf)
- goto loser;
- PRINT_BUF(10, (ss, "master key encryption block:",
- eblock, modulusLen));
-
- /* Encrypt ekitem */
- rv = PK11_PubEncryptRaw(serverKey, ekbuf, eblock, modulusLen,
- ss->pkcs11PinArg);
- if (rv)
- goto loser;
-
- /* Now we have everything ready to send */
- rv = ssl2_SendSessionKeyMessage(ss, cipher, keyLen << 3, ca, caLen,
- keyData, ckLen, ekbuf, modulusLen);
- if (rv != SECSuccess) {
- goto loser;
- }
- rv = SECSuccess;
- goto done;
-
- loser:
- rv = SECFailure;
-
- loser2:
- done:
- PORT_Memset(keyData, 0, sizeof(keyData));
- PORT_ZFree(ekbuf, modulusLen);
- PORT_ZFree(eblock, modulusLen);
- SECKEY_DestroyPublicKey(serverKey);
- return rv;
-}
-
-/************************************************************************/
-
-/*
- * Called from ssl2_HandleMessage in response to SSL_MT_SERVER_FINISHED message.
- * Caller holds recvBufLock and handshakeLock
- */
-static void
-ssl2_ClientRegSessionID(sslSocket *ss, PRUint8 *s)
-{
- sslSecurityInfo *sec;
- sslSessionID *sid;
-
- PORT_Assert((ss->sec != 0));
- sec = ss->sec;
- sid = sec->ci.sid;
-
- /* Record entry in nonce cache */
- if (sid->peerCert == NULL) {
- PORT_Memcpy(sid->u.ssl2.sessionID, s, sizeof(sid->u.ssl2.sessionID));
- sid->peerCert = CERT_DupCertificate(sec->peerCert);
-
- }
- if (!ss->noCache)
- (*sec->cache)(sid);
-}
-
-/* Called from ssl2_HandleMessage() */
-static SECStatus
-ssl2_TriggerNextMessage(sslSocket *ss)
-{
- sslConnectInfo * ci;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- ci = &ss->sec->ci;
-
- if ((ci->requiredElements & CIS_HAVE_CERTIFICATE) &&
- !(ci->sentElements & CIS_HAVE_CERTIFICATE)) {
- ci->sentElements |= CIS_HAVE_CERTIFICATE;
- rv = ssl2_SendCertificateRequestMessage(ss);
- return rv;
- }
- return SECSuccess;
-}
-
-/* See if it's time to send our finished message, or if the handshakes are
-** complete. Send finished message if appropriate.
-** Returns SECSuccess unless anything goes wrong.
-**
-** Called from ssl2_HandleMessage,
-** ssl2_HandleVerifyMessage
-** ssl2_HandleServerHelloMessage
-** ssl2_HandleClientSessionKeyMessage
-** ssl2_RestartHandshakeAfterCertReq
-** ssl2_RestartHandshakeAfterServerCert
-*/
-static SECStatus
-ssl2_TryToFinish(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo * ci;
- SECStatus rv;
- char e, ef;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- sec = ss->sec;
- ci = &sec->ci;
-
- e = ci->elements;
- ef = e | CIS_HAVE_FINISHED;
- if ((ef & ci->requiredElements) == ci->requiredElements) {
- if (sec->isServer) {
- /* Send server finished message if we already didn't */
- rv = ssl2_SendServerFinishedMessage(ss);
- } else {
- /* Send client finished message if we already didn't */
- rv = ssl2_SendClientFinishedMessage(ss);
- }
- if (rv != SECSuccess) {
- return rv;
- }
- if ((e & ci->requiredElements) == ci->requiredElements) {
- /* Totally finished */
- ss->handshake = 0;
- return SECSuccess;
- }
- }
- return SECSuccess;
-}
-
-/*
-** Called from ssl2_HandleRequestCertificate
-** ssl2_RestartHandshakeAfterCertReq
-*/
-static SECStatus
-ssl2_SignResponse(sslSocket *ss,
- SECKEYPrivateKey *key,
- SECItem *response)
-{
- SGNContext * sgn = NULL;
- sslConnectInfo * ci;
- sslSecurityInfo *sec;
- PRUint8 * challenge;
- unsigned int len;
- SECStatus rv = SECFailure;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- sec = ss->sec;
- ci = &sec->ci;
- challenge = ci->serverChallenge;
- len = ci->serverChallengeLen;
-
- /* Sign the expected data... */
- sgn = SGN_NewContext(SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION,key);
- if (!sgn)
- goto done;
- rv = SGN_Begin(sgn);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_Update(sgn, ci->readKey, ci->keySize);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_Update(sgn, ci->writeKey, ci->keySize);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_Update(sgn, challenge, len);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_Update(sgn,
- sec->peerCert->derCert.data, sec->peerCert->derCert.len);
- if (rv != SECSuccess)
- goto done;
- rv = SGN_End(sgn, response);
- if (rv != SECSuccess)
- goto done;
-
-done:
- SGN_DestroyContext(sgn, PR_TRUE);
- return rv == SECSuccess ? SECSuccess : SECFailure;
-}
-
-/*
-** Try to handle a request-certificate message. Get client's certificate
-** and private key and sign a message for the server to see.
-** Caller must hold handshakeLock
-**
-** Called from ssl2_HandleMessage().
-*/
-static int
-ssl2_HandleRequestCertificate(sslSocket *ss)
-{
- CERTCertificate * cert = NULL; /* app-selected client cert. */
- SECKEYPrivateKey *key = NULL; /* priv key for cert. */
- SECStatus rv;
- SECItem response;
- int ret = 0;
- PRUint8 authType;
-
-
- /*
- * These things all need to be initialized before we can "goto loser".
- */
- response.data = NULL;
-
- PORT_Assert((ss->sec != 0));
- if (!ss->sec) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
-
- /* get challenge info from connectionInfo */
- authType = ss->sec->ci.authType;
-
- if (authType != SSL_AT_MD5_WITH_RSA_ENCRYPTION) {
- SSL_TRC(7, ("%d: SSL[%d]: unsupported auth type 0x%x", SSL_GETPID(),
- ss->fd, authType));
- goto no_cert_error;
- }
-
- /* Get certificate and private-key from client */
- if (!ss->getClientAuthData) {
- SSL_TRC(7, ("%d: SSL[%d]: client doesn't support client-auth",
- SSL_GETPID(), ss->fd));
- goto no_cert_error;
- }
- ret = (*ss->getClientAuthData)(ss->getClientAuthDataArg, ss->fd,
- NULL, &cert, &key);
- if ( ret == SECWouldBlock ) {
- ssl_SetAlwaysBlock(ss);
- goto done;
- }
-
- if (ret) {
- goto no_cert_error;
- }
-
- rv = ssl2_SignResponse(ss, key, &response);
- if ( rv != SECSuccess ) {
- ret = -1;
- goto loser;
- }
-
- /* Send response message */
- ret = ssl2_SendCertificateResponseMessage(ss, &cert->derCert, &response);
-
- /* Now, remember the cert we sent. But first, forget any previous one. */
- if (ss->sec->localCert) {
- CERT_DestroyCertificate(ss->sec->localCert);
- }
- ss->sec->localCert = CERT_DupCertificate(cert);
- PORT_Assert(!ss->sec->ci.sid->localCert);
- if (ss->sec->ci.sid->localCert) {
- CERT_DestroyCertificate(ss->sec->ci.sid->localCert);
- }
- ss->sec->ci.sid->localCert = cert;
- cert = NULL;
-
- goto done;
-
- no_cert_error:
- SSL_TRC(7, ("%d: SSL[%d]: no certificate (ret=%d)", SSL_GETPID(),
- ss->fd, ret));
- ret = ssl2_SendErrorMessage(ss, SSL_PE_NO_CERTIFICATE);
-
- loser:
- done:
- if ( cert ) {
- CERT_DestroyCertificate(cert);
- }
- if ( key ) {
- SECKEY_DestroyPrivateKey(key);
- }
- if ( response.data ) {
- PORT_Free(response.data);
- }
-
- return ret;
-}
-
-/*
-** Called from ssl2_HandleMessage for SSL_MT_CLIENT_CERTIFICATE message.
-** Caller must hold HandshakeLock and RecvBufLock, since cd and response
-** are contained in the gathered input data.
-*/
-static SECStatus
-ssl2_HandleClientCertificate(sslSocket * ss,
- PRUint8 certType, /* XXX unused */
- PRUint8 * cd,
- unsigned int cdLen,
- PRUint8 * response,
- unsigned int responseLen)
-{
- sslSecurityInfo *sec = ss->sec;
- sslConnectInfo * ci;
- CERTCertificate *cert = NULL;
- SECKEYPublicKey *pubKey = NULL;
- VFYContext * vfy = NULL;
- SECItem * derCert;
- SECStatus rv = SECFailure;
- SECItem certItem;
- SECItem rep;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- /* Extract the certificate */
- certItem.data = cd;
- certItem.len = cdLen;
-
- cert = CERT_NewTempCertificate(ss->dbHandle, &certItem, NULL,
- PR_FALSE, PR_TRUE);
- if (cert == NULL) {
- goto loser;
- }
-
- /* save the certificate, since the auth routine will need it */
- sec->peerCert = cert;
-
- /* Extract the public key */
- pubKey = CERT_ExtractPublicKey(cert);
- if (!pubKey)
- goto loser;
-
- /* Verify the response data... */
- rep.data = response;
- rep.len = responseLen;
- /* SSL 2.0 only supports RSA certs, so we don't have to worry about
- * DSA here. */
- vfy = VFY_CreateContext(pubKey, &rep, SEC_OID_PKCS1_RSA_ENCRYPTION,
- ss->pkcs11PinArg);
- if (!vfy)
- goto loser;
- rv = VFY_Begin(vfy);
- if (rv)
- goto loser;
-
- ci = &sec->ci;
- rv = VFY_Update(vfy, ci->readKey, ci->keySize);
- if (rv)
- goto loser;
- rv = VFY_Update(vfy, ci->writeKey, ci->keySize);
- if (rv)
- goto loser;
- rv = VFY_Update(vfy, ci->serverChallenge, SSL_CHALLENGE_BYTES);
- if (rv)
- goto loser;
-
- derCert = &ss->serverCerts[kt_rsa].serverCert->derCert;
- rv = VFY_Update(vfy, derCert->data, derCert->len);
- if (rv)
- goto loser;
- rv = VFY_End(vfy);
- if (rv)
- goto loser;
-
- /* Now ask the server application if it likes the certificate... */
- rv = (SECStatus) (*ss->authCertificate)(ss->authCertificateArg,
- ss->fd, PR_TRUE, PR_TRUE);
- /* Hey, it liked it. */
- if (SECSuccess == rv)
- goto done;
-
-loser:
- sec->peerCert = NULL;
- CERT_DestroyCertificate(cert);
-
-done:
- VFY_DestroyContext(vfy, PR_TRUE);
- SECKEY_DestroyPublicKey(pubKey);
- return rv;
-}
-
-/*
-** Handle remaining messages between client/server. Process finished
-** messages from either side and any authentication requests.
-** This should only be called for SSLv2 handshake messages,
-** not for application data records.
-** Caller must hold handshake lock.
-**
-** Called from ssl_Do1stHandshake().
-**
-*/
-static SECStatus
-ssl2_HandleMessage(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo * ci;
- sslGather * gs;
- PRUint8 * data;
- PRUint8 * cid;
- unsigned len, certType, certLen, responseLen;
- int rv;
- int rv2;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0) && (ss->gather != 0));
-
- ssl_GetRecvBufLock(ss);
- sec = ss->sec;
- gs = ss->gather;
- ci = &sec->ci;
-
- data = gs->buf.buf + gs->recordOffset;
-
- if (gs->recordLen < 1) {
- goto bad_peer;
- }
- SSL_TRC(3, ("%d: SSL[%d]: received %d message",
- SSL_GETPID(), ss->fd, data[0]));
- DUMP_MSG(29, (ss, data, gs->recordLen));
-
- switch (data[0]) {
- case SSL_MT_CLIENT_FINISHED:
- if (ci->elements & CIS_HAVE_FINISHED) {
- SSL_DBG(("%d: SSL[%d]: dup client-finished message",
- SSL_GETPID(), ss->fd));
- goto bad_peer;
- }
-
- /* See if nonce matches */
- len = gs->recordLen - 1;
- cid = data + 1;
- if ((len != sizeof(ci->connectionID)) ||
- (PORT_Memcmp(ci->connectionID, cid, len) != 0)) {
- SSL_DBG(("%d: SSL[%d]: bad connection-id", SSL_GETPID(), ss->fd));
- PRINT_BUF(5, (ss, "sent connection-id",
- ci->connectionID, sizeof(ci->connectionID)));
- PRINT_BUF(5, (ss, "rcvd connection-id", cid, len));
- goto bad_peer;
- }
-
- SSL_TRC(5, ("%d: SSL[%d]: got client finished, waiting for 0x%d",
- SSL_GETPID(), ss->fd, ci->requiredElements ^ ci->elements));
- ci->elements |= CIS_HAVE_FINISHED;
- break;
-
- case SSL_MT_SERVER_FINISHED:
- if (ci->elements & CIS_HAVE_FINISHED) {
- SSL_DBG(("%d: SSL[%d]: dup server-finished message",
- SSL_GETPID(), ss->fd));
- goto bad_peer;
- }
-
- if (gs->recordLen - 1 != SSL2_SESSIONID_BYTES) {
- SSL_DBG(("%d: SSL[%d]: bad server-finished message, len=%d",
- SSL_GETPID(), ss->fd, gs->recordLen));
- goto bad_peer;
- }
- ssl2_ClientRegSessionID(ss, data+1);
- SSL_TRC(5, ("%d: SSL[%d]: got server finished, waiting for 0x%d",
- SSL_GETPID(), ss->fd, ci->requiredElements ^ ci->elements));
- ci->elements |= CIS_HAVE_FINISHED;
- break;
-
- case SSL_MT_REQUEST_CERTIFICATE:
- len = gs->recordLen - 2;
- if ((len != SSL_MIN_CHALLENGE_BYTES) ||
- (len > SSL_MAX_CHALLENGE_BYTES)) {
- /* Bad challenge */
- SSL_DBG(("%d: SSL[%d]: bad cert request message: code len=%d",
- SSL_GETPID(), ss->fd, len));
- goto bad_peer;
- }
-
- /* save auth request info */
- ci->authType = data[1];
- ci->serverChallengeLen = len;
- PORT_Memcpy(ci->serverChallenge, data + 2, len);
-
- rv = ssl2_HandleRequestCertificate(ss);
- if (rv == SECWouldBlock) {
- SSL_TRC(3, ("%d: SSL[%d]: async cert request",
- SSL_GETPID(), ss->fd));
- /* someone is handling this asynchronously */
- ssl_ReleaseRecvBufLock(ss);
- return SECWouldBlock;
- }
- if (rv) {
- SET_ERROR_CODE
- goto loser;
- }
- break;
-
- case SSL_MT_CLIENT_CERTIFICATE:
- if (!ss->authCertificate) {
- /* Server asked for authentication and can't handle it */
- PORT_SetError(SSL_ERROR_BAD_SERVER);
- goto loser;
- }
- if (gs->recordLen < SSL_HL_CLIENT_CERTIFICATE_HBYTES) {
- SET_ERROR_CODE
- goto loser;
- }
- certType = data[1];
- certLen = (data[2] << 8) | data[3];
- responseLen = (data[4] << 8) | data[5];
- if (certType != SSL_CT_X509_CERTIFICATE) {
- PORT_SetError(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
- goto loser;
- }
- rv = ssl2_HandleClientCertificate(ss, data[1],
- data + SSL_HL_CLIENT_CERTIFICATE_HBYTES,
- certLen,
- data + SSL_HL_CLIENT_CERTIFICATE_HBYTES + certLen,
- responseLen);
- if (rv) {
- rv2 = ssl2_SendErrorMessage(ss, SSL_PE_BAD_CERTIFICATE);
- SET_ERROR_CODE
- goto loser;
- }
- ci->elements |= CIS_HAVE_CERTIFICATE;
- break;
-
- case SSL_MT_ERROR:
- rv = (data[1] << 8) | data[2];
- SSL_TRC(2, ("%d: SSL[%d]: got error message, error=0x%x",
- SSL_GETPID(), ss->fd, rv));
-
- /* Convert protocol error number into API error number */
- switch (rv) {
- case SSL_PE_NO_CYPHERS:
- rv = SSL_ERROR_NO_CYPHER_OVERLAP;
- break;
- case SSL_PE_NO_CERTIFICATE:
- rv = SSL_ERROR_NO_CERTIFICATE;
- break;
- case SSL_PE_BAD_CERTIFICATE:
- rv = SSL_ERROR_BAD_CERTIFICATE;
- break;
- case SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE:
- rv = SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
- break;
- default:
- goto bad_peer;
- }
- /* XXX make certificate-request optionally fail... */
- PORT_SetError(rv);
- goto loser;
-
- default:
- SSL_DBG(("%d: SSL[%d]: unknown message %d",
- SSL_GETPID(), ss->fd, data[0]));
- goto loser;
- }
-
- SSL_TRC(3, ("%d: SSL[%d]: handled %d message, required=0x%x got=0x%x",
- SSL_GETPID(), ss->fd, data[0],
- ci->requiredElements, ci->elements));
-
- rv = ssl2_TryToFinish(ss);
- if (rv != SECSuccess)
- goto loser;
-
- ss->gather->recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- if (ss->handshake == 0) {
- return SECSuccess;
- }
-
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleMessage;
- return ssl2_TriggerNextMessage(ss);
-
- bad_peer:
- PORT_SetError(sec->isServer ? SSL_ERROR_BAD_CLIENT : SSL_ERROR_BAD_SERVER);
- /* FALL THROUGH */
-
- loser:
- ssl_ReleaseRecvBufLock(ss);
- return SECFailure;
-}
-
-/************************************************************************/
-
-/* Called from ssl_Do1stHandshake, after ssl2_HandleServerHelloMessage or
-** ssl2_RestartHandshakeAfterServerCert.
-*/
-static SECStatus
-ssl2_HandleVerifyMessage(sslSocket *ss)
-{
- sslConnectInfo * ci;
- sslGather * gs;
- PRUint8 * data;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- ssl_GetRecvBufLock(ss);
- PORT_Assert((ss->sec != 0) && (ss->gather != 0));
- ci = &ss->sec->ci;
- gs = ss->gather;
-
- data = gs->buf.buf + gs->recordOffset;
- DUMP_MSG(29, (ss, data, gs->recordLen));
- if ((gs->recordLen != 1 + SSL_CHALLENGE_BYTES) ||
- (data[0] != SSL_MT_SERVER_VERIFY) ||
- PORT_Memcmp(data+1, ci->clientChallenge, SSL_CHALLENGE_BYTES)) {
- /* Bad server */
- PORT_SetError(SSL_ERROR_BAD_SERVER);
- goto loser;
- }
- ci->elements |= CIS_HAVE_VERIFY;
-
- SSL_TRC(5, ("%d: SSL[%d]: got server-verify, required=0x%d got=0x%x",
- SSL_GETPID(), ss->fd, ci->requiredElements,
- ci->elements));
-
- rv = ssl2_TryToFinish(ss);
- if (rv)
- goto loser;
-
- ss->gather->recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- if (ss->handshake == 0) {
- return SECSuccess;
- }
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleMessage;
- return SECSuccess;
-
-
- loser:
- ssl_ReleaseRecvBufLock(ss);
- return SECFailure;
-}
-
-/* Not static because ssl2_GatherData() tests ss->nextHandshake for this value.
- * ICK!
- * Called from ssl_Do1stHandshake after ssl2_BeginClientHandshake()
- */
-SECStatus
-ssl2_HandleServerHelloMessage(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo * ci;
- sslGather * gs;
- sslSessionID * sid;
- PRUint8 * cert;
- PRUint8 * cs;
- PRUint8 * data;
- SECStatus rv;
- int needed, sidHit, certLen, csLen, cidLen, certType, err;
-
- PORT_Assert((ss->sec != 0) && (ss->gather != 0));
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- if (!ss->enableSSL2) {
- PORT_SetError(SSL_ERROR_SSL2_DISABLED);
- return SECFailure;
- }
-
- ssl_GetRecvBufLock(ss);
-
- sec = ss->sec;
- ci = &sec->ci;
- gs = ss->gather;
- PORT_Assert(ci->sid != 0);
- sid = ci->sid;
-
- data = gs->buf.buf + gs->recordOffset;
- DUMP_MSG(29, (ss, data, gs->recordLen));
-
- /* Make sure first message has some data and is the server hello message */
- if ((gs->recordLen < SSL_HL_SERVER_HELLO_HBYTES)
- || (data[0] != SSL_MT_SERVER_HELLO)) {
- if ((data[0] == SSL_MT_ERROR) && (gs->recordLen == 3)) {
- err = (data[1] << 8) | data[2];
- if (err == SSL_PE_NO_CYPHERS) {
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- goto loser;
- }
- }
- goto bad_server;
- }
-
- sidHit = data[1];
- certType = data[2];
- ss->version = (data[3] << 8) | data[4];
- certLen = (data[5] << 8) | data[6];
- csLen = (data[7] << 8) | data[8];
- cidLen = (data[9] << 8) | data[10];
- cert = data + SSL_HL_SERVER_HELLO_HBYTES;
- cs = cert + certLen;
-
- SSL_TRC(5,
- ("%d: SSL[%d]: server-hello, hit=%d vers=%x certLen=%d csLen=%d cidLen=%d",
- SSL_GETPID(), ss->fd, sidHit, ss->version, certLen,
- csLen, cidLen));
- if (ss->version != SSL_LIBRARY_VERSION_2) {
- if (ss->version < SSL_LIBRARY_VERSION_2) {
- SSL_TRC(3, ("%d: SSL[%d]: demoting self (%x) to server version (%x)",
- SSL_GETPID(), ss->fd, SSL_LIBRARY_VERSION_2,
- ss->version));
- } else {
- SSL_TRC(1, ("%d: SSL[%d]: server version is %x (we are %x)",
- SSL_GETPID(), ss->fd, ss->version, SSL_LIBRARY_VERSION_2));
- /* server claims to be newer but does not follow protocol */
- PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
- goto loser;
- }
- }
-
- /* Save connection-id for later */
- PORT_Memcpy(ci->connectionID, cs + csLen, sizeof(ci->connectionID));
-
- /* See if session-id hit */
- needed = CIS_HAVE_MASTER_KEY | CIS_HAVE_FINISHED | CIS_HAVE_VERIFY;
- if (sidHit) {
- if (certLen || csLen) {
- /* Uh oh - bogus server */
- SSL_DBG(("%d: SSL[%d]: client, huh? hit=%d certLen=%d csLen=%d",
- SSL_GETPID(), ss->fd, sidHit, certLen, csLen));
- goto bad_server;
- }
-
- /* Total winner. */
- SSL_TRC(1, ("%d: SSL[%d]: client, using nonce for peer=0x%08x "
- "port=0x%04x",
- SSL_GETPID(), ss->fd, ci->peer, ci->port));
- sec->peerCert = CERT_DupCertificate(sid->peerCert);
- sec->authAlgorithm = sid->authAlgorithm;
- sec->authKeyBits = sid->authKeyBits;
- sec->keaType = sid->keaType;
- sec->keaKeyBits = sid->keaKeyBits;
- rv = ssl2_CreateSessionCypher(ss, sid, PR_TRUE);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- if (certType != SSL_CT_X509_CERTIFICATE) {
- PORT_SetError(SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
- goto loser;
- }
- if (csLen == 0) {
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- SSL_DBG(("%d: SSL[%d]: no cipher overlap",
- SSL_GETPID(), ss->fd));
- goto loser;
- }
- if (certLen == 0) {
- SSL_DBG(("%d: SSL[%d]: client, huh? certLen=%d csLen=%d",
- SSL_GETPID(), ss->fd, certLen, csLen));
- goto bad_server;
- }
-
- if (sid->cached != never_cached) {
- /* Forget our session-id - server didn't like it */
- SSL_TRC(7, ("%d: SSL[%d]: server forgot me, uncaching session-id",
- SSL_GETPID(), ss->fd));
- (*sec->uncache)(sid);
- ssl_FreeSID(sid);
- ci->sid = sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
- if (!sid) {
- goto loser;
- }
- sid->references = 1;
- sid->addr = ci->peer;
- sid->port = ci->port;
- }
-
- /* decode the server's certificate */
- rv = ssl2_ClientHandleServerCert(ss, cert, certLen);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SSL_ERROR_BAD_CERTIFICATE) {
- (void) ssl2_SendErrorMessage(ss, SSL_PE_BAD_CERTIFICATE);
- }
- goto loser;
- }
-
- /* Setup new session cipher */
- rv = ssl2_ClientSetupSessionCypher(ss, cs, csLen);
- if (rv != SECSuccess) {
- if (PORT_GetError() == SSL_ERROR_BAD_CERTIFICATE) {
- (void) ssl2_SendErrorMessage(ss, SSL_PE_BAD_CERTIFICATE);
- }
- goto loser;
- }
- }
-
- /* Build up final list of required elements */
- ci->elements = CIS_HAVE_MASTER_KEY;
- ci->requiredElements = needed;
-
- if (!sidHit) {
- /* verify the server's certificate. if sidHit, don't check signatures */
- rv = (* ss->authCertificate)(ss->authCertificateArg, ss->fd,
- (PRBool)(!sidHit), PR_FALSE);
- if (rv) {
- if (ss->handleBadCert) {
- rv = (*ss->handleBadCert)(ss->badCertArg, ss->fd);
- if ( rv ) {
- if ( rv == SECWouldBlock ) {
- /* someone will handle this connection asynchronously*/
-
- SSL_DBG(("%d: SSL[%d]: go to async cert handler",
- SSL_GETPID(), ss->fd));
- ssl_ReleaseRecvBufLock(ss);
- ssl_SetAlwaysBlock(ss);
- return SECWouldBlock;
- }
- /* cert is bad */
- SSL_DBG(("%d: SSL[%d]: server certificate is no good: error=%d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- goto loser;
-
- }
- /* cert is good */
- } else {
- SSL_DBG(("%d: SSL[%d]: server certificate is no good: error=%d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- goto loser;
- }
- }
- }
- /*
- ** At this point we have a completed session key and our session
- ** cipher is setup and ready to go. Switch to encrypted write routine
- ** as all future message data is to be encrypted.
- */
- ssl2_UseEncryptedSendFunc(ss);
-
- rv = ssl2_TryToFinish(ss);
- if (rv != SECSuccess)
- goto loser;
-
- ss->gather->recordLen = 0;
-
- ssl_ReleaseRecvBufLock(ss);
-
- if (ss->handshake == 0) {
- return SECSuccess;
- }
-
- SSL_TRC(5, ("%d: SSL[%d]: got server-hello, required=0x%d got=0x%x",
- SSL_GETPID(), ss->fd, ci->requiredElements, ci->elements));
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleVerifyMessage;
- return SECSuccess;
-
- bad_server:
- PORT_SetError(SSL_ERROR_BAD_SERVER);
- /* FALL THROUGH */
-
- loser:
- ssl_ReleaseRecvBufLock(ss);
- return SECFailure;
-}
-
-/* Sends out the initial client Hello message on the connection.
- * Acquires and releases the socket's xmitBufLock.
- */
-SECStatus
-ssl2_BeginClientHandshake(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo *ci;
- sslSessionID *sid;
- PRUint8 *msg;
- PRUint8 *cp;
- PRUint8 *localCipherSpecs = NULL;
- unsigned int localCipherSize;
- unsigned int i;
- int sendLen, sidLen;
- SECStatus rv;
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0));
-
- sec = ss->sec;
- sec->isServer = 0;
- sec->sendSequence = 0;
- sec->rcvSequence = 0;
- ssl_ChooseSessionIDProcs(sec);
- ci = &sec->ci;
-
- if (!ss->cipherSpecs) {
- rv = ssl2_ConstructCipherSpecs(ss);
- if (rv != SECSuccess)
- goto loser;
- }
-
- /* count the SSL2 and SSL3 enabled ciphers.
- * if either is zero, clear the socket's enable for that protocol.
- */
- rv = ssl2_CheckConfigSanity(ss);
- if (rv != SECSuccess)
- goto loser;
-
- /* Get peer name of server */
- rv = ssl_GetPeerInfo(ss);
- if (rv < 0) {
-#ifdef HPUX11
- /*
- * On some HP-UX B.11.00 systems, getpeername() occasionally
- * fails with ENOTCONN after a successful completion of
- * non-blocking connect. I found that if we do a write()
- * and then retry getpeername(), it will work.
- */
- if (PR_GetError() == PR_NOT_CONNECTED_ERROR) {
- char dummy;
- (void) PR_Write(ss->fd->lower, &dummy, 0);
- rv = ssl_GetPeerInfo(ss);
- if (rv < 0) {
- goto loser;
- }
- }
-#else
- goto loser;
-#endif
- }
-
- SSL_TRC(3, ("%d: SSL[%d]: sending client-hello", SSL_GETPID(), ss->fd));
-
- /* Try to find server in our session-id cache */
- if (ss->noCache) {
- sid = NULL;
- } else {
- sid = ssl_LookupSID(&ci->peer, ci->port, ss->peerID, ss->url);
- }
- while (sid) { /* this isn't really a loop */
- /* if we're not doing this SID's protocol any more, drop it. */
- if (((sid->version < SSL_LIBRARY_VERSION_3_0) && !ss->enableSSL2) ||
- ((sid->version == SSL_LIBRARY_VERSION_3_0) && !ss->enableSSL3) ||
- ((sid->version > SSL_LIBRARY_VERSION_3_0) && !ss->enableTLS)) {
- sec->uncache(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- break;
- }
- if (ss->enableSSL2 && sid->version < SSL_LIBRARY_VERSION_3_0) {
- /* If the cipher in this sid is not enabled, drop it. */
- for (i = 0; i < ss->sizeCipherSpecs; i += 3) {
- if (ss->cipherSpecs[i] == sid->u.ssl2.cipherType)
- break;
- }
- if (i >= ss->sizeCipherSpecs) {
- sec->uncache(sid);
- ssl_FreeSID(sid);
- sid = NULL;
- break;
- }
- }
- sidLen = sizeof(sid->u.ssl2.sessionID);
- PRINT_BUF(4, (ss, "client, found session-id:", sid->u.ssl2.sessionID,
- sidLen));
- ss->version = sid->version;
- PORT_Assert(!sec->localCert);
- if (sec->localCert) {
- CERT_DestroyCertificate(sec->localCert);
- }
- sec->localCert = CERT_DupCertificate(sid->localCert);
- break; /* this isn't really a loop */
- }
- if (!sid) {
- sidLen = 0;
- sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
- if (!sid) {
- goto loser;
- }
- sid->references = 1;
- sid->cached = never_cached;
- sid->addr = ci->peer;
- sid->port = ci->port;
- if (ss->peerID != NULL) {
- sid->peerID = PORT_Strdup(ss->peerID);
- }
- if (ss->url != NULL) {
- sid->urlSvrName = PORT_Strdup(ss->url);
- }
- }
- ci->sid = sid;
-
- PORT_Assert(sid != NULL);
-
- if ((sid->version >= SSL_LIBRARY_VERSION_3_0 || !ss->v2CompatibleHello) &&
- (ss->enableSSL3 || ss->enableTLS)) {
-
- PORT_Assert(ss->gather != NULL);
- ss->gather->state = GS_INIT;
- ss->handshake = ssl_GatherRecord1stHandshake;
-
- /* ssl3_SendClientHello will override this if it succeeds. */
- ss->version = SSL_LIBRARY_VERSION_3_0;
-
- ssl_GetXmitBufLock(ss); /***************************************/
- ssl_GetSSL3HandshakeLock(ss);
- rv = ssl3_SendClientHello(ss);
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_ReleaseXmitBufLock(ss); /***************************************/
-
- return rv;
- }
-
- if (!ss->cipherSpecs) {
- rv = ssl2_ConstructCipherSpecs(ss);
- if (rv < 0) {
- return rv;
- }
- }
- localCipherSpecs = ss->cipherSpecs;
- localCipherSize = ss->sizeCipherSpecs;
-
- sendLen = SSL_HL_CLIENT_HELLO_HBYTES + localCipherSize + sidLen +
- SSL_CHALLENGE_BYTES;
-
- /* Generate challenge bytes for server */
- PK11_GenerateRandom(ci->clientChallenge, SSL_CHALLENGE_BYTES);
-
- ssl_GetXmitBufLock(ss); /***************************************/
-
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv)
- goto unlock_loser;
-
- /* Construct client-hello message */
- cp = msg = ci->sendBuf.buf;
- msg[0] = SSL_MT_CLIENT_HELLO;
- if ( ss->enableTLS ) {
- ss->clientHelloVersion = SSL_LIBRARY_VERSION_3_1_TLS;
- } else if ( ss->enableSSL3 ) {
- ss->clientHelloVersion = SSL_LIBRARY_VERSION_3_0;
- } else {
- ss->clientHelloVersion = SSL_LIBRARY_VERSION_2;
- }
-
- msg[1] = MSB(ss->clientHelloVersion);
- msg[2] = LSB(ss->clientHelloVersion);
- msg[3] = MSB(localCipherSize);
- msg[4] = LSB(localCipherSize);
- msg[5] = MSB(sidLen);
- msg[6] = LSB(sidLen);
- msg[7] = MSB(SSL_CHALLENGE_BYTES);
- msg[8] = LSB(SSL_CHALLENGE_BYTES);
- cp += SSL_HL_CLIENT_HELLO_HBYTES;
- PORT_Memcpy(cp, localCipherSpecs, localCipherSize);
- cp += localCipherSize;
- if (sidLen) {
- PORT_Memcpy(cp, sid->u.ssl2.sessionID, sidLen);
- cp += sidLen;
- }
- PORT_Memcpy(cp, ci->clientChallenge, SSL_CHALLENGE_BYTES);
-
- /* Send it to the server */
- DUMP_MSG(29, (ss, msg, sendLen));
- ss->handshakeBegun = 1;
- rv = (*sec->send)(ss, msg, sendLen, 0);
-
- ssl_ReleaseXmitBufLock(ss); /***************************************/
-
- if (rv < 0) {
- goto loser;
- }
-
- rv = ssl3_StartHandshakeHash(ss, msg, sendLen);
- if (rv < 0) {
- goto loser;
- }
-
- /* Setup to receive servers hello message */
- ssl_GetRecvBufLock(ss);
- ss->gather->recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleServerHelloMessage;
- return SECSuccess;
-
-unlock_loser:
- ssl_ReleaseXmitBufLock(ss);
-loser:
- return SECFailure;
-}
-
-/************************************************************************/
-
-/* Handle the CLIENT-MASTER-KEY message.
-** Acquires and releases RecvBufLock.
-** Called from ssl2_HandleClientHelloMessage().
-*/
-static SECStatus
-ssl2_HandleClientSessionKeyMessage(sslSocket *ss)
-{
- sslConnectInfo * ci;
- PRUint8 * data;
- sslGather * gs;
- unsigned int caLen;
- unsigned int ckLen;
- unsigned int ekLen;
- unsigned int keySize;
- int cipher;
- SECStatus rv;
-
- PORT_Assert((ss->sec != 0) && (ss->gather != 0));
-
- ssl_GetRecvBufLock(ss);
- gs = ss->gather;
- ci = &ss->sec->ci;
-
- data = gs->buf.buf + gs->recordOffset;
- DUMP_MSG(29, (ss, data, gs->recordLen));
-
- if ((gs->recordLen < SSL_HL_CLIENT_MASTER_KEY_HBYTES)
- || (data[0] != SSL_MT_CLIENT_MASTER_KEY)) {
- goto bad_client;
- }
- cipher = data[1];
- keySize = (data[2] << 8) | data[3];
- ckLen = (data[4] << 8) | data[5];
- ekLen = (data[6] << 8) | data[7];
- caLen = (data[8] << 8) | data[9];
-
- SSL_TRC(5, ("%d: SSL[%d]: session-key, cipher=%d keySize=%d ckLen=%d ekLen=%d caLen=%d",
- SSL_GETPID(), ss->fd, cipher, keySize, ckLen, ekLen, caLen));
-
- if (gs->recordLen <
- SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen + ekLen + caLen) {
- SSL_DBG(("%d: SSL[%d]: protocol size mismatch dataLen=%d",
- SSL_GETPID(), ss->fd, gs->recordLen));
- goto bad_client;
- }
-
- /* Use info from client to setup session key */
- /* XXX should validate cipher&keySize are in our array */
- rv = ssl2_ServerSetupSessionCypher(ss, cipher, keySize,
- data + SSL_HL_CLIENT_MASTER_KEY_HBYTES, ckLen,
- data + SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen, ekLen,
- data + SSL_HL_CLIENT_MASTER_KEY_HBYTES + ckLen + ekLen, caLen);
- ss->gather->recordLen = 0; /* we're done with this record. */
-
- ssl_ReleaseRecvBufLock(ss);
-
- if (rv != SECSuccess) {
- goto loser;
- }
- ci->elements |= CIS_HAVE_MASTER_KEY;
- ssl2_UseEncryptedSendFunc(ss);
-
- /* Send server verify message now that keys are established */
- rv = ssl2_SendServerVerifyMessage(ss);
- if (rv != SECSuccess)
- goto loser;
-
- rv = ssl2_TryToFinish(ss);
- if (rv != SECSuccess)
- goto loser;
- if (ss->handshake == 0) {
- return SECSuccess;
- }
-
- SSL_TRC(5, ("%d: SSL[%d]: server: waiting for elements=0x%d",
- SSL_GETPID(), ss->fd, ci->requiredElements ^ ci->elements));
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleMessage;
-
- return ssl2_TriggerNextMessage(ss);
-
-bad_client:
- ssl_ReleaseRecvBufLock(ss);
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- /* FALLTHROUGH */
-
-loser:
- return SECFailure;
-}
-
-/*
- * attempt to restart the handshake after asynchronously handling
- * a request for the client's certificate.
- *
- * inputs:
- * cert Client cert chosen by application.
- * key Private key associated with cert.
- *
- * XXX: need to make ssl2 and ssl3 versions of this function agree on whether
- * they take the reference, or bump the ref count!
- *
- * Return value: XXX
- *
- * Caller holds 1stHandshakeLock.
- */
-int
-ssl2_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key)
-{
- int ret;
- SECStatus rv = SECSuccess;
- SECItem response;
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0)
- return SECFailure;
-
- response.data = NULL;
-
- PORT_Assert((ss->sec != 0));
- if (ss->sec == NULL)
- return SECFailure;
-
- /* generate error if no cert or key */
- if ( ( cert == NULL ) || ( key == NULL ) ) {
- goto no_cert;
- }
-
- /* generate signed response to the challenge */
- rv = ssl2_SignResponse(ss, key, &response);
- if ( rv != SECSuccess ) {
- goto no_cert;
- }
-
- /* Send response message */
- ret = ssl2_SendCertificateResponseMessage(ss, &cert->derCert, &response);
- if (ret) {
- goto no_cert;
- }
-
- /* try to finish the handshake */
- ret = ssl2_TryToFinish(ss);
- if (ret) {
- goto loser;
- }
-
- /* done with handshake */
- if (ss->handshake == 0) {
- ret = SECSuccess;
- goto done;
- }
-
- /* continue handshake */
- ssl_GetRecvBufLock(ss);
- ss->gather->recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleMessage;
- ret = ssl2_TriggerNextMessage(ss);
- goto done;
-
-no_cert:
- /* no cert - send error */
- ret = ssl2_SendErrorMessage(ss, SSL_PE_NO_CERTIFICATE);
- goto done;
-
-loser:
- ret = SECFailure;
-done:
- /* free allocated data */
- if ( response.data ) {
- PORT_Free(response.data);
- }
-
- return ret;
-}
-
-
-/* restart an SSL connection that we stopped to run certificate dialogs
-** XXX Need to document here how an application marks a cert to show that
-** the application has accepted it (overridden CERT_VerifyCert).
- *
- * Return value: XXX
- *
- * Caller holds 1stHandshakeLock.
-*/
-int
-ssl2_RestartHandshakeAfterServerCert(sslSocket *ss)
-{
- int rv = SECSuccess;
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0)
- return SECFailure;
-
- /* SSL 2
- ** At this point we have a completed session key and our session
- ** cipher is setup and ready to go. Switch to encrypted write routine
- ** as all future message data is to be encrypted.
- */
- ssl2_UseEncryptedSendFunc(ss);
-
- rv = ssl2_TryToFinish(ss);
- if (rv == SECSuccess && ss->handshake != NULL) {
- /* handshake is not yet finished. */
-
- SSL_TRC(5, ("%d: SSL[%d]: got server-hello, required=0x%d got=0x%x",
- SSL_GETPID(), ss->fd, ss->sec->ci.requiredElements,
- ss->sec->ci.elements));
-
- ssl_GetRecvBufLock(ss);
- ss->gather->recordLen = 0; /* mark it all used up. */
- ssl_ReleaseRecvBufLock(ss);
-
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleVerifyMessage;
- }
-
- return rv;
-}
-
-/*
-** Handle the initial hello message from the client
-**
-** not static because ssl2_GatherData() tests ss->nextHandshake for this value.
-*/
-SECStatus
-ssl2_HandleClientHelloMessage(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo *ci;
- sslGather *gs;
- sslSessionID *sid;
- sslServerCerts * sc;
- CERTCertificate *serverCert;
- PRUint8 *msg;
- PRUint8 *data;
- PRUint8 *cs;
- PRUint8 *sd;
- PRUint8 *cert = NULL;
- PRUint8 *challenge;
- unsigned int challengeLen;
- SECStatus rv;
- int csLen;
- int sendLen;
- int sdLen;
- int certLen;
- int pid;
- int sent;
- int gotXmitBufLock = 0;
-#if defined(SOLARIS) && defined(i386)
- volatile PRUint8 hit;
-#else
- int hit;
-#endif
- PRUint8 csImpl[sizeof implementedCipherSuites];
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert((ss->sec != 0) && (ss->gather != 0));
-
- sec = ss->sec;
- ci = &sec->ci;
- sc = ss->serverCerts + kt_rsa;
- serverCert = sc->serverCert;
-
- ssl_GetRecvBufLock(ss);
-
- gs = ss->gather;
-
- data = gs->buf.buf + gs->recordOffset;
- DUMP_MSG(29, (ss, data, gs->recordLen));
-
- /* Make sure first message has some data and is the client hello message */
- if ((gs->recordLen < SSL_HL_CLIENT_HELLO_HBYTES)
- || (data[0] != SSL_MT_CLIENT_HELLO)) {
- goto bad_client;
- }
-
- /* Get peer name of client */
- rv = ssl_GetPeerInfo(ss);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- /* Examine version information */
- /*
- * See if this might be a V2 client hello asking to use the V3 protocol
- */
- if ((data[0] == SSL_MT_CLIENT_HELLO) &&
- (data[1] >= MSB(SSL_LIBRARY_VERSION_3_0)) &&
- (ss->enableSSL3 || ss->enableTLS)) {
- rv = ssl3_HandleV2ClientHello(ss, data, gs->recordLen);
- if (rv != SECFailure) { /* Success */
- ss->handshake = NULL;
- ss->nextHandshake = ssl_GatherRecord1stHandshake;
- ss->securityHandshake = NULL;
- ss->gather->state = GS_INIT;
-
- /* ssl3_HandleV3ClientHello has set ss->version,
- ** and has gotten us a brand new sid.
- */
- ss->sec->ci.sid->version = ss->version;
- }
- ssl_ReleaseRecvBufLock(ss);
- return rv;
- }
- /* Previously, there was a test here to see if SSL2 was enabled.
- ** If not, an error code was set, and SECFailure was returned,
- ** without sending any error code to the other end of the connection.
- ** That test has been removed. If SSL2 has been disabled, there
- ** should be no SSL2 ciphers enabled, and consequently, the code
- ** below should send the ssl2 error message SSL_PE_NO_CYPHERS.
- ** We now believe this is the correct thing to do, even when SSL2
- ** has been explicitly disabled by the application.
- */
-
- /* Extract info from message */
- ss->version = (data[1] << 8) | data[2];
-
- /* If some client thinks ssl v2 is 2.0 instead of 0.2, we'll allow it. */
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- ss->version = SSL_LIBRARY_VERSION_2;
- }
-
- csLen = (data[3] << 8) | data[4];
- sdLen = (data[5] << 8) | data[6];
- challengeLen = (data[7] << 8) | data[8];
- cs = data + SSL_HL_CLIENT_HELLO_HBYTES;
- sd = cs + csLen;
- challenge = sd + sdLen;
- PRINT_BUF(7, (ss, "server, client session-id value:", sd, sdLen));
-
- if ((unsigned)gs->recordLen !=
- SSL_HL_CLIENT_HELLO_HBYTES + csLen + sdLen + challengeLen) {
- SSL_DBG(("%d: SSL[%d]: bad client hello message, len=%d should=%d",
- SSL_GETPID(), ss->fd, gs->recordLen,
- SSL_HL_CLIENT_HELLO_HBYTES+csLen+sdLen+challengeLen));
- goto bad_client;
- }
-
- SSL_TRC(3, ("%d: SSL[%d]: client version is %x",
- SSL_GETPID(), ss->fd, ss->version));
- if (ss->version != SSL_LIBRARY_VERSION_2) {
- if (ss->version > SSL_LIBRARY_VERSION_2) {
- /*
- ** Newer client than us. Things are ok because new clients
- ** are required to be backwards compatible with old servers.
- ** Change version number to our version number so that client
- ** knows whats up.
- */
- ss->version = SSL_LIBRARY_VERSION_2;
- } else {
- SSL_TRC(1, ("%d: SSL[%d]: client version is %x (we are %x)",
- SSL_GETPID(), ss->fd, ss->version, SSL_LIBRARY_VERSION_2));
- PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION);
- goto loser;
- }
- }
-
- /* Qualify cipher specs before returning them to client */
- csLen = ssl2_QualifyCypherSpecs(ss, cs, csLen);
- if (csLen == 0) {
- /* no overlap, send client our list of supported SSL v2 ciphers. */
- cs = csImpl;
- csLen = sizeof implementedCipherSuites;
- PORT_Memcpy(cs, implementedCipherSuites, csLen);
- csLen = ssl2_QualifyCypherSpecs(ss, cs, csLen);
- if (csLen == 0) {
- /* We don't support any SSL v2 ciphers! */
- ssl2_SendErrorMessage(ss, SSL_PE_NO_CYPHERS);
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- goto loser;
- }
- /* Since this handhsake is going to fail, don't cache it. */
- ss->noCache = 1;
- }
-
- /* Squirrel away the challenge for later */
- PORT_Memcpy(ci->clientChallenge, challenge, challengeLen);
-
- /* Examine message and see if session-id is good */
- ci->elements = 0;
- if (sdLen > 0 && !ss->noCache) {
- SSL_TRC(7, ("%d: SSL[%d]: server, lookup client session-id for 0x%08x%08x%08x%08x",
- SSL_GETPID(), ss->fd, ci->peer.pr_s6_addr32[0],
- ci->peer.pr_s6_addr32[1], ci->peer.pr_s6_addr32[2],
- ci->peer.pr_s6_addr32[3]));
- sid = (*ssl_sid_lookup)(&ci->peer, sd, sdLen, ss->dbHandle);
- } else {
- sid = NULL;
- }
- if (sid) {
- /* Got a good session-id. Short cut! */
- SSL_TRC(1, ("%d: SSL[%d]: server, using session-id for 0x%08x (age=%d)",
- SSL_GETPID(), ss->fd, ci->peer,
- ssl_Time() - sid->creationTime));
- PRINT_BUF(1, (ss, "session-id value:", sd, sdLen));
- ci->sid = sid;
- ci->elements = CIS_HAVE_MASTER_KEY;
- hit = 1;
- certLen = 0;
- csLen = 0;
-
- sec->authAlgorithm = sid->authAlgorithm;
- sec->authKeyBits = sid->authKeyBits;
- sec->keaType = sid->keaType;
- sec->keaKeyBits = sid->keaKeyBits;
-
- rv = ssl2_CreateSessionCypher(ss, sid, PR_FALSE);
- if (rv != SECSuccess) {
- goto loser;
- }
- } else {
- SECItem * derCert = &serverCert->derCert;
-
- SSL_TRC(7, ("%d: SSL[%d]: server, lookup nonce missed",
- SSL_GETPID(), ss->fd));
- if (!serverCert) {
- SET_ERROR_CODE
- goto loser;
- }
- hit = 0;
- sid = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
- if (!sid) {
- goto loser;
- }
- sid->references = 1;
- sid->addr = ci->peer;
- sid->port = ci->port;
-
- /* Invent a session-id */
- ci->sid = sid;
- PK11_GenerateRandom(sid->u.ssl2.sessionID+2, SSL2_SESSIONID_BYTES-2);
-
- pid = SSL_GETPID();
- sid->u.ssl2.sessionID[0] = MSB(pid);
- sid->u.ssl2.sessionID[1] = LSB(pid);
- cert = derCert->data;
- certLen = derCert->len;
-
- /* pretend that server sids remember the local cert. */
- PORT_Assert(!sid->localCert);
- if (sid->localCert) {
- CERT_DestroyCertificate(sid->localCert);
- }
- sid->localCert = CERT_DupCertificate(serverCert);
-
- sec->authAlgorithm = ssl_sign_rsa;
- sec->keaType = ssl_kea_rsa;
- sec->keaKeyBits = \
- sec->authKeyBits = ss->serverCerts[kt_rsa].serverKeyBits;
- }
-
- /* server sids don't remember the local cert, so whether we found
- ** a sid or not, just "remember" we used the rsa server cert.
- */
- if (sec->localCert) {
- CERT_DestroyCertificate(sec->localCert);
- }
- sec->localCert = CERT_DupCertificate(serverCert);
-
- /* Build up final list of required elements */
- ci->requiredElements = CIS_HAVE_MASTER_KEY | CIS_HAVE_FINISHED;
- if (ss->requestCertificate) {
- ci->requiredElements |= CIS_HAVE_CERTIFICATE;
- }
- ci->sentElements = 0;
-
- /* Send hello message back to client */
- sendLen = SSL_HL_SERVER_HELLO_HBYTES + certLen + csLen
- + SSL_CONNECTIONID_BYTES;
-
- ssl_GetXmitBufLock(ss); gotXmitBufLock = 1;
- rv = ssl2_GetSendBuffer(ss, sendLen);
- if (rv != SECSuccess) {
- goto loser;
- }
-
- SSL_TRC(3, ("%d: SSL[%d]: sending server-hello (%d)",
- SSL_GETPID(), ss->fd, sendLen));
-
- msg = ci->sendBuf.buf;
- msg[0] = SSL_MT_SERVER_HELLO;
- msg[1] = hit;
- msg[2] = SSL_CT_X509_CERTIFICATE;
- msg[3] = MSB(ss->version);
- msg[4] = LSB(ss->version);
- msg[5] = MSB(certLen);
- msg[6] = LSB(certLen);
- msg[7] = MSB(csLen);
- msg[8] = LSB(csLen);
- msg[9] = MSB(SSL_CONNECTIONID_BYTES);
- msg[10] = LSB(SSL_CONNECTIONID_BYTES);
- if (certLen) {
- PORT_Memcpy(msg+SSL_HL_SERVER_HELLO_HBYTES, cert, certLen);
- }
- if (csLen) {
- PORT_Memcpy(msg+SSL_HL_SERVER_HELLO_HBYTES+certLen, cs, csLen);
- }
- PORT_Memcpy(msg+SSL_HL_SERVER_HELLO_HBYTES+certLen+csLen, ci->connectionID,
- SSL_CONNECTIONID_BYTES);
-
- DUMP_MSG(29, (ss, msg, sendLen));
-
- ss->handshakeBegun = 1;
- sent = (*sec->send)(ss, msg, sendLen, 0);
- if (sent < 0) {
- goto loser;
- }
- ssl_ReleaseXmitBufLock(ss); gotXmitBufLock = 0;
-
- ss->gather->recordLen = 0;
- ss->handshake = ssl_GatherRecord1stHandshake;
- if (hit) {
- /* Old SID Session key is good. Go encrypted */
- ssl2_UseEncryptedSendFunc(ss);
-
- /* Send server verify message now that keys are established */
- rv = ssl2_SendServerVerifyMessage(ss);
- if (rv != SECSuccess)
- goto loser;
-
- ss->nextHandshake = ssl2_HandleMessage;
- ssl_ReleaseRecvBufLock(ss);
- rv = ssl2_TriggerNextMessage(ss);
- return rv;
- }
- ss->nextHandshake = ssl2_HandleClientSessionKeyMessage;
- ssl_ReleaseRecvBufLock(ss);
- return SECSuccess;
-
- bad_client:
- PORT_SetError(SSL_ERROR_BAD_CLIENT);
- /* FALLTHROUGH */
-
- loser:
- if (gotXmitBufLock) {
- ssl_ReleaseXmitBufLock(ss); gotXmitBufLock = 0;
- }
- SSL_TRC(10, ("%d: SSL[%d]: server, wait for client-hello lossage",
- SSL_GETPID(), ss->fd));
- ssl_ReleaseRecvBufLock(ss);
- return SECFailure;
-}
-
-SECStatus
-ssl2_BeginServerHandshake(sslSocket *ss)
-{
- sslSecurityInfo *sec;
- sslConnectInfo * ci;
- SECStatus rv;
- sslServerCerts * rsaAuth = ss->serverCerts + kt_rsa;
-
- PORT_Assert((ss->sec != 0));
- sec = ss->sec;
- ci = &sec->ci;
- sec->isServer = 1;
- ssl_ChooseSessionIDProcs(sec);
- sec->sendSequence = 0;
- sec->rcvSequence = 0;
-
- /* don't turn on SSL2 if we don't have an RSA key and cert */
- if (!rsaAuth->serverKey || !rsaAuth->serverCert) {
- ss->enableSSL2 = PR_FALSE;
- }
-
- if (!ss->cipherSpecs) {
- rv = ssl2_ConstructCipherSpecs(ss);
- if (rv != SECSuccess)
- goto loser;
- }
-
- /* count the SSL2 and SSL3 enabled ciphers.
- * if either is zero, clear the socket's enable for that protocol.
- */
- rv = ssl2_CheckConfigSanity(ss);
- if (rv != SECSuccess)
- goto loser;
-
- /*
- ** Generate connection-id. Always do this, even if things fail
- ** immediately. This way the random number generator is always
- ** rolling around, every time we get a connection.
- */
- PK11_GenerateRandom(ci->connectionID, sizeof(ci->connectionID));
-
- ss->gather->recordLen = 0;
- ss->handshake = ssl_GatherRecord1stHandshake;
- ss->nextHandshake = ssl2_HandleClientHelloMessage;
- return SECSuccess;
-
-loser:
- return SECFailure;
-}
-
-/* This function doesn't really belong in this file.
-** It's here to keep AIX compilers from optimizing it away,
-** and not including it in the DSO.
-*/
-
-#include "nss.h"
-extern const char __nss_ssl_rcsid[];
-extern const char __nss_ssl_sccsid[];
-
-PRBool
-NSSSSL_VersionCheck(const char *importedVersion)
-{
- /*
- * This is the secret handshake algorithm.
- *
- * This release has a simple version compatibility
- * check algorithm. This release is not backward
- * compatible with previous major releases. It is
- * not compatible with future major, minor, or
- * patch releases.
- */
- int vmajor = 0, vminor = 0, vpatch = 0;
- const char *ptr = importedVersion;
- volatile char c; /* force a reference that won't get optimized away */
-
- c = __nss_ssl_rcsid[0] + __nss_ssl_sccsid[0];
- return NSS_VersionCheck(importedVersion);
-}
diff --git a/security/nss/lib/ssl/ssldef.c b/security/nss/lib/ssl/ssldef.c
deleted file mode 100644
index 81d6db8c8..000000000
--- a/security/nss/lib/ssl/ssldef.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/*
- * "Default" SSLSocket methods, used by sockets that do neither SSL nor socks.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-
-#if defined(WIN32)
-#define MAP_ERROR(from,to) if (err == from) { PORT_SetError(to); }
-#else
-#define MAP_ERROR(from,to)
-#endif
-
-int ssl_DefConnect(sslSocket *ss, const PRNetAddr *sa)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->connect(lower, sa, ss->cTimeout);
- return rv;
-}
-
-int ssl_DefBind(sslSocket *ss, const PRNetAddr *addr)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->bind(lower, addr);
- return rv;
-}
-
-int ssl_DefListen(sslSocket *ss, int backlog)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->listen(lower, backlog);
- return rv;
-}
-
-int ssl_DefShutdown(sslSocket *ss, int how)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->shutdown(lower, how);
- return rv;
-}
-
-int ssl_DefRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->recv(lower, (void *)buf, len, flags, ss->rTimeout);
- if (rv < 0) {
- PRErrorCode err = PR_GetError();
- MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
- } else if (rv > len) {
- PORT_Assert(rv <= len);
- PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
- rv = SECFailure;
- }
- return rv;
-}
-
-/* Default (unencrypted) send.
- * Returns SECSuccess or SECFailure, NOT SECWouldBlock.
- * Returns positive count if any data was written.
- * ALWAYS check for a short write after calling ssl_DefSend.
- */
-int ssl_DefSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv, count;
-
-#if NSS_DISABLE_NAGLE_DELAYS
- /* Although this is overkill, we disable Nagle delays completely for
- ** SSL sockets.
- */
- if (ss->useSecurity && !ss->delayDisabled) {
- ssl_EnableNagleDelay(ss, PR_FALSE); /* ignore error */
- ss->delayDisabled = 1;
- }
-#endif
- count = 0;
- for (;;) {
- rv = lower->methods->send(lower, (const void *)buf, len,
- flags, ss->wTimeout);
- if (rv < 0) {
- PRErrorCode err = PR_GetError();
- if (err == PR_WOULD_BLOCK_ERROR) {
- ss->lastWriteBlocked = 1;
- return count ? count : rv;
- }
- ss->lastWriteBlocked = 0;
- MAP_ERROR(PR_CONNECT_ABORTED_ERROR, PR_CONNECT_RESET_ERROR)
- /* Loser */
- return rv;
- }
- count += rv;
- if (rv < len) {
- /* Short send. Send the rest in the next call */
- buf += rv;
- len -= rv;
- continue;
- }
- break;
- }
- ss->lastWriteBlocked = 0;
- return count;
-}
-
-int ssl_DefRead(sslSocket *ss, unsigned char *buf, int len)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->read(lower, (void *)buf, len);
- if (rv < 0) {
- PRErrorCode err = PR_GetError();
- MAP_ERROR(PR_SOCKET_SHUTDOWN_ERROR, PR_CONNECT_RESET_ERROR)
- }
- return rv;
-}
-
-int ssl_DefWrite(sslSocket *ss, const unsigned char *buf, int len)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv, count;
-
- count = 0;
- for (;;) {
- rv = lower->methods->write(lower, (void *)buf, len);
- if (rv < 0) {
- PRErrorCode err = PR_GetError();
- if (err == PR_WOULD_BLOCK_ERROR) {
- ss->lastWriteBlocked = 1;
- return count ? count : rv;
- }
- ss->lastWriteBlocked = 0;
- MAP_ERROR(PR_CONNECT_ABORTED_ERROR, PR_CONNECT_RESET_ERROR)
- /* Loser */
- return rv;
- }
- count += rv;
- if (rv != len) {
- /* Short write. Send the rest in the next call */
- buf += rv;
- len -= rv;
- continue;
- }
- break;
- }
- ss->lastWriteBlocked = 0;
- return count;
-}
-
-int ssl_DefGetpeername(sslSocket *ss, PRNetAddr *name)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->getpeername(lower, name);
- return rv;
-}
-
-int ssl_DefGetsockname(sslSocket *ss, PRNetAddr *name)
-{
- PRFileDesc *lower = ss->fd->lower;
- int rv;
-
- rv = lower->methods->getsockname(lower, name);
- return rv;
-}
-
-int ssl_DefClose(sslSocket *ss)
-{
- PRFileDesc *fd;
- PRFileDesc *popped;
- int rv;
-
- fd = ss->fd;
-
- /* First, remove the SSL layer PRFileDesc from the socket's stack,
- ** then invoke the SSL layer's PRFileDesc destructor.
- ** This must happen before the next layer down is closed.
- */
- PORT_Assert(fd->higher == NULL);
- if (fd->higher) {
- PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
- return SECFailure;
- }
- ss->fd = NULL;
-
- /* PR_PopIOLayer will swap the contents of the top two PRFileDescs on
- ** the stack, and then remove the second one. This way, the address
- ** of the PRFileDesc on the top of the stack doesn't change.
- */
- popped = PR_PopIOLayer(fd, PR_TOP_IO_LAYER);
- popped->dtor(popped);
-
- /* fd is now the PRFileDesc for the next layer down.
- ** Now close the underlying socket.
- */
- rv = fd->methods->close(fd);
-
- ssl_FreeSocket(ss);
-
- SSL_TRC(5, ("%d: SSL[%d]: closing, rv=%d errno=%d",
- SSL_GETPID(), fd, rv, PORT_GetError()));
- return rv;
-}
diff --git a/security/nss/lib/ssl/sslenum.c b/security/nss/lib/ssl/sslenum.c
deleted file mode 100644
index f055ded54..000000000
--- a/security/nss/lib/ssl/sslenum.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Table enumerating all implemented cipher suites
- * Part of public API.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "ssl.h"
-#include "sslproto.h"
-
-const PRUint16 SSL_ImplementedCiphers[] = {
-
- /* 256-bit */
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
- TLS_RSA_WITH_AES_256_CBC_SHA,
-
- /* 128-bit */
- SSL_FORTEZZA_DMS_WITH_RC4_128_SHA,
- TLS_DHE_DSS_WITH_RC4_128_SHA,
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
- SSL_RSA_WITH_RC4_128_MD5,
- SSL_RSA_WITH_RC4_128_SHA,
- TLS_RSA_WITH_AES_128_CBC_SHA,
-
- /* 112-bit 3DES */
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
- SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA,
- SSL_RSA_WITH_3DES_EDE_CBC_SHA,
-
- /* 80 bit skipjack */
- SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, /* KEA + SkipJack */
-
- /* 56-bit DES "domestic" cipher suites */
- SSL_DHE_RSA_WITH_DES_CBC_SHA,
- SSL_DHE_DSS_WITH_DES_CBC_SHA,
- SSL_RSA_FIPS_WITH_DES_CBC_SHA,
- SSL_RSA_WITH_DES_CBC_SHA,
-
- /* export ciphersuites with 1024-bit public key exchange keys */
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA,
-
- /* export ciphersuites with 512-bit public key exchange keys */
- SSL_RSA_EXPORT_WITH_RC4_40_MD5,
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5,
-
- /* ciphersuites with no encryption */
- SSL_FORTEZZA_DMS_WITH_NULL_SHA,
- SSL_RSA_WITH_NULL_MD5,
-
- /* SSL2 cipher suites. */
- SSL_EN_RC4_128_WITH_MD5,
- SSL_EN_RC2_128_CBC_WITH_MD5,
- SSL_EN_DES_192_EDE3_CBC_WITH_MD5, /* actually 112, not 192 */
- SSL_EN_DES_64_CBC_WITH_MD5,
- SSL_EN_RC4_128_EXPORT40_WITH_MD5,
- SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5,
-
- 0
-
-};
-
-const PRUint16 SSL_NumImplementedCiphers =
- (sizeof SSL_ImplementedCiphers) / (sizeof SSL_ImplementedCiphers[0]) - 1;
-
diff --git a/security/nss/lib/ssl/sslerr.c b/security/nss/lib/ssl/sslerr.c
deleted file mode 100644
index f3e57d44d..000000000
--- a/security/nss/lib/ssl/sslerr.c
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Function to set error code only when meaningful error has not already
- * been set.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "seccomon.h"
-
-/* look at the current value of PR_GetError, and evaluate it to see
- * if it is meaningful or meaningless (out of context).
- * If it is meaningless, replace it with the hiLevelError.
- * Returns the chosen error value.
- */
-int
-ssl_MapLowLevelError(int hiLevelError)
-{
- int oldErr = PORT_GetError();
-
- switch (oldErr) {
-
- case 0:
- case PR_IO_ERROR:
- case SEC_ERROR_IO:
- case SEC_ERROR_BAD_DATA:
- case SEC_ERROR_LIBRARY_FAILURE:
- case SEC_ERROR_EXTENSION_NOT_FOUND:
- case SSL_ERROR_BAD_CLIENT:
- case SSL_ERROR_BAD_SERVER:
- case SSL_ERROR_SESSION_NOT_FOUND:
- PORT_SetError(hiLevelError);
- return hiLevelError;
-
- default: /* leave the majority of error codes alone. */
- return oldErr;
- }
-}
diff --git a/security/nss/lib/ssl/sslerr.h b/security/nss/lib/ssl/sslerr.h
deleted file mode 100644
index 3285fb60c..000000000
--- a/security/nss/lib/ssl/sslerr.h
+++ /dev/null
@@ -1,188 +0,0 @@
-/*
- * Enumeration of all SSL-specific error codes.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#ifndef __SSL_ERR_H_
-#define __SSL_ERR_H_
-
-
-#define SSL_ERROR_BASE (-0x3000)
-#define SSL_ERROR_LIMIT (SSL_ERROR_BASE + 1000)
-
-#define IS_SSL_ERROR(code) \
- (((code) >= SSL_ERROR_BASE) && ((code) < SSL_ERROR_LIMIT))
-
-#ifndef NO_SECURITY_ERROR_ENUM
-typedef enum {
-SSL_ERROR_EXPORT_ONLY_SERVER = (SSL_ERROR_BASE + 0),
-SSL_ERROR_US_ONLY_SERVER = (SSL_ERROR_BASE + 1),
-SSL_ERROR_NO_CYPHER_OVERLAP = (SSL_ERROR_BASE + 2),
-/*
- * Received an alert reporting what we did wrong. (more alerts below)
- */
-SSL_ERROR_NO_CERTIFICATE /*_ALERT */ = (SSL_ERROR_BASE + 3),
-SSL_ERROR_BAD_CERTIFICATE = (SSL_ERROR_BASE + 4),
- /* error 5 is obsolete */
-SSL_ERROR_BAD_CLIENT = (SSL_ERROR_BASE + 6),
-SSL_ERROR_BAD_SERVER = (SSL_ERROR_BASE + 7),
-SSL_ERROR_UNSUPPORTED_CERTIFICATE_TYPE = (SSL_ERROR_BASE + 8),
-SSL_ERROR_UNSUPPORTED_VERSION = (SSL_ERROR_BASE + 9),
- /* error 10 is obsolete */
-SSL_ERROR_WRONG_CERTIFICATE = (SSL_ERROR_BASE + 11),
-SSL_ERROR_BAD_CERT_DOMAIN = (SSL_ERROR_BASE + 12),
-SSL_ERROR_POST_WARNING = (SSL_ERROR_BASE + 13),
-SSL_ERROR_SSL2_DISABLED = (SSL_ERROR_BASE + 14),
-SSL_ERROR_BAD_MAC_READ = (SSL_ERROR_BASE + 15),
-/*
- * Received an alert reporting what we did wrong.
- * (two more alerts above, and many more below)
- */
-SSL_ERROR_BAD_MAC_ALERT = (SSL_ERROR_BASE + 16),
-SSL_ERROR_BAD_CERT_ALERT = (SSL_ERROR_BASE + 17),
-SSL_ERROR_REVOKED_CERT_ALERT = (SSL_ERROR_BASE + 18),
-SSL_ERROR_EXPIRED_CERT_ALERT = (SSL_ERROR_BASE + 19),
-
-SSL_ERROR_SSL_DISABLED = (SSL_ERROR_BASE + 20),
-SSL_ERROR_FORTEZZA_PQG = (SSL_ERROR_BASE + 21),
-SSL_ERROR_UNKNOWN_CIPHER_SUITE = (SSL_ERROR_BASE + 22),
-SSL_ERROR_NO_CIPHERS_SUPPORTED = (SSL_ERROR_BASE + 23),
-SSL_ERROR_BAD_BLOCK_PADDING = (SSL_ERROR_BASE + 24),
-SSL_ERROR_RX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 25),
-SSL_ERROR_TX_RECORD_TOO_LONG = (SSL_ERROR_BASE + 26),
-/*
- * Received a malformed (too long or short) SSL handshake.
- */
-SSL_ERROR_RX_MALFORMED_HELLO_REQUEST = (SSL_ERROR_BASE + 27),
-SSL_ERROR_RX_MALFORMED_CLIENT_HELLO = (SSL_ERROR_BASE + 28),
-SSL_ERROR_RX_MALFORMED_SERVER_HELLO = (SSL_ERROR_BASE + 29),
-SSL_ERROR_RX_MALFORMED_CERTIFICATE = (SSL_ERROR_BASE + 30),
-SSL_ERROR_RX_MALFORMED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 31),
-SSL_ERROR_RX_MALFORMED_CERT_REQUEST = (SSL_ERROR_BASE + 32),
-SSL_ERROR_RX_MALFORMED_HELLO_DONE = (SSL_ERROR_BASE + 33),
-SSL_ERROR_RX_MALFORMED_CERT_VERIFY = (SSL_ERROR_BASE + 34),
-SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 35),
-SSL_ERROR_RX_MALFORMED_FINISHED = (SSL_ERROR_BASE + 36),
-/*
- * Received a malformed (too long or short) SSL record.
- */
-SSL_ERROR_RX_MALFORMED_CHANGE_CIPHER = (SSL_ERROR_BASE + 37),
-SSL_ERROR_RX_MALFORMED_ALERT = (SSL_ERROR_BASE + 38),
-SSL_ERROR_RX_MALFORMED_HANDSHAKE = (SSL_ERROR_BASE + 39),
-SSL_ERROR_RX_MALFORMED_APPLICATION_DATA = (SSL_ERROR_BASE + 40),
-/*
- * Received an SSL handshake that was inappropriate for the state we're in.
- * E.g. Server received message from server, or wrong state in state machine.
- */
-SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST = (SSL_ERROR_BASE + 41),
-SSL_ERROR_RX_UNEXPECTED_CLIENT_HELLO = (SSL_ERROR_BASE + 42),
-SSL_ERROR_RX_UNEXPECTED_SERVER_HELLO = (SSL_ERROR_BASE + 43),
-SSL_ERROR_RX_UNEXPECTED_CERTIFICATE = (SSL_ERROR_BASE + 44),
-SSL_ERROR_RX_UNEXPECTED_SERVER_KEY_EXCH = (SSL_ERROR_BASE + 45),
-SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST = (SSL_ERROR_BASE + 46),
-SSL_ERROR_RX_UNEXPECTED_HELLO_DONE = (SSL_ERROR_BASE + 47),
-SSL_ERROR_RX_UNEXPECTED_CERT_VERIFY = (SSL_ERROR_BASE + 48),
-SSL_ERROR_RX_UNEXPECTED_CLIENT_KEY_EXCH = (SSL_ERROR_BASE + 49),
-SSL_ERROR_RX_UNEXPECTED_FINISHED = (SSL_ERROR_BASE + 50),
-/*
- * Received an SSL record that was inappropriate for the state we're in.
- */
-SSL_ERROR_RX_UNEXPECTED_CHANGE_CIPHER = (SSL_ERROR_BASE + 51),
-SSL_ERROR_RX_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 52),
-SSL_ERROR_RX_UNEXPECTED_HANDSHAKE = (SSL_ERROR_BASE + 53),
-SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA= (SSL_ERROR_BASE + 54),
-/*
- * Received record/message with unknown discriminant.
- */
-SSL_ERROR_RX_UNKNOWN_RECORD_TYPE = (SSL_ERROR_BASE + 55),
-SSL_ERROR_RX_UNKNOWN_HANDSHAKE = (SSL_ERROR_BASE + 56),
-SSL_ERROR_RX_UNKNOWN_ALERT = (SSL_ERROR_BASE + 57),
-/*
- * Received an alert reporting what we did wrong. (more alerts above)
- */
-SSL_ERROR_CLOSE_NOTIFY_ALERT = (SSL_ERROR_BASE + 58),
-SSL_ERROR_HANDSHAKE_UNEXPECTED_ALERT = (SSL_ERROR_BASE + 59),
-SSL_ERROR_DECOMPRESSION_FAILURE_ALERT = (SSL_ERROR_BASE + 60),
-SSL_ERROR_HANDSHAKE_FAILURE_ALERT = (SSL_ERROR_BASE + 61),
-SSL_ERROR_ILLEGAL_PARAMETER_ALERT = (SSL_ERROR_BASE + 62),
-SSL_ERROR_UNSUPPORTED_CERT_ALERT = (SSL_ERROR_BASE + 63),
-SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT = (SSL_ERROR_BASE + 64),
-
-SSL_ERROR_GENERATE_RANDOM_FAILURE = (SSL_ERROR_BASE + 65),
-SSL_ERROR_SIGN_HASHES_FAILURE = (SSL_ERROR_BASE + 66),
-SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE = (SSL_ERROR_BASE + 67),
-SSL_ERROR_SERVER_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 68),
-SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE = (SSL_ERROR_BASE + 69),
-
-SSL_ERROR_ENCRYPTION_FAILURE = (SSL_ERROR_BASE + 70),
-SSL_ERROR_DECRYPTION_FAILURE = (SSL_ERROR_BASE + 71),
-SSL_ERROR_SOCKET_WRITE_FAILURE = (SSL_ERROR_BASE + 72),
-
-SSL_ERROR_MD5_DIGEST_FAILURE = (SSL_ERROR_BASE + 73),
-SSL_ERROR_SHA_DIGEST_FAILURE = (SSL_ERROR_BASE + 74),
-SSL_ERROR_MAC_COMPUTATION_FAILURE = (SSL_ERROR_BASE + 75),
-SSL_ERROR_SYM_KEY_CONTEXT_FAILURE = (SSL_ERROR_BASE + 76),
-SSL_ERROR_SYM_KEY_UNWRAP_FAILURE = (SSL_ERROR_BASE + 77),
-SSL_ERROR_PUB_KEY_SIZE_LIMIT_EXCEEDED = (SSL_ERROR_BASE + 78),
-SSL_ERROR_IV_PARAM_FAILURE = (SSL_ERROR_BASE + 79),
-SSL_ERROR_INIT_CIPHER_SUITE_FAILURE = (SSL_ERROR_BASE + 80),
-SSL_ERROR_SESSION_KEY_GEN_FAILURE = (SSL_ERROR_BASE + 81),
-SSL_ERROR_NO_SERVER_KEY_FOR_ALG = (SSL_ERROR_BASE + 82),
-SSL_ERROR_TOKEN_INSERTION_REMOVAL = (SSL_ERROR_BASE + 83),
-SSL_ERROR_TOKEN_SLOT_NOT_FOUND = (SSL_ERROR_BASE + 84),
-SSL_ERROR_NO_COMPRESSION_OVERLAP = (SSL_ERROR_BASE + 85),
-SSL_ERROR_HANDSHAKE_NOT_COMPLETED = (SSL_ERROR_BASE + 86),
-SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE = (SSL_ERROR_BASE + 87),
-SSL_ERROR_CERT_KEA_MISMATCH = (SSL_ERROR_BASE + 88),
-SSL_ERROR_NO_TRUSTED_SSL_CLIENT_CA = (SSL_ERROR_BASE + 89),
-SSL_ERROR_SESSION_NOT_FOUND = (SSL_ERROR_BASE + 90),
-
-SSL_ERROR_DECRYPTION_FAILED_ALERT = (SSL_ERROR_BASE + 91),
-SSL_ERROR_RECORD_OVERFLOW_ALERT = (SSL_ERROR_BASE + 92),
-SSL_ERROR_UNKNOWN_CA_ALERT = (SSL_ERROR_BASE + 93),
-SSL_ERROR_ACCESS_DENIED_ALERT = (SSL_ERROR_BASE + 94),
-SSL_ERROR_DECODE_ERROR_ALERT = (SSL_ERROR_BASE + 95),
-SSL_ERROR_DECRYPT_ERROR_ALERT = (SSL_ERROR_BASE + 96),
-SSL_ERROR_EXPORT_RESTRICTION_ALERT = (SSL_ERROR_BASE + 97),
-SSL_ERROR_PROTOCOL_VERSION_ALERT = (SSL_ERROR_BASE + 98),
-SSL_ERROR_INSUFFICIENT_SECURITY_ALERT = (SSL_ERROR_BASE + 99),
-SSL_ERROR_INTERNAL_ERROR_ALERT = (SSL_ERROR_BASE + 100),
-SSL_ERROR_USER_CANCELED_ALERT = (SSL_ERROR_BASE + 101),
-SSL_ERROR_NO_RENEGOTIATION_ALERT = (SSL_ERROR_BASE + 102),
-
-SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */
-} SSLErrorCodes;
-#endif /* NO_SECURITY_ERROR_ENUM */
-
-#endif /* __SSL_ERR_H_ */
diff --git a/security/nss/lib/ssl/sslgathr.c b/security/nss/lib/ssl/sslgathr.c
deleted file mode 100644
index 1d316db84..000000000
--- a/security/nss/lib/ssl/sslgathr.c
+++ /dev/null
@@ -1,479 +0,0 @@
-/*
- * Gather (Read) entire SSL2 records from socket into buffer.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-
-/* Forward static declarations */
-static SECStatus ssl2_HandleV3HandshakeRecord(sslSocket *ss);
-
-/*
-** Gather a single record of data from the receiving stream. This code
-** first gathers the header (2 or 3 bytes long depending on the value of
-** the most significant bit in the first byte) then gathers up the data
-** for the record into gs->buf. This code handles non-blocking I/O
-** and is to be called multiple times until sec->recordLen != 0.
-** This function decrypts the gathered record in place, in gs_buf.
- *
- * Caller must hold RecvBufLock.
- *
- * Returns +1 when it has gathered a complete SSLV2 record.
- * Returns 0 if it hits EOF.
- * Returns -1 (SECFailure) on any error
- * Returns -2 (SECWouldBlock) when it gathers an SSL v3 client hello header.
-**
-** The SSL2 Gather State machine has 4 states:
-** GS_INIT - Done reading in previous record. Haven't begun to read in
-** next record. When ssl2_GatherData is called with the machine
-** in this state, the machine will attempt to read the first 3
-** bytes of the SSL2 record header, and will advance the state
-** to GS_HEADER.
-**
-** GS_HEADER - The machine is in this state while waiting for the completion
-** of the first 3 bytes of the SSL2 record. When complete, the
-** machine will compute the remaining unread length of this record
-** and will initiate a read of that many bytes. The machine will
-** advance to one of two states, depending on whether the record
-** is encrypted (GS_MAC), or unencrypted (GS_DATA).
-**
-** GS_MAC - The machine is in this state while waiting for the remainder
-** of the SSL2 record to be read in. When the read is completed,
-** the machine checks the record for valid length, decrypts it,
-** and checks and discards the MAC, then advances to GS_INIT.
-**
-** GS_DATA - The machine is in this state while waiting for the remainder
-** of the unencrypted SSL2 record to be read in. Upon completion,
-** the machine advances to the GS_INIT state and returns the data.
-*/
-int
-ssl2_GatherData(sslSocket *ss, sslGather *gs, int flags)
-{
- sslSecurityInfo *sec = ss->sec;
- unsigned char * bp;
- unsigned char * pBuf;
- int nb, err, rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
-
- if (gs->state == GS_INIT) {
- /* Initialize gathering engine */
- gs->state = GS_HEADER;
- gs->remainder = 3;
- gs->count = 3;
- gs->offset = 0;
- gs->recordLen = 0;
- gs->recordPadding = 0;
- gs->hdr[2] = 0;
-
- gs->writeOffset = 0;
- gs->readOffset = 0;
- }
- if (gs->encrypted) {
- PORT_Assert(sec != 0);
- }
-
- pBuf = gs->buf.buf;
- for (;;) {
- SSL_TRC(30, ("%d: SSL[%d]: gather state %d (need %d more)",
- SSL_GETPID(), ss->fd, gs->state, gs->remainder));
- bp = ((gs->state != GS_HEADER) ? pBuf : gs->hdr) + gs->offset;
- nb = ssl_DefRecv(ss, bp, gs->remainder, flags);
- if (nb > 0) {
- PRINT_BUF(60, (ss, "raw gather data:", bp, nb));
- }
- if (nb == 0) {
- /* EOF */
- SSL_TRC(30, ("%d: SSL[%d]: EOF", SSL_GETPID(), ss->fd));
- rv = 0;
- break;
- }
- if (nb < 0) {
- SSL_DBG(("%d: SSL[%d]: recv error %d", SSL_GETPID(), ss->fd,
- PR_GetError()));
- rv = SECFailure;
- break;
- }
-
- gs->offset += nb;
- gs->remainder -= nb;
-
- if (gs->remainder > 0) {
- continue;
- }
-
- /* Probably finished this piece */
- switch (gs->state) {
- case GS_HEADER:
- if ((ss->enableSSL3 || ss->enableTLS) && !ss->firstHsDone) {
-
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- /* If this looks like an SSL3 handshake record,
- ** and we're expecting an SSL2 Hello message from our peer,
- ** handle it here.
- */
- if (gs->hdr[0] == content_handshake) {
- if ((ss->nextHandshake == ssl2_HandleClientHelloMessage) ||
- (ss->nextHandshake == ssl2_HandleServerHelloMessage)) {
- rv = ssl2_HandleV3HandshakeRecord(ss);
- if (rv == SECFailure) {
- return SECFailure;
- }
- }
- /* XXX_1 The call stack to here is:
- * ssl_Do1stHandshake -> ssl_GatherRecord1stHandshake ->
- * ssl2_GatherRecord -> here.
- * We want to return all the way out to ssl_Do1stHandshake,
- * and have it call ssl_GatherRecord1stHandshake again.
- * ssl_GatherRecord1stHandshake will call
- * ssl3_GatherCompleteHandshake when it is called again.
- *
- * Returning SECWouldBlock here causes
- * ssl_GatherRecord1stHandshake to return without clearing
- * ss->handshake, ensuring that ssl_Do1stHandshake will
- * call it again immediately.
- *
- * If we return 1 here, ssl_GatherRecord1stHandshake will
- * clear ss->handshake before returning, and thus will not
- * be called again by ssl_Do1stHandshake.
- */
- return SECWouldBlock;
- } else if (gs->hdr[0] == content_alert) {
- if (ss->nextHandshake == ssl2_HandleServerHelloMessage) {
- /* XXX This is a hack. We're assuming that any failure
- * XXX on the client hello is a failure to match
- * XXX ciphers.
- */
- PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
- return SECFailure;
- }
- }
- } /* ((ss->enableSSL3 || ss->enableTLS) && !ss->firstHsDone) */
-
- /* we've got the first 3 bytes. The header may be two or three. */
- if (gs->hdr[0] & 0x80) {
- /* This record has a 2-byte header, and no padding */
- gs->count = ((gs->hdr[0] & 0x7f) << 8) | gs->hdr[1];
- gs->recordPadding = 0;
- } else {
- /* This record has a 3-byte header that is all read in now. */
- gs->count = ((gs->hdr[0] & 0x3f) << 8) | gs->hdr[1];
- /* is_escape = (gs->hdr[0] & 0x40) != 0; */
- gs->recordPadding = gs->hdr[2];
- }
-
- if (gs->count > gs->buf.space) {
- err = sslBuffer_Grow(&gs->buf, gs->count);
- if (err) {
- return err;
- }
- pBuf = gs->buf.buf;
- }
-
-
- if (gs->hdr[0] & 0x80) {
- /* we've already read in the first byte of the body.
- ** Put it into the buffer.
- */
- pBuf[0] = gs->hdr[2];
- gs->offset = 1;
- gs->remainder = gs->count - 1;
- } else {
- gs->offset = 0;
- gs->remainder = gs->count;
- }
-
- if (gs->encrypted) {
- gs->state = GS_MAC;
- gs->recordLen = gs->count - gs->recordPadding
- - sec->hash->length;
- } else {
- gs->state = GS_DATA;
- gs->recordLen = gs->count;
- }
-
- break;
-
-
- case GS_MAC:
- /* Have read in entire rest of the ciphertext.
- ** Check for valid length.
- ** Decrypt it.
- ** Check the MAC.
- */
- PORT_Assert(gs->encrypted);
-
- {
- unsigned int macLen;
- int nout;
- unsigned char mac[SSL_MAX_MAC_BYTES];
-
- ssl_GetSpecReadLock(ss); /**********************************/
-
- /* If this is a stream cipher, blockSize will be 1,
- * and this test will always be false.
- * If this is a block cipher, this will detect records
- * that are not a multiple of the blocksize in length.
- */
- if (gs->count & (sec->blockSize - 1)) {
- /* This is an error. Sender is misbehaving */
- SSL_DBG(("%d: SSL[%d]: sender, count=%d blockSize=%d",
- SSL_GETPID(), ss->fd, gs->count,
- sec->blockSize));
- PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
- rv = SECFailure;
- goto spec_locked_done;
- }
- PORT_Assert(gs->count == gs->offset);
-
- if (gs->offset == 0) {
- rv = 0; /* means EOF. */
- goto spec_locked_done;
- }
-
- /* Decrypt the portion of data that we just recieved.
- ** Decrypt it in place.
- */
- rv = (*sec->dec)(sec->readcx, pBuf, &nout, gs->offset,
- pBuf, gs->offset);
- if (rv != SECSuccess) {
- goto spec_locked_done;
- }
-
-
- /* Have read in all the MAC portion of record
- **
- ** Prepare MAC by resetting it and feeding it the shared secret
- */
- macLen = sec->hash->length;
- if (gs->offset >= macLen) {
- uint32 sequenceNumber = sec->rcvSequence++;
- unsigned char seq[4];
-
- seq[0] = (unsigned char) (sequenceNumber >> 24);
- seq[1] = (unsigned char) (sequenceNumber >> 16);
- seq[2] = (unsigned char) (sequenceNumber >> 8);
- seq[3] = (unsigned char) (sequenceNumber);
-
- (*sec->hash->begin)(sec->hashcx);
- (*sec->hash->update)(sec->hashcx, sec->rcvSecret.data,
- sec->rcvSecret.len);
- (*sec->hash->update)(sec->hashcx, pBuf + macLen,
- gs->offset - macLen);
- (*sec->hash->update)(sec->hashcx, seq, 4);
- (*sec->hash->end)(sec->hashcx, mac, &macLen, macLen);
- }
-
- PORT_Assert(macLen == sec->hash->length);
-
- ssl_ReleaseSpecReadLock(ss); /******************************/
-
- if (PORT_Memcmp(mac, pBuf, macLen) != 0) {
- /* MAC's didn't match... */
- SSL_DBG(("%d: SSL[%d]: mac check failed, seq=%d",
- SSL_GETPID(), ss->fd, sec->rcvSequence));
- PRINT_BUF(1, (ss, "computed mac:", mac, macLen));
- PRINT_BUF(1, (ss, "received mac:", pBuf, macLen));
- PORT_SetError(SSL_ERROR_BAD_MAC_READ);
- rv = SECFailure;
- goto cleanup;
- }
-
-
- PORT_Assert(gs->recordPadding + macLen <= gs->offset);
- if (gs->recordPadding + macLen <= gs->offset) {
- gs->recordOffset = macLen;
- gs->readOffset = macLen;
- gs->writeOffset = gs->offset - gs->recordPadding;
- rv = 1;
- } else {
- PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING);
-cleanup:
- /* nothing in the buffer any more. */
- gs->recordOffset = 0;
- gs->readOffset = 0;
- gs->writeOffset = 0;
- rv = SECFailure;
- }
-
- gs->recordLen = gs->writeOffset - gs->readOffset;
- gs->recordPadding = 0; /* forget we did any padding. */
- gs->state = GS_INIT;
-
-
- if (rv > 0) {
- PRINT_BUF(50, (ss, "recv clear record:",
- pBuf + gs->recordOffset, gs->recordLen));
- }
- return rv;
-
-spec_locked_done:
- ssl_ReleaseSpecReadLock(ss);
- return rv;
- }
-
- case GS_DATA:
- /* Have read in all the DATA portion of record */
-
- gs->recordOffset = 0;
- gs->readOffset = 0;
- gs->writeOffset = gs->offset;
- PORT_Assert(gs->recordLen == gs->writeOffset - gs->readOffset);
- gs->recordLen = gs->offset;
- gs->recordPadding = 0;
- gs->state = GS_INIT;
-
- ++sec->rcvSequence;
-
- PRINT_BUF(50, (ss, "recv clear record:",
- pBuf + gs->recordOffset, gs->recordLen));
- return 1;
-
- } /* end switch gs->state */
- } /* end gather loop. */
- return rv;
-}
-
-/*
-** Gather a single record of data from the receiving stream. This code
-** first gathers the header (2 or 3 bytes long depending on the value of
-** the most significant bit in the first byte) then gathers up the data
-** for the record into the readBuf. This code handles non-blocking I/O
-** and is to be called multiple times until sec->recordLen != 0.
- *
- * Returns +1 when it has gathered a complete SSLV2 record.
- * Returns 0 if it hits EOF.
- * Returns -1 (SECFailure) on any error
- * Returns -2 (SECWouldBlock)
- *
- * Called by ssl_GatherRecord1stHandshake in sslcon.c,
- * and by DoRecv in sslsecur.c
- * Caller must hold RecvBufLock.
- */
-int
-ssl2_GatherRecord(sslSocket *ss, int flags)
-{
- return ssl2_GatherData(ss, ss->gather, flags);
-}
-
-/*
- * Returns +1 when it has gathered a complete SSLV2 record.
- * Returns 0 if it hits EOF.
- * Returns -1 (SECFailure) on any error
- * Returns -2 (SECWouldBlock)
- *
- * Called from SocksStartGather in sslsocks.c
- * Caller must hold RecvBufLock.
- */
-int
-ssl2_StartGatherBytes(sslSocket *ss, sslGather *gs, unsigned int count)
-{
- int rv;
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- gs->state = GS_DATA;
- gs->remainder = count;
- gs->count = count;
- gs->offset = 0;
- if (count > gs->buf.space) {
- rv = sslBuffer_Grow(&gs->buf, count);
- if (rv) {
- return rv;
- }
- }
- return ssl2_GatherData(ss, gs, 0);
-}
-
-/* Caller should hold RecvBufLock. */
-sslGather *
-ssl_NewGather(void)
-{
- sslGather *gs;
-
- gs = (sslGather*) PORT_ZAlloc(sizeof(sslGather));
- if (gs) {
- gs->state = GS_INIT;
- }
- return gs;
-}
-
-/* Caller must hold RecvBufLock. */
-void
-ssl_DestroyGather(sslGather *gs)
-{
- if (gs) { /* the PORT_*Free functions check for NULL pointers. */
- PORT_ZFree(gs->buf.buf, gs->buf.space);
- PORT_Free(gs->inbuf.buf);
- PORT_Free(gs);
- }
-}
-
-/* Caller must hold RecvBufLock. */
-static SECStatus
-ssl2_HandleV3HandshakeRecord(sslSocket *ss)
-{
- sslGather * gs = ss->gather;
- SECStatus rv;
- SSL3ProtocolVersion version = (gs->hdr[1] << 8) | gs->hdr[2];
-
- PORT_Assert( ssl_HaveRecvBufLock(ss) );
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
-
- /* We've read in 3 bytes, there are 2 more to go in an ssl3 header. */
- gs->remainder = 2;
- gs->count = 0;
-
- /* Clearing these handshake pointers ensures that
- * ssl_Do1stHandshake won't call ssl2_HandleMessage when we return.
- */
- ss->nextHandshake = 0;
- ss->securityHandshake = 0;
-
- /* Setting ss->version to an SSL 3.x value will cause
- ** ssl_GatherRecord1stHandshake to invoke ssl3_GatherCompleteHandshake()
- ** the next time it is called.
- **/
- rv = ssl3_NegotiateVersion(ss, version);
- if (rv != SECSuccess) {
- return rv;
- }
-
- ss->sec->send = ssl3_SendApplicationData;
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h
deleted file mode 100644
index c940a7d9e..000000000
--- a/security/nss/lib/ssl/sslimpl.h
+++ /dev/null
@@ -1,1287 +0,0 @@
-/*
- * This file is PRIVATE to SSL and should be the first thing included by
- * any SSL implementation file.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __sslimpl_h_
-#define __sslimpl_h_
-
-#ifdef DEBUG
-#undef NDEBUG
-#else
-#undef NDEBUG
-#define NDEBUG
-#endif
-#include "secport.h"
-#include "secerr.h"
-#include "sslerr.h"
-#include "ssl3prot.h"
-#include "hasht.h"
-#include "nssilock.h"
-#include "pkcs11t.h"
-#ifdef XP_UNIX
-#include "unistd.h"
-#endif
-#include "nssrwlk.h"
-#include "prthread.h"
-
-#include "sslt.h" /* for some formerly private types, now public */
-
-/* to make some of these old enums public without namespace pollution,
-** it was necessary to prepend ssl_ to the names.
-** These #defines preserve compatibility with the old code here in libssl.
-*/
-typedef SSLKEAType SSL3KEAType;
-typedef SSLMACAlgorithm SSL3MACAlgorithm;
-typedef SSLSignType SSL3SignType;
-
-#define sign_null ssl_sign_null
-#define sign_rsa ssl_sign_rsa
-#define sign_dsa ssl_sign_dsa
-
-#define calg_null ssl_calg_null
-#define calg_rc4 ssl_calg_rc4
-#define calg_rc2 ssl_calg_rc2
-#define calg_des ssl_calg_des
-#define calg_3des ssl_calg_3des
-#define calg_idea ssl_calg_idea
-#define calg_fortezza ssl_calg_fortezza
-#define calg_aes ssl_calg_aes
-
-#define mac_null ssl_mac_null
-#define mac_md5 ssl_mac_md5
-#define mac_sha ssl_mac_sha
-#define hmac_md5 ssl_hmac_md5
-#define hmac_sha ssl_hmac_sha
-
-
-#if defined(DEBUG) || defined(TRACE)
-#ifdef __cplusplus
-#define Debug 1
-#else
-extern int Debug;
-#endif
-#else
-#undef Debug
-#endif
-#if defined(DEBUG)
-#define TRACE
-#endif
-
-#ifdef TRACE
-#define SSL_TRC(a,b) if (ssl_trace >= (a)) ssl_Trace b
-#define PRINT_BUF(a,b) if (ssl_trace >= (a)) ssl_PrintBuf b
-#define DUMP_MSG(a,b) if (ssl_trace >= (a)) ssl_DumpMsg b
-#else
-#define SSL_TRC(a,b)
-#define PRINT_BUF(a,b)
-#define DUMP_MSG(a,b)
-#endif
-
-#ifdef DEBUG
-#define SSL_DBG(b) if (ssl_debug) ssl_Trace b
-#else
-#define SSL_DBG(b)
-#endif
-
-#if defined (DEBUG)
-#ifdef macintosh
-#include "pprthred.h"
-#else
-#include "private/pprthred.h" /* for PR_InMonitor() */
-#endif
-#define ssl_InMonitor(m) PZ_InMonitor(m)
-#endif
-
-#define LSB(x) ((unsigned char) (x & 0xff))
-#define MSB(x) ((unsigned char) (((unsigned)(x)) >> 8))
-
-/************************************************************************/
-
-typedef enum { SSLAppOpRead = 0,
- SSLAppOpWrite,
- SSLAppOpRDWR,
- SSLAppOpPost,
- SSLAppOpHeader
-} SSLAppOperation;
-
-#define SSL_MIN_MASTER_KEY_BYTES 5
-#define SSL_MAX_MASTER_KEY_BYTES 64
-
-#define SSL2_SESSIONID_BYTES 16
-#define SSL3_SESSIONID_BYTES 32
-
-#define SSL_MIN_CHALLENGE_BYTES 16
-#define SSL_MAX_CHALLENGE_BYTES 32
-#define SSL_CHALLENGE_BYTES 16
-
-#define SSL_CONNECTIONID_BYTES 16
-
-#define SSL_MIN_CYPHER_ARG_BYTES 0
-#define SSL_MAX_CYPHER_ARG_BYTES 32
-
-#define SSL_MAX_MAC_BYTES 16
-
-/* number of wrap mechanisms potentially used to wrap master secrets. */
-#define SSL_NUM_WRAP_MECHS 13
-
-/* This makes the cert cache entry exactly 4k. */
-#define SSL_MAX_CACHED_CERT_LEN 4060
-
-#ifndef BPB
-#define BPB 8 /* Bits Per Byte */
-#endif
-
-typedef struct sslBufferStr sslBuffer;
-typedef struct sslConnectInfoStr sslConnectInfo;
-typedef struct sslGatherStr sslGather;
-typedef struct sslSecurityInfoStr sslSecurityInfo;
-typedef struct sslSessionIDStr sslSessionID;
-typedef struct sslSocketStr sslSocket;
-typedef struct sslSocketOpsStr sslSocketOps;
-
-typedef struct ssl3StateStr ssl3State;
-typedef struct ssl3CertNodeStr ssl3CertNode;
-typedef struct ssl3BulkCipherDefStr ssl3BulkCipherDef;
-typedef struct ssl3MACDefStr ssl3MACDef;
-typedef struct ssl3KeyPairStr ssl3KeyPair;
-
-struct ssl3CertNodeStr {
- struct ssl3CertNodeStr *next;
- CERTCertificate * cert;
-};
-
-typedef SECStatus (*sslHandshakeFunc)(sslSocket *ss);
-
-/* This type points to the low layer send func,
-** e.g. ssl2_SendStream or ssl3_SendPlainText.
-** These functions return the same values as PR_Send,
-** i.e. >= 0 means number of bytes sent, < 0 means error.
-*/
-typedef PRInt32 (*sslSendFunc)(sslSocket *ss, const unsigned char *buf,
- PRInt32 n, PRInt32 flags);
-
-typedef void (*sslSessionIDCacheFunc) (sslSessionID *sid);
-typedef void (*sslSessionIDUncacheFunc)(sslSessionID *sid);
-typedef sslSessionID *(*sslSessionIDLookupFunc)(const PRIPv6Addr *addr,
- unsigned char* sid,
- unsigned int sidLen,
- CERTCertDBHandle * dbHandle);
-
-
-/* Socket ops */
-struct sslSocketOpsStr {
- int (*connect) (sslSocket *, const PRNetAddr *);
- PRFileDesc *(*accept) (sslSocket *, PRNetAddr *);
- int (*bind) (sslSocket *, const PRNetAddr *);
- int (*listen) (sslSocket *, int);
- int (*shutdown)(sslSocket *, int);
- int (*close) (sslSocket *);
-
- int (*recv) (sslSocket *, unsigned char *, int, int);
-
- /* points to the higher-layer send func, e.g. ssl_SecureSend. */
- int (*send) (sslSocket *, const unsigned char *, int, int);
- int (*read) (sslSocket *, unsigned char *, int);
- int (*write) (sslSocket *, const unsigned char *, int);
-
- int (*getpeername)(sslSocket *, PRNetAddr *);
- int (*getsockname)(sslSocket *, PRNetAddr *);
-};
-
-/* Flags interpreted by ssl send functions. */
-#define ssl_SEND_FLAG_FORCE_INTO_BUFFER 0x40000000
-#define ssl_SEND_FLAG_NO_BUFFER 0x20000000
-#define ssl_SEND_FLAG_MASK 0x7f000000
-
-/*
-** A buffer object.
-*/
-struct sslBufferStr {
- unsigned char * buf;
- unsigned int len;
- unsigned int space;
-};
-
-/*
-** SSL3 cipher suite policy and preference struct.
-*/
-typedef struct {
-#if !defined(_WIN32)
- unsigned int cipher_suite : 16;
- unsigned int policy : 8;
- unsigned int enabled : 1;
- unsigned int isPresent : 1;
-#else
- ssl3CipherSuite cipher_suite;
- PRUint8 policy;
- unsigned char enabled : 1;
- unsigned char isPresent : 1;
-#endif
-} ssl3CipherSuiteCfg;
-
-#define ssl_V3_SUITES_IMPLEMENTED 25
-
-typedef struct sslOptionsStr {
- unsigned int useSecurity : 1; /* 1 */
- unsigned int useSocks : 1; /* 2 */
- unsigned int requestCertificate : 1; /* 3 */
- unsigned int requireCertificate : 2; /* 4-5 */
- unsigned int handshakeAsClient : 1; /* 6 */
- unsigned int handshakeAsServer : 1; /* 7 */
- unsigned int enableSSL2 : 1; /* 8 */
- unsigned int enableSSL3 : 1; /* 9 */
- unsigned int enableTLS : 1; /* 10 */
- unsigned int noCache : 1; /* 11 */
- unsigned int fdx : 1; /* 12 */
- unsigned int v2CompatibleHello : 1; /* 13 */
- unsigned int detectRollBack : 1; /* 14 */
-} sslOptions;
-
-typedef enum { sslHandshakingUndetermined = 0,
- sslHandshakingAsClient,
- sslHandshakingAsServer
-} sslHandshakingType;
-
-typedef struct sslServerCertsStr {
- /* Configuration state for server sockets */
- CERTCertificate * serverCert;
- CERTCertificateList * serverCertChain;
- SECKEYPrivateKey * serverKey;
- unsigned int serverKeyBits;
-} sslServerCerts;
-
-/*
-** SSL Socket struct
-**
-** Protection: XXX
-*/
-struct sslSocketStr {
- PRFileDesc * fd;
-
- /* Pointer to operations vector for this socket */
- const sslSocketOps * ops;
-
- /* State flags */
- unsigned int useSocks : 1;
- unsigned int useSecurity : 1;
- unsigned int requestCertificate : 1;
- unsigned int requireCertificate : 2;
- unsigned int handshakeAsClient : 1;
- unsigned int handshakeAsServer : 1;
- unsigned int enableSSL2 : 1;
-
- unsigned int enableSSL3 : 1;
- unsigned int enableTLS : 1;
- unsigned int clientAuthRequested: 1;
- unsigned int noCache : 1;
- unsigned int fdx : 1; /* simultaneous R/W threads */
- unsigned int v2CompatibleHello : 1; /* Send v3+ client hello in v2 format */
- unsigned int detectRollBack : 1; /* Detect rollback to SSL v3 */
- unsigned int firstHsDone : 1; /* first handshake is complete. */
-
- unsigned int recvdCloseNotify : 1; /* received SSL EOF. */
- unsigned int lastWriteBlocked : 1;
- unsigned int TCPconnected : 1;
- unsigned int handshakeBegun : 1;
- unsigned int delayDisabled : 1; /* Nagle delay disabled */
-
- /* version of the protocol to use */
- SSL3ProtocolVersion version;
- SSL3ProtocolVersion clientHelloVersion; /* version sent in client hello. */
-
- /* Non-zero if security is enabled */
- sslSecurityInfo *sec;
-
- /* protected by firstHandshakeLock AND (in ssl3) ssl3HandshakeLock. */
- const char *url; /* ssl 2 & 3 */
-
- /* Gather object used for gathering data */
- sslGather * gather; /*recvBufLock*/
-
- sslHandshakeFunc handshake; /*firstHandshakeLock*/
- sslHandshakeFunc nextHandshake; /*firstHandshakeLock*/
- sslHandshakeFunc securityHandshake; /*firstHandshakeLock*/
-
- sslBuffer saveBuf; /*xmitBufLock*/
- sslBuffer pendingBuf; /*xmitBufLock*/
-
- /* the following variable is only used with socks or other proxies. */
- char * peerID; /* String uniquely identifies target server. */
-
- ssl3State * ssl3;
- unsigned char * cipherSpecs;
- unsigned int sizeCipherSpecs;
-const unsigned char * preferredCipher;
-
- /* Configuration state for server sockets */
- /* server cert and key for each KEA type */
- sslServerCerts serverCerts[kt_kea_size];
-
- ssl3KeyPair * stepDownKeyPair; /* RSA step down keys */
-
- /* Callbacks */
- SSLAuthCertificate authCertificate;
- void *authCertificateArg;
- SSLGetClientAuthData getClientAuthData;
- void *getClientAuthDataArg;
- SSLBadCertHandler handleBadCert;
- void *badCertArg;
- SSLHandshakeCallback handshakeCallback;
- void *handshakeCallbackData;
- void *pkcs11PinArg;
-
- PRIntervalTime rTimeout; /* timeout for NSPR I/O */
- PRIntervalTime wTimeout; /* timeout for NSPR I/O */
- PRIntervalTime cTimeout; /* timeout for NSPR I/O */
-
- PZLock * recvLock; /* lock against multiple reader threads. */
- PZLock * sendLock; /* lock against multiple sender threads. */
-
- PZMonitor * recvBufLock; /* locks low level recv buffers. */
- PZMonitor * xmitBufLock; /* locks low level xmit buffers. */
-
- /* Only one thread may operate on the socket until the initial handshake
- ** is complete. This Monitor ensures that. Since SSL2 handshake is
- ** only done once, this is also effectively the SSL2 handshake lock.
- */
- PZMonitor * firstHandshakeLock;
-
- /* This monitor protects the ssl3 handshake state machine data.
- ** Only one thread (reader or writer) may be in the ssl3 handshake state
- ** machine at any time. */
- PZMonitor * ssl3HandshakeLock;
-
- /* reader/writer lock, protects the secret data needed to encrypt and MAC
- ** outgoing records, and to decrypt and MAC check incoming ciphertext
- ** records. */
- NSSRWLock * specLock;
-
- /* handle to perm cert db (and implicitly to the temp cert db) used
- ** with this socket.
- */
- CERTCertDBHandle * dbHandle;
-
- PRThread * writerThread; /* thread holds SSL_LOCK_WRITER lock */
-
- PRUint16 shutdownHow; /* See ssl_SHUTDOWN defines below. */
-
- PRUint16 allowedByPolicy; /* copy of global policy bits. */
- PRUint16 maybeAllowedByPolicy; /* copy of global policy bits. */
- PRUint16 chosenPreference; /* SSL2 cipher preferences. */
-
- sslHandshakingType handshaking;
-
- ssl3CipherSuiteCfg cipherSuites[ssl_V3_SUITES_IMPLEMENTED];
-
-};
-
-#define SSL_LOCK_RANK_SPEC 255
-#define SSL_LOCK_RANK_GLOBAL NSS_RWLOCK_RANK_NONE
-
-/* These are the valid values for shutdownHow.
-** These values are each 1 greater than the NSPR values, and the code
-** depends on that relation to efficiently convert PR_SHUTDOWN values
-** into ssl_SHUTDOWN values. These values use one bit for read, and
-** another bit for write, and can be used as bitmasks.
-*/
-#define ssl_SHUTDOWN_NONE 0 /* NOT shutdown at all */
-#define ssl_SHUTDOWN_RCV 1 /* PR_SHUTDOWN_RCV +1 */
-#define ssl_SHUTDOWN_SEND 2 /* PR_SHUTDOWN_SEND +1 */
-#define ssl_SHUTDOWN_BOTH 3 /* PR_SHUTDOWN_BOTH +1 */
-
-/*
-** A gather object. Used to read some data until a count has been
-** satisfied. Primarily for support of async sockets.
-** Everything in here is protected by the recvBufLock.
-*/
-struct sslGatherStr {
- int state; /* see GS_ values below. */ /* ssl 2 & 3 */
-
- /* "buf" holds received plaintext SSL records, after decrypt and MAC check.
- * SSL2: recv'd ciphertext records are put here, then decrypted in place.
- * SSL3: recv'd ciphertext records are put in inbuf (see below), then
- * decrypted into buf.
- */
- sslBuffer buf; /*recvBufLock*/ /* ssl 2 & 3 */
-
- /* number of bytes previously read into hdr or buf(ssl2) or inbuf (ssl3).
- ** (offset - writeOffset) is the number of ciphertext bytes read in but
- ** not yet deciphered.
- */
- unsigned int offset; /* ssl 2 & 3 */
-
- /* number of bytes to read in next call to ssl_DefRecv (recv) */
- unsigned int remainder; /* ssl 2 & 3 */
-
- /* Number of ciphertext bytes to read in after 2-byte SSL record header. */
- unsigned int count; /* ssl2 only */
-
- /* size of the final plaintext record.
- ** == count - (recordPadding + MAC size)
- */
- unsigned int recordLen; /* ssl2 only */
-
- /* number of bytes of padding to be removed after decrypting. */
- /* This value is taken from the record's hdr[2], which means a too large
- * value could crash us.
- */
- unsigned int recordPadding; /* ssl2 only */
-
- /* plaintext DATA begins this many bytes into "buf". */
- unsigned int recordOffset; /* ssl2 only */
-
- int encrypted; /* SSL2 session is now encrypted. ssl2 only */
-
- /* These next two values are used by SSL2 and SSL3.
- ** DoRecv uses them to extract application data.
- ** The difference between writeOffset and readOffset is the amount of
- ** data available to the application. Note that the actual offset of
- ** the data in "buf" is recordOffset (above), not readOffset.
- ** In the current implementation, this is made available before the
- ** MAC is checked!!
- */
- unsigned int readOffset; /* Spot where DATA reader (e.g. application
- ** or handshake code) will read next.
- ** Always zero for SSl3 application data.
- */
- /* offset in buf/inbuf/hdr into which new data will be read from socket. */
- unsigned int writeOffset;
-
- /* Buffer for ssl3 to read (encrypted) data from the socket */
- sslBuffer inbuf; /*recvBufLock*/ /* ssl3 only */
-
- /* The ssl[23]_GatherData functions read data into this buffer, rather
- ** than into buf or inbuf, while in the GS_HEADER state.
- ** The portion of the SSL record header put here always comes off the wire
- ** as plaintext, never ciphertext.
- ** For SSL2, the plaintext portion is two bytes long. For SSl3 it is 5.
- */
- unsigned char hdr[5]; /* ssl 2 & 3 */
-};
-
-/* sslGather.state */
-#define GS_INIT 0
-#define GS_HEADER 1
-#define GS_MAC 2
-#define GS_DATA 3
-#define GS_PAD 4
-
-typedef SECStatus (*SSLCipher)(void * context,
- unsigned char * out,
- int * outlen,
- int maxout,
- const unsigned char *in,
- int inlen);
-typedef SECStatus (*SSLDestroy)(void *context, PRBool freeit);
-
-
-/*
- * SSL2 buffers used in SSL3.
- * writeBuf in the SecurityInfo maintained by sslsecur.c is used
- * to hold the data just about to be passed to the kernel
- * sendBuf in the ConnectInfo maintained by sslcon.c is used
- * to hold handshake messages as they are accumulated
- */
-
-/*
-** This is "ci", as in "ss->sec->ci".
-**
-** Protection: All the variables in here are protected by
-** firstHandshakeLock AND (in ssl3) ssl3HandshakeLock
-*/
-struct sslConnectInfoStr {
- /* outgoing handshakes appended to this. */
- sslBuffer sendBuf; /*xmitBufLock*/ /* ssl 2 & 3 */
-
- PRIPv6Addr peer; /* ssl 2 & 3 */
- unsigned short port; /* ssl 2 & 3 */
-
- sslSessionID *sid; /* ssl 2 & 3 */
-
- /* see CIS_HAVE defines below for the bit values in *elements. */
- char elements; /* ssl2 only */
- char requiredElements; /* ssl2 only */
- char sentElements; /* ssl2 only */
-
- char sentFinished; /* ssl2 only */
-
- /* Length of server challenge. Used by client when saving challenge */
- int serverChallengeLen; /* ssl2 only */
- /* type of authentication requested by server */
- unsigned char authType; /* ssl2 only */
-
- /* Challenge sent by client to server in client-hello message */
- /* SSL3 gets a copy of this. See ssl3_StartHandshakeHash(). */
- unsigned char clientChallenge[SSL_MAX_CHALLENGE_BYTES]; /* ssl 2 & 3 */
-
- /* Connection-id sent by server to client in server-hello message */
- unsigned char connectionID[SSL_CONNECTIONID_BYTES]; /* ssl2 only */
-
- /* Challenge sent by server to client in request-certificate message */
- unsigned char serverChallenge[SSL_MAX_CHALLENGE_BYTES]; /* ssl2 only */
-
- /* Information kept to handle a request-certificate message */
- unsigned char readKey[SSL_MAX_MASTER_KEY_BYTES]; /* ssl2 only */
- unsigned char writeKey[SSL_MAX_MASTER_KEY_BYTES]; /* ssl2 only */
- unsigned keySize; /* ssl2 only */
-};
-
-/* bit values for ci->elements, ci->requiredElements, sentElements. */
-#define CIS_HAVE_MASTER_KEY 0x01
-#define CIS_HAVE_CERTIFICATE 0x02
-#define CIS_HAVE_FINISHED 0x04
-#define CIS_HAVE_VERIFY 0x08
-
-/* Note: The entire content of this struct and whatever it points to gets
- * blown away by SSL_ResetHandshake(). This is "sec" as in "ss->sec".
- *
- * Unless otherwise specified below, the contents of this struct are
- * protected by firstHandshakeLock AND (in ssl3) ssl3HandshakeLock.
- */
-struct sslSecurityInfoStr {
- sslSendFunc send; /*xmitBufLock*/ /* ssl 2 & 3 */
- int isServer; /* Spec Lock?*/ /* ssl 2 & 3 */
- sslBuffer writeBuf; /*xmitBufLock*/ /* ssl 2 & 3 */
-
- int cipherType; /* ssl 2 & 3 */
- int keyBits; /* ssl 2 & 3 */
- int secretKeyBits; /* ssl 2 & 3 */
- CERTCertificate *localCert; /* ssl 2 & 3 */
- CERTCertificate *peerCert; /* ssl 2 & 3 */
- SECKEYPublicKey *peerKey; /* ssl3 only */
-
- SSLSignType authAlgorithm;
- PRUint32 authKeyBits;
- SSLKEAType keaType;
- PRUint32 keaKeyBits;
-
- /*
- ** Procs used for SID cache (nonce) management.
- ** Different implementations exist for clients/servers
- ** The lookup proc is only used for servers. Baloney!
- */
- sslSessionIDCacheFunc cache; /* ssl 2 & 3 */
- sslSessionIDUncacheFunc uncache; /* ssl 2 & 3 */
-
- /*
- ** everything below here is for ssl2 only.
- ** This stuff is equivalent to SSL3's "spec", and is protected by the
- ** same "Spec Lock" as used for SSL3's specs.
- */
- uint32 sendSequence; /*xmitBufLock*/ /* ssl2 only */
- uint32 rcvSequence; /*recvBufLock*/ /* ssl2 only */
-
- /* Hash information; used for one-way-hash functions (MD2, MD5, etc.) */
- const SECHashObject *hash; /* Spec Lock */ /* ssl2 only */
- void *hashcx; /* Spec Lock */ /* ssl2 only */
-
- SECItem sendSecret; /* Spec Lock */ /* ssl2 only */
- SECItem rcvSecret; /* Spec Lock */ /* ssl2 only */
-
- /* Session cypher contexts; one for each direction */
- void *readcx; /* Spec Lock */ /* ssl2 only */
- void *writecx; /* Spec Lock */ /* ssl2 only */
- SSLCipher enc; /* Spec Lock */ /* ssl2 only */
- SSLCipher dec; /* Spec Lock */ /* ssl2 only */
- void (*destroy)(void *, PRBool); /* Spec Lock */ /* ssl2 only */
-
- /* Blocking information for the session cypher */
- int blockShift; /* Spec Lock */ /* ssl2 only */
- int blockSize; /* Spec Lock */ /* ssl2 only */
-
- /* These are used during a connection handshake */
- sslConnectInfo ci; /* ssl 2 & 3 */
-
-};
-
-/*
-** ssl3State and CipherSpec structs
-*/
-
-/* The SSL bulk cipher definition */
-typedef enum {
- cipher_null,
- cipher_rc4,
- cipher_rc4_40,
- cipher_rc4_56,
- cipher_rc2,
- cipher_rc2_40,
- cipher_des,
- cipher_3des,
- cipher_des40,
- cipher_idea,
- cipher_fortezza,
- cipher_aes_128,
- cipher_aes_256,
- cipher_missing /* reserved for no such supported cipher */
-} SSL3BulkCipher;
-
-typedef enum { type_stream, type_block } CipherType;
-
-#define MAX_IV_LENGTH 64
-
-/*
- * Do not depend upon 64 bit arithmetic in the underlying machine.
- */
-typedef struct {
- uint32 high;
- uint32 low;
-} SSL3SequenceNumber;
-
-typedef struct {
- SSL3Opaque write_iv[MAX_IV_LENGTH];
- PK11SymKey *write_key;
- PK11SymKey *write_mac_key;
- PK11Context *write_mac_context;
-} ssl3KeyMaterial;
-
-typedef struct {
- SSL3Opaque wrapped_client_write_key[12]; /* wrapped with Ks */
- SSL3Opaque wrapped_server_write_key[12]; /* wrapped with Ks */
- SSL3Opaque client_write_iv [24];
- SSL3Opaque server_write_iv [24];
- SSL3Opaque wrapped_master_secret [48];
- PRUint16 wrapped_master_secret_len;
-} ssl3SidKeys;
-
-/*
-** These are the "specs" in the "ssl3" struct.
-** Access to the pointers to these specs, and all the specs' contents
-** (direct and indirect) is protected by the reader/writer lock ss->specLock.
-*/
-typedef struct {
- const ssl3BulkCipherDef *cipher_def;
- const ssl3MACDef * mac_def;
- int mac_size;
- SSLCipher encode;
- void * encodeContext;
- SSLCipher decode;
- void * decodeContext;
- SSLDestroy destroy;
- PK11SymKey * master_secret;
- ssl3KeyMaterial client;
- ssl3KeyMaterial server;
- SSL3SequenceNumber write_seq_num;
- SSL3SequenceNumber read_seq_num;
- SSL3ProtocolVersion version;
-} ssl3CipherSpec;
-
-typedef enum { never_cached,
- in_client_cache,
- in_server_cache,
- invalid_cache /* no longer in any cache. */
-} Cached;
-
-struct sslSessionIDStr {
- sslSessionID * next; /* chain used for client sockets, only */
-
- CERTCertificate * peerCert;
- const char * peerID; /* client only */
- const char * urlSvrName; /* client only */
- CERTCertificate * localCert;
-
- PRIPv6Addr addr;
- PRUint16 port;
-
- SSL3ProtocolVersion version;
-
- PRUint32 creationTime; /* seconds since Jan 1, 1970 */
- PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */
- PRUint32 expirationTime; /* seconds since Jan 1, 1970 */
- Cached cached;
- int references;
-
- SSLSignType authAlgorithm;
- PRUint32 authKeyBits;
- SSLKEAType keaType;
- PRUint32 keaKeyBits;
-
- union {
- struct {
- /* the V2 code depends upon the size of sessionID. */
- unsigned char sessionID[SSL2_SESSIONID_BYTES];
-
- /* Stuff used to recreate key and read/write cipher objects */
- SECItem masterKey;
- int cipherType;
- SECItem cipherArg;
- int keyBits;
- int secretKeyBits;
- } ssl2;
- struct {
- /* values that are copied into the server's on-disk SID cache. */
- uint8 sessionIDLength;
- SSL3Opaque sessionID[SSL3_SESSIONID_BYTES];
-
- ssl3CipherSuite cipherSuite;
- SSL3CompressionMethod compression;
- PRBool resumable;
- int policy;
- PRBool hasFortezza;
- ssl3SidKeys keys;
- CK_MECHANISM_TYPE masterWrapMech;
- /* mechanism used to wrap master secret */
- SSL3KEAType exchKeyType;
- /* key type used in exchange algorithm,
- * and to wrap the sym wrapping key. */
-
- /* The following values are NOT restored from the server's on-disk
- * session cache, but are restored from the client's cache.
- */
- PK11SymKey * clientWriteKey;
- PK11SymKey * serverWriteKey;
- PK11SymKey * tek;
-
- /* The following values pertain to the slot that wrapped the
- ** master secret. (used only in client)
- */
- SECMODModuleID masterModuleID;
- /* what module wrapped the master secret */
- CK_SLOT_ID masterSlotID;
- PRUint16 masterWrapIndex;
- /* what's the key index for the wrapping key */
- PRUint16 masterWrapSeries;
- /* keep track of the slot series, so we don't
- * accidently try to use new keys after the
- * card gets removed and replaced.*/
-
- /* The following values pertain to the slot that did the signature
- ** for client auth. (used only in client)
- */
- SECMODModuleID clAuthModuleID;
- CK_SLOT_ID clAuthSlotID;
- PRUint16 clAuthSeries;
-
- char masterValid;
- char clAuthValid;
-
- /* the following values are used only in the client, and only
- * with fortezza.
- */
- SSL3Opaque clientWriteSave[80];
- int clientWriteSaveLen;
- } ssl3;
- } u;
-};
-
-
-typedef struct ssl3CipherSuiteDefStr {
- ssl3CipherSuite cipher_suite;
- SSL3BulkCipher bulk_cipher_alg;
- SSL3MACAlgorithm mac_alg;
- SSL3KeyExchangeAlgorithm key_exchange_alg;
-} ssl3CipherSuiteDef;
-
-/*
-** There are tables of these, all const.
-*/
-typedef struct {
- SSL3KeyExchangeAlgorithm kea;
- SSL3KEAType exchKeyType;
- SSL3SignType signKeyType;
- PRBool is_limited;
- int key_size_limit;
- PRBool tls_keygen;
-} ssl3KEADef;
-
-typedef enum { kg_null, kg_strong, kg_export } SSL3KeyGenMode;
-
-/*
-** There are tables of these, all const.
-*/
-struct ssl3BulkCipherDefStr {
- SSL3BulkCipher cipher;
- SSLCipherAlgorithm calg;
- int key_size;
- int secret_key_size;
- CipherType type;
- int iv_size;
- int block_size;
- SSL3KeyGenMode keygen_mode;
-};
-
-/*
-** There are tables of these, all const.
-*/
-struct ssl3MACDefStr {
- SSL3MACAlgorithm mac;
- CK_MECHANISM_TYPE mmech;
- int pad_size;
- int mac_size;
-};
-
-typedef enum {
- wait_client_hello,
- wait_client_cert,
- wait_client_key,
- wait_cert_verify,
- wait_change_cipher,
- wait_finished,
- wait_server_hello,
- wait_server_cert,
- wait_server_key,
- wait_cert_request,
- wait_hello_done,
- idle_handshake
-} SSL3WaitState;
-
-/*
-** This is the "hs" member of the "ssl3" struct.
-** This entire struct is protected by ssl3HandshakeLock
-*/
-typedef struct SSL3HandshakeStateStr {
- SSL3Random server_random;
- SSL3Random client_random;
- SSL3WaitState ws;
- PK11Context * md5; /* handshake running hashes */
- PK11Context * sha;
-const ssl3KEADef * kea_def;
- ssl3CipherSuite cipher_suite;
-const ssl3CipherSuiteDef *suite_def;
- SSL3CompressionMethod compression;
- sslBuffer msg_body; /* protected by recvBufLock */
- /* partial handshake message from record layer */
- unsigned int header_bytes;
- /* number of bytes consumed from handshake */
- /* message for message type and header length */
- SSL3HandshakeType msg_type;
- unsigned long msg_len;
- SECItem ca_list; /* used only by client */
- PRBool isResuming; /* are we resuming a session */
- PRBool rehandshake; /* immediately start another handshake
- * when this one finishes */
- PRBool usedStepDownKey; /* we did a server key exchange. */
- sslBuffer msgState; /* current state for handshake messages*/
- /* protected by recvBufLock */
-} SSL3HandshakeState;
-
-struct SSL3FortezzaKEAParamsStr {
- unsigned char R_s[128]; /* server's "random" public key */
- PK11SymKey * tek;
-};
-
-typedef struct SSL3FortezzaKEAParamsStr SSL3FortezzaKEAParams;
-
-/*
-** This is the "ssl3" struct, as in "ss->ssl3".
-** note:
-** usually, crSpec == cwSpec and prSpec == pwSpec.
-** Sometimes, crSpec == pwSpec and prSpec == cwSpec.
-** But there are never more than 2 actual specs.
-** No spec must ever be modified if either "current" pointer points to it.
-*/
-struct ssl3StateStr {
-
- /*
- ** The following Specs and Spec pointers must be protected using the
- ** Spec Lock.
- */
- ssl3CipherSpec * crSpec; /* current read spec. */
- ssl3CipherSpec * prSpec; /* pending read spec. */
- ssl3CipherSpec * cwSpec; /* current write spec. */
- ssl3CipherSpec * pwSpec; /* pending write spec. */
- ssl3CipherSpec specs[2]; /* one is current, one is pending. */
-
- SSL3HandshakeState hs;
-
- CERTCertificate * clientCertificate; /* used by client */
- SECKEYPrivateKey * clientPrivateKey; /* used by client */
- CERTCertificateList *clientCertChain; /* used by client */
- PRBool sendEmptyCert; /* used by client */
-
- int policy;
- /* This says what cipher suites we can do, and should
- * be either SSL_ALLOWED or SSL_RESTRICTED
- */
- PRArenaPool * peerCertArena;
- /* These are used to keep track of the peer CA */
- void * peerCertChain;
- /* chain while we are trying to validate it. */
- CERTDistNames * ca_list;
- /* used by server. trusted CAs for this socket. */
- SSL3FortezzaKEAParams fortezza;
-};
-
-typedef struct {
- SSL3ContentType type;
- SSL3ProtocolVersion version;
- sslBuffer * buf;
-} SSL3Ciphertext;
-
-struct ssl3KeyPairStr {
- SECKEYPrivateKey * privKey; /* RSA step down key */
- SECKEYPublicKey * pubKey; /* RSA step down key */
- PRInt32 refCount; /* use PR_Atomic calls for this. */
-};
-
-typedef struct SSLWrappedSymWrappingKeyStr {
- SSL3Opaque wrappedSymmetricWrappingkey[512];
- SSL3Opaque wrapIV[24];
- CK_MECHANISM_TYPE symWrapMechanism;
- /* unwrapped symmetric wrapping key uses this mechanism */
- CK_MECHANISM_TYPE asymWrapMechanism;
- /* mechanism used to wrap the SymmetricWrappingKey using
- * server's public and/or private keys. */
- SSL3KEAType exchKeyType; /* type of keys used to wrap SymWrapKey*/
- PRInt32 symWrapMechIndex;
- PRUint16 wrappedSymKeyLen;
- PRUint16 wrapIVLen;
-} SSLWrappedSymWrappingKey;
-
-/* All the global data items declared here should be protected using the
-** ssl_global_data_lock, which is a reader/writer lock.
-*/
-extern NSSRWLock * ssl_global_data_lock;
-extern char ssl_debug;
-extern char ssl_trace;
-extern CERTDistNames * ssl3_server_ca_list;
-extern PRUint32 ssl_sid_timeout;
-extern PRUint32 ssl3_sid_timeout;
-extern PRBool ssl3_global_policy_some_restricted;
-
-extern const char * const ssl_cipherName[];
-extern const char * const ssl3_cipherName[];
-
-extern sslSessionIDLookupFunc ssl_sid_lookup;
-extern sslSessionIDCacheFunc ssl_sid_cache;
-extern sslSessionIDUncacheFunc ssl_sid_uncache;
-
-/************************************************************************/
-
-SEC_BEGIN_PROTOS
-
-/* Implementation of ops for default (non socks, non secure) case */
-extern int ssl_DefConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_DefAccept(sslSocket *ss, PRNetAddr *addr);
-extern int ssl_DefBind(sslSocket *ss, const PRNetAddr *addr);
-extern int ssl_DefListen(sslSocket *ss, int backlog);
-extern int ssl_DefShutdown(sslSocket *ss, int how);
-extern int ssl_DefClose(sslSocket *ss);
-extern int ssl_DefRecv(sslSocket *ss, unsigned char *buf, int len, int flags);
-extern int ssl_DefSend(sslSocket *ss, const unsigned char *buf,
- int len, int flags);
-extern int ssl_DefRead(sslSocket *ss, unsigned char *buf, int len);
-extern int ssl_DefWrite(sslSocket *ss, const unsigned char *buf, int len);
-extern int ssl_DefGetpeername(sslSocket *ss, PRNetAddr *name);
-extern int ssl_DefGetsockname(sslSocket *ss, PRNetAddr *name);
-extern int ssl_DefGetsockopt(sslSocket *ss, PRSockOption optname,
- void *optval, PRInt32 *optlen);
-extern int ssl_DefSetsockopt(sslSocket *ss, PRSockOption optname,
- const void *optval, PRInt32 optlen);
-
-/* Implementation of ops for socks only case */
-extern int ssl_SocksConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_SocksAccept(sslSocket *ss, PRNetAddr *addr);
-extern int ssl_SocksBind(sslSocket *ss, const PRNetAddr *addr);
-extern int ssl_SocksListen(sslSocket *ss, int backlog);
-extern int ssl_SocksGetsockname(sslSocket *ss, PRNetAddr *name);
-extern int ssl_SocksRecv(sslSocket *ss, unsigned char *buf, int len, int flags);
-extern int ssl_SocksSend(sslSocket *ss, const unsigned char *buf,
- int len, int flags);
-extern int ssl_SocksRead(sslSocket *ss, unsigned char *buf, int len);
-extern int ssl_SocksWrite(sslSocket *ss, const unsigned char *buf, int len);
-
-/* Implementation of ops for secure only case */
-extern int ssl_SecureConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_SecureAccept(sslSocket *ss, PRNetAddr *addr);
-extern int ssl_SecureRecv(sslSocket *ss, unsigned char *buf,
- int len, int flags);
-extern int ssl_SecureSend(sslSocket *ss, const unsigned char *buf,
- int len, int flags);
-extern int ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len);
-extern int ssl_SecureWrite(sslSocket *ss, const unsigned char *buf, int len);
-extern int ssl_SecureShutdown(sslSocket *ss, int how);
-extern int ssl_SecureClose(sslSocket *ss);
-
-/* Implementation of ops for secure socks case */
-extern int ssl_SecureSocksConnect(sslSocket *ss, const PRNetAddr *addr);
-extern PRFileDesc *ssl_SecureSocksAccept(sslSocket *ss, PRNetAddr *addr);
-extern PRFileDesc *ssl_FindTop(sslSocket *ss);
-
-/* Gather funcs. */
-extern sslGather * ssl_NewGather(void);
-extern void ssl_DestroyGather(sslGather *gs);
-extern int ssl2_GatherData(sslSocket *ss, sslGather *gs, int flags);
-extern int ssl2_GatherRecord(sslSocket *ss, int flags);
-extern SECStatus ssl_GatherRecord1stHandshake(sslSocket *ss);
-
-extern SECStatus ssl2_HandleClientHelloMessage(sslSocket *ss);
-extern SECStatus ssl2_HandleServerHelloMessage(sslSocket *ss);
-extern int ssl2_StartGatherBytes(sslSocket *ss, sslGather *gs,
- unsigned int count);
-
-extern SECStatus ssl_CreateSecurityInfo(sslSocket *ss);
-extern SECStatus ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os);
-extern void ssl_DestroySecurityInfo(sslSecurityInfo *sec);
-
-extern sslSocket * ssl_DupSocket(sslSocket *old);
-
-extern void ssl_PrintBuf(sslSocket *ss, const char *msg, const void *cp, int len);
-extern void ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len);
-
-extern int ssl_SendSavedWriteData(sslSocket *ss, sslBuffer *buf,
- sslSendFunc fp);
-extern SECStatus ssl_SaveWriteData(sslSocket *ss, sslBuffer *buf,
- const void* p, unsigned int l);
-extern SECStatus ssl2_BeginClientHandshake(sslSocket *ss);
-extern SECStatus ssl2_BeginServerHandshake(sslSocket *ss);
-extern int ssl_Do1stHandshake(sslSocket *ss);
-
-extern SECStatus sslBuffer_Grow(sslBuffer *b, unsigned int newLen);
-
-extern void ssl2_UseClearSendFunc(sslSocket *ss);
-extern void ssl_ChooseSessionIDProcs(sslSecurityInfo *sec);
-
-extern sslSessionID *ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port,
- const char *peerID, const char *urlSvrName);
-extern void ssl_FreeSID(sslSessionID *sid);
-
-extern int ssl3_SendApplicationData(sslSocket *ss, const PRUint8 *in,
- int len, int flags);
-
-extern PRBool ssl_FdIsBlocking(PRFileDesc *fd);
-
-extern PRBool ssl_SocketIsBlocking(sslSocket *ss);
-
-extern void ssl_SetAlwaysBlock(sslSocket *ss);
-
-extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled);
-
-#define SSL_LOCK_READER(ss) if (ss->recvLock) PZ_Lock(ss->recvLock)
-#define SSL_UNLOCK_READER(ss) if (ss->recvLock) PZ_Unlock(ss->recvLock)
-#define SSL_LOCK_WRITER(ss) if (ss->sendLock) PZ_Lock(ss->sendLock)
-#define SSL_UNLOCK_WRITER(ss) if (ss->sendLock) PZ_Unlock(ss->sendLock)
-
-#define ssl_Get1stHandshakeLock(ss) PZ_EnterMonitor((ss)->firstHandshakeLock)
-#define ssl_Release1stHandshakeLock(ss) PZ_ExitMonitor((ss)->firstHandshakeLock)
-#define ssl_Have1stHandshakeLock(ss) PZ_InMonitor( (ss)->firstHandshakeLock)
-
-#define ssl_GetSSL3HandshakeLock(ss) PZ_EnterMonitor((ss)->ssl3HandshakeLock)
-#define ssl_ReleaseSSL3HandshakeLock(ss) PZ_ExitMonitor((ss)->ssl3HandshakeLock)
-#define ssl_HaveSSL3HandshakeLock(ss) PZ_InMonitor( (ss)->ssl3HandshakeLock)
-
-#define ssl_GetSpecReadLock(ss) NSSRWLock_LockRead( (ss)->specLock)
-#define ssl_ReleaseSpecReadLock(ss) NSSRWLock_UnlockRead( (ss)->specLock)
-
-#define ssl_GetSpecWriteLock(ss) NSSRWLock_LockWrite( (ss)->specLock)
-#define ssl_ReleaseSpecWriteLock(ss) NSSRWLock_UnlockWrite((ss)->specLock)
-#define ssl_HaveSpecWriteLock(ss) NSSRWLock_HaveWriteLock((ss)->specLock)
-
-#define ssl_GetRecvBufLock(ss) PZ_EnterMonitor((ss)->recvBufLock)
-#define ssl_ReleaseRecvBufLock(ss) PZ_ExitMonitor( (ss)->recvBufLock)
-#define ssl_HaveRecvBufLock(ss) PZ_InMonitor( (ss)->recvBufLock)
-
-#define ssl_GetXmitBufLock(ss) PZ_EnterMonitor((ss)->xmitBufLock)
-#define ssl_ReleaseXmitBufLock(ss) PZ_ExitMonitor( (ss)->xmitBufLock)
-#define ssl_HaveXmitBufLock(ss) PZ_InMonitor( (ss)->xmitBufLock)
-
-
-/* These functions are called from secnav, even though they're "private". */
-
-extern int ssl2_SendErrorMessage(struct sslSocketStr *ss, int error);
-extern int SSL_RestartHandshakeAfterServerCert(struct sslSocketStr *ss);
-extern int SSL_RestartHandshakeAfterCertReq(struct sslSocketStr *ss,
- CERTCertificate *cert,
- SECKEYPrivateKey *key,
- CERTCertificateList *certChain);
-extern sslSocket *ssl_FindSocket(PRFileDesc *fd);
-extern void ssl_FreeSocket(struct sslSocketStr *ssl);
-extern SECStatus SSL3_SendAlert(sslSocket *ss, SSL3AlertLevel level,
- SSL3AlertDescription desc);
-
-extern int ssl2_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key);
-
-extern SECStatus ssl3_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key,
- CERTCertificateList *certChain);
-
-extern int ssl2_RestartHandshakeAfterServerCert(sslSocket *ss);
-extern int ssl3_RestartHandshakeAfterServerCert(sslSocket *ss);
-
-/*
- * for dealing with SSL 3.0 clients sending SSL 2.0 format hellos
- */
-extern SECStatus ssl3_HandleV2ClientHello(
- sslSocket *ss, unsigned char *buffer, int length);
-extern SECStatus ssl3_StartHandshakeHash(
- sslSocket *ss, unsigned char *buf, int length);
-
-/*
- * SSL3 specific routines
- */
-SECStatus ssl3_SendClientHello(sslSocket *ss);
-
-/*
- * input into the SSL3 machinery from the actualy network reading code
- */
-SECStatus ssl3_HandleRecord(
- sslSocket *ss, SSL3Ciphertext *cipher, sslBuffer *out);
-
-int ssl3_GatherAppDataRecord(sslSocket *ss, int flags);
-int ssl3_GatherCompleteHandshake(sslSocket *ss, int flags);
-/*
- * When talking to export clients or using export cipher suites, servers
- * with public RSA keys larger than 512 bits need to use a 512-bit public
- * key, signed by the larger key. The smaller key is a "step down" key.
- * Generate that key pair and keep it around.
- */
-extern SECStatus ssl3_CreateRSAStepDownKeys(sslSocket *ss);
-
-extern SECStatus ssl3_CipherPrefSetDefault(ssl3CipherSuite which, PRBool on);
-extern SECStatus ssl3_CipherPrefGetDefault(ssl3CipherSuite which, PRBool *on);
-extern SECStatus ssl2_CipherPrefSetDefault(PRInt32 which, PRBool enabled);
-extern SECStatus ssl2_CipherPrefGetDefault(PRInt32 which, PRBool *enabled);
-
-extern SECStatus ssl3_CipherPrefSet(sslSocket *ss, ssl3CipherSuite which, PRBool on);
-extern SECStatus ssl3_CipherPrefGet(sslSocket *ss, ssl3CipherSuite which, PRBool *on);
-extern SECStatus ssl2_CipherPrefSet(sslSocket *ss, PRInt32 which, PRBool enabled);
-extern SECStatus ssl2_CipherPrefGet(sslSocket *ss, PRInt32 which, PRBool *enabled);
-
-extern SECStatus ssl3_SetPolicy(ssl3CipherSuite which, PRInt32 policy);
-extern SECStatus ssl3_GetPolicy(ssl3CipherSuite which, PRInt32 *policy);
-extern SECStatus ssl2_SetPolicy(PRInt32 which, PRInt32 policy);
-extern SECStatus ssl2_GetPolicy(PRInt32 which, PRInt32 *policy);
-
-extern void ssl2_InitSocketPolicy(sslSocket *ss);
-extern void ssl3_InitSocketPolicy(sslSocket *ss);
-
-extern SECStatus ssl3_ConstructV2CipherSpecsHack(sslSocket *ss,
- unsigned char *cs, int *size);
-
-extern SECStatus ssl3_RedoHandshake(sslSocket *ss, PRBool flushCache);
-
-extern void ssl3_DestroySSL3Info(ssl3State *ssl3);
-
-extern SECStatus ssl3_NegotiateVersion(sslSocket *ss,
- SSL3ProtocolVersion peerVersion);
-
-extern SECStatus ssl_GetPeerInfo(sslSocket *ss);
-
-/* Construct a new NSPR socket for the app to use */
-extern PRFileDesc *ssl_NewPRSocket(sslSocket *ss, PRFileDesc *fd);
-extern void ssl_FreePRSocket(PRFileDesc *fd);
-
-/* Internal config function so SSL2 can initialize the present state of
- * various ciphers */
-extern int ssl3_config_match_init(sslSocket *);
-
-
-/* Create a new ref counted key pair object from two keys. */
-extern ssl3KeyPair * ssl3_NewKeyPair( SECKEYPrivateKey * privKey,
- SECKEYPublicKey * pubKey);
-
-/* get a new reference (bump ref count) to an ssl3KeyPair. */
-extern ssl3KeyPair * ssl3_GetKeyPairRef(ssl3KeyPair * keyPair);
-
-/* Decrement keypair's ref count and free if zero. */
-extern void ssl3_FreeKeyPair(ssl3KeyPair * keyPair);
-
-/* calls for accessing wrapping keys across processes. */
-extern PRBool
-ssl_GetWrappingKey( PRInt32 symWrapMechIndex,
- SSL3KEAType exchKeyType,
- SSLWrappedSymWrappingKey *wswk);
-
-/* The caller passes in the new value it wants
- * to set. This code tests the wrapped sym key entry in the file on disk.
- * If it is uninitialized, this function writes the caller's value into
- * the disk entry, and returns false.
- * Otherwise, it overwrites the caller's wswk with the value obtained from
- * the disk, and returns PR_TRUE.
- * This is all done while holding the locks/semaphores necessary to make
- * the operation atomic.
- */
-extern PRBool
-ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk);
-
-/********************** misc calls *********************/
-
-extern int ssl_MapLowLevelError(int hiLevelError);
-
-extern PRUint32 ssl_Time(void);
-
-/* emulation of NSPR routines. */
-extern PRInt32
-ssl_EmulateAcceptRead( PRFileDesc * sd,
- PRFileDesc ** nd,
- PRNetAddr ** raddr,
- void * buf,
- PRInt32 amount,
- PRIntervalTime timeout);
-extern PRInt32
-ssl_EmulateTransmitFile( PRFileDesc * sd,
- PRFileDesc * fd,
- const void * headers,
- PRInt32 hlen,
- PRTransmitFileFlags flags,
- PRIntervalTime timeout);
-extern PRInt32
-ssl_EmulateSendFile( PRFileDesc * sd,
- PRSendFileData * sfd,
- PRTransmitFileFlags flags,
- PRIntervalTime timeout);
-
-#ifdef TRACE
-#define SSL_TRACE(msg) ssl_Trace msg
-#else
-#define SSL_TRACE(msg)
-#endif
-
-void ssl_Trace(const char *format, ...);
-
-SEC_END_PROTOS
-
-#ifdef XP_OS2_VACPP
-#include <process.h>
-#endif
-
-#if defined(XP_UNIX) || defined(XP_OS2)
-#define SSL_GETPID() getpid()
-#elif defined(WIN32)
-
-extern int __cdecl _getpid(void);
-/* #define SSL_GETPID() GetCurrentProcessId() */
-#define SSL_GETPID() _getpid()
-#else
-#define SSL_GETPID() 0
-#endif
-
-#endif /* __sslimpl_h_ */
diff --git a/security/nss/lib/ssl/sslinfo.c b/security/nss/lib/ssl/sslinfo.c
deleted file mode 100644
index 5d344ae37..000000000
--- a/security/nss/lib/ssl/sslinfo.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-
-SECStatus
-SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len)
-{
- sslSocket * ss;
- sslSecurityInfo *sec;
- SSLChannelInfo inf;
- sslSessionID * sid;
-
- if (!info || len < sizeof inf.length) {
- return SECSuccess;
- }
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSL_GetChannelInfo",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- memset(&inf, 0, sizeof inf);
- inf.length = PR_MIN(sizeof inf, len);
-
- sec = ss->sec;
- if (ss->useSecurity && ss->firstHsDone && sec) {
- sid = sec->ci.sid;
- inf.protocolVersion = ss->version;
- inf.authKeyBits = ss->sec->authKeyBits;
- inf.keaKeyBits = ss->sec->keaKeyBits;
- if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */
- inf.cipherSuite = ss->sec->cipherType | 0xff00;
- } else if (ss->ssl3) { /* SSL3 and TLS */
-
- /* XXX These should come from crSpec */
- inf.cipherSuite = ss->ssl3->hs.cipher_suite;
-#if 0
- /* misc */
- inf.isFIPS = (inf.symCipher == ssl_calg_des || inf.symCipher == ssl_calg_3des)
- && (inf.macAlgorithm == ssl_mac_sha || inf.macAlgorithm == ssl_hmac_sha)
- && (inf.protocolVersion > SSL_LIBRARY_VERSION_3_0 ||
- inf.cipherSuite >= 0xfef0);
-#endif
- }
- if (sid) {
- inf.creationTime = sid->creationTime;
- inf.lastAccessTime = sid->lastAccessTime;
- inf.expirationTime = sid->expirationTime;
- if (ss->version < SSL_LIBRARY_VERSION_3_0) { /* SSL2 */
- inf.sessionIDLength = SSL2_SESSIONID_BYTES;
- memcpy(inf.sessionID, sid->u.ssl2.sessionID, SSL2_SESSIONID_BYTES);
- } else {
- unsigned int sidLen = sid->u.ssl3.sessionIDLength;
- sidLen = PR_MIN(sidLen, sizeof inf.sessionID);
- inf.sessionIDLength = sidLen;
- memcpy(inf.sessionID, sid->u.ssl3.sessionID, sidLen);
- }
- }
- }
-
- memcpy(info, &inf, inf.length);
-
- return SECSuccess;
-}
-
-#define kt_kea kt_fortezza
-#define calg_sj calg_fortezza
-
-#define CS(x) x, #x
-#define CK(x) x | 0xff00, #x
-
-#define S_DSA "DSA", ssl_auth_dsa
-#define S_RSA "RSA", ssl_auth_rsa
-#define S_KEA "KEA", ssl_auth_kea
-
-#define K_DHE "DHE", kt_dh
-#define K_RSA "RSA", kt_rsa
-#define K_KEA "KEA", kt_kea
-
-#define C_AES "AES", calg_aes
-#define C_RC4 "RC4", calg_rc4
-#define C_RC2 "RC2", calg_rc2
-#define C_DES "DES", calg_des
-#define C_3DES "3DES", calg_3des
-#define C_NULL "NULL", calg_null
-#define C_SJ "SKIPJACK", calg_sj
-
-#define B_256 256, 256, 256
-#define B_128 128, 128, 128
-#define B_3DES 192, 156, 112
-#define B_SJ 96, 80, 80
-#define B_DES 64, 56, 56
-#define B_56 128, 56, 56
-#define B_40 128, 40, 40
-#define B_0 0, 0, 0
-
-#define M_SHA "SHA1", ssl_mac_sha, 160
-#define M_MD5 "MD5", ssl_mac_md5, 128
-
-static const SSLCipherSuiteInfo suiteInfo[] = {
-/* <------ Cipher suite --------------------> <auth> <KEA> <bulk cipher> <MAC> <FIPS> */
-{0,CS(TLS_DHE_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_DHE, C_AES, B_256, M_SHA, 0, },
-{0,CS(TLS_DHE_DSS_WITH_AES_256_CBC_SHA), S_DSA, K_DHE, C_AES, B_256, M_SHA, 0, },
-{0,CS(TLS_RSA_WITH_AES_256_CBC_SHA), S_RSA, K_RSA, C_AES, B_256, M_SHA, 0, },
-
-{0,CS(SSL_FORTEZZA_DMS_WITH_RC4_128_SHA), S_KEA, K_KEA, C_RC4, B_128, M_SHA, 0, },
-{0,CS(TLS_DHE_DSS_WITH_RC4_128_SHA), S_DSA, K_DHE, C_RC4, B_128, M_SHA, 0, },
-{0,CS(TLS_DHE_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_DHE, C_AES, B_128, M_SHA, 0, },
-{0,CS(TLS_DHE_DSS_WITH_AES_128_CBC_SHA), S_DSA, K_DHE, C_AES, B_128, M_SHA, 0, },
-{0,CS(SSL_RSA_WITH_RC4_128_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5, 0, },
-{0,CS(SSL_RSA_WITH_RC4_128_SHA), S_RSA, K_RSA, C_RC4, B_128, M_SHA, 0, },
-{0,CS(TLS_RSA_WITH_AES_128_CBC_SHA), S_RSA, K_RSA, C_AES, B_128, M_SHA, 0, },
-
-{0,CS(SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_DHE, C_3DES,B_3DES,M_SHA, 0, },
-{0,CS(SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA), S_DSA, K_DHE, C_3DES,B_3DES,M_SHA, 0, },
-{0,CS(SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA, 1, },
-{0,CS(SSL_RSA_WITH_3DES_EDE_CBC_SHA), S_RSA, K_RSA, C_3DES,B_3DES,M_SHA, 1, },
-
-{0,CS(SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA),S_KEA, K_KEA, C_SJ, B_SJ, M_SHA, 1, },
-{0,CS(SSL_DHE_RSA_WITH_DES_CBC_SHA), S_RSA, K_DHE, C_DES, B_DES, M_SHA, 0, },
-{0,CS(SSL_DHE_DSS_WITH_DES_CBC_SHA), S_DSA, K_DHE, C_DES, B_DES, M_SHA, 0, },
-{0,CS(SSL_RSA_FIPS_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, 1, },
-{0,CS(SSL_RSA_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, 1, },
-
-{0,CS(TLS_RSA_EXPORT1024_WITH_RC4_56_SHA), S_RSA, K_RSA, C_RC4, B_56, M_SHA, 0, },
-{0,CS(TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA), S_RSA, K_RSA, C_DES, B_DES, M_SHA, 1, },
-{0,CS(SSL_RSA_EXPORT_WITH_RC4_40_MD5), S_RSA, K_RSA, C_RC4, B_40, M_MD5, 0, },
-{0,CS(SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5), S_RSA, K_RSA, C_RC2, B_40, M_MD5, 0, },
-{0,CS(SSL_FORTEZZA_DMS_WITH_NULL_SHA), S_KEA, K_KEA, C_NULL,B_0, M_SHA, 0, },
-{0,CS(SSL_RSA_WITH_NULL_MD5), S_RSA, K_RSA, C_NULL,B_0, M_MD5, 0, },
-
-/* SSL 2 table */
-{0,CK(SSL_CK_RC4_128_WITH_MD5), S_RSA, K_RSA, C_RC4, B_128, M_MD5, 0, },
-{0,CK(SSL_CK_RC2_128_CBC_WITH_MD5), S_RSA, K_RSA, C_RC2, B_128, M_MD5, 0, },
-{0,CK(SSL_CK_DES_192_EDE3_CBC_WITH_MD5), S_RSA, K_RSA, C_3DES,B_3DES,M_MD5, 0, },
-{0,CK(SSL_CK_DES_64_CBC_WITH_MD5), S_RSA, K_RSA, C_DES, B_DES, M_MD5, 0, },
-{0,CK(SSL_CK_RC4_128_EXPORT40_WITH_MD5), S_RSA, K_RSA, C_RC4, B_40, M_MD5, 0, },
-{0,CK(SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5), S_RSA, K_RSA, C_RC2, B_40, M_MD5, 0, }
-};
-
-#define NUM_SUITEINFOS ((sizeof suiteInfo) / (sizeof suiteInfo[0]))
-
-
-SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite,
- SSLCipherSuiteInfo *info, PRUintn len)
-{
- unsigned int i;
-
- len = PR_MIN(len, sizeof suiteInfo[0]);
- if (!info || len < sizeof suiteInfo[0].length) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- for (i = 0; i < NUM_SUITEINFOS; i++) {
- if (suiteInfo[i].cipherSuite == cipherSuite) {
- memcpy(info, &suiteInfo[i], len);
- info->length = len;
- return SECSuccess;
- }
- }
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
-}
diff --git a/security/nss/lib/ssl/sslmutex.c b/security/nss/lib/ssl/sslmutex.c
deleted file mode 100644
index 12f218dc8..000000000
--- a/security/nss/lib/ssl/sslmutex.c
+++ /dev/null
@@ -1,654 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "sslmutex.h"
-#include "prerr.h"
-
-static SECStatus single_process_sslMutex_Init(sslMutex* pMutex)
-{
- PR_ASSERT(pMutex != 0 && pMutex->u.sslLock == 0 );
-
- pMutex->u.sslLock = PR_NewLock();
- if (!pMutex->u.sslLock) {
- return SECFailure;
- }
- return SECSuccess;
-}
-
-static SECStatus single_process_sslMutex_Destroy(sslMutex* pMutex)
-{
- PR_ASSERT(pMutex != 0);
- PR_ASSERT(pMutex->u.sslLock!= 0);
- if (!pMutex->u.sslLock) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- PR_DestroyLock(pMutex->u.sslLock);
- return SECSuccess;
-}
-
-static SECStatus single_process_sslMutex_Unlock(sslMutex* pMutex)
-{
- PR_ASSERT(pMutex != 0 );
- PR_ASSERT(pMutex->u.sslLock !=0);
- if (!pMutex->u.sslLock) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- PR_Unlock(pMutex->u.sslLock);
- return SECSuccess;
-}
-
-static SECStatus single_process_sslMutex_Lock(sslMutex* pMutex)
-{
- PR_ASSERT(pMutex != 0);
- PR_ASSERT(pMutex->u.sslLock != 0 );
- if (!pMutex->u.sslLock) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- PR_Lock(pMutex->u.sslLock);
- return SECSuccess;
-}
-
-#if defined(LINUX) || defined(AIX)
-
-#include <unistd.h>
-#include <fcntl.h>
-#include <string.h>
-#include <errno.h>
-#include "unix_err.h"
-#include "pratom.h"
-
-#define SSL_MUTEX_MAGIC 0xfeedfd
-#define NONBLOCKING_POSTS 1 /* maybe this is faster */
-
-#if NONBLOCKING_POSTS
-
-#ifndef FNONBLOCK
-#define FNONBLOCK O_NONBLOCK
-#endif
-
-static int
-setNonBlocking(int fd, int nonBlocking)
-{
- int flags;
- int err;
-
- flags = fcntl(fd, F_GETFL, 0);
- if (0 > flags)
- return flags;
- if (nonBlocking)
- flags |= FNONBLOCK;
- else
- flags &= ~FNONBLOCK;
- err = fcntl(fd, F_SETFL, flags);
- return err;
-}
-#endif
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
- int err;
- PR_ASSERT(pMutex);
- pMutex->isMultiProcess = (PRBool)(shared != 0);
- if (!shared) {
- return single_process_sslMutex_Init(pMutex);
- }
- pMutex->u.pipeStr.mPipes[0] = -1;
- pMutex->u.pipeStr.mPipes[1] = -1;
- pMutex->u.pipeStr.mPipes[2] = -1;
- pMutex->u.pipeStr.nWaiters = 0;
-
- err = pipe(pMutex->u.pipeStr.mPipes);
- if (err) {
- return err;
- }
- /* close-on-exec is false by default */
- if (!shared) {
- err = fcntl(pMutex->u.pipeStr.mPipes[0], F_SETFD, FD_CLOEXEC);
- if (err)
- goto loser;
-
- err = fcntl(pMutex->u.pipeStr.mPipes[1], F_SETFD, FD_CLOEXEC);
- if (err)
- goto loser;
- }
-
-#if NONBLOCKING_POSTS
- err = setNonBlocking(pMutex->u.pipeStr.mPipes[1], 1);
- if (err)
- goto loser;
-#endif
-
- pMutex->u.pipeStr.mPipes[2] = SSL_MUTEX_MAGIC;
-
-#if defined(LINUX) && defined(i386)
- /* Pipe starts out empty */
- return SECSuccess;
-#else
- /* Pipe starts with one byte. */
- return sslMutex_Unlock(pMutex);
-#endif
-
-loser:
- nss_MD_unix_map_default_error(errno);
- close(pMutex->u.pipeStr.mPipes[0]);
- close(pMutex->u.pipeStr.mPipes[1]);
- return SECFailure;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Destroy(pMutex);
- }
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- close(pMutex->u.pipeStr.mPipes[0]);
- close(pMutex->u.pipeStr.mPipes[1]);
-
- pMutex->u.pipeStr.mPipes[0] = -1;
- pMutex->u.pipeStr.mPipes[1] = -1;
- pMutex->u.pipeStr.mPipes[2] = -1;
- pMutex->u.pipeStr.nWaiters = 0;
-
- return SECSuccess;
-}
-
-#if defined(LINUX) && defined(i386)
-/* No memory barrier needed for this platform */
-
-SECStatus
-sslMutex_Unlock(sslMutex *pMutex)
-{
- PRInt32 oldValue;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
-
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- /* Do Memory Barrier here. */
- oldValue = PR_AtomicDecrement(&pMutex->u.pipeStr.nWaiters);
- if (oldValue > 1) {
- int cc;
- char c = 1;
- do {
- cc = write(pMutex->u.pipeStr.mPipes[1], &c, 1);
- } while (cc < 0 && (errno == EINTR || errno == EAGAIN));
- if (cc != 1) {
- if (cc < 0)
- nss_MD_unix_map_default_error(errno);
- else
- PORT_SetError(PR_UNKNOWN_ERROR);
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Lock(sslMutex *pMutex)
-{
- PRInt32 oldValue;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
-
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- oldValue = PR_AtomicDecrement(&pMutex->u.pipeStr.nWaiters);
- /* Do Memory Barrier here. */
- if (oldValue > 0) {
- int cc;
- char c;
- do {
- cc = read(pMutex->u.pipeStr.mPipes[0], &c, 1);
- } while (cc < 0 && errno == EINTR);
- if (cc != 1) {
- if (cc < 0)
- nss_MD_unix_map_default_error(errno);
- else
- PORT_SetError(PR_UNKNOWN_ERROR);
- return SECFailure;
- }
- }
- return SECSuccess;
-}
-
-#else
-
-/* Using Atomic operations requires the use of a memory barrier instruction
-** on PowerPC, Sparc, and Alpha. NSPR's PR_Atomic functions do not perform
-** them, and NSPR does not provide a function that does them (e.g. PR_Barrier).
-** So, we don't use them on those platforms.
-*/
-
-SECStatus
-sslMutex_Unlock(sslMutex *pMutex)
-{
- int cc;
- char c = 1;
-
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
-
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- do {
- cc = write(pMutex->u.pipeStr.mPipes[1], &c, 1);
- } while (cc < 0 && (errno == EINTR || errno == EAGAIN));
- if (cc != 1) {
- if (cc < 0)
- nss_MD_unix_map_default_error(errno);
- else
- PORT_SetError(PR_UNKNOWN_ERROR);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Lock(sslMutex *pMutex)
-{
- int cc;
- char c;
-
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
-
- if (pMutex->u.pipeStr.mPipes[2] != SSL_MUTEX_MAGIC) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
-
- do {
- cc = read(pMutex->u.pipeStr.mPipes[0], &c, 1);
- } while (cc < 0 && errno == EINTR);
- if (cc != 1) {
- if (cc < 0)
- nss_MD_unix_map_default_error(errno);
- else
- PORT_SetError(PR_UNKNOWN_ERROR);
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-#endif
-
-#elif defined(WIN32)
-
-#include "win32err.h"
-
-/* on Windows, we need to find the optimal type of locking mechanism to use
- for the sslMutex.
-
- There are 3 cases :
- 1) single-process, use a PRLock, as for all other platforms
- 2) Win95 multi-process, use a Win32 mutex
- 3) on WINNT multi-process, use a PRLock + a Win32 mutex
-
-*/
-
-#ifdef WINNT
-
-SECStatus sslMutex_2LevelInit(sslMutex *sem)
-{
- /* the following adds a PRLock to sslMutex . This is done in each
- process of a multi-process server and is only needed on WINNT, if
- using fibers. We can't tell if native threads or fibers are used, so
- we always do it on WINNT
- */
- PR_ASSERT(sem);
- if (sem) {
- /* we need to reset the sslLock in the children or the single_process init
- function below will assert */
- sem->u.sslLock = NULL;
- }
- return single_process_sslMutex_Init(sem);
-}
-
-static SECStatus sslMutex_2LevelDestroy(sslMutex *sem)
-{
- return single_process_sslMutex_Destroy(sem);
-}
-
-#endif
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
- SECStatus retvalue;
- HANDLE hMutex;
- SECURITY_ATTRIBUTES attributes =
- { sizeof(SECURITY_ATTRIBUTES), NULL, TRUE };
-
- PR_ASSERT(pMutex != 0 && (pMutex->u.sslMutx == 0 ||
- pMutex->u.sslMutx == INVALID_HANDLE_VALUE) );
-
- pMutex->isMultiProcess = (PRBool)(shared != 0);
-
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Init(pMutex);
- }
-
-#ifdef WINNT
- /* we need a lock on WINNT for fibers in the parent process */
- retvalue = sslMutex_2LevelInit(pMutex);
- if (SECSuccess != retvalue)
- return SECFailure;
-#endif
-
- if (!pMutex || ((hMutex = pMutex->u.sslMutx) != 0 &&
- hMutex != INVALID_HANDLE_VALUE)) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- attributes.bInheritHandle = (shared ? TRUE : FALSE);
- hMutex = CreateMutex(&attributes, FALSE, NULL);
- if (hMutex == NULL) {
- hMutex = INVALID_HANDLE_VALUE;
- nss_MD_win32_map_default_error(GetLastError());
- return SECFailure;
- }
- pMutex->u.sslMutx = hMutex;
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
- HANDLE hMutex;
- int rv;
- int retvalue = SECSuccess;
-
- PR_ASSERT(pMutex != 0);
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Destroy(pMutex);
- }
-
- /* multi-process mode */
-#ifdef WINNT
- /* on NT, get rid of the PRLock used for fibers within a process */
- retvalue = sslMutex_2LevelDestroy(pMutex);
-#endif
-
- PR_ASSERT( pMutex->u.sslMutx != 0 &&
- pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
- if (!pMutex || (hMutex = pMutex->u.sslMutx) == 0
- || hMutex == INVALID_HANDLE_VALUE) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
-
- rv = CloseHandle(hMutex); /* ignore error */
- if (rv) {
- pMutex->u.sslMutx = hMutex = INVALID_HANDLE_VALUE;
- } else {
- nss_MD_win32_map_default_error(GetLastError());
- retvalue = SECFailure;
- }
- return retvalue;
-}
-
-int
-sslMutex_Unlock(sslMutex *pMutex)
-{
- BOOL success = FALSE;
- HANDLE hMutex;
-
- PR_ASSERT(pMutex != 0 );
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
-
- PR_ASSERT(pMutex->u.sslMutx != 0 &&
- pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
- if (!pMutex || (hMutex = pMutex->u.sslMutx) == 0 ||
- hMutex == INVALID_HANDLE_VALUE) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure;
- }
- success = ReleaseMutex(hMutex);
- if (!success) {
- nss_MD_win32_map_default_error(GetLastError());
- return SECFailure;
- }
-#ifdef WINNT
- return single_process_sslMutex_Unlock(pMutex);
- /* release PRLock for other fibers in the process */
-#else
- return SECSuccess;
-#endif
-}
-
-int
-sslMutex_Lock(sslMutex *pMutex)
-{
- HANDLE hMutex;
- DWORD event;
- DWORD lastError;
- SECStatus rv;
- SECStatus retvalue = SECSuccess;
- PR_ASSERT(pMutex != 0);
-
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
-#ifdef WINNT
- /* lock first to preserve from other threads/fibers
- in the same process */
- retvalue = single_process_sslMutex_Lock(pMutex);
-#endif
- PR_ASSERT(pMutex->u.sslMutx != 0 &&
- pMutex->u.sslMutx != INVALID_HANDLE_VALUE);
- if (!pMutex || (hMutex = pMutex->u.sslMutx) == 0 ||
- hMutex == INVALID_HANDLE_VALUE) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return SECFailure; /* what else ? */
- }
- /* acquire the mutex to be the only owner accross all other processes */
- event = WaitForSingleObject(hMutex, INFINITE);
- switch (event) {
- case WAIT_OBJECT_0:
- case WAIT_ABANDONED:
- rv = SECSuccess;
- break;
-
- case WAIT_TIMEOUT:
- case WAIT_IO_COMPLETION:
- default: /* should never happen. nothing we can do. */
- PR_ASSERT(!("WaitForSingleObject returned invalid value."));
- PORT_SetError(PR_UNKNOWN_ERROR);
- rv = SECFailure;
- break;
-
- case WAIT_FAILED: /* failure returns this */
- rv = SECFailure;
- lastError = GetLastError(); /* for debugging */
- nss_MD_win32_map_default_error(lastError);
- break;
- }
-
- if (! (SECSuccess == retvalue && SECSuccess == rv)) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-#elif defined(XP_UNIX)
-
-#include <errno.h>
-#include "unix_err.h"
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
- int rv;
- PR_ASSERT(pMutex);
- pMutex->isMultiProcess = (PRBool)(shared != 0);
- if (!shared) {
- return single_process_sslMutex_Init(pMutex);
- }
- do {
- rv = sem_init(&pMutex->u.sem, shared, 1);
- } while (rv < 0 && errno == EINTR);
- if (rv < 0) {
- nss_MD_unix_map_default_error(errno);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
- int rv;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Destroy(pMutex);
- }
- do {
- rv = sem_destroy(&pMutex->u.sem);
- } while (rv < 0 && errno == EINTR);
- if (rv < 0) {
- nss_MD_unix_map_default_error(errno);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Unlock(sslMutex *pMutex)
-{
- int rv;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
- do {
- rv = sem_post(&pMutex->u.sem);
- } while (rv < 0 && errno == EINTR);
- if (rv < 0) {
- nss_MD_unix_map_default_error(errno);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-SECStatus
-sslMutex_Lock(sslMutex *pMutex)
-{
- int rv;
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
- do {
- rv = sem_wait(&pMutex->u.sem);
- } while (rv < 0 && errno == EINTR);
- if (rv < 0) {
- nss_MD_unix_map_default_error(errno);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-#else
-
-SECStatus
-sslMutex_Init(sslMutex *pMutex, int shared)
-{
- PR_ASSERT(pMutex);
- pMutex->isMultiProcess = (PRBool)(shared != 0);
- if (!shared) {
- return single_process_sslMutex_Init(pMutex);
- }
- PORT_Assert(!("sslMutex_Init not implemented for multi-process applications !"));
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-SECStatus
-sslMutex_Destroy(sslMutex *pMutex)
-{
- PR_ASSERT(pMutex);
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Destroy(pMutex);
- }
- PORT_Assert(!("sslMutex_Destroy not implemented for multi-process applications !"));
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-SECStatus
-sslMutex_Unlock(sslMutex *pMutex)
-{
- PR_ASSERT(pMutex);
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Unlock(pMutex);
- }
- PORT_Assert(!("sslMutex_Unlock not implemented for multi-process applications !"));
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-SECStatus
-sslMutex_Lock(sslMutex *pMutex)
-{
- PR_ASSERT(pMutex);
- if (PR_FALSE == pMutex->isMultiProcess) {
- return single_process_sslMutex_Lock(pMutex);
- }
- PORT_Assert(!("sslMutex_Lock not implemented for multi-process applications !"));
- PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
- return SECFailure;
-}
-
-#endif
diff --git a/security/nss/lib/ssl/sslmutex.h b/security/nss/lib/ssl/sslmutex.h
deleted file mode 100644
index 0b1c8766a..000000000
--- a/security/nss/lib/ssl/sslmutex.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#ifndef __SSLMUTEX_H_
-#define __SSLMUTEX_H_ 1
-
-/* What SSL really wants is portable process-shared unnamed mutexes in
- * shared memory, that have the property that if the process that holds
- * them dies, they are released automatically, and that (unlike fcntl
- * record locking) lock to the thread, not to the process.
- * NSPR doesn't provide that.
- * Windows has mutexes that meet that description, but they're not portable.
- * POSIX mutexes are not automatically released when the holder dies,
- * and other processes/threads cannot release the mutex on behalf of the
- * dead holder.
- * POSIX semaphores can be used to accomplish this on systems that implement
- * process-shared unnamed POSIX semaphores, because a watchdog thread can
- * discover and release semaphores that were held by a dead process.
- * On systems that do not support process-shared POSIX unnamed semaphores,
- * they can be emulated using pipes.
- * The performance cost of doing that is not yet measured.
- *
- * So, this API looks a lot like POSIX pthread mutexes.
- */
-
-#include "prtypes.h"
-#include "prlock.h"
-
-#if defined(WIN32)
-
-#include <wtypes.h>
-
-typedef struct
-{
- PRBool isMultiProcess;
-#ifdef WINNT
- /* on WINNT we need both the PRLock and the Win32 mutex for fibers */
- struct {
-#else
- union {
-#endif
- PRLock* sslLock;
- HANDLE sslMutx;
- } u;
-} sslMutex;
-
-typedef int sslPID;
-
-#elif defined(LINUX) || defined(AIX)
-
-#include <sys/types.h>
-#include "prtypes.h"
-
-typedef struct {
- PRBool isMultiProcess;
- union {
- PRLock* sslLock;
- struct {
- int mPipes[3];
- PRInt32 nWaiters;
- } pipeStr;
- } u;
-} sslMutex;
-typedef pid_t sslPID;
-
-#elif defined(XP_UNIX) /* other types of Unix */
-
-#include <sys/types.h> /* for pid_t */
-#include <semaphore.h> /* for sem_t, and sem_* functions */
-
-typedef struct
-{
- PRBool isMultiProcess;
- union {
- PRLock* sslLock;
- sem_t sem;
- } u;
-} sslMutex;
-
-typedef pid_t sslPID;
-
-#else
-
-/* what platform is this ?? */
-
-typedef struct {
- PRBool isMultiProcess;
- union {
- PRLock* sslLock;
- /* include cross-process locking mechanism here */
- } u;
-} sslMutex;
-
-typedef int sslPID;
-
-#endif
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-extern SECStatus sslMutex_Init(sslMutex *sem, int shared);
-
-extern SECStatus sslMutex_Destroy(sslMutex *sem);
-
-extern SECStatus sslMutex_Unlock(sslMutex *sem);
-
-extern SECStatus sslMutex_Lock(sslMutex *sem);
-
-#ifdef WINNT
-
-extern SECStatus sslMutex_2LevelInit(sslMutex *sem);
-
-#endif
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/ssl/sslnonce.c b/security/nss/lib/ssl/sslnonce.c
deleted file mode 100644
index 9029fef21..000000000
--- a/security/nss/lib/ssl/sslnonce.c
+++ /dev/null
@@ -1,365 +0,0 @@
-/*
- * This file implements the CLIENT Session ID cache.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "nssrenam.h"
-#include "cert.h"
-#include "secitem.h"
-#include "ssl.h"
-
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "nssilock.h"
-#include "nsslocks.h"
-#if defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS)
-#include <time.h>
-#endif
-
-PRUint32 ssl_sid_timeout = 100;
-PRUint32 ssl3_sid_timeout = 86400L; /* 24 hours */
-
-static sslSessionID *cache;
-static PZLock * cacheLock;
-
-/* sids can be in one of 4 states:
- *
- * never_cached, created, but not yet put into cache.
- * in_client_cache, in the client cache's linked list.
- * in_server_cache, entry came from the server's cache file.
- * invalid_cache has been removed from the cache.
- */
-
-#define LOCK_CACHE lock_cache()
-#define UNLOCK_CACHE PZ_Unlock(cacheLock)
-
-static void
-lock_cache(void)
-{
- /* XXX Since the client session cache has no init function, we must
- * XXX init the cacheLock on the first call. Fix in NSS 3.0.
- */
- if (!cacheLock)
- nss_InitLock(&cacheLock, nssILockCache);
- PZ_Lock(cacheLock);
-}
-
-/* BEWARE: This function gets called for both client and server SIDs !!
- * If the unreferenced sid is not in the cache, Free sid and its contents.
- */
-static void
-ssl_DestroySID(sslSessionID *sid)
-{
- SSL_TRC(8, ("SSL: destroy sid: sid=0x%x cached=%d", sid, sid->cached));
- PORT_Assert((sid->references == 0));
-
- if (sid->cached == in_client_cache)
- return; /* it will get taken care of next time cache is traversed. */
-
- if (sid->version < SSL_LIBRARY_VERSION_3_0) {
- SECITEM_ZfreeItem(&sid->u.ssl2.masterKey, PR_FALSE);
- SECITEM_ZfreeItem(&sid->u.ssl2.cipherArg, PR_FALSE);
- }
- if (sid->peerID != NULL)
- PORT_Free((void *)sid->peerID); /* CONST */
-
- if (sid->urlSvrName != NULL)
- PORT_Free((void *)sid->urlSvrName); /* CONST */
-
- if ( sid->peerCert ) {
- CERT_DestroyCertificate(sid->peerCert);
- }
- if ( sid->localCert ) {
- CERT_DestroyCertificate(sid->localCert);
- }
-
- PORT_ZFree(sid, sizeof(sslSessionID));
-}
-
-/* BEWARE: This function gets called for both client and server SIDs !!
- * Decrement reference count, and
- * free sid if ref count is zero, and sid is not in the cache.
- * Does NOT remove from the cache first.
- * If the sid is still in the cache, it is left there until next time
- * the cache list is traversed.
- */
-static void
-ssl_FreeLockedSID(sslSessionID *sid)
-{
- PORT_Assert(sid->references >= 1);
- if (--sid->references == 0) {
- ssl_DestroySID(sid);
- }
-}
-
-/* BEWARE: This function gets called for both client and server SIDs !!
- * Decrement reference count, and
- * free sid if ref count is zero, and sid is not in the cache.
- * Does NOT remove from the cache first.
- * These locks are necessary because the sid _might_ be in the cache list.
- */
-void
-ssl_FreeSID(sslSessionID *sid)
-{
- LOCK_CACHE;
- ssl_FreeLockedSID(sid);
- UNLOCK_CACHE;
-}
-
-/************************************************************************/
-
-/*
-** Lookup sid entry in cache by Address, port, and peerID string.
-** If found, Increment reference count, and return pointer to caller.
-** If it has timed out or ref count is zero, remove from list and free it.
-*/
-
-sslSessionID *
-ssl_LookupSID(const PRIPv6Addr *addr, PRUint16 port, const char *peerID,
- const char * urlSvrName)
-{
- sslSessionID **sidp;
- sslSessionID * sid;
- PRUint32 now;
-
- if (!urlSvrName)
- return NULL;
- now = ssl_Time();
- LOCK_CACHE;
- sidp = &cache;
- while ((sid = *sidp) != 0) {
- PORT_Assert(sid->cached == in_client_cache);
- PORT_Assert(sid->references >= 1);
-
- SSL_TRC(8, ("SSL: Lookup1: sid=0x%x", sid));
-
- if (sid->expirationTime < now || !sid->references) {
- /*
- ** This session-id timed out, or was orphaned.
- ** Don't even care who it belongs to, blow it out of our cache.
- */
- SSL_TRC(7, ("SSL: lookup1, throwing sid out, age=%d refs=%d",
- now - sid->creationTime, sid->references));
-
- *sidp = sid->next; /* delink it from the list. */
- sid->cached = invalid_cache; /* mark not on list. */
- if (!sid->references)
- ssl_DestroySID(sid);
- else
- ssl_FreeLockedSID(sid); /* drop ref count, free. */
-
- } else if (!memcmp(&sid->addr, addr, sizeof(PRIPv6Addr)) && /* server IP addr matches */
- (sid->port == port) && /* server port matches */
- /* proxy (peerID) matches */
- (((peerID == NULL) && (sid->peerID == NULL)) ||
- ((peerID != NULL) && (sid->peerID != NULL) &&
- PORT_Strcmp(sid->peerID, peerID) == 0)) &&
- /* is cacheable */
- (sid->version < SSL_LIBRARY_VERSION_3_0 ||
- sid->u.ssl3.resumable) &&
- /* server hostname matches. */
- (sid->urlSvrName != NULL) &&
- ((0 == PORT_Strcmp(urlSvrName, sid->urlSvrName)) ||
- ((sid->peerCert != NULL) && (SECSuccess ==
- CERT_VerifyCertName(sid->peerCert, urlSvrName))) )
- ) {
- /* Hit */
- sid->lastAccessTime = now;
- sid->references++;
- break;
- } else {
- sidp = &sid->next;
- }
- }
- UNLOCK_CACHE;
- return sid;
-}
-
-/*
-** Add an sid to the cache or return a previously cached entry to the cache.
-** Although this is static, it is called via ss->sec->cache().
-*/
-static void
-CacheSID(sslSessionID *sid)
-{
- PRUint32 expirationPeriod;
- SSL_TRC(8, ("SSL: Cache: sid=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
- "time=%x cached=%d",
- sid, sid->cached, sid->addr.pr_s6_addr32[0],
- sid->addr.pr_s6_addr32[1], sid->addr.pr_s6_addr32[2],
- sid->addr.pr_s6_addr32[3], sid->port, sid->creationTime,
- sid->cached));
-
- if (sid->cached == in_client_cache)
- return;
-
- /* XXX should be different trace for version 2 vs. version 3 */
- if (sid->version < SSL_LIBRARY_VERSION_3_0) {
- expirationPeriod = ssl_sid_timeout;
- PRINT_BUF(8, (0, "sessionID:",
- sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID)));
- PRINT_BUF(8, (0, "masterKey:",
- sid->u.ssl2.masterKey.data, sid->u.ssl2.masterKey.len));
- PRINT_BUF(8, (0, "cipherArg:",
- sid->u.ssl2.cipherArg.data, sid->u.ssl2.cipherArg.len));
- } else {
- if (sid->u.ssl3.sessionIDLength == 0)
- return;
- expirationPeriod = ssl3_sid_timeout;
- PRINT_BUF(8, (0, "sessionID:",
- sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength));
- }
- PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0);
- if (!sid->creationTime)
- sid->lastAccessTime = sid->creationTime = ssl_Time();
- if (!sid->expirationTime)
- sid->expirationTime = sid->creationTime + expirationPeriod;
-
- /*
- * Put sid into the cache. Bump reference count to indicate that
- * cache is holding a reference. Uncache will reduce the cache
- * reference.
- */
- LOCK_CACHE;
- sid->references++;
- sid->cached = in_client_cache;
- sid->next = cache;
- cache = sid;
- UNLOCK_CACHE;
-}
-
-/*
- * If sid "zap" is in the cache,
- * removes sid from cache, and decrements reference count.
- * Caller must hold cache lock.
- */
-static void
-UncacheSID(sslSessionID *zap)
-{
- sslSessionID **sidp = &cache;
- sslSessionID *sid;
-
- if (zap->cached != in_client_cache) {
- return;
- }
-
- SSL_TRC(8,("SSL: Uncache: zap=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x "
- "time=%x cipher=%d",
- zap, zap->cached, zap->addr.pr_s6_addr32[0],
- zap->addr.pr_s6_addr32[1], zap->addr.pr_s6_addr32[2],
- zap->addr.pr_s6_addr32[3], zap->port, zap->creationTime,
- zap->u.ssl2.cipherType));
- if (zap->version < SSL_LIBRARY_VERSION_3_0) {
- PRINT_BUF(8, (0, "sessionID:",
- zap->u.ssl2.sessionID, sizeof(zap->u.ssl2.sessionID)));
- PRINT_BUF(8, (0, "masterKey:",
- zap->u.ssl2.masterKey.data, zap->u.ssl2.masterKey.len));
- PRINT_BUF(8, (0, "cipherArg:",
- zap->u.ssl2.cipherArg.data, zap->u.ssl2.cipherArg.len));
- }
-
- /* See if it's in the cache, if so nuke it */
- while ((sid = *sidp) != 0) {
- if (sid == zap) {
- /*
- ** Bingo. Reduce reference count by one so that when
- ** everyone is done with the sid we can free it up.
- */
- *sidp = zap->next;
- zap->cached = invalid_cache;
- ssl_FreeLockedSID(zap);
- return;
- }
- sidp = &sid->next;
- }
-}
-
-/* If sid "zap" is in the cache,
- * removes sid from cache, and decrements reference count.
- * Although this function is static, it is called externally via
- * ss->sec->uncache().
- */
-static void
-LockAndUncacheSID(sslSessionID *zap)
-{
- LOCK_CACHE;
- UncacheSID(zap);
- UNLOCK_CACHE;
-
-}
-
-/* choose client or server cache functions for this sslsocket. */
-void
-ssl_ChooseSessionIDProcs(sslSecurityInfo *sec)
-{
- if (sec->isServer) {
- sec->cache = ssl_sid_cache;
- sec->uncache = ssl_sid_uncache;
- } else {
- sec->cache = CacheSID;
- sec->uncache = LockAndUncacheSID;
- }
-}
-
-/* wipe out the entire client session cache. */
-void
-SSL_ClearSessionCache(void)
-{
- LOCK_CACHE;
- while(cache != NULL)
- UncacheSID(cache);
- UNLOCK_CACHE;
-}
-
-/* returns an unsigned int containing the number of seconds in PR_Now() */
-PRUint32
-ssl_Time(void)
-{
- PRUint32 myTime;
-#if defined(XP_UNIX) || defined(XP_WIN) || defined(_WINDOWS)
- myTime = time(NULL); /* accurate until the year 2038. */
-#else
- /* portable, but possibly slower */
- PRTime now;
- PRInt64 ll;
-
- now = PR_Now();
- LL_I2L(ll, 1000000L);
- LL_DIV(now, now, ll);
- LL_L2UI(myTime, now);
-#endif
- return myTime;
-}
-
diff --git a/security/nss/lib/ssl/sslproto.h b/security/nss/lib/ssl/sslproto.h
deleted file mode 100644
index 408f2b2a4..000000000
--- a/security/nss/lib/ssl/sslproto.h
+++ /dev/null
@@ -1,172 +0,0 @@
-/*
- * Various and sundry protocol constants. DON'T CHANGE THESE. These values
- * are mostly defined by the SSL2, SSL3, or TLS protocol specifications.
- * Cipher kinds and ciphersuites are part of the public API.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __sslproto_h_
-#define __sslproto_h_
-
-/* All versions less than 3_0 are treated as SSL version 2 */
-#define SSL_LIBRARY_VERSION_2 0x0002
-#define SSL_LIBRARY_VERSION_3_0 0x0300
-#define SSL_LIBRARY_VERSION_3_1_TLS 0x0301
-
-/* Header lengths of some of the messages */
-#define SSL_HL_ERROR_HBYTES 3
-#define SSL_HL_CLIENT_HELLO_HBYTES 9
-#define SSL_HL_CLIENT_MASTER_KEY_HBYTES 10
-#define SSL_HL_CLIENT_FINISHED_HBYTES 1
-#define SSL_HL_SERVER_HELLO_HBYTES 11
-#define SSL_HL_SERVER_VERIFY_HBYTES 1
-#define SSL_HL_SERVER_FINISHED_HBYTES 1
-#define SSL_HL_REQUEST_CERTIFICATE_HBYTES 2
-#define SSL_HL_CLIENT_CERTIFICATE_HBYTES 6
-
-/* Security handshake protocol codes */
-#define SSL_MT_ERROR 0
-#define SSL_MT_CLIENT_HELLO 1
-#define SSL_MT_CLIENT_MASTER_KEY 2
-#define SSL_MT_CLIENT_FINISHED 3
-#define SSL_MT_SERVER_HELLO 4
-#define SSL_MT_SERVER_VERIFY 5
-#define SSL_MT_SERVER_FINISHED 6
-#define SSL_MT_REQUEST_CERTIFICATE 7
-#define SSL_MT_CLIENT_CERTIFICATE 8
-
-/* Certificate types */
-#define SSL_CT_X509_CERTIFICATE 0x01
-#if 0 /* XXX Not implemented yet */
-#define SSL_PKCS6_CERTIFICATE 0x02
-#endif
-#define SSL_AT_MD5_WITH_RSA_ENCRYPTION 0x01
-
-/* Error codes */
-#define SSL_PE_NO_CYPHERS 0x0001
-#define SSL_PE_NO_CERTIFICATE 0x0002
-#define SSL_PE_BAD_CERTIFICATE 0x0004
-#define SSL_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
-
-/* Cypher kinds (not the spec version!) */
-#define SSL_CK_RC4_128_WITH_MD5 0x01
-#define SSL_CK_RC4_128_EXPORT40_WITH_MD5 0x02
-#define SSL_CK_RC2_128_CBC_WITH_MD5 0x03
-#define SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x04
-#define SSL_CK_IDEA_128_CBC_WITH_MD5 0x05
-#define SSL_CK_DES_64_CBC_WITH_MD5 0x06
-#define SSL_CK_DES_192_EDE3_CBC_WITH_MD5 0x07
-
-/* Cipher enables. These are used only for SSL_EnableCipher
- * These values define the SSL2 suites, and do not colide with the
- * SSL3 Cipher suites defined below.
- */
-#define SSL_EN_RC4_128_WITH_MD5 0xFF01
-#define SSL_EN_RC4_128_EXPORT40_WITH_MD5 0xFF02
-#define SSL_EN_RC2_128_CBC_WITH_MD5 0xFF03
-#define SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5 0xFF04
-#define SSL_EN_IDEA_128_CBC_WITH_MD5 0xFF05
-#define SSL_EN_DES_64_CBC_WITH_MD5 0xFF06
-#define SSL_EN_DES_192_EDE3_CBC_WITH_MD5 0xFF07
-
-/* SSL v3 Cipher Suites */
-#define SSL_NULL_WITH_NULL_NULL 0x0000
-
-#define SSL_RSA_WITH_NULL_MD5 0x0001
-#define SSL_RSA_WITH_NULL_SHA 0x0002
-#define SSL_RSA_EXPORT_WITH_RC4_40_MD5 0x0003
-#define SSL_RSA_WITH_RC4_128_MD5 0x0004
-#define SSL_RSA_WITH_RC4_128_SHA 0x0005
-#define SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 0x0006
-#define SSL_RSA_WITH_IDEA_CBC_SHA 0x0007
-#define SSL_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0008
-#define SSL_RSA_WITH_DES_CBC_SHA 0x0009
-#define SSL_RSA_WITH_3DES_EDE_CBC_SHA 0x000a
-
-#define SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA 0x000b
-#define SSL_DH_DSS_WITH_DES_CBC_SHA 0x000c
-#define SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA 0x000d
-#define SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA 0x000e
-#define SSL_DH_RSA_WITH_DES_CBC_SHA 0x000f
-#define SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA 0x0010
-
-#define SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA 0x0011
-#define SSL_DHE_DSS_WITH_DES_CBC_SHA 0x0012
-#define SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013
-#define SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA 0x0014
-#define SSL_DHE_RSA_WITH_DES_CBC_SHA 0x0015
-#define SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x0016
-
-#define SSL_DH_ANON_EXPORT_WITH_RC4_40_MD5 0x0017
-#define SSL_DH_ANON_WITH_RC4_128_MD5 0x0018
-#define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA 0x0019
-#define SSL_DH_ANON_WITH_DES_CBC_SHA 0x001a
-#define SSL_DH_ANON_WITH_3DES_EDE_CBC_SHA 0x001b
-
-#define SSL_FORTEZZA_DMS_WITH_NULL_SHA 0x001c
-#define SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA 0x001d
-#define SSL_FORTEZZA_DMS_WITH_RC4_128_SHA 0x001e
-
-/* New TLS cipher suites */
-#define TLS_RSA_WITH_AES_128_CBC_SHA 0x002F
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA 0x0030
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA 0x0031
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA 0x0032
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x0033
-#define TLS_DH_ANON_WITH_AES_128_CBC_SHA 0x0034
-
-#define TLS_RSA_WITH_AES_256_CBC_SHA 0x0035
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA 0x0036
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA 0x0037
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA 0x0038
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x0039
-#define TLS_DH_ANON_WITH_AES_256_CBC_SHA 0x003A
-
-#define TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x0062
-#define TLS_RSA_EXPORT1024_WITH_RC4_56_SHA 0x0064
-
-#define TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x0063
-#define TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x0065
-#define TLS_DHE_DSS_WITH_RC4_128_SHA 0x0066
-
-/* Netscape "experimental" cipher suites. */
-#define SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA 0xffe0
-#define SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA 0xffe1
-
-/* New non-experimental openly spec'ed versions of those cipher suites. */
-#define SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA 0xfeff
-#define SSL_RSA_FIPS_WITH_DES_CBC_SHA 0xfefe
-
-#endif /* __sslproto_h_ */
diff --git a/security/nss/lib/ssl/sslreveal.c b/security/nss/lib/ssl/sslreveal.c
deleted file mode 100644
index dcba7c3ef..000000000
--- a/security/nss/lib/ssl/sslreveal.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * Accessor functions for SSLSocket private members.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "cert.h"
-#include "ssl.h"
-#include "certt.h"
-#include "sslimpl.h"
-
-/* given PRFileDesc, returns a copy of certificate associated with the socket
- * the caller should delete the cert when done with SSL_DestroyCertificate
- */
-CERTCertificate *
-SSL_RevealCert(PRFileDesc * fd)
-{
- CERTCertificate * cert = NULL;
- sslSocket * sslsocket = NULL;
-
- sslsocket = ssl_FindSocket(fd);
-
- /* CERT_DupCertificate increases reference count and returns pointer to
- * the same cert
- */
- if (sslsocket && sslsocket->sec)
- cert = CERT_DupCertificate(sslsocket->sec->peerCert);
-
- return cert;
-}
-
-/* given PRFileDesc, returns a pointer to PinArg associated with the socket
- */
-void *
-SSL_RevealPinArg(PRFileDesc * fd)
-{
- sslSocket * sslsocket = NULL;
- void * PinArg = NULL;
-
- sslsocket = ssl_FindSocket(fd);
-
- /* is pkcs11PinArg part of the sslSocket or sslSecurityInfo ? */
- if (sslsocket)
- PinArg = sslsocket->pkcs11PinArg;
-
- return PinArg;
-}
-
-
-/* given PRFileDesc, returns a pointer to the URL associated with the socket
- * the caller should free url when done
- */
-char *
-SSL_RevealURL(PRFileDesc * fd)
-{
- sslSocket * sslsocket = NULL;
- char * url = NULL;
-
- sslsocket = ssl_FindSocket(fd);
-
- if (sslsocket && sslsocket->url)
- url = PL_strdup(sslsocket->url);
-
- return url;
-}
-
diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c
deleted file mode 100644
index a5ace5560..000000000
--- a/security/nss/lib/ssl/sslsecur.c
+++ /dev/null
@@ -1,1362 +0,0 @@
-/*
- * Various SSL functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "cert.h"
-#include "secitem.h"
-#include "keyhi.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "secoid.h" /* for SECOID_GetALgorithmTag */
-#include "pk11func.h" /* for PK11_GenerateRandom */
-
-#if defined(_WINDOWS)
-#include "winsock.h" /* for MSG_PEEK */
-#elif defined(XP_MAC)
-#include "macsocket.h"
-#else
-#include <sys/socket.h> /* for MSG_PEEK */
-#endif
-
-#define MAX_BLOCK_CYPHER_SIZE 32
-
-#define TEST_FOR_FAILURE /* reminder */
-#define SET_ERROR_CODE /* reminder */
-
-/* Returns a SECStatus: SECSuccess or SECFailure, NOT SECWouldBlock.
- *
- * Currently, the list of functions called through ss->handshake is:
- *
- * In sslsocks.c:
- * SocksGatherRecord
- * SocksHandleReply
- * SocksStartGather
- *
- * In sslcon.c:
- * ssl_GatherRecord1stHandshake
- * ssl2_HandleClientSessionKeyMessage
- * ssl2_HandleMessage
- * ssl2_HandleVerifyMessage
- * ssl2_BeginClientHandshake
- * ssl2_BeginServerHandshake
- * ssl2_HandleClientHelloMessage
- * ssl2_HandleServerHelloMessage
- *
- * The ss->handshake function returns SECWouldBlock under these conditions:
- * 1. ssl_GatherRecord1stHandshake called ssl2_GatherData which read in
- * the beginning of an SSL v3 hello message and returned SECWouldBlock
- * to switch to SSL v3 handshake processing.
- *
- * 2. ssl2_HandleClientHelloMessage discovered version 3.0 in the incoming
- * v2 client hello msg, and called ssl3_HandleV2ClientHello which
- * returned SECWouldBlock.
- *
- * 3. SECWouldBlock was returned by one of the callback functions, via
- * one of these paths:
- * - ssl2_HandleMessage() -> ssl2_HandleRequestCertificate() -> ss->getClientAuthData()
- *
- * - ssl2_HandleServerHelloMessage() -> ss->handleBadCert()
- *
- * - ssl_GatherRecord1stHandshake() -> ssl3_GatherCompleteHandshake() ->
- * ssl3_HandleRecord() -> ssl3_HandleHandshake() ->
- * ssl3_HandleHandshakeMessage() -> ssl3_HandleCertificate() ->
- * ss->handleBadCert()
- *
- * - ssl_GatherRecord1stHandshake() -> ssl3_GatherCompleteHandshake() ->
- * ssl3_HandleRecord() -> ssl3_HandleHandshake() ->
- * ssl3_HandleHandshakeMessage() -> ssl3_HandleCertificateRequest() ->
- * ss->getClientAuthData()
- *
- * Called from: SSL_ForceHandshake (below),
- * ssl_SecureRecv (below) and
- * ssl_SecureSend (below)
- * from: WaitForResponse in sslsocks.c
- * ssl_SocksRecv in sslsocks.c
- * ssl_SocksSend in sslsocks.c
- *
- * Caller must hold the (write) handshakeLock.
- */
-int
-ssl_Do1stHandshake(sslSocket *ss)
-{
- int rv = SECSuccess;
- int loopCount = 0;
-
- PORT_Assert(ss->gather != 0);
-
- do {
- PORT_Assert( ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( !ssl_HaveRecvBufLock(ss) );
- PORT_Assert( !ssl_HaveXmitBufLock(ss) );
-
- if (ss->handshake == 0) {
- /* Previous handshake finished. Switch to next one */
- ss->handshake = ss->nextHandshake;
- ss->nextHandshake = 0;
- }
- if (ss->handshake == 0) {
- /* Previous handshake finished. Switch to security handshake */
- ss->handshake = ss->securityHandshake;
- ss->securityHandshake = 0;
- }
- if (ss->handshake == 0) {
- ssl_GetRecvBufLock(ss);
- ss->gather->recordLen = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- SSL_TRC(3, ("%d: SSL[%d]: handshake is completed",
- SSL_GETPID(), ss->fd));
- /* call handshake callback for ssl v2 */
- /* for v3 this is done in ssl3_HandleFinished() */
- if ((ss->sec != NULL) && /* used SSL */
- (ss->handshakeCallback != NULL) && /* has callback */
- (!ss->firstHsDone) && /* only first time */
- (ss->version < SSL_LIBRARY_VERSION_3_0)) { /* not ssl3 */
- ss->firstHsDone = PR_TRUE;
- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
- }
- ss->firstHsDone = PR_TRUE;
- ss->gather->writeOffset = 0;
- ss->gather->readOffset = 0;
- break;
- }
- rv = (*ss->handshake)(ss);
- ++loopCount;
- /* This code must continue to loop on SECWouldBlock,
- * or any positive value. See XXX_1 comments.
- */
- } while (rv != SECFailure); /* was (rv >= 0); XXX_1 */
-
- PORT_Assert( !ssl_HaveRecvBufLock(ss) );
- PORT_Assert( !ssl_HaveXmitBufLock(ss) );
-
- if (rv == SECWouldBlock) {
- PORT_SetError(PR_WOULD_BLOCK_ERROR);
- rv = SECFailure;
- }
- return rv;
-}
-
-/*
- * Handshake function that blocks. Used to force a
- * retry on a connection on the next read/write.
- */
-static SECStatus
-AlwaysBlock(sslSocket *ss)
-{
- PORT_SetError(PR_WOULD_BLOCK_ERROR); /* perhaps redundant. */
- return SECWouldBlock;
-}
-
-/*
- * set the initial handshake state machine to block
- */
-void
-ssl_SetAlwaysBlock(sslSocket *ss)
-{
- if (!ss->firstHsDone) {
- ss->handshake = AlwaysBlock;
- ss->nextHandshake = 0;
- }
-}
-
-/* Acquires and releases HandshakeLock.
-*/
-SECStatus
-SSL_ResetHandshake(PRFileDesc *s, PRBool asServer)
-{
- sslSocket *ss;
- SECStatus rv;
- PRNetAddr addr;
-
- ss = ssl_FindSocket(s);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in ResetHandshake", SSL_GETPID(), s));
- return SECFailure;
- }
-
- /* Don't waste my time */
- if (!ss->useSecurity)
- return SECSuccess;
-
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- /* Reset handshake state */
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- ss->firstHsDone = PR_FALSE;
- if ( asServer ) {
- ss->handshake = ssl2_BeginServerHandshake;
- ss->handshaking = sslHandshakingAsServer;
- } else {
- ss->handshake = ssl2_BeginClientHandshake;
- ss->handshaking = sslHandshakingAsClient;
- }
- ss->nextHandshake = 0;
- ss->securityHandshake = 0;
-
- ssl_GetRecvBufLock(ss);
- ss->gather->state = GS_INIT;
- ss->gather->writeOffset = 0;
- ss->gather->readOffset = 0;
- ssl_ReleaseRecvBufLock(ss);
-
- /*
- ** Blow away old security state and get a fresh setup. This way if
- ** ssl was used to connect to the first point in communication, ssl
- ** can be used for the next layer.
- */
- if (ss->sec) {
- ssl_DestroySecurityInfo(ss->sec);
- ss->sec = 0;
- }
- rv = ssl_CreateSecurityInfo(ss);
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- if (!ss->TCPconnected)
- ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
-
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss);
-
- return rv;
-}
-
-/* For SSLv2, does nothing but return an error.
-** For SSLv3, flushes SID cache entry (if requested),
-** and then starts new client hello or hello request.
-** Acquires and releases HandshakeLock.
-*/
-SECStatus
-SSL_ReHandshake(PRFileDesc *fd, PRBool flushCache)
-{
- sslSocket *ss;
- SECStatus rv;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in RedoHandshake", SSL_GETPID(), fd));
- return SECFailure;
- }
-
- if (!ss->useSecurity)
- return SECSuccess;
-
- ssl_Get1stHandshakeLock(ss);
-
- /* SSL v2 protocol does not support subsequent handshakes. */
- if (ss->version < SSL_LIBRARY_VERSION_3_0) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- } else {
- ssl_GetSSL3HandshakeLock(ss);
- rv = ssl3_RedoHandshake(ss, flushCache); /* force full handshake. */
- ssl_ReleaseSSL3HandshakeLock(ss);
- }
-
- ssl_Release1stHandshakeLock(ss);
-
- return rv;
-}
-
-SECStatus
-SSL_RedoHandshake(PRFileDesc *fd)
-{
- return SSL_ReHandshake(fd, PR_TRUE);
-}
-
-/* Register an application callback to be called when SSL handshake completes.
-** Acquires and releases HandshakeLock.
-*/
-SECStatus
-SSL_HandshakeCallback(PRFileDesc *fd, SSLHandshakeCallback cb,
- void *client_data)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in HandshakeCallback",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- if (!ss->useSecurity) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- PORT_Assert(ss->sec);
- ss->handshakeCallback = cb;
- ss->handshakeCallbackData = client_data;
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- return SECSuccess;
-}
-
-/* Try to make progress on an SSL handshake by attempting to read the
-** next handshake from the peer, and sending any responses.
-** For non-blocking sockets, returns PR_ERROR_WOULD_BLOCK if it cannot
-** read the next handshake from the underlying socket.
-** For SSLv2, returns when handshake is complete or fatal error occurs.
-** For SSLv3, returns when handshake is complete, or application data has
-** arrived that must be taken by application before handshake can continue,
-** or a fatal error occurs.
-** Application should use handshake completion callback to tell which.
-*/
-SECStatus
-SSL_ForceHandshake(PRFileDesc *fd)
-{
- sslSocket *ss;
- SECStatus rv = SECFailure;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in ForceHandshake",
- SSL_GETPID(), fd));
- return rv;
- }
-
- /* Don't waste my time */
- if (!ss->useSecurity)
- return SECSuccess;
-
- ssl_Get1stHandshakeLock(ss);
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- int gatherResult;
-
- ssl_GetRecvBufLock(ss);
- gatherResult = ssl3_GatherCompleteHandshake(ss, 0);
- ssl_ReleaseRecvBufLock(ss);
- if (gatherResult > 0) {
- rv = SECSuccess;
- } else if (gatherResult == 0) {
- PORT_SetError(PR_END_OF_FILE_ERROR);
- } else if (gatherResult == SECWouldBlock) {
- PORT_SetError(PR_WOULD_BLOCK_ERROR);
- }
- } else if (!ss->firstHsDone) {
- rv = ssl_Do1stHandshake(ss);
- } else {
- /* tried to force handshake on an SSL 2 socket that has
- ** already completed the handshake. */
- rv = SECSuccess; /* just pretend we did it. */
- }
-
- ssl_Release1stHandshakeLock(ss);
-
- return rv;
-}
-
-/************************************************************************/
-
-/*
-** Grow a buffer to hold newLen bytes of data.
-** Called for both recv buffers and xmit buffers.
-** Caller must hold xmitBufLock or recvBufLock, as appropriate.
-*/
-SECStatus
-sslBuffer_Grow(sslBuffer *b, unsigned int newLen)
-{
- if (newLen > b->space) {
- if (b->buf) {
- b->buf = (unsigned char *) PORT_Realloc(b->buf, newLen);
- } else {
- b->buf = (unsigned char *) PORT_Alloc(newLen);
- }
- if (!b->buf) {
- return SECFailure;
- }
- SSL_TRC(10, ("%d: SSL: grow buffer from %d to %d",
- SSL_GETPID(), b->space, newLen));
- b->space = newLen;
- }
- return SECSuccess;
-}
-
-/*
-** Save away write data that is trying to be written before the security
-** handshake has been completed. When the handshake is completed, we will
-** flush this data out.
-** Caller must hold xmitBufLock
-*/
-SECStatus
-ssl_SaveWriteData(sslSocket *ss, sslBuffer *buf, const void *data,
- unsigned int len)
-{
- unsigned int newlen;
- SECStatus rv;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
- newlen = buf->len + len;
- if (newlen > buf->space) {
- rv = sslBuffer_Grow(buf, newlen);
- if (rv) {
- return rv;
- }
- }
- SSL_TRC(5, ("%d: SSL[%d]: saving %d bytes of data (%d total saved so far)",
- SSL_GETPID(), ss->fd, len, newlen));
- PORT_Memcpy(buf->buf + buf->len, data, len);
- buf->len = newlen;
- return SECSuccess;
-}
-
-/*
-** Send saved write data. This will flush out data sent prior to a
-** complete security handshake. Hopefully there won't be too much of it.
-** Returns count of the bytes sent, NOT a SECStatus.
-** Caller must hold xmitBufLock
-*/
-int
-ssl_SendSavedWriteData(sslSocket *ss, sslBuffer *buf, sslSendFunc send)
-{
- int rv = 0;
- int len = buf->len;
-
- PORT_Assert( ssl_HaveXmitBufLock(ss) );
- if (len != 0) {
- SSL_TRC(5, ("%d: SSL[%d]: sending %d bytes of saved data",
- SSL_GETPID(), ss->fd, len));
- rv = (*send)(ss, buf->buf, len, 0);
- if (rv < 0) {
- return rv;
- }
- if (rv < len) {
- /* UGH !! This shifts the whole buffer down by copying it, and
- ** it depends on PORT_Memmove doing overlapping moves correctly!
- ** It should advance the pointer offset instead !!
- */
- PORT_Memmove(buf->buf, buf->buf + rv, len - rv);
- buf->len = len - rv;
- } else {
- buf->len = 0;
- }
- }
- return rv;
-}
-
-/************************************************************************/
-
-/*
-** Receive some application data on a socket. Reads SSL records from the input
-** stream, decrypts them and then copies them to the output buffer.
-** Called from ssl_SecureRecv() below.
-**
-** Caller does NOT hold 1stHandshakeLock because that handshake is over.
-** Caller doesn't call this until initial handshake is complete.
-** For SSLv2, there is no subsequent handshake.
-** For SSLv3, the call to ssl3_GatherAppDataRecord may encounter handshake
-** messages from a subsequent handshake.
-**
-** This code is similar to, and easily confused with,
-** ssl_GatherRecord1stHandshake() in sslcon.c
-*/
-static int
-DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
-{
- sslGather * gs;
- int rv;
- int amount;
- int available;
-
- ssl_GetRecvBufLock(ss);
- PORT_Assert((ss->sec != 0) && (ss->gather != 0));
- gs = ss->gather;
-
- available = gs->writeOffset - gs->readOffset;
- if (available == 0) {
- /* Get some more data */
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- /* Wait for application data to arrive. */
- rv = ssl3_GatherAppDataRecord(ss, 0);
- } else {
- /* See if we have a complete record */
- rv = ssl2_GatherRecord(ss, 0);
- }
- if (rv <= 0) {
- if (rv == 0) {
- /* EOF */
- SSL_TRC(10, ("%d: SSL[%d]: ssl_recv EOF",
- SSL_GETPID(), ss->fd));
- goto done;
- }
- if ((rv != SECWouldBlock) &&
- (PR_GetError() != PR_WOULD_BLOCK_ERROR)) {
- /* Some random error */
- goto done;
- }
-
- /*
- ** Gather record is blocked waiting for more record data to
- ** arrive. Try to process what we have already received
- */
- } else {
- /* Gather record has finished getting a complete record */
- }
-
- /* See if any clear data is now available */
- available = gs->writeOffset - gs->readOffset;
- if (available == 0) {
- /*
- ** No partial data is available. Force error code to
- ** EWOULDBLOCK so that caller will try again later. Note
- ** that the error code is probably EWOULDBLOCK already,
- ** but if it isn't (for example, if we received a zero
- ** length record) then this will force it to be correct.
- */
- PORT_SetError(PR_WOULD_BLOCK_ERROR);
- rv = SECFailure;
- goto done;
- }
- SSL_TRC(30, ("%d: SSL[%d]: partial data ready, available=%d",
- SSL_GETPID(), ss->fd, available));
- }
-
- /* Dole out clear data to reader */
- amount = PR_MIN(len, available);
- PORT_Memcpy(out, gs->buf.buf + gs->readOffset, amount);
- if (!(flags & MSG_PEEK)) {
- gs->readOffset += amount;
- }
- rv = amount;
-
- SSL_TRC(30, ("%d: SSL[%d]: amount=%d available=%d",
- SSL_GETPID(), ss->fd, amount, available));
- PRINT_BUF(4, (ss, "DoRecv receiving plaintext:", out, amount));
-
-done:
- ssl_ReleaseRecvBufLock(ss);
- return rv;
-}
-
-/************************************************************************/
-
-SSLKEAType
-ssl_FindCertKEAType(CERTCertificate * cert)
-{
- SSLKEAType keaType = kt_null;
- int tag;
-
- if (!cert) goto loser;
-
- tag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
-
- switch (tag) {
- case SEC_OID_X500_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- keaType = kt_rsa;
- break;
- case SEC_OID_MISSI_KEA_DSS_OLD:
- case SEC_OID_MISSI_KEA_DSS:
- case SEC_OID_MISSI_DSS_OLD:
- case SEC_OID_MISSI_DSS:
- keaType = kt_fortezza;
- break;
- case SEC_OID_X942_DIFFIE_HELMAN_KEY:
- keaType = kt_dh;
- break;
- default:
- keaType = kt_null;
- }
-
- loser:
-
- return keaType;
-
-}
-
-
-/* XXX need to protect the data that gets changed here.!! */
-
-SECStatus
-SSL_ConfigSecureServer(PRFileDesc *fd, CERTCertificate *cert,
- SECKEYPrivateKey *key, SSL3KEAType kea)
-{
- SECStatus rv;
- sslSocket *ss;
- sslSecurityInfo *sec;
- sslServerCerts *sc;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- return SECFailure;
- }
-
- if ((rv = ssl_CreateSecurityInfo(ss)) != SECSuccess) {
- return rv;
- }
-
- sec = ss->sec;
- if (sec == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /* Both key and cert must have a value or be NULL */
- /* Passing a value of NULL will turn off key exchange algorithms that were
- * previously turned on */
- if (!cert != !key) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /* make sure the key exchange is recognized */
- if ((kea >= kt_kea_size) || (kea < kt_null)) {
- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
- return SECFailure;
- }
-
- if (kea != ssl_FindCertKEAType(cert)) {
- PORT_SetError(SSL_ERROR_CERT_KEA_MISMATCH);
- return SECFailure;
- }
-
- sc = ss->serverCerts + kea;
- /* load the server certificate */
- if (sc->serverCert != NULL) {
- CERT_DestroyCertificate(sc->serverCert);
- sc->serverCert = NULL;
- }
- if (cert) {
- SECKEYPublicKey * pubKey;
- sc->serverCert = CERT_DupCertificate(cert);
- if (!sc->serverCert)
- goto loser;
- /* get the size of the cert's public key, and remember it */
- pubKey = CERT_ExtractPublicKey(cert);
- if (!pubKey)
- goto loser;
- sc->serverKeyBits = SECKEY_PublicKeyStrength(pubKey) * BPB;
- SECKEY_DestroyPublicKey(pubKey);
- pubKey = NULL;
- }
-
-
- /* load the server cert chain */
- if (sc->serverCertChain != NULL) {
- CERT_DestroyCertificateList(sc->serverCertChain);
- sc->serverCertChain = NULL;
- }
- if (cert) {
- sc->serverCertChain = CERT_CertChainFromCert(
- sc->serverCert, certUsageSSLServer, PR_TRUE);
- if (sc->serverCertChain == NULL)
- goto loser;
- }
-
- /* load the private key */
- if (sc->serverKey != NULL) {
- SECKEY_DestroyPrivateKey(sc->serverKey);
- sc->serverKey = NULL;
- }
- if (key) {
- sc->serverKey = SECKEY_CopyPrivateKey(key);
- if (sc->serverKey == NULL)
- goto loser;
- }
-
- if (kea == kt_rsa) {
- rv = ssl3_CreateRSAStepDownKeys(ss);
- if (rv != SECSuccess) {
- return SECFailure; /* err set by ssl3_CreateRSAStepDownKeys */
- }
- }
-
- /* Only do this once because it's global. */
- if (ssl3_server_ca_list == NULL)
- ssl3_server_ca_list = CERT_GetSSLCACerts(ss->dbHandle);
-
- return SECSuccess;
-
-loser:
- if (sc->serverCert != NULL) {
- CERT_DestroyCertificate(sc->serverCert);
- sc->serverCert = NULL;
- }
- if (sc->serverCertChain != NULL) {
- CERT_DestroyCertificateList(sc->serverCertChain);
- sc->serverCertChain = NULL;
- }
- if (sc->serverKey != NULL) {
- SECKEY_DestroyPrivateKey(sc->serverKey);
- sc->serverKey = NULL;
- }
- return SECFailure;
-}
-
-/************************************************************************/
-
-SECStatus
-ssl_CreateSecurityInfo(sslSocket *ss)
-{
- sslSecurityInfo * sec = (sslSecurityInfo *)0;
- sslGather * gs = (sslGather * )0;
- int rv;
-
- unsigned char padbuf[MAX_BLOCK_CYPHER_SIZE];
-
- if (ss->sec) {
- return SECSuccess;
- }
-
- /* Force the global RNG to generate some random data that we never use */
- PK11_GenerateRandom(padbuf, sizeof padbuf);
-
- ss->sec = sec = (sslSecurityInfo*) PORT_ZAlloc(sizeof(sslSecurityInfo));
- if (!sec) {
- goto loser;
- }
-
- /* initialize sslv2 socket to send data in the clear. */
- ssl2_UseClearSendFunc(ss);
-
- sec->blockSize = 1;
- sec->blockShift = 0;
-
- ssl_GetRecvBufLock(ss);
- if ((gs = ss->gather) == 0) {
- ss->gather = gs = ssl_NewGather();
- if (!gs) {
- goto loser;
- }
- }
-
- rv = sslBuffer_Grow(&gs->buf, 4096);
- if (rv) {
- goto loser;
- }
- ssl_ReleaseRecvBufLock(ss);
-
- ssl_GetXmitBufLock(ss);
- rv = sslBuffer_Grow(&sec->writeBuf, 4096);
- if (rv) {
- goto loser;
- }
- ssl_ReleaseXmitBufLock(ss);
-
- SSL_TRC(5, ("%d: SSL[%d]: security info created", SSL_GETPID(), ss->fd));
- return SECSuccess;
-
- loser:
- if (sec) {
- PORT_Free(sec);
- ss->sec = sec = (sslSecurityInfo *)0;
- }
- if (gs) {
- ssl_DestroyGather(gs);
- ss->gather = gs = (sslGather *)0;
- }
- return SECFailure;
-}
-
-/* XXX We should handle errors better in this function. */
-/* This function assumes that none of the pointers in ss need to be
-** freed.
-*/
-SECStatus
-ssl_CopySecurityInfo(sslSocket *ss, sslSocket *os)
-{
- sslSecurityInfo *sec, *osec;
- int rv;
-
- rv = ssl_CreateSecurityInfo(ss);
- if (rv < 0) {
- goto loser;
- }
- sec = ss->sec;
- osec = os->sec;
-
- sec->send = osec->send;
- sec->isServer = osec->isServer;
- sec->keyBits = osec->keyBits;
- sec->secretKeyBits = osec->secretKeyBits;
-
- sec->peerCert = CERT_DupCertificate(osec->peerCert);
-
- sec->cache = osec->cache;
- sec->uncache = osec->uncache;
-
- /* we don't dup the connection info. */
-
- sec->sendSequence = osec->sendSequence;
- sec->rcvSequence = osec->rcvSequence;
-
- if (osec->hash && osec->hashcx) {
- sec->hash = osec->hash;
- sec->hashcx = osec->hash->clone(osec->hashcx);
- } else {
- sec->hash = NULL;
- sec->hashcx = NULL;
- }
-
- SECITEM_CopyItem(0, &sec->sendSecret, &osec->sendSecret);
- SECITEM_CopyItem(0, &sec->rcvSecret, &osec->rcvSecret);
-
- PORT_Assert(osec->readcx == 0);
- sec->readcx = osec->readcx; /* XXX wrong if readcx != 0 */
- PORT_Assert(osec->writecx == 0);
- sec->writecx = osec->writecx; /* XXX wrong if writecx != 0 */
- sec->destroy = 0; /* XXX wrong if either cx != 0*/
-
- sec->enc = osec->enc;
- sec->dec = osec->dec;
-
- sec->blockShift = osec->blockShift;
- sec->blockSize = osec->blockSize;
-
- return SECSuccess;
-
-loser:
- return SECFailure;
-}
-
-/*
-** Called from SSL_ResetHandshake (above), and
-** from ssl_FreeSocket in sslsock.c
-*/
-void
-ssl_DestroySecurityInfo(sslSecurityInfo *sec)
-{
- if (sec != 0) {
- /* Destroy MAC */
- if (sec->hash && sec->hashcx) {
- (*sec->hash->destroy)(sec->hashcx, PR_TRUE);
- sec->hashcx = 0;
- }
- SECITEM_ZfreeItem(&sec->sendSecret, PR_FALSE);
- SECITEM_ZfreeItem(&sec->rcvSecret, PR_FALSE);
-
- /* Destroy ciphers */
- if (sec->destroy) {
- (*sec->destroy)(sec->readcx, PR_TRUE);
- (*sec->destroy)(sec->writecx, PR_TRUE);
- } else {
- PORT_Assert(sec->readcx == 0);
- PORT_Assert(sec->writecx == 0);
- }
- sec->readcx = 0;
- sec->writecx = 0;
-
- /* etc. */
- PORT_ZFree(sec->writeBuf.buf, sec->writeBuf.space);
- sec->writeBuf.buf = 0;
-
- if (sec->localCert) {
- CERT_DestroyCertificate(sec->localCert);
- sec->localCert = NULL;
- }
- if (sec->peerCert) {
- CERT_DestroyCertificate(sec->peerCert);
- sec->peerCert = NULL;
- }
- if (sec->peerKey) {
- SECKEY_DestroyPublicKey(sec->peerKey);
- sec->peerKey = NULL;
- }
-
- PORT_ZFree(sec->ci.sendBuf.buf, sec->ci.sendBuf.space);
- if (sec->ci.sid != NULL) {
- ssl_FreeSID(sec->ci.sid);
- }
-
- PORT_ZFree(sec, sizeof *sec);
- }
-}
-
-/************************************************************************/
-
-int
-ssl_SecureConnect(sslSocket *ss, const PRNetAddr *sa)
-{
- PRFileDesc *osfd = ss->fd->lower;
- int rv;
-
- PORT_Assert(ss->sec != 0);
-
- if ( ss->handshakeAsServer ) {
- ss->securityHandshake = ssl2_BeginServerHandshake;
- ss->handshaking = sslHandshakingAsServer;
- } else {
- ss->securityHandshake = ssl2_BeginClientHandshake;
- ss->handshaking = sslHandshakingAsClient;
- }
-
- /* connect to server */
- rv = osfd->methods->connect(osfd, sa, ss->cTimeout);
- if (rv == PR_SUCCESS) {
- ss->TCPconnected = 1;
- } else {
- int err = PR_GetError();
- SSL_DBG(("%d: SSL[%d]: connect failed, errno=%d",
- SSL_GETPID(), ss->fd, err));
- if (err == PR_IS_CONNECTED_ERROR) {
- ss->TCPconnected = 1;
- }
- }
-
- SSL_TRC(5, ("%d: SSL[%d]: secure connect completed, rv == %d",
- SSL_GETPID(), ss->fd, rv));
- return rv;
-}
-
-int
-ssl_SecureClose(sslSocket *ss)
-{
- int rv;
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0 &&
- ss->firstHsDone &&
- !(ss->shutdownHow & ssl_SHUTDOWN_SEND) &&
- !ss->recvdCloseNotify &&
- (ss->ssl3 != NULL)) {
-
- /* We don't want the final alert to be Nagle delayed. */
- if (!ss->delayDisabled) {
- ssl_EnableNagleDelay(ss, PR_FALSE);
- ss->delayDisabled = 1;
- }
-
- (void) SSL3_SendAlert(ss, alert_warning, close_notify);
- }
- rv = ssl_DefClose(ss);
- return rv;
-}
-
-/* Caller handles all locking */
-int
-ssl_SecureShutdown(sslSocket *ss, int nsprHow)
-{
- PRFileDesc *osfd = ss->fd->lower;
- int rv;
- PRIntn sslHow = nsprHow + 1;
-
- if ((unsigned)nsprHow > PR_SHUTDOWN_BOTH) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return PR_FAILURE;
- }
-
- if ((sslHow & ssl_SHUTDOWN_SEND) != 0 &&
- !(ss->shutdownHow & ssl_SHUTDOWN_SEND) &&
- (ss->version >= SSL_LIBRARY_VERSION_3_0) &&
- ss->firstHsDone &&
- !ss->recvdCloseNotify &&
- (ss->ssl3 != NULL)) {
-
- (void) SSL3_SendAlert(ss, alert_warning, close_notify);
- }
-
- rv = osfd->methods->shutdown(osfd, nsprHow);
-
- ss->shutdownHow |= sslHow;
-
- return rv;
-}
-
-/************************************************************************/
-
-
-int
-ssl_SecureRecv(sslSocket *ss, unsigned char *buf, int len, int flags)
-{
- sslSecurityInfo *sec;
- int rv = 0;
-
- PORT_Assert(ss->sec != 0);
- sec = ss->sec;
-
- if (ss->shutdownHow & ssl_SHUTDOWN_RCV) {
- PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
- return PR_FAILURE;
- }
- if (flags & ~MSG_PEEK) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return PR_FAILURE;
- }
-
- if (!ssl_SocketIsBlocking(ss) && !ss->fdx) {
- ssl_GetXmitBufLock(ss);
- if (ss->pendingBuf.len != 0) {
- rv = ssl_SendSavedWriteData(ss, &ss->pendingBuf, ssl_DefSend);
- if ((rv < 0) && (PORT_GetError() != PR_WOULD_BLOCK_ERROR)) {
- ssl_ReleaseXmitBufLock(ss);
- return SECFailure;
- }
- /* XXX short write? */
- }
- ssl_ReleaseXmitBufLock(ss);
- }
-
- rv = 0;
- /* If any of these is non-zero, the initial handshake is not done. */
- if (!ss->firstHsDone) {
- ssl_Get1stHandshakeLock(ss);
- if (ss->handshake || ss->nextHandshake || ss->securityHandshake) {
- rv = ssl_Do1stHandshake(ss);
- }
- ssl_Release1stHandshakeLock(ss);
- }
- if (rv < 0) {
- return rv;
- }
-
- if (len == 0) return 0;
-
- rv = DoRecv(ss, (unsigned char*) buf, len, flags);
- SSL_TRC(2, ("%d: SSL[%d]: recving %d bytes securely (errno=%d)",
- SSL_GETPID(), ss->fd, rv, PORT_GetError()));
- return rv;
-}
-
-int
-ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len)
-{
- return ssl_SecureRecv(ss, buf, len, 0);
-}
-
-/* Caller holds the SSL Socket's write lock. SSL_LOCK_WRITER(ss) */
-int
-ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
-{
- sslSecurityInfo *sec;
- int rv = 0;
-
- PORT_Assert(ss->sec != 0);
- sec = ss->sec;
-
- if (ss->shutdownHow & ssl_SHUTDOWN_SEND) {
- PORT_SetError(PR_SOCKET_SHUTDOWN_ERROR);
- return PR_FAILURE;
- }
- if (flags) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return PR_FAILURE;
- }
-
- ssl_GetXmitBufLock(ss);
- if (ss->pendingBuf.len != 0) {
- PORT_Assert(ss->pendingBuf.len > 0);
- rv = ssl_SendSavedWriteData(ss, &ss->pendingBuf, ssl_DefSend);
- if (ss->pendingBuf.len != 0) {
- PORT_Assert(ss->pendingBuf.len > 0);
- PORT_SetError(PR_WOULD_BLOCK_ERROR);
- rv = SECFailure;
- }
- }
- ssl_ReleaseXmitBufLock(ss);
- if (rv < 0) {
- return rv;
- }
-
- if (len > 0)
- ss->writerThread = PR_GetCurrentThread();
- /* If any of these is non-zero, the initial handshake is not done. */
- if (!ss->firstHsDone) {
- ssl_Get1stHandshakeLock(ss);
- if (ss->handshake || ss->nextHandshake || ss->securityHandshake) {
- rv = ssl_Do1stHandshake(ss);
- }
- ssl_Release1stHandshakeLock(ss);
- }
- if (rv < 0) {
- ss->writerThread = NULL;
- return rv;
- }
-
- /* Check for zero length writes after we do housekeeping so we make forward
- * progress.
- */
- if (len == 0) {
- return 0;
- }
- PORT_Assert(buf != NULL);
-
- SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
- SSL_GETPID(), ss->fd, len));
-
- /* Send out the data using one of these functions:
- * ssl2_SendClear, ssl2_SendStream, ssl2_SendBlock,
- * ssl3_SendApplicationData
- */
- ssl_GetXmitBufLock(ss);
- rv = (*sec->send)(ss, buf, len, flags);
- ssl_ReleaseXmitBufLock(ss);
- ss->writerThread = NULL;
- return rv;
-}
-
-int
-ssl_SecureWrite(sslSocket *ss, const unsigned char *buf, int len)
-{
- return ssl_SecureSend(ss, buf, len, 0);
-}
-
-SECStatus
-SSL_BadCertHook(PRFileDesc *fd, SSLBadCertHandler f, void *arg)
-{
- sslSocket *ss;
- SECStatus rv;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSLBadCertHook",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- if ((rv = ssl_CreateSecurityInfo(ss)) != 0) {
- return rv;
- }
- ss->handleBadCert = f;
- ss->badCertArg = arg;
-
- return SECSuccess;
-}
-
-/*
- * Allow the application to pass the url or hostname into the SSL library
- * so that we can do some checking on it.
- */
-SECStatus
-SSL_SetURL(PRFileDesc *fd, const char *url)
-{
- sslSocket * ss = ssl_FindSocket(fd);
- SECStatus rv = SECSuccess;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSLSetURL",
- SSL_GETPID(), fd));
- return SECFailure;
- }
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- if ( ss->url ) {
- PORT_Free((void *)ss->url); /* CONST */
- }
-
- ss->url = (const char *)PORT_Strdup(url);
- if ( ss->url == NULL ) {
- rv = SECFailure;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- return rv;
-}
-
-/*
-** Returns Negative number on error, zero or greater on success.
-** Returns the amount of data immediately available to be read.
-*/
-int
-SSL_DataPending(PRFileDesc *fd)
-{
- sslSocket *ss;
- int rv = 0;
-
- ss = ssl_FindSocket(fd);
-
- if (ss && ss->useSecurity) {
-
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- /* Create ss->sec if it doesn't already exist. */
- rv = ssl_CreateSecurityInfo(ss);
- if (rv == SECSuccess) {
- ssl_GetRecvBufLock(ss);
- rv = ss->gather->writeOffset - ss->gather->readOffset;
- ssl_ReleaseRecvBufLock(ss);
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
- }
-
- return rv;
-}
-
-SECStatus
-SSL_InvalidateSession(PRFileDesc *fd)
-{
- sslSocket * ss = ssl_FindSocket(fd);
- SECStatus rv = SECFailure;
-
- if (ss) {
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- if (ss->sec && ss->sec->ci.sid) {
- ss->sec->uncache(ss->sec->ci.sid);
- rv = SECSuccess;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
- }
- return rv;
-}
-
-SECItem *
-SSL_GetSessionID(PRFileDesc *fd)
-{
- sslSocket * ss;
- SECItem * item = NULL;
- sslSessionID * sid;
-
- ss = ssl_FindSocket(fd);
- if (ss) {
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- if (ss->useSecurity && ss->firstHsDone && ss->sec && ss->sec->ci.sid) {
- sid = ss->sec->ci.sid;
- item = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if (sid->version < SSL_LIBRARY_VERSION_3_0) {
- item->len = SSL2_SESSIONID_BYTES;
- item->data = (unsigned char*)PORT_Alloc(item->len);
- PORT_Memcpy(item->data, sid->u.ssl2.sessionID, item->len);
- } else {
- item->len = sid->u.ssl3.sessionIDLength;
- item->data = (unsigned char*)PORT_Alloc(item->len);
- PORT_Memcpy(item->data, sid->u.ssl3.sessionID, item->len);
- }
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
- }
- return item;
-}
-
-SECStatus
-SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle)
-{
- sslSocket * ss;
-
- ss = ssl_FindSocket(fd);
- if (!ss)
- return SECFailure;
- if (!dbHandle) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ss->dbHandle = dbHandle;
- return SECSuccess;
-}
-
-/*
- * attempt to restart the handshake after asynchronously handling
- * a request for the client's certificate.
- *
- * inputs:
- * cert Client cert chosen by application.
- * Note: ssl takes this reference, and does not bump the
- * reference count. The caller should drop its reference
- * without calling CERT_DestroyCert after calling this function.
- *
- * key Private key associated with cert. This function makes a
- * copy of the private key, so the caller remains responsible
- * for destroying its copy after this function returns.
- *
- * certChain Chain of signers for cert.
- * Note: ssl takes this reference, and does not copy the chain.
- * The caller should drop its reference without destroying the
- * chain. SSL will free the chain when it is done with it.
- *
- * Return value: XXX
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- * It does not work on a subsequent handshake (redo).
- */
-int
-SSL_RestartHandshakeAfterCertReq(sslSocket * ss,
- CERTCertificate * cert,
- SECKEYPrivateKey * key,
- CERTCertificateList *certChain)
-{
- int ret;
-
- ssl_Get1stHandshakeLock(ss); /************************************/
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- ret = ssl3_RestartHandshakeAfterCertReq(ss, cert, key, certChain);
- } else {
- ret = ssl2_RestartHandshakeAfterCertReq(ss, cert, key);
- }
-
- ssl_Release1stHandshakeLock(ss); /************************************/
- return ret;
-}
-
-
-/* restart an SSL connection that we stopped to run certificate dialogs
-** XXX Need to document here how an application marks a cert to show that
-** the application has accepted it (overridden CERT_VerifyCert).
- *
- * XXX This code only works on the initial handshake on a connection, XXX
- * It does not work on a subsequent handshake (redo).
- *
- * Return value: XXX
-*/
-int
-SSL_RestartHandshakeAfterServerCert(sslSocket *ss)
-{
- int rv = SECSuccess;
-
- ssl_Get1stHandshakeLock(ss);
-
- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
- rv = ssl3_RestartHandshakeAfterServerCert(ss);
- } else {
- rv = ssl2_RestartHandshakeAfterServerCert(ss);
- }
-
- ssl_Release1stHandshakeLock(ss);
- return rv;
-}
diff --git a/security/nss/lib/ssl/sslsnce.c b/security/nss/lib/ssl/sslsnce.c
deleted file mode 100644
index 772f13a81..000000000
--- a/security/nss/lib/ssl/sslsnce.c
+++ /dev/null
@@ -1,1610 +0,0 @@
-/* This file implements the SERVER Session ID cache.
- * NOTE: The contents of this file are NOT used by the client.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* Note: ssl_FreeSID() in sslnonce.c gets used for both client and server
- * cache sids!
- *
- * About record locking among different server processes:
- *
- * All processes that are part of the same conceptual server (serving on
- * the same address and port) MUST share a common SSL session cache.
- * This code makes the content of the shared cache accessible to all
- * processes on the same "server". This code works on Unix and Win32 only.
- *
- * We use NSPR anonymous shared memory and move data to & from shared memory.
- * We must do explicit locking of the records for all reads and writes.
- * The set of Cache entries are divided up into "sets" of 128 entries.
- * Each set is protected by a lock. There may be one or more sets protected
- * by each lock. That is, locks to sets are 1:N.
- * There is one lock for the entire cert cache.
- * There is one lock for the set of wrapped sym wrap keys.
- *
- * The anonymous shared memory is laid out as if it were declared like this:
- *
- * struct {
- * cacheDescriptor desc;
- * sidCacheLock sidCacheLocks[ numSIDCacheLocks];
- * sidCacheLock keyCacheLock;
- * sidCacheLock certCacheLock;
- * sidCacheSet sidCacheSets[ numSIDCacheSets ];
- * sidCacheEntry sidCacheData[ numSIDCacheEntries];
- * certCacheEntry certCacheData[numCertCacheEntries];
- * SSLWrappedSymWrappingKey keyCacheData[kt_kea_size][SSL_NUM_WRAP_MECHS];
- * } sharedMemCacheData;
- */
-#include "nssrenam.h"
-#include "seccomon.h"
-
-#if defined(XP_UNIX) || defined(XP_WIN32) || defined (XP_OS2)
-
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "pk11func.h"
-#include "base64.h"
-
-#include <stdio.h>
-
-#ifdef XP_UNIX
-
-#include <syslog.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <errno.h>
-#include <signal.h>
-#include "unix_err.h"
-
-#else
-
-#ifdef XP_WIN32
-#include <wtypes.h>
-#include "win32err.h"
-#endif
-
-#endif
-#include <sys/types.h>
-
-#define SET_ERROR_CODE /* reminder */
-
-#include "nspr.h"
-#include "nsslocks.h"
-#include "sslmutex.h"
-
-#ifdef XP_OS2_VACPP
-#pragma pack(1)
-#endif
-
-/*
-** Format of a cache entry in the shared memory.
-*/
-struct sidCacheEntryStr {
-/* 16 */ PRIPv6Addr addr; /* client's IP address */
-/* 4 */ PRUint32 creationTime;
-/* 4 */ PRUint32 lastAccessTime;
-/* 4 */ PRUint32 expirationTime;
-/* 2 */ PRUint16 version;
-/* 1 */ PRUint8 valid;
-/* 1 */ PRUint8 sessionIDLength;
-/* 32 */ PRUint8 sessionID[SSL3_SESSIONID_BYTES];
-/* 2 */ PRUint16 authAlgorithm;
-/* 2 */ PRUint16 authKeyBits;
-/* 2 */ PRUint16 keaType;
-/* 2 */ PRUint16 keaKeyBits;
-/* 72 - common header total */
-
- union {
- struct {
-/* 64 */ PRUint8 masterKey[SSL_MAX_MASTER_KEY_BYTES];
-/* 32 */ PRUint8 cipherArg[SSL_MAX_CYPHER_ARG_BYTES];
-
-/* 1 */ PRUint8 cipherType;
-/* 1 */ PRUint8 masterKeyLen;
-/* 1 */ PRUint8 keyBits;
-/* 1 */ PRUint8 secretKeyBits;
-/* 1 */ PRUint8 cipherArgLen;
-/*101 */} ssl2;
-
- struct {
-/* 2 */ ssl3CipherSuite cipherSuite;
-/* 2 */ PRUint16 compression; /* SSL3CompressionMethod */
-
-/*122 */ ssl3SidKeys keys; /* keys and ivs, wrapped as needed. */
-/* 1 */ PRUint8 hasFortezza;
-/* 1 */ PRUint8 resumable;
-
-/* 4 */ PRUint32 masterWrapMech;
-/* 4 */ SSL3KEAType exchKeyType;
-/* 4 */ PRInt32 certIndex;
-/*140 */} ssl3;
-#if defined(LINUX)
- struct {
- PRUint8 filler[144];
- } forceSize;
-#endif
- } u;
-};
-typedef struct sidCacheEntryStr sidCacheEntry;
-
-
-/* The length of this struct is supposed to be a power of 2, e.g. 4KB */
-struct certCacheEntryStr {
- PRUint16 certLength; /* 2 */
- PRUint16 sessionIDLength; /* 2 */
- PRUint8 sessionID[SSL3_SESSIONID_BYTES]; /* 32 */
- PRUint8 cert[SSL_MAX_CACHED_CERT_LEN]; /* 4060 */
-}; /* total 4096 */
-typedef struct certCacheEntryStr certCacheEntry;
-
-struct sidCacheLockStr {
- PRUint32 timeStamp;
- sslMutex mutex;
- sslPID pid;
-};
-typedef struct sidCacheLockStr sidCacheLock;
-
-struct sidCacheSetStr {
- PRIntn next;
-};
-typedef struct sidCacheSetStr sidCacheSet;
-
-struct cacheDescStr {
-
- PRUint32 sharedMemSize;
-
- PRUint32 numSIDCacheLocks;
- PRUint32 numSIDCacheSets;
- PRUint32 numSIDCacheSetsPerLock;
-
- PRUint32 numSIDCacheEntries;
- PRUint32 sidCacheSize;
-
- PRUint32 numCertCacheEntries;
- PRUint32 certCacheSize;
-
- PRUint32 numKeyCacheEntries;
- PRUint32 keyCacheSize;
-
- PRUint32 ssl2Timeout;
- PRUint32 ssl3Timeout;
-
- /* These values are volatile, and are accessed through sharedCache-> */
- PRUint32 nextCertCacheEntry; /* certCacheLock protects */
- PRBool stopPolling;
-
- /* The private copies of these values are pointers into shared mem */
- /* The copies of these values in shared memory are merely offsets */
- sidCacheLock * sidCacheLocks;
- sidCacheLock * keyCacheLock;
- sidCacheLock * certCacheLock;
- sidCacheSet * sidCacheSets;
- sidCacheEntry * sidCacheData;
- certCacheEntry * certCacheData;
- SSLWrappedSymWrappingKey * keyCacheData;
-
- /* Only the private copies of these pointers are valid */
- char * sharedMem;
- struct cacheDescStr * sharedCache; /* shared copy of this struct */
- PRFileMap * cacheMemMap;
- PRThread * poller;
-};
-typedef struct cacheDescStr cacheDesc;
-
-static cacheDesc globalCache;
-
-static const char envVarName[] = { SSL_ENV_VAR_NAME };
-
-static PRBool isMultiProcess = PR_FALSE;
-
-
-#define DEF_SID_CACHE_ENTRIES 10000
-#define DEF_CERT_CACHE_ENTRIES 250
-#define MIN_CERT_CACHE_ENTRIES 125 /* the effective size in old releases. */
-#define DEF_KEY_CACHE_ENTRIES 250
-
-#define SID_CACHE_ENTRIES_PER_SET 128
-#define SID_ALIGNMENT 16
-
-#define DEF_SSL2_TIMEOUT 100 /* seconds */
-#define MAX_SSL2_TIMEOUT 100 /* seconds */
-#define MIN_SSL2_TIMEOUT 5 /* seconds */
-
-#define DEF_SSL3_TIMEOUT 86400L /* 24 hours */
-#define MAX_SSL3_TIMEOUT 86400L /* 24 hours */
-#define MIN_SSL3_TIMEOUT 5 /* seconds */
-
-#if defined(AIX) || defined(LINUX)
-#define MAX_SID_CACHE_LOCKS 8 /* two FDs per lock */
-#elif defined(OSF1)
-#define MAX_SID_CACHE_LOCKS 16 /* one FD per lock */
-#else
-#define MAX_SID_CACHE_LOCKS 256
-#endif
-
-#define SID_HOWMANY(val, size) (((val) + ((size) - 1)) / (size))
-#define SID_ROUNDUP(val, size) ((size) * SID_HOWMANY((val), (size)))
-
-
-static sslPID myPid;
-static PRUint32 ssl_max_sid_cache_locks = MAX_SID_CACHE_LOCKS;
-
-/* forward static function declarations */
-static void IOError(int rv, char *type);
-static PRUint32 SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s, unsigned nl);
-static SECStatus LaunchLockPoller(cacheDesc *cache);
-
-
-
-
-struct inheritanceStr {
- PRUint32 sharedMemSize;
- PRUint16 fmStrLen;
-};
-
-typedef struct inheritanceStr inheritance;
-
-#if defined(_WIN32) || defined(XP_OS2)
-
-#define DEFAULT_CACHE_DIRECTORY "\\temp"
-
-#endif /* _win32 */
-
-#ifdef XP_UNIX
-
-#define DEFAULT_CACHE_DIRECTORY "/tmp"
-
-#endif /* XP_UNIX */
-
-
-/************************************************************************/
-
-static void
-IOError(int rv, char *type)
-{
-#ifdef XP_UNIX
- syslog(LOG_ALERT,
- "SSL: %s error with session-id cache, pid=%d, rv=%d, error='%m'",
- type, myPid, rv);
-#else /* XP_WIN32 */
- /* wish win32 had something like syslog() */
-#endif /* XP_UNIX */
-}
-
-static PRUint32
-LockSidCacheLock(sidCacheLock *lock, PRUint32 now)
-{
- SECStatus rv = sslMutex_Lock(&lock->mutex);
- if (rv != SECSuccess)
- return 0;
- if (!now)
- now = ssl_Time();
- lock->timeStamp = now;
- lock->pid = myPid;
- return now;
-}
-
-static SECStatus
-UnlockSidCacheLock(sidCacheLock *lock)
-{
- SECStatus rv;
-
- lock->pid = 0;
- rv = sslMutex_Unlock(&lock->mutex);
- return rv;
-}
-
-/* returns the value of ssl_Time on success, zero on failure. */
-static PRUint32
-LockSet(cacheDesc *cache, PRUint32 set, PRUint32 now)
-{
- PRUint32 lockNum = set % cache->numSIDCacheLocks;
- sidCacheLock * lock = cache->sidCacheLocks + lockNum;
-
- return LockSidCacheLock(lock, now);
-}
-
-static SECStatus
-UnlockSet(cacheDesc *cache, PRUint32 set)
-{
- PRUint32 lockNum = set % cache->numSIDCacheLocks;
- sidCacheLock * lock = cache->sidCacheLocks + lockNum;
-
- return UnlockSidCacheLock(lock);
-}
-
-/************************************************************************/
-
-
-/* Put a certificate in the cache. Update the cert index in the sce.
-*/
-static PRUint32
-CacheCert(cacheDesc * cache, CERTCertificate *cert, sidCacheEntry *sce)
-{
- PRUint32 now;
- certCacheEntry cce;
-
- if ((cert->derCert.len > SSL_MAX_CACHED_CERT_LEN) ||
- (cert->derCert.len <= 0) ||
- (cert->derCert.data == NULL)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return 0;
- }
-
- cce.sessionIDLength = sce->sessionIDLength;
- PORT_Memcpy(cce.sessionID, sce->sessionID, cce.sessionIDLength);
-
- cce.certLength = cert->derCert.len;
- PORT_Memcpy(cce.cert, cert->derCert.data, cce.certLength);
-
- /* get lock on cert cache */
- now = LockSidCacheLock(cache->certCacheLock, 0);
- if (now) {
-
- /* Find where to place the next cert cache entry. */
- cacheDesc * sharedCache = cache->sharedCache;
- PRUint32 ndx = sharedCache->nextCertCacheEntry;
-
- /* write the entry */
- cache->certCacheData[ndx] = cce;
-
- /* remember where we put it. */
- sce->u.ssl3.certIndex = ndx;
-
- /* update the "next" cache entry index */
- sharedCache->nextCertCacheEntry =
- (ndx + 1) % cache->numCertCacheEntries;
-
- UnlockSidCacheLock(cache->certCacheLock);
- }
- return now;
-
-}
-
-/*
-** Convert local SID to shared memory one
-*/
-static void
-ConvertFromSID(sidCacheEntry *to, sslSessionID *from)
-{
- to->valid = 1;
- to->version = from->version;
- to->addr = from->addr;
- to->creationTime = from->creationTime;
- to->lastAccessTime = from->lastAccessTime;
- to->expirationTime = from->expirationTime;
- to->authAlgorithm = from->authAlgorithm;
- to->authKeyBits = from->authKeyBits;
- to->keaType = from->keaType;
- to->keaKeyBits = from->keaKeyBits;
-
- if (from->version < SSL_LIBRARY_VERSION_3_0) {
- if ((from->u.ssl2.masterKey.len > SSL_MAX_MASTER_KEY_BYTES) ||
- (from->u.ssl2.cipherArg.len > SSL_MAX_CYPHER_ARG_BYTES)) {
- SSL_DBG(("%d: SSL: masterKeyLen=%d cipherArgLen=%d",
- myPid, from->u.ssl2.masterKey.len,
- from->u.ssl2.cipherArg.len));
- to->valid = 0;
- return;
- }
-
- to->u.ssl2.cipherType = from->u.ssl2.cipherType;
- to->u.ssl2.masterKeyLen = from->u.ssl2.masterKey.len;
- to->u.ssl2.cipherArgLen = from->u.ssl2.cipherArg.len;
- to->u.ssl2.keyBits = from->u.ssl2.keyBits;
- to->u.ssl2.secretKeyBits = from->u.ssl2.secretKeyBits;
- to->sessionIDLength = SSL2_SESSIONID_BYTES;
- PORT_Memcpy(to->sessionID, from->u.ssl2.sessionID, SSL2_SESSIONID_BYTES);
- PORT_Memcpy(to->u.ssl2.masterKey, from->u.ssl2.masterKey.data,
- from->u.ssl2.masterKey.len);
- PORT_Memcpy(to->u.ssl2.cipherArg, from->u.ssl2.cipherArg.data,
- from->u.ssl2.cipherArg.len);
-#ifdef DEBUG
- PORT_Memset(to->u.ssl2.masterKey+from->u.ssl2.masterKey.len, 0,
- sizeof(to->u.ssl2.masterKey) - from->u.ssl2.masterKey.len);
- PORT_Memset(to->u.ssl2.cipherArg+from->u.ssl2.cipherArg.len, 0,
- sizeof(to->u.ssl2.cipherArg) - from->u.ssl2.cipherArg.len);
-#endif
- SSL_TRC(8, ("%d: SSL: ConvertSID: masterKeyLen=%d cipherArgLen=%d "
- "time=%d addr=0x%08x%08x%08x%08x cipherType=%d", myPid,
- to->u.ssl2.masterKeyLen, to->u.ssl2.cipherArgLen,
- to->creationTime, to->addr.pr_s6_addr32[0],
- to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2],
- to->addr.pr_s6_addr32[3], to->u.ssl2.cipherType));
- } else {
- /* This is an SSL v3 session */
-
- to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
- to->u.ssl3.compression = (uint16)from->u.ssl3.compression;
- to->u.ssl3.resumable = from->u.ssl3.resumable;
- to->u.ssl3.hasFortezza = from->u.ssl3.hasFortezza;
- to->u.ssl3.keys = from->u.ssl3.keys;
- to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
- to->u.ssl3.exchKeyType = from->u.ssl3.exchKeyType;
- to->sessionIDLength = from->u.ssl3.sessionIDLength;
- to->u.ssl3.certIndex = -1;
-
- PORT_Memcpy(to->sessionID, from->u.ssl3.sessionID,
- to->sessionIDLength);
-
- SSL_TRC(8, ("%d: SSL3: ConvertSID: time=%d addr=0x%08x%08x%08x%08x "
- "cipherSuite=%d",
- myPid, to->creationTime, to->addr.pr_s6_addr32[0],
- to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2],
- to->addr.pr_s6_addr32[3], to->u.ssl3.cipherSuite));
- }
-}
-
-/*
-** Convert shared memory cache-entry to local memory based one
-** This is only called from ServerSessionIDLookup().
-** Caller must hold cache lock when calling this.
-*/
-static sslSessionID *
-ConvertToSID(sidCacheEntry *from, certCacheEntry *pcce,
- CERTCertDBHandle * dbHandle)
-{
- sslSessionID *to;
- uint16 version = from->version;
-
- to = (sslSessionID*) PORT_ZAlloc(sizeof(sslSessionID));
- if (!to) {
- return 0;
- }
-
- if (version < SSL_LIBRARY_VERSION_3_0) {
- /* This is an SSL v2 session */
- to->u.ssl2.masterKey.data =
- (unsigned char*) PORT_Alloc(from->u.ssl2.masterKeyLen);
- if (!to->u.ssl2.masterKey.data) {
- goto loser;
- }
- if (from->u.ssl2.cipherArgLen) {
- to->u.ssl2.cipherArg.data =
- (unsigned char*)PORT_Alloc(from->u.ssl2.cipherArgLen);
- if (!to->u.ssl2.cipherArg.data) {
- goto loser;
- }
- PORT_Memcpy(to->u.ssl2.cipherArg.data, from->u.ssl2.cipherArg,
- from->u.ssl2.cipherArgLen);
- }
-
- to->u.ssl2.cipherType = from->u.ssl2.cipherType;
- to->u.ssl2.masterKey.len = from->u.ssl2.masterKeyLen;
- to->u.ssl2.cipherArg.len = from->u.ssl2.cipherArgLen;
- to->u.ssl2.keyBits = from->u.ssl2.keyBits;
- to->u.ssl2.secretKeyBits = from->u.ssl2.secretKeyBits;
-/* to->sessionIDLength = SSL2_SESSIONID_BYTES; */
- PORT_Memcpy(to->u.ssl2.sessionID, from->sessionID, SSL2_SESSIONID_BYTES);
- PORT_Memcpy(to->u.ssl2.masterKey.data, from->u.ssl2.masterKey,
- from->u.ssl2.masterKeyLen);
-
- SSL_TRC(8, ("%d: SSL: ConvertToSID: masterKeyLen=%d cipherArgLen=%d "
- "time=%d addr=0x%08x%08x%08x%08x cipherType=%d",
- myPid, to->u.ssl2.masterKey.len,
- to->u.ssl2.cipherArg.len, to->creationTime,
- to->addr.pr_s6_addr32[0], to->addr.pr_s6_addr32[1],
- to->addr.pr_s6_addr32[2], to->addr.pr_s6_addr32[3],
- to->u.ssl2.cipherType));
- } else {
- /* This is an SSL v3 session */
-
- to->u.ssl3.sessionIDLength = from->sessionIDLength;
- to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
- to->u.ssl3.compression = (SSL3CompressionMethod)from->u.ssl3.compression;
- to->u.ssl3.resumable = from->u.ssl3.resumable;
- to->u.ssl3.hasFortezza = from->u.ssl3.hasFortezza;
- to->u.ssl3.keys = from->u.ssl3.keys;
- to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
- to->u.ssl3.exchKeyType = from->u.ssl3.exchKeyType;
-
- PORT_Memcpy(to->u.ssl3.sessionID, from->sessionID, from->sessionIDLength);
-
- /* the portions of the SID that are only restored on the client
- * are set to invalid values on the server.
- */
- to->u.ssl3.clientWriteKey = NULL;
- to->u.ssl3.serverWriteKey = NULL;
- to->u.ssl3.tek = NULL;
- to->urlSvrName = NULL;
-
- to->u.ssl3.masterModuleID = (SECMODModuleID)-1; /* invalid value */
- to->u.ssl3.masterSlotID = (CK_SLOT_ID)-1; /* invalid value */
- to->u.ssl3.masterWrapIndex = 0;
- to->u.ssl3.masterWrapSeries = 0;
- to->u.ssl3.masterValid = PR_FALSE;
-
- to->u.ssl3.clAuthModuleID = (SECMODModuleID)-1; /* invalid value */
- to->u.ssl3.clAuthSlotID = (CK_SLOT_ID)-1; /* invalid value */
- to->u.ssl3.clAuthSeries = 0;
- to->u.ssl3.clAuthValid = PR_FALSE;
-
- to->u.ssl3.clientWriteSaveLen = 0;
-
- if (from->u.ssl3.certIndex != -1 && pcce) {
- SECItem derCert;
-
- derCert.len = pcce->certLength;
- derCert.data = pcce->cert;
-
- to->peerCert = CERT_NewTempCertificate(dbHandle, &derCert, NULL,
- PR_FALSE, PR_TRUE);
- if (to->peerCert == NULL)
- goto loser;
- }
- }
-
- to->version = from->version;
- to->creationTime = from->creationTime;
- to->lastAccessTime = from->lastAccessTime;
- to->expirationTime = from->expirationTime;
- to->cached = in_server_cache;
- to->addr = from->addr;
- to->references = 1;
- to->authAlgorithm = from->authAlgorithm;
- to->authKeyBits = from->authKeyBits;
- to->keaType = from->keaType;
- to->keaKeyBits = from->keaKeyBits;
-
- return to;
-
- loser:
- if (to) {
- if (version < SSL_LIBRARY_VERSION_3_0) {
- if (to->u.ssl2.masterKey.data)
- PORT_Free(to->u.ssl2.masterKey.data);
- if (to->u.ssl2.cipherArg.data)
- PORT_Free(to->u.ssl2.cipherArg.data);
- }
- PORT_Free(to);
- }
- return NULL;
-}
-
-
-
-/*
-** Perform some mumbo jumbo on the ip-address and the session-id value to
-** compute a hash value.
-*/
-static PRUint32
-SIDindex(cacheDesc *cache, const PRIPv6Addr *addr, PRUint8 *s, unsigned nl)
-{
- PRUint32 rv;
- PRUint32 x[8];
-
- memset(x, 0, sizeof x);
- if (nl > sizeof x)
- nl = sizeof x;
- memcpy(x, s, nl);
-
- rv = (addr->pr_s6_addr32[0] ^ addr->pr_s6_addr32[1] ^
- addr->pr_s6_addr32[2] ^ addr->pr_s6_addr32[3] ^
- x[0] ^ x[1] ^ x[2] ^ x[3] ^ x[4] ^ x[5] ^ x[6] ^ x[7])
- % cache->numSIDCacheSets;
- return rv;
-}
-
-
-
-/*
-** Look something up in the cache. This will invalidate old entries
-** in the process. Caller has locked the cache set!
-** Returns PR_TRUE if found a valid match. PR_FALSE otherwise.
-*/
-static sidCacheEntry *
-FindSID(cacheDesc *cache, PRUint32 setNum, PRUint32 now,
- const PRIPv6Addr *addr, unsigned char *sessionID,
- unsigned sessionIDLength)
-{
- PRUint32 ndx = cache->sidCacheSets[setNum].next;
- int i;
-
- sidCacheEntry * set = cache->sidCacheData +
- (setNum * SID_CACHE_ENTRIES_PER_SET);
-
- for (i = SID_CACHE_ENTRIES_PER_SET; i > 0; --i) {
- sidCacheEntry * sce;
-
- ndx = (ndx - 1) % SID_CACHE_ENTRIES_PER_SET;
- sce = set + ndx;
-
- if (!sce->valid)
- continue;
-
- if (now > sce->expirationTime) {
- /* SessionID has timed out. Invalidate the entry. */
- SSL_TRC(7, ("%d: timed out sid entry addr=%08x%08x%08x%08x now=%x "
- "time+=%x",
- myPid, sce->addr.pr_s6_addr32[0],
- sce->addr.pr_s6_addr32[1], sce->addr.pr_s6_addr32[2],
- sce->addr.pr_s6_addr32[3], now,
- sce->expirationTime ));
- sce->valid = 0;
- continue;
- }
-
- /*
- ** Next, examine specific session-id/addr data to see if the cache
- ** entry matches our addr+session-id value
- */
- if (sessionIDLength == sce->sessionIDLength &&
- !memcmp(&sce->addr, addr, sizeof(PRIPv6Addr)) &&
- !memcmp(sce->sessionID, sessionID, sessionIDLength)) {
- /* Found it */
- return sce;
- }
- }
-
- PORT_SetError(SSL_ERROR_SESSION_NOT_FOUND);
- return NULL;
-}
-
-/************************************************************************/
-
-/* This is the primary function for finding entries in the server's sid cache.
- * Although it is static, this function is called via the global function
- * pointer ssl_sid_lookup.
- */
-static sslSessionID *
-ServerSessionIDLookup(const PRIPv6Addr *addr,
- unsigned char *sessionID,
- unsigned int sessionIDLength,
- CERTCertDBHandle * dbHandle)
-{
- sslSessionID * sid = 0;
- sidCacheEntry * psce;
- certCacheEntry *pcce = 0;
- cacheDesc * cache = &globalCache;
- PRUint32 now;
- PRUint32 set;
- PRInt32 cndx;
- sidCacheEntry sce;
- certCacheEntry cce;
-
- set = SIDindex(cache, addr, sessionID, sessionIDLength);
- now = LockSet(cache, set, 0);
- if (!now)
- return NULL;
-
- psce = FindSID(cache, set, now, addr, sessionID, sessionIDLength);
- if (psce) {
- if (psce->version >= SSL_LIBRARY_VERSION_3_0 &&
- (cndx = psce->u.ssl3.certIndex) != -1) {
-
- PRUint32 gotLock = LockSidCacheLock(cache->certCacheLock, now);
- if (gotLock) {
- pcce = &cache->certCacheData[cndx];
-
- /* See if the cert's session ID matches the sce cache. */
- if ((pcce->sessionIDLength == psce->sessionIDLength) &&
- !PORT_Memcmp(pcce->sessionID, psce->sessionID,
- pcce->sessionIDLength)) {
- cce = *pcce;
- } else {
- /* The cert doesen't match the SID cache entry,
- ** so invalidate the SID cache entry.
- */
- psce->valid = 0;
- psce = 0;
- pcce = 0;
- }
- UnlockSidCacheLock(cache->certCacheLock);
- } else {
- /* what the ??. Didn't get the cert cache lock.
- ** Don't invalidate the SID cache entry, but don't find it.
- */
- PORT_Assert(!("Didn't get cert Cache Lock!"));
- psce = 0;
- pcce = 0;
- }
- }
- if (psce) {
- psce->lastAccessTime = now;
- sce = *psce; /* grab a copy while holding the lock */
- }
- }
- UnlockSet(cache, set);
- if (psce) {
- /* sce conains a copy of the cache entry.
- ** Convert shared memory format to local format
- */
- sid = ConvertToSID(&sce, pcce ? &cce : 0, dbHandle);
- }
- return sid;
-}
-
-/*
-** Place a sid into the cache, if it isn't already there.
-*/
-static void
-ServerSessionIDCache(sslSessionID *sid)
-{
- sidCacheEntry sce;
- PRUint32 now = 0;
- uint16 version = sid->version;
- cacheDesc * cache = &globalCache;
-
- if ((version >= SSL_LIBRARY_VERSION_3_0) &&
- (sid->u.ssl3.sessionIDLength == 0)) {
- return;
- }
-
- if (sid->cached == never_cached || sid->cached == invalid_cache) {
- PRUint32 set;
-
- PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0);
- if (!sid->creationTime)
- sid->lastAccessTime = sid->creationTime = ssl_Time();
- if (version < SSL_LIBRARY_VERSION_3_0) {
- if (!sid->expirationTime)
- sid->expirationTime = sid->creationTime + ssl_sid_timeout;
- SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
- "cipher=%d", myPid, sid->cached,
- sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
- sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
- sid->creationTime, sid->u.ssl2.cipherType));
- PRINT_BUF(8, (0, "sessionID:", sid->u.ssl2.sessionID,
- SSL2_SESSIONID_BYTES));
- PRINT_BUF(8, (0, "masterKey:", sid->u.ssl2.masterKey.data,
- sid->u.ssl2.masterKey.len));
- PRINT_BUF(8, (0, "cipherArg:", sid->u.ssl2.cipherArg.data,
- sid->u.ssl2.cipherArg.len));
-
- } else {
- if (!sid->expirationTime)
- sid->expirationTime = sid->creationTime + ssl3_sid_timeout;
- SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
- "cipherSuite=%d", myPid, sid->cached,
- sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
- sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
- sid->creationTime, sid->u.ssl3.cipherSuite));
- PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID,
- sid->u.ssl3.sessionIDLength));
- }
-
- ConvertFromSID(&sce, sid);
-
- if ((version >= SSL_LIBRARY_VERSION_3_0) &&
- (sid->peerCert != NULL)) {
- now = CacheCert(cache, sid->peerCert, &sce);
- }
-
- set = SIDindex(cache, &sce.addr, sce.sessionID, sce.sessionIDLength);
- now = LockSet(cache, set, now);
- if (now) {
- PRUint32 next = cache->sidCacheSets[set].next;
- PRUint32 ndx = set * SID_CACHE_ENTRIES_PER_SET + next;
-
- /* Write out new cache entry */
- cache->sidCacheData[ndx] = sce;
-
- cache->sidCacheSets[set].next =
- (next + 1) % SID_CACHE_ENTRIES_PER_SET;
-
- UnlockSet(cache, set);
- sid->cached = in_server_cache;
- }
- }
-}
-
-/*
-** Although this is static, it is called from ssl via global function pointer
-** ssl_sid_uncache. This invalidates the referenced cache entry.
-*/
-static void
-ServerSessionIDUncache(sslSessionID *sid)
-{
- cacheDesc * cache = &globalCache;
- PRUint8 * sessionID;
- unsigned int sessionIDLength;
- PRErrorCode err;
- PRUint32 set;
- PRUint32 now;
- sidCacheEntry *psce;
-
- if (sid == NULL)
- return;
-
- /* Uncaching a SID should never change the error code.
- ** So save it here and restore it before exiting.
- */
- err = PR_GetError();
-
- if (sid->version < SSL_LIBRARY_VERSION_3_0) {
- sessionID = sid->u.ssl2.sessionID;
- sessionIDLength = SSL2_SESSIONID_BYTES;
- SSL_TRC(8, ("%d: SSL: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x "
- "cipher=%d", myPid, sid->cached,
- sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
- sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
- sid->creationTime, sid->u.ssl2.cipherType));
- PRINT_BUF(8, (0, "sessionID:", sessionID, sessionIDLength));
- PRINT_BUF(8, (0, "masterKey:", sid->u.ssl2.masterKey.data,
- sid->u.ssl2.masterKey.len));
- PRINT_BUF(8, (0, "cipherArg:", sid->u.ssl2.cipherArg.data,
- sid->u.ssl2.cipherArg.len));
- } else {
- sessionID = sid->u.ssl3.sessionID;
- sessionIDLength = sid->u.ssl3.sessionIDLength;
- SSL_TRC(8, ("%d: SSL3: UncacheMT: valid=%d addr=0x%08x%08x%08x%08x time=%x "
- "cipherSuite=%d", myPid, sid->cached,
- sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
- sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
- sid->creationTime, sid->u.ssl3.cipherSuite));
- PRINT_BUF(8, (0, "sessionID:", sessionID, sessionIDLength));
- }
- set = SIDindex(cache, &sid->addr, sessionID, sessionIDLength);
- now = LockSet(cache, set, 0);
- if (now) {
- psce = FindSID(cache, set, now, &sid->addr, sessionID, sessionIDLength);
- if (psce) {
- psce->valid = 0;
- }
- UnlockSet(cache, set);
- }
- sid->cached = invalid_cache;
- PORT_SetError(err);
-}
-
-#ifdef XP_OS2
-
-#define INCL_DOSPROCESS
-#include <os2.h>
-
-long gettid(void)
-{
- PTIB ptib;
- PPIB ppib;
- DosGetInfoBlocks(&ptib, &ppib);
- return ((long)ptib->tib_ordinal); /* thread id */
-}
-#endif
-
-static SECStatus
-InitCache(cacheDesc *cache, int maxCacheEntries, PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout, const char *directory)
-{
- ptrdiff_t ptr;
- sidCacheLock *pLock;
- char * sharedMem;
- PRFileMap * cacheMemMap;
- char * cfn = NULL; /* cache file name */
- int locks_initialized = 0;
- int locks_to_initialize = 0;
- PRUint32 init_time;
-
- if (cache->sharedMem) {
- /* Already done */
- return SECSuccess;
- }
-
- cache->numSIDCacheEntries = maxCacheEntries ? maxCacheEntries
- : DEF_SID_CACHE_ENTRIES;
- cache->numSIDCacheSets =
- SID_HOWMANY(cache->numSIDCacheEntries, SID_CACHE_ENTRIES_PER_SET);
-
- cache->numSIDCacheEntries =
- cache->numSIDCacheSets * SID_CACHE_ENTRIES_PER_SET;
-
- cache->numSIDCacheLocks =
- PR_MIN(cache->numSIDCacheSets, ssl_max_sid_cache_locks);
-
- cache->numSIDCacheSetsPerLock =
- SID_HOWMANY(cache->numSIDCacheSets, cache->numSIDCacheLocks);
-
- /* compute size of shared memory, and offsets of all pointers */
- ptr = 0;
- cache->sharedMem = (char *)ptr;
- ptr += SID_ROUNDUP(sizeof(cacheDesc), SID_ALIGNMENT);
-
- cache->sidCacheLocks = (sidCacheLock *)ptr;
- cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks;
- cache->certCacheLock = cache->keyCacheLock + 1;
- ptr = (ptrdiff_t)(cache->certCacheLock + 1);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->sidCacheSets = (sidCacheSet *)ptr;
- ptr = (ptrdiff_t)(cache->sidCacheSets + cache->numSIDCacheSets);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->sidCacheData = (sidCacheEntry *)ptr;
- ptr = (ptrdiff_t)(cache->sidCacheData + cache->numSIDCacheEntries);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->certCacheData = (certCacheEntry *)ptr;
- cache->sidCacheSize =
- (char *)cache->certCacheData - (char *)cache->sidCacheData;
-
- /* This is really a poor way to computer this! */
- cache->numCertCacheEntries = cache->sidCacheSize / sizeof(certCacheEntry);
- if (cache->numCertCacheEntries < MIN_CERT_CACHE_ENTRIES)
- cache->numCertCacheEntries = MIN_CERT_CACHE_ENTRIES;
- ptr = (ptrdiff_t)(cache->certCacheData + cache->numCertCacheEntries);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->keyCacheData = (SSLWrappedSymWrappingKey *)ptr;
- cache->certCacheSize =
- (char *)cache->keyCacheData - (char *)cache->certCacheData;
-
- cache->numKeyCacheEntries = kt_kea_size * SSL_NUM_WRAP_MECHS;
- ptr = (ptrdiff_t)(cache->keyCacheData + cache->numKeyCacheEntries);
- ptr = SID_ROUNDUP(ptr, SID_ALIGNMENT);
-
- cache->sharedMemSize = ptr;
-
- cache->keyCacheSize = (char *)ptr - (char *)cache->keyCacheData;
-
- if (ssl2_timeout) {
- if (ssl2_timeout > MAX_SSL2_TIMEOUT) {
- ssl2_timeout = MAX_SSL2_TIMEOUT;
- }
- if (ssl2_timeout < MIN_SSL2_TIMEOUT) {
- ssl2_timeout = MIN_SSL2_TIMEOUT;
- }
- cache->ssl2Timeout = ssl2_timeout;
- } else {
- cache->ssl2Timeout = DEF_SSL2_TIMEOUT;
- }
-
- if (ssl3_timeout) {
- if (ssl3_timeout > MAX_SSL3_TIMEOUT) {
- ssl3_timeout = MAX_SSL3_TIMEOUT;
- }
- if (ssl3_timeout < MIN_SSL3_TIMEOUT) {
- ssl3_timeout = MIN_SSL3_TIMEOUT;
- }
- cache->ssl3Timeout = ssl3_timeout;
- } else {
- cache->ssl3Timeout = DEF_SSL3_TIMEOUT;
- }
-
- /* Create file names */
-#ifdef XP_UNIX
- /* there's some confusion here about whether PR_OpenAnonFileMap wants
- ** a directory name or a file name for its first argument.
- cfn = PR_smprintf("%s/.sslsvrcache.%d", directory, myPid);
- */
- cfn = PR_smprintf("%s", directory);
-#endif
-
-#ifdef XP_WIN32
- cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid,
- GetCurrentThreadId());
-#endif
-
-#ifdef XP_OS2
- cfn = PR_smprintf("%s/svrcache_%d_%x.ssl", directory, myPid,
- gettid());
-#endif
- if (!cfn) {
- goto loser;
- }
-
- /* Create cache */
- cacheMemMap = PR_OpenAnonFileMap(cfn, cache->sharedMemSize,
- PR_PROT_READWRITE);
- PR_smprintf_free(cfn);
- if(! cacheMemMap) {
- goto loser;
- }
- sharedMem = PR_MemMap(cacheMemMap, 0, cache->sharedMemSize);
- if (! sharedMem) {
- goto loser;
- }
-
- /* Initialize shared memory. This may not be necessary on all platforms */
- memset(sharedMem, 0, cache->sharedMemSize);
-
- /* Copy cache descriptor header into shared memory */
- memcpy(sharedMem, cache, sizeof *cache);
-
- /* save private copies of these values */
- cache->cacheMemMap = cacheMemMap;
- cache->sharedMem = sharedMem;
- cache->sharedCache = (cacheDesc *)sharedMem;
-
- /* Fix pointers in our private copy of cache descriptor to point to
- ** spaces in shared memory
- */
- ptr = (ptrdiff_t)cache->sharedMem;
- *(ptrdiff_t *)(&cache->sidCacheLocks) += ptr;
- *(ptrdiff_t *)(&cache->keyCacheLock ) += ptr;
- *(ptrdiff_t *)(&cache->certCacheLock) += ptr;
- *(ptrdiff_t *)(&cache->sidCacheSets ) += ptr;
- *(ptrdiff_t *)(&cache->sidCacheData ) += ptr;
- *(ptrdiff_t *)(&cache->certCacheData) += ptr;
- *(ptrdiff_t *)(&cache->keyCacheData ) += ptr;
-
- /* initialize the locks */
- init_time = ssl_Time();
- pLock = cache->sidCacheLocks;
- for (locks_to_initialize = cache->numSIDCacheLocks + 2;
- locks_initialized < locks_to_initialize;
- ++locks_initialized, ++pLock ) {
-
- SECStatus err = sslMutex_Init(&pLock->mutex, isMultiProcess);
- if (err)
- goto loser;
- pLock->timeStamp = init_time;
- pLock->pid = 0;
- }
-
- return SECSuccess;
-
-loser:
- if (cache->cacheMemMap) {
- if (cache->sharedMem) {
- if (locks_initialized > 0) {
- pLock = cache->sidCacheLocks;
- for (; locks_initialized > 0; --locks_initialized, ++pLock ) {
- sslMutex_Destroy(&pLock->mutex);
- }
- }
- PR_MemUnmap(cache->sharedMem, cache->sharedMemSize);
- cache->sharedMem = NULL;
- }
- PR_CloseFileMap(cache->cacheMemMap);
- cache->cacheMemMap = NULL;
- }
- return SECFailure;
-}
-
-PRUint32
-SSL_GetMaxServerCacheLocks(void)
-{
- return ssl_max_sid_cache_locks + 2;
- /* The extra two are the cert cache lock and the key cache lock. */
-}
-
-SECStatus
-SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
-{
- /* Minimum is 1 sid cache lock, 1 cert cache lock and 1 key cache lock.
- ** We'd like to test for a maximum value, but not all platforms' header
- ** files provide a symbol or function or other means of determining
- ** the maximum, other than trial and error.
- */
- if (maxLocks < 3) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ssl_max_sid_cache_locks = maxLocks - 2;
- /* The extra two are the cert cache lock and the key cache lock. */
- return SECSuccess;
-}
-
-SECStatus
-SSL_ConfigServerSessionIDCacheInstance( cacheDesc *cache,
- int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory)
-{
- SECStatus rv;
-
-#if defined(DEBUG_nelsonb)
- printf("sizeof(sidCacheEntry) == %u\n", sizeof(sidCacheEntry));
-#endif
-#if !(defined(SOLARIS) && defined(i386))
-#ifndef XP_OS2
- PORT_Assert(sizeof(sidCacheEntry) % 8 == 0);
-#endif
-#endif
- PORT_Assert(sizeof(certCacheEntry) == 4096);
-
- myPid = SSL_GETPID();
- if (!directory) {
- directory = DEFAULT_CACHE_DIRECTORY;
- }
- rv = InitCache(cache, maxCacheEntries, ssl2_timeout, ssl3_timeout,
- directory);
- if (rv) {
- SET_ERROR_CODE
- return SECFailure;
- }
-
- ssl_sid_lookup = ServerSessionIDLookup;
- ssl_sid_cache = ServerSessionIDCache;
- ssl_sid_uncache = ServerSessionIDUncache;
- return SECSuccess;
-}
-
-SECStatus
-SSL_ConfigServerSessionIDCache( int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory)
-{
- return SSL_ConfigServerSessionIDCacheInstance(&globalCache,
- maxCacheEntries, ssl2_timeout, ssl3_timeout, directory);
-}
-
-/* Use this function, instead of SSL_ConfigServerSessionIDCache,
- * if the cache will be shared by multiple processes.
- */
-SECStatus
-SSL_ConfigMPServerSIDCache( int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory)
-{
- char * envValue;
- char * inhValue;
- cacheDesc * cache = &globalCache;
- PRUint32 fmStrLen;
- SECStatus result;
- PRStatus prStatus;
- SECStatus putEnvFailed;
- inheritance inherit;
- char fmString[PR_FILEMAP_STRING_BUFSIZE];
-
- isMultiProcess = PR_TRUE;
- result = SSL_ConfigServerSessionIDCacheInstance(cache, maxCacheEntries,
- ssl2_timeout, ssl3_timeout, directory);
- if (result != SECSuccess)
- return result;
-
- prStatus = PR_ExportFileMapAsString(cache->cacheMemMap,
- sizeof fmString, fmString);
- if ((prStatus != PR_SUCCESS) || !(fmStrLen = strlen(fmString))) {
- SET_ERROR_CODE
- return SECFailure;
- }
-
- inherit.sharedMemSize = cache->sharedMemSize;
- inherit.fmStrLen = fmStrLen;
-
- inhValue = BTOA_DataToAscii((unsigned char *)&inherit, sizeof inherit);
- if (!inhValue || !strlen(inhValue)) {
- SET_ERROR_CODE
- return SECFailure;
- }
- envValue = PR_smprintf("%s,%s", inhValue, fmString);
- if (!envValue || !strlen(envValue)) {
- SET_ERROR_CODE
- return SECFailure;
- }
- PORT_Free(inhValue);
-
- putEnvFailed = (SECStatus)NSS_PutEnv(envVarName, envValue);
- PR_smprintf_free(envValue);
- if (putEnvFailed) {
- SET_ERROR_CODE
- result = SECFailure;
- }
-
-#if defined(XP_UNIX)
- /* Launch thread to poll cache for expired locks on Unix */
- LaunchLockPoller(cache);
-#endif
- return result;
-}
-
-SECStatus
-SSL_InheritMPServerSIDCacheInstance(cacheDesc *cache, const char * envString)
-{
- unsigned char * decoString = NULL;
- char * fmString = NULL;
- unsigned int decoLen;
- ptrdiff_t ptr;
- inheritance inherit;
- cacheDesc my;
-#ifdef WINNT
- sidCacheLock* newLocks;
- int locks_initialized = 0;
- int locks_to_initialize = 0;
-#endif
-
- myPid = SSL_GETPID();
-
- /* If this child was created by fork(), and not by exec() on unix,
- ** then isMultiProcess will already be set.
- ** If not, we'll set it below.
- */
- if (isMultiProcess)
- return SECSuccess; /* already done. */
-
- ssl_sid_lookup = ServerSessionIDLookup;
- ssl_sid_cache = ServerSessionIDCache;
- ssl_sid_uncache = ServerSessionIDUncache;
-
- if (!envString) {
- envString = getenv(envVarName);
- if (!envString) {
- SET_ERROR_CODE
- return SECFailure;
- }
- }
- envString = PORT_Strdup(envString);
- if (!envString)
- return SECFailure;
- fmString = strchr(envString, ',');
- if (!fmString)
- goto loser;
- *fmString++ = 0;
-
- decoString = ATOB_AsciiToData(envString, &decoLen);
- if (!decoString) {
- SET_ERROR_CODE
- goto loser;
- }
- if (decoLen != sizeof inherit) {
- SET_ERROR_CODE
- goto loser;
- }
-
- PORT_Memcpy(&inherit, decoString, sizeof inherit);
-
- if (strlen(fmString) != inherit.fmStrLen ) {
- goto loser;
- }
-
- memset(&my, 0, sizeof my);
- my.sharedMemSize = inherit.sharedMemSize;
-
- /* Create cache */
- my.cacheMemMap = PR_ImportFileMapFromString(fmString);
- if(! my.cacheMemMap) {
- goto loser;
- }
- my.sharedMem = PR_MemMap(my.cacheMemMap, 0, my.sharedMemSize);
- if (! my.sharedMem) {
- goto loser;
- }
- my.sharedCache = (cacheDesc *)my.sharedMem;
-
- if (my.sharedCache->sharedMemSize != my.sharedMemSize) {
- SET_ERROR_CODE
- goto loser;
- }
-
- memcpy(cache, my.sharedCache, sizeof *cache);
- cache->cacheMemMap = my.cacheMemMap;
- cache->sharedMem = my.sharedMem;
- cache->sharedCache = my.sharedCache;
-
- /* Fix pointers in our private copy of cache descriptor to point to
- ** spaces in shared memory
- */
- ptr = (ptrdiff_t)cache->sharedMem;
- *(ptrdiff_t *)(&cache->sidCacheLocks) += ptr;
- *(ptrdiff_t *)(&cache->keyCacheLock ) += ptr;
- *(ptrdiff_t *)(&cache->certCacheLock) += ptr;
- *(ptrdiff_t *)(&cache->sidCacheSets ) += ptr;
- *(ptrdiff_t *)(&cache->sidCacheData ) += ptr;
- *(ptrdiff_t *)(&cache->certCacheData) += ptr;
- *(ptrdiff_t *)(&cache->keyCacheData ) += ptr;
-
-#ifdef WINNT
- /* On Windows NT we need to "fix" the sidCacheLocks here to support fibers
- When NT fibers are used in a multi-process server, a second level of
- locking is needed to prevent a deadlock, in case a fiber acquires the
- cross-process mutex, yields, and another fiber is later scheduled on
- the same native thread and tries to acquire the cross-process mutex.
- We do this by using a PRLock in the sslMutex. However, it is stored in
- shared memory as part of sidCacheLocks, and we don't want to overwrite
- the PRLock of the parent process. So we need to make new, private
- copies of sidCacheLocks before modifying the sslMutex with our own
- PRLock
- */
-
- newLocks = (sidCacheLock*)PORT_Alloc(sizeof(sidCacheLock)*(cache->numSIDCacheLocks + 2));
- /* note from jpierre : this should be free'd in child processes when
- a function is added to delete the SSL session cache in the future */
- /* fix the locks */
- for (locks_to_initialize = cache->numSIDCacheLocks + 2;
- locks_initialized < locks_to_initialize;
- ++locks_initialized) {
- /* copy the old lock */
- memcpy(&newLocks[locks_initialized], &cache->sidCacheLocks[locks_initialized], sizeof(sidCacheLock));
- /* now, make a local PRLock in this sslMutex for this child process */
- sslMutex_2LevelInit(&newLocks[locks_initialized].mutex);
- }
-
- /* then, make our cache object point to our new private sidCacheLocks */
- /* first the session cache */
- cache->sidCacheLocks = newLocks;
- /* also fix the key and cert cache which use the last 2 lock entries */
- cache->keyCacheLock = cache->sidCacheLocks + cache->numSIDCacheLocks;
- cache->certCacheLock = cache->keyCacheLock + 1;
-#endif
-
- PORT_Free(decoString);
- isMultiProcess = PR_TRUE;
- return SECSuccess;
-
-loser:
- if (decoString)
- PORT_Free(decoString);
- return SECFailure;
-
-}
-
-SECStatus
-SSL_InheritMPServerSIDCache(const char * envString)
-{
- return SSL_InheritMPServerSIDCacheInstance(&globalCache, envString);
-}
-
-#if defined(XP_UNIX)
-
-#define SID_LOCK_EXPIRATION_TIMEOUT 30 /* seconds */
-
-static void
-LockPoller(void * arg)
-{
- cacheDesc * cache = (cacheDesc *)arg;
- cacheDesc * sharedCache = cache->sharedCache;
- sidCacheLock * pLock;
- const char * timeoutString;
- PRIntervalTime timeout;
- PRUint32 now;
- PRUint32 then;
- int locks_polled = 0;
- int locks_to_poll = cache->numSIDCacheLocks + 2;
- PRUint32 expiration = SID_LOCK_EXPIRATION_TIMEOUT;
-
- timeoutString = getenv("NSS_SSL_SERVER_CACHE_MUTEX_TIMEOUT");
- if (timeoutString) {
- long newTime = strtol(timeoutString, 0, 0);
- if (newTime == 0)
- return; /* application doesn't want this function */
- if (newTime > 0)
- expiration = (PRUint32)newTime;
- /* if error (newTime < 0) ignore it and use default */
- }
-
- timeout = PR_SecondsToInterval(expiration);
- while(!sharedCache->stopPolling) {
- PR_Sleep(timeout);
- if (sharedCache->stopPolling)
- break;
-
- now = ssl_Time();
- then = now - expiration;
- for (pLock = cache->sidCacheLocks, locks_polled = 0;
- locks_to_poll > locks_polled && !sharedCache->stopPolling;
- ++locks_polled, ++pLock ) {
- pid_t pid;
-
- if (pLock->timeStamp < then &&
- pLock->timeStamp != 0 &&
- (pid = pLock->pid) != 0) {
-
- /* maybe we should try the lock? */
- int result = kill(pid, 0);
- if (result < 0 && errno == ESRCH) {
- SECStatus rv;
- /* No process exists by that pid any more.
- ** Treat this mutex as abandoned.
- */
- pLock->timeStamp = now;
- pLock->pid = 0;
- rv = sslMutex_Unlock(&pLock->mutex);
- if (rv != SECSuccess) {
- /* Now what? */
- }
- }
- }
- } /* end of loop over locks */
- } /* end of entire polling loop */
-}
-
-/* Launch thread to poll cache for expired locks */
-static SECStatus
-LaunchLockPoller(cacheDesc *cache)
-{
- PRThread * pollerThread;
-
- pollerThread =
- PR_CreateThread(PR_USER_THREAD, LockPoller, cache, PR_PRIORITY_NORMAL,
- PR_GLOBAL_THREAD, PR_UNJOINABLE_THREAD, 0);
- if (!pollerThread) {
- return SECFailure;
- }
- cache->poller = pollerThread;
- return SECSuccess;
-}
-#endif
-
-/************************************************************************
- * Code dealing with shared wrapped symmetric wrapping keys below *
- ************************************************************************/
-
-/* If now is zero, it implies that the lock is not held, and must be
-** aquired here.
-*/
-static PRBool
-getSvrWrappingKey(PRInt32 symWrapMechIndex,
- SSL3KEAType exchKeyType,
- SSLWrappedSymWrappingKey *wswk,
- cacheDesc * cache,
- PRUint32 lockTime)
-{
- PRUint32 ndx = (exchKeyType * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
- SSLWrappedSymWrappingKey * pwswk = cache->keyCacheData + ndx;
- PRUint32 now = 0;
- PRBool rv = PR_FALSE;
-
- if (!lockTime) {
- lockTime = now = LockSidCacheLock(cache->keyCacheLock, now);
- if (!lockTime) {
- return rv;
- }
- }
- if (pwswk->exchKeyType == exchKeyType &&
- pwswk->symWrapMechIndex == symWrapMechIndex &&
- pwswk->wrappedSymKeyLen != 0) {
- *wswk = *pwswk;
- rv = PR_TRUE;
- }
- if (now) {
- UnlockSidCacheLock(cache->keyCacheLock);
- }
- return rv;
-}
-
-PRBool
-ssl_GetWrappingKey( PRInt32 symWrapMechIndex,
- SSL3KEAType exchKeyType,
- SSLWrappedSymWrappingKey *wswk)
-{
- PRBool rv;
-
- PORT_Assert( (unsigned)exchKeyType < kt_kea_size);
- PORT_Assert( (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS);
- if ((unsigned)exchKeyType < kt_kea_size &&
- (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS) {
- rv = getSvrWrappingKey(symWrapMechIndex, exchKeyType, wswk,
- &globalCache, 0);
- } else {
- rv = PR_FALSE;
- }
-
- return rv;
-}
-
-/* The caller passes in the new value it wants
- * to set. This code tests the wrapped sym key entry in the shared memory.
- * If it is uninitialized, this function writes the caller's value into
- * the disk entry, and returns false.
- * Otherwise, it overwrites the caller's wswk with the value obtained from
- * the disk, and returns PR_TRUE.
- * This is all done while holding the locks/mutexes necessary to make
- * the operation atomic.
- */
-PRBool
-ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
-{
- cacheDesc * cache = &globalCache;
- PRBool rv = PR_FALSE;
- SSL3KEAType exchKeyType = wswk->exchKeyType;
- /* type of keys used to wrap SymWrapKey*/
- PRInt32 symWrapMechIndex = wswk->symWrapMechIndex;
- PRUint32 ndx;
- PRUint32 now = 0;
- SSLWrappedSymWrappingKey myWswk;
-
- PORT_Assert( (unsigned)exchKeyType < kt_kea_size);
- if ((unsigned)exchKeyType >= kt_kea_size)
- return 0;
-
- PORT_Assert( (unsigned)symWrapMechIndex < SSL_NUM_WRAP_MECHS);
- if ((unsigned)symWrapMechIndex >= SSL_NUM_WRAP_MECHS)
- return 0;
-
- ndx = (exchKeyType * SSL_NUM_WRAP_MECHS) + symWrapMechIndex;
- PORT_Memset(&myWswk, 0, sizeof myWswk); /* eliminate UMRs. */
-
- now = LockSidCacheLock(cache->keyCacheLock, now);
- if (now) {
- rv = getSvrWrappingKey(wswk->symWrapMechIndex, wswk->exchKeyType,
- &myWswk, cache, now);
- if (rv) {
- /* we found it on disk, copy it out to the caller. */
- PORT_Memcpy(wswk, &myWswk, sizeof *wswk);
- } else {
- /* Wasn't on disk, and we're still holding the lock, so write it. */
- cache->keyCacheData[ndx] = *wswk;
- }
- UnlockSidCacheLock(cache->keyCacheLock);
- }
- return rv;
-}
-
-#else /* MAC version or other platform */
-
-#include "seccomon.h"
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-
-SECStatus
-SSL_ConfigServerSessionIDCache( int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory)
-{
- PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigServerSessionIDCache)");
- return SECFailure;
-}
-
-SECStatus
-SSL_ConfigMPServerSIDCache( int maxCacheEntries,
- PRUint32 ssl2_timeout,
- PRUint32 ssl3_timeout,
- const char * directory)
-{
- PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_ConfigMPServerSIDCache)");
- return SECFailure;
-}
-
-SECStatus
-SSL_InheritMPServerSIDCache(const char * envString)
-{
- PR_ASSERT(!"SSL servers are not supported on this platform. (SSL_InheritMPServerSIDCache)");
- return SECFailure;
-}
-
-PRBool
-ssl_GetWrappingKey( PRInt32 symWrapMechIndex,
- SSL3KEAType exchKeyType,
- SSLWrappedSymWrappingKey *wswk)
-{
- PRBool rv = PR_FALSE;
- PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_GetWrappingKey)");
- return rv;
-}
-
-/* This is a kind of test-and-set. The caller passes in the new value it wants
- * to set. This code tests the wrapped sym key entry in the shared memory.
- * If it is uninitialized, this function writes the caller's value into
- * the disk entry, and returns false.
- * Otherwise, it overwrites the caller's wswk with the value obtained from
- * the disk, and returns PR_TRUE.
- * This is all done while holding the locks/mutexes necessary to make
- * the operation atomic.
- */
-PRBool
-ssl_SetWrappingKey(SSLWrappedSymWrappingKey *wswk)
-{
- PRBool rv = PR_FALSE;
- PR_ASSERT(!"SSL servers are not supported on this platform. (ssl_SetWrappingKey)");
- return rv;
-}
-
-#endif /* XP_UNIX || XP_WIN32 */
diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c
deleted file mode 100644
index 4e0d5b1e0..000000000
--- a/security/nss/lib/ssl/sslsock.c
+++ /dev/null
@@ -1,1890 +0,0 @@
-/*
- * vtables (and methods that call through them) for the 4 types of
- * SSLSockets supported. Only one type is still supported.
- * Various other functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- * Dr Stephen Henson <stephen.henson@gemplus.com>
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "seccomon.h"
-#include "cert.h"
-#include "keyhi.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "nspr.h"
-
-#define SET_ERROR_CODE /* reminder */
-
-struct cipherPolicyStr {
- int cipher;
- unsigned char export; /* policy value for export policy */
- unsigned char france; /* policy value for france policy */
-};
-
-typedef struct cipherPolicyStr cipherPolicy;
-
-/* This table contains two preconfigured policies: Export and France.
-** It is used only by the functions SSL_SetDomesticPolicy,
-** SSL_SetExportPolicy, and SSL_SetFrancyPolicy.
-** Order of entries is not important.
-*/
-static cipherPolicy ssl_ciphers[] = { /* Export France */
- { SSL_EN_RC4_128_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_EN_RC4_128_EXPORT40_WITH_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { SSL_EN_RC2_128_CBC_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { SSL_EN_DES_64_CBC_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_EN_DES_192_EDE3_CBC_WITH_MD5, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_FORTEZZA_DMS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_RC4_128_MD5, SSL_RESTRICTED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_RC4_128_SHA, SSL_RESTRICTED, SSL_NOT_ALLOWED },
- { SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RESTRICTED, SSL_NOT_ALLOWED },
- { SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { SSL_FORTEZZA_DMS_WITH_NULL_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_DHE_DSS_WITH_RC4_128_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { SSL_RSA_WITH_NULL_MD5, SSL_ALLOWED, SSL_ALLOWED },
- { TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_RSA_WITH_AES_128_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_RSA_WITH_AES_256_CBC_SHA, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, SSL_ALLOWED, SSL_NOT_ALLOWED },
- { TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, SSL_ALLOWED, SSL_NOT_ALLOWED },
- { 0, SSL_NOT_ALLOWED, SSL_NOT_ALLOWED }
-};
-
-static const sslSocketOps ssl_default_ops = { /* No SSL. */
- ssl_DefConnect,
- NULL,
- ssl_DefBind,
- ssl_DefListen,
- ssl_DefShutdown,
- ssl_DefClose,
- ssl_DefRecv,
- ssl_DefSend,
- ssl_DefRead,
- ssl_DefWrite,
- ssl_DefGetpeername,
- ssl_DefGetsockname
-};
-
-static const sslSocketOps ssl_secure_ops = { /* SSL. */
- ssl_SecureConnect,
- NULL,
- ssl_DefBind,
- ssl_DefListen,
- ssl_SecureShutdown,
- ssl_SecureClose,
- ssl_SecureRecv,
- ssl_SecureSend,
- ssl_SecureRead,
- ssl_SecureWrite,
- ssl_DefGetpeername,
- ssl_DefGetsockname
-};
-
-/*
-** default settings for socket enables
-*/
-static sslOptions ssl_defaults = {
- PR_TRUE, /* useSecurity */
- PR_FALSE, /* useSocks */
- PR_FALSE, /* requestCertificate */
- 2, /* requireCertificate */
- PR_FALSE, /* handshakeAsClient */
- PR_FALSE, /* handshakeAsServer */
- PR_TRUE, /* enableSSL2 */
- PR_TRUE, /* enableSSL3 */
- PR_TRUE, /* enableTLS */ /* now defaults to on in NSS 3.0 */
- PR_FALSE, /* noCache */
- PR_FALSE, /* fdx */
- PR_TRUE, /* v2CompatibleHello */
- PR_TRUE, /* detectRollBack */
-};
-
-sslSessionIDLookupFunc ssl_sid_lookup;
-sslSessionIDCacheFunc ssl_sid_cache;
-sslSessionIDUncacheFunc ssl_sid_uncache;
-
-static PRBool ssl_inited = PR_FALSE;
-static PRDescIdentity ssl_layer_id;
-
-int ssl_lock_readers = 1; /* default true. */
-char ssl_debug;
-char ssl_trace;
-
-
-/* forward declarations. */
-static sslSocket *ssl_NewSocket(void);
-static PRStatus ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack,
- PRDescIdentity id);
-
-/************************************************************************/
-
-/*
-** Lookup a socket structure from a file descriptor.
-** Only functions called through the PRIOMethods table should use this.
-** Other app-callable functions should use ssl_FindSocket.
-*/
-static sslSocket *
-ssl_GetPrivate(PRFileDesc *fd)
-{
- sslSocket *ss;
-
- PORT_Assert(fd != NULL);
- PORT_Assert(fd->methods->file_type == PR_DESC_LAYERED);
- PORT_Assert(fd->identity == ssl_layer_id);
-
- ss = (sslSocket *)fd->secret;
- ss->fd = fd;
- return ss;
-}
-
-sslSocket *
-ssl_FindSocket(PRFileDesc *fd)
-{
- PRFileDesc *layer;
- sslSocket *ss;
-
- PORT_Assert(fd != NULL);
- PORT_Assert(ssl_layer_id != 0);
-
- layer = PR_GetIdentitiesLayer(fd, ssl_layer_id);
- if (layer == NULL) {
- PORT_SetError(PR_BAD_DESCRIPTOR_ERROR);
- return NULL;
- }
-
- ss = (sslSocket *)layer->secret;
- ss->fd = layer;
- return ss;
-}
-
-sslSocket *
-ssl_DupSocket(sslSocket *os)
-{
- sslSocket *ss;
- SECStatus rv;
-
- ss = ssl_NewSocket();
- if (ss) {
- ss->useSocks = PR_FALSE;
- ss->useSecurity = os->useSecurity;
- ss->requestCertificate = os->requestCertificate;
- ss->requireCertificate = os->requireCertificate;
- ss->handshakeAsClient = os->handshakeAsClient;
- ss->handshakeAsServer = os->handshakeAsServer;
- ss->enableSSL2 = os->enableSSL2;
- ss->enableSSL3 = os->enableSSL3;
- ss->enableTLS = os->enableTLS;
- ss->noCache = os->noCache;
- ss->fdx = os->fdx;
- ss->v2CompatibleHello = os->v2CompatibleHello;
- ss->detectRollBack = os->detectRollBack;
-
- ss->peerID = !os->peerID ? NULL : PORT_Strdup(os->peerID);
- ss->url = !os->url ? NULL : PORT_Strdup(os->url);
-
- ss->ops = os->ops;
- ss->rTimeout = os->rTimeout;
- ss->wTimeout = os->wTimeout;
- ss->cTimeout = os->cTimeout;
- ss->dbHandle = os->dbHandle;
-
- /* copy ssl2&3 policy & prefs, even if it's not selected (yet) */
- ss->allowedByPolicy = os->allowedByPolicy;
- ss->maybeAllowedByPolicy= os->maybeAllowedByPolicy;
- ss->chosenPreference = os->chosenPreference;
- PORT_Memcpy(ss->cipherSuites, os->cipherSuites, sizeof os->cipherSuites);
-
- if (os->cipherSpecs) {
- ss->cipherSpecs = (unsigned char*)PORT_Alloc(os->sizeCipherSpecs);
- if (ss->cipherSpecs)
- PORT_Memcpy(ss->cipherSpecs, os->cipherSpecs,
- os->sizeCipherSpecs);
- ss->sizeCipherSpecs = os->sizeCipherSpecs;
- ss->preferredCipher = os->preferredCipher;
- } else {
- ss->cipherSpecs = NULL; /* produced lazily */
- ss->sizeCipherSpecs = 0;
- ss->preferredCipher = NULL;
- }
- if (ss->useSecurity) {
- /* This int should be SSLKEAType, but CC on Irix complains,
- * during the for loop.
- */
- int i;
- sslServerCerts * oc = os->serverCerts;
- sslServerCerts * sc = ss->serverCerts;
-
- for (i=kt_null; i < kt_kea_size; i++, oc++, sc++) {
- if (oc->serverCert && oc->serverCertChain) {
- sc->serverCert = CERT_DupCertificate(oc->serverCert);
- sc->serverCertChain = CERT_DupCertList(oc->serverCertChain);
- if (!sc->serverCertChain)
- goto loser;
- } else {
- sc->serverCert = NULL;
- sc->serverCertChain = NULL;
- }
- sc->serverKey = oc->serverKey ?
- SECKEY_CopyPrivateKey(oc->serverKey) : NULL;
- if (oc->serverKey && !sc->serverKey)
- goto loser;
- sc->serverKeyBits = oc->serverKeyBits;
- }
- ss->stepDownKeyPair = !os->stepDownKeyPair ? NULL :
- ssl3_GetKeyPairRef(os->stepDownKeyPair);
-/*
- * XXX the preceeding CERT_ and SECKEY_ functions can fail and return NULL.
- * XXX We should detect this, and not just march on with NULL pointers.
- */
- ss->authCertificate = os->authCertificate;
- ss->authCertificateArg = os->authCertificateArg;
- ss->getClientAuthData = os->getClientAuthData;
- ss->getClientAuthDataArg = os->getClientAuthDataArg;
- ss->handleBadCert = os->handleBadCert;
- ss->badCertArg = os->badCertArg;
- ss->handshakeCallback = os->handshakeCallback;
- ss->handshakeCallbackData = os->handshakeCallbackData;
- ss->pkcs11PinArg = os->pkcs11PinArg;
-
- /* Create security data */
- rv = ssl_CopySecurityInfo(ss, os);
- if (rv != SECSuccess) {
- goto loser;
- }
- }
- }
- return ss;
-
-loser:
- ssl_FreeSocket(ss);
- return NULL;
-}
-
-/*
- * free an sslSocket struct, and all the stuff that hangs off of it
- */
-void
-ssl_FreeSocket(sslSocket *ss)
-{
- /* "i" should be of type SSLKEAType, but CC on IRIX complains during
- * the for loop.
- */
- int i;
-
- sslSocket *fs;
- sslSocket lSock;
-
-/* Get every lock you can imagine!
-** Caller already holds these:
-** SSL_LOCK_READER(ss);
-** SSL_LOCK_WRITER(ss);
-*/
- ssl_Get1stHandshakeLock(ss);
- ssl_GetRecvBufLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
- ssl_GetXmitBufLock(ss);
- ssl_GetSpecWriteLock(ss);
-
-#ifdef DEBUG
- fs = &lSock;
- *fs = *ss; /* Copy the old socket structure, */
- PORT_Memset(ss, 0x1f, sizeof *ss); /* then blast the old struct ASAP. */
-#else
- fs = ss;
-#endif
-
- /* Free up socket */
- ssl_DestroySecurityInfo(fs->sec);
- ssl3_DestroySSL3Info(fs->ssl3);
- PORT_Free(fs->saveBuf.buf);
- PORT_Free(fs->pendingBuf.buf);
- if (fs->gather) {
- ssl_DestroyGather(fs->gather);
- }
- if (fs->peerID != NULL)
- PORT_Free(fs->peerID);
- if (fs->url != NULL)
- PORT_Free((void *)fs->url); /* CONST */
-
- /* Clean up server configuration */
- for (i=kt_null; i < kt_kea_size; i++) {
- sslServerCerts * sc = fs->serverCerts + i;
- if (sc->serverCert != NULL)
- CERT_DestroyCertificate(sc->serverCert);
- if (sc->serverCertChain != NULL)
- CERT_DestroyCertificateList(sc->serverCertChain);
- if (sc->serverKey != NULL)
- SECKEY_DestroyPrivateKey(sc->serverKey);
- }
- if (fs->stepDownKeyPair) {
- ssl3_FreeKeyPair(fs->stepDownKeyPair);
- fs->stepDownKeyPair = NULL;
- }
-
-
- /* Release all the locks acquired above. */
- SSL_UNLOCK_READER(fs);
- SSL_UNLOCK_WRITER(fs);
- ssl_Release1stHandshakeLock(fs);
- ssl_ReleaseRecvBufLock(fs);
- ssl_ReleaseSSL3HandshakeLock(fs);
- ssl_ReleaseXmitBufLock(fs);
- ssl_ReleaseSpecWriteLock(fs);
-
- /* Destroy locks. */
- if (fs->firstHandshakeLock) {
- PZ_DestroyMonitor(fs->firstHandshakeLock);
- fs->firstHandshakeLock = NULL;
- }
- if (fs->ssl3HandshakeLock) {
- PZ_DestroyMonitor(fs->ssl3HandshakeLock);
- fs->ssl3HandshakeLock = NULL;
- }
- if (fs->specLock) {
- NSSRWLock_Destroy(fs->specLock);
- fs->specLock = NULL;
- }
-
- if (fs->recvLock) {
- PZ_DestroyLock(fs->recvLock);
- fs->recvLock = NULL;
- }
- if (fs->sendLock) {
- PZ_DestroyLock(fs->sendLock);
- fs->sendLock = NULL;
- }
- if (fs->xmitBufLock) {
- PZ_DestroyMonitor(fs->xmitBufLock);
- fs->xmitBufLock = NULL;
- }
- if (fs->recvBufLock) {
- PZ_DestroyMonitor(fs->recvBufLock);
- fs->recvBufLock = NULL;
- }
- if (fs->cipherSpecs) {
- PORT_Free(fs->cipherSpecs);
- fs->cipherSpecs = NULL;
- fs->sizeCipherSpecs = 0;
- }
-
- PORT_Free(ss); /* free the caller's copy, not ours. */
- return;
-}
-
-/************************************************************************/
-SECStatus
-ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled)
-{
- PRFileDesc * osfd = ss->fd->lower;
- int rv;
- PRSocketOptionData opt;
-
- opt.option = PR_SockOpt_NoDelay;
- opt.value.no_delay = (PRBool)!enabled;
-
- rv = osfd->methods->setsocketoption(osfd, &opt);
-
- return rv;
-}
-
-static void
-ssl_ChooseOps(sslSocket *ss)
-{
- ss->ops = ss->useSecurity ? &ssl_secure_ops : &ssl_default_ops;
-}
-
-/* Called from SSL_Enable (immediately below) */
-static SECStatus
-PrepareSocket(sslSocket *ss)
-{
- SECStatus rv = SECSuccess;
-
- if (ss->useSecurity) {
- rv = ssl_CreateSecurityInfo(ss);
- if (rv != SECSuccess) {
- return rv;
- }
- }
-
- ssl_ChooseOps(ss);
- return rv;
-}
-
-SECStatus
-SSL_Enable(PRFileDesc *fd, int which, PRBool on)
-{
- return SSL_OptionSet(fd, which, on);
-}
-
-SECStatus
-SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRBool on)
-{
- sslSocket *ss = ssl_FindSocket(fd);
- SECStatus rv = SECSuccess;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
- return SECFailure;
- }
-
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- switch (which) {
- case SSL_SOCKS:
- ss->useSocks = PR_FALSE;
- rv = PrepareSocket(ss);
- if (on) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
- break;
-
- case SSL_SECURITY:
- ss->useSecurity = on;
- rv = PrepareSocket(ss);
- break;
-
- case SSL_REQUEST_CERTIFICATE:
- ss->requestCertificate = on;
- break;
-
- case SSL_REQUIRE_CERTIFICATE:
- ss->requireCertificate = on;
- break;
-
- case SSL_HANDSHAKE_AS_CLIENT:
- if ( ss->handshakeAsServer && on ) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- break;
- }
- ss->handshakeAsClient = on;
- break;
-
- case SSL_HANDSHAKE_AS_SERVER:
- if ( ss->handshakeAsClient && on ) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- break;
- }
- ss->handshakeAsServer = on;
- break;
-
- case SSL_ENABLE_TLS:
- ss->enableTLS = on;
- ss->preferredCipher = NULL;
- if (ss->cipherSpecs) {
- PORT_Free(ss->cipherSpecs);
- ss->cipherSpecs = NULL;
- ss->sizeCipherSpecs = 0;
- }
- break;
-
- case SSL_ENABLE_SSL3:
- ss->enableSSL3 = on;
- ss->preferredCipher = NULL;
- if (ss->cipherSpecs) {
- PORT_Free(ss->cipherSpecs);
- ss->cipherSpecs = NULL;
- ss->sizeCipherSpecs = 0;
- }
- break;
-
- case SSL_ENABLE_SSL2:
- ss->enableSSL2 = on;
- if (on) {
- ss->v2CompatibleHello = on;
- }
- ss->preferredCipher = NULL;
- if (ss->cipherSpecs) {
- PORT_Free(ss->cipherSpecs);
- ss->cipherSpecs = NULL;
- ss->sizeCipherSpecs = 0;
- }
- break;
-
- case SSL_NO_CACHE:
- ss->noCache = on;
- break;
-
- case SSL_ENABLE_FDX:
- ss->fdx = on;
- break;
-
- case SSL_V2_COMPATIBLE_HELLO:
- ss->v2CompatibleHello = on;
- if (!on) {
- ss->enableSSL2 = on;
- }
- break;
-
- case SSL_ROLLBACK_DETECTION:
- ss->detectRollBack = on;
- break;
-
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- return rv;
-}
-
-SECStatus
-SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRBool *pOn)
-{
- sslSocket *ss = ssl_FindSocket(fd);
- SECStatus rv = SECSuccess;
- PRBool on = PR_FALSE;
-
- if (!pOn) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in Enable", SSL_GETPID(), fd));
- *pOn = PR_FALSE;
- return SECFailure;
- }
-
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- switch (which) {
- case SSL_SOCKS: on = PR_FALSE; break;
- case SSL_SECURITY: on = ss->useSecurity; break;
- case SSL_REQUEST_CERTIFICATE: on = ss->requestCertificate; break;
- case SSL_REQUIRE_CERTIFICATE: on = ss->requireCertificate; break;
- case SSL_HANDSHAKE_AS_CLIENT: on = ss->handshakeAsClient; break;
- case SSL_HANDSHAKE_AS_SERVER: on = ss->handshakeAsServer; break;
- case SSL_ENABLE_TLS: on = ss->enableTLS; break;
- case SSL_ENABLE_SSL3: on = ss->enableSSL3; break;
- case SSL_ENABLE_SSL2: on = ss->enableSSL2; break;
- case SSL_NO_CACHE: on = ss->noCache; break;
- case SSL_ENABLE_FDX: on = ss->fdx; break;
- case SSL_V2_COMPATIBLE_HELLO: on = ss->v2CompatibleHello; break;
- case SSL_ROLLBACK_DETECTION: on = ss->detectRollBack; break;
-
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
-
- *pOn = on;
- return rv;
-}
-
-SECStatus
-SSL_OptionGetDefault(PRInt32 which, PRBool *pOn)
-{
- SECStatus rv = SECSuccess;
- PRBool on = PR_FALSE;
-
- if (!pOn) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- switch (which) {
- case SSL_SOCKS: on = PR_FALSE; break;
- case SSL_SECURITY: on = ssl_defaults.useSecurity; break;
- case SSL_REQUEST_CERTIFICATE: on = ssl_defaults.requestCertificate; break;
- case SSL_REQUIRE_CERTIFICATE: on = ssl_defaults.requireCertificate; break;
- case SSL_HANDSHAKE_AS_CLIENT: on = ssl_defaults.handshakeAsClient; break;
- case SSL_HANDSHAKE_AS_SERVER: on = ssl_defaults.handshakeAsServer; break;
- case SSL_ENABLE_TLS: on = ssl_defaults.enableTLS; break;
- case SSL_ENABLE_SSL3: on = ssl_defaults.enableSSL3; break;
- case SSL_ENABLE_SSL2: on = ssl_defaults.enableSSL2; break;
- case SSL_NO_CACHE: on = ssl_defaults.noCache; break;
- case SSL_ENABLE_FDX: on = ssl_defaults.fdx; break;
- case SSL_V2_COMPATIBLE_HELLO: on = ssl_defaults.v2CompatibleHello; break;
- case SSL_ROLLBACK_DETECTION: on = ssl_defaults.detectRollBack; break;
-
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- rv = SECFailure;
- }
-
- *pOn = on;
- return rv;
-}
-
-/* XXX Use Global Lock to protect this stuff. */
-SECStatus
-SSL_EnableDefault(int which, PRBool on)
-{
- return SSL_OptionSetDefault(which, on);
-}
-
-SECStatus
-SSL_OptionSetDefault(PRInt32 which, PRBool on)
-{
- switch (which) {
- case SSL_SOCKS:
- ssl_defaults.useSocks = PR_FALSE;
- if (on) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- break;
-
- case SSL_SECURITY:
- ssl_defaults.useSecurity = on;
- break;
-
- case SSL_REQUEST_CERTIFICATE:
- ssl_defaults.requestCertificate = on;
- break;
-
- case SSL_REQUIRE_CERTIFICATE:
- ssl_defaults.requireCertificate = on;
- break;
-
- case SSL_HANDSHAKE_AS_CLIENT:
- if ( ssl_defaults.handshakeAsServer && on ) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ssl_defaults.handshakeAsClient = on;
- break;
-
- case SSL_HANDSHAKE_AS_SERVER:
- if ( ssl_defaults.handshakeAsClient && on ) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- ssl_defaults.handshakeAsServer = on;
- break;
-
- case SSL_ENABLE_TLS:
- ssl_defaults.enableTLS = on;
- break;
-
- case SSL_ENABLE_SSL3:
- ssl_defaults.enableSSL3 = on;
- break;
-
- case SSL_ENABLE_SSL2:
- ssl_defaults.enableSSL2 = on;
- if (on) {
- ssl_defaults.v2CompatibleHello = on;
- }
- break;
-
- case SSL_NO_CACHE:
- ssl_defaults.noCache = on;
- break;
-
- case SSL_ENABLE_FDX:
- ssl_defaults.fdx = on;
-
- case SSL_V2_COMPATIBLE_HELLO:
- ssl_defaults.v2CompatibleHello = on;
- if (!on) {
- ssl_defaults.enableSSL2 = on;
- }
- break;
-
- case SSL_ROLLBACK_DETECTION:
- ssl_defaults.detectRollBack = on;
- break;
-
- default:
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- return SECSuccess;
-}
-
-/* Part of the public NSS API.
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this. Probably want a global lock.
- */
-SECStatus
-SSL_SetPolicy(long which, int policy)
-{
- if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) {
- /* one of the two old FIPS ciphers */
- if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA)
- which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA;
- else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA)
- which = SSL_RSA_FIPS_WITH_DES_CBC_SHA;
- }
- return SSL_CipherPolicySet(which, policy);
-}
-
-SECStatus
-SSL_CipherPolicySet(PRInt32 which, PRInt32 policy)
-{
- SECStatus rv;
-
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_SetPolicy(which, policy);
- } else {
- rv = ssl3_SetPolicy((ssl3CipherSuite)which, policy);
- }
- return rv;
-}
-
-SECStatus
-SSL_CipherPolicyGet(PRInt32 which, PRInt32 *oPolicy)
-{
- SECStatus rv;
-
- if (!oPolicy) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_GetPolicy(which, oPolicy);
- } else {
- rv = ssl3_GetPolicy((ssl3CipherSuite)which, oPolicy);
- }
- return rv;
-}
-
-/* Part of the public NSS API.
- * Since this is a global (not per-socket) setting, we cannot use the
- * HandshakeLock to protect this. Probably want a global lock.
- * These changes have no effect on any sslSockets already created.
- */
-SECStatus
-SSL_EnableCipher(long which, PRBool enabled)
-{
- if ((which & 0xfffe) == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA) {
- /* one of the two old FIPS ciphers */
- if (which == SSL_RSA_OLDFIPS_WITH_3DES_EDE_CBC_SHA)
- which = SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA;
- else if (which == SSL_RSA_OLDFIPS_WITH_DES_CBC_SHA)
- which = SSL_RSA_FIPS_WITH_DES_CBC_SHA;
- }
- return SSL_CipherPrefSetDefault(which, enabled);
-}
-
-SECStatus
-SSL_CipherPrefSetDefault(PRInt32 which, PRBool enabled)
-{
- SECStatus rv;
-
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_CipherPrefSetDefault(which, enabled);
- } else {
- rv = ssl3_CipherPrefSetDefault((ssl3CipherSuite)which, enabled);
- }
- return rv;
-}
-
-SECStatus
-SSL_CipherPrefGetDefault(PRInt32 which, PRBool *enabled)
-{
- SECStatus rv;
-
- if (!enabled) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_CipherPrefGetDefault(which, enabled);
- } else {
- rv = ssl3_CipherPrefGetDefault((ssl3CipherSuite)which, enabled);
- }
- return rv;
-}
-
-SECStatus
-SSL_CipherPrefSet(PRFileDesc *fd, PRInt32 which, PRBool enabled)
-{
- SECStatus rv;
- sslSocket *ss = ssl_FindSocket(fd);
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefSet", SSL_GETPID(), fd));
- return SECFailure;
- }
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_CipherPrefSet(ss, which, enabled);
- } else {
- rv = ssl3_CipherPrefSet(ss, (ssl3CipherSuite)which, enabled);
- }
- return rv;
-}
-
-SECStatus
-SSL_CipherPrefGet(PRFileDesc *fd, PRInt32 which, PRBool *enabled)
-{
- SECStatus rv;
- sslSocket *ss = ssl_FindSocket(fd);
-
- if (!enabled) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in CipherPrefGet", SSL_GETPID(), fd));
- *enabled = PR_FALSE;
- return SECFailure;
- }
- if (SSL_IS_SSL2_CIPHER(which)) {
- rv = ssl2_CipherPrefGet(ss, which, enabled);
- } else {
- rv = ssl3_CipherPrefGet(ss, (ssl3CipherSuite)which, enabled);
- }
- return rv;
-}
-
-SECStatus
-NSS_SetDomesticPolicy(void)
-{
-#ifndef EXPORT_VERSION
- SECStatus status = SECSuccess;
- cipherPolicy * policy;
-
- for (policy = ssl_ciphers; policy->cipher != 0; ++policy) {
- status = SSL_SetPolicy(policy->cipher, SSL_ALLOWED);
- if (status != SECSuccess)
- break;
- }
- return status;
-#else
- return NSS_SetExportPolicy();
-#endif
-}
-
-SECStatus
-NSS_SetExportPolicy(void)
-{
- SECStatus status = SECSuccess;
- cipherPolicy * policy;
-
- for (policy = ssl_ciphers; policy->cipher != 0; ++policy) {
- status = SSL_SetPolicy(policy->cipher, policy->export);
- if (status != SECSuccess)
- break;
- }
- return status;
-}
-
-SECStatus
-NSS_SetFrancePolicy(void)
-{
- SECStatus status = SECSuccess;
- cipherPolicy * policy;
-
- for (policy = ssl_ciphers; policy->cipher != 0; ++policy) {
- status = SSL_SetPolicy(policy->cipher, policy->france);
- if (status != SECSuccess)
- break;
- }
- return status;
-}
-
-
-
-/* LOCKS ??? XXX */
-PRFileDesc *
-SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd)
-{
- sslSocket * ns = NULL;
- PRStatus rv;
- PRNetAddr addr;
-
- if (model == NULL) {
- /* Just create a default socket if we're given NULL for the model */
- ns = ssl_NewSocket();
- } else {
- sslSocket * ss = ssl_FindSocket(model);
- if (ss == NULL) {
- SSL_DBG(("%d: SSL[%d]: bad model socket in ssl_ImportFD",
- SSL_GETPID(), model));
- return NULL;
- }
- ns = ssl_DupSocket(ss);
- }
- if (ns == NULL)
- return NULL;
-
- rv = ssl_PushIOLayer(ns, fd, PR_TOP_IO_LAYER);
- if (rv != PR_SUCCESS) {
- ssl_FreeSocket(ns);
- SET_ERROR_CODE
- return NULL;
- }
-#ifdef _WIN32
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* workaround NT winsock connect bug. */
-#endif
- ns = ssl_FindSocket(fd);
- PORT_Assert(ns);
- if (ns)
- ns->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ns, &addr));
- return fd;
-}
-
-/************************************************************************/
-/* The following functions are the TOP LEVEL SSL functions.
-** They all get called through the NSPRIOMethods table below.
-*/
-
-static PRFileDesc * PR_CALLBACK
-ssl_Accept(PRFileDesc *fd, PRNetAddr *sockaddr, PRIntervalTime timeout)
-{
- sslSocket *ss;
- sslSocket *ns = NULL;
- PRFileDesc *newfd = NULL;
- PRFileDesc *osfd;
- PRStatus status;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in accept", SSL_GETPID(), fd));
- return NULL;
- }
-
- /* IF this is a listen socket, there shouldn't be any I/O going on */
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
- ssl_Get1stHandshakeLock(ss);
- ssl_GetSSL3HandshakeLock(ss);
-
- ss->cTimeout = timeout;
-
- osfd = ss->fd->lower;
-
- /* First accept connection */
- newfd = osfd->methods->accept(osfd, sockaddr, timeout);
- if (newfd == NULL) {
- SSL_DBG(("%d: SSL[%d]: accept failed, errno=%d",
- SSL_GETPID(), ss->fd, PORT_GetError()));
- } else {
- /* Create ssl module */
- ns = ssl_DupSocket(ss);
- }
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- ssl_Release1stHandshakeLock(ss);
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss); /* ss isn't used below here. */
-
- if (ns == NULL)
- goto loser;
-
- /* push ssl module onto the new socket */
- status = ssl_PushIOLayer(ns, newfd, PR_TOP_IO_LAYER);
- if (status != PR_SUCCESS)
- goto loser;
-
- /* Now start server connection handshake with client.
- ** Don't need locks here because nobody else has a reference to ns yet.
- */
- if ( ns->useSecurity ) {
- if ( ns->handshakeAsClient ) {
- ns->handshake = ssl2_BeginClientHandshake;
- ss->handshaking = sslHandshakingAsClient;
- } else {
- ns->handshake = ssl2_BeginServerHandshake;
- ss->handshaking = sslHandshakingAsServer;
- }
- }
- ns->TCPconnected = 1;
- return newfd;
-
-loser:
- if (ns != NULL)
- ssl_FreeSocket(ns);
- if (newfd != NULL)
- PR_Close(newfd);
- return NULL;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Connect(PRFileDesc *fd, const PRNetAddr *sockaddr, PRIntervalTime timeout)
-{
- sslSocket *ss;
- PRStatus rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in connect", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
-
- /* IF this is a listen socket, there shouldn't be any I/O going on */
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- ss->cTimeout = timeout;
- rv = (PRStatus)(*ss->ops->connect)(ss, sockaddr);
-#ifdef _WIN32
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* workaround NT winsock connect bug. */
-#endif
-
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss);
-
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Bind(PRFileDesc *fd, const PRNetAddr *addr)
-{
- sslSocket * ss = ssl_GetPrivate(fd);
- PRStatus rv;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in bind", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- rv = (PRStatus)(*ss->ops->bind)(ss, addr);
-
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss);
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Listen(PRFileDesc *fd, PRIntn backlog)
-{
- sslSocket * ss = ssl_GetPrivate(fd);
- PRStatus rv;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in listen", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- rv = (PRStatus)(*ss->ops->listen)(ss, backlog);
-
- SSL_UNLOCK_WRITER(ss);
- SSL_UNLOCK_READER(ss);
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Shutdown(PRFileDesc *fd, PRIntn how)
-{
- sslSocket * ss = ssl_GetPrivate(fd);
- PRStatus rv;
-
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in shutdown", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
- SSL_LOCK_READER(ss);
- }
- if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
- SSL_LOCK_WRITER(ss);
- }
-
- rv = (PRStatus)(*ss->ops->shutdown)(ss, how);
-
- if (how == PR_SHUTDOWN_SEND || how == PR_SHUTDOWN_BOTH) {
- SSL_UNLOCK_WRITER(ss);
- }
- if (how == PR_SHUTDOWN_RCV || how == PR_SHUTDOWN_BOTH) {
- SSL_UNLOCK_READER(ss);
- }
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_Close(PRFileDesc *fd)
-{
- sslSocket *ss;
- PRStatus rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in close", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
-
- /* There must not be any I/O going on */
- SSL_LOCK_READER(ss);
- SSL_LOCK_WRITER(ss);
-
- /* By the time this function returns,
- ** ss is an invalid pointer, and the locks to which it points have
- ** been unlocked and freed. So, this is the ONE PLACE in all of SSL
- ** where the LOCK calls and the corresponding UNLOCK calls are not in
- ** the same function scope. The unlock calls are in ssl_FreeSocket().
- */
- rv = (PRStatus)(*ss->ops->close)(ss);
-
- return rv;
-}
-
-static int PR_CALLBACK
-ssl_Recv(PRFileDesc *fd, void *buf, PRInt32 len, PRIntn flags,
- PRIntervalTime timeout)
-{
- sslSocket *ss;
- int rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in recv", SSL_GETPID(), fd));
- return SECFailure;
- }
- SSL_LOCK_READER(ss);
- ss->rTimeout = timeout;
- if (!ss->fdx)
- ss->wTimeout = timeout;
- rv = (*ss->ops->recv)(ss, (unsigned char*)buf, len, flags);
- SSL_UNLOCK_READER(ss);
- return rv;
-}
-
-static int PR_CALLBACK
-ssl_Send(PRFileDesc *fd, const void *buf, PRInt32 len, PRIntn flags,
- PRIntervalTime timeout)
-{
- sslSocket *ss;
- int rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in send", SSL_GETPID(), fd));
- return SECFailure;
- }
- SSL_LOCK_WRITER(ss);
- ss->wTimeout = timeout;
- if (!ss->fdx)
- ss->rTimeout = timeout;
- rv = (*ss->ops->send)(ss, (const unsigned char*)buf, len, flags);
- SSL_UNLOCK_WRITER(ss);
- return rv;
-}
-
-static int PR_CALLBACK
-ssl_Read(PRFileDesc *fd, void *buf, PRInt32 len)
-{
- sslSocket *ss;
- int rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in read", SSL_GETPID(), fd));
- return SECFailure;
- }
- SSL_LOCK_READER(ss);
- ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
- if (!ss->fdx)
- ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
- rv = (*ss->ops->read)(ss, (unsigned char*)buf, len);
- SSL_UNLOCK_READER(ss);
- return rv;
-}
-
-static int PR_CALLBACK
-ssl_Write(PRFileDesc *fd, const void *buf, PRInt32 len)
-{
- sslSocket *ss;
- int rv;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in write", SSL_GETPID(), fd));
- return SECFailure;
- }
- SSL_LOCK_WRITER(ss);
- ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
- if (!ss->fdx)
- ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
- rv = (*ss->ops->write)(ss, (const unsigned char*)buf, len);
- SSL_UNLOCK_WRITER(ss);
- return rv;
-}
-
-static PRStatus PR_CALLBACK
-ssl_GetPeerName(PRFileDesc *fd, PRNetAddr *addr)
-{
- sslSocket *ss;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in getpeername", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- return (PRStatus)(*ss->ops->getpeername)(ss, addr);
-}
-
-/*
-*/
-SECStatus
-ssl_GetPeerInfo(sslSocket *ss)
-{
- sslConnectInfo * ci;
- PRNetAddr sin;
- int rv;
- PRFileDesc * osfd;
-
- PORT_Assert((ss->sec != 0));
-
- osfd = ss->fd->lower;
- ci = &ss->sec->ci;
-
- PORT_Memset(&sin, 0, sizeof(sin));
- rv = osfd->methods->getpeername(osfd, &sin);
- if (rv < 0) {
- return SECFailure;
- }
- ss->TCPconnected = 1;
- /* we have to mask off the high byte because AIX is lame */
- if ((sin.inet.family & 0xff) == PR_AF_INET) {
- PR_ConvertIPv4AddrToIPv6(sin.inet.ip, &ci->peer);
- ci->port = sin.inet.port;
- } else {
- PORT_Assert(sin.ipv6.family == PR_AF_INET6);
- ci->peer = sin.ipv6.ip;
- ci->port = sin.ipv6.port;
- }
- return SECSuccess;
-}
-
-static PRStatus PR_CALLBACK
-ssl_GetSockName(PRFileDesc *fd, PRNetAddr *name)
-{
- sslSocket *ss;
-
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in getsockname", SSL_GETPID(), fd));
- return PR_FAILURE;
- }
- return (PRStatus)(*ss->ops->getsockname)(ss, name);
-}
-
-SECStatus PR_CALLBACK
-SSL_SetSockPeerID(PRFileDesc *fd, char *peerID)
-{
- sslSocket *ss;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetCacheIndex",
- SSL_GETPID(), fd));
- return SECFailure;
- }
-
- ss->peerID = PORT_Strdup(peerID);
- return SECSuccess;
-}
-
-#define PR_POLL_RW (PR_POLL_WRITE | PR_POLL_READ)
-
-static PRInt16 PR_CALLBACK
-ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags)
-{
- sslSocket *ss;
- PRInt16 new_flags = how_flags; /* should select on these flags. */
- PRNetAddr addr;
-
- *p_out_flags = 0;
- ss = ssl_GetPrivate(fd);
- if (!ss) {
- SSL_DBG(("%d: SSL[%d]: bad socket in SSL_Poll",
- SSL_GETPID(), fd));
- return 0; /* don't poll on this socket */
- }
-
- if (ss->useSecurity &&
- ss->handshaking != sslHandshakingUndetermined &&
- !ss->firstHsDone &&
- (how_flags & PR_POLL_RW)) {
- if (!ss->TCPconnected) {
- ss->TCPconnected = (PR_SUCCESS == ssl_DefGetpeername(ss, &addr));
- }
- /* If it's not connected, then presumably the application is polling
- ** on read or write appropriately, so don't change it.
- */
- if (ss->TCPconnected) {
- if (!ss->handshakeBegun) {
- /* If the handshake has not begun, poll on read or write
- ** based on the local application's role in the handshake,
- ** not based on what the application requested.
- */
- new_flags &= ~PR_POLL_RW;
- if (ss->handshaking == sslHandshakingAsClient) {
- new_flags |= PR_POLL_WRITE;
- } else { /* handshaking as server */
- new_flags |= PR_POLL_READ;
- }
- } else
- /* First handshake is in progress */
- if (ss->lastWriteBlocked) {
- if (new_flags & PR_POLL_READ) {
- /* The caller is waiting for data to be received,
- ** but the initial handshake is blocked on write, or the
- ** client's first handshake record has not been written.
- ** The code should select on write, not read.
- */
- new_flags ^= PR_POLL_READ; /* don't select on read. */
- new_flags |= PR_POLL_WRITE; /* do select on write. */
- }
- } else if (new_flags & PR_POLL_WRITE) {
- /* The caller is trying to write, but the handshake is
- ** blocked waiting for data to read, and the first
- ** handshake has been sent. so do NOT to poll on write.
- */
- new_flags ^= PR_POLL_WRITE; /* don't select on write. */
- new_flags |= PR_POLL_READ; /* do select on read. */
- }
- }
- } else if ((new_flags & PR_POLL_READ) && (SSL_DataPending(fd) > 0)) {
- *p_out_flags = PR_POLL_READ; /* it's ready already. */
- return new_flags;
- } else if ((ss->lastWriteBlocked) && (how_flags & PR_POLL_READ) &&
- (ss->pendingBuf.len != 0)) { /* write data waiting to be sent */
- new_flags |= PR_POLL_WRITE; /* also select on write. */
- }
- if (new_flags && (fd->lower->methods->poll != NULL)) {
- PRInt16 lower_out_flags = 0;
- PRInt16 lower_new_flags;
- lower_new_flags = fd->lower->methods->poll(fd->lower, new_flags,
- &lower_out_flags);
- if ((lower_new_flags & lower_out_flags) && (how_flags != new_flags)) {
- PRInt16 out_flags = lower_out_flags & ~PR_POLL_RW;
- if (lower_out_flags & PR_POLL_READ)
- out_flags |= PR_POLL_WRITE;
- if (lower_out_flags & PR_POLL_WRITE)
- out_flags |= PR_POLL_READ;
- *p_out_flags = out_flags;
- new_flags = how_flags;
- } else {
- *p_out_flags = lower_out_flags;
- new_flags = lower_new_flags;
- }
- }
-
- return new_flags;
-}
-
-
-PRBool
-ssl_FdIsBlocking(PRFileDesc *fd)
-{
- PRSocketOptionData opt;
- PRStatus status;
-
- opt.option = PR_SockOpt_Nonblocking;
- opt.value.non_blocking = PR_FALSE;
- status = PR_GetSocketOption(fd, &opt);
- if (status != PR_SUCCESS)
- return PR_FALSE;
- return (PRBool)!opt.value.non_blocking;
-}
-
-PRBool
-ssl_SocketIsBlocking(sslSocket *ss)
-{
- return ssl_FdIsBlocking(ss->fd);
-}
-
-PRInt32 sslFirstBufSize = 8 * 1024;
-PRInt32 sslCopyLimit = 1024;
-
-static PRInt32 PR_CALLBACK
-ssl_WriteV(PRFileDesc *fd, const PRIOVec *iov, PRInt32 vectors,
- PRIntervalTime timeout)
-{
- PRInt32 bufLen;
- PRInt32 left;
- PRInt32 rv;
- PRInt32 sent = 0;
- const PRInt32 first_len = sslFirstBufSize;
- const PRInt32 limit = sslCopyLimit;
- PRBool blocking;
- PRIOVec myIov = { 0, 0 };
- char buf[MAX_FRAGMENT_LENGTH];
-
- if (vectors > PR_MAX_IOVECTOR_SIZE) {
- PORT_SetError(PR_BUFFER_OVERFLOW_ERROR);
- return -1;
- }
- blocking = ssl_FdIsBlocking(fd);
-
-#define K16 sizeof(buf)
-#define KILL_VECTORS while (vectors && !iov->iov_len) { ++iov; --vectors; }
-#define GET_VECTOR do { myIov = *iov++; --vectors; KILL_VECTORS } while (0)
-#define HANDLE_ERR(rv, len) \
- if (rv != len) { \
- if (rv < 0) { \
- if (blocking \
- && (PR_GetError() == PR_WOULD_BLOCK_ERROR) \
- && (sent > 0)) { \
- return sent; \
- } else { \
- return -1; \
- } \
- } \
- /* Only a nonblocking socket can have partial sends */ \
- PR_ASSERT(blocking); \
- return sent; \
- }
-#define SEND(bfr, len) \
- do { \
- rv = ssl_Send(fd, bfr, len, 0, timeout); \
- HANDLE_ERR(rv, len) \
- sent += len; \
- } while (0)
-
- /* Make sure the first write is at least 8 KB, if possible. */
- KILL_VECTORS
- if (!vectors)
- return ssl_Send(fd, 0, 0, 0, timeout);
- GET_VECTOR;
- if (!vectors) {
- return ssl_Send(fd, myIov.iov_base, myIov.iov_len, 0, timeout);
- }
- if (myIov.iov_len < first_len) {
- PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
- bufLen = myIov.iov_len;
- left = first_len - bufLen;
- while (vectors && left) {
- int toCopy;
- GET_VECTOR;
- toCopy = PR_MIN(left, myIov.iov_len);
- PORT_Memcpy(buf + bufLen, myIov.iov_base, toCopy);
- bufLen += toCopy;
- left -= toCopy;
- myIov.iov_base += toCopy;
- myIov.iov_len -= toCopy;
- }
- SEND( buf, bufLen );
- }
-
- while (vectors || myIov.iov_len) {
- PRInt32 addLen;
- if (!myIov.iov_len) {
- GET_VECTOR;
- }
- while (myIov.iov_len >= K16) {
- SEND(myIov.iov_base, K16);
- myIov.iov_base += K16;
- myIov.iov_len -= K16;
- }
- if (!myIov.iov_len)
- continue;
-
- if (!vectors || myIov.iov_len > limit) {
- addLen = 0;
- } else if ((addLen = iov->iov_len % K16) + myIov.iov_len <= limit) {
- /* Addlen is already computed. */;
- } else if (vectors > 1 &&
- iov[1].iov_len % K16 + addLen + myIov.iov_len <= 2 * limit) {
- addLen = limit - myIov.iov_len;
- } else
- addLen = 0;
-
- if (!addLen) {
- SEND( myIov.iov_base, myIov.iov_len );
- myIov.iov_len = 0;
- continue;
- }
- PORT_Memcpy(buf, myIov.iov_base, myIov.iov_len);
- bufLen = myIov.iov_len;
- do {
- GET_VECTOR;
- PORT_Memcpy(buf + bufLen, myIov.iov_base, addLen);
- myIov.iov_base += addLen;
- myIov.iov_len -= addLen;
- bufLen += addLen;
-
- left = PR_MIN( limit, K16 - bufLen);
- if (!vectors /* no more left */
- || myIov.iov_len > 0 /* we didn't use that one all up */
- || bufLen >= K16 /* it's full. */
- ) {
- addLen = 0;
- } else if ((addLen = iov->iov_len % K16) <= left) {
- /* Addlen is already computed. */;
- } else if (vectors > 1 &&
- iov[1].iov_len % K16 + addLen <= left + limit) {
- addLen = left;
- } else
- addLen = 0;
-
- } while (addLen);
- SEND( buf, bufLen );
- }
- return sent;
-}
-
-/*
- * These functions aren't implemented.
- */
-
-static PRInt32 PR_CALLBACK
-ssl_Available(PRFileDesc *fd)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return SECFailure;
-}
-
-static PRInt64 PR_CALLBACK
-ssl_Available64(PRFileDesc *fd)
-{
- PRInt64 res;
-
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- LL_I2L(res, -1L);
- return res;
-}
-
-static PRStatus PR_CALLBACK
-ssl_FSync(PRFileDesc *fd)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return PR_FAILURE;
-}
-
-static PRInt32 PR_CALLBACK
-ssl_Seek(PRFileDesc *fd, PRInt32 offset, PRSeekWhence how) {
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return SECFailure;
-}
-
-static PRInt64 PR_CALLBACK
-ssl_Seek64(PRFileDesc *fd, PRInt64 offset, PRSeekWhence how) {
- PRInt64 res;
-
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- LL_I2L(res, -1L);
- return res;
-}
-
-static PRStatus PR_CALLBACK
-ssl_FileInfo(PRFileDesc *fd, PRFileInfo *info)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return PR_FAILURE;
-}
-
-static PRStatus PR_CALLBACK
-ssl_FileInfo64(PRFileDesc *fd, PRFileInfo64 *info)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return PR_FAILURE;
-}
-
-static PRInt32 PR_CALLBACK
-ssl_RecvFrom(PRFileDesc *fd, void *buf, PRInt32 amount, PRIntn flags,
- PRNetAddr *addr, PRIntervalTime timeout)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return SECFailure;
-}
-
-static PRInt32 PR_CALLBACK
-ssl_SendTo(PRFileDesc *fd, const void *buf, PRInt32 amount, PRIntn flags,
- const PRNetAddr *addr, PRIntervalTime timeout)
-{
- PORT_Assert(0);
- PR_SetError(PR_NOT_IMPLEMENTED_ERROR, 0);
- return SECFailure;
-}
-
-static const PRIOMethods ssl_methods = {
- PR_DESC_LAYERED,
- ssl_Close, /* close */
- ssl_Read, /* read */
- ssl_Write, /* write */
- ssl_Available, /* available */
- ssl_Available64, /* available64 */
- ssl_FSync, /* fsync */
- ssl_Seek, /* seek */
- ssl_Seek64, /* seek64 */
- ssl_FileInfo, /* fileInfo */
- ssl_FileInfo64, /* fileInfo64 */
- ssl_WriteV, /* writev */
- ssl_Connect, /* connect */
- ssl_Accept, /* accept */
- ssl_Bind, /* bind */
- ssl_Listen, /* listen */
- ssl_Shutdown, /* shutdown */
- ssl_Recv, /* recv */
- ssl_Send, /* send */
- ssl_RecvFrom, /* recvfrom */
- ssl_SendTo, /* sendto */
- ssl_Poll, /* poll */
- ssl_EmulateAcceptRead, /* acceptread */
- ssl_EmulateTransmitFile, /* transmitfile */
- ssl_GetSockName, /* getsockname */
- ssl_GetPeerName, /* getpeername */
- NULL, /* getsockopt OBSOLETE */
- NULL, /* setsockopt OBSOLETE */
- NULL, /* getsocketoption */
- NULL, /* setsocketoption */
- ssl_EmulateSendFile, /* Send a (partial) file with header/trailer*/
- NULL, /* reserved for future use */
- NULL, /* reserved for future use */
- NULL, /* reserved for future use */
- NULL, /* reserved for future use */
- NULL /* reserved for future use */
-};
-
-
-static PRIOMethods combined_methods;
-
-static void
-ssl_SetupIOMethods(void)
-{
- PRIOMethods *new_methods = &combined_methods;
- const PRIOMethods *nspr_methods = PR_GetDefaultIOMethods();
- const PRIOMethods *my_methods = &ssl_methods;
-
- *new_methods = *nspr_methods;
-
- new_methods->file_type = my_methods->file_type;
- new_methods->close = my_methods->close;
- new_methods->read = my_methods->read;
- new_methods->write = my_methods->write;
- new_methods->available = my_methods->available;
- new_methods->available64 = my_methods->available64;
- new_methods->fsync = my_methods->fsync;
- new_methods->seek = my_methods->seek;
- new_methods->seek64 = my_methods->seek64;
- new_methods->fileInfo = my_methods->fileInfo;
- new_methods->fileInfo64 = my_methods->fileInfo64;
- new_methods->writev = my_methods->writev;
- new_methods->connect = my_methods->connect;
- new_methods->accept = my_methods->accept;
- new_methods->bind = my_methods->bind;
- new_methods->listen = my_methods->listen;
- new_methods->shutdown = my_methods->shutdown;
- new_methods->recv = my_methods->recv;
- new_methods->send = my_methods->send;
- new_methods->recvfrom = my_methods->recvfrom;
- new_methods->sendto = my_methods->sendto;
- new_methods->poll = my_methods->poll;
- new_methods->acceptread = my_methods->acceptread;
- new_methods->transmitfile = my_methods->transmitfile;
- new_methods->getsockname = my_methods->getsockname;
- new_methods->getpeername = my_methods->getpeername;
-/* new_methods->getsocketoption = my_methods->getsocketoption; */
-/* new_methods->setsocketoption = my_methods->setsocketoption; */
- new_methods->sendfile = my_methods->sendfile;
-
-}
-
-static PRCallOnceType initIoLayerOnce;
-
-static PRStatus
-ssl_InitIOLayer(void)
-{
- ssl_layer_id = PR_GetUniqueIdentity("SSL");
- ssl_SetupIOMethods();
- ssl_inited = PR_TRUE;
- return PR_SUCCESS;
-}
-
-static PRStatus
-ssl_PushIOLayer(sslSocket *ns, PRFileDesc *stack, PRDescIdentity id)
-{
- PRFileDesc *layer = NULL;
- PRStatus status;
-
- if (!ssl_inited) {
- PR_CallOnce(&initIoLayerOnce, &ssl_InitIOLayer);
- }
-
- if (ns == NULL)
- goto loser;
-
- layer = PR_CreateIOLayerStub(ssl_layer_id, &combined_methods);
- if (layer == NULL)
- goto loser;
- layer->secret = (PRFilePrivate *)ns;
-
- /* Here, "stack" points to the PRFileDesc on the top of the stack.
- ** "layer" points to a new FD that is to be inserted into the stack.
- ** If layer is being pushed onto the top of the stack, then
- ** PR_PushIOLayer switches the contents of stack and layer, and then
- ** puts stack on top of layer, so that after it is done, the top of
- ** stack is the same "stack" as it was before, and layer is now the
- ** FD for the former top of stack.
- ** After this call, stack always points to the top PRFD on the stack.
- ** If this function fails, the contents of stack and layer are as
- ** they were before the call.
- */
- status = PR_PushIOLayer(stack, id, layer);
- if (status != PR_SUCCESS)
- goto loser;
-
- ns->fd = (id == PR_TOP_IO_LAYER) ? stack : layer;
- return PR_SUCCESS;
-
-loser:
- if (layer) {
- layer->dtor(layer); /* free layer */
- }
- return PR_FAILURE;
-}
-
-/*
-** Create a newsocket structure for a file descriptor.
-*/
-static sslSocket *
-ssl_NewSocket(void)
-{
- sslSocket *ss;
-#ifdef DEBUG
- static int firsttime = 1;
-#endif
-
-#ifdef DEBUG
-#if defined(XP_UNIX) || defined(XP_WIN32)
- if (firsttime) {
- firsttime = 0;
-
- {
- char *ev = getenv("SSLDEBUG");
- if (ev && ev[0]) {
- ssl_debug = atoi(ev);
- SSL_TRACE(("SSL: debugging set to %d", ssl_debug));
- }
- }
-#ifdef TRACE
- {
- char *ev = getenv("SSLTRACE");
- if (ev && ev[0]) {
- ssl_trace = atoi(ev);
- SSL_TRACE(("SSL: tracing set to %d", ssl_trace));
- }
- }
-#endif /* TRACE */
- }
-#endif /* XP_UNIX || XP_WIN32 */
-#endif /* DEBUG */
-
- /* Make a new socket and get it ready */
- ss = (sslSocket*) PORT_ZAlloc(sizeof(sslSocket));
- if (ss) {
- /* This should be of type SSLKEAType, but CC on IRIX
- * complains during the for loop.
- */
- int i;
-
- ss->useSecurity = ssl_defaults.useSecurity;
- ss->useSocks = PR_FALSE;
- ss->requestCertificate = ssl_defaults.requestCertificate;
- ss->requireCertificate = ssl_defaults.requireCertificate;
- ss->handshakeAsClient = ssl_defaults.handshakeAsClient;
- ss->handshakeAsServer = ssl_defaults.handshakeAsServer;
- ss->enableSSL2 = ssl_defaults.enableSSL2;
- ss->enableSSL3 = ssl_defaults.enableSSL3;
- ss->enableTLS = ssl_defaults.enableTLS ;
- ss->fdx = ssl_defaults.fdx;
- ss->v2CompatibleHello = ssl_defaults.v2CompatibleHello;
- ss->detectRollBack = ssl_defaults.detectRollBack;
- ss->noCache = ssl_defaults.noCache;
- ss->peerID = NULL;
- ss->rTimeout = PR_INTERVAL_NO_TIMEOUT;
- ss->wTimeout = PR_INTERVAL_NO_TIMEOUT;
- ss->cTimeout = PR_INTERVAL_NO_TIMEOUT;
- ss->cipherSpecs = NULL;
- ss->sizeCipherSpecs = 0; /* produced lazily */
- ss->preferredCipher = NULL;
- ss->url = NULL;
-
- for (i=kt_null; i < kt_kea_size; i++) {
- sslServerCerts * sc = ss->serverCerts + i;
- sc->serverCert = NULL;
- sc->serverCertChain = NULL;
- sc->serverKey = NULL;
- sc->serverKeyBits = 0;
- }
- ss->stepDownKeyPair = NULL;
- ss->dbHandle = CERT_GetDefaultCertDB();
-
- /* Provide default implementation of hooks */
- ss->authCertificate = SSL_AuthCertificate;
- ss->authCertificateArg = (void *)ss->dbHandle;
- ss->getClientAuthData = NULL;
- ss->handleBadCert = NULL;
- ss->badCertArg = NULL;
- ss->pkcs11PinArg = NULL;
-
- ssl_ChooseOps(ss);
- ssl2_InitSocketPolicy(ss);
- ssl3_InitSocketPolicy(ss);
-
- ss->firstHandshakeLock = PZ_NewMonitor(nssILockSSL);
- ss->ssl3HandshakeLock = PZ_NewMonitor(nssILockSSL);
- ss->specLock = NSSRWLock_New(SSL_LOCK_RANK_SPEC, NULL);
- ss->recvBufLock = PZ_NewMonitor(nssILockSSL);
- ss->xmitBufLock = PZ_NewMonitor(nssILockSSL);
- ss->writerThread = NULL;
- if (ssl_lock_readers) {
- ss->recvLock = PZ_NewLock(nssILockSSL);
- ss->sendLock = PZ_NewLock(nssILockSSL);
- }
- }
- return ss;
-}
-
diff --git a/security/nss/lib/ssl/sslt.h b/security/nss/lib/ssl/sslt.h
deleted file mode 100644
index b188c07cb..000000000
--- a/security/nss/lib/ssl/sslt.h
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * This file contains prototypes for the public SSL functions.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef __sslt_h_
-#define __sslt_h_
-
-#include "prtypes.h"
-
-typedef struct SSL3StatisticsStr {
- /* statistics from ssl3_SendClientHello (sch) */
- long sch_sid_cache_hits;
- long sch_sid_cache_misses;
- long sch_sid_cache_not_ok;
-
- /* statistics from ssl3_HandleServerHello (hsh) */
- long hsh_sid_cache_hits;
- long hsh_sid_cache_misses;
- long hsh_sid_cache_not_ok;
-
- /* statistics from ssl3_HandleClientHello (hch) */
- long hch_sid_cache_hits;
- long hch_sid_cache_misses;
- long hch_sid_cache_not_ok;
-} SSL3Statistics;
-
-/* Key Exchange algorithm values */
-typedef enum {
- ssl_kea_null = 0,
- ssl_kea_rsa = 1,
- ssl_kea_dh = 2,
- ssl_kea_fortezza = 3,
- ssl_kea_size /* number of ssl_kea_ algorithms */
-} SSLKEAType;
-
-/* The following defines are for backwards compatibility.
-** They will be removed in a forthcoming release to reduce namespace pollution.
-** programs that use the kt_ symbols should convert to the ssl_kt_ symbols
-** soon.
-*/
-#define kt_null ssl_kea_null
-#define kt_rsa ssl_kea_rsa
-#define kt_dh ssl_kea_dh
-#define kt_fortezza ssl_kea_fortezza
-#define kt_kea_size ssl_kea_size
-
-typedef enum {
- ssl_sign_null = 0,
- ssl_sign_rsa = 1,
- ssl_sign_dsa = 2
-} SSLSignType;
-
-typedef enum {
- ssl_auth_null = 0,
- ssl_auth_rsa = 1,
- ssl_auth_dsa = 2,
- ssl_auth_kea = 3
-} SSLAuthType;
-
-typedef enum {
- ssl_calg_null = 0,
- ssl_calg_rc4 = 1,
- ssl_calg_rc2 = 2,
- ssl_calg_des = 3,
- ssl_calg_3des = 4,
- ssl_calg_idea = 5,
- ssl_calg_fortezza = 6, /* skipjack */
- ssl_calg_aes = 7 /* coming soon */
-} SSLCipherAlgorithm;
-
-typedef enum {
- ssl_mac_null = 0,
- ssl_mac_md5 = 1,
- ssl_mac_sha = 2,
- ssl_hmac_md5 = 3, /* TLS HMAC version of mac_md5 */
- ssl_hmac_sha = 4 /* TLS HMAC version of mac_sha */
-} SSLMACAlgorithm;
-
-typedef struct SSLChannelInfoStr {
- PRUint32 length;
- PRUint16 protocolVersion;
- PRUint16 cipherSuite;
-
- /* server authentication info */
- PRUint32 authKeyBits;
-
- /* key exchange algorithm info */
- PRUint32 keaKeyBits;
-
- /* session info */
- PRUint32 creationTime; /* seconds since Jan 1, 1970 */
- PRUint32 lastAccessTime; /* seconds since Jan 1, 1970 */
- PRUint32 expirationTime; /* seconds since Jan 1, 1970 */
- PRUint32 sessionIDLength; /* up to 32 */
- PRUint8 sessionID [32];
-} SSLChannelInfo;
-
-typedef struct SSLCipherSuiteInfoStr {
- PRUint16 length;
- PRUint16 cipherSuite;
-
- /* Cipher Suite Name */
- const char * cipherSuiteName;
-
- /* server authentication info */
- const char * authAlgorithmName;
- SSLAuthType authAlgorithm;
-
- /* key exchange algorithm info */
- const char * keaTypeName;
- SSLKEAType keaType;
-
- /* symmetric encryption info */
- const char * symCipherName;
- SSLCipherAlgorithm symCipher;
- PRUint16 symKeyBits;
- PRUint16 symKeySpace;
- PRUint16 effectiveKeyBits;
-
- /* MAC info */
- const char * macAlgorithmName;
- SSLMACAlgorithm macAlgorithm;
- PRUint16 macBits;
-
- PRUintn isFIPS : 1;
- PRUintn reservedBits :31;
-
-} SSLCipherSuiteInfo;
-
-#endif /* __sslt_h_ */
diff --git a/security/nss/lib/ssl/ssltrace.c b/security/nss/lib/ssl/ssltrace.c
deleted file mode 100644
index 15f064813..000000000
--- a/security/nss/lib/ssl/ssltrace.c
+++ /dev/null
@@ -1,269 +0,0 @@
-/*
- * Functions to trace SSL protocol behavior in DEBUG builds.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include <stdarg.h>
-#include "cert.h"
-#include "ssl.h"
-#include "sslimpl.h"
-#include "sslproto.h"
-#include "prprf.h"
-
-#if defined(DEBUG) || defined(TRACE)
-static const char *hex = "0123456789abcdef";
-
-static const char printable[257] = {
- "................" /* 0x */
- "................" /* 1x */
- " !\"#$%&'()*+,-./" /* 2x */
- "0123456789:;<=>?" /* 3x */
- "@ABCDEFGHIJKLMNO" /* 4x */
- "PQRSTUVWXYZ[\\]^_" /* 5x */
- "`abcdefghijklmno" /* 6x */
- "pqrstuvwxyz{|}~." /* 7x */
- "................" /* 8x */
- "................" /* 9x */
- "................" /* ax */
- "................" /* bx */
- "................" /* cx */
- "................" /* dx */
- "................" /* ex */
- "................" /* fx */
-};
-
-void ssl_PrintBuf(sslSocket *ss, const char *msg, const void *vp, int len)
-{
- const unsigned char *cp = (const unsigned char *)vp;
- char buf[80];
- char *bp;
- char *ap;
-
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd,
- msg, len));
- } else {
- SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len));
- }
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- while (--len >= 0) {
- unsigned char ch = *cp++;
- *bp++ = hex[(ch >> 4) & 0xf];
- *bp++ = hex[ch & 0xf];
- *bp++ = ' ';
- *ap++ = printable[ch];
- if (ap - buf >= 66) {
- *ap = 0;
- SSL_TRACE((" %s", buf));
- memset(buf, ' ', sizeof buf);
- bp = buf;
- ap = buf + 50;
- }
- }
- if (bp > buf) {
- *ap = 0;
- SSL_TRACE((" %s", buf));
- }
-}
-
-#define LEN(cp) (((cp)[0] << 8) | ((cp)[1]))
-
-static void PrintType(sslSocket *ss, char *msg)
-{
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd,
- msg));
- } else {
- SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg));
- }
-}
-
-static void PrintInt(sslSocket *ss, char *msg, unsigned v)
-{
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s=%u", SSL_GETPID(), ss->fd,
- msg, v));
- } else {
- SSL_TRACE(("%d: SSL: %s=%u", SSL_GETPID(), msg, v));
- }
-}
-
-/* PrintBuf is just like ssl_PrintBuf above, except that:
- * a) It prefixes each line of the buffer with "XX: SSL[xxx] "
- * b) It dumps only hex, not ASCII.
- */
-static void PrintBuf(sslSocket *ss, char *msg, unsigned char *cp, int len)
-{
- char buf[80];
- char *bp;
-
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]",
- SSL_GETPID(), ss->fd, msg, len));
- } else {
- SSL_TRACE(("%d: SSL: %s [Len: %d]",
- SSL_GETPID(), msg, len));
- }
- bp = buf;
- while (--len >= 0) {
- unsigned char ch = *cp++;
- *bp++ = hex[(ch >> 4) & 0xf];
- *bp++ = hex[ch & 0xf];
- *bp++ = ' ';
- if (bp + 4 > buf + 50) {
- *bp = 0;
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s",
- SSL_GETPID(), ss->fd, buf));
- } else {
- SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));
- }
- bp = buf;
- }
- }
- if (bp > buf) {
- *bp = 0;
- if (ss) {
- SSL_TRACE(("%d: SSL[%d]: %s",
- SSL_GETPID(), ss->fd, buf));
- } else {
- SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));
- }
- }
-}
-
-void ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len)
-{
- switch (bp[0]) {
- case SSL_MT_ERROR:
- PrintType(ss, "Error");
- PrintInt(ss, "error", LEN(bp+1));
- break;
-
- case SSL_MT_CLIENT_HELLO:
- {
- unsigned lcs = LEN(bp+3);
- unsigned ls = LEN(bp+5);
- unsigned lc = LEN(bp+7);
-
- PrintType(ss, "Client-Hello");
-
- PrintInt(ss, "version (Major)", bp[1]);
- PrintInt(ss, "version (minor)", bp[2]);
-
- PrintBuf(ss, "cipher-specs", bp+9, lcs);
- PrintBuf(ss, "session-id", bp+9+lcs, ls);
- PrintBuf(ss, "challenge", bp+9+lcs+ls, lc);
- }
- break;
- case SSL_MT_CLIENT_MASTER_KEY:
- {
- unsigned lck = LEN(bp+4);
- unsigned lek = LEN(bp+6);
- unsigned lka = LEN(bp+8);
-
- PrintType(ss, "Client-Master-Key");
-
- PrintInt(ss, "cipher-choice", bp[1]);
- PrintInt(ss, "key-length", LEN(bp+2));
-
- PrintBuf(ss, "clear-key", bp+10, lck);
- PrintBuf(ss, "encrypted-key", bp+10+lck, lek);
- PrintBuf(ss, "key-arg", bp+10+lck+lek, lka);
- }
- break;
- case SSL_MT_CLIENT_FINISHED:
- PrintType(ss, "Client-Finished");
- PrintBuf(ss, "connection-id", bp+1, len-1);
- break;
- case SSL_MT_SERVER_HELLO:
- {
- unsigned lc = LEN(bp+5);
- unsigned lcs = LEN(bp+7);
- unsigned lci = LEN(bp+9);
-
- PrintType(ss, "Server-Hello");
-
- PrintInt(ss, "session-id-hit", bp[1]);
- PrintInt(ss, "certificate-type", bp[2]);
- PrintInt(ss, "version (Major)", bp[3]);
- PrintInt(ss, "version (minor)", bp[3]);
- PrintBuf(ss, "certificate", bp+11, lc);
- PrintBuf(ss, "cipher-specs", bp+11+lc, lcs);
- PrintBuf(ss, "connection-id", bp+11+lc+lcs, lci);
- }
- break;
- case SSL_MT_SERVER_VERIFY:
- PrintType(ss, "Server-Verify");
- PrintBuf(ss, "challenge", bp+1, len-1);
- break;
- case SSL_MT_SERVER_FINISHED:
- PrintType(ss, "Server-Finished");
- PrintBuf(ss, "session-id", bp+1, len-1);
- break;
- case SSL_MT_REQUEST_CERTIFICATE:
- PrintType(ss, "Request-Certificate");
- PrintInt(ss, "authentication-type", bp[1]);
- PrintBuf(ss, "certificate-challenge", bp+2, len-2);
- break;
- case SSL_MT_CLIENT_CERTIFICATE:
- {
- unsigned lc = LEN(bp+2);
- unsigned lr = LEN(bp+4);
- PrintType(ss, "Client-Certificate");
- PrintInt(ss, "certificate-type", bp[1]);
- PrintBuf(ss, "certificate", bp+6, lc);
- PrintBuf(ss, "response", bp+6+lc, lr);
- }
- break;
- default:
- ssl_PrintBuf(ss, "sending *unknown* message type", bp, len);
- return;
- }
-}
-
-void
-ssl_Trace(const char *format, ... )
-{
- char buf[2000];
-
- va_list args;
- va_start(args, format);
- PR_vsnprintf(buf, sizeof(buf), format, args);
- va_end(args);
- puts(buf);
-}
-#endif
diff --git a/security/nss/lib/ssl/sslver.c b/security/nss/lib/ssl/sslver.c
deleted file mode 100644
index 58bcdd858..000000000
--- a/security/nss/lib/ssl/sslver.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2001 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Library identity and versioning */
-
-#include "nss.h"
-
-#if defined(DEBUG)
-#define _DEBUG_STRING " (debug)"
-#else
-#define _DEBUG_STRING ""
-#endif
-
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-const char __nss_ssl_rcsid[] = "$Header: NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__ " $";
-const char __nss_ssl_sccsid[] = "@(#)NSS " NSS_VERSION _DEBUG_STRING
- " " __DATE__ " " __TIME__;
diff --git a/security/nss/lib/ssl/unix_err.c b/security/nss/lib/ssl/unix_err.c
deleted file mode 100644
index 0e81954bd..000000000
--- a/security/nss/lib/ssl/unix_err.c
+++ /dev/null
@@ -1,547 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#if 0
-#include "primpl.h"
-#else
-#define _PR_POLL_AVAILABLE 1
-#include "prerror.h"
-#endif
-
-#if defined (__bsdi__) || defined(NTO)
-#undef _PR_POLL_AVAILABLE
-#endif
-
-#if defined(_PR_POLL_AVAILABLE)
-#include <poll.h>
-#endif
-#include <errno.h>
-
-/* forward declarations. */
-void nss_MD_unix_map_default_error(int err);
-
-void nss_MD_unix_map_opendir_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_closedir_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_readdir_error(int err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case ENOENT: prError = PR_NO_MORE_FILES_ERROR; break;
-#ifdef EOVERFLOW
- case EOVERFLOW: prError = PR_IO_ERROR; break;
-#endif
- case EINVAL: prError = PR_IO_ERROR; break;
- case ENXIO: prError = PR_IO_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_unlink_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EPERM: prError = PR_IS_DIRECTORY_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_stat_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_fstat_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_rename_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EEXIST: prError = PR_DIRECTORY_NOT_EMPTY_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_access_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_mkdir_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_rmdir_error(int err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case EEXIST: prError = PR_DIRECTORY_NOT_EMPTY_ERROR; break;
- case EINVAL: prError = PR_DIRECTORY_NOT_EMPTY_ERROR; break;
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_read_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_INVALID_METHOD_ERROR; break;
- case ENXIO: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_write_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_INVALID_METHOD_ERROR; break;
- case ENXIO: prError = PR_INVALID_METHOD_ERROR; break;
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_lseek_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_fsync_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- case EINVAL: prError = PR_INVALID_METHOD_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_close_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_socket_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_socketavailable_error(int err)
-{
- PR_SetError(PR_BAD_DESCRIPTOR_ERROR, err);
-}
-
-void nss_MD_unix_map_recv_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_recvfrom_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_send_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_sendto_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_writev_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_accept_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ENODEV: prError = PR_NOT_TCP_SOCKET_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_connect_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EACCES: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
-#if defined(UNIXWARE) || defined(SNI) || defined(NEC)
- /*
- * On some platforms, if we connect to a port on the local host
- * (the loopback address) that no process is listening on, we get
- * EIO instead of ECONNREFUSED.
- */
- case EIO: prError = PR_CONNECT_REFUSED_ERROR; break;
-#endif
- case ELOOP: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ENOENT: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ENXIO: prError = PR_IO_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_bind_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
- /*
- * UNIX domain sockets are not supported in NSPR
- */
- case EIO: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case EISDIR: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ELOOP: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ENOENT: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ENOTDIR: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case EROFS: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_listen_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_shutdown_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_socketpair_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_getsockname_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_getpeername_error(int err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_getsockopt_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_BUFFER_OVERFLOW_ERROR; break;
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_setsockopt_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_BUFFER_OVERFLOW_ERROR; break;
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_open_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EAGAIN: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case EBUSY: prError = PR_IO_ERROR; break;
- case ENODEV: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ENOMEM: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ETIMEDOUT: prError = PR_REMOTE_FILE_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_mmap_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EAGAIN: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case EMFILE: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ENODEV: prError = PR_OPERATION_NOT_SUPPORTED_ERROR; break;
- case ENXIO: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_gethostname_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-void nss_MD_unix_map_select_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-
-#ifdef _PR_POLL_AVAILABLE
-void nss_MD_unix_map_poll_error(int err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case EAGAIN: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_poll_revents_error(int err)
-{
- if (err & POLLNVAL)
- PR_SetError(PR_BAD_DESCRIPTOR_ERROR, EBADF);
- else if (err & POLLHUP)
- PR_SetError(PR_CONNECT_RESET_ERROR, EPIPE);
- else if (err & POLLERR)
- PR_SetError(PR_IO_ERROR, EIO);
- else
- PR_SetError(PR_UNKNOWN_ERROR, err);
-}
-#endif /* _PR_POLL_AVAILABLE */
-
-
-void nss_MD_unix_map_flock_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EINVAL: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- case EWOULDBLOCK: prError = PR_FILE_IS_LOCKED_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_unix_map_lockf_error(int err)
-{
- PRErrorCode prError;
- switch (err) {
- case EACCES: prError = PR_FILE_IS_LOCKED_ERROR; break;
- case EDEADLK: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- default: nss_MD_unix_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-#ifdef HPUX11
-void nss_MD_hpux_map_sendfile_error(int err)
-{
- nss_MD_unix_map_default_error(err);
-}
-#endif /* HPUX11 */
-
-
-void nss_MD_unix_map_default_error(int err)
-{
- PRErrorCode prError;
- switch (err ) {
- case EACCES: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case EADDRINUSE: prError = PR_ADDRESS_IN_USE_ERROR; break;
- case EADDRNOTAVAIL: prError = PR_ADDRESS_NOT_AVAILABLE_ERROR; break;
- case EAFNOSUPPORT: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case EAGAIN: prError = PR_WOULD_BLOCK_ERROR; break;
- /*
- * On QNX and Neutrino, EALREADY is defined as EBUSY.
- */
-#if EALREADY != EBUSY
- case EALREADY: prError = PR_ALREADY_INITIATED_ERROR; break;
-#endif
- case EBADF: prError = PR_BAD_DESCRIPTOR_ERROR; break;
-#ifdef EBADMSG
- case EBADMSG: prError = PR_IO_ERROR; break;
-#endif
- case EBUSY: prError = PR_FILESYSTEM_MOUNTED_ERROR; break;
- case ECONNREFUSED: prError = PR_CONNECT_REFUSED_ERROR; break;
- case ECONNRESET: prError = PR_CONNECT_RESET_ERROR; break;
- case EDEADLK: prError = PR_DEADLOCK_ERROR; break;
-#ifdef EDIRCORRUPTED
- case EDIRCORRUPTED: prError = PR_DIRECTORY_CORRUPTED_ERROR; break;
-#endif
-#ifdef EDQUOT
- case EDQUOT: prError = PR_NO_DEVICE_SPACE_ERROR; break;
-#endif
- case EEXIST: prError = PR_FILE_EXISTS_ERROR; break;
- case EFAULT: prError = PR_ACCESS_FAULT_ERROR; break;
- case EFBIG: prError = PR_FILE_TOO_BIG_ERROR; break;
- case EINPROGRESS: prError = PR_IN_PROGRESS_ERROR; break;
- case EINTR: prError = PR_PENDING_INTERRUPT_ERROR; break;
- case EINVAL: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case EIO: prError = PR_IO_ERROR; break;
- case EISCONN: prError = PR_IS_CONNECTED_ERROR; break;
- case EISDIR: prError = PR_IS_DIRECTORY_ERROR; break;
- case ELOOP: prError = PR_LOOP_ERROR; break;
- case EMFILE: prError = PR_PROC_DESC_TABLE_FULL_ERROR; break;
- case EMLINK: prError = PR_MAX_DIRECTORY_ENTRIES_ERROR; break;
- case EMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
-#ifdef EMULTIHOP
- case EMULTIHOP: prError = PR_REMOTE_FILE_ERROR; break;
-#endif
- case ENAMETOOLONG: prError = PR_NAME_TOO_LONG_ERROR; break;
- case ENETUNREACH: prError = PR_NETWORK_UNREACHABLE_ERROR; break;
- case ENFILE: prError = PR_SYS_DESC_TABLE_FULL_ERROR; break;
-#if !defined(SCO)
- case ENOBUFS: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-#endif
- case ENODEV: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ENOENT: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ENOLCK: prError = PR_FILE_IS_LOCKED_ERROR; break;
-#ifdef ENOLINK
- case ENOLINK: prError = PR_REMOTE_FILE_ERROR; break;
-#endif
- case ENOMEM: prError = PR_OUT_OF_MEMORY_ERROR; break;
- case ENOPROTOOPT: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case ENOSPC: prError = PR_NO_DEVICE_SPACE_ERROR; break;
-#ifdef ENOSR
- case ENOSR: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
-#endif
- case ENOTCONN: prError = PR_NOT_CONNECTED_ERROR; break;
- case ENOTDIR: prError = PR_NOT_DIRECTORY_ERROR; break;
- case ENOTSOCK: prError = PR_NOT_SOCKET_ERROR; break;
- case ENXIO: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case EOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
-#ifdef EOVERFLOW
- case EOVERFLOW: prError = PR_BUFFER_OVERFLOW_ERROR; break;
-#endif
- case EPERM: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case EPIPE: prError = PR_CONNECT_RESET_ERROR; break;
-#ifdef EPROTO
- case EPROTO: prError = PR_IO_ERROR; break;
-#endif
- case EPROTONOSUPPORT: prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR; break;
- case EPROTOTYPE: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case ERANGE: prError = PR_INVALID_METHOD_ERROR; break;
- case EROFS: prError = PR_READ_ONLY_FILESYSTEM_ERROR; break;
- case ESPIPE: prError = PR_INVALID_METHOD_ERROR; break;
- case ETIMEDOUT: prError = PR_IO_TIMEOUT_ERROR; break;
-#if EWOULDBLOCK != EAGAIN
- case EWOULDBLOCK: prError = PR_WOULD_BLOCK_ERROR; break;
-#endif
- case EXDEV: prError = PR_NOT_SAME_DEVICE_ERROR; break;
-
- default: prError = PR_UNKNOWN_ERROR; break;
- }
- PR_SetError(prError, err);
-}
diff --git a/security/nss/lib/ssl/unix_err.h b/security/nss/lib/ssl/unix_err.h
deleted file mode 100644
index 2611baf81..000000000
--- a/security/nss/lib/ssl/unix_err.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* NSPR doesn't make these functions public, so we have to duplicate
-** them in NSS.
-*/
-extern void nss_MD_hpux_map_sendfile_error(int err);
-extern void nss_MD_unix_map_accept_error(int err);
-extern void nss_MD_unix_map_access_error(int err);
-extern void nss_MD_unix_map_bind_error(int err);
-extern void nss_MD_unix_map_close_error(int err);
-extern void nss_MD_unix_map_closedir_error(int err);
-extern void nss_MD_unix_map_connect_error(int err);
-extern void nss_MD_unix_map_default_error(int err);
-extern void nss_MD_unix_map_flock_error(int err);
-extern void nss_MD_unix_map_fstat_error(int err);
-extern void nss_MD_unix_map_fsync_error(int err);
-extern void nss_MD_unix_map_gethostname_error(int err);
-extern void nss_MD_unix_map_getpeername_error(int err);
-extern void nss_MD_unix_map_getsockname_error(int err);
-extern void nss_MD_unix_map_getsockopt_error(int err);
-extern void nss_MD_unix_map_listen_error(int err);
-extern void nss_MD_unix_map_lockf_error(int err);
-extern void nss_MD_unix_map_lseek_error(int err);
-extern void nss_MD_unix_map_mkdir_error(int err);
-extern void nss_MD_unix_map_mmap_error(int err);
-extern void nss_MD_unix_map_open_error(int err);
-extern void nss_MD_unix_map_opendir_error(int err);
-extern void nss_MD_unix_map_poll_error(int err);
-extern void nss_MD_unix_map_poll_revents_error(int err);
-extern void nss_MD_unix_map_read_error(int err);
-extern void nss_MD_unix_map_readdir_error(int err);
-extern void nss_MD_unix_map_recv_error(int err);
-extern void nss_MD_unix_map_recvfrom_error(int err);
-extern void nss_MD_unix_map_rename_error(int err);
-extern void nss_MD_unix_map_rmdir_error(int err);
-extern void nss_MD_unix_map_select_error(int err);
-extern void nss_MD_unix_map_send_error(int err);
-extern void nss_MD_unix_map_sendto_error(int err);
-extern void nss_MD_unix_map_setsockopt_error(int err);
-extern void nss_MD_unix_map_shutdown_error(int err);
-extern void nss_MD_unix_map_socket_error(int err);
-extern void nss_MD_unix_map_socketavailable_error(int err);
-extern void nss_MD_unix_map_socketpair_error(int err);
-extern void nss_MD_unix_map_stat_error(int err);
-extern void nss_MD_unix_map_unlink_error(int err);
-extern void nss_MD_unix_map_write_error(int err);
-extern void nss_MD_unix_map_writev_error(int err);
diff --git a/security/nss/lib/ssl/win32err.c b/security/nss/lib/ssl/win32err.c
deleted file mode 100644
index acfce2c9d..000000000
--- a/security/nss/lib/ssl/win32err.c
+++ /dev/null
@@ -1,373 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * this code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#include "prerror.h"
-#include "prlog.h"
-#include <errno.h>
-#include <windows.h>
-
-/*
- * On Win32, we map three kinds of error codes:
- * - GetLastError(): for Win32 functions
- * - WSAGetLastError(): for Winsock functions
- * - errno: for standard C library functions
- *
- * We do not check for WSAEINPROGRESS and WSAEINTR because we do not
- * use blocking Winsock 1.1 calls.
- *
- * Except for the 'socket' call, we do not check for WSAEINITIALISED.
- * It is assumed that if Winsock is not initialized, that fact will
- * be detected at the time we create new sockets.
- */
-
-/* forward declaration. */
-void nss_MD_win32_map_default_error(PRInt32 err);
-
-void nss_MD_win32_map_opendir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_closedir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_readdir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_delete_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-/* The error code for stat() is in errno. */
-void nss_MD_win32_map_stat_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_fstat_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_rename_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-/* The error code for access() is in errno. */
-void nss_MD_win32_map_access_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_mkdir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_rmdir_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_read_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_transmitfile_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_write_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_lseek_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_fsync_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-/*
- * For both CloseHandle() and closesocket().
- */
-void nss_MD_win32_map_close_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_socket_error(PRInt32 err)
-{
- PR_ASSERT(err != WSANOTINITIALISED);
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_recv_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_recvfrom_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_send_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_sendto_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEMSGSIZE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_accept_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
- case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_acceptex_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_connect_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEWOULDBLOCK: prError = PR_IN_PROGRESS_ERROR; break;
- case WSAEINVAL: prError = PR_ALREADY_INITIATED_ERROR; break;
- case WSAETIMEDOUT: prError = PR_IO_TIMEOUT_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_bind_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEINVAL: prError = PR_SOCKET_ADDRESS_IS_BOUND_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_listen_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEOPNOTSUPP: prError = PR_NOT_TCP_SOCKET_ERROR; break;
- case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_shutdown_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_getsockname_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAEINVAL: prError = PR_INVALID_STATE_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_getpeername_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_getsockopt_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_setsockopt_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_open_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-void nss_MD_win32_map_gethostname_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-/* Win32 select() only works on sockets. So in this
-** context, WSAENOTSOCK is equivalent to EBADF on Unix.
-*/
-void nss_MD_win32_map_select_error(PRInt32 err)
-{
- PRErrorCode prError;
- switch (err) {
- case WSAENOTSOCK: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- default: nss_MD_win32_map_default_error(err); return;
- }
- PR_SetError(prError, err);
-}
-
-void nss_MD_win32_map_lockf_error(PRInt32 err)
-{
- nss_MD_win32_map_default_error(err);
-}
-
-
-
-void nss_MD_win32_map_default_error(PRInt32 err)
-{
- PRErrorCode prError;
-
- switch (err) {
- case EACCES: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case ENOENT: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ERROR_ACCESS_DENIED: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case ERROR_ALREADY_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
- case ERROR_DISK_CORRUPT: prError = PR_IO_ERROR; break;
- case ERROR_DISK_FULL: prError = PR_NO_DEVICE_SPACE_ERROR; break;
- case ERROR_DISK_OPERATION_FAILED: prError = PR_IO_ERROR; break;
- case ERROR_DRIVE_LOCKED: prError = PR_FILE_IS_LOCKED_ERROR; break;
- case ERROR_FILENAME_EXCED_RANGE: prError = PR_NAME_TOO_LONG_ERROR; break;
- case ERROR_FILE_CORRUPT: prError = PR_IO_ERROR; break;
- case ERROR_FILE_EXISTS: prError = PR_FILE_EXISTS_ERROR; break;
- case ERROR_FILE_INVALID: prError = PR_BAD_DESCRIPTOR_ERROR; break;
-#if ERROR_FILE_NOT_FOUND != ENOENT
- case ERROR_FILE_NOT_FOUND: prError = PR_FILE_NOT_FOUND_ERROR; break;
-#endif
- case ERROR_HANDLE_DISK_FULL: prError = PR_NO_DEVICE_SPACE_ERROR; break;
- case ERROR_INVALID_ADDRESS: prError = PR_ACCESS_FAULT_ERROR; break;
- case ERROR_INVALID_HANDLE: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- case ERROR_INVALID_NAME: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case ERROR_INVALID_PARAMETER: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case ERROR_INVALID_USER_BUFFER: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ERROR_LOCKED: prError = PR_FILE_IS_LOCKED_ERROR; break;
- case ERROR_NETNAME_DELETED: prError = PR_CONNECT_RESET_ERROR; break;
- case ERROR_NOACCESS: prError = PR_ACCESS_FAULT_ERROR; break;
- case ERROR_NOT_ENOUGH_MEMORY: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ERROR_NOT_ENOUGH_QUOTA: prError = PR_OUT_OF_MEMORY_ERROR; break;
- case ERROR_NOT_READY: prError = PR_IO_ERROR; break;
- case ERROR_NO_MORE_FILES: prError = PR_NO_MORE_FILES_ERROR; break;
- case ERROR_OPEN_FAILED: prError = PR_IO_ERROR; break;
- case ERROR_OPEN_FILES: prError = PR_IO_ERROR; break;
- case ERROR_OUTOFMEMORY: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case ERROR_PATH_BUSY: prError = PR_IO_ERROR; break;
- case ERROR_PATH_NOT_FOUND: prError = PR_FILE_NOT_FOUND_ERROR; break;
- case ERROR_SEEK_ON_DEVICE: prError = PR_IO_ERROR; break;
- case ERROR_SHARING_VIOLATION: prError = PR_FILE_IS_BUSY_ERROR; break;
- case ERROR_STACK_OVERFLOW: prError = PR_ACCESS_FAULT_ERROR; break;
- case ERROR_TOO_MANY_OPEN_FILES: prError = PR_SYS_DESC_TABLE_FULL_ERROR; break;
- case ERROR_WRITE_PROTECT: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case WSAEACCES: prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
- case WSAEADDRINUSE: prError = PR_ADDRESS_IN_USE_ERROR; break;
- case WSAEADDRNOTAVAIL: prError = PR_ADDRESS_NOT_AVAILABLE_ERROR; break;
- case WSAEAFNOSUPPORT: prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
- case WSAEALREADY: prError = PR_ALREADY_INITIATED_ERROR; break;
- case WSAEBADF: prError = PR_BAD_DESCRIPTOR_ERROR; break;
- case WSAECONNABORTED: prError = PR_CONNECT_ABORTED_ERROR; break;
- case WSAECONNREFUSED: prError = PR_CONNECT_REFUSED_ERROR; break;
- case WSAECONNRESET: prError = PR_CONNECT_RESET_ERROR; break;
- case WSAEDESTADDRREQ: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAEFAULT: prError = PR_ACCESS_FAULT_ERROR; break;
- case WSAEHOSTUNREACH: prError = PR_HOST_UNREACHABLE_ERROR; break;
- case WSAEINVAL: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAEISCONN: prError = PR_IS_CONNECTED_ERROR; break;
- case WSAEMFILE: prError = PR_PROC_DESC_TABLE_FULL_ERROR; break;
- case WSAEMSGSIZE: prError = PR_BUFFER_OVERFLOW_ERROR; break;
- case WSAENETDOWN: prError = PR_NETWORK_DOWN_ERROR; break;
- case WSAENETRESET: prError = PR_CONNECT_ABORTED_ERROR; break;
- case WSAENETUNREACH: prError = PR_NETWORK_UNREACHABLE_ERROR; break;
- case WSAENOBUFS: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
- case WSAENOPROTOOPT: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAENOTCONN: prError = PR_NOT_CONNECTED_ERROR; break;
- case WSAENOTSOCK: prError = PR_NOT_SOCKET_ERROR; break;
- case WSAEOPNOTSUPP: prError = PR_OPERATION_NOT_SUPPORTED_ERROR; break;
- case WSAEPROTONOSUPPORT: prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR; break;
- case WSAEPROTOTYPE: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAESHUTDOWN: prError = PR_SOCKET_SHUTDOWN_ERROR; break;
- case WSAESOCKTNOSUPPORT: prError = PR_INVALID_ARGUMENT_ERROR; break;
- case WSAETIMEDOUT: prError = PR_CONNECT_ABORTED_ERROR; break;
- case WSAEWOULDBLOCK: prError = PR_WOULD_BLOCK_ERROR; break;
- default: prError = PR_UNKNOWN_ERROR; break;
- }
- PR_SetError(prError, err);
-}
-
diff --git a/security/nss/lib/ssl/win32err.h b/security/nss/lib/ssl/win32err.h
deleted file mode 100644
index b87dfefd4..000000000
--- a/security/nss/lib/ssl/win32err.h
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * This file essentially replicates NSPR's source for the functions that
- * map system-specific error codes to NSPR error codes. We would use
- * NSPR's functions, instead of duplicating them, but they're private.
- * As long as SSL's server session cache code must do platform native I/O
- * to accomplish its job, and NSPR's error mapping functions remain private,
- * This code will continue to need to be replicated.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-/* NSPR doesn't make these functions public, so we have to duplicate
-** them in NSS.
-*/
-extern void nss_MD_win32_map_accept_error(PRInt32 err);
-extern void nss_MD_win32_map_acceptex_error(PRInt32 err);
-extern void nss_MD_win32_map_access_error(PRInt32 err);
-extern void nss_MD_win32_map_bind_error(PRInt32 err);
-extern void nss_MD_win32_map_close_error(PRInt32 err);
-extern void nss_MD_win32_map_closedir_error(PRInt32 err);
-extern void nss_MD_win32_map_connect_error(PRInt32 err);
-extern void nss_MD_win32_map_default_error(PRInt32 err);
-extern void nss_MD_win32_map_delete_error(PRInt32 err);
-extern void nss_MD_win32_map_fstat_error(PRInt32 err);
-extern void nss_MD_win32_map_fsync_error(PRInt32 err);
-extern void nss_MD_win32_map_gethostname_error(PRInt32 err);
-extern void nss_MD_win32_map_getpeername_error(PRInt32 err);
-extern void nss_MD_win32_map_getsockname_error(PRInt32 err);
-extern void nss_MD_win32_map_getsockopt_error(PRInt32 err);
-extern void nss_MD_win32_map_listen_error(PRInt32 err);
-extern void nss_MD_win32_map_lockf_error(PRInt32 err);
-extern void nss_MD_win32_map_lseek_error(PRInt32 err);
-extern void nss_MD_win32_map_mkdir_error(PRInt32 err);
-extern void nss_MD_win32_map_open_error(PRInt32 err);
-extern void nss_MD_win32_map_opendir_error(PRInt32 err);
-extern void nss_MD_win32_map_read_error(PRInt32 err);
-extern void nss_MD_win32_map_readdir_error(PRInt32 err);
-extern void nss_MD_win32_map_recv_error(PRInt32 err);
-extern void nss_MD_win32_map_recvfrom_error(PRInt32 err);
-extern void nss_MD_win32_map_rename_error(PRInt32 err);
-extern void nss_MD_win32_map_rmdir_error(PRInt32 err);
-extern void nss_MD_win32_map_select_error(PRInt32 err);
-extern void nss_MD_win32_map_send_error(PRInt32 err);
-extern void nss_MD_win32_map_sendto_error(PRInt32 err);
-extern void nss_MD_win32_map_setsockopt_error(PRInt32 err);
-extern void nss_MD_win32_map_shutdown_error(PRInt32 err);
-extern void nss_MD_win32_map_socket_error(PRInt32 err);
-extern void nss_MD_win32_map_stat_error(PRInt32 err);
-extern void nss_MD_win32_map_transmitfile_error(PRInt32 err);
-extern void nss_MD_win32_map_write_error(PRInt32 err);
diff --git a/security/nss/lib/util/Makefile b/security/nss/lib/util/Makefile
deleted file mode 100644
index 35c2bfb28..000000000
--- a/security/nss/lib/util/Makefile
+++ /dev/null
@@ -1,86 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/arch.mk
-
-ifeq ($(OS_ARCH),HP-UX)
- ASFILES += ret_cr16.s
-endif
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-tests:: $(OBJDIR)/test_utf8
-
-$(OBJDIR)/test_utf8: utf8.c
- @$(MAKE_OBJDIR)
- $(CCF) -o $(OBJDIR)/test_utf8 -DTEST_UTF8 utf8.c $(OS_LIBS)
diff --git a/security/nss/lib/util/base64.h b/security/nss/lib/util/base64.h
deleted file mode 100644
index 92dc54d7c..000000000
--- a/security/nss/lib/util/base64.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * base64.h - prototypes for base64 encoding/decoding
- * Note: These functions are deprecated; see nssb64.h for new routines.
- *
- * $Id$
- */
-#ifndef _BASE64_H_
-#define _BASE64_H_
-
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Return an PORT_Alloc'd ascii string which is the base64 encoded
-** version of the input string.
-*/
-extern char *BTOA_DataToAscii(const unsigned char *data, unsigned int len);
-
-/*
-** Return an PORT_Alloc'd string which is the base64 decoded version
-** of the input string; set *lenp to the length of the returned data.
-*/
-extern unsigned char *ATOB_AsciiToData(const char *string, unsigned int *lenp);
-
-/*
-** Convert from ascii to binary encoding of an item.
-*/
-extern SECStatus ATOB_ConvertAsciiToItem(SECItem *binary_item, char *ascii);
-
-/*
-** Convert from binary encoding of an item to ascii.
-*/
-extern char *BTOA_ConvertItemToAscii(SECItem *binary_item);
-
-SEC_END_PROTOS
-
-#endif /* _BASE64_H_ */
diff --git a/security/nss/lib/util/ciferfam.h b/security/nss/lib/util/ciferfam.h
deleted file mode 100644
index fd2f3bd0f..000000000
--- a/security/nss/lib/util/ciferfam.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * ciferfam.h - cipher familie IDs used for configuring ciphers for export
- * control
- *
- * $Id$
- */
-
-#ifndef _CIFERFAM_H_
-#define _CIFERFAM_H_
-
-/* Cipher Suite "Families" */
-#define CIPHER_FAMILY_PKCS12 "PKCS12"
-#define CIPHER_FAMILY_SMIME "SMIME"
-#define CIPHER_FAMILY_SSL2 "SSLv2"
-#define CIPHER_FAMILY_SSL3 "SSLv3"
-#define CIPHER_FAMILY_SSL "SSL"
-#define CIPHER_FAMILY_ALL ""
-#define CIPHER_FAMILY_UNKNOWN "UNKNOWN"
-
-#define CIPHER_FAMILYID_MASK 0xFFFF0000L
-#define CIPHER_FAMILYID_SSL 0x00000000L
-#define CIPHER_FAMILYID_SMIME 0x00010000L
-#define CIPHER_FAMILYID_PKCS12 0x00020000L
-
-/* SMIME "Cipher Suites" */
-/*
- * Note that it is assumed that the cipher number itself can be used
- * as a bit position in a mask, and that mask is currently 32 bits wide.
- * So, if you want to add a cipher that is greater than 0033, secmime.c
- * needs to be made smarter at the same time.
- */
-#define SMIME_RC2_CBC_40 (CIPHER_FAMILYID_SMIME | 0001)
-#define SMIME_RC2_CBC_64 (CIPHER_FAMILYID_SMIME | 0002)
-#define SMIME_RC2_CBC_128 (CIPHER_FAMILYID_SMIME | 0003)
-#define SMIME_DES_CBC_56 (CIPHER_FAMILYID_SMIME | 0011)
-#define SMIME_DES_EDE3_168 (CIPHER_FAMILYID_SMIME | 0012)
-#define SMIME_RC5PAD_64_16_40 (CIPHER_FAMILYID_SMIME | 0021)
-#define SMIME_RC5PAD_64_16_64 (CIPHER_FAMILYID_SMIME | 0022)
-#define SMIME_RC5PAD_64_16_128 (CIPHER_FAMILYID_SMIME | 0023)
-#define SMIME_FORTEZZA (CIPHER_FAMILYID_SMIME | 0031)
-
-/* PKCS12 "Cipher Suites" */
-
-#define PKCS12_RC2_CBC_40 (CIPHER_FAMILYID_PKCS12 | 0001)
-#define PKCS12_RC2_CBC_128 (CIPHER_FAMILYID_PKCS12 | 0002)
-#define PKCS12_RC4_40 (CIPHER_FAMILYID_PKCS12 | 0011)
-#define PKCS12_RC4_128 (CIPHER_FAMILYID_PKCS12 | 0012)
-#define PKCS12_DES_56 (CIPHER_FAMILYID_PKCS12 | 0021)
-#define PKCS12_DES_EDE3_168 (CIPHER_FAMILYID_PKCS12 | 0022)
-
-/* SMIME version numbers are negative, to avoid colliding with SSL versions */
-#define SMIME_LIBRARY_VERSION_1_0 -0x0100
-
-#endif /* _CIFERFAM_H_ */
diff --git a/security/nss/lib/util/config.mk b/security/nss/lib/util/config.mk
deleted file mode 100644
index 0a00dc61e..000000000
--- a/security/nss/lib/util/config.mk
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# Override TARGETS variable so that only static libraries
-# are specifed as dependencies within rules.mk.
-#
-
-TARGETS = $(LIBRARY)
-SHARED_LIBRARY =
-IMPORT_LIBRARY =
-PROGRAM =
-
diff --git a/security/nss/lib/util/derdec.c b/security/nss/lib/util/derdec.c
deleted file mode 100644
index 914701e33..000000000
--- a/security/nss/lib/util/derdec.c
+++ /dev/null
@@ -1,552 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secder.h"
-#include "secerr.h"
-
-static uint32
-der_indefinite_length(unsigned char *buf, unsigned char *end)
-{
- uint32 len, ret, dataLen;
- unsigned char tag, lenCode;
- int dataLenLen;
-
- len = 0;
- while ( 1 ) {
- if ((buf + 2) > end) {
- return(0);
- }
-
- tag = *buf++;
- lenCode = *buf++;
- len += 2;
-
- if ( ( tag == 0 ) && ( lenCode == 0 ) ) {
- return(len);
- }
-
- if ( lenCode == 0x80 ) { /* indefinite length */
- ret = der_indefinite_length(buf, end); /* recurse to find length */
- if (ret == 0)
- return 0;
- len += ret;
- buf += ret;
- } else { /* definite length */
- if (lenCode & 0x80) {
- /* Length of data is in multibyte format */
- dataLenLen = lenCode & 0x7f;
- switch (dataLenLen) {
- case 1:
- dataLen = buf[0];
- break;
- case 2:
- dataLen = (buf[0]<<8)|buf[1];
- break;
- case 3:
- dataLen = ((unsigned long)buf[0]<<16)|(buf[1]<<8)|buf[2];
- break;
- case 4:
- dataLen = ((unsigned long)buf[0]<<24)|
- ((unsigned long)buf[1]<<16)|(buf[2]<<8)|buf[3];
- break;
- default:
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
- } else {
- /* Length of data is in single byte */
- dataLen = lenCode;
- dataLenLen = 0;
- }
-
- /* skip this item */
- buf = buf + dataLenLen + dataLen;
- len = len + dataLenLen + dataLen;
- }
- }
-}
-
-/*
-** Capture the next thing in the buffer.
-** Returns the length of the header and the length of the contents.
-*/
-static SECStatus
-der_capture(unsigned char *buf, unsigned char *end,
- int *header_len_p, uint32 *contents_len_p)
-{
- unsigned char *bp;
- unsigned char whole_tag;
- uint32 contents_len;
- int tag_number;
-
- if ((buf + 2) > end) {
- *header_len_p = 0;
- *contents_len_p = 0;
- if (buf == end)
- return SECSuccess;
- return SECFailure;
- }
-
- bp = buf;
-
- /* Get tag and verify that it is ok. */
- whole_tag = *bp++;
- tag_number = whole_tag & DER_TAGNUM_MASK;
-
- /*
- * XXX This code does not (yet) handle the high-tag-number form!
- */
- if (tag_number == DER_HIGH_TAG_NUMBER) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
-
- if ((whole_tag & DER_CLASS_MASK) == DER_UNIVERSAL) {
- /* Check that the universal tag number is one we implement. */
- switch (tag_number) {
- case DER_BOOLEAN:
- case DER_INTEGER:
- case DER_BIT_STRING:
- case DER_OCTET_STRING:
- case DER_NULL:
- case DER_OBJECT_ID:
- case DER_SEQUENCE:
- case DER_SET:
- case DER_PRINTABLE_STRING:
- case DER_T61_STRING:
- case DER_IA5_STRING:
- case DER_VISIBLE_STRING:
- case DER_UTC_TIME:
- case 0: /* end-of-contents tag */
- break;
- default:
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
- }
-
- /*
- * Get first byte of length code (might contain entire length, might not).
- */
- contents_len = *bp++;
-
- /*
- * If the high bit is set, then the length is in multibyte format,
- * or the thing has an indefinite-length.
- */
- if (contents_len & 0x80) {
- int bytes_of_encoded_len;
-
- bytes_of_encoded_len = contents_len & 0x7f;
- contents_len = 0;
-
- switch (bytes_of_encoded_len) {
- case 4:
- contents_len |= *bp++;
- contents_len <<= 8;
- /* fallthru */
- case 3:
- contents_len |= *bp++;
- contents_len <<= 8;
- /* fallthru */
- case 2:
- contents_len |= *bp++;
- contents_len <<= 8;
- /* fallthru */
- case 1:
- contents_len |= *bp++;
- break;
-
- case 0:
- contents_len = der_indefinite_length (bp, end);
- if (contents_len)
- break;
- /* fallthru */
- default:
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
- }
-
- if ((bp + contents_len) > end) {
- /* Ran past end of buffer */
- PORT_SetError(SEC_ERROR_BAD_DER);
- return SECFailure;
- }
-
- *header_len_p = bp - buf;
- *contents_len_p = contents_len;
-
- return SECSuccess;
-}
-
-static unsigned char *
-der_decode(PRArenaPool *arena, void *dest, DERTemplate *dtemplate,
- unsigned char *buf, int header_len, uint32 contents_len)
-{
- unsigned char *orig_buf, *end;
- unsigned long encode_kind, under_kind;
- PRBool explicit, optional, universal, check_tag;
- SECItem *item;
- SECStatus rv;
- PRBool indefinite_length, explicit_indefinite_length;
-
- encode_kind = dtemplate->kind;
- explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
- optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
- universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- if (header_len == 0) {
- if (optional || (encode_kind & DER_ANY))
- return buf;
- PORT_SetError(SEC_ERROR_BAD_DER);
- return NULL;
- }
-
- if (encode_kind & DER_POINTER) {
- void *place, **placep;
- int offset;
-
- if (dtemplate->sub != NULL) {
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- place = PORT_ArenaZAlloc(arena, dtemplate->arg);
- offset = dtemplate->offset;
- } else {
- if (universal) {
- under_kind = encode_kind & ~DER_POINTER;
- } else {
- under_kind = dtemplate->arg;
- }
- place = PORT_ArenaZAlloc(arena, sizeof(SECItem));
- offset = 0;
- }
- if (place == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL; /* Out of memory */
- }
- placep = (void **)dest;
- *placep = place;
- dest = (void *)((char *)place + offset);
- } else if (encode_kind & DER_INLINE) {
- PORT_Assert (dtemplate->sub != NULL);
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- dest = (void *)((char *)dest + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind;
- } else {
- under_kind = dtemplate->arg;
- }
-
- orig_buf = buf;
- end = buf + header_len + contents_len;
-
- explicit_indefinite_length = PR_FALSE;
-
- if (explicit) {
- /*
- * This tag is expected to match exactly.
- * (The template has all of the bits specified.)
- */
- if (*buf != (encode_kind & DER_TAG_MASK)) {
- if (optional)
- return buf;
- PORT_SetError(SEC_ERROR_BAD_DER);
- return NULL;
- }
- if ((header_len == 2) && (*(buf + 1) == 0x80))
- explicit_indefinite_length = PR_TRUE;
- buf += header_len;
- rv = der_capture (buf, end, &header_len, &contents_len);
- if (rv != SECSuccess)
- return NULL;
- if (header_len == 0) { /* XXX is this right? */
- PORT_SetError(SEC_ERROR_BAD_DER);
- return NULL;
- }
- optional = PR_FALSE; /* can no longer be optional */
- encode_kind = under_kind;
- }
-
- check_tag = PR_TRUE;
- if (encode_kind & (DER_DERPTR | DER_ANY | DER_FORCE | DER_SKIP)) {
- PORT_Assert ((encode_kind & DER_ANY) || !optional);
- encode_kind = encode_kind & (~DER_FORCE);
- under_kind = under_kind & (~DER_FORCE);
- check_tag = PR_FALSE;
- }
-
- if (check_tag) {
- PRBool wrong;
- unsigned char expect_tag, expect_num;
-
- /*
- * This tag is expected to match, but the simple types
- * may or may not have the constructed bit set, so we
- * have to have all this extra logic.
- */
- wrong = PR_TRUE;
- expect_tag = encode_kind & DER_TAG_MASK;
- expect_num = expect_tag & DER_TAGNUM_MASK;
- if (expect_num == DER_SET || expect_num == DER_SEQUENCE) {
- if (*buf == (expect_tag | DER_CONSTRUCTED))
- wrong = PR_FALSE;
- } else {
- if (*buf == expect_tag)
- wrong = PR_FALSE;
- else if (*buf == (expect_tag | DER_CONSTRUCTED))
- wrong = PR_FALSE;
- }
- if (wrong) {
- if (optional)
- return buf;
- PORT_SetError(SEC_ERROR_BAD_DER);
- return NULL;
- }
- }
-
- if (under_kind & DER_DERPTR) {
- item = (SECItem *)dest;
- if (under_kind & DER_OUTER) {
- item->data = buf;
- item->len = header_len + contents_len;
- } else {
- item->data = buf + header_len;
- item->len = contents_len;
- }
- return orig_buf;
- }
-
- if (encode_kind & DER_ANY) {
- contents_len += header_len;
- header_len = 0;
- }
-
- if ((header_len == 2) && (*(buf + 1) == 0x80))
- indefinite_length = PR_TRUE;
- else
- indefinite_length = PR_FALSE;
-
- buf += header_len;
-
- if (contents_len == 0)
- return buf;
-
- under_kind &= ~DER_OPTIONAL;
-
- if (under_kind & DER_INDEFINITE) {
- int count, thing_size;
- unsigned char *sub_buf;
- DERTemplate *tmpt;
- void *things, **indp, ***placep;
-
- under_kind &= ~DER_INDEFINITE;
-
- /*
- * Count items.
- */
- count = 0;
- sub_buf = buf;
- while (sub_buf < end) {
- if (indefinite_length && sub_buf[0] == 0 && sub_buf[1] == 0) {
- break;
- }
- rv = der_capture (sub_buf, end, &header_len, &contents_len);
- if (rv != SECSuccess)
- return NULL;
- count++;
- sub_buf += header_len + contents_len;
- }
-
- /*
- * Allocate an array of pointers to items; extra one is for a NULL.
- */
- indp = (void**)PORT_ArenaZAlloc(arena, (count + 1) * sizeof(void *));
- if (indp == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- /*
- * Prepare.
- */
- if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
- tmpt = dtemplate->sub;
- PORT_Assert (tmpt != NULL);
- thing_size = tmpt->arg;
- PORT_Assert (thing_size != 0);
- } else {
- tmpt = NULL;
- thing_size = sizeof(SECItem);
- }
-
- /*
- * Allocate the items themselves.
- */
- things = PORT_ArenaZAlloc(arena, count * thing_size);
- if (things == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- placep = (void ***)dest;
- *placep = indp;
-
- while (count) {
- /* ignore return value because we already did whole thing above */
- (void) der_capture (buf, end, &header_len, &contents_len);
- if (tmpt != NULL) {
- void *sub_thing;
-
- sub_thing = (void *)((char *)things + tmpt->offset);
- buf = der_decode (arena, sub_thing, tmpt,
- buf, header_len, contents_len);
- if (buf == NULL)
- return NULL;
- } else {
- item = (SECItem *)things;
- if (under_kind == DER_ANY) {
- contents_len += header_len;
- header_len = 0;
- }
- buf += header_len;
- if (under_kind == DER_BIT_STRING) {
- item->data = buf + 1;
- item->len = ((contents_len - 1) << 3) - *buf;
- } else {
- item->data = buf;
- item->len = contents_len;
- }
- buf += contents_len;
- }
- *indp++ = things;
- things = (void *)((char *)things + thing_size);
- count--;
- }
-
- *indp = NULL;
-
- goto der_decode_done;
- }
-
- switch (under_kind) {
- case DER_SEQUENCE:
- case DER_SET:
- {
- DERTemplate *tmpt;
- void *sub_dest;
-
- for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
- sub_dest = (void *)((char *)dest + tmpt->offset);
- rv = der_capture (buf, end, &header_len, &contents_len);
- if (rv != SECSuccess)
- return NULL;
- buf = der_decode (arena, sub_dest, tmpt,
- buf, header_len, contents_len);
- if (buf == NULL)
- return NULL;
- }
- }
- break;
-
- case DER_BIT_STRING:
- item = (SECItem *)dest;
- item->data = buf + 1;
- item->len = ((contents_len - 1) << 3) - *buf;
- buf += contents_len;
- break;
-
- case DER_SKIP:
- buf += contents_len;
- break;
-
- default:
- item = (SECItem *)dest;
- item->data = buf;
- item->len = contents_len;
- buf += contents_len;
- break;
- }
-
-der_decode_done:
-
- if (indefinite_length && buf[0] == 0 && buf[1] == 0) {
- buf += 2;
- }
-
- if (explicit_indefinite_length && buf[0] == 0 && buf[1] == 0) {
- buf += 2;
- }
-
- return buf;
-}
-
-SECStatus
-DER_Decode(PRArenaPool *arena, void *dest, DERTemplate *dtemplate, SECItem *src)
-{
- unsigned char *buf;
- uint32 buf_len, contents_len;
- int header_len;
- SECStatus rv;
-
- buf = src->data;
- buf_len = src->len;
-
- rv = der_capture (buf, buf + buf_len, &header_len, &contents_len);
- if (rv != SECSuccess)
- return rv;
-
- dest = (void *)((char *)dest + dtemplate->offset);
- buf = der_decode (arena, dest, dtemplate, buf, header_len, contents_len);
- if (buf == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
-
-SECStatus
-DER_Lengths(SECItem *item, int *header_len_p, uint32 *contents_len_p)
-{
- return(der_capture(item->data, &item->data[item->len], header_len_p,
- contents_len_p));
-}
diff --git a/security/nss/lib/util/derenc.c b/security/nss/lib/util/derenc.c
deleted file mode 100644
index 191b00528..000000000
--- a/security/nss/lib/util/derenc.c
+++ /dev/null
@@ -1,504 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secder.h"
-#include "secerr.h"
-/*
- * Generic templates for individual/simple items.
- */
-
-DERTemplate SECAnyTemplate[] = {
- { DER_ANY,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECBitStringTemplate[] = {
- { DER_BIT_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECBooleanTemplate[] = {
- { DER_BOOLEAN,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECIA5StringTemplate[] = {
- { DER_IA5_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECIntegerTemplate[] = {
- { DER_INTEGER,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECNullTemplate[] = {
- { DER_NULL,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECObjectIDTemplate[] = {
- { DER_OBJECT_ID,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECOctetStringTemplate[] = {
- { DER_OCTET_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECPrintableStringTemplate[] = {
- { DER_PRINTABLE_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECT61StringTemplate[] = {
- { DER_T61_STRING,
- 0, NULL, sizeof(SECItem) }
-};
-
-DERTemplate SECUTCTimeTemplate[] = {
- { DER_UTC_TIME,
- 0, NULL, sizeof(SECItem) }
-};
-
-
-static int
-header_length(DERTemplate *dtemplate, uint32 contents_len)
-{
- uint32 len;
- unsigned long encode_kind, under_kind;
- PRBool explicit, optional, universal;
-
- encode_kind = dtemplate->kind;
-
- explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
- optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
- universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- if (encode_kind & DER_POINTER) {
- if (dtemplate->sub != NULL) {
- under_kind = dtemplate->sub->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- } else if (universal) {
- under_kind = encode_kind & ~DER_POINTER;
- } else {
- under_kind = dtemplate->arg;
- }
- } else if (encode_kind & DER_INLINE) {
- under_kind = dtemplate->sub->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- } else if (universal) {
- under_kind = encode_kind;
- } else {
- under_kind = dtemplate->arg;
- }
-
- /* This is only used in decoding; it plays no part in encoding. */
- if (under_kind & DER_DERPTR)
- return 0;
-
- /* No header at all for an "empty" optional. */
- if ((contents_len == 0) && optional)
- return 0;
-
- /* And no header for a full DER_ANY. */
- if (encode_kind & DER_ANY)
- return 0;
-
- /*
- * The common case: one octet for identifier and as many octets
- * as necessary to hold the content length.
- */
- len = 1 + DER_LengthLength(contents_len);
-
- /* Account for the explicit wrapper, if necessary. */
- if (explicit) {
-#if 0 /*
- * Well, I was trying to do something useful, but these
- * assertions are too restrictive on valid templates.
- * I wanted to make sure that the top-level "kind" of
- * a template does not also specify DER_EXPLICIT, which
- * should only modify a component field. Maybe later
- * I can figure out a better way to detect such a problem,
- * but for now I must remove these checks altogether.
- */
- /*
- * This modifier applies only to components of a set or sequence;
- * it should never be used on a set/sequence itself -- confirm.
- */
- PORT_Assert (under_kind != DER_SEQUENCE);
- PORT_Assert (under_kind != DER_SET);
-#endif
-
- len += 1 + DER_LengthLength(len + contents_len);
- }
-
- return len;
-}
-
-
-static uint32
-contents_length(DERTemplate *dtemplate, void *src)
-{
- uint32 len;
- unsigned long encode_kind, under_kind;
- PRBool universal;
-
-
- PORT_Assert (src != NULL);
-
- encode_kind = dtemplate->kind;
-
- universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
- encode_kind &= ~DER_OPTIONAL;
-
- if (encode_kind & DER_POINTER) {
- src = *(void **)src;
- if (src == NULL) {
- return 0;
- }
- if (dtemplate->sub != NULL) {
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- src = (void *)((char *)src + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind & ~DER_POINTER;
- } else {
- under_kind = dtemplate->arg;
- }
- } else if (encode_kind & DER_INLINE) {
- PORT_Assert (dtemplate->sub != NULL);
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- src = (void *)((char *)src + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind;
- } else {
- under_kind = dtemplate->arg;
- }
-
- /* Having any of these bits is not expected here... */
- PORT_Assert ((under_kind & (DER_EXPLICIT | DER_INLINE | DER_OPTIONAL
- | DER_POINTER | DER_SKIP)) == 0);
-
- /* This is only used in decoding; it plays no part in encoding. */
- if (under_kind & DER_DERPTR)
- return 0;
-
- if (under_kind & DER_INDEFINITE) {
- uint32 sub_len;
- void **indp;
-
- indp = *(void ***)src;
- if (indp == NULL)
- return 0;
-
- len = 0;
- under_kind &= ~DER_INDEFINITE;
-
- if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
- DERTemplate *tmpt;
- void *sub_src;
-
- tmpt = dtemplate->sub;
-
- for (; *indp != NULL; indp++) {
- sub_src = (void *)((char *)(*indp) + tmpt->offset);
- sub_len = contents_length (tmpt, sub_src);
- len += sub_len + header_length (tmpt, sub_len);
- }
- } else {
- /*
- * XXX Lisa is not sure this code (for handling, for example,
- * DER_INDEFINITE | DER_OCTET_STRING) is right.
- */
- for (; *indp != NULL; indp++) {
- SECItem *item;
- item = (SECItem *)(*indp);
- sub_len = item->len;
- if (under_kind == DER_BIT_STRING) {
- sub_len = (sub_len + 7) >> 3;
- /* bit string contents involve an extra octet */
- if (sub_len)
- sub_len++;
- }
- if (under_kind != DER_ANY)
- len += 1 + DER_LengthLength (sub_len);
- }
- }
-
- return len;
- }
-
- switch (under_kind) {
- case DER_SEQUENCE:
- case DER_SET:
- {
- DERTemplate *tmpt;
- void *sub_src;
- uint32 sub_len;
-
- len = 0;
- for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
- sub_src = (void *)((char *)src + tmpt->offset);
- sub_len = contents_length (tmpt, sub_src);
- len += sub_len + header_length (tmpt, sub_len);
- }
- }
- break;
-
- case DER_BIT_STRING:
- len = (((SECItem *)src)->len + 7) >> 3;
- /* bit string contents involve an extra octet */
- if (len)
- len++;
- break;
-
- default:
- len = ((SECItem *)src)->len;
- break;
- }
-
- return len;
-}
-
-
-static unsigned char *
-der_encode(unsigned char *buf, DERTemplate *dtemplate, void *src)
-{
- int header_len;
- uint32 contents_len;
- unsigned long encode_kind, under_kind;
- PRBool explicit, optional, universal;
-
-
- /*
- * First figure out how long the encoding will be. Do this by
- * traversing the template from top to bottom and accumulating
- * the length of each leaf item.
- */
- contents_len = contents_length (dtemplate, src);
- header_len = header_length (dtemplate, contents_len);
-
- /*
- * Enough smarts was involved already, so that if both the
- * header and the contents have a length of zero, then we
- * are not doing any encoding for this element.
- */
- if (header_len == 0 && contents_len == 0)
- return buf;
-
- encode_kind = dtemplate->kind;
-
- explicit = (encode_kind & DER_EXPLICIT) ? PR_TRUE : PR_FALSE;
- optional = (encode_kind & DER_OPTIONAL) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~DER_OPTIONAL;
- universal = ((encode_kind & DER_CLASS_MASK) == DER_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- if (encode_kind & DER_POINTER) {
- if (contents_len) {
- src = *(void **)src;
- PORT_Assert (src != NULL);
- }
- if (dtemplate->sub != NULL) {
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- src = (void *)((char *)src + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind & ~DER_POINTER;
- } else {
- under_kind = dtemplate->arg;
- }
- } else if (encode_kind & DER_INLINE) {
- dtemplate = dtemplate->sub;
- under_kind = dtemplate->kind;
- if (universal) {
- encode_kind = under_kind;
- }
- src = (void *)((char *)src + dtemplate->offset);
- } else if (universal) {
- under_kind = encode_kind;
- } else {
- under_kind = dtemplate->arg;
- }
-
- if (explicit) {
- buf = DER_StoreHeader (buf, encode_kind,
- (1 + DER_LengthLength(contents_len)
- + contents_len));
- encode_kind = under_kind;
- }
-
- if ((encode_kind & DER_ANY) == 0) { /* DER_ANY already contains header */
- buf = DER_StoreHeader (buf, encode_kind, contents_len);
- }
-
- /* If no real contents to encode, then we are done. */
- if (contents_len == 0)
- return buf;
-
- if (under_kind & DER_INDEFINITE) {
- void **indp;
-
- indp = *(void ***)src;
- PORT_Assert (indp != NULL);
-
- under_kind &= ~DER_INDEFINITE;
- if (under_kind == DER_SET || under_kind == DER_SEQUENCE) {
- DERTemplate *tmpt;
- void *sub_src;
-
- tmpt = dtemplate->sub;
- for (; *indp != NULL; indp++) {
- sub_src = (void *)((char *)(*indp) + tmpt->offset);
- buf = der_encode (buf, tmpt, sub_src);
- }
- } else {
- for (; *indp != NULL; indp++) {
- SECItem *item;
- int sub_len;
-
- item = (SECItem *)(*indp);
- sub_len = item->len;
- if (under_kind == DER_BIT_STRING) {
- if (sub_len) {
- int rem;
-
- sub_len = (sub_len + 7) >> 3;
- buf = DER_StoreHeader (buf, under_kind, sub_len + 1);
- rem = (sub_len << 3) - item->len;
- *buf++ = rem; /* remaining bits */
- } else {
- buf = DER_StoreHeader (buf, under_kind, 0);
- }
- } else if (under_kind != DER_ANY) {
- buf = DER_StoreHeader (buf, under_kind, sub_len);
- }
- PORT_Memcpy (buf, item->data, sub_len);
- buf += sub_len;
- }
- }
- return buf;
- }
-
- switch (under_kind) {
- case DER_SEQUENCE:
- case DER_SET:
- {
- DERTemplate *tmpt;
- void *sub_src;
-
- for (tmpt = dtemplate + 1; tmpt->kind; tmpt++) {
- sub_src = (void *)((char *)src + tmpt->offset);
- buf = der_encode (buf, tmpt, sub_src);
- }
- }
- break;
-
- case DER_BIT_STRING:
- {
- SECItem *item;
- int rem;
-
- /*
- * The contents length includes our extra octet; subtract
- * it off so we just have the real string length there.
- */
- contents_len--;
- item = (SECItem *)src;
- PORT_Assert (contents_len == ((item->len + 7) >> 3));
- rem = (contents_len << 3) - item->len;
- *buf++ = rem; /* remaining bits */
- PORT_Memcpy (buf, item->data, contents_len);
- buf += contents_len;
- }
- break;
-
- default:
- {
- SECItem *item;
-
- item = (SECItem *)src;
- PORT_Assert (contents_len == item->len);
- PORT_Memcpy (buf, item->data, contents_len);
- buf += contents_len;
- }
- break;
- }
-
- return buf;
-}
-
-
-SECStatus
-DER_Encode(PRArenaPool *arena, SECItem *dest, DERTemplate *dtemplate, void *src)
-{
- unsigned int contents_len, header_len;
-
- src = (void **)((char *)src + dtemplate->offset);
-
- /*
- * First figure out how long the encoding will be. Do this by
- * traversing the template from top to bottom and accumulating
- * the length of each leaf item.
- */
- contents_len = contents_length (dtemplate, src);
- header_len = header_length (dtemplate, contents_len);
-
- dest->len = contents_len + header_len;
-
- /* Allocate storage to hold the encoding */
- dest->data = (unsigned char*) PORT_ArenaAlloc(arena, dest->len);
- if (dest->data == NULL) {
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return SECFailure;
- }
-
- /* Now encode into the buffer */
- (void) der_encode (dest->data, dtemplate, src);
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/util/dersubr.c b/security/nss/lib/util/dersubr.c
deleted file mode 100644
index dc91ffe6f..000000000
--- a/security/nss/lib/util/dersubr.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secder.h"
-#include <limits.h>
-#include "secerr.h"
-
-int
-DER_LengthLength(uint32 len)
-{
- if (len > 127) {
- if (len > 255) {
- if (len > 65535L) {
- if (len > 16777215L) {
- return 5;
- } else {
- return 4;
- }
- } else {
- return 3;
- }
- } else {
- return 2;
- }
- } else {
- return 1;
- }
-}
-
-unsigned char *
-DER_StoreHeader(unsigned char *buf, unsigned int code, uint32 len)
-{
- unsigned char b[4];
-
- b[0] = (len >> 24) & 0xff;
- b[1] = (len >> 16) & 0xff;
- b[2] = (len >> 8) & 0xff;
- b[3] = len & 0xff;
- if ((code & DER_TAGNUM_MASK) == DER_SET
- || (code & DER_TAGNUM_MASK) == DER_SEQUENCE)
- code |= DER_CONSTRUCTED;
- *buf++ = code;
- if (len > 127) {
- if (len > 255) {
- if (len > 65535) {
- if (len > 16777215) {
- *buf++ = 0x84;
- *buf++ = b[0];
- *buf++ = b[1];
- *buf++ = b[2];
- *buf++ = b[3];
- } else {
- *buf++ = 0x83;
- *buf++ = b[1];
- *buf++ = b[2];
- *buf++ = b[3];
- }
- } else {
- *buf++ = 0x82;
- *buf++ = b[2];
- *buf++ = b[3];
- }
- } else {
- *buf++ = 0x81;
- *buf++ = b[3];
- }
- } else {
- *buf++ = b[3];
- }
- return buf;
-}
-
-/*
- * XXX This should be rewritten, generalized, to take a long instead
- * of an int32.
- */
-SECStatus
-DER_SetInteger(PRArenaPool *arena, SECItem *it, int32 i)
-{
- unsigned char bb[4];
- unsigned len;
-
- bb[0] = (unsigned char) (i >> 24);
- bb[1] = (unsigned char) (i >> 16);
- bb[2] = (unsigned char) (i >> 8);
- bb[3] = (unsigned char) (i);
-
- /*
- ** Small integers are encoded in a single byte. Larger integers
- ** require progressively more space.
- */
- if (i < -128) {
- if (i < -32768L) {
- if (i < -8388608L) {
- len = 4;
- } else {
- len = 3;
- }
- } else {
- len = 2;
- }
- } else if (i > 127) {
- if (i > 32767L) {
- if (i > 8388607L) {
- len = 4;
- } else {
- len = 3;
- }
- } else {
- len = 2;
- }
- } else {
- len = 1;
- }
- it->data = (unsigned char*) PORT_ArenaAlloc(arena, len);
- if (!it->data) {
- return SECFailure;
- }
- it->len = len;
- PORT_Memcpy(it->data, bb + (4 - len), len);
- return SECSuccess;
-}
-
-/*
- * XXX This should be rewritten, generalized, to take an unsigned long instead
- * of a uint32.
- */
-SECStatus
-DER_SetUInteger(PRArenaPool *arena, SECItem *it, uint32 ui)
-{
- unsigned char bb[5];
- int len;
-
- bb[0] = 0;
- bb[1] = (unsigned char) (ui >> 24);
- bb[2] = (unsigned char) (ui >> 16);
- bb[3] = (unsigned char) (ui >> 8);
- bb[4] = (unsigned char) (ui);
-
- /*
- ** Small integers are encoded in a single byte. Larger integers
- ** require progressively more space.
- */
- if (ui > 0x7f) {
- if (ui > 0x7fff) {
- if (ui > 0x7fffffL) {
- if (ui >= 0x80000000L) {
- len = 5;
- } else {
- len = 4;
- }
- } else {
- len = 3;
- }
- } else {
- len = 2;
- }
- } else {
- len = 1;
- }
-
- it->data = (unsigned char *)PORT_ArenaAlloc(arena, len);
- if (it->data == NULL) {
- return SECFailure;
- }
-
- it->len = len;
- PORT_Memcpy(it->data, bb + (sizeof(bb) - len), len);
-
- return SECSuccess;
-}
-
-/*
-** Convert a der encoded *signed* integer into a machine integral value.
-** If an underflow/overflow occurs, sets error code and returns min/max.
-*/
-long
-DER_GetInteger(SECItem *it)
-{
- long ival = 0;
- unsigned len = it->len;
- unsigned char *cp = it->data;
- unsigned long overflow = ((unsigned long)0xffL) << ((sizeof(ival) - 1)*8);
-
- while (len) {
- if (ival & overflow) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- if (ival < 0) {
- return LONG_MIN;
- }
- return LONG_MAX;
- }
- ival = ival << 8;
- ival |= *cp++;
- --len;
- }
- return ival;
-}
-
-/*
-** Convert a der encoded *unsigned* integer into a machine integral value.
-** If an underflow/overflow occurs, sets error code and returns min/max.
-*/
-unsigned long
-DER_GetUInteger(SECItem *it)
-{
- unsigned long ival = 0;
- unsigned len = it->len;
- unsigned char *cp = it->data;
- unsigned long overflow = ((unsigned long)0xffL) << ((sizeof(ival) - 1)*8);
-
- /* Cannot put a negative value into an unsigned container. */
- if (*cp & 0x80) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return 0;
- }
-
- while (len) {
- if (ival & overflow) {
- PORT_SetError(SEC_ERROR_BAD_DER);
- return ULONG_MAX;
- }
- ival = ival << 8;
- ival |= *cp++;
- --len;
- }
- return ival;
-}
diff --git a/security/nss/lib/util/dertime.c b/security/nss/lib/util/dertime.c
deleted file mode 100644
index 5fbdca656..000000000
--- a/security/nss/lib/util/dertime.c
+++ /dev/null
@@ -1,334 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prtypes.h"
-#include "prtime.h"
-#include "secder.h"
-#include "prlong.h"
-#include "secerr.h"
-
-#define HIDIGIT(v) (((v) / 10) + '0')
-#define LODIGIT(v) (((v) % 10) + '0')
-
-#define C_SINGLE_QUOTE '\047'
-
-#define DIGITHI(dig) (((dig) - '0') * 10)
-#define DIGITLO(dig) ((dig) - '0')
-#define ISDIGIT(dig) (((dig) >= '0') && ((dig) <= '9'))
-#define CAPTURE(var,p,label) \
-{ \
- if (!ISDIGIT((p)[0]) || !ISDIGIT((p)[1])) goto label; \
- (var) = ((p)[0] - '0') * 10 + ((p)[1] - '0'); \
-}
-
-#define SECMIN ((time_t) 60L)
-#define SECHOUR (60L*SECMIN)
-#define SECDAY (24L*SECHOUR)
-#define SECYEAR (365L*SECDAY)
-
-static long monthToDayInYear[12] = {
- 0,
- 31,
- 31+28,
- 31+28+31,
- 31+28+31+30,
- 31+28+31+30+31,
- 31+28+31+30+31+30,
- 31+28+31+30+31+30+31,
- 31+28+31+30+31+30+31+31,
- 31+28+31+30+31+30+31+31+30,
- 31+28+31+30+31+30+31+31+30+31,
- 31+28+31+30+31+30+31+31+30+31+30,
-};
-
-/* gmttime must contains UTC time in micro-seconds unit */
-SECStatus
-DER_TimeToUTCTime(SECItem *dst, int64 gmttime)
-{
- PRExplodedTime printableTime;
- unsigned char *d;
-
- dst->len = 13;
- dst->data = d = (unsigned char*) PORT_Alloc(13);
- if (!d) {
- return SECFailure;
- }
-
- /* Convert an int64 time to a printable format. */
- PR_ExplodeTime(gmttime, PR_GMTParameters, &printableTime);
-
- /* The month in UTC time is base one */
- printableTime.tm_month++;
-
- /* UTC time does not handle the years before 1950 */
- if (printableTime.tm_year < 1950)
- return SECFailure;
-
- /* remove the century since it's added to the tm_year by the
- PR_ExplodeTime routine, but is not needed for UTC time */
- printableTime.tm_year %= 100;
-
- d[0] = HIDIGIT(printableTime.tm_year);
- d[1] = LODIGIT(printableTime.tm_year);
- d[2] = HIDIGIT(printableTime.tm_month);
- d[3] = LODIGIT(printableTime.tm_month);
- d[4] = HIDIGIT(printableTime.tm_mday);
- d[5] = LODIGIT(printableTime.tm_mday);
- d[6] = HIDIGIT(printableTime.tm_hour);
- d[7] = LODIGIT(printableTime.tm_hour);
- d[8] = HIDIGIT(printableTime.tm_min);
- d[9] = LODIGIT(printableTime.tm_min);
- d[10] = HIDIGIT(printableTime.tm_sec);
- d[11] = LODIGIT(printableTime.tm_sec);
- d[12] = 'Z';
- return SECSuccess;
-}
-
-SECStatus
-DER_AsciiToTime(int64 *dst, char *string)
-{
- long year, month, mday, hour, minute, second, hourOff, minOff, days;
- int64 result, tmp1, tmp2;
-
- /* Verify time is formatted properly and capture information */
- second = 0;
- hourOff = 0;
- minOff = 0;
- CAPTURE(year,string+0,loser);
- if (year < 50) {
- /* ASSUME that year # is in the 2000's, not the 1900's */
- year += 100;
- }
- CAPTURE(month,string+2,loser);
- if ((month == 0) || (month > 12)) goto loser;
- CAPTURE(mday,string+4,loser);
- if ((mday == 0) || (mday > 31)) goto loser;
- CAPTURE(hour,string+6,loser);
- if (hour > 23) goto loser;
- CAPTURE(minute,string+8,loser);
- if (minute > 59) goto loser;
- if (ISDIGIT(string[10])) {
- CAPTURE(second,string+10,loser);
- if (second > 59) goto loser;
- string += 2;
- }
- if (string[10] == '+') {
- CAPTURE(hourOff,string+11,loser);
- if (hourOff > 23) goto loser;
- CAPTURE(minOff,string+13,loser);
- if (minOff > 59) goto loser;
- } else if (string[10] == '-') {
- CAPTURE(hourOff,string+11,loser);
- if (hourOff > 23) goto loser;
- hourOff = -hourOff;
- CAPTURE(minOff,string+13,loser);
- if (minOff > 59) goto loser;
- minOff = -minOff;
- } else if (string[10] != 'Z') {
- goto loser;
- }
-
-
- /* Convert pieces back into a single value year */
- LL_I2L(tmp1, (year-70L));
- LL_I2L(tmp2, SECYEAR);
- LL_MUL(result, tmp1, tmp2);
-
- LL_I2L(tmp1, ( (mday-1L)*SECDAY + hour*SECHOUR + minute*SECMIN -
- hourOff*SECHOUR - minOff*SECMIN + second ) );
- LL_ADD(result, result, tmp1);
-
- /*
- ** Have to specially handle the day in the month and the year, to
- ** take into account leap days. The return time value is in
- ** seconds since January 1st, 12:00am 1970, so start examining
- ** the time after that. We can't represent a time before that.
- */
-
- /* Using two digit years, we can only represent dates from 1970
- to 2069. As a result, we cannot run into the leap year rule
- that states that 1700, 2100, etc. are not leap years (but 2000
- is). In other words, there are no years in the span of time
- that we can represent that are == 0 mod 4 but are not leap
- years. Whew.
- */
-
- days = monthToDayInYear[month-1];
- days += (year - 68)/4;
-
- if (((year % 4) == 0) && (month < 3)) {
- days--;
- }
-
- LL_I2L(tmp1, (days * SECDAY) );
- LL_ADD(result, result, tmp1 );
-
- /* convert to micro seconds */
- LL_I2L(tmp1, PR_USEC_PER_SEC);
- LL_MUL(result, result, tmp1);
-
- *dst = result;
- return SECSuccess;
-
- loser:
- PORT_SetError(SEC_ERROR_INVALID_TIME);
- return SECFailure;
-
-}
-
-SECStatus
-DER_UTCTimeToTime(int64 *dst, SECItem *time)
-{
- return DER_AsciiToTime(dst, (char*) time->data);
-}
-
-/*
- gmttime must contains UTC time in micro-seconds unit.
- Note: the caller should make sure that Generalized time
- should only be used for certifiate validities after the
- year 2049. Otherwise, UTC time should be used. This routine
- does not check this case, since it can be used to encode
- certificate extension, which does not have this restriction.
- */
-SECStatus
-DER_TimeToGeneralizedTime(SECItem *dst, int64 gmttime)
-{
- PRExplodedTime printableTime;
- unsigned char *d;
-
- dst->len = 15;
- dst->data = d = (unsigned char*) PORT_Alloc(15);
- if (!d) {
- return SECFailure;
- }
-
- /*Convert a int64 time to a printable format. This is a temporary call
- until we change to NSPR 2.0
- */
- PR_ExplodeTime(gmttime, PR_GMTParameters, &printableTime);
-
- /* The month in Generalized time is base one */
- printableTime.tm_month++;
-
- d[0] = (printableTime.tm_year /1000) + '0';
- d[1] = ((printableTime.tm_year % 1000) / 100) + '0';
- d[2] = ((printableTime.tm_year % 100) / 10) + '0';
- d[3] = (printableTime.tm_year % 10) + '0';
- d[4] = HIDIGIT(printableTime.tm_month);
- d[5] = LODIGIT(printableTime.tm_month);
- d[6] = HIDIGIT(printableTime.tm_mday);
- d[7] = LODIGIT(printableTime.tm_mday);
- d[8] = HIDIGIT(printableTime.tm_hour);
- d[9] = LODIGIT(printableTime.tm_hour);
- d[10] = HIDIGIT(printableTime.tm_min);
- d[11] = LODIGIT(printableTime.tm_min);
- d[12] = HIDIGIT(printableTime.tm_sec);
- d[13] = LODIGIT(printableTime.tm_sec);
- d[14] = 'Z';
- return SECSuccess;
-}
-
-/*
- The caller should make sure that the generalized time should only
- be used for the certificate validity after the year 2051; otherwise,
- the certificate should be consider invalid!?
- */
-SECStatus
-DER_GeneralizedTimeToTime(int64 *dst, SECItem *time)
-{
- PRExplodedTime genTime;
- char *string;
- long hourOff, minOff;
- uint16 century;
-
- string = (char *)time->data;
- PORT_Memset (&genTime, 0, sizeof (genTime));
-
- /* Verify time is formatted properly and capture information */
- hourOff = 0;
- minOff = 0;
-
- CAPTURE(century, string+0, loser);
- century *= 100;
- CAPTURE(genTime.tm_year,string+2,loser);
- genTime.tm_year += century;
-
- CAPTURE(genTime.tm_month,string+4,loser);
- if ((genTime.tm_month == 0) || (genTime.tm_month > 12)) goto loser;
-
- /* NSPR month base is 0 */
- --genTime.tm_month;
-
- CAPTURE(genTime.tm_mday,string+6,loser);
- if ((genTime.tm_mday == 0) || (genTime.tm_mday > 31)) goto loser;
-
- CAPTURE(genTime.tm_hour,string+8,loser);
- if (genTime.tm_hour > 23) goto loser;
-
- CAPTURE(genTime.tm_min,string+10,loser);
- if (genTime.tm_min > 59) goto loser;
-
- if (ISDIGIT(string[12])) {
- CAPTURE(genTime.tm_sec,string+12,loser);
- if (genTime.tm_sec > 59) goto loser;
- string += 2;
- }
- if (string[12] == '+') {
- CAPTURE(hourOff,string+13,loser);
- if (hourOff > 23) goto loser;
- CAPTURE(minOff,string+15,loser);
- if (minOff > 59) goto loser;
- } else if (string[12] == '-') {
- CAPTURE(hourOff,string+13,loser);
- if (hourOff > 23) goto loser;
- hourOff = -hourOff;
- CAPTURE(minOff,string+15,loser);
- if (minOff > 59) goto loser;
- minOff = -minOff;
- } else if (string[12] != 'Z') {
- goto loser;
- }
-
- /* Since the values of hourOff and minOff are small, there will
- be no loss of data by the conversion to int8 */
- /* Convert the GMT offset to seconds and save it it genTime
- for the implode time process */
- genTime.tm_params.tp_gmt_offset = (PRInt32)((hourOff * 60L + minOff) * 60L);
- *dst = PR_ImplodeTime (&genTime);
- return SECSuccess;
-
- loser:
- PORT_SetError(SEC_ERROR_INVALID_TIME);
- return SECFailure;
-
-}
diff --git a/security/nss/lib/util/manifest.mn b/security/nss/lib/util/manifest.mn
deleted file mode 100644
index 60ebb1fae..000000000
--- a/security/nss/lib/util/manifest.mn
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../..
-
-EXPORTS = \
- base64.h \
- ciferfam.h \
- nssb64.h \
- nssb64t.h \
- nsslocks.h \
- nssilock.h \
- nssilckt.h \
- nssrwlk.h \
- nssrwlkt.h \
- portreg.h \
- pqgutil.h \
- secasn1.h \
- secasn1t.h \
- seccomon.h \
- secder.h \
- secdert.h \
- secdig.h \
- secdigt.h \
- secitem.h \
- secoid.h \
- secoidt.h \
- secport.h \
- secerr.h \
- watcomfx.h \
- $(NULL)
-
-MODULE = security
-
-CSRCS = \
- secdig.c \
- derdec.c \
- derenc.c \
- dersubr.c \
- dertime.c \
- nssb64d.c \
- nssb64e.c \
- nssrwlk.c \
- nssilock.c \
- nsslocks.c \
- portreg.c \
- pqgutil.c \
- secalgid.c \
- secasn1d.c \
- secasn1e.c \
- secasn1u.c \
- secitem.c \
- secoid.c \
- sectime.c \
- secport.c \
- secinit.c \
- utf8.c \
- $(NULL)
-
-REQUIRES = security dbm
-
-LIBRARY_NAME = secutil
diff --git a/security/nss/lib/util/nssb64.h b/security/nss/lib/util/nssb64.h
deleted file mode 100644
index 1a813f3ea..000000000
--- a/security/nss/lib/util/nssb64.h
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Public prototypes for base64 encoding/decoding.
- *
- * $Id$
- */
-#ifndef _NSSB64_H_
-#define _NSSB64_H_
-
-#include "seccomon.h"
-#include "nssb64t.h"
-
-SEC_BEGIN_PROTOS
-
-/*
- * Functions to start a base64 decoding/encoding context.
- */
-
-extern NSSBase64Decoder *
-NSSBase64Decoder_Create (PRInt32 (*output_fn) (void *, const unsigned char *,
- PRInt32),
- void *output_arg);
-
-extern NSSBase64Encoder *
-NSSBase64Encoder_Create (PRInt32 (*output_fn) (void *, const char *, PRInt32),
- void *output_arg);
-
-/*
- * Push data through the decoder/encoder, causing the output_fn (provided
- * to Create) to be called with the decoded/encoded data.
- */
-
-extern SECStatus
-NSSBase64Decoder_Update (NSSBase64Decoder *data, const char *buffer,
- PRUint32 size);
-
-extern SECStatus
-NSSBase64Encoder_Update (NSSBase64Encoder *data, const unsigned char *buffer,
- PRUint32 size);
-
-/*
- * When you're done processing, call this to close the context.
- * If "abort_p" is false, then calling this may cause the output_fn
- * to be called one last time (as the last buffered data is flushed out).
- */
-
-extern SECStatus
-NSSBase64Decoder_Destroy (NSSBase64Decoder *data, PRBool abort_p);
-
-extern SECStatus
-NSSBase64Encoder_Destroy (NSSBase64Encoder *data, PRBool abort_p);
-
-/*
- * Perform base64 decoding from an ascii string "inStr" to an Item.
- * The length of the input must be provided as "inLen". The Item
- * may be provided (as "outItemOpt"); you can also pass in a NULL
- * and the Item will be allocated for you.
- *
- * In any case, the data within the Item will be allocated for you.
- * All allocation will happen out of the passed-in "arenaOpt", if non-NULL.
- * If "arenaOpt" is NULL, standard allocation (heap) will be used and
- * you will want to free the result via SECITEM_FreeItem.
- *
- * Return value is NULL on error, the Item (allocated or provided) otherwise.
- */
-extern SECItem *
-NSSBase64_DecodeBuffer (PRArenaPool *arenaOpt, SECItem *outItemOpt,
- const char *inStr, unsigned int inLen);
-
-/*
- * Perform base64 encoding of binary data "inItem" to an ascii string.
- * The output buffer may be provided (as "outStrOpt"); you can also pass
- * in a NULL and the buffer will be allocated for you. The result will
- * be null-terminated, and if the buffer is provided, "maxOutLen" must
- * specify the maximum length of the buffer and will be checked to
- * supply sufficient space space for the encoded result. (If "outStrOpt"
- * is NULL, "maxOutLen" is ignored.)
- *
- * If "outStrOpt" is NULL, allocation will happen out of the passed-in
- * "arenaOpt", if *it* is non-NULL, otherwise standard allocation (heap)
- * will be used.
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-extern char *
-NSSBase64_EncodeItem (PRArenaPool *arenaOpt, char *outStrOpt,
- unsigned int maxOutLen, SECItem *inItem);
-
-SEC_END_PROTOS
-
-#endif /* _NSSB64_H_ */
diff --git a/security/nss/lib/util/nssb64d.c b/security/nss/lib/util/nssb64d.c
deleted file mode 100644
index c49e38f87..000000000
--- a/security/nss/lib/util/nssb64d.c
+++ /dev/null
@@ -1,861 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Base64 decoding (ascii to binary).
- *
- * $Id$
- */
-
-#include "nssb64.h"
-#include "nspr.h"
-#include "secitem.h"
-#include "secerr.h"
-
-/*
- * XXX We want this basic support to go into NSPR (the PL part).
- * Until that can happen, the PL interface is going to be kept entirely
- * internal here -- all static functions and opaque data structures.
- * When someone can get it moved over into NSPR, that should be done:
- * - giving everything names that are accepted by the NSPR module owners
- * (though I tried to choose ones that would work without modification)
- * - exporting the functions (remove static declarations and add
- * PR_IMPLEMENT as necessary)
- * - put prototypes into appropriate header file (probably replacing
- * the entire current lib/libc/include/plbase64.h in NSPR)
- * along with a typedef for the context structure (which should be
- * kept opaque -- definition in the source file only, but typedef
- * ala "typedef struct PLBase64FooStr PLBase64Foo;" in header file)
- * - modify anything else as necessary to conform to NSPR required style
- * (I looked but found no formatting guide to follow)
- *
- * You will want to move over everything from here down to the comment
- * which says "XXX End of base64 decoding code to be moved into NSPR",
- * into a new file in NSPR.
- */
-
-/*
- **************************************************************
- * XXX Beginning of base64 decoding code to be moved into NSPR.
- */
-
-/*
- * This typedef would belong in the NSPR header file (i.e. plbase64.h).
- */
-typedef struct PLBase64DecoderStr PLBase64Decoder;
-
-/*
- * The following implementation of base64 decoding was based on code
- * found in libmime (specifically, in mimeenc.c). It has been adapted to
- * use PR types and naming as well as to provide other necessary semantics
- * (like buffer-in/buffer-out in addition to "streaming" without undue
- * performance hit of extra copying if you made the buffer versions
- * use the output_fn). It also incorporates some aspects of the current
- * NSPR base64 decoding code. As such, you may find similarities to
- * both of those implementations. I tried to use names that reflected
- * the original code when possible. For this reason you may find some
- * inconsistencies -- libmime used lots of "in" and "out" whereas the
- * NSPR version uses "src" and "dest"; sometimes I changed one to the other
- * and sometimes I left them when I thought the subroutines were at least
- * self-consistent.
- */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Opaque object used by the decoder to store state.
- */
-struct PLBase64DecoderStr {
- /* Current token (or portion, if token_size < 4) being decoded. */
- unsigned char token[4];
- int token_size;
-
- /*
- * Where to write the decoded data (used when streaming, not when
- * doing all in-memory (buffer) operations).
- *
- * Note that this definition is chosen to be compatible with PR_Write.
- */
- PRInt32 (*output_fn) (void *output_arg, const unsigned char *buf,
- PRInt32 size);
- void *output_arg;
-
- /*
- * Where the decoded output goes -- either temporarily (in the streaming
- * case, staged here before it goes to the output function) or what will
- * be the entire buffered result for users of the buffer version.
- */
- unsigned char *output_buffer;
- PRUint32 output_buflen; /* the total length of allocated buffer */
- PRUint32 output_length; /* the length that is currently populated */
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Table to convert an ascii "code" to its corresponding binary value.
- * For ease of use, the binary values in the table are the actual values
- * PLUS ONE. This is so that the special value of zero can denote an
- * invalid mapping; that was much easier than trying to fill in the other
- * values with some value other than zero, and to check for it.
- * Just remember to SUBTRACT ONE when using the value retrieved.
- */
-static unsigned char base64_codetovaluep1[256] = {
-/* 0: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 8: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 16: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 24: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 32: */ 0, 0, 0, 0, 0, 0, 0, 0,
-/* 40: */ 0, 0, 0, 63, 0, 0, 0, 64,
-/* 48: */ 53, 54, 55, 56, 57, 58, 59, 60,
-/* 56: */ 61, 62, 0, 0, 0, 0, 0, 0,
-/* 64: */ 0, 1, 2, 3, 4, 5, 6, 7,
-/* 72: */ 8, 9, 10, 11, 12, 13, 14, 15,
-/* 80: */ 16, 17, 18, 19, 20, 21, 22, 23,
-/* 88: */ 24, 25, 26, 0, 0, 0, 0, 0,
-/* 96: */ 0, 27, 28, 29, 30, 31, 32, 33,
-/* 104: */ 34, 35, 36, 37, 38, 39, 40, 41,
-/* 112: */ 42, 43, 44, 45, 46, 47, 48, 49,
-/* 120: */ 50, 51, 52, 0, 0, 0, 0, 0,
-/* 128: */ 0, 0, 0, 0, 0, 0, 0, 0
-/* and rest are all zero as well */
-};
-
-#define B64_PAD '='
-
-
-/*
- * Reads 4; writes 3 (known, or expected, to have no trailing padding).
- * Returns bytes written; -1 on error (unexpected character).
- */
-static int
-pl_base64_decode_4to3 (const unsigned char *in, unsigned char *out)
-{
- int j;
- PRUint32 num = 0;
- unsigned char bits;
-
- for (j = 0; j < 4; j++) {
- bits = base64_codetovaluep1[in[j]];
- if (bits == 0)
- return -1;
- num = (num << 6) | (bits - 1);
- }
-
- out[0] = (unsigned char) (num >> 16);
- out[1] = (unsigned char) ((num >> 8) & 0xFF);
- out[2] = (unsigned char) (num & 0xFF);
-
- return 3;
-}
-
-/*
- * Reads 3; writes 2 (caller already confirmed EOF or trailing padding).
- * Returns bytes written; -1 on error (unexpected character).
- */
-static int
-pl_base64_decode_3to2 (const unsigned char *in, unsigned char *out)
-{
- PRUint32 num = 0;
- unsigned char bits1, bits2, bits3;
-
- bits1 = base64_codetovaluep1[in[0]];
- bits2 = base64_codetovaluep1[in[1]];
- bits3 = base64_codetovaluep1[in[2]];
-
- if ((bits1 == 0) || (bits2 == 0) || (bits3 == 0))
- return -1;
-
- num = ((PRUint32)(bits1 - 1)) << 10;
- num |= ((PRUint32)(bits2 - 1)) << 4;
- num |= ((PRUint32)(bits3 - 1)) >> 2;
-
- out[0] = (unsigned char) (num >> 8);
- out[1] = (unsigned char) (num & 0xFF);
-
- return 2;
-}
-
-/*
- * Reads 2; writes 1 (caller already confirmed EOF or trailing padding).
- * Returns bytes written; -1 on error (unexpected character).
- */
-static int
-pl_base64_decode_2to1 (const unsigned char *in, unsigned char *out)
-{
- PRUint32 num = 0;
- unsigned char bits1, bits2;
-
- bits1 = base64_codetovaluep1[in[0]];
- bits2 = base64_codetovaluep1[in[1]];
-
- if ((bits1 == 0) || (bits2 == 0))
- return -1;
-
- num = ((PRUint32)(bits1 - 1)) << 2;
- num |= ((PRUint32)(bits2 - 1)) >> 4;
-
- out[0] = (unsigned char) num;
-
- return 1;
-}
-
-/*
- * Reads 4; writes 0-3. Returns bytes written or -1 on error.
- * (Writes less than 3 only at (presumed) EOF.)
- */
-static int
-pl_base64_decode_token (const unsigned char *in, unsigned char *out)
-{
- if (in[3] != B64_PAD)
- return pl_base64_decode_4to3 (in, out);
-
- if (in[2] == B64_PAD)
- return pl_base64_decode_2to1 (in, out);
-
- return pl_base64_decode_3to2 (in, out);
-}
-
-static PRStatus
-pl_base64_decode_buffer (PLBase64Decoder *data, const unsigned char *in,
- PRUint32 length)
-{
- unsigned char *out = data->output_buffer;
- unsigned char *token = data->token;
- int i, n = 0;
-
- i = data->token_size;
- data->token_size = 0;
-
- while (length > 0) {
- while (i < 4 && length > 0) {
- /*
- * XXX Note that the following simply ignores any unexpected
- * characters. This is exactly what the original code in
- * libmime did, and I am leaving it. We certainly want to skip
- * over whitespace (we must); this does much more than that.
- * I am not confident changing it, and I don't want to slow
- * the processing down doing more complicated checking, but
- * someone else might have different ideas in the future.
- */
- if (base64_codetovaluep1[*in] > 0 || *in == B64_PAD)
- token[i++] = *in;
- in++;
- length--;
- }
-
- if (i < 4) {
- /* Didn't get enough for a complete token. */
- data->token_size = i;
- break;
- }
- i = 0;
-
- PR_ASSERT((out - data->output_buffer + 3) <= data->output_buflen);
-
- /*
- * Assume we are not at the end; the following function only works
- * for an internal token (no trailing padding characters) but is
- * faster that way. If it hits an invalid character (padding) it
- * will return an error; we break out of the loop and try again
- * calling the routine that will handle a final token.
- * Note that we intentionally do it this way rather than explicitly
- * add a check for padding here (because that would just slow down
- * the normal case) nor do we rely on checking whether we have more
- * input to process (because that would also slow it down but also
- * because we want to allow trailing garbage, especially white space
- * and cannot tell that without read-ahead, also a slow proposition).
- * Whew. Understand?
- */
- n = pl_base64_decode_4to3 (token, out);
- if (n < 0)
- break;
-
- /* Advance "out" by the number of bytes just written to it. */
- out += n;
- n = 0;
- }
-
- /*
- * See big comment above, before call to pl_base64_decode_4to3.
- * Here we check if we error'd out of loop, and allow for the case
- * that we are processing the last interesting token. If the routine
- * which should handle padding characters also fails, then we just
- * have bad input and give up.
- */
- if (n < 0) {
- n = pl_base64_decode_token (token, out);
- if (n < 0)
- return PR_FAILURE;
-
- out += n;
- }
-
- /*
- * As explained above, we can get here with more input remaining, but
- * it should be all characters we do not care about (i.e. would be
- * ignored when transferring from "in" to "token" in loop above,
- * except here we choose to ignore extraneous pad characters, too).
- * Swallow it, performing that check. If we find more characters that
- * we would expect to decode, something is wrong.
- */
- while (length > 0) {
- if (base64_codetovaluep1[*in] > 0)
- return PR_FAILURE;
- in++;
- length--;
- }
-
- /* Record the length of decoded data we have left in output_buffer. */
- data->output_length = (PRUint32) (out - data->output_buffer);
- return PR_SUCCESS;
-}
-
-/*
- * Flush any remaining buffered characters. Given well-formed input,
- * this will have nothing to do. If the input was missing the padding
- * characters at the end, though, there could be 1-3 characters left
- * behind -- we will tolerate that by adding the padding for them.
- */
-static PRStatus
-pl_base64_decode_flush (PLBase64Decoder *data)
-{
- int count;
-
- /*
- * If no remaining characters, or all are padding (also not well-formed
- * input, but again, be tolerant), then nothing more to do. (And, that
- * is considered successful.)
- */
- if (data->token_size == 0 || data->token[0] == B64_PAD)
- return PR_SUCCESS;
-
- /*
- * Assume we have all the interesting input except for some expected
- * padding characters. Add them and decode the resulting token.
- */
- while (data->token_size < 4)
- data->token[data->token_size++] = B64_PAD;
-
- data->token_size = 0; /* so a subsequent flush call is a no-op */
-
- count = pl_base64_decode_token (data->token,
- data->output_buffer + data->output_length);
- if (count < 0)
- return PR_FAILURE;
-
- /*
- * If there is an output function, call it with this last bit of data.
- * Otherwise we are doing all buffered output, and the decoded bytes
- * are now there, we just need to reflect that in the length.
- */
- if (data->output_fn != NULL) {
- PRInt32 output_result;
-
- PR_ASSERT(data->output_length == 0);
- output_result = data->output_fn (data->output_arg,
- data->output_buffer,
- (PRInt32) count);
- if (output_result < 0)
- return PR_FAILURE;
- } else {
- data->output_length += count;
- }
-
- return PR_SUCCESS;
-}
-
-
-/*
- * The maximum space needed to hold the output of the decoder given
- * input data of length "size".
- */
-static PRUint32
-PL_Base64MaxDecodedLength (PRUint32 size)
-{
- return ((size * 3) / 4);
-}
-
-
-/*
- * A distinct internal creation function for the buffer version to use.
- * (It does not want to specify an output_fn, and we want the normal
- * Create function to require that.) If more common initialization
- * of the decoding context needs to be done, it should be done *here*.
- */
-static PLBase64Decoder *
-pl_base64_create_decoder (void)
-{
- return PR_NEWZAP(PLBase64Decoder);
-}
-
-/*
- * Function to start a base64 decoding context.
- * An "output_fn" is required; the "output_arg" parameter to that is optional.
- */
-static PLBase64Decoder *
-PL_CreateBase64Decoder (PRInt32 (*output_fn) (void *, const unsigned char *,
- PRInt32),
- void *output_arg)
-{
- PLBase64Decoder *data;
-
- if (output_fn == NULL) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return NULL;
- }
-
- data = pl_base64_create_decoder ();
- if (data != NULL) {
- data->output_fn = output_fn;
- data->output_arg = output_arg;
- }
- return data;
-}
-
-
-/*
- * Push data through the decoder, causing the output_fn (provided to Create)
- * to be called with the decoded data.
- */
-static PRStatus
-PL_UpdateBase64Decoder (PLBase64Decoder *data, const char *buffer,
- PRUint32 size)
-{
- PRUint32 need_length;
- PRStatus status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL || buffer == NULL || size == 0) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return PR_FAILURE;
- }
-
- /*
- * How much space could this update need for decoding?
- */
- need_length = PL_Base64MaxDecodedLength (size + data->token_size);
-
- /*
- * Make sure we have at least that much. If not, (re-)allocate.
- */
- if (need_length > data->output_buflen) {
- unsigned char *output_buffer = data->output_buffer;
-
- if (output_buffer != NULL)
- output_buffer = (unsigned char *) PR_Realloc(output_buffer,
- need_length);
- else
- output_buffer = (unsigned char *) PR_Malloc(need_length);
-
- if (output_buffer == NULL)
- return PR_FAILURE;
-
- data->output_buffer = output_buffer;
- data->output_buflen = need_length;
- }
-
- /* There should not have been any leftover output data in the buffer. */
- PR_ASSERT(data->output_length == 0);
- data->output_length = 0;
-
- status = pl_base64_decode_buffer (data, (const unsigned char *) buffer,
- size);
-
- /* Now that we have some decoded data, write it. */
- if (status == PR_SUCCESS && data->output_length > 0) {
- PRInt32 output_result;
-
- PR_ASSERT(data->output_fn != NULL);
- output_result = data->output_fn (data->output_arg,
- data->output_buffer,
- (PRInt32) data->output_length);
- if (output_result < 0)
- status = PR_FAILURE;
- }
-
- data->output_length = 0;
- return status;
-}
-
-
-/*
- * When you're done decoding, call this to free the data. If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-static PRStatus
-PL_DestroyBase64Decoder (PLBase64Decoder *data, PRBool abort_p)
-{
- PRStatus status = PR_SUCCESS;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return PR_FAILURE;
- }
-
- /* Flush out the last few buffered characters. */
- if (!abort_p)
- status = pl_base64_decode_flush (data);
-
- if (data->output_buffer != NULL)
- PR_Free(data->output_buffer);
- PR_Free(data);
-
- return status;
-}
-
-
-/*
- * Perform base64 decoding from an input buffer to an output buffer.
- * The output buffer can be provided (as "dest"); you can also pass in
- * a NULL and this function will allocate a buffer large enough for you,
- * and return it. If you do provide the output buffer, you must also
- * provide the maximum length of that buffer (as "maxdestlen").
- * The actual decoded length of output will be returned to you in
- * "output_destlen".
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-static unsigned char *
-PL_Base64DecodeBuffer (const char *src, PRUint32 srclen, unsigned char *dest,
- PRUint32 maxdestlen, PRUint32 *output_destlen)
-{
- PRUint32 need_length;
- unsigned char *output_buffer = NULL;
- PLBase64Decoder *data = NULL;
- PRStatus status;
-
- PR_ASSERT(srclen > 0);
- if (srclen == 0)
- return dest;
-
- /*
- * How much space could we possibly need for decoding this input?
- */
- need_length = PL_Base64MaxDecodedLength (srclen);
-
- /*
- * Make sure we have at least that much, if output buffer provided.
- * If no output buffer provided, then we allocate that much.
- */
- if (dest != NULL) {
- PR_ASSERT(maxdestlen >= need_length);
- if (maxdestlen < need_length) {
- PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
- goto loser;
- }
- output_buffer = dest;
- } else {
- output_buffer = (unsigned char *) PR_Malloc(need_length);
- if (output_buffer == NULL)
- goto loser;
- maxdestlen = need_length;
- }
-
- data = pl_base64_create_decoder();
- if (data == NULL)
- goto loser;
-
- data->output_buflen = maxdestlen;
- data->output_buffer = output_buffer;
-
- status = pl_base64_decode_buffer (data, (const unsigned char *) src,
- srclen);
-
- /*
- * We do not wait for Destroy to flush, because Destroy will also
- * get rid of our decoder context, which we need to look at first!
- */
- if (status == PR_SUCCESS)
- status = pl_base64_decode_flush (data);
-
- /* Must clear this or Destroy will free it. */
- data->output_buffer = NULL;
-
- if (status == PR_SUCCESS) {
- *output_destlen = data->output_length;
- status = PL_DestroyBase64Decoder (data, PR_FALSE);
- data = NULL;
- if (status == PR_FAILURE)
- goto loser;
- return output_buffer;
- }
-
-loser:
- if (dest == NULL && output_buffer != NULL)
- PR_Free(output_buffer);
- if (data != NULL)
- (void) PL_DestroyBase64Decoder (data, PR_TRUE);
- return NULL;
-}
-
-
-/*
- * XXX End of base64 decoding code to be moved into NSPR.
- ********************************************************
- */
-
-/*
- * This is the beginning of the NSS cover functions. These will
- * provide the interface we want to expose as NSS-ish. For example,
- * they will operate on our Items, do any special handling or checking
- * we want to do, etc.
- */
-
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A boring cover structure for now. Perhaps someday it will include
- * some more interesting fields.
- */
-struct NSSBase64DecoderStr {
- PLBase64Decoder *pl_data;
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Function to start a base64 decoding context.
- */
-NSSBase64Decoder *
-NSSBase64Decoder_Create (PRInt32 (*output_fn) (void *, const unsigned char *,
- PRInt32),
- void *output_arg)
-{
- PLBase64Decoder *pl_data;
- NSSBase64Decoder *nss_data;
-
- nss_data = PORT_ZNew(NSSBase64Decoder);
- if (nss_data == NULL)
- return NULL;
-
- pl_data = PL_CreateBase64Decoder (output_fn, output_arg);
- if (pl_data == NULL) {
- PORT_Free(nss_data);
- return NULL;
- }
-
- nss_data->pl_data = pl_data;
- return nss_data;
-}
-
-
-/*
- * Push data through the decoder, causing the output_fn (provided to Create)
- * to be called with the decoded data.
- */
-SECStatus
-NSSBase64Decoder_Update (NSSBase64Decoder *data, const char *buffer,
- PRUint32 size)
-{
- PRStatus pr_status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- pr_status = PL_UpdateBase64Decoder (data->pl_data, buffer, size);
- if (pr_status == PR_FAILURE)
- return SECFailure;
-
- return SECSuccess;
-}
-
-
-/*
- * When you're done decoding, call this to free the data. If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-SECStatus
-NSSBase64Decoder_Destroy (NSSBase64Decoder *data, PRBool abort_p)
-{
- PRStatus pr_status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- pr_status = PL_DestroyBase64Decoder (data->pl_data, abort_p);
-
- PORT_Free(data);
-
- if (pr_status == PR_FAILURE)
- return SECFailure;
-
- return SECSuccess;
-}
-
-
-/*
- * Perform base64 decoding from an ascii string "inStr" to an Item.
- * The length of the input must be provided as "inLen". The Item
- * may be provided (as "outItemOpt"); you can also pass in a NULL
- * and the Item will be allocated for you.
- *
- * In any case, the data within the Item will be allocated for you.
- * All allocation will happen out of the passed-in "arenaOpt", if non-NULL.
- * If "arenaOpt" is NULL, standard allocation (heap) will be used and
- * you will want to free the result via SECITEM_FreeItem.
- *
- * Return value is NULL on error, the Item (allocated or provided) otherwise.
- */
-SECItem *
-NSSBase64_DecodeBuffer (PRArenaPool *arenaOpt, SECItem *outItemOpt,
- const char *inStr, unsigned int inLen)
-{
- SECItem *out_item = outItemOpt;
- PRUint32 max_out_len = PL_Base64MaxDecodedLength (inLen);
- PRUint32 out_len;
- void *mark = NULL;
- unsigned char *dummy;
-
- PORT_Assert(outItemOpt == NULL || outItemOpt->data == NULL);
-
- if (arenaOpt != NULL)
- mark = PORT_ArenaMark (arenaOpt);
-
- out_item = SECITEM_AllocItem (arenaOpt, outItemOpt, max_out_len);
- if (out_item == NULL) {
- if (arenaOpt != NULL)
- PORT_ArenaRelease (arenaOpt, mark);
- return NULL;
- }
-
- dummy = PL_Base64DecodeBuffer (inStr, inLen, out_item->data,
- max_out_len, &out_len);
- if (dummy == NULL) {
- if (arenaOpt != NULL) {
- PORT_ArenaRelease (arenaOpt, mark);
- if (outItemOpt != NULL) {
- outItemOpt->data = NULL;
- outItemOpt->len = 0;
- }
- } else {
- SECITEM_FreeItem (out_item,
- (outItemOpt == NULL) ? PR_TRUE : PR_FALSE);
- }
- return NULL;
- }
-
- if (arenaOpt != NULL)
- PORT_ArenaUnmark (arenaOpt, mark);
- out_item->len = out_len;
- return out_item;
-}
-
-
-/*
- * XXX Everything below is deprecated. If you add new stuff, put it
- * *above*, not below.
- */
-
-/*
- * XXX The following "ATOB" functions are provided for backward compatibility
- * with current code. They should be considered strongly deprecated.
- * When we can convert all our code over to using the new NSSBase64Decoder_
- * functions defined above, we should get rid of these altogether. (Remove
- * protoypes from base64.h as well -- actually, remove that file completely).
- * If someone thinks either of these functions provides such a very useful
- * interface (though, as shown, the same functionality can already be
- * obtained by calling NSSBase64_DecodeBuffer directly), fine -- but then
- * that API should be provided with a nice new NSSFoo name and using
- * appropriate types, etc.
- */
-
-#include "base64.h"
-
-/*
-** Return an PORT_Alloc'd string which is the base64 decoded version
-** of the input string; set *lenp to the length of the returned data.
-*/
-unsigned char *
-ATOB_AsciiToData(const char *string, unsigned int *lenp)
-{
- SECItem binary_item, *dummy;
-
- binary_item.data = NULL;
- binary_item.len = 0;
-
- dummy = NSSBase64_DecodeBuffer (NULL, &binary_item, string,
- (PRUint32) PORT_Strlen(string));
- if (dummy == NULL)
- return NULL;
-
- PORT_Assert(dummy == &binary_item);
-
- *lenp = dummy->len;
- return dummy->data;
-}
-
-/*
-** Convert from ascii to binary encoding of an item.
-*/
-SECStatus
-ATOB_ConvertAsciiToItem(SECItem *binary_item, char *ascii)
-{
- SECItem *dummy;
-
- if (binary_item == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- /*
- * XXX Would prefer to assert here if data is non-null (actually,
- * don't need to, just let NSSBase64_DecodeBuffer do it), so as to
- * to catch unintended memory leaks, but callers are not clean in
- * this respect so we need to explicitly clear here to avoid the
- * assert in NSSBase64_DecodeBuffer.
- */
- binary_item->data = NULL;
- binary_item->len = 0;
-
- dummy = NSSBase64_DecodeBuffer (NULL, binary_item, ascii,
- (PRUint32) PORT_Strlen(ascii));
-
- if (dummy == NULL)
- return SECFailure;
-
- return SECSuccess;
-}
diff --git a/security/nss/lib/util/nssb64e.c b/security/nss/lib/util/nssb64e.c
deleted file mode 100644
index 9c802abcd..000000000
--- a/security/nss/lib/util/nssb64e.c
+++ /dev/null
@@ -1,762 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Base64 encoding (binary to ascii).
- *
- * $Id$
- */
-
-#include "nssb64.h"
-#include "nspr.h"
-#include "secitem.h"
-#include "secerr.h"
-
-/*
- * XXX See the big comment at the top of nssb64d.c about moving the
- * bulk of this code over into NSPR (the PL part). It all applies
- * here but I didn't want to duplicate it, to avoid divergence problems.
- */
-
-/*
- **************************************************************
- * XXX Beginning of base64 encoding code to be moved into NSPR.
- */
-
-
-struct PLBase64EncodeStateStr {
- unsigned chunks;
- unsigned saved;
- unsigned char buf[3];
-};
-
-/*
- * This typedef would belong in the NSPR header file (i.e. plbase64.h).
- */
-typedef struct PLBase64EncoderStr PLBase64Encoder;
-
-/*
- * The following implementation of base64 encoding was based on code
- * found in libmime (specifically, in mimeenc.c). It has been adapted to
- * use PR types and naming as well as to provide other necessary semantics
- * (like buffer-in/buffer-out in addition to "streaming" without undue
- * performance hit of extra copying if you made the buffer versions
- * use the output_fn). It also incorporates some aspects of the current
- * NSPR base64 encoding code. As such, you may find similarities to
- * both of those implementations. I tried to use names that reflected
- * the original code when possible. For this reason you may find some
- * inconsistencies -- libmime used lots of "in" and "out" whereas the
- * NSPR version uses "src" and "dest"; sometimes I changed one to the other
- * and sometimes I left them when I thought the subroutines were at least
- * self-consistent.
- */
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Opaque object used by the encoder to store state.
- */
-struct PLBase64EncoderStr {
- /*
- * The one or two bytes pending. (We need 3 to create a "token",
- * and hold the leftovers here. in_buffer_count is *only* ever
- * 0, 1, or 2.
- */
- unsigned char in_buffer[2];
- int in_buffer_count;
-
- /*
- * If the caller wants linebreaks added, line_length specifies
- * where they come out. It must be a multiple of 4; if the caller
- * provides one that isn't, we round it down to the nearest
- * multiple of 4.
- *
- * The value of current_column counts how many characters have been
- * added since the last linebreaks (or since the beginning, on the
- * first line). It is also always a multiple of 4; it is unused when
- * line_length is 0.
- */
- PRUint32 line_length;
- PRUint32 current_column;
-
- /*
- * Where to write the encoded data (used when streaming, not when
- * doing all in-memory (buffer) operations).
- *
- * Note that this definition is chosen to be compatible with PR_Write.
- */
- PRInt32 (*output_fn) (void *output_arg, const char *buf, PRInt32 size);
- void *output_arg;
-
- /*
- * Where the encoded output goes -- either temporarily (in the streaming
- * case, staged here before it goes to the output function) or what will
- * be the entire buffered result for users of the buffer version.
- */
- char *output_buffer;
- PRUint32 output_buflen; /* the total length of allocated buffer */
- PRUint32 output_length; /* the length that is currently populated */
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Table to convert a binary value to its corresponding ascii "code".
- */
-static unsigned char base64_valuetocode[64] =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-
-#define B64_PAD '='
-#define B64_CR '\r'
-#define B64_LF '\n'
-
-static PRStatus
-pl_base64_encode_buffer (PLBase64Encoder *data, const unsigned char *in,
- PRUint32 size)
-{
- const unsigned char *end = in + size;
- char *out = data->output_buffer + data->output_length;
- int i = data->in_buffer_count;
- PRUint32 n = 0;
- int off;
- PRUint32 output_threshold;
-
- /* If this input buffer is too small, wait until next time. */
- if (size < (3 - i)) {
- data->in_buffer[i++] = in[0];
- if (size > 1)
- data->in_buffer[i++] = in[1];
- PR_ASSERT(i < 3);
- data->in_buffer_count = i;
- return PR_SUCCESS;
- }
-
- /* If there are bytes that were put back last time, take them now. */
- if (i > 0) {
- n = data->in_buffer[0];
- if (i > 1)
- n = (n << 8) | data->in_buffer[1];
- data->in_buffer_count = 0;
- }
-
- /* If our total is not a multiple of three, put one or two bytes back. */
- off = (size + i) % 3;
- if (off > 0) {
- size -= off;
- data->in_buffer[0] = in[size];
- if (off > 1)
- data->in_buffer[1] = in[size + 1];
- data->in_buffer_count = off;
- end -= off;
- }
-
- output_threshold = data->output_buflen - 3;
-
- /*
- * Populate the output buffer with base64 data, one line (or buffer)
- * at a time.
- */
- while (in < end) {
- int j, k;
-
- while (i < 3) {
- n = (n << 8) | *in++;
- i++;
- }
- i = 0;
-
- if (data->line_length > 0) {
- if (data->current_column >= data->line_length) {
- data->current_column = 0;
- *out++ = B64_CR;
- *out++ = B64_LF;
- data->output_length += 2;
- }
- data->current_column += 4; /* the bytes we are about to add */
- }
-
- for (j = 18; j >= 0; j -= 6) {
- k = (n >> j) & 0x3F;
- *out++ = base64_valuetocode[k];
- }
- n = 0;
- data->output_length += 4;
-
- if (data->output_length >= output_threshold) {
- PR_ASSERT(data->output_length <= data->output_buflen);
- if (data->output_fn != NULL) {
- PRInt32 output_result;
-
- output_result = data->output_fn (data->output_arg,
- data->output_buffer,
- (PRInt32) data->output_length);
- if (output_result < 0)
- return PR_FAILURE;
-
- out = data->output_buffer;
- data->output_length = 0;
- } else {
- /*
- * Check that we are about to exit the loop. (Since we
- * are over the threshold, there isn't enough room in the
- * output buffer for another trip around.)
- */
- PR_ASSERT(in == end);
- if (in < end) {
- PR_SetError (PR_BUFFER_OVERFLOW_ERROR, 0);
- return PR_FAILURE;
- }
- }
- }
- }
-
- return PR_SUCCESS;
-}
-
-static PRStatus
-pl_base64_encode_flush (PLBase64Encoder *data)
-{
- int i = data->in_buffer_count;
-
- if (i == 0 && data->output_length == 0)
- return PR_SUCCESS;
-
- if (i > 0) {
- char *out = data->output_buffer + data->output_length;
- PRUint32 n;
- int j, k;
-
- n = ((PRUint32) data->in_buffer[0]) << 16;
- if (i > 1)
- n |= ((PRUint32) data->in_buffer[1] << 8);
-
- data->in_buffer_count = 0;
-
- if (data->line_length > 0) {
- if (data->current_column >= data->line_length) {
- data->current_column = 0;
- *out++ = B64_CR;
- *out++ = B64_LF;
- data->output_length += 2;
- }
- }
-
- /*
- * This will fill in more than we really have data for, but the
- * valid parts will end up in the correct position and the extras
- * will be over-written with pad characters below.
- */
- for (j = 18; j >= 0; j -= 6) {
- k = (n >> j) & 0x3F;
- *out++ = base64_valuetocode[k];
- }
-
- /* Pad with equal-signs. */
- if (i == 1)
- out[-2] = B64_PAD;
- out[-1] = B64_PAD;
-
- data->output_length += 4;
- }
-
- if (data->output_fn != NULL) {
- PRInt32 output_result;
-
- output_result = data->output_fn (data->output_arg, data->output_buffer,
- (PRInt32) data->output_length);
- data->output_length = 0;
-
- if (output_result < 0)
- return PR_FAILURE;
- }
-
- return PR_SUCCESS;
-}
-
-
-/*
- * The maximum space needed to hold the output of the encoder given input
- * data of length "size", and allowing for CRLF added at least every
- * line_length bytes (we will add it at nearest lower multiple of 4).
- * There is no trailing CRLF.
- */
-static PRUint32
-PL_Base64MaxEncodedLength (PRUint32 size, PRUint32 line_length)
-{
- PRUint32 tokens, tokens_per_line, full_lines, line_break_chars, remainder;
-
- tokens = (size + 2) / 3;
-
- if (line_length == 0)
- return tokens * 4;
-
- if (line_length < 4) /* too small! */
- line_length = 4;
-
- tokens_per_line = line_length / 4;
- full_lines = tokens / tokens_per_line;
- remainder = (tokens - (full_lines * tokens_per_line)) * 4;
- line_break_chars = full_lines * 2;
- if (remainder == 0)
- line_break_chars -= 2;
-
- return (full_lines * tokens_per_line * 4) + line_break_chars + remainder;
-}
-
-
-/*
- * A distinct internal creation function for the buffer version to use.
- * (It does not want to specify an output_fn, and we want the normal
- * Create function to require that.) All common initialization of the
- * encoding context should be done *here*.
- *
- * Save "line_length", rounded down to nearest multiple of 4 (if not
- * already even multiple). Allocate output_buffer, if not provided --
- * based on given size if specified, otherwise based on line_length.
- */
-static PLBase64Encoder *
-pl_base64_create_encoder (PRUint32 line_length, char *output_buffer,
- PRUint32 output_buflen)
-{
- PLBase64Encoder *data;
- PRUint32 line_tokens;
-
- data = PR_NEWZAP(PLBase64Encoder);
- if (data == NULL)
- return NULL;
-
- if (line_length > 0 && line_length < 4) /* too small! */
- line_length = 4;
-
- line_tokens = line_length / 4;
- data->line_length = line_tokens * 4;
-
- if (output_buffer == NULL) {
- if (output_buflen == 0) {
- if (data->line_length > 0) /* need to include room for CRLF */
- output_buflen = data->line_length + 2;
- else
- output_buflen = 64; /* XXX what is a good size? */
- }
-
- output_buffer = (char *) PR_Malloc(output_buflen);
- if (output_buffer == NULL) {
- PR_Free(data);
- return NULL;
- }
- }
-
- data->output_buffer = output_buffer;
- data->output_buflen = output_buflen;
- return data;
-}
-
-/*
- * Function to start a base64 encoding context.
- * An "output_fn" is required; the "output_arg" parameter to that is optional.
- * If linebreaks in the encoded output are desired, "line_length" specifies
- * where to place them -- it will be rounded down to the nearest multiple of 4
- * (if it is not already an even multiple of 4). If it is zero, no linebreaks
- * will be added. (FYI, a linebreak is CRLF -- two characters.)
- */
-static PLBase64Encoder *
-PL_CreateBase64Encoder (PRInt32 (*output_fn) (void *, const char *, PRInt32),
- void *output_arg, PRUint32 line_length)
-{
- PLBase64Encoder *data;
-
- if (output_fn == NULL) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return NULL;
- }
-
- data = pl_base64_create_encoder (line_length, NULL, 0);
- if (data == NULL)
- return NULL;
-
- data->output_fn = output_fn;
- data->output_arg = output_arg;
-
- return data;
-}
-
-
-/*
- * Push data through the encoder, causing the output_fn (provided to Create)
- * to be called with the encoded data.
- */
-static PRStatus
-PL_UpdateBase64Encoder (PLBase64Encoder *data, const unsigned char *buffer,
- PRUint32 size)
-{
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL || buffer == NULL || size == 0) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return PR_FAILURE;
- }
-
- return pl_base64_encode_buffer (data, buffer, size);
-}
-
-
-/*
- * When you're done encoding, call this to free the data. If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-static PRStatus
-PL_DestroyBase64Encoder (PLBase64Encoder *data, PRBool abort_p)
-{
- PRStatus status = PR_SUCCESS;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PR_SetError (PR_INVALID_ARGUMENT_ERROR, 0);
- return PR_FAILURE;
- }
-
- /* Flush out the last few buffered characters. */
- if (!abort_p)
- status = pl_base64_encode_flush (data);
-
- if (data->output_buffer != NULL)
- PR_Free(data->output_buffer);
- PR_Free(data);
-
- return status;
-}
-
-
-/*
- * Perform base64 encoding from an input buffer to an output buffer.
- * The output buffer can be provided (as "dest"); you can also pass in
- * a NULL and this function will allocate a buffer large enough for you,
- * and return it. If you do provide the output buffer, you must also
- * provide the maximum length of that buffer (as "maxdestlen").
- * The actual encoded length of output will be returned to you in
- * "output_destlen".
- *
- * If linebreaks in the encoded output are desired, "line_length" specifies
- * where to place them -- it will be rounded down to the nearest multiple of 4
- * (if it is not already an even multiple of 4). If it is zero, no linebreaks
- * will be added. (FYI, a linebreak is CRLF -- two characters.)
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-static char *
-PL_Base64EncodeBuffer (const unsigned char *src, PRUint32 srclen,
- PRUint32 line_length, char *dest, PRUint32 maxdestlen,
- PRUint32 *output_destlen)
-{
- PRUint32 need_length;
- PLBase64Encoder *data = NULL;
- PRStatus status;
-
- PR_ASSERT(srclen > 0);
- if (srclen == 0)
- return dest;
-
- /*
- * How much space could we possibly need for encoding this input?
- */
- need_length = PL_Base64MaxEncodedLength (srclen, line_length);
-
- /*
- * Make sure we have at least that much, if output buffer provided.
- */
- if (dest != NULL) {
- PR_ASSERT(maxdestlen >= need_length);
- if (maxdestlen < need_length) {
- PR_SetError(PR_BUFFER_OVERFLOW_ERROR, 0);
- return NULL;
- }
- } else {
- maxdestlen = need_length;
- }
-
- data = pl_base64_create_encoder(line_length, dest, maxdestlen);
- if (data == NULL)
- return NULL;
-
- status = pl_base64_encode_buffer (data, src, srclen);
-
- /*
- * We do not wait for Destroy to flush, because Destroy will also
- * get rid of our encoder context, which we need to look at first!
- */
- if (status == PR_SUCCESS)
- status = pl_base64_encode_flush (data);
-
- if (status != PR_SUCCESS) {
- (void) PL_DestroyBase64Encoder (data, PR_TRUE);
- return NULL;
- }
-
- dest = data->output_buffer;
-
- /* Must clear this or Destroy will free it. */
- data->output_buffer = NULL;
-
- *output_destlen = data->output_length;
- status = PL_DestroyBase64Encoder (data, PR_FALSE);
- if (status == PR_FAILURE) {
- PR_Free(dest);
- return NULL;
- }
-
- return dest;
-}
-
-/*
- * XXX End of base64 encoding code to be moved into NSPR.
- ********************************************************
- */
-
-/*
- * This is the beginning of the NSS cover functions. These will
- * provide the interface we want to expose as NSS-ish. For example,
- * they will operate on our Items, do any special handling or checking
- * we want to do, etc.
- */
-
-
-PR_BEGIN_EXTERN_C
-
-/*
- * A boring cover structure for now. Perhaps someday it will include
- * some more interesting fields.
- */
-struct NSSBase64EncoderStr {
- PLBase64Encoder *pl_data;
-};
-
-PR_END_EXTERN_C
-
-
-/*
- * Function to start a base64 encoding context.
- */
-NSSBase64Encoder *
-NSSBase64Encoder_Create (PRInt32 (*output_fn) (void *, const char *, PRInt32),
- void *output_arg)
-{
- PLBase64Encoder *pl_data;
- NSSBase64Encoder *nss_data;
-
- nss_data = PORT_ZNew(NSSBase64Encoder);
- if (nss_data == NULL)
- return NULL;
-
- pl_data = PL_CreateBase64Encoder (output_fn, output_arg, 64);
- if (pl_data == NULL) {
- PORT_Free(nss_data);
- return NULL;
- }
-
- nss_data->pl_data = pl_data;
- return nss_data;
-}
-
-
-/*
- * Push data through the encoder, causing the output_fn (provided to Create)
- * to be called with the encoded data.
- */
-SECStatus
-NSSBase64Encoder_Update (NSSBase64Encoder *data, const unsigned char *buffer,
- PRUint32 size)
-{
- PRStatus pr_status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- pr_status = PL_UpdateBase64Encoder (data->pl_data, buffer, size);
- if (pr_status == PR_FAILURE)
- return SECFailure;
-
- return SECSuccess;
-}
-
-
-/*
- * When you're done encoding, call this to free the data. If "abort_p"
- * is false, then calling this may cause the output_fn to be called
- * one last time (as the last buffered data is flushed out).
- */
-SECStatus
-NSSBase64Encoder_Destroy (NSSBase64Encoder *data, PRBool abort_p)
-{
- PRStatus pr_status;
-
- /* XXX Should we do argument checking only in debug build? */
- if (data == NULL) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- pr_status = PL_DestroyBase64Encoder (data->pl_data, abort_p);
-
- PORT_Free(data);
-
- if (pr_status == PR_FAILURE)
- return SECFailure;
-
- return SECSuccess;
-}
-
-
-/*
- * Perform base64 encoding of binary data "inItem" to an ascii string.
- * The output buffer may be provided (as "outStrOpt"); you can also pass
- * in a NULL and the buffer will be allocated for you. The result will
- * be null-terminated, and if the buffer is provided, "maxOutLen" must
- * specify the maximum length of the buffer and will be checked to
- * supply sufficient space space for the encoded result. (If "outStrOpt"
- * is NULL, "maxOutLen" is ignored.)
- *
- * If "outStrOpt" is NULL, allocation will happen out of the passed-in
- * "arenaOpt", if *it* is non-NULL, otherwise standard allocation (heap)
- * will be used.
- *
- * Return value is NULL on error, the output buffer (allocated or provided)
- * otherwise.
- */
-char *
-NSSBase64_EncodeItem (PRArenaPool *arenaOpt, char *outStrOpt,
- unsigned int maxOutLen, SECItem *inItem)
-{
- char *out_string = outStrOpt;
- PRUint32 max_out_len;
- PRUint32 out_len;
- void *mark = NULL;
- char *dummy;
-
- PORT_Assert(inItem != NULL && inItem->data != NULL && inItem->len != 0);
- if (inItem == NULL || inItem->data == NULL || inItem->len == 0) {
- PORT_SetError (SEC_ERROR_INVALID_ARGS);
- return NULL;
- }
-
- max_out_len = PL_Base64MaxEncodedLength (inItem->len, 64);
-
- if (arenaOpt != NULL)
- mark = PORT_ArenaMark (arenaOpt);
-
- if (out_string == NULL) {
- if (arenaOpt != NULL)
- out_string = PORT_ArenaAlloc (arenaOpt, max_out_len + 1);
- else
- out_string = PORT_Alloc (max_out_len + 1);
-
- if (out_string == NULL) {
- if (arenaOpt != NULL)
- PORT_ArenaRelease (arenaOpt, mark);
- return NULL;
- }
- } else {
- if ((max_out_len + 1) > maxOutLen) {
- PORT_SetError (SEC_ERROR_OUTPUT_LEN);
- return NULL;
- }
- max_out_len = maxOutLen;
- }
-
-
- dummy = PL_Base64EncodeBuffer (inItem->data, inItem->len, 64,
- out_string, max_out_len, &out_len);
- if (dummy == NULL) {
- if (arenaOpt != NULL) {
- PORT_ArenaRelease (arenaOpt, mark);
- } else {
- PORT_Free (out_string);
- }
- return NULL;
- }
-
- if (arenaOpt != NULL)
- PORT_ArenaUnmark (arenaOpt, mark);
-
- out_string[out_len] = '\0';
- return out_string;
-}
-
-
-/*
- * XXX Everything below is deprecated. If you add new stuff, put it
- * *above*, not below.
- */
-
-/*
- * XXX The following "BTOA" functions are provided for backward compatibility
- * with current code. They should be considered strongly deprecated.
- * When we can convert all our code over to using the new NSSBase64Encoder_
- * functions defined above, we should get rid of these altogether. (Remove
- * protoypes from base64.h as well -- actually, remove that file completely).
- * If someone thinks either of these functions provides such a very useful
- * interface (though, as shown, the same functionality can already be
- * obtained by calling NSSBase64_EncodeItem directly), fine -- but then
- * that API should be provided with a nice new NSSFoo name and using
- * appropriate types, etc.
- */
-
-#include "base64.h"
-
-/*
-** Return an PORT_Alloc'd ascii string which is the base64 encoded
-** version of the input string.
-*/
-char *
-BTOA_DataToAscii(const unsigned char *data, unsigned int len)
-{
- SECItem binary_item;
-
- binary_item.data = (unsigned char *)data;
- binary_item.len = len;
-
- return NSSBase64_EncodeItem (NULL, NULL, 0, &binary_item);
-}
-
-/*
-** Convert from binary encoding of an item to ascii.
-*/
-char *
-BTOA_ConvertItemToAscii (SECItem *binary_item)
-{
- return NSSBase64_EncodeItem (NULL, NULL, 0, binary_item);
-}
diff --git a/security/nss/lib/util/nssb64t.h b/security/nss/lib/util/nssb64t.h
deleted file mode 100644
index b7b079d8c..000000000
--- a/security/nss/lib/util/nssb64t.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Public data structures for base64 encoding/decoding.
- *
- * $Id$
- */
-#ifndef _NSSB64T_H_
-#define _NSSB64T_H_
-
-typedef struct NSSBase64DecoderStr NSSBase64Decoder;
-typedef struct NSSBase64EncoderStr NSSBase64Encoder;
-
-#endif /* _NSSB64T_H_ */
diff --git a/security/nss/lib/util/nssilckt.h b/security/nss/lib/util/nssilckt.h
deleted file mode 100644
index e0b49902f..000000000
--- a/security/nss/lib/util/nssilckt.h
+++ /dev/null
@@ -1,220 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** nssilock.h - Instrumented locking functions for NSS
-**
-** Description:
-** nssilock provides instrumentation for locks and monitors in
-** the NSS libraries. The instrumentation, when enabled, causes
-** each call to the instrumented function to record data about
-** the call to an external file. The external file
-** subsequently used to extract performance data and other
-** statistical information about the operation of locks used in
-** the nss library.
-**
-** To enable compilation with instrumentation, build NSS with
-** the compile time switch NEED_NSS_ILOCK defined.
-**
-** say: "gmake OS_CFLAGS+=-DNEED_NSS_ILOCK" at make time.
-**
-** At runtime, to enable recording from nssilock, one or more
-** environment variables must be set. For each nssILockType to
-** be recorded, an environment variable of the form NSS_ILOCK_x
-** must be set to 1. For example:
-**
-** set NSS_ILOCK_Cert=1
-**
-** nssilock uses PRLOG is used to record to trace data. The
-** PRLogModule name associated with nssilock data is: "nssilock".
-** To enable recording of nssilock data you will need to set the
-** environment variable NSPR_LOG_MODULES to enable
-** recording for the nssilock log module. Similarly, you will
-** need to set the environment variable NSPR_LOG_FILE to specify
-** the filename to receive the recorded data. See prlog.h for usage.
-** Example:
-**
-** export NSPR_LOG_MODULES=nssilock:6
-** export NSPR_LOG_FILE=xxxLogfile
-**
-** Operation:
-** nssilock wraps calls to NSPR's PZLock and PZMonitor functions
-** with similarly named functions: PZ_NewLock(), etc. When NSS is
-** built with lock instrumentation enabled, the PZ* functions are
-** compiled into NSS; when lock instrumentation is disabled,
-** calls to PZ* functions are directly mapped to PR* functions
-** and the instrumentation arguments to the PZ* functions are
-** compiled away.
-**
-**
-** File Format:
-** The format of the external file is implementation
-** dependent. Where NSPR's PR_LOG() function is used, the file
-** contains data defined for PR_LOG() plus the data written by
-** the wrapped function. On some platforms and under some
-** circumstances, platform dependent logging or
-** instrumentation probes may be used. In any case, the
-** relevant data provided by the lock instrumentation is:
-**
-** lockType, func, address, duration, line, file [heldTime]
-**
-** where:
-**
-** lockType: a character representation of nssILockType for the
-** call. e.g. ... "cert"
-**
-** func: the function doing the tracing. e.g. "NewLock"
-**
-** address: address of the instrumented lock or monitor
-**
-** duration: is how long was spent in the instrumented function,
-** in PRIntervalTime "ticks".
-**
-** line: the line number within the calling function
-**
-** file: the file from which the call was made
-**
-** heldTime: how long the lock/monitor was held. field
-** present only for PZ_Unlock() and PZ_ExitMonitor().
-**
-** Design Notes:
-** The design for lock instrumentation was influenced by the
-** need to gather performance data on NSS 3.x. It is intended
-** that the effort to modify NSS to use lock instrumentation
-** be minimized. Existing calls to locking functions need only
-** have their names changed to the instrumentation function
-** names.
-**
-** Private NSS Interface:
-** nssilock.h defines a private interface for use by NSS.
-** nssilock.h is experimental in nature and is subject to
-** change or revocation without notice. ... Don't mess with
-** it.
-**
-*/
-
-/*
- * $Id:
- */
-
-#ifndef _NSSILCKT_H_
-#define _NSSILCKT_H_
-
-#include "prtypes.h"
-#include "prmon.h"
-#include "prlock.h"
-#include "prcvar.h"
-
-typedef enum {
- nssILockArena = 0,
- nssILockSession = 1,
- nssILockObject = 2,
- nssILockRefLock = 3,
- nssILockCert = 4,
- nssILockCertDB = 5,
- nssILockDBM = 6,
- nssILockCache = 7,
- nssILockSSL = 8,
- nssILockList = 9,
- nssILockSlot = 10,
- nssILockFreelist = 11,
- nssILockOID = 12,
- nssILockAttribute = 13,
- nssILockPK11cxt = 14, /* pk11context */
- nssILockRWLock = 15,
- nssILockOther = 16,
- nssILockSelfServ = 17,
- nssILockLast /* don't use this one! */
-} nssILockType;
-
-/*
-** Declare operation type enumerator
-** enumerations identify the function being performed
-*/
-typedef enum {
- FlushTT = 0,
- NewLock = 1,
- Lock = 2,
- Unlock = 3,
- DestroyLock = 4,
- NewCondVar = 5,
- WaitCondVar = 6,
- NotifyCondVar = 7,
- NotifyAllCondVar = 8,
- DestroyCondVar = 9,
- NewMonitor = 10,
- EnterMonitor = 11,
- ExitMonitor = 12,
- Notify = 13,
- NotifyAll = 14,
- Wait = 15,
- DestroyMonitor = 16
-} nssILockOp;
-
-/*
-** Declare the trace record
-*/
-struct pzTrace_s {
- PRUint32 threadID; /* PR_GetThreadID() */
- nssILockOp op; /* operation being performed */
- nssILockType ltype; /* lock type identifier */
- PRIntervalTime callTime; /* time spent in function */
- PRIntervalTime heldTime; /* lock held time, or -1 */
- void *lock; /* address of lock structure */
- PRIntn line; /* line number */
- char file[24]; /* filename */
-};
-
-PR_BEGIN_EXTERN_C
-/*
-** conditionally compile in nssilock features
-*/
-#if defined(NEED_NSS_ILOCK)
-
-/*
-** declare opaque types. See: nssilock.c
-*/
-typedef struct pzlock_s PZLock;
-typedef struct pzcondvar_s PZCondVar;
-typedef struct pzmonitor_s PZMonitor;
-
-#else /* NEED_NSS_ILOCK */
-
-#define PZLock PRLock
-#define PZCondVar PRCondVar
-#define PZMonitor PRMonitor
-
-#endif /* NEED_NSS_ILOCK */
-
-PR_END_EXTERN_C
-#endif /* _NSSILCKT_H_ */
diff --git a/security/nss/lib/util/nssilock.c b/security/nss/lib/util/nssilock.c
deleted file mode 100644
index 056ee6e73..000000000
--- a/security/nss/lib/util/nssilock.c
+++ /dev/null
@@ -1,519 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * nssilock.c - NSS lock instrumentation wrapper functions
- *
- * NOTE - These are not public interfaces
- *
- * Implementation Notes:
- * I've tried to make the instrumentation relatively non-intrusive.
- * To do this, I have used a single PR_LOG() call in each
- * instrumented function. There's room for improvement.
- *
- *
- */
-
-#include "prinit.h"
-#include "prerror.h"
-#include "prlock.h"
-#include "prmem.h"
-#include "prenv.h"
-#include "prcvar.h"
-#include "prio.h"
-
-#if defined(NEED_NSS_ILOCK)
-#include "prlog.h"
-#include "nssilock.h"
-
-/*
-** Declare the instrumented PZLock
-*/
-struct pzlock_s {
- PRLock *lock; /* the PZLock to be instrumented */
- PRIntervalTime time; /* timestamp when the lock was aquired */
- nssILockType ltype;
-};
-
-/*
-** Declare the instrumented PZMonitor
-*/
-struct pzmonitor_s {
- PRMonitor *mon; /* the PZMonitor to be instrumented */
- PRIntervalTime time; /* timestamp when the monitor was aquired */
- nssILockType ltype;
-};
-
-/*
-** Declare the instrumented PZCondVar
-*/
-struct pzcondvar_s {
- PRCondVar *cvar; /* the PZCondVar to be instrumented */
- nssILockType ltype;
-};
-
-
-/*
-** Define a CallOnce type to ensure serialized self-initialization
-*/
-static PRCallOnceType coNssILock; /* CallOnce type */
-static PRIntn nssILockInitialized; /* initialization done when 1 */
-static PRLogModuleInfo *nssILog; /* Log instrumentation to this handle */
-
-
-#define NUM_TT_ENTRIES 6000000
-static PRInt32 traceIndex = -1; /* index into trace table */
-static struct pzTrace_s *tt; /* pointer to trace table */
-static PRInt32 ttBufSize = (NUM_TT_ENTRIES * sizeof(struct pzTrace_s ));
-static PRCondVar *ttCVar;
-static PRLock *ttLock;
-static PRFileDesc *ttfd; /* trace table file */
-
-/*
-** Vtrace() -- Trace events, write events to external media
-**
-** Vtrace() records traced events in an in-memory trace table
-** when the trace table fills, Vtrace writes the entire table
-** to a file.
-**
-** data can be lost!
-**
-*/
-static void Vtrace(
- nssILockOp op,
- nssILockType ltype,
- PRIntervalTime callTime,
- PRIntervalTime heldTime,
- void *lock,
- PRIntn line,
- char *file
-) {
- PRInt32 idx;
- struct pzTrace_s *tp;
-
-RetryTrace:
- idx = PR_AtomicIncrement( &traceIndex );
- while( NUM_TT_ENTRIES <= idx || op == FlushTT ) {
- if( NUM_TT_ENTRIES == idx || op == FlushTT ) {
- int writeSize = idx * sizeof(struct pzTrace_s);
- PR_Lock(ttLock);
- PR_Write( ttfd, tt, writeSize );
- traceIndex = -1;
- PR_NotifyAllCondVar( ttCVar );
- PR_Unlock(ttLock);
- goto RetryTrace;
- } else {
- PR_Lock(ttLock);
- while( NUM_TT_ENTRIES < idx )
- PR_WaitCondVar(ttCVar, PR_INTERVAL_NO_WAIT);
- PR_Unlock(ttLock);
- goto RetryTrace;
- }
- } /* end while() */
-
- /* create the trace entry */
- tp = tt + idx;
- tp->threadID = PR_GetThreadID(PR_GetCurrentThread());
- tp->op = op;
- tp->ltype = ltype;
- tp->callTime = callTime;
- tp->heldTime = heldTime;
- tp->lock = lock;
- tp ->line = line;
- strcpy(tp->file, file );
- return;
-} /* --- end Vtrace() --- */
-
-/*
-** pz_TraceFlush() -- Force trace table write to file
-**
-*/
-extern void pz_TraceFlush( void )
-{
- Vtrace( FlushTT, nssILockSelfServ, 0, 0, NULL, 0, "" );
- return;
-} /* --- end pz_TraceFlush() --- */
-
-/*
-** nssILockInit() -- Initialization for nssilock
-**
-** This function is called from the CallOnce mechanism.
-*/
-static PRStatus
- nssILockInit( void )
-{
- int i;
- nssILockInitialized = 1;
-
- /* new log module */
- nssILog = PR_NewLogModule("nssilock");
- if ( NULL == nssILog ) {
- return(PR_FAILURE);
- }
-
- tt = PR_Calloc( NUM_TT_ENTRIES, sizeof(struct pzTrace_s));
- if (NULL == tt ) {
- fprintf(stderr, "nssilock: can't allocate trace table\n");
- exit(1);
- }
-
- ttfd = PR_Open( "xxxTTLog", PR_CREATE_FILE | PR_WRONLY, 0666 );
- if ( NULL == ttfd ) {
- fprintf( stderr, "Oh Drat! Can't open 'xxxTTLog'\n");
- exit(1);
- }
-
- ttLock = PR_NewLock();
- ttCVar = PR_NewCondVar(ttLock);
-
- return(PR_SUCCESS);
-} /* --- end nssILockInit() --- */
-
-extern PZLock * pz_NewLock(
- nssILockType ltype,
- char *file,
- PRIntn line )
-{
- PRStatus rc;
- PZLock *lock;
-
- /* Self Initialize the nssILock feature */
- if (!nssILockInitialized) {
- rc = PR_CallOnce( &coNssILock, nssILockInit );
- if ( PR_FAILURE == rc ) {
- PR_SetError( PR_UNKNOWN_ERROR, 0 );
- return( NULL );
- }
- }
-
- lock = PR_NEWZAP( PZLock );
- if ( NULL != lock ) {
- lock->lock = PR_NewLock();
- if ( NULL == lock->lock ) {
- PR_DELETE( lock );
- lock = NULL;
- }
- }
- lock->ltype = ltype;
-
- Vtrace( NewLock, ltype, 0, 0, lock, line, file );
- return(lock);
-} /* --- end pz_NewLock() --- */
-
-extern void
- pz_Lock(
- PZLock *lock,
- char *file,
- PRIntn line
- )
-{
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- PR_Lock( lock->lock );
- lock->time = PR_IntervalNow();
- callTime = lock->time - callTime;
-
- Vtrace( Lock, lock->ltype, callTime, 0, lock, line, file );
- return;
-} /* --- end pz_Lock() --- */
-
-extern PRStatus
- pz_Unlock(
- PZLock *lock,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime, now, heldTime;
-
- callTime = PR_IntervalNow();
- rc = PR_Unlock( lock->lock );
- now = PR_IntervalNow();
- callTime = now - callTime;
- heldTime = now - lock->time;
- Vtrace( Unlock, lock->ltype, callTime, heldTime, lock, line, file );
- return( rc );
-} /* --- end pz_Unlock() --- */
-
-extern void
- pz_DestroyLock(
- PZLock *lock,
- char *file,
- PRIntn line
- )
-{
- Vtrace( DestroyLock, lock->ltype, 0, 0, lock, line, file );
- PR_DestroyLock( lock->lock );
- PR_DELETE( lock );
- return;
-} /* --- end pz_DestroyLock() --- */
-
-
-
-extern PZCondVar *
- pz_NewCondVar(
- PZLock *lock,
- char *file,
- PRIntn line
- )
-{
- PZCondVar *cvar;
-
- cvar = PR_NEWZAP( PZCondVar );
- if ( NULL == cvar ) return(NULL);
-
- cvar->ltype = lock->ltype;
- cvar->cvar = PR_NewCondVar( lock->lock );
- if ( NULL == cvar->cvar ) {
- PR_DELETE( cvar );
- }
- Vtrace( NewCondVar, cvar->ltype, 0, 0, cvar, line, file );
- return( cvar );
-} /* --- end pz_NewCondVar() --- */
-
-extern void
- pz_DestroyCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- )
-{
- Vtrace( DestroyCondVar, cvar->ltype, 0, 0, cvar, line, file );
- PR_DestroyCondVar( cvar->cvar );
- PR_DELETE( cvar );
-} /* --- end pz_DestroyCondVar() --- */
-
-extern PRStatus
- pz_WaitCondVar(
- PZCondVar *cvar,
- PRIntervalTime timeout,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- rc = PR_WaitCondVar( cvar->cvar, timeout );
- callTime = PR_IntervalNow() - callTime;
-
- Vtrace( WaitCondVar, cvar->ltype, callTime, 0, cvar, line, file );
- return(rc);
-} /* --- end pz_WaitCondVar() --- */
-
-extern PRStatus
- pz_NotifyCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
-
- rc = PR_NotifyCondVar( cvar->cvar );
-
- Vtrace( NotifyCondVar, cvar->ltype, 0, 0, cvar, line, file );
- return(rc);
-} /* --- end pz_NotifyCondVar() --- */
-
-extern PRStatus
- pz_NotifyAllCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
-
- rc = PR_NotifyAllCondVar( cvar->cvar );
-
- Vtrace( NotifyAllCondVar, cvar->ltype, 0, 0, cvar, line, file );
- return(rc);
-} /* --- end pz_NotifyAllCondVar() --- */
-
-extern PZMonitor *
- pz_NewMonitor(
- nssILockType ltype,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PZMonitor *mon;
-
- /* Self Initialize the nssILock feature */
- if (!nssILockInitialized) {
- rc = PR_CallOnce( &coNssILock, nssILockInit );
- if ( PR_FAILURE == rc ) {
- PR_SetError( PR_UNKNOWN_ERROR, 0 );
- return( NULL );
- }
- }
-
- mon = PR_NEWZAP( PZMonitor );
- if ( NULL != mon ) {
- mon->mon = PR_NewMonitor();
- if ( NULL == mon->mon ) {
- PR_DELETE( mon );
- return NULL;
- }
- }
- mon->ltype = ltype;
-
- Vtrace( NewMonitor, mon->ltype, 0, 0, mon, line, file );
- return(mon);
-} /* --- end pz_NewMonitor() --- */
-
-extern void
- pz_DestroyMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- Vtrace( DestroyMonitor, mon->ltype, 0, 0, mon, line, file );
- PR_DestroyMonitor( mon->mon );
- PR_DELETE( mon );
- return;
-} /* --- end pz_DestroyMonitor() --- */
-
-extern void
- pz_EnterMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- PRIntervalTime callTime, now;
-
- callTime = PR_IntervalNow();
- PR_EnterMonitor( mon->mon );
- now = PR_IntervalNow();
- callTime = now - callTime;
- if ( PR_GetMonitorEntryCount(mon->mon) == 1 ) {
- mon->time = now;
- }
- Vtrace( EnterMonitor, mon->ltype, callTime, 0, mon, line, file );
- return;
-} /* --- end pz_EnterMonitor() --- */
-
-extern PRStatus
- pz_ExitMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime, now, heldTime;
- PRIntn mec = PR_GetMonitorEntryCount( mon->mon );
-
- heldTime = (PRIntervalTime)-1;
- callTime = PR_IntervalNow();
- rc = PR_ExitMonitor( mon->mon );
- now = PR_IntervalNow();
- callTime = now - callTime;
- if ( mec == 1 )
- heldTime = now - mon->time;
- Vtrace( ExitMonitor, mon->ltype, callTime, heldTime, mon, line, file );
- return( rc );
-} /* --- end pz_ExitMonitor() --- */
-
-extern PRIntn
- pz_GetMonitorEntryCount(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- return( PR_GetMonitorEntryCount(mon->mon));
-} /* --- end pz_GetMonitorEntryCount() --- */
-
-
-extern PRStatus
- pz_Wait(
- PZMonitor *mon,
- PRIntervalTime ticks,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- rc = PR_Wait( mon->mon, ticks );
- callTime = PR_IntervalNow() - callTime;
- Vtrace( Wait, mon->ltype, callTime, 0, mon, line, file );
- return( rc );
-} /* --- end pz_Wait() --- */
-
-extern PRStatus
- pz_Notify(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- rc = PR_Notify( mon->mon );
- callTime = PR_IntervalNow() - callTime;
- Vtrace( Notify, mon->ltype, callTime, 0, mon, line, file );
- return( rc );
-} /* --- end pz_Notify() --- */
-
-extern PRStatus
- pz_NotifyAll(
- PZMonitor *mon,
- char *file,
- PRIntn line
- )
-{
- PRStatus rc;
- PRIntervalTime callTime;
-
- callTime = PR_IntervalNow();
- rc = PR_NotifyAll( mon->mon );
- callTime = PR_IntervalNow() - callTime;
- Vtrace( NotifyAll, mon->ltype, callTime, 0, mon, line, file );
- return( rc );
-} /* --- end pz_NotifyAll() --- */
-
-#endif /* NEED_NSS_ILOCK */
-/* --- end nssilock.c --------------------------------- */
diff --git a/security/nss/lib/util/nssilock.h b/security/nss/lib/util/nssilock.h
deleted file mode 100644
index 38b457387..000000000
--- a/security/nss/lib/util/nssilock.h
+++ /dev/null
@@ -1,316 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** nssilock.h - Instrumented locking functions for NSS
-**
-** Description:
-** nssilock provides instrumentation for locks and monitors in
-** the NSS libraries. The instrumentation, when enabled, causes
-** each call to the instrumented function to record data about
-** the call to an external file. The external file
-** subsequently used to extract performance data and other
-** statistical information about the operation of locks used in
-** the nss library.
-**
-** To enable compilation with instrumentation, build NSS with
-** the compile time switch NEED_NSS_ILOCK defined.
-**
-** say: "gmake OS_CFLAGS+=-DNEED_NSS_ILOCK" at make time.
-**
-** At runtime, to enable recording from nssilock, one or more
-** environment variables must be set. For each nssILockType to
-** be recorded, an environment variable of the form NSS_ILOCK_x
-** must be set to 1. For example:
-**
-** set NSS_ILOCK_Cert=1
-**
-** nssilock uses PRLOG is used to record to trace data. The
-** PRLogModule name associated with nssilock data is: "nssilock".
-** To enable recording of nssilock data you will need to set the
-** environment variable NSPR_LOG_MODULES to enable
-** recording for the nssilock log module. Similarly, you will
-** need to set the environment variable NSPR_LOG_FILE to specify
-** the filename to receive the recorded data. See prlog.h for usage.
-** Example:
-**
-** export NSPR_LOG_MODULES=nssilock:6
-** export NSPR_LOG_FILE=xxxLogfile
-**
-** Operation:
-** nssilock wraps calls to NSPR's PZLock and PZMonitor functions
-** with similarly named functions: PZ_NewLock(), etc. When NSS is
-** built with lock instrumentation enabled, the PZ* functions are
-** compiled into NSS; when lock instrumentation is disabled,
-** calls to PZ* functions are directly mapped to PR* functions
-** and the instrumentation arguments to the PZ* functions are
-** compiled away.
-**
-**
-** File Format:
-** The format of the external file is implementation
-** dependent. Where NSPR's PR_LOG() function is used, the file
-** contains data defined for PR_LOG() plus the data written by
-** the wrapped function. On some platforms and under some
-** circumstances, platform dependent logging or
-** instrumentation probes may be used. In any case, the
-** relevant data provided by the lock instrumentation is:
-**
-** lockType, func, address, duration, line, file [heldTime]
-**
-** where:
-**
-** lockType: a character representation of nssILockType for the
-** call. e.g. ... "cert"
-**
-** func: the function doing the tracing. e.g. "NewLock"
-**
-** address: address of the instrumented lock or monitor
-**
-** duration: is how long was spent in the instrumented function,
-** in PRIntervalTime "ticks".
-**
-** line: the line number within the calling function
-**
-** file: the file from which the call was made
-**
-** heldTime: how long the lock/monitor was held. field
-** present only for PZ_Unlock() and PZ_ExitMonitor().
-**
-** Design Notes:
-** The design for lock instrumentation was influenced by the
-** need to gather performance data on NSS 3.x. It is intended
-** that the effort to modify NSS to use lock instrumentation
-** be minimized. Existing calls to locking functions need only
-** have their names changed to the instrumentation function
-** names.
-**
-** Private NSS Interface:
-** nssilock.h defines a private interface for use by NSS.
-** nssilock.h is experimental in nature and is subject to
-** change or revocation without notice. ... Don't mess with
-** it.
-**
-*/
-
-/*
- * $Id:
- */
-
-#ifndef _NSSILOCK_H_
-#define _NSSILOCK_H_
-
-#include "prtypes.h"
-#include "prmon.h"
-#include "prlock.h"
-#include "prcvar.h"
-
-#include "nssilckt.h"
-
-PR_BEGIN_EXTERN_C
-
-#if defined(NEED_NSS_ILOCK)
-
-#define PZ_NewLock(t) pz_NewLock((t),__FILE__,__LINE__)
-extern PZLock *
- pz_NewLock(
- nssILockType ltype,
- char *file,
- PRIntn line
- );
-
-#define PZ_Lock(k) pz_Lock((k),__FILE__,__LINE__)
-extern void
- pz_Lock(
- PZLock *lock,
- char *file,
- PRIntn line
- );
-
-#define PZ_Unlock(k) pz_Unlock((k),__FILE__,__LINE__)
-extern PRStatus
- pz_Unlock(
- PZLock *lock,
- char *file,
- PRIntn line
- );
-
-#define PZ_DestroyLock(k) pz_DestroyLock((k),__FILE__,__LINE__)
-extern void
- pz_DestroyLock(
- PZLock *lock,
- char *file,
- PRIntn line
- );
-
-
-#define PZ_NewCondVar(l) pz_NewCondVar((l),__FILE__,__LINE__)
-extern PZCondVar *
- pz_NewCondVar(
- PZLock *lock,
- char *file,
- PRIntn line
- );
-
-#define PZ_DestroyCondVar(v) pz_DestroyCondVar((v),__FILE__,__LINE__)
-extern void
- pz_DestroyCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- );
-
-#define PZ_WaitCondVar(v,t) pz_WaitCondVar((v),(t),__FILE__,__LINE__)
-extern PRStatus
- pz_WaitCondVar(
- PZCondVar *cvar,
- PRIntervalTime timeout,
- char *file,
- PRIntn line
- );
-
-#define PZ_NotifyCondVar(v) pz_NotifyCondVar((v),__FILE__,__LINE__)
-extern PRStatus
- pz_NotifyCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- );
-
-#define PZ_NotifyAllCondVar(v) pz_NotifyAllCondVar((v),__FILE__,__LINE__)
-extern PRStatus
- pz_NotifyAllCondVar(
- PZCondVar *cvar,
- char *file,
- PRIntn line
- );
-
-
-#define PZ_NewMonitor(t) pz_NewMonitor((t),__FILE__,__LINE__)
-extern PZMonitor *
- pz_NewMonitor(
- nssILockType ltype,
- char *file,
- PRIntn line
- );
-
-#define PZ_DestroyMonitor(m) pz_DestroyMonitor((m),__FILE__,__LINE__)
-extern void
- pz_DestroyMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_EnterMonitor(m) pz_EnterMonitor((m),__FILE__,__LINE__)
-extern void
- pz_EnterMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-
-#define PZ_ExitMonitor(m) pz_ExitMonitor((m),__FILE__,__LINE__)
-extern PRStatus
- pz_ExitMonitor(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_InMonitor(m) (PZ_GetMonitorEntryCount(m) > 0 )
-#define PZ_GetMonitorEntryCount(m) pz_GetMonitorEntryCount((m),__FILE__,__LINE__)
-extern PRIntn
- pz_GetMonitorEntryCount(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_Wait(m,i) pz_Wait((m),((i)),__FILE__,__LINE__)
-extern PRStatus
- pz_Wait(
- PZMonitor *mon,
- PRIntervalTime ticks,
- char *file,
- PRIntn line
- );
-
-#define PZ_Notify(m) pz_Notify((m),__FILE__,__LINE__)
-extern PRStatus
- pz_Notify(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_NotifyAll(m) pz_NotifyAll((m),__FILE__,__LINE__)
-extern PRStatus
- pz_NotifyAll(
- PZMonitor *mon,
- char *file,
- PRIntn line
- );
-
-#define PZ_TraceFlush() pz_TraceFlush()
-extern void pz_TraceFlush( void );
-
-#else /* NEED_NSS_ILOCK */
-
-#define PZ_NewLock(t) PR_NewLock()
-#define PZ_DestroyLock(k) PR_DestroyLock((k))
-#define PZ_Lock(k) PR_Lock((k))
-#define PZ_Unlock(k) PR_Unlock((k))
-
-#define PZ_NewCondVar(l) PR_NewCondVar((l))
-#define PZ_DestroyCondVar(v) PR_DestroyCondVar((v))
-#define PZ_WaitCondVar(v,t) PR_WaitCondVar((v),(t))
-#define PZ_NotifyCondVar(v) PR_NotifyCondVar((v))
-#define PZ_NotifyAllCondVar(v) PR_NotifyAllCondVar((v))
-
-#define PZ_NewMonitor(t) PR_NewMonitor()
-#define PZ_DestroyMonitor(m) PR_DestroyMonitor((m))
-#define PZ_EnterMonitor(m) PR_EnterMonitor((m))
-#define PZ_ExitMonitor(m) PR_ExitMonitor((m))
-#define PZ_InMonitor(m) PR_InMonitor((m))
-#define PZ_Wait(m,t) PR_Wait(((m)),((t)))
-#define PZ_Notify(m) PR_Notify((m))
-#define PZ_NotifyAll(m) PR_Notify((m))
-#define PZ_TraceFlush() /* nothing */
-
-
-#endif /* NEED_NSS_ILOCK */
-
-PR_END_EXTERN_C
-#endif /* _NSSILOCK_H_ */
diff --git a/security/nss/lib/util/nsslocks.c b/security/nss/lib/util/nsslocks.c
deleted file mode 100644
index ce9072c68..000000000
--- a/security/nss/lib/util/nsslocks.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * nsslocks.h - threadsafe functions to initialize lock pointers.
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "nsslocks.h"
-#include "pratom.h"
-#include "prthread.h"
-
-/* Given the address of a (global) pointer to a PZLock,
- * atomicly create the lock and initialize the (global) pointer,
- * if it is not already created/initialized.
- */
-
-SECStatus
-__nss_InitLock( PZLock **ppLock, nssILockType ltype )
-{
- static PRInt32 initializers;
-
- PORT_Assert( ppLock != NULL);
-
- /* atomically initialize the lock */
- while (!*ppLock) {
- PRInt32 myAttempt = PR_AtomicIncrement(&initializers);
- if (myAttempt == 1) {
- *ppLock = PZ_NewLock(ltype);
- (void) PR_AtomicDecrement(&initializers);
- break;
- }
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* PR_Yield() */
- (void) PR_AtomicDecrement(&initializers);
- }
-
- return (*ppLock != NULL) ? SECSuccess : SECFailure;
-}
-
-SECStatus
-nss_InitLock( PZLock **ppLock, nssILockType ltype )
-{
- return __nss_InitLock(ppLock, ltype);
-}
-
-/* Given the address of a (global) pointer to a PZMonitor,
- * atomicly create the monitor and initialize the (global) pointer,
- * if it is not already created/initialized.
- */
-
-SECStatus
-nss_InitMonitor(PZMonitor **ppMonitor, nssILockType ltype )
-{
- static PRInt32 initializers;
-
- PORT_Assert( ppMonitor != NULL);
-
- /* atomically initialize the lock */
- while (!*ppMonitor) {
- PRInt32 myAttempt = PR_AtomicIncrement(&initializers);
- if (myAttempt == 1) {
- *ppMonitor = PZ_NewMonitor(ltype);
- (void) PR_AtomicDecrement(&initializers);
- break;
- }
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* PR_Yield() */
- (void) PR_AtomicDecrement(&initializers);
- }
-
- return (*ppMonitor != NULL) ? SECSuccess : SECFailure;
-}
diff --git a/security/nss/lib/util/nsslocks.h b/security/nss/lib/util/nsslocks.h
deleted file mode 100644
index 8510cf6b8..000000000
--- a/security/nss/lib/util/nsslocks.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * nsslocks.h - threadsafe functions to initialize lock pointers.
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#ifndef _NSSLOCKS_H_
-#define _NSSLOCKS_H_
-
-#include "seccomon.h"
-#include "nssilock.h"
-#include "prmon.h"
-
-SEC_BEGIN_PROTOS
-
-/* Given the address of a (global) pointer to a PZLock,
- * atomicly create the lock and initialize the (global) pointer,
- * if it is not already created/initialized.
- */
-
-extern SECStatus nss_InitLock( PZLock **ppLock, nssILockType ltype );
-
-/* Given the address of a (global) pointer to a PZMonitor,
- * atomicly create the monitor and initialize the (global) pointer,
- * if it is not already created/initialized.
- */
-
-extern SECStatus nss_InitMonitor(PZMonitor **ppMonitor, nssILockType ltype );
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/util/nssrwlk.c b/security/nss/lib/util/nssrwlk.c
deleted file mode 100644
index 6913b4165..000000000
--- a/security/nss/lib/util/nssrwlk.c
+++ /dev/null
@@ -1,509 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nssrwlk.h"
-#include "nspr.h"
-
-PR_BEGIN_EXTERN_C
-
-/*
- * Reader-writer lock
- */
-struct nssRWLockStr {
- PZLock * rw_lock;
- char * rw_name; /* lock name */
- PRUint32 rw_rank; /* rank of the lock */
- PRInt32 rw_writer_locks; /* == 0, if unlocked */
- PRInt32 rw_reader_locks; /* == 0, if unlocked */
- /* > 0 , # of read locks */
- PRUint32 rw_waiting_readers; /* number of waiting readers */
- PRUint32 rw_waiting_writers; /* number of waiting writers */
- PZCondVar * rw_reader_waitq; /* cvar for readers */
- PZCondVar * rw_writer_waitq; /* cvar for writers */
- PRThread * rw_owner; /* lock owner for write-lock */
- /* Non-null if write lock held. */
-};
-
-PR_END_EXTERN_C
-
-#include <string.h>
-
-#ifdef DEBUG_RANK_ORDER
-#define NSS_RWLOCK_RANK_ORDER_DEBUG /* enable deadlock detection using
- rank-order for locks
- */
-#endif
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-
-static PRUintn nss_thread_rwlock_initialized;
-static PRUintn nss_thread_rwlock; /* TPD key for lock stack */
-static PRUintn nss_thread_rwlock_alloc_failed;
-
-#define _NSS_RWLOCK_RANK_ORDER_LIMIT 10
-
-typedef struct thread_rwlock_stack {
- PRInt32 trs_index; /* top of stack */
- NSSRWLock *trs_stack[_NSS_RWLOCK_RANK_ORDER_LIMIT]; /* stack of lock
- pointers */
-} thread_rwlock_stack;
-
-/* forward static declarations. */
-static PRUint32 nssRWLock_GetThreadRank(PRThread *me);
-static void nssRWLock_SetThreadRank(PRThread *me, NSSRWLock *rwlock);
-static void nssRWLock_UnsetThreadRank(PRThread *me, NSSRWLock *rwlock);
-static void nssRWLock_ReleaseLockStack(void *lock_stack);
-
-#endif
-
-#define UNTIL(x) while(!(x))
-
-/*
- * Reader/Writer Locks
- */
-
-/*
- * NSSRWLock_New
- * Create a reader-writer lock, with the given lock rank and lock name
- *
- */
-
-PR_IMPLEMENT(NSSRWLock *)
-NSSRWLock_New(PRUint32 lock_rank, const char *lock_name)
-{
- NSSRWLock *rwlock;
-
- rwlock = PR_NEWZAP(NSSRWLock);
- if (rwlock == NULL)
- return NULL;
-
- rwlock->rw_lock = PZ_NewLock(nssILockRWLock);
- if (rwlock->rw_lock == NULL) {
- goto loser;
- }
- rwlock->rw_reader_waitq = PZ_NewCondVar(rwlock->rw_lock);
- if (rwlock->rw_reader_waitq == NULL) {
- goto loser;
- }
- rwlock->rw_writer_waitq = PZ_NewCondVar(rwlock->rw_lock);
- if (rwlock->rw_writer_waitq == NULL) {
- goto loser;
- }
- if (lock_name != NULL) {
- rwlock->rw_name = (char*) PR_Malloc(strlen(lock_name) + 1);
- if (rwlock->rw_name == NULL) {
- goto loser;
- }
- strcpy(rwlock->rw_name, lock_name);
- } else {
- rwlock->rw_name = NULL;
- }
- rwlock->rw_rank = lock_rank;
- rwlock->rw_waiting_readers = 0;
- rwlock->rw_waiting_writers = 0;
- rwlock->rw_reader_locks = 0;
- rwlock->rw_writer_locks = 0;
-
- return rwlock;
-
-loser:
- NSSRWLock_Destroy(rwlock);
- return(NULL);
-}
-
-/*
-** Destroy the given RWLock "lock".
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_Destroy(NSSRWLock *rwlock)
-{
- PR_ASSERT(rwlock != NULL);
- PR_ASSERT(rwlock->rw_waiting_readers == 0);
-
- /* XXX Shouldn't we lock the PZLock before destroying this?? */
-
- if (rwlock->rw_name)
- PR_Free(rwlock->rw_name);
- if (rwlock->rw_reader_waitq)
- PZ_DestroyCondVar(rwlock->rw_reader_waitq);
- if (rwlock->rw_writer_waitq)
- PZ_DestroyCondVar(rwlock->rw_writer_waitq);
- if (rwlock->rw_lock)
- PZ_DestroyLock(rwlock->rw_lock);
- PR_DELETE(rwlock);
-}
-
-/***********************************************************************
-** Given the address of a NULL pointer to a NSSRWLock,
-** atomically initializes that pointer to a newly created NSSRWLock.
-** Returns the value placed into that pointer, or NULL.
-** If the lock cannot be created because of resource constraints,
-** the pointer will be left NULL.
-**
-***********************************************************************/
-PR_IMPLEMENT(NSSRWLock *)
-nssRWLock_AtomicCreate( NSSRWLock ** prwlock,
- PRUint32 lock_rank,
- const char * lock_name)
-{
- NSSRWLock * rwlock;
- static PRInt32 initializers;
-
- PR_ASSERT(prwlock != NULL);
-
- /* atomically initialize the lock */
- while (NULL == (rwlock = *prwlock)) {
- PRInt32 myAttempt = PR_AtomicIncrement(&initializers);
- if (myAttempt == 1) {
- *prwlock = rwlock = NSSRWLock_New(lock_rank, lock_name);
- (void) PR_AtomicDecrement(&initializers);
- break;
- }
- PR_Sleep(PR_INTERVAL_NO_WAIT); /* PR_Yield() */
- (void) PR_AtomicDecrement(&initializers);
- }
-
- return rwlock;
-}
-
-/*
-** Read-lock the RWLock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_LockRead(NSSRWLock *rwlock)
-{
- PRThread *me = PR_GetCurrentThread();
-
- PZ_Lock(rwlock->rw_lock);
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-
- /*
- * assert that rank ordering is not violated; the rank of 'rwlock' should
- * be equal to or greater than the highest rank of all the locks held by
- * the thread.
- */
- PR_ASSERT((rwlock->rw_rank == NSS_RWLOCK_RANK_NONE) ||
- (rwlock->rw_rank >= nssRWLock_GetThreadRank(me)));
-#endif
- /*
- * wait if write-locked or if a writer is waiting; preference for writers
- */
- UNTIL ( (rwlock->rw_owner == me) || /* I own it, or */
- ((rwlock->rw_owner == NULL) && /* no-one owns it, and */
- (rwlock->rw_waiting_writers == 0))) { /* no-one is waiting to own */
-
- rwlock->rw_waiting_readers++;
- PZ_WaitCondVar(rwlock->rw_reader_waitq, PR_INTERVAL_NO_TIMEOUT);
- rwlock->rw_waiting_readers--;
- }
- rwlock->rw_reader_locks++; /* Increment read-lock count */
-
- PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- nssRWLock_SetThreadRank(me, rwlock);/* update thread's lock rank */
-#endif
-}
-
-/* Unlock a Read lock held on this RW lock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_UnlockRead(NSSRWLock *rwlock)
-{
- PZ_Lock(rwlock->rw_lock);
-
- PR_ASSERT(rwlock->rw_reader_locks > 0); /* lock must be read locked */
-
- if (( rwlock->rw_reader_locks > 0) && /* caller isn't screwey */
- (--rwlock->rw_reader_locks == 0) && /* not read locked any more */
- ( rwlock->rw_owner == NULL) && /* not write locked */
- ( rwlock->rw_waiting_writers > 0)) { /* someone's waiting. */
-
- PZ_NotifyCondVar(rwlock->rw_writer_waitq); /* wake him up. */
- }
-
- PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- /*
- * update thread's lock rank
- */
- nssRWLock_UnsetThreadRank(me, rwlock);
-#endif
- return;
-}
-
-/*
-** Write-lock the RWLock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_LockWrite(NSSRWLock *rwlock)
-{
- PRThread *me = PR_GetCurrentThread();
-
- PZ_Lock(rwlock->rw_lock);
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- /*
- * assert that rank ordering is not violated; the rank of 'rwlock' should
- * be equal to or greater than the highest rank of all the locks held by
- * the thread.
- */
- PR_ASSERT((rwlock->rw_rank == NSS_RWLOCK_RANK_NONE) ||
- (rwlock->rw_rank >= nssRWLock_GetThreadRank(me)));
-#endif
- /*
- * wait if read locked or write locked.
- */
- PR_ASSERT(rwlock->rw_reader_locks >= 0);
- PR_ASSERT(me != NULL);
-
- UNTIL ( (rwlock->rw_owner == me) || /* I own write lock, or */
- ((rwlock->rw_owner == NULL) && /* no writer and */
- (rwlock->rw_reader_locks == 0))) { /* no readers, either. */
-
- rwlock->rw_waiting_writers++;
- PZ_WaitCondVar(rwlock->rw_writer_waitq, PR_INTERVAL_NO_TIMEOUT);
- rwlock->rw_waiting_writers--;
- PR_ASSERT(rwlock->rw_reader_locks >= 0);
- }
-
- PR_ASSERT(rwlock->rw_reader_locks == 0);
- /*
- * apply write lock
- */
- rwlock->rw_owner = me;
- rwlock->rw_writer_locks++; /* Increment write-lock count */
-
- PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- /*
- * update thread's lock rank
- */
- nssRWLock_SetThreadRank(me,rwlock);
-#endif
-}
-
-/* Unlock a Read lock held on this RW lock.
-*/
-PR_IMPLEMENT(void)
-NSSRWLock_UnlockWrite(NSSRWLock *rwlock)
-{
- PRThread *me = PR_GetCurrentThread();
-
- PZ_Lock(rwlock->rw_lock);
- PR_ASSERT(rwlock->rw_owner == me); /* lock must be write-locked by me. */
- PR_ASSERT(rwlock->rw_writer_locks > 0); /* lock must be write locked */
-
- if ( rwlock->rw_owner == me && /* I own it, and */
- rwlock->rw_writer_locks > 0 && /* I own it, and */
- --rwlock->rw_writer_locks == 0) { /* I'm all done with it */
-
- rwlock->rw_owner = NULL; /* I don't own it any more. */
-
- if (rwlock->rw_reader_locks == 0) { /* no readers, wake up somebody. */
- /* Give preference to waiting writers. */
- if (rwlock->rw_waiting_writers > 0)
- PZ_NotifyCondVar(rwlock->rw_writer_waitq);
- else if (rwlock->rw_waiting_readers > 0)
- PZ_NotifyAllCondVar(rwlock->rw_reader_waitq);
- }
- }
- PZ_Unlock(rwlock->rw_lock);
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
- /*
- * update thread's lock rank
- */
- nssRWLock_UnsetThreadRank(me, rwlock);
-#endif
- return;
-}
-
-/* This is primarily for debugging, i.e. for inclusion in ASSERT calls. */
-PR_IMPLEMENT(PRBool)
-NSSRWLock_HaveWriteLock(NSSRWLock *rwlock) {
- PRBool ownWriteLock;
- PRThread *me = PR_GetCurrentThread();
-
- /* This lock call isn't really necessary.
- ** If this thread is the owner, that fact cannot change during this call,
- ** because this thread is in this call.
- ** If this thread is NOT the owner, the owner could change, but it
- ** could not become this thread.
- */
-#if UNNECESSARY
- PZ_Lock(rwlock->rw_lock);
-#endif
- ownWriteLock = (PRBool)(me == rwlock->rw_owner);
-#if UNNECESSARY
- PZ_Unlock(rwlock->rw_lock);
-#endif
- return ownWriteLock;
-}
-
-#ifdef NSS_RWLOCK_RANK_ORDER_DEBUG
-
-/*
- * nssRWLock_SetThreadRank
- * Set a thread's lock rank, which is the highest of the ranks of all
- * the locks held by the thread. Pointers to the locks are added to a
- * per-thread list, which is anchored off a thread-private data key.
- */
-
-static void
-nssRWLock_SetThreadRank(PRThread *me, NSSRWLock *rwlock)
-{
- thread_rwlock_stack *lock_stack;
- PRStatus rv;
-
- /*
- * allocated thread-private-data for rwlock list, if not already allocated
- */
- if (!nss_thread_rwlock_initialized) {
- /*
- * allocate tpd, only if not failed already
- */
- if (!nss_thread_rwlock_alloc_failed) {
- if (PR_NewThreadPrivateIndex(&nss_thread_rwlock,
- nssRWLock_ReleaseLockStack)
- == PR_FAILURE) {
- nss_thread_rwlock_alloc_failed = 1;
- return;
- }
- } else
- return;
- }
- /*
- * allocate a lock stack
- */
- if ((lock_stack = PR_GetThreadPrivate(nss_thread_rwlock)) == NULL) {
- lock_stack = (thread_rwlock_stack *)
- PR_CALLOC(1 * sizeof(thread_rwlock_stack));
- if (lock_stack) {
- rv = PR_SetThreadPrivate(nss_thread_rwlock, lock_stack);
- if (rv == PR_FAILURE) {
- PR_DELETE(lock_stack);
- nss_thread_rwlock_alloc_failed = 1;
- return;
- }
- } else {
- nss_thread_rwlock_alloc_failed = 1;
- return;
- }
- }
- /*
- * add rwlock to lock stack, if limit is not exceeded
- */
- if (lock_stack) {
- if (lock_stack->trs_index < _NSS_RWLOCK_RANK_ORDER_LIMIT)
- lock_stack->trs_stack[lock_stack->trs_index++] = rwlock;
- }
- nss_thread_rwlock_initialized = 1;
-}
-
-static void
-nssRWLock_ReleaseLockStack(void *lock_stack)
-{
- PR_ASSERT(lock_stack);
- PR_DELETE(lock_stack);
-}
-
-/*
- * nssRWLock_GetThreadRank
- *
- * return thread's lock rank. If thread-private-data for the lock
- * stack is not allocated, return NSS_RWLOCK_RANK_NONE.
- */
-
-static PRUint32
-nssRWLock_GetThreadRank(PRThread *me)
-{
- thread_rwlock_stack *lock_stack;
-
- if (nss_thread_rwlock_initialized) {
- if ((lock_stack = PR_GetThreadPrivate(nss_thread_rwlock)) == NULL)
- return (NSS_RWLOCK_RANK_NONE);
- else
- return(lock_stack->trs_stack[lock_stack->trs_index - 1]->rw_rank);
-
- } else
- return (NSS_RWLOCK_RANK_NONE);
-}
-
-/*
- * nssRWLock_UnsetThreadRank
- *
- * remove the rwlock from the lock stack. Since locks may not be
- * unlocked in a FIFO order, the entire lock stack is searched.
- */
-
-static void
-nssRWLock_UnsetThreadRank(PRThread *me, NSSRWLock *rwlock)
-{
- thread_rwlock_stack *lock_stack;
- int new_index = 0, index, done = 0;
-
- if (!nss_thread_rwlock_initialized)
- return;
-
- lock_stack = PR_GetThreadPrivate(nss_thread_rwlock);
-
- PR_ASSERT(lock_stack != NULL);
-
- index = lock_stack->trs_index - 1;
- while (index-- >= 0) {
- if ((lock_stack->trs_stack[index] == rwlock) && !done) {
- /*
- * reset the slot for rwlock
- */
- lock_stack->trs_stack[index] = NULL;
- done = 1;
- }
- /*
- * search for the lowest-numbered empty slot, above which there are
- * no non-empty slots
- */
- if ((lock_stack->trs_stack[index] != NULL) && !new_index)
- new_index = index + 1;
- if (done && new_index)
- break;
- }
- /*
- * set top of stack to highest numbered empty slot
- */
- lock_stack->trs_index = new_index;
-
-}
-
-#endif /* NSS_RWLOCK_RANK_ORDER_DEBUG */
diff --git a/security/nss/lib/util/nssrwlk.h b/security/nss/lib/util/nssrwlk.h
deleted file mode 100644
index 3cad4b72d..000000000
--- a/security/nss/lib/util/nssrwlk.h
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
-** File: nsrwlock.h
-** Description: API to basic reader-writer lock functions of NSS.
-** These are re-entrant reader writer locks; that is,
-** If I hold the write lock, I can ask for it and get it again.
-** If I hold the write lock, I can also ask for and get a read lock.
-** I can then release the locks in any order (read or write).
-** I must release each lock type as many times as I acquired it.
-** Otherwise, these are normal reader/writer locks.
-**
-** For deadlock detection, locks should be ranked, and no lock may be aquired
-** while I hold a lock of higher rank number.
-** If you don't want that feature, always use NSS_RWLOCK_RANK_NONE.
-** Lock name is for debugging, and is optional (may be NULL)
-**/
-
-#ifndef nssrwlk_h___
-#define nssrwlk_h___
-
-#include "prtypes.h"
-#include "nssrwlkt.h"
-
-#define NSS_RWLOCK_RANK_NONE 0
-
-/* SEC_BEGIN_PROTOS */
-PR_BEGIN_EXTERN_C
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_New
-** DESCRIPTION:
-** Returns a pointer to a newly created reader-writer lock object.
-** INPUTS: Lock rank
-** Lock name
-** OUTPUTS: void
-** RETURN: NSSRWLock*
-** If the lock cannot be created because of resource constraints, NULL
-** is returned.
-**
-***********************************************************************/
-PR_EXTERN(NSSRWLock*) NSSRWLock_New(PRUint32 lock_rank, const char *lock_name);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_AtomicCreate
-** DESCRIPTION:
-** Given the address of a NULL pointer to a NSSRWLock,
-** atomically initializes that pointer to a newly created NSSRWLock.
-** Returns the value placed into that pointer, or NULL.
-**
-** INPUTS: address of NSRWLock pointer
-** Lock rank
-** Lock name
-** OUTPUTS: NSSRWLock*
-** RETURN: NSSRWLock*
-** If the lock cannot be created because of resource constraints,
-** the pointer will be left NULL.
-**
-***********************************************************************/
-PR_EXTERN(NSSRWLock *)
-nssRWLock_AtomicCreate( NSSRWLock ** prwlock,
- PRUint32 lock_rank,
- const char * lock_name);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_Destroy
-** DESCRIPTION:
-** Destroys a given RW lock object.
-** INPUTS: NSSRWLock *lock - Lock to be freed.
-** OUTPUTS: void
-** RETURN: None
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_Destroy(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_LockRead
-** DESCRIPTION:
-** Apply a read lock (non-exclusive) on a RWLock
-** INPUTS: NSSRWLock *lock - Lock to be read-locked.
-** OUTPUTS: void
-** RETURN: None
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_LockRead(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_LockWrite
-** DESCRIPTION:
-** Apply a write lock (exclusive) on a RWLock
-** INPUTS: NSSRWLock *lock - Lock to write-locked.
-** OUTPUTS: void
-** RETURN: None
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_LockWrite(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_UnlockRead
-** DESCRIPTION:
-** Release a Read lock. Unlocking an unlocked lock has undefined results.
-** INPUTS: NSSRWLock *lock - Lock to unlocked.
-** OUTPUTS: void
-** RETURN: void
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_UnlockRead(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_UnlockWrite
-** DESCRIPTION:
-** Release a Write lock. Unlocking an unlocked lock has undefined results.
-** INPUTS: NSSRWLock *lock - Lock to unlocked.
-** OUTPUTS: void
-** RETURN: void
-***********************************************************************/
-PR_EXTERN(void) NSSRWLock_UnlockWrite(NSSRWLock *lock);
-
-/***********************************************************************
-** FUNCTION: NSSRWLock_HaveWriteLock
-** DESCRIPTION:
-** Tells caller whether the current thread holds the write lock, or not.
-** INPUTS: NSSRWLock *lock - Lock to test.
-** OUTPUTS: void
-** RETURN: PRBool PR_TRUE IFF the current thread holds the write lock.
-***********************************************************************/
-
-PR_EXTERN(PRBool) NSSRWLock_HaveWriteLock(NSSRWLock *rwlock);
-
-/* SEC_END_PROTOS */
-PR_END_EXTERN_C
-
-#endif /* nsrwlock_h___ */
diff --git a/security/nss/lib/util/nssrwlkt.h b/security/nss/lib/util/nssrwlkt.h
deleted file mode 100644
index e4bd37c4a..000000000
--- a/security/nss/lib/util/nssrwlkt.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef nssrwlkt_h___
-#define nssrwlkt_h___
-#include "nssilock.h"
-/*
- * NSSRWLock --
- *
- * The reader writer lock, NSSRWLock, is an opaque object to the clients
- * of NSS. All routines operate on a pointer to this opaque entity.
- */
-
-typedef struct nssRWLockStr NSSRWLock;
-
-
-#endif /* nsrwlock_h___ */
diff --git a/security/nss/lib/util/portreg.c b/security/nss/lib/util/portreg.c
deleted file mode 100644
index 79d13d67c..000000000
--- a/security/nss/lib/util/portreg.c
+++ /dev/null
@@ -1,317 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * shexp.c: shell-like wildcard match routines
- *
- *
- * See shexp.h for public documentation.
- *
- */
-
-#include "seccomon.h"
-#include "portreg.h"
-
-/* ----------------------------- shexp_valid ------------------------------ */
-
-
-static int
-_valid_subexp(char *exp, char stop)
-{
- register int x,y,t;
- int nsc,np,tld;
-
- x=0;nsc=0;tld=0;
-
- while(exp[x] && (exp[x] != stop)) {
- switch(exp[x]) {
- case '~':
- if(tld) return INVALID_SXP;
- else ++tld;
- case '*':
- case '?':
- case '^':
- case '$':
- ++nsc;
- break;
- case '[':
- ++nsc;
- if((!exp[++x]) || (exp[x] == ']'))
- return INVALID_SXP;
- for(++x;exp[x] && (exp[x] != ']');++x)
- if(exp[x] == '\\')
- if(!exp[++x])
- return INVALID_SXP;
- if(!exp[x])
- return INVALID_SXP;
- break;
- case '(':
- ++nsc;np = 0;
- while(1) {
- if(exp[++x] == ')')
- return INVALID_SXP;
- for(y=x;(exp[y]) && (exp[y] != '|') && (exp[y] != ')');++y)
- if(exp[y] == '\\')
- if(!exp[++y])
- return INVALID_SXP;
- if(!exp[y])
- return INVALID_SXP;
- if(exp[y] == '|')
- ++np;
- t = _valid_subexp(&exp[x],exp[y]);
- if(t == INVALID_SXP)
- return INVALID_SXP;
- x+=t;
- if(exp[x] == ')') {
- if(!np)
- return INVALID_SXP;
- break;
- }
- }
- break;
- case ')':
- case ']':
- return INVALID_SXP;
- case '\\':
- if(!exp[++x])
- return INVALID_SXP;
- default:
- break;
- }
- ++x;
- }
- if((!stop) && (!nsc))
- return NON_SXP;
- return ((exp[x] == stop) ? x : INVALID_SXP);
-}
-
-int
-PORT_RegExpValid(char *exp)
-{
- int x;
-
- x = _valid_subexp(exp, '\0');
- return (x < 0 ? x : VALID_SXP);
-}
-
-
-/* ----------------------------- shexp_match ----------------------------- */
-
-
-#define MATCH 0
-#define NOMATCH 1
-#define ABORTED -1
-
-static int _shexp_match(char *str, char *exp, PRBool case_insensitive);
-
-static int
-_handle_union(char *str, char *exp, PRBool case_insensitive)
-{
- char *e2 = (char *) PORT_Alloc(sizeof(char)*strlen(exp));
- register int t,p2,p1 = 1;
- int cp;
-
- while(1) {
- for(cp=1;exp[cp] != ')';cp++)
- if(exp[cp] == '\\')
- ++cp;
- for(p2 = 0;(exp[p1] != '|') && (p1 != cp);p1++,p2++) {
- if(exp[p1] == '\\')
- e2[p2++] = exp[p1++];
- e2[p2] = exp[p1];
- }
- for (t=cp+1; ((e2[p2] = exp[t]) != 0); ++t,++p2) {}
- if(_shexp_match(str,e2, case_insensitive) == MATCH) {
- PORT_Free(e2);
- return MATCH;
- }
- if(p1 == cp) {
- PORT_Free(e2);
- return NOMATCH;
- }
- else ++p1;
- }
-}
-
-
-static int
-_shexp_match(char *str, char *exp, PRBool case_insensitive)
-{
- register int x,y;
- int ret,neg;
-
- ret = 0;
- for(x=0,y=0;exp[y];++y,++x) {
- if((!str[x]) && (exp[y] != '(') && (exp[y] != '$') && (exp[y] != '*'))
- ret = ABORTED;
- else {
- switch(exp[y]) {
- case '$':
- if( (str[x]) )
- ret = NOMATCH;
- else
- --x; /* we don't want loop to increment x */
- break;
- case '*':
- while(exp[++y] == '*'){}
- if(!exp[y])
- return MATCH;
- while(str[x]) {
- switch(_shexp_match(&str[x++],&exp[y], case_insensitive)) {
- case NOMATCH:
- continue;
- case ABORTED:
- ret = ABORTED;
- break;
- default:
- return MATCH;
- }
- break;
- }
- if((exp[y] == '$') && (exp[y+1] == '\0') && (!str[x]))
- return MATCH;
- else
- ret = ABORTED;
- break;
- case '[':
- neg = ((exp[++y] == '^') && (exp[y+1] != ']'));
- if (neg)
- ++y;
-
- if ((isalnum(exp[y])) && (exp[y+1] == '-') &&
- (isalnum(exp[y+2])) && (exp[y+3] == ']'))
- {
- int start = exp[y], end = exp[y+2];
-
- /* no safeguards here */
- if(neg ^ ((str[x] < start) || (str[x] > end))) {
- ret = NOMATCH;
- break;
- }
- y+=3;
- }
- else {
- int matched;
-
- for (matched=0;exp[y] != ']';y++)
- matched |= (str[x] == exp[y]);
- if (neg ^ (!matched))
- ret = NOMATCH;
- }
- break;
- case '(':
- return _handle_union(&str[x],&exp[y], case_insensitive);
- break;
- case '?':
- break;
- case '\\':
- ++y;
- default:
- if(case_insensitive)
- {
- if(toupper(str[x]) != toupper(exp[y]))
- ret = NOMATCH;
- }
- else
- {
- if(str[x] != exp[y])
- ret = NOMATCH;
- }
- break;
- }
- }
- if(ret)
- break;
- }
- return (ret ? ret : (str[x] ? NOMATCH : MATCH));
-}
-
-int
-PORT_RegExpMatch(char *str, char *xp, PRBool case_insensitive) {
- register int x;
- char *exp = 0;
-
- exp = PORT_Strdup(xp);
-
- if(!exp)
- return 1;
-
- for(x=strlen(exp)-1;x;--x) {
- if((exp[x] == '~') && (exp[x-1] != '\\')) {
- exp[x] = '\0';
- if(_shexp_match(str,&exp[++x], case_insensitive) == MATCH)
- goto punt;
- break;
- }
- }
- if(_shexp_match(str,exp, PR_FALSE) == MATCH) {
- PORT_Free(exp);
- return 0;
- }
-
- punt:
- PORT_Free(exp);
- return 1;
-}
-
-
-/* ------------------------------ shexp_cmp ------------------------------- */
-
-int
-PORT_RegExpSearch(char *str, char *exp)
-{
- switch(PORT_RegExpValid(exp))
- {
- case INVALID_SXP:
- return -1;
- case NON_SXP:
- return (strcmp(exp,str) ? 1 : 0);
- default:
- return PORT_RegExpMatch(str, exp, PR_FALSE);
- }
-}
-
-int
-PORT_RegExpCaseSearch(char *str, char *exp)
-{
- switch(PORT_RegExpValid(exp))
- {
- case INVALID_SXP:
- return -1;
- case NON_SXP:
- return (strcmp(exp,str) ? 1 : 0);
- default:
- return PORT_RegExpMatch(str, exp, PR_TRUE);
- }
-}
-
diff --git a/security/nss/lib/util/portreg.h b/security/nss/lib/util/portreg.h
deleted file mode 100644
index 39a2df9d5..000000000
--- a/security/nss/lib/util/portreg.h
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * shexp.h: Defines and prototypes for shell exp. match routines
- *
- *
- * This routine will match a string with a shell expression. The expressions
- * accepted are based loosely on the expressions accepted by zsh.
- *
- * o * matches anything
- * o ? matches one character
- * o \ will escape a special character
- * o $ matches the end of the string
- * o [abc] matches one occurence of a, b, or c. The only character that needs
- * to be escaped in this is ], all others are not special.
- * o [a-z] matches any character between a and z
- * o [^az] matches any character except a or z
- * o ~ followed by another shell expression will remove any pattern
- * matching the shell expression from the match list
- * o (foo|bar) will match either the substring foo, or the substring bar.
- * These can be shell expressions as well.
- *
- * The public interface to these routines is documented below.
- *
- */
-
-#ifndef SHEXP_H
-#define SHEXP_H
-
-/*
- * Requires that the macro MALLOC be set to a "safe" malloc that will
- * exit if no memory is available.
- */
-
-
-/* --------------------------- Public routines ---------------------------- */
-
-
-/*
- * shexp_valid takes a shell expression exp as input. It returns:
- *
- * NON_SXP if exp is a standard string
- * INVALID_SXP if exp is a shell expression, but invalid
- * VALID_SXP if exp is a valid shell expression
- */
-
-#define NON_SXP -1
-#define INVALID_SXP -2
-#define VALID_SXP 1
-
-SEC_BEGIN_PROTOS
-
-extern int PORT_RegExpValid(char *exp);
-
-/* same as above but uses case insensitive search
- */
-extern int PORT_RegExpCaseSearch(char *str, char *exp);
-
-SEC_END_PROTOS
-
-#endif
diff --git a/security/nss/lib/util/pqgutil.c b/security/nss/lib/util/pqgutil.c
deleted file mode 100644
index 24e1f62fb..000000000
--- a/security/nss/lib/util/pqgutil.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#include "pqgutil.h"
-#include "prerror.h"
-#include "secitem.h"
-
-#define PQG_DEFAULT_CHUNKSIZE 2048 /* bytes */
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is a duplicate of *
- * the one passed as an argument. *
- * Return NULL on failure, or if NULL was passed in. *
- * *
- **************************************************************************/
-
-PQGParams *
-PQG_DupParams(const PQGParams *src)
-{
- PRArenaPool *arena;
- PQGParams *dest;
- SECStatus status;
-
- if (src == NULL) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return NULL;
- }
-
- arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto loser;
-
- dest = (PQGParams*)PORT_ArenaZAlloc(arena, sizeof(PQGParams));
- if (dest == NULL)
- goto loser;
-
- dest->arena = arena;
-
- status = SECITEM_CopyItem(arena, &dest->prime, &src->prime);
- if (status != SECSuccess)
- goto loser;
-
- status = SECITEM_CopyItem(arena, &dest->subPrime, &src->subPrime);
- if (status != SECSuccess)
- goto loser;
-
- status = SECITEM_CopyItem(arena, &dest->base, &src->base);
- if (status != SECSuccess)
- goto loser;
-
- return dest;
-
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-
-PQGParams *
-PQG_NewParams(const SECItem * prime, const SECItem * subPrime,
- const SECItem * base)
-{
- PQGParams * dest;
- PQGParams src;
-
- src.arena = NULL;
- src.prime = *prime;
- src.subPrime = *subPrime;
- src.base = *base;
- dest = PQG_DupParams(&src);
- return dest;
-}
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetPrimeFromParams(const PQGParams *params, SECItem * prime)
-{
- return SECITEM_CopyItem(NULL, prime, &params->prime);
-}
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetSubPrimeFromParams(const PQGParams *params, SECItem * subPrime)
-{
- return SECITEM_CopyItem(NULL, subPrime, &params->subPrime);
-}
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetBaseFromParams(const PQGParams *params, SECItem * base)
-{
- return SECITEM_CopyItem(NULL, base, &params->base);
-}
-
-/**************************************************************************
- * Free the PQGParams struct and the things it points to. *
- **************************************************************************/
-void
-PQG_DestroyParams(PQGParams *params)
-{
- if (params == NULL)
- return;
- if (params->arena != NULL) {
- PORT_FreeArena(params->arena, PR_FALSE); /* don't zero it */
- } else {
- SECITEM_FreeItem(&params->prime, PR_FALSE); /* don't free prime */
- SECITEM_FreeItem(&params->subPrime, PR_FALSE); /* don't free subPrime */
- SECITEM_FreeItem(&params->base, PR_FALSE); /* don't free base */
- PORT_Free(params);
- }
-}
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is a duplicate of *
- * the one passed as an argument. *
- * Return NULL on failure, or if NULL was passed in. *
- **************************************************************************/
-
-PQGVerify *
-PQG_DupVerify(const PQGVerify *src)
-{
- PRArenaPool *arena;
- PQGVerify * dest;
- SECStatus status;
-
- if (src == NULL) {
- PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
- return NULL;
- }
-
- arena = PORT_NewArena(PQG_DEFAULT_CHUNKSIZE);
- if (arena == NULL)
- goto loser;
-
- dest = (PQGVerify*)PORT_ArenaZAlloc(arena, sizeof(PQGVerify));
- if (dest == NULL)
- goto loser;
-
- dest->arena = arena;
- dest->counter = src->counter;
-
- status = SECITEM_CopyItem(arena, &dest->seed, &src->seed);
- if (status != SECSuccess)
- goto loser;
-
- status = SECITEM_CopyItem(arena, &dest->h, &src->h);
- if (status != SECSuccess)
- goto loser;
-
- return dest;
-
-loser:
- if (arena != NULL)
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
-}
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-
-PQGVerify *
-PQG_NewVerify(unsigned int counter, const SECItem * seed, const SECItem * h)
-{
- PQGVerify * dest;
- PQGVerify src;
-
- src.arena = NULL;
- src.counter = counter;
- src.seed = *seed;
- src.h = *h;
- dest = PQG_DupVerify(&src);
- return dest;
-}
-
-/**************************************************************************
- * Returns the "counter" value from the PQGVerify.
- **************************************************************************/
-unsigned int
-PQG_GetCounterFromVerify(const PQGVerify *verify)
-{
- return verify->counter;
-}
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem * seed)
-{
- return SECITEM_CopyItem(NULL, seed, &verify->seed);
-}
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
- **************************************************************************/
-SECStatus
-PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h)
-{
- return SECITEM_CopyItem(NULL, h, &verify->h);
-}
-
-/**************************************************************************
- * Free the PQGVerify struct and the things it points to. *
- **************************************************************************/
-
-void
-PQG_DestroyVerify(PQGVerify *vfy)
-{
- if (vfy == NULL)
- return;
- if (vfy->arena != NULL) {
- PORT_FreeArena(vfy->arena, PR_FALSE); /* don't zero it */
- } else {
- SECITEM_FreeItem(&vfy->seed, PR_FALSE); /* don't free seed */
- SECITEM_FreeItem(&vfy->h, PR_FALSE); /* don't free h */
- PORT_Free(vfy);
- }
-}
diff --git a/security/nss/lib/util/pqgutil.h b/security/nss/lib/util/pqgutil.h
deleted file mode 100644
index 1ceb87803..000000000
--- a/security/nss/lib/util/pqgutil.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef _PQGUTIL_H_
-#define _PQGUTIL_H_ 1
-
-#include "blapi.h"
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is a duplicate of *
- * the one passed as an argument. *
- * Return NULL on failure, or if NULL was passed in. *
- **************************************************************************/
-extern PQGParams * PQG_DupParams(const PQGParams *src);
-
-
-/**************************************************************************
- * Return a pointer to a new PQGParams struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGParams * PQG_NewParams(const SECItem * prime,
- const SECItem * subPrime,
- const SECItem * base);
-
-
-/**************************************************************************
- * Fills in caller's "prime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(prime, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetPrimeFromParams(const PQGParams *params,
- SECItem * prime);
-
-
-/**************************************************************************
- * Fills in caller's "subPrime" SECItem with the prime value in params.
- * Contents can be freed by calling SECITEM_FreeItem(subPrime, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetSubPrimeFromParams(const PQGParams *params,
- SECItem * subPrime);
-
-
-/**************************************************************************
- * Fills in caller's "base" SECItem with the base value in params.
- * Contents can be freed by calling SECITEM_FreeItem(base, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetBaseFromParams(const PQGParams *params, SECItem *base);
-
-
-/**************************************************************************
- * Free the PQGParams struct and the things it points to. *
- **************************************************************************/
-extern void PQG_DestroyParams(PQGParams *params);
-
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is a duplicate of *
- * the one passed as an argument. *
- * Return NULL on failure, or if NULL was passed in. *
- **************************************************************************/
-extern PQGVerify * PQG_DupVerify(const PQGVerify *src);
-
-
-/**************************************************************************
- * Return a pointer to a new PQGVerify struct that is constructed from *
- * copies of the arguments passed in. *
- * Return NULL on failure. *
- **************************************************************************/
-extern PQGVerify * PQG_NewVerify(unsigned int counter, const SECItem * seed,
- const SECItem * h);
-
-
-/**************************************************************************
- * Returns "counter" value from the PQGVerify.
- **************************************************************************/
-extern unsigned int PQG_GetCounterFromVerify(const PQGVerify *verify);
-
-/**************************************************************************
- * Fills in caller's "seed" SECItem with the seed value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(seed, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetSeedFromVerify(const PQGVerify *verify, SECItem *seed);
-
-
-/**************************************************************************
- * Fills in caller's "h" SECItem with the h value in verify.
- * Contents can be freed by calling SECITEM_FreeItem(h, PR_FALSE);
- **************************************************************************/
-extern SECStatus PQG_GetHFromVerify(const PQGVerify *verify, SECItem * h);
-
-
-/**************************************************************************
- * Free the PQGVerify struct and the things it points to. *
- **************************************************************************/
-extern void PQG_DestroyVerify(PQGVerify *vfy);
-
-
-#endif
diff --git a/security/nss/lib/util/ret_cr16.s b/security/nss/lib/util/ret_cr16.s
deleted file mode 100644
index d1fffc577..000000000
--- a/security/nss/lib/util/ret_cr16.s
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef __LP64__
- .LEVEL 2.0W
-#else
- .LEVEL 1.1
-#endif
-
- .CODE ; equivalent to the following two lines
-; .SPACE $TEXT$,SORT=8
-; .SUBSPA $CODE$,QUAD=0,ALIGN=4,ACCESS=0x2c,CODE_ONLY,SORT=24
-
-ret_cr16
- .PROC
- .CALLINFO FRAME=0, NO_CALLS
- .EXPORT ret_cr16,ENTRY
- .ENTER
-; BV %r0(%rp)
- BV 0(%rp)
- MFCTL %cr16,%ret0
- .LEAVE
- .PROCEND
- .END
diff --git a/security/nss/lib/util/secalgid.c b/security/nss/lib/util/secalgid.c
deleted file mode 100644
index a9ef62d95..000000000
--- a/security/nss/lib/util/secalgid.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secoid.h"
-#include "secder.h" /* XXX remove this when remove the DERTemplate */
-#include "secasn1.h"
-#include "secitem.h"
-#include "secerr.h"
-
-/* XXX Old template; want to expunge it eventually. */
-DERTemplate SECAlgorithmIDTemplate[] = {
- { DER_SEQUENCE,
- 0, NULL, sizeof(SECAlgorithmID) },
- { DER_OBJECT_ID,
- offsetof(SECAlgorithmID,algorithm), },
- { DER_OPTIONAL | DER_ANY,
- offsetof(SECAlgorithmID,parameters), },
- { 0, }
-};
-
-const SEC_ASN1Template SECOID_AlgorithmIDTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SECAlgorithmID) },
- { SEC_ASN1_OBJECT_ID,
- offsetof(SECAlgorithmID,algorithm), },
- { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
- offsetof(SECAlgorithmID,parameters), },
- { 0, }
-};
-
-SECOidTag
-SECOID_GetAlgorithmTag(SECAlgorithmID *id)
-{
- if (id == NULL || id->algorithm.data == NULL)
- return SEC_OID_UNKNOWN;
-
- return SECOID_FindOIDTag (&(id->algorithm));
-}
-
-SECStatus
-SECOID_SetAlgorithmID(PRArenaPool *arena, SECAlgorithmID *id, SECOidTag which,
- SECItem *params)
-{
- SECOidData *oiddata;
- PRBool add_null_param;
-
- oiddata = SECOID_FindOIDByTag(which);
- if ( !oiddata ) {
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return SECFailure;
- }
-
- if (SECITEM_CopyItem(arena, &id->algorithm, &oiddata->oid))
- return SECFailure;
-
- switch (which) {
- case SEC_OID_MD2:
- case SEC_OID_MD4:
- case SEC_OID_MD5:
- case SEC_OID_SHA1:
- case SEC_OID_PKCS1_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
- case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
- add_null_param = PR_TRUE;
- break;
- default:
- add_null_param = PR_FALSE;
- break;
- }
-
- if (params) {
- /*
- * I am specifically *not* enforcing the following assertion
- * (by following it up with an error and a return of failure)
- * because I do not want to introduce any change in the current
- * behavior. But I do want for us to notice if the following is
- * ever true, because I do not think it should be so and probably
- * signifies an error/bug somewhere.
- */
- PORT_Assert(!add_null_param || (params->len == 2
- && params->data[0] == SEC_ASN1_NULL
- && params->data[1] == 0));
- if (SECITEM_CopyItem(arena, &id->parameters, params)) {
- return SECFailure;
- }
- } else {
- /*
- * Again, this is not considered an error. But if we assume
- * that nobody tries to set the parameters field themselves
- * (but always uses this routine to do that), then we should
- * not hit the following assertion. Unless they forgot to zero
- * the structure, which could also be a bad (and wrong) thing.
- */
- PORT_Assert(id->parameters.data == NULL);
-
- if (add_null_param) {
- (void) SECITEM_AllocItem(arena, &id->parameters, 2);
- if (id->parameters.data == NULL) {
- return SECFailure;
- }
- id->parameters.data[0] = SEC_ASN1_NULL;
- id->parameters.data[1] = 0;
- }
- }
-
- return SECSuccess;
-}
-
-SECStatus
-SECOID_CopyAlgorithmID(PRArenaPool *arena, SECAlgorithmID *to, SECAlgorithmID *from)
-{
- SECStatus rv;
-
- rv = SECITEM_CopyItem(arena, &to->algorithm, &from->algorithm);
- if (rv) return rv;
- rv = SECITEM_CopyItem(arena, &to->parameters, &from->parameters);
- return rv;
-}
-
-void SECOID_DestroyAlgorithmID(SECAlgorithmID *algid, PRBool freeit)
-{
- SECITEM_FreeItem(&algid->parameters, PR_FALSE);
- SECITEM_FreeItem(&algid->algorithm, PR_FALSE);
- if(freeit == PR_TRUE)
- PORT_Free(algid);
-}
-
-SECComparison
-SECOID_CompareAlgorithmID(SECAlgorithmID *a, SECAlgorithmID *b)
-{
- SECComparison rv;
-
- rv = SECITEM_CompareItem(&a->algorithm, &b->algorithm);
- if (rv) return rv;
- rv = SECITEM_CompareItem(&a->parameters, &b->parameters);
- return rv;
-}
-
-/* This functions simply returns the address of the above-declared template. */
-SEC_ASN1_CHOOSER_IMPLEMENT(SECOID_AlgorithmIDTemplate)
-
diff --git a/security/nss/lib/util/secasn1.h b/security/nss/lib/util/secasn1.h
deleted file mode 100644
index 4d5c9971c..000000000
--- a/security/nss/lib/util/secasn1.h
+++ /dev/null
@@ -1,284 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished
- * Encoding Rules). The routines are found in and used extensively by the
- * security library, but exported for other use.
- *
- * $Id$
- */
-
-#ifndef _SECASN1_H_
-#define _SECASN1_H_
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secasn1t.h"
-
-
-/************************************************************************/
-SEC_BEGIN_PROTOS
-
-/*
- * XXX These function prototypes need full, explanatory comments.
- */
-
-/*
-** Decoding.
-*/
-
-extern SEC_ASN1DecoderContext *SEC_ASN1DecoderStart(PRArenaPool *pool,
- void *dest,
- const SEC_ASN1Template *t);
-
-/* XXX char or unsigned char? */
-extern SECStatus SEC_ASN1DecoderUpdate(SEC_ASN1DecoderContext *cx,
- const char *buf,
- unsigned long len);
-
-extern SECStatus SEC_ASN1DecoderFinish(SEC_ASN1DecoderContext *cx);
-
-extern void SEC_ASN1DecoderSetFilterProc(SEC_ASN1DecoderContext *cx,
- SEC_ASN1WriteProc fn,
- void *arg, PRBool no_store);
-
-extern void SEC_ASN1DecoderClearFilterProc(SEC_ASN1DecoderContext *cx);
-
-extern void SEC_ASN1DecoderSetNotifyProc(SEC_ASN1DecoderContext *cx,
- SEC_ASN1NotifyProc fn,
- void *arg);
-
-extern void SEC_ASN1DecoderClearNotifyProc(SEC_ASN1DecoderContext *cx);
-
-extern SECStatus SEC_ASN1Decode(PRArenaPool *pool, void *dest,
- const SEC_ASN1Template *t,
- const char *buf, long len);
-
-extern SECStatus SEC_ASN1DecodeItem(PRArenaPool *pool, void *dest,
- const SEC_ASN1Template *t,
- SECItem *item);
-/*
-** Encoding.
-*/
-
-extern SEC_ASN1EncoderContext *SEC_ASN1EncoderStart(void *src,
- const SEC_ASN1Template *t,
- SEC_ASN1WriteProc fn,
- void *output_arg);
-
-/* XXX char or unsigned char? */
-extern SECStatus SEC_ASN1EncoderUpdate(SEC_ASN1EncoderContext *cx,
- const char *buf,
- unsigned long len);
-
-extern void SEC_ASN1EncoderFinish(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderSetNotifyProc(SEC_ASN1EncoderContext *cx,
- SEC_ASN1NotifyProc fn,
- void *arg);
-
-extern void SEC_ASN1EncoderClearNotifyProc(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderSetStreaming(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderClearStreaming(SEC_ASN1EncoderContext *cx);
-
-extern void sec_ASN1EncoderSetDER(SEC_ASN1EncoderContext *cx);
-
-extern void sec_ASN1EncoderClearDER(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderSetTakeFromBuf(SEC_ASN1EncoderContext *cx);
-
-extern void SEC_ASN1EncoderClearTakeFromBuf(SEC_ASN1EncoderContext *cx);
-
-extern SECStatus SEC_ASN1Encode(void *src, const SEC_ASN1Template *t,
- SEC_ASN1WriteProc output_proc,
- void *output_arg);
-
-extern SECItem * SEC_ASN1EncodeItem(PRArenaPool *pool, SECItem *dest,
- void *src, const SEC_ASN1Template *t);
-
-extern SECItem * SEC_ASN1EncodeInteger(PRArenaPool *pool,
- SECItem *dest, long value);
-
-extern SECItem * SEC_ASN1EncodeUnsignedInteger(PRArenaPool *pool,
- SECItem *dest,
- unsigned long value);
-
-extern SECStatus SEC_ASN1DecodeInteger(SECItem *src,
- unsigned long *value);
-
-/*
-** Utilities.
-*/
-
-/*
- * We have a length that needs to be encoded; how many bytes will the
- * encoding take?
- */
-extern int SEC_ASN1LengthLength (unsigned long len);
-
-/* encode the length and return the number of bytes we encoded. Buffer
- * must be pre allocated */
-extern int SEC_ASN1EncodeLength(unsigned char *buf,int value);
-
-/*
- * Find the appropriate subtemplate for the given template.
- * This may involve calling a "chooser" function, or it may just
- * be right there. In either case, it is expected to *have* a
- * subtemplate; this is asserted in debug builds (in non-debug
- * builds, NULL will be returned).
- *
- * "thing" is a pointer to the structure being encoded/decoded
- * "encoding", when true, means that we are in the process of encoding
- * (as opposed to in the process of decoding)
- */
-extern const SEC_ASN1Template *
-SEC_ASN1GetSubtemplate (const SEC_ASN1Template *inTemplate, void *thing,
- PRBool encoding);
-
-/************************************************************************/
-
-/*
- * Generic Templates
- * One for each of the simple types, plus a special one for ANY, plus:
- * - a pointer to each one of those
- * - a set of each one of those
- * - a sequence of each one of those
- *
- * Note that these are alphabetical (case insensitive); please add new
- * ones in the appropriate place.
- */
-
-extern const SEC_ASN1Template SEC_AnyTemplate[];
-extern const SEC_ASN1Template SEC_BitStringTemplate[];
-extern const SEC_ASN1Template SEC_BMPStringTemplate[];
-extern const SEC_ASN1Template SEC_BooleanTemplate[];
-extern const SEC_ASN1Template SEC_EnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_GeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_IA5StringTemplate[];
-extern const SEC_ASN1Template SEC_IntegerTemplate[];
-extern const SEC_ASN1Template SEC_NullTemplate[];
-extern const SEC_ASN1Template SEC_ObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_OctetStringTemplate[];
-extern const SEC_ASN1Template SEC_PrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_T61StringTemplate[];
-extern const SEC_ASN1Template SEC_UniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_UTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_UTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_VisibleStringTemplate[];
-
-extern const SEC_ASN1Template SEC_PointerToAnyTemplate[];
-extern const SEC_ASN1Template SEC_PointerToBitStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToBMPStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToBooleanTemplate[];
-extern const SEC_ASN1Template SEC_PointerToEnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_PointerToGeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_PointerToIA5StringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToIntegerTemplate[];
-extern const SEC_ASN1Template SEC_PointerToNullTemplate[];
-extern const SEC_ASN1Template SEC_PointerToObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_PointerToOctetStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToPrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToT61StringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToUniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToUTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_PointerToUTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_PointerToVisibleStringTemplate[];
-
-extern const SEC_ASN1Template SEC_SequenceOfAnyTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfBitStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfBMPStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfBooleanTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfEnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfGeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfIA5StringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfIntegerTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfNullTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfOctetStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfPrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfT61StringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfUniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfUTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfUTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_SequenceOfVisibleStringTemplate[];
-
-extern const SEC_ASN1Template SEC_SetOfAnyTemplate[];
-extern const SEC_ASN1Template SEC_SetOfBitStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfBMPStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfBooleanTemplate[];
-extern const SEC_ASN1Template SEC_SetOfEnumeratedTemplate[];
-extern const SEC_ASN1Template SEC_SetOfGeneralizedTimeTemplate[];
-extern const SEC_ASN1Template SEC_SetOfIA5StringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfIntegerTemplate[];
-extern const SEC_ASN1Template SEC_SetOfNullTemplate[];
-extern const SEC_ASN1Template SEC_SetOfObjectIDTemplate[];
-extern const SEC_ASN1Template SEC_SetOfOctetStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfPrintableStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfT61StringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfUniversalStringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfUTCTimeTemplate[];
-extern const SEC_ASN1Template SEC_SetOfUTF8StringTemplate[];
-extern const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[];
-
-/*
- * Template for skipping a subitem; this only makes sense when decoding.
- */
-extern const SEC_ASN1Template SEC_SkipTemplate[];
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs. Sigh.
-*/
-SEC_ASN1_CHOOSER_DECLARE(SEC_AnyTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_BMPStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_BooleanTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_BitStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_GeneralizedTimeTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_IA5StringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_IntegerTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_NullTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_ObjectIDTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_OctetStringTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_UTCTimeTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_UTF8StringTemplate)
-
-SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToAnyTemplate)
-SEC_ASN1_CHOOSER_DECLARE(SEC_PointerToOctetStringTemplate)
-
-SEC_ASN1_CHOOSER_DECLARE(SEC_SetOfAnyTemplate)
-
-SEC_END_PROTOS
-#endif /* _SECASN1_H_ */
diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c
deleted file mode 100644
index bcbd4dcc6..000000000
--- a/security/nss/lib/util/secasn1d.c
+++ /dev/null
@@ -1,2981 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for DEcoding ASN.1 data based on BER/DER (Basic/Distinguished
- * Encoding Rules).
- *
- * $Id$
- */
-
-#include "secasn1.h"
-#include "secerr.h"
-
-typedef enum {
- beforeIdentifier,
- duringIdentifier,
- afterIdentifier,
- beforeLength,
- duringLength,
- afterLength,
- beforeBitString,
- duringBitString,
- duringConstructedString,
- duringGroup,
- duringLeaf,
- duringSaveEncoding,
- duringSequence,
- afterConstructedString,
- afterGroup,
- afterExplicit,
- afterImplicit,
- afterInline,
- afterPointer,
- afterSaveEncoding,
- beforeEndOfContents,
- duringEndOfContents,
- afterEndOfContents,
- beforeChoice,
- duringChoice,
- afterChoice,
- notInUse
-} sec_asn1d_parse_place;
-
-#ifdef DEBUG_ASN1D_STATES
-static const char *place_names[] = {
- "beforeIdentifier",
- "duringIdentifier",
- "afterIdentifier",
- "beforeLength",
- "duringLength",
- "afterLength",
- "beforeBitString",
- "duringBitString",
- "duringConstructedString",
- "duringGroup",
- "duringLeaf",
- "duringSaveEncoding",
- "duringSequence",
- "afterConstructedString",
- "afterGroup",
- "afterExplicit",
- "afterImplicit",
- "afterInline",
- "afterPointer",
- "afterSaveEncoding",
- "beforeEndOfContents",
- "duringEndOfContents",
- "afterEndOfContents",
- "beforeChoice",
- "duringChoice",
- "afterChoice",
- "notInUse"
-};
-#endif /* DEBUG_ASN1D_STATES */
-
-typedef enum {
- allDone,
- decodeError,
- keepGoing,
- needBytes
-} sec_asn1d_parse_status;
-
-struct subitem {
- const void *data;
- unsigned long len; /* only used for substrings */
- struct subitem *next;
-};
-
-typedef struct sec_asn1d_state_struct {
- SEC_ASN1DecoderContext *top;
- const SEC_ASN1Template *theTemplate;
- void *dest;
-
- void *our_mark; /* free on completion */
-
- struct sec_asn1d_state_struct *parent; /* aka prev */
- struct sec_asn1d_state_struct *child; /* aka next */
-
- sec_asn1d_parse_place place;
-
- /*
- * XXX explain the next fields as clearly as possible...
- */
- unsigned char found_tag_modifiers;
- unsigned char expect_tag_modifiers;
- unsigned long check_tag_mask;
- unsigned long found_tag_number;
- unsigned long expect_tag_number;
- unsigned long underlying_kind;
-
- unsigned long contents_length;
- unsigned long pending;
- unsigned long consumed;
-
- int depth;
-
- /*
- * Bit strings have their length adjusted -- the first octet of the
- * contents contains a value between 0 and 7 which says how many bits
- * at the end of the octets are not actually part of the bit string;
- * when parsing bit strings we put that value here because we need it
- * later, for adjustment of the length (when the whole string is done).
- */
- unsigned int bit_string_unused_bits;
-
- /*
- * The following are used for indefinite-length constructed strings.
- */
- struct subitem *subitems_head;
- struct subitem *subitems_tail;
-
- PRPackedBool
- allocate, /* when true, need to allocate the destination */
- endofcontents, /* this state ended up parsing end-of-contents octets */
- explicit, /* we are handling an explicit header */
- indefinite, /* the current item has indefinite-length encoding */
- missing, /* an optional field that was not present */
- optional, /* the template says this field may be omitted */
- substring; /* this is a substring of a constructed string */
-
-} sec_asn1d_state;
-
-#define IS_HIGH_TAG_NUMBER(n) ((n) == SEC_ASN1_HIGH_TAG_NUMBER)
-#define LAST_TAG_NUMBER_BYTE(b) (((b) & 0x80) == 0)
-#define TAG_NUMBER_BITS 7
-#define TAG_NUMBER_MASK 0x7f
-
-#define LENGTH_IS_SHORT_FORM(b) (((b) & 0x80) == 0)
-#define LONG_FORM_LENGTH(b) ((b) & 0x7f)
-
-#define HIGH_BITS(field,cnt) ((field) >> ((sizeof(field) * 8) - (cnt)))
-
-
-/*
- * An "outsider" will have an opaque pointer to this, created by calling
- * SEC_ASN1DecoderStart(). It will be passed back in to all subsequent
- * calls to SEC_ASN1DecoderUpdate(), and when done it is passed to
- * SEC_ASN1DecoderFinish().
- */
-struct sec_DecoderContext_struct {
- PRArenaPool *our_pool; /* for our internal allocs */
- PRArenaPool *their_pool; /* for destination structure allocs */
-#ifdef SEC_ASN1D_FREE_ON_ERROR /*
- * XXX see comment below (by same
- * ifdef) that explains why this
- * does not work (need more smarts
- * in order to free back to mark)
- */
- /*
- * XXX how to make their_mark work in the case where they do NOT
- * give us a pool pointer?
- */
- void *their_mark; /* free on error */
-#endif
-
- sec_asn1d_state *current;
- sec_asn1d_parse_status status;
-
- SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */
- void *notify_arg; /* argument to notify_proc */
- PRBool during_notify; /* true during call to notify_proc */
-
- SEC_ASN1WriteProc filter_proc; /* pass field bytes to this */
- void *filter_arg; /* argument to that function */
- PRBool filter_only; /* do not allocate/store fields */
-};
-
-
-/*
- * XXX this is a fairly generic function that may belong elsewhere
- */
-static void *
-sec_asn1d_alloc (PRArenaPool *poolp, unsigned long len)
-{
- void *thing;
-
- if (poolp != NULL) {
- /*
- * Allocate from the pool.
- */
- thing = PORT_ArenaAlloc (poolp, len);
- } else {
- /*
- * Allocate generically.
- */
- thing = PORT_Alloc (len);
- }
-
- return thing;
-}
-
-
-/*
- * XXX this is a fairly generic function that may belong elsewhere
- */
-static void *
-sec_asn1d_zalloc (PRArenaPool *poolp, unsigned long len)
-{
- void *thing;
-
- thing = sec_asn1d_alloc (poolp, len);
- if (thing != NULL)
- PORT_Memset (thing, 0, len);
- return thing;
-}
-
-
-static sec_asn1d_state *
-sec_asn1d_push_state (SEC_ASN1DecoderContext *cx,
- const SEC_ASN1Template *theTemplate,
- void *dest, PRBool new_depth)
-{
- sec_asn1d_state *state, *new_state;
-
- state = cx->current;
-
- PORT_Assert (state == NULL || state->child == NULL);
-
- if (state != NULL) {
- PORT_Assert (state->our_mark == NULL);
- state->our_mark = PORT_ArenaMark (cx->our_pool);
- }
-
- new_state = (sec_asn1d_state*)sec_asn1d_zalloc (cx->our_pool,
- sizeof(*new_state));
- if (new_state == NULL) {
- cx->status = decodeError;
- if (state != NULL) {
- PORT_ArenaRelease(cx->our_pool, state->our_mark);
- state->our_mark = NULL;
- }
- return NULL;
- }
-
- new_state->top = cx;
- new_state->parent = state;
- new_state->theTemplate = theTemplate;
- new_state->place = notInUse;
- if (dest != NULL)
- new_state->dest = (char *)dest + theTemplate->offset;
-
- if (state != NULL) {
- new_state->depth = state->depth;
- if (new_depth)
- new_state->depth++;
- state->child = new_state;
- }
-
- cx->current = new_state;
- return new_state;
-}
-
-
-static void
-sec_asn1d_scrub_state (sec_asn1d_state *state)
-{
- /*
- * Some default "scrubbing".
- * XXX right set of initializations?
- */
- state->place = beforeIdentifier;
- state->endofcontents = PR_FALSE;
- state->indefinite = PR_FALSE;
- state->missing = PR_FALSE;
- PORT_Assert (state->consumed == 0);
-}
-
-
-static void
-sec_asn1d_notify_before (SEC_ASN1DecoderContext *cx, void *dest, int depth)
-{
- if (cx->notify_proc == NULL)
- return;
-
- cx->during_notify = PR_TRUE;
- (* cx->notify_proc) (cx->notify_arg, PR_TRUE, dest, depth);
- cx->during_notify = PR_FALSE;
-}
-
-
-static void
-sec_asn1d_notify_after (SEC_ASN1DecoderContext *cx, void *dest, int depth)
-{
- if (cx->notify_proc == NULL)
- return;
-
- cx->during_notify = PR_TRUE;
- (* cx->notify_proc) (cx->notify_arg, PR_FALSE, dest, depth);
- cx->during_notify = PR_FALSE;
-}
-
-
-static sec_asn1d_state *
-sec_asn1d_init_state_based_on_template (sec_asn1d_state *state)
-{
- PRBool explicit, optional, universal;
- unsigned char expect_tag_modifiers;
- unsigned long encode_kind, under_kind;
- unsigned long check_tag_mask, expect_tag_number;
-
-
- /* XXX Check that both of these tests are really needed/appropriate. */
- if (state == NULL || state->top->status == decodeError)
- return state;
-
- encode_kind = state->theTemplate->kind;
-
- if (encode_kind & SEC_ASN1_SAVE) {
- /*
- * This is a "magic" field that saves away all bytes, allowing
- * the immediately following field to still be decoded from this
- * same spot -- sort of a fork.
- */
- /* check that there are no extraneous bits */
- PORT_Assert (encode_kind == SEC_ASN1_SAVE);
- if (state->top->filter_only) {
- /*
- * If we are not storing, then we do not do the SAVE field
- * at all. Just move ahead to the "real" field instead,
- * doing the appropriate notify calls before and after.
- */
- sec_asn1d_notify_after (state->top, state->dest, state->depth);
- /*
- * Since we are not storing, allow for our current dest value
- * to be NULL. (This might not actually occur, but right now I
- * cannot convince myself one way or the other.) If it is NULL,
- * assume that our parent dest can help us out.
- */
- if (state->dest == NULL)
- state->dest = state->parent->dest;
- else
- state->dest = (char *)state->dest - state->theTemplate->offset;
- state->theTemplate++;
- if (state->dest != NULL)
- state->dest = (char *)state->dest + state->theTemplate->offset;
- sec_asn1d_notify_before (state->top, state->dest, state->depth);
- encode_kind = state->theTemplate->kind;
- PORT_Assert ((encode_kind & SEC_ASN1_SAVE) == 0);
- } else {
- sec_asn1d_scrub_state (state);
- state->place = duringSaveEncoding;
- state = sec_asn1d_push_state (state->top, SEC_AnyTemplate,
- state->dest, PR_FALSE);
- if (state != NULL)
- state = sec_asn1d_init_state_based_on_template (state);
- return state;
- }
- }
-
-
- universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_EXPLICIT;
-
- optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_OPTIONAL;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- encode_kind &= ~SEC_ASN1_DYNAMIC;
- encode_kind &= ~SEC_ASN1_MAY_STREAM;
-
- if( encode_kind & SEC_ASN1_CHOICE ) {
-#if 0 /* XXX remove? */
- sec_asn1d_state *child = sec_asn1d_push_state(state->top, state->theTemplate, state->dest, PR_FALSE);
- if( (sec_asn1d_state *)NULL == child ) {
- return (sec_asn1d_state *)NULL;
- }
-
- child->allocate = state->allocate;
- child->place = beforeChoice;
- return child;
-#else
- state->place = beforeChoice;
- return state;
-#endif
- }
-
- if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || (!universal
- && !explicit)) {
- const SEC_ASN1Template *subt;
- void *dest;
- PRBool child_allocate;
-
- PORT_Assert ((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);
-
- sec_asn1d_scrub_state (state);
- child_allocate = PR_FALSE;
-
- if (encode_kind & SEC_ASN1_POINTER) {
- /*
- * A POINTER means we need to allocate the destination for
- * this field. But, since it may also be an optional field,
- * we defer the allocation until later; we just record that
- * it needs to be done.
- *
- * There are two possible scenarios here -- one is just a
- * plain POINTER (kind of like INLINE, except with allocation)
- * and the other is an implicitly-tagged POINTER. We don't
- * need to do anything special here for the two cases, but
- * since the template definition can be tricky, we do check
- * that there are no extraneous bits set in encode_kind.
- *
- * XXX The same conditions which assert should set an error.
- */
- if (universal) {
- /*
- * "universal" means this entry is a standalone POINTER;
- * there should be no other bits set in encode_kind.
- */
- PORT_Assert (encode_kind == SEC_ASN1_POINTER);
- } else {
- /*
- * If we get here we have an implicitly-tagged field
- * that needs to be put into a POINTER. The subtemplate
- * will determine how to decode the field, but encode_kind
- * describes the (implicit) tag we are looking for.
- * The non-tag bits of encode_kind will be ignored by
- * the code below; none of them should be set, however,
- * except for the POINTER bit itself -- so check that.
- */
- PORT_Assert ((encode_kind & ~SEC_ASN1_TAG_MASK)
- == SEC_ASN1_POINTER);
- }
- if (!state->top->filter_only)
- child_allocate = PR_TRUE;
- dest = NULL;
- state->place = afterPointer;
- } else {
- dest = state->dest;
- if (encode_kind & SEC_ASN1_INLINE) {
- /* check that there are no extraneous bits */
- PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional);
- state->place = afterInline;
- } else {
- state->place = afterImplicit;
- }
- }
-
- state->optional = optional;
- subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->dest, PR_FALSE);
- state = sec_asn1d_push_state (state->top, subt, dest, PR_FALSE);
- if (state == NULL)
- return NULL;
-
- state->allocate = child_allocate;
-
- if (universal) {
- state = sec_asn1d_init_state_based_on_template (state);
- if (state != NULL) {
- /*
- * If this field is optional, we need to record that on
- * the pushed child so it won't fail if the field isn't
- * found. I can't think of a way that this new state
- * could already have optional set (which we would wipe
- * out below if our local optional is not set) -- but
- * just to be sure, assert that it isn't set.
- */
- PORT_Assert (!state->optional);
- state->optional = optional;
- }
- return state;
- }
-
- under_kind = state->theTemplate->kind;
- under_kind &= ~SEC_ASN1_MAY_STREAM;
- } else if (explicit) {
- /*
- * For explicit, we only need to match the encoding tag next,
- * then we will push another state to handle the entire inner
- * part. In this case, there is no underlying kind which plays
- * any part in the determination of the outer, explicit tag.
- * So we just set under_kind to 0, which is not a valid tag,
- * and the rest of the tag matching stuff should be okay.
- */
- under_kind = 0;
- } else {
- /*
- * Nothing special; the underlying kind and the given encoding
- * information are the same.
- */
- under_kind = encode_kind;
- }
-
- /* XXX is this the right set of bits to test here? */
- PORT_Assert ((under_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL
- | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_INLINE | SEC_ASN1_POINTER)) == 0);
-
- if (encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) {
- PORT_Assert (encode_kind == under_kind);
- if (encode_kind & SEC_ASN1_SKIP) {
- PORT_Assert (!optional);
- PORT_Assert (encode_kind == SEC_ASN1_SKIP);
- state->dest = NULL;
- }
- check_tag_mask = 0;
- expect_tag_modifiers = 0;
- expect_tag_number = 0;
- } else {
- check_tag_mask = SEC_ASN1_TAG_MASK;
- expect_tag_modifiers = encode_kind & SEC_ASN1_TAG_MASK
- & ~SEC_ASN1_TAGNUM_MASK;
- /*
- * XXX This assumes only single-octet identifiers. To handle
- * the HIGH TAG form we would need to do some more work, especially
- * in how to specify them in the template, because right now we
- * do not provide a way to specify more *tag* bits in encode_kind.
- */
- expect_tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
-
- switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
- case SEC_ASN1_SET:
- /*
- * XXX A plain old SET (as opposed to a SET OF) is not implemented.
- * If it ever is, remove this assert...
- */
- PORT_Assert ((under_kind & SEC_ASN1_GROUP) != 0);
- /* fallthru */
- case SEC_ASN1_SEQUENCE:
- expect_tag_modifiers |= SEC_ASN1_CONSTRUCTED;
- break;
- case SEC_ASN1_BIT_STRING:
- case SEC_ASN1_BMP_STRING:
- case SEC_ASN1_GENERALIZED_TIME:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_OCTET_STRING:
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_T61_STRING:
- case SEC_ASN1_UNIVERSAL_STRING:
- case SEC_ASN1_UTC_TIME:
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- check_tag_mask &= ~SEC_ASN1_CONSTRUCTED;
- break;
- }
- }
-
- state->check_tag_mask = check_tag_mask;
- state->expect_tag_modifiers = expect_tag_modifiers;
- state->expect_tag_number = expect_tag_number;
- state->underlying_kind = under_kind;
- state->explicit = explicit;
- state->optional = optional;
-
- sec_asn1d_scrub_state (state);
-
- return state;
-}
-
-
-static unsigned long
-sec_asn1d_parse_identifier (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- unsigned char byte;
- unsigned char tag_number;
-
- PORT_Assert (state->place == beforeIdentifier);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- byte = (unsigned char) *buf;
- tag_number = byte & SEC_ASN1_TAGNUM_MASK;
-
- if (IS_HIGH_TAG_NUMBER (tag_number)) {
- state->place = duringIdentifier;
- state->found_tag_number = 0;
- /*
- * Actually, we have no idea how many bytes are pending, but we
- * do know that it is at least 1. That is all we know; we have
- * to look at each byte to know if there is another, etc.
- */
- state->pending = 1;
- } else {
- if (byte == 0 && state->parent != NULL &&
- (state->parent->indefinite ||
- (
- (state->parent->place == afterImplicit ||
- state->parent->place == afterPointer)
- && state->parent->parent != NULL && state->parent->parent->indefinite
- )
- )
- ) {
- /*
- * Our parent has indefinite-length encoding, and the
- * entire tag found is 0, so it seems that we have hit the
- * end-of-contents octets. To handle this, we just change
- * our state to that which expects to get the bytes of the
- * end-of-contents octets and let that code re-read this byte
- * so that our categorization of field types is correct.
- * After that, our parent will then deal with everything else.
- */
- state->place = duringEndOfContents;
- state->pending = 2;
- state->found_tag_number = 0;
- state->found_tag_modifiers = 0;
- /*
- * We might be an optional field that is, as we now find out,
- * missing. Give our parent a clue that this happened.
- */
- if (state->optional)
- state->missing = PR_TRUE;
- return 0;
- }
- state->place = afterIdentifier;
- state->found_tag_number = tag_number;
- }
- state->found_tag_modifiers = byte & ~SEC_ASN1_TAGNUM_MASK;
-
- return 1;
-}
-
-
-static unsigned long
-sec_asn1d_parse_more_identifier (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- unsigned char byte;
- int count;
-
- PORT_Assert (state->pending == 1);
- PORT_Assert (state->place == duringIdentifier);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- count = 0;
-
- while (len && state->pending) {
- if (HIGH_BITS (state->found_tag_number, TAG_NUMBER_BITS) != 0) {
- /*
- * The given high tag number overflows our container;
- * just give up. This is not likely to *ever* happen.
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return 0;
- }
-
- state->found_tag_number <<= TAG_NUMBER_BITS;
-
- byte = (unsigned char) buf[count++];
- state->found_tag_number |= (byte & TAG_NUMBER_MASK);
-
- len--;
- if (LAST_TAG_NUMBER_BYTE (byte))
- state->pending = 0;
- }
-
- if (state->pending == 0)
- state->place = afterIdentifier;
-
- return count;
-}
-
-
-static void
-sec_asn1d_confirm_identifier (sec_asn1d_state *state)
-{
- PRBool match;
-
- PORT_Assert (state->place == afterIdentifier);
-
- match = (PRBool)(((state->found_tag_modifiers & state->check_tag_mask)
- == state->expect_tag_modifiers)
- && ((state->found_tag_number & state->check_tag_mask)
- == state->expect_tag_number));
- if (match) {
- state->place = beforeLength;
- } else {
- if (state->optional) {
- state->missing = PR_TRUE;
- state->place = afterEndOfContents;
- } else {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- }
- }
-}
-
-
-static unsigned long
-sec_asn1d_parse_length (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- unsigned char byte;
-
- PORT_Assert (state->place == beforeLength);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- /*
- * The default/likely outcome. It may get adjusted below.
- */
- state->place = afterLength;
-
- byte = (unsigned char) *buf;
-
- if (LENGTH_IS_SHORT_FORM (byte)) {
- state->contents_length = byte;
- } else {
- state->contents_length = 0;
- state->pending = LONG_FORM_LENGTH (byte);
- if (state->pending == 0) {
- state->indefinite = PR_TRUE;
- } else {
- state->place = duringLength;
- }
- }
-
- return 1;
-}
-
-
-static unsigned long
-sec_asn1d_parse_more_length (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- int count;
-
- PORT_Assert (state->pending > 0);
- PORT_Assert (state->place == duringLength);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- count = 0;
-
- while (len && state->pending) {
- if (HIGH_BITS (state->contents_length, 8) != 0) {
- /*
- * The given full content length overflows our container;
- * just give up.
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return 0;
- }
-
- state->contents_length <<= 8;
- state->contents_length |= (unsigned char) buf[count++];
-
- len--;
- state->pending--;
- }
-
- if (state->pending == 0)
- state->place = afterLength;
-
- return count;
-}
-
-
-static void
-sec_asn1d_prepare_for_contents (sec_asn1d_state *state)
-{
- SECItem *item;
- PRArenaPool *poolp;
- unsigned long alloc_len;
-
-
- /*
- * XXX I cannot decide if this allocation should exclude the case
- * where state->endofcontents is true -- figure it out!
- */
- if (state->allocate) {
- void *dest;
-
- PORT_Assert (state->dest == NULL);
- /*
- * We are handling a POINTER or a member of a GROUP, and need to
- * allocate for the data structure.
- */
- dest = sec_asn1d_zalloc (state->top->their_pool,
- state->theTemplate->size);
- if (dest == NULL) {
- state->top->status = decodeError;
- return;
- }
- state->dest = (char *)dest + state->theTemplate->offset;
-
- /*
- * For a member of a GROUP, our parent will later put the
- * pointer wherever it belongs. But for a POINTER, we need
- * to record the destination now, in case notify or filter
- * procs need access to it -- they cannot find it otherwise,
- * until it is too late (for one-pass processing).
- */
- if (state->parent->place == afterPointer) {
- void **placep;
-
- placep = state->parent->dest;
- *placep = dest;
- }
- }
-
- /*
- * Remember, length may be indefinite here! In that case,
- * both contents_length and pending will be zero.
- */
- state->pending = state->contents_length;
-
- /*
- * An EXPLICIT is nothing but an outer header, which we have
- * already parsed and accepted. Now we need to do the inner
- * header and its contents.
- */
- if (state->explicit) {
- state->place = afterExplicit;
- state = sec_asn1d_push_state (state->top,
- SEC_ASN1GetSubtemplate(state->theTemplate,
- state->dest,
- PR_FALSE),
- state->dest, PR_TRUE);
- if (state != NULL)
- state = sec_asn1d_init_state_based_on_template (state);
- return;
- }
-
- /*
- * For GROUP (SET OF, SEQUENCE OF), even if we know the length here
- * we cannot tell how many items we will end up with ... so push a
- * state that can keep track of "children" (the individual members
- * of the group; we will allocate as we go and put them all together
- * at the end.
- */
- if (state->underlying_kind & SEC_ASN1_GROUP) {
- /* XXX If this assertion holds (should be able to confirm it via
- * inspection, too) then move this code into the switch statement
- * below under cases SET_OF and SEQUENCE_OF; it will be cleaner.
- */
- PORT_Assert (state->underlying_kind == SEC_ASN1_SET_OF
- || state->underlying_kind == SEC_ASN1_SEQUENCE_OF);
- if (state->contents_length != 0 || state->indefinite) {
- const SEC_ASN1Template *subt;
-
- state->place = duringGroup;
- subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->dest,
- PR_FALSE);
- state = sec_asn1d_push_state (state->top, subt, NULL, PR_TRUE);
- if (state != NULL) {
- if (!state->top->filter_only)
- state->allocate = PR_TRUE; /* XXX propogate this? */
- /*
- * Do the "before" field notification for next in group.
- */
- sec_asn1d_notify_before (state->top, state->dest, state->depth);
- state = sec_asn1d_init_state_based_on_template (state);
- }
- } else {
- /*
- * A group of zero; we are done.
- * XXX Should we store a NULL here? Or set state to
- * afterGroup and let that code do it?
- */
- state->place = afterEndOfContents;
- }
- return;
- }
-
- switch (state->underlying_kind) {
- case SEC_ASN1_SEQUENCE:
- /*
- * We need to push a child to handle the individual fields.
- */
- state->place = duringSequence;
- state = sec_asn1d_push_state (state->top, state->theTemplate + 1,
- state->dest, PR_TRUE);
- if (state != NULL) {
- /*
- * Do the "before" field notification.
- */
- sec_asn1d_notify_before (state->top, state->dest, state->depth);
- state = sec_asn1d_init_state_based_on_template (state);
- }
- break;
-
- case SEC_ASN1_SET: /* XXX SET is not really implemented */
- /*
- * XXX A plain SET requires special handling; scanning of a
- * template to see where a field should go (because by definition,
- * they are not in any particular order, and you have to look at
- * each tag to disambiguate what the field is). We may never
- * implement this because in practice, it seems to be unused.
- */
- PORT_Assert(0);
- state->top->status = decodeError;
- break;
-
- case SEC_ASN1_NULL:
- /*
- * The NULL type, by definition, is "nothing", content length of zero.
- * An indefinite-length encoding is not alloweed.
- */
- if (state->contents_length || state->indefinite) {
- state->top->status = decodeError;
- break;
- }
- if (state->dest != NULL) {
- item = (SECItem *)(state->dest);
- item->data = NULL;
- item->len = 0;
- }
- state->place = afterEndOfContents;
- break;
-
- case SEC_ASN1_BMP_STRING:
- /* Error if length is not divisable by 2 */
- if (state->contents_length % 2) {
- state->top->status = decodeError;
- break;
- }
- /* otherwise, handle as other string types */
- goto regular_string_type;
-
- case SEC_ASN1_UNIVERSAL_STRING:
- /* Error if length is not divisable by 4 */
- if (state->contents_length % 4) {
- state->top->status = decodeError;
- break;
- }
- /* otherwise, handle as other string types */
- goto regular_string_type;
-
- case SEC_ASN1_SKIP:
- case SEC_ASN1_ANY:
- case SEC_ASN1_ANY_CONTENTS:
- /*
- * These are not (necessarily) strings, but they need nearly
- * identical handling (especially when we need to deal with
- * constructed sub-pieces), so we pretend they are.
- */
- /* fallthru */
-regular_string_type:
- case SEC_ASN1_BIT_STRING:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_OCTET_STRING:
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_T61_STRING:
- case SEC_ASN1_UTC_TIME:
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- /*
- * We are allocating for a primitive or a constructed string.
- * If it is a constructed string, it may also be indefinite-length.
- * If it is primitive, the length can (legally) be zero.
- * Our first order of business is to allocate the memory for
- * the string, if we can (if we know the length).
- */
- item = (SECItem *)(state->dest);
-
- /*
- * If the item is a definite-length constructed string, then
- * the contents_length is actually larger than what we need
- * (because it also counts each intermediate header which we
- * will be throwing away as we go), but it is a perfectly good
- * upper bound that we just allocate anyway, and then concat
- * as we go; we end up wasting a few extra bytes but save a
- * whole other copy.
- */
- alloc_len = state->contents_length;
- poolp = NULL; /* quiet compiler warnings about unused... */
-
- if (item == NULL || state->top->filter_only) {
- if (item != NULL) {
- item->data = NULL;
- item->len = 0;
- }
- alloc_len = 0;
- } else if (state->substring) {
- /*
- * If we are a substring of a constructed string, then we may
- * not have to allocate anything (because our parent, the
- * actual constructed string, did it for us). If we are a
- * substring and we *do* have to allocate, that means our
- * parent is an indefinite-length, so we allocate from our pool;
- * later our parent will copy our string into the aggregated
- * whole and free our pool allocation.
- */
- if (item->data == NULL) {
- PORT_Assert (item->len == 0);
- poolp = state->top->our_pool;
- } else {
- alloc_len = 0;
- }
- } else {
- item->len = 0;
- item->data = NULL;
- poolp = state->top->their_pool;
- }
-
- if (alloc_len || ((! state->indefinite)
- && (state->subitems_head != NULL))) {
- struct subitem *subitem;
- int len;
-
- PORT_Assert (item->len == 0 && item->data == NULL);
- /*
- * Check for and handle an ANY which has stashed aside the
- * header (identifier and length) bytes for us to include
- * in the saved contents.
- */
- if (state->subitems_head != NULL) {
- PORT_Assert (state->underlying_kind == SEC_ASN1_ANY);
- for (subitem = state->subitems_head;
- subitem != NULL; subitem = subitem->next)
- alloc_len += subitem->len;
- }
-
- item->data = (unsigned char*)sec_asn1d_zalloc (poolp, alloc_len);
- if (item->data == NULL) {
- state->top->status = decodeError;
- break;
- }
-
- len = 0;
- for (subitem = state->subitems_head;
- subitem != NULL; subitem = subitem->next) {
- PORT_Memcpy (item->data + len, subitem->data, subitem->len);
- len += subitem->len;
- }
- item->len = len;
-
- /*
- * Because we use arenas and have a mark set, we later free
- * everything we have allocated, so this does *not* present
- * a memory leak (it is just temporarily left dangling).
- */
- state->subitems_head = state->subitems_tail = NULL;
- }
-
- if (state->contents_length == 0 && (! state->indefinite)) {
- /*
- * A zero-length simple or constructed string; we are done.
- */
- state->place = afterEndOfContents;
- } else if (state->found_tag_modifiers & SEC_ASN1_CONSTRUCTED) {
- const SEC_ASN1Template *sub;
-
- switch (state->underlying_kind) {
- case SEC_ASN1_ANY:
- case SEC_ASN1_ANY_CONTENTS:
- sub = SEC_AnyTemplate;
- break;
- case SEC_ASN1_BIT_STRING:
- sub = SEC_BitStringTemplate;
- break;
- case SEC_ASN1_BMP_STRING:
- sub = SEC_BMPStringTemplate;
- break;
- case SEC_ASN1_GENERALIZED_TIME:
- sub = SEC_GeneralizedTimeTemplate;
- break;
- case SEC_ASN1_IA5_STRING:
- sub = SEC_IA5StringTemplate;
- break;
- case SEC_ASN1_OCTET_STRING:
- sub = SEC_OctetStringTemplate;
- break;
- case SEC_ASN1_PRINTABLE_STRING:
- sub = SEC_PrintableStringTemplate;
- break;
- case SEC_ASN1_T61_STRING:
- sub = SEC_T61StringTemplate;
- break;
- case SEC_ASN1_UNIVERSAL_STRING:
- sub = SEC_UniversalStringTemplate;
- break;
- case SEC_ASN1_UTC_TIME:
- sub = SEC_UTCTimeTemplate;
- break;
- case SEC_ASN1_UTF8_STRING:
- sub = SEC_UTF8StringTemplate;
- break;
- case SEC_ASN1_VISIBLE_STRING:
- sub = SEC_VisibleStringTemplate;
- break;
- case SEC_ASN1_SKIP:
- sub = SEC_SkipTemplate;
- break;
- default: /* redundant given outer switch cases, but */
- PORT_Assert(0); /* the compiler does not seem to know that, */
- sub = NULL; /* so just do enough to quiet it. */
- break;
- }
-
- state->place = duringConstructedString;
- state = sec_asn1d_push_state (state->top, sub, item, PR_TRUE);
- if (state != NULL) {
- state->substring = PR_TRUE; /* XXX propogate? */
- state = sec_asn1d_init_state_based_on_template (state);
- }
- } else if (state->indefinite) {
- /*
- * An indefinite-length string *must* be constructed!
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- } else {
- /*
- * A non-zero-length simple string.
- */
- if (state->underlying_kind == SEC_ASN1_BIT_STRING)
- state->place = beforeBitString;
- else
- state->place = duringLeaf;
- }
- break;
-
- default:
- /*
- * We are allocating for a simple leaf item.
- */
- if (state->contents_length) {
- if (state->dest != NULL) {
- item = (SECItem *)(state->dest);
- item->len = 0;
- if (state->top->filter_only) {
- item->data = NULL;
- } else {
- item->data = (unsigned char*)
- sec_asn1d_zalloc (state->top->their_pool,
- state->contents_length);
- if (item->data == NULL) {
- state->top->status = decodeError;
- return;
- }
- }
- }
- state->place = duringLeaf;
- } else {
- /*
- * An indefinite-length or zero-length item is not allowed.
- * (All legal cases of such were handled above.)
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- }
- }
-}
-
-
-static void
-sec_asn1d_free_child (sec_asn1d_state *state, PRBool error)
-{
- if (state->child != NULL) {
- PORT_Assert (error || state->child->consumed == 0);
- PORT_Assert (state->our_mark != NULL);
- PORT_ArenaRelease (state->top->our_pool, state->our_mark);
- if (error && state->top->their_pool == NULL) {
- /*
- * XXX We need to free anything allocated.
- */
- PORT_Assert (0);
- }
- state->child = NULL;
- state->our_mark = NULL;
- } else {
- /*
- * It is important that we do not leave a mark unreleased/unmarked.
- * But I do not think we should ever have one set in this case, only
- * if we had a child (handled above). So check for that. If this
- * assertion should ever get hit, then we probably need to add code
- * here to release back to our_mark (and then set our_mark to NULL).
- */
- PORT_Assert (state->our_mark == NULL);
- }
- state->place = beforeEndOfContents;
-}
-
-
-static void
-sec_asn1d_reuse_encoding (sec_asn1d_state *state)
-{
- sec_asn1d_state *child;
- unsigned long consumed;
- SECItem *item;
- void *dest;
-
-
- child = state->child;
- PORT_Assert (child != NULL);
-
- consumed = child->consumed;
- child->consumed = 0;
-
- item = (SECItem *)(state->dest);
- PORT_Assert (item != NULL);
-
- PORT_Assert (item->len == consumed);
-
- /*
- * Free any grandchild.
- */
- sec_asn1d_free_child (child, PR_FALSE);
-
- /*
- * Notify after the SAVE field.
- */
- sec_asn1d_notify_after (state->top, state->dest, state->depth);
-
- /*
- * Adjust to get new dest and move forward.
- */
- dest = (char *)state->dest - state->theTemplate->offset;
- state->theTemplate++;
- child->dest = (char *)dest + state->theTemplate->offset;
- child->theTemplate = state->theTemplate;
-
- /*
- * Notify before the "real" field.
- */
- PORT_Assert (state->depth == child->depth);
- sec_asn1d_notify_before (state->top, child->dest, child->depth);
-
- /*
- * This will tell DecoderUpdate to return when it is done.
- */
- state->place = afterSaveEncoding;
-
- /*
- * We already have a child; "push" it by making it current.
- */
- state->top->current = child;
-
- /*
- * And initialize it so it is ready to parse.
- */
- (void) sec_asn1d_init_state_based_on_template(child);
-
- /*
- * Now parse that out of our data.
- */
- if (SEC_ASN1DecoderUpdate (state->top,
- (char *) item->data, item->len) != SECSuccess)
- return;
-
- PORT_Assert (state->top->current == state);
- PORT_Assert (state->child == child);
-
- /*
- * That should have consumed what we consumed before.
- */
- PORT_Assert (consumed == child->consumed);
- child->consumed = 0;
-
- /*
- * Done.
- */
- state->consumed += consumed;
- child->place = notInUse;
- state->place = afterEndOfContents;
-}
-
-
-static unsigned long
-sec_asn1d_parse_leaf (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- SECItem *item;
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- if (state->pending < len)
- len = state->pending;
-
- item = (SECItem *)(state->dest);
- if (item != NULL && item->data != NULL) {
- PORT_Memcpy (item->data + item->len, buf, len);
- item->len += len;
- }
- state->pending -= len;
- if (state->pending == 0)
- state->place = beforeEndOfContents;
-
- return len;
-}
-
-
-static unsigned long
-sec_asn1d_parse_bit_string (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- unsigned char byte;
-
- /*PORT_Assert (state->pending > 0); */
- PORT_Assert (state->place == beforeBitString);
-
- if (state->pending == 0) {
- if (state->dest != NULL) {
- SECItem *item = (SECItem *)(state->dest);
- item->data = NULL;
- item->len = 0;
- state->place = beforeEndOfContents;
- return 0;
- }
- }
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- byte = (unsigned char) *buf;
- if (byte > 7) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return 0;
- }
-
- state->bit_string_unused_bits = byte;
- state->place = duringBitString;
- state->pending -= 1;
-
- return 1;
-}
-
-
-static unsigned long
-sec_asn1d_parse_more_bit_string (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- PORT_Assert (state->pending > 0);
- PORT_Assert (state->place == duringBitString);
-
- len = sec_asn1d_parse_leaf (state, buf, len);
- if (state->place == beforeEndOfContents && state->dest != NULL) {
- SECItem *item;
-
- item = (SECItem *)(state->dest);
- if (item->len)
- item->len = (item->len << 3) - state->bit_string_unused_bits;
- }
-
- return len;
-}
-
-
-/*
- * XXX All callers should be looking at return value to detect
- * out-of-memory errors (and stop!).
- */
-static struct subitem *
-sec_asn1d_add_to_subitems (sec_asn1d_state *state,
- const void *data, unsigned long len,
- PRBool copy_data)
-{
- struct subitem *thing;
-
- thing = (struct subitem*)sec_asn1d_zalloc (state->top->our_pool,
- sizeof (struct subitem));
- if (thing == NULL) {
- state->top->status = decodeError;
- return NULL;
- }
-
- if (copy_data) {
- void *copy;
- copy = sec_asn1d_alloc (state->top->our_pool, len);
- if (copy == NULL) {
- state->top->status = decodeError;
- return NULL;
- }
- PORT_Memcpy (copy, data, len);
- thing->data = copy;
- } else {
- thing->data = data;
- }
- thing->len = len;
- thing->next = NULL;
-
- if (state->subitems_head == NULL) {
- PORT_Assert (state->subitems_tail == NULL);
- state->subitems_head = state->subitems_tail = thing;
- } else {
- state->subitems_tail->next = thing;
- state->subitems_tail = thing;
- }
-
- return thing;
-}
-
-
-static void
-sec_asn1d_record_any_header (sec_asn1d_state *state,
- const char *buf,
- unsigned long len)
-{
- SECItem *item;
-
- item = (SECItem *)(state->dest);
- if (item != NULL && item->data != NULL) {
- PORT_Assert (state->substring);
- PORT_Memcpy (item->data + item->len, buf, len);
- item->len += len;
- } else {
- sec_asn1d_add_to_subitems (state, buf, len, PR_TRUE);
- }
-}
-
-
-/*
- * We are moving along through the substrings of a constructed string,
- * and have just finished parsing one -- we need to save our child data
- * (if the child was not already writing directly into the destination)
- * and then move forward by one.
- *
- * We also have to detect when we are done:
- * - a definite-length encoding stops when our pending value hits 0
- * - an indefinite-length encoding stops when our child is empty
- * (which means it was the end-of-contents octets)
- */
-static void
-sec_asn1d_next_substring (sec_asn1d_state *state)
-{
- sec_asn1d_state *child;
- SECItem *item;
- unsigned long child_consumed;
- PRBool done;
-
- PORT_Assert (state->place == duringConstructedString);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- child_consumed = child->consumed;
- child->consumed = 0;
- state->consumed += child_consumed;
-
- done = PR_FALSE;
-
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- PORT_Assert (child_consumed <= state->pending);
-
- state->pending -= child_consumed;
- if (state->pending == 0)
- done = PR_TRUE;
- } else {
- PORT_Assert (state->indefinite);
-
- item = (SECItem *)(child->dest);
- if (item != NULL && item->data != NULL) {
- /*
- * Save the string away for later concatenation.
- */
- PORT_Assert (item->data != NULL);
- sec_asn1d_add_to_subitems (state, item->data, item->len, PR_FALSE);
- /*
- * Clear the child item for the next round.
- */
- item->data = NULL;
- item->len = 0;
- }
-
- /*
- * If our child was just our end-of-contents octets, we are done.
- */
- if (child->endofcontents)
- done = PR_TRUE;
- }
-
- /*
- * Stop or do the next one.
- */
- if (done) {
- child->place = notInUse;
- state->place = afterConstructedString;
- } else {
- sec_asn1d_scrub_state (child);
- state->top->current = child;
- }
-}
-
-
-/*
- * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
- */
-static void
-sec_asn1d_next_in_group (sec_asn1d_state *state)
-{
- sec_asn1d_state *child;
- unsigned long child_consumed;
-
- PORT_Assert (state->place == duringGroup);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- child_consumed = child->consumed;
- child->consumed = 0;
- state->consumed += child_consumed;
-
- /*
- * If our child was just our end-of-contents octets, we are done.
- */
- if (child->endofcontents) {
- /* XXX I removed the PORT_Assert (child->dest == NULL) because there
- * was a bug in that a template that was a sequence of which also had
- * a child of a sequence of, in an indefinite group was not working
- * properly. This fix seems to work, (added the if statement below),
- * and nothing appears broken, but I am putting this note here just
- * in case. */
- /*
- * XXX No matter how many times I read that comment,
- * I cannot figure out what case he was fixing. I believe what he
- * did was deliberate, so I am loathe to touch it. I need to
- * understand how it could ever be that child->dest != NULL but
- * child->endofcontents is true, and why it is important to check
- * that state->subitems_head is NULL. This really needs to be
- * figured out, as I am not sure if the following code should be
- * compensating for "offset", as is done a little farther below
- * in the more normal case.
- */
- PORT_Assert (state->indefinite);
- PORT_Assert (state->pending == 0);
- if(child->dest && !state->subitems_head) {
- sec_asn1d_add_to_subitems (state, child->dest, 0, PR_FALSE);
- child->dest = NULL;
- }
-
- child->place = notInUse;
- state->place = afterGroup;
- return;
- }
-
- /*
- * Do the "after" field notification for next in group.
- */
- sec_asn1d_notify_after (state->top, child->dest, child->depth);
-
- /*
- * Save it away (unless we are not storing).
- */
- if (child->dest != NULL) {
- void *dest;
-
- dest = child->dest;
- dest = (char *)dest - child->theTemplate->offset;
- sec_asn1d_add_to_subitems (state, dest, 0, PR_FALSE);
- child->dest = NULL;
- }
-
- /*
- * Account for those bytes; see if we are done.
- */
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- PORT_Assert (child_consumed <= state->pending);
-
- state->pending -= child_consumed;
- if (state->pending == 0) {
- child->place = notInUse;
- state->place = afterGroup;
- return;
- }
- }
-
- /*
- * Do the "before" field notification for next item in group.
- */
- sec_asn1d_notify_before (state->top, child->dest, child->depth);
-
- /*
- * Now we do the next one.
- */
- sec_asn1d_scrub_state (child);
-
- /* Initialize child state from the template */
- sec_asn1d_init_state_based_on_template(child);
-
- state->top->current = child;
-}
-
-
-/*
- * We are moving along through a sequence; move forward by one,
- * (detecting end-of-sequence when it happens).
- * XXX The handling of "missing" is ugly. Fix it.
- */
-static void
-sec_asn1d_next_in_sequence (sec_asn1d_state *state)
-{
- sec_asn1d_state *child;
- unsigned long child_consumed;
- PRBool child_missing;
-
- PORT_Assert (state->place == duringSequence);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- /*
- * Do the "after" field notification.
- */
- sec_asn1d_notify_after (state->top, child->dest, child->depth);
-
- child_missing = (PRBool) child->missing;
- child_consumed = child->consumed;
- child->consumed = 0;
-
- /*
- * Take care of accounting.
- */
- if (child_missing) {
- PORT_Assert (child->optional);
- } else {
- state->consumed += child_consumed;
- /*
- * Free any grandchild.
- */
- sec_asn1d_free_child (child, PR_FALSE);
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- PORT_Assert (child_consumed <= state->pending);
- state->pending -= child_consumed;
- if (state->pending == 0) {
- child->theTemplate++;
- while (child->theTemplate->kind != 0) {
- if ((child->theTemplate->kind & SEC_ASN1_OPTIONAL) == 0) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return;
- }
- child->theTemplate++;
- }
- child->place = notInUse;
- state->place = afterEndOfContents;
- return;
- }
- }
- }
-
- /*
- * Move forward.
- */
- child->theTemplate++;
- if (child->theTemplate->kind == 0) {
- /*
- * We are done with this sequence.
- */
- child->place = notInUse;
- if (state->pending) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- } else if (child_missing) {
- /*
- * We got to the end, but have a child that started parsing
- * and ended up "missing". The only legitimate reason for
- * this is that we had one or more optional fields at the
- * end of our sequence, and we were encoded indefinite-length,
- * so when we went looking for those optional fields we
- * found our end-of-contents octets instead.
- * (Yes, this is ugly; dunno a better way to handle it.)
- * So, first confirm the situation, and then mark that we
- * are done.
- */
- if (state->indefinite && child->endofcontents) {
- PORT_Assert (child_consumed == 2);
- state->consumed += child_consumed;
- state->place = afterEndOfContents;
- } else {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- }
- } else {
- /*
- * We have to finish out, maybe reading end-of-contents octets;
- * let the normal logic do the right thing.
- */
- state->place = beforeEndOfContents;
- }
- } else {
- unsigned char child_found_tag_modifiers = 0;
- unsigned long child_found_tag_number = 0;
-
- /*
- * Reset state and push.
- */
- if (state->dest != NULL)
- child->dest = (char *)state->dest + child->theTemplate->offset;
-
- /*
- * Do the "before" field notification.
- */
- sec_asn1d_notify_before (state->top, child->dest, child->depth);
-
- if (child_missing) { /* if previous child was missing, copy the tag data we already have */
- child_found_tag_modifiers = child->found_tag_modifiers;
- child_found_tag_number = child->found_tag_number;
- }
- state->top->current = child;
- child = sec_asn1d_init_state_based_on_template (child);
- if (child_missing) {
- child->place = afterIdentifier;
- child->found_tag_modifiers = child_found_tag_modifiers;
- child->found_tag_number = child_found_tag_number;
- child->consumed = child_consumed;
- if (child->underlying_kind == SEC_ASN1_ANY
- && !child->top->filter_only) {
- /*
- * If the new field is an ANY, and we are storing, then
- * we need to save the tag out. We would have done this
- * already in the normal case, but since we were looking
- * for an optional field, and we did not find it, we only
- * now realize we need to save the tag.
- */
- unsigned char identifier;
-
- /*
- * Check that we did not end up with a high tag; for that
- * we need to re-encode the tag into multiple bytes in order
- * to store it back to look like what we parsed originally.
- * In practice this does not happen, but for completeness
- * sake it should probably be made to work at some point.
- */
- PORT_Assert (child_found_tag_number < SEC_ASN1_HIGH_TAG_NUMBER);
- identifier = child_found_tag_modifiers | child_found_tag_number;
- sec_asn1d_record_any_header (child, (char *) &identifier, 1);
- }
- }
- }
-}
-
-
-static void
-sec_asn1d_concat_substrings (sec_asn1d_state *state)
-{
- PORT_Assert (state->place == afterConstructedString);
-
- if (state->subitems_head != NULL) {
- struct subitem *substring;
- unsigned long alloc_len, item_len;
- unsigned char *where;
- SECItem *item;
- PRBool is_bit_string;
-
- item_len = 0;
- is_bit_string = (state->underlying_kind == SEC_ASN1_BIT_STRING)
- ? PR_TRUE : PR_FALSE;
-
- substring = state->subitems_head;
- while (substring != NULL) {
- /*
- * All bit-string substrings except the last one should be
- * a clean multiple of 8 bits.
- */
- if (is_bit_string && (substring->next == NULL)
- && (substring->len & 0x7)) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return;
- }
- item_len += substring->len;
- substring = substring->next;
- }
-
- if (is_bit_string) {
-#ifdef XP_WIN16 /* win16 compiler gets an internal error otherwise */
- alloc_len = (((long)item_len + 7) / 8);
-#else
- alloc_len = ((item_len + 7) >> 3);
-#endif
- } else {
- /*
- * Add 2 for the end-of-contents octets of an indefinite-length
- * ANY that is *not* also an INNER. Because we zero-allocate
- * below, all we need to do is increase the length here.
- */
- if (state->underlying_kind == SEC_ASN1_ANY && state->indefinite)
- item_len += 2;
- alloc_len = item_len;
- }
-
- item = (SECItem *)(state->dest);
- PORT_Assert (item != NULL);
- PORT_Assert (item->data == NULL);
- item->data = (unsigned char*)sec_asn1d_zalloc (state->top->their_pool,
- alloc_len);
- if (item->data == NULL) {
- state->top->status = decodeError;
- return;
- }
- item->len = item_len;
-
- where = item->data;
- substring = state->subitems_head;
- while (substring != NULL) {
- if (is_bit_string)
- item_len = (substring->len + 7) >> 3;
- else
- item_len = substring->len;
- PORT_Memcpy (where, substring->data, item_len);
- where += item_len;
- substring = substring->next;
- }
-
- /*
- * Because we use arenas and have a mark set, we later free
- * everything we have allocated, so this does *not* present
- * a memory leak (it is just temporarily left dangling).
- */
- state->subitems_head = state->subitems_tail = NULL;
- }
-
- state->place = afterEndOfContents;
-}
-
-
-static void
-sec_asn1d_concat_group (sec_asn1d_state *state)
-{
- const void ***placep;
-
- PORT_Assert (state->place == afterGroup);
-
- placep = (const void***)state->dest;
- if (state->subitems_head != NULL) {
- struct subitem *item;
- const void **group;
- int count;
-
- count = 0;
- item = state->subitems_head;
- while (item != NULL) {
- PORT_Assert (item->next != NULL || item == state->subitems_tail);
- count++;
- item = item->next;
- }
-
- group = (const void**)sec_asn1d_zalloc (state->top->their_pool,
- (count + 1) * (sizeof(void *)));
- if (group == NULL) {
- state->top->status = decodeError;
- return;
- }
-
- PORT_Assert (placep != NULL);
- *placep = group;
-
- item = state->subitems_head;
- while (item != NULL) {
- *group++ = item->data;
- item = item->next;
- }
- *group = NULL;
-
- /*
- * Because we use arenas and have a mark set, we later free
- * everything we have allocated, so this does *not* present
- * a memory leak (it is just temporarily left dangling).
- */
- state->subitems_head = state->subitems_tail = NULL;
- } else if (placep != NULL) {
- *placep = NULL;
- }
-
- state->place = afterEndOfContents;
-}
-
-
-/*
- * For those states that push a child to handle a subtemplate,
- * "absorb" that child (transfer necessary information).
- */
-static void
-sec_asn1d_absorb_child (sec_asn1d_state *state)
-{
- /*
- * There is absolutely supposed to be a child there.
- */
- PORT_Assert (state->child != NULL);
-
- /*
- * Inherit the missing status of our child, and do the ugly
- * backing-up if necessary.
- * (Only IMPLICIT or POINTER should encounter such; all other cases
- * should have confirmed a tag *before* pushing a child.)
- */
- state->missing = state->child->missing;
- if (state->missing) {
- PORT_Assert (state->place == afterImplicit
- || state->place == afterPointer);
- state->found_tag_number = state->child->found_tag_number;
- state->found_tag_modifiers = state->child->found_tag_modifiers;
- state->endofcontents = state->child->endofcontents;
- }
-
- /*
- * Add in number of bytes consumed by child.
- * (Only EXPLICIT should have already consumed bytes itself.)
- */
- PORT_Assert (state->place == afterExplicit || state->consumed == 0);
- state->consumed += state->child->consumed;
-
- /*
- * Subtract from bytes pending; this only applies to a definite-length
- * EXPLICIT field.
- */
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- PORT_Assert (state->place == afterExplicit);
-
- /*
- * If we had a definite-length explicit, then what the child
- * consumed should be what was left pending.
- */
- if (state->pending != state->child->consumed) {
- if (state->pending < state->child->consumed) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return;
- }
- /*
- * Okay, this is a hack. It *should* be an error whether
- * pending is too big or too small, but it turns out that
- * we had a bug in our *old* DER encoder that ended up
- * counting an explicit header twice in the case where
- * the underlying type was an ANY. So, because we cannot
- * prevent receiving these (our own certificate server can
- * send them to us), we need to be lenient and accept them.
- * To do so, we need to pretend as if we read all of the
- * bytes that the header said we would find, even though
- * we actually came up short.
- */
- state->consumed += (state->pending - state->child->consumed);
- }
- state->pending = 0;
- }
-
- /*
- * Indicate that we are done with child.
- */
- state->child->consumed = 0;
-
- /*
- * And move on to final state.
- * (Technically everybody could move to afterEndOfContents except
- * for an indefinite-length EXPLICIT; for simplicity though we assert
- * that but let the end-of-contents code do the real determination.)
- */
- PORT_Assert (state->place == afterExplicit || (! state->indefinite));
- state->place = beforeEndOfContents;
-}
-
-
-static void
-sec_asn1d_prepare_for_end_of_contents (sec_asn1d_state *state)
-{
- PORT_Assert (state->place == beforeEndOfContents);
-
- if (state->indefinite) {
- state->place = duringEndOfContents;
- state->pending = 2;
- } else {
- state->place = afterEndOfContents;
- }
-}
-
-
-static unsigned long
-sec_asn1d_parse_end_of_contents (sec_asn1d_state *state,
- const char *buf, unsigned long len)
-{
- int i;
-
- PORT_Assert (state->pending <= 2);
- PORT_Assert (state->place == duringEndOfContents);
-
- if (len == 0) {
- state->top->status = needBytes;
- return 0;
- }
-
- if (state->pending < len)
- len = state->pending;
-
- for (i = 0; i < len; i++) {
- if (buf[i] != 0) {
- /*
- * We expect to find only zeros; if not, just give up.
- */
- PORT_SetError (SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return 0;
- }
- }
-
- state->pending -= len;
-
- if (state->pending == 0) {
- state->place = afterEndOfContents;
- state->endofcontents = PR_TRUE;
- }
-
- return len;
-}
-
-
-static void
-sec_asn1d_pop_state (sec_asn1d_state *state)
-{
-#if 0 /* XXX I think this should always be handled explicitly by parent? */
- /*
- * Account for our child.
- */
- if (state->child != NULL) {
- state->consumed += state->child->consumed;
- if (state->pending) {
- PORT_Assert (!state->indefinite);
- PORT_Assert (state->child->consumed <= state->pending);
- state->pending -= state->child->consumed;
- }
- state->child->consumed = 0;
- }
-#endif /* XXX */
-
- /*
- * Free our child.
- */
- sec_asn1d_free_child (state, PR_FALSE);
-
- /*
- * Just make my parent be the current state. It will then clean
- * up after me and free me (or reuse me).
- */
- state->top->current = state->parent;
-}
-
-static sec_asn1d_state *
-sec_asn1d_before_choice
-(
- sec_asn1d_state *state
-)
-{
- sec_asn1d_state *child;
-
- if( state->allocate ) {
- void *dest;
-
- dest = sec_asn1d_zalloc(state->top->their_pool, state->theTemplate->size);
- if( (void *)NULL == dest ) {
- state->top->status = decodeError;
- return (sec_asn1d_state *)NULL;
- }
-
- state->dest = (char *)dest + state->theTemplate->offset;
- }
-
- child = sec_asn1d_push_state(state->top, state->theTemplate + 1,
- state->dest, PR_FALSE);
- if( (sec_asn1d_state *)NULL == child ) {
- return (sec_asn1d_state *)NULL;
- }
-
- sec_asn1d_scrub_state(child);
- child = sec_asn1d_init_state_based_on_template(child);
- if( (sec_asn1d_state *)NULL == child ) {
- return (sec_asn1d_state *)NULL;
- }
-
- child->optional = PR_TRUE;
-
- state->place = duringChoice;
-
- return child;
-}
-
-static sec_asn1d_state *
-sec_asn1d_during_choice
-(
- sec_asn1d_state *state
-)
-{
- sec_asn1d_state *child = state->child;
-
- PORT_Assert((sec_asn1d_state *)NULL != child);
-
- if( child->missing ) {
- unsigned char child_found_tag_modifiers = 0;
- unsigned long child_found_tag_number = 0;
-
- child->theTemplate++;
-
- if( 0 == child->theTemplate->kind ) {
- /* Ran out of choices */
- PORT_SetError(SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return (sec_asn1d_state *)NULL;
- }
-
- state->consumed += child->consumed;
-
- /* cargo'd from next_in_sequence innards */
- if( state->pending ) {
- PORT_Assert(!state->indefinite);
- PORT_Assert(child->consumed <= state->pending);
- state->pending -= child->consumed;
- if( 0 == state->pending ) {
- /* XXX uh.. not sure if I should have stopped this
- * from happening before. */
- PORT_Assert(0);
- PORT_SetError(SEC_ERROR_BAD_DER);
- state->top->status = decodeError;
- return (sec_asn1d_state *)NULL;
- }
- }
-
- child->consumed = 0;
- sec_asn1d_scrub_state(child);
-
- /* move it on top again */
- state->top->current = child;
-
- child_found_tag_modifiers = child->found_tag_modifiers;
- child_found_tag_number = child->found_tag_number;
-
- child = sec_asn1d_init_state_based_on_template(child);
- if( (sec_asn1d_state *)NULL == child ) {
- return (sec_asn1d_state *)NULL;
- }
-
- /* copy our findings to the new top */
- child->found_tag_modifiers = child_found_tag_modifiers;
- child->found_tag_number = child_found_tag_number;
-
- child->optional = PR_TRUE;
- child->place = afterIdentifier;
-
- return child;
- } else {
- if( (void *)NULL != state->dest ) {
- /* Store the enum */
- int *which = (int *)((char *)state->dest + state->theTemplate->offset);
- *which = (int)child->theTemplate->size;
- }
-
- child->place = notInUse;
-
- state->place = afterChoice;
- return state;
- }
-}
-
-static void
-sec_asn1d_after_choice
-(
- sec_asn1d_state *state
-)
-{
- state->consumed += state->child->consumed;
- state->child->consumed = 0;
- state->place = afterEndOfContents;
- sec_asn1d_pop_state(state);
-}
-
-unsigned long
-sec_asn1d_uinteger(SECItem *src)
-{
- unsigned long value;
- int len;
-
- if (src->len > 5 || (src->len > 4 && src->data[0] == 0))
- return 0;
-
- value = 0;
- len = src->len;
- while (len) {
- value <<= 8;
- value |= src->data[--len];
- }
- return value;
-}
-
-SECStatus
-SEC_ASN1DecodeInteger(SECItem *src, unsigned long *value)
-{
- unsigned long v;
- int i;
-
- if (src == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (src->len > sizeof(unsigned long)) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (src->data == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
-
- if (src->data[0] & 0x80)
- v = -1; /* signed and negative - start with all 1's */
- else
- v = 0;
-
- for (i= 0; i < src->len; i++) {
- /* shift in next byte */
- v <<= 8;
- v |= src->data[i];
- }
- *value = v;
- return SECSuccess;
-}
-
-#ifdef DEBUG_ASN1D_STATES
-static void
-dump_states
-(
- SEC_ASN1DecoderContext *cx
-)
-{
- sec_asn1d_state *state;
-
- for( state = cx->current; state->parent; state = state->parent ) {
- ;
- }
-
- for( ; state; state = state->child ) {
- int i;
- for( i = 0; i < state->depth; i++ ) {
- printf(" ");
- }
-
- printf("%s: template[0]->kind = 0x%02x, expect tag number = 0x%02x\n",
- (state == cx->current) ? "STATE" : "State",
- state->theTemplate->kind, state->expect_tag_number);
- }
-
- return;
-}
-#endif /* DEBUG_ASN1D_STATES */
-
-SECStatus
-SEC_ASN1DecoderUpdate (SEC_ASN1DecoderContext *cx,
- const char *buf, unsigned long len)
-{
- sec_asn1d_state *state = NULL;
- unsigned long consumed;
- SEC_ASN1EncodingPart what;
- sec_asn1d_state *stateEnd = cx->current;
-
- if (cx->status == needBytes)
- cx->status = keepGoing;
-
- while (cx->status == keepGoing) {
- state = cx->current;
- what = SEC_ASN1_Contents;
- consumed = 0;
-#ifdef DEBUG_ASN1D_STATES
- printf("\nPLACE = %s, next byte = 0x%02x\n",
- (state->place >= 0 && state->place <= notInUse) ?
- place_names[ state->place ] : "(undefined)",
- (unsigned int)((unsigned char *)buf)[ consumed ]);
- dump_states(cx);
-#endif /* DEBUG_ASN1D_STATES */
- switch (state->place) {
- case beforeIdentifier:
- consumed = sec_asn1d_parse_identifier (state, buf, len);
- what = SEC_ASN1_Identifier;
- break;
- case duringIdentifier:
- consumed = sec_asn1d_parse_more_identifier (state, buf, len);
- what = SEC_ASN1_Identifier;
- break;
- case afterIdentifier:
- sec_asn1d_confirm_identifier (state);
- break;
- case beforeLength:
- consumed = sec_asn1d_parse_length (state, buf, len);
- what = SEC_ASN1_Length;
- break;
- case duringLength:
- consumed = sec_asn1d_parse_more_length (state, buf, len);
- what = SEC_ASN1_Length;
- break;
- case afterLength:
- sec_asn1d_prepare_for_contents (state);
- break;
- case beforeBitString:
- consumed = sec_asn1d_parse_bit_string (state, buf, len);
- break;
- case duringBitString:
- consumed = sec_asn1d_parse_more_bit_string (state, buf, len);
- break;
- case duringConstructedString:
- sec_asn1d_next_substring (state);
- break;
- case duringGroup:
- sec_asn1d_next_in_group (state);
- break;
- case duringLeaf:
- consumed = sec_asn1d_parse_leaf (state, buf, len);
- break;
- case duringSaveEncoding:
- sec_asn1d_reuse_encoding (state);
- break;
- case duringSequence:
- sec_asn1d_next_in_sequence (state);
- break;
- case afterConstructedString:
- sec_asn1d_concat_substrings (state);
- break;
- case afterExplicit:
- case afterImplicit:
- case afterInline:
- case afterPointer:
- sec_asn1d_absorb_child (state);
- break;
- case afterGroup:
- sec_asn1d_concat_group (state);
- break;
- case afterSaveEncoding:
- /* XXX comment! */
- return SECSuccess;
- case beforeEndOfContents:
- sec_asn1d_prepare_for_end_of_contents (state);
- break;
- case duringEndOfContents:
- consumed = sec_asn1d_parse_end_of_contents (state, buf, len);
- what = SEC_ASN1_EndOfContents;
- break;
- case afterEndOfContents:
- sec_asn1d_pop_state (state);
- break;
- case beforeChoice:
- state = sec_asn1d_before_choice(state);
- break;
- case duringChoice:
- state = sec_asn1d_during_choice(state);
- break;
- case afterChoice:
- sec_asn1d_after_choice(state);
- break;
- case notInUse:
- default:
- /* This is not an error, but rather a plain old BUG! */
- PORT_Assert (0);
- PORT_SetError (SEC_ERROR_BAD_DER);
- cx->status = decodeError;
- break;
- }
-
- if (cx->status == decodeError)
- break;
-
- /* We should not consume more than we have. */
- PORT_Assert (consumed <= len);
-
- /* It might have changed, so we have to update our local copy. */
- state = cx->current;
-
- /* If it is NULL, we have popped all the way to the top. */
- if (state == NULL) {
- PORT_Assert (consumed == 0);
-#if 0 /* XXX I want this here, but it seems that we have situations (like
- * downloading a pkcs7 cert chain from some issuers) that give us a
- * length which is greater than the entire encoding. So, we cannot
- * have this be an error.
- */
- if (len > 0)
- cx->status = decodeError;
- else
-#endif
- cx->status = allDone;
- break;
- }
- else if (state->theTemplate->kind == SEC_ASN1_SKIP_REST) {
- cx->status = allDone;
- break;
- }
-
- if (consumed == 0)
- continue;
-
- /*
- * The following check is specifically looking for an ANY
- * that is *not* also an INNER, because we need to save aside
- * all bytes in that case -- the contents parts will get
- * handled like all other contents, and the end-of-contents
- * bytes are added by the concat code, but the outer header
- * bytes need to get saved too, so we do them explicitly here.
- */
- if (state->underlying_kind == SEC_ASN1_ANY
- && !cx->filter_only && (what == SEC_ASN1_Identifier
- || what == SEC_ASN1_Length)) {
- sec_asn1d_record_any_header (state, buf, consumed);
- }
-
- /*
- * We had some number of good, accepted bytes. If the caller
- * has registered to see them, pass them along.
- */
- if (state->top->filter_proc != NULL) {
- int depth;
-
- depth = state->depth;
- if (what == SEC_ASN1_EndOfContents && !state->indefinite) {
- PORT_Assert (state->parent != NULL
- && state->parent->indefinite);
- depth--;
- PORT_Assert (depth == state->parent->depth);
- }
- (* state->top->filter_proc) (state->top->filter_arg,
- buf, consumed, depth, what);
- }
-
- state->consumed += consumed;
- buf += consumed;
- len -= consumed;
- }
-
- if (cx->status == decodeError) {
- while (state != NULL && stateEnd->parent!=state) {
- sec_asn1d_free_child (state, PR_TRUE);
- state = state->parent;
- }
-#ifdef SEC_ASN1D_FREE_ON_ERROR /*
- * XXX This does not work because we can
- * end up leaving behind dangling pointers
- * to stuff that was allocated. In order
- * to make this really work (which would
- * be a good thing, I think), we need to
- * keep track of every place/pointer that
- * was allocated and make sure to NULL it
- * out before we then free back to the mark.
- */
- if (cx->their_pool != NULL) {
- PORT_Assert (cx->their_mark != NULL);
- PORT_ArenaRelease (cx->their_pool, cx->their_mark);
- }
-#endif
- return SECFailure;
- }
-
-#if 0 /* XXX This is what I want, but cannot have because it seems we
- * have situations (like when downloading a pkcs7 cert chain from
- * some issuers) that give us a total length which is greater than
- * the entire encoding. So, we have to allow allDone to have a
- * remaining length greater than zero. I wanted to catch internal
- * bugs with this, noticing when we do not have the right length.
- * Oh well.
- */
- PORT_Assert (len == 0
- && (cx->status == needBytes || cx->status == allDone));
-#else
- PORT_Assert ((len == 0 && cx->status == needBytes)
- || cx->status == allDone);
-#endif
- return SECSuccess;
-}
-
-
-SECStatus
-SEC_ASN1DecoderFinish (SEC_ASN1DecoderContext *cx)
-{
- SECStatus rv;
-
- if (cx->status == needBytes) {
- PORT_SetError (SEC_ERROR_BAD_DER);
- rv = SECFailure;
- } else {
- rv = SECSuccess;
- }
-
- /*
- * XXX anything else that needs to be finished?
- */
-
- PORT_FreeArena (cx->our_pool, PR_FALSE);
-
- return rv;
-}
-
-
-SEC_ASN1DecoderContext *
-SEC_ASN1DecoderStart (PRArenaPool *their_pool, void *dest,
- const SEC_ASN1Template *theTemplate)
-{
- PRArenaPool *our_pool;
- SEC_ASN1DecoderContext *cx;
-
- our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL)
- return NULL;
-
- cx = (SEC_ASN1DecoderContext*)PORT_ArenaZAlloc (our_pool, sizeof(*cx));
- if (cx == NULL) {
- PORT_FreeArena (our_pool, PR_FALSE);
- return NULL;
- }
-
- cx->our_pool = our_pool;
- if (their_pool != NULL) {
- cx->their_pool = their_pool;
-#ifdef SEC_ASN1D_FREE_ON_ERROR
- cx->their_mark = PORT_ArenaMark (their_pool);
-#endif
- }
-
- cx->status = needBytes;
-
- if (sec_asn1d_push_state(cx, theTemplate, dest, PR_FALSE) == NULL
- || sec_asn1d_init_state_based_on_template (cx->current) == NULL) {
- /*
- * Trouble initializing (probably due to failed allocations)
- * requires that we just give up.
- */
- PORT_FreeArena (our_pool, PR_FALSE);
- return NULL;
- }
-
- return cx;
-}
-
-
-void
-SEC_ASN1DecoderSetFilterProc (SEC_ASN1DecoderContext *cx,
- SEC_ASN1WriteProc fn, void *arg,
- PRBool only)
-{
- /* check that we are "between" fields here */
- PORT_Assert (cx->during_notify);
-
- cx->filter_proc = fn;
- cx->filter_arg = arg;
- cx->filter_only = only;
-}
-
-
-void
-SEC_ASN1DecoderClearFilterProc (SEC_ASN1DecoderContext *cx)
-{
- /* check that we are "between" fields here */
- PORT_Assert (cx->during_notify);
-
- cx->filter_proc = NULL;
- cx->filter_arg = NULL;
- cx->filter_only = PR_FALSE;
-}
-
-
-void
-SEC_ASN1DecoderSetNotifyProc (SEC_ASN1DecoderContext *cx,
- SEC_ASN1NotifyProc fn, void *arg)
-{
- cx->notify_proc = fn;
- cx->notify_arg = arg;
-}
-
-
-void
-SEC_ASN1DecoderClearNotifyProc (SEC_ASN1DecoderContext *cx)
-{
- cx->notify_proc = NULL;
- cx->notify_arg = NULL; /* not necessary; just being clean */
-}
-
-
-SECStatus
-SEC_ASN1Decode (PRArenaPool *poolp, void *dest,
- const SEC_ASN1Template *theTemplate,
- const char *buf, long len)
-{
- SEC_ASN1DecoderContext *dcx;
- SECStatus urv, frv;
-
- dcx = SEC_ASN1DecoderStart (poolp, dest, theTemplate);
- if (dcx == NULL)
- return SECFailure;
-
- urv = SEC_ASN1DecoderUpdate (dcx, buf, len);
- frv = SEC_ASN1DecoderFinish (dcx);
-
- if (urv != SECSuccess)
- return urv;
-
- return frv;
-}
-
-
-SECStatus
-SEC_ASN1DecodeItem (PRArenaPool *poolp, void *dest,
- const SEC_ASN1Template *theTemplate,
- SECItem *item)
-{
- return SEC_ASN1Decode (poolp, dest, theTemplate,
- (char *) item->data, item->len);
-}
-
-
-/*
- * Generic templates for individual/simple items and pointers to
- * and sets of same.
- *
- * If you need to add a new one, please note the following:
- * - For each new basic type you should add *four* templates:
- * one plain, one PointerTo, one SequenceOf and one SetOf.
- * - If the new type can be constructed (meaning, it is a
- * *string* type according to BER/DER rules), then you should
- * or-in SEC_ASN1_MAY_STREAM to the type in the basic template.
- * See the definition of the OctetString template for an example.
- * - It may not be obvious, but these are in *alphabetical*
- * order based on the SEC_ASN1_XXX name; so put new ones in
- * the appropriate place.
- */
-
-const SEC_ASN1Template SEC_AnyTemplate[] = {
- { SEC_ASN1_ANY | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToAnyTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_AnyTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfAnyTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_AnyTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfAnyTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_AnyTemplate }
-};
-
-const SEC_ASN1Template SEC_BitStringTemplate[] = {
- { SEC_ASN1_BIT_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToBitStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_BitStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfBitStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_BitStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfBitStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_BitStringTemplate }
-};
-
-const SEC_ASN1Template SEC_BMPStringTemplate[] = {
- { SEC_ASN1_BMP_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToBMPStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_BMPStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfBMPStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_BMPStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfBMPStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_BMPStringTemplate }
-};
-
-const SEC_ASN1Template SEC_BooleanTemplate[] = {
- { SEC_ASN1_BOOLEAN, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToBooleanTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_BooleanTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfBooleanTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_BooleanTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfBooleanTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_BooleanTemplate }
-};
-
-const SEC_ASN1Template SEC_EnumeratedTemplate[] = {
- { SEC_ASN1_ENUMERATED, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToEnumeratedTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_EnumeratedTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfEnumeratedTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_EnumeratedTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfEnumeratedTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_EnumeratedTemplate }
-};
-
-const SEC_ASN1Template SEC_GeneralizedTimeTemplate[] = {
- { SEC_ASN1_GENERALIZED_TIME | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToGeneralizedTimeTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_GeneralizedTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfGeneralizedTimeTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_GeneralizedTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfGeneralizedTimeTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_GeneralizedTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_IA5StringTemplate[] = {
- { SEC_ASN1_IA5_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToIA5StringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_IA5StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfIA5StringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_IA5StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfIA5StringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_IA5StringTemplate }
-};
-
-const SEC_ASN1Template SEC_IntegerTemplate[] = {
- { SEC_ASN1_INTEGER, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToIntegerTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_IntegerTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfIntegerTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_IntegerTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfIntegerTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_IntegerTemplate }
-};
-
-const SEC_ASN1Template SEC_NullTemplate[] = {
- { SEC_ASN1_NULL, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToNullTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_NullTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfNullTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_NullTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfNullTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_NullTemplate }
-};
-
-const SEC_ASN1Template SEC_ObjectIDTemplate[] = {
- { SEC_ASN1_OBJECT_ID, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToObjectIDTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_ObjectIDTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfObjectIDTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_ObjectIDTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfObjectIDTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_ObjectIDTemplate }
-};
-
-const SEC_ASN1Template SEC_OctetStringTemplate[] = {
- { SEC_ASN1_OCTET_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToOctetStringTemplate[] = {
- { SEC_ASN1_POINTER | SEC_ASN1_MAY_STREAM, 0, SEC_OctetStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfOctetStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_OctetStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfOctetStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_OctetStringTemplate }
-};
-
-const SEC_ASN1Template SEC_PrintableStringTemplate[] = {
- { SEC_ASN1_PRINTABLE_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToPrintableStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_PrintableStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfPrintableStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_PrintableStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfPrintableStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_PrintableStringTemplate }
-};
-
-const SEC_ASN1Template SEC_T61StringTemplate[] = {
- { SEC_ASN1_T61_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToT61StringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_T61StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfT61StringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_T61StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfT61StringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_T61StringTemplate }
-};
-
-const SEC_ASN1Template SEC_UniversalStringTemplate[] = {
- { SEC_ASN1_UNIVERSAL_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToUniversalStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_UniversalStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfUniversalStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_UniversalStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfUniversalStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_UniversalStringTemplate }
-};
-
-const SEC_ASN1Template SEC_UTCTimeTemplate[] = {
- { SEC_ASN1_UTC_TIME | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToUTCTimeTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_UTCTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfUTCTimeTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_UTCTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfUTCTimeTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_UTCTimeTemplate }
-};
-
-const SEC_ASN1Template SEC_UTF8StringTemplate[] = {
- { SEC_ASN1_UTF8_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem)}
-};
-
-const SEC_ASN1Template SEC_PointerToUTF8StringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_UTF8StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfUTF8StringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_UTF8StringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfUTF8StringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_UTF8StringTemplate }
-};
-
-const SEC_ASN1Template SEC_VisibleStringTemplate[] = {
- { SEC_ASN1_VISIBLE_STRING | SEC_ASN1_MAY_STREAM, 0, NULL, sizeof(SECItem) }
-};
-
-const SEC_ASN1Template SEC_PointerToVisibleStringTemplate[] = {
- { SEC_ASN1_POINTER, 0, SEC_VisibleStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SequenceOfVisibleStringTemplate[] = {
- { SEC_ASN1_SEQUENCE_OF, 0, SEC_VisibleStringTemplate }
-};
-
-const SEC_ASN1Template SEC_SetOfVisibleStringTemplate[] = {
- { SEC_ASN1_SET_OF, 0, SEC_VisibleStringTemplate }
-};
-
-
-/*
- * Template for skipping a subitem.
- *
- * Note that it only makes sense to use this for decoding (when you want
- * to decode something where you are only interested in one or two of
- * the fields); you cannot encode a SKIP!
- */
-const SEC_ASN1Template SEC_SkipTemplate[] = {
- { SEC_ASN1_SKIP }
-};
-
-
-/* These functions simply return the address of the above-declared templates.
-** This is necessary for Windows DLLs. Sigh.
-*/
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_AnyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BMPStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BooleanTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_BitStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IA5StringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_GeneralizedTimeTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_IntegerTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_NullTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_ObjectIDTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_OctetStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToAnyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_PointerToOctetStringTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_SetOfAnyTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UTCTimeTemplate)
-SEC_ASN1_CHOOSER_IMPLEMENT(SEC_UTF8StringTemplate)
-
diff --git a/security/nss/lib/util/secasn1e.c b/security/nss/lib/util/secasn1e.c
deleted file mode 100644
index 8520a2afe..000000000
--- a/security/nss/lib/util/secasn1e.c
+++ /dev/null
@@ -1,1496 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support for ENcoding ASN.1 data based on BER/DER (Basic/Distinguished
- * Encoding Rules).
- *
- * $Id$
- */
-
-#include "secasn1.h"
-
-typedef enum {
- beforeHeader,
- duringContents,
- duringGroup,
- duringSequence,
- afterContents,
- afterImplicit,
- afterInline,
- afterPointer,
- afterChoice,
- notInUse
-} sec_asn1e_parse_place;
-
-typedef enum {
- allDone,
- encodeError,
- keepGoing,
- needBytes
-} sec_asn1e_parse_status;
-
-typedef struct sec_asn1e_state_struct {
- SEC_ASN1EncoderContext *top;
- const SEC_ASN1Template *theTemplate;
- void *src;
-
- struct sec_asn1e_state_struct *parent; /* aka prev */
- struct sec_asn1e_state_struct *child; /* aka next */
-
- sec_asn1e_parse_place place; /* where we are in encoding process */
-
- /*
- * XXX explain the next fields as clearly as possible...
- */
- unsigned char tag_modifiers;
- unsigned char tag_number;
- unsigned long underlying_kind;
-
- int depth;
-
- PRBool explicit, /* we are handling an explicit header */
- indefinite, /* need end-of-contents */
- is_string, /* encoding a simple string or an ANY */
- may_stream, /* when streaming, do indefinite encoding */
- optional, /* omit field if it has no contents */
- ignore_stream; /* ignore streaming value of sub-template */
-} sec_asn1e_state;
-
-/*
- * An "outsider" will have an opaque pointer to this, created by calling
- * SEC_ASN1EncoderStart(). It will be passed back in to all subsequent
- * calls to SEC_ASN1EncoderUpdate() and related routines, and when done
- * it is passed to SEC_ASN1EncoderFinish().
- */
-struct sec_EncoderContext_struct {
- PRArenaPool *our_pool; /* for our internal allocs */
-
- sec_asn1e_state *current;
- sec_asn1e_parse_status status;
-
- PRBool streaming;
- PRBool from_buf;
-
- SEC_ASN1NotifyProc notify_proc; /* call before/after handling field */
- void *notify_arg; /* argument to notify_proc */
- PRBool during_notify; /* true during call to notify_proc */
-
- SEC_ASN1WriteProc output_proc; /* pass encoded bytes to this */
- void *output_arg; /* argument to that function */
-};
-
-
-static sec_asn1e_state *
-sec_asn1e_push_state (SEC_ASN1EncoderContext *cx,
- const SEC_ASN1Template *theTemplate,
- void *src, PRBool new_depth)
-{
- sec_asn1e_state *state, *new_state;
-
- state = cx->current;
-
- new_state = (sec_asn1e_state*)PORT_ArenaZAlloc (cx->our_pool,
- sizeof(*new_state));
- if (new_state == NULL) {
- cx->status = encodeError;
- return NULL;
- }
-
- new_state->top = cx;
- new_state->parent = state;
- new_state->theTemplate = theTemplate;
- new_state->place = notInUse;
- if (src != NULL)
- new_state->src = (char *)src + theTemplate->offset;
-
- if (state != NULL) {
- new_state->depth = state->depth;
- if (new_depth)
- new_state->depth++;
- state->child = new_state;
- }
-
- cx->current = new_state;
- return new_state;
-}
-
-
-static void
-sec_asn1e_scrub_state (sec_asn1e_state *state)
-{
- /*
- * Some default "scrubbing".
- * XXX right set of initializations?
- */
- state->place = beforeHeader;
- state->indefinite = PR_FALSE;
-}
-
-
-static void
-sec_asn1e_notify_before (SEC_ASN1EncoderContext *cx, void *src, int depth)
-{
- if (cx->notify_proc == NULL)
- return;
-
- cx->during_notify = PR_TRUE;
- (* cx->notify_proc) (cx->notify_arg, PR_TRUE, src, depth);
- cx->during_notify = PR_FALSE;
-}
-
-
-static void
-sec_asn1e_notify_after (SEC_ASN1EncoderContext *cx, void *src, int depth)
-{
- if (cx->notify_proc == NULL)
- return;
-
- cx->during_notify = PR_TRUE;
- (* cx->notify_proc) (cx->notify_arg, PR_FALSE, src, depth);
- cx->during_notify = PR_FALSE;
-}
-
-
-static sec_asn1e_state *
-sec_asn1e_init_state_based_on_template (sec_asn1e_state *state)
-{
- PRBool explicit, is_string, may_stream, optional, universal, ignore_stream;
- unsigned char tag_modifiers;
- unsigned long encode_kind, under_kind;
- unsigned long tag_number;
-
-
- encode_kind = state->theTemplate->kind;
-
- universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_EXPLICIT;
-
- optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_OPTIONAL;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_MAY_STREAM;
-
- ignore_stream = (encode_kind & SEC_ASN1_NO_STREAM) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_NO_STREAM;
-
- /* Just clear this to get it out of the way; we do not need it here */
- encode_kind &= ~SEC_ASN1_DYNAMIC;
-
- if( encode_kind & SEC_ASN1_CHOICE ) {
- under_kind = SEC_ASN1_CHOICE;
- } else
-
- if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || (!universal
- && !explicit)) {
- const SEC_ASN1Template *subt;
- void *src;
-
- PORT_Assert ((encode_kind & (SEC_ASN1_ANY | SEC_ASN1_SKIP)) == 0);
-
- sec_asn1e_scrub_state (state);
-
- if (encode_kind & SEC_ASN1_POINTER) {
- /*
- * XXX This used to PORT_Assert (encode_kind == SEC_ASN1_POINTER);
- * but that was too restrictive. This needs to be fixed,
- * probably copying what the decoder now checks for, and
- * adding a big comment here to explain what the checks mean.
- */
- src = *(void **)state->src;
- state->place = afterPointer;
- if (src == NULL) {
- /*
- * If this is optional, but NULL, then the field does
- * not need to be encoded. In this case we are done;
- * we do not want to push a subtemplate.
- */
- if (optional)
- return state;
-
- /*
- * XXX this is an error; need to figure out
- * how to handle this
- */
- }
- } else {
- src = state->src;
- if (encode_kind & SEC_ASN1_INLINE) {
- /* check that there are no extraneous bits */
- PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional);
- state->place = afterInline;
- } else {
- /*
- * Save the tag modifiers and tag number here before moving
- * on to the next state in case this is a member of a
- * SEQUENCE OF
- */
- state->tag_modifiers = encode_kind & SEC_ASN1_TAG_MASK
- & ~SEC_ASN1_TAGNUM_MASK;
- state->tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
-
- state->place = afterImplicit;
- state->optional = optional;
- }
- }
-
- subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src, PR_TRUE);
- state = sec_asn1e_push_state (state->top, subt, src, PR_FALSE);
- if (state == NULL)
- return NULL;
-
- if (universal) {
- /*
- * This is a POINTER or INLINE; just init based on that
- * and we are done.
- */
- return sec_asn1e_init_state_based_on_template (state);
- }
-
- /*
- * This is an implicit, non-universal (meaning, application-private
- * or context-specific) field. This results in a "magic" tag but
- * encoding based on the underlying type. We pushed a new state
- * that is based on the subtemplate (the underlying type), but
- * now we will sort of alias it to give it some of our properties
- * (tag, optional status, etc.).
- */
-
- under_kind = state->theTemplate->kind;
- if (under_kind & SEC_ASN1_MAY_STREAM) {
- if (!ignore_stream)
- may_stream = PR_TRUE;
- under_kind &= ~SEC_ASN1_MAY_STREAM;
- }
- } else {
- under_kind = encode_kind;
- }
-
- /*
- * Sanity check that there are no unwanted bits marked in under_kind.
- * These bits were either removed above (after we recorded them) or
- * they simply should not be found (signalling a bad/broken template).
- * XXX is this the right set of bits to test here? (i.e. need to add
- * or remove any?)
- */
- PORT_Assert ((under_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL
- | SEC_ASN1_SKIP | SEC_ASN1_INNER
- | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_INLINE | SEC_ASN1_POINTER)) == 0);
-
- if (encode_kind & SEC_ASN1_ANY) {
- PORT_Assert (encode_kind == under_kind);
- tag_modifiers = 0;
- tag_number = 0;
- is_string = PR_TRUE;
- } else {
- tag_modifiers = encode_kind & SEC_ASN1_TAG_MASK & ~SEC_ASN1_TAGNUM_MASK;
- /*
- * XXX This assumes only single-octet identifiers. To handle
- * the HIGH TAG form we would need to do some more work, especially
- * in how to specify them in the template, because right now we
- * do not provide a way to specify more *tag* bits in encode_kind.
- */
- tag_number = encode_kind & SEC_ASN1_TAGNUM_MASK;
-
- is_string = PR_FALSE;
- switch (under_kind & SEC_ASN1_TAGNUM_MASK) {
- case SEC_ASN1_SET:
- /*
- * XXX A plain old SET (as opposed to a SET OF) is not implemented.
- * If it ever is, remove this assert...
- */
- PORT_Assert ((under_kind & SEC_ASN1_GROUP) != 0);
- /* fallthru */
- case SEC_ASN1_SEQUENCE:
- tag_modifiers |= SEC_ASN1_CONSTRUCTED;
- break;
- case SEC_ASN1_BIT_STRING:
- case SEC_ASN1_BMP_STRING:
- case SEC_ASN1_GENERALIZED_TIME:
- case SEC_ASN1_IA5_STRING:
- case SEC_ASN1_OCTET_STRING:
- case SEC_ASN1_PRINTABLE_STRING:
- case SEC_ASN1_T61_STRING:
- case SEC_ASN1_UNIVERSAL_STRING:
- case SEC_ASN1_UTC_TIME:
- case SEC_ASN1_UTF8_STRING:
- case SEC_ASN1_VISIBLE_STRING:
- /*
- * We do not yet know if we will be constructing the string,
- * so we have to wait to do this final tag modification.
- */
- is_string = PR_TRUE;
- break;
- }
- }
-
- state->tag_modifiers = tag_modifiers;
- state->tag_number = tag_number;
- state->underlying_kind = under_kind;
- state->explicit = explicit;
- state->may_stream = may_stream;
- state->is_string = is_string;
- state->optional = optional;
- state->ignore_stream = ignore_stream;
-
- sec_asn1e_scrub_state (state);
-
- return state;
-}
-
-
-static void
-sec_asn1e_write_part (sec_asn1e_state *state,
- const char *buf, unsigned long len,
- SEC_ASN1EncodingPart part)
-{
- SEC_ASN1EncoderContext *cx;
-
- cx = state->top;
- (* cx->output_proc) (cx->output_arg, buf, len, state->depth, part);
-}
-
-
-/*
- * XXX This assumes only single-octet identifiers. To handle
- * the HIGH TAG form we would need to modify this interface and
- * teach it to properly encode the special form.
- */
-static void
-sec_asn1e_write_identifier_bytes (sec_asn1e_state *state, unsigned char value)
-{
- char byte;
-
- byte = (char) value;
- sec_asn1e_write_part (state, &byte, 1, SEC_ASN1_Identifier);
-}
-
-int
-SEC_ASN1EncodeLength(unsigned char *buf,int value) {
- int lenlen;
-
- lenlen = SEC_ASN1LengthLength (value);
- if (lenlen == 1) {
- buf[0] = value;
- } else {
- int i;
-
- i = lenlen - 1;
- buf[0] = 0x80 | i;
- while (i) {
- buf[i--] = value;
- value >>= 8;
- }
- PORT_Assert (value == 0);
- }
- return lenlen;
-}
-
-static void
-sec_asn1e_write_length_bytes (sec_asn1e_state *state, unsigned long value,
- PRBool indefinite)
-{
- int lenlen;
- unsigned char buf[sizeof(unsigned long) + 1];
-
- if (indefinite) {
- PORT_Assert (value == 0);
- buf[0] = 0x80;
- lenlen = 1;
- } else {
- lenlen = SEC_ASN1EncodeLength(buf,value);
- }
-
- sec_asn1e_write_part (state, (char *) buf, lenlen, SEC_ASN1_Length);
-}
-
-
-static void
-sec_asn1e_write_contents_bytes (sec_asn1e_state *state,
- const char *buf, unsigned long len)
-{
- sec_asn1e_write_part (state, buf, len, SEC_ASN1_Contents);
-}
-
-
-static void
-sec_asn1e_write_end_of_contents_bytes (sec_asn1e_state *state)
-{
- const char eoc[2] = {0, 0};
-
- sec_asn1e_write_part (state, eoc, 2, SEC_ASN1_EndOfContents);
-}
-
-static int
-sec_asn1e_which_choice
-(
- void *src,
- const SEC_ASN1Template *theTemplate
-)
-{
- int rv;
- int which = *(int *)((char *)src + theTemplate->offset);
-
- for( rv = 1, theTemplate++; theTemplate->kind != 0; rv++, theTemplate++ ) {
- if( which == theTemplate->size ) {
- return rv;
- }
- }
-
- return 0;
-}
-
-static unsigned long
-sec_asn1e_contents_length (const SEC_ASN1Template *theTemplate, void *src,
- PRBool ignoresubstream, PRBool *noheaderp)
-{
- unsigned long encode_kind, underlying_kind;
- PRBool explicit, optional, universal, may_stream;
- unsigned long len;
-
- /*
- * This function currently calculates the length in all cases
- * except the following: when writing out the contents of a
- * template that belongs to a state where it was a sub-template
- * with the SEC_ASN1_MAY_STREAM bit set and it's parent had the
- * optional bit set. The information that the parent is optional
- * and that we should return the length of 0 when that length is
- * present since that means the optional field is no longer present.
- * So we add the ignoresubstream flag which is passed in when
- * writing the contents, but for all recursive calls to
- * sec_asn1e_contents_length, we pass PR_FALSE, because this
- * function correctly calculates the length for children templates
- * from that point on. Confused yet? At least you didn't have
- * to figure it out. ;) -javi
- */
- encode_kind = theTemplate->kind;
-
- universal = ((encode_kind & SEC_ASN1_CLASS_MASK) == SEC_ASN1_UNIVERSAL)
- ? PR_TRUE : PR_FALSE;
-
- explicit = (encode_kind & SEC_ASN1_EXPLICIT) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_EXPLICIT;
-
- optional = (encode_kind & SEC_ASN1_OPTIONAL) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_OPTIONAL;
-
- PORT_Assert (!(explicit && universal)); /* bad templates */
-
- may_stream = (encode_kind & SEC_ASN1_MAY_STREAM) ? PR_TRUE : PR_FALSE;
- encode_kind &= ~SEC_ASN1_MAY_STREAM;
-
- /* Just clear this to get it out of the way; we do not need it here */
- encode_kind &= ~SEC_ASN1_DYNAMIC;
- encode_kind &= ~SEC_ASN1_NO_STREAM;
-
- if( encode_kind & SEC_ASN1_CHOICE ) {
- void *src2;
- int indx = sec_asn1e_which_choice(src, theTemplate);
- if( 0 == indx ) {
- /* XXX set an error? "choice not found" */
- /* state->top->status = encodeError; */
- return 0;
- }
-
- src2 = (void *)((char *)src + theTemplate[indx].offset);
-
- return sec_asn1e_contents_length(&theTemplate[indx], src2,
- PR_FALSE, noheaderp);
- }
-
- if ((encode_kind & (SEC_ASN1_POINTER | SEC_ASN1_INLINE)) || !universal) {
-
- /* XXX any bits we want to disallow (PORT_Assert against) here? */
-
- theTemplate = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE);
-
- if (encode_kind & SEC_ASN1_POINTER) {
- /*
- * XXX This used to PORT_Assert (encode_kind == SEC_ASN1_POINTER);
- * but that was too restrictive. This needs to be fixed,
- * probably copying what the decoder now checks for, and
- * adding a big comment here to explain what the checks mean.
- * Alternatively, the check here could be omitted altogether
- * just letting sec_asn1e_init_state_based_on_template
- * do it, since that routine can do better error handling, too.
- */
- src = *(void **)src;
- if (src == NULL) {
- if (optional)
- *noheaderp = PR_TRUE;
- else
- *noheaderp = PR_FALSE;
- return 0;
- }
- } else if (encode_kind & SEC_ASN1_INLINE) {
- /* check that there are no extraneous bits */
- PORT_Assert (encode_kind == SEC_ASN1_INLINE && !optional);
- }
-
- src = (char *)src + theTemplate->offset;
-
- if (explicit) {
- len = sec_asn1e_contents_length (theTemplate, src, PR_FALSE,
- noheaderp);
- if (len == 0 && optional) {
- *noheaderp = PR_TRUE;
- } else if (*noheaderp) {
- /* Okay, *we* do not want to add in a header, but our caller still does. */
- *noheaderp = PR_FALSE;
- } else {
- /* if the inner content exists, our length is
- * len(identifier) + len(length) + len(innercontent)
- * XXX we currently assume len(identifier) == 1;
- * to support a high-tag-number this would need to be smarter.
- */
- len += 1 + SEC_ASN1LengthLength (len);
- }
- return len;
- }
-
- underlying_kind = theTemplate->kind;
- underlying_kind &= ~SEC_ASN1_MAY_STREAM;
-
- /* XXX Should we recurse here? */
- } else {
- underlying_kind = encode_kind;
- }
-
- /* This is only used in decoding; it plays no part in encoding. */
- if (underlying_kind & SEC_ASN1_SAVE) {
- /* check that there are no extraneous bits */
- PORT_Assert (underlying_kind == SEC_ASN1_SAVE);
- *noheaderp = PR_TRUE;
- return 0;
- }
-
- /* Having any of these bits is not expected here... */
- PORT_Assert ((underlying_kind & (SEC_ASN1_EXPLICIT | SEC_ASN1_OPTIONAL
- | SEC_ASN1_INLINE | SEC_ASN1_POINTER
- | SEC_ASN1_DYNAMIC | SEC_ASN1_MAY_STREAM
- | SEC_ASN1_SAVE | SEC_ASN1_SKIP)) == 0);
-
- if( underlying_kind & SEC_ASN1_CHOICE ) {
- void *src2;
- int indx = sec_asn1e_which_choice(src, theTemplate);
- if( 0 == indx ) {
- /* XXX set an error? "choice not found" */
- /* state->top->status = encodeError; */
- return 0;
- }
-
- src2 = (void *)((char *)src - theTemplate->offset + theTemplate[indx].offset);
- len = sec_asn1e_contents_length(&theTemplate[indx], src2, PR_FALSE,
- noheaderp);
- } else
-
- switch (underlying_kind) {
- case SEC_ASN1_SEQUENCE_OF:
- case SEC_ASN1_SET_OF:
- {
- const SEC_ASN1Template *tmpt;
- void *sub_src;
- unsigned long sub_len;
- void **group;
-
- len = 0;
-
- group = *(void ***)src;
- if (group == NULL)
- break;
-
- tmpt = SEC_ASN1GetSubtemplate (theTemplate, src, PR_TRUE);
-
- for (; *group != NULL; group++) {
- sub_src = (char *)(*group) + tmpt->offset;
- sub_len = sec_asn1e_contents_length (tmpt, sub_src, PR_FALSE,
- noheaderp);
- len += sub_len;
- /*
- * XXX The 1 below is the presumed length of the identifier;
- * to support a high-tag-number this would need to be smarter.
- */
- if (!*noheaderp)
- len += 1 + SEC_ASN1LengthLength (sub_len);
- }
- }
- break;
-
- case SEC_ASN1_SEQUENCE:
- case SEC_ASN1_SET:
- {
- const SEC_ASN1Template *tmpt;
- void *sub_src;
- unsigned long sub_len;
-
- len = 0;
- for (tmpt = theTemplate + 1; tmpt->kind; tmpt++) {
- sub_src = (char *)src + tmpt->offset;
- sub_len = sec_asn1e_contents_length (tmpt, sub_src, PR_FALSE,
- noheaderp);
- len += sub_len;
- /*
- * XXX The 1 below is the presumed length of the identifier;
- * to support a high-tag-number this would need to be smarter.
- */
- if (!*noheaderp)
- len += 1 + SEC_ASN1LengthLength (sub_len);
- }
- }
- break;
-
- case SEC_ASN1_BIT_STRING:
- /* convert bit length to byte */
- len = (((SECItem *)src)->len + 7) >> 3;
- /* bit string contents involve an extra octet */
- if (len)
- len++;
- break;
-
- default:
- len = ((SECItem *)src)->len;
- if (may_stream && len == 0 && !ignoresubstream)
- len = 1; /* if we're streaming, we may have a secitem w/len 0 as placeholder */
- break;
- }
-
- if ((len == 0 && optional) || underlying_kind == SEC_ASN1_ANY)
- *noheaderp = PR_TRUE;
- else
- *noheaderp = PR_FALSE;
-
- return len;
-}
-
-
-static void
-sec_asn1e_write_header (sec_asn1e_state *state)
-{
- unsigned long contents_length;
- unsigned char tag_number, tag_modifiers;
- PRBool noheader;
-
- PORT_Assert (state->place == beforeHeader);
-
- tag_number = state->tag_number;
- tag_modifiers = state->tag_modifiers;
-
- if (state->underlying_kind == SEC_ASN1_ANY) {
- state->place = duringContents;
- return;
- }
-
- if( state->underlying_kind & SEC_ASN1_CHOICE ) {
- int indx = sec_asn1e_which_choice(state->src, state->theTemplate);
- if( 0 == indx ) {
- /* XXX set an error? "choice not found" */
- state->top->status = encodeError;
- return;
- }
-
- state->place = afterChoice;
- state = sec_asn1e_push_state(state->top, &state->theTemplate[indx],
- state->src, PR_TRUE);
-
- if( (sec_asn1e_state *)NULL != state ) {
- /*
- * Do the "before" field notification.
- */
- sec_asn1e_notify_before (state->top, state->src, state->depth);
- state = sec_asn1e_init_state_based_on_template (state);
- }
-
- return;
- }
-
- /*
- * We are doing a definite-length encoding. First we have to
- * walk the data structure to calculate the entire contents length.
- */
- contents_length = sec_asn1e_contents_length (state->theTemplate,
- state->src,
- state->ignore_stream,
- &noheader);
- /*
- * We might be told explicitly not to put out a header.
- * But it can also be the case, via a pushed subtemplate, that
- * sec_asn1e_contents_length could not know that this field is
- * really optional. So check for that explicitly, too.
- */
- if (noheader || (contents_length == 0 && state->optional)) {
- state->place = afterContents;
- if (state->top->streaming && state->may_stream && state->top->from_buf)
- /* we did not find an optional indefinite string, so we don't encode it.
- * However, if TakeFromBuf is on, we stop here anyway to give our caller
- * a chance to intercept at the same point where we would stop if the
- * field were present. */
- state->top->status = needBytes;
- return;
- }
-
- if (state->top->streaming && state->may_stream
- && (state->top->from_buf || !state->is_string)) {
- /*
- * We need to put out an indefinite-length encoding.
- */
- state->indefinite = PR_TRUE;
- /*
- * The only universal types that can be constructed are SETs,
- * SEQUENCEs, and strings; so check that it is one of those,
- * or that it is not universal (e.g. context-specific).
- */
- PORT_Assert ((tag_number == SEC_ASN1_SET)
- || (tag_number == SEC_ASN1_SEQUENCE)
- || ((tag_modifiers & SEC_ASN1_CLASS_MASK) != 0)
- || state->is_string);
- tag_modifiers |= SEC_ASN1_CONSTRUCTED;
- contents_length = 0;
- }
-
- sec_asn1e_write_identifier_bytes (state, tag_number | tag_modifiers);
- sec_asn1e_write_length_bytes (state, contents_length, state->indefinite);
-
- if (contents_length == 0 && !state->indefinite) {
- /*
- * If no real contents to encode, then we are done with this field.
- */
- state->place = afterContents;
- return;
- }
-
- /*
- * An EXPLICIT is nothing but an outer header, which we have already
- * written. Now we need to do the inner header and contents.
- */
- if (state->explicit) {
- state->place = afterContents;
- state = sec_asn1e_push_state (state->top,
- SEC_ASN1GetSubtemplate(state->theTemplate,
- state->src,
- PR_TRUE),
- state->src, PR_TRUE);
- if (state != NULL)
- state = sec_asn1e_init_state_based_on_template (state);
- return;
- }
-
- switch (state->underlying_kind) {
- case SEC_ASN1_SET_OF:
- case SEC_ASN1_SEQUENCE_OF:
- /*
- * We need to push a child to handle each member.
- */
- {
- void **group;
- const SEC_ASN1Template *subt;
-
- group = *(void ***)state->src;
- if (group == NULL || *group == NULL) {
- /*
- * Group is empty; we are done.
- */
- state->place = afterContents;
- return;
- }
- state->place = duringGroup;
- subt = SEC_ASN1GetSubtemplate (state->theTemplate, state->src,
- PR_TRUE);
- state = sec_asn1e_push_state (state->top, subt, *group, PR_TRUE);
- if (state != NULL)
- state = sec_asn1e_init_state_based_on_template (state);
- }
- break;
-
- case SEC_ASN1_SEQUENCE:
- case SEC_ASN1_SET:
- /*
- * We need to push a child to handle the individual fields.
- */
- state->place = duringSequence;
- state = sec_asn1e_push_state (state->top, state->theTemplate + 1,
- state->src, PR_TRUE);
- if (state != NULL) {
- /*
- * Do the "before" field notification.
- */
- sec_asn1e_notify_before (state->top, state->src, state->depth);
- state = sec_asn1e_init_state_based_on_template (state);
- }
- break;
-
- default:
- /*
- * I think we do not need to do anything else.
- * XXX Correct?
- */
- state->place = duringContents;
- break;
- }
-}
-
-
-static void
-sec_asn1e_write_contents (sec_asn1e_state *state,
- const char *buf, unsigned long len)
-{
- PORT_Assert (state->place == duringContents);
-
- if (state->top->from_buf) {
- /*
- * Probably they just turned on "take from buf", but have not
- * yet given us any bytes. If there is nothing in the buffer
- * then we have nothing to do but return and wait.
- */
- if (buf == NULL || len == 0) {
- state->top->status = needBytes;
- return;
- }
- /*
- * We are streaming, reading from a passed-in buffer.
- * This means we are encoding a simple string or an ANY.
- * For the former, we need to put out a substring, with its
- * own identifier and length. For an ANY, we just write it
- * out as is (our caller is required to ensure that it
- * is a properly encoded entity).
- */
- PORT_Assert (state->is_string); /* includes ANY */
- if (state->underlying_kind != SEC_ASN1_ANY) {
- unsigned char identifier;
-
- /*
- * Create the identifier based on underlying_kind. We cannot
- * use tag_number and tag_modifiers because this can be an
- * implicitly encoded field. In that case, the underlying
- * substrings *are* encoded with their real tag.
- */
- identifier = state->underlying_kind & SEC_ASN1_TAG_MASK;
- /*
- * The underlying kind should just be a simple string; there
- * should be no bits like CONTEXT_SPECIFIC or CONSTRUCTED set.
- */
- PORT_Assert ((identifier & SEC_ASN1_TAGNUM_MASK) == identifier);
- /*
- * Write out the tag and length for the substring.
- */
- sec_asn1e_write_identifier_bytes (state, identifier);
- if (state->underlying_kind == SEC_ASN1_BIT_STRING) {
- char byte;
- /*
- * Assume we have a length in bytes but we need to output
- * a proper bit string. This interface only works for bit
- * strings that are full multiples of 8. If support for
- * real, variable length bit strings is needed then the
- * caller will have to know to pass in a bit length instead
- * of a byte length and then this code will have to
- * perform the encoding necessary (length written is length
- * in bytes plus 1, and the first octet of string is the
- * number of bits remaining between the end of the bit
- * string and the next byte boundary).
- */
- sec_asn1e_write_length_bytes (state, len + 1, PR_FALSE);
- byte = 0;
- sec_asn1e_write_contents_bytes (state, &byte, 1);
- } else {
- sec_asn1e_write_length_bytes (state, len, PR_FALSE);
- }
- }
- sec_asn1e_write_contents_bytes (state, buf, len);
- state->top->status = needBytes;
- } else {
- switch (state->underlying_kind) {
- case SEC_ASN1_SET:
- case SEC_ASN1_SEQUENCE:
- PORT_Assert (0);
- break;
-
- case SEC_ASN1_BIT_STRING:
- {
- SECItem *item;
- char rem;
-
- item = (SECItem *)state->src;
- len = (item->len + 7) >> 3;
- rem = (len << 3) - item->len; /* remaining bits */
- sec_asn1e_write_contents_bytes (state, &rem, 1);
- sec_asn1e_write_contents_bytes (state, (char *) item->data,
- len);
- }
- break;
-
- case SEC_ASN1_BMP_STRING:
- /* The number of bytes must be divisable by 2 */
- if ((((SECItem *)state->src)->len) % 2) {
- SEC_ASN1EncoderContext *cx;
-
- cx = state->top;
- cx->status = encodeError;
- break;
- }
- /* otherwise, fall through to write the content */
- goto process_string;
-
- case SEC_ASN1_UNIVERSAL_STRING:
- /* The number of bytes must be divisable by 4 */
- if ((((SECItem *)state->src)->len) % 4) {
- SEC_ASN1EncoderContext *cx;
-
- cx = state->top;
- cx->status = encodeError;
- break;
- }
- /* otherwise, fall through to write the content */
- goto process_string;
-
-process_string:
- default:
- {
- SECItem *item;
-
- item = (SECItem *)state->src;
- sec_asn1e_write_contents_bytes (state, (char *) item->data,
- item->len);
- }
- break;
- }
- state->place = afterContents;
- }
-}
-
-
-/*
- * We are doing a SET OF or SEQUENCE OF, and have just finished an item.
- */
-static void
-sec_asn1e_next_in_group (sec_asn1e_state *state)
-{
- sec_asn1e_state *child;
- void **group;
- void *member;
-
- PORT_Assert (state->place == duringGroup);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- group = *(void ***)state->src;
-
- /*
- * Find placement of current item.
- */
- member = (char *)(state->child->src) - child->theTemplate->offset;
- while (*group != member)
- group++;
-
- /*
- * Move forward to next item.
- */
- group++;
- if (*group == NULL) {
- /*
- * That was our last one; we are done now.
- */
- child->place = notInUse;
- state->place = afterContents;
- return;
- }
- child->src = (char *)(*group) + child->theTemplate->offset;
-
- /*
- * Re-"push" child.
- */
- sec_asn1e_scrub_state (child);
- state->top->current = child;
-}
-
-
-/*
- * We are moving along through a sequence; move forward by one,
- * (detecting end-of-sequence when it happens).
- */
-static void
-sec_asn1e_next_in_sequence (sec_asn1e_state *state)
-{
- sec_asn1e_state *child;
-
- PORT_Assert (state->place == duringSequence);
- PORT_Assert (state->child != NULL);
-
- child = state->child;
-
- /*
- * Do the "after" field notification.
- */
- sec_asn1e_notify_after (state->top, child->src, child->depth);
-
- /*
- * Move forward.
- */
- child->theTemplate++;
- if (child->theTemplate->kind == 0) {
- /*
- * We are done with this sequence.
- */
- child->place = notInUse;
- state->place = afterContents;
- return;
- }
-
- /*
- * Reset state and push.
- */
-
- child->src = (char *)state->src + child->theTemplate->offset;
-
- /*
- * Do the "before" field notification.
- */
- sec_asn1e_notify_before (state->top, child->src, child->depth);
-
- state->top->current = child;
- (void) sec_asn1e_init_state_based_on_template (child);
-}
-
-
-static void
-sec_asn1e_after_contents (sec_asn1e_state *state)
-{
- PORT_Assert (state->place == afterContents);
-
- if (state->indefinite)
- sec_asn1e_write_end_of_contents_bytes (state);
-
- /*
- * Just make my parent be the current state. It will then clean
- * up after me and free me (or reuse me).
- */
- state->top->current = state->parent;
-}
-
-
-/*
- * This function is called whether or not we are streaming; if we
- * *are* streaming, our caller can also instruct us to take bytes
- * from the passed-in buffer (at buf, for length len, which is likely
- * bytes but could even mean bits if the current field is a bit string).
- * If we have been so instructed, we will gobble up bytes from there
- * (rather than from our src structure) and output them, and then
- * we will just return, expecting to be called again -- either with
- * more bytes or after our caller has instructed us that we are done
- * (for now) with the buffer.
- */
-SECStatus
-SEC_ASN1EncoderUpdate (SEC_ASN1EncoderContext *cx,
- const char *buf, unsigned long len)
-{
- sec_asn1e_state *state;
-
- if (cx->status == needBytes) {
- PORT_Assert (buf != NULL && len != 0);
- cx->status = keepGoing;
- }
-
- while (cx->status == keepGoing) {
- state = cx->current;
- switch (state->place) {
- case beforeHeader:
- sec_asn1e_write_header (state);
- break;
- case duringContents:
- sec_asn1e_write_contents (state, buf, len);
- break;
- case duringGroup:
- sec_asn1e_next_in_group (state);
- break;
- case duringSequence:
- sec_asn1e_next_in_sequence (state);
- break;
- case afterContents:
- sec_asn1e_after_contents (state);
- break;
- case afterImplicit:
- case afterInline:
- case afterPointer:
- case afterChoice:
- /*
- * These states are more documentation than anything.
- * They just need to force a pop.
- */
- PORT_Assert (!state->indefinite);
- state->place = afterContents;
- break;
- case notInUse:
- default:
- /* This is not an error, but rather a plain old BUG! */
- PORT_Assert (0);
- cx->status = encodeError;
- break;
- }
-
- if (cx->status == encodeError)
- break;
-
- /* It might have changed, so we have to update our local copy. */
- state = cx->current;
-
- /* If it is NULL, we have popped all the way to the top. */
- if (state == NULL) {
- cx->status = allDone;
- break;
- }
- }
-
- if (cx->status == encodeError) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-
-void
-SEC_ASN1EncoderFinish (SEC_ASN1EncoderContext *cx)
-{
- /*
- * XXX anything else that needs to be finished?
- */
-
- PORT_FreeArena (cx->our_pool, PR_FALSE);
-}
-
-
-SEC_ASN1EncoderContext *
-SEC_ASN1EncoderStart (void *src, const SEC_ASN1Template *theTemplate,
- SEC_ASN1WriteProc output_proc, void *output_arg)
-{
- PRArenaPool *our_pool;
- SEC_ASN1EncoderContext *cx;
-
- our_pool = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE);
- if (our_pool == NULL)
- return NULL;
-
- cx = (SEC_ASN1EncoderContext*)PORT_ArenaZAlloc (our_pool, sizeof(*cx));
- if (cx == NULL) {
- PORT_FreeArena (our_pool, PR_FALSE);
- return NULL;
- }
-
- cx->our_pool = our_pool;
- cx->output_proc = output_proc;
- cx->output_arg = output_arg;
-
- cx->status = keepGoing;
-
- if (sec_asn1e_push_state(cx, theTemplate, src, PR_FALSE) == NULL
- || sec_asn1e_init_state_based_on_template (cx->current) == NULL) {
- /*
- * Trouble initializing (probably due to failed allocations)
- * requires that we just give up.
- */
- PORT_FreeArena (our_pool, PR_FALSE);
- return NULL;
- }
-
- return cx;
-}
-
-
-/*
- * XXX Do we need a FilterProc, too?
- */
-
-
-void
-SEC_ASN1EncoderSetNotifyProc (SEC_ASN1EncoderContext *cx,
- SEC_ASN1NotifyProc fn, void *arg)
-{
- cx->notify_proc = fn;
- cx->notify_arg = arg;
-}
-
-
-void
-SEC_ASN1EncoderClearNotifyProc (SEC_ASN1EncoderContext *cx)
-{
- cx->notify_proc = NULL;
- cx->notify_arg = NULL; /* not necessary; just being clean */
-}
-
-
-void
-SEC_ASN1EncoderSetStreaming (SEC_ASN1EncoderContext *cx)
-{
- /* XXX is there a way to check that we are "between" fields here? */
-
- cx->streaming = PR_TRUE;
-}
-
-
-void
-SEC_ASN1EncoderClearStreaming (SEC_ASN1EncoderContext *cx)
-{
- /* XXX is there a way to check that we are "between" fields here? */
-
- cx->streaming = PR_FALSE;
-}
-
-
-void
-SEC_ASN1EncoderSetTakeFromBuf (SEC_ASN1EncoderContext *cx)
-{
- /*
- * XXX is there a way to check that we are "between" fields here? this
- * needs to include a check for being in between groups of items in
- * a SET_OF or SEQUENCE_OF.
- */
- PORT_Assert (cx->streaming);
-
- cx->from_buf = PR_TRUE;
-}
-
-
-void
-SEC_ASN1EncoderClearTakeFromBuf (SEC_ASN1EncoderContext *cx)
-{
- /* we should actually be taking from buf *now* */
- PORT_Assert (cx->from_buf);
- if (! cx->from_buf) /* if not, just do nothing */
- return;
-
- cx->from_buf = PR_FALSE;
-
- if (cx->status == needBytes) {
- cx->status = keepGoing;
- cx->current->place = afterContents;
- }
-}
-
-
-SECStatus
-SEC_ASN1Encode (void *src, const SEC_ASN1Template *theTemplate,
- SEC_ASN1WriteProc output_proc, void *output_arg)
-{
- SEC_ASN1EncoderContext *ecx;
- SECStatus rv;
-
- ecx = SEC_ASN1EncoderStart (src, theTemplate, output_proc, output_arg);
- if (ecx == NULL)
- return SECFailure;
-
- rv = SEC_ASN1EncoderUpdate (ecx, NULL, 0);
-
- SEC_ASN1EncoderFinish (ecx);
- return rv;
-}
-
-
-/*
- * XXX depth and data_kind are unused; is there a PC way to silence warnings?
- * (I mean "politically correct", not anything to do with intel/win platform)
- */
-static void
-sec_asn1e_encode_item_count (void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- unsigned long *count;
-
- count = (unsigned long*)arg;
- PORT_Assert (count != NULL);
-
- *count += len;
-}
-
-
-/* XXX depth and data_kind are unused; is there a PC way to silence warnings? */
-static void
-sec_asn1e_encode_item_store (void *arg, const char *buf, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind)
-{
- SECItem *dest;
-
- dest = (SECItem*)arg;
- PORT_Assert (dest != NULL);
-
- PORT_Memcpy (dest->data + dest->len, buf, len);
- dest->len += len;
-}
-
-
-/*
- * Allocate an entire SECItem, or just the data part of it, to hold
- * "len" bytes of stuff. Allocate from the given pool, if specified,
- * otherwise just do a vanilla PORT_Alloc.
- *
- * XXX This seems like a reasonable general-purpose function (for SECITEM_)?
- */
-static SECItem *
-sec_asn1e_allocate_item (PRArenaPool *poolp, SECItem *dest, unsigned long len)
-{
- if (poolp != NULL) {
- void *release;
-
- release = PORT_ArenaMark (poolp);
- if (dest == NULL)
- dest = (SECItem*)PORT_ArenaAlloc (poolp, sizeof(SECItem));
- if (dest != NULL) {
- dest->data = (unsigned char*)PORT_ArenaAlloc (poolp, len);
- if (dest->data == NULL) {
- dest = NULL;
- }
- }
- if (dest == NULL) {
- /* one or both allocations failed; release everything */
- PORT_ArenaRelease (poolp, release);
- } else {
- /* everything okay; unmark the arena */
- PORT_ArenaUnmark (poolp, release);
- }
- } else {
- SECItem *indest;
-
- indest = dest;
- if (dest == NULL)
- dest = (SECItem*)PORT_Alloc (sizeof(SECItem));
- if (dest != NULL) {
- dest->data = (unsigned char*)PORT_Alloc (len);
- if (dest->data == NULL) {
- if (indest == NULL)
- PORT_Free (dest);
- dest = NULL;
- }
- }
- }
-
- return dest;
-}
-
-
-SECItem *
-SEC_ASN1EncodeItem (PRArenaPool *poolp, SECItem *dest, void *src,
- const SEC_ASN1Template *theTemplate)
-{
- unsigned long encoding_length;
- SECStatus rv;
-
- PORT_Assert (dest == NULL || dest->data == NULL);
-
- encoding_length = 0;
- rv = SEC_ASN1Encode (src, theTemplate,
- sec_asn1e_encode_item_count, &encoding_length);
- if (rv != SECSuccess)
- return NULL;
-
- dest = sec_asn1e_allocate_item (poolp, dest, encoding_length);
- if (dest == NULL)
- return NULL;
-
- /* XXX necessary? This really just checks for a bug in the allocate fn */
- PORT_Assert (dest->data != NULL);
- if (dest->data == NULL)
- return NULL;
-
- dest->len = 0;
- (void) SEC_ASN1Encode (src, theTemplate, sec_asn1e_encode_item_store, dest);
-
- PORT_Assert (encoding_length == dest->len);
- return dest;
-}
-
-
-static SECItem *
-sec_asn1e_integer(PRArenaPool *poolp, SECItem *dest, unsigned long value,
- PRBool make_unsigned)
-{
- unsigned long copy;
- unsigned char sign;
- int len = 0;
-
- /*
- * Determine the length of the encoded value (minimum of 1).
- */
- copy = value;
- do {
- len++;
- sign = copy & 0x80;
- copy >>= 8;
- } while (copy);
-
- /*
- * If this is an unsigned encoding, and the high bit of the last
- * byte we counted was set, we need to add one to the length so
- * we put a high-order zero byte in the encoding.
- */
- if (sign && make_unsigned)
- len++;
-
- /*
- * Allocate the item (if necessary) and the data pointer within.
- */
- dest = sec_asn1e_allocate_item (poolp, dest, len);
- if (dest == NULL)
- return NULL;
-
- /*
- * Store the value, byte by byte, in the item.
- */
- dest->len = len;
- while (len) {
- dest->data[--len] = value;
- value >>= 8;
- }
- PORT_Assert (value == 0);
-
- return dest;
-}
-
-
-SECItem *
-SEC_ASN1EncodeInteger(PRArenaPool *poolp, SECItem *dest, long value)
-{
- return sec_asn1e_integer (poolp, dest, (unsigned long) value, PR_FALSE);
-}
-
-
-extern SECItem *
-SEC_ASN1EncodeUnsignedInteger(PRArenaPool *poolp,
- SECItem *dest, unsigned long value)
-{
- return sec_asn1e_integer (poolp, dest, value, PR_TRUE);
-}
diff --git a/security/nss/lib/util/secasn1t.h b/security/nss/lib/util/secasn1t.h
deleted file mode 100644
index cb56a0bd7..000000000
--- a/security/nss/lib/util/secasn1t.h
+++ /dev/null
@@ -1,287 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Types for encoding/decoding of ASN.1 using BER/DER (Basic/Distinguished
- * Encoding Rules).
- *
- * $Id$
- */
-
-#ifndef _SECASN1T_H_
-#define _SECASN1T_H_
-
-/*
-** An array of these structures defines a BER/DER encoding for an object.
-**
-** The array usually starts with a dummy entry whose kind is SEC_ASN1_SEQUENCE;
-** such an array is terminated with an entry where kind == 0. (An array
-** which consists of a single component does not require a second dummy
-** entry -- the array is only searched as long as previous component(s)
-** instruct it.)
-*/
-typedef struct sec_ASN1Template_struct {
- /*
- ** Kind of item being decoded/encoded, including tags and modifiers.
- */
- unsigned long kind;
-
- /*
- ** The value is the offset from the base of the structure to the
- ** field that holds the value being decoded/encoded.
- */
- unsigned long offset;
-
- /*
- ** When kind suggests it (SEC_ASN1_POINTER, SEC_ASN1_GROUP, SEC_ASN1_INLINE,
- ** or a component that is *not* a SEC_ASN1_UNIVERSAL), this points to
- ** a sub-template for nested encoding/decoding,
- ** OR, iff SEC_ASN1_DYNAMIC is set, then this is a pointer to a pointer
- ** to a function which will return the appropriate template when called
- ** at runtime. NOTE! that explicit level of indirection, which is
- ** necessary because ANSI does not allow you to store a function
- ** pointer directly as a "void *" so we must store it separately and
- ** dereference it to get at the function pointer itself.
- */
- const void *sub;
-
- /*
- ** In the first element of a template array, the value is the size
- ** of the structure to allocate when this template is being referenced
- ** by another template via SEC_ASN1_POINTER or SEC_ASN1_GROUP.
- ** In all other cases, the value is ignored.
- */
- unsigned int size;
-} SEC_ASN1Template;
-
-
-/* default size used for allocation of encoding/decoding stuff */
-/* XXX what is the best value here? */
-#define SEC_ASN1_DEFAULT_ARENA_SIZE (2048)
-
-/*
-** BER/DER values for ASN.1 identifier octets.
-*/
-#define SEC_ASN1_TAG_MASK 0xff
-
-/*
- * BER/DER universal type tag numbers.
- * The values are defined by the X.208 standard; do not change them!
- * NOTE: if you add anything to this list, you must add code to secasn1d.c
- * to accept the tag, and probably also to secasn1e.c to encode it.
- * XXX It appears some have been added recently without being added to
- * the code; so need to go through the list now and double-check them all.
- * (Look especially at those added in revision 1.10.)
- */
-#define SEC_ASN1_TAGNUM_MASK 0x1f
-#define SEC_ASN1_BOOLEAN 0x01
-#define SEC_ASN1_INTEGER 0x02
-#define SEC_ASN1_BIT_STRING 0x03
-#define SEC_ASN1_OCTET_STRING 0x04
-#define SEC_ASN1_NULL 0x05
-#define SEC_ASN1_OBJECT_ID 0x06
-#define SEC_ASN1_OBJECT_DESCRIPTOR 0x07
-/* External type and instance-of type 0x08 */
-#define SEC_ASN1_REAL 0x09
-#define SEC_ASN1_ENUMERATED 0x0a
-#define SEC_ASN1_EMBEDDED_PDV 0x0b
-#define SEC_ASN1_UTF8_STRING 0x0c
-#define SEC_ASN1_SEQUENCE 0x10
-#define SEC_ASN1_SET 0x11
-#define SEC_ASN1_NUMERIC_STRING 0x12
-#define SEC_ASN1_PRINTABLE_STRING 0x13
-#define SEC_ASN1_T61_STRING 0x14
-#define SEC_ASN1_TELETEX_STRING SEC_ASN1_T61_STRING
-#define SEC_ASN1_VIDEOTEX_STRING 0x15
-#define SEC_ASN1_IA5_STRING 0x16
-#define SEC_ASN1_UTC_TIME 0x17
-#define SEC_ASN1_GENERALIZED_TIME 0x18
-#define SEC_ASN1_GRAPHIC_STRING 0x19
-#define SEC_ASN1_VISIBLE_STRING 0x1a
-#define SEC_ASN1_GENERAL_STRING 0x1b
-#define SEC_ASN1_UNIVERSAL_STRING 0x1c
-/* 0x1d */
-#define SEC_ASN1_BMP_STRING 0x1e
-#define SEC_ASN1_HIGH_TAG_NUMBER 0x1f
-
-/*
-** Modifiers to type tags. These are also specified by a/the
-** standard, and must not be changed.
-*/
-
-#define SEC_ASN1_METHOD_MASK 0x20
-#define SEC_ASN1_PRIMITIVE 0x00
-#define SEC_ASN1_CONSTRUCTED 0x20
-
-#define SEC_ASN1_CLASS_MASK 0xc0
-#define SEC_ASN1_UNIVERSAL 0x00
-#define SEC_ASN1_APPLICATION 0x40
-#define SEC_ASN1_CONTEXT_SPECIFIC 0x80
-#define SEC_ASN1_PRIVATE 0xc0
-
-/*
-** Our additions, used for templates.
-** These are not defined by any standard; the values are used internally only.
-** Just be careful to keep them out of the low 8 bits.
-** XXX finish comments
-*/
-#define SEC_ASN1_OPTIONAL 0x00100
-#define SEC_ASN1_EXPLICIT 0x00200
-#define SEC_ASN1_ANY 0x00400
-#define SEC_ASN1_INLINE 0x00800
-#define SEC_ASN1_POINTER 0x01000
-#define SEC_ASN1_GROUP 0x02000 /* with SET or SEQUENCE means
- * SET OF or SEQUENCE OF */
-#define SEC_ASN1_DYNAMIC 0x04000 /* subtemplate is found by calling
- * a function at runtime */
-#define SEC_ASN1_SKIP 0x08000 /* skip a field; only for decoding */
-#define SEC_ASN1_INNER 0x10000 /* with ANY means capture the
- * contents only (not the id, len,
- * or eoc); only for decoding */
-#define SEC_ASN1_SAVE 0x20000 /* stash away the encoded bytes first;
- * only for decoding */
-#define SEC_ASN1_MAY_STREAM 0x40000 /* field or one of its sub-fields may
- * stream in and so should encode as
- * indefinite-length when streaming
- * has been indicated; only for
- * encoding */
-#define SEC_ASN1_SKIP_REST 0x80000 /* skip all following fields;
- only for decoding */
-#define SEC_ASN1_CHOICE 0x100000 /* pick one from a template */
-#define SEC_ASN1_NO_STREAM 0X200000 /* This entry will not stream
- even if the sub-template says
- streaming is possible. Helps
- to solve ambiguities with potential
- streaming entries that are
- optional */
-
-
-/* Shorthand/Aliases */
-#define SEC_ASN1_SEQUENCE_OF (SEC_ASN1_GROUP | SEC_ASN1_SEQUENCE)
-#define SEC_ASN1_SET_OF (SEC_ASN1_GROUP | SEC_ASN1_SET)
-#define SEC_ASN1_ANY_CONTENTS (SEC_ASN1_ANY | SEC_ASN1_INNER)
-
-
-/*
-** Function used for SEC_ASN1_DYNAMIC.
-** "arg" is a pointer to the structure being encoded/decoded
-** "enc", when true, means that we are encoding (false means decoding)
-*/
-typedef const SEC_ASN1Template * SEC_ASN1TemplateChooser(void *arg, PRBool enc);
-typedef SEC_ASN1TemplateChooser * SEC_ASN1TemplateChooserPtr;
-
-#if defined(_WIN32)
-#define SEC_ASN1_GET(x) NSS_Get_##x(NULL, PR_FALSE)
-#define SEC_ASN1_SUB(x) &p_NSS_Get_##x
-#define SEC_ASN1_XTRN SEC_ASN1_DYNAMIC
-#define SEC_ASN1_MKSUB(x) \
-static const SEC_ASN1TemplateChooserPtr p_NSS_Get_##x = &NSS_Get_##x;
-#else
-#define SEC_ASN1_GET(x) x
-#define SEC_ASN1_SUB(x) x
-#define SEC_ASN1_XTRN 0
-#define SEC_ASN1_MKSUB(x)
-#endif
-
-#define SEC_ASN1_CHOOSER_DECLARE(x) \
-extern const SEC_ASN1Template * NSS_Get_##x (void *arg, PRBool enc);
-
-#define SEC_ASN1_CHOOSER_IMPLEMENT(x) \
-const SEC_ASN1Template * NSS_Get_##x(void * arg, PRBool enc) \
-{ return x; }
-
-/*
-** Opaque object used by the decoder to store state.
-*/
-typedef struct sec_DecoderContext_struct SEC_ASN1DecoderContext;
-
-/*
-** Opaque object used by the encoder to store state.
-*/
-typedef struct sec_EncoderContext_struct SEC_ASN1EncoderContext;
-
-/*
- * This is used to describe to a filter function the bytes that are
- * being passed to it. This is only useful when the filter is an "outer"
- * one, meaning it expects to get *all* of the bytes not just the
- * contents octets.
- */
-typedef enum {
- SEC_ASN1_Identifier = 0,
- SEC_ASN1_Length = 1,
- SEC_ASN1_Contents = 2,
- SEC_ASN1_EndOfContents = 3
-} SEC_ASN1EncodingPart;
-
-/*
- * Type of the function pointer used either for decoding or encoding,
- * when doing anything "funny" (e.g. manipulating the data stream)
- */
-typedef void (* SEC_ASN1NotifyProc)(void *arg, PRBool before,
- void *dest, int real_depth);
-
-/*
- * Type of the function pointer used for grabbing encoded bytes.
- * This can be used during either encoding or decoding, as follows...
- *
- * When decoding, this can be used to filter the encoded bytes as they
- * are parsed. This is what you would do if you wanted to process the data
- * along the way (like to decrypt it, or to perform a hash on it in order
- * to do a signature check later). See SEC_ASN1DecoderSetFilterProc().
- * When processing only part of the encoded bytes is desired, you "watch"
- * for the field(s) you are interested in with a "notify proc" (see
- * SEC_ASN1DecoderSetNotifyProc()) and for even finer granularity (e.g. to
- * ignore all by the contents bytes) you pay attention to the "data_kind"
- * parameter.
- *
- * When encoding, this is the specification for the output function which
- * will receive the bytes as they are encoded. The output function can
- * perform any postprocessing necessary (like hashing (some of) the data
- * to create a digest that gets included at the end) as well as shoving
- * the data off wherever it needs to go. (In order to "tune" any processing,
- * you can set a "notify proc" as described above in the decoding case.)
- *
- * The parameters:
- * - "arg" is an opaque pointer that you provided at the same time you
- * specified a function of this type
- * - "data" is a buffer of length "len", containing the encoded bytes
- * - "depth" is how deep in a nested encoding we are (it is not usually
- * valuable, but can be useful sometimes so I included it)
- * - "data_kind" tells you if these bytes are part of the ASN.1 encoded
- * octets for identifier, length, contents, or end-of-contents
- */
-typedef void (* SEC_ASN1WriteProc)(void *arg,
- const char *data, unsigned long len,
- int depth, SEC_ASN1EncodingPart data_kind);
-
-#endif /* _SECASN1T_H_ */
diff --git a/security/nss/lib/util/secasn1u.c b/security/nss/lib/util/secasn1u.c
deleted file mode 100644
index 83673ca0b..000000000
--- a/security/nss/lib/util/secasn1u.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Utility routines to complement the ASN.1 encoding and decoding functions.
- *
- * $Id$
- */
-
-#include "secasn1.h"
-
-
-/*
- * We have a length that needs to be encoded; how many bytes will the
- * encoding take?
- *
- * The rules are that 0 - 0x7f takes one byte (the length itself is the
- * entire encoding); everything else takes one plus the number of bytes
- * in the length.
- */
-int
-SEC_ASN1LengthLength (unsigned long len)
-{
- int lenlen = 1;
-
- if (len > 0x7f) {
- do {
- lenlen++;
- len >>= 8;
- } while (len);
- }
-
- return lenlen;
-}
-
-
-/*
- * XXX Move over (and rewrite as appropriate) the rest of the
- * stuff in dersubr.c!
- */
-
-
-/*
- * Find the appropriate subtemplate for the given template.
- * This may involve calling a "chooser" function, or it may just
- * be right there. In either case, it is expected to *have* a
- * subtemplate; this is asserted in debug builds (in non-debug
- * builds, NULL will be returned).
- *
- * "thing" is a pointer to the structure being encoded/decoded
- * "encoding", when true, means that we are in the process of encoding
- * (as opposed to in the process of decoding)
- */
-const SEC_ASN1Template *
-SEC_ASN1GetSubtemplate (const SEC_ASN1Template *theTemplate, void *thing,
- PRBool encoding)
-{
- const SEC_ASN1Template *subt = NULL;
-
- PORT_Assert (theTemplate->sub != NULL);
- if (theTemplate->sub != NULL) {
- if (theTemplate->kind & SEC_ASN1_DYNAMIC) {
- SEC_ASN1TemplateChooserPtr chooserp;
-
- chooserp = *(SEC_ASN1TemplateChooserPtr *) theTemplate->sub;
- if (chooserp) {
- if (thing != NULL)
- thing = (char *)thing - theTemplate->offset;
- subt = (* chooserp)(thing, encoding);
- }
- } else {
- subt = (SEC_ASN1Template*)theTemplate->sub;
- }
- }
- return subt;
-}
diff --git a/security/nss/lib/util/seccomon.h b/security/nss/lib/util/seccomon.h
deleted file mode 100644
index 75ce628f0..000000000
--- a/security/nss/lib/util/seccomon.h
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * seccomon.h - common data structures for security libraries
- *
- * This file should have lowest-common-denominator datastructures
- * for security libraries. It should not be dependent on any other
- * headers, and should not require linking with any libraries.
- *
- * $Id$
- */
-
-#ifndef _SECCOMMON_H_
-#define _SECCOMMON_H_
-
-#include "prtypes.h"
-
-
-#ifdef __cplusplus
-# define SEC_BEGIN_PROTOS extern "C" {
-# define SEC_END_PROTOS }
-#else
-# define SEC_BEGIN_PROTOS
-# define SEC_END_PROTOS
-#endif
-
-#include "secport.h"
-
-typedef enum {
- siBuffer = 0,
- siClearDataBuffer = 1,
- siCipherDataBuffer = 2,
- siDERCertBuffer = 3,
- siEncodedCertBuffer = 4,
- siDERNameBuffer = 5,
- siEncodedNameBuffer = 6,
- siAsciiNameString = 7,
- siAsciiString = 8,
- siDEROID = 9
-} SECItemType;
-
-typedef struct SECItemStr SECItem;
-
-struct SECItemStr {
- SECItemType type;
- unsigned char *data;
- unsigned int len;
-};
-
-/*
-** A status code. Status's are used by procedures that return status
-** values. Again the motivation is so that a compiler can generate
-** warnings when return values are wrong. Correct testing of status codes:
-**
-** SECStatus rv;
-** rv = some_function (some_argument);
-** if (rv != SECSuccess)
-** do_an_error_thing();
-**
-*/
-typedef enum _SECStatus {
- SECWouldBlock = -2,
- SECFailure = -1,
- SECSuccess = 0
-} SECStatus;
-
-/*
-** A comparison code. Used for procedures that return comparision
-** values. Again the motivation is so that a compiler can generate
-** warnings when return values are wrong.
-*/
-typedef enum _SECComparison {
- SECLessThan = -1,
- SECEqual = 0,
- SECGreaterThan = 1
-} SECComparison;
-
-#endif /* _SECCOMMON_H_ */
diff --git a/security/nss/lib/util/secder.h b/security/nss/lib/util/secder.h
deleted file mode 100644
index 3f957ab9c..000000000
--- a/security/nss/lib/util/secder.h
+++ /dev/null
@@ -1,193 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECDER_H_
-#define _SECDER_H_
-
-/*
- * secder.h - public data structures and prototypes for the DER encoding and
- * decoding utilities library
- *
- * $Id$
- */
-
-#include <time.h>
-#include "plarena.h"
-#include "prlong.h"
-
-#include "seccomon.h"
-#include "secdert.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Decode a piece of der encoded data.
-** "dest" points to a structure that will be filled in with the
-** decoding results. (NOTE: it should be zeroed before calling;
-** optional/missing fields are not zero-filled by DER_Decode.)
-** "t" is a template structure which defines the shape of the
-** expected data.
-** "src" is the der encoded data.
-** NOTE: substructures of "dest" will be allocated as needed from
-** "arena", but data subfields will point directly into the buffer
-** passed in as src->data. That is, the resulting "dest" structure
-** will contain pointers back into src->data, which must remain
-** active (allocated) and unmodified for as long as "dest" is active.
-** If this is a potential problem, you may want to just dup the buffer
-** (allocated from "arena", probably) and pass *that* in instead.
-*/
-extern SECStatus DER_Decode(PRArenaPool *arena, void *dest, DERTemplate *t,
- SECItem *src);
-
-/*
-** Encode a data structure into DER.
-** "dest" will be filled in (and memory allocated) to hold the der
-** encoded structure in "src"
-** "t" is a template structure which defines the shape of the
-** stored data
-** "src" is a pointer to the structure that will be encoded
-*/
-extern SECStatus DER_Encode(PRArenaPool *arena, SECItem *dest, DERTemplate *t,
- void *src);
-
-extern SECStatus DER_Lengths(SECItem *item, int *header_len_p, uint32 *contents_len_p);
-
-/*
-** Lower level der subroutine that stores the standard header into "to".
-** The header is of variable length, based on encodingLen.
-** The return value is the new value of "to" after skipping over the header.
-** "to" is where the header will be stored
-** "code" is the der code to write
-** "encodingLen" is the number of bytes of data that will follow
-** the header
-*/
-extern unsigned char *DER_StoreHeader(unsigned char *to, unsigned int code,
- uint32 encodingLen);
-
-/*
-** Return the number of bytes it will take to hold a der encoded length.
-*/
-extern int DER_LengthLength(uint32 len);
-
-/*
-** Store a der encoded *signed* integer (whose value is "src") into "dst".
-** XXX This should really be enhanced to take a long.
-*/
-extern SECStatus DER_SetInteger(PRArenaPool *arena, SECItem *dst, int32 src);
-
-/*
-** Store a der encoded *unsigned* integer (whose value is "src") into "dst".
-** XXX This should really be enhanced to take an unsigned long.
-*/
-extern SECStatus DER_SetUInteger(PRArenaPool *arena, SECItem *dst, uint32 src);
-
-/*
-** Decode a der encoded *signed* integer that is stored in "src".
-** If "-1" is returned, then the caller should check the error in
-** XP_GetError() to see if an overflow occurred (SEC_ERROR_BAD_DER).
-*/
-extern long DER_GetInteger(SECItem *src);
-
-/*
-** Decode a der encoded *unsigned* integer that is stored in "src".
-** If the ULONG_MAX is returned, then the caller should check the error
-** in XP_GetError() to see if an overflow occurred (SEC_ERROR_BAD_DER).
-*/
-extern unsigned long DER_GetUInteger(SECItem *src);
-
-/*
-** Convert a "UNIX" time value to a der encoded time value.
-** "result" is the der encoded time (memory is allocated)
-** "time" is the "UNIX" time value (Since Jan 1st, 1970).
-** The caller is responsible for freeing up the buffer which
-** result->data points to upon a successfull operation.
-*/
-extern SECStatus DER_TimeToUTCTime(SECItem *result, int64 time);
-
-/*
-** Convert an ascii encoded time value (according to DER rules) into
-** a UNIX time value.
-** "result" the resulting "UNIX" time
-** "string" the der notation ascii value to decode
-*/
-extern SECStatus DER_AsciiToTime(int64 *result, char *string);
-
-/*
-** Same as DER_AsciiToTime except takes an SECItem instead of a string
-*/
-extern SECStatus DER_UTCTimeToTime(int64 *result, SECItem *time);
-
-/*
-** Convert a DER encoded UTC time to an ascii time representation
-** "utctime" is the DER encoded UTC time to be converted. The
-** caller is responsible for deallocating the returned buffer.
-*/
-extern char *DER_UTCTimeToAscii(SECItem *utcTime);
-
-/*
-** Convert a DER encoded UTC time to an ascii time representation, but only
-** include the day, not the time.
-** "utctime" is the DER encoded UTC time to be converted.
-** The caller is responsible for deallocating the returned buffer.
-*/
-extern char *DER_UTCDayToAscii(SECItem *utctime);
-
-/*
-** Convert a int64 time to a DER encoded Generalized time
-*/
-extern SECStatus DER_TimeToGeneralizedTime(SECItem *dst, int64 gmttime);
-
-/*
-** Convert a DER encoded Generalized time value into a UNIX time value.
-** "dst" the resulting "UNIX" time
-** "string" the der notation ascii value to decode
-*/
-extern SECStatus DER_GeneralizedTimeToTime(int64 *dst, SECItem *time);
-
-/*
-** Convert from a int64 UTC time value to a formatted ascii value. The
-** caller is responsible for deallocating the returned buffer.
-*/
-extern char *CERT_UTCTime2FormattedAscii (int64 utcTime, char *format);
-
-
-/*
-** Convert from a int64 Generalized time value to a formatted ascii value. The
-** caller is responsible for deallocating the returned buffer.
-*/
-extern char *CERT_GenTime2FormattedAscii (int64 genTime, char *format);
-
-SEC_END_PROTOS
-
-#endif /* _SECDER_H_ */
-
diff --git a/security/nss/lib/util/secdert.h b/security/nss/lib/util/secdert.h
deleted file mode 100644
index 86f3451cf..000000000
--- a/security/nss/lib/util/secdert.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECDERT_H_
-#define _SECDERT_H_
-/*
- * secdert.h - public data structures for the DER encoding and
- * decoding utilities library
- *
- * $Id$
- */
-
-typedef struct DERTemplateStr DERTemplate;
-
-/*
-** An array of these structures defines an encoding for an object using DER.
-** The array usually starts with a dummy entry whose kind is DER_SEQUENCE;
-** such an array is terminated with an entry where kind == 0. (An array
-** which consists of a single component does not require a second dummy
-** entry -- the array is only searched as long as previous component(s)
-** instruct it.)
-*/
-struct DERTemplateStr {
- /*
- ** Kind of item being decoded/encoded, including tags and modifiers.
- */
- unsigned long kind;
-
- /*
- ** Offset from base of structure to field that holds the value
- ** being decoded/encoded.
- */
- unsigned int offset;
-
- /*
- ** When kind suggests it (DER_POINTER, DER_INDEFINITE, DER_INLINE),
- ** this points to a sub-template for nested encoding/decoding.
- */
- DERTemplate *sub;
-
- /*
- ** Argument value, dependent on "kind" and/or template placement
- ** within an array of templates:
- ** - In the first element of a template array, the value is the
- ** size of the structure to allocate when this template is being
- ** referenced by another template via DER_POINTER or DER_INDEFINITE.
- ** - In a component of a DER_SET or DER_SEQUENCE which is *not* a
- ** DER_UNIVERSAL type (that is, it has a class tag for either
- ** DER_APPLICATION, DER_CONTEXT_SPECIFIC, or DER_PRIVATE), the
- ** value is the underlying type of item being decoded/encoded.
- */
- unsigned long arg;
-};
-
-/************************************************************************/
-
-/* default chunksize for arenas used for DER stuff */
-#define DER_DEFAULT_CHUNKSIZE (2048)
-
-/*
-** BER/DER values for ASN.1 identifier octets.
-*/
-#define DER_TAG_MASK 0xff
-
-/*
- * BER/DER universal type tag numbers.
- * The values are defined by the X.208 standard; do not change them!
- * NOTE: if you add anything to this list, you must add code to derdec.c
- * to accept the tag, and probably also to derenc.c to encode it.
- */
-#define DER_TAGNUM_MASK 0x1f
-#define DER_BOOLEAN 0x01
-#define DER_INTEGER 0x02
-#define DER_BIT_STRING 0x03
-#define DER_OCTET_STRING 0x04
-#define DER_NULL 0x05
-#define DER_OBJECT_ID 0x06
-#define DER_SEQUENCE 0x10
-#define DER_SET 0x11
-#define DER_PRINTABLE_STRING 0x13
-#define DER_T61_STRING 0x14
-#define DER_IA5_STRING 0x16
-#define DER_UTC_TIME 0x17
-#define DER_VISIBLE_STRING 0x1a
-#define DER_HIGH_TAG_NUMBER 0x1f
-
-/*
-** Modifiers to type tags. These are also specified by a/the
-** standard, and must not be changed.
-*/
-
-#define DER_METHOD_MASK 0x20
-#define DER_PRIMITIVE 0x00
-#define DER_CONSTRUCTED 0x20
-
-#define DER_CLASS_MASK 0xc0
-#define DER_UNIVERSAL 0x00
-#define DER_APPLICATION 0x40
-#define DER_CONTEXT_SPECIFIC 0x80
-#define DER_PRIVATE 0xc0
-
-/*
-** Our additions, used for templates.
-** These are not defined by any standard; the values are used internally only.
-** Just be careful to keep them out of the low 8 bits.
-*/
-#define DER_OPTIONAL 0x00100
-#define DER_EXPLICIT 0x00200
-#define DER_ANY 0x00400
-#define DER_INLINE 0x00800
-#define DER_POINTER 0x01000
-#define DER_INDEFINITE 0x02000
-#define DER_DERPTR 0x04000
-#define DER_SKIP 0x08000
-#define DER_FORCE 0x10000
-#define DER_OUTER 0x40000 /* for DER_DERPTR */
-
-/*
-** Macro to convert der decoded bit string into a decoded octet
-** string. All it needs to do is fiddle with the length code.
-*/
-#define DER_ConvertBitString(item) \
-{ \
- (item)->len = ((item)->len + 7) >> 3; \
-}
-
-extern DERTemplate SECAnyTemplate[];
-extern DERTemplate SECBitStringTemplate[];
-extern DERTemplate SECBooleanTemplate[];
-extern DERTemplate SECIA5StringTemplate[];
-extern DERTemplate SECIntegerTemplate[];
-extern DERTemplate SECNullTemplate[];
-extern DERTemplate SECObjectIDTemplate[];
-extern DERTemplate SECOctetStringTemplate[];
-extern DERTemplate SECPrintableStringTemplate[];
-extern DERTemplate SECT61StringTemplate[];
-extern DERTemplate SECUTCTimeTemplate[];
-extern DERTemplate SECAlgorithmIDTemplate[];
-
-#endif /* _SECDERT_H_ */
diff --git a/security/nss/lib/util/secdig.c b/security/nss/lib/util/secdig.c
deleted file mode 100644
index 056068222..000000000
--- a/security/nss/lib/util/secdig.c
+++ /dev/null
@@ -1,232 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-#include "secdig.h"
-
-#include "secoid.h"
-#include "secasn1.h"
-#include "secerr.h"
-
-/*
- * XXX OLD Template. Once all uses have been switched over to new one,
- * remove this.
- */
-DERTemplate SGNDigestInfoTemplate[] = {
- { DER_SEQUENCE,
- 0, NULL, sizeof(SGNDigestInfo) },
- { DER_INLINE,
- offsetof(SGNDigestInfo,digestAlgorithm),
- SECAlgorithmIDTemplate, },
- { DER_OCTET_STRING,
- offsetof(SGNDigestInfo,digest), },
- { 0, }
-};
-
-/* XXX See comment below about SGN_DecodeDigestInfo -- keep this static! */
-/* XXX Changed from static -- need to change name? */
-const SEC_ASN1Template sgn_DigestInfoTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(SGNDigestInfo) },
- { SEC_ASN1_INLINE,
- offsetof(SGNDigestInfo,digestAlgorithm),
- SECOID_AlgorithmIDTemplate },
- { SEC_ASN1_OCTET_STRING,
- offsetof(SGNDigestInfo,digest) },
- { 0 }
-};
-
-SEC_ASN1_CHOOSER_IMPLEMENT(sgn_DigestInfoTemplate)
-
-/*
- * XXX Want to have a SGN_DecodeDigestInfo, like:
- * SGNDigestInfo *SGN_DecodeDigestInfo(SECItem *didata);
- * that creates a pool and allocates from it and decodes didata into
- * the newly allocated DigestInfo structure. Then fix secvfy.c (it
- * will no longer need an arena itself) to call this and then call
- * DestroyDigestInfo when it is done, then can remove the old template
- * above and keep our new template static and "hidden".
- */
-
-/*
- * XXX It might be nice to combine the following two functions (create
- * and encode). I think that is all anybody ever wants to do anyway.
- */
-
-SECItem *
-SGN_EncodeDigestInfo(PRArenaPool *poolp, SECItem *dest, SGNDigestInfo *diginfo)
-{
- return SEC_ASN1EncodeItem (poolp, dest, diginfo, sgn_DigestInfoTemplate);
-}
-
-SGNDigestInfo *
-SGN_CreateDigestInfo(SECOidTag algorithm, unsigned char *sig, unsigned len)
-{
- SGNDigestInfo *di;
- SECStatus rv;
- PRArenaPool *arena;
- SECItem *null_param;
- SECItem dummy_value;
-
- switch (algorithm) {
- case SEC_OID_MD2:
- case SEC_OID_MD5:
- case SEC_OID_SHA1:
- break;
- default:
- PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
- return NULL;
- }
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (arena == NULL) {
- return NULL;
- }
-
- di = (SGNDigestInfo *) PORT_ArenaZAlloc(arena, sizeof(SGNDigestInfo));
- if (di == NULL) {
- PORT_FreeArena(arena, PR_FALSE);
- return NULL;
- }
-
- di->arena = arena;
-
- /*
- * PKCS #1 specifies that the AlgorithmID must have a NULL parameter
- * (as opposed to no parameter at all).
- */
- dummy_value.data = NULL;
- dummy_value.len = 0;
- null_param = SEC_ASN1EncodeItem(NULL, NULL, &dummy_value, SEC_NullTemplate);
- if (null_param == NULL) {
- goto loser;
- }
-
- rv = SECOID_SetAlgorithmID(arena, &di->digestAlgorithm, algorithm,
- null_param);
-
- SECITEM_FreeItem(null_param, PR_TRUE);
-
- if (rv != SECSuccess) {
- goto loser;
- }
-
- di->digest.data = (unsigned char *) PORT_ArenaAlloc(arena, len);
- if (di->digest.data == NULL) {
- goto loser;
- }
-
- di->digest.len = len;
- PORT_Memcpy(di->digest.data, sig, len);
- return di;
-
- loser:
- SGN_DestroyDigestInfo(di);
- return NULL;
-}
-
-SGNDigestInfo *
-SGN_DecodeDigestInfo(SECItem *didata)
-{
- PRArenaPool *arena;
- SGNDigestInfo *di;
- SECStatus rv = SECFailure;
-
- arena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
- if(arena == NULL)
- return NULL;
-
- di = (SGNDigestInfo *)PORT_ArenaZAlloc(arena, sizeof(SGNDigestInfo));
- if(di != NULL)
- {
- di->arena = arena;
- rv = SEC_ASN1DecodeItem(arena, di, sgn_DigestInfoTemplate, didata);
- }
-
- if((di == NULL) || (rv != SECSuccess))
- {
- PORT_FreeArena(arena, PR_TRUE);
- di = NULL;
- }
-
- return di;
-}
-
-void
-SGN_DestroyDigestInfo(SGNDigestInfo *di)
-{
- if (di && di->arena) {
- PORT_FreeArena(di->arena, PR_FALSE);
- }
-
- return;
-}
-
-SECStatus
-SGN_CopyDigestInfo(PRArenaPool *poolp, SGNDigestInfo *a, SGNDigestInfo *b)
-{
- SECStatus rv;
- void *mark;
-
- if((poolp == NULL) || (a == NULL) || (b == NULL))
- return SECFailure;
-
- mark = PORT_ArenaMark(poolp);
- a->arena = poolp;
- rv = SECOID_CopyAlgorithmID(poolp, &a->digestAlgorithm,
- &b->digestAlgorithm);
- if (rv == SECSuccess)
- rv = SECITEM_CopyItem(poolp, &a->digest, &b->digest);
-
- if (rv != SECSuccess) {
- PORT_ArenaRelease(poolp, mark);
- } else {
- PORT_ArenaUnmark(poolp, mark);
- }
-
- return rv;
-}
-
-SECComparison
-SGN_CompareDigestInfo(SGNDigestInfo *a, SGNDigestInfo *b)
-{
- SECComparison rv;
-
- /* Check signature algorithm's */
- rv = SECOID_CompareAlgorithmID(&a->digestAlgorithm, &b->digestAlgorithm);
- if (rv) return rv;
-
- /* Compare signature block length's */
- rv = SECITEM_CompareItem(&a->digest, &b->digest);
- return rv;
-}
diff --git a/security/nss/lib/util/secdig.h b/security/nss/lib/util/secdig.h
deleted file mode 100644
index 048604554..000000000
--- a/security/nss/lib/util/secdig.h
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * crypto.h - public data structures and prototypes for the crypto library
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SECDIG_H_
-#define _SECDIG_H_
-
-#include "secdigt.h"
-
-#include "seccomon.h"
-#include "secasn1t.h"
-#include "secdert.h"
-
-SEC_BEGIN_PROTOS
-
-
-extern const SEC_ASN1Template sgn_DigestInfoTemplate[];
-
-SEC_ASN1_CHOOSER_DECLARE(sgn_DigestInfoTemplate)
-
-extern DERTemplate SGNDigestInfoTemplate[];
-
-
-/****************************************/
-/*
-** Digest-info functions
-*/
-
-/*
-** Create a new digest-info object
-** "algorithm" one of SEC_OID_MD2, SEC_OID_MD5, or SEC_OID_SHA1
-** "sig" the raw signature data (from MD2 or MD5)
-** "sigLen" the length of the signature data
-**
-** NOTE: this is a low level routine used to prepare some data for PKCS#1
-** digital signature formatting.
-**
-** XXX It might be nice to combine the create and encode functions.
-** I think that is all anybody ever wants to do anyway.
-*/
-extern SGNDigestInfo *SGN_CreateDigestInfo(SECOidTag algorithm,
- unsigned char *sig,
- unsigned int sigLen);
-
-/*
-** Destroy a digest-info object
-*/
-extern void SGN_DestroyDigestInfo(SGNDigestInfo *info);
-
-/*
-** Encode a digest-info object
-** "poolp" is where to allocate the result from; it can be NULL in
-** which case generic heap allocation (XP_ALLOC) will be used
-** "dest" is where to store the result; it can be NULL, in which case
-** it will be allocated (from poolp or heap, as explained above)
-** "diginfo" is the object to be encoded
-** The return value is NULL if any error occurred, otherwise it is the
-** resulting SECItem (either allocated or the same as the "dest" parameter).
-**
-** XXX It might be nice to combine the create and encode functions.
-** I think that is all anybody ever wants to do anyway.
-*/
-extern SECItem *SGN_EncodeDigestInfo(PRArenaPool *poolp, SECItem *dest,
- SGNDigestInfo *diginfo);
-
-/*
-** Decode a DER encoded digest info objct.
-** didata is thr source of the encoded digest.
-** The return value is NULL if an error occurs. Otherwise, a
-** digest info object which is allocated within it's own
-** pool is returned. The digest info should be deleted
-** by later calling SGN_DestroyDigestInfo.
-*/
-extern SGNDigestInfo *SGN_DecodeDigestInfo(SECItem *didata);
-
-
-/*
-** Copy digest info.
-** poolp is the arena to which the digest will be copied.
-** a is the destination digest, it must be non-NULL.
-** b is the source digest
-** This function is for copying digests. It allows digests
-** to be copied into a specified pool. If the digest is in
-** the same pool as other data, you do not want to delete
-** the digest by calling SGN_DestroyDigestInfo.
-** A return value of SECFailure indicates an error. A return
-** of SECSuccess indicates no error occured.
-*/
-extern SECStatus SGN_CopyDigestInfo(PRArenaPool *poolp,
- SGNDigestInfo *a,
- SGNDigestInfo *b);
-
-/*
-** Compare two digest-info objects, returning the difference between
-** them.
-*/
-extern SECComparison SGN_CompareDigestInfo(SGNDigestInfo *a, SGNDigestInfo *b);
-
-
-SEC_END_PROTOS
-
-#endif /* _SECDIG_H_ */
diff --git a/security/nss/lib/util/secdigt.h b/security/nss/lib/util/secdigt.h
deleted file mode 100644
index fea6daa99..000000000
--- a/security/nss/lib/util/secdigt.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * secdigt.h - public data structures for digestinfos from the util lib.
- *
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- *
- * $Id$
- */
-
-#ifndef _SECDIGT_H_
-#define _SECDIGT_H_
-
-#include "plarena.h"
-#include "secoidt.h"
-#include "secitem.h"
-
-/*
-** A PKCS#1 digest-info object
-*/
-struct SGNDigestInfoStr {
- PLArenaPool * arena;
- SECAlgorithmID digestAlgorithm;
- SECItem digest;
-};
-typedef struct SGNDigestInfoStr SGNDigestInfo;
-
-
-
-#endif /* _SECDIGT_H_ */
diff --git a/security/nss/lib/util/secerr.h b/security/nss/lib/util/secerr.h
deleted file mode 100644
index ff9c784ee..000000000
--- a/security/nss/lib/util/secerr.h
+++ /dev/null
@@ -1,187 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __SEC_ERR_H_
-#define __SEC_ERR_H_
-
-
-#define SEC_ERROR_BASE (-0x2000)
-#define SEC_ERROR_LIMIT (SEC_ERROR_BASE + 1000)
-
-#define IS_SEC_ERROR(code) \
- (((code) >= SEC_ERROR_BASE) && ((code) < SEC_ERROR_LIMIT))
-
-#ifndef NO_SECURITY_ERROR_ENUM
-typedef enum {
-SEC_ERROR_IO = SEC_ERROR_BASE + 0,
-SEC_ERROR_LIBRARY_FAILURE = SEC_ERROR_BASE + 1,
-SEC_ERROR_BAD_DATA = SEC_ERROR_BASE + 2,
-SEC_ERROR_OUTPUT_LEN = SEC_ERROR_BASE + 3,
-SEC_ERROR_INPUT_LEN = SEC_ERROR_BASE + 4,
-SEC_ERROR_INVALID_ARGS = SEC_ERROR_BASE + 5,
-SEC_ERROR_INVALID_ALGORITHM = SEC_ERROR_BASE + 6,
-SEC_ERROR_INVALID_AVA = SEC_ERROR_BASE + 7,
-SEC_ERROR_INVALID_TIME = SEC_ERROR_BASE + 8,
-SEC_ERROR_BAD_DER = SEC_ERROR_BASE + 9,
-SEC_ERROR_BAD_SIGNATURE = SEC_ERROR_BASE + 10,
-SEC_ERROR_EXPIRED_CERTIFICATE = SEC_ERROR_BASE + 11,
-SEC_ERROR_REVOKED_CERTIFICATE = SEC_ERROR_BASE + 12,
-SEC_ERROR_UNKNOWN_ISSUER = SEC_ERROR_BASE + 13,
-SEC_ERROR_BAD_KEY = SEC_ERROR_BASE + 14,
-SEC_ERROR_BAD_PASSWORD = SEC_ERROR_BASE + 15,
-SEC_ERROR_RETRY_PASSWORD = SEC_ERROR_BASE + 16,
-SEC_ERROR_NO_NODELOCK = SEC_ERROR_BASE + 17,
-SEC_ERROR_BAD_DATABASE = SEC_ERROR_BASE + 18,
-SEC_ERROR_NO_MEMORY = SEC_ERROR_BASE + 19,
-SEC_ERROR_UNTRUSTED_ISSUER = SEC_ERROR_BASE + 20,
-SEC_ERROR_UNTRUSTED_CERT = SEC_ERROR_BASE + 21,
-SEC_ERROR_DUPLICATE_CERT = (SEC_ERROR_BASE + 22),
-SEC_ERROR_DUPLICATE_CERT_NAME = (SEC_ERROR_BASE + 23),
-SEC_ERROR_ADDING_CERT = (SEC_ERROR_BASE + 24),
-SEC_ERROR_FILING_KEY = (SEC_ERROR_BASE + 25),
-SEC_ERROR_NO_KEY = (SEC_ERROR_BASE + 26),
-SEC_ERROR_CERT_VALID = (SEC_ERROR_BASE + 27),
-SEC_ERROR_CERT_NOT_VALID = (SEC_ERROR_BASE + 28),
-SEC_ERROR_CERT_NO_RESPONSE = (SEC_ERROR_BASE + 29),
-SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE = (SEC_ERROR_BASE + 30),
-SEC_ERROR_CRL_EXPIRED = (SEC_ERROR_BASE + 31),
-SEC_ERROR_CRL_BAD_SIGNATURE = (SEC_ERROR_BASE + 32),
-SEC_ERROR_CRL_INVALID = (SEC_ERROR_BASE + 33),
-SEC_ERROR_EXTENSION_VALUE_INVALID = (SEC_ERROR_BASE + 34),
-SEC_ERROR_EXTENSION_NOT_FOUND = (SEC_ERROR_BASE + 35),
-SEC_ERROR_CA_CERT_INVALID = (SEC_ERROR_BASE + 36),
-SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID = (SEC_ERROR_BASE + 37),
-SEC_ERROR_CERT_USAGES_INVALID = (SEC_ERROR_BASE + 38),
-SEC_INTERNAL_ONLY = (SEC_ERROR_BASE + 39),
-SEC_ERROR_INVALID_KEY = (SEC_ERROR_BASE + 40),
-SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION = (SEC_ERROR_BASE + 41),
-SEC_ERROR_OLD_CRL = (SEC_ERROR_BASE + 42),
-SEC_ERROR_NO_EMAIL_CERT = (SEC_ERROR_BASE + 43),
-SEC_ERROR_NO_RECIPIENT_CERTS_QUERY = (SEC_ERROR_BASE + 44),
-SEC_ERROR_NOT_A_RECIPIENT = (SEC_ERROR_BASE + 45),
-SEC_ERROR_PKCS7_KEYALG_MISMATCH = (SEC_ERROR_BASE + 46),
-SEC_ERROR_PKCS7_BAD_SIGNATURE = (SEC_ERROR_BASE + 47),
-SEC_ERROR_UNSUPPORTED_KEYALG = (SEC_ERROR_BASE + 48),
-SEC_ERROR_DECRYPTION_DISALLOWED = (SEC_ERROR_BASE + 49),
-/* Fortezza Alerts */
-XP_SEC_FORTEZZA_BAD_CARD = (SEC_ERROR_BASE + 50),
-XP_SEC_FORTEZZA_NO_CARD = (SEC_ERROR_BASE + 51),
-XP_SEC_FORTEZZA_NONE_SELECTED = (SEC_ERROR_BASE + 52),
-XP_SEC_FORTEZZA_MORE_INFO = (SEC_ERROR_BASE + 53),
-XP_SEC_FORTEZZA_PERSON_NOT_FOUND = (SEC_ERROR_BASE + 54),
-XP_SEC_FORTEZZA_NO_MORE_INFO = (SEC_ERROR_BASE + 55),
-XP_SEC_FORTEZZA_BAD_PIN = (SEC_ERROR_BASE + 56),
-XP_SEC_FORTEZZA_PERSON_ERROR = (SEC_ERROR_BASE + 57),
-SEC_ERROR_NO_KRL = (SEC_ERROR_BASE + 58),
-SEC_ERROR_KRL_EXPIRED = (SEC_ERROR_BASE + 59),
-SEC_ERROR_KRL_BAD_SIGNATURE = (SEC_ERROR_BASE + 60),
-SEC_ERROR_REVOKED_KEY = (SEC_ERROR_BASE + 61),
-SEC_ERROR_KRL_INVALID = (SEC_ERROR_BASE + 62),
-SEC_ERROR_NEED_RANDOM = (SEC_ERROR_BASE + 63),
-SEC_ERROR_NO_MODULE = (SEC_ERROR_BASE + 64),
-SEC_ERROR_NO_TOKEN = (SEC_ERROR_BASE + 65),
-SEC_ERROR_READ_ONLY = (SEC_ERROR_BASE + 66),
-SEC_ERROR_NO_SLOT_SELECTED = (SEC_ERROR_BASE + 67),
-SEC_ERROR_CERT_NICKNAME_COLLISION = (SEC_ERROR_BASE + 68),
-SEC_ERROR_KEY_NICKNAME_COLLISION = (SEC_ERROR_BASE + 69),
-SEC_ERROR_SAFE_NOT_CREATED = (SEC_ERROR_BASE + 70),
-SEC_ERROR_BAGGAGE_NOT_CREATED = (SEC_ERROR_BASE + 71),
-XP_JAVA_REMOVE_PRINCIPAL_ERROR = (SEC_ERROR_BASE + 72),
-XP_JAVA_DELETE_PRIVILEGE_ERROR = (SEC_ERROR_BASE + 73),
-XP_JAVA_CERT_NOT_EXISTS_ERROR = (SEC_ERROR_BASE + 74),
-SEC_ERROR_BAD_EXPORT_ALGORITHM = (SEC_ERROR_BASE + 75),
-SEC_ERROR_EXPORTING_CERTIFICATES = (SEC_ERROR_BASE + 76),
-SEC_ERROR_IMPORTING_CERTIFICATES = (SEC_ERROR_BASE + 77),
-SEC_ERROR_PKCS12_DECODING_PFX = (SEC_ERROR_BASE + 78),
-SEC_ERROR_PKCS12_INVALID_MAC = (SEC_ERROR_BASE + 79),
-SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM = (SEC_ERROR_BASE + 80),
-SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE = (SEC_ERROR_BASE + 81),
-SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE = (SEC_ERROR_BASE + 82),
-SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM = (SEC_ERROR_BASE + 83),
-SEC_ERROR_PKCS12_UNSUPPORTED_VERSION = (SEC_ERROR_BASE + 84),
-SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT = (SEC_ERROR_BASE + 85),
-SEC_ERROR_PKCS12_CERT_COLLISION = (SEC_ERROR_BASE + 86),
-SEC_ERROR_USER_CANCELLED = (SEC_ERROR_BASE + 87),
-SEC_ERROR_PKCS12_DUPLICATE_DATA = (SEC_ERROR_BASE + 88),
-SEC_ERROR_MESSAGE_SEND_ABORTED = (SEC_ERROR_BASE + 89),
-SEC_ERROR_INADEQUATE_KEY_USAGE = (SEC_ERROR_BASE + 90),
-SEC_ERROR_INADEQUATE_CERT_TYPE = (SEC_ERROR_BASE + 91),
-SEC_ERROR_CERT_ADDR_MISMATCH = (SEC_ERROR_BASE + 92),
-SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY = (SEC_ERROR_BASE + 93),
-SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN = (SEC_ERROR_BASE + 94),
-SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME = (SEC_ERROR_BASE + 95),
-SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY = (SEC_ERROR_BASE + 96),
-SEC_ERROR_PKCS12_UNABLE_TO_WRITE = (SEC_ERROR_BASE + 97),
-SEC_ERROR_PKCS12_UNABLE_TO_READ = (SEC_ERROR_BASE + 98),
-SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED = (SEC_ERROR_BASE + 99),
-SEC_ERROR_KEYGEN_FAIL = (SEC_ERROR_BASE + 100),
-SEC_ERROR_INVALID_PASSWORD = (SEC_ERROR_BASE + 101),
-SEC_ERROR_RETRY_OLD_PASSWORD = (SEC_ERROR_BASE + 102),
-SEC_ERROR_BAD_NICKNAME = (SEC_ERROR_BASE + 103),
-SEC_ERROR_NOT_FORTEZZA_ISSUER = (SEC_ERROR_BASE + 104),
-SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY = (SEC_ERROR_BASE + 105),
-SEC_ERROR_JS_INVALID_MODULE_NAME = (SEC_ERROR_BASE + 106),
-SEC_ERROR_JS_INVALID_DLL = (SEC_ERROR_BASE + 107),
-SEC_ERROR_JS_ADD_MOD_FAILURE = (SEC_ERROR_BASE + 108),
-SEC_ERROR_JS_DEL_MOD_FAILURE = (SEC_ERROR_BASE + 109),
-SEC_ERROR_OLD_KRL = (SEC_ERROR_BASE + 110),
-SEC_ERROR_CKL_CONFLICT = (SEC_ERROR_BASE + 111),
-SEC_ERROR_CERT_NOT_IN_NAME_SPACE = (SEC_ERROR_BASE + 112),
-SEC_ERROR_KRL_NOT_YET_VALID = (SEC_ERROR_BASE + 113),
-SEC_ERROR_CRL_NOT_YET_VALID = (SEC_ERROR_BASE + 114),
-SEC_ERROR_UNKNOWN_CERT = (SEC_ERROR_BASE + 115),
-SEC_ERROR_UNKNOWN_SIGNER = (SEC_ERROR_BASE + 116),
-SEC_ERROR_CERT_BAD_ACCESS_LOCATION = (SEC_ERROR_BASE + 117),
-SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE = (SEC_ERROR_BASE + 118),
-SEC_ERROR_OCSP_BAD_HTTP_RESPONSE = (SEC_ERROR_BASE + 119),
-SEC_ERROR_OCSP_MALFORMED_REQUEST = (SEC_ERROR_BASE + 120),
-SEC_ERROR_OCSP_SERVER_ERROR = (SEC_ERROR_BASE + 121),
-SEC_ERROR_OCSP_TRY_SERVER_LATER = (SEC_ERROR_BASE + 122),
-SEC_ERROR_OCSP_REQUEST_NEEDS_SIG = (SEC_ERROR_BASE + 123),
-SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST = (SEC_ERROR_BASE + 124),
-SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS = (SEC_ERROR_BASE + 125),
-SEC_ERROR_OCSP_UNKNOWN_CERT = (SEC_ERROR_BASE + 126),
-SEC_ERROR_OCSP_NOT_ENABLED = (SEC_ERROR_BASE + 127),
-SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER = (SEC_ERROR_BASE + 128),
-SEC_ERROR_OCSP_MALFORMED_RESPONSE = (SEC_ERROR_BASE + 129),
-SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE = (SEC_ERROR_BASE + 130),
-SEC_ERROR_OCSP_FUTURE_RESPONSE = (SEC_ERROR_BASE + 131),
-SEC_ERROR_OCSP_OLD_RESPONSE = (SEC_ERROR_BASE + 132),
-/* smime stuff */
-SEC_ERROR_DIGEST_NOT_FOUND = (SEC_ERROR_BASE + 133),
-SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE = (SEC_ERROR_BASE + 134)
-
-} SECErrorCodes;
-#endif /* NO_SECURITY_ERROR_ENUM */
-
-#endif /* __SEC_ERR_H_ */
diff --git a/security/nss/lib/util/secinit.c b/security/nss/lib/util/secinit.c
deleted file mode 100644
index a18b1243b..000000000
--- a/security/nss/lib/util/secinit.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "nspr.h"
-#include "secport.h"
-
-static int sec_inited = 0;
-
-void
-SEC_Init(void)
-{
- /* PR_Init() must be called before SEC_Init() */
-#if !defined(SERVER_BUILD)
- PORT_Assert(PR_Initialized() == PR_TRUE);
-#endif
- if (sec_inited)
- return;
-
- sec_inited = 1;
-}
diff --git a/security/nss/lib/util/secitem.c b/security/nss/lib/util/secitem.c
deleted file mode 100644
index ded548a00..000000000
--- a/security/nss/lib/util/secitem.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * Support routines for SECItem data structure.
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "secitem.h"
-#include "base64.h"
-#include "secerr.h"
-
-SECItem *
-SECITEM_AllocItem(PRArenaPool *arena, SECItem *item, unsigned int len)
-{
- SECItem *result = NULL;
- void *mark = NULL;
-
- if (arena != NULL) {
- mark = PORT_ArenaMark(arena);
- }
-
- if (item == NULL) {
- if (arena != NULL) {
- result = PORT_ArenaZAlloc(arena, sizeof(SECItem));
- } else {
- result = PORT_ZAlloc(sizeof(SECItem));
- }
- if (result == NULL) {
- goto loser;
- }
- } else {
- PORT_Assert(item->data == NULL);
- result = item;
- }
-
- result->len = len;
- if (len) {
- if (arena != NULL) {
- result->data = PORT_ArenaAlloc(arena, len);
- } else {
- result->data = PORT_Alloc(len);
- }
- }
-
- if (mark) {
- PORT_ArenaUnmark(arena, mark);
- }
- return(result);
-
-loser:
- if ( arena != NULL ) {
- if (mark) {
- PORT_ArenaRelease(arena, mark);
- }
- if (item != NULL) {
- item->data = NULL;
- item->len = 0;
- }
- } else {
- if (result != NULL) {
- SECITEM_FreeItem(result, (item == NULL) ? PR_TRUE : PR_FALSE);
- }
- }
- return(NULL);
-}
-
-SECStatus
-SECITEM_ReallocItem(PRArenaPool *arena, SECItem *item, unsigned int oldlen,
- unsigned int newlen)
-{
- PORT_Assert(item != NULL);
- if (item == NULL) {
- /* XXX Set error. But to what? */
- return SECFailure;
- }
-
- /*
- * If no old length, degenerate to just plain alloc.
- */
- if (oldlen == 0) {
- PORT_Assert(item->data == NULL || item->len == 0);
- if (newlen == 0) {
- /* Nothing to do. Weird, but not a failure. */
- return SECSuccess;
- }
- item->len = newlen;
- if (arena != NULL) {
- item->data = PORT_ArenaAlloc(arena, newlen);
- } else {
- item->data = PORT_Alloc(newlen);
- }
- } else {
- if (arena != NULL) {
- item->data = PORT_ArenaGrow(arena, item->data, oldlen, newlen);
- } else {
- item->data = PORT_Realloc(item->data, newlen);
- }
- }
-
- if (item->data == NULL) {
- return SECFailure;
- }
-
- return SECSuccess;
-}
-
-SECComparison
-SECITEM_CompareItem(const SECItem *a, const SECItem *b)
-{
- unsigned m;
- SECComparison rv;
-
- m = ( ( a->len < b->len ) ? a->len : b->len );
-
- rv = (SECComparison) PORT_Memcmp(a->data, b->data, m);
- if (rv) {
- return rv;
- }
- if (a->len < b->len) {
- return SECLessThan;
- }
- if (a->len == b->len) {
- return SECEqual;
- }
- return SECGreaterThan;
-}
-
-PRBool
-SECITEM_ItemsAreEqual(const SECItem *a, const SECItem *b)
-{
- if (SECITEM_CompareItem(a, b) == SECEqual)
- return PR_TRUE;
-
- return PR_FALSE;
-}
-
-SECItem *
-SECITEM_DupItem(const SECItem *from)
-{
- SECItem *to;
-
- if ( from == NULL ) {
- return(NULL);
- }
-
- to = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if ( to == NULL ) {
- return(NULL);
- }
-
- to->data = (unsigned char *)PORT_Alloc(from->len);
- if ( to->data == NULL ) {
- PORT_Free(to);
- return(NULL);
- }
-
- to->len = from->len;
- PORT_Memcpy(to->data, from->data, to->len);
-
- return(to);
-}
-
-SECStatus
-SECITEM_CopyItem(PRArenaPool *arena, SECItem *to, const SECItem *from)
-{
- if (from->data && from->len) {
- if ( arena ) {
- to->data = (unsigned char*) PORT_ArenaAlloc(arena, from->len);
- } else {
- to->data = (unsigned char*) PORT_Alloc(from->len);
- }
-
- if (!to->data) {
- return SECFailure;
- }
- PORT_Memcpy(to->data, from->data, from->len);
- to->len = from->len;
- } else {
- to->data = 0;
- to->len = 0;
- }
- return SECSuccess;
-}
-
-void
-SECITEM_FreeItem(SECItem *zap, PRBool freeit)
-{
- if (zap) {
- PORT_Free(zap->data);
- zap->data = 0;
- zap->len = 0;
- if (freeit) {
- PORT_Free(zap);
- }
- }
-}
-
-void
-SECITEM_ZfreeItem(SECItem *zap, PRBool freeit)
-{
- if (zap) {
- PORT_ZFree(zap->data, zap->len);
- zap->data = 0;
- zap->len = 0;
- if (freeit) {
- PORT_ZFree(zap, sizeof(SECItem));
- }
- }
-}
-/* these reroutines were taken from pkix oid.c, which is supposed to
- * replace this file some day */
-/*
- * This is the hash function. We simply XOR the encoded form with
- * itself in sizeof(PLHashNumber)-byte chunks. Improving this
- * routine is left as an excercise for the more mathematically
- * inclined student.
- */
-PLHashNumber PR_CALLBACK
-SECITEM_Hash ( const void *key)
-{
- const SECItem *item = (const SECItem *)key;
- PLHashNumber rv = 0;
-
- PRUint8 *data = (PRUint8 *)item->data;
- PRUint32 i;
- PRUint8 *rvc = (PRUint8 *)&rv;
-
- for( i = 0; i < item->len; i++ ) {
- rvc[ i % sizeof(rv) ] ^= *data;
- data++;
- }
-
- return rv;
-}
-
-/*
- * This is the key-compare function. It simply does a lexical
- * comparison on the item data. This does not result in
- * quite the same ordering as the "sequence of numbers" order,
- * but heck it's only used internally by the hash table anyway.
- */
-PRIntn PR_CALLBACK
-SECITEM_HashCompare ( const void *k1, const void *k2)
-{
- PRIntn rv;
-
- const SECItem *i1 = (const SECItem *)k1;
- const SECItem *i2 = (const SECItem *)k2;
-
- return SECITEM_ItemsAreEqual(i1,i2);
-}
diff --git a/security/nss/lib/util/secitem.h b/security/nss/lib/util/secitem.h
deleted file mode 100644
index 76a5d16fb..000000000
--- a/security/nss/lib/util/secitem.h
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECITEM_H_
-#define _SECITEM_H_
-/*
- * secitem.h - public data structures and prototypes for handling
- * SECItems
- *
- * $Id$
- */
-
-#include "plarena.h"
-#include "plhash.h"
-#include "seccomon.h"
-
-SEC_BEGIN_PROTOS
-
-/*
-** Allocate an item. If "arena" is not NULL, then allocate from there,
-** otherwise allocate from the heap. If "item" is not NULL, allocate
-** only the data for the item, not the item itself. The item structure
-** is allocated zero-filled; the data buffer is not zeroed.
-**
-** The resulting item is returned; NULL if any error occurs.
-**
-** XXX This probably should take a SECItemType, but since that is mostly
-** unused and our improved APIs (aka Stan) are looming, I left it out.
-*/
-extern SECItem *SECITEM_AllocItem(PRArenaPool *arena, SECItem *item,
- unsigned int len);
-
-/*
-** Reallocate the data for the specified "item". If "arena" is not NULL,
-** then reallocate from there, otherwise reallocate from the heap.
-** In the case where oldlen is 0, the data is allocated (not reallocated).
-** In any case, "item" is expected to be a valid SECItem pointer;
-** SECFailure is returned if it is not. If the allocation succeeds,
-** SECSuccess is returned.
-*/
-extern SECStatus SECITEM_ReallocItem(PRArenaPool *arena, SECItem *item,
- unsigned int oldlen, unsigned int newlen);
-
-/*
-** Compare two items returning the difference between them.
-*/
-extern SECComparison SECITEM_CompareItem(const SECItem *a, const SECItem *b);
-
-/*
-** Compare two items -- if they are the same, return true; otherwise false.
-*/
-extern PRBool SECITEM_ItemsAreEqual(const SECItem *a, const SECItem *b);
-
-/*
-** Copy "from" to "to"
-*/
-extern SECStatus SECITEM_CopyItem(PRArenaPool *arena, SECItem *to,
- const SECItem *from);
-
-/*
-** Allocate an item and copy "from" into it.
-*/
-extern SECItem *SECITEM_DupItem(const SECItem *from);
-
-/*
-** Free "zap". If freeit is PR_TRUE then "zap" itself is freed.
-*/
-extern void SECITEM_FreeItem(SECItem *zap, PRBool freeit);
-
-/*
-** Zero and then free "zap". If freeit is PR_TRUE then "zap" itself is freed.
-*/
-extern void SECITEM_ZfreeItem(SECItem *zap, PRBool freeit);
-
-PLHashNumber PR_CALLBACK SECITEM_Hash ( const void *key);
-
-PRIntn PR_CALLBACK SECITEM_HashCompare ( const void *k1, const void *k2);
-
-
-SEC_END_PROTOS
-
-#endif /* _SECITEM_H_ */
diff --git a/security/nss/lib/util/secoid.c b/security/nss/lib/util/secoid.c
deleted file mode 100644
index d6515dedb..000000000
--- a/security/nss/lib/util/secoid.c
+++ /dev/null
@@ -1,1321 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secoid.h"
-#include "pkcs11t.h"
-#include "secmodt.h"
-#include "secitem.h"
-#include "secerr.h"
-#include "plhash.h"
-
-/* MISSI Mosaic Object ID space */
-#define USGOV 0x60, 0x86, 0x48, 0x01, 0x65
-#define MISSI USGOV, 0x02, 0x01, 0x01
-#define MISSI_OLD_KEA_DSS MISSI, 0x0c
-#define MISSI_OLD_DSS MISSI, 0x02
-#define MISSI_KEA_DSS MISSI, 0x14
-#define MISSI_DSS MISSI, 0x13
-#define MISSI_KEA MISSI, 0x0a
-#define MISSI_ALT_KEA MISSI, 0x16
-
-#define NISTALGS USGOV, 3, 4
-#define AES NISTALGS, 1
-
-/**
- ** The Netscape OID space is allocated by Terry Hayes. If you need
- ** a piece of the space, contact him at thayes@netscape.com.
- **/
-
-/* Netscape Communications Corporation Object ID space */
-/* { 2 16 840 1 113730 } */
-#define NETSCAPE_OID 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42
-#define NETSCAPE_CERT_EXT NETSCAPE_OID, 0x01
-#define NETSCAPE_DATA_TYPE NETSCAPE_OID, 0x02
-/* netscape directory oid - owned by Tim Howes(howes@netscape.com) */
-#define NETSCAPE_DIRECTORY NETSCAPE_OID, 0x03
-#define NETSCAPE_POLICY NETSCAPE_OID, 0x04
-#define NETSCAPE_CERT_SERVER NETSCAPE_OID, 0x05
-#define NETSCAPE_ALGS NETSCAPE_OID, 0x06 /* algorithm OIDs */
-#define NETSCAPE_NAME_COMPONENTS NETSCAPE_OID, 0x07
-
-#define NETSCAPE_CERT_EXT_AIA NETSCAPE_CERT_EXT, 0x10
-#define NETSCAPE_CERT_SERVER_CRMF NETSCAPE_CERT_SERVER, 0x01
-
-/* these are old and should go away soon */
-#define OLD_NETSCAPE 0x60, 0x86, 0x48, 0xd8, 0x6a
-#define NS_CERT_EXT OLD_NETSCAPE, 0x01
-#define NS_FILE_TYPE OLD_NETSCAPE, 0x02
-#define NS_IMAGE_TYPE OLD_NETSCAPE, 0x03
-
-/* RSA OID name space */
-#define RSADSI 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d
-#define PKCS RSADSI, 0x01
-#define DIGEST RSADSI, 0x02
-#define CIPHER RSADSI, 0x03
-#define PKCS1 PKCS, 0x01
-#define PKCS5 PKCS, 0x05
-#define PKCS7 PKCS, 0x07
-#define PKCS9 PKCS, 0x09
-#define PKCS12 PKCS, 0x0c
-
-/* Fortezza algorithm OID space: { 2 16 840 1 101 2 1 1 } */
-/* ### mwelch -- Is this just for algorithms, or all of Fortezza? */
-#define FORTEZZA_ALG 0x60, 0x86, 0x48, 0x01, 0x65, 0x02, 0x01, 0x01
-
-/* Other OID name spaces */
-#define ALGORITHM 0x2b, 0x0e, 0x03, 0x02
-#define X500 0x55
-#define X520_ATTRIBUTE_TYPE X500, 0x04
-#define X500_ALG X500, 0x08
-#define X500_ALG_ENCRYPTION X500_ALG, 0x01
-
-/** X.509 v3 Extension OID
- ** {joint-iso-ccitt (2) ds(5) 29}
- **/
-#define ID_CE_OID X500, 0x1d
-
-#define RFC1274_ATTR_TYPE 0x09, 0x92, 0x26, 0x89, 0x93, 0xf2, 0x2c, 0x64, 0x1
-/* #define RFC2247_ATTR_TYPE 0x09, 0x92, 0x26, 0xf5, 0x98, 0x1e, 0x64, 0x1 this is WRONG! */
-
-/* PKCS #12 name spaces */
-#define PKCS12_MODE_IDS PKCS12, 0x01
-#define PKCS12_ESPVK_IDS PKCS12, 0x02
-#define PKCS12_BAG_IDS PKCS12, 0x03
-#define PKCS12_CERT_BAG_IDS PKCS12, 0x04
-#define PKCS12_OIDS PKCS12, 0x05
-#define PKCS12_PBE_IDS PKCS12_OIDS, 0x01
-#define PKCS12_ENVELOPING_IDS PKCS12_OIDS, 0x02
-#define PKCS12_SIGNATURE_IDS PKCS12_OIDS, 0x03
-#define PKCS12_V2_PBE_IDS PKCS12, 0x01
-#define PKCS9_CERT_TYPES PKCS9, 0x16
-#define PKCS9_CRL_TYPES PKCS9, 0x17
-#define PKCS9_SMIME_IDS PKCS9, 0x10
-#define PKCS9_SMIME_ATTRS PKCS9_SMIME_IDS, 2
-#define PKCS9_SMIME_ALGS PKCS9_SMIME_IDS, 3
-#define PKCS12_VERSION1 PKCS12, 0x0a
-#define PKCS12_V1_BAG_IDS PKCS12_VERSION1, 1
-
-/* for DSA algorithm */
-/* { iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) } */
-#define ANSI_X9_ALGORITHM 0x2a, 0x86, 0x48, 0xce, 0x38, 0x4
-
-/* for DH algorithm */
-/* { iso(1) member-body(2) us(840) x9-57(10046) number-type(2) } */
-/* need real OID person to look at this, copied the above line
- * and added 6 to second to last value (and changed '4' to '2' */
-#define ANSI_X942_ALGORITHM 0x2a, 0x86, 0x48, 0xce, 0x3e, 0x2
-
-#define VERISIGN 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x45
-
-#define PKIX 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07
-#define PKIX_CERT_EXTENSIONS PKIX, 1
-#define PKIX_POLICY_QUALIFIERS PKIX, 2
-#define PKIX_KEY_USAGE PKIX, 3
-#define PKIX_ACCESS_DESCRIPTION PKIX, 0x30
-#define PKIX_OCSP PKIX_ACCESS_DESCRIPTION, 1
-
-#define PKIX_ID_PKIP PKIX, 5
-#define PKIX_ID_REGCTRL PKIX_ID_PKIP, 1
-#define PKIX_ID_REGINFO PKIX_ID_PKIP, 2
-
-#define CONST_OID static const unsigned char
-
-CONST_OID md2[] = { DIGEST, 0x02 };
-CONST_OID md4[] = { DIGEST, 0x04 };
-CONST_OID md5[] = { DIGEST, 0x05 };
-
-CONST_OID rc2cbc[] = { CIPHER, 0x02 };
-CONST_OID rc4[] = { CIPHER, 0x04 };
-CONST_OID desede3cbc[] = { CIPHER, 0x07 };
-CONST_OID rc5cbcpad[] = { CIPHER, 0x09 };
-
-CONST_OID desecb[] = { ALGORITHM, 0x06 };
-CONST_OID descbc[] = { ALGORITHM, 0x07 };
-CONST_OID desofb[] = { ALGORITHM, 0x08 };
-CONST_OID descfb[] = { ALGORITHM, 0x09 };
-CONST_OID desmac[] = { ALGORITHM, 0x0a };
-CONST_OID sdn702DSASignature[] = { ALGORITHM, 0x0c };
-CONST_OID isoSHAWithRSASignature[] = { ALGORITHM, 0x0f };
-CONST_OID desede[] = { ALGORITHM, 0x11 };
-CONST_OID sha1[] = { ALGORITHM, 0x1a };
-CONST_OID bogusDSASignaturewithSHA1Digest[] = { ALGORITHM, 0x1b };
-
-CONST_OID pkcs1RSAEncryption[] = { PKCS1, 0x01 };
-CONST_OID pkcs1MD2WithRSAEncryption[] = { PKCS1, 0x02 };
-CONST_OID pkcs1MD4WithRSAEncryption[] = { PKCS1, 0x03 };
-CONST_OID pkcs1MD5WithRSAEncryption[] = { PKCS1, 0x04 };
-CONST_OID pkcs1SHA1WithRSAEncryption[] = { PKCS1, 0x05 };
-
-CONST_OID pkcs5PbeWithMD2AndDEScbc[] = { PKCS5, 0x01 };
-CONST_OID pkcs5PbeWithMD5AndDEScbc[] = { PKCS5, 0x03 };
-CONST_OID pkcs5PbeWithSha1AndDEScbc[] = { PKCS5, 0x0a };
-
-CONST_OID pkcs7[] = { PKCS7 };
-CONST_OID pkcs7Data[] = { PKCS7, 0x01 };
-CONST_OID pkcs7SignedData[] = { PKCS7, 0x02 };
-CONST_OID pkcs7EnvelopedData[] = { PKCS7, 0x03 };
-CONST_OID pkcs7SignedEnvelopedData[] = { PKCS7, 0x04 };
-CONST_OID pkcs7DigestedData[] = { PKCS7, 0x05 };
-CONST_OID pkcs7EncryptedData[] = { PKCS7, 0x06 };
-
-CONST_OID pkcs9EmailAddress[] = { PKCS9, 0x01 };
-CONST_OID pkcs9UnstructuredName[] = { PKCS9, 0x02 };
-CONST_OID pkcs9ContentType[] = { PKCS9, 0x03 };
-CONST_OID pkcs9MessageDigest[] = { PKCS9, 0x04 };
-CONST_OID pkcs9SigningTime[] = { PKCS9, 0x05 };
-CONST_OID pkcs9CounterSignature[] = { PKCS9, 0x06 };
-CONST_OID pkcs9ChallengePassword[] = { PKCS9, 0x07 };
-CONST_OID pkcs9UnstructuredAddress[] = { PKCS9, 0x08 };
-CONST_OID pkcs9ExtendedCertificateAttributes[] = { PKCS9, 0x09 };
-CONST_OID pkcs9SMIMECapabilities[] = { PKCS9, 15 };
-CONST_OID pkcs9FriendlyName[] = { PKCS9, 20 };
-CONST_OID pkcs9LocalKeyID[] = { PKCS9, 21 };
-
-CONST_OID pkcs9X509Certificate[] = { PKCS9_CERT_TYPES, 1 };
-CONST_OID pkcs9SDSICertificate[] = { PKCS9_CERT_TYPES, 2 };
-CONST_OID pkcs9X509CRL[] = { PKCS9_CRL_TYPES, 1 };
-
-/* RFC2630 (CMS) OIDs */
-CONST_OID cmsESDH[] = { PKCS9_SMIME_ALGS, 5 };
-CONST_OID cms3DESwrap[] = { PKCS9_SMIME_ALGS, 6 };
-CONST_OID cmsRC2wrap[] = { PKCS9_SMIME_ALGS, 7 };
-
-/* RFC2633 SMIME message attributes */
-CONST_OID smimeEncryptionKeyPreference[] = { PKCS9_SMIME_ATTRS, 11 };
-
-CONST_OID x520CommonName[] = { X520_ATTRIBUTE_TYPE, 3 };
-CONST_OID x520CountryName[] = { X520_ATTRIBUTE_TYPE, 6 };
-CONST_OID x520LocalityName[] = { X520_ATTRIBUTE_TYPE, 7 };
-CONST_OID x520StateOrProvinceName[] = { X520_ATTRIBUTE_TYPE, 8 };
-CONST_OID x520OrgName[] = { X520_ATTRIBUTE_TYPE, 10 };
-CONST_OID x520OrgUnitName[] = { X520_ATTRIBUTE_TYPE, 11 };
-CONST_OID x520DnQualifier[] = { X520_ATTRIBUTE_TYPE, 46 };
-
-CONST_OID nsTypeGIF[] = { NETSCAPE_DATA_TYPE, 0x01 };
-CONST_OID nsTypeJPEG[] = { NETSCAPE_DATA_TYPE, 0x02 };
-CONST_OID nsTypeURL[] = { NETSCAPE_DATA_TYPE, 0x03 };
-CONST_OID nsTypeHTML[] = { NETSCAPE_DATA_TYPE, 0x04 };
-CONST_OID nsTypeCertSeq[] = { NETSCAPE_DATA_TYPE, 0x05 };
-
-CONST_OID missiCertKEADSSOld[] = { MISSI_OLD_KEA_DSS };
-CONST_OID missiCertDSSOld[] = { MISSI_OLD_DSS };
-CONST_OID missiCertKEADSS[] = { MISSI_KEA_DSS };
-CONST_OID missiCertDSS[] = { MISSI_DSS };
-CONST_OID missiCertKEA[] = { MISSI_KEA };
-CONST_OID missiCertAltKEA[] = { MISSI_ALT_KEA };
-CONST_OID x500RSAEncryption[] = { X500_ALG_ENCRYPTION, 0x01 };
-
-/* added for alg 1485 */
-CONST_OID rfc1274Uid[] = { RFC1274_ATTR_TYPE, 1 };
-CONST_OID rfc1274Mail[] = { RFC1274_ATTR_TYPE, 3 };
-CONST_OID rfc2247DomainComponent[] = { RFC1274_ATTR_TYPE, 25 };
-
-/* Netscape private certificate extensions */
-CONST_OID nsCertExtNetscapeOK[] = { NS_CERT_EXT, 1 };
-CONST_OID nsCertExtIssuerLogo[] = { NS_CERT_EXT, 2 };
-CONST_OID nsCertExtSubjectLogo[] = { NS_CERT_EXT, 3 };
-CONST_OID nsExtCertType[] = { NETSCAPE_CERT_EXT, 0x01 };
-CONST_OID nsExtBaseURL[] = { NETSCAPE_CERT_EXT, 0x02 };
-CONST_OID nsExtRevocationURL[] = { NETSCAPE_CERT_EXT, 0x03 };
-CONST_OID nsExtCARevocationURL[] = { NETSCAPE_CERT_EXT, 0x04 };
-CONST_OID nsExtCACRLURL[] = { NETSCAPE_CERT_EXT, 0x05 };
-CONST_OID nsExtCACertURL[] = { NETSCAPE_CERT_EXT, 0x06 };
-CONST_OID nsExtCertRenewalURL[] = { NETSCAPE_CERT_EXT, 0x07 };
-CONST_OID nsExtCAPolicyURL[] = { NETSCAPE_CERT_EXT, 0x08 };
-CONST_OID nsExtHomepageURL[] = { NETSCAPE_CERT_EXT, 0x09 };
-CONST_OID nsExtEntityLogo[] = { NETSCAPE_CERT_EXT, 0x0a };
-CONST_OID nsExtUserPicture[] = { NETSCAPE_CERT_EXT, 0x0b };
-CONST_OID nsExtSSLServerName[] = { NETSCAPE_CERT_EXT, 0x0c };
-CONST_OID nsExtComment[] = { NETSCAPE_CERT_EXT, 0x0d };
-
-/* the following 2 extensions are defined for and used by Cartman(NSM) */
-CONST_OID nsExtLostPasswordURL[] = { NETSCAPE_CERT_EXT, 0x0e };
-CONST_OID nsExtCertRenewalTime[] = { NETSCAPE_CERT_EXT, 0x0f };
-
-CONST_OID nsExtAIACertRenewal[] = { NETSCAPE_CERT_EXT_AIA, 0x01 };
-CONST_OID nsExtCertScopeOfUse[] = { NETSCAPE_CERT_EXT, 0x11 };
-CONST_OID nsKeyUsageGovtApproved[] = { NETSCAPE_POLICY, 0x01 };
-
-/* Netscape other name types */
-CONST_OID netscapeNickname[] = { NETSCAPE_NAME_COMPONENTS, 0x01};
-
-/* OIDs needed for cert server */
-CONST_OID netscapeRecoveryRequest[] = { NETSCAPE_CERT_SERVER_CRMF, 0x01 };
-
-
-/* Standard x.509 v3 Certificate Extensions */
-CONST_OID x509SubjectDirectoryAttr[] = { ID_CE_OID, 9 };
-CONST_OID x509SubjectKeyID[] = { ID_CE_OID, 14 };
-CONST_OID x509KeyUsage[] = { ID_CE_OID, 15 };
-CONST_OID x509PrivateKeyUsagePeriod[] = { ID_CE_OID, 16 };
-CONST_OID x509SubjectAltName[] = { ID_CE_OID, 17 };
-CONST_OID x509IssuerAltName[] = { ID_CE_OID, 18 };
-CONST_OID x509BasicConstraints[] = { ID_CE_OID, 19 };
-CONST_OID x509NameConstraints[] = { ID_CE_OID, 30 };
-CONST_OID x509CRLDistPoints[] = { ID_CE_OID, 31 };
-CONST_OID x509CertificatePolicies[] = { ID_CE_OID, 32 };
-CONST_OID x509PolicyMappings[] = { ID_CE_OID, 33 };
-CONST_OID x509PolicyConstraints[] = { ID_CE_OID, 34 };
-CONST_OID x509AuthKeyID[] = { ID_CE_OID, 35 };
-CONST_OID x509ExtKeyUsage[] = { ID_CE_OID, 37 };
-CONST_OID x509AuthInfoAccess[] = { PKIX_CERT_EXTENSIONS, 1 };
-
-/* Standard x.509 v3 CRL Extensions */
-CONST_OID x509CrlNumber[] = { ID_CE_OID, 20};
-CONST_OID x509ReasonCode[] = { ID_CE_OID, 21};
-CONST_OID x509InvalidDate[] = { ID_CE_OID, 24};
-
-/* pkcs 12 additions */
-CONST_OID pkcs12[] = { PKCS12 };
-CONST_OID pkcs12ModeIDs[] = { PKCS12_MODE_IDS };
-CONST_OID pkcs12ESPVKIDs[] = { PKCS12_ESPVK_IDS };
-CONST_OID pkcs12BagIDs[] = { PKCS12_BAG_IDS };
-CONST_OID pkcs12CertBagIDs[] = { PKCS12_CERT_BAG_IDS };
-CONST_OID pkcs12OIDs[] = { PKCS12_OIDS };
-CONST_OID pkcs12PBEIDs[] = { PKCS12_PBE_IDS };
-CONST_OID pkcs12EnvelopingIDs[] = { PKCS12_ENVELOPING_IDS };
-CONST_OID pkcs12SignatureIDs[] = { PKCS12_SIGNATURE_IDS };
-CONST_OID pkcs12PKCS8KeyShrouding[] = { PKCS12_ESPVK_IDS, 0x01 };
-CONST_OID pkcs12KeyBagID[] = { PKCS12_BAG_IDS, 0x01 };
-CONST_OID pkcs12CertAndCRLBagID[] = { PKCS12_BAG_IDS, 0x02 };
-CONST_OID pkcs12SecretBagID[] = { PKCS12_BAG_IDS, 0x03 };
-CONST_OID pkcs12X509CertCRLBag[] = { PKCS12_CERT_BAG_IDS, 0x01 };
-CONST_OID pkcs12SDSICertBag[] = { PKCS12_CERT_BAG_IDS, 0x02 };
-CONST_OID pkcs12PBEWithSha1And128BitRC4[] = { PKCS12_PBE_IDS, 0x01 };
-CONST_OID pkcs12PBEWithSha1And40BitRC4[] = { PKCS12_PBE_IDS, 0x02 };
-CONST_OID pkcs12PBEWithSha1AndTripleDESCBC[] = { PKCS12_PBE_IDS, 0x03 };
-CONST_OID pkcs12PBEWithSha1And128BitRC2CBC[] = { PKCS12_PBE_IDS, 0x04 };
-CONST_OID pkcs12PBEWithSha1And40BitRC2CBC[] = { PKCS12_PBE_IDS, 0x05 };
-CONST_OID pkcs12RSAEncryptionWith128BitRC4[] = { PKCS12_ENVELOPING_IDS, 0x01 };
-CONST_OID pkcs12RSAEncryptionWith40BitRC4[] = { PKCS12_ENVELOPING_IDS, 0x02 };
-CONST_OID pkcs12RSAEncryptionWithTripleDES[] = { PKCS12_ENVELOPING_IDS, 0x03 };
-CONST_OID pkcs12RSASignatureWithSHA1Digest[] = { PKCS12_SIGNATURE_IDS, 0x01 };
-
-/* pkcs 12 version 1.0 ids */
-CONST_OID pkcs12V2PBEWithSha1And128BitRC4[] = { PKCS12_V2_PBE_IDS, 0x01 };
-CONST_OID pkcs12V2PBEWithSha1And40BitRC4[] = { PKCS12_V2_PBE_IDS, 0x02 };
-CONST_OID pkcs12V2PBEWithSha1And3KeyTripleDEScbc[]= { PKCS12_V2_PBE_IDS, 0x03 };
-CONST_OID pkcs12V2PBEWithSha1And2KeyTripleDEScbc[]= { PKCS12_V2_PBE_IDS, 0x04 };
-CONST_OID pkcs12V2PBEWithSha1And128BitRC2cbc[] = { PKCS12_V2_PBE_IDS, 0x05 };
-CONST_OID pkcs12V2PBEWithSha1And40BitRC2cbc[] = { PKCS12_V2_PBE_IDS, 0x06 };
-
-CONST_OID pkcs12SafeContentsID[] = { PKCS12_BAG_IDS, 0x04 };
-CONST_OID pkcs12PKCS8ShroudedKeyBagID[] = { PKCS12_BAG_IDS, 0x05 };
-
-CONST_OID pkcs12V1KeyBag[] = { PKCS12_V1_BAG_IDS, 0x01 };
-CONST_OID pkcs12V1PKCS8ShroudedKeyBag[] = { PKCS12_V1_BAG_IDS, 0x02 };
-CONST_OID pkcs12V1CertBag[] = { PKCS12_V1_BAG_IDS, 0x03 };
-CONST_OID pkcs12V1CRLBag[] = { PKCS12_V1_BAG_IDS, 0x04 };
-CONST_OID pkcs12V1SecretBag[] = { PKCS12_V1_BAG_IDS, 0x05 };
-CONST_OID pkcs12V1SafeContentsBag[] = { PKCS12_V1_BAG_IDS, 0x06 };
-
-CONST_OID pkcs12KeyUsageAttr[] = { 2, 5, 29, 15 };
-
-CONST_OID ansix9DSASignature[] = { ANSI_X9_ALGORITHM, 0x01 };
-CONST_OID ansix9DSASignaturewithSHA1Digest[] = { ANSI_X9_ALGORITHM, 0x03 };
-
-/* verisign OIDs */
-CONST_OID verisignUserNotices[] = { VERISIGN, 1, 7, 1, 1 };
-
-/* pkix OIDs */
-CONST_OID pkixCPSPointerQualifier[] = { PKIX_POLICY_QUALIFIERS, 1 };
-CONST_OID pkixUserNoticeQualifier[] = { PKIX_POLICY_QUALIFIERS, 2 };
-
-CONST_OID pkixOCSP[] = { PKIX_OCSP };
-CONST_OID pkixOCSPBasicResponse[] = { PKIX_OCSP, 1 };
-CONST_OID pkixOCSPNonce[] = { PKIX_OCSP, 2 };
-CONST_OID pkixOCSPCRL[] = { PKIX_OCSP, 3 };
-CONST_OID pkixOCSPResponse[] = { PKIX_OCSP, 4 };
-CONST_OID pkixOCSPNoCheck[] = { PKIX_OCSP, 5 };
-CONST_OID pkixOCSPArchiveCutoff[] = { PKIX_OCSP, 6 };
-CONST_OID pkixOCSPServiceLocator[] = { PKIX_OCSP, 7 };
-
-CONST_OID pkixRegCtrlRegToken[] = { PKIX_ID_REGCTRL, 1};
-CONST_OID pkixRegCtrlAuthenticator[] = { PKIX_ID_REGCTRL, 2};
-CONST_OID pkixRegCtrlPKIPubInfo[] = { PKIX_ID_REGCTRL, 3};
-CONST_OID pkixRegCtrlPKIArchOptions[] = { PKIX_ID_REGCTRL, 4};
-CONST_OID pkixRegCtrlOldCertID[] = { PKIX_ID_REGCTRL, 5};
-CONST_OID pkixRegCtrlProtEncKey[] = { PKIX_ID_REGCTRL, 6};
-CONST_OID pkixRegInfoUTF8Pairs[] = { PKIX_ID_REGINFO, 1};
-CONST_OID pkixRegInfoCertReq[] = { PKIX_ID_REGINFO, 2};
-
-CONST_OID pkixExtendedKeyUsageServerAuth[] = { PKIX_KEY_USAGE, 1 };
-CONST_OID pkixExtendedKeyUsageClientAuth[] = { PKIX_KEY_USAGE, 2 };
-CONST_OID pkixExtendedKeyUsageCodeSign[] = { PKIX_KEY_USAGE, 3 };
-CONST_OID pkixExtendedKeyUsageEMailProtect[] = { PKIX_KEY_USAGE, 4 };
-CONST_OID pkixExtendedKeyUsageTimeStamp[] = { PKIX_KEY_USAGE, 8 };
-CONST_OID pkixOCSPResponderExtendedKeyUsage[] = { PKIX_KEY_USAGE, 9 };
-
-/* OIDs for Netscape defined algorithms */
-CONST_OID netscapeSMimeKEA[] = { NETSCAPE_ALGS, 0x01 };
-
-/* Fortezza algorithm OIDs */
-CONST_OID skipjackCBC[] = { FORTEZZA_ALG, 0x04 };
-CONST_OID dhPublicKey[] = { ANSI_X942_ALGORITHM, 0x1 };
-
-CONST_OID aes128_ECB[] = { AES, 1 };
-CONST_OID aes128_CBC[] = { AES, 2 };
-#ifdef DEFINE_ALL_AES_CIPHERS
-CONST_OID aes128_OFB[] = { AES, 3 };
-CONST_OID aes128_CFB[] = { AES, 4 };
-#endif
-
-CONST_OID aes192_ECB[] = { AES, 21 };
-CONST_OID aes192_CBC[] = { AES, 22 };
-#ifdef DEFINE_ALL_AES_CIPHERS
-CONST_OID aes192_OFB[] = { AES, 23 };
-CONST_OID aes192_CFB[] = { AES, 24 };
-#endif
-
-CONST_OID aes256_ECB[] = { AES, 41 };
-CONST_OID aes256_CBC[] = { AES, 42 };
-#ifdef DEFINE_ALL_AES_CIPHERS
-CONST_OID aes256_OFB[] = { AES, 43 };
-CONST_OID aes256_CFB[] = { AES, 44 };
-#endif
-
-#define OI(x) { siDEROID, (unsigned char *)x, sizeof x }
-#ifndef SECOID_NO_STRINGS
-#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, desc, mech, ext }
-#else
-#define OD(oid,tag,desc,mech,ext) { OI(oid), tag, 0, mech, ext }
-#endif
-
-/*
- * NOTE: the order of these entries must mach the SECOidTag enum in secoidt.h!
- */
-const static SECOidData oids[] = {
- { { siDEROID, NULL, 0 }, SEC_OID_UNKNOWN,
- "Unknown OID", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION },
- OD( md2, SEC_OID_MD2, "MD2", CKM_MD2, INVALID_CERT_EXTENSION ),
- OD( md4, SEC_OID_MD4,
- "MD4", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( md5, SEC_OID_MD5, "MD5", CKM_MD5, INVALID_CERT_EXTENSION ),
- OD( sha1, SEC_OID_SHA1, "SHA-1", CKM_SHA_1, INVALID_CERT_EXTENSION ),
- OD( rc2cbc, SEC_OID_RC2_CBC,
- "RC2-CBC", CKM_RC2_CBC, INVALID_CERT_EXTENSION ),
- OD( rc4, SEC_OID_RC4, "RC4", CKM_RC4, INVALID_CERT_EXTENSION ),
- OD( desede3cbc, SEC_OID_DES_EDE3_CBC,
- "DES-EDE3-CBC", CKM_DES3_CBC, INVALID_CERT_EXTENSION ),
- OD( rc5cbcpad, SEC_OID_RC5_CBC_PAD,
- "RC5-CBCPad", CKM_RC5_CBC, INVALID_CERT_EXTENSION ),
- OD( desecb, SEC_OID_DES_ECB,
- "DES-ECB", CKM_DES_ECB, INVALID_CERT_EXTENSION ),
- OD( descbc, SEC_OID_DES_CBC,
- "DES-CBC", CKM_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( desofb, SEC_OID_DES_OFB,
- "DES-OFB", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( descfb, SEC_OID_DES_CFB,
- "DES-CFB", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( desmac, SEC_OID_DES_MAC,
- "DES-MAC", CKM_DES_MAC, INVALID_CERT_EXTENSION ),
- OD( desede, SEC_OID_DES_EDE,
- "DES-EDE", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( isoSHAWithRSASignature, SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE,
- "ISO SHA with RSA Signature",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs1RSAEncryption, SEC_OID_PKCS1_RSA_ENCRYPTION,
- "PKCS #1 RSA Encryption", CKM_RSA_PKCS, INVALID_CERT_EXTENSION ),
-
- /* the following Signing mechanisms should get new CKM_ values when
- * values for CKM_RSA_WITH_MDX and CKM_RSA_WITH_SHA_1 get defined in
- * PKCS #11.
- */
- OD( pkcs1MD2WithRSAEncryption, SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION,
- "PKCS #1 MD2 With RSA Encryption", CKM_MD2_RSA_PKCS,
- INVALID_CERT_EXTENSION ),
- OD( pkcs1MD4WithRSAEncryption, SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION,
- "PKCS #1 MD4 With RSA Encryption",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs1MD5WithRSAEncryption, SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION,
- "PKCS #1 MD5 With RSA Encryption", CKM_MD5_RSA_PKCS,
- INVALID_CERT_EXTENSION ),
- OD( pkcs1SHA1WithRSAEncryption, SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION,
- "PKCS #1 SHA-1 With RSA Encryption", CKM_SHA1_RSA_PKCS,
- INVALID_CERT_EXTENSION ),
-
- OD( pkcs5PbeWithMD2AndDEScbc, SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC,
- "PKCS #5 Password Based Encryption with MD2 and DES CBC",
- CKM_PBE_MD2_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs5PbeWithMD5AndDEScbc, SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC,
- "PKCS #5 Password Based Encryption with MD5 and DES CBC",
- CKM_PBE_MD5_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs5PbeWithSha1AndDEScbc, SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC,
- "PKCS #5 Password Based Encryption with SHA1 and DES CBC",
- CKM_NETSCAPE_PBE_SHA1_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs7, SEC_OID_PKCS7,
- "PKCS #7", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7Data, SEC_OID_PKCS7_DATA,
- "PKCS #7 Data", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7SignedData, SEC_OID_PKCS7_SIGNED_DATA,
- "PKCS #7 Signed Data", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7EnvelopedData, SEC_OID_PKCS7_ENVELOPED_DATA,
- "PKCS #7 Enveloped Data",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7SignedEnvelopedData, SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA,
- "PKCS #7 Signed And Enveloped Data",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7DigestedData, SEC_OID_PKCS7_DIGESTED_DATA,
- "PKCS #7 Digested Data",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs7EncryptedData, SEC_OID_PKCS7_ENCRYPTED_DATA,
- "PKCS #7 Encrypted Data",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9EmailAddress, SEC_OID_PKCS9_EMAIL_ADDRESS,
- "PKCS #9 Email Address",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9UnstructuredName, SEC_OID_PKCS9_UNSTRUCTURED_NAME,
- "PKCS #9 Unstructured Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9ContentType, SEC_OID_PKCS9_CONTENT_TYPE,
- "PKCS #9 Content Type",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9MessageDigest, SEC_OID_PKCS9_MESSAGE_DIGEST,
- "PKCS #9 Message Digest",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9SigningTime, SEC_OID_PKCS9_SIGNING_TIME,
- "PKCS #9 Signing Time",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9CounterSignature, SEC_OID_PKCS9_COUNTER_SIGNATURE,
- "PKCS #9 Counter Signature",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9ChallengePassword, SEC_OID_PKCS9_CHALLENGE_PASSWORD,
- "PKCS #9 Challenge Password",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9UnstructuredAddress, SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS,
- "PKCS #9 Unstructured Address",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9ExtendedCertificateAttributes,
- SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES,
- "PKCS #9 Extended Certificate Attributes",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9SMIMECapabilities, SEC_OID_PKCS9_SMIME_CAPABILITIES,
- "PKCS #9 S/MIME Capabilities",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520CommonName, SEC_OID_AVA_COMMON_NAME,
- "X520 Common Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520CountryName, SEC_OID_AVA_COUNTRY_NAME,
- "X520 Country Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520LocalityName, SEC_OID_AVA_LOCALITY,
- "X520 Locality Name", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520StateOrProvinceName, SEC_OID_AVA_STATE_OR_PROVINCE,
- "X520 State Or Province Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520OrgName, SEC_OID_AVA_ORGANIZATION_NAME,
- "X520 Organization Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520OrgUnitName, SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME,
- "X520 Organizational Unit Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( x520DnQualifier, SEC_OID_AVA_DN_QUALIFIER,
- "X520 DN Qualifier", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( rfc2247DomainComponent, SEC_OID_AVA_DC,
- "RFC 2247 Domain Component",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( nsTypeGIF, SEC_OID_NS_TYPE_GIF,
- "GIF", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( nsTypeJPEG, SEC_OID_NS_TYPE_JPEG,
- "JPEG", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( nsTypeURL, SEC_OID_NS_TYPE_URL,
- "URL", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( nsTypeHTML, SEC_OID_NS_TYPE_HTML,
- "HTML", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( nsTypeCertSeq, SEC_OID_NS_TYPE_CERT_SEQUENCE,
- "Certificate Sequence",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertKEADSSOld, SEC_OID_MISSI_KEA_DSS_OLD,
- "MISSI KEA and DSS Algorithm (Old)",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertDSSOld, SEC_OID_MISSI_DSS_OLD,
- "MISSI DSS Algorithm (Old)",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertKEADSS, SEC_OID_MISSI_KEA_DSS,
- "MISSI KEA and DSS Algorithm",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertDSS, SEC_OID_MISSI_DSS,
- "MISSI DSS Algorithm",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertKEA, SEC_OID_MISSI_KEA,
- "MISSI KEA Algorithm",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( missiCertAltKEA, SEC_OID_MISSI_ALT_KEA,
- "MISSI Alternate KEA Algorithm",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* Netscape private extensions */
- OD( nsCertExtNetscapeOK, SEC_OID_NS_CERT_EXT_NETSCAPE_OK,
- "Netscape says this cert is OK",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsCertExtIssuerLogo, SEC_OID_NS_CERT_EXT_ISSUER_LOGO,
- "Certificate Issuer Logo",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsCertExtSubjectLogo, SEC_OID_NS_CERT_EXT_SUBJECT_LOGO,
- "Certificate Subject Logo",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtCertType, SEC_OID_NS_CERT_EXT_CERT_TYPE,
- "Certificate Type",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtBaseURL, SEC_OID_NS_CERT_EXT_BASE_URL,
- "Certificate Extension Base URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtRevocationURL, SEC_OID_NS_CERT_EXT_REVOCATION_URL,
- "Certificate Revocation URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtCARevocationURL, SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL,
- "Certificate Authority Revocation URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtCACRLURL, SEC_OID_NS_CERT_EXT_CA_CRL_URL,
- "Certificate Authority CRL Download URL",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtCACertURL, SEC_OID_NS_CERT_EXT_CA_CERT_URL,
- "Certificate Authority Certificate Download URL",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtCertRenewalURL, SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL,
- "Certificate Renewal URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtCAPolicyURL, SEC_OID_NS_CERT_EXT_CA_POLICY_URL,
- "Certificate Authority Policy URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtHomepageURL, SEC_OID_NS_CERT_EXT_HOMEPAGE_URL,
- "Certificate Homepage URL",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtEntityLogo, SEC_OID_NS_CERT_EXT_ENTITY_LOGO,
- "Certificate Entity Logo",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtUserPicture, SEC_OID_NS_CERT_EXT_USER_PICTURE,
- "Certificate User Picture",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( nsExtSSLServerName, SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME,
- "Certificate SSL Server Name",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtComment, SEC_OID_NS_CERT_EXT_COMMENT,
- "Certificate Comment",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtLostPasswordURL, SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL,
- "Lost Password URL",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsExtCertRenewalTime, SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME,
- "Certificate Renewal Time",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( nsKeyUsageGovtApproved, SEC_OID_NS_KEY_USAGE_GOVT_APPROVED,
- "Strong Crypto Export Approved",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
-
-
- /* x.509 v3 certificate extensions */
- OD( x509SubjectDirectoryAttr, SEC_OID_X509_SUBJECT_DIRECTORY_ATTR,
- "Certificate Subject Directory Attributes",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION),
- OD( x509SubjectKeyID, SEC_OID_X509_SUBJECT_KEY_ID,
- "Certificate Subject Key ID",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509KeyUsage, SEC_OID_X509_KEY_USAGE,
- "Certificate Key Usage",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509PrivateKeyUsagePeriod, SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD,
- "Certificate Private Key Usage Period",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509SubjectAltName, SEC_OID_X509_SUBJECT_ALT_NAME,
- "Certificate Subject Alt Name",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509IssuerAltName, SEC_OID_X509_ISSUER_ALT_NAME,
- "Certificate Issuer Alt Name",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509BasicConstraints, SEC_OID_X509_BASIC_CONSTRAINTS,
- "Certificate Basic Constraints",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509NameConstraints, SEC_OID_X509_NAME_CONSTRAINTS,
- "Certificate Name Constraints",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509CRLDistPoints, SEC_OID_X509_CRL_DIST_POINTS,
- "CRL Distribution Points",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509CertificatePolicies, SEC_OID_X509_CERTIFICATE_POLICIES,
- "Certificate Policies",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509PolicyMappings, SEC_OID_X509_POLICY_MAPPINGS,
- "Certificate Policy Mappings",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509PolicyConstraints, SEC_OID_X509_POLICY_CONSTRAINTS,
- "Certificate Policy Constraints",
- CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ),
- OD( x509AuthKeyID, SEC_OID_X509_AUTH_KEY_ID,
- "Certificate Authority Key Identifier",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509ExtKeyUsage, SEC_OID_X509_EXT_KEY_USAGE,
- "Extended Key Usage",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509AuthInfoAccess, SEC_OID_X509_AUTH_INFO_ACCESS,
- "Authority Information Access",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-
- /* x.509 v3 CRL extensions */
- OD( x509CrlNumber, SEC_OID_X509_CRL_NUMBER,
- "CRL Number", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509ReasonCode, SEC_OID_X509_REASON_CODE,
- "CRL reason code", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( x509InvalidDate, SEC_OID_X509_INVALID_DATE,
- "Invalid Date", CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
-
- OD( x500RSAEncryption, SEC_OID_X500_RSA_ENCRYPTION,
- "X500 RSA Encryption", CKM_RSA_X_509, INVALID_CERT_EXTENSION ),
-
- /* added for alg 1485 */
- OD( rfc1274Uid, SEC_OID_RFC1274_UID,
- "RFC1274 User Id", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( rfc1274Mail, SEC_OID_RFC1274_MAIL,
- "RFC1274 E-mail Address",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* pkcs 12 additions */
- OD( pkcs12, SEC_OID_PKCS12,
- "PKCS #12", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12ModeIDs, SEC_OID_PKCS12_MODE_IDS,
- "PKCS #12 Mode IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12ESPVKIDs, SEC_OID_PKCS12_ESPVK_IDS,
- "PKCS #12 ESPVK IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12BagIDs, SEC_OID_PKCS12_BAG_IDS,
- "PKCS #12 Bag IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12CertBagIDs, SEC_OID_PKCS12_CERT_BAG_IDS,
- "PKCS #12 Cert Bag IDs",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12OIDs, SEC_OID_PKCS12_OIDS,
- "PKCS #12 OIDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEIDs, SEC_OID_PKCS12_PBE_IDS,
- "PKCS #12 PBE IDs", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12SignatureIDs, SEC_OID_PKCS12_SIGNATURE_IDS,
- "PKCS #12 Signature IDs",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12EnvelopingIDs, SEC_OID_PKCS12_ENVELOPING_IDS,
- "PKCS #12 Enveloping IDs",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12PKCS8KeyShrouding, SEC_OID_PKCS12_PKCS8_KEY_SHROUDING,
- "PKCS #12 Key Shrouding",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12KeyBagID, SEC_OID_PKCS12_KEY_BAG_ID,
- "PKCS #12 Key Bag ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12CertAndCRLBagID, SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID,
- "PKCS #12 Cert And CRL Bag ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12SecretBagID, SEC_OID_PKCS12_SECRET_BAG_ID,
- "PKCS #12 Secret Bag ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12X509CertCRLBag, SEC_OID_PKCS12_X509_CERT_CRL_BAG,
- "PKCS #12 X509 Cert CRL Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12SDSICertBag, SEC_OID_PKCS12_SDSI_CERT_BAG,
- "PKCS #12 SDSI Cert Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1And128BitRC4,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4,
- "PKCS #12 PBE With Sha1 and 128 Bit RC4",
- CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1And40BitRC4,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4,
- "PKCS #12 PBE With Sha1 and 40 Bit RC4",
- CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1AndTripleDESCBC,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC,
- "PKCS #12 PBE With Sha1 and Triple DES CBC",
- CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1And128BitRC2CBC,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
- "PKCS #12 PBE With Sha1 and 128 Bit RC2 CBC",
- CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12PBEWithSha1And40BitRC2CBC,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
- "PKCS #12 PBE With Sha1 and 40 Bit RC2 CBC",
- CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12RSAEncryptionWith128BitRC4,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4,
- "PKCS #12 RSA Encryption with 128 Bit RC4",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12RSAEncryptionWith40BitRC4,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4,
- "PKCS #12 RSA Encryption with 40 Bit RC4",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12RSAEncryptionWithTripleDES,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES,
- "PKCS #12 RSA Encryption with Triple DES",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12RSASignatureWithSHA1Digest,
- SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST,
- "PKCS #12 RSA Encryption with Triple DES",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* DSA signatures */
- OD( ansix9DSASignature, SEC_OID_ANSIX9_DSA_SIGNATURE,
- "ANSI X9.57 DSA Signature", CKM_DSA, INVALID_CERT_EXTENSION ),
- OD( ansix9DSASignaturewithSHA1Digest,
- SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST,
- "ANSI X9.57 DSA Signature with SHA1 Digest",
- CKM_DSA_SHA1, INVALID_CERT_EXTENSION ),
- OD( bogusDSASignaturewithSHA1Digest,
- SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST,
- "FORTEZZA DSA Signature with SHA1 Digest",
- CKM_DSA_SHA1, INVALID_CERT_EXTENSION ),
-
- /* verisign oids */
- OD( verisignUserNotices, SEC_OID_VERISIGN_USER_NOTICES,
- "Verisign User Notices",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* pkix oids */
- OD( pkixCPSPointerQualifier, SEC_OID_PKIX_CPS_POINTER_QUALIFIER,
- "PKIX CPS Pointer Qualifier",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixUserNoticeQualifier, SEC_OID_PKIX_USER_NOTICE_QUALIFIER,
- "PKIX User Notice Qualifier",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( pkixOCSP, SEC_OID_PKIX_OCSP,
- "PKIX Online Certificate Status Protocol",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPBasicResponse, SEC_OID_PKIX_OCSP_BASIC_RESPONSE,
- "OCSP Basic Response", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPNonce, SEC_OID_PKIX_OCSP_NONCE,
- "OCSP Nonce Extension", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPCRL, SEC_OID_PKIX_OCSP_CRL,
- "OCSP CRL Reference Extension",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPResponse, SEC_OID_PKIX_OCSP_RESPONSE,
- "OCSP Response Types Extension",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPNoCheck, SEC_OID_PKIX_OCSP_NO_CHECK,
- "OCSP No Check Extension",
- CKM_INVALID_MECHANISM, SUPPORTED_CERT_EXTENSION ),
- OD( pkixOCSPArchiveCutoff, SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF,
- "OCSP Archive Cutoff Extension",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixOCSPServiceLocator, SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
- "OCSP Service Locator Extension",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( pkixRegCtrlRegToken, SEC_OID_PKIX_REGCTRL_REGTOKEN,
- "PKIX CRMF Registration Control, Registration Token",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixRegCtrlAuthenticator, SEC_OID_PKIX_REGCTRL_AUTHENTICATOR,
- "PKIX CRMF Registration Control, Registration Authenticator",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkixRegCtrlPKIPubInfo, SEC_OID_PKIX_REGCTRL_PKIPUBINFO,
- "PKIX CRMF Registration Control, PKI Publication Info",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegCtrlPKIArchOptions,
- SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS,
- "PKIX CRMF Registration Control, PKI Archive Options",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegCtrlOldCertID, SEC_OID_PKIX_REGCTRL_OLD_CERT_ID,
- "PKIX CRMF Registration Control, Old Certificate ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegCtrlProtEncKey, SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY,
- "PKIX CRMF Registration Control, Protocol Encryption Key",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegInfoUTF8Pairs, SEC_OID_PKIX_REGINFO_UTF8_PAIRS,
- "PKIX CRMF Registration Info, UTF8 Pairs",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixRegInfoCertReq, SEC_OID_PKIX_REGINFO_CERT_REQUEST,
- "PKIX CRMF Registration Info, Certificate Request",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageServerAuth,
- SEC_OID_EXT_KEY_USAGE_SERVER_AUTH,
- "TLS Web Server Authentication Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageClientAuth,
- SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH,
- "TLS Web Client Authentication Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageCodeSign, SEC_OID_EXT_KEY_USAGE_CODE_SIGN,
- "Code Signing Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageEMailProtect,
- SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT,
- "E-Mail Protection Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixExtendedKeyUsageTimeStamp,
- SEC_OID_EXT_KEY_USAGE_TIME_STAMP,
- "Time Stamping Certifcate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
- OD( pkixOCSPResponderExtendedKeyUsage, SEC_OID_OCSP_RESPONDER,
- "OCSP Responder Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
-
- /* Netscape Algorithm OIDs */
-
- OD( netscapeSMimeKEA, SEC_OID_NETSCAPE_SMIME_KEA,
- "Netscape S/MIME KEA", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* Skipjack OID -- ### mwelch temporary */
- OD( skipjackCBC, SEC_OID_FORTEZZA_SKIPJACK,
- "Skipjack CBC64", CKM_SKIPJACK_CBC64, INVALID_CERT_EXTENSION ),
-
- /* pkcs12 v2 oids */
- OD( pkcs12V2PBEWithSha1And128BitRC4,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4,
- "PKCS12 V2 PBE With SHA1 And 128 Bit RC4",
- CKM_PBE_SHA1_RC4_128, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And40BitRC4,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4,
- "PKCS12 V2 PBE With SHA1 And 40 Bit RC4",
- CKM_PBE_SHA1_RC4_40, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And3KeyTripleDEScbc,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC,
- "PKCS12 V2 PBE With SHA1 And 3KEY Triple DES-cbc",
- CKM_PBE_SHA1_DES3_EDE_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And2KeyTripleDEScbc,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC,
- "PKCS12 V2 PBE With SHA1 And 2KEY Triple DES-cbc",
- CKM_PBE_SHA1_DES2_EDE_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And128BitRC2cbc,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC,
- "PKCS12 V2 PBE With SHA1 And 128 Bit RC2 CBC",
- CKM_PBE_SHA1_RC2_128_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12V2PBEWithSha1And40BitRC2cbc,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC,
- "PKCS12 V2 PBE With SHA1 And 40 Bit RC2 CBC",
- CKM_PBE_SHA1_RC2_40_CBC, INVALID_CERT_EXTENSION ),
- OD( pkcs12SafeContentsID, SEC_OID_PKCS12_SAFE_CONTENTS_ID,
- "PKCS #12 Safe Contents ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12PKCS8ShroudedKeyBagID,
- SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID,
- "PKCS #12 Safe Contents ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1KeyBag, SEC_OID_PKCS12_V1_KEY_BAG_ID,
- "PKCS #12 V1 Key Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1PKCS8ShroudedKeyBag,
- SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID,
- "PKCS #12 V1 PKCS8 Shrouded Key Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1CertBag, SEC_OID_PKCS12_V1_CERT_BAG_ID,
- "PKCS #12 V1 Cert Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1CRLBag, SEC_OID_PKCS12_V1_CRL_BAG_ID,
- "PKCS #12 V1 CRL Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1SecretBag, SEC_OID_PKCS12_V1_SECRET_BAG_ID,
- "PKCS #12 V1 Secret Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12V1SafeContentsBag, SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID,
- "PKCS #12 V1 Safe Contents Bag",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( pkcs9X509Certificate, SEC_OID_PKCS9_X509_CERT,
- "PKCS #9 X509 Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9SDSICertificate, SEC_OID_PKCS9_SDSI_CERT,
- "PKCS #9 SDSI Certificate",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9X509CRL, SEC_OID_PKCS9_X509_CRL,
- "PKCS #9 X509 CRL", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9FriendlyName, SEC_OID_PKCS9_FRIENDLY_NAME,
- "PKCS #9 Friendly Name",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs9LocalKeyID, SEC_OID_PKCS9_LOCAL_KEY_ID,
- "PKCS #9 Local Key ID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( pkcs12KeyUsageAttr, SEC_OID_PKCS12_KEY_USAGE,
- "PKCS 12 Key Usage", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
- OD( dhPublicKey, SEC_OID_X942_DIFFIE_HELMAN_KEY,
- "Diffie-Helman Public Key", CKM_DH_PKCS_DERIVE,
- INVALID_CERT_EXTENSION ),
- OD( netscapeNickname, SEC_OID_NETSCAPE_NICKNAME,
- "Netscape Nickname", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* Cert Server specific OIDs */
- OD( netscapeRecoveryRequest, SEC_OID_NETSCAPE_RECOVERY_REQUEST,
- "Recovery Request OID",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- OD( nsExtAIACertRenewal, SEC_OID_CERT_RENEWAL_LOCATOR,
- "Certificate Renewal Locator OID", CKM_INVALID_MECHANISM,
- INVALID_CERT_EXTENSION ),
-
- OD( nsExtCertScopeOfUse, SEC_OID_NS_CERT_EXT_SCOPE_OF_USE,
- "Certificate Scope-of-Use Extension", CKM_INVALID_MECHANISM,
- SUPPORTED_CERT_EXTENSION ),
-
- /* CMS stuff */
- OD( cmsESDH, SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN,
- "Ephemeral-Static Diffie-Hellman", CKM_INVALID_MECHANISM /* XXX */,
- INVALID_CERT_EXTENSION ),
- OD( cms3DESwrap, SEC_OID_CMS_3DES_KEY_WRAP,
- "CMS 3DES Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
- INVALID_CERT_EXTENSION ),
- OD( cmsRC2wrap, SEC_OID_CMS_RC2_KEY_WRAP,
- "CMS RC2 Key Wrap", CKM_INVALID_MECHANISM /* XXX */,
- INVALID_CERT_EXTENSION ),
- OD( smimeEncryptionKeyPreference, SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE,
- "S/MIME Encryption Key Preference",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
-
- /* AES algorithm OIDs */
- OD( aes128_ECB, SEC_OID_AES_128_ECB,
- "AES-128-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION ),
- OD( aes128_CBC, SEC_OID_AES_128_CBC,
- "AES-128-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION ),
- OD( aes192_ECB, SEC_OID_AES_192_ECB,
- "AES-192-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION ),
- OD( aes192_CBC, SEC_OID_AES_192_CBC,
- "AES-192-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION ),
- OD( aes256_ECB, SEC_OID_AES_256_ECB,
- "AES-256-ECB", CKM_AES_ECB, INVALID_CERT_EXTENSION ),
- OD( aes256_CBC, SEC_OID_AES_256_CBC,
- "AES-256-CBC", CKM_AES_CBC, INVALID_CERT_EXTENSION ),
-
- /* More bogus DSA OIDs */
- OD( sdn702DSASignature, SEC_OID_SDN702_DSA_SIGNATURE,
- "SDN.702 DSA Signature", CKM_DSA_SHA1, INVALID_CERT_EXTENSION ),
-};
-
-/*
- * now the dynamic table. The dynamic table gets build at init time.
- * and gets modified if the user loads new crypto modules.
- */
-
-static PLHashTable *oid_d_hash = 0;
-static SECOidData **secoidDynamicTable = NULL;
-static int secoidDynamicTableSize = 0;
-static int secoidLastDynamicEntry = 0;
-static int secoidLastHashEntry = 0;
-
-static SECStatus
-secoid_DynamicRehash(void)
-{
- SECOidData *oid;
- PLHashEntry *entry;
- int i;
- int last = secoidLastDynamicEntry;
-
- if (!oid_d_hash) {
- oid_d_hash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
- PL_CompareValues, NULL, NULL);
- }
-
-
- if ( !oid_d_hash ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return(SECFailure);
- }
-
- for ( i = secoidLastHashEntry; i < last; i++ ) {
- oid = secoidDynamicTable[i];
-
- entry = PL_HashTableAdd( oid_d_hash, &oid->oid.data, oid );
- if ( entry == NULL ) {
- return(SECFailure);
- }
- }
- secoidLastHashEntry = last;
- return(SECSuccess);
-}
-
-
-
-/*
- * Lookup a Dynamic OID. Dynamic OID's still change slowly, so it's
- * cheaper to rehash the table when it changes than it is to do the loop
- * each time. Worry: what about thread safety here? Global Static data with
- * no locks.... (sigh).
- */
-static SECOidData *
-secoid_FindDynamic(SECItem *key) {
- SECOidData *ret = NULL;
- if (secoidDynamicTable == NULL) {
- /* PORT_SetError! */
- return NULL;
- }
- if (secoidLastHashEntry != secoidLastDynamicEntry) {
- SECStatus rv = secoid_DynamicRehash();
- if ( rv != SECSuccess ) {
- return NULL;
- }
- }
- ret = (SECOidData *)PL_HashTableLookup (oid_d_hash, key);
- return ret;
-
-}
-
-static SECOidData *
-secoid_FindDynamicByTag(SECOidTag tagnum)
-{
- int tagNumDiff;
-
- if (secoidDynamicTable == NULL) {
- return NULL;
- }
-
- if (tagnum < SEC_OID_TOTAL) {
- return NULL;
- }
-
- tagNumDiff = tagnum - SEC_OID_TOTAL;
- if (tagNumDiff >= secoidLastDynamicEntry) {
- return NULL;
- }
-
- return(secoidDynamicTable[tagNumDiff]);
-}
-
-/*
- * this routine is definately not thread safe. It is only called out
- * of the UI, or at init time. If we want to call it any other time,
- * we need to make it thread safe.
- */
-SECStatus
-SECOID_AddEntry(SECItem *oid, char *description, unsigned long mech) {
- SECOidData *oiddp = (SECOidData *)PORT_Alloc(sizeof(SECOidData));
- int last = secoidLastDynamicEntry;
- int tableSize = secoidDynamicTableSize;
- int next = last++;
- SECOidData **newTable = secoidDynamicTable;
- SECOidData **oldTable = NULL;
-
- if (oid == NULL) {
- return SECFailure;
- }
-
- /* fill in oid structure */
- if (SECITEM_CopyItem(NULL,&oiddp->oid,oid) != SECSuccess) {
- PORT_Free(oiddp);
- return SECFailure;
- }
- oiddp->offset = (SECOidTag)(next + SEC_OID_TOTAL);
- /* may we should just reference the copy passed to us? */
- oiddp->desc = PORT_Strdup(description);
- oiddp->mechanism = mech;
-
-
- if (last > tableSize) {
- int oldTableSize = tableSize;
- tableSize += 10;
- oldTable = newTable;
- newTable = (SECOidData **)PORT_ZAlloc(sizeof(SECOidData *)*tableSize);
- if (newTable == NULL) {
- PORT_Free(oiddp->oid.data);
- PORT_Free(oiddp);
- return SECFailure;
- }
- PORT_Memcpy(newTable,oldTable,sizeof(SECOidData *)*oldTableSize);
- PORT_Free(oldTable);
- }
-
- newTable[next] = oiddp;
- secoidDynamicTable = newTable;
- secoidDynamicTableSize = tableSize;
- secoidLastDynamicEntry= last;
- return SECSuccess;
-}
-
-
-/* normal static table processing */
-static PLHashTable *oidhash = NULL;
-static PLHashTable *oidmechhash = NULL;
-
-static PLHashNumber
-secoid_HashNumber(const void *key)
-{
- return (PLHashNumber) key;
-}
-
-
-static SECStatus
-InitOIDHash(void)
-{
- PLHashEntry *entry;
- const SECOidData *oid;
- int i;
-
- oidhash = PL_NewHashTable(0, SECITEM_Hash, SECITEM_HashCompare,
- PL_CompareValues, NULL, NULL);
- oidmechhash = PL_NewHashTable(0, secoid_HashNumber, PL_CompareValues,
- PL_CompareValues, NULL, NULL);
-
- if ( !oidhash || !oidmechhash) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- PORT_Assert(0); /*This function should never fail. */
- return(SECFailure);
- }
-
- for ( i = 0; i < ( sizeof(oids) / sizeof(SECOidData) ); i++ ) {
- oid = &oids[i];
-
- PORT_Assert ( oid->offset == i );
-
- entry = PL_HashTableAdd( oidhash, &oid->oid, (void *)oid );
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- PORT_Assert(0); /*This function should never fail. */
- return(SECFailure);
- }
-
- if ( oid->mechanism != CKM_INVALID_MECHANISM ) {
- entry = PL_HashTableAdd( oidmechhash,
- (void *)oid->mechanism, (void *)oid );
- if ( entry == NULL ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- PORT_Assert(0); /* This function should never fail. */
- return(SECFailure);
- }
- }
- }
-
- PORT_Assert (i == SEC_OID_TOTAL);
-
- return(SECSuccess);
-}
-
-SECOidData *
-SECOID_FindOIDByMechanism(unsigned long mechanism)
-{
- SECOidData *ret;
- int rv;
-
- if ( !oidhash ) {
- rv = InitOIDHash();
- if ( rv != SECSuccess ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return NULL;
- }
- }
- ret = PL_HashTableLookup ( oidmechhash, (void *)mechanism);
- if ( ret == NULL ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- }
-
- return (ret);
-}
-
-SECOidData *
-SECOID_FindOID(SECItem *oid)
-{
- SECOidData *ret;
- int rv;
-
- if ( !oidhash ) {
- rv = InitOIDHash();
- if ( rv != SECSuccess ) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- return NULL;
- }
- }
-
- ret = PL_HashTableLookup ( oidhash, oid );
- if ( ret == NULL ) {
- ret = secoid_FindDynamic(oid);
- if (ret == NULL) {
- PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
- }
- }
-
- return(ret);
-}
-
-SECOidTag
-SECOID_FindOIDTag(SECItem *oid)
-{
- SECOidData *oiddata;
-
- oiddata = SECOID_FindOID (oid);
- if (oiddata == NULL)
- return SEC_OID_UNKNOWN;
-
- return oiddata->offset;
-}
-
-/* This really should return const. */
-SECOidData *
-SECOID_FindOIDByTag(SECOidTag tagnum)
-{
-
- if (tagnum >= SEC_OID_TOTAL) {
- return secoid_FindDynamicByTag(tagnum);
- }
-
- PORT_Assert((unsigned int)tagnum < (sizeof(oids) / sizeof(SECOidData)));
- return (SECOidData *)(&oids[tagnum]);
-}
-
-PRBool SECOID_KnownCertExtenOID (SECItem *extenOid)
-{
- SECOidData * oidData;
-
- oidData = SECOID_FindOID (extenOid);
- if (oidData == (SECOidData *)NULL)
- return (PR_FALSE);
- return ((oidData->supportedExtension == SUPPORTED_CERT_EXTENSION) ?
- PR_TRUE : PR_FALSE);
-}
-
-
-const char *
-SECOID_FindOIDTagDescription(SECOidTag tagnum)
-{
- const SECOidData *oidData = SECOID_FindOIDByTag(tagnum);
- return oidData ? oidData->desc : 0;
-}
-
-/*
- * free up the oid tables.
- */
-SECStatus
-SECOID_Shutdown(void)
-{
- int i;
-
- if (oidhash) {
- PL_HashTableDestroy(oidhash);
- oidhash = NULL;
- }
- if (oidmechhash) {
- PL_HashTableDestroy(oidmechhash);
- oidmechhash = NULL;
- }
- if (oid_d_hash) {
- PL_HashTableDestroy(oid_d_hash);
- oid_d_hash = NULL;
- }
- if (secoidDynamicTable) {
- for (i=0; i < secoidLastDynamicEntry; i++) {
- PORT_Free(secoidDynamicTable[i]);
- }
- PORT_Free(secoidDynamicTable);
- secoidDynamicTable = NULL;
- secoidDynamicTableSize = 0;
- secoidLastDynamicEntry = 0;
- secoidLastHashEntry = 0;
- }
- return SECSuccess;
-}
diff --git a/security/nss/lib/util/secoid.h b/security/nss/lib/util/secoid.h
deleted file mode 100644
index a77bc60ba..000000000
--- a/security/nss/lib/util/secoid.h
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECOID_H_
-#define _SECOID_H_
-/*
- * secoid.h - public data structures and prototypes for ASN.1 OID functions
- *
- * $Id$
- */
-
-#include "plarena.h"
-
-#include "seccomon.h"
-#include "secoidt.h"
-#include "secasn1t.h"
-
-SEC_BEGIN_PROTOS
-
-extern const SEC_ASN1Template SECOID_AlgorithmIDTemplate[];
-
-/* This functions simply returns the address of the above-declared template. */
-SEC_ASN1_CHOOSER_DECLARE(SECOID_AlgorithmIDTemplate)
-
-/*
- * OID handling routines
- */
-extern SECOidData *SECOID_FindOID(SECItem *oid);
-extern SECOidTag SECOID_FindOIDTag(SECItem *oid);
-extern SECOidData *SECOID_FindOIDByTag(SECOidTag tagnum);
-extern SECOidData *SECOID_FindOIDByMechanism(unsigned long mechanism);
-
-/****************************************/
-/*
-** Algorithm id handling operations
-*/
-
-/*
-** Fill in an algorithm-ID object given a tag and some parameters.
-** "aid" where the DER encoded algorithm info is stored (memory
-** is allocated)
-** "tag" the tag defining the algorithm (SEC_OID_*)
-** "params" if not NULL, the parameters to go with the algorithm
-*/
-extern SECStatus SECOID_SetAlgorithmID(PRArenaPool *arena, SECAlgorithmID *aid,
- SECOidTag tag, SECItem *params);
-
-/*
-** Copy the "src" object to "dest". Memory is allocated in "dest" for
-** each of the appropriate sub-objects. Memory in "dest" is not freed
-** before memory is allocated (use SECOID_DestroyAlgorithmID(dest, PR_FALSE)
-** to do that).
-*/
-extern SECStatus SECOID_CopyAlgorithmID(PRArenaPool *arena, SECAlgorithmID *dest,
- SECAlgorithmID *src);
-
-/*
-** Get the SEC_OID_* tag for the given algorithm-id object.
-*/
-extern SECOidTag SECOID_GetAlgorithmTag(SECAlgorithmID *aid);
-
-/*
-** Destroy an algorithm-id object.
-** "aid" the certificate-request to destroy
-** "freeit" if PR_TRUE then free the object as well as its sub-objects
-*/
-extern void SECOID_DestroyAlgorithmID(SECAlgorithmID *aid, PRBool freeit);
-
-/*
-** Compare two algorithm-id objects, returning the difference between
-** them.
-*/
-extern SECComparison SECOID_CompareAlgorithmID(SECAlgorithmID *a,
- SECAlgorithmID *b);
-
-extern PRBool SECOID_KnownCertExtenOID (SECItem *extenOid);
-
-/* Given a SEC_OID_* tag, return a string describing it.
- */
-extern const char *SECOID_FindOIDTagDescription(SECOidTag tagnum);
-
-/*
- * free up the oid data structures.
- */
-extern SECStatus SECOID_Shutdown(void);
-
-
-SEC_END_PROTOS
-
-#endif /* _SECOID_H_ */
diff --git a/security/nss/lib/util/secoidt.h b/security/nss/lib/util/secoidt.h
deleted file mode 100644
index 7ce1f4cf4..000000000
--- a/security/nss/lib/util/secoidt.h
+++ /dev/null
@@ -1,320 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef _SECOIDT_H_
-#define _SECOIDT_H_
-/*
- * secoidt.h - public data structures for ASN.1 OID functions
- *
- * $Id$
- */
-
-#include "secitem.h"
-
-typedef struct SECOidDataStr SECOidData;
-typedef struct SECAlgorithmIDStr SECAlgorithmID;
-
-/*
-** An X.500 algorithm identifier
-*/
-struct SECAlgorithmIDStr {
- SECItem algorithm;
- SECItem parameters;
-};
-
-/*
- * Misc object IDs - these numbers are for convenient handling.
- * They are mapped into real object IDs
- *
- * NOTE: the order of these entries must mach the array "oids" of SECOidData
- * in util/secoid.c.
- */
-typedef enum {
- SEC_OID_UNKNOWN = 0,
- SEC_OID_MD2 = 1,
- SEC_OID_MD4 = 2,
- SEC_OID_MD5 = 3,
- SEC_OID_SHA1 = 4,
- SEC_OID_RC2_CBC = 5,
- SEC_OID_RC4 = 6,
- SEC_OID_DES_EDE3_CBC = 7,
- SEC_OID_RC5_CBC_PAD = 8,
- SEC_OID_DES_ECB = 9,
- SEC_OID_DES_CBC = 10,
- SEC_OID_DES_OFB = 11,
- SEC_OID_DES_CFB = 12,
- SEC_OID_DES_MAC = 13,
- SEC_OID_DES_EDE = 14,
- SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE = 15,
- SEC_OID_PKCS1_RSA_ENCRYPTION = 16,
- SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION = 17,
- SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION = 18,
- SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION = 19,
- SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION = 20,
- SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC = 21,
- SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC = 22,
- SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC = 23,
- SEC_OID_PKCS7 = 24,
- SEC_OID_PKCS7_DATA = 25,
- SEC_OID_PKCS7_SIGNED_DATA = 26,
- SEC_OID_PKCS7_ENVELOPED_DATA = 27,
- SEC_OID_PKCS7_SIGNED_ENVELOPED_DATA = 28,
- SEC_OID_PKCS7_DIGESTED_DATA = 29,
- SEC_OID_PKCS7_ENCRYPTED_DATA = 30,
- SEC_OID_PKCS9_EMAIL_ADDRESS = 31,
- SEC_OID_PKCS9_UNSTRUCTURED_NAME = 32,
- SEC_OID_PKCS9_CONTENT_TYPE = 33,
- SEC_OID_PKCS9_MESSAGE_DIGEST = 34,
- SEC_OID_PKCS9_SIGNING_TIME = 35,
- SEC_OID_PKCS9_COUNTER_SIGNATURE = 36,
- SEC_OID_PKCS9_CHALLENGE_PASSWORD = 37,
- SEC_OID_PKCS9_UNSTRUCTURED_ADDRESS = 38,
- SEC_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES = 39,
- SEC_OID_PKCS9_SMIME_CAPABILITIES = 40,
- SEC_OID_AVA_COMMON_NAME = 41,
- SEC_OID_AVA_COUNTRY_NAME = 42,
- SEC_OID_AVA_LOCALITY = 43,
- SEC_OID_AVA_STATE_OR_PROVINCE = 44,
- SEC_OID_AVA_ORGANIZATION_NAME = 45,
- SEC_OID_AVA_ORGANIZATIONAL_UNIT_NAME = 46,
- SEC_OID_AVA_DN_QUALIFIER = 47,
- SEC_OID_AVA_DC = 48,
-
- SEC_OID_NS_TYPE_GIF = 49,
- SEC_OID_NS_TYPE_JPEG = 50,
- SEC_OID_NS_TYPE_URL = 51,
- SEC_OID_NS_TYPE_HTML = 52,
- SEC_OID_NS_TYPE_CERT_SEQUENCE = 53,
- SEC_OID_MISSI_KEA_DSS_OLD = 54,
- SEC_OID_MISSI_DSS_OLD = 55,
- SEC_OID_MISSI_KEA_DSS = 56,
- SEC_OID_MISSI_DSS = 57,
- SEC_OID_MISSI_KEA = 58,
- SEC_OID_MISSI_ALT_KEA = 59,
-
- /* Netscape private certificate extensions */
- SEC_OID_NS_CERT_EXT_NETSCAPE_OK = 60,
- SEC_OID_NS_CERT_EXT_ISSUER_LOGO = 61,
- SEC_OID_NS_CERT_EXT_SUBJECT_LOGO = 62,
- SEC_OID_NS_CERT_EXT_CERT_TYPE = 63,
- SEC_OID_NS_CERT_EXT_BASE_URL = 64,
- SEC_OID_NS_CERT_EXT_REVOCATION_URL = 65,
- SEC_OID_NS_CERT_EXT_CA_REVOCATION_URL = 66,
- SEC_OID_NS_CERT_EXT_CA_CRL_URL = 67,
- SEC_OID_NS_CERT_EXT_CA_CERT_URL = 68,
- SEC_OID_NS_CERT_EXT_CERT_RENEWAL_URL = 69,
- SEC_OID_NS_CERT_EXT_CA_POLICY_URL = 70,
- SEC_OID_NS_CERT_EXT_HOMEPAGE_URL = 71,
- SEC_OID_NS_CERT_EXT_ENTITY_LOGO = 72,
- SEC_OID_NS_CERT_EXT_USER_PICTURE = 73,
- SEC_OID_NS_CERT_EXT_SSL_SERVER_NAME = 74,
- SEC_OID_NS_CERT_EXT_COMMENT = 75,
- SEC_OID_NS_CERT_EXT_LOST_PASSWORD_URL = 76,
- SEC_OID_NS_CERT_EXT_CERT_RENEWAL_TIME = 77,
- SEC_OID_NS_KEY_USAGE_GOVT_APPROVED = 78,
-
- /* x.509 v3 Extensions */
- SEC_OID_X509_SUBJECT_DIRECTORY_ATTR = 79,
- SEC_OID_X509_SUBJECT_KEY_ID = 80,
- SEC_OID_X509_KEY_USAGE = 81,
- SEC_OID_X509_PRIVATE_KEY_USAGE_PERIOD = 82,
- SEC_OID_X509_SUBJECT_ALT_NAME = 83,
- SEC_OID_X509_ISSUER_ALT_NAME = 84,
- SEC_OID_X509_BASIC_CONSTRAINTS = 85,
- SEC_OID_X509_NAME_CONSTRAINTS = 86,
- SEC_OID_X509_CRL_DIST_POINTS = 87,
- SEC_OID_X509_CERTIFICATE_POLICIES = 88,
- SEC_OID_X509_POLICY_MAPPINGS = 89,
- SEC_OID_X509_POLICY_CONSTRAINTS = 90,
- SEC_OID_X509_AUTH_KEY_ID = 91,
- SEC_OID_X509_EXT_KEY_USAGE = 92,
- SEC_OID_X509_AUTH_INFO_ACCESS = 93,
-
- SEC_OID_X509_CRL_NUMBER = 94,
- SEC_OID_X509_REASON_CODE = 95,
- SEC_OID_X509_INVALID_DATE = 96,
- /* End of x.509 v3 Extensions */
-
- SEC_OID_X500_RSA_ENCRYPTION = 97,
-
- /* alg 1485 additions */
- SEC_OID_RFC1274_UID = 98,
- SEC_OID_RFC1274_MAIL = 99,
-
- /* PKCS 12 additions */
- SEC_OID_PKCS12 = 100,
- SEC_OID_PKCS12_MODE_IDS = 101,
- SEC_OID_PKCS12_ESPVK_IDS = 102,
- SEC_OID_PKCS12_BAG_IDS = 103,
- SEC_OID_PKCS12_CERT_BAG_IDS = 104,
- SEC_OID_PKCS12_OIDS = 105,
- SEC_OID_PKCS12_PBE_IDS = 106,
- SEC_OID_PKCS12_SIGNATURE_IDS = 107,
- SEC_OID_PKCS12_ENVELOPING_IDS = 108,
- /* SEC_OID_PKCS12_OFFLINE_TRANSPORT_MODE,
- SEC_OID_PKCS12_ONLINE_TRANSPORT_MODE, */
- SEC_OID_PKCS12_PKCS8_KEY_SHROUDING = 109,
- SEC_OID_PKCS12_KEY_BAG_ID = 110,
- SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID = 111,
- SEC_OID_PKCS12_SECRET_BAG_ID = 112,
- SEC_OID_PKCS12_X509_CERT_CRL_BAG = 113,
- SEC_OID_PKCS12_SDSI_CERT_BAG = 114,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 = 115,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 = 116,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC = 117,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 118,
- SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 119,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4 = 120,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4 = 121,
- SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES = 122,
- SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST = 123,
- /* end of PKCS 12 additions */
-
- /* DSA signatures */
- SEC_OID_ANSIX9_DSA_SIGNATURE = 124,
- SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST = 125,
- SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST = 126,
-
- /* Verisign OIDs */
- SEC_OID_VERISIGN_USER_NOTICES = 127,
-
- /* PKIX OIDs */
- SEC_OID_PKIX_CPS_POINTER_QUALIFIER = 128,
- SEC_OID_PKIX_USER_NOTICE_QUALIFIER = 129,
- SEC_OID_PKIX_OCSP = 130,
- SEC_OID_PKIX_OCSP_BASIC_RESPONSE = 131,
- SEC_OID_PKIX_OCSP_NONCE = 132,
- SEC_OID_PKIX_OCSP_CRL = 133,
- SEC_OID_PKIX_OCSP_RESPONSE = 134,
- SEC_OID_PKIX_OCSP_NO_CHECK = 135,
- SEC_OID_PKIX_OCSP_ARCHIVE_CUTOFF = 136,
- SEC_OID_PKIX_OCSP_SERVICE_LOCATOR = 137,
- SEC_OID_PKIX_REGCTRL_REGTOKEN = 138,
- SEC_OID_PKIX_REGCTRL_AUTHENTICATOR = 139,
- SEC_OID_PKIX_REGCTRL_PKIPUBINFO = 140,
- SEC_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS = 141,
- SEC_OID_PKIX_REGCTRL_OLD_CERT_ID = 142,
- SEC_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY = 143,
- SEC_OID_PKIX_REGINFO_UTF8_PAIRS = 144,
- SEC_OID_PKIX_REGINFO_CERT_REQUEST = 145,
- SEC_OID_EXT_KEY_USAGE_SERVER_AUTH = 146,
- SEC_OID_EXT_KEY_USAGE_CLIENT_AUTH = 147,
- SEC_OID_EXT_KEY_USAGE_CODE_SIGN = 148,
- SEC_OID_EXT_KEY_USAGE_EMAIL_PROTECT = 149,
- SEC_OID_EXT_KEY_USAGE_TIME_STAMP = 150,
- SEC_OID_OCSP_RESPONDER = 151,
-
- /* Netscape Algorithm OIDs */
- SEC_OID_NETSCAPE_SMIME_KEA = 152,
-
- /* Skipjack OID -- ### mwelch temporary */
- SEC_OID_FORTEZZA_SKIPJACK = 153,
-
- /* PKCS 12 V2 oids */
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4 = 154,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4 = 155,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC = 156,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC = 157,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC = 158,
- SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC = 159,
- SEC_OID_PKCS12_SAFE_CONTENTS_ID = 160,
- SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID = 161,
-
- SEC_OID_PKCS12_V1_KEY_BAG_ID = 162,
- SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID = 163,
- SEC_OID_PKCS12_V1_CERT_BAG_ID = 164,
- SEC_OID_PKCS12_V1_CRL_BAG_ID = 165,
- SEC_OID_PKCS12_V1_SECRET_BAG_ID = 166,
- SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID = 167,
- SEC_OID_PKCS9_X509_CERT = 168,
- SEC_OID_PKCS9_SDSI_CERT = 169,
- SEC_OID_PKCS9_X509_CRL = 170,
- SEC_OID_PKCS9_FRIENDLY_NAME = 171,
- SEC_OID_PKCS9_LOCAL_KEY_ID = 172,
- SEC_OID_PKCS12_KEY_USAGE = 173,
-
- /*Diffe Helman OIDS */
- SEC_OID_X942_DIFFIE_HELMAN_KEY = 174,
-
- /* Netscape other name types */
- SEC_OID_NETSCAPE_NICKNAME = 175,
-
- /* Cert Server OIDS */
- SEC_OID_NETSCAPE_RECOVERY_REQUEST = 176,
-
- /* New PSM certificate management OIDs */
- SEC_OID_CERT_RENEWAL_LOCATOR = 177,
- SEC_OID_NS_CERT_EXT_SCOPE_OF_USE = 178,
-
- /* CMS (RFC2630) OIDs */
- SEC_OID_CMS_EPHEMERAL_STATIC_DIFFIE_HELLMAN = 179,
- SEC_OID_CMS_3DES_KEY_WRAP = 180,
- SEC_OID_CMS_RC2_KEY_WRAP = 181,
-
- /* SMIME attributes */
- SEC_OID_SMIME_ENCRYPTION_KEY_PREFERENCE = 182,
-
- /* AES OIDs */
- SEC_OID_AES_128_ECB = 183,
- SEC_OID_AES_128_CBC = 184,
- SEC_OID_AES_192_ECB = 185,
- SEC_OID_AES_192_CBC = 186,
- SEC_OID_AES_256_ECB = 187,
- SEC_OID_AES_256_CBC = 188,
-
- SEC_OID_SDN702_DSA_SIGNATURE = 189,
-
- SEC_OID_TOTAL
-} SECOidTag;
-
-/* fake OID for DSS sign/verify */
-#define SEC_OID_SHA SEC_OID_MISS_DSS
-
-typedef enum {
- INVALID_CERT_EXTENSION = 0,
- UNSUPPORTED_CERT_EXTENSION = 1,
- SUPPORTED_CERT_EXTENSION = 2
-} SECSupportExtenTag;
-
-struct SECOidDataStr {
- SECItem oid;
- SECOidTag offset;
- const char * desc;
- unsigned long mechanism;
- SECSupportExtenTag supportedExtension;
- /* only used for x.509 v3 extensions, so
- that we can print the names of those
- extensions that we don't even support */
-};
-
-#endif /* _SECOIDT_H_ */
diff --git a/security/nss/lib/util/secplcy.c b/security/nss/lib/util/secplcy.c
deleted file mode 100644
index b7f42080d..000000000
--- a/security/nss/lib/util/secplcy.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "secplcy.h"
-#include "prmem.h"
-
-SECCipherFind *sec_CipherFindInit(PRBool onlyAllowed,
- secCPStruct *policy,
- long *ciphers)
-{
- SECCipherFind *find = PR_NEWZAP(SECCipherFind);
- if (find)
- {
- find->policy = policy;
- find->ciphers = ciphers;
- find->onlyAllowed = onlyAllowed;
- find->index = -1;
- }
- return find;
-}
-
-long sec_CipherFindNext(SECCipherFind *find)
-{
- char *policy;
- long rv = -1;
- secCPStruct *policies = (secCPStruct *) find->policy;
- long *ciphers = (long *) find->ciphers;
- long numCiphers = policies->num_ciphers;
-
- find->index++;
- while((find->index < numCiphers) && (rv == -1))
- {
- /* Translate index to cipher. */
- rv = ciphers[find->index];
-
- /* If we're only looking for allowed ciphers, and if this
- cipher isn't allowed, loop around.*/
- if (find->onlyAllowed)
- {
- /* Find the appropriate policy flag. */
- policy = (&(policies->begin_ciphers)) + find->index + 1;
-
- /* If this cipher isn't allowed by policy, continue. */
- if (! (*policy))
- {
- rv = -1;
- find->index++;
- }
- }
- }
-
- return rv;
-}
-
-char sec_IsCipherAllowed(long cipher, secCPStruct *policies,
- long *ciphers)
-{
- char result = SEC_CIPHER_NOT_ALLOWED; /* our default answer */
- long numCiphers = policies->num_ciphers;
- char *policy;
- int i;
-
- /* Convert the cipher number into a policy flag location. */
- for (i=0, policy=(&(policies->begin_ciphers) + 1);
- i<numCiphers;
- i++, policy++)
- {
- if (cipher == ciphers[i])
- break;
- }
-
- if (i < numCiphers)
- {
- /* Found the cipher, get the policy value. */
- result = *policy;
- }
-
- return result;
-}
-
-void sec_CipherFindEnd(SECCipherFind *find)
-{
- PR_FREEIF(find);
-}
diff --git a/security/nss/lib/util/secplcy.h b/security/nss/lib/util/secplcy.h
deleted file mode 100644
index add5d8fac..000000000
--- a/security/nss/lib/util/secplcy.h
+++ /dev/null
@@ -1,133 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifndef __secplcy_h__
-#define __secplcy_h__
-
-#include "prtypes.h"
-
-/*
-** Cipher policy enforcement. This code isn't very pretty, but it accomplishes
-** the purpose of obscuring policy information from potential fortifiers. :-)
-**
-** The following routines are generic and intended for anywhere where cipher
-** policy enforcement is to be done, e.g. SSL and PKCS7&12.
-*/
-
-#define SEC_CIPHER_NOT_ALLOWED 0
-#define SEC_CIPHER_ALLOWED 1
-#define SEC_CIPHER_RESTRICTED 2 /* cipher is allowed in limited cases
- e.g. step-up */
-
-/* The length of the header string for each cipher table.
- (It's the same regardless of whether we're using md5 strings or not.) */
-#define SEC_POLICY_HEADER_LENGTH 48
-
-/* If we're testing policy stuff, we may want to use the plaintext version */
-#define SEC_POLICY_USE_MD5_STRINGS 1
-
-#define SEC_POLICY_THIS_IS_THE \
- "\x2a\x3a\x51\xbf\x2f\x71\xb7\x73\xaa\xca\x6b\x57\x70\xcd\xc8\x9f"
-#define SEC_POLICY_STRING_FOR_THE \
- "\x97\x15\xe2\x70\xd2\x8a\xde\xa9\xe7\xa7\x6a\xe2\x83\xe5\xb1\xf6"
-#define SEC_POLICY_SSL_TAIL \
- "\x70\x16\x25\xc0\x2a\xb2\x4a\xca\xb6\x67\xb1\x89\x20\xdf\x87\xca"
-#define SEC_POLICY_SMIME_TAIL \
- "\xdf\xd4\xe7\x2a\xeb\xc4\x1b\xb5\xd8\xe5\xe0\x2a\x16\x9f\xc4\xb9"
-#define SEC_POLICY_PKCS12_TAIL \
- "\x1c\xf8\xa4\x85\x4a\xc6\x8a\xfe\xe6\xca\x03\x72\x50\x1c\xe2\xc8"
-
-#if defined(SEC_POLICY_USE_MD5_STRINGS)
-
-/* We're not testing.
- Use md5 checksums of the strings. */
-
-#define SEC_POLICY_SSL_HEADER \
- SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_SSL_TAIL
-
-#define SEC_POLICY_SMIME_HEADER \
- SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_SMIME_TAIL
-
-#define SEC_POLICY_PKCS12_HEADER \
- SEC_POLICY_THIS_IS_THE SEC_POLICY_STRING_FOR_THE SEC_POLICY_PKCS12_TAIL
-
-#else
-
-/* We're testing.
- Use plaintext versions of the strings, for testing purposes. */
-#define SEC_POLICY_SSL_HEADER \
- "This is the string for the SSL policy table. "
-#define SEC_POLICY_SMIME_HEADER \
- "This is the string for the PKCS7 policy table. "
-#define SEC_POLICY_PKCS12_HEADER \
- "This is the string for the PKCS12 policy table. "
-
-#endif
-
-/* Local cipher tables have to have these members at the top. */
-typedef struct _sec_cp_struct
-{
- char policy_string[SEC_POLICY_HEADER_LENGTH];
- long unused; /* placeholder for max keybits in pkcs12 struct */
- char num_ciphers;
- char begin_ciphers;
- /* cipher policy settings follow. each is a char. */
-} secCPStruct;
-
-struct SECCipherFindStr
-{
- /* (policy) and (ciphers) are opaque to the outside world */
- void *policy;
- void *ciphers;
- long index;
- PRBool onlyAllowed;
-};
-
-typedef struct SECCipherFindStr SECCipherFind;
-
-SEC_BEGIN_PROTOS
-
-SECCipherFind *sec_CipherFindInit(PRBool onlyAllowed,
- secCPStruct *policy,
- long *ciphers);
-
-long sec_CipherFindNext(SECCipherFind *find);
-
-char sec_IsCipherAllowed(long cipher, secCPStruct *policies,
- long *ciphers);
-
-void sec_CipherFindEnd(SECCipherFind *find);
-
-SEC_END_PROTOS
-
-#endif /* __SECPLCY_H__ */
diff --git a/security/nss/lib/util/secport.c b/security/nss/lib/util/secport.c
deleted file mode 100644
index 6f9c510c9..000000000
--- a/security/nss/lib/util/secport.c
+++ /dev/null
@@ -1,574 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * secport.c - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#include "seccomon.h"
-#include "prmem.h"
-#include "prerror.h"
-#include "plarena.h"
-#include "secerr.h"
-#include "prmon.h"
-#include "nsslocks.h"
-#include "secport.h"
-#include "prvrsion.h"
-
-#ifdef DEBUG
-#define THREADMARK
-#endif /* DEBUG */
-
-#ifdef THREADMARK
-#include "prthread.h"
-#endif /* THREADMARK */
-
-#if defined(XP_UNIX) || defined(XP_MAC) || defined(XP_OS2)
-#include <stdlib.h>
-#else
-#include "wtypes.h"
-#endif
-
-#define SET_ERROR_CODE /* place holder for code to set PR error code. */
-
-#ifdef THREADMARK
-typedef struct threadmark_mark_str {
- struct threadmark_mark_str *next;
- void *mark;
-} threadmark_mark;
-
-#endif /* THREADMARK */
-
-/* The value of this magic must change each time PORTArenaPool changes. */
-#define ARENAPOOL_MAGIC 0xB8AC9BDF
-
-typedef struct PORTArenaPool_str {
- PLArenaPool arena;
- PRUint32 magic;
- PRLock * lock;
-#ifdef THREADMARK
- PRThread *marking_thread;
- threadmark_mark *first_mark;
-#endif
-} PORTArenaPool;
-
-
-/* count of allocation failures. */
-unsigned long port_allocFailures;
-
-/* locations for registering Unicode conversion functions.
- * XXX is this the appropriate location? or should they be
- * moved to client/server specific locations?
- */
-PORTCharConversionFunc ucs4Utf8ConvertFunc;
-PORTCharConversionFunc ucs2Utf8ConvertFunc;
-PORTCharConversionWSwapFunc ucs2AsciiConvertFunc;
-
-void *
-PORT_Alloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)PR_Malloc(bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- return rv;
-}
-
-void *
-PORT_Realloc(void *oldptr, size_t bytes)
-{
- void *rv;
-
- rv = (void *)PR_Realloc(oldptr, bytes);
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- return rv;
-}
-
-#ifdef XP_MAC
-char *
-PORT_Strdup(const char *cp)
-{
- size_t len = PORT_Strlen(cp);
- char *buf;
-
- buf = (char *)PORT_Alloc(len+1);
- if (buf == NULL) return;
-
- PORT_Memcpy(buf,cp,len+1);
- return buf;
-}
-#endif
-
-
-void *
-PORT_ZAlloc(size_t bytes)
-{
- void *rv;
-
- /* Always allocate a non-zero amount of bytes */
- rv = (void *)PR_Calloc(1, bytes ? bytes : 1);
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
- return rv;
-}
-
-void
-PORT_Free(void *ptr)
-{
- if (ptr) {
- PR_Free(ptr);
- }
-}
-
-void
-PORT_ZFree(void *ptr, size_t len)
-{
- if (ptr) {
- memset(ptr, 0, len);
- PR_Free(ptr);
- }
-}
-
-void
-PORT_SetError(int value)
-{
- PR_SetError(value, 0);
- return;
-}
-
-int
-PORT_GetError(void)
-{
- return(PR_GetError());
-}
-
-/********************* Arena code follows *****************************/
-
-PLArenaPool *
-PORT_NewArena(unsigned long chunksize)
-{
- PORTArenaPool *pool;
-
- pool = PORT_ZNew(PORTArenaPool);
- if (!pool) {
- return NULL;
- }
- pool->magic = ARENAPOOL_MAGIC;
- pool->lock = PZ_NewLock(nssILockArena);
- if (!pool->lock) {
- ++port_allocFailures;
- PORT_Free(pool);
- return NULL;
- }
- PL_InitArenaPool(&pool->arena, "security", chunksize, sizeof(double));
- return(&pool->arena);
-}
-
-void *
-PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
-{
- void *p;
-
- PORTArenaPool *pool = (PORTArenaPool *)arena;
-
- /* Is it one of ours? Assume so and check the magic */
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
-#ifdef THREADMARK
- /* Most likely one of ours. Is there a thread id? */
- if (pool->marking_thread &&
- pool->marking_thread != PR_GetCurrentThread() ) {
- /* Another thread holds a mark in this arena */
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return NULL;
- } /* tid != null */
-#endif /* THREADMARK */
- PL_ARENA_ALLOCATE(p, arena, size);
- PZ_Unlock(pool->lock);
- } else {
- PL_ARENA_ALLOCATE(p, arena, size);
- }
-
- if (!p) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- }
-
- return(p);
-}
-
-void *
-PORT_ArenaZAlloc(PLArenaPool *arena, size_t size)
-{
- void *p = PORT_ArenaAlloc(arena, size);
-
- if (p) {
- PORT_Memset(p, 0, size);
- }
-
- return(p);
-}
-
-/* XXX - need to zeroize!! - jsw */
-void
-PORT_FreeArena(PLArenaPool *arena, PRBool zero)
-{
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- PRLock * lock = (PRLock *)0;
- size_t len = sizeof *arena;
- extern const PRVersionDescription * libVersionPoint(void);
- static const PRVersionDescription * pvd;
- static PRBool doFreeArenaPool;
-
- if (ARENAPOOL_MAGIC == pool->magic ) {
- len = sizeof *pool;
- lock = pool->lock;
- PZ_Lock(lock);
- }
- if (!pvd) {
- /* no need for thread protection here */
- pvd = libVersionPoint();
- if ((pvd->vMajor > 4) ||
- (pvd->vMajor == 4 && pvd->vMinor > 1) ||
- (pvd->vMajor == 4 && pvd->vMinor == 1 && pvd->vPatch >= 1)) {
- doFreeArenaPool = PR_TRUE;
- }
- }
- if (doFreeArenaPool)
- PL_FreeArenaPool(arena);
- PL_FinishArenaPool(arena);
- PORT_ZFree(arena, len);
- if (lock) {
- PZ_Unlock(lock);
- PZ_DestroyLock(lock);
- }
-}
-
-void *
-PORT_ArenaGrow(PLArenaPool *arena, void *ptr, size_t oldsize, size_t newsize)
-{
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- PORT_Assert(newsize >= oldsize);
-
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
- /* Do we do a THREADMARK check here? */
- PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
- PZ_Unlock(pool->lock);
- } else {
- PL_ARENA_GROW(ptr, arena, oldsize, ( newsize - oldsize ) );
- }
-
- return(ptr);
-}
-
-void *
-PORT_ArenaMark(PLArenaPool *arena)
-{
- void * result;
-
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
-#ifdef THREADMARK
- {
- threadmark_mark *tm, **pw;
- PRThread * currentThread = PR_GetCurrentThread();
-
- if (! pool->marking_thread ) {
- /* First mark */
- pool->marking_thread = currentThread;
- } else if (currentThread != pool->marking_thread ) {
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return NULL;
- }
-
- result = PL_ARENA_MARK(arena);
- PL_ARENA_ALLOCATE(tm, arena, sizeof(threadmark_mark));
- if (!tm) {
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- return NULL;
- }
-
- tm->mark = result;
- tm->next = (threadmark_mark *)NULL;
-
- pw = &pool->first_mark;
- while( *pw ) {
- pw = &(*pw)->next;
- }
-
- *pw = tm;
- }
-#else /* THREADMARK */
- result = PL_ARENA_MARK(arena);
-#endif /* THREADMARK */
- PZ_Unlock(pool->lock);
- } else {
- /* a "pure" NSPR arena */
- result = PL_ARENA_MARK(arena);
- }
- return result;
-}
-
-void
-PORT_ArenaRelease(PLArenaPool *arena, void *mark)
-{
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
-#ifdef THREADMARK
- {
- threadmark_mark **pw, *tm;
-
- if (PR_GetCurrentThread() != pool->marking_thread ) {
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return /* no error indication available */ ;
- }
-
- pw = &pool->first_mark;
- while( *pw && (mark != (*pw)->mark) ) {
- pw = &(*pw)->next;
- }
-
- if (! *pw ) {
- /* bad mark */
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return /* no error indication available */ ;
- }
-
- tm = *pw;
- *pw = (threadmark_mark *)NULL;
-
- PL_ARENA_RELEASE(arena, mark);
-
- if (! pool->first_mark ) {
- pool->marking_thread = (PRThread *)NULL;
- }
- }
-#else /* THREADMARK */
- PL_ARENA_RELEASE(arena, mark);
-#endif /* THREADMARK */
- PZ_Unlock(pool->lock);
- } else {
- PL_ARENA_RELEASE(arena, mark);
- }
-}
-
-void
-PORT_ArenaUnmark(PLArenaPool *arena, void *mark)
-{
-#ifdef THREADMARK
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- if (ARENAPOOL_MAGIC == pool->magic ) {
- threadmark_mark **pw, *tm;
-
- PZ_Lock(pool->lock);
-
- if (PR_GetCurrentThread() != pool->marking_thread ) {
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return /* no error indication available */ ;
- }
-
- pw = &pool->first_mark;
- while( ((threadmark_mark *)NULL != *pw) && (mark != (*pw)->mark) ) {
- pw = &(*pw)->next;
- }
-
- if ((threadmark_mark *)NULL == *pw ) {
- /* bad mark */
- PZ_Unlock(pool->lock);
- PORT_SetError(SEC_ERROR_NO_MEMORY);
- PORT_Assert(0);
- return /* no error indication available */ ;
- }
-
- tm = *pw;
- *pw = (threadmark_mark *)NULL;
-
- if (! pool->first_mark ) {
- pool->marking_thread = (PRThread *)NULL;
- }
-
- PZ_Unlock(pool->lock);
- }
-#endif /* THREADMARK */
-}
-
-char *
-PORT_ArenaStrdup(PLArenaPool *arena, char *str) {
- int len = PORT_Strlen(str)+1;
- char *newstr;
-
- newstr = (char*)PORT_ArenaAlloc(arena,len);
- if (newstr) {
- PORT_Memcpy(newstr,str,len);
- }
- return newstr;
-}
-
-/********************** end of arena functions ***********************/
-
-/****************** unicode conversion functions ***********************/
-/*
- * NOTE: These conversion functions all assume that the multibyte
- * characters are going to be in NETWORK BYTE ORDER, not host byte
- * order. This is because the only time we deal with UCS-2 and UCS-4
- * are when the data was received from or is going to be sent out
- * over the wire (in, e.g. certificates).
- */
-
-void
-PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
-{
- ucs4Utf8ConvertFunc = convFunc;
-}
-
-void
-PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc)
-{
- ucs2AsciiConvertFunc = convFunc;
-}
-
-void
-PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc)
-{
- ucs2Utf8ConvertFunc = convFunc;
-}
-
-PRBool
-PORT_UCS4_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen)
-{
- if(!ucs4Utf8ConvertFunc) {
- return sec_port_ucs4_utf8_conversion_function(toUnicode,
- inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen);
- }
-
- return (*ucs4Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf,
- maxOutBufLen, outBufLen);
-}
-
-PRBool
-PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen)
-{
- if(!ucs2Utf8ConvertFunc) {
- return sec_port_ucs2_utf8_conversion_function(toUnicode,
- inBuf, inBufLen, outBuf, maxOutBufLen, outBufLen);
- }
-
- return (*ucs2Utf8ConvertFunc)(toUnicode, inBuf, inBufLen, outBuf,
- maxOutBufLen, outBufLen);
-}
-
-PRBool
-PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen,
- PRBool swapBytes)
-{
- if(!ucs2AsciiConvertFunc) {
- return PR_FALSE;
- }
-
- return (*ucs2AsciiConvertFunc)(toUnicode, inBuf, inBufLen, outBuf,
- maxOutBufLen, outBufLen, swapBytes);
-}
-
-
-/* Portable putenv. Creates/replaces an environment variable of the form
- * envVarName=envValue
- */
-int
-NSS_PutEnv(const char * envVarName, const char * envValue)
-{
-#if defined(XP_MAC)
- return SECFailure;
-#else
- SECStatus result = SECSuccess;
- char * encoded;
- int putEnvFailed;
-#ifdef _WIN32
- PRBool setOK;
-
- setOK = SetEnvironmentVariable(envVarName, envValue);
- if (!setOK) {
- SET_ERROR_CODE
- return SECFailure;
- }
-#endif
-
- encoded = (char *)PORT_ZAlloc(strlen(envVarName) + 2 + strlen(envValue));
- strcpy(encoded, envVarName);
- strcat(encoded, "=");
- strcat(encoded, envValue);
-
- putEnvFailed = putenv(encoded); /* adopt. */
- if (putEnvFailed) {
- SET_ERROR_CODE
- result = SECFailure;
- PORT_Free(encoded);
- }
- return result;
-#endif
-}
-
diff --git a/security/nss/lib/util/secport.h b/security/nss/lib/util/secport.h
deleted file mode 100644
index 3c92676a2..000000000
--- a/security/nss/lib/util/secport.h
+++ /dev/null
@@ -1,274 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/*
- * secport.h - portability interfaces for security libraries
- *
- * This file abstracts out libc functionality that libsec depends on
- *
- * NOTE - These are not public interfaces
- *
- * $Id$
- */
-
-#ifndef _SECPORT_H_
-#define _SECPORT_H_
-
-/*
- * define XP_MAC, XP_WIN, or XP_UNIX, in case they are not defined
- * by anyone else
- */
-#ifdef macintosh
-# ifndef XP_MAC
-# define XP_MAC 1
-# endif
-#endif
-
-#ifdef _WINDOWS
-# ifndef XP_WIN
-# define XP_WIN
-# endif
-#if defined(_WIN32) || defined(WIN32)
-# ifndef XP_WIN32
-# define XP_WIN32
-# endif
-#else
-# ifndef XP_WIN16
-# define XP_WIN16
-# endif
-#endif
-#endif
-
-#ifdef unix
-# ifndef XP_UNIX
-# define XP_UNIX
-# endif
-#endif
-
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-#include "watcomfx.h"
-#endif
-
-#ifdef XP_MAC
-#include <types.h>
-#include <time.h> /* for time_t below */
-#else
-#include <sys/types.h>
-#endif
-
-#ifdef notdef
-#ifdef XP_MAC
-#include "NSString.h"
-#endif
-#endif
-
-#include <ctype.h>
-#include <string.h>
-#include <stddef.h>
-#include <stdlib.h>
-#include "prtypes.h"
-#include "prlog.h" /* for PR_ASSERT */
-#include "plarena.h"
-#include "plstr.h"
-
-/*
- * HACK for NSS 2.8 to allow Admin to compile without source changes.
- */
-#ifndef SEC_BEGIN_PROTOS
-#include "seccomon.h"
-#endif
-
-SEC_BEGIN_PROTOS
-
-extern void *PORT_Alloc(size_t len);
-extern void *PORT_Realloc(void *old, size_t len);
-extern void *PORT_AllocBlock(size_t len);
-extern void *PORT_ReallocBlock(void *old, size_t len);
-extern void PORT_FreeBlock(void *ptr);
-extern void *PORT_ZAlloc(size_t len);
-extern void PORT_Free(void *ptr);
-extern void PORT_ZFree(void *ptr, size_t len);
-extern time_t PORT_Time(void);
-extern void PORT_SetError(int value);
-extern int PORT_GetError(void);
-
-extern PLArenaPool *PORT_NewArena(unsigned long chunksize);
-extern void *PORT_ArenaAlloc(PLArenaPool *arena, size_t size);
-extern void *PORT_ArenaZAlloc(PLArenaPool *arena, size_t size);
-extern void PORT_FreeArena(PLArenaPool *arena, PRBool zero);
-extern void *PORT_ArenaGrow(PLArenaPool *arena, void *ptr,
- size_t oldsize, size_t newsize);
-extern void *PORT_ArenaMark(PLArenaPool *arena);
-extern void PORT_ArenaRelease(PLArenaPool *arena, void *mark);
-extern void PORT_ArenaUnmark(PLArenaPool *arena, void *mark);
-extern char *PORT_ArenaStrdup(PLArenaPool *arena, char *str);
-
-#ifdef __cplusplus
-}
-#endif
-
-#define PORT_Assert PR_ASSERT
-#define PORT_ZNew(type) (type*)PORT_ZAlloc(sizeof(type))
-#define PORT_New(type) (type*)PORT_Alloc(sizeof(type))
-#define PORT_ArenaNew(poolp, type) \
- (type*) PORT_ArenaAlloc(poolp, sizeof(type))
-#define PORT_ArenaZNew(poolp, type) \
- (type*) PORT_ArenaZAlloc(poolp, sizeof(type))
-#define PORT_NewArray(type, num) \
- (type*) PORT_Alloc (sizeof(type)*(num))
-#define PORT_ZNewArray(type, num) \
- (type*) PORT_ZAlloc (sizeof(type)*(num))
-#define PORT_ArenaNewArray(poolp, type, num) \
- (type*) PORT_ArenaAlloc (poolp, sizeof(type)*(num))
-#define PORT_ArenaZNewArray(poolp, type, num) \
- (type*) PORT_ArenaZAlloc (poolp, sizeof(type)*(num))
-
-/* Please, keep these defines sorted alphbetically. Thanks! */
-
-#ifdef XP_STRING_FUNCS
-
-#define PORT_Atoi XP_ATOI
-
-#define PORT_Memcmp XP_MEMCMP
-#define PORT_Memcpy XP_MEMCPY
-#define PORT_Memmove XP_MEMMOVE
-#define PORT_Memset XP_MEMSET
-
-#define PORT_Strcasecmp XP_STRCASECMP
-#define PORT_Strcat XP_STRCAT
-#define PORT_Strchr XP_STRCHR
-#define PORT_Strrchr XP_STRRCHR
-#define PORT_Strcmp XP_STRCMP
-#define PORT_Strcpy XP_STRCPY
-#define PORT_Strdup XP_STRDUP
-#define PORT_Strlen(s) XP_STRLEN(s)
-#define PORT_Strncasecmp XP_STRNCASECMP
-#define PORT_Strncat strncat
-#define PORT_Strncmp XP_STRNCMP
-#define PORT_Strncpy strncpy
-#define PORT_Strstr XP_STRSTR
-#define PORT_Strtok XP_STRTOK_R
-
-#define PORT_Tolower XP_TO_LOWER
-
-#else /* XP_STRING_FUNCS */
-
-#define PORT_Atoi atoi
-
-#define PORT_Memcmp memcmp
-#define PORT_Memcpy memcpy
-#ifndef SUNOS4
-#define PORT_Memmove memmove
-#else /*SUNOS4*/
-#define PORT_Memmove(s,ct,n) bcopy ((ct), (s), (n))
-#endif/*SUNOS4*/
-#define PORT_Memset memset
-
-#define PORT_Strcasecmp PL_strcasecmp
-#define PORT_Strcat strcat
-#define PORT_Strchr strchr
-#define PORT_Strrchr PL_strrchr
-#define PORT_Strcmp strcmp
-#define PORT_Strcpy strcpy
-#ifdef XP_MAC
-char *PORT_Strdup(const char *);
-#else
-#define PORT_Strdup strdup
-#endif
-#define PORT_Strlen(s) strlen(s)
-#define PORT_Strncasecmp PL_strncasecmp
-#define PORT_Strncat strncat
-#define PORT_Strncmp strncmp
-#define PORT_Strncpy strncpy
-#define PORT_Strstr strstr
-#define PORT_Strtok strtok
-
-#define PORT_Tolower tolower
-
-#endif /* XP_STRING_FUNCS */
-
-typedef PRBool (PR_CALLBACK * PORTCharConversionWSwapFunc) (PRBool toUnicode,
- unsigned char *inBuf, unsigned int inBufLen,
- unsigned char *outBuf, unsigned int maxOutBufLen,
- unsigned int *outBufLen, PRBool swapBytes);
-
-typedef PRBool (PR_CALLBACK * PORTCharConversionFunc) (PRBool toUnicode,
- unsigned char *inBuf, unsigned int inBufLen,
- unsigned char *outBuf, unsigned int maxOutBufLen,
- unsigned int *outBufLen);
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-void PORT_SetUCS4_UTF8ConversionFunction(PORTCharConversionFunc convFunc);
-void PORT_SetUCS2_ASCIIConversionFunction(PORTCharConversionWSwapFunc convFunc);
-PRBool PORT_UCS4_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen);
-PRBool PORT_UCS2_ASCIIConversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen,
- PRBool swapBytes);
-void PORT_SetUCS2_UTF8ConversionFunction(PORTCharConversionFunc convFunc);
-PRBool PORT_UCS2_UTF8Conversion(PRBool toUnicode, unsigned char *inBuf,
- unsigned int inBufLen, unsigned char *outBuf,
- unsigned int maxOutBufLen, unsigned int *outBufLen);
-
-PR_EXTERN(PRBool)
-sec_port_ucs4_utf8_conversion_function
-(
- PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen
-);
-
-PR_EXTERN(PRBool)
-sec_port_ucs2_utf8_conversion_function
-(
- PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen
-);
-
-extern int NSS_PutEnv(const char * envVarName, const char * envValue);
-
-SEC_END_PROTOS
-
-#endif /* _SECPORT_H_ */
diff --git a/security/nss/lib/util/sectime.c b/security/nss/lib/util/sectime.c
deleted file mode 100644
index d3cca6f87..000000000
--- a/security/nss/lib/util/sectime.c
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "prlong.h"
-#include "prtime.h"
-#include "secder.h"
-#include "cert.h"
-#include "secitem.h"
-
-const SEC_ASN1Template CERT_ValidityTemplate[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(CERTValidity) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTValidity,notBefore) },
- { SEC_ASN1_UTC_TIME,
- offsetof(CERTValidity,notAfter) },
- { 0 }
-};
-
-DERTemplate CERTValidityTemplate[] = {
- { DER_SEQUENCE,
- 0, NULL, sizeof(CERTValidity) },
- { DER_UTC_TIME,
- offsetof(CERTValidity,notBefore), },
- { DER_UTC_TIME,
- offsetof(CERTValidity,notAfter), },
- { 0, }
-};
-
-static char *DecodeUTCTime2FormattedAscii (SECItem *utcTimeDER, char *format);
-
-/* convert DER utc time to ascii time string */
-char *
-DER_UTCTimeToAscii(SECItem *utcTime)
-{
- return (DecodeUTCTime2FormattedAscii (utcTime, "%a %b %d %H:%M:%S %Y"));
-}
-
-/* convert DER utc time to ascii time string, only include day, not time */
-char *
-DER_UTCDayToAscii(SECItem *utctime)
-{
- return (DecodeUTCTime2FormattedAscii (utctime, "%a %b %d, %Y"));
-}
-
-CERTValidity *
-CERT_CreateValidity(int64 notBefore, int64 notAfter)
-{
- CERTValidity *v;
- int rv;
- PRArenaPool *arena;
-
- arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-
- if ( !arena ) {
- return(0);
- }
-
- v = (CERTValidity*) PORT_ArenaZAlloc(arena, sizeof(CERTValidity));
- if (v) {
- v->arena = arena;
- rv = DER_TimeToUTCTime(&v->notBefore, notBefore);
- if (rv) goto loser;
- rv = DER_TimeToUTCTime(&v->notAfter, notAfter);
- if (rv) goto loser;
- }
- return v;
-
- loser:
- CERT_DestroyValidity(v);
- return 0;
-}
-
-SECStatus
-CERT_CopyValidity(PRArenaPool *arena, CERTValidity *to, CERTValidity *from)
-{
- SECStatus rv;
-
- CERT_DestroyValidity(to);
- to->arena = arena;
-
- rv = SECITEM_CopyItem(arena, &to->notBefore, &from->notBefore);
- if (rv) return rv;
- rv = SECITEM_CopyItem(arena, &to->notAfter, &from->notAfter);
- return rv;
-}
-
-void
-CERT_DestroyValidity(CERTValidity *v)
-{
- if (v && v->arena) {
- PORT_FreeArena(v->arena, PR_FALSE);
- }
- return;
-}
-
-char *
-CERT_UTCTime2FormattedAscii (int64 utcTime, char *format)
-{
- PRExplodedTime printableTime;
- char *timeString;
-
- /* Converse time to local time and decompose it into components */
- PR_ExplodeTime(utcTime, PR_LocalTimeParameters, &printableTime);
-
- timeString = (char *)PORT_Alloc(100);
-
- if ( timeString ) {
- PR_FormatTime( timeString, 100, format, &printableTime );
- }
-
- return (timeString);
-}
-
-char *CERT_GenTime2FormattedAscii (int64 genTime, char *format)
-{
- PRExplodedTime printableTime;
- char *timeString;
-
- /* Decompose time into components */
- PR_ExplodeTime(genTime, PR_GMTParameters, &printableTime);
-
- timeString = (char *)PORT_Alloc(100);
-
- if ( timeString ) {
- PR_FormatTime( timeString, 100, format, &printableTime );
- }
-
- return (timeString);
-}
-
-
-/* convert DER utc time to ascii time string, The format of the time string
- depends on the input "format"
- */
-static char *
-DecodeUTCTime2FormattedAscii (SECItem *utcTimeDER, char *format)
-{
- int64 utcTime;
- int rv;
-
- rv = DER_UTCTimeToTime(&utcTime, utcTimeDER);
- if (rv) {
- return(NULL);
- }
- return (CERT_UTCTime2FormattedAscii (utcTime, format));
-}
diff --git a/security/nss/lib/util/utf8.c b/security/nss/lib/util/utf8.c
deleted file mode 100644
index 7a3c3954d..000000000
--- a/security/nss/lib/util/utf8.c
+++ /dev/null
@@ -1,2061 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-#include "seccomon.h"
-#include "secport.h"
-
-/*
- * Define this if you want to support UTF-16 in UCS-2
- */
-#define UTF16
-
-/*
- * From RFC 2044:
- *
- * UCS-4 range (hex.) UTF-8 octet sequence (binary)
- * 0000 0000-0000 007F 0xxxxxxx
- * 0000 0080-0000 07FF 110xxxxx 10xxxxxx
- * 0000 0800-0000 FFFF 1110xxxx 10xxxxxx 10xxxxxx
- * 0001 0000-001F FFFF 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0020 0000-03FF FFFF 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
- * 0400 0000-7FFF FFFF 1111110x 10xxxxxx ... 10xxxxxx
- */
-
-/*
- * From http://www.imc.org/draft-hoffman-utf16
- *
- * For U on [0x00010000,0x0010FFFF]: Let U' = U - 0x00010000
- *
- * U' = yyyyyyyyyyxxxxxxxxxx
- * W1 = 110110yyyyyyyyyy
- * W2 = 110111xxxxxxxxxx
- */
-
-/*
- * This code is assuming NETWORK BYTE ORDER for the 16- and 32-bit
- * character values. If you wish to use this code for working with
- * host byte order values, define the following:
- *
- * #if IS_BIG_ENDIAN
- * #define L_0 0
- * #define L_1 1
- * #define L_2 2
- * #define L_3 3
- * #define H_0 0
- * #define H_1 1
- * #else / * not everyone has elif * /
- * #if IS_LITTLE_ENDIAN
- * #define L_0 3
- * #define L_1 2
- * #define L_2 1
- * #define L_3 0
- * #define H_0 1
- * #define H_1 0
- * #else
- * #error "PDP and NUXI support deferred"
- * #endif / * IS_LITTLE_ENDIAN * /
- * #endif / * IS_BIG_ENDIAN * /
- */
-
-#define L_0 0
-#define L_1 1
-#define L_2 2
-#define L_3 3
-#define H_0 0
-#define H_1 1
-
-PR_IMPLEMENT(PRBool)
-sec_port_ucs4_utf8_conversion_function
-(
- PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen
-)
-{
-#ifndef TEST_UTF8
- PORT_Assert((unsigned int *)NULL != outBufLen);
-#endif /* TEST_UTF8 */
-
- if( toUnicode ) {
- unsigned int i, len = 0;
-
- for( i = 0; i < inBufLen; ) {
- if( (inBuf[i] & 0x80) == 0x00 ) i += 1;
- else if( (inBuf[i] & 0xE0) == 0xC0 ) i += 2;
- else if( (inBuf[i] & 0xF0) == 0xE0 ) i += 3;
- else if( (inBuf[i] & 0xF8) == 0xF0 ) i += 4;
- else if( (inBuf[i] & 0xFC) == 0xF8 ) i += 5;
- else if( (inBuf[i] & 0xFE) == 0xFC ) i += 6;
- else return PR_FALSE;
-
- len += 4;
- }
-
- if( len > maxOutBufLen ) {
- *outBufLen = len;
- return PR_FALSE;
- }
-
- len = 0;
-
- for( i = 0; i < inBufLen; ) {
- if( (inBuf[i] & 0x80) == 0x00 ) {
- /* 0000 0000-0000 007F <- 0xxxxxx */
- /* 0abcdefg ->
- 00000000 00000000 00000000 0abcdefg */
-
- outBuf[len+L_0] = 0x00;
- outBuf[len+L_1] = 0x00;
- outBuf[len+L_2] = 0x00;
- outBuf[len+L_3] = inBuf[i+0] & 0x7F;
-
- i += 1;
- } else if( (inBuf[i] & 0xE0) == 0xC0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0000 0080-0000 07FF <- 110xxxxx 10xxxxxx */
- /* 110abcde 10fghijk ->
- 00000000 00000000 00000abc defghijk */
-
- outBuf[len+L_0] = 0x00;
- outBuf[len+L_1] = 0x00;
- outBuf[len+L_2] = ((inBuf[i+0] & 0x1C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+0] & 0x03) << 6) | ((inBuf[i+1] & 0x3F) >> 0);
-
- i += 2;
- } else if( (inBuf[i] & 0xF0) == 0xE0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0000 0800-0000 FFFF <- 1110xxxx 10xxxxxx 10xxxxxx */
- /* 1110abcd 10efghij 10klmnop ->
- 00000000 00000000 abcdefgh ijklmnop */
-
- outBuf[len+L_0] = 0x00;
- outBuf[len+L_1] = 0x00;
- outBuf[len+L_2] = ((inBuf[i+0] & 0x0F) << 4) | ((inBuf[i+1] & 0x3C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+1] & 0x03) << 6) | ((inBuf[i+2] & 0x3F) >> 0);
-
- i += 3;
- } else if( (inBuf[i] & 0xF8) == 0xF0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0001 0000-001F FFFF <- 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
- /* 11110abc 10defghi 10jklmno 10pqrstu ->
- 00000000 000abcde fghijklm nopqrstu */
-
- outBuf[len+L_0] = 0x00;
- outBuf[len+L_1] = ((inBuf[i+0] & 0x07) << 2) | ((inBuf[i+1] & 0x30) >> 4);
- outBuf[len+L_2] = ((inBuf[i+1] & 0x0F) << 4) | ((inBuf[i+2] & 0x3C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+2] & 0x03) << 6) | ((inBuf[i+3] & 0x3F) >> 0);
-
- i += 4;
- } else if( (inBuf[i] & 0xFC) == 0xF8 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+4] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0020 0000-03FF FFFF <- 111110xx 10xxxxxx ... 10xxxxxx */
- /* 111110ab 10cdefgh 10ijklmn 10opqrst 10uvwxyz ->
- 000000ab cdefghij klmnopqr stuvwxyz */
-
- outBuf[len+L_0] = inBuf[i+0] & 0x03;
- outBuf[len+L_1] = ((inBuf[i+1] & 0x3F) << 2) | ((inBuf[i+2] & 0x30) >> 4);
- outBuf[len+L_2] = ((inBuf[i+2] & 0x0F) << 4) | ((inBuf[i+3] & 0x3C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+3] & 0x03) << 6) | ((inBuf[i+4] & 0x3F) >> 0);
-
- i += 5;
- } else /* if( (inBuf[i] & 0xFE) == 0xFC ) */ {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+4] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+5] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0400 0000-7FFF FFFF <- 1111110x 10xxxxxx ... 10xxxxxx */
- /* 1111110a 10bcdefg 10hijklm 10nopqrs 10tuvwxy 10zABCDE ->
- 0abcdefg hijklmno pqrstuvw xyzABCDE */
-
- outBuf[len+L_0] = ((inBuf[i+0] & 0x01) << 6) | ((inBuf[i+1] & 0x3F) >> 0);
- outBuf[len+L_1] = ((inBuf[i+2] & 0x3F) << 2) | ((inBuf[i+3] & 0x30) >> 4);
- outBuf[len+L_2] = ((inBuf[i+3] & 0x0F) << 4) | ((inBuf[i+4] & 0x3C) >> 2);
- outBuf[len+L_3] = ((inBuf[i+4] & 0x03) << 6) | ((inBuf[i+5] & 0x3F) >> 0);
-
- i += 6;
- }
-
- len += 4;
- }
-
- *outBufLen = len;
- return PR_TRUE;
- } else {
- unsigned int i, len = 0;
-
- for( i = 0; i < inBufLen; i += 4 ) {
- if( inBuf[i+L_0] >= 0x04 ) len += 6;
- else if( (inBuf[i+L_0] > 0x00) || (inBuf[i+L_1] >= 0x20) ) len += 5;
- else if( inBuf[i+L_1] >= 0x01 ) len += 4;
- else if( inBuf[i+L_2] >= 0x08 ) len += 3;
- else if( (inBuf[i+L_2] > 0x00) || (inBuf[i+L_3] >= 0x80) ) len += 2;
- else len += 1;
- }
-
- if( len > maxOutBufLen ) {
- *outBufLen = len;
- return PR_FALSE;
- }
-
- len = 0;
-
- for( i = 0; i < inBufLen; i += 4 ) {
- if( inBuf[i+L_0] >= 0x04 ) {
- /* 0400 0000-7FFF FFFF -> 1111110x 10xxxxxx ... 10xxxxxx */
- /* 0abcdefg hijklmno pqrstuvw xyzABCDE ->
- 1111110a 10bcdefg 10hijklm 10nopqrs 10tuvwxy 10zABCDE */
-
- outBuf[len+0] = 0xFC | ((inBuf[i+L_0] & 0x40) >> 6);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_0] & 0x3F) >> 0);
- outBuf[len+2] = 0x80 | ((inBuf[i+L_1] & 0xFC) >> 2);
- outBuf[len+3] = 0x80 | ((inBuf[i+L_1] & 0x03) << 4)
- | ((inBuf[i+L_2] & 0xF0) >> 4);
- outBuf[len+4] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+5] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 6;
- } else if( (inBuf[i+L_0] > 0x00) || (inBuf[i+L_1] >= 0x20) ) {
- /* 0020 0000-03FF FFFF -> 111110xx 10xxxxxx ... 10xxxxxx */
- /* 000000ab cdefghij klmnopqr stuvwxyz ->
- 111110ab 10cdefgh 10ijklmn 10opqrst 10uvwxyz */
-
- outBuf[len+0] = 0xF8 | ((inBuf[i+L_0] & 0x03) >> 0);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_1] & 0xFC) >> 2);
- outBuf[len+2] = 0x80 | ((inBuf[i+L_1] & 0x03) << 4)
- | ((inBuf[i+L_2] & 0xF0) >> 4);
- outBuf[len+3] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+4] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 5;
- } else if( inBuf[i+L_1] >= 0x01 ) {
- /* 0001 0000-001F FFFF -> 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
- /* 00000000 000abcde fghijklm nopqrstu ->
- 11110abc 10defghi 10jklmno 10pqrstu */
-
- outBuf[len+0] = 0xF0 | ((inBuf[i+L_1] & 0x1C) >> 2);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_1] & 0x03) << 4)
- | ((inBuf[i+L_2] & 0xF0) >> 4);
- outBuf[len+2] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+3] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 4;
- } else if( inBuf[i+L_2] >= 0x08 ) {
- /* 0000 0800-0000 FFFF -> 1110xxxx 10xxxxxx 10xxxxxx */
- /* 00000000 00000000 abcdefgh ijklmnop ->
- 1110abcd 10efghij 10klmnop */
-
- outBuf[len+0] = 0xE0 | ((inBuf[i+L_2] & 0xF0) >> 4);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_2] & 0x0F) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+2] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 3;
- } else if( (inBuf[i+L_2] > 0x00) || (inBuf[i+L_3] >= 0x80) ) {
- /* 0000 0080-0000 07FF -> 110xxxxx 10xxxxxx */
- /* 00000000 00000000 00000abc defghijk ->
- 110abcde 10fghijk */
-
- outBuf[len+0] = 0xC0 | ((inBuf[i+L_2] & 0x07) << 2)
- | ((inBuf[i+L_3] & 0xC0) >> 6);
- outBuf[len+1] = 0x80 | ((inBuf[i+L_3] & 0x3F) >> 0);
-
- len += 2;
- } else {
- /* 0000 0000-0000 007F -> 0xxxxxx */
- /* 00000000 00000000 00000000 0abcdefg ->
- 0abcdefg */
-
- outBuf[len+0] = (inBuf[i+L_3] & 0x7F);
-
- len += 1;
- }
- }
-
- *outBufLen = len;
- return PR_TRUE;
- }
-}
-
-PR_IMPLEMENT(PRBool)
-sec_port_ucs2_utf8_conversion_function
-(
- PRBool toUnicode,
- unsigned char *inBuf,
- unsigned int inBufLen,
- unsigned char *outBuf,
- unsigned int maxOutBufLen,
- unsigned int *outBufLen
-)
-{
-#ifndef TEST_UTF8
- PORT_Assert((unsigned int *)NULL != outBufLen);
-#endif /* TEST_UTF8 */
-
- if( toUnicode ) {
- unsigned int i, len = 0;
-
- for( i = 0; i < inBufLen; ) {
- if( (inBuf[i] & 0x80) == 0x00 ) {
- i += 1;
- len += 2;
- } else if( (inBuf[i] & 0xE0) == 0xC0 ) {
- i += 2;
- len += 2;
- } else if( (inBuf[i] & 0xF0) == 0xE0 ) {
- i += 3;
- len += 2;
-#ifdef UTF16
- } else if( (inBuf[i] & 0xF8) == 0xF0 ) {
- i += 4;
- len += 4;
-
- if( (inBuf[i] & 0x04) &&
- ((inBuf[i] & 0x03) || (inBuf[i+1] & 0x30)) ) {
- /* Not representable as UTF16 */
- return PR_FALSE;
- }
-
-#endif /* UTF16 */
- } else return PR_FALSE;
- }
-
- if( len > maxOutBufLen ) {
- *outBufLen = len;
- return PR_FALSE;
- }
-
- len = 0;
-
- for( i = 0; i < inBufLen; ) {
- if( (inBuf[i] & 0x80) == 0x00 ) {
- /* 0000-007F <- 0xxxxxx */
- /* 0abcdefg -> 00000000 0abcdefg */
-
- outBuf[len+H_0] = 0x00;
- outBuf[len+H_1] = inBuf[i+0] & 0x7F;
-
- i += 1;
- len += 2;
- } else if( (inBuf[i] & 0xE0) == 0xC0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0080-07FF <- 110xxxxx 10xxxxxx */
- /* 110abcde 10fghijk -> 00000abc defghijk */
-
- outBuf[len+H_0] = ((inBuf[i+0] & 0x1C) >> 2);
- outBuf[len+H_1] = ((inBuf[i+0] & 0x03) << 6) | ((inBuf[i+1] & 0x3F) >> 0);
-
- i += 2;
- len += 2;
- } else if( (inBuf[i] & 0xF0) == 0xE0 ) {
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0800-FFFF <- 1110xxxx 10xxxxxx 10xxxxxx */
- /* 1110abcd 10efghij 10klmnop -> abcdefgh ijklmnop */
-
- outBuf[len+H_0] = ((inBuf[i+0] & 0x0F) << 4) | ((inBuf[i+1] & 0x3C) >> 2);
- outBuf[len+H_1] = ((inBuf[i+1] & 0x03) << 6) | ((inBuf[i+2] & 0x3F) >> 0);
-
- i += 3;
- len += 2;
-#ifdef UTF16
- } else if( (inBuf[i] & 0xF8) == 0xF0 ) {
- int abcde, BCDE;
-
- if( (inBuf[i+1] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+2] & 0xC0) != 0x80 ) return PR_FALSE;
- if( (inBuf[i+3] & 0xC0) != 0x80 ) return PR_FALSE;
-
- /* 0001 0000-001F FFFF <- 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
- /* 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx -> [D800-DBFF] [DC00-DFFF] */
-
- /* 11110abc 10defghi 10jklmno 10pqrstu ->
- { Let 0BCDE = abcde - 1 }
- 110110BC DEfghijk 110111lm nopqrstu */
-
- abcde = ((inBuf[i+0] & 0x07) << 2) | ((inBuf[i+1] & 0x30) >> 4);
- BCDE = abcde - 1;
-
-#ifndef TEST_UTF8
- PORT_Assert(BCDE < 0x10); /* should have been caught above */
-#endif /* TEST_UTF8 */
-
- outBuf[len+0+H_0] = 0xD8 | ((BCDE & 0x0C) >> 2);
- outBuf[len+0+H_1] = ((BCDE & 0x03) << 6)
- | ((inBuf[i+1] & 0x0F) << 2)
- | ((inBuf[i+2] & 0x30) >> 4);
- outBuf[len+2+H_0] = 0xDC | ((inBuf[i+2] & 0x0C) >> 2);
- outBuf[len+2+H_1] = ((inBuf[i+2] & 0x03) << 6) | ((inBuf[i+3] & 0x3F) >> 0);
-
- i += 4;
- len += 4;
-#endif /* UTF16 */
- } else return PR_FALSE;
- }
-
- *outBufLen = len;
- return PR_TRUE;
- } else {
- unsigned int i, len = 0;
-
- for( i = 0; i < inBufLen; i += 2 ) {
- if( (inBuf[i+H_0] == 0x00) && ((inBuf[i+H_0] & 0x80) == 0x00) ) len += 1;
- else if( inBuf[i+H_0] < 0x08 ) len += 2;
-#ifdef UTF16
- else if( ((inBuf[i+0+H_0] & 0xDC) == 0xD8) ) {
- if( ((inBuf[i+2+H_0] & 0xDC) == 0xDC) && ((inBufLen - i) > 2) ) {
- i += 2;
- len += 4;
- } else {
- return PR_FALSE;
- }
- }
-#endif /* UTF16 */
- else len += 3;
- }
-
- if( len > maxOutBufLen ) {
- *outBufLen = len;
- return PR_FALSE;
- }
-
- len = 0;
-
- for( i = 0; i < inBufLen; i += 2 ) {
- if( (inBuf[i+H_0] == 0x00) && ((inBuf[i+H_1] & 0x80) == 0x00) ) {
- /* 0000-007F -> 0xxxxxx */
- /* 00000000 0abcdefg -> 0abcdefg */
-
- outBuf[len] = inBuf[i+H_1] & 0x7F;
-
- len += 1;
- } else if( inBuf[i+H_0] < 0x08 ) {
- /* 0080-07FF -> 110xxxxx 10xxxxxx */
- /* 00000abc defghijk -> 110abcde 10fghijk */
-
- outBuf[len+0] = 0xC0 | ((inBuf[i+H_0] & 0x07) << 2)
- | ((inBuf[i+H_1] & 0xC0) >> 6);
- outBuf[len+1] = 0x80 | ((inBuf[i+H_1] & 0x3F) >> 0);
-
- len += 2;
-#ifdef UTF16
- } else if( (inBuf[i+H_0] & 0xDC) == 0xD8 ) {
- int abcde, BCDE;
-
-#ifndef TEST_UTF8
- PORT_Assert(((inBuf[i+2+H_0] & 0xDC) == 0xDC) && ((inBufLen - i) > 2));
-#endif /* TEST_UTF8 */
-
- /* D800-DBFF DC00-DFFF -> 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
- /* 110110BC DEfghijk 110111lm nopqrstu ->
- { Let abcde = BCDE + 1 }
- 11110abc 10defghi 10jklmno 10pqrstu */
-
- BCDE = ((inBuf[i+H_0] & 0x03) << 2) | ((inBuf[i+H_1] & 0xC0) >> 6);
- abcde = BCDE + 1;
-
- outBuf[len+0] = 0xF0 | ((abcde & 0x1C) >> 2);
- outBuf[len+1] = 0x80 | ((abcde & 0x03) << 4)
- | ((inBuf[i+0+H_1] & 0x3C) >> 2);
- outBuf[len+2] = 0x80 | ((inBuf[i+0+H_1] & 0x03) << 4)
- | ((inBuf[i+2+H_0] & 0x03) << 2)
- | ((inBuf[i+2+H_1] & 0xC0) >> 6);
- outBuf[len+3] = 0x80 | ((inBuf[i+2+H_1] & 0x3F) >> 0);
-
- i += 2;
- len += 4;
-#endif /* UTF16 */
- } else {
- /* 0800-FFFF -> 1110xxxx 10xxxxxx 10xxxxxx */
- /* abcdefgh ijklmnop -> 1110abcd 10efghij 10klmnop */
-
- outBuf[len+0] = 0xE0 | ((inBuf[i+H_0] & 0xF0) >> 4);
- outBuf[len+1] = 0x80 | ((inBuf[i+H_0] & 0x0F) << 2)
- | ((inBuf[i+H_1] & 0xC0) >> 6);
- outBuf[len+2] = 0x80 | ((inBuf[i+H_1] & 0x3F) >> 0);
-
- len += 3;
- }
- }
-
- *outBufLen = len;
- return PR_TRUE;
- }
-}
-
-#ifdef TEST_UTF8
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <netinet/in.h> /* for htonl and htons */
-
-/*
- * UCS-4 vectors
- */
-
-struct ucs4 {
- PRUint32 c;
- char *utf8;
-};
-
-/*
- * UCS-2 vectors
- */
-
-struct ucs2 {
- PRUint16 c;
- char *utf8;
-};
-
-#ifdef UTF16
-/*
- * UTF-16 vectors
- */
-
-struct utf16 {
- PRUint32 c;
- PRUint16 w[2];
-};
-#endif /* UTF16 */
-
-
-/*
- * UCS-4 vectors
- */
-
-struct ucs4 ucs4[] = {
- { 0x00000001, "\x01" },
- { 0x00000002, "\x02" },
- { 0x00000003, "\x03" },
- { 0x00000004, "\x04" },
- { 0x00000007, "\x07" },
- { 0x00000008, "\x08" },
- { 0x0000000F, "\x0F" },
- { 0x00000010, "\x10" },
- { 0x0000001F, "\x1F" },
- { 0x00000020, "\x20" },
- { 0x0000003F, "\x3F" },
- { 0x00000040, "\x40" },
- { 0x0000007F, "\x7F" },
-
- { 0x00000080, "\xC2\x80" },
- { 0x00000081, "\xC2\x81" },
- { 0x00000082, "\xC2\x82" },
- { 0x00000084, "\xC2\x84" },
- { 0x00000088, "\xC2\x88" },
- { 0x00000090, "\xC2\x90" },
- { 0x000000A0, "\xC2\xA0" },
- { 0x000000C0, "\xC3\x80" },
- { 0x000000FF, "\xC3\xBF" },
- { 0x00000100, "\xC4\x80" },
- { 0x00000101, "\xC4\x81" },
- { 0x00000102, "\xC4\x82" },
- { 0x00000104, "\xC4\x84" },
- { 0x00000108, "\xC4\x88" },
- { 0x00000110, "\xC4\x90" },
- { 0x00000120, "\xC4\xA0" },
- { 0x00000140, "\xC5\x80" },
- { 0x00000180, "\xC6\x80" },
- { 0x000001FF, "\xC7\xBF" },
- { 0x00000200, "\xC8\x80" },
- { 0x00000201, "\xC8\x81" },
- { 0x00000202, "\xC8\x82" },
- { 0x00000204, "\xC8\x84" },
- { 0x00000208, "\xC8\x88" },
- { 0x00000210, "\xC8\x90" },
- { 0x00000220, "\xC8\xA0" },
- { 0x00000240, "\xC9\x80" },
- { 0x00000280, "\xCA\x80" },
- { 0x00000300, "\xCC\x80" },
- { 0x000003FF, "\xCF\xBF" },
- { 0x00000400, "\xD0\x80" },
- { 0x00000401, "\xD0\x81" },
- { 0x00000402, "\xD0\x82" },
- { 0x00000404, "\xD0\x84" },
- { 0x00000408, "\xD0\x88" },
- { 0x00000410, "\xD0\x90" },
- { 0x00000420, "\xD0\xA0" },
- { 0x00000440, "\xD1\x80" },
- { 0x00000480, "\xD2\x80" },
- { 0x00000500, "\xD4\x80" },
- { 0x00000600, "\xD8\x80" },
- { 0x000007FF, "\xDF\xBF" },
-
- { 0x00000800, "\xE0\xA0\x80" },
- { 0x00000801, "\xE0\xA0\x81" },
- { 0x00000802, "\xE0\xA0\x82" },
- { 0x00000804, "\xE0\xA0\x84" },
- { 0x00000808, "\xE0\xA0\x88" },
- { 0x00000810, "\xE0\xA0\x90" },
- { 0x00000820, "\xE0\xA0\xA0" },
- { 0x00000840, "\xE0\xA1\x80" },
- { 0x00000880, "\xE0\xA2\x80" },
- { 0x00000900, "\xE0\xA4\x80" },
- { 0x00000A00, "\xE0\xA8\x80" },
- { 0x00000C00, "\xE0\xB0\x80" },
- { 0x00000FFF, "\xE0\xBF\xBF" },
- { 0x00001000, "\xE1\x80\x80" },
- { 0x00001001, "\xE1\x80\x81" },
- { 0x00001002, "\xE1\x80\x82" },
- { 0x00001004, "\xE1\x80\x84" },
- { 0x00001008, "\xE1\x80\x88" },
- { 0x00001010, "\xE1\x80\x90" },
- { 0x00001020, "\xE1\x80\xA0" },
- { 0x00001040, "\xE1\x81\x80" },
- { 0x00001080, "\xE1\x82\x80" },
- { 0x00001100, "\xE1\x84\x80" },
- { 0x00001200, "\xE1\x88\x80" },
- { 0x00001400, "\xE1\x90\x80" },
- { 0x00001800, "\xE1\xA0\x80" },
- { 0x00001FFF, "\xE1\xBF\xBF" },
- { 0x00002000, "\xE2\x80\x80" },
- { 0x00002001, "\xE2\x80\x81" },
- { 0x00002002, "\xE2\x80\x82" },
- { 0x00002004, "\xE2\x80\x84" },
- { 0x00002008, "\xE2\x80\x88" },
- { 0x00002010, "\xE2\x80\x90" },
- { 0x00002020, "\xE2\x80\xA0" },
- { 0x00002040, "\xE2\x81\x80" },
- { 0x00002080, "\xE2\x82\x80" },
- { 0x00002100, "\xE2\x84\x80" },
- { 0x00002200, "\xE2\x88\x80" },
- { 0x00002400, "\xE2\x90\x80" },
- { 0x00002800, "\xE2\xA0\x80" },
- { 0x00003000, "\xE3\x80\x80" },
- { 0x00003FFF, "\xE3\xBF\xBF" },
- { 0x00004000, "\xE4\x80\x80" },
- { 0x00004001, "\xE4\x80\x81" },
- { 0x00004002, "\xE4\x80\x82" },
- { 0x00004004, "\xE4\x80\x84" },
- { 0x00004008, "\xE4\x80\x88" },
- { 0x00004010, "\xE4\x80\x90" },
- { 0x00004020, "\xE4\x80\xA0" },
- { 0x00004040, "\xE4\x81\x80" },
- { 0x00004080, "\xE4\x82\x80" },
- { 0x00004100, "\xE4\x84\x80" },
- { 0x00004200, "\xE4\x88\x80" },
- { 0x00004400, "\xE4\x90\x80" },
- { 0x00004800, "\xE4\xA0\x80" },
- { 0x00005000, "\xE5\x80\x80" },
- { 0x00006000, "\xE6\x80\x80" },
- { 0x00007FFF, "\xE7\xBF\xBF" },
- { 0x00008000, "\xE8\x80\x80" },
- { 0x00008001, "\xE8\x80\x81" },
- { 0x00008002, "\xE8\x80\x82" },
- { 0x00008004, "\xE8\x80\x84" },
- { 0x00008008, "\xE8\x80\x88" },
- { 0x00008010, "\xE8\x80\x90" },
- { 0x00008020, "\xE8\x80\xA0" },
- { 0x00008040, "\xE8\x81\x80" },
- { 0x00008080, "\xE8\x82\x80" },
- { 0x00008100, "\xE8\x84\x80" },
- { 0x00008200, "\xE8\x88\x80" },
- { 0x00008400, "\xE8\x90\x80" },
- { 0x00008800, "\xE8\xA0\x80" },
- { 0x00009000, "\xE9\x80\x80" },
- { 0x0000A000, "\xEA\x80\x80" },
- { 0x0000C000, "\xEC\x80\x80" },
- { 0x0000FFFF, "\xEF\xBF\xBF" },
-
- { 0x00010000, "\xF0\x90\x80\x80" },
- { 0x00010001, "\xF0\x90\x80\x81" },
- { 0x00010002, "\xF0\x90\x80\x82" },
- { 0x00010004, "\xF0\x90\x80\x84" },
- { 0x00010008, "\xF0\x90\x80\x88" },
- { 0x00010010, "\xF0\x90\x80\x90" },
- { 0x00010020, "\xF0\x90\x80\xA0" },
- { 0x00010040, "\xF0\x90\x81\x80" },
- { 0x00010080, "\xF0\x90\x82\x80" },
- { 0x00010100, "\xF0\x90\x84\x80" },
- { 0x00010200, "\xF0\x90\x88\x80" },
- { 0x00010400, "\xF0\x90\x90\x80" },
- { 0x00010800, "\xF0\x90\xA0\x80" },
- { 0x00011000, "\xF0\x91\x80\x80" },
- { 0x00012000, "\xF0\x92\x80\x80" },
- { 0x00014000, "\xF0\x94\x80\x80" },
- { 0x00018000, "\xF0\x98\x80\x80" },
- { 0x0001FFFF, "\xF0\x9F\xBF\xBF" },
- { 0x00020000, "\xF0\xA0\x80\x80" },
- { 0x00020001, "\xF0\xA0\x80\x81" },
- { 0x00020002, "\xF0\xA0\x80\x82" },
- { 0x00020004, "\xF0\xA0\x80\x84" },
- { 0x00020008, "\xF0\xA0\x80\x88" },
- { 0x00020010, "\xF0\xA0\x80\x90" },
- { 0x00020020, "\xF0\xA0\x80\xA0" },
- { 0x00020040, "\xF0\xA0\x81\x80" },
- { 0x00020080, "\xF0\xA0\x82\x80" },
- { 0x00020100, "\xF0\xA0\x84\x80" },
- { 0x00020200, "\xF0\xA0\x88\x80" },
- { 0x00020400, "\xF0\xA0\x90\x80" },
- { 0x00020800, "\xF0\xA0\xA0\x80" },
- { 0x00021000, "\xF0\xA1\x80\x80" },
- { 0x00022000, "\xF0\xA2\x80\x80" },
- { 0x00024000, "\xF0\xA4\x80\x80" },
- { 0x00028000, "\xF0\xA8\x80\x80" },
- { 0x00030000, "\xF0\xB0\x80\x80" },
- { 0x0003FFFF, "\xF0\xBF\xBF\xBF" },
- { 0x00040000, "\xF1\x80\x80\x80" },
- { 0x00040001, "\xF1\x80\x80\x81" },
- { 0x00040002, "\xF1\x80\x80\x82" },
- { 0x00040004, "\xF1\x80\x80\x84" },
- { 0x00040008, "\xF1\x80\x80\x88" },
- { 0x00040010, "\xF1\x80\x80\x90" },
- { 0x00040020, "\xF1\x80\x80\xA0" },
- { 0x00040040, "\xF1\x80\x81\x80" },
- { 0x00040080, "\xF1\x80\x82\x80" },
- { 0x00040100, "\xF1\x80\x84\x80" },
- { 0x00040200, "\xF1\x80\x88\x80" },
- { 0x00040400, "\xF1\x80\x90\x80" },
- { 0x00040800, "\xF1\x80\xA0\x80" },
- { 0x00041000, "\xF1\x81\x80\x80" },
- { 0x00042000, "\xF1\x82\x80\x80" },
- { 0x00044000, "\xF1\x84\x80\x80" },
- { 0x00048000, "\xF1\x88\x80\x80" },
- { 0x00050000, "\xF1\x90\x80\x80" },
- { 0x00060000, "\xF1\xA0\x80\x80" },
- { 0x0007FFFF, "\xF1\xBF\xBF\xBF" },
- { 0x00080000, "\xF2\x80\x80\x80" },
- { 0x00080001, "\xF2\x80\x80\x81" },
- { 0x00080002, "\xF2\x80\x80\x82" },
- { 0x00080004, "\xF2\x80\x80\x84" },
- { 0x00080008, "\xF2\x80\x80\x88" },
- { 0x00080010, "\xF2\x80\x80\x90" },
- { 0x00080020, "\xF2\x80\x80\xA0" },
- { 0x00080040, "\xF2\x80\x81\x80" },
- { 0x00080080, "\xF2\x80\x82\x80" },
- { 0x00080100, "\xF2\x80\x84\x80" },
- { 0x00080200, "\xF2\x80\x88\x80" },
- { 0x00080400, "\xF2\x80\x90\x80" },
- { 0x00080800, "\xF2\x80\xA0\x80" },
- { 0x00081000, "\xF2\x81\x80\x80" },
- { 0x00082000, "\xF2\x82\x80\x80" },
- { 0x00084000, "\xF2\x84\x80\x80" },
- { 0x00088000, "\xF2\x88\x80\x80" },
- { 0x00090000, "\xF2\x90\x80\x80" },
- { 0x000A0000, "\xF2\xA0\x80\x80" },
- { 0x000C0000, "\xF3\x80\x80\x80" },
- { 0x000FFFFF, "\xF3\xBF\xBF\xBF" },
- { 0x00100000, "\xF4\x80\x80\x80" },
- { 0x00100001, "\xF4\x80\x80\x81" },
- { 0x00100002, "\xF4\x80\x80\x82" },
- { 0x00100004, "\xF4\x80\x80\x84" },
- { 0x00100008, "\xF4\x80\x80\x88" },
- { 0x00100010, "\xF4\x80\x80\x90" },
- { 0x00100020, "\xF4\x80\x80\xA0" },
- { 0x00100040, "\xF4\x80\x81\x80" },
- { 0x00100080, "\xF4\x80\x82\x80" },
- { 0x00100100, "\xF4\x80\x84\x80" },
- { 0x00100200, "\xF4\x80\x88\x80" },
- { 0x00100400, "\xF4\x80\x90\x80" },
- { 0x00100800, "\xF4\x80\xA0\x80" },
- { 0x00101000, "\xF4\x81\x80\x80" },
- { 0x00102000, "\xF4\x82\x80\x80" },
- { 0x00104000, "\xF4\x84\x80\x80" },
- { 0x00108000, "\xF4\x88\x80\x80" },
- { 0x00110000, "\xF4\x90\x80\x80" },
- { 0x00120000, "\xF4\xA0\x80\x80" },
- { 0x00140000, "\xF5\x80\x80\x80" },
- { 0x00180000, "\xF6\x80\x80\x80" },
- { 0x001FFFFF, "\xF7\xBF\xBF\xBF" },
-
- { 0x00200000, "\xF8\x88\x80\x80\x80" },
- { 0x00200001, "\xF8\x88\x80\x80\x81" },
- { 0x00200002, "\xF8\x88\x80\x80\x82" },
- { 0x00200004, "\xF8\x88\x80\x80\x84" },
- { 0x00200008, "\xF8\x88\x80\x80\x88" },
- { 0x00200010, "\xF8\x88\x80\x80\x90" },
- { 0x00200020, "\xF8\x88\x80\x80\xA0" },
- { 0x00200040, "\xF8\x88\x80\x81\x80" },
- { 0x00200080, "\xF8\x88\x80\x82\x80" },
- { 0x00200100, "\xF8\x88\x80\x84\x80" },
- { 0x00200200, "\xF8\x88\x80\x88\x80" },
- { 0x00200400, "\xF8\x88\x80\x90\x80" },
- { 0x00200800, "\xF8\x88\x80\xA0\x80" },
- { 0x00201000, "\xF8\x88\x81\x80\x80" },
- { 0x00202000, "\xF8\x88\x82\x80\x80" },
- { 0x00204000, "\xF8\x88\x84\x80\x80" },
- { 0x00208000, "\xF8\x88\x88\x80\x80" },
- { 0x00210000, "\xF8\x88\x90\x80\x80" },
- { 0x00220000, "\xF8\x88\xA0\x80\x80" },
- { 0x00240000, "\xF8\x89\x80\x80\x80" },
- { 0x00280000, "\xF8\x8A\x80\x80\x80" },
- { 0x00300000, "\xF8\x8C\x80\x80\x80" },
- { 0x003FFFFF, "\xF8\x8F\xBF\xBF\xBF" },
- { 0x00400000, "\xF8\x90\x80\x80\x80" },
- { 0x00400001, "\xF8\x90\x80\x80\x81" },
- { 0x00400002, "\xF8\x90\x80\x80\x82" },
- { 0x00400004, "\xF8\x90\x80\x80\x84" },
- { 0x00400008, "\xF8\x90\x80\x80\x88" },
- { 0x00400010, "\xF8\x90\x80\x80\x90" },
- { 0x00400020, "\xF8\x90\x80\x80\xA0" },
- { 0x00400040, "\xF8\x90\x80\x81\x80" },
- { 0x00400080, "\xF8\x90\x80\x82\x80" },
- { 0x00400100, "\xF8\x90\x80\x84\x80" },
- { 0x00400200, "\xF8\x90\x80\x88\x80" },
- { 0x00400400, "\xF8\x90\x80\x90\x80" },
- { 0x00400800, "\xF8\x90\x80\xA0\x80" },
- { 0x00401000, "\xF8\x90\x81\x80\x80" },
- { 0x00402000, "\xF8\x90\x82\x80\x80" },
- { 0x00404000, "\xF8\x90\x84\x80\x80" },
- { 0x00408000, "\xF8\x90\x88\x80\x80" },
- { 0x00410000, "\xF8\x90\x90\x80\x80" },
- { 0x00420000, "\xF8\x90\xA0\x80\x80" },
- { 0x00440000, "\xF8\x91\x80\x80\x80" },
- { 0x00480000, "\xF8\x92\x80\x80\x80" },
- { 0x00500000, "\xF8\x94\x80\x80\x80" },
- { 0x00600000, "\xF8\x98\x80\x80\x80" },
- { 0x007FFFFF, "\xF8\x9F\xBF\xBF\xBF" },
- { 0x00800000, "\xF8\xA0\x80\x80\x80" },
- { 0x00800001, "\xF8\xA0\x80\x80\x81" },
- { 0x00800002, "\xF8\xA0\x80\x80\x82" },
- { 0x00800004, "\xF8\xA0\x80\x80\x84" },
- { 0x00800008, "\xF8\xA0\x80\x80\x88" },
- { 0x00800010, "\xF8\xA0\x80\x80\x90" },
- { 0x00800020, "\xF8\xA0\x80\x80\xA0" },
- { 0x00800040, "\xF8\xA0\x80\x81\x80" },
- { 0x00800080, "\xF8\xA0\x80\x82\x80" },
- { 0x00800100, "\xF8\xA0\x80\x84\x80" },
- { 0x00800200, "\xF8\xA0\x80\x88\x80" },
- { 0x00800400, "\xF8\xA0\x80\x90\x80" },
- { 0x00800800, "\xF8\xA0\x80\xA0\x80" },
- { 0x00801000, "\xF8\xA0\x81\x80\x80" },
- { 0x00802000, "\xF8\xA0\x82\x80\x80" },
- { 0x00804000, "\xF8\xA0\x84\x80\x80" },
- { 0x00808000, "\xF8\xA0\x88\x80\x80" },
- { 0x00810000, "\xF8\xA0\x90\x80\x80" },
- { 0x00820000, "\xF8\xA0\xA0\x80\x80" },
- { 0x00840000, "\xF8\xA1\x80\x80\x80" },
- { 0x00880000, "\xF8\xA2\x80\x80\x80" },
- { 0x00900000, "\xF8\xA4\x80\x80\x80" },
- { 0x00A00000, "\xF8\xA8\x80\x80\x80" },
- { 0x00C00000, "\xF8\xB0\x80\x80\x80" },
- { 0x00FFFFFF, "\xF8\xBF\xBF\xBF\xBF" },
- { 0x01000000, "\xF9\x80\x80\x80\x80" },
- { 0x01000001, "\xF9\x80\x80\x80\x81" },
- { 0x01000002, "\xF9\x80\x80\x80\x82" },
- { 0x01000004, "\xF9\x80\x80\x80\x84" },
- { 0x01000008, "\xF9\x80\x80\x80\x88" },
- { 0x01000010, "\xF9\x80\x80\x80\x90" },
- { 0x01000020, "\xF9\x80\x80\x80\xA0" },
- { 0x01000040, "\xF9\x80\x80\x81\x80" },
- { 0x01000080, "\xF9\x80\x80\x82\x80" },
- { 0x01000100, "\xF9\x80\x80\x84\x80" },
- { 0x01000200, "\xF9\x80\x80\x88\x80" },
- { 0x01000400, "\xF9\x80\x80\x90\x80" },
- { 0x01000800, "\xF9\x80\x80\xA0\x80" },
- { 0x01001000, "\xF9\x80\x81\x80\x80" },
- { 0x01002000, "\xF9\x80\x82\x80\x80" },
- { 0x01004000, "\xF9\x80\x84\x80\x80" },
- { 0x01008000, "\xF9\x80\x88\x80\x80" },
- { 0x01010000, "\xF9\x80\x90\x80\x80" },
- { 0x01020000, "\xF9\x80\xA0\x80\x80" },
- { 0x01040000, "\xF9\x81\x80\x80\x80" },
- { 0x01080000, "\xF9\x82\x80\x80\x80" },
- { 0x01100000, "\xF9\x84\x80\x80\x80" },
- { 0x01200000, "\xF9\x88\x80\x80\x80" },
- { 0x01400000, "\xF9\x90\x80\x80\x80" },
- { 0x01800000, "\xF9\xA0\x80\x80\x80" },
- { 0x01FFFFFF, "\xF9\xBF\xBF\xBF\xBF" },
- { 0x02000000, "\xFA\x80\x80\x80\x80" },
- { 0x02000001, "\xFA\x80\x80\x80\x81" },
- { 0x02000002, "\xFA\x80\x80\x80\x82" },
- { 0x02000004, "\xFA\x80\x80\x80\x84" },
- { 0x02000008, "\xFA\x80\x80\x80\x88" },
- { 0x02000010, "\xFA\x80\x80\x80\x90" },
- { 0x02000020, "\xFA\x80\x80\x80\xA0" },
- { 0x02000040, "\xFA\x80\x80\x81\x80" },
- { 0x02000080, "\xFA\x80\x80\x82\x80" },
- { 0x02000100, "\xFA\x80\x80\x84\x80" },
- { 0x02000200, "\xFA\x80\x80\x88\x80" },
- { 0x02000400, "\xFA\x80\x80\x90\x80" },
- { 0x02000800, "\xFA\x80\x80\xA0\x80" },
- { 0x02001000, "\xFA\x80\x81\x80\x80" },
- { 0x02002000, "\xFA\x80\x82\x80\x80" },
- { 0x02004000, "\xFA\x80\x84\x80\x80" },
- { 0x02008000, "\xFA\x80\x88\x80\x80" },
- { 0x02010000, "\xFA\x80\x90\x80\x80" },
- { 0x02020000, "\xFA\x80\xA0\x80\x80" },
- { 0x02040000, "\xFA\x81\x80\x80\x80" },
- { 0x02080000, "\xFA\x82\x80\x80\x80" },
- { 0x02100000, "\xFA\x84\x80\x80\x80" },
- { 0x02200000, "\xFA\x88\x80\x80\x80" },
- { 0x02400000, "\xFA\x90\x80\x80\x80" },
- { 0x02800000, "\xFA\xA0\x80\x80\x80" },
- { 0x03000000, "\xFB\x80\x80\x80\x80" },
- { 0x03FFFFFF, "\xFB\xBF\xBF\xBF\xBF" },
-
- { 0x04000000, "\xFC\x84\x80\x80\x80\x80" },
- { 0x04000001, "\xFC\x84\x80\x80\x80\x81" },
- { 0x04000002, "\xFC\x84\x80\x80\x80\x82" },
- { 0x04000004, "\xFC\x84\x80\x80\x80\x84" },
- { 0x04000008, "\xFC\x84\x80\x80\x80\x88" },
- { 0x04000010, "\xFC\x84\x80\x80\x80\x90" },
- { 0x04000020, "\xFC\x84\x80\x80\x80\xA0" },
- { 0x04000040, "\xFC\x84\x80\x80\x81\x80" },
- { 0x04000080, "\xFC\x84\x80\x80\x82\x80" },
- { 0x04000100, "\xFC\x84\x80\x80\x84\x80" },
- { 0x04000200, "\xFC\x84\x80\x80\x88\x80" },
- { 0x04000400, "\xFC\x84\x80\x80\x90\x80" },
- { 0x04000800, "\xFC\x84\x80\x80\xA0\x80" },
- { 0x04001000, "\xFC\x84\x80\x81\x80\x80" },
- { 0x04002000, "\xFC\x84\x80\x82\x80\x80" },
- { 0x04004000, "\xFC\x84\x80\x84\x80\x80" },
- { 0x04008000, "\xFC\x84\x80\x88\x80\x80" },
- { 0x04010000, "\xFC\x84\x80\x90\x80\x80" },
- { 0x04020000, "\xFC\x84\x80\xA0\x80\x80" },
- { 0x04040000, "\xFC\x84\x81\x80\x80\x80" },
- { 0x04080000, "\xFC\x84\x82\x80\x80\x80" },
- { 0x04100000, "\xFC\x84\x84\x80\x80\x80" },
- { 0x04200000, "\xFC\x84\x88\x80\x80\x80" },
- { 0x04400000, "\xFC\x84\x90\x80\x80\x80" },
- { 0x04800000, "\xFC\x84\xA0\x80\x80\x80" },
- { 0x05000000, "\xFC\x85\x80\x80\x80\x80" },
- { 0x06000000, "\xFC\x86\x80\x80\x80\x80" },
- { 0x07FFFFFF, "\xFC\x87\xBF\xBF\xBF\xBF" },
- { 0x08000000, "\xFC\x88\x80\x80\x80\x80" },
- { 0x08000001, "\xFC\x88\x80\x80\x80\x81" },
- { 0x08000002, "\xFC\x88\x80\x80\x80\x82" },
- { 0x08000004, "\xFC\x88\x80\x80\x80\x84" },
- { 0x08000008, "\xFC\x88\x80\x80\x80\x88" },
- { 0x08000010, "\xFC\x88\x80\x80\x80\x90" },
- { 0x08000020, "\xFC\x88\x80\x80\x80\xA0" },
- { 0x08000040, "\xFC\x88\x80\x80\x81\x80" },
- { 0x08000080, "\xFC\x88\x80\x80\x82\x80" },
- { 0x08000100, "\xFC\x88\x80\x80\x84\x80" },
- { 0x08000200, "\xFC\x88\x80\x80\x88\x80" },
- { 0x08000400, "\xFC\x88\x80\x80\x90\x80" },
- { 0x08000800, "\xFC\x88\x80\x80\xA0\x80" },
- { 0x08001000, "\xFC\x88\x80\x81\x80\x80" },
- { 0x08002000, "\xFC\x88\x80\x82\x80\x80" },
- { 0x08004000, "\xFC\x88\x80\x84\x80\x80" },
- { 0x08008000, "\xFC\x88\x80\x88\x80\x80" },
- { 0x08010000, "\xFC\x88\x80\x90\x80\x80" },
- { 0x08020000, "\xFC\x88\x80\xA0\x80\x80" },
- { 0x08040000, "\xFC\x88\x81\x80\x80\x80" },
- { 0x08080000, "\xFC\x88\x82\x80\x80\x80" },
- { 0x08100000, "\xFC\x88\x84\x80\x80\x80" },
- { 0x08200000, "\xFC\x88\x88\x80\x80\x80" },
- { 0x08400000, "\xFC\x88\x90\x80\x80\x80" },
- { 0x08800000, "\xFC\x88\xA0\x80\x80\x80" },
- { 0x09000000, "\xFC\x89\x80\x80\x80\x80" },
- { 0x0A000000, "\xFC\x8A\x80\x80\x80\x80" },
- { 0x0C000000, "\xFC\x8C\x80\x80\x80\x80" },
- { 0x0FFFFFFF, "\xFC\x8F\xBF\xBF\xBF\xBF" },
- { 0x10000000, "\xFC\x90\x80\x80\x80\x80" },
- { 0x10000001, "\xFC\x90\x80\x80\x80\x81" },
- { 0x10000002, "\xFC\x90\x80\x80\x80\x82" },
- { 0x10000004, "\xFC\x90\x80\x80\x80\x84" },
- { 0x10000008, "\xFC\x90\x80\x80\x80\x88" },
- { 0x10000010, "\xFC\x90\x80\x80\x80\x90" },
- { 0x10000020, "\xFC\x90\x80\x80\x80\xA0" },
- { 0x10000040, "\xFC\x90\x80\x80\x81\x80" },
- { 0x10000080, "\xFC\x90\x80\x80\x82\x80" },
- { 0x10000100, "\xFC\x90\x80\x80\x84\x80" },
- { 0x10000200, "\xFC\x90\x80\x80\x88\x80" },
- { 0x10000400, "\xFC\x90\x80\x80\x90\x80" },
- { 0x10000800, "\xFC\x90\x80\x80\xA0\x80" },
- { 0x10001000, "\xFC\x90\x80\x81\x80\x80" },
- { 0x10002000, "\xFC\x90\x80\x82\x80\x80" },
- { 0x10004000, "\xFC\x90\x80\x84\x80\x80" },
- { 0x10008000, "\xFC\x90\x80\x88\x80\x80" },
- { 0x10010000, "\xFC\x90\x80\x90\x80\x80" },
- { 0x10020000, "\xFC\x90\x80\xA0\x80\x80" },
- { 0x10040000, "\xFC\x90\x81\x80\x80\x80" },
- { 0x10080000, "\xFC\x90\x82\x80\x80\x80" },
- { 0x10100000, "\xFC\x90\x84\x80\x80\x80" },
- { 0x10200000, "\xFC\x90\x88\x80\x80\x80" },
- { 0x10400000, "\xFC\x90\x90\x80\x80\x80" },
- { 0x10800000, "\xFC\x90\xA0\x80\x80\x80" },
- { 0x11000000, "\xFC\x91\x80\x80\x80\x80" },
- { 0x12000000, "\xFC\x92\x80\x80\x80\x80" },
- { 0x14000000, "\xFC\x94\x80\x80\x80\x80" },
- { 0x18000000, "\xFC\x98\x80\x80\x80\x80" },
- { 0x1FFFFFFF, "\xFC\x9F\xBF\xBF\xBF\xBF" },
- { 0x20000000, "\xFC\xA0\x80\x80\x80\x80" },
- { 0x20000001, "\xFC\xA0\x80\x80\x80\x81" },
- { 0x20000002, "\xFC\xA0\x80\x80\x80\x82" },
- { 0x20000004, "\xFC\xA0\x80\x80\x80\x84" },
- { 0x20000008, "\xFC\xA0\x80\x80\x80\x88" },
- { 0x20000010, "\xFC\xA0\x80\x80\x80\x90" },
- { 0x20000020, "\xFC\xA0\x80\x80\x80\xA0" },
- { 0x20000040, "\xFC\xA0\x80\x80\x81\x80" },
- { 0x20000080, "\xFC\xA0\x80\x80\x82\x80" },
- { 0x20000100, "\xFC\xA0\x80\x80\x84\x80" },
- { 0x20000200, "\xFC\xA0\x80\x80\x88\x80" },
- { 0x20000400, "\xFC\xA0\x80\x80\x90\x80" },
- { 0x20000800, "\xFC\xA0\x80\x80\xA0\x80" },
- { 0x20001000, "\xFC\xA0\x80\x81\x80\x80" },
- { 0x20002000, "\xFC\xA0\x80\x82\x80\x80" },
- { 0x20004000, "\xFC\xA0\x80\x84\x80\x80" },
- { 0x20008000, "\xFC\xA0\x80\x88\x80\x80" },
- { 0x20010000, "\xFC\xA0\x80\x90\x80\x80" },
- { 0x20020000, "\xFC\xA0\x80\xA0\x80\x80" },
- { 0x20040000, "\xFC\xA0\x81\x80\x80\x80" },
- { 0x20080000, "\xFC\xA0\x82\x80\x80\x80" },
- { 0x20100000, "\xFC\xA0\x84\x80\x80\x80" },
- { 0x20200000, "\xFC\xA0\x88\x80\x80\x80" },
- { 0x20400000, "\xFC\xA0\x90\x80\x80\x80" },
- { 0x20800000, "\xFC\xA0\xA0\x80\x80\x80" },
- { 0x21000000, "\xFC\xA1\x80\x80\x80\x80" },
- { 0x22000000, "\xFC\xA2\x80\x80\x80\x80" },
- { 0x24000000, "\xFC\xA4\x80\x80\x80\x80" },
- { 0x28000000, "\xFC\xA8\x80\x80\x80\x80" },
- { 0x30000000, "\xFC\xB0\x80\x80\x80\x80" },
- { 0x3FFFFFFF, "\xFC\xBF\xBF\xBF\xBF\xBF" },
- { 0x40000000, "\xFD\x80\x80\x80\x80\x80" },
- { 0x40000001, "\xFD\x80\x80\x80\x80\x81" },
- { 0x40000002, "\xFD\x80\x80\x80\x80\x82" },
- { 0x40000004, "\xFD\x80\x80\x80\x80\x84" },
- { 0x40000008, "\xFD\x80\x80\x80\x80\x88" },
- { 0x40000010, "\xFD\x80\x80\x80\x80\x90" },
- { 0x40000020, "\xFD\x80\x80\x80\x80\xA0" },
- { 0x40000040, "\xFD\x80\x80\x80\x81\x80" },
- { 0x40000080, "\xFD\x80\x80\x80\x82\x80" },
- { 0x40000100, "\xFD\x80\x80\x80\x84\x80" },
- { 0x40000200, "\xFD\x80\x80\x80\x88\x80" },
- { 0x40000400, "\xFD\x80\x80\x80\x90\x80" },
- { 0x40000800, "\xFD\x80\x80\x80\xA0\x80" },
- { 0x40001000, "\xFD\x80\x80\x81\x80\x80" },
- { 0x40002000, "\xFD\x80\x80\x82\x80\x80" },
- { 0x40004000, "\xFD\x80\x80\x84\x80\x80" },
- { 0x40008000, "\xFD\x80\x80\x88\x80\x80" },
- { 0x40010000, "\xFD\x80\x80\x90\x80\x80" },
- { 0x40020000, "\xFD\x80\x80\xA0\x80\x80" },
- { 0x40040000, "\xFD\x80\x81\x80\x80\x80" },
- { 0x40080000, "\xFD\x80\x82\x80\x80\x80" },
- { 0x40100000, "\xFD\x80\x84\x80\x80\x80" },
- { 0x40200000, "\xFD\x80\x88\x80\x80\x80" },
- { 0x40400000, "\xFD\x80\x90\x80\x80\x80" },
- { 0x40800000, "\xFD\x80\xA0\x80\x80\x80" },
- { 0x41000000, "\xFD\x81\x80\x80\x80\x80" },
- { 0x42000000, "\xFD\x82\x80\x80\x80\x80" },
- { 0x44000000, "\xFD\x84\x80\x80\x80\x80" },
- { 0x48000000, "\xFD\x88\x80\x80\x80\x80" },
- { 0x50000000, "\xFD\x90\x80\x80\x80\x80" },
- { 0x60000000, "\xFD\xA0\x80\x80\x80\x80" },
- { 0x7FFFFFFF, "\xFD\xBF\xBF\xBF\xBF\xBF" }
-};
-
-/*
- * UCS-2 vectors
- */
-
-struct ucs2 ucs2[] = {
- { 0x0001, "\x01" },
- { 0x0002, "\x02" },
- { 0x0003, "\x03" },
- { 0x0004, "\x04" },
- { 0x0007, "\x07" },
- { 0x0008, "\x08" },
- { 0x000F, "\x0F" },
- { 0x0010, "\x10" },
- { 0x001F, "\x1F" },
- { 0x0020, "\x20" },
- { 0x003F, "\x3F" },
- { 0x0040, "\x40" },
- { 0x007F, "\x7F" },
-
- { 0x0080, "\xC2\x80" },
- { 0x0081, "\xC2\x81" },
- { 0x0082, "\xC2\x82" },
- { 0x0084, "\xC2\x84" },
- { 0x0088, "\xC2\x88" },
- { 0x0090, "\xC2\x90" },
- { 0x00A0, "\xC2\xA0" },
- { 0x00C0, "\xC3\x80" },
- { 0x00FF, "\xC3\xBF" },
- { 0x0100, "\xC4\x80" },
- { 0x0101, "\xC4\x81" },
- { 0x0102, "\xC4\x82" },
- { 0x0104, "\xC4\x84" },
- { 0x0108, "\xC4\x88" },
- { 0x0110, "\xC4\x90" },
- { 0x0120, "\xC4\xA0" },
- { 0x0140, "\xC5\x80" },
- { 0x0180, "\xC6\x80" },
- { 0x01FF, "\xC7\xBF" },
- { 0x0200, "\xC8\x80" },
- { 0x0201, "\xC8\x81" },
- { 0x0202, "\xC8\x82" },
- { 0x0204, "\xC8\x84" },
- { 0x0208, "\xC8\x88" },
- { 0x0210, "\xC8\x90" },
- { 0x0220, "\xC8\xA0" },
- { 0x0240, "\xC9\x80" },
- { 0x0280, "\xCA\x80" },
- { 0x0300, "\xCC\x80" },
- { 0x03FF, "\xCF\xBF" },
- { 0x0400, "\xD0\x80" },
- { 0x0401, "\xD0\x81" },
- { 0x0402, "\xD0\x82" },
- { 0x0404, "\xD0\x84" },
- { 0x0408, "\xD0\x88" },
- { 0x0410, "\xD0\x90" },
- { 0x0420, "\xD0\xA0" },
- { 0x0440, "\xD1\x80" },
- { 0x0480, "\xD2\x80" },
- { 0x0500, "\xD4\x80" },
- { 0x0600, "\xD8\x80" },
- { 0x07FF, "\xDF\xBF" },
-
- { 0x0800, "\xE0\xA0\x80" },
- { 0x0801, "\xE0\xA0\x81" },
- { 0x0802, "\xE0\xA0\x82" },
- { 0x0804, "\xE0\xA0\x84" },
- { 0x0808, "\xE0\xA0\x88" },
- { 0x0810, "\xE0\xA0\x90" },
- { 0x0820, "\xE0\xA0\xA0" },
- { 0x0840, "\xE0\xA1\x80" },
- { 0x0880, "\xE0\xA2\x80" },
- { 0x0900, "\xE0\xA4\x80" },
- { 0x0A00, "\xE0\xA8\x80" },
- { 0x0C00, "\xE0\xB0\x80" },
- { 0x0FFF, "\xE0\xBF\xBF" },
- { 0x1000, "\xE1\x80\x80" },
- { 0x1001, "\xE1\x80\x81" },
- { 0x1002, "\xE1\x80\x82" },
- { 0x1004, "\xE1\x80\x84" },
- { 0x1008, "\xE1\x80\x88" },
- { 0x1010, "\xE1\x80\x90" },
- { 0x1020, "\xE1\x80\xA0" },
- { 0x1040, "\xE1\x81\x80" },
- { 0x1080, "\xE1\x82\x80" },
- { 0x1100, "\xE1\x84\x80" },
- { 0x1200, "\xE1\x88\x80" },
- { 0x1400, "\xE1\x90\x80" },
- { 0x1800, "\xE1\xA0\x80" },
- { 0x1FFF, "\xE1\xBF\xBF" },
- { 0x2000, "\xE2\x80\x80" },
- { 0x2001, "\xE2\x80\x81" },
- { 0x2002, "\xE2\x80\x82" },
- { 0x2004, "\xE2\x80\x84" },
- { 0x2008, "\xE2\x80\x88" },
- { 0x2010, "\xE2\x80\x90" },
- { 0x2020, "\xE2\x80\xA0" },
- { 0x2040, "\xE2\x81\x80" },
- { 0x2080, "\xE2\x82\x80" },
- { 0x2100, "\xE2\x84\x80" },
- { 0x2200, "\xE2\x88\x80" },
- { 0x2400, "\xE2\x90\x80" },
- { 0x2800, "\xE2\xA0\x80" },
- { 0x3000, "\xE3\x80\x80" },
- { 0x3FFF, "\xE3\xBF\xBF" },
- { 0x4000, "\xE4\x80\x80" },
- { 0x4001, "\xE4\x80\x81" },
- { 0x4002, "\xE4\x80\x82" },
- { 0x4004, "\xE4\x80\x84" },
- { 0x4008, "\xE4\x80\x88" },
- { 0x4010, "\xE4\x80\x90" },
- { 0x4020, "\xE4\x80\xA0" },
- { 0x4040, "\xE4\x81\x80" },
- { 0x4080, "\xE4\x82\x80" },
- { 0x4100, "\xE4\x84\x80" },
- { 0x4200, "\xE4\x88\x80" },
- { 0x4400, "\xE4\x90\x80" },
- { 0x4800, "\xE4\xA0\x80" },
- { 0x5000, "\xE5\x80\x80" },
- { 0x6000, "\xE6\x80\x80" },
- { 0x7FFF, "\xE7\xBF\xBF" },
- { 0x8000, "\xE8\x80\x80" },
- { 0x8001, "\xE8\x80\x81" },
- { 0x8002, "\xE8\x80\x82" },
- { 0x8004, "\xE8\x80\x84" },
- { 0x8008, "\xE8\x80\x88" },
- { 0x8010, "\xE8\x80\x90" },
- { 0x8020, "\xE8\x80\xA0" },
- { 0x8040, "\xE8\x81\x80" },
- { 0x8080, "\xE8\x82\x80" },
- { 0x8100, "\xE8\x84\x80" },
- { 0x8200, "\xE8\x88\x80" },
- { 0x8400, "\xE8\x90\x80" },
- { 0x8800, "\xE8\xA0\x80" },
- { 0x9000, "\xE9\x80\x80" },
- { 0xA000, "\xEA\x80\x80" },
- { 0xC000, "\xEC\x80\x80" },
- { 0xFFFF, "\xEF\xBF\xBF" }
-
-};
-
-#ifdef UTF16
-/*
- * UTF-16 vectors
- */
-
-struct utf16 utf16[] = {
- { 0x00010000, { 0xD800, 0xDC00 } },
- { 0x00010001, { 0xD800, 0xDC01 } },
- { 0x00010002, { 0xD800, 0xDC02 } },
- { 0x00010003, { 0xD800, 0xDC03 } },
- { 0x00010004, { 0xD800, 0xDC04 } },
- { 0x00010007, { 0xD800, 0xDC07 } },
- { 0x00010008, { 0xD800, 0xDC08 } },
- { 0x0001000F, { 0xD800, 0xDC0F } },
- { 0x00010010, { 0xD800, 0xDC10 } },
- { 0x0001001F, { 0xD800, 0xDC1F } },
- { 0x00010020, { 0xD800, 0xDC20 } },
- { 0x0001003F, { 0xD800, 0xDC3F } },
- { 0x00010040, { 0xD800, 0xDC40 } },
- { 0x0001007F, { 0xD800, 0xDC7F } },
- { 0x00010080, { 0xD800, 0xDC80 } },
- { 0x00010081, { 0xD800, 0xDC81 } },
- { 0x00010082, { 0xD800, 0xDC82 } },
- { 0x00010084, { 0xD800, 0xDC84 } },
- { 0x00010088, { 0xD800, 0xDC88 } },
- { 0x00010090, { 0xD800, 0xDC90 } },
- { 0x000100A0, { 0xD800, 0xDCA0 } },
- { 0x000100C0, { 0xD800, 0xDCC0 } },
- { 0x000100FF, { 0xD800, 0xDCFF } },
- { 0x00010100, { 0xD800, 0xDD00 } },
- { 0x00010101, { 0xD800, 0xDD01 } },
- { 0x00010102, { 0xD800, 0xDD02 } },
- { 0x00010104, { 0xD800, 0xDD04 } },
- { 0x00010108, { 0xD800, 0xDD08 } },
- { 0x00010110, { 0xD800, 0xDD10 } },
- { 0x00010120, { 0xD800, 0xDD20 } },
- { 0x00010140, { 0xD800, 0xDD40 } },
- { 0x00010180, { 0xD800, 0xDD80 } },
- { 0x000101FF, { 0xD800, 0xDDFF } },
- { 0x00010200, { 0xD800, 0xDE00 } },
- { 0x00010201, { 0xD800, 0xDE01 } },
- { 0x00010202, { 0xD800, 0xDE02 } },
- { 0x00010204, { 0xD800, 0xDE04 } },
- { 0x00010208, { 0xD800, 0xDE08 } },
- { 0x00010210, { 0xD800, 0xDE10 } },
- { 0x00010220, { 0xD800, 0xDE20 } },
- { 0x00010240, { 0xD800, 0xDE40 } },
- { 0x00010280, { 0xD800, 0xDE80 } },
- { 0x00010300, { 0xD800, 0xDF00 } },
- { 0x000103FF, { 0xD800, 0xDFFF } },
- { 0x00010400, { 0xD801, 0xDC00 } },
- { 0x00010401, { 0xD801, 0xDC01 } },
- { 0x00010402, { 0xD801, 0xDC02 } },
- { 0x00010404, { 0xD801, 0xDC04 } },
- { 0x00010408, { 0xD801, 0xDC08 } },
- { 0x00010410, { 0xD801, 0xDC10 } },
- { 0x00010420, { 0xD801, 0xDC20 } },
- { 0x00010440, { 0xD801, 0xDC40 } },
- { 0x00010480, { 0xD801, 0xDC80 } },
- { 0x00010500, { 0xD801, 0xDD00 } },
- { 0x00010600, { 0xD801, 0xDE00 } },
- { 0x000107FF, { 0xD801, 0xDFFF } },
- { 0x00010800, { 0xD802, 0xDC00 } },
- { 0x00010801, { 0xD802, 0xDC01 } },
- { 0x00010802, { 0xD802, 0xDC02 } },
- { 0x00010804, { 0xD802, 0xDC04 } },
- { 0x00010808, { 0xD802, 0xDC08 } },
- { 0x00010810, { 0xD802, 0xDC10 } },
- { 0x00010820, { 0xD802, 0xDC20 } },
- { 0x00010840, { 0xD802, 0xDC40 } },
- { 0x00010880, { 0xD802, 0xDC80 } },
- { 0x00010900, { 0xD802, 0xDD00 } },
- { 0x00010A00, { 0xD802, 0xDE00 } },
- { 0x00010C00, { 0xD803, 0xDC00 } },
- { 0x00010FFF, { 0xD803, 0xDFFF } },
- { 0x00011000, { 0xD804, 0xDC00 } },
- { 0x00011001, { 0xD804, 0xDC01 } },
- { 0x00011002, { 0xD804, 0xDC02 } },
- { 0x00011004, { 0xD804, 0xDC04 } },
- { 0x00011008, { 0xD804, 0xDC08 } },
- { 0x00011010, { 0xD804, 0xDC10 } },
- { 0x00011020, { 0xD804, 0xDC20 } },
- { 0x00011040, { 0xD804, 0xDC40 } },
- { 0x00011080, { 0xD804, 0xDC80 } },
- { 0x00011100, { 0xD804, 0xDD00 } },
- { 0x00011200, { 0xD804, 0xDE00 } },
- { 0x00011400, { 0xD805, 0xDC00 } },
- { 0x00011800, { 0xD806, 0xDC00 } },
- { 0x00011FFF, { 0xD807, 0xDFFF } },
- { 0x00012000, { 0xD808, 0xDC00 } },
- { 0x00012001, { 0xD808, 0xDC01 } },
- { 0x00012002, { 0xD808, 0xDC02 } },
- { 0x00012004, { 0xD808, 0xDC04 } },
- { 0x00012008, { 0xD808, 0xDC08 } },
- { 0x00012010, { 0xD808, 0xDC10 } },
- { 0x00012020, { 0xD808, 0xDC20 } },
- { 0x00012040, { 0xD808, 0xDC40 } },
- { 0x00012080, { 0xD808, 0xDC80 } },
- { 0x00012100, { 0xD808, 0xDD00 } },
- { 0x00012200, { 0xD808, 0xDE00 } },
- { 0x00012400, { 0xD809, 0xDC00 } },
- { 0x00012800, { 0xD80A, 0xDC00 } },
- { 0x00013000, { 0xD80C, 0xDC00 } },
- { 0x00013FFF, { 0xD80F, 0xDFFF } },
- { 0x00014000, { 0xD810, 0xDC00 } },
- { 0x00014001, { 0xD810, 0xDC01 } },
- { 0x00014002, { 0xD810, 0xDC02 } },
- { 0x00014004, { 0xD810, 0xDC04 } },
- { 0x00014008, { 0xD810, 0xDC08 } },
- { 0x00014010, { 0xD810, 0xDC10 } },
- { 0x00014020, { 0xD810, 0xDC20 } },
- { 0x00014040, { 0xD810, 0xDC40 } },
- { 0x00014080, { 0xD810, 0xDC80 } },
- { 0x00014100, { 0xD810, 0xDD00 } },
- { 0x00014200, { 0xD810, 0xDE00 } },
- { 0x00014400, { 0xD811, 0xDC00 } },
- { 0x00014800, { 0xD812, 0xDC00 } },
- { 0x00015000, { 0xD814, 0xDC00 } },
- { 0x00016000, { 0xD818, 0xDC00 } },
- { 0x00017FFF, { 0xD81F, 0xDFFF } },
- { 0x00018000, { 0xD820, 0xDC00 } },
- { 0x00018001, { 0xD820, 0xDC01 } },
- { 0x00018002, { 0xD820, 0xDC02 } },
- { 0x00018004, { 0xD820, 0xDC04 } },
- { 0x00018008, { 0xD820, 0xDC08 } },
- { 0x00018010, { 0xD820, 0xDC10 } },
- { 0x00018020, { 0xD820, 0xDC20 } },
- { 0x00018040, { 0xD820, 0xDC40 } },
- { 0x00018080, { 0xD820, 0xDC80 } },
- { 0x00018100, { 0xD820, 0xDD00 } },
- { 0x00018200, { 0xD820, 0xDE00 } },
- { 0x00018400, { 0xD821, 0xDC00 } },
- { 0x00018800, { 0xD822, 0xDC00 } },
- { 0x00019000, { 0xD824, 0xDC00 } },
- { 0x0001A000, { 0xD828, 0xDC00 } },
- { 0x0001C000, { 0xD830, 0xDC00 } },
- { 0x0001FFFF, { 0xD83F, 0xDFFF } },
- { 0x00020000, { 0xD840, 0xDC00 } },
- { 0x00020001, { 0xD840, 0xDC01 } },
- { 0x00020002, { 0xD840, 0xDC02 } },
- { 0x00020004, { 0xD840, 0xDC04 } },
- { 0x00020008, { 0xD840, 0xDC08 } },
- { 0x00020010, { 0xD840, 0xDC10 } },
- { 0x00020020, { 0xD840, 0xDC20 } },
- { 0x00020040, { 0xD840, 0xDC40 } },
- { 0x00020080, { 0xD840, 0xDC80 } },
- { 0x00020100, { 0xD840, 0xDD00 } },
- { 0x00020200, { 0xD840, 0xDE00 } },
- { 0x00020400, { 0xD841, 0xDC00 } },
- { 0x00020800, { 0xD842, 0xDC00 } },
- { 0x00021000, { 0xD844, 0xDC00 } },
- { 0x00022000, { 0xD848, 0xDC00 } },
- { 0x00024000, { 0xD850, 0xDC00 } },
- { 0x00028000, { 0xD860, 0xDC00 } },
- { 0x0002FFFF, { 0xD87F, 0xDFFF } },
- { 0x00030000, { 0xD880, 0xDC00 } },
- { 0x00030001, { 0xD880, 0xDC01 } },
- { 0x00030002, { 0xD880, 0xDC02 } },
- { 0x00030004, { 0xD880, 0xDC04 } },
- { 0x00030008, { 0xD880, 0xDC08 } },
- { 0x00030010, { 0xD880, 0xDC10 } },
- { 0x00030020, { 0xD880, 0xDC20 } },
- { 0x00030040, { 0xD880, 0xDC40 } },
- { 0x00030080, { 0xD880, 0xDC80 } },
- { 0x00030100, { 0xD880, 0xDD00 } },
- { 0x00030200, { 0xD880, 0xDE00 } },
- { 0x00030400, { 0xD881, 0xDC00 } },
- { 0x00030800, { 0xD882, 0xDC00 } },
- { 0x00031000, { 0xD884, 0xDC00 } },
- { 0x00032000, { 0xD888, 0xDC00 } },
- { 0x00034000, { 0xD890, 0xDC00 } },
- { 0x00038000, { 0xD8A0, 0xDC00 } },
- { 0x0003FFFF, { 0xD8BF, 0xDFFF } },
- { 0x00040000, { 0xD8C0, 0xDC00 } },
- { 0x00040001, { 0xD8C0, 0xDC01 } },
- { 0x00040002, { 0xD8C0, 0xDC02 } },
- { 0x00040004, { 0xD8C0, 0xDC04 } },
- { 0x00040008, { 0xD8C0, 0xDC08 } },
- { 0x00040010, { 0xD8C0, 0xDC10 } },
- { 0x00040020, { 0xD8C0, 0xDC20 } },
- { 0x00040040, { 0xD8C0, 0xDC40 } },
- { 0x00040080, { 0xD8C0, 0xDC80 } },
- { 0x00040100, { 0xD8C0, 0xDD00 } },
- { 0x00040200, { 0xD8C0, 0xDE00 } },
- { 0x00040400, { 0xD8C1, 0xDC00 } },
- { 0x00040800, { 0xD8C2, 0xDC00 } },
- { 0x00041000, { 0xD8C4, 0xDC00 } },
- { 0x00042000, { 0xD8C8, 0xDC00 } },
- { 0x00044000, { 0xD8D0, 0xDC00 } },
- { 0x00048000, { 0xD8E0, 0xDC00 } },
- { 0x0004FFFF, { 0xD8FF, 0xDFFF } },
- { 0x00050000, { 0xD900, 0xDC00 } },
- { 0x00050001, { 0xD900, 0xDC01 } },
- { 0x00050002, { 0xD900, 0xDC02 } },
- { 0x00050004, { 0xD900, 0xDC04 } },
- { 0x00050008, { 0xD900, 0xDC08 } },
- { 0x00050010, { 0xD900, 0xDC10 } },
- { 0x00050020, { 0xD900, 0xDC20 } },
- { 0x00050040, { 0xD900, 0xDC40 } },
- { 0x00050080, { 0xD900, 0xDC80 } },
- { 0x00050100, { 0xD900, 0xDD00 } },
- { 0x00050200, { 0xD900, 0xDE00 } },
- { 0x00050400, { 0xD901, 0xDC00 } },
- { 0x00050800, { 0xD902, 0xDC00 } },
- { 0x00051000, { 0xD904, 0xDC00 } },
- { 0x00052000, { 0xD908, 0xDC00 } },
- { 0x00054000, { 0xD910, 0xDC00 } },
- { 0x00058000, { 0xD920, 0xDC00 } },
- { 0x00060000, { 0xD940, 0xDC00 } },
- { 0x00070000, { 0xD980, 0xDC00 } },
- { 0x0007FFFF, { 0xD9BF, 0xDFFF } },
- { 0x00080000, { 0xD9C0, 0xDC00 } },
- { 0x00080001, { 0xD9C0, 0xDC01 } },
- { 0x00080002, { 0xD9C0, 0xDC02 } },
- { 0x00080004, { 0xD9C0, 0xDC04 } },
- { 0x00080008, { 0xD9C0, 0xDC08 } },
- { 0x00080010, { 0xD9C0, 0xDC10 } },
- { 0x00080020, { 0xD9C0, 0xDC20 } },
- { 0x00080040, { 0xD9C0, 0xDC40 } },
- { 0x00080080, { 0xD9C0, 0xDC80 } },
- { 0x00080100, { 0xD9C0, 0xDD00 } },
- { 0x00080200, { 0xD9C0, 0xDE00 } },
- { 0x00080400, { 0xD9C1, 0xDC00 } },
- { 0x00080800, { 0xD9C2, 0xDC00 } },
- { 0x00081000, { 0xD9C4, 0xDC00 } },
- { 0x00082000, { 0xD9C8, 0xDC00 } },
- { 0x00084000, { 0xD9D0, 0xDC00 } },
- { 0x00088000, { 0xD9E0, 0xDC00 } },
- { 0x0008FFFF, { 0xD9FF, 0xDFFF } },
- { 0x00090000, { 0xDA00, 0xDC00 } },
- { 0x00090001, { 0xDA00, 0xDC01 } },
- { 0x00090002, { 0xDA00, 0xDC02 } },
- { 0x00090004, { 0xDA00, 0xDC04 } },
- { 0x00090008, { 0xDA00, 0xDC08 } },
- { 0x00090010, { 0xDA00, 0xDC10 } },
- { 0x00090020, { 0xDA00, 0xDC20 } },
- { 0x00090040, { 0xDA00, 0xDC40 } },
- { 0x00090080, { 0xDA00, 0xDC80 } },
- { 0x00090100, { 0xDA00, 0xDD00 } },
- { 0x00090200, { 0xDA00, 0xDE00 } },
- { 0x00090400, { 0xDA01, 0xDC00 } },
- { 0x00090800, { 0xDA02, 0xDC00 } },
- { 0x00091000, { 0xDA04, 0xDC00 } },
- { 0x00092000, { 0xDA08, 0xDC00 } },
- { 0x00094000, { 0xDA10, 0xDC00 } },
- { 0x00098000, { 0xDA20, 0xDC00 } },
- { 0x000A0000, { 0xDA40, 0xDC00 } },
- { 0x000B0000, { 0xDA80, 0xDC00 } },
- { 0x000C0000, { 0xDAC0, 0xDC00 } },
- { 0x000D0000, { 0xDB00, 0xDC00 } },
- { 0x000FFFFF, { 0xDBBF, 0xDFFF } },
- { 0x0010FFFF, { 0xDBFF, 0xDFFF } }
-
-};
-#endif /* UTF16 */
-
-static void
-dump_utf8
-(
- char *word,
- unsigned char *utf8,
- char *end
-)
-{
- fprintf(stdout, "%s ", word);
- for( ; *utf8; utf8++ ) {
- fprintf(stdout, "%02.2x ", (unsigned int)*utf8);
- }
- fprintf(stdout, "%s", end);
-}
-
-static PRBool
-test_ucs4_chars
-(
- void
-)
-{
- PRBool rv = PR_TRUE;
- int i;
-
- for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
- struct ucs4 *e = &ucs4[i];
- PRBool result;
- unsigned char utf8[8];
- unsigned int len = 0;
- PRUint32 back = 0;
-
- (void)memset(utf8, 0, sizeof(utf8));
-
- result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&e->c, sizeof(e->c), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-4 0x%08.8x to UTF-8\n", e->c);
- rv = PR_FALSE;
- continue;
- }
-
- if( (len >= sizeof(utf8)) ||
- (strlen(e->utf8) != len) ||
- (utf8[len] = '\0', 0 != strcmp(e->utf8, utf8)) ) {
- fprintf(stdout, "Wrong conversion of UCS-4 0x%08.8x to UTF-8: ", e->c);
- dump_utf8("expected", e->utf8, ", ");
- dump_utf8("received", utf8, "\n");
- rv = PR_FALSE;
- continue;
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
- utf8, len, (unsigned char *)&back, sizeof(back), &len);
-
- if( !result ) {
- dump_utf8("Failed to convert UTF-8", utf8, "to UCS-4\n");
- rv = PR_FALSE;
- continue;
- }
-
- if( (sizeof(back) != len) || (e->c != back) ) {
- dump_utf8("Wrong conversion of UTF-8", utf8, " to UCS-4:");
- fprintf(stdout, "expected 0x%08.8x, received 0x%08.8x\n", e->c, back);
- rv = PR_FALSE;
- continue;
- }
- }
-
- return rv;
-}
-
-static PRBool
-test_ucs2_chars
-(
- void
-)
-{
- PRBool rv = PR_TRUE;
- int i;
-
- for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
- struct ucs2 *e = &ucs2[i];
- PRBool result;
- unsigned char utf8[8];
- unsigned int len = 0;
- PRUint16 back = 0;
-
- (void)memset(utf8, 0, sizeof(utf8));
-
- result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&e->c, sizeof(e->c), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-2 0x%04.4x to UTF-8\n", e->c);
- rv = PR_FALSE;
- continue;
- }
-
- if( (len >= sizeof(utf8)) ||
- (strlen(e->utf8) != len) ||
- (utf8[len] = '\0', 0 != strcmp(e->utf8, utf8)) ) {
- fprintf(stdout, "Wrong conversion of UCS-2 0x%04.4x to UTF-8: ", e->c);
- dump_utf8("expected", e->utf8, ", ");
- dump_utf8("received", utf8, "\n");
- rv = PR_FALSE;
- continue;
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
- utf8, len, (unsigned char *)&back, sizeof(back), &len);
-
- if( !result ) {
- dump_utf8("Failed to convert UTF-8", utf8, "to UCS-2\n");
- rv = PR_FALSE;
- continue;
- }
-
- if( (sizeof(back) != len) || (e->c != back) ) {
- dump_utf8("Wrong conversion of UTF-8", utf8, "to UCS-2:");
- fprintf(stdout, "expected 0x%08.8x, received 0x%08.8x\n", e->c, back);
- rv = PR_FALSE;
- continue;
- }
- }
-
- return rv;
-}
-
-#ifdef UTF16
-static PRBool
-test_utf16_chars
-(
- void
-)
-{
- PRBool rv = PR_TRUE;
- int i;
-
- for( i = 0; i < sizeof(utf16)/sizeof(utf16[0]); i++ ) {
- struct utf16 *e = &utf16[i];
- PRBool result;
- unsigned char utf8[8];
- unsigned int len = 0;
- PRUint32 back32 = 0;
- PRUint16 back[2];
-
- (void)memset(utf8, 0, sizeof(utf8));
-
- result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&e->w[0], sizeof(e->w), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UTF-16 0x%04.4x 0x%04.4x to UTF-8\n",
- e->w[0], e->w[1]);
- rv = PR_FALSE;
- continue;
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
- utf8, len, (unsigned char *)&back32, sizeof(back32), &len);
-
- if( 4 != len ) {
- fprintf(stdout, "Failed to convert UTF-16 0x%04.4x 0x%04.4x to UTF-8: "
- "unexpected len %d\n", e->w[0], e->w[1], len);
- rv = PR_FALSE;
- continue;
- }
-
- utf8[len] = '\0'; /* null-terminate for printing */
-
- if( !result ) {
- dump_utf8("Failed to convert UTF-8", utf8, "to UCS-4 (utf-16 test)\n");
- rv = PR_FALSE;
- continue;
- }
-
- if( (sizeof(back32) != len) || (e->c != back32) ) {
- fprintf(stdout, "Wrong conversion of UTF-16 0x%04.4x 0x%04.4x ",
- e->w[0], e->w[1]);
- dump_utf8("to UTF-8", utf8, "and then to UCS-4: ");
- if( sizeof(back32) != len ) {
- fprintf(stdout, "len is %d\n", len);
- } else {
- fprintf(stdout, "expected 0x%08.8x, received 0x%08.8x\n", e->c, back32);
- }
- rv = PR_FALSE;
- continue;
- }
-
- (void)memset(utf8, 0, sizeof(utf8));
- back[0] = back[1] = 0;
-
- result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&e->c, sizeof(e->c), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-4 0x%08.8x to UTF-8 (utf-16 test)\n",
- e->c);
- rv = PR_FALSE;
- continue;
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
- utf8, len, (unsigned char *)&back[0], sizeof(back), &len);
-
- if( 4 != len ) {
- fprintf(stdout, "Failed to convert UCS-4 0x%08.8x to UTF-8: "
- "unexpected len %d\n", e->c, len);
- rv = PR_FALSE;
- continue;
- }
-
- utf8[len] = '\0'; /* null-terminate for printing */
-
- if( !result ) {
- dump_utf8("Failed to convert UTF-8", utf8, "to UTF-16\n");
- rv = PR_FALSE;
- continue;
- }
-
- if( (sizeof(back) != len) || (e->w[0] != back[0]) || (e->w[1] != back[1]) ) {
- fprintf(stdout, "Wrong conversion of UCS-4 0x%08.8x to UTF-8", e->c);
- dump_utf8("", utf8, "and then to UTF-16:");
- if( sizeof(back) != len ) {
- fprintf(stdout, "len is %d\n", len);
- } else {
- fprintf(stdout, "expected 0x%04.4x 0x%04.4x, received 0x%04.4x 0x%04.4xx\n",
- e->w[0], e->w[1], back[0], back[1]);
- }
- rv = PR_FALSE;
- continue;
- }
- }
-
- return rv;
-}
-#endif /* UTF16 */
-
-static PRBool
-test_zeroes
-(
- void
-)
-{
- PRBool rv = PR_TRUE;
- PRBool result;
- PRUint32 lzero = 0;
- PRUint16 szero = 0;
- unsigned char utf8[8];
- unsigned int len = 0;
- PRUint32 lback = 1;
- PRUint16 sback = 1;
-
- (void)memset(utf8, 1, sizeof(utf8));
-
- result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&lzero, sizeof(lzero), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-4 0x00000000 to UTF-8\n");
- rv = PR_FALSE;
- } else if( 1 != len ) {
- fprintf(stdout, "Wrong conversion of UCS-4 0x00000000: len = %d\n", len);
- rv = PR_FALSE;
- } else if( '\0' != *utf8 ) {
- fprintf(stdout, "Wrong conversion of UCS-4 0x00000000: expected 00 ,"
- "received %02.2x\n", (unsigned int)*utf8);
- rv = PR_FALSE;
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
- "", 1, (unsigned char *)&lback, sizeof(lback), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UTF-8 00 to UCS-4\n");
- rv = PR_FALSE;
- } else if( 4 != len ) {
- fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-4: len = %d\n", len);
- rv = PR_FALSE;
- } else if( 0 != lback ) {
- fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-4: "
- "expected 0x00000000, received 0x%08.8x\n", lback);
- rv = PR_FALSE;
- }
-
- (void)memset(utf8, 1, sizeof(utf8));
-
- result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
- (unsigned char *)&szero, sizeof(szero), utf8, sizeof(utf8), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UCS-2 0x0000 to UTF-8\n");
- rv = PR_FALSE;
- } else if( 1 != len ) {
- fprintf(stdout, "Wrong conversion of UCS-2 0x0000: len = %d\n", len);
- rv = PR_FALSE;
- } else if( '\0' != *utf8 ) {
- fprintf(stdout, "Wrong conversion of UCS-2 0x0000: expected 00 ,"
- "received %02.2x\n", (unsigned int)*utf8);
- rv = PR_FALSE;
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
- "", 1, (unsigned char *)&sback, sizeof(sback), &len);
-
- if( !result ) {
- fprintf(stdout, "Failed to convert UTF-8 00 to UCS-2\n");
- rv = PR_FALSE;
- } else if( 2 != len ) {
- fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-2: len = %d\n", len);
- rv = PR_FALSE;
- } else if( 0 != sback ) {
- fprintf(stdout, "Wrong conversion of UTF-8 00 to UCS-2: "
- "expected 0x0000, received 0x%04.4x\n", sback);
- rv = PR_FALSE;
- }
-
- return rv;
-}
-
-static PRBool
-test_multichars
-(
- void
-)
-{
- int i;
- unsigned int len, lenout;
- PRUint32 *ucs4s;
- char *ucs4_utf8;
- PRUint16 *ucs2s;
- char *ucs2_utf8;
- void *tmp;
- PRBool result;
-
- ucs4s = (PRUint32 *)calloc(sizeof(ucs4)/sizeof(ucs4[0]), sizeof(PRUint32));
- ucs2s = (PRUint16 *)calloc(sizeof(ucs2)/sizeof(ucs2[0]), sizeof(PRUint16));
-
- if( ((PRUint32 *)NULL == ucs4s) || ((PRUint16 *)NULL == ucs2s) ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- len = 0;
- for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
- ucs4s[i] = ucs4[i].c;
- len += strlen(ucs4[i].utf8);
- }
-
- ucs4_utf8 = (char *)malloc(len);
-
- len = 0;
- for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
- ucs2s[i] = ucs2[i].c;
- len += strlen(ucs2[i].utf8);
- }
-
- ucs2_utf8 = (char *)malloc(len);
-
- if( ((char *)NULL == ucs4_utf8) || ((char *)NULL == ucs2_utf8) ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- *ucs4_utf8 = '\0';
- for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
- strcat(ucs4_utf8, ucs4[i].utf8);
- }
-
- *ucs2_utf8 = '\0';
- for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
- strcat(ucs2_utf8, ucs2[i].utf8);
- }
-
- /* UTF-8 -> UCS-4 */
- len = sizeof(ucs4)/sizeof(ucs4[0]) * sizeof(PRUint32);
- tmp = calloc(len, 1);
- if( (void *)NULL == tmp ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_TRUE,
- ucs4_utf8, strlen(ucs4_utf8), tmp, len, &lenout);
- if( !result ) {
- fprintf(stdout, "Failed to convert much UTF-8 to UCS-4\n");
- goto done;
- }
-
- if( lenout != len ) {
- fprintf(stdout, "Unexpected length converting much UTF-8 to UCS-4\n");
- goto loser;
- }
-
- if( 0 != memcmp(ucs4s, tmp, len) ) {
- fprintf(stdout, "Wrong conversion of much UTF-8 to UCS-4\n");
- goto loser;
- }
-
- free(tmp); tmp = (void *)NULL;
-
- /* UCS-4 -> UTF-8 */
- len = strlen(ucs4_utf8);
- tmp = calloc(len, 1);
- if( (void *)NULL == tmp ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- result = sec_port_ucs4_utf8_conversion_function(PR_FALSE,
- (unsigned char *)ucs4s, sizeof(ucs4)/sizeof(ucs4[0]) * sizeof(PRUint32),
- tmp, len, &lenout);
- if( !result ) {
- fprintf(stdout, "Failed to convert much UCS-4 to UTF-8\n");
- goto done;
- }
-
- if( lenout != len ) {
- fprintf(stdout, "Unexpected length converting much UCS-4 to UTF-8\n");
- goto loser;
- }
-
- if( 0 != strncmp(ucs4_utf8, tmp, len) ) {
- fprintf(stdout, "Wrong conversion of much UCS-4 to UTF-8\n");
- goto loser;
- }
-
- free(tmp); tmp = (void *)NULL;
-
- /* UTF-8 -> UCS-2 */
- len = sizeof(ucs2)/sizeof(ucs2[0]) * sizeof(PRUint16);
- tmp = calloc(len, 1);
- if( (void *)NULL == tmp ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_TRUE,
- ucs2_utf8, strlen(ucs2_utf8), tmp, len, &lenout);
- if( !result ) {
- fprintf(stdout, "Failed to convert much UTF-8 to UCS-2\n");
- goto done;
- }
-
- if( lenout != len ) {
- fprintf(stdout, "Unexpected length converting much UTF-8 to UCS-2\n");
- goto loser;
- }
-
- if( 0 != memcmp(ucs2s, tmp, len) ) {
- fprintf(stdout, "Wrong conversion of much UTF-8 to UCS-2\n");
- goto loser;
- }
-
- free(tmp); tmp = (void *)NULL;
-
- /* UCS-2 -> UTF-8 */
- len = strlen(ucs2_utf8);
- tmp = calloc(len, 1);
- if( (void *)NULL == tmp ) {
- fprintf(stderr, "out of memory\n");
- exit(1);
- }
-
- result = sec_port_ucs2_utf8_conversion_function(PR_FALSE,
- (unsigned char *)ucs2s, sizeof(ucs2)/sizeof(ucs2[0]) * sizeof(PRUint16),
- tmp, len, &lenout);
- if( !result ) {
- fprintf(stdout, "Failed to convert much UCS-2 to UTF-8\n");
- goto done;
- }
-
- if( lenout != len ) {
- fprintf(stdout, "Unexpected length converting much UCS-2 to UTF-8\n");
- goto loser;
- }
-
- if( 0 != strncmp(ucs2_utf8, tmp, len) ) {
- fprintf(stdout, "Wrong conversion of much UCS-2 to UTF-8\n");
- goto loser;
- }
-
-#ifdef UTF16
- /* implement me */
-#endif /* UTF16 */
-
- result = PR_TRUE;
- goto done;
-
- loser:
- result = PR_FALSE;
- done:
- free(ucs4s);
- free(ucs4_utf8);
- free(ucs2s);
- free(ucs2_utf8);
- if( (void *)NULL != tmp ) free(tmp);
- return result;
-}
-
-void
-byte_order
-(
- void
-)
-{
- /*
- * The implementation (now) expects the 16- and 32-bit characters
- * to be in network byte order, not host byte order. Therefore I
- * have to byteswap all those test vectors above. hton[ls] may be
- * functions, so I have to do this dynamically. If you want to
- * use this code to do host byte order conversions, just remove
- * the call in main() to this function.
- */
-
- int i;
-
- for( i = 0; i < sizeof(ucs4)/sizeof(ucs4[0]); i++ ) {
- struct ucs4 *e = &ucs4[i];
- e->c = htonl(e->c);
- }
-
- for( i = 0; i < sizeof(ucs2)/sizeof(ucs2[0]); i++ ) {
- struct ucs2 *e = &ucs2[i];
- e->c = htons(e->c);
- }
-
-#ifdef UTF16
- for( i = 0; i < sizeof(utf16)/sizeof(utf16[0]); i++ ) {
- struct utf16 *e = &utf16[i];
- e->c = htonl(e->c);
- e->w[0] = htons(e->w[0]);
- e->w[1] = htons(e->w[1]);
- }
-#endif /* UTF16 */
-
- return;
-}
-
-int
-main
-(
- int argc,
- char *argv[]
-)
-{
- byte_order();
-
- if( test_ucs4_chars() &&
- test_ucs2_chars() &&
-#ifdef UTF16
- test_utf16_chars() &&
-#endif /* UTF16 */
- test_zeroes() &&
- test_multichars() &&
- PR_TRUE ) {
- fprintf(stderr, "PASS\n");
- return 1;
- } else {
- fprintf(stderr, "FAIL\n");
- return 0;
- }
-}
-
-#endif /* TEST_UTF8 */
diff --git a/security/nss/lib/util/watcomfx.h b/security/nss/lib/util/watcomfx.h
deleted file mode 100644
index bc1d20f72..000000000
--- a/security/nss/lib/util/watcomfx.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#if defined(__WATCOMC__) || defined(__WATCOM_CPLUSPLUS__)
-#ifndef __WATCOM_FIX_H__
-#define __WATCOM_FIX_H__ 1
-/*
- * WATCOM's C compiler doesn't default to "__cdecl" conventions for external
- * symbols and functions. Rather than adding an explicit __cdecl modifier to
- * every external symbol and function declaration and definition, we use the
- * following pragma to (attempt to) change WATCOM c's default to __cdecl.
- * These pragmas were taken from pages 180-181, 266 & 269 of the
- * Watcom C/C++ version 11 User's Guide, 3rd edition.
- */
-#if defined(XP_WIN16) || defined(WIN16)
-#pragma aux default "_*" \
- parm caller [] \
- value struct float struct routine [ax] \
- modify [ax bx cx dx es]
-#else
-#pragma aux default "_*" \
- parm caller [] \
- value struct float struct routine [eax] \
- modify [eax ecx edx]
-#endif
-#pragma aux default far
-
-#endif /* once */
-#endif /* WATCOM compiler */
diff --git a/security/nss/macbuild/LoadableRoots.mcp b/security/nss/macbuild/LoadableRoots.mcp
deleted file mode 100644
index f99a7e45a..000000000
--- a/security/nss/macbuild/LoadableRoots.mcp
+++ /dev/null
Binary files differ
diff --git a/security/nss/macbuild/LoadableRoots.mcp.exp b/security/nss/macbuild/LoadableRoots.mcp.exp
deleted file mode 100644
index 562ecea21..000000000
--- a/security/nss/macbuild/LoadableRoots.mcp.exp
+++ /dev/null
@@ -1 +0,0 @@
-C_GetFunctionList
diff --git a/security/nss/macbuild/NSS.Prefix b/security/nss/macbuild/NSS.Prefix
deleted file mode 100755
index 9a088a3b1..000000000
--- a/security/nss/macbuild/NSS.Prefix
+++ /dev/null
@@ -1,3 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix.h"
-#include "NSSCommon.h"
diff --git a/security/nss/macbuild/NSS.mcp b/security/nss/macbuild/NSS.mcp
deleted file mode 100755
index d8b9fcc33..000000000
--- a/security/nss/macbuild/NSS.mcp
+++ /dev/null
Binary files differ
diff --git a/security/nss/macbuild/NSSCommon.h b/security/nss/macbuild/NSSCommon.h
deleted file mode 100755
index 6f568fb05..000000000
--- a/security/nss/macbuild/NSSCommon.h
+++ /dev/null
@@ -1,5 +0,0 @@
-/* Defines common to all versions of NSS */
-
-#define NSPR20 1
-#define MP_API_COMPATIBLE 1
-
diff --git a/security/nss/macbuild/NSSDebug.Prefix b/security/nss/macbuild/NSSDebug.Prefix
deleted file mode 100755
index 967b0889c..000000000
--- a/security/nss/macbuild/NSSDebug.Prefix
+++ /dev/null
@@ -1,3 +0,0 @@
-/* Optimized prefix */
-#include "MacPrefix_debug.h"
-#include "NSSCommon.h"
diff --git a/security/nss/macbuild/NSSckfw.mcp b/security/nss/macbuild/NSSckfw.mcp
deleted file mode 100644
index 6624f2319..000000000
--- a/security/nss/macbuild/NSSckfw.mcp
+++ /dev/null
Binary files differ
diff --git a/security/nss/macbuild/macstubs.c b/security/nss/macbuild/macstubs.c
deleted file mode 100644
index 98613cd06..000000000
--- a/security/nss/macbuild/macstubs.c
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
- /*
- * This file is meant only to make the Mac version of the
- * loadable root certs not have to build the nsprstub for NSS
- * which causes 2 versions of the PR_* functions to be loaded.
- * Very bad potentially.
- */
-
- #include "pkcs11t.h"
-
- void
- nssSetLockArgs(CK_C_INITIALIZE_ARGS_PTR pInitArgs) {}
- \ No newline at end of file
diff --git a/security/nss/makefile.win b/security/nss/makefile.win
deleted file mode 100644
index fcde6c6f7..000000000
--- a/security/nss/makefile.win
+++ /dev/null
@@ -1,99 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#
-# An NMAKE file to set up and adjust NSS's build system for
-# Client build. Client build should invoke NMAKE on this file
-# instead of invoking gmake directly.
-#
-
-DEPTH = ..\..
-include <$(DEPTH)\config\config.mak>
-
-GMAKE = gmake.exe
-
-GMAKE_FLAGS = OBJDIR_NAME=$(OBJDIR) MOZILLA_CLIENT=1
-GMAKE_FLAGS = $(GMAKE_FLAGS) MOZILLA_INCLUDES="-I$(MOZ_SRC:\=/)/mozilla/dist/include/nspr -I$(MOZ_SRC:\=/)/mozilla/dist/include/dbm"
-
-#
-# The Client's debug build uses MSVC's debug runtime library (/MDd).
-#
-
-!ifndef MOZ_DEBUG
-GMAKE_FLAGS = $(GMAKE_FLAGS) BUILD_OPT=1
-!endif
-
-!if "$(MOZ_BITS)" == "16"
-GMAKE_FLAGS = $(GMAKE_FLAGS) OS_TARGET=WIN16
-!else
-
-GMAKE_FLAGS = $(GMAKE_FLAGS) OS_TARGET=WIN95
-!ifdef MOZ_DEBUG
-!ifndef MOZ_NO_DEBUG_RTL
-GMAKE_FLAGS = $(GMAKE_FLAGS) USE_DEBUG_RTL=1
-!endif
-!endif
-
-!endif
-
-#
-# The rules. Simply invoke gmake with the same target.
-# The default target is 'all'. For Win16, set up the
-# environment to use the Watcom compiler, Watcom headers,
-# and Watcom libs.
-#
-
-all:: export libs install
-
-install:: moz_import install_roots
-
-depend::
-
-export libs install clobber clobber_all clean::
-!if "$(MOZ_BITS)" == "16"
- set PATH=%WATCPATH%
- set INCLUDE=%WATC_INC%
- set LIB=%WATC_LIB%
-!endif
- $(GMAKE) -C lib $(GMAKE_FLAGS) $@
-!if "$(MOZ_BITS)" == "16"
- set PATH=%MSVCPATH%
- set INCLUDE=%MSVC_INC%
- set LIB=%MSVC_LIB%
-!endif
-
-moz_import::
- copy $(DIST)\lib\dbm32.lib $(DIST)\lib\dbm.lib
-
-install_roots::
- $(MAKE_INSTALL) $(DIST)\lib\nssckbi.dll $(DIST)\bin
diff --git a/security/nss/manifest.mn b/security/nss/manifest.mn
deleted file mode 100644
index fd91496cf..000000000
--- a/security/nss/manifest.mn
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ..
-DEPTH = ..
-
-IMPORTS = nspr20/v4.1.2 \
- dbm/DBM_1_55_RTM \
- $(NULL)
-
-RELEASE = security
-
-DIRS = lib cmd
-
-
diff --git a/security/nss/relnotes.txt b/security/nss/relnotes.txt
deleted file mode 100644
index c0998655b..000000000
--- a/security/nss/relnotes.txt
+++ /dev/null
@@ -1,284 +0,0 @@
-HCL Users,
-
-HCL 1.5.7 has been released. It fixes a very small list of bugs that
-were found since HCL 1.5.6 was released, and contains no new features or
-public API changes. The list of bugs fixed in HCL 1.5.7 is below.
-The release notes for HCL 1.5.6 are appended to these notes.
-
-ALL SERVERS should abandon HCL 1.5.6 and switch to HCL 1.5.7 ASAP.
-The reasons for this strong recommendation should be self apparent after
-reading the list of bugs fixed.
-
-We recommend that all sources that include HCL headers be recompiled
-with the new HCL 1.5.7 headers. This is only a precaution.
-
-
-Security Library 1.57
-Build Date: 19980902
-
-****************************************************************
-**
-** NOTE: THIS RELEASE IS NOT BINARY COMPATIBLE WITH 1.55
-** AND ANY APPLICATION CODE WILL HAVE TO BE RECOMPILED
-**
-****************************************************************
-
-
-****************************************************************
-**
-** Directory organization of this release
-**
-****************************************************************
-
-This release consists of the following:
-- a JAR file, xpheader.jar, that contains all of the public header files.
-
-- <platform> directories: where <platform> is of the form
- <os-name><os-version>[_<compiler>][_<implementation strategy>]_<DBG/OPT>.OBJ
- For example,
- IRIX6.2_DBG.OBJ (debug build)
- SunOS5.5.1_OPT.OBJ (optimized build)
- SunOS5.5.1_gcc_DBG.OBJ (built using the non-native compiler gcc)
- OSF1V4.0_PTH_DBG.OBJ (PTH means the implementation uses pthreads.)
- AIX4.1_PTH_USER_DBG.OBJ (PTH_USER means the implementation is
- a combination of user-level threads and pthreads.)
-
- Under each <platform> directory, is the file, mdbinary.jar. This is a
- JAR file containing the compiled libraries.
-
-
-************************************************************
-**
-** Platforms supported
-**
-************************************************************
-
-The following platforms are supported:
-- Solaris on sparc: 2.5.1, 2.6 (built with cc)
-- IRIX: 6.2, 6.3 (built with cc)
-- HP-UX: B.10.10, B10.20, B11.00 (built with cc)
-- OSF1: V4.0D (built with cc)
-- AIX: 4.2 (built with compiler xlC_r).
-- Linux: 2.1.108
-- WINNT: 4.0 (Visual C++ 4.2 built with and without debug runtime)
-
-
-************************************************************
-**
-** How to build the libraries yourself
-**
-************************************************************
-This release of HCL depends on NSPR version 19980529A and
-DBM version DBM_1_53.
-
-To build the libraries yourself, execute the following instructions.
-
-On UNIX machines:
- cvs co -r HCL_157 ns/security
- cvs co -r HCL_157 ns/coreconf
- cd ns/coreconf
- source ./.cshrc
- gmake [BUILD_OPT=1]
- cd ..
- cd security
- gmake [BUILD_OPT=1] import
- gmake [BUILD_OPT=1]
-
-On Windows NT machines:
- cvs co -r HCL_157 ns/security
- cvs co -r HCL_157 ns/coreconf
- cd ns/security
- gmake [BUILD_OPT=1] import
- gmake [BUILD_OPT=1]
-
-For IRIX builds using -n32 flag with pthreads:
- cvs co -r HCL_157 ns/security
- cvs co -r HCL_157 ns/coreconf
- cd ns/coreconf
- source ./.cshrc
- gmake USE_N32=1 USE_PTHREADS=1 [BUILD_OPT=1]
- cd ..
- cd security
- gmake USE_N32=1 USE_PTHREADS=1 [BUILD_OPT=1] import
- gmake USE_N32=1 USE_PTHREADS=1 [BUILD_OPT=1]
-
-
-************************************************************
-**
-** Web site, mailing lists, questions, bug reports
-**
-************************************************************
-
-You can find information about the Security Libraries at the Hardcore Web
-site: http://warp/projects/hardcore/
-
-If you have any questions regarding SSL or the HCL libraries, please refer to the
-following documents:
- http://twain.mcom.com/developer/security/nss/ssl/index.htm
- http://twain.mcom.com/developer/security/nss/index.htm
-
-There is a mailing list for HCL issues:
- - hcl: the developers of HCL.
-
-Please use BugSplat on scopus (http://scopus/bugsplat) to report
-bugs. Choose product "Security Library", version "1.5".
-
-
-Here's how/where to get HCL 1.5.7:
-
-bits are available at
-/m/dist/security/19980902 a.k.a. /m/dist/security/HCL_1_57
-
-\\helium\dist\security\19980902 or \\helium\dist\security\HCL_1_57
-
-
-Here is the list of bugs fixed in HCL 1.5.7:
-a) Thread safety-related crash in cert lib.
-
-b) Thread safety-related problems in NSPR's PL_Arena code.
- Worked around by surrounding all HCL's PL_Arena calls with a lock/unlock.
- Applications that make their own calls to NSPR's PL_Arena functions or
- that use other non-HCL libraries that use PL_Arenas may continue to have
- thread-safety issues with PL_Arenas.
-
-c) Fixed a regression in PKCS#11 in HCL 1.5.6 that caused a crash the
- first time a server received a bleichenbacker attack ("million question")
- message.
-
-See the HCL 1.5.6 release notes below for the list of known bugs in 1.5.7.
-
-
-Here is a list of the bugs fixed in HCL 1.5.6:
-
-312467 SSL3 uses global pointers for step-down keys, leaks keys
-314392 CERT_DestroyCertificate locking code causes nested locking
-314571 Memory leak in SSL
-314574 HCL Leaks in PKCS #11.
-314576 Memory leak in pseudo-prime test in libcrypto
-314585 SSL's PR_AcceptRead returns non-aligned PRNetAddr
-314592 pkcs5 leaks two memory blocks for each RSA private key op
-314596 random number generator causes Unitialized Memory Reads
-
-------------------------------------------------------------------------
- HCL 1.5.6 Readme (release notes)
-------------------------------------------------------------------------
-
-This file summarizes enhancements, fixed and known bugs in HCL 1.5.6.
-
-For detailed instructions on setting up your environment to run the
-sample code in the samples directory, see Chapter 2, "Getting Started
-with SSL" (doc/ssl/gtstd.htm) of the SSL Reference (doc/ssl/index.htm).
-
-
-ENHANCEMENTS SINCE NSS 1.5.4
-
-1. SSL returns much more detailed error messages; for details, see
-doc/ssl/sslerr.htm
-
-SSL BUGS FIXED SINCE HCL 1.5.4
-
-1. The "million question" bug in SSL has been fixed.
-
-2. A potential problem (on Unix only) with SSL_InitSessionIDCache has
-been fixed. The application chooses the directory into which the SSL
-library places the server session cache. If the application doesn't
-specify a directory explicitly, the code defaults to using the system
-default "temporary" directory, which is generally world-writable. The
-problem that was fixed occured only when the application chose to put
-the session cache files into a directory writable by untrusted users.
-If the application put the cache files in a directory that has
-appropriate limits on access, there was no problem. But if the
-application put the cache files into a directory that was world
-writable, it was possible for a rogue program to try to substitute a
-file it already had open for the server's cache file, and it would
-succeed some of the time. When it succeeded, it had access to the
-content of the session ID cache, which enabled it to do various bad
-things, such as masquerade as one of the remote clients whose session
-was in the cache.
-
-The above problem with the Unix version of SSL_InitSessionIDCachehas
-been fixed, and rogue programs cannot succeed in substituting their own
-files for the server's files any more.
-
-3. Client no longer rejects SSL ServerKeyExchange when server's
-certificate key size is 512 bits.
-
-4. Server no longer crashes in SSL after required client authentication
-fails.
-
-5. A problem that was causing crashes when multiple threads
-simultaneously requested client authentication on their respective
-server sockets has been fixed.
-
-6. The following functions now work with SSL sockets:
-
- PR_Write
- PR_TransmitFile
- PR_AcceptRead
-
-7. SSL now accepts client hellos that are too long.
-
-8. A problem that produced bad results when multiple threads
-simultaneously used the random number generator has been fixed.
-
-
-
-KNOWN BUGS IN HCL 1.5.6:
-
-1. A crash may occur when multiple processes attempt to share a server
-session ID cache. Because of this bug, an application that handshakes
-as a server is limited to conducting all SSL calls in a single process.
-
-2. Removing a token does not invalidate the client-side session cache.
-
-3. While a handshake is in progress on an SSL socket, it is not safe
-for two threads to attempt simultaneous read and write calls (PR_Recv
-and PR_Send) on that socket. Workaround: ensure that only one thread
-uses an SSL socket at a time.
-
-We expect the above 3 bugs will be fixed in a forthcoming release.
-
-SSL v2 issues in HCL 1.5.x:
-
-1. SSL_RedoHandshake only works on SSL3 connections, not SSL2. The
-SSL2 protocol does not permit additional handshakes on the connection
-after the first one is done. Ergo, if a client certificate is to be
-requested in an SSL2 connection, it must be requested on the initial
-handshake.
-
-2. HCL's SSL2 ignores the setting of the SSL_REQUIRE_CERTIFICATE
-enable. When SSL_REQUEST_CERTIFICATE is enabled, SSL2 behaves as if
-SSL_REQUIRE_CERTIFICATE is also enabled, regardless of the actual
-setting of the SSL_REQUIRE_CERTIFICATE enable.
-
-3. HCL's SSL2 server code doesn't call the bad cert handler callback
-when the authCert callback returns an error. The ssl2 client code DOES
-use the badcerthandler callback, but the ssl2 server code does not.
-This means that if the server's authCert callback returns SECFailure,
-rejecting the client cert received on an SSL2 connection, the
-badCerthandler cannot override it.
-
-4. HCL's SSL2 server code never caches the client cert. Consequently,
-if an SSL2 server is configured to request the client cert, it must ask
-the client for the client cert on every connection, not just on the
-first connection in the "session". The SSL2 client must provide the
-cert in every SSL2 connection that requests it. If the user has set the
-"ask me every time" option for his certs, he will get prompted a LOT.
-
-Item 1 above is not a bug. That's the way ssl2 is defined. Items 2-4
-are limitations of our implementation. TomW says client auth in ssl2
-was never officially supported (although it is mostly implemented).
-
-Recommended workaround for SSL2 issues:
-
-a) Don't expect client auth to work for SSL2 users.
-b) Don't request client auth in the initial handshake. Request it in a
-subsequent handshake (e.g. set SSL_REQUEST_CERTIFICATE and call
-SSL_RedoHandshake() on SSL3 connections. This will completely avoid
-client auth problems with SSL2.
-
-For some time now, we've been suggesting that servers request client
-auth on a second handshake, not the first handshake in the connection.
-If they do that, then they will never get client certs from ssl2
-clients. That is a good thing.
-
diff --git a/security/nss/tests/all.sh b/security/nss/tests/all.sh
deleted file mode 100755
index 9f6c89292..000000000
--- a/security/nss/tests/all.sh
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/all.sh
-#
-# Script to start all available NSS QA suites on one machine
-# this script is called or sourced by nssqa which runs on all required
-# platforms
-#
-# needs to work on all Unix and Windows platforms
-#
-# currently available NSS QA suites:
-# --------------------------------------------------
-# cert.sh - exercises certutil and creates certs necessary for all
-# other tests
-# ssl.sh - tests SSL V2 SSL V3 and TLS
-# smime.sh - S/MIME testing
-# sdr.sh - test NSS SDR
-# cipher.sh - test NSS ciphers
-# perf.sh - Nightly performance measurments
-# tools.sh - Tests the majority of the NSS tools
-# fips.sh - Tests basic functionallity of NSS in FIPS-compliant mode
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# NOTE:
-# -----
-# Unlike the old QA this is based on files sourcing each other
-# This is done to save time, since a great portion of time is lost
-# in calling and sourcing the same things multiple times over the
-# network. Also, this way all scripts have all shell function available
-# and a completely common environment
-#
-# file tells the test suite that the output is going to a log, so any
-# forked() children need to redirect their output to prevent them from
-# being over written.
-#
-########################################################################
-
-TESTS="cert ssl sdr cipher smime perf tools fips"
-SCRIPTNAME=all.sh
-CLEANUP="${SCRIPTNAME}"
-cd `dirname $0` # will cause problems if sourced
-
-#all.sh should be the first one to try to source the init
-if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd common
- . init.sh
-fi
-
-if [ -z "O_CRON" -o "$O_CRON" != "ON" ]
-then
- tail -f ${LOGFILE} &
- TAILPID=$!
-fi
-
-for i in ${TESTS}
-do
- SCRIPTNAME=${i}.sh
- echo "Running Tests for $i"
- (cd ${QADIR}/$i ; . $SCRIPTNAME all file >> ${LOGFILE} 2>&1)
-done
-
-SCRIPTNAME=all.sh
-
-if [ -z "O_CRON" -o "$O_CRON" != "ON" ]
-then
- kill ${TAILPID}
- if [ -n "$os_name" -a "$os_name" = "Windows" ]
- then
- echo "MKS special - killing the tail -f"
- kill `ps | grep "tail -f ${LOGFILE}" | grep -v grep |
- sed -e "s/^ *//" -e "s/ .*//"`
- fi
-fi
-
-. ${QADIR}/common/cleanup.sh
diff --git a/security/nss/tests/cert/cert.sh b/security/nss/tests/cert/cert.sh
deleted file mode 100755
index b9c2dfe33..000000000
--- a/security/nss/tests/cert/cert.sh
+++ /dev/null
@@ -1,490 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-########################################################################
-#
-# mozilla/security/nss/tests/cert/cert.sh
-#
-# Certificate generating and handeling for NSS QA, can be included
-# multiple times from all.sh and the individual scripts
-#
-# needs to work on all Unix and Windows platforms
-#
-# included from (don't expect this to be up to date)
-# --------------------------------------------------
-# all.sh
-# ssl.sh
-# smime.sh
-# tools.sh
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# FIXME - Netscape - NSS
-########################################################################
-
-############################## cert_init ###############################
-# local shell function to initialize this script
-########################################################################
-cert_init()
-{
- SCRIPTNAME="cert.sh"
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
- if [ -z "${INIT_SOURCED}" ] ; then
- cd ../common
- . init.sh
- fi
- SCRIPTNAME="cert.sh"
- html_head "Certutil Tests"
-
- ################## Generate noise for our CA cert. ######################
- # NOTE: these keys are only suitable for testing, as this whole thing
- # bypasses the entropy gathering. Don't use this method to generate
- # keys and certs for product use or deployment.
- #
- ps -efl > ${NOISE_FILE} 2>&1
- ps aux >> ${NOISE_FILE} 2>&1
- noise
-}
-
-cert_log() ###################### write the cert_status file
-{
- #echo "$SCRIPTNAME $*"
- echo $* >>${CERT_LOG_FILE}
-}
-
-################################ noise ##################################
-# Generate noise for our certs
-#
-# NOTE: these keys are only suitable for testing, as this whole thing bypasses
-# the entropy gathering. Don't use this method to generate keys and certs for
-# product use or deployment.
-#########################################################################
-noise()
-{
- netstat >> ${NOISE_FILE} 2>&1
- date >> ${NOISE_FILE} 2>&1
-}
-
-################################ certu #################################
-# local shell function to call certutil, also: writes action and options to
-# stdout, sets variable RET and writes results to the html file results
-########################################################################
-certu()
-{
- echo "$SCRIPTNAME: ${CU_ACTION} --------------------------"
-
- if [ -n "${CU_SUBJECT}" ]; then
- #the subject of the cert contains blanks, and the shell
- #will strip the quotes off the string, if called otherwise...
- echo "certutil -s \"${CU_SUBJECT}\" $*"
- certutil -s "${CU_SUBJECT}" $*
- RET=$?
- CU_SUBJECT=""
- else
- echo "certutil $*"
- certutil $*
- RET=$?
- fi
- if [ "$RET" -ne 0 ]; then
- CERTFAILED=$RET
- html_failed "<TR><TD>${CU_ACTION} ($RET) "
- cert_log "ERROR: ${CU_ACTION} failed $RET"
- else
- html_passed "<TR><TD>${CU_ACTION}"
- fi
- return $RET
-}
-
-############################# cert_init_cert ##########################
-# local shell function to initialize creation of client and server certs
-########################################################################
-cert_init_cert()
-{
- CERTDIR="$1"
- CERTNAME="$2"
- CERTSERIAL="$3"
-
- if [ ! -d "${CERTDIR}" ]; then
- mkdir -p "${CERTDIR}"
- else
- echo "$SCRIPTNAME: WARNING - ${CERTDIR} exists"
- fi
- cd "${CERTDIR}"
- CERTDIR="."
-
- noise
-}
-
-############################# hw_acc #################################
-# local shell function to add hw accelerator modules to the db
-########################################################################
-hw_acc()
-{
- HW_ACC_RET=0
- HW_ACC_ERR=""
- if [ -n "$O_HWACC" -a "$O_HWACC" = ON -a -z "$USE_64" ] ; then
- echo "creating $CERTNAME s cert with hwaccelerator..."
- #case $ACCELERATOR in
- #rainbow)
-
-
- echo "modutil -add rainbow -libfile /usr/lib/libcryptoki22.so "
- echo " -dbdir . 2>&1 "
- echo | modutil -add rainbow -libfile /usr/lib/libcryptoki22.so \
- -dbdir . 2>&1
- if [ "$?" -ne 0 ]; then
- echo "modutil -add rainbow failed in `pwd`"
- HW_ACC_RET=1
- HW_ACC_ERR="modutil -add rainbow"
- fi
-
- echo "modutil -add ncipher "
- echo " -libfile /opt/nfast/toolkits/pkcs11/libcknfast.so "
- echo " -dbdir . 2>&1 "
- echo | modutil -add ncipher \
- -libfile /opt/nfast/toolkits/pkcs11/libcknfast.so \
- -dbdir . 2>&1
- if [ "$?" -ne 0 ]; then
- echo "modutil -add ncipher failed in `pwd`"
- HW_ACC_RET=`expr $HW_ACC_RET + 2`
- HW_ACC_ERR="$HW_ACC_ERR,modutil -add ncipher"
- fi
- if [ "$HW_ACC_RET" -ne 0 ]; then
- html_failed "<TR><TD>Adding HW accelerators to certDB for ${CERTNAME} ($HW_ACC_RET) "
- else
- html_passed "<TR><TD>Adding HW accelerators to certDB for ${CERTNAME}"
- fi
-
- fi
- return $HW_ACC_RET
-}
-
-############################# cert_create_cert #########################
-# local shell function to create client certs
-# initialize DB, import
-# root cert
-# add cert to DB
-########################################################################
-cert_create_cert()
-{
- cert_init_cert "$1" "$2" "$3"
-
- CU_ACTION="Initializing ${CERTNAME}'s Cert DB"
- certu -N -d "${CERTDIR}" -f "${R_PWFILE}" 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
- hw_acc
- CU_ACTION="Import Root CA for $CERTNAME"
- certu -A -n "TestCA" -t "TC,TC,TC" -f "${R_PWFILE}" -d "${CERTDIR}" \
- -i "${R_CADIR}/root.cert" 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
- cert_add_cert
- return $?
-}
-
-############################# cert_add_cert ############################
-# local shell function to add client certs to an existing CERT DB
-# generate request
-# sign request
-# import Cert
-#
-########################################################################
-cert_add_cert()
-{
-
- CU_ACTION="Generate Cert Request for $CERTNAME"
- CU_SUBJECT="CN=$CERTNAME, E=${CERTNAME}@bogus.com, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
- certu -R -d "${CERTDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -o req 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
-
- CU_ACTION="Sign ${CERTNAME}'s Request"
- certu -C -c "TestCA" -m "$CERTSERIAL" -v 60 -d "${R_CADIR}" \
- -i req -o "${CERTNAME}.cert" -f "${R_PWFILE}" 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
-
- CU_ACTION="Import $CERTNAME's Cert"
- certu -A -n "$CERTNAME" -t "u,u,u" -d "${CERTDIR}" -f "${R_PWFILE}" \
- -i "${CERTNAME}.cert" 2>&1
- if [ "$RET" -ne 0 ]; then
- return $RET
- fi
-
- cert_log "SUCCESS: $CERTNAME's Cert Created"
- return 0
-}
-
-################################# cert_CA ################################
-# local shell function to build the Temp. Certificate Authority (CA)
-# used for testing purposes, creating a CA Certificate and a root cert
-##########################################################################
-cert_CA()
-{
- echo "$SCRIPTNAME: Creating a CA Certificate =========================="
-
- if [ ! -d "${CADIR}" ]; then
- mkdir -p "${CADIR}"
- fi
- cd ${CADIR}
-
- echo nss > ${PWFILE}
-
- CU_ACTION="Creating CA Cert DB"
- certu -N -d . -f ${R_PWFILE} 2>&1
- if [ "$RET" -ne 0 ]; then
- Exit 5 "Fatal - failed to create CA"
- fi
-
- ################# Generating Certscript #################################
- #
- echo "$SCRIPTNAME: Certificate initialized ----------"
-
- ################# Creating CA Cert ######################################
- #
- CU_ACTION="Creating CA Cert"
- CU_SUBJECT="CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US"
- certu -S -n "TestCA" -t "CTu,CTu,CTu" -v 60 -x -d . -1 -2 -5 \
- -f ${R_PWFILE} -z ${R_NOISE_FILE} 2>&1 <<CERTSCRIPT
-5
-9
-n
-y
-3
-n
-5
-6
-7
-9
-n
-CERTSCRIPT
-
- if [ "$RET" -ne 0 ]; then
- Exit 6 "Fatal - failed to create CA cert"
- fi
-
- ################# Exporting Root Cert ###################################
- #
- CU_ACTION="Exporting Root Cert"
- certu -L -n "TestCA" -r -d . -o root.cert
- if [ "$RET" -ne 0 ]; then
- Exit 7 "Fatal - failed to export root cert"
- fi
-}
-
-############################## cert_smime_client #############################
-# local shell function to create client Certificates for S/MIME tests
-##############################################################################
-cert_smime_client()
-{
- CERTFAILED=0
- echo "$SCRIPTNAME: Creating Client CA Issued Certificates =============="
-
- cert_create_cert ${ALICEDIR} "Alice" 3
- cert_create_cert ${BOBDIR} "Bob" 4
-
- echo "$SCRIPTNAME: Creating Dave's Certificate -------------------------"
- cert_init_cert "${DAVEDIR}" Dave 5
- cp ${CADIR}/*.db .
- hw_acc
-
- #########################################################################
- #
- cd ${CERTDIR}
- CU_ACTION="Creating ${CERTNAME}'s Server Cert"
- CU_SUBJECT="CN=${CERTNAME}, E=${CERTNAME}@bogus.com, O=BOGUS Netscape, L=Mountain View, ST=California, C=US"
- certu -S -n "${CERTNAME}" -c "TestCA" -t "u,u,u" -m "$CERTSERIAL" -d . \
- -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -v 60 2>&1
-
- CU_ACTION="Export Dave's Cert"
- cd ${DAVEDIR}
- certu -L -n "Dave" -r -d . -o Dave.cert
-
- ################# Importing Certificates for S/MIME tests ###############
- #
- echo "$SCRIPTNAME: Importing Certificates =============================="
- CU_ACTION="Import Alices's cert into Bob's db"
- certu -E -t "p,p,p" -d ${R_BOBDIR} -f ${R_PWFILE} \
- -i ${R_ALICEDIR}/Alice.cert 2>&1
-
- CU_ACTION="Import Bob's cert into Alice's db"
- certu -E -t "p,p,p" -d ${R_ALICEDIR} -f ${R_PWFILE} \
- -i ${R_BOBDIR}/Bob.cert 2>&1
-
- CU_ACTION="Import Dave's cert into Alice's DB"
- certu -E -t "p,p,p" -d ${R_ALICEDIR} -f ${R_PWFILE} \
- -i ${R_DAVEDIR}/Dave.cert 2>&1
-
- CU_ACTION="Import Dave's cert into Bob's DB"
- certu -E -t "p,p,p" -d ${R_BOBDIR} -f ${R_PWFILE} \
- -i ${R_DAVEDIR}/Dave.cert 2>&1
-
- if [ "$CERTFAILED" != 0 ] ; then
- cert_log "ERROR: SMIME failed $RET"
- else
- cert_log "SUCCESS: SMIME passed"
- fi
-}
-
-############################## cert_ssl ################################
-# local shell function to create client + server certs for SSL test
-########################################################################
-cert_ssl()
-{
- ################# Creating Certs for SSL test ###########################
- #
- CERTFAILED=0
- echo "$SCRIPTNAME: Creating Client CA Issued Certificates ==============="
- cert_create_cert ${CLIENTDIR} "TestUser" 6
-
- echo "$SCRIPTNAME: Creating Server CA Issued Certificate for \\"
- echo " ${HOSTADDR} ------------------------------------"
- cert_init_cert ${SERVERDIR} "${HOSTADDR}" 1
- cp ${CADIR}/*.db .
- hw_acc
- CU_ACTION="Creating ${CERTNAME}'s Server Cert"
- CU_SUBJECT="CN=${CERTNAME}, O=BOGUS Netscape, L=Mountain View, ST=California, C=US"
- certu -S -n "${CERTNAME}" -c "TestCA" -t "Pu,Pu,Pu" -d . -f "${R_PWFILE}" \
- -z "${R_NOISE_FILE}" -v 60 2>&1
-
- #FIXME - certdir or serverdir????
- #certu -S -n "${CERTNAME}" -c "TestCA" -t "Pu,Pu,Pu" -m "$CERTSERIAL" \
- # -d "${CERTDIR}" -f "${R_PWFILE}" -z "${R_NOISE_FILE}" -v 60 2>&1
-
- if [ "$CERTFAILED" != 0 ] ; then
- cert_log "ERROR: SSL failed $RET"
- else
- cert_log "SUCCESS: SSL passed"
- fi
-}
-############################## cert_stresscerts ################################
-# local shell function to create client certs for SSL stresstest
-########################################################################
-cert_stresscerts()
-{
-
- ############### Creating Certs for SSL stress test #######################
- #
- CERTDIR="$CLIENTDIR"
- cd "${CERTDIR}"
-
- CERTFAILED=0
- echo "$SCRIPTNAME: Creating Client CA Issued Certificates ==============="
-
- CONTINUE=$GLOB_MAX_CERT
- CERTSERIAL=10
-
- while [ $CONTINUE -ge $GLOB_MIN_CERT ]
- do
- CERTNAME="TestUser$CONTINUE"
- cert_add_cert ${CLIENTDIR} "TestUser$CONTINUE" $CERTSERIAL
- CERTSERIAL=`expr $CERTSERIAL + 1 `
- CONTINUE=`expr $CONTINUE - 1 `
- done
- if [ "$CERTFAILED" != 0 ] ; then
- cert_log "ERROR: StressCert failed $RET"
- else
- cert_log "SUCCESS: StressCert passed"
- fi
-}
-
-############################## cert_fips #####################################
-# local shell function to create certificates for FIPS tests
-##############################################################################
-cert_fips()
-{
- CERTFAILED=0
- echo "$SCRIPTNAME: Creating FIPS 140-1 DSA Certificates =============="
- cert_init_cert "${FIPSDIR}" "FIPS PUB 140-1 Test Certificate" 1000
-
- CU_ACTION="Initializing ${CERTNAME}'s Cert DB"
- certu -N -d "${CERTDIR}" -f "${R_FIPSPWFILE}" 2>&1
-
- echo "$SCRIPTNAME: Enable FIPS mode on database -----------------------"
- modutil -dbdir ${CERTDIR} -fips true 2>&1 <<MODSCRIPT
-y
-MODSCRIPT
- CU_ACTION="Enable FIPS mode on database for ${CERTNAME}"
- if [ "$?" -ne 0 ]; then
- html_failed "<TR><TD>${CU_ACTION} ($?) "
- cert_log "ERROR: ${CU_ACTION} failed $?"
- else
- html_passed "<TR><TD>${CU_ACTION}"
- fi
-
- CU_ACTION="Generate Certificate for ${CERTNAME}"
- CU_SUBJECT="CN=${CERTNAME}, E=fips@bogus.com, O=BOGUS NSS, OU=FIPS PUB 140-1, L=Mountain View, ST=California, C=US"
- certu -S -n ${FIPSCERTNICK} -x -t "Cu,Cu,Cu" -d "${CERTDIR}" -f "${R_FIPSPWFILE}" -k dsa -m ${CERTSERIAL} -z "${R_NOISE_FILE}" 2>&1
- if [ "$RET" -eq 0 ]; then
- cert_log "SUCCESS: FIPS passed"
- fi
-}
-
-############################## cert_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-cert_cleanup()
-{
- cert_log "$SCRIPTNAME: finished $SCRIPTNAME"
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-cert_init
-cert_CA
-cert_ssl
-cert_smime_client
-cert_fips
-if [ -n "$DO_DIST_ST" -a "$DO_DIST_ST" = "TRUE" ] ; then
- cert_stresscerts
- #following lines to be used when databases are to be reused
- #cp -r /u/sonmi/tmp/stress/kentuckyderby.13/* $HOSTDIR
- #cp -r $HOSTDIR/../${HOST}.2/* $HOSTDIR
-
-fi
-cert_cleanup
diff --git a/security/nss/tests/cipher/cipher.sh b/security/nss/tests/cipher/cipher.sh
deleted file mode 100755
index 964e8e7d8..000000000
--- a/security/nss/tests/cipher/cipher.sh
+++ /dev/null
@@ -1,110 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/cipher/cipher.sh
-#
-# Script to test NSS ciphers
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## cipher_init #############################
-# local shell function to initialize this script
-########################################################################
-cipher_init()
-{
- SCRIPTNAME="cipher.sh"
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
- if [ -z "${INIT_SOURCED}" ] ; then
- cd ../common
- . init.sh
- fi
- SCRIPTNAME="cipher.sh"
- html_head "Cipher Tests"
-
- CIPHERDIR=${HOSTDIR}/cipher
- CIPHERTESTDIR=${QADIR}/../cmd/bltest
-
- CIPHER_TXT=${QADIR}/cipher/cipher.txt
-
- mkdir -p ${CIPHERDIR}
-
- cd ${CIPHERTESTDIR}
-}
-
-############################## cipher_main #############################
-# local shell function to test NSS ciphers
-########################################################################
-cipher_main()
-{
- cat ${CIPHER_TXT} | while read EXP_RET PARAM TESTNAME
- do
- if [ -n "$EXP_RET" -a "$EXP_RET" != "#" ] ; then
- PARAM=`echo $PARAM | sed -e "s/_-/ -/g"`
- TESTNAME=`echo $TESTNAME | sed -e "s/_/ /g"`
- echo "$SCRIPTNAME: $TESTNAME --------------------------------"
- echo "bltest -T -m $PARAM -d ."
-
- bltest -T -m $PARAM -d .
- html_msg $? $EXP_RET "$TESTNAME"
- fi
- done
-}
-
-############################## cipher_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-cipher_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-cipher_init
-cipher_main
-cipher_cleanup
diff --git a/security/nss/tests/cipher/cipher.txt b/security/nss/tests/cipher/cipher.txt
deleted file mode 100644
index 6965aa4d1..000000000
--- a/security/nss/tests/cipher/cipher.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-#
-# This file defines the cipher tests
-#
-# expected
-# return bltest Test Case name
-# value params
-# ------- ---------- ---------------
- 0 des_ecb_-E DES_ECB_Encrypt
- 0 des_ecb_-D DES_ECB_Decrypt
- 0 des_cbc_-E DES_CBC_Encrypt
- 0 des_cbc_-D DES_CBC_Decrypt
- 0 des3_ecb_-E DES3_ECB_Encrypt
- 0 des3_ecb_-D DES3_ECB_Decrypt
- 0 des3_cbc_-E DES3_CBC_Encrypt
- 0 des3_cbc_-D DES3_CBC_Decrypt
- 0 aes_ecb_-E AES_ECB_Encrypt
- 0 aes_ecb_-D AES_ECB_Decrypt
- 0 aes_cbc_-E AES_CBC_Encrypt
- 0 aes_cbc_-D AES_CBC_Decrypt
- 0 rc2_ecb_-E RC2_ECB_Encrypt
- 0 rc2_ecb_-D RC2_ECB_Decrypt
- 0 rc2_cbc_-E RC2_CBC_Encrypt
- 0 rc2_cbc_-D RC2_CBC_Decrypt
- 0 rc4_-E RC4_Encrypt
- 0 rc4_-D RC4_Decrypt
- 0 rsa_-E RSA_Encrypt
- 0 rsa_-D RSA_Decrypt
- 0 dsa_-S DSA_Sign
- 0 dsa_-V DSA_Verify
- 0 md2_-H MD2_Hash
- 0 md5_-H MD5_Hash
- 0 sha1_-H SHA1_Hash
-
diff --git a/security/nss/tests/cipher/dsa.txt b/security/nss/tests/cipher/dsa.txt
deleted file mode 100644
index 257d7ffe0..000000000
--- a/security/nss/tests/cipher/dsa.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This file enables test coverage of the dsa performance tests
-#
-#
-# mode keysize bufsize repetitions cxrepetitions
- dsa 64 20 200 5
- dsa 96 20 200 3
- dsa 128 20 200 3
diff --git a/security/nss/tests/cipher/hash.txt b/security/nss/tests/cipher/hash.txt
deleted file mode 100644
index 17c6a41a1..000000000
--- a/security/nss/tests/cipher/hash.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This file enables test coverage of the cryptographic hash performance tests
-#
-#
-# mode bufsize repetitions
- md2 1024 1000
- md5 1024 100000
- sha1 1024 10000
diff --git a/security/nss/tests/cipher/performance.sh b/security/nss/tests/cipher/performance.sh
deleted file mode 100755
index 2a9e1258b..000000000
--- a/security/nss/tests/cipher/performance.sh
+++ /dev/null
@@ -1,144 +0,0 @@
-#!/bin/sh
-#
-# This is just a quick script so we can still run our testcases.
-# Longer term we need a scriptable test environment..
-#
-. ../common/init.sh
-CURDIR=`pwd`
-
-CIPHERDIR=${HOSTDIR}/cipher
-SKTESTS=${CURDIR}/symmkey.txt
-RSATESTS=${CURDIR}/rsa.txt
-DSATESTS=${CURDIR}/dsa.txt
-HASHTESTS=${CURDIR}/hash.txt
-SKPERFOUT=${CIPHERDIR}/skperfout.data
-RSAPERFOUT=${CIPHERDIR}/rsaperfout.data
-DSAPERFOUT=${CIPHERDIR}/dsaperfout.data
-HASHPERFOUT=${CIPHERDIR}/hashperfout.data
-PERFRESULTS=${HOSTDIR}/performance.html
-
-echo "<HTML><BODY>" >> ${PERFRESULTS}
-
-mkdir -p ${CIPHERDIR}
-cd ${CIPHERDIR}
-
-if [ -z $1 ]; then
- TESTSET="all"
-else
- TESTSET=$1
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "symmkey" ]; then
-echo "<TABLE BORDER=1><TR><TH COLSPAN=6>Symmetric Key Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>SYMMETRIC KEY SIZE (bits)</TH><TH>REPETITIONS (cx/op)</TH><TH>CONTEXT CREATION TIME (ms)</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-
-cat ${SKTESTS} | while read mode keysize bufsize reps cxreps
-do
- if [ $mode != "#" ]; then
- echo "bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps"
- bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps >> ${SKPERFOUT}
- mv "tmp.in" "$mode.in"
- mv tmp.key $mode.key
- if [ -f tmp.iv ]; then
- mv tmp.iv $mode.iv
- fi
- echo "bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.out"
- bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.out >> ${SKPERFOUT}
- echo "bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.inv"
- bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -v ${CIPHERDIR}/$mode.iv -p $reps -o ${CIPHERDIR}/$mode.inv >> ${SKPERFOUT}
- fi
-done
-
-cat ${SKPERFOUT} | while read md buf sk rps cxrps cx op
-do
- if [ $md != "#" ]; then
- echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$sk</TD><TD align=right>$cxrps/$rps</TD><TD align=right>$cx</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
- fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "rsa" ]; then
-cat ${RSATESTS} | while read mode keysize bufsize exp reps cxreps
-do
- if [ $mode != "#" ]; then
- echo "bltest -N -m $mode -b $bufsize -e $exp -g $keysize -u $cxreps"
- bltest -N -m $mode -b $bufsize -e $exp -g $keysize -u $cxreps >> ${RSAPERFOUT}
- mv "tmp.in" "$mode.in"
- mv tmp.key $mode.key
- echo "bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out"
- bltest -E -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out >> ${RSAPERFOUT}
- echo "bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.inv"
- bltest -D -m $mode -i ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.inv >> ${RSAPERFOUT}
- fi
-done
-
-echo "<TABLE BORDER=1><TR><TH COLSPAN=7>RSA Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>KEY SIZE (bits)</TH><TH>PUBLIC EXPONENT</TH><TH>REPETITIONS (cx/op)</TH><TH>CONTEXT CREATION TIME (ms)</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-cat ${RSAPERFOUT} | while read md buf mod pe rps cxrps cx op
-do
- if [ $md != "#" ]; then
- echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$mod</TD><TD align=right>$pe</TD><TD align=right>$cxrps/$rps</TD><TD align=right>$cx</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
- fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "dsa" ]; then
-cat ${DSATESTS} | while read mode keysize bufsize reps cxreps
-do
- if [ $mode != "#" ]; then
- echo "bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps"
- bltest -N -m $mode -b $bufsize -g $keysize -u $cxreps >> ${DSAPERFOUT}
- mv "tmp.in" "$mode.in"
- mv tmp.key $mode.key
- echo "bltest -S -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out"
- bltest -S -m $mode -i ${CIPHERDIR}/$mode.in -k ${CIPHERDIR}/$mode.key -p $reps -o ${CIPHERDIR}/$mode.out >> ${DSAPERFOUT}
- echo "bltest -V -m $mode -f ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -i ${CIPHERDIR}/$mode.in -o ${CIPHERDIR}/$mode.out"
- bltest -V -m $mode -f ${CIPHERDIR}/$mode.out -k ${CIPHERDIR}/$mode.key -p $reps -i ${CIPHERDIR}/$mode.in -o ${CIPHERDIR}/$mode.out >> ${DSAPERFOUT}
- fi
-done
-
-echo "<TABLE BORDER=1><TR><TH COLSPAN=6>DSA Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>KEY SIZE (bits)</TH><TH>REPETITIONS (cx/op)</TH><TH>CONTEXT CREATION TIME (ms)</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-cat ${DSAPERFOUT} | while read md buf mod rps cxrps cx op
-do
- if [ $md != "#" ]; then
- echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$mod</TD><TD align=right>$cxrps/$rps</TD><TD align=right>$cx</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
- fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-fi
-
-if [ $TESTSET = "all" -o $TESTSET = "hash" ]; then
-cat ${HASHTESTS} | while read mode bufsize reps
-do
- if [ $mode != "#" ]; then
- echo "bltest -N -m $mode -b $bufsize"
- bltest -N -m $mode -b $bufsize
- mv "tmp.in" "$mode.in"
- echo "bltest -H -m $mode -i ${CIPHERDIR}/$mode.in -p $reps -o ${CIPHERDIR}/$mode.out"
- bltest -H -m $mode -i ${CIPHERDIR}/$mode.in -p $reps -o ${CIPHERDIR}/$mode.out >> ${HASHPERFOUT}
- fi
-done
-
-echo "<TABLE BORDER=1><TR><TH COLSPAN=6>Hash Cipher Performance</TH></TR>" >> ${PERFRESULTS}
-echo "<TR bgcolor=lightGreen><TH>MODE</TH><TH>INPUT SIZE (bytes)</TH><TH>REPETITIONS</TH><TH>OPERATION TIME (ms)</TH></TR>" >> ${PERFRESULTS}
-cat ${HASHPERFOUT} | while read md buf rps cxrps cx op
-do
- if [ $md != "#" ]; then
- echo "<TR><TH>$md</TH><TD align=right>$buf</TD><TD align=right>$rps</TD><TD align=right>$op</TD></TR>" >> ${PERFRESULTS}
- fi
-done
-
-echo "</TABLE><BR>" >> ${PERFRESULTS}
-fi
-
-#rm -f ${TEMPFILES}
-cd ${CURDIR}
-
-echo "</BODY></HTML>" >> ${PERFRESULTS}
diff --git a/security/nss/tests/cipher/rsa.txt b/security/nss/tests/cipher/rsa.txt
deleted file mode 100644
index 5508971e9..000000000
--- a/security/nss/tests/cipher/rsa.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-#
-# This file enables test coverage of the rsa performance tests
-#
-#
-# mode keysize bufsize exponent repetitions cxrepetitions
- rsa 32 32 17 1000 5
- rsa 64 64 3 500 3
- rsa 128 128 65537 200 3
diff --git a/security/nss/tests/cipher/symmkey.txt b/security/nss/tests/cipher/symmkey.txt
deleted file mode 100644
index 741f86880..000000000
--- a/security/nss/tests/cipher/symmkey.txt
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# This file enables test coverage of the symmetric key performance tests
-#
-#
-# mode keysize bufsize repetitions cxrepetitions
- des_ecb 8 8192 1000 100000
- des_cbc 8 8192 1000 100000
- des3_ecb 24 8192 1000 100000
- des3_cbc 24 8192 1000 100000
- rc2_ecb 5 8192 1000 100000
- rc2_ecb 8 8192 1000 100000
- rc2_ecb 16 8192 1000 100000
- rc2_cbc 5 8192 1000 100000
- rc2_cbc 8 8192 1000 100000
- rc2_cbc 16 8192 1000 100000
- rc4 5 8192 10000 100000
- rc4 8 8192 10000 100000
- rc4 16 8192 10000 100000
- rc4 24 8192 10000 100000
diff --git a/security/nss/tests/common/Makefile b/security/nss/tests/common/Makefile
deleted file mode 100644
index 1d14e4233..000000000
--- a/security/nss/tests/common/Makefile
+++ /dev/null
@@ -1,43 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH = ../../..
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-objdir_name:
- @echo $(OBJDIR_NAME)
-
-os_arch:
- @echo $(OS_ARCH)
diff --git a/security/nss/tests/common/cleanup.sh b/security/nss/tests/common/cleanup.sh
deleted file mode 100755
index 57d71dc48..000000000
--- a/security/nss/tests/common/cleanup.sh
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/common/cleanup.sh
-#
-# Script to clean up after NSS QA suites
-# needs to work on all Unix and Windows platforms
-#
-########################################################################
-
-
-if [ -z "${CLEANUP}" -o "${CLEANUP}" = "${SCRIPTNAME}" ]; then
- html "</BODY></HTML>"
- rm -f ${TEMPFILES} 2>/dev/null
-fi
diff --git a/security/nss/tests/common/init.sh b/security/nss/tests/common/init.sh
deleted file mode 100644
index 0639441a3..000000000
--- a/security/nss/tests/common/init.sh
+++ /dev/null
@@ -1,410 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/common/init.sh
-#
-# initialization for NSS QA, can be included multiple times
-# from all.sh and the individual scripts
-#
-# variables, utilities and shellfunctions global to NSS QA
-# needs to work on all Unix and Windows platforms
-#
-# included from
-# -------------
-# all.sh
-# ssl.sh
-# sdr.sh
-# cipher.sh
-# perf.sh
-# cert.sh
-# smime.sh
-# tools.sh
-# fips.sh
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# NOTE:
-# -----
-# Unlike the old QA this is based on files sourcing each other
-# This is done to save time, since a great portion of time is lost
-# in calling and sourcing the same things multiple times over the
-# network. Also, this way all scripts have all shell function available
-# and a completely common environment
-#
-########################################################################
-
-
-if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
-
-# Exit shellfunction to clean up at exit (error, regular or signal)
- Exit()
- {
- if [ -n "$1" ] ; then
- echo "$SCRIPTNAME: Exit: $*"
- html_failed "<TR><TD>$*"
- fi
- echo "</TABLE><BR>" >> ${RESULTS}
- if [ -n "${TAILPID}" ]; then
- ${KILL} "${TAILPID}"
- fi
- if [ -n "${SERVERPID}" -a -f "${SERVERPID}" ]; then
- ${KILL} `cat ${SERVERPID}`
- fi
- CLEANUP=${SCRIPTNAME}
- cd ${QADIR}
- . common/cleanup.sh
- case $1 in
- [0-4][0-9]|[0-9])
- exit $1;
- ;;
- *)
- exit 1
- ;;
- esac
- }
-
-#html functions to give the resultfiles a consistant look
- html() ######################### write the results.html file
- { # 3 functions so we can put targets in the output.log easier
- echo $* >>${RESULTS}
- }
- html_passed()
- {
- html "$* ${HTML_PASSED}"
- }
- html_failed()
- {
- html "$* ${HTML_FAILED}"
- }
- html_head()
- {
- html "<TABLE BORDER=1><TR><TH COLSPAN=3>$*</TH></TR>"
- html "<TR><TH width=500>Test Case</TH><TH width=50>Result</TH></TR>"
- echo "$SCRIPTNAME: $* ==============================="
- }
- html_msg()
- {
- if [ "$1" -ne "$2" ] ; then
- html_failed "<TR><TD>$3"
- if [ -n "$4" ] ; then
- echo "$SCRIPTNAME: $3 $4 FAILED"
- fi
- else
- html_passed "<TR><TD>$3"
- if [ -n "$4" ] ; then
- echo "$SCRIPTNAME: $3 $4 PASSED"
- fi
- fi
- }
- HTML_FAILED='</TD><TD bgcolor=red>Failed</TD><TR>'
- HTML_PASSED='</TD><TD bgcolor=lightGreen>Passed</TD><TR>'
-
-
-#directory name init
- SCRIPTNAME=init.sh
-
- mozilla_root=`(cd ../../../..; pwd)`
- MOZILLA_ROOT=${MOZILLA_ROOT-$mozilla_root}
-
- qadir=`(cd ..; pwd)`
- QADIR=${QADIR-$qadir}
-
- common=${QADIR}/common
- COMMON=${TEST_COMMON-$common}
- export COMMON
-
- DIST=${DIST-${MOZILLA_ROOT}/dist}
- SECURITY_ROOT=${SECURITY_ROOT-${MOZILLA_ROOT}/security/nss}
- TESTDIR=${TESTDIR-${MOZILLA_ROOT}/tests_results/security}
- OBJDIR=`(cd $COMMON; gmake objdir_name)`
- OS_ARCH=`(cd $COMMON; gmake os_arch)`
- OS_NAME=`uname -s | sed -e "s/-[0-9]*\.[0-9]*//"`
-
-#in case of backward comp. tests the calling scripts set the
-#PATH and LD_LIBRARY_PATH and do not want them to be changed
- if [ -z "${DON_T_SET_PATHS}" -o "${DON_T_SET_PATHS}" != "TRUE" ] ; then
- if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" != "CYGWIN_NT" ]; then
- PATH=.\;${DIST}/${OBJDIR}/bin\;${DIST}/${OBJDIR}/lib\;$PATH
- PATH=`perl ../path_uniq -d ';' "$PATH"`
- else
- PATH=.:/bin:/usr/bin:${DIST}/${OBJDIR}/bin:${DIST}/${OBJDIR}/lib:$PATH
- # added /bin and /usr/bin in the beginning so a local perl will
- # be used
- PATH=`perl ../path_uniq -d ':' "$PATH"`
- fi
-
- LD_LIBRARY_PATH=${DIST}/${OBJDIR}/lib
- SHLIB_PATH=${DIST}/${OBJDIR}/lib
- LIBPATH=${DIST}/${OBJDIR}/lib
- fi
-
- if [ ! -d "${TESTDIR}" ]; then
- echo "$SCRIPTNAME init: Creating ${TESTDIR}"
- mkdir -p ${TESTDIR}
- fi
-
-#HOST and DOMSUF are needed for the server cert
- case $HOST in
- *\.*)
- HOST=`echo $HOST | sed -e "s/\..*//"`
- ;;
- ?*)
- ;;
- *)
- HOST=`uname -n`
- case $HOST in
- *\.*)
- HOST=`echo $HOST | sed -e "s/\..*//"`
- ;;
- ?*)
- ;;
- *)
- echo "$SCRIPTNAME: Fatal HOST environment variable is not defined."
- exit 1 #does not need to be Exit, very early in script
- ;;
- esac
- ;;
- esac
-
- if [ -z "${DOMSUF}" ]; then
- DOMSUF=`domainname`
- if [ -z "${DOMSUF}" ]; then
- echo "$SCRIPTNAME: Fatal DOMSUF env. variable is not defined."
- exit 1 #does not need to be Exit, very early in script
- fi
- fi
-#HOSTADDR was a workaround for the dist. stress test, and is probably
-#not needed anymore (purpose: be able to use IP address for the server
-#cert instead of PC name which was not in the DNS because of dyn IP address
- if [ -z "$USE_IP" -o "$USE_IP" != "TRUE" ] ; then
- HOSTADDR=${HOST}.${DOMSUF}
- else
- HOSTADDR=${IP_ADDRESS}
- fi
-
-#if running remote side of the distributed stress test we need to use
-#the files that the server side gives us...
- if [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
- for w in `ls -rtd ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
- sed -e "s/.*${HOST}.//"` ; do
- version=$w
- done
- HOSTDIR=${TESTDIR}/${HOST}.$version
- echo "$SCRIPTNAME init: HOSTDIR $HOSTDIR"
- echo $HOSTDIR
- if [ ! -d $HOSTDIR ] ; then
- echo "$SCRIPTNAME: Fatal: Remote side of dist. stress test "
- echo " - server HOSTDIR $HOSTDIR does not exist"
- exit 1 #does not need to be Exit, very early in script
- fi
- fi
-
-#find the HOSTDIR, where the results are supposed to go
- if [ -n "${HOSTDIR}" ]; then
- version=`echo $HOSTDIR | sed -e "s/.*${HOST}.//"`
- else
- if [ -f "${TESTDIR}/${HOST}" ]; then
- version=`cat ${TESTDIR}/${HOST}`
- else
- version=1
- fi
-#file has a tendency to disappear, messing up the rest of QA -
-#workaround to find the next higher number if version file is not there
- if [ -z "${version}" ]; then # for some strange reason this file
- # gets truncated at times... Windos
- for w in `ls -d ${TESTDIR}/${HOST}.[0-9]* 2>/dev/null |
- sort -t '.' -n | sed -e "s/.*${HOST}.//"` ; do
- version=`expr $w + 1`
- done
- if [ -z "${version}" ]; then
- version=1
- fi
- fi
- expr $version + 1 > ${TESTDIR}/${HOST}
-
- HOSTDIR=${TESTDIR}/${HOST}'.'$version
-
- mkdir -p ${HOSTDIR}
- fi
-
-#result and log file and filename init,
- if [ -z "${LOGFILE}" ]; then
- LOGFILE=${HOSTDIR}/output.log
- fi
- if [ ! -f "${LOGFILE}" ]; then
- touch ${LOGFILE}
- fi
- if [ -z "${RESULTS}" ]; then
- RESULTS=${HOSTDIR}/results.html
- fi
- if [ ! -f "${RESULTS}" ]; then
- cp ${COMMON}/results_header.html ${RESULTS}
- html "<H4>Platform: ${OBJDIR}<BR>"
- html "Test Run: ${HOST}.$version</H4>"
- html "${BC_ACTION}"
- html "<HR><BR>"
- html "<HTML><BODY>"
-
- echo "********************************************" | tee ${LOGFILE}
- echo " Platform: ${OBJDIR}" | tee ${LOGFILE}
- echo " Results: ${HOST}.$version" | tee ${LOGFILE}
- echo "********************************************" | tee ${LOGFILE}
- echo "$BC_ACTION" | tee ${LOGFILE}
- #if running remote side of the distributed stress test let the user know who it is...
- elif [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
- echo "********************************************" | tee ${LOGFILE}
- echo " Platform: ${OBJDIR}" | tee ${LOGFILE}
- echo " Results: ${HOST}.$version" | tee ${LOGFILE}
- echo " remote side of distributed stress test " | tee ${LOGFILE}
- echo " `uname -n -s`" | tee ${LOGFILE}
- echo "********************************************" | tee ${LOGFILE}
- fi
-
- echo "$SCRIPTNAME init: Testing PATH $PATH against LIB $LD_LIBRARY_PATH" |
- tee ${LOGFILE}
-
- KILL="kill"
- if [ "${OS_ARCH}" = "Linux" ]; then
-#on linux the selfserv needs up to 30 seconds to fully die and free
-#the socket
- SLEEP="sleep 3" # taking the chance and trying on the tinderboxes
- fi
- if [ `uname -s` = "SunOS" ]; then
- PS="/usr/5bin/ps"
- else
- PS="ps"
- fi
-#found 3 rsh's so far that do not work as expected - cygnus mks6
-#(restricted sh) and mks 7 - if it is not in c:/winnt/system32 it
-#needs to be set in the environ.ksh
- if [ -z "$RSH" ]; then
- if [ "${OS_ARCH}" = "WINNT" -a "$OS_NAME" = "CYGWIN_NT" ]; then
- RSH=/cygdrive/c/winnt/system32/rsh
- elif [ "${OS_ARCH}" = "WINNT" ]; then
- RSH=c:/winnt/system32/rsh
- else
- RSH=rsh
- fi
- fi
-
-
-#more filename and directoryname init
- CURDIR=`pwd`
-
- CU_ACTION='Unknown certutil action'
-
- # would like to preserve some tmp files, also easier to see if there
- # are "leftovers" - another possibility ${HOSTDIR}/tmp
-
- TMP=${HOSTDIR} #TMP=${TMP-/tmp}
- TEMP=${TMP}
- TMPDIR=${TMP}
-
- CADIR=${HOSTDIR}/CA
- SERVERDIR=${HOSTDIR}/server
- CLIENTDIR=${HOSTDIR}/client
- ALICEDIR=${HOSTDIR}/alicedir
- BOBDIR=${HOSTDIR}/bobdir
- DAVEDIR=${HOSTDIR}/dave
- FIPSDIR=${HOSTDIR}/fips
-
- PWFILE=${TMP}/tests.pw.$$
- NOISE_FILE=${TMP}/tests_noise.$$
-
- FIPSPWFILE=${TMP}/tests.fipspw.$$
- FIPSBADPWFILE=${TMP}/tests.fipsbadpw.$$
- FIPSP12PWFILE=${TMP}/tests.fipsp12pw.$$
- FIPSCERTNICK="FIPS_PUB_140-1_Test_Certificate"
-
- # we need relative pathnames of these files abd directories, since our
- # tools can't handle the unix style absolut pathnames on cygnus
-
- R_CADIR=../CA
- R_SERVERDIR=../server
- R_CLIENTDIR=../client
- R_ALICEDIR=../alicedir
- R_BOBDIR=../bobdir
- R_DAVEDIR=../dave
-
- R_PWFILE=../tests.pw.$$
- R_NOISE_FILE=../tests_noise.$$
-
- R_FIPSPWFILE=../tests.fipspw.$$
- R_FIPSBADPWFILE=../tests.fipsbadpw.$$
- R_FIPSP12PWFILE=../tests.fipsp12pw.$$
-
- echo "fips140" > ${FIPSPWFILE}
- echo "fips104" > ${FIPSBADPWFILE}
- echo "pkcs12fips140" > ${FIPSP12PWFILE}
-
- # a new log file, short - fast to search, mostly for tools to
- # see if their portion of the cert has succeeded, also for me -
- CERT_LOG_FILE=${HOSTDIR}/cert.log #the output.log is so crowded...
-
- TEMPFILES="${PWFILE} ${NOISE_FILE}"
- trap "Exit $0 Signal_caught" 2 3
-
- export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH
- export DOMSUF HOSTADDR
- export KILL SLEEP PS
- export MOZILLA_ROOT SECURITY_ROOT DIST TESTDIR OBJDIR HOSTDIR QADIR
- export LOGFILE SCRIPTNAME
-
-#used for the distributed stress test, the server generates certificates
-#from GLOB_MIN_CERT to GLOB_MAX_CERT
-# NOTE - this variable actually gets initialized by directly by the
-# ssl_dist_stress.shs sl_ds_init() before init is called - need to change
-# in both places. speaking of data encapsulatioN...
-
- if [ -z "$GLOB_MIN_CERT" ] ; then
- GLOB_MIN_CERT=0
- fi
- if [ -z "$GLOB_MAX_CERT" ] ; then
- GLOB_MAX_CERT=200
- fi
- if [ -z "$MIN_CERT" ] ; then
- MIN_CERT=$GLOB_MIN_CERT
- fi
- if [ -z "$MAX_CERT" ] ; then
- MAX_CERT=$GLOB_MAX_CERT
- fi
-
- SCRIPTNAME=$0
- INIT_SOURCED=TRUE #whatever one does - NEVER export this one please
-fi
diff --git a/security/nss/tests/common/results_header.html b/security/nss/tests/common/results_header.html
deleted file mode 100644
index c09685b11..000000000
--- a/security/nss/tests/common/results_header.html
+++ /dev/null
@@ -1,6 +0,0 @@
-<HTML>
-<HEAD>
-<TITLE>Test Report for NSS</TITLE>
-</HEAD>
-<BODY BGCOLOR="#FFFFFF">
-<CENTER><H3>Test Report for NSS</H3></CENTER>
diff --git a/security/nss/tests/core_watch b/security/nss/tests/core_watch
deleted file mode 100755
index a627983a3..000000000
--- a/security/nss/tests/core_watch
+++ /dev/null
@@ -1,45 +0,0 @@
-#############################################################
-# script to watch for cores during QA runs, so they won't overwrite one
-# another
-# Not activated for efficiency reasons, and problems on MKS, us
-# only when needed and remember to remove afterwards
-#############################################################
-
-#############################################################
-# to activate put the following into all.sh (after the HOSTDIR
-# has been exported
-#############################################################
-# sh `dirname $0`/core_watch $HOSTDIR ${HOSTDIR} &
-# CORE_WATCH_PID=$!
-# if [ -n "${KILLPIDS}" ]
-# then
-# echo $CORE_WATCH_PID >>"${KILLPIDS}"
-# fi
-#############################################################
-
-#############################################################
-# or put the following into nssqa to watch the whole RESULTDIR
-# start it shortly before run_all
-#
-# NOTE: the more efficient way is above, this is potentially going
-# thru 1000ds of files every 30 seconds
-#############################################################
-# sh `dirname $0`/core_watch $RESULTDIR &
-# echo $! >>"${KILLPIDS}" #so Exit() can hopefully kill the core_watch
-#############################################################
-
-# in both cases remember to kill the process when done, since
-# the PIDs that end up in ${KILLPIDS} might not work for all OS
-# something like "kill_by_name core_watch
-
-echo $$ >>"${KILLPIDS}" #so Exit() can hopefully kill this shell
-while [ 1 ]
-do
- for w in `find $1 -name "core" -print`
- do
- echo "Found core $w"
- mv $w $w.`date +%H%M%S`
- done
- sleep 30
-done
-
diff --git a/security/nss/tests/dbtests/dbtests.sh b/security/nss/tests/dbtests/dbtests.sh
deleted file mode 100755
index e174c402f..000000000
--- a/security/nss/tests/dbtests/dbtests.sh
+++ /dev/null
@@ -1,146 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-# Sonja Mirtitsch Sun Microsystems
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-########################################################################
-#
-# mozilla/security/nss/tests/dbtest/dbtest.sh
-#
-# Certificate generating and handeling for NSS QA, can be included
-# multiple times from all.sh and the individual scripts
-#
-# needs to work on all Unix and Windows platforms
-#
-# included from (don't expect this to be up to date)
-# --------------------------------------------------
-# all.sh
-# ssl.sh
-# smime.sh
-# tools.sh
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# FIXME - Netscape - NSS
-########################################################################
-
-############################## dbtest_init ###############################
-# local shell function to initialize this script
-########################################################################
-dbtest_init()
-{
- SCRIPTNAME="dbtest.sh"
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
- if [ -z "${INIT_SOURCED}" ] ; then
- cd ../common
- . init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . cert.sh
- fi
-
- SCRIPTNAME="dbtest.sh"
- DBTEST_LOG=${HOSTDIR}/dbtest.log #we don't want all the errormessages
- # in the output.log, otherwise we can't tell what's a real error
- RONLY_DIR=${HOSTDIR}/ronlydir
- EMPTY_DIR=${HOSTDIR}/emptydir
- grep "SUCCESS: SSL passed" $CERT_LOG_FILE >/dev/null || {
- html_head "SSL Test failure"
- Exit : "Fatal - SSL of cert.sh needs to pass first"
- }
-
- html_head "CERT and Key DB Tests"
-
-}
-
-############################## dbtest_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-dbtest_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-dbtest_main()
-{
- cd ${HOSTDIR}
- certutil -L -d ./non_existant_dir
- ret=$?
- if [ $ret -eq 0 ]; then
- html_failed "<TR><TD> Certutil succeeded in a nonexisting directory "
- else
- html_passed "<TR><TD> Certutil failed in a nonexisting dir $ret"
- fi
-
- mkdir $EMPTY_DIR
- tstclnt -h ${HOST} -d $EMPTY_DIR
- ret=$?
- if [ $ret -eq 0 ]; then
- html_failed "<TR><TD> tstclnt succeded in an empty directory "
- else
- html_passed "<TR><TD> tstclnt failed in an empty dir $ret"
- fi
- certutil -D -n xxxx -d $EMPTY_DIR #created DB
- ret=$?
- if [ $ret -eq 0 ]; then
- html_failed "<TR><TD> Certutil succeeded in deleting a cert in an empty directory "
- else
- html_passed "<TR><TD> Certutil failed in an empty dir $ret"
- fi
- mkdir $RONLY_DIR
- cd $RONLY_DIR
- cp -r ${CLIENTDIR}/* .
- chmod -w * .
- certutil -D -n "TestUser" -d .
- ret=$?
- if [ $ret -eq 0 ]; then
- html_failed "<TR><TD> Certutil succeeded in deleting a cert in an readonly directory "
- else
- html_passed "<TR><TD> Certutil failed in an readonly dir $ret"
- fi
-}
-
-################## main #################################################
-
-dbtest_init
-dbtest_main >$DBTEST_LOG 2>&1
-dbtest_cleanup
diff --git a/security/nss/tests/dll_version.sh b/security/nss/tests/dll_version.sh
deleted file mode 100755
index 79a128585..000000000
--- a/security/nss/tests/dll_version.sh
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-
-# version controll for DLLs
-# ToDo: make version parameter or find version from first occurance of 3.x
-# make the 3 a variable..., include the header
-
-#OS=`uname -s`
-#DSO_SUFFIX=so
-#if [ "$OS" = "HP-UX" ]; then
- #DSO_SUFFIX=sl
-#fi
-#what libnss3.$DSO_SUFFIX | grep NSS
-#what libsmime3.$DSO_SUFFIX | grep NSS
-#what libssl3.$DSO_SUFFIX | grep NSS
-#ident libnss3.$DSO_SUFFIX | grep NSS
-#ident libsmime3.$DSO_SUFFIX | grep NSS
-#ident libssl3.$DSO_SUFFIX | grep NSS
-
-for w in `find . -name "libnss3.s[ol]" ; find . -name "libsmime3.s[ol]"; find . -name "libssl3.s[ol]"`
-do
- NOWHAT=FALSE
- NOIDENT=FALSE
- echo $w
- what $w | grep NSS || NOWHAT=TRUE
- ident $w | grep NSS || NOIDENT=TRUE
- if [ $NOWHAT = TRUE ]
- then
- echo "ERROR what $w does not contain NSS"
- fi
- if [ $NOIDENT = TRUE ]
- then
- echo "ERROR ident $w does not contain NSS"
- fi
-done
-#for w in `find . -name "libnss3.s[ol]" ; find . -name "libsmime3.s[ol]"; find .
-#-name "libssl3.s[ol]"`
-#do
- #NOWHAT=FALSE
- #NOIDENT=FALSE
- #echo $w
- #what $w | grep NSS || NOWHAT=TRUE
- #ident $w | grep NSS || NOIDENT=TRUE
- #if [ $NOWHAT = TRUE -a $NOIDENT = TRUE ]
- #then
- #echo "WARNING what and ident $w does not contain NSS"
- #strings $w | grep NSS | grep '3.2' || echo "ERROR strings does
-#not either..."
- #fi
-#done
-
diff --git a/security/nss/tests/doc/clean.gif b/security/nss/tests/doc/clean.gif
deleted file mode 100644
index 08781cb2b..000000000
--- a/security/nss/tests/doc/clean.gif
+++ /dev/null
Binary files differ
diff --git a/security/nss/tests/doc/nssqa.txt b/security/nss/tests/doc/nssqa.txt
deleted file mode 100755
index 34fa0955b..000000000
--- a/security/nss/tests/doc/nssqa.txt
+++ /dev/null
@@ -1,108 +0,0 @@
-The new QA wrapper consistst mainly of 2 scripts, nssqa and qa_stat, both
-include a common header (header) and a common environment (set_environment).
-Also used is mksymlinks and path_uniq.
-
-The scripts that are used on a daily basis are located in /u/sonmi/bin.
-
-Parameters and Options are the same for both scripts.
-
-Parameters
-----------
- nssversion (supported: 30b, 31, tip)
- builddate (default - today, format mmdd)
-
-Options
--------
- -y answer all questions with y - use at your own risk... ignores warnings
- -s silent (only usefull with -y)
- -h, -? -help you guessed right - displays the usage
- -d debug
- -f <filename> - write the (error)output to filename
- -m <mailinglist> - send filename to mailinglist (csl) only useful
- with -f on nssqa
- -l <mozroot> run on a local build - does not work at this time
- -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.<scriptname>
-
-nssqa and qa_stat are Beta at the most
---------------------------
-Please be aware that
-
--) machinenames are still hardcoded --FIXED
--) other very iPlanet specific environments and features are being used.
-
--d Debug option will be removed from cron in a few weeks - or maybe not
--l QA on local build is not fully implemented yet
-
-Please do not use on Windows 95 and 98, ME platforms yet.
-
-use -d if script behaves strange or exits unexpectedly
-
-How to use QA
--------------
-To test a build, first run nssqa on the required QA platforms (some
-buildplatforms require QA to be run on additional platforms - for
-example Solaris 2.6 has to be tested on 2.8 32 and 64bit) If QA has
-been run on multiple or all required platforms it makes sense to run
-qa_stat on the output of nssqa as well.
-Before used on a new system (even if the same platform has been
-tested before) please use completely interactive, to see what the
-variables are being initialized to, and read the warnings. Same is
-true if being run from a different user account than svbld.
-
-In any case, if you are using it, please let me know the results.
-
-Pseudocode Description of nssqa:
---------------------------------
-not quite up to date
-
- header:init (global)
- set flags and variables to default values
- signal trap (for interupts and kills)
- set HOST and DOMSUF variables if running from cron
- parse parameters and options
- determine os and set up the environment (espec. PATH)
- set the directories to run in (influenced by parameters and -l option)
- set and initialize the tmp / debugging / output files
-
- nssqa:init (local)
- locking: if nssqa is already running on this systems (yes-exit,
- no-lockfile)
- set HOST and DOMSUF variables if running interavtively
- set flag to kill remaining selfserv processes during cleanup
- if QA platform different from build platform create neccessary
- symbolic links
- wait for the build to finish (max of 5h)
-
- main:
- repeated per test (optimized, debug, 32, 64 bit)
- set flags for this run of all.sh (optimized, debug, 32, 64 bit)
- set the DIST directory (where the binaries reside)
- kill running selfservers (sorry - just don't use the svbld
- account if you need to do your own testing... I will fix
- selfserv as soon as I can - but it hangs too often and
- disturbs all following QA)
- run all.sh
-
- header:exit (global)
- remove temporary files
- kill remaining selfservers
- send email to the list
-
-
- errorhandling
- Option / Parameter errors: Exit with usage information
-
- Severe errors: Exit wit errormessage
- example: directory in which all.sh resides does not exist
- can't create files or directories
- build not done after 5 hours
- is already running
-
- Other errors: User is prompted with the "errormessage - continue (y/n)?"
- example: local DIST dir does not exist (continues with next all.sh)
- outputdirectory does not exist (user can specify other)
-
- Signals 2, 3, 15 are treated as severe errors
-
-
-
diff --git a/security/nss/tests/doc/platform_specific_problems b/security/nss/tests/doc/platform_specific_problems
deleted file mode 100644
index 92a22ca03..000000000
--- a/security/nss/tests/doc/platform_specific_problems
+++ /dev/null
@@ -1,110 +0,0 @@
-I will, eventually convert all files here to html - just right now I have no
-time to do it. Anyone who'd like to - please feel free, mail me the file and
-I will check it in
-sonmi@netscape.com
-
-
-The NSS 3.1 SSL Stress Tests fail for me on FreeBSD 3.5. The end of the output
-of './ssl.sh stress' looks like this:
-
-********************* Stress Test ****************************
-********************* Stress SSL2 RC4 128 with MD5 ****************************
-selfserv -p 8443 -d
-/local/llennox/NSS-PSM/mozilla/tests_results/security/conrail.20/server -n
-conrail.cs.columbia.edu -w nss -i /tmp/tests_pid.5505 & strsclnt -p 8443 -d . -w nss -c 1000 -C A conrail.cs.columbia.edu
-strsclnt: -- SSL: Server Certificate Validated.
-strsclnt: PR_NewTCPSocket returned error -5974:
-Insufficient system resources.
-Terminated
-********************* Stress SSL3 RC4 128 with MD5 ****************************
-selfserv -p 8443 -d
-/local/llennox/NSS-PSM/mozilla/tests_results/security/conrail.20/server -n
-conrail.cs.columbia.edu -w nss -i /tmp/tests_pid.5505 & strsclnt -p 8443 -d . -w nss -c 1000 -C c conrail.cs.columbia.edu
-strsclnt: -- SSL: Server Certificate Validated.
-strsclnt: PR_NewTCPSocket returned error -5974:
-Insufficient system resources.
-Terminated
-
-Running ktrace on the process (ktrace is a system-call tracer, the equivalent of
-Linux's strace) reveals that socket() failed with ENOBUFS after it was called
-for the 953rd time for the first test, and it failed after the 27th time it was
-called for the second test.
-
-The failure is consistent, both for debug and optimized builds; I haven't tested
-to see whether the count of socket() failures is consistent.
-
-All the other NSS tests pass successfully.
-
-
-------- Additional Comments From Nelson Bolyard 2000-11-01 23:08 -------
-
-I see no indication of any error on NSS's part from this description.
-It sounds like an OS kernel configuration problem on the
-submittor's system. The stress test is just that. It stresses
-the server by pounding it with SSL connections. Apparently this
-test exhausts some kernel resource on the submittor's system.
-
-The only change to NSS that might be beneficial to this test
-would be to respond to this error by waiting and trying again
-for some limited number of times, rather than immediately
-treating it as a fatal error.
-
-However, while such a change might make the test appear to pass,
-it would merely be hiding a very serious problem, namely,
-chronic system resource exhaustion.
-
-So, I suggest that, in this case, the failure serves the useful
-purpose of revealing the system problem, which needs to be
-cured apart from any changes to NSS.
-
-I'll leave this bug open for a few more days, to give others
-a chance to persuade me that some NSS change would and should
-solve this problem.
-
-
-------- Additional Comments From Jonathan Lennox 2000-11-02 13:13 -------
-
-Okay, some more investigation leads me to agree with you. What's happening is
-that the TCP connections from the stress test stick around in TIME_WAIT for two
-minutes; my kernel is only configured to support 1064 simultaneous open sockets,
-which isn't enough for the 2K sockets opened by the stress test plus the 100 or
-so normally in use on my system.
-
-So I'd just suggest adding a note to the NSS test webpage to the effect of "The
-SSL stress test opens 2,048 TCP connections in quick succession. Kernel data
-structures may remain allocated for these connections for up to two minutes.
-Some systems may not be configured to allow this many simulatenous connections
-by default; if the stress tests fail, try increasing the number of simultaneous
-sockets supported."
-
-On FreeBSD, you can display the number of simultaneous sockets with the command
- sysctl kern.ipc.maxsockets
-which on my system returns 1064.
-
-It looks like this can be fixed with the kernel config option
- options NMBCLUSTERS=[something-large]
-or by increasing the 'maxusers' parameter.
-
-It looks like more recent FreeBSD implementations still have this limitation,
-and the same solutions apply, plus you can alternatively specify the maxsockets
-parameter in the boot loader.
-
-
----------------------------------
-
-hpux HP-UX hp64 B.11.00 A 9000/800 2014971275 two-user license
-
-we had to change following kernelparameters to make our tests pass
-
-1. maxfiles. old value = 60. new value = 100.
-2. nkthread. old value = 499. new value = 1328.
-3. max_thread_proc. old value = 64. new value = 512.
-4. maxusers. old value = 32. new value = 64.
-5. maxuprc. old value = 75. new value = 512.
-6. nproc. old formula = 20+8*MAXUSERS, which evaluated to 276.
- new value (note: not a formula) = 750.
-
-A few other kernel parameters were also changed automatically
-as a result of the above changes.
-
-
diff --git a/security/nss/tests/doc/qa_wrapper.html b/security/nss/tests/doc/qa_wrapper.html
deleted file mode 100755
index 755cca236..000000000
--- a/security/nss/tests/doc/qa_wrapper.html
+++ /dev/null
@@ -1,269 +0,0 @@
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<html>
-<head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <meta name="GENERATOR" content="Mozilla/4.7 [en] (X11; U; SunOS 5.8 sun4u) [Netscape]">
-</head>
-<body text="#000000" bgcolor="#FFFFFF" link="#0000EE" vlink="#551A8B" alink="#FF0000">
-
-<h3>
-<b><font face="Times New Roman,Times">Author Sonja Mirtitsch</font></b></h3>
-
-<h3>
-<b><font face="Times New Roman,Times">Last updated: 4/4/2001</font></b></h3>
-
-<h1>
-<b><font face="Times New Roman,Times">NSS 3.2.QA Wrapper</font></b></h1>
-
-<p><br>The QA&nbsp; wrapper tests the nightly builds of NSS. The actual
-tests are being run are called from the QA script all.sh. I will add documentation
-for the actual QA soon. The main purpose of the wrapper is: find out which
-build (NSS version, date, Build Platform) to test on which machine (OS,
-OS version) and construct a summary report, which is then mailed to the
-nss developers (aka mailing list nss-qa-report@netscape.com). Please see
-also the <a href="#advertisement">feature</a> section.
-<p><a href="#nssqa">nssqa</a>&nbsp; - the script that calls the actual
-qa script all.sh
-<br><a href="#qa_stat">qa_stat</a> - sends out status reports
-<br><a href="#qaclean">qaclean</a>&nbsp; - if everything else fails
-<p>Sample <a href="/u/sonmi/doc/publish/glob_result.html">global result</a>,
-<a href="/u/sonmi/doc/publish/results.html">individual result </a>and <a href="/u/sonmi/doc/publish/output.log">log
-files</a>
-<p>The QA wrapper consistst mainly of scripts, most located in security/nss/tests
-and subdirectories, but run from /u/sonmi/bin
-<p>nssqa and qa_stat, the main scripts both include a common header (<a href="../header">header</a>)
-and a common environment (<a href="../set_environment">set_environment</a>).
-<br>Also used is <a href="../mksymlinks">mksymlinks</a> and <a href="../path_uniq">path_uniq</a>
-and <a href="#qaclean">qaclean</a>.
-<p>The scripts that are used on a daily basis are located in /u/sonmi/bin
-and checked into security/nss/tests
-<p>Parameters and Options are the same for most scripts.
-<p><a NAME="Parameters"></a><b><u><font size=+1>Parameters</font></u></b>
-<br>&nbsp;&nbsp;&nbsp; nssversion (supported: 30b, 31, tip, default tip)
-<br>&nbsp;&nbsp;&nbsp; builddate (default - today, format mmdd)
-<p><a NAME="Options"></a><b><u><font size=+1>Options</font></u></b>
-<br>&nbsp;&nbsp;&nbsp; -y answer all questions with y - use at your own
-risk... ignores warnings
-<br>&nbsp;&nbsp;&nbsp; -s silent (only usefull with -y)
-<br>&nbsp;&nbsp;&nbsp; -h, -? -help you guessed right - displays the usage
-<br>&nbsp;&nbsp;&nbsp; -d debug
-<br>&nbsp;&nbsp;&nbsp; -f &lt;filename> - write the (error)output to filename
-<br>&nbsp;&nbsp;&nbsp; -fcron writes resultfile in the same location as
-would the -cron
-<br>&nbsp;&nbsp;&nbsp; -m &lt;mailinglist> - send filename to mailinglist
-(csl) only useful
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; with -f on nssqa
-<br>&nbsp;&nbsp;&nbsp; -l &lt;mozroot> run on a local build - does not
-work at this time
-<br>&nbsp;&nbsp;&nbsp; -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.&lt;scriptname>
-<br>&nbsp;
-<p>Please be aware that some iPlanet specific environments and features
-are being used.
-<p>-d Debug option might be removed from cron in a few weeks - or maybe
-not
-<br>-l QA on local build is not fully implemented yet - will not be implemented,
-all.sh can be called directly instead
-<p>Please do not use on Windows 95 and 98, ME platforms yet.
-<p>use -d if script behaves strange or exits unexpectedly
-<p><b><font size=+1>How to use the QA-wrapper</font></b>
-<br>To test a build, first run nssqa on the required QA platforms (some
-buildplatforms require QA to be run on additional platforms - for example
-Solaris 2.6 has to be tested on 2.8 32 and 64bit) If QA has been run on
-multiple or all required platforms it makes sense to run qa_stat on the
-output of nssqa as well.
-<br>Before used on a new system (even if the same platform has been tested
-before) please use completely interactive, to see what the variables are
-being initialized to, and read the warnings. Same is true if being run
-from a different user account than svbld.
-<p>In any case, if you are using it, please let me know the results.
-<p><a NAME="nssqa"></a><b><u><font size=+1>nssqa:</font></u></b>
-<p>the script that calls the actual qa script all.sh
-<p>nssqa <a href="#Parameters">parameters</a> and&nbsp; <a href="#Options">options</a>
-<p><a href="../nssqa">view the script</a>
-<p><b><u><font size=+1>Pseudocode Description of nssqa</font></u></b>
-<br>not quite up to date
-<p>&nbsp;&nbsp;&nbsp; header:init (global)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set flags and variables
-to default values
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; signal trap (for interupts
-and kills)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set HOST and DOMSUF variables
-if running from cron
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; parse parameters and options
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; determine os and set up
-the environment (espec. PATH)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set the directories to run
-in (influenced by parameters and -l option)<br>
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set the directories for backward
-compatibility testing
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set and initialize the tmp
-/ debugging / output files
-<p>&nbsp;&nbsp;&nbsp; nssqa:init (local)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; locking: if nssqa is already
-running on this systems (yes-exit,
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-no-lockfile)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set HOST and DOMSUF variables
-if running interavtively
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; set flag to kill remaining
-selfserv processes during cleanup
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if QA platform different
-from build platform create neccessary
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-symbolic links
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; wait for the build to finish
-(max of 5h)
-<p>&nbsp;&nbsp;&nbsp; main:
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; repeated per test (optimized,
-debug, 32, 64 bit)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-set flags for this run of all.sh (optimized, debug, 32, 64 bit)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-set the DIST directory (where the binaries reside)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-kill running selfservers (sorry - just don't use the svbld
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-account if you need to do your own testing... I will fix
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-selfserv as soon as I can - but it hangs too often and
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-disturbs all following QA)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-run all.sh
-<p>&nbsp;&nbsp;&nbsp; header:exit (global)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; remove temporary files
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; kill remaining selfservers
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; send email to the list
-<br>&nbsp;
-<p>&nbsp;&nbsp;&nbsp; errorhandling
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Option / Parameter errors:
-Exit with usage information
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Severe errors: Exit wit errormessage
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-example: directory in which all.sh resides does not exist
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-can't create files or directories
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-build not done after 5 hours
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-is already running
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Other errors: User is prompted
-with the "errormessage - continue (y/n)?"
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-example: local DIST dir does not exist (continues with next all.sh)
-<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-outputdirectory does not exist (user can specify other)
-<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Signals 2, 3, 15 are treated
-as severe errors
-<br>&nbsp;
-<br>&nbsp;
-<br>&nbsp;
-<p><img SRC="clean.gif" height=129 width=92 align=LEFT><a NAME="qaclean"></a><b><u><font size=+2>qaclean:</font></u></b>/u/sonmi/bin/qaclean
-<br>&nbsp;
-<p>Use qaclean as user "svbld" to get the propper permissions. It is supposed
-to clean up after a "hanging" QA and will also brutally kill, interupt
-and disturb any other nss related test or performance meassurement on the
-named machine. NT and 2000 might require an additional reboot, since the
-ps is not so good about telling us the actual programmname - so we can't
-kill them... Please note that this is a brute force script, it should not
-be used on a regular basis, file a bug whenever you have to use it, since
-hanging QA is nothing that should occur frequently
-<p>&nbsp;<a href="../qaclean">view the script</a>
-<p>What it does:
-<ol>
-<li>
-see if there is a lockfile (/tmp/nssqa.$$ or $TMP/nssqa.$$)</li>
-
-<br>if yes:
-<ol>kill the process of the lockfile <font color="#666666">(future expansion
-and if possible it's children )</font>
-<br>rm the lockfile</ol>
-
-<li>
-kill selfservers</li>
-
-<li>
-kill whatever other qa related processes might be hanging</li>
-
-<li>
-clean up tmp files</li>
-</ol>
-<b>QAClean Parameters:</b>
-<br>&nbsp;&nbsp;&nbsp; machinename.
-<br>&nbsp;&nbsp;&nbsp; for example
-<br>&nbsp;&nbsp;&nbsp; qaclean kentuckyderby
-<br>&nbsp;&nbsp;&nbsp; started on any machine, will clean up on kentuckyderby
-<p><a NAME="qa_stat"></a><b><u><font size=+2>qa_stat</font></u></b>
-<p>qa_stat is the script that is being started from the svbld cron on kentuckyderby
-every morning at 10:00 and runs some (very primitive) analysis on the qa
-results.
-<br>I'd like to rewrite the whole thing in perl, and in a few weeks I might
-just do this...
-<p>&nbsp;<a href="../qa_stat">view the script</a>
-<p>qa_stat <a href="#Parameters">parameters</a> and&nbsp; <a href="#Options">options</a>
-<p><a NAME="advertisement"></a><b><u><font size=+1>Why we need the QA wrapper</font></u></b>
-<p>We need the new QA wrapper, because we have to test on so many platforms,
-that running the tests and evaluating the results for the nightly builds
-took about an average workday.
-<p><b><font size=+1>New Features:</font></b>
-<ul>
-<li>
-runs from <b>cron</b> / rsh or <b>interactive</b> if desired</li>
-
-<li>
-generates <b>summary</b> (no need to look through 60-90 directories)</li>
-
-<li>
-sends <b>email</b> about results</li>
-
-<li>
-automatically <b>recognizes common errors</b> and problems and conflicts
-and corrects them</li>
-
-<br>(or attempts to correct them :-)
-<li>
-automatically determines <b>which build </b>to test (waits if build in
-progress, exits if no build)</li>
-
-<li>
-runs on <b>all required platforms</b> (Windows 98 and before not functional
-yet)</li>
-
-<li>
-Windows version runs on <b>free Cygnus</b> as well as on MKS</li>
-
-<li>
-debug mode, normal mode and silent mode</li>
-
-<li>
-<b>locking</b> mechanism so it won't run twice</li>
-
-<li>
-<b>cleanup</b> after being killed and most errors (no remaining selfservers,
-tmpfiles, lock files)</li>
-</ul>
-The 1st script is started via cron between 5:00 and 8:00 am on different
-systems, and starts QA on the nightly build. At 10:00 the next script is
-started, and sends a QA summary to the nss developers.
-<p><b>Cygnus Advantages</b>:
-<ul>
-<li>
-<b>free</b></li>
-
-<li>
-better handling of <b>processes</b> (background, processIDs, Signals)</li>
-
-<li>
-Unix / Linux <b>compatible</b> sh / bash</li>
-</ul>
-<b>Disadvantages</b>
-<ul>
-<li>
-MKS functionality needs to be preserved (makes <b>8 Windows platforms</b>
-instead of 4 for the QA suites - makes 32 testruns on Windows alone)</li>
-
-<br>In certain functionality's <b>slow</b>
-<br><b></b>&nbsp;</ul>
-<b>Porting the windows QA&nbsp;to Uwin as well is also being considered</b>
-</body>
-</html>
diff --git a/security/nss/tests/fips/fips.sh b/security/nss/tests/fips/fips.sh
deleted file mode 100755
index fe4b3a055..000000000
--- a/security/nss/tests/fips/fips.sh
+++ /dev/null
@@ -1,179 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/fips/fips.sh
-#
-# Script to test basic functionallity of NSS in FIPS-compliant mode
-#
-# needs to work on all Unix and Windows platforms
-#
-# tests implemented:
-#
-# special strings
-# ---------------
-#
-########################################################################
-
-############################## fips_init ##############################
-# local shell function to initialize this script
-########################################################################
-fips_init()
-{
- SCRIPTNAME=fips.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . cert.sh
- fi
- SCRIPTNAME=fips.sh
- html_head "FIPS 140-1 Compliance Tests"
-
- grep "SUCCESS: FIPS passed" $CERT_LOG_FILE >/dev/null || {
- Exit 15 "Fatal - FIPS of cert.sh needs to pass first"
- }
-
- COPYDIR=${FIPSDIR}/copydir
-
- R_FIPSDIR=../fips
- R_COPYDIR=../fips/copydir
-
- mkdir -p ${FIPSDIR}
- mkdir -p ${COPYDIR}
-
- cd ${FIPSDIR}
-}
-
-############################## fips_140_1 ##############################
-# local shell function to test basic functionality of NSS while in
-# FIPS 140-1 compliant mode
-########################################################################
-fips_140_1()
-{
- echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
- echo "certutil -d ${R_FIPSDIR} -L -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -L -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
- echo "$SCRIPTNAME: List the FIPS module keys -------------------------"
- echo "certutil -d ${R_FIPSDIR} -K -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -K -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "List the FIPS module keys (certutil -K)"
-
- echo "$SCRIPTNAME: Attempt to list FIPS module keys with incorrect password"
- echo "certutil -d ${R_FIPSDIR} -K -f ${FIPSBADPWFILE}"
- certutil -d ${R_FIPSDIR} -K -f ${FIPSBADPWFILE} 2>&1
- RET=$?
- html_msg $RET 255 "Attempt to list FIPS module keys with incorrect password (certutil -K)"
- echo "certutil -K returned $RET"
-
- echo "$SCRIPTNAME: Validate the certificate --------------------------"
- echo "certutil -d ${R_FIPSDIR} -V -n ${FIPSCERTNICK} -u SR -e -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -V -n ${FIPSCERTNICK} -u SR -e -f ${R_FIPSPWFILE}
- html_msg $? 0 "Validate the certificate (certutil -V -e)"
-
- echo "$SCRIPTNAME: Export the certificate and key as a PKCS#12 file --"
- echo "pk12util -d ${R_FIPSDIR} -o fips140.p12 -n ${FIPSCERTNICK} -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE}"
- pk12util -d ${R_FIPSDIR} -o fips140.p12 -n ${FIPSCERTNICK} -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "Export the certificate and key as a PKCS#12 file (pk12util -o)"
-
- echo "$SCRIPTNAME: Export the certificate as a DER-encoded file ------"
- echo "certutil -d ${R_FIPSDIR} -L -n ${FIPSCERTNICK} -r -o fips140.crt -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -L -n ${FIPSCERTNICK} -r -o fips140.crt -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "Export the certificate as a DER (certutil -L -r)"
-
- echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
- echo "certutil -d ${R_FIPSDIR} -L -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -L -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
- echo "$SCRIPTNAME: Delete the certificate and key from the FIPS module"
- echo "certutil -d ${R_FIPSDIR} -F -n ${FIPSCERTNICK} -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -F -n ${FIPSCERTNICK} -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "Delete the certificate and key from the FIPS module (certutil -D)"
-
-
- echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
- echo "certutil -d ${R_FIPSDIR} -L -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -L -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
- echo "$SCRIPTNAME: List the FIPS module keys."
- echo "certutil -d ${R_FIPSDIR} -K -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -K -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "List the FIPS module keys (certutil -K)"
-
- echo "$SCRIPTNAME: Import the certificate and key from the PKCS#12 file"
- echo "pk12util -d ${R_FIPSDIR} -i fips140.p12 -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE}"
- pk12util -d ${R_FIPSDIR} -i fips140.p12 -w ${R_FIPSP12PWFILE} -k ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "Import the certificate and key from the PKCS#12 file (pk12util -i)"
-
- echo "$SCRIPTNAME: List the FIPS module certificates -----------------"
- echo "certutil -d ${R_FIPSDIR} -L -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -L -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "List the FIPS module certificates (certutil -L)"
-
- echo "$SCRIPTNAME: List the FIPS module keys --------------------------"
- echo "certutil -d ${R_FIPSDIR} -K -f ${R_FIPSPWFILE}"
- certutil -d ${R_FIPSDIR} -K -f ${R_FIPSPWFILE} 2>&1
- html_msg $? 0 "List the FIPS module keys (certutil -K)"
-}
-
-############################## fips_cleanup ############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-fips_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-fips_init
-
-fips_140_1
-fips_cleanup
-
diff --git a/security/nss/tests/header b/security/nss/tests/header
deleted file mode 100644
index 5d85290ce..000000000
--- a/security/nss/tests/header
+++ /dev/null
@@ -1,1601 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/header - /u/svbld/bin/init/nss/header
-#
-# variables, utilities and shellfunctions global to NSS QA
-# needs to work on all Unix platforms
-#
-# included from (don't expect this to be up to date)
-# --------------------------------------------------
-# qa_stat
-# mksymlinks
-# nssqa
-#
-# parameters
-# ----------
-# nssversion (supported: 30b, 31, 332, tip 32)
-# builddate (default - today)
-#
-# options
-# -------
-# -y answer all questions with y - use at your own risk... ignores warnings
-# -s silent (only usefull with -y)
-# -h, -? - you guessed right - displays this text
-# -d debug
-# -f <filename> - write the (error)output to filename
-# -fcronfile produces the resultfiles in the same locations
-# as would have been produced with -cron
-# -m <mailinglist> - send filename to mailinglist (csl) only useful
-# with -f
-# -ml <mailinglist> - send link to filename to mailinglist (csl)
-# only useful with -f
-# -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.<scriptname>
-# -t run on a tinderbox build that means: local, from the startlocation
-# -l <mozroot directory> run on a local build mozroot
-# -ln <mozroot> copy a networkbuild to a local directory mozroot,
-# used for networkindipendend QA
-# -lt try to copy a networkbuild to a local directory, if not possible
-# run on the network
-# used for networkindipendend QA
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# moduls (not yet)
-# ----------------
-# --# INIT
-# --# USERCOM
-# --# UTILS
-#
-# FIXME - split in init / usercom / utils
-#
-########################################################################
-
-#------------------------------# INIT #------------------------------
-
-# below the option flags get initialized
-
-if [ -z "$QASCRIPT_DIR" ]
-then
- QASCRIPT_DIR=`dirname $0`
- if [ "$QASCRIPT_DIR" = '.' ]
- then
- QASCRIPT_DIR=`pwd`
- fi
-fi
-export QASCRIPT_DIR
-
-O_HWACC=OFF
-if [ -z "$O_ALWAYS_YES" ] ; then
- O_ALWAYS_YES=OFF # turned on by -y answer all questions with y
-fi
-
-if [ -z "$O_INIT" ] # header is global, some including scripts may not
-then # want the init to run, the others don't need to bother
- O_INIT=ON
-fi
-if [ -z "$O_PARAM" ] # header is global, some including scripts may not
-then # require parameters, the others don't need to bother
- O_PARAM=ON
-fi
-if [ -z "$O_OPTIONS" ] # header is global, some including scripts may not
-then # permit options, they don't need to bother
- O_OPTIONS=OFF
-fi
-O_SILENT=OFF # turned on by -s silent (only usefull with -y)
-if [ -z "$O_DEBUG" ] ; then
- O_DEBUG=OFF # turned on by -d - calls to Debug produce output when ON
-fi
-O_FILE=OFF # turned on by -f echo all output to a file $FILENAME
-O_CRON=OFF # turned on by -cron cron use only
-O_CRONFILE=OFF # turned on by -cron cron and -fcron
-O_LOCAL=OFF # turned on by -l* run on a local build in $LOCAL_MOZROOT
-O_LN=OFF # turned on by -ln and -lt, test a networkbuild locally
-O_MAIL=OFF # turned on by -m - sends email
-O_MAIL_LINK=OFF # turned on by -ml - sends email
-O_TBX=OFF # turned on by -t run on a tinderbox build
- # that means: local, from the startlocation
-
-if [ -z "$DOMSUF" ]
-then
-
- DOMSUF=red.iplanet.com
- DS_WAS_SET=FALSE
-else
- DS_WAS_SET=TRUE
-fi
-
-TMPFILES=""
-
-WAIT_FOR=600 # if waiting for an event sleep n seconds before rechecking
- # recomended value 10 minutes 600
-WAIT_TIMES=30 # recheck n times before giving up - recomended 30 - total of 5h
-
-if [ -z "$QAYEAR" ] # may I introduce - the y2k+1 bug? QA for last year
-then # might not work
- QAYEAR=`date +%Y`
-fi
-
-if [ -z "$TMP" ]
-then
- if [ -z "$TEMP" ]
- then
- TMP="/tmp"
- else
- TMP=$TEMP
- fi
-fi
-if [ ! -w "$TMP" ]
-then
- echo "Can't write to tmp directory $TMP - exiting"
- echo "Can't write to tmp directory $TMP - exiting" >&2
- exit 1
-fi
-
-KILLPIDS="$TMP/killpids.$$"
-export KILLERPIDS
-TMPFILES="$TMPFILES $KILLPIDS"
-
-KILL_SELFSERV=OFF # if sourcing script sets this to on cleanup will also
- # kill the running selfserv processes
-
- # Set the masterbuilds
-if [ -z "$UX_MASTERBUILD" ]
-then
- UX_MASTERBUILD=booboo_Solaris8
- #if [ ! -d $UX_MASTERBUILD ] ; then
- #UX_MASTERBUILD=booboo_Solaris8_forte6
- #fi
-fi
-if [ -z "$NT_MASTERBUILD" ]
-then
- NT_MASTERBUILD=blowfish_NT4.0_Win95
- NT_MB_WAS_SET=FALSE # in this case later functions can override if
- # they find a different build that looks like NT
-else
- NT_MB_WAS_SET=TRUE
-fi
-if [ -z "$MASTERBUILD" ]
-then
- MASTERBUILD=$UX_MASTERBUILD
-fi
-
- # Set the default build
-if [ -z "$BUILDNUMBER" ]
-then
- BUILDNUMBER=1
-fi
-export BUILDNUMBER
-O_LDIR=OFF #local QA dir for NT, temporary
-
-if [ -z "$WIN_WAIT_FOREVER" ] # header is global, some including scripts
-then # want the init to wait forever for directories to
- # appear (windows only) if OFF exit, if ON wait forever
- WIN_WAIT_FOREVER=OFF
-fi
-
- # NOTE: following variables have to change
- # from release to release
-if [ -z "$BC_MASTER" ] # master directory for backwardscompatibility testing
-then
- RH="NO"
- grep 7.1 /etc/redhat-release > /dev/null 2>/dev/null && RH="YES"
-
- if [ "$RH" = "YES" ]
- then # NSS-3-3-1RTM
- BC_UX_MASTER=nss331/builds/20010928.2.331-RTM/booboo_Solaris8
- BC_NT_MASTER=nss331/builds/20010928.2.331-RTM/blowfish_NT4.0_Win95
- else # NSS-3-2-2RTM
- BC_UX_MASTER=nss322/builds/20010820.1/y2sun2_Solaris8
- BC_NT_MASTER=nss322/builds/20010820.1/blowfish_NT4.0_Win95
- fi
- BC_MASTER=$BC_UX_MASTER
-fi
-BC_RELEASE=3.2
-export BC_RELEASE
-
-EARLY_EXIT=TRUE #before the report file has been created, causes Exit to
- #create it
-
-UX_D0=/share/builds/mccrel/nss
-
-################################### glob_init ##########################
-# global shell function, main initialisation function
-########################################################################
-glob_init()
-{
- if [ $O_PARAM = "ON" ] ; then
- eval_opts $* # parse parameters and options - set flags
- fi
- # if running from cron HOST needs to be known early,
- init_host # so the output file name can be constructed.
- Debug "Setting up environment...( $QASCRIPT_DIR/set_environment) "
- . $QASCRIPT_DIR/set_environment #finds out if we are running on Windows
- Debug "OPerating system: $os_name $os_full"
- if [ $O_WIN = "ON" ] ; then
- win_set_tmp
- write_to_tmpfile
- MASTERBUILD=$NT_MASTERBUILD
- BC_MASTER=$BC_NT_MASTER
- fi
- umask 0
- init_dirs
- init_files
- init_vars
-}
-
-################################### init_vars ###########################
-# global shell function, sets the environment variables, part of init
-########################################################################
-init_vars()
-{
- if [ -z "$LOGNAME" ]
- then
- if [ $O_WIN = "ON" ]
- then
- LOGNAME=$USERNAME
- else
- LOGNAME=$USER
- fi
- if [ -z "$LOGNAME" ]
- then
- LOGNAME=$UNAME
- if [ -z "$LOGNAME" ]
- then
- LOGNAME=`basename $HOME`
- fi
- fi
- fi
- if [ -z "$LOGNAME" ]
- then
- Exit "Can't determine current user"
- fi
- case $HOST in
- iws-perf)
- O_HWACC=ON
- HWACC_LIST="rainbow ncipher"
- #MODUTIL="-add rainbow -libfile /usr/lib/libcryptoki22.so"
- export HWACC_LIST
- ;;
- *)
- O_HWACC=OFF
- ;;
- esac
- export O_HWACC
-}
-
-########################################################################
-# functions below deal with setting up the directories and PATHs for
-# all different flavors of OS (Unix, Linux, NT MKS, NT Cygnus) and QA
-# (Standard, local tinderbox)
-########################################################################
-
-########################## find_nt_masterbuild #########################
-# global shell function, sets the nt masterbuild directories, part of init
-########################################################################
-find_nt_masterbuild()
-{
- NT_MASTERDIR=${DAILY_BUILD}/${NT_MASTERBUILD}
- if [ "${NT_MB_WAS_SET}" = "FALSE" -a ! -d $NT_MASTERDIR ] ; then
- if [ -d ${DAILY_BUILD}/*NT4* ] ; then
- NT_MASTERBUILD=` cd ${DAILY_BUILD}; ls -d *NT4* `
- Debug "NT_MASTERBUILD $NT_MASTERBUILD"
- NT_MASTERDIR=${DAILY_BUILD}/${NT_MASTERBUILD}
- fi
- fi
- Debug "NT_MASTERDIR $NT_MASTERDIR"
-}
-
-################################### set_daily_build_dirs ###########################
-# global shell function, sets directories
-########################################################################
-set_daily_build_dirs()
-{
- if [ "$O_LOCAL" = "ON" -a "$O_LN" = "OFF" ] ; then
- DAILY_BUILD=${LOCAL_MOZROOT} # on local builds NSS_VER_DIR and DAILY_BUILD are
- # set to the LOCAL_MOZROOT, since it is not sure
- # if ../.. (DAILY_BUILD) even exists
- LOCALDIST=${LOCAL_MOZROOT}/dist
- elif [ "$O_TBX" = "ON" ] ; then
- DAILY_BUILD="$TBX_DAILY_BUILD"
- LOCALDIST=${UXDIST}
- else
- DAILY_BUILD=${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.${BUILDNUMBER}
- LOCALDIST=${DAILY_BUILD}/${MASTERBUILD}/mozilla/dist
- fi
-}
-
-map_os64()
-{
- IS_64=""
- case `uname -s` in
- #OSF1) has been done already - always 64 bit
- SunOS)
- MAPPED_OS=Solaris*8
- IS_64=`(isainfo -v | grep 64)>/dev/null 2>/dev/null && echo 64 bit`
- if [ "$O_TBX" = "OFF" ] ; then
- set_osdir
- if [ -n "$IS_64" ]
- then #Wait for the 64 bit build to finish...
- Debug Testing build for $MAPPED_OS in $OSDIR
- Wait ${OSDIR}/SVbuild.InProgress.1 0
- fi
- fi
- ;;
- AIX)
- IS_64=`lslpp -l | grep "bos.64bit"> /dev/null && echo 64 bit`
- ;;
- HP-UX)
- IS_64=`getconf KERNEL_BITS | grep 64 >/dev/null && echo 64 bit`
- ;;
- esac
- Debug "Mapped OS to $MAPPED_OS"
-}
-
-
-
-################################### copy_to_local ########################
-# global shell function, copies the necessary directories from the
-# daily build aerea to the local disk
-########################################################################
-copy_to_local()
-{
- Debug "Copy network directories to local directories"
- C2L_ERROR=0
- if [ ! -d ${LOCAL_MOZROOT}/dist ] ; then
- mkdir -p ${LOCAL_MOZROOT}/dist || C2L_ERROR=1
- fi
- if [ ! -d ${LOCAL_MOZROOT}/security/nss ] ; then
- mkdir -p ${LOCAL_MOZROOT}/security/nss || C2L_ERROR=2
- fi
- if [ $C2L_ERROR != 0 ] ; then
- Exit "copy_to_local: Can t make necesssary directories ($C2L_ERROR ) "
- fi
- if [ ! -d ${LOCAL_MOZROOT}/security/nss/tests ] ; then
- cp -r ${TESTSCRIPTDIR} ${LOCAL_MOZROOT}/security/nss || C2L_ERROR=1
- fi
- if [ ! -d ${LOCAL_MOZROOT}/security/coreconf ] ; then
- cp -r ${MOZILLA_ROOT}/security/coreconf ${LOCAL_MOZROOT}/security || C2L_ERROR=2
- fi
-
- NO_DIRS=0;
- if [ "$O_WIN" = "ON" ] ; then
- OS_TARGET=WINNT;export OS_TARGET
- fi
- unset BUILD_OPT;export BUILD_OPT;
- unset USE_64;export USE_64;
-#FIXME only tested on 64 bit Solaris and only got 32 bit builds
- while [ $NO_DIRS -lt 4 ] ; do
- # first time thru: Debug 32 bit NT
- set_objdir
- Debug "Copying ${OBJDIR}..."
- if [ ! -d ${LOCAL_MOZROOT}/dist/${OBJDIR} ] ; then
- cp -r ${LOCALDIST}/${OBJDIR} ${LOCAL_MOZROOT}/dist || C2L_ERROR=3
- fi
- NO_DIRS=`expr $NO_DIRS + 1`
- if [ $NO_DIRS = 1 ] ; then # 2nd time: OPT 32 bit NT
- BUILD_OPT=1; export BUILD_OPT;
- elif [ $NO_DIRS = 2 ] ; then # 3rd time: OPT, either 64 bit or Win95 or force exit
- if [ "$O_WIN" = "ON" ] ; then
- OS_TARGET=WIN95;export OS_TARGET
- else
- map_os64
- if [ -z "$IS_64" ] ; then #32 bit platform
- NO_DIRS=4
- else
- USE_64=1; export USE_64
- fi
- fi
- elif [ $NO_DIRS = 3 ] ; then # 4th time: Debug either 64 bit or Win95
- unset BUILD_OPT;export BUILD_OPT;
- fi
-
-
- done
- if [ $C2L_ERROR != 0 ] ; then
- Exit "copy_to_local: Can t copy necesssary directories ($C2L_ERROR ) "
- fi
- unset TESTSCRIPTDIR
- unset TESTDIR
- unset RESULTDIR
- O_LN=OFF #from here on pretend it is regular -l local QA FIXME, might cause
- #problems with the backwardcompatibility tests
- Debug "Successfully copied network directories to local directories"
-}
-
-################################### local_dirs ###########################
-# global shell function, sets the directories for local QA
-########################################################################
-local_dirs()
-{
- Debug "Set directories for local QA"
- #if [ "$O_WIN" = "ON" ] ; then
- #win_set_tmp
- #fi
- NSS_VER_DIR=${LOCAL_MOZROOT} # on local builds NSS_VER_DIR and DAILY_BUILD are
- # set to the LOCAL_MOZROOT, since it is not sure
- # if ../../../.. (NSS_VER_DIR) even exists
- if [ -z "${RESULTDIR}" ] ; then # needs to be local as well
- Debug "Setting RESULTDIR for local QA"
- RESULTDIR="${LOCAL_MOZROOT}/tests_results/security/${HOST}-`date +%Y%m%d-%H.%M`"
- fi
- set_daily_build_dirs
- UX_MASTERDIR=`dirname ${LOCAL_MOZROOT}`
- NT_MASTERDIR=$UX_MASTERDIR
- MOZILLA_ROOT=${LOCAL_MOZROOT}
-
- UXDIST=${MOZILLA_ROOT}/dist
- NTDIST=${UXDIST}
-
- if [ -z "${TESTDIR}" ] ; then
- Debug "Setting TESTDIR for local QA"
- TESTDIR=${RESULTDIR}
- fi
- if [ -n "$TESTDIR" ] ; then
- if [ ! -d $TESTDIR ] ; then
- Debug "Making TESTDIR for local QA"
- mkdir -p $TESTDIR
- fi
- fi
- export TESTDIR
- Debug "RESULTDIR $RESULTDIR TESTDIR $TESTDIR"
-
- TESTSCRIPTDIR=${LOCAL_MOZROOT}/security/nss/tests
- COMMON=${TESTSCRIPTDIR}/common
-
- set_objdir
- debug_dirs
- export_dirs
-}
-
-
-################################### tbx_dirs ###########################
-# global shell function, sets the directories for tinderbox QA
-########################################################################
-tbx_dirs()
-{
- Debug "Set directories for tinderbox"
- if [ "$O_WIN" = "ON" ] ; then
- win_set_d1 # we need the NSS_VER_DIR later
- else
- NSS_VER_DIR="$UX_D0"/nss$NSSVER
- fi
- if [ -z "${RESULTDIR}" ] ; then # needs to be different for tinderbox
- Debug "Setting RESULTDIR for tinderbox"
- RESULTDIR="${NSS_VER_DIR}/tinderbox/tests_results/security/${HOST}-`date +%Y%m%d-%H.%M`"
- #RESULTDIR=${UX_MASTERDIR}/mozilla/tests_results/security
- fi
- TBX_DAILY_BUILD=`cd ../../../../..;pwd`
- NSS_VER_DIR="${TBX_DAILY_BUILD}/../.."
- #if [ "$O_WIN" = "ON" ] ; then
- #TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tbx/stalker_NT"
- #else
- #Debug "Testing for TBX_LOGDIR ${TBX_LOGDIR}"
- #if [ -n "${TBX_LOGDIR}" ] ; then
- #Debug "found TBX_LOGDIR ${TBX_LOGDIR}"
- #TBX_LOGFILE_DIR="${TBX_LOGDIR}"
- #elif [ -d "${NSS_VER_DIR}/logs/tinderbox/Solaris8" ] ; then
- #TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tinderbox/Solaris8"
- #elif [ -d "${NSS_VER_DIR}/logs/tinderbox/Solaris8_64" ] ; then
- #TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tinderbox/Solaris8_64"
- #elif [ -d "${NSS_VER_DIR}/logs/tinderbox/HP-UX-11.00" ] ; then
- #TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tinderbox/HP-UX-11.00"
- #elif [ -d "${NSS_VER_DIR}/logs/tinderbox/HP-UX-11.00-64" ] ; then
- #TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tinderbox/HP-UX-11.00-64"
- #elif [ -d "${NSS_VER_DIR}/logs/tinderbox/Solaris2.6" ] ; then
- #TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tinderbox/Solaris2.6"
-#/export/nss_tbx_aix64/logs/tinderbox/AIX64
- #else
- TBX_LOGFILE_DIR=`ls ${NSS_VER_DIR}/logs/tinderbox |
- sed -e 's/ .*//g'`
- if [ -z "$TBX_LOGFILE_DIR" ] ; then
- TBX_LOGFILE_DIR=`ls ${NSS_VER_DIR}/logs/tbx |
- sed -e 's/ .*//g'`
- TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tbx/${TBX_LOGFILE_DIR}"
- else
- TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs/tinderbox/${TBX_LOGFILE_DIR}"
- fi
- #TBX_LOGFILE_DIR="${NSS_VER_DIR}/logs"
- #fi
- Debug "Set TBX_LOGFILE_DIR ${TBX_LOGFILE_DIR}"
- #fi
-
- set_daily_build_dirs
- UX_MASTERDIR=`cd ../../../..;pwd`
- NT_MASTERDIR=$UX_MASTERDIR
- MOZILLA_ROOT=$UX_MASTERDIR/mozilla
-
- UXDIST=${MOZILLA_ROOT}/dist
- NTDIST=${UXDIST}
-
- if [ -z "${TESTDIR}" ] ; then
- Debug "Setting TESTDIR for tinderbox"
- TESTDIR=${RESULTDIR}
- fi
- if [ -n "$TESTDIR" ] ; then
- if [ ! -d $TESTDIR ] ; then
- Debug "Making TESTDIR for tinderbox"
- mkdir -p $TESTDIR
- fi
- fi
- export TESTDIR
- Debug "RESULTDIR $RESULTDIR TESTDIR $TESTDIR"
-
- TESTSCRIPTDIR=`pwd`
- COMMON=${TESTSCRIPTDIR}/common
-
- set_objdir
- debug_dirs
- export_dirs
-}
-
-################################### init_dirs ###########################
-# global shell function, sets the directories for standard QA
-# calls special functions for tinderbox, windows or local QA, part of init
-########################################################################
-init_dirs()
-{
- if [ "$O_LOCAL" = "ON" -a $O_LN = "OFF" ] ; then # if it is a LN we need to know
- # all the directories off the network first to copy them
- local_dirs # O_LOCAL alone assumes that all the directories are already there
- return
- elif [ "$O_TBX" = "ON" ] ; then
- tbx_dirs
- return
- elif [ "$O_WIN" = "ON" ] ; then
- win_set_d1
- else
- NSS_VER_DIR="$UX_D0"/nss$NSSVER
- fi
- #set -x
-
- set_daily_build_dirs
-
- if [ -z "${BCDIST}" ] ; then
- #BCDIST=/share/builds/mccrel/nss/${BC_MASTER}/mozilla/dist
- BCDIST=${NSS_VER_DIR}/../${BC_MASTER}/mozilla/dist
- if [ ! -d $BCDIST ] ; then
- ask "Backward compatibility directory $BCDIST does not exist, continue" "y" "n" || Exit
- fi
- fi
-
- UX_MASTERDIR=${DAILY_BUILD}/${UX_MASTERBUILD}
- find_nt_masterbuild
-
- if [ "$O_WIN" = "ON" ]
- then
- MOZILLA_ROOT=${NT_MASTERDIR}/mozilla
- else
- MOZILLA_ROOT=${UX_MASTERDIR}/mozilla
- fi
-
- UXDIST=${UX_MASTERDIR}/mozilla/dist
- NTDIST=${NT_MASTERDIR}/mozilla/dist
-
- if [ -z "${RESULTDIR}" ] ; then
- RESULTDIR=${UX_MASTERDIR}/mozilla/tests_results/security
- fi
-
- if [ -n "$PRODUCT_TO_TEST" -a "$PRODUCT_TO_TEST" = "JSS" ] ; then
-
- if [ "$O_WIN" = "ON" ] ; then
- JSS_NSS_SRC_DIR=$JSS_NSS_NT_SRC_DIR
- fi
- TESTSCRIPTDIR=${NSS_VER_DIR}/../${JSS_NSS_SRC_DIR}/mozilla/security/nss/tests
- else
- TESTSCRIPTDIR=${MOZILLA_ROOT}/security/nss/tests
- fi
-
- if [ ! -d $TESTSCRIPTDIR ] ; then
- if [ "$O_WIN" = "ON" -a "$WIN_WAIT_FOREVER" = "ON" ]
- then
- WaitForever $TESTSCRIPTDIR/all.sh 1
- else
- Exit "Test directory $TESTSCRIPTDIR does not exist"
- fi
- fi
-
- COMMON=${TESTSCRIPTDIR}/common
- if [ "$O_LOCAL" = "ON" -a $O_LN = "ON" ] ; then # if it is a LN we need to know
- # all the directories off the network first to copy them
- copy_to_local
- local_dirs
- fi
- #set +x
-
-
- set_objdir
- debug_dirs
- export_dirs
-}
-
-debug_dirs()
-{
- Debug "NTDIST $NTDIST"
- Debug "UXDIST $UXDIST"
- Debug "TESTSCRIPTDIR $TESTSCRIPTDIR"
- Debug "RESULTDIR $RESULTDIR"
- Debug "TMP $TMP"
- Debug "LOCALDIST_BIN $LOCALDIST_BIN"
- Debug "COMMON $COMMON"
- Debug "MOZILLA_ROOT $MOZILLA_ROOT"
- Debug "BCDIST $BCDIST"
-}
-
-export_dirs()
-{
- export NSS_VER_DIR DAILY_BUILD NTDIST UXDIST RESULTDIR TESTSCRIPTDIR BCDIST
- export UX_MASTERDIR NT_MASTERDIR COMMON MOZILLA_ROOT
-}
-
-set_osdir()
-{
- OSDIR=${DAILY_BUILD}/*${MAPPED_OS}*
-}
-
-################################### init_files ###########################
-# global shell function, sets filenames, initializes files, part of init
-########################################################################
-init_files()
-{
- if [ $O_CRONFILE = "ON" ]
- then
- Debug "attempting to create resultfiles"
- if [ "$O_TBX" = "ON" ] ; then
- NEWFILENAME=${TBX_LOGFILE_DIR}/qa.log
- if [ ! -w ${TBX_LOGFILE_DIR} ] ; then
- Exit "can't touch $NEWFILENAME"
- fi
- else
- NEWFILENAME=$RESULTDIR/$HOST.`basename $0`
- fi
- if [ ! -d $RESULTDIR ]
- then
- mkdir -p $RESULTDIR || Exit "Error: can't make $RESULTDIR"
- fi
- if [ ! -w $RESULTDIR ] ; then
- Exit "can't touch $NEWFILENAME"
- fi
- Debug "About to touch $NEWFILENAME "
- touch $NEWFILENAME || Exit "Error: can't touch $NEWFILENAME"
- if [ "$O_TBX" = "ON" ] ; then
- echo "QA results in $RESULTDIR" >>$NEWFILENAME || Exit "Error: can't write to $NEWFILENAME"
- fi
- Debug "About to cat $FILENAME >>$NEWFILENAME "
- cat $FILENAME >>$NEWFILENAME || Exit "Error: can't append $FILENAME to $NEWFILENAME"
- TMPFILES="$TMPFILES $FILENAME"
- FILENAME=$NEWFILENAME
- Debug "Writing output to $FILENAME"
- fi
-
-}
-
-################################### write_to_tmpfile ##########################
-# global shell function, for NT and cron operation, first a tmpfile
-# needs to be created
-########################################################################
-write_to_tmpfile()
-{
- O_CRONFILE=ON
- O_FILE=ON
- FILENAME=${TMP}/nsstmp.$$ # for now write to the temporary file
- # since we don't know the hostname yet
- # will be inserted to the real file later
- TMPFILES="$TMPFILES nsstmp.$$"
- touch $FILENAME || Exit "Error: can't touch $FILENAME"
- Debug "Writing output to $FILENAME"
-}
-
-############################# turn_on_cronoptions ######################
-# global shell function, turns on options needed for cron and tinderbox
-########################################################################
-turn_on_cronoptions()
-{
- O_CRON=ON
- O_SILENT=ON
- O_DEBUG=ON # FIXME take out!
- O_ALWAYS_YES=ON
- write_to_tmpfile
-}
-
-########################## test_mozroot ##########################
-# global shell function, determines if the variable LOCAL_MOZROOT is set,
-# and is usable as mozilla root diretory for a local QA
-###################################################################
-test_mozroot()
-{
- PWD=`pwd`
- Debug "LOCAL_MOZROOT = $LOCAL_MOZROOT"
- case "$LOCAL_MOZROOT" in
- [0-9-]*|tip)
- glob_usage "Error: -"$1" requires a directoryname to follow (start with a letter) "
- ;;
- \.\.)
- LOCAL_MOZROOT=`dirname $PWD`
- ;;
- \.)
- LOCAL_MOZROOT=$PWD
- ;;
- \.\/*)
- LOCAL_MOZROOT=`echo $LOCAL_MOZROOT | sed -e "s/^\.//"`
- LOCAL_MOZROOT="${PWD}${LOCAL_MOZROOT}"
- ;;
- \.\.\/*)
- LOCAL_MOZROOT="${PWD}/${LOCAL_MOZROOT}"
- ;;
- \/*|[a-zA-Z]:\/*)
- ;;
- ?*)
- LOCAL_MOZROOT="${PWD}/${LOCAL_MOZROOT}"
- ;;
- *)
- glob_usage "Error: -"$1" requires a directoryname to follow"
- ;;
- esac
- Debug "Reformated MOZROOT to $LOCAL_MOZROOT"
- if [ "$1" = "ln" ] ; then
- LOCAL_MOZROOT_PARENT=`dirname $LOCAL_MOZROOT`
- if [ ! -d $LOCAL_MOZROOT_PARENT -o ! -w $LOCAL_MOZROOT_PARENT -o \
- ! -x $LOCAL_MOZROOT_PARENT ] ; then
- Exit "Error: Can't create $LOCAL_MOZROOT (permissions)"
- fi
- if [ ! -d "$LOCAL_MOZROOT" ] ; then
- mkdir $LOCAL_MOZROOT ||
- Exit "Error: Can't create mozroot $LOCAL_MOZROOT (mkdir failed)"
- else
- ask "mozroot $LOCAL_MOZROOT exists - continue (y will remove dir) ?" \
- "y" "n" || Exit
- rm -rf $LOCAL_MOZROOT/dist $LOCAL_MOZROOT/security $LOCAL_MOZROOT/tests_results ||
- Exit "Error: Can't clean mozroot $LOCAL_MOZROOT"
- fi
- fi
- if [ ! -d "$LOCAL_MOZROOT" ] ; then
- glob_usage "Error: mozilla root $LOCAL_MOZROOT not a valid directory"
- fi
-}
-
-################################### eval_opts ##########################
-# global shell function, evapuates options and parameters, sets flags
-# variables and defaults
-########################################################################
-eval_opts()
-{
- while [ -n "$1" ]
- do
- case $1 in
- -cron)
- turn_on_cronoptions
- ;;
- -T*|-t*)
- O_TBX=ON
- turn_on_cronoptions
- O_SILENT=OFF #FIXME debug only
- ;;
- -S*|-s*)
- O_SILENT=ON
- ;;
- -Y*|-y)
- Debug "Option -y dedectet"
- O_ALWAYS_YES=ON
- ;;
- -d*|-D)
- O_DEBUG=ON
- #set -x
- ;;
- -ml|-ML)
- O_MAIL_LINK=ON
- shift
- MAILINGLIST=$1
- if [ -z "$MAILINGLIST" ]
- then
- glob_usage "Error: -m requires a mailinglist to follow, for example sonmi,wtc,nelsonb "
- fi
- Debug "Sending link to result to $MAILINGLIST"
- ;;
- -m|-M)
- O_MAIL=ON
- shift
- MAILINGLIST=$1
- if [ -z "$MAILINGLIST" ]
- then
- glob_usage "Error: -m requires a mailinglist to follow, for example sonmi,wtc,nelsonb "
- fi
- Debug "Sending result to $MAILINGLIST"
- ;;
- -fcron*|-F[Cc][Rr][Oo][Nn]*)
- write_to_tmpfile
- ;;
- -f|-F)
- O_FILE=ON
- shift
- FILENAME=$1
- if [ -z "$FILENAME" ]
- then
- glob_usage "Error: -f requires a filename to follow"
- fi
- #rm -f $FILENAME 2>/dev/null
- touch $FILENAME || Exit "Error: can't touch $FILENAME"
- #NOTE we append rather that creating
- Debug "Writing output to $FILENAME"
- ;;
- -h|-help|"-?")
- glob_usage
- ;;
- -ln)
- if [ `basename $0` != nssqa ] ; then
- glob_usage "Error: Can't handle option $1"
- fi
- O_LOCAL=ON
- O_LN=ON
- shift
- LOCAL_MOZROOT=$1
- test_mozroot ln
- ;;
- -lt)
- if [ `basename $0` != nssqa ] ; then
- glob_usage "Error: Can't handle option $1"
- fi
- O_LN=ON
- O_LOCAL=ON
- ;;
- -l)
- if [ `basename $0` != nssqa ] ; then
- glob_usage "Error: Can't handle option $1"
- fi
- O_LOCAL=ON
- shift
- LOCAL_MOZROOT=$1
- test_mozroot l
- ;;
- -p)
- shift
- PORT=$1
- export PORT
- ;;
- -*)
- glob_usage "Error: Can't handle option $1"
- ;;
- ?*)
- NSSVER=$1
- if [ -z "$NSSVER" ]
- then
- NSSVER="332"
- Debug "NSS Version: Parameters missing - defaulting to 332!"
- else
- BUILDDATE=$2
- if [ -z "$BUILDDATE" ]
- then
- BUILDDATE=`date +%m%d`
- Debug "Builddate: Parameters missing - defaulting to today!"
- else
- shift
- fi
- fi
- ;;
- esac
- shift
- done
-
- if [ -z "$PORT" -a "$O_TBX" = "ON" ] ; then
- PORT=8444
- export PORT
- fi
- if [ -z "$BUILDDATE" ]
- then
- BUILDDATE=`date +%m%d`
- Debug "Builddate: Parameters missing - defaulting to today!"
- fi
- if [ -z "$NSSVER" ]
- then
- NSSVER="332"
- Debug "NSS Version: Parameters missing - defaulting to 332!"
- fi
-
- Debug "Builddate $BUILDDATE NssVersion $NSSVER"
- export BUILDDATE NSSVER
- export O_CRON O_SILENT O_DEBUG O_ALWAYS_YES O_TBX
-}
-
-win_set_tmp()
-{
- TMP=`echo "$TMP" | sed -e 's/ /\/t/g' -e 's//\/b/' -e 's/\\\/\//g'`
- Debug "TMP reformated to $TMP"
-}
-
-######################### win_set_d1 ################################
-# global shell function, interactively finds the directories in case
-# windows can't get to the default
-########################################################################
-win_set_d1()
-{
- Debug "set Windows Directories..."
- #win_set_tmp
- if [ "$O_CYGNUS" = ON ]
- then
- NSS_VER_DIR=/cygdrive/w/nss/nss$NSSVER
- else
- NSS_VER_DIR=w:/nss/nss$NSSVER
- fi
- if [ ! -w $NSS_VER_DIR ]
- then
- Echo "Windows special... can't write in $NSS_VER_DIR"
- if [ "$O_CYGNUS" = ON ]
- then
- NSS_VER_DIR=/cygdrive/u/nss/nss$NSSVER
- else
- NSS_VER_DIR="u:/nss/nss$NSSVER"
- fi
- else
- Debug "NSS_VER_DIR set to $NSS_VER_DIR"
- return
- fi
-
- while [ ! -w $NSS_VER_DIR ]
- do
- if [ "$O_CRONFILE" = "ON" ]
- then
- Exit "cant write in $NSS_VER_DIR"
- fi
- Warning "cant write in $NSS_VER_DIR"
- Echo "input start directory (u:/nss, d:/src/nss, f:/shared/nss) "
- read D
- if [ -n "$D" ]
- then
- NSS_VER_DIR=$D/nss$NSSVER
- fi
- done
- Debug "NSS_VER_DIR set to $NSS_VER_DIR"
-}
-
-########################### init_host ##################################
-# global shell function, sets required variables HOST and DOMSUF, and asks
-# the user if it has been set right
-########################################################################
-set_host()
-{
- init_host
-}
-init_host()
-{
- if [ `basename $0` != nssqa ] ; then
- return
- fi
-
- init_host_done=0
-
- if [ $DS_WAS_SET = FALSE ] #give chance to overwrite, espec. for NT
- then
- Debug "Domainname was not set..."
- DOMSUF=`domainname 2>/dev/null`
- if [ -z "$DOMSUF" ]
- then
- Debug "domainname command did not work ..."
- DOMSUF=`echo $HOST | grep '\.' | sed -e "s/[^\.]*\.//"`
-
- if [ -z "$DOMSUF" ]
- then
- Debug "Domainname not part of the hostname"
- DOMSUF=`cat /etc/defaultdomain 2>/dev/null`
- if [ -z "$DOMSUF" ]
- then
- Debug "Domainname needs to be hardcoded to red.iplanet.com"
- DOMSUF="red.iplanet.com"
- fi
- fi
- fi
- fi
- case $HOST in
- *\.*)
- Debug "HOSTNAME $HOST contains Dot"
- HOST=`echo $HOST | sed -e "s/\..*//"`
- ;;
- esac
- if [ -z "$HOST" ]
- then
- HOST=`uname -n`
- case $HOST in
- *\.*)
- Debug "HOSTNAME $HOST contains Dot"
- HOST=`echo $HOST | sed -e "s/\..*//"`
- ;;
- esac
- fi
- if [ $O_DEBUG = "ON" ]
- then
- while [ $init_host_done -eq 0 ]
- do
- Echo
- ask "DOMSUF=$DOMSUF, HOST=$HOST - OK", "y" "n" &&
- init_host_done=1
- if [ $init_host_done -eq 0 ]
- then
- Echo "input DOMSUF: "
- read D
- if [ -n "$D" ]
- then
- DOMSUF=$D
- fi
- Echo "input HOST: "
- read H
- if [ -n "$H" ]
- then
- HOST=$H
- fi
- fi
- done
- fi
- export HOST DOMSUF
- Debug "HOST: $HOST, DOMSUF: $DOMSUF"
-}
-
-#-----------------------------# UTILS #----------------------------------
-
-########################### qa_stat_get_sysinfo ########################
-# local shell function, tries to determine the QA operating system
-########################################################################
-qa_stat_get_sysinfo()
-{
- case $1 in
- ?*) REM_SYS=$1
- GET_SYSINFO="rsh $1"
- ;;
- *) REM_SYS=""
- GET_SYSINFO=""
- ;;
- esac
- QA_SYS=`$GET_SYSINFO uname -sr`
- echo $QA_SYS | grep Linux >/dev/null &&
- QA_RHVER=`$GET_SYSINFO cat /etc/redhat-release`
- if [ -n "$QA_RHVER" ]
- then
- QA_OS=`echo $REM_SYS $QA_RHVER | sed -e "s/Red Hat /RH /" \
- -e "s/ release//"`
- else
- case $QA_SYS in
- *SunOS*5.[89]*)
- ISAINFO=`$GET_SYSINFO isainfo -v`
- IS_64=`echo $ISAINFO | grep 64 >/dev/null && \
- echo 64 bit`
- IS_I386=`echo $ISAINFO | grep i386 >/dev/null && \
- echo i86pc`
- if [ -n "$IS_I386" ] ; then IS_64="$IS_I386"; fi;
- if [ -z "$IS_64" ] ; then IS_64="32 bit"; fi;
- ;;
- *HP*)
- IS_64=`$GET_SYSINFO getconf KERNEL_BITS |
- grep 64 >/dev/null && echo 64 bit`
- if [ -z "$IS_64" ] ; then IS_64="32 bit"; fi;
- ;;
- *AIX*)
- IS_64=`$GET_SYSINFO lslpp -l |
- grep "bos.64bit"> /dev/null && echo 64 bit`
- if [ -z "$IS_64" ] ; then IS_64="32 bit"; fi;
- ;;
- esac
- QA_OS=`echo "$REM_SYS $QA_SYS $IS_64"`
- fi
- if [ "$O_SILENT" != ON ] ; then
- echo $QA_OS
- fi
- QA_OS_STRING=`echo $QA_OS | sed -e "s/^[_ ]//" -e "s/ /_/g"`
-}
-
-################################### set_objdir #########################
-# global shell function, sets the object directories and DIST
-########################################################################
-set_objdir()
-{
- Debug "set object dir"
- OBJDIR=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name`
- OS_ARCH=`cd ${TESTSCRIPTDIR}/common; gmake os_arch`
-
- #at this point $MASTERBUILD needs to be either NT or unix
-
- set_daily_build_dirs
- LOCALDIST_BIN=${LOCALDIST}/${OBJDIR}/bin
- DIST=$LOCALDIST
-
- if [ -z "${TEST_LEVEL}" ] ; then
- TEST_LEVEL=0
- fi
- bc ${TEST_LEVEL} #set the path for the backward compatibility test
-
- PATH_CONTAINS_BIN="TRUE"
- export PATH_CONTAINS_BIN
-
- export OBJDIR OS_ARCH LOCALDIST LOCALDIST_BIN DIST PATH
-}
-
-########################### bc #########################################
-# global shell function , sets paths for the backward compatibility test
-########################################################################
-bc()
-{
- if [ -n "$PRODUCT_TO_TEST" -a "$PRODUCT_TO_TEST" = "JSS" ] ; then
- TESTDIR=${RESULTDIR}
- BC_ACTION=""
- DON_T_SET_PATHS="FALSE" #let init.sh override - FIXME - check if necessary
- return
- fi
- DON_T_SET_PATHS="TRUE"
- case $1 in
- 0)
- #unset TESTDIR
- TESTDIR=${RESULTDIR}
- if [ "$O_WIN" = "ON" -a "$O_CYGNUS" != ON ] ; then
- PATH="$TESTSCRIPTDIR;$LOCALDIST_BIN;$BASEPATH"
- else
- PATH=$TESTSCRIPTDIR:$LOCALDIST_BIN:$BASEPATH
- fi
- BC_ACTION=""
- DON_T_SET_PATHS="FALSE" #let init.sh override - FIXME - check if necessary
- ;;
- *)
- if [ "$O_LOCAL" = "ON" ] ; then
- Exit "FIXME Can't run backwardcompatibility tests locally yet"
- fi
- TESTSCRIPTDIR=${BCDIST}/../security/nss/tests
- COMMON=${TESTSCRIPTDIR}/common
- TESTDIR=${RESULTDIR}/bct
- BC_ACTION="backward compatibility of binaries in $BC_MASTER to new libs"
- BCDIST_BIN=${BCDIST}/${OBJDIR}/bin
- LD_LIBRARY_PATH=${LOCALDIST}/${OBJDIR}/lib
- if [ "$O_WIN" = "ON" ] ; then
- if [ "$O_CYGNUS" = ON ] ; then
- PATH=$TESTSCRIPTDIR:$BCDIST_BIN:$BASEPATH:$LD_LIBRARY_PATH
- else
- PATH="$TESTSCRIPTDIR;$BCDIST_BIN;$BASEPATH;$LD_LIBRARY_PATH"
- fi
- else
- PATH=$TESTSCRIPTDIR:$BCDIST_BIN:$BASEPATH
- fi
- Debug "1st stage of backward compatibility test"
- ;;
- esac
- if [ -n "$TESTDIR" ] ; then
- if [ ! -d $TESTDIR ] ; then
- mkdir -p $TESTDIR
- fi
- export TESTDIR
- fi
- SHLIB_PATH=${LD_LIBRARY_PATH}
- LIBPATH=${LD_LIBRARY_PATH}
- Debug "PATH $PATH"
- Debug "LD_LIBRARY_PATH $LD_LIBRARY_PATH"
- export PATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH
- export DON_T_SET_PATHS BC_ACTION
- export TESTSCRIPTDIR COMMON
-}
-
-########################### Ps #########################################
-# global shell function , attempts a platform specific ps
-########################################################################
-Ps()
-{
-#AIX, OSF ps -ef, solaris /usr/5bin/ps -ef, win ps -ef but no user id
-#linux ps -ef, HP
-
- if [ $os_name = "SunOS" ]
- then
- /usr/5bin/ps -ef
- else
- ps -ef
- fi
-}
-
-########################### kill_by_name ################################
-# global shell function , kills the process whose name is given as
-# parameter
-########################################################################
-kill_by_name()
-{
- for PID in `Ps | grep "$1" | grep -v grep | \
- sed -e "s/^ *//g" -e "s/^[^ ]* //" -e "s/^ *//g" -e "s/ .*//g"`
- do
- if [ $O_WIN = "ON" -a $O_CYGNUS = "ON" ]
- then
- ask "Do you want to kill Process $PID (`Ps | grep $PID | \
- grep -v grep | awk '{ print $1, $2, $6, $7, $8, $9 }' | \
- sed -e "s/[0-9]:[0-6][0-9]//g" | grep $PID `)" \
- "y" "n" && {
- kill $PID
- sleep 1
- kill -9 $PID 2>/dev/null
- }
- else
- ask "Do you want to kill Process $PID (`Ps | grep $PID | \
- grep -v grep | awk '{ print $1, $2, $8, $9, $10, $11 }' | \
- sed -e "s/[0-9]:[0-6][0-9]//g" | grep $PID `)" \
- "y" "n" && {
- kill $PID
- sleep 1
- kill -9 $PID 2>/dev/null
- }
- fi
- done
-}
-
-############################### early_exit ###################################
-# global shell function , attempts a little more usefull user notification
-# of a complete failure
-########################################################################
-
-early_exit()
-{
- if [ -z "$DOCDIR" ]
- then
- DOCDIR=`dirname $0`/../doc
- fi
- if [ -f $DOCDIR/QAerror.html ]
- then
- Debug "Found QA errorheader"
- rm ${FILENAME}.err 2>/dev/null
- cp $DOCDIR/QAerror.html ${FILENAME}.err
- echo "$1" >>${FILENAME}.err
- echo '</font></b></h1>' >>${FILENAME}.err
- if [ -n "$FILENAME" -a -f "$FILENAME" ]
- then
- cat $FILENAME | sed -e "s/^/<br>/" >>${FILENAME}.err
- fi
- echo '</body></html>' >>${FILENAME}.err
- cat ${FILENAME}.err | $RMAIL $MAILINGLIST
-
- rm ${FILENAME}.err 2>/dev/null
- #echo "cat ${FILENAME}.err | $RMAIL $MAILINGLIST "
- fi
-}
-
-############################### Exit ###################################
-# global shell function , central exiting point
-# cleanup: temporary files, kill the remaining selfservers if sourcing
-# script sets KILL_SELFSERV
-########################################################################
-Exit()
-{
- Echo $1
- if [ "$O_CRON" = "OFF" ]
- then
- echo $1 >&2
- fi
- if [ -f "${KILLPIDS}" ]
- then
- Debug "Attempting to kill background processes...`cat ${KILLPIDS}`"
- kill `cat "${KILLPIDS}"`
- sleep 1
- kill -9 `cat "${KILLPIDS}"`
- fi
- if [ -n "${TMPFILES}" ]
- then
- Debug "rm -f ${TMPFILES}"
- rm -f $TMPFILES 2>/dev/null
- fi
- O_ALWAYS_YES=ON # set to non-interactive - don't ask anymore questions here
- if [ $KILL_SELFSERV = "ON" ]
- then
- kill_by_name selfserv
- fi
- if [ $O_MAIL_LINK = "ON" -a $O_FILE = "ON" ]
- then
- if [ $EARLY_EXIT = TRUE ] #before the report file has been created
- then
- early_exit "$1"
- else
- head -3 $FILENAME >$ML_FILE
- echo "Content-Type: text/plain; charset=us-ascii; format=flowed
- Content-Transfer-Encoding: 7bit
-
-" >>$ML_FILE
- echo $HREF_TMP_HTML_FILE >>$ML_FILE
- cat $ML_FILE | $RMAIL $MAILINGLIST
- fi
-
-#FIXME - early exit etc
- elif [ $O_MAIL = "ON" -a $O_FILE = "ON" ]
- then
- if [ $EARLY_EXIT = TRUE ] #before the report file has been created
- then
- early_exit "$1"
- elif [ -n "$FILENAME" -a -f "$FILENAME" ]
- then
- cat $FILENAME | $RMAIL $MAILINGLIST
- fi
- #rm $FILENAME 2>/dev/null
- elif [ $O_MAIL = "ON" -a $EARLY_EXIT = TRUE ]
- then
- early_exit "$1"
- rm $FILENAME 2>/dev/null
- fi
- #chmod a+rw ${RESULTDIR} ${RESULTDIR}/* ${RESULTDIR}/*/* &
- if [ -n "$O_TBX" -a "$O_TBX" = "ON" ] ; then
- exit $TBX_EXIT
- else
- exit
- fi
-}
-
-trap "rm -f ${TMPFILES} 2>/dev/null; Exit 'killed... cleaning up...'" 2 3 15
-
-################################ Wait ##################################
-# global shell function to wait for an event to happen, 1st parameter
-# filename to watch, 2nd parameter 0 - wait for it to disappear, 1 wait
-# for it to be created.
-# uses the variables WAIT_FOR and WAIT_TIMES
-# WAIT_FOR: if waiting for an event sleep n seconds before rechecking
-# recomended value 10 minutes 600
-# WAIT_TIMES: recheck n times before giving up to prevent endless loop
-# recomended 30 - total of 5h
-########################################################################
-
-Wait()
-{
- i=0
- Debug "Waiting for $1"
- while [ $i -lt $WAIT_TIMES ]
- do
- i=`expr $i + 1`
- if [ -f "$1" -a $2 -eq 1 ] # if file exists and is supposed to
- then
- return
- fi
- if [ ! -f "$1" -a $2 -eq 0 ] # not exists and not supposed to exist
- then
- return
- fi
- Debug "Waiting for $1, loop #$i, about to sleep $WAIT_FOR seconds zzzz..."
- sleep $WAIT_FOR
- done
- TOTAL=`expr $WAIT_TIMES \* $WAIT_FOR / 60`
- Exit "I HAVE WAITED LONG ENOUGH FOR $1 NOW, I'M GONE! (THAT WAS A TOTAL OF $TOTAL MINUTES) I have better things to do... "
-}
-
-################################ WaitForever ##################################
-# global shell function to wait for an event to happen, 1st parameter
-# filename to watch, 2nd parameter 0 - wait for it to disappear, 1 wait
-# for it to be created.
-# because we daon't have any relyable cron on NT...
-########################################################################
-
-WaitForever()
-{
- i=0
- Debug "Waiting for $1"
- TOTAL=0
- while [ 1 ]
- do
- i=`expr $i + 1`
- if [ -f "$1" -a $2 -eq 1 ] # if file exists and is supposed to
- then
- return
- fi
- if [ ! -f "$1" -a $2 -eq 0 ] # not exists and not supposed to exist
- then
- return
- fi
- Debug "Waiting for $1, loop #$i, about to sleep $WAIT_FOR seconds Total $TOTAL"
- sleep $WAIT_FOR
- TOTAL=`expr $i \* $WAIT_FOR / 60`
- if [ -n "$MAX_FOREVER" ] # we are cheating. Forever can be very short...
- then
- if [ "$TOTAL" -gt "$MAX_FOREVER" ]
- then
- Exit "I HAVE WAITED LONG ENOUGH FOR $1 NOW, I'M GONE! (THAT WAS A TOTAL OF $TOTAL MINUTES) I have better things to do... "
- fi
- fi
- done
-}
-################################### is_running #########################
-# global shell function , implements primitive locking mechanism
-# filename is passed as a parameter, if filename.* exists we assume calling
-# script is running already and exit, otherwise filename.processid is
-# created
-########################################################################
-is_running()
-{
- Debug "Testing if $0 is already running... file ${1} - ${1}.$$"
- if [ -f ${1}.* ]
- then
- Exit "$0 seems to be running already ($1 exists) - Exiting"
- fi
- TMPFILES="$TMPFILES ${1}.$$"
- echo "running $0 on `date` PID $$" >${1}.$$
- Debug "wrote \"running $0 on `date` PID $$\" to ${1}.$$"
-
-}
-
-#---------------------------# USERCOM #---------------------------------
-############################## Echo #####################################
-# global shell function , depending on the options the output gets written
-# to a file, or is being discarded
-# FIXME \n and \c are mistreates by differnet shells, and linux has /bin/echo
-# instead of /usr/bin/echo
-########################################################################
-Echo ()
-{
- if [ $O_SILENT = OFF ]
- then
- echo "$*"
- #/usr/bin/echo "$*"
- fi
- if [ $O_FILE = ON ]
- then
- echo "$*" >>$FILENAME
- fi
-}
-
-################################### ask ################################
-# global shell function, Asks the a question, and gives the returns 0
-# on the 1st choice, 1 on the 2nd choice
-#
-# PARAMETERS:
-# $1 question text
-# $2 1st choice
-# $3 2nd choice
-#
-# MODIFIERS:
-# -y O_ALWAYS_YES will assume a first choice always (not neccessaryly "y")
-#
-# RETURN:
-# 0 - User picked 1st choice
-# 1 - User picked 2nd choice
-#
-# EXAMPLE
-# ask "Would you like to continue" "y" "n" || Exit
-# will produce the string "Would you like to continue (y/n) ?",
-# read input from keyboard (or assume a yes with option -y)
-# - on a yes it will return 0, on a no it will return 1, the
-# shell interprets it as error and the || Exit will be executed
-#
-# NOTE: NEVER use "n" as the second parameter - it will mess up -y
-# don't ask "Continue" "n" "y" || Exit # it will Exit on a "y"
-#
-########################################################################
-Ask()
-{
- ask $*
-}
-
-ask()
-{
- if [ $O_ALWAYS_YES = ON ]
- then
- Echo "$1 ($2/$3) ?"
- Echo "YES!"
- return 0
- fi
- A=""
- while [ 1 ]
- do
-
- Echo "$1 ($2/$3) ?"
- read A
- if [ -n "$A" ]
- then
- if [ $A = $2 ]
- then
- return 0
- elif [ $A = $3 ]
- then
- return 1
- fi
- fi
- done
- return 0
-}
-
-################################### Warning ############################
-# global shell function, Asks the user a "... continue? (y/n)" question,
-# and exits when the user answers with no
-# NOTE -y will answer the warnings always with yes
-########################################################################
-Warning ()
-{
- ask "WARNING: $0: \n $* continue " "y" "n" || Exit
-}
-
-################################### Debug ############################
-# global shell function, when option -d Debugging output is written
-########################################################################
-Debug()
-{
- if [ $O_DEBUG = ON ]
- then
- Echo "DEBUG: (`date +%H:%M`) $0: $*"
- fi
-}
-
-################################### line ###############################
-# global shell function, supposed to make output more readable...
-########################################################################
-line()
-{
-Echo
-#Echo "======================================================================="
-#Echo
-}
-
-################################### opt_usage ##########################
-# global shell function, tells user about available options
-########################################################################
-opt_usage()
-{
- if [ $O_OPTIONS = "ON" ]
- then
- Echo
- line
- Echo
- Echo " -y answer all questions with y - use at your own risk..."
- Echo " -s silent (only usefull with -y)"
- Echo " -h, -? - you guessed right - displays this text"
- Echo " -d debug"
- Echo " -f <filename> - write the (error)output to filename"
- Echo " -fcronfile produces the resultfiles in the same locations"
- Echo " as would have been produced with -cron"
- Echo " -m <mailinglist> - send filename to mailinglist (csl "
- Echo " example sonmi,nelsonb,wtc) only useful with -f"
- Echo " -ml <mailinglist> - send link to filename to mailinglist "
- Echo " (csl example sonmi,nelsonb,wtc) only useful with -f"
- Echo " -cron equivalient to -y -s -d -f \$RESULTDIR/\$HOST.nssqa"
- Echo " -t run on a tinderbox build (included -cron)"
- if [ `basename $0` = nssqa ] ; then
- Echo " -l <mozroot> run on a local build"
- Echo " -ln <mozroot> copy a networkbuild to a local directory "
- Echo " mozroot, used for networkindipendend QA "
- Echo " -lt try to copy a networkbuild to a local directory, if"
- Echo " not possible run on the network
- Echo " used for networkindipendend QA
- fi
-#
-# special strings
- fi
-
-}
-
-################################### glob_usage #########################
-# global shell function, how to use the calling script (parameters, options)
-########################################################################
-glob_usage()
-{
- line
- Echo $1
- Echo
- if [ $O_OPTIONS = "ON" ]
- then
- Echo "usage $0 [options] nssversion builddate"
- else
- Echo "usage $0 nssversion builddate"
- fi
-
- Echo " for example: $0 30b 0926"
- Echo " $0 31 1002"
- opt_usage
- Echo
- Exit "$1"
-}
-
-tell()
-{
- if [ $O_SILENT = OFF ]
- then
- line
- pwd
- ls -CF
- line
- fi
- if [ $O_FILE = ON ]
- then
- line
- pwd >>$FILENAME
- ls -CF >>$FILENAME
- line
- fi
-}
-
-if [ $O_INIT = "ON" ]
-then
- glob_init $*
-fi
-EARLY_EXIT=FALSE
diff --git a/security/nss/tests/jss_dll_version.sh b/security/nss/tests/jss_dll_version.sh
deleted file mode 100755
index cb29c4a1a..000000000
--- a/security/nss/tests/jss_dll_version.sh
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/bin/sh
-
-# version controll for DLLs
-# ToDo: make version parameter or find version from first occurance of 3.x
-# make the 3 a variable..., include the header
-
-for w in `find . -name "libjss3.s[ol]"`
-do
- NOWHAT=FALSE
- NOIDENT=FALSE
- echo $w
- what $w | grep JSS || NOWHAT=TRUE
- ident $w | grep JSS || NOIDENT=TRUE
- if [ $NOWHAT = TRUE ]
- then
- echo "ERROR what $w does not contain JSS"
- fi
- if [ $NOIDENT = TRUE ]
- then
- echo "ERROR ident $w does not contain JSS"
- fi
-done
diff --git a/security/nss/tests/jssdir b/security/nss/tests/jssdir
deleted file mode 100755
index 6c9fd355e..000000000
--- a/security/nss/tests/jssdir
+++ /dev/null
@@ -1,28 +0,0 @@
-if ( "$2" == "" ) then
- setenv BUILDDATE `date +%m%d`
-else
- setenv BUILDDATE $2
-endif
-
-if ( "$1" == "" ) then
- setenv JSSVER tip
-else
- setenv JSSVER $1
-endif
-
-if ( ! ${?QAYEAR} ) then
- setenv QAYEAR `date +%Y`
-else if ( "$QAYEAR" == "" ) then
- setenv QAYEAR `date +%Y`
-
-endif
-
-setenv JSS_VER_DIR /share/builds/mccrel/jss/jss$JSSVER
-setenv NTDIST ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/blowfish_NT4.0_Win95/mozilla/dist
-setenv UXDIST ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/dist
-setenv TESTSCRIPTDIR ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/security/jss/tests
-setenv RESULTDIR ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/tests_results/security
-
-cd ${JSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8
-pwd
-ls
diff --git a/security/nss/tests/jssqa b/security/nss/tests/jssqa
deleted file mode 100755
index 79566a2f9..000000000
--- a/security/nss/tests/jssqa
+++ /dev/null
@@ -1,216 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/jssqa
-#
-# this script is supposed to automatically run - now a sanity test, later QA for
-# JSS on all required Unix and Windows (NT and 2000) platforms
-#
-# parameters
-# ----------
-# jssversion (supported: 31, tip)
-# builddate (default - today)
-#
-# options
-# -------
-# -y answer all questions with y - use at your own risk...ignores warnings
-# -s silent (only usefull with -y)
-# -h, -? - you guessed right - displays this text
-# -d debug
-# -f <filename> - write the (error)output to filename
-# -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.nssqa
-#
-########################################################################
-
-O_OPTIONS=ON # accept options (see above for listing)
-WIN_WAIT_FOREVER=OFF # don't wait for the NSS testdir
-PRODUCT_TO_TEST="JSS"
-JSS_NSPR_DIR="/share/builds/components/nspr20/v4.1.2"
-JSS_NSS_DIR="/share/builds/components/nss/NSS_3_3_1_RTM"
-JSS_NSS_UX_SRC_DIR="nss331/builds/20010928.2.331-RTM/booboo_Solaris8"
-JSS_NSS_NT_SRC_DIR="nss331/builds/20010928.2.331-RTM/blowfish_NT4.0_Win95"
-JSS_NSS_SRC_DIR=$JSS_NSS_UX_SRC_DIR
-NATIVE_FLAG=""
-
-. `dirname $0`/header # utilities, shellfunctions etc, global to NSS and JSS QA
-
-if [ -z "$O_TBX" -o "$O_TBX" != "ON" ] ; then
- is_running ${TMP}/jssqa
- # checks if the file exists, if yes Exits, if not
- # creates to implement a primitive locking mechanism
-fi
-
-INTERNAL_TOKEN="NSS Certificate DB"
-SIGTEST_INTERNAL_TOKEN="Internal Key Storage Token"
-
-################################ jss_init #########################
-#
-# Most of the procedure is setting up the test environment.
-# set all necessary dir and file variables, set all paths, copy the shared libs
-# Put all the shared libraries into a lib directory, <libdir>.
-# including the libjss3.so that was built by the build process.
-# set LD_LIBRARY PATH and CLASSPATH
-# The xpclass.jar produced by the JSS build needs to be in the classpath.
-# The classpath must also include the current directory so we can run our test
-# programs.
-################################################################################
-
-jss_init()
-{
- Debug "Jss init"
- #correct all directories that the header has set...
- NTDIST=`echo $NTDIST | sed -e 's/nss/jss/g'`
- UXDIST=`echo $UXDIST | sed -e 's/nss/jss/g'`
- RESULTDIR=`echo $RESULTDIR | sed -e 's/nss/jss/g'`
- mkdir -p ${RESULTDIR} 2>/dev/null
- JSS_LOGFILE=${RESULTDIR}/${HOST}.txt
- FILENAME=$JSS_LOGFILE
- O_FILE=ON
-
- MOZILLA_ROOT=`echo $MOZILLA_ROOT | sed -e 's/nss/jss/g'`
-
- JSS_SAMPLES="$MOZILLA_ROOT/security/jss/samples"
- JSS_CLASSPATH=`echo $MOZILLA_ROOT |
- sed -e "s/jss$NSSVER.builds/jss$NSSVER\/ships/g" -e "s/mozilla/jss\/${QAYEAR}${BUILDDATE}/"`
- Debug "JSS_CLASSPATH=$JSS_CLASSPATH"
- Debug "JSS_SAMPLES=$JSS_SAMPLES"
-
- if [ ! -d $JSS_SAMPLES ] ; then
- if [ "$O_WIN" = "ON" -a "$WIN_WAIT_FOREVER" = "ON" ]
- then
- WaitForever $JSS_SAMPLES/TestKeyGen.java 1
- else
- Exit "Test directory $JSS_SAMPLES does not exist"
- fi
- fi
-
- PWFILE="$JSS_SAMPLES/passwd"
- EMPTYFILE="$JSS_SAMPLES/emptyfile"
- rm $PWFILE $EMPTYFILE 2>/dev/null
- echo "jss" >$PWFILE
- echo "" >$EMPTYFILE
- echo "" >>$EMPTYFILE
- echo "" >>$EMPTYFILE
-
- INIT_PATH=$PATH
- INIT_LD_LIBRARY_PATH=$LD_LIBRARY_PATH
-}
-
-
-jss_mode_init()
-{
- OBJDIR=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name`
-
- LOCALDIST_BIN=`echo $LOCALDIST_BIN | sed -e 's/nss/jss/g'`
- LOCALDIST_LIB=$LOCALDIST_BIN/../lib
- debug_dirs
-
- #make testdir/libdir
-
- JSS_LIBDIR=${RESULTDIR}/${HOST}.libdir/${OBJDIR}
- mkdir -p ${JSS_LIBDIR} 2>/dev/null
- Debug "JSS_LIBDIR=$JSS_LIBDIR"
-
- #Put all the shared libraries into a lib directory
- Debug "copy all needed libs to ${JSS_LIBDIR}"
- cp $JSS_NSPR_DIR/${OBJDIR}/lib/* ${JSS_LIBDIR}
- cp $JSS_NSS_DIR/${OBJDIR}/lib/* ${JSS_LIBDIR}
- cp $LOCALDIST_LIB/libjss3.* ${JSS_LIBDIR}
- #FIXME uncomment above
-
- if [ $O_DEBUG = ON ] ; then
- Debug "ls $JSS_LIBDIR"
- ls $JSS_LIBDIR
- fi
-
- #LD_LIBRARY_PATH=$INIT_LD_LIBRARY_PATH:${JSS_LIBDIR}
- LD_LIBRARY_PATH=${JSS_LIBDIR} #remove to avoid HP coredump
- CLASSPATH="$JSS_CLASSPATH/xpclass.jar:."
-
- SHLIB_PATH=${LD_LIBRARY_PATH}
- LIBPATH=${LD_LIBRARY_PATH}
-
- PATH=$JSS_NSPR_DIR/${OBJDIR}/bin:$JSS_NSS_DIR/${OBJDIR}//bin:$INIT_PATH
- Debug "PATH $PATH"
- Debug "LD_LIBRARY_PATH $LD_LIBRARY_PATH"
- Debug "CLASSPATH=$CLASSPATH"
-
- export CLASSPATH LD_LIBRARY_PATH SHLIB_PATH LIBPATH
- export TESTSCRIPTDIR COMMON
- export_dirs
-}
-
-
-################################ jss_test #########################
-#
-# go into the build tree. cd to mozilla/security/jss/samples.
-# Create NSS directories in this directory with modutil and set the password
-#
-#6. Create an alias for the "java" and "javac" commands. You'll need to set
-#it to whatever version of the JDK you used to build on this platform. For
-#example,
- #alias java /share/builds/components/cms_jdk/AIX/1.3.0/jre/bin/java
- #alias javac /share/builds/components/cms_jdk/AIX/1.3.0/bin/javac
-# instead $JAVA and $JAVAC
-# 7. Compile the tests.
-#####################################################################
-jss_test()
-{
- O_FILE=OFF
- Debug "JSS main test"
- #set -x
- cd $JSS_SAMPLES
-
- Debug "Cleaning $JSS_SAMPLES"
- rm cert7.db key3.db 2>/dev/null
-
- Debug "echo | modutil -dbdir . -create -force"
- echo | modutil -dbdir . -create -force
- Debug "modutil returned $?"
-
- modutil -dbdir . -list
-
- Debug "echo | modutil -dbdir . -changepw \"$INTERNAL_TOKEN\" -newpwfile $PWFILE -force"
- modutil -dbdir . -changepw "$INTERNAL_TOKEN" -newpwfile $PWFILE -force <$EMPTYFILE
- #modutil -dbdir . -changepw "$INTERNAL_TOKEN" -pwfile $PWFILE -newpwfile $PWFILE <$EMPTYFILE
- Debug "modutil returned $?"
-
- Debug "$JAVAC TestKeyGen.java"
- $JAVAC TestKeyGen.java
- Debug "$JAVAC TestKeyGen.java returned $?"
-
- Debug "$JAVAC SigTest.java"
- $JAVAC SigTest.java
- Debug "$JAVAC SigTest.java returned $?"
-
- echo "Starting new jss test on $HOST"
- date
-
- # Run the actual tests
-
- Debug "$JAVA $NATIVE_FLAG TestKeyGen ."
- $JAVA $NATIVE_FLAG TestKeyGen .
- Debug "$JAVA TestKeyGen returned $?"
-
- Debug "$JAVA $NATIVE_FLAG SigTest . \"$SIGTEST_INTERNAL_TOKEN\""
- $JAVA $NATIVE_FLAG SigTest . "$SIGTEST_INTERNAL_TOKEN"
- Debug "$JAVA SigTest returned $?"
-
- O_FILE=ON
-}
-
-jss_init
-jss_mode_init
-if [ -z "O_CRON" -o "$O_CRON" != "ON" -a "$O_WIN" != "ON" ]
-then
- tail -f ${JSS_LOGFILE} &
- TAILPID=$!
-fi
-
-jss_test >>$JSS_LOGFILE 2>&1
-BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
-jss_mode_init
-jss_test >>$JSS_LOGFILE 2>&1
-kill $TAILPID
-Exit "jssqa completed. Done `uname -n` $QA_OS_STRING"
diff --git a/security/nss/tests/mksymlinks b/security/nss/tests/mksymlinks
deleted file mode 100755
index d4551b8bc..000000000
--- a/security/nss/tests/mksymlinks
+++ /dev/null
@@ -1,106 +0,0 @@
-#! /bin/sh
-
-O_OPTIONS=OFF
-. `dirname $0`/header
-
-if [ $O_DEBUG = ON ] ; then
- Debug "NTDIST $NTDIST"
- Debug "UXDIST $UXDIST"
- Debug "TESTSCRIPTDIR $TESTSCRIPTDIR"
-fi
-
-if [ -d "$NSS_VER_DIR" ] ; then
- cd $NSS_VER_DIR
-else
- glob_usage "cant cd to $NSS_VER_DIR Exiting"
-fi
-
-if [ -d "$NTDIST" ] ; then
- cd $NTDIST
- if [ ! -h WINNT5.0_DBG.OBJ -a ! -d WINNT5.0_DBG.OBJ ] ; then
- ln -s WINNT4.0_DBG.OBJ WINNT5.0_DBG.OBJ
- fi
- if [ ! -h WINNT5.0_DBG.OBJD -a ! -d WINNT5.0_DBG.OBJD ] ; then
- ln -s WINNT4.0_DBG.OBJD WINNT5.0_DBG.OBJD
- fi
- if [ ! -h WINNT5.0_OPT.OBJ -a ! -d WINNT5.0_OPT.OBJ ] ; then
- ln -s WINNT4.0_OPT.OBJ WINNT5.0_OPT.OBJ
- fi
-
- if [ $O_DEBUG = ON ] ; then
- tell
- fi
-else
- if [ $O_DEBUG = ON ] ; then
- Debug "WARNING!!! cant cd to $NTDIST "
- fi
-fi
-
-if [ -d "$UXDIST" ]
-then
- cd $UXDIST
-else
- glob_usage "Error!!! cant cd to $UXDIST "
-fi
-
-ErrorFlag=0
-
-if [ ! -h OSF1V5.1_DBG.OBJ -a ! -d OSF1V5.1_DBG.OBJ ] ; then
- ln -s OSF1V4.0D_DBG.OBJ OSF1V5.1_DBG.OBJ || ErrorFlag=1
-fi
-if [ ! -h OSF1V5.1_OPT.OBJ -a ! -d OSF1V5.1_OPT.OBJ ] ; then
- ln -s OSF1V4.0D_OPT.OBJ OSF1V5.1_OPT.OBJ || ErrorFlag=1
-fi
-if [ ! -h OSF1V5.0_DBG.OBJ -a ! -d OSF1V5.0_DBG.OBJ ] ; then
- ln -s OSF1V4.0D_DBG.OBJ OSF1V5.0_DBG.OBJ || ErrorFlag=1
-fi
-if [ ! -h OSF1V5.0_OPT.OBJ -a ! -d OSF1V5.0_OPT.OBJ ] ; then
- ln -s OSF1V4.0D_OPT.OBJ OSF1V5.0_OPT.OBJ || ErrorFlag=1
-fi
-if [ ! -h SunOS5.9_64_DBG.OBJ -a ! -d SunOS5.9_64_DBG.OBJ ] ; then
- ln -s SunOS5.8_64_DBG.OBJ SunOS5.9_64_DBG.OBJ || ErrorFlag=1
-fi
-if [ ! -h SunOS5.9_64_OPT.OBJ -a ! -d SunOS5.9_64_OPT.OBJ ] ; then
- ln -s SunOS5.8_64_OPT.OBJ SunOS5.9_64_OPT.OBJ || ErrorFlag=1
-fi
-if [ ! -h SunOS5.9_DBG.OBJ -a ! -d SunOS5.9_DBG.OBJ ] ; then
- ln -s SunOS5.8_DBG.OBJ SunOS5.9_DBG.OBJ || ErrorFlag=1
-fi
-if [ ! -h SunOS5.9_OPT.OBJ -a ! -d SunOS5.9_OPT.OBJ ] ; then
- ln -s SunOS5.8_OPT.OBJ SunOS5.9_OPT.OBJ || ErrorFlag=1
-fi
-#sonmi - still leaving the section in there so 3.3 and 3.2 will not break
-#since 5.8 is the masterbuild it should never be executed
-#additionally: only creat link if the slave build is present, but
-#master is not
-if [ ! -h SunOS5.8_DBG.OBJ -a ! -d SunOS5.8_DBG.OBJ ] ; then
- if [ -d SunOS5.6_DBG.OBJ ] ; then
- ln -s SunOS5.6_DBG.OBJ SunOS5.8_DBG.OBJ || ErrorFlag=1
- fi
-fi
-if [ ! -h SunOS5.8_OPT.OBJ -a ! -d SunOS5.8_OPT.OBJ ] ; then
- if [ -d SunOS5.6_OPT.OBJ ] ; then
- ln -s SunOS5.6_OPT.OBJ SunOS5.8_OPT.OBJ || ErrorFlag=1
- fi
-fi
-#if [ ! -h Linux2.4_x86_glibc_PTH_DBG.OBJ -a ! -d Linux2.4_x86_glibc_PTH_DBG.OBJ]
-#then
- #ln -s Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.4_x86_glibc_PTH_DBG.OBJ || ErrorFlag=1
-#fi
-#if [ ! -h Linux2.4_x86_glibc_PTH_OPT.OBJ -a ! -d Linux2.4_x86_glibc_PTH_OPT.OBJ]
-#then
- #ln -s Linux2.2_x86_glibc_PTH_OPT.OBJ Linux2.4_x86_glibc_PTH_OPT.OBJ || ErrorFlag=1
-#fi
-
-if [ ! -h SunOS5.9_i86pc_DBG.OBJ -a ! -d SunOS5.9_i86pc_DBG.OBJ ] ; then
- ln -s SunOS5.8_i86pc_DBG.OBJ SunOS5.9_i86pc_DBG.OBJ || ErrorFlag=1
-fi
-if [ ! -h SunOS5.9_i86pc_OPT.OBJ -a ! -d SunOS5.9_i86pc_OPT.OBJ ] ; then
- ln -s SunOS5.8_i86pc_OPT.OBJ SunOS5.9_i86pc_OPT.OBJ || ErrorFlag=1
-fi
-
-if [ $O_DEBUG = ON ] ; then
- tell
-fi
-
-exit $ErrorFlag #no cleanup here, no tempfiles
diff --git a/security/nss/tests/nssdir b/security/nss/tests/nssdir
deleted file mode 100755
index 296872217..000000000
--- a/security/nss/tests/nssdir
+++ /dev/null
@@ -1,28 +0,0 @@
-if ( "$2" == "" ) then
- setenv BUILDDATE `date +%m%d`
-else
- setenv BUILDDATE $2
-endif
-
-if ( "$1" == "" ) then
- setenv NSSVER tip
-else
- setenv NSSVER $1
-endif
-
-if ( ! ${?QAYEAR} ) then
- setenv QAYEAR `date +%Y`
-else if ( "$QAYEAR" == "" ) then
- setenv QAYEAR `date +%Y`
-
-endif
-
-setenv NSS_VER_DIR /share/builds/mccrel/nss/nss$NSSVER
-setenv NTDIST ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/blowfish_NT4.0_Win95/mozilla/dist
-setenv UXDIST ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/dist
-setenv TESTSCRIPTDIR ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/security/nss/tests
-setenv RESULTDIR ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8/mozilla/tests_results/security
-
-cd ${NSS_VER_DIR}/builds/${QAYEAR}${BUILDDATE}.1/booboo_Solaris8
-pwd
-ls
diff --git a/security/nss/tests/nsspath b/security/nss/tests/nsspath
deleted file mode 100755
index 5d5ececc6..000000000
--- a/security/nss/tests/nsspath
+++ /dev/null
@@ -1,12 +0,0 @@
-#! /bin/tcsh
-
-set PWD=`pwd`
-source /u/sonmi/bin/nssdir $*
-set OBJDIR=`(cd mozilla/security/nss/tests/common; gmake objdir_name)`
-setenv PATH `perl /u/sonmi/bin/path_uniq -s "${PATH}:${UXDIST}/${OBJDIR}/bin"`
-if ( `uname -n` == "iws-perf" ) then
- setenv LD_LIBRARY_PATH "${UXDIST}/${OBJDIR}/lib:/opt/nfast/toolkits/pkcs11"
-else
- setenv LD_LIBRARY_PATH "${UXDIST}/${OBJDIR}/lib"
-endif
-cd $PWD
diff --git a/security/nss/tests/nssqa b/security/nss/tests/nssqa
deleted file mode 100755
index 9bec97b6e..000000000
--- a/security/nss/tests/nssqa
+++ /dev/null
@@ -1,279 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/nssqa - /u/svbld/bin/init/nss/nssqa
-#
-# this script is supposed to automatically run QA for NSS on all required
-# Unix and Windows (NT and 2000) platforms
-#
-# parameters
-# ----------
-# nssversion (supported: 30b, 31, tip)
-# builddate (default - today)
-#
-# options
-# -------
-# -y answer all questions with y - use at your own risk...ignores warnings
-# -s silent (only usefull with -y)
-# -h, -? - you guessed right - displays this text
-# -d debug
-# -f <filename> - write the (error)output to filename
-# -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.nssqa
-#
-# 12/1/00
-# took out the (unused) local directory for releasebuild QA on NT
-# cleaned up 32 - 64 bit issues
-# took hardcoded machinenames out
-########################################################################
-
-O_OPTIONS=ON # accept options (see above for listing)
-WIN_WAIT_FOREVER=ON # first we wait forever for a TESTDIR to appear, than
- # we wait forever for the build to finish...
-
-TBX_EXIT=50 # in case we are running on a tinderbox build, any
- # early exit needs to return an error
-. `dirname $0`/header # utilities, shellfunctions etc, global to NSS QA
-
-if [ -z "$O_TBX" -o "$O_TBX" != "ON" ] ; then
- is_running ${TMP}/nssqa
- # checks if the file exists, if yes Exits, if not
- # creates to implement a primitive locking mechanism
-fi
-
-KILL_SELFSERV=OFF # cleanup will also kill the leftover selfserv processes
-
-################################ check_distdir #########################
-# local shell function to check if the DIST directory exists, if not there
-# is no use to continue the test
-########################################################################
-check_distdir()
-{
- set_objdir
-
- if [ ! -d "$LOCALDIST_BIN" ]
- then
- Debug "Dist $DIST"
- Warning "$LOCALDIST_BIN (the dist binaries dir) does not exist"
- return 1
- fi
-
- if [ ! -d "$LOCALDIST" -a ! -h "$LOCALDIST" ]
- then
- Debug "Dist $DIST"
- Warning "$LOCALDIST (the dist directory) does not exist"
- return 1
- fi
-
- Debug "LOCALDIST_BIN $LOCALDIST_BIN"
- Debug "Dist $DIST"
- return 0
-}
-
-################################ run_all ###############################
-# local shell function to start the all.sh after asking user and redirect
-# the output apropriately
-########################################################################
-run_all()
-{
- check_distdir || return 1
- #kill_by_name selfserv
- ask "Testing $OBJDIR continue with all.sh" "y" "n" || Exit
-
- Debug "running all.sh in `pwd`"
- if [ $O_SILENT = ON ]
- then
- if [ $O_DEBUG = ON -a $O_FILE = ON ]
- then
- all.sh >>$FILENAME 2>>$FILENAME
- else
- all.sh >/dev/null 2>/dev/null
- fi
- else
- all.sh
- fi
- Debug "Done with all.sh "
- line
-}
-
-all_sh()
-{
- echo
-}
-
-
-########################### wait_for_build #############################
-# local shell function to wait until the build is finished
-########################################################################
-wait_for_build()
-{
- if [ $O_WIN = "ON" ]
- then
- WaitForever ${OSDIR}/SVbuild.InProgress.1 0
- #Wait for the build to finish Windows a lot longer
- OS_TARGET=WINNT;export OS_TARGET;Debug "OS_TARGET set to $OS_TARGET"
- QA_OS_NAME=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name | \
- sed -e "s/WINNT4.0.*/Windows-NT-4.0/" -e "s/WINNT5.0.*/Windows-2000/"`
- Echo "WINDOWS-OS-LINE: $QA_OS_NAME"
- else
- Wait ${OSDIR}/SVbuild.InProgress.1 0
- #Wait for the build to finish... Unix a few hours
- qa_stat_get_sysinfo
- Echo "UNIX-OS-LINE: $QA_OS"
- fi
- find_nt_masterbuild
-}
-
-
-########################### map_os #############################
-# local shell function: From the operatingsystem figure out the name of
-# the build ; needed to detemine if the build finished, passed and for
-# the directory names
-########################################################################
-map_os32()
-{
- case `uname -s` in
- SunOS)
- S_REL=`uname -r | sed -e "s/^[^\.]*\.//g"`
- if [ `uname -p` = "i386" ] ; then
- MAPPED_OS=Solaris8_x86
- elif [ "$S_REL" -lt 8 ] ; then
- MAPPED_OS=Solaris2.6
- else
- MAPPED_OS=Solaris8_forte6
- fi
- ;;
- OSF1)
- MAPPED_OS=OSF1V4.0
- ;;
- AIX)
- MAPPED_OS=AIX4.3
- ;;
- Linux)
- RH_MR=`cat /etc/redhat-release | sed \
- -e "s/Red Hat Linux release //" -e "s/ .*//g" \
- -e "s/\..*//g"`
-
- if [ "$RH_MR" = "6" ] ; then
- MAPPED_OS=Linux2.2
- else
- MAPPED_OS=Linux2.4
- LD_ASSUME_KERNEL="2.2.5"
- export LD_ASSUME_KERNEL
- fi
- ;;
- HP-UX)
- MAPPED_OS=HPUX11.00
- ;;
- *)
- if [ "$os_name" = "Windows" ]
- then
- MAPPED_OS=NT4.0
- else
- Exit "Sorry, operating system `uname -s` is not supported yet"
- fi
- ;;
- esac
- set_osdir
- Debug "Mapped OS to $MAPPED_OS"
-}
-
-############################# nssqa_main ###############################
-# local shell function main controlling function of the nss qa
-########################################################################
-nssqa_main()
-{
- Debug "In function nssqa_main"
-
- if [ $O_WIN = "OFF" -a "$O_TBX" = "OFF" -a $O_LOCAL = "OFF" ] ; then
- if [ ! -h ${NTDIST}/WINNT5.0_DBG.OBJ -o \
- ! -h ${UXDIST}/SunOS5.8_OPT.OBJ -o \
- ! -h ${UXDIST}/OSF1V5.0_DBG.OBJ ] ; then
- # determine if all needed symbolic links are present, in case
- # we build on one platform and QA on another
- # create the symbolic links
- #mksymlinks $* ||
- `dirname $0`/mksymlinks $NSSVER $BUILDDATE ||
- Warning "Can't make the neccessary symbolic links"
- fi
- fi
-
- if [ -d $TESTSCRIPTDIR ] #the directory mozilla/security/nss/tests,
- then # where all.sh lives
- cd $TESTSCRIPTDIR
- else
- Exit "cant cd to $TESTSCRIPTDIR Exiting"
- fi
-
- Debug "Testing from `pwd`"
- line
- Debug "HOST: $HOST, DOMSUF: $DOMSUF"
-
- if [ "$O_TBX" = "OFF" ] ; then
- map_os32 # From the operatingsystem figure out the name of the build
- Debug Testing build for $MAPPED_OS in $OSDIR
- wait_for_build
- fi
- run_all
- BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
- run_all
-
- # now for the 64 bit build!
- map_os64 # From the operatingsystem figure out the name of the build
- if [ -n "$IS_64" ] ; then #Wait for the 64 bit build to finish...
- Debug "This is a $IS_64 platform"
- USE_64=1;export USE_64;Debug "Use_64 set to $USE_64"
- unset BUILD_OPT;export BUILD_OPT;Debug "BUILD_OPT $BUILD_OPT"
-
- run_all
- BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
- run_all
- elif [ "$O_WIN" = "ON" ] ; then
- OS_TARGET=WIN95;export OS_TARGET
- Debug "OS_TARGET set to $OS_TARGET"
- #Echo "WINDOWS-OS-LINE: $os_name $os_full $OS_TARGET"
- unset BUILD_OPT;export BUILD_OPT;Debug "BUILD_OPT $BUILD_OPT"
- #if [ "$TEST_LEVEL" = "0" ] ; then
- #QA_OS_NAME=`cd ${TESTSCRIPTDIR}/common; gmake objdir_name | \
- #sed -e "s/WINNT4.0.*/Windows-NT-4.0/" -e \
- #"s/WINNT5.0.*/Windows-2000/"`
- #Echo "WINDOWS-OS-LINE: $QA_OS_NAME $OS_TARGET"
- #fi
- run_all
- BUILD_OPT=1; export BUILD_OPT; Debug "BUILD_OPT $BUILD_OPT"
- run_all
- else
- Debug "This is a 32 bit platform"
- fi
-}
-
-TEST_LEVEL=0
-
-while [ $TEST_LEVEL -lt 2 ] ; do
- export TEST_LEVEL
- unset BUILD_OPT;export BUILD_OPT;Debug "BUILD_OPT $BUILD_OPT"
- unset USE_64;export USE_64;Debug "USE_64 $USE_64"
- bc $TEST_LEVEL
- Debug "About to start nssqa_main"
- if [ $O_FILE = ON -a "$O_WIN" != "ON" ] ; then
- nssqa_main 2>>$FILENAME
- else
- nssqa_main
- fi
- if [ "$O_TBX" = "ON" ] ; then # do not do backward compatibility
- TEST_LEVEL=3 # testing on tinderbox
- else
- TEST_LEVEL=`expr $TEST_LEVEL + 1 `
- fi
-done
-
-if [ "$O_TBX" = "ON" -o "$O_LOCAL" = "ON" ] ; then
-#FIXME - maybe it should be copied back to the networkdrive later (-ln)
- Debug "running qa_stat"
- . `dirname $0`/qa_stat
-fi
-
-
-qa_stat_get_sysinfo
-
-Exit "nssqa completed. Done `uname -n` $QA_OS_STRING"
diff --git a/security/nss/tests/path_uniq b/security/nss/tests/path_uniq
deleted file mode 100755
index f29f60a00..000000000
--- a/security/nss/tests/path_uniq
+++ /dev/null
@@ -1,107 +0,0 @@
-#! /bin/perl
-
-########################################################################
-#
-# /u/sonmi/bin/path_uniq
-#
-# this script makes components of a PATH like string unique cand prints
-# it to stdout
-#
-# parameters
-# ----------
-# PATH
-#
-# options
-# -------
-# -d delimiter - default :
-# -s shortens the path
-#
-# usefull enhancements: in the usage part, try to guess what was meant as
-# a path and echo it to stdout to not break for PATHs with blanks
-#
-########################################################################
-
-sub usage {
- print STDERR "usage $0 [-s] [-d <delimiter>] PATH\n";
- print STDERR " this script makes components of the PATH unique, if you\n";
- print STDERR " pass in a searchpath A:B:C:A:B:E it will print A:B:C:E to\n";
- print STDERR " the stdout\n\n";
- print STDERR " -s will mercylessly cut components from the path, \n";
- print STDERR " use at your own risk\n\n";
- print STDERR " the parameters you gave were: \n";
- for ( $i = 0; $i <= $#ARGV; $i++ ) {
- print STDERR " $ARGV[$i]\n";
- }
- exit ;
-}
-
-
-$i = 0;
-$j = 0;
-$delimiter = ":";
-$searchpath = "";
-@pathcomponents;
-$found=0;
-$newpath="";
-$shorten=0;
-
-for ( $i=0; $i <= $#ARGV; $i++) {
- if ( $ARGV[$i] eq '-d' ) {
- $delimiter = $ARGV[++$i];
- } elsif ( $ARGV[$i] eq '-s' ) {
- $shorten=1;
- } else {
- $searchpath = $ARGV[$i];
- }
-}
-if ( $searchpath eq "" ) {
- usage;
-}
-#print STDERR "delimiter $delimiter\n";
-#print STDERR "shorten $shorten\n";
-#print STDERR "searchpath $searchpath\n";
-
-@pathcomponents=split($delimiter, $searchpath);
-
-for ( $i = 0; $i <= $#pathcomponents; $i++ ) {
- $found=0;
- if ( $shorten == 1 ) {
- if ( "\/tools\/ns-arch\/sparc_sun_solaris2\.4\/lib\/sparcworks\/SUNWspro/bin" eq $pathcomponents[$i] ||
- "\/h\/tortoise\/export\/share\/builds\/tools\/sparc_sun_solaris2\.5\.1\/perl5\.004\/bin" eq $pathcomponents[$i] ||
- "\/usr\/dist\/local\/exe" eq $pathcomponents[$i] ||
- "\/opt\/SUNWspro\/bin" eq $pathcomponents[$i] ||
- "\/opt\/SUNWwabi\/bin" eq $pathcomponents[$i] ||
- "\/u\/svbld\/bin" eq $pathcomponents[$i] ||
- "\/usr\/demos" eq $pathcomponents[$i] ||
- "\/usr\/audio\/bin" eq $pathcomponents[$i] ||
- "\/usr\/openwin\/demo" eq $pathcomponents[$i] ||
- "\/tools\/contrib\/bin" eq $pathcomponents[$i] ||
- "\/usr\/etc\/" eq $pathcomponents[$i] ||
- "\/usr\/demos\/bin" eq $pathcomponents[$i] ) {
-
-
- #print "dumped: $pathcomponents[$i]\n";
- next;
- }
- #print "keep: $pathcomponents[$i]\n";
- }
- for ( $j = 0; $j < $i; $j++ ) {
- if ( $pathcomponents[$j] eq $pathcomponents[$i] ) {
- #print "$i and $j match - $pathcomponents[$i] - $pathcomponents[$j]\n";
- $found=1;
- last;
- }
- }
- if ( $found == 0 ) {
- #print "$pathcomponents[$i]:";
- if ($i == 0) {
- $newpath = $pathcomponents[$i];
- } else {
- $newpath=join($delimiter, $newpath,$pathcomponents[$i]);
- }
- }
-}
-print "$newpath\n";
-exit;
-
-
diff --git a/security/nss/tests/perf/perf.sh b/security/nss/tests/perf/perf.sh
deleted file mode 100755
index 403588afe..000000000
--- a/security/nss/tests/perf/perf.sh
+++ /dev/null
@@ -1,87 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/perf/perf.sh
-#
-# script run from the nightly NSS QA to measure nss performance
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-#
-############################## perf_init ##############################
-# local shell function to initialize this script
-########################################################################
-perf_init()
-{
- SCRIPTNAME="perf.sh"
- if [ -z "${INIT_SOURCED}" ] ; then
- cd ../common
- . init.sh
- fi
- SCRIPTNAME="perf.sh"
- PERFDIR=${HOSTDIR}/perf
- mkdir -p ${PERFDIR}
-}
-
-perf_init
-RSAPERF_OUT=`rsaperf -i 300 -s -n none`
-RSAPERF_OUT=`echo $RSAPERF_OUT | sed \
- -e "s/^/RSAPERF: $OBJDIR /" \
- -e 's/microseconds/us/' \
- -e 's/milliseconds/ms/' \
- -e 's/seconds/s/' \
- -e 's/ minutes, and /_min_/'`
-
-echo "$RSAPERF_OUT"
-
-
-
-#FIXME
-#export RSAPERF_OUT
-#
-#perl -e '
-
-#@rsaperf=split(/ /, $ENV{RSAPERF_OUT});
-
-#echo "${RSAPERF_OUT}" | read IT_NUM T1 T2 TOT_TIM TOT_TIM_U \
- #T3 T4 T5 AVRG_TIM AVRG_TIM_U
-
-#300 iterations in 8.881 seconds one operation every 29606 microseconds
diff --git a/security/nss/tests/pkcs11/netscape/suites/Makefile b/security/nss/tests/pkcs11/netscape/suites/Makefile
deleted file mode 100644
index 093ef5244..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-# include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/config.mk b/security/nss/tests/pkcs11/netscape/suites/config.mk
deleted file mode 100644
index 0c29b9e0e..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/config.mk
+++ /dev/null
@@ -1,42 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-all::
-
-release:: release_security abort_rule
-
-release_security:
- @echo "cd security; $(MAKE) release"
- $(MAKE) -C security release
-
-abort_rule:
- @"Security Complete. (Don't worry about this, it really should abort here!)"
diff --git a/security/nss/tests/pkcs11/netscape/suites/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/manifest.mn
deleted file mode 100644
index 119fd5509..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../../..
-
-# MODULE = sectools
-
-# IMPORTS = nspr20/19971209C \
-# dbm/DBM_1_5 \
-# security/HCL_1_5 \
-# sectools/bin/19971218 \
-# sectools/lib/19971218 \
-# $(NULL)
-
-DIRS = security \
- $(NULL)
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/Makefile b/security/nss/tests/pkcs11/netscape/suites/security/Makefile
deleted file mode 100644
index 1c76a8833..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/config.mk b/security/nss/tests/pkcs11/netscape/suites/security/config.mk
deleted file mode 100644
index 006fcb713..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/config.mk
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-all::
-
-release:: release_des release_des3 release_sha1 release_dsa abort_rule
-
-release_des:
- @echo "cd des; $(MAKE) release"
- $(MAKE) -C des release
-
-release_des3:
- @echo "cd des3; $(MAKE) release"
- $(MAKE) -C des3 release
-
-release_sha1:
- @echo "cd sha1; $(MAKE) release"
- $(MAKE) -C sha1 release
-
-release_dsa:
- @echo "cd dsa; $(MAKE) release"
- $(MAKE) -C dsa release
-
-abort_rule:
- @"Security Suites Complete. (Don't worry about this, it really should abort here!)"
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/security/manifest.mn
deleted file mode 100644
index a95b03c93..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/manifest.mn
+++ /dev/null
@@ -1,40 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../../../..
-
-#MODULE = sectools
-
-DIRS = pkcs11 \
- ssl \
- $(NULL)
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile
deleted file mode 100644
index 611fef3d6..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/Makefile
+++ /dev/null
@@ -1,76 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-include $(CORE_DEPTH)/nss/cmd/platlibs.mk
-include $(CORE_DEPTH)/nss/cmd/platrules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-include rules.mk
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk
deleted file mode 100644
index 4b50e62e6..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/config.mk
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# Adjust specific variables for all platforms #
-#######################################################################
-
-OS_CFLAGS += -DNSPR20=1
-
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-LDFLAGS = $(LDOPTS) $(LIBSECMOD) $(LIBHASH) $(LIBCERT) $(LIBKEY) \
-$(LIBCRYPTO) $(LIBSECUTIL) $(LIBDBM) $(LIBPLC) $(LIBPLDS) $(LIBPR) \
-$(LIBSECTOOLS) $(DLLSYSTEM)
-
-# These are the libraries from the PKCS #5 suite:
-#LDFLAGS = $(LDOPTS) $(LIBSECTOOLS) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBSECMOD) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBSECMOD) $(LIBSSL) $(LIBPKCS7) $(LIBCERT) $(LIBKEY) $(LIBCRYPTO) $(LIBSECUTIL) $(LIBHASH) $(LIBDBM) $(LIBPLDS) $(LIBPLC) $(LIBPR) $(DLLSYSTEM)
-
-#######################################################################
-# Set the TARGETS value to build one executable from each object file #
-#######################################################################
-
-# TARGETS = $(OBJS:$(OBJ_SUFFIX)=$(PROG_SUFFIX))
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn
deleted file mode 100644
index 1d3d7a4b5..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/manifest.mn
+++ /dev/null
@@ -1,46 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-CORE_DEPTH=../../../../../../..
-
-#MODULE = sectools
-
-CSRCS = pk11test.c
-
-PROGRAM = pk11test
-
-REQUIRES = seccmd dbm security
-
-REGRESSION_SPEC = pkcs11.reg
-
-RESULTS_SUBDIR = security/pkcs11
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c
deleted file mode 100644
index e011e8059..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.c
+++ /dev/null
@@ -1,1360 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#define VERSION_MAJOR 1
-#define VERSION_MINOR 0
-#define VERSION_POINT 7
-/* Standard C includes */
-#include <stdlib.h>
-#include <stdio.h>
-
-/* NSPR includes */
-#include <prio.h>
-#include <prprf.h>
-#include <plarena.h>
-#include <prinit.h>
-#include <prmem.h>
-
-/* security includes */
-#include <pkcs11t.h>
-#include <secmodt.h>
-#include <pk11func.h>
-#include <secmod.h>
-#include <secutil.h>
-#include <keyt.h>
-
-/* replacer header file */
-#include "pk11test.h"
-
-#include "pkcs11.h"
-
-void SEC_Init(void);
-
-PRStatus InitCrypto(char*);
-int TestUserManagement();
-int TestCrypto();
-MechInfo* GetMechInfo(CK_MECHANISM_TYPE type);
-int TestEncrypt(CK_MECHANISM_TYPE mech);
-int TestSign(CK_MECHANISM_TYPE mech);
-int TestDigest(CK_MECHANISM_TYPE mech);
-int TestHMAC(CK_MECHANISM_TYPE mech);
-int TestSymmetricEncrypt(CK_MECHANISM_TYPE mech);
-int TestPKEncrypt(CK_MECHANISM_TYPE mech);
-
-
-static char* userpw = NULL;
-static int secerror=0;
-/* PK11SymKey *symkey=NULL;*/
-PK11SlotInfo *slot=NULL;
-
-/* Errors */
-enum {
- NO_ERROR_AT_ALL=0,
- NO_SUCH_SLOT=1,
- KEY_GEN_FAILED,
- CREATE_CONTEXT_FAILED,
- INTERNAL_RNG_FAILED,
- MECH_NOT_FOUND,
- INPUT_FILE_ERROR,
- KEY_COPY_FAILED,
- CIPHER_OP_FAILED,
- FINALIZE_FAILED,
- RESULTS_DONT_MATCH,
- PARAM_GEN_FAILED,
- PLAINTEXT_DOESNT_MATCH,
- ENCRYPTION_IS_NOOP,
- WRAP_PRIVKEY_FAILED,
- WRAP_SYMKEY_FAILED,
- UNWRAP_SYMKEY_FAILED,
- UNWRAPPED_KEY_DOESNT_MATCH,
- UNWRAP_PRIVKEY_FAILED,
- SIGNATURE_FAILED,
- SIGNATURE_DOESNT_VERIFY,
- AUTHENTICATION_FAILED,
- AUTHENTICATION_SUCCEEDED,
- MODDB_ACCESS
-};
-
-static char* errString[] = {
- "No error",
- "No such slot",
- "Failed to generate key",
- "Failed to create a cryptographic context",
- "Failed to generate random bytes",
- "Mechanism was not found",
- "Error in input file",
- "Failed to copy key from internal to external module",
- "Cipher operation failed",
- "Cipher finalization failed",
- "Internal module produced a different result than the target module",
- "Failed to generate cryptographic parameters",
- "Recovered plaintext does not match original plaintext",
- "Ciphertext is the same as plaintext",
- "Unable to wrap private key",
- "Unable to wrap symmetric key",
- "Unable to unwrap symmetric key",
- "Unwrapped key does not match original key",
- "Unable to unwrap private key",
- "Signing operation failed",
- "Incorrect signature: doesn't verify",
- "Failed to authenticate to slot",
- "Authenticated to slot with incorrect password",
- "Unable to access security module database"
-};
-
-/***********************************************************************
- *
- * R e a d I n p u t F i l e
- *
- * Read tokenname and module name from the file with the indicated name.
- * Pass in the addresses of pointers. They will be set to point at
- * dynamically-allocated memory.
- *
- * Returns 0 on success, -1 on error with file.
- */
-int
-ReadInputFile(char *filename, char**tokenname, char**moddbname, char **userpw)
-{
- PRFileDesc* file=NULL;
- char readbuf[1025];
- int numbytes=0;
- char *cp;
-
- *tokenname = NULL;
- *moddbname = NULL;
-
- /* Open file */
- file = PR_Open(filename, PR_RDONLY, 0);
- if(!file) {
- return -1;
- }
-
- /* Read in everything */
- numbytes = PR_Read(file, readbuf, 1024);
- if(numbytes==-1) {
- goto loser;
- }
- readbuf[numbytes] = '\0'; /* make sure we're null-terminated */
-
- /* Get tokenname */
- cp = strtok(readbuf, "\r\n");
- if(cp == NULL) {
- goto loser;
- }
- *tokenname = PR_Malloc(strlen(cp)+1);
- strcpy(*tokenname, cp);
-
- /* get moddbname */
- cp = strtok(NULL, "\r\n");
- if(cp == NULL) {
- goto loser;
- }
- *moddbname = PR_Malloc(strlen(cp)+1);
- strcpy(*moddbname, cp);
-
- /* Get module PIN */
- cp = strtok(NULL, "\r\n");
- if(cp == NULL) {
- goto loser;
- }
- *userpw = PR_Malloc(strlen(cp)+1);
- strcpy(*userpw, cp);
-
- PR_Close(file);
- return 0;
-
-loser:
- if(file) {
- PR_Close(file);
- }
- if(*tokenname) {
- PR_Free(*tokenname);
- *tokenname = NULL;
- }
- if(*moddbname) {
- PR_Free(*moddbname);
- *moddbname = NULL;
- }
- return -1;
-}
-
-static PRBool supplyPassword=PR_TRUE;
-char*
-PasswordFunc(PK11SlotInfo *slot, PRBool loadcerts, void *wincx)
-{
- if(supplyPassword) {
- /*PR_fprintf(PR_STDOUT, "Feeding password: |%s|\n", userpw);*/
- supplyPassword = PR_FALSE;
- return PL_strdup(userpw);
- } else {
- /*PR_fprintf(PR_STDOUT, "PasswordFunc supplying NULL.\n");*/
- return NULL;
- }
-}
-
-
-/**********************************************************************
- *
- * m a i n
- *
- */
-int
-main(int argc, char *argv[])
-{
- char *tokenname=NULL;
- char *moddbname=NULL;
- int errcode;
-
- if(argc < 3) {
- PR_fprintf(PR_STDERR,
-"\nPKCS #11 Test Suite Version %d.%d.%d\n\
-Usage: pkcs11 testid configfile\n",VERSION_MAJOR,VERSION_MINOR,VERSION_POINT);
- return -1;
- }
-
- testId = atoi(argv[1]);
- if(ReadInputFile(argv[2], &tokenname, &moddbname, &userpw)) {
- errcode = INPUT_FILE_ERROR;
- goto loser;
- }
-
- PR_fprintf(PR_STDOUT, "testId=%d\n", testId);
- PR_fprintf(PR_STDOUT, "tokenname=%s\n", tokenname);
- PR_fprintf(PR_STDOUT, "moddbname=%s\n", moddbname);
-
- PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
-
- if( InitCrypto(moddbname) != PR_SUCCESS ) {
- errcode = MODDB_ACCESS;
- goto loser;
- }
-
- slot = PK11_FindSlotByName(tokenname);
- if(!slot) {
- errcode = NO_SUCH_SLOT;
- goto loser;
- }
-
- if(!REP_USE_CORRECT_PIN && userpw) {
- /* don't use the pin passed in */
- userpw[0]++;
- }
- PK11_SetPasswordFunc(PasswordFunc);
- if(PK11_NeedLogin(slot)) {
- SECStatus result;
- supplyPassword = PR_TRUE;
- result = PK11_Authenticate(slot, PR_FALSE, NULL);
- /* If we just did an invalid login, login correctly so we don't
- * cause the token to lock us out */
- if(!REP_USE_CORRECT_PIN) {
- userpw[0]--;
- supplyPassword = PR_TRUE;
- PK11_Authenticate(slot, PR_FALSE, NULL);
- }
- if(REP_USE_CORRECT_PIN && result!=SECSuccess) {
- errcode = AUTHENTICATION_FAILED;
- goto loser;
- } else if(!REP_USE_CORRECT_PIN && result==SECSuccess) {
- errcode = AUTHENTICATION_SUCCEEDED;
- goto loser;
- }
- }
-
- errcode = TestCrypto();
-
-loser:
- if(tokenname) {
- PR_Free(tokenname); tokenname = NULL;
- }
- if(moddbname) {
- PR_Free(moddbname); moddbname = NULL;
- }
- if(errcode) {
- PR_fprintf(PR_STDOUT, "Exiting with error: %s.\n\n", errString[errcode]);
- } else {
- PR_fprintf(PR_STDOUT, "Test was successful\n\n");
- }
- return errcode;
-}
-
-/**********************************************************************
- *
- * I n i t C r y p t o
- *
- */
-PRStatus
-InitCrypto(char *moddbname)
-{
- SEC_Init();
-
- if( PR_Access(moddbname, PR_ACCESS_EXISTS) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, "Error: %s does not exist.\n", moddbname);
- return PR_FAILURE;
- }
- if( PR_Access(moddbname, PR_ACCESS_READ_OK) != PR_SUCCESS) {
- PR_fprintf(PR_STDERR, "Error: %s is not readable.\n",
- moddbname);
- return PR_FAILURE;
- }
-
- SECMOD_init(moddbname);
- return PR_SUCCESS;
-}
-
-/**********************************************************************
- *
- * T e s t C r y p t o
- *
- */
-int
-TestCrypto()
-{
- MechInfo *mechInfo;
- int errcode;
- unsigned short testcount=0;
-
- if(!PK11_DoesMechanism(slot, REP_MECHANISM)) {
- return 0;
- }
-
- mechInfo = GetMechInfo(REP_MECHANISM);
- /*PR_fprintf(PR_STDOUT, "Using mechanism %x.\n", REP_MECHANISM);*/
- if(!mechInfo) {
- PR_fprintf(PR_STDERR, "Unable to find mech %x\n",
- REP_MECHANISM);
- return MECH_NOT_FOUND;
- }
-
- if(mechInfo->op & ENCRYPT_OP) {
- testcount++;
- errcode = TestEncrypt(REP_MECHANISM);
- if(errcode) return errcode;
- }
-
- if(mechInfo->op & SIGN_OP) {
- testcount++;
- errcode = TestSign(REP_MECHANISM);
- if(errcode) return errcode;
- }
-
-#if 0
- if(mechInfo->op & DIGEST_OP) {
- testcount++;
- errcode = TestDigest(REP_MECHANISM);
- if(errcode) return errcode;
- }
-
- if(mechInfo->op & HMAC_OP) {
- testcount++;
- errcode = TestHMAC(REP_MECHANISM);
- if(errcode) return errcode;
- }
-#endif
-
- return 0;
-}
-
-/**********************************************************************
- *
- * I s S y m m e t r i c
- *
- */
-int
-IsSymmetric(CK_MECHANISM_TYPE mech)
-{
- switch(mech) {
- case CKM_RC2_ECB:
- case CKM_RC2_CBC:
- case CKM_RC2_CBC_PAD:
- case CKM_RC4:
- case CKM_RC5_ECB:
- case CKM_RC5_CBC:
- case CKM_RC5_CBC_PAD:
- case CKM_DES_ECB:
- case CKM_DES_CBC:
- case CKM_DES_CBC_PAD:
- case CKM_DES3_ECB:
- case CKM_DES3_CBC:
- case CKM_DES3_CBC_PAD:
- case CKM_CAST_ECB:
- case CKM_CAST_CBC:
- case CKM_CAST_CBC_PAD:
- case CKM_CAST3_ECB:
- case CKM_CAST3_CBC:
- case CKM_CAST3_CBC_PAD:
- case CKM_CAST5_ECB:
- case CKM_CAST5_CBC:
- case CKM_CAST5_CBC_PAD:
- case CKM_IDEA_ECB:
- case CKM_IDEA_CBC:
- case CKM_IDEA_CBC_PAD:
- case CKM_CDMF_ECB:
- case CKM_CDMF_CBC:
- case CKM_CDMF_CBC_PAD:
- case CKM_SKIPJACK_ECB64:
- case CKM_SKIPJACK_CBC64:
- case CKM_SKIPJACK_OFB64:
- case CKM_SKIPJACK_CFB64:
- case CKM_SKIPJACK_CFB32:
- case CKM_SKIPJACK_CFB16:
- case CKM_SKIPJACK_CFB8:
- case CKM_BATON_ECB128:
- case CKM_BATON_ECB96:
- case CKM_BATON_CBC128:
- case CKM_BATON_COUNTER:
- case CKM_BATON_SHUFFLE:
- case CKM_JUNIPER_ECB128:
- case CKM_JUNIPER_CBC128:
- case CKM_JUNIPER_COUNTER:
- case CKM_JUNIPER_SHUFFLE:
- return 1;
- default:
- return 0;
- }
-}
-
-/**********************************************************************
- *
- * T e s t E n c r y p t
- *
- */
-int
-TestEncrypt(CK_MECHANISM_TYPE mech)
-{
-
- /*PR_fprintf(PR_STDOUT, "Inside TestEncrypt\n");*/
- if(!PK11_DoesMechanism(slot, mech)) {
- /* Can't test if the slot doesn't do this mechanism */
- PR_fprintf(PR_STDERR, "Slot doesn't do this mechanism.\n");
- return 0;
- }
-
- if(IsSymmetric(mech)) {
- /*PR_fprintf(PR_STDOUT, "Is a symmetric algorithm\n");*/
- return TestSymmetricEncrypt(mech);
- } else {
- /*PR_fprintf(PR_STDOUT, "Is not a symmetric algorithm\n");*/
- return TestPKEncrypt(mech);
- }
-
- return 0;
-}
-
-/**********************************************************************
- *
- * G e n e r a t e P K P a r a m s
- *
- */
-void*
-GeneratePKParams(CK_MECHANISM_TYPE mech)
-{
-
- /* FIPS preprocessor directives for DSA. */
- #define FIPS_DSA_TYPE siBuffer
- #define FIPS_DSA_DIGEST_LENGTH 20 /* 160-bits */
- #define FIPS_DSA_SUBPRIME_LENGTH 20 /* 160-bits */
- #define FIPS_DSA_SIGNATURE_LENGTH 40 /* 320-bits */
- #define FIPS_DSA_PRIME_LENGTH 64 /* 512-bits */
- #define FIPS_DSA_BASE_LENGTH 64 /* 512-bits */
-
-
- CK_MECHANISM_TYPE keygenMech;
- PK11RSAGenParams *rsaparams;
- PQGParams *dsa_pqg;
- unsigned char *dsa_P = (unsigned char *)
- "\x8d\xf2\xa4\x94\x49\x22\x76\xaa"
- "\x3d\x25\x75\x9b\xb0\x68\x69\xcb"
- "\xea\xc0\xd8\x3a\xfb\x8d\x0c\xf7"
- "\xcb\xb8\x32\x4f\x0d\x78\x82\xe5"
- "\xd0\x76\x2f\xc5\xb7\x21\x0e\xaf"
- "\xc2\xe9\xad\xac\x32\xab\x7a\xac"
- "\x49\x69\x3d\xfb\xf8\x37\x24\xc2"
- "\xec\x07\x36\xee\x31\xc8\x02\x91";
- unsigned char *dsa_Q = (unsigned char *)
- "\xc7\x73\x21\x8c\x73\x7e\xc8\xee"
- "\x99\x3b\x4f\x2d\xed\x30\xf4\x8e"
- "\xda\xce\x91\x5f";
- unsigned char *dsa_G = (unsigned char *)
- "\x62\x6d\x02\x78\x39\xea\x0a\x13"
- "\x41\x31\x63\xa5\x5b\x4c\xb5\x00"
- "\x29\x9d\x55\x22\x95\x6c\xef\xcb"
- "\x3b\xff\x10\xf3\x99\xce\x2c\x2e"
- "\x71\xcb\x9d\xe5\xfa\x24\xba\xbf"
- "\x58\xe5\xb7\x95\x21\x92\x5c\x9c"
- "\xc4\x2e\x9f\x6f\x46\x4b\x08\x8c"
- "\xc5\x72\xaf\x53\xe6\xd7\x88\x02";
-
-
- keygenMech = PK11_GetKeyGen(mech);
-
- switch(keygenMech) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- rsaparams = PR_Malloc(sizeof(PK11RSAGenParams));
- rsaparams->keySizeInBits = REP_PK_KEY_SIZE;
- rsaparams->pe = 65537L;
- return (void*) rsaparams;
- case CKM_ECDSA_KEY_PAIR_GEN:
- case CKM_DSA_KEY_PAIR_GEN:
-
- /* Allocate PQG memory */
- dsa_pqg = PORT_ZAlloc(sizeof(PQGParams));
- dsa_pqg->prime.data = (unsigned char*)
- PORT_ZAlloc(FIPS_DSA_PRIME_LENGTH);
- dsa_pqg->subPrime.data = (unsigned char*)
- PORT_ZAlloc(FIPS_DSA_SUBPRIME_LENGTH);
- dsa_pqg->base.data = (unsigned char*)
- PORT_ZAlloc(FIPS_DSA_BASE_LENGTH);
-
- dsa_pqg->prime.type = FIPS_DSA_TYPE;
- PORT_Memcpy(dsa_pqg->prime.data, dsa_P, FIPS_DSA_PRIME_LENGTH);
- dsa_pqg->prime.len = FIPS_DSA_PRIME_LENGTH;
-
- dsa_pqg->subPrime.type = FIPS_DSA_TYPE;
- PORT_Memcpy( dsa_pqg->subPrime.data, dsa_Q,
- FIPS_DSA_SUBPRIME_LENGTH );
- dsa_pqg->subPrime.len = FIPS_DSA_SUBPRIME_LENGTH;
-
- dsa_pqg->base.type = FIPS_DSA_TYPE;
- PORT_Memcpy( dsa_pqg->base.data, dsa_G, FIPS_DSA_BASE_LENGTH );
- dsa_pqg->base.len = FIPS_DSA_BASE_LENGTH;
-
- return (void*) dsa_pqg;
-
- case CKM_DH_PKCS_KEY_PAIR_GEN:
- case CKM_KEA_KEY_PAIR_GEN:
- default:
- return NULL;
- }
- return NULL;
-}
-
-/**********************************************************************
- *
- * F r e e P K P a r a m s
- *
- */
-void
-FreePKParams(void* p, CK_MECHANISM_TYPE mech)
-{
-
- switch(PK11_GetKeyGen(mech)) {
- case CKM_RSA_PKCS_KEY_PAIR_GEN:
- PR_Free( (PK11RSAGenParams*)p);
- break;
- case CKM_ECDSA_KEY_PAIR_GEN:
- case CKM_DSA_KEY_PAIR_GEN:
- PR_Free( (PQGParams*)p);
- break;
- }
-}
-
-
-/**********************************************************************
- *
- * T e s t P K E n c r y p t
- *
- */
-int
-TestPKEncrypt(CK_MECHANISM_TYPE mech)
-{
- PK11SlotInfo *internal;
- SECStatus status;
- int errcode;
- SECItem *kgparams;
- SECKEYPublicKey *pubk=NULL;
- SECKEYPrivateKey *refPrivk=NULL, *testPrivk=NULL;
- PK11SymKey *refSymKey=NULL, *testSymKey=NULL, *recoveredSymKey=NULL;
- SECItem refWrappedKey, testWrappedKey;
- SECItem *refSymkeyData=NULL, *testSymkeyData=NULL;
- SECItem wrapParams;
- int testSymKeySize;
- CK_ATTRIBUTE_TYPE usages[] = { CKA_UNWRAP };
- int usageCount = 1;
-
- wrapParams.data = "aaaaaaaa";
- wrapParams.len = 8;
-
- refWrappedKey.len = 1024;
- refWrappedKey.data = PR_Malloc(1024);
- testWrappedKey.len = 1024;
- testWrappedKey.data = PR_Malloc(1024);
-
- internal = PK11_GetInternalSlot();
-
- /* Generate keygen parameter */
- kgparams = GeneratePKParams(mech);
- if(!kgparams) {
- errcode = PARAM_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate the keypair, either on the target module or on the internal
- * module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- refPrivk = PK11_GenerateKeyPair(slot, PK11_GetKeyGen(mech),
- kgparams, &pubk,
- (slot==internal) ? PR_FALSE : PR_TRUE /*isPerm*/,
- PR_FALSE /*isSensitive*/,
- NULL/*wincx*/);
- } else {
- refPrivk = PK11_GenerateKeyPair(internal, PK11_GetKeyGen(mech),
- kgparams, &pubk,
- PR_FALSE/*isPerm*/, PR_FALSE /*isSensitive*/,
- NULL/*wincx*/);
- }
- if(!refPrivk) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate symmetric key, either on the target module or on the internal
- * module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- refSymKey = PK11_KeyGen(slot, CKM_DES_CBC_PAD, NULL,
- REP_SYMKEY_SIZE, NULL);
- } else {
- refSymKey = PK11_KeyGen(internal, CKM_DES_CBC_PAD, NULL,
- REP_SYMKEY_SIZE, NULL);
- }
- if(!refSymKey) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- /*
- * If we generated the keys on the internal module, we have to
- * transfer them from the internal module to the target module, unless
- * the target module is the internal module.
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- SECItem empty;
- SECItem label;
- empty.len=0;
- empty.data=NULL;
- label.data = "foobar";
- label.len = 6;
-
- /* Copy the symmetric key to the target token*/
- testSymKey = pk11_CopyToSlot(slot,
- CKM_DES_CBC_PAD,
- CKA_UNWRAP,
- refSymKey);
- if(testSymKey==NULL) {
- secerror = PORT_GetError();
- errcode = KEY_COPY_FAILED;
- goto loser;
- }
-
- /* Copy the private key to the target token */
- status = PK11_WrapPrivKey(internal,
- refSymKey,
- refPrivk,
- CKM_DES_CBC_PAD,
- &wrapParams,
- &refWrappedKey,
- NULL /*wincx*/);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = WRAP_PRIVKEY_FAILED;
- goto loser;
- }
-
- testPrivk = PK11_UnwrapPrivKey(slot,
- testSymKey,
- CKM_DES_CBC_PAD,
- &wrapParams,
- &refWrappedKey,
- &label /*label*/,
- &empty /*ID Value*/,
- PR_TRUE /*perm*/,
- PR_TRUE /*sensitive*/,
- PK11_GetKeyType(mech, 0),
- usages, usageCount,
- NULL /*wincx*/);
- if(testPrivk==NULL) {
- secerror = PORT_GetError();
- errcode = UNWRAP_PRIVKEY_FAILED;
- goto loser;
- }
- } else {
- testPrivk=refPrivk; refPrivk = NULL;
- testSymKey=refSymKey; refSymKey = NULL;
- }
-
- /* Wrap the symmetric key with the public key */
- /* !!! Which mech do we use here, the symmetric or the PK? */
- status = PK11_PubWrapSymKey(mech, pubk, testSymKey, &testWrappedKey);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = WRAP_SYMKEY_FAILED;
- goto loser;
- }
- testSymKeySize = PK11_GetKeyLength(testSymKey);
-
- /*
- * Unless we are testing the internal slot, do the same wrap operation
- * on the internal slot and compare with the wrap done on the module
- * under test. If we did the keygen on the target module, we don't
- * have the keys on the internal module so we can't compare.
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- status = PK11_PubWrapSymKey(mech, pubk, refSymKey,
- &refWrappedKey);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = WRAP_SYMKEY_FAILED;
- goto loser;
- }
-
- if( (testWrappedKey.len != refWrappedKey.len) ||
- memcmp(testWrappedKey.data, refWrappedKey.data,
- testWrappedKey.len) ) {
- /* Wrapped Keys don't match */
- /* !!! There's random data in these encryptions, so they'll never
- * match. */
- /*errcode = RESULTS_DONT_MATCH;*/
- /*goto loser;*/
- }
- }
-
- /* Get the data of the symmetric key */
- /* Extracting the key value may not work, depending on the token. If
- * it doesn't work, we won't be able to do the comparison later */
- PK11_ExtractKeyValue(testSymKey);
- testSymkeyData = PK11_GetKeyData(testSymKey);
- if(testSymkeyData->data == NULL) {
- /* couldn't extract key data */
- testSymkeyData = NULL;
- } else {
- testSymkeyData = SECITEM_DupItem(testSymkeyData);
- }
-
- /* Destroy the symmetric key everywhere */
- if(refSymKey) {
- PK11_FreeSymKey(refSymKey); refSymKey = NULL;
- }
- if(testSymKey) {
- PK11_FreeSymKey(testSymKey); testSymKey = NULL;
- }
-
- /*
- * Unwrap the key and make sure we get the same thing back. Can only
- * do this if we were able to get the key data from the test token.
- */
- if(testSymkeyData != NULL) {
- refSymKey = PK11_PubUnwrapSymKey(testPrivk, &testWrappedKey,
- CKM_DES_CBC_PAD, CKA_WRAP, testSymKeySize);
- if(refSymKey==NULL) {
- secerror = PORT_GetError();
- errcode = UNWRAP_SYMKEY_FAILED;
- goto loser;
- }
- /* We should always be able to get the key data from the internal
- * module */
- PK11_ExtractKeyValue(refSymKey);
- refSymkeyData = PK11_GetKeyData(refSymKey);
- PR_ASSERT(refSymkeyData!=NULL && refSymkeyData->data!=NULL);
- PR_ASSERT(testSymkeyData!=NULL && testSymkeyData->data!=NULL);
- if(SECITEM_CompareItem(refSymkeyData, testSymkeyData) != SECEqual) {
- errcode = UNWRAPPED_KEY_DOESNT_MATCH;
- goto loser;
- }
- }
-
-#ifdef DEBUG
- PR_fprintf(PR_STDOUT, "Successfully finished TestPKEncrypt!\n");
-#endif
-
- errcode = 0;
-
-loser:
- if(refPrivk) {
- SECKEY_DestroyPrivateKey(refPrivk);
- }
- SECITEM_FreeItem(&refWrappedKey, PR_FALSE);
- SECITEM_FreeItem(&testWrappedKey, PR_FALSE);
- if(refSymkeyData) {
- /* do nothing, it's a copy */
- }
- if(testSymkeyData) {
- SECITEM_FreeItem(testSymkeyData, PR_TRUE);
- }
- if(pubk) {
- SECKEY_DestroyPublicKey(pubk);
- }
- if(testPrivk) {
- SECKEY_DestroyPrivateKey(testPrivk);
- }
- if(refSymKey) {
- PK11_FreeSymKey(refSymKey);
- }
- if(testSymKey) {
- PK11_FreeSymKey(testSymKey);
- }
- if(recoveredSymKey) {
- PK11_FreeSymKey(recoveredSymKey);
- }
- return errcode;
-
-
-}
-
-/**********************************************************************
- *
- * T e s t S y m m e t r i c E n c r y p t
- *
- */
-int
-TestSymmetricEncrypt(CK_MECHANISM_TYPE mech)
-{
- PK11Context *refcontext=NULL, *testcontext=NULL;
- PK11SlotInfo *internal;
- SECStatus status;
- PK11SymKey* intkey=NULL, *extkey=NULL;
- int errcode;
- unsigned char *ptext=NULL;
- int maxclen = REP_PLAINTEXT_LEN + 128;
- unsigned char *refctext=NULL, *testctext=NULL;
- int refclen, testclen;
- unsigned char *recovered=NULL;
- int reclen;
- SECItem iv, *param=NULL;
-
- internal = PK11_GetInternalSlot();
-
- ptext = PR_Malloc(REP_PLAINTEXT_LEN);
- refctext = PR_Malloc(maxclen);
- testctext = PR_Malloc(maxclen);
- recovered = PR_Malloc(maxclen);
-
- /* Generate random plaintext */
- status = RNG_GenerateGlobalRandomBytes(ptext, REP_PLAINTEXT_LEN);
- if(status != SECSuccess) {
- errcode = INTERNAL_RNG_FAILED;
- goto loser;
- }
-
- /* Generate mechanism parameter */
- iv.len = 8;
- iv.data = "aaaaaaaa"; /* !!! does this need to be random? Maybe a
- * replacer variable ? */
- param = PK11_ParamFromIV(mech, &iv);
- if(!param) {
- errcode = PARAM_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate the key, either on the target module or the internal module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- intkey = PK11_KeyGen(slot, mech, NULL, REP_SYMKEY_SIZE,
- NULL);
- } else {
- intkey = PK11_KeyGen(internal, mech, NULL, REP_SYMKEY_SIZE,
- NULL);
- }
- if(!intkey) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- /* Copy the key to the target token if it isn't there already */
- extkey = pk11_CopyToSlot(slot, mech, CKA_ENCRYPT, intkey);
- if(!extkey) {
- secerror = PORT_GetError();
- errcode = KEY_COPY_FAILED;
- goto loser;
- }
- } else {
- extkey = intkey;
- intkey = NULL;
- }
-
- /* Create an encryption context */
- testcontext = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, extkey,
- param);
- if(!testcontext) {
- secerror = PORT_GetError();
- errcode = CREATE_CONTEXT_FAILED;
- goto loser;
- }
-
- /* Do the encryption */
- status = PK11_CipherOp(testcontext, testctext, &testclen,
- maxclen, ptext, REP_PLAINTEXT_LEN);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = CIPHER_OP_FAILED;
- goto loser;
- }
- status = PK11_Finalize(testcontext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = FINALIZE_FAILED;
- goto loser;
- }
-
- /* Free the encryption context */
- PK11_DestroyContext(testcontext, PR_TRUE /*freeit*/);
- testcontext = NULL;
-
- /* Make sure the encryption did something */
- if(!memcmp(ptext, testctext,
- REP_PLAINTEXT_LEN > testclen ? testclen : REP_PLAINTEXT_LEN)) {
- errcode = ENCRYPTION_IS_NOOP;
- goto loser;
- }
-
- /*
- * Now do everything on the internal module and compare the results.
- * If the key was generated on the target module, it doesn't exist on
- * the internal module so we can't compare.
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- /* Create encryption context */
- refcontext = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT,
- intkey, param);
- if(!refcontext) {
- secerror = PORT_GetError();
- errcode = CREATE_CONTEXT_FAILED;
- goto loser;
- }
-
- /* Perform the encryption */
- status = PK11_CipherOp(refcontext, refctext, &refclen,
- maxclen, ptext, REP_PLAINTEXT_LEN);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = CIPHER_OP_FAILED;
- goto loser;
- }
- status = PK11_Finalize(refcontext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = FINALIZE_FAILED;
- goto loser;
- }
-
- /* Free the context */
- PK11_DestroyContext(refcontext, PR_TRUE /*freeit*/);
- refcontext = NULL;
-
-
- /* Compare the ciphertext from the target module and the
- * internal module
- */
- if( (testclen != refclen) ||
- (memcmp(testctext, refctext, testclen)) ) {
- errcode = RESULTS_DONT_MATCH;
- goto loser;
- }
- }
-
- /*
- * Decrypt the ciphertext and make sure we get back the original
- * ptext
- */
-
- /* Create the decryption context */
- testcontext = PK11_CreateContextBySymKey(mech, CKA_DECRYPT, extkey,
- param);
- if(!testcontext) {
- secerror = PORT_GetError();
- errcode = CREATE_CONTEXT_FAILED;
- goto loser;
- }
-
- /* Do the decryption */
- status = PK11_CipherOp(testcontext, recovered, &reclen,
- maxclen, testctext, testclen);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = CIPHER_OP_FAILED;
- goto loser;
- }
- status = PK11_Finalize(testcontext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = FINALIZE_FAILED;
- goto loser;
- }
-
-
- /* Free the encryption context */
- PK11_DestroyContext(testcontext, PR_TRUE /*freeit*/);
- testcontext = NULL;
-
-
- /* Compare the recovered text to the plaintext */
- if( (reclen != REP_PLAINTEXT_LEN) ||
- (memcmp(recovered, ptext, reclen)) ) {
- errcode = PLAINTEXT_DOESNT_MATCH;
- goto loser;
- }
-
-
-#ifdef DEBUG
- PR_fprintf(PR_STDOUT, "Successfully finished TestSymmetricEncrypt!\n");
-#endif
-
- errcode = 0;
-
-loser:
- if(ptext) {
- PR_Free(ptext); ptext = NULL;
- }
- if(refctext) {
- PR_Free(refctext); refctext = NULL;
- }
- if(testctext) {
- PR_Free(testctext); testctext = NULL;
- }
- if(intkey) {
- PK11_FreeSymKey(intkey); intkey = NULL;
- }
- if(extkey) {
- PK11_FreeSymKey(extkey); extkey = NULL;
- }
- if(testcontext) {
- PK11_DestroyContext(testcontext, PR_TRUE /*freeit*/);
- }
- if(refcontext) {
- PK11_DestroyContext(refcontext, PR_TRUE /*freeit*/);
- }
- if(param) {
- SECITEM_FreeItem(param, PR_TRUE);
- param = NULL;
- }
- if(recovered) {
- PR_Free(recovered); recovered = NULL;
- }
- return errcode;
-}
-
-/**********************************************************************
- *
- * T e s t S i g n
- *
- */
-int
-TestSign(CK_MECHANISM_TYPE mech)
-{
- PK11SlotInfo *internal;
- SECStatus status;
- int errcode;
- SECItem *kgparams;
- SECKEYPublicKey *pubk=NULL;
- SECKEYPrivateKey *refPrivk=NULL, *testPrivk=NULL;
- PK11SymKey *refSymKey=NULL, *testSymKey=NULL, *recoveredSymKey=NULL;
- SECItem refWrappedKey, testWrappedKey;
- SECItem ptext, refSignature, testSignature;
- SECItem wrapParam;
- CK_ATTRIBUTE_TYPE usages[] = { CKA_SIGN };
- int usageCount = 1;
-
- refWrappedKey.len = 1024;
- refWrappedKey.data = PR_Malloc(1024);
- testWrappedKey.len = 1024;
- testWrappedKey.data = PR_Malloc(1024);
- refSignature.len = 1024;
- refSignature.data = PR_Malloc(1024);
- testSignature.len = 1024;
- testSignature.data = PR_Malloc(1024);
- wrapParam.data = "aaaaaaaa";
- wrapParam.len = 8;
-
- internal = PK11_GetInternalSlot();
-
- /* Generate random ptext */
- ptext.data = PR_Malloc(20);
- ptext.len = 20;
- status = RNG_GenerateGlobalRandomBytes(ptext.data, 8);
- if(status != SECSuccess) {
- errcode = INTERNAL_RNG_FAILED;
- goto loser;
- }
-
- /* Generate keygen parameter */
- kgparams = GeneratePKParams(mech);
- if(!kgparams) {
- errcode = PARAM_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate the keypair, on the target module or the internal module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- refPrivk = PK11_GenerateKeyPair(slot, PK11_GetKeyGen(mech),
- kgparams, &pubk, (slot==internal) ? PR_FALSE :
- PR_TRUE /*isPerm*/,
- PR_FALSE /*isSensitive*/, NULL/*wincx*/);
- } else {
- refPrivk = PK11_GenerateKeyPair(internal, PK11_GetKeyGen(mech),
- kgparams, &pubk, PR_FALSE /*isPerm*/,
- PR_FALSE /*isSensitive*/, NULL/*wincx*/);
- }
- if(!refPrivk) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- /*
- * Generate symmetric key, on the target module or the internal module.
- */
- if(REP_KEYGEN_ON_TARGET) {
- refSymKey = PK11_KeyGen(slot, CKM_DES_CBC_PAD, NULL,
- REP_SYMKEY_SIZE, NULL);
- } else {
- refSymKey = PK11_KeyGen(internal, CKM_DES_CBC_PAD, NULL,
- REP_SYMKEY_SIZE, NULL);
- }
- if(!refSymKey) {
- secerror = PORT_GetError();
- errcode = KEY_GEN_FAILED;
- goto loser;
- }
-
- /*
- * If the key was generated on the internal module, copy it to the
- * target module, unless the target module is the internal module.
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET) {
- SECItem empty;
- SECItem label;
- SECItem *pubValue;
- empty.len=0;
- empty.data=NULL;
- label.len=6;
- label.data = "foobar";
-
- /* Copy the symmetric key to the target token*/
- testSymKey = pk11_CopyToSlot(slot,
- CKM_DES_CBC_PAD,
- CKA_WRAP,
- refSymKey);
- if(testSymKey==NULL) {
- secerror = PORT_GetError();
- errcode = KEY_COPY_FAILED;
- goto loser;
- }
-
- /* Copy the private key to the target token */
- status = PK11_WrapPrivKey(internal,
- refSymKey,
- refPrivk,
- CKM_DES_CBC_PAD,
- &wrapParam,
- &refWrappedKey,
- NULL /*wincx*/);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = WRAP_PRIVKEY_FAILED;
- goto loser;
- }
-
- switch(pubk->keyType) {
- case dsaKey:
- pubValue = SECITEM_DupItem(&pubk->u.dsa.publicValue);
- break;
- case rsaKey:
- pubValue = SECITEM_DupItem(&pubk->u.rsa.modulus);
- break;
- default:
- pubValue = NULL;
- }
- testPrivk = PK11_UnwrapPrivKey(slot,
- testSymKey,
- CKM_DES_CBC_PAD,
- &wrapParam,
- &refWrappedKey,
- &label /*label*/,
- pubValue /*ID Value*/,
- PR_TRUE /*perm*/,
- PR_TRUE /*sensitive*/,
- PK11_GetKeyType(mech, 0),
- usages, usageCount,
- NULL /*wincx*/);
- if(pubValue) {
- SECITEM_FreeItem(pubValue, PR_TRUE);
- pubValue = NULL;
- }
- if(testPrivk==NULL) {
- secerror = PORT_GetError();
- errcode = UNWRAP_PRIVKEY_FAILED;
- goto loser;
- }
- } else {
- testPrivk=refPrivk; refPrivk = NULL;
- testSymKey=refSymKey; refSymKey = NULL;
- }
-
- /* Sign the data with the private key */
- status = PK11_Sign(testPrivk, &testSignature, &ptext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = SIGNATURE_FAILED;
- goto loser;
- }
-
- /*
- * Unless we are testing the internal slot, do the same wrap operation
- * on the internal slot and compare with the signature done on the
- * module under test
- * Also, DSA signatures contain random data, so comparing them
- * is useless (I suppose if they are the same something is wrong!).
- */
- if( (slot != internal) && !REP_KEYGEN_ON_TARGET
- && mech != CKM_DSA && mech != CKM_DSA_SHA1) {
- status = PK11_Sign(refPrivk, &refSignature, &ptext);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = SIGNATURE_FAILED;
- goto loser;
- }
-
- if( SECITEM_CompareItem(&refSignature, &testSignature)
- != SECEqual) {
- errcode = RESULTS_DONT_MATCH;
- goto loser;
- }
- }
-
-
- /*
- * Verify the signature.
- */
- status = PK11_Verify(pubk, &testSignature, &ptext, NULL /*wincx*/);
- if(status != SECSuccess) {
- secerror = PORT_GetError();
- errcode = SIGNATURE_DOESNT_VERIFY;
- goto loser;
- }
-
-
-#ifdef DEBUG
- PR_fprintf(PR_STDOUT, "Successfully finished TestSign!\n");
-#endif
-
- errcode = 0;
-
-loser:
- SECITEM_FreeItem(&refWrappedKey, PR_FALSE);
- SECITEM_FreeItem(&testWrappedKey, PR_FALSE);
- SECITEM_FreeItem(&ptext, PR_FALSE);
- SECITEM_FreeItem(&refSignature, PR_FALSE);
- SECITEM_FreeItem(&testSignature, PR_FALSE);
- if(refPrivk) {
- SECKEY_DestroyPrivateKey(refPrivk);
- }
- if(pubk) {
- SECKEY_DestroyPublicKey(pubk);
- }
- if(testPrivk) {
- SECKEY_DestroyPrivateKey(testPrivk);
- }
- if(refSymKey) {
- PK11_FreeSymKey(refSymKey);
- }
- if(testSymKey) {
- PK11_FreeSymKey(testSymKey);
- }
- if(recoveredSymKey) {
- PK11_FreeSymKey(recoveredSymKey);
- }
- return errcode;
-
-
-}
-
-/**********************************************************************
- *
- * T e s t D i g e s t
- *
- */
-int
-TestDigest(CK_MECHANISM_TYPE mech)
-{
- return 0;
-}
-
-/**********************************************************************
- *
- * T e s t H M A C
- *
- */
-int
-TestHMAC(CK_MECHANISM_TYPE mech)
-{
- return 0;
-}
-
-/**********************************************************************
- *
- * G e t M e c h I n f o
- *
- */
-MechInfo*
-GetMechInfo(CK_MECHANISM_TYPE type)
-{
- /* mechInfo array is sorted by type, so we can do a binary search
- l is the left-most possible matching index
- r is the rightmost possible matching index
- mid is approximately the middle point between l and r */
- int l, r, mid;
-
- l = 0; r = numMechs-1;
-
- while(l <= r) {
- mid = (l+r)/2;
- if(mechInfo[mid].type == type) {
- return &(mechInfo[mid]);
- } else if(mechInfo[mid].type < type) {
- l = mid+1;
- } else {
- r = mid-1;
- }
- }
-
- /* If l > r, the pointers have crossed without finding the element. */
- return NULL;
-}
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h
deleted file mode 100755
index f14de494f..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.h
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef PK11TEST_H
-#define PK11TEST_H
-
-#define REP_SYMKEY_MECHANISM CKM_DES_KEY_GEN
-
-/* symmetric key size in bytes */
-#define REP_SYMKEY_SIZE 8
-
-#define REP_PK_KEY_SIZE 1024
-#define REP_PLAINTEXT_LEN 8
-#define REP_MECHANISM mechanism[testId/2/2%46]
-#define REP_USE_CORRECT_PIN UseCorrectPin[testId%2]
-#define REP_KEYGEN_ON_TARGET KeyGenOnTarget[testId/2%2]
-#define CKM_NO_OP 0x80001111
-
-int testId = 0;
-
-PRBool UseCorrectPin[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool KeyGenOnTarget[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-CK_MECHANISM_TYPE mechanism[] = {
- CKM_NO_OP,
- CKM_RSA_PKCS,
- CKM_RSA_9796,
- CKM_RSA_X_509,
- CKM_MD2_RSA_PKCS,
- CKM_MD5_RSA_PKCS,
- CKM_SHA1_RSA_PKCS,
- CKM_DSA,
- CKM_DSA_SHA1,
- CKM_ECDSA,
- CKM_ECDSA_SHA1,
- CKM_RC2_ECB,
- CKM_RC2_CBC,
- CKM_RC4,
- CKM_RC5_ECB,
- CKM_RC5_CBC,
- CKM_DES_ECB,
- CKM_DES_CBC,
- CKM_DES3_ECB,
- CKM_DES3_CBC,
- CKM_CAST_ECB,
- CKM_CAST_CBC,
- CKM_CAST3_ECB,
- CKM_CAST3_CBC,
- CKM_CAST5_ECB,
- CKM_CAST5_CBC,
- CKM_IDEA_ECB,
- CKM_IDEA_CBC,
- CKM_CDMF_ECB,
- CKM_CDMF_CBC,
- CKM_SKIPJACK_ECB64,
- CKM_SKIPJACK_CBC64,
- CKM_SKIPJACK_OFB64,
- CKM_SKIPJACK_CFB64,
- CKM_SKIPJACK_CFB32,
- CKM_SKIPJACK_CFB16,
- CKM_SKIPJACK_CFB8,
- CKM_BATON_ECB128,
- CKM_BATON_ECB96,
- CKM_BATON_CBC128,
- CKM_BATON_COUNTER,
- CKM_BATON_SHUFFLE,
- CKM_JUNIPER_ECB128,
- CKM_JUNIPER_CBC128,
- CKM_JUNIPER_COUNTER,
- CKM_JUNIPER_SHUFFLE
-};
-
-
-
-#endif
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp
deleted file mode 100644
index bf78cf6ce..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pk11test.htp
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef PK11TEST_H
-#define PK11TEST_H
-
-#define REP_SYMKEY_MECHANISM CKM_DES_KEY_GEN
-
-/* symmetric key size in bytes */
-#define REP_SYMKEY_SIZE 8
-
-#define REP_PK_KEY_SIZE 1024
-#define REP_PLAINTEXT_LEN 8
-#define REP_MECHANISM $[mechanism]
-#define REP_USE_CORRECT_PIN $[UseCorrectPin]
-#define REP_KEYGEN_ON_TARGET $[KeyGenOnTarget]
-#define CKM_NO_OP 0x80001111
-
-$[DATA-TO-TEST]
-
-#endif
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h
deleted file mode 100644
index ae3a933d4..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.h
+++ /dev/null
@@ -1,190 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef PKCS11_H
-#define PKCS11_H
-
-#define NULL_OP 0x00
-#define ENCRYPT_OP 0x01
-#define SIGN_OP 0x02
-#define KEYGEN_OP 0x04
-#define DIGEST_OP 0x08
-#define HMAC_OP 0x10
-
-typedef struct {
- CK_MECHANISM_TYPE type;
- int op;
- CK_MECHANISM_TYPE keygenMech;
-} MechInfo;
-
-static int numMechs=118;
-static MechInfo mechInfo[] = {
- {CKM_RSA_PKCS_KEY_PAIR_GEN,
- KEYGEN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_RSA_PKCS, ENCRYPT_OP | SIGN_OP,
- CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_RSA_9796, SIGN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_RSA_X_509, ENCRYPT_OP | SIGN_OP,
- CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_MD2_RSA_PKCS, SIGN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_MD5_RSA_PKCS, SIGN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_SHA1_RSA_PKCS, SIGN_OP, CKM_RSA_PKCS_KEY_PAIR_GEN},
- {CKM_DSA_KEY_PAIR_GEN, KEYGEN_OP, CKM_DSA_KEY_PAIR_GEN},
- {CKM_DSA, SIGN_OP, CKM_DSA_KEY_PAIR_GEN},
- {CKM_DSA_SHA1, SIGN_OP, CKM_DSA_KEY_PAIR_GEN},
- {CKM_DH_PKCS_KEY_PAIR_GEN,
- KEYGEN_OP, CKM_DH_PKCS_KEY_PAIR_GEN},
- {CKM_DH_PKCS_DERIVE, NULL_OP, 0},
- {CKM_RC2_KEY_GEN, KEYGEN_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_ECB, ENCRYPT_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_CBC, ENCRYPT_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_MAC, NULL_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_MAC_GENERAL, NULL_OP, CKM_RC2_KEY_GEN},
- {CKM_RC2_CBC_PAD, NULL_OP, CKM_RC2_KEY_GEN},
- {CKM_RC4_KEY_GEN, KEYGEN_OP, CKM_RC4_KEY_GEN},
- {CKM_RC4, ENCRYPT_OP, CKM_RC4_KEY_GEN},
- {CKM_DES_KEY_GEN, KEYGEN_OP, CKM_DES_KEY_GEN},
- {CKM_DES_ECB, ENCRYPT_OP, CKM_DES_KEY_GEN},
- {CKM_DES_CBC, ENCRYPT_OP, CKM_DES_KEY_GEN},
- {CKM_DES_MAC, NULL_OP, CKM_DES_KEY_GEN},
- {CKM_DES_MAC_GENERAL, NULL_OP, CKM_DES_KEY_GEN},
- {CKM_DES_CBC_PAD, NULL_OP, CKM_DES_KEY_GEN},
- {CKM_DES2_KEY_GEN, KEYGEN_OP, CKM_DES2_KEY_GEN},
- {CKM_DES3_KEY_GEN, KEYGEN_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_ECB, ENCRYPT_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_CBC, ENCRYPT_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_MAC, NULL_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_MAC_GENERAL, NULL_OP, CKM_DES3_KEY_GEN},
- {CKM_DES3_CBC_PAD, NULL_OP, CKM_DES3_KEY_GEN},
- {CKM_CDMF_KEY_GEN, KEYGEN_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_ECB, ENCRYPT_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_CBC, ENCRYPT_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_MAC, NULL_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_MAC_GENERAL, NULL_OP, CKM_CDMF_KEY_GEN},
- {CKM_CDMF_CBC_PAD, NULL_OP, CKM_CDMF_KEY_GEN},
- {CKM_MD2, DIGEST_OP, 0},
- {CKM_MD2_HMAC, HMAC_OP, 0},
- {CKM_MD2_HMAC_GENERAL, HMAC_OP, 0},
- {CKM_MD5, DIGEST_OP, 0},
- {CKM_MD5_HMAC, HMAC_OP, 0},
- {CKM_MD5_HMAC_GENERAL, HMAC_OP, 0},
- {CKM_SHA_1, DIGEST_OP, 0},
- {CKM_SHA_1_HMAC, HMAC_OP, 0},
- {CKM_SHA_1_HMAC_GENERAL,HMAC_OP, 0},
- {CKM_CAST_KEY_GEN, KEYGEN_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_ECB, ENCRYPT_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_CBC, ENCRYPT_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_MAC, NULL_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_MAC_GENERAL, NULL_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST_CBC_PAD, NULL_OP, CKM_CAST_KEY_GEN},
- {CKM_CAST3_KEY_GEN, KEYGEN_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_ECB, ENCRYPT_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_CBC, ENCRYPT_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_MAC, NULL_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_MAC_GENERAL, NULL_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST3_CBC_PAD, NULL_OP, CKM_CAST3_KEY_GEN},
- {CKM_CAST5_KEY_GEN, KEYGEN_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_ECB, ENCRYPT_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_CBC, ENCRYPT_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_MAC, NULL_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_MAC_GENERAL, NULL_OP, CKM_CAST5_KEY_GEN},
- {CKM_CAST5_CBC_PAD, NULL_OP, CKM_CAST5_KEY_GEN},
- {CKM_RC5_KEY_GEN, KEYGEN_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_ECB, ENCRYPT_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_CBC, ENCRYPT_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_MAC, NULL_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_MAC_GENERAL, NULL_OP, CKM_RC5_KEY_GEN},
- {CKM_RC5_CBC_PAD, NULL_OP, CKM_RC5_KEY_GEN},
- {CKM_IDEA_KEY_GEN, KEYGEN_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_ECB, ENCRYPT_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_CBC, ENCRYPT_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_MAC, NULL_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_MAC_GENERAL, NULL_OP, CKM_IDEA_KEY_GEN},
- {CKM_IDEA_CBC_PAD, NULL_OP, CKM_IDEA_KEY_GEN},
- {CKM_GENERIC_SECRET_KEY_GEN,
- KEYGEN_OP, CKM_GENERIC_SECRET_KEY_GEN},
-/* SSL mechanisms?
- {CKM_SSL3_PRE_MASTER_KEY_GEN},
- {CKM_SSL3_MASTER_KEY_DERIVE},
- {CKM_SSL3_KEY_AND_MAC_DERIVE},
- {CKM_SSL3_MD5_MAC},
- {CKM_SSL3_SHA1_MAC},
-*/
- {CKM_PBE_MD2_DES_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_DES_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_CAST_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_CAST3_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_CAST5_CBC, KEYGEN_OP, 0},
- {CKM_PBE_MD5_CAST128_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_CAST5_CBC,KEYGEN_OP, 0},
- {CKM_PBE_SHA1_CAST128_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_RC4_128, KEYGEN_OP, 0},
- {CKM_PBE_SHA1_RC4_40, KEYGEN_OP, 0},
- {CKM_PBE_SHA1_DES3_EDE_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_DES2_EDE_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_RC2_128_CBC,
- KEYGEN_OP, 0},
- {CKM_PBE_SHA1_RC2_40_CBC,
- KEYGEN_OP, 0},
- {CKM_PBA_SHA1_WITH_SHA1_HMAC,
- KEYGEN_OP, 0},
- {CKM_SKIPJACK_KEY_GEN, KEYGEN_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_ECB64, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CBC64, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_OFB64, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CFB64, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CFB32, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CFB16, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_SKIPJACK_CFB8, ENCRYPT_OP, CKM_SKIPJACK_KEY_GEN},
- {CKM_KEA_KEY_PAIR_GEN, KEYGEN_OP, 0},
- {CKM_BATON_KEY_GEN, KEYGEN_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_ECB128, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_ECB96, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_CBC128, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_COUNTER, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_BATON_SHUFFLE, ENCRYPT_OP, CKM_BATON_KEY_GEN},
- {CKM_ECDSA_KEY_PAIR_GEN,KEYGEN_OP, CKM_ECDSA_KEY_PAIR_GEN},
- {CKM_ECDSA, SIGN_OP, CKM_ECDSA_KEY_PAIR_GEN},
- {CKM_ECDSA_SHA1, SIGN_OP, CKM_ECDSA_KEY_PAIR_GEN},
- {CKM_JUNIPER_KEY_GEN, KEYGEN_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_JUNIPER_ECB128, ENCRYPT_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_JUNIPER_CBC128, ENCRYPT_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_JUNIPER_COUNTER, ENCRYPT_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_JUNIPER_SHUFFLE, ENCRYPT_OP, CKM_JUNIPER_KEY_GEN},
- {CKM_FASTHASH, DIGEST_OP, 0}
-};
-
-#endif
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg
deleted file mode 100644
index e0a433552..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.reg
+++ /dev/null
@@ -1,960 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-mut=PKCS11
-mutversion=1.0
-htmlout=NOW
-reporterSpec=NOW
-program=pk11test
-globalArgs=internal
-
-[Test-1]
-
-testId=0
-testname=Use supplied pin, Generate keys on target token, NO OP,
-
-[Test-2]
-
-testId=4
-testname=Use supplied pin, Generate keys on target token, RSA PKCS,
-
-[Test-3]
-
-testId=8
-testname=Use supplied pin, Generate keys on target token, RSA 9796,
-
-[Test-4]
-
-testId=12
-testname=Use supplied pin, Generate keys on target token, RSA X.509,
-
-[Test-5]
-
-testId=16
-testname=Use supplied pin, Generate keys on target token, MD2 RSA PKCS,
-
-[Test-6]
-
-testId=20
-testname=Use supplied pin, Generate keys on target token, MD5 RSA PKCS,
-
-[Test-7]
-
-testId=24
-testname=Use supplied pin, Generate keys on target token, SHA1 RSA PKCS,
-
-[Test-8]
-
-testId=28
-testname=Use supplied pin, Generate keys on target token, DSA,
-
-[Test-9]
-
-testId=32
-testname=Use supplied pin, Generate keys on target token, DSA SHA1,
-
-[Test-10]
-
-testId=36
-testname=Use supplied pin, Generate keys on target token, ECDSA,
-
-[Test-11]
-
-testId=40
-testname=Use supplied pin, Generate keys on target token, ECDSA SHA1,
-
-[Test-12]
-
-testId=44
-testname=Use supplied pin, Generate keys on target token, RC2 ECB,
-
-[Test-13]
-
-testId=48
-testname=Use supplied pin, Generate keys on target token, RC2 CBC,
-
-[Test-14]
-
-testId=52
-testname=Use supplied pin, Generate keys on target token, RC4,
-
-[Test-15]
-
-testId=56
-testname=Use supplied pin, Generate keys on target token, RC5 ECB,
-
-[Test-16]
-
-testId=60
-testname=Use supplied pin, Generate keys on target token, RC5 CBC,
-
-[Test-17]
-
-testId=64
-testname=Use supplied pin, Generate keys on target token, DES ECB,
-
-[Test-18]
-
-testId=68
-testname=Use supplied pin, Generate keys on target token, DES CBC,
-
-[Test-19]
-
-testId=72
-testname=Use supplied pin, Generate keys on target token, DES3 ECB,
-
-[Test-20]
-
-testId=76
-testname=Use supplied pin, Generate keys on target token, DES3 CBC,
-
-[Test-21]
-
-testId=80
-testname=Use supplied pin, Generate keys on target token, CAST ECB,
-
-[Test-22]
-
-testId=84
-testname=Use supplied pin, Generate keys on target token, CAST CBC,
-
-[Test-23]
-
-testId=88
-testname=Use supplied pin, Generate keys on target token, CAST3 ECB,
-
-[Test-24]
-
-testId=92
-testname=Use supplied pin, Generate keys on target token, CAST3 CBC,
-
-[Test-25]
-
-testId=96
-testname=Use supplied pin, Generate keys on target token, CAST5 ECB,
-
-[Test-26]
-
-testId=100
-testname=Use supplied pin, Generate keys on target token, CAST5 CBC,
-
-[Test-27]
-
-testId=104
-testname=Use supplied pin, Generate keys on target token, IDEA ECB,
-
-[Test-28]
-
-testId=108
-testname=Use supplied pin, Generate keys on target token, IDEA CBC,
-
-[Test-29]
-
-testId=112
-testname=Use supplied pin, Generate keys on target token, CDMF ECB,
-
-[Test-30]
-
-testId=116
-testname=Use supplied pin, Generate keys on target token, CDMF CBC,
-
-[Test-31]
-
-testId=120
-testname=Use supplied pin, Generate keys on target token, SKIPJACK ECB64,
-
-[Test-32]
-
-testId=124
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CBC64,
-
-[Test-33]
-
-testId=128
-testname=Use supplied pin, Generate keys on target token, SKIPJACK OFB64,
-
-[Test-34]
-
-testId=132
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB64,
-
-[Test-35]
-
-testId=136
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB32,
-
-[Test-36]
-
-testId=140
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB16,
-
-[Test-37]
-
-testId=144
-testname=Use supplied pin, Generate keys on target token, SKIPJACK CFB8,
-
-[Test-38]
-
-testId=148
-testname=Use supplied pin, Generate keys on target token, BATON ECB128,
-
-[Test-39]
-
-testId=152
-testname=Use supplied pin, Generate keys on target token, BATON ECB96,
-
-[Test-40]
-
-testId=156
-testname=Use supplied pin, Generate keys on target token, BATON CBC128,
-
-[Test-41]
-
-testId=160
-testname=Use supplied pin, Generate keys on target token, BATON counter,
-
-[Test-42]
-
-testId=164
-testname=Use supplied pin, Generate keys on target token, BATON shuffle,
-
-[Test-43]
-
-testId=168
-testname=Use supplied pin, Generate keys on target token, JUNIPER ECB128,
-
-[Test-44]
-
-testId=172
-testname=Use supplied pin, Generate keys on target token, JUNIPER CBC128,
-
-[Test-45]
-
-testId=176
-testname=Use supplied pin, Generate keys on target token, JUNIPER counter,
-
-[Test-46]
-
-testId=180
-testname=Use supplied pin, Generate keys on target token, JUNIPER shuffle,
-
-[Test-47]
-
-testId=2
-testname=Use supplied pin, Generate keys on internal module, NO OP,
-
-[Test-48]
-
-testId=6
-testname=Use supplied pin, Generate keys on internal module, RSA PKCS,
-
-[Test-49]
-
-testId=10
-testname=Use supplied pin, Generate keys on internal module, RSA 9796,
-
-[Test-50]
-
-testId=14
-testname=Use supplied pin, Generate keys on internal module, RSA X.509,
-
-[Test-51]
-
-testId=18
-testname=Use supplied pin, Generate keys on internal module, MD2 RSA PKCS,
-
-[Test-52]
-
-testId=22
-testname=Use supplied pin, Generate keys on internal module, MD5 RSA PKCS,
-
-[Test-53]
-
-testId=26
-testname=Use supplied pin, Generate keys on internal module, SHA1 RSA PKCS,
-
-[Test-54]
-
-testId=30
-testname=Use supplied pin, Generate keys on internal module, DSA,
-
-[Test-55]
-
-testId=34
-testname=Use supplied pin, Generate keys on internal module, DSA SHA1,
-
-[Test-56]
-
-testId=38
-testname=Use supplied pin, Generate keys on internal module, ECDSA,
-
-[Test-57]
-
-testId=42
-testname=Use supplied pin, Generate keys on internal module, ECDSA SHA1,
-
-[Test-58]
-
-testId=46
-testname=Use supplied pin, Generate keys on internal module, RC2 ECB,
-
-[Test-59]
-
-testId=50
-testname=Use supplied pin, Generate keys on internal module, RC2 CBC,
-
-[Test-60]
-
-testId=54
-testname=Use supplied pin, Generate keys on internal module, RC4,
-
-[Test-61]
-
-testId=58
-testname=Use supplied pin, Generate keys on internal module, RC5 ECB,
-
-[Test-62]
-
-testId=62
-testname=Use supplied pin, Generate keys on internal module, RC5 CBC,
-
-[Test-63]
-
-testId=66
-testname=Use supplied pin, Generate keys on internal module, DES ECB,
-
-[Test-64]
-
-testId=70
-testname=Use supplied pin, Generate keys on internal module, DES CBC,
-
-[Test-65]
-
-testId=74
-testname=Use supplied pin, Generate keys on internal module, DES3 ECB,
-
-[Test-66]
-
-testId=78
-testname=Use supplied pin, Generate keys on internal module, DES3 CBC,
-
-[Test-67]
-
-testId=82
-testname=Use supplied pin, Generate keys on internal module, CAST ECB,
-
-[Test-68]
-
-testId=86
-testname=Use supplied pin, Generate keys on internal module, CAST CBC,
-
-[Test-69]
-
-testId=90
-testname=Use supplied pin, Generate keys on internal module, CAST3 ECB,
-
-[Test-70]
-
-testId=94
-testname=Use supplied pin, Generate keys on internal module, CAST3 CBC,
-
-[Test-71]
-
-testId=98
-testname=Use supplied pin, Generate keys on internal module, CAST5 ECB,
-
-[Test-72]
-
-testId=102
-testname=Use supplied pin, Generate keys on internal module, CAST5 CBC,
-
-[Test-73]
-
-testId=106
-testname=Use supplied pin, Generate keys on internal module, IDEA ECB,
-
-[Test-74]
-
-testId=110
-testname=Use supplied pin, Generate keys on internal module, IDEA CBC,
-
-[Test-75]
-
-testId=114
-testname=Use supplied pin, Generate keys on internal module, CDMF ECB,
-
-[Test-76]
-
-testId=118
-testname=Use supplied pin, Generate keys on internal module, CDMF CBC,
-
-[Test-77]
-
-testId=122
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK ECB64,
-
-[Test-78]
-
-testId=126
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CBC64,
-
-[Test-79]
-
-testId=130
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK OFB64,
-
-[Test-80]
-
-testId=134
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB64,
-
-[Test-81]
-
-testId=138
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB32,
-
-[Test-82]
-
-testId=142
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB16,
-
-[Test-83]
-
-testId=146
-testname=Use supplied pin, Generate keys on internal module, SKIPJACK CFB8,
-
-[Test-84]
-
-testId=150
-testname=Use supplied pin, Generate keys on internal module, BATON ECB128,
-
-[Test-85]
-
-testId=154
-testname=Use supplied pin, Generate keys on internal module, BATON ECB96,
-
-[Test-86]
-
-testId=158
-testname=Use supplied pin, Generate keys on internal module, BATON CBC128,
-
-[Test-87]
-
-testId=162
-testname=Use supplied pin, Generate keys on internal module, BATON counter,
-
-[Test-88]
-
-testId=166
-testname=Use supplied pin, Generate keys on internal module, BATON shuffle,
-
-[Test-89]
-
-testId=170
-testname=Use supplied pin, Generate keys on internal module, JUNIPER ECB128,
-
-[Test-90]
-
-testId=174
-testname=Use supplied pin, Generate keys on internal module, JUNIPER CBC128,
-
-[Test-91]
-
-testId=178
-testname=Use supplied pin, Generate keys on internal module, JUNIPER counter,
-
-[Test-92]
-
-testId=182
-testname=Use supplied pin, Generate keys on internal module, JUNIPER shuffle,
-
-[Test-93]
-
-testId=1
-testname=Use different (incorrect) pin, Generate keys on target token, NO OP,
-
-[Test-94]
-
-testId=5
-testname=Use different (incorrect) pin, Generate keys on target token, RSA PKCS,
-
-[Test-95]
-
-testId=9
-testname=Use different (incorrect) pin, Generate keys on target token, RSA 9796,
-
-[Test-96]
-
-testId=13
-testname=Use different (incorrect) pin, Generate keys on target token, RSA X.509,
-
-[Test-97]
-
-testId=17
-testname=Use different (incorrect) pin, Generate keys on target token, MD2 RSA PKCS,
-
-[Test-98]
-
-testId=21
-testname=Use different (incorrect) pin, Generate keys on target token, MD5 RSA PKCS,
-
-[Test-99]
-
-testId=25
-testname=Use different (incorrect) pin, Generate keys on target token, SHA1 RSA PKCS,
-
-[Test-100]
-
-testId=29
-testname=Use different (incorrect) pin, Generate keys on target token, DSA,
-
-[Test-101]
-
-testId=33
-testname=Use different (incorrect) pin, Generate keys on target token, DSA SHA1,
-
-[Test-102]
-
-testId=37
-testname=Use different (incorrect) pin, Generate keys on target token, ECDSA,
-
-[Test-103]
-
-testId=41
-testname=Use different (incorrect) pin, Generate keys on target token, ECDSA SHA1,
-
-[Test-104]
-
-testId=45
-testname=Use different (incorrect) pin, Generate keys on target token, RC2 ECB,
-
-[Test-105]
-
-testId=49
-testname=Use different (incorrect) pin, Generate keys on target token, RC2 CBC,
-
-[Test-106]
-
-testId=53
-testname=Use different (incorrect) pin, Generate keys on target token, RC4,
-
-[Test-107]
-
-testId=57
-testname=Use different (incorrect) pin, Generate keys on target token, RC5 ECB,
-
-[Test-108]
-
-testId=61
-testname=Use different (incorrect) pin, Generate keys on target token, RC5 CBC,
-
-[Test-109]
-
-testId=65
-testname=Use different (incorrect) pin, Generate keys on target token, DES ECB,
-
-[Test-110]
-
-testId=69
-testname=Use different (incorrect) pin, Generate keys on target token, DES CBC,
-
-[Test-111]
-
-testId=73
-testname=Use different (incorrect) pin, Generate keys on target token, DES3 ECB,
-
-[Test-112]
-
-testId=77
-testname=Use different (incorrect) pin, Generate keys on target token, DES3 CBC,
-
-[Test-113]
-
-testId=81
-testname=Use different (incorrect) pin, Generate keys on target token, CAST ECB,
-
-[Test-114]
-
-testId=85
-testname=Use different (incorrect) pin, Generate keys on target token, CAST CBC,
-
-[Test-115]
-
-testId=89
-testname=Use different (incorrect) pin, Generate keys on target token, CAST3 ECB,
-
-[Test-116]
-
-testId=93
-testname=Use different (incorrect) pin, Generate keys on target token, CAST3 CBC,
-
-[Test-117]
-
-testId=97
-testname=Use different (incorrect) pin, Generate keys on target token, CAST5 ECB,
-
-[Test-118]
-
-testId=101
-testname=Use different (incorrect) pin, Generate keys on target token, CAST5 CBC,
-
-[Test-119]
-
-testId=105
-testname=Use different (incorrect) pin, Generate keys on target token, IDEA ECB,
-
-[Test-120]
-
-testId=109
-testname=Use different (incorrect) pin, Generate keys on target token, IDEA CBC,
-
-[Test-121]
-
-testId=113
-testname=Use different (incorrect) pin, Generate keys on target token, CDMF ECB,
-
-[Test-122]
-
-testId=117
-testname=Use different (incorrect) pin, Generate keys on target token, CDMF CBC,
-
-[Test-123]
-
-testId=121
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK ECB64,
-
-[Test-124]
-
-testId=125
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CBC64,
-
-[Test-125]
-
-testId=129
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK OFB64,
-
-[Test-126]
-
-testId=133
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB64,
-
-[Test-127]
-
-testId=137
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB32,
-
-[Test-128]
-
-testId=141
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB16,
-
-[Test-129]
-
-testId=145
-testname=Use different (incorrect) pin, Generate keys on target token, SKIPJACK CFB8,
-
-[Test-130]
-
-testId=149
-testname=Use different (incorrect) pin, Generate keys on target token, BATON ECB128,
-
-[Test-131]
-
-testId=153
-testname=Use different (incorrect) pin, Generate keys on target token, BATON ECB96,
-
-[Test-132]
-
-testId=157
-testname=Use different (incorrect) pin, Generate keys on target token, BATON CBC128,
-
-[Test-133]
-
-testId=161
-testname=Use different (incorrect) pin, Generate keys on target token, BATON counter,
-
-[Test-134]
-
-testId=165
-testname=Use different (incorrect) pin, Generate keys on target token, BATON shuffle,
-
-[Test-135]
-
-testId=169
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER ECB128,
-
-[Test-136]
-
-testId=173
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER CBC128,
-
-[Test-137]
-
-testId=177
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER counter,
-
-[Test-138]
-
-testId=181
-testname=Use different (incorrect) pin, Generate keys on target token, JUNIPER shuffle,
-
-[Test-139]
-
-testId=3
-testname=Use different (incorrect) pin, Generate keys on internal module, NO OP,
-
-[Test-140]
-
-testId=7
-testname=Use different (incorrect) pin, Generate keys on internal module, RSA PKCS,
-
-[Test-141]
-
-testId=11
-testname=Use different (incorrect) pin, Generate keys on internal module, RSA 9796,
-
-[Test-142]
-
-testId=15
-testname=Use different (incorrect) pin, Generate keys on internal module, RSA X.509,
-
-[Test-143]
-
-testId=19
-testname=Use different (incorrect) pin, Generate keys on internal module, MD2 RSA PKCS,
-
-[Test-144]
-
-testId=23
-testname=Use different (incorrect) pin, Generate keys on internal module, MD5 RSA PKCS,
-
-[Test-145]
-
-testId=27
-testname=Use different (incorrect) pin, Generate keys on internal module, SHA1 RSA PKCS,
-
-[Test-146]
-
-testId=31
-testname=Use different (incorrect) pin, Generate keys on internal module, DSA,
-
-[Test-147]
-
-testId=35
-testname=Use different (incorrect) pin, Generate keys on internal module, DSA SHA1,
-
-[Test-148]
-
-testId=39
-testname=Use different (incorrect) pin, Generate keys on internal module, ECDSA,
-
-[Test-149]
-
-testId=43
-testname=Use different (incorrect) pin, Generate keys on internal module, ECDSA SHA1,
-
-[Test-150]
-
-testId=47
-testname=Use different (incorrect) pin, Generate keys on internal module, RC2 ECB,
-
-[Test-151]
-
-testId=51
-testname=Use different (incorrect) pin, Generate keys on internal module, RC2 CBC,
-
-[Test-152]
-
-testId=55
-testname=Use different (incorrect) pin, Generate keys on internal module, RC4,
-
-[Test-153]
-
-testId=59
-testname=Use different (incorrect) pin, Generate keys on internal module, RC5 ECB,
-
-[Test-154]
-
-testId=63
-testname=Use different (incorrect) pin, Generate keys on internal module, RC5 CBC,
-
-[Test-155]
-
-testId=67
-testname=Use different (incorrect) pin, Generate keys on internal module, DES ECB,
-
-[Test-156]
-
-testId=71
-testname=Use different (incorrect) pin, Generate keys on internal module, DES CBC,
-
-[Test-157]
-
-testId=75
-testname=Use different (incorrect) pin, Generate keys on internal module, DES3 ECB,
-
-[Test-158]
-
-testId=79
-testname=Use different (incorrect) pin, Generate keys on internal module, DES3 CBC,
-
-[Test-159]
-
-testId=83
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST ECB,
-
-[Test-160]
-
-testId=87
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST CBC,
-
-[Test-161]
-
-testId=91
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST3 ECB,
-
-[Test-162]
-
-testId=95
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST3 CBC,
-
-[Test-163]
-
-testId=99
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST5 ECB,
-
-[Test-164]
-
-testId=103
-testname=Use different (incorrect) pin, Generate keys on internal module, CAST5 CBC,
-
-[Test-165]
-
-testId=107
-testname=Use different (incorrect) pin, Generate keys on internal module, IDEA ECB,
-
-[Test-166]
-
-testId=111
-testname=Use different (incorrect) pin, Generate keys on internal module, IDEA CBC,
-
-[Test-167]
-
-testId=115
-testname=Use different (incorrect) pin, Generate keys on internal module, CDMF ECB,
-
-[Test-168]
-
-testId=119
-testname=Use different (incorrect) pin, Generate keys on internal module, CDMF CBC,
-
-[Test-169]
-
-testId=123
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK ECB64,
-
-[Test-170]
-
-testId=127
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CBC64,
-
-[Test-171]
-
-testId=131
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK OFB64,
-
-[Test-172]
-
-testId=135
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB64,
-
-[Test-173]
-
-testId=139
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB32,
-
-[Test-174]
-
-testId=143
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB16,
-
-[Test-175]
-
-testId=147
-testname=Use different (incorrect) pin, Generate keys on internal module, SKIPJACK CFB8,
-
-[Test-176]
-
-testId=151
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON ECB128,
-
-[Test-177]
-
-testId=155
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON ECB96,
-
-[Test-178]
-
-testId=159
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON CBC128,
-
-[Test-179]
-
-testId=163
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON counter,
-
-[Test-180]
-
-testId=167
-testname=Use different (incorrect) pin, Generate keys on internal module, BATON shuffle,
-
-[Test-181]
-
-testId=171
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER ECB128,
-
-[Test-182]
-
-testId=175
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER CBC128,
-
-[Test-183]
-
-testId=179
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER counter,
-
-[Test-184]
-
-testId=183
-testname=Use different (incorrect) pin, Generate keys on internal module, JUNIPER shuffle,
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep
deleted file mode 100644
index c1f688ec3..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/pkcs11.rep
+++ /dev/null
@@ -1,157 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-mut=PKCS11
-mutversion=1.0
-cTemplate=pk11test.htp
-testPrefix=pk11test
-testSuffix=.h
-#timeout=
-regressSpecfile=pkcs11.reg
-regressOutput=NOW
-reporterOutput=NOW
-singleSource=TRUE
-firstExitCode=100
-
-[UseCorrectPin]
-IMPORTANCE=HIGH
-TYPE=PRBool
-Use supplied pin, =PR_TRUE
-Use different (incorrect) pin, =PR_FALSE
-
-[KeyGenOnTarget]
-IMPORTANCE=HIGH
-TYPE=PRBool
-Generate keys on target token, = PR_TRUE
-Generate keys on internal module, = PR_FALSE
-
-[mechanism]
-IMPORTANCE=HIGH
-TYPE = CK_MECHANISM_TYPE
-NO OP, = CKM_NO_OP
-RSA PKCS, = CKM_RSA_PKCS
-RSA 9796, = CKM_RSA_9796
-RSA X.509, = CKM_RSA_X_509
-MD2 RSA PKCS, = CKM_MD2_RSA_PKCS
-MD5 RSA PKCS, = CKM_MD5_RSA_PKCS
-SHA1 RSA PKCS, = CKM_SHA1_RSA_PKCS
-DSA, = CKM_DSA
-DSA SHA1, = CKM_DSA_SHA1
-ECDSA, = CKM_ECDSA
-ECDSA SHA1, = CKM_ECDSA_SHA1
-RC2 ECB, = CKM_RC2_ECB
-RC2 CBC, = CKM_RC2_CBC
-#RC2 CBC PAD, = CKM_RC2_CBC_PAD
-#RC2 MAC general, = CKM_RC2_MAC_GENERAL
-#RC2 MAC, = CKM_RC2_MAC
-RC4, = CKM_RC4
-RC5 ECB, = CKM_RC5_ECB
-RC5 CBC, = CKM_RC5_CBC
-#RC5 CBC PAD, = CKM_RC5_CBC_PAD
-#RC5 MAC general, = CKM_RC5_MAC_GENERAL
-#RC5 MAC, = CKM_RC5_MAC
-DES ECB, = CKM_DES_ECB
-DES CBC, = CKM_DES_CBC
-#DES CBC PAD, = CKM_DES_CBC_PAD
-#DES MAC general, = CKM_DES_MAC_GENERAL
-#DES MAC, = CKM_DES_MAC
-#DES2 keygen, = CKM_DES2_KEY_GEN
-DES3 ECB, = CKM_DES3_ECB
-DES3 CBC, = CKM_DES3_CBC
-#DES3 CBC pad, = CKM_DES3_CBC_PAD
-#DES3 MAC general, = CKM_DES3_MAC_GENERAL
-#DES3 MAC, = CKM_DES3_MAC
-CAST ECB, = CKM_CAST_ECB
-CAST CBC, = CKM_CAST_CBC
-#CAST CBC PAD, = CKM_CAST_CBC_PAD
-#CAST MAC general, = CKM_CAST_MAC_GENERAL
-#CAST MAC, = CKM_CAST_MAC
-CAST3 ECB, = CKM_CAST3_ECB
-CAST3 CBC, = CKM_CAST3_CBC
-#CAST3 CBC PAD, = CKM_CAST3_CBC_PAD
-#CAST3 MAC general, = CKM_CAST3_MAC_GENERAL
-#CAST3 MAC, = CKM_CAST3_MAC
-CAST5 ECB, = CKM_CAST5_ECB
-CAST5 CBC, = CKM_CAST5_CBC
-#CAST5 CBC PAD, = CKM_CAST5_CBC_PAD
-#CAST5 MAC general, = CKM_CAST5_MAC_GENERAL
-#CAST5 MAC, = CKM_CAST5_MAC
-IDEA ECB, = CKM_IDEA_ECB
-IDEA CBC, = CKM_IDEA_CBC
-#IDEA CBC PAD, = CKM_IDEA_CBC_PAD
-#IDEA MAC general, = CKM_IDEA_MAC_GENERAL
-#IDEA MAC, = CKM_IDEA_MAC
-CDMF ECB, = CKM_CDMF_ECB
-CDMF CBC, = CKM_CDMF_CBC
-#CDMF CBC PAD, = CKM_CDMF_CBC_PAD
-#CDMF MAC general, = CKM_CDMF_MAC_GENERAL
-#CDMF MAC, = CKM_CDMF_MAC
-SKIPJACK ECB64, = CKM_SKIPJACK_ECB64
-SKIPJACK CBC64, = CKM_SKIPJACK_CBC64
-SKIPJACK OFB64, = CKM_SKIPJACK_OFB64
-SKIPJACK CFB64, = CKM_SKIPJACK_CFB64
-SKIPJACK CFB32, = CKM_SKIPJACK_CFB32
-SKIPJACK CFB16, = CKM_SKIPJACK_CFB16
-SKIPJACK CFB8, = CKM_SKIPJACK_CFB8
-BATON ECB128, = CKM_BATON_ECB128
-BATON ECB96, = CKM_BATON_ECB96
-BATON CBC128, = CKM_BATON_CBC128
-BATON counter, = CKM_BATON_COUNTER
-BATON shuffle, = CKM_BATON_SHUFFLE
-JUNIPER ECB128, = CKM_JUNIPER_ECB128
-JUNIPER CBC128, = CKM_JUNIPER_CBC128
-JUNIPER counter, = CKM_JUNIPER_COUNTER
-JUNIPER shuffle, = CKM_JUNIPER_SHUFFLE
-#MD2 digest, = CKM_MD2
-#MD2 HMAC general, = CKM_MD2_HMAC_GENERAL
-#MD2 HMAC, = CKM_MD2_HMAC
-#MD5 digest, = CKM_MD5
-#MD5 HMAC general, = CKM_MD5_HMAC_GENERAL
-#MD5 HMAC, = CKM_MD5_HMAC
-#SHA1 digest, = CKM_SHA_1
-#SHA1 HMAC general, = CKM_SHA_1_HMAC_GENERAL
-#SHA1 HMAC, = CKM_SHA_1_HMAC
-#Fasthash, = CKM_FASTHASH
-#CKM_PBE_MD2_DES_CBC = CKM_PBE_MD2_DES_CBC
-#CKM_PBE_MD5_DES_CBC = CKM_PBE_MD5_DES_CBC
-#CKM_PBE_MD5_CAST_CBC = CKM_PBE_MD5_CAST_CBC
-#CKM_PBE_MD5_CAST3_CBC = CKM_PBE_MD5_CAST3_CBC
-#CKM_PBE_MD5_CAST5_CBC = CKM_PBE_MD5_CAST5_CBC
-#CKM_PBE_SHA1_CAST5_CBC = CKM_PBE_SHA1_CAST5_CBC
-#CKM_PBE_SHA1_RC4_128 = CKM_PBE_SHA1_RC4_128
-#CKM_PBE_SHA1_RC4_40 = CKM_PBE_SHA1_RC4_40
-#CKM_PBE_SHA1_DES3_EDE_CBC = CKM_PBE_SHA1_DES3_EDE_CBC
-#CKM_PBE_SHA1_DES2_EDE_CBC = CKM_PBE_SHA1_DES2_EDE_CBC
-#CKM_PBE_SHA1_RC2_128_CBC = CKM_PBE_SHA1_RC2_128_CBC
-#CKM_PBE_SHA1_RC2_40_CBC = CKM_PBE_SHA1_RC2_40_CBC
-#CKM_PBA_SHA1_WITH_SHA1_HMAC = CKM_PBA_SHA1_WITH_SHA1_HMAC
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk b/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk
deleted file mode 100644
index 8e1d62337..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/pkcs11/rules.mk
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-pk11test.c: pk11test.h pkcs11.h
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile b/security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile
deleted file mode 100644
index 48f5c0f06..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/Makefile
+++ /dev/null
@@ -1,77 +0,0 @@
-#! gmake
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# (1) Include initial platform-independent assignments (MANDATORY). #
-#######################################################################
-
-include manifest.mn
-
-#######################################################################
-# (2) Include "global" configuration information. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/config.mk
-
-#######################################################################
-# (3) Include "component" configuration information. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/config.mk
-
-#######################################################################
-# (4) Include "local" platform-dependent assignments (OPTIONAL). #
-#######################################################################
-
-include config.mk
-
-#######################################################################
-# (5) Execute "global" rules. (OPTIONAL) #
-#######################################################################
-
-include $(CORE_DEPTH)/coreconf/rules.mk
-
-#######################################################################
-# (6) Execute "component" rules. (OPTIONAL) #
-#######################################################################
-
-#include $(CORE_DEPTH)/$(MODULE)/config/rules.mk
-include $(CORE_DEPTH)/nss/cmd/platlibs.mk
-include $(CORE_DEPTH)/nss/cmd/platrules.mk
-
-#######################################################################
-# (7) Execute "local" rules. (OPTIONAL). #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/README b/security/nss/tests/pkcs11/netscape/suites/security/ssl/README
deleted file mode 100644
index 80d14de16..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/README
+++ /dev/null
@@ -1,11 +0,0 @@
-
-sslt.rep : Replacer specfile
-sslt.c : Main source code file for test
-sslt.htp : Replacer template for header file
-sslt.h : Replacer-generated header file
-sslc.c : Ciphersuite-related data structures and code
-ssls.c : Data buffer for transmitting data
-ssls.h : Data structures and defines for the main code
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db b/security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db
deleted file mode 100644
index 02f36ae28..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/cert7.db
+++ /dev/null
Binary files differ
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk b/security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk
deleted file mode 100644
index 46e820866..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/config.mk
+++ /dev/null
@@ -1,61 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#######################################################################
-# Set the LDFLAGS value to encompass all normal link options, all #
-# library names, and all special system linking options #
-#######################################################################
-
-LDFLAGS = \
- $(DYNAMIC_LIB_PATH) \
- $(LDOPTS) \
- $(LIBSECTOOLS) \
- $(LIBSSL) \
- $(LIBPKCS7) \
- $(LIBCERT) \
- $(LIBKEY) \
- $(LIBSECMOD) \
- $(LIBCRYPTO) \
- $(LIBSECUTIL) \
- $(LIBHASH) \
- $(LIBDBM) \
- $(LIBPLC) \
- $(LIBPLDS) \
- $(LIBPR) \
- $(DLLSYSTEM)
-
-#######################################################################
-# Adjust specific variables for all platforms #
-#######################################################################
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db b/security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db
deleted file mode 100644
index 1c015a4a2..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/key3.db
+++ /dev/null
Binary files differ
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn b/security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn
deleted file mode 100644
index 532bb61dd..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/manifest.mn
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-CORE_DEPTH = ../../../../../../..
-
-#MODULE = sectools
-
-EXPORTS =
-
-CSRCS = sslt.c \
- ssls.c \
- sslc.c \
- $(NULL)
-
-PROGRAM = sslt
-
-#IMPORTS = nspr20/19980120 \
-# sectools/bin/STP_1_51 \
-# sectools/lib/STP_1_51 \
-# security/HCL_1_51 \
-# dbm/DBM_1_5 \
-# $(NULL)
-
-REQUIRES = security dbm seccmd
-
-DEFINES = -DNSPR20 -DREPLACER
-
-REGRESSION_SPEC = ssl.reg
-
-RESULTS_SUBDIR = security/ssl
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg b/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg
deleted file mode 100755
index cc273f126..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssl.reg
+++ /dev/null
@@ -1,49194 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-
-mut=SSL
-mutversion=1.0
-htmlout=NOW
-reporterSpec=NOW
-program=sslt
-failonly=1
-globalArgs=-p netscape -n SSLServer
-
-[Test-1]
-
-testId=32
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2]
-
-testId=16384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3]
-
-testId=8192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4]
-
-testId=24608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5]
-
-testId=4096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6]
-
-testId=20512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7]
-
-testId=12336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8]
-
-testId=28672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-9]
-
-testId=2096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-10]
-
-testId=18464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-11]
-
-testId=10288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-12]
-
-testId=26672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-13]
-
-testId=6192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-14]
-
-testId=22576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-15]
-
-testId=14352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-16]
-
-testId=30752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-17]
-
-testId=1072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-18]
-
-testId=17456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-19]
-
-testId=9232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-20]
-
-testId=25616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-21]
-
-testId=5136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-22]
-
-testId=21520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-23]
-
-testId=13360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-24]
-
-testId=29696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-25]
-
-testId=3088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-26]
-
-testId=19456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-27]
-
-testId=11296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-28]
-
-testId=27696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-29]
-
-testId=7200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-30]
-
-testId=23552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-31]
-
-testId=15360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-32]
-
-testId=31792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-33]
-
-testId=512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-34]
-
-testId=16912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-35]
-
-testId=8752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-36]
-
-testId=25136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-37]
-
-testId=4608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-38]
-
-testId=21040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-39]
-
-testId=12832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-40]
-
-testId=29184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-41]
-
-testId=2592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-42]
-
-testId=18960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-43]
-
-testId=10768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-44]
-
-testId=27168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-45]
-
-testId=6672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-46]
-
-testId=23040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-47]
-
-testId=14864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-48]
-
-testId=31264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-49]
-
-testId=1584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-50]
-
-testId=17920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-51]
-
-testId=9728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-52]
-
-testId=26144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-53]
-
-testId=5632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-54]
-
-testId=22064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-55]
-
-testId=13872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-56]
-
-testId=30208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-57]
-
-testId=3632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-58]
-
-testId=19984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-59]
-
-testId=11776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-60]
-
-testId=28192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-61]
-
-testId=7728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-62]
-
-testId=24096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-63]
-
-testId=15872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-64]
-
-testId=32256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-65]
-
-testId=304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-66]
-
-testId=16656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-67]
-
-testId=8448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-68]
-
-testId=24848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-69]
-
-testId=4384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-70]
-
-testId=20784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-71]
-
-testId=12592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-72]
-
-testId=28976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-73]
-
-testId=2320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-74]
-
-testId=18720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-75]
-
-testId=10512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-76]
-
-testId=26896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-77]
-
-testId=6400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-78]
-
-testId=22800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-79]
-
-testId=14624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-80]
-
-testId=30976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-81]
-
-testId=1312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-82]
-
-testId=17680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-83]
-
-testId=9520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-84]
-
-testId=25888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-85]
-
-testId=5408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-86]
-
-testId=21760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-87]
-
-testId=13616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-88]
-
-testId=29984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-89]
-
-testId=3328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-90]
-
-testId=19744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-91]
-
-testId=11568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-92]
-
-testId=27952
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-93]
-
-testId=7440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-94]
-
-testId=23808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-95]
-
-testId=15664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-96]
-
-testId=32032
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-97]
-
-testId=768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-98]
-
-testId=17184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-99]
-
-testId=8992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-100]
-
-testId=25360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-101]
-
-testId=4880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-102]
-
-testId=21296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-103]
-
-testId=13104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-104]
-
-testId=29472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-105]
-
-testId=2848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-106]
-
-testId=19232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-107]
-
-testId=11040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-108]
-
-testId=27440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-109]
-
-testId=6928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-110]
-
-testId=23296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-111]
-
-testId=15136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-112]
-
-testId=31520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-113]
-
-testId=1792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-114]
-
-testId=18192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-115]
-
-testId=10000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-116]
-
-testId=26384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-117]
-
-testId=5936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-118]
-
-testId=22304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-119]
-
-testId=14080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-120]
-
-testId=30480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-121]
-
-testId=3856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-122]
-
-testId=20240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-123]
-
-testId=12048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-124]
-
-testId=28432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-125]
-
-testId=7968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-126]
-
-testId=24368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-127]
-
-testId=16176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-128]
-
-testId=32544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-129]
-
-testId=160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-130]
-
-testId=16528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-131]
-
-testId=8368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-132]
-
-testId=24704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-133]
-
-testId=4256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-134]
-
-testId=20624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-135]
-
-testId=12464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-136]
-
-testId=28848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-137]
-
-testId=2176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-138]
-
-testId=18592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-139]
-
-testId=10416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-140]
-
-testId=26752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-141]
-
-testId=6272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-142]
-
-testId=22704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-143]
-
-testId=14512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-144]
-
-testId=30848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-145]
-
-testId=1152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-146]
-
-testId=17584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-147]
-
-testId=9376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-148]
-
-testId=25744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-149]
-
-testId=5296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-150]
-
-testId=21632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-151]
-
-testId=13472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-152]
-
-testId=29872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-153]
-
-testId=3248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-154]
-
-testId=19616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-155]
-
-testId=11408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-156]
-
-testId=27792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-157]
-
-testId=7296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-158]
-
-testId=23696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-159]
-
-testId=15536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-160]
-
-testId=31888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-161]
-
-testId=640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-162]
-
-testId=17056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-163]
-
-testId=8832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-164]
-
-testId=25248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-165]
-
-testId=4784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-166]
-
-testId=21152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-167]
-
-testId=12976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-168]
-
-testId=29360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-169]
-
-testId=2704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-170]
-
-testId=19088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-171]
-
-testId=10896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-172]
-
-testId=27280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-173]
-
-testId=6832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-174]
-
-testId=23184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-175]
-
-testId=14976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-176]
-
-testId=31392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-177]
-
-testId=1696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-178]
-
-testId=18080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-179]
-
-testId=9856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-180]
-
-testId=26240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-181]
-
-testId=5776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-182]
-
-testId=22144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-183]
-
-testId=13984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-184]
-
-testId=30368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-185]
-
-testId=3712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-186]
-
-testId=20128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-187]
-
-testId=11920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-188]
-
-testId=28304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-189]
-
-testId=7840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-190]
-
-testId=24208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-191]
-
-testId=16000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-192]
-
-testId=32384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-193]
-
-testId=416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-194]
-
-testId=16816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-195]
-
-testId=8592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-196]
-
-testId=24960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-197]
-
-testId=4496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-198]
-
-testId=20864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-199]
-
-testId=12672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-200]
-
-testId=29088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-201]
-
-testId=2432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-202]
-
-testId=18864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-203]
-
-testId=10640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-204]
-
-testId=27024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-205]
-
-testId=6560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-206]
-
-testId=22944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-207]
-
-testId=14752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-208]
-
-testId=31152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-209]
-
-testId=1456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-210]
-
-testId=17840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-211]
-
-testId=9632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-212]
-
-testId=26032
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-213]
-
-testId=5520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-214]
-
-testId=21920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-215]
-
-testId=13712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-216]
-
-testId=30128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-217]
-
-testId=3488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-218]
-
-testId=19856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-219]
-
-testId=11664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-220]
-
-testId=28080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-221]
-
-testId=7600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-222]
-
-testId=23936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-223]
-
-testId=15776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-224]
-
-testId=32128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-225]
-
-testId=928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-226]
-
-testId=17328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-227]
-
-testId=9088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-228]
-
-testId=25488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-229]
-
-testId=5040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-230]
-
-testId=21424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-231]
-
-testId=13200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-232]
-
-testId=29584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-233]
-
-testId=2976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-234]
-
-testId=19376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-235]
-
-testId=11136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-236]
-
-testId=27552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-237]
-
-testId=7040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-238]
-
-testId=23456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-239]
-
-testId=15232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-240]
-
-testId=31664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-241]
-
-testId=1968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-242]
-
-testId=18336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-243]
-
-testId=10160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-244]
-
-testId=26496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-245]
-
-testId=6064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-246]
-
-testId=22432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-247]
-
-testId=14240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-248]
-
-testId=30640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-249]
-
-testId=3968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-250]
-
-testId=20368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-251]
-
-testId=12160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-252]
-
-testId=28592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-253]
-
-testId=8080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-254]
-
-testId=24480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-255]
-
-testId=16288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-256]
-
-testId=32672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-257]
-
-testId=112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-258]
-
-testId=16464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-259]
-
-testId=8272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-260]
-
-testId=24688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-261]
-
-testId=4208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-262]
-
-testId=20544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-263]
-
-testId=12400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-264]
-
-testId=28784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-265]
-
-testId=2160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-266]
-
-testId=18544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-267]
-
-testId=10352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-268]
-
-testId=26688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-269]
-
-testId=6240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-270]
-
-testId=22640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-271]
-
-testId=14400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-272]
-
-testId=30832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-273]
-
-testId=1136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-274]
-
-testId=17504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-275]
-
-testId=9296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-276]
-
-testId=25680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-277]
-
-testId=5232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-278]
-
-testId=21600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-279]
-
-testId=13376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-280]
-
-testId=29792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-281]
-
-testId=3152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-282]
-
-testId=19552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-283]
-
-testId=11328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-284]
-
-testId=27760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-285]
-
-testId=7248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-286]
-
-testId=23632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-287]
-
-testId=15424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-288]
-
-testId=31808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-289]
-
-testId=576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-290]
-
-testId=16976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-291]
-
-testId=8784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-292]
-
-testId=25168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-293]
-
-testId=4704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-294]
-
-testId=21104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-295]
-
-testId=12880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-296]
-
-testId=29248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-297]
-
-testId=2624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-298]
-
-testId=19008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-299]
-
-testId=10816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-300]
-
-testId=27216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-301]
-
-testId=6752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-302]
-
-testId=23152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-303]
-
-testId=14944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-304]
-
-testId=31328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-305]
-
-testId=1616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-306]
-
-testId=18000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-307]
-
-testId=9840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-308]
-
-testId=26176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-309]
-
-testId=5728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-310]
-
-testId=22128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-311]
-
-testId=13904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-312]
-
-testId=30320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-313]
-
-testId=3696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-314]
-
-testId=20048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-315]
-
-testId=11856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-316]
-
-testId=28240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-317]
-
-testId=7760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-318]
-
-testId=24176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-319]
-
-testId=15968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-320]
-
-testId=32320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-321]
-
-testId=352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-322]
-
-testId=16720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-323]
-
-testId=8560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-324]
-
-testId=24912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-325]
-
-testId=4448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-326]
-
-testId=20832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-327]
-
-testId=12624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-328]
-
-testId=28992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-329]
-
-testId=2384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-330]
-
-testId=18784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-331]
-
-testId=10592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-332]
-
-testId=26976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-333]
-
-testId=6496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-334]
-
-testId=22896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-335]
-
-testId=14656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-336]
-
-testId=31040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-337]
-
-testId=1344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-338]
-
-testId=17776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-339]
-
-testId=9552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-340]
-
-testId=25968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-341]
-
-testId=5456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-342]
-
-testId=21872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-343]
-
-testId=13680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-344]
-
-testId=30064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-345]
-
-testId=3424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-346]
-
-testId=19776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-347]
-
-testId=11616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-348]
-
-testId=27968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-349]
-
-testId=7536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-350]
-
-testId=23872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-351]
-
-testId=15680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-352]
-
-testId=32096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-353]
-
-testId=832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-354]
-
-testId=17232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-355]
-
-testId=9024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-356]
-
-testId=25408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-357]
-
-testId=4928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-358]
-
-testId=21328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-359]
-
-testId=13120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-360]
-
-testId=29536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-361]
-
-testId=2896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-362]
-
-testId=19312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-363]
-
-testId=11072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-364]
-
-testId=27472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-365]
-
-testId=6992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-366]
-
-testId=23360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-367]
-
-testId=15216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-368]
-
-testId=31600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-369]
-
-testId=1904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-370]
-
-testId=18272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-371]
-
-testId=10096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-372]
-
-testId=26464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-373]
-
-testId=5968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-374]
-
-testId=22352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-375]
-
-testId=14192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-376]
-
-testId=30544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-377]
-
-testId=3936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-378]
-
-testId=20336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-379]
-
-testId=12128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-380]
-
-testId=28496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-381]
-
-testId=8048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-382]
-
-testId=24400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-383]
-
-testId=16192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-384]
-
-testId=32608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-385]
-
-testId=240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-386]
-
-testId=16576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-387]
-
-testId=8400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-388]
-
-testId=24816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-389]
-
-testId=4336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-390]
-
-testId=20720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-391]
-
-testId=12512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-392]
-
-testId=28912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-393]
-
-testId=2272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-394]
-
-testId=18656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-395]
-
-testId=10464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-396]
-
-testId=26848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-397]
-
-testId=6336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-398]
-
-testId=22768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-399]
-
-testId=14544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-400]
-
-testId=30960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-401]
-
-testId=1248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-402]
-
-testId=17616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-403]
-
-testId=9408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-404]
-
-testId=25792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-405]
-
-testId=5360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-406]
-
-testId=21712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-407]
-
-testId=13520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-408]
-
-testId=29904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-409]
-
-testId=3264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-410]
-
-testId=19664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-411]
-
-testId=11456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-412]
-
-testId=27872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-413]
-
-testId=7408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-414]
-
-testId=23760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-415]
-
-testId=15600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-416]
-
-testId=31984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-417]
-
-testId=752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-418]
-
-testId=17088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-419]
-
-testId=8928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-420]
-
-testId=25296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-421]
-
-testId=4848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-422]
-
-testId=21216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-423]
-
-testId=13024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-424]
-
-testId=29376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-425]
-
-testId=2800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-426]
-
-testId=19136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-427]
-
-testId=10992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-428]
-
-testId=27328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-429]
-
-testId=6848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-430]
-
-testId=23232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-431]
-
-testId=15056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-432]
-
-testId=31440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-433]
-
-testId=1744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-434]
-
-testId=18128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-435]
-
-testId=9920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-436]
-
-testId=26352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-437]
-
-testId=5824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-438]
-
-testId=22208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-439]
-
-testId=14016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-440]
-
-testId=30400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-441]
-
-testId=3808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-442]
-
-testId=20176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-443]
-
-testId=12016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-444]
-
-testId=28384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-445]
-
-testId=7888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-446]
-
-testId=24288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-447]
-
-testId=16096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-448]
-
-testId=32480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-449]
-
-testId=480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-450]
-
-testId=16848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-451]
-
-testId=8672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-452]
-
-testId=25072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-453]
-
-testId=4544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-454]
-
-testId=20928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-455]
-
-testId=12784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-456]
-
-testId=29168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-457]
-
-testId=2496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-458]
-
-testId=18912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-459]
-
-testId=10736
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-460]
-
-testId=27072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-461]
-
-testId=6608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-462]
-
-testId=23024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-463]
-
-testId=14784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-464]
-
-testId=31168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-465]
-
-testId=1472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-466]
-
-testId=17904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-467]
-
-testId=9696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-468]
-
-testId=26096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-469]
-
-testId=5616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-470]
-
-testId=22000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-471]
-
-testId=13760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-472]
-
-testId=30176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-473]
-
-testId=3520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-474]
-
-testId=19936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-475]
-
-testId=11744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-476]
-
-testId=28096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-477]
-
-testId=7632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-478]
-
-testId=24048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-479]
-
-testId=15856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-480]
-
-testId=32224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-481]
-
-testId=1008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-482]
-
-testId=17392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-483]
-
-testId=9152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-484]
-
-testId=25568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-485]
-
-testId=5104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-486]
-
-testId=21440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-487]
-
-testId=13296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-488]
-
-testId=29648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-489]
-
-testId=3008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-490]
-
-testId=19440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-491]
-
-testId=11200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-492]
-
-testId=27600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-493]
-
-testId=7136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-494]
-
-testId=23536
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-495]
-
-testId=15296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-496]
-
-testId=31680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-497]
-
-testId=2000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-498]
-
-testId=18384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-499]
-
-testId=10208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-500]
-
-testId=26592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-501]
-
-testId=6080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-502]
-
-testId=22496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-503]
-
-testId=14320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-504]
-
-testId=30704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-505]
-
-testId=4048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-506]
-
-testId=20432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-507]
-
-testId=12224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-508]
-
-testId=28640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-509]
-
-testId=8160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-510]
-
-testId=24512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-511]
-
-testId=16352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-512]
-
-testId=32752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-513]
-
-testId=40
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-514]
-
-testId=16424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-515]
-
-testId=8200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-516]
-
-testId=24600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-517]
-
-testId=4120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-518]
-
-testId=20520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-519]
-
-testId=12312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-520]
-
-testId=28680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-521]
-
-testId=2056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-522]
-
-testId=18488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-523]
-
-testId=10264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-524]
-
-testId=26632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-525]
-
-testId=6152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-526]
-
-testId=22552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-527]
-
-testId=14344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-528]
-
-testId=30760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-529]
-
-testId=1048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-530]
-
-testId=17416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-531]
-
-testId=9256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-532]
-
-testId=25640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-533]
-
-testId=5176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-534]
-
-testId=21560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-535]
-
-testId=13368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-536]
-
-testId=29752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-537]
-
-testId=3080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-538]
-
-testId=19512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-539]
-
-testId=11320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-540]
-
-testId=27656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-541]
-
-testId=7208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-542]
-
-testId=23560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-543]
-
-testId=15384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-544]
-
-testId=31768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-545]
-
-testId=568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-546]
-
-testId=16920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-547]
-
-testId=8712
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-548]
-
-testId=25144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-549]
-
-testId=4616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-550]
-
-testId=21016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-551]
-
-testId=12840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-552]
-
-testId=29208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-553]
-
-testId=2568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-554]
-
-testId=19000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-555]
-
-testId=10808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-556]
-
-testId=27160
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-557]
-
-testId=6664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-558]
-
-testId=23048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-559]
-
-testId=14904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-560]
-
-testId=31272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-561]
-
-testId=1576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-562]
-
-testId=17976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-563]
-
-testId=9736
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-564]
-
-testId=26152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-565]
-
-testId=5688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-566]
-
-testId=22024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-567]
-
-testId=13880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-568]
-
-testId=30248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-569]
-
-testId=3640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-570]
-
-testId=19992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-571]
-
-testId=11832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-572]
-
-testId=28216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-573]
-
-testId=7704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-574]
-
-testId=24072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-575]
-
-testId=15880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-576]
-
-testId=32264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-577]
-
-testId=264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-578]
-
-testId=16696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-579]
-
-testId=8456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-580]
-
-testId=24840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-581]
-
-testId=4408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-582]
-
-testId=20792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-583]
-
-testId=12600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-584]
-
-testId=28984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-585]
-
-testId=2312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-586]
-
-testId=18696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-587]
-
-testId=10504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-588]
-
-testId=26920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-589]
-
-testId=6424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-590]
-
-testId=22808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-591]
-
-testId=14632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-592]
-
-testId=31000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-593]
-
-testId=1336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-594]
-
-testId=17720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-595]
-
-testId=9480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-596]
-
-testId=25896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-597]
-
-testId=5400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-598]
-
-testId=21768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-599]
-
-testId=13624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-600]
-
-testId=29976
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-601]
-
-testId=3384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-602]
-
-testId=19752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-603]
-
-testId=11544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-604]
-
-testId=27912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-605]
-
-testId=7480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-606]
-
-testId=23832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-607]
-
-testId=15672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-608]
-
-testId=32040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-609]
-
-testId=824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-610]
-
-testId=17208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-611]
-
-testId=8968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-612]
-
-testId=25400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-613]
-
-testId=4872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-614]
-
-testId=21272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-615]
-
-testId=13112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-616]
-
-testId=29464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-617]
-
-testId=2840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-618]
-
-testId=19208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-619]
-
-testId=11064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-620]
-
-testId=27432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-621]
-
-testId=6920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-622]
-
-testId=23352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-623]
-
-testId=15112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-624]
-
-testId=31512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-625]
-
-testId=1832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-626]
-
-testId=18232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-627]
-
-testId=10008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-628]
-
-testId=26376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-629]
-
-testId=5912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-630]
-
-testId=22312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-631]
-
-testId=14088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-632]
-
-testId=30520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-633]
-
-testId=3848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-634]
-
-testId=20264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-635]
-
-testId=12072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-636]
-
-testId=28440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-637]
-
-testId=7992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-638]
-
-testId=24344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-639]
-
-testId=16168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-640]
-
-testId=32520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-641]
-
-testId=152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-642]
-
-testId=16552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-643]
-
-testId=8360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-644]
-
-testId=24744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-645]
-
-testId=4280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-646]
-
-testId=20664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-647]
-
-testId=12424
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-648]
-
-testId=28840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-649]
-
-testId=2184
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-650]
-
-testId=18568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-651]
-
-testId=10392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-652]
-
-testId=26792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-653]
-
-testId=6328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-654]
-
-testId=22696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-655]
-
-testId=14488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-656]
-
-testId=30856
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-657]
-
-testId=1208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-658]
-
-testId=17560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-659]
-
-testId=9368
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-660]
-
-testId=25752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-661]
-
-testId=5272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-662]
-
-testId=21672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-663]
-
-testId=13464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-664]
-
-testId=29880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-665]
-
-testId=3240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-666]
-
-testId=19608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-667]
-
-testId=11448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-668]
-
-testId=27816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-669]
-
-testId=7320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-670]
-
-testId=23704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-671]
-
-testId=15544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-672]
-
-testId=31880
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-673]
-
-testId=664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-674]
-
-testId=17048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-675]
-
-testId=8888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-676]
-
-testId=25272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-677]
-
-testId=4792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-678]
-
-testId=21176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-679]
-
-testId=12952
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-680]
-
-testId=29336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-681]
-
-testId=2728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-682]
-
-testId=19096
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-683]
-
-testId=10936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-684]
-
-testId=27272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-685]
-
-testId=6840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-686]
-
-testId=23192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-687]
-
-testId=15016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-688]
-
-testId=31416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-689]
-
-testId=1672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-690]
-
-testId=18056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-691]
-
-testId=9912
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-692]
-
-testId=26264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-693]
-
-testId=5816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-694]
-
-testId=22168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-695]
-
-testId=14008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-696]
-
-testId=30392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-697]
-
-testId=3736
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-698]
-
-testId=20104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-699]
-
-testId=11928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-700]
-
-testId=28296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-701]
-
-testId=7816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-702]
-
-testId=24232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-703]
-
-testId=16040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-704]
-
-testId=32440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-705]
-
-testId=408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-706]
-
-testId=16824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-707]
-
-testId=8600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-708]
-
-testId=25000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-709]
-
-testId=4504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-710]
-
-testId=20920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-711]
-
-testId=12680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-712]
-
-testId=29080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-713]
-
-testId=2440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-714]
-
-testId=18824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-715]
-
-testId=10664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-716]
-
-testId=27048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-717]
-
-testId=6584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-718]
-
-testId=22936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-719]
-
-testId=14760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-720]
-
-testId=31128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-721]
-
-testId=1432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-722]
-
-testId=17800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-723]
-
-testId=9656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-724]
-
-testId=26040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-725]
-
-testId=5512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-726]
-
-testId=21896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-727]
-
-testId=13752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-728]
-
-testId=30104
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-729]
-
-testId=3464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-730]
-
-testId=19896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-731]
-
-testId=11672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-732]
-
-testId=28088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-733]
-
-testId=7592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-734]
-
-testId=23992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-735]
-
-testId=15800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-736]
-
-testId=32168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-737]
-
-testId=904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-738]
-
-testId=17288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-739]
-
-testId=9144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-740]
-
-testId=25512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-741]
-
-testId=5016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-742]
-
-testId=21384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-743]
-
-testId=13192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-744]
-
-testId=29624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-745]
-
-testId=3000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-746]
-
-testId=19352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-747]
-
-testId=11144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-748]
-
-testId=27576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-749]
-
-testId=7080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-750]
-
-testId=23480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-751]
-
-testId=15288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-752]
-
-testId=31624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-753]
-
-testId=1928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-754]
-
-testId=18360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-755]
-
-testId=10168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-756]
-
-testId=26504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-757]
-
-testId=6040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-758]
-
-testId=22440
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-759]
-
-testId=14248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-760]
-
-testId=30616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-761]
-
-testId=3992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-762]
-
-testId=20408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-763]
-
-testId=12216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-764]
-
-testId=28584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-765]
-
-testId=8088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-766]
-
-testId=24504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-767]
-
-testId=16296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-768]
-
-testId=32664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-769]
-
-testId=120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-770]
-
-testId=16504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-771]
-
-testId=8312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-772]
-
-testId=24664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-773]
-
-testId=4168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-774]
-
-testId=20600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-775]
-
-testId=12392
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-776]
-
-testId=28760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-777]
-
-testId=2136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-778]
-
-testId=18520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-779]
-
-testId=10312
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-780]
-
-testId=26744
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-781]
-
-testId=6264
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-782]
-
-testId=22600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-783]
-
-testId=14456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-784]
-
-testId=30840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-785]
-
-testId=1128
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-786]
-
-testId=17496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-787]
-
-testId=9336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-788]
-
-testId=25672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-789]
-
-testId=5240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-790]
-
-testId=21608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-791]
-
-testId=13416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-792]
-
-testId=29800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-793]
-
-testId=3144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-794]
-
-testId=19528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-795]
-
-testId=11336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-796]
-
-testId=27752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-797]
-
-testId=7240
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-798]
-
-testId=23672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-799]
-
-testId=15448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-800]
-
-testId=31848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-801]
-
-testId=616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-802]
-
-testId=16968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-803]
-
-testId=8776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-804]
-
-testId=25208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-805]
-
-testId=4680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-806]
-
-testId=21112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-807]
-
-testId=12872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-808]
-
-testId=29288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-809]
-
-testId=2648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-810]
-
-testId=19032
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-811]
-
-testId=10840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-812]
-
-testId=27224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-813]
-
-testId=6776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-814]
-
-testId=23112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-815]
-
-testId=14968
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-816]
-
-testId=31320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-817]
-
-testId=1608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-818]
-
-testId=17992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-819]
-
-testId=9832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-820]
-
-testId=26200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-821]
-
-testId=5752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-822]
-
-testId=22136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-823]
-
-testId=13896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-824]
-
-testId=30296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-825]
-
-testId=3672
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-826]
-
-testId=20072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-827]
-
-testId=11864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-828]
-
-testId=28280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-829]
-
-testId=7768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-830]
-
-testId=24168
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-831]
-
-testId=15992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-832]
-
-testId=32328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-833]
-
-testId=344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-834]
-
-testId=16760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-835]
-
-testId=8568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-836]
-
-testId=24904
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-837]
-
-testId=4472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-838]
-
-testId=20808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-839]
-
-testId=12664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-840]
-
-testId=29016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-841]
-
-testId=2408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-842]
-
-testId=18776
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-843]
-
-testId=10616
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-844]
-
-testId=26984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-845]
-
-testId=6504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-846]
-
-testId=22872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-847]
-
-testId=14696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-848]
-
-testId=31064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-849]
-
-testId=1400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-850]
-
-testId=17752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-851]
-
-testId=9576
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-852]
-
-testId=25928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-853]
-
-testId=5480
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-854]
-
-testId=21848
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-855]
-
-testId=13688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-856]
-
-testId=30040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-857]
-
-testId=3448
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-858]
-
-testId=19816
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-859]
-
-testId=11608
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-860]
-
-testId=28024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-861]
-
-testId=7512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-862]
-
-testId=23928
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-863]
-
-testId=15720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-864]
-
-testId=32120
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-865]
-
-testId=888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-866]
-
-testId=17256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-867]
-
-testId=9064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-868]
-
-testId=25432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-869]
-
-testId=4936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-870]
-
-testId=21352
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-871]
-
-testId=13144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-872]
-
-testId=29528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-873]
-
-testId=2920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-874]
-
-testId=19272
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-875]
-
-testId=11080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-876]
-
-testId=27512
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-877]
-
-testId=7016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-878]
-
-testId=23416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-879]
-
-testId=15176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-880]
-
-testId=31560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-881]
-
-testId=1864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-882]
-
-testId=18248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-883]
-
-testId=10056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-884]
-
-testId=26472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-885]
-
-testId=6008
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-886]
-
-testId=22360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-887]
-
-testId=14200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-888]
-
-testId=30584
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-889]
-
-testId=3944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-890]
-
-testId=20328
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-891]
-
-testId=12152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-892]
-
-testId=28520
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-893]
-
-testId=8024
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-894]
-
-testId=24408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-895]
-
-testId=16232
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-896]
-
-testId=32600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-897]
-
-testId=216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-898]
-
-testId=16600
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-899]
-
-testId=8408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-900]
-
-testId=24824
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-901]
-
-testId=4344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-902]
-
-testId=20696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-903]
-
-testId=12504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-904]
-
-testId=28872
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-905]
-
-testId=2296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-906]
-
-testId=18648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-907]
-
-testId=10472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-908]
-
-testId=26840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-909]
-
-testId=6376
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-910]
-
-testId=22728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-911]
-
-testId=14568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-912]
-
-testId=30936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-913]
-
-testId=1256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-914]
-
-testId=17656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-915]
-
-testId=9432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-916]
-
-testId=25800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-917]
-
-testId=5336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-918]
-
-testId=21720
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-919]
-
-testId=13528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-920]
-
-testId=29896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-921]
-
-testId=3304
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-922]
-
-testId=19656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-923]
-
-testId=11464
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-924]
-
-testId=27864
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-925]
-
-testId=7384
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-926]
-
-testId=23800
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-927]
-
-testId=15592
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-928]
-
-testId=31944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-929]
-
-testId=728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-930]
-
-testId=17144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-931]
-
-testId=8920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-932]
-
-testId=25336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-933]
-
-testId=4840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-934]
-
-testId=21208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-935]
-
-testId=13000
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-936]
-
-testId=29416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-937]
-
-testId=2792
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-938]
-
-testId=19192
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-939]
-
-testId=10952
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-940]
-
-testId=27336
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-941]
-
-testId=6888
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-942]
-
-testId=23288
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-943]
-
-testId=15080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-944]
-
-testId=31432
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-945]
-
-testId=1784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-946]
-
-testId=18136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-947]
-
-testId=9944
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-948]
-
-testId=26360
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-949]
-
-testId=5832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-950]
-
-testId=22216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-951]
-
-testId=14056
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-952]
-
-testId=30456
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-953]
-
-testId=3784
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-954]
-
-testId=20216
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-955]
-
-testId=11992
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-956]
-
-testId=28408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-957]
-
-testId=7896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-958]
-
-testId=24280
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-959]
-
-testId=16088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-960]
-
-testId=32504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-961]
-
-testId=504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-962]
-
-testId=16840
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-963]
-
-testId=8664
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-964]
-
-testId=25048
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-965]
-
-testId=4552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-966]
-
-testId=20936
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-967]
-
-testId=12760
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-968]
-
-testId=29144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-969]
-
-testId=2504
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-970]
-
-testId=18920
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-971]
-
-testId=10696
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-972]
-
-testId=27112
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-973]
-
-testId=6648
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-974]
-
-testId=23016
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-975]
-
-testId=14808
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-976]
-
-testId=31224
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-977]
-
-testId=1528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-978]
-
-testId=17896
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-979]
-
-testId=9704
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-980]
-
-testId=26072
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-981]
-
-testId=5624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-982]
-
-testId=21960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-983]
-
-testId=13768
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-984]
-
-testId=30152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-985]
-
-testId=3528
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-986]
-
-testId=19960
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-987]
-
-testId=11752
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-988]
-
-testId=28136
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-989]
-
-testId=7656
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-990]
-
-testId=24040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-991]
-
-testId=15832
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-992]
-
-testId=32248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-993]
-
-testId=984
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-994]
-
-testId=17400
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-995]
-
-testId=9176
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-996]
-
-testId=25560
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-997]
-
-testId=5080
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-998]
-
-testId=21496
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-999]
-
-testId=13256
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1000]
-
-testId=29640
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1001]
-
-testId=3064
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1002]
-
-testId=19416
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1003]
-
-testId=11208
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1004]
-
-testId=27624
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1005]
-
-testId=7144
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1006]
-
-testId=23544
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1007]
-
-testId=15320
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1008]
-
-testId=31688
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1009]
-
-testId=2040
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1010]
-
-testId=18408
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1011]
-
-testId=10200
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1012]
-
-testId=26568
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1013]
-
-testId=6088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1014]
-
-testId=22488
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1015]
-
-testId=14296
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1016]
-
-testId=30680
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1017]
-
-testId=4088
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1018]
-
-testId=20472
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1019]
-
-testId=12248
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1020]
-
-testId=28632
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1021]
-
-testId=8152
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1022]
-
-testId=24552
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1023]
-
-testId=16344
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1024]
-
-testId=32728
-testname=ClientCert_none ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1025]
-
-testId=20
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1026]
-
-testId=16388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1027]
-
-testId=8244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1028]
-
-testId=24612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1029]
-
-testId=4116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1030]
-
-testId=20484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1031]
-
-testId=12324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1032]
-
-testId=28708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1033]
-
-testId=2084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1034]
-
-testId=18484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1035]
-
-testId=10292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1036]
-
-testId=26628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1037]
-
-testId=6164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1038]
-
-testId=22548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1039]
-
-testId=14372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1040]
-
-testId=30740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1041]
-
-testId=1076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1042]
-
-testId=17412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1043]
-
-testId=9220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1044]
-
-testId=25604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1045]
-
-testId=5172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1046]
-
-testId=21524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1047]
-
-testId=13332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1048]
-
-testId=29716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1049]
-
-testId=3108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1050]
-
-testId=19492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1051]
-
-testId=11316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1052]
-
-testId=27684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1053]
-
-testId=7220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1054]
-
-testId=23556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1055]
-
-testId=15412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1056]
-
-testId=31780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1057]
-
-testId=548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1058]
-
-testId=16916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1059]
-
-testId=8740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1060]
-
-testId=25108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1061]
-
-testId=4644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1062]
-
-testId=20996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1063]
-
-testId=12820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1064]
-
-testId=29236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1065]
-
-testId=2596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1066]
-
-testId=18964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1067]
-
-testId=10804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1068]
-
-testId=27156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1069]
-
-testId=6660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1070]
-
-testId=23076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1071]
-
-testId=14884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1072]
-
-testId=31236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1073]
-
-testId=1556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1074]
-
-testId=17924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1075]
-
-testId=9780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1076]
-
-testId=26132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1077]
-
-testId=5636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1078]
-
-testId=22036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1079]
-
-testId=13876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1080]
-
-testId=30244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1081]
-
-testId=3636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1082]
-
-testId=19988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1083]
-
-testId=11780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1084]
-
-testId=28196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1085]
-
-testId=7732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1086]
-
-testId=24100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1087]
-
-testId=15924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1088]
-
-testId=32276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1089]
-
-testId=292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1090]
-
-testId=16676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1091]
-
-testId=8484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1092]
-
-testId=24852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1093]
-
-testId=4356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1094]
-
-testId=20772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1095]
-
-testId=12564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1096]
-
-testId=28980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1097]
-
-testId=2308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1098]
-
-testId=18708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1099]
-
-testId=10516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1100]
-
-testId=26932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1101]
-
-testId=6404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1102]
-
-testId=22804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1103]
-
-testId=14628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1104]
-
-testId=30980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1105]
-
-testId=1284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1106]
-
-testId=17716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1107]
-
-testId=9524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1108]
-
-testId=25908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1109]
-
-testId=5412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1110]
-
-testId=21796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1111]
-
-testId=13604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1112]
-
-testId=29956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1113]
-
-testId=3380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1114]
-
-testId=19732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1115]
-
-testId=11540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1116]
-
-testId=27908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1117]
-
-testId=7476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1118]
-
-testId=23812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1119]
-
-testId=15668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1120]
-
-testId=32036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1121]
-
-testId=772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1122]
-
-testId=17172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1123]
-
-testId=9012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1124]
-
-testId=25348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1125]
-
-testId=4884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1126]
-
-testId=21300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1127]
-
-testId=13108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1128]
-
-testId=29460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1129]
-
-testId=2868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1130]
-
-testId=19252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1131]
-
-testId=11028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1132]
-
-testId=27396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1133]
-
-testId=6932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1134]
-
-testId=23300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1135]
-
-testId=15124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1136]
-
-testId=31540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1137]
-
-testId=1812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1138]
-
-testId=18228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1139]
-
-testId=10020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1140]
-
-testId=26372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1141]
-
-testId=5924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1142]
-
-testId=22292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1143]
-
-testId=14100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1144]
-
-testId=30484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1145]
-
-testId=3844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1146]
-
-testId=20228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1147]
-
-testId=12036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1148]
-
-testId=28420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1149]
-
-testId=7988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1150]
-
-testId=24372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1151]
-
-testId=16148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1152]
-
-testId=32564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1153]
-
-testId=164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1154]
-
-testId=16516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1155]
-
-testId=8372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1156]
-
-testId=24740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1157]
-
-testId=4244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1158]
-
-testId=20644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1159]
-
-testId=12452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1160]
-
-testId=28804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1161]
-
-testId=2228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1162]
-
-testId=18564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1163]
-
-testId=10388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1164]
-
-testId=26756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1165]
-
-testId=6292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1166]
-
-testId=22692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1167]
-
-testId=14500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1168]
-
-testId=30852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1169]
-
-testId=1204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1170]
-
-testId=17540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1171]
-
-testId=9396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1172]
-
-testId=25780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1173]
-
-testId=5268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1174]
-
-testId=21684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1175]
-
-testId=13492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1176]
-
-testId=29844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1177]
-
-testId=3204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1178]
-
-testId=19604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1179]
-
-testId=11428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1180]
-
-testId=27812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1181]
-
-testId=7348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1182]
-
-testId=23684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1183]
-
-testId=15508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1184]
-
-testId=31908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1185]
-
-testId=692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1186]
-
-testId=17076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1187]
-
-testId=8868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1188]
-
-testId=25268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1189]
-
-testId=4772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1190]
-
-testId=21140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1191]
-
-testId=12964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1192]
-
-testId=29348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1193]
-
-testId=2708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1194]
-
-testId=19092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1195]
-
-testId=10900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1196]
-
-testId=27300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1197]
-
-testId=6788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1198]
-
-testId=23172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1199]
-
-testId=15012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1200]
-
-testId=31380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1201]
-
-testId=1668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1202]
-
-testId=18084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1203]
-
-testId=9860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1204]
-
-testId=26276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1205]
-
-testId=5780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1206]
-
-testId=22180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1207]
-
-testId=13988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1208]
-
-testId=30388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1209]
-
-testId=3764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1210]
-
-testId=20100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1211]
-
-testId=11956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1212]
-
-testId=28292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1213]
-
-testId=7860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1214]
-
-testId=24228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1215]
-
-testId=16052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1216]
-
-testId=32404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1217]
-
-testId=404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1218]
-
-testId=16772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1219]
-
-testId=8580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1220]
-
-testId=24964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1221]
-
-testId=4516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1222]
-
-testId=20900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1223]
-
-testId=12676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1224]
-
-testId=29092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1225]
-
-testId=2436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1226]
-
-testId=18836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1227]
-
-testId=10628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1228]
-
-testId=27012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1229]
-
-testId=6532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1230]
-
-testId=22932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1231]
-
-testId=14740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1232]
-
-testId=31108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1233]
-
-testId=1428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1234]
-
-testId=17844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1235]
-
-testId=9636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1236]
-
-testId=26004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1237]
-
-testId=5540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1238]
-
-testId=21892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1239]
-
-testId=13700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1240]
-
-testId=30132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1241]
-
-testId=3460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1242]
-
-testId=19876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1243]
-
-testId=11700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1244]
-
-testId=28036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1245]
-
-testId=7588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1246]
-
-testId=23988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1247]
-
-testId=15764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1248]
-
-testId=32164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1249]
-
-testId=900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1250]
-
-testId=17300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1251]
-
-testId=9092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1252]
-
-testId=25524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1253]
-
-testId=5028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1254]
-
-testId=21412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1255]
-
-testId=13220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1256]
-
-testId=29604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1257]
-
-testId=2948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1258]
-
-testId=19380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1259]
-
-testId=11156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1260]
-
-testId=27540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1261]
-
-testId=7092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1262]
-
-testId=23444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1263]
-
-testId=15284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1264]
-
-testId=31668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1265]
-
-testId=1940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1266]
-
-testId=18308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1267]
-
-testId=10164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1268]
-
-testId=26532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1269]
-
-testId=6052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1270]
-
-testId=22452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1271]
-
-testId=14260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1272]
-
-testId=30628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1273]
-
-testId=4020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1274]
-
-testId=20404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1275]
-
-testId=12164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1276]
-
-testId=28548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1277]
-
-testId=8068
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1278]
-
-testId=24468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1279]
-
-testId=16260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1280]
-
-testId=32644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1281]
-
-testId=68
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1282]
-
-testId=16484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1283]
-
-testId=8292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1284]
-
-testId=24644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1285]
-
-testId=4180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1286]
-
-testId=20580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1287]
-
-testId=12372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1288]
-
-testId=28756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1289]
-
-testId=2132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1290]
-
-testId=18516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1291]
-
-testId=10324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1292]
-
-testId=26740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1293]
-
-testId=6260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1294]
-
-testId=22644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1295]
-
-testId=14436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1296]
-
-testId=30820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1297]
-
-testId=1124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1298]
-
-testId=17492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1299]
-
-testId=9300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1300]
-
-testId=25668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1301]
-
-testId=5204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1302]
-
-testId=21572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1303]
-
-testId=13428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1304]
-
-testId=29812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1305]
-
-testId=3172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1306]
-
-testId=19540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1307]
-
-testId=11332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1308]
-
-testId=27716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1309]
-
-testId=7236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1310]
-
-testId=23636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1311]
-
-testId=15476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1312]
-
-testId=31828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1313]
-
-testId=580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1314]
-
-testId=16980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1315]
-
-testId=8820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1316]
-
-testId=25204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1317]
-
-testId=4724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1318]
-
-testId=21076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1319]
-
-testId=12916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1320]
-
-testId=29268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1321]
-
-testId=2676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1322]
-
-testId=19028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1323]
-
-testId=10852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1324]
-
-testId=27204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1325]
-
-testId=6724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1326]
-
-testId=23108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1327]
-
-testId=14932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1328]
-
-testId=31332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1329]
-
-testId=1636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1330]
-
-testId=17988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1331]
-
-testId=9812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1332]
-
-testId=26180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1333]
-
-testId=5700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1334]
-
-testId=22116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1335]
-
-testId=13940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1336]
-
-testId=30308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1337]
-
-testId=3668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1338]
-
-testId=20052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1339]
-
-testId=11844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1340]
-
-testId=28260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1341]
-
-testId=7796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1342]
-
-testId=24180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1343]
-
-testId=15972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1344]
-
-testId=32340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1345]
-
-testId=356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1346]
-
-testId=16740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1347]
-
-testId=8564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1348]
-
-testId=24916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1349]
-
-testId=4452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1350]
-
-testId=20852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1351]
-
-testId=12628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1352]
-
-testId=29012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1353]
-
-testId=2388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1354]
-
-testId=18788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1355]
-
-testId=10596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1356]
-
-testId=26980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1357]
-
-testId=6516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1358]
-
-testId=22852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1359]
-
-testId=14692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1360]
-
-testId=31076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1361]
-
-testId=1348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1362]
-
-testId=17732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1363]
-
-testId=9540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1364]
-
-testId=25924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1365]
-
-testId=5444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1366]
-
-testId=21860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1367]
-
-testId=13636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1368]
-
-testId=30052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1369]
-
-testId=3412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1370]
-
-testId=19812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1371]
-
-testId=11620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1372]
-
-testId=28020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1373]
-
-testId=7492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1374]
-
-testId=23924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1375]
-
-testId=15700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1376]
-
-testId=32100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1377]
-
-testId=852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1378]
-
-testId=17252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1379]
-
-testId=9076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1380]
-
-testId=25460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1381]
-
-testId=4932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1382]
-
-testId=21364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1383]
-
-testId=13156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1384]
-
-testId=29508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1385]
-
-testId=2932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1386]
-
-testId=19300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1387]
-
-testId=11124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1388]
-
-testId=27476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1389]
-
-testId=7028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1390]
-
-testId=23412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1391]
-
-testId=15172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1392]
-
-testId=31556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1393]
-
-testId=1876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1394]
-
-testId=18244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1395]
-
-testId=10100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1396]
-
-testId=26468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1397]
-
-testId=6004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1398]
-
-testId=22388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1399]
-
-testId=14196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1400]
-
-testId=30548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1401]
-
-testId=3924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1402]
-
-testId=20340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1403]
-
-testId=12100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1404]
-
-testId=28516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1405]
-
-testId=8052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1406]
-
-testId=24436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1407]
-
-testId=16212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1408]
-
-testId=32612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1409]
-
-testId=244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1410]
-
-testId=16612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1411]
-
-testId=8420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1412]
-
-testId=24820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1413]
-
-testId=4308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1414]
-
-testId=20708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1415]
-
-testId=12500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1416]
-
-testId=28900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1417]
-
-testId=2244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1418]
-
-testId=18644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1419]
-
-testId=10436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1420]
-
-testId=26868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1421]
-
-testId=6372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1422]
-
-testId=22724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1423]
-
-testId=14548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1424]
-
-testId=30932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1425]
-
-testId=1268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1426]
-
-testId=17636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1427]
-
-testId=9412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1428]
-
-testId=25844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1429]
-
-testId=5364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1430]
-
-testId=21700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1431]
-
-testId=13508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1432]
-
-testId=29892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1433]
-
-testId=3268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1434]
-
-testId=19700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1435]
-
-testId=11492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1436]
-
-testId=27892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1437]
-
-testId=7396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1438]
-
-testId=23748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1439]
-
-testId=15556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1440]
-
-testId=31940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1441]
-
-testId=740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1442]
-
-testId=17092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1443]
-
-testId=8948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1444]
-
-testId=25332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1445]
-
-testId=4836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1446]
-
-testId=21220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1447]
-
-testId=13012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1448]
-
-testId=29412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1449]
-
-testId=2756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1450]
-
-testId=19172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1451]
-
-testId=10964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1452]
-
-testId=27348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1453]
-
-testId=6900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1454]
-
-testId=23284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1455]
-
-testId=15076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1456]
-
-testId=31428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1457]
-
-testId=1764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1458]
-
-testId=18164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1459]
-
-testId=9924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1460]
-
-testId=26340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1461]
-
-testId=5844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1462]
-
-testId=22260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1463]
-
-testId=14020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1464]
-
-testId=30420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1465]
-
-testId=3780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1466]
-
-testId=20212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1467]
-
-testId=12020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1468]
-
-testId=28388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1469]
-
-testId=7908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1470]
-
-testId=24276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1471]
-
-testId=16084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1472]
-
-testId=32452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1473]
-
-testId=452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1474]
-
-testId=16836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1475]
-
-testId=8660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1476]
-
-testId=25044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1477]
-
-testId=4596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1478]
-
-testId=20932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1479]
-
-testId=12756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1480]
-
-testId=29124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1481]
-
-testId=2500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1482]
-
-testId=18884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1483]
-
-testId=10724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1484]
-
-testId=27108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1485]
-
-testId=6612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1486]
-
-testId=22996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1487]
-
-testId=14820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1488]
-
-testId=31172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1489]
-
-testId=1476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1490]
-
-testId=17860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1491]
-
-testId=9684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1492]
-
-testId=26084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1493]
-
-testId=5620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1494]
-
-testId=21956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1495]
-
-testId=13796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1496]
-
-testId=30196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1497]
-
-testId=3524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1498]
-
-testId=19956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1499]
-
-testId=11748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1500]
-
-testId=28116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1501]
-
-testId=7668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1502]
-
-testId=24052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1503]
-
-testId=15828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1504]
-
-testId=32212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1505]
-
-testId=964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1506]
-
-testId=17396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1507]
-
-testId=9172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1508]
-
-testId=25588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1509]
-
-testId=5060
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1510]
-
-testId=21460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1511]
-
-testId=13252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1512]
-
-testId=29668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1513]
-
-testId=3044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1514]
-
-testId=19412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1515]
-
-testId=11204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1516]
-
-testId=27588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1517]
-
-testId=7124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1518]
-
-testId=23492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1519]
-
-testId=15332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1520]
-
-testId=31716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1521]
-
-testId=1988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1522]
-
-testId=18388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1523]
-
-testId=10180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1524]
-
-testId=26612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1525]
-
-testId=6084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1526]
-
-testId=22468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1527]
-
-testId=14276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1528]
-
-testId=30692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1529]
-
-testId=4052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1530]
-
-testId=20452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1531]
-
-testId=12244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1532]
-
-testId=28612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1533]
-
-testId=8180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1534]
-
-testId=24548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1535]
-
-testId=16356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1536]
-
-testId=32740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1537]
-
-testId=60
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1538]
-
-testId=16396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1539]
-
-testId=8252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1540]
-
-testId=24604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1541]
-
-testId=4124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1542]
-
-testId=20508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1543]
-
-testId=12316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1544]
-
-testId=28716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1545]
-
-testId=2108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1546]
-
-testId=18444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1547]
-
-testId=10284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1548]
-
-testId=26684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1549]
-
-testId=6188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1550]
-
-testId=22556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1551]
-
-testId=14348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1552]
-
-testId=30764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1553]
-
-testId=1036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1554]
-
-testId=17436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1555]
-
-testId=9244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1556]
-
-testId=25612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1557]
-
-testId=5164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1558]
-
-testId=21516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1559]
-
-testId=13356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1560]
-
-testId=29708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1561]
-
-testId=3116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1562]
-
-testId=19484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1563]
-
-testId=11308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1564]
-
-testId=27660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1565]
-
-testId=7196
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1566]
-
-testId=23580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1567]
-
-testId=15404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1568]
-
-testId=31756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1569]
-
-testId=572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1570]
-
-testId=16956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1571]
-
-testId=8748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1572]
-
-testId=25132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1573]
-
-testId=4652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1574]
-
-testId=21036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1575]
-
-testId=12844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1576]
-
-testId=29244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1577]
-
-testId=2604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1578]
-
-testId=19004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1579]
-
-testId=10812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1580]
-
-testId=27164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1581]
-
-testId=6716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1582]
-
-testId=23100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1583]
-
-testId=14892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1584]
-
-testId=31244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1585]
-
-testId=1596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1586]
-
-testId=17948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1587]
-
-testId=9788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1588]
-
-testId=26124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1589]
-
-testId=5660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1590]
-
-testId=22044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1591]
-
-testId=13852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1592]
-
-testId=30236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1593]
-
-testId=3612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1594]
-
-testId=19996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1595]
-
-testId=11820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1596]
-
-testId=28172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1597]
-
-testId=7708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1598]
-
-testId=24092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1599]
-
-testId=15900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1600]
-
-testId=32268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1601]
-
-testId=268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1602]
-
-testId=16684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1603]
-
-testId=8508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1604]
-
-testId=24844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1605]
-
-testId=4412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1606]
-
-testId=20780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1607]
-
-testId=12604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1608]
-
-testId=28972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1609]
-
-testId=2332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1610]
-
-testId=18716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1611]
-
-testId=10508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1612]
-
-testId=26924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1613]
-
-testId=6428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1614]
-
-testId=22828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1615]
-
-testId=14652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1616]
-
-testId=31036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1617]
-
-testId=1340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1618]
-
-testId=17676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1619]
-
-testId=9532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1620]
-
-testId=25868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1621]
-
-testId=5420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1622]
-
-testId=21788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1623]
-
-testId=13612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1624]
-
-testId=29996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1625]
-
-testId=3372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1626]
-
-testId=19724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1627]
-
-testId=11564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1628]
-
-testId=27916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1629]
-
-testId=7452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1630]
-
-testId=23868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1631]
-
-testId=15660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1632]
-
-testId=32044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1633]
-
-testId=828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1634]
-
-testId=17212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1635]
-
-testId=8972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1636]
-
-testId=25372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1637]
-
-testId=4908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1638]
-
-testId=21292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1639]
-
-testId=13116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1640]
-
-testId=29452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1641]
-
-testId=2860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1642]
-
-testId=19212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1643]
-
-testId=11036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1644]
-
-testId=27452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1645]
-
-testId=6924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1646]
-
-testId=23340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1647]
-
-testId=15148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1648]
-
-testId=31516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1649]
-
-testId=1820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1650]
-
-testId=18204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1651]
-
-testId=10012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1652]
-
-testId=26428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1653]
-
-testId=5916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1654]
-
-testId=22300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1655]
-
-testId=14124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1656]
-
-testId=30476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1657]
-
-testId=3852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1658]
-
-testId=20236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1659]
-
-testId=12092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1660]
-
-testId=28460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1661]
-
-testId=7948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1662]
-
-testId=24332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1663]
-
-testId=16172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1664]
-
-testId=32572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1665]
-
-testId=156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1666]
-
-testId=16572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1667]
-
-testId=8364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1668]
-
-testId=24764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1669]
-
-testId=4284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1670]
-
-testId=20620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1671]
-
-testId=12460
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1672]
-
-testId=28860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1673]
-
-testId=2236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1674]
-
-testId=18604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1675]
-
-testId=10428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1676]
-
-testId=26780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1677]
-
-testId=6300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1678]
-
-testId=22668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1679]
-
-testId=14508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1680]
-
-testId=30876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1681]
-
-testId=1164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1682]
-
-testId=17564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1683]
-
-testId=9356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1684]
-
-testId=25740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1685]
-
-testId=5308
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1686]
-
-testId=21644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1687]
-
-testId=13484
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1688]
-
-testId=29868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1689]
-
-testId=3260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1690]
-
-testId=19628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1691]
-
-testId=11404
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1692]
-
-testId=27820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1693]
-
-testId=7356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1694]
-
-testId=23692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1695]
-
-testId=15548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1696]
-
-testId=31932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1697]
-
-testId=684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1698]
-
-testId=17036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1699]
-
-testId=8892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1700]
-
-testId=25276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1701]
-
-testId=4748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1702]
-
-testId=21164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1703]
-
-testId=12956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1704]
-
-testId=29340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1705]
-
-testId=2716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1706]
-
-testId=19116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1707]
-
-testId=10892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1708]
-
-testId=27324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1709]
-
-testId=6844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1710]
-
-testId=23228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1711]
-
-testId=15036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1712]
-
-testId=31388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1713]
-
-testId=1692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1714]
-
-testId=18076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1715]
-
-testId=9868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1716]
-
-testId=26268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1717]
-
-testId=5772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1718]
-
-testId=22188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1719]
-
-testId=14012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1720]
-
-testId=30396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1721]
-
-testId=3740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1722]
-
-testId=20156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1723]
-
-testId=11964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1724]
-
-testId=28332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1725]
-
-testId=7836
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1726]
-
-testId=24204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1727]
-
-testId=16012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1728]
-
-testId=32412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1729]
-
-testId=396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1730]
-
-testId=16812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1731]
-
-testId=8620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1732]
-
-testId=25004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1733]
-
-testId=4540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1734]
-
-testId=20924
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1735]
-
-testId=12700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1736]
-
-testId=29116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1737]
-
-testId=2444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1738]
-
-testId=18828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1739]
-
-testId=10684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1740]
-
-testId=27020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1741]
-
-testId=6540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1742]
-
-testId=22972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1743]
-
-testId=14780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1744]
-
-testId=31164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1745]
-
-testId=1468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1746]
-
-testId=17804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1747]
-
-testId=9628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1748]
-
-testId=25996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1749]
-
-testId=5548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1750]
-
-testId=21932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1751]
-
-testId=13724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1752]
-
-testId=30092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1753]
-
-testId=3500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1754]
-
-testId=19900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1755]
-
-testId=11692
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1756]
-
-testId=28044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1757]
-
-testId=7596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1758]
-
-testId=23980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1759]
-
-testId=15788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1760]
-
-testId=32188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1761]
-
-testId=908
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1762]
-
-testId=17340
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1763]
-
-testId=9148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1764]
-
-testId=25500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1765]
-
-testId=5004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1766]
-
-testId=21420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1767]
-
-testId=13244
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1768]
-
-testId=29580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1769]
-
-testId=2988
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1770]
-
-testId=19388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1771]
-
-testId=11180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1772]
-
-testId=27548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1773]
-
-testId=7100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1774]
-
-testId=23452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1775]
-
-testId=15276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1776]
-
-testId=31628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1777]
-
-testId=1964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1778]
-
-testId=18316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1779]
-
-testId=10156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1780]
-
-testId=26508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1781]
-
-testId=6076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1782]
-
-testId=22412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1783]
-
-testId=14236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1784]
-
-testId=30620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1785]
-
-testId=3980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1786]
-
-testId=20412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1787]
-
-testId=12188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1788]
-
-testId=28556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1789]
-
-testId=8124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1790]
-
-testId=24508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1791]
-
-testId=16284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1792]
-
-testId=32684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1793]
-
-testId=124
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1794]
-
-testId=16508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1795]
-
-testId=8268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1796]
-
-testId=24652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1797]
-
-testId=4172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1798]
-
-testId=20556
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1799]
-
-testId=12412
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1800]
-
-testId=28748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1801]
-
-testId=2172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1802]
-
-testId=18540
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1803]
-
-testId=10332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1804]
-
-testId=26716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1805]
-
-testId=6252
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1806]
-
-testId=22620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1807]
-
-testId=14428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1808]
-
-testId=30828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1809]
-
-testId=1116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1810]
-
-testId=17516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1811]
-
-testId=9324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1812]
-
-testId=25708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1813]
-
-testId=5228
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1814]
-
-testId=21596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1815]
-
-testId=13436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1816]
-
-testId=29772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1817]
-
-testId=3148
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1818]
-
-testId=19580
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1819]
-
-testId=11372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1820]
-
-testId=27740
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1821]
-
-testId=7292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1822]
-
-testId=23660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1823]
-
-testId=15452
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1824]
-
-testId=31820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1825]
-
-testId=604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1826]
-
-testId=17020
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1827]
-
-testId=8780
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1828]
-
-testId=25212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1829]
-
-testId=4700
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1830]
-
-testId=21116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1831]
-
-testId=12892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1832]
-
-testId=29276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1833]
-
-testId=2652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1834]
-
-testId=19052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1835]
-
-testId=10828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1836]
-
-testId=27260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1837]
-
-testId=6764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1838]
-
-testId=23132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1839]
-
-testId=14972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1840]
-
-testId=31356
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1841]
-
-testId=1612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1842]
-
-testId=18012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1843]
-
-testId=9820
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1844]
-
-testId=26204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1845]
-
-testId=5708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1846]
-
-testId=22140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1847]
-
-testId=13916
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1848]
-
-testId=30300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1849]
-
-testId=3676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1850]
-
-testId=20092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1851]
-
-testId=11900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1852]
-
-testId=28284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1853]
-
-testId=7756
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1854]
-
-testId=24188
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1855]
-
-testId=15980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1856]
-
-testId=32364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1857]
-
-testId=364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1858]
-
-testId=16764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1859]
-
-testId=8524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1860]
-
-testId=24940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1861]
-
-testId=4444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1862]
-
-testId=20812
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1863]
-
-testId=12636
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1864]
-
-testId=29052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1865]
-
-testId=2428
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1866]
-
-testId=18764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1867]
-
-testId=10620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1868]
-
-testId=27004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1869]
-
-testId=6476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1870]
-
-testId=22876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1871]
-
-testId=14684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1872]
-
-testId=31100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1873]
-
-testId=1388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1874]
-
-testId=17788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1875]
-
-testId=9548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1876]
-
-testId=25980
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1877]
-
-testId=5468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1878]
-
-testId=21852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1879]
-
-testId=13660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1880]
-
-testId=30028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1881]
-
-testId=3436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1882]
-
-testId=19804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1883]
-
-testId=11596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1884]
-
-testId=27996
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1885]
-
-testId=7516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1886]
-
-testId=23932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1887]
-
-testId=15708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1888]
-
-testId=32108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1889]
-
-testId=844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1890]
-
-testId=17260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1891]
-
-testId=9036
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1892]
-
-testId=25468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1893]
-
-testId=4956
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1894]
-
-testId=21324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1895]
-
-testId=13132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1896]
-
-testId=29516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1897]
-
-testId=2940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1898]
-
-testId=19276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1899]
-
-testId=11084
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1900]
-
-testId=27468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1901]
-
-testId=7004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1902]
-
-testId=23388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1903]
-
-testId=15180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1904]
-
-testId=31612
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1905]
-
-testId=1868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1906]
-
-testId=18268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1907]
-
-testId=10060
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1908]
-
-testId=26476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1909]
-
-testId=5964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1910]
-
-testId=22380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1911]
-
-testId=14204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1912]
-
-testId=30572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1913]
-
-testId=3932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1914]
-
-testId=20348
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1915]
-
-testId=12140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1916]
-
-testId=28492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1917]
-
-testId=8028
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1918]
-
-testId=24444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1919]
-
-testId=16204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1920]
-
-testId=32620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1921]
-
-testId=220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1922]
-
-testId=16620
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1923]
-
-testId=8396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1924]
-
-testId=24828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1925]
-
-testId=4316
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1926]
-
-testId=20732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1927]
-
-testId=12492
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1928]
-
-testId=28892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1929]
-
-testId=2284
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1930]
-
-testId=18684
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1931]
-
-testId=10444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1932]
-
-testId=26876
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1933]
-
-testId=6380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1934]
-
-testId=22732
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1935]
-
-testId=14572
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1936]
-
-testId=30940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1937]
-
-testId=1276
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1938]
-
-testId=17660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1939]
-
-testId=9420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1940]
-
-testId=25852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1941]
-
-testId=5372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1942]
-
-testId=21708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1943]
-
-testId=13532
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1944]
-
-testId=29932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1945]
-
-testId=3292
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1946]
-
-testId=19660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1947]
-
-testId=11468
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1948]
-
-testId=27868
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1949]
-
-testId=7420
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1950]
-
-testId=23788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1951]
-
-testId=15596
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1952]
-
-testId=31964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1953]
-
-testId=748
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1954]
-
-testId=17116
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1955]
-
-testId=8940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1956]
-
-testId=25324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1957]
-
-testId=4828
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1958]
-
-testId=21212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1959]
-
-testId=13004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1960]
-
-testId=29388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1961]
-
-testId=2796
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1962]
-
-testId=19180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1963]
-
-testId=10972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1964]
-
-testId=27372
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1965]
-
-testId=6860
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1966]
-
-testId=23260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1967]
-
-testId=15052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1968]
-
-testId=31436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1969]
-
-testId=1788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1970]
-
-testId=18140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1971]
-
-testId=9932
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1972]
-
-testId=26364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1973]
-
-testId=5884
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1974]
-
-testId=22268
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1975]
-
-testId=14076
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1976]
-
-testId=30444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1977]
-
-testId=3788
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1978]
-
-testId=20220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1979]
-
-testId=12012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1980]
-
-testId=28380
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1981]
-
-testId=7900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1982]
-
-testId=24300
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1983]
-
-testId=16108
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1984]
-
-testId=32476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1985]
-
-testId=476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1986]
-
-testId=16844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1987]
-
-testId=8668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1988]
-
-testId=25068
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1989]
-
-testId=4604
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1990]
-
-testId=20940
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1991]
-
-testId=12764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1992]
-
-testId=29132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1993]
-
-testId=2508
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1994]
-
-testId=18892
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1995]
-
-testId=10716
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1996]
-
-testId=27100
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1997]
-
-testId=6652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1998]
-
-testId=23004
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-1999]
-
-testId=14844
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2000]
-
-testId=31180
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2001]
-
-testId=1516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2002]
-
-testId=17900
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2003]
-
-testId=9708
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2004]
-
-testId=26092
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2005]
-
-testId=5628
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2006]
-
-testId=21964
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2007]
-
-testId=13804
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2008]
-
-testId=30204
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2009]
-
-testId=3564
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2010]
-
-testId=19948
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2011]
-
-testId=11772
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2012]
-
-testId=28156
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2013]
-
-testId=7660
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2014]
-
-testId=24012
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2015]
-
-testId=15852
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2016]
-
-testId=32220
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2017]
-
-testId=972
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2018]
-
-testId=17388
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2019]
-
-testId=9164
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2020]
-
-testId=25548
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2021]
-
-testId=5068
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2022]
-
-testId=21500
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2023]
-
-testId=13260
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2024]
-
-testId=29676
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2025]
-
-testId=3052
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2026]
-
-testId=19436
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2027]
-
-testId=11212
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2028]
-
-testId=27644
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2029]
-
-testId=7132
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2030]
-
-testId=23516
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2031]
-
-testId=15324
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2032]
-
-testId=31724
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2033]
-
-testId=2044
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2034]
-
-testId=18396
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2035]
-
-testId=10236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2036]
-
-testId=26588
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2037]
-
-testId=6140
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2038]
-
-testId=22476
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2039]
-
-testId=14332
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2040]
-
-testId=30668
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2041]
-
-testId=4060
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2042]
-
-testId=20444
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2043]
-
-testId=12236
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2044]
-
-testId=28652
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2045]
-
-testId=8172
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2046]
-
-testId=24524
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2047]
-
-testId=16364
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2048]
-
-testId=32764
-testname=ClientCert_none ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2049]
-
-testId=2
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2050]
-
-testId=16402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2051]
-
-testId=8242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2052]
-
-testId=24594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2053]
-
-testId=4098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2054]
-
-testId=20482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2055]
-
-testId=12322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2056]
-
-testId=28722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2057]
-
-testId=2066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2058]
-
-testId=18466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2059]
-
-testId=10258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2060]
-
-testId=26674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2061]
-
-testId=6194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2062]
-
-testId=22578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2063]
-
-testId=14386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2064]
-
-testId=30738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2065]
-
-testId=1058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2066]
-
-testId=17458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2067]
-
-testId=9218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2068]
-
-testId=25634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2069]
-
-testId=5122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2070]
-
-testId=21506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2071]
-
-testId=13314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2072]
-
-testId=29730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2073]
-
-testId=3122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2074]
-
-testId=19458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2075]
-
-testId=11266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2076]
-
-testId=27650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2077]
-
-testId=7218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2078]
-
-testId=23554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2079]
-
-testId=15378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2080]
-
-testId=31762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2081]
-
-testId=562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2082]
-
-testId=16930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2083]
-
-testId=8754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2084]
-
-testId=25106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2085]
-
-testId=4658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2086]
-
-testId=20994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2087]
-
-testId=12802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2088]
-
-testId=29186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2089]
-
-testId=2562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2090]
-
-testId=18994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2091]
-
-testId=10786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2092]
-
-testId=27186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2093]
-
-testId=6706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2094]
-
-testId=23042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2095]
-
-testId=14850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2096]
-
-testId=31250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2097]
-
-testId=1538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2098]
-
-testId=17954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2099]
-
-testId=9778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2100]
-
-testId=26114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2101]
-
-testId=5650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2102]
-
-testId=22034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2103]
-
-testId=13842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2104]
-
-testId=30242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2105]
-
-testId=3618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2106]
-
-testId=20002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2107]
-
-testId=11826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2108]
-
-testId=28178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2109]
-
-testId=7682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2110]
-
-testId=24114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2111]
-
-testId=15906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2112]
-
-testId=32306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2113]
-
-testId=306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2114]
-
-testId=16674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2115]
-
-testId=8450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2116]
-
-testId=24866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2117]
-
-testId=4402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2118]
-
-testId=20738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2119]
-
-testId=12546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2120]
-
-testId=28962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2121]
-
-testId=2338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2122]
-
-testId=18706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2123]
-
-testId=10514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2124]
-
-testId=26930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2125]
-
-testId=6434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2126]
-
-testId=22818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2127]
-
-testId=14610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2128]
-
-testId=30994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2129]
-
-testId=1314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2130]
-
-testId=17682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2131]
-
-testId=9490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2132]
-
-testId=25890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2133]
-
-testId=5410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2134]
-
-testId=21762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2135]
-
-testId=13570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2136]
-
-testId=29986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2137]
-
-testId=3346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2138]
-
-testId=19762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2139]
-
-testId=11554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2140]
-
-testId=27906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2141]
-
-testId=7426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2142]
-
-testId=23842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2143]
-
-testId=15650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2144]
-
-testId=32018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2145]
-
-testId=818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2146]
-
-testId=17186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2147]
-
-testId=8962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2148]
-
-testId=25378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2149]
-
-testId=4914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2150]
-
-testId=21298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2151]
-
-testId=13058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2152]
-
-testId=29458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2153]
-
-testId=2834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2154]
-
-testId=19202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2155]
-
-testId=11058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2156]
-
-testId=27394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2157]
-
-testId=6946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2158]
-
-testId=23346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2159]
-
-testId=15154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2160]
-
-testId=31522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2161]
-
-testId=1826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2162]
-
-testId=18210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2163]
-
-testId=10018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2164]
-
-testId=26402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2165]
-
-testId=5906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2166]
-
-testId=22290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2167]
-
-testId=14098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2168]
-
-testId=30482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2169]
-
-testId=3858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2170]
-
-testId=20226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2171]
-
-testId=12082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2172]
-
-testId=28434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2173]
-
-testId=7954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2174]
-
-testId=24338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2175]
-
-testId=16146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2176]
-
-testId=32514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2177]
-
-testId=162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2178]
-
-testId=16546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2179]
-
-testId=8322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2180]
-
-testId=24738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2181]
-
-testId=4226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2182]
-
-testId=20626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2183]
-
-testId=12434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2184]
-
-testId=28834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2185]
-
-testId=2210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2186]
-
-testId=18562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2187]
-
-testId=10418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2188]
-
-testId=26770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2189]
-
-testId=6274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2190]
-
-testId=22674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2191]
-
-testId=14482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2192]
-
-testId=30882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2193]
-
-testId=1202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2194]
-
-testId=17586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2195]
-
-testId=9346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2196]
-
-testId=25746
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2197]
-
-testId=5266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2198]
-
-testId=21682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2199]
-
-testId=13474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2200]
-
-testId=29874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2201]
-
-testId=3202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2202]
-
-testId=19618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2203]
-
-testId=11426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2204]
-
-testId=27794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2205]
-
-testId=7346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2206]
-
-testId=23714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2207]
-
-testId=15490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2208]
-
-testId=31922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2209]
-
-testId=674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2210]
-
-testId=17074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2211]
-
-testId=8882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2212]
-
-testId=25234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2213]
-
-testId=4738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2214]
-
-testId=21138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2215]
-
-testId=12946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2216]
-
-testId=29346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2217]
-
-testId=2690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2218]
-
-testId=19106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2219]
-
-testId=10914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2220]
-
-testId=27298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2221]
-
-testId=6834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2222]
-
-testId=23218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2223]
-
-testId=14978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2224]
-
-testId=31394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2225]
-
-testId=1682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2226]
-
-testId=18066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2227]
-
-testId=9858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2228]
-
-testId=26242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2229]
-
-testId=5778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2230]
-
-testId=22178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2231]
-
-testId=13986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2232]
-
-testId=30338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2233]
-
-testId=3762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2234]
-
-testId=20114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2235]
-
-testId=11954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2236]
-
-testId=28306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2237]
-
-testId=7810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2238]
-
-testId=24226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2239]
-
-testId=16002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2240]
-
-testId=32418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2241]
-
-testId=402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2242]
-
-testId=16802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2243]
-
-testId=8626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2244]
-
-testId=24962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2245]
-
-testId=4498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2246]
-
-testId=20866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2247]
-
-testId=12722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2248]
-
-testId=29106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2249]
-
-testId=2482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2250]
-
-testId=18866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2251]
-
-testId=10658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2252]
-
-testId=27026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2253]
-
-testId=6578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2254]
-
-testId=22946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2255]
-
-testId=14754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2256]
-
-testId=31138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2257]
-
-testId=1442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2258]
-
-testId=17794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2259]
-
-testId=9618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2260]
-
-testId=26034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2261]
-
-testId=5522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2262]
-
-testId=21938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2263]
-
-testId=13730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2264]
-
-testId=30098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2265]
-
-testId=3506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2266]
-
-testId=19874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2267]
-
-testId=11682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2268]
-
-testId=28034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2269]
-
-testId=7570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2270]
-
-testId=23954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2271]
-
-testId=15794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2272]
-
-testId=32146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2273]
-
-testId=898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2274]
-
-testId=17314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2275]
-
-testId=9122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2276]
-
-testId=25506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2277]
-
-testId=4994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2278]
-
-testId=21394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2279]
-
-testId=13202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2280]
-
-testId=29618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2281]
-
-testId=2994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2282]
-
-testId=19362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2283]
-
-testId=11138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2284]
-
-testId=27554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2285]
-
-testId=7090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2286]
-
-testId=23426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2287]
-
-testId=15234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2288]
-
-testId=31618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2289]
-
-testId=1938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2290]
-
-testId=18338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2291]
-
-testId=10114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2292]
-
-testId=26530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2293]
-
-testId=6018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2294]
-
-testId=22402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2295]
-
-testId=14242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2296]
-
-testId=30626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2297]
-
-testId=4018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2298]
-
-testId=20354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2299]
-
-testId=12178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2300]
-
-testId=28578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2301]
-
-testId=8098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2302]
-
-testId=24498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2303]
-
-testId=16290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2304]
-
-testId=32690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2305]
-
-testId=114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2306]
-
-testId=16482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2307]
-
-testId=8290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2308]
-
-testId=24690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2309]
-
-testId=4162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2310]
-
-testId=20562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2311]
-
-testId=12354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2312]
-
-testId=28786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2313]
-
-testId=2146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2314]
-
-testId=18546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2315]
-
-testId=10322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2316]
-
-testId=26706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2317]
-
-testId=6242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2318]
-
-testId=22594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2319]
-
-testId=14434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2320]
-
-testId=30786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2321]
-
-testId=1090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2322]
-
-testId=17490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2323]
-
-testId=9282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2324]
-
-testId=25714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2325]
-
-testId=5186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2326]
-
-testId=21570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2327]
-
-testId=13378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2328]
-
-testId=29810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2329]
-
-testId=3170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2330]
-
-testId=19570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2331]
-
-testId=11362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2332]
-
-testId=27762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2333]
-
-testId=7266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2334]
-
-testId=23650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2335]
-
-testId=15426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2336]
-
-testId=31810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2337]
-
-testId=578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2338]
-
-testId=16978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2339]
-
-testId=8818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2340]
-
-testId=25154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2341]
-
-testId=4690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2342]
-
-testId=21074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2343]
-
-testId=12866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2344]
-
-testId=29298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2345]
-
-testId=2626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2346]
-
-testId=19010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2347]
-
-testId=10834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2348]
-
-testId=27234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2349]
-
-testId=6722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2350]
-
-testId=23106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2351]
-
-testId=14962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2352]
-
-testId=31346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2353]
-
-testId=1602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2354]
-
-testId=18034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2355]
-
-testId=9842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2356]
-
-testId=26194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2357]
-
-testId=5730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2358]
-
-testId=22130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2359]
-
-testId=13938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2360]
-
-testId=30274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2361]
-
-testId=3682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2362]
-
-testId=20034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2363]
-
-testId=11890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2364]
-
-testId=28274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2365]
-
-testId=7794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2366]
-
-testId=24178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2367]
-
-testId=15938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2368]
-
-testId=32370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2369]
-
-testId=338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2370]
-
-testId=16738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2371]
-
-testId=8546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2372]
-
-testId=24946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2373]
-
-testId=4434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2374]
-
-testId=20818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2375]
-
-testId=12642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2376]
-
-testId=29010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2377]
-
-testId=2402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2378]
-
-testId=18802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2379]
-
-testId=10610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2380]
-
-testId=26994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2381]
-
-testId=6482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2382]
-
-testId=22898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2383]
-
-testId=14658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2384]
-
-testId=31058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2385]
-
-testId=1362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2386]
-
-testId=17730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2387]
-
-testId=9538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2388]
-
-testId=25954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2389]
-
-testId=5490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2390]
-
-testId=21858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2391]
-
-testId=13634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2392]
-
-testId=30066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2393]
-
-testId=3410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2394]
-
-testId=19778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2395]
-
-testId=11634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2396]
-
-testId=28018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2397]
-
-testId=7538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2398]
-
-testId=23906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2399]
-
-testId=15698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2400]
-
-testId=32114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2401]
-
-testId=850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2402]
-
-testId=17234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2403]
-
-testId=9074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2404]
-
-testId=25458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2405]
-
-testId=4978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2406]
-
-testId=21362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2407]
-
-testId=13170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2408]
-
-testId=29522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2409]
-
-testId=2882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2410]
-
-testId=19298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2411]
-
-testId=11122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2412]
-
-testId=27474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2413]
-
-testId=6994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2414]
-
-testId=23362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2415]
-
-testId=15202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2416]
-
-testId=31570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2417]
-
-testId=1890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2418]
-
-testId=18258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2419]
-
-testId=10050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2420]
-
-testId=26434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2421]
-
-testId=5986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2422]
-
-testId=22386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2423]
-
-testId=14194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2424]
-
-testId=30562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2425]
-
-testId=3922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2426]
-
-testId=20322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2427]
-
-testId=12114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2428]
-
-testId=28482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2429]
-
-testId=8018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2430]
-
-testId=24386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2431]
-
-testId=16210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2432]
-
-testId=32626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2433]
-
-testId=226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2434]
-
-testId=16594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2435]
-
-testId=8434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2436]
-
-testId=24770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2437]
-
-testId=4306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2438]
-
-testId=20674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2439]
-
-testId=12498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2440]
-
-testId=28898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2441]
-
-testId=2258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2442]
-
-testId=18674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2443]
-
-testId=10450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2444]
-
-testId=26834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2445]
-
-testId=6386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2446]
-
-testId=22770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2447]
-
-testId=14546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2448]
-
-testId=30914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2449]
-
-testId=1250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2450]
-
-testId=17602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2451]
-
-testId=9442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2452]
-
-testId=25826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2453]
-
-testId=5330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2454]
-
-testId=21714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2455]
-
-testId=13522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2456]
-
-testId=29938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2457]
-
-testId=3282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2458]
-
-testId=19698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2459]
-
-testId=11506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2460]
-
-testId=27890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2461]
-
-testId=7378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2462]
-
-testId=23762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2463]
-
-testId=15570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2464]
-
-testId=31954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2465]
-
-testId=706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2466]
-
-testId=17106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2467]
-
-testId=8946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2468]
-
-testId=25330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2469]
-
-testId=4834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2470]
-
-testId=21186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2471]
-
-testId=13042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2472]
-
-testId=29426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2473]
-
-testId=2770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2474]
-
-testId=19154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2475]
-
-testId=10994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2476]
-
-testId=27346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2477]
-
-testId=6882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2478]
-
-testId=23266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2479]
-
-testId=15042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2480]
-
-testId=31458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2481]
-
-testId=1730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2482]
-
-testId=18162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2483]
-
-testId=9938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2484]
-
-testId=26354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2485]
-
-testId=5826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2486]
-
-testId=22226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2487]
-
-testId=14066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2488]
-
-testId=30434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2489]
-
-testId=3794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2490]
-
-testId=20162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2491]
-
-testId=11970
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2492]
-
-testId=28354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2493]
-
-testId=7906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2494]
-
-testId=24306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2495]
-
-testId=16098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2496]
-
-testId=32498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2497]
-
-testId=450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2498]
-
-testId=16834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2499]
-
-testId=8642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2500]
-
-testId=25026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2501]
-
-testId=4546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2502]
-
-testId=20962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2503]
-
-testId=12754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2504]
-
-testId=29122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2505]
-
-testId=2498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2506]
-
-testId=18914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2507]
-
-testId=10738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2508]
-
-testId=27074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2509]
-
-testId=6626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2510]
-
-testId=22978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2511]
-
-testId=14802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2512]
-
-testId=31202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2513]
-
-testId=1522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2514]
-
-testId=17874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2515]
-
-testId=9682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2516]
-
-testId=26098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2517]
-
-testId=5570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2518]
-
-testId=21970
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2519]
-
-testId=13794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2520]
-
-testId=30162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2521]
-
-testId=3538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2522]
-
-testId=19906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2523]
-
-testId=11762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2524]
-
-testId=28130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2525]
-
-testId=7666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2526]
-
-testId=24050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2527]
-
-testId=15826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2528]
-
-testId=32226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2529]
-
-testId=1010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2530]
-
-testId=17362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2531]
-
-testId=9154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2532]
-
-testId=25554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2533]
-
-testId=5106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2534]
-
-testId=21490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2535]
-
-testId=13282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2536]
-
-testId=29666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2537]
-
-testId=3026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2538]
-
-testId=19426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2539]
-
-testId=11202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2540]
-
-testId=27634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2541]
-
-testId=7106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2542]
-
-testId=23538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2543]
-
-testId=15298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2544]
-
-testId=31714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2545]
-
-testId=2034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2546]
-
-testId=18402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2547]
-
-testId=10194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2548]
-
-testId=26578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2549]
-
-testId=6114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2550]
-
-testId=22482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2551]
-
-testId=14274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2552]
-
-testId=30690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2553]
-
-testId=4034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2554]
-
-testId=20434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2555]
-
-testId=12258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2556]
-
-testId=28626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2557]
-
-testId=8178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2558]
-
-testId=24530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2559]
-
-testId=16370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2560]
-
-testId=32738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2561]
-
-testId=42
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2562]
-
-testId=16426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2563]
-
-testId=8234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2564]
-
-testId=24602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2565]
-
-testId=4106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2566]
-
-testId=20506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2567]
-
-testId=12298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2568]
-
-testId=28714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2569]
-
-testId=2058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2570]
-
-testId=18442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2571]
-
-testId=10282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2572]
-
-testId=26666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2573]
-
-testId=6186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2574]
-
-testId=22570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2575]
-
-testId=14362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2576]
-
-testId=30746
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2577]
-
-testId=1050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2578]
-
-testId=17418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2579]
-
-testId=9274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2580]
-
-testId=25642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2581]
-
-testId=5146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2582]
-
-testId=21546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2583]
-
-testId=13370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2584]
-
-testId=29738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2585]
-
-testId=3098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2586]
-
-testId=19482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2587]
-
-testId=11306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2588]
-
-testId=27674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2589]
-
-testId=7226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2590]
-
-testId=23594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2591]
-
-testId=15402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2592]
-
-testId=31754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2593]
-
-testId=570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2594]
-
-testId=16906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2595]
-
-testId=8762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2596]
-
-testId=25130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2597]
-
-testId=4666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2598]
-
-testId=21002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2599]
-
-testId=12842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2600]
-
-testId=29226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2601]
-
-testId=2586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2602]
-
-testId=19002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2603]
-
-testId=10762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2604]
-
-testId=27178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2605]
-
-testId=6698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2606]
-
-testId=23082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2607]
-
-testId=14890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2608]
-
-testId=31258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2609]
-
-testId=1594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2610]
-
-testId=17946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2611]
-
-testId=9754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2612]
-
-testId=26170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2613]
-
-testId=5642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2614]
-
-testId=22058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2615]
-
-testId=13834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2616]
-
-testId=30250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2617]
-
-testId=3626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2618]
-
-testId=19994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2619]
-
-testId=11818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2620]
-
-testId=28186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2621]
-
-testId=7706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2622]
-
-testId=24122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2623]
-
-testId=15882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2624]
-
-testId=32266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2625]
-
-testId=282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2626]
-
-testId=16698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2627]
-
-testId=8490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2628]
-
-testId=24874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2629]
-
-testId=4362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2630]
-
-testId=20762
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2631]
-
-testId=12586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2632]
-
-testId=28954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2633]
-
-testId=2330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2634]
-
-testId=18714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2635]
-
-testId=10538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2636]
-
-testId=26938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2637]
-
-testId=6426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2638]
-
-testId=22810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2639]
-
-testId=14602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2640]
-
-testId=30986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2641]
-
-testId=1338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2642]
-
-testId=17690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2643]
-
-testId=9530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2644]
-
-testId=25882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2645]
-
-testId=5418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2646]
-
-testId=21786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2647]
-
-testId=13610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2648]
-
-testId=29994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2649]
-
-testId=3386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2650]
-
-testId=19770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2651]
-
-testId=11562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2652]
-
-testId=27930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2653]
-
-testId=7482
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2654]
-
-testId=23850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2655]
-
-testId=15642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2656]
-
-testId=32042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2657]
-
-testId=810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2658]
-
-testId=17178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2659]
-
-testId=9018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2660]
-
-testId=25386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2661]
-
-testId=4922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2662]
-
-testId=21274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2663]
-
-testId=13098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2664]
-
-testId=29498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2665]
-
-testId=2874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2666]
-
-testId=19258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2667]
-
-testId=11050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2668]
-
-testId=27450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2669]
-
-testId=6954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2670]
-
-testId=23354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2671]
-
-testId=15114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2672]
-
-testId=31546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2673]
-
-testId=1850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2674]
-
-testId=18186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2675]
-
-testId=10026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2676]
-
-testId=26410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2677]
-
-testId=5898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2678]
-
-testId=22330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2679]
-
-testId=14106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2680]
-
-testId=30490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2681]
-
-testId=3882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2682]
-
-testId=20282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2683]
-
-testId=12074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2684]
-
-testId=28458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2685]
-
-testId=7994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2686]
-
-testId=24362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2687]
-
-testId=16186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2688]
-
-testId=32538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2689]
-
-testId=170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2690]
-
-testId=16538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2691]
-
-testId=8346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2692]
-
-testId=24730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2693]
-
-testId=4234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2694]
-
-testId=20650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2695]
-
-testId=12474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2696]
-
-testId=28842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2697]
-
-testId=2218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2698]
-
-testId=18586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2699]
-
-testId=10410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2700]
-
-testId=26794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2701]
-
-testId=6282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2702]
-
-testId=22698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2703]
-
-testId=14490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2704]
-
-testId=30874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2705]
-
-testId=1178
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2706]
-
-testId=17562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2707]
-
-testId=9386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2708]
-
-testId=25770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2709]
-
-testId=5274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2710]
-
-testId=21690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2711]
-
-testId=13498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2712]
-
-testId=29850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2713]
-
-testId=3242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2714]
-
-testId=19626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2715]
-
-testId=11402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2716]
-
-testId=27786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2717]
-
-testId=7354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2718]
-
-testId=23738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2719]
-
-testId=15498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2720]
-
-testId=31914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2721]
-
-testId=682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2722]
-
-testId=17066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2723]
-
-testId=8858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2724]
-
-testId=25274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2725]
-
-testId=4778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2726]
-
-testId=21130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2727]
-
-testId=12938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2728]
-
-testId=29322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2729]
-
-testId=2730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2730]
-
-testId=19082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2731]
-
-testId=10922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2732]
-
-testId=27274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2733]
-
-testId=6810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2734]
-
-testId=23210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2735]
-
-testId=15034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2736]
-
-testId=31418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2737]
-
-testId=1690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2738]
-
-testId=18106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2739]
-
-testId=9866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2740]
-
-testId=26282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2741]
-
-testId=5802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2742]
-
-testId=22170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2743]
-
-testId=13962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2744]
-
-testId=30378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2745]
-
-testId=3770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2746]
-
-testId=20122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2747]
-
-testId=11946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2748]
-
-testId=28298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2749]
-
-testId=7818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2750]
-
-testId=24250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2751]
-
-testId=16042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2752]
-
-testId=32442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2753]
-
-testId=426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2754]
-
-testId=16794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2755]
-
-testId=8618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2756]
-
-testId=25002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2757]
-
-testId=4490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2758]
-
-testId=20922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2759]
-
-testId=12730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2760]
-
-testId=29114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2761]
-
-testId=2490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2762]
-
-testId=18858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2763]
-
-testId=10650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2764]
-
-testId=27066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2765]
-
-testId=6554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2766]
-
-testId=22954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2767]
-
-testId=14778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2768]
-
-testId=31162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2769]
-
-testId=1418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2770]
-
-testId=17834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2771]
-
-testId=9658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2772]
-
-testId=26010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2773]
-
-testId=5546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2774]
-
-testId=21946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2775]
-
-testId=13706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2776]
-
-testId=30122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2777]
-
-testId=3498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2778]
-
-testId=19850
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2779]
-
-testId=11706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2780]
-
-testId=28042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2781]
-
-testId=7562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2782]
-
-testId=23962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2783]
-
-testId=15770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2784]
-
-testId=32138
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2785]
-
-testId=906
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2786]
-
-testId=17290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2787]
-
-testId=9098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2788]
-
-testId=25514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2789]
-
-testId=5034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2790]
-
-testId=21402
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2791]
-
-testId=13194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2792]
-
-testId=29578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2793]
-
-testId=2954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2794]
-
-testId=19386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2795]
-
-testId=11146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2796]
-
-testId=27578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2797]
-
-testId=7066
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2798]
-
-testId=23450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2799]
-
-testId=15290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2800]
-
-testId=31658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2801]
-
-testId=1978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2802]
-
-testId=18346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2803]
-
-testId=10170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2804]
-
-testId=26506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2805]
-
-testId=6058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2806]
-
-testId=22458
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2807]
-
-testId=14234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2808]
-
-testId=30618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2809]
-
-testId=3994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2810]
-
-testId=20394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2811]
-
-testId=12218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2812]
-
-testId=28586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2813]
-
-testId=8090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2814]
-
-testId=24506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2815]
-
-testId=16298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2816]
-
-testId=32650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2817]
-
-testId=122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2818]
-
-testId=16490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2819]
-
-testId=8314
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2820]
-
-testId=24666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2821]
-
-testId=4218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2822]
-
-testId=20570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2823]
-
-testId=12410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2824]
-
-testId=28794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2825]
-
-testId=2170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2826]
-
-testId=18506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2827]
-
-testId=10346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2828]
-
-testId=26714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2829]
-
-testId=6250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2830]
-
-testId=22650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2831]
-
-testId=14410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2832]
-
-testId=30842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2833]
-
-testId=1130
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2834]
-
-testId=17498
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2835]
-
-testId=9290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2836]
-
-testId=25706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2837]
-
-testId=5210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2838]
-
-testId=21610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2839]
-
-testId=13434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2840]
-
-testId=29818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2841]
-
-testId=3146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2842]
-
-testId=19546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2843]
-
-testId=11338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2844]
-
-testId=27770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2845]
-
-testId=7274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2846]
-
-testId=23674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2847]
-
-testId=15466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2848]
-
-testId=31818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2849]
-
-testId=634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2850]
-
-testId=17018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2851]
-
-testId=8826
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2852]
-
-testId=25210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2853]
-
-testId=4682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2854]
-
-testId=21114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2855]
-
-testId=12922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2856]
-
-testId=29258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2857]
-
-testId=2634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2858]
-
-testId=19050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2859]
-
-testId=10842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2860]
-
-testId=27226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2861]
-
-testId=6778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2862]
-
-testId=23162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2863]
-
-testId=14938
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2864]
-
-testId=31306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2865]
-
-testId=1626
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2866]
-
-testId=18026
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2867]
-
-testId=9818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2868]
-
-testId=26234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2869]
-
-testId=5722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2870]
-
-testId=22090
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2871]
-
-testId=13898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2872]
-
-testId=30298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2873]
-
-testId=3674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2874]
-
-testId=20042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2875]
-
-testId=11882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2876]
-
-testId=28282
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2877]
-
-testId=7786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2878]
-
-testId=24170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2879]
-
-testId=15962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2880]
-
-testId=32346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2881]
-
-testId=378
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2882]
-
-testId=16714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2883]
-
-testId=8570
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2884]
-
-testId=24954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2885]
-
-testId=4426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2886]
-
-testId=20858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2887]
-
-testId=12666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2888]
-
-testId=29034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2889]
-
-testId=2410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2890]
-
-testId=18794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2891]
-
-testId=10602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2892]
-
-testId=27002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2893]
-
-testId=6522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2894]
-
-testId=22858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2895]
-
-testId=14714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2896]
-
-testId=31082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2897]
-
-testId=1354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2898]
-
-testId=17786
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2899]
-
-testId=9546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2900]
-
-testId=25946
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2901]
-
-testId=5466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2902]
-
-testId=21882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2903]
-
-testId=13658
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2904]
-
-testId=30074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2905]
-
-testId=3434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2906]
-
-testId=19802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2907]
-
-testId=11642
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2908]
-
-testId=28010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2909]
-
-testId=7530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2910]
-
-testId=23898
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2911]
-
-testId=15706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2912]
-
-testId=32074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2913]
-
-testId=858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2914]
-
-testId=17258
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2915]
-
-testId=9082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2916]
-
-testId=25466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2917]
-
-testId=4954
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2918]
-
-testId=21338
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2919]
-
-testId=13162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2920]
-
-testId=29546
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2921]
-
-testId=2922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2922]
-
-testId=19322
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2923]
-
-testId=11082
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2924]
-
-testId=27514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2925]
-
-testId=7002
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2926]
-
-testId=23370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2927]
-
-testId=15194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2928]
-
-testId=31594
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2929]
-
-testId=1882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2930]
-
-testId=18266
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2931]
-
-testId=10074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2932]
-
-testId=26474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2933]
-
-testId=5978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2934]
-
-testId=22362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2935]
-
-testId=14202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2936]
-
-testId=30586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2937]
-
-testId=3962
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2938]
-
-testId=20330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2939]
-
-testId=12106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2940]
-
-testId=28506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2941]
-
-testId=8010
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2942]
-
-testId=24426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2943]
-
-testId=16218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2944]
-
-testId=32634
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2945]
-
-testId=234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2946]
-
-testId=16618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2947]
-
-testId=8442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2948]
-
-testId=24810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2949]
-
-testId=4346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2950]
-
-testId=20714
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2951]
-
-testId=12538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2952]
-
-testId=28874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2953]
-
-testId=2298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2954]
-
-testId=18682
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2955]
-
-testId=10442
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2956]
-
-testId=26842
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2957]
-
-testId=6394
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2958]
-
-testId=22778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2959]
-
-testId=14554
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2960]
-
-testId=30922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2961]
-
-testId=1226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2962]
-
-testId=17610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2963]
-
-testId=9466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2964]
-
-testId=25802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2965]
-
-testId=5370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2966]
-
-testId=21738
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2967]
-
-testId=13562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2968]
-
-testId=29914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2969]
-
-testId=3274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2970]
-
-testId=19690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2971]
-
-testId=11514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2972]
-
-testId=27866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2973]
-
-testId=7386
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2974]
-
-testId=23754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2975]
-
-testId=15578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2976]
-
-testId=31978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2977]
-
-testId=730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2978]
-
-testId=17114
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2979]
-
-testId=8922
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2980]
-
-testId=25290
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2981]
-
-testId=4858
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2982]
-
-testId=21226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2983]
-
-testId=13034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2984]
-
-testId=29418
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2985]
-
-testId=2810
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2986]
-
-testId=19194
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2987]
-
-testId=10986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2988]
-
-testId=27370
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2989]
-
-testId=6874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2990]
-
-testId=23242
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2991]
-
-testId=15098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2992]
-
-testId=31466
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2993]
-
-testId=1754
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2994]
-
-testId=18122
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2995]
-
-testId=9930
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2996]
-
-testId=26346
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2997]
-
-testId=5882
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2998]
-
-testId=22234
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-2999]
-
-testId=14074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3000]
-
-testId=30426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3001]
-
-testId=3818
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3002]
-
-testId=20186
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3003]
-
-testId=11978
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3004]
-
-testId=28410
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3005]
-
-testId=7914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3006]
-
-testId=24298
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3007]
-
-testId=16106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3008]
-
-testId=32506
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3009]
-
-testId=490
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3010]
-
-testId=16874
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3011]
-
-testId=8698
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3012]
-
-testId=25050
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3013]
-
-testId=4602
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3014]
-
-testId=20970
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3015]
-
-testId=12778
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3016]
-
-testId=29146
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3017]
-
-testId=2538
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3018]
-
-testId=18890
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3019]
-
-testId=10730
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3020]
-
-testId=27098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3021]
-
-testId=6618
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3022]
-
-testId=22986
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3023]
-
-testId=14794
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3024]
-
-testId=31210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3025]
-
-testId=1514
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3026]
-
-testId=17866
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3027]
-
-testId=9706
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3028]
-
-testId=26106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3029]
-
-testId=5578
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3030]
-
-testId=21994
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3031]
-
-testId=13802
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3032]
-
-testId=30170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3033]
-
-testId=3530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3034]
-
-testId=19914
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3035]
-
-testId=11770
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3036]
-
-testId=28154
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3037]
-
-testId=7674
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3038]
-
-testId=24058
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3039]
-
-testId=15834
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3040]
-
-testId=32218
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3041]
-
-testId=1018
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3042]
-
-testId=17354
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3043]
-
-testId=9210
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3044]
-
-testId=25562
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3045]
-
-testId=5098
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3046]
-
-testId=21450
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3047]
-
-testId=13274
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3048]
-
-testId=29690
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3049]
-
-testId=3034
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3050]
-
-testId=19434
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3051]
-
-testId=11226
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3052]
-
-testId=27610
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3053]
-
-testId=7162
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3054]
-
-testId=23530
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3055]
-
-testId=15306
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3056]
-
-testId=31722
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3057]
-
-testId=2042
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3058]
-
-testId=18426
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3059]
-
-testId=10202
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3060]
-
-testId=26586
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3061]
-
-testId=6106
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3062]
-
-testId=22474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3063]
-
-testId=14330
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3064]
-
-testId=30666
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3065]
-
-testId=4074
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3066]
-
-testId=20474
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3067]
-
-testId=12250
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3068]
-
-testId=28650
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3069]
-
-testId=8170
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3070]
-
-testId=24522
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3071]
-
-testId=16362
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3072]
-
-testId=32746
-testname=ClientCert_none ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3073]
-
-testId=6
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3074]
-
-testId=16390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3075]
-
-testId=8246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3076]
-
-testId=24598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3077]
-
-testId=4134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3078]
-
-testId=20518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3079]
-
-testId=12294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3080]
-
-testId=28694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3081]
-
-testId=2054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3082]
-
-testId=18470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3083]
-
-testId=10262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3084]
-
-testId=26646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3085]
-
-testId=6182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3086]
-
-testId=22566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3087]
-
-testId=14358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3088]
-
-testId=30774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3089]
-
-testId=1078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3090]
-
-testId=17462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3091]
-
-testId=9222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3092]
-
-testId=25654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3093]
-
-testId=5126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3094]
-
-testId=21510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3095]
-
-testId=13318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3096]
-
-testId=29750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3097]
-
-testId=3126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3098]
-
-testId=19510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3099]
-
-testId=11270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3100]
-
-testId=27654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3101]
-
-testId=7174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3102]
-
-testId=23558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3103]
-
-testId=15414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3104]
-
-testId=31798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3105]
-
-testId=566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3106]
-
-testId=16902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3107]
-
-testId=8742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3108]
-
-testId=25094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3109]
-
-testId=4646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3110]
-
-testId=21014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3111]
-
-testId=12806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3112]
-
-testId=29238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3113]
-
-testId=2614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3114]
-
-testId=18950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3115]
-
-testId=10806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3116]
-
-testId=27174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3117]
-
-testId=6694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3118]
-
-testId=23078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3119]
-
-testId=14886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3120]
-
-testId=31286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3121]
-
-testId=1574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3122]
-
-testId=17926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3123]
-
-testId=9782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3124]
-
-testId=26134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3125]
-
-testId=5686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3126]
-
-testId=22070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3127]
-
-testId=13862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3128]
-
-testId=30262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3129]
-
-testId=3590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3130]
-
-testId=19974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3131]
-
-testId=11798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3132]
-
-testId=28214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3133]
-
-testId=7718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3134]
-
-testId=24118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3135]
-
-testId=15894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3136]
-
-testId=32262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3137]
-
-testId=262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3138]
-
-testId=16646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3139]
-
-testId=8486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3140]
-
-testId=24870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3141]
-
-testId=4406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3142]
-
-testId=20790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3143]
-
-testId=12550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3144]
-
-testId=28950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3145]
-
-testId=2358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3146]
-
-testId=18710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3147]
-
-testId=10550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3148]
-
-testId=26886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3149]
-
-testId=6422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3150]
-
-testId=22806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3151]
-
-testId=14630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3152]
-
-testId=30982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3153]
-
-testId=1318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3154]
-
-testId=17670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3155]
-
-testId=9526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3156]
-
-testId=25862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3157]
-
-testId=5382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3158]
-
-testId=21782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3159]
-
-testId=13622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3160]
-
-testId=29974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3161]
-
-testId=3382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3162]
-
-testId=19750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3163]
-
-testId=11558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3164]
-
-testId=27942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3165]
-
-testId=7462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3166]
-
-testId=23862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3167]
-
-testId=15622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3168]
-
-testId=32054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3169]
-
-testId=774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3170]
-
-testId=17174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3171]
-
-testId=9014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3172]
-
-testId=25350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3173]
-
-testId=4918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3174]
-
-testId=21254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3175]
-
-testId=13094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3176]
-
-testId=29494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3177]
-
-testId=2838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3178]
-
-testId=19238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3179]
-
-testId=11014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3180]
-
-testId=27430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3181]
-
-testId=6934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3182]
-
-testId=23302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3183]
-
-testId=15142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3184]
-
-testId=31542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3185]
-
-testId=1830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3186]
-
-testId=18182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3187]
-
-testId=9990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3188]
-
-testId=26374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3189]
-
-testId=5894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3190]
-
-testId=22310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3191]
-
-testId=14102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3192]
-
-testId=30486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3193]
-
-testId=3846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3194]
-
-testId=20230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3195]
-
-testId=12070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3196]
-
-testId=28422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3197]
-
-testId=7942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3198]
-
-testId=24358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3199]
-
-testId=16166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3200]
-
-testId=32534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3201]
-
-testId=166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3202]
-
-testId=16518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3203]
-
-testId=8358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3204]
-
-testId=24726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3205]
-
-testId=4262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3206]
-
-testId=20662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3207]
-
-testId=12454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3208]
-
-testId=28806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3209]
-
-testId=2182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3210]
-
-testId=18582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3211]
-
-testId=10374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3212]
-
-testId=26774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3213]
-
-testId=6278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3214]
-
-testId=22678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3215]
-
-testId=14486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3216]
-
-testId=30886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3217]
-
-testId=1174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3218]
-
-testId=17558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3219]
-
-testId=9350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3220]
-
-testId=25782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3221]
-
-testId=5302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3222]
-
-testId=21638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3223]
-
-testId=13478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3224]
-
-testId=29878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3225]
-
-testId=3206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3226]
-
-testId=19638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3227]
-
-testId=11414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3228]
-
-testId=27782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3229]
-
-testId=7318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3230]
-
-testId=23734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3231]
-
-testId=15510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3232]
-
-testId=31894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3233]
-
-testId=678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3234]
-
-testId=17046
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3235]
-
-testId=8838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3236]
-
-testId=25270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3237]
-
-testId=4790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3238]
-
-testId=21126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3239]
-
-testId=12950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3240]
-
-testId=29366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3241]
-
-testId=2694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3242]
-
-testId=19110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3243]
-
-testId=10886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3244]
-
-testId=27286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3245]
-
-testId=6790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3246]
-
-testId=23190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3247]
-
-testId=14982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3248]
-
-testId=31414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3249]
-
-testId=1718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3250]
-
-testId=18102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3251]
-
-testId=9894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3252]
-
-testId=26278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3253]
-
-testId=5798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3254]
-
-testId=22198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3255]
-
-testId=14006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3256]
-
-testId=30342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3257]
-
-testId=3750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3258]
-
-testId=20102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3259]
-
-testId=11926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3260]
-
-testId=28326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3261]
-
-testId=7846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3262]
-
-testId=24214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3263]
-
-testId=16054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3264]
-
-testId=32422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3265]
-
-testId=406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3266]
-
-testId=16790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3267]
-
-testId=8598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3268]
-
-testId=24998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3269]
-
-testId=4502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3270]
-
-testId=20870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3271]
-
-testId=12678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3272]
-
-testId=29078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3273]
-
-testId=2454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3274]
-
-testId=18822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3275]
-
-testId=10662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3276]
-
-testId=27030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3277]
-
-testId=6566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3278]
-
-testId=22950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3279]
-
-testId=14774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3280]
-
-testId=31142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3281]
-
-testId=1446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3282]
-
-testId=17830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3283]
-
-testId=9654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3284]
-
-testId=26022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3285]
-
-testId=5526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3286]
-
-testId=21910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3287]
-
-testId=13702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3288]
-
-testId=30118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3289]
-
-testId=3510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3290]
-
-testId=19846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3291]
-
-testId=11702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3292]
-
-testId=28054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3293]
-
-testId=7606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3294]
-
-testId=23974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3295]
-
-testId=15766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3296]
-
-testId=32182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3297]
-
-testId=902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3298]
-
-testId=17286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3299]
-
-testId=9110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3300]
-
-testId=25526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3301]
-
-testId=5030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3302]
-
-testId=21414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3303]
-
-testId=13206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3304]
-
-testId=29606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3305]
-
-testId=2998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3306]
-
-testId=19382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3307]
-
-testId=11174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3308]
-
-testId=27558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3309]
-
-testId=7094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3310]
-
-testId=23462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3311]
-
-testId=15270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3312]
-
-testId=31670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3313]
-
-testId=1942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3314]
-
-testId=18310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3315]
-
-testId=10118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3316]
-
-testId=26502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3317]
-
-testId=6054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3318]
-
-testId=22422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3319]
-
-testId=14214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3320]
-
-testId=30614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3321]
-
-testId=4022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3322]
-
-testId=20358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3323]
-
-testId=12182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3324]
-
-testId=28566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3325]
-
-testId=8102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3326]
-
-testId=24454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3327]
-
-testId=16310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3328]
-
-testId=32678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3329]
-
-testId=70
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3330]
-
-testId=16454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3331]
-
-testId=8294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3332]
-
-testId=24678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3333]
-
-testId=4166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3334]
-
-testId=20598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3335]
-
-testId=12358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3336]
-
-testId=28742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3337]
-
-testId=2166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3338]
-
-testId=18534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3339]
-
-testId=10326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3340]
-
-testId=26726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3341]
-
-testId=6246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3342]
-
-testId=22630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3343]
-
-testId=14438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3344]
-
-testId=30806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3345]
-
-testId=1110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3346]
-
-testId=17494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3347]
-
-testId=9318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3348]
-
-testId=25670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3349]
-
-testId=5206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3350]
-
-testId=21590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3351]
-
-testId=13398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3352]
-
-testId=29766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3353]
-
-testId=3142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3354]
-
-testId=19526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3355]
-
-testId=11334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3356]
-
-testId=27718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3357]
-
-testId=7238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3358]
-
-testId=23638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3359]
-
-testId=15478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3360]
-
-testId=31830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3361]
-
-testId=582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3362]
-
-testId=16998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3363]
-
-testId=8790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3364]
-
-testId=25190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3365]
-
-testId=4710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3366]
-
-testId=21078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3367]
-
-testId=12918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3368]
-
-testId=29254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3369]
-
-testId=2678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3370]
-
-testId=19062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3371]
-
-testId=10822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3372]
-
-testId=27238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3373]
-
-testId=6742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3374]
-
-testId=23110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3375]
-
-testId=14966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3376]
-
-testId=31302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3377]
-
-testId=1654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3378]
-
-testId=18038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3379]
-
-testId=9830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3380]
-
-testId=26230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3381]
-
-testId=5718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3382]
-
-testId=22086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3383]
-
-testId=13926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3384]
-
-testId=30294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3385]
-
-testId=3702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3386]
-
-testId=20038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3387]
-
-testId=11894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3388]
-
-testId=28278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3389]
-
-testId=7798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3390]
-
-testId=24166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3391]
-
-testId=15974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3392]
-
-testId=32358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3393]
-
-testId=342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3394]
-
-testId=16710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3395]
-
-testId=8550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3396]
-
-testId=24934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3397]
-
-testId=4470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3398]
-
-testId=20822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3399]
-
-testId=12662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3400]
-
-testId=28998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3401]
-
-testId=2390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3402]
-
-testId=18790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3403]
-
-testId=10598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3404]
-
-testId=26966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3405]
-
-testId=6518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3406]
-
-testId=22854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3407]
-
-testId=14662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3408]
-
-testId=31094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3409]
-
-testId=1366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3410]
-
-testId=17766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3411]
-
-testId=9542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3412]
-
-testId=25926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3413]
-
-testId=5494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3414]
-
-testId=21878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3415]
-
-testId=13670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3416]
-
-testId=30022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3417]
-
-testId=3414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3418]
-
-testId=19830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3419]
-
-testId=11622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3420]
-
-testId=27974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3421]
-
-testId=7510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3422]
-
-testId=23878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3423]
-
-testId=15702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3424]
-
-testId=32118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3425]
-
-testId=854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3426]
-
-testId=17254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3427]
-
-testId=9030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3428]
-
-testId=25414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3429]
-
-testId=4950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3430]
-
-testId=21334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3431]
-
-testId=13142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3432]
-
-testId=29526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3433]
-
-testId=2934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3434]
-
-testId=19302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3435]
-
-testId=11094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3436]
-
-testId=27478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3437]
-
-testId=7014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3438]
-
-testId=23382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3439]
-
-testId=15190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3440]
-
-testId=31558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3441]
-
-testId=1910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3442]
-
-testId=18294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3443]
-
-testId=10102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3444]
-
-testId=26470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3445]
-
-testId=5958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3446]
-
-testId=22342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3447]
-
-testId=14166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3448]
-
-testId=30566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3449]
-
-testId=3926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3450]
-
-testId=20310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3451]
-
-testId=12150
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3452]
-
-testId=28518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3453]
-
-testId=8022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3454]
-
-testId=24422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3455]
-
-testId=16198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3456]
-
-testId=32630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3457]
-
-testId=246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3458]
-
-testId=16598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3459]
-
-testId=8406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3460]
-
-testId=24806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3461]
-
-testId=4326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3462]
-
-testId=20694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3463]
-
-testId=12486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3464]
-
-testId=28870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3465]
-
-testId=2294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3466]
-
-testId=18662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3467]
-
-testId=10486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3468]
-
-testId=26822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3469]
-
-testId=6374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3470]
-
-testId=22726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3471]
-
-testId=14550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3472]
-
-testId=30934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3473]
-
-testId=1238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3474]
-
-testId=17606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3475]
-
-testId=9462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3476]
-
-testId=25830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3477]
-
-testId=5334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3478]
-
-testId=21718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3479]
-
-testId=13510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3480]
-
-testId=29910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3481]
-
-testId=3318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3482]
-
-testId=19670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3483]
-
-testId=11510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3484]
-
-testId=27846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3485]
-
-testId=7366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3486]
-
-testId=23782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3487]
-
-testId=15574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3488]
-
-testId=31990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3489]
-
-testId=726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3490]
-
-testId=17142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3491]
-
-testId=8934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3492]
-
-testId=25318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3493]
-
-testId=4838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3494]
-
-testId=21238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3495]
-
-testId=12998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3496]
-
-testId=29414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3497]
-
-testId=2806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3498]
-
-testId=19174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3499]
-
-testId=10966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3500]
-
-testId=27366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3501]
-
-testId=6854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3502]
-
-testId=23254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3503]
-
-testId=15062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3504]
-
-testId=31462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3505]
-
-testId=1750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3506]
-
-testId=18118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3507]
-
-testId=9974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3508]
-
-testId=26326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3509]
-
-testId=5830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3510]
-
-testId=22230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3511]
-
-testId=14038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3512]
-
-testId=30438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3513]
-
-testId=3782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3514]
-
-testId=20198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3515]
-
-testId=11974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3516]
-
-testId=28358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3517]
-
-testId=7894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3518]
-
-testId=24262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3519]
-
-testId=16118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3520]
-
-testId=32470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3521]
-
-testId=486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3522]
-
-testId=16854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3523]
-
-testId=8694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3524]
-
-testId=25030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3525]
-
-testId=4566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3526]
-
-testId=20950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3527]
-
-testId=12774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3528]
-
-testId=29126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3529]
-
-testId=2534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3530]
-
-testId=18918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3531]
-
-testId=10742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3532]
-
-testId=27110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3533]
-
-testId=6630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3534]
-
-testId=22998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3535]
-
-testId=14838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3536]
-
-testId=31190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3537]
-
-testId=1478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3538]
-
-testId=17894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3539]
-
-testId=9686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3540]
-
-testId=26086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3541]
-
-testId=5590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3542]
-
-testId=21974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3543]
-
-testId=13766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3544]
-
-testId=30182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3545]
-
-testId=3574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3546]
-
-testId=19910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3547]
-
-testId=11734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3548]
-
-testId=28118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3549]
-
-testId=7622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3550]
-
-testId=24022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3551]
-
-testId=15814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3552]
-
-testId=32230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3553]
-
-testId=982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3554]
-
-testId=17350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3555]
-
-testId=9190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3556]
-
-testId=25590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3557]
-
-testId=5078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3558]
-
-testId=21462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3559]
-
-testId=13286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3560]
-
-testId=29670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3561]
-
-testId=3030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3562]
-
-testId=19398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3563]
-
-testId=11222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3564]
-
-testId=27606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3565]
-
-testId=7126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3566]
-
-testId=23542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3567]
-
-testId=15302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3568]
-
-testId=31718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3569]
-
-testId=2038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3570]
-
-testId=18422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3571]
-
-testId=10214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3572]
-
-testId=26614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3573]
-
-testId=6102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3574]
-
-testId=22486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3575]
-
-testId=14326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3576]
-
-testId=30710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3577]
-
-testId=4086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3578]
-
-testId=20422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3579]
-
-testId=12278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3580]
-
-testId=28662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3581]
-
-testId=8166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3582]
-
-testId=24550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3583]
-
-testId=16374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3584]
-
-testId=32742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3585]
-
-testId=14
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3586]
-
-testId=16398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3587]
-
-testId=8238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3588]
-
-testId=24622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3589]
-
-testId=4158
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3590]
-
-testId=20494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3591]
-
-testId=12302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3592]
-
-testId=28702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3593]
-
-testId=2110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3594]
-
-testId=18446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3595]
-
-testId=10286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3596]
-
-testId=26654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3597]
-
-testId=6206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3598]
-
-testId=22542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3599]
-
-testId=14398
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3600]
-
-testId=30766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3601]
-
-testId=1054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3602]
-
-testId=17438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3603]
-
-testId=9262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3604]
-
-testId=25614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3605]
-
-testId=5182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3606]
-
-testId=21550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3607]
-
-testId=13358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3608]
-
-testId=29710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3609]
-
-testId=3118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3610]
-
-testId=19470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3611]
-
-testId=11294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3612]
-
-testId=27710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3613]
-
-testId=7198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3614]
-
-testId=23582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3615]
-
-testId=15374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3616]
-
-testId=31758
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3617]
-
-testId=542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3618]
-
-testId=16926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3619]
-
-testId=8766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3620]
-
-testId=25150
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3621]
-
-testId=4622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3622]
-
-testId=21006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3623]
-
-testId=12862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3624]
-
-testId=29230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3625]
-
-testId=2574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3626]
-
-testId=18990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3627]
-
-testId=10782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3628]
-
-testId=27166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3629]
-
-testId=6718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3630]
-
-testId=23070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3631]
-
-testId=14878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3632]
-
-testId=31246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3633]
-
-testId=1598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3634]
-
-testId=17966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3635]
-
-testId=9742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3636]
-
-testId=26126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3637]
-
-testId=5646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3638]
-
-testId=22078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3639]
-
-testId=13886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3640]
-
-testId=30254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3641]
-
-testId=3630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3642]
-
-testId=20030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3643]
-
-testId=11838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3644]
-
-testId=28222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3645]
-
-testId=7710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3646]
-
-testId=24078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3647]
-
-testId=15902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3648]
-
-testId=32270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3649]
-
-testId=302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3650]
-
-testId=16654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3651]
-
-testId=8462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3652]
-
-testId=24862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3653]
-
-testId=4366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3654]
-
-testId=20798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3655]
-
-testId=12606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3656]
-
-testId=28990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3657]
-
-testId=2334
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3658]
-
-testId=18750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3659]
-
-testId=10542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3660]
-
-testId=26894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3661]
-
-testId=6430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3662]
-
-testId=22830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3663]
-
-testId=14654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3664]
-
-testId=30990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3665]
-
-testId=1342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3666]
-
-testId=17726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3667]
-
-testId=9518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3668]
-
-testId=25870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3669]
-
-testId=5406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3670]
-
-testId=21822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3671]
-
-testId=13598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3672]
-
-testId=29998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3673]
-
-testId=3342
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3674]
-
-testId=19742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3675]
-
-testId=11566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3676]
-
-testId=27934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3677]
-
-testId=7454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3678]
-
-testId=23838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3679]
-
-testId=15678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3680]
-
-testId=32030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3681]
-
-testId=782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3682]
-
-testId=17166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3683]
-
-testId=9022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3684]
-
-testId=25374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3685]
-
-testId=4910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3686]
-
-testId=21310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3687]
-
-testId=13070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3688]
-
-testId=29454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3689]
-
-testId=2862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3690]
-
-testId=19262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3691]
-
-testId=11038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3692]
-
-testId=27406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3693]
-
-testId=6974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3694]
-
-testId=23358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3695]
-
-testId=15166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3696]
-
-testId=31502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3697]
-
-testId=1806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3698]
-
-testId=18222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3699]
-
-testId=10030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3700]
-
-testId=26430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3701]
-
-testId=5950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3702]
-
-testId=22318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3703]
-
-testId=14142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3704]
-
-testId=30526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3705]
-
-testId=3854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3706]
-
-testId=20286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3707]
-
-testId=12046
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3708]
-
-testId=28446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3709]
-
-testId=7998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3710]
-
-testId=24382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3711]
-
-testId=16190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3712]
-
-testId=32558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3713]
-
-testId=174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3714]
-
-testId=16542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3715]
-
-testId=8382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3716]
-
-testId=24718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3717]
-
-testId=4238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3718]
-
-testId=20670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3719]
-
-testId=12430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3720]
-
-testId=28814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3721]
-
-testId=2190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3722]
-
-testId=18574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3723]
-
-testId=10414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3724]
-
-testId=26814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3725]
-
-testId=6318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3726]
-
-testId=22718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3727]
-
-testId=14478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3728]
-
-testId=30862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3729]
-
-testId=1214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3730]
-
-testId=17550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3731]
-
-testId=9358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3732]
-
-testId=25790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3733]
-
-testId=5294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3734]
-
-testId=21694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3735]
-
-testId=13502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3736]
-
-testId=29838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3737]
-
-testId=3262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3738]
-
-testId=19614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3739]
-
-testId=11422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3740]
-
-testId=27790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3741]
-
-testId=7358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3742]
-
-testId=23694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3743]
-
-testId=15502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3744]
-
-testId=31934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3745]
-
-testId=654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3746]
-
-testId=17038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3747]
-
-testId=8862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3748]
-
-testId=25230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3749]
-
-testId=4766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3750]
-
-testId=21182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3751]
-
-testId=12942
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3752]
-
-testId=29374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3753]
-
-testId=2734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3754]
-
-testId=19134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3755]
-
-testId=10894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3756]
-
-testId=27278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3757]
-
-testId=6846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3758]
-
-testId=23198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3759]
-
-testId=15006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3760]
-
-testId=31406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3761]
-
-testId=1694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3762]
-
-testId=18110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3763]
-
-testId=9902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3764]
-
-testId=26302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3765]
-
-testId=5790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3766]
-
-testId=22174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3767]
-
-testId=13982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3768]
-
-testId=30366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3769]
-
-testId=3726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3770]
-
-testId=20110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3771]
-
-testId=11950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3772]
-
-testId=28318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3773]
-
-testId=7870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3774]
-
-testId=24254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3775]
-
-testId=16014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3776]
-
-testId=32446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3777]
-
-testId=430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3778]
-
-testId=16798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3779]
-
-testId=8638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3780]
-
-testId=25006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3781]
-
-testId=4526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3782]
-
-testId=20894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3783]
-
-testId=12734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3784]
-
-testId=29102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3785]
-
-testId=2462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3786]
-
-testId=18830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3787]
-
-testId=10654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3788]
-
-testId=27038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3789]
-
-testId=6590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3790]
-
-testId=22926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3791]
-
-testId=14782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3792]
-
-testId=31118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3793]
-
-testId=1454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3794]
-
-testId=17838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3795]
-
-testId=9614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3796]
-
-testId=26046
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3797]
-
-testId=5550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3798]
-
-testId=21902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3799]
-
-testId=13742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3800]
-
-testId=30110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3801]
-
-testId=3486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3802]
-
-testId=19854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3803]
-
-testId=11662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3804]
-
-testId=28094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3805]
-
-testId=7598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3806]
-
-testId=23950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3807]
-
-testId=15774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3808]
-
-testId=32174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3809]
-
-testId=926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3810]
-
-testId=17326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3811]
-
-testId=9134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3812]
-
-testId=25486
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3813]
-
-testId=5054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3814]
-
-testId=21406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3815]
-
-testId=13246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3816]
-
-testId=29630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3817]
-
-testId=2974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3818]
-
-testId=19390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3819]
-
-testId=11182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3820]
-
-testId=27582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3821]
-
-testId=7086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3822]
-
-testId=23470
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3823]
-
-testId=15294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3824]
-
-testId=31630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3825]
-
-testId=1950
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3826]
-
-testId=18366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3827]
-
-testId=10126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3828]
-
-testId=26542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3829]
-
-testId=6078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3830]
-
-testId=22446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3831]
-
-testId=14238
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3832]
-
-testId=30638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3833]
-
-testId=4030
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3834]
-
-testId=20414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3835]
-
-testId=12174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3836]
-
-testId=28606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3837]
-
-testId=8126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3838]
-
-testId=24494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3839]
-
-testId=16318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3840]
-
-testId=32686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3841]
-
-testId=126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3842]
-
-testId=16510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3843]
-
-testId=8270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3844]
-
-testId=24702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3845]
-
-testId=4174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3846]
-
-testId=20558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3847]
-
-testId=12366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3848]
-
-testId=28798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3849]
-
-testId=2142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3850]
-
-testId=18526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3851]
-
-testId=10366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3852]
-
-testId=26718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3853]
-
-testId=6254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3854]
-
-testId=22638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3855]
-
-testId=14462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3856]
-
-testId=30798
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3857]
-
-testId=1134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3858]
-
-testId=17534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3859]
-
-testId=9310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3860]
-
-testId=25710
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3861]
-
-testId=5230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3862]
-
-testId=21630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3863]
-
-testId=13406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3864]
-
-testId=29806
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3865]
-
-testId=3166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3866]
-
-testId=19582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3867]
-
-testId=11390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3868]
-
-testId=27758
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3869]
-
-testId=7278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3870]
-
-testId=23646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3871]
-
-testId=15454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3872]
-
-testId=31870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3873]
-
-testId=606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3874]
-
-testId=17022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3875]
-
-testId=8814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3876]
-
-testId=25214
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3877]
-
-testId=4734
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3878]
-
-testId=21070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3879]
-
-testId=12894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3880]
-
-testId=29262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3881]
-
-testId=2638
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3882]
-
-testId=19070
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3883]
-
-testId=10862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3884]
-
-testId=27230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3885]
-
-testId=6750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3886]
-
-testId=23118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3887]
-
-testId=14958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3888]
-
-testId=31326
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3889]
-
-testId=1630
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3890]
-
-testId=17998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3891]
-
-testId=9838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3892]
-
-testId=26222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3893]
-
-testId=5726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3894]
-
-testId=22142
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3895]
-
-testId=13902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3896]
-
-testId=30318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3897]
-
-testId=3678
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3898]
-
-testId=20062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3899]
-
-testId=11870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3900]
-
-testId=28254
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3901]
-
-testId=7790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3902]
-
-testId=24158
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3903]
-
-testId=15982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3904]
-
-testId=32366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3905]
-
-testId=350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3906]
-
-testId=16718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3907]
-
-testId=8558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3908]
-
-testId=24958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3909]
-
-testId=4430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3910]
-
-testId=20830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3911]
-
-testId=12654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3912]
-
-testId=29006
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3913]
-
-testId=2382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3914]
-
-testId=18814
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3915]
-
-testId=10622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3916]
-
-testId=26990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3917]
-
-testId=6494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3918]
-
-testId=22894
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3919]
-
-testId=14686
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3920]
-
-testId=31102
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3921]
-
-testId=1358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3922]
-
-testId=17790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3923]
-
-testId=9566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3924]
-
-testId=25934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3925]
-
-testId=5454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3926]
-
-testId=21886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3927]
-
-testId=13694
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3928]
-
-testId=30062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3929]
-
-testId=3406
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3930]
-
-testId=19838
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3931]
-
-testId=11646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3932]
-
-testId=27998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3933]
-
-testId=7534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3934]
-
-testId=23886
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3935]
-
-testId=15742
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3936]
-
-testId=32094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3937]
-
-testId=862
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3938]
-
-testId=17262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3939]
-
-testId=9086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3940]
-
-testId=25422
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3941]
-
-testId=4958
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3942]
-
-testId=21358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3943]
-
-testId=13134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3944]
-
-testId=29550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3945]
-
-testId=2910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3946]
-
-testId=19294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3947]
-
-testId=11118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3948]
-
-testId=27518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3949]
-
-testId=6990
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3950]
-
-testId=23390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3951]
-
-testId=15182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3952]
-
-testId=31566
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3953]
-
-testId=1902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3954]
-
-testId=18270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3955]
-
-testId=10078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3956]
-
-testId=26478
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3957]
-
-testId=5982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3958]
-
-testId=22366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3959]
-
-testId=14206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3960]
-
-testId=30590
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3961]
-
-testId=3934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3962]
-
-testId=20350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3963]
-
-testId=12158
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3964]
-
-testId=28542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3965]
-
-testId=8062
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3966]
-
-testId=24414
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3967]
-
-testId=16222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3968]
-
-testId=32622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3969]
-
-testId=222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3970]
-
-testId=16622
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3971]
-
-testId=8430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3972]
-
-testId=24782
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3973]
-
-testId=4318
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3974]
-
-testId=20718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3975]
-
-testId=12526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3976]
-
-testId=28878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3977]
-
-testId=2302
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3978]
-
-testId=18654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3979]
-
-testId=10494
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3980]
-
-testId=26846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3981]
-
-testId=6382
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3982]
-
-testId=22750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3983]
-
-testId=14542
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3984]
-
-testId=30926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3985]
-
-testId=1278
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3986]
-
-testId=17662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3987]
-
-testId=9454
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3988]
-
-testId=25854
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3989]
-
-testId=5374
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3990]
-
-testId=21726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3991]
-
-testId=13518
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3992]
-
-testId=29902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3993]
-
-testId=3294
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3994]
-
-testId=19662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3995]
-
-testId=11502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3996]
-
-testId=27870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3997]
-
-testId=7390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3998]
-
-testId=23790
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-3999]
-
-testId=15582
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4000]
-
-testId=31966
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4001]
-
-testId=750
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4002]
-
-testId=17150
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4003]
-
-testId=8910
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4004]
-
-testId=25310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4005]
-
-testId=4830
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4006]
-
-testId=21230
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4007]
-
-testId=13022
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4008]
-
-testId=29390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4009]
-
-testId=2766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4010]
-
-testId=19166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4011]
-
-testId=10974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4012]
-
-testId=27390
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4013]
-
-testId=6878
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4014]
-
-testId=23246
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4015]
-
-testId=15054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4016]
-
-testId=31438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4017]
-
-testId=1758
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4018]
-
-testId=18174
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4019]
-
-testId=9982
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4020]
-
-testId=26366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4021]
-
-testId=5870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4022]
-
-testId=22222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4023]
-
-testId=14078
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4024]
-
-testId=30446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4025]
-
-testId=3822
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4026]
-
-testId=20206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4027]
-
-testId=12014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4028]
-
-testId=28366
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4029]
-
-testId=7918
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4030]
-
-testId=24270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4031]
-
-testId=16126
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4032]
-
-testId=32510
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4033]
-
-testId=462
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4034]
-
-testId=16846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4035]
-
-testId=8654
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4036]
-
-testId=25054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4037]
-
-testId=4574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4038]
-
-testId=20974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4039]
-
-testId=12766
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4040]
-
-testId=29166
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4041]
-
-testId=2558
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4042]
-
-testId=18926
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4043]
-
-testId=10702
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4044]
-
-testId=27086
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4045]
-
-testId=6606
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4046]
-
-testId=23038
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4047]
-
-testId=14846
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4048]
-
-testId=31182
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4049]
-
-testId=1534
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4050]
-
-testId=17902
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4051]
-
-testId=9726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4052]
-
-testId=26094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4053]
-
-testId=5614
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4054]
-
-testId=21998
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4055]
-
-testId=13774
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4056]
-
-testId=30206
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4057]
-
-testId=3550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4058]
-
-testId=19934
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4059]
-
-testId=11726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4060]
-
-testId=28110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4061]
-
-testId=7646
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4062]
-
-testId=24014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4063]
-
-testId=15870
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4064]
-
-testId=32222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4065]
-
-testId=974
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4066]
-
-testId=17358
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4067]
-
-testId=9198
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4068]
-
-testId=25550
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4069]
-
-testId=5118
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4070]
-
-testId=21502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4071]
-
-testId=13310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4072]
-
-testId=29662
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4073]
-
-testId=3054
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4074]
-
-testId=19438
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4075]
-
-testId=11262
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4076]
-
-testId=27598
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4077]
-
-testId=7134
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4078]
-
-testId=23502
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4079]
-
-testId=15310
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4080]
-
-testId=31726
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4081]
-
-testId=2014
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4082]
-
-testId=18430
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4083]
-
-testId=10222
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4084]
-
-testId=26574
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4085]
-
-testId=6110
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4086]
-
-testId=22526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4087]
-
-testId=14286
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4088]
-
-testId=30670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4089]
-
-testId=4094
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4090]
-
-testId=20446
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4091]
-
-testId=12270
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4092]
-
-testId=28670
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4093]
-
-testId=8190
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4094]
-
-testId=24526
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4095]
-
-testId=16350
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4096]
-
-testId=32718
-testname=ClientCert_none ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4097]
-
-testId=33
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4098]
-
-testId=16433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4099]
-
-testId=8193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4100]
-
-testId=24609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4101]
-
-testId=4113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4102]
-
-testId=20513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4103]
-
-testId=12321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4104]
-
-testId=28673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4105]
-
-testId=2049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4106]
-
-testId=18449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4107]
-
-testId=10289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4108]
-
-testId=26625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4109]
-
-testId=6145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4110]
-
-testId=22529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4111]
-
-testId=14353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4112]
-
-testId=30753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4113]
-
-testId=1073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4114]
-
-testId=17441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4115]
-
-testId=9233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4116]
-
-testId=25601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4117]
-
-testId=5169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4118]
-
-testId=21537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4119]
-
-testId=13313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4120]
-
-testId=29745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4121]
-
-testId=3121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4122]
-
-testId=19473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4123]
-
-testId=11281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4124]
-
-testId=27649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4125]
-
-testId=7169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4126]
-
-testId=23553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4127]
-
-testId=15409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4128]
-
-testId=31793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4129]
-
-testId=513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4130]
-
-testId=16897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4131]
-
-testId=8705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4132]
-
-testId=25105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4133]
-
-testId=4609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4134]
-
-testId=21041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4135]
-
-testId=12833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4136]
-
-testId=29185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4137]
-
-testId=2561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4138]
-
-testId=18961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4139]
-
-testId=10785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4140]
-
-testId=27169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4141]
-
-testId=6657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4142]
-
-testId=23089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4143]
-
-testId=14881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4144]
-
-testId=31249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4145]
-
-testId=1569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4146]
-
-testId=17921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4147]
-
-testId=9745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4148]
-
-testId=26145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4149]
-
-testId=5681
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4150]
-
-testId=22017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4151]
-
-testId=13841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4152]
-
-testId=30209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4153]
-
-testId=3585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4154]
-
-testId=19969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4155]
-
-testId=11825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4156]
-
-testId=28193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4157]
-
-testId=7713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4158]
-
-testId=24113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4159]
-
-testId=15921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4160]
-
-testId=32257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4161]
-
-testId=289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4162]
-
-testId=16689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4163]
-
-testId=8481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4164]
-
-testId=24865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4165]
-
-testId=4401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4166]
-
-testId=20753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4167]
-
-testId=12561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4168]
-
-testId=28945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4169]
-
-testId=2321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4170]
-
-testId=18705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4171]
-
-testId=10513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4172]
-
-testId=26929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4173]
-
-testId=6449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4174]
-
-testId=22785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4175]
-
-testId=14609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4176]
-
-testId=30993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4177]
-
-testId=1329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4178]
-
-testId=17713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4179]
-
-testId=9489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4180]
-
-testId=25905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4181]
-
-testId=5425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4182]
-
-testId=21777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4183]
-
-testId=13617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4184]
-
-testId=29985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4185]
-
-testId=3329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4186]
-
-testId=19745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4187]
-
-testId=11553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4188]
-
-testId=27937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4189]
-
-testId=7425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4190]
-
-testId=23841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4191]
-
-testId=15617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4192]
-
-testId=32001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4193]
-
-testId=785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4194]
-
-testId=17201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4195]
-
-testId=8993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4196]
-
-testId=25345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4197]
-
-testId=4881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4198]
-
-testId=21297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4199]
-
-testId=13073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4200]
-
-testId=29473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4201]
-
-testId=2849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4202]
-
-testId=19249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4203]
-
-testId=11009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4204]
-
-testId=27425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4205]
-
-testId=6945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4206]
-
-testId=23313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4207]
-
-testId=15105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4208]
-
-testId=31489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4209]
-
-testId=1793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4210]
-
-testId=18177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4211]
-
-testId=10017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4212]
-
-testId=26401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4213]
-
-testId=5905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4214]
-
-testId=22273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4215]
-
-testId=14129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4216]
-
-testId=30497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4217]
-
-testId=3857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4218]
-
-testId=20241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4219]
-
-testId=12065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4220]
-
-testId=28417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4221]
-
-testId=7937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4222]
-
-testId=24337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4223]
-
-testId=16177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4224]
-
-testId=32545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4225]
-
-testId=177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4226]
-
-testId=16545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4227]
-
-testId=8337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4228]
-
-testId=24705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4229]
-
-testId=4225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4230]
-
-testId=20609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4231]
-
-testId=12449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4232]
-
-testId=28817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4233]
-
-testId=2209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4234]
-
-testId=18577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4235]
-
-testId=10401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4236]
-
-testId=26753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4237]
-
-testId=6321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4238]
-
-testId=22689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4239]
-
-testId=14497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4240]
-
-testId=30897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4241]
-
-testId=1153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4242]
-
-testId=17569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4243]
-
-testId=9377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4244]
-
-testId=25729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4245]
-
-testId=5265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4246]
-
-testId=21633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4247]
-
-testId=13441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4248]
-
-testId=29841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4249]
-
-testId=3233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4250]
-
-testId=19633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4251]
-
-testId=11441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4252]
-
-testId=27825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4253]
-
-testId=7297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4254]
-
-testId=23729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4255]
-
-testId=15537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4256]
-
-testId=31889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4257]
-
-testId=657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4258]
-
-testId=17041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4259]
-
-testId=8881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4260]
-
-testId=25249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4261]
-
-testId=4785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4262]
-
-testId=21153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4263]
-
-testId=12945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4264]
-
-testId=29313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4265]
-
-testId=2689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4266]
-
-testId=19089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4267]
-
-testId=10881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4268]
-
-testId=27313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4269]
-
-testId=6817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4270]
-
-testId=23201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4271]
-
-testId=15025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4272]
-
-testId=31377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4273]
-
-testId=1665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4274]
-
-testId=18065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4275]
-
-testId=9905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4276]
-
-testId=26241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4277]
-
-testId=5761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4278]
-
-testId=22145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4279]
-
-testId=13985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4280]
-
-testId=30337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4281]
-
-testId=3713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4282]
-
-testId=20097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4283]
-
-testId=11905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4284]
-
-testId=28289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4285]
-
-testId=7809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4286]
-
-testId=24193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4287]
-
-testId=16049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4288]
-
-testId=32401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4289]
-
-testId=417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4290]
-
-testId=16769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4291]
-
-testId=8593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4292]
-
-testId=25009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4293]
-
-testId=4481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4294]
-
-testId=20897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4295]
-
-testId=12721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4296]
-
-testId=29073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4297]
-
-testId=2449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4298]
-
-testId=18849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4299]
-
-testId=10641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4300]
-
-testId=27057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4301]
-
-testId=6545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4302]
-
-testId=22961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4303]
-
-testId=14721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4304]
-
-testId=31137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4305]
-
-testId=1441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4306]
-
-testId=17841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4307]
-
-testId=9617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4308]
-
-testId=26001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4309]
-
-testId=5505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4310]
-
-testId=21889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4311]
-
-testId=13697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4312]
-
-testId=30113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4313]
-
-testId=3473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4314]
-
-testId=19889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4315]
-
-testId=11665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4316]
-
-testId=28033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4317]
-
-testId=7553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4318]
-
-testId=23985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4319]
-
-testId=15761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4320]
-
-testId=32177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4321]
-
-testId=913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4322]
-
-testId=17329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4323]
-
-testId=9105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4324]
-
-testId=25489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4325]
-
-testId=5009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4326]
-
-testId=21377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4327]
-
-testId=13185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4328]
-
-testId=29617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4329]
-
-testId=2993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4330]
-
-testId=19329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4331]
-
-testId=11169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4332]
-
-testId=27553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4333]
-
-testId=7041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4334]
-
-testId=23457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4335]
-
-testId=15233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4336]
-
-testId=31633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4337]
-
-testId=1969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4338]
-
-testId=18305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4339]
-
-testId=10129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4340]
-
-testId=26513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4341]
-
-testId=6065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4342]
-
-testId=22433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4343]
-
-testId=14209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4344]
-
-testId=30625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4345]
-
-testId=4001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4346]
-
-testId=20385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4347]
-
-testId=12161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4348]
-
-testId=28593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4349]
-
-testId=8113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4350]
-
-testId=24465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4351]
-
-testId=16257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4352]
-
-testId=32641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4353]
-
-testId=113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4354]
-
-testId=16481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4355]
-
-testId=8289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4356]
-
-testId=24673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4357]
-
-testId=4177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4358]
-
-testId=20577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4359]
-
-testId=12385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4360]
-
-testId=28753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4361]
-
-testId=2129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4362]
-
-testId=18529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4363]
-
-testId=10353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4364]
-
-testId=26737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4365]
-
-testId=6225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4366]
-
-testId=22641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4367]
-
-testId=14401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4368]
-
-testId=30833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4369]
-
-testId=1137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4370]
-
-testId=17521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4371]
-
-testId=9329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4372]
-
-testId=25713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4373]
-
-testId=5201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4374]
-
-testId=21617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4375]
-
-testId=13409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4376]
-
-testId=29761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4377]
-
-testId=3137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4378]
-
-testId=19537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4379]
-
-testId=11361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4380]
-
-testId=27729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4381]
-
-testId=7249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4382]
-
-testId=23665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4383]
-
-testId=15457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4384]
-
-testId=31809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4385]
-
-testId=609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4386]
-
-testId=17009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4387]
-
-testId=8801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4388]
-
-testId=25169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4389]
-
-testId=4705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4390]
-
-testId=21089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4391]
-
-testId=12897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4392]
-
-testId=29297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4393]
-
-testId=2673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4394]
-
-testId=19057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4395]
-
-testId=10865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4396]
-
-testId=27249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4397]
-
-testId=6769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4398]
-
-testId=23153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4399]
-
-testId=14913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4400]
-
-testId=31297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4401]
-
-testId=1633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4402]
-
-testId=18017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4403]
-
-testId=9825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4404]
-
-testId=26177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4405]
-
-testId=5713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4406]
-
-testId=22129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4407]
-
-testId=13905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4408]
-
-testId=30321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4409]
-
-testId=3665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4410]
-
-testId=20033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4411]
-
-testId=11857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4412]
-
-testId=28273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4413]
-
-testId=7777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4414]
-
-testId=24129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4415]
-
-testId=15969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4416]
-
-testId=32337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4417]
-
-testId=369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4418]
-
-testId=16721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4419]
-
-testId=8561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4420]
-
-testId=24897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4421]
-
-testId=4449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4422]
-
-testId=20833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4423]
-
-testId=12609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4424]
-
-testId=29041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4425]
-
-testId=2417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4426]
-
-testId=18769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4427]
-
-testId=10593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4428]
-
-testId=26961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4429]
-
-testId=6497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4430]
-
-testId=22865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4431]
-
-testId=14705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4432]
-
-testId=31089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4433]
-
-testId=1393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4434]
-
-testId=17777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4435]
-
-testId=9569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4436]
-
-testId=25969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4437]
-
-testId=5473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4438]
-
-testId=21841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4439]
-
-testId=13633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4440]
-
-testId=30033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4441]
-
-testId=3409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4442]
-
-testId=19793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4443]
-
-testId=11617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4444]
-
-testId=28017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4445]
-
-testId=7521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4446]
-
-testId=23905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4447]
-
-testId=15729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4448]
-
-testId=32097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4449]
-
-testId=865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4450]
-
-testId=17265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4451]
-
-testId=9073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4452]
-
-testId=25441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4453]
-
-testId=4977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4454]
-
-testId=21361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4455]
-
-testId=13121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4456]
-
-testId=29553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4457]
-
-testId=2929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4458]
-
-testId=19313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4459]
-
-testId=11089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4460]
-
-testId=27457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4461]
-
-testId=7025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4462]
-
-testId=23393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4463]
-
-testId=15217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4464]
-
-testId=31601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4465]
-
-testId=1889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4466]
-
-testId=18289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4467]
-
-testId=10049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4468]
-
-testId=26433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4469]
-
-testId=5969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4470]
-
-testId=22337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4471]
-
-testId=14145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4472]
-
-testId=30561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4473]
-
-testId=3937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4474]
-
-testId=20321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4475]
-
-testId=12113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4476]
-
-testId=28529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4477]
-
-testId=8033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4478]
-
-testId=24385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4479]
-
-testId=16241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4480]
-
-testId=32577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4481]
-
-testId=209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4482]
-
-testId=16577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4483]
-
-testId=8401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4484]
-
-testId=24801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4485]
-
-testId=4289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4486]
-
-testId=20705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4487]
-
-testId=12481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4488]
-
-testId=28865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4489]
-
-testId=2257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4490]
-
-testId=18641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4491]
-
-testId=10449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4492]
-
-testId=26817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4493]
-
-testId=6385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4494]
-
-testId=22737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4495]
-
-testId=14545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4496]
-
-testId=30929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4497]
-
-testId=1265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4498]
-
-testId=17617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4499]
-
-testId=9425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4500]
-
-testId=25793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4501]
-
-testId=5345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4502]
-
-testId=21713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4503]
-
-testId=13537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4504]
-
-testId=29937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4505]
-
-testId=3297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4506]
-
-testId=19697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4507]
-
-testId=11473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4508]
-
-testId=27873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4509]
-
-testId=7361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4510]
-
-testId=23777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4511]
-
-testId=15601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4512]
-
-testId=31953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4513]
-
-testId=753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4514]
-
-testId=17105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4515]
-
-testId=8945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4516]
-
-testId=25313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4517]
-
-testId=4833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4518]
-
-testId=21201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4519]
-
-testId=13025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4520]
-
-testId=29425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4521]
-
-testId=2769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4522]
-
-testId=19169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4523]
-
-testId=10977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4524]
-
-testId=27361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4525]
-
-testId=6865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4526]
-
-testId=23249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4527]
-
-testId=15089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4528]
-
-testId=31425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4529]
-
-testId=1745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4530]
-
-testId=18161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4531]
-
-testId=9921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4532]
-
-testId=26353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4533]
-
-testId=5841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4534]
-
-testId=22209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4535]
-
-testId=14049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4536]
-
-testId=30401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4537]
-
-testId=3825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4538]
-
-testId=20193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4539]
-
-testId=11969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4540]
-
-testId=28385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4541]
-
-testId=7873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4542]
-
-testId=24257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4543]
-
-testId=16081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4544]
-
-testId=32481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4545]
-
-testId=449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4546]
-
-testId=16865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4547]
-
-testId=8689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4548]
-
-testId=25073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4549]
-
-testId=4577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4550]
-
-testId=20945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4551]
-
-testId=12753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4552]
-
-testId=29121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4553]
-
-testId=2497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4554]
-
-testId=18929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4555]
-
-testId=10705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4556]
-
-testId=27105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4557]
-
-testId=6609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4558]
-
-testId=22977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4559]
-
-testId=14801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4560]
-
-testId=31185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4561]
-
-testId=1473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4562]
-
-testId=17857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4563]
-
-testId=9665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4564]
-
-testId=26065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4565]
-
-testId=5601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4566]
-
-testId=22001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4567]
-
-testId=13793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4568]
-
-testId=30145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4569]
-
-testId=3553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4570]
-
-testId=19905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4571]
-
-testId=11745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4572]
-
-testId=28097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4573]
-
-testId=7649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4574]
-
-testId=24017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4575]
-
-testId=15841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4576]
-
-testId=32225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4577]
-
-testId=961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4578]
-
-testId=17377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4579]
-
-testId=9185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4580]
-
-testId=25537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4581]
-
-testId=5057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4582]
-
-testId=21441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4583]
-
-testId=13281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4584]
-
-testId=29649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4585]
-
-testId=3041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4586]
-
-testId=19409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4587]
-
-testId=11249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4588]
-
-testId=27585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4589]
-
-testId=7105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4590]
-
-testId=23505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4591]
-
-testId=15329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4592]
-
-testId=31729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4593]
-
-testId=1985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4594]
-
-testId=18385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4595]
-
-testId=10177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4596]
-
-testId=26561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4597]
-
-testId=6097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4598]
-
-testId=22497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4599]
-
-testId=14321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4600]
-
-testId=30689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4601]
-
-testId=4065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4602]
-
-testId=20449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4603]
-
-testId=12225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4604]
-
-testId=28625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4605]
-
-testId=8129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4606]
-
-testId=24513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4607]
-
-testId=16321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4608]
-
-testId=32737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4609]
-
-testId=9
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4610]
-
-testId=16425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4611]
-
-testId=8233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4612]
-
-testId=24617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4613]
-
-testId=4121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4614]
-
-testId=20489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4615]
-
-testId=12329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4616]
-
-testId=28729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4617]
-
-testId=2057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4618]
-
-testId=18441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4619]
-
-testId=10249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4620]
-
-testId=26665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4621]
-
-testId=6153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4622]
-
-testId=22569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4623]
-
-testId=14393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4624]
-
-testId=30761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4625]
-
-testId=1049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4626]
-
-testId=17465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4627]
-
-testId=9257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4628]
-
-testId=25641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4629]
-
-testId=5145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4630]
-
-testId=21529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4631]
-
-testId=13369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4632]
-
-testId=29753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4633]
-
-testId=3113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4634]
-
-testId=19513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4635]
-
-testId=11273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4636]
-
-testId=27689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4637]
-
-testId=7177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4638]
-
-testId=23577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4639]
-
-testId=15417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4640]
-
-testId=31785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4641]
-
-testId=521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4642]
-
-testId=16953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4643]
-
-testId=8761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4644]
-
-testId=25113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4645]
-
-testId=4665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4646]
-
-testId=21001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4647]
-
-testId=12825
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4648]
-
-testId=29225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4649]
-
-testId=2601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4650]
-
-testId=18953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4651]
-
-testId=10809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4652]
-
-testId=27193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4653]
-
-testId=6665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4654]
-
-testId=23081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4655]
-
-testId=14889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4656]
-
-testId=31273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4657]
-
-testId=1545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4658]
-
-testId=17961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4659]
-
-testId=9753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4660]
-
-testId=26153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4661]
-
-testId=5657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4662]
-
-testId=22073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4663]
-
-testId=13865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4664]
-
-testId=30217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4665]
-
-testId=3593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4666]
-
-testId=19977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4667]
-
-testId=11801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4668]
-
-testId=28217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4669]
-
-testId=7737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4670]
-
-testId=24121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4671]
-
-testId=15881
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4672]
-
-testId=32313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4673]
-
-testId=265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4674]
-
-testId=16649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4675]
-
-testId=8505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4676]
-
-testId=24857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4677]
-
-testId=4409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4678]
-
-testId=20793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4679]
-
-testId=12569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4680]
-
-testId=28969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4681]
-
-testId=2361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4682]
-
-testId=18729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4683]
-
-testId=10505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4684]
-
-testId=26889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4685]
-
-testId=6441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4686]
-
-testId=22793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4687]
-
-testId=14601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4688]
-
-testId=31017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4689]
-
-testId=1289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4690]
-
-testId=17689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4691]
-
-testId=9481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4692]
-
-testId=25865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4693]
-
-testId=5433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4694]
-
-testId=21817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4695]
-
-testId=13625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4696]
-
-testId=30009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4697]
-
-testId=3353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4698]
-
-testId=19737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4699]
-
-testId=11577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4700]
-
-testId=27961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4701]
-
-testId=7465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4702]
-
-testId=23849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4703]
-
-testId=15625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4704]
-
-testId=32009
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4705]
-
-testId=777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4706]
-
-testId=17161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4707]
-
-testId=9017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4708]
-
-testId=25401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4709]
-
-testId=4889
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4710]
-
-testId=21273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4711]
-
-testId=13065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4712]
-
-testId=29449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4713]
-
-testId=2873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4714]
-
-testId=19241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4715]
-
-testId=11033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4716]
-
-testId=27417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4717]
-
-testId=6921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4718]
-
-testId=23305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4719]
-
-testId=15113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4720]
-
-testId=31497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4721]
-
-testId=1817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4722]
-
-testId=18201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4723]
-
-testId=10025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4724]
-
-testId=26393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4725]
-
-testId=5945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4726]
-
-testId=22313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4727]
-
-testId=14137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4728]
-
-testId=30505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4729]
-
-testId=3865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4730]
-
-testId=20249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4731]
-
-testId=12041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4732]
-
-testId=28473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4733]
-
-testId=7961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4734]
-
-testId=24345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4735]
-
-testId=16169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4736]
-
-testId=32553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4737]
-
-testId=137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4738]
-
-testId=16521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4739]
-
-testId=8329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4740]
-
-testId=24745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4741]
-
-testId=4249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4742]
-
-testId=20649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4743]
-
-testId=12425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4744]
-
-testId=28841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4745]
-
-testId=2185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4746]
-
-testId=18569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4747]
-
-testId=10393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4748]
-
-testId=26793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4749]
-
-testId=6313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4750]
-
-testId=22713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4751]
-
-testId=14521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4752]
-
-testId=30857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4753]
-
-testId=1193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4754]
-
-testId=17577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4755]
-
-testId=9385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4756]
-
-testId=25753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4757]
-
-testId=5289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4758]
-
-testId=21689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4759]
-
-testId=13449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4760]
-
-testId=29849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4761]
-
-testId=3257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4762]
-
-testId=19641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4763]
-
-testId=11401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4764]
-
-testId=27833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4765]
-
-testId=7305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4766]
-
-testId=23689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4767]
-
-testId=15497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4768]
-
-testId=31897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4769]
-
-testId=697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4770]
-
-testId=17033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4771]
-
-testId=8857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4772]
-
-testId=25257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4773]
-
-testId=4777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4774]
-
-testId=21129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4775]
-
-testId=12937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4776]
-
-testId=29337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4777]
-
-testId=2713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4778]
-
-testId=19081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4779]
-
-testId=10905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4780]
-
-testId=27305
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4781]
-
-testId=6793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4782]
-
-testId=23177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4783]
-
-testId=14985
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4784]
-
-testId=31417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4785]
-
-testId=1673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4786]
-
-testId=18089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4787]
-
-testId=9913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4788]
-
-testId=26281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4789]
-
-testId=5801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4790]
-
-testId=22153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4791]
-
-testId=13993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4792]
-
-testId=30345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4793]
-
-testId=3753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4794]
-
-testId=20121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4795]
-
-testId=11929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4796]
-
-testId=28329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4797]
-
-testId=7865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4798]
-
-testId=24249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4799]
-
-testId=16057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4800]
-
-testId=32409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4801]
-
-testId=441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4802]
-
-testId=16793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4803]
-
-testId=8617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4804]
-
-testId=25017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4805]
-
-testId=4489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4806]
-
-testId=20873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4807]
-
-testId=12713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4808]
-
-testId=29065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4809]
-
-testId=2489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4810]
-
-testId=18857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4811]
-
-testId=10665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4812]
-
-testId=27049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4813]
-
-testId=6585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4814]
-
-testId=22953
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4815]
-
-testId=14777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4816]
-
-testId=31113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4817]
-
-testId=1417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4818]
-
-testId=17849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4819]
-
-testId=9625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4820]
-
-testId=26041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4821]
-
-testId=5529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4822]
-
-testId=21945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4823]
-
-testId=13721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4824]
-
-testId=30121
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4825]
-
-testId=3481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4826]
-
-testId=19865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4827]
-
-testId=11689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4828]
-
-testId=28057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4829]
-
-testId=7593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4830]
-
-testId=23993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4831]
-
-testId=15753
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4832]
-
-testId=32185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4833]
-
-testId=921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4834]
-
-testId=17321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4835]
-
-testId=9113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4836]
-
-testId=25529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4837]
-
-testId=5017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4838]
-
-testId=21385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4839]
-
-testId=13241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4840]
-
-testId=29625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4841]
-
-testId=3001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4842]
-
-testId=19385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4843]
-
-testId=11161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4844]
-
-testId=27561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4845]
-
-testId=7097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4846]
-
-testId=23433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4847]
-
-testId=15241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4848]
-
-testId=31641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4849]
-
-testId=1977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4850]
-
-testId=18345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4851]
-
-testId=10153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4852]
-
-testId=26537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4853]
-
-testId=6073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4854]
-
-testId=22409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4855]
-
-testId=14265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4856]
-
-testId=30601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4857]
-
-testId=4025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4858]
-
-testId=20409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4859]
-
-testId=12217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4860]
-
-testId=28553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4861]
-
-testId=8089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4862]
-
-testId=24489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4863]
-
-testId=16313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4864]
-
-testId=32665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4865]
-
-testId=73
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4866]
-
-testId=16489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4867]
-
-testId=8281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4868]
-
-testId=24665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4869]
-
-testId=4201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4870]
-
-testId=20601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4871]
-
-testId=12393
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4872]
-
-testId=28745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4873]
-
-testId=2169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4874]
-
-testId=18553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4875]
-
-testId=10313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4876]
-
-testId=26729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4877]
-
-testId=6249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4878]
-
-testId=22617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4879]
-
-testId=14425
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4880]
-
-testId=30793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4881]
-
-testId=1097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4882]
-
-testId=17513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4883]
-
-testId=9321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4884]
-
-testId=25689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4885]
-
-testId=5225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4886]
-
-testId=21577
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4887]
-
-testId=13401
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4888]
-
-testId=29817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4889]
-
-testId=3145
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4890]
-
-testId=19561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4891]
-
-testId=11385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4892]
-
-testId=27769
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4893]
-
-testId=7289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4894]
-
-testId=23657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4895]
-
-testId=15433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4896]
-
-testId=31849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4897]
-
-testId=617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4898]
-
-testId=16969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4899]
-
-testId=8793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4900]
-
-testId=25193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4901]
-
-testId=4713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4902]
-
-testId=21065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4903]
-
-testId=12905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4904]
-
-testId=29257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4905]
-
-testId=2665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4906]
-
-testId=19065
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4907]
-
-testId=10873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4908]
-
-testId=27257
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4909]
-
-testId=6729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4910]
-
-testId=23113
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4911]
-
-testId=14921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4912]
-
-testId=31353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4913]
-
-testId=1625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4914]
-
-testId=18025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4915]
-
-testId=9849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4916]
-
-testId=26185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4917]
-
-testId=5737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4918]
-
-testId=22089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4919]
-
-testId=13945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4920]
-
-testId=30329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4921]
-
-testId=3705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4922]
-
-testId=20057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4923]
-
-testId=11897
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4924]
-
-testId=28281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4925]
-
-testId=7801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4926]
-
-testId=24169
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4927]
-
-testId=15993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4928]
-
-testId=32345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4929]
-
-testId=329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4930]
-
-testId=16761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4931]
-
-testId=8537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4932]
-
-testId=24905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4933]
-
-testId=4457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4934]
-
-testId=20841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4935]
-
-testId=12633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4936]
-
-testId=29017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4937]
-
-testId=2409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4938]
-
-testId=18777
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4939]
-
-testId=10601
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4940]
-
-testId=26969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4941]
-
-testId=6505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4942]
-
-testId=22873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4943]
-
-testId=14713
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4944]
-
-testId=31097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4945]
-
-testId=1353
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4946]
-
-testId=17785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4947]
-
-testId=9593
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4948]
-
-testId=25961
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4949]
-
-testId=5497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4950]
-
-testId=21849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4951]
-
-testId=13657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4952]
-
-testId=30041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4953]
-
-testId=3433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4954]
-
-testId=19801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4955]
-
-testId=11625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4956]
-
-testId=27977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4957]
-
-testId=7529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4958]
-
-testId=23913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4959]
-
-testId=15705
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4960]
-
-testId=32089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4961]
-
-testId=873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4962]
-
-testId=17273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4963]
-
-testId=9081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4964]
-
-testId=25433
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4965]
-
-testId=4969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4966]
-
-testId=21337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4967]
-
-testId=13177
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4968]
-
-testId=29561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4969]
-
-testId=2937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4970]
-
-testId=19289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4971]
-
-testId=11129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4972]
-
-testId=27465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4973]
-
-testId=7001
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4974]
-
-testId=23369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4975]
-
-testId=15209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4976]
-
-testId=31609
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4977]
-
-testId=1865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4978]
-
-testId=18249
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4979]
-
-testId=10089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4980]
-
-testId=26457
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4981]
-
-testId=5993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4982]
-
-testId=22361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4983]
-
-testId=14201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4984]
-
-testId=30537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4985]
-
-testId=3929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4986]
-
-testId=20313
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4987]
-
-testId=12137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4988]
-
-testId=28537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4989]
-
-testId=8057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4990]
-
-testId=24441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4991]
-
-testId=16201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4992]
-
-testId=32633
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4993]
-
-testId=201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4994]
-
-testId=16617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4995]
-
-testId=8409
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4996]
-
-testId=24793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4997]
-
-testId=4297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4998]
-
-testId=20729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-4999]
-
-testId=12505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5000]
-
-testId=28873
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5001]
-
-testId=2297
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5002]
-
-testId=18665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5003]
-
-testId=10489
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5004]
-
-testId=26841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5005]
-
-testId=6345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5006]
-
-testId=22761
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5007]
-
-testId=14537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5008]
-
-testId=30921
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5009]
-
-testId=1241
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5010]
-
-testId=17657
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5011]
-
-testId=9465
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5012]
-
-testId=25817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5013]
-
-testId=5337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5014]
-
-testId=21721
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5015]
-
-testId=13529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5016]
-
-testId=29913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5017]
-
-testId=3273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5018]
-
-testId=19689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5019]
-
-testId=11481
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5020]
-
-testId=27865
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5021]
-
-testId=7385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5022]
-
-testId=23785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5023]
-
-testId=15561
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5024]
-
-testId=31945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5025]
-
-testId=745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5026]
-
-testId=17129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5027]
-
-testId=8937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5028]
-
-testId=25321
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5029]
-
-testId=4857
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5030]
-
-testId=21225
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5031]
-
-testId=13049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5032]
-
-testId=29385
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5033]
-
-testId=2793
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5034]
-
-testId=19193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5035]
-
-testId=10969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5036]
-
-testId=27337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5037]
-
-testId=6905
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5038]
-
-testId=23273
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5039]
-
-testId=15081
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5040]
-
-testId=31449
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5041]
-
-testId=1785
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5042]
-
-testId=18153
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5043]
-
-testId=9977
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5044]
-
-testId=26329
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5045]
-
-testId=5833
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5046]
-
-testId=22217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5047]
-
-testId=14073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5048]
-
-testId=30441
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5049]
-
-testId=3817
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5050]
-
-testId=20217
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5051]
-
-testId=12025
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5052]
-
-testId=28361
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5053]
-
-testId=7929
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5054]
-
-testId=24265
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5055]
-
-testId=16089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5056]
-
-testId=32505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5057]
-
-testId=505
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5058]
-
-testId=16841
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5059]
-
-testId=8665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5060]
-
-testId=25049
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5061]
-
-testId=4569
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5062]
-
-testId=20937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5063]
-
-testId=12745
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5064]
-
-testId=29129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5065]
-
-testId=2537
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5066]
-
-testId=18937
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5067]
-
-testId=10697
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5068]
-
-testId=27097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5069]
-
-testId=6617
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5070]
-
-testId=23033
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5071]
-
-testId=14809
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5072]
-
-testId=31193
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5073]
-
-testId=1513
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5074]
-
-testId=17913
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5075]
-
-testId=9673
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5076]
-
-testId=26057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5077]
-
-testId=5625
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5078]
-
-testId=21993
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5079]
-
-testId=13801
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5080]
-
-testId=30201
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5081]
-
-testId=3545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5082]
-
-testId=19945
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5083]
-
-testId=11737
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5084]
-
-testId=28105
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5085]
-
-testId=7641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5086]
-
-testId=24057
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5087]
-
-testId=15849
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5088]
-
-testId=32233
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5089]
-
-testId=969
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5090]
-
-testId=17369
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5091]
-
-testId=9161
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5092]
-
-testId=25545
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5093]
-
-testId=5097
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5094]
-
-testId=21497
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5095]
-
-testId=13289
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5096]
-
-testId=29641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5097]
-
-testId=3017
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5098]
-
-testId=19417
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5099]
-
-testId=11209
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5100]
-
-testId=27641
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5101]
-
-testId=7129
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5102]
-
-testId=23529
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5103]
-
-testId=15337
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5104]
-
-testId=31689
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5105]
-
-testId=2041
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5106]
-
-testId=18377
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5107]
-
-testId=10185
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5108]
-
-testId=26585
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5109]
-
-testId=6089
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5110]
-
-testId=22521
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5111]
-
-testId=14281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5112]
-
-testId=30665
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5113]
-
-testId=4073
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5114]
-
-testId=20473
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5115]
-
-testId=12281
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5116]
-
-testId=28649
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5117]
-
-testId=8137
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5118]
-
-testId=24553
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5119]
-
-testId=16345
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5120]
-
-testId=32729
-testname=ClientCert_one ServerCert_one ExportPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5121]
-
-testId=53
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5122]
-
-testId=16437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5123]
-
-testId=8197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5124]
-
-testId=24613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5125]
-
-testId=4133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5126]
-
-testId=20501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5127]
-
-testId=12309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5128]
-
-testId=28693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5129]
-
-testId=2053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5130]
-
-testId=18437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5131]
-
-testId=10277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5132]
-
-testId=26677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5133]
-
-testId=6165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5134]
-
-testId=22581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5135]
-
-testId=14389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5136]
-
-testId=30773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5137]
-
-testId=1077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5138]
-
-testId=17429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5139]
-
-testId=9269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5140]
-
-testId=25637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5141]
-
-testId=5141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5142]
-
-testId=21509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5143]
-
-testId=13317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5144]
-
-testId=29701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5145]
-
-testId=3125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5146]
-
-testId=19477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5147]
-
-testId=11285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5148]
-
-testId=27685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5149]
-
-testId=7205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5150]
-
-testId=23605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5151]
-
-testId=15413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5152]
-
-testId=31765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5153]
-
-testId=533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5154]
-
-testId=16901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5155]
-
-testId=8709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5156]
-
-testId=25141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5157]
-
-testId=4629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5158]
-
-testId=21029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5159]
-
-testId=12805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5160]
-
-testId=29237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5161]
-
-testId=2613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5162]
-
-testId=18949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5163]
-
-testId=10805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5164]
-
-testId=27141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5165]
-
-testId=6677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5166]
-
-testId=23093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5167]
-
-testId=14885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5168]
-
-testId=31237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5169]
-
-testId=1541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5170]
-
-testId=17925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5171]
-
-testId=9781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5172]
-
-testId=26117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5173]
-
-testId=5637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5174]
-
-testId=22069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5175]
-
-testId=13829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5176]
-
-testId=30229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5177]
-
-testId=3589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5178]
-
-testId=19989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5179]
-
-testId=11797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5180]
-
-testId=28181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5181]
-
-testId=7733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5182]
-
-testId=24101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5183]
-
-testId=15893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5184]
-
-testId=32261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5185]
-
-testId=261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5186]
-
-testId=16661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5187]
-
-testId=8453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5188]
-
-testId=24837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5189]
-
-testId=4373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5190]
-
-testId=20789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5191]
-
-testId=12549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5192]
-
-testId=28933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5193]
-
-testId=2325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5194]
-
-testId=18725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5195]
-
-testId=10517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5196]
-
-testId=26933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5197]
-
-testId=6421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5198]
-
-testId=22789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5199]
-
-testId=14613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5200]
-
-testId=31013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5201]
-
-testId=1285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5202]
-
-testId=17717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5203]
-
-testId=9493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5204]
-
-testId=25893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5205]
-
-testId=5413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5206]
-
-testId=21781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5207]
-
-testId=13605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5208]
-
-testId=29989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5209]
-
-testId=3333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5210]
-
-testId=19765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5211]
-
-testId=11573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5212]
-
-testId=27909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5213]
-
-testId=7429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5214]
-
-testId=23845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5215]
-
-testId=15637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5216]
-
-testId=32037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5217]
-
-testId=805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5218]
-
-testId=17173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5219]
-
-testId=8997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5220]
-
-testId=25397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5221]
-
-testId=4901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5222]
-
-testId=21301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5223]
-
-testId=13061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5224]
-
-testId=29477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5225]
-
-testId=2837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5226]
-
-testId=19237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5227]
-
-testId=11045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5228]
-
-testId=27397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5229]
-
-testId=6965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5230]
-
-testId=23333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5231]
-
-testId=15125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5232]
-
-testId=31509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5233]
-
-testId=1797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5234]
-
-testId=18213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5235]
-
-testId=10005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5236]
-
-testId=26421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5237]
-
-testId=5909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5238]
-
-testId=22309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5239]
-
-testId=14117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5240]
-
-testId=30501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5241]
-
-testId=3861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5242]
-
-testId=20229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5243]
-
-testId=12053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5244]
-
-testId=28453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5245]
-
-testId=7973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5246]
-
-testId=24325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5247]
-
-testId=16133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5248]
-
-testId=32517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5249]
-
-testId=165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5250]
-
-testId=16533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5251]
-
-testId=8341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5252]
-
-testId=24757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5253]
-
-testId=4277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5254]
-
-testId=20613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5255]
-
-testId=12469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5256]
-
-testId=28837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5257]
-
-testId=2213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5258]
-
-testId=18581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5259]
-
-testId=10421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5260]
-
-testId=26773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5261]
-
-testId=6277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5262]
-
-testId=22693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5263]
-
-testId=14517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5264]
-
-testId=30869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5265]
-
-testId=1157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5266]
-
-testId=17589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5267]
-
-testId=9349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5268]
-
-testId=25749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5269]
-
-testId=5301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5270]
-
-testId=21653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5271]
-
-testId=13445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5272]
-
-testId=29845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5273]
-
-testId=3253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5274]
-
-testId=19589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5275]
-
-testId=11445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5276]
-
-testId=27813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5277]
-
-testId=7301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5278]
-
-testId=23701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5279]
-
-testId=15541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5280]
-
-testId=31877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5281]
-
-testId=693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5282]
-
-testId=17061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5283]
-
-testId=8885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5284]
-
-testId=25221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5285]
-
-testId=4789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5286]
-
-testId=21173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5287]
-
-testId=12933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5288]
-
-testId=29333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5289]
-
-testId=2741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5290]
-
-testId=19125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5291]
-
-testId=10885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5292]
-
-testId=27269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5293]
-
-testId=6821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5294]
-
-testId=23189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5295]
-
-testId=15029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5296]
-
-testId=31413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5297]
-
-testId=1669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5298]
-
-testId=18053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5299]
-
-testId=9893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5300]
-
-testId=26245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5301]
-
-testId=5781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5302]
-
-testId=22181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5303]
-
-testId=13989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5304]
-
-testId=30357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5305]
-
-testId=3733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5306]
-
-testId=20117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5307]
-
-testId=11925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5308]
-
-testId=28341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5309]
-
-testId=7829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5310]
-
-testId=24245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5311]
-
-testId=16037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5312]
-
-testId=32389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5313]
-
-testId=421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5314]
-
-testId=16805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5315]
-
-testId=8597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5316]
-
-testId=24981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5317]
-
-testId=4517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5318]
-
-testId=20885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5319]
-
-testId=12693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5320]
-
-testId=29061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5321]
-
-testId=2453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5322]
-
-testId=18837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5323]
-
-testId=10645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5324]
-
-testId=27045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5325]
-
-testId=6533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5326]
-
-testId=22933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5327]
-
-testId=14773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5328]
-
-testId=31125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5329]
-
-testId=1445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5330]
-
-testId=17813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5331]
-
-testId=9621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5332]
-
-testId=26005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5333]
-
-testId=5525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5334]
-
-testId=21925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5335]
-
-testId=13749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5336]
-
-testId=30133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5337]
-
-testId=3461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5338]
-
-testId=19845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5339]
-
-testId=11701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5340]
-
-testId=28085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5341]
-
-testId=7605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5342]
-
-testId=23957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5343]
-
-testId=15749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5344]
-
-testId=32149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5345]
-
-testId=901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5346]
-
-testId=17301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5347]
-
-testId=9109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5348]
-
-testId=25509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5349]
-
-testId=5029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5350]
-
-testId=21429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5351]
-
-testId=13205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5352]
-
-testId=29573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5353]
-
-testId=2997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5354]
-
-testId=19349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5355]
-
-testId=11141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5356]
-
-testId=27573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5357]
-
-testId=7093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5358]
-
-testId=23445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5359]
-
-testId=15285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5360]
-
-testId=31653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5361]
-
-testId=1941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5362]
-
-testId=18325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5363]
-
-testId=10149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5364]
-
-testId=26517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5365]
-
-testId=6069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5366]
-
-testId=22421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5367]
-
-testId=14245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5368]
-
-testId=30629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5369]
-
-testId=3989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5370]
-
-testId=20389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5371]
-
-testId=12213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5372]
-
-testId=28565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5373]
-
-testId=8085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5374]
-
-testId=24485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5375]
-
-testId=16293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5376]
-
-testId=32645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5377]
-
-testId=117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5378]
-
-testId=16501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5379]
-
-testId=8293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5380]
-
-testId=24645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5381]
-
-testId=4181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5382]
-
-testId=20549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5383]
-
-testId=12405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5384]
-
-testId=28741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5385]
-
-testId=2117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5386]
-
-testId=18501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5387]
-
-testId=10341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5388]
-
-testId=26725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5389]
-
-testId=6245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5390]
-
-testId=22597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5391]
-
-testId=14453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5392]
-
-testId=30805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5393]
-
-testId=1109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5394]
-
-testId=17509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5395]
-
-testId=9333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5396]
-
-testId=25685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5397]
-
-testId=5205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5398]
-
-testId=21605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5399]
-
-testId=13429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5400]
-
-testId=29765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5401]
-
-testId=3157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5402]
-
-testId=19525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5403]
-
-testId=11365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5404]
-
-testId=27765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5405]
-
-testId=7237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5406]
-
-testId=23621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5407]
-
-testId=15477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5408]
-
-testId=31861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5409]
-
-testId=581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5410]
-
-testId=16981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5411]
-
-testId=8805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5412]
-
-testId=25157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5413]
-
-testId=4725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5414]
-
-testId=21109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5415]
-
-testId=12901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5416]
-
-testId=29253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5417]
-
-testId=2645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5418]
-
-testId=19029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5419]
-
-testId=10869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5420]
-
-testId=27253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5421]
-
-testId=6757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5422]
-
-testId=23157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5423]
-
-testId=14949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5424]
-
-testId=31301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5425]
-
-testId=1637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5426]
-
-testId=18037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5427]
-
-testId=9813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5428]
-
-testId=26213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5429]
-
-testId=5733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5430]
-
-testId=22101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5431]
-
-testId=13925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5432]
-
-testId=30325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5433]
-
-testId=3701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5434]
-
-testId=20037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5435]
-
-testId=11845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5436]
-
-testId=28245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5437]
-
-testId=7797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5438]
-
-testId=24149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5439]
-
-testId=15989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5440]
-
-testId=32373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5441]
-
-testId=373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5442]
-
-testId=16709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5443]
-
-testId=8549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5444]
-
-testId=24901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5445]
-
-testId=4421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5446]
-
-testId=20837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5447]
-
-testId=12645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5448]
-
-testId=29029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5449]
-
-testId=2405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5450]
-
-testId=18773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5451]
-
-testId=10565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5452]
-
-testId=26997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5453]
-
-testId=6485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5454]
-
-testId=22853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5455]
-
-testId=14693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5456]
-
-testId=31061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5457]
-
-testId=1381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5458]
-
-testId=17733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5459]
-
-testId=9557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5460]
-
-testId=25941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5461]
-
-testId=5477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5462]
-
-testId=21861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5463]
-
-testId=13669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5464]
-
-testId=30037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5465]
-
-testId=3445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5466]
-
-testId=19781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5467]
-
-testId=11637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5468]
-
-testId=28005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5469]
-
-testId=7509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5470]
-
-testId=23909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5471]
-
-testId=15717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5472]
-
-testId=32117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5473]
-
-testId=869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5474]
-
-testId=17237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5475]
-
-testId=9029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5476]
-
-testId=25413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5477]
-
-testId=4965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5478]
-
-testId=21365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5479]
-
-testId=13157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5480]
-
-testId=29541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5481]
-
-testId=2885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5482]
-
-testId=19285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5483]
-
-testId=11077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5484]
-
-testId=27493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5485]
-
-testId=6981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5486]
-
-testId=23381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5487]
-
-testId=15205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5488]
-
-testId=31557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5489]
-
-testId=1909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5490]
-
-testId=18245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5491]
-
-testId=10069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5492]
-
-testId=26469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5493]
-
-testId=6005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5494]
-
-testId=22357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5495]
-
-testId=14181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5496]
-
-testId=30549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5497]
-
-testId=3941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5498]
-
-testId=20341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5499]
-
-testId=12117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5500]
-
-testId=28533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5501]
-
-testId=8053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5502]
-
-testId=24405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5503]
-
-testId=16213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5504]
-
-testId=32581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5505]
-
-testId=213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5506]
-
-testId=16581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5507]
-
-testId=8437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5508]
-
-testId=24773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5509]
-
-testId=4325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5510]
-
-testId=20709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5511]
-
-testId=12485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5512]
-
-testId=28901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5513]
-
-testId=2293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5514]
-
-testId=18629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5515]
-
-testId=10469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5516]
-
-testId=26853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5517]
-
-testId=6357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5518]
-
-testId=22741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5519]
-
-testId=14533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5520]
-
-testId=30917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5521]
-
-testId=1269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5522]
-
-testId=17621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5523]
-
-testId=9413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5524]
-
-testId=25845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5525]
-
-testId=5365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5526]
-
-testId=21749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5527]
-
-testId=13509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5528]
-
-testId=29909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5529]
-
-testId=3301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5530]
-
-testId=19669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5531]
-
-testId=11509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5532]
-
-testId=27877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5533]
-
-testId=7381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5534]
-
-testId=23749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5535]
-
-testId=15605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5536]
-
-testId=31957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5537]
-
-testId=757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5538]
-
-testId=17125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5539]
-
-testId=8901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5540]
-
-testId=25333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5541]
-
-testId=4805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5542]
-
-testId=21189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5543]
-
-testId=13045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5544]
-
-testId=29381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5545]
-
-testId=2773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5546]
-
-testId=19173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5547]
-
-testId=10981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5548]
-
-testId=27365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5549]
-
-testId=6869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5550]
-
-testId=23253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5551]
-
-testId=15077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5552]
-
-testId=31429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5553]
-
-testId=1765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5554]
-
-testId=18165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5555]
-
-testId=9973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5556]
-
-testId=26341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5557]
-
-testId=5845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5558]
-
-testId=22229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5559]
-
-testId=14053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5560]
-
-testId=30453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5561]
-
-testId=3797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5562]
-
-testId=20213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5563]
-
-testId=12005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5564]
-
-testId=28389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5565]
-
-testId=7925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5566]
-
-testId=24309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5567]
-
-testId=16101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5568]
-
-testId=32469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5569]
-
-testId=485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5570]
-
-testId=16885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5571]
-
-testId=8661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5572]
-
-testId=25045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5573]
-
-testId=4581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5574]
-
-testId=20933
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5575]
-
-testId=12757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5576]
-
-testId=29125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5577]
-
-testId=2517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5578]
-
-testId=18901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5579]
-
-testId=10725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5580]
-
-testId=27077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5581]
-
-testId=6613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5582]
-
-testId=23013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5583]
-
-testId=14837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5584]
-
-testId=31189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5585]
-
-testId=1493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5586]
-
-testId=17893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5587]
-
-testId=9701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5588]
-
-testId=26053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5589]
-
-testId=5605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5590]
-
-testId=21957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5591]
-
-testId=13813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5592]
-
-testId=30197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5593]
-
-testId=3541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5594]
-
-testId=19909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5595]
-
-testId=11749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5596]
-
-testId=28117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5597]
-
-testId=7637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5598]
-
-testId=24005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5599]
-
-testId=15829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5600]
-
-testId=32213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5601]
-
-testId=997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5602]
-
-testId=17397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5603]
-
-testId=9189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5604]
-
-testId=25573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5605]
-
-testId=5077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5606]
-
-testId=21461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5607]
-
-testId=13301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5608]
-
-testId=29669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5609]
-
-testId=3045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5610]
-
-testId=19445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5611]
-
-testId=11221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5612]
-
-testId=27589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5613]
-
-testId=7157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5614]
-
-testId=23509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5615]
-
-testId=15317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5616]
-
-testId=31685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5617]
-
-testId=2021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5618]
-
-testId=18405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5619]
-
-testId=10229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5620]
-
-testId=26613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5621]
-
-testId=6117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5622]
-
-testId=22469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5623]
-
-testId=14325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5624]
-
-testId=30677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5625]
-
-testId=4037
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5626]
-
-testId=20421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5627]
-
-testId=12245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5628]
-
-testId=28661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5629]
-
-testId=8165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5630]
-
-testId=24533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5631]
-
-testId=16325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5632]
-
-testId=32757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5633]
-
-testId=61
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5634]
-
-testId=16445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5635]
-
-testId=8237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5636]
-
-testId=24605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5637]
-
-testId=4141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5638]
-
-testId=20493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5639]
-
-testId=12317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5640]
-
-testId=28701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5641]
-
-testId=2061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5642]
-
-testId=18477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5643]
-
-testId=10269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5644]
-
-testId=26669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5645]
-
-testId=6205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5646]
-
-testId=22573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5647]
-
-testId=14397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5648]
-
-testId=30765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5649]
-
-testId=1053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5650]
-
-testId=17421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5651]
-
-testId=9261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5652]
-
-testId=25629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5653]
-
-testId=5165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5654]
-
-testId=21533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5655]
-
-testId=13357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5656]
-
-testId=29741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5657]
-
-testId=3101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5658]
-
-testId=19485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5659]
-
-testId=11325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5660]
-
-testId=27693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5661]
-
-testId=7229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5662]
-
-testId=23565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5663]
-
-testId=15373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5664]
-
-testId=31805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5665]
-
-testId=525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5666]
-
-testId=16957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5667]
-
-testId=8765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5668]
-
-testId=25133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5669]
-
-testId=4653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5670]
-
-testId=21053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5671]
-
-testId=12829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5672]
-
-testId=29213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5673]
-
-testId=2621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5674]
-
-testId=19005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5675]
-
-testId=10765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5676]
-
-testId=27197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5677]
-
-testId=6685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5678]
-
-testId=23053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5679]
-
-testId=14861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5680]
-
-testId=31277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5681]
-
-testId=1597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5682]
-
-testId=17949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5683]
-
-testId=9773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5684]
-
-testId=26157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5685]
-
-testId=5693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5686]
-
-testId=22045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5687]
-
-testId=13853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5688]
-
-testId=30237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5689]
-
-testId=3613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5690]
-
-testId=20029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5691]
-
-testId=11821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5692]
-
-testId=28189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5693]
-
-testId=7725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5694]
-
-testId=24125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5695]
-
-testId=15885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5696]
-
-testId=32301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5697]
-
-testId=269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5698]
-
-testId=16685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5699]
-
-testId=8509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5700]
-
-testId=24877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5701]
-
-testId=4397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5702]
-
-testId=20765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5703]
-
-testId=12573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5704]
-
-testId=28973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5705]
-
-testId=2349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5706]
-
-testId=18701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5707]
-
-testId=10509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5708]
-
-testId=26925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5709]
-
-testId=6413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5710]
-
-testId=22797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5711]
-
-testId=14605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5712]
-
-testId=30989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5713]
-
-testId=1293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5714]
-
-testId=17725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5715]
-
-testId=9501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5716]
-
-testId=25901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5717]
-
-testId=5389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5718]
-
-testId=21789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5719]
-
-testId=13613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5720]
-
-testId=29981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5721]
-
-testId=3341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5722]
-
-testId=19757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5723]
-
-testId=11549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5724]
-
-testId=27949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5725]
-
-testId=7485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5726]
-
-testId=23837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5727]
-
-testId=15677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5728]
-
-testId=32045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5729]
-
-testId=829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5730]
-
-testId=17181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5731]
-
-testId=9005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5732]
-
-testId=25373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5733]
-
-testId=4877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5734]
-
-testId=21293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5735]
-
-testId=13069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5736]
-
-testId=29469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5737]
-
-testId=2877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5738]
-
-testId=19213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5739]
-
-testId=11069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5740]
-
-testId=27437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5741]
-
-testId=6925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5742]
-
-testId=23341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5743]
-
-testId=15117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5744]
-
-testId=31533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5745]
-
-testId=1821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5746]
-
-testId=18205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5747]
-
-testId=10029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5748]
-
-testId=26429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5749]
-
-testId=5949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5750]
-
-testId=22285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5751]
-
-testId=14125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5752]
-
-testId=30509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5753]
-
-testId=3869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5754]
-
-testId=20285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5755]
-
-testId=12093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5756]
-
-testId=28461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5757]
-
-testId=7997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5758]
-
-testId=24365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5759]
-
-testId=16141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5760]
-
-testId=32525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5761]
-
-testId=141
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5762]
-
-testId=16573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5763]
-
-testId=8365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5764]
-
-testId=24749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5765]
-
-testId=4253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5766]
-
-testId=20669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5767]
-
-testId=12429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5768]
-
-testId=28845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5769]
-
-testId=2237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5770]
-
-testId=18589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5771]
-
-testId=10381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5772]
-
-testId=26813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5773]
-
-testId=6333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5774]
-
-testId=22669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5775]
-
-testId=14509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5776]
-
-testId=30877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5777]
-
-testId=1197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5778]
-
-testId=17597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5779]
-
-testId=9405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5780]
-
-testId=25757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5781]
-
-testId=5309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5782]
-
-testId=21661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5783]
-
-testId=13453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5784]
-
-testId=29853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5785]
-
-testId=3213
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5786]
-
-testId=19629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5787]
-
-testId=11405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5788]
-
-testId=27805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5789]
-
-testId=7325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5790]
-
-testId=23741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5791]
-
-testId=15533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5792]
-
-testId=31901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5793]
-
-testId=653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5794]
-
-testId=17085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5795]
-
-testId=8845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5796]
-
-testId=25229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5797]
-
-testId=4797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5798]
-
-testId=21133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5799]
-
-testId=12989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5800]
-
-testId=29341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5801]
-
-testId=2717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5802]
-
-testId=19101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5803]
-
-testId=10925
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5804]
-
-testId=27309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5805]
-
-testId=6845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5806]
-
-testId=23229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5807]
-
-testId=15021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5808]
-
-testId=31405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5809]
-
-testId=1693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5810]
-
-testId=18093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5811]
-
-testId=9869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5812]
-
-testId=26269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5813]
-
-testId=5821
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5814]
-
-testId=22157
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5815]
-
-testId=13997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5816]
-
-testId=30381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5817]
-
-testId=3725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5818]
-
-testId=20109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5819]
-
-testId=11965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5820]
-
-testId=28301
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5821]
-
-testId=7869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5822]
-
-testId=24221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5823]
-
-testId=16045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5824]
-
-testId=32429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5825]
-
-testId=413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5826]
-
-testId=16829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5827]
-
-testId=8637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5828]
-
-testId=24973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5829]
-
-testId=4541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5830]
-
-testId=20893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5831]
-
-testId=12717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5832]
-
-testId=29101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5833]
-
-testId=2461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5834]
-
-testId=18861
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5835]
-
-testId=10653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5836]
-
-testId=27021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5837]
-
-testId=6541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5838]
-
-testId=22973
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5839]
-
-testId=14765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5840]
-
-testId=31149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5841]
-
-testId=1469
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5842]
-
-testId=17837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5843]
-
-testId=9613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5844]
-
-testId=26013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5845]
-
-testId=5565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5846]
-
-testId=21917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5847]
-
-testId=13709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5848]
-
-testId=30125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5849]
-
-testId=3517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5850]
-
-testId=19869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5851]
-
-testId=11677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5852]
-
-testId=28093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5853]
-
-testId=7597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5854]
-
-testId=23965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5855]
-
-testId=15805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5856]
-
-testId=32189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5857]
-
-testId=957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5858]
-
-testId=17309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5859]
-
-testId=9117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5860]
-
-testId=25533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5861]
-
-testId=5053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5862]
-
-testId=21421
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5863]
-
-testId=13229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5864]
-
-testId=29613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5865]
-
-testId=2957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5866]
-
-testId=19373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5867]
-
-testId=11181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5868]
-
-testId=27533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5869]
-
-testId=7101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5870]
-
-testId=23437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5871]
-
-testId=15245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5872]
-
-testId=31661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5873]
-
-testId=1949
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5874]
-
-testId=18349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5875]
-
-testId=10173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5876]
-
-testId=26509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5877]
-
-testId=6045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5878]
-
-testId=22461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5879]
-
-testId=14253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5880]
-
-testId=30621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5881]
-
-testId=3997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5882]
-
-testId=20365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5883]
-
-testId=12205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5884]
-
-testId=28605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5885]
-
-testId=8077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5886]
-
-testId=24477
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5887]
-
-testId=16317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5888]
-
-testId=32701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5889]
-
-testId=109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5890]
-
-testId=16493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5891]
-
-testId=8269
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5892]
-
-testId=24685
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5893]
-
-testId=4189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5894]
-
-testId=20557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5895]
-
-testId=12413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5896]
-
-testId=28765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5897]
-
-testId=2125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5898]
-
-testId=18557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5899]
-
-testId=10333
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5900]
-
-testId=26749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5901]
-
-testId=6237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5902]
-
-testId=22621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5903]
-
-testId=14429
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5904]
-
-testId=30845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5905]
-
-testId=1133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5906]
-
-testId=17485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5907]
-
-testId=9341
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5908]
-
-testId=25677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5909]
-
-testId=5229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5910]
-
-testId=21613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5911]
-
-testId=13405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5912]
-
-testId=29805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5913]
-
-testId=3181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5914]
-
-testId=19549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5915]
-
-testId=11357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5916]
-
-testId=27773
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5917]
-
-testId=7277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5918]
-
-testId=23645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5919]
-
-testId=15453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5920]
-
-testId=31853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5921]
-
-testId=637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5922]
-
-testId=17005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5923]
-
-testId=8797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5924]
-
-testId=25181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5925]
-
-testId=4717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5926]
-
-testId=21101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5927]
-
-testId=12909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5928]
-
-testId=29277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5929]
-
-testId=2669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5930]
-
-testId=19021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5931]
-
-testId=10877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5932]
-
-testId=27229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5933]
-
-testId=6733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5934]
-
-testId=23133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5935]
-
-testId=14957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5936]
-
-testId=31357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5937]
-
-testId=1613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5938]
-
-testId=18029
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5939]
-
-testId=9805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5940]
-
-testId=26221
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5941]
-
-testId=5709
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5942]
-
-testId=22109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5943]
-
-testId=13901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5944]
-
-testId=30317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5945]
-
-testId=3693
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5946]
-
-testId=20045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5947]
-
-testId=11885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5948]
-
-testId=28285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5949]
-
-testId=7789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5950]
-
-testId=24173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5951]
-
-testId=15997
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5952]
-
-testId=32365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5953]
-
-testId=365
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5954]
-
-testId=16765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5955]
-
-testId=8557
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5956]
-
-testId=24941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5957]
-
-testId=4461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5958]
-
-testId=20829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5959]
-
-testId=12653
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5960]
-
-testId=29021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5961]
-
-testId=2381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5962]
-
-testId=18765
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5963]
-
-testId=10605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5964]
-
-testId=26957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5965]
-
-testId=6493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5966]
-
-testId=22877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5967]
-
-testId=14701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5968]
-
-testId=31101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5969]
-
-testId=1405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5970]
-
-testId=17789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5971]
-
-testId=9565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5972]
-
-testId=25981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5973]
-
-testId=5453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5974]
-
-testId=21853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5975]
-
-testId=13677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5976]
-
-testId=30077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5977]
-
-testId=3405
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5978]
-
-testId=19837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5979]
-
-testId=11645
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5980]
-
-testId=28013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5981]
-
-testId=7517
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5982]
-
-testId=23901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5983]
-
-testId=15725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5984]
-
-testId=32077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5985]
-
-testId=845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5986]
-
-testId=17261
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5987]
-
-testId=9085
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5988]
-
-testId=25437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5989]
-
-testId=4989
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5990]
-
-testId=21357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5991]
-
-testId=13149
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5992]
-
-testId=29565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5993]
-
-testId=2909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5994]
-
-testId=19325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5995]
-
-testId=11117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5996]
-
-testId=27485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5997]
-
-testId=7021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5998]
-
-testId=23373
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-5999]
-
-testId=15197
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6000]
-
-testId=31613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6001]
-
-testId=1917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6002]
-
-testId=18285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6003]
-
-testId=10093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6004]
-
-testId=26461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6005]
-
-testId=5981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6006]
-
-testId=22349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6007]
-
-testId=14189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6008]
-
-testId=30573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6009]
-
-testId=3965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6010]
-
-testId=20349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6011]
-
-testId=12125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6012]
-
-testId=28509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6013]
-
-testId=8045
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6014]
-
-testId=24413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6015]
-
-testId=16205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6016]
-
-testId=32589
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6017]
-
-testId=205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6018]
-
-testId=16605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6019]
-
-testId=8397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6020]
-
-testId=24797
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6021]
-
-testId=4349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6022]
-
-testId=20717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6023]
-
-testId=12493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6024]
-
-testId=28877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6025]
-
-testId=2253
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6026]
-
-testId=18669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6027]
-
-testId=10493
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6028]
-
-testId=26829
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6029]
-
-testId=6381
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6030]
-
-testId=22749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6031]
-
-testId=14573
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6032]
-
-testId=30941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6033]
-
-testId=1245
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6034]
-
-testId=17629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6035]
-
-testId=9437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6036]
-
-testId=25837
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6037]
-
-testId=5357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6038]
-
-testId=21725
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6039]
-
-testId=13549
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6040]
-
-testId=29901
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6041]
-
-testId=3309
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6042]
-
-testId=19677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6043]
-
-testId=11485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6044]
-
-testId=27869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6045]
-
-testId=7389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6046]
-
-testId=23789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6047]
-
-testId=15597
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6048]
-
-testId=31981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6049]
-
-testId=717
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6050]
-
-testId=17101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6051]
-
-testId=8941
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6052]
-
-testId=25293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6053]
-
-testId=4845
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6054]
-
-testId=21229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6055]
-
-testId=13021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6056]
-
-testId=29389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6057]
-
-testId=2781
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6058]
-
-testId=19165
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6059]
-
-testId=11005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6060]
-
-testId=27389
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6061]
-
-testId=6893
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6062]
-
-testId=23293
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6063]
-
-testId=15069
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6064]
-
-testId=31453
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6065]
-
-testId=1789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6066]
-
-testId=18125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6067]
-
-testId=9965
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6068]
-
-testId=26317
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6069]
-
-testId=5853
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6070]
-
-testId=22237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6071]
-
-testId=14061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6072]
-
-testId=30445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6073]
-
-testId=3789
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6074]
-
-testId=20189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6075]
-
-testId=12013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6076]
-
-testId=28413
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6077]
-
-testId=7885
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6078]
-
-testId=24285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6079]
-
-testId=16125
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6080]
-
-testId=32509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6081]
-
-testId=461
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6082]
-
-testId=16877
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6083]
-
-testId=8701
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6084]
-
-testId=25053
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6085]
-
-testId=4605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6086]
-
-testId=20957
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6087]
-
-testId=12749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6088]
-
-testId=29181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6089]
-
-testId=2525
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6090]
-
-testId=18909
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6091]
-
-testId=10749
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6092]
-
-testId=27101
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6093]
-
-testId=6621
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6094]
-
-testId=23005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6095]
-
-testId=14813
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6096]
-
-testId=31229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6097]
-
-testId=1533
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6098]
-
-testId=17869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6099]
-
-testId=9677
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6100]
-
-testId=26077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6101]
-
-testId=5613
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6102]
-
-testId=21981
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6103]
-
-testId=13805
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6104]
-
-testId=30173
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6105]
-
-testId=3581
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6106]
-
-testId=19917
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6107]
-
-testId=11757
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6108]
-
-testId=28109
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6109]
-
-testId=7629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6110]
-
-testId=24061
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6111]
-
-testId=15869
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6112]
-
-testId=32237
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6113]
-
-testId=1005
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6114]
-
-testId=17357
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6115]
-
-testId=9181
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6116]
-
-testId=25565
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6117]
-
-testId=5117
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6118]
-
-testId=21485
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6119]
-
-testId=13277
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6120]
-
-testId=29661
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6121]
-
-testId=3021
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6122]
-
-testId=19437
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6123]
-
-testId=11229
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6124]
-
-testId=27629
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6125]
-
-testId=7133
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6126]
-
-testId=23501
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6127]
-
-testId=15325
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6128]
-
-testId=31741
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6129]
-
-testId=2013
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6130]
-
-testId=18397
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6131]
-
-testId=10205
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6132]
-
-testId=26605
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6133]
-
-testId=6093
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6134]
-
-testId=22509
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6135]
-
-testId=14285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6136]
-
-testId=30669
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6137]
-
-testId=4077
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6138]
-
-testId=20445
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6139]
-
-testId=12285
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6140]
-
-testId=28637
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6141]
-
-testId=8189
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6142]
-
-testId=24541
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6143]
-
-testId=16349
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6144]
-
-testId=32733
-testname=ClientCert_one ServerCert_one ExportPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6145]
-
-testId=51
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6146]
-
-testId=16403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6147]
-
-testId=8211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6148]
-
-testId=24611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6149]
-
-testId=4131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6150]
-
-testId=20483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6151]
-
-testId=12307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6152]
-
-testId=28723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6153]
-
-testId=2067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6154]
-
-testId=18435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6155]
-
-testId=10275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6156]
-
-testId=26675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6157]
-
-testId=6179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6158]
-
-testId=22579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6159]
-
-testId=14387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6160]
-
-testId=30755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6161]
-
-testId=1075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6162]
-
-testId=17459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6163]
-
-testId=9251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6164]
-
-testId=25619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6165]
-
-testId=5155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6166]
-
-testId=21555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6167]
-
-testId=13363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6168]
-
-testId=29731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6169]
-
-testId=3123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6170]
-
-testId=19491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6171]
-
-testId=11299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6172]
-
-testId=27699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6173]
-
-testId=7203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6174]
-
-testId=23571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6175]
-
-testId=15379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6176]
-
-testId=31747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6177]
-
-testId=531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6178]
-
-testId=16899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6179]
-
-testId=8707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6180]
-
-testId=25091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6181]
-
-testId=4627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6182]
-
-testId=20995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6183]
-
-testId=12851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6184]
-
-testId=29219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6185]
-
-testId=2563
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6186]
-
-testId=18963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6187]
-
-testId=10803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6188]
-
-testId=27171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6189]
-
-testId=6707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6190]
-
-testId=23043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6191]
-
-testId=14867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6192]
-
-testId=31283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6193]
-
-testId=1539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6194]
-
-testId=17939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6195]
-
-testId=9731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6196]
-
-testId=26147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6197]
-
-testId=5651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6198]
-
-testId=22019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6199]
-
-testId=13827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6200]
-
-testId=30211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6201]
-
-testId=3587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6202]
-
-testId=19971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6203]
-
-testId=11827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6204]
-
-testId=28163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6205]
-
-testId=7715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6206]
-
-testId=24067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6207]
-
-testId=15923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6208]
-
-testId=32291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6209]
-
-testId=259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6210]
-
-testId=16659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6211]
-
-testId=8451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6212]
-
-testId=24883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6213]
-
-testId=4403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6214]
-
-testId=20739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6215]
-
-testId=12579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6216]
-
-testId=28931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6217]
-
-testId=2339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6218]
-
-testId=18691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6219]
-
-testId=10499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6220]
-
-testId=26899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6221]
-
-testId=6419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6222]
-
-testId=22819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6223]
-
-testId=14595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6224]
-
-testId=31027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6225]
-
-testId=1299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6226]
-
-testId=17683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6227]
-
-testId=9523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6228]
-
-testId=25859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6229]
-
-testId=5395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6230]
-
-testId=21811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6231]
-
-testId=13571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6232]
-
-testId=29971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6233]
-
-testId=3331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6234]
-
-testId=19715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6235]
-
-testId=11555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6236]
-
-testId=27907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6237]
-
-testId=7443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6238]
-
-testId=23843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6239]
-
-testId=15635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6240]
-
-testId=32051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6241]
-
-testId=803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6242]
-
-testId=17187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6243]
-
-testId=8979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6244]
-
-testId=25395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6245]
-
-testId=4899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6246]
-
-testId=21283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6247]
-
-testId=13107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6248]
-
-testId=29475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6249]
-
-testId=2851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6250]
-
-testId=19219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6251]
-
-testId=11043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6252]
-
-testId=27395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6253]
-
-testId=6947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6254]
-
-testId=23315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6255]
-
-testId=15107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6256]
-
-testId=31539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6257]
-
-testId=1795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6258]
-
-testId=18211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6259]
-
-testId=10003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6260]
-
-testId=26387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6261]
-
-testId=5939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6262]
-
-testId=22323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6263]
-
-testId=14083
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6264]
-
-testId=30515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6265]
-
-testId=3891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6266]
-
-testId=20243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6267]
-
-testId=12035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6268]
-
-testId=28419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6269]
-
-testId=7955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6270]
-
-testId=24323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6271]
-
-testId=16147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6272]
-
-testId=32531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6273]
-
-testId=131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6274]
-
-testId=16531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6275]
-
-testId=8339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6276]
-
-testId=24723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6277]
-
-testId=4259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6278]
-
-testId=20643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6279]
-
-testId=12419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6280]
-
-testId=28803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6281]
-
-testId=2227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6282]
-
-testId=18595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6283]
-
-testId=10371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6284]
-
-testId=26771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6285]
-
-testId=6323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6286]
-
-testId=22707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6287]
-
-testId=14515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6288]
-
-testId=30851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6289]
-
-testId=1187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6290]
-
-testId=17587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6291]
-
-testId=9395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6292]
-
-testId=25763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6293]
-
-testId=5251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6294]
-
-testId=21635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6295]
-
-testId=13459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6296]
-
-testId=29875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6297]
-
-testId=3235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6298]
-
-testId=19619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6299]
-
-testId=11411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6300]
-
-testId=27795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6301]
-
-testId=7315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6302]
-
-testId=23699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6303]
-
-testId=15539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6304]
-
-testId=31907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6305]
-
-testId=691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6306]
-
-testId=17027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6307]
-
-testId=8835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6308]
-
-testId=25251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6309]
-
-testId=4771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6310]
-
-testId=21155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6311]
-
-testId=12979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6312]
-
-testId=29363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6313]
-
-testId=2739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6314]
-
-testId=19107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6315]
-
-testId=10931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6316]
-
-testId=27283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6317]
-
-testId=6803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6318]
-
-testId=23219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6319]
-
-testId=15027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6320]
-
-testId=31379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6321]
-
-testId=1683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6322]
-
-testId=18051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6323]
-
-testId=9875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6324]
-
-testId=26243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6325]
-
-testId=5763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6326]
-
-testId=22195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6327]
-
-testId=14003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6328]
-
-testId=30355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6329]
-
-testId=3747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6330]
-
-testId=20147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6331]
-
-testId=11955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6332]
-
-testId=28307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6333]
-
-testId=7827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6334]
-
-testId=24195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6335]
-
-testId=16003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6336]
-
-testId=32387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6337]
-
-testId=403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6338]
-
-testId=16803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6339]
-
-testId=8627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6340]
-
-testId=25011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6341]
-
-testId=4483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6342]
-
-testId=20867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6343]
-
-testId=12707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6344]
-
-testId=29075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6345]
-
-testId=2435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6346]
-
-testId=18835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6347]
-
-testId=10675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6348]
-
-testId=27027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6349]
-
-testId=6531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6350]
-
-testId=22947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6351]
-
-testId=14771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6352]
-
-testId=31123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6353]
-
-testId=1459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6354]
-
-testId=17827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6355]
-
-testId=9651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6356]
-
-testId=26019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6357]
-
-testId=5507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6358]
-
-testId=21923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6359]
-
-testId=13747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6360]
-
-testId=30131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6361]
-
-testId=3507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6362]
-
-testId=19875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6363]
-
-testId=11683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6364]
-
-testId=28067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6365]
-
-testId=7555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6366]
-
-testId=23939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6367]
-
-testId=15747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6368]
-
-testId=32179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6369]
-
-testId=899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6370]
-
-testId=17331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6371]
-
-testId=9123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6372]
-
-testId=25507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6373]
-
-testId=5011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6374]
-
-testId=21395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6375]
-
-testId=13187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6376]
-
-testId=29603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6377]
-
-testId=2947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6378]
-
-testId=19379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6379]
-
-testId=11155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6380]
-
-testId=27539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6381]
-
-testId=7043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6382]
-
-testId=23459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6383]
-
-testId=15267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6384]
-
-testId=31667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6385]
-
-testId=1971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6386]
-
-testId=18355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6387]
-
-testId=10147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6388]
-
-testId=26547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6389]
-
-testId=6035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6390]
-
-testId=22403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6391]
-
-testId=14211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6392]
-
-testId=30595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6393]
-
-testId=3987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6394]
-
-testId=20355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6395]
-
-testId=12211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6396]
-
-testId=28595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6397]
-
-testId=8099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6398]
-
-testId=24483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6399]
-
-testId=16307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6400]
-
-testId=32659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6401]
-
-testId=99
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6402]
-
-testId=16499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6403]
-
-testId=8259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6404]
-
-testId=24659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6405]
-
-testId=4179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6406]
-
-testId=20579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6407]
-
-testId=12387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6408]
-
-testId=28787
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6409]
-
-testId=2163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6410]
-
-testId=18515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6411]
-
-testId=10323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6412]
-
-testId=26707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6413]
-
-testId=6227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6414]
-
-testId=22627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6415]
-
-testId=14451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6416]
-
-testId=30835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6417]
-
-testId=1091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6418]
-
-testId=17523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6419]
-
-testId=9299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6420]
-
-testId=25699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6421]
-
-testId=5235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6422]
-
-testId=21603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6423]
-
-testId=13427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6424]
-
-testId=29795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6425]
-
-testId=3155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6426]
-
-testId=19571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6427]
-
-testId=11331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6428]
-
-testId=27747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6429]
-
-testId=7235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6430]
-
-testId=23667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6431]
-
-testId=15475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6432]
-
-testId=31843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6433]
-
-testId=579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6434]
-
-testId=17011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6435]
-
-testId=8771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6436]
-
-testId=25155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6437]
-
-testId=4707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6438]
-
-testId=21075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6439]
-
-testId=12883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6440]
-
-testId=29299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6441]
-
-testId=2659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6442]
-
-testId=19011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6443]
-
-testId=10851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6444]
-
-testId=27235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6445]
-
-testId=6739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6446]
-
-testId=23139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6447]
-
-testId=14947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6448]
-
-testId=31347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6449]
-
-testId=1635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6450]
-
-testId=18003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6451]
-
-testId=9827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6452]
-
-testId=26179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6453]
-
-testId=5747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6454]
-
-testId=22115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6455]
-
-testId=13891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6456]
-
-testId=30323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6457]
-
-testId=3651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6458]
-
-testId=20051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6459]
-
-testId=11891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6460]
-
-testId=28243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6461]
-
-testId=7763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6462]
-
-testId=24147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6463]
-
-testId=15939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6464]
-
-testId=32323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6465]
-
-testId=371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6466]
-
-testId=16755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6467]
-
-testId=8531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6468]
-
-testId=24899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6469]
-
-testId=4467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6470]
-
-testId=20803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6471]
-
-testId=12643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6472]
-
-testId=29011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6473]
-
-testId=2403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6474]
-
-testId=18771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6475]
-
-testId=10579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6476]
-
-testId=26963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6477]
-
-testId=6483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6478]
-
-testId=22851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6479]
-
-testId=14691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6480]
-
-testId=31075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6481]
-
-testId=1395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6482]
-
-testId=17731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6483]
-
-testId=9571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6484]
-
-testId=25955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6485]
-
-testId=5475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6486]
-
-testId=21859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6487]
-
-testId=13667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6488]
-
-testId=30067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6489]
-
-testId=3443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6490]
-
-testId=19795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6491]
-
-testId=11587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6492]
-
-testId=28003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6493]
-
-testId=7491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6494]
-
-testId=23923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6495]
-
-testId=15683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6496]
-
-testId=32115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6497]
-
-testId=883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6498]
-
-testId=17219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6499]
-
-testId=9043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6500]
-
-testId=25427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6501]
-
-testId=4963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6502]
-
-testId=21347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6503]
-
-testId=13155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6504]
-
-testId=29539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6505]
-
-testId=2915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6506]
-
-testId=19283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6507]
-
-testId=11091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6508]
-
-testId=27491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6509]
-
-testId=6995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6510]
-
-testId=23411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6511]
-
-testId=15203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6512]
-
-testId=31571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6513]
-
-testId=1875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6514]
-
-testId=18243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6515]
-
-testId=10099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6516]
-
-testId=26483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6517]
-
-testId=5987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6518]
-
-testId=22339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6519]
-
-testId=14179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6520]
-
-testId=30579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6521]
-
-testId=3907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6522]
-
-testId=20339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6523]
-
-testId=12147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6524]
-
-testId=28499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6525]
-
-testId=8003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6526]
-
-testId=24403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6527]
-
-testId=16227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6528]
-
-testId=32579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6529]
-
-testId=211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6530]
-
-testId=16595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6531]
-
-testId=8387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6532]
-
-testId=24771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6533]
-
-testId=4323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6534]
-
-testId=20691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6535]
-
-testId=12483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6536]
-
-testId=28867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6537]
-
-testId=2291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6538]
-
-testId=18675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6539]
-
-testId=10451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6540]
-
-testId=26851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6541]
-
-testId=6371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6542]
-
-testId=22739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6543]
-
-testId=14531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6544]
-
-testId=30947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6545]
-
-testId=1267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6546]
-
-testId=17603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6547]
-
-testId=9459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6548]
-
-testId=25811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6549]
-
-testId=5347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6550]
-
-testId=21747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6551]
-
-testId=13507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6552]
-
-testId=29891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6553]
-
-testId=3267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6554]
-
-testId=19699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6555]
-
-testId=11459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6556]
-
-testId=27891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6557]
-
-testId=7379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6558]
-
-testId=23763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6559]
-
-testId=15571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6560]
-
-testId=31955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6561]
-
-testId=707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6562]
-
-testId=17091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6563]
-
-testId=8899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6564]
-
-testId=25331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6565]
-
-testId=4819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6566]
-
-testId=21187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6567]
-
-testId=13011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6568]
-
-testId=29379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6569]
-
-testId=2755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6570]
-
-testId=19155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6571]
-
-testId=10963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6572]
-
-testId=27347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6573]
-
-testId=6867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6574]
-
-testId=23283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6575]
-
-testId=15043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6576]
-
-testId=31459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6577]
-
-testId=1779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6578]
-
-testId=18131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6579]
-
-testId=9923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6580]
-
-testId=26339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6581]
-
-testId=5827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6582]
-
-testId=22259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6583]
-
-testId=14035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6584]
-
-testId=30435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6585]
-
-testId=3795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6586]
-
-testId=20163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6587]
-
-testId=12003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6588]
-
-testId=28371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6589]
-
-testId=7923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6590]
-
-testId=24275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6591]
-
-testId=16067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6592]
-
-testId=32467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6593]
-
-testId=467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6594]
-
-testId=16867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6595]
-
-testId=8659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6596]
-
-testId=25043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6597]
-
-testId=4563
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6598]
-
-testId=20947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6599]
-
-testId=12739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6600]
-
-testId=29139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6601]
-
-testId=2515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6602]
-
-testId=18899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6603]
-
-testId=10723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6604]
-
-testId=27075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6605]
-
-testId=6611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6606]
-
-testId=23027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6607]
-
-testId=14803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6608]
-
-testId=31171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6609]
-
-testId=1491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6610]
-
-testId=17859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6611]
-
-testId=9667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6612]
-
-testId=26051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6613]
-
-testId=5603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6614]
-
-testId=21971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6615]
-
-testId=13795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6616]
-
-testId=30179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6617]
-
-testId=3523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6618]
-
-testId=19923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6619]
-
-testId=11747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6620]
-
-testId=28147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6621]
-
-testId=7651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6622]
-
-testId=24035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6623]
-
-testId=15827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6624]
-
-testId=32243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6625]
-
-testId=979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6626]
-
-testId=17363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6627]
-
-testId=9171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6628]
-
-testId=25571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6629]
-
-testId=5107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6630]
-
-testId=21459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6631]
-
-testId=13251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6632]
-
-testId=29667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6633]
-
-testId=3059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6634]
-
-testId=19443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6635]
-
-testId=11235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6636]
-
-testId=27587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6637]
-
-testId=7155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6638]
-
-testId=23491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6639]
-
-testId=15299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6640]
-
-testId=31683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6641]
-
-testId=2035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6642]
-
-testId=18419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6643]
-
-testId=10179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6644]
-
-testId=26563
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6645]
-
-testId=6099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6646]
-
-testId=22483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6647]
-
-testId=14275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6648]
-
-testId=30675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6649]
-
-testId=4067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6650]
-
-testId=20419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6651]
-
-testId=12259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6652]
-
-testId=28659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6653]
-
-testId=8131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6654]
-
-testId=24531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6655]
-
-testId=16323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6656]
-
-testId=32723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6657]
-
-testId=59
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6658]
-
-testId=16427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6659]
-
-testId=8251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6660]
-
-testId=24619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6661]
-
-testId=4107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6662]
-
-testId=20539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6663]
-
-testId=12315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6664]
-
-testId=28699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6665]
-
-testId=2091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6666]
-
-testId=18491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6667]
-
-testId=10299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6668]
-
-testId=26667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6669]
-
-testId=6187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6670]
-
-testId=22539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6671]
-
-testId=14395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6672]
-
-testId=30747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6673]
-
-testId=1035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6674]
-
-testId=17435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6675]
-
-testId=9243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6676]
-
-testId=25611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6677]
-
-testId=5147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6678]
-
-testId=21515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6679]
-
-testId=13339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6680]
-
-testId=29755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6681]
-
-testId=3083
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6682]
-
-testId=19467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6683]
-
-testId=11307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6684]
-
-testId=27707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6685]
-
-testId=7211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6686]
-
-testId=23595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6687]
-
-testId=15403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6688]
-
-testId=31803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6689]
-
-testId=555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6690]
-
-testId=16955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6691]
-
-testId=8731
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6692]
-
-testId=25115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6693]
-
-testId=4635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6694]
-
-testId=21019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6695]
-
-testId=12811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6696]
-
-testId=29211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6697]
-
-testId=2619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6698]
-
-testId=18987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6699]
-
-testId=10811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6700]
-
-testId=27179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6701]
-
-testId=6667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6702]
-
-testId=23067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6703]
-
-testId=14907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6704]
-
-testId=31243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6705]
-
-testId=1579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6706]
-
-testId=17979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6707]
-
-testId=9739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6708]
-
-testId=26123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6709]
-
-testId=5659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6710]
-
-testId=22043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6711]
-
-testId=13883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6712]
-
-testId=30267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6713]
-
-testId=3611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6714]
-
-testId=20027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6715]
-
-testId=11835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6716]
-
-testId=28171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6717]
-
-testId=7739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6718]
-
-testId=24075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6719]
-
-testId=15915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6720]
-
-testId=32315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6721]
-
-testId=267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6722]
-
-testId=16699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6723]
-
-testId=8507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6724]
-
-testId=24875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6725]
-
-testId=4379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6726]
-
-testId=20747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6727]
-
-testId=12555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6728]
-
-testId=28939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6729]
-
-testId=2315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6730]
-
-testId=18699
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6731]
-
-testId=10539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6732]
-
-testId=26891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6733]
-
-testId=6411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6734]
-
-testId=22795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6735]
-
-testId=14603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6736]
-
-testId=31003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6737]
-
-testId=1323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6738]
-
-testId=17675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6739]
-
-testId=9483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6740]
-
-testId=25915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6741]
-
-testId=5435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6742]
-
-testId=21771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6743]
-
-testId=13595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6744]
-
-testId=29963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6745]
-
-testId=3355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6746]
-
-testId=19771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6747]
-
-testId=11547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6748]
-
-testId=27963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6749]
-
-testId=7435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6750]
-
-testId=23867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6751]
-
-testId=15659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6752]
-
-testId=32043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6753]
-
-testId=795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6754]
-
-testId=17195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6755]
-
-testId=8971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6756]
-
-testId=25371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6757]
-
-testId=4875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6758]
-
-testId=21291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6759]
-
-testId=13115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6760]
-
-testId=29451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6761]
-
-testId=2875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6762]
-
-testId=19227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6763]
-
-testId=11019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6764]
-
-testId=27403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6765]
-
-testId=6923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6766]
-
-testId=23355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6767]
-
-testId=15147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6768]
-
-testId=31515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6769]
-
-testId=1835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6770]
-
-testId=18203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6771]
-
-testId=10011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6772]
-
-testId=26395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6773]
-
-testId=5915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6774]
-
-testId=22315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6775]
-
-testId=14107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6776]
-
-testId=30475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6777]
-
-testId=3883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6778]
-
-testId=20251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6779]
-
-testId=12059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6780]
-
-testId=28427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6781]
-
-testId=7963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6782]
-
-testId=24347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6783]
-
-testId=16155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6784]
-
-testId=32571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6785]
-
-testId=171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6786]
-
-testId=16523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6787]
-
-testId=8379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6788]
-
-testId=24747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6789]
-
-testId=4267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6790]
-
-testId=20651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6791]
-
-testId=12459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6792]
-
-testId=28843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6793]
-
-testId=2187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6794]
-
-testId=18619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6795]
-
-testId=10379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6796]
-
-testId=26779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6797]
-
-testId=6299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6798]
-
-testId=22683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6799]
-
-testId=14523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6800]
-
-testId=30875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6801]
-
-testId=1179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6802]
-
-testId=17547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6803]
-
-testId=9387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6804]
-
-testId=25739
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6805]
-
-testId=5307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6806]
-
-testId=21659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6807]
-
-testId=13451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6808]
-
-testId=29867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6809]
-
-testId=3243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6810]
-
-testId=19627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6811]
-
-testId=11435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6812]
-
-testId=27819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6813]
-
-testId=7339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6814]
-
-testId=23707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6815]
-
-testId=15531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6816]
-
-testId=31931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6817]
-
-testId=667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6818]
-
-testId=17083
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6819]
-
-testId=8843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6820]
-
-testId=25259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6821]
-
-testId=4763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6822]
-
-testId=21179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6823]
-
-testId=12971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6824]
-
-testId=29323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6825]
-
-testId=2747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6826]
-
-testId=19131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6827]
-
-testId=10923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6828]
-
-testId=27291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6829]
-
-testId=6827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6830]
-
-testId=23227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6831]
-
-testId=15035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6832]
-
-testId=31403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6833]
-
-testId=1723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6834]
-
-testId=18059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6835]
-
-testId=9915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6836]
-
-testId=26267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6837]
-
-testId=5787
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6838]
-
-testId=22187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6839]
-
-testId=14011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6840]
-
-testId=30347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6841]
-
-testId=3723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6842]
-
-testId=20107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6843]
-
-testId=11947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6844]
-
-testId=28315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6845]
-
-testId=7851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6846]
-
-testId=24219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6847]
-
-testId=16043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6848]
-
-testId=32427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6849]
-
-testId=427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6850]
-
-testId=16779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6851]
-
-testId=8619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6852]
-
-testId=24971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6853]
-
-testId=4539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6854]
-
-testId=20907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6855]
-
-testId=12683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6856]
-
-testId=29067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6857]
-
-testId=2475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6858]
-
-testId=18875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6859]
-
-testId=10651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6860]
-
-testId=27051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6861]
-
-testId=6539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6862]
-
-testId=22923
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6863]
-
-testId=14763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6864]
-
-testId=31147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6865]
-
-testId=1419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6866]
-
-testId=17819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6867]
-
-testId=9611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6868]
-
-testId=26027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6869]
-
-testId=5547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6870]
-
-testId=21915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6871]
-
-testId=13723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6872]
-
-testId=30107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6873]
-
-testId=3483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6874]
-
-testId=19899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6875]
-
-testId=11675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6876]
-
-testId=28059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6877]
-
-testId=7595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6878]
-
-testId=23995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6879]
-
-testId=15755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6880]
-
-testId=32139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6881]
-
-testId=939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6882]
-
-testId=17323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6883]
-
-testId=9131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6884]
-
-testId=25499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6885]
-
-testId=5003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6886]
-
-testId=21387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6887]
-
-testId=13195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6888]
-
-testId=29579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6889]
-
-testId=2987
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6890]
-
-testId=19339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6891]
-
-testId=11163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6892]
-
-testId=27547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6893]
-
-testId=7067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6894]
-
-testId=23451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6895]
-
-testId=15243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6896]
-
-testId=31675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6897]
-
-testId=1979
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6898]
-
-testId=18363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6899]
-
-testId=10139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6900]
-
-testId=26523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6901]
-
-testId=6043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6902]
-
-testId=22443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6903]
-
-testId=14267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6904]
-
-testId=30603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6905]
-
-testId=4027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6906]
-
-testId=20363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6907]
-
-testId=12187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6908]
-
-testId=28555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6909]
-
-testId=8107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6910]
-
-testId=24491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6911]
-
-testId=16299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6912]
-
-testId=32683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6913]
-
-testId=107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6914]
-
-testId=16491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6915]
-
-testId=8315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6916]
-
-testId=24667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6917]
-
-testId=4219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6918]
-
-testId=20587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6919]
-
-testId=12379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6920]
-
-testId=28779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6921]
-
-testId=2155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6922]
-
-testId=18507
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6923]
-
-testId=10315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6924]
-
-testId=26715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6925]
-
-testId=6251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6926]
-
-testId=22635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6927]
-
-testId=14427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6928]
-
-testId=30827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6929]
-
-testId=1099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6930]
-
-testId=17531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6931]
-
-testId=9291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6932]
-
-testId=25723
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6933]
-
-testId=5227
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6934]
-
-testId=21627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6935]
-
-testId=13403
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6936]
-
-testId=29819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6937]
-
-testId=3179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6938]
-
-testId=19531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6939]
-
-testId=11387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6940]
-
-testId=27771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6941]
-
-testId=7275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6942]
-
-testId=23659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6943]
-
-testId=15451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6944]
-
-testId=31867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6945]
-
-testId=603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6946]
-
-testId=16971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6947]
-
-testId=8779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6948]
-
-testId=25179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6949]
-
-testId=4715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6950]
-
-testId=21099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6951]
-
-testId=12891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6952]
-
-testId=29307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6953]
-
-testId=2667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6954]
-
-testId=19067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6955]
-
-testId=10843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6956]
-
-testId=27259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6957]
-
-testId=6779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6958]
-
-testId=23163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6959]
-
-testId=14955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6960]
-
-testId=31355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6961]
-
-testId=1643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6962]
-
-testId=18011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6963]
-
-testId=9851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6964]
-
-testId=26187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6965]
-
-testId=5707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6966]
-
-testId=22123
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6967]
-
-testId=13915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6968]
-
-testId=30283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6969]
-
-testId=3659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6970]
-
-testId=20075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6971]
-
-testId=11851
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6972]
-
-testId=28267
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6973]
-
-testId=7787
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6974]
-
-testId=24139
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6975]
-
-testId=15995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6976]
-
-testId=32363
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6977]
-
-testId=331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6978]
-
-testId=16747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6979]
-
-testId=8571
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6980]
-
-testId=24955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6981]
-
-testId=4427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6982]
-
-testId=20859
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6983]
-
-testId=12619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6984]
-
-testId=29003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6985]
-
-testId=2427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6986]
-
-testId=18795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6987]
-
-testId=10587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6988]
-
-testId=27003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6989]
-
-testId=6523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6990]
-
-testId=22875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6991]
-
-testId=14715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6992]
-
-testId=31051
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6993]
-
-testId=1387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6994]
-
-testId=17771
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6995]
-
-testId=9547
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6996]
-
-testId=25947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6997]
-
-testId=5451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6998]
-
-testId=21835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-6999]
-
-testId=13691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7000]
-
-testId=30059
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7001]
-
-testId=3435
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7002]
-
-testId=19819
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7003]
-
-testId=11643
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7004]
-
-testId=28027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7005]
-
-testId=7531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7006]
-
-testId=23915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7007]
-
-testId=15691
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7008]
-
-testId=32075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7009]
-
-testId=891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7010]
-
-testId=17275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7011]
-
-testId=9067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7012]
-
-testId=25419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7013]
-
-testId=4955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7014]
-
-testId=21339
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7015]
-
-testId=13131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7016]
-
-testId=29515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7017]
-
-testId=2907
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7018]
-
-testId=19275
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7019]
-
-testId=11131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7020]
-
-testId=27483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7021]
-
-testId=7019
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7022]
-
-testId=23387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7023]
-
-testId=15195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7024]
-
-testId=31611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7025]
-
-testId=1915
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7026]
-
-testId=18251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7027]
-
-testId=10091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7028]
-
-testId=26459
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7029]
-
-testId=5963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7030]
-
-testId=22379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7031]
-
-testId=14187
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7032]
-
-testId=30555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7033]
-
-testId=3963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7034]
-
-testId=20331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7035]
-
-testId=12107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7036]
-
-testId=28491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7037]
-
-testId=8043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7038]
-
-testId=24395
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7039]
-
-testId=16219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7040]
-
-testId=32635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7041]
-
-testId=235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7042]
-
-testId=16603
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7043]
-
-testId=8443
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7044]
-
-testId=24779
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7045]
-
-testId=4347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7046]
-
-testId=20715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7047]
-
-testId=12539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7048]
-
-testId=28891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7049]
-
-testId=2299
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7050]
-
-testId=18683
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7051]
-
-testId=10475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7052]
-
-testId=26827
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7053]
-
-testId=6347
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7054]
-
-testId=22747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7055]
-
-testId=14539
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7056]
-
-testId=30971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7057]
-
-testId=1243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7058]
-
-testId=17659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7059]
-
-testId=9451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7060]
-
-testId=25835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7061]
-
-testId=5371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7062]
-
-testId=21755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7063]
-
-testId=13515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7064]
-
-testId=29931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7065]
-
-testId=3291
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7066]
-
-testId=19675
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7067]
-
-testId=11515
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7068]
-
-testId=27867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7069]
-
-testId=7371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7070]
-
-testId=23803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7071]
-
-testId=15595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7072]
-
-testId=31947
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7073]
-
-testId=747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7074]
-
-testId=17099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7075]
-
-testId=8939
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7076]
-
-testId=25323
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7077]
-
-testId=4811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7078]
-
-testId=21211
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7079]
-
-testId=13003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7080]
-
-testId=29419
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7081]
-
-testId=2763
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7082]
-
-testId=19147
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7083]
-
-testId=10955
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7084]
-
-testId=27387
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7085]
-
-testId=6875
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7086]
-
-testId=23259
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7087]
-
-testId=15067
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7088]
-
-testId=31467
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7089]
-
-testId=1755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7090]
-
-testId=18171
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7091]
-
-testId=9963
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7092]
-
-testId=26315
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7093]
-
-testId=5835
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7094]
-
-testId=22219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7095]
-
-testId=14075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7096]
-
-testId=30411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7097]
-
-testId=3803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7098]
-
-testId=20203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7099]
-
-testId=11995
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7100]
-
-testId=28411
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7101]
-
-testId=7883
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7102]
-
-testId=24283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7103]
-
-testId=16075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7104]
-
-testId=32491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7105]
-
-testId=491
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7106]
-
-testId=16843
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7107]
-
-testId=8651
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7108]
-
-testId=25035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7109]
-
-testId=4587
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7110]
-
-testId=20971
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7111]
-
-testId=12795
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7112]
-
-testId=29163
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7113]
-
-testId=2523
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7114]
-
-testId=18891
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7115]
-
-testId=10715
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7116]
-
-testId=27115
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7117]
-
-testId=6635
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7118]
-
-testId=23035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7119]
-
-testId=14811
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7120]
-
-testId=31195
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7121]
-
-testId=1483
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7122]
-
-testId=17899
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7123]
-
-testId=9707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7124]
-
-testId=26091
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7125]
-
-testId=5627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7126]
-
-testId=22011
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7127]
-
-testId=13803
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7128]
-
-testId=30203
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7129]
-
-testId=3579
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7130]
-
-testId=19931
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7131]
-
-testId=11755
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7132]
-
-testId=28107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7133]
-
-testId=7627
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7134]
-
-testId=24027
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7135]
-
-testId=15867
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7136]
-
-testId=32235
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7137]
-
-testId=1003
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7138]
-
-testId=17371
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7139]
-
-testId=9179
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7140]
-
-testId=25595
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7141]
-
-testId=5099
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7142]
-
-testId=21499
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7143]
-
-testId=13307
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7144]
-
-testId=29659
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7145]
-
-testId=3035
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7146]
-
-testId=19451
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7147]
-
-testId=11243
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7148]
-
-testId=27611
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7149]
-
-testId=7131
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7150]
-
-testId=23531
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7151]
-
-testId=15355
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7152]
-
-testId=31707
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7153]
-
-testId=2043
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7154]
-
-testId=18379
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7155]
-
-testId=10219
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7156]
-
-testId=26619
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7157]
-
-testId=6107
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7158]
-
-testId=22475
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7159]
-
-testId=14283
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7160]
-
-testId=30667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7161]
-
-testId=4075
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7162]
-
-testId=20427
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7163]
-
-testId=12251
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7164]
-
-testId=28667
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7165]
-
-testId=8155
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7166]
-
-testId=24555
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7167]
-
-testId=16331
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7168]
-
-testId=32747
-testname=ClientCert_one ServerCert_one DomesticPolicy SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7169]
-
-testId=55
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7170]
-
-testId=16423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7171]
-
-testId=8231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7172]
-
-testId=24599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7173]
-
-testId=4135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7174]
-
-testId=20487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7175]
-
-testId=12311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7176]
-
-testId=28711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7177]
-
-testId=2071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7178]
-
-testId=18455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7179]
-
-testId=10279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7180]
-
-testId=26679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7181]
-
-testId=6151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7182]
-
-testId=22551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7183]
-
-testId=14391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7184]
-
-testId=30727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7185]
-
-testId=1079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7186]
-
-testId=17447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7187]
-
-testId=9255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7188]
-
-testId=25607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7189]
-
-testId=5159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7190]
-
-testId=21527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7191]
-
-testId=13335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7192]
-
-testId=29751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7193]
-
-testId=3111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7194]
-
-testId=19463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7195]
-
-testId=11287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7196]
-
-testId=27703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7197]
-
-testId=7175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7198]
-
-testId=23559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7199]
-
-testId=15383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7200]
-
-testId=31783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7201]
-
-testId=567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7202]
-
-testId=16903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7203]
-
-testId=8727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7204]
-
-testId=25111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7205]
-
-testId=4647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7206]
-
-testId=21015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7207]
-
-testId=12807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7208]
-
-testId=29223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7209]
-
-testId=2583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7210]
-
-testId=18999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7211]
-
-testId=10775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7212]
-
-testId=27191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7213]
-
-testId=6663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7214]
-
-testId=23063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7215]
-
-testId=14887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7216]
-
-testId=31255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7217]
-
-testId=1543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7218]
-
-testId=17927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7219]
-
-testId=9783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7220]
-
-testId=26119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7221]
-
-testId=5687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7222]
-
-testId=22071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7223]
-
-testId=13847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7224]
-
-testId=30215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7225]
-
-testId=3623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7226]
-
-testId=20007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7227]
-
-testId=11831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7228]
-
-testId=28183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7229]
-
-testId=7703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7230]
-
-testId=24087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7231]
-
-testId=15927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7232]
-
-testId=32279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7233]
-
-testId=311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7234]
-
-testId=16663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7235]
-
-testId=8471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7236]
-
-testId=24855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7237]
-
-testId=4375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7238]
-
-testId=20743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7239]
-
-testId=12567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7240]
-
-testId=28967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7241]
-
-testId=2343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7242]
-
-testId=18727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7243]
-
-testId=10535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7244]
-
-testId=26903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7245]
-
-testId=6455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7246]
-
-testId=22807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7247]
-
-testId=14615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7248]
-
-testId=31015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7249]
-
-testId=1319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7250]
-
-testId=17719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7251]
-
-testId=9495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7252]
-
-testId=25863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7253]
-
-testId=5431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7254]
-
-testId=21799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7255]
-
-testId=13575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7256]
-
-testId=29991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7257]
-
-testId=3351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7258]
-
-testId=19767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7259]
-
-testId=11575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7260]
-
-testId=27943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7261]
-
-testId=7447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7262]
-
-testId=23863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7263]
-
-testId=15671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7264]
-
-testId=32023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7265]
-
-testId=807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7266]
-
-testId=17175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7267]
-
-testId=8967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7268]
-
-testId=25399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7269]
-
-testId=4903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7270]
-
-testId=21271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7271]
-
-testId=13095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7272]
-
-testId=29447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7273]
-
-testId=2855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7274]
-
-testId=19223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7275]
-
-testId=11063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7276]
-
-testId=27431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7277]
-
-testId=6919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7278]
-
-testId=23335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7279]
-
-testId=15143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7280]
-
-testId=31543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7281]
-
-testId=1799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7282]
-
-testId=18183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7283]
-
-testId=10007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7284]
-
-testId=26423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7285]
-
-testId=5943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7286]
-
-testId=22311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7287]
-
-testId=14087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7288]
-
-testId=30487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7289]
-
-testId=3863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7290]
-
-testId=20231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7291]
-
-testId=12071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7292]
-
-testId=28439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7293]
-
-testId=7959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7294]
-
-testId=24375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7295]
-
-testId=16167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7296]
-
-testId=32551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7297]
-
-testId=183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7298]
-
-testId=16567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7299]
-
-testId=8375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7300]
-
-testId=24743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7301]
-
-testId=4231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7302]
-
-testId=20631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7303]
-
-testId=12423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7304]
-
-testId=28823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7305]
-
-testId=2215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7306]
-
-testId=18599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7307]
-
-testId=10391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7308]
-
-testId=26807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7309]
-
-testId=6311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7310]
-
-testId=22679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7311]
-
-testId=14503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7312]
-
-testId=30887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7313]
-
-testId=1191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7314]
-
-testId=17543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7315]
-
-testId=9351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7316]
-
-testId=25783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7317]
-
-testId=5303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7318]
-
-testId=21671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7319]
-
-testId=13463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7320]
-
-testId=29863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7321]
-
-testId=3255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7322]
-
-testId=19623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7323]
-
-testId=11447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7324]
-
-testId=27799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7325]
-
-testId=7335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7326]
-
-testId=23735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7327]
-
-testId=15511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7328]
-
-testId=31895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7329]
-
-testId=679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7330]
-
-testId=17079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7331]
-
-testId=8871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7332]
-
-testId=25255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7333]
-
-testId=4759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7334]
-
-testId=21175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7335]
-
-testId=12951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7336]
-
-testId=29367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7337]
-
-testId=2727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7338]
-
-testId=19095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7339]
-
-testId=10887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7340]
-
-testId=27303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7341]
-
-testId=6823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7342]
-
-testId=23175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7343]
-
-testId=15015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7344]
-
-testId=31415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7345]
-
-testId=1671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7346]
-
-testId=18103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7347]
-
-testId=9911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7348]
-
-testId=26279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7349]
-
-testId=5799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7350]
-
-testId=22151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7351]
-
-testId=14007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7352]
-
-testId=30391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7353]
-
-testId=3719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7354]
-
-testId=20135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7355]
-
-testId=11943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7356]
-
-testId=28327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7357]
-
-testId=7831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7358]
-
-testId=24199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7359]
-
-testId=16055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7360]
-
-testId=32391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7361]
-
-testId=439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7362]
-
-testId=16823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7363]
-
-testId=8631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7364]
-
-testId=24983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7365]
-
-testId=4503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7366]
-
-testId=20887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7367]
-
-testId=12711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7368]
-
-testId=29111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7369]
-
-testId=2455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7370]
-
-testId=18823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7371]
-
-testId=10679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7372]
-
-testId=27031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7373]
-
-testId=6583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7374]
-
-testId=22919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7375]
-
-testId=14743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7376]
-
-testId=31111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7377]
-
-testId=1415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7378]
-
-testId=17815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7379]
-
-testId=9623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7380]
-
-testId=26007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7381]
-
-testId=5559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7382]
-
-testId=21927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7383]
-
-testId=13751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7384]
-
-testId=30103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7385]
-
-testId=3495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7386]
-
-testId=19879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7387]
-
-testId=11703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7388]
-
-testId=28055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7389]
-
-testId=7591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7390]
-
-testId=23943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7391]
-
-testId=15783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7392]
-
-testId=32151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7393]
-
-testId=919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7394]
-
-testId=17319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7395]
-
-testId=9111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7396]
-
-testId=25479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7397]
-
-testId=5047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7398]
-
-testId=21415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7399]
-
-testId=13207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7400]
-
-testId=29607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7401]
-
-testId=2967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7402]
-
-testId=19335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7403]
-
-testId=11175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7404]
-
-testId=27559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7405]
-
-testId=7063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7406]
-
-testId=23431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7407]
-
-testId=15271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7408]
-
-testId=31655
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7409]
-
-testId=1975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7410]
-
-testId=18343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7411]
-
-testId=10135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7412]
-
-testId=26551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7413]
-
-testId=6039
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7414]
-
-testId=22407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7415]
-
-testId=14231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7416]
-
-testId=30631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7417]
-
-testId=4007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7418]
-
-testId=20359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7419]
-
-testId=12183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7420]
-
-testId=28599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7421]
-
-testId=8087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7422]
-
-testId=24487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7423]
-
-testId=16295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7424]
-
-testId=32647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7425]
-
-testId=87
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7426]
-
-testId=16503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7427]
-
-testId=8295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7428]
-
-testId=24695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7429]
-
-testId=4215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7430]
-
-testId=20599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7431]
-
-testId=12391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7432]
-
-testId=28759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7433]
-
-testId=2135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7434]
-
-testId=18503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7435]
-
-testId=10327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7436]
-
-testId=26711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7437]
-
-testId=6215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7438]
-
-testId=22615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7439]
-
-testId=14423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7440]
-
-testId=30823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7441]
-
-testId=1095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7442]
-
-testId=17511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7443]
-
-testId=9319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7444]
-
-testId=25671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7445]
-
-testId=5207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7446]
-
-testId=21623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7447]
-
-testId=13383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7448]
-
-testId=29783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7449]
-
-testId=3191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7450]
-
-testId=19559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7451]
-
-testId=11335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7452]
-
-testId=27719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7453]
-
-testId=7255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7454]
-
-testId=23671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7455]
-
-testId=15479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7456]
-
-testId=31831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7457]
-
-testId=631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7458]
-
-testId=16983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7459]
-
-testId=8823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7460]
-
-testId=25175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7461]
-
-testId=4695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7462]
-
-testId=21111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7463]
-
-testId=12887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7464]
-
-testId=29303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7465]
-
-testId=2631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7466]
-
-testId=19015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7467]
-
-testId=10823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7468]
-
-testId=27255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7469]
-
-testId=6727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7470]
-
-testId=23127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7471]
-
-testId=14935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7472]
-
-testId=31335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7473]
-
-testId=1607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7474]
-
-testId=17991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7475]
-
-testId=9799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7476]
-
-testId=26231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7477]
-
-testId=5719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7478]
-
-testId=22087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7479]
-
-testId=13943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7480]
-
-testId=30279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7481]
-
-testId=3703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7482]
-
-testId=20039
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7483]
-
-testId=11879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7484]
-
-testId=28263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7485]
-
-testId=7751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7486]
-
-testId=24167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7487]
-
-testId=15943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7488]
-
-testId=32375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7489]
-
-testId=359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7490]
-
-testId=16743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7491]
-
-testId=8567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7492]
-
-testId=24935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7493]
-
-testId=4455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7494]
-
-testId=20807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7495]
-
-testId=12663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7496]
-
-testId=28999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7497]
-
-testId=2407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7498]
-
-testId=18775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7499]
-
-testId=10583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7500]
-
-testId=26951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7501]
-
-testId=6487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7502]
-
-testId=22855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7503]
-
-testId=14695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7504]
-
-testId=31047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7505]
-
-testId=1367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7506]
-
-testId=17735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7507]
-
-testId=9575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7508]
-
-testId=25975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7509]
-
-testId=5447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7510]
-
-testId=21831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7511]
-
-testId=13687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7512]
-
-testId=30055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7513]
-
-testId=3415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7514]
-
-testId=19815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7515]
-
-testId=11639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7516]
-
-testId=28023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7517]
-
-testId=7511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7518]
-
-testId=23927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7519]
-
-testId=15703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7520]
-
-testId=32119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7521]
-
-testId=887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7522]
-
-testId=17239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7523]
-
-testId=9079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7524]
-
-testId=25431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7525]
-
-testId=4967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7526]
-
-testId=21367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7527]
-
-testId=13175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7528]
-
-testId=29527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7529]
-
-testId=2903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7530]
-
-testId=19303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7531]
-
-testId=11079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7532]
-
-testId=27479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7533]
-
-testId=7031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7534]
-
-testId=23383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7535]
-
-testId=15207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7536]
-
-testId=31559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7537]
-
-testId=1879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7538]
-
-testId=18247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7539]
-
-testId=10103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7540]
-
-testId=26471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7541]
-
-testId=5959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7542]
-
-testId=22359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7543]
-
-testId=14151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7544]
-
-testId=30567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7545]
-
-testId=3959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7546]
-
-testId=20295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7547]
-
-testId=12135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7548]
-
-testId=28535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7549]
-
-testId=8007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7550]
-
-testId=24423
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7551]
-
-testId=16231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7552]
-
-testId=32631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7553]
-
-testId=215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7554]
-
-testId=16583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7555]
-
-testId=8439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7556]
-
-testId=24823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7557]
-
-testId=4295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7558]
-
-testId=20711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7559]
-
-testId=12487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7560]
-
-testId=28903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7561]
-
-testId=2279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7562]
-
-testId=18679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7563]
-
-testId=10455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7564]
-
-testId=26839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7565]
-
-testId=6391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7566]
-
-testId=22743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7567]
-
-testId=14583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7568]
-
-testId=30967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7569]
-
-testId=1223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7570]
-
-testId=17607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7571]
-
-testId=9463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7572]
-
-testId=25815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7573]
-
-testId=5351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7574]
-
-testId=21751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7575]
-
-testId=13559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7576]
-
-testId=29895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7577]
-
-testId=3287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7578]
-
-testId=19671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7579]
-
-testId=11479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7580]
-
-testId=27847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7581]
-
-testId=7399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7582]
-
-testId=23799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7583]
-
-testId=15607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7584]
-
-testId=31959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7585]
-
-testId=727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7586]
-
-testId=17127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7587]
-
-testId=8951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7588]
-
-testId=25287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7589]
-
-testId=4855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7590]
-
-testId=21223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7591]
-
-testId=13015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7592]
-
-testId=29431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7593]
-
-testId=2775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7594]
-
-testId=19159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7595]
-
-testId=10983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7596]
-
-testId=27367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7597]
-
-testId=6903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7598]
-
-testId=23255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7599]
-
-testId=15063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7600]
-
-testId=31479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7601]
-
-testId=1783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7602]
-
-testId=18119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7603]
-
-testId=9975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7604]
-
-testId=26359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7605]
-
-testId=5863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7606]
-
-testId=22215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7607]
-
-testId=14023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7608]
-
-testId=30407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7609]
-
-testId=3831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7610]
-
-testId=20199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7611]
-
-testId=11991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7612]
-
-testId=28359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7613]
-
-testId=7911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7614]
-
-testId=24311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7615]
-
-testId=16087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7616]
-
-testId=32455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7617]
-
-testId=503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7618]
-
-testId=16871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7619]
-
-testId=8663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7620]
-
-testId=25063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7621]
-
-testId=4551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7622]
-
-testId=20983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7623]
-
-testId=12791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7624]
-
-testId=29159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7625]
-
-testId=2503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7626]
-
-testId=18935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7627]
-
-testId=10695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7628]
-
-testId=27095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7629]
-
-testId=6631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7630]
-
-testId=23015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7631]
-
-testId=14807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7632]
-
-testId=31191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7633]
-
-testId=1511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7634]
-
-testId=17879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7635]
-
-testId=9703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7636]
-
-testId=26055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7637]
-
-testId=5607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7638]
-
-testId=21975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7639]
-
-testId=13815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7640]
-
-testId=30167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7641]
-
-testId=3527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7642]
-
-testId=19959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7643]
-
-testId=11719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7644]
-
-testId=28151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7645]
-
-testId=7639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7646]
-
-testId=24007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7647]
-
-testId=15863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7648]
-
-testId=32231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7649]
-
-testId=1015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7650]
-
-testId=17367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7651]
-
-testId=9207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7652]
-
-testId=25543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7653]
-
-testId=5079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7654]
-
-testId=21479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7655]
-
-testId=13271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7656]
-
-testId=29687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7657]
-
-testId=3047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7658]
-
-testId=19415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7659]
-
-testId=11207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7660]
-
-testId=27623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7661]
-
-testId=7143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7662]
-
-testId=23543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7663]
-
-testId=15335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7664]
-
-testId=31735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7665]
-
-testId=2007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7666]
-
-testId=18407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7667]
-
-testId=10215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7668]
-
-testId=26567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7669]
-
-testId=6103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7670]
-
-testId=22487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7671]
-
-testId=14327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7672]
-
-testId=30711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7673]
-
-testId=4055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7674]
-
-testId=20439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7675]
-
-testId=12263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7676]
-
-testId=28663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7677]
-
-testId=8183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7678]
-
-testId=24567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7679]
-
-testId=16359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7680]
-
-testId=32743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7681]
-
-testId=15
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7682]
-
-testId=16447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7683]
-
-testId=8207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7684]
-
-testId=24623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7685]
-
-testId=4127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7686]
-
-testId=20511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7687]
-
-testId=12319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7688]
-
-testId=28687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7689]
-
-testId=2111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7690]
-
-testId=18463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7691]
-
-testId=10255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7692]
-
-testId=26687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7693]
-
-testId=6207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7694]
-
-testId=22559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7695]
-
-testId=14351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7696]
-
-testId=30735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7697]
-
-testId=1055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7698]
-
-testId=17439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7699]
-
-testId=9247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7700]
-
-testId=25631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7701]
-
-testId=5151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7702]
-
-testId=21535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7703]
-
-testId=13343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7704]
-
-testId=29759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7705]
-
-testId=3135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7706]
-
-testId=19487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7707]
-
-testId=11279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7708]
-
-testId=27711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7709]
-
-testId=7183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7710]
-
-testId=23615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7711]
-
-testId=15391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7712]
-
-testId=31775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7713]
-
-testId=575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7714]
-
-testId=16927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7715]
-
-testId=8751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7716]
-
-testId=25135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7717]
-
-testId=4671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7718]
-
-testId=21007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7719]
-
-testId=12847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7720]
-
-testId=29247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7721]
-
-testId=2591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7722]
-
-testId=18991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7723]
-
-testId=10783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7724]
-
-testId=27151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7725]
-
-testId=6671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7726]
-
-testId=23087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7727]
-
-testId=14911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7728]
-
-testId=31247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7729]
-
-testId=1583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7730]
-
-testId=17951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7731]
-
-testId=9759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7732]
-
-testId=26143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7733]
-
-testId=5663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7734]
-
-testId=22031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7735]
-
-testId=13871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7736]
-
-testId=30271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7737]
-
-testId=3615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7738]
-
-testId=20015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7739]
-
-testId=11839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7740]
-
-testId=28191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7741]
-
-testId=7711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7742]
-
-testId=24079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7743]
-
-testId=15935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7744]
-
-testId=32319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7745]
-
-testId=319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7746]
-
-testId=16671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7747]
-
-testId=8495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7748]
-
-testId=24863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7749]
-
-testId=4383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7750]
-
-testId=20751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7751]
-
-testId=12575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7752]
-
-testId=28991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7753]
-
-testId=2319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7754]
-
-testId=18719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7755]
-
-testId=10559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7756]
-
-testId=26927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7757]
-
-testId=6431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7758]
-
-testId=22799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7759]
-
-testId=14639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7760]
-
-testId=31023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7761]
-
-testId=1311
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7762]
-
-testId=17711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7763]
-
-testId=9535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7764]
-
-testId=25887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7765]
-
-testId=5391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7766]
-
-testId=21807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7767]
-
-testId=13583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7768]
-
-testId=29999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7769]
-
-testId=3391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7770]
-
-testId=19775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7771]
-
-testId=11567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7772]
-
-testId=27951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7773]
-
-testId=7439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7774]
-
-testId=23871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7775]
-
-testId=15631
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7776]
-
-testId=32015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7777]
-
-testId=799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7778]
-
-testId=17215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7779]
-
-testId=9007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7780]
-
-testId=25391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7781]
-
-testId=4895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7782]
-
-testId=21295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7783]
-
-testId=13071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7784]
-
-testId=29503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7785]
-
-testId=2847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7786]
-
-testId=19231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7787]
-
-testId=11055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7788]
-
-testId=27407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7789]
-
-testId=6959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7790]
-
-testId=23359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7791]
-
-testId=15151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7792]
-
-testId=31551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7793]
-
-testId=1807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7794]
-
-testId=18207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7795]
-
-testId=10031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7796]
-
-testId=26431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7797]
-
-testId=5903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7798]
-
-testId=22303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7799]
-
-testId=14143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7800]
-
-testId=30495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7801]
-
-testId=3871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7802]
-
-testId=20287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7803]
-
-testId=12079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7804]
-
-testId=28431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7805]
-
-testId=7951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7806]
-
-testId=24351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7807]
-
-testId=16143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7808]
-
-testId=32527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7809]
-
-testId=191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7810]
-
-testId=16527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7811]
-
-testId=8383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7812]
-
-testId=24751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7813]
-
-testId=4239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7814]
-
-testId=20623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7815]
-
-testId=12463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7816]
-
-testId=28863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7817]
-
-testId=2223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7818]
-
-testId=18575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7819]
-
-testId=10431
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7820]
-
-testId=26799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7821]
-
-testId=6287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7822]
-
-testId=22671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7823]
-
-testId=14527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7824]
-
-testId=30879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7825]
-
-testId=1199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7826]
-
-testId=17551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7827]
-
-testId=9375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7828]
-
-testId=25791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7829]
-
-testId=5279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7830]
-
-testId=21647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7831]
-
-testId=13503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7832]
-
-testId=29855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7833]
-
-testId=3215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7834]
-
-testId=19647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7835]
-
-testId=11439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7836]
-
-testId=27823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7837]
-
-testId=7327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7838]
-
-testId=23711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7839]
-
-testId=15551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7840]
-
-testId=31919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7841]
-
-testId=687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7842]
-
-testId=17087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7843]
-
-testId=8847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7844]
-
-testId=25263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7845]
-
-testId=4783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7846]
-
-testId=21183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7847]
-
-testId=12991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7848]
-
-testId=29359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7849]
-
-testId=2735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7850]
-
-testId=19135
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7851]
-
-testId=10927
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7852]
-
-testId=27295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7853]
-
-testId=6799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7854]
-
-testId=23183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7855]
-
-testId=15007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7856]
-
-testId=31391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7857]
-
-testId=1695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7858]
-
-testId=18063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7859]
-
-testId=9919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7860]
-
-testId=26271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7861]
-
-testId=5775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7862]
-
-testId=22159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7863]
-
-testId=13999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7864]
-
-testId=30351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7865]
-
-testId=3759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7866]
-
-testId=20127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7867]
-
-testId=11951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7868]
-
-testId=28351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7869]
-
-testId=7823
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7870]
-
-testId=24255
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7871]
-
-testId=16047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7872]
-
-testId=32415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7873]
-
-testId=415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7874]
-
-testId=16815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7875]
-
-testId=8607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7876]
-
-testId=25023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7877]
-
-testId=4543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7878]
-
-testId=20911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7879]
-
-testId=12687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7880]
-
-testId=29071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7881]
-
-testId=2447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7882]
-
-testId=18831
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7883]
-
-testId=10687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7884]
-
-testId=27023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7885]
-
-testId=6591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7886]
-
-testId=22975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7887]
-
-testId=14735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7888]
-
-testId=31151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7889]
-
-testId=1455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7890]
-
-testId=17855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7891]
-
-testId=9663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7892]
-
-testId=26031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7893]
-
-testId=5551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7894]
-
-testId=21935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7895]
-
-testId=13711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7896]
-
-testId=30111
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7897]
-
-testId=3519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7898]
-
-testId=19871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7899]
-
-testId=11663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7900]
-
-testId=28063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7901]
-
-testId=7615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7902]
-
-testId=23951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7903]
-
-testId=15759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7904]
-
-testId=32191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7905]
-
-testId=943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7906]
-
-testId=17327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7907]
-
-testId=9119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7908]
-
-testId=25519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7909]
-
-testId=5055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7910]
-
-testId=21391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7911]
-
-testId=13247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7912]
-
-testId=29583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7913]
-
-testId=3007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7914]
-
-testId=19391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7915]
-
-testId=11167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7916]
-
-testId=27551
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7917]
-
-testId=7071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7918]
-
-testId=23487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7919]
-
-testId=15247
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7920]
-
-testId=31647
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7921]
-
-testId=1983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7922]
-
-testId=18351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7923]
-
-testId=10127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7924]
-
-testId=26559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7925]
-
-testId=6031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7926]
-
-testId=22447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7927]
-
-testId=14223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7928]
-
-testId=30607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7929]
-
-testId=3983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7930]
-
-testId=20367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7931]
-
-testId=12191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7932]
-
-testId=28591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7933]
-
-testId=8079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7934]
-
-testId=24463
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7935]
-
-testId=16287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7936]
-
-testId=32671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7937]
-
-testId=79
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7938]
-
-testId=16495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7939]
-
-testId=8271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7940]
-
-testId=24671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7941]
-
-testId=4207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7942]
-
-testId=20575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7943]
-
-testId=12383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7944]
-
-testId=28783
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7945]
-
-testId=2143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7946]
-
-testId=18511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7947]
-
-testId=10335
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7948]
-
-testId=26751
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7949]
-
-testId=6239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7950]
-
-testId=22639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7951]
-
-testId=14415
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7952]
-
-testId=30815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7953]
-
-testId=1103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7954]
-
-testId=17487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7955]
-
-testId=9343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7956]
-
-testId=25711
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7957]
-
-testId=5215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7958]
-
-testId=21615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7959]
-
-testId=13439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7960]
-
-testId=29807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7961]
-
-testId=3183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7962]
-
-testId=19583
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7963]
-
-testId=11343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7964]
-
-testId=27759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7965]
-
-testId=7263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7966]
-
-testId=23663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7967]
-
-testId=15455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7968]
-
-testId=31855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7969]
-
-testId=623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7970]
-
-testId=16991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7971]
-
-testId=8815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7972]
-
-testId=25215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7973]
-
-testId=4703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7974]
-
-testId=21087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7975]
-
-testId=12895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7976]
-
-testId=29279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7977]
-
-testId=2687
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7978]
-
-testId=19071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7979]
-
-testId=10863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7980]
-
-testId=27215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7981]
-
-testId=6767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7982]
-
-testId=23151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7983]
-
-testId=14959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7984]
-
-testId=31359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7985]
-
-testId=1615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7986]
-
-testId=18031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7987]
-
-testId=9807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7988]
-
-testId=26191
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7989]
-
-testId=5759
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7990]
-
-testId=22143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7991]
-
-testId=13935
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7992]
-
-testId=30287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7993]
-
-testId=3679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7994]
-
-testId=20095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7995]
-
-testId=11903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7996]
-
-testId=28239
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7997]
-
-testId=7775
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7998]
-
-testId=24159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-7999]
-
-testId=15983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8000]
-
-testId=32367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8001]
-
-testId=367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8002]
-
-testId=16767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8003]
-
-testId=8527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8004]
-
-testId=24959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8005]
-
-testId=4447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8006]
-
-testId=20815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8007]
-
-testId=12639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8008]
-
-testId=29055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8009]
-
-testId=2383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8010]
-
-testId=18815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8011]
-
-testId=10607
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8012]
-
-testId=26959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8013]
-
-testId=6479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8014]
-
-testId=22863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8015]
-
-testId=14671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8016]
-
-testId=31055
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8017]
-
-testId=1407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8018]
-
-testId=17743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8019]
-
-testId=9567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8020]
-
-testId=25983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8021]
-
-testId=5471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8022]
-
-testId=21871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8023]
-
-testId=13695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8024]
-
-testId=30079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8025]
-
-testId=3439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8026]
-
-testId=19791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8027]
-
-testId=11615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8028]
-
-testId=28031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8029]
-
-testId=7519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8030]
-
-testId=23903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8031]
-
-testId=15695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8032]
-
-testId=32127
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8033]
-
-testId=879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8034]
-
-testId=17279
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8035]
-
-testId=9071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8036]
-
-testId=25439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8037]
-
-testId=4943
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8038]
-
-testId=21327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8039]
-
-testId=13151
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8040]
-
-testId=29535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8041]
-
-testId=2895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8042]
-
-testId=19295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8043]
-
-testId=11103
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8044]
-
-testId=27487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8045]
-
-testId=7023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8046]
-
-testId=23375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8047]
-
-testId=15231
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8048]
-
-testId=31615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8049]
-
-testId=1919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8050]
-
-testId=18303
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8051]
-
-testId=10063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8052]
-
-testId=26495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8053]
-
-testId=6015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8054]
-
-testId=22399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8055]
-
-testId=14207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8056]
-
-testId=30543
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8057]
-
-testId=3919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8058]
-
-testId=20319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8059]
-
-testId=12159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8060]
-
-testId=28527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8061]
-
-testId=8015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8062]
-
-testId=24399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8063]
-
-testId=16207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8064]
-
-testId=32623
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8065]
-
-testId=207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8066]
-
-testId=16639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8067]
-
-testId=8399
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8068]
-
-testId=24815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8069]
-
-testId=4351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8070]
-
-testId=20719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8071]
-
-testId=12495
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8072]
-
-testId=28879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8073]
-
-testId=2287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8074]
-
-testId=18671
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8075]
-
-testId=10479
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8076]
-
-testId=26879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8077]
-
-testId=6367
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8078]
-
-testId=22767
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8079]
-
-testId=14591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8080]
-
-testId=30959
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8081]
-
-testId=1263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8082]
-
-testId=17663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8083]
-
-testId=9471
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8084]
-
-testId=25839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8085]
-
-testId=5359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8086]
-
-testId=21743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8087]
-
-testId=13567
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8088]
-
-testId=29919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8089]
-
-testId=3295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8090]
-
-testId=19695
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8091]
-
-testId=11487
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8092]
-
-testId=27887
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8093]
-
-testId=7375
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8094]
-
-testId=23807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8095]
-
-testId=15615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8096]
-
-testId=31951
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8097]
-
-testId=719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8098]
-
-testId=17119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8099]
-
-testId=8911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8100]
-
-testId=25343
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8101]
-
-testId=4863
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8102]
-
-testId=21215
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8103]
-
-testId=13007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8104]
-
-testId=29391
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8105]
-
-testId=2815
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8106]
-
-testId=19199
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8107]
-
-testId=11007
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8108]
-
-testId=27359
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8109]
-
-testId=6911
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8110]
-
-testId=23295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8111]
-
-testId=15071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8112]
-
-testId=31439
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8113]
-
-testId=1791
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8114]
-
-testId=18143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8115]
-
-testId=9983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8116]
-
-testId=26319
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8117]
-
-testId=5871
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8118]
-
-testId=22271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8119]
-
-testId=14063
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8120]
-
-testId=30447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8121]
-
-testId=3839
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8122]
-
-testId=20175
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8123]
-
-testId=11999
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8124]
-
-testId=28383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8125]
-
-testId=7903
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8126]
-
-testId=24271
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8127]
-
-testId=16079
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8128]
-
-testId=32511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8129]
-
-testId=511
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8130]
-
-testId=16879
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8131]
-
-testId=8703
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8132]
-
-testId=25071
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8133]
-
-testId=4591
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8134]
-
-testId=20991
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8135]
-
-testId=12799
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8136]
-
-testId=29183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8137]
-
-testId=2559
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8138]
-
-testId=18895
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8139]
-
-testId=10719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8140]
-
-testId=27087
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8141]
-
-testId=6655
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8142]
-
-testId=23039
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8143]
-
-testId=14847
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8144]
-
-testId=31183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8145]
-
-testId=1503
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8146]
-
-testId=17919
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8147]
-
-testId=9679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8148]
-
-testId=26095
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8149]
-
-testId=5615
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8150]
-
-testId=21983
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8151]
-
-testId=13807
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8152]
-
-testId=30207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8153]
-
-testId=3535
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8154]
-
-testId=19967
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8155]
-
-testId=11727
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8156]
-
-testId=28143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8157]
-
-testId=7679
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8158]
-
-testId=24015
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8159]
-
-testId=15855
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8160]
-
-testId=32207
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8161]
-
-testId=975
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8162]
-
-testId=17407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8163]
-
-testId=9183
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8164]
-
-testId=25599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8165]
-
-testId=5119
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8166]
-
-testId=21455
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8167]
-
-testId=13295
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8168]
-
-testId=29663
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8169]
-
-testId=3023
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8170]
-
-testId=19407
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8171]
-
-testId=11263
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8172]
-
-testId=27599
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8173]
-
-testId=7167
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8174]
-
-testId=23519
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8175]
-
-testId=15327
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8176]
-
-testId=31743
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8177]
-
-testId=2031
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8178]
-
-testId=18383
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8179]
-
-testId=10223
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8180]
-
-testId=26575
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8181]
-
-testId=6143
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8182]
-
-testId=22527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8183]
-
-testId=14287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8184]
-
-testId=30719
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8185]
-
-testId=4047
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8186]
-
-testId=20447
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8187]
-
-testId=12287
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength1K ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8188]
-
-testId=28639
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8189]
-
-testId=8159
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8190]
-
-testId=24527
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength0 ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8191]
-
-testId=16351
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
-[Test-8192]
-
-testId=32735
-testname=ClientCert_one ServerCert_one DomesticPolicy NO_SSLVersion2 NO_SSLVersion3 ClientIOLength1K ServerIOLength0 ClientAuthOff ClientNoForceHandshake ServerForceHandshake ClientNoRedoHandshake ServerNoRedoHandshake No_Cipher_EN_RC4_128_WITH_MD5 No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 No_Cipher_EN_RC2_128_CBC_WITH_MD5 No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 No_Cipher_RSA_WITH_RC4_128_MD5 No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 No_Cipher_RSA_WITH_DES_CBC_SHA No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA
-timeout=9
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
deleted file mode 100644
index 48457fe42..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.c
+++ /dev/null
@@ -1,293 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* include replacer-generated variables file */
-
-
-#include "ssl.h"
-#include "sslproto.h"
-
-#include "sslt.h"
-#include "sslc.h"
-#include "ssls.h"
-
-#include "pk11func.h"
-
-#define MAX_CIPHERS 100
-
-struct cipherspec cipher_array[MAX_CIPHERS];
-int cipher_array_size=0;
-char *password = "";
-char *nickname = "SSLServer";
-char *client_nick = "SSLClient";
-
-void InitCiphers() {
- int i=0;
-
-/* These ciphers are listed in priority order. */
- DIPHER(2,SSL_ALLOWED,128,40, "RC2-CBC-Export", EN_RC2_128_CBC_EXPORT40_WITH_MD5)
- CIPHER(2,SSL_NOT_ALLOWED,128,128,"RC4", EN_RC4_128_WITH_MD5)
- CIPHER(2,SSL_ALLOWED,128,40, "RC4-Export", EN_RC4_128_EXPORT40_WITH_MD5)
- DIPHER(2,SSL_NOT_ALLOWED,128,128,"RC2-CBC", EN_RC2_128_CBC_WITH_MD5)
- DIPHER(2,SSL_ALLOWED,128,40, "RC2-CBC-40", EN_RC2_128_CBC_EXPORT40_WITH_MD5)
- DIPHER(2,SSL_NOT_ALLOWED,128,128,"IDEA-CBC", EN_IDEA_128_CBC_WITH_MD5)
- DIPHER(2,SSL_NOT_ALLOWED,56,56, "DES-CBC", EN_DES_64_CBC_WITH_MD5)
- CIPHER(2,SSL_NOT_ALLOWED,168,168,"DES-EDE3-CBC", EN_DES_192_EDE3_CBC_WITH_MD5)
- /* SSL 3 suites */
-
- CIPHER(3,SSL_RESTRICTED,128,128, "RC4", RSA_WITH_RC4_128_MD5)
- DIPHER(3,SSL_RESTRICTED,128,128, "RC4", RSA_WITH_RC4_128_SHA)
- CIPHER(3,SSL_RESTRICTED,168,168, "3DES-EDE-CBC", RSA_WITH_3DES_EDE_CBC_SHA)
- CIPHER(3,SSL_NOT_ALLOWED,56,56,"DES-CBC", RSA_WITH_DES_CBC_SHA)
- CIPHER(3,SSL_ALLOWED,128,40, "RC4-40", RSA_EXPORT_WITH_RC4_40_MD5)
- CIPHER(3,SSL_ALLOWED,128,40, "RC2-CBC-40", RSA_EXPORT_WITH_RC2_CBC_40_MD5)
-
- DIPHER(3,SSL_ALLOWED,0,0, "NULL", NULL_WITH_NULL_NULL)
- DIPHER(3,SSL_ALLOWED,0,0, "NULL", RSA_WITH_NULL_MD5)
- DIPHER(3,SSL_ALLOWED,0,0, "NULL", RSA_WITH_NULL_SHA)
-
-#if 0
- DIPHER(3,SSL_NOT_ALLOWED,0,0, "IDEA-CBC", RSA_WITH_IDEA_CBC_SHA)
- DIPHER(3,SSL_ALLOWED,128,40, "DES-CBC-40", RSA_EXPORT_WITH_DES40_CBC_SHA)
-#endif
-
- /*
-
- CIPHER(DH_DSS_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DH_DSS_WITH_DES_CBC_SHA),
- CIPHER(DH_DSS_WITH_3DES_EDE_CBC_SHA),
- CIPHER(DH_RSA_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DH_RSA_WITH_DES_CBC_SHA),
- CIPHER(DH_RSA_WITH_3DES_EDE_CBC_SHA),
- CIPHER(DHE_DSS_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DHE_DSS_WITH_DES_CBC_SHA),
- CIPHER(DHE_DSS_WITH_3DES_EDE_CBC_SHA),
- CIPHER(DHE_RSA_EXPORT_WITH_DES40_CBC_SHA),
- CIPHER(DHE_RSA_WITH_DES_CBC_SHA),
- CIPHER(DHE_RSA_WITH_3DES_EDE_CBC_SHA),
-
- CIPHER(DH_ANON_EXPORT_WITH_RC4_40_MD5),
- CIPHER(DH_ANON_WITH_RC4_128_MD5),
- CIPHER(DH_ANON_WITH_DES_CBC_SHA),
- CIPHER(DH_ANON_WITH_3DES_EDE_CBC_SHA),
-
- CIPHER(3,SSL_NOT_ALLOWED,0,0,"Fortezza", FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA),
- CIPHER(3,SSL_NOT_ALLOWED,0,0,"Fortezza", FORTEZZA_DMS_WITH_RC4_128_SHA),
-
- */
-
- DIPHER(3,SSL_NOT_ALLOWED,192,192,"3DES-EDE-CBC",RSA_FIPS_WITH_3DES_EDE_CBC_SHA)
- DIPHER(3,SSL_NOT_ALLOWED,64,64, "DES-CBC", RSA_FIPS_WITH_DES_CBC_SHA)
-
- cipher_array_size =i;
-}
-
-
-
-/* ClearCiphers()
- * Clear out all ciphers */
-
-void ClearCiphers(struct ThreadData *td) {
-int i;
-
-for (i=0;i<cipher_array_size;i++) {
-SSL_EnableCipher(cipher_array[i].enableid,0);
-}
-}
-
-
-/* EnableCiphers
- * enable only those ciphers set for this test */
-
-void EnableCiphers(struct ThreadData *td) {
- int i;
-
- for (i=0;i<cipher_array_size;i++) {
- if (cipher_array[i].on) {
- SSL_EnableCipher(cipher_array[i].enableid,1);
- }
- }
-}
-
-/* SetPolicy */
-
-void SetPolicy() {
- int i;
-
- for (i=0;i<cipher_array_size;i++) {
- if (REP_Policy == POLICY_DOMESTIC) {
- SSL_SetPolicy(cipher_array[i].enableid,SSL_ALLOWED);
- }
- else {
- SSL_SetPolicy(cipher_array[i].enableid,cipher_array[i].exportable);
- }
- }
-}
-
-char *MyPWFunc(PK11SlotInfo *slot, PRBool retry, void *arg)
-{
- static PRBool called=PR_FALSE;
- if(called) {
- return NULL;
- } else {
- called = PR_TRUE;
- return PL_strdup(password);
- }
-}
-
-/*
- * VersionEnables
- * errors (40-49)
- */
-
-int Version2Enable(PRFileDesc *s, int v) {
- if (SSL_Enable(s, SSL_ENABLE_SSL2, 1) <0) return Error(43);
- else return 0;
-}
-
-int Version3Enable(PRFileDesc *s) {
- if (SSL_Enable(s, SSL_ENABLE_SSL3, 1) <0) return Error(42);
- else return 0;
-}
-
-int Version23Clear(PRFileDesc *s) {
- if (SSL_Enable(s,SSL_ENABLE_SSL2,0) <0) return Error(40);
- if (SSL_Enable(s,SSL_ENABLE_SSL3,0) <0) return Error(41);
- return 0;
-}
-
-
-
-char *nicknames[MAX_NICKNAME];
-
-void SetupNickNames() {
- nicknames[CLIENT_CERT_VERISIGN] = "CLIENT_CERT_VERISIGN";
- nicknames[CLIENT_CERT_HARDCOREII_1024] = "CLIENT_CERT_HARDCOREII_1024";
- nicknames[CLIENT_CERT_HARDCOREII_512] = "CLIENT_CERT_HARDCOREII_512";
- nicknames[CLIENT_CERT_SPARK] = "CLIENT_CERT_SPARK";
- nicknames[SERVER_CERT_HARDCOREII_512] = nickname;
- /* nicknames[SERVER_CERT_HARDCOREII_512] = "SERVER_CERT_HARDCOREII_512"; */
- nicknames[SERVER_CERT_VERISIGN_REGULAR]= "SERVER_CERT_VERISIGN_REGULAR";
- nicknames[SERVER_CERT_VERISIGN_STEPUP] = "SERVER_CERT_VERISIGN_STEPUP";
- nicknames[SERVER_CERT_SPARK] = "SERVER_CERT_SPARK";
-}
-
-
-
-
-
-
-
-/*
- * SetServerSecParms
- * errors(10-19)
- */
-
-int SetServerSecParms(struct ThreadData *td) {
- int rv;
- SECKEYPrivateKey *privKey;
- PRFileDesc *s;
-
- s = td->r;
-
- rv = SSL_Enable(s, SSL_SECURITY, 1); /* Enable security on this socket */
- if (rv < 0) return Error(10);
-
- if (SSLT_CLIENTAUTH_INITIAL == REP_ServerDoClientAuth) {
- rv = SSL_Enable(s, SSL_REQUEST_CERTIFICATE, 1);
- if (rv < 0) return Error(11);
- }
-
- ClearCiphers(td);
- EnableCiphers(td);
-
- PK11_SetPasswordFunc(MyPWFunc);
- SSL_SetPKCS11PinArg(s,(void*) MyPWFunc);
-
-
- /* Find the certificates we are going to use from the database */
-
-
- /* Test for dummy certificate, which shouldn't exist */
- td->cert = PK11_FindCertFromNickname("XXXXXX_CERT_HARDCOREII_1024",NULL);
- if (td->cert != NULL) return Error(16);
-
-
- td->cert = NULL;
- if (NO_CERT != REP_ServerCert) {
- td->cert = PK11_FindCertFromNickname(nicknames[REP_ServerCert],NULL);
- }
-
-
- /* Note: if we're set to use NO_CERT as the server cert, then we'll
- * just essentially skip the rest of this (except for session ID cache setup)
- */
-
-
- if ( (NULL == td->cert) && ( NO_CERT != REP_ServerCert )) {
- PR_fprintf(PR_STDERR, "Can't find certificate %s\n", nicknames[REP_ServerCert]);
- PR_fprintf(PR_STDERR, "Server: Seclib error: %s\n",
- SECU_ErrorString ((int16) PR_GetError()));
- return Error(12);
- }
-
-
- if ((NO_CERT != REP_ServerCert)) {
- privKey = PK11_FindKeyByAnyCert(td->cert, NULL);
- if (privKey == NULL) {
- dbmsg((PR_STDERR, "Can't find key for this certificate\n"));
- return Error(13);
- }
-
- rv = SSL_ConfigSecureServer(s,td->cert,privKey, kt_rsa);
- if (rv != PR_SUCCESS) {
- dbmsg((PR_STDERR, "Can't config server error(%d) \n",rv));
- return Error(14);
- }
- }
-
- rv = SSL_ConfigServerSessionIDCache(10, 0, 0, ".");
- if (rv != 0) {
- dbmsg((PR_STDERR, "Can't config server session ID cache (%d) \n",rv));
- return Error(15);
- }
-
- return 0;
-}
-
-
-
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h
deleted file mode 100644
index 58af6b14e..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslc.h
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLC_H
-#define SSLC_H
-
-#include "ssls.h"
-
-struct cipherspec {
- int sslversion; /* either 2 or 3 */
- int exportable; /* 0=domestic cipher, 1=exportable */
- int ks,sks; /* key size, secret key size (bits) */
- char *name; /* name expected from SecurityStatus */
- int enableid; /* the cipher id used by SSL_EnableCipher */
- int on; /* 0= do not enable this cipher, 1 = enable */
-};
-
-
-/* Ugly way to generate code to fill in cipher_array struct */
-/* I wanted to make this part of the static structure initialization,
- but some compilers complain that the .on field is not constant */
-
-#define CIPHER(p_sslversion,p_policy,p_ks,p_sks,p_name,p_x) {\
- cipher_array[i].sslversion = p_sslversion; \
- cipher_array[i].exportable = p_policy; \
- cipher_array[i].ks = p_ks; \
- cipher_array[i].sks = p_sks; \
- cipher_array[i].name = p_name; \
- cipher_array[i].enableid = SSL_ ## p_x; \
- cipher_array[i].on = REP_Cipher_ ## p_x; \
- i++; }
-
-/* A DIPHER is a disabled-cipher (don't run the test suite) */
-#define DIPHER(sslversion,policy,ks,sks,name,x) ;
-
-
-/* These constants are indexes into the 'nicknames' array */
-
-#define NO_CERT -1
-#define CLIENT_CERT_VERISIGN 1
-#define CLIENT_CERT_HARDCOREII_1024 2
-#define CLIENT_CERT_HARDCOREII_512 3
-#define CLIENT_CERT_SPARK 4
-#define SERVER_CERT_HARDCOREII_512 5
-#define SERVER_CERT_VERISIGN_REGULAR 6
-#define SERVER_CERT_VERISIGN_STEPUP 7
-#define SERVER_CERT_SPARK 8
-#define MAX_NICKNAME 10
-
-extern struct cipherspec cipher_array[];
-extern int cipher_array_size;
-
-extern void ClearCiphers();
-extern void EnableCiphers();
-extern void SetPolicy();
-extern int Version2Enable();
-extern int Version3Enable();
-extern int Version23Clear();
-extern char *nicknames[];
-extern void SetupNickNames();
-extern int SetServerSecParms(struct ThreadData *td);
-
-
-#endif
-/* SSLC_H */
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c b/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c
deleted file mode 100644
index b406f335f..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#include "ssls.h"
-
-#include <ssl.h>
-#include <sslproto.h>
-
-/* 21 lines x 8 chars = 168 bytes */
-
-
-#if 1
-unsigned char data[] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08,
-
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x07, 0x08
-};
-
-#else
-
-unsigned char data[] = {
- 0x2e, 0x86, 0x53, 0x10, 0x4f, 0x38, 0x34, 0xea,
- 0x4b, 0xd3, 0x88, 0xff, 0x6c, 0xd8, 0x1d, 0x4f,
- 0x20, 0xb9, 0xe7, 0x67, 0xb2, 0xfb, 0x14, 0x56,
- 0x55, 0x57, 0x93, 0x80, 0xd7, 0x71, 0x38, 0xef,
-
- 0x6c, 0xc5, 0xde, 0xfa, 0xaf, 0x04, 0x51, 0x2f,
- 0x0d, 0x9f, 0x27, 0x9b, 0xa5, 0xd8, 0x72, 0x60,
- 0xd9, 0x03, 0x1b, 0x02, 0x71, 0xbd, 0x5a, 0x0a,
- 0x42, 0x42, 0x50, 0xb3, 0x7c, 0x3d, 0xd9, 0x51,
-
- 0xb8, 0x06, 0x1b, 0x7e, 0xcd, 0x9a, 0x21, 0xe5,
- 0xf1, 0x5d, 0x0f, 0x28, 0x6b, 0x65, 0xbd, 0x28,
- 0xad, 0xd0, 0xcc, 0x8d, 0x6e, 0x5d, 0xeb, 0xa1,
- 0xe6, 0xd5, 0xf8, 0x27, 0x52, 0xad, 0x63, 0xd1,
-
- 0xec, 0xbf, 0xe3, 0xbd, 0x3f, 0x59, 0x1a, 0x5e,
- 0xf3, 0x56, 0x83, 0x43, 0x79, 0xd1, 0x65, 0xcd,
- 0x2b, 0x9f, 0x98, 0x2f, 0x20, 0x03, 0x7f, 0xa9,
- 0x88, 0x9d, 0xe0, 0x68, 0xa1, 0x6f, 0x0b, 0xe6,
-
- 0xe1, 0x9e, 0x27, 0x5d, 0x84, 0x6a, 0x12, 0x98,
- 0x32, 0x9a, 0x8e, 0xd5, 0x23, 0xd7, 0x1a, 0xec,
- 0xe7, 0xfc, 0xe2, 0x25, 0x57, 0xd2, 0x3c, 0x97,
- 0x12, 0xa9, 0xf5, 0x81, 0x7f, 0xf2, 0xd6, 0x5d,
-
- 0xa4, 0x84, 0xc3, 0xad, 0x38, 0xdc, 0x9c, 0x19
-};
-#endif
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h b/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h
deleted file mode 100644
index deb3fc1ff..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/ssls.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLS_H
-#define SSLS_H
-
-#include <prinit.h>
-#include <prprf.h>
-#include <prsystem.h>
-#include <prmem.h>
-#include <plstr.h>
-#include <prnetdb.h>
-#include <prinrval.h>
-
-
-#include <cert.h>
-
-extern struct CipherPolicy ciphers[];
-extern struct CipherPair policy[];
-
-extern unsigned char data[];
-
-#define BUFSIZE 3955 /* some arbitrary size not a multiple of 2^x */
-
-struct ThreadData { /* place to put thread-local data. */
-
- PRFileDesc *fd; /* NSPR File Desc */
- PRFileDesc *s; /* The secure File Desc */
- PRFileDesc *r; /* Rendezvous socket (not used right now */
- PRPollDesc pd;
- CERTCertificate *cert;
- CERTCertificate *peercert;
-
- struct ThreadData *peer;
-
- PRNetAddr na;
- PRThread *subthread;
-
- int peerport;
- int client;
-
- char sendbuf[BUFSIZE];
- char recvbuf[BUFSIZE];
- int data_read;
- int data_sent;
- int data_tosend;
- int state;
- unsigned char xor_reading;
- unsigned char xor_writing;
-
- int exit_code;
- int secerr_flag;
- int secerr;
-
-
-#define SSLT_INITIAL_FORCE 1
-#define SSLT_FIRST_IO 2
-#define SSLT_REDO 4
-
- int status_on;
- char *status_cipher;
- int status_keysize;
- int status_skeysize;
- char *status_issuer;
- char *status_subject;
-
-};
-
-
-#define POLICY_DOMESTIC 0
-#define POLICY_EXPORT 1
-
-
-extern int VerifyBuffer(char *recvbuf,int bufsize,int done, char xor);
-extern void FillBuffer(char *sendbuf,int bufsize, int offset, char xor);
-extern void HandshakeCallback(PRFileDesc *s, void *td);
-
-
-#define DATABUFSIZE 168
-#define CLIENTXOR 0xA5
-
-#define BLOCKING 0
-#define NON_BLOCKING 1
-
-#define STATE_BEFORE_INITIAL_HANDSHAKE 0
-#define STATE_BEFORE_REDO_HANDSHAKE 1
-#define STATE_STATUS_COLLECTED 2
-#define STATE_DONE_WRITING 3
-#define STATE_DONE_READING 4
-#define STATE_DONE 5
-
-#define SSLT_CLIENTAUTH_OFF 1
-#define SSLT_CLIENTAUTH_REDO 2
-#define SSLT_CLIENTAUTH_INITIAL 3
-
-
-#endif
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c
deleted file mode 100755
index 760aecdbc..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.c
+++ /dev/null
@@ -1,1183 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#define VERION_MAJOR 1
-#define VERION_MINOR 0
-#define VERSION_POINT 7
-/* NSPR header files */
-#include <prinit.h>
-#include <prprf.h>
-#include <prsystem.h>
-#include <prmem.h>
-#include <plstr.h>
-#include <prnetdb.h>
-#include <prinrval.h>
-#include <prmon.h>
-#include <prlock.h>
-
-/* Security library files */
-#include "cert.h"
-#include "key.h"
-#include "secmod.h"
-#include "secutil.h"
-#include "pk11func.h"
-
-/* SSL Header Files */
-#include "ssl.h"
-#include "sslproto.h"
-
-#define EXIT_OOPS 14
-
-#include "ssls.h"
-#include "sslc.h"
-
-#ifdef XP_PC
-/* Windows VC++ 6.0 Header File required to define EXCEPTION_EXECUTE_HANDLER. */
-#include "excpt.h"
-#endif
-
-#ifndef DEBUG_stevep
-#define dbmsg(x) if (debug) PR_fprintf x ;
-#else
-#define dbmsg(x) ;
-#endif
-
-/* Prototypes */
-
-PRInt32 ServerThread(PRInt32 argc,char **argv);
-void ClientThread(void *arg);
-void SetupNickNames(void );
-int OpenDBs(void);
-int ConfigServerSocket(void);
-int DoIO(struct ThreadData *);
-int Client(void);
-int SetClientSecParams(void);
-int CreateClientSocket(void);
-
-#ifdef XP_PC
-extern char getopt(int, char**, char*);
-#endif
-extern int Version2Enable(PRFileDesc *s);
-extern int Version3Enable(PRFileDesc *s);
-extern int Version23Clear(PRFileDesc *s);
-extern void SetupNickNames();
-extern int AuthCertificate(void *arg,PRFileDesc *fd,
- PRBool checkSig, PRBool isServer);
-extern char *MyPWFunc(void *slot, PRBool retry, void *arg);
-
-extern char *nicknames[];
-extern char *client_nick;
-extern char *password, *nickname;
-
-/* Shared condition variables */
-
-int rc; /* rc is the error the process should return */
-PRMonitor *rcmon; /* rcmon protects rc, since it can be set by the client */
- /* or server thread */
-
-/***** Read-only global variables (initialized in Server Thread) ****/
-
-PRInt32 debug = 0;
-PRInt32 verbose = 0;
-CERTCertDBHandle *cert_db_handle = NULL;
-
-struct ThreadData cl,svr;
-
-/* Include Replacer-generated variables file */
-
-/* INSERT_TABLES is a special parameter to sslt.h which inserts the
- replacer-generated tables. We only want this table to be included
- once in the executable, but this header file gets use in several
- places */
-
-#define INSERT_TABLES
-#include "sslt.h"
-#include "nss.h"
-
-
-
-/*
- *
- * OpenDBs() - open databases
- * errors(30-39)
- */
-
-int OpenDBs() {
- int r;
-
- NSS_Init(".");
- return 0;
-}
-
-
-
-
-
-/*
- * CreateServerSocket
- * errors (20-29)
- */
-
-
-int CreateServerSocket(struct ThreadData *td) {
- /* Create server socket s */
-
- td->fd = PR_NewTCPSocket();
- if (td->fd == NULL) return Error(20);
-
- td->r = SSL_ImportFD(NULL, td->fd);
- if (td->r == NULL) return Error(21);
-
- return 0;
-}
-
-
-int ConfigServerSocket() {
-
- /* Set up Net address to bind to 'any' */
- int r;
-
- r = PR_InitializeNetAddr(PR_IpAddrAny,0,&svr.na);
- if (PR_SUCCESS != r) return Error(2);
-
-
- r = PR_Bind(svr.r,&svr.na); /* bind to an IP address */
- if (PR_SUCCESS != r) return Error(3);
-
-
- r = PR_Listen(svr.r,5);
- if (PR_SUCCESS != r) return Error(4);
-
-
- r = PR_GetSockName(svr.r,&svr.na);
- if (PR_SUCCESS != r) return Error(5);
- return r;
-}
-
-
-/*
- * main
- * returns 255 if 'coredump'-type crash occurs on winNT
- *
- */
-
-PRIntn main(PRIntn ac, char **av, char **ev) {
- int r;
- extern char *optarg;
- extern int optind;
- int c;
-
-
- if( ac == 1 ) {
- PR_fprintf(PR_STDERR,
-"\nSSL Test Suite Version %d.%d.%d\n\
-All Rights Reserved\n\
-Usage: sslt [-c client_nickname] [-n server_nickname] [-p passwd] [-d] testid\n",
-VERION_MAJOR, VERION_MINOR, VERSION_POINT);
-
- exit(0);
- }
-
- for (c = 1; c<ac; c++) {
- if (!PL_strcmp(av[c],"-c")) {
-
- c++;
- if (c < ac) {
- client_nick = av[c];
- }
- else {
- PR_fprintf(PR_STDOUT,"must supply argument for -c\n");
- exit(0);
- }
- }
-
- else if (!PL_strcmp(av[c],"-n")) {
-
- c++;
- if (c < ac) {
- nickname = av[c];
- }
- else {
- PR_fprintf(PR_STDOUT,"must supply argument for -n\n");
- exit(0);
- }
- }
- else if (!PL_strcmp(av[c],"-p")) {
-
- c++;
- if (c < ac) {
- password = av[c];
- }
- else {
- PR_fprintf(PR_STDOUT,"must supply argument for -p\n");
- exit(0);
- }
- }
- else if (!PL_strcmp(av[c],"-d")) {
- c++;
- debug++;
- }
- else
- testId = atoi(av[c]);
- }
-
-
-
-#ifdef XP_PC
- __try {
-#endif
-
- r = PR_Initialize(ServerThread,ac,av,400); /* is 400 enough? */
-
- /* returncode 99 means 'no error' */
- if (99 == r) r = 0;
-
-#ifdef XP_PC
- } __except( PR_fprintf(PR_STDERR, "\nCERT-TEST crashed\n"), EXCEPTION_EXECUTE_HANDLER ) {
- r = 255;
- }
-#endif
-
- return r;
-
-}
-
-
-
-/*
- * ServerThread
- * (errors 1-9,150-159)
- */
-
-
-PRInt32 ServerThread(PRInt32 argc,char **argv) {
-
- PRNetAddr na;
-
- PRStatus r;
- SECStatus rv;
-
- CERTCertDBHandle *cert_db_handle;
- PRInt32 i,j;
- struct ThreadData * td;
-
-
- /* if (InvalidTestHack() == PR_TRUE) {
- return 0;
- }
- */
-
- rcmon = PR_NewMonitor();
- if (NULL == rcmon) return Error(140);
-
- PR_EnterMonitor(rcmon);
- rc = 0;
- PR_ExitMonitor(rcmon);
-
- InitCiphers();
- SetPolicy();
- SetupNickNames();
-
- cl.peer = &svr;
- svr.peer = &cl;
-
-
- r = OpenDBs(); /* open databases and set defaults */
- if (PR_SUCCESS != r) return r;
-
-
- r = CreateServerSocket(&svr);
- if (PR_SUCCESS != r) return r;
-
- r = ConfigServerSocket();
- if (PR_SUCCESS != r) return r;
-
- cl.peerport = svr.na.inet.port;
-
-
- r = SetServerSecParms(&svr); /* configure server socket
- sid cache, certificate etc. */
- if (r) return r;
-
- r = SSL_HandshakeCallback(svr.r, HandshakeCallback, &svr);
- if (PR_SUCCESS != r) return Error(150);
-
- r = SSL_AuthCertificateHook(svr.r,AuthCertificate,&svr);
- if (PR_SUCCESS !=r ) return Error(151);
-
- /* The server socket is now set up. Now, we must start
- the client thread */
-
- svr.subthread =
- PR_CreateThread(PR_SYSTEM_THREAD, /* Thread Type */
- ClientThread, /* Start Function */
- NULL, /* Argument */
- PR_PRIORITY_NORMAL, /* Priority */
- PR_GLOBAL_THREAD, /* Scheduling scope */
- PR_JOINABLE_THREAD, /* Thread State */
- 0 /* Stacksize (0=use default) */
- );
- if (svr.subthread == NULL) return Error(6);
-
-
-
- /* Wait for incoming connection from client thread */
-
- svr.s = PR_Accept(svr.r, NULL, PR_SecondsToInterval(100)); /* timeout */
- if (NULL == svr.s) {
- r = PR_GetError();
- if (r) {
- return Error(7);
- }
- }
-
- td = &svr;
- td->client = PR_FALSE;
- td->xor_reading = CLIENTXOR;
- td->xor_writing = 0;
-
- r = DoIO(td);
- dbmsg((PR_STDERR,"Server IO complete - returned %d\n",r));
- dbmsg((PR_STDERR,"PR_GetError() = %d\n",PR_GetError()));
-
-
- /* WHY IS THIS HERE???? */
- r = 0;
- if (r) return r;
-
-
- /* c = SSL_PeerCertificate(s); */
-
- r = PR_Close(svr.s); /* close the SSL Socket */
- if (r != PR_SUCCESS) return Error(8);
-
- dbmsg((PR_STDERR,"PR_Close(svr.s) - returned %d\n",r));
-
- r = PR_Close(svr.r); /* Close the rendezvous socket */
- if (r != PR_SUCCESS) return Error(8);
-
- dbmsg((PR_STDERR,"PR_Close(svr.r) - returned %d\n",r));
-
- r = PR_JoinThread(svr.subthread);
- if (r != PR_SUCCESS) return Error(9);
-
- PR_EnterMonitor(rcmon);
- r = rc;
- PR_ExitMonitor(rcmon);
-
- dbmsg((PR_STDERR,"Client Thread Joined. client's returncode=%d\n",r));
- dbmsg((PR_STDERR,"Server Thread closing down.\n"));
-
- return r;
-
- }
-
-
-/*
- * Get security status for this socket
- *
- */
-
-int GetSecStatus(struct ThreadData *td) {
- int r;
-
- r = SSL_SecurityStatus(td->s,
- &td->status_on,
- &td->status_cipher,
- &td->status_keysize,
- &td->status_skeysize,
- &td->status_issuer,
- &td->status_subject
- );
-
- return r;
- /* SSL_PeerCertificate(); */
-
-}
-
-
-
-
-/* Signal an error code for the process to return.
- If the peer aborted before us, returns 0.
- If the peer did not abort before us, returns the calling argument
- (to be used as a returncode) */
-int Error(int s)
-{
- int r;
-
- PR_EnterMonitor(rcmon);
- r = rc;
- if (0 == rc) {
- rc = s;
- }
- PR_ExitMonitor(rcmon);
-
- if (r) return s;
- else return 0;
-}
-
-
-
-#define ALLOWEDBYPROTOCOL 1
-#define ALLOWEDBYPOLICY 2
-#define ALLOWEDBYCIPHERSUITE 4
-
-/* This returns 0 if the status is what was expected at this point, else a returncode */
-
-
-int VerifyStatus(struct ThreadData *td)
-{
- int i,j;
- int matched =0;
-
- /* Go through all the ciphers until we find the first one that satisfies */
- /* all the criteria. The ciphers are listed in preferred order. So, the first */
- /* that matches should be the one. */
-
- /* because of bug 107086, I have to fudge this. If it weren't for this
- bug, SSL2 ciphers may get chosen in preference to SSL3 cipher,
- if they were stronger */
-
-
- for (i=0;i<cipher_array_size;i++) {
-
- /* IF */
-
- if (
-
- /* bug 107086. If SSL2 and SSL3 are enabled, ignore the SSL2 ciphers */
- (!( /* see above */
- (REP_SSLVersion2 && REP_SSLVersion3) && cipher_array[i].sslversion == 2)
- )
-
- &&
-
-
- ( /* Cipher is the right kind for the protocol? */
- ((cipher_array[i].sslversion == 2) && REP_SSLVersion2) ||
- ((cipher_array[i].sslversion == 3) && REP_SSLVersion3)
- )
-
- && /* Cipher is switched on */
-
- ((cipher_array[i].on == 1) ||
- ((cipher_array[i].on == 2) &&
- (REP_ServerCert == SERVER_CERT_VERISIGN_STEPUP)))
-
- && /* Is this cipher enabled under this policy */
-
- (
- (REP_Policy == POLICY_DOMESTIC) ||
- ((REP_Policy == POLICY_EXPORT) &&
- (cipher_array[i].exportable == SSL_ALLOWED)))
- )
-
- /* THEN */
- {
- /* This is the cipher the SSL library should have chosen */
-
- matched = 1;
- break;
- }
- }
-
-GetSecStatus(td);
-
-
-#define SSLT_STATUS_CORRECT 0 /* The status is correct. Continue with test */
-#define SSLT_STATUS_WRONG_KEYSIZE 1 /* The reported keysize is incorrect. abort */
-#define SSLT_STATUS_WRONG_SKEYSIZE 2 /* The reported secret keysize is incorrect. abort */
-#define SSLT_STATUS_WRONG_DESCRIPTION 3 /* The reported description is incorrect. abort*/
-#define SSLT_STATUS_WRONG_ERRORCODE 4 /* sec. library error - but wrong one - abort */
-#define SSLT_STATUS_CORRECT_ERRORCODE 5 /* security library error - right one - abort with err 99 */
-
- if (matched) {
- if (td->status_keysize != cipher_array[i].ks) {
- PR_fprintf(PR_STDERR,"wrong keysize. seclib: %d, expected %d\n",
- td->status_keysize,cipher_array[i].ks);
- return SSLT_STATUS_WRONG_KEYSIZE;
- }
- if (td->status_skeysize != cipher_array[i].sks) return SSLT_STATUS_WRONG_SKEYSIZE;
- if (PL_strcmp(td->status_cipher,cipher_array[i].name)) {
- PR_fprintf(PR_STDERR,"wrong cipher description. seclib: %s, expected: %s\n",
- td->status_cipher,cipher_array[i].name);
- return SSLT_STATUS_WRONG_DESCRIPTION;
- }
-
- /* Should also check status_issuer and status_subject */
-
- return SSLT_STATUS_CORRECT;
- }
-
- else {
- /* if SSL wasn't enabled, security library should have returned a failure with
- SSL_ERROR_SSL_DISABLED
- */
-
- /* Since we cannot set the client and server ciphersuites independently,
- there's not point in checking for NO_CYPHER_OVERLAP. That's why some
- of this is commented out.
- */
-
-#if 0
- if (PR_FALSE == REP_SSLVersion2 &&
- PR_FALSE == REP_SSLVersion3)
-{
-if ( (td->secerr_flag == PR_FALSE ) ||
- ((td->secerr_flag == PR_TRUE) &&
- !((td->secerr == SSL_ERROR_SSL_DISABLED) ||
- (td->secerr == SSL_ERROR_NO_CYPHER_OVERLAP))
- )) {
- return SSLT_STATUS_WRONG_ERRORCODE;
- }
- else
- return SSLT_STATUS_CORRECT_ERRORCODE;
- }
-
- else {
-
- /* If SSL was enabled, and we get here, then no ciphers were compatible
- (matched == 0). So, security library should have returned the error
- SSL_ERROR_NO_CYPHER_OVERLAP */
-
- if ((td->secerr_flag == PR_FALSE) ||
- ((td->secerr_flag == PR_TRUE) && (td->secerr != SSL_ERROR_NO_CYPHER_OVERLAP))) {
- return SSLT_STATUS_WRONG_ERRORCODE;
- }
- else return SSLT_STATUS_CORRECT_ERRORCODE;
- }
-#endif
- }
- return SSLT_STATUS_CORRECT_ERRORCODE;
-}
-
-
-/*
- * DoRedoHandshake()
- *
- * errors(90-99)
- * 99 means exit gracefully
- */
-
-int DoRedoHandshake(struct ThreadData *td) {
- int r;
-
-
- /* figure out if we really should do the RedoHandshake */
- if ((td->client && (PR_TRUE== REP_ClientRedoHandshake)) ||
- (!td->client && (PR_TRUE== REP_ServerRedoHandshake))) {
-
- if ((!td->client && (SSLT_CLIENTAUTH_REDO==REP_ServerDoClientAuth))) {
- r = SSL_Enable(td->s, SSL_REQUEST_CERTIFICATE, 1);
- }
-
- r = SSL_RedoHandshake(td->s); /* .. and redo the handshake */
- if (PR_SUCCESS == r) { /* If the handshake succeeded, */
- /* make sure that shouldn't have failed... */
-
- /***
- If the server is doing ClientAuth
- and the wrong certificate in the
- client, then the handshake should fail (but it succeeded)
- ***/
-
-#if 0
- if (SSLT_CLIENTAUTH_INITIAL == REP_ServerDoClientAuth) {
- if ((CLIENT_CERT_SPARK == REP_ClientCert) ||
- (SERVER_CERT_HARDCOREII_512 == REP_ClientCert) ||
- (NO_CERT == REP_ClientCert)
- )
- return Error(90);
-
- }
-#endif
-
- }
-
- else { /* PR_FAILURE: Make sure the handshake shouldn't have succeeded */
-
- /* First, abort the peer, since it cannot continue */
- r = Error(91);
- if (0==r) return 0; /* peer aborted first */
- else {
- /***
- If the server is doing clientauth and
- a valid certificate was presented, the handshake
- should have succeeded (but it failed)
- ***/
-
- if (PR_TRUE == REP_ServerDoClientAuth) {
- if ((CLIENT_CERT_HARDCOREII_512 == REP_ClientCert) ||
- (CLIENT_CERT_HARDCOREII_1024 == REP_ClientCert) ||
- (CLIENT_CERT_VERISIGN == REP_ClientCert) ||
- (SERVER_CERT_HARDCOREII_512 == REP_ClientCert)
- )
- return Error(91);
- }
- }
- }
- }
-}
-
-
-
-/* There is a independent State Machine for each of client and server.
- They have the following states:
-
- 1. STATE_BEFORE_INITIAL_HANDSHAKE
- In this state at the very start. No I/O has been done on the socket,
- and no status has been collected. Once I/O has been done, we move on
- to state 2.
-
- 2. STATE_BEFORE_REDO_HANDSHAKE
- If we won't be doing a redohandshake, move immediately to state3.
- Check security status to make sure selected cipher is correct.
- If we are doing a redohandshake, adjust the security parameters for
- the redo, and move to state 3.
- 3. STATE_STATUS_COLLECTED
- When we move to this state, check security status.
- Remain in this state until either reading or writing is complete
- 4. STATE_DONE_WRITING
- Come here when writing is complete. When reading is complete move
- to state 6.
- 5. STATE_DONE_READING
- Come here when reading is complete. When writing is complete move
- to state 6.
- 6. STATE_DONE
- We're done. Check that the appropriate callbacks were called at the
- appropriate times.
- */
-
-/*
- * State Machine
- *
- * errors(80-89)
- */
-
-int NextState(struct ThreadData *td,
- int finishedReading,
- int finishedWriting) {
- int r;
-
-
-
- /* if we were in STATE_BEFORE_INITIAL_HANDSHAKE, and we came here, we must
- have just completed a handshake, so we can get status and move on
- to next state. */
-
- if (STATE_BEFORE_INITIAL_HANDSHAKE == td->state ) {
-
- td->state = STATE_BEFORE_REDO_HANDSHAKE; /* first set next state */
-
- r = GetSecStatus(td);
- if (PR_SUCCESS != r) {
- return Error(80);
- }
-
-#if 0
- r = VerifyStatus(td); /* Call VerifyStatus to make sure that the connection is
- what was expected */
- if (PR_SUCCESS != r) return r;
-#endif
-
-
- }
-
- if (STATE_BEFORE_REDO_HANDSHAKE == td->state) {
- /* If we're not going to do a redohandshake, we can just skip over this state */
- if (td->client) {
- if (PR_FALSE == REP_ClientRedoHandshake) td->state = STATE_STATUS_COLLECTED;
- }
- else {
- if (PR_FALSE == REP_ServerRedoHandshake) td->state = STATE_STATUS_COLLECTED;
- }
- r = DoRedoHandshake(td);
- if (PR_SUCCESS != r) return r;
- td->state = STATE_STATUS_COLLECTED;
- }
-
-
- switch (td->state) {
- case STATE_STATUS_COLLECTED:
- if (finishedWriting) td->state = STATE_DONE_WRITING;
- if (finishedReading) td->state = STATE_DONE_READING;
- break;
- case STATE_DONE_WRITING:
- if (finishedReading) td->state = STATE_DONE;
- break;
- case STATE_DONE_READING:
- if (finishedWriting) td->state = STATE_DONE;
- break;
- default:
- return PR_SUCCESS;
- }
-}
-
-
-/* CheckSSLEnabled:
- If there was an I/O, and SSL was disabled, then check the error
- code to make sure that the correct error was returned.
- The parameter passed in is the returncode from PR_Read or PR_Write
- */
-
-int CheckSSLEnabled(int j) {
- if (PR_FALSE == REP_SSLVersion2 &&
- PR_FALSE == REP_SSLVersion3) {
- if (( -1 != j ) ||
- (( -1 == j) && (PR_GetError() != SSL_ERROR_SSL_DISABLED))) {
- return 52;
- }
- else return 99;
- }
- else return 0;
-}
-
-
-
-/*
- * Do I/O
- *
- * Errors 50-69
- */
-
-int DoIO(struct ThreadData *td) {
-
-int i,j,r;
-
- td->pd.fd = td->s;
- td->pd.in_flags = PR_POLL_READ | PR_POLL_WRITE | PR_POLL_EXCEPT;
- td->data_read = 0;
- td->data_sent = 0;
-
- td->data_tosend = REP_ServerIOSessionLength;
-
- td->state = STATE_BEFORE_INITIAL_HANDSHAKE;
-
-
- while (PR_TRUE) {
- dbmsg((PR_STDERR,"%s: DoIO loop\n",
- &svr==td ? "Server" : "Client"));
-
- /* pd = polldescriptor, 1 = number of descriptors, 5 = timeout in seconds */
- r = PR_Poll(&td->pd,1,PR_SecondsToInterval(5));
-
- /* Check if peer has already signalled an error condition */
-
- PR_EnterMonitor(rcmon);
- if (0 != rc) {
- /* got here? - means peer wants to stop. It has set the
- exit code */
- PR_ExitMonitor(rcmon);
- dbmsg((PR_STDERR,"%s: Peer has aborted (error code %d). We should too\n",
- &svr==td ? "Server" : "Client",rc));
-
- return 0;
- }
- else {
- PR_ExitMonitor(rcmon);
- }
-
- if (0 == r) ; /* timeout occurred */
-
- if (td->pd.out_flags & PR_POLL_EXCEPT) return Error(50);
-
- /******* Process incoming data *******/
-
- if (! (STATE_DONE == td->state || STATE_DONE_READING == td->state)) {
- if (td->pd.out_flags & PR_POLL_READ) {
-
- td->secerr = 0;
- i = PR_Read(td->s, td->recvbuf, BUFSIZE);
-
- if (i < 0) {
- td->secerr_flag = 1;
- td->secerr = PR_GetError();
- }
- else td->secerr_flag =0;
-
- r = VerifyStatus(td);
-
- switch (r) {
- case SSLT_STATUS_CORRECT:
- break;
- case SSLT_STATUS_CORRECT_ERRORCODE:
- return Error(99);
- default:
- return Error(60+r);
- }
-
- r = VerifyBuffer(td->recvbuf, i, td->data_read, td->xor_reading);
- if (r) return r;
- td->data_read += i;
-
- /* Invoke State Machine */
-
- NextState(td, 0==i, 0); /* if i is zero, signal 'finishedreading' */
-
- }
- }
-
- if (! (STATE_DONE == td->state || STATE_DONE_WRITING == td->state)) {
- if (td->pd.out_flags & PR_POLL_WRITE) {
- FillBuffer(td->sendbuf,BUFSIZE,td->data_sent,td->xor_writing);
-
- i = td->data_tosend - td->data_sent;
- if (i > BUFSIZE) i = BUFSIZE; /* figure out how much
- data to send */
- td->secerr = 0;
- j = PR_Write(td->s, td->sendbuf, i);
-
-
- if (j < 0) {
- td->secerr_flag = 1;
- td->secerr = PR_GetError();
- }
- else td->secerr_flag =0;
-
- r = VerifyStatus(td);
-
- switch (r) {
- case SSLT_STATUS_CORRECT:
- break;
- case SSLT_STATUS_CORRECT_ERRORCODE:
- return Error(99);
- default:
- return Error(60+r);
- }
-
- }
- if (j == -1) return Error(53); /* Error on socket (Not an error
- if nonblocking IO enabled, and
- Error is Would Block */
-
- if (j != i) return Error(54); /* We didn't write the
- amount we should have */
-
- td->data_sent += j;
-
- if (td->data_sent == td->data_tosend) {
- PR_Shutdown(td->s,PR_SHUTDOWN_SEND);
- }
-
- /* next state of state machine */
-
- NextState(td,
- 0,
- td->data_sent == td->data_tosend /* finishedwriting */
- );
- }
-
-
-
- if (STATE_DONE == td->state) break;
-
- } /* while (1) */
-
- dbmsg((PR_STDERR,"%s: DoIO loop:returning 0\n",
- &svr==td ? "Server" : "Client"));
-
- return 0;
-
-}
-
-
-
-
-/* This is the start of the client thread code */
-/* Client Thread errors(100-200) */
-
-
-/*
- * CreateClientSocket()
- * errors (120-129)
- */
-
-
-int CreateClientSocket() {
- /* Create client socket s */
-
- cl.fd = PR_NewTCPSocket();
- if (cl.fd == NULL) return Error(120);
-
- cl.s = SSL_ImportFD(NULL, cl.fd);
- if (cl.s == NULL) return Error(121);
-
- return 0;
-}
-
-
-
-/*
- * SetClientSecParms
- * errors(130-139)
- */
-
-int SetClientSecParams() {
- int rv;
- /* SSL Enables */
-
- rv = SSL_Enable(cl.s, SSL_SECURITY, 1);
- if (rv < 0) return Error(130);
-
- rv = Version23Clear(cl.s);
- if (rv) return rv;
-
- if (REP_SSLVersion2) {
- rv = Version2Enable(cl.s);
- if (rv) return rv;
- }
- if (REP_SSLVersion3) {
- rv = Version3Enable(cl.s);
- if (rv) return rv;
- }
-
- SSL_SetPKCS11PinArg(cl.s,(void*)MyPWFunc);
-
- if (REP_ClientCert == NO_CERT) {
- return 0;
- }
- else {
- cl.cert = PK11_FindCertFromNickname(client_nick,NULL);
- }
- if (cl.cert == NULL) return Error(131);
-
- return 0;
-}
-
-
-/*
- * Client()
- * errors (100-120)
- */
-
-int Client() {
- int r;
-
- r = CreateClientSocket();
- if (r) return r;
-
- r = SetClientSecParams();
- if (r) return r;
-
- /* Set address to connect to: localhost */
-
- r = PR_InitializeNetAddr(PR_IpAddrLoopback,0,&cl.na);
- cl.na.inet.port = cl.peerport;
- if (PR_FAILURE == r) return Error(101);
-
- r = SSL_AuthCertificateHook(cl.s,AuthCertificate,&cl);
- if (r) return Error(102);
- r = SSL_HandshakeCallback(cl.s,HandshakeCallback,&cl);
- if (r) return Error(103);
-
- r = PR_Connect(cl.s, &cl.na, PR_SecondsToInterval(50));
- if (PR_FAILURE == r) {
- dbmsg((PR_STDERR, "Client: Seclib error: %s\n",SECU_ErrorString ((int16) PR_GetError())));
- return Error(104);
- }
-
-
- if (PR_TRUE == REP_ClientForceHandshake) {
- r = SSL_ForceHandshake(cl.s);
- if (PR_FAILURE == r) {
- dbmsg((PR_STDERR, "Client: Seclib error: %s\n",
- SECU_ErrorString ((int16) PR_GetError())));
- return Error(105);
- }
- }
-
- cl.client = PR_TRUE;
- cl.xor_reading = 0;
- cl.xor_writing = CLIENTXOR;
-
- r = DoIO(&cl);
-
- dbmsg((PR_STDERR,"Client Thread done with IO. Returned %d\n",r));
-
-
- if (PR_SUCCESS != r) return r;
-
- r = PR_Close(cl.s);
-
- dbmsg((PR_STDERR,"Client Socket closing. Returned %d\n",r));
-
- return Error(r);
-
-}
-
-
-
- void ClientThread(void *arg) {
- int r;
-
- Error(Client());
-
- dbmsg((PR_STDERR,"Client Thread returning %d\n",r));
-
-
- }
-
-
-
-
-
-
- /* VerifyBuffer() */
-
-/* verify the data in the buffer. Returns 0 if valid */
-/* recvbuf = start of data to verify
- * bufsize = amount of data to verify
- * done = how to offset the reference data. How much
- data we have done in previous sessions
- * xor = xor character
-
- * errors 70-79
-
- */
-
- int VerifyBuffer(char *recvbuf,int bufsize,int done, char xor) {
- int i,j,k;
-
- while (bufsize) {
- i = done % DATABUFSIZE;
-
- k = DATABUFSIZE;
- if (bufsize < k) {
- k = bufsize;
- }
- for (j = i; j < k ; j++) {
- if ((data[j] ^ xor) != (*recvbuf)) {
- return 71;
- }
-
- recvbuf++;
- }
- done += k-i;
- bufsize -= (k - i);
- if (bufsize < 0) return 73;
- }
- return (0);
-}
-
-
-/* fill the buffer. */
-
- void FillBuffer(char *sendbuf,int bufsize, int offset, char xor) {
- int done=0,i,j;
-
- while (done < bufsize) {
- i = offset % DATABUFSIZE;
- for (j = i; j < DATABUFSIZE ; j++) {
- *sendbuf = (data[j] ^ xor);
- sendbuf++;
- }
- done += (DATABUFSIZE - i);
- offset += (DATABUFSIZE - i);
- }
- }
-
-
-
-
-/****** CALLBACKS *******/
-
-
-
-/* HandshakeCallback
- This function gets called when a handshake has just completed.
- (maybe gets called more than once for example if we RedoHandshake)
- */
-
- void HandshakeCallback(PRFileDesc *s, void *td) {
- int r;
-
- /* 1. Get status of connection */
-
- r = GetSecStatus(td);
- if (PR_SUCCESS != r) {
- /* Abort */
- }
- else {
-
- /* 2. Verify status of connection */
-
-#if 0
- r =VerifyStatus(td);
- if (PR_SUCCESS != r) {
- /* Abort */
- }
-#endif
- }
-
- }
-
-
-
-/* This function gets called by the client thread's SSL code to verify
- the server's certificate. We cannot use the default AuthCertificate
- code because the certificates are used on multiple hosts, so
- CERT_VerifyCertNow() would fail with an IP address mismatch error
- */
-
-int
-AuthCertificate(void *arg, PRFileDesc *fd, PRBool checkSig, PRBool isServer)
-{
- SECStatus rv;
- CERTCertDBHandle *handle;
- /* PRFileDesc *ss; */
- SECCertUsage certUsage;
-
- /* ss = ssl_FindSocket(fd);
- PORT_Assert(ss != NULL); */
-
- handle = (CERTCertDBHandle *)arg;
-
- if ( isServer ) {
- certUsage = certUsageSSLClient;
- } else {
- certUsage = certUsageSSLServer;
- }
-
- /* rv = CERT_VerifyCertNow(handle, ss->sec->peerCert, checkSig, certUsage, arg); */
-
- return((int)PR_SUCCESS);
-}
-
-
-
-
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h
deleted file mode 100755
index e792755cc..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.h
+++ /dev/null
@@ -1,238 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLT_H
-#define SSLT_H
-
-
-extern int Error(int);
-#ifndef DEBUG_stevep
-#define dbmsg(x) if (debug) PR_fprintf x ;
-#else
-#define dbmsg(x) ;
-#endif
-extern PRInt32 debug;
-
-#ifdef INSERT_TABLES
-int testId = 0;
-
-int ClientCert[] = {
- NO_CERT,
- CLIENT_CERT_HARDCOREII_1024
-};
-
-int ServerCert[] = {
- SERVER_CERT_HARDCOREII_512
-};
-
-int Policy[] = {
- POLICY_EXPORT,
- POLICY_DOMESTIC
-};
-
-int SSLVersion2[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-int SSLVersion3[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-int ClientIOSessionLength[] = {
- 0,
- 1024
-};
-
-int ServerIOSessionLength[] = {
- 0,
- 1024
-};
-
-int ServerDoClientAuth[] = {
- SSLT_CLIENTAUTH_OFF
-};
-
-PRBool ClientForceHandshake[] = {
- PR_FALSE
-};
-
-PRBool ServerForceHandshake[] = {
- PR_TRUE
-};
-
-PRBool ClientRedoHandshake[] = {
- PR_FALSE
-};
-
-PRBool ServerRedoHandshake[] = {
- PR_FALSE
-};
-
-PRBool Cipher_EN_RC4_128_WITH_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_EN_RC2_128_CBC_WITH_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_WITH_RC4_128_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_WITH_DES_CBC_SHA[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA[] = {
- PR_TRUE,
- PR_FALSE
-};
-
-
-#else
-extern int ClientCert[];
-extern int ServerCert[];
-extern int Policy[];
-extern int SSLVersion2[];
-extern int SSLVersion3[];
-extern int ClientIOSessionLength[];
-extern int ServerIOSessionLength[];
-extern int ServerDoClientAuth[];
-extern PRBool ClientForceHandshake[];
-extern PRBool ServerForceHandshake[];
-extern PRBool ClientRedoHandshake[];
-extern PRBool ServerRedoHandshake[];
-extern PRBool Cipher_EN_RC4_128_WITH_MD5[];
-extern PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5[];
-extern PRBool Cipher_EN_RC2_128_CBC_WITH_MD5[];
-extern PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5[];
-extern PRBool Cipher_RSA_WITH_RC4_128_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[];
-extern PRBool Cipher_RSA_WITH_DES_CBC_SHA[];
-extern PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA[];
-extern int testId;
-#endif
-
-
-#define REP_ClientCert ClientCert[testId%2]
-#define REP_ServerCert ServerCert[testId/2%1]
-#define REP_Policy Policy[testId/2/1%2]
-#define REP_SSLVersion2 SSLVersion2[testId/2/1/2%2]
-#define REP_SSLVersion3 SSLVersion3[testId/2/1/2/2%2]
-#define REP_ClientIOSessionLength ClientIOSessionLength[testId/2/1/2/2/2%2]
-#define REP_ServerIOSessionLength ServerIOSessionLength[testId/2/1/2/2/2/2%2]
-#define REP_ServerDoClientAuth ServerDoClientAuth[testId/2/1/2/2/2/2/2%1]
-#define REP_ClientForceHandshake ClientForceHandshake[testId/2/1/2/2/2/2/2/1%1]
-#define REP_ServerForceHandshake ServerForceHandshake[testId/2/1/2/2/2/2/2/1/1%1]
-#define REP_ClientRedoHandshake ClientRedoHandshake[testId/2/1/2/2/2/2/2/1/1/1%1]
-#define REP_ServerRedoHandshake ServerRedoHandshake[testId/2/1/2/2/2/2/2/1/1/1/1%1]
-
-
-#define REP_Cipher_EN_RC4_128_WITH_MD5 Cipher_EN_RC4_128_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1%2]
-#define REP_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 Cipher_EN_RC4_128_EXPORT40_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2%2]
-#define REP_Cipher_EN_RC2_128_CBC_WITH_MD5 Cipher_EN_RC2_128_CBC_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2%2]
-#ifdef undef
-#define REP_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 $[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5]
-#define REP_Cipher_EN_IDEA_128_CBC_WITH_MD5 $[Cipher_EN_IDEA_128_CBC_WITH_MD5]
-#define REP_Cipher_EN_DES_64_CBC_WITH_MD5 $[Cipher_EN_DES_64_CBC_WITH_MD5
-#define REP_Cipher_RSA_WITH_NULL_SHA $[Cipher_RSA_WITH_NULL_SHA]
-#define REP_Cipher_RSA_WITH_RC4_128_SHA $[Cipher_RSA_WITH_RC4_128_SHA]
-#define REP_Cipher_RSA_WITH_IDEA_CBC_SHA $[Cipher_RSA_WITH_IDEA_CBC_SHA]
-#define REP_Cipher_NULL_WITH_NULL_NULL $[Cipher_NULL_WITH_NULL_NULL]
-#define REP_Cipher_RSA_WITH_NULL_MD5 $[Cipher_RSA_WITH_NULL_MD5]
-#endif
-#define REP_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2%2]
-#define REP_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 Cipher_RSA_EXPORT_WITH_RC4_40_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2%2]
-#define REP_Cipher_RSA_WITH_RC4_128_MD5 Cipher_RSA_WITH_RC4_128_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2%2]
-#define REP_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2/2%2]
-#define REP_Cipher_RSA_WITH_DES_CBC_SHA Cipher_RSA_WITH_DES_CBC_SHA[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2/2/2%2]
-#define REP_Cipher_RSA_WITH_3DES_EDE_CBC_SHA Cipher_RSA_WITH_3DES_EDE_CBC_SHA[testId/2/1/2/2/2/2/2/1/1/1/1/1/2/2/2/2/2/2/2/2%2]
-
-#ifdef undef
-#define REP_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA $[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA]
-
-#define REP_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA [Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_DES_CBC_SHA [Cipher_DH_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA [Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA [Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_DES_CBC_SHA [Cipher_DH_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA [Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA [Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_DES_CBC_SHA [Cipher_DHE_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA [Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA [Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_DES_CBC_SHA [Cipher_DHE_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA [Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 [Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5]
-#define REP_Cipher_DH_ANON_WITH_RC4_128_MD5 [Cipher_DH_ANON_WITH_RC4_128_MD5]
-#define REP_Cipher_DH_ANON_WITH_DES_CBC_SHA [Cipher_DH_ANON_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA [Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA $[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA $[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA]
-#endif
-#define REP_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA $[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_RSA_FIPS_WITH_DES_CBC_SHA $[Cipher_RSA_FIPS_WITH_DES_CBC_SHA]
-
-
-#endif
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp
deleted file mode 100644
index 06e55d176..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.htp
+++ /dev/null
@@ -1,136 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is the Netscape security libraries.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 1994-2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-#ifndef SSLT_H
-#define SSLT_H
-
-
-extern int Error(int);
-#ifndef DEBUG_stevep
-#define dbmsg(x) PR_fprintf x ;
-#else
-#define dbmsg(x) ;
-#endif
-
-#ifdef INSERT_TABLES
-$[DATA-TO-TEST]
-#else
-extern int ClientCert[];
-extern int ServerCert[];
-extern int Policy[];
-extern int SSLVersion2[];
-extern int SSLVersion3[];
-extern int ClientIOSessionLength[];
-extern int ServerIOSessionLength[];
-extern int ServerDoClientAuth[];
-extern PRBool ClientForceHandshake[];
-extern PRBool ServerForceHandshake[];
-extern PRBool ClientRedoHandshake[];
-extern PRBool ServerRedoHandshake[];
-extern PRBool Cipher_EN_RC4_128_WITH_MD5[];
-extern PRBool Cipher_EN_RC4_128_EXPORT40_WITH_MD5[];
-extern PRBool Cipher_EN_RC2_128_CBC_WITH_MD5[];
-extern PRBool Cipher_EN_DES_192_EDE3_CBC_WITH_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC4_40_MD5[];
-extern PRBool Cipher_RSA_WITH_RC4_128_MD5[];
-extern PRBool Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5[];
-extern PRBool Cipher_RSA_WITH_DES_CBC_SHA[];
-extern PRBool Cipher_RSA_WITH_3DES_EDE_CBC_SHA[];
-extern int testId;
-#endif
-
-
-#define REP_ClientCert $[ClientCert]
-#define REP_ServerCert $[ServerCert]
-#define REP_Policy $[Policy]
-#define REP_SSLVersion2 $[SSLVersion2]
-#define REP_SSLVersion3 $[SSLVersion3]
-#define REP_ClientIOSessionLength $[ClientIOSessionLength]
-#define REP_ServerIOSessionLength $[ServerIOSessionLength]
-#define REP_ServerDoClientAuth $[ServerDoClientAuth]
-#define REP_ClientForceHandshake $[ClientForceHandshake]
-#define REP_ServerForceHandshake $[ServerForceHandshake]
-#define REP_ClientRedoHandshake $[ClientRedoHandshake]
-#define REP_ServerRedoHandshake $[ServerRedoHandshake]
-
-
-#define REP_Cipher_EN_RC4_128_WITH_MD5 $[Cipher_EN_RC4_128_WITH_MD5]
-#define REP_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 $[Cipher_EN_RC4_128_EXPORT40_WITH_MD5]
-#define REP_Cipher_EN_RC2_128_CBC_WITH_MD5 $[Cipher_EN_RC2_128_CBC_WITH_MD5]
-#ifdef undef
-#define REP_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 $[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5]
-#define REP_Cipher_EN_IDEA_128_CBC_WITH_MD5 $[Cipher_EN_IDEA_128_CBC_WITH_MD5]
-#define REP_Cipher_EN_DES_64_CBC_WITH_MD5 $[Cipher_EN_DES_64_CBC_WITH_MD5
-#define REP_Cipher_RSA_WITH_NULL_SHA $[Cipher_RSA_WITH_NULL_SHA]
-#define REP_Cipher_RSA_WITH_RC4_128_SHA $[Cipher_RSA_WITH_RC4_128_SHA]
-#define REP_Cipher_RSA_WITH_IDEA_CBC_SHA $[Cipher_RSA_WITH_IDEA_CBC_SHA]
-#define REP_Cipher_NULL_WITH_NULL_NULL $[Cipher_NULL_WITH_NULL_NULL]
-#define REP_Cipher_RSA_WITH_NULL_MD5 $[Cipher_RSA_WITH_NULL_MD5]
-#endif
-#define REP_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 $[Cipher_EN_DES_192_EDE3_CBC_WITH_MD5]
-#define REP_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 $[Cipher_RSA_EXPORT_WITH_RC4_40_MD5]
-#define REP_Cipher_RSA_WITH_RC4_128_MD5 $[Cipher_RSA_WITH_RC4_128_MD5]
-#define REP_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 $[Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5]
-#define REP_Cipher_RSA_WITH_DES_CBC_SHA $[Cipher_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_RSA_WITH_3DES_EDE_CBC_SHA $[Cipher_RSA_WITH_3DES_EDE_CBC_SHA]
-
-#ifdef undef
-#define REP_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA $[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA]
-
-#define REP_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA [Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_DES_CBC_SHA [Cipher_DH_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA [Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA [Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_DES_CBC_SHA [Cipher_DH_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA [Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA [Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_DES_CBC_SHA [Cipher_DHE_DSS_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA [Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA [Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_DES_CBC_SHA [Cipher_DHE_RSA_WITH_DES_CBC_SHA]
-#define REP_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA [Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 [Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5]
-#define REP_Cipher_DH_ANON_WITH_RC4_128_MD5 [Cipher_DH_ANON_WITH_RC4_128_MD5]
-#define REP_Cipher_DH_ANON_WITH_DES_CBC_SHA [Cipher_DH_ANON_WITH_DES_CBC_SHA]
-#define REP_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA [Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA $[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA]
-#define REP_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA $[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA]
-#endif
-#define REP_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA $[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA]
-#define REP_Cipher_RSA_FIPS_WITH_DES_CBC_SHA $[Cipher_RSA_FIPS_WITH_DES_CBC_SHA]
-
-
-#endif
-
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep b/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep
deleted file mode 100644
index 278412826..000000000
--- a/security/nss/tests/pkcs11/netscape/suites/security/ssl/sslt.rep
+++ /dev/null
@@ -1,417 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-[General]
-cTemplate = sslt.htp
-makeTemplate = ssl.mtp
-path = .
-testPrefix = sslt
-testSuffix = .h
-regressSpecfile = ssl.reg
-regressOutput = ssl.html
-mut = SSL
-mutversion = 1.0
-timeout = 6
-makefileOutput = Makefile
-reporterOutput = ssl.rpt
-singleSource = TRUE
-
-
-
-# The names given for the Client and Server Certificates are
-# nicknames from the database
-
-[ClientCert]
-IMPORTANCE = HIGH
-TYPE = int
-ClientCert_none = NO_CERT
-ClientCert_one = CLIENT_CERT_HARDCOREII_1024
-#ClientCert_oneb = CLIENT_CERT_HARDCOREII_512
-#ClientCert_two = CLIENT_CERT_SPARK
-#ClientCert_three = SERVER_CERT_HARDCOREII_1024
-#ClientCert_four = CLIENT_CERT_VERISIGN
-
-[ServerCert]
-IMPORTANCE = HIGH
-TYPE = int
-#ServerCert_none = NO_CERT
-ServerCert_one = SERVER_CERT_HARDCOREII_512
-#ServerCert_two = CLIENT_CERT_HARDCOREII_512
-#ServerCert_three = SERVER_CERT_SPARK
-#ServerCert_four = SERVER_CERT_VERISIGN_REGULAR
-#ServerCert_five = SERVER_CERT_VERISIGN_STEPUP
-
-
-##### POLICY ####
-#
-# (right now, policy can only be set globally. When bug #102853 is
-# fixed, I'll be able to bring ClientPolicy and ServerPolicy back)
-#
-
-[Policy]
-IMPORTANCE = HIGH
-TYPE = int
-ExportPolicy = POLICY_EXPORT
-DomesticPolicy = POLICY_DOMESTIC
-
-#[ClientPolicy]
-#IMPORTANCE = HIGH
-#TYPE = int
-#ExportPolicy = POLICY_EXPORT
-#DomesticPolicy = POLICY_DOMESTIC
-
-#[ServerPolicy]
-#IMPORTANCE = HIGH
-#TYPE = int
-#ServerExportPolicy = POLICY_EXPORT
-#ServerDomesticPolicy = POLICY_DOMESTIC
-
-# Which SSL version to enable. Like the policy, this is a global
-# setting, affecting both client and server sockets
-
-[SSLVersion2]
-IMPORTANCE = HIGH
-TYPE = int
-SSLVersion2 = PR_TRUE
-NO_SSLVersion2 = PR_FALSE
-
-[SSLVersion3]
-IMPORTANCE = HIGH
-TYPE = int
-SSLVersion3 = PR_TRUE
-NO_SSLVersion3 = PR_FALSE
-
-#[ClientIOModel]
-#IMPORTANCE = LOW
-#TYPE = int
-#ClientIOBlocking = 0
-#ClientIONonBlocking = 1
-
-#[ServerIOModel]
-#IMPORTANCE = LOW
-#TYPE = int
-#ServerIOBlocking = BLOCKING
-#ServerIONonBlocking = NON_BLOCKING
-
-[ClientIOSessionLength]
-IMPORTANCE = LOW
-TYPE = int
-ClientIOLength0 = 0
-ClientIOLength1K = 1024
-#ClientIOLength256K = 262144
-#ClientIOLength5M = 5242880
-
-[ServerIOSessionLength]
-IMPORTANCE = LOW
-TYPE = int
-ServerIOLength0 = 0
-ServerIOLength1K = 1024
-#ServerIOLength256K = 262144
-#ServerIOLength5M = 5242880
-
-[ServerDoClientAuth]
-IMPORTANCE = LOW
-TYPE = int
-#ClientAuthOnInitial = SSLT_CLIENTAUTH_INITIAL
-#ClientAuthOnRedo = SSLT_CLIENTAUTH_REDO
-ClientAuthOff = SSLT_CLIENTAUTH_OFF
-
-[ClientForceHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-#ClientForceHandshake = PR_TRUE
-ClientNoForceHandshake = PR_FALSE
-
-[ServerForceHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-ServerForceHandshake = PR_TRUE
-#ServerNoForceHandshake = PR_FALSE
-
-[ClientRedoHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-#ClientRedoHandshake = PR_TRUE
-ClientNoRedoHandshake = PR_FALSE
-
-[ServerRedoHandshake]
-IMPORTANCE = LOW
-TYPE = PRBool
-#ServerRedoHandshake = PR_TRUE
-ServerNoRedoHandshake = PR_FALSE
-
-
-
-###########################################################################
-#
-# C i p h e r S p e c s
-#
-###########################################################################
-
-
-[Cipher_EN_RC4_128_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_RC4_128_WITH_MD5 = PR_TRUE
-No_Cipher_EN_RC4_128_WITH_MD5 = PR_FALSE
-
-[Cipher_EN_RC4_128_EXPORT40_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_RC4_128_EXPORT40_WITH_MD5 = PR_TRUE
-No_Cipher_EN_RC4_128_EXPORT40_WITH_MD5 = PR_FALSE
-
-[Cipher_EN_RC2_128_CBC_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_RC2_128_CBC_WITH_MD5 = PR_TRUE
-No_Cipher_EN_RC2_128_CBC_WITH_MD5 = PR_FALSE
-
-#[Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 = PR_TRUE
-#No_Cipher_EN_RC2_128_CBC_EXPORT40_WITH_MD5 = PR_FALSE
-
-#[Cipher_EN_IDEA_128_CBC_WITH_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_EN_IDEA_128_CBC_WITH_MD5 = PR_TRUE
-#No_Cipher_EN_IDEA_128_CBC_WITH_MD5 = PR_FALSE
-
-#[Cipher_EN_DES_64_CBC_WITH_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_EN_DES_64_CBC_WITH_MD5 = PR_TRUE
-#No_Cipher_EN_DES_64_CBC_WITH_MD5 = PR_FALSE
-
-[Cipher_EN_DES_192_EDE3_CBC_WITH_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 = PR_TRUE
-No_Cipher_EN_DES_192_EDE3_CBC_WITH_MD5 = PR_FALSE
-
-# SSL v3 Cipher Suites
-#[Cipher_NULL_WITH_NULL_NULL]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_NULL_WITH_NULL_NULL = PR_TRUE
-#No_Cipher_NULL_WITH_NULL_NULL = PR_FALSE
-
-#[Cipher_RSA_WITH_NULL_MD5]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_NULL_MD5 = PR_TRUE
-#No_Cipher_RSA_WITH_NULL_MD5 = PR_FALSE
-
-#[Cipher_RSA_WITH_NULL_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_NULL_SHA = PR_TRUE
-#No_Cipher_RSA_WITH_NULL_SHA = PR_FALSE
-
-[Cipher_RSA_EXPORT_WITH_RC4_40_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_EXPORT_WITH_RC4_40_MD5 = PR_TRUE
-No_Cipher_RSA_EXPORT_WITH_RC4_40_MD5 = PR_FALSE
-
-[Cipher_RSA_WITH_RC4_128_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_WITH_RC4_128_MD5 = PR_TRUE
-No_Cipher_RSA_WITH_RC4_128_MD5 = PR_FALSE
-
-#[Cipher_RSA_WITH_RC4_128_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_RC4_128_SHA = PR_TRUE
-#No_Cipher_RSA_WITH_RC4_128_SHA = PR_FALSE
-
-[Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = PR_TRUE
-No_Cipher_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = PR_FALSE
-
-#[Cipher_RSA_WITH_IDEA_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_WITH_IDEA_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_WITH_IDEA_CBC_SHA = PR_FALSE
-
-#[Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-[Cipher_RSA_WITH_DES_CBC_SHA]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_WITH_DES_CBC_SHA = PR_TRUE
-No_Cipher_RSA_WITH_DES_CBC_SHA = PR_FALSE
-
-[Cipher_RSA_WITH_3DES_EDE_CBC_SHA]
-IMPORTANCE = HIGH
-TYPE = PRBool
-Cipher_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-No_Cipher_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-
-#[Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_DSS_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_DSS_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DH_DSS_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DH_DSS_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_RSA_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_RSA_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DH_RSA_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DH_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-
-#[Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_DSS_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_DSS_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_DSS_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_DSS_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_RSA_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_RSA_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_RSA_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DHE_RSA_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-
-#[Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 = PR_TRUE
-#No_Cipher_DH_ANON_EXPORT_WITH_RC4_40_MD5 = PR_FALSE
-
-#[Cipher_DH_ANON_WITH_RC4_128_MD5]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_WITH_RC4_128_MD5 = PR_TRUE
-#No_Cipher_DH_ANON_WITH_RC4_128_MD5 = PR_FALSE
-
-###define SSL_DH_ANON_EXPORT_WITH_DES40_CBC_SHA 0x0019
-
-#[Cipher_DH_ANON_WITH_DES_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_DH_ANON_WITH_DES_CBC_SHA = PR_FALSE
-
-#[Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = LOW
-#TYPE = PRBool
-#Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_DH_ANON_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = PR_TRUE
-#No_Cipher_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA = PR_FALSE
-
-#[Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA = PR_TRUE
-#No_Cipher_FORTEZZA_DMS_WITH_RC4_128_SHA = PR_FALSE
-
-
-#[Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = PR_FALSE
-
-#[Cipher_RSA_FIPS_WITH_DES_CBC_SHA]
-#IMPORTANCE = HIGH
-#TYPE = PRBool
-#Cipher_RSA_FIPS_WITH_DES_CBC_SHA = PR_TRUE
-#No_Cipher_RSA_FIPS_WITH_DES_CBC_SHA = PR_FALSE
-
-
-
diff --git a/security/nss/tests/pkcs11/netscape/trivial/.cvsignore b/security/nss/tests/pkcs11/netscape/trivial/.cvsignore
deleted file mode 100644
index e3884c884..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/.cvsignore
+++ /dev/null
@@ -1,6 +0,0 @@
-Makefile
-config.cache
-config.h
-config.log
-config.status
-trivial*.tar.gz
diff --git a/security/nss/tests/pkcs11/netscape/trivial/Makefile.in b/security/nss/tests/pkcs11/netscape/trivial/Makefile.in
deleted file mode 100644
index 7f9488350..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/Makefile.in
+++ /dev/null
@@ -1,175 +0,0 @@
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is a trivial PKCS#11 test program.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corp. Portions created by Netscape are
-# Copyright (C) 2000. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-
-MAKEFILE_IN_CVS_ID = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-
-SHELL = /bin/sh
-.SUFFIXES:
-.SUFFIXES: .c .o .h .in .a .so
-
-srcdir = @srcdir@
-VPATH = @srcdir@
-prefix = @prefix@
-exec_prefix = @exec_prefix@
-includedir = @includedir@
-bindir = @bindir@
-@SET_MAKE@
-INSTALL = @INSTALL@
-RANLIB = @RANLIB@
-AR = @AR@
-CC = @CC@
-LD = @LD@
-RM = @RM@
-TAR = @TAR@
-
-CPPFLAGS = @CPPFLAGS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
-
-INSTALL_PROGRAM = $(INSTALL) -m 0500
-
-all:: program
-
-# Standard Netscape/Mozilla targets:
-# import import_xp export private_export libs program install all clobber
-# clobber_all release release_xp alltags
-
-# Standard GNU targets:
-# all install uninstall install-strip clean distclean mostlyclean
-# maintainer-clean TAGS info dvi dist check installcheck installdirs
-
-# === The actual targets and the real commands that make them ===
-program:: trivial
-
-trivial: trivial.c config.h Makefile
- $(CC) -I. -I${srcdir} $(CFLAGS) $(CPPFLAGS) $< -o $@ $(LDFLAGS) $(LIBS)
-
-# Now, various standard targets, some that do stuff, some that are no-ops
-
-import::
-
-export:: install
-
-private_export::
-
-program::
-
-clobber:: clean
-
-clobber_all:: maintainer-clean
-
-alltags:: TAGS
-
-RESULTS = \
- $(DESTDIR)$(bindir)/trivial \
- $(NULL)
-
-install:: $(RESULTS)
-
-$(DESTDIR)$(bindir)/trivial: trivial
- $(INSTALL_PROGRAM) trivial $(DESTDIR)$(bindir)/trivial
-
-# "rm -f" with no arguments bites on some platforms.
-# There should be an autoconf check and maybe a more
-# general $(FORCEDREMOVE) command
-
-uninstall::
- $(RM) -f $(RESULTS)
-
-install-strip::
- $(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s ' install
-
-clean::
- $(RM) -f *~ core trivial.o trivial
-
-distclean:: clean
- $(RM) -f Makefile config.cache config.h config.log config.status stamp-h stamp-h.in
-
-mostlyclean:: clean
-
-maintainer-clean:: distclean
- $(RM) -f TAGS trivial*.tar.gz
-
-TAGS::
-
-DISTFILES = \
- .cvsignore \
- README.txt \
- Makefile.in \
- acconfig.h \
- config.h.in \
- configure \
- configure.in \
- install-sh \
- trivial.c \
- $(NULL)
-
-dist:: trivial.tar.gz
-
-# There must be an easier and more portable way of doing this..
-trivial.tar.gz: $(DISTFILES)
- echo $(DISTFILES) | tr ' ' '\n' | sed "s^.*^`( cd ${srcdir}; pwd ) | xargs basename`/&^" | xargs tar czf $@ -C ${srcdir}/..
-
-# other "standard" but irrelevant targets
-info::
-
-dvi::
-
-check::
-
-installcheck::
-
-installdirs::
-
-# Include dependancies
-
-
-# autoheader might not change config.h.in, so touch a stamp file
-${srcdir}/config.h.in: stamp-h.in
-${srcdir}/stamp-h.in: configure.in acconfig.h
- cd ${srcdir} && autoheader
- echo timestamp > ${srcdir}/stamp-h.in
-
-# Remake the configuration
-${srcdir}/configure: configure.in
- cd ${srcdir} && autoconf
-
-config.h: stamp-h
-stamp-h: config.h.in config.status
- ./config.status
-
-Makefile: Makefile.in config.status
- ./config.status
-
-config.status: configure
- ./config.status --recheck
diff --git a/security/nss/tests/pkcs11/netscape/trivial/README.txt b/security/nss/tests/pkcs11/netscape/trivial/README.txt
deleted file mode 100644
index 5c18a5089..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/README.txt
+++ /dev/null
@@ -1,56 +0,0 @@
-This is a very trivial program that loads and excercises a PKCS#11
-module, trying basic operations. I used it as a basic check that
-my data-only modules for NSS worked, and I'm including it here as
-a first sample test program.
-
-
-This program uses GNU autoconf: run ./configure --help for info.
-In addition to the standard options, the configure script accepts
-the following:
-
- --with-nspr[=path] specify location of NSPR
- --with-nss-dist[=path] specify path to NSS dist directory
- --with-nss-hdrs[=path] or, specify path to installed NSS headers
- --with-rsa-hdrs[=path] if not using NSS, specify path to RSA headers
- --disable-debug default is enabled
-
-This program uses NSPR; you may specify the path to your NSPR
-installation by using the "--with-nspr" option. The specified
-directory should be the one containing "include" and "lib."
-If this option is not given, the default is the usual prefix
-directories; see ./configure --help for more info.
-
-This program requires either the pkcs11*.h files from RSA, or
-the NSS equivalents. To specify their location, you must
-specify one of --with-nss-dist, --with-nss-hdrs, or --with-rsa-hdrs.
-
-If you have an NSS build tree, specify --with-nss-dist and provide
-the path to the mozilla/dist/*.OBJ directory. (If you got this
-package by checking it out from mozilla, it should be about six
-directories up, once you've built NSS.)
-
-Alternatively, if you have an NSS installation (including "private"
-files, e.g. "ck.h") you may point directly to the directory containing
-the headers with --with-nss-hdrs.
-
-If you would rather use the RSA-provided header files, or your own
-versions of them, specify their location with --with-rsa-hdrs.
-
-The flag --disable-debug doesn't really do much here other than
-exclude the CVS_ID info from the binary.
-
-
-To run the program, specify the name of the .so (or your platform's
-equivalent) containing the module to be tested, e.g.:
-
- ./trivial ../../../../../../dist/*.OBJ/lib/libnssckbi.so
-
-
-If you're using NSS, and using our experimental "installer's
-arguments" fields in CK_C_INITIALIZE_ARGS, you can specify an
-"installer argument" with the -i flag:
-
- ./trivial -i ~/.netscape/certs.db [...]/libnssckdb.so
-
-
-Share and enjoy.
diff --git a/security/nss/tests/pkcs11/netscape/trivial/acconfig.h b/security/nss/tests/pkcs11/netscape/trivial/acconfig.h
deleted file mode 100644
index 36f98f87a..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/acconfig.h
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is a trivial PKCS#11 test program.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-/* Define to use NSS header files instead of the regular RSA ones */
-#undef WITH_NSS
-
diff --git a/security/nss/tests/pkcs11/netscape/trivial/config.h.in b/security/nss/tests/pkcs11/netscape/trivial/config.h.in
deleted file mode 100644
index bf5d5f3b5..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/config.h.in
+++ /dev/null
@@ -1,28 +0,0 @@
-/* config.h.in. Generated automatically from configure.in by autoheader. */
-
-/* Define to empty if the keyword does not work. */
-#undef const
-
-/* Define to use NSS header files instead of the regular RSA ones */
-#undef WITH_NSS
-
-/* Define if you have the memset function. */
-#undef HAVE_MEMSET
-
-/* Define if you have the strlen function. */
-#undef HAVE_STRLEN
-
-/* Define if you have the <ck.h> header file. */
-#undef HAVE_CK_H
-
-/* Define if you have the <nspr.h> header file. */
-#undef HAVE_NSPR_H
-
-/* Define if you have the <pkcs11.h> header file. */
-#undef HAVE_PKCS11_H
-
-/* Define if you have the <pkcs11t.h> header file. */
-#undef HAVE_PKCS11T_H
-
-/* Define if you have the nspr4 library (-lnspr4). */
-#undef HAVE_LIBNSPR4
diff --git a/security/nss/tests/pkcs11/netscape/trivial/configure b/security/nss/tests/pkcs11/netscape/trivial/configure
deleted file mode 100755
index d9571ccdd..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/configure
+++ /dev/null
@@ -1,1906 +0,0 @@
-#! /bin/sh
-
-# Guess values for system-dependent variables and create Makefiles.
-# Generated automatically using autoconf version 2.13
-# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc.
-#
-# This configure script is free software; the Free Software Foundation
-# gives unlimited permission to copy, distribute and modify it.
-
-# Defaults:
-ac_help=
-ac_default_prefix=/usr/local
-# Any additions from configure.in:
-ac_help="$ac_help
- --with-nspr[=path] specify location of NSPR"
-ac_help="$ac_help
- --with-nss-dist[=path] specify path to NSS dist directory"
-ac_help="$ac_help
- --with-nss-hdrs[=path] or, specify path to installed NSS headers"
-ac_help="$ac_help
- --with-rsa-hdrs[=path] if not using NSS, specify path to RSA headers"
-ac_help="$ac_help
- --disable-debug default is enabled"
-
-# Initialize some variables set by options.
-# The variables have the same names as the options, with
-# dashes changed to underlines.
-build=NONE
-cache_file=./config.cache
-exec_prefix=NONE
-host=NONE
-no_create=
-nonopt=NONE
-no_recursion=
-prefix=NONE
-program_prefix=NONE
-program_suffix=NONE
-program_transform_name=s,x,x,
-silent=
-site=
-srcdir=
-target=NONE
-verbose=
-x_includes=NONE
-x_libraries=NONE
-bindir='${exec_prefix}/bin'
-sbindir='${exec_prefix}/sbin'
-libexecdir='${exec_prefix}/libexec'
-datadir='${prefix}/share'
-sysconfdir='${prefix}/etc'
-sharedstatedir='${prefix}/com'
-localstatedir='${prefix}/var'
-libdir='${exec_prefix}/lib'
-includedir='${prefix}/include'
-oldincludedir='/usr/include'
-infodir='${prefix}/info'
-mandir='${prefix}/man'
-
-# Initialize some other variables.
-subdirs=
-MFLAGS= MAKEFLAGS=
-SHELL=${CONFIG_SHELL-/bin/sh}
-# Maximum number of lines to put in a shell here document.
-ac_max_here_lines=12
-
-ac_prev=
-for ac_option
-do
-
- # If the previous option needs an argument, assign it.
- if test -n "$ac_prev"; then
- eval "$ac_prev=\$ac_option"
- ac_prev=
- continue
- fi
-
- case "$ac_option" in
- -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
- *) ac_optarg= ;;
- esac
-
- # Accept the important Cygnus configure options, so we can diagnose typos.
-
- case "$ac_option" in
-
- -bindir | --bindir | --bindi | --bind | --bin | --bi)
- ac_prev=bindir ;;
- -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
- bindir="$ac_optarg" ;;
-
- -build | --build | --buil | --bui | --bu)
- ac_prev=build ;;
- -build=* | --build=* | --buil=* | --bui=* | --bu=*)
- build="$ac_optarg" ;;
-
- -cache-file | --cache-file | --cache-fil | --cache-fi \
- | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
- ac_prev=cache_file ;;
- -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
- | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
- cache_file="$ac_optarg" ;;
-
- -datadir | --datadir | --datadi | --datad | --data | --dat | --da)
- ac_prev=datadir ;;
- -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \
- | --da=*)
- datadir="$ac_optarg" ;;
-
- -disable-* | --disable-*)
- ac_feature=`echo $ac_option|sed -e 's/-*disable-//'`
- # Reject names that are not valid shell variable names.
- if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then
- { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
- fi
- ac_feature=`echo $ac_feature| sed 's/-/_/g'`
- eval "enable_${ac_feature}=no" ;;
-
- -enable-* | --enable-*)
- ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'`
- # Reject names that are not valid shell variable names.
- if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then
- { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
- fi
- ac_feature=`echo $ac_feature| sed 's/-/_/g'`
- case "$ac_option" in
- *=*) ;;
- *) ac_optarg=yes ;;
- esac
- eval "enable_${ac_feature}='$ac_optarg'" ;;
-
- -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
- | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
- | --exec | --exe | --ex)
- ac_prev=exec_prefix ;;
- -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
- | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
- | --exec=* | --exe=* | --ex=*)
- exec_prefix="$ac_optarg" ;;
-
- -gas | --gas | --ga | --g)
- # Obsolete; use --with-gas.
- with_gas=yes ;;
-
- -help | --help | --hel | --he)
- # Omit some internal or obsolete options to make the list less imposing.
- # This message is too long to be a string in the A/UX 3.1 sh.
- cat << EOF
-Usage: configure [options] [host]
-Options: [defaults in brackets after descriptions]
-Configuration:
- --cache-file=FILE cache test results in FILE
- --help print this message
- --no-create do not create output files
- --quiet, --silent do not print \`checking...' messages
- --version print the version of autoconf that created configure
-Directory and file names:
- --prefix=PREFIX install architecture-independent files in PREFIX
- [$ac_default_prefix]
- --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX
- [same as prefix]
- --bindir=DIR user executables in DIR [EPREFIX/bin]
- --sbindir=DIR system admin executables in DIR [EPREFIX/sbin]
- --libexecdir=DIR program executables in DIR [EPREFIX/libexec]
- --datadir=DIR read-only architecture-independent data in DIR
- [PREFIX/share]
- --sysconfdir=DIR read-only single-machine data in DIR [PREFIX/etc]
- --sharedstatedir=DIR modifiable architecture-independent data in DIR
- [PREFIX/com]
- --localstatedir=DIR modifiable single-machine data in DIR [PREFIX/var]
- --libdir=DIR object code libraries in DIR [EPREFIX/lib]
- --includedir=DIR C header files in DIR [PREFIX/include]
- --oldincludedir=DIR C header files for non-gcc in DIR [/usr/include]
- --infodir=DIR info documentation in DIR [PREFIX/info]
- --mandir=DIR man documentation in DIR [PREFIX/man]
- --srcdir=DIR find the sources in DIR [configure dir or ..]
- --program-prefix=PREFIX prepend PREFIX to installed program names
- --program-suffix=SUFFIX append SUFFIX to installed program names
- --program-transform-name=PROGRAM
- run sed PROGRAM on installed program names
-EOF
- cat << EOF
-Host type:
- --build=BUILD configure for building on BUILD [BUILD=HOST]
- --host=HOST configure for HOST [guessed]
- --target=TARGET configure for TARGET [TARGET=HOST]
-Features and packages:
- --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no)
- --enable-FEATURE[=ARG] include FEATURE [ARG=yes]
- --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
- --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
- --x-includes=DIR X include files are in DIR
- --x-libraries=DIR X library files are in DIR
-EOF
- if test -n "$ac_help"; then
- echo "--enable and --with options recognized:$ac_help"
- fi
- exit 0 ;;
-
- -host | --host | --hos | --ho)
- ac_prev=host ;;
- -host=* | --host=* | --hos=* | --ho=*)
- host="$ac_optarg" ;;
-
- -includedir | --includedir | --includedi | --included | --include \
- | --includ | --inclu | --incl | --inc)
- ac_prev=includedir ;;
- -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
- | --includ=* | --inclu=* | --incl=* | --inc=*)
- includedir="$ac_optarg" ;;
-
- -infodir | --infodir | --infodi | --infod | --info | --inf)
- ac_prev=infodir ;;
- -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
- infodir="$ac_optarg" ;;
-
- -libdir | --libdir | --libdi | --libd)
- ac_prev=libdir ;;
- -libdir=* | --libdir=* | --libdi=* | --libd=*)
- libdir="$ac_optarg" ;;
-
- -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
- | --libexe | --libex | --libe)
- ac_prev=libexecdir ;;
- -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
- | --libexe=* | --libex=* | --libe=*)
- libexecdir="$ac_optarg" ;;
-
- -localstatedir | --localstatedir | --localstatedi | --localstated \
- | --localstate | --localstat | --localsta | --localst \
- | --locals | --local | --loca | --loc | --lo)
- ac_prev=localstatedir ;;
- -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
- | --localstate=* | --localstat=* | --localsta=* | --localst=* \
- | --locals=* | --local=* | --loca=* | --loc=* | --lo=*)
- localstatedir="$ac_optarg" ;;
-
- -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
- ac_prev=mandir ;;
- -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
- mandir="$ac_optarg" ;;
-
- -nfp | --nfp | --nf)
- # Obsolete; use --without-fp.
- with_fp=no ;;
-
- -no-create | --no-create | --no-creat | --no-crea | --no-cre \
- | --no-cr | --no-c)
- no_create=yes ;;
-
- -no-recursion | --no-recursion | --no-recursio | --no-recursi \
- | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
- no_recursion=yes ;;
-
- -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
- | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
- | --oldin | --oldi | --old | --ol | --o)
- ac_prev=oldincludedir ;;
- -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
- | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
- | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
- oldincludedir="$ac_optarg" ;;
-
- -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
- ac_prev=prefix ;;
- -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
- prefix="$ac_optarg" ;;
-
- -program-prefix | --program-prefix | --program-prefi | --program-pref \
- | --program-pre | --program-pr | --program-p)
- ac_prev=program_prefix ;;
- -program-prefix=* | --program-prefix=* | --program-prefi=* \
- | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
- program_prefix="$ac_optarg" ;;
-
- -program-suffix | --program-suffix | --program-suffi | --program-suff \
- | --program-suf | --program-su | --program-s)
- ac_prev=program_suffix ;;
- -program-suffix=* | --program-suffix=* | --program-suffi=* \
- | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
- program_suffix="$ac_optarg" ;;
-
- -program-transform-name | --program-transform-name \
- | --program-transform-nam | --program-transform-na \
- | --program-transform-n | --program-transform- \
- | --program-transform | --program-transfor \
- | --program-transfo | --program-transf \
- | --program-trans | --program-tran \
- | --progr-tra | --program-tr | --program-t)
- ac_prev=program_transform_name ;;
- -program-transform-name=* | --program-transform-name=* \
- | --program-transform-nam=* | --program-transform-na=* \
- | --program-transform-n=* | --program-transform-=* \
- | --program-transform=* | --program-transfor=* \
- | --program-transfo=* | --program-transf=* \
- | --program-trans=* | --program-tran=* \
- | --progr-tra=* | --program-tr=* | --program-t=*)
- program_transform_name="$ac_optarg" ;;
-
- -q | -quiet | --quiet | --quie | --qui | --qu | --q \
- | -silent | --silent | --silen | --sile | --sil)
- silent=yes ;;
-
- -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
- ac_prev=sbindir ;;
- -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
- | --sbi=* | --sb=*)
- sbindir="$ac_optarg" ;;
-
- -sharedstatedir | --sharedstatedir | --sharedstatedi \
- | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
- | --sharedst | --shareds | --shared | --share | --shar \
- | --sha | --sh)
- ac_prev=sharedstatedir ;;
- -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
- | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
- | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
- | --sha=* | --sh=*)
- sharedstatedir="$ac_optarg" ;;
-
- -site | --site | --sit)
- ac_prev=site ;;
- -site=* | --site=* | --sit=*)
- site="$ac_optarg" ;;
-
- -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
- ac_prev=srcdir ;;
- -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
- srcdir="$ac_optarg" ;;
-
- -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
- | --syscon | --sysco | --sysc | --sys | --sy)
- ac_prev=sysconfdir ;;
- -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
- | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
- sysconfdir="$ac_optarg" ;;
-
- -target | --target | --targe | --targ | --tar | --ta | --t)
- ac_prev=target ;;
- -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
- target="$ac_optarg" ;;
-
- -v | -verbose | --verbose | --verbos | --verbo | --verb)
- verbose=yes ;;
-
- -version | --version | --versio | --versi | --vers)
- echo "configure generated by autoconf version 2.13"
- exit 0 ;;
-
- -with-* | --with-*)
- ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'`
- # Reject names that are not valid shell variable names.
- if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then
- { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
- fi
- ac_package=`echo $ac_package| sed 's/-/_/g'`
- case "$ac_option" in
- *=*) ;;
- *) ac_optarg=yes ;;
- esac
- eval "with_${ac_package}='$ac_optarg'" ;;
-
- -without-* | --without-*)
- ac_package=`echo $ac_option|sed -e 's/-*without-//'`
- # Reject names that are not valid shell variable names.
- if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then
- { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
- fi
- ac_package=`echo $ac_package| sed 's/-/_/g'`
- eval "with_${ac_package}=no" ;;
-
- --x)
- # Obsolete; use --with-x.
- with_x=yes ;;
-
- -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
- | --x-incl | --x-inc | --x-in | --x-i)
- ac_prev=x_includes ;;
- -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
- | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
- x_includes="$ac_optarg" ;;
-
- -x-libraries | --x-libraries | --x-librarie | --x-librari \
- | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
- ac_prev=x_libraries ;;
- -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
- | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
- x_libraries="$ac_optarg" ;;
-
- -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; }
- ;;
-
- *)
- if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then
- echo "configure: warning: $ac_option: invalid host type" 1>&2
- fi
- if test "x$nonopt" != xNONE; then
- { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; }
- fi
- nonopt="$ac_option"
- ;;
-
- esac
-done
-
-if test -n "$ac_prev"; then
- { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; }
-fi
-
-trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
-
-# File descriptor usage:
-# 0 standard input
-# 1 file creation
-# 2 errors and warnings
-# 3 some systems may open it to /dev/tty
-# 4 used on the Kubota Titan
-# 6 checking for... messages and results
-# 5 compiler messages saved in config.log
-if test "$silent" = yes; then
- exec 6>/dev/null
-else
- exec 6>&1
-fi
-exec 5>./config.log
-
-echo "\
-This file contains any messages produced by compilers while
-running configure, to aid debugging if configure makes a mistake.
-" 1>&5
-
-# Strip out --no-create and --no-recursion so they do not pile up.
-# Also quote any args containing shell metacharacters.
-ac_configure_args=
-for ac_arg
-do
- case "$ac_arg" in
- -no-create | --no-create | --no-creat | --no-crea | --no-cre \
- | --no-cr | --no-c) ;;
- -no-recursion | --no-recursion | --no-recursio | --no-recursi \
- | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;;
- *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*)
- ac_configure_args="$ac_configure_args '$ac_arg'" ;;
- *) ac_configure_args="$ac_configure_args $ac_arg" ;;
- esac
-done
-
-# NLS nuisances.
-# Only set these to C if already set. These must not be set unconditionally
-# because not all systems understand e.g. LANG=C (notably SCO).
-# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'!
-# Non-C LC_CTYPE values break the ctype check.
-if test "${LANG+set}" = set; then LANG=C; export LANG; fi
-if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi
-if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi
-if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi
-
-# confdefs.h avoids OS command line length limits that DEFS can exceed.
-rm -rf conftest* confdefs.h
-# AIX cpp loses on an empty file, so make sure it contains at least a newline.
-echo > confdefs.h
-
-# A filename unique to this package, relative to the directory that
-# configure is in, which we can look for to find out if srcdir is correct.
-ac_unique_file=trivial.c
-
-# Find the source files, if location was not specified.
-if test -z "$srcdir"; then
- ac_srcdir_defaulted=yes
- # Try the directory containing this script, then its parent.
- ac_prog=$0
- ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'`
- test "x$ac_confdir" = "x$ac_prog" && ac_confdir=.
- srcdir=$ac_confdir
- if test ! -r $srcdir/$ac_unique_file; then
- srcdir=..
- fi
-else
- ac_srcdir_defaulted=no
-fi
-if test ! -r $srcdir/$ac_unique_file; then
- if test "$ac_srcdir_defaulted" = yes; then
- { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; }
- else
- { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; }
- fi
-fi
-srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'`
-
-# Prefer explicitly selected file to automatically selected ones.
-if test -z "$CONFIG_SITE"; then
- if test "x$prefix" != xNONE; then
- CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site"
- else
- CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
- fi
-fi
-for ac_site_file in $CONFIG_SITE; do
- if test -r "$ac_site_file"; then
- echo "loading site script $ac_site_file"
- . "$ac_site_file"
- fi
-done
-
-if test -r "$cache_file"; then
- echo "loading cache $cache_file"
- . $cache_file
-else
- echo "creating cache $cache_file"
- > $cache_file
-fi
-
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-ac_exeext=
-ac_objext=o
-if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then
- # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu.
- if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then
- ac_n= ac_c='
-' ac_t=' '
- else
- ac_n=-n ac_c= ac_t=
- fi
-else
- ac_n= ac_c='\c' ac_t=
-fi
-
-
-
-echo $ac_n "checking whether ${MAKE-make} sets \${MAKE}""... $ac_c" 1>&6
-echo "configure:537: checking whether ${MAKE-make} sets \${MAKE}" >&5
-set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_prog_make_${ac_make}_set'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftestmake <<\EOF
-all:
- @echo 'ac_maketemp="${MAKE}"'
-EOF
-# GNU make sometimes prints "make[1]: Entering...", which would confuse us.
-eval `${MAKE-make} -f conftestmake 2>/dev/null | grep temp=`
-if test -n "$ac_maketemp"; then
- eval ac_cv_prog_make_${ac_make}_set=yes
-else
- eval ac_cv_prog_make_${ac_make}_set=no
-fi
-rm -f conftestmake
-fi
-if eval "test \"`echo '$ac_cv_prog_make_'${ac_make}_set`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- SET_MAKE=
-else
- echo "$ac_t""no" 1>&6
- SET_MAKE="MAKE=${MAKE-make}"
-fi
-
-
-# Check whether --with-nspr or --without-nspr was given.
-if test "${with_nspr+set}" = set; then
- withval="$with_nspr"
- case "$withval" in
- no)
- { echo "configure: error: NSPR is required" 1>&2; exit 1; };;
- yes)
- NSPR_INCLUDE="$includedir"
- NSPR_LIBPATH="$libdir"
- ;;
- *)
- NSPR_INCLUDE="$withval/include"
- NSPR_LIBPATH="$withval/lib"
- ;;
- esac
-else
- NSPR_INCLUDE="$includedir"
- NSPR_LIBPATH="$libdir"
-
-fi
-
-
-NSPR_CFLAGS="-I$NSPR_INCLUDE"
-NSPR_LDFLAGS="-L$NSPR_LIBPATH -lnspr4 -lplc4 -lplds4"
-
-
-# Check whether --with-nss-dist or --without-nss-dist was given.
-if test "${with_nss_dist+set}" = set; then
- withval="$with_nss_dist"
- case "$withval" in
- no)
- NSS_CFLAGS=""
- nss="0"
- ;;
- yes)
- { echo "configure: error: You have to specify a path for --with-nss-dist" 1>&2; exit 1; }
- ;;
- *)
- NSS_CFLAGS="-I$withval/private/security -I$withval/public/security"
- nss="1"
- ;;
- esac
-fi
-
-
-# Check whether --with-nss-hdrs or --without-nss-hdrs was given.
-if test "${with_nss_hdrs+set}" = set; then
- withval="$with_nss_hdrs"
- if test "x$nss" != "x"; then
- { echo "configure: error: Only specify --with-nss-hdrs or --with-nss-dist" 1>&2; exit 1; }
- fi
- case "$withval" in
- no)
- NSS_CFLAGS=""
- nss="0"
- ;;
- yes)
- NSS_CFLAGS="-I$includedir"
- nss="1"
- ;;
- *)
- NSS_CFLAGS="-I$withval"
- nss="1"
- ;;
- esac
-fi
-
-
-# Check whether --with-rsa-hdrs or --without-rsa-hdrs was given.
-if test "${with_rsa_hdrs+set}" = set; then
- withval="$with_rsa_hdrs"
- if test "x$nss" != "x"; then
- { echo "configure: error: Only specify --with-nss-{hdrs" 1>&2; exit 1; }
- fi
- case "$withval" in
- no)
- rsa="0"
- ;;
- yes)
- RSA_INCLUDE="$includedir"
- rsa="1"
- ;;
- *)
- RSA_INCLUDE="$withval"
- rsa="1"
- ;;
- esac
-fi
-
-
-if test "x$nss" = "x"; then
- if test "x$rsa" = "x"; then
- RSA_INCLUDE="$includedir"
- fi
- RSA_CFLAGS="-I$RSA_INCLUDE"
-fi
-
-if test "x$nss" = "x1"; then
- cat >> confdefs.h <<\EOF
-#define WITH_NSS 1
-EOF
-
-fi
-
-
-
-if test "x$rsa" = "x1"; then
- RSA_CFLAGS-"-I$RSA_INCLUDE"
-fi
-
-# Check whether --enable-debug or --disable-debug was given.
-if test "${enable_debug+set}" = set; then
- enableval="$enable_debug"
- case "$enableval" in
- no)
- DEBUG_CFLAGS="";;
- yes)
- DEBUG_CFLAGS="-DDEBUG";;
- *)
- DEBUG_CFLAGS="-DDEBUG";;
- esac
-else
- DEBUG_CFLAGS="-DDEBUG"
-fi
-
-
-# Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:693: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_CC="gcc"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
- echo "$ac_t""$CC" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-if test -z "$CC"; then
- # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:723: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_prog_rejected=no
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then
- ac_prog_rejected=yes
- continue
- fi
- ac_cv_prog_CC="cc"
- break
- fi
- done
- IFS="$ac_save_ifs"
-if test $ac_prog_rejected = yes; then
- # We found a bogon in the path, so make sure we never use it.
- set dummy $ac_cv_prog_CC
- shift
- if test $# -gt 0; then
- # We chose a different compiler from the bogus one.
- # However, it has the same basename, so the bogon will be chosen
- # first if we set CC to just the basename; use the full file name.
- shift
- set dummy "$ac_dir/$ac_word" "$@"
- shift
- ac_cv_prog_CC="$@"
- fi
-fi
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
- echo "$ac_t""$CC" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
- if test -z "$CC"; then
- case "`uname -s`" in
- *win32* | *WIN32*)
- # Extract the first word of "cl", so it can be a program name with args.
-set dummy cl; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:774: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$CC"; then
- ac_cv_prog_CC="$CC" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_CC="cl"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-CC="$ac_cv_prog_CC"
-if test -n "$CC"; then
- echo "$ac_t""$CC" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
- ;;
- esac
- fi
- test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; }
-fi
-
-echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:806: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
-
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-cat > conftest.$ac_ext << EOF
-
-#line 817 "configure"
-#include "confdefs.h"
-
-main(){return(0);}
-EOF
-if { (eval echo configure:822: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
- ac_cv_prog_cc_works=yes
- # If we can't run a trivial program, we are probably using a cross compiler.
- if (./conftest; exit) 2>/dev/null; then
- ac_cv_prog_cc_cross=no
- else
- ac_cv_prog_cc_cross=yes
- fi
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- ac_cv_prog_cc_works=no
-fi
-rm -fr conftest*
-ac_ext=c
-# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
-ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
-cross_compiling=$ac_cv_prog_cc_cross
-
-echo "$ac_t""$ac_cv_prog_cc_works" 1>&6
-if test $ac_cv_prog_cc_works = no; then
- { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
-fi
-echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:848: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
-echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
-cross_compiling=$ac_cv_prog_cc_cross
-
-echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
-echo "configure:853: checking whether we are using GNU C" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.c <<EOF
-#ifdef __GNUC__
- yes;
-#endif
-EOF
-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:862: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
- ac_cv_prog_gcc=yes
-else
- ac_cv_prog_gcc=no
-fi
-fi
-
-echo "$ac_t""$ac_cv_prog_gcc" 1>&6
-
-if test $ac_cv_prog_gcc = yes; then
- GCC=yes
-else
- GCC=
-fi
-
-ac_test_CFLAGS="${CFLAGS+set}"
-ac_save_CFLAGS="$CFLAGS"
-CFLAGS=
-echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
-echo "configure:881: checking whether ${CC-cc} accepts -g" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- echo 'void f(){}' > conftest.c
-if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then
- ac_cv_prog_cc_g=yes
-else
- ac_cv_prog_cc_g=no
-fi
-rm -f conftest*
-
-fi
-
-echo "$ac_t""$ac_cv_prog_cc_g" 1>&6
-if test "$ac_test_CFLAGS" = set; then
- CFLAGS="$ac_save_CFLAGS"
-elif test $ac_cv_prog_cc_g = yes; then
- if test "$GCC" = yes; then
- CFLAGS="-g -O2"
- else
- CFLAGS="-g"
- fi
-else
- if test "$GCC" = yes; then
- CFLAGS="-O2"
- else
- CFLAGS=
- fi
-fi
-
-echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:913: checking how to run the C preprocessor" >&5
-# On Suns, sometimes $CPP names a directory.
-if test -n "$CPP" && test -d "$CPP"; then
- CPP=
-fi
-if test -z "$CPP"; then
-if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- # This must be in double quotes, not single quotes, because CPP may get
- # substituted into the Makefile and "${CC-cc}" will confuse make.
- CPP="${CC-cc} -E"
- # On the NeXT, cc -E runs the code through the compiler's parser,
- # not just through cpp.
- cat > conftest.$ac_ext <<EOF
-#line 928 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:934: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- :
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- CPP="${CC-cc} -E -traditional-cpp"
- cat > conftest.$ac_ext <<EOF
-#line 945 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:951: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- :
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- CPP="${CC-cc} -nologo -E"
- cat > conftest.$ac_ext <<EOF
-#line 962 "configure"
-#include "confdefs.h"
-#include <assert.h>
-Syntax Error
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:968: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- :
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- CPP=/lib/cpp
-fi
-rm -f conftest*
-fi
-rm -f conftest*
-fi
-rm -f conftest*
- ac_cv_prog_CPP="$CPP"
-fi
- CPP="$ac_cv_prog_CPP"
-else
- ac_cv_prog_CPP="$CPP"
-fi
-echo "$ac_t""$CPP" 1>&6
-
-ac_aux_dir=
-for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
- if test -f $ac_dir/install-sh; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install-sh -c"
- break
- elif test -f $ac_dir/install.sh; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install.sh -c"
- break
- fi
-done
-if test -z "$ac_aux_dir"; then
- { echo "configure: error: can not find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." 1>&2; exit 1; }
-fi
-ac_config_guess=$ac_aux_dir/config.guess
-ac_config_sub=$ac_aux_dir/config.sub
-ac_configure=$ac_aux_dir/configure # This should be Cygnus configure.
-
-# Find a good install program. We prefer a C program (faster),
-# so one script is as good as another. But avoid the broken or
-# incompatible versions:
-# SysV /etc/install, /usr/sbin/install
-# SunOS /usr/etc/install
-# IRIX /sbin/install
-# AIX /bin/install
-# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
-# AFS /usr/afsws/bin/install, which mishandles nonexistent args
-# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
-# ./install, which can be erroneously created by make from ./install.sh.
-echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
-echo "configure:1023: checking for a BSD compatible install" >&5
-if test -z "$INSTALL"; then
-if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- IFS="${IFS= }"; ac_save_IFS="$IFS"; IFS=":"
- for ac_dir in $PATH; do
- # Account for people who put trailing slashes in PATH elements.
- case "$ac_dir/" in
- /|./|.//|/etc/*|/usr/sbin/*|/usr/etc/*|/sbin/*|/usr/afsws/bin/*|/usr/ucb/*) ;;
- *)
- # OSF1 and SCO ODT 3.0 have their own names for install.
- # Don't use installbsd from OSF since it installs stuff as root
- # by default.
- for ac_prog in ginstall scoinst install; do
- if test -f $ac_dir/$ac_prog; then
- if test $ac_prog = install &&
- grep dspmsg $ac_dir/$ac_prog >/dev/null 2>&1; then
- # AIX install. It has an incompatible calling convention.
- :
- else
- ac_cv_path_install="$ac_dir/$ac_prog -c"
- break 2
- fi
- fi
- done
- ;;
- esac
- done
- IFS="$ac_save_IFS"
-
-fi
- if test "${ac_cv_path_install+set}" = set; then
- INSTALL="$ac_cv_path_install"
- else
- # As a last resort, use the slow shell script. We don't cache a
- # path for INSTALL within a source directory, because that will
- # break other packages using the cache if that directory is
- # removed, or if the path is relative.
- INSTALL="$ac_install_sh"
- fi
-fi
-echo "$ac_t""$INSTALL" 1>&6
-
-# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
-# It thinks the first close brace ends the variable substitution.
-test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
-
-test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL_PROGRAM}'
-
-test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
-
-# Extract the first word of "ranlib", so it can be a program name with args.
-set dummy ranlib; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1078: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$RANLIB"; then
- ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_RANLIB="ranlib"
- break
- fi
- done
- IFS="$ac_save_ifs"
- test -z "$ac_cv_prog_RANLIB" && ac_cv_prog_RANLIB=":"
-fi
-fi
-RANLIB="$ac_cv_prog_RANLIB"
-if test -n "$RANLIB"; then
- echo "$ac_t""$RANLIB" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "ar", so it can be a program name with args.
-set dummy ar; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1108: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_AR'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$AR"; then
- ac_cv_prog_AR="$AR" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_AR="ar"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-AR="$ac_cv_prog_AR"
-if test -n "$AR"; then
- echo "$ac_t""$AR" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "ld", so it can be a program name with args.
-set dummy ld; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1137: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_LD'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$LD"; then
- ac_cv_prog_LD="$LD" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_LD="ld"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-LD="$ac_cv_prog_LD"
-if test -n "$LD"; then
- echo "$ac_t""$LD" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "rm", so it can be a program name with args.
-set dummy rm; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1166: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_RM'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$RM"; then
- ac_cv_prog_RM="$RM" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_RM="rm"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-RM="$ac_cv_prog_RM"
-if test -n "$RM"; then
- echo "$ac_t""$RM" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-# Extract the first word of "tar", so it can be a program name with args.
-set dummy tar; ac_word=$2
-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:1195: checking for $ac_word" >&5
-if eval "test \"`echo '$''{'ac_cv_prog_TAR'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- if test -n "$TAR"; then
- ac_cv_prog_TAR="$TAR" # Let the user override the test.
-else
- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":"
- ac_dummy="$PATH"
- for ac_dir in $ac_dummy; do
- test -z "$ac_dir" && ac_dir=.
- if test -f $ac_dir/$ac_word; then
- ac_cv_prog_TAR="tar"
- break
- fi
- done
- IFS="$ac_save_ifs"
-fi
-fi
-TAR="$ac_cv_prog_TAR"
-if test -n "$TAR"; then
- echo "$ac_t""$TAR" 1>&6
-else
- echo "$ac_t""no" 1>&6
-fi
-
-
-
-CPPFLAGS="$CFLAGS $NSPR_CFLAGS $NSS_CFLAGS $RSA_CFLAGS $DEBUG_CFLAGS"
-LIBS="$NSPR_LDFLAGS $LIBS"
-
-
-
-echo $ac_n "checking for PR_Init in -lnspr4""... $ac_c" 1>&6
-echo "configure:1229: checking for PR_Init in -lnspr4" >&5
-ac_lib_var=`echo nspr4'_'PR_Init | sed 'y%./+-%__p_%'`
-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- ac_save_LIBS="$LIBS"
-LIBS="-lnspr4 $LIBS"
-cat > conftest.$ac_ext <<EOF
-#line 1237 "configure"
-#include "confdefs.h"
-/* Override any gcc2 internal prototype to avoid an error. */
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char PR_Init();
-
-int main() {
-PR_Init()
-; return 0; }
-EOF
-if { (eval echo configure:1248: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
- rm -rf conftest*
- eval "ac_cv_lib_$ac_lib_var=yes"
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_lib_$ac_lib_var=no"
-fi
-rm -f conftest*
-LIBS="$ac_save_LIBS"
-
-fi
-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_lib=HAVE_LIB`echo nspr4 | sed -e 's/[^a-zA-Z0-9_]/_/g' \
- -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_lib 1
-EOF
-
- LIBS="-lnspr4 $LIBS"
-
-else
- echo "$ac_t""no" 1>&6
-fi
-
-
-for ac_hdr in nspr.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1280: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1285 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1290: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=yes"
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-fi
-done
-
-
-
-if test "x$nss" = "x1"; then
- for ac_hdr in ck.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1323: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1328 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1333: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=yes"
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-fi
-done
-
-fi
-
-if test "x$rsa" = "x1"; then
- for ac_hdr in pkcs11t.h pkcs11.h
-do
-ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
-echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1366: checking for $ac_hdr" >&5
-if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1371 "configure"
-#include "confdefs.h"
-#include <$ac_hdr>
-EOF
-ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1376: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
-ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
-if test -z "$ac_err"; then
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=yes"
-else
- echo "$ac_err" >&5
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_header_$ac_safe=no"
-fi
-rm -f conftest*
-fi
-if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_hdr 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-fi
-done
-
-fi
-
-
-
-echo $ac_n "checking for working const""... $ac_c" 1>&6
-echo "configure:1407: checking for working const" >&5
-if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1412 "configure"
-#include "confdefs.h"
-
-int main() {
-
-/* Ultrix mips cc rejects this. */
-typedef int charset[2]; const charset x;
-/* SunOS 4.1.1 cc rejects this. */
-char const *const *ccp;
-char **p;
-/* NEC SVR4.0.2 mips cc rejects this. */
-struct point {int x, y;};
-static struct point const zero = {0,0};
-/* AIX XL C 1.02.0.0 rejects this.
- It does not let you subtract one const X* pointer from another in an arm
- of an if-expression whose if-part is not a constant expression */
-const char *g = "string";
-ccp = &g + (g ? g-g : 0);
-/* HPUX 7.0 cc rejects these. */
-++ccp;
-p = (char**) ccp;
-ccp = (char const *const *) p;
-{ /* SCO 3.2v4 cc rejects this. */
- char *t;
- char const *s = 0 ? (char *) 0 : (char const *) 0;
-
- *t++ = 0;
-}
-{ /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */
- int x[] = {25, 17};
- const int *foo = &x[0];
- ++foo;
-}
-{ /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
- typedef const int *iptr;
- iptr p = 0;
- ++p;
-}
-{ /* AIX XL C 1.02.0.0 rejects this saying
- "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
- struct s { int j; const int *ap[3]; };
- struct s *b; b->j = 5;
-}
-{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
- const int foo = 10;
-}
-
-; return 0; }
-EOF
-if { (eval echo configure:1461: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
- rm -rf conftest*
- ac_cv_c_const=yes
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- ac_cv_c_const=no
-fi
-rm -f conftest*
-fi
-
-echo "$ac_t""$ac_cv_c_const" 1>&6
-if test $ac_cv_c_const = no; then
- cat >> confdefs.h <<\EOF
-#define const
-EOF
-
-fi
-
-
-
-for ac_func in memset strlen
-do
-echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:1486: checking for $ac_func" >&5
-if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 1491 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $ac_func(); below. */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error. */
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char $ac_func();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-$ac_func();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:1514: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
- rm -rf conftest*
- eval "ac_cv_func_$ac_func=yes"
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_func_$ac_func=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
- cat >> confdefs.h <<EOF
-#define $ac_tr_func 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-fi
-done
-
-
-trap '' 1 2 15
-cat > confcache <<\EOF
-# This file is a shell script that caches the results of configure
-# tests run on this system so they can be shared between configure
-# scripts and configure runs. It is not useful on other systems.
-# If it contains results you don't want to keep, you may remove or edit it.
-#
-# By default, configure uses ./config.cache as the cache file,
-# creating it if it does not exist already. You can give configure
-# the --cache-file=FILE option to use a different cache file; that is
-# what configure does when it calls configure scripts in
-# subdirectories, so they share the cache.
-# Giving --cache-file=/dev/null disables caching, for debugging configure.
-# config.status only pays attention to the cache file if you give it the
-# --recheck option to rerun configure.
-#
-EOF
-# The following way of writing the cache mishandles newlines in values,
-# but we know of no workaround that is simple, portable, and efficient.
-# So, don't put newlines in cache variables' values.
-# Ultrix sh set writes to stderr and can't be redirected directly,
-# and sets the high bit in the cache file unless we assign to the vars.
-(set) 2>&1 |
- case `(ac_space=' '; set | grep ac_space) 2>&1` in
- *ac_space=\ *)
- # `set' does not quote correctly, so add quotes (double-quote substitution
- # turns \\\\ into \\, and sed turns \\ into \).
- sed -n \
- -e "s/'/'\\\\''/g" \
- -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p"
- ;;
- *)
- # `set' quotes correctly as required by POSIX, so do not add quotes.
- sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p'
- ;;
- esac >> confcache
-if cmp -s $cache_file confcache; then
- :
-else
- if test -w $cache_file; then
- echo "updating cache $cache_file"
- cat confcache > $cache_file
- else
- echo "not updating unwritable cache $cache_file"
- fi
-fi
-rm -f confcache
-
-trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-# Let make expand exec_prefix.
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-# Any assignment to VPATH causes Sun make to only execute
-# the first set of double-colon rules, so remove it if not needed.
-# If there is a colon in the path, we need to keep it.
-if test "x$srcdir" = x.; then
- ac_vpsub='/^[ ]*VPATH[ ]*=[^:]*$/d'
-fi
-
-trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15
-
-DEFS=-DHAVE_CONFIG_H
-
-# Without the "./", some shells look in PATH for config.status.
-: ${CONFIG_STATUS=./config.status}
-
-echo creating $CONFIG_STATUS
-rm -f $CONFIG_STATUS
-cat > $CONFIG_STATUS <<EOF
-#! /bin/sh
-# Generated automatically by configure.
-# Run this file to recreate the current configuration.
-# This directory was configured as follows,
-# on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
-#
-# $0 $ac_configure_args
-#
-# Compiler output produced by configure, useful for debugging
-# configure, is in ./config.log if it exists.
-
-ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]"
-for ac_option
-do
- case "\$ac_option" in
- -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
- echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion"
- exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;;
- -version | --version | --versio | --versi | --vers | --ver | --ve | --v)
- echo "$CONFIG_STATUS generated by autoconf version 2.13"
- exit 0 ;;
- -help | --help | --hel | --he | --h)
- echo "\$ac_cs_usage"; exit 0 ;;
- *) echo "\$ac_cs_usage"; exit 1 ;;
- esac
-done
-
-ac_given_srcdir=$srcdir
-ac_given_INSTALL="$INSTALL"
-
-trap 'rm -fr `echo "Makefile config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
-EOF
-cat >> $CONFIG_STATUS <<EOF
-
-# Protect against being on the right side of a sed subst in config.status.
-sed 's/%@/@@/; s/@%/@@/; s/%g\$/@g/; /@g\$/s/[\\\\&%]/\\\\&/g;
- s/@@/%@/; s/@@/@%/; s/@g\$/%g/' > conftest.subs <<\\CEOF
-$ac_vpsub
-$extrasub
-s%@SHELL@%$SHELL%g
-s%@CFLAGS@%$CFLAGS%g
-s%@CPPFLAGS@%$CPPFLAGS%g
-s%@CXXFLAGS@%$CXXFLAGS%g
-s%@FFLAGS@%$FFLAGS%g
-s%@DEFS@%$DEFS%g
-s%@LDFLAGS@%$LDFLAGS%g
-s%@LIBS@%$LIBS%g
-s%@exec_prefix@%$exec_prefix%g
-s%@prefix@%$prefix%g
-s%@program_transform_name@%$program_transform_name%g
-s%@bindir@%$bindir%g
-s%@sbindir@%$sbindir%g
-s%@libexecdir@%$libexecdir%g
-s%@datadir@%$datadir%g
-s%@sysconfdir@%$sysconfdir%g
-s%@sharedstatedir@%$sharedstatedir%g
-s%@localstatedir@%$localstatedir%g
-s%@libdir@%$libdir%g
-s%@includedir@%$includedir%g
-s%@oldincludedir@%$oldincludedir%g
-s%@infodir@%$infodir%g
-s%@mandir@%$mandir%g
-s%@SET_MAKE@%$SET_MAKE%g
-s%@WITH_NSS@%$WITH_NSS%g
-s%@CC@%$CC%g
-s%@CPP@%$CPP%g
-s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g
-s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g
-s%@INSTALL_DATA@%$INSTALL_DATA%g
-s%@RANLIB@%$RANLIB%g
-s%@AR@%$AR%g
-s%@LD@%$LD%g
-s%@RM@%$RM%g
-s%@TAR@%$TAR%g
-s%@CC INSTALL RANLIB AR LD RM TAR@%$CC INSTALL RANLIB AR LD RM TAR%g
-s%@HAVE_NSPR_H@%$HAVE_NSPR_H%g
-s%@HAVE_CK_H HAVE_PKCS11T_H HAVE_PKCS11_H@%$HAVE_CK_H HAVE_PKCS11T_H HAVE_PKCS11_H%g
-s%@const@%$const%g
-s%@HAVE_MEMSET HAVE_STRLEN@%$HAVE_MEMSET HAVE_STRLEN%g
-
-CEOF
-EOF
-
-cat >> $CONFIG_STATUS <<\EOF
-
-# Split the substitutions into bite-sized pieces for seds with
-# small command number limits, like on Digital OSF/1 and HP-UX.
-ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script.
-ac_file=1 # Number of current file.
-ac_beg=1 # First line for current file.
-ac_end=$ac_max_sed_cmds # Line after last line for current file.
-ac_more_lines=:
-ac_sed_cmds=""
-while $ac_more_lines; do
- if test $ac_beg -gt 1; then
- sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file
- else
- sed "${ac_end}q" conftest.subs > conftest.s$ac_file
- fi
- if test ! -s conftest.s$ac_file; then
- ac_more_lines=false
- rm -f conftest.s$ac_file
- else
- if test -z "$ac_sed_cmds"; then
- ac_sed_cmds="sed -f conftest.s$ac_file"
- else
- ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file"
- fi
- ac_file=`expr $ac_file + 1`
- ac_beg=$ac_end
- ac_end=`expr $ac_end + $ac_max_sed_cmds`
- fi
-done
-if test -z "$ac_sed_cmds"; then
- ac_sed_cmds=cat
-fi
-EOF
-
-cat >> $CONFIG_STATUS <<EOF
-
-CONFIG_FILES=\${CONFIG_FILES-"Makefile"}
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
- case "$ac_file" in
- *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
- ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
- *) ac_file_in="${ac_file}.in" ;;
- esac
-
- # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories.
-
- # Remove last slash and all that follows it. Not all systems have dirname.
- ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
- if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
- # The file is in a subdirectory.
- test ! -d "$ac_dir" && mkdir "$ac_dir"
- ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`"
- # A "../" for each directory in $ac_dir_suffix.
- ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'`
- else
- ac_dir_suffix= ac_dots=
- fi
-
- case "$ac_given_srcdir" in
- .) srcdir=.
- if test -z "$ac_dots"; then top_srcdir=.
- else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;;
- /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;;
- *) # Relative path.
- srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix"
- top_srcdir="$ac_dots$ac_given_srcdir" ;;
- esac
-
- case "$ac_given_INSTALL" in
- [/$]*) INSTALL="$ac_given_INSTALL" ;;
- *) INSTALL="$ac_dots$ac_given_INSTALL" ;;
- esac
-
- echo creating "$ac_file"
- rm -f "$ac_file"
- configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure."
- case "$ac_file" in
- *Makefile*) ac_comsub="1i\\
-# $configure_input" ;;
- *) ac_comsub= ;;
- esac
-
- ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
- sed -e "$ac_comsub
-s%@configure_input@%$configure_input%g
-s%@srcdir@%$srcdir%g
-s%@top_srcdir@%$top_srcdir%g
-s%@INSTALL@%$INSTALL%g
-" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file
-fi; done
-rm -f conftest.s*
-
-# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
-# NAME is the cpp macro being defined and VALUE is the value it is being given.
-#
-# ac_d sets the value in "#define NAME VALUE" lines.
-ac_dA='s%^\([ ]*\)#\([ ]*define[ ][ ]*\)'
-ac_dB='\([ ][ ]*\)[^ ]*%\1#\2'
-ac_dC='\3'
-ac_dD='%g'
-# ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE".
-ac_uA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)'
-ac_uB='\([ ]\)%\1#\2define\3'
-ac_uC=' '
-ac_uD='\4%g'
-# ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
-ac_eA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)'
-ac_eB='$%\1#\2define\3'
-ac_eC=' '
-ac_eD='%g'
-
-if test "${CONFIG_HEADERS+set}" != set; then
-EOF
-cat >> $CONFIG_STATUS <<EOF
- CONFIG_HEADERS="config.h"
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-fi
-for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then
- # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
- case "$ac_file" in
- *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
- ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
- *) ac_file_in="${ac_file}.in" ;;
- esac
-
- echo creating $ac_file
-
- rm -f conftest.frag conftest.in conftest.out
- ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
- cat $ac_file_inputs > conftest.in
-
-EOF
-
-# Transform confdefs.h into a sed script conftest.vals that substitutes
-# the proper values into config.h.in to produce config.h. And first:
-# Protect against being on the right side of a sed subst in config.status.
-# Protect against being in an unquoted here document in config.status.
-rm -f conftest.vals
-cat > conftest.hdr <<\EOF
-s/[\\&%]/\\&/g
-s%[\\$`]%\\&%g
-s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD}%gp
-s%ac_d%ac_u%gp
-s%ac_u%ac_e%gp
-EOF
-sed -n -f conftest.hdr confdefs.h > conftest.vals
-rm -f conftest.hdr
-
-# This sed command replaces #undef with comments. This is necessary, for
-# example, in the case of _POSIX_SOURCE, which is predefined and required
-# on some systems where configure will not decide to define it.
-cat >> conftest.vals <<\EOF
-s%^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*%/* & */%
-EOF
-
-# Break up conftest.vals because some shells have a limit on
-# the size of here documents, and old seds have small limits too.
-
-rm -f conftest.tail
-while :
-do
- ac_lines=`grep -c . conftest.vals`
- # grep -c gives empty output for an empty file on some AIX systems.
- if test -z "$ac_lines" || test "$ac_lines" -eq 0; then break; fi
- # Write a limited-size here document to conftest.frag.
- echo ' cat > conftest.frag <<CEOF' >> $CONFIG_STATUS
- sed ${ac_max_here_lines}q conftest.vals >> $CONFIG_STATUS
- echo 'CEOF
- sed -f conftest.frag conftest.in > conftest.out
- rm -f conftest.in
- mv conftest.out conftest.in
-' >> $CONFIG_STATUS
- sed 1,${ac_max_here_lines}d conftest.vals > conftest.tail
- rm -f conftest.vals
- mv conftest.tail conftest.vals
-done
-rm -f conftest.vals
-
-cat >> $CONFIG_STATUS <<\EOF
- rm -f conftest.frag conftest.h
- echo "/* $ac_file. Generated automatically by configure. */" > conftest.h
- cat conftest.in >> conftest.h
- rm -f conftest.in
- if cmp -s $ac_file conftest.h 2>/dev/null; then
- echo "$ac_file is unchanged"
- rm -f conftest.h
- else
- # Remove last slash and all that follows it. Not all systems have dirname.
- ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
- if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
- # The file is in a subdirectory.
- test ! -d "$ac_dir" && mkdir "$ac_dir"
- fi
- rm -f $ac_file
- mv conftest.h $ac_file
- fi
-fi; done
-
-EOF
-cat >> $CONFIG_STATUS <<EOF
-
-EOF
-cat >> $CONFIG_STATUS <<\EOF
-echo timestamp > stamp-h
-exit 0
-EOF
-chmod +x $CONFIG_STATUS
-rm -fr confdefs* $ac_clean_files
-test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1
-
diff --git a/security/nss/tests/pkcs11/netscape/trivial/configure.in b/security/nss/tests/pkcs11/netscape/trivial/configure.in
deleted file mode 100644
index 76374882e..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/configure.in
+++ /dev/null
@@ -1,180 +0,0 @@
-dnl
-dnl The contents of this file are subject to the Mozilla Public
-dnl License Version 1.1 (the "License"); you may not use this file
-dnl except in compliance with the License. You may obtain a copy of
-dnl the License at http://www.mozilla.org/MPL/
-dnl
-dnl Software distributed under the License is distributed on an "AS
-dnl IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-dnl implied. See the License for the specific language governing
-dnl rights and limitations under the License.
-dnl
-dnl The Original Code is a trivial PKCS#11 test program.
-dnl
-dnl The Initial Developer of the Original Code is Netscape
-dnl Communications Corp. Portions created by Netscape are
-dnl Copyright (C) 2000. All Rights Reserved.
-dnl
-dnl Contributor(s):
-dnl
-dnl Alternatively, the contents of this file may be used under the
-dnl terms of the GNU General Public License Version 2 or later (the
-dnl "GPL"), in which case the provisions of the GPL are applicable
-dnl instead of those above. If you wish to allow use of your
-dnl version of this file only under the terms of the GPL and not to
-dnl allow others to use your version of this file under the MPL,
-dnl indicate your decision by deleting the provisions above and
-dnl replace them with the notice and other provisions required by
-dnl the GPL. If you do not delete the provisions above, a recipient
-dnl may use your version of this file under either the MPL or the
-dnl GPL.
-dnl
-
-dnl My revision info: "@(#) $RCSfile$ $Revision$ $Date$ $Name$"
-dnl Don't use AC_REVISION; it's broken
-
-AC_INIT(trivial.c)
-AC_CONFIG_HEADER(config.h)
-AC_PROG_MAKE_SET
-
-AC_ARG_WITH(nspr, [ --with-nspr[=path] specify location of NSPR],
-[ case "$withval" in
- no)
- AC_MSG_ERROR(NSPR is required);;
- yes)
- NSPR_INCLUDE="$includedir"
- NSPR_LIBPATH="$libdir"
- ;;
- *)
- NSPR_INCLUDE="$withval/include"
- NSPR_LIBPATH="$withval/lib"
- ;;
- esac ],
-[ NSPR_INCLUDE="$includedir"
- NSPR_LIBPATH="$libdir" ]
-)
-
-NSPR_CFLAGS="-I$NSPR_INCLUDE"
-NSPR_LDFLAGS="-L$NSPR_LIBPATH -lnspr4 -lplc4 -lplds4"
-
-dnl This isn't optimum, but the mozilla build system and autoconf don't really mesh well..
-
-AC_ARG_WITH(nss-dist, [ --with-nss-dist[=path] specify path to NSS dist directory],
-[ case "$withval" in
- no)
- NSS_CFLAGS=""
- nss="0"
- ;;
- yes)
- AC_MSG_ERROR(You have to specify a path for --with-nss-dist)
- ;;
- *)
- NSS_CFLAGS="-I$withval/private/security -I$withval/public/security"
- nss="1"
- ;;
- esac ])
-
-AC_ARG_WITH(nss-hdrs, [ --with-nss-hdrs[=path] or, specify path to installed NSS headers],
-[ if test "x$nss" != "x"; then
- AC_MSG_ERROR(Only specify --with-nss-hdrs or --with-nss-dist, not both)
- fi
- case "$withval" in
- no)
- NSS_CFLAGS=""
- nss="0"
- ;;
- yes)
- NSS_CFLAGS="-I$includedir"
- nss="1"
- ;;
- *)
- NSS_CFLAGS="-I$withval"
- nss="1"
- ;;
- esac ])
-
-AC_ARG_WITH(rsa-hdrs, [ --with-rsa-hdrs[=path] if not using NSS, specify path to RSA headers],
-[ if test "x$nss" != "x"; then
- AC_MSG_ERROR(Only specify --with-nss-{hdrs,dist} or --with-rsa-hdrs, not both)
- fi
- case "$withval" in
- no)
- rsa="0"
- ;;
- yes)
- RSA_INCLUDE="$includedir"
- rsa="1"
- ;;
- *)
- RSA_INCLUDE="$withval"
- rsa="1"
- ;;
- esac ])
-
-if test "x$nss" = "x"; then
- if test "x$rsa" = "x"; then
- RSA_INCLUDE="$includedir"
- fi
- RSA_CFLAGS="-I$RSA_INCLUDE"
-fi
-
-if test "x$nss" = "x1"; then
- AC_DEFINE(WITH_NSS,1)
-fi
-
-AC_SUBST(WITH_NSS)
-
-if test "x$rsa" = "x1"; then
- RSA_CFLAGS-"-I$RSA_INCLUDE"
-fi
-
-AC_ARG_ENABLE(debug, [ --disable-debug default is enabled],
-[ case "$enableval" in
- no)
- DEBUG_CFLAGS="";;
- yes)
- DEBUG_CFLAGS="-DDEBUG";;
- *)
- DEBUG_CFLAGS="-DDEBUG";;
- esac ], DEBUG_CFLAGS="-DDEBUG")
-
-dnl Checks for programs.
-AC_PROG_CC
-AC_PROG_CPP
-AC_PROG_INSTALL
-AC_PROG_RANLIB
-AC_CHECK_PROG(AR, ar, ar)
-AC_CHECK_PROG(LD, ld, ld)
-AC_CHECK_PROG(RM, rm, rm)
-AC_CHECK_PROG(TAR, tar, tar)
-AC_SUBST(CC INSTALL RANLIB AR LD RM TAR)
-
-CPPFLAGS="$CFLAGS $NSPR_CFLAGS $NSS_CFLAGS $RSA_CFLAGS $DEBUG_CFLAGS"
-LIBS="$NSPR_LDFLAGS $LIBS"
-
-AC_SUBST(CFLAGS)
-
-dnl Checks for libraries.
-AC_CHECK_LIB(nspr4, PR_Init)
-
-dnl Checks for header files.
-AC_CHECK_HEADERS(nspr.h)
-AC_SUBST(HAVE_NSPR_H)
-
-if test "x$nss" = "x1"; then
- AC_CHECK_HEADERS(ck.h)
-fi
-
-if test "x$rsa" = "x1"; then
- AC_CHECK_HEADERS(pkcs11t.h pkcs11.h)
-fi
-
-AC_SUBST(HAVE_CK_H HAVE_PKCS11T_H HAVE_PKCS11_H)
-
-dnl Checks for typedefs, structures, and compiler characteristics.
-AC_C_CONST
-AC_SUBST(const)
-
-AC_CHECK_FUNCS(memset strlen)
-AC_SUBST(HAVE_MEMSET HAVE_STRLEN)
-AC_OUTPUT(Makefile, [echo timestamp > stamp-h])
diff --git a/security/nss/tests/pkcs11/netscape/trivial/install-sh b/security/nss/tests/pkcs11/netscape/trivial/install-sh
deleted file mode 100755
index e9de23842..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/install-sh
+++ /dev/null
@@ -1,251 +0,0 @@
-#!/bin/sh
-#
-# install - install a program, script, or datafile
-# This comes from X11R5 (mit/util/scripts/install.sh).
-#
-# Copyright 1991 by the Massachusetts Institute of Technology
-#
-# Permission to use, copy, modify, distribute, and sell this software and its
-# documentation for any purpose is hereby granted without fee, provided that
-# the above copyright notice appear in all copies and that both that
-# copyright notice and this permission notice appear in supporting
-# documentation, and that the name of M.I.T. not be used in advertising or
-# publicity pertaining to distribution of the software without specific,
-# written prior permission. M.I.T. makes no representations about the
-# suitability of this software for any purpose. It is provided "as is"
-# without express or implied warranty.
-#
-# Calling this script install-sh is preferred over install.sh, to prevent
-# `make' implicit rules from creating a file called install from it
-# when there is no Makefile.
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch. It can only install one file at a time, a restriction
-# shared with many OS's install programs.
-
-
-# set DOITPROG to echo to test this script
-
-# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit="${DOITPROG-}"
-
-
-# put in absolute paths if you don't have them in your path; or use env. vars.
-
-mvprog="${MVPROG-mv}"
-cpprog="${CPPROG-cp}"
-chmodprog="${CHMODPROG-chmod}"
-chownprog="${CHOWNPROG-chown}"
-chgrpprog="${CHGRPPROG-chgrp}"
-stripprog="${STRIPPROG-strip}"
-rmprog="${RMPROG-rm}"
-mkdirprog="${MKDIRPROG-mkdir}"
-
-transformbasename=""
-transform_arg=""
-instcmd="$mvprog"
-chmodcmd="$chmodprog 0755"
-chowncmd=""
-chgrpcmd=""
-stripcmd=""
-rmcmd="$rmprog -f"
-mvcmd="$mvprog"
-src=""
-dst=""
-dir_arg=""
-
-while [ x"$1" != x ]; do
- case $1 in
- -c) instcmd="$cpprog"
- shift
- continue;;
-
- -d) dir_arg=true
- shift
- continue;;
-
- -m) chmodcmd="$chmodprog $2"
- shift
- shift
- continue;;
-
- -o) chowncmd="$chownprog $2"
- shift
- shift
- continue;;
-
- -g) chgrpcmd="$chgrpprog $2"
- shift
- shift
- continue;;
-
- -s) stripcmd="$stripprog"
- shift
- continue;;
-
- -t=*) transformarg=`echo $1 | sed 's/-t=//'`
- shift
- continue;;
-
- -b=*) transformbasename=`echo $1 | sed 's/-b=//'`
- shift
- continue;;
-
- *) if [ x"$src" = x ]
- then
- src=$1
- else
- # this colon is to work around a 386BSD /bin/sh bug
- :
- dst=$1
- fi
- shift
- continue;;
- esac
-done
-
-if [ x"$src" = x ]
-then
- echo "install: no input file specified"
- exit 1
-else
- true
-fi
-
-if [ x"$dir_arg" != x ]; then
- dst=$src
- src=""
-
- if [ -d $dst ]; then
- instcmd=:
- chmodcmd=""
- else
- instcmd=mkdir
- fi
-else
-
-# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
-# might cause directories to be created, which would be especially bad
-# if $src (and thus $dsttmp) contains '*'.
-
- if [ -f $src -o -d $src ]
- then
- true
- else
- echo "install: $src does not exist"
- exit 1
- fi
-
- if [ x"$dst" = x ]
- then
- echo "install: no destination specified"
- exit 1
- else
- true
- fi
-
-# If destination is a directory, append the input filename; if your system
-# does not like double slashes in filenames, you may need to add some logic
-
- if [ -d $dst ]
- then
- dst="$dst"/`basename $src`
- else
- true
- fi
-fi
-
-## this sed command emulates the dirname command
-dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
-
-# Make sure that the destination directory exists.
-# this part is taken from Noah Friedman's mkinstalldirs script
-
-# Skip lots of stat calls in the usual case.
-if [ ! -d "$dstdir" ]; then
-defaultIFS='
-'
-IFS="${IFS-${defaultIFS}}"
-
-oIFS="${IFS}"
-# Some sh's can't handle IFS=/ for some reason.
-IFS='%'
-set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
-IFS="${oIFS}"
-
-pathcomp=''
-
-while [ $# -ne 0 ] ; do
- pathcomp="${pathcomp}${1}"
- shift
-
- if [ ! -d "${pathcomp}" ] ;
- then
- $mkdirprog "${pathcomp}"
- else
- true
- fi
-
- pathcomp="${pathcomp}/"
-done
-fi
-
-if [ x"$dir_arg" != x ]
-then
- $doit $instcmd $dst &&
-
- if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
- if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
- if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
- if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
-else
-
-# If we're going to rename the final executable, determine the name now.
-
- if [ x"$transformarg" = x ]
- then
- dstfile=`basename $dst`
- else
- dstfile=`basename $dst $transformbasename |
- sed $transformarg`$transformbasename
- fi
-
-# don't allow the sed command to completely eliminate the filename
-
- if [ x"$dstfile" = x ]
- then
- dstfile=`basename $dst`
- else
- true
- fi
-
-# Make a temp file name in the proper directory.
-
- dsttmp=$dstdir/#inst.$$#
-
-# Move or copy the file name to the temp name
-
- $doit $instcmd $src $dsttmp &&
-
- trap "rm -f ${dsttmp}" 0 &&
-
-# and set any options; do chmod last to preserve setuid bits
-
-# If any of these fail, we abort the whole thing. If we want to
-# ignore errors from any of these, just make sure not to ignore
-# errors from the above "$doit $instcmd $src $dsttmp" command.
-
- if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
- if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
- if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
- if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
-
-# Now rename the file to the real destination.
-
- $doit $rmcmd -f $dstdir/$dstfile &&
- $doit $mvcmd $dsttmp $dstdir/$dstfile
-
-fi &&
-
-
-exit 0
diff --git a/security/nss/tests/pkcs11/netscape/trivial/trivial.c b/security/nss/tests/pkcs11/netscape/trivial/trivial.c
deleted file mode 100644
index ea9ceb596..000000000
--- a/security/nss/tests/pkcs11/netscape/trivial/trivial.c
+++ /dev/null
@@ -1,1313 +0,0 @@
-/*
- * The contents of this file are subject to the Mozilla Public
- * License Version 1.1 (the "License"); you may not use this file
- * except in compliance with the License. You may obtain a copy of
- * the License at http://www.mozilla.org/MPL/
- *
- * Software distributed under the License is distributed on an "AS
- * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- * implied. See the License for the specific language governing
- * rights and limitations under the License.
- *
- * The Original Code is a trivial PKCS#11 test program.
- *
- * The Initial Developer of the Original Code is Netscape
- * Communications Corporation. Portions created by Netscape are
- * Copyright (C) 2000 Netscape Communications Corporation. All
- * Rights Reserved.
- *
- * Contributor(s):
- *
- * Alternatively, the contents of this file may be used under the
- * terms of the GNU General Public License Version 2 or later (the
- * "GPL"), in which case the provisions of the GPL are applicable
- * instead of those above. If you wish to allow use of your
- * version of this file only under the terms of the GPL and not to
- * allow others to use your version of this file under the MPL,
- * indicate your decision by deleting the provisions above and
- * replace them with the notice and other provisions required by
- * the GPL. If you do not delete the provisions above, a recipient
- * may use your version of this file under either the MPL or the
- * GPL.
- */
-
-#ifdef DEBUG
-static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
-#endif /* DEBUG */
-
-/*
- * This is a very trivial program I wrote for testing out a
- * couple data-only Cryptoki modules for NSS. It's not a "real"
- * test program that prints out nice "PASS" or "FAIL" messages;
- * it just makes calls and dumps data.
- */
-
-#include "config.h"
-
-#ifdef HAVE_NSPR_H
-#include "nspr.h"
-#else
-#error "NSPR is required."
-#endif
-
-#ifdef WITH_NSS
-#define FGMR 1
-#include "ck.h"
-#else
-#include "pkcs11t.h"
-#include "pkcs11.h"
-#endif
-
-/* The RSA versions are sloppier with namespaces */
-#ifndef CK_TRUE
-#define CK_TRUE TRUE
-#endif
-
-#ifndef CK_FALSE
-#define CK_FALSE FALSE
-#endif
-
-int
-rmain
-(
- int argc,
- char *argv[]
-);
-
-int
-main
-(
- int argc,
- char *argv[]
-)
-{
- int rv = 0;
-
- PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 14);
- rv = rmain(argc, argv);
- PR_Cleanup();
-
- return rv;
-}
-
-static CK_ATTRIBUTE_TYPE all_known_attribute_types[] = {
- CKA_CLASS,
- CKA_TOKEN,
- CKA_PRIVATE,
- CKA_LABEL,
- CKA_APPLICATION,
- CKA_VALUE,
- CKA_CERTIFICATE_TYPE,
- CKA_ISSUER,
- CKA_SERIAL_NUMBER,
- CKA_KEY_TYPE,
- CKA_SUBJECT,
- CKA_ID,
- CKA_SENSITIVE,
- CKA_ENCRYPT,
- CKA_DECRYPT,
- CKA_WRAP,
- CKA_UNWRAP,
- CKA_SIGN,
- CKA_SIGN_RECOVER,
- CKA_VERIFY,
- CKA_VERIFY_RECOVER,
- CKA_DERIVE,
- CKA_START_DATE,
- CKA_END_DATE,
- CKA_MODULUS,
- CKA_MODULUS_BITS,
- CKA_PUBLIC_EXPONENT,
- CKA_PRIVATE_EXPONENT,
- CKA_PRIME_1,
- CKA_PRIME_2,
- CKA_EXPONENT_1,
- CKA_EXPONENT_2,
- CKA_COEFFICIENT,
- CKA_PRIME,
- CKA_SUBPRIME,
- CKA_BASE,
- CKA_VALUE_BITS,
- CKA_VALUE_LEN,
- CKA_EXTRACTABLE,
- CKA_LOCAL,
- CKA_NEVER_EXTRACTABLE,
- CKA_ALWAYS_SENSITIVE,
- CKA_MODIFIABLE,
-#ifdef CKA_NETSCAPE
- CKA_NETSCAPE_URL,
- CKA_NETSCAPE_EMAIL,
- CKA_NETSCAPE_SMIME_INFO,
- CKA_NETSCAPE_SMIME_TIMESTAMP,
- CKA_NETSCAPE_PKCS8_SALT,
- CKA_NETSCAPE_PASSWORD_CHECK,
- CKA_NETSCAPE_EXPIRES,
-#endif /* CKA_NETSCAPE */
-#ifdef CKA_TRUST
- CKA_TRUST_DIGITAL_SIGNATURE,
- CKA_TRUST_NON_REPUDIATION,
- CKA_TRUST_KEY_ENCIPHERMENT,
- CKA_TRUST_DATA_ENCIPHERMENT,
- CKA_TRUST_KEY_AGREEMENT,
- CKA_TRUST_KEY_CERT_SIGN,
- CKA_TRUST_CRL_SIGN,
- CKA_TRUST_SERVER_AUTH,
- CKA_TRUST_CLIENT_AUTH,
- CKA_TRUST_CODE_SIGNING,
- CKA_TRUST_EMAIL_PROTECTION,
- CKA_TRUST_IPSEC_END_SYSTEM,
- CKA_TRUST_IPSEC_TUNNEL,
- CKA_TRUST_IPSEC_USER,
- CKA_TRUST_TIME_STAMPING,
-#endif /* CKA_TRUST */
-};
-
-static number_of_all_known_attribute_types =
- (sizeof(all_known_attribute_types)/sizeof(all_known_attribute_types[0]));
-
-int
-usage
-(
- char *argv0
-)
-{
- PR_fprintf(PR_STDERR, "Usage: %s [-i {string|--}] <library>.so\n", argv0);
- return 1;
-}
-
-int
-rmain
-(
- int argc,
- char *argv[]
-)
-{
- char *argv0 = argv[0];
- PRLibrary *lib;
- CK_C_GetFunctionList gfl;
- CK_FUNCTION_LIST_PTR epv = (CK_FUNCTION_LIST_PTR)NULL;
- CK_RV ck_rv;
- CK_INFO info;
- CK_ULONG nSlots;
- CK_SLOT_ID *pSlots;
- CK_ULONG i;
- CK_C_INITIALIZE_ARGS ia, *iap;
-
- (void)memset(&ia, 0, sizeof(CK_C_INITIALIZE_ARGS));
- iap = (CK_C_INITIALIZE_ARGS *)NULL;
- while( argv++, --argc ) {
- if( '-' == argv[0][0] ) {
- switch( argv[0][1] ) {
- case 'i':
- iap = &ia;
- if( ((char *)NULL != argv[1]) && ('-' != argv[1][0]) ) {
-#ifdef WITH_NSS
- ia.pConfig = argv[1];
- ia.ulConfigLen = strlen(argv[1]);
- argv++, --argc;
-#else
- return usage(argv0);
-#endif /* WITH_NSS */
- }
- break;
- case '-':
- argv++, --argc;
- goto endargs;
- default:
- return usage(argv0);
- }
- } else {
- break;
- }
- }
- endargs:;
-
- if( 1 != argc ) {
- return usage(argv0);
- }
-
- lib = PR_LoadLibrary(argv[0]);
- if( (PRLibrary *)NULL == lib ) {
- PR_fprintf(PR_STDERR, "Can't load %s: %ld, %ld\n", argv[1], PR_GetError(), PR_GetOSError());
- return 1;
- }
-
- gfl = (CK_C_GetFunctionList)PR_FindSymbol(lib, "C_GetFunctionList");
- if( (CK_C_GetFunctionList)NULL == gfl ) {
- PR_fprintf(PR_STDERR, "Can't find C_GetFunctionList in %s: %ld, %ld\n", argv[1],
- PR_GetError(), PR_GetOSError());
- return 1;
- }
-
- ck_rv = (*gfl)(&epv);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "CK_GetFunctionList returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, "Module %s loaded, epv = 0x%08x.\n\n", argv[1], (CK_ULONG)epv);
-
- /* C_Initialize */
- ck_rv = epv->C_Initialize(iap);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_Initialize returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- /* C_GetInfo */
- (void)memset(&info, 0, sizeof(CK_INFO));
- ck_rv = epv->C_GetInfo(&info);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetInfo returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, "Module Info:\n");
- PR_fprintf(PR_STDOUT, " cryptokiVersion = %lu.%02lu\n",
- (PRUint32)info.cryptokiVersion.major, (PRUint32)info.cryptokiVersion.minor);
- PR_fprintf(PR_STDOUT, " manufacturerID = \"%.32s\"\n", info.manufacturerID);
- PR_fprintf(PR_STDOUT, " flags = 0x%08lx\n", info.flags);
- PR_fprintf(PR_STDOUT, " libraryDescription = \"%.32s\"\n", info.libraryDescription);
- PR_fprintf(PR_STDOUT, " libraryVersion = %lu.%02lu\n",
- (PRUint32)info.libraryVersion.major, (PRUint32)info.libraryVersion.minor);
- PR_fprintf(PR_STDOUT, "\n");
-
- /* C_GetSlotList */
- nSlots = 0;
- ck_rv = epv->C_GetSlotList(CK_FALSE, (CK_SLOT_ID_PTR)CK_NULL_PTR, &nSlots);
- switch( ck_rv ) {
- case CKR_BUFFER_TOO_SMALL:
- case CKR_OK:
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetSlotList(FALSE, NULL, ) returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, "There are %lu slots.\n", nSlots);
-
- pSlots = (CK_SLOT_ID_PTR)PR_Calloc(nSlots, sizeof(CK_SLOT_ID));
- if( (CK_SLOT_ID_PTR)NULL == pSlots ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n", nSlots * sizeof(CK_SLOT_ID));
- return 1;
- }
-
- ck_rv = epv->C_GetSlotList(CK_FALSE, pSlots, &nSlots);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetSlotList(FALSE, , ) returned 0x%08x\n", ck_rv);
- return 1;
- }
-
- for( i = 0; i < nSlots; i++ ) {
- PR_fprintf(PR_STDOUT, " [%lu]: CK_SLOT_ID = %lu\n", (i+1), pSlots[i]);
- }
-
- PR_fprintf(PR_STDOUT, "\n");
-
- /* C_GetSlotInfo */
- for( i = 0; i < nSlots; i++ ) {
- CK_SLOT_INFO sinfo;
-
- PR_fprintf(PR_STDOUT, "[%lu]: CK_SLOT_ID = %lu\n", (i+1), pSlots[i]);
-
- (void)memset(&sinfo, 0, sizeof(CK_SLOT_INFO));
- ck_rv = epv->C_GetSlotInfo(pSlots[i], &sinfo);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetSlotInfo(%lu, ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Slot Info:\n");
- PR_fprintf(PR_STDOUT, " slotDescription = \"%.64s\"\n", sinfo.slotDescription);
- PR_fprintf(PR_STDOUT, " manufacturerID = \"%.32s\"\n", sinfo.manufacturerID);
- PR_fprintf(PR_STDOUT, " flags = 0x%08lx\n", sinfo.flags);
- PR_fprintf(PR_STDOUT, " -> TOKEN PRESENT = %s\n",
- sinfo.flags & CKF_TOKEN_PRESENT ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> REMOVABLE DEVICE = %s\n",
- sinfo.flags & CKF_REMOVABLE_DEVICE ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> HW SLOT = %s\n",
- sinfo.flags & CKF_HW_SLOT ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " hardwareVersion = %lu.%02lu\n",
- (PRUint32)sinfo.hardwareVersion.major, (PRUint32)sinfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, " firmwareVersion = %lu.%02lu\n",
- (PRUint32)sinfo.firmwareVersion.major, (PRUint32)sinfo.firmwareVersion.minor);
-
- if( sinfo.flags & CKF_TOKEN_PRESENT ) {
- CK_TOKEN_INFO tinfo;
- CK_MECHANISM_TYPE *pMechanismList;
- CK_ULONG nMechanisms = 0;
- CK_ULONG j;
-
- (void)memset(&tinfo, 0, sizeof(CK_TOKEN_INFO));
- ck_rv = epv->C_GetTokenInfo(pSlots[i], &tinfo);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetTokenInfo(%lu, ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Token Info:\n");
- PR_fprintf(PR_STDOUT, " label = \"%.32s\"\n", tinfo.label);
- PR_fprintf(PR_STDOUT, " manufacturerID = \"%.32s\"\n", tinfo.manufacturerID);
- PR_fprintf(PR_STDOUT, " model = \"%.16s\"\n", tinfo.model);
- PR_fprintf(PR_STDOUT, " serialNumber = \"%.16s\"\n", tinfo.serialNumber);
- PR_fprintf(PR_STDOUT, " flags = 0x%08lx\n", tinfo.flags);
- PR_fprintf(PR_STDOUT, " -> RNG = %s\n",
- tinfo.flags & CKF_RNG ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> WRITE PROTECTED = %s\n",
- tinfo.flags & CKF_WRITE_PROTECTED ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> LOGIN REQUIRED = %s\n",
- tinfo.flags & CKF_LOGIN_REQUIRED ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> USER PIN INITIALIZED = %s\n",
- tinfo.flags & CKF_USER_PIN_INITIALIZED ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> RESTORE KEY NOT NEEDED = %s\n",
- tinfo.flags & CKF_RESTORE_KEY_NOT_NEEDED ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> CLOCK ON TOKEN = %s\n",
- tinfo.flags & CKF_CLOCK_ON_TOKEN ? "TRUE" : "FALSE");
-#ifdef CKF_SUPPORTS_PARALLEL
- PR_fprintf(PR_STDOUT, " -> SUPPORTS PARALLEL = %s\n",
- tinfo.flags & CKF_SUPPORTS_PARALLEL ? "TRUE" : "FALSE");
-#endif /* CKF_SUPPORTS_PARALLEL */
- PR_fprintf(PR_STDOUT, " -> PROTECTED AUTHENTICATION PATH = %s\n",
- tinfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> DUAL_CRYPTO_OPERATIONS = %s\n",
- tinfo.flags & CKF_DUAL_CRYPTO_OPERATIONS ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " ulMaxSessionCount = %lu\n", tinfo.ulMaxSessionCount);
- PR_fprintf(PR_STDOUT, " ulSessionCount = %lu\n", tinfo.ulSessionCount);
- PR_fprintf(PR_STDOUT, " ulMaxRwSessionCount = %lu\n", tinfo.ulMaxRwSessionCount);
- PR_fprintf(PR_STDOUT, " ulRwSessionCount = %lu\n", tinfo.ulRwSessionCount);
- PR_fprintf(PR_STDOUT, " ulMaxPinLen = %lu\n", tinfo.ulMaxPinLen);
- PR_fprintf(PR_STDOUT, " ulMinPinLen = %lu\n", tinfo.ulMinPinLen);
- PR_fprintf(PR_STDOUT, " ulTotalPublicMemory = %lu\n", tinfo.ulTotalPublicMemory);
- PR_fprintf(PR_STDOUT, " ulFreePublicMemory = %lu\n", tinfo.ulFreePublicMemory);
- PR_fprintf(PR_STDOUT, " ulTotalPrivateMemory = %lu\n", tinfo.ulTotalPrivateMemory);
- PR_fprintf(PR_STDOUT, " ulFreePrivateMemory = %lu\n", tinfo.ulFreePrivateMemory);
- PR_fprintf(PR_STDOUT, " hardwareVersion = %lu.%02lu\n",
- (PRUint32)tinfo.hardwareVersion.major, (PRUint32)tinfo.hardwareVersion.minor);
- PR_fprintf(PR_STDOUT, " firmwareVersion = %lu.%02lu\n",
- (PRUint32)tinfo.firmwareVersion.major, (PRUint32)tinfo.firmwareVersion.minor);
- PR_fprintf(PR_STDOUT, " utcTime = \"%.16s\"\n", tinfo.utcTime);
-
-
- ck_rv = epv->C_GetMechanismList(pSlots[i], (CK_MECHANISM_TYPE_PTR)CK_NULL_PTR, &nMechanisms);
- switch( ck_rv ) {
- case CKR_BUFFER_TOO_SMALL:
- case CKR_OK:
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetMechanismList(%lu, NULL, ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " %lu mechanisms:\n", nMechanisms);
-
- pMechanismList = (CK_MECHANISM_TYPE_PTR)PR_Calloc(nMechanisms, sizeof(CK_MECHANISM_TYPE));
- if( (CK_MECHANISM_TYPE_PTR)NULL == pMechanismList ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n",
- nMechanisms * sizeof(CK_MECHANISM_TYPE));
- return 1;
- }
-
- ck_rv = epv->C_GetMechanismList(pSlots[i], pMechanismList, &nMechanisms);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetMechanismList(%lu, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- for( j = 0; j < nMechanisms; j++ ) {
- PR_fprintf(PR_STDOUT, " {%lu}: CK_MECHANISM_TYPE = %lu\n", (j+1), pMechanismList[j]);
- }
-
- PR_fprintf(PR_STDOUT, "\n");
-
- for( j = 0; j < nMechanisms; j++ ) {
- CK_MECHANISM_INFO minfo;
-
- (void)memset(&minfo, 0, sizeof(CK_MECHANISM_INFO));
- ck_rv = epv->C_GetMechanismInfo(pSlots[i], pMechanismList[j], &minfo);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_GetMechanismInfo(%lu, %lu, ) returned 0x%08x\n", pSlots[i],
- pMechanismList[j]);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " [%lu]: CK_MECHANISM_TYPE = %lu\n", (j+1), pMechanismList[j]);
- PR_fprintf(PR_STDOUT, " ulMinKeySize = %lu\n", minfo.ulMinKeySize);
- PR_fprintf(PR_STDOUT, " ulMaxKeySize = %lu\n", minfo.ulMaxKeySize);
- PR_fprintf(PR_STDOUT, " flags = 0x%08x\n", minfo.flags);
- PR_fprintf(PR_STDOUT, " -> HW = %s\n", minfo.flags & CKF_HW ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> ENCRYPT = %s\n", minfo.flags & CKF_ENCRYPT ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> DECRYPT = %s\n", minfo.flags & CKF_DECRYPT ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> DIGEST = %s\n", minfo.flags & CKF_DIGEST ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> SIGN = %s\n", minfo.flags & CKF_SIGN ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> SIGN_RECOVER = %s\n", minfo.flags & CKF_SIGN_RECOVER ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> VERIFY = %s\n", minfo.flags & CKF_VERIFY ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> VERIFY_RECOVER = %s\n", minfo.flags & CKF_VERIFY_RECOVER ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> GENERATE = %s\n", minfo.flags & CKF_GENERATE ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> GENERATE_KEY_PAIR = %s\n", minfo.flags & CKF_GENERATE_KEY_PAIR ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> WRAP = %s\n", minfo.flags & CKF_WRAP ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> UNWRAP = %s\n", minfo.flags & CKF_UNWRAP ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> DERIVE = %s\n", minfo.flags & CKF_DERIVE ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> EXTENSION = %s\n", minfo.flags & CKF_EXTENSION ? "TRUE" : "FALSE");
-
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- if( tinfo.flags & CKF_LOGIN_REQUIRED ) {
- PR_fprintf(PR_STDERR, "*** LOGIN REQUIRED but not yet implemented ***\n");
- /* all the stuff about logging in as SO and setting the user pin if needed, etc. */
- return 2;
- }
-
- /* session to find objects */
- {
- CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
- CK_SESSION_INFO sinfo;
- CK_ATTRIBUTE_PTR pTemplate;
- CK_ULONG tnObjects = 0;
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a session: handle = 0x%08x\n", h);
-
- (void)memset(&sinfo, 0, sizeof(CK_SESSION_INFO));
- ck_rv = epv->C_GetSessionInfo(h, &sinfo);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDOUT, "C_GetSessionInfo(%lu, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " SESSION INFO:\n");
- PR_fprintf(PR_STDOUT, " slotID = %lu\n", sinfo.slotID);
- PR_fprintf(PR_STDOUT, " state = %lu\n", sinfo.state);
- PR_fprintf(PR_STDOUT, " flags = 0x%08x\n", sinfo.flags);
-#ifdef CKF_EXCLUSIVE_SESSION
- PR_fprintf(PR_STDOUT, " -> EXCLUSIVE SESSION = %s\n", sinfo.flags & CKF_EXCLUSIVE_SESSION ? "TRUE" : "FALSE");
-#endif /* CKF_EXCLUSIVE_SESSION */
- PR_fprintf(PR_STDOUT, " -> RW SESSION = %s\n", sinfo.flags & CKF_RW_SESSION ? "TRUE" : "FALSE");
- PR_fprintf(PR_STDOUT, " -> SERIAL SESSION = %s\n", sinfo.flags & CKF_SERIAL_SESSION ? "TRUE" : "FALSE");
-#ifdef CKF_INSERTION_CALLBACK
- PR_fprintf(PR_STDOUT, " -> INSERTION CALLBACK = %s\n", sinfo.flags & CKF_INSERTION_CALLBACK ? "TRUE" : "FALSE");
-#endif /* CKF_INSERTION_CALLBACK */
- PR_fprintf(PR_STDOUT, " ulDeviceError = %lu\n", sinfo.ulDeviceError);
- PR_fprintf(PR_STDOUT, "\n");
-
- ck_rv = epv->C_FindObjectsInit(h, (CK_ATTRIBUTE_PTR)CK_NULL_PTR, 0);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDOUT, "C_FindObjectsInit(%lu, NULL_PTR, 0) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- pTemplate = (CK_ATTRIBUTE_PTR)PR_Calloc(number_of_all_known_attribute_types, sizeof(CK_ATTRIBUTE));
- if( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n",
- number_of_all_known_attribute_types * sizeof(CK_ATTRIBUTE));
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " All objects:\n");
-
- while(1) {
- CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0;
- CK_ULONG nObjects = 0;
- CK_ULONG k;
- CK_ULONG nAttributes = 0;
- CK_ATTRIBUTE_PTR pT2;
- CK_ULONG l;
-
- ck_rv = epv->C_FindObjects(h, &o, 1, &nObjects);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu, , 1, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- if( 0 == nObjects ) {
- PR_fprintf(PR_STDOUT, "\n");
- break;
- }
-
- tnObjects++;
-
- PR_fprintf(PR_STDOUT, " OBJECT HANDLE %lu:\n", o);
-
- for( k = 0; k < number_of_all_known_attribute_types; k++ ) {
- pTemplate[k].type = all_known_attribute_types[k];
- pTemplate[k].pValue = (CK_VOID_PTR)CK_NULL_PTR;
- pTemplate[k].ulValueLen = 0;
- }
-
- ck_rv = epv->C_GetAttributeValue(h, o, pTemplate, number_of_all_known_attribute_types);
- switch( ck_rv ) {
- case CKR_OK:
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetAtributeValue(%lu, %lu, {all attribute types}, %lu) returned 0x%08x\n",
- h, o, number_of_all_known_attribute_types, ck_rv);
- return 1;
- }
-
- for( k = 0; k < number_of_all_known_attribute_types; k++ ) {
- if( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
- nAttributes++;
- }
- }
-
- if( 1 ) {
- PR_fprintf(PR_STDOUT, " %lu attributes:\n", nAttributes);
- for( k = 0; k < number_of_all_known_attribute_types; k++ ) {
- if( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
- PR_fprintf(PR_STDOUT, " 0x%08x (len = %lu)\n", pTemplate[k].type,
- pTemplate[k].ulValueLen);
- }
- }
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- pT2 = (CK_ATTRIBUTE_PTR)PR_Calloc(nAttributes, sizeof(CK_ATTRIBUTE));
- if( (CK_ATTRIBUTE_PTR)NULL == pT2 ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n",
- nAttributes * sizeof(CK_ATTRIBUTE));
- return 1;
- }
-
- for( l = 0, k = 0; k < number_of_all_known_attribute_types; k++ ) {
- if( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
- pT2[l].type = pTemplate[k].type;
- pT2[l].ulValueLen = pTemplate[k].ulValueLen;
- pT2[l].pValue = (CK_VOID_PTR)PR_Malloc(pT2[l].ulValueLen);
- if( (CK_VOID_PTR)NULL == pT2[l].pValue ) {
- PR_fprintf(PR_STDERR, "[memory allocation of %lu bytes failed]\n", pT2[l].ulValueLen);
- return 1;
- }
- l++;
- }
- }
-
- PR_ASSERT( l == nAttributes );
-
- ck_rv = epv->C_GetAttributeValue(h, o, pT2, nAttributes);
- switch( ck_rv ) {
- case CKR_OK:
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetAtributeValue(%lu, %lu, {existant attribute types}, %lu) returned 0x%08x\n",
- h, o, nAttributes, ck_rv);
- return 1;
- }
-
- for( l = 0; l < nAttributes; l++ ) {
- PR_fprintf(PR_STDOUT, " type = 0x%08x, len = %ld", pT2[l].type, (CK_LONG)pT2[l].ulValueLen);
- if( -1 == (CK_LONG)pT2[l].ulValueLen ) {
- ;
- } else {
- CK_ULONG m;
-
- if( pT2[l].ulValueLen <= 8 ) {
- PR_fprintf(PR_STDOUT, ", value = ");
- } else {
- PR_fprintf(PR_STDOUT, ", value = \n ");
- }
-
- for( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) {
- PR_fprintf(PR_STDOUT, "%02x", (CK_ULONG)(0xff & ((CK_CHAR_PTR)pT2[l].pValue)[m]));
- }
-
- PR_fprintf(PR_STDOUT, " ");
-
- for( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) {
- CK_CHAR c = ((CK_CHAR_PTR)pT2[l].pValue)[m];
- if( (c < 0x20) || (c >= 0x7f) ) {
- c = '.';
- }
- PR_fprintf(PR_STDOUT, "%c", c);
- }
- }
-
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- PR_fprintf(PR_STDOUT, "\n");
-
- for( l = 0; l < nAttributes; l++ ) {
- PR_Free(pT2[l].pValue);
- }
- PR_Free(pT2);
- } /* while(1) */
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " (%lu objects total)\n", tnObjects);
-
- ck_rv = epv->C_CloseSession(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CloseSession(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
- } /* session to find objects */
-
- /* session to create, find, and delete a couple session objects */
- {
- CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
- CK_ATTRIBUTE one[7], two[7], three[7], delta[1], mask[1];
- CK_OBJECT_CLASS cko_data = CKO_DATA;
- CK_BBOOL false = CK_FALSE, true = CK_TRUE;
- char *key = "TEST PROGRAM";
- CK_ULONG key_len = strlen(key);
- CK_OBJECT_HANDLE hOneIn = (CK_OBJECT_HANDLE)0, hTwoIn = (CK_OBJECT_HANDLE)0,
- hThreeIn = (CK_OBJECT_HANDLE)0, hDeltaIn = (CK_OBJECT_HANDLE)0;
- CK_OBJECT_HANDLE found[10];
- CK_ULONG nFound;
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a session: handle = 0x%08x\n", h);
-
- one[0].type = CKA_CLASS;
- one[0].pValue = &cko_data;
- one[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- one[1].type = CKA_TOKEN;
- one[1].pValue = &false;
- one[1].ulValueLen = sizeof(CK_BBOOL);
- one[2].type = CKA_PRIVATE;
- one[2].pValue = &false;
- one[2].ulValueLen = sizeof(CK_BBOOL);
- one[3].type = CKA_MODIFIABLE;
- one[3].pValue = &true;
- one[3].ulValueLen = sizeof(CK_BBOOL);
- one[4].type = CKA_LABEL;
- one[4].pValue = "Test data object one";
- one[4].ulValueLen = strlen(one[4].pValue);
- one[5].type = CKA_APPLICATION;
- one[5].pValue = key;
- one[5].ulValueLen = key_len;
- one[6].type = CKA_VALUE;
- one[6].pValue = "Object one";
- one[6].ulValueLen = strlen(one[6].pValue);
-
- two[0].type = CKA_CLASS;
- two[0].pValue = &cko_data;
- two[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- two[1].type = CKA_TOKEN;
- two[1].pValue = &false;
- two[1].ulValueLen = sizeof(CK_BBOOL);
- two[2].type = CKA_PRIVATE;
- two[2].pValue = &false;
- two[2].ulValueLen = sizeof(CK_BBOOL);
- two[3].type = CKA_MODIFIABLE;
- two[3].pValue = &true;
- two[3].ulValueLen = sizeof(CK_BBOOL);
- two[4].type = CKA_LABEL;
- two[4].pValue = "Test data object two";
- two[4].ulValueLen = strlen(two[4].pValue);
- two[5].type = CKA_APPLICATION;
- two[5].pValue = key;
- two[5].ulValueLen = key_len;
- two[6].type = CKA_VALUE;
- two[6].pValue = "Object two";
- two[6].ulValueLen = strlen(two[6].pValue);
-
- three[0].type = CKA_CLASS;
- three[0].pValue = &cko_data;
- three[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- three[1].type = CKA_TOKEN;
- three[1].pValue = &false;
- three[1].ulValueLen = sizeof(CK_BBOOL);
- three[2].type = CKA_PRIVATE;
- three[2].pValue = &false;
- three[2].ulValueLen = sizeof(CK_BBOOL);
- three[3].type = CKA_MODIFIABLE;
- three[3].pValue = &true;
- three[3].ulValueLen = sizeof(CK_BBOOL);
- three[4].type = CKA_LABEL;
- three[4].pValue = "Test data object three";
- three[4].ulValueLen = strlen(three[4].pValue);
- three[5].type = CKA_APPLICATION;
- three[5].pValue = key;
- three[5].ulValueLen = key_len;
- three[6].type = CKA_VALUE;
- three[6].pValue = "Object three";
- three[6].ulValueLen = strlen(three[6].pValue);
-
- ck_rv = epv->C_CreateObject(h, one, 7, &hOneIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, one, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object one: handle = %lu\n", hOneIn);
-
- ck_rv = epv->C_CreateObject(h, two, 7, &hTwoIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, two, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object two: handle = %lu\n", hTwoIn);
-
- ck_rv = epv->C_CreateObject(h, three, 7, &hThreeIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, three, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object three: handle = %lu\n", hThreeIn);
-
- delta[0].type = CKA_VALUE;
- delta[0].pValue = "Copied object";
- delta[0].ulValueLen = strlen(delta[0].pValue);
-
- ck_rv = epv->C_CopyObject(h, hThreeIn, delta, 1, &hDeltaIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CopyObject(%lu, %lu, delta, 1, ) returned 0x%08x\n",
- h, hThreeIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Copied object three: new handle = %lu\n", hDeltaIn);
-
- mask[0].type = CKA_APPLICATION;
- mask[0].pValue = key;
- mask[0].ulValueLen = key_len;
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 1) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- if( 4 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 4.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 4 objects: %lu, %lu, %lu, %lu\n",
- found[0], found[1], found[2], found[3]);
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- ck_rv = epv->C_DestroyObject(h, hThreeIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_DestroyObject(%lu, %lu) returned 0x%08x\n", h, hThreeIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Destroyed object three (handle = %lu)\n", hThreeIn);
-
- delta[0].type = CKA_APPLICATION;
- delta[0].pValue = "Changed application";
- delta[0].ulValueLen = strlen(delta[0].pValue);
-
- ck_rv = epv->C_SetAttributeValue(h, hTwoIn, delta, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_SetAttributeValue(%lu, %lu, delta, 1) returned 0x%08x\n",
- h, hTwoIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Changed object two (handle = %lu).\n", hTwoIn);
-
- /* Can another session find these session objects? */
- {
- CK_SESSION_HANDLE h2 = (CK_SESSION_HANDLE)0;
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a second session: handle = 0x%08x\n", h2);
-
- /* mask is still the same */
-
- ck_rv = epv->C_FindObjectsInit(h2, mask, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 1) returned 0x%08x\n",
- h2, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h2, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h2, ck_rv);
- return 1;
- }
-
- if( 2 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 2.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 2 objects: %lu, %lu\n",
- found[0], found[1]);
-
- ck_rv = epv->C_FindObjectsFinal(h2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h2, ck_rv);
- return 1;
- }
-
- /* Leave the session hanging open, we'll CloseAllSessions later */
- } /* Can another session find these session objects? */
-
- ck_rv = epv->C_CloseAllSessions(pSlots[i]);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CloseAllSessions(%lu) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
- } /* session to create, find, and delete a couple session objects */
-
- /* Might be interesting to do a find here to verify that all session objects are gone. */
-
- if( tinfo.flags & CKF_WRITE_PROTECTED ) {
- PR_fprintf(PR_STDOUT, "Token is write protected, skipping token-object tests.\n");
- } else {
- CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
- CK_ATTRIBUTE tobj[7], tsobj[7], stobj[7], delta[1], mask[2];
- CK_OBJECT_CLASS cko_data = CKO_DATA;
- CK_BBOOL false = CK_FALSE, true = CK_TRUE;
- char *key = "TEST PROGRAM";
- CK_ULONG key_len = strlen(key);
- CK_OBJECT_HANDLE hTIn = (CK_OBJECT_HANDLE)0, hTSIn = (CK_OBJECT_HANDLE)0,
- hSTIn = (CK_OBJECT_HANDLE)0, hDeltaIn = (CK_OBJECT_HANDLE)0;
- CK_OBJECT_HANDLE found[10];
- CK_ULONG nFound;
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a session: handle = 0x%08x\n", h);
-
- tobj[0].type = CKA_CLASS;
- tobj[0].pValue = &cko_data;
- tobj[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- tobj[1].type = CKA_TOKEN;
- tobj[1].pValue = &true;
- tobj[1].ulValueLen = sizeof(CK_BBOOL);
- tobj[2].type = CKA_PRIVATE;
- tobj[2].pValue = &false;
- tobj[2].ulValueLen = sizeof(CK_BBOOL);
- tobj[3].type = CKA_MODIFIABLE;
- tobj[3].pValue = &true;
- tobj[3].ulValueLen = sizeof(CK_BBOOL);
- tobj[4].type = CKA_LABEL;
- tobj[4].pValue = "Test data object token";
- tobj[4].ulValueLen = strlen(tobj[4].pValue);
- tobj[5].type = CKA_APPLICATION;
- tobj[5].pValue = key;
- tobj[5].ulValueLen = key_len;
- tobj[6].type = CKA_VALUE;
- tobj[6].pValue = "Object token";
- tobj[6].ulValueLen = strlen(tobj[6].pValue);
-
- tsobj[0].type = CKA_CLASS;
- tsobj[0].pValue = &cko_data;
- tsobj[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- tsobj[1].type = CKA_TOKEN;
- tsobj[1].pValue = &true;
- tsobj[1].ulValueLen = sizeof(CK_BBOOL);
- tsobj[2].type = CKA_PRIVATE;
- tsobj[2].pValue = &false;
- tsobj[2].ulValueLen = sizeof(CK_BBOOL);
- tsobj[3].type = CKA_MODIFIABLE;
- tsobj[3].pValue = &true;
- tsobj[3].ulValueLen = sizeof(CK_BBOOL);
- tsobj[4].type = CKA_LABEL;
- tsobj[4].pValue = "Test data object token->session";
- tsobj[4].ulValueLen = strlen(tsobj[4].pValue);
- tsobj[5].type = CKA_APPLICATION;
- tsobj[5].pValue = key;
- tsobj[5].ulValueLen = key_len;
- tsobj[6].type = CKA_VALUE;
- tsobj[6].pValue = "Object token->session";
- tsobj[6].ulValueLen = strlen(tsobj[6].pValue);
-
- stobj[0].type = CKA_CLASS;
- stobj[0].pValue = &cko_data;
- stobj[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- stobj[1].type = CKA_TOKEN;
- stobj[1].pValue = &false;
- stobj[1].ulValueLen = sizeof(CK_BBOOL);
- stobj[2].type = CKA_PRIVATE;
- stobj[2].pValue = &false;
- stobj[2].ulValueLen = sizeof(CK_BBOOL);
- stobj[3].type = CKA_MODIFIABLE;
- stobj[3].pValue = &true;
- stobj[3].ulValueLen = sizeof(CK_BBOOL);
- stobj[4].type = CKA_LABEL;
- stobj[4].pValue = "Test data object session->token";
- stobj[4].ulValueLen = strlen(stobj[4].pValue);
- stobj[5].type = CKA_APPLICATION;
- stobj[5].pValue = key;
- stobj[5].ulValueLen = key_len;
- stobj[6].type = CKA_VALUE;
- stobj[6].pValue = "Object session->token";
- stobj[6].ulValueLen = strlen(stobj[6].pValue);
-
- ck_rv = epv->C_CreateObject(h, tobj, 7, &hTIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object token: handle = %lu\n", hTIn);
-
- ck_rv = epv->C_CreateObject(h, tsobj, 7, &hTSIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object token->session: handle = %lu\n", hTSIn);
- ck_rv = epv->C_CreateObject(h, stobj, 7, &hSTIn);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created object session->token: handle = %lu\n", hSTIn);
-
- /* I've created two token objects and one session object; find the two */
-
- mask[0].type = CKA_APPLICATION;
- mask[0].pValue = key;
- mask[0].ulValueLen = key_len;
- mask[1].type = CKA_TOKEN;
- mask[1].pValue = &true;
- mask[1].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 2) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- if( 2 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 2.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 2 objects: %lu, %lu\n",
- found[0], found[1]);
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- /* Convert a token to session object */
-
- delta[0].type = CKA_TOKEN;
- delta[0].pValue = &false;
- delta[0].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_SetAttributeValue(h, hTSIn, delta, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_SetAttributeValue(%lu, %lu, delta, 1) returned 0x%08x\n",
- h, hTSIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Changed object from token to session (handle = %lu).\n", hTSIn);
-
- /* Now find again; there should be one */
-
- mask[0].type = CKA_APPLICATION;
- mask[0].pValue = key;
- mask[0].ulValueLen = key_len;
- mask[1].type = CKA_TOKEN;
- mask[1].pValue = &true;
- mask[1].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 2) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- if( 1 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 1.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 1 objects: %lu\n",
- found[0]);
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- /* Convert a session to a token object */
-
- delta[0].type = CKA_TOKEN;
- delta[0].pValue = &true;
- delta[0].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_SetAttributeValue(h, hSTIn, delta, 1);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_SetAttributeValue(%lu, %lu, delta, 1) returned 0x%08x\n",
- h, hSTIn, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Changed object from session to token (handle = %lu).\n", hSTIn);
-
- /* Now find again; there should be two again */
-
- mask[0].type = CKA_APPLICATION;
- mask[0].pValue = key;
- mask[0].ulValueLen = key_len;
- mask[1].type = CKA_TOKEN;
- mask[1].pValue = &true;
- mask[1].ulValueLen = sizeof(CK_BBOOL);
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 2) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- (void)memset(&found, 0, sizeof(found));
- nFound = 0;
- ck_rv = epv->C_FindObjects(h, found, 10, &nFound);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu,, 10, ) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- if( 2 != nFound ) {
- PR_fprintf(PR_STDERR, "Found %lu objects, not 2.\n", nFound);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Found 2 objects: %lu, %lu\n",
- found[0], found[1]);
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- /* Delete the two (found) token objects to clean up */
-
- ck_rv = epv->C_DestroyObject(h, found[0]);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_DestroyObject(%lu, %lu) returned 0x%08x\n", h, found[0], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Destroyed token object (handle = %lu)\n", found[0]);
-
- ck_rv = epv->C_DestroyObject(h, found[1]);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_DestroyObject(%lu, %lu) returned 0x%08x\n", h, found[1], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Destroyed token object (handle = %lu)\n", found[1]);
-
- /* Close the session and all objects should be gone */
-
- ck_rv = epv->C_CloseSession(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CloseSession(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
- } /* if( tinfo.flags & CKF_WRITE_PROTECTED ) */
-
- if( tinfo.flags & CKF_WRITE_PROTECTED ) {
- PR_fprintf(PR_STDOUT, "Token is write protected, skipping leaving a record.\n");
- } else {
- CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
- CK_ATTRIBUTE record[7], mask[2];
- CK_OBJECT_CLASS cko_data = CKO_DATA;
- CK_BBOOL false = CK_FALSE, true = CK_TRUE;
- char *key = "TEST RECORD";
- CK_ULONG key_len = strlen(key);
- CK_OBJECT_HANDLE hin = (CK_OBJECT_HANDLE)0;
- char timebuffer[256];
-
- ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Opened a session: handle = 0x%08x\n", h);
-
- /* I can't believe how hard NSPR makes this operation */
- {
- time_t now = 0;
- struct tm *tm;
- time(&now);
- tm = localtime(&now);
- strftime(timebuffer, sizeof(timebuffer), "%Y-%m-%d %T %Z", tm);
- }
-
- record[0].type = CKA_CLASS;
- record[0].pValue = &cko_data;
- record[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- record[1].type = CKA_TOKEN;
- record[1].pValue = &true;
- record[1].ulValueLen = sizeof(CK_BBOOL);
- record[2].type = CKA_PRIVATE;
- record[2].pValue = &false;
- record[2].ulValueLen = sizeof(CK_BBOOL);
- record[3].type = CKA_MODIFIABLE;
- record[3].pValue = &true;
- record[3].ulValueLen = sizeof(CK_BBOOL);
- record[4].type = CKA_LABEL;
- record[4].pValue = "Test record";
- record[4].ulValueLen = strlen(record[4].pValue);
- record[5].type = CKA_APPLICATION;
- record[5].pValue = key;
- record[5].ulValueLen = key_len;
- record[6].type = CKA_VALUE;
- record[6].pValue = timebuffer;
- record[6].ulValueLen = strlen(timebuffer)+1;
-
- PR_fprintf(PR_STDOUT, " Timestamping with \"%s\"\n", timebuffer);
-
- ck_rv = epv->C_CreateObject(h, record, 7, &hin);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_CreateObject(%lu, tobj, 7, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- PR_fprintf(PR_STDOUT, " Created record object: handle = %lu\n", hin);
-
- PR_fprintf(PR_STDOUT, " == All test timestamps ==\n");
-
- mask[0].type = CKA_CLASS;
- mask[0].pValue = &cko_data;
- mask[0].ulValueLen = sizeof(CK_OBJECT_CLASS);
- mask[1].type = CKA_APPLICATION;
- mask[1].pValue = key;
- mask[1].ulValueLen = key_len;
-
- ck_rv = epv->C_FindObjectsInit(h, mask, 2);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsInit(%lu, mask, 1) returned 0x%08x\n",
- h, ck_rv);
- return 1;
- }
-
- while( 1 ) {
- CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0;
- CK_ULONG nObjects = 0;
- CK_ATTRIBUTE value[1];
- char buffer[1024];
-
- ck_rv = epv->C_FindObjects(h, &o, 1, &nObjects);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjects(%lu, , 1, ) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
-
- if( 0 == nObjects ) {
- PR_fprintf(PR_STDOUT, "\n");
- break;
- }
-
- value[0].type = CKA_VALUE;
- value[0].pValue = buffer;
- value[0].ulValueLen = sizeof(buffer);
-
- ck_rv = epv->C_GetAttributeValue(h, o, value, 1);
- switch( ck_rv ) {
- case CKR_OK:
- PR_fprintf(PR_STDOUT, " %s\n", value[0].pValue);
- break;
- case CKR_ATTRIBUTE_SENSITIVE:
- PR_fprintf(PR_STDOUT, " [Sensitive???]\n");
- break;
- case CKR_ATTRIBUTE_TYPE_INVALID:
- PR_fprintf(PR_STDOUT, " [Invalid attribute???]\n");
- break;
- case CKR_BUFFER_TOO_SMALL:
- PR_fprintf(PR_STDOUT, " (result > 1k (%lu))\n", value[0].ulValueLen);
- break;
- default:
- PR_fprintf(PR_STDERR, "C_GetAtributeValue(%lu, %lu, CKA_VALUE, 1) returned 0x%08x\n",
- h, o);
- return 1;
- }
- } /* while */
-
- ck_rv = epv->C_FindObjectsFinal(h);
- if( CKR_OK != ck_rv ) {
- PR_fprintf(PR_STDERR, "C_FindObjectsFinal(%lu) returned 0x%08x\n", h, ck_rv);
- return 1;
- }
- } /* "leaving a record" else clause */
-
- }
-
- PR_fprintf(PR_STDOUT, "\n");
- }
-
- return 0;
-}
diff --git a/security/nss/tests/platformlist b/security/nss/tests/platformlist
deleted file mode 100644
index ee3b5261e..000000000
--- a/security/nss/tests/platformlist
+++ /dev/null
@@ -1,13 +0,0 @@
-AIX_3_64_bit
-HP-UX_B.11.00_64_bit
-OSF1_V5.0
-RH_Linux_6.2_(Zoot)
-RH_Linux_7.1_(Seawolf)
-SunOS_5.6
-SunOS_5.8_32_bit
-SunOS_5.8_64_bit
-Windows-2000
-Windows-NT-4.0
-SunOS_5.8_i86pc
-SunOS_5.9_i86pc
-
diff --git a/security/nss/tests/platformlist.tbx b/security/nss/tests/platformlist.tbx
deleted file mode 100644
index 435284cff..000000000
--- a/security/nss/tests/platformlist.tbx
+++ /dev/null
@@ -1,14 +0,0 @@
-AIX_3_32_bit AIX4.3_DBG.OBJ AIX4.3_OPT.OBJ
-AIX_3_64_bit AIX4.3_DBG.OBJ AIX4.3_OPT.OBJ AIX4.3_64_DBG.OBJ AIX4.3_64_OPT.OBJ
-HP-UX_B.11.00_32_bit HP-UXB.11.00_DBG.OBJ HP-UXB.11.00_OPT.OBJ
-HP-UX_B.11.00_64_bit HP-UXB.11.00_DBG.OBJ HP-UXB.11.00_OPT.OBJ
-OSF1_V4.0 OSF1V4.0D_DBG.OBJ OSF1V4.0D_OPT.OBJ
-OSF1_V5.0 OSF1V5.0_DBG.OBJ OSF1V5.0_OPT.OBJ
-RH_Linux_6.2_(Zoot) Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.2_x86_glibc_PTH_OPT.OBJ
-RH_Linux_6.1_(Cartman) Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.2_x86_glibc_PTH_OPT.OBJ
-RH_Linux_6.0_(Hedwig) Linux2.2_x86_glibc_PTH_DBG.OBJ Linux2.2_x86_glibc_PTH_OPT.OBJ
-SunOS_5.6 SunOS5.6_DBG.OBJ SunOS5.6_OPT.OBJ
-SunOS_5.8_32_bit
-SunOS_5.8_64_bit
-Windows-2000 WINNT5.0_DBG.OBJ WINNT5.0_OPT.OBJ WIN954.0_DBG.OBJ WIN954.0_OPT.OBJ
-Windows-NT-4.0 WIN954.0_DBG.OBJ WIN954.0_OPT.OBJ WINNT4.0_DBG.OBJ WINNT4.0_OPT.OBJ
diff --git a/security/nss/tests/qa_stage b/security/nss/tests/qa_stage
deleted file mode 100755
index ca6335615..000000000
--- a/security/nss/tests/qa_stage
+++ /dev/null
@@ -1,320 +0,0 @@
-#! /bin/sh
-########################################################################
-#
-# /u/sonmi/bin/qa_stage - /u/svbld/bin/init/nss/qa_stage
-#
-# this script is supposed to convert the tinderbox and daily QA files
-# for use on mozilla.org
-#
-# parameters
-# ----------
-# nssversion (supported: 30b, 31, tip)
-# builddate (default - today)
-#
-########################################################################
-
-if [ -z "$BUILDNUMBER" ]
-then
- BUILDNUMBER=1
-fi
-if [ `uname` = "Linux" ] ; then
- PATH=".:/u/sonmi/bin:/u/sonmi/bin/linux:/usr/bsd:/usr/ucb/:/bin:/usr/bin:/usr/ccs/bin:/usr/sbin:/usr/bin/X11:/usr/etc:/etc:/usr/demos:/usr/demos/bin:/usr/local/bin:/usr/local/X11/bin:/tools/ns/bin"
- export PATH
-fi
-
-Echo()
-{
- if [ "$O_SILENT" = "OFF" ] ; then
- echo $*
- fi
-}
-
-################################### qa_stage_init ##########################
-#
-########################################################################
-qa_stage_init()
-{
- umask 000
-
- eval_opts $*
-
- if [ -z "${QAYEAR}" ] ; then
- QAYEAR=`date +%Y`
- elif [ "$QAYEAR" = "" ] ; then
- QAYEAR=`date +%Y`
- fi
-
- Echo "Init..."
- DAYBUILD=${QAYEAR}${BUILDDATE}.${BUILDNUMBER}
- NSS_D0=/share/builds/mccrel/nss
- NSS_VER_DIR=${NSS_D0}/nss${NSSVER}
- NTDIST=${NSS_VER_DIR}/builds/${DAYBUILD}/blowfish_NT4.0_Win95/mozilla/dist
- UXDIST=${NSS_VER_DIR}/builds/${DAYBUILD}/booboo_Solaris8/mozilla/dist
- TESTSCRIPTDIR=${NSS_VER_DIR}/builds/${DAYBUILD}/booboo_Solaris8/mozilla/security/nss/tests
- RESULTDIR=${NSS_VER_DIR}/builds/${DAYBUILD}/booboo_Solaris8/mozilla/tests_results/security
- TBX_RESULTDIR=${NSS_D0}/nsstip/tinderbox/tests_results/security
-
- MOZ_D0=/pub/security/nss
- MOZ_RESULTDIR=${MOZ_D0}/daily_qa/${DAYBUILD}
- MOZ_TBX_RESULTDIR=${MOZ_D0}/tinderbox
-
- export BUILDDATE NSSVER QAYEAR NTDIST UXDIST TESTSCRIPTDIR RESULTDIR
-
-
- IPLANET_TBX_URL="http://cindercone.red.iplanet.com${TBX_RESULTDIR}"
- IPLANET_DQA_URL="http://cindercone.red.iplanet.com${RESULTDIR}"
-
- MOZ_TBX_URL="ftp://ftp.mozilla.org${MOZ_TBX_RESULTDIR}"
- MOZ_DQA_URL="ftp://ftp.mozilla.org${MOZ_RESULTDIR}"
-
- export IPLANET_TBX_URL IPLANET_DQA_URL MOZ_TBX_URL MOZ_DQA_URL
- STAGE_1=/u/sonmi/tmp/ftp_stage
-
- if [ ! -d $STAGE_1 ] ; then
- Echo "Staging area daily QA (DQA): $DQA_STAGE does not exist, exit"
- exit 1
- fi
- cd $STAGE_1 || (Echo "Cant cd to $STAGE_1 , exit"; exit)
- rm all.tar* 2>/dev/null
- TBX_STAGE=$STAGE_1/tinderbox
- DQA_STAGE=$STAGE_1/daily_qa/${DAYBUILD}
- Echo "Staging area tbx: $TBX_STAGE"
- Echo "Staging area daily QA (DQA): $DQA_STAGE"
- Echo "Resultdir (sourcedir) for daily QA (RESULTDIR): $RESULTDIR"
-}
-
-################################### qa_stage_dqa ##########################
-#
-########################################################################
-qa_stage_dqa()
-{
- Echo "DQA:..."
- Echo "Resultdir (sourcedir) for daily QA (RESULTDIR): $RESULTDIR"
-#set -x
- if [ ! -d $RESULTDIR ] ; then
- Echo "Resultdir $RESULTDIR does not exist, can't push daily QA"
- return
- fi
- cd $RESULTDIR || return
- #for w in `find . -name "result*html"`
- for w in `find . -name "result.html"`
- do
- if [ ! -d $DQA_STAGE/`dirname $w` ] ; then
- mkdir -p $DQA_STAGE/`dirname $w`
- fi
- rm $DQA_STAGE/$w 2>/dev/null
- cat $w | reformat_qa >$DQA_STAGE/$w
- done
- for w in `find . -name "output.log" -o -name "results.html"`
- do
-#echo $w
- if [ ! -d $DQA_STAGE/`dirname $w` ] ; then
- mkdir -p $DQA_STAGE/`dirname $w`
- fi
- cp $w $DQA_STAGE/$w
- done
-}
-
-
-################################### qa_stage_tbx ##########################
-#
-########################################################################
-qa_stage_tbx()
-{
- Echo "tbx: "
- if [ ! -d $TBX_RESULTDIR ] ; then
- Echo "TBX_RESULTDIR $TBX_RESULTDIR does not exist"
- return
- fi
- cd $TBX_RESULTDIR || return
- Echo "find from $TBX_FIND_FROM"
- for w in `find $TBX_FIND_FROM -name "result.html"`
- do
- if [ ! -d $TBX_STAGE/`dirname $w` ] ; then
- mkdir -p $TBX_STAGE/`dirname $w`
- fi
- rm $TBX_STAGE/$w 2>/dev/null
- cat $w | reformat_qa >$TBX_STAGE/$w
- done
- for w in `find $TBX_FIND_FROM -name "output.log" -o -name "results.html"`
- do
- if [ ! -d $TBX_STAGE/`dirname $w` ] ; then
- mkdir -p $TBX_STAGE/`dirname $w`
- fi
- cp $w $TBX_STAGE/$w
- done
-}
-
-match_tbxdirs()
-{
- YY=`date +%Y`
- DD=`date +%d`
- MM=`date +%m`
- HH=`date +%H`
-
- TBX_FIND_FROM="*-$YY$MM$DD-$HH.*"
- i=$1
- while [ $i -gt 0 ] ; do
- i=`expr $i - 1`
- HH=`expr $HH - 1`
- if [ $HH -lt 0 ] ; then
- HH=23
- DD=`expr $DD - 1`
- if [ $DD -eq 0 ] ; then
- MM=`expr $MM - 1`
- case $MM in
- 0)
- YY=`expr $YY - 1`
- MM=12
- DD=31
- ;;
- [13578]|10|12)
- DD=31
- ;;
- 2)
- DD=28
- ;;
- [469]|11)
- DD=30
- ;;
- esac
- fi
- fi
- case $MM in
- [123456789])
- MM=0$MM
- ;;
- esac
- case $DD in
- [123456789])
- DD=0$DD
- ;;
- esac
- case $HH in
- [0123456789])
- HH=0$HH
- ;;
- esac
- TBX_FIND_FROM="$TBX_FIND_FROM *-$YY$MM$DD-$HH.*"
- done
-}
-
-################################### eval_opts ##########################
-# global shell function, evapuates options and parameters, sets flags
-# variables and defaults
-########################################################################
-eval_opts()
-{
- DO_TBX=OFF
- DO_DQA=OFF
- DO_CLEAN=OFF
- O_SILENT=OFF
- O_INCREMENTAL=OFF
- O_MAIL=OFF
- BUILDDATE=`date +%m%d`
- NSSVER=tip
-
- TBX_FIND_FROM="."
-
- while [ -n "$1" ]
- do
- case $1 in
- -d)
- DO_DQA=ON
- ;;
- -m)
- O_MAIL=ON
- shift
- MAILINGLIST=$1
- if [ -z "$MAILINGLIST" ]
- then
- echo "Error: -m requires a mailinglist to follow, for example sonmi@iplanet.com"
- exit
- fi
- ;;
- -ti)
- DO_TBX=ON
- match_tbxdirs 2
- O_INCREMENTAL=ON
- ;;
- -t)
- DO_TBX=ON
- ;;
- -c)
- DO_CLEAN=ON
- ;;
- -s)
- O_SILENT=ON
- ;;
-
- tip|3[0-9]*)
- NSSVER=$1
- ;;
- [01][0-9][0-3][0-9])
- BUILDDATE=$1
- ;;
- esac
- shift
- done
-}
-
-qa_stage_init $*
-
-if [ "$DO_CLEAN" = "ON" ] ; then
- Echo "Cleaning old stuff"
- if [ ! -d $STAGE_1 ] ; then
- Echo "Staging area daily QA (DQA): $DQA_STAGE does not exist, exit"
- exit 1
- fi
- cd $STAGE_1 || (Echo "Cant cd to $STAGE_1 , exit"; exit)
- if [ -n "$TBX_STAGE" -a -d "$TBX_STAGE" ] ; then
- rm -rf $TBX_STAGE/*
- else
- Echo "nothing here to clean..."
- fi
-fi
-if [ "$DO_DQA" = "ON" ] ; then
- qa_stage_dqa
- if [ "$O_MAIL" = "ON" -a -f "$DQA_STAGE/result.html" ] ; then
- cat $DQA_STAGE/result.html | /usr/sbin/sendmail $MAILINGLIST
- fi
-fi
-if [ "$DO_TBX" = "ON" ] ; then
- qa_stage_tbx
-fi
-if [ ! -d $STAGE_1 ] ; then
- Echo "Staging area daily QA (DQA): $DQA_STAGE does not exist, exit"
- exit 1
-fi
-cd $STAGE_1 || (Echo "Cant cd to $STAGE_1 , exit"; exit)
-Echo "tar..."
-if [ "$O_SILENT" = "ON" ] ; then
- tar cf all.tar daily_qa tinderbox
-else
- tar cvf all.tar daily_qa tinderbox
-fi
-gzip all.tar
-SSH_AUTH_SOCK=`grep SSH_AUTH_SOCK /u/sonmi/.ssh/ssh-agent.info | sed -e 's/setenv SSH_AUTH_SOCK //' -e 's/;//'`
-SSH_AGENT_PID=`grep SSH_AGENT_PID /u/sonmi/.ssh/ssh-agent.info | sed -e 's/setenv SSH_AGENT_PID //' -e 's/;//'`
-export SSH_AUTH_SOCK SSH_AGENT_PID
-if [ "$O_SILENT" = "OFF" ] ; then
- set -x
- scp all.tar.gz sonmi@stage.mozilla.org:/home/ftp/pub/security/nss
- ssh -l sonmi stage.mozilla.org '/home/sonmi/bin/nssqa_stage '
-else
- scp all.tar.gz sonmi@stage.mozilla.org:/home/ftp/pub/security/nss >/dev/null 2>/dev/null
- ssh -l sonmi stage.mozilla.org '/home/sonmi/bin/nssqa_stage ' >/dev/null 2>/dev/null
-fi
-
-#" rlogin huey "
-#" sftp sonmi@stage.mozilla.org"
-#" cd /home/ftp/pub/security/nss"
-#" lcd tmp/ftp_stage"
-#" put all.tar.gz"
-#" quit "
-#" ssh -l sonmi stage.mozilla.org"
-#" cd /home/ftp/pub/security/nss"
-#" gunzip all.tar.gz"
-#" tar xvf all.tar"
-#" rm all.tar"
-
diff --git a/security/nss/tests/qa_stat b/security/nss/tests/qa_stat
deleted file mode 100755
index 2992b7166..000000000
--- a/security/nss/tests/qa_stat
+++ /dev/null
@@ -1,933 +0,0 @@
-#! /bin/sh
-########################################################################
-#
-# /u/sonmi/bin/qa_stat - /u/svbld/bin/init/nss/qa_stat
-#
-# this script is supposed to automatically run QA for NSS on all required
-# Unix platforms
-#
-# parameters
-# ----------
-# nssversion (supported: 30b, 31, tip)
-# builddate (default - today)
-#
-# options
-# -------
-# -y answer all questions with y - use at your own risk...ignores warnings
-# -s silent (only usefull with -y)
-# -h, -? - you guessed right - displays this text
-# -d debug
-# -f <filename> - write the (error)output to filename
-# -m <mailinglist> - send filename to mailinglist (csl) only useful
-# with -f
-# -cron equivalient to -y -s -d -f $RESULTDIR/$HOST.qa_stat
-#
-########################################################################
-
-O_OPTIONS=ON
-
-TBX_EXIT=49 # in case we are running on a tinderbox build, any
- # early exit needs to return an error
-if [ -z "$O_TBX" -o "$O_TBX" = "OFF" ] ; then
- if [ -z "$O_LOCAL" -o "$O_LOCAL" = "OFF" ] ; then
- . `dirname $0`/header
- fi
-fi
-Debug "Sourced header O_TBX=$O_TBX O_LOCAL=$O_LOCAL"
-TBX_EXIT=48
-EARLY_EXIT=TRUE
-
-URL="cindercone.red.iplanet.com"
-
-DOCDIR=/u/sonmi/doc
-
-HTML_ERRORCOLOR=\"#FF0000\"
-HTML_ERRORMSG=Failed
-
-HTML_MISSINGCOLOR=\"#FFFFCC\"
-HTML_MISSINGMSG=Missing
-
-HTML_INCOMPLETECOLOR=$HTML_MISSINGCOLOR
-HTML_INCOMPLETEMSG=Incomplete
-
-HTML_PASSEDCOLOR=\"#66FF99\"
-HTML_PASSEDMSG=Passed
-
-# this file is used to deal with hanging rsh - a new shell is started
-# for each rsh, and a function is called after it is finished - they
-# communicate with this file
-
-RSH_FILE=$TMP/rsh.$$
-echo >$RSH_FILE
-TMPFILES="$TMPFILES $WARNINGLIST $RSH_FILE "
-RSH_WAIT_TIME=80 #maximum time allowed for the 2 rsh to finish...
-#TOTAL_TESTS=106
-TOTAL_TESTS=123 #3.3.2
-BCT_TOTAL_TESTS=122 #3.2.2
-#TOTAL_TESTS=133 #tip
-
-Debug "NTDIST $NTDIST"
-Debug "UXDIST $UXDIST"
-Debug "TESTSCRIPTDIR $TESTSCRIPTDIR"
-Debug "RESULTDIR $RESULTDIR"
-
-############################### watch_rsh ##############################
-# local shell function, deals with a hanging rsh (kills it...)
-# this function is started as a backgroundprocess before the rsh is started,
-# and writes info to the RSH_FILE, after the rsh is finished it writes finish
-# info to the same file (this time called as a function, forground).
-# the backgroundprocess stays around for RSH_WAIT_TIME, if then the finish
-# information is not there attempts to kill the rsh
-#
-# watch_rsh start qa_computername &
-# watch_rsh stop qa_computername
-#
-########################################################################
-watch_rsh()
-{
- case $1 in
- start)
- echo "$2 started" >>$RSH_FILE
- sleep $RSH_WAIT_TIME
- O_ALWAYS_YES=ON # may modify global flags because this is a
- # forked off bg process - kill_by_name otherwise
- # will ask the user if it really should be killed
- grep "$2 finished" $RSH_FILE >/dev/null || kill_by_name "rsh $2"
- exit
- ;;
- stop)
- echo "$2 finished" >>$RSH_FILE
- ;;
- esac
-}
-
-############################### find_qa_systems ########################
-# local shell function, tries to determine the QA operating system
-# works remotely, and for Windows machines
-########################################################################
-find_qa_systems()
-{
-for QA_SYS in `ls $RESULTDIR | grep '\.1$' | sed -e "s/\..*//" | sort -u`
-do
- NO_RSH="FALSE"
- QA_OS=""
- QA_RHVER=""
- IS_64=""
- IS_WIN=""
-
- grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa >/dev/null && NO_RSH=TRUE
-
- if [ "$NO_RSH" = "TRUE" ]
- then
-
- QA_OS=`grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa | sort -u | sed \
- -e "s/.*-OS-LINE: /${QA_SYS}/"`
- QA_OS_STRING=`echo $QA_OS | sed -e "s/^[_ ]//" -e "s/ /_/g"`
- echo $QA_OS_STRING >>$PLATFORMLIST
- if [ "$O_SILENT" != ON ] ; then
- echo $QA_OS
- fi
-
- #grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa | sort -u | sed \
- #-e "s/.*-OS-LINE: /${QA_SYS}_/" >>$PLATFORMLIST
- #if [ "$O_SILENT" != ON ] ; then
- #grep OS-LINE ${RESULTDIR}/${QA_SYS}.nssqa | sort -u | sed \
- #-e "s/.*-OS-LINE:/${QA_SYS}/"
- #fi
- else
- REM_SYSNAME=$QA_SYS
- watch_rsh start $REM_SYSNAME &
- qa_stat_get_sysinfo $QA_SYS
- watch_rsh stop $REM_SYSNAME
- echo $QA_OS_STRING >>$PLATFORMLIST
- # use later for missing list
- fi
-done
-
-}
-
-################################### qa_stat_init ##########################
-# local shell function, sets the name of the resultfile to:
-# <filename> if option -f <filename>
-# $RESULTDIR/result if write permission
-# (mozilla/tests_results/security/result)
-# $HOME/resultNSS${NSSVER}-${BUILDDATE} if no write permission in $RESULTDIR
-########################################################################
-qa_stat_init()
-{
- if [ $O_FILE = ON -a $O_CRON = OFF ] # if -f was specified write there
- then
- RFILE=$FILENAME
- else
- RFILE=${RESULTDIR}/result.$$
- if [ ! -w $RESULTDIR ]
- then
- RFILE=$HOME/resultNSS${NSSVER}-${BUILDDATE}.$$
- Debug "Using alternate resultfile $RFILE"
- #elif [ $O_CRON = ON ]
- #then
- ##find ${RESULTDIR} -exec chmod a+rw {} \; #FIXME - umask
- ##doesn't seem to work - this is a tmp workaround
- fi
-
- if [ ! -x $RESULTDIR -o ! -r $RESULTDIR -o ! -w $RESULTDIR ]
- then
- glob_usage "$RESULTDIR does not have the right permissions `ls -l $RESULTDIR`"
- fi
- if [ -d $RESULTDIR ]
- then
- cd $RESULTDIR
- else
- glob_usage "$RESULTDIR does not exist"
- fi
- fi
-
- ERRORLIST=${RFILE}.E
- PLATFORMLIST=${RFILE}.P
- PERFLIST=${RFILE}.PE
- TMP_HTML_FILE=${RFILE}.html
- HTML_FILE=${RESULTDIR}/result.html
- WARNINGLIST=${RFILE}.W
- BCMISSINGLIST=${RFILE}.BCM
- BCERRORLIST=${RFILE}.BCE
- TMPFILE=${RFILE}.T
- ML_FILE=${RFILE}.ML
-
- TMPFILES="$TMPFILES $TMPFILE"
- TMPFILES="$TMPFILES $ERRORLIST $PLATFORMLIST $PERFLIST $WARNINGLIST \
- $BCMISSINGLIST $BCERRORLIST $ML_FILE" #FIXME uncomment
-
- FILENAME=$RFILE #we might want to mail it...later switch to html file
- O_FILE="ON"
-
- rm $ERRORLIST $PLATFORMLIST $PERFLIST $WARNINGLIST \
- $BCMISSINGLIST $BCERRORLIST $TMP_HTML_FILE 2>/dev/null
- touch $ERRORLIST $PLATFORMLIST $PERFLIST $WARNINGLIST \
- $BCMISSINGLIST $BCERRORLIST $TMP_HTML_FILE 2>/dev/null
-
- if [ $O_WIN = "ON" -a "$O_TBX" = "ON" ] ; then
- HTML_PATH="http://${URL}${UX_D0}/nss${NSSVER}/tinderbox/tests_results/security/`basename $RESULTDIR`"
- else
- HTML_PATH="http://${URL}${RESULTDIR}"
- fi
- HREF_TMP_HTML_FILE="${HTML_PATH}/`basename $HTML_FILE`"
-
- write_qa_header_html >$TMP_HTML_FILE
-}
-
-################################# html_footer #########################
-# local shell function, writes end of the html body
-#######################################################################
-write_qa_header_html()
-{
-echo 'Subject: QA Report ' $NSSVER $BUILDDATE '
-From: sonmi@iplanet.com
-Reply-To: sonmi@iplanet.com
-Content-Type: text/html; charset=us-ascii
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<html>
-<head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <meta name="GENERATOR" content="Mozilla/4.7 [en] (X11; U; SunOS 5.8 sun4u) [N
-etscape]">
-</head>
-<body>
-<br>
-&nbsp;
-<br>&nbsp;
-<h2>
-<a href="http://tinderbox.mozilla.org/showbuilds.cgi?tree=NSS">Tinderbox</a
-><br>
-<a href="http://cindercone.red.iplanet.com/share/builds/mccrel/nss/nsstip/tinderbox/tests_results/security/">Tinderbox QA&nbsp;result</a><br>
-<a href="ftp://ftp.mozilla.org/pub/security/nss/daily_qa">Mozilla Daily NSS QA&nbsp;result</a></h2>
-&nbsp;
-
-&nbsp;
-<br>&nbsp;
-<center>
-<h1>
-<a NAME="Top"></a><b><font size=+2>QA&nbsp;Results</font></b></h1></center>
-
-
-<table BORDER WIDTH="100%" NOSAVE >
-<tr>
-<td>&nbsp;<b><font size=+1>Build-OS and version</font></b></td>
-<td><b><font size=+1>QA-OS</font></b></td>
-<td><b><font size=+1>Systemname</font></b></td>
-<td><b><font size=+1>P/F</font></b></td>
-<td><b><font size=+1>result</font></b></td>
-<td><b><font size=+1>output</font></b></td>
-<td><b><font size=+1>errors</font></b></td>
-<td><b><font size=+1>QA time / #</font></b></td>
-</tr>
-'
-}
-
-################################# html_footer #########################
-# local shell function, writes end of the html body
-#######################################################################
-html_footer()
-{
- echo '</body>'
- echo '</html>'
-}
-
-################################# setQAsysvars #########################
-# local shell function, sets system specific variables
-########################################################################
-setQAsysvars()
-{
- if [ "$MACHINE" != "0" ]
- then
- MACHINE=`echo $MACHINE | sed -e 's/^bct.//g'`
- TESTDATE=`ls -ld $MACHINE | awk '{ print $6, $7, $8 }'`
- TESTNUMBER=`echo $MACHINE | sed -e 's/.*\.//'`
- SYSNAME=`echo $MACHINE | sed -e 's/\..*//'`
- Debug "SYSNAME= $SYSNAME"
-
- if [ "$O_TBX" = "ON" -o "$O_LOCAL" = "ON" ] ; then
- QA_SYS_OS=$QA_OS
- else
- QA_SYS_OS=`grep $SYSNAME $PLATFORMLIST |
- sed -e 's/ //' | \
- sort | uniq | sed -e "s/$SYSNAME//" \
- -e "s/^_//" | sort | uniq`
- fi
- Debug "QA_SYS_OS= $QA_SYS_OS"
- fi
- BUILD_SYS=`echo $BUILDPLATFORM | sed -e 's/\.OBJ//' -e 's/_DBG/ Debug/' \
- -e 's/_OPT/ Optimized/' -e 's/_64/ 64bit/' -e 's/_glibc_PTH//' \
- -e 's/_/ /'`
- Debug "BUILD_SYS=$BUILD_SYS"
- if [ -f "${RESULTDIR}/${MACHINE}/results.html" ] ; then
- RESULT="${HTML_PATH}/${MACHINE}/results.html"
- else
- RESULT="0"
- fi
- if [ -f "${RESULTDIR}/bct/${MACHINE}/results.html" ] ; then
- BCB_RESULT="${HTML_PATH}/bct/${MACHINE}/results.html"
- else
- BCB_RESULT="0"
- fi
-
- if [ -f "${RESULTDIR}/${MACHINE}/output.log" ] ; then
- LOG="${HTML_PATH}/${MACHINE}/output.log"
- else
- LOG="0"
- fi
- if [ -f "${RESULTDIR}/bct/${MACHINE}/output.log" ] ; then
- BCB_LOG="${HTML_PATH}/bct/${MACHINE}/output.log"
- else
- BCB_LOG="0"
- fi
-}
-
-################################# html_line() #########################
-# local shell function, writes a line in the html table
-########################################################################
-html_line()
-{
- echo '<tr NOSAVE>'
- echo '<td NOSAVE>'$BUILD_SYS'</td>'
- echo ''
- if [ "$QA_SYS_OS" != "0" ] ; then
- echo '<td NOSAVE>'$QA_SYS_OS'</td>'
- else
- echo '<td></td>'
- fi
- echo ''
- if [ "$SYSNAME" != "0" ] ; then
- echo '<td>'$SYSNAME'</td>'
- else
- echo '<td></td>'
- fi
- #echo '<td>'$SYSNAME $TESTNUMBER $TESTDATE'</td>'
- echo ''
- # hopefully we never run more different tests on a tinderbox build...
- # on win some shells can not handle exit codes greater then 52 (64???)
- # so for very early exits the codes are set 50-45, for failures later
- # in the process the higher the number, the more failures
- if [ "$O_TBX" = "ON" -a "$TBX_EXIT" -gt 45 ] ; then
- TBX_EXIT=0
- fi
- if [ "$1" = "failed" ]
- then
- TBX_EXIT=`expr $TBX_EXIT + 1`
- echo '<td BGCOLOR='$HTML_ERRORCOLOR' NOSAVE><b>'$HTML_ERRORMSG'</b></td>'
- elif [ "$1" = "passed" ]
- then
- echo '<td BGCOLOR='$HTML_PASSEDCOLOR' NOSAVE>'$HTML_PASSEDMSG'</td>'
- elif [ "$1" = "incomplete" ]
- then
- TBX_EXIT=`expr $TBX_EXIT + 1`
- echo '<td BGCOLOR='$HTML_INCOMPLETECOLOR' NOSAVE>'$HTML_INCOMPLETEMSG'</td>'
- else
- TBX_EXIT=`expr $TBX_EXIT + 1`
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- fi
- if [ "$CURRENT_TABLE" != "BC" ] ; then
- if [ "$RESULT" = "0" ] ; then
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- else
- echo '<td>&nbsp;<a href="'$RESULT'">result</a>&nbsp;</td>'
- fi
- if [ "$LOG" = "0" ] ; then
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- else
- echo '<td>&nbsp;<a href="'$LOG'">log</a>&nbsp;</td>'
- fi
- if [ "$1" = "failed" ] ; then
- echo '<td>&nbsp;<a href="'${HREF_TMP_HTML_FILE}'#errorlist">error</a>&nbsp;</td>'
- else
- echo '<td></td>'
- fi
- else
- #<td><b><font size=+1>errors</font></b></td>
- #<td><b><font size=+1>P/F</font></b></td>
- #<td><b><font size=+1>P/F</font></b></td>
-
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>old dlls</font></b></td>'
- #echo '<td><b><font size=+1>old executables</font></b></td>'
- #if [ "$RESULT" != "0" -a "$LOG" != "0" ] ; then
- #echo '<td><a href="'$RESULT'">result</a>, <a href="'$LOG'">log</td>'
- #elif [ "$RESULT" = "0" -a "$LOG" != "0" ] ; then
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$LOG'">log</a></td>'
- #elif [ "$RESULT" != "0" -a "$LOG" = "0" ] ; then
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$RESULT'">result</a></td>'
- #else
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- #fi
- #if [ "$BCB_RESULT" != "0" -a "$BCB_LOG" != "0" ] ; then
- #echo '<td><a href="'$BCB_RESULT'">result</a>, <a href="'$BCB_LOG'"> log</td>'
- #elif [ "$BCB_RESULT" = "0" -a "$BCB_LOG" != "0" ] ; then
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$BCB_LOG'">log</a></td>'
- #elif [ "$BCB_RESULT" != "0" -a "$BCB_LOG" = "0" ] ; then
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE><a href="'$BCB_RESULT'">result</a></td>'
- #else
- #echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- #fi
- if [ "$BCB_RESULT" = "0" ] ; then
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- else
- echo '<td>&nbsp;<a href="'$BCB_RESULT'">result</a>&nbsp;</td>'
- fi
- if [ "$BCB_LOG" = "0" ] ; then
- echo '<td BGCOLOR='$HTML_MISSINGCOLOR' NOSAVE>'$HTML_MISSINGMSG'</td>'
- else
- echo '<td>&nbsp;<a href="'$BCB_LOG'">log</a>&nbsp;</td>'
- fi
- fi
- echo '<td>'$TESTDATE $TESTNUMBER'</td>'
- echo '</tr>'
-}
-
-################################# qa_errorlist #########################
-# local shell function, finds problems in the previously run QA
-# linux:the gnu grep, on Linux can output 10 lines above and 3 lines below
-# the errormessage
-########################################################################
-qa_errorlist()
-{
- grep "bgcolor=red" ${MACHINES_TO_CHECK}*/results.html |
- sed -e 's/.results.html:<TR><TD>/ /' -e 's/<[^>]*>/ /g'
- grep 'cache hits; .* cache misses, .* cache not reusable' \
- ${MACHINES_TO_CHECK}*/output.log |
- grep -v selfserv |
- grep -v '0 cache hits; 1 cache misses, 0 cache not reusable' |
- grep -v '0 cache hits; 0 cache misses, 0 cache not reusable' |
- grep -v ' cache hits; 1 cache misses, 0 cache not reusable'
- grep -vi "write to SSL socket" ${MACHINES_TO_CHECK}*/output.log |
- grep -vi "HDX PR_Read returned error" |
- grep -vi "no error" |
- grep -vi "12285" |
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP error
- #grep -vi "5938" | needed for -v option
- #grep -vi "HDX PR_Read hit EOF" |
- grep -vi "write to SSL socket" ${MACHINES_TO_CHECK}*/output.log |
- grep -vi "peer cannot verify" |
- grep -vi "error" |
- grep -vi "fatal" |
- grep -vi "TCP connection reset" |
- grep $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i failed
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "segmentation violation" \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "memory fault" \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "bus error" \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "core dumped" \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP fatal \
- ${MACHINES_TO_CHECK}*/output.log
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i\
- "PKCS12 decode not verified" ${MACHINES_TO_CHECK}*/output.log
-
- if [ -n "${MACHINES_TO_CHECK}" ] ; then
- find ${MACHINES_TO_CHECK}* -name core -print 2>/dev/null |
- grep -v bct
- else
- find . -name core -print 2>/dev/null |
- grep -v bct
- fi
-}
-
-tbx_missing_platforms ()
-{
- QA_MISSING="QA report missing"
- MACHINE="0"
-
- if [ "$QA_OS_STRING" = "WINNT4.0" ] ; then
- QA_OS_STRING="Windows-NT-4.0"
- fi
- for BUILDPLATFORM in `grep $QA_OS_STRING $TESTSCRIPTDIR/platformlist.tbx`
- do
- if [ "$BUILDPLATFORM" != "$QA_OS_STRING" ] ; then
- Debug "BUILDPLATFORM = $BUILDPLATFORM QA_OS_STRING = $QA_OS_STRING"
- grep $BUILDPLATFORM ${MACHINES_TO_CHECK}*/results.html \
- >/dev/null || {
- setQAsysvars
- html_line missing >>$TMP_HTML_FILE
- }
- fi
- done
-}
-
-############################ platform _list ###########################
-# local shell function, generate pass/fail information for each Platform
-########################################################################
-platformlist()
-{
- grep Platform ${MACHINES_TO_CHECK}*/results.html |
- sed -e 's/.results.html:<H4>Platform: /---/' \
- -e 's/<BR>//' >$TMPFILE
- # this is done a little complicated to avoid starting a subshell in
- # a while read that gets the input from a pipeline, and variables set
- #in or underneath this function get unset after done...
- for MB in `cat $TMPFILE` ; do
- MACHINE=`echo $MB | sed -e "s/---.*//"`
- BUILDPLATFORM=`echo $MB | sed -e "s/.*---//"`
- grep "${MACHINE}[^0-9]" $ERRORLIST >/dev/null
- ret=$?
- setQAsysvars
- if [ $ret -eq 0 ]
- then
- echo "Failed $MACHINE $BUILDPLATFORM" >>$RFILE
- html_line failed >>$TMP_HTML_FILE
- else
- echo "Passed $MACHINE $BUILDPLATFORM" >>$RFILE
- html_line passed >>$TMP_HTML_FILE
- fi
- done
-}
-
-############################ missing_platforms ###########################
-# local shell function, finds out if we ran on all required platforms
-########################################################################
-missing_platforms()
-{
- QA_MISSING="QA report missing"
- MACHINE="0"
- SYSNAME="0"
- QA_SYS_OS="0"
-
- for BUILDPLATFORM in `cat $TESTSCRIPTDIR/platformlist`
- do
- grep $BUILDPLATFORM $PLATFORMLIST > /dev/null || {
- setQAsysvars
- html_line missing >>$TMP_HTML_FILE
- }
- done
-}
-
-############################ incomplete_results ###########################
-# local shell function, finds out if all qa runs were complete
-########################################################################
-incomplete_results ()
-{
-
- for w in `ls ${MACHINES_TO_CHECK}*/results.html`
- do
- grep bgcolor=red $w || {
- PASSED_LINES=""
- PASSED_LINES=`grep bgcolor=lightGreen $w | wc -l`
- if [ -n "$PASSED_LINES" -a "$PASSED_LINES" -lt "$TOTAL_TESTS" ] ; then
- BUILDPLATFORM=`grep Platform $w | sed -e 's/<H4>Platform:/ /' -e 's/<BR>//'`
- MACHINE=`echo $w | sed -e "s/.results.html//"`
- #MACHINE=`echo $w | sed -e "s/\.[0-9]*.results.html//"`
- setQAsysvars
- html_line incomplete >>$TMP_HTML_FILE
- elif [ "$PASSED_LINES" -gt "$TOTAL_TESTS" ] ; then
- echo "WARNING - more tests than expected on $w ($PASSED_LINES)" >>$WARNINGLIST
- fi
- }
- done
-}
-
-qa_stat_table()
-{
- echo '&nbsp;'
- echo '<br>&nbsp;'
- echo '<center>'
- echo '<h1>'
- echo '<a NAME="'$1'"></a>'$1'</h1></center>'
- echo '&nbsp;'
- echo '<table BORDER WIDTH="100%" NOSAVE >'
- echo '<tr NOSAVE>'
-}
-
-############################### psaperf ########################
-# local shell function, copies results of the daily performance test
-# into a table in the QA report
-########################################################################
-rsaperf()
-{
- grep RSAPERF */output.log | grep -v "_DBG" > $PERFLIST
-
- qa_stat_table "Performance list"
-
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1># of iterations</font></b></td>'
- echo '<td><b><font size=+1>average for one op</font></b></td>'
- echo '<td><b><font size=+1>Total</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
- cat $PERFLIST |
- while read MACHINE BUILDPLATFORM no_iter t1 t2 total total_unit t3 \
- t4 t5 average average_unit
- do
- #caution subshell, variables local to this loop
- BUILD_SYS=`echo $BUILDPLATFORM | sed -e 's/\.OBJ//' \
- -e 's/_DBG/ Debug/' \
- -e 's/_OPT/ Optimized/' -e 's/_64/ 64bit/' -e 's/_glibc_PTH//' \
- -e 's/_/ /'`
- TESTNUMBER=`echo $MACHINE | sed -e 's/[^\.]*\.//' -e 's/\/.*//'`
- MACHINE=`echo $MACHINE | sed -e 's/\..*//'`
- TESTDATE=`ls -ld ${MACHINE}.${TESTNUMBER} | awk '{ print $6, $7, $8 }'`
- echo '<tr>'
- echo '<td>'$BUILD_SYS'</td>'
- echo ''
- echo '<td>'$MACHINE'</td>'
- echo ''
- echo '<td>'$no_iter'</td>'
- echo ''
- echo '<td>'$average' '$average_unit'</td>'
- echo ''
- echo '<td>'$total' '$total_unit'</td>'
- echo ''
- echo '<td>'$TESTDATE $TESTNUMBER'</td>'
- echo ''
- echo '</tr>'
- done
- echo '</table>'
-}
-
-############################### qa_stat_cleanup ########################
-# local shell function, finishes html file, sets variables for global Exit
-########################################################################
-qa_stat_cleanup()
-{
-
- html_footer >>$TMP_HTML_FILE
-
- O_DEBUG=OFF
-
- EARLY_EXIT=FALSE
- cp $TMP_HTML_FILE $HTML_FILE
- FILENAME=$HTML_FILE #we might want to mail it...
- Exit
-}
-
-
-############################### bc_test ########################
-# local shell function, evaluates the results of the backward u
-# compatibility tests
-########################################################################
-bc_header()
-{
-CURRENT_TABLE="BC" #so html_line can determine which fields to write
-
- qa_stat_table "Backward Compatibility Test"
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>QA-OS</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1>P/F</font></b></td>'
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
- echo '<td><b><font size=+1>result</font></b></td>'
- echo '<td><b><font size=+1>output</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
-
-}
-
-old_bc_test()
-{
-CURRENT_TABLE="BC" #so html_line can determine which fields to write
-
- qa_stat_table "Backward Compatibility Test"
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>QA-OS</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1>P/F</font></b></td>'
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
- echo '<td><b><font size=+1>result</font></b></td>'
- echo '<td><b><font size=+1>output</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
-
- for w in `ls */results.html`
- do
- TMP_RESULT="`dirname $w`/results.tmp"
- TMP_BC_RESULT="`dirname bct/$w`/results.tmp"
- rm $TMP_RESULT $TMP_BC_RESULT 2>/dev/null
- cat $w | sed -e 's/<[^>]*>//g' -e 's/ /_/g' \
- -e 's/signtool_-[vw]/signtool_-vw/' |
- grep '_[PF]a[si][sl]ed' >$TMP_RESULT
- cat bct/$w | sed -e 's/<[^>]*>//g' -e 's/ /_/g' \
- -e 's/signtool_-[vw]/signtool_-vw/' |
- grep '_[PF]a[si][sl]ed' >$TMP_BC_RESULT
- diff $TMP_RESULT $TMP_BC_RESULT 2>>$BCMISSINGLIST |
- grep -v "Create_objsign_cert_.signtool_-G.*Passed" |
- grep -v "porting_Alice.s_email_cert" |
- grep -v "^[0-9,cad]*$" | grep -v "^---$" | grep -v "^---.$" |
- grep -v "Can.t_run_pk12util_tests_for_NSS_3.2" >/dev/null && (
- echo "$w differs" >> $BCMISSINGLIST
- echo "========================================="
- echo "diff $w bct/$w"
- echo "========================================="
- diff $TMP_RESULT $TMP_BC_RESULT 2>&1 |
- grep -v "Create_objsign_cert_.signtool_-G.*Passed" |
- grep -v "porting_Alice.s_email_cert" |
- grep -v "Can.t_run_pk12util_tests_for_NSS_3.2"
- ) 2>&1 >>$BCERRORLIST
-
- #diff -b $w bct/$w 2>>$BCMISSINGLIST |
- #grep -v "Create objsign cert .signtool -G.*Passed" |
- #grep -v "Listing signed files in jar .signtool -v.*Passed" |
- #grep -v "Listing signed files in jar .signtool -w.*Passed" |
- #grep -v "backward compatibility" |
- #grep -v "Can.t run pk12util tests for NSS 3.2" |
- #grep -v "porting Alice.s email cert " |
- #grep -v "^---$" | grep -v "^[<> ] $" |
- #grep -v "^---.$" | grep -v "^[<> ] .$" |
- #grep -v '< </BODY></HTML>' |
- #grep -v "^[0-9,cad]*$" 2>>$BCMISSINGLIST >/dev/null && (
- #echo "$w differs" >> $BCMISSINGLIST
- #echo "========================================="
- #echo "diff $w bct/$w"
- #echo "========================================="
- #diff -b $w bct/$w 2>&1 |
- #grep -v "Listing signed files in jar .signtool -v.*Passed" |
- #grep -v "Listing signed files in jar .signtool -w.*Passed" |
- #grep -v "backward compatibility" |
- #grep -v "Can.t run pk12util tests for NSS 3.2" |
- #grep -v "porting Alice.s email cert " |
- #grep -v "^---$" | grep -v "^[<> ] $" |
- #grep -v "^---.$" | grep -v "^[<> ] .$" |
- #grep -v '< </BODY></HTML>' |
- #grep -v "^[0-9,cad]*$" \
- #) 2>&1 >>$BCERRORLIST
- rm $TMP_RESULT $TMP_BC_RESULT 2>/dev/null
- done
- rm $ERRORLIST
- cat $BCMISSINGLIST | sed -e "s/^diff: bc_...s.//" \
- -e "s/.results.html.*/\/results.html/" |
- sort -u > $ERRORLIST
-
- platformlist
- echo '</table>' >>$TMP_HTML_FILE
-
- head -200 $BCERRORLIST | sed -e 's/<[^>]*>//g' -e "s/^/<br>/"
-}
-
-bc_test()
-{
-CURRENT_TABLE="BC" #so html_line can determine which fields to write
-
- qa_stat_table "Backward Compatibility Test"
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>QA-OS</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1>P/F</font></b></td>'
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
- echo '<td><b><font size=+1>result</font></b></td>'
- echo '<td><b><font size=+1>output</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
-
-set -x
- for w in `ls */results.html`
- do
- BCT_DIR=`dirname "bct/$w"`
- BCT_RESULT="bct/$w"
- BCT_LOG="$BCT_DIR/output.log"
- grep "bgcolor=red" $BCT_RESULT |
- sed -e 's/.results.html:<TR><TD>/ /' -e 's/<[^>]*>/ /g'
- grep 'cache hits; .* cache misses, .* cache not reusable' \
- $BCT_LOG |
- grep -v selfserv |
- grep -v '0 cache hits; 1 cache misses, 0 cache not reusable' |
- grep -v '0 cache hits; 0 cache misses, 0 cache not reusable' |
- grep -v ' cache hits; 1 cache misses, 0 cache not reusable'
- grep -vi "write to SSL socket" $BCT_LOG |
- grep -vi "HDX PR_Read returned error" |
- grep -vi "no error" |
- grep -vi "12285" |
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP error
- grep -vi "write to SSL socket" $BCT_LOG |
- grep -vi "peer cannot verify" |
- grep -vi "error" |
- grep -vi "fatal" |
- grep -vi "TCP connection reset" |
- grep $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i failed $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "segmentation violation" $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "memory fault" $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "bus error" $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP "core dumped" $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP fatal $BCT_LOG
- grep -i $BEFORE_CONTEXT_GREP $AFTER_CONTEXT_GREP -i "PKCS12 decode not verified" $BCT_LOG
- find ${BTC_DIR} -name core -print
-
- done 2>&1 >>$BCERRORLIST
- rm $ERRORLIST
- cat $BCMISSINGLIST | sed -e "s/^diff: bc_...s.//" \
- -e "s/.results.html.*/\/results.html/" |
- sort -u > $ERRORLIST
-
- platformlist
- echo '</table>' >>$TMP_HTML_FILE
-
- head -200 $BCERRORLIST | sed -e 's/<[^>]*>//g' -e "s/^/<br>/"
-}
-
-
-############################### bc_test ########################
-# local shell function, evaluates the results of the backward u
-# compatibility tests
-# move the whole function to old to tests a new solution
-########################################################################
-bc_test_old()
-{
-CURRENT_TABLE="BC" #so html_line can determine which fields to write
-
- qa_stat_table "Backward Compatibility Test"
- echo '<td NOSAVE><b><font size=+1>Build-OS and version</font></b></td>'
- echo '<td><b><font size=+1>QA-OS</font></b></td>'
- echo '<td><b><font size=+1>Systemname</font></b></td>'
- echo '<td><b><font size=+1>P/F</font></b></td>'
- #echo '<td><b><font size=+1>All Current</font></b></td>'
- #echo '<td><b><font size=+1>backward comp. test</font></b></td>'
- echo '<td><b><font size=+1>result</font></b></td>'
- echo '<td><b><font size=+1>output</font></b></td>'
- echo '<td><b><font size=+1>QA time / #</font></b></td>'
- echo '</tr>'
-
- for w in `ls */results.html`
- do
- diff -b $w bct/$w 2>>$BCMISSINGLIST |
- grep -v "Create objsign cert .signtool -G.*Passed" |
- grep -v "Listing signed files in jar .signtool -v.*Passed" |
- grep -v "Listing signed files in jar .signtool -w.*Passed" |
- grep -v "backward compatibility" |
- grep -v "Can.t run pk12util tests for NSS 3.2" |
- grep -v "porting Alice.s email cert " |
- grep -v "^---$" | grep -v "^[<> ] $" |
- grep -v "^---.$" | grep -v "^[<> ] .$" |
- grep -v '< </BODY></HTML>' |
- grep -v "^[0-9,cad]*$" 2>>$BCMISSINGLIST >/dev/null && (
- echo "$w differs" >> $BCMISSINGLIST
- echo "========================================="
- echo "diff $w bct/$w"
- echo "========================================="
- diff -b $w bct/$w 2>&1 |
- grep -v "Listing signed files in jar .signtool -v.*Passed" |
- grep -v "Listing signed files in jar .signtool -w.*Passed" |
- grep -v "backward compatibility" |
- grep -v "Can.t run pk12util tests for NSS 3.2" |
- grep -v "porting Alice.s email cert " |
- grep -v "^---$" | grep -v "^[<> ] $" |
- grep -v "^---.$" | grep -v "^[<> ] .$" |
- grep -v '< </BODY></HTML>' |
- grep -v "^[0-9,cad]*$" \
- ) 2>&1 >>$BCERRORLIST
- done
- rm $ERRORLIST
- cat $BCMISSINGLIST | sed -e "s/^diff: bc_...s.//" \
- -e "s/.results.html.*/\/results.html/" |
- sort -u > $ERRORLIST
-
- platformlist
- echo '</table>' >>$TMP_HTML_FILE
-
- head -200 $BCERRORLIST | sed -e 's/<[^>]*>//g' -e "s/^/<br>/"
-
-}
-
-############################### tbx_main ########################
-# local shell function, tinderbox variation of the qa status script
-########################################################################
-tbx_main()
-{
- TBX_EXIT=47
- qa_stat_get_sysinfo # find out the OS we are running and all required tests
- # on this OS
-
- MACHINES_TO_CHECK=$HOST #`uname -n` only search the local tests for errors
- qa_errorlist > $ERRORLIST #
- platformlist
- #tbx_missing_platforms #temp. taken out until we find a better way to
- #determine if all necessary QA ran - right now we run different
- #tinderboxes on one machine
- incomplete_results
- echo '</table>' >>$TMP_HTML_FILE
- echo '<a NAME="errorlist"></a>' >> $TMP_HTML_FILE
- cat $ERRORLIST | sed -e "s/^/<br>/" >>$TMP_HTML_FILE
-
-}
-
-############################### qa_stat_main ########################
-# local shell function, main flow of the qa status script
-########################################################################
-qa_stat_main()
-{
- find_qa_systems 2>/dev/null
- MACHINES_TO_CHECK="" # check all founf qa runs
- qa_errorlist > $ERRORLIST
- platformlist
- missing_platforms
- incomplete_results
- echo '</table>' >>$TMP_HTML_FILE
- echo '<a NAME="errorlist"></a>' >> $TMP_HTML_FILE
- cat $ERRORLIST | sed -e "s/^/<br>/" >>$TMP_HTML_FILE
- cat $WARNINGLIST 2>/dev/null | sed -e "s/^/<br>/" >>$TMP_HTML_FILE 2>/dev/null
- rsaperf >>$TMP_HTML_FILE
- bc_header >>$TMP_HTML_FILE
- MACHINES_TO_CHECK="bct/"
- TOTAL_TESTS=$BCT_TOTAL_TESTS
- BEFORE_CONTEXT_GREP="" #WORKAROUND - errors in one outputlog within the first
- AFTER_CONTEXT_GREP="" # or last lines will show up in the next/previos file
- qa_errorlist > $ERRORLIST
- platformlist
- missing_platforms
- incomplete_results
- echo '</table>' >>$TMP_HTML_FILE
- echo '<a NAME="errorlist"></a>' >> $TMP_HTML_FILE
- cat $ERRORLIST | sed -e "s/^/<br>/" >>$TMP_HTML_FILE
- cat $WARNINGLIST 2>/dev/null | sed -e "s/^/<br>/" >>$TMP_HTML_FILE 2>/dev/null
- #bc_test >>$TMP_HTML_FILE
-}
-
-CURRENT_TABLE="Standard"
-qa_stat_init
-
-if [ "$O_TBX" = "ON" -o "$O_LOCAL" = "ON" ] ; then
- tbx_main
-else
- qa_stat_main
-fi
-
-qa_stat_cleanup
diff --git a/security/nss/tests/qaclean b/security/nss/tests/qaclean
deleted file mode 100755
index 14c71f390..000000000
--- a/security/nss/tests/qaclean
+++ /dev/null
@@ -1,144 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/qaclean
-#
-# is supposed to clean up after a "hanging" QA
-#
-# 1) see if there is a lockfile
-# if yes:
-# 1a) kill the process of the lockfile and if possible it's children
-# 1b) rm the lockfile
-# 2) kill selfservers
-# 3) clean up old tmp files
-#
-########################################################################
-
-if [ -z "$TMP" ]
-then
- if [ -z "$TEMP" ]
- then
- TMP="/tmp"
- else
- TMP=$TEMP
- fi
-fi
-if [ ! -w "$TMP" ]
-then
- echo "Can't write to tmp directory $TMP - exiting"
- echo "Can't write to tmp directory $TMP - exiting" >&2
- exit 1
-fi
-
-########################### Ps #########################################
-# platform specific ps
-########################################################################
-Ps()
-{
- if [ `uname -s` = "SunOS" ]
- then
- /usr/5bin/ps -e
- else
- ps -e
- fi
-}
-
-Kill()
-{
- if [ "$1" = "$$" ]
- then
- return
- fi
- echo "Killing PID $1"
- kill $1
- sleep 1
- kill -9 $1 2>/dev/null
-}
-
-########################### kill_by_name ################################
-# like killall, only without permissionproblems, kills the process whose
-# name is given as parameter
-########################################################################
-kill_by_name()
-{
- echo "Killing all $1"
-
- for PID in `Ps | grep "$1" | grep -v grep | \
- sed -e "s/^[ ]*//g" -e "s/[ ].*//"`
- do
- Kill $PID
- done
-}
-
-kill_the_rest()
-{
-i=0
-while [ $i -lt $1 ]
-do
- kill_by_name nssqa
- kill_by_name selfserv
- kill_by_name strsclnt
- kill_by_name all.sh
- kill_by_name sdr.sh
- kill_by_name ssl.sh
- kill_by_name smime.sh
- i=`expr $i + 1`
-done
-}
-
-nt_warning()
-{
-os_name=`uname -s`
-case $os_name in
- CYGWIN*|WIN*|Win*)
- echo
- echo
- echo
- echo "Another Windows problem... If you have not already done so"
- echo "after this script completes, please reboot, and log in as"
- echo "user svbld again"
- echo
- echo
- echo
- ;;
-esac
-}
-
-nt_warning
-case $1 in
- -all)
- for w in tommy booboo kentuckyderby galileo shame axilla columbus \
- smarch charm hp64 biggayal orville kwyjibo hbombaix raven \
- jordan hornet phaedrus louie box dbldog huey washer dryer \
- shabadoo trex bummer compaqtor jellyfish sjsu
- do
- echo $w
- ping $w && rsh $w '/u/sonmi/bin/qaclean'
- done
-
- ;;
- ?*)
- rsh $1 '/u/sonmi/bin/qaclean'
- exit
- ;;
-esac
-
-uname -a
-echo
-
-if [ -f ${TMP}/nssqa.* ]
-then
- echo "nssqa seems to be running ${TMP}/nssqa.*"
- #cat ${TMP}/nssqa.*
- NSSQA_PID=`ls ${TMP}/nssqa.* | sed -e 's/[^.]*\.//'`
- Kill $NSSQA_PID
- rm ${TMP}/nssqa.*
-fi
-
-kill_the_rest 3
-ls -l ${TMP}/nsstmp.*
-rm ${TMP}/nsstmp.* 2>/dev/null
-rm ${TMP}/certutilout.* 2>/dev/null
-rm ${TMP}/Pk12*
-nt_warning
diff --git a/security/nss/tests/sdr/sdr.sh b/security/nss/tests/sdr/sdr.sh
deleted file mode 100755
index 98a16a457..000000000
--- a/security/nss/tests/sdr/sdr.sh
+++ /dev/null
@@ -1,121 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/sdr/sdr.sh
-#
-# Script to start test basic functionallity of NSS sdr
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## sdr_init ################################
-# local shell function to initialize this script
-########################################################################
-sdr_init()
-{
- SCRIPTNAME=sdr.sh
- if [ -z "${CLEANUP}" ] ; then
- CLEANUP="${SCRIPTNAME}"
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . init.sh
- fi
- SCRIPTNAME=sdr.sh
-
- #temporary files
- VALUE1=$HOSTDIR/tests.v1.$$
- VALUE2=$HOSTDIR/tests.v2.$$
-
- T1="Test1"
- T2="The quick brown fox jumped over the lazy dog"
-
- SDRDIR=${HOSTDIR}/SDR
- if [ ! -d ${SDRDIR} ]; then
- mkdir -p ${SDRDIR}
- fi
-
- cd ${SDRDIR}
- html_head "SDR Tests"
-}
-
-############################## sdr_main ################################
-# local shell function to test NSS SDR
-########################################################################
-sdr_main()
-{
- echo "$SCRIPTNAME: Creating an SDR key/Encrypt"
- echo "sdrtest -d . -o ${VALUE1} -t Test1"
- sdrtest -d . -o ${VALUE1} -t Test1
- html_msg $? 0 "Creating SDR Key"
-
- echo "$SCRIPTNAME: SDR Encrypt - Second Value"
- echo "sdrtest -d . -o ${VALUE2} -t '${T2}'"
- sdrtest -d . -o ${VALUE2} -t "${T2}"
- html_msg $? 0 "Encrypt - Value 2"
-
- echo "$SCRIPTNAME: Decrypt - Value 1"
- echo "sdrtest -d . -i ${VALUE1} -t Test1"
- sdrtest -d . -i ${VALUE1} -t Test1
- html_msg $? 0 "Decrypt - Value 1"
-
- echo "$SCRIPTNAME: Decrypt - Value 2"
- echo "sdrtest -d . -i ${VALUE2} -t ${T2}"
- sdrtest -d . -i ${VALUE2} -t "${T2}"
- html_msg $? 0 "Decrypt - Value 2"
-}
-
-############################## sdr_cleanup #############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-sdr_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-sdr_init
-sdr_main
-sdr_cleanup
diff --git a/security/nss/tests/set_environment b/security/nss/tests/set_environment
deleted file mode 100644
index 829d6c6d9..000000000
--- a/security/nss/tests/set_environment
+++ /dev/null
@@ -1,223 +0,0 @@
-#! /bin/sh
-
-########################################################################
-#
-# /u/sonmi/bin/set_environment
-#
-# sourced from the header if running from cron to get the full environment
-# to run nssqa - also used to unify all nssqa environments
-#
-# This is derived from the .cshrc file for the svbld account.
-#
-########################################################################
-
-if [ -z "$HOME" ]
-then
- HOME=/u/svbld
-fi
-if [ -z "$QASCRIPT_DIR" ]
-then
- QASCRIPT_DIR=`dirname $0`
-fi
-
-os_name=`uname -s`
-if [ "$os_name" != "Windows_95" -a \
- "$os_name" != "Windows_NT" -a \
- "$os_name" != "WINNT" -a \
- "$os_name" != "Windows" -a \
- "$os_name" != "Windows_98" -a \
- "$os_name" != "CYGWIN_NT-4.0" -a \
- "$os_name" != "CYGWIN_NT-5.0" -a \
- "$os_name" != "CYGWIN_95-4.0" -a \
- "$os_name" != "CYGWIN_98-4.10" ]
-then
- PATH=.:$HOME/bin:/tools/ns/bin:/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/dist/local/exe:/usr/bin/X11:/usr/audio/bin:/u/sonmi/bin:$PATH
- JAVA_HOME="D:/i386/jdk1.2.2"
-fi
-
-CVSROOT=:pserver:svbld@redcvs.red.iplanet.com:/m/src
-
-os_name=`uname -s`
-os_version=`uname -r`
-#os_p=`uname -p`
-os_full=""
-
-if [ -f /u/svbld/bin/nsarch ]
-then
- os_full=`/u/svbld/bin/nsarch -f` #FIXME
-fi
-
-MANPATH=/usr/share/man:/usr/openwin/man:/usr/local/man
-
-RMAIL=rmail
-BEFORE_CONTEXT_GREP=""
-AFTER_CONTEXT_GREP=""
-
-export CVSROOT HOME os_name os_version os_full MANPATH
-
-
-if [ "$os_name" = "HP-UX" ]
-then
- PATH=$PATH:/usr/local/bin:/opt/aCC/bin:/usr/local/bin/audio:/tools/ns/bin:/etc:/usr/contrib/bin:/usr/contrib/bin/X11:/usr/local/hpux/bin:/nfs/iapp1/hphome/bin:/etc:/u/svbld/bin/HP/perl/bin
- JAVA_HOME="/share/builds/components/cms_jdk/HP-UX/1.2.2.04"
-# JAVA_HOME="/share/builds/components/cms_jdk/HP-UX/1.3.0.00"
-elif [ "$os_name" = "SunOS" ]
-then
- NATIVE_FLAG="-native"
- XAPPLRESDIR=/usr/openwin/lib/app-defaults:/usr/local/lib/X11/app-defaults
- OPENWINHOME=/usr/openwin
- LD_LIBRARY_PATH=$OPENWINHOME/lib
- if [ "$os_full" = "SOLARISx86 2.8" -o "$os_full" = "SOLARISx86 2.9" ]
- then
- #PATH=/usr/ucb:/opt/usr/local/bin:$PATH
- JAVA_HOME="/usr/java1.2"
- PATH=".:/usr/dist/share/forte_dev_i386,v6.2/SUNWspro/bin:/opt/usr/local/perl5/bin:/opt/SUNWspro/bin:/opt/usr/local/bin:/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:/usr/dist/local/exe:/usr/ccs/bin:/usr/ucb/bin:/usr/ucb:/opt/SUNWwabi/bin:/usr/local/bin:/tools/ns/bin:/etc:/tools/contrib/bin"
- else
- PATH=/usr/ucb:$PATH
- JAVA_HOME="/share/builds/components/jdk/1.2.2/SunOS"
- PATH=/tools/ns/bin:$PATH:/opt/SUNWspro/bin:/usr/bin/X11:/usr/openwin/bin:/usr/openwin/demo
-
- if [ "$os_version" = "5.8" -o "$os_version" = "5.7" -o \
- "$os_version" = "5.9" ]
- then
- PATH=$PATH:/usr/dist/pkgs/forte_dev,v6.2/SUNWspro/bin:/tools/ns/workshop/bin
- else
- PATH=$PATH:/usr/dist/share/devpro,v5.0/5.x-sparc/bin:/tools/ns/workshop/bin
- fi
- PATH=$PATH:/usr/ccs/bin:/usr/ucb/bin:/opt/SUNWwabi/bin:/usr/local/bin:/tools/ns/bin:/etc:/tools/contrib/bin
- fi
- export XAPPLRESDIR OPENWINHOME LD_LIBRARY_PATH
-
-elif [ "$os_name" = "IRIX" ]
-then
- PATH=$PATH:/tools/ns/bin:/usr/local/bin:/etc:/usr/bsd
- MANPATH=/tools/ns/man:/usr/local/man
- JAVA_HOME="/share/builds/components/jdk/1.2.2/IRIX"
-elif [ "$os_name" = "IRIX64" ]
-then
- PATH=$PATH:/tools/ns/bin:/usr/local/bin:/etc:/usr/bsd
- MANPATH=/tools/ns/man:/usr/local/man
- JAVA_HOME="/share/builds/components/jdk/1.2.2/IRIX"
-elif [ "$os_name" = "Linux" ]
-then
- PATH=/lib:/usr/lib:/bin:/sbin:/usr/bin:/usr/sbin:$PATH
- RMAIL=sendmail
- #the gnu grep, on Linux can output 10 lines above and 3 lines below
- #the errormessage
- BEFORE_CONTEXT_GREP="--before-context=10"
- AFTER_CONTEXT_GREP="--after-context=3"
- JAVA_HOME="/share/builds/components/jdk/1.2.2/Linux"
-elif [ "$os_name" = "AIX" ]
-then
- PATH=$PATH:/tools/contrib/bin:/usr/local/bin
- TERM=vt100
- export TERM
- JAVA_HOME="/share/builds/components/cms_jdk/AIX/1.3.0"
-elif [ "$os_name" = "OSF1" ]
-then
- PATH=$PATH:/usr/local/bin
- JAVA_HOME="/share/builds/components/jdk/1.2.2/OSF1"
-fi
-
-if [ "$os_name" = "IRIX" ]
-then
- PATH=/tools/ns-arch/soft/perl-5.004_04/run/default/mips_sgi_irix5.3/bin:$PATH
-elif [ "$os_name" = "IRIX64" ]
-then
- PATH=/tools/ns-arch/soft/perl-5.004_04/run/default/mips_sgi_irix5.3/bin:$PATH
-fi
-
-O_CYGNUS=OFF
-O_MKS=OFF
-O_WIN=OFF
-
-if [ "$os_name" = "CYGWIN_NT-4.0" -o \
- "$os_name" = "CYGWIN_NT-5.0" -o \
- "$os_name" = "CYGWIN_95-4.0" -o \
- "$os_name" = "CYGWIN_98-4.10" ]
-then
- #FIXME net use, mount the neccessary pnetwork drives and partitiones first
- #FIXME - take MKS out of the PATH
- os_full=$os_name
- os_name="Windows"
- O_CYGNUS=ON
- O_WIN=ON
- PATH="`dirname $0`:.:/cygdrive/c/cygwin/bin:/cygdrive/z/nstools/bin:/cygdrive/z/nstools/perl5:/cygdrive/z/bin:/cygdrive/c/WINNT/System32:/cygdrive/c/WINNT"
- RM=/cygdrive/c/cygwin/bin/rm.exe #FIXME - in case we cant cporrect
- #these with the PATH alone
- PATH=`perl $QASCRIPT_DIR/path_uniq "$PATH"`
- RSH=/cygdrive/c/winnt/system32/rsh
-elif [ "$os_name" = "Windows_95" -o \
- "$os_name" = "Windows_NT" -o \
- "$os_name" = "WINNT" -o \
- "$os_name" = "Windows" -o \
- "$os_name" = "Windows_98" ]
-then
- #FIXME net use, mount the neccessary pnetwork drives and partitiones first
- PATH=`echo $SHELL | sed -e "s/.[kK][sS][Hh].[Ee][Xx][Ee]//g" \
- -e "s/.[sS][Hh].[Ee][Xx][Ee]//g"`
- MOZTOOLS_IN_PATH=NO
- if [ -n "$MOZ_TOOLS" -a -d "$MOZ_TOOLS" ] ; then
- MOZ_TOOLS=`ls -d "$MOZ_TOOLS" | sed -e 's/\\\/\//g'`
- #echo "MOZ_TOOLS reformated to $MOZ_TOOLS"
- if [ -d "$MOZ_TOOLS" ] ; then #still exist after reformating?
- MOZTOOLS_IN_PATH=OK
- fi
- fi
- if [ -n "$MOZTOOLS_IN_PATH" -a "$MOZTOOLS_IN_PATH" = "OK" ] ; then
- #echo "Use MOZTOOLS in PATH"
- PATH="$MOZ_TOOLS/bin;$MOZ_TOOLS/perl5;$PATH"
- elif [ -d Z:/nstools/bin ] ; then
- PATH="Z:/nstools/bin;Z:/nstools/perl5;$PATH"
- elif [ -d C:/nstools/bin ] ; then
- PATH="C:/nstools/bin;C:/nstools/perl5;$PATH"
- elif [ -d D:/nstools/bin ] ; then
- PATH="D:/nstools/bin;D:/nstools/perl5;$PATH"
- elif [ -d D:/i386/nstools/bin ] ; then
- PATH="D:/i386/nstools/bin;D:/i386/nstools/perl5;$PATH"
- else
- echo "FATAL: Can't find nstools"
- exit
- fi
-
- if [ "$os_name" = "Windows_NT" -o \
- "$os_name" = "WINNT" ]
- then
- PATH="${PATH};C:/WINNT/System32;C:/WINNT;.;"
- fi
- PATH="`dirname $0`;$PATH"
-
- PATH=`perl $QASCRIPT_DIR/path_uniq -d ';' "$PATH"`
- echo $PATH
- os_full=$os_name
- os_name="Windows"
- O_MKS=ON
- O_WIN=ON
- if [ -z $RSH ] ; then
- RSH=c:/winnt/system32/rsh
- fi
-
-else
- EDITOR=vi
- EMACSLOADPATH=/u/svbld/emacs
- PYTHONPATH=.:/tools/ns/lib/python1.4
- PAGER=less
- XMCD_LIBDIR=/usr/local/lib/xmcd
- DISPLAY=:0.0
- PATH=`perl $QASCRIPT_DIR/path_uniq "$PATH"`
- RSH=rsh
-fi
-
-BASEPATH=$PATH # in case we we set and reset DIST directories the PATH
- # needs to change accordingly
-export PATH EDITOR EMACSLOADPATH PYTHONPATH PAGER XMCD_LIBDIR DISPLAY MANPATH os_full os_name BASEPATH RSH O_WIN
-
-umask 022
-
-system=`uname -n` # name of this system.
-
-JAVAC=$JAVA_HOME/bin/javac
-JAVA=$JAVA_HOME/bin/java
-#JAVA=$JAVA_HOME/jre/bin/java
-export JAVAC JAVA JAVA_HOME
-
diff --git a/security/nss/tests/smime/alice.txt b/security/nss/tests/smime/alice.txt
deleted file mode 100644
index 0378db464..000000000
--- a/security/nss/tests/smime/alice.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Date: Wed, 20 Sep 2000 00:00:01 -0700 (PDT)
-From: alice@bogus.com
-Subject: message Alice --> Bob
-To: bob@bogus.com
-
-This is a test message from Alice to Bob.
diff --git a/security/nss/tests/smime/bob.txt b/security/nss/tests/smime/bob.txt
deleted file mode 100644
index 330b2c94d..000000000
--- a/security/nss/tests/smime/bob.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Date: Wed, 20 Sep 2000 00:00:01 -0700 (PDT)
-From: bob@bogus.com
-Subject: message Bob --> Alice
-To: alice@bogus.com
-
-This is a test message from Bob to Alice.
diff --git a/security/nss/tests/smime/smime.sh b/security/nss/tests/smime/smime.sh
deleted file mode 100755
index 61a7b8960..000000000
--- a/security/nss/tests/smime/smime.sh
+++ /dev/null
@@ -1,165 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/smime/smime.sh
-#
-# Script to test NSS smime
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## smime_init ##############################
-# local shell function to initialize this script
-########################################################################
-smime_init()
-{
- SCRIPTNAME=smime.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . cert.sh
- fi
- SCRIPTNAME=smime.sh
- html_head "S/MIME Tests"
-
- grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
- Exit 11 "Fatal - S/MIME of cert.sh needs to pass first"
- }
-
- SMIMEDIR=${HOSTDIR}/smime
- R_SMIMEDIR=../smime
- mkdir -p ${SMIMEDIR}
- cd ${SMIMEDIR}
- cp ${QADIR}/smime/alice.txt ${SMIMEDIR}
-}
-
-
-############################## smime_main ##############################
-# local shell function to test basic signed and enveloped messages
-# from 1 --> 2"
-########################################################################
-smime_main()
-{
-
- echo "$SCRIPTNAME: Signing Attached Message ------------------------------"
- echo "cmsutil -S -N Alice -i alice.txt -d ${R_ALICEDIR} -p nss -o alice.sig"
- cmsutil -S -N Alice -i alice.txt -d ${R_ALICEDIR} -p nss -o alice.sig
- html_msg $? 0 "Create Signature Alice" "."
-
- echo "cmsutil -D -i alice.sig -d ${R_BOBDIR} -o alice.data1"
- cmsutil -D -i alice.sig -d ${R_BOBDIR} -o alice.data1
- html_msg $? 0 "Decode Alice's Signature" "."
-
- echo "diff alice.txt alice.data1"
- diff alice.txt alice.data1
- html_msg $? 0 "Compare Decoded Signature and Original" "."
-
- echo "$SCRIPTNAME: Enveloped Data Tests ------------------------------"
- echo "cmsutil -E -r bob@bogus.com -i alice.txt -d ${R_ALICEDIR} -p nss \\"
- echo " -o alice.env"
- cmsutil -E -r bob@bogus.com -i alice.txt -d ${R_ALICEDIR} -p nss -o alice.env
- html_msg $? 0 "Create Enveloped Data Alice" "."
-
- echo "cmsutil -D -i alice.env -d ${R_BOBDIR} -p nss -o alice.data1"
- cmsutil -D -i alice.env -d ${R_BOBDIR} -p nss -o alice.data1
- html_msg $? 0 "Decode Enveloped Data Alice" "."
-
- echo "diff alice.txt alice.data1"
- diff alice.txt alice.data1
- html_msg $? 0 "Compare Decoded Enveloped Data and Original" "."
-
- # multiple recip
- #cmsutil -E -i alicecc.txt -d ${R_ALICEDIR} -o alicecc.env \
- # -r bob@bogus.com,dave@bogus.com
- #cmsutil -D -i alicecc.env -d ${R_BOBDIR} -p nss
-
- echo "$SCRIPTNAME: Sending CERTS-ONLY Message ------------------------------"
- echo "cmsutil -O -r \"Alice,bob@bogus.com,dave@bogus.com\" \\"
- echo " -d ${R_ALICEDIR} > co.der"
- cmsutil -O -r "Alice,bob@bogus.com,dave@bogus.com" -d ${R_ALICEDIR} > co.der
- html_msg $? 0 "Create Certs-Only Alice" "."
-
- echo "cmsutil -D -i co.der -d ${R_BOBDIR}"
- cmsutil -D -i co.der -d ${R_BOBDIR}
- html_msg $? 0 "Verify Certs-Only by CA" "."
-
- echo "$SCRIPTNAME: Encrypted-Data Message ---------------------------------"
- echo "cmsutil -C -i alice.txt -e alicehello.env -d ${R_ALICEDIR} \\"
- echo " -r \"bob@bogus.com\" > alice.enc"
- cmsutil -C -i alice.txt -e alicehello.env -d ${R_ALICEDIR} \
- -r "bob@bogus.com" > alice.enc
- html_msg $? 0 "Create Encrypted-Data" "."
-
- echo "cmsutil -D -i alice.enc -d ${R_BOBDIR} -e alicehello.env -p nss \\"
- echo " -o alice.data2"
- cmsutil -D -i alice.enc -d ${R_BOBDIR} -e alicehello.env -p nss -o alice.data2
- html_msg $? 0 "Decode Encrypted-Data" "."
-
- diff alice.txt alice.data2
- html_msg $? 0 "Compare Decoded and Original Data" "."
-}
-
-############################## smime_cleanup ###########################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-smime_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-smime_init
-smime_main
-smime_cleanup
-
diff --git a/security/nss/tests/ssl/ssl.sh b/security/nss/tests/ssl/ssl.sh
deleted file mode 100755
index 27a1ac727..000000000
--- a/security/nss/tests/ssl/ssl.sh
+++ /dev/null
@@ -1,320 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/ssl/ssl.sh
-#
-# Script to test NSS SSL
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## ssl_init ################################
-# local shell function to initialize this script
-########################################################################
-ssl_init()
-{
- SCRIPTNAME=ssl.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . cert.sh
- fi
- SCRIPTNAME=ssl.sh
- echo "$SCRIPTNAME: SSL tests ==============================="
-
- grep "SUCCESS: SSL passed" $CERT_LOG_FILE >/dev/null || {
- html_head "SSL Test failure"
- Exit 8 "Fatal - SSL of cert.sh needs to pass first"
- }
-
- PORT=${PORT-8443}
-
- # Test case files
- SSLCOV=${QADIR}/ssl/sslcov.txt
- SSLAUTH=${QADIR}/ssl/sslauth.txt
- SSLSTRESS=${QADIR}/ssl/sslstress.txt
- REQUEST_FILE=${QADIR}/ssl/sslreq.txt
-
- #temparary files
- SERVEROUTFILE=${TMP}/tests_server.$$
- SERVERPID=${TMP}/tests_pid.$$
-
- R_SERVERPID=../tests_pid.$$
-
- TEMPFILES="$TMPFILES ${SERVEROUTFILE} ${SERVERPID}"
-
- fileout=0 #FIXME, looks like all.sh tried to turn this on but actually didn't
- #fileout=1
- #verbose="-v" #FIXME - see where this is usefull
- cd ${CLIENTDIR}
-
-}
-
-########################### is_selfserv_alive ##########################
-# local shell function to exit with a fatal error if selfserver is not
-# running
-########################################################################
-is_selfserv_alive()
-{
- if [ ! -f "${SERVERPID}" ]; then
- echo "$SCRIPTNAME: Error - selfserv PID file ${SERVERPID} doesn't exist"
- sleep 5
- if [ ! -f "${SERVERPID}" ]; then
- Exit 9 "Fatal - selfserv pid file ${SERVERPID} does not exist"
- fi
- fi
- PID=`cat ${SERVERPID}`
- $PS -e | grep $PID >/dev/null || \
- Exit 10 "Fatal - selfserv process not detectable"
-}
-
-########################### wait_for_selfserv ##########################
-# local shell function to wait until selfserver is running and initialized
-########################################################################
-wait_for_selfserv()
-{
- echo "tstclnt -p ${PORT} -h ${HOST} -q -d . < ${REQUEST_FILE} "
- #echo "tstclnt -q started at `date`"
- tstclnt -p ${PORT} -h ${HOST} -q -d . < ${REQUEST_FILE}
- if [ $? -ne 0 ]; then
- html_failed "<TR><TD> Wait for Server "
- echo "RETRY: tstclnt -p ${PORT} -h ${HOST} -q -d . < ${REQUEST_FILE}"
- tstclnt -p ${PORT} -h ${HOST} -q -d . < ${REQUEST_FILE}
- elif [ sparam = "-c ABCDEFabcdefghijklmnvy" ] ; then # "$1" = "cov" ] ; then
- html_passed "<TR><TD> Wait for Server"
- fi
- is_selfserv_alive
-}
-
-########################### kill_selfserv ##############################
-# local shell function to kill the selfserver after the tests are done
-########################################################################
-kill_selfserv()
-{
- ${KILL} `cat ${SERVERPID}`
- wait `cat ${SERVERPID}`
- if [ ${fileout} -eq 1 ]; then
- cat ${SERVEROUTFILE}
- fi
- ${SLEEP} #FIXME linux waits 30 seconds - find a shorter way (sockets free)
- rm ${SERVERPID}
-}
-
-########################### start_selfserv #############################
-# local shell function to start the selfserver with the parameters required
-# for this test and log information (parameters, start time)
-# also: wait until the server is up and running
-########################################################################
-start_selfserv()
-{
- if [ -n "$testname" ] ; then
- echo "$SCRIPTNAME: $testname ----"
- fi
- sparam=`echo $sparam | sed -e 's;_; ;g'`
- echo "selfserv -D -p ${PORT} -d ${R_SERVERDIR} -n ${HOSTADDR} \\"
- echo " -w nss ${sparam} -i ${R_SERVERPID} $verbose &"
- echo "selfserv started at `date`"
- if [ ${fileout} -eq 1 ]; then
- selfserv -D -p ${PORT} -d ${R_SERVERDIR} -n ${HOSTADDR} \
- -w nss ${sparam} -i ${R_SERVERPID} $verbose \
- > ${SERVEROUTFILE} 2>&1 &
- else
- selfserv -D -p ${PORT} -d ${R_SERVERDIR} -n ${HOSTADDR} \
- -w nss ${sparam} -i ${R_SERVERPID} $verbose &
- fi
- wait_for_selfserv
-}
-
-############################## ssl_cov #################################
-# local shell function to perform SSL Cipher Coverage tests
-########################################################################
-ssl_cov()
-{
- html_head "SSL Cipher Coverage"
-
- testname=""
- sparam="-c ABCDEFabcdefghijklmnvy"
- start_selfserv # Launch the server
-
- cat ${SSLCOV} | while read tls param testname
- do
- if [ $tls != "#" ]; then
- echo "$SCRIPTNAME: running $testname ----------------------------"
- TLS_FLAG=-T
- if [ $tls = "TLS" ]; then
- TLS_FLAG=""
- fi
- sparam=""
- if [ ${param} = "i" ]; then
- sparam='-c i'
- fi
-
- is_selfserv_alive
- echo "tstclnt -p ${PORT} -h ${HOST} -c ${param} ${TLS_FLAG} \\"
- echo " -f -d . < ${REQUEST_FILE}"
- if [ `uname -s` = "HP-UX" ] ; then
- echo "workaround for HP-UX to avoid client and server writes at "
- echo " the same time"
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
- tstclnt -p ${PORT} -h ${HOST} -c ${param} ${TLS_FLAG} -f \
- -d . < ${REQUEST_FILE} >${TMP}/$HOST.tmp.$$ 2>&1
- ret=$?
- cat ${TMP}/$HOST.tmp.$$
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
- else
- tstclnt -p ${PORT} -h ${HOST} -c ${param} ${TLS_FLAG} -f \
- -d . < ${REQUEST_FILE}
- ret=$?
- fi
- html_msg $ret 0 "${testname}"
- fi
- done
-
- kill_selfserv
- html "</TABLE><BR>"
-}
-
-############################## ssl_auth ################################
-# local shell function to perform SSL Client Authentication tests
-########################################################################
-ssl_auth()
-{
- html_head "SSL Client Authentication"
-
- cat ${SSLAUTH} | while read value sparam cparam testname
- do
- if [ $value != "#" ]; then
- cparam=`echo $cparam | sed -e 's;_; ;g'`
- start_selfserv
-
- echo "tstclnt -p ${PORT} -h ${HOST} -f -d . ${cparam} \\"
- echo " < ${REQUEST_FILE}"
- if [ `uname -s` = "HP-UX" ] ; then
- echo "workaround for HP-UX to avoid client and server writes at "
- echo " the same time"
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
- tstclnt -p ${PORT} -h ${HOST} -f ${cparam} \
- -d . < ${REQUEST_FILE} >${TMP}/$HOST.tmp.$$ 2>&1
- ret=$?
- cat ${TMP}/$HOST.tmp.$$
- rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
- else
- tstclnt -p ${PORT} -h ${HOST} -f -d . ${cparam} < ${REQUEST_FILE}
- ret=$?
- fi
-
- html_msg $ret $value "${testname}" \
- "produced a returncode of $ret, expected is $value"
- kill_selfserv
- fi
- done
-
- html "</TABLE><BR>"
-}
-
-
-############################## ssl_stress ##############################
-# local shell function to perform SSL stress test
-########################################################################
-ssl_stress()
-{
- html_head "SSL Stress Test"
-
- cat ${SSLSTRESS} | while read value sparam cparam testname
- do
- if [ $value != "#" ]; then
- cparam=`echo $cparam | sed -e 's;_; ;g'`
- start_selfserv
- if [ `uname -n` = "sjsu" ] ; then
- echo "debugging disapering selfserv... ps -ef | grep selfserv"
- ps -ef | grep selfserv
- fi
-
- echo "strsclnt -q -p ${PORT} -d . -w nss $cparam $verbose \\"
- echo " ${HOSTADDR}"
- echo "strsclnt started at `date`"
- strsclnt -q -p ${PORT} -d . -w nss $cparam $verbose ${HOSTADDR}
- ret=$?
- echo "strsclnt completed at `date`"
- html_msg $ret $value "${testname}"
- if [ `uname -n` = "sjsu" ] ; then
- echo "debugging disapering selfserv... ps -ef | grep selfserv"
- ps -ef | grep selfserv
- fi
- kill_selfserv
- fi
- done
-
- html "</TABLE><BR>"
-}
-
-
-############################## ssl_cleanup #############################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-ssl_cleanup()
-{
- rm $SERVERPID 2>/dev/null
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-#this script may be sourced from the distributed stress test - in this case do nothing...
-
-if [ -z "$DO_REM_ST" -a -z "$DO_DIST_ST" ] ; then
- ssl_init
- ssl_cov
- ssl_auth
- ssl_stress
- ssl_cleanup
-fi
diff --git a/security/nss/tests/ssl/ssl_dist_stress.sh b/security/nss/tests/ssl/ssl_dist_stress.sh
deleted file mode 100755
index f640b584d..000000000
--- a/security/nss/tests/ssl/ssl_dist_stress.sh
+++ /dev/null
@@ -1,343 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/ssl/ssl_dist_stress.sh
-#
-# Script to test NSS SSL - distributed stresstest - this script needs to
-# source the regular ssl.sh (for shellfunctions, certs and variables
-# initialisation)
-# create certs
-# start server
-# start itself via rsh on different systems to connect back to the server
-#
-#
-# needs to work on all Unix and Windows platforms
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-# FIXME _ don't know yet how long to wait until the server needs to be killed
-# especially on NT
-#
-########################################################################
-
-############################## ssl_ds_init #############################
-# local shell function to initialize this script
-########################################################################
-ssl_ds_init()
-{
- if [ -z "$GLOB_MIN_CERT" ] ; then
- GLOB_MIN_CERT=0
- fi
- if [ -z "$GLOB_MAX_CERT" ] ; then
- GLOB_MAX_CERT=200
- fi
- IP_PARAM=""
- CD_QADIR_SSL=""
-
-
- if [ -n "$1" ] ; then
- ssl_ds_eval_opts $*
- fi
- SCRIPTNAME=ssl_dist_stress.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- ssl_init # let some other script do the hard work (initialize, generate certs, ...
-
- SCRIPTNAME=ssl_dist_stress.sh
- echo "$SCRIPTNAME: SSL distributed stress tests ==============================="
-
-}
-
-######################### ssl_ds_usage #################################
-# local shell function to explain the usage
-########################################################################
-ssl_ds_usage()
-{
- echo "Usage: `basename $1`"
- echo " -host hostname "
- echo " ...host who runs the server, for distributed stress test"
- echo " -stress "
- echo " ...runs the server sider of the distributed stress test"
- echo " -dir unixdirectory "
- echo " ...lets the server side of the distributed stress test"
- echo " know where to find the scritp to start on the remote side"
- echo " -certnum start-end"
- echo " ... provides the range of certs for distributed stress test"
- echo " for example -certnum 10-20 will connect 10 times"
- echo " no blanks in the range string (not 10 - 20)"
- echo " valid range ${GLOB_MIN_CERT}-${GLOB_MAX_CERT}"
- echo " -? ...prints this text"
- exit 1 #does not need to be Exit, very early in script
-}
-
-######################### ssl_ds_eval_opts #############################
-# local shell function to deal with options and parameters
-########################################################################
-ssl_ds_eval_opts()
-{
- #use $0 not $SCRIPTNAM<E, too early, SCRIPTNAME not yet set
-
- while [ -n "$1" ]
- do
- case $1 in
- -host)
- BUILD_OPT=1
- export BUILD_OPT
- DO_REM_ST="TRUE"
- shift
- SERVERHOST=$1
- HOST=$1
- if [ -z $SERVERHOST ] ; then
- echo "$0 `uname -n`: -host requires hostname"
- ssl_ds_usage
- fi
- echo "$0 `uname -n`: host $HOST ($1)"
- ;;
- -certn*)
- shift
- rangeOK=`echo $1 | sed -e 's/[0-9][0-9]*-[0-9][0-9]*/OK/'`
- MIN_CERT=`echo $1 | sed -e 's/-[0-9][0-9]*//' -e 's/^00*//'`
- MAX_CERT=`echo $1 | sed -e 's/[0-9][0-9]*-//' -e 's/^00*//'`
- if [ -z "$rangeOK" -o "$rangeOK" != "OK" -o \
- -z "$MIN_CERT" -o -z "$MAX_CERT" -o \
- "$MIN_CERT" -gt "$MAX_CERT" -o \
- "$MIN_CERT" -lt "$GLOB_MIN_CERT" -o \
- "$MAX_CERT" -gt "$GLOB_MAX_CERT" ] ; then
- echo "$0 `uname -n`: -certn range not valid"
- ssl_ds_usage
- fi
- echo "$0 `uname -n`: will use certs from $MIN_CERT to $MAX_CERT"
- ;;
- -server|-stress|-dist*st*)
- BUILD_OPT=1
- export BUILD_OPT
- DO_DIST_ST="TRUE"
- ;;
- -dir|-unixdir|-uxdir|-qadir)
- shift
- UX_DIR=$1
- #FIXME - we need a default unixdir
- if [ -z "$UX_DIR" ] ; then # -o ! -d "$UX_DIR" ] ; then can't do, Win doesn't know...
- echo "$0 `uname -n`: -dir requires directoryname "
- ssl_ds_usage
- fi
- CD_QADIR_SSL="cd $UX_DIR"
- ;;
- -ip*)
- shift
- IP_ADDRESS=$1
- if [ -z "$IP_ADDRESS" ] ; then
- echo "$0 `uname -n`: -ip requires ip-address "
- ssl_ds_usage
- fi
- USE_IP=TRUE
- IP_PARAM="-ip $IP_ADDRESS"
- ;;
- -h|-help|"-?"|*)
- ssl_ds_usage
- ;;
- esac
- shift
- done
-}
-
-############################## ssl_ds_rem_stress #######################
-# local shell function to perform the client part of the SSL stress test
-########################################################################
-
-ssl_ds_rem_stress()
-{
- testname="SSL remote part of Stress test (`uname -n`)"
- echo "$SCRIPTNAME `uname -n`: $testname"
-
- #cp -r "${CLIENTDIR}" /tmp/ssl_ds.$$ #FIXME
- #cd /tmp/ssl_ds.$$
- #verbose="-v"
-
- cd ${CLIENTDIR}
-
- CONTINUE=$MAX_CERT
- while [ $CONTINUE -ge $MIN_CERT ]
- do
- echo "strsclnt -D -p ${PORT} -d . -w nss -c 1 $verbose "
- echo " -n TestUser$CONTINUE ${HOSTADDR} #`uname -n`"
- strsclnt -D -p ${PORT} -d . -w nss -c 1 $verbose \
- -n "TestUser$CONTINUE" ${HOSTADDR} &
- #${HOSTADDR} &
- CONTINUE=`expr $CONTINUE - 1 `
- #sleep 4 #give process time to start up
- done
-
- html_msg 0 0 "${testname}" #FIXME
-}
-
-######################### ssl_ds_dist_stress ###########################
-# local shell function to perform the server part of the new, distributed
-# SSL stress test
-########################################################################
-
-ssl_ds_dist_stress()
-{
- max_clientlist="
- box-200
- washer-200
- dryer-200
- hornet-50
- shabadoo-50
- y2sun2-10
- galileo-10
- shame-10
- axilla-10
- columbus-10
- smarch-10
- nugget-10
- charm-10
- hp64-10
- biggayal-10
- orville-10
- kwyjibo-10
- hbombaix-10
- raven-10
- jordan-10
- phaedrus-10
- louie-10
- trex-10
- compaqtor-10"
-
- #clientlist=" huey-2 dewey-2 hornet-2 shabadoo-2" #FIXME ADJUST
- clientlist=" box-200 washer-200 huey-200 dewey-200 hornet-200 shabadoo-200 "
- #clientlist="washer-200 huey-200 dewey-200 hornet-200 "
-
- html_head "SSL Distributed Stress Test"
-
- testname="SSL distributed Stress test"
-
- echo cd "${CLIENTDIR}"
- cd "${CLIENTDIR}"
- if [ -z "CD_QADIR_SSL" ] ; then
- CD_QADIR_SSL="cd $QADIR/ssl"
- else
- cp -r $HOSTDIR $HOSTDIR/../../../../../booboo_Solaris8/mozilla/tests_results/security
- fi
-
- #sparam=" -t 128 -D -r "
- sparam=" -t 16 -D -r -r "
- start_selfserv
-
- for c in $clientlist
- do
- client=`echo $c | sed -e "s/-.*//"`
- number=`echo $c | sed -e "s/.*-//"`
- CLIENT_OK="TRUE"
- echo $client
- ping $client >/dev/null || CLIENT_OK="FALSE"
- if [ "$CLIENT_OK" = "FALSE" ] ; then
- echo "$SCRIPTNAME `uname -n`: $client can't be reached - skipping"
- else
- get_certrange $number
- echo "$SCRIPTNAME `uname -n`: $RSH $client -l svbld \\ "
- echo " \" $CD_QADIR_SSL ;ssl_dist_stress.sh \\"
- echo " -host $HOST -certnum $CERTRANGE $IP_PARAM \" "
- $RSH $client -l svbld \
- " $CD_QADIR_SSL;ssl_dist_stress.sh -host $HOST -certnum $CERTRANGE $IP_PARAM " &
- fi
- done
-
- echo cd "${CLIENTDIR}"
- cd "${CLIENTDIR}"
-
- sleep 600 # give the clients time to finish #FIXME ADJUST
-
- echo "GET /stop HTTP/1.0\n\n" > stdin.txt #check to make sure it has /r/n
- echo "tstclnt -h $HOSTADDR -p 8443 -d ${CLIENTDIR} -n TestUser0 "
- echo " -w nss -f < stdin.txt"
- tstclnt -h $HOSTADDR -p 8443 -d ${CLIENTDIR} -n TestUser0 \
- -w nss -f < stdin.txt
-
- html_msg 0 0 "${testname}"
- html "</TABLE><BR>"
-}
-
-############################ get_certrange #############################
-# local shell function to find the range of certs that the next remote
-# client is supposed to use (only for server side of the dist stress test
-########################################################################
-get_certrange()
-{
- rangeOK=`echo $1 | sed -e 's/[0-9][0-9]*/OK/'`
- if [ -z "$rangeOK" -o "$rangeOK" != "OK" -o $1 = "OK" ] ; then
- range=10
- echo "$SCRIPTNAME `uname -n`: $1 is not a valid number of certs "
- echo " defaulting to 10 for $client"
- else
- range=$1
- if [ $range -gt $GLOB_MAX_CERT ] ; then
- range=$GLOB_MAX_CERT
- fi
- fi
- if [ -z "$FROM_CERT" ] ; then # start new on top of the cert stack
- FROM_CERT=$GLOB_MAX_CERT
- elif [ `expr $FROM_CERT - $range + 1 ` -lt 0 ] ; then
- FROM_CERT=$GLOB_MAX_CERT # dont let it fall below 0 on the TO_CERT
-
- fi
- TO_CERT=`expr $FROM_CERT - $range + 1 `
- if [ $TO_CERT -lt 0 ] ; then # it's not that I'm bad in math, I just
- TO_CERT=0 # don't trust expr...
- fi
- CERTRANGE="${TO_CERT}-${FROM_CERT}"
- FROM_CERT=`expr ${TO_CERT} - 1 ` #start the next client one below
-}
-
-
-################## main #################################################
-
-DO_DIST_ST="TRUE"
-. ssl.sh
-ssl_ds_init $*
-if [ -n "$DO_REM_ST" -a "$DO_REM_ST" = "TRUE" ] ; then
- ssl_ds_rem_stress
- exit 0 #no cleanup on purpose
-elif [ -n "$DO_DIST_ST" -a "$DO_DIST_ST" = "TRUE" ] ; then
- ssl_ds_dist_stress
-fi
-ssl_cleanup
diff --git a/security/nss/tests/ssl/sslauth.txt b/security/nss/tests/ssl/sslauth.txt
deleted file mode 100644
index 8e4a9c585..000000000
--- a/security/nss/tests/ssl/sslauth.txt
+++ /dev/null
@@ -1,21 +0,0 @@
-#
-# This file defines the tests for client auth.
-#
-# expected
-# return server client Test Case name
-# value params params
-# ------ ------ ------ ---------------
- 0 -r -w_nss TLS Request don't require client auth (client does not provide auth)
- 0 -r -w_bogus_-n_TestUser TLS Request don't require client auth (bad password)
- 0 -r -w_nss_-n_TestUser TLS Request don't require client auth (client auth)
- 0 -r_-r -w_nss TLS Require client auth (client does not provide auth)
-# this one should fail
- 254 -r_-r -w_bogus_-n_TestUser TLS Require client auth (bad password)
- 0 -r_-r -w_nss_-n_TestUser_ TLS Require client auth (client auth)
- 0 -r -T_-w_nss SSL3 Request don't require client auth (client does not provide auth)
- 0 -r -T_-n_TestUser_-w_bogus SSL3 Request don't require client auth (bad password)
- 0 -r -T_-n_TestUser_-w_nss SSL3 Request don't require client auth (client auth)
- 0 -r_-r -T_-w_nss SSL3 Require client auth (client does not provide auth)
-# this one should fail
- 254 -r_-r -T_-n_TestUser_-w_bogus SSL3 Require client auth (bad password)
- 0 -r_-r -T_-n_TestUser_-w_nss SSL3 Require client auth (client auth)
diff --git a/security/nss/tests/ssl/sslcov.txt b/security/nss/tests/ssl/sslcov.txt
deleted file mode 100644
index e60e06d28..000000000
--- a/security/nss/tests/ssl/sslcov.txt
+++ /dev/null
@@ -1,44 +0,0 @@
-#
-# This file enables test coverage of the various SSL ciphers
-#
-# NOTE: SSL2 ciphers are independent of whether TLS is enabled or not. We
-# mix up the enable functions so we can tests boths paths.
-#
-# Enable Cipher Test Name
-# TLS
-#
- noTLS A SSL2 RC4 128 WITH MD5
- TLS B SSL2 RC4 128 EXPORT40 WITH MD5
- TLS C SSL2 RC2 128 CBC WITH MD5
- noTLS D SSL2 RC2 128 CBC EXPORT40 WITH MD5
- TLS E SSL2 DES 64 CBC WITH MD5
- noTLS F SSL2 DES 192 EDE3 CBC WITH MD5
- noTLS c SSL3 RSA WITH RC4 128 MD5
- noTLS d SSL3 RSA WITH 3DES EDE CBC SHA
- noTLS e SSL3 RSA WITH DES CBC SHA
- noTLS f SSL3 RSA EXPORT WITH RC4 40 MD5
- noTLS g SSL3 RSA EXPORT WITH RC2 CBC 40 MD5
- noTLS j SSL3 RSA FIPS WITH 3DES EDE CBC SHA
- noTLS k SSL3 RSA FIPS WITH DES CBC SHA
- noTLS l SSL3 RSA EXPORT WITH DES CBC SHA (new)
- noTLS m SSL3 RSA EXPORT WITH RC4 56 SHA (new)
- TLS c TLS RSA WITH RC4 128 MD5
- TLS d TLS RSA WITH 3DES EDE CBC SHA
- TLS e TLS RSA WITH DES CBC SHA
- TLS f TLS RSA EXPORT WITH RC4 40 MD5
- TLS g TLS RSA EXPORT WITH RC2 CBC 40 MD5
- TLS j TLS RSA FIPS WITH 3DES EDE CBC SHA
- TLS k TLS RSA FIPS WITH DES CBC SHA
- TLS l TLS RSA EXPORT WITH DES CBC SHA (new)
- TLS m TLS RSA EXPORT WITH RC4 56 SHA (new)
-# The NULL ciphers have to be last because we need to restart selfserve
-# (NULL is not enabled by default)
- TLS i TLS RSA WITH NULL MD5
- noTLS i SSL3 RSA WITH NULL MD5
-# added on nelson's request
- TLS n TLS RSA WITH RC4 128 SHA
- noTLS n SSL3 RSA WITH RC4 128 SHA
- TLS v TLS RSA WITH AES 128 CBC SHA
- noTLS v SSL3 RSA WITH AES 128 CBC SHA
- TLS y TLS RSA WITH AES 256 CBC SHA
- noTLS y SSL3 RSA WITH AES 256 CBC SHA
diff --git a/security/nss/tests/ssl/sslreq.txt b/security/nss/tests/ssl/sslreq.txt
deleted file mode 100644
index 16a750fbf..000000000
--- a/security/nss/tests/ssl/sslreq.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-GET / HTTP/1.0
-
-
diff --git a/security/nss/tests/ssl/sslstress.txt b/security/nss/tests/ssl/sslstress.txt
deleted file mode 100644
index 7cf846d73..000000000
--- a/security/nss/tests/ssl/sslstress.txt
+++ /dev/null
@@ -1,14 +0,0 @@
-#
-# This file defines the tests for client auth.
-#
-# expected
-# return server client Test Case name
-# value params params
-# ------ ------ ------ ---------------
- 0 _ -c_1000_-C_A Stress SSL2 RC4 128 with MD5
- 0 _ -c_1000_-C_c Stress SSL3 RC4 128 with MD5
-# 0 _ -c_1000_-C_c Stress TLS RC4 128 with MD5
-#
-# add client auth versions here...
-#
-# 0 -r -w_bogus_-n_"Test_User" TLS Request don't require client auth (bad password)
diff --git a/security/nss/tests/tools/sign.html b/security/nss/tests/tools/sign.html
deleted file mode 100644
index b85d51571..000000000
--- a/security/nss/tests/tools/sign.html
+++ /dev/null
@@ -1,5 +0,0 @@
-<html>
-<body>
-Sign this javascriptless page.
-</body>
-</html>
diff --git a/security/nss/tests/tools/signjs.html b/security/nss/tests/tools/signjs.html
deleted file mode 100644
index f073131ed..000000000
--- a/security/nss/tests/tools/signjs.html
+++ /dev/null
@@ -1,8 +0,0 @@
-<html>
-<body>
-<script language="JavaScript">
-document.write("<h3>Sign this javascript</h3>");
-</script>
-Here's some plain content.
-</body>
-</html>
diff --git a/security/nss/tests/tools/tools.sh b/security/nss/tests/tools/tools.sh
deleted file mode 100644
index 24b1cd101..000000000
--- a/security/nss/tests/tools/tools.sh
+++ /dev/null
@@ -1,184 +0,0 @@
-#! /bin/sh
-#
-# The contents of this file are subject to the Mozilla Public
-# License Version 1.1 (the "License"); you may not use this file
-# except in compliance with the License. You may obtain a copy of
-# the License at http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS
-# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-# implied. See the License for the specific language governing
-# rights and limitations under the License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is Netscape
-# Communications Corporation. Portions created by Netscape are
-# Copyright (C) 1994-2000 Netscape Communications Corporation. All
-# Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the
-# terms of the GNU General Public License Version 2 or later (the
-# "GPL"), in which case the provisions of the GPL are applicable
-# instead of those above. If you wish to allow use of your
-# version of this file only under the terms of the GPL and not to
-# allow others to use your version of this file under the MPL,
-# indicate your decision by deleting the provisions above and
-# replace them with the notice and other provisions required by
-# the GPL. If you do not delete the provisions above, a recipient
-# may use your version of this file under either the MPL or the
-# GPL.
-#
-#
-########################################################################
-#
-# mozilla/security/nss/tests/tools/tools.sh
-#
-# Script to test basic functionallity of NSS tools
-#
-# needs to work on all Unix and Windows platforms
-#
-# tests implemented:
-# pk12util
-# signtool
-#
-# special strings
-# ---------------
-# FIXME ... known problems, search for this string
-# NOTE .... unexpected behavior
-#
-########################################################################
-
-############################## tools_init ##############################
-# local shell function to initialize this script
-########################################################################
-tools_init()
-{
- SCRIPTNAME=tools.sh # sourced - $0 would point to all.sh
-
- if [ -z "${CLEANUP}" ] ; then # if nobody else is responsible for
- CLEANUP="${SCRIPTNAME}" # cleaning this script will do it
- fi
-
- if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then
- cd ../common
- . init.sh
- fi
- if [ ! -r $CERT_LOG_FILE ]; then # we need certificates here
- cd ../cert
- . cert.sh
- fi
- SCRIPTNAME=tools.sh
- html_head "Tools Tests"
-
- grep "SUCCESS: SMIME passed" $CERT_LOG_FILE >/dev/null || {
- Exit 15 "Fatal - S/MIME of cert.sh needs to pass first"
- }
-
- TOOLSDIR=${HOSTDIR}/tools
- COPYDIR=${TOOLSDIR}/copydir
-
- R_TOOLSDIR=../tools
- R_COPYDIR=../tools/copydir
-
- mkdir -p ${TOOLSDIR}
- mkdir -p ${COPYDIR}
- mkdir -p ${TOOLSDIR}/html
- cp ${QADIR}/tools/sign*.html ${TOOLSDIR}/html
-
- cd ${TOOLSDIR}
-}
-
-############################## tools_p12 ###############################
-# local shell function to test basic functionality of pk12util
-########################################################################
-tools_p12()
-{
- echo "$SCRIPTNAME: Exporting Alice's email cert & key------------------"
- echo "pk12util -o Alice.p12 -n \"Alice\" -d ${R_ALICEDIR} -k ${R_PWFILE} \\"
- echo " -w ${R_PWFILE}"
- pk12util -o Alice.p12 -n "Alice" -d ${R_ALICEDIR} -k ${R_PWFILE} \
- -w ${R_PWFILE} 2>&1
- ret=$?
- html_msg $ret 0 "Exporting Alice's email cert & key (pk12util -o)"
- check_tmpfile
-
- echo "$SCRIPTNAME: Importing Alice's email cert & key -----------------"
- echo "pk12util -i Alice.p12 -d ${R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE}"
- pk12util -i Alice.p12 -d ${R_COPYDIR} -k ${R_PWFILE} -w ${R_PWFILE} 2>&1
- ret=$?
- html_msg $ret 0 "Importing Alice's email cert & key (pk12util -i)"
- check_tmpfile
-}
-
-############################## tools_sign ##############################
-# local shell function pk12util uses a hardcoded tmp file, if this exists
-# and is owned by another user we don't get reasonable errormessages
-########################################################################
-check_tmpfile()
-{
- if [ $ret != "0" -a -f /tmp/Pk12uTemp ] ; then
- echo "Error: pk12util temp file exists. Please remove this file and"
- echo " rerun the test (/tmp/Pk12uTemp) "
- fi
-}
-
-############################## tools_sign ##############################
-# local shell function to test basic functionality of signtool
-########################################################################
-tools_sign()
-{
- echo "$SCRIPTNAME: Create objsign cert -------------------------------"
- echo "signtool -G \"objectsigner\" -d ${R_ALICEDIR} -p \"nss\""
- signtool -G "objsigner" -d ${R_ALICEDIR} -p "nss" 2>&1 <<SIGNSCRIPT
-y
-TEST
-MOZ
-NSS
-NY
-US
-liz
-liz@moz.org
-SIGNSCRIPT
- html_msg $? 0 "Create objsign cert (signtool -G)"
-
- echo "$SCRIPTNAME: Signing a set of files ----------------------------"
- echo "signtool -Z nojs.jar -d ${R_ALICEDIR} -p \"nss\" -k objsigner \\"
- echo " ${R_TOOLSDIR}/html"
- signtool -Z nojs.jar -d ${R_ALICEDIR} -p "nss" -k objsigner ${R_TOOLSDIR}/html
- html_msg $? 0 "Signing a set of files (signtool -Z)"
-
- echo "$SCRIPTNAME: Listing signed files in jar ----------------------"
- echo "signtool -v nojs.jar -d ${R_ALICEDIR} -p nss -k objsigner"
- signtool -v nojs.jar -d ${R_ALICEDIR} -p nss -k objsigner
- html_msg $? 0 "Listing signed files in jar (signtool -v)"
-
- echo "$SCRIPTNAME: Show who signed jar ------------------------------"
- echo "signtool -w nojs.jar -d ${R_ALICEDIR}"
- signtool -w nojs.jar -d ${R_ALICEDIR}
- html_msg $? 0 "Show who signed jar (signtool -w)"
-}
-
-############################## tools_cleanup ###########################
-# local shell function to finish this script (no exit since it might be
-# sourced)
-########################################################################
-tools_cleanup()
-{
- html "</TABLE><BR>"
- cd ${QADIR}
- . common/cleanup.sh
-}
-
-################## main #################################################
-
-tools_init
-
-tools_p12
-
-tools_sign
-tools_cleanup
-
-
diff --git a/security/nss/trademarks.txt b/security/nss/trademarks.txt
deleted file mode 100755
index 6d1819b6e..000000000
--- a/security/nss/trademarks.txt
+++ /dev/null
@@ -1,130 +0,0 @@
-The follow may be trademarked by their respective organizations.
-
-3DES Triple Data Encryption Standard
-AIX
-ANSI American National Standards Institute
-ASCII American Standard Code for Information Interchange
-ASN.1 Abstract Syntax Notation 1
-BATON
-BER Basic Encoding Rules
-BMP Basic Multilingual Plane
-British Telecom
-CAST
-CAST128
-CAST3
-CAST5
-CCITT Comité Consultatif International Téléphonique et Télégraphique
-CDMF
-CER Canonical Encoding Rules
-CRMF Certificate Request Message Format
-ctags ctags(1)
-Columbia University
-Cryptoki
-DER Distinguished Encoding Rules
-DES Data Encryption Standard
-DES2 Data Encryption Standard (2 key)
-DES3 Data Encryption Standard (3 key / triple)
-DH Diffie-Hellman
-DICOM
-DLL Dynamically Loadable Library
-DSA Digital Signature Algorithm
-Department of Defense
-E.163-4
-ECDSA
-ECMA European Computers Manufacturing Association
-EDI Electronic Data Interchange
-emacs emacs(1)
-EWOS European Workshop on Open Systems
-Entrust
-Example.com
-FORTEZZA
-GIF Graphical Interchange Format
-HP Hewlett Packard
-HPUX
-HTML Hypertext Markup Language
-IANA Internet Assigned Numbers Authority
-IBM International Business Machine
-IDEA
-IEEE
-IPSEC
-IRIX
-ISO International Organization for Standardization
-ITU International Telecommunication Union
-Java
-JPEG Joint Photographic Experts Group
-JUNIPER
-KEA Key Encryption Algorithm
-LDAP Lightweight Directory Access Protocol
-LWER Lightweight Encoding Rules
-Macintosh
-MD2
-MD5
-MIME Multipurpose Internet Mail Extensions
-MISSI
-Microsoft
-NATO North Atlantic Treaty Organization
-NSPR Netscape Portable Runtime
-NSS Network Security Services
-Netscape
-Netscape Certificate Server
-Netscape Directory
-Nordunet
-OAEP
-OCSP Online Certificate Status Protocol
-OID Object Identifier
-OSI Open Systems Interconnection
-OSF Open Software Foundation
-OSF1
-PERL Practical Extraction and Report Language
-PGP Pretty Good Privacy
-PHG
-PKCS Public Key Cryptography Standards
-PKIX Public Key Infrastructure (X.509)
-POSIX
-PTHREADS Posix Threads
-PURIFY
-RC2
-RC4
-RC5
-RFC
-RSA
-RSA Data Security
-RSA Security
-SHA1 Secure Hashing Algorithm
-SITA Societe Internationale de Telecommunications Aeronautiques
-SKIPJACK
-SMIME Secure MIME
-SMPTE Society of Motion Picture and Television Engineers
-SNMP Simple Network Management Protocol
-SGI Silicon Graphics Incorporated
-SSL Secure Sockets Layer
-Sun
-SunOS
-Solaris
-TLS Transport Layer Security
-Teletex
-Teletrust
-Telex
-Thawte
-UCS-4 Universal Coded Character Set
-UNIX
-URI Uniform Resource Identifier
-URL Uniform Resource Locator
-UTF-8 Unicode Transformation Format
-Unisys
-Verisign
-WIN16 Windows
-WIN32 Windows
-WINNT Windows NT
-Windows
-WordPerfect
-X.121
-X.25
-X.400
-X.509
-X.520
-X9.42
-X9.57
-XAPIA
-Z39.50
-